Mirror/Gazelle
1
0
Fork 0
mirror of https://github.com/WhatCD/Gazelle.git synced 2024-12-13 02:46:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Empty commit

Browse Source
This commit is contained in:
Git 2013-06-04 08:00:34 +00:00
parent 6cc724d940
commit 5252527b74
30 changed files with 424 additions and 250 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
classes/inbox.class.php Normal file
View File

@ -0,0 +1,29 @@
<?php
class Inbox {
/*
* Get the link to a user's inbox.
* This is what handles the ListUnreadPMsFirst setting
*
* @param boolean - the value of $LoggedUser['ListUnreadPMsFirst']
* @param string - whether the inbox or sentbox should be loaded
* @return string - the URL to a user's inbox
*/
public static function get_inbox_link($ListFirst = 0, $WhichBox = 'inbox') {
if ($WhichBox == 'inbox') {
if ($ListFirst) {
$InboxURL = 'inbox.php?sort=unread';
} else {
$InboxURL = 'inbox.php';
}
} else {
if ($ListFirst) {
$InboxURL = 'inbox.php?action=sentbox&amp;sort=unread';
} else {
$InboxURL = 'inbox.php?action=sentbox';
}
}
return $InboxURL;
}
}
?>

3
classes/script_start.php
View File

@ -112,6 +112,9 @@
case 'ImageTools':
$FileName = 'image_tools.class';
break;
case 'Inbox':
$FileName = 'inbox.class';
break;
case 'LastFM':
$FileName = 'lastfm.class';
break;

11
design/privateheader.php
View File

@ -157,16 +157,9 @@
AND f.ID NOT IN ('$RestrictedForums')" : ''));
list($NewSubscriptions) = $DB->next_record();
$Cache->cache_value('subscriptions_user_new_'.$LoggedUser['ID'], $NewSubscriptions, 0);
}
// set up the inbox URL for use in the main user navigation area and in the alert bar
if ($LoggedUser['ListUnreadPMsFirst']) {
$InboxURL = 'inbox.php?sort=unread';
} else {
$InboxURL = 'inbox.php';
} ?>
<ul id="userinfo_minor"<?=($NewSubscriptions ? ' class="highlite"' : '')?>>
<li id="nav_inbox"<?=Format::add_class($PageID, array('inbox'), 'active', true)?>><a onmousedown="Stats('inbox');" href="<?=($InboxURL)?>">Inbox</a></li>
<li id="nav_inbox"<?=Format::add_class($PageID, array('inbox'), 'active', true)?>><a onmousedown="Stats('inbox');" href="<?=Inbox::get_inbox_link($LoggedUser['ListUnreadPMsFirst']); ?>">Inbox</a></li>
<li id="nav_staffinbox"<?=Format::add_class($PageID, array('staffpm'), 'active', true)?>><a onmousedown="Stats('staffpm');" href="staffpm.php">Staff Inbox</a></li>
<li id="nav_uploaded"<?=Format::add_class($PageID, array('torrents',false,'uploaded'), 'active', true, 'userid')?>><a onmousedown="Stats('uploads');" href="torrents.php?type=uploaded&amp;userid=<?=$LoggedUser['ID']?>">Uploads</a></li>
<li id="nav_bookmarks"<?=Format::add_class($PageID, array('bookmarks'), 'active', true)?>><a onmousedown="Stats('bookmarks');" href="bookmarks.php?type=torrents">Bookmarks</a></li>
@ -330,7 +323,7 @@
}
if ($NewMessages > 0) {
$Alerts[] = "<a href=\"$InboxURL\">You have $NewMessages".(($NewMessages > 1) ? ' new messages' : ' new message').'</a>';
$Alerts[] = '<a href="' . Inbox::get_inbox_link($LoggedUser['ListUnreadPMsFirst']) . "\">You have $NewMessages".(($NewMessages > 1) ? ' new messages' : ' new message').'</a>';
}
if ($LoggedUser['RatioWatch']) {

5
sections/ajax/checkprivate.php
View File

@ -8,7 +8,10 @@
die();
}
$DB->query("SELECT File FROM torrents_files WHERE TorrentID='$TorrentID'");
$DB->query("
SELECT File
FROM torrents_files
WHERE TorrentID='$TorrentID'");
if ($DB->record_count() == 0) {
echo('Torrent not found.');
die();

39
sections/ajax/forum/forum.php
View File

@ -54,9 +54,13 @@
LIMIT $Limit"); // Can be cached until someone makes a new post
$Forum = $DB->to_array('ID',MYSQLI_ASSOC, false);
if ($Page == 1) {
$DB->query("SELECT COUNT(ID) FROM forums_topics WHERE ForumID='$ForumID' AND IsSticky='1'");
$DB->query("
SELECT COUNT(ID)
FROM forums_topics
WHERE ForumID='$ForumID'
AND IsSticky='1'");
list($Stickies) = $DB->next_record();
$Cache->cache_value('forums_'.$ForumID, array($Forum,'',0,$Stickies), 0);
$Cache->cache_value('forums_'.$ForumID, array($Forum, '', 0, $Stickies), 0);
}
}
@ -96,13 +100,18 @@
);
} else {
// forums_last_read_topics is a record of the last post a user read in a topic, and what page that was on
$DB->query('SELECT
$DB->query('
SELECT
l.TopicID,
l.PostID,
CEIL((SELECT COUNT(ID) FROM forums_posts WHERE forums_posts.TopicID = l.TopicID AND forums_posts.ID<=l.PostID)/'.$PerPage.') AS Page
CEIL(( SELECT COUNT(ID)
FROM forums_posts
WHERE forums_posts.TopicID = l.TopicID
AND forums_posts.ID <= l.PostID) / '.$PerPage.'
) AS Page
FROM forums_last_read_topics AS l
WHERE TopicID IN('.implode(', ', array_keys($Forum)).') AND
UserID=\''.$LoggedUser['ID'].'\'');
WHERE TopicID IN('.implode(', ', array_keys($Forum)).')
AND UserID=\''.$LoggedUser['ID'].'\'');
// Turns the result set into a multi-dimensional array, with
// forums_last_read_topics.TopicID as the key.
@ -130,16 +139,16 @@
'title' => display_str($Title),
'authorId' => (int) $AuthorID,
'authorName' => $AuthorName,
'locked' => $Locked == 1,
'sticky' => $Sticky == 1,
'locked' => ($Locked == 1),
'sticky' => ($Sticky == 1),
'postCount' => (int) $PostCount,
'lastID' => $LastID == null ? 0 : (int) $LastID,
'lastID' => (($LastID == null) ? 0 : (int) $LastID),
'lastTime' => $LastTime,
'lastAuthorId' => $LastAuthorID == null ? 0 : (int) $LastAuthorID,
'lastAuthorName' => $LastAuthorName == null ? '' : $LastAuthorName,
'lastReadPage' => $LastRead[$TopicID]['Page'] == null ? 0 : (int) $LastRead[$TopicID]['Page'],
'lastReadPostId' => $LastRead[$TopicID]['PostID'] == null ? 0 : (int) $LastRead[$TopicID]['PostID'],
'read' => $Read == 'read'
'lastAuthorId' => (($LastAuthorID == null) ? 0 : (int) $LastAuthorID),
'lastAuthorName' => (($LastAuthorName == null) ? '' : $LastAuthorName),
'lastReadPage' => (($LastRead[$TopicID]['Page'] == null) ? 0 : (int) $LastRead[$TopicID]['Page']),
'lastReadPostId' => (($LastRead[$TopicID]['PostID'] == null) ? 0 : (int) $LastRead[$TopicID]['PostID']),
'read' => ($Read == 'read')
);
}
@ -151,7 +160,7 @@
'forumName' => $ForumName,
'specificRules' => $JsonSpecificRules,
'currentPage' => (int) $Page,
'pages' => ceil($Forums[$ForumID]['NumTopics']/TOPICS_PER_PAGE),
'pages' => ceil($Forums[$ForumID]['NumTopics'] / TOPICS_PER_PAGE),
'threads' => $JsonTopics
)
)

