Mirror/Gazelle
1
0
Fork 0
mirror of https://github.com/WhatCD/Gazelle.git synced 2024-12-13 02:46:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Empty commit

Browse Source
This commit is contained in:
Git 2013-05-05 08:00:31 +00:00
parent 68fa26b2db
commit d002af2f86
76 changed files with 1504 additions and 959 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
classes/class_mass_user_torrents_table_view.php
View File

@ -226,10 +226,10 @@ public function row ($Sort, $GroupID, $GroupYear, $DisplayName, $TorrentLink, $D
<input class="sort_numbers" type="text" name="sort[<?=$GroupID?>]" value="<?=$Sort?>" id="sort_<?=$GroupID?>" size="4" />
</td>
<td><?=$this->NumGroups?></td>
<td><?=$GroupYear?trim($GroupYear):' '?></td>
<td><?=$DisplayName?trim($DisplayName):' '?></td>
<td><?=$TorrentLink?trim($TorrentLink):' '?></td>
<td class="nobr" title="<?=$DateAdded?>"><?=$DateAdded?time_diff($DateAdded):' '?></td>
<td><?=$GroupYear ? trim($GroupYear) : ' '?></td>
<td><?=$DisplayName ? trim($DisplayName) : ' '?></td>
<td><?=$TorrentLink ? trim($TorrentLink) : ' '?></td>
<td class="nobr" title="<?=$DateAdded?>"><?=$DateAdded ? time_diff($DateAdded) : ' '?></td>
<td class="center"><input type="checkbox" name="remove[<?=$GroupID?>]" value="" /></td>
</tr>
<?
@ -246,13 +246,15 @@ public function row ($Sort, $GroupID, $GroupYear, $DisplayName, $TorrentLink, $D
static public function display_name (array &$ExtendedArtists, array &$Artists, $VanityHouse) {
$DisplayName = '';
if (!empty($ExtendedArtists[1]) || !empty($ExtendedArtists[4])
|| !empty($ExtendedArtists[5]) || !empty($ExtendedArtists[6])) {
|| !empty($ExtendedArtists[5]) || !empty($ExtendedArtists[6])) {
unset($ExtendedArtists[2], $ExtendedArtists[3]);
$DisplayName = Artists::display_artists($ExtendedArtists, true, false);
} elseif (count($Artists) > 0) {
$DisplayName = Artists::display_artists(array('1'=>$Artists), true, false);
}
if ($VanityHouse) $DisplayName .= ' [<abbr title="This is a vanity house release">VH</abbr>]';
if ($VanityHouse) {
$DisplayName .= ' [<abbr title="This is a Vanity House release">VH</abbr>]';
}
return $DisplayName;
}

4
classes/permissions_form.php
View File

@ -63,7 +63,7 @@
'users_give_donor' => 'Can give donor access.',
'users_warn' => 'Can warn users.',
'users_disable_users' => 'Can disable users.',
'users_disable_posts' => 'Can disable users\' posting rights.',
'users_disable_posts' => 'Can disable users\' posting privileges.',
'users_disable_any' => 'Can disable any users\' rights.',
'users_delete_users' => 'Can delete users.',
'users_view_invites' => 'Can view who user has invited.',
@ -193,7 +193,7 @@ function permissions_form() { ?>
<? display_perm('users_give_donor', 'Can give donor access.'); ?>
<? display_perm('users_warn', 'Can warn users.'); ?>
<? display_perm('users_disable_users', 'Can disable users.'); ?>
<? display_perm('users_disable_posts', 'Can disable users\' posting rights.'); ?>
<? display_perm('users_disable_posts', 'Can disable users\' posting privileges.'); ?>
<? display_perm('users_disable_any', 'Can disable any users\' rights.'); ?>
<? display_perm('users_delete_users', 'Can delete anyone\'s account'); ?>
<? display_perm('users_view_invites', 'Can view who user has invited'); ?>

35
sections/ajax/announcements.php
View File

@ -1,20 +1,19 @@
<?
include(SERVER_ROOT.'/classes/class_text.php');
$Text = new TEXT;
if (!$News = $Cache->get_value('news')) {
$DB->query("SELECT
ID,
Title,
Body,
Time
$DB->query("
SELECT
ID,
Title,
Body,
Time
FROM news
ORDER BY Time DESC
LIMIT 5");
$News = $DB->to_array(false,MYSQLI_NUM,false);
$Cache->cache_value('news',$News,3600*24*30);
$Cache->cache_value('news',$News,3600 * 24 * 30);
$Cache->cache_value('news_latest_id', $News[0][0], 0);
}
@ -26,15 +25,17 @@
$LoggedUser['LastReadNews'] = $News[0][0];
}
if(($Blog = $Cache->get_value('blog')) === false) {
$DB->query("SELECT
b.ID,
um.Username,
b.Title,
b.Body,
b.Time,
b.ThreadID
FROM blog AS b LEFT JOIN users_main AS um ON b.UserID=um.ID
if (($Blog = $Cache->get_value('blog')) === false) {
$DB->query("
SELECT
b.ID,
um.Username,
b.Title,
b.Body,
b.Time,
b.ThreadID
FROM blog AS b
LEFT JOIN users_main AS um ON b.UserID=um.ID
ORDER BY Time DESC
LIMIT 20");
$Blog = $DB->to_array();

15
sections/ajax/better/single.php
View File

@ -1,16 +1,19 @@
<?
if(($GroupIDs = $Cache->get_value('better_single_groupids')) === false) {
$DB->query("SELECT t.ID AS TorrentID,
if (($GroupIDs = $Cache->get_value('better_single_groupids')) === false) {
$DB->query("
SELECT
t.ID AS TorrentID,
t.GroupID AS GroupID
FROM xbt_files_users AS x
JOIN torrents AS t ON t.ID=x.fid
WHERE t.Format='FLAC'
GROUP BY x.fid
HAVING COUNT(x.uid) = 1
ORDER BY t.LogScore DESC, t.Time ASC LIMIT 30");
HAVING COUNT(x.uid) = 1
ORDER BY t.LogScore DESC, t.Time ASC
LIMIT 30");
$GroupIDs = $DB->to_array('GroupID');
$Cache->cache_value('better_single_groupids', $GroupIDs, 30*60);
$Cache->cache_value('better_single_groupids', $GroupIDs, 30 * 60);
}
$Results = Torrents::get_groups(array_keys($GroupIDs));
@ -23,7 +26,7 @@
$FlacID = $GroupIDs[$GroupID]['TorrentID'];
$JsonArtists = array();
if(count($Artists)>0) {
if (count($Artists) > 0) {
foreach ($Artists as $Artist) {
$JsonArtists[] = array(
'id' => (int) $Artist['id'],

6
sections/ajax/better/transcode.php
View File

@ -1,5 +1,5 @@
<?
if(!isset($_GET['type']) || !is_number($_GET['type']) || $_GET['type'] > 3) {
if (!isset($_GET['type']) || !is_number($_GET['type']) || $_GET['type'] > 3) {
error(0);
}
@ -11,7 +11,7 @@
$List = "!(v0 | v2 | 320)";
} else {
$List = '!'.$Options[$_GET['type']];
if($_GET['type'] == 0) {
if ($_GET['type'] == 0) {
$_GET['type'] = '0';
} else {
$_GET['type'] = display_str($_GET['type']);
@ -25,7 +25,7 @@
->where_match($List, 'encoding', false)
->order_by('RAND()')
->limit(0, TORRENTS_PER_PAGE, TORRENTS_PER_PAGE);
if(!empty($_GET['search'])) {
if (!empty($_GET['search'])) {
$SphQL->where_match($_GET['search'], '(groupname,artistname,year,taglist)');
}

13
sections/ajax/bookmarks/artists.php
View File

@ -1,7 +1,7 @@
<?
if(!empty($_GET['userid'])) {
if(!check_perms('users_override_paranoia')) {
if (!empty($_GET['userid'])) {
if (!check_perms('users_override_paranoia')) {
print
json_encode(
array(
@ -12,7 +12,7 @@
}
$UserID = $_GET['userid'];
$Sneaky = ($UserID != $LoggedUser['ID']);
if(!is_number($UserID)) {
if (!is_number($UserID)) {
print
json_encode(
array(
@ -31,15 +31,16 @@
//$ArtistList = Bookmarks::all_bookmarks('artist', $UserID);
$DB->query('SELECT ag.ArtistID, ag.Name
$DB->query('
SELECT ag.ArtistID, ag.Name
FROM bookmarks_artists AS ba
INNER JOIN artists_group AS ag ON ba.ArtistID = ag.ArtistID
INNER JOIN artists_group AS ag ON ba.ArtistID = ag.ArtistID
WHERE ba.UserID = '.$UserID);
$ArtistList = $DB->to_array();
$JsonArtists = array();
foreach($ArtistList as $Artist) {
foreach ($ArtistList as $Artist) {
list($ArtistID, $Name) = $Artist;
$JsonArtists[] = array(
'artistId' => (int) $ArtistID,

2
sections/ajax/checkprivate.php
View File

@ -9,7 +9,7 @@
}
$DB->query("SELECT File FROM torrents_files WHERE TorrentID='$TorrentID'");
if($DB->record_count() == 0) {
if ($DB->record_count() == 0) {
echo('Torrent not found.');
die();
}

70
sections/ajax/forum/index.php
View File

@ -21,34 +21,35 @@
}
//This variable contains all our lovely forum data
if(!$Forums = $Cache->get_value('forums_list')) {
$DB->query("SELECT
f.ID,
f.CategoryID,
f.Name,
f.Description,
f.MinClassRead,
f.MinClassWrite,
f.MinClassCreate,
f.NumTopics,
f.NumPosts,
f.LastPostID,
f.LastPostAuthorID,
f.LastPostTopicID,
f.LastPostTime,
COUNT(sr.ThreadID) AS SpecificRules,
t.Title,
t.IsLocked,
t.IsSticky
if (!$Forums = $Cache->get_value('forums_list')) {
$DB->query("
SELECT
f.ID,
f.CategoryID,
f.Name,
f.Description,
f.MinClassRead,
f.MinClassWrite,
f.MinClassCreate,
f.NumTopics,
f.NumPosts,
f.LastPostID,
f.LastPostAuthorID,
f.LastPostTopicID,
f.LastPostTime,
COUNT(sr.ThreadID) AS SpecificRules,
t.Title,
t.IsLocked,
t.IsSticky
FROM forums AS f
JOIN forums_categories AS fc ON fc.ID = f.CategoryID
LEFT JOIN forums_topics as t ON t.ID = f.LastPostTopicID
LEFT JOIN forums_specific_rules AS sr ON sr.ForumID = f.ID
JOIN forums_categories AS fc ON fc.ID = f.CategoryID
LEFT JOIN forums_topics as t ON t.ID = f.LastPostTopicID
LEFT JOIN forums_specific_rules AS sr ON sr.ForumID = f.ID
GROUP BY f.ID
ORDER BY fc.Sort, fc.Name, f.CategoryID, f.Sort");
$Forums = $DB->to_array('ID', MYSQLI_ASSOC, false);
foreach($Forums as $ForumID => $Forum) {
if(count($Forum['SpecificRules'])) {
foreach ($Forums as $ForumID => $Forum) {
if (count($Forum['SpecificRules'])) {
$DB->query("SELECT ThreadID FROM forums_specific_rules WHERE ForumID = ".$ForumID);
$ThreadIDs = $DB->collect('ThreadID');
$Forums[$ForumID]['SpecificRules'] = $ThreadIDs;
@ -58,7 +59,7 @@
$Cache->cache_value('forums_list', $Forums, 0); //Inf cache.
}
if(empty($_GET['type']) || $_GET['type'] == 'main') {
if (empty($_GET['type']) || $_GET['type'] == 'main') {
include(SERVER_ROOT.'/sections/ajax/forum/main.php');
} else {
switch ($_GET['type']) {
@ -80,18 +81,19 @@
function get_forum_info($ForumID) {
global $DB, $Cache;
$Forum = $Cache->get_value('ForumInfo_'.$ForumID);
if(!$Forum) {
$DB->query("SELECT
Name,
MinClassRead,
MinClassWrite,
MinClassCreate,
COUNT(forums_topics.ID) AS Topics
if (!$Forum) {
$DB->query("
SELECT
Name,
MinClassRead,
MinClassWrite,
MinClassCreate,
COUNT(forums_topics.ID) AS Topics
FROM forums
LEFT JOIN forums_topics ON forums_topics.ForumID=forums.ID
LEFT JOIN forums_topics ON forums_topics.ForumID=forums.ID
WHERE forums.ID='$ForumID'
GROUP BY ForumID");
if($DB->record_count() == 0) {
if ($DB->record_count() == 0) {
return false;
}
// Makes an array, with $Forum['Name'], etc.

11
sections/ajax/giveback_report.php
View File

@ -1,15 +1,18 @@
<?
if(!check_perms('admin_reports')) {
if (!check_perms('admin_reports')) {
error(403);
}
if(!is_number($_GET['id'])) {
if (!is_number($_GET['id'])) {
error(0);
}
$DB->query("SELECT Status FROM reportsv2 WHERE ID=".$_GET['id']);
list($Status) = $DB->next_record();
if(isset($Status)) {
$DB->query("UPDATE reportsv2 SET Status='New', ResolverID = 0 WHERE ID=".$_GET['id']);
if (isset($Status)) {
$DB->query("
UPDATE reportsv2
SET Status='New', ResolverID = 0
WHERE ID=".$_GET['id']);
}
?>

14
sections/ajax/grab_report.php
View File

@ -1,16 +1,20 @@
<?
if(!check_perms('admin_reports')) {
if (!check_perms('admin_reports')) {
error(403);
}
if(!is_number($_GET['id'])) {
if (!is_number($_GET['id'])) {
error(0);
}
$DB->query("UPDATE reportsv2 SET Status='New' WHERE ID=".$_GET['id']." AND Status <> 'Resolved'");
if($DB->affected_rows() > 0) {
$DB->query("
UPDATE reportsv2
SET Status='New'
WHERE ID=".$_GET['id']."
AND Status <> 'Resolved'");
if ($DB->affected_rows() > 0) {
//Win
} else {
echo 'You just tried to grab a resolved or non existent report!';
echo 'You just tried to grab a resolved or non-existent report!';
}
?>

66
sections/ajax/inbox/inbox.php
View File

@ -4,11 +4,12 @@
$UserID = $LoggedUser['ID'];
if(empty($_GET['type'])) { $Section = 'inbox'; }
else {
if (empty($_GET['type'])) {
$Section = 'inbox';
} else {
$Section = $_GET['type']; // either 'inbox' or 'sentbox'
}
if(!in_array($Section, array('inbox', 'sentbox'))) {
if (!in_array($Section, array('inbox', 'sentbox'))) {
print
json_encode(
array(
@ -22,45 +23,46 @@
$Sort = empty($_GET['sort']) || $_GET['sort'] != "unread" ? "Date DESC" : "cu.Unread = '1' DESC, DATE DESC";
$sql = "SELECT
SQL_CALC_FOUND_ROWS
c.ID,
c.Subject,
cu.Unread,
cu.Sticky,
cu.ForwardedTo,
um2.Username AS ForwardedName,
cu2.UserID,
um.Username,
ui.Donor,
ui.Warned,
um.Enabled,";
$sql = "
SELECT
SQL_CALC_FOUND_ROWS
c.ID,
c.Subject,
cu.Unread,
cu.Sticky,
cu.ForwardedTo,
um2.Username AS ForwardedName,
cu2.UserID,
um.Username,
ui.Donor,
ui.Warned,
um.Enabled,";
$sql .= ($Section == 'sentbox')? ' cu.SentDate ' : ' cu.ReceivedDate ';
$sql .= "AS Date
FROM pm_conversations AS c
LEFT JOIN pm_conversations_users AS cu ON cu.ConvID=c.ID AND cu.UserID='$UserID'
LEFT JOIN pm_conversations_users AS cu2 ON cu2.ConvID=c.ID AND cu2.UserID!='$UserID' AND cu2.ForwardedTo=0
LEFT JOIN users_main AS um ON um.ID=cu2.UserID
LEFT JOIN users_info AS ui ON ui.UserID=um.ID
LEFT JOIN users_main AS um2 ON um2.ID=cu.ForwardedTo";
LEFT JOIN pm_conversations_users AS cu ON cu.ConvID=c.ID AND cu.UserID='$UserID'
LEFT JOIN pm_conversations_users AS cu2 ON cu2.ConvID=c.ID AND cu2.UserID!='$UserID' AND cu2.ForwardedTo=0
LEFT JOIN users_main AS um ON um.ID=cu2.UserID
LEFT JOIN users_info AS ui ON ui.UserID=um.ID
LEFT JOIN users_main AS um2 ON um2.ID=cu.ForwardedTo";
if(!empty($_GET['search']) && $_GET['searchtype'] == "message") {
if (!empty($_GET['search']) && $_GET['searchtype'] == "message") {
$sql .= " JOIN pm_messages AS m ON c.ID=m.ConvID";
}
$sql .= " WHERE ";
if(!empty($_GET['search'])) {
if (!empty($_GET['search'])) {
$Search = db_string($_GET['search']);
if($_GET['searchtype'] == "user") {
if ($_GET['searchtype'] == "user") {
$sql .= "um.Username LIKE '".$Search."' AND ";
} elseif($_GET['searchtype'] == "subject") {
} elseif ($_GET['searchtype'] == "subject") {
$Words = explode(' ', $Search);
$sql .= "c.Subject LIKE '%".implode("%' AND c.Subject LIKE '%", $Words)."%' AND ";
} elseif($_GET['searchtype'] == "message") {
} elseif ($_GET['searchtype'] == "message") {
$Words = explode(' ', $Search);
$sql .= "m.Body LIKE '%".implode("%' AND m.Body LIKE '%", $Words)."%' AND ";
}
}
$sql .= ($Section == 'sentbox')? ' cu.InSentbox' : ' cu.InInbox';
$sql .= ($Section == 'sentbox') ? ' cu.InSentbox' : ' cu.InInbox';
$sql .="='1'";
$sql .=" GROUP BY c.ID
@ -71,16 +73,16 @@
$DB->set_query_id($Results);
$CurURL = Format::get_url(array('sort'));
if(empty($CurURL)) {
if (empty($CurURL)) {
$CurURL = "inbox.php?";
} else {
$CurURL = "inbox.php?".$CurURL."&";
}
$Pages=Format::get_pages($Page,$NumResults,MESSAGES_PER_PAGE,9);
$Pages = Format::get_pages($Page,$NumResults,MESSAGES_PER_PAGE,9);
$JsonMessages = array();
while(list($ConvID, $Subject, $Unread, $Sticky, $ForwardedID, $ForwardedName, $SenderID, $Username, $Donor, $Warned, $Enabled, $Date) = $DB->next_record()) {
while (list($ConvID, $Subject, $Unread, $Sticky, $ForwardedID, $ForwardedName, $SenderID, $Username, $Donor, $Warned, $Enabled, $Date) = $DB->next_record()) {
$JsonMessage = array(
'convId' => (int) $ConvID,
'subject' => $Subject,
@ -104,9 +106,9 @@
'status' => 'success',
'response' => array(
'currentPage' => (int) $Page,
'pages' => ceil($NumResults/MESSAGES_PER_PAGE),
'pages' => ceil($NumResults / MESSAGES_PER_PAGE),
'messages' => $JsonMessages
)
)
);
?>
?>

55
sections/ajax/inbox/viewconv.php
View File

@ -3,7 +3,7 @@
$Text = new TEXT;
$ConvID = $_GET['id'];
if(!$ConvID || !is_number($ConvID)) {
if (!$ConvID || !is_number($ConvID)) {
print json_encode(array('status' => 'failure'));
die();
}
@ -11,8 +11,12 @@
$UserID = $LoggedUser['ID'];
$DB->query("SELECT InInbox, InSentbox FROM pm_conversations_users WHERE UserID='$UserID' AND ConvID='$ConvID'");
if($DB->record_count() == 0) {
$DB->query("
SELECT InInbox, InSentbox
FROM pm_conversations_users
WHERE UserID='$UserID'
AND ConvID='$ConvID'");
if ($DB->record_count() == 0) {
print json_encode(array('status' => 'failure'));
die();
}
@ -27,24 +31,27 @@
}
// Get information on the conversation
$DB->query("SELECT
c.Subject,
cu.Sticky,
cu.UnRead,
cu.ForwardedTo,
um.Username
$DB->query("
SELECT
c.Subject,
cu.Sticky,
cu.UnRead,
cu.ForwardedTo,
um.Username
FROM pm_conversations AS c
JOIN pm_conversations_users AS cu ON c.ID=cu.ConvID
LEFT JOIN users_main AS um ON um.ID=cu.ForwardedTo
WHERE c.ID='$ConvID' AND UserID='$UserID'");
JOIN pm_conversations_users AS cu ON c.ID=cu.ConvID
LEFT JOIN users_main AS um ON um.ID=cu.ForwardedTo
WHERE c.ID='$ConvID'
AND UserID='$UserID'");
list($Subject, $Sticky, $UnRead, $ForwardedID, $ForwardedName) = $DB->next_record();
$DB->query("SELECT um.ID, Username
$DB->query("
SELECT um.ID, Username
FROM pm_messages AS pm
JOIN users_main AS um ON um.ID=pm.SenderID
JOIN users_main AS um ON um.ID=pm.SenderID
WHERE pm.ConvID='$ConvID'");
while(list($PMUserID, $Username) = $DB->next_record()) {
while (list($PMUserID, $Username) = $DB->next_record()) {
$PMUserID = (int)$PMUserID;
$Users[$PMUserID]['UserStr'] = Users::format_username($PMUserID, true, true, true, true);
$Users[$PMUserID]['Username'] = $Username;
@ -54,18 +61,26 @@
if($UnRead=='1') {
if ($UnRead == '1') {
$DB->query("UPDATE pm_conversations_users SET UnRead='0' WHERE ConvID='$ConvID' AND UserID='$UserID'");
$DB->query("
UPDATE pm_conversations_users
SET UnRead='0'
WHERE ConvID='$ConvID'
AND UserID='$UserID'");
// Clear the caches of the inbox and sentbox
$Cache->decrement('inbox_new_'.$UserID);
}
// Get messages
$DB->query("SELECT SentDate, SenderID, Body, ID FROM pm_messages AS m WHERE ConvID='$ConvID' ORDER BY ID");
$DB->query("
SELECT SentDate, SenderID, Body, ID
FROM pm_messages AS m
WHERE ConvID='$ConvID'
ORDER BY ID");
$JsonMessages = array();
while(list($SentDate, $SenderID, $Body, $MessageID) = $DB->next_record()) {
while (list($SentDate, $SenderID, $Body, $MessageID) = $DB->next_record()) {
$JsonMessage = array(
'messageId' => (int) $MessageID,
'senderId' => (int) $SenderID,
@ -83,7 +98,7 @@
'status' => 'success',
'response' => array(
'convId' => (int) $ConvID,
'subject' => $Subject.($ForwardedID > 0 ? ' (Forwarded to '.$ForwardedName.')':''),
'subject' => $Subject.($ForwardedID > 0 ? " (Forwarded to $ForwardedName)" : ''),
'sticky' => $Sticky == 1,
'messages' => $JsonMessages
)

44
sections/ajax/notifications.php
View File

@ -1,32 +1,40 @@
<?
if(!check_perms('site_torrents_notify')) {
if (!check_perms('site_torrents_notify')) {
json_die("failure");
}
define('NOTIFICATIONS_PER_PAGE', 50);
list($Page,$Limit) = Format::page_limit(NOTIFICATIONS_PER_PAGE);
$Results = $DB->query("SELECT SQL_CALC_FOUND_ROWS unt.TorrentID, unt.UnRead, unt.FilterID, unf.Label, t.GroupID
$Results = $DB->query("
SELECT SQL_CALC_FOUND_ROWS
unt.TorrentID,
unt.UnRead,
unt.FilterID,
unf.Label,
t.GroupID
FROM users_notify_torrents AS unt
JOIN torrents AS t ON t.ID = unt.TorrentID
LEFT JOIN users_notify_filters AS unf ON unf.ID = unt.FilterID
JOIN torrents AS t ON t.ID = unt.TorrentID
LEFT JOIN users_notify_filters AS unf ON unf.ID = unt.FilterID
WHERE unt.UserID=$LoggedUser[ID]".
((!empty($_GET['filterid']) && is_number($_GET['filterid']))
? " AND unf.ID='$_GET[filterid]'"
: "")."
ORDER BY TorrentID DESC LIMIT $Limit");
: '')."
ORDER BY TorrentID DESC
LIMIT $Limit");
$GroupIDs = array_unique($DB->collect('GroupID'));
$DB->query('SELECT FOUND_ROWS()');
list($TorrentCount) = $DB->next_record();
if(count($GroupIDs)) {
if (count($GroupIDs)) {
$TorrentGroups = Torrents::get_groups($GroupIDs);
$TorrentGroups = $TorrentGroups['matches'];
$DB->query("UPDATE users_notify_torrents SET UnRead='0' WHERE UserID=".$LoggedUser['ID']);
$DB->query("
UPDATE users_notify_torrents
SET UnRead='0'
WHERE UserID=".$LoggedUser['ID']);
$Cache->delete_value('notifications_new_'.$LoggedUser['ID']);
}
@ -36,11 +44,11 @@
$NumNew = 0;
$FilterGroups = array();
while($Result = $DB->next_record(MYSQLI_ASSOC)) {
if(!$Result['FilterID']) {
while ($Result = $DB->next_record(MYSQLI_ASSOC)) {
if (!$Result['FilterID']) {
$Result['FilterID'] = 0;
}
if(!isset($FilterGroups[$Result['FilterID']])) {
if (!isset($FilterGroups[$Result['FilterID']])) {
$FilterGroups[$Result['FilterID']] = array();
$FilterGroups[$Result['FilterID']]['FilterLabel'] = $Result['Label'] ? $Result['Label'] : false;
}
@ -48,9 +56,9 @@
}
unset($Result);
foreach($FilterGroups as $FilterID => $FilterResults) {
foreach ($FilterGroups as $FilterID => $FilterResults) {
unset($FilterResults['FilterLabel']);
foreach($FilterResults as $Result) {
foreach ($FilterResults as $Result) {
$TorrentID = $Result['TorrentID'];
// $GroupID = $Result['GroupID'];
@ -58,7 +66,9 @@
extract(Torrents::array_group($GroupInfo)); // all group data
$TorrentInfo = $GroupInfo['Torrents'][$TorrentID];
if ($Result['UnRead'] == 1) $NumNew++;
if ($Result['UnRead'] == 1) {
$NumNew++;
}
$JsonNotifications[] = array(
'torrentId' => (int) $TorrentID,
@ -95,4 +105,4 @@
'pages' => ceil($TorrentCount / NOTIFICATIONS_PER_PAGE),
'numNew' => $NumNew,
'results' => $JsonNotifications
));
));

2
sections/ajax/preview.php
View File

@ -4,7 +4,7 @@
include(SERVER_ROOT.'/classes/class_text.php'); // Text formatting class
$Text = new TEXT(true);
if(!empty($_POST['AdminComment'])) {
if (!empty($_POST['AdminComment'])) {
echo $Text->full_format($_POST['AdminComment']);
} else {
$Content = $_REQUEST['body']; // Don't use URL decode.

