forked from Bigjoos/U-232
-
Notifications
You must be signed in to change notification settings - Fork 0
/
coin.php
56 lines (48 loc) · 2.49 KB
/
coin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
<?php
/**
* http://btdev.net:1337/svn/test/Installer09_Beta
* Licence Info: GPL
* Copyright (C) 2010 BTDev Installer v.1
* A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
* Project Leaders: Mindless,putyn.
**/
require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'bittorrent.php');
require_once(INCL_DIR . 'user_functions.php');
dbconn();
loggedinorreturn();
$lang = array_merge(load_language('global'));
// / Mod by dokty - tbdev.net
$id = intval($_GET["id"]);
$points = intval($_GET["points"]);
if (!is_valid_id($id) || !is_valid_id($points))
die();
$pointscangive = array(
"10",
"20",
"50",
"100",
"200",
"500",
"1000"
);
if (!in_array($points, $pointscangive))
stderr("Error", "You can't give that amount of points!!!");
$sdsa = sql_query("SELECT 1 FROM coins WHERE torrentid=" . sqlesc($id) . " AND userid =" . sqlesc($CURUSER["id"])) or sqlerr(__FILE__, __LINE__);
$asdd = mysqli_fetch_array($sdsa);
if ($asdd)
stderr("Error", "You already gave points to this torrent.");
$res = sql_query("SELECT owner,name FROM torrents WHERE id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$row = mysqli_fetch_assoc($res) or stderr("Error", "Torrent was not found");
$userid = intval($row["owner"]);
if ($userid == $CURUSER["id"])
stderr("Error", "You can't give your self points!");
if ($CURUSER["seedbonus"] < $points)
stderr("Error", "You dont have enough points");
sql_query("INSERT INTO coins (userid, torrentid, points) VALUES (" . sqlesc($CURUSER["id"]) . ", " . sqlesc($id) . ", " . sqlesc($points) . ")") or sqlerr(__FILE__, __LINE__);
sql_query("UPDATE users SET seedbonus=seedbonus+" . sqlesc($points) . " WHERE id=" . sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
sql_query("UPDATE users SET seedbonus=seedbonus-" . sqlesc($points) . " WHERE id=" . sqlesc($CURUSER["id"])) or sqlerr(__FILE__, __LINE__);
sql_query("UPDATE torrents SET points=points+" . sqlesc($points) . " WHERE id=" . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$msg = sqlesc("You have been given " . $points . " points by " . $CURUSER["username"] . " for torrent [url=" . $INSTALLER09['baseurl'] . "/details.php?id=" . $id . "]" . htmlspecialchars($row["name"]) . "[/url].");
sql_query("INSERT INTO messages (sender, receiver, msg, added, subject) VALUES(0, " . sqlesc($userid) . ", $msg, " . sqlesc(time()) . ", 'You have been given a gift')") or sqlerr(__FILE__, __LINE__);
stderr("Done", "Successfully gave points to this torrent.");
?>