yetangitu/ampache
1
0
Fork 0
mirror of https://github.com/Yetangitu/ampache synced 2025-10-06 03:49:56 +02:00
Code Issues Releases Wiki Activity

added ability to define required user level on a per permission basis

Browse source
This commit is contained in:
Karl 'vollmerk' Vollmer 2006-11-04 02:02:10 +00:00
parent f6c313e550
commit 0cf24d0deb
8 changed files with 130 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

38
admin/preferences.php
View file

@ -5,9 +5,8 @@
All rights reserved. All rights reserved.
This program is free software; you can redistribute it and/or This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License modify it under the terms of the GNU General Public License v2
as published by the Free Software Foundation; either version 2 as published by the Free Software Foundation
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
@ -31,19 +30,20 @@
require('../lib/init.php'); require('../lib/init.php');
if (!$GLOBALS['user']->has_access(100)) {
if (!$user->has_access(100)) {
access_denied(); access_denied();
} }
$user_id = scrub_in($_REQUEST['user_id']); $user_id = scrub_in($_REQUEST['user_id']);
$action = scrub_in($_REQUEST['action']);
if (!$user_id) { $user_id ='-1'; } if (!$user_id) { $user_id ='-1'; }
$temp_user = new User($user_id); $temp_user = new User($user_id);
$temp_user->username = $user_id; $temp_user->username = $user_id;
switch(scrub_in($_REQUEST['action'])) { show_template('header');
switch($action) {
case 'user': case 'user':
$fullname = "ADMIN - " . $temp_user->fullname; $fullname = "ADMIN - " . $temp_user->fullname;
$preferences = $temp_user->get_preferences(); $preferences = $temp_user->get_preferences();
@ -66,6 +66,16 @@ switch(scrub_in($_REQUEST['action'])) {
$temp_user->fix_preferences($user_id); $temp_user->fix_preferences($user_id);
$preferences = $temp_user->get_preferences($user_id); $preferences = $temp_user->get_preferences($user_id);
break; break;
case 'set_preferences':
/* Update the preferences */
foreach ($_REQUEST['prefs'] as $name=>$leve) {
update_preference_level($name,$level);
} // end foreach preferences
case 'show_set_preferences':
/* Get all preferences */
$preferences = get_preferences();
require_once(conf('prefix') . '/templates/show_preference_admin.inc.php');
break;
default: default:
$preferences = $temp_user->get_preferences(); $preferences = $temp_user->get_preferences();
$fullname = "Site"; $fullname = "Site";
@ -74,16 +84,14 @@ switch(scrub_in($_REQUEST['action'])) {
} // End Switch Action } // End Switch Action
// HEADER // OMG HORRIBLE HACK Beatings for the programmer
show_template('header'); if ($action != 'show_set_preferences' AND $action != 'set_preferences') {
// HEADER // Set Target
$target = "/admin/preferences.php";
// Set Target
$target = "/admin/preferences.php";
// Show the default preferences page
require (conf('prefix') . "/templates/show_preferences.inc");
// Show the default preferences page
require (conf('prefix') . "/templates/show_preferences.inc");
}
// FOOTER // FOOTER
show_footer(); show_footer();

7
docs/CHANGELOG
View file

@ -4,7 +4,10 @@
-------------------------------------------------------------------------- --------------------------------------------------------------------------
v.3.3.3-Alpha2 v.3.3.3-Alpha2
- Foced a sane Post Size had some people with 32 byte post sizes - Added ability for Admins to define the required permission level
for individual preferences
- Added WavPack support
- Forced a sane Post Size had some people with 32 byte post sizes
which will not work with Ampache. which will not work with Ampache.
- Fixed a logic error with the MPD controller. - Fixed a logic error with the MPD controller.
- Fixed a problem were invalid bitrates below the set downsample - Fixed a problem were invalid bitrates below the set downsample
@ -41,7 +44,7 @@
tags were found tags were found
- Added new version of getid3() library which will hopefully - Added new version of getid3() library which will hopefully
resolve some PHP5 related issues resolve some PHP5 related issues
- Fixed security issue that allowed users to gain gues access to - Fixed security issue that allowed users to gain guest access to
ampache if register globals is enabled. ampache if register globals is enabled.
- Added xml based query for artists,genre,albums and search see - Added xml based query for artists,genre,albums and search see
/server/xml.server.php /server/xml.server.php

3
lib/class/song.class.php
View file

@ -148,6 +148,9 @@ class Song {
case 'flac'; case 'flac';
$this->mime = "audio/x-flac"; $this->mime = "audio/x-flac";
break; break;
case 'wv':
$this->mime = 'audio/x-wavpack';
break;
case 'aac': case 'aac':
case 'mp4': case 'mp4':
case 'm4a': case 'm4a':

1
lib/general.lib.php
View file

@ -988,5 +988,4 @@ function get_user_from_username($username) {
} // get_user_from_username } // get_user_from_username
?> ?>