24
sections/ajax/forum/main.php
View File

@ -1,6 +1,5 @@
<?
if (isset($LoggedUser['PostsPerPage'])) {
$PerPage = $LoggedUser['PostsPerPage'];
} else {
@ -17,19 +16,26 @@
//Now if we have IDs' we run the query
if (!empty($TopicIDs)) {
$DB->query("SELECT
$DB->query("
SELECT
l.TopicID,
l.PostID,
CEIL((SELECT COUNT(ID) FROM forums_posts WHERE forums_posts.TopicID = l.TopicID AND forums_posts.ID<=l.PostID)/$PerPage) AS Page
CEIL(( SELECT COUNT(ID)
FROM forums_posts
WHERE forums_posts.TopicID = l.TopicID
AND forums_posts.ID <= l.PostID) / $PerPage) AS Page
FROM forums_last_read_topics AS l
WHERE TopicID IN(".implode(',',$TopicIDs).") AND
UserID='$LoggedUser[ID]'");
WHERE TopicID IN(".implode(',', $TopicIDs).")
AND UserID='$LoggedUser[ID]'");
$LastRead = $DB->to_array('TopicID', MYSQLI_ASSOC);
} else {
$LastRead = array();
}
$DB->query("SELECT RestrictedForums FROM users_info WHERE UserID = ".$LoggedUser['ID']);
$DB->query("
SELECT RestrictedForums
FROM users_info
WHERE UserID = ".$LoggedUser['ID']);
list($RestrictedForums) = $DB->next_record();
$RestrictedForums = explode(',', $RestrictedForums);
$PermittedForums = array_keys($LoggedUser['PermittedForums']);
@ -77,9 +83,9 @@
'lastTime' => $LastTime,
'specificRules' => $SpecificRules,
'lastTopic' => display_str($LastTopic),
'read' => $Read == 1,
'locked' => $Locked == 1,
'sticky' => $Sticky == 1
'read' => ($Read == 1),
'locked' => ($Locked == 1),
'sticky' => ($Sticky == 1)
);
}
// ...And an extra one to catch the last category.

46
sections/ajax/forum/thread.php
View File

@ -62,7 +62,11 @@
if (isset($_GET['post']) && is_number($_GET['post'])) {
$PostNum = $_GET['post'];
} elseif (isset($_GET['postid']) && is_number($_GET['postid'])) {
$DB->query("SELECT COUNT(ID) FROM forums_posts WHERE TopicID = $ThreadID AND ID <= $_GET[postid]");
$DB->query("
SELECT COUNT(ID)
FROM forums_posts
WHERE TopicID = $ThreadID
AND ID <= $_GET[postid]");
list($PostNum) = $DB->next_record();
} else {
$PostNum = 1;
@ -70,15 +74,16 @@
} else {
$PostNum = 1;
}
list($Page, $Limit) = Format::page_limit($PerPage, min($ThreadInfo['Posts'],$PostNum));
list($Page, $Limit) = Format::page_limit($PerPage, min($ThreadInfo['Posts'], $PostNum));
if (($Page - 1) * $PerPage > $ThreadInfo['Posts']) {
$Page = ceil($ThreadInfo['Posts']/$PerPage);
$Page = ceil($ThreadInfo['Posts'] / $PerPage);
}
list($CatalogueID,$CatalogueLimit) = Format::catalogue_limit($Page,$PerPage,THREAD_CATALOGUE);
list($CatalogueID,$CatalogueLimit) = Format::catalogue_limit($Page, $PerPage, THREAD_CATALOGUE);
// Cache catalogue from which the page is selected, allows block caches and future ability to specify posts per page
if (!$Catalogue = $Cache->get_value('thread_'.$ThreadID.'_catalogue_'.$CatalogueID)) {
$DB->query("SELECT
$DB->query("
SELECT
p.ID,
p.AuthorID,
p.AddedTime,
@ -86,14 +91,15 @@
p.EditedUserID,
p.EditedTime
FROM forums_posts as p
WHERE p.TopicID = '$ThreadID' AND p.ID != '".$ThreadInfo['StickyPostID']."'
WHERE p.TopicID = '$ThreadID'
AND p.ID != '".$ThreadInfo['StickyPostID']."'
LIMIT $CatalogueLimit");
$Catalogue = $DB->to_array(false,MYSQLI_ASSOC);
if (!$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) {
$Cache->cache_value('thread_'.$ThreadID.'_catalogue_'.$CatalogueID, $Catalogue, 0);
}
}
$Thread = Format::catalogue_select($Catalogue,$Page,$PerPage,THREAD_CATALOGUE);
$Thread = Format::catalogue_select($Catalogue, $Page, $PerPage, THREAD_CATALOGUE);
if ($_GET['updatelastread'] != '0') {
$LastPost = end($Thread);
@ -115,7 +121,7 @@
INSERT INTO forums_last_read_topics
(UserID, TopicID, PostID)
VALUES
('$LoggedUser[ID]', '".$ThreadID ."', '".db_string($LastPost)."')
('$LoggedUser[ID]', '$ThreadID', '".db_string($LastPost)."')
ON DUPLICATE KEY UPDATE PostID='$LastPost'");
}
}
@ -128,7 +134,7 @@
FROM users_subscriptions
WHERE UserID = '$LoggedUser[ID]'");
$UserSubscriptions = $DB->collect(0);
$Cache->cache_value('subscriptions_user_'.$LoggedUser['ID'],$UserSubscriptions,0);
$Cache->cache_value('subscriptions_user_'.$LoggedUser['ID'], $UserSubscriptions, 0);
}
if (empty($UserSubscriptions)) {
@ -141,11 +147,11 @@
$JsonPoll = array();
if ($ThreadInfo['NoPoll'] == 0) {
if (!list($Question,$Answers,$Votes,$Featured,$Closed) = $Cache->get_value('polls_'.$ThreadID)) {
if (!list($Question, $Answers, $Votes, $Featured, $Closed) = $Cache->get_value('polls_'.$ThreadID)) {
$DB->query("
SELECT Question, Answers, Featured, Closed
FROM forums_polls
WHERE TopicID='".$ThreadID."'");
WHERE TopicID='$ThreadID'");
list($Question, $Answers, $Featured, $Closed) = $DB->next_record(MYSQLI_NUM, array(1));
$Answers = unserialize($Answers);
$DB->query("
@ -157,7 +163,7 @@
$Votes = array();
foreach ($VoteArray as $VoteSet) {
list($Key,$Value) = $VoteSet;
list($Key, $Value) = $VoteSet;
$Votes[$Key] = $Value;
}
@ -166,7 +172,7 @@
$Votes[$i] = 0;
}
}
$Cache->cache_value('polls_'.$ThreadID, array($Question,$Answers,$Votes,$Featured,$Closed), 0);
$Cache->cache_value('polls_'.$ThreadID, array($Question, $Answers, $Votes, $Featured, $Closed), 0);
}
if (!empty($Votes)) {
@ -193,7 +199,7 @@
}
}
$JsonPoll['closed'] = $Closed == 1;
$JsonPoll['closed'] = ($Closed == 1);
$JsonPoll['featured'] = $Featured;
$JsonPoll['question'] = $Question;
$JsonPoll['maxVotes'] = (int) $MaxVotes;
@ -251,11 +257,11 @@
'authorId' => (int) $AuthorID,
'authorName' => $Username,
'paranoia' => $Paranoia,
'artist' => $Artist == 1,
'donor' => $Donor == 1,
'artist' => ($Artist == 1),
'donor' => ($Donor == 1),
'warned' => ($Warned != '0000-00-00 00:00:00'),
'avatar' => $Avatar,
'enabled' => $Enabled == 2 ? false : true,
'enabled' => (($Enabled == 2) ? false : true),
'userTitle' => $UserTitle
),
@ -272,11 +278,11 @@
'threadId' => (int) $ThreadID,
'threadTitle' => display_str($ThreadInfo['Title']),
'subscribed' => in_array($ThreadID, $UserSubscriptions),
'locked' => $ThreadInfo['IsLocked'] == 1,
'sticky' => $ThreadInfo['IsSticky'] == 1,
'locked' => ($ThreadInfo['IsLocked'] == 1),
'sticky' => ($ThreadInfo['IsSticky'] == 1),
'currentPage' => (int) $Page,
'pages' => ceil($ThreadInfo['Posts'] / $PerPage),
'poll' => empty($JsonPoll) ? null : $JsonPoll,
'poll' => (empty($JsonPoll) ? null : $JsonPoll),
'posts' => $JsonPosts
)
)

