chiark / gitweb /
cgi/actions.c, lib/client*.[ch]: Don't use priv connection to check passwd.
[disorder] / cgi / actions.c
index f6755b0317ad2ca080c1d28098e3902df38cb559..6f094cb7780a98b928092fcfe45869d801c3e7c0 100644 (file)
@@ -76,14 +76,13 @@ static void act_playing(void) {
      && dcgi_playing->sofar >= 0) {
     /* Try to put the next refresh at the start of the next track. */
     xtime(&now);
-    fin = now + length - dcgi_playing->sofar + config->gap;
+    fin = now + length - dcgi_playing->sofar;
     if(now + refresh > fin)
       refresh = fin - now;
   }
   if(dcgi_queue && dcgi_queue->origin == origin_scratch) {
-    /* next track is a scratch, don't leave more than the inter-track gap */
-    if(refresh > config->gap)
-      refresh = config->gap;
+    /* next track is a scratch, refresh immediately */
+    refresh = 0;
   }
   if(!dcgi_playing
      && ((dcgi_queue
@@ -91,9 +90,8 @@ static void act_playing(void) {
          || dcgi_random_enabled)
      && dcgi_enabled) {
     /* no track playing but playing is enabled and there is something coming
-     * up, must be in a gap */
-    if(refresh > config->gap)
-      refresh = config->gap;
+     * up, so refresh immediately */
+    refresh = 0;
   }
   /* Bound the refresh interval below as a back-stop against the above
    * calculations coming up with a stupid answer */
@@ -240,16 +238,17 @@ static void act_play(void) {
   char **tracks;
   int ntracks, n;
   struct tracksort_data *tsd;
+  char *id;
   
   if(dcgi_client) {
     if((track = cgi_get("track"))) {
-      disorder_play(dcgi_client, track);
+      disorder_play(dcgi_client, track, &id);
     } else if((dir = cgi_get("dir"))) {
       if(disorder_files(dcgi_client, dir, 0, &tracks, &ntracks))
         ntracks = 0;
       tsd = tracksort_init(ntracks, tracks, "track");
       for(n = 0; n < ntracks; ++n)
-        disorder_play(dcgi_client, tsd[n].track);
+        disorder_play(dcgi_client, tsd[n].track, &id);
     }
   }
   redirect(0);
@@ -308,8 +307,12 @@ static int login_as(const char *username, const char *password) {
 
   if(dcgi_cookie && dcgi_client)
     disorder_revoke(dcgi_client);
-  /* We'll need a new connection as we are going to stop being guest */
+  /* We'll need a new connection as we are going to stop being guest.
+   * Make sure it's unprivileged, so that the server actually bothers checking
+   * the password we supply.
+   */
   c = disorder_new(0);
+  disorder_force_unpriv(c);
   if(disorder_connect_user(c, username, password)) {
     login_error("loginfailed");
     return -1;