/**
* Edit a comment
* @param int $PostID
* @param string $NewBody
* @param bool $SendPM If true, send a PM to the author of the comment informing him about the edit
* @todo move permission check out of here/remove hardcoded error(404)
*/
public static function edit($PostID, $NewBody, $SendPM = false)
{
$QueryID = G::$DB->get_query_id();
G::$DB->query("\n\t\t\tSELECT\n\t\t\t\tBody,\n\t\t\t\tAuthorID,\n\t\t\t\tPage,\n\t\t\t\tPageID,\n\t\t\t\tAddedTime\n\t\t\tFROM comments\n\t\t\tWHERE ID = {$PostID}");
if (!G::$DB->has_results()) {
return false;
}
list($OldBody, $AuthorID, $Page, $PageID, $AddedTime) = G::$DB->next_record();
if (G::$LoggedUser['ID'] != $AuthorID && !check_perms('site_moderate_forums')) {
return false;
}
G::$DB->query("\n\t\t\tSELECT CEIL(COUNT(ID) / " . TORRENT_COMMENTS_PER_PAGE . ") AS Page\n\t\t\tFROM comments\n\t\t\tWHERE Page = '{$Page}'\n\t\t\t\tAND PageID = {$PageID}\n\t\t\t\tAND ID <= {$PostID}");
list($CommPage) = G::$DB->next_record();
// Perform the update
G::$DB->query("\n\t\t\tUPDATE comments\n\t\t\tSET\n\t\t\t\tBody = '" . db_string($NewBody) . "',\n\t\t\t\tEditedUserID = " . G::$LoggedUser['ID'] . ",\n\t\t\t\tEditedTime = '" . sqltime() . "'\n\t\t\tWHERE ID = {$PostID}");
// Update the cache
$CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE * $CommPage - TORRENT_COMMENTS_PER_PAGE) / THREAD_CATALOGUE);
G::$Cache->delete_value($Page . '_comments_' . $PageID . '_catalogue_' . $CatalogueID);
if ($Page == 'collages') {
// On collages, we also need to clear the collage key (collage_$CollageID), because it has the comments in it... (why??)
G::$Cache->delete_value('collage_' . $PageID);
}
G::$DB->query("\n\t\t\tINSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)\n\t\t\tVALUES ('{$Page}', {$PostID}, " . G::$LoggedUser['ID'] . ", '" . sqltime() . "', '" . db_string($OldBody) . "')");
G::$DB->set_query_id($QueryID);
if ($SendPM && G::$LoggedUser['ID'] != $AuthorID) {
// Send a PM to the user to notify them of the edit
$PMSubject = "Your comment #{$PostID} has been edited";
$PMurl = site_url() . "comments.php?action=jump&postid={$PostID}";
$ProfLink = '[url=' . site_url() . 'user.php?id=' . G::$LoggedUser['ID'] . ']' . G::$LoggedUser['Username'] . '[/url]';
$PMBody = "One of your comments has been edited by {$ProfLink}: [url]{$PMurl}[/url]";
Misc::send_pm($AuthorID, 0, $PMSubject, $PMBody);
}
return true;
// TODO: this should reflect whether or not the update was actually successful, e.g. by checking G::$DB->affected_rows after the UPDATE query
}
function reset_image($UserID, $Type, $AdminComment, $PrivMessage)
{
if ($Type === 'avatar') {
$CacheKey = "user_info_{$UserID}";
$DBTable = 'users_info';
$DBColumn = 'Avatar';
$PMSubject = 'Your avatar has been automatically reset';
} elseif ($Type === 'avatar2') {
$CacheKey = "donor_info_{$UserID}";
$DBTable = 'donor_rewards';
$DBColumn = 'SecondAvatar';
$PMSubject = 'Your second avatar has been automatically reset';
} elseif ($Type === 'donoricon') {
$CacheKey = "donor_info_{$UserID}";
$DBTable = 'donor_rewards';
$DBColumn = 'CustomIcon';
$PMSubject = 'Your donor icon has been automatically reset';
}
$UserInfo = G::$Cache->get_value($CacheKey, true);
if ($UserInfo !== false) {
if ($UserInfo[$DBColumn] === '') {
// This image has already been reset
return;
}
$UserInfo[$DBColumn] = '';
G::$Cache->cache_value($CacheKey, $UserInfo, 2592000);
// cache for 30 days
}
// reset the avatar or donor icon URL
G::$DB->query("\n\t\tUPDATE {$DBTable}\n\t\tSET {$DBColumn} = ''\n\t\tWHERE UserID = '{$UserID}'");
// write comment to staff notes
G::$DB->query("\n\t\tUPDATE users_info\n\t\tSET AdminComment = CONCAT('" . sqltime() . ' - ' . db_string($AdminComment) . "\n\n', AdminComment)\n\t\tWHERE UserID = '{$UserID}'");
// clear cache keys
G::$Cache->delete_value($CacheKey);
Misc::send_pm($UserID, 0, $PMSubject, $PrivMessage);
}
/**
* Warn a user.
