/**
* scrub_in
* Run on inputs, stuff that might get stuck in our db
*/
function scrub_in($input)
{
if (!is_array($input)) {
return stripslashes(htmlspecialchars(strip_tags($input), ENT_QUOTES, AmpConfig::get('site_charset')));
} else {
$results = array();
foreach ($input as $item) {
$results[] = scrub_in($item);
}
return $results;
}
}
function update_preferences($pref_id = 0)
{
/* Get current keys */
$sql = "SELECT `id`,`name`,`type` FROM `preference`";
/* If it isn't the System Account's preferences */
if ($pref_id != '-1') {
$sql .= " WHERE `catagory` != 'system'";
}
$db_results = Dba::read($sql);
$results = array();
// Collect the current possible keys
while ($r = Dba::fetch_assoc($db_results)) {
$results[] = array('id' => $r['id'], 'name' => $r['name'], 'type' => $r['type']);
}
// end collecting keys
/* Foreach through possible keys and assign them */
foreach ($results as $data) {
/* Get the Value from POST/GET var called $data */
$name = $data['name'];
$apply_to_all = 'check_' . $data['name'];
$new_level = 'level_' . $data['name'];
$id = $data['id'];
$value = scrub_in($_REQUEST[$name]);
/* Some preferences require some extra checks to be performed */
switch ($name) {
case 'transcode_bitrate':
$value = Stream::validate_bitrate($value);
break;
default:
break;
}
if (preg_match('/_pass$/', $name)) {
if ($value == '******') {
unset($_REQUEST[$name]);
} else {
if (preg_match('/md5_pass$/', $name)) {
$value = md5($value);
}
}
}
/* Run the update for this preference only if it's set */
if (isset($_REQUEST[$name])) {
Preference::update($id, $pref_id, $value, $_REQUEST[$apply_to_all]);
}
if (Access::check('interface', '100') && $_REQUEST[$new_level]) {
Preference::update_level($id, $_REQUEST[$new_level]);
}
}
// end foreach preferences
// Now that we've done that we need to invalidate the cached preverences
Preference::clear_from_session();
}
$GLOBALS['user'] = new User($auth['username']);
$GLOBALS['user']->id = '-1';
$GLOBALS['user']->username = $auth['username'];
$GLOBALS['user']->fullname = $auth['fullname'];
$GLOBALS['user']->access = $auth['access'];
}
if (!$GLOBALS['user']->id and !AmpConfig::get('demo_mode')) {
Auth::logout(session_id());
exit;
}
$GLOBALS['user']->update_last_seen();
}
} else {
if (isset($_REQUEST['sid'])) {
session_name(AmpConfig::get('session_name'));
session_id(scrub_in($_REQUEST['sid']));
session_start();
$GLOBALS['user'] = new User($_SESSION['userdata']['uid']);
} else {
$GLOBALS['user'] = new User();
}
}
// If NO_SESSION passed
// Load the Preferences from the database
Preference::init();
if (session_id()) {
Session::extend(session_id());
// We only need to create the tmp playlist if we have a session
$GLOBALS['user']->load_playlist();
}
/* Add in some variables for ajax done here because we need the user */
case 'show_all_songs':
$artist = new Artist($_REQUEST['artist']);
$artist->format();
$object_type = 'song';
$object_ids = $artist->get_songs();
require_once AmpConfig::get('prefix') . '/templates/show_artist.inc.php';
break;
case 'update_from_tags':
$type = 'artist';
$object_id = intval($_REQUEST['artist']);
$target_url = AmpConfig::get('web_path') . "/artists.php?action=show&artist=" . $object_id;
require_once AmpConfig::get('prefix') . '/templates/show_update_items.inc.php';
break;
case 'match':
case 'Match':
$match = scrub_in($_REQUEST['match']);
if ($match == "Browse" || $match == "Show_all") {
$chr = "";
} else {
$chr = $match;
}
/* Enclose this in the purty box! */
require AmpConfig::get('prefix') . '/templates/show_box_top.inc.php';
show_alphabet_list('artists', 'artists.php', $match);
show_alphabet_form($chr, T_('Show Artists starting with'), "artists.php?action=match");
require AmpConfig::get('prefix') . '/templates/show_box_bottom.inc.php';
if ($match === "Browse") {
show_artists();
} elseif ($match === "Show_all") {
$offset_limit = 999999;
show_artists();
/**
* get_newest_sql
* This returns the get_newest sql
*/
public static function get_newest_sql($type, $catalog = 0)
{
$type = self::validate_type($type);
