1 <?php
require_once('./http_auth.php'); /*Delete this line to disable password protection*/ ?
>
2 <?php
$exec_time = round(microtime(true), 3); /*
4 /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
6 * 0.3.6 - Now sorting also directories and have icon link support in css
7 * 0.3.5 - Fixed security bug - directory traversal in filelisting (upgrade recommended)
8 * 0.3.4 - Generating playlist for flashplayer, searching for bugs, cleaning code and preparing for new version release
9 * 0.3.3 - Shorter URLs for flashplayer (due to discussion at #skola ;o), nicer national characters handling
10 * 0.3.2 - Better support for national charsets, few small bugfixes, css improvements, modular search engines
11 * 0.3.1 - Buckfickses in m3u generation, better navigation, magic_quotes_gpc handled, css improvements
12 * 0.3 - Migrated to standalone WPAudioPlayer (better, nicer, with more functions)
13 * 0.2 - Few new functions (search playlist, random,...)
14 * 0.1.1 - Few little fixups, written help.html in Czech language ;o)
15 * 0.1 - All functions works - TODO: bugfix & replace ugly code
16 /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
20 $title = 'Harvie\'s JuKe!Box'; //Title of jukebox
21 $music_dir = './music'; //Local path to directory with music
22 $music_dir_url = 'http://your-server.net/jukebox/music'; //URL path to the same directory
23 $cache_passwd = 'renew123'; //You need this passwd to refresh search cache
24 $sort = 3; //Sort? 0 = none, 1 = playlists, 2 = 1+listings; 3 = 2+search-EXPERIMENTAL! (sorting could eat lot of memory)
25 $access_limit = 40; //How many files could be accessed without using cache (while searching)
28 $charset = 'UTF-8'; //Charset for page
29 $national_characters = 1; //Support searching in filenames with national characters? 0 = no; 1 = yes; (may slowdown search a little)
32 $playlist_name = 'playlist.m3u'; //Name of downloaded pl
33 $m3u_exts = 'ogg|mp[0-9]|wma|wmv|wav'; //Allow only these files
34 $default_random_count = 30; //How many random songs by defaul?
37 $indexlist = array('index.html', 'index.txt'); //Search for this file in each directory
38 $bonus_dir = './jbx'; //Misc. files directory
40 $search_cache = $bonus_dir.'/cache.db'; //Database for searching music (php +rw) - .htaccess: Deny from all!!!
41 $css_file = $bonus_dir.'/themes/default/jukebox.css'; //CSS (Design)
42 $favicon_file = './favicon.png'; //favicon
43 $header_file = $bonus_dir.'/header.html'; //header file
44 $footer_file = $bonus_dir.'/footer.html'; //footer file
46 //Search engines extend search experience
47 $search_engines = array(
48 'Google.com' => 'http://google.com/search?q=',
49 'Images' => 'http://google.com/images?q=',
50 'Karaoke-Lyrics.net' => 'http://www.karaoke-lyrics.net/index.php?page=find&q=',
51 'Jyxo.cz multimedia' => 'http://jyxo.cz/s?d=mm&q=',
52 'Centrum.cz mp3' => 'http://search.centrum.cz/index.php?sec=mp3&q=',
53 'YOUTube.com' => 'http://youtube.com/results?search_query='
56 //Flash MusicPlayer (info about settings: http://wpaudioplayer.com/standalone)
57 $flash_player_swf = $bonus_dir.'/player.swf'; //path to musicplayer
58 $flash_player_frame = 'playframe-show'; //FlashPlayer Target (playframe-show|playframe-hide) - usefull for compatibility with old music player
