Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
BioTorrents.de’s version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1077 Commits
2 Branches
Tree: 45c60ee4e0
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '45c60ee4e0'
${ noResults }
Gazelle/sections/torrents/takeedit.php

takeedit.php 15KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463 
  1. <?php

  2. #declare(strict_types=1);

  3. 

  4. //******************************************************************************//

  5. //--------------- Take edit ----------------------------------------------------//

  6. // This pages handles the backend of the 'edit torrent' function. It checks     //

  7. // the data, and if it all validates, it edits the values in the database       //

  8. // that correspond to the torrent in question.                                  //

  9. //******************************************************************************//

  10. 

  11. enforce_login();

  12. authorize();

  13. 

  14. require_once SERVER_ROOT.'/classes/validate.class.php';

  15. $Validate = new VALIDATE;

  16. 

  17. 

  18. //******************************************************************************//

  19. //--------------- Set $Properties array ----------------------------------------//

  20. // This is used if the form doesn't validate, and when the time comes to enter  //

  21. // it into the database.                                                        //

  22. //******************************************************************************//

  23. 

  24. $Properties=[];

  25. $_POST['type'] = $_POST['type'] + 1;

  26. $TypeID = (int) $_POST['type'];

  27. $Type = $Categories[$TypeID-1];

  28. $TorrentID = (int) $_POST['torrentid'];

  29. 

  30. /*

  31. $Properties['Remastered'] = (isset($_POST['remaster']))? 1 : 0;

  32. if ($Properties['Remastered']) {

  33.     $Properties['UnknownRelease'] = (isset($_POST['unknown'])) ? 1 : 0;

  34. }

  35. 

  36. if (!$Properties['Remastered']) {

  37.     $Properties['UnknownRelease'] = 0;

  38. }

  39. */

  40. 

  41. $Properties['BadTags'] = (isset($_POST['bad_tags']))? 1 : 0;

  42. $Properties['BadFolders'] = (isset($_POST['bad_folders']))? 1 : 0;

  43. $Properties['BadFiles'] = (isset($_POST['bad_files'])) ? 1 : 0;

  44. $Properties['Format'] = $_POST['format'];

  45. $Properties['Media'] = $_POST['media'];

  46. $Properties['Bitrate'] = $_POST['bitrate'];

  47. $Properties['Encoding'] = $_POST['bitrate'];

  48. $Properties['Trumpable'] = (isset($_POST['make_trumpable'])) ? 1 : 0;

  49. $Properties['TorrentDescription'] = $_POST['release_desc'];

  50. $Properties['Name'] = $_POST['title'];

  51. $Properties['Container'] = $_POST['container'];

  52. $Properties['Codec'] = $_POST['codec'];

  53. $Properties['Resolution'] = $_POST['resolution'];

  54. $Properties['Version'] = $_POST['version'];

  55. $Properties['Censored'] = (isset($_POST['censored'])) ? '1' : '0';

  56. $Properties['Anonymous'] = (isset($_POST['anonymous'])) ? '1' : '0';

  57. $Properties['Archive'] = (isset($_POST['archive']) && $_POST['archive'] != '---') ? $_POST['archive'] : '';

  58. 

  59. if ($_POST['album_desc']) {

  60.     $Properties['GroupDescription'] = $_POST['album_desc'];

  61. }

  62. 

  63. if (check_perms('torrents_freeleech')) {

  64.     $Free = (int) $_POST['freeleech'];

  65.     if (!in_array($Free, array(0, 1, 2))) {

  66.         error(404);

  67.     }

  68.     $Properties['FreeLeech'] = $Free;

  69. 

  70.     if ($Free == 0) {

  71.         $FreeType = 0;

  72.     } else {

  73.         $FreeType = (int)$_POST['freeleechtype'];

  74.         if (!in_array($Free, array(0, 1, 2, 3))) {

  75.             error(404);

  76.         }

  77.     }

  78.     $Properties['FreeLeechType'] = $FreeType;

  79. }

  80. 

  81. 

  82. //******************************************************************************//

  83. //--------------- Validate data in edit form -----------------------------------//

  84. 

