Add support for view-only mode. master
authorJoshua Wise <joshua@h2so4.joshuawise.com>
Tue, 23 Mar 2010 03:14:48 +0000 (23:14 -0400)
committerJoshua Wise <joshua@h2so4.joshuawise.com>
Tue, 23 Mar 2010 03:14:48 +0000 (23:14 -0400)
inc/base.php
player/command.php
player/config.php
player/index.php
player/login.php
std/command.js

index fbc1072..75a73f7 100644 (file)
@@ -42,8 +42,15 @@ if(!is_theme_dir_ok($theme_dir . $selected_theme))
 
 $lpass = get_config('login_pass');
 
+$rw = true;
+$ro = false;
+if(isset($_SESSION['logged_in']) && ($_SESSION['logged_in'] == "ro")) {
+       $rw = false;
+       $ro = true;
+}
+
 if(!is_null($lpass)&&$lpass!="") {
-       if(!isset($_SESSION['logged_in'])||!$_SESSION['logged_in']) {
+       if(!isset($_SESSION['logged_in'])||!$_SESSION['logged_in'] || ($need_rw && !$rw)) {
                if(!isset($no_require_login)) {
                        header("Location: login.php");
                        echo "Wrong password";
@@ -52,6 +59,7 @@ if(!is_null($lpass)&&$lpass!="") {
        }
 }
 
+
 function get_config($name, $default = null) {
        global $config;
        if(isset($config->$name)) {
index 25b2575..f210343 100644 (file)
                echo array_to_json($v);
                exit();
        }
-       else if(isset($_GET['add'])||isset($_GET['ma'])||isset($_GET['searchadd'])) {
+       else if(isset($_GET['add'])||isset($_GET['ma'])||isset($_GET['searchadd'])&&$rw) {
                /* for automatic playback start */
                try {
                        $s = $pl->getStatus();
        if(isset($_GET['playlist'])) {
                $act = $_GET['playlist'];
                try {
-                       if($act=="move"&&isset($_GET['from'])&&isset($_GET['to'])) {
+                       if($act=="move"&&isset($_GET['from'])&&isset($_GET['to'])&&$rw) {
                                // todo: sanity check
                                $response = null; 
                                if($pl->moveSongId($_GET['from'], $_GET['to'])) 
                        $json = array ('result' => PF_FAILURE);
                }
        }
-       else if(isset($_GET['rangemove'])&&is_numeric(trim($_GET['rangemove']))&&isset($_GET['elems'])) {
+       else if(isset($_GET['rangemove'])&&is_numeric(trim($_GET['rangemove']))&&isset($_GET['elems'])&&$rw) {
                $res = PF_FAILURE;
                $dest = intval($_GET['rangemove']);
                $pos_offset = 0;
                $result = "pong";
                $json = array("result" => $result);
        }
-       else if(isset($_GET['volume'])&&is_numeric(trim($_GET['volume']))) {
+       else if(isset($_GET['volume'])&&is_numeric(trim($_GET['volume']))&&$rw) {
                $res = PF_FAILURE;
                try {
                        $volume = trim($_GET['volume']);
                $json = array("result" => $res);
        }
        else if(isset($_GET['position'])&&is_numeric(trim($_GET['position']))
-               && isset($_GET['id']) && is_numeric(trim($_GET['id']))) {
+               && isset($_GET['id']) && is_numeric(trim($_GET['id'])) && $rw) {
                $result = PF_FAILURE;
                try {
                        $pos = trim($_GET['position']);
                }
                $json = array("result" => $res);
        }
-       else if(isset($_GET['act'])) {
+       else if(isset($_GET['act']) && $rw) {
                $act = trim($_GET['act']);
                $result = "failure";
                try {
                }
                $json = array("result" => $result);
        }
-       else if(isset($_GET['add'])) {
+       else if(isset($_GET['add']) && $rw) {
                $add = $_GET['add'];
                try {
                        $res = PF_FAILURE;
                }
                $json = array("result" => $res);
        }
-       else if(isset($_GET['remove'])) {
+       else if(isset($_GET['remove']) && $rw) {
                $arr = selection_to_reverse_list($_GET['remove']);
                $res = "ok";
                try {
                }
                $json = array("result" => $res);
        }
-       else if(isset($_GET['updatedb'])) {
+       else if(isset($_GET['updatedb']) && $rw) {
                $res = PF_FAILURE;
                try {
                        $adm = get_admin();
                }
                $json = array("result" => $res);
        }
-       else if(isset($_GET['outputs'])||isset($_GET['output_e'])||isset($_GET['output_d'])) {
+       else if(isset($_GET['outputs'])||isset($_GET['output_e'])||isset($_GET['output_d']) && $rw) {
                $res = PF_FAILURE;
                try {
                        $admin = get_admin();
                }
                $json = array("result" => $res);
        }
-       else if(isset($_GET['random'])) {
+       else if(isset($_GET['random'])&&$rw) {
                $res = "failure";
                try {
                        $play = get_playback(); 
                $json = array("result" => $res);
 