$sql = "SELECT DISTINCT(`{$type}`) as `id`, MIN(`addition_time`) AS `real_atime` FROM `song` ";
$sql .= "LEFT JOIN `catalog` ON `catalog`.`id` = `song`.`catalog` ";
if (AmpConfig::get('catalog_disable')) {
$sql .= "WHERE `catalog`.`enabled` = '1' ";
}
if ($catalog > 0) {
$sql .= "AND `catalog` = '" . scrub_in($catalog) . "' ";
}
$sql .= "GROUP BY `{$type}` ORDER BY `real_atime` DESC ";
return $sql;
}
/**
*
* LICENSE: GNU Affero General Public License, version 3 (AGPLv3)
* Copyright 2001 - 2015 Ampache.org
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once 'lib/init.php';
if (isset($_REQUEST['param_name'])) {
$name = scrub_in($_REQUEST['param_name']);
if (isset($_REQUEST[$name])) {
echo $name . ": " . scrub_in($_REQUEST[$name]);
}
}
if (isset($_REQUEST['error'])) {
$error = scrub_in($_REQUEST['error']);
$error_description = scrub_in($_REQUEST['error_description']);
echo $error . " error: " . $error_description;
}
case 'album_preview':
$songs = Song_preview::get_song_previews($_REQUEST['mbid']);
foreach ($songs as $song) {
if (!empty($song->file)) {
$media_ids[] = array('object_type' => 'song_preview', 'object_id' => $song->id);
}
}
break;
case 'song_preview':
$media_ids[] = array('object_type' => 'song_preview', 'object_id' => scrub_in($_REQUEST['id']));
break;
case 'channel':
$media_ids[] = array('object_type' => 'channel', 'object_id' => scrub_in($_REQUEST['id']));
break;
case 'broadcast':
$media_ids[] = array('object_type' => 'broadcast', 'object_id' => scrub_in($_REQUEST['id']));
break;
default:
break;
}
// end action switch
// See if we need a special streamtype
switch ($_REQUEST['action']) {
case 'download':
$stream_type = 'download';
break;
case 'democratic':
// Don't let them loop it
// FIXME: This looks hacky
if (AmpConfig::get('play_type') == 'democratic') {
AmpConfig::set('play_type', 'stream', true);
case 'add_user':
/**
* User information has been entered
* we need to check the database for possible existing username first
* if username exists, error and say "Please choose a different name."
* if username does not exist, insert user information into database
* then allow the user to 'click here to login'
* possibly by logging them in right then and there with their current info
* and 'click here to login' would just be a link back to index.php
*/
$fullname = scrub_in($_POST['fullname']);
$username = scrub_in($_POST['username']);
$email = scrub_in($_POST['email']);
$website = scrub_in($_POST['website']);
$pass1 = scrub_in($_POST['password_1']);
$pass2 = scrub_in($_POST['password_2']);
/* If we're using the captcha stuff */
if (AmpConfig::get('captcha_public_reg')) {
$captcha = captcha::solved();
if (!isset($captcha)) {
Error::add('captcha', T_('Error Captcha Required'));
}
if (isset($captcha)) {
if ($captcha) {
$msg = "SUCCESS";
} else {
Error::add('captcha', T_('Error Captcha Failed'));
}
}
// end if we've got captcha
}
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once 'lib/init.php';
UI::show_header();
// Switch on Action
switch ($_REQUEST['action']) {
case 'delete':
if (AmpConfig::get('demo_mode')) {
break;
}
$song_id = scrub_in($_REQUEST['song_id']);
show_confirmation(T_('Song Deletion'), T_('Are you sure you want to permanently delete this song?'), AmpConfig::get('web_path') . "/song.php?action=confirm_delete&song_id=" . $song_id, 1, 'delete_song');
break;
case 'confirm_delete':
if (AmpConfig::get('demo_mode')) {
break;
}
$song = new Song($_REQUEST['song_id']);
if (!Catalog::can_remove($song)) {
debug_event('song', 'Unauthorized to remove the song `.' . $song->id . '`.', 1);
UI::access_denied();
exit;
}
if ($song->remove_from_disk()) {
show_confirmation(T_('Song Deletion'), T_('Song has been deleted.'), AmpConfig::get('web_path'));
} else {
/**
* video
* This returns a single video
*/
public static function video($input)
{
$video_id = scrub_in($input['filter']);
echo XML_Data::videos(array($video_id));
}
/**
* pam_auth
*
* Check to make sure the pam_auth function is implemented (module is
* installed), then check the credentials.
