Esempio n. 1
0
 /**
  * Edit a comment
  * @param int $PostID
  * @param string $NewBody
  * @param bool $SendPM If true, send a PM to the author of the comment informing him about the edit
  * @todo move permission check out of here/remove hardcoded error(404)
  */
 public static function edit($PostID, $NewBody, $SendPM = false)
 {
     $QueryID = G::$DB->get_query_id();
     G::$DB->query("\n\t\t\tSELECT\n\t\t\t\tBody,\n\t\t\t\tAuthorID,\n\t\t\t\tPage,\n\t\t\t\tPageID,\n\t\t\t\tAddedTime\n\t\t\tFROM comments\n\t\t\tWHERE ID = {$PostID}");
     if (!G::$DB->has_results()) {
         return false;
     }
     list($OldBody, $AuthorID, $Page, $PageID, $AddedTime) = G::$DB->next_record();
     if (G::$LoggedUser['ID'] != $AuthorID && !check_perms('site_moderate_forums')) {
         return false;
     }
     G::$DB->query("\n\t\t\tSELECT CEIL(COUNT(ID) / " . TORRENT_COMMENTS_PER_PAGE . ") AS Page\n\t\t\tFROM comments\n\t\t\tWHERE Page = '{$Page}'\n\t\t\t\tAND PageID = {$PageID}\n\t\t\t\tAND ID <= {$PostID}");
     list($CommPage) = G::$DB->next_record();
     // Perform the update
     G::$DB->query("\n\t\t\tUPDATE comments\n\t\t\tSET\n\t\t\t\tBody = '" . db_string($NewBody) . "',\n\t\t\t\tEditedUserID = " . G::$LoggedUser['ID'] . ",\n\t\t\t\tEditedTime = '" . sqltime() . "'\n\t\t\tWHERE ID = {$PostID}");
     // Update the cache
     $CatalogueID = floor((TORRENT_COMMENTS_PER_PAGE * $CommPage - TORRENT_COMMENTS_PER_PAGE) / THREAD_CATALOGUE);
     G::$Cache->delete_value($Page . '_comments_' . $PageID . '_catalogue_' . $CatalogueID);
     if ($Page == 'collages') {
         // On collages, we also need to clear the collage key (collage_$CollageID), because it has the comments in it... (why??)
         G::$Cache->delete_value('collage_' . $PageID);
     }
     G::$DB->query("\n\t\t\tINSERT INTO comments_edits (Page, PostID, EditUser, EditTime, Body)\n\t\t\tVALUES ('{$Page}', {$PostID}, " . G::$LoggedUser['ID'] . ", '" . sqltime() . "', '" . db_string($OldBody) . "')");
     G::$DB->set_query_id($QueryID);
     if ($SendPM && G::$LoggedUser['ID'] != $AuthorID) {
         // Send a PM to the user to notify them of the edit
         $PMSubject = "Your comment #{$PostID} has been edited";
         $PMurl = site_url() . "comments.php?action=jump&postid={$PostID}";
         $ProfLink = '[url=' . site_url() . 'user.php?id=' . G::$LoggedUser['ID'] . ']' . G::$LoggedUser['Username'] . '[/url]';
         $PMBody = "One of your comments has been edited by {$ProfLink}: [url]{$PMurl}[/url]";
         Misc::send_pm($AuthorID, 0, $PMSubject, $PMBody);
     }
     return true;
     // TODO: this should reflect whether or not the update was actually successful, e.g. by checking G::$DB->affected_rows after the UPDATE query
 }
Esempio n. 2
0
function mrt_sub0()
{
    mrt_wpss_menu_head('WP - Security Scan');
    ?>

          <div style="height:299px">
<table width="100%"  border="0" cellspacing="0" cellpadding="3" style="text-align:center;">
         <tr>
        <th style="border:0px;"><b>Name</b></th>
        <th style="border:0px;"><b>File/Dir</b></th>
        <th style="border:0px;"><b>Needed Chmod</b></th>
        <th style="border:0px;"><b>Current Chmod</b></th>
  <!--      <th style="border:0px;"><b>Change Permissions</b></th>-->
    </tr>
    <?php 
    check_perms("root directory", "../", "0755");
    check_perms("wp-includes/", "../wp-includes", "0755");
    check_perms(".htaccess", "../.htaccess", "0644");
    check_perms("wp-admin/index.php", "index.php", "0644");
    check_perms("wp-admin/js/", "js/", "0755");
    check_perms("wp-content/themes/", "../wp-content/themes", "0755");
    check_perms("wp-content/plugins/", "../wp-content/plugins", "0755");
    check_perms("wp-admin/", "../wp-admin", "0755");
    check_perms("wp-content/", "../wp-content", "0755");
    ?>
</table>


          </div>
<?php 
    mrt_wpss_menu_footer();
}
Esempio n. 3
0
function mrt_sub0(){?>
<div class=wrap>
                <h2><?php _e('WP - Security Scan') ?></h2>
          <div style="height:299px">
<table width="100%"  border="0" cellspacing="0" cellpadding="3" style="text-align:center;">
         <tr>
        <th style="border:0px;"><b>Name</b></th>
        <th style="border:0px;"><b>File/Dir</b></th>
        <th style="border:0px;"><b>Needed Chmod</b></th>
        <th style="border:0px;"><b>Current Chmod</b></th>
  <!--      <th style="border:0px;"><b>Change Permissions</b></th>-->
    </tr>
    <?php
        check_perms("root directory","../","0755");
        check_perms("wp-includes/","../wp-includes","0755");
        check_perms(".htaccess","../.htaccess","0644");
        check_perms("wp-admin/index.php","index.php","0644");
        check_perms("wp-admin/js/","js/","0755");
        check_perms("wp-content/themes/","../wp-content/themes","0755");
        check_perms("wp-content/plugins/","../wp-content/plugins","0755");
        check_perms("wp-admin/","../wp-admin","0755");
        check_perms("wp-content/","../wp-content","0755");
    ?>
</table>


