BioTorrents.de’s version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

takegroupedit.php 5.3KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185
  1. <?php
  2. #declare(strict_types = 1);
  3. /**
  4. * Input validation
  5. */
  6. # User permissions
  7. authorize();
  8. if (!check_perms('site_edit_wiki')) {
  9. error(403);
  10. }
  11. # Variables for database input
  12. $UserID = (int) $LoggedUser['ID'];
  13. $GroupID = (int) $_REQUEST['groupid'];
  14. Security::checkInt([$UserID, $GroupID]);
  15. # If we're reverting to a previous revision
  16. if (!empty($_GET['action']) && $_GET['action'] === 'revert') {
  17. $RevisionID = (int) $_GET['revisionid'];
  18. Security::checkInt($RevisionID);
  19. # To cite from merge: "Everything is legit, let's just confim they're not retarded"
  20. if (empty($_GET['confirm'])) {
  21. View::show_header();
  22. } ?>
  23. <!-- Start HTML -->
  24. <div class="center">
  25. <div class="header">
  26. <h2>Revert Confirm!</h2>
  27. </div>
  28. <div class="box pad">
  29. <form class="confirm_form" name="torrent_group" action="torrents.php" method="get">
  30. <input type="hidden" name="action" value="revert" />
  31. <input type="hidden" name="auth"
  32. value="<?=$LoggedUser['AuthKey']?>" />
  33. <input type="hidden" name="confirm" value="true" />
  34. <input type="hidden" name="groupid" value="<?=$GroupID?>" />
  35. <input type="hidden" name="revisionid"
  36. value="<?=$RevisionID?>" />
  37. <h3>You are attempting to revert to the revision <a
  38. href="torrents.php?id=<?=$GroupID?>&amp;revisionid=<?=$RevisionID?>"><?=$RevisionID?></a>.</h3>
  39. <input type="submit" value="Confirm" />
  40. </form>
  41. </div>
  42. </div>
  43. <?php
  44. View::show_footer();
  45. error();
  46. }
  47. } else { // with edit, the variables are passed with POST
  48. $Body = $_POST['body'];
  49. $Image = $_POST['image'];
  50. if (($GroupInfo = $Cache->get_value('torrents_details_'.$GroupID)) && !isset($GroupInfo[0][0])) {
  51. $GroupCategoryID = $GroupInfo[0]['CategoryID'];
  52. } else {
  53. $DB->query("
  54. SELECT CategoryID
  55. FROM torrents_group
  56. WHERE ID = '$GroupID'");
  57. list($GroupCategoryID) = $DB->next_record();
  58. }
  59. // Trickery
  60. if (!preg_match("/^".IMAGE_REGEX."$/i", $Image)) {
  61. $Image = '';
  62. }
  63. ImageTools::blacklisted($Image);
  64. $Summary = db_string($_POST['summary']);
  65. }
  66. // Insert revision
  67. if (empty($RevisionID)) { // edit
  68. $DB->query("
  69. INSERT INTO wiki_torrents
  70. (PageID, Body, Image, UserID, Summary, Time)
  71. VALUES
  72. ('$GroupID', '".db_string($Body)."', '".db_string($Image)."', '$UserID', '$Summary', NOW())");
  73. } else { // revert
  74. $DB->query("
  75. SELECT PageID, Body, Image
  76. FROM wiki_torrents
  77. WHERE RevisionID = '$RevisionID'");
  78. list($PossibleGroupID, $Body, $Image) = $DB->next_record();
  79. if ($PossibleGroupID != $GroupID) {
  80. error(404);
  81. }
  82. $DB->query("
  83. INSERT INTO wiki_torrents
  84. (PageID, Body, Image, UserID, Summary, Time)
  85. SELECT '$GroupID', Body, Image, '$UserID', 'Reverted to revision $RevisionID', NOW()
  86. FROM wiki_artists
  87. WHERE RevisionID = '$RevisionID'");
  88. }
  89. $RevisionID = $DB->inserted_id();
  90. $Body = db_string($Body);
  91. $Image = db_string($Image);
  92. // Update torrents table (technically, we don't need the RevisionID column, but we can use it for a join which is nice and fast)
  93. $DB->query("
  94. UPDATE
  95. `torrents_group`
  96. SET
  97. `revision_id` = '$RevisionID',
  98. `description` = '$Body',
  99. `picture` = '$Image'
  100. WHERE
  101. `id` = '$GroupID'
  102. ");
  103. // There we go, all done!
  104. $Cache->delete_value('torrents_details_'.$GroupID);
  105. $Cache->delete_value('torrent_group_'.$GroupID);
  106. $DB->query("
  107. SELECT CollageID
  108. FROM collages_torrents
  109. WHERE GroupID = '$GroupID'");
  110. if ($DB->has_results()) {
  111. while (list($CollageID) = $DB->next_record()) {
  112. $Cache->delete_value('collage_'.$CollageID);
  113. }
  114. }
  115. //Fix Recent Uploads/Downloads for image change
  116. $DB->query("
  117. SELECT DISTINCT UserID
  118. FROM torrents AS t
  119. LEFT JOIN torrents_group AS tg ON t.GroupID=tg.ID
  120. WHERE tg.ID = $GroupID");
  121. $UserIDs = $DB->collect('UserID');
  122. foreach ($UserIDs as $UserID) {
  123. $RecentUploads = $Cache->get_value('recent_uploads_'.$UserID);
  124. if (is_array($RecentUploads)) {
  125. foreach ($RecentUploads as $Key => $Recent) {
  126. if ($Recent['ID'] == $GroupID) {
  127. if ($Recent['WikiImage'] != $Image) {
  128. $Recent['WikiImage'] = $Image;
  129. $Cache->begin_transaction('recent_uploads_'.$UserID);
  130. $Cache->update_row($Key, $Recent);
  131. $Cache->commit_transaction(0);
  132. }
  133. }
  134. }
  135. }
  136. }
  137. $DB->query("
  138. SELECT ID
  139. FROM torrents
  140. WHERE GroupID = $GroupID");
  141. if ($DB->has_results()) {
  142. $TorrentIDs = implode(',', $DB->collect('ID'));
  143. $DB->query("
  144. SELECT DISTINCT uid
  145. FROM xbt_snatched
  146. WHERE fid IN ($TorrentIDs)");
  147. $Snatchers = $DB->collect('uid');
  148. foreach ($Snatchers as $UserID) {
  149. $RecentSnatches = $Cache->get_value('recent_snatches_'.$UserID);
  150. if (is_array($RecentSnatches)) {
  151. foreach ($RecentSnatches as $Key => $Recent) {
  152. if ($Recent['ID'] == $GroupID) {
  153. if ($Recent['WikiImage'] != $Image) {
  154. $Recent['WikiImage'] = $Image;
  155. $Cache->begin_transaction('recent_snatches_'.$UserID);
  156. $Cache->update_row($Key, $Recent);
  157. $Cache->commit_transaction(0);
  158. }
  159. }
  160. }
  161. }
  162. }
  163. }
  164. header("Location: torrents.php?id=$GroupID");