CSS fixes: icons and iframes
[mirrors/JukeBox.git] / index.php
... / ...
CommitLineData
1<?php require_once('./http_auth.php'); /*Delete this line to disable password protection*/ ?>
2<?php $exec_time = round(microtime(true), 3); /*
3Harvie's JuKe!Box
4/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
5Version info:
6 * 0.3.5 - Fixed security bug - directory traversal in filelisting (upgrade recommended)
7 * 0.3.4 - Generating playlist for flashplayer, searching for bugs, cleaning code and preparing for new version release
8 * 0.3.3 - Shorter URLs for flashplayer (due to discussion at #skola ;o), nicer national characters handling
9 * 0.3.2 - Better support for national charsets, few small bugfixes, css improvements, modular search engines
10 * 0.3.1 - Buckfickses in m3u generation, better navigation, magic_quotes_gpc handled, css improvements
11 * 0.3 - Migrated to standalone WPAudioPlayer (better, nicer, with more functions)
12 * 0.2 - Few new functions (search playlist, random,...)
13 * 0.1.1 - Few little fixups, written help.html in Czech language ;o)
14 * 0.1 - All functions works - TODO: bugfix & replace ugly code
15/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
16*/
17
18//Config-basic
19$title = 'Harvie\'s&nbsp;JuKe!Box'; //Title of jukebox
20$music_dir = './music'; //Local path to directory with music
21$music_dir_url = 'http://your-server.net/jukebox/music'; //URL path to the same directory
22$cache_passwd = 'renew123'; //You need this passwd to refresh search cache
23$sort = 3; //Sort? 0 = none, 1 = playlists, 2 = 1+listings; 3 = 2+search-EXPERIMENTAL! (sorting could eat lot of memory)
24$access_limit = 40; //How many files could be accessed without using cache (while searching)
25
26//Encoding settins
27$charset = 'UTF-8'; //Charset for page
28$national_characters = 1; //Support searching in filenames with national characters? 0 = no; 1 = yes; (may slowdown search a little)
29
30//Playlist settings
31$playlist_name = 'playlist.m3u'; //Name of downloaded pl
32$m3u_exts = 'ogg|mp[0-9]|wma|wmv|wav'; //Allow only these files
33$default_random_count = 30; //How many random songs by defaul?
34
35//External files
36$indexlist = array('index.html', 'index.txt'); //Search for this file in each directory
37$bonus_dir = './jbx'; //Misc. files directory
38////
39$search_cache = $bonus_dir.'/cache.db'; //Database for searching music (php +rw) - .htaccess: Deny from all!!!
40$css_file = $bonus_dir.'/themes/default/jukebox.css'; //CSS (Design)
41$favicon_file = './favicon.png'; //favicon
42$header_file = $bonus_dir.'/header.html'; //header file
43$footer_file = $bonus_dir.'/footer.html'; //footer file
44
45//Search engines extend search experience
46$search_engines = array(
47 'Google.com' => 'http://google.com/search?q=',
48 'Images' => 'http://google.com/images?q=',
49 'Karaoke-Lyrics.net' => 'http://www.karaoke-lyrics.net/index.php?page=find&q=',
50 'Jyxo.cz multimedia' => 'http://jyxo.cz/s?d=mm&q=',
51 'Centrum.cz mp3' => 'http://search.centrum.cz/index.php?sec=mp3&q=',
52 'YOUTube.com' => 'http://youtube.com/results?search_query='
53);
54
55//Flash MusicPlayer (info about settings: http://wpaudioplayer.com/standalone)
56$flash_player_swf = $bonus_dir.'/player.swf'; //path to musicplayer
57$flash_player_frame = 'playframe-show'; //FlashPlayer Target (playframe-show|playframe-hide) - usefull for compatibility with old music player
58$flash_player_options = '?bg=000099&loader=000000&tracker=AAAAFF&skip=FFFFFF' //.'&leftbg=000077&rightbg=000077&righticon=999999'
59 .'&autostart=yes&initialvolume=100&soundFile='; //& arguments (urlencoded song url will be added)
60
61//Security
62error_reporting(0); //This will disable error reporting, wich can pass sensitive data to users
63
64//External configuration file (overrides index.php configuration)
65@include('./_config.php');
66
67//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
68
69//Init
70srand(time());
71@ini_set('magic_quotes_gpc' , 'off');
72if(get_magic_quotes_gpc()) die("Error: magic_quotes_gpc needs to be disabled!\n");
73
74//Enable flash?