          </div>
             Plugin by <a href="http://semperfiwebdesign.com/" title="Semper Fi Web Design">Semper Fi Web Design</a>
        </div>
<?php } ?>
Esempio n. 4
0
 private static function get_teams_query()
 {
     $Teams = array(0);
     $IsMod = check_perms("users_mod");
     if ($IsMod) {
         $Teams[] = 1;
     }
     return "Team IN (" . implode(",", $Teams) . ") ";
 }
Esempio n. 5
0
 /**
  * 检查页面是否有权限显示对应的入口
  * @param string $params
  * @param string $content
  * @param string $tpl
  * @return string
  */
 static function checkperms($params, $content, &$tpl)
 {
     $perms = isset($params['perms']) ? $params['perms'] : '';
     $uid = isset($params['uid']) ? $params['uid'] : 0;
     $site = isset($params['site']) ? $params['site'] : 'admin';
     if (check_perms($perms, $uid, $site)) {
         return $content;
     }
     return '';
 }
Esempio n. 6
0
    public static function render_donor_stats($UserID)
    {
        $OwnProfile = G::$LoggedUser['ID'] == $UserID;
        if (check_perms("users_mod") || $OwnProfile || Donations::is_visible($UserID)) {
            ?>
			<div class="box box_info box_userinfo_donor_stats">
				<div class="head colhead_dark">Donor Statistics</div>
				<ul class="stats nobullet">
<?php 
            if (Donations::is_donor($UserID)) {
                if (check_perms('users_mod') || $OwnProfile) {
                    ?>
					<li>
						Total donor points: <?php 
                    echo Donations::get_total_rank($UserID);
                    ?>
					</li>
<?php 
                }
                ?>
					<li>
						Current donor rank: <?php 
                echo self::render_rank(Donations::get_rank($UserID), Donations::get_special_rank($UserID), true);
                ?>
					</li>
					<li>
						Leaderboard position: <?php 
                echo Donations::get_leaderboard_position($UserID);
                ?>
					</li>
					<li>
						Last donated: <?php 
                echo time_diff(Donations::get_donation_time($UserID));
                ?>
					</li>
					<li>
						Rank expires: <?php 
                echo Donations::get_rank_expiration($UserID);
                ?>
					</li>
<?php 
            } else {
                ?>
					<li>
						This user hasn't donated.
					</li>
<?php 
            }
            ?>
				</ul>
			</div>
<?php 
        }
    }
Esempio n. 7
0
    /**
     * Generate voting links for torrent pages, etc.
     * @param $GroupID
     * @param $Vote The pre-existing vote, if it exists 'Up'|'Down'
     */
    public static function vote_link($GroupID, $Vote = '')
    {
        if (!G::$LoggedUser['NoVoteLinks'] && check_perms('site_album_votes')) {
            ?>
			<span class="votespan brackets" style="white-space: nowrap;">
				Vote:
				<a href="#" onclick="UpVoteGroup(<?php 
            echo $GroupID;
            ?>
, '<?php 
            echo G::$LoggedUser['AuthKey'];
            ?>
'); return false;" class="tooltip small_upvote vote_link_<?php 
            echo $GroupID;
            echo !empty($Vote) ? ' hidden' : '';
            ?>
" style="font-weight: bolder;" title="Upvote">&and;</a>
				<span class="tooltip voted_type small_upvoted voted_up_<?php 
            echo $GroupID;
            echo $Vote == 'Down' || empty($Vote) ? ' hidden' : '';
            ?>
" style="font-weight: bolder;" title="Upvoted">&and;</span>
				<a href="#" onclick="DownVoteGroup(<?php 
            echo $GroupID;
            ?>
, '<?php 
            echo G::$LoggedUser['AuthKey'];
            ?>
'); return false;" class="tooltip small_downvote vote_link_<?php 
            echo $GroupID;
            echo !empty($Vote) ? ' hidden' : '';
            ?>
" style="font-weight: bolder;" title="Downvote">&or;</a>
				<span class="tooltip voted_type small_downvoted voted_down_<?php 
            echo $GroupID;
            echo $Vote == 'Up' || empty($Vote) ? ' hidden' : '';
            ?>
" style="font-weight: bolder;" title="Downvoted">&or;</span>
				<a href="#" onclick="UnvoteGroup(<?php 
            echo $GroupID;
            ?>
, '<?php 
            echo G::$LoggedUser['AuthKey'];
            ?>
'); return false;" class="tooltip small_clearvote vote_clear_<?php 
            echo $GroupID;
            echo empty($Vote) ? ' hidden' : '';
            ?>
" title="Clear your vote">x</a>
			</span>
<?php 
        }
    }
Esempio n. 8
0
 /**
  * Standard modular run function for OcCLE hooks.
  *
  * @param  array	The options with which the command was called
  * @param  array	The parameters with which the command was called
  * @param  array	A reference to the OcCLE filesystem object
  * @return array	Array of stdcommand, stdhtml, stdout, and stderr responses
  */
 function run($options, $parameters, &$occle_fs)
 {
     if (array_key_exists('h', $options) || array_key_exists('help', $options)) {
         return array('', do_command_help('check_perms', array('h'), array()), '', '');
     } else {
         require_code('upgrade');
         $result = check_perms();
         if ($result == '') {
             $result = do_lang('NO_ACTION_REQUIRED');
         }
         return array('', $result, '', '');
     }
 }
Esempio n. 9
0
	public function get_value($Key, $NoCache=false) {
		$StartTime=microtime(true);
		if (empty($Key)) {
			trigger_error("Cache retrieval failed for empty key");
		}

		if (isset($_GET['clearcache']) && check_perms('admin_clear_cache')) {
			if ($_GET['clearcache'] == 1) {
				//Because check_perms isn't true until loggeduser is pulled from the cache, we have to remove the entries loaded before the loggeduser data
				//Because of this, not user cache data will require a secondary pageload following the clearcache to update
				if (count($this->CacheHits) > 0) {
					foreach ($this->CacheHits as $Key => $Entry) {
						$this->delete($Key);
						unset($this->CacheHits[$Key]);
					}
				}
				$this->delete($Key);
				$this->Time+=(microtime(true)-$StartTime)*1000;
				return false;
			} elseif ($_GET['clearcache'] == $Key) {
				$this->delete($Key);
				$this->Time+=(microtime(true)-$StartTime)*1000;
				return false;
			} elseif (in_array($_GET['clearcache'], $this->CacheHits)) {
				unset($this->CacheHits[$_GET['clearcache']]);
				$this->delete($_GET['clearcache']);
			}
		}

		//For cases like the forums, if a keys already loaded grab the existing pointer
		if (isset($this->CacheHits[$Key]) && !$NoCache) {
			$this->Time+=(microtime(true)-$StartTime)*1000;
			return $this->CacheHits[$Key];
		}

		$Return = $this->get($Key);
		if ($Return) {
			$this->CacheHits[$Key] = $Return;
		}
		$this->Time+=(microtime(true)-$StartTime)*1000;
		return $Return;
	}
Esempio n. 10
0
function mrt_sub0()
{
    mrt_wpss_menu_head('WP - Security Scan');
    ?>

