From b79762686a22768821746834c088abdff01ca4b0 Mon Sep 17 00:00:00 2001 From: xiaomlove Date: Sat, 20 Aug 2022 19:11:28 +0800 Subject: [PATCH] Refactoring user permissions --- app/Console/Commands/Plugin.php | 8 + app/Console/Commands/Test.php | 6 +- app/Models/Setting.php | 6 +- app/Models/User.php | 10 +- app/Providers/AppServiceProvider.php | 1 - include/config.php | 3 +- include/functions.php | 32 +-- include/globalfunctions.php | 33 ++- lang/chs/lang_functions.php | 1 + lang/cht/lang_functions.php | 1 + lang/en/lang_functions.php | 1 + nexus/Install/settings.default.php | 1 + nexus/Plugin/BasePlugin.php | 11 + nexus/Plugin/Hook.php | 4 +- public/cheaterbox.php | 5 +- public/comment.php | 8 +- public/complains.php | 2 +- public/delete.php | 2 +- public/details.php | 22 +- public/download.php | 2 +- public/edit.php | 14 +- public/fastdelete.php | 2 +- public/forummanage.php | 7 +- public/forums.php | 28 +-- public/friends.php | 8 +- public/fun.php | 8 +- public/getusertorrentlistajax.php | 4 +- public/increment-bulk.php | 2 +- public/index.php | 16 +- public/invite.php | 4 +- public/iphistory.php | 3 +- public/ipsearch.php | 2 +- public/linksmanage.php | 8 +- public/log.php | 20 +- public/makepoll.php | 3 +- public/modtask.php | 6 +- public/moforums.php | 12 +- public/mybonus.php | 4 +- public/myhr.php | 2 +- public/news.php | 7 +- public/offers.php | 32 ++- public/polloverview.php | 15 +- public/promotionlink.php | 2 +- public/reports.php | 5 +- public/retriver.php | 4 +- public/settings.php | 106 +++++----- public/shoutbox.php | 4 +- public/staffbox.php | 21 +- public/subtitles.php | 16 +- public/take-increment-bulk.php | 2 +- public/takeedit.php | 10 +- public/takeinvite.php | 2 +- public/takemessage.php | 18 +- public/takereseed.php | 3 +- public/takeupdate.php | 23 +- public/takeupload.php | 2 +- public/topten.php | 16 +- public/torrent_info.php | 5 +- public/torrentrss.php | 2 +- public/torrents.php | 8 +- public/upload.php | 2 +- public/userdetails.php | 38 ++-- public/userhistory.php | 8 +- public/users.php | 3 +- public/viewnfo.php | 2 +- public/viewpeerlist.php | 4 +- public/viewsnatches.php | 6 +- resources/lang/en/permission.php | 196 ++++++++++++++++++ resources/lang/en/user.php | 2 +- resources/lang/zh_CN/permission.php | 196 ++++++++++++++++++ resources/lang/zh_TW/permission.php | 196 ++++++++++++++++++ resources/lang/zh_TW/user.php | 2 +- .../pages/user-profile.blade.php | 1 + 73 files changed, 945 insertions(+), 326 deletions(-) create mode 100644 resources/lang/en/permission.php create mode 100644 resources/lang/zh_CN/permission.php create mode 100644 resources/lang/zh_TW/permission.php diff --git a/app/Console/Commands/Plugin.php b/app/Console/Commands/Plugin.php index 74928c35..dc6fabe3 100644 --- a/app/Console/Commands/Plugin.php +++ b/app/Console/Commands/Plugin.php @@ -3,6 +3,7 @@ namespace App\Console\Commands; use Illuminate\Console\Command; +use Nexus\Plugin\BasePlugin; class Plugin extends Command { @@ -30,11 +31,18 @@ class Plugin extends Command $plugin = new \Nexus\Plugin\Plugin(); $action = $this->argument('action'); $name = $this->argument('name'); + /** @var BasePlugin $mainClass */ $mainClass = $plugin->getMainClass($name); if (!$mainClass) { $this->error("Can not find plugin: $name"); return 1; } + try { + $mainClass->checkMainApplicationVersion(); + } catch (\Exception $exception) { + $this->error($exception->getMessage()); + return 1; + } if ($action == 'install') { call_user_func([$mainClass, 'install']); } elseif ($action == 'uninstall') { diff --git a/app/Console/Commands/Test.php b/app/Console/Commands/Test.php index bbe1d920..a91a9dc8 100644 --- a/app/Console/Commands/Test.php +++ b/app/Console/Commands/Test.php @@ -86,9 +86,9 @@ class Test extends Command */ public function handle() { - $user = User::query()->find(10003); - $permissions = $user->rolePermissions; - dd($permissions); + $role = Role::query()->first(); + $r = $role->permissions()->createMany([['permission' => 'sss']]); + dd($r); } diff --git a/app/Models/Setting.php b/app/Models/Setting.php index b2a793a8..212f8364 100644 --- a/app/Models/Setting.php +++ b/app/Models/Setting.php @@ -11,9 +11,9 @@ class Setting extends NexusModel public $timestamps = true; - public static array $permissionDegeneration = [ - 'torrent-approval' => 'torrentmanage', - ]; + const PERMISSION_NO_CLASS = 100; + + public static array $permissionMustHaveClass = ['defaultclass', 'staffmem']; /** * get setting autoload = yes with cache diff --git a/app/Models/User.php b/app/Models/User.php index 3db9e52c..5541b6e8 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -17,8 +17,8 @@ use Laravel\Sanctum\HasApiTokens; use Nexus\Database\NexusDB; use Filament\Models\Contracts\FilamentUser; use Filament\Models\Contracts\HasName; -use NexusPlugin\Permission\Models\Permission; use NexusPlugin\Permission\Models\Role; +use NexusPlugin\Permission\Models\UserPermission; class User extends Authenticatable implements FilamentUser, HasName { @@ -239,15 +239,15 @@ class User extends Authenticatable implements FilamentUser, HasName public static function getClassName($class, $compact = false, $b_colored = false, $I18N = false) { - $class_name = self::$classes[$class]['text']; + $class_name = self::$classes[$class]['text'] ?? ''; if ($class >= self::CLASS_VIP && $I18N) { $class_name = nexus_trans("user.class_names.$class"); } - $class_name_color = self::$classes[$class]['text']; + $class_name_color = self::$classes[$class]['text'] ?? ''; if ($compact) { $class_name = str_replace(" ", "",$class_name); } - if ($b_colored) { + if ($class_name && $b_colored) { return "" . $class_name . ""; } return $class_name; @@ -476,7 +476,7 @@ class User extends Authenticatable implements FilamentUser, HasName public function directPermissions() { - return $this->belongsToMany(Permission::class, 'user_permissions', 'uid', 'permission_id')->withTimestamps(); + return $this->hasMany(UserPermission::class, 'uid'); } public function getAvatarAttribute($value) diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php index 519ee837..b97177b7 100644 --- a/app/Providers/AppServiceProvider.php +++ b/app/Providers/AppServiceProvider.php @@ -40,7 +40,6 @@ class AppServiceProvider extends ServiceProvider 'User', 'Torrent', 'Other', - 'Permission', 'System', ]); }); diff --git a/include/config.php b/include/config.php index c1551d34..888d46f8 100644 --- a/include/config.php +++ b/include/config.php @@ -149,7 +149,6 @@ $emailnotify_smtp = $SMTP['emailnotify']; $smtptype = $SMTP['smtptype']; $smtp_host = $SMTP['smtp_host']; $smtp_port = $SMTP['smtp_port']; -if (strtoupper(substr(PHP_OS,0,3)=='WIN')) $smtp_from = $SMTP['smtp_from']; $smtpaddress = $SMTP['smtpaddress'] ?? ''; $smtpport = $SMTP['smtpport'] ?? ''; @@ -167,7 +166,7 @@ $disableemailchange = $SECURITY['changeemail']; $cheaterdet_security = $SECURITY['cheaterdet']; $nodetect_security = $SECURITY['nodetect']; -$defaultclass_class = $AUTHORITY['defaultclass']; +$defaultclass_class = isset(\App\Models\User::$classes[$AUTHORITY['defaultclass']]) ? $AUTHORITY['defaultclass'] : \App\Models\User::CLASS_USER; $staffmem_class = $AUTHORITY['staffmem']; $newsmanage_class = $AUTHORITY['newsmanage']; $newfunitem_class = $AUTHORITY['newfunitem']; diff --git a/include/functions.php b/include/functions.php index 24fdc505..8002b4f8 100644 --- a/include/functions.php +++ b/include/functions.php @@ -2238,14 +2238,18 @@ function tr($x,$y,$noesc=0,$relation='', $return = false) { print $result; } -function tr_small($x,$y,$noesc=0,$relation='') { +function tr_small($x,$y,$noesc=0,$relation='',$return = false) { if ($noesc) $a = $y; else { $a = htmlspecialchars($y); //$a = str_replace("\n", "
\n", $a); } - print("".$x."".$a."\n"); + $result = "".$x."".$a.""; + if ($return) { + return $result; + } + print($result); } function twotd($x,$y,$nosec=0){ @@ -2683,7 +2687,7 @@ else {
= $staffmem_class) { + if (user_can('staffmem')) { $totalreports = $Cache->get_value('staff_report_count'); if ($totalreports == ""){ $totalreports = get_row_count("reports"); @@ -2791,7 +2795,7 @@ if ($msgalert) } } - if (get_user_class() >= $staffmem_class) + if (user_can('staffmem')) { //torrent approval if (get_setting('torrent.approval_status_none_visible') == 'no') { @@ -3182,7 +3186,7 @@ function commenttable($rows, $type, $parent_id, $review = false) print("
#" . $row["id"] . "  ".$lang_functions['text_by'].""); print(get_username($row["user"],false,true,true,false,false,true)); print("  ".$lang_functions['text_at']."".gettime($row["added"]). - ($row["editedby"] && get_user_class() >= $commanage_class ? " - [".$lang_functions['text_view_original']."]" : "") . "\"Top\"  
"); + ($row["editedby"] && user_can('commanage') ? " - [".$lang_functions['text_view_original']."]" : "") . "\"Top\"  "); $avatar = ($CURUSER["avatars"] == "yes" ? htmlspecialchars(trim($userRow["avatar"])) : ""); if (!$avatar) $avatar = "pic/default_avatar.png"; @@ -3201,7 +3205,7 @@ function commenttable($rows, $type, $parent_id, $review = false) print("
".$text.$text_editby."\n"); print("\n"); $actionbar = "\"Quote\"". - "\"Add".(get_user_class() >= $commanage_class ? "\"Delete\"" : "").($row["user"] == $CURUSER["id"] || get_user_class() >= $commanage_class ? "\"Edit\""."" : ""); + "\"Add".(user_can('commanage') ? "\"Delete\"" : "").($row["user"] == $CURUSER["id"] || get_user_class() >= $commanage_class ? "\"Edit\""."" : ""); print(" ".("'".$userRow['last_access']."'"> $dt ? "\"Online\"":"\"Offline\"" )."\"PM\"\"Report\"".$actionbar.""); print("\n"); @@ -3415,7 +3419,7 @@ if ($CURUSER['showcomnum'] != 'no') { ?> snatched = $torrentmanage_class) { ?> +if (user_can('torrentmanage')) { ?> @@ -3653,7 +3657,7 @@ foreach ($rows as $row) else print("" . number_format($row["times_completed"]) . "\n"); - if ($row["anonymous"] == "yes" && get_user_class() >= $torrentmanage_class) + if ($row["anonymous"] == "yes" && user_can('torrentmanage')) { print("".$lang_functions['text_anonymous']."
".(isset($row["owner"]) ? "(" . get_username($row["owner"]) .")" : "".$lang_functions['text_orphaned']."") . "\n"); } @@ -3666,7 +3670,7 @@ foreach ($rows as $row) print("" . (isset($row["owner"]) ? get_username($row["owner"]) : "".$lang_functions['text_orphaned']."") . "\n"); } - if (get_user_class() >= $torrentmanage_class) + if (user_can('torrentmanage')) { print("\"D\""); print("
\"E\"\n"); @@ -4113,8 +4117,12 @@ function getSmileIt($formname, $taname, $smilyNumber) { return "\'\'")."', 'trail', false, 'delay', 0,'lifetime',10000,'styleClass','smilies','maxWidth', 400);\">\"\""; } -function classlist($selectname,$maxclass, $selected, $minClass = 0){ +function classlist($selectname,$maxclass, $selected, $minClass = 0, $includeNoClass = false){ + global $lang_functions; $list = ""; @@ -4802,14 +4810,14 @@ function user_can_upload($where = "torrents"){ return false; if ($where == "torrents") { - if (get_user_class() >= $upload_class) + if (user_can('upload')) return true; if (get_if_restricted_is_open()) return true; } if ($where == "music") { - if ($enablespecial == 'yes' && get_user_class() >= $uploadspecial_class) + if ($enablespecial == 'yes' && user_can('uploadspecial')) return true; } return false; diff --git a/include/globalfunctions.php b/include/globalfunctions.php index 09ec9af9..baca7dcb 100644 --- a/include/globalfunctions.php +++ b/include/globalfunctions.php @@ -1,5 +1,7 @@ applyFilter(...func_get_args()); } @@ -748,7 +750,7 @@ function add_action($name, $function, $priority = 10, $argc = 1) function do_action($name, ...$args) { global $hook; - do_log("[DO_ACTION]: $name"); +// do_log("[DO_ACTION]: $name"); return $hook->doAction(...func_get_args()); } @@ -902,7 +904,7 @@ function clear_setting_cache() \Nexus\Database\NexusDB::cache_del('nexus_settings_in_nexus'); } -function user_can($permission, $uid = 0): bool +function user_can($permission, $fail = false, $uid = 0): bool { if ($uid == 0) { $uid = get_user_id(); @@ -910,13 +912,28 @@ function user_can($permission, $uid = 0): bool if ($uid <= 0) { return false; } + $userInfo = get_user_row($uid); + $log = "permission: $permission, user: $uid, userClass: {$userInfo['class']}"; + if ($userInfo['class'] == User::CLASS_STAFF_LEADER) { + do_log("$log, CLASS_STAFF_LEADER, true"); + return true; + } $result = apply_filter('nexus_user_can', null, $permission, $uid); - if (is_bool($result)) { + $requireClass = get_setting("authority.$permission"); + if (!is_bool($result)) { + $result = is_numeric($requireClass) && $requireClass >= 0 && $requireClass < $userInfo['class']; + do_log("$log, requireClass: $requireClass, result: $result"); + } + if (!$fail || $result) { return $result; } - if (isset(\App\Models\Setting::$permissionDegeneration[$permission])) { - $permission = \App\Models\Setting::$permissionDegeneration[$permission]; + if (IN_NEXUS && !IN_TRACKER) { + global $lang_functions; + if (isset(User::$classes[$requireClass])) { + stderr($lang_functions['std_sorry'],$lang_functions['std_permission_denied_only'].get_user_class_name($requireClass,false,true,true).$lang_functions['std_or_above_can_view'],false); + } else { + stderr($lang_functions['std_error'], $lang_functions['std_permission_denied']); + } } - $requireClass = get_setting("authority.$permission"); - return is_numeric($requireClass) && $requireClass < get_user_class(); + throw new \Illuminate\Auth\Access\AuthorizationException(); } diff --git a/lang/chs/lang_functions.php b/lang/chs/lang_functions.php index baad916e..d42e3cb4 100644 --- a/lang/chs/lang_functions.php +++ b/lang/chs/lang_functions.php @@ -324,6 +324,7 @@ $lang_functions = array 'full_site_promotion_in_effect' => '全站 [%s] 生效中!截止时间:%s', 'text_torrent_to_approval' => '有 %s%u 个待审核的种子%s', 'std_confirm_remove' => '确定要删除吗?', + 'select_an_user_class' => '选择一个用户等级', ); ?> diff --git a/lang/cht/lang_functions.php b/lang/cht/lang_functions.php index 19b7ed9c..4e49e9e2 100644 --- a/lang/cht/lang_functions.php +++ b/lang/cht/lang_functions.php @@ -331,6 +331,7 @@ $lang_functions = array 'full_site_promotion_in_effect' => '全站 [%s] 生效中!截止時間:%s', 'text_torrent_to_approval' => '有 %s%u 個待審核的種子%s', 'std_confirm_remove' => '確定要刪除嗎?', + 'select_an_user_class' => '選擇一個用戶等級', ); ?> diff --git a/lang/en/lang_functions.php b/lang/en/lang_functions.php index 503190c7..51b2a4a4 100644 --- a/lang/en/lang_functions.php +++ b/lang/en/lang_functions.php @@ -332,6 +332,7 @@ $lang_functions = array 'full_site_promotion_in_effect' => 'Full site [%s] in effect! Deadline: %s', 'text_torrent_to_approval' => 'There %s%u not approval torrent%s.', 'std_confirm_remove' => 'Are you sure you want to delete it?', + 'select_an_user_class' => 'Select an user class', ); ?> diff --git a/nexus/Install/settings.default.php b/nexus/Install/settings.default.php index cf35589c..b234d9ce 100644 --- a/nexus/Install/settings.default.php +++ b/nexus/Install/settings.default.php @@ -174,6 +174,7 @@ return array ( 'userbar' => '2', 'view_special_torrent' => '4', 'torrent_hr' => User::CLASS_ADMINISTRATOR, + 'torrent-approval' => User::CLASS_ADMINISTRATOR, ), 'tweak' => array ( diff --git a/nexus/Plugin/BasePlugin.php b/nexus/Plugin/BasePlugin.php index b4210200..86b96edc 100644 --- a/nexus/Plugin/BasePlugin.php +++ b/nexus/Plugin/BasePlugin.php @@ -25,4 +25,15 @@ abstract class BasePlugin extends BaseRepository Artisan::call($toExecute); } } + + public function checkMainApplicationVersion() + { + $constantName = "static::COMPATIBLE_VERSION"; + if (defined($constantName) && version_compare(VERSION_NUMBER, constant($constantName), '<')) { + throw new \RuntimeException(sprintf( + "NexusPHP version: %s is too low, this plugin require: %s", + VERSION_NUMBER, constant($constantName) + )); + } + } } diff --git a/nexus/Plugin/Hook.php b/nexus/Plugin/Hook.php index 108e2267..fe0edadd 100644 --- a/nexus/Plugin/Hook.php +++ b/nexus/Plugin/Hook.php @@ -38,7 +38,7 @@ class Hook $args = func_get_args(); ksort(self::$callbacks[$name]); reset(self::$callbacks[$name]); - do_log("name: $name, argc: " . (func_num_args() - 1)); +// do_log("name: $name, argc: " . (func_num_args() - 1)); do { foreach ((array)current(self::$callbacks[$name]) as $id => $callback) { $args[1] = $value; @@ -65,7 +65,7 @@ class Hook $args = func_get_args(); ksort(self::$callbacks[$name]); reset(self::$callbacks[$name]); - do_log("name: $name, argc: " . (func_num_args() - 1)); +// do_log("name: $name, argc: " . (func_num_args() - 1)); do { foreach ((array)current(self::$callbacks[$name]) as $id => $callback) { // do_log("name: $name, id: $id, before, params: " . nexus_json_encode(array_slice($args, 1, $callback['argc']))); diff --git a/public/cheaterbox.php b/public/cheaterbox.php index 00b5aa98..a3d80e01 100644 --- a/public/cheaterbox.php +++ b/public/cheaterbox.php @@ -5,8 +5,7 @@ require_once(get_langfile_path()); loggedinorreturn(); parked(); -if (get_user_class() < $staffmem_class) - permissiondenied(); +user_can('staffmem', true); if (!empty($_POST['setdealt'])) { @@ -62,7 +61,7 @@ while ($row = mysql_fetch_array($cheatersres)) print("".gettime($row['added'])."" . get_username($row['userid']) . "" . $row['hit'] . "" . $torrent . "".mksize($row['uploaded']).($upspeed ? " @ ".mksize($upspeed)."/s" : "")."".mksize($row['downloaded']).($lespeed ? " @ ".mksize($lespeed)."/s" : "")."".$row['anctime']." sec"."".$row['seeders']."".$row['leechers']."".htmlspecialchars($row['comment'])."".$dealtwith."\n"); } ?> - + "); diff --git a/public/comment.php b/public/comment.php index ac4af385..e6f97d5e 100644 --- a/public/comment.php +++ b/public/comment.php @@ -26,7 +26,7 @@ if ($action == "add") { // Anti Flood Code // This code ensures that a member can only send one comment per minute. - if (get_user_class() < $commanage_class) { + if (!user_can('commanage')) { if (strtotime($CURUSER['last_comment']) > (TIMENOW - 10)) { $secs = 10 - (TIMENOW - strtotime($CURUSER['last_comment'])); @@ -165,7 +165,7 @@ elseif ($action == "edit") if (!$arr) stderr($lang_comment['std_error'], $lang_comment['std_invalid_id']); - if ($arr["user"] != $CURUSER["id"] && get_user_class() < $commanage_class) + if ($arr["user"] != $CURUSER["id"] && !user_can('commanage')) stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']); if ($_SERVER["REQUEST_METHOD"] == "POST") @@ -208,7 +208,7 @@ elseif ($action == "edit") } elseif ($action == "delete") { - if (get_user_class() < $commanage_class) + if (!user_can('commanage')) stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']); $commentid = intval($_GET["cid"] ?? 0); @@ -265,7 +265,7 @@ elseif ($action == "delete") } elseif ($action == "vieworiginal") { - if (get_user_class() < $commanage_class) + if (!user_can('commanage')) stderr($lang_comment['std_error'], $lang_comment['std_permission_denied']); $commentid = intval($_GET["cid"] ?? 0); diff --git a/public/complains.php b/public/complains.php index 462ea57a..20827801 100644 --- a/public/complains.php +++ b/public/complains.php @@ -4,7 +4,7 @@ dbconn(); require get_langfile_path(); $isLogin = isset($CURUSER['id']); -$isAdmin = get_user_class() >= $staffmem_class; +$isAdmin = user_can('staffmem'); if($isLogin && !$isAdmin) { permissiondenied(); diff --git a/public/delete.php b/public/delete.php index f53113b4..9b66e804 100644 --- a/public/delete.php +++ b/public/delete.php @@ -25,7 +25,7 @@ $row = mysql_fetch_array($res); if (!$row) die(); -if ($CURUSER["id"] != $row["owner"] && get_user_class() < $torrentmanage_class) +if ($CURUSER["id"] != $row["owner"] && !user_can('torrentmanage')) bark($lang_delete['std_not_owner']); $rt = intval($_POST["reasontype"] ?? 0); diff --git a/public/details.php b/public/details.php index 2c6d04de..8e779a19 100644 --- a/public/details.php +++ b/public/details.php @@ -23,7 +23,7 @@ FROM torrents LEFT JOIN categories ON torrents.category = categories.id WHERE torrents.id = $id LIMIT 1") or sqlerr(); $row = mysql_fetch_array($res); -if (get_user_class() >= $torrentmanage_class || $CURUSER["id"] == $row["owner"]) +if (user_can('torrentmanage') || $CURUSER["id"] == $row["owner"]) $owned = 1; else $owned = 0; @@ -31,7 +31,7 @@ $settingMain = get_setting('main'); if (!$row) { stderr($lang_details['std_error'], $lang_details['std_no_torrent_id']); } elseif ( - ($row['banned'] == 'yes' && get_user_class() < $seebanned_class && $row['owner'] != $CURUSER['id']) + ($row['banned'] == 'yes' && !user_can('seebanned') && $row['owner'] != $CURUSER['id']) || (!can_access_torrent($row) && $row['owner'] != $CURUSER['id']) ) { permissiondenied(); @@ -101,7 +101,7 @@ if (!$row) { // ------------- start upped by block ------------------// if($row['anonymous'] == 'yes') { - if (get_user_class() < $viewanonymous_class) + if (!user_can('viewanonymous')) $uprow = "".$lang_details['text_anonymous'].""; else $uprow = "".$lang_details['text_anonymous']." (" . get_username($row['owner'], false, true, true, false, false, true) . ")"; @@ -153,10 +153,10 @@ if (!$row) { if ($owned == 1) { $actions[] = "<$editlink>\"edit\" ".$lang_details['text_edit_torrent'] . ""; } - if (get_user_class() >= $askreseed_class && $row['seeders'] == 0) { + if (user_can('askreseed') && $row['seeders'] == 0) { $actions[] = "\"reseed\" ".$lang_details['text_ask_for_reseed'] .""; } - if (get_user_class() >= $torrentmanage_class && (get_setting('torrent.approval_status_icon_enabled') == 'yes' || get_setting('torrent.approval_status_none_visible') == 'no')) { + if (user_can('torrentmanage') && (get_setting('torrent.approval_status_icon_enabled') == 'yes' || get_setting('torrent.approval_status_none_visible') == 'no')) { $approvalIcon = ''; $actions[] = sprintf( '%s %s', @@ -230,7 +230,7 @@ JS; while($a = mysql_fetch_assoc($r)) { $lang = "\"""; - $lang .= "  ". $a["title"]. "".(get_user_class() >= $submanage_class || (get_user_class() >= $delownsub_class && $a["uppedby"] == $CURUSER["id"]) ? " [".$lang_details['text_delete']."]" : "")."  ".($a["anonymous"] == 'yes' ? $lang_details['text_anonymous'] . (get_user_class() >= $viewanonymous_class ? get_username($a['uppedby'],false,true,true,false,true) : "") : get_username($a['uppedby'])).""; + $lang .= "  ". $a["title"]. "".(user_can('submanage') || (user_can('delownsub') && $a["uppedby"] == $CURUSER["id"]) ? " [".$lang_details['text_delete']."]" : "")."  ".($a["anonymous"] == 'yes' ? $lang_details['text_anonymous'] . (user_can('viewanonymous') ? get_username($a['uppedby'],false,true,true,false,true) : "") : get_username($a['uppedby'])).""; print($lang); } } @@ -238,7 +238,7 @@ JS; print("".$lang_details['text_no_subtitles'].""); print(""); print(""); - if($CURUSER['id']==$row['owner'] || get_user_class() >= $uploadsub_class) + if($CURUSER['id']==$row['owner'] || !user_can('uploadsub')) { print(""); } @@ -282,7 +282,7 @@ JS; tr("\"Show/Hide\" ".$lang_details['row_description']."", "
".($Advertisement->enable_ad() && $torrentdetailad ? "
".$torrentdetailad[0]."
" : "").$desc."
", 1); } - if (get_user_class() >= $viewnfo_class && $CURUSER['shownfo'] != 'no' && $row["nfosz"] > 0){ + if (user_can('viewnfo') && $CURUSER['shownfo'] != 'no' && $row["nfosz"] > 0){ if (!$nfo = $Cache->get_value('nfo_block_torrent_id_'.$id)){ $nfo = code($row["nfo"], $view == "magic"); $Cache->cache_value('nfo_block_torrent_id_'.$id, $nfo, 604800); @@ -335,7 +335,7 @@ JS; echo $Cache->next_row(); $Cache->next_row(); echo $Cache->next_part(); - if (get_user_class() >= $updateextinfo_class) + if (user_can('updateextinfo')) echo $Cache->next_part(); echo $Cache->next_row(); break; @@ -355,7 +355,7 @@ JS; echo $Cache->next_row(); $Cache->next_row(); echo $Cache->next_part(); - if (get_user_class() >= $updateextinfo_class){ + if (user_can('updateextinfo')){ echo $Cache->next_part(); } echo $Cache->next_row(); @@ -423,7 +423,7 @@ JS; return sprintf("%02x", ord($matches[0])); } if ($enablenfo_main=='yes') - tr($lang_details['row_torrent_info'], "
" . (!empty($files_info) ? "" : "") . "". (get_user_class() >= $torrentstructure_class ? "" : "") . "
" . $files_info . "".$lang_details['row_info_hash'].": ".preg_replace_callback('/./s', "hex_esc", hash_pad($row["info_hash"]))."" . $lang_details['text_torrent_structure'] . "".$lang_details['text_torrent_info_note']."
",1); + tr($lang_details['row_torrent_info'], "" . (!empty($files_info) ? "" : "") . "". (user_can('torrentstructure') ? "" : "") . "
" . $files_info . "".$lang_details['row_info_hash'].": ".preg_replace_callback('/./s', "hex_esc", hash_pad($row["info_hash"]))."" . $lang_details['text_torrent_structure'] . "".$lang_details['text_torrent_info_note']."
",1); tr($lang_details['row_hot_meter'], "
" . $lang_details['text_views']."". $row["views"] . "" . $lang_details['text_hits']. "" . $row["hits"] . "" .$lang_details['text_snatched'] . "" . $row["times_completed"]. $lang_details['text_view_snatches'] . "" . $lang_details['row_last_seeder']. "" . gettime($row["last_action"]) . "
",1); $bwres = sql_query("SELECT uploadspeed.name AS upname, downloadspeed.name AS downname, isp.name AS ispname FROM users LEFT JOIN uploadspeed ON users.upload = uploadspeed.id LEFT JOIN downloadspeed ON users.download = downloadspeed.id LEFT JOIN isp ON users.isp = isp.id WHERE users.id=".$row['owner']); $bwrow = mysql_fetch_array($bwres); diff --git a/public/download.php b/public/download.php index 8ed7de89..56b793f2 100644 --- a/public/download.php +++ b/public/download.php @@ -108,7 +108,7 @@ if (filesize($fn) == 0) { httperr(); } $approvalNotAllowed = $row['approval_status'] != \App\Models\Torrent::APPROVAL_STATUS_ALLOW && get_setting('torrent.approval_status_none_visible') == 'no'; -if ((($row['banned'] == 'yes' || $approvalNotAllowed) && get_user_class() < $seebanned_class) || !can_access_torrent($row)) { +if ((($row['banned'] == 'yes' || $approvalNotAllowed) && !user_can('seebanned')) || !can_access_torrent($row)) { denyDownload(); } diff --git a/public/edit.php b/public/edit.php index 5ea3b9f7..91c6cb77 100644 --- a/public/edit.php +++ b/public/edit.php @@ -20,7 +20,7 @@ $customField = new \Nexus\Field\Field(); $tagIdArr = \App\Models\TorrentTag::query()->where('torrent_id', $id)->get()->pluck('tag_id')->toArray(); -if ($enablespecial == 'yes' && get_user_class() >= $movetorrent_class) +if ($enablespecial == 'yes' && user_can('movetorrent')) $allowmove = true; //enable moving torrent to other section else $allowmove = false; @@ -46,7 +46,7 @@ $showaudiocodec = (get_searchbox_value($sectionmode, 'showaudiocodec') || ($allo $settingMain = get_setting('main'); stdhead($lang_edit['head_edit_torrent'] . "\"". $row["name"] . "\""); -if (!isset($CURUSER) || ($CURUSER["id"] != $row["owner"] && get_user_class() < $torrentmanage_class)) { +if (!isset($CURUSER) || ($CURUSER["id"] != $row["owner"] && !user_can('torrentmanage'))) { print("