6
sections/ajax/get_friends.php
View File

@ -1,7 +1,9 @@
<?php
$DB->query("SELECT
f.FriendID, u.Username
$DB->query("
SELECT
f.FriendID,
u.Username
FROM friends AS f
RIGHT JOIN users_enable_recommendations AS r
ON r.ID = f.FriendID

5
sections/ajax/giveback_report.php
View File

@ -7,7 +7,10 @@
error(0);
}
$DB->query("SELECT Status FROM reportsv2 WHERE ID=".$_GET['id']);
$DB->query("
SELECT Status
FROM reportsv2
WHERE ID=".$_GET['id']);
list($Status) = $DB->next_record();
if (isset($Status)) {
$DB->query("

9
sections/ajax/password_validate.php
View File

@ -1,14 +1,17 @@
<?php
$Password=db_string($_POST["password"]);
$Password = db_string($_POST['password']);
$IsGoodPassword = false;
$DB->query("SELECT Password FROM bad_passwords WHERE Password='$Password'");
$DB->query("
SELECT Password
FROM bad_passwords
WHERE Password='$Password'");
if ($DB->record_count() == 0) {
$IsGoodPassword = true;
}
echo $IsGoodPassword ? 'true' : 'false';
echo ($IsGoodPassword ? 'true' : 'false');
exit();
?>

53
sections/ajax/user.php
View File

@ -92,19 +92,28 @@ function check_paranoia_here($Setting) {
SELECT COUNT(DISTINCT r.ID), SUM(rv.Bounty)
FROM requests AS r
LEFT JOIN requests_votes AS rv ON r.ID=rv.RequestID
WHERE r.FillerID = ".$UserID);
WHERE r.FillerID = $UserID");
list($RequestsFilled, $TotalBounty) = $DB->next_record();
$DB->query("SELECT COUNT(rv.RequestID), SUM(rv.Bounty) FROM requests_votes AS rv WHERE rv.UserID = ".$UserID);
$DB->query("
SELECT COUNT(rv.RequestID), SUM(rv.Bounty)
FROM requests_votes AS rv
WHERE rv.UserID = $UserID");
list($RequestsVoted, $TotalSpent) = $DB->next_record();
$DB->query("SELECT COUNT(ID) FROM torrents WHERE UserID='$UserID'");
$DB->query("
SELECT COUNT(ID)
FROM torrents
WHERE UserID='$UserID'");
list($Uploads) = $DB->next_record();
} else {
$RequestsVoted = 0;
$TotalSpent = 0;
}
if (check_paranoia_here('uploads+')) {
$DB->query("SELECT COUNT(ID) FROM torrents WHERE UserID='$UserID'");
$DB->query("
SELECT COUNT(ID)
FROM torrents
WHERE UserID='$UserID'");
list($Uploads) = $DB->next_record();
} else {
$Uploads = null;
@ -114,7 +123,7 @@ function check_paranoia_here($Setting) {
$DB->query("
SELECT COUNT(ta.ArtistID)
FROM torrents_artists AS ta
WHERE ta.UserID = ".$UserID);
WHERE ta.UserID = $UserID");
list($ArtistsAdded) = $DB->next_record();
} else {
$ArtistsAdded = 0;
@ -161,7 +170,7 @@ function check_paranoia_here($Setting) {
} elseif ($Uploaded == 0) {
$Ratio = 0.5;
} else {
$Ratio = round($Uploaded/$Downloaded, 2);
$Ratio = round($Uploaded / $Downloaded, 2);
}
if (check_paranoia_here(array('uploaded', 'downloaded', 'uploads+', 'requestsfilled_count', 'requestsvoted_bounty', 'artistsadded'))) {
$OverallRank = floor($Rank->overall_score($UploadedRank, $DownloadedRank, $UploadsRank, $RequestRank, $PostRank, $BountyRank, $ArtistsRank, $Ratio));
@ -305,10 +314,10 @@ function check_paranoia_here($Setting) {
'stats' => array(
'joinedDate' => $JoinDate,
'lastAccess' => $LastAccess,
'uploaded' => $Uploaded == null ? null : (int) $Uploaded,
'downloaded' => $Downloaded == null ? null : (int) $Downloaded,
'uploaded' => (($Uploaded == null) ? null : (int) $Uploaded),
'downloaded' => (($Downloaded == null) ? null : (int) $Downloaded),
'ratio' => $Ratio,
'requiredRatio' => $RequiredRatio == null ? null : (float) $RequiredRatio
'requiredRatio' => (($RequiredRatio == null) ? null : (float) $RequiredRatio)
),
'ranks' => array(
'uploaded' => $UploadedRank,
@ -318,13 +327,13 @@ function check_paranoia_here($Setting) {
'bounty' => $BountyRank,
'posts' => $PostRank,
'artists' => $ArtistsRank,
'overall' => $OverallRank == null ? 0 : $OverallRank
'overall' => (($OverallRank == null) ? 0 : $OverallRank)
),
'personal' => array(
'class' => $ClassLevels[$Class]['Name'],
'paranoia' => $ParanoiaLevel,
'paranoiaText' => $ParanoiaLevelText,
'donor' => $Donor == 1,
'donor' => ($Donor == 1),
'warned' => ($Warned != '0000-00-00 00:00:00'),
'enabled' => ($Enabled == '1' || $Enabled == '0' || !$Enabled),
'passkey' => $torrent_pass
@ -332,17 +341,17 @@ function check_paranoia_here($Setting) {
'community' => array(
'posts' => (int) $ForumPosts,
'torrentComments' => (int) $NumComments,
'collagesStarted' => $NumCollages == null ? null : (int) $NumCollages,
'collagesContrib' => $NumCollageContribs == null ? null : (int) $NumCollageContribs,
'requestsFilled' => $RequestsFilled == null ? null : (int) $RequestsFilled,
'requestsVoted' => $RequestsVoted == null ? null : (int) $RequestsVoted,
'perfectFlacs' => $PerfectFLACs == null ? null : (int) $PerfectFLACs,
'uploaded' => $Uploads == null ? null : (int) $Uploads,
'groups' => $UniqueGroups == null ? null : (int) $UniqueGroups,
'seeding' => $Seeding == null ? null : (int) $Seeding,
'leeching' => $Leeching == null ? null : (int) $Leeching,
'snatched' => $Snatched == null ? null : (int) $Snatched,
'invited' => $Invited == null ? null : (int) $Invited
'collagesStarted' => (($NumCollages == null) ? null : (int) $NumCollages),
'collagesContrib' => (($NumCollageContribs == null) ? null : (int) $NumCollageContribs),
'requestsFilled' => (($RequestsFilled == null) ? null : (int) $RequestsFilled),
'requestsVoted' => (($RequestsVoted == null) ? null : (int) $RequestsVoted),
'perfectFlacs' => (($PerfectFLACs == null) ? null : (int) $PerfectFLACs),
'uploaded' => (($Uploads == null) ? null : (int) $Uploads),
'groups' => (($UniqueGroups == null) ? null : (int) $UniqueGroups),
'seeding' => (($Seeding == null) ? null : (int) $Seeding),
'leeching' => (($Leeching == null) ? null : (int) $Leeching),
'snatched' => (($Snatched == null) ? null : (int) $Snatched),
'invited' => (($Invited == null) ? null : (int) $Invited)
)
));
?>