4
sections/ajax/request.php
View File

@ -16,7 +16,7 @@
include(SERVER_ROOT.'/classes/class_text.php');
$Text = new TEXT;
if(empty($_GET['id']) || !is_number($_GET['id'])) {
if (empty($_GET['id']) || !is_number($_GET['id'])) {
json_die("failure");
}
@ -26,7 +26,7 @@
$Request = Requests::get_requests(array($RequestID));
$Request = $Request['matches'][$RequestID];
if(empty($Request)) {
if (empty($Request)) {
json_die("failure");
}

10
sections/ajax/requests.php
View File

@ -43,7 +43,7 @@
}
break;
case 'filled':
if(empty($_GET['userid']) || !is_number($_GET['userid'])) {
if (empty($_GET['userid']) || !is_number($_GET['userid'])) {
json_die("failure");
} else {
if (!check_paranoia('requestsfilled_list', $UserInfo['Paranoia'], $Perms['Class'], $_GET['userid'])) {
@ -314,13 +314,13 @@
$VoteCount = count($RequestVotes['Voters']);
if ($CategoryID == 0) {
$CategoryName = "Unknown";
$CategoryName = 'Unknown';
} else {
$CategoryName = $Categories[$CategoryID - 1];
}
$JsonArtists = array();
if ($CategoryName == "Music") {
if ($CategoryName == 'Music') {
$ArtistForm = get_request_artists($RequestID);
$JsonArtists = array_values($ArtistForm);
}
@ -350,9 +350,9 @@
'logCue' => $LogCue,
'isFilled' => ($TorrentID > 0),
'fillerId' => (int) $FillerID,
'fillerName' => $FillerName == 0 ? "" : $FillerName,
'fillerName' => $FillerName == 0 ? '' : $FillerName,
'torrentId' => (int) $TorrentID,
'timeFilled' => $TimeFilled == 0 ? "" : $TimeFilled
'timeFilled' => $TimeFilled == 0 ? '' : $TimeFilled
);
}
json_die("success", array(

2
sections/ajax/stats.php
View File

@ -1,5 +1,5 @@
<?
if(in_array($_GET['stat'], array('inbox', 'uploads', 'bookmarks', 'notifications', 'subscriptions', 'comments', 'friends'))) {
if (in_array($_GET['stat'], array('inbox', 'uploads', 'bookmarks', 'notifications', 'subscriptions', 'comments', 'friends'))) {
$Cache->begin_transaction('stats_links');
$Cache->update_row(false, array($_GET['stat'] => '+1'));
$Cache->commit_transaction(0);

36
sections/ajax/tcomments.php
View File

@ -7,17 +7,22 @@
$GroupID=ceil($_GET['id']);
$Results = $Cache->get_value('torrent_comments_'.$GroupID);
if($Results === false) {
$DB->query("SELECT
if ($Results === false) {
$DB->query("
SELECT
COUNT(c.ID)
FROM torrents_comments as c
WHERE c.GroupID = '$GroupID'");
FROM torrents_comments as c
WHERE c.GroupID = '$GroupID'");
list($Results) = $DB->next_record();
$Cache->cache_value('torrent_comments_'.$GroupID, $Results, 0);
}
if(isset($_GET['postid']) && is_number($_GET['postid']) && $Results > TORRENT_COMMENTS_PER_PAGE) {
$DB->query("SELECT COUNT(ID) FROM torrents_comments WHERE GroupID = $GroupID AND ID <= $_GET[postid]");
if (isset($_GET['postid']) && is_number($_GET['postid']) && $Results > TORRENT_COMMENTS_PER_PAGE) {
$DB->query("
SELECT COUNT(ID)
FROM torrents_comments
WHERE GroupID = $GroupID
AND ID <= $_GET[postid]");
list($PostNum) = $DB->next_record();
list($Page,$Limit) = Format::page_limit(TORRENT_COMMENTS_PER_PAGE,$PostNum);
} else {
@ -25,15 +30,16 @@
}
//Get the cache catalogue
$CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE*$Page-TORRENT_COMMENTS_PER_PAGE)/THREAD_CATALOGUE);
$CatalogueLimit=$CatalogueID*THREAD_CATALOGUE . ', ' . THREAD_CATALOGUE;
$CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE * $Page - TORRENT_COMMENTS_PER_PAGE) / THREAD_CATALOGUE);
$CatalogueLimit = $CatalogueID * THREAD_CATALOGUE . ', ' . THREAD_CATALOGUE;
//---------- Get some data to start processing
// Cache catalogue from which the page is selected, allows block caches and future ability to specify posts per page
$Catalogue = $Cache->get_value('torrent_comments_'.$GroupID.'_catalogue_'.$CatalogueID);
if($Catalogue === false) {
$DB->query("SELECT
if ($Catalogue === false) {
$DB->query("
SELECT
c.ID,
c.AuthorID,
c.AddedTime,
@ -41,17 +47,17 @@
c.EditedUserID,
c.EditedTime,
u.Username
FROM torrents_comments as c
FROM torrents_comments as c
LEFT JOIN users_main AS u ON u.ID=c.EditedUserID
WHERE c.GroupID = '$GroupID'
ORDER BY c.ID
LIMIT $CatalogueLimit");
WHERE c.GroupID = '$GroupID'
ORDER BY c.ID
LIMIT $CatalogueLimit");
$Catalogue = $DB->to_array(false,MYSQLI_ASSOC);
$Cache->cache_value('torrent_comments_'.$GroupID.'_catalogue_'.$CatalogueID, $Catalogue, 0);
}
//This is a hybrid to reduce the catalogue down to the page elements: We use the page limit % catalogue
$Thread = array_slice($Catalogue,((TORRENT_COMMENTS_PER_PAGE*$Page-TORRENT_COMMENTS_PER_PAGE)%THREAD_CATALOGUE),TORRENT_COMMENTS_PER_PAGE,true);
$Thread = array_slice($Catalogue,((TORRENT_COMMENTS_PER_PAGE * $Page - TORRENT_COMMENTS_PER_PAGE) % THREAD_CATALOGUE),TORRENT_COMMENTS_PER_PAGE,true);
//---------- Begin printing
$JsonComments = array();

53
sections/ajax/top10/tags.php
View File

@ -2,8 +2,8 @@
// error out on invalid requests (before caching)
if(isset($_GET['details'])) {
if(in_array($_GET['details'],array('ut','ur','v'))) {
if (isset($_GET['details'])) {
if (in_array($_GET['details'],array('ut','ur','v'))) {
$Details = $_GET['details'];
} else {
print json_encode(array('status' => 'failure'));
@ -20,19 +20,20 @@
if ($Details == 'all' || $Details == 'ut') {
if (!$TopUsedTags = $Cache->get_value('topusedtag_'.$Limit)) {
$DB->query("SELECT
t.ID,
t.Name,
COUNT(tt.GroupID) AS Uses,
SUM(tt.PositiveVotes-1) AS PosVotes,
SUM(tt.NegativeVotes-1) AS NegVotes
$DB->query("
SELECT
t.ID,
t.Name,
COUNT(tt.GroupID) AS Uses,
SUM(tt.PositiveVotes-1) AS PosVotes,
SUM(tt.NegativeVotes-1) AS NegVotes
FROM tags AS t
JOIN torrents_tags AS tt ON tt.TagID=t.ID
JOIN torrents_tags AS tt ON tt.TagID=t.ID
GROUP BY tt.TagID
ORDER BY Uses DESC
LIMIT $Limit");
$TopUsedTags = $DB->to_array();
$Cache->cache_value('topusedtag_'.$Limit,$TopUsedTags,3600*12);
$Cache->cache_value('topusedtag_'.$Limit,$TopUsedTags,3600 * 12);
}
$OuterResults[] = generate_tag_json('Most Used Torrent Tags', 'ut', $TopUsedTags, $Limit);
@ -40,18 +41,19 @@
if ($Details == 'all' || $Details == 'ur') {
if (!$TopRequestTags = $Cache->get_value('toprequesttag_'.$Limit)) {
$DB->query("SELECT
t.ID,
t.Name,
COUNT(r.RequestID) AS Uses,
'',''
$DB->query("
SELECT
t.ID,
t.Name,
COUNT(r.RequestID) AS Uses,
'',''
FROM tags AS t
JOIN requests_tags AS r ON r.TagID=t.ID
JOIN requests_tags AS r ON r.TagID=t.ID
GROUP BY r.TagID
ORDER BY Uses DESC
LIMIT $Limit");
$TopRequestTags = $DB->to_array();
$Cache->cache_value('toprequesttag_'.$Limit,$TopRequestTags,3600*12);
$Cache->cache_value('toprequesttag_'.$Limit,$TopRequestTags,3600 * 12);
}
$OuterResults[] = generate_tag_json('Most Used Request Tags', 'ur', $TopRequestTags, $Limit);
@ -59,19 +61,20 @@
if ($Details == 'all' || $Details == 'v') {
if (!$TopVotedTags = $Cache->get_value('topvotedtag_'.$Limit)) {
$DB->query("SELECT
t.ID,
t.Name,
COUNT(tt.GroupID) AS Uses,
SUM(tt.PositiveVotes-1) AS PosVotes,
SUM(tt.NegativeVotes-1) AS NegVotes
$DB->query("
SELECT
t.ID,
t.Name,
COUNT(tt.GroupID) AS Uses,
SUM(tt.PositiveVotes-1) AS PosVotes,
SUM(tt.NegativeVotes-1) AS NegVotes
FROM tags AS t
JOIN torrents_tags AS tt ON tt.TagID=t.ID
JOIN torrents_tags AS tt ON tt.TagID=t.ID
GROUP BY tt.TagID
ORDER BY PosVotes DESC
LIMIT $Limit");
$TopVotedTags = $DB->to_array();
$Cache->cache_value('topvotedtag_'.$Limit,$TopVotedTags,3600*12);
$Cache->cache_value('topvotedtag_'.$Limit,$TopVotedTags,3600 * 12);
}
$OuterResults[] = generate_tag_json('Most Highly Voted Tags', 'v', $TopVotedTags, $Limit);

11
sections/api/index.php
View File

@ -2,7 +2,6 @@
$Available = array(
'access_request',
'access_state',
'user_stats_ratio',
'user_stats_torrent',
'user_stats_comumnity',
@ -25,7 +24,7 @@
$UserID = $_GET['uid'];
$App = $Cache->get_value('api_apps_'.$AppID);
if(!is_array($App)) {
if (!is_array($App)) {
if (!isset($DB)) {
require(SERVER_ROOT.'/classes/class_mysql.php');
$DB = new DB_MYSQL;
@ -43,12 +42,16 @@
}
} else {
$User = $Cache->get_value('api_users_'.$UserID);
if(!is_array($User)) {
if (!is_array($User)) {
if (!isset($DB)) {
require(SERVER_ROOT.'/classes/class_mysql.php');
$DB = new DB_MYSQL;
}
$DB->query("SELECT AppID, Token, State, Time, Access FROM api_users WHERE UserID='$UserID' LIMIT 1"); //int, no db_string
$DB->query("
SELECT AppID, Token, State, Time, Access
FROM api_users
WHERE UserID='$UserID'
LIMIT 1"); //int, no db_string
$User = $DB->to_array('AppID',MYSQLI_ASSOC);
$Cache->cache_value('api_users_'.$UserID, $User, 0);
}

52
sections/artist/add_alias.php
View File

@ -1,18 +1,22 @@
<?
authorize();
if(!check_perms('torrents_edit')) { error(403); }
if (!check_perms('torrents_edit')) {
error(403);
}
$ArtistID = $_POST['artistid'];
$Redirect = $_POST['redirect'];
$AliasName = Artists::normalise_artist_name($_POST['name']);
$DBAliasName = db_string($AliasName);
if(!$Redirect) { $Redirect = 0; }
if (!$Redirect) {
$Redirect = 0;
}
if(!is_number($ArtistID) || !($Redirect === 0 || is_number($Redirect)) || !$ArtistID) {
if (!is_number($ArtistID) || !($Redirect === 0 || is_number($Redirect)) || !$ArtistID) {
error(0);
}
if($AliasName == '') {
if ($AliasName == '') {
error('Blank artist name.');
}
@ -24,17 +28,23 @@
* 3. For foo, there's two, same ArtistID, diff names, no redirect
*/
$DB->query("SELECT AliasID, ArtistID, Name, Redirect FROM artists_alias WHERE Name = '".$DBAliasName."'");
if($DB->record_count()) {
while(list($CloneAliasID, $CloneArtistID, $CloneAliasName, $CloneRedirect) = $DB->next_record(MYSQLI_NUM, false)) {
if(!strcasecmp($CloneAliasName, $AliasName)) {
$DB->query("
SELECT AliasID, ArtistID, Name, Redirect
FROM artists_alias
WHERE Name = '".$DBAliasName."'");
if ($DB->record_count()) {
while (list($CloneAliasID, $CloneArtistID, $CloneAliasName, $CloneRedirect) = $DB->next_record(MYSQLI_NUM, false)) {
if (!strcasecmp($CloneAliasName, $AliasName)) {
break;
}
}
if($CloneAliasID) {
if($ArtistID == $CloneArtistID && $Redirect == 0) {
if($CloneRedirect != 0) {
$DB->query("UPDATE artists_alias SET ArtistID='".$ArtistID."', Redirect=0 WHERE AliasID='".$CloneAliasID."'");
if ($CloneAliasID) {
if ($ArtistID == $CloneArtistID && $Redirect == 0) {
if ($CloneRedirect != 0) {
$DB->query("
UPDATE artists_alias
SET ArtistID='".$ArtistID."', Redirect=0
WHERE AliasID='".$CloneAliasID."'");
Misc::write_log("Redirection for the alias $CloneAliasID ($DBAliasName) for the artist $ArtistID was removed by user $LoggedUser[ID] ($LoggedUser[Username])");
} else {
error('No changes were made as the target alias did not redirect anywhere.');
@ -44,29 +54,29 @@
}
}
}
if(!$CloneAliasID) {
if($Redirect) {
if (!$CloneAliasID) {
if ($Redirect) {
$DB->query("SELECT ArtistID, Redirect FROM artists_alias WHERE AliasID = $Redirect");
if(!$DB->record_count()) {
if (!$DB->record_count()) {
error('Cannot redirect to a nonexistent artist alias.');
}
list($FoundArtistID, $FoundRedirect) = $DB->next_record();
if($ArtistID != $FoundArtistID) {
if ($ArtistID != $FoundArtistID) {
error('Redirection must target an alias for the current artist.');
}
if($FoundRedirect != 0) {
if ($FoundRedirect != 0) {
$Redirect = $FoundRedirect;
}
}
$DB->query("INSERT INTO artists_alias(ArtistID, Name, Redirect, UserID)
VALUES
(".$ArtistID.", '".$DBAliasName."', ".$Redirect.", ".$LoggedUser['ID'].")");
$DB->query("
INSERT INTO artists_alias(ArtistID, Name, Redirect, UserID)
VALUES ($ArtistID, '$DBAliasName', $Redirect, ".$LoggedUser['ID'].')');
$AliasID = $DB->inserted_id();
$DB->query("SELECT Name FROM artists_group WHERE ArtistID = ".$ArtistID);
list($ArtistName) = $DB->next_record(MYSQLI_NUM, false);
Misc::write_log("The alias ".$AliasID." (".$DBAliasName.") was added to the artist ".$ArtistID." (".db_string($ArtistName).") by user ".$LoggedUser['ID']." (".$LoggedUser['Username'].")");
Misc::write_log("The alias $AliasID ($DBAliasName) was added to the artist $ArtistID (".db_string($ArtistName).") by user ".$LoggedUser['ID'].' ('.$LoggedUser['Username'].')');
}
header('Location: '.$_SERVER['HTTP_REFERER']);
?>

25
sections/artist/autocomplete.php
View File

@ -2,7 +2,9 @@
header('Content-type: application/x-suggestions+json');
require('classes/ajax_start.php');
if(empty($_GET['name'])) { die('["",[],[],[]]'); }
if (empty($_GET['name'])) {
die('["",[],[],[]]');
}
$FullName = rawurldecode($_GET['name']);
@ -14,25 +16,26 @@
$Letters = strtolower(substr($FullName,0,$KeySize));
$AutoSuggest = $Cache->get('autocomplete_artist_'.$KeySize.'_'.$Letters);
if(!is_array($AutoSuggest)) {
if(!isset($DB) || !is_object($DB)) {
if (!is_array($AutoSuggest)) {
if (!isset($DB) || !is_object($DB)) {
require(SERVER_ROOT.'/classes/class_mysql.php'); //Require the database wrapper
$DB=NEW DB_MYSQL; //Load the database wrapper
}
$Limit = (($KeySize === $MaxKeySize)?250:10);
$DB->query("SELECT
a.ArtistID,
a.Name,
SUM(t.Snatched) AS Snatches
$Limit = (($KeySize === $MaxKeySize) ? 250 : 10);
$DB->query("
SELECT
a.ArtistID,
a.Name,
SUM(t.Snatched) AS Snatches
FROM artists_group AS a
INNER JOIN torrents_artists AS ta ON ta.ArtistID=a.ArtistID
INNER JOIN torrents AS t ON t.GroupID=ta.GroupID
INNER JOIN torrents_artists AS ta ON ta.ArtistID=a.ArtistID
INNER JOIN torrents AS t ON t.GroupID=ta.GroupID
WHERE a.Name LIKE '".db_string(str_replace('\\','\\\\',$Letters),true)."%'
GROUP BY ta.ArtistID
ORDER BY Snatches DESC
LIMIT $Limit");
$AutoSuggest = $DB->to_array(false,MYSQLI_NUM,false);
$Cache->cache_value('autocomplete_artist_'.$KeySize.'_'.$Letters,$AutoSuggest,1800+7200*($MaxKeySize-$KeySize)); // Can't cache things for too long in case names are edited
$Cache->cache_value('autocomplete_artist_'.$KeySize.'_'.$Letters,$AutoSuggest,1800 + 7200 * ($MaxKeySize - $KeySize)); // Can't cache things for too long in case names are edited
}
$Matched = 0;

68
sections/artist/change_artistid.php
View File

@ -1,9 +1,11 @@
<?
authorize();
if (!check_perms('torrents_edit')) { error(403); }
if (!check_perms('torrents_edit')) {
error(403);
}
if (!empty($_POST['newartistid']) && !empty($_POST['newartistname'])) {
error("Please enter a valid artist ID number or a valid artist name.");
error('Please enter a valid artist ID number or a valid artist name.');
}
$ArtistID = (int)$_POST['artistid'];
$NewArtistID = (int)$_POST['newartistid'];
@ -18,20 +20,20 @@
}
$DB->query("SELECT Name FROM artists_group WHERE ArtistID = $ArtistID LIMIT 1");
if(!(list($ArtistName) = $DB->next_record(MYSQLI_NUM, false))) {
if (!(list($ArtistName) = $DB->next_record(MYSQLI_NUM, false))) {
error('An error has occured.');
}
if ($NewArtistID > 0) {
// Make sure that's a real artist ID number, and grab the name
$DB->query("SELECT Name FROM artists_group WHERE ArtistID = $NewArtistID LIMIT 1");
if(!(list($NewArtistName) = $DB->next_record())) {
if (!(list($NewArtistName) = $DB->next_record())) {
error('Please enter a valid artist ID number.');
}
} else {
// Didn't give an ID, so try to grab based on the name
$DB->query("SELECT ArtistID FROM artists_alias WHERE Name = '".db_string($NewArtistName)."' LIMIT 1");
if(!(list($NewArtistID) = $DB->next_record())) {
if (!(list($NewArtistID) = $DB->next_record())) {
error('No artist by that name was found.');
}
}
@ -47,10 +49,11 @@
$Requests = $DB->collect('RequestID');
$DB->query("SELECT DISTINCT UserID FROM bookmarks_artists WHERE ArtistID = $ArtistID");
$BookmarkUsers = $DB->collect('UserID');
$DB->query("SELECT DISTINCT ct.CollageID
FROM collages_torrents AS ct
JOIN torrents_artists AS ta ON ta.GroupID = ct.GroupID
WHERE ta.ArtistID = $ArtistID");
$DB->query("
SELECT DISTINCT ct.CollageID
FROM collages_torrents AS ct
JOIN torrents_artists AS ta ON ta.GroupID = ct.GroupID
WHERE ta.ArtistID = $ArtistID");
$Collages = $DB->collect('CollageID');
// And the info to avoid double-listing an artist if it and the target are on the same group
@ -70,42 +73,51 @@
$NewArtistBookmarks = implode(',',$NewArtistBookmarks);
// Merge all of this artist's aliases onto the new artist
$DB->query("UPDATE artists_alias SET ArtistID = $NewArtistID WHERE ArtistID = $ArtistID");
$DB->query("
UPDATE artists_alias
SET ArtistID = $NewArtistID
WHERE ArtistID = $ArtistID");
// Update the torrent groups, requests, and bookmarks
$DB->query("UPDATE IGNORE torrents_artists SET ArtistID = $NewArtistID
WHERE ArtistID = $ArtistID
AND GroupID NOT IN ($NewArtistGroups)");
$DB->query("
UPDATE IGNORE torrents_artists
SET ArtistID = $NewArtistID
WHERE ArtistID = $ArtistID
AND GroupID NOT IN ($NewArtistGroups)");
$DB->query("DELETE FROM torrents_artists WHERE ArtistID = $ArtistID");
$DB->query("UPDATE IGNORE requests_artists SET ArtistID = $NewArtistID
WHERE ArtistID = $ArtistID
AND RequestID NOT IN ($NewArtistRequests)");
$DB->query("
UPDATE IGNORE requests_artists
SET ArtistID = $NewArtistID
WHERE ArtistID = $ArtistID
AND RequestID NOT IN ($NewArtistRequests)");
$DB->query("DELETE FROM requests_artists WHERE ArtistID = $ArtistID");
$DB->query("UPDATE IGNORE bookmarks_artists SET ArtistID = $NewArtistID
WHERE ArtistID = $ArtistID
AND UserID NOT IN ($NewArtistBookmarks)");
$DB->query("
UPDATE IGNORE bookmarks_artists
SET ArtistID = $NewArtistID
WHERE ArtistID = $ArtistID
AND UserID NOT IN ($NewArtistBookmarks)");
$DB->query("DELETE FROM bookmarks_artists WHERE ArtistID = $ArtistID");
// Cache clearing
if(!empty($Groups)) {
foreach($Groups as $GroupID) {
if (!empty($Groups)) {
foreach ($Groups as $GroupID) {
$Cache->delete_value('groups_artists_'.$GroupID);
Torrents::update_hash($GroupID);
}
}
if(!empty($Requests)) {
foreach($Requests as $RequestID) {
if (!empty($Requests)) {
foreach ($Requests as $RequestID) {
$Cache->delete_value('request_artist_'.$RequestID);
Requests::update_sphinx_requests($RequestID);
}
}
if(!empty($BookmarkUsers)) {
foreach($BookmarkUsers as $UserID) {
if (!empty($BookmarkUsers)) {
foreach ($BookmarkUsers as $UserID) {
$Cache->delete_value('notify_artists_'.$UserID);
}
}
if(!empty($Collages)) {
foreach($Collages as $CollageID) {
if (!empty($Collages)) {
foreach ($Collages as $CollageID) {
$Cache->delete_value('collage_'.$CollageID);
}
}
@ -118,7 +130,7 @@
// Delete the old artist
$DB->query("DELETE FROM artists_group WHERE ArtistID = $ArtistID");
Misc::write_log("The artist ".$ArtistID." (".$ArtistName.") was made into a non-redirecting alias of artist ".$NewArtistID." (".$NewArtistName.") by user ".$LoggedUser['ID']." (".$LoggedUser['Username'].")");
Misc::write_log("The artist $ArtistID ($ArtistName) was made into a non-redirecting alias of artist $NewArtistID ($NewArtistName) by user ".$LoggedUser['ID']." (".$LoggedUser['Username'].')');
header("Location: artist.php?action=edit&artistid=$NewArtistID");
} else {

42
sections/artist/delete.php
View File

@ -10,22 +10,26 @@
authorize();
$ArtistID = $_GET['artistid'];
if(!is_number($ArtistID) || empty($ArtistID)) { error(0); }
if (!is_number($ArtistID) || empty($ArtistID)) {
error(0);
}
if(!check_perms('site_delete_artist') || !check_perms('torrents_delete')) { error(403); }
if (!check_perms('site_delete_artist') || !check_perms('torrents_delete')) {
error(403);
}
View::show_header('Artist deleted');
$DB->query('SELECT Name FROM artists_group WHERE ArtistID='.$ArtistID);
list($Name) = $DB->next_record();
$DB->query('SELECT tg.Name,
tg.ID
FROM torrents_group AS tg
LEFT JOIN torrents_artists AS ta ON ta.GroupID=tg.ID
WHERE ta.ArtistID='.$ArtistID);
$DB->query('
SELECT tg.Name, tg.ID
FROM torrents_group AS tg
LEFT JOIN torrents_artists AS ta ON ta.GroupID=tg.ID
WHERE ta.ArtistID='.$ArtistID);
$Count = $DB->record_count();
if($DB->record_count() > 0) {
if ($DB->record_count() > 0) {
?>
<div class="thin">
There are still torrents that have <a href="artist.php?id=<?=$ArtistID?>" title="View Artist"><?=$Name?></a> as an artist.<br />
@ -33,7 +37,7 @@
<div class="box pad">
<ul>
<?
while(list($GroupName, $GroupID) = $DB->next_record(MYSQLI_NUM, true)) {
while (list($GroupName, $GroupID) = $DB->next_record(MYSQLI_NUM, true)) {
?>
<li>
<a href="torrents.php?id=<?=$GroupID?>" title="View Torrent"><?=$GroupName?></a>
@ -47,13 +51,13 @@
<?
}
$DB->query('SELECT r.Title,
r.ID
FROM requests AS r
LEFT JOIN requests_artists AS ra ON ra.RequestID=r.ID
WHERE ra.ArtistID='.$ArtistID);
$DB->query('
SELECT r.Title, r.ID
FROM requests AS r
LEFT JOIN requests_artists AS ra ON ra.RequestID=r.ID
WHERE ra.ArtistID='.$ArtistID);
$Count += $DB->record_count();
if($DB->record_count() > 0) {
if ($DB->record_count() > 0) {
?>
<div class="thin">
There are still requests that have <a href="artist.php?id=<?=$ArtistID?>" title="View Artist"><?=$Name?></a> as an artist.<br />
@ -61,7 +65,7 @@
<div class="box pad">
<ul>
<?
while(list($RequestName, $RequestID) = $DB->next_record(MYSQLI_NUM, true)) {
while (list($RequestName, $RequestID) = $DB->next_record(MYSQLI_NUM, true)) {
?>
<li>
<a href="requests.php?action=view&amp;id=<?=$RequestID?>" title="View Torrent"><?=$RequestName?></a>
@ -75,10 +79,12 @@
<?
}
if($Count == 0) {
if ($Count == 0) {
Artists::delete_artist($ArtistID);
?>
<div class="thin">Artist deleted!</div>
<div class="thin box pad">
Artist "<?=$Name?>" deleted!
</div>
<?
}
View::show_footer();?>

