function check_paranoia_here($Setting)
{
global $Paranoia, $Class, $UserID, $Preview;
if ($Preview == 1) {
return check_paranoia($Setting, $Paranoia, $Class);
} else {
return check_paranoia($Setting, $Paranoia, $Class, $UserID);
}
}
/**
* Generate a table row for a staff member on staff.php
*
* @param $Row used for alternating row colors
* @param $ID the user ID of the staff member
* @param $Paranoia the user's paranoia
* @param $Class the user class
* @param $LastAccess datetime the user last browsed the site
* @param $Remark the "Staff remark" or FLS' "Support for" text
* @param $HiddenBy the text that is displayed when a staff member's
* paranoia hides their LastAccess time
* @return string $Row
*/
function make_staff_row($Row, $ID, $Paranoia, $Class, $LastAccess, $Remark = '', $HiddenBy = 'Hidden by user')
{
$Row = $Row === 'a' ? 'b' : 'a';
echo "\t\t\t<tr class=\"row{$Row}\">\n\t\t\t\t<td class=\"nobr\">\n\t\t\t\t\t" . Users::format_username($ID, false, false, false) . "\n\t\t\t\t</td>\n\t\t\t\t<td class=\"nobr\">\n\t\t\t\t\t";
//used for proper indentation of HTML
if (check_paranoia('lastseen', $Paranoia, $Class)) {
echo time_diff($LastAccess);
} else {
echo "{$HiddenBy}";
}
echo "\n\t\t\t\t</td>\n\t\t\t\t<td class=\"nobr\">" . Text::full_format($Remark) . "</td>\n\t\t\t</tr>\n";
// the "\n" is needed for pretty HTML
// the foreach loop that calls this function needs to know the new value of $Row
return $Row;
}
break;
case 'voted':
if (!empty($UserInfo)) {
if (!check_paranoia('requestsvoted_list', $UserInfo['Paranoia'], $Perms['Class'], $UserInfo['ID'])) {
error(403);
}
$Title = "Requests voted for by {$UserInfo['Username']}";
$SphQL->where('voter', $UserInfo['ID']);
} else {
$Title = 'Requests I have voted on';
$SphQL->where('voter', $LoggedUser['ID']);
}
break;
case 'filled':
if (!empty($UserInfo)) {
if (!check_paranoia('requestsfilled_list', $UserInfo['Paranoia'], $Perms['Class'], $UserInfo['ID'])) {
error(403);
}
$Title = "Requests filled by {$UserInfo['Username']}";
$SphQL->where('fillerid', $UserInfo['ID']);
} else {
$Title = 'Requests I have filled';
$SphQL->where('fillerid', $LoggedUser['ID']);
}
break;
case 'bookmarks':
$Title = 'Your bookmarked requests';
$BookmarkView = true;
$SphQL->where('bookmarker', $LoggedUser['ID']);
break;
default:
case 'uploads':
if (!check_paranoia('uploads', $User['Paranoia'], $UserClass, $UserID)) {
error(403);
}
$SQL = "WHERE t.UserID = '{$UserID}'";
$Month = "t.Time";
break;
case 'snatches':
if (!check_paranoia('snatched', $User['Paranoia'], $UserClass, $UserID)) {
error(403);
}
$SQL = "\n\t\t\t\t\tJOIN xbt_snatched AS x ON t.ID = x.fid\n\t\t\t\tWHERE x.uid = '{$UserID}'";
$Month = "FROM_UNIXTIME(x.tstamp)";
break;
case 'seeding':
if (!check_paranoia('seeding', $User['Paranoia'], $UserClass, $UserID)) {
error(403);
}
$SQL = "\n\t\t\t\t\tJOIN xbt_files_users AS xfu ON t.ID = xfu.fid\n\t\t\t\tWHERE xfu.uid = '{$UserID}'\n\t\t\t\t\tAND xfu.remaining = 0";
