Permalink
Browse files

* Conforming to the third_party_id & slots_new

* Handling error conditions in a better and more adaptable way


git-svn-id: https://burst-dev.com/svn/music/trunk@179 e45f5610-fc3d-44b0-8132-aad8e3f4226b
  • Loading branch information...
1 parent 46e83b0 commit 3f097434502cd7aa55091aeeb32aa2cf83e4306d stevenlu committed Dec 20, 2010
Showing with 131 additions and 149 deletions.
  1. +73 −119 app.upload.php
  2. +14 −30 inc.add.php
  3. +44 −0 include/database.php
View
@@ -1,53 +1,3 @@
-<?php
-// checks how many credits the user has available
-// pulls it from the database and sets it to a variable
-// if it is a facebook page, it will also take the owner's available slots
-
-$credit = $db->Raw("SELECT `credit`,`override` FROM `userdb_users` WHERE `user`='$user'");
-$credit = $credit[0]['credit']+$credit[0]['override'];
-
-$usage = $db->Raw("SELECT COUNT(*) FROM `userdb_uploads` WHERE `user`='$user' AND `type`='upload'");
-$usage = $usage[0]['COUNT(*)'];
-
-if (isset($_GET['fb_page_id']))
-{
- $credit_of_owner = $db->Raw("SELECT `credit`,`override` FROM `userdb_users` WHERE `user`='$_POST[fb_sig_user]'");
- $credit = $credit + $credit_of_owner[0]['credit'] + $credit_of_owner[0]['override'];
-
- $usage_of_owner = $db->Raw("SELECT COUNT(*) FROM `userdb_uploads` WHERE `user`='$_POST[fb_sig_user]'");
- $usage = $usage + $usage_of_owner[0]['COUNT(*)'];
-} else {
- $users_pages = $db->Raw("SELECT `fb_page_id` FROM `pages` WHERE `owner`=$user");
-
- if (count($users_pages) !== 0) {
- foreach ($users_pages as $page_parse)
- {
- $page_credit = $db->Raw("SELECT `credit`,`override` FROM `userdb_users` WHERE `user`='$page_parse[fb_page_id]'");
- $credit = $credit + $page_credit[0]['credit'] + $page_credit[0]['override'];
-
- $page_usage = $db->Raw("SELECT COUNT(*) FROM `userdb_uploads` WHERE `user`='$page_parse[fb_page_id]'");
- $usage = $usage + $page_usage[0]['COUNT(*)'];
- }
- }
-}
-?>
-
-<?php
-if($credit+$config['basicSlots'] <= $usage)
-{
- if(isset($_GET['fb_page_id']))
- {
- redirect('' . $config['fb']['fburl'] . '?tab=index&display=add&fb_page_id=' . $_GET['fb_page_id'] . '');
- }
- else
- {
- redirect('' . $config['fb']['fburl'] . '?tab=index&display=add');
- }
-
- die('An error has occured. You should not be able to access this page if you do not have enough available slots.');
-}
-?>
-
<?php if($_GET['step'] == 'reset') { ?>
<?php
$tempData = $db->Raw("SELECT `location` FROM `userdb_temporary` WHERE `user`='$user'");
@@ -59,82 +9,86 @@
<?php if(isset($_GET['fb_page_id'])) { redirect('' . $config['fb']['fburl'] . '?tab=index&fb_page_id=' . $_GET['fb_page_id'] . ''); } else { redirect('' . $config['fb']['fburl'] . '?tab=index'); } ?>
<?php } elseif($_GET['step'] == 2) { ?>
<?php
- if ($_FILES['upfile']['name'] == NULL) {
- // just a nasty looking forward to page, differentiating between profiles and pages.
- $error_msgs = array(
- 'no_file' => 'You didn\'t provide us a file for us to process.',
- 'file_format' => 'You gave us a file we could not understand, please check your file format and try again.',
- 'file_size' => 'The file you gave us was too big, please give us a smaller file.'
- );
-
- if(isset($_GET['fb_page_id']))
- {
- $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&error=" . urlencode($error_msgs['no_file']) . "&fb_page_id=" . $_GET['fb_page_id'] . "");
- }
- else
- {
- $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&error=" . urlencode($error_msgs['no_file']) . "");
- }
-
- } elseif(!in_array(strtolower(substr($_FILES['upfile']['name'], strrpos($_FILES['upfile']['name'], '.') + 1)), array('mp3','m4a','mp4','aac','flv'))) {
-
- if(isset($_GET['fb_page_id'])) { $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&error=" . urlencode($error_msgs['no_file']) . "&fb_page_id=" . $_GET['fb_page_id'] . ""); } else { $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&error=" . urlencode($error_msgs['no_file']) . ""); }
+
+ $error_msgs = array(
+ 'no_file' => 'You didn\'t provide us a file for us to process.',
+ 'file_format' => 'You gave us a file we could not understand, please check your file format and try again.',
+ 'file_size' => 'The file you gave us was too big, please give us a smaller file.',
+ 'bad_hash' => 'Couldn\'t authorize your upload, you might have cntl+t\'ed.',
+ 'temp_exists' => 'We already have a from you! Please continue or delete that entry.'
