Home Explore Help
Register Sign In
NSHkD
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Oppaitime's version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
212 Commits
1 Branch
Tree: 268f9f3627
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '268f9f3627'
${ noResults }
Gazelle/sections/torrents/takegroupedit.php

takegroupedit.php 5.0KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177 
  1. <?

  2. authorize();

  3. 

  4. // Quick SQL injection check

  5. if (!$_REQUEST['groupid'] || !is_number($_REQUEST['groupid'])) {

  6.   error(404);

  7. }

  8. // End injection check

  9. 

  10. if (!check_perms('site_edit_wiki')) {

  11.   error(403);

  12. }

  13. 

  14. // Variables for database input

  15. $UserID = $LoggedUser['ID'];

  16. $GroupID = $_REQUEST['groupid'];

  17. 

  18. if (!empty($_GET['action']) && $_GET['action'] == 'revert') { // if we're reverting to a previous revision

  19.   $RevisionID = $_GET['revisionid'];

  20.   if (!is_number($RevisionID)) {

  21.     error(0);

  22.   }

  23. 

  24.   // to cite from merge: "Everything is legit, let's just confim they're not retarded"

  25.   if (empty($_GET['confirm'])) {

  26.     View::show_header();

  27. ?>

  28.   <div class="center thin">

  29.   <div class="header">

  30.     <h2>Revert Confirm!</h2>

  31.   </div>

  32.   <div class="box pad">

  33.     <form class="confirm_form" name="torrent_group" action="torrents.php" method="get">

  34.       <input type="hidden" name="action" value="revert" />

  35.       <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>" />

  36.       <input type="hidden" name="confirm" value="true" />

  37.       <input type="hidden" name="groupid" value="<?=$GroupID?>" />

  38.       <input type="hidden" name="revisionid" value="<?=$RevisionID?>" />

  39.       <h3>You are attempting to revert to the revision <a href="torrents.php?id=<?=$GroupID?>&amp;revisionid=<?=$RevisionID?>"><?=$RevisionID?></a>.</h3>

  40.       <input type="submit" value="Confirm" />

  41.     </form>

  42.   </div>

  43.   </div>

  44. <?

  45.     View::show_footer();

  46.     die();

  47.   }

  48. } else { // with edit, the variables are passed with POST

  49.   $Body = $_POST['body'];

  50.   $Image = $_POST['image'];

  51. 

  52.   if (($GroupInfo = $Cache->get_value('torrents_details_'.$GroupID)) && !isset($GroupInfo[0][0])) {

  53.     $GroupCategoryID = $GroupInfo[0]['CategoryID'];

  54.   } else {

  55.     $DB->query("

  56.       SELECT CategoryID

  57.       FROM torrents_group

  58.       WHERE ID = '$GroupID'");

  59.     list($GroupCategoryID) = $DB->next_record();

  60.   }

  61. 

  62.   // Trickery

  63.   if (!preg_match("/^".IMAGE_REGEX."$/i", $Image)) {

  64.     $Image = '';

  65.   }

  66.   ImageTools::blacklisted($Image);

  67.   $Summary = db_string($_POST['summary']);

  68. }

  69. 

  70. // Insert revision

  71. if (empty($RevisionID)) { // edit

  72.   $DB->query("

  73.     INSERT INTO wiki_torrents

  74.       (PageID, Body, Image, UserID, Summary, Time)

  75.     VALUES

  76.       ('$GroupID', '".db_string($Body)."', '".db_string($Image)."', '$UserID', '$Summary', '".sqltime()."')");

  77. }

  78. else { // revert

  79.   $DB->query("

  80.     SELECT PageID, Body, Image

  81.     FROM wiki_torrents

  82.     WHERE RevisionID = '$RevisionID'");

  83.   list($PossibleGroupID, $Body, $Image) = $DB->next_record();

  84.   if ($PossibleGroupID != $GroupID) {

  85.     error(404);

  86.   }

  87. 

