Mirror/Gazelle
1
0
Fork 0
mirror of https://github.com/WhatCD/Gazelle.git synced 2025-01-18 12:11:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Empty commit

Browse Source
This commit is contained in:
Git 2013-05-16 16:15:57 +00:00
parent 4889f1f7cf
commit d9a653c45d
68 changed files with 1727 additions and 1273 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
classes/class_invite_tree.php
View File

@ -30,16 +30,21 @@ function make_tree() {
if (!$TreeID) {
return;
}
$DB->query("SELECT
TreePosition FROM invite_tree
WHERE TreeID=$TreeID AND TreeLevel=$TreeLevel AND TreePosition>$TreePosition
ORDER BY TreePosition ASC LIMIT 1");
$DB->query("
SELECT TreePosition
FROM invite_tree
WHERE TreeID=$TreeID
AND TreeLevel=$TreeLevel
AND TreePosition>$TreePosition
ORDER BY TreePosition ASC
LIMIT 1");
if ($DB->record_count()) {
list($MaxPosition) = $DB->next_record(MYSQLI_NUM, false);
} else {
$MaxPosition = false;
}
$TreeQuery = $DB->query("SELECT
$TreeQuery = $DB->query("
SELECT
it.UserID,
Enabled,
PermissionID,
@ -108,20 +113,18 @@ function make_tree() {
// Manage tree depth
if ($TreeLevel > $PreviousTreeLevel) {
for ($i = 0; $i < $TreeLevel - $PreviousTreeLevel; $i++) {
echo '<ul class="invitetree"><li>';
echo "<ul class=\"invitetree\">\n\t<li>";
}
} elseif ($TreeLevel < $PreviousTreeLevel) {
for ($i = 0; $i < $PreviousTreeLevel - $TreeLevel; $i++) {
echo '</li></ul>';
echo "\t</li>\n</ul>";
}
echo '</li>';
echo '<li>';
echo "\t</li>\n<li>";
} else {
echo '</li>';
echo '<li>';
echo "\t</li>\n<li>";
}
?>
<strong><?=Users::format_username($ID, true, true, $Enabled != 2 ? false : true, true)?></strong>
<strong><?=Users::format_username($ID, true, true, ($Enabled != 2 ? false : true), true)?></strong>
<?
if (check_paranoia(array('uploaded', 'downloaded'), $Paranoia, $UserClass)) {
$TotalUpload += $Uploaded;
@ -145,13 +148,13 @@ function make_tree() {
$Tree = ob_get_clean();
for ($i = 0; $i < $PreviousTreeLevel - $OriginalTreeLevel; $i++) {
$Tree .= "</li></ul>\n";
$Tree .= "\t</li>\n</ul>\n";
}
if ($Count) {
?> <p style="font-weight: bold;">
This tree has <?=$Count?> entries, <?=$Branches?> branches, and a depth of <?=$MaxTreeLevel - $OriginalTreeLevel?>.
This tree has <?=number_format($Count)?> entries, <?=number_format($Branches)?> branches, and a depth of <?=number_format($MaxTreeLevel - $OriginalTreeLevel)?>.
It has
<?
$ClassStrings = array();

64
classes/class_misc.php
View File

@ -72,7 +72,9 @@ public static function send_pm($ToID,$FromID,$Subject,$Body,$ConvID='') {
WHERE UserID IN (".implode(',', $ToID).")
AND ConvID='$ConvID'");
$DB->query("UPDATE pm_conversations_users SET
$DB->query("
UPDATE pm_conversations_users
SET
InSentbox='1',
SentDate='".sqltime()."'
WHERE UserID='$FromID'
@ -80,13 +82,20 @@ public static function send_pm($ToID,$FromID,$Subject,$Body,$ConvID='') {
}
// Now that we have a $ConvID for sure, send the message.
$DB->query("INSERT INTO pm_messages
(SenderID, ConvID, SentDate, Body) VALUES
('$FromID', '$ConvID', '".sqltime()."', '".$Body."')");
$DB->query("
INSERT INTO pm_messages
(SenderID, ConvID, SentDate, Body)
VALUES
('$FromID', '$ConvID', '".sqltime()."', '$Body')");
// Update the cached new message count.
foreach ($ToID as $ID) {
$DB->query("SELECT COUNT(ConvID) FROM pm_conversations_users WHERE UnRead = '1' and UserID='$ID' AND InInbox = '1'");
$DB->query("
SELECT COUNT(ConvID)
FROM pm_conversations_users
WHERE UnRead = '1'
AND UserID='$ID'
AND InInbox = '1'");
list($UnRead) = $DB->next_record();
$Cache->cache_value('inbox_new_'.$ID, $UnRead);
}
@ -94,7 +103,12 @@ public static function send_pm($ToID,$FromID,$Subject,$Body,$ConvID='') {
$DB->query("SELECT Username FROM users_main WHERE ID = '$FromID'");
list($SenderName) = $DB->next_record();
foreach ($ToID as $ID) {
$DB->query("SELECT COUNT(ConvID) FROM pm_conversations_users WHERE UnRead = '1' and UserID='$ID' AND InInbox = '1'");
$DB->query("
SELECT COUNT(ConvID)
FROM pm_conversations_users
WHERE UnRead = '1'
AND UserID='$ID'
AND InInbox = '1'");
list($UnRead) = $DB->next_record();
$Cache->cache_value('inbox_new_'.$ID, $UnRead);
@ -129,32 +143,38 @@ public static function create_thread($ForumID, $AuthorID, $Title, $PostBody) {
$ThreadInfo['IsLocked'] = 0;
$ThreadInfo['IsSticky'] = 0;
$DB->query("INSERT INTO forums_topics
$DB->query("
INSERT INTO forums_topics
(Title, AuthorID, ForumID, LastPostTime, LastPostAuthorID)
Values
('".$Title."', '".$AuthorID."', '$ForumID', '".sqltime()."', '".$AuthorID."')");
VALUES
('$Title', '$AuthorID', '$ForumID', '".sqltime()."', '$AuthorID')");
$TopicID = $DB->inserted_id();
$Posts = 1;
$DB->query("INSERT INTO forums_posts
$DB->query("
INSERT INTO forums_posts
(TopicID, AuthorID, AddedTime, Body)
VALUES
('$TopicID', '".$AuthorID."', '".sqltime()."', '".$PostBody."')");
('$TopicID', '$AuthorID', '".sqltime()."', '$PostBody')");
$PostID = $DB->inserted_id();
$DB->query("UPDATE forums SET
$DB->query("
UPDATE forums
SET
NumPosts = NumPosts+1,
NumTopics = NumTopics+1,
LastPostID = '$PostID',
LastPostAuthorID = '".$AuthorID."',
LastPostAuthorID = '$AuthorID',
LastPostTopicID = '$TopicID',
LastPostTime = '".sqltime()."'
WHERE ID = '$ForumID'");
$DB->query("UPDATE forums_topics SET
$DB->query("
UPDATE forums_topics
SET
NumPosts = NumPosts+1,
LastPostID = '$PostID',
LastPostAuthorID = '".$AuthorID."',
LastPostAuthorID = '$AuthorID',
LastPostTime = '".sqltime()."'
WHERE ID = '$TopicID'");
@ -164,7 +184,9 @@ public static function create_thread($ForumID, $AuthorID, $Title, $PostBody) {
if (count($Forum) == TOPICS_PER_PAGE && $Stickies < TOPICS_PER_PAGE) {
array_pop($Forum);
}
$DB->query("SELECT f.IsLocked, f.IsSticky, f.NumPosts FROM forums_topics AS f
$DB->query("
SELECT f.IsLocked, f.IsSticky, f.NumPosts
FROM forums_topics AS f
WHERE f.ID ='$TopicID'");
list($IsLocked, $IsSticky, $NumPosts) = $DB->next_record();
$Part1 = array_slice($Forum, 0, $Stickies, true); //Stickys
@ -329,7 +351,10 @@ public static function get_tags($TagNames) {
}
}
if (count($TagNames) > 0) {
$DB->query("SELECT ID, Name FROM tags WHERE Name IN ('".implode("', '", $TagNames)."')");
$DB->query("
SELECT ID, Name
FROM tags
WHERE Name IN ('".implode("', '", $TagNames)."')");
$SQLTagIDs = $DB->to_array();
foreach ($SQLTagIDs as $Tag) {
$TagIDs[$Tag['ID']] = $Tag['Name'];
@ -365,8 +390,9 @@ public static function get_alias_tag($BadTag) {
*/
public static function write_log($Message) {
global $DB,$Time;
$DB->query('INSERT INTO log (Message, Time) VALUES (\''
.db_string($Message).'\', \''.sqltime().'\')');
$DB->query("
INSERT INTO log (Message, Time)
VALUES ('" . db_string($Message) . "', '" . sqltime() . "')");
}

1
classes/class_text2.php
View File

@ -600,7 +600,6 @@ function to_html($Array) {
$Str.='<a rel="noreferrer" target="_blank" href="'.$Block['Attr'].'">'.$Block['Attr'].'</a>';
}
}
break;
}

17
classes/class_tools.php
View File

@ -161,7 +161,7 @@ public static function disable_users($UserIDs, $AdminComment, $BanReason = 1) {
m.can_leech='0',
i.AdminComment = CONCAT('".sqltime()." - ".($AdminComment ? $AdminComment : 'Disabled by system')."\n\n', i.AdminComment),
i.BanDate='".sqltime()."',
i.BanReason='".$BanReason."',
i.BanReason='$BanReason',
i.RatioWatchDownload=".($BanReason == 2 ? 'm.Downloaded' : "'0'")."
WHERE m.ID IN(".implode(',',$UserIDs).") ");
$Cache->decrement('stats_user_count',$DB->affected_rows());
@ -183,7 +183,7 @@ public static function disable_users($UserIDs, $AdminComment, $BanReason = 1) {
}
// Remove the users from the tracker.
$DB->query("SELECT torrent_pass FROM users_main WHERE ID in (".implode(", ",$UserIDs).")");
$DB->query("SELECT torrent_pass FROM users_main WHERE ID in (".implode(', ',$UserIDs).')');
$PassKeys = $DB->collect('torrent_pass');
$Concat = '';
foreach ($PassKeys as $PassKey) {
@ -223,7 +223,9 @@ public static function warn_user($UserID, $Duration, $Reason) {
$AdminComment = date('Y-m-d').' - Warning (Clash) extended to expire at '.$NewExpDate.' by '.$LoggedUser['Username']."\nReason: $Reason\n\n";
$DB->query('UPDATE users_info SET
$DB->query('
UPDATE users_info
SET
Warned=\''.db_string($NewExpDate).'\',
WarnedTimes=WarnedTimes+1,
AdminComment=CONCAT(\''.db_string($AdminComment).'\',AdminComment)
@ -238,7 +240,9 @@ public static function warn_user($UserID, $Duration, $Reason) {
$AdminComment = date('Y-m-d').' - Warned until '.$WarnTime.' by '.$LoggedUser['Username']."\nReason: $Reason\n\n";
$DB->query('UPDATE users_info SET
$DB->query('
UPDATE users_info
SET
Warned=\''.db_string($WarnTime).'\',
WarnedTimes=WarnedTimes+1,
AdminComment=CONCAT(\''.db_string($AdminComment).'\',AdminComment)
@ -253,8 +257,9 @@ public static function warn_user($UserID, $Duration, $Reason) {
*/
public static function update_user_notes($UserID, $AdminComment) {
global $DB;
$DB->query('UPDATE users_info SET
AdminComment=CONCAT(\''.db_string($AdminComment).'\',AdminComment)
$DB->query('
UPDATE users_info
SET AdminComment=CONCAT(\''.db_string($AdminComment).'\',AdminComment)
WHERE UserID=\''.db_string($UserID).'\'');
}
}