$Month = "FROM_UNIXTIME(xfu.mtime)";
break;
default:
error(0);
}
}
$DownloadsQ = $DB->query("\n\tSELECT\n\t\tt.ID AS TorrentID,\n\t\tDATE_FORMAT({$Month}, '%Y - %m') AS Month,\n\t\tt.GroupID,\n\t\tt.Media,\n\t\tt.Format,\n\t\tt.Encoding,\n\t\tIF(t.RemasterYear = 0, tg.Year, t.RemasterYear) AS Year,\n\t\ttg.Name,\n\t\tt.Size\n\tFROM torrents AS t\n\t\tJOIN torrents_group AS tg ON t.GroupID = tg.ID\n\t{$SQL}\n\tGROUP BY TorrentID");
$Collector = new TorrentsDL($DownloadsQ, "{$Username}'s " . ucfirst($_GET['type']));
while (list($Downloads, $GroupIDs) = $Collector->get_downloads('TorrentID')) {
$Artists = Artists::get_artists($GroupIDs);
$TorrentIDs = array_keys($GroupIDs);
$TorrentFilesQ = $DB->query('
function check_paranoia_here($Setting)
{
global $Paranoia, $Class, $UserID;
return check_paranoia($Setting, $Paranoia, $Class, $UserID);
}
?>
</strong>
<?php
}
if (check_paranoia('downloaded', $Paranoia, $Class, $FriendID)) {
?>
Down: <strong><?php
echo Format::get_size($Downloaded);
?>
</strong>
<?php
}
?>
</span>
<?php
if (check_paranoia('lastseen', $Paranoia, $Class, $FriendID)) {
?>
<span style="float: right;"><?php
echo time_diff($LastAccess);
?>
</span>
<?php
}
?>
</td>
</tr>
<tr>
<?php
if (Users::has_avatars_enabled()) {
?>
<td class="col_avatar avatar" valign="top">
function make_tree()
{
$QueryID = G::$DB->get_query_id();
$UserID = $this->UserID;
?>
<div class="invitetree pad">
<?php
G::$DB->query("\n\t\t\tSELECT TreePosition, TreeID, TreeLevel\n\t\t\tFROM invite_tree\n\t\t\tWHERE UserID = {$UserID}");
list($TreePosition, $TreeID, $TreeLevel) = G::$DB->next_record(MYSQLI_NUM, false);
if (!$TreeID) {
return;
}
G::$DB->query("\n\t\t\tSELECT TreePosition\n\t\t\tFROM invite_tree\n\t\t\tWHERE TreeID = {$TreeID}\n\t\t\t\tAND TreeLevel = {$TreeLevel}\n\t\t\t\tAND TreePosition > {$TreePosition}\n\t\t\tORDER BY TreePosition ASC\n\t\t\tLIMIT 1");
if (G::$DB->has_results()) {
list($MaxPosition) = G::$DB->next_record(MYSQLI_NUM, false);
} else {
$MaxPosition = false;
}
$TreeQuery = G::$DB->query("\n\t\t\tSELECT\n\t\t\t\tit.UserID,\n\t\t\t\tEnabled,\n\t\t\t\tPermissionID,\n\t\t\t\tDonor,\n\t\t\t\tUploaded,\n\t\t\t\tDownloaded,\n\t\t\t\tParanoia,\n\t\t\t\tTreePosition,\n\t\t\t\tTreeLevel\n\t\t\tFROM invite_tree AS it\n\t\t\t\tJOIN users_main AS um ON um.ID = it.UserID\n\t\t\t\tJOIN users_info AS ui ON ui.UserID = it.UserID\n\t\t\tWHERE TreeID = {$TreeID}\n\t\t\t\tAND TreePosition > {$TreePosition}" . ($MaxPosition ? " AND TreePosition < {$MaxPosition}" : '') . "\n\t\t\t\tAND TreeLevel > {$TreeLevel}\n\t\t\tORDER BY TreePosition");
$PreviousTreeLevel = $TreeLevel;
// Stats for the summary
$MaxTreeLevel = $TreeLevel;
// The deepest level (this changes)
$OriginalTreeLevel = $TreeLevel;
// The level of the user we're viewing
$BaseTreeLevel = $TreeLevel + 1;
// The level of users invited by our user
$Count = 0;
$Branches = 0;
$DisabledCount = 0;
$DonorCount = 0;
$ParanoidCount = 0;
$TotalUpload = 0;
$TotalDownload = 0;
$TopLevelUpload = 0;
