function generateSongPlayer($songArr)
{
$title = $songArr["title"];
$artist = $songArr["artist"];
$uploader = $songArr["uploader"];
$location = $songArr["location"];
$score = $songArr["score"] - 1;
$html = "<div class='songPlayer'><table><tr><td>";
// Add the score
$scoreID = "" . $title . ":" . $artist . ":" . $uploader . ":score";
$html = $html . "<span class='score'>⬆<b id='{$scoreID}'>{$score}</b></span>";
// Add the star button
if (isset($_SESSION["username"]) and inputted_properly($_SESSION["username"])) {
// See if the person logged in has starred this track already
try {
// This is for cases when we're using this method in a deeper page
// e.g.: /account/index.php
// It's also completely atrocious
try {
$db = new PDO("sqlite:database/noiseFactionDatabase.db");
} catch (PDOException $e) {
$db = new PDO("sqlite:../database/noiseFactionDatabase.db");
}
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$starringUsername = $_SESSION["username"];
$statement = $db->prepare("select * from Starred where title = '{$title}' and artist = '{$artist}' and songUploader = '{$uploader}' and starringUsername = '******';");
$result = $statement->execute();
if (!$result) {
throw new pdoDbException("Something's gone wrong with the prepared statement");
} else {
if ($statement->fetch() === false) {
$starID = $title . ":" . $artist . ":" . $uploader . ":star";
$username = $_SESSION["username"];
$html = $html . "<button class='playerButton' id='{$starID}' onClick='starSong(\"{$username}\", \"{$title}\", \"{$artist}\", \"{$uploader}\");'>★</button>";
} else {
$starID = $title . ":" . $artist . ":" . $uploader . ":star";
$username = $_SESSION["username"];
$html = $html . "<button class='playerButton' id='{$starID}' disabled='true' style='color: #cca300;'>★</button>";
}
}
$db = null;
} catch (PDOException $e) {
echo 'Exceptions: ' . $e->getMessage();
}
} else {
$html = $html . "<button class='playerButton' disabled='true'>★</button>";
}
// Add the play button
$playID = "" . $title . ":" . $artist . ":" . $uploader . ":play";
$html = $html . "<button id='{$playID}' onClick='playPauseSong(\"{$playID}\", \"{$location}\");' class='playerButton'>▶</button>";
// Add the song details and time counter
$html = $html . "<table class='songDetailsTable'><tr><td>{$title} - {$artist}</td></tr>";
$timerID = $title . ":" . $artist . ":" . $uploader . ":time";
$html = $html . "<tr><td><span id='{$timerID}'>00:00</span> - Uploader: <a href='/account/index.php?user={$uploader}'>{$uploader}</a></td></tr>";
// Clean up
$html = $html . "</table></td></tr></table></div>";
return $html;
}
$statement->execute(array($arg, $arg));
// Add the entry to PlaylistTags
$statement = $db->prepare("insert into PlaylistTags values (?, ?, ?);");
$statement->execute(array($playlistName, $username, $arg));
}
header("Location: viewPlaylist.php?playlistName={$playlistName}&owner={$username}");
exit;
}
} catch (PDOException $e) {
echo 'Exception: ' . $e->getMessage();
}
exit;
}
} else {
// Something must be empty
if (!inputted_properly($playlistName)) {
$playlistNameErr = "Sorry, the playlist's name can't be empty!";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<?php
include "head.html";
?>
</head>
<body>
}
// If everything worked, then let's create an account!
if (!$fail) {
// When we use header, php turns the request into a GET and removes the POST variables
$_SESSION["register/username"] = $username;
$_SESSION["register/email"] = $email;
$_SESSION["register/password"] = $_POST["password1"];
header("Location: createAccount.php");
exit;
}
} else {
// Something must be empty
if (!inputted_properly($username)) {
$usernameErr = "Sorry, your username can't be empty!";
}
if (!inputted_properly($email)) {
$emailErr = "Sorry, your email can't be empty!";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<?php
include "head.html";
?>
<script src="/js/registerPasswordsMatch.js"></script>
</head>
<body>
<?php
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
require 'generalFunctions.php';
require 'PasswordHash.php';
$badLoginErr = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = clean_input($_POST["username"]);
$password = clean_input($_POST["password"]);
if (inputted_properly($username) and inputted_properly($password)) {
try {
$db = new PDO("sqlite:database/noiseFactionDatabase.db");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$statement = $db->prepare("select * from Account where username = ?;");
$result = $statement->execute(array($username));
$usernameExists = $statement->fetch() !== false;
//echo "asdf: " . ($usernameExists ? "yeah" : "nah");
//exit();
} catch (PDOException $e) {
echo 'Exception: ' . $e->getMessage();
}
if ($usernameExists and correct_credentials($username, $password)) {
$_SESSION["username"] = $username;
// TODO: Make the user go to the last page they were on after a successful login
header("Location: index.php");
exit;
} else {
$badLoginErr = "Sorry, your account name or password was wrong.";
}
<?php
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
require "generalFunctions.php";
$title = clean_input($_POST["title"]);
$artist = clean_input($_POST["artist"]);
$songUploader = clean_input($_POST["songUploader"]);
$playlistName = clean_input($_POST["playlistName"]);
$owner = clean_input($_POST["owner"]);
if (inputted_properly($title) and inputted_properly($artist) and inputted_properly($songUploader) and inputted_properly($playlistName) and inputted_properly($owner)) {
try {
$db = new PDO("sqlite:database/noiseFactionDatabase.db");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Check that the song we're looking for exists
$statement = $db->prepare("select * from Song where title = ? and artist = ? and uploader = ?;");
$result = $statement->execute(array($title, $artist, $songUploader));
if (!$result) {
throw new pdoDbException("Something's gone wrong with the prepared statement");
} else {
if ($statement->fetch() === false) {
// We don't necessarily need to do anything if the song didn't exist, just don't add it!
header("Location: /viewPlaylist.php?playlistName={$playlistName}&owner={$owner}");
exit;
}
}
// Get the next index for our playlist
$statement = $db->prepare("select max(track_no) from PlaylistContainsSong where playlistName = ? and playlistOwner = ?;");
$result = $statement->execute(array($playlistName, $owner));
if (!$result) {
