mirror of
https://github.com/WhatCD/Gazelle.git
synced 2024-12-13 19:06:27 +00:00
Abstracting the compose box for staffpms
Allow FLS to assign to staff or forum staff Allow FLS to unresolve all FLS PMs empty commit (testing debug site) empty commit (again) Permissions can only be created up to your current level Permissions can only be altered up to your current level Image proxy should function correctly with SSL now Forums can only be altered up to your current level Adding option to delete polls Remove ghost resolver bug Fixing autocomplete escpaing improved .gitignore Adding debug to all ajax pages Fixed escaping on autocomplete pages
This commit is contained in:
parent
dd04b95709
commit
f76e290493
@ -1,7 +1,10 @@
|
||||
<?
|
||||
require 'config.php'; //The config contains all site wide configuration information as well as memcached rules
|
||||
require(SERVER_ROOT.'/classes/class_debug.php');
|
||||
require(SERVER_ROOT.'/classes/class_cache.php'); //Require the caching class
|
||||
require(SERVER_ROOT.'/classes/class_encrypt.php'); //Require the caching class
|
||||
|
||||
$Debug = new DEBUG;
|
||||
$Cache = NEW CACHE; //Load the caching class
|
||||
$Enc = NEW CRYPT; //Load the encryption class
|
||||
|
||||
@ -89,3 +92,21 @@ function display_array($Array, $DontEscape = array()) {
|
||||
}
|
||||
return $Array;
|
||||
}
|
||||
|
||||
function make_secret($Length = 32) {
|
||||
$Secret = '';
|
||||
$Chars='abcdefghijklmnopqrstuvwxyz0123456789';
|
||||
for($i=0; $i<$Length; $i++) {
|
||||
$Rand = mt_rand(0, strlen($Chars)-1);
|
||||
$Secret .= substr($Chars, $Rand, 1);
|
||||
}
|
||||
return str_shuffle($Secret);
|
||||
}
|
||||
|
||||
// Send a message to an IRC bot listening on SOCKET_LISTEN_PORT
|
||||
function send_irc($Raw) {
|
||||
$IRCSocket = fsockopen(SOCKET_LISTEN_ADDRESS, SOCKET_LISTEN_PORT);
|
||||
$Raw = str_replace(array("\n", "\r"), '', $Raw);
|
||||
fwrite($IRCSocket, $Raw);
|
||||
fclose($IRCSocket);
|
||||
}
|
||||
|
@ -514,7 +514,7 @@ function to_html($Array) {
|
||||
$Str.='[img]'.$Block['Val'].'[/img]';
|
||||
} else {
|
||||
if(check_perms('site_proxy_images')) {
|
||||
$Str.='<img style="max-width: 500px;" onclick="lightbox.init(this,500);" alt="'.$Block['Val'].'" src="http://'.SITE_URL.'/image.php?i='.urlencode($Block['Val']).'" />';
|
||||
$Str.='<img style="max-width: 500px;" onclick="lightbox.init(this,500);" alt="'.$Block['Val'].'" src="http'.($SSL?'s':'').'://'.SITE_URL.'/image.php?i='.urlencode($Block['Val']).'" />';
|
||||
} else {
|
||||
$Str.='<img style="max-width: 500px;" onclick="lightbox.init(this,500);" alt="'.$Block['Val'].'" src="'.$Block['Val'].'" />';
|
||||
}
|
||||
|
@ -314,7 +314,7 @@ function user_info($UserID) {
|
||||
|
||||
// Image proxy
|
||||
if(check_perms('site_proxy_images') && !empty($UserInfo['Avatar'])) {
|
||||
$UserInfo['Avatar'] = 'http://'.SITE_URL.'/image.php?c=1&avatar='.$UserID.'&i='.urlencode($UserInfo['Avatar']);
|
||||
$UserInfo['Avatar'] = 'http'.($SSL?'s':'').'://'.SITE_URL.'/image.php?c=1&avatar='.$UserID.'&i='.urlencode($UserInfo['Avatar']);
|
||||
}
|
||||
return $UserInfo;
|
||||
}
|
||||
@ -1030,10 +1030,11 @@ function delete_torrent($ID, $GroupID=0) {
|
||||
|
||||
|
||||
$DB->query("UPDATE reportsv2 SET
|
||||
Status='Resolved',
|
||||
LastChangeTime='".sqltime()."',
|
||||
ModComment='Report already dealt with (Torrent deleted)'
|
||||
WHERE TorrentID=".$ID);
|
||||
Status='Resolved',
|
||||
LastChangeTime='".sqltime()."',
|
||||
ModComment='Report already dealt with (Torrent deleted)'
|
||||
WHERE TorrentID=".$ID."
