Home Explore Help
Register Sign In
NSHkD
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Oppaitime's version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10 Commits
1 Branch
Tree: e30e450151
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e30e450151'
${ noResults }
Gazelle/sections/torrents/takeedit.php

takeedit.php 14KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444 
  1. <?

  2. //******************************************************************************//

  3. //--------------- Take edit ----------------------------------------------------//

  4. // This pages handles the backend of the 'edit torrent' function. It checks		//

  5. // the data, and if it all validates, it edits the values in the database		//

  6. // that correspond to the torrent in question.									//

  7. //******************************************************************************//

  8. 

  9. enforce_login();

  10. authorize();

  11. 

  12. require(SERVER_ROOT.'/classes/validate.class.php');

  13. 

  14. $Validate = new VALIDATE;

  15. 

  16. //******************************************************************************//

  17. //--------------- Set $Properties array ----------------------------------------//

  18. // This is used if the form doesn't validate, and when the time comes to enter	//

  19. // it into the database.														//

  20. //******************************************************************************//

  21. 

  22. $Properties=array();

  23. $TypeID = (int)$_POST['type'];

  24. $Type = $Categories[$TypeID-1];

  25. $TorrentID = (int)$_POST['torrentid'];

  26. $Properties['Remastered'] = (isset($_POST['remaster']))? 1 : 0;

  27. if ($Properties['Remastered']) {

  28. 	$Properties['UnknownRelease'] = (isset($_POST['unknown'])) ? 1 : 0;

  29. }

  30. if (!$Properties['Remastered']) {

  31. 	$Properties['UnknownRelease'] = 0;

  32. }

  33. $Properties['BadTags'] = (isset($_POST['bad_tags']))? 1 : 0;

  34. $Properties['BadFolders'] = (isset($_POST['bad_folders']))? 1 : 0;

  35. $Properties['BadFiles'] = (isset($_POST['bad_files'])) ? 1 : 0;

  36. $Properties['Format'] = $_POST['format'];

  37. $Properties['Media'] = $_POST['media'];

  38. $Properties['Bitrate'] = $_POST['bitrate'];

  39. $Properties['Encoding'] = $_POST['bitrate'];

  40. $Properties['Trumpable'] = (isset($_POST['make_trumpable'])) ? 1 : 0;

  41. $Properties['TorrentDescription'] = $_POST['release_desc'];

  42. $Properties['MediaInfo'] = $_POST['mediainfo'];

  43. $Properties['Name'] = $_POST['title'];

  44. $Properties['Container'] = $_POST['container'];

  45. $Properties['Codec'] = $_POST['codec'];

  46. $Properties['Resolution'] = $_POST['resolution'];

  47. $Properties['AudioFormat'] = $_POST['audioformat'];

  48. $Properties['Subbing'] = $_POST['sub'];

  49. $Properties['Language'] = $_POST['lang'];

  50. $Properties['Subber']= $_POST['subber'];

  51. $Properties['Censored'] = (isset($_POST['censored'])) ? $_POST['censored'] : 0;

  52. $Properties['Archive'] = (isset($_POST['archive']) && $_POST['archive'] != '---') ? $_POST['archive'] : '';

  53. 

  54. if ($_POST['album_desc']) {

  55. 	$Properties['GroupDescription'] = $_POST['album_desc'];

  56. }

  57. if (check_perms('torrents_freeleech')) {

  58. 	$Free = (int)$_POST['freeleech'];

  59. 	if (!in_array($Free, array(0, 1, 2))) {

  60. 		error(404);

  61. 	}

  62. 	$Properties['FreeLeech'] = $Free;

  63. 

  64. 	if ($Free == 0) {

  65. 		$FreeType = 0;

  66. 	} else {

  67. 		$FreeType = (int)$_POST['freeleechtype'];

  68. 		if (!in_array($Free, array(0, 1, 2, 3))) {

  69. 			error(404);

  70. 		}

  71. 	}

  72. 	$Properties['FreeLeechType'] = $FreeType;

  73. }

  74. 

  75. //******************************************************************************//

  76. //--------------- Validate data in edit form -----------------------------------//

  77. 

