prepare for beta8

_db/dbstructure_v1.6.sql

@@ -778,7 +778,7 @@ CREATE TABLE `failed_jobs` (
   `exception` longtext COLLATE utf8mb4_unicode_ci NOT NULL,
   `failed_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   PRIMARY KEY (`id`),
-  UNIQUE KEY `failed_jobs_uuid_unique` (`uuid`)
+  UNIQUE KEY `failed_jobs_uuid_unique` (`uuid`(191))
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
 /*!40101 SET character_set_client = @saved_cs_client */;
 
@@ -1909,6 +1909,34 @@ INSERT INTO `searchbox` VALUES (4,'chd',1,0,1,1,1,0,1,0,10,7,'','','');
 /*!40000 ALTER TABLE `searchbox` ENABLE KEYS */;
 UNLOCK TABLES;
 
+--
+-- Table structure for table `searchbox_fields`
+--
+
+DROP TABLE IF EXISTS `searchbox_fields`;
+/*!40101 SET @saved_cs_client     = @@character_set_client */;
+/*!40101 SET character_set_client = utf8 */;
+CREATE TABLE `searchbox_fields` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `searchbox_id` int(11) NOT NULL,
+  `field_type` varchar(255) NOT NULL,
+  `field_id` int(11) NOT NULL DEFAULT '0',
+  `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `update_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `uniq_searchbox_type_id` (`searchbox_id`,`field_type`,`field_id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+/*!40101 SET character_set_client = @saved_cs_client */;
+
+--
+-- Dumping data for table `searchbox_fields`
+--
+
+LOCK TABLES `searchbox_fields` WRITE;
+/*!40000 ALTER TABLE `searchbox_fields` DISABLE KEYS */;
+/*!40000 ALTER TABLE `searchbox_fields` ENABLE KEYS */;
+UNLOCK TABLES;
+
 --
 -- Table structure for table `secondicons`
 --
@@ -1953,8 +1981,8 @@ CREATE TABLE `settings` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
   `name` varchar(255) NOT NULL DEFAULT '',
   `value` mediumtext,
-  `created_at` datetime DEFAULT NULL,
-  `updated_at` datetime DEFAULT NULL,
+  `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `updated_at` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
   PRIMARY KEY (`id`),
   UNIQUE KEY `uniqe_name` (`name`)
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
@@ -2337,6 +2365,35 @@ LOCK TABLES `topics` WRITE;
 /*!40000 ALTER TABLE `topics` ENABLE KEYS */;
 UNLOCK TABLES;
 
+--
+-- Table structure for table `torrent_secrets`
+--
+
+DROP TABLE IF EXISTS `torrent_secrets`;
+/*!40101 SET @saved_cs_client     = @@character_set_client */;
+/*!40101 SET character_set_client = utf8 */;
+CREATE TABLE `torrent_secrets` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `uid` int(11) NOT NULL,
+  `torrent_id` int(11) NOT NULL DEFAULT '0',
+  `secret` varchar(255) NOT NULL,
+  `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`),
+  KEY `idx_uid` (`uid`),
+  KEY `idx_torrent_id` (`torrent_id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+/*!40101 SET character_set_client = @saved_cs_client */;
+
+--
+-- Dumping data for table `torrent_secrets`
+--
+
+LOCK TABLES `torrent_secrets` WRITE;
+/*!40000 ALTER TABLE `torrent_secrets` DISABLE KEYS */;
+/*!40000 ALTER TABLE `torrent_secrets` ENABLE KEYS */;
+UNLOCK TABLES;
+
 --
 -- Table structure for table `torrents`
 --
@@ -2381,7 +2438,7 @@ CREATE TABLE `torrents` (
   `promotion_until` datetime DEFAULT NULL,
   `anonymous` enum('yes','no') NOT NULL DEFAULT 'no',
   `url` int(10) unsigned DEFAULT NULL,
-  `pos_state` enum('normal','sticky') NOT NULL DEFAULT 'normal',
+  `pos_state` varchar(32) NOT NULL DEFAULT 'normal',
   `cache_stamp` tinyint(3) unsigned NOT NULL DEFAULT '0',
   `picktype` enum('hot','classic','recommended','normal') NOT NULL DEFAULT 'normal',
   `picktime` datetime DEFAULT NULL,
@@ -2703,4 +2760,4 @@ UNLOCK TABLES;
 /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
 /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
 