*/
private static function pam_auth($username, $password)
{
$results = array();
if (!function_exists('pam_auth')) {
$results['success'] = false;
$results['error'] = 'The PAM PHP module is not installed';
return $results;
}
$password = scrub_in($password);
if (pam_auth($username, $password)) {
$results['success'] = true;
$results['type'] = 'pam';
$results['username'] = $username;
} else {
$results['success'] = false;
$results['error'] = 'PAM login attempt failed';
}
return $results;
}
*
*/
header('Cache-Control: no-cache');
header('Pragma: no-cache');
header('Expires: ' . gmdate(DATE_RFC1123, time() - 1));
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
<html>
<head>
<title><?php
echo AmpConfig::get('site_title');
?>
</title>
<?php
if (!$is_share) {
$playlist = new Stream_Playlist(scrub_in($_REQUEST['playlist_id']));
}
?>
<script language="javascript" type="text/javascript">
var jplaylist = new Array();
var jtypes = new Array();
function addMedia(media)
{
var jpmedia = {};
jpmedia['title'] = media['title'];
jpmedia['artist'] = media['artist'];
jpmedia[media['filetype']] = media['url'];
jpmedia['poster'] = media['poster'];
jpmedia['artist_id'] = media['artist_id'];
jpmedia['album_id'] = media['album_id'];
$prefix = substr($key, 0, 4);
$value = trim($value);
if ($prefix == 'rule' && strlen($value)) {
$rules[$key] = Dba::escape($value);
}
}
switch ($_REQUEST['operator']) {
case 'or':
$operator = 'OR';
break;
default:
$operator = 'AND';
break;
}
// end switch on operator
$playlist_name = (string) scrub_in($_REQUEST['playlist_name']);
$playlist = new Search(null, 'song');
$playlist->parse_rules($data);
$playlist->logic_operator = $operator;
$playlist->name = $playlist_name;
$playlist->save();
break;
case 'delete_playlist':
// If we made it here, we didn't have sufficient rights.
UI::access_denied();
break;
case 'show_playlist':
$playlist = new Search($_REQUEST['playlist_id'], 'song');
$playlist->format();
$object_ids = $playlist->get_items();
require_once AmpConfig::get('prefix') . UI::find_template('show_search.inc.php');
protected function showAuthToken()
{
$api = new Services_Soundcloud($this->userid, $this->secret, $this->getRedirectUri());
$authurl = $api->getAuthorizeUrl(array('scope' => 'non-expiring'));
echo "<br />Go to <strong><a href='" . $authurl . "' target='_blank'>" . $authurl . "</a></strong> to generate the authorization code, then enter it bellow.<br />";
echo "<form action='" . get_current_path() . "' method='post' enctype='multipart/form-data'>";
if ($_REQUEST['action']) {
echo "<input type='hidden' name='action' value='" . scrub_in($_REQUEST['action']) . "' />";
echo "<input type='hidden' name='catalogs[]' value='" . $this->id . "' />";
}
echo "<input type='hidden' name='perform_ready' value='true' />";
echo "<input type='text' name='authcode' />";
echo "<input type='submit' value='Ok' />";
echo "</form>";
echo "<br />";
}
case 'quality':
$quality = intval($vparts[$i + 1]);
break;
}
}
}
}
$share_id = intval($_REQUEST['share_id']);
$subtitle = '';
$send_all_in_once = false;
if (!$type) {
$type = 'song';
}
debug_event('play', 'Asked for type {' . $type . "}", 5);
if ($type == 'playlist') {
$playlist_type = scrub_in($_REQUEST['playlist_type']);
$oid = $sid;
}
/* This is specifically for tmp playlist requests */
$demo_id = Dba::escape($_REQUEST['demo_id']);
$random = Dba::escape($_REQUEST['random']);
/* First things first, if we don't have a uid/oid stop here */
if (empty($oid) && empty($demo_id) && empty($random)) {
debug_event('play', 'No object UID specified, nothing to play', 2);
header('HTTP/1.1 400 Nothing To Play');
exit;
}
// Authenticate the user if specified
$u = $_SERVER['PHP_AUTH_USER'];
if (empty($u)) {
$u = $_REQUEST['u'];
}
// access_control is enabled
/* Clean Auth values */
unset($auth);
if (empty($_REQUEST['step'])) {
/* Check for posted username and password, or appropriate environment variable if using HTTP auth */
if ($_POST['username'] || in_array('http', AmpConfig::get('auth_methods')) && ($_SERVER['REMOTE_USER'] || $_SERVER['HTTP_REMOTE_USER'])) {
/* If we are in demo mode let's force auth success */
if (AmpConfig::get('demo_mode')) {
$auth['success'] = true;
$auth['info']['username'] = '******';
$auth['info']['fullname'] = 'Administrative User';
$auth['info']['offset_limit'] = 25;
} else {
if ($_POST['username']) {
$username = scrub_in($_POST['username']);
$password = $_POST['password'];
} else {
