Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
BioTorrents.de’s version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1097 Commits
2 Branches
Tree: cfaf71c803
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'cfaf71c803'
${ noResults }
Gazelle/sections/tools/index.php

index.php 14KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462 
  1. <?php

  2. declare(strict_types=1);

  3. 

  4. /**

  5.  * Tools switch center

  6.  * This page acts as a switch for the tools pages.

  7.  */

  8. 

  9.  $ENV = ENV::go();

  10. 

  11. if (isset($argv[1])) {

  12.     $_REQUEST['action'] = $argv[1];

  13. } else {

  14.     if (empty($_REQUEST['action']) || $_REQUEST['action'] !== 'ocelot') {

  15.         // If set, do not enforce login so we can set the encryption key w/o an account

  16.         if (!$ENV->FEATURE_SET_ENC_KEY_PUBLIC) {

  17.             enforce_login();

  18.         }

  19.     }

  20. }

  21. 

  22. # Error checking

  23. if (!isset($_REQUEST['action'])) {

  24.     include SERVER_ROOT.'/sections/tools/tools.php';

  25.     #error('Need to set an "action" parameter in sections/tools/tools.php.');

  26. }

  27. 

  28. if (substr($_REQUEST['action'], 0, 16) === 'rerender_gallery' && !isset($argv[1])) {

  29.     if (!check_perms('site_debug')) {

  30.         error(403);

  31.     }

  32. }

  33. 

  34. include SERVER_ROOT.'/classes/validate.class.php';

  35. $Val = new VALIDATE;

  36. 

  37. include SERVER_ROOT.'/classes/feed.class.php';

  38. $Feed = new FEED;

  39. 

  40. # Finally

  41. switch ($_REQUEST['action']) {

  42.   /*

  43.   case 'phpinfo':

  44.     if (!check_perms('site_debug')) {

  45.         error(403);

  46.     }

  47. 

  48.     phpinfo();

  49.     break;

  50.   */

  51. 

  52. 

  53.   // Services

  54.   case 'get_host':

  55.     include SERVER_ROOT.'/sections/tools/services/get_host.php';

  56.     break;

  57. 

  58.   case 'get_cc':

  59.     include SERVER_ROOT.'/sections/tools/services/get_cc.php';

  60.     break;

  61. 

  62.   // Managers

  63.   case 'forum':

  64.     include SERVER_ROOT.'/sections/tools/managers/forum_list.php';

  65.     break;

  66. 

  67.   case 'forum_alter':

  68.     include SERVER_ROOT.'/sections/tools/managers/forum_alter.php';

  69.     break;

  70. 

  71.   case 'whitelist':

  72.     include SERVER_ROOT.'/sections/tools/managers/whitelist_list.php';

  73.     break;

  74. 

  75.   case 'whitelist_alter':

  76.     include SERVER_ROOT.'/sections/tools/managers/whitelist_alter.php';

  77.     break;

  78. 

  79.   case 'enable_requests':

  80.     include SERVER_ROOT.'/sections/tools/managers/enable_requests.php';

  81.     break;

  82. 

  83.   case 'expunge_requests':

  84.     include SERVER_ROOT.'/sections/tools/managers/expunge_requests.php';

  85.     break;

  86. 

  87.   case 'ajax_take_enable_request':

  88.     if (FEATURE_EMAIL_REENABLE) {

  89.         include SERVER_ROOT.'/sections/tools/managers/ajax_take_enable_request.php';

  90.     } else {

  91.         // Prevent post requests to the ajax page

  92.         header("Location: tools.php");

  93.         error();

  94.     }

  95.     break;

  96. 

  97.   case 'login_watch':

  98.     include SERVER_ROOT.'/sections/tools/managers/login_watch.php';

  99.     break;

  100. 

  101.   case 'email_blacklist':

  102.     include SERVER_ROOT.'/sections/tools/managers/email_blacklist.php';

  103.     break;

  104. 

  105.   case 'email_blacklist_alter':

  106.     include SERVER_ROOT.'/sections/tools/managers/email_blacklist_alter.php';

  107.     break;

  108. 

  109.   case 'email_blacklist_search':

  110.     include SERVER_ROOT.'/sections/tools/managers/email_blacklist_search.php';

  111.     break;

  112. 

  113.   case 'editnews':

  114.   case 'news':

  115.     include SERVER_ROOT.'/sections/tools/managers/news.php';

  116.     break;

  117. 

  118.   case 'edit_tags':

  119.     include SERVER_ROOT.'/sections/tools/misc/tags.php';

  120.     break;

  121. 