$TopLevelDownload = 0;
$ClassSummary = array();
global $Classes;
foreach ($Classes as $ClassID => $Val) {
$ClassSummary[$ClassID] = 0;
}
// We store this in an output buffer, so we can show the summary at the top without having to loop through twice
ob_start();
while (list($ID, $Enabled, $Class, $Donor, $Uploaded, $Downloaded, $Paranoia, $TreePosition, $TreeLevel) = G::$DB->next_record(MYSQLI_NUM, false)) {
// Do stats
$Count++;
if ($TreeLevel > $MaxTreeLevel) {
$MaxTreeLevel = $TreeLevel;
}
if ($TreeLevel == $BaseTreeLevel) {
$Branches++;
$TopLevelUpload += $Uploaded;
$TopLevelDownload += $Downloaded;
}
$ClassSummary[$Class]++;
if ($Enabled == 2) {
$DisabledCount++;
}
if ($Donor) {
$DonorCount++;
}
// Manage tree depth
if ($TreeLevel > $PreviousTreeLevel) {
for ($i = 0; $i < $TreeLevel - $PreviousTreeLevel; $i++) {
echo "\n\n<ul class=\"invitetree\">\n\t<li>\n";
}
} elseif ($TreeLevel < $PreviousTreeLevel) {
for ($i = 0; $i < $PreviousTreeLevel - $TreeLevel; $i++) {
echo "\t</li>\n</ul>\n";
}
echo "\t</li>\n\t<li>\n";
} else {
echo "\t</li>\n\t<li>\n";
}
$UserClass = $Classes[$Class]['Level'];
?>
<strong><?php
echo Users::format_username($ID, true, true, $Enabled != 2 ? false : true, true);
?>
</strong>
<?php
if (check_paranoia(array('uploaded', 'downloaded'), $Paranoia, $UserClass)) {
$TotalUpload += $Uploaded;
$TotalDownload += $Downloaded;
?>
Uploaded: <strong><?php
echo Format::get_size($Uploaded);
?>
</strong>
Downloaded: <strong><?php
echo Format::get_size($Downloaded);
?>
</strong>
Ratio: <strong><?php
echo Format::get_ratio_html($Uploaded, $Downloaded);
?>
</strong>
<?php
} else {
$ParanoidCount++;
?>
Hidden
<?php
}
?>
<?php
$PreviousTreeLevel = $TreeLevel;
G::$DB->set_query_id($TreeQuery);
}
$Tree = ob_get_clean();
for ($i = 0; $i < $PreviousTreeLevel - $OriginalTreeLevel; $i++) {
$Tree .= "\t</li>\n</ul>\n";
}
if ($Count) {
?>
<p style="font-weight: bold;">
This tree has <?php
echo number_format($Count);
?>
entries, <?php
echo number_format($Branches);
?>
branches, and a depth of <?php
echo number_format($MaxTreeLevel - $OriginalTreeLevel);
?>
.
It has
<?php
$ClassStrings = array();
foreach ($ClassSummary as $ClassID => $ClassCount) {
if ($ClassCount == 0) {
continue;
}
$LastClass = Users::make_class_string($ClassID);
if ($ClassCount > 1) {
if ($LastClass == 'Torrent Celebrity') {
$LastClass = 'Torrent Celebrities';
} else {
$LastClass .= 's';
}
}
$LastClass = "{$ClassCount} {$LastClass} (" . number_format($ClassCount / $Count * 100) . '%)';
$ClassStrings[] = $LastClass;
}
if (count($ClassStrings) > 1) {
array_pop($ClassStrings);
echo implode(', ', $ClassStrings);
echo ' and ' . $LastClass;
} else {
echo $LastClass;
}
echo '. ';
echo $DisabledCount;
echo $DisabledCount == 1 ? ' user is' : ' users are';
echo ' disabled (';
if ($DisabledCount == 0) {
echo '0%)';
} else {
echo number_format($DisabledCount / $Count * 100) . '%)';
}
echo ', and ';
echo $DonorCount;
echo $DonorCount == 1 ? ' user has' : ' users have';