4
sections/artist/delete_similar.php
View File

@ -2,10 +2,10 @@
authorize();
$SimilarID = db_string($_GET['similarid']);
if(!is_number($SimilarID) || !$SimilarID) {
if (!is_number($SimilarID) || !$SimilarID) {
error(404);
}
if(!check_perms('site_delete_tag')) {
if (!check_perms('site_delete_tag')) {
error(403);
}
$DB->query("SELECT ArtistID FROM artists_similar WHERE SimilarID='$SimilarID'");

42
sections/artist/edit.php
View File

@ -11,19 +11,22 @@
************************************************************************/
$ArtistID = $_GET['artistid'];
if(!is_number($ArtistID)) { error(0); }
if (!is_number($ArtistID)) {
error(0);
}
// Get the artist name and the body of the last revision
$DB->query("SELECT
Name,
Image,
Body,
VanityHouse
$DB->query("
SELECT
Name,
Image,
Body,
VanityHouse
FROM artists_group AS a
LEFT JOIN wiki_artists ON wiki_artists.RevisionID=a.RevisionID
LEFT JOIN wiki_artists ON wiki_artists.RevisionID=a.RevisionID
WHERE a.ArtistID='$ArtistID'");
if($DB->record_count() < 1) {
if ($DB->record_count() < 1) {
error("Cannot find the artist with the ID ".$ArtistID.': See the <a href="log.php?search=Artist+'.$ArtistID.'">log</a>.');
}
@ -46,7 +49,7 @@
<input type="text" name="image" size="92" value="<?=$Image?>" /><br />
<h3>Artist info</h3>
<textarea name="body" cols="91" rows="20"><?=$Body?></textarea> <br />
<h3>Vanity House <input type="checkbox" name="vanity_house" value="1" <?=( check_perms('artist_edit_vanityhouse') ? '' : 'disabled="disabled"' )?> <?=($VanityHouse ? 'checked="checked"' : '')?> /></h3>
<h3>Vanity House <input type="checkbox" name="vanity_house" value="1"<?=(check_perms('artist_edit_vanityhouse') ? '' : ' disabled="disabled"' )?><?=($VanityHouse ? ' checked="checked"' : '')?> /></h3>
<h3>Edit summary</h3>
<input type="text" name="summary" size="92" /><br />
<div style="text-align: center;">
@ -55,7 +58,7 @@
</div>
</form>
</div>
<? if(check_perms('torrents_edit')) { ?>
<? if (check_perms('torrents_edit')) { ?>
<h2>Rename</h2>
<div class="box pad">
<form class="rename_form" name="artist" action="artist.php" method="post">
@ -97,13 +100,20 @@
<?
$DB->query("SELECT AliasID, Name, UserID, Redirect FROM artists_alias WHERE ArtistID='$ArtistID'");
while(list($AliasID, $AliasName, $User, $Redirect) = $DB->next_record(MYSQLI_NUM, true)) {
if($AliasName == $Name) { $DefaultRedirectID = $AliasID; }
while (list($AliasID, $AliasName, $User, $Redirect) = $DB->next_record(MYSQLI_NUM, true)) {
if ($AliasName == $Name) {
$DefaultRedirectID = $AliasID;
}
?>
<li><span title="Alias ID"><?=$AliasID?></span>. <span title="Alias name"><?=$AliasName?></span>
<? if($User) { ?> <a href="user.php?id=<?=$User?>" title="Alias creator" class="brackets">User</a> <?}
if($Redirect) { ?> (writes redirect to <span title="Target alias ID"><?=$Redirect?></span>)<? } ?>
<a href="artist.php?action=delete_alias&amp;aliasid=<?=$AliasID?>&amp;auth=<?=$LoggedUser['AuthKey']?>" title="Delete this alias" class="brackets">X</a>
<li>
<span title="Alias ID"><?=$AliasID?></span>. <span title="Alias name"><?=$AliasName?></span>
<? if ($User) { ?>
<a href="user.php?id=<?=$User?>" title="Alias creator" class="brackets">User</a>
<? }
if ($Redirect) { ?>
(writes redirect to <span title="Target alias ID"><?=$Redirect?></span>)
<? } ?>
<a href="artist.php?action=delete_alias&amp;aliasid=<?=$AliasID?>&amp;auth=<?=$LoggedUser['AuthKey']?>" title="Delete this alias" class="brackets">X</a>
</li>
<? }
?>

6
sections/artist/history.php
View File

@ -12,7 +12,9 @@
************************************************************************/
$ArtistID = $_GET['artistid'];
if(!is_number($ArtistID)) { error(0); }
if (!is_number($ArtistID)) {
error(0);
}
include(SERVER_ROOT.'/classes/class_wiki.php'); // Wiki class
$Wiki = new WIKI('wiki_artists', $ArtistID, "artist.php?id=$ArtistID");
@ -21,7 +23,7 @@
$DB->query("SELECT Name FROM artists_group WHERE ArtistID='$ArtistID'");
list($Name) = $DB->next_record(MYSQLI_NUM, true);
View::show_header("Revision history for ".$Name); // Set title
View::show_header("Revision history for $Name"); // Set title
// Start printing form
?>

63
sections/artist/index.php
View File

@ -41,7 +41,7 @@
error(0);
}
if ($LoggedUser['DisablePosting']) {
error('Your posting rights have been removed.');
error('Your posting privileges have been removed.');
}
$ArtistID = $_POST['artistid'];
@ -49,11 +49,19 @@
error(404);
}
$DB->query("SELECT CEIL((SELECT COUNT(ID)+1 FROM artist_comments AS ac WHERE ac.ArtistID='" . db_string($ArtistID) . "')/" . TORRENT_COMMENTS_PER_PAGE . ") AS Pages");
$DB->query("
SELECT
CEIL((
SELECT COUNT(ID)+1
FROM artist_comments AS ac
WHERE ac.ArtistID='" . db_string($ArtistID) . "'
)/" . TORRENT_COMMENTS_PER_PAGE . "
) AS Pages");
list($Pages) = $DB->next_record();
$DB->query("INSERT INTO artist_comments (ArtistID,AuthorID,AddedTime,Body) VALUES (
'" . db_string($ArtistID) . "', '" . db_string($LoggedUser['ID']) . "','" . sqltime() . "','" . db_string($_POST['body']) . "')");
$DB->query("
INSERT INTO artist_comments (ArtistID,AuthorID,AddedTime,Body)
VALUES ('" . db_string($ArtistID) . "', '" . db_string($LoggedUser['ID']) . "','" . sqltime() . "','" . db_string($_POST['body']) . "')");
$PostID = $DB->inserted_id();
$CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE * $Pages - TORRENT_COMMENTS_PER_PAGE) / THREAD_CATALOGUE);
@ -113,12 +121,17 @@
}
// Get topicid, forumid, number of pages
$DB->query("SELECT
ArtistID,
CEIL(COUNT(ac.ID)/" . TORRENT_COMMENTS_PER_PAGE . ") AS Pages,
CEIL(SUM(IF(ac.ID<=" . $_GET['postid'] . ",1,0))/" . TORRENT_COMMENTS_PER_PAGE . ") AS Page
$DB->query("
SELECT
ArtistID,
CEIL(COUNT(ac.ID)/" . TORRENT_COMMENTS_PER_PAGE . ") AS Pages,
CEIL(SUM(IF(ac.ID<=" . $_GET['postid'] . ",1,0))/" . TORRENT_COMMENTS_PER_PAGE . ") AS Page
FROM artist_comments AS ac
WHERE ac.ArtistID=(SELECT ArtistID FROM artist_comments WHERE ID=" . $_GET['postid'] . ")
WHERE ac.ArtistID=(
SELECT ArtistID
FROM artist_comments
WHERE ID=" . $_GET['postid'] . "
)
GROUP BY ac.ArtistID");
list($ArtistID, $Pages, $Page) = $DB->next_record();
@ -152,16 +165,21 @@
}
// Mainly
$DB->query("SELECT
ac.Body,
ac.AuthorID,
ac.ArtistID,
ac.AddedTime
$DB->query("
SELECT
ac.Body,
ac.AuthorID,
ac.ArtistID,
ac.AddedTime
FROM artist_comments AS ac
WHERE ac.ID='" . db_string($_POST['post']) . "'");
list($OldBody, $AuthorID, $ArtistID, $AddedTime) = $DB->next_record();
$DB->query("SELECT ceil(COUNT(ID) / " . TORRENT_COMMENTS_PER_PAGE . ") AS Page FROM artist_comments WHERE ArtistID = $ArtistID AND ID <= $_POST[post]");
$DB->query("
SELECT ceil(COUNT(ID) / " . TORRENT_COMMENTS_PER_PAGE . ") AS Page
FROM artist_comments
WHERE ArtistID = $ArtistID
AND ID <= $_POST[post]");
list($Page) = $DB->next_record();
if ($LoggedUser['ID'] != $AuthorID && !check_perms('site_moderate_forums')) {
@ -172,10 +190,12 @@
}
// Perform the update
$DB->query("UPDATE artist_comments SET
Body = '" . db_string($_POST['body']) . "',
EditedUserID = '" . db_string($LoggedUser['ID']) . "',
EditedTime = '" . sqltime() . "'
$DB->query("
UPDATE artist_comments
SET
Body = '" . db_string($_POST['body']) . "',
EditedUserID = '" . db_string($LoggedUser['ID']) . "',
EditedTime = '" . sqltime() . "'
WHERE ID='" . db_string($_POST['post']) . "'");
// Update the cache
@ -193,8 +213,9 @@
));
$Cache->commit_transaction(0);
$DB->query("INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('artist', " . db_string($_POST['post']) . ", " . db_string($LoggedUser['ID']) . ", '" . sqltime() . "', '" . db_string($OldBody) . "')");
$DB->query("
INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('artist', " . db_string($_POST['post']) . ", " . db_string($LoggedUser['ID']) . ", '" . sqltime() . "', '" . db_string($OldBody) . "')");
// This gets sent to the browser, which echoes it in place of the old body
echo $Text->full_format($_POST['body']);

92
sections/artist/rename.php
View File

@ -25,25 +25,44 @@
$ArtistID = $_POST['artistid'];
$NewName = Artists::normalise_artist_name($_POST['name']);
if(!$ArtistID || !is_number($ArtistID)) { error(404); }
if (!$ArtistID || !is_number($ArtistID)) {
error(404);
}
if(!check_perms('torrents_edit')) { error(403); }
if (!check_perms('torrents_edit')) {
error(403);
}
$DB->query("SELECT Name FROM artists_group WHERE ArtistID='$ArtistID'");
if($DB->record_count()==0) { error(404); }
if ($DB->record_count() == 0) {
error(404);
}
list($OldName) = $DB->next_record(MYSQLI_NUM, false);
if($OldName == $NewName) { error('The new name is identical to the old name.'); }
if ($OldName == $NewName) {
error('The new name is identical to the old name.');
}
$DB->query("SELECT AliasID FROM artists_alias WHERE Name='".db_string($OldName)."' AND ArtistID='$ArtistID'");
$DB->query("
SELECT AliasID
FROM artists_alias
WHERE Name='".db_string($OldName)."'
AND ArtistID='$ArtistID'");
list($OldAliasID) = $DB->next_record(MYSQLI_NUM, false);
if(!$OldAliasID) { error('Could not find old alias ID'); }
if (!$OldAliasID) {
error('Could not find old alias ID');
}
$DB->query("SELECT AliasID, ArtistID FROM artists_alias WHERE name LIKE '".db_string($NewName, true)."'");
$DB->query("
SELECT AliasID, ArtistID
FROM artists_alias
WHERE name LIKE '".db_string($NewName, true)."'");
list($TargetAliasID, $TargetArtistID) = $DB->next_record(MYSQLI_NUM, false);
if(!$TargetAliasID || $TargetAliasID==$OldAliasID) {
if (!$TargetAliasID || $TargetAliasID==$OldAliasID) {
// no merge, just rename
$DB->query("INSERT INTO artists_alias (ArtistID, Name, Redirect, UserID) VALUES ($ArtistID, '".db_string($NewName)."', '0', '$LoggedUser[ID]')");
$DB->query("
INSERT INTO artists_alias (ArtistID, Name, Redirect, UserID)
VALUES ($ArtistID, '".db_string($NewName)."', '0', '$LoggedUser[ID]')");
$TargetAliasID = $DB->inserted_id();
$DB->query("UPDATE artists_alias SET Redirect='$TargetAliasID' WHERE AliasID='$OldAliasID'");
@ -53,8 +72,8 @@
$Groups = $DB->collect('GroupID');
$DB->query("UPDATE IGNORE torrents_artists SET AliasID='$TargetAliasID' WHERE AliasID='$OldAliasID'");
$DB->query("DELETE FROM torrents_artists WHERE AliasID='$OldAliasID'");
if(!empty($Groups)) {
foreach($Groups as $GroupID) {
if (!empty($Groups)) {
foreach ($Groups as $GroupID) {
$Cache->delete_value('groups_artists_'.$GroupID); // Delete group artist cache
Torrents::update_hash($GroupID);
}
@ -64,8 +83,8 @@
$Requests = $DB->collect('RequestID');
$DB->query("UPDATE IGNORE requests_artists SET AliasID='$TargetAliasID' WHERE AliasID='$OldAliasID'");
$DB->query("DELETE FROM requests_artists WHERE AliasID='$OldAliasID'");
if(!empty($Requests)) {
foreach($Requests as $RequestID) {
if (!empty($Requests)) {
foreach ($Requests as $RequestID) {
$Cache->delete_value('request_artists_'.$RequestID); // Delete request artist cache
Requests::update_sphinx_requests($RequestID);
}
@ -73,9 +92,12 @@
$TargetArtistID = $ArtistID;
} else { // Merge stuff
$DB->query("UPDATE artists_alias SET Redirect='$TargetAliasID',ArtistID='$TargetArtistID' WHERE AliasID='$OldAliasID'");
$DB->query("
UPDATE artists_alias
SET Redirect='$TargetAliasID', ArtistID='$TargetArtistID'
WHERE AliasID='$OldAliasID'");
$DB->query("UPDATE artists_alias SET Redirect='0' WHERE AliasID='$TargetAliasID'");
if($ArtistID != $TargetArtistID) {
if ($ArtistID != $TargetArtistID) {
$DB->query("UPDATE artists_alias SET ArtistID='$TargetArtistID' WHERE ArtistID='$ArtistID'");
$DB->query("DELETE FROM artists_group WHERE ArtistID='$ArtistID'");
} else {
@ -84,10 +106,13 @@
$DB->query("SELECT GroupID FROM torrents_artists WHERE AliasID='$OldAliasID'");
$Groups = $DB->collect('GroupID');
$DB->query("UPDATE IGNORE torrents_artists SET AliasID='$TargetAliasID',ArtistID='$TargetArtistID' WHERE AliasID='$OldAliasID'");
$DB->query("
UPDATE IGNORE torrents_artists
SET AliasID='$TargetAliasID', ArtistID='$TargetArtistID'
WHERE AliasID='$OldAliasID'");
$DB->query("DELETE FROM torrents_artists WHERE AliasID='$OldAliasID'");
if(!empty($Groups)) {
foreach($Groups as $GroupID) {
if (!empty($Groups)) {
foreach ($Groups as $GroupID) {
$Cache->delete_value('groups_artists_'.$GroupID);
Torrents::update_hash($GroupID);
}
@ -95,22 +120,28 @@
$DB->query("SELECT RequestID FROM requests_artists WHERE AliasID='$OldAliasID'");
$Requests = $DB->collect('RequestID');
$DB->query("UPDATE IGNORE requests_artists SET AliasID='$TargetAliasID',ArtistID='$TargetArtistID' WHERE AliasID='$OldAliasID'");
$DB->query("
UPDATE IGNORE requests_artists
SET AliasID='$TargetAliasID', ArtistID='$TargetArtistID'
WHERE AliasID='$OldAliasID'");
$DB->query("DELETE FROM requests_artists WHERE AliasID='$OldAliasID'");
if(!empty($Requests)) {
foreach($Requests as $RequestID) {
if (!empty($Requests)) {
foreach ($Requests as $RequestID) {
$Cache->delete_value('request_artists_'.$RequestID);
Requests::update_sphinx_requests($RequestID);
}
}
if($ArtistID != $TargetArtistID) {
if ($ArtistID != $TargetArtistID) {
$DB->query("SELECT GroupID FROM torrents_artists WHERE ArtistID='$ArtistID'");
$Groups = $DB->collect('GroupID');
$DB->query("UPDATE IGNORE torrents_artists SET ArtistID='$TargetArtistID' WHERE ArtistID='$ArtistID'");
$DB->query("
UPDATE IGNORE torrents_artists
SET ArtistID='$TargetArtistID'
WHERE ArtistID='$ArtistID'");
$DB->query("DELETE FROM torrents_artists WHERE ArtistID='$ArtistID'");
if(!empty($Groups)) {
foreach($Groups as $GroupID) {
if (!empty($Groups)) {
foreach ($Groups as $GroupID) {
$Cache->delete_value('groups_artists_'.$GroupID);
Torrents::update_hash($GroupID);
}
@ -118,10 +149,13 @@
$DB->query("SELECT RequestID FROM requests_artists WHERE ArtistID='$ArtistID'");
$Requests = $DB->collect('RequestID');
$DB->query("UPDATE IGNORE requests_artists SET ArtistID='$TargetArtistID' WHERE ArtistID='$ArtistID'");
$DB->query("
UPDATE IGNORE requests_artists
SET ArtistID='$TargetArtistID'
WHERE ArtistID='$ArtistID'");
$DB->query("DELETE FROM requests_artists WHERE ArtistID='$ArtistID'");
if(!empty($Requests)) {
foreach($Requests as $RequestID) {
if (!empty($Requests)) {
foreach ($Requests as $RequestID) {
$Cache->delete_value('request_artists_'.$RequestID);
Requests::update_sphinx_requests($RequestID);
}
@ -131,7 +165,7 @@
// Clear torrent caches
$DB->query("SELECT GroupID FROM torrents_artists WHERE ArtistID='$ArtistID'");
while(list($GroupID) = $DB->next_record()) {
while (list($GroupID) = $DB->next_record()) {
$Cache->delete_value('torrents_details_'.$GroupID);
}

46
sections/artist/take_warn.php
View File

@ -13,46 +13,55 @@
$Key = (int)$_POST['key'];
$SQLTime = sqltime();
$UserInfo = Users::user_info($UserID);
if($UserInfo['Class'] > $LoggedUser['Class']) {
if ($UserInfo['Class'] > $LoggedUser['Class']) {
error(403);
}
$URL = "https://". SSL_SITE_URL."/artist.php?id=$ArtistID&postid=$PostID#post$PostID";
if ($Length != 'verbal') {
$Time = ((int)$Length) * (7 * 24 * 60 * 60);
Tools::warn_user($UserID, $Time, "$URL - ". $Reason);
$Subject = "You have received a warning";
$Subject = 'You have received a warning';
$PrivateMessage = "You have received a $Length week warning for [url=$URL]this artist comment.[/url]\n\n" . $PrivateMessage;
$WarnTime = time_plus($Time);
$AdminComment = date("Y-m-d").' - Warned until '.$WarnTime.' by '.$LoggedUser['Username']."\nReason: $URL - $Reason\n\n";
$AdminComment = date('Y-m-d').' - Warned until '.$WarnTime.' by '.$LoggedUser['Username']."\nReason: $URL - $Reason\n\n";
} else {
$Subject = "You have received a verbal warning";
$Subject = 'You have received a verbal warning';
$PrivateMessage = "You have received a verbal warning for [url=$URL]this post.[/url]\n\n" . $PrivateMessage;
$AdminComment = date("Y-m-d") . ' - Verbally warned by ' . $LoggedUser['Username'] . " for $URL \nReason: $Reason\n\n";
$AdminComment = date('Y-m-d') . ' - Verbally warned by ' . $LoggedUser['Username'] . " for $URL \nReason: $Reason\n\n";
}
$DB->query("INSERT INTO users_warnings_forums (UserID, Comment) VALUES('$UserID', '" . db_string($AdminComment) . "')
$DB->query("
INSERT INTO users_warnings_forums (UserID, Comment)
VALUES('$UserID', '" . db_string($AdminComment) . "')
ON DUPLICATE KEY UPDATE Comment = CONCAT('" . db_string($AdminComment) . "', Comment)");
Tools::update_user_notes($UserID,$AdminComment);
Misc::send_pm($UserID, $LoggedUser['ID'], $Subject, $PrivateMessage);
// Mainly
$DB->query("SELECT
ac.Body,
ac.AuthorID,
ac.ArtistID,
ac.AddedTime
$DB->query("
SELECT
ac.Body,
ac.AuthorID,
ac.ArtistID,
ac.AddedTime
FROM artist_comments AS ac
WHERE ac.ID='$PostID'");
list($OldBody, $AuthorID, $ArtistID, $AddedTime) = $DB->next_record();
$DB->query("SELECT ceil(COUNT(ID) / " . TORRENT_COMMENTS_PER_PAGE . ") AS Page FROM artist_comments WHERE ArtistID = $ArtistID AND ID <= $PostID");
$DB->query("
SELECT ceil(COUNT(ID) / " . TORRENT_COMMENTS_PER_PAGE . ") AS Page
FROM artist_comments
WHERE ArtistID = $ArtistID
AND ID <= $PostID");
list($Page) = $DB->next_record();
// Perform the update
$DB->query("UPDATE artist_comments SET
Body = '" . db_string($Body) . "',
EditedUserID = '" . db_string($LoggedUser['ID']) . "',
EditedTime = '" . sqltime() . "'
$DB->query("
UPDATE artist_comments
SET
Body = '" . db_string($Body) . "',
EditedUserID = '" . db_string($LoggedUser['ID']) . "',
EditedTime = '" . sqltime() . "'
WHERE ID='$PostID'");
// Update the cache
@ -62,8 +71,9 @@
$Cache->update_row($_POST['key'], array('ID' => $_POST['postid'], 'AuthorID' => $AuthorID, 'AddedTime' => $AddedTime, 'Body' => $Body, 'EditedUserID' => db_string($LoggedUser['ID']), 'EditedTime' => sqltime(), 'Username' => $LoggedUser['Username']));
$Cache->commit_transaction(0);
$DB->query("INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('artist', " . db_string($_POST['postid']) . ", " . db_string($LoggedUser['ID']) . ", '" . sqltime() . "', '" . db_string($OldBody) . "')");
$DB->query("
INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('artist', " . db_string($_POST['postid']) . ', ' . db_string($LoggedUser['ID']) . ", '" . sqltime() . "', '" . db_string($OldBody) . "')");
header("Location: artist.php?id=$ArtistID&postid=$PostID#post$PostID");
?>

38
sections/artist/takeedit.php
View File

@ -5,52 +5,60 @@
authorize();
if(!$_REQUEST['artistid'] || !is_number($_REQUEST['artistid'])) {
if (!$_REQUEST['artistid'] || !is_number($_REQUEST['artistid'])) {
error(404);
}
if(!check_perms('site_edit_wiki')) { error(403); }
if (!check_perms('site_edit_wiki')) {
error(403);
}
// Variables for database input
$UserID = $LoggedUser['ID'];
$ArtistID = $_REQUEST['artistid'];
if ( check_perms('artist_edit_vanityhouse') ) {
if (check_perms('artist_edit_vanityhouse')) {
$VanityHouse = ( isset($_POST['vanity_house']) ? 1 : 0 );
}
if($_GET['action'] == 'revert') { // if we're reverting to a previous revision
if ($_GET['action'] == 'revert') { // if we're reverting to a previous revision
authorize();
$RevisionID=$_GET['revisionid'];
if(!is_number($RevisionID)) { error(0); }
if (!is_number($RevisionID)) {
error(0);
}
} else { // with edit, the variables are passed with POST
$Body = db_string($_POST['body']);
$Summary = db_string($_POST['summary']);
$Image = db_string($_POST['image']);
ImageTools::blacklisted($Image);
// Trickery
if(!preg_match("/^".IMAGE_REGEX."$/i", $Image)) {
if (!preg_match("/^".IMAGE_REGEX."$/i", $Image)) {
$Image = '';
}
}
// Insert revision
if(!$RevisionID) { // edit
$DB->query("INSERT INTO wiki_artists (PageID, Body, Image, UserID, Summary, Time)
VALUES ('$ArtistID', '$Body', '$Image', '$UserID', '$Summary', '".sqltime()."')");
if (!$RevisionID) { // edit
$DB->query("
INSERT INTO wiki_artists (PageID, Body, Image, UserID, Summary, Time)
VALUES ('$ArtistID', '$Body', '$Image', '$UserID', '$Summary', '".sqltime()."')");
} else { // revert
$DB->query("INSERT INTO wiki_artists (PageID, Body, Image, UserID, Summary, Time)
$DB->query("
INSERT INTO wiki_artists (PageID, Body, Image, UserID, Summary, Time)
SELECT '$ArtistID', Body, Image, '$UserID', 'Reverted to revision $RevisionID', '".sqltime()."'
FROM wiki_artists WHERE RevisionID='$RevisionID'");
FROM wiki_artists
WHERE RevisionID='$RevisionID'");
}
$RevisionID=$DB->inserted_id();
$RevisionID = $DB->inserted_id();
// Update artists table (technically, we don't need the RevisionID column, but we can use it for a join which is nice and fast)
$DB->query("UPDATE artists_group
$DB->query("
UPDATE artists_group
SET
". ( isset($VanityHouse) ? "VanityHouse='$VanityHouse'," : '' ) ."
RevisionID='$RevisionID'
". (isset($VanityHouse) ? "VanityHouse='$VanityHouse'," : '') ."
RevisionID='$RevisionID'
WHERE ArtistID='$ArtistID'");
// There we go, all done!

