diff --git a/airtime_mvc/application/controllers/ApiController.php b/airtime_mvc/application/controllers/ApiController.php
index 4dce47a29..2435b4e87 100644
--- a/airtime_mvc/application/controllers/ApiController.php
+++ b/airtime_mvc/application/controllers/ApiController.php
@@ -120,6 +120,8 @@ class ApiController extends Zend_Controller_Action
         if ($media != null) {
 
             $filepath = $media->getFilePath();
+            // Make sure we don't have some wrong result beecause of caching
+            clearstatcache();
             if (is_file($filepath)) {
                 $full_path = $media->getPropelOrm()->getDbFilepath();
 
@@ -468,8 +470,8 @@ class ApiController extends Zend_Controller_Action
         // Replace this compound result in a hash with proper error handling later on
         $return_hash = array();
         Application_Model_Preference::SetImportTimestamp();
-        Logging::info("--->Mode: $mode || file: {$md['MDATA_KEY_FILEPATH']} ");
-        Logging::info( $md );
+        //Logging::info("--->Mode: $mode || file: {$md['MDATA_KEY_FILEPATH']} ");
+        //Logging::info( $md );
         if ($mode == "create") {
             $filepath = $md['MDATA_KEY_FILEPATH'];
             $filepath = Application_Common_OsPath::normpath($filepath);
diff --git a/airtime_mvc/application/models/Datatables.php b/airtime_mvc/application/models/Datatables.php
index e11395fa0..041530407 100644
--- a/airtime_mvc/application/models/Datatables.php
+++ b/airtime_mvc/application/models/Datatables.php
@@ -4,7 +4,8 @@ class Application_Model_Datatables
 {
     private static function buildWhereClauseForAdvancedSearch($dbname2searchTerm)
     {
-        $where = array();
+        $where['clause'] = array();
+        $where['params'] = array();
         foreach ($dbname2searchTerm as $dbname=>$term) {
             $isRange = false;
             if (strstr($term, '~')) {
@@ -24,22 +25,27 @@ class Application_Model_Datatables
             if ($isRange) {
                 $sub = array();
                 if ($input1 != null) {
-                    $sub[] = $dbname." >= '".$input1."'";
+                    $sub[] = $dbname." >= :" . $dbname . "1";
                 }
                 if ($input2 != null) {
-                    $sub[] = $dbname." <= '".$input2."'";
+                    $sub[] = $dbname." <= :" . $dbname . "2";
                 }
                 if (!empty($sub)) {
-                    $where[] = "(".implode(' AND ', $sub).")";
+                    $where['clause'][$dbname] = "(".implode(' AND ', $sub).")";
+                    $where['params'][$dbname."1"] = $input1;
+                    if ($input2 != null) {
+                        $where['params'][$dbname."2"] = $input2;
+                    }
                 }
             } else {
                 if (trim($input1) !== "") {
-                    $where[] = $dbname." ILIKE "."'%".$input1."%'";
+                    $where['clause'][$dbname] = $dbname." ILIKE :" . $dbname."1";
+                    $where['params'][$dbname."1"] = "%".$input1."%";
                 }
             }
         }
 
-        return implode(" AND ", $where);
+        return $where;
     }
     /*
      * query used to return data for a paginated/searchable datatable.
@@ -73,10 +79,15 @@ class Application_Model_Datatables
         }
 
         $where = array();
+        /* Holds the parameters for binding after the
+         * statement has been prepared
+         */
+        $params = array();
 
         $advancedWhere = self::buildWhereClauseForAdvancedSearch($dbname2searchTerm);
-        if ($advancedWhere != "") {
-            $where[] = $advancedWhere;
+        if (!empty($advancedWhere['clause'])) {
+            $where[] = join(" AND ", $advancedWhere['clause']);
+            $params = $advancedWhere['params'];
         }
 
         if ($data["sSearch"] !== "") {
@@ -99,17 +110,19 @@ class Application_Model_Datatables
             }
 
