list($NewsID,$Title,$Body,$NewsTime) = $NewsItem;
echo $Feed->item($Title, $Text->strip_bbcode($Body), 'index.php#'.$NewsID, SITE_NAME.' Staff','','',$NewsTime);
}
break;
case 'feed_blog':
include(SERVER_ROOT.'/classes/class_text.php');
$Text = new TEXT;
$Feed->channel('Blog', 'RSS feed for site blog.');
if (!$Blog = $Cache->get_value('blog')) {
require(SERVER_ROOT.'/classes/class_mysql.php'); //Require the database wrapper
$DB=NEW DB_MYSQL; //Load the database wrapper
$DB->query("SELECT
b.ID,
um.Username,
b.Title,
b.Body,
b.Time,
b.ThreadID
FROM blog AS b LEFT JOIN users_main AS um ON b.UserID=um.ID
ORDER BY Time DESC
LIMIT 20");
$Blog = $DB->to_array();
$Cache->cache_value('Blog',$Blog,1209600);
}
foreach ($Blog as $BlogItem) {
list($BlogID, $Author, $Title, $Body, $BlogTime, $ThreadID) = $BlogItem;
echo $Feed->item($Title, $Text->strip_bbcode($Body), 'forums.php?action=viewthread&threadid='.$ThreadID, SITE_NAME.' Staff','','',$BlogTime);
}
break;
case 'torrents_all':
$Feed->channel('All Torrents', 'RSS feed for all new torrent uploads.');
$Feed->retrieve('torrents_all',$_GET['authkey'],$_GET['passkey']);
$DB->query("\n\t\tSELECT Token, Name\n\t\tFROM api_applications\n\t\tWHERE ID = '{$AppID}'\n\t\tLIMIT 1");
$App = $DB->to_array(false, MYSQLI_ASSOC);
$Cache->cache_value("api_apps_{$AppID}", $App, 0);
}
$App = $App[0];
//Handle our request auths
if ($_GET['req'] === 'access_request') {
if (md5($App['Token']) !== $_GET['key']) {
error('invalid');
}
} else {
$User = $Cache->get_value("api_users_{$UserID}");
if (!is_array($User)) {
if (!isset($DB)) {
require SERVER_ROOT . '/classes/mysql.class.php';
$DB = new DB_MYSQL();
}
$DB->query("\n\t\t\tSELECT AppID, Token, State, Time, Access\n\t\t\tFROM api_users\n\t\t\tWHERE UserID = '{$UserID}'\n\t\t\tLIMIT 1");
//int, no db_string
$User = $DB->to_array('AppID', MYSQLI_ASSOC);
$Cache->cache_value("api_users_{$UserID}", $User, 0);
}
$User = $User[$AppID];
if (md5($User['Token'] . $App['Token']) !== $_GET['key']) {
error('invalid');
}
}
die('API put on hold');
require SERVER_ROOT . '/sections/api/' . $_GET['req'] . '.php';
echo '</payload>';
$Debug->profile();
// Enabled - if the user's enabled or not
// Permissions
if (isset($_COOKIE['session'])) {
$LoginCookie = $Enc->decrypt($_COOKIE['session']);
}
if (isset($LoginCookie)) {
list($SessionID, $LoggedUser['ID']) = explode('|~|', $Enc->decrypt($LoginCookie));
$LoggedUser['ID'] = (int) $LoggedUser['ID'];
$UserID = $LoggedUser['ID'];
//TODO: UserID should not be LoggedUser
if (!$LoggedUser['ID'] || !$SessionID) {
logout();
}
$UserSessions = $Cache->get_value("users_sessions_{$UserID}");
if (!is_array($UserSessions)) {
$DB->query("\n\t\t\tSELECT\n\t\t\t\tSessionID,\n\t\t\t\tBrowser,\n\t\t\t\tOperatingSystem,\n\t\t\t\tIP,\n\t\t\t\tLastUpdate\n\t\t\tFROM users_sessions\n\t\t\tWHERE UserID = '{$UserID}'\n\t\t\t\tAND Active = 1\n\t\t\tORDER BY LastUpdate DESC");
$UserSessions = $DB->to_array('SessionID', MYSQLI_ASSOC);
