lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-22 02:47:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring user permissions

Browse Source
This commit is contained in:
xiaomlove
2022-08-20 19:11:28 +08:00
parent 3046837576
commit b79762686a
73 changed files with 945 additions and 326 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Console/Commands/Plugin.php
+8
View File
@@ -3,6 +3,7 @@
namespace App\Console\Commands;
use Illuminate\Console\Command;
use Nexus\Plugin\BasePlugin;
class Plugin extends Command
{
@@ -30,11 +31,18 @@ class Plugin extends Command
$plugin = new \Nexus\Plugin\Plugin();
$action = $this->argument('action');
$name = $this->argument('name');
/** @var BasePlugin $mainClass */
$mainClass = $plugin->getMainClass($name);
if (!$mainClass) {
$this->error("Can not find plugin: $name");
return 1;
}
try {
$mainClass->checkMainApplicationVersion();
} catch (\Exception $exception) {
$this->error($exception->getMessage());
return 1;
}
if ($action == 'install') {
call_user_func([$mainClass, 'install']);
} elseif ($action == 'uninstall') {
app/Console/Commands/Test.php
+3 -3
View File
@@ -86,9 +86,9 @@ class Test extends Command
*/
public function handle()
{
$user = User::query()->find(10003);
$permissions = $user->rolePermissions;
dd($permissions);
$role = Role::query()->first();
$r = $role->permissions()->createMany([['permission' => 'sss']]);
dd($r);
}
app/Models/Setting.php
+3 -3
View File
@@ -11,9 +11,9 @@ class Setting extends NexusModel
public $timestamps = true;
public static array $permissionDegeneration = [
'torrent-approval' => 'torrentmanage',
];
const PERMISSION_NO_CLASS = 100;
public static array $permissionMustHaveClass = ['defaultclass', 'staffmem'];
/**
* get setting autoload = yes with cache
app/Models/User.php
+5 -5
View File
@@ -17,8 +17,8 @@ use Laravel\Sanctum\HasApiTokens;
use Nexus\Database\NexusDB;
use Filament\Models\Contracts\FilamentUser;
use Filament\Models\Contracts\HasName;
use NexusPlugin\Permission\Models\Permission;
use NexusPlugin\Permission\Models\Role;
use NexusPlugin\Permission\Models\UserPermission;
class User extends Authenticatable implements FilamentUser, HasName
{
@@ -239,15 +239,15 @@ class User extends Authenticatable implements FilamentUser, HasName
public static function getClassName($class, $compact = false, $b_colored = false, $I18N = false)
{
$class_name = self::$classes[$class]['text'];
$class_name = self::$classes[$class]['text'] ?? '';
if ($class >= self::CLASS_VIP && $I18N) {
$class_name = nexus_trans("user.class_names.$class");
}
$class_name_color = self::$classes[$class]['text'];
$class_name_color = self::$classes[$class]['text'] ?? '';
if ($compact) {
$class_name = str_replace(" ", "",$class_name);
}
if ($b_colored) {
if ($class_name && $b_colored) {
return "<b class='" . str_replace(" ", "",$class_name_color) . "_Name'>" . $class_name . "</b>";
}
return $class_name;
@@ -476,7 +476,7 @@ class User extends Authenticatable implements FilamentUser, HasName
public function directPermissions()
{
return $this->belongsToMany(Permission::class, 'user_permissions', 'uid', 'permission_id')->withTimestamps();
return $this->hasMany(UserPermission::class, 'uid');
}
public function getAvatarAttribute($value)
app/Providers/AppServiceProvider.php
-1
View File
@@ -40,7 +40,6 @@ class AppServiceProvider extends ServiceProvider
'User',
'Torrent',
'Other',
'Permission',
'System',
]);
});
include/config.php
+1 -2
View File
@@ -149,7 +149,6 @@ $emailnotify_smtp = $SMTP['emailnotify'];
$smtptype = $SMTP['smtptype'];
$smtp_host = $SMTP['smtp_host'];
$smtp_port = $SMTP['smtp_port'];
if (strtoupper(substr(PHP_OS,0,3)=='WIN'))
$smtp_from = $SMTP['smtp_from'];
$smtpaddress = $SMTP['smtpaddress'] ?? '';
$smtpport = $SMTP['smtpport'] ?? '';
@@ -167,7 +166,7 @@ $disableemailchange = $SECURITY['changeemail'];
$cheaterdet_security = $SECURITY['cheaterdet'];
$nodetect_security = $SECURITY['nodetect'];
$defaultclass_class = $AUTHORITY['defaultclass'];
$defaultclass_class = isset(\App\Models\User::$classes[$AUTHORITY['defaultclass']]) ? $AUTHORITY['defaultclass'] : \App\Models\User::CLASS_USER;
$staffmem_class = $AUTHORITY['staffmem'];
$newsmanage_class = $AUTHORITY['newsmanage'];
$newfunitem_class = $AUTHORITY['newfunitem'];
include/functions.php
+20 -12
View File
@@ -2238,14 +2238,18 @@ function tr($x,$y,$noesc=0,$relation='', $return = false) {
print $result;
}
function tr_small($x,$y,$noesc=0,$relation='') {
function tr_small($x,$y,$noesc=0,$relation='',$return = false) {
if ($noesc)
$a = $y;
else {
$a = htmlspecialchars($y);
//$a = str_replace("\n", "<br />\n", $a);
}
print("<tr".( $relation ? " relation = \"$relation\"" : "")."><td width=\"1%\" class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$x."</td><td width=\"99%\" class=\"rowfollow\" valign=\"top\" align=\"left\">".$a."</td></tr>\n");
$result = "<tr".( $relation ? " relation = \"$relation\"" : "")."><td width=\"1%\" class=\"rowhead nowrap\" valign=\"top\" align=\"right\">".$x."</td><td width=\"99%\" class=\"rowfollow\" valign=\"top\" align=\"left\">".$a."</td></tr>";
if ($return) {
return $result;
}
print($result);
}
function twotd($x,$y,$nosec=0){
@@ -2683,7 +2687,7 @@ else {
</td>
<td class="bottom" align="right"><span class="medium"><?php echo $lang_functions['text_the_time_is_now'] ?><?php echo $datum['hours'].":".$datum['minutes']?><br />
<?php
if (get_user_class() >= $staffmem_class) {
if (user_can('staffmem')) {
$totalreports = $Cache->get_value('staff_report_count');
if ($totalreports == ""){
$totalreports = get_row_count("reports");
@@ -2791,7 +2795,7 @@ if ($msgalert)
}
}
if (get_user_class() >= $staffmem_class)
if (user_can('staffmem'))
{
//torrent approval
if (get_setting('torrent.approval_status_none_visible') == 'no') {
@@ -3182,7 +3186,7 @@ function commenttable($rows, $type, $parent_id, $review = false)
print("<div style=\"margin-top: 8pt; margin-bottom: 8pt;\"><table id=\"cid".$row["id"]."\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td class=\"embedded\" width=\"99%\">#" . $row["id"] . "&nbsp;&nbsp;<font color=\"gray\">".$lang_functions['text_by']."</font>");
print(get_username($row["user"],false,true,true,false,false,true));
print("&nbsp;&nbsp;<font color=\"gray\">".$lang_functions['text_at']."</font>".gettime($row["added"]).
($row["editedby"] && get_user_class() >= $commanage_class ? " - [<a href=\"comment.php?action=vieworiginal&amp;cid=".$row['id']."&amp;type=".$type."\">".$lang_functions['text_view_original']."</a>]" : "") . "</td><td class=\"embedded nowrap\" width=\"1%\"><a href=\"#top\"><img class=\"top\" src=\"pic/trans.gif\" alt=\"Top\" title=\"Top\" /></a>&nbsp;&nbsp;</td></tr></table></div>");
($row["editedby"] && user_can('commanage') ? " - [<a href=\"comment.php?action=vieworiginal&amp;cid=".$row['id']."&amp;type=".$type."\">".$lang_functions['text_view_original']."</a>]" : "") . "</td><td class=\"embedded nowrap\" width=\"1%\"><a href=\"#top\"><img class=\"top\" src=\"pic/trans.gif\" alt=\"Top\" title=\"Top\" /></a>&nbsp;&nbsp;</td></tr></table></div>");
$avatar = ($CURUSER["avatars"] == "yes" ? htmlspecialchars(trim($userRow["avatar"])) : "");
if (!$avatar)
$avatar = "pic/default_avatar.png";
@@ -3201,7 +3205,7 @@ function commenttable($rows, $type, $parent_id, $review = false)
print("<td class=\"rowfollow\" valign=\"top\"><br />".$text.$text_editby."</td>\n");
print("</tr>\n");
$actionbar = "<a href=\"comment.php?action=add&amp;sub=quote&amp;cid=".$row['id']."&amp;pid=".$parent_id."&amp;type=".$type."\"><img class=\"f_quote\" src=\"pic/trans.gif\" alt=\"Quote\" title=\"".$lang_functions['title_reply_with_quote']."\" /></a>".
"<a href=\"comment.php?action=add&amp;pid=".$parent_id."&amp;type=".$type."\"><img class=\"f_reply\" src=\"pic/trans.gif\" alt=\"Add Reply\" title=\"".$lang_functions['title_add_reply']."\" /></a>".(get_user_class() >= $commanage_class ? "<a href=\"comment.php?action=delete&amp;cid=".$row['id']."&amp;type=".$type."\"><img class=\"f_delete\" src=\"pic/trans.gif\" alt=\"Delete\" title=\"".$lang_functions['title_delete']."\" /></a>" : "").($row["user"] == $CURUSER["id"] || get_user_class() >= $commanage_class ? "<a href=\"comment.php?action=edit&amp;cid=".$row['id']."&amp;type=".$type."\"><img class=\"f_edit\" src=\"pic/trans.gif\" alt=\"Edit\" title=\"".$lang_functions['title_edit']."\" />"."</a>" : "");
"<a href=\"comment.php?action=add&amp;pid=".$parent_id."&amp;type=".$type."\"><img class=\"f_reply\" src=\"pic/trans.gif\" alt=\"Add Reply\" title=\"".$lang_functions['title_add_reply']."\" /></a>".(user_can('commanage') ? "<a href=\"comment.php?action=delete&amp;cid=".$row['id']."&amp;type=".$type."\"><img class=\"f_delete\" src=\"pic/trans.gif\" alt=\"Delete\" title=\"".$lang_functions['title_delete']."\" /></a>" : "").($row["user"] == $CURUSER["id"] || get_user_class() >= $commanage_class ? "<a href=\"comment.php?action=edit&amp;cid=".$row['id']."&amp;type=".$type."\"><img class=\"f_edit\" src=\"pic/trans.gif\" alt=\"Edit\" title=\"".$lang_functions['title_edit']."\" />"."</a>" : "");
print("<tr><td class=\"toolbox\"> ".("'".$userRow['last_access']."'"> $dt ? "<img class=\"f_online\" src=\"pic/trans.gif\" alt=\"Online\" title=\"".$lang_functions['title_online']."\" />":"<img class=\"f_offline\" src=\"pic/trans.gif\" alt=\"Offline\" title=\"".$lang_functions['title_offline']."\" />" )."<a href=\"sendmessage.php?receiver=".htmlspecialchars(trim($row["user"]))."\"><img class=\"f_pm\" src=\"pic/trans.gif\" alt=\"PM\" title=\"".$lang_functions['title_send_message_to'].htmlspecialchars($userRow["username"])."\" /></a><a href=\"report.php?commentid=".htmlspecialchars(trim($row["id"]))."\"><img class=\"f_report\" src=\"pic/trans.gif\" alt=\"Report\" title=\"".$lang_functions['title_report_this_comment']."\" /></a></td><td class=\"toolbox\" align=\"right\">".$actionbar."</td>");
print("</tr></table>\n");
@@ -3415,7 +3419,7 @@ if ($CURUSER['showcomnum'] != 'no') { ?>
<td class="colhead"><a href="?<?php echo $oldlink?>sort=6&amp;type=<?php echo $link[6]?>"><img class="snatched" src="pic/trans.gif" alt="snatched" title="<?php echo $lang_functions['title_number_of_snatched']?>" /></a></td>
<td class="colhead"><a href="?<?php echo $oldlink?>sort=9&amp;type=<?php echo $link[9]?>"><?php echo $lang_functions['col_uploader']?></a></td>
<?php
if (get_user_class() >= $torrentmanage_class) { ?>
if (user_can('torrentmanage')) { ?>
<td class="colhead"><?php echo $lang_functions['col_action'] ?></td>
<?php } ?>
</tr>
@@ -3653,7 +3657,7 @@ foreach ($rows as $row)
else
print("<td class=\"rowfollow\">" . number_format($row["times_completed"]) . "</td>\n");
if ($row["anonymous"] == "yes" && get_user_class() >= $torrentmanage_class)
if ($row["anonymous"] == "yes" && user_can('torrentmanage'))
{
print("<td class=\"rowfollow\" align=\"center\"><i>".$lang_functions['text_anonymous']."</i><br />".(isset($row["owner"]) ? "(" . get_username($row["owner"]) .")" : "<i>".$lang_functions['text_orphaned']."</i>") . "</td>\n");
}
@@ -3666,7 +3670,7 @@ foreach ($rows as $row)
print("<td class=\"rowfollow\">" . (isset($row["owner"]) ? get_username($row["owner"]) : "<i>".$lang_functions['text_orphaned']."</i>") . "</td>\n");
}
if (get_user_class() >= $torrentmanage_class)
if (user_can('torrentmanage'))
{
print("<td class=\"rowfollow\"><a href=\"".htmlspecialchars("fastdelete.php?id=".$row['id'])."\"><img class=\"staff_delete\" src=\"pic/trans.gif\" alt=\"D\" title=\"".$lang_functions['text_delete']."\" /></a>");
print("<br /><a href=\"edit.php?returnto=" . rawurlencode($_SERVER["REQUEST_URI"]) . "&amp;id=" . $row["id"] . "\"><img class=\"staff_edit\" src=\"pic/trans.gif\" alt=\"E\" title=\"".$lang_functions['text_edit']."\" /></a></td>\n");
@@ -4113,8 +4117,12 @@ function getSmileIt($formname, $taname, $smilyNumber) {
return "<a href=\"javascript: SmileIT('[em$smilyNumber]','".$formname."','".$taname."')\" onmouseover=\"domTT_activate(this, event, 'content', '".htmlspecialchars("<table><tr><td><img src=\'pic/smilies/$smilyNumber.gif\' alt=\'\' /></td></tr></table>")."', 'trail', false, 'delay', 0,'lifetime',10000,'styleClass','smilies','maxWidth', 400);\"><img style=\"max-width: 25px;\" src=\"pic/smilies/$smilyNumber.gif\" alt=\"\" /></a>";
}
function classlist($selectname,$maxclass, $selected, $minClass = 0){
function classlist($selectname,$maxclass, $selected, $minClass = 0, $includeNoClass = false){
global $lang_functions;
$list = "<select name=\"".$selectname."\">";
if ($includeNoClass) {
$list .= sprintf('<option value="%s">%s</option>', \App\Models\Setting::PERMISSION_NO_CLASS, $lang_functions['select_an_user_class']);
}
for ($i = $minClass; $i <= $maxclass; $i++)
$list .= "<option value=\"".$i."\"" . ($selected == $i ? " selected=\"selected\"" : "") . ">" . get_user_class_name($i,false,false,true) . "</option>\n";
$list .= "</select>";
@@ -4802,14 +4810,14 @@ function user_can_upload($where = "torrents"){
return false;
if ($where == "torrents")
{
if (get_user_class() >= $upload_class)
if (user_can('upload'))
return true;
if (get_if_restricted_is_open())
return true;
}
if ($where == "music")
{
if ($enablespecial == 'yes' && get_user_class() >= $uploadspecial_class)
if ($enablespecial == 'yes' && user_can('uploadspecial'))
return true;
}
return false;
include/globalfunctions.php
+25 -8
View File
@@ -1,5 +1,7 @@
<?php
use App\Models\User;
function get_global_sp_state()
{
static $global_promotion_state;
@@ -735,7 +737,7 @@ function add_filter($name, $function, $priority = 10, $argc = 1)
function apply_filter($name, ...$args)
{
global $hook;
do_log("[APPLY_FILTER]: $name");
// do_log("[APPLY_FILTER]: $name");
return $hook->applyFilter(...func_get_args());
}
@@ -748,7 +750,7 @@ function add_action($name, $function, $priority = 10, $argc = 1)
function do_action($name, ...$args)
{
global $hook;
do_log("[DO_ACTION]: $name");
// do_log("[DO_ACTION]: $name");
return $hook->doAction(...func_get_args());
}
@@ -902,7 +904,7 @@ function clear_setting_cache()
\Nexus\Database\NexusDB::cache_del('nexus_settings_in_nexus');
}
function user_can($permission, $uid = 0): bool
function user_can($permission, $fail = false, $uid = 0): bool
{
if ($uid == 0) {
$uid = get_user_id();
@@ -910,13 +912,28 @@ function user_can($permission, $uid = 0): bool
if ($uid <= 0) {
return false;
}
$userInfo = get_user_row($uid);
$log = "permission: $permission, user: $uid, userClass: {$userInfo['class']}";
if ($userInfo['class'] == User::CLASS_STAFF_LEADER) {
do_log("$log, CLASS_STAFF_LEADER, true");
return true;
}
$result = apply_filter('nexus_user_can', null, $permission, $uid);
if (is_bool($result)) {
$requireClass = get_setting("authority.$permission");
if (!is_bool($result)) {
$result = is_numeric($requireClass) && $requireClass >= 0 && $requireClass < $userInfo['class'];
do_log("$log, requireClass: $requireClass, result: $result");
}
if (!$fail || $result) {
return $result;
}
if (isset(\App\Models\Setting::$permissionDegeneration[$permission])) {
$permission = \App\Models\Setting::$permissionDegeneration[$permission];
if (IN_NEXUS && !IN_TRACKER) {
global $lang_functions;
if (isset(User::$classes[$requireClass])) {
stderr($lang_functions['std_sorry'],$lang_functions['std_permission_denied_only'].get_user_class_name($requireClass,false,true,true).$lang_functions['std_or_above_can_view'],false);
} else {
stderr($lang_functions['std_error'], $lang_functions['std_permission_denied']);
}
}
$requireClass = get_setting("authority.$permission");
return is_numeric($requireClass) && $requireClass < get_user_class();
throw new \Illuminate\Auth\Access\AuthorizationException();
}
lang/chs/lang_functions.php
+1
View File
@@ -324,6 +324,7 @@ $lang_functions = array
'full_site_promotion_in_effect' => '全站 [%s] 生效中!截止时间:%s',
'text_torrent_to_approval' => '有 %s%u 个待审核的种子%s',
'std_confirm_remove' => '确定要删除吗?',
'select_an_user_class' => '选择一个用户等级',
);
?>
lang/cht/lang_functions.php
+1
View File
@@ -331,6 +331,7 @@ $lang_functions = array
'full_site_promotion_in_effect' => '全站 [%s] 生效中!截止時間:%s',
'text_torrent_to_approval' => '有 %s%u 個待審核的種子%s',
'std_confirm_remove' => '確定要刪除嗎?',
'select_an_user_class' => '選擇一個用戶等級',
);
?>
lang/en/lang_functions.php
+1
View File
@@ -332,6 +332,7 @@ $lang_functions = array
'full_site_promotion_in_effect' => 'Full site [%s] in effect! Deadline: %s',
'text_torrent_to_approval' => 'There %s%u not approval torrent%s.',
'std_confirm_remove' => 'Are you sure you want to delete it?',
'select_an_user_class' => 'Select an user class',
);
?>
nexus/Install/settings.default.php
+1
View File
@@ -174,6 +174,7 @@ return array (
'userbar' => '2',
'view_special_torrent' => '4',
'torrent_hr' => User::CLASS_ADMINISTRATOR,
'torrent-approval' => User::CLASS_ADMINISTRATOR,
),
'tweak' =>
array (
nexus/Plugin/BasePlugin.php
+11
View File
@@ -25,4 +25,15 @@ abstract class BasePlugin extends BaseRepository
Artisan::call($toExecute);
}
}
public function checkMainApplicationVersion()
{
$constantName = "static::COMPATIBLE_VERSION";
if (defined($constantName) && version_compare(VERSION_NUMBER, constant($constantName), '<')) {
throw new \RuntimeException(sprintf(
"NexusPHP version: %s is too low, this plugin require: %s",
VERSION_NUMBER, constant($constantName)
));
}
}
}
nexus/Plugin/Hook.php
+2 -2
View File
@@ -38,7 +38,7 @@ class Hook
$args = func_get_args();
ksort(self::$callbacks[$name]);
reset(self::$callbacks[$name]);
do_log("name: $name, argc: " . (func_num_args() - 1));
// do_log("name: $name, argc: " . (func_num_args() - 1));
do {
foreach ((array)current(self::$callbacks[$name]) as $id => $callback) {
$args[1] = $value;
@@ -65,7 +65,7 @@ class Hook
$args = func_get_args();
ksort(self::$callbacks[$name]);
reset(self::$callbacks[$name]);
do_log("name: $name, argc: " . (func_num_args() - 1));
// do_log("name: $name, argc: " . (func_num_args() - 1));
do {
foreach ((array)current(self::$callbacks[$name]) as $id => $callback) {
// do_log("name: $name, id: $id, before, params: " . nexus_json_encode(array_slice($args, 1, $callback['argc'])));
public/cheaterbox.php
+2 -3
View File
@@ -5,8 +5,7 @@ require_once(get_langfile_path());
loggedinorreturn();
parked();
if (get_user_class() < $staffmem_class)
permissiondenied();
user_can('staffmem', true);
if (!empty($_POST['setdealt'])) {
@@ -62,7 +61,7 @@ while ($row = mysql_fetch_array($cheatersres))
print("<tr><td class=rowfollow>".gettime($row['added'])."</td><td class=rowfollow>" . get_username($row['userid']) . "</td><td class=rowfollow>" . $row['hit'] . "</td><td class=rowfollow>" . $torrent . "</td><td class=rowfollow>".mksize($row['uploaded']).($upspeed ? " @ ".mksize($upspeed)."/s" : "")."</td><td class=rowfollow>".mksize($row['downloaded']).($lespeed ? " @ ".mksize($lespeed)."/s" : "")."</td><td class=rowfollow>".$row['anctime']." sec"."</td><td class=rowfollow>".$row['seeders']."</td><td class=rowfollow>".$row['leechers']."</td><td class=rowfollow>".htmlspecialchars($row['comment'])."</td><td class=rowfollow>".$dealtwith."</td><td class=rowfollow><input type=\"checkbox\" name=\"delcheater[]\" value=\"" . $row['id'] . "\" /></td></tr>\n");
}
?>
<tr><td class="colhead" colspan="12" style="text-align: right"><input type="submit" name="setdealt" value="<?php echo $lang_cheaterbox['submit_set_dealt']?>" /><input type="submit" name="delete" value="<?php echo $lang_cheaterbox['submit_delete']?>" /></td></tr>
<tr><td class="colhead" colspan="12" style="text-align: right"><input type="submit" name="setdealt" value="<?php echo $lang_cheaterbox['submit_set_dealt']?>" /><input type="submit" name="delete" value="<?php echo $lang_cheaterbox['submit_delete']?>" /></td></tr>
</form>
<?php
print("</table>");
public/comment.php
+4 -4
View File
@@ -26,7 +26,7 @@ if ($action == "add")
{
// Anti Flood Code
// This code ensures that a member can only send one comment per minute.
