list($NewsID,$Title,$Body,$NewsTime) = $NewsItem; echo $Feed->item($Title, $Text->strip_bbcode($Body), 'index.php#'.$NewsID, SITE_NAME.' Staff','','',$NewsTime); } break; case 'feed_blog': include(SERVER_ROOT.'/classes/class_text.php'); $Text = new TEXT; $Feed->channel('Blog', 'RSS feed for site blog.'); if (!$Blog = $Cache->get_value('blog')) { require(SERVER_ROOT.'/classes/class_mysql.php'); //Require the database wrapper $DB=NEW DB_MYSQL; //Load the database wrapper $DB->query("SELECT b.ID, um.Username, b.Title, b.Body, b.Time, b.ThreadID FROM blog AS b LEFT JOIN users_main AS um ON b.UserID=um.ID ORDER BY Time DESC LIMIT 20"); $Blog = $DB->to_array(); $Cache->cache_value('Blog',$Blog,1209600); } foreach ($Blog as $BlogItem) { list($BlogID, $Author, $Title, $Body, $BlogTime, $ThreadID) = $BlogItem; echo $Feed->item($Title, $Text->strip_bbcode($Body), 'forums.php?action=viewthread&threadid='.$ThreadID, SITE_NAME.' Staff','','',$BlogTime); } break; case 'torrents_all': $Feed->channel('All Torrents', 'RSS feed for all new torrent uploads.'); $Feed->retrieve('torrents_all',$_GET['authkey'],$_GET['passkey']);
$DB->query("\n\t\tSELECT Token, Name\n\t\tFROM api_applications\n\t\tWHERE ID = '{$AppID}'\n\t\tLIMIT 1"); $App = $DB->to_array(false, MYSQLI_ASSOC); $Cache->cache_value("api_apps_{$AppID}", $App, 0); } $App = $App[0]; //Handle our request auths if ($_GET['req'] === 'access_request') { if (md5($App['Token']) !== $_GET['key']) { error('invalid'); } } else { $User = $Cache->get_value("api_users_{$UserID}"); if (!is_array($User)) { if (!isset($DB)) { require SERVER_ROOT . '/classes/mysql.class.php'; $DB = new DB_MYSQL(); } $DB->query("\n\t\t\tSELECT AppID, Token, State, Time, Access\n\t\t\tFROM api_users\n\t\t\tWHERE UserID = '{$UserID}'\n\t\t\tLIMIT 1"); //int, no db_string $User = $DB->to_array('AppID', MYSQLI_ASSOC); $Cache->cache_value("api_users_{$UserID}", $User, 0); } $User = $User[$AppID]; if (md5($User['Token'] . $App['Token']) !== $_GET['key']) { error('invalid'); } } die('API put on hold'); require SERVER_ROOT . '/sections/api/' . $_GET['req'] . '.php'; echo '</payload>'; $Debug->profile();
// Enabled - if the user's enabled or not // Permissions if (isset($_COOKIE['session'])) { $LoginCookie = $Enc->decrypt($_COOKIE['session']); } if (isset($LoginCookie)) { list($SessionID, $LoggedUser['ID']) = explode('|~|', $Enc->decrypt($LoginCookie)); $LoggedUser['ID'] = (int) $LoggedUser['ID']; $UserID = $LoggedUser['ID']; //TODO: UserID should not be LoggedUser if (!$LoggedUser['ID'] || !$SessionID) { logout(); } $UserSessions = $Cache->get_value("users_sessions_{$UserID}"); if (!is_array($UserSessions)) { $DB->query("\n\t\t\tSELECT\n\t\t\t\tSessionID,\n\t\t\t\tBrowser,\n\t\t\t\tOperatingSystem,\n\t\t\t\tIP,\n\t\t\t\tLastUpdate\n\t\t\tFROM users_sessions\n\t\t\tWHERE UserID = '{$UserID}'\n\t\t\t\tAND Active = 1\n\t\t\tORDER BY LastUpdate DESC"); $UserSessions = $DB->to_array('SessionID', MYSQLI_ASSOC); $Cache->cache_value("users_sessions_{$UserID}", $UserSessions, 0); } if (!array_key_exists($SessionID, $UserSessions)) { logout(); } // Check if user is enabled $Enabled = $Cache->get_value('enabled_' . $LoggedUser['ID']); if ($Enabled === false) { $DB->query("\n\t\t\tSELECT Enabled\n\t\t\tFROM users_main\n\t\t\tWHERE ID = '{$LoggedUser['ID']}'"); list($Enabled) = $DB->next_record(); $Cache->cache_value('enabled_' . $LoggedUser['ID'], $Enabled, 0); } if ($Enabled == 2) { logout();