             $outerCond = array();
+            $simpleWhere = array();
 
             foreach ($searchTerms as $term) {
                 $innerCond = array();
 
                 foreach ($searchCols as $col) {
-                    $escapedTerm = pg_escape_string($term);
-                    $innerCond[] = "{$col}::text ILIKE '%{$escapedTerm}%'";
+                    $simpleWhere['clause']["simple_".$col] = "{$col}::text ILIKE :simple_".$col;
+                    $simpleWhere['params']["simple_".$col] = "%".$term."%"; 
                 }
-                $outerCond[] = "(".join(" OR ", $innerCond).")";
+                $outerCond[] = "(".implode(" OR ", $simpleWhere['clause']).")";
             }
-            $where[] = "(".join(" AND ", $outerCond).")";
+            $where[] = "(" .implode(" AND ", $outerCond). ")";
+            $params = array_merge($params, $simpleWhere['params']);
         }
         // End Where clause
 
@@ -124,8 +137,10 @@ class Application_Model_Datatables
         // End Order By clause
 
         $displayLength = intval($data["iDisplayLength"]);
+        $needToBind = false;
         if (count($where) > 0) {
-            $where = join(" AND ", $where);
+            $needToBind = true;
+            $where = join(" OR ", $where);
             $sql = $selectorCount." FROM ".$fromTable." WHERE ".$where;
             $sqlTotalDisplayRows = $sql;
 
@@ -149,15 +164,41 @@ class Application_Model_Datatables
             $totalRows = $r->fetchColumn(0);
 
             if (isset($sqlTotalDisplayRows)) {
-                $r = $con->query($sqlTotalDisplayRows);
-                $totalDisplayRows = $r->fetchColumn(0);
+                $stmt = $con->prepare($sqlTotalDisplayRows);
+                foreach($params as $param=>&$value) {
+                    $stmt->bindParam(":$param", $value);
+                }
+                if ($stmt->execute()) {
+                    $totalDisplayRows = $stmt->fetchColumn(0);
+                } else {
+                    $msg = implode(',', $stmt->errorInfo());
+                    throw new Exception("Error: $msg");
+                }
             } else {
                 $totalDisplayRows = $totalRows;
             }
 
-            $r = $con->query($sql);
-            $r->setFetchMode(PDO::FETCH_ASSOC);
-            $results = $r->fetchAll();
+            //TODO
+            if ($needToBind) {
+                $stmt = $con->prepare($sql);
+                
+                foreach($params as $param=>&$value) {
+                    $stmt->bindParam(":$param", $value);
+                }
+                
+                if ($stmt->execute()) {
+                    $stmt->setFetchMode(PDO::FETCH_ASSOC);
+                    $results = $stmt->fetchAll();
+                } else {
+                    $msg = implode(',', $stmt->errorInfo());
+                    throw new Exception("Error: $msg");
+                }
+            } else {
+                $stmt = $con->query($sql);
+                $stmt->setFetchMode(PDO::FETCH_ASSOC);
+                $results = $stmt->fetchAll();
+            }
+            
             // we need to go over all items and fix length for playlist
             // in case the playlist contains dynamic block
             foreach ($results as &$r) {
diff --git a/airtime_mvc/application/models/Preference.php b/airtime_mvc/application/models/Preference.php
index 16c9e44c7..3f0f54844 100644
--- a/airtime_mvc/application/models/Preference.php
+++ b/airtime_mvc/application/models/Preference.php
@@ -16,9 +16,6 @@ class Application_Model_Preference
                 $id = $auth->getIdentity()->id;
             }
 
-            $key = pg_escape_string($key);
-            $value = pg_escape_string($value);
-
             //Check if key already exists
             $sql = "SELECT COUNT(*) FROM cc_pref"
             ." WHERE keystr = '$key'";
diff --git a/airtime_mvc/application/models/StoredFile.php b/airtime_mvc/application/models/StoredFile.php
index 2e41e4e65..39e5fd0af 100644
--- a/airtime_mvc/application/models/StoredFile.php
+++ b/airtime_mvc/application/models/StoredFile.php
@@ -405,12 +405,16 @@ class Application_Model_StoredFile
      */
     public function getFileExtension()
     {
+        // TODO : what's the point of having this function? Can we not just use
+        // the extension from the file_path column from cc_files?
         $mime = $this->_file->getDbMime();
 
         if ($mime == "audio/vorbis" || $mime == "application/ogg") {
             return "ogg";
         } elseif ($mime == "audio/mp3" || $mime == "audio/mpeg") {
             return "mp3";
+        } elseif ($mime == "audio/x/flac") {
+            return "flac";
         }
     }
 
diff --git a/airtime_mvc/application/models/StreamSetting.php b/airtime_mvc/application/models/StreamSetting.php
index c17b1ef92..61a179d8a 100644
--- a/airtime_mvc/application/models/StreamSetting.php
+++ b/airtime_mvc/application/models/StreamSetting.php
@@ -3,50 +3,63 @@ class Application_Model_StreamSetting
 {
     public static function setValue($key, $value, $type)
     {
-        global $CC_CONFIG;
         $con = Propel::getConnection();
 
