Gazelle/sections/torrents/nonwikiedit.php
2012-10-11 08:00:15 +00:00

69 lines
1.8 KiB
PHP

<?
authorize();
//Set by system
if(!$_POST['groupid'] || !is_number($_POST['groupid'])) {
error(404);
}
$GroupID = $_POST['groupid'];
//Usual perm checks
if(!check_perms('torrents_edit')) {
$DB->query("SELECT UserID FROM torrents WHERE GroupID = ".$GroupID);
if(!in_array($LoggedUser['ID'], $DB->collect('UserID'))) {
error(403);
}
}
if(check_perms('torrents_freeleech') && (isset($_POST['freeleech']) xor isset($_POST['neutralleech']) xor isset($_POST['unfreeleech']))) {
if(isset($_POST['freeleech'])) {
$Free = 1;
} elseif(isset($_POST['neutralleech'])) {
$Free = 2;
} else {
$Free = 0;
}
if(isset($_POST['freeleechtype']) && in_array($_POST['freeleechtype'], array(0,1,2,3))) {
$FreeType = $_POST['freeleechtype'];
} else {
error(404);
}
Torrents::freeleech_groups($GroupID, $Free, $FreeType);
}
//Escape fields
$Year = db_string((int)$_POST['year']);
$RecordLabel = db_string($_POST['record_label']);
$CatalogueNumber = db_string($_POST['catalogue_number']);
// Get some info for the group log
$DB->query("SELECT Year FROM torrents_group WHERE ID = $GroupID");
list($OldYear) = $DB->next_record();
$DB->query("UPDATE torrents_group SET
Year = '$Year',
RecordLabel = '".$RecordLabel."',
CatalogueNumber = '".$CatalogueNumber."'
WHERE ID = ".$GroupID);
if ($OldYear != $Year) {
$DB->query("INSERT INTO group_log (GroupID, UserID, Time, Info)
VALUES ('$GroupID',".$LoggedUser['ID'].",'".sqltime()."','".db_string("Year changed from $OldYear to $Year")."')");
}
$DB->query("SELECT ID FROM torrents WHERE GroupID='$GroupID'");
while(list($TorrentID) = $DB->next_record()) {
$Cache->delete_value('torrent_download_'.$TorrentID);
}
Torrents::update_hash($GroupID);
$Cache->delete_value('torrents_details_'.$GroupID);
header("Location: torrents.php?id=".$GroupID);
?>