          <div class="metabox-holder">
              <div class="postbox">
                  <h3 class="hndle"><span><?php 
    echo __('Directory Info');
    ?>
</span></h3>
                  <div class="inside">
<table id="wsd_permissions_table" width="100%"  border="0" cellspacing="0" cellpadding="3" 
       style="text-align:center; border: solid 1px #333;">
         <thead style="background: #333;">
            <th style="border:0px; padding: 4px 4px;"><strong style="color: #f5f5f5">Name</strong></th>
            <th style="border:0px; padding: 4px 4px;"><strong style="color: #f5f5f5">File/Dir</strong></th>
            <th style="border:0px; padding: 4px 4px;"><strong style="color: #f5f5f5">Needed Chmod</strong></th>
            <th style="border:0px; padding: 4px 4px;"><strong style="color: #f5f5f5">Current Chmod</strong></th>
        </thead>
        <tbody>
    <?php 
    // DIR_NAME | DIR_PATH | EXPECTED_PERMISSION
    check_perms("root directory", "../", "0755");
    check_perms("wp-includes/", "../wp-includes", "0755");
    check_perms(".htaccess", "../.htaccess", "0644");
    check_perms("wp-admin/index.php", "index.php", "0644");
    check_perms("wp-admin/js/", "js/", "0755");
    check_perms("wp-content/themes/", "../wp-content/themes", "0755");
    check_perms("wp-content/plugins/", "../wp-content/plugins", "0755");
    check_perms("wp-admin/", "../wp-admin", "0755");
    check_perms("wp-content/", "../wp-content", "0755");
    ?>
        </tbody>
</table>

                  </div></div></div>
<?php 
    mrt_wpss_menu_footer();
}
Esempio n. 11
0
if (!$DB->has_results()) {
    error(404);
}
list($UploaderID, $UploadTime, $TorrentReleaseType, $Bitrate, $Format, $Media, $HasLog, $HasCue, $LogScore, $TorrentCategoryID, $TorrentCatalogueNumber) = $DB->next_record();
$FillerID = $LoggedUser['ID'];
$FillerUsername = $LoggedUser['Username'];
if (!empty($_POST['user']) && check_perms('site_moderate_requests')) {
    $FillerUsername = $_POST['user'];
    $DB->query("\n\t\tSELECT ID\n\t\tFROM users_main\n\t\tWHERE Username LIKE '" . db_string($FillerUsername) . "'");
    if (!$DB->has_results()) {
        $Err = 'No such user to fill for!';
    } else {
        list($FillerID) = $DB->next_record();
    }
}
if (time_ago($UploadTime) < 3600 && $UploaderID !== $FillerID && !check_perms('site_moderate_requests')) {
    $Err = 'There is a one hour grace period for new uploads to allow the torrent\'s uploader to fill the request.';
}
$DB->query("\n\tSELECT\n\t\tTitle,\n\t\tUserID,\n\t\tTorrentID,\n\t\tCategoryID,\n\t\tReleaseType,\n\t\tCatalogueNumber,\n\t\tBitrateList,\n\t\tFormatList,\n\t\tMediaList,\n\t\tLogCue\n\tFROM requests\n\tWHERE ID = {$RequestID}");
list($Title, $RequesterID, $OldTorrentID, $RequestCategoryID, $RequestReleaseType, $RequestCatalogueNumber, $BitrateList, $FormatList, $MediaList, $LogCue) = $DB->next_record();
if (!empty($OldTorrentID)) {
    $Err = 'This request has already been filled.';
}
if ($RequestCategoryID !== '0' && $TorrentCategoryID !== $RequestCategoryID) {
    $Err = 'This torrent is of a different category than the request. If the request is actually miscategorized, please contact staff.';
}
$CategoryName = $Categories[$RequestCategoryID - 1];
if ($CategoryName === 'Music') {
    //Commenting out as it's causing some issues with some users being unable to fill, unsure what it is, etc
    /*if ($RequestCatalogueNumber) {
    		if ($TorrentCatalogueNumber !== $RequestCatalogueNumber) {
Esempio n. 12
0
<?php 
    }
    ?>
		</div>
		<div class="pad">
					<?php 
    echo Text::full_format($Body);
    if ($ThreadID) {
        ?>
			<br /><br />
			<em><a href="forums.php?action=viewthread&amp;threadid=<?php 
        echo $ThreadID;
        ?>
">Discuss this post here</a></em>
<?php 
        if (check_perms('admin_manage_blog')) {
            ?>
			<a href="blog.php?action=deadthread&amp;id=<?php 
            echo $BlogID;
            ?>
&amp;auth=<?php 
            echo $LoggedUser['AuthKey'];
            ?>
" class="brackets">Remove link</a>
<?php 
        }
    }
    ?>
		</div>
	</div>
	<br />
Esempio n. 13
0
<?
if(!check_perms('torrents_edit')) { error(403); }

$GroupID = $_POST['groupid'];
$OldGroupID = $GroupID;
$NewGroupID = db_string($_POST['targetgroupid']);

if(!$GroupID || !is_number($GroupID)) { error(404); }
if(!$NewGroupID || !is_number($NewGroupID)) { error(404); }
if($NewGroupID == $GroupID) {
	error('Old group ID is the same as new group ID!');
}
$DB->query("SELECT ID FROM torrents_group WHERE ID='$NewGroupID'");
if($DB->record_count()==0) {
	error('Target group does not exist.');
}

//Everything is legit, let's just confim they're not retarded
if(empty($_POST['confirm'])) {
	$DB->query("SELECT Name FROM torrents_group WHERE ID = ".$GroupID);
	list($Name) = $DB->next_record();
	$DB->query("SELECT Name FROM torrents_group WHERE ID = ".$NewGroupID);
	list($NewName) = $DB->next_record();
	
	$Artists = get_artists(array($GroupID, $NewGroupID));
	
	show_header();
?>
	<div class="center thin">
	<h2>Merge Confirm!</h2>
	<div class="box pad">
Esempio n. 14
0
<?php

//******************************************************************************//
//--------------- Vote on a request --------------------------------------------//
//This page is ajax!
if (!check_perms('site_vote')) {
    error(403);
}
authorize();
if (empty($_GET['id']) || !is_number($_GET['id'])) {
    error(0);
}
$RequestID = $_GET['id'];
if (empty($_GET['amount']) || !is_number($_GET['amount']) || $_GET['amount'] < $MinimumVote) {
    $Amount = $MinimumVote;
} else {
    $Amount = $_GET['amount'];
}
$Bounty = $Amount * (1 - $RequestTax);
$DB->query("\n\tSELECT TorrentID\n\tFROM requests\n\tWHERE ID = {$RequestID}");
list($Filled) = $DB->next_record();
if ($LoggedUser['BytesUploaded'] >= $Amount && $Filled === '0') {
    // Create vote!
    $DB->query("\n\t\tINSERT IGNORE INTO requests_votes\n\t\t\t(RequestID, UserID, Bounty)\n\t\tVALUES\n\t\t\t({$RequestID}, " . $LoggedUser['ID'] . ", {$Bounty})");
    if ($DB->affected_rows() < 1) {
        //Insert failed, probably a dupe vote, just increase their bounty.
        $DB->query("\n\t\t\t\tUPDATE requests_votes\n\t\t\t\tSET Bounty = (Bounty + {$Bounty})\n\t\t\t\tWHERE UserID = " . $LoggedUser['ID'] . "\n\t\t\t\t\tAND RequestID = {$RequestID}");
        echo 'dupe';
    }
    $DB->query("\n\t\tUPDATE requests\n\t\tSET LastVote = NOW()\n\t\tWHERE ID = {$RequestID}");
    $Cache->delete_value("request_{$RequestID}");
Esempio n. 15
0
?>
					<li><?php 
echo format_username($ID, $User['name']);
?>
 (<?php 
echo $User['count'];
?>
)</li>
<?
}
?>
				</ol>
			
