stderr("Add Bookmark", "Do you really want to add this bookmark? Click\n" . "<a href='?torrent={$torrentid}&action=add&sure=1&h={$hash}'>here</a> if you are sure.", FALSE); } if ($_GET['h'] != $hash) { stderr('Error', 'what are you doing?'); } function addbookmark($torrentid) { global $CURUSER, $mc1, $INSTALLER09; if (get_row_count("bookmarks", "WHERE userid=" . sqlesc($CURUSER['id']) . " AND torrentid = " . sqlesc($torrentid)) > 0) { stderr("Error", "Torrent already bookmarked"); } sql_query("INSERT INTO bookmarks (userid, torrentid) VALUES (" . sqlesc($CURUSER['id']) . ", " . sqlesc($torrentid) . ")") or sqlerr(__FILE__, __LINE__); $mc1->delete_value('bookmm_' . $CURUSER['id']); make_bookmarks($CURUSER['id'], 'bookmm_'); } $HTMLOUT .= addbookmark($torrentid); $HTMLOUT .= "<h2>Bookmark added!</h2>"; } if ($action == 'delete') { $torrentid = (int) $_GET['torrent']; $sure = isset($_GET['sure']) ? 0 + $_GET['sure'] : ''; if (!is_valid_id($torrentid)) { stderr("Error", "Invalid ID."); } $hash = md5('s5l6t0mu55yt4hwa7e5' . $torrentid . 'delete' . 's5l6t0mu55yt4hwa7e5'); if (!$sure) { stderr("Delete Bookmark", "Do you really want to delete this bookmark? Click\n" . "<a href='?torrent={$torrentid}&action=delete&sure=1&h={$hash}'>here</a> if you are sure.", FALSE); } if ($_GET['h'] != $hash) { stderr('Error', 'what are you doing?'); }
$hash = md5('the salt to' . $torrentid . 'add' . 'mu55y'); if (!$sure) { stderr("Confirm Bookmark", "Do you really want to add this bookmark? Click\n" . "<a href=?torrent={$torrentid}&action=add&sure=1&h={$hash}>here</a> if you are sure.", false); } if ($_GET['h'] != $hash) { stderr('Error', 'what are you doing?'); } function addbookmark($torrentid) { global $CURUSER; if (get_row_count("bookmarks", "WHERE userid={$CURUSER['id']} AND torrentid = {$torrentid}") > 0) { bark("Torrent already bookmarked"); } mysql_query("INSERT INTO bookmarks (userid, torrentid) VALUES ({$CURUSER['id']}, {$torrentid})") or sqlerr(__FILE__, __LINE__); } addbookmark($torrentid); stdhead("Bookmark added!"); echo '<h2>Bookmark added!</h2>'; } if ($action == 'delete') { $torrentid = (int) $_GET['torrent']; $sure = safeChar($_GET['sure']); if (!is_valid_id($torrentid)) { stderr("Error", "Invalid ID."); } $hash = md5('the salt to' . $torrentid . 'add' . 'mu55y'); if (!$sure) { stderr("Confirm Bookmark", "Do you really want to delete this bookmark? Click\n" . "<a href=?torrent={$torrentid}&action=delete&sure=1&h={$hash}>here</a> if you are sure.", false); } if ($_GET['h'] != $hash) { stderr('Error', 'what are you doing?');