59 $flash_player_options = '?bg=000099&loader=000000&tracker=AAAAFF&skip=FFFFFF' //.'&leftbg=000077&rightbg=000077&righticon=999999'
60 .'&autostart=yes&initialvolume=100&soundFile='; //& arguments (urlencoded song url will be added)
63 error_reporting(0); //This will disable error reporting, wich can pass sensitive data to users
65 //External configuration file (overrides index.php configuration)
66 @include
('./_config.php');
68 //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
72 @ini_set
('magic_quotes_gpc' , 'off');
73 if(get_magic_quotes_gpc()) die("Error: magic_quotes_gpc needs to be disabled!\n");
76 $useflash = is_file($flash_player_swf);
78 //Little magic with directories ;o)
79 $current_dir = ereg_replace('/+', '/', '/'.$_GET['dir'].'/');
80 if(eregi('(/|\\\\)\\.\\.(/|\\\\)', $current_dir)) { //check for directory traversal ;)
81 header('Location: ?');
82 die('Error - directory not found!');
84 $dir = $music_dir.$current_dir;
85 $url = $music_dir_url.$current_dir;
86 $parent_dir = dirname($current_dir);
89 function serve_download($filename) {
90 header('Cache-Control: no-cache, no-store, max-age=0, must-revalidate');
91 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); // Date in the past
92 header('Pragma: no-cache');
94 //header('Content-Type: application/force-download');
95 header('Content-Type: audio/x-mpegurl');
96 header("Content-Disposition: attachment; filename={$filename}");
97 header('Content-Transfer-Encoding: binary');
99 header('X-PHP-Application: Harvie\'s JuKe!Box');
102 $nchars_f = array('Á','Ä','Č','Ç','Ď','É','Ě','Ë','Í','Ň','Ó','Ö','Ř','Š','Ť','Ú','Ů','Ü','Ý','Ž','á','ä','č','ç','ď','é','ě','ë','í','ň','ó','ö','ř','š','ť','ú','ů','ü','ý','ž');
103 $nchars_t = array('A','A','C','C','D','E','E','E','I','N','O','O','R','S','T','U','U','U','Y','Z','a','a','c','c','d','e','e','e','i','n','o','o','r','s','t','u','u','u','y','z');
105 function unational($text) {
106 if(!$GLOBALS['national_characters']) return $text;
107 return(str_replace($GLOBALS['nchars_f'], $GLOBALS['nchars_t'], $text));
110 function generate_m3u($dir, $prefix='', $recursive=0, $nl="\r\n", $doubleenc=0) {
112 if(isset($_GET['newline'])) $nl = $_GET['newline'];
113 if(!isset($_GET['search'])) {
115 while(($item = readdir($dd)) != false) {
116 if($item == '.' ||
$item == '..') continue;
117 if( is_file($dir.$item) && eregi(('\.('.$GLOBALS['m3u_exts'].')$'), $item) ) {
118 if($GLOBALS['sort'] > 0) {
121 $item=($prefix.'/'.str_replace('%2F', '/', (rawurlencode($dir.$item))).$nl);
122 if($doubleenc) $item = rawurlencode($item);
126 if($recursive && is_dir($dir.$item)) {
127 generate_m3u($dir.$item, $prefix, $recursive, $nl, $doubleenc);
131 if(!($searchfp = fopen($GLOBALS['search_cache'], 'r')))
132 die("Cannot read cache from $outfile<br />Refresh cache or set permissions properly!<br />\n");
133 while(!feof($searchfp)) {
134 $line = trim(fgets($searchfp));
135 if(@eregi
(str_replace(' ', '(.*)', unational($_GET['search'])), unational($line))) {
136 $line=(dirname($GLOBALS['music_dir_url']).'/'.str_replace('%2F', '/', (rawurlencode($line))).$nl);
137 if($doubleenc) $line = rawurlencode($line);
143 if($GLOBALS['sort'] > 0) {
145 foreach($temp as $item) {
146 $temp=($prefix.'/'.str_replace('%2F', '/', (rawurlencode($dir.$item))).$nl);
147 if($doubleenc) $temp = rawurlencode($temp);
