Made major improvements to embedded player, added option for making server force clients to fully refresh, and added some more failsafes for the server

2025-10-29 18:00:23 +00:00 · 2017-05-05 17:35:27 +02:00
parent b9aa04f360
commit f71dcb51e9
17 changed files with 444 additions and 248 deletions
--- a/server/public/assets/css/embed.css
+++ b/server/public/assets/css/embed.css
@@ -157,7 +157,7 @@
  position: absolute;
    top: -47px;
    left: 10px;
-    background-image: url('public/images/z.svg');
+    background-image: url('/assets/images/z.svg');
    width: 50px;
    height: 50px;
    background-position: center;
--- a/server/public/assets/dist/embed.min.js
+++ b/server/public/assets/dist/embed.min.js
--- a/server/public/assets/dist/main.min.js
+++ b/server/public/assets/dist/main.min.js
--- a/server/public/assets/dist/remote.min.js
+++ b/server/public/assets/dist/remote.min.js
@@ -1 +1 @@
-!function(){var e=!0;mobilecheck=function(){var e=!1;return function(t){(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i.test(t)||/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(t.substr(0,4)))&&(e=!0)}(navigator.userAgent||navigator.vendor||window.opera),e},$(document).ready(function(){document.title="Zoff Remote",setTimeout(function(){$("#search").focus()},500);var e={"sync disconnect on unload":!0,secure:!0};$("#about").modal(),$("#contact").modal(),"remote.zoff.me"==window.location.hostname?add="https://zoff.me":add="localhost",socket=io.connect(add+":8080",e),id=window.location.pathname.split("/")[1],id&&(id=id.toLowerCase(),t.control());try{git_info=$.ajax({type:"GET",url:"https://api.github.com/users/zoff-music/received_events",async:!1}).responseText,git_info=$.parseJSON(git_info),$("#latest-commit").html("Latest Commit: <br>"+git_info[0].created_at.substring(0,10)+": "+git_info[0].actor.display_login+"<br><a href='https://github.com/"+git_info[0].repo.name+"/commit/"+git_info[0].payload.commits[0].sha+"' target='_blank'>"+git_info[0].payload.commits[0].sha.substring(0,10)+"</a>: "+git_info[0].payload.commits[0].message+"<br")}catch(e){}}),$(document).on("click","#playbutton",function(){socket.emit("id",{id:id,type:"play",value:"mock"})}),$(document).on("click","#pausebutton",function(){socket.emit("id",{id:id,type:"pause",value:"mock"})}),$(document).on("click","#skipbutton",function(){socket.emit("id",{id:id,type:"skip",value:"mock"})}),$(document).on("submit","#remoteform",function(e){e.preventDefault(),t.control()});var t={control:function(){e?(id||(id=document.getElementById("remoteform").chan.value,window.history.pushState("object or string","Title","/"+id)),document.getElementById("remoteform").chan.value="",e=!1,$(".rc").css("display","block"),$("#remote-text").text("Controlling "+id.toUpperCase()),document.getElementById("search").setAttribute("length","18"),document.getElementById("search").setAttribute("maxlength","18"),$("#forsearch").html("Type new channel name to change to"),$("#volume-control").slider({min:0,max:100,value:100,range:"min",animate:!0,stop:function(e,t){socket.emit("id",{id:id,type:"volume",value:t.value})}})):(socket.emit("id",{id:id,type:"channel",value:$("#search").val().toLowerCase()}),$("#search").val(""))}}}();
+!function(){var e=!0;mobilecheck=function(){var e=!1;return function(t){(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i.test(t)||/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(t.substr(0,4)))&&(e=!0)}(navigator.userAgent||navigator.vendor||window.opera),e},$(document).ready(function(){document.title="Zoff Remote",setTimeout(function(){$("#search").focus()},500);var e={"sync disconnect on unload":!0,secure:!0};$("#about").modal(),$("#contact").modal(),"remote.zoff.me"==window.location.hostname?add="https://zoff.me":add="localhost",socket=io.connect(add+":8080",e),socket.on("update_required",function(){window.location.reload(!0)}),id=window.location.pathname.split("/")[1],id&&(id=id.toLowerCase(),t.control());try{git_info=$.ajax({type:"GET",url:"https://api.github.com/users/zoff-music/received_events",async:!1}).responseText,git_info=$.parseJSON(git_info),$("#latest-commit").html("Latest Commit: <br>"+git_info[0].created_at.substring(0,10)+": "+git_info[0].actor.display_login+"<br><a href='https://github.com/"+git_info[0].repo.name+"/commit/"+git_info[0].payload.commits[0].sha+"' target='_blank'>"+git_info[0].payload.commits[0].sha.substring(0,10)+"</a>: "+git_info[0].payload.commits[0].message+"<br")}catch(e){}}),$(document).on("click","#playbutton",function(){socket.emit("id",{id:id,type:"play",value:"mock"})}),$(document).on("click","#pausebutton",function(){socket.emit("id",{id:id,type:"pause",value:"mock"})}),$(document).on("click","#skipbutton",function(){socket.emit("id",{id:id,type:"skip",value:"mock"})}),$(document).on("submit","#remoteform",function(e){e.preventDefault(),t.control()});var t={control:function(){e?(id||(id=document.getElementById("remoteform").chan.value,window.history.pushState("object or string","Title","/"+id)),document.getElementById("remoteform").chan.value="",e=!1,$(".rc").css("display","block"),$("#remote-text").text("Controlling "+id.toUpperCase()),document.getElementById("search").setAttribute("length","18"),document.getElementById("search").setAttribute("maxlength","18"),$("#forsearch").html("Type new channel name to change to"),$("#volume-control").slider({min:0,max:100,value:100,range:"min",animate:!0,stop:function(e,t){socket.emit("id",{id:id,type:"volume",value:t.value})}})):(socket.emit("id",{id:id,type:"channel",value:$("#search").val().toLowerCase()}),$("#search").val(""))}}}();
--- a/server/public/assets/html/embed.html
+++ b/server/public/assets/html/embed.html
@@ -8,6 +8,7 @@
 		<link type="text/css" rel="stylesheet" href="/assets/css/materialize.min.css" />
 		<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
 		<script type="text/javascript" src="/assets/dist/lib/jquery-2.1.3.min.js"></script>
+		<script type="text/javascript" src="/assets/dist/lib/materialize.min.js"></script>
 		<script type="text/javascript" src="/assets/dist/lib/jquery-ui-1.10.3.min.js"></script>
 		<script type="text/javascript" src="/assets/dist/lib/socket.io.min.js"></script>
 		<link type="text/css" rel="stylesheet" href="/assets/css/embed.css" />
@@ -26,6 +27,14 @@

