// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
if (!defined("IN_BTIT")) {
die("non direct access!");
}
require_once "include/functions.php";
dbconn(false);
global $CURUSER, $btit_settings, $XBTT_USE;
$id = $_GET["uid"];
if (!$id) {
stderr("Error", "Bad ID!");
}
if ($CURUSER["uid"] == $id) {
$timeout = time() - intval($GLOBALS["report_interval"] + $btit_settings["ghost"]);
$flush = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT pid FROM {$TABLE_PREFIX}users WHERE id ='" . $CURUSER["uid"] . "'");
$update = mysqli_fetch_row($flush);
if ($XBTT_USE) {
quickQuery("UPDATE `xbt_files_users` SET `active`=0 WHERE `mtime` < " . $timeout . " AND `uid`=" . $CURUSER["uid"]);
} else {
quickQuery("DELETE FROM {$TABLE_PREFIX}peers where lastupdate < " . $timeout . " AND pid=" . $update["pid"]);
}
information_msg("Success", "Your Ghost Peers Are Flushed!");
}
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
// DT no TPL file needed - file = 100 done
if (!defined("IN_BTIT")) {
die("non direct access!");
}
global $CURUSER;
if (!$CURUSER || $CURUSER["edit_torrents"] == "no") {
// do nothing
} else {
if (empty($_POST["delreq"])) {
stderr("ERROR", "You must select at least one request to delete.");
stdfoot();
die;
}
$do = "DELETE FROM {$TABLE_PREFIX}requests WHERE id IN (" . implode(", ", $_POST[delreq]) . ")";
$do2 = "DELETE FROM {$TABLE_PREFIX}addedrequests WHERE requestid IN (" . implode(", ", $_POST[delreq]) . ")";
$res2 = mysqli_query($GLOBALS["___mysqli_ston"], $do2);
$res = mysqli_query($GLOBALS["___mysqli_ston"], $do);
information_msg("Request Deleted", "Go back to<a href=index.php?page=viewrequests><b> REQUESTS</a>");
stdfoot();
exit;
}
// this list of conditions and the following disclaimer in the documentation
// and/or other materials provided with the distribution.
// 3. The name of the author may not be used to endorse or promote products
// derived from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
// WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
// DT no TPL file needed - file = 100 done
$requestid = (int) $_GET["requestid"];
$res = mysql_query("SELECT userid, filledby FROM {$TABLE_PREFIX}requests WHERE id ={$requestid}") or sqlerr();
$arr = mysql_fetch_assoc($res);
if ($CURUSER[uid] == $arr[userid] || $CURUSER[uid] == $arr[filledby]) {
@mysql_query("UPDATE {$TABLE_PREFIX}requests SET filled='', filledby=0 WHERE id ={$requestid}") or sqlerr();
information_msg("successfuly reseted", "Request " . $arr[request] . " successfuly reseted.");
stdfoot();
exit;
} else {
stderr("ERROR", "cannot reset a request when you are not the owner");
}
stdfoot();
die;
$headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
$headers .= "From:" . $CURUSER['email'] . "\r\n";
$mailbody = $_POST["content_1"];
$to = "";
$nmax = 1000;
// Max recipients per message
$nthis = 0;
$ntotal = 0;
$total = mysqli_num_rows($res);
while ($arr = mysqli_fetch_row($res)) {
if ($nthis == 0) {
$to = $arr[0];
} else {
$to .= "," . $arr[0];
}
++$nthis;
++$ntotal;
if ($nthis == $nmax || $ntotal == $total) {
if (!mail("Multiple recipients <{$SITEEMAIL}>", "{$subject}", $mailbody, "From: {$SITEEMAIL}\r\nBcc: {$to}", "-f{$SITEEMAIL}")) {
$nthis = 0;
}
}
}
// lett us know if all went fine ( of course it did ;) )
information_msg("Message Sent", "Sent From: {$SITEEMAIL}. Message: {$mailbody}");
stdfoot();
exit;
}
$admintpl->set("subject", "subject");
$admintpl->set("message", "content_1");
$admintpl->set("frm_action", "index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=massemail&action=send_mail");