if (get_user_class() < $commanage_class) {
if (!user_can('commanage')) {
if (strtotime($CURUSER['last_comment']) > (TIMENOW - 10))
{
$secs = 10 - (TIMENOW - strtotime($CURUSER['last_comment']));
@@ -165,7 +165,7 @@ elseif ($action == "edit")
if (!$arr)
stderr($lang_comment['std_error'], $lang_comment['std_invalid_id']);
if ($arr["user"] != $CURUSER["id"] && get_user_class() < $commanage_class)
if ($arr["user"] != $CURUSER["id"] && !user_can('commanage'))
stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']);
if ($_SERVER["REQUEST_METHOD"] == "POST")
@@ -208,7 +208,7 @@ elseif ($action == "edit")
}
elseif ($action == "delete")
{
if (get_user_class() < $commanage_class)
if (!user_can('commanage'))
stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']);
$commentid = intval($_GET["cid"] ?? 0);
@@ -265,7 +265,7 @@ elseif ($action == "delete")
}
elseif ($action == "vieworiginal")
{
if (get_user_class() < $commanage_class)
if (!user_can('commanage'))
stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']);
$commentid = intval($_GET["cid"] ?? 0);
public/complains.php
+1 -1
View File
@@ -4,7 +4,7 @@ dbconn();
require get_langfile_path();
$isLogin = isset($CURUSER['id']);
$isAdmin = get_user_class() >= $staffmem_class;
$isAdmin = user_can('staffmem');
if($isLogin && !$isAdmin) {
permissiondenied();
public/delete.php
+1 -1
View File
@@ -25,7 +25,7 @@ $row = mysql_fetch_array($res);
if (!$row)
die();
if ($CURUSER["id"] != $row["owner"] && get_user_class() < $torrentmanage_class)
if ($CURUSER["id"] != $row["owner"] && !user_can('torrentmanage'))
bark($lang_delete['std_not_owner']);
$rt = intval($_POST["reasontype"] ?? 0);
public/details.php
+11 -11
View File
@@ -23,7 +23,7 @@ FROM torrents LEFT JOIN categories ON torrents.category = categories.id
WHERE torrents.id = $id LIMIT 1")
or sqlerr();
$row = mysql_fetch_array($res);
if (get_user_class() >= $torrentmanage_class || $CURUSER["id"] == $row["owner"])
if (user_can('torrentmanage') || $CURUSER["id"] == $row["owner"])
$owned = 1;
else $owned = 0;
@@ -31,7 +31,7 @@ $settingMain = get_setting('main');
if (!$row) {
stderr($lang_details['std_error'], $lang_details['std_no_torrent_id']);
} elseif (
($row['banned'] == 'yes' && get_user_class() < $seebanned_class && $row['owner'] != $CURUSER['id'])
($row['banned'] == 'yes' && !user_can('seebanned') && $row['owner'] != $CURUSER['id'])
|| (!can_access_torrent($row) && $row['owner'] != $CURUSER['id'])
) {
permissiondenied();
@@ -101,7 +101,7 @@ if (!$row) {
// ------------- start upped by block ------------------//
if($row['anonymous'] == 'yes') {
if (get_user_class() < $viewanonymous_class)
if (!user_can('viewanonymous'))
$uprow = "<i>".$lang_details['text_anonymous']."</i>";
else
$uprow = "<i>".$lang_details['text_anonymous']."</i> (" . get_username($row['owner'], false, true, true, false, false, true) . ")";
@@ -153,10 +153,10 @@ if (!$row) {
if ($owned == 1) {
$actions[] = "<$editlink><img class=\"dt_edit\" src=\"pic/trans.gif\" alt=\"edit\" />&nbsp;<b><font class=\"small\">".$lang_details['text_edit_torrent'] . "</font></b></a>";
}
if (get_user_class() >= $askreseed_class && $row['seeders'] == 0) {
if (user_can('askreseed') && $row['seeders'] == 0) {
$actions[] = "<a title=\"".$lang_details['title_ask_for_reseed']."\" href=\"takereseed.php?reseedid=$id\"><img class=\"dt_reseed\" src=\"pic/trans.gif\" alt=\"reseed\">&nbsp;<b><font class=\"small\">".$lang_details['text_ask_for_reseed'] ."</font></b></a>";
}
if (get_user_class() >= $torrentmanage_class && (get_setting('torrent.approval_status_icon_enabled') == 'yes' || get_setting('torrent.approval_status_none_visible') == 'no')) {
if (user_can('torrentmanage') && (get_setting('torrent.approval_status_icon_enabled') == 'yes' || get_setting('torrent.approval_status_none_visible') == 'no')) {
$approvalIcon = '<svg t="1655224943277" class="icon" viewBox="0 0 1397 1024" version="1.1" xmlns="http://www.w3.org/2000/svg" p-id="45530" width="16" height="16"><path d="M1396.363636 121.018182c0 0-223.418182 74.472727-484.072727 372.363636-242.036364 269.963636-297.890909 381.672727-390.981818 530.618182C512 1014.690909 372.363636 744.727273 0 549.236364l195.490909-186.181818c0 0 176.872727 121.018182 297.890909 344.436364 0 0 307.2-474.763636 902.981818-707.490909L1396.363636 121.018182 1396.363636 121.018182zM1396.363636 121.018182" p-id="45531" fill="#e78d0f"></path></svg>';
$actions[] = sprintf(
'<a href="javascript:;"><b><font id="approval" class="small approval" data-torrent_id="%s">%s&nbsp;%s</font></b></a>',
@@ -230,7 +230,7 @@ JS;
while($a = mysql_fetch_assoc($r))
{
$lang = "<tr><td class=\"embedded\"><img border=\"0\" src=\"pic/flag/". $a["flagpic"] . "\" alt=\"" . $a["lang_name"] . "\" title=\"" . $a["lang_name"] . "\" style=\"padding-bottom: 4px\" /></td>";
$lang .= "<td class=\"embedded\">&nbsp;&nbsp;<a href=\"downloadsubs.php?torrentid=".$a['torrent_id']."&subid=".$a['id']."\"><u>". $a["title"]. "</u></a>".(get_user_class() >= $submanage_class || (get_user_class() >= $delownsub_class && $a["uppedby"] == $CURUSER["id"]) ? " <font class=\"small\"><a href=\"subtitles.php?delete=".$a['id']."\">[".$lang_details['text_delete']."</a>]</font>" : "")."</td><td class=\"embedded\">&nbsp;&nbsp;".($a["anonymous"] == 'yes' ? $lang_details['text_anonymous'] . (get_user_class() >= $viewanonymous_class ? get_username($a['uppedby'],false,true,true,false,true) : "") : get_username($a['uppedby']))."</td></tr>";
$lang .= "<td class=\"embedded\">&nbsp;&nbsp;<a href=\"downloadsubs.php?torrentid=".$a['torrent_id']."&subid=".$a['id']."\"><u>". $a["title"]. "</u></a>".(user_can('submanage') || (user_can('delownsub') && $a["uppedby"] == $CURUSER["id"]) ? " <font class=\"small\"><a href=\"subtitles.php?delete=".$a['id']."\">[".$lang_details['text_delete']."</a>]</font>" : "")."</td><td class=\"embedded\">&nbsp;&nbsp;".($a["anonymous"] == 'yes' ? $lang_details['text_anonymous'] . (user_can('viewanonymous') ? get_username($a['uppedby'],false,true,true,false,true) : "") : get_username($a['uppedby']))."</td></tr>";
print($lang);
}
}
@@ -238,7 +238,7 @@ JS;
print("<tr><td class=\"embedded\">".$lang_details['text_no_subtitles']."</td></tr>");
print("</table>");
print("<table border=\"0\" cellspacing=\"0\"><tr>");
if($CURUSER['id']==$row['owner'] || get_user_class() >= $uploadsub_class)
if($CURUSER['id']==$row['owner'] || !user_can('uploadsub'))
{
print("<td class=\"embedded\"><form method=\"post\" action=\"subtitles.php\"><input type=\"hidden\" name=\"torrent_name\" value=\"" . $row["name"]. "\" /><input type=\"hidden\" name=\"detail_torrent_id\" value=\"" . $row["id"]. "\" /><input type=\"hidden\" name=\"in_detail\" value=\"in_detail\" /><input type=\"submit\" value=\"".$lang_details['submit_upload_subtitles']."\" /></form></td>");
}
@@ -282,7 +282,7 @@ JS;
tr("<a href=\"javascript: klappe_news('descr')\"><span class=\"nowrap\"><img class=\"minus\" src=\"pic/trans.gif\" alt=\"Show/Hide\" id=\"picdescr\" title=\"".($lang_details['title_show_or_hide'] ?? '')."\" /> ".$lang_details['row_description']."</span></a>", "<div id='kdescr'>".($Advertisement->enable_ad() && $torrentdetailad ? "<div align=\"left\" style=\"margin-bottom: 10px\" id=\"\">".$torrentdetailad[0]."</div>" : "").$desc."</div>", 1);
}
if (get_user_class() >= $viewnfo_class && $CURUSER['shownfo'] != 'no' && $row["nfosz"] > 0){
if (user_can('viewnfo') && $CURUSER['shownfo'] != 'no' && $row["nfosz"] > 0){
if (!$nfo = $Cache->get_value('nfo_block_torrent_id_'.$id)){
$nfo = code($row["nfo"], $view == "magic");
$Cache->cache_value('nfo_block_torrent_id_'.$id, $nfo, 604800);
@@ -335,7 +335,7 @@ JS;
echo $Cache->next_row();
$Cache->next_row();
echo $Cache->next_part();
if (get_user_class() >= $updateextinfo_class)
if (user_can('updateextinfo'))
echo $Cache->next_part();
echo $Cache->next_row();
break;
@@ -355,7 +355,7 @@ JS;
echo $Cache->next_row();
$Cache->next_row();
echo $Cache->next_part();
if (get_user_class() >= $updateextinfo_class){
if (user_can('updateextinfo')){
echo $Cache->next_part();
}
echo $Cache->next_row();
@@ -423,7 +423,7 @@ JS;
return sprintf("%02x", ord($matches[0]));
}
if ($enablenfo_main=='yes')
tr($lang_details['row_torrent_info'], "<table><tr>" . (!empty($files_info) ? "<td class=\"no_border_wide\">" . $files_info . "</td>" : "") . "<td class=\"no_border_wide\"><b>".$lang_details['row_info_hash'].":</b>&nbsp;".preg_replace_callback('/./s', "hex_esc", hash_pad($row["info_hash"]))."</td>". (get_user_class() >= $torrentstructure_class ? "<td class=\"no_border_wide\"><b>" . $lang_details['text_torrent_structure'] . "</b><a href=\"torrent_info.php?id=".$id."\">".$lang_details['text_torrent_info_note']."</a></td>" : "") . "</tr></table><span id='filelist'></span>",1);
tr($lang_details['row_torrent_info'], "<table><tr>" . (!empty($files_info) ? "<td class=\"no_border_wide\">" . $files_info . "</td>" : "") . "<td class=\"no_border_wide\"><b>".$lang_details['row_info_hash'].":</b>&nbsp;".preg_replace_callback('/./s', "hex_esc", hash_pad($row["info_hash"]))."</td>". (user_can('torrentstructure') ? "<td class=\"no_border_wide\"><b>" . $lang_details['text_torrent_structure'] . "</b><a href=\"torrent_info.php?id=".$id."\">".$lang_details['text_torrent_info_note']."</a></td>" : "") . "</tr></table><span id='filelist'></span>",1);
tr($lang_details['row_hot_meter'], "<table><tr><td class=\"no_border_wide\"><b>" . $lang_details['text_views']."</b>". $row["views"] . "</td><td class=\"no_border_wide\"><b>" . $lang_details['text_hits']. "</b>" . $row["hits"] . "</td><td class=\"no_border_wide\"><b>" .$lang_details['text_snatched'] . "</b><a href=\"viewsnatches.php?id=".$id."\"><b>" . $row["times_completed"]. $lang_details['text_view_snatches'] . "</td><td class=\"no_border_wide\"><b>" . $lang_details['row_last_seeder']. "</b>" . gettime($row["last_action"]) . "</td></tr></table>",1);
$bwres = sql_query("SELECT uploadspeed.name AS upname, downloadspeed.name AS downname, isp.name AS ispname FROM users LEFT JOIN uploadspeed ON users.upload = uploadspeed.id LEFT JOIN downloadspeed ON users.download = downloadspeed.id LEFT JOIN isp ON users.isp = isp.id WHERE users.id=".$row['owner']);
$bwrow = mysql_fetch_array($bwres);
public/download.php
+1 -1
View File
@@ -108,7 +108,7 @@ if (filesize($fn) == 0) {
httperr();
}
$approvalNotAllowed = $row['approval_status'] != \App\Models\Torrent::APPROVAL_STATUS_ALLOW && get_setting('torrent.approval_status_none_visible') == 'no';
if ((($row['banned'] == 'yes' || $approvalNotAllowed) && get_user_class() < $seebanned_class) || !can_access_torrent($row)) {
if ((($row['banned'] == 'yes' || $approvalNotAllowed) && !user_can('seebanned')) || !can_access_torrent($row)) {
denyDownload();
}
public/edit.php
+7 -7
View File
@@ -20,7 +20,7 @@ $customField = new \Nexus\Field\Field();
$tagIdArr = \App\Models\TorrentTag::query()->where('torrent_id', $id)->get()->pluck('tag_id')->toArray();
if ($enablespecial == 'yes' && get_user_class() >= $movetorrent_class)
if ($enablespecial == 'yes' && user_can('movetorrent'))
$allowmove = true; //enable moving torrent to other section
else $allowmove = false;
@@ -46,7 +46,7 @@ $showaudiocodec = (get_searchbox_value($sectionmode, 'showaudiocodec') || ($allo
$settingMain = get_setting('main');
stdhead($lang_edit['head_edit_torrent'] . "\"". $row["name"] . "\"");
if (!isset($CURUSER) || ($CURUSER["id"] != $row["owner"] && get_user_class() < $torrentmanage_class)) {
if (!isset($CURUSER) || ($CURUSER["id"] != $row["owner"] && !user_can('torrentmanage'))) {
print("<h1 align=\"center\">".$lang_edit['text_cannot_edit_torrent']."</h1>");
print("<p>".$lang_edit['text_cannot_edit_torrent_note']."</p>");
}
@@ -150,17 +150,17 @@ else {
tr($lang_functions['text_tags'], (new \App\Repositories\TagRepository())->renderCheckbox($tagIdArr), 1);
$rowChecks = [];
if (get_user_class() >= $beanonymous_class || get_user_class() >= $torrentmanage_class) {
if (user_can('beanonymous') || user_can('torrentmanage')) {
$rowChecks[] = "<label><input type=\"checkbox\" name=\"anonymous\"" . ($row["anonymous"] == "yes" ? " checked=\"checked\"" : "" ) . " value=\"1\" />".$lang_edit['checkbox_anonymous_note']."</label>";
}
if (get_user_class() >= $torrentmanage_class) {
if (user_can('torrentmanage')) {
array_unshift($rowChecks, "<label><input id='visible' type=\"checkbox\" name=\"visible\"" . ($row["visible"] == "yes" ? " checked=\"checked\"" : "" ) . " value=\"1\" />".$lang_edit['checkbox_visible']."</label>");
}
if (!empty($rowChecks)) {
tr($lang_edit['row_check'], implode('&nbsp;&nbsp;', $rowChecks), 1);
}
if (get_user_class()>= $torrentsticky_class || (get_user_class() >= $torrentmanage_class && $CURUSER["picker"] == 'yes')){
if (user_can('torrentsticky') || (user_can('torrentmanage') && $CURUSER["picker"] == 'yes')){
$pickcontent = $pickcontentPrefix = "";
if(get_user_class() >= $torrentonpromotion_class)
@@ -173,7 +173,7 @@ else {
}
$pickcontent .= '</select>)&nbsp;'.$lang_edit['text_promotion_until_note'].'</span>&nbsp;&nbsp;';
}
if(get_user_class()>=$torrentsticky_class)
if(user_can('torrentsticky'))
{
if ($pickcontent) {
$pickcontent .= "<br />";
@@ -184,7 +184,7 @@ else {
}
$pickcontent .= "<b>".$lang_edit['row_torrent_position'].":&nbsp;</b>"."<select name=\"sel_posstate\" style=\"width: 100px;\">" . implode('', $options) . "</select>&nbsp;&nbsp;&nbsp;";
}
if(get_user_class()>=$torrentmanage_class && ($CURUSER["picker"] == 'yes' || get_user_class() >= \App\Models\User::CLASS_SYSOP))
if(user_can('torrentmanage') && ($CURUSER["picker"] == 'yes' || get_user_class() >= \App\Models\User::CLASS_SYSOP))
{
if ($pickcontent) $pickcontent .= '<br />';
$pickcontent .= "<b>".$lang_edit['row_recommended_movie'].":&nbsp;</b>"."<select name=\"sel_recmovie\" style=\"width: 100px;\">" .
public/fastdelete.php
+1 -1
View File
@@ -24,7 +24,7 @@ $row = mysql_fetch_array($res);
if (!$row)
die();
if (get_user_class() < $torrentmanage_class)
if (!user_can('torrentmanage'))
bark($lang_fastdelete['text_no_permission']);
if (!$sure)
public/forummanage.php
+3 -4
View File
@@ -8,8 +8,7 @@ $prefix = '';
$user = $CURUSER;
$PHP_SELF = $_SERVER['PHP_SELF'];
if (get_user_class() < $forummanage_class)
permissiondenied();
user_can('forummanage', true);
// DELETE FORUM ACTION
if (isset($_GET['action']) && $_GET['action'] == "del") {
@@ -180,8 +179,8 @@ $nr = mysql_num_rows($res);
<?php
} while($row = mysql_fetch_array($result));
}
else
}
else
{
print ($lang_forummanage['text_no_records_found']);
}
public/forums.php
+14 -14
View File
@@ -307,7 +307,7 @@ if ($action == "editpost")
$locked = ($arr2["locked"] == 'yes');
$ismod = is_forum_moderator($postid, 'post');
if (($CURUSER["id"] != $arr["userid"] || $locked) && get_user_class() < $postmanage_class && !$ismod)
if (($CURUSER["id"] != $arr["userid"] || $locked) && !user_can('postmanage') && !$ismod)
permissiondenied();
stdhead($lang_forums['text_edit_post']);
@@ -390,7 +390,7 @@ if ($action == "post")
$res = sql_query("SELECT locked FROM topics WHERE id=$topicid") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die("Topic id n/a");
if ($arr["locked"] == 'yes' && get_user_class() < $postmanage_class && !is_forum_moderator($topicid, 'topic'))
if ($arr["locked"] == 'yes' && !user_can('postmanage') && !is_forum_moderator($topicid, 'topic'))
stderr($lang_forums['std_error'], $lang_forums['std_topic_locked']);
}
@@ -429,7 +429,7 @@ if ($action == "post")
// Anti Flood Code
// To ensure that posts are not entered within 10 seconds limiting posts
// to a maximum of 360*6 per hour.