|
||||
AND Status != 'Resolved'");
|
||||
$Reports = $DB->affected_rows();
|
||||
if($Reports) {
|
||||
$Cache->decrement('num_torrent_reportsv2', $Reports);
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -4,13 +4,15 @@
|
||||
|
||||
if(empty($_GET['name'])) { die('["",[],[],[]]'); }
|
||||
|
||||
$FullName = rawurldecode($_GET['name']);
|
||||
|
||||
$MaxKeySize = 4;
|
||||
if (strtolower(substr($_GET['name'],0,4)) == 'the ') {
|
||||
if (strtolower(substr($FullName,0,4)) == 'the ') {
|
||||
$MaxKeySize += 4;
|
||||
}
|
||||
$KeySize = min($MaxKeySize,max(1,strlen($_GET['name'])));
|
||||
$KeySize = min($MaxKeySize,max(1,strlen($FullName)));
|
||||
|
||||
$Letters = strtolower(substr($_GET['name'],0,$KeySize));
|
||||
$Letters = strtolower(substr($FullName,0,$KeySize));
|
||||
$AutoSuggest = $Cache->get('autocomplete_artist_'.$KeySize.'_'.$Letters);
|
||||
if(!is_array($AutoSuggest)) {
|
||||
if(!isset($DB) || !is_object($DB)) {
|
||||
@ -25,7 +27,7 @@
|
||||
FROM artists_group AS a
|
||||
INNER JOIN torrents_artists AS ta ON ta.ArtistID=a.ArtistID
|
||||
INNER JOIN torrents AS t ON t.GroupID=ta.GroupID
|
||||
WHERE a.Name LIKE '$Letters%'
|
||||
WHERE a.Name LIKE '".db_string($Letters)."%'
|
||||
GROUP BY ta.ArtistID
|
||||
ORDER BY Snatches DESC
|
||||
LIMIT $Limit");
|
||||
@ -39,7 +41,7 @@
|
||||
$Links = array();
|
||||
foreach ($AutoSuggest as $Suggestion) {
|
||||
list($ID,$Name, $Snatch) = $Suggestion;
|
||||
if (stripos($Name,$_GET['name']) === 0) {
|
||||
if (stripos($Name,$FullName) === 0) {
|
||||
$Suggestions[] = display_str($Name);
|
||||
$Snatches[] = number_format($Snatch).' snatches';
|
||||
$Links[] = 'http'.($SSL?'s':'').'://'.$_SERVER['HTTP_HOST'].'/artist.php?id='.$ID;
|
||||
@ -49,4 +51,4 @@
|
||||
}
|
||||
}
|
||||
|
||||
echo json_encode(array($_GET['name'],$Suggestions,$Snatches,$Links));
|
||||
echo json_encode(array($FullName,$Suggestions,$Snatches,$Links));
|
||||
|
35
sections/forums/delete_poll_option.php
Normal file
35
sections/forums/delete_poll_option.php
Normal file
@ -0,0 +1,35 @@
|
||||
<?