echo ' donated (';
if ($DonorCount == 0) {
echo '0%)';
} else {
echo number_format($DonorCount / $Count * 100) . '%)';
}
echo '. </p>';
echo '<p style="font-weight: bold;">';
echo 'The total amount uploaded by the entire tree was ' . Format::get_size($TotalUpload);
echo '; the total amount downloaded was ' . Format::get_size($TotalDownload);
echo '; and the total ratio is ' . Format::get_ratio_html($TotalUpload, $TotalDownload) . '. ';
echo '</p>';
echo '<p style="font-weight: bold;">';
echo 'The total amount uploaded by direct invitees (the top level) was ' . Format::get_size($TopLevelUpload);
echo '; the total amount downloaded was ' . Format::get_size($TopLevelDownload);
echo '; and the total ratio is ' . Format::get_ratio_html($TopLevelUpload, $TopLevelDownload) . '. ';
echo "These numbers include the stats of paranoid users and will be factored into the invitation giving script.\n\t\t</p>\n";
if ($ParanoidCount) {
echo '<p style="font-weight: bold;">';
echo $ParanoidCount;
echo $ParanoidCount == 1 ? ' user (' : ' users (';
echo number_format($ParanoidCount / $Count * 100);
echo '%) ';
echo $ParanoidCount == 1 ? ' is' : ' are';
echo ' too paranoid to have their stats shown here, and ';
echo $ParanoidCount == 1 ? ' was' : ' were';
echo ' not factored into the stats for the total tree.';
echo '</p>';
}
}
?>
<br />
<?php
echo $Tree;
?>
</div>
<?php
G::$DB->set_query_id($QueryID);
}
function check_paranoia_here($Setting)
{
global $User;
return check_paranoia($Setting, $User['Paranoia'], $User['Class'], $User['ID']);
}
function check_paranoia($Property, $Paranoia, $UserClass, $UserID = false)
{
global $Classes;
if ($Property == false) {
return false;
}
if (!is_array($Paranoia)) {
$Paranoia = unserialize($Paranoia);
}
if (!is_array($Paranoia)) {
$Paranoia = array();
}
if (is_array($Property)) {
$all = true;
foreach ($Property as $P) {
$all = $all && check_paranoia($P, $Paranoia, $UserClass, $UserID);
}
return $all;
} else {
if ($UserID !== false && G::$LoggedUser['ID'] == $UserID) {
return PARANOIA_ALLOWED;
}
$May = !in_array($Property, $Paranoia) && !in_array($Property . '+', $Paranoia);
if ($May) {
return PARANOIA_ALLOWED;
}
if (check_perms('users_override_paranoia', $UserClass)) {
return PARANOIA_OVERRIDDEN;
}
$Override = false;
switch ($Property) {
case 'downloaded':
case 'ratio':
case 'uploaded':
case 'lastseen':
if (check_perms('users_mod', $UserClass)) {
return PARANOIA_OVERRIDDEN;
}
break;
case 'snatched':
case 'snatched+':
if (check_perms('users_view_torrents_snatchlist', $UserClass)) {
return PARANOIA_OVERRIDDEN;
}
break;
case 'uploads':
case 'uploads+':
case 'seeding':
case 'seeding+':
case 'leeching':
case 'leeching+':
if (check_perms('users_view_seedleech', $UserClass)) {
return PARANOIA_OVERRIDDEN;
}
break;
case 'invitedcount':
if (check_perms('users_view_invites', $UserClass)) {
return PARANOIA_OVERRIDDEN;
}
break;
}
return false;
}
}
Using $_GET['userid'] allows a mod to see any user's token history.