".$lang_edit['text_cannot_edit_torrent']."

"); print("

".$lang_edit['text_cannot_edit_torrent_note']."

"); } @@ -150,17 +150,17 @@ else { tr($lang_functions['text_tags'], (new \App\Repositories\TagRepository())->renderCheckbox($tagIdArr), 1); $rowChecks = []; - if (get_user_class() >= $beanonymous_class || get_user_class() >= $torrentmanage_class) { + if (user_can('beanonymous') || user_can('torrentmanage')) { $rowChecks[] = ""; } - if (get_user_class() >= $torrentmanage_class) { + if (user_can('torrentmanage')) { array_unshift($rowChecks, ""); } if (!empty($rowChecks)) { tr($lang_edit['row_check'], implode('  ', $rowChecks), 1); } - if (get_user_class()>= $torrentsticky_class || (get_user_class() >= $torrentmanage_class && $CURUSER["picker"] == 'yes')){ + if (user_can('torrentsticky') || (user_can('torrentmanage') && $CURUSER["picker"] == 'yes')){ $pickcontent = $pickcontentPrefix = ""; if(get_user_class() >= $torrentonpromotion_class) @@ -173,7 +173,7 @@ else { } $pickcontent .= ') '.$lang_edit['text_promotion_until_note'].'  '; } - if(get_user_class()>=$torrentsticky_class) + if(user_can('torrentsticky')) { if ($pickcontent) { $pickcontent .= "
"; @@ -184,7 +184,7 @@ else { } $pickcontent .= "".$lang_edit['row_torrent_position'].": "."   "; } - if(get_user_class()>=$torrentmanage_class && ($CURUSER["picker"] == 'yes' || get_user_class() >= \App\Models\User::CLASS_SYSOP)) + if(user_can('torrentmanage') && ($CURUSER["picker"] == 'yes' || get_user_class() >= \App\Models\User::CLASS_SYSOP)) { if ($pickcontent) $pickcontent .= '
'; $pickcontent .= "".$lang_edit['row_recommended_movie'].": "." Reason diff --git a/public/index.php b/public/index.php index 7d9388cd..46130b2f 100644 --- a/public/index.php +++ b/public/index.php @@ -37,7 +37,7 @@ stdhead($lang_index['head_home']); begin_main_frame(); // ------------- start: recent news ------------------// -print("

".$lang_index['text_recent_news'].(get_user_class() >= $newsmanage_class ? " - [".$lang_index['text_news_page']."]" : "")."