*
* @param int $UserID
* @param int $Duration length of warning in seconds
* @param string $reason
*/
public static function warn_user($UserID, $Duration, $Reason)
{
global $Time;
$QueryID = G::$DB->get_query_id();
G::$DB->query("\n\t\t\tSELECT Warned\n\t\t\tFROM users_info\n\t\t\tWHERE UserID = {$UserID}\n\t\t\t\tAND Warned != '0000-00-00 00:00:00'");
if (G::$DB->has_results()) {
//User was already warned, appending new warning to old.
list($OldDate) = G::$DB->next_record();
$NewExpDate = date('Y-m-d H:i:s', strtotime($OldDate) + $Duration);
Misc::send_pm($UserID, 0, 'You have received multiple warnings.', "When you received your latest warning (set to expire on " . date('Y-m-d', time() + $Duration) . '), you already had a different warning (set to expire on ' . date('Y-m-d', strtotime($OldDate)) . ").\n\n Due to this collision, your warning status will now expire at {$NewExpDate}.");
$AdminComment = date('Y-m-d') . " - Warning (Clash) extended to expire at {$NewExpDate} by " . G::$LoggedUser['Username'] . "\nReason: {$Reason}\n\n";
G::$DB->query('
UPDATE users_info
SET
Warned = \'' . db_string($NewExpDate) . '\',
WarnedTimes = WarnedTimes + 1,
AdminComment = CONCAT(\'' . db_string($AdminComment) . '\', AdminComment)
WHERE UserID = \'' . db_string($UserID) . '\'');
} else {
//Not changing, user was not already warned
$WarnTime = time_plus($Duration);
G::$Cache->begin_transaction("user_info_{$UserID}");
G::$Cache->update_row(false, array('Warned' => $WarnTime));
G::$Cache->commit_transaction(0);
$AdminComment = date('Y-m-d') . " - Warned until {$WarnTime} by " . G::$LoggedUser['Username'] . "\nReason: {$Reason}\n\n";
G::$DB->query('
UPDATE users_info
SET
Warned = \'' . db_string($WarnTime) . '\',
WarnedTimes = WarnedTimes + 1,
AdminComment = CONCAT(\'' . db_string($AdminComment) . '\', AdminComment)
WHERE UserID = \'' . db_string($UserID) . '\'');
}
G::$DB->set_query_id($QueryID);
}
$URL = site_url() . "forums.php?action=viewthread&postid={$PostID}#post{$PostID}";
if ($WarningLength !== 'verbal') {
$Time = (int) $WarningLength * (7 * 24 * 60 * 60);
Tools::warn_user($UserID, $Time, "{$URL} - {$Reason}");
$Subject = 'You have received a warning';
$PrivateMessage = "You have received a {$WarningLength} week warning for [url={$URL}]this post[/url].\n\n" . $PrivateMessage;
$WarnTime = time_plus($Time);
$AdminComment = date('Y-m-d') . " - Warned until {$WarnTime} by " . $LoggedUser['Username'] . " for {$URL}\nReason: {$Reason}\n\n";
} else {
$Subject = 'You have received a verbal warning';
$PrivateMessage = "You have received a verbal warning for [url={$URL}]this post[/url].\n\n" . $PrivateMessage;
$AdminComment = date('Y-m-d') . ' - Verbally warned by ' . $LoggedUser['Username'] . " for {$URL}\nReason: {$Reason}\n\n";
Tools::update_user_notes($UserID, $AdminComment);
}
$DB->query("\n\tINSERT INTO users_warnings_forums\n\t\t(UserID, Comment)\n\tVALUES\n\t\t('{$UserID}', '" . db_string($AdminComment) . "')\n\tON DUPLICATE KEY UPDATE\n\t\tComment = CONCAT('" . db_string($AdminComment) . "', Comment)");
Misc::send_pm($UserID, $LoggedUser['ID'], $Subject, $PrivateMessage);
//edit the post
$DB->query("\n\tSELECT\n\t\tp.Body,\n\t\tp.AuthorID,\n\t\tp.TopicID,\n\t\tt.ForumID,\n\t\tCEIL(\n\t\t\t(\n\t\t\t\tSELECT COUNT(p2.ID)\n\t\t\t\tFROM forums_posts AS p2\n\t\t\t\tWHERE p2.TopicID = p.TopicID\n\t\t\t\t\tAND p2.ID <= '{$PostID}'\n\t\t\t) / " . POSTS_PER_PAGE . "\n\t\t) AS Page\n\tFROM forums_posts AS p\n\t\tJOIN forums_topics AS t ON p.TopicID = t.ID\n\t\tJOIN forums AS f ON t.ForumID = f.ID\n\tWHERE p.ID = '{$PostID}'");
list($OldBody, $AuthorID, $TopicID, $ForumID, $Page) = $DB->next_record();
// Perform the update
$DB->query("\n\tUPDATE forums_posts\n\tSET Body = '" . db_string($Body) . "',\n\t\tEditedUserID = '{$UserID}',\n\t\tEditedTime = '{$SQLTime}'\n\tWHERE ID = '{$PostID}'");