        }
-       else if(isset($_GET['repeat'])) {
+       else if(isset($_GET['repeat'])&&$rw) {
                $res = "failure";
                try {
                        $play = get_playback(); 
                }
                $json = array("result" => $res);
        }
-       else if(isset($_GET['xfade'])&&is_numeric($_GET['xfade'])) {
+       else if(isset($_GET['xfade'])&&is_numeric($_GET['xfade'])&&$rw) {
                $res = PF_FAILURE;
                try {
                        $play = get_playback(); 
                                $params["Album"] = $album;
 
 
-                       if(isset($_GET['searchadd'])) {
+                       if(isset($_GET['searchadd'])&&$rw) {
                                if(search_add($db, $pl, $params)) {
                                        $res = "ok";
                                        $something_added = true;
                }
                $json = array("result" => $res);
        }
-       else if(isset($_GET['ma'])) {
+       else if(isset($_GET['ma'])&&$rw) {
                /* note to self: should merge single add with this */
                $res = PF_FAILURE;
                if (!isset($HTTP_RAW_POST_DATA))
                $json = array("result" => $res);
        }
        else if(isset($_GET['playlist_rm'])||isset($_GET['playlist_load'])
-               ||isset($_GET['playlist_save'])||isset($_GET['playlist_add_url'])) {
+               ||isset($_GET['playlist_save'])||isset($_GET['playlist_add_url'])&&$rw) {
 
                $res = false;
                try {
index 748156c..7b74547 100644 (file)
@@ -44,6 +44,7 @@
 
        $title = "";
        @ob_start();
+       $need_rw = true;
        require_once("../inc/base.php");
        require_once("../lang/master.php");
        header("Content-Type: text/html; charset=UTF-8");
                $config = simplexml_load_string("<?xml version='1.0' ?>\n<root>\n</root>\n");
        }
        if(isset($_POST['submit'])) {
-               $vars = array( 'mpd_host', 'mpd_port', 'mpd_pass', 'login_pass', 'update_delay', 
+               $vars = array( 'mpd_host', 'mpd_port', 'mpd_pass', 'login_pass', 'ro_pass', 'update_delay', 
                                'metadata_disable', 'theme', 'stop_button', 'shout_url', 'pagination', 'lang',
                                'aws_keyid', 'aws_secret');
                foreach ($vars as $var) {
                                        $add = 0;
                                else $add = intval($add);
                        }
-                       else if($var=="login_pass"&&strlen($add)>0) {
+                       else if(($var=="login_pass" || $var == "ro_pass") &&strlen($add)>0) {
                                if($add== HASH_PASS)
                                        continue;
                                $add = generate_hash($add);
        }
 
 ?>' name='login_pass' /></td></tr>
+       <tr><td><?php echo m("View-only password (optional):");?>
+       </td><td><input type='password' title='<?php echo m("If you want to allow users to view and listen, but not modify, specify a view-only password here");?>' value='<?php 
+       
+       $pass = get_config('ro_pass', '');
+       if(substr($pass,0, 4)=="sha:") {
+               echo HASH_PASS;
+       }
+       else {
+               echo htmlspecialchars($pass);
+       }
+
+?>' name='ro_pass' /></td></tr>
 <tr><td><?php echo m("Theme:");?> </td>
 <td>
 <select name='theme'>
index fa6d768..1044e99 100644 (file)
 
        <div class='pc_ci' >
                <div class='nomargin'>
+       <? if ($ro) { ?>
+               <b>[<?=m("view only")?>]</b><br>
+       <? } else { ?>
                <img id='previous_button' class='act_button fakelink'/>
                <img id='stop_button' style='display: none; ' class='act_button fakelink' />
                <img id='pp_button' class='act_button fakelink' />
                <img id='next_button' class='act_button fakelink'/>
+       <? } ?>
                </div>
                <p class='disp'><span id="disp_info"></span></p>
                <input type='text' id='quickadd' value='<?php echo m("Quick add"); ?>' />
                <li class='menuitem fakelink' title='<?php echo m("Search current playlist"); ?>' 
                                id='playlist_search_btn' ><?php echo m("Search playlist"); ?></li>
                <li class='menuitem' ><a class='pc_other' href='config.php'><?php echo m("Configure"); ?></a></li>
+               <? if ($ro) { ?>
+                       <li class='menuitem' ><a class='pc_other' href='login.php'><?php echo m("Log in"); ?></a></li>
+               <? } else if (isset($_SESSION['logged_in'])) { ?>
+                       <li class='menuitem' ><a class='pc_other' href='login.php?logout'><?php echo m("Log out"); ?></a></li>
+               <? } ?>
 