18
sections/artist/vote_similar.php
View File

@ -11,17 +11,27 @@
error(404);
}
$DB->query("SELECT SimilarID FROM artists_similar_votes WHERE SimilarID='$SimilarID' AND UserID='$UserID' AND Way='$Way'");
$DB->query("
SELECT SimilarID
FROM artists_similar_votes
WHERE SimilarID='$SimilarID'
AND UserID='$UserID'
AND Way='$Way'");
if ($DB->record_count() == 0) {
if ($Way == 'down') {
$Score = 'Score-100';
} elseif($Way == 'up') {
} elseif ($Way == 'up') {
$Score = 'Score+100';
} else { // Nothing is impossible!
$Score = 'Score';
}
$DB->query("UPDATE artists_similar_scores SET Score=$Score WHERE SimilarID='$SimilarID'");
$DB->query("INSERT iNTO artists_similar_votes (SimilarID, UserID, Way) VALUES ('$SimilarID', '$UserID', '$Way')");
$DB->query("
UPDATE artists_similar_scores
SET Score=$Score
WHERE SimilarID='$SimilarID'");
$DB->query("
INSERT INTO artists_similar_votes (SimilarID, UserID, Way)
VALUES ('$SimilarID', '$UserID', '$Way')");
$Cache->delete_value('artist_'.$ArtistID); // Delete artist cache
}
header('Location: '.$_SERVER['HTTP_REFERER']);

9
sections/artist/warn.php
View File

@ -9,9 +9,10 @@
$UserID = (int) $_POST['userid'];
$Key = (int) $_POST['key'];
$UserInfo = Users::user_info($UserID);
$DB -> query("SELECT
ac.Body,
ac.AddedTime
$DB -> query("
SELECT
ac.Body,
ac.AddedTime
FROM artist_comments AS ac
WHERE ac.ID='" . db_string($PostID) . "'");
list($PostBody) = $DB -> next_record();
@ -45,7 +46,7 @@
<option value="1">1 week</option>
<option value="2">2 weeks</option>
<option value="4">4 weeks</option>
<? if(check_perms('users_mod')) { ?>
<? if (check_perms('users_mod')) { ?>
<option value="8">8 weeks</option>
<? } ?>
</select></td>

29
sections/better/files.php
View File

@ -1,6 +1,6 @@
<?php
if(check_perms('admin_reports') && !empty($_GET['remove']) && is_number($_GET['remove'])) {
if (check_perms('admin_reports') && !empty($_GET['remove']) && is_number($_GET['remove'])) {
$DB->query("DELETE FROM torrents_bad_files WHERE TorrentID = ".$_GET['remove']);
$DB->query("SELECT GroupID FROM torrents WHERE ID = ".$_GET['remove']);
list($GroupID) = $DB->next_record();
@ -8,8 +8,8 @@
}
if(!empty($_GET['filter']) && $_GET['filter'] == "all") {
$Join = "";
if (!empty($_GET['filter']) && $_GET['filter'] == 'all') {
$Join = '';
$All = true;
} else {
$Join = "JOIN xbt_snatched as x ON x.fid=tfi.TorrentID AND x.uid = ".$LoggedUser['ID'];
@ -17,16 +17,21 @@
}
View::show_header('Torrents with bad file names');
$DB->query("SELECT tfi.TorrentID, t.GroupID FROM torrents_bad_files AS tfi JOIN torrents AS t ON t.ID = tfi.TorrentID ".$Join." ORDER BY tfi.TimeAdded ASC");
$DB->query("
SELECT tfi.TorrentID, t.GroupID
FROM torrents_bad_files AS tfi
JOIN torrents AS t ON t.ID = tfi.TorrentID
$Join
ORDER BY tfi.TimeAdded ASC");
$TorrentsInfo = $DB->to_array('TorrentID', MYSQLI_ASSOC);
foreach($TorrentsInfo as $Torrent) {
foreach ($TorrentsInfo as $Torrent) {
$GroupIDs[] = $Torrent['GroupID'];
}
$Results = Torrents::get_groups($GroupIDs);
$Results = $Results['matches'];
?>
<div class="header">
<? if($All) { ?>
<? if ($All) { ?>
<h2>All torrents trumpable for bad file names</h2>
<? } else { ?>
<h2>Torrents trumpable for bad file names that you have snatched</h2>
@ -34,7 +39,7 @@
<div class="linkbox">
<a href="better.php" class="brackets">Back to better.php list</a>
<? if($All) { ?>
<? if ($All) { ?>
<a href="better.php?method=files" class="brackets">Show only those you have snatched</a>
<? } else { ?>
<a href="better.php?method=files&amp;filter=all" class="brackets">Show all</a>
@ -57,11 +62,15 @@
$DisplayName = '';
}
$DisplayName.='<a href="torrents.php?id='.$GroupID.'" title="View Torrent">'.$GroupName.'</a>';
if($GroupYear>0) { $DisplayName.=" [".$GroupYear."]"; }
if($ReleaseType>0) { $DisplayName.=" [".$ReleaseTypes[$ReleaseType]."]"; }
if ($GroupYear > 0) {
$DisplayName.=" [$GroupYear]";
}
if ($ReleaseType > 0) {
$DisplayName.=' ['.$ReleaseTypes[$ReleaseType].']';
}
$ExtraInfo = Torrents::torrent_info($Torrents[$TorrentID]);
if($ExtraInfo) {
if ($ExtraInfo) {
$DisplayName.=' - '.$ExtraInfo;
}
?>

29
sections/better/folders.php
View File

@ -1,6 +1,6 @@
<?php
if(check_perms('admin_reports') && !empty($_GET['remove']) && is_number($_GET['remove'])) {
if (check_perms('admin_reports') && !empty($_GET['remove']) && is_number($_GET['remove'])) {
$DB->query("DELETE FROM torrents_bad_folders WHERE TorrentID = ".$_GET['remove']);
$DB->query("SELECT GroupID FROM torrents WHERE ID = ".$_GET['remove']);
list($GroupID) = $DB->next_record();
@ -8,8 +8,8 @@
}
if(!empty($_GET['filter']) && $_GET['filter'] == "all") {
$Join = "";
if (!empty($_GET['filter']) && $_GET['filter'] == "all") {
$Join = '';
$All = true;
} else {
$Join = "JOIN xbt_snatched as x ON x.fid=tbf.TorrentID AND x.uid = ".$LoggedUser['ID'];
@ -17,16 +17,21 @@
}
View::show_header('Torrents with bad folder names');
$DB->query("SELECT tbf.TorrentID, t.GroupID FROM torrents_bad_folders AS tbf JOIN torrents AS t ON t.ID = tbf.TorrentID ".$Join." ORDER BY tbf.TimeAdded ASC");
$DB->query("
SELECT tbf.TorrentID, t.GroupID
FROM torrents_bad_folders AS tbf
JOIN torrents AS t ON t.ID = tbf.TorrentID
$Join
ORDER BY tbf.TimeAdded ASC");
$TorrentsInfo = $DB->to_array('TorrentID', MYSQLI_ASSOC);
foreach($TorrentsInfo as $Torrent) {
foreach ($TorrentsInfo as $Torrent) {
$GroupIDs[] = $Torrent['GroupID'];
}
$Results = Torrents::get_groups($GroupIDs);
$Results = $Results['matches'];
?>
<div class="header">
<? if($All) { ?>
<? if ($All) { ?>
<h2>All torrents trumpable for bad folder names</h2>
<? } else { ?>
<h2>Torrents trumpable for bad folder names that you have snatched</h2>
@ -34,7 +39,7 @@
<div class="linkbox">
<a href="better.php" class="brackets">Back to better.php list</a>
<? if($All) { ?>
<? if ($All) { ?>
<a href="better.php?method=folders" class="brackets">Show only those you have snatched</a>
<? } else { ?>
<a href="better.php?method=folders&amp;filter=all" class="brackets">Show all</a>
@ -57,11 +62,15 @@
$DisplayName = '';
}
$DisplayName.='<a href="torrents.php?id='.$GroupID.'" title="View Torrent">'.$GroupName.'</a>';
if($GroupYear>0) { $DisplayName.=" [".$GroupYear."]"; }
if($ReleaseType>0) { $DisplayName.=" [".$ReleaseTypes[$ReleaseType]."]"; }
if ($GroupYear > 0) {
$DisplayName.=" [$GroupYear]";
}
if ($ReleaseType > 0) {
$DisplayName.=' ['.$ReleaseTypes[$ReleaseType].']';
}
$ExtraInfo = Torrents::torrent_info($Torrents[$TorrentID]);
if($ExtraInfo) {
if ($ExtraInfo) {
$DisplayName.=' - '.$ExtraInfo;
}
?>

18
sections/better/snatch.php
View File

@ -27,7 +27,7 @@
AND ((t.LogScore = '100' AND t.Media = 'CD')
OR t.Media != 'CD')
AND tg.CategoryID = 1
AND x.uid='$UserID'");
AND x.uid='$UserID'" . ($SeedingOnly ? ' AND x.active = 1 AND x.remaining = 0' : ''));
$SnatchedTorrentIDs = array_fill_keys($DB->collect('fid'), true);
$SnatchedGroupIDs = array_unique($DB->collect('GroupID'));
@ -113,12 +113,14 @@
'miss_V2 (VBR)' => 0, //how many V2 transcodes are missing?
'miss_320' => 0, //how many 320 transcodes are missing?
);
foreach($TorrentGroups as $Editions) {
foreach($Editions as $Edition) {
if($Edition['FlacID'] == 0) { continue; } // no FLAC in this edition
foreach ($TorrentGroups as $Editions) {
foreach ($Editions as $Edition) {
if ($Edition['FlacID'] == 0) { // no FLAC in this edition
continue;
}
$edition_miss = 0; //number of transcodes missing in this edition
foreach($Encodings as $Encoding) {
if(!isset($Edition['Formats'][$Encoding])) {
foreach ($Encodings as $Encoding) {
if (!isset($Edition['Formats'][$Encoding])) {
++$edition_miss;
++$Counter['miss_'.$Encoding];
}
@ -179,8 +181,8 @@
continue;
}
$DisplayName = $ArtistNames . '<a href="torrents.php?id='.$GroupID.'&amp;torrentid='.$Edition['FlacID'].'#torrent'.$Edition['FlacID'].'" title="View Torrent">'.$GroupName.'</a>';
if($GroupYear > 0) {
$DisplayName .= " [".$GroupYear."]";
if ($GroupYear > 0) {
$DisplayName .= " [$GroupYear]";
}
if ($ReleaseType > 0) {
$DisplayName .= " [".$ReleaseTypes[$ReleaseType]."]";

33
sections/better/tags.php
View File

@ -1,6 +1,6 @@
<?php
if(check_perms('admin_reports') && !empty($_GET['remove']) && is_number($_GET['remove'])) {
if (check_perms('admin_reports') && !empty($_GET['remove']) && is_number($_GET['remove'])) {
$DB->query("DELETE FROM torrents_bad_tags WHERE TorrentID = ".$_GET['remove']);
$DB->query("SELECT GroupID FROM torrents WHERE ID = ".$_GET['remove']);
list($GroupID) = $DB->next_record();
@ -8,8 +8,8 @@
}
if(!empty($_GET['filter']) && $_GET['filter'] == "all") {
$Join = "";
if (!empty($_GET['filter']) && $_GET['filter'] == 'all') {
$Join = '';
$All = true;
} else {
$Join = "JOIN xbt_snatched as x ON x.fid=tbt.TorrentID AND x.uid = ".$LoggedUser['ID'];
@ -17,16 +17,21 @@
}
View::show_header('Torrents with bad tags');
$DB->query("SELECT tbt.TorrentID, t.GroupID FROM torrents_bad_tags AS tbt JOIN torrents AS t ON t.ID = tbt.TorrentID ".$Join." ORDER BY tbt.TimeAdded ASC");
$DB->query("
SELECT tbt.TorrentID, t.GroupID
FROM torrents_bad_tags AS tbt
JOIN torrents AS t ON t.ID = tbt.TorrentID
$Join
ORDER BY tbt.TimeAdded ASC");
$TorrentsInfo = $DB->to_array('TorrentID', MYSQLI_ASSOC);
foreach($TorrentsInfo as $Torrent) {
foreach ($TorrentsInfo as $Torrent) {
$GroupIDs[] = $Torrent['GroupID'];
}
$Results = Torrents::get_groups($GroupIDs);
$Results = $Results['matches'];
?>
<div class="header">
<? if($All) { ?>
<? if ($All) { ?>
<h2>All torrents trumpable for bad tags</h2>
<? } else { ?>
<h2>Torrents trumpable for bad tags that you have snatched</h2>
@ -34,7 +39,7 @@
<div class="linkbox">
<a href="better.php" class="brackets">Back to better.php list</a>
<? if($All) { ?>
<? if ($All) { ?>
<a href="better.php?method=tags" class="brackets">Show only those you have snatched</a>
<? } else { ?>
<a href="better.php?method=tags&amp;filter=all" class="brackets">Show all</a>
@ -46,7 +51,7 @@
<h3>There are <?=number_format(count($TorrentsInfo))?> torrents remaining</h3>
<table class="torrent_table">
<?
foreach($TorrentsInfo as $TorrentID => $Info) {
foreach ($TorrentsInfo as $TorrentID => $Info) {
extract(Torrents::array_group($Results[$Info['GroupID']]));
$TorrentTags = new Tags($TagList);
@ -58,11 +63,15 @@
$DisplayName = '';
}
$DisplayName.='<a href="torrents.php?id='.$GroupID.'&amp;torrentid='.$TorrentID.'#torrent'.$TorrentID.'" title="View Torrent">'.$GroupName.'</a>';
if($GroupYear>0) { $DisplayName.=" [".$GroupYear."]"; }
if($ReleaseType>0) { $DisplayName.=" [".$ReleaseTypes[$ReleaseType]."]"; }
if ($GroupYear > 0) {
$DisplayName.=" [$GroupYear]";
}
if ($ReleaseType > 0) {
$DisplayName.=' ['.$ReleaseTypes[$ReleaseType].']';
}
$ExtraInfo = Torrents::torrent_info($Torrents[$TorrentID]);
if($ExtraInfo) {
if ($ExtraInfo) {
$DisplayName.=' - '.$ExtraInfo;
}
?>
@ -72,7 +81,7 @@
<a href="torrents.php?action=download&amp;id=<?=$TorrentID?>&amp;authkey=<?=$LoggedUser['AuthKey']?>&amp;torrent_pass=<?=$LoggedUser['torrent_pass']?>" class="brackets" title="Download torrent">DL</a>
</span>
<?=$DisplayName?>
<? if(check_perms('admin_reports')) { ?>
<? if (check_perms('admin_reports')) { ?>
<a href="better.php?method=tags&amp;remove=<?=$TorrentID?>" class="brackets">X</a>
<? } ?>
<div class="tags"><?=$TorrentTags->format()?></div>

12
sections/better/transcode.php
View File

@ -1,5 +1,5 @@
<?
if(!isset($_GET['type']) || !is_number($_GET['type']) || $_GET['type'] > 3) {
if (!isset($_GET['type']) || !is_number($_GET['type']) || $_GET['type'] > 3) {
error(0);
}
@ -11,7 +11,7 @@
$List = "!(v0 | v2 | 320)";
} else {
$List = '!'.$Options[$_GET['type']];
if($_GET['type'] == 0) {
if ($_GET['type'] == 0) {
$_GET['type'] = '0';
} else {
$_GET['type'] = display_str($_GET['type']);
@ -25,7 +25,7 @@
->where_match($List, 'encoding', false)
->order_by('RAND()')
->limit(0, TORRENTS_PER_PAGE, TORRENTS_PER_PAGE);
if(!empty($_GET['search'])) {
if (!empty($_GET['search'])) {
$SphQL->where_match($_GET['search'], '(groupname,artistname,year,taglist)');
}
@ -139,11 +139,11 @@
continue;
}
$DisplayName = $ArtistNames . '<a href="torrents.php?id='.$GroupID.'&amp;torrentid='.$Edition['FlacID'].'#torrent'.$Edition['FlacID'].'" title="View Torrent">'.$GroupName.'</a>';
if($GroupYear > 0) {
$DisplayName .= " [".$GroupYear."]";
if ($GroupYear > 0) {
$DisplayName .= " [$GroupYear]";
}
if ($ReleaseType > 0) {
$DisplayName .= " [".$ReleaseTypes[$ReleaseType]."]";
$DisplayName .= ' ['.$ReleaseTypes[$ReleaseType].']';
}
if ($Edition['IsSnatched']) {
$DisplayName .= ' ' . Format::torrent_label('Snatched!');

90
sections/better/transcode_beta.php
View File

@ -19,10 +19,10 @@
$UserID = $LoggedUser['ID'];
}
if(empty($_GET['filter']) || !in_array($_GET['filter'], array('uploaded', 'seeding', 'snatched'))) {
if (empty($_GET['filter']) || !in_array($_GET['filter'], array('uploaded', 'seeding', 'snatched'))) {
$_GET['filter'] = 'all';
}
if(empty($_GET['target']) || !in_array($_GET['target'], array('v0', 'v2', '320', 'all'))) {
if (empty($_GET['target']) || !in_array($_GET['target'], array('v0', 'v2', '320', 'all'))) {
$_GET['target'] = 'any';
}
$Encodings = array('v0' => 'V0 (VBR)', 'v2' => 'V2 (VBR)', '320' => '320');
@ -37,16 +37,16 @@ function transcode_init_sphql() {
->order_by('RAND()')
->limit(0, TORRENTS_PER_PAGE, TORRENTS_PER_PAGE);
if (in_array($_GET['target'], array('v0', 'v2', '320'))) {
// v0/v2/320 is missing
// V0/V2/320 is missing
$SphQL->where_match('!'.$_GET['target'], 'encoding', false);
} elseif($_GET['target'] == 'all') {
} elseif ($_GET['target'] == 'all') {
// all transcodes are missing
$SphQL->where_match('!(v0 | v2 | 320)', 'encoding', false);
} else {
// any transcode is missing
$SphQL->where_match('!(v0 v2 320)', 'encoding', false);
}
if(!empty($_GET['search'])) {
if (!empty($_GET['search'])) {
$SphQL->where_match($_GET['search'], '(groupname,artistname,year,taglist)');
}
return $SphQL;
@ -71,21 +71,36 @@ function transcode_parse_groups($Groups) {
);
}
if (!isset($TorrentGroups[$GroupID]['Editions'][$RemIdent])) {
if($Torrent['Remastered'] && $Torrent['RemasterYear'] != 0) {
if ($Torrent['Remastered'] && $Torrent['RemasterYear'] != 0) {
$EditionName = $Torrent['RemasterYear'];
$AddExtra = " - ";
if($Torrent['RemasterRecordLabel']) { $EditionName .= $AddExtra.display_str($Torrent['RemasterRecordLabel']); $AddExtra=' / '; }
if($Torrent['RemasterCatalogueNumber']) { $EditionName .= $AddExtra.display_str($Torrent['RemasterCatalogueNumber']); $AddExtra=' / '; }
if($Torrent['RemasterTitle']) { $EditionName .= $AddExtra.display_str($Torrent['RemasterTitle']); $AddExtra=' / '; }
$AddExtra = ' - ';
if ($Torrent['RemasterRecordLabel']) {
$EditionName .= $AddExtra.display_str($Torrent['RemasterRecordLabel']);
$AddExtra = ' / ';
}
if ($Torrent['RemasterCatalogueNumber']) {
$EditionName .= $AddExtra.display_str($Torrent['RemasterCatalogueNumber']);
$AddExtra = ' / ';
}
if ($Torrent['RemasterTitle']) {
$EditionName .= $AddExtra.display_str($Torrent['RemasterTitle']);
$AddExtra = ' / ';
}
$EditionName .= $AddExtra.display_str($Torrent['Media']);
} else {
$AddExtra = " / ";
if(!$Torrent['Remastered']) {
$EditionName = "Original Release";
if($Group['RecordLabel']) { $EditionName .= $AddExtra.$Group['RecordLabel']; $AddExtra=' / '; }
if($Group['CatalogueNumber']) { $EditionName .= $AddExtra.$Group['CatalogueNumber']; $AddExtra=' / '; }
$AddExtra = ' / ';
if (!$Torrent['Remastered']) {
$EditionName = 'Original Release';
if ($Group['RecordLabel']) {
$EditionName .= $AddExtra.$Group['RecordLabel'];
$AddExtra = ' / ';
}
if ($Group['CatalogueNumber']) {
$EditionName .= $AddExtra.$Group['CatalogueNumber'];
$AddExtra = ' / ';
}
} else {
$EditionName = "Unknown Release(s)";
$EditionName = 'Unknown Release(s)';
}
$EditionName .= $AddExtra.display_str($Torrent['Media']);
}
@ -112,9 +127,9 @@ function transcode_parse_groups($Groups) {
$Groups = array();
$ResultCount = 0;
if(in_array($_GET['filter'], array('all', 'uploaded'))) {
if (in_array($_GET['filter'], array('all', 'uploaded'))) {
$SphQL = transcode_init_sphql();
if($_GET['filter'] == 'uploaded') {
if ($_GET['filter'] == 'uploaded') {
$SphQL->where('uploader', $UserID);
}
@ -126,9 +141,10 @@ function transcode_parse_groups($Groups) {
$Groups = transcode_parse_groups($Groups['matches']);
}
unset($SphQL, $SphQLResult, $Results);
} elseif(in_array($_GET['filter'], array('snatched', 'seeding'))) {
} elseif (in_array($_GET['filter'], array('snatched', 'seeding'))) {
// Read all snatched/seeding torrents
$DB->query("SELECT t.GroupID, x.fid
$DB->query("
SELECT t.GroupID, x.fid
FROM ".($_GET['filter'] == 'seeding' ? 'xbt_files_users' : 'xbt_snatched')." AS x
JOIN torrents AS t ON t.ID=x.fid
JOIN torrents_group AS tg ON tg.ID = t.GroupID
@ -136,12 +152,12 @@ function transcode_parse_groups($Groups) {
AND (t.LogScore = '100' OR t.Media != 'CD')
AND tg.CategoryID = 1
AND x.uid='$UserID'
".($_GET['filter'] == 'seeding' ? "AND x.active=1 AND x.Remaining=0" : ""));
".($_GET['filter'] == 'seeding' ? 'AND x.active=1 AND x.Remaining=0' : ''));
$Debug->set_flag('SELECTed ' . $_GET['filter'] . ' torrents');
$Snatched = $DB->to_array();
$Debug->set_flag('Received data from DB');
shuffle($Snatched); // randomize results
while($ResultCount < TORRENTS_PER_PAGE && count($Snatched) > 0) {
while ($ResultCount < TORRENTS_PER_PAGE && count($Snatched) > 0) {
// we throw TORRENTS_PER_PAGE results into Sphinx until we have at least TORRENTS_PER_PAGE results (or no snatches left)
$SnatchedTmp = array_slice($Snatched, 0, TORRENTS_PER_PAGE);
$Snatched = array_slice($Snatched, TORRENTS_PER_PAGE);
@ -154,21 +170,21 @@ function transcode_parse_groups($Groups) {
$GroupsTmp = Torrents::get_groups(array_values($ResultsTmp));
$GroupsTmp = transcode_parse_groups($GroupsTmp['matches']);
// Since we're asking Sphinxql about groups and remidents, the result can/will contain different editions that are transcodable but weren't snatched, so let's filter them out
foreach($GroupsTmp as $GroupID => $Group) {
foreach($Group['Editions'] as $RemIdent => $Edition) {
foreach ($GroupsTmp as $GroupID => $Group) {
foreach ($Group['Editions'] as $RemIdent => $Edition) {
$EditionSnatched = false;
foreach($SnatchedTmp as $SnatchedTmpE) {
if(isset($Edition['FlacIDs'][$SnatchedTmpE['fid']])) {
foreach ($SnatchedTmp as $SnatchedTmpE) {
if (isset($Edition['FlacIDs'][$SnatchedTmpE['fid']])) {
$EditionSnatched = true;
break;
}
}
if(!$EditionSnatched || count($Edition['MP3s']) == 3) {
if (!$EditionSnatched || count($Edition['MP3s']) == 3) {
unset($GroupsTmp[$GroupID]['Editions'][$RemIdent]);
}
}
$ResultCount += count($GroupsTmp[$GroupID]['Editions']);
if(count($GroupsTmp[$GroupID]['Editions']) == 0) {
if (count($GroupsTmp[$GroupID]['Editions']) == 0) {
unset($GroupsTmp[$GroupID]);
}
}
@ -185,8 +201,8 @@ function transcode_parse_groups($Groups) {
'miss_V2 (VBR)' => 0, //how many V2 transcodes are missing?
'miss_320' => 0, //how many 320 transcodes are missing?
);
foreach($Groups as $GroupID => $Group) {
foreach($Group['Editions'] as $RemIdent => $Edition) {
foreach ($Groups as $GroupID => $Group) {
foreach ($Group['Editions'] as $RemIdent => $Edition) {
if (count($Edition['FlacIDs']) == 0 //no FLAC in this group
|| (!empty($Edition['MP3s']) && $_GET['target'] == 'all') //at least one transcode present when we only wanted groups containing no transcodes at all
|| isset($Edition['MP3s'][$Encodings[$_GET['target']]]) //the transcode we asked for is already there
@ -197,8 +213,8 @@ function transcode_parse_groups($Groups) {
continue;
}
$edition_miss = 0; //number of transcodes missing in this edition
foreach($Encodings as $Encoding) {
if(!isset($Edition['MP3s'][$Encoding])) {
foreach ($Encodings as $Encoding) {
if (!isset($Edition['MP3s'][$Encoding])) {
++$edition_miss;
++$Counter['miss_'.$Encoding];
}
@ -246,7 +262,7 @@ function transcode_parse_groups($Groups) {
</table>
</form>
<h3>About</h3>
<div class="box pad" style="padding:10px 10px 10px 20px;">
<div class="box pad" style="padding: 10px 10px 10px 20px;">
<p>
This page aims at listing <?=TORRENTS_PER_PAGE?> random transcodable perfect FLACs matching the options you selected above, but there can be more or less matches on this page. The following numbers tell you something about the torrents currently listed below and can change if you reload.<br /><br />
@ -264,7 +280,7 @@ function transcode_parse_groups($Groups) {
<td>320</td>
</tr>
<?
if($ResultCount == 0) {
if ($ResultCount == 0) {
?>
<tr><td colspan="4">No results found!</td></tr>
<?
@ -289,11 +305,11 @@ function transcode_parse_groups($Groups) {
// TODO: point to the correct FLAC (?)
$FlacID = array_search(true, $Edition['FlacIDs']);
$DisplayName = $ArtistNames . '<a href="torrents.php?id='.$GroupID.'&amp;torrentid='.$FlacID.'#torrent'.$FlacID.'" title="View Torrent">'.$GroupName.'</a>';
if($GroupYear > 0) {
$DisplayName .= " [".$GroupYear."]";
if ($GroupYear > 0) {
$DisplayName .= " [$GroupYear]";
}
if ($ReleaseType > 0) {
$DisplayName .= " [".$ReleaseTypes[$ReleaseType]."]";
$DisplayName .= ' ['.$ReleaseTypes[$ReleaseType].']';
}
if ($Edition['FLACIsSnatched']) {
$DisplayName .= ' ' . Format::torrent_label('Snatched!');