  122.   case 'takeeditnews':

  123.     if (!check_perms('admin_manage_news')) {

  124.         error(403);

  125.     }

  126. 

  127.     if (is_number($_POST['newsid'])) {

  128.         $DB->query("

  129.           UPDATE news

  130.           SET Title = '".db_string($_POST['title'])."',

  131.             Body = '".db_string($_POST['body'])."'

  132.           WHERE ID = '".db_string($_POST['newsid'])."'");

  133. 

  134.         $Cache->delete_value('news');

  135.         $Cache->delete_value('feed_news');

  136.     }

  137.     header('Location: index.php');

  138.     break;

  139. 

  140.   case 'deletenews':

  141.     if (!check_perms('admin_manage_news')) {

  142.         error(403);

  143.     }

  144. 

  145.     if (is_number($_GET['id'])) {

  146.         authorize();

  147.         $DB->query("

  148.           DELETE FROM news

  149.           WHERE ID = '".db_string($_GET['id'])."'");

  150. 

  151.         $Cache->delete_value('news');

  152.         $Cache->delete_value('feed_news');

  153. 

  154.         // Deleting latest news

  155.         $LatestNews = $Cache->get_value('news_latest_id');

  156.         if ($LatestNews !== false && $LatestNews === $_GET['id']) {

  157.             $Cache->delete_value('news_latest_id');

  158.             $Cache->delete_value('news_latest_title');

  159.         }

  160.     }

  161.     header('Location: index.php');

  162.     break;

  163. 

  164.   case 'takenewnews':

  165.     if (!check_perms('admin_manage_news')) {

  166.         error(403);

  167.     }

  168. 

  169.     $DB->query("

  170.       INSERT INTO news (UserID, Title, Body, Time)

  171.       VALUES ('$LoggedUser[ID]', '".db_string($_POST['title'])."', '".db_string($_POST['body'])."', NOW())");

  172. 

  173.     $Cache->delete_value('news_latest_id');

  174.     $Cache->delete_value('news_latest_title');

  175.     $Cache->delete_value('news');

  176. 

  177.     header('Location: index.php');

  178.     break;

  179. 

  180.   case 'tokens':

  181.     include SERVER_ROOT.'/sections/tools/managers/tokens.php';

  182.     break;

  183. 

  184.   case 'multiple_freeleech':

  185.     include SERVER_ROOT.'/sections/tools/managers/multiple_freeleech.php';

  186.     break;

  187. 

  188.   case 'ocelot':

  189.     include SERVER_ROOT.'/sections/tools/managers/ocelot.php';

  190.     break;

  191. 

  192.   case 'ocelot_info':

  193.     include SERVER_ROOT.'/sections/tools/data/ocelot_info.php';

  194.     break;

  195. 

  196.   case 'official_tags':

  197.     include SERVER_ROOT.'/sections/tools/managers/official_tags.php';

  198.     break;

  199. 

  200.   case 'freeleech':

  201.     include SERVER_ROOT.'/sections/tools/managers/sitewide_freeleech.php';

  202.     break;

  203. 

  204.   case 'tag_aliases':

  205.     include SERVER_ROOT.'/sections/tools/managers/tag_aliases.php';

  206.     break;

  207. 

  208.   case 'label_aliases':

  209.     include SERVER_ROOT.'/sections/tools/managers/label_aliases.php';

  210.     break;

  211. 

  212.   case 'global_notification':

  213.     include SERVER_ROOT.'/sections/tools/managers/global_notification.php';

  214.     break;

  215. 

  216.   case 'take_global_notification':

  217.     include SERVER_ROOT.'/sections/tools/managers/take_global_notification.php';

  218.     break;

  219. 

  220.   case 'permissions':

  221.     if (!check_perms('admin_manage_permissions')) {

  222.         error(403);

  223.     }

  224. 

  225.     if (!empty($_REQUEST['id'])) {

  226.         $Val->SetFields('name', true, 'string', 'You did not enter a valid name for this permission set.');

  227.         $Val->SetFields('level', true, 'number', 'You did not enter a valid level for this permission set.');

  228.         $Val->SetFields('maxcollages', true, 'number', 'You did not enter a valid number of personal collages.');

  229.         //$Val->SetFields('test', true, 'number', 'You did not enter a valid level for this permission set.');

  230. 

  231.         if (is_numeric($_REQUEST['id'])) {

  232.             $DB->query("

  233.               SELECT p.ID, p.Name, p.Abbreviation, p.Level, p.Secondary, p.PermittedForums, p.Values, p.DisplayStaff, COUNT(u.ID)

  234.               FROM permissions AS p

  235.                 LEFT JOIN users_main AS u ON u.PermissionID = p.ID

  236.               WHERE p.ID = '".db_string($_REQUEST['id'])."'

  237.               GROUP BY p.ID");

  238.             list($ID, $Name, $Abbreviation, $Level, $Secondary, $Forums, $Values, $DisplayStaff, $UserCount) = $DB->next_record(MYSQLI_NUM, array(6));

  239. 

