Gazelle/sections/requests/take_new_edit.php

<?

//******************************************************************************//
//----------------- Take request -----------------------------------------------//
authorize();


if ($_POST['action'] !== 'takenew' && $_POST['action'] !== 'takeedit') {
  error(0);
}

$NewRequest = ($_POST['action'] === 'takenew');

if (!$NewRequest) {
  $ReturnEdit = true;
}

if ($NewRequest) {
  if (!check_perms('site_submit_requests') || $LoggedUser['BytesUploaded'] < 250 * 1024 * 1024) {
    error(403);
  }
} else {
  $RequestID = $_POST['requestid'];
  if (!is_number($RequestID)) {
    error(0);
  }

  $Request = Requests::get_request($RequestID);
  if ($Request === false) {
    error(404);
  }
  $VoteArray = Requests::get_votes_array($RequestID);
  $VoteCount = count($VoteArray['Voters']);
  $IsFilled = !empty($Request['TorrentID']);
  $CategoryName = $Categories[$Request['CategoryID'] - 1];
  $ProjectCanEdit = (check_perms('project_team') && !$IsFilled && ($Request['CategoryID'] === '0' || ($CategoryName === 'Music' && $Year === '0')));
  $CanEdit = ((!$IsFilled && $LoggedUser['ID'] === $Request['UserID'] && $VoteCount < 2) || $ProjectCanEdit || check_perms('site_moderate_requests'));

  if (!$CanEdit) {
    error(403);
  }
}

// Validate
if (empty($_POST['type'])) {
  error(0);
}

$CategoryName = $_POST['type'];
$CategoryID = (array_search($CategoryName, $Categories) + 1);

if (empty($CategoryID)) {
  error(0);
}

if (empty($_POST['title']) && empty($_POST['title_rj']) && empty($_POST['title_jp'])) {
  $Err = 'You must enter at least one title!';
}

if (!empty($_POST['title'])) {
  $Title = trim($_POST['title']);
}

if (!empty($_POST['title_rj'])) {
  $TitleRJ = trim($_POST['title_rj']);
}

if (!empty($_POST['title_jp'])) {
  $TitleJP = trim($_POST['title_jp']);
}

if (empty($_POST['tags'])) {
  $Err = 'You forgot to enter any tags!';
} else {
  $Tags = trim($_POST['tags']);
}

if ($NewRequest) {
  if (empty($_POST['amount'])) {
    $Err = 'You forgot to enter any bounty!';
  } else {
    $Bounty = trim($_POST['amount']);
    if (!is_number($Bounty)) {
      $Err = 'Your entered bounty is not a number';
    } elseif ($Bounty < 100 * 1024 * 1024) {
      $Err = 'Minimum bounty is 100 MB.';
    }
    $Bytes = $Bounty; //From MB to B
  }
}

if (empty($_POST['image'])) {
  $Image = '';
} else {
  ImageTools::blacklisted($_POST['image']);
  if (preg_match('/'.IMAGE_REGEX.'/', trim($_POST['image'])) > 0) {
      $Image = trim($_POST['image']);
  } else {
    $Err = display_str($_POST['image']).' does not appear to be a valid link to an image.';
  }
}

if (empty($_POST['description'])) {
  $Err = 'You forgot to enter a description.';
} else {
  $Description = trim($_POST['description']);
}

if (empty($_POST['artists']) && $CategoryName != 'Other') {
  $Err = 'You did not enter any artists.';
} else {
  $Artists = $_POST['artists'];
}

//Not required
if (!empty($_POST['cataloguenumber']) && $CategoryName == 'Movies') {
  $CatalogueNumber = trim($_POST['cataloguenumber']);
} else {
  $CatalogueNumber = '';
}
if (!empty($_POST['dlsiteid']) && $CategoryName == 'Games') {
  $DLSiteID = trim($_POST['dlsiteid']);
} else {
  $DLSiteID = '';
}

// GroupID
if (!empty($_POST['groupid'])) {
  $GroupID = $_POST['groupid'];
  if (is_number($GroupID)) {
    $DB->query("
      SELECT CategoryID
      FROM torrents_group
      WHERE ID = '$GroupID'");
    if (!$DB->has_results()) {
      $Err = 'The torrent group, if entered, must correspond to a torrent group on the site.';
    } else {
      if ($CategoryID != $DB->to_array()[0]['CategoryID']) {
        $Err = 'The category of the specified torrent group does not match the category of your request.';
      }
    }
  } else {
    $Err = 'The torrent group, if entered, must correspond to a torrent group on the site.';
  }
} elseif (isset($_POST['groupid']) && $_POST['groupid'] === '0') {
  $GroupID = 0;
}