if ($_SERVER['REMOTE_USER']) {
$username = $_SERVER['REMOTE_USER'];
} elseif ($_SERVER['HTTP_REMOTE_USER']) {
$username = $_SERVER['HTTP_REMOTE_USER'];
} else {
$username = '';
}
$password = '';
}
$auth = Auth::login($username, $password, true);
if ($auth['success']) {
$username = $auth['username'];
} elseif ($auth['ui_required']) {
/**
* update
* This function is an all encompasing update function that
* calls the mini ones does all the error checking and all that
* good stuff
*/
public function update(array $data)
{
if (empty($data['username'])) {
AmpError::add('username', T_('Error Username Required'));
}
if ($data['password1'] != $data['password2'] and !empty($data['password1'])) {
AmpError::add('password', T_("Error Passwords don't match"));
}
if (AmpError::occurred()) {
return false;
}
if (!isset($data['fullname_public'])) {
$data['fullname_public'] = false;
}
foreach ($data as $name => $value) {
if ($name == 'password1') {
$name = 'password';
} else {
$value = scrub_in($value);
}
switch ($name) {
case 'password':
case 'access':
case 'email':
case 'username':
case 'fullname':
case 'fullname_public':
case 'website':
case 'state':
case 'city':
if ($this->{$name} != $value) {
$function = 'update_' . $name;
$this->{$function}($value);
}
break;
case 'clear_stats':
Stats::clear($this->id);
break;
default:
// Rien a faire
break;
}
}
return $this->id;
}
break;
case 'refresh_updated':
require AmpConfig::get('prefix') . UI::find_template('show_' . $type . '.inc.php');
$results = ob_get_contents();
break;
case 'show_edit_playlist':
ob_start();
require AmpConfig::get('prefix') . UI::find_template('show_playlists_dialog.inc.php');
$results = ob_get_contents();
ob_end_clean();
break;
case 'edit_object':
// Scrub the data, walk recursive through array
$entities = function (&$data) use(&$entities) {
foreach ($data as $key => $value) {
$data[$key] = is_array($value) ? $entities($value) : unhtmlentities(scrub_in($value));
}
return $data;
};
$entities($_POST);
$libitem = new $object_type($_POST['id']);
if ($libitem->get_user_owner() == $GLOBALS['user']->id && AmpConfig::get('upload_allow_edit') && !Access::check('interface', 50)) {
// TODO: improve this uniqueless check
if (isset($_POST['user'])) {
unset($_POST['user']);
}
if (isset($_POST['artist'])) {
unset($_POST['artist']);
}
if (isset($_POST['artist_name'])) {
unset($_POST['artist_name']);
$title = T_('Playlist Not Imported');
$body = T_($result['error']);
}
show_confirmation($title, $body, AmpConfig::get('web_path') . '/playlist.php?action=' . $url);
break;
case 'set_track_numbers':
debug_event('playlist', 'Set track numbers called.', '5');
$playlist = new Playlist($_REQUEST['playlist_id']);
/* Make sure they have permission */
if (!$playlist->has_access()) {
UI::access_denied();
break;
}
// Retrieving final song order from url
foreach ($_GET as $key => $data) {
$_GET[$key] = unhtmlentities(scrub_in($data));
debug_event('playlist', $key . '=' . $_GET[$key], '5');
}
if (isset($_GET['order'])) {
$songs = explode(";", $_GET['order']);
$track = $_GET['offset'] ? intval($_GET['offset']) + 1 : 1;
foreach ($songs as $song_id) {
if ($song_id != '') {
$playlist->update_track_number($song_id, $track);
++$track;
}
}
}
break;
case 'add_song':
$playlist = new Playlist($_REQUEST['playlist_id']);
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
define('NO_SESSION', '1');
require_once 'lib/init.php';
$action = isset($_POST['action']) ? $_POST['action'] : "";
switch ($action) {
case 'send':
/* Check for posted email */
$result = false;
if (isset($_POST['email']) && $_POST['email']) {
/* Get the email address and the current ip*/
$email = scrub_in($_POST['email']);
$current_ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
$result = send_newpassword($email, $current_ip);
}
if ($result) {
AmpError::add('general', T_('Password has been sent'));
} else {
AmpError::add('general', T_('Password has not been sent'));
}
require AmpConfig::get('prefix') . UI::find_template('show_login_form.inc.php');
break;
default:
require AmpConfig::get('prefix') . UI::find_template('show_lostpassword_form.inc.php');
}
function send_newpassword($email, $current_ip)
{
if (isset($_REQUEST['option_' . $key])) {
$word['value'] = $_REQUEST['option_' . $key];
}
$options[$key] = $word['value'];
if ($word['important']) {
if (!empty($word['value'])) {
$keyword .= ' ' . $word['value'];
}
}
}
$options['keyword'] = trim($keyword);
// Attempt to find the art.
