add special section

2026-04-24 03:57:22 +08:00 · 2021-05-29 18:26:04 +08:00
parent 48259ab387
commit 3a54de8be7
27 changed files with 175 additions and 43 deletions
@@ -11,7 +11,17 @@ int_check($id);
 if (!isset($id) || !$id)
 die();

-$res = sql_query("SELECT torrents.cache_stamp, torrents.sp_state, torrents.url, torrents.small_descr, torrents.seeders, torrents.banned, torrents.leechers, torrents.info_hash, torrents.filename, nfo, LENGTH(torrents.nfo) AS nfosz, torrents.last_action, torrents.name, torrents.owner, torrents.save_as, torrents.descr, torrents.visible, torrents.size, torrents.added, torrents.views, torrents.hits, torrents.times_completed, torrents.id, torrents.type, torrents.numfiles, torrents.anonymous, torrents.pt_gen, torrents.technical_info, categories.name AS cat_name, sources.name AS source_name, media.name AS medium_name, codecs.name AS codec_name, standards.name AS standard_name, processings.name AS processing_name, teams.name AS team_name, audiocodecs.name AS audiocodec_name FROM torrents LEFT JOIN categories ON torrents.category = categories.id LEFT JOIN sources ON torrents.source = sources.id LEFT JOIN media ON torrents.medium = media.id LEFT JOIN codecs ON torrents.codec = codecs.id LEFT JOIN standards ON torrents.standard = standards.id LEFT JOIN processings ON torrents.processing = processings.id LEFT JOIN teams ON torrents.team = teams.id LEFT JOIN audiocodecs ON torrents.audiocodec = audiocodecs.id WHERE torrents.id = $id LIMIT 1")
+$res = sql_query("SELECT torrents.cache_stamp, torrents.sp_state, torrents.url, torrents.small_descr, torrents.seeders, torrents.banned, torrents.leechers, torrents.info_hash, torrents.filename, nfo, LENGTH(torrents.nfo) AS nfosz, torrents.last_action, torrents.name, torrents.owner, torrents.save_as, torrents.descr, torrents.visible, torrents.size, torrents.added, torrents.views, torrents.hits, torrents.times_completed, torrents.id, torrents.type, torrents.numfiles, torrents.anonymous, torrents.pt_gen, torrents.technical_info,
+       categories.name AS cat_name, categories.mode as search_box_id, sources.name AS source_name, media.name AS medium_name, codecs.name AS codec_name, standards.name AS standard_name, processings.name AS processing_name, teams.name AS team_name, audiocodecs.name AS audiocodec_name
+FROM torrents LEFT JOIN categories ON torrents.category = categories.id
+    LEFT JOIN sources ON torrents.source = sources.id
+    LEFT JOIN media ON torrents.medium = media.id
+    LEFT JOIN codecs ON torrents.codec = codecs.id
+    LEFT JOIN standards ON torrents.standard = standards.id
+    LEFT JOIN processings ON torrents.processing = processings.id
+    LEFT JOIN teams ON torrents.team = teams.id
+    LEFT JOIN audiocodecs ON torrents.audiocodec = audiocodecs.id
+WHERE torrents.id = $id LIMIT 1")
 or sqlerr();
 $row = mysql_fetch_array($res);
 if (get_user_class() >= $torrentmanage_class || $CURUSER["id"] == $row["owner"])
@@ -20,11 +30,14 @@ else $owned = 0;

 $settingMain = get_setting('main');

-if (!$row)
-	stderr($lang_details['std_error'], $lang_details['std_no_torrent_id']);
-elseif ($row['banned'] == 'yes' && get_user_class() < $seebanned_class)
-	permissiondenied();
-else {
+if (!$row) {
+    stderr($lang_details['std_error'], $lang_details['std_no_torrent_id']);
+} elseif (
+    ($row['banned'] == 'yes' && get_user_class() < $seebanned_class)
+    || !can_access_torrent($row)
+) {
+    permissiondenied();
+} else {
    $torrentUpdate = [];
 	if (!empty($_GET["hit"])) {
        $torrentUpdate[] = 'views = views + 1';
@@ -114,6 +127,7 @@ else {
 		else $download = "";