 			window.addEventListener("message", receiveMessage, false);
 		</script>
+		<div id="locked_channel" class="modal">
+					<div class="modal-content">
+							<h5>Locked Channel</h5>
+							<p>This channel has a password, and can't be accessed in embedded mode.</p>
+					</div>
+					<div class="modal-footer">
+					</div>
+			</div>
 		<div id="song-title"></div><div id="container" style="display:inline-flex;"><div id="player-container"><div id="player"></div><div id="controls" class="noselect"><div id="zoffbutton" title="Visit the channel!"></div><div id="playpause"><i id="play" class="material-icons hide">play_arrow</i><i id="pause" class="material-icons">pause</i></div><div id="duration">00:00 / 00:00</div><div id="volume-button"><i id="v-mute" class="mdi-av-volume-off"></i><i id="v-low" class="mdi-av-volume-mute"></i><i id="v-medium" class="mdi-av-volume-down"></i><i id="v-full" class="mdi-av-volume-up"></i></div><div id="volume"></div><div id="viewers"></div><div id="bar"></div></div></div><div id="playlist"><div id="wrapper"><div id="preloader" class="progress channel_preloader"><div class="indeterminate"></div></div><div id="list-song-html"><div id="list-song" class="card left-align list-song"><span class="clickable vote-container" title="Vote!"><a class="clickable center-align votebg"><div class="lazy card-image cardbg list-image" style=""></div></a><span class="card-content"><span class="flow-text truncate list-title"></span><span class="vote-span"><span class="list-votes"></span><span class="highlighted vote-text">&nbsp;votes</span></span></span></span></div></div></div></div></div>
 	</body>
 </html>
--- a/server/public/assets/js/admin.js
+++ b/server/public/assets/js/admin.js
@@ -311,7 +311,7 @@ var Admin = {
    	shuffling  = form.shuffle.checked;
        var pass_send = userpass == '' ? userpass : CryptoJS.SHA256(userpass).toString();
    	configs    = {
-            voting: voting, addsongs: addsongs, longsongs: longsongs, frontpage: frontpage, allvideos: allvideos, removeplay: removeplay, adminpass: adminpass, skipping: skipping, shuffling: shuffling, userpass: pass_send, userpass_changed: userpass_changed
+            channel: chan.toLowerCase(), voting: voting, addsongs: addsongs, longsongs: longsongs, frontpage: frontpage, allvideos: allvideos, removeplay: removeplay, adminpass: adminpass, skipping: skipping, shuffling: shuffling, userpass: pass_send, userpass_changed: userpass_changed
        };