30
sections/blog/index.php
View File

@ -11,7 +11,10 @@
switch ($_REQUEST['action']) {
case 'deadthread' :
if (is_number($_GET['id'])) {
$DB->query("UPDATE blog SET ThreadID=NULL WHERE ID=".$_GET['id']);
$DB->query("
UPDATE blog
SET ThreadID=NULL
WHERE ID=".$_GET['id']);
$Cache->delete_value('blog');
$Cache->delete_value('feed_blog');
}
@ -20,7 +23,10 @@
case 'takeeditblog':
authorize();
if (is_number($_POST['blogid']) && is_number($_POST['thread'])) {
$DB->query("UPDATE blog SET Title='".db_string($_POST['title'])."', Body='".db_string($_POST['body'])."', ThreadID=".$_POST['thread']." WHERE ID='".db_string($_POST['blogid'])."'");
$DB->query("
UPDATE blog
SET Title='".db_string($_POST['title'])."', Body='".db_string($_POST['body'])."', ThreadID=".$_POST['thread']."
WHERE ID='".db_string($_POST['blogid'])."'");
$Cache->delete_value('blog');
$Cache->delete_value('feed_blog');
}
@ -29,14 +35,19 @@
case 'editblog':
if (is_number($_GET['id'])) {
$BlogID = $_GET['id'];
$DB->query("SELECT Title, Body, ThreadID FROM blog WHERE ID=$BlogID");
$DB->query("
SELECT Title, Body, ThreadID
FROM blog
WHERE ID=$BlogID");
list($Title, $Body, $ThreadID) = $DB->next_record();
}
break;
case 'deleteblog':
if (is_number($_GET['id'])) {
authorize();
$DB->query("DELETE FROM blog WHERE ID='".db_string($_GET['id'])."'");
$DB->query("
DELETE FROM blog
WHERE ID='".db_string($_GET['id'])."'");
$Cache->delete_value('blog');
$Cache->delete_value('feed_blog');
}
@ -49,7 +60,10 @@
$Body = db_string($_POST['body']);
$ThreadID = $_POST['thread'];
if ($ThreadID && is_number($ThreadID)) {
$DB->query("SELECT ForumID FROM forums_topics WHERE ID=".$ThreadID);
$DB->query("
SELECT ForumID
FROM forums_topics
WHERE ID = $ThreadID");
if ($DB->record_count() < 1) {
error('No such thread exists!');
header('Location: blog.php');
@ -74,7 +88,9 @@
$Cache->delete_value('blog_latest_id');
}
if (isset($_POST['subscribe'])) {
$DB->query("INSERT IGNORE INTO users_subscriptions VALUES ('$LoggedUser[ID]', $ThreadID)");
$DB->query("
INSERT IGNORE INTO users_subscriptions
VALUES ('$LoggedUser[ID]', $ThreadID)");
$Cache->delete_value('subscriptions_user_'.$LoggedUser['ID']);
}
header('Location: blog.php');
@ -98,7 +114,7 @@
<input type="text" name="title" size="95"<? if (!empty($Title)) { echo ' value="'.display_str($Title).'"'; } ?> /><br />
<h3>Body</h3>
<textarea name="body" cols="95" rows="15"><? if (!empty($Body)) { echo display_str($Body); } ?></textarea> <br />
<input type="checkbox" value="1" name="important" id="important" checked="checked"/><label for="important">Important</label><br />
<input type="checkbox" value="1" name="important" id="important" checked="checked" /><label for="important">Important</label><br />
<h3>Thread ID</h3>
<input type="text" name="thread" size="8"<? if (!empty($ThreadID)) { echo ' value="'.display_str($ThreadID).'"'; } ?> />
(Leave blank to create thread automatically)

20
sections/forums/ajax_get_edit.php
View File

@ -25,9 +25,10 @@
$Edits = $Cache->get_value($Type.'_edits_'.$PostID);
if (!is_array($Edits)) {
$DB->query("SELECT ce.EditUser, ce.EditTime, ce.Body
$DB->query("
SELECT ce.EditUser, ce.EditTime, ce.Body
FROM comments_edits AS ce
WHERE Page = '".$Type."' AND PostID = ".$PostID."
WHERE Page = '$Type' AND PostID = $PostID
ORDER BY ce.EditTime DESC");
$Edits = $DB->to_array();
$Cache->cache_value($Type.'_edits_'.$PostID, $Edits, 0);
@ -41,24 +42,25 @@
switch ($Type) {
case 'forums' :
//Get from normal forum stuffs
$DB->query("SELECT Body
$DB->query("
SELECT Body
FROM forums_posts
WHERE ID = ".$PostID);
WHERE ID = $PostID");
list($Body) = $DB->next_record();
break;
case 'collages' :
case 'requests' :
case 'artist' :
case 'torrents' :
$DB->query("SELECT Body
FROM ".$Type."_comments
WHERE ID = ".$PostID);
$DB->query("
SELECT Body
FROM {$Type}_comments
WHERE ID = $PostID");
list($Body) = $DB->next_record();
break;
}
}
?>
<?=$Text->full_format($Body)?>
<br />
<br />
@ -66,7 +68,7 @@
<? if ($Depth < count($Edits)) { ?>
<a href="#edit_info_<?=$PostID?>" onclick="LoadEdit('<?=$Type?>', <?=$PostID?>, <?=($Depth + 1)?>); return false;">&laquo;</a>
<?=(($Depth == 0) ? 'Last edited by' : 'Edited by')?>
<?=Users::format_username($UserID, false, false, false) ?> <?=time_diff($Time,2,true,true)?>
<?=Users::format_username($UserID, false, false, false) ?> <?=time_diff($Time, 2, true, true)?>
<? } else { ?>
<em>Original Post</em>
<? }

7
sections/forums/change_vote.php
View File

@ -4,8 +4,11 @@
$NewVote = $_GET['vote'];
if (is_number($ThreadID) && is_number($NewVote)) {
if (!check_perms("site_moderate_forums")) {
$DB->query("SELECT ForumID FROM forums_topics WHERE ID = $ThreadID");
if (!check_perms('site_moderate_forums')) {
$DB->query("
SELECT ForumID
FROM forums_topics
WHERE ID = $ThreadID");
list($ForumID) = $DB->next_record();
if (!in_array($ForumID, $ForumsRevealVoters)) {
error(403);

5
sections/forums/delete.php
View File

@ -112,7 +112,10 @@
}
if ($StickyPostID == $PostID) {
$DB->query("UPDATE forums_topics SET StickyPostID = 0 WHERE ID = $TopicID");
$DB->query("
UPDATE forums_topics
SET StickyPostID = 0
WHERE ID = $TopicID");
}
//We need to clear all subsequential catalogues as they've all been bumped with the absence of this post

5
sections/forums/edit_rules.php
View File

@ -32,7 +32,10 @@
}
$DB->query("SELECT ThreadID FROM forums_specific_rules WHERE ForumID = ".$ForumID);
$DB->query("
SELECT ThreadID
FROM forums_specific_rules
WHERE ForumID = $ForumID");
$ThreadIDs = $DB->collect('ThreadID');
View::show_header();