"); +print("

".$lang_index['text_recent_news'].(user_can('newsmanage') ? " - [".$lang_index['text_news_page']."]" : "")."

"); $Cache->new_page('recent_news', 86400, true); if (!$Cache->get_page()){ @@ -79,7 +79,7 @@ if (mysql_num_rows($res) > 0) echo $Cache->next_row(); while($Cache->next_row()){ echo $Cache->next_part(); - if (get_user_class() >= $newsmanage_class) + if (user_can('newsmanage')) echo $Cache->next_part(); } echo $Cache->next_row(); @@ -97,7 +97,7 @@ if ($showfunbox_main == "yes" && (!isset($CURUSER) || $CURUSER['showfb'] == "yes } if (!$row) //There is no funbox item { - print("

".$lang_index['text_funbox'].(get_user_class() >= $newfunitem_class ? " - [".$lang_index['text_new_fun']."]" : "")."

"); + print("

".$lang_index['text_funbox'].(user_can('newfunitem') ? " - [".$lang_index['text_new_fun']."]" : "")."

"); } else { @@ -117,7 +117,7 @@ if ($showfunbox_main == "yes" && (!isset($CURUSER) || $CURUSER['showfb'] == "yes print ("

".$lang_index['text_funbox']); if ($CURUSER) { - print("".(get_user_class() >= $log_class ? " - [".$lang_index['text_more_fun']."]": "").($row['neednew'] && get_user_class() >= $newfunitem_class ? " - [".$lang_index['text_new_fun']."]" : "" ).( ($CURUSER['id'] == $row['userid'] || get_user_class() >= $funmanage_class) ? " - [".$lang_index['text_edit']."]" : "").(get_user_class() >= $funmanage_class ? " - [".$lang_index['text_delete']."] - [".$lang_index['text_ban']."]" : "").""); + print("".(user_can('log') ? " - [".$lang_index['text_more_fun']."]": "").($row['neednew'] && user_can('newfunitem') ? " - [".$lang_index['text_new_fun']."]" : "" ).( ($CURUSER['id'] == $row['userid'] || user_can('funmanage')) ? " - [".$lang_index['text_edit']."]" : "").(get_user_class() >= $funmanage_class ? " - [".$lang_index['text_delete']."] - [".$lang_index['text_ban']."]" : "").""); } print("

"); @@ -266,7 +266,7 @@ if ($CURUSER && $showpolls_main == "yes") print("

".$lang_index['text_polls']); - if (get_user_class() >= $pollmanage_class) + if (user_can('pollmanage')) { print(" - [".$lang_index['text_new']."]\n"); if ($pollexists) @@ -389,7 +389,7 @@ if ($CURUSER && $showpolls_main == "yes") } print(""); - if ($voted && get_user_class() >= $log_class) + if ($voted && user_can('log')) print("

".$lang_index['text_previous_polls']."

\n"); print(""); } @@ -600,9 +600,9 @@ if ($showtrackerload == "yes") { // ------------- end: disclaimer ------------------// // ------------- start: links ------------------// print("

".$lang_index['text_links']); - if (get_user_class() >= $applylink_class) + if (user_can('applylink')) print(" - [".$lang_index['text_apply_for_link']."]"); - if (get_user_class() >= $linkmanage_class) + if (user_can('linkmanage')) { print(""); print(" - [".$lang_index['text_manage_links']."]\n"); diff --git a/public/invite.php b/public/invite.php index 7b18ee89..3de3dd13 100644 --- a/public/invite.php +++ b/public/invite.php @@ -19,9 +19,9 @@ function inviteMenu ($selected = "invitee") { end_main_frame(); } -if (($CURUSER['id'] != $id && get_user_class() < $viewinvite_class) || !is_valid_id($id)) +if (($CURUSER['id'] != $id && !user_can('viewinvite')) || !is_valid_id($id)) stderr($lang_invite['std_sorry'],$lang_invite['std_permission_denied']); -if (get_user_class() < $sendinvite_class) +if (!user_can('sendinvite')) stderr($lang_invite['std_sorry'],$lang_invite['std_only'].get_user_class_name($sendinvite_class,false,true,true).$lang_invite['std_or_above_can_invite'],false); $res = sql_query("SELECT username FROM users WHERE id = ".mysql_real_escape_string($id)) or sqlerr(); $user = mysql_fetch_assoc($res); diff --git a/public/iphistory.php b/public/iphistory.php index c13c7e68..f5b9523a 100644 --- a/public/iphistory.php +++ b/public/iphistory.php @@ -4,8 +4,7 @@ dbconn(); require_once(get_langfile_path()); loggedinorreturn(); -if (get_user_class() < $userprofile_class) - permissiondenied(); +user_can('userprofile', true); $userid = intval($_GET["id"] ?? 0); if (!is_valid_id($userid)) diff --git a/public/ipsearch.php b/public/ipsearch.php index 9fe6bfe6..3ecfa4fc 100644 --- a/public/ipsearch.php +++ b/public/ipsearch.php @@ -4,7 +4,7 @@ dbconn(); require_once(get_langfile_path()); loggedinorreturn(); -if (get_user_class() < $userprofile_class) +if (!user_can('userprofile')) permissiondenied(); else { diff --git a/public/linksmanage.php b/public/linksmanage.php index 9ad2dcfb..96e01fa6 100644 --- a/public/linksmanage.php +++ b/public/linksmanage.php @@ -6,7 +6,7 @@ loggedinorreturn(); //start apply for links if (isset($_GET['action']) && $_GET['action'] == "apply") { -if (get_user_class() >= $applylink_class){ +if (user_can('applylink')){ stdhead($lang_linksmanage['head_apply_for_links']); begin_main_frame(); begin_frame($lang_linksmanage['text_apply_for_links'], true,10,"100%","center"); @@ -17,7 +17,7 @@ begin_frame($lang_linksmanage['text_apply_for_links'], true,10,"100%","center"); print("

       ".$lang_linksmanage['text_rule_four']."

\n"); print("

       ".$lang_linksmanage['text_rule_five']."

\n"); print("

       ".$lang_linksmanage['text_rule_six']."

\n"); - + print("

".$lang_linksmanage['text_red_star_required']."

"); ?>
"> @@ -40,7 +40,7 @@ else permissiondenied(); } elseif (isset($_POST['action']) && $_POST['action'] == "newapply") { -if (get_user_class() >= $applylink_class){ +if (user_can('applylink')){ $sitename = unesc($_POST["linkname"]); $url = unesc($_POST["url"]); $title = unesc($_POST["title"]); @@ -77,7 +77,7 @@ else permissiondenied(); } //start admin work -elseif (get_user_class() < $linkmanage_class) +elseif (!user_can('linkmanage')) permissiondenied(); else{ if (isset($_GET['action']) && $_GET['action'] == "del") { diff --git a/public/log.php b/public/log.php index 6a03aca7..070ff87f 100644 --- a/public/log.php +++ b/public/log.php @@ -3,7 +3,7 @@ require "../include/bittorrent.php"; dbconn(); require_once(get_langfile_path()); loggedinorreturn(); -if (get_user_class() < $log_class) +if (!user_can('log')) { stderr($lang_log['std_sorry'],$lang_log['std_permission_denied_only'].get_user_class_name($log_class,false,true,true).$lang_log['std_or_above_can_view'],false); } @@ -89,7 +89,7 @@ else { $addparam = ""; $wherea = ""; - if (get_user_class() >= $confilog_class){ + if (user_can('confilog')){ switch ($search) { case "mod": $wherea=" WHERE security_level = 'mod'"; break; @@ -140,7 +140,7 @@ else { print("".gettime($arr['added'],true,false)."".htmlspecialchars($arr['txt'])."\n"); } print(""); - + echo $pagerbottom; } @@ -162,7 +162,7 @@ else { } logmenu("chronicle"); searchtable($lang_log['text_search_chronicle'], 'chronicle'); - if (get_user_class() >= $chrmanage_class) + if (user_can('chrmanage')) additem($lang_log['text_add_chronicle'], 'chronicle'); if ( (isset($_GET['do']) && $_GET['do'] == "del") @@ -172,8 +172,8 @@ else { ) { $txt = $_POST['txt'] ?? ''; - if (get_user_class() < $chrmanage_class) - permissiondeny(); + if (get_user_class() < $chrmanage_class) + permissiondeny(); elseif (isset($_POST['do']) && $_POST['do'] == "add") sql_query ("INSERT INTO chronicle (userid,added, txt) VALUES ('".$CURUSER["id"]."', now(), ".sqlesc($txt).")") or sqlerr(__FILE__, __LINE__); elseif (isset($_POST['do'] ) && $_POST['do'] == "update"){ @@ -205,11 +205,11 @@ else { //echo $pagertop; print("\n"); - print("".(get_user_class() >= $chrmanage_class ? "" : "")."\n"); + print("".(user_can('chrmanage') ? "" : "")."\n"); while ($arr = mysql_fetch_assoc($res)) { $date = gettime($arr['added'],true,false); - print("".(get_user_class() >= $chrmanage_class ? "" : "")."\n"); + print("".(user_can('chrmanage') ? "" : "")."\n"); } print("
".$lang_log['col_date']."".$lang_log['col_event']."".$lang_log['col_modify']."
".$lang_log['col_date']."".$lang_log['col_event']."".$lang_log['col_modify']."
$date".format_comment($arr["txt"],true,false,true)."".$lang_log['text_edit']." | ".$lang_log['text_delete']."
$date".format_comment($arr["txt"],true,false,true)."".$lang_log['text_edit']." | ".$lang_log['text_delete']."
"); echo $pagerbottom; @@ -319,7 +319,7 @@ else { $returnto = htmlspecialchars($_GET["returnto"] ?? ''); if ($do == "delete") { - if (get_user_class() < $chrmanage_class) + if (!user_can('chrmanage')) stderr($lang_log['std_error'], $lang_log['std_permission_denied']); int_check($pollid,true); @@ -372,7 +372,7 @@ else { print($added); - if (get_user_class() >= $pollmanage_class) + if (user_can('pollmanage')) { print(" - [".$lang_log['text_edit']."]\n"); print(" - [".$lang_log['text_delete']."]\n"); diff --git a/public/makepoll.php b/public/makepoll.php index bac6b465..73454ad8 100644 --- a/public/makepoll.php +++ b/public/makepoll.php @@ -3,8 +3,7 @@ require "../include/bittorrent.php"; dbconn(); require_once(get_langfile_path()); loggedinorreturn(); -if (get_user_class() < $pollmanage_class) - permissiondenied(); +user_can('pollmanage', true); $action = $_GET["action"] ?? ''; $pollid = intval($_GET["pollid"] ?? 0); diff --git a/public/modtask.php b/public/modtask.php index 2b4e7aa1..1289d932 100644 --- a/public/modtask.php +++ b/public/modtask.php @@ -11,7 +11,7 @@ function puke() stderr("Error", "Permission denied. For security reason, we logged this action"); } -if (get_user_class() < $prfmanage_class) +if (!user_can('prfmanage')) puke(); $action = $_POST["action"]; @@ -87,11 +87,11 @@ if ($action == "edituser") $updateset[] = "supportlang = ".sqlesc($supportlang); $banLog = []; - if(get_user_class()<=$cruprfmanage_class) + if(!user_can('cruprfmanage')) { $modcomment = $arr["modcomment"]; } - if(get_user_class() >= $cruprfmanage_class) + if(user_can('cruprfmanage')) { $email = $_POST["email"]; $username = $_POST["username"]; diff --git a/public/moforums.php b/public/moforums.php index 779b7707..7d77bc70 100644 --- a/public/moforums.php +++ b/public/moforums.php @@ -3,8 +3,7 @@ require "../include/bittorrent.php"; dbconn(); require_once(get_langfile_path()); loggedinorreturn(); -if (get_user_class() < $forummanage_class) - permissiondenied(); +user_can('forummanage', true); //Presets $act = $_GET['action'] ?? ''; @@ -19,8 +18,7 @@ $act = "forum"; // DELETE FORUM ACTION if ($act == "del") { -if (get_user_class() < $forummanage_class) - permissiondenied(); +user_can('forummanage', true); if (!$id) { header("Location: $PHP_SELF?action=forum"); die();} @@ -32,8 +30,7 @@ die(); //EDIT FORUM ACTION if (isset($_POST['action']) && $_POST['action'] == "editforum") { -if (get_user_class() < $forummanage_class) - permissiondenied(); +user_can('forummanage', true); $name = $_POST['name']; $desc = $_POST['desc']; @@ -48,8 +45,7 @@ die(); //ADD FORUM ACTION if (isset($_POST['action']) && $_POST['action'] == "addforum") { -if (get_user_class() < $forummanage_class) - permissiondenied(); +user_can('forummanage', true); $name = trim($_POST['name']); $desc = trim($_POST['desc']); diff --git a/public/mybonus.php b/public/mybonus.php index d08dc519..716310eb 100644 --- a/public/mybonus.php +++ b/public/mybonus.php @@ -338,7 +338,7 @@ for ($i=0; $i < count($allBonus); $i++) } elseif($bonusarray['art'] == 'invite') { - if(get_user_class() < $buyinvite_class) + if(!user_can('buyinvite')) print(""); else print(""); @@ -543,7 +543,7 @@ if ($action == "exchange") { } //=== trade for invites elseif($art == "invite") { - if(get_user_class() < $buyinvite_class) + if(!user_can('buyinvite')) die(get_user_class_name($buyinvite_class,false,false,true).$lang_mybonus['text_plus_only']); $invites = $CURUSER['invites']; $inv = $invites+$bonusarray['menge']; diff --git a/public/myhr.php b/public/myhr.php index 28729e73..1df8fa02 100644 --- a/public/myhr.php +++ b/public/myhr.php @@ -7,7 +7,7 @@ require_once(get_langfile_path()); $userid = $CURUSER['id']; $pagerParams = []; if (!empty($_GET['userid'])) { - if (get_user_class() < $viewhistory_class && $_GET['userid'] != $CURUSER['id']) { + if (!user_can('viewhistory') && $_GET['userid'] != $CURUSER['id']) { permissiondenied($viewhistory_class); } $userid = $_GET['userid']; diff --git a/public/news.php b/public/news.php index 33c39982..07c1c289 100644 --- a/public/news.php +++ b/public/news.php @@ -3,8 +3,7 @@ require "../include/bittorrent.php"; dbconn(); require_once(get_langfile_path()); loggedinorreturn(); -if (get_user_class() < $newsmanage_class) - permissiondenied(); +user_can('newsmanage', true); $action = htmlspecialchars($_GET["action"] ?? ''); @@ -46,11 +45,11 @@ if ($action == 'add') $added = sqlesc(date("Y-m-d H:i:s")); $notify = $_POST['notify'] ?? ''; if ($notify != 'yes') - $notify = 'no'; + $notify = 'no'; sql_query("INSERT INTO news (userid, added, body, title, notify) VALUES (".sqlesc($CURUSER['id']) . ", $added, " . sqlesc($body) . ", " . sqlesc($title) . ", " . sqlesc($notify).")") or sqlerr(__FILE__, __LINE__); $Cache->delete_value('recent_news',true); if (mysql_affected_rows() != 1) - stderr($lang_news['std_error'], $lang_news['std_something_weird_happened']); + stderr($lang_news['std_error'], $lang_news['std_something_weird_happened']); header("Location: " . get_protocol_prefix() . "$BASEURL/index.php"); } diff --git a/public/offers.php b/public/offers.php index 2cd10ca8..9e287834 100644 --- a/public/offers.php +++ b/public/offers.php @@ -29,8 +29,7 @@ if (isset($_GET['id']) && $_GET["id"]){ //==== add offer if (isset($_GET['add_offer']) && $_GET["add_offer"]){ - if (get_user_class() < $addoffer_class) - permissiondenied(); + user_can('addoffer', true); $add_offer = intval($_GET["add_offer"] ?? 0); if($add_offer != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); @@ -61,8 +60,7 @@ if (isset($_GET['add_offer']) && $_GET["add_offer"]){ //=== take new offer if (isset($_GET['new_offer']) && $_GET["new_offer"]){ - if (get_user_class() < $addoffer_class) - permissiondenied(); + user_can('addoffer', true); $new_offer = intval($_GET["new_offer"] ?? 0); if($new_offer != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); @@ -158,7 +156,7 @@ if (isset($_GET['off_details']) && $_GET["off_details"]){ $status="".$lang_offers['text_denied'].""; tr($lang_offers['row_status'], $status, 1); //=== if you want to have a pending thing for uploaders use this next bit - if (get_user_class() >= $offermanage_class && $num["allowed"] == "pending") + if (user_can('offermanage') && $num["allowed"] == "pending") tr($lang_offers['row_allow'], "
". "  
". "
", 1); @@ -174,7 +172,7 @@ if (isset($_GET['off_details']) && $_GET["off_details"]){ //if pending if ($num["allowed"] == "pending"){ tr($lang_offers['row_vote'], "". - "".$lang_offers['text_for']."".(get_user_class() >= $againstoffer_class ? " - ". + "".$lang_offers['text_for']."".(user_can('againstoffer') ? " - ". "".$lang_offers['text_against']."" : ""), 1); tr($lang_offers['row_vote_results'], "".$lang_offers['text_for'].": $za ".$lang_offers['text_against']." $protiv     ".$lang_offers['text_see_vote_detail']."", 1); @@ -186,7 +184,7 @@ if (isset($_GET['off_details']) && $_GET["off_details"]){ tr($lang_offers['row_offer_allowed'], $lang_offers['text_urge_upload_offer_note'], 1); } - if ($CURUSER['id'] == $num['userid'] || get_user_class() >= $offermanage_class){ + if ($CURUSER['id'] == $num['userid'] || user_can('offermanage')){ $edit = "\"edit\" ".$lang_offers['text_edit_offer'] . " | "; $delete = "\"delete\" ".$lang_offers['text_delete_offer']." | "; } @@ -235,7 +233,7 @@ if (isset($_GET['off_details']) && $_GET["off_details"]){ //=== allow offer by staff if (isset($_GET["allow_offer"]) && $_GET["allow_offer"]) { - if (get_user_class() < $offermanage_class) + if (!user_can('offermanage')) stderr($lang_offers['std_access_denied'], $lang_offers['std_mans_job']); $allow_offer = intval($_GET["allow_offer"] ?? 0); @@ -270,7 +268,7 @@ if (isset($_GET["allow_offer"]) && $_GET["allow_offer"]) { //=== allow offer by vote if (isset($_GET["finish_offer"]) && $_GET["finish_offer"]) { - if (get_user_class() < $offermanage_class) + if (!user_can('offermanage')) stderr($lang_offers['std_access_denied'], $lang_offers['std_have_no_permission']); $finish_offer = intval($_GET["finish_offer"] ?? 0); @@ -337,7 +335,7 @@ if (isset($_GET["edit_offer"]) && $_GET["edit_offer"]) { $s = $num["name"]; $id2 = $num["category"]; - if ($CURUSER["id"] != $num["userid"] && get_user_class() < $offermanage_class) + if ($CURUSER["id"] != $num["userid"] && !user_can('offermanage')) stderr($lang_offers['std_error'], $lang_offers['std_cannot_edit_others_offer']); $body = htmlspecialchars(unesc($num["descr"])); @@ -378,7 +376,7 @@ if (isset($_GET["take_off_edit"]) && $_GET["take_off_edit"]){ $res = sql_query("SELECT userid FROM offers WHERE id = $id") or sqlerr(__FILE__, __LINE__); $num = mysql_fetch_array($res); - if ($CURUSER['id'] != $num['userid'] && get_user_class() < $offermanage_class) + if ($CURUSER['id'] != $num['userid'] && !user_can('offermanage')) stderr($lang_offers['std_error'], $lang_offers['std_access_denied']); $name = $_POST["name"]; @@ -461,7 +459,7 @@ if (isset($_GET["offer_vote"]) && $_GET["offer_vote"]){ if (isset($_GET["vote"]) && $_GET["vote"]){ $offerid = htmlspecialchars(intval($_GET["id"] ?? 0)); $vote = htmlspecialchars($_GET["vote"]); - if ($vote == 'against' && get_user_class() < $againstoffer_class) + if ($vote == 'against' && !user_can('againstoffer')) stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); if ($vote =='yeah' || $vote =='against') { @@ -547,7 +545,7 @@ if (isset($_GET["del_offer"]) && $_GET["del_offer"]){ $name = $num["name"]; - if ($userid != $num["userid"] && get_user_class() < $offermanage_class) + if ($userid != $num["userid"] && !user_can('offermanage')) stderr($lang_offers['std_error'], $lang_offers['std_cannot_delete_others_offer']); if ($_GET["sure"]) @@ -707,7 +705,7 @@ if ($offervotetimeout_main) if ($offeruptimeout_main) print("
  • ".$lang_offers['text_rule_four_one']."".($offeruptimeout_main / 3600)."".$lang_offers['text_rule_four_two']."
    • \n"); print(""); -if (get_user_class() >= $addoffer_class) +if (user_can('addoffer')) print(""); print("
    ".$lang_offers['text_search_offers']."    "); @@ -736,7 +734,7 @@ else if ($offervotetimeout_main > 0 && $offeruptimeout_main > 0) print("".$lang_offers['col_timeout'].""); print("".$lang_offers['col_offered_by']."". -(get_user_class() >= $offermanage_class ? "".$lang_offers['col_act']."" : "")."\n"); +(user_can('offermanage') ? "".$lang_offers['col_act']."" : "")."\n"); for ($i = 0; $i < $num; ++$i) { $arr = mysql_fetch_assoc($res); @@ -811,7 +809,7 @@ print("".$lang_offers['col_offered_by']."". $max_length_of_offer_name = 70; if($count_dispname > $max_length_of_offer_name) $dispname=mb_substr($dispname, 0, $max_length_of_offer_name-2,"UTF-8") . ".."; - print("".return_category_image($arr['cat_id'], "")."".htmlspecialchars($dispname)."".($CURUSER['appendnew'] != 'no' && strtotime($arr["added"]) >= $last_offer ? " (".$lang_offers['text_new'].")" : "").$allowed."".$v_res."".$lang_offers['text_yep']."".(get_user_class() >= $againstoffer_class ? "".$lang_offers['text_nah']."" : "")); + print("".return_category_image($arr['cat_id'], "")."".htmlspecialchars($dispname)."".($CURUSER['appendnew'] != 'no' && strtotime($arr["added"]) >= $last_offer ? " (".$lang_offers['text_new'].")" : "").$allowed."".$v_res."".$lang_offers['text_yep']."".(get_user_class() >= $againstoffer_class ? "".$lang_offers['text_nah']."" : "")); print("".$comment."" . $addtime. ""); if ($offervotetimeout_main > 0 && $offeruptimeout_main > 0){ @@ -828,7 +826,7 @@ print("".$lang_offers['col_offered_by']."". $timeout = "N/A"; print("".$timeout.""); } - print("".$addedby."".(get_user_class() >= $offermanage_class ? "\"D\"
    \"E\"" : "").""); + print("".$addedby."".(user_can('offermanage') ? "\"D\"
    \"E\"" : "").""); } print("\n"); echo $pagerbottom; diff --git a/public/polloverview.php b/public/polloverview.php index 313d0c3d..6d2c6911 100644 --- a/public/polloverview.php +++ b/public/polloverview.php @@ -4,8 +4,7 @@ dbconn(); require_once(get_langfile_path()); loggedinorreturn(); -if (get_user_class() < $pollmanage_class) - permissiondenied(); +user_can('pollmanage', true); $pollid = intval($_GET['id'] ?? 0); @@ -17,18 +16,18 @@ if ($pollid) stdhead($lang_polloverview['head_poll_overview']); print("