75$useflash = is_file($flash_player_swf);
76
77//Little magic with directories ;o)
78$current_dir = ereg_replace('/+', '/', '/'.$_GET['dir'].'/');
79if(eregi('(/|\\\\)\\.\\.(/|\\\\)', $current_dir)) { //check for directory traversal ;)
80 header('Location: ?');
81 die('Error - directory not found!');
82}
83$dir = $music_dir.$current_dir;
84$url = $music_dir_url.$current_dir;
85$parent_dir = dirname($current_dir);
86
87//FCs
88function serve_download($filename) {
89 header('Cache-Control: no-cache, no-store, max-age=0, must-revalidate');
90 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); // Date in the past
91 header('Pragma: no-cache');
92
93 //header('Content-Type: application/force-download');
94 header('Content-Type: audio/x-mpegurl');
95 header("Content-Disposition: attachment; filename={$filename}");
96 header('Content-Transfer-Encoding: binary');
97
98 header('X-PHP-Application: Harvie\'s JuKe!Box');
99}
100
101$nchars_f = array('Á','Ä','Č','Ç','Ď','É','Ě','Ë','Í','Ň','Ó','Ö','Ř','Š','Ť','Ú','Ů','Ü','Ý','Ž','á','ä','č','ç','ď','é','ě','ë','í','ň','ó','ö','ř','š','ť','ú','ů','ü','ý','ž');
102$nchars_t = array('A','A','C','C','D','E','E','E','I','N','O','O','R','S','T','U','U','U','Y','Z','a','a','c','c','d','e','e','e','i','n','o','o','r','s','t','u','u','u','y','z');
103
104function unational($text) {
105 if(!$GLOBALS['national_characters']) return $text;
106 return(str_replace($GLOBALS['nchars_f'], $GLOBALS['nchars_t'], $text));
107}
108
109function generate_m3u($dir, $prefix='', $recursive=0, $nl="\r\n", $doubleenc=0) {
110 $dir = $dir . '/';
111 if(isset($_GET['newline'])) $nl = $_GET['newline'];
112 if(!isset($_GET['search'])) {
113 $dd = opendir($dir);
114 while(($item = readdir($dd)) != false) {
115 if($item == '.' || $item == '..') continue;
116 if( is_file($dir.$item) && eregi(('\.('.$GLOBALS['m3u_exts'].')$'), $item) ) {
117 if($GLOBALS['sort'] > 0) {
118 $temp[] = $item;
119 } else {
120 $item=($prefix.'/'.str_replace('%2F', '/', (rawurlencode($dir.$item))).$nl);
121 if($doubleenc) $item = rawurlencode($item);
122 echo($item);
123 }
124 }
125 if($recursive && is_dir($dir.$item)) {
126 generate_m3u($dir.$item, $prefix, $recursive, $nl, $doubleenc);
127 }
128 }
129 } else {
130 if(!($searchfp = fopen($GLOBALS['search_cache'], 'r')))
131 die("Cannot read cache from $outfile<br />Refresh cache or set permissions properly!<br />\n");
132 while(!feof($searchfp)) {
133 $line = trim(fgets($searchfp));
134 if(@eregi(str_replace(' ', '(.*)', unational($_GET['search'])), unational($line))) {
135 $line=(dirname($GLOBALS['music_dir_url']).'/'.str_replace('%2F', '/', (rawurlencode($line))).$nl);
136 if($doubleenc) $line = rawurlencode($line);
137 echo($line);
138 }
139 }
140 }
141
142 if($GLOBALS['sort'] > 0) {
143 @sort($temp);
144 foreach($temp as $item) {
145 $temp=($prefix.'/'.str_replace('%2F', '/', (rawurlencode($dir.$item))).$nl);
146 if($doubleenc) $temp = rawurlencode($temp);
147 echo($temp);
148 }
149 }
150}
151
152function write_search_cache($dir, $outfp) {
153 $dir = $dir . '/';
154 $dd = opendir($dir);
155 while($item = readdir($dd)) {
156 if($item == '.' || $item == '..') continue;
157 if( is_file($dir.$item) && eregi(('\.('.$GLOBALS['m3u_exts'].')$'), $item) ) {
158 fwrite($outfp, $dir.$item."\n");
159 }
160 if(is_dir($dir.$item)) {
161 write_search_cache($dir.$item, $outfp);
162 }
163 }
164}
165
166function generate_search_cache($dir, $outfile) {
