Exemplo n.º 1
0
function update_topic_last_post($topicid)
{
    global $db;
    MCached::connect();
    $res = $db->query("SELECT id FROM posts WHERE topicid = " . $topicid . " ORDER BY id DESC LIMIT 1") or sqlerr(__FILE__, __LINE__);
    $arr = $res->fetch_row() or die("No post found");
    $postid = (int) $arr[0];
    $db->query("UPDATE topics SET lastpost = " . $postid . " WHERE id = " . $topicid) or sqlerr(__FILE__, __LINE__);
    MCached::del('forum::last::post::' . $topicid);
    MCached::del('quick::jump::topics::' . $topicid);
}
Exemplo n.º 2
0
function runSpeed($info_hash, $delta)
{
    global $db;
    MCached::connect();
    // stick in our latest data before we calc it out
    quickQuery("INSERT IGNORE INTO timestamps (info_hash, bytes, delta, sequence) SELECT '" . $info_hash . "' AS info_hash, dlbytes, UNIX_TIMESTAMP() - lastSpeedCycle, NULL FROM summary WHERE info_hash = '" . $info_hash . "'");
    $key = 'ann::bytes::timestamps::' . $info_hash;
    $data = MCached::get($key);
    if ($data === MCached::NO_RESULT) {
        $results = $db->query('SELECT (MAX(bytes) - MIN(bytes)) / SUM(delta), COUNT(*), MIN(sequence) FROM timestamps WHERE info_hash = "' . $info_hash . '"');
        $data = $results->fetch_row();
        MCached::add($key, $data, 300);
    }
    summaryAdd("speed", $data[0], true);
    summaryAdd("lastSpeedCycle", "UNIX_TIMESTAMP()", true);
    // if we have more than 20 drop the rest
    if ($data[1] == 21) {
        quickQuery("DELETE FROM timestamps WHERE info_hash='" . $info_hash . "' AND sequence = " . $data['2']);
        MCached::del($key);
    } elseif ($data[1] > 21) {
        quickQuery('DELETE FROM timestamps WHERE info_hash = "' . $info_hash . '" ORDER BY sequence LIMIT ' . ($data['1'] - 20));
        MCached::del($key);
    }
}
Exemplo n.º 3
0
             // Reverify Mail Hack by Petr1fied - Start --->
             // If they've tried to change their e-mail, give them a message telling them as much
             if ($email != "" && $VALIDATION == "user" && $email != user::$current["email"]) {
                 block_begin(EMAIL_VERIFY_BLOCK);
                 print EMAIL_VERIFY_SENT1 . " " . $email . " " . EMAIL_VERIFY_SENT2 . "<a href='" . $BASEURL . "'>" . MNU_INDEX . "</a><br /><br /></center>";
                 block_end();
                 print "<br /><br />";
             } elseif ($updateset != "") {
                 $db->query("UPDATE users SET " . $updateset . " WHERE id = " . $uid);
                 MCached::del('user::profile::' . $uid);
                 MCached::del('user::cp::' . $uid);
                 MCached::del('forum::poster::details::' . $uid);
                 MCached::del('style::list');
                 MCached::del('language::list');
                 MCached::del('flag::list');
                 MCached::del('timezone::list');
                 print "<p align='center'><b>" . INF_CHANGED . "</b><br /><br />";
                 print "<a href='usercp.php?uid=" . $uid . "'>" . BCK_USERCP . "</a><br /></p>";
             }
         }
     } else {
         redirect("usercp.php?uid=" . $uid);
     }
 } elseif ($do == "verify" && $action == "changemail") {
     // Get the other values we need from the url
     $newmail = security::html_safe($_GET["newmail"]);
     $id = intval($_GET["uid"]);
     $random = intval($_GET["random"]);
     $idlevel = user::$current["id_level"];
     // Get the members random number, current email and temp email from their record
     $getacc = $db->fetch_assoc($db->query("SELECT random, email, temp_email FROM users WHERE id = " . $id));
Exemplo n.º 4
0
        $ris = $db->query("SELECT info_hash, filename, url FROM namemap WHERE info_hash = '" . $hash . "'");
        if ($ris->num_rows == 0) {
            err_msg("Sorry!", "Torrent " . $hash . " not found.");
            exit;
        } else {
            list($torhash, $torname, $torurl) = $ris->fetch_array(MYSQLI_BOTH);
        }
        write_log("Deleted torrent " . $torname . " (" . $torhash . ")", "delete");