      Crypt.set_userpass(chan.toLowerCase(), CryptoJS.SHA256(userpass).toString());
@@ -325,7 +325,7 @@ var Admin = {
    shuffle: function()
    {
        if(!offline){
-            socket.emit('shuffle', adminpass !== undefined ? adminpass : "");
+            socket.emit('shuffle', {adminpass: adminpass !== undefined ? adminpass : "", channel: chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
        } else {
            for(var x = 0; x < full_playlist.length; x++){
                var num = Math.floor(Math.random()*1000000);
--- a/server/public/assets/js/chat.js
+++ b/server/public/assets/js/chat.js
@@ -68,7 +68,7 @@ var Chat = {
    else if($(".chat-tab-li a.active").attr("href") == "#all_chat")
      socket.emit("all,chat", data.value);
    else
-      socket.emit("chat", data.value);
+      socket.emit("chat", {channel: chan.toLowerCase(), data: data.value});
    data.value = "";
    return;
  },
--- a/server/public/assets/js/embed.js
+++ b/server/public/assets/js/embed.js
@@ -23,6 +23,7 @@ var chan 	 = hash[0];
 var autoplay = false;
 var color = "#808080";
 var dragging = false;
+var user_auth_started = false;

 var connection_options = {
 	'sync disconnect on unload':true,
@@ -38,12 +39,19 @@ $(document).ready(function(){
 		paused = true;
 	}

+	$("#locked_channel").modal({
+		dismissible: false
+	});
 	color = "#" + hash[1];
-	add = "https://zoff.me";
+	add = "http://localhost";
 	socket = io.connect(''+add+':8080', connection_options);

+	socket.on('auth_required', function() {
+		$("#locked_channel").modal('open');
+	});
+
 	socket.on("get_list", function(){
-	    setTimeout(function(){socket.emit('list', {channel: chan.toLowerCase(), pass: Crypt.get_userpass(chan.toLowerCase())});},1000);
+	    setTimeout(function(){socket.emit('list', {channel: chan.toLowerCase(), pass: ''});},1000);
 	});

 	socket.on("viewers", function(view)
--- a/server/public/assets/js/frontpage.js
+++ b/server/public/assets/js/frontpage.js
@@ -427,7 +427,12 @@ function initfp(){

    if(window.location.hostname == "zoff.me") add = "https://zoff.me";
    else add = window.location.hostname;
-    if(socket === undefined || Helper.mobilecheck() || user_auth_avoid) socket = io.connect(''+add+':8080', connection_options);
+    if(socket === undefined || Helper.mobilecheck() || user_auth_avoid) {
+      socket = io.connect(''+add+':8080', connection_options);
+      socket.on('update_required', function() {
+				window.location.reload(true);
+			});
+    }
    if($("#alreadyfp").length === 0 || Helper.mobilecheck() || !socket._callbacks.$playlists || user_auth_avoid){
      setup_playlist_listener();
    }
--- a/server/public/assets/js/hostcontroller.js
+++ b/server/public/assets/js/hostcontroller.js
@@ -42,7 +42,7 @@ var Hostcontroller = {
        w_p = true;
        var add = "";
        if(private_channel) add = Crypt.getCookie("_uI") + "_";
-  	    socket.emit("list", {channel: add + chan.toLowerCase(), pass: Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
+  	    socket.emit("list", {channel: add + chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});

        /*if(Crypt.get_pass(chan.toLowerCase()) !== undefined && Crypt.get_pass(chan.toLowerCase()) != ""){
          socket.emit("password", {password: Crypt.crypt_pass(Crypt.get_pass(chan.toLowerCase())), channel: chan.toLowerCase()});
--- a/server/public/assets/js/list.js
+++ b/server/public/assets/js/list.js
@@ -465,7 +465,7 @@ var List = {

    vote: function(id, vote){
        if(!offline || (vote == "del" && (hasadmin && (!w_p && adminpass != "")))){
-            socket.emit('vote', {channel: chan, id: id, type: vote, adminpass: adminpass});
+            socket.emit('vote', {channel: chan, id: id, type: vote, adminpass: adminpass, pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
        } else {
            if(vote == "pos"){
                List.voted_song(id, (new Date()).getTime()/1000);
@@ -478,7 +478,7 @@ var List = {

    skip: function(){
        if(!offline){
-            socket.emit('skip', {pass: adminpass, id:video_id, channel: chan.toLowerCase()});
+            socket.emit('skip', {pass: adminpass, id:video_id, channel: chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
        } else {
            Player.playNext();
        }
--- a/server/public/assets/js/listeners.js
+++ b/server/public/assets/js/listeners.js
@@ -213,6 +213,9 @@ function init(){
 		if(socket === undefined || Helper.mobilecheck()){
 			no_socket = false;
 			socket = io.connect(''+add+':8080', connection_options);
+			socket.on('update_required', function() {
+				window.location.reload(true);
+			});
 		}