			</div>
		</div>
<? if(check_perms('site_collages_manage')) { ?>
		<div class="box">
			<div class="head"><strong>Add torrent</strong></div>
			<div class="pad">
				<form action="collages.php" method="post">
<?	if(!empty($_SESSION['error'])) { ?>
					<p style="color: red;"><?php 
echo $_SESSION['error'];
?>
</p>
<? 		unset($_SESSION['error']);
	} ?>
					<input type="hidden" name="action" value="add_torrent" />
					<input type="hidden" name="collageid" value="<?php 
echo $CollageID;
?>
Esempio n. 16
0
<?php

// perform the back end of updating a report comment
authorize();
if (!check_perms('admin_reports')) {
    error(403);
}
if (empty($_POST['reportid']) || !is_number($_POST['reportid'])) {
    echo 'HAX ATTEMPT!' . $_GET['reportid'];
    die;
}
$ReportID = $_POST['reportid'];
$Message = db_string($_POST['comment']);
//Message can be blank!
$DB->query("\n\tSELECT ModComment\n\tFROM reportsv2\n\tWHERE ID = {$ReportID}");
list($ModComment) = $DB->next_record();
if (isset($ModComment)) {
    $DB->query("\n\t\tUPDATE reportsv2\n\t\tSET ModComment = '{$Message}'\n\t\tWHERE ID = {$ReportID}");
}
Esempio n. 17
0
<?php

authorize();
if (!check_perms('site_edit_wiki')) {
    error(403);
}
$UserID = $LoggedUser['ID'];
$GroupID = db_string($_POST['groupid']);
$Summaries = $_POST['summary'];
$Images = $_POST['image'];
$Time = sqltime();
if (!is_number($GroupID) || !$GroupID) {
    error(0);
}
if (count($Images) != count($Summaries)) {
    error('Missing an image or a summary');
}
$Changed = false;
for ($i = 0; $i < count($Images); $i++) {
    $Image = $Images[$i];
    $Summary = $Summaries[$i];
    if (ImageTools::blacklisted($Image, true) || !preg_match("/^" . IMAGE_REGEX . "\$/i", $Image)) {
        continue;
    }
    // sanitize inputs
    $Image = db_string($Image);
    $Summary = db_string($Summary);
    $DB->query("\n\t\tINSERT IGNORE INTO cover_art\n\t\t\t(GroupID, Image, Summary, UserID, Time)\n\t\tVALUES\n\t\t\t('{$GroupID}', '{$Image}', '{$Summary}', '{$UserID}', '{$Time}')");
    if ($DB->affected_rows()) {
        $Changed = true;
    }
Esempio n. 18
0
<?

$CollageID = $_GET['collageid'];
if(!is_number($CollageID) || !$CollageID) { 
	error(404); 
}

$DB->query("SELECT Name, UserID FROM collages WHERE ID='$CollageID'");
list($Name, $UserID) = $DB->next_record();

if(!check_perms('site_collages_delete') && $UserID != $LoggedUser['ID']) {
	error(403);
}

show_header('Delete collage');
?>
<div class="thin center">
	<div class="box" style="width:600px; margin:0px auto;">
		<div class="head colhead">
			Delete collage
		</div>
		<div class="pad">
			<form action="collages.php" method="post">
				<input type="hidden" name="action" value="take_delete" />
				<input type="hidden" name="collageid" value="<?php 
echo $CollageID;
?>
" />
				<strong>Reason: </strong>
				<input type="text" name="reason" size="30" />
				<input value="Delete" type="submit" />
Esempio n. 19
0
    $DB->query("\n\t\tSELECT ID\n\t\tFROM collages\n\t\tWHERE Name = '" . $P['name'] . "'");
    $i = 2;
    while ($DB->has_results()) {
        $P['name'] = db_string("{$name} no. {$i}");
        $DB->query("\n\t\t\tSELECT ID\n\t\t\tFROM collages\n\t\t\tWHERE Name = '" . $P['name'] . "'");
        $i++;
    }
}
$Val->SetFields('description', '1', 'string', 'The description must be between 10 and 65535 characters', array('maxlength' => 65535, 'minlength' => 10));
$Err = $Val->ValidateForm($_POST);
if (!$Err && $P['category'] === '0') {
    $DB->query("\n\t\tSELECT COUNT(ID)\n\t\tFROM collages\n\t\tWHERE UserID = '{$LoggedUser['ID']}'\n\t\t\tAND CategoryID = '0'\n\t\t\tAND Deleted = '0'");
    list($CollageCount) = $DB->next_record();
    if ($CollageCount >= $LoggedUser['Permissions']['MaxCollages'] || !check_perms('site_collages_personal')) {
        $Err = 'You may not create a personal collage.';
    } elseif (check_perms('site_collages_renamepersonal') && !stristr($P['name'], $LoggedUser['Username'])) {
        $Err = 'Your personal collage\'s title must include your username.';
    }
}
if (!$Err) {
    $DB->query("\n\t\tSELECT ID, Deleted\n\t\tFROM collages\n\t\tWHERE Name = '{$P['name']}'");
    if ($DB->has_results()) {
        list($ID, $Deleted) = $DB->next_record();
        if ($Deleted) {
            $Err = 'That collection already exists but needs to be recovered; please <a href="staffpm.php">contact</a> the staff team!';
        } else {
            $Err = "That collection already exists: <a href=\"/collages.php?id={$ID}\">{$ID}</a>.";
        }
    }
}
if (!$Err) {
Esempio n. 20
0
            echo ' selected="selected"';
        }
        ?>
><?php 
        echo display_str($Forum['Name']);
        ?>
</option>
<?php 
    }
    ?>
					</optgroup>
					</select>
				</td>
			</tr>
<?php 
    if (check_perms('site_admin_forums')) {
        ?>
			<tr>
				<td class="label"><label for="delete_thread_checkbox">Delete thread</label></td>
				<td>
					<input type="checkbox" id="delete_thread_checkbox" name="delete" tabindex="2" />
				</td>
			</tr>
<?php 
    }
    ?>
			<tr>
				<td colspan="2" class="center">
					<input type="submit" value="Edit thread" tabindex="2" />
					<span style="float: right;">
						<input type="submit" name="trash" value="Trash" tabindex="2" />
Esempio n. 21
0
<?php