  240.             if ($Level > $LoggedUser['EffectiveClass'] || (isset($_REQUEST['level']) && $_REQUEST['level'] > $LoggedUser['EffectiveClass'])) {

  241.                 error(403);

  242.             }

  243. 

  244.             $Values = unserialize($Values);

  245.         }

  246. 

  247.         if (!empty($_POST['submit'])) {

  248.             $Err = $Val->ValidateForm($_POST);

  249. 

  250.             if (!is_numeric($_REQUEST['id'])) {

  251.                 $DB->query("

  252.                   SELECT ID

  253.                   FROM permissions

  254.                   WHERE Level = '".db_string($_REQUEST['level'])."'");

  255.                 list($DupeCheck)=$DB->next_record();

  256. 

  257.                 if ($DupeCheck) {

  258.                     $Err = 'There is already a permission class with that level.';

  259.                 }

  260.             }

  261. 

  262.             $Values = [];

  263.             foreach ($_REQUEST as $Key => $Perms) {

  264.                 if (substr($Key, 0, 5) === 'perm_') {

  265.                     $Values[substr($Key, 5)] = (int)$Perms;

  266.                 }

  267.             }

  268. 

  269.             $Name = $_REQUEST['name'];

  270.             $Level = $_REQUEST['level'];

  271.             $Abbreviation = $_REQUEST['abbreviation'];

  272.             $Secondary = empty($_REQUEST['secondary']) ? 0 : 1;

  273.             $Forums = $_REQUEST['forums'];

  274.             $DisplayStaff = isset($_REQUEST['displaystaff']) ? $_REQUEST['displaystaff']: 0;

  275.             $Values['MaxCollages'] = $_REQUEST['maxcollages'];

  276. 

  277.             if (!$Err) {

  278.                 if (!is_numeric($_REQUEST['id'])) {

  279.                     $DB->query("

  280.                       INSERT INTO permissions (Level, Name, Abbreviation, Secondary, PermittedForums, `Values`, DisplayStaff)

  281.                       VALUES ('".db_string($Level)."',

  282.                         '".db_string($Name)."',

  283.                         '".db_string($Abbreviation)."',

  284.                         $Secondary,

  285.                         '".db_string($Forums)."',

  286.                         '".db_string(serialize($Values))."',

  287.                         '".db_string($DisplayStaff)."')");

  288.                 } else {

  289.                     $DB->query("

  290.                       UPDATE permissions

  291.                       SET Level = '".db_string($Level)."',

  292.                         Name = '".db_string($Name)."',

  293.                         Abbreviation = '".db_string($Abbreviation)."',

  294.                         Secondary = $Secondary,

  295.                         PermittedForums = '".db_string($Forums)."',

  296.                         `Values` = '".db_string(serialize($Values))."',

  297.                         DisplayStaff = '".db_string($DisplayStaff)."'

  298.                       WHERE ID = '".db_string($_REQUEST['id'])."'");

  299. 

  300.                     $Cache->delete_value('perm_'.$_REQUEST['id']);

  301.                     if ($Secondary) {

  302.                         $DB->query("

  303.                           SELECT DISTINCT UserID

  304.                           FROM users_levels

  305.                           WHERE PermissionID = ".db_string($_REQUEST['id']));

  306. 

  307.                         while (list($UserID) = $DB->next_record()) {

  308.                             $Cache->delete_value("user_info_heavy_$UserID");

  309.                         }

  310.                     }

  311.                 }

  312.                 $Cache->delete_value('classes');

  313.             } else {

  314.                 error($Err);

  315.             }

  316.         }

  317. 

  318.         include SERVER_ROOT.'/sections/tools/managers/permissions_alter.php';

  319.     } else {

  320.         if (!empty($_REQUEST['removeid'])) {

  321.             $DB->query("

  322.               DELETE FROM permissions

  323.               WHERE ID = '".db_string($_REQUEST['removeid'])."'");

  324. 