  88.   $DB->query("

  89.     INSERT INTO wiki_torrents

  90.       (PageID, Body, Image, UserID, Summary, Time)

  91.     SELECT '$GroupID', Body, Image, '$UserID', 'Reverted to revision $RevisionID', '".sqltime()."'

  92.     FROM wiki_artists

  93.     WHERE RevisionID = '$RevisionID'");

  94. }

  95. 

  96. $RevisionID = $DB->inserted_id();

  97. 

  98. $Body = db_string($Body);

  99. $Image = db_string($Image);

  100. 

  101. // Update torrents table (technically, we don't need the RevisionID column, but we can use it for a join which is nice and fast)

  102. $DB->query("

  103.   UPDATE torrents_group

  104.   SET

  105.     RevisionID = '$RevisionID',

  106.     WikiBody = '$Body',

  107.     WikiImage = '$Image'

  108.   WHERE ID='$GroupID'");

  109. 

  110. // There we go, all done!

  111. 

  112. $Cache->delete_value('torrents_details_'.$GroupID);

  113. $Cache->delete_value('torrent_group_'.$GroupID);

  114. $DB->query("

  115.   SELECT CollageID

  116.   FROM collages_torrents

  117.   WHERE GroupID = '$GroupID'");

  118. if ($DB->has_results()) {

  119.   while (list($CollageID) = $DB->next_record()) {

  120.     $Cache->delete_value('collage_'.$CollageID);

  121.   }

  122. }

  123. 

  124. //Fix Recent Uploads/Downloads for image change

  125. $DB->query("

  126.   SELECT DISTINCT UserID

  127.   FROM torrents AS t

  128.     LEFT JOIN torrents_group AS tg ON t.GroupID=tg.ID

  129.   WHERE tg.ID = $GroupID");

  130. 

  131. $UserIDs = $DB->collect('UserID');

  132. foreach ($UserIDs as $UserID) {

  133.   $RecentUploads = $Cache->get_value('recent_uploads_'.$UserID);

  134.   if (is_array($RecentUploads)) {

  135.     foreach ($RecentUploads as $Key => $Recent) {

  136.       if ($Recent['ID'] == $GroupID) {

  137.         if ($Recent['WikiImage'] != $Image) {

  138.           $Recent['WikiImage'] = $Image;

  139.           $Cache->begin_transaction('recent_uploads_'.$UserID);

  140.           $Cache->update_row($Key, $Recent);

  141.           $Cache->commit_transaction(0);

  142.         }

  143.       }

  144.     }

  145.   }

  146. }

  147. 

  148. $DB->query("

  149.   SELECT ID

  150.   FROM torrents

  151.   WHERE GroupID = $GroupID");

  152. if ($DB->has_results()) {

  153.   $TorrentIDs = implode(',', $DB->collect('ID'));

  154.   $DB->query("

  155.     SELECT DISTINCT uid

  156.     FROM xbt_snatched

  157.     WHERE fid IN ($TorrentIDs)");

  158.   $Snatchers = $DB->collect('uid');

  159.   foreach ($Snatchers as $UserID) {

  160.     $RecentSnatches = $Cache->get_value('recent_snatches_'.$UserID);

  161.     if (is_array($RecentSnatches)) {

  162.       foreach ($RecentSnatches as $Key => $Recent) {

  163.         if ($Recent['ID'] == $GroupID) {

  164.           if ($Recent['WikiImage'] != $Image) {

  165.             $Recent['WikiImage'] = $Image;

  166.             $Cache->begin_transaction('recent_snatches_'.$UserID);

  167.             $Cache->update_row($Key, $Recent);

  168.             $Cache->commit_transaction(0);

  169.           }

  170.         }

  171.       }

  172.     }

  173.   }

  174. }

  175. 

  176. header("Location: torrents.php?id=$GroupID");

  177. ?>