+ );
- } elseif ($_FILES['upfile']['size'] >= 20971520 || !file_exists($_FILES['upfile']['tmp_name'])) {
- if(isset($_GET['fb_page_id'])) { $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&error=" . urlencode($error_msgs['file_size']) . "&fb_page_id=" . $_GET['fb_page_id'] . ""); } else { $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&error=" . urlencode($error_msgs['file_size']) . ""); }
- ?>
- <?php } else { ?>
+ if (count($db->Raw("SELECT `user` FROM `userdb_temporary` WHERE `user`='$user'")) > 0)
+ $error = 'temp_exists';
+ else if ($_GET['hash'] !== md5($_GET['credit'] . ':' . $_GET['usage'] . ':' . $user . ':' . $config['fb']['secret']))
+ $error = 'bad_hash';
+ else if ($_FILES['upfile']['name'] == NULL)
+ $error = 'no_file';
+ else if (!in_array(strtolower(substr($_FILES['upfile']['name'], strrpos($_FILES['upfile']['name'], '.') + 1)), array('mp3','m4a','mp4','aac','flv')))
+ $error = 'file_format';
+ else if ($_FILES['upfile']['size'] >= 20971520 || !file_exists($_FILES['upfile']['tmp_name']))
+ $error = 'file_size';
+
+ if (isset($error))
+ {
+ $url_append = '';
+ if (isset($_GET['fb_page_id']))
+ $url_append = '&fb_page_id=' . $_GET['fb_page_id'];
+
+ $facebook->redirect($config['fb']['fburl'] . "?tab=index&error=" . urlencode($error_msgs[$error]) . $url_append);
+ die();
+ }
+ ?>
<?php
-
- // We are first going to check it there's something already our control.
- // If someone pressed the back button on their browser, they'll have a cache of old page
- // So we're gonna assume that they want this new song in place
- // therefore, we're going to replace it with the new data
-
- $tempData = $db->Raw("SELECT `location` FROM `userdb_temporary` WHERE `user`='$user'");
- if (count($tempData) > 0) {
- try {
- unlink($tempData[0]['location']);
- } catch (Exception $e) { }
- $db->Raw("DELETE FROM `userdb_temporary` WHERE `user`='$user' LIMIT 1"); // limit for good coding practice
- }
-
- require_once('include/getid3/getid3.php');
- $getid3 = new getID3;
- try
- {
- $id3data = $getid3->analyze($_FILES['upfile']['tmp_name']);
- getid3_lib::CopyTagsToComments($id3data);
- $title = htmlspecialchars(utf8_encode($id3data['comments_html']['title'][0]), ENT_QUOTES);
- $artist = htmlspecialchars(utf8_encode($id3data['comments_html']['artist'][0]), ENT_QUOTES);
- $playtime = $id3data['playtime_seconds'];
- $sample_rate = $id3data['audio']['sample_rate'];
- $filesize = $id3data['filesize'];
- $fileformat = $id3data['fileformat'];
- }
- catch (Exception $e)
- {
- echo 'ID3tag ERROR: ' . $e->message;
- }
+ // We are first going to check it there's something already our control.