  325.             $DB->query("

  326.               SELECT UserID

  327.               FROM users_levels

  328.               WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  329. 

  330.             while (list($UserID) = $DB->next_record()) {

  331.                 $Cache->delete_value("user_info_$UserID");

  332.                 $Cache->delete_value("user_info_heavy_$UserID");

  333.             }

  334.             $DB->query("

  335.               DELETE FROM users_levels

  336.               WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  337. 

  338.             $DB->query("

  339.               SELECT ID

  340.               FROM users_main

  341.               WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  342. 

  343.             while (list($UserID) = $DB->next_record()) {

  344.                 $Cache->delete_value("user_info_$UserID");

  345.                 $Cache->delete_value("user_info_heavy_$UserID");

  346.             }

  347. 

  348.             $DB->query("

  349.               UPDATE users_main

  350.               SET PermissionID = '".USER."'

  351.               WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  352. 

  353.             $Cache->delete_value('classes');

  354.         }

  355. 

  356.         include SERVER_ROOT.'/sections/tools/managers/permissions_list.php';

  357.     }

  358.     break;

  359. 

  360.   case 'ip_ban':

  361.     // todo: Clean up DB table ip_bans

  362.     include SERVER_ROOT.'/sections/tools/managers/bans.php';

  363.     break;

  364. 

  365.   case 'quick_ban':

  366.     include SERVER_ROOT.'/sections/tools/misc/quick_ban.php';

  367.     break;

  368. 

  369.   // Data

  370.   case 'registration_log':

  371.     include SERVER_ROOT.'/sections/tools/data/registration_log.php';

  372.     break;

  373. 

  374.   case 'donation_log':

  375.     include SERVER_ROOT.'/sections/tools/finances/donation_log.php';

  376.     break;

  377. 

  378.   case 'donor_rewards':

  379.     include SERVER_ROOT.'/sections/tools/finances/donor_rewards.php';

  380.     break;

  381. 

  382.   case 'upscale_pool':

  383.     include SERVER_ROOT.'/sections/tools/data/upscale_pool.php';

  384.     break;

  385. 

  386.   case 'invite_pool':

  387.     include SERVER_ROOT.'/sections/tools/data/invite_pool.php';

  388.     break;

  389. 

  390.   case 'torrent_stats':

  391.     include SERVER_ROOT.'/sections/tools/data/torrent_stats.php';

  392.     break;

  393. 

  394.   case 'user_flow':

  395.     include SERVER_ROOT.'/sections/tools/data/user_flow.php';

  396.     break;

  397. 

  398.   case 'economic_stats':

  399.     include SERVER_ROOT.'/sections/tools/data/economic_stats.php';

  400.     break;

  401. 

  402.   case 'service_stats':

  403.     include SERVER_ROOT.'/sections/tools/development/service_stats.php';

  404.     break;

  405. 

  406.   case 'database_specifics':

  407.     include SERVER_ROOT.'/sections/tools/data/database_specifics.php';

  408.     break;

  409. 

  410.   case 'special_users':

  411.     include SERVER_ROOT.'/sections/tools/data/special_users.php';

  412.     break;

  413.   // END Data

  414. 

  415.   // Misc

  416.   case 'dupe_ips':

  417.     include SERVER_ROOT.'/sections/tools/misc/dupe_ip.php';

  418.     break;

  419. 

  420.   case 'clear_cache':

  421.     include SERVER_ROOT.'/sections/tools/development/clear_cache.php';

  422.     break;

  423. 

  424.   case 'create_user':

  425.     include SERVER_ROOT.'/sections/tools/misc/create_user.php';

  426.     break;

  427. 

  428.   case 'manipulate_tree':

  429.     include SERVER_ROOT.'/sections/tools/misc/manipulate_tree.php';

  430.     break;

  431. 

  432.   case 'misc_values':

  433.     include SERVER_ROOT.'/sections/tools/development/misc_values.php';

  434.     break;

  435. 

  436.   case 'recommendations':

  437.     include SERVER_ROOT.'/sections/tools/misc/recommendations.php';

  438.     break;

  439. 

  440.   case 'analysis':

  441.     include SERVER_ROOT.'/sections/tools/misc/analysis.php';

  442.     break;

  443. 

  444.   case 'database_key':

  445.     include SERVER_ROOT.'/sections/tools/misc/database_key.php';

  446.     break;

  447. 

  448.   case 'rerender_gallery':

  449.     include SERVER_ROOT.'/sections/tools/development/rerender_gallery.php';

  450.     break;

  451. 

  452.   case 'mass_pm':

  453.     include SERVER_ROOT.'/sections/tools/managers/mass_pm.php';

  454.     break;

  455. 

  456.   case 'take_mass_pm':

  457.     include SERVER_ROOT.'/sections/tools/managers/take_mass_pm.php';

  458.     break;

  459.     

  460.   default:

  461.     include SERVER_ROOT.'/sections/tools/tools.php';

  462. }