1
classes/class_user_rank.php
View File

@ -49,7 +49,6 @@ function table_query($TableName) {
break;
case 'bounty':
$Query = "SELECT SUM(rv.Bounty) AS Bounty FROM users_main AS um JOIN requests_votes AS rv ON rv.UserID=um.ID WHERE um.Enabled='1' GROUP BY um.ID ORDER BY Bounty;";
break;

6
classes/class_users.php
View File

@ -49,7 +49,8 @@ public static function user_info($UserID) {
$OldQueryID = $DB->get_query_id();
$DB->query("SELECT
$DB->query("
SELECT
m.ID,
m.Username,
m.PermissionID,
@ -121,7 +122,8 @@ public static function user_heavy_info($UserID) {
if (empty($HeavyInfo)) {
$DB->query("SELECT
$DB->query("
SELECT
m.Invites,
m.torrent_pass,
m.IP,

43
classes/script_start.php
View File

@ -11,7 +11,9 @@
/********************************************************/
require 'config.php'; //The config contains all site wide configuration information
//Deal with dumbasses
if (isset($_REQUEST['info_hash']) && isset($_REQUEST['peer_id'])) { die('d14:failure reason40:Invalid .torrent, try downloading again.e'); }
if (isset($_REQUEST['info_hash']) && isset($_REQUEST['peer_id'])) {
die('d14:failure reason40:Invalid .torrent, try downloading again.e');
}
require(SERVER_ROOT.'/classes/class_proxies.php');
@ -221,7 +223,8 @@
$UserSessions = $Cache->get_value('users_sessions_'.$UserID);
if (!is_array($UserSessions)) {
$DB->query("SELECT
$DB->query("
SELECT
SessionID,
Browser,
OperatingSystem,
@ -251,12 +254,13 @@
logout();
}
// Up/Down stats
$UserStats = $Cache->get_value('user_stats_'.$LoggedUser['ID']);
if (!is_array($UserStats)) {
$DB->query("SELECT Uploaded AS BytesUploaded, Downloaded AS BytesDownloaded, RequiredRatio FROM users_main WHERE ID='$LoggedUser[ID]'");
$DB->query("
SELECT Uploaded AS BytesUploaded, Downloaded AS BytesDownloaded, RequiredRatio
FROM users_main
WHERE ID='$LoggedUser[ID]'");
$UserStats = $DB->next_record(MYSQLI_ASSOC);
$Cache->cache_value('user_stats_'.$LoggedUser['ID'], $UserStats, 3600);
}
@ -297,8 +301,19 @@
// Update LastUpdate every 10 minutes
if (strtotime($UserSessions[$SessionID]['LastUpdate']) + 600 < time()) {
$DB->query("UPDATE users_main SET LastAccess='".sqltime()."' WHERE ID='$LoggedUser[ID]'");
$DB->query("UPDATE users_sessions SET IP='".$_SERVER['REMOTE_ADDR']."', Browser='".$Browser."', OperatingSystem='".$OperatingSystem."', LastUpdate='".sqltime()."' WHERE UserID='$LoggedUser[ID]' AND SessionID='".db_string($SessionID)."'");
$DB->query("
UPDATE users_main
SET LastAccess='".sqltime()."'
WHERE ID='$LoggedUser[ID]'");
$DB->query("
UPDATE users_sessions
SET
IP='".$_SERVER['REMOTE_ADDR']."',
Browser='$Browser',
OperatingSystem='$OperatingSystem',
LastUpdate='".sqltime()."'
WHERE UserID='$LoggedUser[ID]'
AND SessionID='".db_string($SessionID)."'");
$Cache->begin_transaction('users_sessions_'.$UserID);
$Cache->delete_row($SessionID);
$Cache->insert_front($SessionID,array(
@ -332,18 +347,21 @@
if ($LoggedUser['IP'] != $_SERVER['REMOTE_ADDR'] && !check_perms('site_disable_ip_history')) {
if (Tools::site_ban_ip($_SERVER['REMOTE_ADDR'])) {
error('Your IP has been banned.');
error('Your IP address has been banned.');
}
$CurIP = db_string($LoggedUser['IP']);
$NewIP = db_string($_SERVER['REMOTE_ADDR']);
$DB->query("UPDATE users_history_ips SET
EndTime='".sqltime()."'
$DB->query("
UPDATE users_history_ips
SET EndTime='".sqltime()."'
WHERE EndTime IS NULL
AND UserID='$LoggedUser[ID]'
AND IP='$CurIP'");
$DB->query("INSERT IGNORE INTO users_history_ips
(UserID, IP, StartTime) VALUES
$DB->query("
INSERT IGNORE INTO users_history_ips
(UserID, IP, StartTime)
VALUES
('$LoggedUser[ID]', '$NewIP', '".sqltime()."')");
$ipcc = Tools::geoip($NewIP);
@ -356,7 +374,6 @@
}
// Get stylesheets
$Stylesheets = $Cache->get_value('stylesheets');
if (!is_array($Stylesheets)) {

15
design/privateheader.php
View File

@ -139,7 +139,8 @@
$RestrictedForums = implode("','", array_keys($LoggedUser['CustomForums'], 0));
$PermittedForums = implode("','", array_keys($LoggedUser['CustomForums'], 1));
}
$DB->query("SELECT COUNT(s.TopicID)
$DB->query("
SELECT COUNT(s.TopicID)
FROM users_subscriptions AS s
JOIN forums_last_read_topics AS l ON s.UserID = l.UserID AND s.TopicID = l.TopicID
JOIN forums_topics AS t ON l.TopicID = t.ID
@ -148,11 +149,11 @@
AND l.PostID < t.LastPostID
AND s.UserID = ".$LoggedUser['ID'].
(!empty($RestrictedForums) ? "
AND f.ID NOT IN ('".$RestrictedForums."')" : ""));
AND f.ID NOT IN ('$RestrictedForums')" : ''));
list($NewSubscriptions) = $DB->next_record();
$Cache->cache_value('subscriptions_user_new_'.$LoggedUser['ID'], $NewSubscriptions, 0);
} ?>
<ul id="userinfo_minor"<?=$NewSubscriptions ? ' class="highlite"' : ''?>>
<ul id="userinfo_minor"<?=($NewSubscriptions ? ' class="highlite"' : '')?>>
<li id="nav_inbox"<?=Format::add_class($PageID, array('inbox'), 'active', true)?>><a onmousedown="Stats('inbox');" href="inbox.php">Inbox</a></li>
<li id="nav_staffinbox"<?=Format::add_class($PageID, array('staffpm'), 'active', true)?>><a onmousedown="Stats('staffpm');" href="staffpm.php">Staff Inbox</a></li>
<li id="nav_uploaded"<?=Format::add_class($PageID, array('torrents',false,'uploaded'), 'active', true, 'userid')?>><a onmousedown="Stats('uploads');" href="torrents.php?type=uploaded&amp;userid=<?=$LoggedUser['ID']?>">Uploads</a></li>
@ -194,11 +195,15 @@
$RestrictedForums = implode("','", array_keys($LoggedUser['CustomForums'], 0));
$PermittedForums = implode("','", array_keys($LoggedUser['CustomForums'], 1));
}
$sql = "SELECT COUNT(q.UnRead)
$sql = "
SELECT COUNT(q.UnRead)
FROM users_notify_quoted AS q
LEFT JOIN forums_topics AS t ON t.ID = q.PageID
LEFT JOIN forums AS f ON f.ID = t.ForumID
WHERE q.UserID=$LoggedUser[ID] AND q.UnRead=1 AND q.Page = 'forums' AND ((f.MinClassRead<='$LoggedUser[Class]'";
WHERE q.UserID=$LoggedUser[ID]
AND q.UnRead=1
AND q.Page = 'forums'
AND ((f.MinClassRead<='$LoggedUser[Class]'";
if (!empty($RestrictedForums)) {
$sql .= " AND f.ID NOT IN ('$RestrictedForums')";
}

4
sections/blog/index.php
View File

@ -61,7 +61,8 @@
}
}
$DB->query("INSERT INTO blog (UserID, Title, Body, Time, ThreadID, Important)
$DB->query("
INSERT INTO blog (UserID, Title, Body, Time, ThreadID, Important)
VALUES ('".$LoggedUser['ID']."',
'".db_string($_POST['title'])."',
'".db_string($_POST['body'])."',
@ -76,7 +77,6 @@
$DB->query("INSERT IGNORE INTO users_subscriptions VALUES ('$LoggedUser[ID]', $ThreadID)");
$Cache->delete_value('subscriptions_user_'.$LoggedUser['ID']);
}
header('Location: blog.php');
break;
}

2
sections/bookmarks/torrents.php
View File

@ -143,7 +143,7 @@ function compare($X, $Y) {
</td>
<td class="nobr"><?=Format::get_size($Torrent['Size'])?></td>
<td><?=number_format($Torrent['Snatched'])?></td>
<td<?=($Torrent['Seeders']==0)?' class="r00"':''?>><?=number_format($Torrent['Seeders'])?></td>
<td<?=(($Torrent['Seeders'] == 0) ? ' class="r00"' : '')?>><?=number_format($Torrent['Seeders'])?></td>
<td><?=number_format($Torrent['Leechers'])?></td>
</tr>
<?

2
sections/collages/collage.php
View File

@ -218,7 +218,7 @@ function compare($X, $Y) {
</td>
<td class="nobr"><?=Format::get_size($Torrent['Size'])?></td>
<td><?=number_format($Torrent['Snatched'])?></td>
<td<?=($Torrent['Seeders']==0)?' class="r00"':''?>><?=number_format($Torrent['Seeders'])?></td>
<td<?=(($Torrent['Seeders'] == 0) ? ' class="r00"' : '')?>><?=number_format($Torrent['Seeders'])?></td>
<td><?=number_format($Torrent['Leechers'])?></td>
</tr>
<?

3
sections/comments/artistcomments.php
View File

@ -56,8 +56,7 @@
comment_body($UserID, $PostID, $postheader, $permalink, $Body, $EditorID, $AddedTime, $EditedTime);
} /* end while loop*/ ?>
<div class="linkbox"><?= $Pages; ?></div>
<div class="linkbox"><?=($Pages)?></div>
</div>
<?
View::show_footer();

2
sections/comments/torrentcomments.php
View File

@ -83,7 +83,7 @@
comment_body($UserID, $PostID, $postheader, $permalink, $Body, $EditorID, $AddedTime, $EditedTime);
} /* end while loop*/ ?>
<div class="linkbox"><?= $Pages; ?></div>
<div class="linkbox"><?=($Pages)?></div>
</div>
<?