        @$db->query("DELETE FROM summary WHERE info_hash = '" . $hash . "'");
        @$db->query("DELETE FROM namemap WHERE info_hash = '" . $hash . "'");
        @$db->query("DELETE FROM timestamps WHERE info_hash = '" . $hash . "'");
        @$db->query("DELETE FROM comments WHERE info_hash = '" . $hash . "'");
        @$db->query("DELETE FROM ratings WHERE infohash = '" . $hash . "'");
        @$db->query("DELETE FROM peers WHERE infohash = '" . $hash . "'");
        @$db->query("DELETE FROM history WHERE infohash = '" . $hash . "'");
        MCached::del('torrent::details::' . $hash);
        unlink($TORRENTSDIR . "/" . $hash . ".btf");
        print "<script language='javascript'>window.location.href='" . $link . "'</script>";
        exit;
    } else {
        print "<script language='javascript'>window.location.href='" . $link . "'</script>";
        exit;
    }
}
block_begin(DELETE_TORRENT);
print "<table width='100%' class='lista' border='0' cellspacing='5' cellpadding='5'>\n";
print "<tr><td align='right' class='header'>" . FILE_NAME . ":</td><td class='lista'>" . security::html_safe($row["filename"]) . "</td></tr>";
print "<tr><td align='right' class='header'>" . INFO_HASH . ":</td><td class='lista'>" . security::html_safe($row["info_hash"]) . "</td></tr>";
if (!empty($row["comment"])) {
    print "<tr><td align='right' class='header'>" . DESCRIPTION . ":</td><td align='left' class='lista'>" . format_comment(unesc($row["comment"])) . "</td></tr>";
}
Exemplo n.º 5
0
     print "</td></tr>\n";
     print "</table>\n</form>\n";
     block_end();
 } elseif ($do == "banip" && $action == "write") {
     if ($_POST['firstip'] == "" || $_POST['lastip'] == "") {
         err_msg(ERROR, NO_IP_WRITE);
     } else {
         //ban the ip for real
         $firstip = $db->real_escape_string($_POST["firstip"]);
         $lastip = $db->real_escape_string($_POST["lastip"]);
         $comment = $db->real_escape_string($_POST["comment"]);
         $firstip = sprintf("%u", ip2long($firstip));
         $lastip = sprintf("%u", ip2long($lastip));
         for ($i = $firstip; $i <= $lastip; $i++) {
             $ip = long2ip($i);
             MCached::del('banned::' . $ip);
         }
         if ($firstip == -1 || $lastip == -1) {
             err_msg(ERROR, IP_ERROR);
         } else {
             $comment = sqlesc($comment);
             $added = sqlesc(vars::$timestamp);
             $db->query("INSERT INTO bannedip (added, addedby, first, last, comment) VALUES(" . $added . ", " . user::$current['uid'] . ", " . $firstip . ", " . $lastip . ", " . $comment . ")");
             redirect("admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=banip&action=read");
         }
     }
 } elseif ($do == "banip" && $action == "delete") {
     if ($_GET['ip'] == "") {
         err_msg(ERROR, INVALID_ID);
     }
     //delete the ip from db
Exemplo n.º 6
0
    if (user::$current["admin_access"] == "yes" && $_GET["action"] == "delete") {
        @$db->query("DELETE FROM comments WHERE id = " . $cid);
        MCached::del('torrent::comments::count::' . $_POST['info_hash']);
        redirect("details.php?id=" . $id . "#comments");
        exit;
    }
}
if (isset($_POST["info_hash"])) {
    if ($_POST["confirm"] == FRM_CONFIRM) {
        $comment = $db->real_escape_string(addslashes($_POST["comment"]));
        $user = AddSlashes(user::$current["username"]);
        if ($user == '') {
            $user = "******";
        }
        @$db->query("INSERT INTO comments (added, text, ori_text, user, info_hash) VALUES (NOW(), '" . $comment . "', '" . $comment . "', '" . $user . "', '" . $db->real_escape_string(StripSlashes($_POST["info_hash"])) . "')");
        MCached::del('torrent::comments::count::' . $_POST['info_hash']);
        redirect("details.php?id=" . StripSlashes($_POST["info_hash"]) . "#comments");
    }
    # Comment preview by miskotes
    #############################