Nonmods and empty userid show $LoggedUser['ID']'s history
************************************************************************/
if (isset($_GET['userid'])) {
$UserID = $_GET['userid'];
} else {
$UserID = $LoggedUser['ID'];
}
if (!is_number($UserID)) {
error(404);
}
$UserInfo = Users::user_info($UserID);
$Perms = Permissions::get_permissions($UserInfo['PermissionID']);
$UserClass = $Perms['Class'];
if (!check_perms('users_mod')) {
if ($LoggedUser['ID'] != $UserID && !check_paranoia(false, $User['Paranoia'], $UserClass, $UserID)) {
error(403);
}
}
if (isset($_GET['expire'])) {
if (!check_perms('users_mod')) {
error(403);
}
$UserID = $_GET['userid'];
$TorrentID = $_GET['torrentid'];
if (!is_number($UserID) || !is_number($TorrentID)) {
error(403);
}
$DB->query("\n\t\tSELECT info_hash\n\t\tFROM torrents\n\t\tWHERE ID = {$TorrentID}");
if (list($InfoHash) = $DB->next_record(MYSQLI_NUM, FALSE)) {
$DB->query("\n\t\t\tUPDATE users_freeleeches\n\t\t\tSET Expired = TRUE\n\t\t\tWHERE UserID = {$UserID}\n\t\t\t\tAND TorrentID = {$TorrentID}");
<?php
if (!check_perms('users_mod')) {
error(403);
}
if (isset($_GET['userid']) && is_number($_GET['userid'])) {
$UserHeavyInfo = Users::user_heavy_info($_GET['userid']);
if (isset($UserHeavyInfo['torrent_pass'])) {
$TorrentPass = $UserHeavyInfo['torrent_pass'];
$UserPeerStats = Tracker::user_peer_count($TorrentPass);
$UserInfo = Users::user_info($_GET['userid']);
$UserLevel = $Classes[$UserInfo['PermissionID']]['Level'];
if (!check_paranoia('leeching+', $UserInfo['Paranoia'], $UserLevel, $_GET['userid'])) {
$UserPeerStats[0] = false;
}
if (!check_paranoia('seeding+', $UserInfo['Paranoia'], $UserLevel, $_GET['userid'])) {
$UserPeerStats[1] = false;
}
} else {
$UserPeerStats = false;
}
} else {
$MainStats = Tracker::info();
}
View::show_header('Tracker info');
?>
<div class="thin">
<div class="header">
<h2>Tracker info</h2>
</div>
<div class="linkbox">
default:
error(404);
}
if (!empty($_GET['filter'])) {
if ($_GET['filter'] === 'perfectflac') {
if (!check_paranoia('perfectflacs', $User['Paranoia'], $UserClass, $UserID)) {
error(403);
}
$ExtraWhere .= " AND t.Format = 'FLAC'";
if (empty($_GET['media'])) {
$ExtraWhere .= "\n\t\t\t\tAND (\n\t\t\t\t\tt.LogScore = 100 OR\n\t\t\t\t\tt.Media IN ('Vinyl', 'WEB', 'DVD', 'Soundboard', 'Cassette', 'SACD', 'Blu-ray', 'DAT')\n\t\t\t\t\t)";
} elseif (strtoupper($_GET['media']) === 'CD' && empty($_GET['log'])) {
$ExtraWhere .= "\n\t\t\t\tAND t.LogScore = 100";
}
} elseif ($_GET['filter'] === 'uniquegroup') {
if (!check_paranoia('uniquegroups', $User['Paranoia'], $UserClass, $UserID)) {
error(403);
}
$GroupBy = 'tg.ID';
}
}
if (empty($GroupBy)) {
$GroupBy = 't.ID';
}
if ((empty($_GET['search']) || trim($_GET['search']) === '') && $Order != 'Name') {
$SQL = "\n\t\tSELECT\n\t\t\tSQL_CALC_FOUND_ROWS\n\t\t\tt.GroupID,\n\t\t\tt.ID AS TorrentID,\n\t\t\t{$Time} AS Time,\n\t\t\ttg.CategoryID\n\t\tFROM {$From}\n\t\t\tJOIN torrents_group AS tg ON tg.ID = t.GroupID\n\t\tWHERE {$UserField} = '{$UserID}'\n\t\t\t{$ExtraWhere}\n\t\t\t{$SearchWhere}\n\t\tGROUP BY {$GroupBy}\n\t\tORDER BY {$Order} {$Way}\n\t\tLIMIT {$Limit}";
} else {