if (!isset($_GET['id']) || !is_number($_GET['id']) || !isset($_GET['torrentid']) || !is_number($_GET['torrentid'])) {
    error(0);
}
$GroupID = $_GET['id'];
$TorrentID = $_GET['torrentid'];
$DB->query("\n\tSELECT\n\t\tt.Media,\n\t\tt.Format,\n\t\tt.Encoding AS Bitrate,\n\t\tt.RemasterYear,\n\t\tt.Remastered,\n\t\tt.RemasterTitle,\n\t\tt.Scene,\n\t\tt.FreeTorrent,\n\t\tt.Description AS TorrentDescription,\n\t\ttg.CategoryID,\n\t\ttg.Name AS Title,\n\t\ttg.Year,\n\t\ttg.ArtistID,\n\t\tag.Name AS ArtistName,\n\t\tt.GroupID,\n\t\tt.UserID,\n\t\tt.FreeTorrent\n\tFROM torrents AS t\n\t\tJOIN torrents_group AS tg ON tg.ID=t.GroupID\n\t\tLEFT JOIN artists_group AS ag ON ag.ArtistID=tg.ArtistID\n\tWHERE t.ID='{$TorrentID}'");
list($Properties) = $DB->to_array(false, MYSQLI_BOTH);
if (!$Properties) {
    error(404);
}
View::show_header('Edit torrent', 'upload');
if (!check_perms('site_moderate_requests')) {
    error(403);
}
?>
<div class="thin">
	<div class="header">
		<h2>Send PM To All Snatchers Of "<?php 
echo $Properties['ArtistName'];
?>
 - <?php 
echo $Properties['Title'];
?>
"</h2>
	</div>
	<form class="send_form" name="mass_message" action="torrents.php" method="post">
		<input type="hidden" name="action" value="takemasspm" />
		<input type="hidden" name="auth" value="<?php 
echo $LoggedUser['AuthKey'];
Esempio n. 22
0
function build_torrents_table($Cache, $DB, $LoggedUser, $GroupID, $GroupName, $GroupCategoryID, $ReleaseType, $TorrentList, $Types, $Username, $ReportedTimes)
{
    function filelist($Str)
    {
        return "</td>\n<td>" . Format::get_size($Str[1]) . "</td>\n</tr>";
    }
    $LastRemasterYear = '-';
    $LastRemasterTitle = '';
    $LastRemasterRecordLabel = '';
    $LastRemasterCatalogueNumber = '';
    $EditionID = 0;
    foreach ($TorrentList as $Torrent) {
        //t.ID,	t.Media, t.Format, t.Encoding, t.Remastered, t.RemasterYear,
        //t.RemasterTitle, t.RemasterRecordLabel, t.RemasterCatalogueNumber, t.Scene,
        //t.HasLog, t.HasCue, t.LogScore, t.FileCount, t.Size, t.Seeders, t.Leechers,
        //t.Snatched, t.FreeTorrent, t.Time, t.Description, t.FileList,
        //t.FilePath, t.UserID, t.last_action, HEX(t.info_hash), (bad tags), (bad folders), (bad filenames),
        //(cassette approved), (lossy master approved), (lossy web approved), t.LastReseedRequest,
        //LogInDB, (has file), Torrents::torrent_properties()
        list($TorrentID, $Media, $Format, $Encoding, $Remastered, $RemasterYear, $RemasterTitle, $RemasterRecordLabel, $RemasterCatalogueNumber, $Scene, $HasLog, $HasCue, $LogScore, $FileCount, $Size, $Seeders, $Leechers, $Snatched, $FreeTorrent, $TorrentTime, $Description, $FileList, $FilePath, $UserID, $LastActive, $InfoHash, $BadTags, $BadFolders, $BadFiles, $CassetteApproved, $LossymasterApproved, $LossywebApproved, $LastReseedRequest, $LogInDB, $HasFile, $PersonalFL, $IsSnatched) = array_values($Torrent);
        if ($Remastered && !$RemasterYear) {
            $FirstUnknown = !isset($FirstUnknown);
        }
        $Reported = false;
        unset($ReportedTimes);
        $Reports = Torrents::get_reports($TorrentID);
        $NumReports = count($Reports);
        if ($NumReports > 0) {
            $Reported = true;
            include SERVER_ROOT . '/sections/reportsv2/array.php';
            $ReportInfo = '
		<table class="reportinfo_table">
			<tr class="colhead_dark" style="font-weight: bold;">
				<td>This torrent has ' . $NumReports . ' active ' . ($NumReports === 1 ? 'report' : 'reports') . ":</td>\n\t\t\t</tr>";
            foreach ($Reports as $Report) {
                if (check_perms('admin_reports')) {
                    $ReporterID = $Report['ReporterID'];
                    $Reporter = Users::user_info($ReporterID);
                    $ReporterName = $Reporter['Username'];
                    $ReportLinks = "<a href=\"user.php?id={$ReporterID}\">{$ReporterName}</a> <a href=\"reportsv2.php?view=report&amp;id={$Report['ID']}\">reported it</a>";
                } else {
                    $ReportLinks = 'Someone reported it';
                }
                if (isset($Types[$GroupCategoryID][$Report['Type']])) {
                    $ReportType = $Types[$GroupCategoryID][$Report['Type']];
                } elseif (isset($Types['master'][$Report['Type']])) {
                    $ReportType = $Types['master'][$Report['Type']];
                } else {
                    //There was a type but it wasn't an option!
                    $ReportType = $Types['master']['other'];
                }
                $ReportInfo .= "\n\t\t\t<tr>\n\t\t\t\t<td>{$ReportLinks} " . time_diff($Report['ReportedTime'], 2, true, true) . ' for the reason "' . $ReportType['title'] . '":
					<blockquote>' . Text::full_format($Report['UserComment']) . '</blockquote>
				</td>
			</tr>';
            }
            $ReportInfo .= "\n\t\t</table>";
        }
        $CanEdit = check_perms('torrents_edit') || $UserID == $LoggedUser['ID'] && !$LoggedUser['DisableWiki'] && !($Remastered && !$RemasterYear);
        $RegenLink = check_perms('users_mod') ? ' <a href="torrents.php?action=regen_filelist&amp;torrentid=' . $TorrentID . '" class="brackets">Regenerate</a>' : '';
        $FileTable = '
	<table class="filelist_table">
		<tr class="colhead_dark">
			<td>
				<div class="filelist_title" style="float: left;">File Names' . $RegenLink . '</div>
				<div class="filelist_path" style="float: right;">' . ($FilePath ? "/{$FilePath}/" : '') . '</div>
			</td>
			<td>
				<strong>Size</strong>
			</td>
		</tr>';
        if (substr($FileList, -3) == '}}}') {
            // Old style
            $FileListSplit = explode('|||', $FileList);
            foreach ($FileListSplit as $File) {
                $NameEnd = strrpos($File, '{{{');
                $Name = substr($File, 0, $NameEnd);
                if ($Spaces = strspn($Name, ' ')) {
                    $Name = str_replace(' ', '&nbsp;', substr($Name, 0, $Spaces)) . substr($Name, $Spaces);
                }
                $FileSize = substr($File, $NameEnd + 3, -3);
                $FileTable .= sprintf("\n<tr><td>%s</td><td class=\"number_column\">%s</td></tr>", $Name, Format::get_size($FileSize));
            }
        } else {
            $FileListSplit = explode("\n", $FileList);
            foreach ($FileListSplit as $File) {
                $FileInfo = Torrents::filelist_get_file($File);
                $FileTable .= sprintf("\n<tr><td>%s</td><td class=\"number_column\">%s</td></tr>", $FileInfo['name'], Format::get_size($FileInfo['size']));
            }
        }
        $FileTable .= '
	</table>';
        $ExtraInfo = '';
        // String that contains information on the torrent (e.g. format and encoding)
        $AddExtra = '';
        // Separator between torrent properties
        $TorrentUploader = $Username;
        // Save this for "Uploaded by:" below
        // similar to Torrents::torrent_info()
        if ($Format) {
            $ExtraInfo .= display_str($Format);
            $AddExtra = ' / ';
        }
        if ($Encoding) {
            $ExtraInfo .= $AddExtra . display_str($Encoding);
            $AddExtra = ' / ';
        }
        if ($HasLog) {
            $ExtraInfo .= "{$AddExtra}Log";
            $AddExtra = ' / ';
        }
        if ($HasLog && $LogInDB) {
            $ExtraInfo .= ' (' . (int) $LogScore . '%)';
        }
        if ($HasCue) {
            $ExtraInfo .= "{$AddExtra}Cue";
            $AddExtra = ' / ';
        }
        if ($Scene) {
            $ExtraInfo .= "{$AddExtra}Scene";
            $AddExtra = ' / ';
        }
        if (!$ExtraInfo) {
            $ExtraInfo = $GroupName;
            $AddExtra = ' / ';
        }
        if ($IsSnatched) {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Snatched!');
            $AddExtra = ' / ';
        }
        if ($FreeTorrent == '1') {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Freeleech!');
            $AddExtra = ' / ';
        }
        if ($FreeTorrent == '2') {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Neutral Leech!');
            $AddExtra = ' / ';
        }
        if ($PersonalFL) {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Personal Freeleech!');
            $AddExtra = ' / ';
        }
        if ($Reported) {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Reported');
            $AddExtra = ' / ';
        }
        if (!empty($BadTags)) {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Bad Tags');
            $AddExtra = ' / ';
        }
        if (!empty($BadFolders)) {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Bad Folders');
            $AddExtra = ' / ';
        }
        if (!empty($CassetteApproved)) {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Cassette Approved');
            $AddExtra = ' / ';
        }
        if (!empty($LossymasterApproved)) {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Lossy Master Approved');
            $AddExtra = ' / ';
        }
        if (!empty($LossywebApproved)) {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Lossy WEB Approved');
            $AddExtra = ' / ';
        }
        if (!empty($BadFiles)) {
            $ExtraInfo .= $AddExtra . Format::torrent_label('Bad File Names');
            $AddExtra = ' / ';
        }
        if ($GroupCategoryID == 1 && ($RemasterTitle != $LastRemasterTitle || $RemasterYear != $LastRemasterYear || $RemasterRecordLabel != $LastRemasterRecordLabel || $RemasterCatalogueNumber != $LastRemasterCatalogueNumber || $FirstUnknown || $Media != $LastMedia)) {