18
sections/better/upload.php
View File

@ -102,12 +102,14 @@
'miss_V2 (VBR)' => 0, //how many V2 transcodes are missing?
'miss_320' => 0, //how many 320 transcodes are missing?
);
foreach($TorrentGroups as $Editions) {
foreach($Editions as $Edition) {
if($Edition['FlacID'] == 0) { continue; } // no FLAC in this edition
foreach ($TorrentGroups as $Editions) {
foreach ($Editions as $Edition) {
if ($Edition['FlacID'] == 0) { // no FLAC in this edition
continue;
}
$edition_miss = 0; //number of transcodes missing in this edition
foreach($Encodings as $Encoding) {
if(!isset($Edition['Formats'][$Encoding])) {
foreach ($Encodings as $Encoding) {
if (!isset($Edition['Formats'][$Encoding])) {
++$edition_miss;
++$Counter['miss_'.$Encoding];
}
@ -158,11 +160,11 @@
continue;
}
$DisplayName = $ArtistNames . '<a href="torrents.php?id='.$GroupID.'&amp;torrentid='.$Edition['FlacID'].'#torrent'.$Edition['FlacID'].'" title="View Torrent">'.$GroupName.'</a>';
if($GroupYear > 0) {
$DisplayName .= " [".$GroupYear."]";
if ($GroupYear > 0) {
$DisplayName .= " [$GroupYear]";
}
if ($ReleaseType > 0) {
$DisplayName .= " [".$ReleaseTypes[$ReleaseType]."]";
$DisplayName .= ' ['.$ReleaseTypes[$ReleaseType].']';
}
$DisplayName .= ' ['.$Edition['Medium'].']';

66
sections/bookmarks/add.php
View File

@ -4,7 +4,9 @@
authorize();
if (!Bookmarks::can_bookmark($_GET['type'])) { error(404); }
if (!Bookmarks::can_bookmark($_GET['type'])) {
error(404);
}
$Feed = new FEED;
$Text = new TEXT;
@ -12,50 +14,70 @@
list($Table, $Col) = Bookmarks::bookmark_schema($Type);
if(!is_number($_GET['id'])) {
if (!is_number($_GET['id'])) {
error(0);
}
$DB->query("SELECT UserID FROM $Table WHERE UserID='$LoggedUser[ID]' AND $Col='".db_string($_GET['id'])."'");
if($DB->record_count() == 0) {
$DB->query("
SELECT UserID
FROM $Table
WHERE UserID='$LoggedUser[ID]'
AND $Col='".db_string($_GET['id'])."'");
if ($DB->record_count() == 0) {
if ($Type === 'torrent') {
$DB->query('SELECT MAX(Sort) FROM `bookmarks_torrents` WHERE UserID =' . $LoggedUser['ID']);
list($Sort) = $DB->next_record();
if (!$Sort) $Sort = 0;
$Sort += 1;
$DB->query("INSERT IGNORE INTO $Table
(UserID, $Col, Time, Sort)
VALUES
('$LoggedUser[ID]', '".db_string($_GET['id'])."', '".sqltime()."', $Sort)");
$DB->query("
INSERT IGNORE INTO $Table (UserID, $Col, Time, Sort)
VALUES ('$LoggedUser[ID]', '".db_string($_GET['id'])."', '".sqltime()."', $Sort)");
} else {
$DB->query("INSERT IGNORE INTO $Table
(UserID, $Col, Time)
VALUES
('$LoggedUser[ID]', '".db_string($_GET['id'])."', '".sqltime()."')");
$DB->query("
INSERT IGNORE INTO $Table (UserID, $Col, Time)
VALUES ('$LoggedUser[ID]', '".db_string($_GET['id'])."', '".sqltime()."')");
}
$Cache->delete_value('bookmarks_'.$Type.'_'.$LoggedUser['ID']);
if ($Type == 'torrent') {
$Cache->delete_value('bookmarks_group_ids_' . $UserID);
$GroupID = (int) $_GET['id'];
$DB->query("SELECT Name, Year, WikiBody, TagList FROM torrents_group WHERE ID = '$GroupID'");
$DB->query("
SELECT Name, Year, WikiBody, TagList
FROM torrents_group
WHERE ID = '$GroupID'");
list($GroupTitle, $Year, $Body, $TagList) = $DB->next_record();
$TagList = str_replace('_','.',$TagList);
$DB->query("SELECT ID, Format, Encoding, HasLog, HasCue, LogScore, Media, Scene, FreeTorrent, UserID FROM torrents WHERE GroupID = '$GroupID'");
$DB->query("
SELECT ID, Format, Encoding, HasLog, HasCue, LogScore, Media, Scene, FreeTorrent, UserID
FROM torrents
WHERE GroupID = '$GroupID'");
// RSS feed stuff
while ($Torrent = $DB->next_record()) {
$Title = $GroupTitle;
list($TorrentID, $Format, $Bitrate, $HasLog, $HasCue, $LogScore, $Media, $Scene, $Freeleech, $UploaderID) = $Torrent;
$Title .= " [".$Year."] - ";
$Title .= " [$Year] - ";
$Title .= $Format." / ".$Bitrate;
if ($HasLog == "'1'") { $Title .= " / Log"; }
if ($HasLog) { $Title .= " / ".$LogScore.'%'; }
if ($HasCue == "'1'") { $Title .= " / Cue"; }
if ($HasLog == "'1'") {
$Title .= " / Log";
}
if ($HasLog) {
$Title .= " / ".$LogScore.'%';
}
if ($HasCue == "'1'") {
$Title .= " / Cue";
}
$Title .= " / ".trim($Media);
if ($Scene == "1") { $Title .= " / Scene"; }
if ($Freeleech == "1") { $Title .= " / Freeleech!"; }
if ($Freeleech == "2") { $Title .= " / Neutral leech!"; }
if ($Scene == '1') {
$Title .= " / Scene";
}
if ($Freeleech == '1') {
$Title .= " / Freeleech!";
}
if ($Freeleech == '2') {
$Title .= " / Neutral leech!";
}
$UploaderInfo = Users::user_info($UploaderID);
$Item = $Feed->item($Title,
@ -71,4 +93,4 @@
$Bookmarkers = $DB->collect('UserID');
$SS->UpdateAttributes('requests requests_delta', array('bookmarker'), array($_GET['id'] => array($Bookmarkers)), true);
}
}
}

28
sections/bookmarks/artists.php
View File

@ -1,12 +1,14 @@
<?
if(!empty($_GET['userid'])) {
if(!check_perms('users_override_paranoia')) {
if (!empty($_GET['userid'])) {
if (!check_perms('users_override_paranoia')) {
error(403);
}
$UserID = $_GET['userid'];
$Sneaky = ($UserID != $LoggedUser['ID']);
if(!is_number($UserID)) { error(404); }
if (!is_number($UserID)) {
error(404);
}
$DB->query("SELECT Username FROM users_main WHERE ID='$UserID'");
list($Username) = $DB->next_record();
} else {
@ -17,15 +19,16 @@
//$ArtistList = Bookmarks::all_bookmarks('artist', $UserID);
$DB->query('SELECT ag.ArtistID, ag.Name
$DB->query('
SELECT ag.ArtistID, ag.Name
FROM bookmarks_artists AS ba
INNER JOIN artists_group AS ag ON ba.ArtistID = ag.ArtistID
INNER JOIN artists_group AS ag ON ba.ArtistID = ag.ArtistID
WHERE ba.UserID = '.$UserID.'
ORDER BY ag.Name');
$ArtistList = $DB->to_array();
$Title = ($Sneaky)?"$Username's bookmarked artists":'Your bookmarked artists';
$Title = ($Sneaky) ? "$Username's bookmarked artists" : 'Your bookmarked artists';
View::show_header($Title,'browse');
@ -62,21 +65,26 @@
<tr class="row<?=$Row?> bookmark_<?=$ArtistID?>">
<td>
<a href="artist.php?id=<?=$ArtistID?>"><?=$Name?></a>
<span style="float: right">
<span style="float: right;">
<?
if (check_perms('site_torrents_notify')) {
if (($Notify = $Cache->get_value('notify_artists_'.$LoggedUser['ID'])) === false) {
$DB->query("SELECT ID, Artists FROM users_notify_filters WHERE UserID='$LoggedUser[ID]' AND Label='Artist notifications' LIMIT 1");
$DB->query("
SELECT ID, Artists
FROM users_notify_filters
WHERE UserID='$LoggedUser[ID]'
AND Label='Artist notifications'
LIMIT 1");
$Notify = $DB->next_record(MYSQLI_ASSOC);
$Cache->cache_value('notify_artists_'.$LoggedUser['ID'], $Notify, 0);
}
if (stripos($Notify['Artists'], '|'.$Name.'|') === false) {
?>
<a href="artist.php?action=notify&amp;artistid=<?=$ArtistID?>&amp;auth=<?=$LoggedUser['AuthKey']?>" class="brackets">Notify of new uploads</a>
<a href="artist.php?action=notify&amp;artistid=<?=$ArtistID?>&amp;auth=<?=$LoggedUser['AuthKey']?>" class="brackets">Notify of new uploads</a>
<?
} else {
?>
<a href="artist.php?action=notifyremove&amp;artistid=<?=$ArtistID?>&amp;auth=<?=$LoggedUser['AuthKey']?>" class="brackets">Do not notify of new uploads</a>
<a href="artist.php?action=notifyremove&amp;artistid=<?=$ArtistID?>&amp;auth=<?=$LoggedUser['AuthKey']?>" class="brackets">Do not notify of new uploads</a>
<?
}
}

12
sections/bookmarks/edit_torrents.php
View File

@ -1,11 +1,13 @@
<?php
// ugly UserID code that should be turned into a function . . .
if(!empty($_GET['userid'])) {
if(!check_perms('users_override_paranoia')) {
if (!empty($_GET['userid'])) {
if (!check_perms('users_override_paranoia')) {
error(403);
}
$UserID = $_GET['userid'];
if(!is_number($UserID)) { error(404); }
if (!is_number($UserID)) {
error(404);
}
$DB->query("SELECT Username FROM users_main WHERE ID='$UserID'");
list($Username) = $DB->next_record();
} else {
@ -14,7 +16,7 @@
// Finally we start
//Require the table class
// Require the table class
// require_once SERVER_ROOT . '/classes/class_mass_user_torrents_table_view.php';
View::show_header('Organize Bookmarks', 'browse,jquery,jquery-ui,jquery.tablesorter,sort');
@ -26,4 +28,4 @@
$TT = new MASS_USER_TORRENTS_TABLE_VIEW($TorrentList, $CollageDataList, $EditType, 'Organize Torrent Bookmarks');
$TT->render_all();
View::show_footer();
View::show_footer();

6
sections/bookmarks/functions.php
View File

@ -31,9 +31,11 @@ function has_bookmarked($Type, $ID) {
function all_bookmarks($Type, $UserID = false) {
global $DB, $Cache, $LoggedUser;
if ($UserID === false) { $UserID = $LoggedUser['ID']; }
if ($UserID === false) {
$UserID = $LoggedUser['ID'];
}
$CacheKey = 'bookmarks_'.$Type.'_'.$UserID;
if(($Bookmarks = $Cache->get_value($CacheKey)) === FALSE) {
if (($Bookmarks = $Cache->get_value($CacheKey)) === FALSE) {
list($Table, $Col) = bookmark_schema($Type);
$DB->query("SELECT $Col FROM $Table WHERE UserID = '$UserID'");
$Bookmarks = $DB->collect($Col);

11
sections/bookmarks/remove.php
View File

@ -1,17 +1,22 @@
<?
authorize();
if (!Bookmarks::can_bookmark($_GET['type'])) { error(404); }
if (!Bookmarks::can_bookmark($_GET['type'])) {
error(404);
}
$Type = $_GET['type'];
list($Table, $Col) = Bookmarks::bookmark_schema($Type);
if(!is_number($_GET['id'])) {
if (!is_number($_GET['id'])) {
error(0);
}
$DB->query("DELETE FROM $Table WHERE UserID='".$LoggedUser['ID']."' AND $Col='".db_string($_GET['id'])."'");
$DB->query("
DELETE FROM $Table
WHERE UserID='".$LoggedUser['ID']."'
AND $Col='".db_string($_GET['id'])."'");
$Cache->delete_value('bookmarks_'.$Type.'_'.$UserID);
if ($Type === 'torrent') {

4
sections/bookmarks/torrents.php
View File

@ -66,7 +66,9 @@ function compare($X, $Y) {
if ($GroupYear > 0) {
$DisplayName = $DisplayName . " [$GroupYear]";
}
if ($GroupVanityHouse) { $DisplayName .= ' [<abbr title="This is a vanity house release">VH</abbr>]'; }
if ($GroupVanityHouse) {
$DisplayName .= ' [<abbr title="This is a Vanity House release">VH</abbr>]';
}
$SnatchedGroupClass = $GroupFlags['IsSnatched'] ? ' snatched_group' : '';
// Start an output buffer, so we can store this output in $TorrentTable

22
sections/chat/index.php
View File

@ -5,13 +5,13 @@
$DB->query("SELECT IRCKey FROM users_main WHERE ID = $LoggedUser[ID]");
list($IRCKey) = $DB->next_record();
if(empty($IRCKey)) {
if (empty($IRCKey)) {
?>
<div class="thin">
<div class="header">
<h3 id="irc">IRC Rules - Please read these carefully!</h3>
</div>
<div class="box pad" style="padding:10px 10px 10px 20px;">
<div class="box pad" style="padding: 10px 10px 10px 20px;">
<p>
<strong>Please set your IRC Key on your <a href="user.php?action=edit&amp;userid=<?=$LoggedUser['ID']?>">profile</a> first! For more information on IRC, please read the <a href="wiki.php?action=article&amp;name=IRC+-+How+to+join">wiki article</a>.</strong>
</p>
@ -19,13 +19,13 @@
</div>
<?
} else {
if(!isset($_POST["accept"])) {
if (!isset($_POST['accept'])) {
?>
<div class="thin">
<div class="header">
<h3 id="irc">IRC Rules - Please read these carefully!</h3>
</div>
<div class="box pad" style="padding:10px 10px 10px 20px;">
<div class="box pad" style="padding: 10px 10px 10px 20px;">
<ul>
<li>Staff have the final decision, if they say stop and you continue, expect at least to be banned from the IRC network.</li>
<li>Be respectful to IRC Operators and Administrators. These people are site staff who volunteer their time for little compensation. They are there for the benefit of all and to aid in conflict resolution; do not waste their time.</li>
@ -51,13 +51,13 @@
</div>
<?
} else {
$nick = $LoggedUser["Username"];
$nick = $LoggedUser['Username'];
$nick = preg_replace('/[^a-zA-Z0-9\[\]\\`\^\{\}\|_]/', '', $nick);
if(strlen($nick) == 0) {
$nick = "WhatGuest????";
if (strlen($nick) == 0) {
$nick = 'WhatGuest????';
} else {
if(is_numeric(substr($nick, 0, 1))) {
$nick = "_" . $nick;
if (is_numeric(substr($nick, 0, 1))) {
$nick = '_' . $nick;
}
}
?>
@ -65,8 +65,8 @@
<div class="header">
<h3 id="general">IRC</h3>
</div>
<div class="box pad" style="padding:10px 0px 10px 0px;">
<div style="padding:0px 10px 10px 20px;">
<div class="box pad" style="padding: 10px 0px 10px 0px;">
<div style="padding: 0px 10px 10px 20px;">
<p>If you have an IRC client, refer to <a href="wiki.php?action=article&amp;name=IRC+-+How+to+join">this wiki article</a> for information on how to connect. (IRC applet users are automatically identified with Drone.)</p>
</div>
<applet codebase="static/irc/" code="IRCApplet.class" archive="irc.jar,sbox.jar" width="800" height="600" align="center">

8
sections/collages/add_comment.php
View File

@ -1,11 +1,13 @@
<?
authorize();
if(empty($_POST['collageid']) || !is_number($_POST['collageid']) || $_POST['body']==='' || !isset($_POST['body'])) { error(0); }
if (empty($_POST['collageid']) || !is_number($_POST['collageid']) || $_POST['body'] === '' || !isset($_POST['body'])) {
error(0);
}
$CollageID = $_POST['collageid'];
if($LoggedUser['DisablePosting']) {
error('Your posting rights have been removed'); // Should this be logged?
if ($LoggedUser['DisablePosting']) {
error('Your posting privileges have been removed'); // Should this be logged?
}
$DB->query("INSERT INTO collages_comments

12
sections/collages/collage.php
View File

@ -146,8 +146,12 @@ function compare($X, $Y) {
}
$DisplayName .= '<a href="torrents.php?id='.$GroupID.'" title="View Torrent" dir="ltr">'.$GroupName.'</a>';
if ($GroupYear > 0) { $DisplayName = $DisplayName. ' ['. $GroupYear .']';}
if ($GroupVanityHouse) { $DisplayName .= ' [<abbr title="This is a vanity house release">VH</abbr>]'; }
if ($GroupYear > 0) {
$DisplayName = "$DisplayName [$GroupYear]";
}
if ($GroupVanityHouse) {
$DisplayName .= ' [<abbr title="This is a Vanity House release">VH</abbr>]';
}
$SnatchedGroupClass = $GroupFlags['IsSnatched'] ? ' snatched_group' : '';
// Start an output buffer, so we can store this output in $TorrentTable
ob_start();
@ -301,7 +305,7 @@ function compare($X, $Y) {
}
// Silly hack for people who are on the old setting
$CollageCovers = isset($LoggedUser['CollageCovers'])?$LoggedUser['CollageCovers']:25*(abs($LoggedUser['HideCollage'] - 1));
$CollageCovers = isset($LoggedUser['CollageCovers']) ? $LoggedUser['CollageCovers'] : 25 * (abs($LoggedUser['HideCollage'] - 1));
$CollagePages = array();
// Pad it out
@ -313,7 +317,7 @@ function compare($X, $Y) {
for ($i = 0; $i < $NumGroups / $CollageCovers; $i++) {
$Groups = array_slice($Collage, $i*$CollageCovers, $CollageCovers);
$Groups = array_slice($Collage, $i * $CollageCovers, $CollageCovers);
$CollagePage = '';
foreach ($Groups as $Group) {
$CollagePage .= $Group;

6
sections/collages/delete.php
View File

@ -1,21 +1,21 @@
<?
$CollageID = $_GET['collageid'];
if(!is_number($CollageID) || !$CollageID) {
if (!is_number($CollageID) || !$CollageID) {
error(404);
}
$DB->query("SELECT Name, UserID FROM collages WHERE ID='$CollageID'");
list($Name, $UserID) = $DB->next_record();
if(!check_perms('site_collages_delete') && $UserID != $LoggedUser['ID']) {
if (!check_perms('site_collages_delete') && $UserID != $LoggedUser['ID']) {
error(403);
}
View::show_header('Delete collage');
?>
<div class="thin center">
<div class="box" style="width:600px; margin:0px auto;">
<div class="box" style="width: 600px; margin: 0px auto;">
<div class="head colhead">
Delete collage
</div>

4
sections/collages/delete_comment.php
View File

@ -5,13 +5,13 @@
authorize();
// Quick SQL injection check
if(!$_GET['postid'] || !is_number($_GET['postid'])) {
if (!$_GET['postid'] || !is_number($_GET['postid'])) {
error(0);
}
$PostID = $_GET['postid'];
// Make sure they are moderators
if(!check_perms('site_moderate_forums')) {
if (!check_perms('site_moderate_forums')) {
error(403);
}

4
sections/collages/edit.php
View File

@ -39,7 +39,7 @@
<td><input type="text" name="name" size="60" value="<?=$Name?>" /></td>
</tr>
<? }
if($CategoryID > 0 || check_perms('site_collages_delete')) { ?>
if ($CategoryID > 0 || check_perms('site_collages_delete')) { ?>
<tr>
<td class="label"><strong>Category</strong></td>
<td>
@ -72,7 +72,7 @@
<td><input type="checkbox" name="featured"<?=($Featured ? ' checked="checked"' : '')?> /></td>
</tr>
<? }
if(check_perms('site_collages_delete')) { ?>
if (check_perms('site_collages_delete')) { ?>
<tr>
<td class="label">Locked</td>
<td><input type="checkbox" name="locked" <?=$Locked ? 'checked="checked" ' : ''?>/></td>

46
sections/collages/manage.php
View File

@ -1,27 +1,33 @@
<?php
$CollageID = $_GET['collageid'];
if(!is_number($CollageID)) { error(0); }
if (!is_number($CollageID)) {
error(0);
}
$DB->query("SELECT Name, UserID, CategoryID FROM collages WHERE ID='$CollageID'");
list($Name, $UserID, $CategoryID) = $DB->next_record();
if($CategoryID == 0 && $UserID!=$LoggedUser['ID'] && !check_perms('site_collages_delete')) { error(403); }
if ($CategoryID == 0 && $UserID != $LoggedUser['ID'] && !check_perms('site_collages_delete')) {
error(403);
}
$DB->query("SELECT ct.GroupID,
um.ID,
um.Username,
ct.Sort,
tg.CatalogueNumber
$DB->query("
SELECT
ct.GroupID,
um.ID,
um.Username,
ct.Sort,
tg.CatalogueNumber
FROM collages_torrents AS ct
JOIN torrents_group AS tg ON tg.ID=ct.GroupID
LEFT JOIN users_main AS um ON um.ID=ct.UserID
JOIN torrents_group AS tg ON tg.ID=ct.GroupID
LEFT JOIN users_main AS um ON um.ID=ct.UserID
WHERE ct.CollageID='$CollageID'
ORDER BY ct.Sort");
$GroupIDs = $DB->collect('GroupID');
$CollageDataList=$DB->to_array('GroupID', MYSQLI_ASSOC);
if(count($GroupIDs)>0) {
if (count($GroupIDs) > 0) {
$TorrentList = Torrents::get_groups($GroupIDs);
$TorrentList = $TorrentList['matches'];
} else {
@ -63,14 +69,14 @@
<table id="manage_collage_table">
<thead>
<tr class="colhead">
<th style="width:7%">Order</th>
<th style="width:1%"><span><abbr title="Current Rank">#</abbr></span></th>
<th style="width:7%"><span>Cat #</span></th>
<th style="width:1%"><span>Year</span></th>
<th style="width:15%"><span>Artist</span></th>
<th style="width: 7%">Order</th>
<th style="width: 1%"><span><abbr title="Current Rank">#</abbr></span></th>
<th style="width: 7%"><span>Cat #</span></th>
<th style="width: 1%"><span>Year</span></th>
<th style="width: 15%"><span>Artist</span></th>
<th><span>Torrent</span></th>
<th style="width:1%"><span>User</span></th>
<th style="width:1%; text-align: right" class="nobr"><span><abbr title="Modify an individual row.">Tweak</abbr></span></th>
<th style="width: 1%"><span>User</span></th>
<th style="width: 1%; text-align: right;" class="nobr"><span><abbr title="Modify an individual row.">Tweak</abbr></span></th>
</tr>
</thead>
<tbody>
@ -88,12 +94,14 @@
unset($ExtendedArtists[2]);
unset($ExtendedArtists[3]);
$DisplayName .= Artists::display_artists($ExtendedArtists, true, false);
} elseif(count($Artists)>0) {
} elseif (count($Artists) > 0) {
$DisplayName .= Artists::display_artists(array('1'=>$Artists), true, false);
}
$TorrentLink = '<a href="torrents.php?id='.$GroupID.'" title="View Torrent">'.$GroupName.'</a>';
$GroupYear = $GroupYear > 0 ? $GroupYear : '';
if($GroupVanityHouse) { $DisplayName .= ' [<abbr title="This is a vanity house release">VH</abbr>]'; }
if ($GroupVanityHouse) {
$DisplayName .= ' [<abbr title="This is a Vanity House release">VH</abbr>]';
}
$AltCSS = $Number % 2 === 0 ? 'rowa' : 'rowb';
?>

10
sections/collages/recover.php
View File

@ -3,24 +3,24 @@
error(403);
}
if($_POST['collage_id'] && is_number($_POST['collage_id'])) {
if ($_POST['collage_id'] && is_number($_POST['collage_id'])) {
authorize();
$CollageID = $_POST['collage_id'];
$DB->query("SELECT Name FROM collages WHERE ID = ".$CollageID);
if($DB->record_count() == 0) {
if ($DB->record_count() == 0) {
error('Collage is completely deleted');
} else {
$DB->query("UPDATE collages SET Deleted = '0' WHERE ID=$CollageID");
$Cache->delete_value('collage_'.$CollageID);
Misc::write_log("Collage ".$CollageID." was recovered by ".$LoggedUser['Username']);
Misc::write_log("Collage $CollageID was recovered by ".$LoggedUser['Username']);
header("Location: collages.php?id=$CollageID");
}
}
View::show_header("Collage recovery!");
View::show_header('Collage recovery!');
?>
<div class="thin center">
<div class="box" style="width:600px; margin:0px auto;">
<div class="box" style="width: 600px; margin: 0px auto;">
<div class="head colhead">
Recover deleted collage
</div>

