query("SELECT CEIL((SELECT COUNT(ID)+1 FROM artist_comments AS ac WHERE ac.ArtistID='".db_string($ArtistID)."')/".TORRENT_COMMENTS_PER_PAGE.") AS Pages"); list($Pages) = $DB->next_record(); $DB->query("INSERT INTO artist_comments (ArtistID,AuthorID,AddedTime,Body) VALUES ( '".db_string($ArtistID)."', '".db_string($LoggedUser['ID'])."','".sqltime()."','".db_string($_POST['body'])."')"); $PostID=$DB->inserted_id(); $CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE*$Pages-TORRENT_COMMENTS_PER_PAGE)/THREAD_CATALOGUE); $Cache->begin_transaction('artist_comments_'.$ArtistID.'_catalogue_'.$CatalogueID); $Post = array( 'ID'=>$PostID, 'AuthorID'=>$LoggedUser['ID'], 'AddedTime'=>sqltime(), 'Body'=>$_POST['body'], 'EditedUserID'=>0, 'EditedTime'=>'0000-00-00 00:00:00', 'Username'=>'' ); $Cache->insert('', $Post); $Cache->commit_transaction(0); $Cache->increment('artist_comments_'.$ArtistID); header('Location: artist.php?id='.$ArtistID.'&page='.$Pages); break; case 'warn' : include(SERVER_ROOT.'/sections/artist/warn.php'); break; case 'take_warn' : include(SERVER_ROOT.'/sections/artist/take_warn.php'); break; default: error(0); } } elseif(!empty($_GET['action'])) { switch ($_GET['action']) { case 'get_post': if (!$_GET['post'] || !is_number($_GET['post'])) { error(0); } $DB->query("SELECT Body FROM artist_comments WHERE ID='".db_string($_GET['post'])."'"); list($Body) = $DB->next_record(MYSQLI_NUM); echo trim($Body); break; case 'delete_comment': authorize(); // Quick SQL injection check if (!$_GET['postid'] || !is_number($_GET['postid'])) { error(0); } // Make sure they are moderators if (!check_perms('site_moderate_forums')) { error(403); } // Get topicid, forumid, number of pages $DB->query("SELECT ArtistID, CEIL(COUNT(ac.ID)/".TORRENT_COMMENTS_PER_PAGE.") AS Pages, CEIL(SUM(IF(ac.ID<=".$_GET['postid'].",1,0))/".TORRENT_COMMENTS_PER_PAGE.") AS Page FROM artist_comments AS ac WHERE ac.ArtistID=(SELECT ArtistID FROM artist_comments WHERE ID=".$_GET['postid'].") GROUP BY ac.ArtistID"); list($ArtistID,$Pages,$Page)=$DB->next_record(); // $Pages = number of pages in the thread // $Page = which page the post is on // These are set for cache clearing. $DB->query("DELETE FROM artist_comments WHERE ID='".db_string($_GET['postid'])."'"); //We need to clear all subsequential catalogues as they've all been bumped with the absence of this post $ThisCatalogue = floor((TORRENT_COMMENTS_PER_PAGE*$Page-TORRENT_COMMENTS_PER_PAGE)/THREAD_CATALOGUE); $LastCatalogue = floor((TORRENT_COMMENTS_PER_PAGE*$Pages-TORRENT_COMMENTS_PER_PAGE)/THREAD_CATALOGUE); for($i=$ThisCatalogue;$i<=$LastCatalogue;$i++) { $Cache->delete('artist_comments_'.$ArtistID.'_catalogue_'.$i); } // Delete thread info cache (eg. number of pages) $Cache->delete('artist_comments_'.$ArtistID); break; case 'takeedit_post': authorize(); include(SERVER_ROOT.'/classes/class_text.php'); // Text formatting class $Text = new TEXT; // Quick SQL injection check if(!$_POST['post'] || !is_number($_POST['post'])) { error(0); } // Mainly $DB->query("SELECT ac.Body, ac.AuthorID, ac.ArtistID, ac.AddedTime FROM artist_comments AS ac WHERE ac.ID='".db_string($_POST['post'])."'"); list($OldBody, $AuthorID,$ArtistID,$AddedTime)=$DB->next_record(); $DB->query("SELECT ceil(COUNT(ID) / ".TORRENT_COMMENTS_PER_PAGE.") AS Page FROM artist_comments WHERE ArtistID = $ArtistID AND ID <= $_POST[post]"); list($Page) = $DB->next_record(); if ($LoggedUser['ID']!