            $EditionID++;
            ?>
				<tr class="releases_<?php 
            echo $ReleaseType;
            ?>
 groupid_<?php 
            echo $GroupID;
            ?>
 edition group_torrent">
					<td colspan="5" class="edition_info"><strong><a href="#" onclick="toggle_edition(<?php 
            echo $GroupID;
            ?>
, <?php 
            echo $EditionID;
            ?>
, this, event);" class="tooltip" title="Collapse this edition. Hold &quot;Ctrl&quot; while clicking to collapse all editions in this torrent group.">&minus;</a> <?php 
            echo Torrents::edition_string($Torrent, $TorrentDetails);
            ?>
</strong></td>
				</tr>
<?php 
        }
        $LastRemasterTitle = $RemasterTitle;
        $LastRemasterYear = $RemasterYear;
        $LastRemasterRecordLabel = $RemasterRecordLabel;
        $LastRemasterCatalogueNumber = $RemasterCatalogueNumber;
        $LastMedia = $Media;
        ?>
				<tr class="torrent_row releases_<?php 
        echo $ReleaseType;
        ?>
 groupid_<?php 
        echo $GroupID;
        ?>
 edition_<?php 
        echo $EditionID;
        ?>
 group_torrent<?php 
        echo $IsSnatched ? ' snatched_torrent' : '';
        ?>
" style="font-weight: normal;" id="torrent<?php 
        echo $TorrentID;
        ?>
">
					<td>
						<span>[ <a href="torrents.php?action=download&amp;id=<?php 
        echo $TorrentID;
        ?>
&amp;authkey=<?php 
        echo $LoggedUser['AuthKey'];
        ?>
&amp;torrent_pass=<?php 
        echo $LoggedUser['torrent_pass'];
        ?>
" class="tooltip" title="Download"><?php 
        echo $HasFile ? 'DL' : 'Missing';
        ?>
</a>
<?php 
        if (Torrents::can_use_token($Torrent)) {
            ?>
							| <a href="torrents.php?action=download&amp;id=<?php 
            echo $TorrentID;
            ?>
&amp;authkey=<?php 
            echo $LoggedUser['AuthKey'];
            ?>
&amp;torrent_pass=<?php 
            echo $LoggedUser['torrent_pass'];
            ?>
&amp;usetoken=1" class="tooltip" title="Use a FL Token" onclick="return confirm('Are you sure you want to use a freeleech token here?');">FL</a>
<?php 
        }
        ?>
							| <a href="reportsv2.php?action=report&amp;id=<?php 
        echo $TorrentID;
        ?>
" class="tooltip" title="Report">RP</a>
<?php 
        if ($CanEdit) {
            ?>
							| <a href="torrents.php?action=edit&amp;id=<?php 
            echo $TorrentID;
            ?>
" class="tooltip" title="Edit">ED</a>
<?php 
        }
        if (check_perms('torrents_delete') || $UserID == $LoggedUser['ID']) {
            ?>
							| <a href="torrents.php?action=delete&amp;torrentid=<?php 
            echo $TorrentID;
            ?>
" class="tooltip" title="Remove">RM</a>
<?php 
        }
        ?>
							| <a href="torrents.php?torrentid=<?php 
        echo $TorrentID;
        ?>
" class="tooltip" title="Permalink">PL</a>
						]</span>
						&raquo; <a href="#" onclick="$('#torrent_<?php 
        echo $TorrentID;
        ?>
').gtoggle(); return false;"><?php 
        echo $ExtraInfo;
        ?>
</a>
					</td>
					<td class="number_column nobr"><?php 
        echo Format::get_size($Size);
        ?>
</td>
					<td class="number_column"><?php 
        echo number_format($Snatched);
        ?>
</td>
					<td class="number_column"><?php 
        echo number_format($Seeders);
        ?>
</td>
					<td class="number_column"><?php 
        echo number_format($Leechers);
        ?>
</td>
				</tr>
				<tr class="releases_<?php 
        echo $ReleaseType;
        ?>
 groupid_<?php 
        echo $GroupID;
        ?>
 edition_<?php 
        echo $EditionID;
        ?>
 torrentdetails pad<?php 
        if (!isset($_GET['torrentid']) || $_GET['torrentid'] != $TorrentID) {
            ?>
 hidden<?php 
        }
        ?>
" id="torrent_<?php 
        echo $TorrentID;
        ?>
">
					<td colspan="5">
						<blockquote>
							Uploaded by <?php 
        echo Users::format_username($UserID, false, false, false);
        ?>
 <?php 
        echo time_diff($TorrentTime);
        if ($Seeders == 0) {
            if ($LastActive != '0000-00-00 00:00:00' && time() - strtotime($LastActive) >= 1209600) {
                ?>
								<br /><strong>Last active: <?php 
                echo time_diff($LastActive);
                ?>
</strong>
<?php 
            } else {
                ?>
								<br />Last active: <?php 
                echo time_diff($LastActive);
            }
            if ($LastActive != '0000-00-00 00:00:00' && time() - strtotime($LastActive) >= 345678 && time() - strtotime($LastReseedRequest) >= 864000) {
                ?>
								<br /><a href="torrents.php?action=reseed&amp;torrentid=<?php 
                echo $TorrentID;
                ?>
&amp;groupid=<?php 
                echo $GroupID;
                ?>
" class="brackets">Request re-seed</a>
<?php 
            }
        }
        ?>
						</blockquote>
<?php 
        if (check_perms('site_moderate_requests')) {
            ?>
						<div class="linkbox">
							<a href="torrents.php?action=masspm&amp;id=<?php 
            echo $GroupID;
            ?>
&amp;torrentid=<?php 
            echo $TorrentID;
            ?>
" class="brackets">Mass PM snatchers</a>
						</div>
<?php 
        }
        ?>
						<div class="linkbox">
							<a href="#" class="brackets" onclick="show_peers('<?php 
        echo $TorrentID;
        ?>
', 0); return false;">View peer list</a>
<?php 
        if (check_perms('site_view_torrent_snatchlist')) {
            ?>
							<a href="#" class="brackets tooltip" onclick="show_downloads('<?php 
            echo $TorrentID;
            ?>
', 0); return false;" title="View the list of users that have clicked the &quot;DL&quot; button.">View download list</a>
							<a href="#" class="brackets tooltip" onclick="show_snatches('<?php 
            echo $TorrentID;
            ?>
', 0); return false;" title="View the list of users that have reported a snatch to the tracker.">View snatch list</a>
<?php 
        }
        ?>
							<a href="#" class="brackets" onclick="show_files('<?php 
        echo $TorrentID;
        ?>
'); return false;">View file list</a>
<?php 
        if ($Reported) {
            ?>
							<a href="#" class="brackets" onclick="show_reported('<?php 
            echo $TorrentID;
            ?>
'); return false;">View report information</a>
<?php 
        }
        ?>
						</div>
						<div id="peers_<?php 
        echo $TorrentID;
        ?>
" class="hidden"></div>
						<div id="downloads_<?php 
        echo $TorrentID;
        ?>
" class="hidden"></div>
						<div id="snatches_<?php 
        echo $TorrentID;
        ?>
" class="hidden"></div>
						<div id="files_<?php 
        echo $TorrentID;
        ?>
" class="hidden"><?php 
        echo $FileTable;
        ?>
</div>
<?php 
        if ($Reported) {
            ?>
						<div id="reported_<?php 
            echo $TorrentID;
            ?>
" class="hidden"><?php 
            echo $ReportInfo;
            ?>
</div>
<?php 
        }
        if (!empty($Description)) {
            echo "\n\t\t\t\t\t\t<blockquote>" . Text::full_format($Description) . '</blockquote>';
        }
        ?>
					</td>
				</tr>
<?php 
    }
}
Esempio n. 23
0
            $action = $key;
        }
        $params = array_merge($params, $val->getParams());
    }
}
$bypass_auth = false;
if ($params['id'] && $action == 'show') {
    // owner can always see his file
    $owner = File::GetAttrib($params['id'], 'owner');
    $bypass_auth = $owner && $owner == User::GetAuthenticatedID();
}
if ($action && $ACTIONS[$action]) {
    check_perms($ACTIONS[$action]);
} else {
    // index
    check_perms(User::HasPermissions($CONTROLLER_PERMS) || $bypass_auth);
}
if ($action == 'show') {
    $id = $params['id'];
    $args['fileinfo'] = File::GetAttribs($id);
    if (!$args['fileinfo']) {
        Error::generate('notice', 'Invalid file ID in action show.');
        header("Location: {$PAGE_REL_URL}");
    } else {
        foreach ($args['fileinfo'] as $key => $param) {
            switch (strtolower($param[0])) {
                case 'path':
                    $path = $param[1];
                    $link = $ACTIONS['get']->getLink(array('id' => $id));
                    $args['fileinfo'][$key][1] = "<a href=\"{$link}\">{$path}</a>";
                    break;
Esempio n. 24
0
 public static function get_reports($TorrentID)
 {
     $Reports = G::$Cache->get_value("reports_torrent_{$TorrentID}");
     if ($Reports === false) {
         $QueryID = G::$DB->get_query_id();
         G::$DB->query("\n\t\t\t\tSELECT\n\t\t\t\t\tID,\n\t\t\t\t\tReporterID,\n\t\t\t\t\tType,\n\t\t\t\t\tUserComment,\n\t\t\t\t\tReportedTime\n\t\t\t\tFROM reportsv2\n\t\t\t\tWHERE TorrentID = {$TorrentID}\n\t\t\t\t\tAND Status != 'Resolved'");
         $Reports = G::$DB->to_array(false, MYSQLI_ASSOC, false);
         G::$DB->set_query_id($QueryID);
         G::$Cache->cache_value("reports_torrent_{$TorrentID}", $Reports, 0);
     }
     if (!check_perms('admin_reports')) {
         $Return = array();
         foreach ($Reports as $Report) {
             if ($Report['Type'] !== 'edited') {
                 $Return[] = $Report;
             }
         }
         return $Return;
     }
     return $Reports;
 }
Esempio n. 25
0
<?
if(!check_perms('users_view_ips')) { error(403); }
show_header('Dupe IPs');
define('USERS_PER_PAGE', 50);
define('IP_OVERLAPS', 5);
list($Page,$Limit) = page_limit(USERS_PER_PAGE);


