Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
BioTorrents.de’s version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1065 Commits
2 Branches
Tree: b4fb8c0c52
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b4fb8c0c52'
${ noResults }
Gazelle/sections/tools/index.php

index.php 14KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488 
  1. <?php

  2. declare(strict_types=1);

  3. 

  4. /**

  5.  * Tools switch center

  6.  * This page acts as a switch for the tools pages.

  7.  */

  8. 

  9.  $ENV = ENV::go();

  10. 

  11. if (isset($argv[1])) {

  12.     $_REQUEST['action'] = $argv[1];

  13. } else {

  14.     if (empty($_REQUEST['action']) || $_REQUEST['action'] !== 'ocelot') {

  15.         // If set, do not enforce login so we can set the encryption key w/o an account

  16.         if (!$ENV->FEATURE_SET_ENC_KEY_PUBLIC) {

  17.             enforce_login();

  18.         }

  19.     }

  20. }

  21. 

  22. # Error checking

  23. if (!isset($_REQUEST['action'])) {

  24.     include SERVER_ROOT.'/sections/tools/tools.php';

  25.     #error('Need to set an "action" parameter in sections/tools/tools.php.');

  26. }

  27. 

  28. if (substr($_REQUEST['action'], 0, 12) === 'update_geoip' && !isset($argv[1])) {

  29.     if (!check_perms('site_debug')) {

  30.         error(403);

  31.     }

  32. }

  33. 

  34. if (substr($_REQUEST['action'], 0, 16) === 'rerender_gallery' && !isset($argv[1])) {

  35.     if (!check_perms('site_debug')) {

  36.         error(403);

  37.     }

  38. }

  39. 

  40. include SERVER_ROOT.'/classes/validate.class.php';

  41. $Val = new VALIDATE;

  42. 

  43. include SERVER_ROOT.'/classes/feed.class.php';

  44. $Feed = new FEED;

  45. 

  46. # Finally

  47. switch ($_REQUEST['action']) {

  48.   /*

  49.   case 'phpinfo':

  50.     if (!check_perms('site_debug')) {

  51.         error(403);

  52.     }

  53. 

  54.     phpinfo();

  55.     break;

  56.   */

  57. 

  58. 

  59.   // Services

  60.   case 'get_host':

  61.     include SERVER_ROOT.'/sections/tools/services/get_host.php';

  62.     break;

  63. 

  64.   case 'get_cc':

  65.     include SERVER_ROOT.'/sections/tools/services/get_cc.php';

  66.     break;

  67. 

  68.   // Managers

  69.   case 'forum':

  70.     include SERVER_ROOT.'/sections/tools/managers/forum_list.php';

  71.     break;

  72. 

  73.   case 'forum_alter':

  74.     include SERVER_ROOT.'/sections/tools/managers/forum_alter.php';

  75.     break;

  76. 

  77.   case 'whitelist':

  78.     include SERVER_ROOT.'/sections/tools/managers/whitelist_list.php';

  79.     break;

  80. 

  81.   case 'whitelist_alter':

  82.     include SERVER_ROOT.'/sections/tools/managers/whitelist_alter.php';

  83.     break;

  84. 

  85.   case 'enable_requests':

  86.     include SERVER_ROOT.'/sections/tools/managers/enable_requests.php';

  87.     break;

  88. 

  89.   case 'expunge_requests':

  90.     include SERVER_ROOT.'/sections/tools/managers/expunge_requests.php';

  91.     break;

  92. 

  93.   case 'ajax_take_enable_request':

  94.     if (FEATURE_EMAIL_REENABLE) {

  95.         include SERVER_ROOT.'/sections/tools/managers/ajax_take_enable_request.php';

  96.     } else {

  97.         // Prevent post requests to the ajax page

  98.         header("Location: tools.php");

  99.         error();

  100.     }

  101.     break;

  102. 

