T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/domains/soundstudiopro.com/private_html/api/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/domains/soundstudiopro.com/private_html/api/update_crate_description.php
<?php
/**
 * Update Crate Description
 * POST: { crate_id: int, description: string }
 */
session_start();
header('Content-Type: application/json');

require_once '../config/database.php';

if (!isset($_SESSION['user_id'])) {
    echo json_encode(['success' => false, 'error' => 'Not authenticated']);
    exit;
}

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    echo json_encode(['success' => false, 'error' => 'Invalid request method']);
    exit;
}

$input = json_decode(file_get_contents('php://input'), true);
$crate_id = isset($input['crate_id']) ? (int)$input['crate_id'] : 0;
$description = isset($input['description']) ? trim($input['description']) : '';

if (!$crate_id) {
    echo json_encode(['success' => false, 'error' => 'Crate ID is required']);
    exit;
}

// Limit description length
if (strlen($description) > 500) {
    echo json_encode(['success' => false, 'error' => 'Description too long (max 500 characters)']);
    exit;
}

try {
    $pdo = getDBConnection();
    
    // Verify crate belongs to user
    $stmt = $pdo->prepare("SELECT id FROM artist_playlists WHERE id = ? AND user_id = ?");
    $stmt->execute([$crate_id, $_SESSION['user_id']]);
    
    if (!$stmt->fetch()) {
        echo json_encode(['success' => false, 'error' => 'Crate not found or access denied']);
        exit;
    }
    
    // Update description
    $stmt = $pdo->prepare("UPDATE artist_playlists SET description = ?, updated_at = NOW() WHERE id = ?");
    $stmt->execute([$description, $crate_id]);
    
    echo json_encode([
        'success' => true,
        'description' => $description,
        'message' => 'Description updated successfully'
    ]);
    
} catch (Exception $e) {
    error_log("Error updating crate description: " . $e->getMessage());
    echo json_encode(['success' => false, 'error' => 'Failed to update description']);
}

CasperSecurity Mini