$CatalogueID = floor((POSTS_PER_PAGE * $Page - POSTS_PER_PAGE) / THREAD_CATALOGUE);
$Cache->begin_transaction("thread_{$TopicID}" . "_catalogue_{$CatalogueID}");
if ($Cache->MemcacheDBArray[$Key]['ID'] != $PostID) {
$Cache->cancel_transaction();
$Cache->delete_value("thread_{$TopicID}" . "_catalogue_{$CatalogueID}");
//just clear the cache for would be cache-screwer-uppers
} else {
$Cache->update_row($Key, array('ID' => $Cache->MemcacheDBArray[$Key]['ID'], 'AuthorID' => $Cache->MemcacheDBArray[$Key]['AuthorID'], 'AddedTime' => $Cache->MemcacheDBArray[$Key]['AddedTime'], 'Body' => $Body, 'EditedUserID' => $LoggedUser['ID'], 'EditedTime' => $SQLTime, 'Username' => $LoggedUser['Username']));
$Cache->commit_transaction(3600 * 24 * 5);
}
$usersToNotify = array();
$DB->query("\n\tSELECT s.uid AS id, MAX(s.tstamp) AS tstamp\n\tFROM xbt_snatched as s\n\tINNER JOIN users_main as u\n\tON s.uid = u.ID\n\tWHERE s.fid = '{$TorrentID}'\n\tAND u.Enabled = '1'\n\tGROUP BY s.uid\n ORDER BY tstamp DESC\n\tLIMIT 100");
if ($DB->has_results()) {
$Users = $DB->to_array();
foreach ($Users as $User) {
$UserID = $User['id'];
$TimeStamp = $User['tstamp'];
$usersToNotify[$UserID] = array("snatched", $TimeStamp);
}
}
$usersToNotify[$UploaderID] = array("uploaded", strtotime($UploadedTime));
foreach ($usersToNotify as $UserID => $info) {
$Username = Users::user_info($UserID)['Username'];
list($action, $TimeStamp) = $info;
$Request = "Hi {$Username},\n\nThe user [url=" . site_url() . "user.php?id={$LoggedUser['ID']}]{$LoggedUser['Username']}[/url] has requested a re-seed for the torrent [url=" . site_url() . "torrents.php?id={$GroupID}&torrentid={$TorrentID}]{$Name}[/url], which you " . $action . " on " . date('M d Y', $TimeStamp) . ". The torrent is now un-seeded, and we need your help to resurrect it!\n\nThe exact process for re-seeding a torrent is slightly different for each client, but the concept is the same. The idea is to download the torrent file and open it in your client, and point your client to the location where the data files are, then initiate a hash check.\n\nThanks!";
Misc::send_pm($UserID, 0, "Re-seed request for torrent {$Name}", $Request);
}
$NumUsers = count($usersToNotify);
View::show_header();
?>
<div class="thin">
<div class="header">
<h2>Successfully sent re-seed request</h2>
</div>
<div class="box pad thin">
<p style="color: black;">Successfully sent re-seed request for torrent <a href="torrents.php?id=<?php
echo $GroupID;
?>
&torrentid=<?php
echo $TorrentID;
?>
$PM .= "Reason: {$Preset}\n\n";
}
if ($Warning > 0) {
$PM .= "This has resulted in a [url=" . site_url() . "wiki.php?action=article&id=218]{$Warning} week warning.[/url]\n\n";
}
if ($Upload) {
$PM .= 'This has ' . ($Warning > 0 ? 'also ' : '') . "resulted in the loss of your upload privileges.\n\n";
}
if ($Log) {
$PM .= "Log Message: {$Log}\n\n";
}
if ($Escaped['uploader_pm']) {
$PM .= "Message from " . $LoggedUser['Username'] . ": {$PMMessage}\n\n";
}
$PM .= "Report was handled by [user]" . $LoggedUser['Username'] . '[/user].';
Misc::send_pm($UploaderID, 0, $Escaped['raw_name'], $PM);
}
$Cache->delete_value("reports_torrent_{$TorrentID}");
// Now we've done everything, update the DB with values
if ($Report) {
$DB->query("\n\t\t\tUPDATE reportsv2\n\t\t\tSET\n\t\t\t\tType = '" . $Escaped['resolve_type'] . "',\n\t\t\t\tLogMessage = '" . db_string($Log) . "',\n\t\t\t\tModComment = '" . $Escaped['comment'] . "'\n\t\t\tWHERE ID = {$ReportID}");
}
} else {
// Someone beat us to it. Inform the staffer.
?>
<a href="reportsv2.php?view=report&id=<?php
echo $ReportID;
?>
">Somebody has already resolved this report</a>
<input type="button" value="Clear" onclick="ClearReport(<?php
echo $ReportID;
//Do we need to get artists?