global $DB, $Cache; if ((list($Size) = $Cache->get_value('ptpimg_sql_size')) === false) { $DB->query("SELECT SUM(Size) FROM uploads"); list($Size) = $DB->next_record(); $Cache->cache_value('ptpimg_sql_size', array($Size), 60); // 30 minutes } return $Size; } switch ($Action) { case 'random': // random $Count = getImageCount(); // Grab image count $Rand = rand(1, $Count); $DB->query("SELECT Code, Type, Size FROM uploads LIMIT {$Rand}, 1"); list($Code, $Type, $Size) = $DB->next_record(); echo json_encode(array(array('code' => $Code, 'type' => $Type, 'size' => $Size))); break; case 'last5': // last5 $DB->query("SELECT Code, Type, Size FROM uploads ORDER BY ID DESC LIMIT 5"); $Data = array(); while (list($Code, $Type, $Size) = $DB->next_record()) { $Data[] = array('code' => $Code, 'type' => $Type, 'size' => $Size); } echo json_encode(array($Data)); break; case 'stats': // stats $Size = getTotalSize();
list($SessionID, $LoggedUser['ID'])=explode("|~|",$Enc->decrypt($LoginCookie)); $LoggedUser['ID'] = (int)$LoggedUser['ID']; $UserID=$LoggedUser['ID']; //TODO: UserID should not be LoggedUser if (!$LoggedUser['ID'] || !$SessionID) { logout(); } $UserSessions = $Cache->get_value('users_sessions_'.$UserID); if(!is_array($UserSessions)) { $DB->query("SELECT SessionID, Browser, OperatingSystem, IP, LastUpdate FROM users_sessions WHERE UserID='$UserID' ORDER BY LastUpdate DESC"); $UserSessions = $DB->to_array('SessionID',MYSQLI_ASSOC); $Cache->cache_value('users_sessions_'.$UserID, $UserSessions, 0); } if (!array_key_exists($SessionID,$UserSessions)) { logout(); } // Check if user is enabled $Enabled = $Cache->get_value('enabled_'.$LoggedUser['ID']); if($Enabled === false) {
$ts = time(); if (isset($_GET['i']) && is_numeric($_GET['i'])) { $Interval = $_GET['i']; } else { $Interval = 1; } // This is for the totals // Data sets are too big for 12-48 hours $Extra = ''; if ($Interval > 12) { $Extra = "AND DATE_FORMAT(Time, '%i') IN (0,15,30,45)"; } $DateString = $Cache->get_value('graphd_' . $Interval); list($TotalBW, $TotalHits) = $Cache->get_value('grapht_' . $Interval); if (!($TData = $Cache->get_value('graph_' . $Interval))) { $DB->query("SELECT Time, Hits, Bandwidth FROM records WHERE Time > DATE_SUB(NOW(), INTERVAL %d hour) %s", $Interval, $Extra); $TData = $DB->to_array(); $DB->query("SELECT sum(bandwidth), sum(hits) FROM records WHERE Time > DATE_SUB(NOW(), INTERVAL %d hour)", $Interval); list($TotalBW, $TotalHits) = $DB->next_record(); $Cache->cache_value('grapht_' . $Interval, array($TotalBW, $TotalHits), 300); $Cache->cache_value('graph_' . $Interval, $TData, 150); $DateString = "last updated: " . date("j M Y G:i", time()); $Cache->cache_value('graphd_' . $Interval, $DateString, 300); } $i = 0; while (list($Key, list($Time, $Hits, $Bandwidth)) = each($TData)) { $datax[$i] = date("G:i", strtotime($Time)); if (!$Hits) { $Hits = 0; } if (!$Bandwidth) {