$res = do_sqlquery("SELECT `f`.`reseed`, `f`.`filename`, `x`.`fid` FROM `{$TABLE_PREFIX}files` `f` INNER JOIN `xbt_files` `x` ON `f`.`bin_hash`=`x`.`info_hash` WHERE `f`.`info_hash`='" . $hash . "'", true);
} else {
$res = do_sqlquery("SELECT `reseed`, `filename` FROM `{$TABLE_PREFIX}files` WHERE `info_hash`='" . $hash . "'", true);
}
if (@mysqli_num_rows($res) == 1) {
$row = mysqli_fetch_assoc($res);
if (time() - $row["reseed"] > 432000) {
$subj = "Reseed Request";
$msg = "At some point in the past you downloaded\n\n[url=" . $BASEURL . "/index.php?page=torrent-details&id=" . $hash . "]" . $row["filename"] . "[/url]\n\nThis torrent no longer has any seeds and " . $CURUSER["username"] . " would like to download it, if you still have those files on your computer please can you join the torrent as a seed.\n\nThank You\n\n[color=red][b]THIS IS AN AUTOMATED SYSTEM MESSAGE SO PLEASE DON'T REPLY[/b][/color]";
if ($XBTT_USE) {
$r = do_sqlquery("SELECT `uid` FROM `xbt_files_users` WHERE `active`=0 AND `completed`=1 AND `fid`='" . $row["fid"] . "' ORDER BY `uid` ASC", true);
} else {
$r = do_sqlquery("SELECT `uid` FROM `{$TABLE_PREFIX}history` WHERE `active`='no' AND `completed`='yes' AND `infohash`='" . $hash . "' ORDER BY `uid` ASC", true);
}
while ($row = mysqli_fetch_array($r)) {
send_pm(0, $row["uid"], sqlesc($subj), sqlesc($msg));
}
do_sqlquery("UPDATE `{$TABLE_PREFIX}files` SET `reseed`=UNIX_TIMESTAMP() WHERE `info_hash`='" . $hash . "'", true);
information_msg("Reseed requested", "A PM has been sent to all members who have completed this torrent.");
stdfoot();
exit;
} else {
err_msg("Reseed Error", "Someone has already done a reseed request on this torrent within the last 5 days.");
stdfoot();
exit;
}
} else {
err_msg($language["ERROR"], $language['INVALID_INFO_HASH']);
stdfoot();
exit;
}
$chk = mysqli_num_rows($qry);
if (!$chk) {
redirect("index.php?page=users");
// redirects to users.php if shit_id not in database
exit;
}
mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}shitlist (user_id, shit_id, shit_name) VALUES ('" . $CURUSER["uid"] . "', '" . $shit_id . "', '" . $res["username"] . "')");
// pm system
if ($btit_settings["pm_shit"] == true) {
send_pm(0, $shit_id, sqlesc('You Are Shit Listed !'), sqlesc($btit_settings["pm_tekst"] . "\n\n [color=red]This is a automatic system message , so DO NOT reply ![/color]"));
}
// demote / promote system
if ($btit_settings["demote"] == true) {
mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET id_level=" . $btit_settings["shit_group"] . " WHERE id=" . $shit_id);
}
information_msg("Shitlisted", "This member is added to the Shitlist!");
redirect("index.php?page=shitlist");
exit;
} elseif ($do == "del") {
$msg = $_GET["id"];
$qrys = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}shitlist WHERE id=\"{$msg}\"");
$couns = mysqli_fetch_array($qrys);
if ($btit_settings["pm_shit"] == true) {
send_pm(0, $couns["shit_id"], sqlesc('You Are No Longer Shit Listed !'), sqlesc($btit_settings["pms_tekst"] . "\n\n [color=red]This is a automatic system message , so DO NOT reply ![/color]"));
}
// demote / promote system
if ($btit_settings["demote"] == true) {
mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET id_level=" . $btit_settings["shit_group_back"] . " WHERE id=" . $couns["shit_id"]);
}
@mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}shitlist WHERE id=\"{$msg}\"");
redirect("index.php?page=shitlist");
stdfoot();
die;
} else {
if ($email == "") {
stderr("Error", "Please enter your email Address!!");