6
sections/donate/config.php
View File

@ -22,9 +22,9 @@ function btc_address($UserID, $GenAddress = false) {
$DB->query("SELECT BitcoinAddress FROM users_info WHERE UserID = '$UserID'");
list($Addr) = $DB->next_record();
if (!empty($Addr)) { return $Addr; }
elseif ($GenAddress) {
if (!empty($Addr)) {
return $Addr;
} elseif ($GenAddress) {
if (empty($NewAddr)) {
error(0);
}

1
sections/donate/index.php
View File

@ -9,7 +9,6 @@
case 'ipn': // PayPal hits this page when a donation is received
include(SERVER_ROOT.'/sections/donate/ipn.php');
break;
case 'complete':
include(SERVER_ROOT.'/sections/donate/complete.php');
break;

20
sections/donate/ipn.php
View File

@ -66,7 +66,10 @@
} else {
//Failed pending donation
$Message = "User https://".SSL_SITE_URL."/user.php?id=".$_POST['custom']." had donation of ".$TotalDonated." ".PAYPAL_CURRENCY." at ".$DonationTime." UTC from ".$_POST['payer_email']." returned.";
$DB->query('SELECT SUM(Amount), MIN(Time) FROM donations WHERE UserID=\''.$_POST['custom'].'\';');
$DB->query('
SELECT SUM(Amount), MIN(Time)
FROM donations
WHERE UserID=\''.$_POST['custom'].'\';');
list($TotalDonated,$DonationTime) = $DB->next_record();
if ($TotalDonated+$_POST['mc_gross'] == 0) {
$DB->query("SELECT Invites FROM users_main WHERE ID='".$_POST['custom']."'");
@ -92,16 +95,21 @@
}
}
}
$DB->query("UPDATE users_info
$DB->query("
UPDATE users_info
SET
AdminComment=CONCAT('".sqltime()." - User donated ".db_string($_POST['mc_gross'])." ".db_string(PAYPAL_CURRENCY)." from ".db_string($_POST['payer_email']).".\n',AdminComment)
WHERE UserID='".$_POST['custom']."'");
$DB->query("INSERT INTO donations
(UserID, Amount, Email, Time) VALUES
$DB->query("
INSERT INTO donations
(UserID, Amount, Email, Time)
VALUES
('".$_POST['custom']."', '".db_string($_POST['mc_gross'])."', '".db_string($_POST['payer_email'])."', '".sqltime()."')");
} else {
$DB->query("INSERT INTO ip_bans
(FromIP, ToIP, Reason) VALUES
$DB->query("
INSERT INTO ip_bans
(FromIP, ToIP, Reason)
VALUES
('".Tools::ip_to_unsigned($_SERVER['REMOTE_ADDR'])."','".ip2long($_SERVER['REMOTE_ADDR'])."', 'Attempted to exploit donation system.')");
}
fclose ($Socket);

2
sections/forums/forum.php
View File

@ -56,7 +56,6 @@
}
}
if (!isset($Forums[$ForumID])) {
error(404);
}
@ -68,7 +67,6 @@
}
$ForumName = display_str($Forums[$ForumID]['Name']);
if ($LoggedUser['CustomForums'][$ForumID] != 1 && $Forums[$ForumID]['MinClassRead'] > $LoggedUser['Class']) {
error(403);

28
sections/login/index.php
View File

@ -184,7 +184,9 @@ function log_attempt($UserID) {
$Attempts++;
if ($Attempts > 5) { // Only 6 allowed login attempts, ban user's IP
$BannedUntil = time_plus(60 * 60 * 6);
$DB->query("UPDATE login_attempts SET
$DB->query("
UPDATE login_attempts
SET
LastAttempt='".sqltime()."',
Attempts='".db_string($Attempts)."',
BannedUntil='".db_string($BannedUntil)."',
@ -197,21 +199,24 @@ function log_attempt($UserID) {
//Ban exists already, only add new entry if not for same reason
list($Reason) = $DB->next_record(MYSQLI_BOTH, false);
if ($Reason != 'Automated ban per >60 failed login attempts') {
$DB->query("UPDATE ip_bans
$DB->query("
UPDATE ip_bans
SET Reason = CONCAT('Automated ban per >60 failed login attempts AND ', Reason)
WHERE FromIP = ".$IP." AND ToIP = ".$IP);
WHERE FromIP = $IP AND ToIP = $IP");
}
} else {
//No ban
$DB->query("INSERT IGNORE INTO ip_bans
(FromIP, ToIP, Reason) VALUES
('$IP','$IP', 'Automated ban per >60 failed login attempts')");
$DB->query("
INSERT IGNORE INTO ip_bans (FromIP, ToIP, Reason)
VALUES ('$IP','$IP', 'Automated ban per >60 failed login attempts')");
$Cache->delete_value('ip_bans_'.$IPA);
}
}
} else {
// User has attempted fewer than 6 logins
$DB->query("UPDATE login_attempts SET
$DB->query("
UPDATE login_attempts
SET
LastAttempt='".sqltime()."',
Attempts='".db_string($Attempts)."',
BannedUntil='0000-00-00 00:00:00'
@ -219,9 +224,9 @@ function log_attempt($UserID) {
}
} else { // User has not attempted to log in recently
$Attempts = 1;
$DB->query("INSERT INTO login_attempts
(UserID,IP,LastAttempt,Attempts) VALUES
('".db_string($UserID)."','".db_string($IPStr)."','".sqltime()."',1)");
$DB->query("
INSERT INTO login_attempts (UserID,IP,LastAttempt,Attempts)
VALUES ('".db_string($UserID)."','".db_string($IPStr)."','".sqltime()."',1)");
}
} // end log_attempt function
@ -290,7 +295,8 @@ function log_attempt($UserID) {
));
$Cache->commit_transaction(0);
$Sql = "UPDATE users_main
$Sql = "
UPDATE users_main
SET
LastLogin='".sqltime()."',
LastAccess='".sqltime()."'";

11
sections/reportsv2/ajax_new_report.php
View File

@ -14,7 +14,8 @@
$DB->query("SELECT
$DB->query("
SELECT
r.ID,
r.ReporterID,
reporter.Username,
@ -73,7 +74,6 @@
ORDER BY ReportedTime ASC
LIMIT 1");
if ($DB->record_count() < 1) {
die();
}
@ -85,8 +85,10 @@
if (!$GroupID) {
//Torrent already deleted
$DB->query("UPDATE reportsv2
SET Status='Resolved',
$DB->query("
UPDATE reportsv2
SET
Status='Resolved',
LastChangeTime='".sqltime()."',
ModComment='Report already dealt with (torrent deleted)'
WHERE ID=".$ReportID);
@ -250,7 +252,6 @@
$Extras = explode(' ', $ExtraIDs);
foreach ($Extras as $ExtraID) {
$DB->query("
SELECT
tg.Name,

2
sections/reportsv2/report.php
View File

@ -114,7 +114,7 @@
}
foreach ($TypeList as $Type => $Data) {
?>
<option value="<?= $Type ?>"><?= $Data['title'] ?></option>
<option value="<?=($Type)?>"><?=($Data['title'])?></option>
<? } ?>
</select>
</td>

21
sections/reportsv2/static.php
View File

@ -122,7 +122,8 @@
$DB->query("SELECT SQL_CALC_FOUND_ROWS
$DB->query("
SELECT SQL_CALC_FOUND_ROWS
r.ID,
r.ReporterID,
reporter.Username,
@ -174,11 +175,11 @@
LEFT JOIN artists_alias AS aa ON aa.AliasID=ta.AliasID
LEFT JOIN users_main AS resolver ON resolver.ID=r.ResolverID
LEFT JOIN users_main AS reporter ON reporter.ID=r.ReporterID
LEFT JOIN users_main AS uploader ON uploader.ID=t.UserID "
.$Where."
GROUP BY r.ID "
.$Order."
LIMIT ".$Limit);
LEFT JOIN users_main AS uploader ON uploader.ID=t.UserID
$Where
GROUP BY r.ID
$Order
LIMIT $Limit");
$Reports = $DB->to_array();
@ -230,7 +231,9 @@
if (!$GroupID && $Status != 'Resolved') {
//Torrent already deleted
$DB->query("UPDATE reportsv2 SET
$DB->query("
UPDATE reportsv2
SET
Status='Resolved',
LastChangeTime='".sqltime()."',
ModComment='Report already dealt with (torrent deleted)'
@ -406,8 +409,8 @@
$Extras = explode(' ', $ExtraIDs);
foreach ($Extras as $ExtraID) {
$DB->query("SELECT
$DB->query("
SELECT
tg.Name,
tg.ID,
CASE COUNT(ta.GroupID)

2
sections/rules/upload.php
View File

@ -361,7 +361,7 @@
</ul>
</li>
</ul>
<span style="font-style: italic;">Note: The "Year" tag is optional, but strongly encouraged. However, if missing or incorrect, this is not grounds for trumping a torrent.</span>
<span style="font-style: italic;">Note: The "Year" tag is optional but strongly encouraged. However, if missing or incorrect, this is not grounds for trumping a torrent.</span>
</li>
<li id="r2.3.17"><a href="#h2.3"><strong>&uarr;_</strong></a> <a href="#r2.3.17">2.3.17.</a> <strong>The torrent artist for classical works should use the full composer name.</strong> Before uploading see <a href="wiki.php?action=article&amp;id=700">this wiki</a> for guidelines on uploading classical music torrents. Also, consult <a href="wiki.php?action=article&amp;id=691">this wiki</a> for a full explanation of the classical music tagging system.</li>
<li id="r2.3.18"><a href="#h2.3"><strong>&uarr;_</strong></a> <a href="#r2.3.18">2.3.18.</a> <strong>Newly re-tagged torrents trumping badly tagged torrents must reflect a substantial improvement over the previous tags.</strong> Small changes that include replacing ASCII characters with proper foreign language characters with diacritical marks, fixing slight misspellings, or missing an alternate spelling of an artist (e.g., excluding "The" before a band name) are insufficient grounds for replacing other torrents. Artist names that are misspelled in the tags are grounds for trumping; this includes character accents and characters that mean one letter in one language and a different letter in another language. Improper capitalization in the tags is grounds for trumping; this includes artist tags (or composer tags) that contain names that are all capitalized or track titles that are all capitalized. Tags with multiple entries in the same tag (e.g., track number and track title in the track title tags; or track number, artist, and track title in the artist tags) are subject to trumping. You may trump a release if the tags do not follow the data from a reputable music cataloguing service such as <a href="https://musicbrainz.org/" target="_blank">MusicBrainz</a> or <a href="http://www.discogs.com/" target="_blank">Discogs</a>. In the case of a conflict between reputable listings, either tagged version is equally preferred on the site and cannot trump the other. For example, an album is tagged differently in <a href="https://musicbrainz.org/" target="_blank">MusicBrainz</a> and in <a href="http://www.discogs.com/" target="_blank">Discogs</a>. Either style of tagging is permitted; neither is "better" than the other. In that case, any newly tagged torrents replacing an already properly tagged torrent, which follows good tagging convention, will result in a dupe. Note: For classical music, please follow these <a href="wiki.php?action=article&amp;id=691">tagging guidelines</a>.</li>

21
sections/staffpm/takepost.php
View File

@ -1,7 +1,7 @@
<?
if ($Message = db_string($_POST['message'])) {
if ($Subject = db_string($_POST['subject'])) {
// New staff pm conversation
// New staff PM conversation
$Level = db_string($_POST['level']);
$DB->query("
INSERT INTO staff_pm_conversations
@ -26,8 +26,6 @@
$DB->query("SELECT UserID, AssignedToUser FROM staff_pm_conversations WHERE ID=$ConvID");
list($UserID, $AssignedToUser) = $DB->next_record();
if ($UserID == $LoggedUser['ID'] || $IsFLS || $UserID == $AssignedToUser) {
// Response to existing conversation
$DB->query("
@ -40,11 +38,17 @@
// Update conversation
if ($IsFLS) {
// FLS/Staff
$DB->query("UPDATE staff_pm_conversations SET Date='".sqltime()."', Unread=true, Status='Open' WHERE ID=$ConvID");
$DB->query("
UPDATE staff_pm_conversations
SET Date='".sqltime()."', Unread=true, Status='Open'
WHERE ID=$ConvID");
$Cache->delete_value('num_staff_pms_'.$LoggedUser['ID']);
} else {
// User
$DB->query("UPDATE staff_pm_conversations SET Date='".sqltime()."', Unread=true, Status='Unanswered' WHERE ID=$ConvID");
$DB->query("
UPDATE staff_pm_conversations
SET Date='".sqltime()."', Unread=true, Status='Unanswered'
WHERE ID=$ConvID");
}
// Clear cache for user
@ -56,18 +60,17 @@
// User is trying to respond to conversation that does no belong to them
error(403);
}
} else {
// Message but no subject or conversation id
// Message but no subject or conversation ID
header("Location: staffpm.php?action=viewconv&id=$ConvID");
}
} elseif ($ConvID = (int)$_POST['convid']) {
// No message, but conversation id
// No message, but conversation ID
header("Location: staffpm.php?action=viewconv&id=$ConvID");
} else {
// No message or conversation id
// No message or conversation ID
header('Location: staffpm.php');
}

2
sections/torrents/browse2.php
View File

@ -1018,7 +1018,7 @@ function header_link($SortKey,$DefaultWay="desc") {
<td class="nobr"><?=time_diff($GroupTime,1)?></td>
<td class="nobr"><?=Format::get_size($MaxSize)?> (Max)</td>
<td><?=number_format($TotalSnatched)?></td>
<td<?=($TotalSeeders==0)?' class="r00"':''?>><?=number_format($TotalSeeders)?></td>
<td<?=(($TotalSeeders == 0) ? ' class="r00"' : '')?>><?=number_format($TotalSeeders)?></td>
<td><?=number_format($TotalLeechers)?></td>
</tr>
<?