require "misc.class.php"; require "sql.class.php"; $DB = new DB_MYSQL(); $Resolution = ""; if (!isset($_GET['v2'])) { $v2 == "def"; } else { $v2 = $_GET['v2']; } if ($v2 == "def") { $Resolution = "(resolution='1536x1180' OR\n\t\tresolution='1180x1536' OR\n\t\tresolution='1600x1200' OR\n\t\tresolution='1200x1600' OR\n\t\tresolution='2048x1536' OR\n\t\tresolution='1536x2048' OR\n\t\tresolution='2240x1680' OR\n\t\tresolution='1680x2240' OR\n\t\tresolution='2560x1920' OR\n\t\tresolution='1920x2560' OR\n\t\tresolution='3032x2008' OR\n\t\tresolution='2008x3032' OR\n\t\tresolution='3072x2304' OR\n\t\tresolution='2304x3072' OR\n\t\tresolution='3264x2448' OR\n\t\tresolution='2448x3264')"; } else { $Resolution = "resolution='" . db_string($_GET['v2']) . "'"; $IDExtra = ""; } $q = "SELECT Code, Extension\n\t\tFROM uploads\n\t\tWHERE\n{$Resolution}\n{$IDExtra}"; $DB->query($q); $Data = $DB->to_array(); if ($IDExtra) { echo "<a href='?v2=def&v6=" . $_GET['v6'] . "&id=" . ($ID + 20000) . "'>next</a><br />"; } while (list($Key, list($Code, $Ext)) = each($Data)) { if ($_GET['v2'] == "def") { echo sprintf("<a href='http://ptpimg.me/%s.%s'><img src='http://ptpimg.me/%s.%s' height='500' width='500' /></a><br />", $Code, $Ext, $Code, $Ext); } else { echo sprintf("<a href='http://ptpimg.me/%s.%s'><img src='http://ptpimg.me/%s.%s' /></a><br />", $Code, $Ext, $Code, $Ext); } } if ($IDExtra) { echo "<a href='?v2=def&v6=" . $_GET['v6'] . "&id=" . ($ID + 20000) . "'>next</a><br />"; }
if (!isset($_GET['act']) || empty($_GET['act'])) { $_GET['act'] = "def_action"; } switch ($_GET['act']) { case 'login': case 'logout': //------------------- // LOGIN/LOGOUT //------------------- if (isset($_GET['act']) && $_GET['act'] == "logout") { logout(); } // Process the input if (!empty($_GET['tkl'])) { if (isset($_POST['username']) && preg_match('/^[a-z0-9_?]{1,20}$/iD', $_POST['username']) && strlen($_POST['password']) < 40) { $DB->query("SELECT\n\t\t\t\t\tID,\n\t\t\t\t\tPassword,\n\t\t\t\t\tSecret,\n\t\t\t\t\tEnabled\n\t\t\t\t\tFROM users WHERE Username='******'username']) . "'\n\t\t\t\t\tAND Username<>''"); list($UserID, $PassHash, $Secret, $Enabled) = $DB->next_record(); if ($UserID && $PassHash == make_hash($_POST['password'], $Secret) && $Enabled == 1) { $User->doLogin($UserID); if (empty($_POST['ref_page'])) { header("Location: index.php"); } else { $URL = base64_decode($_POST['ref_page']); if (preg_match('/^\\/[a-zA-Z0-9]+\\.php/i', $URL)) { header("Location: {$URL}"); } else { header("Location: index.php"); } } exit; } else {
$Cache = NEW CACHE; //Load the caching class $Enc = NEW CRYPT; //Load the encryption class date_default_timezone_set('UTC'); if (isset($_COOKIE['session'])) { $LoginCookie=$Enc->decrypt($_COOKIE['session']); } if(isset($LoginCookie)) { list($SessionID, $UserID)=explode("|~|",$Enc->decrypt($LoginCookie)); if(!$UserID || !$SessionID) { die('Not logged in!'); } if(!$Enabled = $Cache->get_value('enabled_'.$UserID)){ require(SERVER_ROOT.'/classes/class_mysql.php'); //Require the database wrapper $DB=NEW DB_MYSQL; //Load the database wrapper $DB->query("SELECT Enabled FROM users_main WHERE ID='$UserID'"); list($Enabled) = $DB->next_record(); $Cache->cache_value('enabled_'.$UserID, $Enabled, 0); } } else { die('Not logged in!'); } function error($Error) { die($Error); } function is_number($Str) { if ($Str < 0) { return false; } // We're converting input to a int, then string and comparing to original return ($Str == strval(intval($Str)) ? true : false);
