T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/domains/soundstudiopro.com/public_html/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/domains/soundstudiopro.com/public_html/api_track_play.php
<?php
session_start();
require_once 'config/database.php';

header('Content-Type: application/json');

// Check if request method is POST
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    echo json_encode(['success' => false, 'error' => 'Invalid request method']);
    exit;
}

// Get JSON input
$input = json_decode(file_get_contents('php://input'), true);
$track_id = $input['track_id'] ?? null;

if (!$track_id) {
    echo json_encode(['success' => false, 'error' => 'Track ID is required']);
    exit;
}

try {
    $pdo = getDBConnection();
    
    // Verify track exists and is public
    $stmt = $pdo->prepare("SELECT id FROM music_tracks WHERE id = ? AND is_public = 1");
    $stmt->execute([$track_id]);
    if (!$stmt->fetch()) {
        echo json_encode(['success' => false, 'error' => 'Track not found or not public']);
        exit;
    }
    
    // Add play (with user ID if logged in, or anonymous if not)
    $user_id = $_SESSION['user_id'] ?? null;
    
    if ($user_id) {
        // Check if user already played this track recently (within 1 hour)
        $stmt = $pdo->prepare("SELECT id FROM track_plays WHERE track_id = ? AND user_id = ? AND created_at > DATE_SUB(NOW(), INTERVAL 1 HOUR)");
        $stmt->execute([$track_id, $user_id]);
        if (!$stmt->fetch()) {
            // Add new play
            $stmt = $pdo->prepare("INSERT INTO track_plays (track_id, user_id, created_at) VALUES (?, ?, NOW())");
            $stmt->execute([$track_id, $user_id]);
        }
    } else {
        // Anonymous play (track by IP to prevent spam)
        $ip = $_SERVER['REMOTE_ADDR'] ?? 'unknown';
        $stmt = $pdo->prepare("SELECT id FROM track_plays WHERE track_id = ? AND ip_address = ? AND created_at > DATE_SUB(NOW(), INTERVAL 1 HOUR)");
        $stmt->execute([$track_id, $ip]);
        if (!$stmt->fetch()) {
            // Add new anonymous play
            $stmt = $pdo->prepare("INSERT INTO track_plays (track_id, ip_address, created_at) VALUES (?, ?, NOW())");
            $stmt->execute([$track_id, $ip]);
        }
    }
    
    echo json_encode(['success' => true]);
    
} catch (Exception $e) {
    echo json_encode(['success' => false, 'error' => 'Database error: ' . $e->getMessage()]);
}
?>

CasperSecurity Mini