// Permissions
if (isset($_COOKIE['session'])) {
$LoginCookie = $Enc->decrypt($_COOKIE['session']);
}
if (isset($LoginCookie)) {
list($SessionID, $LoggedUser['ID']) = explode('|~|', $Enc->decrypt($LoginCookie));
$LoggedUser['ID'] = (int) $LoggedUser['ID'];
$UserID = $LoggedUser['ID'];
//TODO: UserID should not be LoggedUser
if (!$LoggedUser['ID'] || !$SessionID) {
logout();
}
$UserSessions = $Cache->get_value("users_sessions_{$UserID}");
if (!is_array($UserSessions)) {
$DB->query("\n\t\t\tSELECT\n\t\t\t\tSessionID,\n\t\t\t\tBrowser,\n\t\t\t\tOperatingSystem,\n\t\t\t\tIP,\n\t\t\t\tLastUpdate\n\t\t\tFROM users_sessions\n\t\t\tWHERE UserID = '{$UserID}'\n\t\t\t\tAND Active = 1\n\t\t\tORDER BY LastUpdate DESC");
$UserSessions = $DB->to_array('SessionID', MYSQLI_ASSOC);
$Cache->cache_value("users_sessions_{$UserID}", $UserSessions, 0);
}
if (!array_key_exists($SessionID, $UserSessions)) {
logout();
}
// Check if user is enabled
$Enabled = $Cache->get_value('enabled_' . $LoggedUser['ID']);
if ($Enabled === false) {
$DB->query("\n\t\t\tSELECT Enabled\n\t\t\tFROM users_main\n\t\t\tWHERE ID = '{$LoggedUser['ID']}'");
list($Enabled) = $DB->next_record();
$Cache->cache_value('enabled_' . $LoggedUser['ID'], $Enabled, 0);
}
if ($Enabled == 2) {
logout();
}
$Text = new TEXT;
$Feed->channel('Blog', 'RSS feed for site blog.');
if (!$Blog = $Cache->get_value('blog')) {
require(SERVER_ROOT.'/classes/class_mysql.php'); //Require the database wrapper
$DB=NEW DB_MYSQL; //Load the database wrapper
$DB->query("SELECT
b.ID,
um.Username,
b.Title,
b.Body,
b.Time,
b.ThreadID
FROM blog AS b LEFT JOIN users_main AS um ON b.UserID=um.ID
ORDER BY Time DESC
LIMIT 20");
$Blog = $DB->to_array();
$Cache->cache_value('Blog',$Blog,1209600);
}
foreach ($Blog as $BlogItem) {
list($BlogID, $Author, $Title, $Body, $BlogTime, $ThreadID) = $BlogItem;
echo $Feed->item($Title, $Text->strip_bbcode($Body), 'forums.php?action=viewthread&threadid='.$ThreadID, SITE_NAME.' Staff','','',$BlogTime);
}
break;
case 'torrents_all':
$Feed->channel('All Torrents', 'RSS feed for all new torrent uploads.');
$Feed->retrieve('torrents_all',$_GET['authkey'],$_GET['passkey']);
break;
case 'torrents_music':
$Feed->channel('Music Torrents', 'RSS feed for all new music torrents.');
$Feed->retrieve('torrents_music',$_GET['authkey'],$_GET['passkey']);
break;
$DB->query("\n\t\tSELECT Token, Name\n\t\tFROM api_applications\n\t\tWHERE ID = '{$AppID}'\n\t\tLIMIT 1");
$App = $DB->to_array(false, MYSQLI_ASSOC);
$Cache->cache_value("api_apps_{$AppID}", $App, 0);
}
$App = $App[0];
//Handle our request auths
if ($_GET['req'] === 'access_request') {
if (md5($App['Token']) !== $_GET['key']) {
error('invalid');
}
} else {
$User = $Cache->get_value("api_users_{$UserID}");
if (!is_array($User)) {
if (!isset($DB)) {
require SERVER_ROOT . '/classes/mysql.class.php';
$DB = new DB_MYSQL();
}
$DB->query("\n\t\t\tSELECT AppID, Token, State, Time, Access\n\t\t\tFROM api_users\n\t\t\tWHERE UserID = '{$UserID}'\n\t\t\tLIMIT 1");
//int, no db_string
$User = $DB->to_array('AppID', MYSQLI_ASSOC);
$Cache->cache_value("api_users_{$UserID}", $User, 0);
}
$User = $User[$AppID];
if (md5($User['Token'] . $App['Token']) !== $_GET['key']) {
error('invalid');
}
}
die('API put on hold');
require SERVER_ROOT . '/sections/api/' . $_GET['req'] . '.php';
echo '</payload>';
$Debug->profile();
require "misc.class.php";
require "sql.class.php";
$DB = new DB_MYSQL();
$Resolution = "";
if (!isset($_GET['v2'])) {
$v2 == "def";
} else {
$v2 = $_GET['v2'];
}
if ($v2 == "def") {
$Resolution = "(resolution='1536x1180' OR\n\t\tresolution='1180x1536' OR\n\t\tresolution='1600x1200' OR\n\t\tresolution='1200x1600' OR\n\t\tresolution='2048x1536' OR\n\t\tresolution='1536x2048' OR\n\t\tresolution='2240x1680' OR\n\t\tresolution='1680x2240' OR\n\t\tresolution='2560x1920' OR\n\t\tresolution='1920x2560' OR\n\t\tresolution='3032x2008' OR\n\t\tresolution='2008x3032' OR\n\t\tresolution='3072x2304' OR\n\t\tresolution='2304x3072' OR\n\t\tresolution='3264x2448' OR\n\t\tresolution='2448x3264')";
} else {
$Resolution = "resolution='" . db_string($_GET['v2']) . "'";
$IDExtra = "";