$images = $art->gather($options);
if (!empty($_REQUEST['cover'])) {
$path_info = pathinfo($_REQUEST['cover']);
$cover_url[0]['url'] = scrub_in($_REQUEST['cover']);
$cover_url[0]['mime'] = 'image/' . $path_info['extension'];
}
$images = array_merge($cover_url, $images);
// If we've found anything then go for it!
if (count($images)) {
// We don't want to store raw's in here so we need to strip them out into a separate array
foreach ($images as $index => $image) {
if ($image['raw']) {
unset($images[$index]['raw']);
}
}
// end foreach
// Store the results for further use
$_SESSION['form']['images'] = $images;
require_once AmpConfig::get('prefix') . '/templates/show_arts.inc.php';
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once 'lib/init.php';
UI::show_header();
/**
* Display Switch
*/
switch ($_REQUEST['action']) {
case 'delete':
if (AmpConfig::get('demo_mode')) {
break;
}
$tvshow_season_id = scrub_in($_REQUEST['tvshow_season_id']);
show_confirmation(T_('TVShow Season Deletion'), T_('Are you sure you want to permanently delete this tvshow season?'), AmpConfig::get('web_path') . "/tvshow_seasons.php?action=confirm_delete&tvshow_season_id=" . $tvshow_season_id, 1, 'delete_tvshow_season');
break;
case 'confirm_delete':
if (AmpConfig::get('demo_mode')) {
break;
}
$tvshow_season = new TVShow_Season($_REQUEST['tvshow_season_id']);
if (!Catalog::can_remove($tvshow_season)) {
debug_event('tvshow_season', 'Unauthorized to remove the tvshow `.' . $tvshow_season->id . '`.', 1);
UI::access_denied();
exit;
}
if ($tvshow_season->remove_from_disk()) {
show_confirmation(T_('TVShow Season Deletion'), T_('TVShow Season has been deleted.'), AmpConfig::get('web_path'));
} else {
$kind = isset($_GET['kind']) ? $_GET['kind'] : 'default';
$image = '';
$mime = '';
$filename = '';
$etag = '';
$typeManaged = false;
if (isset($_GET['type'])) {
switch ($_GET['type']) {
case 'popup':
$typeManaged = true;
require_once AmpConfig::get('prefix') . UI::find_template('show_big_art.inc.php');
break;
case 'session':
// If we need to pull the data out of the session
Session::check();
$filename = scrub_in($_REQUEST['image_index']);
$image = Art::get_from_source($_SESSION['form']['images'][$filename], 'album');
$mime = $_SESSION['form']['images'][$filename]['mime'];
$typeManaged = true;
break;
}
}
if (!$typeManaged) {
$item = new $type($_GET['object_id']);
$filename = $item->name ?: $item->title;
$art = new Art($item->id, $type, $kind);
$art->get_db();
$etag = $art->id;
// That means the client has a cached version of the image
$reqheaders = getallheaders();
if (isset($reqheaders['If-Modified-Since']) && isset($reqheaders['If-None-Match'])) {
// Try to create the sucker
$results = Podcast::create($_POST);
if (!$results) {
require_once AmpConfig::get('prefix') . UI::find_template('show_add_podcast.inc.php');
} else {
$title = T_('Subscribed to Podcast');
$body = '';
show_confirmation($title, $body, AmpConfig::get('web_path') . '/browse.php?action=podcast');
}
break;
case 'delete':
if (!Access::check('interface', 75) || AmpConfig::get('demo_mode')) {
UI::access_denied();
exit;
}
$podcast_id = scrub_in($_REQUEST['podcast_id']);
show_confirmation(T_('Podcast Deletion'), T_('Are you sure you want to delete this podcast?'), AmpConfig::get('web_path') . "/podcast.php?action=confirm_delete&podcast_id=" . $podcast_id, 1, 'delete_podcast');
break;
case 'confirm_delete':
if (!Access::check('interface', 75) || AmpConfig::get('demo_mode')) {
UI::access_denied();
exit;
}
$podcast = new Podcast($_REQUEST['podcast_id']);
if ($podcast->remove()) {
show_confirmation(T_('Podcast Deletion'), T_('Podcast has been deleted.'), AmpConfig::get('web_path') . '/browse.php?action=podcast');
} else {