stdfoot();
die;
} else {
if ($message == "") {
stderr("Error", "Please enter a Message !!");
stdfoot();
die;
} else {
$insert = mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}contact_system(name, email, cat, subcat, message, date, ipaddress) VALUES('{$name}', '{$email}', '{$cat}', '{$subcat}', '{$message}', '{$date}', '{$ipaddress}')");
if ($insert) {
information_msg("Send", "Your message was successfully sent to our Staff Team. Please allow up to 32 hours for a response.");
stdfoot();
exit;
} else {
stderr("Error", "<font color=\"red\"><b>There was an error while sending your message.<br><br>Please try again.</b></font>");
stdfoot();
die;
}
}
}
}
}
}
}
} else {
if (isset($CURUSER) && $CURUSER && $CURUSER["uid"] > 1) {
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
if (!defined("IN_BTIT")) {
die("non direct access!");
}
$expectid = (int) $_GET["id"];
$userid = $CURUSER["uid"];
$res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}addedexpected WHERE expectid={$expectid} and userid = {$userid}") or sqlerr();
$arr = mysqli_fetch_assoc($res);
$voted = $arr;
$ress = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}addedexpectedmin WHERE expectid={$expectid} and userid = {$userid}") or sqlerr();
$arrr = mysqli_fetch_assoc($ress);
$votedmin = $arrr;
if ($voted or $votedmin) {
stderr($language["ERROR"], $language["TEXT_DTA"]);
stdfoot();
die;
} else {
mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}expected SET hitsmin = hitsmin + 1 WHERE id={$expectid}") or sqlerr();
@mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}addedexpectedmin VALUES(0, {$expectid}, {$userid})") or sqlerr();
information_msg($language["TEXT_DTB"], $language["TEXT_DTC"]);
stdfoot();
exit;
}
$combo .= 'value="' . $option[$id] . '">' . unesc($option[$value]) . '</option>';
}
if ($complete) {
$combo .= '</select>';
}
return $combo;
}
}
switch ($action) {
case 'save_ok':
success_msg($language['SUCCESS'], 'New user has been added in our database<br /><a href="index.php?page=admin&user='******'uid'] . '&code=' . $CURUSER['random'] . '">' . $language['MNU_ADMINCP'] . '</a>');
stdfoot(true, false);
die;
break;
case 'save_pb':
information_msg($language['SUCCESS'], 'New user has been added in our database<br />but a problem occured sending him the confirm email<br /><a href="index.php?page=admin&user='******'uid'] . '&code=' . $CURUSER['random'] . '">' . $language['MNU_ADMINCP'] . '</a>');
stdfoot(true, false);
die;
break;
case '':
default:
# init options
$opts['name'] = 'level';
$opts['id'] = 'id';
$opts['value'] = 'level';
$opts['complete'] = true;
$opts['default'] = 3;
# rank list
$ranks = rank_list();
$admintpl->set('rank_combo', get_user_combo($ranks, $opts));
# lang list
//
// THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
// WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
if (!defined("IN_BTIT")) {
die("non direct access!");
}
global $CURUSER;
$action = $_GET['action'];
if ($action == 'mod') {
do_sqlquery("UPDATE `{$TABLE_PREFIX}files` SET `moder` = 'ok' WHERE `moder` = 'um'");
header("Location: {$BASEURL}/index.php");
}
if ($CURUSER["id_level"] != 8) {
stderr("error", "No clue what you try to do , but your rank is not be able to do it anyway !!");
stdfoot();
die;
} else {
information_msg("Mass Moderate", "Are you sure you would like to mass moderate ALL unmoderated torrents to OK ?<br><br><form method=post action=index.php?page=massmoderate&action=mod><input type=submit class=btn value=Confirm></form>");
stdfoot();
die;
}
$query .= "WHERE id=" . $CURUSER["uid"];