167 echo("Generating search cache. Please wait...<br />\n"); flush();
168 @chmod($outfile, 0755); //At least i tryed ;D
169 if(!($outfp = fopen($outfile, 'w')))
170 die("Cannot write cache to $outfile<br />You probably haven't set the permissions properly!<br />\n");
171 write_search_cache($dir, $outfp);
172 fclose($outfp);
173 $osize = filesize($outfile); clearstatcache();
174 if($GLOBALS['sort'] > 2) {
175 echo("Sorting search cache. Please wait...<br />\n"); flush();
176
177 $items = file($outfile); @sort($items);
178 $total = ' ('.sizeof($items).' files)';
179 file_put_contents($outfile, @implode('', $items));
180 unset($items);
181 if(abs(filesize($outfile)-$osize) > 2)
182 die('ERROR! Please disable sorting of search cache ($sort < 3)<br />'."\nSorted only ".
183 filesize($outfile).' of '.$osize.' bytes!!!\n');
184 }
185 echo('Total: '.filesize($outfile).' of '.$osize.' bytes'.$total.' <a href="?">DONE!</a>'.'<br /><META http-equiv="refresh" content="2;URL=?">'."\n");
186}
187
188function render_file_line($dir, $item, $dir_url, $index, $filesize, $parent = false) {
189 $parclass=($index%2?'even':'odd'); $parcolor=($index%2?'lightblue':'white');
190 $temp=str_replace('&', '%26', dirname($dir_url)).'/'.str_replace('%2F', '/', (rawurlencode($dir.$item)));
191 if(is_numeric($filesize)) $filesize = round($filesize/(1024*1024), 2);
192 echo("<tr class=\"$parclass\" bgcolor=\"$parcolor\">".'<td><a href="#up">'.$index.'</a></td><td class="btntd">');
193 echo('<a href="?download&song='.rawurlencode($temp).'" class="icon iplay">P</a>');
194 if($parent) {
195 echo('/<a href="?dir='.
196 substr(str_replace(array('&','%2F'), array('%26','/'), (rawurlencode(dirname($dir.$item)))), strlen($GLOBALS['music_dir'])).
197 '" class="icon ifolder">D</a>');
198 }
199 if($GLOBALS['useflash'] && eregi(('\.('.$GLOBALS['m3u_exts'].')$'), $item)) {
200 echo('/<a href="?f&song='.rawurlencode($temp).
201 '" target="'.$GLOBALS['flash_player_frame'].'" class="icon ifplay">F</a>/'.
202 '<a href="?blank" target="'.$GLOBALS['flash_player_frame'].'" class="icon ifstop">S</a>');
203 }
204 echo('&nbsp;</td><td><a href="'.$temp.'">'.unxss(str_replace('_', ' ', $item)).'</a></td><td>'.$filesize."&nbsp;MiB&nbsp;</td></tr>\n");
205}
206
207function render_tr_playframe_show() {
208 if($GLOBALS['flash_player_frame'] == 'playframe-show' && $GLOBALS['useflash']) { ?>
209<tr id="playframe-tr">
210<td><a href="?blank" target="playframe-show" title="Stop playback">S</a></td>
211<td colspan="100%">
212<iframe
213src="?blank"
214name="playframe-show"
215width="100%"
216height="24"
217style="border: none;"
218transparentpagebg="yes"
219></iframe></td></tr>
220 <?php }
221}
222
223function render_footer() {
224 $quotes = array(
225 'This is NOT advertisments. This is just good text to think about... Remove it if you want!',
226 'Downloading without sharing and other forms of leeching equals STEALING! ;P',
227 'Do NOT support Microsoft!!! Use Linux! ;D',
228 'Don\'t steal! Steal and share!!! ;P',
229 'Linux is not matter of price, it\'s matter of freedom!',
230 'This software brought to you by <a href="http://blog.Harvie.cz">Harvie</a> free of charge! Of course...',
231 'Don\'t be looser, use GNU/Linux! ;P',
232 'Make love and not war!',
233 'Take your chance! Prove yourself!',
234 'This software is free of charge. If you wan\'t to donate, please send some money to children in Africa/etc...'