12
sections/forums/functions.php
View File

@ -2,7 +2,8 @@
function get_thread_info($ThreadID, $Return = true, $SelectiveCache = false) {
global $DB, $Cache;
if ((!$ThreadInfo = $Cache->get_value('thread_'.$ThreadID.'_info')) || !isset($ThreadInfo['OP'])) {
$DB->query("SELECT
$DB->query("
SELECT
t.Title,
t.ForumID,
t.IsLocked,
@ -23,7 +24,8 @@ function get_thread_info($ThreadID, $Return = true, $SelectiveCache = false) {
$ThreadInfo = $DB->next_record(MYSQLI_ASSOC, false);
if ($ThreadInfo['StickyPostID']) {
$ThreadInfo['Posts']--;
$DB->query("SELECT
$DB->query("
SELECT
p.ID,
p.AuthorID,
p.AddedTime,
@ -33,7 +35,8 @@ function get_thread_info($ThreadID, $Return = true, $SelectiveCache = false) {
ed.Username
FROM forums_posts as p
LEFT JOIN users_main AS ed ON ed.ID = p.EditedUserID
WHERE p.TopicID = '$ThreadID' AND p.ID = '".$ThreadInfo['StickyPostID']."'");
WHERE p.TopicID = '$ThreadID'
AND p.ID = '".$ThreadInfo['StickyPostID']."'");
list($ThreadInfo['StickyPost']) = $DB->to_array(false, MYSQLI_ASSOC);
}
if (!$SelectiveCache || !$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) {
@ -65,7 +68,8 @@ function get_forum_info($ForumID) {
global $DB, $Cache;
$Forum = $Cache->get_value('ForumInfo_'.$ForumID);
if (!$Forum) {
$DB->query("SELECT
$DB->query("
SELECT
Name,
MinClassRead,
MinClassWrite,

6
sections/forums/main.php
View File

@ -52,7 +52,7 @@
if ($LoggedUser['CustomForums'][$ForumID] != 1 && ($MinRead > $LoggedUser['Class'] || array_search($ForumID, $RestrictedForums) !== false)) {
continue;
}
$Row = ($Row == 'a') ? 'b' : 'a';
$Row = (($Row == 'a') ? 'b' : 'a');
$ForumDescription = display_str($ForumDescription);
if ($CategoryID != $LastCategoryID) {
@ -97,7 +97,7 @@
</td>
<? if ($NumPosts == 0) { ?>
<td colspan="3">
There are no topics here.<?=($MinCreate <= $LoggedUser['Class']) ? ', <a href="forums.php?action=new&amp;forumid='.$ForumID.'">Create one!</a>' : '' ?>.
There are no topics here.<?=(($MinCreate <= $LoggedUser['Class']) ? ', <a href="forums.php?action=new&amp;forumid='.$ForumID.'">Create one!</a>' : '')?>.
</td>
<? } else { ?>
<td>
@ -109,7 +109,7 @@
<a href="forums.php?action=viewthread&amp;threadid=<?=$LastTopicID?>&amp;page=<?=$LastRead[$LastTopicID]['Page']?>#post<?=$LastRead[$LastTopicID]['PostID']?>"></a>
</span>
<? } ?>
<span style="float: right;" class="last_poster">by <?=Users::format_username($LastAuthorID, false, false, false)?> <?=time_diff($LastTime,1)?></span>
<span style="float: right;" class="last_poster">by <?=Users::format_username($LastAuthorID, false, false, false)?> <?=time_diff($LastTime, 1)?></span>
</td>
<td><?=number_format($NumTopics)?></td>
<td><?=number_format($NumPosts)?></td>

12
sections/forums/search.php
View File

@ -235,7 +235,9 @@
$sql.=" AND t.ID='$ThreadID' ";
}
$sql .= "ORDER BY p.AddedTime DESC LIMIT $Limit";
$sql .= "
ORDER BY p.AddedTime DESC
LIMIT $Limit";
} else {
$sql = "
@ -268,7 +270,9 @@
if (isset($AuthorID)) {
$sql.=" AND t.AuthorID='$AuthorID' ";
}
$sql .= "ORDER BY t.LastPostTime DESC LIMIT $Limit";
$sql .= "
ORDER BY t.LastPostTime DESC
LIMIT $Limit";
}
// Perform the query
@ -288,12 +292,12 @@
<td>Time</td>
</tr>
<? if ($DB->record_count() == 0) { ?>
<tr><td colspan="3">Nothing found<?=(isset($AuthorID) && $AuthorID == 0) ? ' (unknown username)' : '' ?>!</td></tr>
<tr><td colspan="3">Nothing found<?=((isset($AuthorID) && $AuthorID == 0) ? ' (unknown username)' : '')?>!</td></tr>
<? }
$Row = 'a'; // For the pretty colours
while (list($ID, $Title, $ForumID, $ForumName, $LastTime, $PostID, $Body) = $DB->next_record()) {
$Row = ($Row == 'a') ? 'b' : 'a';
$Row = (($Row == 'a') ? 'b' : 'a');
// Print results
?>
<tr class="row<?=$Row?>">

28
sections/forums/take_warn.php
View File

@ -35,12 +35,15 @@
Tools::update_user_notes($UserID, $AdminComment);
}
$DB->query("INSERT INTO users_warnings_forums (UserID, Comment) VALUES('$UserID', '" . db_string($AdminComment) . "')
$DB->query("
INSERT INTO users_warnings_forums (UserID, Comment)
VALUES('$UserID', '" . db_string($AdminComment) . "')
ON DUPLICATE KEY UPDATE Comment = CONCAT('" . db_string($AdminComment) . "', Comment)");
Misc::send_pm($UserID, $LoggedUser['ID'], $Subject, $PrivateMessage);
//edit the post
$DB->query("SELECT
$DB->query("
SELECT
p.Body,
p.AuthorID,
p.TopicID,
@ -57,10 +60,11 @@
list($OldBody, $AuthorID, $TopicID, $ForumID, $Page) = $DB->next_record();
// Perform the update
$DB->query("UPDATE forums_posts
$DB->query("
UPDATE forums_posts
SET Body = '" . db_string($Body) . "',
EditedUserID = '$UserID',
EditedTime = '" . $SQLTime . "'
EditedTime = '$SQLTime'
WHERE ID='$PostID'");
$CatalogueID = floor((POSTS_PER_PAGE * $Page - POSTS_PER_PAGE) / THREAD_CATALOGUE);
@ -70,9 +74,14 @@
$Cache->delete('thread_' . $TopicID . '_catalogue_' . $CatalogueID);
//just clear the cache for would be cache-screwer-uppers
} else {
$Cache->update_row($Key, array('ID' => $Cache->MemcacheDBArray[$Key]['ID'], 'AuthorID' => $Cache->MemcacheDBArray[$Key]['AuthorID'], 'AddedTime' => $Cache->MemcacheDBArray[$Key]['AddedTime'],
$Cache->update_row($Key, array(
'ID' => $Cache->MemcacheDBArray[$Key]['ID'],
'AuthorID' => $Cache->MemcacheDBArray[$Key]['AuthorID'],
'AddedTime' => $Cache->MemcacheDBArray[$Key]['AddedTime'],
'Body' => $Body, //Don't url decode.
'EditedUserID' => $LoggedUser['ID'], 'EditedTime' => $SQLTime, 'Username' => $LoggedUser['Username']));
'EditedUserID' => $LoggedUser['ID'],
'EditedTime' => $SQLTime,
'Username' => $LoggedUser['Username']));
$Cache->commit_transaction(3600 * 24 * 5);
}
$ThreadInfo = get_thread_info($TopicID);
@ -83,8 +92,11 @@
$Cache->cache_value('thread_' . $TopicID . '_info', $ThreadInfo, 0);
}
$DB->query("INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('forums', " . $PostID . ", " . $UserID . ", '" . $SQLTime . "', '" . db_string($OldBody) . "')");
$DB->query("
INSERT INTO comments_edits
(Page, PostID, EditUser, EditTime, Body)
VALUES
('forums', $PostID, $UserID, '$SQLTime', '" . db_string($OldBody) . "')");
$Cache->delete_value("forums_edits_$PostID");
header("Location: forums.php?action=viewthread&postid=$PostID#post$PostID");