$res = mysqli_query($GLOBALS["___mysqli_ston"], $query);
$row = mysqli_fetch_assoc($res);
}
if ($row["can_vote"] == "no") {
stderr("ERROR", "You must have a ratio higher than {$minratio} in order to vote");
stdfoot($GLOBALS["usepopup"] ? false : true);
exit;
}
if (isset($row["requester_ids"])) {
$requesters = unserialize($row["requester_ids"]);
if (in_array($CURUSER["uid"], $requesters)) {
stderr("ERROR", "You may only make one request per torrent");
stdfoot($GLOBALS["usepopup"] ? false : true);
exit;
} else {
$requesters[] = $CURUSER["uid"];
$new_requesters = serialize($requesters);
@mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}free_leech_req SET count=count+1, requester_ids='{$new_requesters}' WHERE info_hash='{$id}'");
}
} else {
$requesters[] = $CURUSER["uid"];
$new_requesters = serialize($requesters);
@mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}free_leech_req SET info_hash='{$id}', requester_ids='{$new_requesters}'");
}
information_msg("Thank you for your vote " . $CURUSER["username"] . "", "it has been successfully counted");
// print("</div><center><a href=\"javascript: history.go(-1);\">".BACK."</a>");
stdfoot();
exit;
}
}
}
$username = $CURUSER["username"];
// to top
$pr = $btit_settings["touppr"];
$u = $CURUSER["seedbonus"];
$toperdetop = $_POST["top"];
if (isset($toperdetop) and $btit_settings["toup"] == true and $CURUSER["edit_users"] == "no" and $u > $pr) {
mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET seedbonus=seedbonus-{$pr} WHERE id=" . $CURUSER["uid"]);
do_sqlquery("UPDATE {$TABLE_PREFIX}files SET data=now() WHERE info_hash='" . $hash . "'", true);
}
if ($hash != "" && $action == "up") {
if ($CURUSER["edit_users"] == "yes") {
do_sqlquery("UPDATE {$TABLE_PREFIX}files SET data=now() WHERE info_hash='" . $hash . "'", true);
} else {
if ($u > $pr) {
information_msg("Are you sure", "Are you sure you want to echange {$pr} SB points to get this torrent back to top ? <form method=post action=index.php?page=torrents><input type=hidden name=top ><p></p><input type=submit class=btn value=Confirm></form>");
stdfoot();
exit;
} else {
stderr("error", "You have to less SB to set this torrent back to top , you need {$pr} SB points for that");
stdfoot();
exit;
}
}
}
// to top end
if ($hash != "" && $action == "add" && $CURUSER["edit_users"] == "yes") {
$affected = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}recommended WHERE info_hash=\"{$hash}\"");
if (mysqli_num_rows(mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}recommended")) > 9) {
stderr("Too many torrents added!", "Remove some before add more!");
stdfoot();
die("non direct access!");
}
$ratiofix = $_POST["ratio"];
if (isset($ratiofix)) {
if ($XBTT_USE) {
$uid = "uid";
$table = "xbt_users";
} else {
$uid = "id";
$table = "{$TABLE_PREFIX}users";
}
$query = "SELECT {$uid}, uploaded, downloaded, uploaded / downloaded AS ratio FROM {$table} WHERE uploaded / downloaded <1 ";
$ratio_defects = get_result($query, true);
$count_r = count($ratio_defects);
if ($count_r < 1) {
stderr("Good,", "No user with a ratio under 1 detected ");
stdfoot();
exit;
} else {
foreach ($ratio_defects as $morons) {
do_sqlquery("UPDATE " . $table . " SET uploaded = " . $morons['downloaded'] . " WHERE " . $uid . "= " . $morons[$uid] . "", true);
echo "fixing ratio of user ID " . $morons[$uid] . "<br>";
}
stderr("Done,", "Total " . $count_r . " users with ratio less than 1 detected and fixed");
stdfoot();
exit;
}
}