  103.   case 'login_watch':

  104.     include SERVER_ROOT.'/sections/tools/managers/login_watch.php';

  105.     break;

  106. 

  107.   case 'email_blacklist':

  108.     include SERVER_ROOT.'/sections/tools/managers/email_blacklist.php';

  109.     break;

  110. 

  111.   case 'email_blacklist_alter':

  112.     include SERVER_ROOT.'/sections/tools/managers/email_blacklist_alter.php';

  113.     break;

  114. 

  115.   case 'email_blacklist_search':

  116.     include SERVER_ROOT.'/sections/tools/managers/email_blacklist_search.php';

  117.     break;

  118. 

  119.   case 'dnu':

  120.     include SERVER_ROOT.'/sections/tools/managers/dnu_list.php';

  121.     break;

  122. 

  123.   case 'dnu_alter':

  124.     include SERVER_ROOT.'/sections/tools/managers/dnu_alter.php';

  125.     break;

  126. 

  127.   case 'editnews':

  128.   case 'news':

  129.     include SERVER_ROOT.'/sections/tools/managers/news.php';

  130.     break;

  131. 

  132.   case 'edit_tags':

  133.     include SERVER_ROOT.'/sections/tools/misc/tags.php';

  134.     break;

  135. 

  136.   case 'takeeditnews':

  137.     if (!check_perms('admin_manage_news')) {

  138.         error(403);

  139.     }

  140. 

  141.     if (is_number($_POST['newsid'])) {

  142.         $DB->query("

  143.           UPDATE news

  144.           SET Title = '".db_string($_POST['title'])."',

  145.             Body = '".db_string($_POST['body'])."'

  146.           WHERE ID = '".db_string($_POST['newsid'])."'");

  147. 

  148.         $Cache->delete_value('news');

  149.         $Cache->delete_value('feed_news');

  150.     }

  151.     header('Location: index.php');

  152.     break;

  153. 

  154.   case 'deletenews':

  155.     if (!check_perms('admin_manage_news')) {

  156.         error(403);

  157.     }

  158. 

  159.     if (is_number($_GET['id'])) {

  160.         authorize();

  161.         $DB->query("

  162.           DELETE FROM news

  163.           WHERE ID = '".db_string($_GET['id'])."'");

  164. 

  165.         $Cache->delete_value('news');

  166.         $Cache->delete_value('feed_news');

  167. 

  168.         // Deleting latest news

  169.         $LatestNews = $Cache->get_value('news_latest_id');

  170.         if ($LatestNews !== false && $LatestNews === $_GET['id']) {

  171.             $Cache->delete_value('news_latest_id');

  172.             $Cache->delete_value('news_latest_title');

  173.         }

  174.     }

  175.     header('Location: index.php');

  176.     break;

  177. 

  178.   case 'takenewnews':

  179.     if (!check_perms('admin_manage_news')) {

  180.         error(403);

  181.     }

  182. 

  183.     $DB->query("

  184.       INSERT INTO news (UserID, Title, Body, Time)

  185.       VALUES ('$LoggedUser[ID]', '".db_string($_POST['title'])."', '".db_string($_POST['body'])."', NOW())");

  186. 

  187.     $Cache->delete_value('news_latest_id');

  188.     $Cache->delete_value('news_latest_title');

  189.     $Cache->delete_value('news');

  190. 

  191.     header('Location: index.php');

  192.     break;

  193. 

  194.   case 'tokens':

  195.     include SERVER_ROOT.'/sections/tools/managers/tokens.php';

  196.     break;

  197. 

  198.   case 'multiple_freeleech':

  199.     include SERVER_ROOT.'/sections/tools/managers/multiple_freeleech.php';

  200.     break;

  201. 

  202.   case 'ocelot':

  203.     include SERVER_ROOT.'/sections/tools/managers/ocelot.php';

  204.     break;

  205. 

  206.   case 'ocelot_info':

  207.     include SERVER_ROOT.'/sections/tools/data/ocelot_info.php';

  208.     break;

  209. 