    ".$lang_polloverview['text_polls_overview']."

    \n"); - print("\n" . + print("
    \n" . "\n"); - + while ($poll = mysql_fetch_assoc($res)) { $o = array($poll["option0"], $poll["option1"], $poll["option2"], $poll["option3"], $poll["option4"], $poll["option5"], $poll["option6"], $poll["option7"], $poll["option8"], $poll["option9"], $poll["option10"], $poll["option11"], $poll["option12"], $poll["option13"], $poll["option14"], $poll["option15"], $poll["option16"], $poll["option17"], $poll["option18"], $poll["option19"]); - + $added = gettime($poll['added']); print("\n"); } print("
    ".$lang_polloverview['col_id']."".$lang_polloverview['col_added']."".$lang_polloverview['col_question']."
    ".$poll['id']."".$added."".$poll['question']."
    \n"); - + print("

    ".$lang_polloverview['text_poll_question']."


    \n"); print("\n"); foreach($o as $key=>$value) { @@ -68,12 +67,12 @@ else stdhead($lang_polloverview['head_poll_overview']); print("

    ".$lang_polloverview['text_polls_overview']."

    \n"); - print("
    ".$lang_polloverview['col_option_no']."".$lang_polloverview['col_options']."
    \n" . + print("
    \n" . "\n"); while ($poll = mysql_fetch_assoc($res)) { $added = gettime($poll['added']); - print("\n"); + print("\n"); } print("
    ".$lang_polloverview['col_id']."".$lang_polloverview['col_added']."".$lang_polloverview['col_question']."
    ".$poll['id']."".$added."".$poll['question']."
    ".$poll['id']."".$added."".$poll['question']."
    \n"); stdfoot(); diff --git a/public/promotionlink.php b/public/promotionlink.php index 8c9f8ed6..7213744c 100644 --- a/public/promotionlink.php +++ b/public/promotionlink.php @@ -53,7 +53,7 @@ else
    <?php echo htmlspecialchars($SITENAME)?>
    = $userbar_class) +if (user_can('userbar')) { ?>
    diff --git a/public/reports.php b/public/reports.php index 7472725e..d404c0ff 100644 --- a/public/reports.php +++ b/public/reports.php @@ -5,8 +5,7 @@ require_once(get_langfile_path()); loggedinorreturn(); parked(); -if (get_user_class() < $staffmem_class) - permissiondenied(); +user_can('staffmem', true); $count = get_row_count("reports"); if (!$count){ @@ -146,7 +145,7 @@ while ($row = mysql_fetch_array($reportres)) print("".gettime($row['added'])."" . get_username($row['addedby']) . "".$reporting."".$type."".htmlspecialchars($row['reason'])."".$dealtwith."\n"); } ?> - +
    "); diff --git a/public/retriver.php b/public/retriver.php index 52a7fa28..4d5360c0 100644 --- a/public/retriver.php +++ b/public/retriver.php @@ -2,9 +2,7 @@ require_once("../include/bittorrent.php"); dbconn(); loggedinorreturn(); -if (get_user_class() < $updateextinfo_class) { -permissiondenied(); -} +user_can('updateextinfo', true); $id = intval($_GET["id"] ?? 0); $type = intval($_GET["type"] ?? 0); $siteid = $_GET["siteid"] ?? 0; // 1 for IMDb diff --git a/public/settings.php b/public/settings.php index 87c210d2..054e050c 100644 --- a/public/settings.php +++ b/public/settings.php @@ -217,16 +217,27 @@ elseif ($action == 'savesettings_security') // save security elseif ($action == 'savesettings_authority') // save user authority { stdhead($lang_settings['head_save_authority_settings']); - $validConfig = array('defaultclass','staffmem','newsmanage','newfunitem','funmanage','sbmanage','pollmanage','applylink', 'linkmanage', 'postmanage','commanage','forummanage','viewuserlist','torrentmanage','torrentsticky', 'torrentonpromotion', 'torrent_hr', 'askreseed', 'viewnfo', 'torrentstructure','sendinvite','viewhistory','topten','log','confilog','userprofile', 'torrenthistory','prfmanage', 'cruprfmanage','uploadsub','delownsub','submanage','updateextinfo', 'viewanonymous','beanonymous','addoffer','offermanage', 'upload','uploadspecial','view_special_torrent','movetorrent','chrmanage','viewinvite', 'buyinvite','seebanned','againstoffer','userbar'); + $validConfig = array( + 'defaultclass','staffmem','newsmanage','newfunitem','funmanage','sbmanage','pollmanage','applylink', 'linkmanage', 'postmanage', + 'commanage','forummanage','viewuserlist','torrentmanage','torrentsticky', 'torrentonpromotion', 'torrent_hr', 'askreseed', 'viewnfo', + 'torrentstructure','sendinvite','viewhistory','topten','log','confilog','userprofile', 'torrenthistory','prfmanage', 'cruprfmanage', + 'uploadsub','delownsub','submanage','updateextinfo', 'viewanonymous','beanonymous','addoffer','offermanage', 'upload','uploadspecial', + 'view_special_torrent','movetorrent','chrmanage','viewinvite', 'buyinvite','seebanned','againstoffer','userbar', 'torrent-approval' + ); GetVar($validConfig); $AUTHORITY = []; foreach($validConfig as $config) { $AUTHORITY[$config] = $$config ?? null; + if (in_array($config, \App\Models\Setting::$permissionMustHaveClass)) { + if (!isset(\App\Models\User::$classes[$AUTHORITY[$config]])) { + stderr('Error', "Invalid user class: " . $AUTHORITY[$config]); + } + } } - saveSetting('authority', $AUTHORITY); $actiontime = date("F j, Y, g:i a"); write_log("Tracker USER AUTHORITY settings updated by {$CURUSER['username']}. $actiontime",'mod'); + do_action("nexus_setting_update", $AUTHORITY); go_back(); } elseif ($action == 'savesettings_tweak') // save tweak @@ -419,51 +430,52 @@ elseif ($action == 'authoritysettings') //Authority settings print ("
    "); tr($lang_settings['row_default_class'], $lang_settings['text_default_user_class'].classlist('defaultclass',UC_STAFFLEADER,$AUTHORITY['defaultclass']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_default_class_note'], 1); tr($lang_settings['row_staff_member'], $lang_settings['text_minimum_class'].classlist('staffmem',UC_STAFFLEADER,$AUTHORITY['staffmem']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_staff_member_note'], 1); - tr($lang_settings['row_news_management'], $lang_settings['text_minimum_class'].classlist('newsmanage',$maxclass,$AUTHORITY['newsmanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_news_management_note'],1); - tr($lang_settings['row_post_funbox_item'], $lang_settings['text_minimum_class'].classlist('newfunitem',$maxclass,$AUTHORITY['newfunitem']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_post_funbox_item_note'],1); - tr($lang_settings['row_funbox_management'], $lang_settings['text_minimum_class']. classlist('funmanage',$maxclass,$AUTHORITY['funmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_funbox_management_note'],1); - tr($lang_settings['row_shoutbox_management'], $lang_settings['text_minimum_class']. classlist('sbmanage',$maxclass,$AUTHORITY['sbmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_shoutbox_management_note'],1); - tr($lang_settings['row_poll_management'], $lang_settings['text_minimum_class'].classlist('pollmanage',$maxclass,$AUTHORITY['pollmanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_poll_management_note'],1); - tr($lang_settings['row_apply_for_links'], $lang_settings['text_minimum_class'].classlist('applylink',$maxclass,$AUTHORITY['applylink']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_apply_for_links_note'],1); - tr($lang_settings['row_link_management'], $lang_settings['text_minimum_class'].classlist('linkmanage',$maxclass,$AUTHORITY['linkmanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_link_management_note'],1); - tr($lang_settings['row_forum_post_management'], $lang_settings['text_minimum_class'].classlist('postmanage',$maxclass,$AUTHORITY['postmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_forum_post_management_note'],1); - tr($lang_settings['row_comment_management'], $lang_settings['text_minimum_class'].classlist('commanage',$maxclass,$AUTHORITY['commanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_comment_management_note'],1); - tr($lang_settings['row_forum_management'], $lang_settings['text_minimum_class'].classlist('forummanage',$maxclass,$AUTHORITY['forummanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_forum_management_note'],1); - tr($lang_settings['row_view_userlist'], $lang_settings['text_minimum_class'].classlist('viewuserlist',$maxclass,$AUTHORITY['viewuserlist']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_userlist_note'],1); - tr($lang_settings['row_torrent_management'], $lang_settings['text_minimum_class'].classlist('torrentmanage',$maxclass,$AUTHORITY['torrentmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_torrent_management_note'], 1); - tr($lang_settings['row_torrent_sticky'], $lang_settings['text_minimum_class'].classlist('torrentsticky',$maxclass,$AUTHORITY['torrentsticky']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_sticky_note'],1); - tr($lang_settings['row_torrent_on_promotion'], $lang_settings['text_minimum_class'].classlist('torrentonpromotion',$maxclass,$AUTHORITY['torrentonpromotion'] ?? '').$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_promotion_note'],1); - tr($lang_settings['row_torrent_hr'], $lang_settings['text_minimum_class'].classlist('torrent_hr',$maxclass,$AUTHORITY['torrent_hr'] ?? '').$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_hr_note'],1); - tr($lang_settings['row_ask_for_reseed'], $lang_settings['text_minimum_class'].classlist('askreseed',$maxclass,$AUTHORITY['askreseed']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_ask_for_reseed_note'],1); - tr($lang_settings['row_view_nfo'], $lang_settings['text_minimum_class'].classlist('viewnfo',$maxclass,$AUTHORITY['viewnfo']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_nfo_note'],1); - tr($lang_settings['row_view_torrent_structure'], $lang_settings['text_minimum_class'].classlist('torrentstructure',$maxclass,$AUTHORITY['torrentstructure']).$lang_settings['text_default'].get_user_class_name(UC_ULTIMATE_USER,false,true,true).$lang_settings['text_view_torrent_structure_note'],1); - tr($lang_settings['row_send_invite'], $lang_settings['text_minimum_class'].classlist('sendinvite',$maxclass,$AUTHORITY['sendinvite']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_send_invite_note'],1); - tr($lang_settings['row_view_history'], $lang_settings['text_minimum_class'].classlist('viewhistory',$maxclass,$AUTHORITY['viewhistory']).$lang_settings['text_default'].get_user_class_name(UC_VETERAN_USER,false,true,true).$lang_settings['text_view_history_note'],1); - tr($lang_settings['row_view_topten'], $lang_settings['text_minimum_class'].classlist('topten',$maxclass,$AUTHORITY['topten']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_topten_note'],1); - tr($lang_settings['row_view_general_log'], $lang_settings['text_minimum_class'].classlist('log',$maxclass,$AUTHORITY['log']).$lang_settings['text_default'].get_user_class_name(UC_INSANE_USER,false,true,true).$lang_settings['text_view_general_log_note'],1); - tr($lang_settings['row_view_confidential_log'], $lang_settings['text_minimum_class'].classlist('confilog',$maxclass,$AUTHORITY['confilog']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_view_confidential_log_note'],1); - tr($lang_settings['row_view_user_confidential'], $lang_settings['text_minimum_class'].classlist('userprofile',$maxclass,$AUTHORITY['userprofile']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_view_user_confidential_note'],1); - tr($lang_settings['row_view_user_torrent'], $lang_settings['text_minimum_class'].classlist('torrenthistory',$maxclass,$AUTHORITY['torrenthistory']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_user_torrent_note'],1); - tr($lang_settings['row_general_profile_management'], $lang_settings['text_minimum_class'].classlist('prfmanage',$maxclass,$AUTHORITY['prfmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_general_profile_management_note'],1); - tr($lang_settings['row_crucial_profile_management'], $lang_settings['text_minimum_class'].classlist('cruprfmanage',$maxclass,$AUTHORITY['cruprfmanage']).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_crucial_profile_management_note'].get_user_class_name(UC_STAFFLEADER,false,true,true).$lang_settings['text_can_manage_donation'],1); - tr($lang_settings['row_upload_subtitle'], $lang_settings['text_minimum_class'].classlist('uploadsub',$maxclass,$AUTHORITY['uploadsub']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_upload_subtitle_note'],1); - tr($lang_settings['row_delete_own_subtitle'], $lang_settings['text_minimum_class'].classlist('delownsub',$maxclass,$AUTHORITY['delownsub']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_delete_own_subtitle_note'],1); - tr($lang_settings['row_subtitle_management'], $lang_settings['text_minimum_class'].classlist('submanage',$maxclass,$AUTHORITY['submanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_subtitle_management'],1); - tr($lang_settings['row_update_external_info'], $lang_settings['text_minimum_class'].classlist('updateextinfo',$maxclass,$AUTHORITY['updateextinfo']).$lang_settings['text_default'].get_user_class_name(UC_EXTREME_USER,false,true,true).$lang_settings['text_update_external_info_note'],1); - tr($lang_settings['row_view_anonymous'], $lang_settings['text_minimum_class'].classlist('viewanonymous',$maxclass,$AUTHORITY['viewanonymous']).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_view_anonymous_note'],1); - tr($lang_settings['row_be_anonymous'], $lang_settings['text_minimum_class'].classlist('beanonymous',$maxclass,$AUTHORITY['beanonymous']).$lang_settings['text_default'].get_user_class_name(UC_CRAZY_USER,false,true,true).$lang_settings['text_be_anonymous_note'],1); - tr($lang_settings['row_add_offer'], $lang_settings['text_minimum_class'].classlist('addoffer',$maxclass,$AUTHORITY['addoffer']).$lang_settings['text_default'].get_user_class_name(UC_PEASANT,false,true,true).$lang_settings['text_add_offer_note'], 1); - tr($lang_settings['row_offer_management'], $lang_settings['text_minimum_class'].classlist('offermanage',$maxclass,$AUTHORITY['offermanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_offer_management_note'],1); - tr($lang_settings['row_upload_torrent'], $lang_settings['text_minimum_class'].classlist('upload',$maxclass,$AUTHORITY['upload']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_upload_torrent_note'], 1); - tr($lang_settings['row_upload_special_torrent'], $lang_settings['text_minimum_class'].classlist('uploadspecial',$maxclass,$AUTHORITY['uploadspecial']).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_upload_special_torrent_note'],1); - tr($lang_settings['row_view_special_torrent'], $lang_settings['text_minimum_class'].classlist('view_special_torrent',$maxclass,$AUTHORITY['view_special_torrent']).$lang_settings['text_default'].get_user_class_name(UC_CRAZY_USER,false,true,true).$lang_settings['text_view_special_torrent_note'],1); - tr($lang_settings['row_move_torrent'], $lang_settings['text_minimum_class'].classlist('movetorrent',$maxclass,$AUTHORITY['movetorrent']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_move_torrent_note'],1); - tr($lang_settings['row_chronicle_management'], $lang_settings['text_minimum_class'].classlist('chrmanage',$maxclass,$AUTHORITY['chrmanage']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_chronicle_management_note'],1); - tr($lang_settings['row_view_invite'], $lang_settings['text_minimum_class'].classlist('viewinvite',$maxclass,$AUTHORITY['viewinvite']).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_view_invite_note'],1); - tr($lang_settings['row_buy_invites'], $lang_settings['text_minimum_class'].classlist('buyinvite',$maxclass,$AUTHORITY['buyinvite']).$lang_settings['text_default'].get_user_class_name(UC_INSANE_USER,false,true,true).$lang_settings['text_buy_invites_note'],1); - tr($lang_settings['row_see_banned_torrents'], $lang_settings['text_minimum_class'].classlist('seebanned',$maxclass,$AUTHORITY['seebanned']).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_see_banned_torrents_note'],1); - tr($lang_settings['row_vote_against_offers'], $lang_settings['text_minimum_class'].classlist('againstoffer',$maxclass,$AUTHORITY['againstoffer']).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_vote_against_offers_note'],1); - tr($lang_settings['row_allow_userbar'], $lang_settings['text_minimum_class'].classlist('userbar',$maxclass,$AUTHORITY['userbar']).