  78. /*

  79. $DB->query("

  80. 	SELECT UserID, Remastered, RemasterYear, FreeTorrent

  81. 	FROM torrents

  82. 	WHERE ID = $TorrentID");

  83. */

  84. $DB->query("

  85. 	SELECT UserID, FreeTorrent

  86. 	FROM torrents

  87. 	WHERE ID = $TorrentID");

  88. if (!$DB->has_results()) {

  89. 	error(404);

  90. }

  91. // list($UserID, $Remastered, $RemasterYear, $CurFreeLeech) = $DB->next_record(MYSQLI_BOTH, false);

  92. list($UserID, $CurFreeLeech) = $DB->next_record(MYSQLI_BOTH, false);

  93. 

  94. if ($LoggedUser['ID'] != $UserID && !check_perms('torrents_edit')) {

  95. 	error(403);

  96. }

  97. 

  98. /*

  99. if ($Remastered == '1' && !$RemasterYear && !check_perms('edit_unknowns')) {

  100. 	error(403);

  101. }

  102. */

  103. 

  104. if ($Properties['UnknownRelease'] && !($Remastered == '1' && !$RemasterYear) && !check_perms('edit_unknowns')) {

  105. 	//It's Unknown now, and it wasn't before

  106. 	if ($LoggedUser['ID'] != $UserID) {

  107. 		//Hax

  108. 		die();

  109. 	}

  110. }

  111. 

  112. $Validate->SetFields('type', '1', 'number', 'Not a valid type.', array('maxlength' => count($Categories), 'minlength' => 1));

  113. switch ($Type) {

  114. 	case 'Music':

  115. 		if (!empty($Properties['Remastered']) && !$Properties['UnknownRelease']) {

  116. 			$Validate->SetFields('remaster_year', '1', 'number', 'Year of remaster/re-issue must be entered.');

  117. 		} else {

  118. 			$Validate->SetFields('remaster_year', '0','number', 'Invalid remaster year.');

  119. 		}

  120. 

  121. 		if (!empty($Properties['Remastered']) && !$Properties['UnknownRelease'] && $Properties['RemasterYear'] < 1982 && $Properties['Media'] == 'CD') {

  122. 			error('You have selected a year for an album that predates the medium you say it was created on.');

  123. 			header("Location: torrents.php?action=edit&id=$TorrentID");

  124. 			die();

  125. 		}

  126. 

  127. 		$Validate->SetFields('remaster_title', '0', 'string', 'Remaster title must be between 2 and 80 characters.', array('maxlength' => 80, 'minlength' => 2));

  128. 

  129. 		if ($Properties['RemasterTitle'] == 'Original Release') {

  130. 			error('"Original Release" is not a valid remaster title.');

  131. 			header("Location: torrents.php?action=edit&id=$TorrentID");

  132. 			die();

  133. 		}

  134. 

  135. 		$Validate->SetFields('remaster_record_label', '0', 'string', 'Remaster record label must be between 2 and 80 characters.', array('maxlength' => 80, 'minlength' => 2));

  136. 

  137. 		$Validate->SetFields('remaster_catalogue_number', '0', 'string', 'Remaster catalogue number must be between 2 and 80 characters.', array('maxlength' => 80, 'minlength' => 2));

  138. 

  139. 

  140. 		$Validate->SetFields('format', '1', 'inarray', 'Not a valid format.', array('inarray' => $Formats));

  141. 

  142. 		$Validate->SetFields('bitrate', '1', 'inarray', 'You must choose a bitrate.', array('inarray' => $Bitrates));

  143. 

  144. 

  145. 		// Handle 'other' bitrates

  146. 		if ($Properties['Encoding'] == 'Other') {

  147. 			$Validate->SetFields('other_bitrate', '1', 'text', 'You must enter the other bitrate (max length: 9 characters).', array('maxlength' => 9));

  148. 			$enc = trim($_POST['other_bitrate']);

  149. 			if (isset($_POST['vbr'])) {

  150. 				$enc .= ' (VBR)';

  151. 			}

  152. 

  153. 			$Properties['Encoding'] = $enc;

  154. 			$Properties['Bitrate'] = $enc;

  155. 		} else {

  156. 			$Validate->SetFields('bitrate', '1', 'inarray', 'You must choose a bitrate.', array('inarray' => $Bitrates));

  157. 		}

  158. 

  159. 		$Validate->SetFields('media', '1', 'inarray', 'Not a valid media.', array('inarray' => $Media));

  160. 