235 );
236
237 echo('<span id="quote" style="float: left;"><i><small>'.$quotes[rand(0,sizeof($quotes)-1)]."</small></i></span>\n");
238 echo('<span id="exectime" style="float: right;"><small>Page was generated in '.(round(microtime(true), 3) - $GLOBALS['exec_time']).'
239seconds</small></span>');
240 @readfile($GLOBALS['footer_file']);
241 echo('</body></html>');
242}
243
244function unxss($string) {
245 return htmlspecialchars($string);
246}
247
248function explode_path($dir) {
249 $dir = substr($dir, strlen($GLOBALS['music_dir'])+1);
250 $temp = split('/', ereg_replace('/+', '/', $dir));
251 $out = '';
252 for($j=sizeof($temp)-1;$j>0;$j--) {
253 $dir = '';
254 for($i=0;$i<(sizeof($temp)-$j);$i++) {
255 $dir.=$temp[$i].'/';
256 }
257 $out.='<a href="?dir='.rawurlencode($dir).'">'.unxss($temp[$i-1]).'</a>/';
258 }
259 return('<a href="?">.</a>/'.$out);
260}
261
262function flash_mp3_player() {
263 ?>
264<html><head><title><?=$GLOBALS['title']?>: Flash Music Player Plugin</title>
265<style> * { margin: 0; padding: 0; border: 0; } </style></head><body>
266<object width="100%" height="344">
267 <embed src="<?php
268 echo($GLOBALS['flash_player_swf'].$GLOBALS['flash_player_options']);
269 if(isset($_GET['song'])) echo(rawurlencode($_GET['song']));
270 if(isset($_GET['playlist'])) generate_m3u($GLOBALS['dir'], dirname($GLOBALS['music_dir_url']), isset($_GET['recursive']), ',', true);
271 ?>"
272 type="application/x-shockwave-flash"
273 allowscriptaccess="never"
274 allowfullscreen="true"
275 transparentpagebg="yes"
276 quality="low"
277 width="100%" height="24px"
278 >You need Adobe Flash enabled browser to play records directly in website.</embed>
279</object></body></html>
280<?php die();
281}
282
283//GET
284if(isset($_GET['download'])) serve_download($playlist_name);
285if(isset($_GET['f'])) flash_mp3_player();
286if(isset($_GET['song'])) {
287 die($_GET['song']."\r\n");
288}
289
290
291
292if($_POST['cache-refresh'] == $cache_passwd) {
293 generate_search_cache($music_dir, $search_cache);
294 die("\n");
295}
296
297if(isset($_GET['playlist'])) {
298 generate_m3u($dir, dirname($music_dir_url), isset($_GET['recursive']));
299 die();
300}
301
302if(isset($_GET['random'])) {
303 $flen = 0;
304 if(!($searchfp = fopen($search_cache, 'r')))
305 die("Cannot read cache from $outfile<br />Refresh cache or set permissions properly!<br />\n");
306 while(!feof($searchfp)) { fgets($searchfp); $flen++; }
307 for($i=0; $i<$_GET['random']; $i++) {
308 rewind($searchfp);
309 for($j=0; $j<rand(0, $flen-1); $j++) fgets($searchfp);
310 echo(dirname($music_dir_url).'/'.str_replace('%2F', '/', (rawurlencode(trim(fgets($searchfp)))))."\r\n");
311 }
312 die();
313}
314
315if(isset($_GET['blank'])) {
316 ?>
317 <link rel="stylesheet" type="text/css" href="<?=$css_file?>" />
318 <body class="blank"><div class="blank"><b>Music player</b> <small><i>(click 'F' link next to the song name to start, 'S' to stop...)</i></small></div></body>
319 <?php die();
320}
321
322?>
323<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
324<meta http-equiv="Content-Type" content="text/html; charset=<?=$charset?>" />
325<html>
326 <head>
327 <link rel="stylesheet" type="text/css" href="<?=$css_file?>" />
328 <link rel="shortcut icon" href="<?=$favicon_file?>" />
329 <link href="<?=$favicon_file?>" rel="icon" type="image/gif" />