if ($CategoryName === 'Music') {
$ArtistForm = Requests::get_artists($RequestID);
$ArtistName = Artists::display_artists($ArtistForm, false, true);
$FullName = $ArtistName . $Title;
} else {
$FullName = $Title;
}
// Delete request, votes and tags
$DB->query("DELETE FROM requests WHERE ID = '{$RequestID}'");
$DB->query("DELETE FROM requests_votes WHERE RequestID = '{$RequestID}'");
$DB->query("DELETE FROM requests_tags WHERE RequestID = '{$RequestID}'");
Comments::delete_page('requests', $RequestID);
$DB->query("\n\tSELECT ArtistID\n\tFROM requests_artists\n\tWHERE RequestID = {$RequestID}");
$RequestArtists = $DB->to_array();
foreach ($RequestArtists as $RequestArtist) {
$Cache->delete_value("artists_requests_{$RequestArtist}");
}
$DB->query("\n\tDELETE FROM requests_artists\n\tWHERE RequestID = '{$RequestID}'");
$Cache->delete_value("request_artists_{$RequestID}");
G::$DB->query("\n\tREPLACE INTO sphinx_requests_delta\n\t\t(ID)\n\tVALUES\n\t\t({$RequestID})");
if ($UserID != $LoggedUser['ID']) {
Misc::send_pm($UserID, 0, 'A request you created has been deleted', "The request \"{$FullName}\" was deleted by [url=" . site_url() . 'user.php?id=' . $LoggedUser['ID'] . ']' . $LoggedUser['Username'] . '[/url] for the reason: [quote]' . $_POST['reason'] . '[/quote]');
}
Misc::write_log("Request {$RequestID} ({$FullName}) was deleted by user " . $LoggedUser['ID'] . ' (' . $LoggedUser['Username'] . ') for the reason: ' . $_POST['reason']);
$Cache->delete_value("request_{$RequestID}");
$Cache->delete_value("request_votes_{$RequestID}");
if ($GroupID) {
$Cache->delete_value("requests_group_{$GroupID}");
}
header('Location: requests.php');
<?php
set_time_limit(0);
authorize();
if (!check_perms("users_mod")) {
error(403);
}
if (!is_number($_POST['class_id']) || empty($_POST['subject']) || empty($_POST['body'])) {
error("Error in message form");
}
$PermissionID = $_POST['class_id'];
$Subject = $_POST['subject'];
$Body = $_POST['body'];
$FromID = empty($_POST['from_system']) ? G::$LoggedUser['ID'] : 0;
G::$DB->query("\n\t\t\t\t(SELECT ID AS UserID FROM users_main WHERE PermissionID = '{$PermissionID}' AND ID != '{$FromID}') UNION (SELECT UserID FROM users_levels WHERE PermissionID = '{$PermissionID}' AND UserID != '{$FromID}')");
while (list($UserID) = G::$DB->next_record()) {
Misc::send_pm($UserID, $FromID, $Subject, $Body);
}
header("Location: tools.php");
}
}
if ($DisableIRC != $Cur['DisableIRC'] && check_perms('users_disable_any')) {
$UpdateSet[] = "DisableIRC = '{$DisableIRC}'";
$EditSummary[] = 'IRC privileges ' . ($DisableIRC ? 'disabled' : 'enabled');
$HeavyUpdates['DisableIRC'] = $DisableIRC;
if (!empty($UserReason)) {
Misc::send_pm($UserID, 0, 'Your IRC privileges have been disabled', "Your IRC privileges have been disabled. The reason given was: [quote]{$UserReason}[/quote] If you would like to discuss this, please join " . BOT_DISABLED_CHAN . ' on our IRC network. Instructions can be found [url=' . site_url() . 'wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. This loss of privileges does not affect the ability to join and talk to staff in ' . BOT_DISABLED_CHAN . '.');
}
}
if ($DisableRequests != $Cur['DisableRequests'] && check_perms('users_disable_any')) {
$UpdateSet[] = "DisableRequests = '{$DisableRequests}'";
$EditSummary[] = 'request privileges ' . ($DisableRequests ? 'disabled' : 'enabled');
$HeavyUpdates['DisableRequests'] = $DisableRequests;
if (!empty($UserReason)) {
Misc::send_pm($UserID, 0, 'Your request privileges have been disabled', "Your request privileges have been disabled. The reason given was: [quote]{$UserReason}[/quote] If you would like to discuss this, please join " . BOT_DISABLED_CHAN . ' on our IRC network. Instructions can be found [url=' . site_url() . 'wiki.php?action=article&name=IRC+-+How+to+join]here[/url].');
}
}
if ($EnableUser != $Cur['Enabled'] && check_perms('users_disable_users')) {
$EnableStr = 'account ' . translateUserStatus($Cur['Enabled']) . '->' . translateUserStatus($EnableUser);
if ($EnableUser == '2') {
Tools::disable_users($UserID, '', 1);
$TrackerUserUpdates = array();
} elseif ($EnableUser == '1') {
$Cache->increment('stats_user_count');
$VisibleTrIP = $Visible && $Cur['IP'] != '127.0.0.1' ? '1' : '0';
Tracker::update_tracker('add_user', array('id' => $UserID, 'passkey' => $Cur['torrent_pass'], 'visible' => $VisibleTrIP));
if ($Cur['Downloaded'] == 0 || $Cur['Uploaded'] / $Cur['Downloaded'] >= $Cur['RequiredRatio']) {
$UpdateSet[] = "i.RatioWatchEnds = '0000-00-00 00:00:00'";
$CanLeech = 1;
$UpdateSet[] = "m.can_leech = '1'";
private static function calculate_special_rank($UserID)
{
$UserID = (int) $UserID;
$QueryID = G::$DB->get_query_id();
// Are they are special?