4
sections/forums/warn.php
View File

@ -44,7 +44,7 @@
<option value="1">1 week</option>
<option value="2">2 weeks</option>
<option value="4">4 weeks</option>
<? if (check_perms("users_mod")) { ?>
<? if (check_perms('users_mod')) { ?>
<option value="8">8 weeks</option>
<? } ?>
</select></td>
@ -60,7 +60,7 @@
<td>
<textarea id="body" style="width: 95%;" tabindex="1" onkeyup="resize('body');" name="body" cols="90" rows="8"><?=$PostBody?></textarea>
<br />
<input type="submit" id="submit_button" value="Warn User" tabindex="1" />
<input type="submit" id="submit_button" value="Warn user" tabindex="1" />
</td>
</tr>
</table>

4
sections/inbox/conversation.php
View File

@ -81,7 +81,7 @@
<div class="thin">
<h2><?=$Subject.($ForwardedID > 0 ? ' (Forwarded to '.$ForwardedName.')' : '')?></h2>
<div class="linkbox">
<a href="inbox.php" class="brackets">Back to inbox</a>
<a href="<?=Inbox::get_inbox_link($LoggedUser['ListUnreadPMsFirst']); ?>" class="brackets">Back to inbox</a>
</div>
<?
@ -112,7 +112,7 @@
<div class="box pad">
<input type="hidden" name="action" value="takecompose" />
<input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />
<input type="hidden" name="toid" value="<?=implode(',',$ReceiverIDs)?>" />
<input type="hidden" name="toid" value="<?=implode(',', $ReceiverIDs)?>" />
<input type="hidden" name="convid" value="<?=$ConvID?>" />
<textarea id="quickpost" class="required" name="body" cols="90" rows="10" onkeyup="resize('quickpost')"></textarea> <br />
<div id="preview" class="box vertical_space body hidden"></div>

36
sections/inbox/inbox.php
View File

@ -23,9 +23,9 @@
<?
if ($Section == 'inbox') { ?>
<a href="inbox.php?action=sentbox" class="brackets">Sentbox</a>
<a href="<?=Inbox::get_inbox_link($LoggedUser['ListUnreadPMsFirst'], 'sentbox'); ?>" class="brackets">Sentbox</a>
<? } elseif ($Section == 'sentbox') { ?>
<a href="inbox.php" class="brackets">Inbox</a>
<a href="<?=Inbox::get_inbox_link($LoggedUser['ListUnreadPMsFirst']); ?>" class="brackets">Inbox</a>
<? }
?>
@ -43,34 +43,36 @@
cu.Sticky,
cu.ForwardedTo,
cu2.UserID,";
$sql .= ($Section == 'sentbox')? ' cu.SentDate ' : ' cu.ReceivedDate ';
$sql .= (($Section == 'sentbox') ? ' cu.SentDate ' : ' cu.ReceivedDate ');
$sql .= "AS Date
FROM pm_conversations AS c
LEFT JOIN pm_conversations_users AS cu ON cu.ConvID=c.ID AND cu.UserID='$UserID'
LEFT JOIN pm_conversations_users AS cu2 ON cu2.ConvID=c.ID AND cu2.UserID!='$UserID' AND cu2.ForwardedTo=0
LEFT JOIN users_main AS um ON um.ID=cu2.UserID";
if (!empty($_GET['search']) && $_GET['searchtype'] == "message") {
$sql .= " JOIN pm_messages AS m ON c.ID=m.ConvID";
if (!empty($_GET['search']) && $_GET['searchtype'] == 'message') {
$sql .= ' JOIN pm_messages AS m ON c.ID=m.ConvID';
}
$sql .= " WHERE ";
$sql .= ' WHERE ';
if (!empty($_GET['search'])) {
$Search = db_string($_GET['search']);
if ($_GET['searchtype'] == "user") {
$sql .= "um.Username LIKE '".$Search."' AND ";
} elseif ($_GET['searchtype'] == "subject") {
if ($_GET['searchtype'] == 'user') {
$sql .= "um.Username LIKE '$Search' AND ";
} elseif ($_GET['searchtype'] == 'subject') {
$Words = explode(' ', $Search);
$sql .= "c.Subject LIKE '%".implode("%' AND c.Subject LIKE '%", $Words)."%' AND ";
} elseif ($_GET['searchtype'] == "message") {
} elseif ($_GET['searchtype'] == 'message') {
$Words = explode(' ', $Search);
$sql .= "m.Body LIKE '%".implode("%' AND m.Body LIKE '%", $Words)."%' AND ";
}
}
$sql .= ($Section == 'sentbox')? ' cu.InSentbox' : ' cu.InInbox';
$sql .= (($Section == 'sentbox') ? ' cu.InSentbox' : ' cu.InInbox');
$sql .="='1'";
$sql .=" GROUP BY c.ID
ORDER BY cu.Sticky, ".$Sort." LIMIT $Limit";
$sql .="
GROUP BY c.ID
ORDER BY cu.Sticky, $Sort
LIMIT $Limit";
$Results = $DB->query($sql);
$DB->query('SELECT FOUND_ROWS()');
list($NumResults) = $DB->next_record();
@ -84,7 +86,7 @@
<div class="box pad">
<? if ($Count == 0 && empty($_GET['search'])) { ?>
<h2>Your <?= ($Section == 'sentbox') ? 'sentbox' : 'inbox' ?> is currently empty</h2>
<h2>Your <?=(($Section == 'sentbox') ? 'sentbox' : 'inbox')?> is currently empty</h2>
<? } else { ?>
<form class="search_form" name="<?=(($Section == 'sentbox') ? 'sentbox' : 'inbox')?>" action="inbox.php" method="get" id="searchbox">
<div>
@ -94,8 +96,8 @@
<input type="radio" name="searchtype" value="message"<?=(!empty($_GET['searchtype']) && $_GET['searchtype'] == 'message' ? ' checked="checked"' : '')?> /> Message
<br />
<input type="text" name="search" value="<?=(!empty($_GET['search']) ? display_str($_GET['search']) : 'Search '.($Section == 'sentbox' ? 'Sentbox' : 'Inbox'))?>" style="width: 98%;"
onfocus="if (this.value == 'Search <?= ($Section == 'sentbox') ? 'Sentbox' : 'Inbox' ?>') this.value='';"
onblur="if (this.value == '') this.value='Search <?= ($Section == 'sentbox') ? 'Sentbox' : 'Inbox' ?>';"
onfocus="if (this.value == 'Search <?=(($Section == 'sentbox') ? 'Sentbox' : 'Inbox')?>') this.value='';"
onblur="if (this.value == '') this.value='Search <?=(($Section == 'sentbox') ? 'Sentbox' : 'Inbox')?>';"
/>
</div>
</form>
@ -127,7 +129,7 @@
if ($Unread === '1') {
$RowClass = 'unreadpm';
} else {
$Row = ($Row === 'a') ? 'b' : 'a';
$Row = (($Row === 'a') ? 'b' : 'a');
$RowClass = 'row'.$Row;
}
?>

3
sections/inbox/takecompose.php
View File

@ -11,6 +11,9 @@
}
if (isset($_POST['convid']) && is_number($_POST['convid'])) {
$ConvID = $_POST['convid'];
$Subject = '';

2
sections/inbox/takeedit.php
View File

@ -42,5 +42,5 @@
$Cache->increment('inbox_new_'.$UserID);
}
}
header('Location: inbox.php');
header('Location: ' . Inbox::get_inbox_link($LoggedUser['ListUnreadPMsFirst']));
?>