    if ($_POST["confirm"] == FRM_PREVIEW) {
        block_begin(COMMENT_PREVIEW);
        $comment = str_replace('\\r\\n', "\n", $comment);
        print "<table width='100%' align='center' class='lista'><tr><td class='lista' align='center'>" . format_comment(unesc($comment)) . "</td></tr>\n";
        print "</table>";
        block_end();
        comment_form();
        stdfoot();
        #####################
        # Comment preview end
    } else {
Exemplo n.º 7
0
function aggiungiutente()
{
    global $SITENAME, $SITEEMAIL, $db, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE;
    $utente = $db->real_escape_string($_POST["user"]);
    $pwd = $db->real_escape_string($_POST["pwd"]);
    $pwd1 = $db->real_escape_string($_POST["pwd1"]);
    $email = $db->real_escape_string($_POST["email"]);
    $idlangue = intval($_POST["language"]);
    $idstyle = intval($_POST["style"]);
    $idflag = intval($_POST["flag"]);
    $timezone = intval($_POST["timezone"]);
    if (utf8::strtoupper($utente) == utf8::strtoupper("Guest")) {
        print ERROR . " " . ERR_GUEST_EXISTS . "<br />\n";
        print "<a href='account.php'>" . BACK . "</a>";
        block_end();
        stdfoot();
        exit;
    }
    if ($pwd != $pwd1) {
        print ERROR . " " . DIF_PASSWORDS . "<br />\n";
        print "<a href='account.php'>" . BACK . "</a>";
        block_end();
        stdfoot();
        exit;
    }
    if ($VALIDATION == "none") {
        $idlevel = 3;
    } else {
        $idlevel = 2;
    }
    # Create Random number
    $floor = 100000;
    $ceiling = 999999;
    srand((double) microtime() * 1000000);
    $random = mt_rand($floor, $ceiling);
    if ($utente == "" || $pwd == "" || $email == "") {
        return -1;
        exit;
    }
    $res = $db->query("SELECT email FROM users WHERE email = '" . $email . "'");
    if ($res->num_rows > 0) {
        return -2;
        exit;
    }
    if (!security::valid_email($email)) {
        return -3;
        exit;
    }
    // duplicate username
    $res = $db->query("SELECT username FROM users WHERE username = '******'");
    if ($res->num_rows > 0) {
        return -4;
        exit;
    }
    // duplicate username
    if (strpos($db->real_escape_string($utente), " ") == true) {
        return -7;
        exit;
    }
    if ($USE_IMAGECODE) {
        if (extension_loaded('gd')) {
            $arr = gd_info();
            if ($arr['FreeType Support'] == 1) {
                $public = $_POST['public_key'];
                $private = $_POST['private_key'];
                $p = new ocr_captcha();
                if ($p->check_captcha($public, $private) != true) {
                    err_msg(ERROR, ERR_IMAGE_CODE);
                    block_end();
                    stdfoot();
                    exit;
                }
            }
        }
    }
    $bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~");
    if (straipos($db->real_escape_string($utente), $bannedchar) == true) {
        return -8;
        exit;
    }
    if (utf8::strlen($db->real_escape_string($pwd)) < 4) {
        return -9;
        exit;
    }
    @$db->query("INSERT INTO users (username, password, random, id_level, email, style, language, flag, joined, lastconnect, pid, time_offset) VALUES ('" . $utente . "', '" . md5($pwd) . "', " . $random . ", " . $idlevel . ", '" . $email . "', " . $idstyle . ", " . $idlangue . ", " . $idflag . ", NOW(), NOW(), '" . md5(uniqid(mt_rand(), true)) . "', '" . $timezone . "')");
    MCached::del('latest::member');
    if ($VALIDATION == "user") {
        ini_set("sendmail_from", "");
        if ($db->errno == 0) {
            mail($email, ACCOUNT_CONFIRM, ACCOUNT_MSG . "\n\n" . $BASEURL . "/account.php?act=confirm&confirm=" . $random . "&language=" . $idlangue . "", "From: " . $SITENAME . " <" . $SITEEMAIL . ">");
            write_log("Signup new User " . $utente . " (" . $email . ")", "add");
        } else {
            die($db->error);
        }
    }
    return $db->errno;
}