show_confirmation(T_('Podcast Deletion'), T_('Cannot delete this podcast.'), AmpConfig::get('web_path') . '/browse.php?action=podcast');
}
break;
case 'show':
if (!defined('AJAX_INCLUDE')) {
exit;
}
if (isset($_REQUEST['browse_id'])) {
$browse_id = $_REQUEST['browse_id'];
} else {
$browse_id = null;
}
debug_event('browse.ajax.php', 'Called for action: {' . $_REQUEST['action'] . '}', '5');
$browse = new Browse($browse_id);
if (isset($_REQUEST['show_header']) && $_REQUEST['show_header']) {
$browse->set_show_header($_REQUEST['show_header'] == 'true');
}
$argument = null;
if ($_REQUEST['argument']) {
$argument = scrub_in($_REQUEST['argument']);
}
$results = array();
switch ($_REQUEST['action']) {
case 'browse':
$object_ids = array();
// Check 'value' with isset because it can null
//(user type a "start with" word and deletes it)
if ($_REQUEST['key'] && (isset($_REQUEST['multi_alpha_filter']) or isset($_REQUEST['value']))) {
// Set any new filters we've just added
$browse->set_filter($_REQUEST['key'], $_REQUEST['multi_alpha_filter']);
$browse->set_catalog($_SESSION['catalog']);
}
if ($_REQUEST['sort']) {
// Set the new sort value
$browse->set_sort($_REQUEST['sort']);
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
require_once 'lib/init.php';
UI::show_header();
$action = isset($_REQUEST['action']) ? scrub_in($_REQUEST['action']) : null;
if (!Core::is_session_started()) {
session_start();
}
$_SESSION['catalog'] = 0;
/**
* Check for the refresh mojo, if it's there then require the
* refresh_javascript include. Must be greater then 5, I'm not
* going to let them break their servers
*/
if (AmpConfig::get('refresh_limit') > 5 && AmpConfig::get('home_now_playing')) {
$refresh_limit = AmpConfig::get('refresh_limit');
$ajax_url = '?page=index&action=reloadnp';
require_once AmpConfig::get('prefix') . UI::find_template('javascript_refresh.inc.php');
}
require_once AmpConfig::get('prefix') . UI::find_template('show_index.inc.php');
/**
* show_objects
* This takes an array of objects
* and requires the correct template based on the
* type that we are currently browsing
*
* @param int[] $object_ids
*/
public function show_objects($object_ids = null, $argument = null)
{
if ($this->is_simple() || !is_array($object_ids)) {
$object_ids = $this->get_saved();
} else {
$this->save_objects($object_ids);
}
// Limit is based on the user's preferences if this is not a
// simple browse because we've got too much here
if ($this->get_start() >= 0 && count($object_ids) > $this->get_start() && !$this->is_simple()) {
$object_ids = array_slice($object_ids, $this->get_start(), $this->get_offset(), true);
} else {
if (!count($object_ids)) {
$this->set_total(0);
}
}
// Load any additional object we need for this
$extra_objects = $this->get_supplemental_objects();
$browse = $this;
foreach ($extra_objects as $class_name => $id) {
${$class_name} = new $class_name($id);
}
$match = '';
// Format any matches we have so we can show them to the masses
if ($filter_value = $this->get_filter('alpha_match')) {
$match = ' (' . $filter_value . ')';
} elseif ($filter_value = $this->get_filter('starts_with')) {
$match = ' (' . $filter_value . ')';
/*} elseif ($filter_value = $this->get_filter('regex_match')) {
$match = ' (' . $filter_value . ')';
} elseif ($filter_value = $this->get_filter('regex_not_match')) {
$match = ' (' . $filter_value . ')';*/
} elseif ($filter_value = $this->get_filter('catalog')) {
// Get the catalog title
$catalog = Catalog::create_from_id(intval($filter_value));
$match = ' (' . $catalog->name . ')';
}
$type = $this->get_type();
// Update the session value only if it's allowed on the current browser
if ($this->get_update_session()) {
$_SESSION['browse_current_' . $type]['start'] = $browse->get_start();
}
// Set the correct classes based on type
