From 0d3975d8d7ce7709aa71856c0245ec023f4d4732 Mon Sep 17 00:00:00 2001
From: xiaomlove <i353856593@163.com>
Date: Mon, 14 Mar 2022 15:43:10 +0800
Subject: [PATCH] delete torrent record when save torrent fail

---
 public/download.php   | 17 +++++++++++++----
 public/takeupload.php | 17 ++++++++++++++---
 public/upload.php     |  2 +-
 3 files changed, 28 insertions(+), 8 deletions(-)

diff --git a/public/download.php b/public/download.php
index cff40831..d4470851 100644
--- a/public/download.php
+++ b/public/download.php
@@ -74,6 +74,10 @@ if (@ini_get('output_handler') == 'ob_gzhandler' AND @ob_get_length() !== false)
 }
 */
 
+if ($CURUSER['downloadpos']=="no") {
+    permissiondenied();
+}
+
 $trackerSchemaAndHost = get_tracker_schema_and_host();
 $ssl_torrent = $trackerSchemaAndHost['ssl_torrent'];
 $base_announce_url = $trackerSchemaAndHost['base_announce_url'];
@@ -81,17 +85,22 @@ $base_announce_url = $trackerSchemaAndHost['base_announce_url'];
 $res = sql_query("SELECT torrents.name, torrents.filename, torrents.save_as, torrents.size, torrents.owner, torrents.banned, categories.mode as search_box_id FROM torrents left join categories on torrents.category = categories.id WHERE torrents.id = ".sqlesc($id)) or sqlerr(__FILE__, __LINE__);
 $row = mysql_fetch_assoc($res);
 if (!$row) {
-    do_log("[TORRENT_NOT_EXISTS] $id", 'error');
+    do_log("[TORRENT_NOT_EXISTS_IN_DATABASE] $id", 'error');
     httperr();
 }
 $fn = getFullDirectory("$torrent_dir/$id.torrent");
-if ($CURUSER['downloadpos']=="no") {
-    permissiondenied();
+if (!is_file($fn)) {
+    do_log("[TORRENT_NOT_EXISTS_IN_PATH] $fn",'error');
+    httperr();
 }
-if (!is_file($fn) || !is_readable($fn)) {
+if (!is_readable($fn)) {
     do_log("[TORRENT_NOT_READABLE] $fn",'error');
     httperr();
 }
+if (filesize($fn) == 0) {
+    do_log("[TORRENT_NOT_VALID_SIZE_ZERO] $fn",'error');
+    httperr();
+}
 if (($row['banned'] == 'yes' && get_user_class() < $seebanned_class) || !can_access_torrent($row)) {
     permissiondenied();
 }
diff --git a/public/takeupload.php b/public/takeupload.php
index d7eaa030..c547ffa2 100644
--- a/public/takeupload.php
+++ b/public/takeupload.php
@@ -306,6 +306,14 @@ if (empty($url) && !empty($ptGenImdbLink)) {
 	$url = str_replace('tt', '', $ptGenImdbInfo['id']);
 }
 
+$torrentSavePath = getFullDirectory($torrent_dir);
+if (!is_dir($torrentSavePath)) {
+    bark("torrent save path: $torrentSavePath not exists.");
+}
+if (!is_writable($torrentSavePath)) {
+    bark("torrent save path: $torrentSavePath not writeable.");
+}
+
 $ret = sql_query("INSERT INTO torrents (filename, owner, visible, anonymous, name, size, numfiles, type, url, small_descr, descr, ori_descr, category, source, medium, codec, audiocodec, standard, processing, team, save_as, sp_state, added, last_action, nfo, info_hash, pt_gen, technical_info) VALUES (".sqlesc($fname).", ".sqlesc($CURUSER["id"]).", 'yes', ".sqlesc($anonymous).", ".sqlesc($torrent).", ".sqlesc($totallen).", ".count($filelist).", ".sqlesc($type).", ".sqlesc($url).", ".sqlesc($small_descr).", ".sqlesc($descr).", ".sqlesc($descr).", ".sqlesc($catid).", ".sqlesc($sourceid).", ".sqlesc($mediumid).", ".sqlesc($codecid).", ".sqlesc($audiocodecid).", ".sqlesc($standardid).", ".sqlesc($processingid).", ".sqlesc($teamid).", ".sqlesc($dname).", ".sqlesc($sp_state) .
 ", " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc(date("Y-m-d H:i:s")) . ", ".sqlesc($nfo).", " . sqlesc($infohash). ", " . sqlesc(json_encode($postPtGen)) . ", " . sqlesc($_POST['technical_info'] ?? '') . ")");
 if (!$ret) {
@@ -315,6 +323,12 @@ if (!$ret) {
 	//bark("mysql puked: ".preg_replace_callback('/./s', "hex_esc2", mysql_error()));
 }
 $id = mysql_insert_id();
+$torrentFilePath = "$torrentSavePath/$id.torrent";
+$saveResult = \Rhilip\Bencode\Bencode::dump($torrentFilePath, $dict);
+if ($saveResult === false) {
+    sql_query("delete from torrents where id = $id limit 1");
+    bark("save torrent to $torrentFilePath fail.");
+}
 
 /**
  * add custom fields
@@ -351,9 +365,6 @@ foreach ($filelist as $file) {
 	@sql_query("INSERT INTO files (torrent, filename, size) VALUES ($id, ".sqlesc($file[0]).",".$file[1].")");
 }
 
-//move_uploaded_file($tmpname, "$torrent_dir/$id.torrent");
-\Rhilip\Bencode\Bencode::dump(getFullDirectory("$torrent_dir/$id.torrent"),$dict);
-
 //===add karma
 KPS("+",$uploadtorrent_bonus,$CURUSER["id"]);
 //===end
diff --git a/public/upload.php b/public/upload.php
index a1f9c1ab..e3fafd38 100644
--- a/public/upload.php
+++ b/public/upload.php
@@ -42,7 +42,7 @@ stdhead($lang_upload['head_upload']);
 					<td class='colhead' colspan='2' align='center'>
 						<?php echo $lang_upload['text_tracker_url'] ?>: &nbsp;&nbsp;&nbsp;&nbsp;<b><?php echo  get_protocol_prefix() . $announce_urls[0]?></b>
 						<?php
-						if(!is_writable(ROOT_PATH . $torrent_dir))
+						if(!is_writable(getFullDirectory($torrent_dir)))
 						print("<br /><br /><b>ATTENTION</b>: Torrent directory isn't writable. Please contact the administrator about this problem!");
 						if(!$max_torrent_size)
 						print("<br /><br /><b>ATTENTION</b>: Max. Torrent Size not set. Please contact the administrator about this problem!");