Gazelle/sections/torrents/takemasspm.php

62 lines
2.3 KiB
PHP
Raw Normal View History

2011-03-28 14:21:28 +00:00
<?
//******************************************************************************//
2013-04-24 08:00:23 +00:00
//--------------- Take mass PM -------------------------------------------------//
// This pages handles the backend of the 'Send Mass PM' function. It checks //
// the data, and if it all validates, it sends a PM to everyone who snatched //
// the torrent. //
2011-03-28 14:21:28 +00:00
//******************************************************************************//
authorize();
enforce_login();
2013-05-27 08:00:58 +00:00
require(SERVER_ROOT.'/classes/validate.class.php');
2011-03-28 14:21:28 +00:00
$Validate = new VALIDATE;
$TorrentID = (int)$_POST['torrentid'];
$GroupID = (int)$_POST['groupid'];
$Subject = $_POST['subject'];
$Message = $_POST['message'];
//******************************************************************************//
//--------------- Validate data in edit form -----------------------------------//
// FIXME: Still need a better perm name
2013-04-24 08:00:23 +00:00
if (!check_perms('site_moderate_requests')) {
2011-03-28 14:21:28 +00:00
error(403);
}
2013-07-04 08:00:56 +00:00
$Validate->SetFields('torrentid', '1', 'number', 'Invalid torrent ID.', array('maxlength' => 1000000000, 'minlength' => 1)); // we shouldn't have torrent IDs higher than a billion
$Validate->SetFields('groupid', '1', 'number', 'Invalid group ID.', array('maxlength' => 1000000000, 'minlength' => 1)); // we shouldn't have group IDs higher than a billion either
$Validate->SetFields('subject', '0', 'string', 'Invalid subject.', array('maxlength' => 1000, 'minlength' => 1));
$Validate->SetFields('message', '0', 'string', 'Invalid message.', array('maxlength' => 10000, 'minlength' => 1));
2011-03-28 14:21:28 +00:00
$Err = $Validate->ValidateForm($_POST); // Validate the form
2013-04-24 08:00:23 +00:00
if ($Err) {
2011-03-28 14:21:28 +00:00
error($Err);
header('Location: '.$_SERVER['HTTP_REFERER']);
die();
}
//******************************************************************************//
//--------------- Send PMs to users --------------------------------------------//
2013-07-04 08:00:56 +00:00
$DB->query("
SELECT uid
FROM xbt_snatched
WHERE fid = $TorrentID");
2011-03-28 14:21:28 +00:00
2013-04-24 08:00:23 +00:00
if ($DB->record_count() > 0) {
2011-03-28 14:21:28 +00:00
// Save this because send_pm uses $DB to run its own query... Oops...
$Snatchers = $DB->to_array();
2013-02-22 08:00:24 +00:00
foreach ($Snatchers as $UserID) {
2013-03-10 08:00:41 +00:00
Misc::send_pm($UserID[0], 0, $Subject, $Message);
2011-03-28 14:21:28 +00:00
}
}
2013-04-24 08:00:23 +00:00
Misc::write_log($LoggedUser['Username']." sent mass notice to snatchers of torrent $TorrentID in group $GroupID");
2011-03-28 14:21:28 +00:00
header("Location: torrents.php?id=$GroupID");
?>