Don't run scrub_in on the subject and body; it's not touching the
database or being output back to the browser, and we send plain text
email. Anything malicious that can be done is a phpmailer bug.
Actually transfer all ASF tags into the asf tag array. I suspect that
some things like 'genre' may actually be multivalued, but I don't have
any samples to back that up.
Using a relative path required it to be run from the top-level
directory; we already do voodoo to figure out the correct prefix, so we
should use that.
Newer versions of the PCRE library changed behaviour so we can't
replace invalid characters by listing them, since it now requires
that the characters in a pattern are valid Unicode characters. Use an
inverted character class instead.
Might work.
According to the changelog, getID3 1.7.9 standardised on part_of_a_set
as the key for this info (pulled from TPOS or TPA, depending on the
minor version of ID3v2); we were looking for 'pos', which is wrong.
Previously we would say things like "1 seconds" and "1 hours". Using
the magic of ngettext and sprintf we can get rid of the static
concatenation order and become theoretically more translatable as well
as more correct in English.
Also changed the logic a bit, since the old looping method was
unfriendly to my brain.
Initial tag is case sensitive; we were emitting [Playlist] but some
players don't accept that. There is unfortunately no real standard to
check, but this does match what Winamp (ack, pthbbt) does.
Picard is putting multiple MBIDs in the tags now that MusicBrainz' new
schema is live. The easiest way to deal with this is to store all of
them as an aggregate value and match against that.
This would result in extra slashes, e.g.
'/\/([0-9]+?)\s\\\-\s(.+?)\..+$/' instead of
'/\/([0-9]+?)\s\-\s(.+?)\..+$/'
There are some unrelated cosmetic changes as well.
It seems that Chrome believes that commas end header values (it's
probably correct in this belief). Quoting the value should avoid this,
and potentially other issues.
This can, for instance, be used to allow LDAP authenticated users to use the
API without manually setting a password, as long as they've logged in using
the web interface at least once.
We were manually loading the vauth class (apparently to work around a
bug in Synology's PHP) but not calling vauth::_auto_init(), so the
default session handler was used. This normally does session locking,
so bad things happened.