                <?php 
                if(!is_null(get_config("shout_url"))) 
index 4ad58e2..84b1122 100644 (file)
        $error = false;
        $no_require_login = "true";
        require_once("../inc/base.php");
-       if(isset($_POST['password'])) {
+       if(isset($_POST['password']) && $_POST['password'] != "") {
                $pass = get_config("login_pass");
                if(substr($pass,0, 4)=="sha:") {
                        if(check_hash($pass, trim($_POST['password']))) {
-                               $_SESSION['logged_in'] = true;
+                               $_SESSION['logged_in'] = "rw";
                                header("Location: index.php");
                                exit(); 
                        }
                        $error = "Login failed";
                }
                else if($pass==trim($_POST['password'])) {
-                       $_SESSION['logged_in'] = true;
+                       $_SESSION['logged_in'] = "rw";
                        header("Location: index.php");
                        exit(); 
                }
-               else {
+               
+               $pass = get_config("ro_pass");
+               if(substr($pass,0, 4)=="sha:") {
+                       if(check_hash($pass, trim($_POST['password']))) {
+                               $_SESSION['logged_in'] = "ro";
+                               header("Location: index.php");
+                               exit(); 
+                       }
                        $error = "Login failed";
                }
+               else if($pass==trim($_POST['password'])) {
+                       $_SESSION['logged_in'] = "ro";
+                       header("Location: index.php");
+                       exit(); 
+               }
+
+               $error = "Login failed";
        }
        else if(isset($_GET['logout'])) {
                session_destroy();
index 8db64d1..e5d2932 100644 (file)
@@ -415,15 +415,17 @@ function current_status_handler(info, has_plchanges) {
        if(state!=playing.state) {
                playing.state = state;
                var bt = playing.pp_button;
-               if(state=="play") {
-                       bt.src = IMAGE.BUTTON_PAUSE;
-                       if(typeof(window.streaming_try_autoplay)=='function')
-                               streaming_try_autoplay();
-               }
-               else {
-                       bt.src = IMAGE.BUTTON_PLAY;
-                       if(typeof(window.streaming_try_autostop)=='function')
-                               streaming_try_autostop();
+               if (bt) /* we must be in read write mode to show this */ {
+                       if(state=="play") {
+                               bt.src = IMAGE.BUTTON_PAUSE;
+                               if(typeof(window.streaming_try_autoplay)=='function')
+                                       streaming_try_autoplay();
+                       }
+                       else {
+                               bt.src = IMAGE.BUTTON_PLAY;
+                               if(typeof(window.streaming_try_autostop)=='function')
+                                       streaming_try_autostop();
+                       }
                }
        }
        
@@ -595,22 +597,25 @@ function buttons_init() {
        
        /* player control */
        var elem = document.getElementById('pp_button');
-       elem.src = IMAGE.BUTTON_PLAY;
-       add_listener(elem, "click", send_play_pause);
-       if(window.stop_button) {
-               elem = document.getElementById('stop_button');
-               elem.style.display = "";
-               elem.src = IMAGE.BUTTON_STOP;
-               add_listener(elem, "click", send_stop_cmd);
-               elem.parentNode.style.marginLeft = "-15px";
-       }
-
-       elem = document.getElementById("next_button");
-       elem.src = IMAGE.BUTTON_NEXT;
-       add_listener(elem, "click", send_next_song);
-       elem = document.getElementById("previous_button");
-       elem.src = IMAGE.BUTTON_PREVIOUS;
-       add_listener(elem, "click", send_previous_song);
+       if (elem) /* we must be in read write mode to show these buttons */
+       {
+               elem.src = IMAGE.BUTTON_PLAY;
+               add_listener(elem, "click", send_play_pause);
+               if(window.stop_button) {
+                       elem = document.getElementById('stop_button');
+                       elem.style.display = "";
+                       elem.src = IMAGE.BUTTON_STOP;
+                       add_listener(elem, "click", send_stop_cmd);
+                       elem.parentNode.style.marginLeft = "-15px";
+               }
+               
+               elem = document.getElementById("next_button");
+               elem.src = IMAGE.BUTTON_NEXT;
+               add_listener(elem, "click", send_next_song);
+               elem = document.getElementById("previous_button");
+               elem.src = IMAGE.BUTTON_PREVIOUS;
+               add_listener(elem, "click", send_previous_song);
+       }
 
        /* left menu buttons */
        elem = document.getElementById("open_directory_button");
This page took 0.030652 seconds and 4 git commands to generate.