95
sections/register/index.php
View File

@ -15,61 +15,81 @@
if (!empty($_REQUEST['confirm'])) {
// Confirm registration
$DB->query("SELECT ID FROM users_main WHERE torrent_pass='".db_string($_REQUEST['confirm'])."' AND Enabled='0'");
list($UserID)=$DB->next_record();
$DB->query("
SELECT ID
FROM users_main
WHERE torrent_pass='".db_string($_REQUEST['confirm'])."'
AND Enabled='0'");
list($UserID) = $DB->next_record();
if ($UserID) {
$DB->query("UPDATE users_main SET Enabled='1' WHERE ID='$UserID'");
$DB->query("
UPDATE users_main
SET Enabled='1'
WHERE ID='$UserID'");
$Cache->increment('stats_user_count');
include('step2.php');
}
} elseif (OPEN_REGISTRATION || !empty($_REQUEST['invite'])) {
$Val->SetFields('username',true,'regex', 'You did not enter a valid username.',array('regex'=>'/^[a-z0-9_?]{1,20}$/iD'));
$Val->SetFields('email',true,'email', 'You did not enter a valid email address.');
$Val->SetFields('password',true,'regex','A strong password is between 8 and 40 characters long, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol',array('regex'=>'/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/'));
$Val->SetFields('confirm_password',true,'compare', 'Your passwords do not match.',array('comparefield'=>'password'));
$Val->SetFields('readrules',true,'checkbox', 'You did not check the box that says you will read the rules.');
$Val->SetFields('readwiki',true,'checkbox', 'You did not check the box that says you will read the wiki.');
$Val->SetFields('agereq',true,'checkbox', 'You did not check the box that says you are 13 years of age or older.');
//$Val->SetFields('captcha',true,'string', 'You did not enter a captcha code.',array('minlength'=>6,'maxlength'=>6));
$Val->SetFields('username', true, 'regex', 'You did not enter a valid username.', array('regex'=>'/^[a-z0-9_?]{1,20}$/iD'));
$Val->SetFields('email', true, 'email', 'You did not enter a valid email address.');
$Val->SetFields('password', true, 'regex', 'A strong password is between 8 and 40 characters long, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol', array('regex'=>'/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/'));
$Val->SetFields('confirm_password', true, 'compare', 'Your passwords do not match.', array('comparefield'=>'password'));
$Val->SetFields('readrules', true, 'checkbox', 'You did not check the box that says you will read the rules.');
$Val->SetFields('readwiki', true, 'checkbox', 'You did not check the box that says you will read the wiki.');
$Val->SetFields('agereq', true, 'checkbox', 'You did not check the box that says you are 13 years of age or older.');
//$Val->SetFields('captcha', true, 'string', 'You did not enter a captcha code.', array('minlength' => 6, 'maxlength' => 6));
if (!empty($_POST['submit'])) {
// User has submitted registration form
$Err=$Val->ValidateForm($_REQUEST);
$Err = $Val->ValidateForm($_REQUEST);
/*
if (!$Err && strtolower($_SESSION['captcha'])!=strtolower($_REQUEST['captcha'])) {
$Err="You did not enter the correct captcha code.";
if (!$Err && strtolower($_SESSION['captcha']) != strtolower($_REQUEST['captcha'])) {
$Err = 'You did not enter the correct captcha code.';
}
*/
if (!$Err) {
// Don't allow a username of "0" or "1" due to PHP's type juggling
if (trim($_POST['username']) == '0' || trim($_POST['username']) == '1') {
$Err = 'You cannot have a username of "0" or "1".';
}
$DB->query("SELECT COUNT(ID) FROM users_main WHERE Username LIKE '".db_string(trim($_POST['username']))."'");
list($UserCount)=$DB->next_record();
$DB->query("
SELECT COUNT(ID)
FROM users_main
WHERE Username LIKE '".db_string(trim($_POST['username']))."'");
list($UserCount) = $DB->next_record();
if ($UserCount) {
$Err = 'There is already someone registered with that username.';
$_REQUEST['username']='';
$_REQUEST['username'] = '';
}
if ($_POST['invite']) {
$DB->query("SELECT InviterID, Email FROM invites WHERE InviteKey='".db_string($_REQUEST['invite'])."'");
$DB->query("
SELECT InviterID, Email
FROM invites
WHERE InviteKey='".db_string($_REQUEST['invite'])."'");
if ($DB->record_count() == 0) {
$Err = 'Invite does not exist.';
$InviterID=0;
$InviterID = 0;
} else {
list($InviterID, $InviteEmail) = $DB->next_record();
}
} else {
$InviterID=0;
$InviterID = 0;
}
}
if (!$Err) {
$torrent_pass=Users::make_secret();
$torrent_pass = Users::make_secret();
// Previously SELECT COUNT(ID) FROM users_main, which is a lot slower.
$DB->query("SELECT ID FROM users_main LIMIT 1");
$DB->query("
SELECT ID
FROM users_main
LIMIT 1");
$UserCount = $DB->record_count();
if ($UserCount == 0) {
$NewInstall = true;
@ -94,9 +114,14 @@
// User created, delete invite. If things break after this point, then it's better to have a broken account to fix than a 'free' invite floating around that can be reused
$DB->query("DELETE FROM invites WHERE InviteKey='".db_string($_REQUEST['invite'])."'");
$DB->query("
DELETE FROM invites
WHERE InviteKey='".db_string($_REQUEST['invite'])."'");
$DB->query("SELECT ID FROM stylesheets WHERE `Default`='1'");
$DB->query("
SELECT ID
FROM stylesheets
WHERE `Default`='1'");
list($StyleID) = $DB->next_record();
$AuthKey = Users::make_secret();
@ -157,9 +182,9 @@
$DB->query("
SELECT TreePosition
FROM invite_tree
WHERE TreePosition>'$InviterTreePosition'
AND TreeLevel<='$TreeLevel'
AND TreeID='$TreeID'
WHERE TreePosition > '$InviterTreePosition'
AND TreeLevel <= '$TreeLevel'
AND TreeID = '$TreeID'
ORDER BY TreePosition
LIMIT 1");
list($TreePosition) = $DB->next_record();
@ -167,14 +192,14 @@
if ($TreePosition) {
$DB->query("
UPDATE invite_tree
SET TreePosition=TreePosition+1
WHERE TreeID='$TreeID'
AND TreePosition>='$TreePosition'");
SET TreePosition = TreePosition + 1
WHERE TreeID = '$TreeID'
AND TreePosition >= '$TreePosition'");
} else {
$DB->query("
SELECT TreePosition+1
SELECT TreePosition + 1
FROM invite_tree
WHERE TreeID='$TreeID'
WHERE TreeID = '$TreeID'
ORDER BY TreePosition DESC
LIMIT 1");
list($TreePosition) = $DB->next_record();
@ -183,8 +208,10 @@
// Create invite tree record
$DB->query("
INSERT INTO invite_tree (UserID, InviterID, TreePosition, TreeID, TreeLevel)
VALUES ('$UserID', '$InviterID', '$TreePosition', '$TreeID', '$TreeLevel')");
INSERT INTO invite_tree
(UserID, InviterID, TreePosition, TreeID, TreeLevel)
VALUES
('$UserID', '$InviterID', '$TreePosition', '$TreeID', '$TreeLevel')");
}
} else { // No inviter (open registration)
$DB->query("SELECT MAX(TreeID) FROM invite_tree");