$RS = $DB->query("SELECT 
	SQL_CALC_FOUND_ROWS
	m.ID,
	m.IP,
	m.Username,
	m.PermissionID,
	m.Enabled,
	i.Donor,
	i.Warned,
	i.JoinDate,
	(SELECT COUNT(DISTINCT h.UserID) FROM users_history_ips AS h WHERE h.IP=m.IP) AS Uses
	FROM users_main AS m 
	LEFT JOIN users_info AS i ON i.UserID=m.ID
	WHERE (SELECT COUNT(DISTINCT h.UserID) FROM users_history_ips AS h WHERE h.IP=m.IP) >= ".IP_OVERLAPS."
	AND m.Enabled = '1'
	AND m.IP != '127.0.0.1'
	ORDER BY Uses DESC LIMIT $Limit");
$DB->query("SELECT FOUND_ROWS()");
list($Results) = $DB->next_record();
$DB->set_query_id($RS);

if($DB->record_count()) {
?>
Esempio n. 26
0
    $UpdateSet[] = "PassHash = '" . db_string(Users::make_crypt_hash($Pass)) . "'";
    $EditSummary[] = 'password reset';
    $Cache->delete_value("user_info_{$UserID}");
    $Cache->delete_value("user_info_heavy_{$UserID}");
    $Cache->delete_value("user_stats_{$UserID}");
    $Cache->delete_value("enabled_{$UserID}");
    $DB->query("\n\t\tSELECT SessionID\n\t\tFROM users_sessions\n\t\tWHERE UserID = '{$UserID}'");
    while (list($SessionID) = $DB->next_record()) {
        $Cache->delete_value("session_{$UserID}_{$SessionID}");
    }
    $Cache->delete_value("users_sessions_{$UserID}");
    $DB->query("\n\t\tDELETE FROM users_sessions\n\t\tWHERE UserID = '{$UserID}'");
}
if (empty($UpdateSet) && empty($EditSummary)) {
    if (!$Reason) {
        if (str_replace("\r", '', $Cur['AdminComment']) != str_replace("\r", '', $AdminComment) && check_perms('users_disable_any')) {
            $UpdateSet[] = "AdminComment = '{$AdminComment}'";
        } else {
            header("Location: user.php?id={$UserID}");
            die;
        }
    } else {
        $EditSummary[] = 'notes added';
    }
}
if (count($TrackerUserUpdates) > 1) {
    Tracker::update_tracker('update_user', $TrackerUserUpdates);
}
if ($DeleteKeys) {
    $Cache->delete_value("user_info_{$UserID}");
    $Cache->delete_value("user_info_heavy_{$UserID}");
Esempio n. 27
0
    echo $Type;
    ?>
"><?php 
    echo $Data['title'];
    ?>
</option>
<?php 
}
?>
							</select>
							<span id="options<?php 
echo $ReportID;
?>
">
<?php 
if (check_perms('users_mod')) {
    ?>
								<span class="tooltip" title="Delete torrent?">
									<label for="delete<?php 
    echo $ReportID;
    ?>
"><strong>Delete</strong></label>
									<input type="checkbox" name="delete" id="delete<?php 
    echo $ReportID;
    ?>
" />
								</span>
<?php 
}
?>
								<span class="tooltip" title="Warning length in weeks">
Esempio n. 28
0
<?
//TODO: Redo html
if (!check_perms('admin_manage_permissions')) { error(403); }
if(!isset($_REQUEST['userid']) || !is_number($_REQUEST['userid'])){ error(404); }