}
$q = "SELECT Code, Extension\n\t\tFROM uploads\n\t\tWHERE\n{$Resolution}\n{$IDExtra}";
$DB->query($q);
$Data = $DB->to_array();
if ($IDExtra) {
echo "<a href='?v2=def&v6=" . $_GET['v6'] . "&id=" . ($ID + 20000) . "'>next</a><br />";
}
while (list($Key, list($Code, $Ext)) = each($Data)) {
if ($_GET['v2'] == "def") {
echo sprintf("<a href='http://ptpimg.me/%s.%s'><img src='http://ptpimg.me/%s.%s' height='500' width='500' /></a><br />", $Code, $Ext, $Code, $Ext);
} else {
echo sprintf("<a href='http://ptpimg.me/%s.%s'><img src='http://ptpimg.me/%s.%s' /></a><br />", $Code, $Ext, $Code, $Ext);
}
}
if ($IDExtra) {
echo "<a href='?v2=def&v6=" . $_GET['v6'] . "&id=" . ($ID + 20000) . "'>next</a><br />";
}
if ($Sneaky) {
global $DB, $Cache;
print_r($DB);
print_r($Cache);
}
}
// API Keys; ptpimg+api@nervex.net
$ApiKeys = array("QT5LGz7ktGFVZpfFArVHCpEvDcC3qrUZrf0kP", "iSQGkh6VJjAtkMjcDQysTPXOUGxiHutVYBw71");
$Browser = $UA->browser($_SERVER['HTTP_USER_AGENT']);
$OperatingSystem = $UA->operating_system($_SERVER['HTTP_USER_AGENT']);
//$Mobile = $UA->mobile($_SERVER['HTTP_USER_AGENT']);
// Get permissions
list($Classes, $ClassLevels) = $Cache->get_value('classes');
if (!$Classes || !$ClassLevels) {
$DB->query('SELECT ID, Name, Level FROM permissions ORDER BY Level');
$Classes = $DB->to_array('ID');
$ClassLevels = $DB->to_array('Level');
$Cache->cache_value('classes', array($Classes, $ClassLevels), 0);
}
if (isset($_COOKIE['session'])) {
$LoginCookie = $Enc->decrypt($_COOKIE['session']);
}
if (isset($LoginCookie)) {
list($SessionID, $LoggedUser['ID']) = explode("|~|", $Enc->decrypt($LoginCookie));
$LoggedUser['ID'] = (int) $LoggedUser['ID'];
$UserID = $LoggedUser['ID'];
//TODO: UserID should not be LoggedUser
if (!$LoggedUser['ID'] || !$SessionID) {
logout();
}
$UserSessions = $Cache->get_value('users_sessions_' . $UserID);
define('SQLHOST', 'localhost');
//The MySQL host ip/fqdn
define('SQLLOGIN', 'ptpimg');
//The MySQL login
define('SQLPASS', 'mri34mni');
//The MySQL password
define('SQLDB', 'ptpimg');
//The MySQL database to use
define('SQLPORT', '3306');
//The MySQL port to connect on
define('SQLSOCK', '/var/run/mysqld/mysqld.sock');
require "misc.class.php";
require "sql.class.php";
$DB = new DB_MYSQL();
$DB->query("SELECT ID, Code FROM uploads WHERE NewHash=''");
$Results = $DB->to_array('', MYSQLI_NUM, false);
$UBound = count($Results);
$QueryCount = 0;
$Query = array();
while (list($Key, list($ID, $Code)) = each($Results)) {
if ($QueryCount > 500) {
echo "500 queries, flushing.";
$x = microtime();
$x = explode(" ", $x);
$x = $x[1] + $x[0];
foreach ($Query as $q) {
$DB->query($q);
}
$y = microtime();
$y = explode(" ", $y);
$y = $y[1] + $y[0];
list($BlogID, $Author, $AuthorID, $Title, $Body, $BlogTime, $ThreadID) = $BlogItem;
if ($ThreadID) {
echo $Feed->item($Title, Text::strip_bbcode($Body), "forums.php?action=viewthread&threadid={$ThreadID}", SITE_NAME . ' Staff', '', '', $BlogTime);
} else {
echo $Feed->item($Title, Text::strip_bbcode($Body), "blog.php#blog{$BlogID}", SITE_NAME . ' Staff', '', '', $BlogTime);
}
}
break;
case 'feed_changelog':
$Feed->channel('Gazelle Change Log', 'RSS feed for Gazelle\'s changelog.');
if (!($Changelog = $Cache->get_value('changelog'))) {
require SERVER_ROOT . '/classes/mysql.class.php';
require SERVER_ROOT . '/classes/misc.class.php';
$DB = new DB_MYSQL();
$DB->query("\n\t\t\t\tSELECT Message, Author, Date(Time)\n\t\t\t\tFROM changelog\n\t\t\t\tORDER BY Time DESC\n\t\t\t\tLIMIT 20");
$Changelog = $DB->to_array();
$Cache->cache_value('changelog', $Changelog, 86400);
}
foreach ($Changelog as $Change) {
list($Message, $Author, $Date) = $Change;
echo $Feed->item("{$Date} by {$Author}", $Message, 'tools.php?action=change_log', SITE_NAME . ' Staff', '', '', $Date);
}
break;
case 'torrents_all':
$Feed->channel('All Torrents', 'RSS feed for all new torrent uploads.');
$Feed->retrieve('torrents_all', $_GET['authkey'], $_GET['passkey']);
break;
case 'torrents_music':
$Feed->channel('Music Torrents', 'RSS feed for all new music torrents.');
$Feed->retrieve('torrents_music', $_GET['authkey'], $_GET['passkey']);
break;