  161. 		$Validate->SetFields('release_desc', '0', 'string', 'Invalid release description.', array('maxlength' => 1000000, 'minlength' => 0));

  162. 

  163. 		break;

  164. 

  165. 	case 'Audiobooks':

  166. 	case 'Comedy':

  167. 		/*$Validate->SetFields('title', '1', 'string', 'Title must be between 2 and 300 characters.', array('maxlength' => 300, 'minlength' => 2));

  168. 		^ this is commented out because there is no title field on these pages*/

  169. 		$Validate->SetFields('year', '1', 'number', 'The year of the release must be entered.');

  170. 

  171. 		$Validate->SetFields('format', '1', 'inarray', 'Not a valid format.', array('inarray' => $Formats));

  172. 

  173. 		$Validate->SetFields('bitrate', '1', 'inarray', 'You must choose a bitrate.', array('inarray' => $Bitrates));

  174. 

  175. 

  176. 		// Handle 'other' bitrates

  177. 		if ($Properties['Encoding'] == 'Other') {

  178. 			$Validate->SetFields('other_bitrate', '1', 'text', 'You must enter the other bitrate (max length: 9 characters).', array('maxlength' => 9));

  179. 			$enc = trim($_POST['other_bitrate']);

  180. 			if (isset($_POST['vbr'])) {

  181. 				$enc .= ' (VBR)';

  182. 			}

  183. 

  184. 			$Properties['Encoding'] = $enc;

  185. 			$Properties['Bitrate'] = $enc;

  186. 		} else {

  187. 			$Validate->SetFields('bitrate', '1', 'inarray', 'You must choose a bitrate.', array('inarray' => $Bitrates));

  188. 		}

  189. 

  190. 		$Validate->SetFields('release_desc', '0', 'string', 'The release description has a minimum length of 10 characters.', array('maxlength' => 1000000, 'minlength' => 10));

  191. 

  192. 		break;

  193. 

  194. 	case 'Applications':

  195. 	case 'Comics':

  196. 	case 'E-Books':

  197. 	case 'E-Learning Videos':

  198. 		/*$Validate->SetFields('title', '1', 'string', 'Title must be between 2 and 300 characters.', array('maxlength' => 300, 'minlength' => 2));

  199. 			^ this is commented out because there is no title field on these pages*/

  200. 		break;

  201. }

  202. 

  203. $Err = $Validate->ValidateForm($_POST); // Validate the form

  204. 

  205. if ($Properties['Remastered'] && !$Properties['RemasterYear']) {

  206. 	//Unknown Edit!

  207. 	if ($LoggedUser['ID'] == $UserID || check_perms('edit_unknowns')) {

  208. 		//Fine!

  209. 	} else {

  210. 		$Err = "You may not edit someone else's upload to unknown release.";

  211. 	}

  212. }

  213. 

  214. // Strip out Amazon's padding

  215. $AmazonReg = '/(http:\/\/ecx.images-amazon.com\/images\/.+)(\._.*_\.jpg)/i';

  216. $Matches = array();

  217. if (preg_match($RegX, $Properties['Image'], $Matches)) {

  218. 	$Properties['Image'] = $Matches[1].'.jpg';

  219. }

  220. ImageTools::blacklisted($Properties['Image']);

  221. 

  222. if ($Err) { // Show the upload form, with the data the user entered

  223. 	if (check_perms('site_debug')) {

  224. 		die($Err);

  225. 	}

  226. 	error($Err);

  227. }

  228. 

  229. 

  230. //******************************************************************************//

  231. //--------------- Make variables ready for database input ----------------------//

  232. 

  233. // Shorten and escape $Properties for database input

  234. $T = array();

  235. foreach ($Properties as $Key => $Value) {

  236. 	$T[$Key] = "'".db_string(trim($Value))."'";

  237. 	if (!$T[$Key]) {

  238. 		$T[$Key] = null;

  239. 	}

  240. }

  241. 

  242. 

  243. //******************************************************************************//

  244. //--------------- Start database stuff -----------------------------------------//

  245. 

