} $hash = md5('s5l6t0mu55yt4hwa7e5' . $torrentid . 'public' . 's5l6t0mu55yt4hwa7e5'); if (!$sure) { stderr("Share Bookmark", "Do you really want to mark this bookmark public? Click\n" . "<a href='?torrent={$torrentid}&action=public&sure=1&h={$hash}'>here</a> if you are sure.", FALSE); } if ($_GET['h'] != $hash) { stderr('Error', 'what are you doing?'); } function publickbookmark($torrentid) { global $CURUSER, $mc1, $INSTALLER09; sql_query("UPDATE bookmarks SET private = 'no' WHERE private = 'yes' AND torrentid = " . sqlesc($torrentid) . " AND userid = " . sqlesc($CURUSER['id'])); $mc1->delete_value('bookmm_' . $CURUSER['id']); make_bookmarks($CURUSER['id'], 'bookmm_'); } $HTMLOUT .= publickbookmark($torrentid); $HTMLOUT .= "<h2>Bookmark made public!</h2>"; } elseif ($action == 'private') { $torrentid = (int) $_GET['torrent']; $sure = isset($_GET['sure']) ? 0 + $_GET['sure'] : ''; if (!is_valid_id($torrentid)) { stderr("Error", "Invalid ID."); } $hash = md5('s5l6t0mu55yt4hwa7e5' . $torrentid . 'private' . 's5l6t0mu55yt4hwa7e5'); if (!$sure) { stderr("Make Bookmark Private", "Do you really want to mark this bookmark private? Click\n" . "<a href='?torrent={$torrentid}&action=private&sure=1&h={$hash}'>here</a> if you are sure.", FALSE); } if ($_GET['h'] != $hash) { stderr('Error', 'what are you doing?'); } if (!is_valid_id($torrentid)) {
if (!is_valid_id($torrentid)) { stderr("Error", "Invalid ID."); } $hash = md5('the salt to' . $torrentid . 'add' . 'mu55y'); if (!$sure) { stderr("Confirm Bookmark", "Do you really want to mark this bookmark public? Click\n" . "<a href=?torrent={$torrentid}&action=public&sure=1&h={$hash}>here</a> if you are sure.", false); } if ($_GET['h'] != $hash) { stderr('Error', 'what are you doing?'); } function publickbookmark($torrentid) { global $CURUSER; mysql_query("UPDATE bookmarks SET private = 'no' WHERE private = 'yes' AND torrentid = {$torrentid} AND userid = {$CURUSER['id']}"); } publickbookmark($torrentid); stdhead("Bookmark made public!"); echo '<h2>Bookmark made public!</h2>'; } elseif ($action == 'private') { $torrentid = (int) $_GET['torrent']; $sure = safeChar($_GET['sure']); if (!is_valid_id($torrentid)) { stderr("Error", "Invalid ID."); } $hash = md5('the salt to' . $torrentid . 'add' . 'mu55y'); if (!$sure) { stderr("Confirm Bookmark", "Do you really want to mark this bookmark private? Click\n" . "<a href=?torrent={$torrentid}&action=private&sure=1&h={$hash}>here</a> if you are sure.", false); } if ($_GET['h'] != $hash) { stderr('Error', 'what are you doing?'); }