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_allow_userbar_note'],1); + tr($lang_settings['row_news_management'], $lang_settings['text_minimum_class'].classlist('newsmanage',$maxclass,$AUTHORITY['newsmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_news_management_note'],1); + tr($lang_settings['row_post_funbox_item'], $lang_settings['text_minimum_class'].classlist('newfunitem',$maxclass,$AUTHORITY['newfunitem'],0,true).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_post_funbox_item_note'],1); + tr($lang_settings['row_funbox_management'], $lang_settings['text_minimum_class']. classlist('funmanage',$maxclass,$AUTHORITY['funmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_funbox_management_note'],1); + tr($lang_settings['row_shoutbox_management'], $lang_settings['text_minimum_class']. classlist('sbmanage',$maxclass,$AUTHORITY['sbmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_shoutbox_management_note'],1); + tr($lang_settings['row_poll_management'], $lang_settings['text_minimum_class'].classlist('pollmanage',$maxclass,$AUTHORITY['pollmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_poll_management_note'],1); + tr($lang_settings['row_apply_for_links'], $lang_settings['text_minimum_class'].classlist('applylink',$maxclass,$AUTHORITY['applylink'],0,true).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_apply_for_links_note'],1); + tr($lang_settings['row_link_management'], $lang_settings['text_minimum_class'].classlist('linkmanage',$maxclass,$AUTHORITY['linkmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_link_management_note'],1); + tr($lang_settings['row_forum_post_management'], $lang_settings['text_minimum_class'].classlist('postmanage',$maxclass,$AUTHORITY['postmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_forum_post_management_note'],1); + tr($lang_settings['row_comment_management'], $lang_settings['text_minimum_class'].classlist('commanage',$maxclass,$AUTHORITY['commanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_comment_management_note'],1); + tr($lang_settings['row_forum_management'], $lang_settings['text_minimum_class'].classlist('forummanage',$maxclass,$AUTHORITY['forummanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_forum_management_note'],1); + tr($lang_settings['row_view_userlist'], $lang_settings['text_minimum_class'].classlist('viewuserlist',$maxclass,$AUTHORITY['viewuserlist'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_userlist_note'],1); + tr($lang_settings['row_torrent_management'], $lang_settings['text_minimum_class'].classlist('torrentmanage',$maxclass,$AUTHORITY['torrentmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_torrent_management_note'], 1); + tr($lang_settings['row_torrent_sticky'], $lang_settings['text_minimum_class'].classlist('torrentsticky',$maxclass,$AUTHORITY['torrentsticky'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_sticky_note'],1); + tr($lang_settings['row_torrent_on_promotion'], $lang_settings['text_minimum_class'].classlist('torrentonpromotion',$maxclass,$AUTHORITY['torrentonpromotion'] ?? '',0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_promotion_note'],1); + tr($lang_settings['row_torrent_hr'], $lang_settings['text_minimum_class'].classlist('torrent_hr',$maxclass,$AUTHORITY['torrent_hr'] ?? '',0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_torrent_hr_note'],1); + tr(nexus_trans('permission.torrent-approval.text'), $lang_settings['text_minimum_class'].classlist('torrent-approval',$maxclass,$AUTHORITY['torrent-approval'] ?? '',0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).nexus_trans('permission.torrent-approval.desc'),1); + tr($lang_settings['row_ask_for_reseed'], $lang_settings['text_minimum_class'].classlist('askreseed',$maxclass,$AUTHORITY['askreseed'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_ask_for_reseed_note'],1); + tr($lang_settings['row_view_nfo'], $lang_settings['text_minimum_class'].classlist('viewnfo',$maxclass,$AUTHORITY['viewnfo'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_nfo_note'],1); + tr($lang_settings['row_view_torrent_structure'], $lang_settings['text_minimum_class'].classlist('torrentstructure',$maxclass,$AUTHORITY['torrentstructure'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ULTIMATE_USER,false,true,true).$lang_settings['text_view_torrent_structure_note'],1); + tr($lang_settings['row_send_invite'], $lang_settings['text_minimum_class'].classlist('sendinvite',$maxclass,$AUTHORITY['sendinvite'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_send_invite_note'],1); + tr($lang_settings['row_view_history'], $lang_settings['text_minimum_class'].classlist('viewhistory',$maxclass,$AUTHORITY['viewhistory'],0,true).$lang_settings['text_default'].get_user_class_name(UC_VETERAN_USER,false,true,true).$lang_settings['text_view_history_note'],1); + tr($lang_settings['row_view_topten'], $lang_settings['text_minimum_class'].classlist('topten',$maxclass,$AUTHORITY['topten'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_topten_note'],1); + tr($lang_settings['row_view_general_log'], $lang_settings['text_minimum_class'].classlist('log',$maxclass,$AUTHORITY['log'],0,true).$lang_settings['text_default'].get_user_class_name(UC_INSANE_USER,false,true,true).$lang_settings['text_view_general_log_note'],1); + tr($lang_settings['row_view_confidential_log'], $lang_settings['text_minimum_class'].classlist('confilog',$maxclass,$AUTHORITY['confilog'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_view_confidential_log_note'],1); + tr($lang_settings['row_view_user_confidential'], $lang_settings['text_minimum_class'].classlist('userprofile',$maxclass,$AUTHORITY['userprofile'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_view_user_confidential_note'],1); + tr($lang_settings['row_view_user_torrent'], $lang_settings['text_minimum_class'].classlist('torrenthistory',$maxclass,$AUTHORITY['torrenthistory'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_view_user_torrent_note'],1); + tr($lang_settings['row_general_profile_management'], $lang_settings['text_minimum_class'].classlist('prfmanage',$maxclass,$AUTHORITY['prfmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_general_profile_management_note'],1); + tr($lang_settings['row_crucial_profile_management'], $lang_settings['text_minimum_class'].classlist('cruprfmanage',$maxclass,$AUTHORITY['cruprfmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_ADMINISTRATOR,false,true,true).$lang_settings['text_crucial_profile_management_note'].get_user_class_name(UC_STAFFLEADER,false,true,true).$lang_settings['text_can_manage_donation'],1); + tr($lang_settings['row_upload_subtitle'], $lang_settings['text_minimum_class'].classlist('uploadsub',$maxclass,$AUTHORITY['uploadsub'],0,true).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_upload_subtitle_note'],1); + tr($lang_settings['row_delete_own_subtitle'], $lang_settings['text_minimum_class'].classlist('delownsub',$maxclass,$AUTHORITY['delownsub'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_delete_own_subtitle_note'],1); + tr($lang_settings['row_subtitle_management'], $lang_settings['text_minimum_class'].classlist('submanage',$maxclass,$AUTHORITY['submanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_subtitle_management'],1); + tr($lang_settings['row_update_external_info'], $lang_settings['text_minimum_class'].classlist('updateextinfo',$maxclass,$AUTHORITY['updateextinfo'],0,true).$lang_settings['text_default'].get_user_class_name(UC_EXTREME_USER,false,true,true).$lang_settings['text_update_external_info_note'],1); + tr($lang_settings['row_view_anonymous'], $lang_settings['text_minimum_class'].classlist('viewanonymous',$maxclass,$AUTHORITY['viewanonymous'],0,true).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_view_anonymous_note'],1); + tr($lang_settings['row_be_anonymous'], $lang_settings['text_minimum_class'].classlist('beanonymous',$maxclass,$AUTHORITY['beanonymous'],0,true).$lang_settings['text_default'].get_user_class_name(UC_CRAZY_USER,false,true,true).$lang_settings['text_be_anonymous_note'],1); + tr($lang_settings['row_add_offer'], $lang_settings['text_minimum_class'].classlist('addoffer',$maxclass,$AUTHORITY['addoffer'],0,true).$lang_settings['text_default'].get_user_class_name(UC_PEASANT,false,true,true).$lang_settings['text_add_offer_note'], 1); + tr($lang_settings['row_offer_management'], $lang_settings['text_minimum_class'].classlist('offermanage',$maxclass,$AUTHORITY['offermanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_offer_management_note'],1); + tr($lang_settings['row_upload_torrent'], $lang_settings['text_minimum_class'].classlist('upload',$maxclass,$AUTHORITY['upload'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_upload_torrent_note'], 1); + tr($lang_settings['row_upload_special_torrent'], $lang_settings['text_minimum_class'].classlist('uploadspecial',$maxclass,$AUTHORITY['uploadspecial'],0,true).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_upload_special_torrent_note'],1); + tr($lang_settings['row_view_special_torrent'], $lang_settings['text_minimum_class'].classlist('view_special_torrent',$maxclass,$AUTHORITY['view_special_torrent'],0,true).$lang_settings['text_default'].get_user_class_name(UC_CRAZY_USER,false,true,true).$lang_settings['text_view_special_torrent_note'],1); + tr($lang_settings['row_move_torrent'], $lang_settings['text_minimum_class'].classlist('movetorrent',$maxclass,$AUTHORITY['movetorrent'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_move_torrent_note'],1); + tr($lang_settings['row_chronicle_management'], $lang_settings['text_minimum_class'].classlist('chrmanage',$maxclass,$AUTHORITY['chrmanage'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_chronicle_management_note'],1); + tr($lang_settings['row_view_invite'], $lang_settings['text_minimum_class'].classlist('viewinvite',$maxclass,$AUTHORITY['viewinvite'],0,true).$lang_settings['text_default'].get_user_class_name(UC_MODERATOR,false,true,true).$lang_settings['text_view_invite_note'],1); + tr($lang_settings['row_buy_invites'], $lang_settings['text_minimum_class'].classlist('buyinvite',$maxclass,$AUTHORITY['buyinvite'],0,true).$lang_settings['text_default'].get_user_class_name(UC_INSANE_USER,false,true,true).$lang_settings['text_buy_invites_note'],1); + tr($lang_settings['row_see_banned_torrents'], $lang_settings['text_minimum_class'].classlist('seebanned',$maxclass,$AUTHORITY['seebanned'],0,true).$lang_settings['text_default'].get_user_class_name(UC_UPLOADER,false,true,true).$lang_settings['text_see_banned_torrents_note'],1); + tr($lang_settings['row_vote_against_offers'], $lang_settings['text_minimum_class'].classlist('againstoffer',$maxclass,$AUTHORITY['againstoffer'],0,true).$lang_settings['text_default'].get_user_class_name(UC_USER,false,true,true).$lang_settings['text_vote_against_offers_note'],1); + tr($lang_settings['row_allow_userbar'], $lang_settings['text_minimum_class'].classlist('userbar',$maxclass,$AUTHORITY['userbar'],0,true).$lang_settings['text_default'].get_user_class_name(UC_POWER_USER,false,true,true).$lang_settings['text_allow_userbar_note'],1); tr($lang_settings['row_save_settings'],"", 1); print ("
    "); } diff --git a/public/shoutbox.php b/public/shoutbox.php index 3bcf0b93..ce7fe374 100644 --- a/public/shoutbox.php +++ b/public/shoutbox.php @@ -6,7 +6,7 @@ if (isset($_GET['del'])) { if (is_valid_id($_GET['del'])) { - if((get_user_class() >= $sbmanage_class)) + if(user_can('sbmanage')) { sql_query("DELETE FROM shoutbox WHERE id=".mysql_real_escape_string($_GET['del'])); } @@ -118,7 +118,7 @@ else while ($arr = mysql_fetch_assoc($res)) { $del = ''; - if (get_user_class() >= $sbmanage_class) { + if (user_can('sbmanage')) { $del .= "[".$lang_shoutbox['text_del']."]"; } if ($arr["userid"]) { diff --git a/public/staffbox.php b/public/staffbox.php index fb017b44..6eb41d23 100644 --- a/public/staffbox.php +++ b/public/staffbox.php @@ -3,8 +3,7 @@ require "../include/bittorrent.php"; dbconn(); require_once(get_langfile_path()); loggedinorreturn(); -if (get_user_class() < $staffmem_class) - permissiondenied(); +user_can('staffmem', true); $action = $_GET["action"] ?? ''; @@ -65,8 +64,7 @@ if (!$action) { if ($action == "viewpm") { - if (get_user_class() < $staffmem_class) - permissiondenied(); + user_can('staffmem', true); $pmid = intval($_GET["pmid"] ?? 0); @@ -122,8 +120,7 @@ stdfoot(); ////////////////////////// if ($action == "answermessage") { - if (get_user_class() < $staffmem_class) - permissiondenied(); + user_can('staffmem', true); $answeringto = $_GET["answeringto"]; $receiver = intval($_GET["receiver"] ?? 0); @@ -163,8 +160,7 @@ if ($action == "takeanswer") { if ($_SERVER["REQUEST_METHOD"] != "POST") die(); - if (get_user_class() < $staffmem_class) - permissiondenied(); + user_can('staffmem', true); $receiver = intval($_POST["receiver"] ?? 0); $answeringto = $_POST["answeringto"]; @@ -200,8 +196,7 @@ if ($action == "deletestaffmessage") { if (!is_numeric($id) || $id < 1 || floor($id) != $id) die; - if (get_user_class() < $staffmem_class) - permissiondenied(); + user_can('staffmem', true); sql_query("DELETE FROM staffmessages WHERE id=" . sqlesc($id)) or die(); $Cache->delete_value('staff_message_count'); @@ -215,8 +210,7 @@ $Cache->delete_value('staff_new_message_count'); if ($action == "setanswered") { - if (get_user_class() < $staffmem_class) - permissiondenied(); + user_can('staffmem', true); $id = intval($_GET["id"] ?? 0); @@ -230,8 +224,7 @@ header("Refresh: 0; url=staffbox.php?action=viewpm&pmid=$id"); ////////////////////////// if ($action == "takecontactanswered") { - if (get_user_class() < $staffmem_class) - permissiondenied(); + user_can('staffmem', true); if ($_POST['setdealt']){ $res = sql_query ("SELECT id FROM staffmessages WHERE answered=0 AND id IN (" . implode(", ", $_POST['setanswered']) . ")"); diff --git a/public/subtitles.php b/public/subtitles.php index abf21e6b..0cbaf179 100644 --- a/public/subtitles.php +++ b/public/subtitles.php @@ -116,7 +116,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["action"]) && $_POST["a else { $r_a = mysql_fetch_assoc($r); - if($r_a["owner"] != $CURUSER["id"] && get_user_class() < $uploadsub_class) + if($r_a["owner"] != $CURUSER["id"] && !user_can('uploadsub')) { echo($lang_subtitles['std_no_permission_uploading_others']); exit; @@ -158,7 +158,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["action"]) && $_POST["a } //end process language - if (isset($_POST['uplver']) && $_POST['uplver'] == 'yes' && get_user_class()>=$beanonymous_class) { + if (isset($_POST['uplver']) && $_POST['uplver'] == 'yes' && user_can('beanonymous')) { $anonymous = "yes"; $anon = "Anonymous"; } @@ -195,7 +195,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["action"]) && $_POST["a $msg_bt = "$arr[lang_name] Subtitle $id ($title) was uploaded by $anon, Download: " . get_protocol_prefix() . "$BASEURL/downloadsubs.php/".$file["name"].""; } -if (get_user_class() >= $delownsub_class) +if (user_can('delownsub')) { $delete = intval($_GET["delete"] ?? 0); if (is_valid_id($delete)) @@ -204,7 +204,7 @@ if (get_user_class() >= $delownsub_class) if (mysql_num_rows($r) == 1) { $a = mysql_fetch_assoc($r); - if (get_user_class() >= $submanage_class || $a["uppedby"] == $CURUSER["id"]) + if (user_can('submanage') || $a["uppedby"] == $CURUSER["id"]) { $sure = intval($_GET["sure"] ?? 0); if ($sure == 1) @@ -308,7 +308,7 @@ if (get_user_class() >= UC_PEASANT) print($s); - if(get_user_class() >= $beanonymous_class) + if(user_can('beanonymous')) { tr($lang_subtitles['row_show_uploader'], "".$lang_subtitles['hide_uploader_note'], 1); } @@ -371,8 +371,8 @@ if(get_user_class() >= UC_PEASANT) print("".$lang_subtitles['col_lang']."".$lang_subtitles['col_title']."\"time\" \"size\"".$lang_subtitles['col_hits']."".$lang_subtitles['col_upped_by']."".$lang_subtitles['col_report']."\n"); - $mod = get_user_class() >= $submanage_class; - $pu = get_user_class() >= $delownsub_class; + $mod = user_can('submanage'); + $pu = user_can('delownsub'); while ($arr = mysql_fetch_assoc($res)) { @@ -384,7 +384,7 @@ if(get_user_class() >= UC_PEASANT) $added = "" . $addtime . "\n"; $size = "" . mksize_loose($arr['size']) . "\n"; $hits = "" . number_format($arr['hits']) . "\n"; - $uppedby = "" . ($arr["anonymous"] == 'yes' ? $lang_subtitles['text_anonymous'] . (get_user_class() >= $viewanonymous_class ? "