31
sections/collages/takeedit_comment.php
View File

@ -5,7 +5,7 @@
$Text = new TEXT;
// Quick SQL injection check
if(!$_POST['post'] || !is_number($_POST['post'])) {
if (!$_POST['post'] || !is_number($_POST['post'])) {
error(404);
}
// End injection check
@ -16,20 +16,34 @@
$PostID = $_POST['post'];
// Mainly
$DB->query("SELECT cc.Body, cc.UserID, cc.CollageID, (SELECT COUNT(ID) FROM collages_comments WHERE ID <= ".$PostID." AND collages_comments.CollageID = cc.CollageID) FROM collages_comments AS cc WHERE cc.ID='$PostID'");
$DB->query("
SELECT
cc.Body,
cc.UserID,
cc.CollageID,
(
SELECT COUNT(ID)
FROM collages_comments
WHERE ID <= $PostID
AND collages_comments.CollageID = cc.CollageID
)
FROM collages_comments AS cc
WHERE cc.ID='$PostID'");
list($OldBody, $AuthorID, $CollageID, $PostNum) = $DB->next_record();
// Make sure they aren't trying to edit posts they shouldn't
// We use die() here instead of error() because whatever we spit out is displayed to the user in the box where his forum post is
if($UserID!=$AuthorID && !check_perms('site_moderate_forums')) {
if ($UserID != $AuthorID && !check_perms('site_moderate_forums')) {
die('Permission denied');
}
if($DB->record_count()==0) {
if ($DB->record_count() == 0) {
die('Post not found!');
}
// Perform the update
$DB->query("UPDATE collages_comments SET
$DB->query("
UPDATE collages_comments
SET
Body = '$Body'
WHERE ID='$PostID'");
@ -37,11 +51,12 @@
$PageNum = ceil($PostNum / TORRENT_COMMENTS_PER_PAGE);
$CatalogueID = floor((POSTS_PER_PAGE*$PageNum-POSTS_PER_PAGE)/THREAD_CATALOGUE);
$CatalogueID = floor((POSTS_PER_PAGE * $PageNum - POSTS_PER_PAGE) / THREAD_CATALOGUE);
$Cache->delete_value('collage_'.$CollageID.'_catalogue_'.$CatalogueID);
$DB->query("INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('collages', ".$PostID.", ".$UserID.", '".sqltime()."', '".db_string($OldBody)."')");
$DB->query("
INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('collages', $PostID, $UserID, '".sqltime()."', '".db_string($OldBody)."')");
// This gets sent to the browser, which echoes it in place of the old body
echo $Text->full_format($_POST['body']);

13
sections/forums/add_poll_option.php
View File

@ -4,18 +4,18 @@
$ThreadID = $_POST['threadid'];
$NewOption = $_POST['new_option'];
if(!is_number($ThreadID)) {
if (!is_number($ThreadID)) {
error(404);
}
if(!check_perms("site_moderate_forums")) {
if (!check_perms('site_moderate_forums')) {
$DB->query("SELECT ForumID FROM forums_topics WHERE ID = $ThreadID");
list($ForumID) = $DB->next_record();
if(!in_array($ForumID, $ForumsRevealVoters)) {
if (!in_array($ForumID, $ForumsRevealVoters)) {
error(403);
}
}
$DB->query("SELECT Answers FROM forums_polls WHERE TopicID = ".$ThreadID);
if($DB->record_count() < 1) {
if ($DB->record_count() < 1) {
error(404);
}
@ -24,7 +24,10 @@
$Answers[] = $NewOption;
$Answers = serialize($Answers);
$DB->query("UPDATE forums_polls SET Answers = '".db_string($Answers)."' WHERE TopicID = ".$ThreadID);
$DB->query("
UPDATE forums_polls
SET Answers = '".db_string($Answers)."'
WHERE TopicID = ".$ThreadID);
$Cache->delete_value('polls_'.$ThreadID);
header("Location: forums.php?action=viewthread&threadid=".$ThreadID);

24
sections/forums/catchup.php
View File

@ -1,20 +1,26 @@
<?
authorize();
if(!isset($_GET['forumid']) || ($_GET['forumid']!='all' && !is_number($_GET['forumid']))) { error(403); }
if (!isset($_GET['forumid']) || ($_GET['forumid'] != 'all' && !is_number($_GET['forumid']))) {
error(403);
}
if ($_GET['forumid']=='all') {
$DB->query("UPDATE users_info SET CatchupTime=NOW() WHERE UserID=$LoggedUser[ID]");
if ($_GET['forumid'] == 'all') {
$DB->query("
UPDATE users_info
SET CatchupTime=NOW()
WHERE UserID=$LoggedUser[ID]");
$Cache->delete_value('user_info_'.$LoggedUser['ID']);
header('Location: forums.php');
} else {
// Insert a value for each topic
$DB->query("INSERT INTO forums_last_read_topics (UserID, TopicID, PostID)
SELECT '$LoggedUser[ID]', ID, LastPostID FROM
forums_topics
WHERE (LastPostTime>'".time_minus(3600*24*30)."' OR IsSticky='1')
AND ForumID = ".$_GET['forumid']."
ON DUPLICATE KEY UPDATE PostID=LastPostID");
$DB->query("
INSERT INTO forums_last_read_topics (UserID, TopicID, PostID)
SELECT '$LoggedUser[ID]', ID, LastPostID
FROM forums_topics
WHERE (LastPostTime>'".time_minus(3600 * 24 * 30)."' OR IsSticky='1')
AND ForumID = ".$_GET['forumid']."
ON DUPLICATE KEY UPDATE PostID=LastPostID");
header('Location: forums.php?action=viewforum&forumid='.$_GET['forumid']);
}

13
sections/forums/change_vote.php
View File

@ -3,17 +3,20 @@
$ThreadID = $_GET['threadid'];
$NewVote = $_GET['vote'];
if(is_number($ThreadID) && is_number($NewVote)) {
if(!check_perms("site_moderate_forums")) {
if (is_number($ThreadID) && is_number($NewVote)) {
if (!check_perms("site_moderate_forums")) {
$DB->query("SELECT ForumID FROM forums_topics WHERE ID = $ThreadID");
list($ForumID) = $DB->next_record();
if(!in_array($ForumID, $ForumsRevealVoters)) {
if (!in_array($ForumID, $ForumsRevealVoters)) {
error(403);
}
}
$DB->query("UPDATE forums_polls_votes SET Vote = ".$NewVote." WHERE TopicID = ".$ThreadID." AND UserID = ".$LoggedUser['ID']);
$DB->query("
UPDATE forums_polls_votes
SET Vote = $NewVote
WHERE TopicID = $ThreadID
AND UserID = ".$LoggedUser['ID']);
$Cache->delete_value('polls_'.$ThreadID);
header("Location: forums.php?action=viewthread&threadid=".$ThreadID);

92
sections/forums/delete.php
View File

@ -1,24 +1,31 @@
<?
authorize();
// Quick SQL injection check
if(!isset($_GET['postid']) || !is_number($_GET['postid'])) { error(0); }
if (!isset($_GET['postid']) || !is_number($_GET['postid'])) {
error(0);
}
$PostID = $_GET['postid'];
// Make sure they are moderators
if(!check_perms('site_admin_forums')) {
if (!check_perms('site_admin_forums')) {
error(403);
}
// Get topicid, forumid, number of pages
$DB->query("SELECT
TopicID,
ForumID,
CEIL(COUNT(p.ID)/".POSTS_PER_PAGE.") AS Pages,
CEIL(SUM(IF(p.ID<='$PostID',1,0))/".POSTS_PER_PAGE.") AS Page,
StickyPostID
$DB->query("
SELECT
TopicID,
ForumID,
CEIL(COUNT(p.ID)/".POSTS_PER_PAGE.") AS Pages,
CEIL(SUM(IF(p.ID<='$PostID',1,0))/".POSTS_PER_PAGE.") AS Page,
StickyPostID
FROM forums_posts AS p
JOIN forums_topics AS t ON t.ID=p.TopicID
WHERE p.TopicID=(SELECT TopicID FROM forums_posts WHERE ID='$PostID')
JOIN forums_topics AS t ON t.ID=p.TopicID
WHERE p.TopicID=(
SELECT TopicID
FROM forums_posts
WHERE ID='$PostID'
)
GROUP BY t.ID");
list($TopicID, $ForumID, $Pages, $Page, $StickyPostID) = $DB->next_record();
@ -30,22 +37,50 @@
$DB->query("SELECT MAX(ID) FROM forums_posts WHERE TopicID='$TopicID'");
list($LastID) = $DB->next_record();
$DB->query("UPDATE forums AS f, forums_topics AS t SET f.NumPosts=f.NumPosts-1, t.NumPosts=t.NumPosts-1 WHERE f.ID='$ForumID' AND t.ID='$TopicID'");
$DB->query("
UPDATE forums AS f, forums_topics AS t
SET f.NumPosts=f.NumPosts-1, t.NumPosts=t.NumPosts-1
WHERE f.ID='$ForumID' AND t.ID='$TopicID'");
if($LastID < $PostID) { // Last post in a topic was removed
$DB->query("SELECT p.AuthorID, u.Username, p.AddedTime FROM forums_posts AS p LEFT JOIN users_main AS u ON u.ID = p.AuthorID WHERE p.ID='$LastID'");
if ($LastID < $PostID) { // Last post in a topic was removed
$DB->query("
SELECT p.AuthorID, u.Username, p.AddedTime
FROM forums_posts AS p
LEFT JOIN users_main AS u ON u.ID = p.AuthorID
WHERE p.ID='$LastID'");
list($LastAuthorID, $LastAuthorName, $LastTime) = $DB->next_record();
$DB->query("UPDATE forums_topics SET LastPostID='$LastID', LastPostAuthorID='$LastAuthorID', LastPostTime='$LastTime' WHERE ID='$TopicID'");
$DB->query("SELECT
t.ID, t.Title, t.LastPostID, t.LastPostTime, t.LastPostAuthorID, u.Username
$DB->query("
UPDATE forums_topics
SET
LastPostID='$LastID',
LastPostAuthorID='$LastAuthorID',
LastPostTime='$LastTime'
WHERE ID='$TopicID'");
$DB->query("
SELECT
t.ID,
t.Title,
t.LastPostID,
t.LastPostTime,
t.LastPostAuthorID,
u.Username
FROM forums_topics AS t
LEFT JOIN users_main AS u ON u.ID = t.LastPostAuthorID
LEFT JOIN users_main AS u ON u.ID = t.LastPostAuthorID
WHERE ForumID='$ForumID' AND t.ID<>'$TopicID'
ORDER BY LastPostID DESC LIMIT 1");
ORDER BY LastPostID DESC
LIMIT 1");
list($LastTopicID, $LastTopicTitle, $LastTopicPostID, $LastTopicPostTime, $LastTopicAuthorID, $LastTopicAuthorName) = $DB->next_record(MYSQLI_BOTH, false);
if($LastID < $LastTopicPostID) { // Topic is no longer the most recent in its forum
$DB->query("UPDATE forums SET LastPostTopicID='$LastTopicID', LastPostID='$LastTopicPostID', LastPostAuthorID='$LastTopicAuthorID', LastPostTime='$LastTopicPostTime' WHERE ID='$ForumID' AND LastPostTopicID='$TopicID'");
if ($LastID < $LastTopicPostID) { // Topic is no longer the most recent in its forum
$DB->query("
UPDATE forums
SET
LastPostTopicID='$LastTopicID',
LastPostID='$LastTopicPostID',
LastPostAuthorID='$LastTopicAuthorID',
LastPostTime='$LastTopicPostTime'
WHERE ID='$ForumID'
AND LastPostTopicID='$TopicID'");
$UpdateArrayForums = array(
'NumPosts' => '-1',
'LastPostID' => $LastTopicPostID,
@ -54,7 +89,14 @@
'LastPostTopicID' => $LastTopicID,
'Title' => $LastTopicTitle);
} else { // Topic is still the most recent in its forum
$DB->query("UPDATE forums SET LastPostID='$LastID', LastPostAuthorID='$LastAuthorID', LastPostTime='$LastTime' WHERE ID='$ForumID' AND LastPostTopicID='$TopicID'");
$DB->query("
UPDATE forums
SET
LastPostID='$LastID',
LastPostAuthorID='$LastAuthorID',
LastPostTime='$LastTime'
WHERE ID='$ForumID'
AND LastPostTopicID='$TopicID'");
$UpdateArrayForums = array(
'NumPosts' => '-1',
'LastPostID' => $LastID,
@ -67,14 +109,14 @@
$UpdateArrayThread = array('Posts' => '-1');
}
if($StickyPostID == $PostID) {
if ($StickyPostID == $PostID) {
$DB->query("UPDATE forums_topics SET StickyPostID = 0 WHERE ID = $TopicID");
}
//We need to clear all subsequential catalogues as they've all been bumped with the absence of this post
$ThisCatalogue = floor((POSTS_PER_PAGE*$Page-POSTS_PER_PAGE)/THREAD_CATALOGUE);
$LastCatalogue = floor((POSTS_PER_PAGE*$Pages-POSTS_PER_PAGE)/THREAD_CATALOGUE);
for($i=$ThisCatalogue;$i<=$LastCatalogue;$i++) {
$ThisCatalogue = floor((POSTS_PER_PAGE * $Page - POSTS_PER_PAGE) / THREAD_CATALOGUE);
$LastCatalogue = floor((POSTS_PER_PAGE * $Pages - POSTS_PER_PAGE) / THREAD_CATALOGUE);
for ($i = $ThisCatalogue; $i <= $LastCatalogue; $i++) {
$Cache->delete('thread_'.$TopicID.'_catalogue_'.$i);
}

22
sections/forums/delete_poll_option.php
View File

@ -1,21 +1,21 @@
<?
authorize();
if(!check_perms("site_moderate_forums")) {
if (!check_perms('site_moderate_forums')) {
error(404);
}
$ThreadID = $_GET['threadid'];
$PollOption = $_GET['vote'];
if(is_number($ThreadID) && is_number($PollOption)) {
if (is_number($ThreadID) && is_number($PollOption)) {
$DB->query("SELECT ForumID FROM forums_topics WHERE ID = $ThreadID");
list($ForumID) = $DB->next_record();
if(!in_array($ForumID, $ForumsRevealVoters)) {
if (!in_array($ForumID, $ForumsRevealVoters)) {
error(403);
}
$DB->query("SELECT Answers FROM forums_polls WHERE TopicID = ".$ThreadID);
if($DB->record_count() < 1) {
$DB->query("SELECT Answers FROM forums_polls WHERE TopicID = $ThreadID");
if ($DB->record_count() < 1) {
error(404);
}
@ -24,11 +24,17 @@
unset($Answers[$PollOption]);
$Answers = serialize($Answers);
$DB->query("UPDATE forums_polls SET Answers = '".db_string($Answers)."' WHERE TopicID = ".$ThreadID);
$DB->query("DELETE FROM forums_polls_votes WHERE Vote = ".$PollOption." AND TopicID = ".$ThreadID);
$DB->query("
UPDATE forums_polls
SET Answers = '".db_string($Answers)."'
WHERE TopicID = $ThreadID");
$DB->query("
DELETE FROM forums_polls_votes
WHERE Vote = $PollOption
AND TopicID = $ThreadID");
$Cache->delete_value('polls_'.$ThreadID);
header("Location: forums.php?action=viewthread&threadid=".$ThreadID);
header('Location: forums.php?action=viewthread&threadid='.$ThreadID);
} else {
error(404);

25
sections/forums/edit_rules.php
View File

@ -1,26 +1,31 @@
<?
enforce_login();
if(!check_perms('site_moderate_forums')) {
if (!check_perms('site_moderate_forums')) {
error(403);
}
$ForumID = $_GET['forumid'];
if(!is_number($ForumID)) {
if (!is_number($ForumID)) {
error(404);
}
if(!empty($_POST['add']) || (!empty($_POST['del']))) {
if(!empty($_POST['add'])) {
if(is_number($_POST['new_thread'])) {
$DB->query("INSERT INTO forums_specific_rules (ForumID, ThreadID) VALUES (".$ForumID.", ".$_POST['new_thread'].")");
if (!empty($_POST['add']) || (!empty($_POST['del']))) {
if (!empty($_POST['add'])) {
if (is_number($_POST['new_thread'])) {
$DB->query("
INSERT INTO forums_specific_rules (ForumID, ThreadID)
VALUES ($ForumID, ".$_POST['new_thread'].')');
}
}
if(!empty($_POST['del'])) {
if(is_number($_POST['threadid'])) {
$DB->query("DELETE FROM forums_specific_rules WHERE ForumID = ".$ForumID." AND ThreadID = ".$_POST['threadid']);
if (!empty($_POST['del'])) {
if (is_number($_POST['threadid'])) {
$DB->query("
DELETE FROM forums_specific_rules
WHERE ForumID = $ForumID
AND ThreadID = ".$_POST['threadid']);
}
}
$Cache->delete_value('forums_list');
@ -56,7 +61,7 @@
<input type="submit" name="add" value="Add thread" />
</td>
</form>
<? foreach($ThreadIDs as $ThreadID) { ?>
<? foreach ($ThreadIDs as $ThreadID) { ?>
<tr>
<td><?=$ThreadID?></td>
<td>

32
sections/forums/main.php
View File

@ -7,21 +7,27 @@
//We have to iterate here because if one is empty it breaks the query
$TopicIDs = array();
foreach($Forums as $Forum) {
foreach ($Forums as $Forum) {
if (!empty($Forum['LastPostTopicID'])) {
$TopicIDs[]=$Forum['LastPostTopicID'];
}
}
//Now if we have IDs' we run the query
if(!empty($TopicIDs)) {
$DB->query("SELECT
l.TopicID,
l.PostID,
CEIL((SELECT COUNT(ID) FROM forums_posts WHERE forums_posts.TopicID = l.TopicID AND forums_posts.ID<=l.PostID)/$PerPage) AS Page
if (!empty($TopicIDs)) {
$DB->query("
SELECT
l.TopicID,
l.PostID,
CEIL((
SELECT COUNT(ID)
FROM forums_posts
WHERE forums_posts.TopicID = l.TopicID
AND forums_posts.ID<=l.PostID
)/$PerPage) AS Page
FROM forums_last_read_topics AS l
WHERE TopicID IN(".implode(',',$TopicIDs).") AND
UserID='$LoggedUser[ID]'");
WHERE TopicID IN(".implode(',',$TopicIDs).")
AND UserID='$LoggedUser[ID]'");
$LastRead = $DB->to_array('TopicID', MYSQLI_ASSOC);
} else {
$LastRead = array();
@ -35,7 +41,7 @@
<?
$Row = 'a';
$LastCategoryID=0;
$LastCategoryID = 0;
$OpenTable = false;
$DB->query("SELECT RestrictedForums FROM users_info WHERE UserID = ".$LoggedUser['ID']);
list($RestrictedForums) = $DB->next_record();
@ -74,8 +80,12 @@
$Read = 'read';
}
/* Removed per request, as distracting
if($Locked) { $Read .= "_locked"; }
if($Sticky) { $Read .= "_sticky"; }
if ($Locked) {
$Read .= "_locked";
}
if ($Sticky) {
$Read .= "_sticky";
}
*/
?>
<tr class="row<?=$Row?>">

30
sections/forums/poll_mod.php
View File

@ -1,16 +1,28 @@
<?
authorize();
if(!check_perms('forums_polls_moderate')) { error(403,true); }
if(!isset($_POST['topicid']) || !is_number($_POST['topicid'])) { error(0,true); }
if (!check_perms('forums_polls_moderate')) {
error(403,true);
}
if (!isset($_POST['topicid']) || !is_number($_POST['topicid'])) {
error(0,true);
}
$TopicID = $_POST['topicid'];
//Currently serves as a Featured Toggle
if (!list($Question,$Answers,$Votes,$Featured,$Closed) = $Cache->get_value('polls_'.$TopicID)) {
$DB->query("SELECT Question, Answers, Featured, Closed FROM forums_polls WHERE TopicID='".$TopicID."'");
$DB->query("
SELECT Question, Answers, Featured, Closed
FROM forums_polls
WHERE TopicID='".$TopicID."'");
list($Question, $Answers, $Featured, $Closed) = $DB->next_record(MYSQLI_NUM, array(1));
$Answers = unserialize($Answers);
$DB->query("SELECT Vote, COUNT(UserID) FROM forums_polls_votes WHERE TopicID='$TopicID' AND Vote <> '0' GROUP BY Vote");
$DB->query("
SELECT Vote, COUNT(UserID)
FROM forums_polls_votes
WHERE TopicID='$TopicID'
AND Vote <> '0'
GROUP BY Vote");
$VoteArray = $DB->to_array(false, MYSQLI_NUM);
$Votes = array();
@ -30,13 +42,19 @@
if (!$Featured || $Featured == '0000-00-00 00:00:00') {
$Featured = sqltime();
$Cache->cache_value('polls_featured',$TopicID,0);
$DB->query('UPDATE forums_polls SET Featured=\''.sqltime().'\' WHERE TopicID=\''.$TopicID.'\'');
$DB->query('
UPDATE forums_polls
SET Featured=\''.sqltime().'\'
WHERE TopicID=\''.$TopicID.'\'');
}
}
if (isset($_POST['close'])) {
$Closed = !$Closed;
$DB->query('UPDATE forums_polls SET Closed=\''.$Closed.'\' WHERE TopicID=\''.$TopicID.'\'');
$DB->query('
UPDATE forums_polls
SET Closed=\''.$Closed.'\'
WHERE TopicID=\''.$TopicID.'\'');
}
$Cache->cache_value('polls_'.$TopicID, array($Question,$Answers,$Votes,$Featured,$Closed), 0);

31
sections/forums/sticky_post.php
View File

@ -1,7 +1,7 @@
<?
enforce_login();
authorize();
if(!check_perms('site_moderate_forums')) {
if (!check_perms('site_moderate_forums')) {
error(403);
}
@ -9,28 +9,35 @@
$PostID = $_GET['postid'];
$Delete = !empty($_GET['remove']);
if(!$ThreadID || !$PostID || !is_number($ThreadID) || !is_number($PostID)) {
if (!$ThreadID || !$PostID || !is_number($ThreadID) || !is_number($PostID)) {
error(404);
}
$DB->query("SELECT
CEIL(COUNT(ID)/".POSTS_PER_PAGE.") AS Pages,
CEIL(SUM(IF(ID<=$PostID,1,0))/".POSTS_PER_PAGE.") AS Page
$DB->query("
SELECT
CEIL(COUNT(ID)/".POSTS_PER_PAGE.") AS Pages,
CEIL(SUM(IF(ID<=$PostID,1,0))/".POSTS_PER_PAGE.") AS Page
FROM forums_posts
WHERE TopicID=$ThreadID
GROUP BY TopicID");
if($DB->record_count()) {
if ($DB->record_count()) {
list($Pages,$Page) = $DB->next_record();
if($Delete) {
$DB->query("UPDATE forums_topics SET StickyPostID = 0 WHERE ID = ".$ThreadID);
if ($Delete) {
$DB->query("
UPDATE forums_topics
SET StickyPostID = 0
WHERE ID = $ThreadID");
} else {
$DB->query("UPDATE forums_topics SET StickyPostID = ".$PostID." WHERE ID = ".$ThreadID);
$DB->query("
UPDATE forums_topics
SET StickyPostID = $PostID
WHERE ID = $ThreadID");
}
$Cache->delete_value('thread_'.$ThreadID.'_info');
$ThisCatalogue = floor((POSTS_PER_PAGE*$Page-POSTS_PER_PAGE)/THREAD_CATALOGUE);
$LastCatalogue = floor((POSTS_PER_PAGE*$Pages-POSTS_PER_PAGE)/THREAD_CATALOGUE);
for($i=$ThisCatalogue;$i<=$LastCatalogue;$i++) {
$ThisCatalogue = floor((POSTS_PER_PAGE * $Page - POSTS_PER_PAGE) / THREAD_CATALOGUE);
$LastCatalogue = floor((POSTS_PER_PAGE * $Pages - POSTS_PER_PAGE) / THREAD_CATALOGUE);
for ($i = $ThisCatalogue; $i <= $LastCatalogue; $i++) {
$Cache->delete('thread_'.$ThreadID.'_catalogue_'.$i);
}
}