8
sections/torrents/details.php
View File

@ -542,11 +542,10 @@ function filelist($Str) {
| <a href="reportsv2.php?action=report&amp;id=<?=$TorrentID?>" title="Report">RP</a>
<? if ($CanEdit) { ?>
| <a href="torrents.php?action=edit&amp;id=<?=$TorrentID ?>" title="Edit">ED</a>
<? } ?>
<? if (check_perms('torrents_delete') || $UserID == $LoggedUser['ID']) { ?>
<? }
if (check_perms('torrents_delete') || $UserID == $LoggedUser['ID']) { ?>
| <a href="torrents.php?action=delete&amp;torrentid=<?=$TorrentID ?>" title="Remove">RM</a>
<? }?>
| <a href="torrents.php?torrentid=<?=$TorrentID ?>" title="Permalink">PL</a>
]</span>
&raquo; <a href="#" onclick="$('#torrent_<?=$TorrentID?>').toggle(); return false;"><?=$ExtraInfo; ?></a>
@ -561,8 +560,7 @@ function filelist($Str) {
<div id="release_<?=$TorrentID?>" class="no_overflow">
<blockquote>
Uploaded by <?=Users::format_username($UserID, false, false, false)?> <?=time_diff($TorrentTime);?>
<? if ($Seeders == 0) { ?>
<?
<? if ($Seeders == 0) {
if ($LastActive != '0000-00-00 00:00:00' && time() - strtotime($LastActive) >= 1209600) { ?>
<br /><strong>Last active: <?=time_diff($LastActive); ?></strong>
<? } else { ?>

56
sections/torrents/functions.php
View File

@ -458,8 +458,8 @@ function filelist($Str) {
$EditionID++;
?>
<tr class="releases_<?= $ReleaseType ?> groupid_<?= $GroupID ?> edition group_torrent">
<td colspan="5" class="edition_info"><strong><a href="#" onclick="toggle_edition(<?= $GroupID ?>, <?= $EditionID ?>, this, event)" title="Collapse this edition. Hold &quot;Ctrl&quot; while clicking to collapse all editions in this torrent group.">&minus;</a> <?= Torrents::edition_string($Torrent, $TorrentDetails) ?></strong></td>
<tr class="releases_<?=($ReleaseType)?> groupid_<?=($GroupID)?> edition group_torrent">
<td colspan="5" class="edition_info"><strong><a href="#" onclick="toggle_edition(<?=($GroupID)?>, <?=($EditionID)?>, this, event)" title="Collapse this edition. Hold &quot;Ctrl&quot; while clicking to collapse all editions in this torrent group.">&minus;</a> <?= Torrents::edition_string($Torrent, $TorrentDetails) ?></strong></td>
</tr>
<?
}
@ -469,32 +469,32 @@ function filelist($Str) {
$LastRemasterCatalogueNumber = $RemasterCatalogueNumber;
$LastMedia = $Media;
?>
<tr class="torrent_row releases_<?= $ReleaseType ?> groupid_<?= $GroupID ?> edition_<?= $EditionID ?> group_torrent<?= $IsSnatched ? ' snatched_torrent' : '' ?>" style="font-weight: normal;" id="torrent<?= $TorrentID ?>">
<tr class="torrent_row releases_<?=($ReleaseType)?> groupid_<?=($GroupID)?> edition_<?=($EditionID)?> group_torrent<?=($IsSnatched ? ' snatched_torrent' : '')?>" style="font-weight: normal;" id="torrent<?=($TorrentID)?>">
<td>
<span>[ <a href="torrents.php?action=download&amp;id=<?= $TorrentID ?>&amp;authkey=<?= $LoggedUser['AuthKey'] ?>&amp;torrent_pass=<?= $LoggedUser['torrent_pass'] ?>" title="Download"><?= $HasFile ? 'DL' : 'Missing' ?></a>
<span>[ <a href="torrents.php?action=download&amp;id=<?=($TorrentID)?>&amp;authkey=<?=($LoggedUser['AuthKey'])?>&amp;torrent_pass=<?=($LoggedUser['torrent_pass'])?>" title="Download"><?=($HasFile ? 'DL' : 'Missing')?></a>
<? if (Torrents::can_use_token($Torrent)) { ?>
| <a href="torrents.php?action=download&amp;id=<?= $TorrentID ?>&amp;authkey=<?= $LoggedUser['AuthKey'] ?>&amp;torrent_pass=<?= $LoggedUser['torrent_pass'] ?>&amp;usetoken=1" title="Use a FL Token" onclick="return confirm('Are you sure you want to use a freeleech token here?');">FL</a>
| <a href="torrents.php?action=download&amp;id=<?=($TorrentID)?>&amp;authkey=<?=($LoggedUser['AuthKey'])?>&amp;torrent_pass=<?=($LoggedUser['torrent_pass'])?>&amp;usetoken=1" title="Use a FL Token" onclick="return confirm('Are you sure you want to use a freeleech token here?');">FL</a>
<? } ?>
| <a href="reportsv2.php?action=report&amp;id=<?= $TorrentID ?>" title="Report">RP</a>
| <a href="reportsv2.php?action=report&amp;id=<?=($TorrentID)?>" title="Report">RP</a>
<? if ($CanEdit) { ?>
| <a href="torrents.php?action=edit&amp;id=<?= $TorrentID ?>" title="Edit">ED</a>
| <a href="torrents.php?action=edit&amp;id=<?=($TorrentID)?>" title="Edit">ED</a>
<? }
if (check_perms('torrents_delete') || $UserID == $LoggedUser['ID']) { ?>
| <a href="torrents.php?action=delete&amp;torrentid=<?= $TorrentID ?>" title="Remove">RM</a>
| <a href="torrents.php?action=delete&amp;torrentid=<?=($TorrentID)?>" title="Remove">RM</a>
<? } ?>
| <a href="torrents.php?torrentid=<?= $TorrentID ?>" title="Permalink">PL</a>
| <a href="torrents.php?torrentid=<?=($TorrentID)?>" title="Permalink">PL</a>
]</span>
&raquo; <a href="#" onclick="$('#torrent_<?= $TorrentID ?>').toggle(); return false;"><?= $ExtraInfo; ?></a>
&raquo; <a href="#" onclick="$('#torrent_<?=($TorrentID)?>').toggle(); return false;"><?=($ExtraInfo)?></a>
</td>
<td class="nobr"><?= Format::get_size($Size) ?></td>
<td><?= number_format($Snatched) ?></td>
<td><?= number_format($Seeders) ?></td>
<td><?= number_format($Leechers) ?></td>
<td class="nobr"><?=(Format::get_size($Size))?></td>
<td><?=(number_format($Snatched))?></td>
<td><?=(number_format($Seeders))?></td>
<td><?=(number_format($Leechers))?></td>
</tr>
<tr class="releases_<?= $ReleaseType ?> groupid_<?= $GroupID ?> edition_<?= $EditionID ?> torrentdetails pad<? if (!isset($_GET['torrentid']) || $_GET['torrentid'] != $TorrentID) { ?> hidden<? } ?>" id="torrent_<?= $TorrentID; ?>">
<tr class="releases_<?=($ReleaseType)?> groupid_<?=($GroupID)?> edition_<?=($EditionID)?> torrentdetails pad<? if (!isset($_GET['torrentid']) || $_GET['torrentid'] != $TorrentID) { ?> hidden<? } ?>" id="torrent_<?=($TorrentID)?>">
<td colspan="5">
<blockquote>
Uploaded by <?= Users::format_username($UserID, false, false, false) ?> <?= time_diff($TorrentTime); ?>
Uploaded by <?=(Users::format_username($UserID, false, false, false))?> <?=time_diff($TorrentTime);?>
<? if ($Seeders == 0) {
if ($LastActive != '0000-00-00 00:00:00' && time() - strtotime($LastActive) >= 1209600) { ?>
<br /><strong>Last active: <?=time_diff($LastActive);?></strong>
@ -502,32 +502,32 @@ function filelist($Str) {
<br />Last active: <?=time_diff($LastActive);?>
<? }
if ($LastActive != '0000-00-00 00:00:00' && time() - strtotime($LastActive) >= 345678 && time() - strtotime($LastReseedRequest) >= 864000) { ?>
<br /><a href="torrents.php?action=reseed&amp;torrentid=<?= $TorrentID ?>&amp;groupid=<?= $GroupID ?>" class="brackets">Request re-seed</a>
<br /><a href="torrents.php?action=reseed&amp;torrentid=<?=($TorrentID)?>&amp;groupid=<?=($GroupID)?>" class="brackets">Request re-seed</a>
<? }
} ?>
</blockquote>
<? if (check_perms('site_moderate_requests')) { ?>
<div class="linkbox">
<a href="torrents.php?action=masspm&amp;id=<?= $GroupID ?>&amp;torrentid=<?= $TorrentID ?>" class="brackets">Mass PM snatchers</a>
<a href="torrents.php?action=masspm&amp;id=<?=($GroupID)?>&amp;torrentid=<?=($TorrentID)?>" class="brackets">Mass PM snatchers</a>
</div>
<? } ?>
<div class="linkbox">
<a href="#" class="brackets" onclick="show_peers('<?= $TorrentID ?>', 0);return false;">View peer list</a>
<a href="#" class="brackets" onclick="show_peers('<?=($TorrentID)?>', 0);return false;">View peer list</a>
<? if (check_perms('site_view_torrent_snatchlist')) { ?>
<a href="#" class="brackets" onclick="show_downloads('<?= $TorrentID ?>', 0);return false;" title="View the list of users that have clicked the &quot;DL&quot; button.">View download list</a>
<a href="#" class="brackets" onclick="show_snatches('<?= $TorrentID ?>', 0);return false;" title="View the list of users that have reported a snatch to the tracker.">View snatch list</a>
<a href="#" class="brackets" onclick="show_downloads('<?=($TorrentID)?>', 0);return false;" title="View the list of users that have clicked the &quot;DL&quot; button.">View download list</a>
<a href="#" class="brackets" onclick="show_snatches('<?=($TorrentID)?>', 0);return false;" title="View the list of users that have reported a snatch to the tracker.">View snatch list</a>
<? } ?>
<a href="#" class="brackets" onclick="show_files('<?= $TorrentID ?>');return false;">View file list</a>
<a href="#" class="brackets" onclick="show_files('<?=($TorrentID)?>');return false;">View file list</a>
<? if ($Reported) { ?>
<a href="#" class="brackets" onclick="show_reported('<?= $TorrentID ?>');return false;">View report information</a>
<a href="#" class="brackets" onclick="show_reported('<?=($TorrentID)?>');return false;">View report information</a>
<? } ?>
</div>
<div id="peers_<?= $TorrentID ?>" class="hidden"></div>
<div id="downloads_<?= $TorrentID ?>" class="hidden"></div>
<div id="snatches_<?= $TorrentID ?>" class="hidden"></div>
<div id="files_<?= $TorrentID ?>" class="hidden"><?= $FileTable ?></div>
<div id="peers_<?=($TorrentID)?>" class="hidden"></div>
<div id="downloads_<?=($TorrentID)?>" class="hidden"></div>
<div id="snatches_<?=($TorrentID)?>" class="hidden"></div>
<div id="files_<?=($TorrentID)?>" class="hidden"><?=($FileTable)?></div>
<? if ($Reported) { ?>
<div id="reported_<?= $TorrentID ?>" class="hidden"><?= $ReportInfo ?></div>
<div id="reported_<?=($TorrentID)?>" class="hidden"><?=($ReportInfo)?></div>
<? }
if (!empty($Description)) {
echo '<blockquote>' . $Text->full_format($Description) . '</blockquote>';