  246. $DBTorVals = array();

  247. /*

  248. $DB->query("

  249. 	SELECT Media, Format, Encoding, RemasterYear, Remastered, RemasterTItle, RemasterRecordLabel, RemasterCatalogueNumber, Scene, Description

  250. 	FROM torrents

  251. 	WHERE ID = $TorrentID");

  252. 	*/

  253. $DB->query("

  254. 	SELECT Media, Container, Codec, Resolution, AudioFormat, Subbing, Language, Description, MediaInfo,  Censored, Archive, Subber

  255. 	FROM torrents

  256. 	WHERE ID = $TorrentID");

  257. $DBTorVals = $DB->to_array(false, MYSQLI_ASSOC);

  258. $DBTorVals = $DBTorVals[0];

  259. $LogDetails = '';

  260. foreach ($DBTorVals as $Key => $Value) {

  261. 	$Value = "'$Value'";

  262. 	if ($Value != $T[$Key]) {

  263. 		if (!isset($T[$Key])) {

  264. 			continue;

  265. 		}

  266. 		if ((empty($Value) && empty($T[$Key])) || ($Value == "'0'" && $T[$Key] == "''")) {

  267. 			continue;

  268. 		}

  269. 		if ($LogDetails == '') {

  270. 			$LogDetails = "$Key: $Value -> ".$T[$Key];

  271. 		} else {

  272. 			$LogDetails = "$LogDetails, $Key: $Value -> ".$T[$Key];

  273. 		}

  274. 	}

  275. }

  276. $T['Censored'] = $Properties['Censored'];

  277. 

  278. // Update info for the torrent

  279. /*

  280. $SQL = "

  281. 	UPDATE torrents

  282. 	SET

  283. 		Media = $T[Media],

  284. 		Format = $T[Format],

  285. 		Encoding = $T[Encoding],

  286. 		RemasterYear = $T[RemasterYear],

  287. 		Remastered = $T[Remastered],

  288. 		RemasterTitle = $T[RemasterTitle],

  289. 		RemasterRecordLabel = $T[RemasterRecordLabel],

  290. 		RemasterCatalogueNumber = $T[RemasterCatalogueNumber],

  291. 		Scene = $T[Scene],";

  292. */

  293. 

  294. $SQL = "

  295. 	UPDATE torrents

  296. 	SET

  297. 		Media = $T[Media],

  298. 		Container = $T[Container],

  299. 		Codec = $T[Codec],

  300. 		Resolution = $T[Resolution],

  301. 		AudioFormat = $T[AudioFormat],

  302. 		Subbing = $T[Subbing],

  303. 		Language = $T[Language],

  304. 		Subber = $T[Subber],

  305. 		Archive = $T[Archive],

  306. 		MediaInfo = $T[MediaInfo],

  307. 		Censored = $T[Censored],";

  308. 

  309. if (check_perms('torrents_freeleech')) {

  310. 	$SQL .= "FreeTorrent = $T[FreeLeech],";

  311. 	$SQL .= "FreeLeechType = $T[FreeLeechType],";

  312. }

  313. 

  314. if (check_perms('users_mod')) {

  315. /*	if ($T[Format] != "'FLAC'") {

  316. 		$SQL .= "

  317. 			HasLog = '0',

  318. 			HasCue = '0',";

  319. 	} else {

  320. 		$SQL .= "

  321. 			HasLog = $T[HasLog],

  322. 			HasCue = $T[HasCue],";

  323. 	}

  324. */

  325. 	$DB->query("

  326. 		SELECT TorrentID

  327. 		FROM torrents_bad_tags

  328. 		WHERE TorrentID = '$TorrentID'");

  329. 	list($btID) = $DB->next_record();

  330. 

  331. 	if (!$btID && $Properties['BadTags']) {

  332. 		$DB->query("

  333. 			INSERT INTO torrents_bad_tags

  334. 			VALUES ($TorrentID, $LoggedUser[ID], '".sqltime()."')");

  335. 	}

  336. 	if ($btID && !$Properties['BadTags']) {

  337. 		$DB->query("

  338. 			DELETE FROM torrents_bad_tags

  339. 			WHERE TorrentID = '$TorrentID'");

  340. 	}

  341. 

  342. 	$DB->query("

  343. 		SELECT TorrentID

  344. 		FROM torrents_bad_folders

  345. 		WHERE TorrentID = '$TorrentID'");

  346. 	list($bfID) = $DB->next_record();

  347. 