28
sections/register/step1.php
View File

@ -27,29 +27,43 @@
</tr>
<tr valign="top">
<td align="right">Email&nbsp;</td>
<td align="left"><input type="text" name="email" id="email" class="inputtext" value="<?=(!empty($_REQUEST['email']) ? display_str($_REQUEST['email']) : (!empty($InviteEmail) ? display_str($InviteEmail) : ''))?>" /></td>
<td align="left">
<input type="text" name="email" id="email" class="inputtext" value="<?=(!empty($_REQUEST['email']) ? display_str($_REQUEST['email']) : (!empty($InviteEmail) ? display_str($InviteEmail) : ''))?>" />
</td>
</tr>
<tr valign="top">
<td align="right">Password&nbsp;</td>
<td align="left"><input type="password" name="password" id="new_pass_1" class="inputtext" /> <strong id="pass_strength"></strong></td>
<td align="left">
<input type="password" name="password" id="new_pass_1" class="inputtext" /> <strong id="pass_strength"></strong>
</td>
</tr>
<tr valign="top">
<td align="right">Verify Password&nbsp;</td>
<td align="left"><input type="password" name="confirm_password" id="new_pass_2" class="inputtext" /> <strong id="pass_match"></strong>
<td align="right">Verify password&nbsp;</td>
<td align="left">
<input type="password" name="confirm_password" id="new_pass_2" class="inputtext" /> <strong id="pass_match"></strong>
<p>A strong password is 8 characters or longer, contains at least 1 lowercase and uppercase letter, and contains at least a number or a symbol.</p>
</td>
</tr>
<tr valign="top">
<td></td>
<td align="left"><input type="checkbox" name="readrules" id="readrules" value="1"<? if (!empty($_REQUEST['readrules'])) { ?> checked="checked"<? } ?> /> <label for="readrules">I will read the rules.</label></td>
<td align="left">
<input type="checkbox" name="readrules" id="readrules" value="1"<? if (!empty($_REQUEST['readrules'])) { ?> checked="checked"<? } ?> />
<label for="readrules">I will read the rules.</label>
</td>
</tr>
<tr valign="top">
<td></td>
<td align="left"><input type="checkbox" name="readwiki" id="readwiki" value="1"<? if (!empty($_REQUEST['readwiki'])) { ?> checked="checked"<? } ?> /> <label for="readwiki">I will read the wiki.</label></td>
<td align="left">
<input type="checkbox" name="readwiki" id="readwiki" value="1"<? if (!empty($_REQUEST['readwiki'])) { ?> checked="checked"<? } ?> />
<label for="readwiki">I will read the wiki.</label>
</td>
</tr>
<tr valign="top">
<td></td>
<td align="left"><input type="checkbox" name="agereq" id="agereq" value="1"<? if (!empty($_REQUEST['agereq'])) { ?> checked="checked"<? } ?> /> <label for="agereq">I am 13 years of age or older.</label></td>
<td align="left">
<input type="checkbox" name="agereq" id="agereq" value="1"<? if (!empty($_REQUEST['agereq'])) { ?> checked="checked"<? } ?> />
<label for="agereq">I am 13 years of age or older.</label>
</td>
</tr>
<tr>
<td colspan="2" height="10"></td>

7
sections/tools/misc/create_user.php
View File

@ -12,12 +12,13 @@
authorize();
//Create variables for all the fields
$Username = $_POST['Username'];
$Email = $_POST['Email'];
$Username = trim($_POST['Username']);
$Email = trim($_POST['Email']);
$Password = $_POST['Password'];
//Make sure all the fields are filled in
if (!empty($Username) && !empty($Email) && !empty($Password)) {
//Don't allow a username of "0" or "1" because of PHP's type juggling
if (!empty($Username) && !empty($Email) && !empty($Password) && $Username != '0' && $Username != '1') {
//Create hashes...
$Secret = Users::make_secret();

2
sections/torrents/details.php
View File

@ -681,7 +681,7 @@ function filelist($Str) {
<? }
}
if (($Seeders === 0 &&$LastActive != '0000-00-00 00:00:00' && time() - strtotime($LastActive) >= 345678 && time() - strtotime($LastReseedRequest) >= 864000) || check_perms("users_mod")) { ?>
if (($Seeders === 0 &&$LastActive != '0000-00-00 00:00:00' && time() - strtotime($LastActive) >= 345678 && time() - strtotime($LastReseedRequest) >= 864000) || check_perms('users_mod')) { ?>
<br /><a href="torrents.php?action=reseed&amp;torrentid=<?=$TorrentID?>&amp;groupid=<?=$GroupID?>" class="brackets">Request re-seed</a>
<? }

30
sections/torrents/reseed.php
View File

@ -6,10 +6,13 @@
error(0);
}
$DB->query("SELECT last_action, LastReseedRequest, UserID, Time FROM torrents WHERE ID='$TorrentID'");
$DB->query("
SELECT last_action, LastReseedRequest, UserID, Time
FROM torrents
WHERE ID='$TorrentID'");
list($LastActive, $LastReseedRequest, $UploaderID, $UploadedTime) = $DB->next_record();
if(!check_perms("users_mod")) {
if (!check_perms('users_mod')) {
if (time() - strtotime($LastReseedRequest) < 864000) {
error('There was already a re-seed request for this torrent within the past 10 days.');
}
@ -18,23 +21,34 @@
}
}
$DB->query("UPDATE torrents SET LastReseedRequest=NOW() WHERE ID='$TorrentID'");
$DB->query("
UPDATE torrents
SET LastReseedRequest=NOW()
WHERE ID='$TorrentID'");
$Group = Torrents::get_groups(array($GroupID));
$Group = array_pop($Group['matches']);
extract(Torrents::array_group($Group));
$Name = '';
$Name .= Artists::display_artists(array('1'=>$Artists), false, true);
$Name .= Artists::display_artists(array('1' => $Artists), false, true);
$Name .= $GroupName;
$DB->query("SELECT uid, tstamp FROM xbt_snatched WHERE fid='$TorrentID' ORDER BY tstamp DESC LIMIT 10");
$DB->query("
SELECT uid, tstamp
FROM xbt_snatched
WHERE fid='$TorrentID'
ORDER BY tstamp DESC
LIMIT 10");
if ($DB->record_count() > 0) {
$Users = $DB->to_array();
foreach ($Users as $User) {
$UserID = $User['uid'];
$DB->query("SELECT UserID FROM top_snatchers WHERE UserID='$UserID'");
$DB->query("
SELECT UserID
FROM top_snatchers
WHERE UserID='$UserID'");
if ($DB->record_count() > 0) {
continue;
}
@ -44,7 +58,7 @@
$TimeStamp = $User['tstamp'];
$Request = "Hi $Username,
The user [url=https://".SSL_SITE_URL."/user.php?id=$LoggedUser[ID]]$LoggedUser[Username][/url] has requested a re-seed for the torrent [url=https://".SSL_SITE_URL."/torrents.php?id=$GroupID&torrentid=$TorrentID]".$Name."[/url], which you snatched on ".date('M d Y', $TimeStamp).". The torrent is now un-seeded, and we need your help to resurrect it!
The user [url=https://".SSL_SITE_URL."/user.php?id=$LoggedUser[ID]]$LoggedUser[Username][/url] has requested a re-seed for the torrent [url=https://".SSL_SITE_URL."/torrents.php?id=$GroupID&torrentid=$TorrentID]{$Name}[/url], which you snatched on ".date('M d Y', $TimeStamp).". The torrent is now un-seeded, and we need your help to resurrect it!
The exact process for re-seeding a torrent is slightly different for each client, but the concept is the same. The idea is to download the .torrent file and open it in your client, and point your client to the location where the data files are, then initiate a hash check.
@ -59,7 +73,7 @@
$Request = "Hi $Username,
The user [url=https://".SSL_SITE_URL."/user.php?id=$LoggedUser[ID]]$LoggedUser[Username][/url] has requested a re-seed for the torrent [url=https://".SSL_SITE_URL."/torrents.php?id=$GroupID&torrentid=$TorrentID]".$Name."[/url], which you uploaded on ".date('M d Y', strtotime($UploadedTime)).". The torrent is now un-seeded, and we need your help to resurrect it!
The user [url=https://".SSL_SITE_URL."/user.php?id=$LoggedUser[ID]]$LoggedUser[Username][/url] has requested a re-seed for the torrent [url=https://".SSL_SITE_URL."/torrents.php?id=$GroupID&torrentid=$TorrentID]{$Name}[/url], which you uploaded on ".date('M d Y', strtotime($UploadedTime)).". The torrent is now un-seeded, and we need your help to resurrect it!
The exact process for re-seeding a torrent is slightly different for each client, but the concept is the same. The idea is to download the .torrent file and open it in your client, and point your client to the location where the data files are, then initiate a hash check.