// upload via Java application if (!isset($_GET['key']) && $_GET['key'] != "QT5LGz7ktGFVZpfFArVHCpEvDcC3qrUZrf0kP") { die("404/Invalid API key"); } while ($code = randFN()) { if (!file_exists('raw/$code')) { break; } } $Data = getdata($_FILES['uploadfile']['tmp_name']); $res = $Data['res']; $ext = $Data['ext']; $hash = $Data['md5']; $size = $Data['size']; $ImageType = $Data['type']; $DB->query("SELECT Code, Extension FROM uploads WHERE NewHash='" . db_string($hash) . "'"); if ($DB->record_count() > 0) { list($Code, $Extension) = $DB->next_record(); $results[] = array("status" => 13, "code" => $Code, "ext" => $Extension); echo $Code . '.' . $Extension; die; } // Flush image contents to a temp file //$src=tempnam("/tmp", "ptpimg."); $src = "raw/{$code}"; if (!move_uploaded_file($_FILES['uploadfile']['tmp_name'], $src)) { die("error"); } $results = array(); $DB->query("INSERT INTO uploads (NewHash, UserID, Extension, Code, Resolution, Size, Type) VALUES('" . db_string($hash) . "', '" . db_string($_GET['uid']) . "', '" . db_string($ext) . "', '" . db_string($code) . "', '" . db_string($res) . "', '" . db_string($size) . "', '" . db_string($ImageType) . "')"); if ($DB->affected_rows() > 0) {
<?php //树形 require_once '../../../include/config.php'; require_once '../../../include/mysql.class.php'; require_once '../../../include/common.fun.php'; /*New DB*/ $dbc = new DB_MYSQL(); $dbc->connect(g_db_host, g_db_user, g_db_pass, g_db_name, 0, 'utf8'); $tree_id = $_REQUEST['tree_id']; if ($tree_id != '') { $sql = "SELECT a.*,(SELECT COUNT(*) FROM " . g_tbl_prefix . "call_nature b WHERE a.id = b.parentid ) as cid_num FROM " . g_tbl_prefix . "call_nature a \r\n\tWHERE 1=1 AND a.active = 1 "; $sql .= "AND a.parentid = '{$tree_id}' "; $sql .= "ORDER BY a.orders ASC,a.id ASC"; $q = $dbc->query($sql); while ($r = $dbc->fetch_array($q)) { $n = $r['cid_num']; $list .= "<li id='{$r['id']}'><span class=''>{$r['title']} [ID:{$r['id']} 子类:{$r['cid_num']}]</span>\r\n"; if ($n > 0) { $list .= "<ul class='ajax'>\r\n"; $list .= "<li id='{$r['email']}'>{url:loadTree.php?tree_id=" . $r['id'] . "}</li>\r\n"; $list .= "</ul>\r\n"; } $list .= "</li>\r\n"; } echo $list; } unset($dbc); ?> <!-- <li id='35'><span class="text">Tree Node Ajax 1</span></li>
echo $c; if ($Sneaky) { global $DB, $Cache; print_r($DB); print_r($Cache); } } // API Keys; ptpimg+api@nervex.net $ApiKeys = array("QT5LGz7ktGFVZpfFArVHCpEvDcC3qrUZrf0kP", "iSQGkh6VJjAtkMjcDQysTPXOUGxiHutVYBw71"); $Browser = $UA->browser($_SERVER['HTTP_USER_AGENT']); $OperatingSystem = $UA->operating_system($_SERVER['HTTP_USER_AGENT']); //$Mobile = $UA->mobile($_SERVER['HTTP_USER_AGENT']); // Get permissions list($Classes, $ClassLevels) = $Cache->get_value('classes'); if (!$Classes || !$ClassLevels) { $DB->query('SELECT ID, Name, Level FROM permissions ORDER BY Level'); $Classes = $DB->to_array('ID'); $ClassLevels = $DB->to_array('Level'); $Cache->cache_value('classes', array($Classes, $ClassLevels), 0); } if (isset($_COOKIE['session'])) { $LoginCookie = $Enc->decrypt($_COOKIE['session']); } if (isset($LoginCookie)) { list($SessionID, $LoggedUser['ID']) = explode("|~|", $Enc->decrypt($LoginCookie)); $LoggedUser['ID'] = (int) $LoggedUser['ID']; $UserID = $LoggedUser['ID']; //TODO: UserID should not be LoggedUser if (!$LoggedUser['ID'] || !$SessionID) { logout(); }