129
sections/forums/take_reply.php
View File

@ -27,23 +27,23 @@
$PerPage = POSTS_PER_PAGE;
}
if(isset($_POST['thread']) && !is_number($_POST['thread'])) {
if (isset($_POST['thread']) && !is_number($_POST['thread'])) {
error(0);
}
if(isset($_POST['forum']) && !is_number($_POST['forum'])) {
if (isset($_POST['forum']) && !is_number($_POST['forum'])) {
error(0);
}
//If you're not sending anything, go back
if($_POST['body']==='' || !isset($_POST['body'])) {
// If you're not sending anything, go back
if ($_POST['body'] === '' || !isset($_POST['body'])) {
header('Location: '.$_SERVER['HTTP_REFERER']);
die();
}
$Body = $_POST['body'];
if($LoggedUser['DisablePosting']) {
error('Your posting rights have been removed');
if ($LoggedUser['DisablePosting']) {
error('Your posting privileges have been removed');
}
$TopicID = $_POST['thread'];
@ -51,38 +51,57 @@
$ForumID = $ThreadInfo['ForumID'];
$SQLTime = sqltime();
if(!check_forumperm($ForumID)) { error(403); }
if(!check_forumperm($ForumID, 'Write') || $LoggedUser['DisablePosting'] || $ThreadInfo['IsLocked'] == "1" && !check_perms('site_moderate_forums')) { error(403); }
if (!check_forumperm($ForumID)) {
error(403);
}
if (!check_forumperm($ForumID, 'Write') || $LoggedUser['DisablePosting'] || $ThreadInfo['IsLocked'] == '1' && !check_perms('site_moderate_forums')) {
error(403);
}
if(isset($_POST['subscribe'])) {
$DB->query("INSERT IGNORE INTO users_subscriptions VALUES ($LoggedUser[ID], '".db_string($TopicID)."')");
if (isset($_POST['subscribe'])) {
$DB->query("
INSERT IGNORE INTO users_subscriptions
VALUES ($LoggedUser[ID], '".db_string($TopicID)."')");
$Cache->delete_value('subscriptions_user_'.$LoggedUser['ID']);
}
//Now lets handle the special case of merging posts, we can skip bumping the thread and all that fun
if ($ThreadInfo['LastPostAuthorID'] == $LoggedUser['ID'] && ((!check_perms('site_forums_double_post') && !in_array($ForumID, $ForumsDoublePost)) || isset($_POST['merge']))) {
//Get the id for this post in the database to append
$DB->query("SELECT ID, Body FROM forums_posts WHERE TopicID='$TopicID' AND AuthorID='".$LoggedUser['ID']."' ORDER BY ID DESC LIMIT 1");
$DB->query("
SELECT ID, Body
FROM forums_posts
WHERE TopicID='$TopicID'
AND AuthorID='".$LoggedUser['ID']."'
ORDER BY ID DESC
LIMIT 1");
list($PostID, $OldBody) = $DB->next_record(MYSQLI_NUM, false);
//Edit the post
$DB->query("UPDATE forums_posts SET Body = CONCAT(Body,'"."\n\n".db_string($Body)."'), EditedUserID = '".$LoggedUser['ID']."', EditedTime = '".$SQLTime."' WHERE ID='$PostID'");
$DB->query("
UPDATE forums_posts
SET
Body = CONCAT(Body,'"."\n\n".db_string($Body)."'),
EditedUserID = '".$LoggedUser['ID']."',
EditedTime = '$SQLTime'
WHERE ID='$PostID'");
//Store edit history
$DB->query("INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('forums', ".$PostID.", ".$LoggedUser['ID'].", '".$SQLTime."', '".db_string($OldBody)."')");
$DB->query("
INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('forums', $PostID, ".$LoggedUser['ID'].", '$SQLTime', '".db_string($OldBody)."')");
$Cache->delete_value("forums_edits_$PostID");
//Get the catalogue it is in
$CatalogueID = floor((POSTS_PER_PAGE*ceil($ThreadInfo['Posts']/POSTS_PER_PAGE)-POSTS_PER_PAGE)/THREAD_CATALOGUE);
$CatalogueID = floor((POSTS_PER_PAGE * ceil($ThreadInfo['Posts'] / POSTS_PER_PAGE) - POSTS_PER_PAGE) / THREAD_CATALOGUE);
//Get the catalogue value for the post we're appending to
if($ThreadInfo['Posts']%THREAD_CATALOGUE == 0) {
$Key = THREAD_CATALOGUE-1;
if ($ThreadInfo['Posts'] % THREAD_CATALOGUE == 0) {
$Key = THREAD_CATALOGUE - 1;
} else {
$Key = ($ThreadInfo['Posts']%THREAD_CATALOGUE)-1;
$Key = ($ThreadInfo['Posts'] % THREAD_CATALOGUE) - 1;
}
if($ThreadInfo['StickyPostID'] == $PostID) {
if ($ThreadInfo['StickyPostID'] == $PostID) {
$ThreadInfo['StickyPost']['Body'] .= "\n\n$Body";
$ThreadInfo['StickyPost']['EditedUserID'] = $LoggedUser['ID'];
$ThreadInfo['StickyPost']['EditedTime'] = $SQLTime;
@ -102,37 +121,42 @@
//Now we're dealing with a normal post
} else {
//Insert the post into the posts database
$DB->query("INSERT INTO forums_posts (TopicID, AuthorID, AddedTime, Body)
VALUES ('$TopicID', '".$LoggedUser['ID']."', '".$SQLTime."', '".db_string($Body)."')");
$DB->query("
INSERT INTO forums_posts (TopicID, AuthorID, AddedTime, Body)
VALUES ('$TopicID', '".$LoggedUser['ID']."', '$SQLTime', '".db_string($Body)."')");
$PostID = $DB->inserted_id();
//This updates the root index
$DB->query("UPDATE forums SET
NumPosts = NumPosts+1,
LastPostID = '$PostID',
LastPostAuthorID = '".$LoggedUser['ID']."',
LastPostTopicID = '$TopicID',
LastPostTime = '".$SQLTime."'
WHERE ID = '$ForumID'");
$DB->query("
UPDATE forums
SET
NumPosts = NumPosts+1,
LastPostID = '$PostID',
LastPostAuthorID = '".$LoggedUser['ID']."',
LastPostTopicID = '$TopicID',
LastPostTime = '$SQLTime'
WHERE ID = '$ForumID'");
//Update the topic
$DB->query("UPDATE forums_topics SET
NumPosts = NumPosts+1,
LastPostID = '$PostID',
LastPostAuthorID = '".$LoggedUser['ID']."',
LastPostTime = '".$SQLTime."'
WHERE ID = '$TopicID'");
$DB->query("
UPDATE forums_topics
SET
NumPosts = NumPosts+1,
LastPostID = '$PostID',
LastPostAuthorID = '".$LoggedUser['ID']."',
LastPostTime = '$SQLTime'
WHERE ID = '$TopicID'");
//if cache exists modify it, if not, then it will be correct when selected next, and we can skip this block
if ($Forum = $Cache->get_value('forums_'.$ForumID)) {
list($Forum,,,$Stickies) = $Forum;
//if the topic is already on this page
if (array_key_exists($TopicID,$Forum)) {
if (array_key_exists($TopicID, $Forum)) {
$Thread = $Forum[$TopicID];
unset($Forum[$TopicID]);
$Thread['NumPosts'] = $Thread['NumPosts']+1; //Increment post count
$Thread['NumPosts'] = $Thread['NumPosts'] + 1; //Increment post count
$Thread['LastPostID'] = $PostID; //Set postid for read/unread
$Thread['LastPostTime'] = $SQLTime; //Time of last post
$Thread['LastPostAuthorID'] = $LoggedUser['ID']; //Last poster id
@ -147,7 +171,16 @@
//Never know if we get a page full of stickies...
if ($Stickies < TOPICS_PER_PAGE || $ThreadInfo['IsSticky'] == 1) {
//Pull the data for the thread we're bumping
$DB->query("SELECT f.AuthorID, f.IsLocked, f.IsSticky, f.NumPosts, ISNULL(p.TopicID) AS NoPoll FROM forums_topics AS f LEFT JOIN forums_polls AS p ON p.TopicID=f.ID WHERE f.ID ='$TopicID'");
$DB->query("
SELECT
f.AuthorID,
f.IsLocked,
f.IsSticky,
f.NumPosts,
ISNULL(p.TopicID) AS NoPoll
FROM forums_topics AS f
LEFT JOIN forums_polls AS p ON p.TopicID=f.ID
WHERE f.ID ='$TopicID'");
list($AuthorID,$IsLocked,$IsSticky,$NumPosts,$NoPoll) = $DB->next_record();
$Part2 = array($TopicID => array(
'ID' => $TopicID,
@ -166,15 +199,19 @@
}
}
if ($Stickies > 0) {
$Part1 = array_slice($Forum,0,$Stickies,true); //Stickies
$Part3 = array_slice($Forum,$Stickies,TOPICS_PER_PAGE-$Stickies-1,true); //Rest of page
$Part1 = array_slice($Forum, 0, $Stickies, true); //Stickies
$Part3 = array_slice($Forum, $Stickies, TOPICS_PER_PAGE - $Stickies - 1, true); //Rest of page
} else {
$Part1 = array();
$Part3 = $Forum;
}
if (is_null($Part1)) { $Part1 = array(); }
if (is_null($Part3)) { $Part3 = array(); }
if($ThreadInfo['IsSticky'] == 1) {
if (is_null($Part1)) {
$Part1 = array();
}
if (is_null($Part3)) {
$Part3 = array();
}
if ($ThreadInfo['IsSticky'] == 1) {
$Forum = $Part2 + $Part1 + $Part3; //Merge it
} else {
$Forum = $Part1 + $Part2 + $Part3; //Merge it
@ -201,7 +238,7 @@
//This calculates the block of 500 posts that this one will fall under
$CatalogueID = floor((POSTS_PER_PAGE*ceil($ThreadInfo['Posts']/POSTS_PER_PAGE)-POSTS_PER_PAGE)/THREAD_CATALOGUE);
$CatalogueID = floor((POSTS_PER_PAGE * ceil($ThreadInfo['Posts'] / POSTS_PER_PAGE) - POSTS_PER_PAGE) / THREAD_CATALOGUE);
//Insert the post into the thread catalogue (block of 500 posts)
$Cache->begin_transaction('thread_'.$TopicID.'_catalogue_'.$CatalogueID);
@ -226,12 +263,12 @@
}
$DB->query("SELECT UserID FROM users_subscriptions WHERE TopicID = ".$TopicID);
if($DB->record_count() > 0) {
if ($DB->record_count() > 0) {
$Subscribers = $DB->collect('UserID');
foreach($Subscribers as $Subscriber) {
foreach ($Subscribers as $Subscriber) {
$Cache->delete_value('subscriptions_user_new_'.$Subscriber);
}
}
Forums::quote_notify($Body, $PostID, 'forums', $TopicID);
header('Location: forums.php?action=viewthread&threadid='.$TopicID.'&page='.ceil($ThreadInfo['Posts']/$PerPage));
header('Location: forums.php?action=viewthread&threadid='.$TopicID.'&page='.ceil($ThreadInfo['Posts'] / $PerPage));
die();

53
sections/forums/takeedit.php
View File

@ -19,7 +19,7 @@
$Text = new TEXT;
// Quick SQL injection check
if(!$_POST['post'] || !is_number($_POST['post']) || !is_number($_POST['key'])) {
if (!$_POST['post'] || !is_number($_POST['post']) || !is_number($_POST['key'])) {
error(0,true);
}
// End injection check
@ -33,56 +33,60 @@
$DoPM = isset($_POST['pm']) ? $_POST['pm'] : 0;
// Mainly
$DB->query("SELECT
$DB->query("
SELECT
p.Body,
p.AuthorID,
p.TopicID,
t.IsLocked,
t.ForumID,
f.MinClassWrite,
CEIL((SELECT COUNT(ID)
CEIL((
SELECT COUNT(ID)
FROM forums_posts
WHERE forums_posts.TopicID = p.TopicID
AND forums_posts.ID <= '$PostID')/".POSTS_PER_PAGE.")
AS Page
FROM forums_posts as p
AND forums_posts.ID <= '$PostID')/".POSTS_PER_PAGE."
) AS Page
FROM forums_posts as p
JOIN forums_topics as t on p.TopicID = t.ID
JOIN forums as f ON t.ForumID=f.ID
WHERE p.ID='$PostID'");
WHERE p.ID='$PostID'");
list($OldBody, $AuthorID, $TopicID, $IsLocked, $ForumID, $MinClassWrite, $Page) = $DB->next_record();
// Make sure they aren't trying to edit posts they shouldn't
// We use die() here instead of error() because whatever we spit out is displayed to the user in the box where his forum post is
if(!check_forumperm($ForumID, 'Write') || ($IsLocked && !check_perms('site_moderate_forums'))) {
if (!check_forumperm($ForumID, 'Write') || ($IsLocked && !check_perms('site_moderate_forums'))) {
error('Either the thread is locked, or you lack the permission to edit this post.', true);
}
if($UserID != $AuthorID && !check_perms('site_moderate_forums')) {
if ($UserID != $AuthorID && !check_perms('site_moderate_forums')) {
error(403,true);
}
if($LoggedUser['DisablePosting']) {
error('Your posting rights have been removed.', true);
if ($LoggedUser['DisablePosting']) {
error('Your posting privileges have been removed.', true);
}
if($DB->record_count()==0) {
if ($DB->record_count() == 0) {
error(404,true);
}
// Send a PM to the user to notify them of the edit
if($UserID != $AuthorID && $DoPM) {
if ($UserID != $AuthorID && $DoPM) {
$PMSubject = 'Your post #'.$PostID.' has been edited';
$PMurl = 'https://'.NONSSL_SITE_URL.'/forums.php?action=viewthread&postid='.$PostID.'#post'.$PostID;
$ProfLink = '[url=https://'.NONSSL_SITE_URL.'/user.php?id='.$UserID.']'.$LoggedUser['Username'].'[/url]';
$PMurl = 'https://'.SSL_SITE_URL.'/forums.php?action=viewthread&postid='.$PostID.'#post'.$PostID;
$ProfLink = '[url=https://'.SSL_SITE_URL.'/user.php?id='.$UserID.']'.$LoggedUser['Username'].'[/url]';
$PMBody = 'One of your posts has been edited by '.$ProfLink.': [url]'.$PMurl.'[/url]';
Misc::send_pm($AuthorID, 0, $PMSubject, $PMBody);
}
// Perform the update
$DB->query("UPDATE forums_posts SET
Body = '" . db_string($Body) . "',
EditedUserID = '$UserID',
EditedTime = '".$SQLTime."'
$DB->query("
UPDATE forums_posts
SET
Body = '" . db_string($Body) . "',
EditedUserID = '$UserID',
EditedTime = '".$SQLTime."'
WHERE ID='$PostID'");
$CatalogueID = floor((POSTS_PER_PAGE*$Page-POSTS_PER_PAGE)/THREAD_CATALOGUE);
$CatalogueID = floor((POSTS_PER_PAGE * $Page - POSTS_PER_PAGE) / THREAD_CATALOGUE);
$Cache->begin_transaction('thread_'.$TopicID.'_catalogue_'.$CatalogueID);
if ($Cache->MemcacheDBArray[$Key]['ID'] != $PostID) {
$Cache->cancel_transaction();
@ -97,18 +101,19 @@
'EditedTime'=>$SQLTime,
'Username'=>$LoggedUser['Username']
));
$Cache->commit_transaction(3600*24*5);
$Cache->commit_transaction(3600 * 24 * 5);
}
$ThreadInfo = get_thread_info($TopicID);
if($ThreadInfo['StickyPostID'] == $PostID) {
if ($ThreadInfo['StickyPostID'] == $PostID) {
$ThreadInfo['StickyPost']['Body'] = $Body;
$ThreadInfo['StickyPost']['EditedUserID'] = $LoggedUser['ID'];
$ThreadInfo['StickyPost']['EditedTime'] = $SQLTime;
$Cache->cache_value('thread_'.$TopicID.'_info', $ThreadInfo, 0);
}
$DB->query("INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('forums', ".$PostID.", ".$UserID.", '".$SQLTime."', '".db_string($OldBody)."')");
$DB->query("
INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('forums', $PostID, $UserID, '$SQLTime', '".db_string($OldBody)."')");
$Cache->delete_value("forums_edits_$PostID");
// This gets sent to the browser, which echoes it in place of the old body
echo $Text->full_format($Body);

133
sections/forums/thread.php
View File

@ -16,14 +16,13 @@
$Text = new TEXT(true);
// Check for lame SQL injection attempts
if(!isset($_GET['threadid']) || !is_number($_GET['threadid'])) {
if(isset($_GET['topicid']) && is_number($_GET['topicid'])) {
if (!isset($_GET['threadid']) || !is_number($_GET['threadid'])) {
if (isset($_GET['topicid']) && is_number($_GET['topicid'])) {
$ThreadID = $_GET['topicid'];
}
elseif(isset($_GET['postid']) && is_number($_GET['postid'])) {
} elseif (isset($_GET['postid']) && is_number($_GET['postid'])) {
$DB->query("SELECT TopicID FROM forums_posts WHERE ID = $_GET[postid]");
list($ThreadID) = $DB->next_record();
if($ThreadID) {
if ($ThreadID) {
header("Location: forums.php?action=viewthread&threadid=$ThreadID&postid=$_GET[postid]#post$_GET[postid]");
die();
} else {
@ -48,7 +47,7 @@
$ThreadInfo = get_thread_info($ThreadID, true, true);
$ForumID = $ThreadInfo['ForumID'];
// Make sure they're allowed to look at the page
if(!check_forumperm($ForumID)) {
if (!check_forumperm($ForumID)) {
error(403);
}
@ -57,11 +56,15 @@
$ForumName = display_str($Forums[$ForumID]['Name']);
//Post links utilize the catalogue & key params to prevent issues with custom posts per page
if($ThreadInfo['Posts'] > $PerPage) {
if(isset($_GET['post']) && is_number($_GET['post'])) {
if ($ThreadInfo['Posts'] > $PerPage) {
if (isset($_GET['post']) && is_number($_GET['post'])) {
$PostNum = $_GET['post'];
} elseif(isset($_GET['postid']) && is_number($_GET['postid']) && $_GET['postid'] != $ThreadInfo['StickyPostID']) {
$SQL = "SELECT COUNT(ID) FROM forums_posts WHERE TopicID = $ThreadID AND ID <= $_GET[postid]";
} elseif (isset($_GET['postid']) && is_number($_GET['postid']) && $_GET['postid'] != $ThreadInfo['StickyPostID']) {
$SQL = "
SELECT COUNT(ID)
FROM forums_posts
WHERE TopicID = $ThreadID
AND ID <= $_GET[postid]";
if ($ThreadInfo['StickyPostID'] < $_GET['postid']) {
$SQL .= " AND ID != $ThreadInfo[StickyPostID]";
}
@ -74,24 +77,26 @@
$PostNum = 1;
}
list($Page,$Limit) = Format::page_limit($PerPage, min($ThreadInfo['Posts'],$PostNum));
if(($Page-1)*$PerPage > $ThreadInfo['Posts']) {
$Page = ceil($ThreadInfo['Posts']/$PerPage);
if (($Page - 1) * $PerPage > $ThreadInfo['Posts']) {
$Page = ceil($ThreadInfo['Posts'] / $PerPage);
}
list($CatalogueID,$CatalogueLimit) = Format::catalogue_limit($Page,$PerPage,THREAD_CATALOGUE);
// Cache catalogue from which the page is selected, allows block caches and future ability to specify posts per page
if(!$Catalogue = $Cache->get_value('thread_'.$ThreadID.'_catalogue_'.$CatalogueID)) {
$DB->query("SELECT
p.ID,
p.AuthorID,
p.AddedTime,
p.Body,
p.EditedUserID,
p.EditedTime,
ed.Username
if (!$Catalogue = $Cache->get_value('thread_'.$ThreadID.'_catalogue_'.$CatalogueID)) {
$DB->query("
SELECT
p.ID,
p.AuthorID,
p.AddedTime,
p.Body,
p.EditedUserID,
p.EditedTime,
ed.Username
FROM forums_posts as p
LEFT JOIN users_main AS ed ON ed.ID = p.EditedUserID
WHERE p.TopicID = '$ThreadID' AND p.ID != '".$ThreadInfo['StickyPostID']."'
LEFT JOIN users_main AS ed ON ed.ID = p.EditedUserID
WHERE p.TopicID = '$ThreadID'
AND p.ID != '".$ThreadInfo['StickyPostID']."'
LIMIT $CatalogueLimit");
$Catalogue = $DB->to_array(false,MYSQLI_ASSOC);
if (!$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) {
@ -103,7 +108,7 @@
$LastPost = end($Thread);
$LastPost = $LastPost['ID'];
reset($Thread);
if($ThreadInfo['Posts'] <= $PerPage*$Page && $ThreadInfo['StickyPostID'] > $LastPost) {
if ($ThreadInfo['Posts'] <= $PerPage * $Page && $ThreadInfo['StickyPostID'] > $LastPost) {
$LastPost = $ThreadInfo['StickyPostID'];
}
@ -112,12 +117,16 @@
if (!$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) {
$DB->query("SELECT PostID From forums_last_read_topics WHERE UserID='$LoggedUser[ID]' AND TopicID='$ThreadID'");
$DB->query("
SELECT PostID
FROM forums_last_read_topics
WHERE UserID='$LoggedUser[ID]'
AND TopicID='$ThreadID'");
list($LastRead) = $DB->next_record();
if($LastRead < $LastPost) {
$DB->query("INSERT INTO forums_last_read_topics
(UserID, TopicID, PostID) VALUES
('$LoggedUser[ID]', '".$ThreadID ."', '".db_string($LastPost)."')
if ($LastRead < $LastPost) {
$DB->query("
INSERT INTO forums_last_read_topics (UserID, TopicID, PostID)
VALUES ('$LoggedUser[ID]', '$ThreadID', '".db_string($LastPost)."')
ON DUPLICATE KEY UPDATE PostID='$LastPost'");
}
}
@ -139,7 +148,12 @@
}
$DB->query("UPDATE users_notify_quoted SET UnRead = false WHERE UserID = '$LoggedUser[ID]' AND Page = 'forums' AND PageID = '$ThreadID'");
$DB->query("
UPDATE users_notify_quoted
SET UnRead = false
WHERE UserID = '$LoggedUser[ID]'
AND Page = 'forums'
AND PageID = '$ThreadID'");
$Cache->delete_value('notify_quoted_' . $LoggedUser['ID']);
/*
$QuoteNotificationsCount = $Cache->get_value('notify_quoted_' . $LoggedUser['ID']);
@ -151,7 +165,7 @@
*/
// Start printing
View::show_header($ThreadInfo['Title'] . ' < '.$Forums[$ForumID]['Name'].' < '. 'Forums','comments,subscriptions,bbcode,jquery');
View::show_header($ThreadInfo['Title'] . ' &lt; '.$Forums[$ForumID]['Name'].' &lt; Forums','comments,subscriptions,bbcode,jquery');
?>
<div class="thin">
<h2>
@ -163,7 +177,7 @@
<div class="center">
<a href="reports.php?action=report&amp;type=thread&amp;id=<?=$ThreadID?>" class="brackets">Report thread</a>
<a href="#" onclick="Subscribe(<?=$ThreadID?>);return false;" id="subscribelink<?=$ThreadID?>" class="brackets"><?=(in_array($ThreadID, $UserSubscriptions) ? 'Unsubscribe' : 'Subscribe')?></a>
<a href="#" onclick="$('#searchthread').toggle(); this.innerHTML = (this.innerHTML == 'Search this thread'?'Hide search':'Search this thread'); return false;" class="brackets">Search this thread</a>
<a href="#" onclick="$('#searchthread').toggle(); this.innerHTML = (this.innerHTML == 'Search this thread' ? 'Hide search' : 'Search this thread'); return false;" class="brackets">Search this thread</a>
</div>
<div id="searchthread" class="hidden center">
<div style="display: inline-block;">
@ -179,7 +193,7 @@
<td><input type="text" id="username" name="user" size="70" /></td>
</tr>
<tr>
<td colspan="2" style="text-align: center">
<td colspan="2" style="text-align: center;">
<input type="hidden" name="action" value="search" />
<input type="hidden" name="threadid" value="<?=$ThreadID?>" />
<input type="submit" name="submit" value="Search" />
@ -191,17 +205,24 @@
</div>
</div>
<?
$Pages=Format::get_pages($Page,$ThreadInfo['Posts'],$PerPage,9);
$Pages = Format::get_pages($Page,$ThreadInfo['Posts'],$PerPage,9);
echo $Pages;
?>
</div>
<?
if ($ThreadInfo['NoPoll'] == 0) {
if (!list($Question,$Answers,$Votes,$Featured,$Closed) = $Cache->get_value('polls_'.$ThreadID)) {
$DB->query("SELECT Question, Answers, Featured, Closed FROM forums_polls WHERE TopicID='".$ThreadID."'");
$DB->query("
SELECT Question, Answers, Featured, Closed
FROM forums_polls
WHERE TopicID='$ThreadID'");
list($Question, $Answers, $Featured, $Closed) = $DB->next_record(MYSQLI_NUM, array(1));
$Answers = unserialize($Answers);
$DB->query("SELECT Vote, COUNT(UserID) FROM forums_polls_votes WHERE TopicID='$ThreadID' GROUP BY Vote");
$DB->query("
SELECT Vote, COUNT(UserID)
FROM forums_polls_votes
WHERE TopicID='$ThreadID'
GROUP BY Vote");
$VoteArray = $DB->to_array(false, MYSQLI_NUM);
$Votes = array();
@ -210,7 +231,7 @@
$Votes[$Key] = $Value;
}
foreach(array_keys($Answers) as $i) {
foreach (array_keys($Answers) as $i) {
if (!isset($Votes[$i])) {
$Votes[$i] = 0;
}
@ -228,12 +249,16 @@
$RevealVoters = in_array($ForumID, $ForumsRevealVoters);
//Polls lose the you voted arrow thingy
$DB->query("SELECT Vote FROM forums_polls_votes WHERE UserID='".$LoggedUser['ID']."' AND TopicID='$ThreadID'");
$DB->query("
SELECT Vote
FROM forums_polls_votes
WHERE UserID='".$LoggedUser['ID']."'
AND TopicID='$ThreadID'");
list($UserResponse) = $DB->next_record();
if (!empty($UserResponse) && $UserResponse != 0) {
$Answers[$UserResponse] = '&raquo; '.$Answers[$UserResponse];
} else {
if(!empty($UserResponse) && $RevealVoters) {
if (!empty($UserResponse) && $RevealVoters) {
$Answers[$UserResponse] = '&raquo; '.$Answers[$UserResponse];
}
}
@ -282,31 +307,33 @@
$Staff = get_staff();
$StaffNames = array();
foreach($Staff as $Staffer) {
foreach ($Staff as $Staffer) {
$StaffNames[] = $Staffer['Username'];
}
$DB->query("SELECT fpv.Vote AS Vote,
GROUP_CONCAT(um.Username SEPARATOR ', ')
FROM users_main AS um
LEFT JOIN forums_polls_votes AS fpv ON um.ID = fpv.UserID
WHERE TopicID = ".$ThreadID."
GROUP BY fpv.Vote");
$DB->query("
SELECT
fpv.Vote AS Vote,
GROUP_CONCAT(um.Username SEPARATOR ', ')
FROM users_main AS um
LEFT JOIN forums_polls_votes AS fpv ON um.ID = fpv.UserID
WHERE TopicID = ".$ThreadID."
GROUP BY fpv.Vote");
$StaffVotesTmp = $DB->to_array();
$StaffCount = count($StaffNames);
$StaffVotes = array();
foreach($StaffVotesTmp as $StaffVote) {
foreach ($StaffVotesTmp as $StaffVote) {
list($Vote, $Names) = $StaffVote;
$StaffVotes[$Vote] = $Names;
$Names = explode(", ", $Names);
$Names = explode(', ', $Names);
$StaffNames = array_diff($StaffNames, $Names);
}
?> <ul style="list-style: none;" id="poll_options">
<?
foreach($Answers as $i => $Answer) {
foreach ($Answers as $i => $Answer) {
?>
<li>
<a href="forums.php?action=change_vote&amp;threadid=<?=$ThreadID?>&amp;auth=<?=$LoggedUser['AuthKey']?>&amp;vote=<?=(int) $i?>"><?=display_str($Answer == '' ? 'Blank' : $Answer)?></a>
@ -400,7 +427,7 @@
list($AuthorID, $Username, $PermissionID, $Paranoia, $Artist, $Donor, $Warned, $Avatar, $Enabled, $UserTitle) = array_values(Users::user_info($AuthorID));
?>
<table class="forum_post wrap_overflow box vertical_margin<?
if (((!$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) && $PostID>$LastRead && strtotime($AddedTime)>$LoggedUser['CatchupTime']) || (isset($RequestKey) && $Key==$RequestKey)) {
if (((!$ThreadInfo['IsLocked'] || $ThreadInfo['IsSticky']) && $PostID > $LastRead && strtotime($AddedTime) > $LoggedUser['CatchupTime']) || (isset($RequestKey) && $Key == $RequestKey)) {
echo ' forum_unread';
}
if (!Users::has_avatars_enabled()) {
@ -420,7 +447,7 @@
</colgroup>
<tr class="colhead_dark">
<td colspan="<?=Users::has_avatars_enabled() ? 2 : 1?>">
<div style="float:left;"><a class="post_id" href="forums.php?action=viewthread&amp;threadid=<?=$ThreadID?>&amp;postid=<?=$PostID?>#post<?=$PostID?>">#<?=$PostID?></a>
<div style="float: left;"><a class="post_id" href="forums.php?action=viewthread&amp;threadid=<?=$ThreadID?>&amp;postid=<?=$PostID?>#post<?=$PostID?>">#<?=$PostID?></a>
<?=Users::format_username($AuthorID, true, true, true, true, true)?>
<?=time_diff($AddedTime,2)?>
<? if (!$ThreadInfo['IsLocked'] || check_perms('site_moderate_forums')) { ?>
@ -444,7 +471,7 @@
}
?>
</div>
<div id="bar<?=$PostID?>" style="float:right;">
<div id="bar<?=$PostID?>" style="float: right;">
<a href="reports.php?action=report&amp;type=post&amp;id=<?=$PostID?>" class="brackets">Report</a>
<? if (check_perms('users_warn') && $AuthorID != $LoggedUser['ID']) {
$AuthorInfo = Users::user_info($AuthorID);
@ -477,7 +504,7 @@
<? if ($EditedUserID) { ?>
<br />
<br />
<? if(check_perms('site_admin_forums')) { ?>
<? if (check_perms('site_admin_forums')) { ?>
<a href="#content<?=$PostID?>" onclick="LoadEdit('forums', <?=$PostID?>, 1); return false;">&laquo;</a>
<? } ?>
Last edited by