-        $key = pg_escape_string($key);
-        $value = pg_escape_string($value);
-
         // Check if key already exists
         $sql = "SELECT COUNT(*) FROM cc_stream_setting"
-            ." WHERE keyname = '$key'";
+            ." WHERE keyname = :key";
 
-        $result = $con->query($sql)->fetchColumn(0);
+        $stmt = $con->prepare($sql);
+        $stmt->bindParam(':key', $key);
+        
+        if ($stmt->execute()) {
+            $result = $stmt->fetchColumn(0);
+        } else {
+            $msg = implode(',', $stmt->errorInfo());
+            throw new Exception("Error: $msg");
+        }
 
         if ($result == 1) {
             $sql = "UPDATE cc_stream_setting"
-            ." SET value = '$value', type='$type'"
-            ." WHERE keyname = '$key'";
+            ." SET value = :value, type = :type"
+            ." WHERE keyname = :key";
         } else {
             $sql = "INSERT INTO cc_stream_setting (keyname, value, type)"
-            ." VALUES ('$key', '$value', '$type')";
+            ." VALUES (:key, :value, :type)";
         }
 
-        return $con->exec($sql);
+        $stmt = $con->prepare($sql);
+        $stmt->bindParam(':key', $key);
+        $stmt->bindParam(':value', $value);
+        $stmt->bindParam(':type', $type);
+        
+        if ($stmt->execute()) {
+            //do nothing
+        } else {
+            $msg = implode(',', $stmt->errorInfo());
+            throw new Exception("Error: $msg");
+        }
     }
 
     public static function getValue($key)
     {
-        global $CC_CONFIG;
         $con = Propel::getConnection();
-
+        
         //Check if key already exists
-        $sql = "SELECT COUNT(*) FROM cc_stream_setting"
-        ." WHERE keyname = '$key'";
-        $result = $con->query($sql)->fetchColumn(0);
+        $sql = "SELECT value FROM cc_stream_setting"
+        ." WHERE keyname = :key";
 
-        if ($result == 0) {
-            return "";
+        $stmt = $con->prepare($sql);
+        $stmt->bindParam(':key', $key);
+        
+        if ($stmt->execute()) {
+            $result = $stmt->fetchColumn(0);
         } else {
-            $sql = "SELECT value FROM cc_stream_setting"
-                ." WHERE keyname = '$key'";
-
-            $result = $con->query($sql)->fetchColumn(0);
-
-            return ($result !== false) ? $result : null;
+            $msg = implode(',', $stmt->errorInfo());
+            throw new Exception("Error: $msg");
         }
+
+        return $result ? $result : "";
     }
 
     /* Returns the id's of all streams that are enabled in an array. An
@@ -95,9 +108,18 @@ class Application_Model_StreamSetting
         $con = Propel::getConnection();
         $sql = "SELECT * "
                 ."FROM cc_stream_setting "
-                ."WHERE keyname LIKE '${p_streamId}_%'";
+                ."WHERE keyname LIKE :stream_id";
+
+        $stmt = $con->prepare($sql);
+        $stmt->bindParam(':stream_id', "${p_streamId}_%");
+        
+        if ($stmt->execute()) {
+            $rows = $stmt->fetchAll();
+        } else {
+            $msg = implode(',', $stmt->errorInfo());
+            throw new Exception("Error: $msg");
+        }
 
-        $rows = $con->query($sql)->fetchAll();
         $data = array();
 
         foreach ($rows as $row) {
@@ -197,21 +219,6 @@ class Application_Model_StreamSetting
         }
     }
 