|
||||
authorize();
|
||||
if(!check_perms("site_moderate_forums")) {
|
||||
error(404);
|
||||
}
|
||||
|
||||
$ThreadID = $_GET['threadid'];
|
||||
$PollOption = $_GET['vote'];
|
||||
|
||||
if(is_number($ThreadID) && is_number($PollOption)) {
|
||||
$DB->query("SELECT ForumID FROM forums_topics WHERE ID = $ThreadID");
|
||||
list($ForumID) = $DB->next_record();
|
||||
if(!in_array($ForumID, $ForumsRevealVoters)) {
|
||||
error(403);
|
||||
}
|
||||
|
||||
$DB->query("SELECT Answers FROM forums_polls WHERE TopicID = ".$ThreadID);
|
||||
if($DB->record_count() < 1) {
|
||||
error(404);
|
||||
}
|
||||
|
||||
list($Answers) = $DB->next_record(MYSQLI_NUM, false);
|
||||
$Answers = unserialize($Answers);
|
||||
unset($Answers[$PollOption]);
|
||||
$Answers = serialize($Answers);
|
||||
|
||||
$DB->query("UPDATE forums_polls SET Answers = '".db_string($Answers)."' WHERE TopicID = ".$ThreadID);
|
||||
$DB->query("DELETE FROM forums_polls_votes WHERE Vote = ".$PollOption." AND TopicID = ".$ThreadID);
|
||||
|
||||
$Cache->delete_value('polls_'.$ThreadID);
|
||||
header("Location: forums.php?action=viewthread&threadid=".$ThreadID);
|
||||
|
||||
} else {
|
||||
error(404);
|
||||
}
|
@ -109,6 +109,9 @@
|
||||
// Change poll vote
|
||||
require(SERVER_ROOT.'/sections/forums/change_vote.php');
|
||||
break;
|
||||
case 'delete_poll_option':
|
||||
require(SERVER_ROOT.'/sections/forums/delete_poll_option.php');
|
||||
break;
|
||||
case 'sticky_post':
|
||||
require(SERVER_ROOT.'/sections/forums/sticky_post.php');
|
||||
break;
|
||||
|
@ -245,7 +245,11 @@
|
||||
|
||||
foreach($Answers as $i => $Answer) {
|
||||
?>
|
||||
<li><a href="forums.php?action=change_vote&threadid=<?=$ThreadID?>&auth=<?=$LoggedUser['AuthKey']?>&vote=<?=(int) $i?>"><?=display_str($Answer == '' ? "Blank" : $Answer)?></a> - <?=$StaffVotes[$i]?> (<?=number_format(((float) $Votes[$i]/$TotalVotes)*100, 2)?>%)</li>
|
||||
<li>
|
||||
<a href="forums.php?action=change_vote&threadid=<?=$ThreadID?>&auth=<?=$LoggedUser['AuthKey']?>&vote=<?=(int) $i?>"><?=display_str($Answer == '' ? "Blank" : $Answer)?></a>
|
||||
- <?=$StaffVotes[$i]?> (<?=number_format(((float) $Votes[$i]/$TotalVotes)*100, 2)?>%)
|
||||
<a href="forums.php?action=delete_poll_option&threadid=<?=$ThreadID?>&auth=<?=$LoggedUser['AuthKey']?>&vote=<?=(int) $i?>">[X]</a>
|
||||
</li>
|
||||
<? } ?>
|
||||
<li><a href="forums.php?action=change_vote&threadid=<?=$ThreadID?>&auth=<?=$LoggedUser['AuthKey']?>&vote=0">Blank</a> - <?=$StaffVotes[0]?> (<?=number_format(((float) $Votes[0]/$TotalVotes)*100, 2)?>%)</li>
|
||||
</ul>
|
||||
|
@ -94,7 +94,7 @@
|
||||
if(empty($HeavyInfo['DisableAvatars'])) {
|
||||
if(!empty($Avatar)) {
|
||||
if(check_perms('site_proxy_images')) {
|
||||
$Avatar = 'http://'.SITE_URL.'/image.php?c=1&i='.urlencode($Avatar);
|
||||
$Avatar = 'http'.($SSL?'s':'').'://'.SITE_URL.'/image.php?c=1&i='.urlencode($Avatar);
|
||||
}
|
||||
?>
|
||||
<img src="<?=$Avatar?>" alt="<?=$Username?>'s avatar" width="50px" />
|
||||
|
@ -50,7 +50,7 @@
|
||||
</div>
|
||||
<br />
|
||||
<div class="box pad" style="padding:0px 10px 10px 10px;">
|
||||
<h3>Forum moderators</h3>
|
||||
<h3>Forum Moderators</h3>
|
||||