$Cache->cache_value("users_sessions_{$UserID}", $UserSessions, 0);
}
if (!array_key_exists($SessionID, $UserSessions)) {
logout();
}
// Check if user is enabled
$Enabled = $Cache->get_value('enabled_' . $LoggedUser['ID']);
if ($Enabled === false) {
$DB->query("\n\t\t\tSELECT Enabled\n\t\t\tFROM users_main\n\t\t\tWHERE ID = '{$LoggedUser['ID']}'");
list($Enabled) = $DB->next_record();
$Cache->cache_value('enabled_' . $LoggedUser['ID'], $Enabled, 0);
}
if ($Enabled == 2) {
logout();
global $DB, $Cache;
if ((list($Size) = $Cache->get_value('ptpimg_sql_size')) === false) {
$DB->query("SELECT SUM(Size) FROM uploads");
list($Size) = $DB->next_record();
$Cache->cache_value('ptpimg_sql_size', array($Size), 60);
// 30 minutes
}
return $Size;
}
switch ($Action) {
case 'random':
// random
$Count = getImageCount();
// Grab image count
$Rand = rand(1, $Count);
$DB->query("SELECT Code, Type, Size FROM uploads LIMIT {$Rand}, 1");
list($Code, $Type, $Size) = $DB->next_record();
echo json_encode(array(array('code' => $Code, 'type' => $Type, 'size' => $Size)));
break;
case 'last5':
// last5
$DB->query("SELECT Code, Type, Size FROM uploads ORDER BY ID DESC LIMIT 5");
$Data = array();
while (list($Code, $Type, $Size) = $DB->next_record()) {
$Data[] = array('code' => $Code, 'type' => $Type, 'size' => $Size);
}
echo json_encode(array($Data));
break;
case 'stats':
// stats
$Size = getTotalSize();
list($SessionID, $LoggedUser['ID'])=explode("|~|",$Enc->decrypt($LoginCookie));
$LoggedUser['ID'] = (int)$LoggedUser['ID'];
$UserID=$LoggedUser['ID']; //TODO: UserID should not be LoggedUser
if (!$LoggedUser['ID'] || !$SessionID) {
logout();
}
$UserSessions = $Cache->get_value('users_sessions_'.$UserID);
if(!is_array($UserSessions)) {
$DB->query("SELECT
SessionID,
Browser,
OperatingSystem,
IP,
LastUpdate
FROM users_sessions
WHERE UserID='$UserID'
ORDER BY LastUpdate DESC");
$UserSessions = $DB->to_array('SessionID',MYSQLI_ASSOC);
$Cache->cache_value('users_sessions_'.$UserID, $UserSessions, 0);
}
if (!array_key_exists($SessionID,$UserSessions)) {
logout();
}
// Check if user is enabled
$Enabled = $Cache->get_value('enabled_'.$LoggedUser['ID']);
if($Enabled === false) {
$ts = time();
if (isset($_GET['i']) && is_numeric($_GET['i'])) {
$Interval = $_GET['i'];
} else {
$Interval = 1;
}
// This is for the totals
// Data sets are too big for 12-48 hours
$Extra = '';
if ($Interval > 12) {
$Extra = "AND DATE_FORMAT(Time, '%i') IN (0,15,30,45)";
}
$DateString = $Cache->get_value('graphd_' . $Interval);
list($TotalBW, $TotalHits) = $Cache->get_value('grapht_' . $Interval);
if (!($TData = $Cache->get_value('graph_' . $Interval))) {
$DB->query("SELECT Time, Hits, Bandwidth FROM records WHERE Time > DATE_SUB(NOW(), INTERVAL %d hour) %s", $Interval, $Extra);
$TData = $DB->to_array();
$DB->query("SELECT sum(bandwidth), sum(hits) FROM records WHERE Time > DATE_SUB(NOW(), INTERVAL %d hour)", $Interval);
list($TotalBW, $TotalHits) = $DB->next_record();