330 </head>
331 <body>
332
333<div align="right" style="position: absolute; top: 5px; right: 0px;">
334 <a name="up"></a>
335 <iframe src="about:blank" name="playframe-hide" width="0" height="0" style="border: none;" class="hide"></iframe><!-- -----------???--------------- -->
336 <span class="icon">&lt;</span> <a href="javascript: history.go(-1)" class="icon iback">BACK</a>
337 | <a href="?"><span class="icon ihome">HOME</span> (<?=$music_dir?>)</a>
338 | <a href="?help" class="icon ihelp">ABOUT/HELP</a>
339 | <a href="?logout" class="icon ilogout">LOGOUT</a>
340</div>
341
342<?php
343if(isset($_GET['help'])) {
344 ?><h1>About/Help</h1><?php
345 readfile($bonus_dir.'/help.html');
346 die();
347}
348
349
350if(!isset($_GET['search'])) {
351 echo('<title>'.$title.': '.unxss($dir).'</title>');
352 echo('<a href="?" style="color: black;"><h1 style="float: left;">'.$title.'</h1></a><h2 style="clear: left; display: inline; float: left;">Index of: '.explode_path($dir).'</h2>');
353} else {
354 echo('<title>'.$title.': '.unxss($_GET['search']).'</title>');
355 echo('<a href="?" style="color: black;"><h1 style="float: left;">'.$title.'</h1></a><h2 style="clear: left; display: inline; float: left;">Searching for: '.unxss($_GET['search']).'</h2>');
356
357?>
358
359<?php
360}
361
362?>
363<span style="float: right;">
364 <form action="?" method="GET" align="right" style="display: inline;">
365 <input type="hidden" name="download" value="" />
366 <input type="number" name="random" value="<?=$default_random_count?>" />
367 <input type="submit" value="random" title="Generate random music playlist..." />
368 </form>
369 <form action="?" method="GET" align="right" style="display: inline;">
370 <input type="search" name="search" autofocus placeholder="search regexp..."
371 title="Search in music/google/lyrics/mp3/youtube; Hint: You can use regular expressions in search query..."
372 value="<?=unxss($_GET['search'])?>"
373 />
374 <input type="submit" value="search" title="Search in this JuKe!Box..." />
375 </form>
376</span><?php
377
378if(!isset($_GET['search'])) {
379 echo('<br style="clear: both;" />');
380} else {
381
382?>
383<span style="float: right;">
384 <form action="?" method="POST" align="right">
385 <input type="password" name="cache-refresh" value="" title="Password for refreshing - good for avoiding DoS Attacks!!!" />
386 <input type="submit" value="refresh cache" title="You should refresh cache each time when you add new music or upgrade to newer version of JuKe!Box !!!" />
387 &nbsp;
388 </form>
389</span>
390<div align="right" style="clear: right;" title="Aditional search engines...">
391<br />
392<?php
393 $search_prefix = 0;
394 foreach($search_engines as $search_desc => $search_link) {
395 if(!$search_prefix) {
396 echo(unxss($_GET['search'])." @\n");
397 $search_prefix = 1;
398 }
399 echo('<a href="'.$search_link.rawurlencode($_GET['search']).'">'.$search_desc."</a>;\n");
400 }
401?>
402</div><br style="clear: both;" />
403<?php
404echo('<small>Search DB size: '.(filesize($search_cache)/1024)." kB<br /></small>\n");
405
406if(!($searchfp = fopen($search_cache, 'r')))
407 die("Cannot read cache from $outfile<br />Refresh cache or set permissions properly!<br />\n");
408
409$i = 0;
410echo('<table border="1" width="100%">');