  210.   case 'official_tags':

  211.     include SERVER_ROOT.'/sections/tools/managers/official_tags.php';

  212.     break;

  213. 

  214.   case 'freeleech':

  215.     include SERVER_ROOT.'/sections/tools/managers/sitewide_freeleech.php';

  216.     break;

  217. 

  218.   case 'tag_aliases':

  219.     include SERVER_ROOT.'/sections/tools/managers/tag_aliases.php';

  220.     break;

  221. 

  222.   case 'label_aliases':

  223.     include SERVER_ROOT.'/sections/tools/managers/label_aliases.php';

  224.     break;

  225. 

  226.   case 'global_notification':

  227.     include SERVER_ROOT.'/sections/tools/managers/global_notification.php';

  228.     break;

  229. 

  230.   case 'take_global_notification':

  231.     include SERVER_ROOT.'/sections/tools/managers/take_global_notification.php';

  232.     break;

  233. 

  234.   case 'permissions':

  235.     if (!check_perms('admin_manage_permissions')) {

  236.         error(403);

  237.     }

  238. 

  239.     if (!empty($_REQUEST['id'])) {

  240.         $Val->SetFields('name', true, 'string', 'You did not enter a valid name for this permission set.');

  241.         $Val->SetFields('level', true, 'number', 'You did not enter a valid level for this permission set.');

  242.         $Val->SetFields('maxcollages', true, 'number', 'You did not enter a valid number of personal collages.');

  243.         //$Val->SetFields('test', true, 'number', 'You did not enter a valid level for this permission set.');

  244. 

  245.         if (is_numeric($_REQUEST['id'])) {

  246.             $DB->query("

  247.               SELECT p.ID, p.Name, p.Abbreviation, p.Level, p.Secondary, p.PermittedForums, p.Values, p.DisplayStaff, COUNT(u.ID)

  248.               FROM permissions AS p

  249.                 LEFT JOIN users_main AS u ON u.PermissionID = p.ID

  250.               WHERE p.ID = '".db_string($_REQUEST['id'])."'

  251.               GROUP BY p.ID");

  252.             list($ID, $Name, $Abbreviation, $Level, $Secondary, $Forums, $Values, $DisplayStaff, $UserCount) = $DB->next_record(MYSQLI_NUM, array(6));

  253. 

  254.             if ($Level > $LoggedUser['EffectiveClass'] || (isset($_REQUEST['level']) && $_REQUEST['level'] > $LoggedUser['EffectiveClass'])) {

  255.                 error(403);

  256.             }

  257. 

  258.             $Values = unserialize($Values);

  259.         }

  260. 

  261.         if (!empty($_POST['submit'])) {

  262.             $Err = $Val->ValidateForm($_POST);

  263. 

  264.             if (!is_numeric($_REQUEST['id'])) {

  265.                 $DB->query("

  266.                   SELECT ID

  267.                   FROM permissions

  268.                   WHERE Level = '".db_string($_REQUEST['level'])."'");

  269.                 list($DupeCheck)=$DB->next_record();

  270. 

  271.                 if ($DupeCheck) {

  272.                     $Err = 'There is already a permission class with that level.';

  273.                 }

  274.             }

  275. 

  276.             $Values = [];

  277.             foreach ($_REQUEST as $Key => $Perms) {

  278.                 if (substr($Key, 0, 5) === 'perm_') {

  279.                     $Values[substr($Key, 5)] = (int)$Perms;

  280.                 }

  281.             }

  282. 

  283.             $Name = $_REQUEST['name'];

  284.             $Level = $_REQUEST['level'];

  285.             $Abbreviation = $_REQUEST['abbreviation'];

  286.             $Secondary = empty($_REQUEST['secondary']) ? 0 : 1;

  287.             $Forums = $_REQUEST['forums'];

  288.             $DisplayStaff = isset($_REQUEST['displaystaff']) ? $_REQUEST['displaystaff']: 0;

  289.             $Values['MaxCollages'] = $_REQUEST['maxcollages'];

  290. 

