TimeCapsule/tagada/jukebox/upload.php

<?php
mysql_connect('mysql5-2.bdb', 'crystalynet', 'pentium4');
mysql_select_db('crystalynet');
mysql_query('SET NAMES UTF8');

if (isset($_GET['vote'])) {
	mysql_query('UPDATE mp3 SET nb_vote=nb_vote+1 WHERE id = '. $_GET['vote']);
}

if (isset($_FILES['Filedata']['name']) && isset($_FILES['Filedata']) && $_FILES['Filedata']['error'] == 0 && $_FILES['Filedata']['size'] != 0) {
	$infosfichier = pathinfo($_FILES['Filedata']['name']);
	$extension_upload = $infosfichier['extension'];
	$extensions_autorisees = array('mp3');

	if (in_array($extension_upload, $extensions_autorisees)) {
		$uploadDir = './mp3/';
		$uploadFile = $uploadDir . basename($_FILES['Filedata']['name']);
		move_uploaded_file($_FILES['Filedata']['tmp_name'], stripslashes(str_replace("'", ' ', $uploadFile)));

		mysql_query('INSERT INTO mp3 VALUES("", "'. str_replace("'", ' ', str_replace('.mp3', '', $_FILES['Filedata']['name'])) .'", 0)');
	}
}

mysql_close();
?>