$class = "box browse_" . $type;
$argument_param = $argument ? '&argument=' . scrub_in($argument) : '';
debug_event('browse', 'Show objects called for type {' . $type . '}', '5');
$limit_threshold = $this->get_threshold();
// Switch on the type of browsing we're doing
switch ($type) {
case 'song':
$box_title = T_('Songs') . $match;
Song::build_cache($object_ids, $limit_threshold);
$box_req = AmpConfig::get('prefix') . '/templates/show_songs.inc.php';
break;
case 'album':
Album::build_cache($object_ids);
$box_title = T_('Albums') . $match;
if (is_array($argument)) {
$allow_group_disks = $argument['group_disks'];
if ($argument['title']) {
$box_title = $argument['title'];
}
} else {
$allow_group_disks = false;
}
$box_req = AmpConfig::get('prefix') . '/templates/show_albums.inc.php';
break;
case 'user':
$box_title = T_('Users') . $match;
$box_req = AmpConfig::get('prefix') . '/templates/show_users.inc.php';
break;
case 'artist':
$box_title = T_('Artists') . $match;
Artist::build_cache($object_ids, true, $limit_threshold);
$box_req = AmpConfig::get('prefix') . '/templates/show_artists.inc.php';
break;
case 'live_stream':
require_once AmpConfig::get('prefix') . '/templates/show_live_stream.inc.php';
$box_title = T_('Radio Stations') . $match;
$box_req = AmpConfig::get('prefix') . '/templates/show_live_streams.inc.php';
break;
case 'playlist':
Playlist::build_cache($object_ids);
$box_title = T_('Playlists') . $match;
$box_req = AmpConfig::get('prefix') . '/templates/show_playlists.inc.php';
break;
case 'playlist_song':
$box_title = T_('Playlist Songs') . $match;
$box_req = AmpConfig::get('prefix') . '/templates/show_playlist_songs.inc.php';
break;
case 'playlist_localplay':
$box_title = T_('Current Playlist');
$box_req = AmpConfig::get('prefix') . '/templates/show_localplay_playlist.inc.php';
UI::show_box_bottom();
break;
case 'smartplaylist':
$box_title = T_('Smart Playlists') . $match;
$box_req = AmpConfig::get('prefix') . '/templates/show_searches.inc.php';
break;
case 'catalog':
$box_title = T_('Catalogs');
$box_req = AmpConfig::get('prefix') . '/templates/show_catalogs.inc.php';
break;
case 'shoutbox':
$box_title = T_('Shoutbox Records');
$box_req = AmpConfig::get('prefix') . '/templates/show_manage_shoutbox.inc.php';
break;
case 'tag':
Tag::build_cache($object_ids);
$box_title = T_('Tag Cloud');
$box_req = AmpConfig::get('prefix') . '/templates/show_tagcloud.inc.php';
break;
case 'video':
Video::build_cache($object_ids);
$video_type = 'video';
$box_title = T_('Videos');
$box_req = AmpConfig::get('prefix') . '/templates/show_videos.inc.php';
break;
case 'democratic':
$box_title = T_('Democratic Playlist');
$box_req = AmpConfig::get('prefix') . '/templates/show_democratic_playlist.inc.php';
break;
case 'wanted':
$box_title = T_('Wanted Albums');
$box_req = AmpConfig::get('prefix') . '/templates/show_wanted_albums.inc.php';
break;
case 'share':
$box_title = T_('Shared Objects');
$box_req = AmpConfig::get('prefix') . '/templates/show_shared_objects.inc.php';
break;
case 'song_preview':
$box_title = T_('Songs');
$box_req = AmpConfig::get('prefix') . '/templates/show_song_previews.inc.php';
break;
case 'channel':
$box_title = T_('Channels');
$box_req = AmpConfig::get('prefix') . '/templates/show_channels.inc.php';
break;
case 'broadcast':
$box_title = T_('Broadcasts');
$box_req = AmpConfig::get('prefix') . '/templates/show_broadcasts.inc.php';
break;
case 'license':
$box_title = T_('Media Licenses');
$box_req = AmpConfig::get('prefix') . '/templates/show_manage_license.inc.php';
break;
case 'tvshow':
$box_title = T_('TV Shows');
$box_req = AmpConfig::get('prefix') . '/templates/show_tvshows.inc.php';
break;
case 'tvshow_season':
$box_title = T_('Seasons');
$box_req = AmpConfig::get('prefix') . '/templates/show_tvshow_seasons.inc.php';