  291.             if (!$Err) {

  292.                 if (!is_numeric($_REQUEST['id'])) {

  293.                     $DB->query("

  294.                       INSERT INTO permissions (Level, Name, Abbreviation, Secondary, PermittedForums, `Values`, DisplayStaff)

  295.                       VALUES ('".db_string($Level)."',

  296.                         '".db_string($Name)."',

  297.                         '".db_string($Abbreviation)."',

  298.                         $Secondary,

  299.                         '".db_string($Forums)."',

  300.                         '".db_string(serialize($Values))."',

  301.                         '".db_string($DisplayStaff)."')");

  302.                 } else {

  303.                     $DB->query("

  304.                       UPDATE permissions

  305.                       SET Level = '".db_string($Level)."',

  306.                         Name = '".db_string($Name)."',

  307.                         Abbreviation = '".db_string($Abbreviation)."',

  308.                         Secondary = $Secondary,

  309.                         PermittedForums = '".db_string($Forums)."',

  310.                         `Values` = '".db_string(serialize($Values))."',

  311.                         DisplayStaff = '".db_string($DisplayStaff)."'

  312.                       WHERE ID = '".db_string($_REQUEST['id'])."'");

  313. 

  314.                     $Cache->delete_value('perm_'.$_REQUEST['id']);

  315.                     if ($Secondary) {

  316.                         $DB->query("

  317.                           SELECT DISTINCT UserID

  318.                           FROM users_levels

  319.                           WHERE PermissionID = ".db_string($_REQUEST['id']));

  320. 

  321.                         while (list($UserID) = $DB->next_record()) {

  322.                             $Cache->delete_value("user_info_heavy_$UserID");

  323.                         }

  324.                     }

  325.                 }

  326.                 $Cache->delete_value('classes');

  327.             } else {

  328.                 error($Err);

  329.             }

  330.         }

  331. 

  332.         include SERVER_ROOT.'/sections/tools/managers/permissions_alter.php';

  333.     } else {

  334.         if (!empty($_REQUEST['removeid'])) {

  335.             $DB->query("

  336.               DELETE FROM permissions

  337.               WHERE ID = '".db_string($_REQUEST['removeid'])."'");

  338. 

  339.             $DB->query("

  340.               SELECT UserID

  341.               FROM users_levels

  342.               WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  343. 

  344.             while (list($UserID) = $DB->next_record()) {

  345.                 $Cache->delete_value("user_info_$UserID");

  346.                 $Cache->delete_value("user_info_heavy_$UserID");

  347.             }

  348.             $DB->query("

  349.               DELETE FROM users_levels

  350.               WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  351. 

  352.             $DB->query("

  353.               SELECT ID

  354.               FROM users_main

  355.               WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  356. 

  357.             while (list($UserID) = $DB->next_record()) {

  358.                 $Cache->delete_value("user_info_$UserID");

  359.                 $Cache->delete_value("user_info_heavy_$UserID");

  360.             }

  361. 

  362.             $DB->query("

  363.               UPDATE users_main

  364.               SET PermissionID = '".USER."'

  365.               WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  366. 

  367.             $Cache->delete_value('classes');

  368.         }

  369. 

  370.         include SERVER_ROOT.'/sections/tools/managers/permissions_list.php';

  371.     }

  372.     break;

  373. 

  374.   case 'ip_ban':

  375.     // todo: Clean up DB table ip_bans

  376.     include SERVER_ROOT.'/sections/tools/managers/bans.php';

  377.     break;

  378. 

  379.   case 'quick_ban':

  380.     include SERVER_ROOT.'/sections/tools/misc/quick_ban.php';

  381.     break;

  382. 

  383.   // Data

  384.   case 'registration_log':

  385.     include SERVER_ROOT.'/sections/tools/data/registration_log.php';

  386.     break;

  387. 