//For refilling on error
$ArtistNames = [];
$ArtistForm = [];
for ($i = 0; $i < count($Artists); $i++) {
  if (trim($Artists[$i]) !== '') {
    if (!in_array($Artists[$i], $ArtistNames)) {
      $ArtistForm[] = array('name' => trim($Artists[$i]));
      $ArtistNames[] = trim($Artists[$i]);
    }
  }
}
if (!isset($ArtistNames[0])) {
  unset($ArtistForm);
}

if (!empty($Err)) {
  error($Err);
  $Div = $_POST['unit'] === 'mb' ? 1024 * 1024 : 1024 * 1024 * 1024;
  $Bounty /= $Div;
  include(SERVER_ROOT.'/sections/requests/new_edit.php');
  die();
}

//Databasify the input
/*if ($CategoryName === 'Music') {
  if (empty($AllBitrates)) {
    foreach ($BitrateArray as $Index => $MasterIndex) {
      if (array_key_exists($Index, $Bitrates)) {
        $BitrateArray[$Index] = $Bitrates[$MasterIndex];
      } else {
        //Hax
        error(0);
      }
    }
    $BitrateList = implode('|', $BitrateArray);
  } else {
    $BitrateList = 'Any';
  }

  if (empty($AllFormats)) {
    foreach ($FormatArray as $Index => $MasterIndex) {
      if (array_key_exists($Index, $Formats)) {
        $FormatArray[$Index] = $Formats[$MasterIndex];
      } else {
        //Hax
        error(0);
      }
    }
    $FormatList = implode('|', $FormatArray);
  } else {
    $FormatList = 'Any';
  }

  if (empty($AllMedia)) {
    foreach ($MediaArray as $Index => $MasterIndex) {
      if (array_key_exists($Index, $Media)) {
        $MediaArray[$Index] = $Media[$MasterIndex];
      } else {
        //Hax
        error(0);
      }
    }
    $MediaList = implode('|', $MediaArray);
  } else {
    $MediaList = 'Any';
  }

  $LogCue = '';
  if ($NeedLog) {
    $LogCue .= 'Log';
    if ($MinLogScore > 0) {
      if ($MinLogScore >= 100) {
        $LogCue .= ' (100%)';
      } else {
        $LogCue .= ' (>= '.$MinLogScore.'%)';
      }
    }
  }
  if ($NeedCue) {
    if ($LogCue !== '') {
      $LogCue .= ' + Cue';
    } else {
      $LogCue = 'Cue';
    }
  }
}*/

if (!isset($GroupID)) $GroupID = '';

//Query time!
if ($NewRequest) {
  $DB->query('
    INSERT INTO requests (
      UserID, TimeAdded, LastVote, CategoryID, Title, TitleRJ, TitleJP, Image, Description,
      CatalogueNumber, DLSiteID, Visible, GroupID)
    VALUES
      ('.$LoggedUser['ID'].", NOW(), NOW(), $CategoryID, '".db_string($Title)."', '".db_string($TitleRJ)."', '".db_string($TitleJP)."', '".db_string($Image)."', '".db_string($Description)."',
          '".db_string($CatalogueNumber)."', '".db_string($DLSiteID)."', '1', '$GroupID')");

  $RequestID = $DB->inserted_id();

} else {
  $DB->query("
    UPDATE requests
    SET CategoryID = $CategoryID,
      Title = '".db_string($Title)."',
      TitleRJ = '".db_string($TitleRJ??"")."',
      TitleJP = '".db_string($TitleJP??"")."',
      Image = '".db_string($Image)."',
      Description = '".db_string($Description)."',
      CatalogueNumber = '".db_string($CatalogueNumber)."',
      DLSiteID = '".db_string($DLSiteID)."'
    WHERE ID = $RequestID");

  // We need to be able to delete artists / tags
  $DB->query("
    SELECT ArtistID
    FROM requests_artists
    WHERE RequestID = $RequestID");
  $RequestArtists = $DB->to_array();
  foreach ($RequestArtists as $RequestArtist) {
    $Cache->delete_value("artists_requests_".$RequestArtist['ArtistID']);
  }
  $DB->query("
    DELETE FROM requests_artists
    WHERE RequestID = $RequestID");
  $Cache->delete_value("request_artists_$RequestID");
}

if ($GroupID) {
  $Cache->delete_value("requests_group_$GroupID");
}

/*
 * Multiple Artists!
 * For the multiple artists system, we have 3 steps:
 * 1. See if each artist given already exists and if it does, grab the ID.
 * 2. For each artist that didn't exist, create an artist.
 * 3. Create a row in the requests_artists table for each artist, based on the ID.
 */
if (isset($ArtistForm)) {
  foreach ($ArtistForm as $Num => $Artist) {
    //1. See if each artist given already exists and if it does, grab the ID.
    $DB->query("
      SELECT
        ArtistID,
        Name
      FROM artists_group
      WHERE Name = '".db_string($Artist['name'])."'");

    list($ArtistID, $ArtistName) = $DB->next_record(MYSQLI_NUM, false);
    $ArtistForm[$Num] = array('name' => $ArtistName, 'id' => $ArtistID);

    if (!$ArtistID) {
      //2. For each artist that didn't exist, create an artist.
      $DB->query("
        INSERT INTO artists_group (Name)
        VALUES ('".db_string($Artist['name'])."')");
      $ArtistID = $DB->inserted_id();