break;
case 'tvshow_episode':
$box_title = T_('Episodes');
$video_type = $type;
$box_req = AmpConfig::get('prefix') . '/templates/show_videos.inc.php';
break;
case 'movie':
$box_title = T_('Movies');
$video_type = $type;
$box_req = AmpConfig::get('prefix') . '/templates/show_videos.inc.php';
break;
case 'clip':
$box_title = T_('Clips');
$video_type = $type;
$box_req = AmpConfig::get('prefix') . '/templates/show_videos.inc.php';
break;
case 'personal_video':
$box_title = T_('Personal Videos');
$video_type = $type;
$box_req = AmpConfig::get('prefix') . '/templates/show_videos.inc.php';
break;
case 'label':
$box_title = T_('Labels');
$box_req = AmpConfig::get('prefix') . '/templates/show_labels.inc.php';
break;
case 'pvmsg':
$box_title = T_('Private Messages');
$box_req = AmpConfig::get('prefix') . '/templates/show_pvmsgs.inc.php';
break;
default:
// Rien a faire
break;
}
// end switch on type
Ajax::start_container($this->get_content_div(), 'browse_content');
if ($this->get_show_header()) {
if (isset($box_req) && isset($box_title)) {
UI::show_box_top($box_title, $class);
}
}
if (isset($box_req)) {
require $box_req;
}
if ($this->get_show_header()) {
if (isset($box_req)) {
UI::show_box_bottom();
}
echo '<script type="text/javascript">';
echo Ajax::action('?page=browse&action=get_filters&browse_id=' . $this->id . $argument_param, '');
echo ';</script>';
} else {
if (!$this->get_use_pages()) {
$this->show_next_link($argument);
}
}
Ajax::end_container();
}
public static function get_share_list_sql()
{
$sql = "SELECT `id` FROM `share` ";
if (!$GLOBALS['user']->has_access('75')) {
$sql .= "WHERE `user` = '" . scrub_in($GLOBALS['user']->id) . "'";
}
return $sql;
}
/**
* get_tags
* This is a non-object non type dependent function that just returns tags
* we've got, it can take filters (this is used by the tag cloud)
*/
public static function get_tags($type = '', $limit = 0, $order = 'count')
{
//debug_event('tag.class.php', 'Get tags list called...', '5');
if (parent::is_cached('tags_list', 'no_name')) {
//debug_event('tag.class.php', 'Tags list found into cache memory!', '5');
return parent::get_from_cache('tags_list', 'no_name');
}
$results = array();
$sql = "SELECT `tag_map`.`tag_id`, `tag`.`name`, `tag`.`is_hidden`, COUNT(`tag_map`.`object_id`) AS `count` " . "FROM `tag_map` " . "LEFT JOIN `tag` ON `tag`.`id`=`tag_map`.`tag_id` " . "WHERE `tag`.`is_hidden` = false ";
if (!empty($type)) {
$sql .= "AND `tag_map`.`object_type` = '" . scrub_in($type) . "' ";
}
$order = "`" . $order . "`";
if ($order == 'count') {
$order .= " DESC";
}
$sql .= "GROUP BY `tag`.`name` ORDER BY " . $order;
if ($limit > 0) {
$sql .= " LIMIT {$limit}";
}
$db_results = Dba::read($sql);
while ($row = Dba::fetch_assoc($db_results)) {
$results[$row['tag_id']] = array('id' => $row['tag_id'], 'name' => $row['name'], 'is_hidden' => $row['is_hidden'], 'count' => $row['count']);
}
parent::add_to_cache('tags_list', 'no_name', $results);
return $results;
}
</span><img src="<?php
echo AmpConfig::get('web_path') . AmpConfig::get('theme_path');
?>
/images/icons/icon_all.png" class="header-img <?php
echo isset($_COOKIE['sb_home_browse_music']) ? $_COOKIE['sb_home_browse_music'] : 'expanded';
?>
" id="browse_music" lt="<?php
echo T_('Expand/Collapse');
?>
" title="<?php
echo T_('Expand/Collapse');
?>
" /></h4>
<?php
if (isset($_REQUEST['action'])) {
$text = scrub_in($_REQUEST['action']) . '_ac';
${$text} = ' selected="selected"';
}
?>
<ul class="sb3" id="sb_browse_music">
<li id="sb_home_browse_music_songTitle"><a href="<?php
echo $web_path;
?>
/browse.php?action=song"><?php
echo T_('Song Titles');
?>
</a></li>
<li id="sb_home_browse_music_album"><a href="<?php
echo $web_path;
?>
/browse.php?action=album"><?php