/** * Add a song to the library * * @param artist_id int: the related artist primary key * @param album_id int: the related album primary key * @param genre_id int: the related genre primary key * @param song_array array: the array of song info * @return int: the song insert id * @see apps/client/lib/MediaScan.class.php for information about the song_array */ public function addSong($artist_id, $album_id, $last_scan_id, $song_array) { if (isset($song_array['filename']) && !empty($song_array['filename']) && isset($song_array['mtime']) && !empty($song_array['mtime']) && $last_scan_id) { $song = new Song(); $song->unique_id = sha1(uniqid('', true) . mt_rand(1, 99999999)); $song->artist_id = (int) $artist_id; $song->album_id = (int) $album_id; $song->scan_id = (int) $last_scan_id; $song->name = $song_array['song_name']; $song->length = $song_array['song_length']; $song->accurate_length = (int) $song_array['accurate_length']; $song->filesize = (int) $song_array['filesize']; $song->bitrate = (int) $song_array['bitrate']; $song->yearpublished = (int) $song_array['yearpublished']; $song->tracknumber = (int) $song_array['tracknumber']; $song->label = $song_array['label']; $song->mtime = (int) $song_array['mtime']; $song->atime = (int) $song_array['atime']; $song->filename = $song_array['filename']; $song->save(); $id = $song->getId(); $song->free(); unset($song, $song_array); return $id; } return false; }
# Process sign in if (isset($_POST['signin']) && empty($_POST['signin']) && !empty($_POST['username']) && !empty($_POST['email']) && !empty($_POST['password']) && !empty($_POST['password-confirm']) && $_POST['password'] === $_POST['password-confirm']) { $user = addslashes(htmlspecialchars($_POST['username'])); $email = addslashes(htmlspecialchars($_POST['email'])); $passwd = addslashes(htmlspecialchars($_POST['password'])); User::create($user, $email, $passwd); $_SESSION['signedIn'] = true; } # Process comment if (isset($_POST['comment']) && isset($_POST['song']) && is_numeric($_POST['song']) && isset($_POST['text']) && !empty($_POST['text']) && preg_match("/[a-zA-Z0-9]/", trim($_POST['text'])) && isset($_SESSION['online']) && $_SESSION['online']) { $db = $_SESSION['db']; $song = new Song($_POST['song']); $user_id = $_SESSION['user']->getId(); $text = preg_replace("/_3/", "♥", htmlspecialchars(trim(preg_replace("/<3/", "_3", $_POST['text'])))); $stmt = $song->userHasCommented($user_id) ? $db->prepare("update comment set text = :text, date = unix_timestamp() where user = :user and song = :song;") : $db->prepare("insert into comment (user, song, text, date) values (:user, :song, :text, unix_timestamp());"); $stmt->execute(array("user" => $user_id, "song" => $song->getId(), "text" => $text)); $stmt->closeCursor(); $_SESSION['commented'] = true; } # Process regular search /** * @author Jérôme Boesch * */ if (isset($_GET['q']) && !empty($_GET['q'])) { $db = $_SESSION['db']; $q = htmlspecialchars($_GET['q']); $search_songs = array(); $search_albums = array(); $search_artists = array(); $search_users = array();