if (get_user_class() < $postmanage_class) {
if (!user_can('postmanage')) {
if (strtotime($CURUSER['last_post']) > (TIMENOW - 10))
{
$secs = 10 - (TIMENOW - strtotime($CURUSER['last_post']));
@@ -547,7 +547,7 @@ if ($action == "viewtopic")
if (get_user_class() < $row["minclassread"])
stderr($lang_forums['std_error'], $lang_forums['std_unpermitted_viewing_topic']);
if (((get_user_class() >= $row["minclasswrite"] && !$locked) || get_user_class() >= $postmanage_class || $is_forummod) && $CURUSER["forumpost"] == 'yes')
if (((get_user_class() >= $row["minclasswrite"] && !$locked) || user_can('postmanage') || $is_forummod) && $CURUSER["forumpost"] == 'yes')
$maypost = true;
else $maypost = false;
@@ -768,17 +768,17 @@ if ($action == "viewtopic")
if ($maypost)
print("<a href=\"".htmlspecialchars("?action=quotepost&postid=".$postid)."\"><img class=\"f_quote\" src=\"pic/trans.gif\" alt=\"Quote\" title=\"".$lang_forums['title_reply_with_quote']."\" /></a>");
if (get_user_class() >= $postmanage_class || $is_forummod)
if (user_can('postmanage') || $is_forummod)
print("<a href=\"".htmlspecialchars("?action=deletepost&postid=".$postid)."\"><img class=\"f_delete\" src=\"pic/trans.gif\" alt=\"Delete\" title=\"".$lang_forums['title_delete_post']."\" /></a>");
if (($CURUSER["id"] == $posterid && !$locked) || get_user_class() >= $postmanage_class || $is_forummod)
if (($CURUSER["id"] == $posterid && !$locked) || user_can('postmanage') || $is_forummod)
print("<a href=\"".htmlspecialchars("?action=editpost&postid=".$postid)."\"><img class=\"f_edit\" src=\"pic/trans.gif\" alt=\"Edit\" title=\"".$lang_forums['title_edit_post']."\" /></a>");
print("</td></tr></table>");
}
//------ Mod options
if (get_user_class() >= $postmanage_class || $is_forummod)
if (user_can('postmanage') || $is_forummod)
{
print("</td></tr><tr><td class=\"toolbox\" align=\"center\">\n");
print("<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"left\">\n");
@@ -883,7 +883,7 @@ if ($action == "movetopic")
$topicid = intval($_GET["topicid"] ?? 0);
$ismod = is_forum_moderator($topicid,'topic');
if (!is_valid_id($forumid) || !is_valid_id($topicid) || (get_user_class() < $postmanage_class && !$ismod))
if (!is_valid_id($forumid) || !is_valid_id($topicid) || (!user_can('postmanage') && !$ismod))
permissiondenied();
// Make sure topic and forum is valid
@@ -946,7 +946,7 @@ if ($action == "deletetopic")
$userid = $row1['userid'];
}
$ismod = is_forum_moderator($topicid,'topic');
if (!is_valid_id($topicid) || (get_user_class() < $postmanage_class && !$ismod))
if (!is_valid_id($topicid) || (!user_can('postmanage') && !$ismod))
permissiondenied();
$sure = intval($_GET["sure"] ?? 0);
@@ -983,7 +983,7 @@ if ($action == "deletepost")
$sure = intval($_GET["sure"] ?? 0);
$ismod = is_forum_moderator($postid, 'post');
if ((get_user_class() < $postmanage_class && !$ismod) || !is_valid_id($postid))
if ((!user_can('postmanage') && !$ismod) || !is_valid_id($postid))
permissiondenied();
//------- Get topic id
@@ -1040,7 +1040,7 @@ if ($action == "setlocked")
{
$topicid = intval($_POST["topicid"] ?? 0);
$ismod = is_forum_moderator($topicid,'topic');
if (!$topicid || (get_user_class() < $postmanage_class && !$ismod))
if (!$topicid || (!user_can('postmanage') && !$ismod))
permissiondenied();
$locked = sqlesc($_POST["locked"]);
@@ -1054,7 +1054,7 @@ if ($action == 'hltopic')
{
$topicid = intval($_GET["topicid"] ?? 0);
$ismod = is_forum_moderator($topicid,'topic');
if (!$topicid || (get_user_class() < $postmanage_class && !$ismod))
if (!$topicid || (!user_can('postmanage') && !$ismod))
permissiondenied();
$color = $_POST["color"];
if ($color==0 || get_hl_color($color))
@@ -1074,7 +1074,7 @@ if ($action == "setsticky")
{
$topicid = intval($_POST["topicid"] ?? 0);
$ismod = is_forum_moderator($topicid,'topic');
if (!$topicid || (get_user_class() < $postmanage_class && !$ismod))
if (!$topicid || (!user_can('postmanage') && !$ismod))
permissiondenied();
$sticky = sqlesc($_POST["sticky"]);
@@ -1475,7 +1475,7 @@ if ($CURUSER)
stdhead($lang_forums['head_forums']);
begin_main_frame();
print("<h1 align=\"center\">".$SITENAME."&nbsp;".$lang_forums['text_forums']."</h1>");
print("<p align=\"center\"><a href=\"?action=search\"><b>".$lang_forums['text_search']."</b></a> | <a href=\"?action=viewunread\"><b>".$lang_forums['text_view_unread']."</b></a> | <a href=\"?catchup=1\"><b>".$lang_forums['text_catch_up']."</b></a> ".(get_user_class() >= $forummanage_class ? "| <a href=\"forummanage.php\"><b>".$lang_forums['text_forum_manager']."</b></a>":"")."</p>");
print("<p align=\"center\"><a href=\"?action=search\"><b>".$lang_forums['text_search']."</b></a> | <a href=\"?action=viewunread\"><b>".$lang_forums['text_view_unread']."</b></a> | <a href=\"?catchup=1\"><b>".$lang_forums['text_catch_up']."</b></a> ".(user_can('forummanage') ? "| <a href=\"forummanage.php\"><b>".$lang_forums['text_forum_manager']."</b></a>":"")."</p>");
print("<table border=\"1\" cellspacing=\"0\" cellpadding=\"5\" width=\"100%\">\n");
if (!$overforums = $Cache->get_value('overforums_list')){
public/friends.php
+4 -4
View File
@@ -52,9 +52,9 @@ if ($action == 'add')
stderr($lang_friends['std_error'], $lang_friends['std_user_id'].$targetid.$lang_friends['std_already_in'].$table_is.$lang_friends['std_list']);
sql_query("INSERT INTO $table_is VALUES (0,$userid, $targetid)") or sqlerr(__FILE__, __LINE__);
purge_neighbors_cache();
header("Location: " . get_protocol_prefix() . "$BASEURL/friends.php?id=$userid#$frag");
die;
}
@@ -227,7 +227,7 @@ else
$body1 = get_username($neighbors_arr["id"]) .
" ($title)<br /><br />".$lang_friends['text_last_seen_on']. gettime($neighbors_arr['last_access'], true, false);
$body2 = ((empty($friend_id_arr)||(!in_array($neighbors_arr["id"],$friend_id_arr))) ? "<a href=friends.php?id=$userid&action=add&type=friend&targetid=" . $neighbors_arr['id'] . ">".$lang_friends['text_add_to_friends']."</a>" : "<a href=friends.php?id=$userid&action=delete&type=friend&targetid=" . $neighbors_arr['id'] . ">".$lang_friends['text_remove_from_friends']."</a>") .
"<br /><br /><a href=sendmessage.php?receiver=" . $neighbors_arr['id'] . ">".$lang_friends['text_send_pm']."</a>";
$avatar = ($CURUSER["avatars"] == "yes" ? htmlspecialchars($neighbors_arr["avatar"]) : "");
@@ -350,7 +350,7 @@ print($blocks);
print("</td></tr></table>\n");
print("</td></tr></table>\n");
if (get_user_class() >= $viewuserlist_class)
if (user_can('viewuserlist'))
print("<p><a href=users.php><b>".$lang_friends['text_find_user']."</b></a></p>");
stdfoot();
?>
public/fun.php
+3 -5
View File
@@ -19,8 +19,7 @@ if ($action == 'delete')
$arr = mysql_fetch_array($res);
if (!$arr)
stderr($lang_fun['std_error'], $lang_fun['std_invalid_id']);
if (get_user_class() < $funmanage_class)
permissiondenied();
user_can('funmanage', true);
$sure = intval($_GET["sure"] ?? 0);
$returnto = $_GET["returnto"] ? htmlspecialchars($_GET["returnto"]) : htmlspecialchars($_SERVER["HTTP_REFERER"]);
if (!$sure)
@@ -130,7 +129,7 @@ if ($action == 'edit'){
$arr = mysql_fetch_array($res);
if (!$arr)
stderr($lang_fun['std_error'], $lang_fun['std_invalid_id']);
if ($arr["userid"] != $CURUSER["id"] && get_user_class() < $funmanage_class)
if ($arr["userid"] != $CURUSER["id"] && !user_can('funmanage'))
permissiondenied();
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
@@ -164,8 +163,7 @@ if ($action == 'edit'){
}
if ($action == 'ban')
{
if (get_user_class() < $funmanage_class)
permissiondenied();
user_can('funmanage', true);
$id = intval($_GET["id"] ?? 0);
int_check($id,true);
$res = sql_query("SELECT * FROM fun WHERE id=$id") or sqlerr(__FILE__,__LINE__);
public/getusertorrentlistajax.php
+2 -2
View File
@@ -15,7 +15,7 @@ $id = intval($_GET['userid'] ?? 0);
$type = $_GET['type'];
if (!in_array($type,array('uploaded','seeding','leeching','completed','incomplete')))
die;
if(get_user_class() < $torrenthistory_class && $id != $CURUSER["id"])
if(!user_can('torrenthistory') && $id != $CURUSER["id"])
permissiondenied();
function maketable($res, $mode = 'seeding')
@@ -211,7 +211,7 @@ switch ($type)
case 'uploaded':
{
// $res = sql_query("SELECT torrents.id AS torrent, torrents.name as torrentname, small_descr, seeders, leechers, anonymous, torrents.banned, torrents.approval_status, categories.name AS catname, categories.image, category, sp_state, size, torrents.hr, snatched.seedtime, snatched.uploaded FROM torrents LEFT JOIN snatched ON torrents.id = snatched.torrentid LEFT JOIN categories ON torrents.category = categories.id WHERE torrents.owner=$id AND snatched.userid=$id " . (($CURUSER["id"] != $id)?((get_user_class() < $viewanonymous_class) ? " AND anonymous = 'no'":""):"") ." ORDER BY torrents.added DESC") or sqlerr(__FILE__, __LINE__);
$res = sql_query("SELECT torrents.id AS torrent, torrents.name as torrentname, small_descr, seeders, leechers, anonymous, torrents.banned, torrents.approval_status, categories.name AS catname, categories.image, category, sp_state, size, torrents.hr, torrents.added FROM torrents LEFT JOIN categories ON torrents.category = categories.id WHERE torrents.owner=$id " . (($CURUSER["id"] != $id)?((get_user_class() < $viewanonymous_class) ? " AND anonymous = 'no'":""):"") ." ORDER BY torrents.added DESC") or sqlerr(__FILE__, __LINE__);
$res = sql_query("SELECT torrents.id AS torrent, torrents.name as torrentname, small_descr, seeders, leechers, anonymous, torrents.banned, torrents.approval_status, categories.name AS catname, categories.image, category, sp_state, size, torrents.hr, torrents.added FROM torrents LEFT JOIN categories ON torrents.category = categories.id WHERE torrents.owner=$id " . (($CURUSER["id"] != $id)?((!user_can('viewanonymous')) ? " AND anonymous = 'no'":""):"") ." ORDER BY torrents.added DESC") or sqlerr(__FILE__, __LINE__);
$count = mysql_num_rows($res);
if ($count > 0)
{
public/increment-bulk.php
+1 -1
View File
@@ -64,7 +64,7 @@ $classes = array_chunk(\App\Models\User::$classes, 4, true);
</table>
</td>
</tr>
<?php do_action('increment_bulk_filters') ?>
<?php do_action('increment_bulk_form_filters') ?>
<tr><td class="rowhead" valign="top">Subject </td><td class="rowfollow"><input type=text name=subject size=82></td></tr>
<tr><td class="rowhead" valign="top">Reason </td><td class="rowfollow"><textarea name=msg cols=80 rows=5><?php echo $body ?? ''?></textarea></td></tr>
<tr>
public/index.php
+8 -8
View File
@@ -37,7 +37,7 @@ stdhead($lang_index['head_home']);
begin_main_frame();
// ------------- start: recent news ------------------//
print("<h2>".$lang_index['text_recent_news'].(get_user_class() >= $newsmanage_class ? " - <font class=\"small\">[<a class=\"altlink\" href=\"news.php\"><b>".$lang_index['text_news_page']."</b></a>]</font>" : "")."</h2>");
print("<h2>".$lang_index['text_recent_news'].(user_can('newsmanage') ? " - <font class=\"small\">[<a class=\"altlink\" href=\"news.php\"><b>".$lang_index['text_news_page']."</b></a>]</font>" : "")."</h2>");
$Cache->new_page('recent_news', 86400, true);
if (!$Cache->get_page()){
@@ -79,7 +79,7 @@ if (mysql_num_rows($res) > 0)
echo $Cache->next_row();
while($Cache->next_row()){
echo $Cache->next_part();
if (get_user_class() >= $newsmanage_class)
if (user_can('newsmanage'))
echo $Cache->next_part();
}
echo $Cache->next_row();
@@ -97,7 +97,7 @@ if ($showfunbox_main == "yes" && (!isset($CURUSER) || $CURUSER['showfb'] == "yes
}
if (!$row) //There is no funbox item
{
print("<h2>".$lang_index['text_funbox'].(get_user_class() >= $newfunitem_class ? "<font class=\"small\"> - [<a class=\"altlink\" href=\"fun.php?action=new\"><b>".$lang_index['text_new_fun']."</b></a>]</font>" : "")."</h2>");
print("<h2>".$lang_index['text_funbox'].(user_can('newfunitem') ? "<font class=\"small\"> - [<a class=\"altlink\" href=\"fun.php?action=new\"><b>".$lang_index['text_new_fun']."</b></a>]</font>" : "")."</h2>");
}
else
{
@@ -117,7 +117,7 @@ if ($showfunbox_main == "yes" && (!isset($CURUSER) || $CURUSER['showfb'] == "yes
print ("<h2>".$lang_index['text_funbox']);
if ($CURUSER)
{
print("<font class=\"small\">".(get_user_class() >= $log_class ? " - [<a class=\"altlink\" href=\"log.php?action=funbox\"><b>".$lang_index['text_more_fun']."</b></a>]": "").($row['neednew'] && get_user_class() >= $newfunitem_class ? " - [<a class=altlink href=\"fun.php?action=new\"><b>".$lang_index['text_new_fun']."</b></a>]" : "" ).( ($CURUSER['id'] == $row['userid'] || get_user_class() >= $funmanage_class) ? " - [<a class=\"altlink\" href=\"fun.php?action=edit&amp;id=".$row['id']."&amp;returnto=index.php\"><b>".$lang_index['text_edit']."</b></a>]" : "").(get_user_class() >= $funmanage_class ? " - [<a class=\"altlink\" href=\"fun.php?action=delete&amp;id=".$row['id']."&amp;returnto=index.php\"><b>".$lang_index['text_delete']."</b></a>] - [<a class=\"altlink\" href=\"fun.php?action=ban&amp;id=".$row['id']."&amp;returnto=index.php\"><b>".$lang_index['text_ban']."</b></a>]" : "")."</font>");
print("<font class=\"small\">".(user_can('log') ? " - [<a class=\"altlink\" href=\"log.php?action=funbox\"><b>".$lang_index['text_more_fun']."</b></a>]": "").($row['neednew'] && user_can('newfunitem') ? " - [<a class=altlink href=\"fun.php?action=new\"><b>".$lang_index['text_new_fun']."</b></a>]" : "" ).( ($CURUSER['id'] == $row['userid'] || user_can('funmanage')) ? " - [<a class=\"altlink\" href=\"fun.php?action=edit&amp;id=".$row['id']."&amp;returnto=index.php\"><b>".$lang_index['text_edit']."</b></a>]" : "").(get_user_class() >= $funmanage_class ? " - [<a class=\"altlink\" href=\"fun.php?action=delete&amp;id=".$row['id']."&amp;returnto=index.php\"><b>".$lang_index['text_delete']."</b></a>] - [<a class=\"altlink\" href=\"fun.php?action=ban&amp;id=".$row['id']."&amp;returnto=index.php\"><b>".$lang_index['text_ban']."</b></a>]" : "")."</font>");
}
print("</h2>");
@@ -266,7 +266,7 @@ if ($CURUSER && $showpolls_main == "yes")
print("<h2>".$lang_index['text_polls']);
if (get_user_class() >= $pollmanage_class)
if (user_can('pollmanage'))
{
print("<font class=\"small\"> - [<a class=\"altlink\" href=\"makepoll.php?returnto=main\"><b>".$lang_index['text_new']."</b></a>]\n");
if ($pollexists)
@@ -389,7 +389,7 @@ if ($CURUSER && $showpolls_main == "yes")
}
print("</td></tr></table>");
if ($voted && get_user_class() >= $log_class)
if ($voted && user_can('log'))
print("<p align=\"center\"><a href=\"log.php?action=poll\">".$lang_index['text_previous_polls']."</a></p>\n");
print("</td></tr></table>");
}
@@ -600,9 +600,9 @@ if ($showtrackerload == "yes") {
// ------------- end: disclaimer ------------------//
// ------------- start: links ------------------//
print("<h2>".$lang_index['text_links']);
if (get_user_class() >= $applylink_class)
if (user_can('applylink'))
print("<font class=\"small\"> - [<a class=\"altlink\" href=\"linksmanage.php?action=apply\"><b>".$lang_index['text_apply_for_link']."</b></a>]</font>");
if (get_user_class() >= $linkmanage_class)
if (user_can('linkmanage'))
{
print("<font class=\"small\">");
print(" - [<a class=\"altlink\" href=\"linksmanage.php\"><b>".$lang_index['text_manage_links']."</b></a>]\n");
public/invite.php
+2 -2
View File
@@ -19,9 +19,9 @@ function inviteMenu ($selected = "invitee") {
end_main_frame();
}
if (($CURUSER['id'] != $id && get_user_class() < $viewinvite_class) || !is_valid_id($id))
if (($CURUSER['id'] != $id && !user_can('viewinvite')) || !is_valid_id($id))
stderr($lang_invite['std_sorry'],$lang_invite['std_permission_denied']);
if (get_user_class() < $sendinvite_class)
if (!user_can('sendinvite'))
stderr($lang_invite['std_sorry'],$lang_invite['std_only'].get_user_class_name($sendinvite_class,false,true,true).$lang_invite['std_or_above_can_invite'],false);
$res = sql_query("SELECT username FROM users WHERE id = ".mysql_real_escape_string($id)) or sqlerr();
$user = mysql_fetch_assoc($res);
public/iphistory.php
+1 -2
View File
@@ -4,8 +4,7 @@ dbconn();
require_once(get_langfile_path());
loggedinorreturn();
if (get_user_class() < $userprofile_class)
permissiondenied();
user_can('userprofile', true);
$userid = intval($_GET["id"] ?? 0);
if (!is_valid_id($userid))
public/ipsearch.php
+1 -1
View File
@@ -4,7 +4,7 @@ dbconn();
require_once(get_langfile_path());
loggedinorreturn();
if (get_user_class() < $userprofile_class)
if (!user_can('userprofile'))
permissiondenied();
else
{
public/linksmanage.php
+4 -4
View File
@@ -6,7 +6,7 @@ loggedinorreturn();
//start apply for links
if (isset($_GET['action']) && $_GET['action'] == "apply")
{
if (get_user_class() >= $applylink_class){
if (user_can('applylink')){
stdhead($lang_linksmanage['head_apply_for_links']);
begin_main_frame();
begin_frame($lang_linksmanage['text_apply_for_links'], true,10,"100%","center");
@@ -17,7 +17,7 @@ begin_frame($lang_linksmanage['text_apply_for_links'], true,10,"100%","center");
print("<p align=left>&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp ".$lang_linksmanage['text_rule_four']."</p>\n");
print("<p align=left>&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp ".$lang_linksmanage['text_rule_five']."</p>\n");
print("<p align=left>&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp ".$lang_linksmanage['text_rule_six']."</p>\n");
print("<p>".$lang_linksmanage['text_red_star_required']."</p>");
?>
<form method=post action="<?php echo $_SERVER["PHP_SELF"];?>">
@@ -40,7 +40,7 @@ else permissiondenied();
}
elseif (isset($_POST['action']) && $_POST['action'] == "newapply")
{
if (get_user_class() >= $applylink_class){
if (user_can('applylink')){
$sitename = unesc($_POST["linkname"]);
$url = unesc($_POST["url"]);
$title = unesc($_POST["title"]);
@@ -77,7 +77,7 @@ else permissiondenied();
}
//start admin work
elseif (get_user_class() < $linkmanage_class)
elseif (!user_can('linkmanage'))
permissiondenied();
else{
if (isset($_GET['action']) && $_GET['action'] == "del") {
public/log.php
+10 -10
View File
@@ -3,7 +3,7 @@ require "../include/bittorrent.php";
dbconn();
require_once(get_langfile_path());
loggedinorreturn();
if (get_user_class() < $log_class)
if (!user_can('log'))
{
stderr($lang_log['std_sorry'],$lang_log['std_permission_denied_only'].get_user_class_name($log_class,false,true,true).$lang_log['std_or_above_can_view'],false);
}
@@ -89,7 +89,7 @@ else {
$addparam = "";
$wherea = "";
if (get_user_class() >= $confilog_class){
if (user_can('confilog')){
switch ($search)
{
case "mod": $wherea=" WHERE security_level = 'mod'"; break;
@@ -140,7 +140,7 @@ else {
print("<tr><td class=\"rowfollow nowrap\" align=center>".gettime($arr['added'],true,false)."</td><td class=rowfollow align=left><font color='".$color."'>".htmlspecialchars($arr['txt'])."</font></td></tr>\n");
}
print("</table>");
echo $pagerbottom;
}
@@ -162,7 +162,7 @@ else {
}
logmenu("chronicle");
searchtable($lang_log['text_search_chronicle'], 'chronicle');
if (get_user_class() >= $chrmanage_class)
if (user_can('chrmanage'))
additem($lang_log['text_add_chronicle'], 'chronicle');
if (
(isset($_GET['do']) && $_GET['do'] == "del")
@@ -172,8 +172,8 @@ else {
)
{
$txt = $_POST['txt'] ?? '';
if (get_user_class() < $chrmanage_class)
permissiondeny();
if (get_user_class() < $chrmanage_class)
permissiondeny();
elseif (isset($_POST['do']) && $_POST['do'] == "add")
sql_query ("INSERT INTO chronicle (userid,added, txt) VALUES ('".$CURUSER["id"]."', now(), ".sqlesc($txt).")") or sqlerr(__FILE__, __LINE__);
elseif (isset($_POST['do'] ) && $_POST['do'] == "update"){
@@ -205,11 +205,11 @@ else {
//echo $pagertop;
print("<table width=940 border=1 cellspacing=0 cellpadding=5>\n");
print("<tr><td class=colhead align=center>".$lang_log['col_date']."</td><td class=colhead align=left>".$lang_log['col_event']."</td>".(get_user_class() >= $chrmanage_class ? "<td class=colhead align=center>".$lang_log['col_modify']."</td>" : "")."</tr>\n");
print("<tr><td class=colhead align=center>".$lang_log['col_date']."</td><td class=colhead align=left>".$lang_log['col_event']."</td>".(user_can('chrmanage') ? "<td class=colhead align=center>".$lang_log['col_modify']."</td>" : "")."</tr>\n");
while ($arr = mysql_fetch_assoc($res))
{
$date = gettime($arr['added'],true,false);
print("<tr><td class=rowfollow align=center><nobr>$date</nobr></td><td class=rowfollow align=left>".format_comment($arr["txt"],true,false,true)."</td>".(get_user_class() >= $chrmanage_class ? "<td align=center nowrap><b><a href=\"".$_SERVER['REQUEST_URI']."?action=chronicle&do=edit&id=".$arr["id"]."\">".$lang_log['text_edit']."</a>&nbsp;|&nbsp;<a href=\"".$_SERVER['REQUEST_URI']."?action=chronicle&do=del&id=".$arr["id"]."\"><font color=red>".$lang_log['text_delete']."</font></a></b></td>" : "")."</tr>\n");
print("<tr><td class=rowfollow align=center><nobr>$date</nobr></td><td class=rowfollow align=left>".format_comment($arr["txt"],true,false,true)."</td>".(user_can('chrmanage') ? "<td align=center nowrap><b><a href=\"".$_SERVER['REQUEST_URI']."?action=chronicle&do=edit&id=".$arr["id"]."\">".$lang_log['text_edit']."</a>&nbsp;|&nbsp;<a href=\"".$_SERVER['REQUEST_URI']."?action=chronicle&do=del&id=".$arr["id"]."\"><font color=red>".$lang_log['text_delete']."</font></a></b></td>" : "")."</tr>\n");
}
print("</table>");
echo $pagerbottom;
@@ -319,7 +319,7 @@ else {
$returnto = htmlspecialchars($_GET["returnto"] ?? '');
if ($do == "delete")
{
if (get_user_class() < $chrmanage_class)
if (!user_can('chrmanage'))
stderr($lang_log['std_error'], $lang_log['std_permission_denied']);
int_check($pollid,true);
@@ -372,7 +372,7 @@ else {
print($added);
if (get_user_class() >= $pollmanage_class)
if (user_can('pollmanage'))
{
print(" - [<a href=makepoll.php?action=edit&pollid=$poll[id]><b>".$lang_log['text_edit']."</b></a>]\n");
print(" - [<a href=?action=poll&do=delete&pollid=$poll[id]><b>".$lang_log['text_delete']."</b></a>]\n");
public/makepoll.php
+1 -2
View File
@@ -3,8 +3,7 @@ require "../include/bittorrent.php";
dbconn();
require_once(get_langfile_path());
loggedinorreturn();
if (get_user_class() < $pollmanage_class)
permissiondenied();
user_can('pollmanage', true);
$action = $_GET["action"] ?? '';
$pollid = intval($_GET["pollid"] ?? 0);
public/modtask.php
+3 -3
View File
@@ -11,7 +11,7 @@ function puke()
stderr("Error", "Permission denied. For security reason, we logged this action");
}
if (get_user_class() < $prfmanage_class)
if (!user_can('prfmanage'))
puke();
$action = $_POST["action"];
@@ -87,11 +87,11 @@ if ($action == "edituser")
$updateset[] = "supportlang = ".sqlesc($supportlang);
$banLog = [];
if(get_user_class()<=$cruprfmanage_class)
if(!user_can('cruprfmanage'))
{
$modcomment = $arr["modcomment"];
}
if(get_user_class() >= $cruprfmanage_class)
if(user_can('cruprfmanage'))
{
$email = $_POST["email"];
$username = $_POST["username"];
public/moforums.php
+4 -8
View File
@@ -3,8 +3,7 @@ require "../include/bittorrent.php";
dbconn();
require_once(get_langfile_path());
loggedinorreturn();
if (get_user_class() < $forummanage_class)
permissiondenied();
user_can('forummanage', true);
//Presets
$act = $_GET['action'] ?? '';
@@ -19,8 +18,7 @@ $act = "forum";
// DELETE FORUM ACTION
if ($act == "del") {
if (get_user_class() < $forummanage_class)
permissiondenied();
user_can('forummanage', true);
if (!$id) { header("Location: $PHP_SELF?action=forum"); die();}
@@ -32,8 +30,7 @@ die();
//EDIT FORUM ACTION
if (isset($_POST['action']) && $_POST['action'] == "editforum") {
if (get_user_class() < $forummanage_class)
permissiondenied();
user_can('forummanage', true);
$name = $_POST['name'];
$desc = $_POST['desc'];
@@ -48,8 +45,7 @@ die();
//ADD FORUM ACTION
if (isset($_POST['action']) && $_POST['action'] == "addforum") {
if (get_user_class() < $forummanage_class)
permissiondenied();
user_can('forummanage', true);
$name = trim($_POST['name']);
$desc = trim($_POST['desc']);
public/mybonus.php
+2 -2
View File
@@ -338,7 +338,7 @@ for ($i=0; $i < count($allBonus); $i++)
}
elseif($bonusarray['art'] == 'invite')
{
if(get_user_class() < $buyinvite_class)
if(!user_can('buyinvite'))
print("<td class=\"rowfollow\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"".get_user_class_name($buyinvite_class,false,false,true).$lang_mybonus['text_plus_only']."\" disabled=\"disabled\" /></td>");
else
print("<td class=\"rowfollow\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"".$lang_mybonus['submit_exchange']."\" /></td>");
@@ -543,7 +543,7 @@ if ($action == "exchange") {
}
//=== trade for invites
elseif($art == "invite") {
if(get_user_class() < $buyinvite_class)
if(!user_can('buyinvite'))
die(get_user_class_name($buyinvite_class,false,false,true).$lang_mybonus['text_plus_only']);
$invites = $CURUSER['invites'];
$inv = $invites+$bonusarray['menge'];
public/myhr.php
+1 -1
View File
@@ -7,7 +7,7 @@ require_once(get_langfile_path());
$userid = $CURUSER['id'];
$pagerParams = [];
if (!empty($_GET['userid'])) {
if (get_user_class() < $viewhistory_class && $_GET['userid'] != $CURUSER['id']) {
if (!user_can('viewhistory') && $_GET['userid'] != $CURUSER['id']) {
permissiondenied($viewhistory_class);
}
$userid = $_GET['userid'];
public/news.php
+3 -4
View File
@@ -3,8 +3,7 @@ require "../include/bittorrent.php";
dbconn();
require_once(get_langfile_path());
loggedinorreturn();
if (get_user_class() < $newsmanage_class)
permissiondenied();
user_can('newsmanage', true);
$action = htmlspecialchars($_GET["action"] ?? '');
@@ -46,11 +45,11 @@ if ($action == 'add')
$added = sqlesc(date("Y-m-d H:i:s"));
$notify = $_POST['notify'] ?? '';
if ($notify != 'yes')
$notify = 'no';
$notify = 'no';
sql_query("INSERT INTO news (userid, added, body, title, notify) VALUES (".sqlesc($CURUSER['id']) . ", $added, " . sqlesc($body) . ", " . sqlesc($title) . ", " . sqlesc($notify).")") or sqlerr(__FILE__, __LINE__);
$Cache->delete_value('recent_news',true);
if (mysql_affected_rows() != 1)
stderr($lang_news['std_error'], $lang_news['std_something_weird_happened']);
stderr($lang_news['std_error'], $lang_news['std_something_weird_happened']);
header("Location: " . get_protocol_prefix() . "$BASEURL/index.php");
}
public/offers.php
+15 -17
View File
@@ -29,8 +29,7 @@ if (isset($_GET['id']) && $_GET["id"]){
//==== add offer
if (isset($_GET['add_offer']) && $_GET["add_offer"]){
if (get_user_class() < $addoffer_class)
permissiondenied();
user_can('addoffer', true);
$add_offer = intval($_GET["add_offer"] ?? 0);
if($add_offer != '1')
stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']);
@@ -61,8 +60,7 @@ if (isset($_GET['add_offer']) && $_GET["add_offer"]){
//=== take new offer
if (isset($_GET['new_offer']) && $_GET["new_offer"]){
if (get_user_class() < $addoffer_class)
permissiondenied();
user_can('addoffer', true);
$new_offer = intval($_GET["new_offer"] ?? 0);
if($new_offer != '1')
stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']);
@@ -158,7 +156,7 @@ if (isset($_GET['off_details']) && $_GET["off_details"]){
$status="<font color=\"red\">".$lang_offers['text_denied']."</font>";
tr($lang_offers['row_status'], $status, 1);
//=== if you want to have a pending thing for uploaders use this next bit
if (get_user_class() >= $offermanage_class && $num["allowed"] == "pending")
if (user_can('offermanage') && $num["allowed"] == "pending")
tr($lang_offers['row_allow'], "<table><tr><td class=\"embedded\"><form method=\"post\" action=\"?allow_offer=1\"><input type=\"hidden\" value=\"".$id."\" name=\"offerid\" />".
