lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-15 13:32:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

improve use_can()

Browse Source
This commit is contained in:
xiaomlove
2022-08-24 00:19:19 +08:00
parent bb6cab0f49
commit 86dc15e79a
9 changed files with 102 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
public/announce.php
View File

@@ -35,7 +35,7 @@ if (!empty($_REQUEST['authkey'])) {
if (empty($decrypted)) {
err('Invalid authkey');
}
$userInfo = \Nexus\Database\NexusDB::remember("announce_user_passkey_$uid", 600, function () use ($uid) {
$userInfo = \Nexus\Database\NexusDB::remember("announce_user_passkey_$uid", 3600, function () use ($uid) {
return \App\Models\User::query()->where('id', $uid)->first(['id', 'passkey']);
});
if (!$userInfo) {
@@ -115,7 +115,7 @@ if (!$az = $Cache->get_value('user_passkey_'.$passkey.'_content')){
$res = sql_query("SELECT id, username, downloadpos, enabled, uploaded, downloaded, class, parked, clientselect, showclienterror, passkey, donor, donoruntil FROM users WHERE passkey=". sqlesc($passkey)." LIMIT 1");
$az = mysql_fetch_array($res);
do_log("[check passkey], currentUser: " . nexus_json_encode($az));
$Cache->cache_value('user_passkey_'.$passkey.'_content', $az, 950);
$Cache->cache_value('user_passkey_'.$passkey.'_content', $az, 3600);
}
if (!$az) err("Invalid passkey! Re-download the .torrent from $BASEURL");
$userid = intval($az['id'] ?? 0);
@@ -173,8 +173,7 @@ if (!$torrent) {
err("torrent not registered with this tracker");
}
//Do not use user_can(), some func user_can() used is not available IN_TRACKER
if ($az['class'] < $seebanned_class) {
if (!user_can('seebanned', false, $az['id'], $az['class'])) {
if ($torrent['banned'] == 'yes') {
err("torrent banned");
} elseif ($torrent['approval_status'] != \App\Models\Torrent::APPROVAL_STATUS_ALLOW && get_setting('torrent.approval_status_none_visible') == 'no') {