        Crypt.init();
@@ -249,7 +252,7 @@ function init(){
 		if(no_socket){
 			var add = "";
 			if(private_channel) add = Crypt.getCookie("_uI") + "_";
-	    socket.emit("list", {channel: add + chan.toLowerCase(), pass: Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
+	    socket.emit("list", {channel: add + chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
 		}
        $("#viewers").tooltip({
          delay: 5,
@@ -428,7 +431,7 @@ function hide_native(way){
            }
        } else {
            $("#volume").slider("value", 100);
-            $("#player_overlay").width($("#player").width() + 1);
+            //$("#player_overlay").width($("#player").width() + 1);
        }
        $("#player_overlay").css("background", "url(https://i.ytimg.com/vi/" + video_id + "/maxresdefault.jpg)");
        $("#player_overlay").css("background-position", "center");
@@ -457,7 +460,7 @@ function hide_native(way){
        $("#chromecast_text").html("");
        $("#playing_on").css("display", "none");
 		if(!offline){
-	       socket.emit('pos', {channel: chan.toLowerCase()});
+	       socket.emit('pos', {channel: chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
 		} else {
 			Player.loadVideoById(video_id);
 		}
@@ -471,14 +474,14 @@ function chromecastListener(evt, data){
 			if(offline){
 				Player.playNext();
 			} else {
-        	       socket.emit("end", {id: json_parsed.videoId, channel: chan.toLowerCase()});
+        	       socket.emit("end", {id: json_parsed.videoId, channel: chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
 			}
            break;
 		case 0:
 			if(offline){
 				Player.playNext();
 			} else {
-				socket.emit("skip", {error: json_parsed.data_code, id: json_parsed.videoId, pass: adminpass, channel: chan.toLowerCase});
+				socket.emit("skip", {error: json_parsed.data_code, id: json_parsed.videoId, pass: adminpass, channel: chan.toLowerCase, pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
 			}
 			break;
    }
@@ -529,7 +532,7 @@ function get_list_listener(){
 	socket.on("get_list", function(){
 		var add = "";
 		if(private_channel) add = Crypt.getCookie("_uI") + "_";
-		socket.emit("list", {channel: add + chan.toLowerCase(), pass: Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
+		socket.emit("list", {channel: add + chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
 	});
 }

@@ -721,10 +724,10 @@ function change_offline(enabled, already_offline){
        $("#controls").off("click", seekToClick);
        $("#seekToDuration").remove();
 		if(window.location.pathname != "/"){
-			socket.emit("pos");
+			socket.emit("pos", {channel: chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
 			var add = "";
 			if(private_channel) add = Crypt.getCookie("_uI") + "_";
-	    socket.emit("list", {channel: add + chan.toLowerCase(), pass: Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
+	    socket.emit("list", {channel: add + chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
      if($("#controls").hasClass("ewresize")) $("#controls").removeClass("ewresize");
 		}
    }
@@ -888,13 +891,13 @@ $(document).on("click", "#offline-mode", function(e){

 $(document).on("submit", "#thumbnail_form", function(e){
 	e.preventDefault();
-	socket.emit("suggest_thumbnail", {channel: chan, thumbnail: $("#chan_thumbnail").val(), adminpass: Crypt.crypt_pass(Crypt.get_pass(chan.toLowerCase()))});
+	socket.emit("suggest_thumbnail", {channel: chan, thumbnail: $("#chan_thumbnail").val(), adminpass: Crypt.crypt_pass(Crypt.get_pass(chan.toLowerCase())), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
    $("#chan_thumbnail").val("");
 });

 $(document).on("submit", "#description_form", function(e){
    e.preventDefault();
-    socket.emit("suggest_description", {channel: chan, description: $("#chan_description").val(), adminpass: Crypt.crypt_pass(Crypt.get_pass(chan.toLowerCase()))});
+    socket.emit("suggest_description", {channel: chan, description: $("#chan_description").val(), adminpass: Crypt.crypt_pass(Crypt.get_pass(chan.toLowerCase())), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
    $("#chan_description").val("");
 });