$DB->query("\n\t\tCREATE TEMPORARY TABLE temp_sections_torrents_user (\n\t\t\tGroupID int(10) unsigned not null,\n\t\t\tTorrentID int(10) unsigned not null,\n\t\t\tTime int(12) unsigned not null,\n\t\t\tCategoryID int(3) unsigned,\n\t\t\tSeeders int(6) unsigned,\n\t\t\tLeechers int(6) unsigned,\n\t\t\tSnatched int(10) unsigned,\n\t\t\tName mediumtext,\n\t\t\tSize bigint(12) unsigned,\n\t\tPRIMARY KEY (TorrentID)) CHARSET=utf8");
$DB->query("\n\t\tINSERT IGNORE INTO temp_sections_torrents_user\n\t\t\tSELECT\n\t\t\t\tt.GroupID,\n\t\t\t\tt.ID AS TorrentID,\n\t\t\t\t{$Time} AS Time,\n\t\t\t\ttg.CategoryID,\n\t\t\t\tt.Seeders,\n\t\t\t\tt.Leechers,\n\t\t\t\tt.Snatched,\n\t\t\t\tCONCAT_WS(' ', GROUP_CONCAT(aa.Name SEPARATOR ' '), ' ', tg.Name, ' ', tg.Year, ' ') AS Name,\n\t\t\t\tt.Size\n\t\t\tFROM {$From}\n\t\t\t\tJOIN torrents_group AS tg ON tg.ID = t.GroupID\n\t\t\t\tLEFT JOIN torrents_artists AS ta ON ta.GroupID = tg.ID\n\t\t\t\tLEFT JOIN artists_alias AS aa ON aa.AliasID = ta.AliasID\n\t\t\tWHERE {$UserField} = '{$UserID}'\n\t\t\t\t{$ExtraWhere}\n\t\t\t\t{$SearchWhere}\n\t\t\tGROUP BY TorrentID, Time");
if (!empty($_GET['search']) && trim($_GET['search']) !== '') {
$Words = array_unique(explode(' ', db_string($_GET['search'])));
* uploaded = comments left on one's uploads
* If missing or invalid, this defaults to the comments one made
*/
// User ID
if (isset($_GET['id']) && is_number($_GET['id'])) {
$UserID = (int) $_GET['id'];
$UserInfo = Users::user_info($UserID);
$Username = $UserInfo['Username'];
if ($LoggedUser['ID'] == $UserID) {
$Self = true;
} else {
$Self = false;
}
$Perms = Permissions::get_permissions($UserInfo['PermissionID']);
$UserClass = $Perms['Class'];
if (!check_paranoia('torrentcomments', $UserInfo['Paranoia'], $UserClass, $UserID)) {
error(403);
}
} else {
$UserID = $LoggedUser['ID'];
$Username = $LoggedUser['Username'];
$Self = true;
}
// Posts per page limit stuff
if (isset($LoggedUser['PostsPerPage'])) {
$PerPage = $LoggedUser['PostsPerPage'];
} else {
$PerPage = POSTS_PER_PAGE;
}
list($Page, $Limit) = Format::page_limit($PerPage);
if (!isset($_REQUEST['action'])) {
$Perms = Permissions::get_permissions($User['PermissionID']);
$UserClass = $Perms['Class'];
$UserLink = '<a href="user.php?id=' . $UserID . '">' . $User['Username'] . '</a>';
if (!empty($_GET['contrib'])) {
if (!check_paranoia('collagecontribs', $User['Paranoia'], $UserClass, $UserID)) {
error(403);
}
$DB->query("\n\t\t\tSELECT DISTINCT CollageID\n\t\t\tFROM collages_torrents\n\t\t\tWHERE UserID = {$UserID}");
$CollageIDs = $DB->collect('CollageID');
if (empty($CollageIDs)) {
$SQL .= " AND 0";
} else {
$SQL .= " AND c.ID IN(" . db_string(implode(',', $CollageIDs)) . ')';
}
} else {
if (!check_paranoia('collages', $User['Paranoia'], $UserClass, $UserID)) {
error(403);
}
$SQL .= " AND UserID = '" . $_GET['userid'] . "'";
}
$Categories[] = 0;
}
if (!empty($Categories)) {
$SQL .= " AND CategoryID IN(" . db_string(implode(',', $Categories)) . ')';
}
if (isset($_GET['action']) && $_GET['action'] === 'mine') {
$SQL = $BaseSQL;
$SQL .= "\n\t\tAND c.UserID = '" . $LoggedUser['ID'] . "'\n\t\tAND c.CategoryID = 0";
}
$SQL .= "\n\tORDER BY {$Order} {$Way}\n\tLIMIT {$Limit}";
$DB->query($SQL);