    ".get_username($arr['uppedby'],false,true,true,false,true) : "") : get_username($arr['uppedby'])) . "\n"; + $uppedby = "" . ($arr["anonymous"] == 'yes' ? $lang_subtitles['text_anonymous'] . (user_can('viewanonymous') ? "
    ".get_username($arr['uppedby'],false,true,true,false,true) : "") : get_username($arr['uppedby'])) . "\n"; $report = "\"Report\"\n"; print("".$lang.$title.$added.$size.$hits.$uppedby.$report."\n"); $i++; diff --git a/public/take-increment-bulk.php b/public/take-increment-bulk.php index b94310aa..85a45968 100644 --- a/public/take-increment-bulk.php +++ b/public/take-increment-bulk.php @@ -37,7 +37,7 @@ $conditions = []; if (!empty($_POST['classes'])) { $conditions[] = "class IN (" . implode(', ', $_POST['classes']) . ")"; } -$conditions = apply_filter("increment_bulk_conditions", $conditions, $_POST); +$conditions = apply_filter("increment_bulk_query_conditions", $conditions, $_POST); if (empty($conditions)) { stderr("Error","No valid filter"); } diff --git a/public/takeedit.php b/public/takeedit.php index 71a88721..d1b67a5a 100644 --- a/public/takeedit.php +++ b/public/takeedit.php @@ -25,7 +25,7 @@ $torrentAddedTimeString = $row['added']; if (!$row) die(); -if ($CURUSER["id"] != $row["owner"] && get_user_class() < $torrentmanage_class) +if ($CURUSER["id"] != $row["owner"] && !user_can('torrentmanage')) bark($lang_takeedit['std_not_owner']); $oldcatmode = get_single_value("categories","mode","WHERE id=".sqlesc($row['category'])); $updateset = array(); @@ -87,7 +87,7 @@ bark($lang_takeedit['std_missing_form_data']); if (!$name || !$descr) bark($lang_takeedit['std_missing_form_data']); $newcatmode = get_single_value("categories","mode","WHERE id=".sqlesc($catid)); -if ($enablespecial == 'yes' && get_user_class() >= $movetorrent_class) +if ($enablespecial == 'yes' && user_can('movetorrent')) $allowmove = true; //enable moving torrent to other section else $allowmove = false; if ($oldcatmode != $newcatmode && !$allowmove) @@ -107,7 +107,7 @@ $updateset[] = "processing = " . sqlesc(intval($_POST["processing_sel"] ?? 0)); $updateset[] = "team = " . sqlesc(intval($_POST["team_sel"] ?? 0)); $updateset[] = "audiocodec = " . sqlesc(intval($_POST["audiocodec_sel"] ?? 0)); $updateset[] = "visible = '" . (isset($_POST["visible"]) && $_POST["visible"] ? "yes" : "no") . "'"; -if(get_user_class()>=$torrentonpromotion_class) +if(user_can('torrentonpromotion')) { if(!isset($_POST["sel_spstate"]) || $_POST["sel_spstate"] == 1) $updateset[] = "sp_state = 1"; @@ -141,14 +141,14 @@ if(get_user_class()>=$torrentonpromotion_class) } } } -if(get_user_class()>=$torrentsticky_class && isset($_POST['sel_posstate']) && isset(\App\Models\Torrent::$posStates[$_POST['sel_posstate']])) +if(user_can('torrentsticky') && isset($_POST['sel_posstate']) && isset(\App\Models\Torrent::$posStates[$_POST['sel_posstate']])) { $updateset[] = "pos_state = '" . $_POST['sel_posstate'] . "'"; } $pick_info = ""; $place_info = ""; -if(get_user_class()>=$torrentmanage_class && ($CURUSER['picker'] == 'yes' || get_user_class() >= \App\Models\User::CLASS_SYSOP)) +if(user_can('torrentmanage') && ($CURUSER['picker'] == 'yes' || get_user_class() >= \App\Models\User::CLASS_SYSOP)) { $doRecommend = false; if(intval($_POST["sel_recmovie"] ?? 0) == 0) diff --git a/public/takeinvite.php b/public/takeinvite.php index a5970b9f..d0d95303 100644 --- a/public/takeinvite.php +++ b/public/takeinvite.php @@ -3,7 +3,7 @@ require_once("../include/bittorrent.php"); dbconn(); require_once(get_langfile_path()); registration_check('invitesystem', true, false); -if (get_user_class() < $sendinvite_class) +if (!user_can('sendinvite')) stderr($lang_takeinvite['std_error'],$lang_takeinvite['std_invite_denied']); if ($CURUSER['invites'] < 1) stderr($lang_takeinvite['std_error'],$lang_takeinvite['std_no_invite']); diff --git a/public/takemessage.php b/public/takemessage.php index 6e7b52cc..fd033072 100644 --- a/public/takemessage.php +++ b/public/takemessage.php @@ -31,7 +31,7 @@ if ($_SERVER["REQUEST_METHOD"] != "POST") $origfrom = "[url=userdetails.php?id=".$origmsgrow['sender']."]".$origmsgsendername."[/url]"; } $msg = "-------- ".$lang_takemessage_target[get_user_lang($receiver)]['msg_original_message_from'] . $origfrom . " --------\n" . $origmsgrow['msg']."\n\n".($msg ? "-------- [url=userdetails.php?id=".$CURUSER["id"]."]".$CURUSER["username"]."[/url][i] Wrote at ".date("Y-m-d H:i:s").":[/i] --------\n".$msg : ""); - + } else { @@ -47,7 +47,7 @@ if ($_SERVER["REQUEST_METHOD"] != "POST") // Anti Flood Code // This code ensures that a member can only send one PM every 10 seconds. - if (get_user_class() < $staffmem_class) { + if (!user_can('staffmem')) { if (strtotime($CURUSER['last_pm']) > (TIMENOW - 10)) { $secs = 60 - (TIMENOW - strtotime($CURUSER['last_pm'])); @@ -65,7 +65,7 @@ if ($_SERVER["REQUEST_METHOD"] != "POST") stderr($lang_takemessage['std_error'], $lang_takemessage['std_user_not_exist']); //Make sure recipient wants this message - if (get_user_class() < $staffmem_class) + if (!user_can('staffmem')) { if ($user["parked"] == "yes") stderr($lang_takemessage['std_refused'], $lang_takemessage['std_account_parked']); @@ -90,7 +90,7 @@ if ($_SERVER["REQUEST_METHOD"] != "POST") $Cache->delete_value('user_'.$receiver.'_unread_message_count'); $Cache->delete_value('user_'.$receiver.'_inbox_count'); $Cache->delete_value('user_'.$CURUSER["id"].'_outbox_count'); - + $msgid=mysql_insert_id(); $date=date("Y-m-d H:i:s"); // Update Last PM sent... @@ -112,20 +112,20 @@ if ($emailnotify_smtp=='yes' && $smtptype != 'none'){ $username = trim($CURUSER["username"]); $msg_receiver = trim($user["username"]); $prefix = get_protocol_prefix(); - + $title = "$SITENAME ".$lang_takemessage_target[get_user_lang($user["id"])]['mail_received_pm_from'] . $username . "!"; $body = <<{$lang_takemessage_target[get_user_lang($user["id"])]['mail_here']}{$lang_takemessage_target[get_user_lang($user["id"])]['mail_use_following_url_1']}
    $prefix$BASEURL/messages.php?action=viewmessage&id=$msgid - + ------{$lang_takemessage_target[get_user_lang($user["id"])]['mail_yours']} {$lang_takemessage_target[get_user_lang($user["id"])]['mail_the_site_team']} EOD; diff --git a/public/takereseed.php b/public/takereseed.php index 0f16a538..c2703e63 100644 --- a/public/takereseed.php +++ b/public/takereseed.php @@ -4,8 +4,7 @@ dbconn(); require_once(get_langfile_path()); require(get_langfile_path("",true)); loggedinorreturn(); -if (get_user_class() < $askreseed_class) -permissiondenied(); +user_can('askreseed', true); $reseedid = intval($_GET["reseedid"] ?? 0); $res = sql_query("SELECT seeders, last_reseed FROM torrents WHERE id=".sqlesc($reseedid)." LIMIT 1") or sqlerr(__FILE__, __LINE__); diff --git a/public/takeupdate.php b/public/takeupdate.php index 0c4fa0f3..9c1ed82a 100644 --- a/public/takeupdate.php +++ b/public/takeupdate.php @@ -1,15 +1,14 @@ delete_value('staff_new_report_count'); $Cache->delete_value('staff_report_count'); -} +} -header("Refresh: 0; url=reports.php"); +header("Refresh: 0; url=reports.php"); diff --git a/public/takeupload.php b/public/takeupload.php index c76a1142..5ec99b13 100644 --- a/public/takeupload.php +++ b/public/takeupload.php @@ -30,7 +30,7 @@ $f = $_FILES["file"]; $fname = unesc($f["name"]); if (empty($fname)) bark($lang_takeupload['std_empty_filename']); -if (get_user_class()>=$beanonymous_class && isset($_POST['uplver']) && $_POST['uplver'] == 'yes') { +if (user_can('beanonymous') && isset($_POST['uplver']) && $_POST['uplver'] == 'yes') { $anonymous = "yes"; $anon = "Anonymous"; } diff --git a/public/topten.php b/public/topten.php index 09c4b354..8fb6ab40 100644 --- a/public/topten.php +++ b/public/topten.php @@ -9,7 +9,7 @@ function bark($msg) { global $lang_topten; genbark($msg, $lang_topten['std_error']); } -if (get_user_class() < $topten_class){ +if (!user_can('topten')){ stderr($lang_topten['std_sorry'],$lang_topten['std_permission_denied_only'].get_user_class_name($topten_class,false,true,true).$lang_topten['std_or_above_can_view'],false); } @@ -633,25 +633,25 @@ elseif ($type == 5) $r = sql_query( "SELECT users_topics.userid, users_topics.usertopics, COUNT(posts.id) as userposts FROM (SELECT users.id as userid, COUNT(topics.id) as usertopics from users LEFT JOIN topics ON users.id = topics.userid GROUP BY users.id) as users_topics LEFT JOIN posts ON users_topics.userid = posts.userid GROUP BY users_topics.userid ORDER BY usertopics DESC LIMIT $limit") or sqlerr(); postable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_topic'] . ($limit == 10 ? " - [".$lang_topten['text_one_hundred']."] - [".$lang_topten['text_top_250']."]" : "")); } - + if ($limit == 10 || $subtype == "mpos") { $r = sql_query( "SELECT users_topics.userid, users_topics.usertopics, COUNT(posts.id) as userposts FROM (SELECT users.id as userid, COUNT(topics.id) as usertopics from users LEFT JOIN topics ON users.id = topics.userid GROUP BY users.id) as users_topics LEFT JOIN posts ON users_topics.userid = posts.userid GROUP BY users_topics.userid ORDER BY userposts DESC LIMIT $limit") or sqlerr(); postable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_post'] . ($limit == 10 ? " - [".$lang_topten['text_one_hundred']."] - [".$lang_topten['text_top_250']."]" : "")); } - + if ($reviewenabled == 'yes' && ($limit == 10 || $subtype == "mrev")) { $r = sql_query( "SELECT users.id as userid, COUNT(reviews.id) as num FROM users LEFT JOIN reviews ON users.id = reviews.user GROUP BY users.id ORDER BY num DESC LIMIT $limit") or sqlerr(); cmttable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_reviewer'] . ($limit == 10 ? " - [".$lang_topten['text_one_hundred']."] - [".$lang_topten['text_top_250']."]" : ""), $lang_topten['col_reviews']); - } + } if ($limit == 10 || $subtype == "mcmt") { $r = sql_query( "SELECT users.id as userid, COUNT(comments.id) as num FROM users LEFT JOIN comments ON users.id = comments.user GROUP BY users.id ORDER BY num DESC LIMIT $limit") or sqlerr(); cmttable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_commenter'] . ($limit == 10 ? " - [".$lang_topten['text_one_hundred']."] - [".$lang_topten['text_top_250']."]" : ""), $lang_topten['col_comments']); } - + if ($limit == 10 || $subtype == "btop") { $r = sql_query("SELECT topics_posts.topicid, topics_posts.topicsubject, topics_posts.postnum, forums.id as forumid FROM (SELECT topics.id as topicid, topics.subject as topicsubject, COUNT(posts.id) as postnum, topics.forumid FROM topics LEFT JOIN posts ON topics.id = posts.topicid GROUP BY topics.id) as topics_posts LEFT JOIN forums ON topics_posts.forumid = forums.id AND forums.minclassread <= 1 ORDER BY postnum DESC LIMIT $limit") or sqlerr(); @@ -693,7 +693,7 @@ if ($enabledonation == 'yes'){ donortable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_donated_CNY'] . ($limit == 10 ? " - [".$lang_topten['text_one_hundred']."] - [".$lang_topten['text_top_250']."]" : "")); } } - + /* if ($limit == 10 || $subtype == "mbro") { @@ -701,7 +701,7 @@ if ($enabledonation == 'yes'){ donortable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_most_browser'] . ($limit == 10 ? " - [".$lang_topten['text_one_hundred']."] - [".$lang_topten['text_top_250']."]" : "")); } */ - + if ($limit == 10 || $subtype == "mcli") { $r = sql_query( "SELECT agent_allowed_family.family as client_name, COUNT(users.id) as client_num from users RIGHT JOIN agent_allowed_family ON agent_allowed_family.id = users.clientselect GROUP BY clientselect ORDER BY client_num DESC LIMIT $limit") or sqlerr(); @@ -741,7 +741,7 @@ elseif ($type == 7) // search $r = sql_query("SELECT keywords, COUNT(id) as count FROM suggest WHERE UNIX_TIMESTAMP(adddate) >" . $last_month_begin . " AND UNIX_TIMESTAMP(adddate) <" . $last_month_end . " GROUP BY keywords ORDER BY count DESC LIMIT $limit") or sqlerr(); search_ranktable($r, $lang_topten['text_top']."$limit ".$lang_topten['text_last_month_search'] . ($limit == 10 ? " - [".$lang_topten['text_one_hundred']."] - [".$lang_topten['text_top_250']."]" : "")); } - + if ($limit == 10 || $subtype == "tcy") { $current_year = mktime(0, 0, 0, 1 , 1, date("Y")); diff --git a/public/torrent_info.php b/public/torrent_info.php index 9581b6c2..c92553c2 100644 --- a/public/torrent_info.php +++ b/public/torrent_info.php @@ -38,10 +38,7 @@ dbconn(); loggedinorreturn(); -if (get_user_class() < $torrentstructure_class) -{ - permissiondenied(); -} +user_can('torrentstructure', true); $id = (int)$_GET["id"]; diff --git a/public/torrentrss.php b/public/torrentrss.php index 021b5065..06c9edb9 100644 --- a/public/torrentrss.php +++ b/public/torrentrss.php @@ -87,7 +87,7 @@ $limit .= $showrows; //approval status $approvalStatusNoneVisible = get_setting('torrent.approval_status_none_visible'); -if ($approvalStatusNoneVisible == 'no' && get_user_class() < $staffmem_class) { +if ($approvalStatusNoneVisible == 'no' && !user_can('staffmem')) { $where .= ($where ? " AND " : "") . "torrents.approval_status = " . \App\Models\Torrent::APPROVAL_STATUS_ALLOW; } diff --git a/public/torrents.php b/public/torrents.php index 304f8064..7ecae413 100644 --- a/public/torrents.php +++ b/public/torrents.php @@ -157,7 +157,7 @@ elseif ($inclbookmarked == 2) //not bookmarked } // ----------------- end bookmarked ---------------------// -if (!isset($CURUSER) || get_user_class() < $seebanned_class) +if (!isset($CURUSER) || !user_can('seebanned')) $wherea[] = "banned = 'no'"; // ----------------- start include dead ---------------------// if (isset($_GET["incldead"])) @@ -777,7 +777,7 @@ if (isset($searchstr)) } else { - if(get_user_class() > $torrentmanage_class) // moderator or above, show all + if(user_can('torrentmanage')) // moderator or above, show all { $wherea[] = implode($ANDOR, $like_expression_array); } @@ -812,7 +812,7 @@ $approvalStatusIconEnabled = get_setting('torrent.approval_status_icon_enabled') $approvalStatus = null; $showApprovalStatusFilter = false; //when enable approval status icon, all user can use this filter, otherwise only staff member and approval none visible is 'no' can use -if ($approvalStatusIconEnabled == 'yes' || (get_user_class() >= $staffmem_class && $approvalStatusNoneVisible == 'no')) { +if ($approvalStatusIconEnabled == 'yes' || (user_can('staffmem') && $approvalStatusNoneVisible == 'no')) { $showApprovalStatusFilter = true; } //when user can use approval status filter, and pass `approval_status` parameter, will affect @@ -820,7 +820,7 @@ if ($approvalStatusIconEnabled == 'yes' || (get_user_class() >= $staffmem_class if ($showApprovalStatusFilter && isset($_REQUEST['approval_status']) && is_numeric($_REQUEST['approval_status'])) { $approvalStatus = intval($_REQUEST['approval_status']); $wherea[] = "torrents.approval_status = $approvalStatus"; -} elseif ($approvalStatusNoneVisible == 'no' && get_user_class() < $staffmem_class) { +} elseif ($approvalStatusNoneVisible == 'no' && !user_can('staffmem')) { $wherea[] = "torrents.approval_status = " . \App\Models\Torrent::APPROVAL_STATUS_ALLOW; } diff --git a/public/upload.php b/public/upload.php index fbb26d58..3a5acd1d 100644 --- a/public/upload.php +++ b/public/upload.php @@ -175,7 +175,7 @@ JS; } //===end - if(get_user_class()>=$beanonymous_class) + if(user_can('beanonymous')) { tr($lang_upload['row_show_uploader'], "".$lang_upload['checkbox_hide_uploader_note'], 1); } diff --git a/public/userdetails.php b/public/userdetails.php index f0719c33..0b6811c8 100644 --- a/public/userdetails.php +++ b/public/userdetails.php @@ -97,12 +97,12 @@ elseif ($CURUSER["id"] <> $user["id"]) } } begin_main_frame(); -if ($CURUSER['id'] == $user['id'] || get_user_class() >= $cruprfmanage_class) +if ($CURUSER['id'] == $user['id'] || user_can('cruprfmanage')) print("