//Load the encryption class $SSL = $_SERVER['SERVER_PORT'] === '443'; if (isset($_COOKIE['session'])) { $LoginCookie = $Enc->decrypt($_COOKIE['session']); } if (isset($LoginCookie)) { list($SessionID, $UserID) = explode("|~|", $Enc->decrypt($LoginCookie)); if (!$UserID || !$SessionID) { die('Not logged in!'); } if (!($Enabled = $Cache->get_value("enabled_{$UserID}"))) { require SERVER_ROOT . '/classes/mysql.class.php'; //Require the database wrapper $DB = new DB_MYSQL(); //Load the database wrapper $DB->query("\n\t\t\tSELECT Enabled\n\t\t\tFROM users_main\n\t\t\tWHERE ID = '{$UserID}'"); list($Enabled) = $DB->next_record(); $Cache->cache_value("enabled_{$UserID}", $Enabled, 0); } } else { die('Not logged in!'); } function error($Error) { die($Error); } function is_number($Str) { if ($Str < 0) { return false; }
} define('SQLHOST', 'localhost'); //The MySQL host ip/fqdn define('SQLLOGIN', 'ptpimg'); //The MySQL login define('SQLPASS', 'mri34mni'); //The MySQL password define('SQLDB', 'ptpimg'); //The MySQL database to use define('SQLPORT', '3306'); //The MySQL port to connect on define('SQLSOCK', '/var/run/mysqld/mysqld.sock'); require "misc.class.php"; require "sql.class.php"; $DB = new DB_MYSQL(); $DB->query("SELECT ID, Code FROM uploads WHERE NewHash=''"); $Results = $DB->to_array('', MYSQLI_NUM, false); $UBound = count($Results); $QueryCount = 0; $Query = array(); while (list($Key, list($ID, $Code)) = each($Results)) { if ($QueryCount > 500) { echo "500 queries, flushing."; $x = microtime(); $x = explode(" ", $x); $x = $x[1] + $x[0]; foreach ($Query as $q) { $DB->query($q); } $y = microtime(); $y = explode(" ", $y);
<? $UserStats = $Cache->get_value('user_stats_'.$UserID); if(!is_array($UserStats)) { if (!isset($DB)) { require(SERVER_ROOT.'/classes/class_mysql.php'); $DB = new DB_MYSQL; } $DB->query("SELECT Uploaded AS BytesUploaded, Downloaded AS BytesDownloaded, RequiredRatio FROM users_main WHERE ID='$UserID'"); $UserStats = $DB->next_record(MYSQLI_ASSOC); $Cache->cache_value('user_stats_'.$LoggedUser['ID'], $UserStats, 3600); } $Up = $UserStats['BytesUploaded']; $Down = $UserStats['BytesDownloaded']; $ReqRat = $UserStats['RequiredRatio']; if ($Down > 0) { $Rat = $Up/$Down; } else { $Rat = 0; } ?> <uploaded><?php echo $Up; ?> </uploaded> <downloaded><?php echo $Down; ?> </downloaded> <ratio><?php echo $Rat; ?>
foreach ($Blog as $BlogItem) { list($BlogID, $Author, $AuthorID, $Title, $Body, $BlogTime, $ThreadID) = $BlogItem; if ($ThreadID) { echo $Feed->item($Title, Text::strip_bbcode($Body), "forums.php?action=viewthread&threadid={$ThreadID}", SITE_NAME . ' Staff', '', '', $BlogTime); } else { echo $Feed->item($Title, Text::strip_bbcode($Body), "blog.php#blog{$BlogID}", SITE_NAME . ' Staff', '', '', $BlogTime); } } break; case 'feed_changelog': $Feed->channel('Gazelle Change Log', 'RSS feed for Gazelle\'s changelog.'); if (!($Changelog = $Cache->get_value('changelog'))) { require SERVER_ROOT . '/classes/mysql.class.php'; require SERVER_ROOT . '/classes/misc.class.php'; $DB = new DB_MYSQL(); $DB->query("\n\t\t\t\tSELECT Message, Author, Date(Time)\n\t\t\t\tFROM changelog\n\t\t\t\tORDER BY Time DESC\n\t\t\t\tLIMIT 20"); $Changelog = $DB->to_array(); $Cache->cache_value('changelog', $Changelog, 86400); } foreach ($Changelog as $Change) { list($Message, $Author, $Date) = $Change; echo $Feed->item("{$Date} by {$Author}", $Message, 'tools.php?action=change_log', SITE_NAME . ' Staff', '', '', $Date); } break; case 'torrents_all': $Feed->channel('All Torrents', 'RSS feed for all new torrent uploads.'); $Feed->retrieve('torrents_all', $_GET['authkey'], $_GET['passkey']); break; case 'torrents_music': $Feed->channel('Music Torrents', 'RSS feed for all new music torrents.'); $Feed->retrieve('torrents_music', $_GET['authkey'], $_GET['passkey']);