$Cache->cache_value('grapht_' . $Interval, array($TotalBW, $TotalHits), 300);
$Cache->cache_value('graph_' . $Interval, $TData, 150);
$DateString = "last updated: " . date("j M Y G:i", time());
$Cache->cache_value('graphd_' . $Interval, $DateString, 300);
}
$i = 0;
while (list($Key, list($Time, $Hits, $Bandwidth)) = each($TData)) {
$datax[$i] = date("G:i", strtotime($Time));
if (!$Hits) {
$Hits = 0;
}
if (!$Bandwidth) {
require "misc.class.php";
require "sql.class.php";
$DB = new DB_MYSQL();
$Resolution = "";
if (!isset($_GET['v2'])) {
$v2 == "def";
} else {
$v2 = $_GET['v2'];
}
if ($v2 == "def") {
$Resolution = "(resolution='1536x1180' OR\n\t\tresolution='1180x1536' OR\n\t\tresolution='1600x1200' OR\n\t\tresolution='1200x1600' OR\n\t\tresolution='2048x1536' OR\n\t\tresolution='1536x2048' OR\n\t\tresolution='2240x1680' OR\n\t\tresolution='1680x2240' OR\n\t\tresolution='2560x1920' OR\n\t\tresolution='1920x2560' OR\n\t\tresolution='3032x2008' OR\n\t\tresolution='2008x3032' OR\n\t\tresolution='3072x2304' OR\n\t\tresolution='2304x3072' OR\n\t\tresolution='3264x2448' OR\n\t\tresolution='2448x3264')";
} else {
$Resolution = "resolution='" . db_string($_GET['v2']) . "'";
$IDExtra = "";
}
$q = "SELECT Code, Extension\n\t\tFROM uploads\n\t\tWHERE\n{$Resolution}\n{$IDExtra}";
$DB->query($q);
$Data = $DB->to_array();
if ($IDExtra) {
echo "<a href='?v2=def&v6=" . $_GET['v6'] . "&id=" . ($ID + 20000) . "'>next</a><br />";
}
while (list($Key, list($Code, $Ext)) = each($Data)) {
if ($_GET['v2'] == "def") {
echo sprintf("<a href='http://ptpimg.me/%s.%s'><img src='http://ptpimg.me/%s.%s' height='500' width='500' /></a><br />", $Code, $Ext, $Code, $Ext);
} else {
echo sprintf("<a href='http://ptpimg.me/%s.%s'><img src='http://ptpimg.me/%s.%s' /></a><br />", $Code, $Ext, $Code, $Ext);
}
}
if ($IDExtra) {
echo "<a href='?v2=def&v6=" . $_GET['v6'] . "&id=" . ($ID + 20000) . "'>next</a><br />";
}
if (!isset($_GET['act']) || empty($_GET['act'])) {
$_GET['act'] = "def_action";
}
switch ($_GET['act']) {
case 'login':
case 'logout':
//-------------------
// LOGIN/LOGOUT
//-------------------
if (isset($_GET['act']) && $_GET['act'] == "logout") {
logout();
}
// Process the input
if (!empty($_GET['tkl'])) {
if (isset($_POST['username']) && preg_match('/^[a-z0-9_?]{1,20}$/iD', $_POST['username']) && strlen($_POST['password']) < 40) {
$DB->query("SELECT\n\t\t\t\t\tID,\n\t\t\t\t\tPassword,\n\t\t\t\t\tSecret,\n\t\t\t\t\tEnabled\n\t\t\t\t\tFROM users WHERE Username='******'username']) . "'\n\t\t\t\t\tAND Username<>''");
list($UserID, $PassHash, $Secret, $Enabled) = $DB->next_record();
if ($UserID && $PassHash == make_hash($_POST['password'], $Secret) && $Enabled == 1) {
$User->doLogin($UserID);
if (empty($_POST['ref_page'])) {
header("Location: index.php");
} else {
$URL = base64_decode($_POST['ref_page']);
if (preg_match('/^\\/[a-zA-Z0-9]+\\.php/i', $URL)) {
header("Location: {$URL}");
} else {
header("Location: index.php");
}
}
exit;
} else {