@@ -1471,7 +1474,7 @@ $(window).resize(function(){
        List.can_fit = temp_fit;
        List.element_height = (($("#wrapper").height()) / List.can_fit)-5.3;
        $(".list-song").css("height", List.element_height + "px");
-        $("#player_overlay").width($("#player").width()+1);
+        //$("#player_overlay").width($("#player").width()+1);
        set_title_width();
 				if($("#controls").length > 0 && !Helper.mobilecheck()) $("#seekToDuration").css("top", $("#controls").position().top - 55);
 				else if($("#controls").length > 0) $("#seekToDuration").css("top", $("#controls").position().top - 20);
@@ -1688,7 +1691,7 @@ function onepage_load(){
 			var add = "";
 	    w_p = true;
 			if(private_channel) add = Crypt.getCookie("_uI") + "_";
-	    socket.emit("list", {channel: add + chan.toLowerCase(), pass: Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
+	    socket.emit("list", {channel: add + chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
 	}else if(url_split[3] === ""){
        user_change_password = false;
        clearTimeout(width_timeout);
--- a/server/public/assets/js/player.js
+++ b/server/public/assets/js/player.js
@@ -138,7 +138,7 @@ var Player = {
                playing = false;
                paused  = false;
                if(!offline){
-	                socket.emit("end", {id: video_id, channel: chan.toLowerCase()});
+	                socket.emit("end", {id: video_id, channel: chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
                } else {
                    Player.playNext();
                }
@@ -167,7 +167,7 @@ var Player = {
                }
    			if(paused && !offline)
    			{
-    				socket.emit('pos', {channel: chan.toLowerCase()});
+    				socket.emit('pos', {channel: chan.toLowerCase(), pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
    				paused = false;
    			}
    			break;
@@ -320,7 +320,7 @@ var Player = {
                curr_playing = Player.player.getVideoUrl().replace("https://www.youtube.com/watch?v=", "");


-                    socket.emit("skip", {error: newState.data, id: video_id, pass: adminpass, channel: chan.toLowerCase});
+                    socket.emit("skip", {error: newState.data, id: video_id, pass: adminpass, channel: chan.toLowerCase, pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
                    //Helper.log(video_id, Player.player.getVideoUrl(), Player.player.getPlayerState());

                /*}else{
--- a/server/public/assets/js/remotecontroller.js
+++ b/server/public/assets/js/remotecontroller.js
@@ -20,6 +20,9 @@ $(document).ready(function (){
    if(window.location.hostname == "remote.zoff.me") add = "https://zoff.me";
    else add = "localhost";
    socket = io.connect(add+':8080', connection_options);
+    socket.on('update_required', function() {
+      window.location.reload(true);
+    });
    id = window.location.pathname.split("/")[1];
    if(id)
    {
--- a/server/public/assets/js/search.js
+++ b/server/public/assets/js/search.js
@@ -406,7 +406,7 @@ var Search = {
              List.vote(id, "pos");
          }
      } else {
-          socket.emit("add", {id: id, title: decodeURIComponent(title), adminpass: adminpass, list: chan.toLowerCase(), duration: duration, playlist: playlist, num: num, total: full_num});
+          socket.emit("add", {id: id, title: decodeURIComponent(title), adminpass: adminpass, list: chan.toLowerCase(), duration: duration, playlist: playlist, num: num, total: full_num, pass: embed ? '' : Crypt.crypt_pass(Crypt.get_userpass(chan.toLowerCase()))});
      }//[id, decodeURIComponent(title), adminpass, duration, playlist]);
    },

--- a/server/router.js
+++ b/server/router.js
@@ -26,9 +26,9 @@ router.route('/:channel_name').get(function(req, res, next){
            res.redirect("https://zoff.me");
        } else {
            if(req.params.channel_name == "_embed") {
-                res.sendFile(path.join(__dirname, '/views/assets/html/embed.html'));
+                res.sendFile(path.join(__dirname, '/public/assets/html/embed.html'));
            } else if(req.params.channel_name == "o_callback") {
-                res.sendFile(path.join(__dirname, '/views/assets/html/callback.html'));
+                res.sendFile(path.join(__dirname, '/public/assets/html/callback.html'));
            } else {
                var data = {
                    list_name: capitalizeFirstLetter(req.params.channel_name),
@@ -79,9 +79,9 @@ router.route('/:user_name/:channel_name').get(function(req, res, next){
        res.redirect("https://zoff.me");
    } else {
        if(req.params.channel_name == "_embed") {
-            res.sendFile(path.join(__dirname, '/views/assets/html/embed.html'));
+            res.sendFile(path.join(__dirname, '/public/assets/html/embed.html'));
        } else if(req.params.channel_name == "o_callback") {
-            res.sendFile(path.join(__dirname, '/views/assets/html/callback.html'));
+            res.sendFile(path.join(__dirname, '/public/assets/html/callback.html'));
        } else {
            var data = {
                list_name: capitalizeFirstLetter(req.params.channel_name),
--- a/server/server.js
+++ b/server/server.js
@@ -172,11 +172,15 @@ io.on('connection', function(socket){
            var channel = msg.channel.toLowerCase();
            var hash = hash_pass(decrypt_string(socketid, msg.adminpass));
            db.collection(channel).find({views:{$exists:true}}, function(err, docs){
+                if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == decrypt_string(socketid, msg.pass)))) {
                    if(docs !== null && docs.length !== 0 && docs[0].adminpass !== "" && docs[0].adminpass == hash){
                        db.collection("suggested_thumbnails").update({channel: channel}, {$set:{thumbnail: msg.thumbnail}}, {upsert:true}, function(err, docs){
                            socket.emit("toast", "suggested_thumbnail");
                        });
                    }
+                } else {
+                    socket.emit("auth_required");
+                }
            });
        } else {
            socket.emit("toast", "thumbnail_denied");
@@ -188,11 +192,15 @@ io.on('connection', function(socket){
            var channel = msg.channel.toLowerCase();
            var hash = hash_pass(decrypt_string(socketid, msg.adminpass));
            db.collection(channel).find({views:{$exists:true}}, function(err, docs){
+                if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == decrypt_string(socketid, msg.pass)))) {
                    if(docs !== null && docs.length !== 0 && docs[0].adminpass !== "" && docs[0].adminpass == hash){
                        db.collection("suggested_descriptions").update({channel: channel}, {$set:{description: msg.description}}, {upsert:true}, function(err, docs){
                            socket.emit("toast", "suggested_description");
                        });
                    }
+                } else {
+                    socket.emit("auth_required");
+                }
            });
        } else {
            socket.emit("toast", "description_denied");
@@ -272,8 +280,14 @@ io.on('connection', function(socket){
        }
    });