+ // If someone pressed the back button on their browser, they'll have a cache of old page
+ // So we're gonna assume that they want this new song in place
+ // therefore, we're going to replace it with the new data
+
+ $tempData = $db->Raw("SELECT `location` FROM `userdb_temporary` WHERE `user`='$user'");
+ if (count($tempData) > 0) {
+ try {
+ unlink($tempData[0]['location']);
+ } catch (Exception $e) { }
+ $db->Raw("DELETE FROM `userdb_temporary` WHERE `user`='$user' LIMIT 1"); // limit for good coding practice
+ }
+
+ require_once('include/getid3/getid3.php');
+ $getid3 = new getID3;
- include 'include/class.encryption.php';
- $encryption = new encryption_class();
- $md5 = md5_file($_FILES['upfile']['tmp_name']);
- $secure_file_name = $encryption->encrypt(sha1($user), $md5);
+ try
+ {
+ $id3data = $getid3->analyze($_FILES['upfile']['tmp_name']);
+ getid3_lib::CopyTagsToComments($id3data);
+ $title = htmlspecialchars(utf8_encode($id3data['comments_html']['title'][0]), ENT_QUOTES);
+ $artist = htmlspecialchars(utf8_encode($id3data['comments_html']['artist'][0]), ENT_QUOTES);
+ $playtime = $id3data['playtime_seconds'];
+ $sample_rate = $id3data['audio']['sample_rate'];
+ $filesize = $id3data['filesize'];
+ $fileformat = $id3data['fileformat'];
+ }
+ catch (Exception $e)
+ {
+ echo 'ID3tag ERROR: ' . $e->message;
+ }
- $secure_temporary_location = '' . $config['server']['internal_url'] . 'users/temp/' . $secure_file_name . '.' . strtolower(substr($_FILES['upfile']['name'], strrpos($_FILES['upfile']['name'], '.') + 1)) . '';
- rename($_FILES['upfile']['tmp_name'], $secure_temporary_location);
+ include 'include/class.encryption.php';
+ $encryption = new encryption_class();
+ $md5 = md5_file($_FILES['upfile']['tmp_name']);
+ $secure_file_name = $encryption->encrypt(sha1($user), $md5);
- $db->Raw("INSERT INTO `userdb_temporary` (`user`,`title`,`artist`,`md5`,`filesize`,`fileformat`,`sample_rate`,`location`,`playtime`) VALUES ('$user','$title','$artist','$md5','$filesize','$fileformat','$sample_rate','$secure_temporary_location','$playtime')");
- ?>
-
- <div style="border: 1px solid #e2c822; background-color: #fff9d7; padding: 5px;">
- <b><a href="<?php echo "" . $config['fb']['fburl'] . "?tab=index&display=add&method=upload&step=3" . pages($_GET['fb_page_id']) . ""; ?>">Please click here if you are not automatically redirected within five seconds...</a></b>
- </div>
- <?php if(isset($_GET['fb_page_id'])) { $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&display=add&method=upload&step=3&fb_page_id=" . $_GET['fb_page_id'] . ""); } else { $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&display=add&method=upload&step=3"); } ?>
+ $secure_temporary_location = '' . $config['server']['internal_url'] . 'users/temp/' . $secure_file_name . '.' . strtolower(substr($_FILES['upfile']['name'], strrpos($_FILES['upfile']['name'], '.') + 1)) . '';
+ rename($_FILES['upfile']['tmp_name'], $secure_temporary_location);
+
+ $db->Raw("INSERT INTO `userdb_temporary` (`user`,`title`,`artist`,`md5`,`filesize`,`fileformat`,`sample_rate`,`location`,`playtime`) VALUES ('$user','$title','$artist','$md5','$filesize','$fileformat','$sample_rate','$secure_temporary_location','$playtime')");
+ ?>
+
+ <div style="border: 1px solid #e2c822; background-color: #fff9d7; padding: 5px;">
+ <b><a href="<?php echo "" . $config['fb']['fburl'] . "?tab=index&display=add&method=upload&step=3" . pages($_GET['fb_page_id']) . ""; ?>">Please click here if you are not automatically redirected within five seconds...</a></b>
+ </div>
+ <?php if(isset($_GET['fb_page_id'])) { $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&display=add&method=upload&step=3&fb_page_id=" . $_GET['fb_page_id'] . ""); } else { $facebook->redirect("" . $config['fb']['fburl'] . "?tab=index&display=add&method=upload&step=3"); } ?>
- <?php } ?>
<?php } elseif ($_GET['step'] == 3) { ?>
<?php if(isset($error)) { ?>
<?php if($error == 'missing_information') { ?>
View
@@ -1,37 +1,21 @@
<?php
-// checks how many credits the user has available
-// pulls it from the database and sets it to a variable
-// if it is a facebook page, it will also take the owner's available slots
-
-$credit = $db->Raw("SELECT `credit`,`override` FROM `userdb_users` WHERE `user`='$user'");
-$credit = $credit[0]['credit']+$credit[0]['override'];
-
-$usage = $db->Raw("SELECT COUNT(*) FROM `userdb_uploads` WHERE `user`='$user' AND `type`='upload'");