13
sections/torrents/index.php
View File

@ -247,7 +247,8 @@ function js_pages($Action, $TorrentID, $NumResults, $CurrentPage) {
}
// Mainly
$DB->query("SELECT
$DB->query("
SELECT
tc.Body,
tc.AuthorID,
tc.GroupID,
@ -256,7 +257,11 @@ function js_pages($Action, $TorrentID, $NumResults, $CurrentPage) {
WHERE tc.ID='".db_string($_POST['post'])."'");
list($OldBody, $AuthorID,$GroupID,$AddedTime) = $DB->next_record();
$DB->query("SELECT ceil(COUNT(ID) / ".TORRENT_COMMENTS_PER_PAGE.") AS Page FROM torrents_comments WHERE GroupID = $GroupID AND ID <= $_POST[post]");
$DB->query("
SELECT ceil(COUNT(ID) / ".TORRENT_COMMENTS_PER_PAGE.") AS Page
FROM torrents_comments
WHERE GroupID = $GroupID
AND ID <= $_POST[post]");
list($Page) = $DB->next_record();
if ($LoggedUser['ID'] != $AuthorID && !check_perms('site_moderate_forums')) {
@ -267,7 +272,9 @@ function js_pages($Action, $TorrentID, $NumResults, $CurrentPage) {
}
// Perform the update
$DB->query("UPDATE torrents_comments SET
$DB->query("
UPDATE torrents_comments
SET
Body = '".db_string($_POST['body'])."',
EditedUserID = '".db_string($LoggedUser['ID'])."',
EditedTime = '".sqltime()."'

12
sections/torrents/redownload.php
View File

@ -45,9 +45,10 @@
}
}
$DownloadsQ = $DB->query("SELECT
$DownloadsQ = $DB->query("
SELECT
t.ID AS TorrentID,
DATE_FORMAT(".$Month.",'%Y - %m') AS Month,
DATE_FORMAT($Month,'%Y - %m') AS Month,
t.GroupID,
t.Media,
t.Format,
@ -57,7 +58,7 @@
t.Size
FROM torrents as t
JOIN torrents_group AS tg ON t.GroupID=tg.ID
".$SQL."
$SQL
GROUP BY TorrentID");
$Collector = new TorrentsDL($DownloadsQ, "$Username's ".ucfirst($_GET['type']));
@ -65,7 +66,10 @@
while (list($Downloads, $GroupIDs) = $Collector->get_downloads('TorrentID')) {
$Artists = Artists::get_artists($GroupIDs);
$TorrentIDs = array_keys($GroupIDs);
$TorrentFilesQ = $DB->query("SELECT TorrentID, File FROM torrents_files WHERE TorrentID IN (".implode(',', $TorrentIDs).")", false);
$TorrentFilesQ = $DB->query('
SELECT TorrentID, File
FROM torrents_files
WHERE TorrentID IN ('.implode(',', $TorrentIDs).')', false);
if (is_int($TorrentFilesQ)) {
// Query failed. Let's not create a broken zip archive
foreach ($TorrentIDs as $TorrentID) {

22
sections/user/advancedsearch.php
View File

@ -195,7 +195,8 @@ function num_compare($Field, $Operand, $Num1, $Num2 = '') {
$Order = '';
$SQL = 'SQL_CALC_FOUND_ROWS
$SQL = '
SQL_CALC_FOUND_ROWS
um1.ID,
um1.Username,
um1.Uploaded,
@ -205,7 +206,8 @@ function num_compare($Field, $Operand, $Num1, $Num2 = '') {
} else {
$SQL .= "(SELECT COUNT(uid) FROM xbt_snatched AS xs WHERE xs.uid=um1.ID) AS Snatches,";
}
$SQL .= 'um1.PermissionID,
$SQL .= '
um1.PermissionID,
um1.Email,
um1.Enabled,
um1.IP,
@ -215,7 +217,8 @@ function num_compare($Field, $Operand, $Num1, $Num2 = '') {
ui1.Donor,
ui1.JoinDate,
um1.LastAccess
FROM users_main AS um1 JOIN users_info AS ui1 ON ui1.UserID=um1.ID ';
FROM users_main AS um1
JOIN users_info AS ui1 ON ui1.UserID=um1.ID ';
if (!empty($_GET['username'])) {
@ -227,15 +230,17 @@ function num_compare($Field, $Operand, $Num1, $Num2 = '') {
$Distinct = 'DISTINCT ';
$Join['he'] = ' JOIN users_history_emails AS he ON he.UserID=um1.ID ';
$Where[] = ' he.Email '.$Match.wrap($_GET['email']);
} else {
$Where[] = 'um1.Email'.$Match.wrap($_GET['email']);
}
}
if (!empty($_GET['email_cnt']) && is_number($_GET['email_cnt'])) {
$Query = "SELECT UserID FROM users_history_emails GROUP BY UserID HAVING COUNT(DISTINCT Email) ";
$Query = "
SELECT UserID
FROM users_history_emails
GROUP BY UserID
HAVING COUNT(DISTINCT Email) ";
if ($_GET['emails_opt'] === 'equal') {
$operator = '=';
}
@ -249,7 +254,7 @@ function num_compare($Field, $Operand, $Num1, $Num2 = '') {
$DB->query($Query);
$Users = implode(',', $DB->collect('UserID'));
if (!empty($Users)) {
$Where[] = "um1.ID IN (".$Users.")";
$Where[] = "um1.ID IN ($Users)";
}
}
@ -259,13 +264,11 @@ function num_compare($Field, $Operand, $Num1, $Num2 = '') {
$Distinct = 'DISTINCT ';
$Join['hi'] = ' JOIN users_history_ips AS hi ON hi.UserID=um1.ID ';
$Where[] = ' hi.IP '.$Match.wrap($_GET['ip'], '', true);
} else {
$Where[] = 'um1.IP'.$Match.wrap($_GET['ip'], '', true);
}
}
if (!empty($_GET['cc'])) {
if ($_GET['cc_op'] == "equal") {
$Where[] = "um1.ipcc = '".db_string($_GET['cc'])."'";
@ -361,7 +364,6 @@ function num_compare($Field, $Operand, $Num1, $Num2 = '') {
$Where[]='um1.PermissionID='.wrap($_GET['class'], '=');
}
if ($_GET['secclass'] != '') {
$Join['ul']=' JOIN users_levels AS ul ON um1.ID=ul.UserID ';
$Where[]='ul.PermissionID='.wrap($_GET['secclass'], '=');