153 function write_search_cache($dir, $outfp) {
156 while($item = readdir($dd)) {
157 if($item == '.' ||
$item == '..') continue;
158 if( is_file($dir.$item) && eregi(('\.('.$GLOBALS['m3u_exts'].')$'), $item) ) {
159 fwrite($outfp, $dir.$item."\n");
161 if(is_dir($dir.$item)) {
162 write_search_cache($dir.$item, $outfp);
167 function generate_search_cache($dir, $outfile) {
168 echo("Generating search cache. Please wait...<br />\n"); flush();
169 @chmod
($outfile, 0755); //At least i tryed ;D
170 if(!($outfp = fopen($outfile, 'w')))
171 die("Cannot write cache to $outfile<br />You probably haven't set the permissions properly!<br />\n");
172 write_search_cache($dir, $outfp);
174 $osize = filesize($outfile); clearstatcache();
175 if($GLOBALS['sort'] > 2) {
176 echo("Sorting search cache. Please wait...<br />\n"); flush();
178 $items = file($outfile); @sort
($items);
179 $total = ' ('.sizeof($items).' files)';
180 file_put_contents($outfile, @implode
('', $items));
182 if(abs(filesize($outfile)-$osize) > 2)
183 die('ERROR! Please disable sorting of search cache ($sort < 3)<br />'."\nSorted only ".
184 filesize($outfile).' of '.$osize.' bytes!!!\n');
186 echo('Total: '.filesize($outfile).' of '.$osize.' bytes'.$total.' <a href="?">DONE!</a>'.'<br /><META http-equiv="refresh" content="2;URL=?">'."\n");
189 function render_file_line($dir, $item, $dir_url, $index, $filesize, $parent = false) {
190 $parclass=($index%2?
'even':'odd'); $parcolor=($index%2?
'lightblue':'white');
191 $temp=str_replace('&', '%26', dirname($dir_url)).'/'.str_replace('%2F', '/', (rawurlencode($dir.$item)));
192 if(is_numeric($filesize)) $filesize = round($filesize/(1024*1024), 2);
193 echo("<tr class=\"$parclass\" bgcolor=\"$parcolor\">".'<td><a href="#up">'.$index.'</a></td><td class="btntd">');
194 echo('<a href="?download&song='.rawurlencode($temp).'" class="icon iplay">P</a>');
196 echo('/<a href="?dir='.
197 substr(str_replace(array('&','%2F'), array('%26','/'), (rawurlencode(dirname($dir.$item)))), strlen($GLOBALS['music_dir'])).
198 '" class="icon ifolder">D</a>');
200 if($GLOBALS['useflash'] && eregi(('\.('.$GLOBALS['m3u_exts'].')$'), $item)) {
201 echo('/<a href="?f&song='.rawurlencode($temp).
202 '" target="'.$GLOBALS['flash_player_frame'].'" class="icon ifplay">F</a>/'.
203 '<a href="?blank" target="'.$GLOBALS['flash_player_frame'].'" class="icon ifstop">S</a>');
205 echo(' </td><td><a href="'.$temp.'">'.unxss(str_replace('_', ' ', $item)).'</a></td><td>'.$filesize." MiB </td></tr>\n");
208 function render_dir_line($current_dir, $item, $i) {
209 $parclass=($i%2?
'even':'odd'); $parcolor=($i%2?
'lightblue':'white');
210 $temp=str_replace('%2F', '/', rawurlencode($current_dir)).rawurlencode($item);
211 echo("<tr class=\"$parclass directory\" bgcolor=\"$parcolor\">".
212 '<td><a href="#up">'.$i.'</a></td><td class="btntd"><a href="?download&playlist&dir='.$temp.'" class="icon iplay">P</a>/'.
213 '<a href="?download&recursive&playlist&dir='.$temp.'" class="icon irplay">R</a>');
214 if($GLOBALS['useflash']) echo('/<a href="?f&playlist&dir='.$temp.'" target="'.$GLOBALS['flash_player_frame'].'" class="icon ifplay">F</a>');
215 echo('</td><td colspan="100%"><span class="icon ifolder">[DIR] </span><a href="?dir='.$temp.'">'.unxss(str_replace('_', ' ', $item)).
