Location: PHPKode > projects > Fretsweb > fretsweb-1.2/fretsweb/admin/addsong.php
<?php

/*
Fretsweb - A Frets on Fire chart server
Copyright (C) 2009, Daan Sprenkels

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

require_once "common.php";

//Login Test
session_start();
if($_SESSION['in'] < 1)
{
	header('location: login.php?need=moderator');
	die();
}

?>
<html>
<head>
<title>Add Songs</title>
<link href="../css.php" rel="stylesheet" type="text/css" />
<link href="../images/favicon.png" rel="icon">
</head>
<body><center>
<h2>Add song</h2>
<!-- code to handle the submissions - add the song! -->
<?php
include_once "log.php";


// called after a form submission?
if( isset($_POST['addsubmit']) ) {
	// parse song.ini and search for artist and title
	( $_FILES['song_ini']['name'] == "song.ini" ) or die( "File name differs from song.ini" );
	$inifilename = $_FILES['song_ini']['tmp_name'];
	$lines = file( $inifilename ) or die( "Can't open file" );
	foreach ($lines as $line_num => $line) {
		list( $key, $val ) = split( "=", $line );
		if ( strcasecmp( trim($key), "artist" ) == 0 ){
			$artist = trim($val);
		}
		if ( strcasecmp( trim($key), "name" ) == 0 ){
			$title = trim($val);
		}
	}
	( isset($artist) && isset($title) && strcmp($artist,"") && strcmp($title,"") ) or die( "Artist or tile not found in song.ini" );

	// get the SHA1 hash for notes.mid
	( $_FILES['notes_mid']['name'] == "notes.mid" ) or die( "File name differs from song.ini" );
	$midfilename = $_FILES['notes_mid']['tmp_name'];
	($fh = fopen( $midfilename, 'rb' )) or die( "Can't open file" );
	$data = fread( $fh, filesize( $midfilename ) );
	fclose( $fh );
	$hash = sha1( $data );
	$link = $_POST['link'];
	$query = "SELECT * FROM contest_songs WHERE hash = '$hash'";
	( $res = mysql_query( $query ) ) or die( "Cannot check if song already present." );
	if( mysql_num_rows( $res ) != 0 ){
		echo "<p class=\"info\">Warning: song already present in database</p>";
	}
	else
	{
		$query = "INSERT INTO contest_songs (hash, artist, title, link) 
          VALUES ('$hash','" . addslashes($artist) . "','" . addslashes($title) . "','" . addslashes($link) . "')";
		mysql_query( $query ) or die ( "Cannot insert data in database: ".mysql_error() );
		clog("Add song: $artist - $title ($hash)");
		if(strlen($link) > 3 && substr($link, 0, 4) == 'http')
			$downsentence = "$title can be downloaded at <a href=\"$link\">$link</a>.";
		cfeed("Added song $title", "The song $title from $artist has been added. $downsentence", 'songchange');
	}
}
?>

<!-- Show the songs currently in db -->
<?php
$songs = mysql_query( "SELECT `artist`, `title`, `hash` FROM `contest_songs` WHERE `request` = '0' ORDER BY `title`" );
$songsnum = mysql_numrows( $songs );
echo "<p>Songs currently in database:</p><table class=\"regular\"><tr><th>Artist</th><th>Title</th><th/></tr>";
for( $i = 0; $i < $songsnum; $i++ ) {
	echo "<tr><td>" . htmlspecialchars(mysql_result($songs, $i, "artist")) . "</td><td>" . htmlspecialchars(mysql_result($songs, $i, "title")) . "</td><td><a href=\"../song.php?hash=" . mysql_result($songs, $i, "hash" ) . "\"><img src=\"../images/information.png\"></a>
	<a href=\"editsong.php?hash=" . mysql_result($songs, $i, "hash" ) . "\"><img src=\"../images/pencil_go.png\"></a></td></tr>";
} 
echo "</table>";
?>

<!-- The add-song form -->
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
	<p>notes.mid: <input type="file" name="notes_mid" size="50" /></p>
	<p>song.ini:  <input type="file" name="song_ini"  size="50" /></p>
	<p>Download link:  <input type="text" name="link" size="50" /></p>
	<p><input type="submit" name="addsubmit" value="Add Song"></p>
</form>
<p><b><a href="index.php">Back to main administration panel</a></b><p>
</center></body>

<?php
	// close DB
	mysql_close( $db_link );
?>

Return current item: Fretsweb