"<input class=\"btn\" type=\"submit\" value=\"".$lang_offers['submit_allow']."\" />&nbsp;&nbsp;</form></td><td class=\"embedded\"><form method=\"post\" action=\"?id=".$id."&amp;finish_offer=1\">".
"<input type=\"hidden\" value=\"".$id."\" name=\"finish\" /><input class=\"btn\" type=\"submit\" value=\"".$lang_offers['submit_let_votes_decide']."\" /></form></td></tr></table>", 1);
@@ -174,7 +172,7 @@ if (isset($_GET['off_details']) && $_GET["off_details"]){
//if pending
if ($num["allowed"] == "pending"){
tr($lang_offers['row_vote'], "<b>".
"<a href=\"?id=".$id."&amp;vote=yeah\"><font color=\"green\">".$lang_offers['text_for']."</font></a></b>".(get_user_class() >= $againstoffer_class ? " - <b><a href=\"?id=".$id."&amp;vote=against\">".
"<a href=\"?id=".$id."&amp;vote=yeah\"><font color=\"green\">".$lang_offers['text_for']."</font></a></b>".(user_can('againstoffer') ? " - <b><a href=\"?id=".$id."&amp;vote=against\">".
"<font color=\"red\">".$lang_offers['text_against']."</font></a></b>" : ""), 1);
tr($lang_offers['row_vote_results'],
"<b>".$lang_offers['text_for'].":</b> $za <b>".$lang_offers['text_against']."</b> $protiv &nbsp; &nbsp; <a href=\"?id=".$id."&amp;offer_vote=1\"><i>".$lang_offers['text_see_vote_detail']."</i></a>", 1);
@@ -186,7 +184,7 @@ if (isset($_GET['off_details']) && $_GET["off_details"]){
tr($lang_offers['row_offer_allowed'],
$lang_offers['text_urge_upload_offer_note'], 1);
}
if ($CURUSER['id'] == $num['userid'] || get_user_class() >= $offermanage_class){
if ($CURUSER['id'] == $num['userid'] || user_can('offermanage')){
$edit = "<a href=\"?id=".$id."&amp;edit_offer=1\"><img class=\"dt_edit\" src=\"pic/trans.gif\" alt=\"edit\" />&nbsp;<b><font class=\"small\">".$lang_offers['text_edit_offer'] . "</font></b></a>&nbsp;|&nbsp;";
$delete = "<a href=\"?id=".$id."&amp;del_offer=1&amp;sure=0\"><img class=\"dt_delete\" src=\"pic/trans.gif\" alt=\"delete\" />&nbsp;<b><font class=\"small\">".$lang_offers['text_delete_offer']."</font></b></a>&nbsp;|&nbsp;";
}
@@ -235,7 +233,7 @@ if (isset($_GET['off_details']) && $_GET["off_details"]){
//=== allow offer by staff
if (isset($_GET["allow_offer"]) && $_GET["allow_offer"]) {
if (get_user_class() < $offermanage_class)
if (!user_can('offermanage'))
stderr($lang_offers['std_access_denied'], $lang_offers['std_mans_job']);
$allow_offer = intval($_GET["allow_offer"] ?? 0);
@@ -270,7 +268,7 @@ if (isset($_GET["allow_offer"]) && $_GET["allow_offer"]) {
//=== allow offer by vote
if (isset($_GET["finish_offer"]) && $_GET["finish_offer"]) {
if (get_user_class() < $offermanage_class)
if (!user_can('offermanage'))
stderr($lang_offers['std_access_denied'], $lang_offers['std_have_no_permission']);
$finish_offer = intval($_GET["finish_offer"] ?? 0);
@@ -337,7 +335,7 @@ if (isset($_GET["edit_offer"]) && $_GET["edit_offer"]) {
$s = $num["name"];
$id2 = $num["category"];
if ($CURUSER["id"] != $num["userid"] && get_user_class() < $offermanage_class)
if ($CURUSER["id"] != $num["userid"] && !user_can('offermanage'))
stderr($lang_offers['std_error'], $lang_offers['std_cannot_edit_others_offer']);
$body = htmlspecialchars(unesc($num["descr"]));
@@ -378,7 +376,7 @@ if (isset($_GET["take_off_edit"]) && $_GET["take_off_edit"]){
$res = sql_query("SELECT userid FROM offers WHERE id = $id") or sqlerr(__FILE__, __LINE__);
$num = mysql_fetch_array($res);
if ($CURUSER['id'] != $num['userid'] && get_user_class() < $offermanage_class)
if ($CURUSER['id'] != $num['userid'] && !user_can('offermanage'))
stderr($lang_offers['std_error'], $lang_offers['std_access_denied']);
$name = $_POST["name"];
@@ -461,7 +459,7 @@ if (isset($_GET["offer_vote"]) && $_GET["offer_vote"]){
if (isset($_GET["vote"]) && $_GET["vote"]){
$offerid = htmlspecialchars(intval($_GET["id"] ?? 0));
$vote = htmlspecialchars($_GET["vote"]);
if ($vote == 'against' && get_user_class() < $againstoffer_class)
if ($vote == 'against' && !user_can('againstoffer'))
stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']);
if ($vote =='yeah' || $vote =='against')
{
@@ -547,7 +545,7 @@ if (isset($_GET["del_offer"]) && $_GET["del_offer"]){
$name = $num["name"];
if ($userid != $num["userid"] && get_user_class() < $offermanage_class)
if ($userid != $num["userid"] && !user_can('offermanage'))
stderr($lang_offers['std_error'], $lang_offers['std_cannot_delete_others_offer']);
if ($_GET["sure"])
@@ -707,7 +705,7 @@ if ($offervotetimeout_main)
if ($offeruptimeout_main)
print("<li>".$lang_offers['text_rule_four_one']."<b>".($offeruptimeout_main / 3600)."</b>".$lang_offers['text_rule_four_two']."</li>\n");
print("</ul></div>");
if (get_user_class() >= $addoffer_class)
if (user_can('addoffer'))
print("<div align=\"right\" style=\"margin-bottom: 8px;\"><a href=\"?add_offer=1\">".
"<b>".$lang_offers['text_add_offer']."</b></a></div>");
print("<div align=\"center\"><form method=\"get\" action=\"?\">".$lang_offers['text_search_offers']."&nbsp;&nbsp;<input type=\"text\" id=\"specialboxg\" name=\"search\" />&nbsp;&nbsp;");
@@ -736,7 +734,7 @@ else
if ($offervotetimeout_main > 0 && $offeruptimeout_main > 0)
print("<td class=\"colhead\">".$lang_offers['col_timeout']."</td>");
print("<td class=\"colhead\">".$lang_offers['col_offered_by']."</td>".
(get_user_class() >= $offermanage_class ? "<td class=\"colhead\">".$lang_offers['col_act']."</td>" : "")."</tr>\n");
(user_can('offermanage') ? "<td class=\"colhead\">".$lang_offers['col_act']."</td>" : "")."</tr>\n");
for ($i = 0; $i < $num; ++$i)
{
$arr = mysql_fetch_assoc($res);
@@ -811,7 +809,7 @@ print("<td class=\"colhead\">".$lang_offers['col_offered_by']."</td>".
$max_length_of_offer_name = 70;
if($count_dispname > $max_length_of_offer_name)
$dispname=mb_substr($dispname, 0, $max_length_of_offer_name-2,"UTF-8") . "..";
print("<tr><td class=\"rowfollow\" style=\"padding: 0px\"><a href=\"?category=".$arr['cat_id']."\">".return_category_image($arr['cat_id'], "")."</a></td><td style='text-align: left'><a href=\"?id=".$arr['id']."&amp;off_details=1\" title=\"".htmlspecialchars($arr['name'])."\"><b>".htmlspecialchars($dispname)."</b></a>".($CURUSER['appendnew'] != 'no' && strtotime($arr["added"]) >= $last_offer ? "<b> (<font class='new'>".$lang_offers['text_new']."</font>)</b>" : "").$allowed."</td><td class=\"rowfollow nowrap\" style='padding: 5px' align=\"center\">".$v_res."</td><td class=\"rowfollow nowrap\" ".(get_user_class() < $againstoffer_class ? " colspan=\"2\" " : "")." style='padding: 5px'><a href=\"?id=".$arr['id']."&amp;vote=yeah\" title=\"".$lang_offers['title_i_want_this']."\"><font color=\"green\"><b>".$lang_offers['text_yep']."</b></font></a></td>".(get_user_class() >= $againstoffer_class ? "<td class=\"rowfollow nowrap\" align=\"center\"><a href=\"?id=".$arr['id']."&amp;vote=against\" title=\"".$lang_offers['title_do_not_want_it']."\"><font color=\"red\"><b>".$lang_offers['text_nah']."</b></font></a></td>" : ""));
print("<tr><td class=\"rowfollow\" style=\"padding: 0px\"><a href=\"?category=".$arr['cat_id']."\">".return_category_image($arr['cat_id'], "")."</a></td><td style='text-align: left'><a href=\"?id=".$arr['id']."&amp;off_details=1\" title=\"".htmlspecialchars($arr['name'])."\"><b>".htmlspecialchars($dispname)."</b></a>".($CURUSER['appendnew'] != 'no' && strtotime($arr["added"]) >= $last_offer ? "<b> (<font class='new'>".$lang_offers['text_new']."</font>)</b>" : "").$allowed."</td><td class=\"rowfollow nowrap\" style='padding: 5px' align=\"center\">".$v_res."</td><td class=\"rowfollow nowrap\" ".(!user_can('againstoffer') ? " colspan=\"2\" " : "")." style='padding: 5px'><a href=\"?id=".$arr['id']."&amp;vote=yeah\" title=\"".$lang_offers['title_i_want_this']."\"><font color=\"green\"><b>".$lang_offers['text_yep']."</b></font></a></td>".(get_user_class() >= $againstoffer_class ? "<td class=\"rowfollow nowrap\" align=\"center\"><a href=\"?id=".$arr['id']."&amp;vote=against\" title=\"".$lang_offers['title_do_not_want_it']."\"><font color=\"red\"><b>".$lang_offers['text_nah']."</b></font></a></td>" : ""));
print("<td class=\"rowfollow\">".$comment."</td><td class=\"rowfollow nowrap\">" . $addtime. "</td>");
if ($offervotetimeout_main > 0 && $offeruptimeout_main > 0){
@@ -828,7 +826,7 @@ print("<td class=\"colhead\">".$lang_offers['col_offered_by']."</td>".
$timeout = "N/A";
print("<td class=\"rowfollow nowrap\">".$timeout."</td>");
}
print("<td class=\"rowfollow\">".$addedby."</td>".(get_user_class() >= $offermanage_class ? "<td class=\"rowfollow\"><a href=\"?id=".$arr['id']."&amp;del_offer=1\"><img class=\"staff_delete\" src=\"pic/trans.gif\" alt=\"D\" title=\"".$lang_offers['title_delete']."\" /></a><br /><a href=\"?id=".$arr['id']."&amp;edit_offer=1\"><img class=\"staff_edit\" src=\"pic/trans.gif\" alt=\"E\" title=\"".$lang_offers['title_edit']."\" /></a></td>" : "")."</tr>");
print("<td class=\"rowfollow\">".$addedby."</td>".(user_can('offermanage') ? "<td class=\"rowfollow\"><a href=\"?id=".$arr['id']."&amp;del_offer=1\"><img class=\"staff_delete\" src=\"pic/trans.gif\" alt=\"D\" title=\"".$lang_offers['title_delete']."\" /></a><br /><a href=\"?id=".$arr['id']."&amp;edit_offer=1\"><img class=\"staff_edit\" src=\"pic/trans.gif\" alt=\"E\" title=\"".$lang_offers['title_edit']."\" /></a></td>" : "")."</tr>");
}
print("</table>\n");
echo $pagerbottom;
public/polloverview.php
+7 -8
View File
@@ -4,8 +4,7 @@ dbconn();
require_once(get_langfile_path());
loggedinorreturn();
if (get_user_class() < $pollmanage_class)
permissiondenied();
user_can('pollmanage', true);
$pollid = intval($_GET['id'] ?? 0);
@@ -17,18 +16,18 @@ if ($pollid)
stdhead($lang_polloverview['head_poll_overview']);
print("<h1 align=\"center\">".$lang_polloverview['text_polls_overview']."</h1>\n");
print("<table width=737 border=1 cellspacing=0 cellpadding=5><tr>\n" .
print("<table width=737 border=1 cellspacing=0 cellpadding=5><tr>\n" .
"<td class=colhead align=center><nobr>".$lang_polloverview['col_id']."</nobr></td><td class=colhead><nobr>".$lang_polloverview['col_added']."</nobr></td><td class=colhead><nobr>".$lang_polloverview['col_question']."</nobr></td></tr>\n");
while ($poll = mysql_fetch_assoc($res))
{
$o = array($poll["option0"], $poll["option1"], $poll["option2"], $poll["option3"], $poll["option4"], $poll["option5"], $poll["option6"], $poll["option7"], $poll["option8"], $poll["option9"], $poll["option10"], $poll["option11"], $poll["option12"], $poll["option13"], $poll["option14"], $poll["option15"], $poll["option16"], $poll["option17"], $poll["option18"], $poll["option19"]);
$added = gettime($poll['added']);
print("<tr><td align=center><a href=\"polloverview.php?id=".$poll['id']."\">".$poll['id']."</a></td><td>".$added."</td><td><a href=\"polloverview.php?id=".$poll['id']."\">".$poll['question']."</a></td></tr>\n");
}
print("</table>\n");
print("<h1 align=\"center\">".$lang_polloverview['text_poll_question']."</h1><br />\n");
print("<table width=737 border=1 cellspacing=0 cellpadding=5><tr><td class=colhead>".$lang_polloverview['col_option_no']."</td><td class=colhead>".$lang_polloverview['col_options']."</td></tr>\n");
foreach($o as $key=>$value) {
@@ -68,12 +67,12 @@ else
stdhead($lang_polloverview['head_poll_overview']);
print("<h1 align=\"center\">".$lang_polloverview['text_polls_overview']."</h1>\n");
print("<table width=737 border=1 cellspacing=0 cellpadding=5><tr>\n" .
print("<table width=737 border=1 cellspacing=0 cellpadding=5><tr>\n" .