G::$DB->query("\n\t\t\tSELECT TotalRank, SpecialRank\n\t\t\tFROM users_donor_ranks\n\t\t\tWHERE UserID = '{$UserID}'");
if (G::$DB->has_results()) {
// Adjust their special rank depending on the total rank.
list($TotalRank, $SpecialRank) = G::$DB->next_record();
if ($TotalRank < 10) {
$SpecialRank = 0;
}
if ($SpecialRank < 1 && $TotalRank >= 10) {
Misc::send_pm($UserID, 0, "You've Reached Special Donor Rank #1! You've Earned: One User Pick. Details Inside.", self::get_special_rank_one_pm());
$SpecialRank = 1;
}
if ($SpecialRank < 2 && $TotalRank >= 20) {
Misc::send_pm($UserID, 0, "You've Reached Special Donor Rank #2! You've Earned: The Double-Avatar. Details Inside.", self::get_special_rank_two_pm());
$SpecialRank = 2;
}
if ($SpecialRank < 3 && $TotalRank >= 50) {
Misc::send_pm($UserID, 0, "You've Reached Special Donor Rank #3! You've Earned: Diamond Rank. Details Inside.", self::get_special_rank_three_pm());
$SpecialRank = 3;
}
// Make them special
G::$DB->query("\n\t\t\t\tUPDATE users_donor_ranks\n\t\t\t\tSET SpecialRank = '{$SpecialRank}'\n\t\t\t\tWHERE UserID = '{$UserID}'");
G::$Cache->delete_value("donor_info_{$UserID}");
}
G::$DB->set_query_id($QueryID);
}
}
$DB->query("\n\t\tSELECT UserID\n\t\tFROM pm_conversations_users\n\t\tWHERE UserID = '{$LoggedUser['ID']}'\n\t\t\tAND ConvID = '{$ConvID}'");
if (!$DB->has_results()) {
error(403);
}
} else {
$ConvID = '';
if (!is_number($_POST['toid'])) {
$Err = 'This recipient does not exist.';
} else {
$ToID = $_POST['toid'];
}
$Subject = trim($_POST['subject']);
if (empty($Subject)) {
$Err = 'You cannot send a message without a subject.';
}
}
$Body = trim($_POST['body']);
if ($Body === '' || $Body === false) {
$Err = 'You cannot send a message without a body.';
}
if (!empty($Err)) {
error($Err);
//header('Location: inbox.php?action=compose&to='.$_POST['toid']);
$ToID = $_POST['toid'];
$Return = true;
include SERVER_ROOT . '/sections/inbox/compose.php';
die;
}
$ConvID = Misc::send_pm($ToID, $LoggedUser['ID'], $Subject, $Body, $ConvID);
header('Location: ' . Inbox::get_inbox_link());
die;
}
$Type = strtolower($Type);
$Link = '';
// "a" vs "an", english language is so confusing.
// https://en.wikipedia.org/wiki/English_articles#Distinction_between_a_and_an
$Article = 'a';
switch ($Type) {
case 'torrent':
$Link = "torrents.php?id={$ID}";
$DB->query("\n\t\t\tSELECT Name\n\t\t\tFROM torrents_group\n\t\t\tWHERE ID = '{$ID}'");
break;
case 'artist':
$Article = 'an';
$Link = "artist.php?id={$ID}";
$DB->query("\n\t\t\tSELECT Name\n\t\t\tFROM artists_group\n\t\t\tWHERE ArtistID = '{$ID}'");
break;
case 'collage':
$Link = "collages.php?id={$ID}";
$DB->query("\n\t\t\tSELECT Name\n\t\t\tFROM collages\n\t\t\tWHERE ID = '{$ID}'");
break;
}
list($Name) = $DB->next_record();
$Subject = $LoggedUser['Username'] . " recommended you {$Article} {$Type}!";
$Body = $LoggedUser['Username'] . " recommended you the {$Type} [url=" . site_url() . "{$Link}]{$Name}" . '[/url].';
if (!empty($Note)) {
$Body = "{$Body}\n\n{$Note}";
}
Misc::send_pm($FriendID, $LoggedUser['ID'], $Subject, $Body);
echo json_encode(array('status' => 'success', 'response' => 'Sent!'));
die;
}
if (!isset($_POST['from_delete'])) {
$Report = true;
} elseif (!is_number($_POST['from_delete'])) {
echo 'Hax occurred in from_delete';
}
if ($Recipient == 'Uploader') {
$ToID = $_POST['uploaderid'];
if ($Report) {
$Message = "You uploaded [url=" . site_url() . "torrents.php?torrentid={$TorrentID}]the above torrent[/url]. It has been reported for the reason: " . $ReportType['title'] . "\n\n{$Message}";
} else {
$Message = "I am PMing you as you are the uploader of [url=" . site_url() . "torrents.php?torrentid={$TorrentID}]the above torrent[/url].\n\n{$Message}";
}
} elseif ($Recipient == 'Reporter') {
$ToID = $_POST['reporterid'];
$Message = "You reported [url=" . site_url() . "torrents.php?torrentid={$TorrentID}]the above torrent[/url] for the reason " . $ReportType['title'] . ":\n[quote]" . $_POST['report_reason'] . "[/quote]\n{$Message}";
} else {
$Err = "Something went horribly wrong";
}
$Subject = $_POST['raw_name'];
if (!is_number($ToID)) {
$Err = "Haxx occurring, non-number present";
}
if ($ToID == $LoggedUser['ID']) {
$Err = "That's you!";
}
if (isset($Err)) {
echo $Err;
} else {
Misc::send_pm($ToID, $LoggedUser['ID'], $Subject, $Message);
}
//******************************************************************************//
//--------------- Validate data in edit form -----------------------------------//
// FIXME: Still need a better perm name
if (!check_perms('site_moderate_requests')) {
error(403);
}
$Validate->SetFields('torrentid', '1', 'number', 'Invalid torrent ID.', array('maxlength' => 1000000000, 'minlength' => 1));
// we shouldn't have torrent IDs higher than a billion
$Validate->SetFields('groupid', '1', 'number', 'Invalid group ID.', array('maxlength' => 1000000000, 'minlength' => 1));
// we shouldn't have group IDs higher than a billion either
$Validate->SetFields('subject', '0', 'string', 'Invalid subject.', array('maxlength' => 1000, 'minlength' => 1));
$Validate->SetFields('message', '0', 'string', 'Invalid message.', array('maxlength' => 10000, 'minlength' => 1));
$Err = $Validate->ValidateForm($_POST);
// Validate the form
if ($Err) {
error($Err);
header('Location: ' . $_SERVER['HTTP_REFERER']);
die;
}
//******************************************************************************//
//--------------- Send PMs to users --------------------------------------------//
$DB->query("\n\tSELECT uid\n\tFROM xbt_snatched\n\tWHERE fid = {$TorrentID}");
if ($DB->has_results()) {
// Save this because send_pm uses $DB to run its own query... Oops...