$Cache = NEW CACHE; //Load the caching class
$Enc = NEW CRYPT; //Load the encryption class
date_default_timezone_set('UTC');
if (isset($_COOKIE['session'])) { $LoginCookie=$Enc->decrypt($_COOKIE['session']); }
if(isset($LoginCookie)) {
list($SessionID, $UserID)=explode("|~|",$Enc->decrypt($LoginCookie));
if(!$UserID || !$SessionID) {
die('Not logged in!');
}
if(!$Enabled = $Cache->get_value('enabled_'.$UserID)){
require(SERVER_ROOT.'/classes/class_mysql.php'); //Require the database wrapper
$DB=NEW DB_MYSQL; //Load the database wrapper
$DB->query("SELECT Enabled FROM users_main WHERE ID='$UserID'");
list($Enabled) = $DB->next_record();
$Cache->cache_value('enabled_'.$UserID, $Enabled, 0);
}
} else {
die('Not logged in!');
}
function error($Error) {
die($Error);
}
function is_number($Str) {
if ($Str < 0) { return false; }
// We're converting input to a int, then string and comparing to original
return ($Str == strval(intval($Str)) ? true : false);
// upload via Java application
if (!isset($_GET['key']) && $_GET['key'] != "QT5LGz7ktGFVZpfFArVHCpEvDcC3qrUZrf0kP") {
die("404/Invalid API key");
}
while ($code = randFN()) {
if (!file_exists('raw/$code')) {
break;
}
}
$Data = getdata($_FILES['uploadfile']['tmp_name']);
$res = $Data['res'];
$ext = $Data['ext'];
$hash = $Data['md5'];
$size = $Data['size'];
$ImageType = $Data['type'];
$DB->query("SELECT Code, Extension FROM uploads WHERE NewHash='" . db_string($hash) . "'");
if ($DB->record_count() > 0) {
list($Code, $Extension) = $DB->next_record();
$results[] = array("status" => 13, "code" => $Code, "ext" => $Extension);
echo $Code . '.' . $Extension;
die;
}
// Flush image contents to a temp file
//$src=tempnam("/tmp", "ptpimg.");
$src = "raw/{$code}";
if (!move_uploaded_file($_FILES['uploadfile']['tmp_name'], $src)) {
die("error");
}
$results = array();
$DB->query("INSERT INTO uploads (NewHash, UserID, Extension, Code, Resolution, Size, Type) VALUES('" . db_string($hash) . "', '" . db_string($_GET['uid']) . "', '" . db_string($ext) . "', '" . db_string($code) . "', '" . db_string($res) . "', '" . db_string($size) . "', '" . db_string($ImageType) . "')");
if ($DB->affected_rows() > 0) {
<?php
//树形
require_once '../../../include/config.php';
require_once '../../../include/mysql.class.php';
require_once '../../../include/common.fun.php';
/*New DB*/
$dbc = new DB_MYSQL();
$dbc->connect(g_db_host, g_db_user, g_db_pass, g_db_name, 0, 'utf8');
$tree_id = $_REQUEST['tree_id'];
if ($tree_id != '') {
$sql = "SELECT a.*,(SELECT COUNT(*) FROM " . g_tbl_prefix . "call_nature b WHERE a.id = b.parentid ) as cid_num FROM " . g_tbl_prefix . "call_nature a \r\n\tWHERE 1=1 AND a.active = 1 ";
$sql .= "AND a.parentid = '{$tree_id}' ";
$sql .= "ORDER BY a.orders ASC,a.id ASC";
$q = $dbc->query($sql);
while ($r = $dbc->fetch_array($q)) {
$n = $r['cid_num'];
$list .= "<li id='{$r['id']}'><span class=''>{$r['title']} [ID:{$r['id']} 子类:{$r['cid_num']}]</span>\r\n";
if ($n > 0) {
$list .= "<ul class='ajax'>\r\n";