  348. 	if (!$bfID && $Properties['BadFolders']) {

  349. 		$DB->query("

  350. 			INSERT INTO torrents_bad_folders

  351. 			VALUES ($TorrentID, $LoggedUser[ID], '".sqltime()."')");

  352. 	}

  353. 	if ($bfID && !$Properties['BadFolders']) {

  354. 		$DB->query("

  355. 			DELETE FROM torrents_bad_folders

  356. 			WHERE TorrentID = '$TorrentID'");

  357. 	}

  358. 

  359. 	$DB->query("

  360. 		SELECT TorrentID

  361. 		FROM torrents_bad_files

  362. 		WHERE TorrentID = '$TorrentID'");

  363. 	list($bfiID) = $DB->next_record();

  364. 

  365. 	if (!$bfiID && $Properties['BadFiles']) {

  366. 		$DB->query("

  367. 			INSERT INTO torrents_bad_files

  368. 			VALUES ($TorrentID, $LoggedUser[ID], '".sqltime()."')");

  369. 	}

  370. 	if ($bfiID && !$Properties['BadFiles']) {

  371. 		$DB->query("

  372. 			DELETE FROM torrents_bad_files

  373. 			WHERE TorrentID = '$TorrentID'");

  374. 	}

  375. 

  376. 	$DB->query("

  377. 		SELECT TorrentID

  378. 		FROM library_contest

  379. 		WHERE TorrentID = '$TorrentID'");

  380. 	list($lbID) = $DB->next_record();

  381. 	if (!$lbID && $Properties['LibraryUpload'] && $Properties['LibraryPoints'] > 0) {

  382. 		$DB->query("

  383. 			SELECT UserID

  384. 			FROM torrents

  385. 			WHERE ID = $TorrentID");

  386. 		list($UploaderID) = $DB->next_record();

  387. 		$DB->query("

  388. 			INSERT INTO library_contest

  389. 			VALUES ($UploaderID, $TorrentID, $Properties[LibraryPoints])");

  390. 	}

  391. 	if ($lbID && !$Properties['LibraryUpload']) {

  392. 		$DB->query("

  393. 			DELETE FROM library_contest

  394. 			WHERE TorrentID = '$TorrentID'");

  395. 	}

  396. }

  397. 

  398. $SQL .= "

  399. 		Description = $T[TorrentDescription]

  400. 	WHERE ID = $TorrentID";

  401. $DB->query($SQL);

  402. 

  403. if (check_perms('torrents_freeleech') && $Properties['FreeLeech'] != $CurFreeLeech) {

  404. 	Torrents::freeleech_torrents($TorrentID, $Properties['FreeLeech'], $Properties['FreeLeechType']);

  405. }

  406. 

  407. $DB->query("

  408. 	SELECT GroupID, Time

  409. 	FROM torrents

  410. 	WHERE ID = '$TorrentID'");

  411. list($GroupID, $Time) = $DB->next_record();

  412. 

  413. // Competition

  414. if (strtotime($Time) > 1241352173) {

  415. 	if ($_POST['log_score'] == '100') {

  416. 		$DB->query("

  417. 			INSERT IGNORE into users_points (GroupID, UserID, Points)

  418. 			VALUES ('$GroupID', '$UserID', '1')");

  419. 	}

  420. }

  421. // End competiton

  422. 

  423. $DB->query("

  424. 	SELECT Enabled

  425. 	FROM users_main

  426. 	WHERE ID = $UserID");

  427. list($Enabled) = $DB->next_record();

  428. 

  429. $DB->query("

  430. 	SELECT Name

  431. 	FROM torrents_group

  432. 	WHERE ID = $GroupID");

  433. list($Name) = $DB->next_record(MYSQLI_NUM, false);

  434. 

  435. Misc::write_log("Torrent $TorrentID ($Name) in group $GroupID was edited by ".$LoggedUser['Username']." ($LogDetails)"); // TODO: this is probably broken

  436. Torrents::write_group_log($GroupID, $TorrentID, $LoggedUser['ID'], $LogDetails, 0);

  437. $Cache->delete_value("torrents_details_$GroupID");

  438. $Cache->delete_value("torrent_download_$TorrentID");

  439. 

  440. Torrents::update_hash($GroupID);

  441. // All done!

  442. 

  443. header("Location: torrents.php?id=$GroupID");

  444. ?>