Home Explore Help
Register Sign In
Medu
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Clean up code for modifying screenshots

spaghetti 7 years ago
parent
c9b6bcf0be
commit
a00164cb21
1 changed files with 25 additions and 26 deletions
Unified View Show Diff Stats
  1. 25
    26
      sections/torrents/screenshotedit.php

+ 25
- 26
sections/torrents/screenshotedit.php View File

11 
   $DB->query("
 11 
   $DB->query("
12 
     SELECT UserID
 12 
     SELECT UserID
13 
     FROM torrents
 13 
     FROM torrents
14 
-    WHERE GroupID = $GroupID");
14 
+    WHERE GroupID = ?", $GroupID);
15 
   if (!in_array($LoggedUser['ID'], $DB->collect('UserID'))) {
 15 
   if (!in_array($LoggedUser['ID'], $DB->collect('UserID'))) {
16 
     error(403);
 16 
     error(403);
17 
   }
 17 
   }
18 
 }
 18 
 }
19
19
20 
-$Screenshots = isset($_POST['screenshots']) ? $_POST['screenshots'] : [];
20 
+$Screenshots = $_POST['screenshots'] ?? [];
21 
+$Screenshots = array_map("trim", $Screenshots);
22 
+$Screenshots = array_filter($Screenshots, function($s) {
23 
+  return preg_match('/^'.IMAGE_REGEX.'$/i', $s);
24 
+});
25 
+$Screenshots = array_unique($Screenshots);
21
26
22 
 if (count($Screenshots) > 10) {
 27 
 if (count($Screenshots) > 10) {
23 
-  error(0);
24 
-}
25 
-
26 
-$ScreenshotsEscaped = [];
27 
-
28 
-foreach ($Screenshots as $i => $Screenshot) {
29 
-  if (!preg_match('/^'.IMAGE_REGEX.'$/i', trim($Screenshot)))
30 
-    error(0);
31 
-  $Screenshots[$i] = db_string(trim($Screenshot));
28 
+  error("You cannot add more than 10 screenshots to a group");
32 
 }
 29 
 }
33
30
34 
 $DB->query("
 31 
 $DB->query("
35 
   SELECT UserID, Image
 32 
   SELECT UserID, Image
36 
   FROM torrents_screenshots
 33 
   FROM torrents_screenshots
37 
-  WHERE GroupID = $GroupID");
34 
+  WHERE GroupID = ?", $GroupID);
38
35
39 
 // $Old is an array of the form URL => UserID where UserID is the ID of the User who originally uploaded that image.
 36 
 // $Old is an array of the form URL => UserID where UserID is the ID of the User who originally uploaded that image.
40 
 $Old = [];
 37 
 $Old = [];
53
50
54 
 // Deletion
 51 
 // Deletion
55 
 if (!empty($Deleted)) {
 52 
 if (!empty($Deleted)) {
56 
-  $sql = "DELETE FROM torrents_screenshots WHERE Image IN ('";
57 
-
58 
   if (check_perms('screenshots_delete') || check_perms('torrents_edit')) {
 53 
   if (check_perms('screenshots_delete') || check_perms('torrents_edit')) {
59 
     $DeleteList = $Deleted;
 54 
     $DeleteList = $Deleted;
60 
   } else {
 55 
   } else {
70 
   }
 65 
   }
71
66
72 
   if (!empty($DeleteList)) {
 67 
   if (!empty($DeleteList)) {
73 
-    $sql .= implode("', '", $DeleteList) . "')";
74 
-    $DB->query($sql);
75 
-  }
68 
+    $ScreenDel = '';
69 
+    $DB->prepare_query("DELETE FROM torrents_screenshots WHERE Image = ?", $ScreenDel);
70 
+    foreach ($DeleteList as $ScreenDel) {
71 
+      $DB->exec_prepared_query();
72 
+    }
76
73
74 
+    Torrents::write_group_log($GroupID, 0, $LoggedUser['ID'], "Deleted screenshot(s) ".implode(' , ', $DeleteList), 0);
75 
+    Misc::write_log("Screenshots ( ".implode(' , ', $DeleteList)." ) deleted from Torrent Group ".$GroupID." by ".$LoggedUser['Username']);
76 
+  }
77 
 }
 77 
 }
78
78
79 
 // New screenshots
 79 
 // New screenshots
80 
-foreach ($New as $Screenshot) {
81 
-  $DB->query("
80 
+if (!empty($New)) {
81 
+  $Screenshot = '';
82 
+  $DB->prepare_query("
82 
     INSERT INTO torrents_screenshots
 83 
     INSERT INTO torrents_screenshots
83 
       (GroupID, UserID, Time, Image)
 84 
       (GroupID, UserID, Time, Image)
84 
     VALUES
 85 
     VALUES
85 
-      ($GroupID, $LoggedUser[ID], NOW(), '$Screenshot')");
86 
-}
86 
+      (?, ?, NOW(), ?)",
87 
+    $GroupID, $LoggedUser['ID'], $Screenshot);
88 
+  foreach ($New as $Screenshot) {
89 
+    $DB->exec_prepared_query();
90 
+  }
87
91
88 
-if (!empty($New)) {
89 
   Torrents::write_group_log($GroupID, 0, $LoggedUser['ID'], "Added screenshot(s) ".implode(' , ', $New), 0);
 92 
   Torrents::write_group_log($GroupID, 0, $LoggedUser['ID'], "Added screenshot(s) ".implode(' , ', $New), 0);
90 
   Misc::write_log("Screenshots ( ".implode(' , ', $New)." ) added to Torrent Group ".$GroupID." by ".$LoggedUser['Username']);
 93 
   Misc::write_log("Screenshots ( ".implode(' , ', $New)." ) added to Torrent Group ".$GroupID." by ".$LoggedUser['Username']);
91 
 }
 94 
 }
92 
-if (!empty($DeleteList)) {
93 
-  Torrents::write_group_log($GroupID, 0, $LoggedUser['ID'], "Deleted screenshot(s) ".implode(' , ', $DeleteList), 0);
94 
-  Misc::write_log("Screenshots ( ".implode(' , ', $DeleteList)." ) deleted from Torrent Group ".$GroupID." by ".$LoggedUser['Username']);
95 
-}
96
95
97 
 $Cache->delete_value("torrents_details_".$GroupID);
 96 
 $Cache->delete_value("torrents_details_".$GroupID);
98 
 header("Location: torrents.php?id=$GroupID");
 97 
 header("Location: torrents.php?id=$GroupID");

Write Preview
Loading…
Cancel
Save