  85. /*

  86. $DB->query("

  87.   SELECT UserID, Remastered, RemasterYear, FreeTorrent

  88.   FROM torrents

  89.   WHERE ID = $TorrentID");

  90. */

  91. 

  92. $DB->query("

  93.   SELECT UserID, FreeTorrent

  94.   FROM torrents

  95.   WHERE ID = $TorrentID");

  96. 

  97. if (!$DB->has_results()) {

  98.     error(404);

  99. }

  100. 

  101. // list($UserID, $Remastered, $RemasterYear, $CurFreeLeech) = $DB->next_record(MYSQLI_BOTH, false);

  102. list($UserID, $CurFreeLeech) = $DB->next_record(MYSQLI_BOTH, false);

  103. 

  104. if ($LoggedUser['ID'] != $UserID && !check_perms('torrents_edit')) {

  105.     error(403);

  106. }

  107. 

  108. /*

  109. if ($Remastered == '1' && !$RemasterYear && !check_perms('edit_unknowns')) {

  110.   error(403);

  111. }

  112. */

  113. 

  114. if ($Properties['UnknownRelease'] && !($Remastered == '1' && !$RemasterYear) && !check_perms('edit_unknowns')) {

  115.     // It's Unknown now, and it wasn't before

  116.     if ($LoggedUser['ID'] != $UserID) {

  117.         // Hax

  118.         error();

  119.     }

  120. }

  121. 

  122. $Validate->SetFields('type', '1', 'number', 'Not a valid type.', array('maxlength' => count($Categories), 'minlength' => 1));

  123. /*

  124. switch ($Type) {

  125.   case 'Music':

  126.     if (!empty($Properties['Remastered']) && !$Properties['UnknownRelease']) {

  127.         $Validate->SetFields('remaster_year', '1', 'number', 'Year of remaster/re-issue must be entered.');

  128.     } else {

  129.         $Validate->SetFields('remaster_year', '0', 'number', 'Invalid remaster year.');

  130.     }

  131. 

  132.     if (!empty($Properties['Remastered']) && !$Properties['UnknownRelease'] && $Properties['RemasterYear'] < 1982 && $Properties['Media'] == 'CD') {

  133.         error('You have selected a year for an album that predates the medium you say it was created on.');

  134.         header("Location: torrents.php?action=edit&id=$TorrentID");

  135.         error();

  136.     }

  137. 

  138.     $Validate->SetFields('remaster_title', '0', 'string', 'Remaster title must be between 2 and 80 characters.', array('maxlength' => 80, 'minlength' => 2));

  139. 

  140.     if ($Properties['RemasterTitle'] == 'Original Release') {

  141.         error('"Original Release" is not a valid remaster title.');

  142.         header("Location: torrents.php?action=edit&id=$TorrentID");

  143.         error();

  144.     }

  145. 

  146.     $Validate->SetFields('remaster_record_label', '0', 'string', 'Remaster record label must be between 2 and 80 characters.', array('maxlength' => 80, 'minlength' => 2));

  147. 

  148.     $Validate->SetFields('remaster_catalogue_number', '0', 'string', 'Remaster catalogue number must be between 2 and 80 characters.', array('maxlength' => 80, 'minlength' => 2));

  149. 

  150. 

  151.     $Validate->SetFields('format', '1', 'inarray', 'Not a valid format.', array('inarray' => $Formats));

  152. 

  153.     $Validate->SetFields('bitrate', '1', 'inarray', 'You must choose a bitrate.', array('inarray' => $Bitrates));

  154. 

  155. 

  156.     // Handle 'other' bitrates

  157.     if ($Properties['Encoding'] == 'Other') {

  158.         $Validate->SetFields('other_bitrate', '1', 'text', 'You must enter the other bitrate (max length: 9 characters).', array('maxlength' => 9));

  159.         $enc = trim($_POST['other_bitrate']);

  160.         if (isset($_POST['vbr'])) {

  161.             $enc .= ' (VBR)';

  162.         }

  163. 

  164.         $Properties['Encoding'] = $enc;

  165.         $Properties['Bitrate'] = $enc;

  166.     } else {

  167.         $Validate->SetFields('bitrate', '1', 'inarray', 'You must choose a bitrate.', array('inarray' => $Bitrates));

  168.     }

  169. 

