Gazelle/sections/reportsv2/ajax_take_pm.php

75 lines
1.9 KiB
PHP
Raw Normal View History

2011-03-28 14:21:28 +00:00
<?
/*
* This is the AJAX backend for the SendNow() function.
*/
authorize();
if(!check_perms('admin_reports')){
echo 'HAX on premissions!';
die();
}
$Recipient = $_POST['pm_type'];
$TorrentID = $_POST['torrentid'];
if(isset($_POST['uploader_pm']) && $_POST['uploader_pm'] != "") {
$Message = $_POST['uploader_pm'];
} else {
//No message given
die();
}
if(!is_number($_POST['categoryid']) || !is_number($TorrentID)) {
echo 'HAX on categoryid!';
die();
} else {
$CategoryID = $_POST['categoryid'];
}
if (array_key_exists($_POST['type'], $Types[$CategoryID])) {
$ReportType = $Types[$CategoryID][$_POST['type']];
} else if(array_key_exists($_POST['type'],$Types['master'])) {
$ReportType = $Types['master'][$_POST['type']];
} else {
//There was a type but it wasn't an option!
echo 'HAX on section type';
die();
}
if(!isset($_POST['from_delete'])) {
$Report = true;
} else if(!is_number($_POST['from_delete'])) {
echo 'Hax occured in from_delete';
}
if($Recipient == 'Uploader') {
$ToID = $_POST['uploaderid'];
if($Report) {
$Message = "You uploaded [url=http://".NONSSL_SITE_URL."/torrents.php?torrentid=".$TorrentID."]the above torrent[/url], it has been reported for the reason: ".$ReportType['title']."\n\n".$Message;
} else {
$Message = "I am PMing you as you are the uploader of [url=http://".NONSSL_SITE_URL."/torrents.php?torrentid=".$TorrentID."]the above torrent[/url].\n\n".$Message;
}
} else if($Recipient == 'Reporter') {
$ToID = $_POST['reporterid'];
$Message = "You reported the above torrent for the reason ".$ReportType['title'].":\n\"".$_POST['report_reason']."\"\n\n".$Message;
} else {
$Err = "Something went horribly wrong";
}
$Subject = $_POST['raw_name'];
if(!is_number($ToID)) {
$Err = "Haxx occuring, non number present";
}
if($ToID == $LoggedUser['ID']) {
$Err = "That's you!";
}
if(isset($Err)) {
echo $Err;
} else {
send_pm($ToID, $LoggedUser['ID'], db_string($Subject), db_string($Message));
}