219 function render_tr_playframe_show() {
220 if($GLOBALS['flash_player_frame'] == 'playframe-show' && $GLOBALS['useflash']) { ?
>
221 <tr id
="playframe-tr">
222 <td
><a href
="?blank" target
="playframe-show" title
="Stop playback">S
</a
></td
>
226 name
="playframe-show"
229 style
="border: none;"
230 transparentpagebg
="yes"
235 function render_footer() {
237 'This is NOT advertisments. This is just good text to think about... Remove it if you want!',
238 'Downloading without sharing and other forms of leeching equals STEALING! ;P',
239 'Do NOT support Microsoft!!! Use Linux! ;D',
240 'Don\'t steal! Steal and share!!! ;P',
241 'Linux is not matter of price, it\'s matter of freedom!',
242 'This software brought to you by <a href="http://blog.Harvie.cz">Harvie</a> free of charge! Of course...',
243 'Don\'t be looser, use GNU/Linux! ;P',
244 'Make love and not war!',
245 'Take your chance! Prove yourself!',
246 'This software is free of charge. If you wan\'t to donate, please send some money to children in Africa/etc...'
249 echo('<span id="quote" style="float: left;"><i><small>'.$quotes[rand(0,sizeof($quotes)-1)]."</small></i></span>\n");
250 echo('<span id="exectime" style="float: right;"><small>Page was generated in '.(round(microtime(true), 3) - $GLOBALS['exec_time']).'
251 seconds</small></span>');
252 @readfile
($GLOBALS['footer_file']);
253 echo('</body></html>');
256 function unxss($string) {
257 return htmlspecialchars($string);
260 function explode_path($dir) {
261 $dir = substr($dir, strlen($GLOBALS['music_dir'])+
1);
262 $temp = split('/', ereg_replace('/+', '/', $dir));
264 for($j=sizeof($temp)-1;$j>0;$j--) {
266 for($i=0;$i<(sizeof($temp)-$j);$i++
) {
269 $out.='<a href="?dir='.rawurlencode($dir).'">'.unxss($temp[$i-1]).'</a>/';
271 return('<a href="?">.</a>/'.$out);
274 function flash_mp3_player() {
276 <html
><head
><title
><?
=$GLOBALS['title']?
>: Flash Music Player Plugin
</title
>
277 <style
> * { margin
: 0; padding
: 0; border
: 0; } </style
></head
><body
>
278 <object width
="100%" height
="344">
280 echo($GLOBALS['flash_player_swf'].$GLOBALS['flash_player_options']);
281 if(isset($_GET['song'])) echo(rawurlencode($_GET['song']));
282 if(isset($_GET['playlist'])) generate_m3u($GLOBALS['dir'], dirname($GLOBALS['music_dir_url']), isset($_GET['recursive']), ',', true);
284 type
="application/x-shockwave-flash"
285 allowscriptaccess
="never"
286 allowfullscreen
="true"
287 transparentpagebg
="yes"
289 width
="100%" height
="24px"
290 >You need Adobe Flash enabled browser to play records directly in website
.</embed
>
291 </object></body
></html
>
296 if(isset($_GET['download'])) serve_download($playlist_name);
297 if(isset($_GET['f'])) flash_mp3_player();
298 if(isset($_GET['song'])) {
299 die($_GET['song']."\r\n");
304 if($_POST['cache-refresh'] == $cache_passwd) {
305 generate_search_cache($music_dir, $search_cache);
309 if(isset($_GET['playlist'])) {
310 generate_m3u($dir, dirname($music_dir_url), isset($_GET['recursive']));
