diff --git a/database/migrations/2022_09_13_204800_add_offer_allowed_count_to_users_table.php b/database/migrations/2022_09_13_204800_add_offer_allowed_count_to_users_table.php new file mode 100644 index 00000000..297dd259 --- /dev/null +++ b/database/migrations/2022_09_13_204800_add_offer_allowed_count_to_users_table.php @@ -0,0 +1,32 @@ +integer('offer_allowed_count')->default(0); + }); + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + Schema::table('users', function (Blueprint $table) { + $table->dropColumn('offer_allowed_count'); + }); + } +}; diff --git a/public/takeupload.php b/public/takeupload.php index 56d7db26..f1312c3d 100644 --- a/public/takeupload.php +++ b/public/takeupload.php @@ -421,7 +421,7 @@ if ($is_offer) //$some_variable .= "(0, $row[userid], '" . date("Y-m-d H:i:s") . "', " . sqlesc($pn_msg) . ")"; //=== use this if you DO have subject in your PMs - sql_query("INSERT INTO messages (sender, subject, receiver, added, msg) VALUES (0, ".sqlesc($subject).", $row[userid], ".sqlesc(date("Y-m-d H:i:s")).", " . sqlesc($pn_msg) . ")") or sqlerr(__FILE__, __LINE__); + sql_query("INSERT INTO messages (sender, subject, receiver, added, msg) VALUES (0, ".sqlesc($subject).", {$row['userid']}, ".sqlesc(date("Y-m-d H:i:s")).", " . sqlesc($pn_msg) . ")") or sqlerr(__FILE__, __LINE__); //=== use this if you do NOT have subject in your PMs //sql_query("INSERT INTO messages (sender, receiver, added, msg) VALUES ".$some_variable."") or sqlerr(__FILE__, __LINE__); //===end @@ -430,6 +430,8 @@ if ($is_offer) sql_query("DELETE FROM offers WHERE id = ". $offerid); sql_query("DELETE FROM offervotes WHERE offerid = ". $offerid); sql_query("DELETE FROM comments WHERE offer = ". $offerid); + //increment user offer_allowed_count + sql_query("update users set offer_allowed_count = offer_allowed_count + 1 where id = " . $CURUSER["id"]); } //=== end notify people who voted on offer diff --git a/public/upload.php b/public/upload.php index 20986893..ba97179f 100644 --- a/public/upload.php +++ b/public/upload.php @@ -4,24 +4,17 @@ dbconn(); require_once(get_langfile_path()); loggedinorreturn(); parked(); - +$userInfo = \App\Models\User::query()->findOrFail($CURUSER['id']); if ($CURUSER["uploadpos"] == 'no') stderr($lang_upload['std_sorry'], $lang_upload['std_unauthorized_to_upload'],false); -if ($enableoffer == 'yes') { - $offerSkipApprovedCount = get_setting('main.offer_skip_approved_count'); - $allowCount = get_row_count("offers","WHERE allowed='allowed' AND userid = ". sqlesc($CURUSER["id"])); - if (is_numeric($offerSkipApprovedCount) && $offerSkipApprovedCount > 0 && $allowCount >= $offerSkipApprovedCount) { - $has_allowed_offer = true; - } else { - $has_allowed_offer = false; - } -} else { - $has_allowed_offer = false; -} +if ($enableoffer == 'yes') + $has_allowed_offer = get_row_count("offers","WHERE allowed='allowed' AND userid = ". sqlesc($CURUSER["id"])); +else $has_allowed_offer = 0; $uploadfreely = user_can_upload("torrents"); -do_log("uploadfreely: $uploadfreely, has_allowed_offer: $has_allowed_offer"); -$allowtorrents = ($has_allowed_offer || $uploadfreely); +$offerSkipApprovedCount = get_setting('main.offer_skip_approved_count'); +do_log("uploadfreely: $uploadfreely, has_allowed_offer: $has_allowed_offer, offerSkipApprovedCount: $offerSkipApprovedCount"); +$allowtorrents = ($has_allowed_offer || $uploadfreely || ($userInfo->offer_allowed_count >= $offerSkipApprovedCount)); $allowspecial = user_can_upload("music"); if (!$allowtorrents && !$allowspecial)