$Snatchers = $DB->to_array();
foreach ($Snatchers as $UserID) {
Misc::send_pm($UserID[0], 0, $Subject, $Message);
}
}
Misc::write_log($LoggedUser['Username'] . " sent mass notice to snatchers of torrent {$TorrentID} in group {$GroupID}");
header("Location: torrents.php?id={$GroupID}");
$RequestVotes = Requests::get_votes_array($RequestID);
if ($RequestVotes['TotalBounty'] > $Uploaded) {
// If we can't take it all out of upload, zero that out and add whatever is left as download.
$DB->query("\n\t\tUPDATE users_main\n\t\tSET Uploaded = 0\n\t\tWHERE ID = {$FillerID}");
$DB->query('
UPDATE users_main
SET Downloaded = Downloaded + ' . ($RequestVotes['TotalBounty'] - $Uploaded) . "\n\t\tWHERE ID = {$FillerID}");
} else {
$DB->query('
UPDATE users_main
SET Uploaded = Uploaded - ' . $RequestVotes['TotalBounty'] . "\n\t\tWHERE ID = {$FillerID}");
}
Misc::send_pm($FillerID, 0, 'A request you filled has been unfilled', "The request \"[url=" . site_url() . "requests.php?action=view&id={$RequestID}]{$FullName}" . "[/url]\" was unfilled by [url=" . site_url() . 'user.php?id=' . $LoggedUser['ID'] . ']' . $LoggedUser['Username'] . '[/url] for the reason: [quote]' . $_POST['reason'] . "[/quote]\nIf you feel like this request was unjustly unfilled, please [url=" . site_url() . "reports.php?action=report&type=request&id={$RequestID}]report the request[/url] and explain why this request should not have been unfilled.");
$Cache->delete_value("user_stats_{$FillerID}");
if ($UserID !== $LoggedUser['ID']) {
Misc::send_pm($UserID, 0, 'A request you created has been unfilled', "The request \"[url=" . site_url() . "requests.php?action=view&id={$RequestID}]{$FullName}" . "[/url]\" was unfilled by [url=" . site_url() . 'user.php?id=' . $LoggedUser['ID'] . ']' . $LoggedUser['Username'] . "[/url] for the reason: [quote]" . $_POST['reason'] . '[/quote]');
}
Misc::write_log("Request {$RequestID} ({$FullName}), with a " . Format::get_size($RequestVotes['TotalBounty']) . ' bounty, was unfilled by user ' . $LoggedUser['ID'] . ' (' . $LoggedUser['Username'] . ') for the reason: ' . $_POST['reason']);
$Cache->delete_value("request_{$RequestID}");
$Cache->delete_value("request_artists_{$RequestID}");
if ($GroupID) {
$Cache->delete_value("requests_group_{$GroupID}");
}
Requests::update_sphinx_requests($RequestID);
if (!empty($ArtistForm)) {
foreach ($ArtistForm as $ArtistType) {
foreach ($ArtistType as $Artist) {
$Cache->delete_value('artists_requests_' . $Artist['id']);
}
}
}
$NewInvites = $Invites - DONOR_INVITES;
} else {
$NewInvites = 0;
$Message .= ' They had already used at least one of their donation gained invites.';
}
$DB->query("\n\t\t\t\t\tUPDATE users_main\n\t\t\t\t\tSET Invites = {$NewInvites}\n\t\t\t\t\tWHERE ID = '" . $_POST['custom'] . "'");
$DB->query('
UPDATE users_info
SET Donor = \'0\'
WHERE UserID = \'' . $_POST['custom'] . '\'');
$Cache->begin_transaction('user_info_' . $_POST['custom']);
$Cache->update_row(false, array('Donor' => 0));
$Cache->commit_transaction(0);
$Cache->begin_transaction('user_info_heavy_' . $_POST['custom']);
$Cache->update_row(false, array('Invites' => $Invites));
$Cache->commit_transaction(0);
Misc::send_pm($_POST['custom'], 0, 'Notice of donation failure', 'PapPal has just notified us that the donation you sent from ' . $_POST['payer_email'] . ' of ' . $TotalDonated . ' ' . PAYPAL_CURRENCY . ' at ' . $DonationTime . ' UTC has been revoked. Because of this your special privileges have been revoked, and your invites removed.');
send_irc("PRIVMSG " . BOT_REPORT_CHAN . " :{$Message}");
}
}
}
$DB->query("\n\t\tUPDATE users_info\n\t\tSET AdminComment = CONCAT('" . sqltime() . " - User donated " . db_string($_POST['mc_gross']) . " " . db_string(PAYPAL_CURRENCY) . " from " . db_string($_POST['payer_email']) . ".\n',AdminComment)\n\t\tWHERE UserID = '" . $_POST['custom'] . "'");