  170.     $Validate->SetFields('media', '1', 'inarray', 'Not a valid media.', array('inarray' => $Media));

  171. 

  172.     $Validate->SetFields('release_desc', '0', 'string', 'Invalid release description.', array('maxlength' => 1000000, 'minlength' => 0));

  173. 

  174.     break;

  175. 

  176.   case 'Audiobooks':

  177.   case 'Comedy':

  178.     /*$Validate->SetFields('title', '1', 'string', 'Title must be between 2 and 300 characters.', array('maxlength' => 300, 'minlength' => 2));

  179.     ^ this is commented out because there is no title field on these pages*

  180.     $Validate->SetFields('year', '1', 'number', 'The year of the release must be entered.');

  181. 

  182.     $Validate->SetFields('format', '1', 'inarray', 'Not a valid format.', array('inarray' => $Formats));

  183. 

  184.     $Validate->SetFields('bitrate', '1', 'inarray', 'You must choose a bitrate.', array('inarray' => $Bitrates));

  185. 

  186. 

  187.     // Handle 'other' bitrates

  188.     if ($Properties['Encoding'] == 'Other') {

  189.         $Validate->SetFields('other_bitrate', '1', 'text', 'You must enter the other bitrate (max length: 9 characters).', array('maxlength' => 9));

  190.         $enc = trim($_POST['other_bitrate']);

  191.         if (isset($_POST['vbr'])) {

  192.             $enc .= ' (VBR)';

  193.         }

  194. 

  195.         $Properties['Encoding'] = $enc;

  196.         $Properties['Bitrate'] = $enc;

  197.     } else {

  198.         $Validate->SetFields('bitrate', '1', 'inarray', 'You must choose a bitrate.', array('inarray' => $Bitrates));

  199.     }

  200. 

  201.     $Validate->SetFields('release_desc', '0', 'string', 'The release description has a minimum length of 10 characters.', array('maxlength' => 1000000, 'minlength' => 10));

  202. 

  203.     break;

  204. 

  205.   case 'Applications':

  206.   case 'Comics':

  207.   case 'E-Books':

  208.   case 'E-Learning Videos':

  209.     /*$Validate->SetFields('title', '1', 'string', 'Title must be between 2 and 300 characters.', array('maxlength' => 300, 'minlength' => 2));

  210.       ^ this is commented out because there is no title field on these pages*

  211.     break;

  212. }

  213. */

  214. 

  215. $Err = $Validate->ValidateForm($_POST); // Validate the form

  216. 

  217. if ($Properties['Remastered'] && !$Properties['RemasterYear']) {

  218.     //Unknown Edit!

  219.     if ($LoggedUser['ID'] == $UserID || check_perms('edit_unknowns')) {

  220.         //Fine!

  221.     } else {

  222.         $Err = "You may not edit someone else's upload to unknown release.";

  223.     }

  224. }

  225. 

  226. // Strip out Amazon's padding

  227. $AmazonReg = '/(http:\/\/ecx.images-amazon.com\/images\/.+)(\._.*_\.jpg)/i';

  228. $Matches = [];

  229. if (preg_match($RegX, $Properties['Image'], $Matches)) {

  230.     $Properties['Image'] = $Matches[1].'.jpg';

  231. }

  232. ImageTools::blacklisted($Properties['Image']);

  233. 

  234. if ($Err) { // Show the upload form, with the data the user entered

  235.     if (check_perms('site_debug')) {

  236.         error($Err);

  237.     }

  238.     error($Err);

  239. }

  240. 

  241. 

  242. //******************************************************************************//

  243. //--------------- Make variables ready for database input ----------------------//

  244. 

  245. // Shorten and escape $Properties for database input

  246. $T = [];

  247. foreach ($Properties as $Key => $Value) {

  248.     $T[$Key] = "'".db_string(trim($Value))."'";

  249.     if (!$T[$Key]) {

  250.         $T[$Key] = null;

  251.     }

  252. }

  253. 

  254. $T['Censored'] = $Properties['Censored'];

  255. $T['Anonymous'] = $Properties['Anonymous'];

  256. 