--- Dump completed on 2021-05-14  0:29:10
+-- Dump completed on 2021-06-04 21:00:26

app/Http/Middleware/Permission.php

@@ -18,14 +18,13 @@ class Permission
      */
     public function handle(Request $request, Closure $next)
     {
+        /** @var User $user */
         $user = $request->user();
-        $targetClass = User::CLASS_MODERATOR;
-        $log = sprintf('user: %s, class: %s, target class: %s', $user->id, $user->class, $targetClass);
-        if (!$user || $user->class < $targetClass) {
-            do_log("$log, denied!");
+        if (!$user || !$user->canAccessAdmin()) {
+            do_log("denied!");
             throw new UnauthorizedException('Unauthorized!');
         }
-        do_log("$log, allow!");
+        do_log("allow!");
         return $next($request);
     }
 }

app/Models/User.php

@@ -247,4 +247,14 @@ class User extends Authenticatable
         return $this->update($update);
     }
 
+    public function canAccessAdmin()
+    {
+        $targetClass = self::CLASS_MODERATOR;
+        if (!$this->class || $this->class < $targetClass) {
+            do_log(sprintf('user: %s, no class or class < %s, can not access admin.', $this->id, $targetClass));
+            return false;
+        }
+        return true;
+    }
+
 }

app/Repositories/AuthenticateRepository.php

@@ -4,6 +4,7 @@ namespace App\Repositories;
 use App\Http\Resources\UserResource;
 use App\Models\User;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Validation\UnauthorizedException;
 
 class AuthenticateRepository extends BaseRepository
 {
@@ -11,10 +12,13 @@ class AuthenticateRepository extends BaseRepository
     {
         $user = User::query()
             ->where('username', $username)
-            ->first(array_merge(User::$commonFields, ['secret', 'passhash']));
+            ->first(array_merge(User::$commonFields, ['class', 'secret', 'passhash']));
         if (!$user || md5($user->secret . $password . $user->secret) != $user->passhash) {
             throw new \InvalidArgumentException('Username or password invalid.');
         }
+        if (!$user->canAccessAdmin()) {
+            throw new UnauthorizedException('Unauthorized!');
+        }
         $tokenName = __METHOD__ . __LINE__;
         $token = DB::transaction(function () use ($user, $tokenName) {
             $user->tokens()->delete();

lang/chs/lang_torrents.php

@@ -47,7 +47,7 @@ $lang_torrents = array
 	'text_s_bookmarked_torrent' => "收藏的种子",
 	'text_s_not_bookmarked_torrent' => "未收藏的种子",
 	'head_torrents' => "种子",
-	'head_music' => "音乐",
+	'head_special' => "特别",
 	'text_movies_and_tvs' => "电影 & 电视:",
 	'text_games_and_appz' => "游戏 & 程序:",
 	'text_others' => "其它:",

lang/cht/lang_torrents.php

@@ -47,7 +47,7 @@ $lang_torrents = array
 	'text_s_bookmarked_torrent' => "收藏的種子",
 	'text_s_not_bookmarked_torrent' => "未收藏的種子",
 	'head_torrents' => "種子",
-	'head_music' => "音樂",
+	'head_special' => "特別",
 	'text_movies_and_tvs' => "電影 & 電視:",
 	'text_games_and_appz' => "游戲 & 程序:",
 	'text_others' => "其它:",

lang/en/lang_torrents.php

@@ -47,7 +47,7 @@ $lang_torrents = array
 	'text_s_bookmarked_torrent' => "'s Bookmarked Torrents",
 	'text_s_not_bookmarked_torrent' => "'s NOT Bookmarked Torrents",
 	'head_torrents' => "Torrents",
-	'head_music' => "Music",
+	'head_special' => "Special",
 	'text_movies_and_tvs' => "Movies & TVs:",
 	'text_games_and_appz' => "Games & Appz:",
 	'text_others' => "Others:",