    ".$lang_userdetails['text_flush_ghost_torrents']."".$lang_userdetails['text_here']."

    \n"); ?> = $prfmanage_class) || $CURUSER['id'] == $user['id']){ +if (($user["privacy"] != "strong") OR (user_can('prfmanage')) || $CURUSER['id'] == $user['id']){ //Xia Zuojie: Taste compatibility is extremely slow. It can takes thounsands of datebase queries. It is disabled until someone makes it fast. /* if (isset($CURUSER) && $CURUSER['id'] != $user['id']) @@ -171,7 +171,7 @@ if (($user["privacy"] != "strong") OR (get_user_class() >= $prfmanage_class) || } */ tr_small($lang_userdetails['text_user_id'], $user['id'], 1); - if ($CURUSER['id'] == $user['id'] || get_user_class() >= $viewinvite_class){ + if ($CURUSER['id'] == $user['id'] || user_can('viewinvite')){ if ($user["invites"] <= 0) tr_small($lang_userdetails['row_invitation'], $lang_userdetails['text_no_invitation'], 1); else @@ -191,10 +191,10 @@ if (($user["privacy"] != "strong") OR (get_user_class() >= $prfmanage_class) || if ($where_tweak == "yes") { tr_small($lang_userdetails['row_last_seen_location'], $user['page'], 1); } -if (get_user_class() >= $userprofile_class OR $user["privacy"] == "low") { +if (user_can('userprofile') OR $user["privacy"] == "low") { tr_small($lang_userdetails['row_email'], "".$user['email']."", 1); } -if (get_user_class() >= $userprofile_class) { +if (user_can('userprofile')) { $resip = sql_query("SELECT ip FROM iplog WHERE userid =$id GROUP BY ip") or sqlerr(__FILE__, __LINE__); $iphistory = mysql_num_rows($resip); @@ -203,7 +203,7 @@ if (get_user_class() >= $userprofile_class) { } $seedBoxRep = new \App\Repositories\SeedBoxRepository(); -if (get_user_class() >= $userprofile_class || $user["id"] == $CURUSER["id"]) +if (user_can('userprofile') || $user["id"] == $CURUSER["id"]) { $seedBoxIcon = $seedBoxRep->renderIcon($CURUSER['ip'], $CURUSER['id']); if ($enablelocation_tweak == 'yes'){ @@ -222,7 +222,7 @@ if (mysql_num_rows($res) > 0) { $clientselect .= ""; $clientselect .= sprintf('', get_agent($arr['peer_id'], $arr['agent'])); - if (get_user_class() >= $userprofile_class || $user["id"] == $CURUSER["id"]) { + if (user_can('userprofile') || $user["id"] == $CURUSER["id"]) { $clientselect .= sprintf('', $arr['ipv4'].$seedBoxRep->renderIcon($arr['ipv4'], $CURUSER['id']), $arr['ipv6'].$seedBoxRep->renderIcon($arr['ipv6'], $CURUSER['id']), $arr['port']); } else { $clientselect .= sprintf('', '---', '---', '---'); @@ -274,7 +274,7 @@ if ($user["download"] && $user["upload"]) tr_small($lang_userdetails['row_internet_speed'], $download."    ".$upload."    ".$isp, 1); tr_small($lang_userdetails['row_gender'], $gender, 1); -if (($user['donated'] > 0 || $user['donated_cny'] > 0 )&& (get_user_class() >= $userprofile_class || $CURUSER["id"] == $user["id"])) +if (($user['donated'] > 0 || $user['donated_cny'] > 0 )&& (user_can('userprofile') || $CURUSER["id"] == $user["id"])) tr_small($lang_userdetails['row_donated'], "$".htmlspecialchars($user['donated'])."      ".htmlspecialchars($user['donated_cny']), 1); if ($user["avatar"]) @@ -374,11 +374,13 @@ if (!empty($props)) { tr_small($lang_userdetails['row_user_props'], sprintf('
    %s
    ', implode(' | ', $props)), 1); } -tr_small($lang_userdetails['row_torrent_comment'], ($torrentcomments && ($user["id"] == $CURUSER["id"] || get_user_class() >= $viewhistory_class) ? "".$torrentcomments."" : $torrentcomments), 1); +do_action('user_detail_rows', $user['id'], 'web'); -tr_small($lang_userdetails['row_forum_posts'], ($forumposts && ($user["id"] == $CURUSER["id"] || get_user_class() >= $viewhistory_class) ? "".$forumposts."" : $forumposts), 1); +tr_small($lang_userdetails['row_torrent_comment'], ($torrentcomments && ($user["id"] == $CURUSER["id"] || user_can('viewhistory')) ? "".$torrentcomments."" : $torrentcomments), 1); -if ($user["id"] == $CURUSER["id"] || get_user_class() >= $viewhistory_class) { +tr_small($lang_userdetails['row_forum_posts'], ($forumposts && ($user["id"] == $CURUSER["id"] || user_can('viewhistory')) ? "".$forumposts."" : $forumposts), 1); + +if ($user["id"] == $CURUSER["id"] || user_can('viewhistory')) { if (\App\Models\HitAndRun::getIsEnabled()) { $hrStatus = (new \App\Repositories\HitAndRunRepository())->getStatusStats($user['id']); tr_small('H&R', sprintf('%s', $user['id'], $hrStatus), 1); @@ -392,7 +394,7 @@ if ($user["id"] == $CURUSER["id"] || get_user_class() >= $viewhistory_class) { } -if ($user["ip"] && (get_user_class() >= $torrenthistory_class || $user["id"] == $CURUSER["id"])){ +if ($user["ip"] && (user_can('torrenthistory') || $user["id"] == $CURUSER["id"])){ tr_small($lang_userdetails['row_uploaded_torrents'], "\"Show/Hide\" ".$lang_userdetails['text_show_or_hide']."
    ", 1); @@ -417,7 +419,7 @@ else } $showpmbutton = 0; if ($CURUSER["id"] != $user["id"]) -if (get_user_class() >= $staffmem_class) +if (user_can('staffmem')) $showpmbutton = 1; elseif ($user["acceptpms"] == "yes") { @@ -439,7 +441,7 @@ print(""); } print("
    %s%s%s%s%s%s%s
    \n"); -if (get_user_class() >= $prfmanage_class && $user["class"] < get_user_class()) +if (user_can('prfmanage') && $user["class"] < get_user_class()) { begin_frame($lang_userdetails['text_edit_user'], true); print("
    "); @@ -482,7 +484,7 @@ if (get_user_class() >= $prfmanage_class && $user["class"] < get_user_class()) tr($lang_userdetails['row_movie_picker'], "".$lang_userdetails['radio_yes']."".$lang_userdetails['radio_no'], 1); tr($lang_userdetails['row_pick_for'], "", 1); - if (get_user_class() >= $cruprfmanage_class) + if (user_can('cruprfmanage')) { $modcomment = htmlspecialchars($user["modcomment"]); tr($lang_userdetails['row_comment'], "", 1); @@ -582,7 +584,7 @@ JS; tr($lang_userdetails['row_download_possible'], "".$lang_userdetails['radio_yes']."".$lang_userdetails['radio_no'], 1); tr($lang_userdetails['row_show_ad'], "".$lang_userdetails['radio_yes']."".$lang_userdetails['radio_no'], 1); tr($lang_userdetails['row_no_ad_until'], " ".$lang_userdetails['text_no_ad_until_note'], 1); - if (get_user_class() >= $cruprfmanage_class) + if (user_can('cruprfmanage')) { tr($lang_userdetails['row_change_username'], "", 1); @@ -592,7 +594,7 @@ JS; tr($lang_userdetails['row_change_password'], "", 1); tr($lang_userdetails['row_repeat_password'], "", 1); - if (get_user_class() >= $cruprfmanage_class) + if (user_can('cruprfmanage')) { // tr($lang_userdetails['row_amount_uploaded'], "".$lang_userdetails['change_field_value_migrated'], 1); // tr($lang_userdetails['row_amount_downloaded'], "".$lang_userdetails['change_field_value_migrated'], 1); @@ -610,7 +612,7 @@ JS; print("\n"); print("
    \n"); end_frame(); - if (get_user_class() >= $cruprfmanage_class) + if (user_can('cruprfmanage')) { begin_frame($lang_userdetails['text_delete_user'], true); print("
    diff --git a/public/userhistory.php b/public/userhistory.php index 77afa41a..6faaf1ab 100644 --- a/public/userhistory.php +++ b/public/userhistory.php @@ -8,7 +8,7 @@ parked(); $userid = $_GET["id"]; int_check($userid,true); -if ($CURUSER["id"] != $userid && get_user_class() < $viewhistory_class) +if ($CURUSER["id"] != $userid && !user_can('viewhistory')) permissiondenied(); $action = htmlspecialchars($_GET["action"]); @@ -107,7 +107,7 @@ if ($action == "viewposts") "