=$AuthorID && !check_perms('site_moderate_forums')) { error(404); } if ($DB->record_count()==0) { error(404); } // Perform the update $DB->query("UPDATE artist_comments SET Body = '".db_string($_POST['body'])."', EditedUserID = '".db_string($LoggedUser['ID'])."', EditedTime = '".sqltime()."' WHERE ID='".db_string($_POST['post'])."'"); // Update the cache $CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE*$Page-TORRENT_COMMENTS_PER_PAGE)/THREAD_CATALOGUE); $Cache->begin_transaction('artist_comments_'.$ArtistID.'_catalogue_'.$CatalogueID); $Cache->update_row($_POST['key'], array( 'ID'=>$_POST['post'], 'AuthorID'=>$AuthorID, 'AddedTime'=>$AddedTime, 'Body'=>$_POST['body'], 'EditedUserID'=>db_string($LoggedUser['ID']), 'EditedTime'=>sqltime(), 'Username'=>$LoggedUser['Username'] )); $Cache->commit_transaction(0); $DB->query("INSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body) VALUES ('artist', ".db_string($_POST['post']).", ".db_string($LoggedUser['ID']).", '".sqltime()."', '".db_string($OldBody)."')"); // This gets sent to the browser, which echoes it in place of the old body echo $Text->full_format($_POST['body']); break; case 'edit': require(SERVER_ROOT.'/sections/artist/edit.php'); break; case 'delete': require(SERVER_ROOT.'/sections/artist/delete.php'); break; case 'revert': require(SERVER_ROOT.'/sections/artist/takeedit.php'); break; case 'history': require(SERVER_ROOT.'/sections/artist/history.php'); break; case 'vote_similar': require(SERVER_ROOT.'/sections/artist/vote_similar.php'); break; case 'delete_similar': require(SERVER_ROOT.'/sections/artist/delete_similar.php'); break; case 'similar': require(SERVER_ROOT.'/sections/artist/similar.php'); break; case 'similar_bg': require(SERVER_ROOT.'/sections/artist/similar_bg.php'); break; case 'notify': require(SERVER_ROOT.'/sections/artist/notify.php'); break; case 'notifyremove': require(SERVER_ROOT.'/sections/artist/notifyremove.php'); break; case 'delete_alias': require(SERVER_ROOT.'/sections/artist/delete_alias.php'); break; case 'change_artistid': require(SERVER_ROOT.'/sections/artist/change_artistid.php'); break; default: error(0); } } else { if(!empty($_GET['id'])) { include (SERVER_ROOT.'/sections/artist/artist.php'); } elseif (!empty($_GET['artistname'])) { $NameSearch = str_replace('\\', '\\\\', trim($_GET['artistname'])); $DB->query("SELECT ArtistID, Name FROM artists_alias WHERE Name LIKE '".db_string($NameSearch)."'"); if($DB->record_count() == 0) { if(isset($LoggedUser['SearchType']) && $LoggedUser['SearchType']) { header('Location: torrents.php?action=advanced&artistname='.urlencode($_GET['artistname'])); } else { header('Location: torrents.php?searchstr='.urlencode($_GET['artistname'])); } die(); } list($FirstID, $Name) = $DB->next_record(MYSQLI_NUM, false); if($DB->record_count() == 1 || !strcasecmp($Name,$NameSearch)) { header('Location: artist.php?id='.$FirstID); die(); } while(list($ID, $Name) = $DB->next_record(MYSQLI_NUM, false)) { if(!strcasecmp($Name,$NameSearch)) { header('Location: artist.php?id='.$ID); die(); } } header('Location: artist.php?id='.$FirstID); die(); } else { header('Location: torrents.php'); } } ?>