"<td class=colhead align=center><nobr>".$lang_polloverview['col_id']."</nobr></td><td class=colhead>".$lang_polloverview['col_added']."</td><td class=colhead><nobr>".$lang_polloverview['col_question']."</nobr></td></tr>\n");
while ($poll = mysql_fetch_assoc($res))
{
$added = gettime($poll['added']);
print("<tr><td align=center><a href=\"polloverview.php?id=".$poll['id']."\">".$poll['id']."</a></td><td>".$added."</td><td><a href=\"polloverview.php?id=".$poll['id']."\">".$poll['question']."</a></td></tr>\n");
print("<tr><td align=center><a href=\"polloverview.php?id=".$poll['id']."\">".$poll['id']."</a></td><td>".$added."</td><td><a href=\"polloverview.php?id=".$poll['id']."\">".$poll['question']."</a></td></tr>\n");
}
print("</table>\n");
stdfoot();
public/promotionlink.php
+1 -1
View File
@@ -53,7 +53,7 @@ else
<tr><td class="colfollow"><?php echo $lang_promotionlink['row_html']?></td><td class="colfollow"><textarea cols="50" rows="4"><?php echo htmlspecialchars("<a href=\"".$yourlink."\"><img src=\"". $imgurl . "\" alt=\"".$SITENAME."\" title=\"".$SITENAME." - ".$SLOGAN."\"></a>")?></textarea></td><td class="colfollow"><div><a href="<?php echo $yourlink?>" target="_blank"><img src="<?php echo $imgurl?>" alt="<?php echo htmlspecialchars($SITENAME)?>" title="<?php echo htmlspecialchars($SITENAME)?> - <?php echo htmlspecialchars($SLOGAN)?>" /></a></div><div style="padding-top: 10px"><?php echo $lang_promotionlink['text_html_note']?></div></td></tr>
<tr><td class="colfollow"><?php echo $lang_promotionlink['row_bbcode']?></td><td class="colfollow"><textarea cols="50" rows="4"><?php echo htmlspecialchars("[url=".$yourlink."][img]".$imgurl."[/img][/url]")?></textarea></td><td class="colfollow"><div><a href="<?php echo $yourlink?>"><img src="<?php echo $imgurl?>" /></a></div><div style="padding-top: 10px"><?php echo $lang_promotionlink['text_bbcode_note']?></div></td></tr>
<?php
if (get_user_class() >= $userbar_class)
if (user_can('userbar'))
{
?>
<tr><td class="colfollow"><?php echo $lang_promotionlink['row_bbcode_userbar']?></td><td class="colfollow"><textarea cols="50" rows="4"><?php echo htmlspecialchars("[url=".$yourlink."][img]".get_protocol_prefix() . $BASEURL."/mybar.php?userid=".$CURUSER['id'].".png[/img][/url]")?></textarea></td><td class="colfollow"><div><a href="<?php echo $yourlink?>"><img src="<?php echo get_protocol_prefix() . $BASEURL?>/mybar.php?userid=<?php echo $CURUSER['id']?>.png" /></a></div><div style="padding-top: 10px"><?php echo $lang_promotionlink['text_bbcode_userbar_note']?></div></td></tr>
public/reports.php
+2 -3
View File
@@ -5,8 +5,7 @@ require_once(get_langfile_path());
loggedinorreturn();
parked();
if (get_user_class() < $staffmem_class)
permissiondenied();
user_can('staffmem', true);
$count = get_row_count("reports");
if (!$count){
@@ -146,7 +145,7 @@ while ($row = mysql_fetch_array($reportres))
print("<tr><td class=rowfollow><nobr>".gettime($row['added'])."</nobr></td><td class=rowfollow>" . get_username($row['addedby']) . "</td><td class=rowfollow>".$reporting."</td><td class=rowfollow><nobr>".$type."</nobr></td><td class=rowfollow>".htmlspecialchars($row['reason'])."</td><td class=rowfollow><nobr>".$dealtwith."</nobr></td><td class=rowfollow><input type=\"checkbox\" name=\"delreport[]\" value=\"" . $row['id'] . "\" /></td></tr>\n");
}
?>
<tr><td class="colhead" colspan="7" align="right"><input type="submit" name="setdealt" value="<?php echo $lang_reports['submit_set_dealt']?>" /><input type="submit" name="delete" value="<?php echo $lang_reports['submit_delete']?>" /></td></tr>
<tr><td class="colhead" colspan="7" align="right"><input type="submit" name="setdealt" value="<?php echo $lang_reports['submit_set_dealt']?>" /><input type="submit" name="delete" value="<?php echo $lang_reports['submit_delete']?>" /></td></tr>
</form>
<?php
print("</table>");
public/retriver.php
+1 -3
View File
@@ -2,9 +2,7 @@
require_once("../include/bittorrent.php");
dbconn();
loggedinorreturn();
if (get_user_class() < $updateextinfo_class) {
permissiondenied();
}
user_can('updateextinfo', true);
$id = intval($_GET["id"] ?? 0);
$type = intval($_GET["type"] ?? 0);
$siteid = $_GET["siteid"] ?? 0; // 1 for IMDb
public/settings.php
+59 -47
View File
@@ -217,16 +217,27 @@ elseif ($action == 'savesettings_security') // save security
elseif ($action == 'savesettings_authority') // save user authority
{
stdhead($lang_settings['head_save_authority_settings']);
$validConfig = array('defaultclass','staffmem','newsmanage','newfunitem','funmanage','sbmanage','pollmanage','applylink', 'linkmanage', 'postmanage','commanage','forummanage','viewuserlist','torrentmanage','torrentsticky', 'torrentonpromotion', 'torrent_hr', 'askreseed', 'viewnfo', 'torrentstructure','sendinvite','viewhistory','topten','log','confilog','userprofile', 'torrenthistory','prfmanage', 'cruprfmanage','uploadsub','delownsub','submanage','updateextinfo', 'viewanonymous','beanonymous','addoffer','offermanage', 'upload','uploadspecial','view_special_torrent','movetorrent','chrmanage','viewinvite', 'buyinvite','seebanned','againstoffer','userbar');
$validConfig = array(
'defaultclass','staffmem','newsmanage','newfunitem','funmanage','sbmanage','pollmanage','applylink', 'linkmanage', 'postmanage',
'commanage','forummanage','viewuserlist','torrentmanage','torrentsticky', 'torrentonpromotion', 'torrent_hr', 'askreseed', 'viewnfo',
'torrentstructure','sendinvite','viewhistory','topten','log','confilog','userprofile', 'torrenthistory','prfmanage', 'cruprfmanage',
'uploadsub','delownsub','submanage','updateextinfo', 'viewanonymous','beanonymous','addoffer','offermanage', 'upload','uploadspecial',
'view_special_torrent','movetorrent','chrmanage','viewinvite', 'buyinvite','seebanned','againstoffer','userbar', 'torrent-approval'
);
GetVar($validConfig);
$AUTHORITY = [];
foreach($validConfig as $config) {
$AUTHORITY[$config] = $$config ?? null;
if (in_array($config, \App\Models\Setting::$permissionMustHaveClass)) {
if (!isset(\App\Models\User::$classes[$AUTHORITY[$config]])) {
stderr('Error', "Invalid user class: " . $AUTHORITY[$config]);
}
}
}
saveSetting('authority', $AUTHORITY);
$actiontime = date("F j, Y, g:i a");
write_log("Tracker USER AUTHORITY settings updated by {$CURUSER['username']}. $actiontime",'mod');
do_action("nexus_setting_update", $AUTHORITY);
go_back();
}
elseif ($action == 'savesettings_tweak') // save tweak
@@ -419,51 +430,52 @@ elseif ($action == 'authoritysettings') //Authority settings
print ("<form method='post' action='".$_SERVER["SCRIPT_NAME"]."'><input type='hidden' name='action' value='savesettings_authority'>");
tr($lang_settings['row_default_class'], $lang_settings['text_default_user_class'].classlist('defaultclass',UC_STAFFLEADER,$AUTHORITY['defaultclass']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_default_class_note'], 1);
tr($lang_settings['row_staff_member'], $lang_settings['text_minimum_class'].classlist('staffmem',UC_STAFFLEADER,$AUTHORITY['staffmem']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_staff_member_note'], 1);
tr($lang_settings['row_news_management'], $lang_settings['text_minimum_class'].classlist('newsmanage',$maxclass,$AUTHORITY['newsmanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_news_management_note'],1);
tr($lang_settings['row_post_funbox_item'], $lang_settings['text_minimum_class'].classlist('newfunitem',$maxclass,$AUTHORITY['newfunitem']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_post_funbox_item_note'],1);
tr($lang_settings['row_funbox_management'], $lang_settings['text_minimum_class']. classlist('funmanage',$maxclass,$AUTHORITY['funmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_funbox_management_note'],1);
tr($lang_settings['row_shoutbox_management'], $lang_settings['text_minimum_class']. classlist('sbmanage',$maxclass,$AUTHORITY['sbmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_shoutbox_management_note'],1);
tr($lang_settings['row_poll_management'], $lang_settings['text_minimum_class'].classlist('pollmanage',$maxclass,$AUTHORITY['pollmanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_poll_management_note'],1);
tr($lang_settings['row_apply_for_links'], $lang_settings['text_minimum_class'].classlist('applylink',$maxclass,$AUTHORITY['applylink']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_apply_for_links_note'],1);
tr($lang_settings['row_link_management'], $lang_settings['text_minimum_class'].classlist('linkmanage',$maxclass,$AUTHORITY['linkmanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_link_management_note'],1);
tr($lang_settings['row_forum_post_management'], $lang_settings['text_minimum_class'].classlist('postmanage',$maxclass,$AUTHORITY['postmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_forum_post_management_note'],1);
tr($lang_settings['row_comment_management'], $lang_settings['text_minimum_class'].classlist('commanage',$maxclass,$AUTHORITY['commanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_comment_management_note'],1);
tr($lang_settings['row_forum_management'], $lang_settings['text_minimum_class'].classlist('forummanage',$maxclass,$AUTHORITY['forummanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_forum_management_note'],1);
tr($lang_settings['row_view_userlist'], $lang_settings['text_minimum_class'].classlist('viewuserlist',$maxclass,$AUTHORITY['viewuserlist']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_userlist_note'],1);
tr($lang_settings['row_torrent_management'], $lang_settings['text_minimum_class'].classlist('torrentmanage',$maxclass,$AUTHORITY['torrentmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_torrent_management_note'], 1);
tr($lang_settings['row_torrent_sticky'], $lang_settings['text_minimum_class'].classlist('torrentsticky',$maxclass,$AUTHORITY['torrentsticky']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_sticky_note'],1);
tr($lang_settings['row_torrent_on_promotion'], $lang_settings['text_minimum_class'].classlist('torrentonpromotion',$maxclass,$AUTHORITY['torrentonpromotion'] ?? '').$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_promotion_note'],1);
tr($lang_settings['row_torrent_hr'], $lang_settings['text_minimum_class'].classlist('torrent_hr',$maxclass,$AUTHORITY['torrent_hr'] ?? '').$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_hr_note'],1);
tr($lang_settings['row_ask_for_reseed'], $lang_settings['text_minimum_class'].classlist('askreseed',$maxclass,$AUTHORITY['askreseed']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_ask_for_reseed_note'],1);
tr($lang_settings['row_view_nfo'], $lang_settings['text_minimum_class'].classlist('viewnfo',$maxclass,$AUTHORITY['viewnfo']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_nfo_note'],1);
tr($lang_settings['row_view_torrent_structure'], $lang_settings['text_minimum_class'].classlist('torrentstructure',$maxclass,$AUTHORITY['torrentstructure']).$lang_settings['text_default'].get_user_class_name(UC_ULTIMATE_USER,false,true,true).$lang_settings['text_view_torrent_structure_note'],1);
tr($lang_settings['row_send_invite'], $lang_settings['text_minimum_class'].classlist('sendinvite',$maxclass,$AUTHORITY['sendinvite']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_send_invite_note'],1);
tr($lang_settings['row_view_history'], $lang_settings['text_minimum_class'].classlist('viewhistory',$maxclass,$AUTHORITY['viewhistory']).$lang_settings['text_default'].get_user_class_name(UC_VETERAN_USER,false,true,true).$lang_settings['text_view_history_note'],1);
tr($lang_settings['row_view_topten'], $lang_settings['text_minimum_class'].classlist('topten',$maxclass,$AUTHORITY['topten']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_topten_note'],1);
tr($lang_settings['row_view_general_log'], $lang_settings['text_minimum_class'].classlist('log',$maxclass,$AUTHORITY['log']).$lang_settings['text_default'].get_user_class_name(UC_INSANE_USER,false,true,true).$lang_settings['text_view_general_log_note'],1);
tr($lang_settings['row_view_confidential_log'], $lang_settings['text_minimum_class'].classlist('confilog',$maxclass,$AUTHORITY['confilog']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_view_confidential_log_note'],1);
tr($lang_settings['row_view_user_confidential'], $lang_settings['text_minimum_class'].classlist('userprofile',$maxclass,$AUTHORITY['userprofile']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_view_user_confidential_note'],1);
tr($lang_settings['row_view_user_torrent'], $lang_settings['text_minimum_class'].classlist('torrenthistory',$maxclass,$AUTHORITY['torrenthistory']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_user_torrent_note'],1);
tr($lang_settings['row_general_profile_management'], $lang_settings['text_minimum_class'].classlist('prfmanage',$maxclass,$AUTHORITY['prfmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_general_profile_management_note'],1);
tr($lang_settings['row_crucial_profile_management'], $lang_settings['text_minimum_class'].classlist('cruprfmanage',$maxclass,$AUTHORITY['cruprfmanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_crucial_profile_management_note'].get_user_class_name(UC_STAFFLEADER,false,true,true).$lang_settings['text_can_manage_donation'],1);
tr($lang_settings['row_upload_subtitle'], $lang_settings['text_minimum_class'].classlist('uploadsub',$maxclass,$AUTHORITY['uploadsub']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_upload_subtitle_note'],1);
tr($lang_settings['row_delete_own_subtitle'], $lang_settings['text_minimum_class'].classlist('delownsub',$maxclass,$AUTHORITY['delownsub']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_delete_own_subtitle_note'],1);
tr($lang_settings['row_subtitle_management'], $lang_settings['text_minimum_class'].classlist('submanage',$maxclass,$AUTHORITY['submanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_subtitle_management'],1);
tr($lang_settings['row_update_external_info'], $lang_settings['text_minimum_class'].classlist('updateextinfo',$maxclass,$AUTHORITY['updateextinfo']).$lang_settings['text_default'].get_user_class_name(UC_EXTREME_USER,false,true,true).$lang_settings['text_update_external_info_note'],1);
tr($lang_settings['row_view_anonymous'], $lang_settings['text_minimum_class'].classlist('viewanonymous',$maxclass,$AUTHORITY['viewanonymous']).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_view_anonymous_note'],1);
tr($lang_settings['row_be_anonymous'], $lang_settings['text_minimum_class'].classlist('beanonymous',$maxclass,$AUTHORITY['beanonymous']).$lang_settings['text_default'].get_user_class_name(UC_CRAZY_USER,false,true,true).$lang_settings['text_be_anonymous_note'],1);
tr($lang_settings['row_add_offer'], $lang_settings['text_minimum_class'].classlist('addoffer',$maxclass,$AUTHORITY['addoffer']).$lang_settings['text_default'].get_user_class_name(UC_PEASANT,false,true,true).$lang_settings['text_add_offer_note'], 1);
tr($lang_settings['row_offer_management'], $lang_settings['text_minimum_class'].classlist('offermanage',$maxclass,$AUTHORITY['offermanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_offer_management_note'],1);
tr($lang_settings['row_upload_torrent'], $lang_settings['text_minimum_class'].classlist('upload',$maxclass,$AUTHORITY['upload']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_upload_torrent_note'], 1);
tr($lang_settings['row_upload_special_torrent'], $lang_settings['text_minimum_class'].classlist('uploadspecial',$maxclass,$AUTHORITY['uploadspecial']).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_upload_special_torrent_note'],1);
tr($lang_settings['row_view_special_torrent'], $lang_settings['text_minimum_class'].classlist('view_special_torrent',$maxclass,$AUTHORITY['view_special_torrent']).$lang_settings['text_default'].get_user_class_name(UC_CRAZY_USER,false,true,true).$lang_settings['text_view_special_torrent_note'],1);
tr($lang_settings['row_move_torrent'], $lang_settings['text_minimum_class'].classlist('movetorrent',$maxclass,$AUTHORITY['movetorrent']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_move_torrent_note'],1);
tr($lang_settings['row_chronicle_management'], $lang_settings['text_minimum_class'].classlist('chrmanage',$maxclass,$AUTHORITY['chrmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_chronicle_management_note'],1);
tr($lang_settings['row_view_invite'], $lang_settings['text_minimum_class'].classlist('viewinvite',$maxclass,$AUTHORITY['viewinvite']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_view_invite_note'],1);
tr($lang_settings['row_buy_invites'], $lang_settings['text_minimum_class'].classlist('buyinvite',$maxclass,$AUTHORITY['buyinvite']).$lang_settings['text_default'].get_user_class_name(UC_INSANE_USER,false,true,true).$lang_settings['text_buy_invites_note'],1);
tr($lang_settings['row_see_banned_torrents'], $lang_settings['text_minimum_class'].classlist('seebanned',$maxclass,$AUTHORITY['seebanned']).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_see_banned_torrents_note'],1);
tr($lang_settings['row_vote_against_offers'], $lang_settings['text_minimum_class'].classlist('againstoffer',$maxclass,$AUTHORITY['againstoffer']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_vote_against_offers_note'],1);
tr($lang_settings['row_allow_userbar'], $lang_settings['text_minimum_class'].classlist('userbar',$maxclass,$AUTHORITY['userbar']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_allow_userbar_note'],1);
tr($lang_settings['row_news_management'], $lang_settings['text_minimum_class'].classlist('newsmanage',$maxclass,$AUTHORITY['newsmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_news_management_note'],1);
tr($lang_settings['row_post_funbox_item'], $lang_settings['text_minimum_class'].classlist('newfunitem',$maxclass,$AUTHORITY['newfunitem'],0,true).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_post_funbox_item_note'],1);
tr($lang_settings['row_funbox_management'], $lang_settings['text_minimum_class']. classlist('funmanage',$maxclass,$AUTHORITY['funmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_funbox_management_note'],1);
tr($lang_settings['row_shoutbox_management'], $lang_settings['text_minimum_class']. classlist('sbmanage',$maxclass,$AUTHORITY['sbmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_shoutbox_management_note'],1);
tr($lang_settings['row_poll_management'], $lang_settings['text_minimum_class'].classlist('pollmanage',$maxclass,$AUTHORITY['pollmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_poll_management_note'],1);
tr($lang_settings['row_apply_for_links'], $lang_settings['text_minimum_class'].classlist('applylink',$maxclass,$AUTHORITY['applylink'],0,true).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_apply_for_links_note'],1);
tr($lang_settings['row_link_management'], $lang_settings['text_minimum_class'].classlist('linkmanage',$maxclass,$AUTHORITY['linkmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_link_management_note'],1);
tr($lang_settings['row_forum_post_management'], $lang_settings['text_minimum_class'].classlist('postmanage',$maxclass,$AUTHORITY['postmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_forum_post_management_note'],1);
tr($lang_settings['row_comment_management'], $lang_settings['text_minimum_class'].classlist('commanage',$maxclass,$AUTHORITY['commanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_comment_management_note'],1);
tr($lang_settings['row_forum_management'], $lang_settings['text_minimum_class'].classlist('forummanage',$maxclass,$AUTHORITY['forummanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_forum_management_note'],1);