include(SERVER_ROOT."/classes/permissions_form.php");

list($UserID, $Username, $PermissionID) = array_values(user_info($_REQUEST['userid']));

$DB->query("SELECT 
		p.Values,
		u.CustomPermissions 
	FROM users_main AS u 
	LEFT JOIN permissions AS p ON u.PermissionID=p.ID 
	WHERE u.ID='$UserID'");

list($Defaults,$Customs)=$DB->next_record(MYSQLI_NUM, array(0,1));


$Defaults = unserialize($Defaults);

$Delta=array();
if (isset($_POST['action'])) {
	foreach ($PermissionsArray as $Perm => $Explaination) {
		$Setting = (isset($_POST['perm_'.$Perm]))?1:0;
		$Default = (isset($Defaults[$Perm]))?1:0;
		if ($Setting != $Default) {
			$Delta[$Perm] = $Setting;
		}
	}
	$Cache->begin_transaction('user_info_heavy_'.$UserID);
Esempio n. 29
0
    ?>
</div>
		</div>
<?php 
    if (++$Count > $NewsCount - 1) {
        break;
    }
}
?>
		<div id="more_news" class="box">
			<div class="head">
				<em><span><a href="#" onclick="news_ajax(event, 3, <?php 
echo $NewsCount;
?>
, <?php 
echo check_perms('admin_manage_news') ? 1 : 0;
?>
, false); return false;">Click to load more news</a>.</span> To browse old news posts, <a href="forums.php?action=viewforum&amp;forumid=19">click here</a>.</em>
			</div>
		</div>
	</div>
</div>
<?php 
View::show_footer(array('disclaimer' => true));
function contest()
{
    global $DB, $Cache, $LoggedUser;
    list($Contest, $TotalPoints) = $Cache->get_value('contest');
    if (!$Contest) {
        $DB->query("\n\t\t\tSELECT\n\t\t\t\tUserID,\n\t\t\t\tSUM(Points),\n\t\t\t\tUsername\n\t\t\tFROM users_points AS up\n\t\t\t\tJOIN users_main AS um ON um.ID = up.UserID\n\t\t\tGROUP BY UserID\n\t\t\tORDER BY SUM(Points) DESC\n\t\t\tLIMIT 20");
        $Contest = $DB->to_array();
Esempio n. 30
0
							<td><strong>Posted by:</strong></td>
							<td><input type="search" id="username" name="user" placeholder="Username" size="70" /></td>
						</tr>
						<tr>
							<td colspan="2" style="text-align: center;">
								<input type="submit" name="submit" value="Search" />
							</td>
						</tr>
					</table>
				</form>
				<br />
			</div>
		</div>
	</div>
<?php 
if (check_perms('site_moderate_forums')) {
    ?>
	<div class="linkbox">
		<a href="forums.php?action=edit_rules&amp;forumid=<?php 
    echo $ForumID;
    ?>
" class="brackets">Change specific rules</a>
	</div>
<?php 
}
if (!empty($Forums[$ForumID]['SpecificRules'])) {
    ?>
	<div class="linkbox">
			<strong>Forum Specific Rules</strong>
<?php 
    foreach ($Forums[$ForumID]['SpecificRules'] as $ThreadIDs) {