-    /*
-     * Sets indivisual stream setting.
-     *
-     * $data - data array. $data is [].
-     */
-    public static function setIndivisualStreamSetting($data)
-    {
-        $con = Propel::getConnection();
-
-        foreach ($data as $keyname => $v) {
-            $sql = "UPDATE cc_stream_setting SET value='$v' WHERE keyname='$keyname'";
-            $con->exec($sql);
-        }
-    }
-
     /*
      * Stores liquidsoap status if $boot_time > save time.
      * save time is the time that user clicked save on stream setting page
@@ -224,17 +231,37 @@ class Application_Model_StreamSetting
         if ($boot_time == null || $boot_time > $update_time) {
             $keyname = "s".$stream_id."_liquidsoap_error";
             $sql = "SELECT COUNT(*) FROM cc_stream_setting"
-                ." WHERE keyname = '$keyname'";
-            $result = $con->query($sql)->fetchColumn(0);
+                ." WHERE keyname = :keyname";
+
+            $stmt = $con->prepare($sql);
+            $stmt->bindParam(':keyname', $keyname);
+
+            if ($stmt->execute()) {
+                $result= $stmt->fetchColumn(0);
+            } else {
+                $msg = implode(',', $stmt->errorInfo());
+                throw new Exception("Error: $msg");
+            }
+
             if ($result == 1) {
                 $sql = "UPDATE cc_stream_setting"
-                    ." SET value = '$msg'"
-                    ." WHERE keyname = '$keyname'";
+                    ." SET value = :msg"
+                    ." WHERE keyname = :keyname";
             } else {
                 $sql = "INSERT INTO cc_stream_setting (keyname, value, type)"
-                    ." VALUES ('$keyname', '$msg', 'string')";
+                    ." VALUES (:keyname, :msg, 'string')";
+            }
+
+            $stmt = $con->prepare($sql);
+            $stmt->bindParam(':keyname', $keyname);
+            $stmt->bindParam(':msg', $msg);
+
+            if ($stmt->execute()) {
+                //do nothing
+            } else {
+                $msg = implode(',', $stmt->errorInfo());
+                throw new Exception("Error: $msg");
             }
-            $res = $con->exec($sql);
         }
     }
 
@@ -244,8 +271,17 @@ class Application_Model_StreamSetting
 
         $keyname = "s".$stream_id."_liquidsoap_error";
         $sql = "SELECT value FROM cc_stream_setting"
-            ." WHERE keyname = '$keyname'";
-        $result = $con->query($sql)->fetchColumn(0);
+            ." WHERE keyname = :keyname";
+
+        $stmt = $con->prepare($sql);
+        $stmt->bindParam(':keyname', $keyname);
+
+        if ($stmt->execute()) {
+            $result= $stmt->fetchColumn(0);
+        } else {
+            $msg = implode(',', $stmt->errorInfo());
+            throw new Exception("Error: $msg");
+        }
 
         return ($result !== false) ? $result : null;
     }
@@ -256,15 +292,19 @@ class Application_Model_StreamSetting
 
         $keyname = "s" . $stream_id . "_enable";
         $sql = "SELECT value FROM cc_stream_setting"
-        ." WHERE keyname = '$keyname'";
-        $result = $con->query($sql)->fetchColumn(0);
-        if ($result == 'false') {
-            $result = false;
+        ." WHERE keyname = :keyname";
+
+        $stmt = $con->prepare($sql);
+        $stmt->bindParam(':keyname', $keyname);
+
+        if ($stmt->execute()) {
+            $result= $stmt->fetchColumn(0);
         } else {
-            $result = true;
+            $msg = implode(',', $stmt->errorInfo());
+            throw new Exception("Error: $msg");
         }
 
-        return $result;
+        return ($result != 'false');
     }
 
     /*
@@ -279,13 +319,22 @@ class Application_Model_StreamSetting
         $enabled_stream = self::getEnabledStreamIds();
 
         foreach ($enabled_stream as $stream) {
-            $keys = "'".$stream."_output', "."'".$stream."_type', "."'"
-                .$stream."_bitrate', "."'".$stream."_host'";
+            $keys = array("{$stream}_output", "{$stream}_type", "{$stream}_bitrate", "{$stream}_host");
+            $key_csv = implode(',', $keys);
 