$list .= "<li id='{$r['email']}'>{url:loadTree.php?tree_id=" . $r['id'] . "}</li>\r\n";
$list .= "</ul>\r\n";
}
$list .= "</li>\r\n";
}
echo $list;
}
unset($dbc);
?>
<!--
<li id='35'><span class="text">Tree Node Ajax 1</span></li>
echo $c;
if ($Sneaky) {
global $DB, $Cache;
print_r($DB);
print_r($Cache);
}
}
// API Keys; ptpimg+api@nervex.net
$ApiKeys = array("QT5LGz7ktGFVZpfFArVHCpEvDcC3qrUZrf0kP", "iSQGkh6VJjAtkMjcDQysTPXOUGxiHutVYBw71");
$Browser = $UA->browser($_SERVER['HTTP_USER_AGENT']);
$OperatingSystem = $UA->operating_system($_SERVER['HTTP_USER_AGENT']);
//$Mobile = $UA->mobile($_SERVER['HTTP_USER_AGENT']);
// Get permissions
list($Classes, $ClassLevels) = $Cache->get_value('classes');
if (!$Classes || !$ClassLevels) {
$DB->query('SELECT ID, Name, Level FROM permissions ORDER BY Level');
$Classes = $DB->to_array('ID');
$ClassLevels = $DB->to_array('Level');
$Cache->cache_value('classes', array($Classes, $ClassLevels), 0);
}
if (isset($_COOKIE['session'])) {
$LoginCookie = $Enc->decrypt($_COOKIE['session']);
}
if (isset($LoginCookie)) {
list($SessionID, $LoggedUser['ID']) = explode("|~|", $Enc->decrypt($LoginCookie));
$LoggedUser['ID'] = (int) $LoggedUser['ID'];
$UserID = $LoggedUser['ID'];
//TODO: UserID should not be LoggedUser
if (!$LoggedUser['ID'] || !$SessionID) {
logout();
}
//Load the encryption class
$SSL = $_SERVER['SERVER_PORT'] === '443';
if (isset($_COOKIE['session'])) {
$LoginCookie = $Enc->decrypt($_COOKIE['session']);
}
if (isset($LoginCookie)) {
list($SessionID, $UserID) = explode("|~|", $Enc->decrypt($LoginCookie));
if (!$UserID || !$SessionID) {
die('Not logged in!');
}
if (!($Enabled = $Cache->get_value("enabled_{$UserID}"))) {
require SERVER_ROOT . '/classes/mysql.class.php';
//Require the database wrapper
$DB = new DB_MYSQL();
//Load the database wrapper
$DB->query("\n\t\t\tSELECT Enabled\n\t\t\tFROM users_main\n\t\t\tWHERE ID = '{$UserID}'");
list($Enabled) = $DB->next_record();
$Cache->cache_value("enabled_{$UserID}", $Enabled, 0);
}
} else {
die('Not logged in!');
}
function error($Error)
{
die($Error);
}
function is_number($Str)
{
if ($Str < 0) {
return false;
}
}
define('SQLHOST', 'localhost');
//The MySQL host ip/fqdn
define('SQLLOGIN', 'ptpimg');
//The MySQL login
define('SQLPASS', 'mri34mni');
//The MySQL password
define('SQLDB', 'ptpimg');
//The MySQL database to use
define('SQLPORT', '3306');
//The MySQL port to connect on
define('SQLSOCK', '/var/run/mysqld/mysqld.sock');
require "misc.class.php";
require "sql.class.php";
$DB = new DB_MYSQL();
$DB->query("SELECT ID, Code FROM uploads WHERE NewHash=''");
$Results = $DB->to_array('', MYSQLI_NUM, false);
$UBound = count($Results);
$QueryCount = 0;
$Query = array();
while (list($Key, list($ID, $Code)) = each($Results)) {
if ($QueryCount > 500) {
echo "500 queries, flushing.";
$x = microtime();
$x = explode(" ", $x);
$x = $x[1] + $x[0];
foreach ($Query as $q) {
$DB->query($q);
}
$y = microtime();
$y = explode(" ", $y);
<?