$DB->query("\n\t\tINSERT INTO donations\n\t\t\t(UserID, Amount, Email, Time)\n\t\tVALUES\n\t\t\t('" . $_POST['custom'] . "', '" . db_string($_POST['mc_gross']) . "', '" . db_string($_POST['payer_email']) . "', '" . sqltime() . "')");
} else {
$DB->query("\n\t\tINSERT INTO ip_bans\n\t\t\t(FromIP, ToIP, Reason)\n\t\tVALUES\n\t\t\t('" . Tools::ip_to_unsigned($_SERVER['REMOTE_ADDR']) . "', '" . ip2long($_SERVER['REMOTE_ADDR']) . "', 'Attempted to exploit donation system.')");
}
fclose($Socket);
if (check_perms('site_debug')) {
include SERVER_ROOT . '/sections/donate/donate.php';
}
$Cache->cache_value('debug_donate', array($Result, $_POST), 0);
}
if (!array_key_exists($UserID, $TorrentAlerts)) {
$TorrentAlerts[$UserID] = array('Count' => 0, 'Msg' => '');
}
$ArtistName = Artists::display_artists(Artists::get_artist($GroupID), false, false, false);
if ($ArtistName) {
$Name = "{$ArtistName} - {$Name}";
}
if ($Format && $Encoding) {
$Name .= " [{$Format} / {$Encoding}]";
}
$TorrentAlerts[$UserID]['Msg'] .= "\n[url=" . site_url() . "torrents.php?torrentid={$ID}]" . $Name . "[/url]";
$TorrentAlerts[$UserID]['Count']++;
}
foreach ($TorrentAlerts as $UserID => $MessageInfo) {
Misc::send_pm($UserID, 0, 'Unseeded torrent notification', $MessageInfo['Count'] . " of your uploads will be deleted for inactivity soon. Unseeded torrents are deleted after 4 weeks. If you still have the files, you can seed your uploads by ensuring the torrents are in your client and that they aren't stopped. You can view the time that a torrent has been unseeded by clicking on the torrent description line and looking for the \"Last active\" time. For more information, please go [url=" . site_url() . "wiki.php?action=article&id=663]here[/url].\n\nThe following torrent" . ($MessageInfo['Count'] > 1 ? 's' : '') . ' will be removed for inactivity:' . $MessageInfo['Msg'] . "\n\nIf you no longer wish to receive these notifications, please disable them in your profile settings.");
}
}
$DB->query("\n\t\tUPDATE staff_pm_conversations\n\t\tSET Status = 'Resolved', ResolverID = '0'\n\t\tWHERE Date < NOW() - INTERVAL 1 MONTH\n\t\t\tAND Status = 'Open'\n\t\t\tAND AssignedToUser IS NULL");
Donations::schedule();
}
/*************************************************************************\
//--------------Run twice per month -------------------------------------//
These functions are twice per month, on the 8th and the 22nd.
\*************************************************************************/
if ($BiWeek != $NextBiWeek || $_GET['runbiweek']) {
echo "Ran bi-weekly functions\n";
//------------- Cycle auth keys -----------------------------------------//
$DB->query("\n\t\tUPDATE users_info\n\t\tSET AuthKey =\n\t\t\tMD5(\n\t\t\t\tCONCAT(\n\t\t\t\t\tAuthKey, RAND(), '" . db_string(Users::make_secret()) . "',\n\t\t\t\t\tSHA1(\n\t\t\t\t\t\tCONCAT(\n\t\t\t\t\t\t\tRAND(), RAND(), '" . db_string(Users::make_secret()) . "'\n\t\t\t\t\t\t)\n\t\t\t\t\t)\n\t\t\t\t)\n\t\t\t);");
<?php
authorize();
if (!check_perms("users_mod")) {
error(403);
}
$ID = $_POST['id'];
$Answer = db_string($_POST['answer']);
$Date = sqltime();
$UserID = $LoggedUser['ID'];
if (!is_number($ID) || empty($Answer)) {
error(404);
}
$DB->query("\n\tSELECT 1\n\tFROM staff_answers\n\tWHERE QuestionID = '{$ID}'\n\t\tAND UserID = '{$LoggedUser['ID']}'");
if (!$DB->has_results()) {
$DB->query("\n\t\tINSERT INTO staff_answers\n\t\t\t(QuestionID, UserID, Answer, Date)\n\t\tVALUES\n\t\t\t('{$ID}', '{$UserID}', '{$Answer}', '{$Date}')");
$DB->query("\n\t\tSELECT UserID\n\t\tFROM user_questions\n\t\tWHERE ID = '{$ID}'");
list($ToID) = $DB->next_record();
Misc::send_pm($ToID, 0, "Your question has been answered", "One of your questions has been answered! View the response [url=" . site_url() . "questions.php?action=view_answers&userid={$UserID}#question{$ID}]here[/url].");
} else {
error("You have already answered this question");
}
header("Location: questions.php");
error($Err);
}
//We're all good! Fill!