             $sql = "SELECT keyname, value FROM cc_stream_setting"
-                ." WHERE keyname IN ($keys)";
+                ." WHERE keyname IN (:key_csv)";
+
+            $stmt = $con->prepare($sql);
+            $stmt->bindParam(':key_csv', $key_csv);
+
+            if ($stmt->execute()) {
+                $rows = $stmt->fetchAll();
+            } else {
+                $msg = implode(',', $stmt->errorInfo());
+                throw new Exception("Error: $msg");
+            }
 
-            $rows = $con->query($sql)->fetchAll();
             $info = array();
             foreach ($rows as $r) {
                 $temp = explode("_", $r['keyname']);
diff --git a/dev_tools/release/release.sh b/dev_tools/release/release.sh
index 4b44b0686..4ca00c19e 100755
--- a/dev_tools/release/release.sh
+++ b/dev_tools/release/release.sh
@@ -35,15 +35,10 @@ cd $target
 
 echo "Checking out tag airtime-${suffix}"
 git checkout airtime-${suffix}
-git submodule init
-git submodule update
 
-cd python_apps/pypo/liquidsoap_bin/
-git checkout master
-git pull origin master
 
 cd $target
-rm -rf .git .gitignore .gitmodules .zfproject.xml dev_tools/ audio_samples/ python_apps/pypo/liquidsoap_bin/.git
+rm -rf .git .gitignore .gitmodules .zfproject.xml dev_tools/ audio_samples/ 
 
 #echo "Minimizing Airtime Javascript files..."
 #cd $dir
diff --git a/python_apps/media-monitor2/media/monitor/pure.py b/python_apps/media-monitor2/media/monitor/pure.py
index fedd61e62..77a725941 100644
--- a/python_apps/media-monitor2/media/monitor/pure.py
+++ b/python_apps/media-monitor2/media/monitor/pure.py
@@ -488,15 +488,15 @@ def toposort(data):
     """
     Topological sort on 'data' where 'data' is of the form:
         data = [
-            'one' : set('two','three'),
-            'two' : set('three'),
+            'one'   : set('two','three'),
+            'two'   : set('three'),
             'three' : set()
         ]
     """
     for k, v in data.items():
         v.discard(k) # Ignore self dependencies
     extra_items_in_deps = reduce(set.union, data.values()) - set(data.keys())
-    data.update({item:set() for item in extra_items_in_deps})
+    data.update(dict((item,set()) for item in extra_items_in_deps))
     while True:
         ordered = set(item for item,dep in data.items() if not dep)
         if not ordered: break
diff --git a/utils/rabbitmq-update-pid.sh b/utils/rabbitmq-update-pid.sh
index 382515428..d5360b2fe 100755
--- a/utils/rabbitmq-update-pid.sh
+++ b/utils/rabbitmq-update-pid.sh
@@ -1,16 +1,16 @@
 #!/bin/bash
 
-#Hack to parse rabbitmq pid and place it into the correct directory. This is also
-#done in our rabbitmq init.d script, but placing it here so that monit recognizes 
-# it faster (in time for the upcoming airtime-check-system)
-codename=`lsb_release -cs`
-if [ "$codename" = "lucid" -o "$codename" = "maverick" -o "$codename" = "natty" -o "$codename" = "squeeze" ]
-then
-    rabbitmqpid=`sed "s/.*,\(.*\)\}.*/\1/" /var/lib/rabbitmq/pids`
-else
-    #RabbitMQ in Ubuntu Oneiric and newer have a different way of storing the PID.
+/etc/init.d/rabbitmq-server status | grep "\[{pid"
+pid_found="$?"
+
+if [ "$pid_found" == "0" ]; then
+    #PID is available in the status message
     rabbitmqstatus=`/etc/init.d/rabbitmq-server status | grep "\[{pid"`
     rabbitmqpid=`echo $rabbitmqstatus | sed "s/.*,\(.*\)\}.*/\1/"`
+else
+    #PID should be available from file
+    rabbitmqpid=`sed "s/.*,\(.*\)\}.*/\1/" /var/lib/rabbitmq/pids`
 fi
+
 echo "RabbitMQ PID: $rabbitmqpid"
 echo "$rabbitmqpid" > /var/run/rabbitmq.pid