tr($lang_settings['row_view_userlist'], $lang_settings['text_minimum_class'].classlist('viewuserlist',$maxclass,$AUTHORITY['viewuserlist'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_userlist_note'],1);
tr($lang_settings['row_torrent_management'], $lang_settings['text_minimum_class'].classlist('torrentmanage',$maxclass,$AUTHORITY['torrentmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_torrent_management_note'], 1);
tr($lang_settings['row_torrent_sticky'], $lang_settings['text_minimum_class'].classlist('torrentsticky',$maxclass,$AUTHORITY['torrentsticky'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_sticky_note'],1);
tr($lang_settings['row_torrent_on_promotion'], $lang_settings['text_minimum_class'].classlist('torrentonpromotion',$maxclass,$AUTHORITY['torrentonpromotion'] ?? '',0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_promotion_note'],1);
tr($lang_settings['row_torrent_hr'], $lang_settings['text_minimum_class'].classlist('torrent_hr',$maxclass,$AUTHORITY['torrent_hr'] ?? '',0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_hr_note'],1);
tr(nexus_trans('permission.torrent-approval.text'), $lang_settings['text_minimum_class'].classlist('torrent-approval',$maxclass,$AUTHORITY['torrent-approval'] ?? '',0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).nexus_trans('permission.torrent-approval.desc'),1);
tr($lang_settings['row_ask_for_reseed'], $lang_settings['text_minimum_class'].classlist('askreseed',$maxclass,$AUTHORITY['askreseed'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_ask_for_reseed_note'],1);
tr($lang_settings['row_view_nfo'], $lang_settings['text_minimum_class'].classlist('viewnfo',$maxclass,$AUTHORITY['viewnfo'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_nfo_note'],1);
tr($lang_settings['row_view_torrent_structure'], $lang_settings['text_minimum_class'].classlist('torrentstructure',$maxclass,$AUTHORITY['torrentstructure'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ULTIMATE_USER,false,true,true).$lang_settings['text_view_torrent_structure_note'],1);
tr($lang_settings['row_send_invite'], $lang_settings['text_minimum_class'].classlist('sendinvite',$maxclass,$AUTHORITY['sendinvite'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_send_invite_note'],1);
tr($lang_settings['row_view_history'], $lang_settings['text_minimum_class'].classlist('viewhistory',$maxclass,$AUTHORITY['viewhistory'],0,true).$lang_settings['text_default'].get_user_class_name(UC_VETERAN_USER,false,true,true).$lang_settings['text_view_history_note'],1);
tr($lang_settings['row_view_topten'], $lang_settings['text_minimum_class'].classlist('topten',$maxclass,$AUTHORITY['topten'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_topten_note'],1);
tr($lang_settings['row_view_general_log'], $lang_settings['text_minimum_class'].classlist('log',$maxclass,$AUTHORITY['log'],0,true).$lang_settings['text_default'].get_user_class_name(UC_INSANE_USER,false,true,true).$lang_settings['text_view_general_log_note'],1);
tr($lang_settings['row_view_confidential_log'], $lang_settings['text_minimum_class'].classlist('confilog',$maxclass,$AUTHORITY['confilog'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_view_confidential_log_note'],1);
tr($lang_settings['row_view_user_confidential'], $lang_settings['text_minimum_class'].classlist('userprofile',$maxclass,$AUTHORITY['userprofile'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_view_user_confidential_note'],1);
tr($lang_settings['row_view_user_torrent'], $lang_settings['text_minimum_class'].classlist('torrenthistory',$maxclass,$AUTHORITY['torrenthistory'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_user_torrent_note'],1);
tr($lang_settings['row_general_profile_management'], $lang_settings['text_minimum_class'].classlist('prfmanage',$maxclass,$AUTHORITY['prfmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_general_profile_management_note'],1);
tr($lang_settings['row_crucial_profile_management'], $lang_settings['text_minimum_class'].classlist('cruprfmanage',$maxclass,$AUTHORITY['cruprfmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_crucial_profile_management_note'].get_user_class_name(UC_STAFFLEADER,false,true,true).$lang_settings['text_can_manage_donation'],1);
tr($lang_settings['row_upload_subtitle'], $lang_settings['text_minimum_class'].classlist('uploadsub',$maxclass,$AUTHORITY['uploadsub'],0,true).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_upload_subtitle_note'],1);
tr($lang_settings['row_delete_own_subtitle'], $lang_settings['text_minimum_class'].classlist('delownsub',$maxclass,$AUTHORITY['delownsub'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_delete_own_subtitle_note'],1);
tr($lang_settings['row_subtitle_management'], $lang_settings['text_minimum_class'].classlist('submanage',$maxclass,$AUTHORITY['submanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_subtitle_management'],1);
tr($lang_settings['row_update_external_info'], $lang_settings['text_minimum_class'].classlist('updateextinfo',$maxclass,$AUTHORITY['updateextinfo'],0,true).$lang_settings['text_default'].get_user_class_name(UC_EXTREME_USER,false,true,true).$lang_settings['text_update_external_info_note'],1);
tr($lang_settings['row_view_anonymous'], $lang_settings['text_minimum_class'].classlist('viewanonymous',$maxclass,$AUTHORITY['viewanonymous'],0,true).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_view_anonymous_note'],1);
tr($lang_settings['row_be_anonymous'], $lang_settings['text_minimum_class'].classlist('beanonymous',$maxclass,$AUTHORITY['beanonymous'],0,true).$lang_settings['text_default'].get_user_class_name(UC_CRAZY_USER,false,true,true).$lang_settings['text_be_anonymous_note'],1);
tr($lang_settings['row_add_offer'], $lang_settings['text_minimum_class'].classlist('addoffer',$maxclass,$AUTHORITY['addoffer'],0,true).$lang_settings['text_default'].get_user_class_name(UC_PEASANT,false,true,true).$lang_settings['text_add_offer_note'], 1);
tr($lang_settings['row_offer_management'], $lang_settings['text_minimum_class'].classlist('offermanage',$maxclass,$AUTHORITY['offermanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_offer_management_note'],1);
tr($lang_settings['row_upload_torrent'], $lang_settings['text_minimum_class'].classlist('upload',$maxclass,$AUTHORITY['upload'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_upload_torrent_note'], 1);
tr($lang_settings['row_upload_special_torrent'], $lang_settings['text_minimum_class'].classlist('uploadspecial',$maxclass,$AUTHORITY['uploadspecial'],0,true).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_upload_special_torrent_note'],1);
tr($lang_settings['row_view_special_torrent'], $lang_settings['text_minimum_class'].classlist('view_special_torrent',$maxclass,$AUTHORITY['view_special_torrent'],0,true).$lang_settings['text_default'].get_user_class_name(UC_CRAZY_USER,false,true,true).$lang_settings['text_view_special_torrent_note'],1);
tr($lang_settings['row_move_torrent'], $lang_settings['text_minimum_class'].classlist('movetorrent',$maxclass,$AUTHORITY['movetorrent'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_move_torrent_note'],1);
tr($lang_settings['row_chronicle_management'], $lang_settings['text_minimum_class'].classlist('chrmanage',$maxclass,$AUTHORITY['chrmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_chronicle_management_note'],1);
tr($lang_settings['row_view_invite'], $lang_settings['text_minimum_class'].classlist('viewinvite',$maxclass,$AUTHORITY['viewinvite'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_view_invite_note'],1);
tr($lang_settings['row_buy_invites'], $lang_settings['text_minimum_class'].classlist('buyinvite',$maxclass,$AUTHORITY['buyinvite'],0,true).$lang_settings['text_default'].get_user_class_name(UC_INSANE_USER,false,true,true).$lang_settings['text_buy_invites_note'],1);
tr($lang_settings['row_see_banned_torrents'], $lang_settings['text_minimum_class'].classlist('seebanned',$maxclass,$AUTHORITY['seebanned'],0,true).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_see_banned_torrents_note'],1);
tr($lang_settings['row_vote_against_offers'], $lang_settings['text_minimum_class'].classlist('againstoffer',$maxclass,$AUTHORITY['againstoffer'],0,true).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_vote_against_offers_note'],1);
tr($lang_settings['row_allow_userbar'], $lang_settings['text_minimum_class'].classlist('userbar',$maxclass,$AUTHORITY['userbar'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_allow_userbar_note'],1);
tr($lang_settings['row_save_settings'],"<input type='submit' name='save' value='".$lang_settings['submit_save_settings']."'>", 1);
print ("</form>");
}
public/shoutbox.php
+2 -2
View File
@@ -6,7 +6,7 @@ if (isset($_GET['del']))
{
if (is_valid_id($_GET['del']))
{
if((get_user_class() >= $sbmanage_class))
if(user_can('sbmanage'))
{
sql_query("DELETE FROM shoutbox WHERE id=".mysql_real_escape_string($_GET['del']));
}
@@ -118,7 +118,7 @@ else
while ($arr = mysql_fetch_assoc($res))
{
$del = '';
if (get_user_class() >= $sbmanage_class) {
if (user_can('sbmanage')) {
$del .= "[<a href=\"shoutbox.php?del=".$arr['id']."\">".$lang_shoutbox['text_del']."</a>]";
}
if ($arr["userid"]) {
public/staffbox.php
+7 -14
View File
@@ -3,8 +3,7 @@ require "../include/bittorrent.php";
dbconn();
require_once(get_langfile_path());
loggedinorreturn();
if (get_user_class() < $staffmem_class)
permissiondenied();
user_can('staffmem', true);
$action = $_GET["action"] ?? '';
@@ -65,8 +64,7 @@ if (!$action) {
if ($action == "viewpm")
{
if (get_user_class() < $staffmem_class)
permissiondenied();
user_can('staffmem', true);
$pmid = intval($_GET["pmid"] ?? 0);
@@ -122,8 +120,7 @@ stdfoot();
//////////////////////////
if ($action == "answermessage") {
if (get_user_class() < $staffmem_class)
permissiondenied();
user_can('staffmem', true);
$answeringto = $_GET["answeringto"];
$receiver = intval($_GET["receiver"] ?? 0);
@@ -163,8 +160,7 @@ if ($action == "takeanswer") {
if ($_SERVER["REQUEST_METHOD"] != "POST")
die();
if (get_user_class() < $staffmem_class)
permissiondenied();
user_can('staffmem', true);
$receiver = intval($_POST["receiver"] ?? 0);
$answeringto = $_POST["answeringto"];
@@ -200,8 +196,7 @@ if ($action == "deletestaffmessage") {
if (!is_numeric($id) || $id < 1 || floor($id) != $id)
die;
if (get_user_class() < $staffmem_class)
permissiondenied();
user_can('staffmem', true);
sql_query("DELETE FROM staffmessages WHERE id=" . sqlesc($id)) or die();
$Cache->delete_value('staff_message_count');
@@ -215,8 +210,7 @@ $Cache->delete_value('staff_new_message_count');
if ($action == "setanswered") {
if (get_user_class() < $staffmem_class)
permissiondenied();
user_can('staffmem', true);
$id = intval($_GET["id"] ?? 0);
@@ -230,8 +224,7 @@ header("Refresh: 0; url=staffbox.php?action=viewpm&pmid=$id");
//////////////////////////
if ($action == "takecontactanswered") {
if (get_user_class() < $staffmem_class)
permissiondenied();
user_can('staffmem', true);
if ($_POST['setdealt']){
$res = sql_query ("SELECT id FROM staffmessages WHERE answered=0 AND id IN (" . implode(", ", $_POST['setanswered']) . ")");
public/subtitles.php
+8 -8
View File
@@ -116,7 +116,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["action"]) && $_POST["a
else
{
$r_a = mysql_fetch_assoc($r);
if($r_a["owner"] != $CURUSER["id"] && get_user_class() < $uploadsub_class)
if($r_a["owner"] != $CURUSER["id"] && !user_can('uploadsub'))
{
echo($lang_subtitles['std_no_permission_uploading_others']);
exit;
@@ -158,7 +158,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["action"]) && $_POST["a
}
//end process language
if (isset($_POST['uplver']) && $_POST['uplver'] == 'yes' && get_user_class()>=$beanonymous_class) {
if (isset($_POST['uplver']) && $_POST['uplver'] == 'yes' && user_can('beanonymous')) {
$anonymous = "yes";
$anon = "Anonymous";
}
@@ -195,7 +195,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["action"]) && $_POST["a
$msg_bt = "$arr[lang_name] Subtitle $id ($title) was uploaded by $anon, Download: " . get_protocol_prefix() . "$BASEURL/downloadsubs.php/".$file["name"]."";
}
if (get_user_class() >= $delownsub_class)
if (user_can('delownsub'))
{
$delete = intval($_GET["delete"] ?? 0);
if (is_valid_id($delete))
@@ -204,7 +204,7 @@ if (get_user_class() >= $delownsub_class)
if (mysql_num_rows($r) == 1)
{
$a = mysql_fetch_assoc($r);
if (get_user_class() >= $submanage_class || $a["uppedby"] == $CURUSER["id"])
if (user_can('submanage') || $a["uppedby"] == $CURUSER["id"])
{
$sure = intval($_GET["sure"] ?? 0);
if ($sure == 1)
@@ -308,7 +308,7 @@ if (get_user_class() >= UC_PEASANT)
print($s);
if(get_user_class() >= $beanonymous_class)
if(user_can('beanonymous'))
{
tr($lang_subtitles['row_show_uploader'], "<input type=checkbox name=uplver value=yes>".$lang_subtitles['hide_uploader_note'], 1);
}
@@ -371,8 +371,8 @@ if(get_user_class() >= UC_PEASANT)
print("<tr><td class=colhead>".$lang_subtitles['col_lang']."</td><td width=100% class=colhead align=center>".$lang_subtitles['col_title']."</td><td class=colhead align=center><img class=\"time\" src=\"pic/trans.gif\" alt=\"time\" title=\"".$lang_subtitles['title_date_added']."\" /></td>
<td class=colhead align=center><img class=\"size\" src=\"pic/trans.gif\" alt=\"size\" title=\"".$lang_subtitles['title_size']."\" /></td><td class=colhead align=center>".$lang_subtitles['col_hits']."</td><td class=colhead align=center>".$lang_subtitles['col_upped_by']."</td><td class=colhead align=center>".$lang_subtitles['col_report']."</td></tr>\n");
$mod = get_user_class() >= $submanage_class;
$pu = get_user_class() >= $delownsub_class;
$mod = user_can('submanage');
$pu = user_can('delownsub');
while ($arr = mysql_fetch_assoc($res))
{
@@ -384,7 +384,7 @@ if(get_user_class() >= UC_PEASANT)
$added = "<td class=rowfollow align=center><nobr>" . $addtime . "</nobr></td>\n";
$size = "<td class=rowfollow align=center>" . mksize_loose($arr['size']) . "</td>\n";
$hits = "<td class=rowfollow align=center>" . number_format($arr['hits']) . "</td>\n";
$uppedby = "<td class=rowfollow align=center>" . ($arr["anonymous"] == 'yes' ? $lang_subtitles['text_anonymous'] . (get_user_class() >= $viewanonymous_class ? "<br />".get_username($arr['uppedby'],false,true,true,false,true) : "") : get_username($arr['uppedby'])) . "</td>\n";
$uppedby = "<td class=rowfollow align=center>" . ($arr["anonymous"] == 'yes' ? $lang_subtitles['text_anonymous'] . (user_can('viewanonymous') ? "<br />".get_username($arr['uppedby'],false,true,true,false,true) : "") : get_username($arr['uppedby'])) . "</td>\n";
$report = "<td class=rowfollow align=center><a href=\"report.php?subtitle=$arr[id]\"><img class=\"f_report\" src=\"pic/trans.gif\" alt=\"Report\" title=\"".$lang_subtitles['title_report_subtitle']."\" /></a></td>\n";
print("<tr>".$lang.$title.$added.$size.$hits.$uppedby.$report."</tr>\n");
$i++;
public/take-increment-bulk.php
+1 -1
View File
@@ -37,7 +37,7 @@ $conditions = [];
if (!empty($_POST['classes'])) {
$conditions[] = "class IN (" . implode(', ', $_POST['classes']) . ")";
}
$conditions = apply_filter("increment_bulk_conditions", $conditions, $_POST);
$conditions = apply_filter("increment_bulk_query_conditions", $conditions, $_POST);
if (empty($conditions)) {
stderr("Error","No valid filter");
}
public/takeedit.php
+5 -5
View File
@@ -25,7 +25,7 @@ $torrentAddedTimeString = $row['added'];
if (!$row)
die();
if ($CURUSER["id"] != $row["owner"] && get_user_class() < $torrentmanage_class)
if ($CURUSER["id"] != $row["owner"] && !user_can('torrentmanage'))
bark($lang_takeedit['std_not_owner']);
$oldcatmode = get_single_value("categories","mode","WHERE id=".sqlesc($row['category']));
$updateset = array();
@@ -87,7 +87,7 @@ bark($lang_takeedit['std_missing_form_data']);
if (!$name || !$descr)
bark($lang_takeedit['std_missing_form_data']);
$newcatmode = get_single_value("categories","mode","WHERE id=".sqlesc($catid));
if ($enablespecial == 'yes' && get_user_class() >= $movetorrent_class)
if ($enablespecial == 'yes' && user_can('movetorrent'))
$allowmove = true; //enable moving torrent to other section
else $allowmove = false;
if ($oldcatmode != $newcatmode && !$allowmove)
@@ -107,7 +107,7 @@ $updateset[] = "processing = " . sqlesc(intval($_POST["processing_sel"] ?? 0));
$updateset[] = "team = " . sqlesc(intval($_POST["team_sel"] ?? 0));
$updateset[] = "audiocodec = " . sqlesc(intval($_POST["audiocodec_sel"] ?? 0));
$updateset[] = "visible = '" . (isset($_POST["visible"]) && $_POST["visible"] ? "yes" : "no") . "'";
if(get_user_class()>=$torrentonpromotion_class)
if(user_can('torrentonpromotion'))
{
if(!isset($_POST["sel_spstate"]) || $_POST["sel_spstate"] == 1)
$updateset[] = "sp_state = 1";
@@ -141,14 +141,14 @@ if(get_user_class()>=$torrentonpromotion_class)
}
}
}
if(get_user_class()>=$torrentsticky_class && isset($_POST['sel_posstate']) && isset(\App\Models\Torrent::$posStates[$_POST['sel_posstate']]))
if(user_can('torrentsticky') && isset($_POST['sel_posstate']) && isset(\App\Models\Torrent::$posStates[$_POST['sel_posstate']]))
{
$updateset[] = "pos_state = '" . $_POST['sel_posstate'] . "'";
}
$pick_info = "";
$place_info = "";
if(get_user_class()>=$torrentmanage_class && ($CURUSER['picker'] == 'yes' || get_user_class() >= \App\Models\User::CLASS_SYSOP))
if(user_can('torrentmanage') && ($CURUSER['picker'] == 'yes' || get_user_class() >= \App\Models\User::CLASS_SYSOP))
{
$doRecommend = false;
if(intval($_POST["sel_recmovie"] ?? 0) == 0)
public/takeinvite.php
+1 -1
View File
@@ -3,7 +3,7 @@ require_once("../include/bittorrent.php");
dbconn();
require_once(get_langfile_path());
registration_check('invitesystem', true, false);
if (get_user_class() < $sendinvite_class)
if (!user_can('sendinvite'))
stderr($lang_takeinvite['std_error'],$lang_takeinvite['std_invite_denied']);
if ($CURUSER['invites'] < 1)
stderr($lang_takeinvite['std_error'],$lang_takeinvite['std_no_invite']);
public/takemessage.php
+9 -9
View File
@@ -31,7 +31,7 @@ if ($_SERVER["REQUEST_METHOD"] != "POST")
$origfrom = "[url=userdetails.php?id=".$origmsgrow['sender']."]".$origmsgsendername."[/url]";
}
$msg = "-------- ".$lang_takemessage_target[get_user_lang($receiver)]['msg_original_message_from'] . $origfrom . " --------\n" . $origmsgrow['msg']."\n\n".($msg ? "-------- [url=userdetails.php?id=".$CURUSER["id"]."]".$CURUSER["username"]."[/url][i] Wrote at ".date("Y-m-d H:i:s").":[/i] --------\n".$msg : "");
}
else
{
@@ -47,7 +47,7 @@ if ($_SERVER["REQUEST_METHOD"] != "POST")
// Anti Flood Code
// This code ensures that a member can only send one PM every 10 seconds.
if (get_user_class() < $staffmem_class) {
if (!user_can('staffmem')) {
if (strtotime($CURUSER['last_pm']) > (TIMENOW - 10))
{
$secs = 60 - (TIMENOW - strtotime($CURUSER['last_pm']));
@@ -65,7 +65,7 @@ if ($_SERVER["REQUEST_METHOD"] != "POST")
stderr($lang_takemessage['std_error'], $lang_takemessage['std_user_not_exist']);
//Make sure recipient wants this message
if (get_user_class() < $staffmem_class)
if (!user_can('staffmem'))
{
if ($user["parked"] == "yes")
stderr($lang_takemessage['std_refused'], $lang_takemessage['std_account_parked']);
@@ -90,7 +90,7 @@ if ($_SERVER["REQUEST_METHOD"] != "POST")
$Cache->delete_value('user_'.$receiver.'_unread_message_count');
$Cache->delete_value('user_'.$receiver.'_inbox_count');
$Cache->delete_value('user_'.$CURUSER["id"].'_outbox_count');
$msgid=mysql_insert_id();
$date=date("Y-m-d H:i:s");
// Update Last PM sent...