information_msg("Are you sure", "Are you sure you want to set all users ratio under 1 to 1 ? <form method=post action=index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=ratio_fix><input type=hidden name=ratio ><p></p><input type=submit class=btn value=Confirm></form>");
stdfoot();
exit;
exit;
}
$arr = mysqli_fetch_assoc($res);
$zap = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id_level FROM {$TABLE_PREFIX}users_level WHERE id = {$arr['id_level']}");
$wyn = mysqli_fetch_array($zap);
if ($wyn["id_level"] > 5) {
stderr("report error", "Staff can't be reported");
stdfoot();
exit;
} elseif ($reporter == $user) {
stderr("report error", "you can't report yourself");
stdfoot();
exit;
} else {
information_msg("Report User", "Are you sure you would like to report user <br><br><a href=index.php?page=userdetails&id={$arr['id']}><b>{$arr['username']}</b></a>?<br><br>Please note, this is <b>not</b> to be used to report Hit & Run , this is done by the tracker itself<br><br><b>Reason</b><form method=post action=index.php?page=report><input type=hidden name=user value={$user}><input type=text size=100 name=reason><p></p><input type=submit class=btn value=Confirm></form>");
stdfoot();
exit;
}
}
if (isset($torrent)) {
$res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT filename FROM {$TABLE_PREFIX}files WHERE info_hash='{$torrent}'");
if (mysqli_num_rows($res) == 0) {
stderr("report error", "Invalid TorrentID {$torrent}");
stdfoot();
exit;
}
$arr = mysqli_fetch_array($res);
information_msg("Torrent Report", "Are you sure you would like to report torrent <br><br><a href=index.php?page=details&id={$torrent}><b>{$arr['filename']}</b></a>?<br><br><b>Reason</b><form method=post action=index.php?page=report><input type=hidden name=torrent value={$torrent}><input type=text size=100 name=reason><p></p><input type=submit class=btn value=Confirm></form>");
stdfoot();
exit;
}
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
ob_start();
$action = isset($_GET["action"]) ? htmlentities($_GET["action"]) : ($action = '');
$user = isset($_GET["user"]) && is_numeric($_GET["user"]) ? intval(0 + $_GET["user"]) : ($user = 0);
if ($CURUSER["delete_users"] != "yes") {
die;
}
switch ($action) {
case 'all':
information_msg("Hold on", "Are you sure you want to empty all hit n runs? <a href='index.php?page=modules&module=hitnrun_cleaner&action=all_yes'>Yes</a> <a href='javascript:history.back();'>No</a>");
break;
case 'user_all':
if ($user > 0) {
do_sqlquery("UPDATE `{$TABLE_PREFIX}history` SET `hit`='no' WHERE `uid`=" . $user . ";", true);
header("refresh:6;url=index.php?page=modules&module=hitnrun_cleaner");
success_msg("Done", "The user should have none now!");
}
break;
case 'all_yes':
do_sqlquery("UPDATE `{$TABLE_PREFIX}history` SET `hit`='no' WHERE `uid`>1;", true);
header("refresh:6;url=index.php?page=modules&module=hitnrun_cleaner");
success_msg("Done", "All hit n runs cleared! :O");
break;
case '':
?>
$postid = intval(0 + $_GET["postid"]);
$forumid = intval(0 + $_GET["forumid"]);
if (isset($_GET["sure"]) && $_GET["sure"]) {
$sure = htmlspecialchars($_GET["sure"]);
} else {
$sure = "";
}
if ($CURUSER["delete_forum"] != "yes" || !is_valid_id($postid)) {
stderr($language["ERROR"], $language["ERR_FORUM_TOPIC"]);
}
//------- Get topic id
$res = do_sqlquery("SELECT (SELECT COUNT(*) FROM {$TABLE_PREFIX}posts WHERE topicid=p.topicid) as total_posts,topicid FROM {$TABLE_PREFIX}posts p WHERE id={$postid}", true);
$arr = mysql_fetch_assoc($res) or stderr($language["ERROR"], $language["ERR_POST_NOT_FOUND"]);
$topicid = intval($arr["topicid"]);