314 if(isset($_GET['random'])) {
316 if(!($searchfp = fopen($search_cache, 'r')))
317 die("Cannot read cache from $outfile<br />Refresh cache or set permissions properly!<br />\n");
318 while(!feof($searchfp)) { fgets($searchfp); $flen++
; }
319 for($i=0; $i<$_GET['random']; $i++
) {
321 for($j=0; $j<rand(0, $flen-1); $j++
) fgets($searchfp);
322 echo(dirname($music_dir_url).'/'.str_replace('%2F', '/', (rawurlencode(trim(fgets($searchfp)))))."\r\n");
327 if(isset($_GET['blank'])) {
329 <link rel
="stylesheet" type
="text/css" href
="<?=$css_file?>" />
330 <body
class="blank"><div
class="blank"><b
>Music player
</b
> <small
><i
>(click
'F' link next to the song name to start
, 'S' to stop
...)</i
></small
></div
></body
>
335 <!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
336 <meta http
-equiv
="Content-Type" content
="text/html; charset=<?=$charset?>" />
339 <link rel
="stylesheet" type
="text/css" href
="<?=$css_file?>" />
340 <link rel
="shortcut icon" href
="<?=$favicon_file?>" />
341 <link href
="<?=$favicon_file?>" rel
="icon" type
="image/gif" />
345 <div align
="right" style
="position: absolute; top: 5px; right: 5px;">
347 <iframe src
="about:blank" name
="playframe-hide" width
="0" height
="0" style
="border: none;" class="hide"></iframe
><!-- -----------???
--------------- -->
348 <span
class="icon"><
;</span
> <a href
="javascript: history.go(-1)" class="icon iback">BACK
</a
>
349 |
<a href
="?"><span
class="icon ihome">HOME
</span
> (<?
=$music_dir?
>)</a
>
350 |
<a href
="?help" class="icon ihelp">ABOUT
/HELP
</a
>
351 |
<a href
="?logout" class="icon ilogout">LOGOUT
</a
>
355 if(isset($_GET['help'])) {
356 ?
><h1
>About
/Help
</h1
><?php
357 readfile($bonus_dir.'/help.html');
362 if(!isset($_GET['search'])) {
363 echo('<title>'.$title.': '.unxss($dir).'</title>');
364 echo('<a href="?" style="color: black;"><h1 style="float: left;">'.$title.'</h1></a><h2 style="clear: left; display: inline; float: left;">Index of: '.explode_path($dir).'</h2>');
366 echo('<title>'.$title.': '.unxss($_GET['search']).'</title>');
367 echo('<a href="?" style="color: black;"><h1 style="float: left;">'.$title.'</h1></a><h2 style="clear: left; display: inline; float: left;">Searching for: '.unxss($_GET['search']).'</h2>');
375 <span style
="float: right;">
376 <form action
="?" method
="GET" align
="right" style
="display: inline;">
377 <input type
="hidden" name
="download" value
="" />
378 <input type
="number" min
="1" name
="random" value
="<?=$default_random_count?>" style
="width:4em;" title
="how many randomly selected tracks should be in
381 <input type
="submit" value
="random" title
="Generate random music playlist..." />
383 <form action
="?" method
="GET" align
="right" style
="display: inline;">
384 <input type
="search" name
="search" autofocus placeholder
="search regexp..."
385 title
="Search in music/google/lyrics/mp3/youtube; Hint: You can use regular expressions in search query..."
