A few points.
Rijndael was the codename for the cipher before it was selected for AES.
AES 128 has not been broken. Reduced-round versions, sure, but that's only something the cryptography guys care about. Attacks on modern ciphers (such as the recent PS3 hack) are caused by implementation errors or side-channel attacks. And social engineering is far more effective than any other technique.
The key size determines the number of rounds/round schedule. The algorithm doesn't really change, only a few constants (constants can be a big deal in cryptography e.g. S-boxes, but this is not that kind of constant).
Hashing the key won't increase the entropy, this is not the point of a hash. You are getting the right idea, however, since a hashed passphrase is better than inserting the passphrase directly into the key and padding/truncating it. A salted and hashed passphrase is even better, preventing the use of rainbow tables.
Your goal is to render brute-force attacks infeasible, by making key generation computationally expensive. Using SHA-1 alone, once is a poor choice; you should use PBKDF2. (Someone needs to develop an extension for that!)
"SHA1 is only letters and numbers" is a misunderstanding, it outputs a 160-bit digest which is often expressed as 40 hexadecimal characters. If you're using it for AES 128 you need to truncate it; for the others, you need to pad it (and if the attacker knows you are only using 128 bits of a 256-bit key, her job is billions of times easier). Not that you should use its output directly, see above.