411render_tr_playframe_show();
412echo('<tr><td>S</td><td><a href="?download&playlist&search='.unxss($_GET['search']).'">P</a>');
413if($GLOBALS['useflash']) echo('/<a href="?f&playlist&search='.unxss($_GET['search']).'" target="'.$GLOBALS['flash_player_frame'].'">F</a>');
414echo('</td><td colspan="100%">Search: '.unxss($_GET['search']).'</td></tr>');
415
416while(!feof($searchfp)) {
417 $line = trim(fgets($searchfp));
418 $parclass=($i%2?'even':'odd'); $parcolor=($i%2?'lightblue':'white');
419 if(@eregi(str_replace(' ', '(.*)', unational($_GET['search'])), unational($line))) {
420 $i++;
421 $filesize = 0; if($i <= $access_limit) $filesize = filesize($line); else $filesize = 'n/a';
422 render_file_line('', $line, $music_dir_url, $i, $filesize, true);
423 }
424}
425echo('<tr><td colspan="100%">Total: '.$i.' results...</td></tr></table>');
426render_footer(); die();
427
428}
429@readfile($header_file);
430foreach($indexlist as $index) @readfile($dir.$index);
431?>
432<br />
433<table border="1" width="100%">
434<?php render_tr_playframe_show(); ?>
435
436<tr class="directory"><td>&gt;</td>
437<td><a href="?download&playlist&dir=<?=str_replace('%2F', '/', rawurlencode($current_dir))?>" class="icon iplay">P</a>/<a
438href="?download&recursive&playlist&dir=<?=str_replace('%2F', '/', rawurlencode($current_dir))?>" class="icon irplay">R</a><?php
439if($GLOBALS['useflash']) echo('/<a href="?f&playlist&dir='.str_replace('%2F', '/', rawurlencode($current_dir)).'" target="'.$GLOBALS['flash_player_frame'].'"
440class="icon ifplay">F</a>'); ?>
441</td>
442<td colspan="100%"><?=unxss($dir)?></td></tr>
443<tr><td>^</td><td>&nbsp;</td><td colspan="100%" class="directory"><span class="icon ifolder">[DIR]</span> <a href="?dir=<?=rawurlencode($parent_dir)?>">.. (<?=$parent_dir?>)</a></td></tr>
444<?php
445
446$i = 0;
447$dd = opendir($dir);
448for($s=2;$s;$s--) { while(($item = readdir($dd)) != false) {
449 if($item == '.' || $item == '..') continue;
450 if(($s==2 && is_file($dir.$item)) || ($s!=2 && is_dir($dir.$item))) continue;
451 $i++;
452 $parclass=($i%2?'even':'odd'); $parcolor=($i%2?'lightblue':'white');
453 if(is_file($dir.$item)) {
454 if($sort > 1) {
455 $i--;
456 $items[] = $item;
457 } else {
458 render_file_line($dir, $item, $music_dir_url, $i, filesize($dir.$item));
459 }
460 }
461 if(is_dir($dir.$item)) {
462 $temp=str_replace('%2F', '/', rawurlencode($current_dir)).rawurlencode($item);
463 echo("<tr class=\"$parclass directory\" bgcolor=\"$parcolor\">".
464 '<td><a href="#up">'.$i.'</a></td><td class="btntd"><a href="?download&playlist&dir='.$temp.'" class="icon iplay">P</a>/'.
465 '<a href="?download&recursive&playlist&dir='.$temp.'" class="icon irplay">R</a>');
466 if($GLOBALS['useflash']) echo('/<a href="?f&playlist&dir='.$temp.'" target="'.$GLOBALS['flash_player_frame'].'" class="icon ifplay">F</a>');
467 echo('</td><td colspan="100%"><span class="icon ifolder">[DIR]</span> <a href="?dir='.$temp.'">'.unxss(str_replace('_', ' ', $item))."</a></td></tr>\n");
468 }
469} rewinddir($dd); }
470if($sort > 1) {
471 @sort($items);
472 foreach($items as $item) {
473 $i++;
474 render_file_line($dir, $item, $music_dir_url, $i, filesize($dir.$item));
475 }
476}
477
478?></table>
479
480<?php
481render_footer();
This page took 0.187106 seconds and 4 git commands to generate.