$id = isset($_GET['torrent']) ? (int) $_GET['torrent'] : 0; $ssluse = isset($_GET['ssl']) && $_GET['ssl'] == 1 || $CURUSER['ssluse'] == 3 ? 1 : 0; $zipuse = isset($_GET['zip']) && $_GET['zip'] == 1 ? true : false; $text = isset($_GET['text']) && $_GET['text'] == 1 ? true : false; if (!is_valid_id($id)) { stderr($lang['download_user_error'], $lang['download_no_id']); } $res = sql_query('SELECT name, owner, vip, category, filename, info_hash FROM torrents WHERE id = ' . sqlesc($id)) or sqlerr(__FILE__, __LINE__); $row = mysqli_fetch_assoc($res); $fn = $INSTALLER09['torrent_dir'] . '/' . $id . '.torrent'; if (!$row || !is_file($fn) || !is_readable($fn)) { stderr('Err', 'There was an error with the file or with the query, please contact staff'); } if (happyHour('check') && happyCheck('checkid', $row['category']) && XBT_TRACKER == false && $INSTALLER09['happy_hour'] == true) { $multiplier = happyHour('multiplier'); happyLog($CURUSER['id'], $id, $multiplier); sql_query('INSERT INTO happyhour (userid, torrentid, multiplier ) VALUES (' . sqlesc($CURUSER['id']) . ',' . sqlesc($id) . ',' . sqlesc($multiplier) . ')') or sqlerr(__FILE__, __LINE__); $mc1->delete_value($CURUSER['id'] . '_happy'); } if ($INSTALLER09['seedbonus_on'] == 1 && $row['owner'] != $CURUSER['id']) { //===remove karma sql_query("UPDATE users SET seedbonus = seedbonus-" . sqlesc($INSTALLER09['bonus_per_download']) . " WHERE id = " . sqlesc($CURUSER["id"])) or sqlerr(__FILE__, __LINE__); $update['seedbonus'] = $CURUSER['seedbonus'] - $INSTALLER09['bonus_per_download']; $mc1->begin_transaction('userstats_' . $CURUSER['id']); $mc1->update_row(false, array('seedbonus' => $update['seedbonus'])); $mc1->commit_transaction($INSTALLER09['expires']['u_stats']); $mc1->begin_transaction('user_stats_' . $CURUSER['id']); $mc1->update_row(false, array('seedbonus' => $update['seedbonus'])); $mc1->commit_transaction($INSTALLER09['expires']['user_stats']); //===end }
} $res = mysql_query("SELECT name, filename, vip FROM torrents WHERE id = {$id}") or sqlerr(__FILE__, __LINE__); $row = mysql_fetch_assoc($res); $fn = "{$torrent_dir}/{$id}.torrent"; if (!$row || !is_file($fn) || !is_readable($fn)) { httperr(); } if (strlen($CURUSER['passkey']) != 32) { $CURUSER['passkey'] = md5($CURUSER['username'] . get_date_time() . $CURUSER['passhash']); mysql_query("UPDATE users SET passkey='{$CURUSER['passkey']}' WHERE id={$CURUSER['id']}"); } mysql_query("UPDATE torrents SET hits = hits + 1 WHERE id = {$id}"); if (happyHour("check") && happyCheck("checkid", $row["category"])) { $multiplier = happyHour("multiplier"); $time = time(); happyLog($CURUSER["id"], $id, $multiplier); mysql_query("INSERT INTO happyhour (userid, torrentid, multiplier ) VALUES (" . sqlesc($CURUSER["id"]) . " , " . sqlesc($id) . ", " . sqlesc($multiplier) . " )") or sqlerr(__FILE__, __LINE__); } // Passkey Mod require_once "include/benc.php"; if ($row["vip"] == 'yes' && get_user_class() < UC_VIP) { stdmsg("Sorry...", "You are not allowed to download this torrent"); exit; } $dict = bdec_file($fn, 1024 * 1024); $dict['value']['announce']['value'] = "{$BASEURL}/announce.php?passkey={$CURUSER['passkey']}"; $dict['value']['announce']['string'] = strlen($dict['value']['announce']['value']) . ":" . $dict['value']['announce']['value']; $dict['value']['announce']['strlen'] = strlen($dict['value']['announce']['string']); // download as zip file by putyn tbdev $name = str_replace(array(" ", ".", "-"), "_", $row["name"]); $new = benc($dict);