if ($arr["total_posts"] < 2) {
information_msg($language["FRM_CONFIRM"] . "?", $language["ERR_POST_UNIQUE"] . " <a href=\"index.php?page=forum&action=deletetopic&topicid={$topicid}&sure=1&forumid={$forumid}\">" . $language["ERR_POST_UNIQUE_2"] . "</a> " . $language["ERR_POST_UNIQUE_3"]);
}
if (!$sure) {
information_msg($language["FRM_CONFIRM"] . "?", $language["ERR_DELETE_POST"] . " <a href=\"index.php?page=forum&action=deletepost&postid={$postid}&sure=1&forumid={$forumid}\">" . $language["HERE"] . "</a> " . $language["IF_YOU_ARE_SURE"] . "<br />");
}
//------- Delete post
do_sqlquery("DELETE FROM {$TABLE_PREFIX}posts WHERE id={$postid}", true);
$numposts = mysql_affected_rows();
// update post's count
do_sqlquery("UPDATE {$TABLE_PREFIX}forums SET postcount=postcount-{$numposts} WHERE id={$forumid}");
// update last topic's post
do_sqlquery("UPDATE {$TABLE_PREFIX}topics SET lastpost=(SELECT MAX(id) FROM {$TABLE_PREFIX}posts WHERE topicid={$topicid}) WHERE id={$topicid}", true);
redirect("index.php?page=forum&action=viewtopic&topicid={$topicid}");
die;
break;
}
// derived from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
// WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
// DT no TPL file needed - file = 100 done
$requestid = (int) $_GET["id"];
$userid = (int) $CURUSER["uid"];
$res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}addedrequests WHERE requestid={$requestid} and userid = {$userid}") or sqlerr();
$arr = mysqli_fetch_assoc($res);
$voted = $arr;
if ($voted) {
stderr("ERROR", "<p>You've already voted for this request, only 1 vote for each request is allowed</p><p>Back to <a href=index.php?page=viewrequests><b>view requests</b></a></p>");
stdfoot();
die;
} else {
mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}requests SET hits = hits + 1 WHERE id={$requestid}") or sqlerr();
@mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}addedrequests VALUES(0, {$requestid}, {$userid})") or sqlerr();
information_msg("Successfully voted", "<p>Successfully voted for request {$requestid}</p><p>Back to <a href=index.php?page=viewrequests><b>view requests</b></a></p>");
stdfoot();
exit;
}
$link = "{$BASEURL}/rss_torrents.php";
if ($_POST['feed'] == "dl") {
$query[] = "feed=dl";
}
foreach ($_POST['cat'] as $cat) {
$query[] = "cat[]={$cat}";
}
$row = get_result("SELECT pid FROM {$TABLE_PREFIX}users WHERE id=" . $CURUSER['uid'], true, $btit_settings['cache_duration']);
$pid = $row[0]["pid"];
$query[] = "pid={$pid}";
$queries = implode("&", $query);
if ($queries) {
$link .= "?{$queries}";
}
if ($_POST['feed'] == "dl") {
information_msg("RSS Link", "Use the following url in your RSS reader:<br><b>{$link}</b><br>");
stdfoot();
exit;
} else {
header("Refresh: 0; url=" . $link . "");
}
}
?>
<script type="text/javascript" language="JavaScript">
<!-- Begin
var checkflag = "false";
function check(formObj, field)
{
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
if (!defined("IN_BTIT")) {
die("non direct access!");
}
require_once "include/functions.php";
require_once "include/config.php";
dbconn();
global $CURUSER;
if (!$CURUSER || $CURUSER["can_upload"] == "no") {
// do nothing
} else {
if (empty($_POST["delexpect"])) {
stderr($language["ERROR"], $language["MUST_SEL_EXP"]);
stdfoot();
die;
}
$do = "DELETE FROM {$TABLE_PREFIX}expected WHERE id IN (" . implode(", ", $_POST[delexpect]) . ")";
$res = mysqli_query($GLOBALS["___mysqli_ston"], $do);
information_msg($language["SUCCESS"], $language["RETURN_EXPECT"] . " " . $language["EXPECTED"]);
stdfoot();
exit;
}