-$usage = $usage[0]['COUNT(*)'];
-
-if (isset($_GET['fb_page_id']))
+if (isset($_GET['fb_page_id']))
{
- $credit_of_owner = $db->Raw("SELECT `credit`,`override` FROM `userdb_users` WHERE `user`='$_POST[fb_sig_user]'");
- $credit = $credit + $credit_of_owner[0]['credit'] + $credit_of_owner[0]['override'];
-
- $usage_of_owner = $db->Raw("SELECT COUNT(*) FROM `userdb_uploads` WHERE `user`='$_POST[fb_sig_user]'");
- $usage = $usage + $usage_of_owner[0]['COUNT(*)'];
+ $otherids = $facebook->api_client->fql_query("SELECT page_id FROM page WHERE page_id IN (SELECT page_id FROM page_admin WHERE uid=" . $_POST['fb_sig_user'] . ") AND has_added_app=1");
+ $array_otherids = array();
+ foreach ($otherids as $page) $array_otherids[] = $page['page_id'];
}
else
{
- $users_pages = $db->Raw("SELECT `fb_page_id` FROM `pages` WHERE `owner`=$user");
-
- if (count($users_pages) !== 0) {
- foreach ($users_pages as $page_parse)
- {
- $page_credit = $db->Raw("SELECT `credit`,`override` FROM `userdb_users` WHERE `user`='$page_parse[fb_page_id]'");
- $credit = $credit + $page_credit[0]['credit'] + $page_credit[0]['override'];
-
- $page_usage = $db->Raw("SELECT COUNT(*) FROM `userdb_uploads` WHERE `user`='$page_parse[fb_page_id]'");
- $usage = $usage + $page_usage[0]['COUNT(*)'];
- }
- }
+ $otherids = json_decode($_POST['fb_sig_page_id']);
+ $array_otherids = array();
+ foreach ($otherids as $page) $array_otherids[] = $page[0];
}
+
+$credit = $db->getSlots($_POST['fb_sig_user']);
+$usage = $db->getUsage($array_otherids);
+$postHash = md5($credit . ':' . $usage . ':' . $user . ':' . $config['fb']['secret']);
+
?>
<div style="margin: 10px">
@@ -88,7 +72,7 @@
</td>
<td>
- <font size="2em"><u><?php echo $credit+2; ?></u> total slots, <u><?php echo ($credit+2)-$usage; ?></u> available for use, <b><a href="<?php echo $config['fb']['fburl']; ?>?tab=offers">get more here</a></b></font>
+ <font size="2em"><u><?php echo $credit+$config['basicSlots']; ?></u> total slots, <u><?php echo ($credit+$config['basicSlots'])-$usage; ?></u> available for use, <b><a href="<?php echo $config['fb']['fburl']; ?>?tab=offers">get more here</a></b></font>
</td>
</tr>
</table>
@@ -115,7 +99,7 @@
<?php error('Not enough slots!','You need more slots to use this feature! <a href="' . $config['fb']['fburl'] . '?tab=offers">Click here to get some!</a>'); // I want this an image overlaying the actual upload system ?>
<?php } else { ?>
<?php $progress_id = '' . $user . '.' . time() . ''; ?>
- <form name="form1" enctype="multipart/form-data" method="post" action="<?php echo $config['fb']['appcallbackurl']; ?>?tab=index&display=add&method=upload&step=2<?php echo pages($_GET['fb_page_id']); ?>&X-Progress-ID=<?php echo md5($progress_id); ?>">
+ <form name="form1" enctype="multipart/form-data" method="post" action="<?php echo $config['fb']['appcallbackurl']; ?>?tab=index&display=add&method=upload&step=2<?php echo pages($_GET['fb_page_id']); ?>&hash=<?php echo $postHash; ?>&credit=<?php echo $credit; ?>&usage=<?php echo $usage; ?>&X-Progress-ID=<?php echo md5($progress_id); ?>">
<table class="editorkit" border="0" cellspacing="0" style="width:425px">
<tr class="width_setter">
<th style="width:75px"></th>
View
@@ -50,6 +50,50 @@ public function Raw ($mQuery) {
return $mReturnData;
}
+ public function getSlots($user)
+ {
+ $slots = $this->Raw("SELECT `credit`,`credit_new`,`override` FROM `userdb_users` WHERE `user`='$user'");
+
+ if (count($slots) == 0)
+ return 0;
+
+ $slots = $slots[0]['credit']+$slots[0]['credit_new']+$slots[0]['override'];
+ return $slots;
+ }
+
+ public function getUsage($input)
+ {
+ if (is_array($input))
+ {
+ $idString = "'";
+ foreach ($input as $user) $idString .= $user . "','";
+ $idString = substr($idString, 0, -2);
+ $usage = $this->Raw("SELECT COUNT(*) FROM `userdb_uploads` WHERE `user` IN ($idString)");
+ }
+ else
+ {
+ $usage = $this->Raw("SELECT COUNT(*) FROM `userdb_uploads` WHERE `user`='$input'");
+ }
+
+ return $usage[0]['COUNT(*)'];
+ }
+
+ /*
+ checkSlots
+ checks to see if the inputted user has available slots
+ @return: boolean $return
+ @arg: int $user, array() $ids, obj. $facebook
+ */
+ public function checkSlots($user, $ids)
+ {
+ $slots = getSlots();
+ $usage = getUsage();
+
+ if ($slots-$usage > 0)
+ return true;
+ }
+
+
public function getStats($user, $activity, $offset='-1 year')
{
switch($activity)

0 comments on commit 3f09743

Please sign in to comment.