2
lib/init.php
View file

@ -77,7 +77,7 @@ $results['version'] = '3.3.3-Alpha2 Build (002)';
$results['raw_web_path'] = $results['web_path']; $results['raw_web_path'] = $results['web_path'];
$results['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['web_path']; $results['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['web_path'];
$results['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx|ra|ape|shn'; $results['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx|ra|ape|shn|wv';
$results['http_port'] = $_SERVER['SERVER_PORT']; $results['http_port'] = $_SERVER['SERVER_PORT'];
if (!$results['prefix']) { if (!$results['prefix']) {
$results['prefix'] = $prefix; $results['prefix'] = $prefix;

59
lib/preferences.php
View file

@ -179,25 +179,21 @@ function update_preference($username,$name,$pref_id,$value) {
*/ */
function has_preference_access($name) { function has_preference_access($name) {
/* If it's a demo they don't get jack */
if (conf('demo_mode')) { if (conf('demo_mode')) {
return false; return false;
} }
switch($name) { $name = sql_escape($name);
case 'download': /* Check Against the Database Row */
case 'upload': $sql = "SELECT level FROM preferences " .
case 'quarantine': "WHERE name='$name'";
case 'upload_dir': $db_results = mysql_query($sql, dbh());
case 'sample_rate':
case 'direct_link':
$level = 100;
break;
default:
$level = 25;
break;
} // end switch key
$data = mysql_fetch_assoc($db_results);
$level = $data['level'];
if ($GLOBALS['user']->has_access($level)) { if ($GLOBALS['user']->has_access($level)) {
return true; return true;
@ -454,4 +450,41 @@ function show_import_playlist() {
} // show_import_playlist } // show_import_playlist
/**
* get_preferences
* This returns an array of all current preferences in the
* preferences table, this isn't a users preferences
*/
function get_preferences() {
$sql = "SELECT * FROM preferences";
$db_results = mysql_query($sql, dbh());
$results = array();
while ($r = mysql_fetch_assoc($db_results)) {
$results[] = $r;
}
return $results;
} // get_preferences
/**
* update_preference_level
* This function updates the level field in the preferences table
* this has nothing to do with a users actuall preferences
*/
function update_preference_level($name,$level) {
$name = sql_escape($name);
$level = sql_escape($level);
$sql = "UPDATE preferences SET `level`='$level' WHERE `name`='$name'";
$db_results = mysql_query($sql,dbh());
return true;
} // update_preference_level
?> ?>

1
templates/show_admin_tools.inc.php
View file

@ -77,6 +77,7 @@ $users = $GLOBALS['user']->get_recent(10);
<a href="<?php echo $web_path; ?>/admin/catalog.php?action=clear_now_playing"><?php echo _('Clear Now Playing'); ?></a> <a href="<?php echo $web_path; ?>/admin/catalog.php?action=clear_now_playing"><?php echo _('Clear Now Playing'); ?></a>
<hr noshade="noshade" size="3" /> <hr noshade="noshade" size="3" />
<a href="<?php echo $web_path; ?>/admin/system.php?action=generate_config"><?php echo _('Generate New Config'); ?></a> <a href="<?php echo $web_path; ?>/admin/system.php?action=generate_config"><?php echo _('Generate New Config'); ?></a>
<a href="<?php echo $web_path; ?>/admin/preferences.php?action=show_set_preferences"><?php echo _('Preferences Permissions'); ?></a>
<!-- <a href="<?php echo $web_path; ?>/admin/system.php?action=check_version"><?php echo _('Check for New Version'); ?></a> <!-- <a href="<?php echo $web_path; ?>/admin/system.php?action=check_version"><?php echo _('Check for New Version'); ?></a>
--> -->
</div> </div>

51
templates/show_preference_admin.inc.php Normal file
View file

@ -0,0 +1,51 @@
<?php
/*
Copyright (c) 2001 - 2006 Ampache.org
All rights reserved.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License v2
as published by the Free Software Foundation
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
?>
<?php show_box_top(_('Preference Administration')); ?>
<form method="post" action="<?php echo conf('web_path'); ?>/admin/preferences.php" enctype="multipart/form-data">
<table cellspacing="0">
<tr class="table-header">
<td><?php echo _('Preference'); ?></td>
<td><?php echo _('Level'); ?></td>
</tr>
<?php foreach ($preferences as $preference) {
unset($is_25,$is_5,$is_100);
?>
<tr class="<?php echo flip_class(); ?>">
<td><?php echo scrub_out($preference['description']); ?></td>
<td>
<?php $level_name = "is_" . $preference['level']; ${$level_name} = 'selected="selected"'; ?>
<select name="prefs[<?php echo scrub_out($preference['name']); ?>]">
<option value="5" <?php echo $is_5; ?>><?php echo _('Guest'); ?></option>
<option value="25" <?php echo $is_25; ?>><?php echo _('User'); ?></option>
<option value="100" <?php echo $is_100; ?>><?php echo _('Admin'); ?></option>
</select>
</td>
</tr>
<?php } ?>
<tr>
<td colspan="2">
<input type="hidden" name="action" value="set_preferences" />
<input type="submit" value="<?php echo _('Update'); ?>" />
</td>
</table>
</form>
<?php show_box_bottom(); ?>