-    socket.on('chat', function (data) {
-        if(typeof(data) !== 'string') return;
+    socket.on('chat', function (msg) {
+        if(typeof(data) !== 'object' && !msg.hasOwnProperty('data') && !msg.hasOwnProperty('channel')) {
+            socket.emit('update_required');
+            return;
+        }
+        db.collection(coll).find({views:{$exists:true}}, function(err, docs){
+            if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == decrypt_string(socketid, msg.pass)))) {
+
                check_inlist(coll, guid, socket, names[guid], offline);
                if(data !== "" && data !== undefined && data !== null &&
                data.length < 151 && data.replace(/\s/g, '').length){
@@ -282,11 +296,18 @@ io.on('connection', function(socket){
                    } else name = names[guid];
                    io.to(coll).emit('chat', {from: names[guid], msg: ": " + data});
                }
+            } else {
+                socket.emit('auth_required');
+            }
+        });
    });

    socket.on("all,chat", function(data)
    {
-        if(typeof(data) !== 'string') return;
+        if(typeof(data) !== 'string') {
+            socket.emit('update_required');
+            return;
+        }
        check_inlist(coll, guid, socket, names[guid], offline);
        if(data !== "" && data !== undefined && data !== null &&
        data.length < 151 && data.replace(/\s/g, '').length){
@@ -332,7 +353,10 @@ io.on('connection', function(socket){

    socket.on('now_playing', function(list, fn)
    {
-        if(typeof(list) !== 'string' || typeof(fn) !== 'function') return;
+        if(typeof(list) !== 'string' || typeof(fn) !== 'function') {
+            socket.emit('update_required');
+            return;
+        }
        db.collection(list).find({now_playing:true}, function(err, docs){
            if(docs.length === 0){
                fn("No song currently playing");
@@ -356,18 +380,22 @@ io.on('connection', function(socket){
        if(typeof(msg) === 'object' && msg !== undefined && msg !== null && msg.hasOwnProperty("channel") && msg.hasOwnProperty('pass'))
        {
            var list = msg.channel;
-            var pass = decrypt_string(socketid, msg.pass);
-            db.collection(list).find({views: {$exists: true}}, function(err, docs) {
-              if(docs.length == 0 || (docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || docs[0].userpass == pass))) {
-                    if(docs.length > 0 && docs[0].hasOwnProperty('userpass') && docs[0].userpass != "" && docs[0].userpass == pass) {
-                        socket.emit("auth_accepted", {value: true});
-                    }
-                    in_list = true;
            coll = emojiStrip(list).toLowerCase();
            //coll = decodeURIComponent(coll);
            coll = coll.replace("_", "");
            coll = encodeURIComponent(coll).replace(/\W/g, '');
            coll = filter.clean(coll);
+            if(coll == "" || coll == undefined || coll == null) {
+                socket.emit("update_required");
+                return;
+            }
+            var pass = decrypt_string(socketid, msg.pass);
+            db.collection(coll).find({views: {$exists: true}}, function(err, docs) {
+              if(docs.length == 0 || (docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || docs[0].userpass == pass))) {
+                    if(docs.length > 0 && docs[0].hasOwnProperty('userpass') && docs[0].userpass != "" && docs[0].userpass == pass) {
+                        socket.emit("auth_accepted", {value: true});
+                    }
+                    in_list = true;
                    socket.join(coll);
                    socket.join(short_id);
                    socket.emit("id", short_id);
@@ -390,12 +418,17 @@ io.on('connection', function(socket){
                  socket.emit("auth_required");
              }
            })
+        } else {
+            socket.emit('update_required');
        }
    });