@@ -112,20 +112,20 @@ if ($emailnotify_smtp=='yes' && $smtptype != 'none'){
$username = trim($CURUSER["username"]);
$msg_receiver = trim($user["username"]);
$prefix = get_protocol_prefix();
$title = "$SITENAME ".$lang_takemessage_target[get_user_lang($user["id"])]['mail_received_pm_from'] . $username . "!";
$body = <<<EOD
{$lang_takemessage_target[get_user_lang($user["id"])]['mail_dear']}$msg_receiver,
{$lang_takemessage_target[get_user_lang($user["id"])]['mail_you_received_a_pm']}
{$lang_takemessage_target[get_user_lang($user["id"])]['mail_sender']}: $username
{$lang_takemessage_target[get_user_lang($user["id"])]['mail_subject']}: $subject
{$lang_takemessage_target[get_user_lang($user["id"])]['mail_date']}: $date
{$lang_takemessage_target[get_user_lang($user["id"])]['mail_use_following_url']}<b><a href="javascript:void(null)" onclick="window.open('$prefix$BASEURL/messages.php?action=viewmessage&id=$msgid')">{$lang_takemessage_target[get_user_lang($user["id"])]['mail_here']}</a></b>{$lang_takemessage_target[get_user_lang($user["id"])]['mail_use_following_url_1']}<br />
$prefix$BASEURL/messages.php?action=viewmessage&id=$msgid
------{$lang_takemessage_target[get_user_lang($user["id"])]['mail_yours']}
{$lang_takemessage_target[get_user_lang($user["id"])]['mail_the_site_team']}
EOD;
public/takereseed.php
+1 -2
View File
@@ -4,8 +4,7 @@ dbconn();
require_once(get_langfile_path());
require(get_langfile_path("",true));
loggedinorreturn();
if (get_user_class() < $askreseed_class)
permissiondenied();
user_can('askreseed', true);
$reseedid = intval($_GET["reseedid"] ?? 0);
$res = sql_query("SELECT seeders, last_reseed FROM torrents WHERE id=".sqlesc($reseedid)." LIMIT 1") or sqlerr(__FILE__, __LINE__);
public/takeupdate.php
+11 -12
View File
@@ -1,15 +1,14 @@
<?php
require_once("../include/bittorrent.php");
function bark($msg) {
stdhead();
stdmsg("Failed", $msg);
stdfoot();
exit;
}
dbconn();
loggedinorreturn();
if (get_user_class() < $staffmem_class)
permissiondenied();
function bark($msg) {
stdhead();
stdmsg("Failed", $msg);
stdfoot();
exit;
}
dbconn();
loggedinorreturn();
user_can('staffmem', true);
if ($_POST['setdealt']){
$res = sql_query ("SELECT id FROM reports WHERE dealtwith=0 AND id IN (" . implode(", ", $_POST['delreport']) . ")");
while ($arr = mysql_fetch_assoc($res))
@@ -22,6 +21,6 @@ while ($arr = mysql_fetch_assoc($res))
sql_query ("DELETE from reports WHERE id = {$arr['id']}") or sqlerr();
$Cache->delete_value('staff_new_report_count');
$Cache->delete_value('staff_report_count');
}
}
header("Refresh: 0; url=reports.php");
header("Refresh: 0; url=reports.php");
public/takeupload.php
+1 -1
View File
@@ -30,7 +30,7 @@ $f = $_FILES["file"];
$fname = unesc($f["name"]);
if (empty($fname))
bark($lang_takeupload['std_empty_filename']);
if (get_user_class()>=$beanonymous_class && isset($_POST['uplver']) && $_POST['uplver'] == 'yes') {
if (user_can('beanonymous') && isset($_POST['uplver']) && $_POST['uplver'] == 'yes') {
$anonymous = "yes";
$anon = "Anonymous";
}
public/topten.php
+8 -8
View File
@@ -9,7 +9,7 @@ function bark($msg) {
global $lang_topten;
genbark($msg, $lang_topten['std_error']);
}
if (get_user_class() < $topten_class){
if (!user_can('topten')){
stderr($lang_topten['std_sorry'],$lang_topten['std_permission_denied_only'].get_user_class_name($topten_class,false,true,true).$lang_topten['std_or_above_can_view'],false);
}
@@ -633,25 +633,25 @@ elseif ($type == 5)
$r = sql_query( "SELECT users_topics.userid, users_topics.usertopics, COUNT(posts.id) as userposts FROM (SELECT users.id as userid, COUNT(topics.id) as usertopics from users LEFT JOIN topics ON users.id = topics.userid GROUP BY users.id) as users_topics LEFT JOIN posts ON users_topics.userid = posts.userid GROUP BY users_topics.userid ORDER BY usertopics DESC LIMIT $limit") or sqlerr();
postable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_topic'] . ($limit == 10 ? " <font class=\"small\"> - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=100&amp;subtype=mtop\">".$lang_topten['text_one_hundred']."</a>] - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=250&amp;subtype=mtop\">".$lang_topten['text_top_250']."</a>]</font>" : ""));
}
if ($limit == 10 || $subtype == "mpos")
{
$r = sql_query( "SELECT users_topics.userid, users_topics.usertopics, COUNT(posts.id) as userposts FROM (SELECT users.id as userid, COUNT(topics.id) as usertopics from users LEFT JOIN topics ON users.id = topics.userid GROUP BY users.id) as users_topics LEFT JOIN posts ON users_topics.userid = posts.userid GROUP BY users_topics.userid ORDER BY userposts DESC LIMIT $limit") or sqlerr();
postable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_post'] . ($limit == 10 ? " <font class=\"small\"> - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=100&amp;subtype=mpos\">".$lang_topten['text_one_hundred']."</a>] - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=250&amp;subtype=mpos\">".$lang_topten['text_top_250']."</a>]</font>" : ""));
}
if ($reviewenabled == 'yes' && ($limit == 10 || $subtype == "mrev"))
{
$r = sql_query( "SELECT users.id as userid, COUNT(reviews.id) as num FROM users LEFT JOIN reviews ON users.id = reviews.user GROUP BY users.id ORDER BY num DESC LIMIT $limit") or sqlerr();
cmttable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_reviewer'] . ($limit == 10 ? " <font class=\"small\"> - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=100&amp;subtype=mrev\">".$lang_topten['text_one_hundred']."</a>] - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=250&amp;subtype=mrev\">".$lang_topten['text_top_250']."</a>]</font>" : ""), $lang_topten['col_reviews']);
}
}
if ($limit == 10 || $subtype == "mcmt")
{
$r = sql_query( "SELECT users.id as userid, COUNT(comments.id) as num FROM users LEFT JOIN comments ON users.id = comments.user GROUP BY users.id ORDER BY num DESC LIMIT $limit") or sqlerr();
cmttable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_commenter'] . ($limit == 10 ? " <font class=\"small\"> - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=100&amp;subtype=mcmt\">".$lang_topten['text_one_hundred']."</a>] - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=250&amp;subtype=mcmt\">".$lang_topten['text_top_250']."</a>]</font>" : ""), $lang_topten['col_comments']);
}
if ($limit == 10 || $subtype == "btop")
{
$r = sql_query("SELECT topics_posts.topicid, topics_posts.topicsubject, topics_posts.postnum, forums.id as forumid FROM (SELECT topics.id as topicid, topics.subject as topicsubject, COUNT(posts.id) as postnum, topics.forumid FROM topics LEFT JOIN posts ON topics.id = posts.topicid GROUP BY topics.id) as topics_posts LEFT JOIN forums ON topics_posts.forumid = forums.id AND forums.minclassread <= 1 ORDER BY postnum DESC LIMIT $limit") or sqlerr();
@@ -693,7 +693,7 @@ if ($enabledonation == 'yes'){
donortable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_donated_CNY'] . ($limit == 10 ? " <font class=\"small\"> - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=100&amp;subtype=do_cny\">".$lang_topten['text_one_hundred']."</a>] - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=250&amp;subtype=do_cny\">".$lang_topten['text_top_250']."</a>]</font>" : ""));
}
}
/*
if ($limit == 10 || $subtype == "mbro")
{
@@ -701,7 +701,7 @@ if ($enabledonation == 'yes'){
donortable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_browser'] . ($limit == 10 ? " <font class=\"small\"> - [<a href=\"topten.php?type=$type&amp;lim=100&amp;subtype=mbro\">".$lang_topten['text_one_hundred']."</a>] - [<a href=\"topten.php?type=$type&amp;lim=250&amp;subtype=mbro\">".$lang_topten['text_top_250']."</a>]</font>" : ""));
}
*/
if ($limit == 10 || $subtype == "mcli")
{
$r = sql_query( "SELECT agent_allowed_family.family as client_name, COUNT(users.id) as client_num from users RIGHT JOIN agent_allowed_family ON agent_allowed_family.id = users.clientselect GROUP BY clientselect ORDER BY client_num DESC LIMIT $limit") or sqlerr();
@@ -741,7 +741,7 @@ elseif ($type == 7) // search
$r = sql_query("SELECT keywords, COUNT(id) as count FROM suggest WHERE UNIX_TIMESTAMP(adddate) >" . $last_month_begin . " AND UNIX_TIMESTAMP(adddate) <" . $last_month_end . " GROUP BY keywords ORDER BY count DESC LIMIT $limit") or sqlerr();
search_ranktable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_last_month_search'] . ($limit == 10 ? " <font class=\"small\"> - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=100&amp;subtype=tlmo\">".$lang_topten['text_one_hundred']."</a>] - [<a class=\"altlink\" href=\"topten.php?type=$type&amp;lim=250&amp;subtype=tlmo\">".$lang_topten['text_top_250']."</a>]</font>" : ""));
}
if ($limit == 10 || $subtype == "tcy")
{
$current_year = mktime(0, 0, 0, 1 , 1, date("Y"));
public/torrent_info.php
+1 -4
View File
@@ -38,10 +38,7 @@ dbconn();
loggedinorreturn();
if (get_user_class() < $torrentstructure_class)
{
permissiondenied();
}
user_can('torrentstructure', true);
$id = (int)$_GET["id"];
public/torrentrss.php
+1 -1
View File
@@ -87,7 +87,7 @@ $limit .= $showrows;
//approval status
$approvalStatusNoneVisible = get_setting('torrent.approval_status_none_visible');
if ($approvalStatusNoneVisible == 'no' && get_user_class() < $staffmem_class) {
if ($approvalStatusNoneVisible == 'no' && !user_can('staffmem')) {
$where .= ($where ? " AND " : "") . "torrents.approval_status = " . \App\Models\Torrent::APPROVAL_STATUS_ALLOW;
}
public/torrents.php
+4 -4
View File
@@ -157,7 +157,7 @@ elseif ($inclbookmarked == 2) //not bookmarked
}
// ----------------- end bookmarked ---------------------//
if (!isset($CURUSER) || get_user_class() < $seebanned_class)
if (!isset($CURUSER) || !user_can('seebanned'))
$wherea[] = "banned = 'no'";
// ----------------- start include dead ---------------------//
if (isset($_GET["incldead"]))
@@ -777,7 +777,7 @@ if (isset($searchstr))
}
else
{
if(get_user_class() > $torrentmanage_class) // moderator or above, show all
if(user_can('torrentmanage')) // moderator or above, show all
{
$wherea[] = implode($ANDOR, $like_expression_array);
}
@@ -812,7 +812,7 @@ $approvalStatusIconEnabled = get_setting('torrent.approval_status_icon_enabled')
$approvalStatus = null;
$showApprovalStatusFilter = false;
//when enable approval status icon, all user can use this filter, otherwise only staff member and approval none visible is 'no' can use
if ($approvalStatusIconEnabled == 'yes' || (get_user_class() >= $staffmem_class && $approvalStatusNoneVisible == 'no')) {
if ($approvalStatusIconEnabled == 'yes' || (user_can('staffmem') && $approvalStatusNoneVisible == 'no')) {
$showApprovalStatusFilter = true;
}
//when user can use approval status filter, and pass `approval_status` parameter, will affect
@@ -820,7 +820,7 @@ if ($approvalStatusIconEnabled == 'yes' || (get_user_class() >= $staffmem_class
if ($showApprovalStatusFilter && isset($_REQUEST['approval_status']) && is_numeric($_REQUEST['approval_status'])) {
$approvalStatus = intval($_REQUEST['approval_status']);
$wherea[] = "torrents.approval_status = $approvalStatus";
} elseif ($approvalStatusNoneVisible == 'no' && get_user_class() < $staffmem_class) {
} elseif ($approvalStatusNoneVisible == 'no' && !user_can('staffmem')) {
$wherea[] = "torrents.approval_status = " . \App\Models\Torrent::APPROVAL_STATUS_ALLOW;
}
public/upload.php
+1 -1
View File
@@ -175,7 +175,7 @@ JS;
}
//===end
if(get_user_class()>=$beanonymous_class)
if(user_can('beanonymous'))
{
tr($lang_upload['row_show_uploader'], "<input type=\"checkbox\" name=\"uplver\" value=\"yes\" />".$lang_upload['checkbox_hide_uploader_note'], 1);
}
public/userdetails.php
+20 -18
View File
@@ -97,12 +97,12 @@ elseif ($CURUSER["id"] <> $user["id"])
}
}
begin_main_frame();
if ($CURUSER['id'] == $user['id'] || get_user_class() >= $cruprfmanage_class)
if ($CURUSER['id'] == $user['id'] || user_can('cruprfmanage'))
print("<h2>".$lang_userdetails['text_flush_ghost_torrents']."<a class=\"altlink\" href=\"takeflush.php?id=".$id."\">".$lang_userdetails['text_here']."</a></h2>\n");
?>
<table width="100%" border="1" cellspacing="0" cellpadding="5">
<?php
if (($user["privacy"] != "strong") OR (get_user_class() >= $prfmanage_class) || $CURUSER['id'] == $user['id']){
if (($user["privacy"] != "strong") OR (user_can('prfmanage')) || $CURUSER['id'] == $user['id']){
//Xia Zuojie: Taste compatibility is extremely slow. It can takes thounsands of datebase queries. It is disabled until someone makes it fast.
/*
if (isset($CURUSER) && $CURUSER['id'] != $user['id'])
@@ -171,7 +171,7 @@ if (($user["privacy"] != "strong") OR (get_user_class() >= $prfmanage_class) ||
}
*/
tr_small($lang_userdetails['text_user_id'], $user['id'], 1);
if ($CURUSER['id'] == $user['id'] || get_user_class() >= $viewinvite_class){
if ($CURUSER['id'] == $user['id'] || user_can('viewinvite')){
if ($user["invites"] <= 0)
tr_small($lang_userdetails['row_invitation'], $lang_userdetails['text_no_invitation'], 1);
else
@@ -191,10 +191,10 @@ if (($user["privacy"] != "strong") OR (get_user_class() >= $prfmanage_class) ||
if ($where_tweak == "yes") {
tr_small($lang_userdetails['row_last_seen_location'], $user['page'], 1);
}
if (get_user_class() >= $userprofile_class OR $user["privacy"] == "low") {
if (user_can('userprofile') OR $user["privacy"] == "low") {
tr_small($lang_userdetails['row_email'], "<a href=\"mailto:".$user['email']."\">".$user['email']."</a>", 1);
}
if (get_user_class() >= $userprofile_class) {
if (user_can('userprofile')) {
$resip = sql_query("SELECT ip FROM iplog WHERE userid =$id GROUP BY ip") or sqlerr(__FILE__, __LINE__);
$iphistory = mysql_num_rows($resip);
@@ -203,7 +203,7 @@ if (get_user_class() >= $userprofile_class) {
}
$seedBoxRep = new \App\Repositories\SeedBoxRepository();
if (get_user_class() >= $userprofile_class || $user["id"] == $CURUSER["id"])
if (user_can('userprofile') || $user["id"] == $CURUSER["id"])
{
$seedBoxIcon = $seedBoxRep->renderIcon($CURUSER['ip'], $CURUSER['id']);
if ($enablelocation_tweak == 'yes'){
@@ -222,7 +222,7 @@ if (mysql_num_rows($res) > 0)
{
$clientselect .= "<tr>";
$clientselect .= sprintf('<td>%s</td>', get_agent($arr['peer_id'], $arr['agent']));
if (get_user_class() >= $userprofile_class || $user["id"] == $CURUSER["id"]) {
if (user_can('userprofile') || $user["id"] == $CURUSER["id"]) {
$clientselect .= sprintf('<td>%s</td><td>%s</td><td>%s</td>', $arr['ipv4'].$seedBoxRep->renderIcon($arr['ipv4'], $CURUSER['id']), $arr['ipv6'].$seedBoxRep->renderIcon($arr['ipv6'], $CURUSER['id']), $arr['port']);
} else {
$clientselect .= sprintf('<td>%s</td><td>%s</td><td>%s</td>', '---', '---', '---');
@@ -274,7 +274,7 @@ if ($user["download"] && $user["upload"])
tr_small($lang_userdetails['row_internet_speed'], $download."&nbsp;&nbsp;&nbsp;&nbsp;".$upload."&nbsp;&nbsp;&nbsp;&nbsp;".$isp, 1);
tr_small($lang_userdetails['row_gender'], $gender, 1);
if (($user['donated'] > 0 || $user['donated_cny'] > 0 )&& (get_user_class() >= $userprofile_class || $CURUSER["id"] == $user["id"]))
if (($user['donated'] > 0 || $user['donated_cny'] > 0 )&& (user_can('userprofile') || $CURUSER["id"] == $user["id"]))
tr_small($lang_userdetails['row_donated'], "$".htmlspecialchars($user['donated'])."&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".htmlspecialchars($user['donated_cny']), 1);
if ($user["avatar"])
@@ -374,11 +374,13 @@ if (!empty($props)) {
tr_small($lang_userdetails['row_user_props'], sprintf('<div style="display: flex;align-items: center">%s</div>', implode('&nbsp;|&nbsp;', $props)), 1);
}
tr_small($lang_userdetails['row_torrent_comment'], ($torrentcomments && ($user["id"] == $CURUSER["id"] || get_user_class() >= $viewhistory_class) ? "<a href=\"userhistory.php?action=viewcomments&amp;id=".$id."\" title=\"".$lang_userdetails['link_view_comments']."\">".$torrentcomments."</a>" : $torrentcomments), 1);
do_action('user_detail_rows', $user['id'], 'web');
tr_small($lang_userdetails['row_forum_posts'], ($forumposts && ($user["id"] == $CURUSER["id"] || get_user_class() >= $viewhistory_class) ? "<a href=\"userhistory.php?action=viewposts&amp;id=".$id."\" title=\"".$lang_userdetails['link_view_posts']."\">".$forumposts."</a>" : $forumposts), 1);
tr_small($lang_userdetails['row_torrent_comment'], ($torrentcomments && ($user["id"] == $CURUSER["id"] || user_can('viewhistory')) ? "<a href=\"userhistory.php?action=viewcomments&amp;id=".$id."\" title=\"".$lang_userdetails['link_view_comments']."\">".$torrentcomments."</a>" : $torrentcomments), 1);
if ($user["id"] == $CURUSER["id"] || get_user_class() >= $viewhistory_class) {
tr_small($lang_userdetails['row_forum_posts'], ($forumposts && ($user["id"] == $CURUSER["id"] || user_can('viewhistory')) ? "<a href=\"userhistory.php?action=viewposts&amp;id=".$id."\" title=\"".$lang_userdetails['link_view_posts']."\">".$forumposts."</a>" : $forumposts), 1);
if ($user["id"] == $CURUSER["id"] || user_can('viewhistory')) {
if (\App\Models\HitAndRun::getIsEnabled()) {
$hrStatus = (new \App\Repositories\HitAndRunRepository())->getStatusStats($user['id']);
tr_small('H&R', sprintf('<a href="myhr.php?userid=%s" target="_blank">%s</a>', $user['id'], $hrStatus), 1);
@@ -392,7 +394,7 @@ if ($user["id"] == $CURUSER["id"] || get_user_class() >= $viewhistory_class) {
}
if ($user["ip"] && (get_user_class() >= $torrenthistory_class || $user["id"] == $CURUSER["id"])){
if ($user["ip"] && (user_can('torrenthistory') || $user["id"] == $CURUSER["id"])){
tr_small($lang_userdetails['row_uploaded_torrents'], "<a href=\"javascript: getusertorrentlistajax('".$user['id']."', 'uploaded', 'ka'); klappe_news('a')\"><img class=\"plus\" src=\"pic/trans.gif\" id=\"pica\" alt=\"Show/Hide\" title=\"".$lang_userdetails['title_show_or_hide'] ."\" /> <u>".$lang_userdetails['text_show_or_hide']."</u></a><div id=\"ka\" style=\"display: none;\"></div>", 1);
@@ -417,7 +419,7 @@ else
}
$showpmbutton = 0;
if ($CURUSER["id"] != $user["id"])
if (get_user_class() >= $staffmem_class)
if (user_can('staffmem'))
$showpmbutton = 1;
elseif ($user["acceptpms"] == "yes")
{
@@ -439,7 +441,7 @@ print("</td></tr>");
}
print("</table>\n");
if (get_user_class() >= $prfmanage_class && $user["class"] < get_user_class())
if (user_can('prfmanage') && $user["class"] < get_user_class())
{
begin_frame($lang_userdetails['text_edit_user'], true);
print("<form method=\"post\" action=\"modtask.php\">");
@@ -482,7 +484,7 @@ if (get_user_class() >= $prfmanage_class && $user["class"] < get_user_class())
tr($lang_userdetails['row_movie_picker'], "<input name=\"moviepicker\" value=\"yes\" type=\"radio\"" . ($moviepicker ? " checked=\"checked\"" : "") . " />".$lang_userdetails['radio_yes']."<input name=\"moviepicker\" value=\"no\" type=\"radio\"" . (!$moviepicker ? " checked=\"checked\"" : "") . " />".$lang_userdetails['radio_no'], 1);
tr($lang_userdetails['row_pick_for'], "<textarea cols=\"60\" rows=\"6\" name=\"pickfor\">".$pickfor."</textarea>", 1);
if (get_user_class() >= $cruprfmanage_class)
if (user_can('cruprfmanage'))
{
$modcomment = htmlspecialchars($user["modcomment"]);
tr($lang_userdetails['row_comment'], "<textarea cols=\"60\" rows=\"6\" name=\"modcomment\">".$modcomment."</textarea>", 1);
@@ -582,7 +584,7 @@ JS;
tr($lang_userdetails['row_download_possible'], "<input type=\"radio\" name=\"downloadpos\" value=\"yes\"" .($user["downloadpos"]=="yes" ? " checked=\"checked\"" : "") . " />".$lang_userdetails['radio_yes']."<input type=\"radio\" name=\"downloadpos\" value=\"no\"" .($user["downloadpos"]=="no" ? " checked=\"checked\"" : "") . " />".$lang_userdetails['radio_no'], 1);
tr($lang_userdetails['row_show_ad'], "<input type=\"radio\" name=\"noad\" value=\"no\"" .($user["noad"]=="no" ? " checked=\"checked\"" : "") . " />".$lang_userdetails['radio_yes']."<input type=\"radio\" name=\"noad\" value=\"yes\"" .($user["noad"]=="yes" ? " checked=\"checked\"" : "") . " />".$lang_userdetails['radio_no'], 1);
tr($lang_userdetails['row_no_ad_until'], "<input type=\"text\" name=\"noaduntil\" value=\"".htmlspecialchars($user["noaduntil"])."\" /> ".$lang_userdetails['text_no_ad_until_note'], 1);
if (get_user_class() >= $cruprfmanage_class)
if (user_can('cruprfmanage'))
{
tr($lang_userdetails['row_change_username'], "<input type=\"text\" size=\"25\" name=\"username\" value=\"" . htmlspecialchars($user['username']) . "\" />", 1);
@@ -592,7 +594,7 @@ JS;
tr($lang_userdetails['row_change_password'], "<input type=\"password\" name=\"chpassword\" size=\"50\" />", 1);
tr($lang_userdetails['row_repeat_password'], "<input type=\"password\" name=\"passagain\" size=\"50\" />", 1);
if (get_user_class() >= $cruprfmanage_class)
if (user_can('cruprfmanage'))
{