 		tr($lang_details['row_action'], $download. ($owned == 1 ? "<$editlink><img class=\"dt_edit\" src=\"pic/trans.gif\" alt=\"edit\" />&nbsp;<b><font class=\"small\">".$lang_details['text_edit_torrent'] . "</font></b></a>&nbsp;|&nbsp;" : "").  (get_user_class() >= $askreseed_class && $row['seeders'] == 0 ? "<a title=\"".$lang_details['title_ask_for_reseed']."\" href=\"takereseed.php?reseedid=$id\"><img class=\"dt_reseed\" src=\"pic/trans.gif\" alt=\"reseed\">&nbsp;<b><font class=\"small\">".$lang_details['text_ask_for_reseed'] ."</font></b></a>&nbsp;|&nbsp;" : "") . "<a title=\"".$lang_details['title_report_torrent']."\" href=\"report.php?torrent=$id\"><img class=\"dt_report\" src=\"pic/trans.gif\" alt=\"report\" />&nbsp;<b><font class=\"small\">".$lang_details['text_report_torrent']."</font></b></a>", 1);
+        tr($lang_details['torrent_dl_url'],sprintf('<b title="%s">%s/download.php?id=%u&passkey=%s</b>',$lang_details['torrent_dl_url_notice'], getSchemeAndHttpHost(),$id,$CURUSER['passkey']), 1);

 		// ---------------- start subtitle block -------------------//
 		$r = sql_query("SELECT subs.*, language.flagpic, language.lang_name FROM subs LEFT JOIN language ON subs.lang_id=language.id WHERE torrent_id = " . sqlesc($row["id"]). " ORDER BY subs.lang_id ASC") or sqlerr(__FILE__, __LINE__);
@@ -70,15 +70,19 @@ else{



-$res = sql_query("SELECT name, filename, save_as,  size, owner,banned FROM torrents WHERE id = ".sqlesc($id)) or sqlerr(__FILE__, __LINE__);
+$res = sql_query("SELECT torrents.name, torrents.filename, torrents.save_as, torrents.size, torrents.owner, torrents.banned, categories.mode as search_box_id FROM torrents left join categories on torrents.category = categories.id WHERE torrents.id = ".sqlesc($id)) or sqlerr(__FILE__, __LINE__);
 $row = mysql_fetch_assoc($res);
 $fn = ROOT_PATH . "$torrent_dir/$id.torrent";
-if ($CURUSER['downloadpos']=="no")
-	permissiondenied();
-if (!$row || !is_file($fn) || !is_readable($fn))
-	httperr();
-if ($row['banned'] == 'yes' && get_user_class() < $seebanned_class)
-	permissiondenied();
+if ($CURUSER['downloadpos']=="no") {
+    permissiondenied();
+}
+if (!$row || !is_file($fn) || !is_readable($fn)) {
+    httperr();
+}
+if (($row['banned'] == 'yes' && get_user_class() < $seebanned_class) || !can_access_torrent($row)) {
+    permissiondenied();
+}
+
 sql_query("UPDATE torrents SET hits = hits + 1 WHERE id = ".sqlesc($id)) or sqlerr(__FILE__, __LINE__);

 require_once "include/benc.php";
@@ -187,7 +187,7 @@ elseif ($action == 'savesettings_security') 	// save security
 elseif ($action == 'savesettings_authority') 	// save user authority
 {
 	stdhead($lang_settings['head_save_authority_settings']);
-	$validConfig = array('defaultclass','staffmem','newsmanage','newfunitem','funmanage','sbmanage','pollmanage','applylink', 'linkmanage', 'postmanage','commanage','forummanage','viewuserlist','torrentmanage','torrentsticky', 'torrentonpromotion', 'askreseed', 'viewnfo', 'torrentstructure','sendinvite','viewhistory','topten','log','confilog','userprofile', 'torrenthistory','prfmanage', 'cruprfmanage','uploadsub','delownsub','submanage','updateextinfo', 'viewanonymous','beanonymous','addoffer','offermanage', 'upload','uploadspecial','movetorrent','chrmanage','viewinvite', 'buyinvite','seebanned','againstoffer','userbar');
+	$validConfig = array('defaultclass','staffmem','newsmanage','newfunitem','funmanage','sbmanage','pollmanage','applylink', 'linkmanage', 'postmanage','commanage','forummanage','viewuserlist','torrentmanage','torrentsticky', 'torrentonpromotion', 'askreseed', 'viewnfo', 'torrentstructure','sendinvite','viewhistory','topten','log','confilog','userprofile', 'torrenthistory','prfmanage', 'cruprfmanage','uploadsub','delownsub','submanage','updateextinfo', 'viewanonymous','beanonymous','addoffer','offermanage', 'upload','uploadspecial','view_special_torrent','movetorrent','chrmanage','viewinvite', 'buyinvite','seebanned','againstoffer','userbar');
 	GetVar($validConfig);
 	$AUTHORITY = [];
 	foreach($validConfig as $config) {
@@ -404,9 +404,8 @@ elseif ($action == 'authoritysettings')	//Authority settings
 	tr($lang_settings['row_add_offer'], $lang_settings['text_minimum_class'].classlist('addoffer',$maxclass,$AUTHORITY['addoffer']).$lang_settings['text_default'].get_user_class_name(UC_PEASANT,false,true,true).$lang_settings['text_add_offer_note'], 1);
 	tr($lang_settings['row_offer_management'], $lang_settings['text_minimum_class'].classlist('offermanage',$maxclass,$AUTHORITY['offermanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_offer_management_note'],1);
 	tr($lang_settings['row_upload_torrent'], $lang_settings['text_minimum_class'].classlist('upload',$maxclass,$AUTHORITY['upload']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_upload_torrent_note'], 1);
-//	if (THISTRACKER == "HDStar")
 	tr($lang_settings['row_upload_special_torrent'], $lang_settings['text_minimum_class'].classlist('uploadspecial',$maxclass,$AUTHORITY['uploadspecial']).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_upload_special_torrent_note'],1);
-//	if (THISTRACKER == "HDStar")
+	tr($lang_settings['row_view_special_torrent'], $lang_settings['text_minimum_class'].classlist('view_special_torrent',$maxclass,$AUTHORITY['view_special_torrent']).$lang_settings['text_default'].get_user_class_name(UC_CRAZY_USER,false,true,true).$lang_settings['text_view_special_torrent_note'],1);
 	tr($lang_settings['row_move_torrent'], $lang_settings['text_minimum_class'].classlist('movetorrent',$maxclass,$AUTHORITY['movetorrent']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_move_torrent_note'],1);
 	tr($lang_settings['row_chronicle_management'], $lang_settings['text_minimum_class'].classlist('chrmanage',$maxclass,$AUTHORITY['chrmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_chronicle_management_note'],1);
 	tr($lang_settings['row_view_invite'], $lang_settings['text_minimum_class'].classlist('viewinvite',$maxclass,$AUTHORITY['viewinvite']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_view_invite_note'],1);
@@ -0,0 +1,3 @@
+<?php
+
+require_once("torrents.php");
@@ -1,12 +1,27 @@
 <?php
 require_once("../include/bittorrent.php");
 dbconn(true);
-require_once(get_langfile_path());
+require_once(get_langfile_path('torrents.php'));
 loggedinorreturn();
 parked();