$DB->query("\n\tUPDATE requests\n\tSET FillerID = {$FillerID},\n\t\tTorrentID = {$TorrentID},\n\t\tTimeFilled = '" . sqltime() . "'\n\tWHERE ID = {$RequestID}");
if ($CategoryName === 'Music') {
$ArtistForm = Requests::get_artists($RequestID);
$ArtistName = Artists::display_artists($ArtistForm, false, true);
$FullName = $ArtistName . $Title;
} else {
$FullName = $Title;
}
$DB->query("\n\tSELECT UserID\n\tFROM requests_votes\n\tWHERE RequestID = {$RequestID}");
$UserIDs = $DB->to_array();
foreach ($UserIDs as $User) {
list($VoterID) = $User;
Misc::send_pm($VoterID, 0, "The request \"{$FullName}\" has been filled", 'One of your requests — [url=' . site_url() . "requests.php?action=view&id={$RequestID}]{$FullName}" . '[/url] — has been filled. You can view it here: [url]' . site_url() . "torrents.php?torrentid={$TorrentID}" . '[/url]');
}
$RequestVotes = Requests::get_votes_array($RequestID);
Misc::write_log("Request {$RequestID} ({$FullName}) was filled by user {$FillerID} ({$FillerUsername}) with the torrent {$TorrentID} for a " . Format::get_size($RequestVotes['TotalBounty']) . ' bounty.');
// Give bounty
$DB->query("\n\tUPDATE users_main\n\tSET Uploaded = (Uploaded + " . $RequestVotes['TotalBounty'] . ")\n\tWHERE ID = {$FillerID}");
$Cache->delete_value("user_stats_{$FillerID}");
$Cache->delete_value("request_{$RequestID}");
if ($GroupID) {
$Cache->delete_value("requests_group_{$GroupID}");
}
$DB->query("\n\tSELECT ArtistID\n\tFROM requests_artists\n\tWHERE RequestID = {$RequestID}");
$ArtistIDs = $DB->to_array();
foreach ($ArtistIDs as $ArtistID) {
$Cache->delete_value("artists_requests_{$ArtistID}");
}
if ($UserID != $AuthorID && !check_perms('site_moderate_forums')) {
error(403, true);
}
if ($LoggedUser['DisablePosting']) {
error('Your posting privileges have been removed.', true);
}
if (!$DB->has_results()) {
error(404, true);
}
// Send a PM to the user to notify them of the edit
if ($UserID != $AuthorID && $DoPM) {
$PMSubject = "Your post #{$PostID} has been edited";
$PMurl = site_url() . "forums.php?action=viewthread&postid={$PostID}#post{$PostID}";
$ProfLink = '[url=' . site_url() . "user.php?id={$UserID}]" . $LoggedUser['Username'] . '[/url]';
$PMBody = "One of your posts has been edited by {$ProfLink}: [url]{$PMurl}[/url]";
Misc::send_pm($AuthorID, 0, $PMSubject, $PMBody);
}
// Perform the update
$DB->query("\n\tUPDATE forums_posts\n\tSET\n\t\tBody = '" . db_string($Body) . "',\n\t\tEditedUserID = '{$UserID}',\n\t\tEditedTime = '{$SQLTime}'\n\tWHERE ID = '{$PostID}'");
$CatalogueID = floor((POSTS_PER_PAGE * $Page - POSTS_PER_PAGE) / THREAD_CATALOGUE);
$Cache->begin_transaction("thread_{$TopicID}" . "_catalogue_{$CatalogueID}");
if ($Cache->MemcacheDBArray[$Key]['ID'] != $PostID) {
$Cache->cancel_transaction();
$Cache->delete_value("thread_{$TopicID}" . "_catalogue_{$CatalogueID}");
//just clear the cache for would be cache-screwer-uppers
} else {
$Cache->update_row($Key, array('ID' => $Cache->MemcacheDBArray[$Key]['ID'], 'AuthorID' => $Cache->MemcacheDBArray[$Key]['AuthorID'], 'AddedTime' => $Cache->MemcacheDBArray[$Key]['AddedTime'], 'Body' => $Body, 'EditedUserID' => $LoggedUser['ID'], 'EditedTime' => $SQLTime, 'Username' => $LoggedUser['Username']));
$Cache->commit_transaction(3600 * 24 * 5);
}
$ThreadInfo = Forums::get_thread_info($TopicID);
if ($ThreadInfo === null) {