93
sections/user/community_stats.php
View File

@ -2,7 +2,8 @@
// These stats used to be all together in one UNION'd query
// But we broke them up because they had a habit of locking each other to death.
// They all run really quickly anyways.
$DB->query("SELECT COUNT(x.uid), COUNT(DISTINCT x.fid)
$DB->query("
SELECT COUNT(x.uid), COUNT(DISTINCT x.fid)
FROM xbt_snatched AS x
INNER JOIN torrents AS t ON t.ID=x.fid
WHERE x.uid='$UserID'");
@ -20,16 +21,19 @@
$DB->query("SELECT COUNT(ID) FROM collages WHERE Deleted='0' AND UserID='$UserID'");
list($NumCollages) = $DB->next_record();
$DB->query("SELECT COUNT(DISTINCT CollageID)
$DB->query("
SELECT COUNT(DISTINCT CollageID)
FROM collages_torrents AS ct
JOIN collages ON CollageID = ID
WHERE Deleted='0' AND ct.UserID='$UserID'");
WHERE Deleted='0'
AND ct.UserID='$UserID'");
list($NumCollageContribs) = $DB->next_record();
$DB->query("SELECT COUNT(DISTINCT GroupID) FROM torrents WHERE UserID = '$UserID'");
list($UniqueGroups) = $DB->next_record();
$DB->query("SELECT COUNT(ID)
$DB->query("
SELECT COUNT(ID)
FROM torrents
WHERE ((LogScore = 100 AND Format = 'FLAC')
OR (Media = 'Vinyl' AND Format = 'FLAC')
@ -48,33 +52,33 @@
<ul class="stats nobullet">
<li>Forum posts: <?=number_format($ForumPosts)?> <a href="userhistory.php?action=posts&amp;userid=<?=$UserID?>" class="brackets" title="View">View</a></li>
<? if (($Override = check_paranoia_here('torrentcomments+'))) { ?>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?>>Torrent comments: <?=number_format($NumComments)?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Torrent comments: <?=number_format($NumComments)?>
<? if ($Override = check_paranoia_here('torrentcomments')) { ?>
<a href="comments.php?id=<?=$UserID?>" class="brackets<?= $Override===2 ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="comments.php?id=<?=$UserID?>" class="brackets<?=($Override === 2 ? ' paranoia_override' : '')?>" title="View">View</a>
<? } ?>
</li>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?>>Artist comments: <?=number_format($NumArtistComments)?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Artist comments: <?=number_format($NumArtistComments)?>
<? if ($Override = check_paranoia_here('torrentcomments')) { ?>
<a href="comments.php?id=<?=$UserID?>&amp;action=artists" class="brackets<?= $Override===2 ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="comments.php?id=<?=$UserID?>&amp;action=artists" class="brackets<?=($Override === 2 ? ' paranoia_override' : '')?>" title="View">View</a>
<? } ?>
</li>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?>>Request comments: <?=number_format($NumRequestComments)?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Request comments: <?=number_format($NumRequestComments)?>
<? if ($Override = check_paranoia_here('torrentcomments')) { ?>
<a href="comments.php?id=<?=$UserID?>&amp;action=requests" class="brackets<?= $Override===2 ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="comments.php?id=<?=$UserID?>&amp;action=requests" class="brackets<?=($Override === 2 ? ' paranoia_override' : '')?>" title="View">View</a>
<? } ?>
</li>
<? }
if (($Override = check_paranoia_here('collages+'))) { ?>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?>>Collages started: <?=number_format($NumCollages)?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Collages started: <?=number_format($NumCollages)?>
<? if (($Override = check_paranoia_here('collages'))) { ?>
<a href="collages.php?userid=<?=$UserID?>" class="brackets<?= ($Override===2) ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="collages.php?userid=<?=$UserID?>" class="brackets<?=(($Override === 2) ? ' paranoia_override' : '')?>" title="View">View</a>
<? } ?>
</li>
<? }
if (($Override = check_paranoia_here('collagecontribs+'))) { ?>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?>>Collages contributed to: <? echo number_format($NumCollageContribs); ?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Collages contributed to: <? echo number_format($NumCollageContribs); ?>
<? if (($Override = check_paranoia_here('collagecontribs'))) { ?>
<a href="collages.php?userid=<?=$UserID?>&amp;contrib=1" class="brackets<?= ($Override===2) ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="collages.php?userid=<?=$UserID?>&amp;contrib=1" class="brackets<?=(($Override === 2) ? ' paranoia_override' : '')?>" title="View">View</a>
<? } ?>
</li>
<? }
@ -92,9 +96,9 @@
<li>Requests filled: <?=number_format($RequestsFilled)?> for <?=Format::get_size($TotalBounty)?></li>
<? } elseif ($ViewAll) { ?>
<li>
<span<?= ($ViewCount === 2) ? ' class="paranoia_override"' : ''?>>Requests filled: <?=number_format($RequestsFilled)?></span>
<span<?= ($ViewBounty === 2) ? ' class="paranoia_override"' : ''?>> for <?=Format::get_size($TotalBounty) ?></span>
<a href="requests.php?type=filled&amp;userid=<?=$UserID?>" class="brackets<?= ($ViewAll === 2) ? ' paranoia_override' : '' ?>" title="View">View</a>
<span<?=(($ViewCount === 2) ? ' class="paranoia_override"' : '')?>>Requests filled: <?=number_format($RequestsFilled)?></span>
<span<?=(($ViewBounty === 2) ? ' class="paranoia_override"' : '')?>> for <?=Format::get_size($TotalBounty) ?></span>
<a href="requests.php?type=filled&amp;userid=<?=$UserID?>" class="brackets<?=(($ViewAll === 2) ? ' paranoia_override' : '')?>" title="View">View</a>
</li>
<? }
@ -114,57 +118,59 @@
<li>Requests voted: <?=number_format($RequestsVoted)?> for <?=Format::get_size($TotalSpent)?></li>
<? } elseif ($ViewAll) { ?>
<li>
<span<?= ($ViewCount === 2) ? ' class="paranoia_override"' : ''?>>Requests created: <?=number_format($RequestsCreated)?></span>
<span<?= ($ViewBounty === 2) ? ' class="paranoia_override"' : ''?>> for <?=Format::get_size($RequestsCreatedSpent)?></span>
<a href="requests.php?type=created&amp;userid=<?=$UserID?>" class="brackets<?= ($ViewAll === 2) ? ' paranoia_override' : '' ?>" title="View">View</a>
<span<?=(($ViewCount === 2) ? ' class="paranoia_override"' : '')?>>Requests created: <?=number_format($RequestsCreated)?></span>
<span<?=(($ViewBounty === 2) ? ' class="paranoia_override"' : '')?>> for <?=Format::get_size($RequestsCreatedSpent)?></span>
<a href="requests.php?type=created&amp;userid=<?=$UserID?>" class="brackets<?=(($ViewAll === 2) ? ' paranoia_override' : '')?>" title="View">View</a>
</li>
<li>
<span<?= ($ViewCount === 2) ? ' class="paranoia_override"' : ''?>>Requests voted: <?=number_format($RequestsVoted)?></span>
<span<?= ($ViewBounty === 2) ? ' class="paranoia_override"' : ''?>> for <?=Format::get_size($TotalSpent)?></span>
<a href="requests.php?type=voted&amp;userid=<?=$UserID?>" class="brackets<?= ($ViewAll === 2) ? ' paranoia_override' : '' ?>" title="View">View</a>
<span<?=(($ViewCount === 2) ? ' class="paranoia_override"' : '')?>>Requests voted: <?=number_format($RequestsVoted)?></span>
<span<?=(($ViewBounty === 2) ? ' class="paranoia_override"' : '')?>> for <?=Format::get_size($TotalSpent)?></span>
<a href="requests.php?type=voted&amp;userid=<?=$UserID?>" class="brackets<?=(($ViewAll === 2) ? ' paranoia_override' : '')?>" title="View">View</a>
</li>
<? }
if (($Override = check_paranoia_here('uploads+'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Uploaded: <?=number_format($Uploads)?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Uploaded: <?=number_format($Uploads)?>
<? if (($Override = check_paranoia_here('uploads'))) { ?>
<a href="torrents.php?type=uploaded&amp;userid=<?=$UserID?>" class="brackets<?= $Override === 2 ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="torrents.php?type=uploaded&amp;userid=<?=$UserID?>" class="brackets<?=($Override === 2 ? ' paranoia_override' : '')?>" title="View">View</a>
<? if (check_perms('zip_downloader')) { ?>
<a href="torrents.php?action=redownload&amp;type=uploads&amp;userid=<?=$UserID?>" onclick="return confirm('If you no longer have the content, your ratio WILL be affected; be sure to check the size of all torrents before redownloading.');" class="brackets<?= $Override === 2 ? ' paranoia_override' : '' ?>" title="Download">Download</a>
<a href="torrents.php?action=redownload&amp;type=uploads&amp;userid=<?=$UserID?>" onclick="return confirm('If you no longer have the content, your ratio WILL be affected; be sure to check the size of all torrents before redownloading.');" class="brackets<?=($Override === 2 ? ' paranoia_override' : '')?>" title="Download">Download</a>
<? }
}
?>
</li>
<? }
if (($Override = check_paranoia_here('uniquegroups+'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Unique groups: <? echo number_format($UniqueGroups); ?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Unique groups: <? echo number_format($UniqueGroups); ?>
<? if (($Override = check_paranoia_here('uniquegroups'))) { ?>
<a href="torrents.php?type=uploaded&amp;userid=<?=$UserID?>&amp;filter=uniquegroup" class="brackets<?= $Override === 2 ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="torrents.php?type=uploaded&amp;userid=<?=$UserID?>&amp;filter=uniquegroup" class="brackets<?=($Override === 2 ? ' paranoia_override' : '')?>" title="View">View</a>
<? } ?>
</li>
<? }
if (($Override = check_paranoia_here('perfectflacs+'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>"Perfect" FLACs: <? echo number_format($PerfectFLACs); ?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>"Perfect" FLACs: <? echo number_format($PerfectFLACs); ?>
<? if (($Override = check_paranoia_here('perfectflacs'))) { ?>
<a href="torrents.php?type=uploaded&amp;userid=<?=$UserID?>&amp;filter=perfectflac" class="brackets<?= $Override === 2 ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="torrents.php?type=uploaded&amp;userid=<?=$UserID?>&amp;filter=perfectflac" class="brackets<?=($Override === 2 ? ' paranoia_override' : '')?>" title="View">View</a>
<? } ?>
</li>
<? }
if (check_paranoia_here('seeding+') || check_paranoia_here('leeching+')) {
$DB->query("SELECT IF(remaining=0,'Seeding','Leeching') AS Type, COUNT(x.uid)
$DB->query("
SELECT IF(remaining=0,'Seeding','Leeching') AS Type, COUNT(x.uid)
FROM xbt_files_users AS x
INNER JOIN torrents AS t ON t.ID=x.fid
WHERE x.uid='$UserID' AND x.active=1
WHERE x.uid='$UserID'
AND x.active=1
GROUP BY Type");
$PeerCount = $DB->to_array(0, MYSQLI_NUM, false);
$Seeding = isset($PeerCount['Seeding'][1]) ? $PeerCount['Seeding'][1] : 0;
$Leeching = isset($PeerCount['Leeching'][1]) ? $PeerCount['Leeching'][1] : 0;
$Seeding = (isset($PeerCount['Seeding'][1]) ? $PeerCount['Seeding'][1] : 0);
$Leeching = (isset($PeerCount['Leeching'][1]) ? $PeerCount['Leeching'][1] : 0);
} ?>
<? if (($Override = check_paranoia_here('seeding+'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Seeding: <?=number_format($Seeding)?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Seeding: <?=number_format($Seeding)?>
<? if (($AOverride = check_paranoia_here('seeding'))) {
echo ((($Override = check_paranoia_here('snatched')) && $UniqueSnatched > 0 )
? '<span'.($Override === 2 ? ' class="paranoia_override"' : '').'> (' . 100 * min(1, round($Seeding / $UniqueSnatched, 2)).'%)</span>' : ''); ?>
<a href="torrents.php?type=seeding&amp;userid=<?=$UserID?>" class="brackets<?= $AOverride === 2 ? ' paranoia_override' :'' ?>" title="View">View</a>
<a href="torrents.php?type=seeding&amp;userid=<?=$UserID?>" class="brackets<?=($AOverride === 2 ? ' paranoia_override' : '')?>" title="View">View</a>
<? if (check_perms('zip_downloader')) { ?>
<a href="torrents.php?action=redownload&amp;type=seeding&amp;userid=<?=$UserID?>" onclick="return confirm('If you no longer have the content, your ratio WILL be affected; be sure to check the size of all torrents before redownloading.');" class="brackets" title="Download">Download</a>
<? }
@ -173,35 +179,36 @@
</li>
<? }
if (($Override = check_paranoia_here('leeching+'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Leeching: <? echo number_format($Leeching); ?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Leeching: <? echo number_format($Leeching); ?>
<? if (($Override = check_paranoia_here('leeching'))) { ?>
<a href="torrents.php?type=leeching&amp;userid=<?=$UserID?>" class="brackets<?= $Override === 2 ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="torrents.php?type=leeching&amp;userid=<?=$UserID?>" class="brackets<?=($Override === 2 ? ' paranoia_override' : '')?>" title="View">View</a>
<? }
echo ($DisableLeech == 0 && check_perms('users_view_ips')) ? ' <strong>(Disabled)</strong>' : ''
?>
</li>
<? }
if (($Override = check_paranoia_here('snatched+'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Snatched: <?=number_format($Snatched)?>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Snatched: <?=number_format($Snatched)?>
<? if (($Override = check_perms('site_view_torrent_snatchlist', $Class))) { ?>
(<?= $Override === 2 ? '<span class="paranoia_override">'.number_format($UniqueSnatched).'</span>' : number_format($UniqueSnatched) ?>)
(<?=($Override === 2 ? '<span class="paranoia_override">'.number_format($UniqueSnatched).'</span>' : number_format($UniqueSnatched))?>)
<? }
}
if (($Override = check_paranoia_here('snatched'))) { ?>
<a href="torrents.php?type=snatched&amp;userid=<?=$UserID?>" class="brackets<?= $Override === 2 ? ' paranoia_override' : '' ?>" title="View">View</a>
<a href="torrents.php?type=snatched&amp;userid=<?=$UserID?>" class="brackets<?=($Override === 2 ? ' paranoia_override' : '')?>" title="View">View</a>
<? if (check_perms('zip_downloader')) { ?>
<a href="torrents.php?action=redownload&amp;type=snatches&amp;userid=<?=$UserID?>" onclick="return confirm('If you no longer have the content, your ratio WILL be affected, be sure to check the size of all torrents before redownloading.');" class="brackets" title="Download">Download</a>
<? } ?>
</li>
<? }
if (($Override = check_perms('site_view_torrent_snatchlist', $Class))) {
$DB->query("SELECT COUNT(ud.UserID), COUNT(DISTINCT ud.TorrentID)
$DB->query("
SELECT COUNT(ud.UserID), COUNT(DISTINCT ud.TorrentID)
FROM users_downloads AS ud
INNER JOIN torrents AS t ON t.ID=ud.TorrentID
WHERE ud.UserID='$UserID'");
list($NumDownloads, $UniqueDownloads) = $DB->next_record();
?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Downloaded: <?=number_format($NumDownloads)?> (<?=number_format($UniqueDownloads)?>)
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Downloaded: <?=number_format($NumDownloads)?> (<?=number_format($UniqueDownloads)?>)
<a href="torrents.php?type=downloaded&amp;userid=<?=$UserID?>" class="brackets" title="View">View</a>
</li>
<? }