  257. 

  258. //******************************************************************************//

  259. //--------------- Start database stuff -----------------------------------------//

  260. 

  261. $DBTorVals = [];

  262. $DB->query("

  263.   SELECT Media, Container, Codec, Resolution, Version, Description, Censored, Anonymous, Archive

  264.   FROM torrents

  265.   WHERE ID = $TorrentID");

  266. 

  267. $DBTorVals = $DB->to_array(false, MYSQLI_ASSOC);

  268. $DBTorVals = $DBTorVals[0];

  269. $LogDetails = '';

  270. 

  271. foreach ($DBTorVals as $Key => $Value) {

  272.     $Value = "'$Value'";

  273.     if ($Value != $T[$Key]) {

  274.         if (!isset($T[$Key])) {

  275.             continue;

  276.         }

  277. 

  278.         if ((empty($Value) && empty($T[$Key])) || ($Value == "'0'" && $T[$Key] == "''")) {

  279.             continue;

  280.         }

  281. 

  282.         if ($LogDetails == '') {

  283.             $LogDetails = "$Key: $Value -> ".$T[$Key];

  284.         } else {

  285.             $LogDetails = "$LogDetails, $Key: $Value -> ".$T[$Key];

  286.         }

  287.     }

  288. }

  289. 

  290. $T['Censored'] = $Properties['Censored'];

  291. $T['Anonymous'] = $Properties['Anonymous'];

  292. 

  293. // Update info for the torrent

  294. /*

  295. $SQL = "

  296.   UPDATE torrents

  297.   SET

  298.     Media = $T[Media],

  299.     Format = $T[Format],

  300.     Encoding = $T[Encoding],

  301.     RemasterYear = $T[RemasterYear],

  302.     Remastered = $T[Remastered],

  303.     RemasterTitle = $T[RemasterTitle],

  304.     RemasterRecordLabel = $T[RemasterRecordLabel],

  305.     RemasterCatalogueNumber = $T[RemasterCatalogueNumber],

  306.     Scene = $T[Scene],";

  307. */

  308. 

  309. $SQL = "

  310.   UPDATE torrents

  311.   SET

  312.     Media = $T[Media],

  313.     Container = $T[Container],

  314.     Codec = $T[Codec],

  315.     Resolution = $T[Resolution],

  316.     Version = $T[Version],

  317.     Archive = $T[Archive],

  318.     Censored = $T[Censored],

  319.     Anonymous = $T[Anonymous],";

  320. 

  321. if (check_perms('torrents_freeleech')) {

  322.     $SQL .= "FreeTorrent = $T[FreeLeech],";

  323.     $SQL .= "FreeLeechType = $T[FreeLeechType],";

  324. }

  325. 

  326. if (check_perms('users_mod')) {

  327.     /*  if ($T[Format] != "'FLAC'") {

  328.         $SQL .= "

  329.           HasLog = '0',

  330.           HasCue = '0',";

  331.       } else {

  332.         $SQL .= "

  333.           HasLog = $T[HasLog],

  334.           HasCue = $T[HasCue],";

  335.       }

  336.     */

  337. 

  338.     $DB->query("

  339.       SELECT TorrentID

  340.       FROM torrents_bad_tags

  341.       WHERE TorrentID = '$TorrentID'");

  342.     list($btID) = $DB->next_record();

  343. 

  344.     if (!$btID && $Properties['BadTags']) {

  345.         $DB->query("

  346.           INSERT INTO torrents_bad_tags

  347.           VALUES ($TorrentID, $LoggedUser[ID], NOW())");

  348.     }

  349. 

  350.     if ($btID && !$Properties['BadTags']) {

  351.         $DB->query("

  352.           DELETE FROM torrents_bad_tags

  353.           WHERE TorrentID = '$TorrentID'");

  354.     }

  355. 

  356.     $DB->query("

  357.       SELECT TorrentID

  358.       FROM torrents_bad_folders

  359.       WHERE TorrentID = '$TorrentID'");

  360.     list($bfID) = $DB->next_record();

  361. 