$UserStats = $Cache->get_value('user_stats_'.$UserID);
if(!is_array($UserStats)) {
if (!isset($DB)) {
require(SERVER_ROOT.'/classes/class_mysql.php');
$DB = new DB_MYSQL;
}
$DB->query("SELECT Uploaded AS BytesUploaded, Downloaded AS BytesDownloaded, RequiredRatio FROM users_main WHERE ID='$UserID'");
$UserStats = $DB->next_record(MYSQLI_ASSOC);
$Cache->cache_value('user_stats_'.$LoggedUser['ID'], $UserStats, 3600);
}
$Up = $UserStats['BytesUploaded'];
$Down = $UserStats['BytesDownloaded'];
$ReqRat = $UserStats['RequiredRatio'];
if ($Down > 0) {
$Rat = $Up/$Down;
} else {
$Rat = 0;
}
?>
<uploaded><?php
echo $Up;
?>
</uploaded>
<downloaded><?php
echo $Down;
?>
</downloaded>
<ratio><?php
echo $Rat;
?>
foreach ($Blog as $BlogItem) {
list($BlogID, $Author, $AuthorID, $Title, $Body, $BlogTime, $ThreadID) = $BlogItem;
if ($ThreadID) {
echo $Feed->item($Title, Text::strip_bbcode($Body), "forums.php?action=viewthread&threadid={$ThreadID}", SITE_NAME . ' Staff', '', '', $BlogTime);
} else {
echo $Feed->item($Title, Text::strip_bbcode($Body), "blog.php#blog{$BlogID}", SITE_NAME . ' Staff', '', '', $BlogTime);
}
}
break;
case 'feed_changelog':
$Feed->channel('Gazelle Change Log', 'RSS feed for Gazelle\'s changelog.');
if (!($Changelog = $Cache->get_value('changelog'))) {
require SERVER_ROOT . '/classes/mysql.class.php';
require SERVER_ROOT . '/classes/misc.class.php';
$DB = new DB_MYSQL();
$DB->query("\n\t\t\t\tSELECT Message, Author, Date(Time)\n\t\t\t\tFROM changelog\n\t\t\t\tORDER BY Time DESC\n\t\t\t\tLIMIT 20");
$Changelog = $DB->to_array();
$Cache->cache_value('changelog', $Changelog, 86400);
}
foreach ($Changelog as $Change) {
list($Message, $Author, $Date) = $Change;
echo $Feed->item("{$Date} by {$Author}", $Message, 'tools.php?action=change_log', SITE_NAME . ' Staff', '', '', $Date);
}
break;
case 'torrents_all':
$Feed->channel('All Torrents', 'RSS feed for all new torrent uploads.');
$Feed->retrieve('torrents_all', $_GET['authkey'], $_GET['passkey']);
break;
case 'torrents_music':
$Feed->channel('Music Torrents', 'RSS feed for all new music torrents.');
$Feed->retrieve('torrents_music', $_GET['authkey'], $_GET['passkey']);