11
sections/user/edit.php
View File

@ -7,7 +7,8 @@
global $Cache;
$DB->query("SELECT
$DB->query("
SELECT
m.Username,
m.Email,
m.IRCKey,
@ -58,7 +59,7 @@ function checked($Checked) {
$SiteOptions = array();
}
View::show_header($Username.' > Settings','user,jquery,jquery-ui,release_sort,password_validate,validate,push_settings,cssgallery');
View::show_header($Username.' > Settings','user,jquery,jquery-ui,release_sort,password_validate,validate,push_settings,cssgallery,preview_paranoia');
@ -99,7 +100,7 @@ function checked($Checked) {
<? foreach ($Stylesheets as $Style) { ?>
<div class="preview_wrapper">
<div class="preview_image" name="<?=$Style['Name']?>" style="background: url('<?=STATIC_SERVER.'thumb_'.$Style['Name'].'.png'?>') no-repeat scroll center top #CCC"></div>
<p class="preview_name"><input type="radio" name="stylesheet_gallery" value="<?= $Style['ID'] ?>" /> <?= $Style["ProperName"] ?></p>
<p class="preview_name"><input type="radio" name="stylesheet_gallery" value="<?=($Style['ID'])?>" /> <?=($Style['ProperName'])?></p>
</div>
<? } ?>
</div>
@ -469,6 +470,10 @@ function checked($Checked) {
<br /><label><input type="checkbox" name="p_artistsadded" <?=checked(!in_array('artistsadded', $Paranoia))?>/> Number of artists added</label>
</td>
</tr>
<tr>
<td></td>
<td><a href="#" id="preview_paranoia" class="brackets">Preview paranoia</a><noscript> (Requires Javascript)</noscript></td>
</tr>
<tr class="colhead_dark">
<td colspan="2">
<strong>Reset passkey</strong>

4
sections/user/index.php
View File

@ -38,9 +38,7 @@
case 'search':// User search
if (check_perms('admin_advanced_user_search') && check_perms('users_view_ips') && check_perms('users_view_email')) {
include('advancedsearch.php');
}
else {
} else {
include('search.php');
}
break;

4
sections/user/lastfm.php
View File

@ -10,9 +10,9 @@
<div class="head colhead_dark">Last.fm</div>
<ul class="stats nobullet">
<li>
Username: <a id="lastfm_username" href="<?= $LastFMInfo['user']['url'] ?>" target="_blank" title="<?= $LastFMInfo['user']['name'] ?> on Last.fm: <?= number_format($LastFMInfo['user']['playcount']) ?> plays, <?= number_format($LastFMInfo['user']['playlists']) ?> playlists."><?= $LastFMInfo['user']['name'] ?></a>
Username: <a id="lastfm_username" href="<?=($LastFMInfo['user']['url'])?>" target="_blank" title="<?=($LastFMInfo['user']['name'])?> on Last.fm: <?=(number_format($LastFMInfo['user']['playcount']))?> plays, <?=(number_format($LastFMInfo['user']['playlists']))?> playlists."><?=($LastFMInfo['user']['name'])?></a>
</li>
<div id="lastfm_stats"<? if ($OwnProfile == true): ?> data-uid="<?= $OwnProfile ?>"<? endif; ?>>
<div id="lastfm_stats"<? if ($OwnProfile == true): ?> data-uid="<?=($OwnProfile)?>"<? endif; ?>>
</div>
<li>
<a href="#" id="lastfm_expand" onclick="return false" class="brackets">Show more info</a>

20
sections/user/takeedit.php
View File

@ -271,7 +271,10 @@
$SQL="UPDATE users_main AS m JOIN users_info AS i ON m.ID=i.UserID SET
$SQL = "
UPDATE users_main AS m
JOIN users_info AS i ON m.ID=i.UserID
SET
i.StyleID='".db_string($_POST['stylesheet'])."',
i.StyleURL='".db_string($_POST['styleurl'])."',
i.Avatar='".db_string($_POST['avatar'])."',
@ -289,24 +292,25 @@
$ChangerIP = db_string($LoggedUser['IP']);
$PassHash=Users::make_crypt_hash($_POST['new_pass_1']);
$SQL.=",m.PassHash='".db_string($PassHash)."'";
$DB->query("INSERT INTO users_history_passwords
(UserID, ChangerIP, ChangeTime) VALUES
$DB->query("
INSERT INTO users_history_passwords
(UserID, ChangerIP, ChangeTime)
VALUES
('$UserID', '$ChangerIP', '".sqltime()."')");
}
if (isset($_POST['resetpasskey'])) {
$UserInfo = Users::user_heavy_info($UserID);
$OldPassKey = db_string($UserInfo['torrent_pass']);
$NewPassKey = db_string(Users::make_secret());
$ChangerIP = db_string($LoggedUser['IP']);
$SQL.=",m.torrent_pass='$NewPassKey'";
$DB->query("INSERT INTO users_history_passkeys
(UserID, OldPassKey, NewPassKey, ChangerIP, ChangeTime) VALUES
$DB->query("
INSERT INTO users_history_passkeys
(UserID, OldPassKey, NewPassKey, ChangerIP, ChangeTime)
VALUES
('$UserID', '$OldPassKey', '$NewPassKey', '$ChangerIP', '".sqltime()."')");
$Cache->begin_transaction('user_info_heavy_'.$UserID);
$Cache->update_row(false, array('torrent_pass'=>$NewPassKey));

18
sections/user/takemoderate.php
View File

@ -718,11 +718,11 @@
$SET = implode(', ', $UpdateSet);
$sql = "UPDATE users_main AS m JOIN users_info AS i ON m.ID=i.UserID SET $SET WHERE m.ID='$UserID'";
$SQL = "UPDATE users_main AS m JOIN users_info AS i ON m.ID=i.UserID SET $SET WHERE m.ID='$UserID'";
// Perform update
//die($sql);
$DB->query($sql);
//die($SQL);
$DB->query($SQL);
if (isset($ClearStaffIDCache)) {
$Cache->delete_value('staff_ids');
@ -731,8 +731,8 @@
// redirect to user page
header("location: user.php?id=$UserID");
function translateUserStatus($status) {
switch ($status) {
function translateUserStatus($Status) {
switch ($Status) {
case 0:
return 'Unconfirmed';
case 1:
@ -740,18 +740,18 @@ function translateUserStatus($status) {
case 2:
return 'Disabled';
default:
return $status;
return $Status;
}
}
function translateLeechStatus($status) {
switch ($status) {
function translateLeechStatus($Status) {
switch ($Status) {
case 0:
return 'Disabled';
case 1:
return 'Enabled';
default:
return $status;
return $Status;
}
}
?>