<p>Forum Mods are users who have been promoted to help moderate the forums. They can only help with forum oriented questions</p>
|
||||
<table class="staff" width="100%">
|
||||
<tr class="colhead">
|
||||
|
@ -155,8 +155,15 @@
|
||||
$DB->query("SELECT p.ID,p.Name,p.Level,p.Values,p.DisplayStaff,COUNT(u.ID) FROM permissions AS p LEFT JOIN users_main AS u ON u.PermissionID=p.ID WHERE p.ID='".db_string($_REQUEST['id'])."' GROUP BY p.ID");
|
||||
list($ID,$Name,$Level,$Values,$DisplayStaff,$UserCount)=$DB->next_record(MYSQLI_NUM, array(3));
|
||||
|
||||
if($Level > $LoggedUser['Class'] || $_REQUEST['level'] > $LoggedUser['Class']) {
|
||||
error(403);
|
||||
}
|
||||
|
||||
|
||||
$Values=unserialize($Values);
|
||||
}
|
||||
|
||||
|
||||
|
||||
if (!empty($_POST['submit'])) {
|
||||
$Err = $Val->ValidateForm($_POST);
|
||||
|
@ -17,8 +17,23 @@
|
||||
$Err=$Val->ValidateForm($_POST); // Validate the form
|
||||
if($Err){ error($Err); }
|
||||
|
||||
if($P['minclassread'] > $LoggedUser['Class'] || $P['minclasswrite'] > $LoggedUser['Class'] || $P['minclasscreate'] > $LoggedUser['Class']) {
|
||||
error(403);
|
||||
}
|
||||
|
||||
|
||||
if($_POST['submit'] == 'Edit'){ //Edit
|
||||
if(!is_number($_POST['id']) || $_POST['id'] == ''){ error(0); }
|
||||
$DB->query("SELECT MinClassRead FROM forums WHERE ID=".$P['id']);
|
||||
if($DB->record_count() < 1) {
|
||||
error(404);
|
||||
} else {
|
||||
list($MinClassRead) = $DB->next_record();
|
||||
if($MinClassRead > $LoggedUser['Class']) {
|
||||
error(403);
|
||||
}
|
||||
}
|
||||
|
||||
$DB->query("UPDATE forums SET
|
||||
Sort='$P[sort]',
|
||||
CategoryID='$P[categoryid]',
|
||||
|
@ -180,7 +180,7 @@ function check_paranoia_here($Setting) {
|
||||
<div class="sidebar">
|
||||
<? if ($Avatar && empty($HeavyInfo['DisableAvatars'])) {
|
||||
if(check_perms('site_proxy_images') && !empty($Avatar)) {
|
||||
$Avatar = 'http://'.SITE_URL.'/image.php?c=1&avatar='.$UserID.'&i='.urlencode($Avatar);
|
||||
$Avatar = 'http'.($SSL?'s':'').'://'.SITE_URL.'/image.php?c=1&avatar='.$UserID.'&i='.urlencode($Avatar);
|
||||
}
|
||||
?>
|
||||
<div class="box">
|
||||
|
@ -47,7 +47,7 @@
|
||||
}
|
||||
|
||||
if(check_perms('site_proxy_images') && !empty($Avatar)) {
|
||||
$Avatar = 'http://'.SITE_URL.'/image.php?c=1&i='.urlencode($Avatar);
|
||||
$Avatar = 'http'.($SSL?'s':'').'://'.SITE_URL.'/image.php?c=1&i='.urlencode($Avatar);
|
||||
}
|
||||
|
||||
show_header('Post history for '.$Username,'subscriptions,comments,bbcode');
|
||||
|
@ -37,7 +37,7 @@ var autocomp = {
|
||||
case 8: //backspace
|
||||
this.href = null;
|
||||
this.list.style.visibility = 'hidden';
|
||||
this.timer = setTimeout("autocomp.get('" + this.input.value + "');",500);
|
||||
this.timer = setTimeout("autocomp.get('" + escape(this.input.value) + "');",500);
|
||||
break;
|
||||
case 38: //up
|
||||
case 40: //down
|
||||
@ -52,7 +52,7 @@ var autocomp = {
|
||||
return 0;
|
||||
default:
|
||||
this.href = null;
|
||||
this.timer = setTimeout("autocomp.get('"+this.input.value+"');",300);
|
||||
this.timer = setTimeout("autocomp.get('" + escape(this.input.value) + "');",300);
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
|
Loading…
Reference in New Issue
Block a user