    socket.on('end', function(obj)
    {
-        if(typeof(obj) !== 'object') return;
+        if(typeof(obj) !== 'object') {
+            socket.emit('update_required');
+            return;
+        }
        id = obj.id;
        if(id !== undefined && id !== null && id !== "")
        {
@@ -407,6 +440,15 @@ io.on('connection', function(socket){
                coll = encodeURIComponent(coll).replace(/\W/g, '');
                coll = filter.clean(coll);
            }
+
+            if(coll == "" || coll == undefined || coll == null) {
+                socket.emit("update_required");
+                return;
+            }
+
+            db.collection(coll).find({views:{$exists:true}}, function(err, docs){
+                if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (obj.hasOwnProperty('pass') && docs[0].userpass == decrypt_string(socketid, obj.pass)))) {
+
                    check_inlist(coll, guid, socket, name, offline);
                    db.collection(coll).find({now_playing:true}, function(err, np){
                        if(err !== null) console.log(err);
@@ -427,6 +469,12 @@ io.on('connection', function(socket){
                            });
                        }
                    });
+                } else {
+                    socket.emit("auth_required");
+                }
+            });
+        } else {
+            socket.emit('update_required');
        }
    });

@@ -435,7 +483,7 @@ io.on('connection', function(socket){
        if(typeof(arr) === 'object' && arr !== undefined && arr !== null && arr !== "" && !isNaN(parseInt(arr.duration)))
        {
            //if(arr.length == 5) coll = arr[4];
-            if(arr.list !== undefined) {
+            if(coll !== undefined) {
                coll = arr.list;
                coll = emojiStrip(coll).toLowerCase();
                //coll = decodeURIComponent(coll);
@@ -444,6 +492,14 @@ io.on('connection', function(socket){
                coll = filter.clean(coll);
            }

+            if(coll == "" || coll == undefined || coll == null) {
+                socket.emit("update_required");
+                return;
+            }
+
+            db.collection(coll).find({views:{$exists:true}}, function(err, docs){
+                if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (arr.hasOwnProperty('pass') && docs[0].userpass == decrypt_string(socketid, arr.pass)))) {
+
                    check_inlist(coll, guid, socket, name, offline);

                    var id = arr.id;
@@ -562,6 +618,12 @@ io.on('connection', function(socket){
                            //socket.emit("toast", "listhaspass");
                        }
                    });
+                } else {
+                    socket.emit("auth_required");
+                }
+            });
+        } else {
+            socket.emit('update_required');
        }
    });

@@ -569,6 +631,24 @@ io.on('connection', function(socket){
    {
        if(typeof(msg) === 'object' && msg !== undefined && msg !== null)
        {
+
+            if(coll !== undefined) {
+                coll = msg.channel;
+                coll = emojiStrip(coll).toLowerCase();
+                //coll = decodeURIComponent(coll);
+                coll = coll.replace("_", "");
+                coll = encodeURIComponent(coll).replace(/\W/g, '');
+                coll = filter.clean(coll);
+            }
+
+            if(coll == "" || coll == undefined || coll == null) {
+                socket.emit("update_required");
+                return;
+            }
+
+            db.collection(coll).find({views:{$exists:true}}, function(err, docs){
+                if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == decrypt_string(socketid, msg.pass)))) {
+
                    check_inlist(coll, guid, socket, name, offline);

                    if(msg.type == "del")
@@ -587,6 +667,12 @@ io.on('connection', function(socket){
                            }
                        });
                    }
+                } else {
+                    socket.emit("auth_required");
+                }
+            });
+        } else {
+            socket.emit('update_required');
        }
    });

@@ -603,6 +689,11 @@ io.on('connection', function(socket){
            coll = encodeURIComponent(coll).replace(/\W/g, '');
            coll = filter.clean(coll);

+            if(coll == "" || coll == undefined || coll == null) {
+                socket.emit("update_required");
+                return;
+            }
+
            uncrypted = pw;
            pw = decrypt_string(socketid, pw);

@@ -630,6 +721,8 @@ io.on('connection', function(socket){
                        socket.emit("toast", "wrongpass");
                }
            });
+        } else {
+            socket.emit('update_required');
        }
    });