97
sections/user/user.php
View File

@ -3,20 +3,31 @@
include(SERVER_ROOT.'/classes/class_text.php'); // Text formatting class
$Text = new TEXT;
if (empty($_GET['id']) || !is_numeric($_GET['id']))
error(404);
include(SERVER_ROOT.'/sections/requests/functions.php');
if (empty($_GET['id']) || !is_numeric($_GET['id']) || (!empty($_GET['preview']) && !is_numeric($_GET['preview']))) {
error(404);
}
$UserID = $_GET['id'];
$Preview = $_GET['preview'];
if ($UserID == $LoggedUser['ID']) {
$OwnProfile = true;
if ($Preview == 1) {
$OwnProfile = false;
$ParanoiaString = $_GET['paranoia'];
$CustomParanoia = explode(',', $ParanoiaString);
}
} else {
$OwnProfile = false;
//Don't allow any kind of previewing on others' profiles
$Preview = 0;
}
if (check_perms('users_mod')) { // Person viewing is a staff member
$DB->query("SELECT
$DB->query("
SELECT
m.Username,
m.Email,
m.LastAccess,
@ -66,7 +77,8 @@
LEFT JOIN users_main AS inviter ON i.Inviter = inviter.ID
LEFT JOIN permissions AS p ON p.ID=m.PermissionID
LEFT JOIN forums_posts AS posts ON posts.AuthorID = m.ID
WHERE m.ID = '".$UserID."' GROUP BY AuthorID");
WHERE m.ID = '$UserID'
GROUP BY AuthorID");
if ($DB->record_count() == 0) { // If user doesn't exist
header("Location: log.php?search=User+".$UserID);
@ -74,7 +86,8 @@
list($Username, $Email, $LastAccess, $IP, $Class, $Uploaded, $Downloaded, $RequiredRatio, $CustomTitle, $torrent_pass, $Enabled, $Paranoia, $Invites, $DisableLeech, $Visible, $JoinDate, $Info, $Avatar, $Country, $AdminComment, $Donor, $Artist, $Warned, $SupportFor, $RestrictedForums, $PermittedForums, $InviterID, $InviterName, $ForumPosts, $RatioWatchEnds, $RatioWatchDownload, $DisableAvatar, $DisableInvites, $DisablePosting, $DisableForums, $DisableTagging, $DisableUpload, $DisableWiki, $DisablePM, $DisableIRC, $DisableRequests, $DisableCountry, $FLTokens, $CommentHash) = $DB->next_record(MYSQLI_NUM, array(8, 11));
} else { // Person viewing is a normal user
$DB->query("SELECT
$DB->query("
SELECT
m.Username,
m.Email,
m.LastAccess,
@ -105,7 +118,8 @@
LEFT JOIN permissions AS p ON p.ID=m.PermissionID
LEFT JOIN users_main AS inviter ON i.Inviter = inviter.ID
LEFT JOIN forums_posts AS posts ON posts.AuthorID = m.ID
WHERE m.ID = $UserID GROUP BY AuthorID");
WHERE m.ID = $UserID
GROUP BY AuthorID");
if ($DB->record_count() == 0) { // If user doesn't exist
header("Location: log.php?search=User+".$UserID);
@ -117,15 +131,24 @@
// Image proxy CTs
$DisplayCustomTitle = $CustomTitle;
if (check_perms('site_proxy_images') && !empty($CustomTitle)) {
$DisplayCustomTitle = preg_replace_callback('~src=("?)(http.+?)(["\s>])~', function($Matches) {
$DisplayCustomTitle = preg_replace_callback('~src=("?)(http.+?)(["\s>])~',
function($Matches) {
return 'src=' . $Matches[1] . ImageTools::process($Matches[2]) . $Matches[3];
}, $CustomTitle);
}
if ($Preview == 1) {
if (strlen($ParanoiaString) == 0) {
$Paranoia = array();
} else {
$Paranoia = $CustomParanoia;
}
} else {
$Paranoia = unserialize($Paranoia);
if (!is_array($Paranoia)) {
$Paranoia = array();
}
}
$ParanoiaLevel = 0;
foreach ($Paranoia as $P) {
$ParanoiaLevel++;
@ -138,15 +161,19 @@
$LastAccess = time_diff($LastAccess);
function check_paranoia_here($Setting) {
global $Paranoia, $Class, $UserID;
global $Paranoia, $Class, $UserID, $Preview;
if ($Preview == 1) {
return check_paranoia($Setting, $Paranoia, $Class);
} else {
return check_paranoia($Setting, $Paranoia, $Class, $UserID);
}
}
$Badges=($Donor) ? '<a href="donate.php"><img src="'.STATIC_SERVER.'common/symbols/donor.png" alt="Donor" /></a>' : '';
$Badges = (($Donor) ? '<a href="donate.php"><img src="'.STATIC_SERVER.'common/symbols/donor.png" alt="Donor" /></a>' : '');
$Badges.=($Warned!='0000-00-00 00:00:00') ? '<img src="'.STATIC_SERVER.'common/symbols/warned.png" alt="Warned" />' : '';
$Badges.=($Enabled == '1' || $Enabled == '0' || !$Enabled) ? '': '<img src="'.STATIC_SERVER.'common/symbols/disabled.png" alt="Banned" />';
$Badges.=(($Warned!='0000-00-00 00:00:00') ? '<img src="'.STATIC_SERVER.'common/symbols/warned.png" alt="Warned" />' : '');
$Badges.=(($Enabled == '1' || $Enabled == '0' || !$Enabled) ? '' : '<img src="'.STATIC_SERVER.'common/symbols/disabled.png" alt="Banned" />');
View::show_header($Username, 'user,bbcode,requests,jquery,lastfm');
@ -222,25 +249,25 @@ function check_paranoia_here($Setting) {
<ul class="stats nobullet">
<li>Joined: <?=$JoinedDate?></li>
<? if (($Override = check_paranoia_here('lastseen'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Last seen: <?=$LastAccess?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Last seen: <?=$LastAccess?></li>
<? }
if (($Override=check_paranoia_here('uploaded'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?> title="<?=Format::get_size($Uploaded, 5)?>">Uploaded: <?=Format::get_size($Uploaded)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?> title="<?=Format::get_size($Uploaded, 5)?>">Uploaded: <?=Format::get_size($Uploaded)?></li>
<? }
if (($Override=check_paranoia_here('downloaded'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?> title="<?=Format::get_size($Downloaded, 5)?>">Downloaded: <?=Format::get_size($Downloaded)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?> title="<?=Format::get_size($Downloaded, 5)?>">Downloaded: <?=Format::get_size($Downloaded)?></li>
<? }
if (($Override=check_paranoia_here('ratio'))) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Ratio: <?=Format::get_ratio_html($Uploaded, $Downloaded)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Ratio: <?=Format::get_ratio_html($Uploaded, $Downloaded)?></li>
<? }
if (($Override=check_paranoia_here('requiredratio')) && isset($RequiredRatio)) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Required ratio: <?=number_format((double)$RequiredRatio, 2)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Required ratio: <?=number_format((double)$RequiredRatio, 2)?></li>
<? }
if ($OwnProfile || ($Override=check_paranoia_here(false)) || check_perms('users_mod')) { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>><a href="userhistory.php?action=token_history&amp;userid=<?=$UserID?>">Tokens</a>: <?=number_format($FLTokens)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>><a href="userhistory.php?action=token_history&amp;userid=<?=$UserID?>">Tokens</a>: <?=number_format($FLTokens)?></li>
<? }
if (($OwnProfile || check_perms('users_mod')) && $Warned!='0000-00-00 00:00:00') { ?>
<li<?= $Override === 2 ? ' class="paranoia_override"' : ''?>>Warning expires: <?= date('Y-m-d H:i', strtotime($Warned)) ?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?>>Warning expires: <?=(date('Y-m-d H:i', strtotime($Warned)))?></li>
<? } ?>
</ul>
</div>
@ -251,21 +278,29 @@ function check_paranoia_here($Setting) {
include(SERVER_ROOT.'/sections/user/lastfm.php');
if (check_paranoia_here('requestsfilled_count') || check_paranoia_here('requestsfilled_bounty')) {
$DB->query("SELECT
$DB->query("
SELECT
COUNT(DISTINCT r.ID),
SUM(rv.Bounty)
FROM requests AS r
LEFT JOIN requests_votes AS rv ON r.ID=rv.RequestID
WHERE r.FillerID = ".$UserID);
WHERE r.FillerID = $UserID");
list($RequestsFilled, $TotalBounty) = $DB->next_record();
} else {
$RequestsFilled = $TotalBounty = 0;
}
if (check_paranoia_here('requestsvoted_count') || check_paranoia_here('requestsvoted_bounty')) {
$DB->query("SELECT COUNT(rv.RequestID), SUM(rv.Bounty) FROM requests_votes AS rv WHERE rv.UserID = ".$UserID);
$DB->query("
SELECT COUNT(rv.RequestID), SUM(rv.Bounty)
FROM requests_votes AS rv
WHERE rv.UserID = $UserID");
list($RequestsVoted, $TotalSpent) = $DB->next_record();
$DB->query('SELECT COUNT(r.ID), SUM(rv.Bounty) FROM requests AS r LEFT JOIN requests_votes AS rv ON rv.RequestID = r.ID AND rv.UserID = r.UserID WHERE r.UserID = ' . $UserID);
$DB->query("
SELECT COUNT(r.ID), SUM(rv.Bounty)
FROM requests AS r
LEFT JOIN requests_votes AS rv ON rv.RequestID = r.ID AND rv.UserID = r.UserID
WHERE r.UserID = $UserID");
list($RequestsCreated, $RequestsCreatedSpent) = $DB->next_record();
} else {
$RequestsVoted = $TotalSpent = $RequestsCreated = $RequestsCreatedSpent = 0;
@ -310,23 +345,23 @@ function check_paranoia_here($Setting) {
<div class="head colhead_dark">Percentile rankings (hover for values)</div>
<ul class="stats nobullet">
<? if (($Override=check_paranoia_here('uploaded'))) { ?>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?> title="<?=Format::get_size($Uploaded)?>">Data uploaded: <?=$UploadedRank === false ? 'Server busy' : number_format($UploadedRank)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?> title="<?=Format::get_size($Uploaded)?>">Data uploaded: <?=$UploadedRank === false ? 'Server busy' : number_format($UploadedRank)?></li>
<? } ?>
<? if (($Override=check_paranoia_here('downloaded'))) { ?>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?> title="<?=Format::get_size($Downloaded)?>">Data downloaded: <?=$DownloadedRank === false ? 'Server busy' : number_format($DownloadedRank)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?> title="<?=Format::get_size($Downloaded)?>">Data downloaded: <?=$DownloadedRank === false ? 'Server busy' : number_format($DownloadedRank)?></li>
<? } ?>
<? if (($Override=check_paranoia_here('uploads+'))) { ?>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?> title="<?=number_format($Uploads)?>">Torrents uploaded: <?=$UploadsRank === false ? 'Server busy' : number_format($UploadsRank)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?> title="<?=number_format($Uploads)?>">Torrents uploaded: <?=$UploadsRank === false ? 'Server busy' : number_format($UploadsRank)?></li>
<? } ?>
<? if (($Override=check_paranoia_here('requestsfilled_count'))) { ?>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?> title="<?=number_format($RequestsFilled)?>">Requests filled: <?=$RequestRank === false ? 'Server busy' : number_format($RequestRank)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?> title="<?=number_format($RequestsFilled)?>">Requests filled: <?=$RequestRank === false ? 'Server busy' : number_format($RequestRank)?></li>
<? } ?>
<? if (($Override=check_paranoia_here('requestsvoted_bounty'))) { ?>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?> title="<?=Format::get_size($TotalSpent)?>">Bounty spent: <?=$BountyRank === false ? 'Server busy' : number_format($BountyRank)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?> title="<?=Format::get_size($TotalSpent)?>">Bounty spent: <?=$BountyRank === false ? 'Server busy' : number_format($BountyRank)?></li>
<? } ?>
<li title="<?=number_format($ForumPosts)?>">Posts made: <?=$PostRank === false ? 'Server busy' : number_format($PostRank)?></li>
<? if (($Override=check_paranoia_here('artistsadded'))) { ?>
<li<?= $Override===2 ? ' class="paranoia_override"' : ''?> title="<?=number_format($ArtistsAdded)?>">Artists added: <?=$ArtistsRank === false ? 'Server busy' : number_format($ArtistsRank)?></li>
<li<?=($Override === 2 ? ' class="paranoia_override"' : '')?> title="<?=number_format($ArtistsAdded)?>">Artists added: <?=$ArtistsRank === false ? 'Server busy' : number_format($ArtistsRank)?></li>
<? } ?>
<? if (check_paranoia_here(array('uploaded', 'downloaded', 'uploads+', 'requestsfilled_count', 'requestsvoted_bounty', 'artistsadded'))) { ?>
<li><strong>Overall rank: <?=$OverallRank === false ? 'Server busy' : number_format($OverallRank)?></strong></li>
@ -452,7 +487,7 @@ function check_paranoia_here($Setting) {
} else {
echo number_format($Invites);
}
echo " (".$Pending.")"
echo " ($Pending)"
?></li>
<?
}
@ -463,10 +498,10 @@ function check_paranoia_here($Setting) {
}
if ($Override = check_perms('users_mod') || $OwnProfile || !empty($SupportFor)) {
?>
<li <?= $Override===2 || $SupportFor ? 'class="paranoia_override"' : ''?>>Clients: <?
<li <?=($Override === 2 || $SupportFor ? 'class="paranoia_override"' : '')?>>Clients: <?
$DB->query("SELECT DISTINCT useragent FROM xbt_files_users WHERE uid = ".$UserID);
$Clients = $DB->collect(0);
echo implode("; ", $Clients);
echo implode('; ', $Clients);
?></li>
<?
}

2
sections/userhistory/ip_history.php
View File

@ -37,7 +37,7 @@
$SearchIPQuery = " AND h1.IP = '$SearchIP' ";
}
View::show_header("IP history for $Username");
View::show_header("IP address history for $Username");
?>
<script type="text/javascript">//<![CDATA[
function ShowIPs(rowname) {

44
static/functions/preview_paranoia.js Normal file
View File

@ -0,0 +1,44 @@
(function($){
// Used to get user ID from URL.
function getURLParameter(name) {
return decodeURIComponent((new RegExp('[?|&]' + name + '=' + '([^&;]+?)(&|#|;|$)').exec(location.search)||[,""])[1].replace(/\+/g, '%20'))||null;
}
// Attach click event on document ready.
$(function(){
$('a#preview_paranoia').click(function(event) {
event.preventDefault();
var paranoia = {};
// Build an object of unchecked (hidden, not allowed for others to see) paranoias.
// We "abuse" object keys to implement sets in JavaScript. This is simpler and
// more memory efficient than building a string and working through that each time.
$('input[name^="p_"]').each(function() {
if (!$(this).prop('checked')) {
var attribute = $(this).attr('name').replace(/^p_/,'');
if (/_c$/.test(attribute)) {
paranoia[attribute.replace(/_.$/,'') + '+'] = 1;
} else if (/_l$/.test(attribute)) {
if (typeof paranoia[attribute.replace(/_.$/,'') + '+'] == "undefined") {
paranoia[attribute.replace(/_.$/,'')] = 1;
}
} else {
paranoia[attribute] = 1;
}
}
});
// Build into a comma-delimited string.
var paranoiaString = "";
for (var key in paranoia) {
if (key === 'length' || !paranoia.hasOwnProperty(key)) {
continue;
}
paranoiaString += key+',';
}
// Get rid of trailing comma.
paranoiaString = paranoiaString.substring(0, paranoiaString.length - 1);
// Get user ID from URL parameter.
var userId = getURLParameter("userid");
// Open a new tab with specified paranoia settings.
window.open('user.php?id=' + encodeURIComponent(userId) + '&preview=1&paranoia=' + encodeURIComponent(paranoiaString), '_blank');
});
});
})(jQuery);

1003
static/styles/proton/style.css
View File

File diff suppressed because it is too large Load Diff