function addTorrent() { global $dbhost, $dbuser, $dbpass, $database; global $_POST, $_FILES; require_once "funcsv2.php"; require_once "BDecode.php"; require_once "BEncode.php"; $hash = strtolower($_POST["hash"]); $db = mysql_connect($dbhost, $dbuser, $dbpass) or die("<p class=\"error\">Couldn't connect to database. contact the administrator</p>"); mysql_select_db($database) or die("<p class=\"error\">Can't open the database.</p>"); if (isset($_FILES["torrent"])) { if ($_FILES["torrent"]["error"] != 4) { $fd = fopen($_FILES["torrent"]["tmp_name"], "rb") or die("<p class=\"error\">File upload error 1</p>\n"); is_uploaded_file($_FILES["torrent"]["tmp_name"]) or die("<p class=\"error\">File upload error 2</p>\n"); $alltorrent = fread($fd, filesize($_FILES["torrent"]["tmp_name"])); $array = BDecode($alltorrent); if (!$array) { echo "<p class=\"error\">There was an error handling your uploaded torrent. The parser didn't like it.</p>"; endOutput(); exit; } $hash = @sha1(BEncode($array["info"])); fclose($fd); unlink($_FILES["torrent"]["tmp_name"]); } } if (isset($_POST["filename"])) { $filename = clean($_POST["filename"]); } else { $filename = ""; } if (isset($_POST["url"])) { $url = clean($_POST["url"]); } else { $url = ""; } if (isset($_POST["info"])) { $info = clean($_POST["info"]); } else { $info = ""; } if (isset($_POST["autoset"])) { if (strcmp($_POST["autoset"], "enabled") == 0) { if (strlen($filename) == 0 && isset($array["info"]["name"])) { $filename = $array["info"]["name"]; } if (strlen($info) == 0 && isset($array["info"]["piece length"])) { $info = $array["info"]["piece length"] / 1024 * (strlen($array["info"]["pieces"]) / 20) / 1024; $info = round($info, 2) . " MB"; if (isset($array["comment"])) { $info .= " - " . $array["comment"]; } } } $filename = mysql_escape_string($filename); $url = mysql_escape_string($url); $info = mysql_escape_string($info); if (strlen($hash) != 40 || !verifyHash($hash)) { echo "<p class=\"error\">Error: Info hash must be exactly 40 hex bytes.</p>"; endOutput(); } $query = "INSERT INTO BTPHP_namemap (info_hash, filename, url, info) VALUES (\"{$hash}\", \"{$filename}\", \"{$url}\", \"{$info}\")"; $status = makeTorrent($hash, true); quickQuery($query); if ($status) { echo "<p class=\"error\">Torrent was added successfully.</p>"; } else { echo "<p class=\"error\">There were some errors. Check if this torrent had been added previously.</p>"; } } endOutput(); }
</head> <body> <h1>fb.group.downloader</h1> <?php if (!($userId = $fb->getUser())) { endOutput("<p>To get started, you'll need to give us permission to access your Facebook account.</p>" . $loginHtml); } try { $userProfile = $fb->api("/me", "GET"); } catch (FacebookApiException $e) { endOutput("<p>Unfortunately your Facebook login seems to have expired.</p>" . $loginHtml); } $firstName = $userProfile["first_name"]; $lastName = $userProfile["last_name"]; $fullName = $userProfile["name"]; // a header of sorts echo "<p>You're logged in as <strong>{$fullName}.</strong> {$logoutHtml}</p>"; try { $rows = $fb->api(array("query" => "select gid, name from group where gid in (select gid from group_member where uid = me()) order by name", "method" => "fql.query")); } catch (FacebookApiException $e) { endOutput('<p class="error">Unable to retrieve information about your groups. Please try again.</p>'); } echo "<form method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">"; echo "<p>Please select a group to archive:</p><p>"; foreach ($rows as $row) { echo "<input type=\"radio\" name=\"gid\" id=\"gid{$row['gid']}\" value=\"{$row['gid']}\" /> <label for=\"gid{$row['gid']}\">{$row['name']}</label><br />"; } echo "</p><p><input type=\"submit\" name=\"submit\" value=\"Archive\" /></p>"; echo "</form>"; endOutput();
function addTorrent() { require "config.php"; $tracker_url = $website_url . substr($_SERVER['REQUEST_URI'], 0, -15) . "announce.php"; $hash = strtolower($_POST["hash"]); $db = mysql_connect($dbhost, $dbuser, $dbpass) or die(errorMessage() . "Couldn't connect to the database, contact the administrator</p>"); mysql_select_db($database) or die(errorMessage() . "Can't open the database.</p>"); require_once "funcsv2.php"; require_once "BDecode.php"; require_once "BEncode.php"; if ($_FILES["torrent"]["error"] != 4) { $fd = fopen($_FILES["torrent"]["tmp_name"], "rb") or die(errorMessage() . "File upload error 1</p>\n"); is_uploaded_file($_FILES["torrent"]["tmp_name"]) or die(errorMessage() . "File upload error 2</p>\n"); $alltorrent = fread($fd, filesize($_FILES["torrent"]["tmp_name"])); $array = BDecode($alltorrent); if (!