386 value
="<?=unxss($_GET['search'])?>"
388 <input type
="submit" value
="search" title
="Search in this JuKe!Box..." />
392 if(!isset($_GET['search'])) {
393 echo('<br style="clear: both;" />');
397 <span style
="float: right;">
398 <form action
="?" method
="POST" align
="right">
399 <input type
="password" name
="cache-refresh" value
="" style
="width:5em;" title
="Password for refreshing - good for avoiding DoS Attacks!!!" />
400 <input type
="submit" value
="refresh cache" title
="You should refresh cache each time when you add new music or upgrade to newer version of JuKe!Box !!!" />
404 <div align
="right" style
="clear: right;" title
="Aditional search engines...">
408 foreach($search_engines as $search_desc => $search_link) {
409 if(!$search_prefix) {
410 echo(unxss($_GET['search'])." @\n");
413 echo('<a href="'.$search_link.rawurlencode($_GET['search']).'">'.$search_desc."</a>;\n");
416 </div
><br style
="clear: both;" />
418 echo('<small>Search DB size: '.(filesize($search_cache)/1024)." kB<br /></small>\n");
420 if(!($searchfp = fopen($search_cache, 'r')))
421 die("Cannot read cache from $outfile<br />Refresh cache or set permissions properly!<br />\n");
424 echo('<table border="1" width="100%">');
425 render_tr_playframe_show();
426 echo('<tr><td>S</td><td><a href="?download&playlist&search='.unxss($_GET['search']).'">P</a>');
427 if($GLOBALS['useflash']) echo('/<a href="?f&playlist&search='.unxss($_GET['search']).'" target="'.$GLOBALS['flash_player_frame'].'">F</a>');
428 echo('</td><td colspan="100%">Search: '.unxss($_GET['search']).'</td></tr>');
430 while(!feof($searchfp)) {
431 $line = trim(fgets($searchfp));
432 $parclass=($i%2?
'even':'odd'); $parcolor=($i%2?
'lightblue':'white');
433 if(@eregi
(str_replace(' ', '(.*)', unational($_GET['search'])), unational($line))) {
435 $filesize = 0; if($i <= $access_limit) $filesize = filesize($line); else $filesize = 'n/a';
436 render_file_line('', $line, $music_dir_url, $i, $filesize, true);
439 echo('<tr><td colspan="100%">Total: '.$i.' results...</td></tr></table>');
440 render_footer(); die();
443 @readfile
($header_file);
444 foreach($indexlist as $index) @readfile
($dir.$index);
447 <table border
="1" width
="100%">
448 <?php
render_tr_playframe_show(); ?
>
450 <tr
class="directory"><td
>>
;</td
>
451 <td
><a href
="?download&playlist&dir=<?=str_replace('%2F', '/', rawurlencode($current_dir))?>" class="icon iplay">P
</a
>/<a
452 href
="?download&recursive&playlist&dir=<?=str_replace('%2F', '/', rawurlencode($current_dir))?>" class="icon irplay">R
</a
><?php
453 if($GLOBALS['useflash']) echo('/<a href="?f&playlist&dir='.str_replace('%2F', '/', rawurlencode($current_dir)).'" target="'.$GLOBALS['flash_player_frame'].'"
454 class="icon ifplay">F</a>'); ?
>
456 <td colspan
="100%"><?
=unxss($dir)?
></td
></tr
>
457 <tr
><td
>^
</td
><td
> 
;</td
><td colspan
="100%" class="directory"><span
class="icon ifolder">[DIR
] </span
><a href
="?dir=<?=rawurlencode($parent_dir)?>">..
458 (<?
=$parent_dir?
>)</a
></td
></tr
>
463 for($s=2;$s;$s--) { while(($item = readdir($dd)) != false) {
464 if($item == '.' ||
$item == '..') continue;
465 if(($s==2 && is_file($dir.$item)) ||
($s!=2 && is_dir($dir.$item))) continue;
467 //$parclass=($i%2?'even':'odd'); $parcolor=($i%2?'lightblue':'white');
469 if(is_file($dir.$item)) {
473 if(is_dir($dir.$item)) {
478 if(is_file($dir.$item)) {
479 render_file_line($dir, $item, $music_dir_url, $i, filesize($dir.$item));
481 if(is_dir($dir.$item)) {
482 render_dir_line($current_dir, $item, $i);
490 foreach($itemsd as $item) {
492 render_dir_line($current_dir, $item, $i);
494 foreach($itemsf as $item) {
496 render_file_line($dir, $item, $music_dir_url, $i, filesize($dir.$item));