@@ -638,7 +731,7 @@ io.on('connection', function(socket){
        //if(1==2)
        if(list !== undefined && list !== null && list !== "")
        {
-            if(coll === undefined) {
+            if(coll !== undefined) {
                coll = list.channel;
                coll = emojiStrip(coll).toLowerCase();
                //coll = decodeURIComponent(coll);
@@ -646,6 +739,15 @@ io.on('connection', function(socket){
                coll = encodeURIComponent(coll).replace(/\W/g, '');
                coll = filter.clean(coll);
            }
+
+            if(coll == "" || coll == undefined || coll == null) {
+                socket.emit("update_required");
+                return;
+            }
+
+            db.collection(coll).find({views:{$exists:true}}, function(err, docs){
+                if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (list.hasOwnProperty('pass') && docs[0].userpass == decrypt_string(socketid, list.pass)))) {
+
                    check_inlist(coll, guid, socket, name, offline);

                    adminpass = "";
@@ -696,13 +798,44 @@ io.on('connection', function(socket){
                                socket.emit("toast", "noskip");
                        }
                    });
+                } else {
+                    socket.emit("auth_required");
+                }
+            });
+        } else {
+            socket.emit('update_required');
        }
    });

    socket.on('conf', function(params)
    {
-        if(params !== undefined && params !== null && params !== "")
+        if(params !== undefined && params !== null && params !== "" &&
+        params.hasOwnProperty('voting') &&
+        params.hasOwnProperty('addsongs') &&
+        params.hasOwnProperty('longsongs') &&
+        params.hasOwnProperty('frontpage') &&
+        params.hasOwnProperty('allvideos') &&
+        params.hasOwnProperty('removeplay') &&
+        params.hasOwnProperty('adminpass') &&
+        params.hasOwnProperty('skipping') &&
+        params.hasOwnProperty('shuffling') &&
+        params.hasOwnProperty('channel'))
        {
+
+            if(coll !== undefined) {
+                coll = params.channel;
+                coll = emojiStrip(coll).toLowerCase();
+                //coll = decodeURIComponent(coll);
+                coll = coll.replace("_", "");
+                coll = encodeURIComponent(coll).replace(/\W/g, '');
+                coll = filter.clean(coll);
+            }
+
+            if(coll == "" || coll == undefined || coll == null) {
+                socket.emit("update_required");
+                return;
+            }
+
            check_inlist(coll, guid, socket,name, offline);

            var voting = params.voting;
@@ -762,18 +895,36 @@ io.on('connection', function(socket){
                    socket.emit("toast", "wrongpass");
                }
            });
+        } else {
+            socket.emit('update_required');
        }
    });

-    socket.on('shuffle', function(pass)
+    socket.on('shuffle', function(msg)
    {
-        if(pass !== undefined && pass !== null)
+        if(msg.hasOwnProperty('adminpass') && msg.adminpass !== undefined && msg.adminpass !== null)
        {
+
+            if(coll !== undefined) {
+                coll = msg.channel;
+                coll = emojiStrip(coll).toLowerCase();
+                //coll = decodeURIComponent(coll);
+                coll = coll.replace("_", "");
+                coll = encodeURIComponent(coll).replace(/\W/g, '');
+                coll = filter.clean(coll);
+            }
+
+            if(coll == "" || coll == undefined || coll == null) {
+                socket.emit("update_required");
+                return;
+            }
+
            check_inlist(coll, guid, socket, name, offline);
            var hash;
            if(pass === "") hash = pass;
            else hash = hash_pass(decrypt_string(socketid, pass));
            db.collection(coll).find({views:{$exists:true}}, function(err, docs){
+                if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == decrypt_string(socketid, msg.pass)))) {
                    if(docs !== null && docs.length !== 0 && ((docs[0].adminpass == hash || docs[0].adminpass === "") || docs[0].shuffle === false))
                    {
                        db.collection(coll).find({now_playing:false}).forEach(function(err, docs){
@@ -788,6 +939,9 @@ io.on('connection', function(socket){
                        });
                    }else
                        socket.emit("toast", "wrongpass");
+                } else {
+                    socket.emit("auth_required");
+                }
            });

            var complete = function(tot, curr){
@@ -796,6 +950,7 @@ io.on('connection', function(socket){
                    send_list(coll, undefined, false, true, false);
                }
            };
+
        }else
            socket.emit("toast", "wrongpass");
    });
@@ -840,7 +995,8 @@ io.on('connection', function(socket){

    socket.on('pos', function(obj)
    {
-        if(coll === undefined) {
+
+        if(coll !== undefined) {
            coll = obj.channel;
            coll = emojiStrip(coll).toLowerCase();
            //coll = decodeURIComponent(coll);
@@ -848,8 +1004,20 @@ io.on('connection', function(socket){
            coll = encodeURIComponent(coll).replace(/\W/g, '');
            coll = filter.clean(coll);
        }
+
+        if(coll == "" || coll == undefined || coll == null) {
+            socket.emit("update_required");
+            return;
+        }
+
+        db.collection(list).find({views: {$exists: true}}, function(err, docs) {
+            if(docs.length > 0 && (docs[0].userpass == undefined || docs[0].userpass == "" || (msg.hasOwnProperty('pass') && docs[0].userpass == decrypt_string(socketid, msg.pass)))) {
                check_inlist(coll, guid, socket, name, offline);
                send_play(coll, socket);
+            } else {
+                socket.emit("auth_required");
+            }
+        });
    });

 });