 //check searchbox
-$sectiontype = $browsecatmode;
+switch (CURRENT_SCRIPT) {
+    case 'torrents':
+        $sectiontype = $browsecatmode;
+        break;
+    case 'special':
+        if (get_setting('main.spsct') != 'yes') {
+            httperr();
+        }
+        if (get_user_class() < get_setting('authority.view_special_torrent')) {
+            permissiondenied();
+        }
+        $sectiontype = $specialcatmode;
+        break;
+    default:
+        $sectiontype = 0;
+}
 $showsubcat = get_searchbox_value($sectiontype, 'showsubcat');//whether show subcategory (i.e. sources, codecs) or not
 $showsource = get_searchbox_value($sectiontype, 'showsource'); //whether show sources or not
 $showmedium = get_searchbox_value($sectiontype, 'showmedium'); //whether show media or not
@@ -428,7 +428,8 @@ if ($showaudiocodec) $audiocodecs = searchbox_item_list("audiocodecs");
 					if ($i && $numinrow == 0){
 						$categories .= "</tr>".($spenablecatrow ? "<tr><td class=embedded align=left><b>".$spcatrow[$rownum]."</b></td></tr>" : "")."<tr>";
 					}
-					$categories .= "<td align=left class=bottom style=\"padding-bottom: 4px;padding-left: ".$catpadding."px\"><input class=checkbox name=cat".$cat['id']." type=\"checkbox\" " . (strpos($CURUSER['notifs'], "[cat".$cat['id']."]") !== false ? " checked" : "")." value='yes'><img src=pic/" .get_cat_folder($cat['id']). htmlspecialchars($cat[image]) . " border='0' alt=\"" .$cat['name']."\" title=\"" .$cat['name']."\"></td>\n";
+//					$categories .= "<td align=left class=bottom style=\"padding-bottom: 4px;padding-left: ".$catpadding."px\"><input class=checkbox name=cat".$cat['id']." type=\"checkbox\" " . (strpos($CURUSER['notifs'], "[cat".$cat['id']."]") !== false ? " checked" : "")." value='yes'><img src=pic/" .get_cat_folder($cat['id']). '/'. htmlspecialchars($cat['image']) . " border='0' alt=\"" .$cat['name']."\" title=\"" .$cat['name']."\"></td>\n";
+					$categories .= "<td align=left class=bottom style=\"padding-bottom: 4px;padding-left: ".$catpadding."px\"><input class=checkbox name=cat".$cat['id']." type=\"checkbox\" " . (strpos($CURUSER['notifs'], "[cat".$cat['id']."]") !== false ? " checked" : "")." value='yes'>" . return_category_image($cat['id'], "special.php?allsec=1&amp;") . "</td>\n";
 					$i++;
 				}
 			$categories .= "</tr>";