  388.   case 'donation_log':

  389.     include SERVER_ROOT.'/sections/tools/finances/donation_log.php';

  390.     break;

  391. 

  392.   case 'bitcoin_unproc':

  393.     include SERVER_ROOT.'/sections/tools/finances/bitcoin_unproc.php';

  394.     break;

  395. 

  396.   case 'bitcoin_balance':

  397.     include SERVER_ROOT.'/sections/tools/finances/bitcoin_balance.php';

  398.     break;

  399. 

  400.   case 'donor_rewards':

  401.     include SERVER_ROOT.'/sections/tools/finances/donor_rewards.php';

  402.     break;

  403. 

  404.   case 'upscale_pool':

  405.     include SERVER_ROOT.'/sections/tools/data/upscale_pool.php';

  406.     break;

  407. 

  408.   case 'invite_pool':

  409.     include SERVER_ROOT.'/sections/tools/data/invite_pool.php';

  410.     break;

  411. 

  412.   case 'torrent_stats':

  413.     include SERVER_ROOT.'/sections/tools/data/torrent_stats.php';

  414.     break;

  415. 

  416.   case 'user_flow':

  417.     include SERVER_ROOT.'/sections/tools/data/user_flow.php';

  418.     break;

  419. 

  420.   case 'economic_stats':

  421.     include SERVER_ROOT.'/sections/tools/data/economic_stats.php';

  422.     break;

  423. 

  424.   case 'service_stats':

  425.     include SERVER_ROOT.'/sections/tools/development/service_stats.php';

  426.     break;

  427. 

  428.   case 'database_specifics':

  429.     include SERVER_ROOT.'/sections/tools/data/database_specifics.php';

  430.     break;

  431. 

  432.   case 'special_users':

  433.     include SERVER_ROOT.'/sections/tools/data/special_users.php';

  434.     break;

  435.   // END Data

  436. 

  437.   // Misc

  438.   case 'update_geoip':

  439.     include SERVER_ROOT.'/sections/tools/development/update_geoip.php';

  440.     break;

  441. 

  442.   case 'dupe_ips':

  443.     include SERVER_ROOT.'/sections/tools/misc/dupe_ip.php';

  444.     break;

  445. 

  446.   case 'clear_cache':

  447.     include SERVER_ROOT.'/sections/tools/development/clear_cache.php';

  448.     break;

  449. 

  450.   case 'create_user':

  451.     include SERVER_ROOT.'/sections/tools/misc/create_user.php';

  452.     break;

  453. 

  454.   case 'manipulate_tree':

  455.     include SERVER_ROOT.'/sections/tools/misc/manipulate_tree.php';

  456.     break;

  457. 

  458.   case 'misc_values':

  459.     include SERVER_ROOT.'/sections/tools/development/misc_values.php';

  460.     break;

  461. 

  462.   case 'recommendations':

  463.     include SERVER_ROOT.'/sections/tools/misc/recommendations.php';

  464.     break;

  465. 

  466.   case 'analysis':

  467.     include SERVER_ROOT.'/sections/tools/misc/analysis.php';

  468.     break;

  469. 

  470.   case 'database_key':

  471.     include SERVER_ROOT.'/sections/tools/misc/database_key.php';

  472.     break;

  473. 

  474.   case 'rerender_gallery':

  475.     include SERVER_ROOT.'/sections/tools/development/rerender_gallery.php';

  476.     break;

  477. 

  478.   case 'mass_pm':

  479.     include SERVER_ROOT.'/sections/tools/managers/mass_pm.php';

  480.     break;

  481. 

  482.   case 'take_mass_pm':

  483.     include SERVER_ROOT.'/sections/tools/managers/take_mass_pm.php';

  484.     break;

  485.     

  486.   default:

  487.     include SERVER_ROOT.'/sections/tools/tools.php';

  488. }