      $Cache->increment('stats_artist_count');

      $ArtistForm[$Num] = array('id' => $ArtistID, 'name' => $Artist['name']);
    }
  }


  //3. Create a row in the requests_artists table for each artist, based on the ID.
  foreach ($ArtistForm as $Num => $Artist) {
    $DB->query("
      INSERT IGNORE INTO requests_artists
        (RequestID, ArtistID)
      VALUES
        ($RequestID, ".$Artist['id'].")");
    $Cache->delete_value('artists_requests_'.$Artist['id']);
  }
  //End Music only

} else {
  //Not a music request anymore, delete music only fields.
  if (!$NewRequest) {
    $DB->query("
      SELECT ArtistID
      FROM requests_artists
      WHERE RequestID = $RequestID");
    $OldArtists = $DB->collect('ArtistID');
    foreach ($OldArtists as $ArtistID) {
      if (empty($ArtistID)) {
        continue;
      }
      //Get a count of how many groups or requests use the artist ID
      $DB->query("
        SELECT COUNT(ag.ArtistID)
        FROM artists_group AS ag
          LEFT JOIN requests_artists AS ra ON ag.ArtistID = ra.ArtistID
        WHERE ra.ArtistID IS NOT NULL
          AND ag.ArtistID = '$ArtistID'");
      list($ReqCount) = $DB->next_record();
      $DB->query("
        SELECT COUNT(ag.ArtistID)
        FROM artists_group AS ag
          LEFT JOIN torrents_artists AS ta ON ag.ArtistID = ta.ArtistID
        WHERE ta.ArtistID IS NOT NULL
          AND ag.ArtistID = '$ArtistID'");
      list($GroupCount) = $DB->next_record();
      if (($ReqCount + $GroupCount) == 0) {
        //The only group to use this artist
        Artists::delete_artist($ArtistID);
      } else {
        //Not the only group, still need to clear cache
        $Cache->delete_value("artists_requests_$ArtistID");
      }
    }
    $DB->query("
      DELETE FROM requests_artists
      WHERE RequestID = $RequestID");
    $Cache->delete_value("request_artists_$RequestID");
  }
}

//Tags
if (!$NewRequest) {
  $DB->query("
    DELETE FROM requests_tags
    WHERE RequestID = $RequestID");
}

$Tags = array_unique(explode(',', $Tags));
foreach ($Tags as $Index => $Tag) {
  $Tag = Misc::sanitize_tag($Tag);
  $Tag = Misc::get_alias_tag($Tag);
  $Tags[$Index] = $Tag; //For announce
  $DB->query("
    INSERT INTO tags
      (Name, UserID)
    VALUES
      ('$Tag', ".$LoggedUser['ID'].")
    ON DUPLICATE KEY UPDATE
      Uses = Uses + 1");

  $TagID = $DB->inserted_id();

  $DB->query("
    INSERT IGNORE INTO requests_tags
      (TagID, RequestID)
    VALUES
      ($TagID, $RequestID)");
}

if ($NewRequest) {
  //Remove the bounty and create the vote
  $DB->query("
    INSERT INTO requests_votes
      (RequestID, UserID, Bounty)
    VALUES
      ($RequestID, ".$LoggedUser['ID'].', '.($Bytes * (1 - $RequestTax)).')');

  $DB->query("
    UPDATE users_main
    SET Uploaded = (Uploaded - $Bytes)
    WHERE ID = ".$LoggedUser['ID']);
  $Cache->delete_value('user_stats_'.$LoggedUser['ID']);

  $AnnounceTitle = empty($Title) ? (empty($TitleRJ) ? $TitleJP : $TitleRJ) : $Title;

  $Announce = "\"$AnnounceTitle\"".(isset($ArtistForm)?(' - '.Artists::display_artists($ArtistForm, false, false)):'').' '.site_url()."requests.php?action=view&id=$RequestID - ".implode(' ', $Tags);
  send_irc('PRIVMSG '.BOT_REQUEST_CHAN.' '.$Announce);

} else {
  $Cache->delete_value("request_$RequestID");
  $Cache->delete_value("request_artists_$RequestID");
}

Requests::update_sphinx_requests($RequestID);

header("Location: requests.php?action=view&id=$RequestID");
?>