nexus/Install/settings.default.php

@@ -153,14 +153,15 @@
     'addoffer' => '0',
     'offermanage' => '13',
     'upload' => '2',
-    'uploadspecial' => '0',
-    'movetorrent' => '0',
+    'uploadspecial' => '12',
+    'movetorrent' => '13',
     'chrmanage' => '13',
     'viewinvite' => '13',
     'buyinvite' => '5',
     'seebanned' => '12',
     'againstoffer' => '1',
     'userbar' => '2',
+    'view_special_torrent' => '4',
   ),
   'tweak' => 
   array (

public/settings.php

@@ -55,7 +55,7 @@ if ($action == 'savesettings_main')	// save main
 	$Cache->delete_value('stats_torrents', true);
 	$Cache->delete_value('peers_count', true);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker MAIN settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker MAIN settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_basic') 	// save basic
@@ -71,7 +71,7 @@ elseif ($action == 'savesettings_basic') 	// save basic
 	}
 	saveSetting('basic', $BASIC);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker basic settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker basic settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_code') 	// save database
@@ -85,7 +85,7 @@ elseif ($action == 'savesettings_code') 	// save database
 	}
 	saveSetting('code', $CODE);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker code settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker code settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_bonus') 	// save bonus
@@ -107,7 +107,7 @@ elseif ($action == 'savesettings_bonus') 	// save bonus
 	ksort($BONUS['attendance_continuous']);
 	saveSetting('bonus', $BONUS);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker bonus settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker bonus settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_account') 	// save account
@@ -122,7 +122,7 @@ elseif ($action == 'savesettings_account') 	// save account
 	}
 	saveSetting('account', $ACCOUNT);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker account settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker account settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif($action == 'savesettings_torrent') 	// save account
@@ -137,7 +137,7 @@ elseif($action == 'savesettings_torrent') 	// save account
 
 	saveSetting('torrent', $TORRENT);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker torrent settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker torrent settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_smtp') 	// save smtp
@@ -158,7 +158,7 @@ elseif ($action == 'savesettings_smtp') 	// save smtp
 	}
 	saveSetting('smtp', $SMTP);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker SMTP settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker SMTP settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_security') 	// save security
@@ -181,7 +181,7 @@ elseif ($action == 'savesettings_security') 	// save security
 	}
 	saveSetting('security', $SECURITY);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker SECURITY settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker SECURITY settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_authority') 	// save user authority
@@ -196,7 +196,7 @@ elseif ($action == 'savesettings_authority') 	// save user authority
 
 	saveSetting('authority', $AUTHORITY);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker USER AUTHORITY settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker USER AUTHORITY settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_tweak')	// save tweak
@@ -210,7 +210,7 @@ elseif ($action == 'savesettings_tweak')	// save tweak
 	}
 	saveSetting('tweak', $TWEAK);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker TWEAK settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker TWEAK settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_attachment')	// save attachment
@@ -225,7 +225,7 @@ elseif ($action == 'savesettings_attachment')	// save attachment
 
 	saveSetting('attachment', $ATTACHMENT);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker ATTACHMENT settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker ATTACHMENT settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'savesettings_advertisement')	// save advertisement
@@ -240,7 +240,7 @@ elseif ($action == 'savesettings_advertisement')	// save advertisement
 
 	saveSetting('advertisement', $ADVERTISEMENT);
 	$actiontime = date("F j, Y, g:i a");
-	write_log("Tracker ADVERTISEMENT settings updated by $CURUSER[username]. $actiontime",'mod');
+	write_log("Tracker ADVERTISEMENT settings updated by {$CURUSER['username']}. $actiontime",'mod');
 	go_back();
 }
 elseif ($action == 'tweaksettings')		// tweak settings

public/torrents.php

@@ -885,7 +885,7 @@ if (isset($searchstr))
 	stdhead($lang_torrents['head_search_results_for'].$searchstr_ori);
 elseif ($sectiontype == $browsecatmode)
 	stdhead($lang_torrents['head_torrents']);
-else stdhead($lang_torrents['head_music']);
+else stdhead($lang_torrents['head_special']);
 print("<table width=\"97%\" class=\"main\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td class=\"embedded\">");
 
 displayHotAndClassic();