$array) { echo errorMessage() . "Error: The parser was unable to load your torrent. Please re-create and re-upload the torrent.</p>\n"; endOutput(); exit; } if (strtolower($array["announce"]) != $tracker_url) { echo errorMessage() . "Error: The tracker announce URL does not match this:<br>{$tracker_url}<br>Please re-create and re-upload the torrent.</p>\n"; endOutput(); exit; } if ($_POST["httpseed"] == "enabled" && $_POST["relative_path"] == "") { echo errorMessage() . "Error: HTTP seeding was checked however no relative path was given.</p>\n"; endOutput(); exit; } if ($_POST["httpseed"] == "enabled" && $_POST["relative_path"] != "") { if (Substr($_POST["relative_path"], -1) == "/") { if (!is_dir($_POST["relative_path"])) { echo errorMessage() . "Error: HTTP seeding relative path ends in / but is not a valid directory.</p>\n"; endOutput(); exit; } } else { if (!is_file($_POST["relative_path"])) { echo errorMessage() . "Error: HTTP seeding relative path is not a valid file.</p>\n"; endOutput(); exit; } } } if ($_POST["getrightseed"] == "enabled" && $_POST["httpftplocation"] == "") { echo errorMessage() . "Error: GetRight HTTP seeding was checked however no URL was given.</p>\n"; endOutput(); exit; } if ($_POST["getrightseed"] == "enabled" && (Substr($_POST["httpftplocation"], 0, 7) != "http://" && Substr($_POST["httpftplocation"], 0, 6) != "ftp://")) { echo errorMessage() . "Error: GetRight HTTP seeding URL must start with http:// or ftp://</p>\n"; endOutput(); exit; } $hash = @sha1(BEncode($array["info"])); fclose($fd); $target_path = "torrents/"; $target_path = $target_path . basename(clean($_FILES['torrent']['name'])); $move_torrent = move_uploaded_file($_FILES["torrent"]["tmp_name"], $target_path); if ($move_torrent == false) { echo errorMessage() . "Unable to move " . $_FILES["torrent"]["tmp_name"] . " to torrents/</p>\n"; } } if (isset($_POST["filename"])) { $filename = clean($_POST["filename"]); } else { $filename = ""; } if (isset($_POST["url"])) { $url = clean($_POST["url"]); } else { $url = ""; } if (isset($_POST["autoset"])) { if (strcmp($_POST["autoset"], "enabled") == 0) { if (strlen($filename) == 0 && isset($array["info"]["name"])) { $filename = $array["info"]["name"]; } } } //figure out total size of all files in torrent $info = $array["info"]; $total_size = 0; if (isset($info["files"])) { foreach ($info["files"] as $file) { $total_size = $total_size + $file["length"]; } } else { $total_size = $info["length"]; } //Validate torrent file, make sure everything is correct $filename = mysql_escape_string($filename); $filename = htmlspecialchars(clean($filename)); $url = htmlspecialchars(mysql_escape_string($url)); if (strlen($hash) != 40 || !verifyHash($hash)) { echo errorMessage() . "Error: Info hash must be exactly 40 hex bytes.</p>\n"; endOutput(); } if (Substr($url, 0, 7) != "http://" && $url != "") { echo errorMessage() . "Error: The Torrent URL does not start with http:// Make sure you entered a correct URL.</p>\n"; endOutput(); } $query = "INSERT INTO " . $prefix . "namemap (info_hash, filename, url, size, pubDate) VALUES (\"{$hash}\", \"{$filename}\", \"{$url}\", \"{$total_size}\", \"" . date('D, j M Y h:i:s') . "\")"; $status = makeTorrent($hash, true); quickQuery($query); if ($status) { echo "<p class=\"success\">Torrent was added successfully.</p>\n"; echo "<a href=\"newtorrents.php\"><img src=\"images/add.png\" border=\"0\" class=\"icon\" alt=\"Add Torrent\" title=\"Add Torrent\" /></a><a href=\"newtorrents.php\">Add Another Torrent</a><br>\n"; //rename torrent file to match filename rename("torrents/" . clean($_FILES['torrent']['name']), "torrents/" . $filename . ".torrent"); //make torrent file readable by all chmod("torrents/" . $filename . ".torrent", 0644); //run RSS generator require_once "rss_generator.php"; //Display information from DumpTorrentCGI.php require_once "torrent_functions.php"; } else { echo errorMessage() . "There were some errors. Check if this torrent has been added previously.</p>\n"; //delete torrent file if it doesn't exist in database $query = "SELECT COUNT(*) FROM " . $prefix . "summary WHERE info_hash = '{$hash}'"; $results = mysql_query($query) or die(errorMessage() . "Can't do SQL query - " . mysql_error() . "</p>"); $data = mysql_fetch_row($results); if ($data[0] == 0) { if (file_exists("torrents/" . $_FILES['torrent']['name'])) { unlink("torrents/" . $_FILES['torrent']['name']); } } //make torrent file readable by all chmod("torrents/" . $filename . ".torrent", 0644); endOutput(); } }