// tr($lang_userdetails['row_amount_uploaded'], "<input disabled type=\"text\" size=\"60\" name=\"uploaded\" value=\"" . htmlspecialchars($user['uploaded']) . "\" /><input type=\"hidden\" name=\"ori_uploaded\" value=\"" . htmlspecialchars($user['uploaded']) . "\" />".$lang_userdetails['change_field_value_migrated'], 1);
// tr($lang_userdetails['row_amount_downloaded'], "<input disabled type=\"text\" size=\"60\" name=\"downloaded\" value=\"" .htmlspecialchars($user['downloaded']) . "\" /><input type=\"hidden\" name=\"ori_downloaded\" value=\"" .htmlspecialchars($user['downloaded']) . "\" />".$lang_userdetails['change_field_value_migrated'], 1);
@@ -610,7 +612,7 @@ JS;
print("</table>\n");
print("</form>\n");
end_frame();
if (get_user_class() >= $cruprfmanage_class)
if (user_can('cruprfmanage'))
{
begin_frame($lang_userdetails['text_delete_user'], true);
print("<form method=\"post\" action=\"delacctadmin.php\" name=\"deluser\">
public/userhistory.php
+4 -4
View File
@@ -8,7 +8,7 @@ parked();
$userid = $_GET["id"];
int_check($userid,true);
if ($CURUSER["id"] != $userid && get_user_class() < $viewhistory_class)
if ($CURUSER["id"] != $userid && !user_can('viewhistory'))
permissiondenied();
$action = htmlspecialchars($_GET["action"]);
@@ -107,7 +107,7 @@ if ($action == "viewposts")
"</td></tr></table></p>\n");
print("<br />");
print("<table class=main width=100% border=1 cellspacing=0 cellpadding=5>\n");
$body = format_comment($arr["body"]);
@@ -228,7 +228,7 @@ if ($action == "viewcomments")
"&nbsp;---&nbsp;".$lang_userhistory['text_comment']."</b>#<a href=details.php?id=$torrentid&tocomm=1&hit=1$page_url>$commentid</a>
</td></tr></table></p>\n");
print("<br />");
print("<table class=main width=100% border=1 cellspacing=0 cellpadding=5>\n");
$body = format_comment($arr["text"]);
@@ -236,7 +236,7 @@ if ($action == "viewcomments")
print("<tr valign=top><td class=comment>$body</td></tr>\n");
print("</td></tr></table>\n");
print("<br />");
}
public/users.php
+1 -2
View File
@@ -4,8 +4,7 @@ dbconn();
require_once(get_langfile_path());
loggedinorreturn();
parked();
if (get_user_class() < $viewuserlist_class)
permissiondenied();
user_can('viewuserlist', true);
$search = trim($_GET['search']);
$class = $_GET['class'];
$country = intval($_GET['country'] ?? 0);
public/viewnfo.php
+1 -1
View File
@@ -5,7 +5,7 @@ require_once(get_langfile_path());
loggedinorreturn();
parked();
$id = $_GET["id"];
if (get_user_class() < $viewnfo_class || !is_valid_id($id) || $enablenfo_main != 'yes')
if (!user_can('viewnfo') || !is_valid_id($id) || $enablenfo_main != 'yes')
permissiondenied();
$r = sql_query("SELECT name,nfo FROM torrents WHERE id=$id") or sqlerr();
public/viewpeerlist.php
+2 -2
View File
@@ -81,7 +81,7 @@ function dltable($name, $arr, $torrent)
global $lang_functions, $seedBoxRep;
$s = "<b>" . count($arr) . " $name</b>\n";
$showLocationColumn = $enablelocation_tweak == 'yes' || get_user_class() >= $userprofile_class;
$showLocationColumn = $enablelocation_tweak == 'yes' || user_can('userprofile');
if (!count($arr))
return $s;
$s .= "\n";
@@ -110,7 +110,7 @@ function dltable($name, $arr, $torrent)
$secs = max(1, ($e["la"] - $e["st"]));
$columnLocation = $usernameSeedBoxIcon = '';
$isStrongPrivacy = $privacy == "strong" || ($torrent['anonymous'] == 'yes' && $e['userid'] == $torrent['owner']);
$canView = get_user_class() >= $viewanonymous_class || $e['userid'] == $CURUSER['id'];
$canView = user_can('viewanonymous') || $e['userid'] == $CURUSER['id'];
if ($showLocationColumn) {
$columnLocation = get_location_column($e, $isStrongPrivacy, $canView);
} else {
public/viewsnatches.php
+3 -3
View File
@@ -19,7 +19,7 @@ if ($count){
list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["SCRIPT_NAME"] . "?id=" . htmlspecialchars($id) . "&" );
print("<p align=center>".$lang_viewsnatches['text_users_top_finished_recently']."</p>");
print("<table border=1 cellspacing=0 cellpadding=5 align=center width=940>\n");
print("<tr><td class=colhead align=center>".$lang_viewsnatches['col_username']."</td>".(get_user_class() >= $userprofile_class ? "<td class=colhead align=center>".$lang_viewsnatches['col_ip']."</td>" : "")."<td class=colhead align=center>".$lang_viewsnatches['col_uploaded']."/".$lang_viewsnatches['col_downloaded']."</td><td class=colhead align=center>".$lang_viewsnatches['col_ratio']."</td><td class=colhead align=center>".$lang_viewsnatches['col_se_time']."</td><td class=colhead align=center>".$lang_viewsnatches['col_le_time']."</td><td class=colhead align=center>".$lang_viewsnatches['col_when_completed']."</td><td class=colhead align=center>".$lang_viewsnatches['col_last_action']."</td><td class=colhead align=center>".$lang_viewsnatches['col_report_user']."</td></tr>");
print("<tr><td class=colhead align=center>".$lang_viewsnatches['col_username']."</td>".(user_can('userprofile') ? "<td class=colhead align=center>".$lang_viewsnatches['col_ip']."</td>" : "")."<td class=colhead align=center>".$lang_viewsnatches['col_uploaded']."/".$lang_viewsnatches['col_downloaded']."</td><td class=colhead align=center>".$lang_viewsnatches['col_ratio']."</td><td class=colhead align=center>".$lang_viewsnatches['col_se_time']."</td><td class=colhead align=center>".$lang_viewsnatches['col_le_time']."</td><td class=colhead align=center>".$lang_viewsnatches['col_when_completed']."</td><td class=colhead align=center>".$lang_viewsnatches['col_last_action']."</td><td class=colhead align=center>".$lang_viewsnatches['col_report_user']."</td></tr>");
$res = sql_query("SELECT * FROM snatched WHERE finished='yes' AND torrentid =" . sqlesc($id) . " ORDER BY completedat DESC $limit");
@@ -48,12 +48,12 @@ if ($count){
$userrow = get_user_row($arr['userid']);
if ($userrow['privacy'] == 'strong'){
$username = $lang_viewsnatches['text_anonymous'];
if (get_user_class() >= $viewanonymous_class || $arr["id"] == $CURUSER['id'])
if (user_can('viewanonymous') || $arr["id"] == $CURUSER['id'])
$username .= "<br />(".get_username($arr['userid']).")";
}
else $username = get_username($arr['userid']);
$reportImage = "<img class=\"f_report\" src=\"pic/trans.gif\" alt=\"Report\" title=\"".$lang_viewsnatches['title_report']."\" />";
print("<tr$highlight><td class=rowfollow align=center>" . $username ."</td>".(get_user_class() >= $userprofile_class ? "<td class=rowfollow align=center>".$arr['ip']."</td>" : "")."<td class=rowfollow align=center>".$uploaded."@".$uprate.$lang_viewsnatches['text_per_second']."<br />".$downloaded."@".$downrate.$lang_viewsnatches['text_per_second']."</td><td class=rowfollow align=center>$ratio</td><td class=rowfollow align=center>$seedtime</td><td class=rowfollow align=center>$leechtime</td><td class=rowfollow align=center>".gettime($arr['completedat'],true,false)."</td><td class=rowfollow align=center>".gettime($arr['last_action'],true,false)."</td><td class=rowfollow align=center style='padding: 0px'>".($userrow['privacy'] != 'strong' || get_user_class() >= $viewanonymous_class ? "<a href=report.php?user={$arr['userid']}>$reportImage</a>" : $reportImage)."</td></tr>\n");
print("<tr$highlight><td class=rowfollow align=center>" . $username ."</td>".(user_can('userprofile') ? "<td class=rowfollow align=center>".$arr['ip']."</td>" : "")."<td class=rowfollow align=center>".$uploaded."@".$uprate.$lang_viewsnatches['text_per_second']."<br />".$downloaded."@".$downrate.$lang_viewsnatches['text_per_second']."</td><td class=rowfollow align=center>$ratio</td><td class=rowfollow align=center>$seedtime</td><td class=rowfollow align=center>$leechtime</td><td class=rowfollow align=center>".gettime($arr['completedat'],true,false)."</td><td class=rowfollow align=center>".gettime($arr['last_action'],true,false)."</td><td class=rowfollow align=center style='padding: 0px'>".($userrow['privacy'] != 'strong' || user_can('viewanonymous') ? "<a href=report.php?user={$arr['userid']}>$reportImage</a>" : $reportImage)."</td></tr>\n");
}
print("</table>\n");
print($pagerbottom);
resources/lang/en/permission.php
+196
View File
@@ -0,0 +1,196 @@
<?php
return [
'torrent-approval' => [
'text' => 'Approval Torrent',
'desc' => 'Allow, Deny, or mark as unreviewed',
],
'defaultclass' => [
'text' => 'Default Class',
'desc' => ' Class upon registration',
],
'staffmem' => [
'text' => 'Staff Member',
'desc' => 'Classes considered as staff members, e.g. can view staffbox',
],
'newsmanage' => [
'text' => 'News Management',
'desc' => 'Add new, edit, delete news',
],
'newfunitem' => [
'text' => 'Post funbox item',
'desc' => "Post new funbox items and edit own's funbox items",
],
'funmanage' => [
'text' => 'Funbox Management',
'desc' => "Edit, delete, ban anyone's funbox items",
],
'sbmanage' => [
'text' => 'Shoutbox Management',
'desc' => 'Delete messages in shoutbox and helpbox',
],
'pollmanage' => [
'text' => 'Poll Management',
'desc' => 'Add new, edit, delete polls',
],
'applylink' => [
'text' => 'Apply for Links',
'desc' => 'Apply for links on main page',
],
'linkmanage' => [
'text' => 'Link Management',
'desc' => ' Add new, edit, delete links',
],
'postmanage' => [
'text' => 'Forum Post Management',
'desc' => 'Edit, delete, move, stick, lock forum posts',
],
'commanage' => [
'text' => 'Comment Management',
'desc' => 'Edit, delete comments of torrents, offers',
],
'forummanage' => [
'text' => 'Forum Management',
'desc' => 'Add new, edit, delete, move forums',
],
'viewuserlist' => [
'text' => 'View User List',
'desc' => 'View, search user list',
],
'torrentmanage' => [
'text' => 'Torrent Management',
'desc' => 'Edit, delete torrents, excluding setting torrent sticky or on promotion',
],
'torrentsticky' => [
'text' => 'Torrent Sticky',
'desc' => ' Set torrents sticky',
],
'torrentonpromotion' => [
'text' => 'Torrent on Promotion',
'desc' => 'Set torrents on promotion',
],
'torrent_hr' => [
'text' => 'Set Torrent H&R',
'desc' => '.Set torrent join the H&R inspect',
],
'askreseed' => [
'text' => 'Ask for reseed',
'desc' => 'Ask for reseed when torrents are dead',
],
'viewnfo' => [
'text' => 'View NFO',
'desc' => 'View NFO files',
],
'torrentstructure' => [
'text' => 'View Torrent Structure',
'desc' => 'View structure of torrent files',
],
'sendinvite' => [
'text' => 'Send Invite',
'desc' => 'Send invitation of membership to others',
],
'viewhistory' => [
'text' => 'View History',
'desc' => "View other's comment and post history",
],
'topten' => [
'text' => 'View Topten',
'desc' => 'View Top Ten',
],
'log' => [
'text' => 'View General Log',
'desc' => 'View general log, excluding confidential log',
],
'confilog' => [
'text' => 'View Confidential Log',
'desc' => 'View confidential log, e.g. site setting changes',
],
'userprofile' => [
'text' => "View User's Confidential Profile",
'desc' => "View user's confidential profile, e.g. IP address, Email address",
],
'torrenthistory' => [
'text' => "View User's Torrent History",
'desc' => "View user's torrent history, e.g. downloaded torrents.Valid only when user's setting for privacy level is not 'strong'"
],
'prfmanage' => [
'text' => "User's General Profile Management",
'desc' => " Change user's profile, excluding crucial ones e.g. email, username, uploaded and downloaded amount, bonus"
],
'cruprfmanage' => [
'text' => "User's Crucial Profile Management",
'desc' => "Change user's crucial profile, excluding donation (only Staff Leader can manage donation)",
],
'uploadsub' => [
'text' => 'Upload subtitle',
'desc' => 'Upload subtitles for torrents',
],
'delownsub' => [
'text' => "Delete own's subtitle",
'desc' => 'Delete subtitles uploaded by oneself',
],
'submanage' => [
'text' => 'Subtitle Management',
'desc' => 'Delete any subtitle',
],
'updateextinfo' => [
'text' => 'Update External Info',
'desc' => 'Update outdated external infomation, e.g. IMDb info',
],
'viewanonymous' => [
'text' => 'View Anonymous',
'desc' => 'View who anonymous one is',
],
'beanonymous' => [
'text' => 'Be Anonymous',
'desc' => 'Upload torrents, subtitles anonymously',
],
'addoffer' => [
'text' => 'Add Offer',
'desc' => ' Add offers to upload',
],
'offermanage' => [
'text' => 'Offer Management',
'desc' => 'Allow, Edit, Delete offer',
],
'upload' => [
'text' => 'Upload Torrent',
'desc' => 'Upload torrents to Torrents section',
],
'uploadspecial' => [
'text' => 'Upload Special Torrent',
'desc' => 'Upload torrents to Special section',
],
'view_special_torrent' => [
'text' => 'View Special Torrent',
'desc' => 'View torrents in Special section',
],
'movetorrent' => [
'text' => 'Move Torrent',
'desc' => 'Move torrents between sections',
],
'chrmanage' => [
'text' => 'Chronicle Management',
'desc' => 'Add, edit, delete chronicle',
],
'viewinvite' => [
'text' => 'View Invite',
'desc' => "View user's invite history",
],
'buyinvite' => [
'text' => 'Buy Invites',
'desc' => 'Buy invites at bonus center',
],
'seebanned' => [
'text' => 'See Banned Torrents',
'desc' => 'See and download banned torrents',
],
'againstoffer' => [
'text' => 'Vote Against Offers',
'desc' => 'Vote against offers',
],
'userbar' => [
'text' => 'Allow Userbar',
'desc' => ' Get his userba',
],
];
resources/lang/en/user.php
+1 -1
View File
@@ -17,7 +17,7 @@ return [
'attendance_card' => 'Attend card',
'props' => 'Props',
],
'class_name' => [
'class_names' => [
\App\Models\User::CLASS_VIP => 'Vip',
\App\Models\User::CLASS_RETIREE => 'Retiree',
\App\Models\User::CLASS_UPLOADER => 'Uploader',
resources/lang/zh_CN/permission.php
+196
View File
@@ -0,0 +1,196 @@
<?php
return [
'torrent-approval' => [
'text' => '审核种子',
'desc' => '通过种子、拒绝种子、或将种子标记为未审',
],
'defaultclass' => [
'text' => '默认等级',
'desc' => '注册时获得的等级',
],
'staffmem' => [
'text' => '管理组成员',
'desc' => '被认为是管理组成员的等级,如可以查看管理组信箱',
],
'newsmanage' => [
'text' => '管理最近消息',
'desc' => '添加、编辑、删除最近消息',
],
'newfunitem' => [
'text' => '发布趣味盒内容',
'desc' => '允许发布新的趣味盒内容及编辑自己发布的趣味盒内容',
],
'funmanage' => [
'text' => '管理趣味盒',
'desc' => '编辑、删除、禁止任何人发布的趣味盒内容',
],
'sbmanage' => [
'text' => '管理群聊区',
'desc' => '删除群聊区和救助区的信息',
],
'pollmanage' => [
'text' => '管理投票',
'desc' => '添加、编辑、删除投票',
],
'applylink' => [
'text' => '申请链接',
'desc' => '申请在首页的友情链接',
],
'linkmanage' => [
'text' => '管理友情链接',
'desc' => '添加、编辑、删除友情链接',
],
'postmanage' => [
'text' => '管理论坛帖子',
'desc' => '编辑、删除、移动、置顶、锁定论坛帖子',
],
'commanage' => [
'text' => '管理评论',
'desc' => '编辑、删除种子和候选的评论',
],
'forummanage' => [
'text' => '管理论坛版块',
'desc' => '添加、编辑、删除、移动论坛版块',
],
'viewuserlist' => [
'text' => '查看用户列表',
'desc' => '查看、搜索用户列表',
],
'torrentmanage' => [
'text' => '管理种子',
'desc' => '编辑、删除种子,但不能将种子设为置顶或促销',
],
'torrentsticky' => [
'text' => '设定种子置顶',
'desc' => '将种子设为置顶',
],
'torrentonpromotion' => [
'text' => '设定种子为促销',
'desc' => '将种子设为促销',
],
'torrent_hr' => [
'text' => '设定种子 H&R',
'desc' => '将种子设置为参与 H&R 考察',
],
'askreseed' => [
'text' => '请求续种',
'desc' => '当种子断种时请求续种',
],
'viewnfo' => [
'text' => '查看NFO',
'desc' => '查看NFO文件',
],
'torrentstructure' => [
'text' => '查看种子结构',
'desc' => '查看种子文件的结构',
],
'sendinvite' => [
'text' => '发送邀请',
'desc' => '发送加入网站的邀请函给其他人',
],
'viewhistory' => [
'text' => '查看历史记录',
'desc' => '查看其他用户的评论和帖子历史记录',
],
'topten' => [
'text' => '查看排行榜',
'desc' => '查看排行榜',
],
'log' => [
'text' => '查看一般日志',
'desc' => '查看一般日志,不能查看机密日志',
],
'confilog' => [
'text' => '查看机密日志',
'desc' => '查看机密日志,如站点设定更改',
],
'userprofile' => [
'text' => '查看用户机密档案',
'desc' => '查看用户的机密档案,如IP地址,邮箱地址',
],
'torrenthistory' => [
'text' => '查看用户种子历史记录',
'desc' => '查看用户的种子历史记录,如下载种子的历史记录。只有用户的隐私等级没有设为’强‘时才生效',
],
'prfmanage' => [
'text' => '管理用户基本档案',
'desc' => '改变用户的基本档案,但不能改变其中重要的项目,如邮箱地址、用户名、上传量、下载量、魔力值数',
],
'cruprfmanage' => [
'text' => '管理用户重要档案信息',
'desc' => '改变用户所有档案信息,除了捐赠信息外(只有主管能管理捐赠信息)',
],
'uploadsub' => [
'text' => '上传字幕',
'desc' => '上传种子对应的字幕',
],
'delownsub' => [
'text' => '删除自己的字幕',
'desc' => '删除自己上传的字幕',
],
'submanage' => [
'text' => '管理字幕',
'desc' => '删除任何字幕',
],
'updateextinfo' => [
'text' => '更新外部信息',
'desc' => '更新外部信息,如IMDb信息',
],
'viewanonymous' => [
'text' => '查看匿名者',
'desc' => '查看匿名者的真实身份',
],
'beanonymous' => [
'text' => '作为匿名',
'desc' => '在发布种子、上传字幕时选择匿名',
],
'addoffer' => [
'text' => '添加候选',
'desc' => '允许发起候选',
],
'offermanage' => [
'text' => '管理候选',
'desc' => '通过、编辑、删除候选',
],
'upload' => [
'text' => '发布种子',
'desc' => '发布种子到种子区',
],
'uploadspecial' => [
'text' => '发布种子至特别区',
'desc' => '发布种子到特别区',
],
'view_special_torrent' => [
'text' => '查看特别区种子',
'desc' => '查看特别区种子',
],
'movetorrent' => [
'text' => '移动种子',
'desc' => '将种子在各区间移动',
],
'chrmanage' => [
'text' => '管理史册',
'desc' => '添加、编辑、删除史册内容',
],
'viewinvite' => [
'text' => '查看邀请',
'desc' => '查看用户的邀请历史记录',
],
'buyinvite' => [
'text' => '购买邀请',
'desc' => '允许在魔力值中心购买邀请',
],
'seebanned' => [
'text' => '查看被禁止的种子',
'desc' => '查看、下载被禁止的种子',
],
'againstoffer' => [
'text' => '对候选投反对票',
'desc' => '对候选投反对票',
],
'userbar' => [
'text' => '允许个性条',
'desc' => '允许用户使用个性条',
],
];
resources/lang/zh_TW/permission.php
+196
View File
@@ -0,0 +1,196 @@
<?php
return [
'torrent-approval' => [
'text' => '審核種子',
'desc' => '通過種子、拒絕種子、或將種子標記為未審',
],
'defaultclass' => [
'text' => '預設等級',
'desc' => '註冊時獲得的等級',
],
'staffmem' => [
'text' => '管理組成員',
'desc' => '被認為是管理組成員的等級,如可以檢視管理組郵箱',
],
'newsmanage' => [
'text' => '管理最近訊息',
'desc' => '添加、編輯、移除最近訊息',
],
'newfunitem' => [
'text' => '發布趣味盒內容',
'desc' => '允許發布新的趣味盒內容及編輯自己發布的趣味盒內容',
],
'funmanage' => [
'text' => '管理趣味盒',
'desc' => '編輯、移除、禁止任何人發布的趣味盒內容',
],
'sbmanage' => [
'text' => '管理群聊區',
'desc' => '移除群聊區和救助區的資訊',
],
'pollmanage' => [
'text' => '管理投票',
'desc' => '添加、編輯、移除投票',
],
'applylink' => [
'text' => '申請鏈結',
'desc' => '申請在首頁的友情鏈結',
],
'linkmanage' => [
'text' => '管理友情鏈結',
'desc' => '添加、編輯、移除友情鏈結',
],
'postmanage' => [
'text' => '管理論壇帖子',
'desc' => '編輯、移除、移動、置頂、鎖定論壇帖子',
],
'commanage' => [
'text' => '管理評論',
'desc' => '編輯、移除種子和候選的評論',
],
'forummanage' => [
'text' => '管理論壇版塊',
'desc' => '添加、編輯、移除、移動論壇版塊',
],
'viewuserlist' => [
'text' => '檢視用戶清單',
'desc' => '檢視、搜索用戶清單',
],
'torrentmanage' => [
'text' => '管理種子',
'desc' => '編輯、移除種子,但無法將種子設為置頂或促銷',
],
'torrentsticky' => [
'text' => '設定種子置頂',
'desc' => '將種子設為置頂',
],
'torrentonpromotion' => [
'text' => '設定種子為促銷',
'desc' => '將種子設為促銷',
],
'torrent_hr' => [
'text' => '設定種子 H&R',
'desc' => '將種子設置為參與 H&R 考察',
],
'askreseed' => [
'text' => '要求續種',
'desc' => '當種子斷種時要求續種',
],
'viewnfo' => [
'text' => '檢視NFO',
'desc' => '檢視NFO檔案',
],
'torrentstructure' => [
'text' => '檢視種子架構',
'desc' => '檢視種子檔案的架構',
],
'sendinvite' => [
'text' => '傳送邀請',
'desc' => '傳送加入網站的邀請函給其他人',
],
'viewhistory' => [
'text' => '檢視曆史記錄',
'desc' => '檢視其他用戶的評論和帖子曆史記錄',
],
'topten' => [
'text' => '檢視排行榜',
'desc' => '檢視排行榜',
],
'log' => [
'text' => '檢視一般日誌',
'desc' => '檢視一般日誌,無法檢視機密日誌',
],
'confilog' => [
'text' => '檢視機密日誌',
'desc' => '檢視機密日誌,如網站設定變更',
],
'userprofile' => [
'text' => '檢視用戶機密檔案',
'desc' => '檢視用戶的機密檔案,如IP位址,郵箱位址',
],
'torrenthistory' => [
'text' => '檢視用戶種子曆史記錄',
'desc' => '檢視用戶的種子曆史記錄,如下載種子的曆史記錄。只有用戶的隱私等級沒有設為’強‘時才生效',
],
'prfmanage' => [
'text' => '管理用戶基本檔案',
'desc' => '改變用戶的基本檔案,但無法改變其中重要的項目,如郵箱位址、用戶名、上傳量、下載量、魔力值數',
],
'cruprfmanage' => [
'text' => '管理用戶重要檔案資訊',
'desc' => '改變用戶所有檔案資訊,除了捐贈資訊外(只有主管能管理捐贈資訊)',
],
'uploadsub' => [
'text' => '上傳字幕',
'desc' => '上傳種子對應的字幕',
],
'delownsub' => [
'text' => '移除自己的字幕',
'desc' => '移除自己上傳的字幕',
],
'submanage' => [
'text' => '管理字幕',
'desc' => '移除任何字幕',
],
'updateextinfo' => [
'text' => '更新外部資訊',
'desc' => '更新外部資訊,如IMDb資訊',
],
'viewanonymous' => [
'text' => '檢視匿名者',
'desc' => '檢視匿名者的真實身份',
],
'beanonymous' => [
'text' => '作為匿名',
'desc' => '在發布種子、上傳字幕時選取匿名',
],
'addoffer' => [
'text' => '添加候選',
'desc' => '允許發起候選',
],
'offermanage' => [
'text' => '管理候選',
'desc' => '通過、編輯、移除候選',
],
'upload' => [
'text' => '發布種子',
'desc' => '發布種子到種子區',
],
'uploadspecial' => [
'text' => '發布種子至特別區',
'desc' => '發布種子到特別區',
],
'view_special_torrent' => [
'text' => '查看特別區種子',
'desc' => '查看特別區種子',
],
'movetorrent' => [
'text' => '移動種子',
'desc' => '將種子在各區間移動',
],
'chrmanage' => [
'text' => '管理史冊',
'desc' => '添加、編輯、移除史冊內容',
],
'viewinvite' => [
'text' => '檢視邀請',
'desc' => '檢視用戶的邀請曆史記錄',
],
'buyinvite' => [
'text' => '購買邀請',
'desc' => '允許在魔力值中心購買邀請',
],
'seebanned' => [
'text' => '檢視被禁止的種子',
'desc' => '檢視、下載被禁止的種子',
],
'againstoffer' => [
'text' => '對候選投反對票',
'desc' => '對候選投反對票',
],
'userbar' => [
'text' => '允許個性條',
'desc' => '允許用戶使用個性條',
],
];
resources/lang/zh_TW/user.php
+1 -1
View File
@@ -17,7 +17,7 @@ return [
'attendance_card' => '補簽卡',
'props' => '道具',
],
'class_name' => [
'class_names' => [
\App\Models\User::CLASS_VIP => '貴賓',
\App\Models\User::CLASS_RETIREE => '養老族',
\App\Models\User::CLASS_UPLOADER => '發布員',
resources/views/filament/resources/user/user-resource/pages/user-profile.blade.php
+1
View File
@@ -49,6 +49,7 @@
<td></td>
</tr>
@endif
{!! do_action('user_detail_rows', $record->id, 'admin') !!}
<tr>
<th>{{__('label.user.invite_by')}}</th>
<td>{{$record->inviter->username ?? ''}}</td>