24
sections/forums/warn.php
View File

@ -1,16 +1,20 @@
<?php
if (!check_perms('users_warn')) { error(404);}
if (!check_perms('users_warn')) {
error(404);
}
Misc::assert_isset_request($_POST, array('postid', 'userid', 'key'));
$PostID = (int) $_POST['postid'];
$UserID = (int)$_POST['userid'];
$Key = (int)$_POST['key'];
$UserInfo = Users::user_info($UserID);
$DB -> query(" SELECT
p.Body,
t.ForumID
FROM forums_posts as p
JOIN forums_topics as t on p.TopicID = t.ID
WHERE p.ID='$PostID'");
$DB -> query("
SELECT
p.Body,
t.ForumID
FROM forums_posts as p
JOIN forums_topics as t on p.TopicID = t.ID
WHERE p.ID='$PostID'");
list($PostBody, $ForumID) = $DB -> next_record();
View::show_header('Warn User');
?>
@ -40,19 +44,19 @@
<option value="1">1 week</option>
<option value="2">2 weeks</option>
<option value="4">4 weeks</option>
<? if(check_perms("users_mod")) { ?>
<? if (check_perms("users_mod")) { ?>
<option value="8">8 weeks</option>
<? } ?>
</select></td>
</tr>
<tr>
<td class="label">Private Message:</td>
<td class="label">Private message:</td>
<td>
<textarea id="message" style="width: 95%;" tabindex="1" onkeyup="resize('message');" name="privatemessage" cols="90" rows="4"></textarea>
</td>
</tr>
<tr>
<td class="label">Edit Post:</td>
<td class="label">Edit post:</td>
<td>
<textarea id="body" style="width: 95%;" tabindex="1" onkeyup="resize('body');" name="body" cols="90" rows="8"><?=$PostBody?></textarea>
<br />

26
sections/inbox/takecompose.php
View File

@ -2,30 +2,32 @@
authorize();
if(empty($_POST['toid'])) { error(404); }
if (empty($_POST['toid'])) {
error(404);
}
if(!empty($LoggedUser['DisablePM']) && !isset($StaffIDs[$_POST['toid']])) {
if (!empty($LoggedUser['DisablePM']) && !isset($StaffIDs[$_POST['toid']])) {
error(403);
}
if (isset($_POST['convid']) && is_number($_POST['convid'])) {
$ConvID = $_POST['convid'];
$Subject='';
$Subject = '';
$ToID = explode(',', $_POST['toid']);
foreach($ToID as $TID) {
if(!is_number($TID)) {
$Err = "A recipient does not exist.";
foreach ($ToID as $TID) {
if (!is_number($TID)) {
$Err = 'A recipient does not exist.';
}
}
$DB->query("SELECT UserID FROM pm_conversations_users WHERE UserID='$LoggedUser[ID]' AND ConvID='$ConvID'");
if($DB->record_count() == 0) {
if ($DB->record_count() == 0) {
error(403);
}
} else {
$ConvID='';
if(!is_number($_POST['toid'])) {
$Err = "This recipient does not exist.";
$ConvID = '';
if (!is_number($_POST['toid'])) {
$Err = 'This recipient does not exist.';
} else {
$ToID = $_POST['toid'];
}
@ -35,11 +37,11 @@
}
}
$Body = trim($_POST['body']);
if($Body === '' || $Body === false) {
if ($Body === '' || $Body === false) {
$Err = "You can't send a message without a body!";
}
if(!empty($Err)) {
if (!empty($Err)) {
error($Err);
//header('Location: inbox.php?action=compose&to='.$_POST['toid']);
$ToID = $_POST['toid'];

44
sections/inbox/takeedit.php
View File

@ -3,29 +3,41 @@
$UserID = $LoggedUser['ID'];
$ConvID = $_POST['convid'];
if(!is_number($ConvID)) { error(404); }
$DB->query("SELECT UserID FROM pm_conversations_users WHERE UserID='$UserID' AND ConvID='$ConvID'");
if($DB->record_count() == 0) { error(403); }
if (!is_number($ConvID)) {
error(404);
}
$DB->query("
SELECT UserID
FROM pm_conversations_users
WHERE UserID='$UserID' AND ConvID='$ConvID'");
if ($DB->record_count() == 0) {
error(403);
}
if(isset($_POST['delete'])) {
$DB->query("UPDATE pm_conversations_users SET
InInbox='0',
InSentbox='0',
Sticky='0'
if (isset($_POST['delete'])) {
$DB->query("
UPDATE pm_conversations_users
SET
InInbox='0',
InSentbox='0',
Sticky='0'
WHERE ConvID='$ConvID' AND UserID='$UserID'");
} else {
if(isset($_POST['sticky'])) {
$DB->query("UPDATE pm_conversations_users SET
Sticky='1'
if (isset($_POST['sticky'])) {
$DB->query("
UPDATE pm_conversations_users
SET Sticky='1'
WHERE ConvID='$ConvID' AND UserID='$UserID'");
} else {
$DB->query("UPDATE pm_conversations_users SET
Sticky='0'
$DB->query("
UPDATE pm_conversations_users
SET Sticky='0'
WHERE ConvID='$ConvID' AND UserID='$UserID'");
}
if(isset($_POST['mark_unread'])) {
$DB->query("UPDATE pm_conversations_users SET
Unread='1'
if (isset($_POST['mark_unread'])) {
$DB->query("
UPDATE pm_conversations_users
SET Unread='1'
WHERE ConvID='$ConvID' AND UserID='$UserID'");
$Cache->increment('inbox_new_'.$UserID);
}

69
sections/requests/index.php
View File

@ -52,7 +52,7 @@
error(0);
}
if ($LoggedUser['DisablePosting']) {
error('Your posting rights have been removed.');
error('Your posting privileges have been removed.');
}
$RequestID = $_POST['requestid'];
@ -60,14 +60,22 @@
error(404);
}
$DB->query("SELECT CEIL((SELECT COUNT(ID)+1 FROM requests_comments AS rc WHERE rc.RequestID='".$RequestID."')/".TORRENT_COMMENTS_PER_PAGE.") AS Pages");
$DB->query("
SELECT
CEIL((
SELECT COUNT(ID)+1
FROM requests_comments AS rc
WHERE rc.RequestID='".$RequestID."'
)/".TORRENT_COMMENTS_PER_PAGE."
) AS Pages");
list($Pages) = $DB->next_record();
$DB->query("INSERT INTO requests_comments (RequestID,AuthorID,AddedTime,Body) VALUES (
'".$RequestID."', '".db_string($LoggedUser['ID'])."','".sqltime()."','".db_string($_POST['body'])."')");
$PostID=$DB->inserted_id();
$DB->query("
INSERT INTO requests_comments (RequestID,AuthorID,AddedTime,Body)
VALUES ('$RequestID', '".db_string($LoggedUser['ID'])."','".sqltime()."','".db_string($_POST['body'])."')");
$PostID = $DB->inserted_id();
$CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE*$Pages-TORRENT_COMMENTS_PER_PAGE)/THREAD_CATALOGUE);
$CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE * $Pages - TORRENT_COMMENTS_PER_PAGE) / THREAD_CATALOGUE);
$Cache->begin_transaction('request_comments_'.$RequestID.'_catalogue_'.$CatalogueID);
$Post = array(
'ID'=>$PostID,
@ -109,16 +117,21 @@
}
// Mainly
$DB->query("SELECT
rc.Body,
rc.AuthorID,
rc.RequestID,
rc.AddedTime
$DB->query("
SELECT
rc.Body,
rc.AuthorID,
rc.RequestID,
rc.AddedTime
FROM requests_comments AS rc
WHERE rc.ID='".db_string($_POST['post'])."'");
list($OldBody, $AuthorID,$RequestID,$AddedTime)=$DB->next_record();
$DB->query("SELECT ceil(COUNT(ID) / ".POSTS_PER_PAGE.") AS Page FROM requests_comments WHERE RequestID = $RequestID AND ID <= $_POST[post]");
$DB->query("
SELECT ceil(COUNT(ID) / ".POSTS_PER_PAGE.") AS Page
FROM requests_comments
WHERE RequestID = $RequestID
AND ID <= $_POST[post]");
list($Page) = $DB->next_record();
if ($LoggedUser['ID'] != $AuthorID && !check_perms('site_moderate_forums')) {
@ -129,10 +142,12 @@
}
// Perform the update
$DB->query("UPDATE requests_comments SET
Body = '".db_string($_POST['body'])."',
EditedUserID = '".db_string($LoggedUser['ID'])."',
EditedTime = '".sqltime()."'
$DB->query("
UPDATE requests_comments
SET
Body = '".db_string($_POST['body'])."',
EditedUserID = '".db_string($LoggedUser['ID'])."',
EditedTime = '".sqltime()."'
WHERE ID='".db_string($_POST['post'])."'");
// Update the cache
@ -150,8 +165,9 @@
));
$Cache->commit_transaction(0);
$DB->query("INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('requests', ".db_string($_POST['post']).", ".db_string($LoggedUser['ID']).", '".sqltime()."', '".db_string($OldBody)."')");
$DB->query("
INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)
VALUES ('requests', ".db_string($_POST['post']).", ".db_string($LoggedUser['ID']).", '".sqltime()."', '".db_string($OldBody)."')");
// This gets sent to the browser, which echoes it in place of the old body
echo $Text->full_format($_POST['body']);
@ -172,13 +188,18 @@
}
// Get topicid, forumid, number of pages
$DB->query("SELECT DISTINCT
RequestID,
CEIL(COUNT(rc.ID)/".TORRENT_COMMENTS_PER_PAGE.") AS Pages,
CEIL(SUM(IF(rc.ID<=".$_GET['postid'].",1,0))/".TORRENT_COMMENTS_PER_PAGE.") AS Page
$DB->query("
SELECT DISTINCT
RequestID,
CEIL(COUNT(rc.ID)/".TORRENT_COMMENTS_PER_PAGE.") AS Pages,
CEIL(SUM(IF(rc.ID<=".$_GET['postid'].",1,0))/".TORRENT_COMMENTS_PER_PAGE.") AS Page
FROM requests_comments AS rc
WHERE rc.RequestID=(SELECT RequestID FROM requests_comments WHERE ID='".db_string($_GET['postid'])."')");
list($RequestID,$Pages,$Page)=$DB->next_record();
WHERE rc.RequestID=(
SELECT RequestID
FROM requests_comments
WHERE ID='".db_string($_GET['postid'])."'
)");
list($RequestID,$Pages,$Page) = $DB->next_record();
// $Pages = number of pages in the thread
// $Page = which page the post is on

3
sections/requests/new_edit.php
View File

@ -171,7 +171,7 @@
<option value="5"<?=($Importance == '5' ? ' selected="selected"' : '')?>>Conductor</option>
<option value="6"<?=($Importance == '6' ? ' selected="selected"' : '')?>>DJ / Compiler</option>
<option value="3"<?=($Importance == '3' ? ' selected="selected"' : '')?>>Remixer</option>
<option value="3"<?=($Importance == '7' ? ' selected="selected"' : '')?>>Producer</option>
<option value="7"<?=($Importance == '7' ? ' selected="selected"' : '')?>>Producer</option>
</select>
<? if ($First) { ?><a href="#" onclick="AddArtistField();return false;" class="brackets">+</a> <a href="#" onclick="RemoveArtistField();return false;" class="brackets">&minus;</a><? } $First = false; ?>
<br />
@ -186,6 +186,7 @@
<option value="5">Conductor</option>
<option value="6">DJ / Compiler</option>
<option value="3">Remixer</option>
<option value="7">Producer</option>
</select>
<a href="#" onclick="AddArtistField();return false;" class="brackets">+</a> <a href="#" onclick="RemoveArtistField();return false;" class="brackets">&minus;</a>
<?

131
sections/staff/functions.php
View File

@ -1,4 +1,40 @@
<?
/**
* Generate a table row for a staff member on staff.php
*
* @param $Row used for alternating row colors
* @param $ID the user ID of the staff member
* @param $Paranoia the user's paranoia
* @param $Class the user class
* @param $LastAccess datetime the user last browsed the site
* @param $Remark the "Staff remark" or FLS' "Support for" text
* @param $HiddenBy the text that is displayed when a staff member's
* paranoia hides their LastAccess time
* @return string $Row
*/
function make_staff_row($Row, $ID, $Paranoia, $Class, $LastAccess, $Remark = '', $HiddenBy = 'Hidden by user') {
$Row = ($Row == 'a') ? 'b' : 'a';
echo "\t\t\t<tr class=\"row$Row\">
<td class=\"nobr\">
" . Users::format_username($ID, false, false, false) . "
</td>
<td class=\"nobr\">
"; //used for proper indentation of HTML
if (check_paranoia('lastseen', $Paranoia, $Class)) {
echo time_diff($LastAccess);
} else {
echo "$HiddenBy";
}
echo "\n\t\t\t\t</td>
<td class=\"nobr\">
$Remark
</td>
</tr>\n"; // the "\n" is needed for pretty HTML
// the foreach loop that calls this function needs to know the new value of $Row
return $Row;
}
function get_fls() {
global $Cache, $DB;
static $FLS;
@ -6,7 +42,8 @@ function get_fls() {
return $FLS;
}
if (($FLS = $Cache->get_value('fls')) === false) {
$DB->query("SELECT
$DB->query('
SELECT
m.ID,
p.Level,
m.Username,
@ -17,23 +54,34 @@ function get_fls() {
JOIN users_main AS m ON m.ID=i.UserID
JOIN permissions AS p ON p.ID=m.PermissionID
JOIN users_levels AS l ON l.UserID = i.UserID
WHERE l.PermissionID = ".FLS_TEAM);
WHERE l.PermissionID = ' . FLS_TEAM . '
ORDER BY m.Username');
$FLS = $DB->to_array(false, MYSQLI_BOTH, array(3,'Paranoia'));
$Cache->cache_value('fls', $FLS, 180);
}
return $FLS;
}
function get_forum_staff() {
global $Cache, $DB;
static $ForumStaff;
if (is_array($ForumStaff)) {
return $ForumStaff;
/*
* Build the SQL query that will be used for displaying staff members
*
* @param $StaffLevel a string for selecting the type of staff being queried
* @return string the text of the generated SQL query
*/
function generate_staff_query($StaffLevel) {
if ($StaffLevel == 'forum_staff') {
$PName = ''; // only needed for full staff
$PLevel = 'p.Level < 700';
} elseif ($StaffLevel == 'staff') {
$PName = 'p.Name,';
$PLevel = 'p.Level >= 700';
}
if (($ForumStaff = $Cache->get_value('forum_staff')) === false) {
$DB->query("SELECT
$SQL = "
SELECT
m.ID,
p.Level,
$PName
m.Username,
m.Paranoia,
m.LastAccess,
@ -42,10 +90,36 @@ function get_forum_staff() {
JOIN users_info AS i ON m.ID=i.UserID
JOIN permissions AS p ON p.ID=m.PermissionID
WHERE p.DisplayStaff='1'
AND p.Level < 700
ORDER BY p.Level, m.LastAccess ASC");
$ForumStaff = $DB->to_array(false, MYSQLI_BOTH, array(3,'Paranoia'));
$Cache->cache_value('forum_staff', $ForumStaff, 180);
AND $PLevel
ORDER BY p.Level";
if (check_perms('users_mod')) {
$SQL.= ', m.LastAccess ASC';
} else {
$SQL.= ', m.Username';
}
return $SQL;
}
function get_forum_staff() {
global $Cache, $DB;
static $ForumStaff;
if (is_array($ForumStaff)) {
return $ForumStaff;
}
// sort the lists differently if the viewer is a staff member
if (!check_perms('users_mod')) {
if (($ForumStaff = $Cache->get_value('forum_staff')) === false) {
$DB->query(generate_staff_query('forum_staff'));
$ForumStaff = $DB->to_array(false, MYSQLI_BOTH, array(3,'Paranoia'));
$Cache->cache_value('forum_staff', $ForumStaff, 180);
}
} else {
if (($ForumStaff = $Cache->get_value('forum_staff_mod_view')) === false) {
$DB->query(generate_staff_query('forum_staff'));
$ForumStaff = $DB->to_array(false, MYSQLI_BOTH, array(3,'Paranoia'));
$Cache->cache_value('forum_staff_mod_view', $ForumStaff, 180);
}
}
return $ForumStaff;
}
@ -56,23 +130,20 @@ function get_staff() {
if (is_array($Staff)) {
return $Staff;
}
if (($Staff = $Cache->get_value('staff')) === false) {
$DB->query("SELECT
m.ID,
p.Level,
p.Name,
m.Username,
m.Paranoia,
m.LastAccess,
i.SupportFor
FROM users_main AS m
JOIN users_info AS i ON m.ID=i.UserID
JOIN permissions AS p ON p.ID=m.PermissionID
WHERE p.DisplayStaff='1'
AND p.Level >= 700
ORDER BY p.Level, m.LastAccess ASC");
$Staff = $DB->to_array(false, MYSQLI_BOTH, array(4,'Paranoia'));
$Cache->cache_value('staff', $Staff, 180);
// sort the lists differently if the viewer is a staff member
if (!check_perms('users_mod')) {
if (($Staff = $Cache->get_value('staff')) === false) {
$DB->query(generate_staff_query('staff'));
$Staff = $DB->to_array(false, MYSQLI_BOTH, array(4,'Paranoia'));
$Cache->cache_value('staff', $Staff, 180);
}
} else {
if (($Staff = $Cache->get_value('staff_mod_view')) === false) {
$DB->query(generate_staff_query('staff'));
$Staff = $DB->to_array(false, MYSQLI_BOTH, array(4,'Paranoia'));
$Cache->cache_value('staff_mod_view', $Staff, 180);
}
}
return $Staff;
}

79
sections/staff/index.php
View File

@ -23,7 +23,7 @@
<? View::parse('generic/reply/staffpm.php', array('Hidden' => true)); ?>
<br />
<h3>First-line Support</h3>
<p><strong>These users are not official staff members</strong> - they're users who have volunteered their time to help people in need. Please treat them with respect and read <a href="wiki.php?action=article&amp;id=260">this</a> before contacting them.</p>
<p><strong>These users are not official staff members.</strong> They are users who have volunteered their time to help people in need. Please treat them with respect, and read <a href="wiki.php?action=article&amp;id=260">this</a> before contacting them.</p>
<table class="staff" width="100%">
<tr class="colhead">
<td style="width: 130px;">Username</td>
@ -34,27 +34,13 @@
$Row = 'a';
foreach ($FrontLineSupport as $Support) {
list($ID, $Class, $Username, $Paranoia, $LastAccess, $SupportFor) = $Support;
$Row = ($Row == 'a') ? 'b' : 'a';
?>
<tr class="row<?=$Row?>">
<td class="nobr">
<?=Users::format_username($ID, false, false, false) ?>
</td>
<td class="nobr">
<? if (check_paranoia('lastseen', $Paranoia, $Class)) {
echo time_diff($LastAccess);
} else {
echo 'Hidden by user';
}
?>
</td>
<td class="nobr">
<?=$SupportFor?>
</td>
</tr>
<? } ?>
$Row = make_staff_row($Row, $ID, $Paranoia, $Class, $LastAccess, $SupportFor);
} ?>
</table>
</div>
<br />
<div class="box pad" style="padding: 0px 10px 10px 10px;">
<br />
<h3>Forum Moderators</h3>
@ -69,29 +55,15 @@
$Row = 'a';
foreach ($ForumStaff as $Support) {
list($ID, $Class, $Username, $Paranoia, $LastAccess, $SupportFor) = $Support;
$Row = ($Row == 'a') ? 'b' : 'a';
?>
<tr class="row<?=$Row?>">
<td class="nobr">
<?=Users::format_username($ID, false, false, false) ?>
</td>
<td class="nobr">
<? if (check_paranoia('lastseen', $Paranoia, $Class)) {
echo time_diff($LastAccess);
} else {
echo 'Hidden by user';
}
?>
</td>
<td class="nobr">
<?=$SupportFor?>
</td>
</tr>
<? } ?>
$Row = make_staff_row($Row, $ID, $Paranoia, $Class, $LastAccess, $SupportFor);
} ?>
</table>
</div>
<br />
<div class="box pad" style="padding: 0px 10px 10px 10px;">
<br />
<?
$CurClass = 0;
$CloseTable = false;
@ -101,11 +73,12 @@
$Row = 'a';
if ($CloseTable) {
$CloseTable = false;
echo "\t</table><br />";
// the "\t" and "\n" are used here to make the HTML look pretty
echo "\t\t</table>\n\t\t<br />\n";
}
$CurClass = $Class;
$CloseTable = true;
echo '<h3>'.$ClassName.'s</h3>';
echo "\t\t<h3>".$ClassName."s</h3>\n";
?>
<table class="staff" width="100%">
<tr class="colhead">
@ -116,26 +89,12 @@
<?
} // End new class header
$HiddenBy = 'Hidden by staff member';
// Display staff members for this class
$Row = ($Row == 'a') ? 'b' : 'a';
?>
<tr class="row<?=$Row?>">
<td class="nobr">
<?=Users::format_username($ID, false, false, false) ?>
</td>
<td class="nobr">
<? if (check_paranoia('lastseen', $Paranoia, $Class)) {
echo time_diff($LastAccess);
} else {
echo 'Hidden by staff member';
}
?>
</td>
<td class="nobr">
<?=$Remark?>
</td>
</tr>
<? } ?>
$Row = make_staff_row($Row, $ID, $Paranoia, $Class, $LastAccess, $Remark, $HiddenBy);
} ?>
</table>
</div>

17
sections/torrents/index.php
View File

@ -183,7 +183,7 @@ function js_pages($Action, $TorrentID, $NumResults, $CurrentPage) {
error(0);
}
if ($LoggedUser['DisablePosting']) {
error('Your posting rights have been removed.');
error('Your posting privileges have been removed.');
}
$GroupID = $_POST['groupid'];
@ -191,12 +191,19 @@ function js_pages($Action, $TorrentID, $NumResults, $CurrentPage) {
error(404);
}
$DB->query("SELECT CEIL((SELECT COUNT(ID)+1 FROM torrents_comments AS tc WHERE tc.GroupID='".db_string($GroupID)."')/".TORRENT_COMMENTS_PER_PAGE.") AS Pages");
$DB->query("
SELECT
CEIL((
SELECT COUNT(ID)+1
FROM torrents_comments AS tc
WHERE tc.GroupID='".db_string($GroupID)."')/".TORRENT_COMMENTS_PER_PAGE."
) AS Pages");
list($Pages) = $DB->next_record();
$DB->query("INSERT INTO torrents_comments (GroupID,AuthorID,AddedTime,Body) VALUES (
'".db_string($GroupID)."', '".db_string($LoggedUser['ID'])."','".sqltime()."','".db_string($_POST['body'])."')");
$PostID=$DB->inserted_id();
$DB->query("
INSERT INTO torrents_comments (GroupID,AuthorID,AddedTime,Body)
VALUES ('".db_string($GroupID)."', '".db_string($LoggedUser['ID'])."','".sqltime()."','".db_string($_POST['body'])."')");
$PostID = $DB->inserted_id();
$CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE * $Pages - TORRENT_COMMENTS_PER_PAGE) / THREAD_CATALOGUE);
$Cache->begin_transaction('torrent_comments_'.$GroupID.'_catalogue_'.$CatalogueID);

2
sections/user/stylesheetgallery.php
View File

@ -16,7 +16,7 @@
if (isset($_GET['format']) && $_GET['format'] === "data") {
global $Cache;
$ImageData = $Cache->get_value("cssgallery_".$Name);
if(!empty($ImageData)){
if (!empty($ImageData)) {
echo json_encode(array('data' => $ImageData, 'status' => "0"));
die();
} else {