  362.     if (!$bfID && $Properties['BadFolders']) {

  363.         $DB->query("

  364.           INSERT INTO torrents_bad_folders

  365.           VALUES ($TorrentID, $LoggedUser[ID], NOW())");

  366.     }

  367. 

  368.     if ($bfID && !$Properties['BadFolders']) {

  369.         $DB->query("

  370.           DELETE FROM torrents_bad_folders

  371.           WHERE TorrentID = '$TorrentID'");

  372.     }

  373. 

  374.     $DB->query("

  375.       SELECT TorrentID

  376.       FROM torrents_bad_files

  377.       WHERE TorrentID = '$TorrentID'");

  378.     list($bfiID) = $DB->next_record();

  379. 

  380.     if (!$bfiID && $Properties['BadFiles']) {

  381.         $DB->query("

  382.           INSERT INTO torrents_bad_files

  383.           VALUES ($TorrentID, $LoggedUser[ID], NOW())");

  384.     }

  385. 

  386.     if ($bfiID && !$Properties['BadFiles']) {

  387.         $DB->query("

  388.           DELETE FROM torrents_bad_files

  389.           WHERE TorrentID = '$TorrentID'");

  390.     }

  391. 

  392.     $DB->query("

  393.       SELECT TorrentID

  394.       FROM library_contest

  395.       WHERE TorrentID = '$TorrentID'");

  396.     list($lbID) = $DB->next_record();

  397. 

  398.     if (!$lbID && $Properties['LibraryUpload'] && $Properties['LibraryPoints'] > 0) {

  399.         $DB->query("

  400.           SELECT UserID

  401.           FROM torrents

  402.           WHERE ID = $TorrentID");

  403.         list($UploaderID) = $DB->next_record();

  404. 

  405.         $DB->query("

  406.           INSERT INTO library_contest

  407.           VALUES ($UploaderID, $TorrentID, $Properties[LibraryPoints])");

  408.     }

  409. 

  410.     if ($lbID && !$Properties['LibraryUpload']) {

  411.         $DB->query("

  412.           DELETE FROM library_contest

  413.           WHERE TorrentID = '$TorrentID'");

  414.     }

  415. }

  416. 

  417. $SQL .= "

  418.   Description = $T[TorrentDescription]

  419.   WHERE ID = $TorrentID";

  420. $DB->query($SQL);

  421. 

  422. if (check_perms('torrents_freeleech') && $Properties['FreeLeech'] != $CurFreeLeech) {

  423.     Torrents::freeleech_torrents($TorrentID, $Properties['FreeLeech'], $Properties['FreeLeechType']);

  424. }

  425. 

  426. $DB->query("

  427.   SELECT GroupID, Time

  428.   FROM torrents

  429.   WHERE ID = '$TorrentID'");

  430. list($GroupID, $Time) = $DB->next_record();

  431. 

  432. // Competition

  433. if (strtotime($Time) > 1241352173) {

  434.     if ($_POST['log_score'] == '100') {

  435.         $DB->query("

  436.           INSERT IGNORE into users_points (GroupID, UserID, Points)

  437.           VALUES ('$GroupID', '$UserID', '1')");

  438.     }

  439. }

  440. // End competiton

  441. 

  442. $DB->query("

  443.   SELECT Enabled

  444.   FROM users_main

  445.   WHERE ID = $UserID");

  446. list($Enabled) = $DB->next_record();

  447. 

  448. $DB->query("

  449.   SELECT Name

  450.   FROM torrents_group

  451.   WHERE ID = $GroupID");

  452. list($Name) = $DB->next_record(MYSQLI_NUM, false);

  453. 

  454. Misc::write_log("Torrent $TorrentID ($Name) in group $GroupID was edited by ".$LoggedUser['Username']." ($LogDetails)"); // TODO: this is probably broken

  455. Torrents::write_group_log($GroupID, $TorrentID, $LoggedUser['ID'], $LogDetails, 0);

  456. 

  457. $Cache->delete_value("torrents_details_$GroupID");

  458. $Cache->delete_value("torrent_download_$TorrentID");

  459. 

  460. Torrents::update_hash($GroupID);

  461. // All done!

  462. 

  463. header("Location: torrents.php?id=$GroupID");