    \n"); print("
    "); - + print("\n"); $body = format_comment($arr["body"]); @@ -228,7 +228,7 @@ if ($action == "viewcomments") " --- ".$lang_userhistory['text_comment']."#$commentid

    \n"); print("
    "); - + print("\n"); $body = format_comment($arr["text"]); @@ -236,7 +236,7 @@ if ($action == "viewcomments") print("\n"); print("
    $body
    \n"); - + print("
    "); } diff --git a/public/users.php b/public/users.php index 8aab5230..e3e798a0 100644 --- a/public/users.php +++ b/public/users.php @@ -4,8 +4,7 @@ dbconn(); require_once(get_langfile_path()); loggedinorreturn(); parked(); -if (get_user_class() < $viewuserlist_class) -permissiondenied(); +user_can('viewuserlist', true); $search = trim($_GET['search']); $class = $_GET['class']; $country = intval($_GET['country'] ?? 0); diff --git a/public/viewnfo.php b/public/viewnfo.php index 1fcfa3c7..c63fcd91 100644 --- a/public/viewnfo.php +++ b/public/viewnfo.php @@ -5,7 +5,7 @@ require_once(get_langfile_path()); loggedinorreturn(); parked(); $id = $_GET["id"]; -if (get_user_class() < $viewnfo_class || !is_valid_id($id) || $enablenfo_main != 'yes') +if (!user_can('viewnfo') || !is_valid_id($id) || $enablenfo_main != 'yes') permissiondenied(); $r = sql_query("SELECT name,nfo FROM torrents WHERE id=$id") or sqlerr(); diff --git a/public/viewpeerlist.php b/public/viewpeerlist.php index 98943914..585a438f 100644 --- a/public/viewpeerlist.php +++ b/public/viewpeerlist.php @@ -81,7 +81,7 @@ function dltable($name, $arr, $torrent) global $lang_functions, $seedBoxRep; $s = "" . count($arr) . " $name\n"; - $showLocationColumn = $enablelocation_tweak == 'yes' || get_user_class() >= $userprofile_class; + $showLocationColumn = $enablelocation_tweak == 'yes' || user_can('userprofile'); if (!count($arr)) return $s; $s .= "\n"; @@ -110,7 +110,7 @@ function dltable($name, $arr, $torrent) $secs = max(1, ($e["la"] - $e["st"])); $columnLocation = $usernameSeedBoxIcon = ''; $isStrongPrivacy = $privacy == "strong" || ($torrent['anonymous'] == 'yes' && $e['userid'] == $torrent['owner']); - $canView = get_user_class() >= $viewanonymous_class || $e['userid'] == $CURUSER['id']; + $canView = user_can('viewanonymous') || $e['userid'] == $CURUSER['id']; if ($showLocationColumn) { $columnLocation = get_location_column($e, $isStrongPrivacy, $canView); } else { diff --git a/public/viewsnatches.php b/public/viewsnatches.php index fadca0bc..0d7c062d 100644 --- a/public/viewsnatches.php +++ b/public/viewsnatches.php @@ -19,7 +19,7 @@ if ($count){ list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["SCRIPT_NAME"] . "?id=" . htmlspecialchars($id) . "&" ); print("

    ".$lang_viewsnatches['text_users_top_finished_recently']."

    "); print("\n"); - print("".(get_user_class() >= $userprofile_class ? "" : "").""); + print("".(user_can('userprofile') ? "" : "").""); $res = sql_query("SELECT * FROM snatched WHERE finished='yes' AND torrentid =" . sqlesc($id) . " ORDER BY completedat DESC $limit"); @@ -48,12 +48,12 @@ if ($count){ $userrow = get_user_row($arr['userid']); if ($userrow['privacy'] == 'strong'){ $username = $lang_viewsnatches['text_anonymous']; - if (get_user_class() >= $viewanonymous_class || $arr["id"] == $CURUSER['id']) + if (user_can('viewanonymous') || $arr["id"] == $CURUSER['id']) $username .= "
    (".get_username($arr['userid']).")"; } else $username = get_username($arr['userid']); $reportImage = "\"Report\""; - print("".(get_user_class() >= $userprofile_class ? "" : "")."\n"); + print("".(user_can('userprofile') ? "" : "")."\n"); } print("
    ".$lang_viewsnatches['col_username']."".$lang_viewsnatches['col_ip']."".$lang_viewsnatches['col_uploaded']."/".$lang_viewsnatches['col_downloaded']."".$lang_viewsnatches['col_ratio']."".$lang_viewsnatches['col_se_time']."".$lang_viewsnatches['col_le_time']."".$lang_viewsnatches['col_when_completed']."".$lang_viewsnatches['col_last_action']."".$lang_viewsnatches['col_report_user']."
    ".$lang_viewsnatches['col_username']."".$lang_viewsnatches['col_ip']."".$lang_viewsnatches['col_uploaded']."/".$lang_viewsnatches['col_downloaded']."".$lang_viewsnatches['col_ratio']."".$lang_viewsnatches['col_se_time']."".$lang_viewsnatches['col_le_time']."".$lang_viewsnatches['col_when_completed']."".$lang_viewsnatches['col_last_action']."".$lang_viewsnatches['col_report_user']."
    " . $username ."".$arr['ip']."".$uploaded."@".$uprate.$lang_viewsnatches['text_per_second']."
    ".$downloaded."@".$downrate.$lang_viewsnatches['text_per_second']."    		$ratio$seedtime$leechtime".gettime($arr['completedat'],true,false)."".gettime($arr['last_action'],true,false)."".($userrow['privacy'] != 'strong' || get_user_class() >= $viewanonymous_class ? "$reportImage" : $reportImage)."
    " . $username ."".$arr['ip']."".$uploaded."@".$uprate.$lang_viewsnatches['text_per_second']."
    ".$downloaded."@".$downrate.$lang_viewsnatches['text_per_second']."    		$ratio$seedtime$leechtime".gettime($arr['completedat'],true,false)."".gettime($arr['last_action'],true,false)."".($userrow['privacy'] != 'strong' || user_can('viewanonymous') ? "$reportImage" : $reportImage)."
    \n"); print($pagerbottom); diff --git a/resources/lang/en/permission.php b/resources/lang/en/permission.php new file mode 100644 index 00000000..f345c7c8 --- /dev/null +++ b/resources/lang/en/permission.php @@ -0,0 +1,196 @@ + [ + 'text' => 'Approval Torrent', + 'desc' => 'Allow, Deny, or mark as unreviewed', + ], + 'defaultclass' => [ + 'text' => 'Default Class', + 'desc' => ' Class upon registration', + ], + 'staffmem' => [ + 'text' => 'Staff Member', + 'desc' => 'Classes considered as staff members, e.g. can view staffbox', + ], + 'newsmanage' => [ + 'text' => 'News Management', + 'desc' => 'Add new, edit, delete news', + ], + 'newfunitem' => [ + 'text' => 'Post funbox item', + 'desc' => "Post new funbox items and edit own's funbox items", + ], + 'funmanage' => [ + 'text' => 'Funbox Management', + 'desc' => "Edit, delete, ban anyone's funbox items", + ], + 'sbmanage' => [ + 'text' => 'Shoutbox Management', + 'desc' => 'Delete messages in shoutbox and helpbox', + ], + 'pollmanage' => [ + 'text' => 'Poll Management', + 'desc' => 'Add new, edit, delete polls', + ], + 'applylink' => [ + 'text' => 'Apply for Links', + 'desc' => 'Apply for links on main page', + ], + 'linkmanage' => [ + 'text' => 'Link Management', + 'desc' => ' Add new, edit, delete links', + ], + 'postmanage' => [ + 'text' => 'Forum Post Management', + 'desc' => 'Edit, delete, move, stick, lock forum posts', + ], + 'commanage' => [ + 'text' => 'Comment Management', + 'desc' => 'Edit, delete comments of torrents, offers', + ], + 'forummanage' => [ + 'text' => 'Forum Management', + 'desc' => 'Add new, edit, delete, move forums', + ], + 'viewuserlist' => [ + 'text' => 'View User List', + 'desc' => 'View, search user list', + ], + 'torrentmanage' => [ + 'text' => 'Torrent Management', + 'desc' => 'Edit, delete torrents, excluding setting torrent sticky or on promotion', + ], + 'torrentsticky' => [ + 'text' => 'Torrent Sticky', + 'desc' => ' Set torrents sticky', + ], + 'torrentonpromotion' => [ + 'text' => 'Torrent on Promotion', + 'desc' => 'Set torrents on promotion', + ], + 'torrent_hr' => [ + 'text' => 'Set Torrent H&R', + 'desc' => '.Set torrent join the H&R inspect', + ], + 'askreseed' => [ + 'text' => 'Ask for reseed', + 'desc' => 'Ask for reseed when torrents are dead', + ], + 'viewnfo' => [ + 'text' => 'View NFO', + 'desc' => 'View NFO files', + ], + 'torrentstructure' => [ + 'text' => 'View Torrent Structure', + 'desc' => 'View structure of torrent files', + ], + 'sendinvite' => [ + 'text' => 'Send Invite', + 'desc' => 'Send invitation of membership to others', + ], + 'viewhistory' => [ + 'text' => 'View History', + 'desc' => "View other's comment and post history", + ], + 'topten' => [ + 'text' => 'View Topten', + 'desc' => 'View Top Ten', + ], + 'log' => [ + 'text' => 'View General Log', + 'desc' => 'View general log, excluding confidential log', + ], + 'confilog' => [ + 'text' => 'View Confidential Log', + 'desc' => 'View confidential log, e.g. site setting changes', + ], + 'userprofile' => [ + 'text' => "View User's Confidential Profile", + 'desc' => "View user's confidential profile, e.g. IP address, Email address", + ], + 'torrenthistory' => [ + 'text' => "View User's Torrent History", + 'desc' => "View user's torrent history, e.g. downloaded torrents.Valid only when user's setting for privacy level is not 'strong'" + ], + 'prfmanage' => [ + 'text' => "User's General Profile Management", + 'desc' => " Change user's profile, excluding crucial ones e.g. email, username, uploaded and downloaded amount, bonus" + ], + 'cruprfmanage' => [ + 'text' => "User's Crucial Profile Management", + 'desc' => "Change user's crucial profile, excluding donation (only Staff Leader can manage donation)", + ], + 'uploadsub' => [ + 'text' => 'Upload subtitle', + 'desc' => 'Upload subtitles for torrents', + ], + 'delownsub' => [ + 'text' => "Delete own's subtitle", + 'desc' => 'Delete subtitles uploaded by oneself', + ], + 'submanage' => [ + 'text' => 'Subtitle Management', + 'desc' => 'Delete any subtitle', + ], + 'updateextinfo' => [ + 'text' => 'Update External Info', + 'desc' => 'Update outdated external infomation, e.g. IMDb info', + ], + 'viewanonymous' => [ + 'text' => 'View Anonymous', + 'desc' => 'View who anonymous one is', + ], + 'beanonymous' => [ + 'text' => 'Be Anonymous', + 'desc' => 'Upload torrents, subtitles anonymously', + ], + 'addoffer' => [ + 'text' => 'Add Offer', + 'desc' => ' Add offers to upload', + ], + 'offermanage' => [ + 'text' => 'Offer Management', + 'desc' => 'Allow, Edit, Delete offer', + ], + 'upload' => [ + 'text' => 'Upload Torrent', + 'desc' => 'Upload torrents to Torrents section', + ], + 'uploadspecial' => [ + 'text' => 'Upload Special Torrent', + 'desc' => 'Upload torrents to Special section', + ], + 'view_special_torrent' => [ + 'text' => 'View Special Torrent', + 'desc' => 'View torrents in Special section', + ], + 'movetorrent' => [ + 'text' => 'Move Torrent', + 'desc' => 'Move torrents between sections', + ], + 'chrmanage' => [ + 'text' => 'Chronicle Management', + 'desc' => 'Add, edit, delete chronicle', + ], + 'viewinvite' => [ + 'text' => 'View Invite', + 'desc' => "View user's invite history", + ], + 'buyinvite' => [ + 'text' => 'Buy Invites', + 'desc' => 'Buy invites at bonus center', + ], + 'seebanned' => [ + 'text' => 'See Banned Torrents', + 'desc' => 'See and download banned torrents', + ], + 'againstoffer' => [ + 'text' => 'Vote Against Offers', + 'desc' => 'Vote against offers', + ], + 'userbar' => [ + 'text' => 'Allow Userbar', + 'desc' => ' Get his userba', + ], +]; diff --git a/resources/lang/en/user.php b/resources/lang/en/user.php index f2ef1427..33e2e17d 100644 --- a/resources/lang/en/user.php +++ b/resources/lang/en/user.php @@ -17,7 +17,7 @@ return [ 'attendance_card' => 'Attend card', 'props' => 'Props', ], - 'class_name' => [ + 'class_names' => [ \App\Models\User::CLASS_VIP => 'Vip', \App\Models\User::CLASS_RETIREE => 'Retiree', \App\Models\User::CLASS_UPLOADER => 'Uploader', diff --git a/resources/lang/zh_CN/permission.php b/resources/lang/zh_CN/permission.php new file mode 100644 index 00000000..c6e4645c --- /dev/null +++ b/resources/lang/zh_CN/permission.php @@ -0,0 +1,196 @@ + [ + 'text' => '审核种子', + 'desc' => '通过种子、拒绝种子、或将种子标记为未审', + ], + 'defaultclass' => [ + 'text' => '默认等级', + 'desc' => '注册时获得的等级', + ], + 'staffmem' => [ + 'text' => '管理组成员', + 'desc' => '被认为是管理组成员的等级,如可以查看管理组信箱', + ], + 'newsmanage' => [ + 'text' => '管理最近消息', + 'desc' => '添加、编辑、删除最近消息', + ], + 'newfunitem' => [ + 'text' => '发布趣味盒内容', + 'desc' => '允许发布新的趣味盒内容及编辑自己发布的趣味盒内容', + ], + 'funmanage' => [ + 'text' => '管理趣味盒', + 'desc' => '编辑、删除、禁止任何人发布的趣味盒内容', + ], + 'sbmanage' => [ + 'text' => '管理群聊区', + 'desc' => '删除群聊区和救助区的信息', + ], + 'pollmanage' => [ + 'text' => '管理投票', + 'desc' => '添加、编辑、删除投票', + ], + 'applylink' => [ + 'text' => '申请链接', + 'desc' => '申请在首页的友情链接', + ], + 'linkmanage' => [ + 'text' => '管理友情链接', + 'desc' => '添加、编辑、删除友情链接', + ], + 'postmanage' => [ + 'text' => '管理论坛帖子', + 'desc' => '编辑、删除、移动、置顶、锁定论坛帖子', + ], + 'commanage' => [ + 'text' => '管理评论', + 'desc' => '编辑、删除种子和候选的评论', + ], + 'forummanage' => [ + 'text' => '管理论坛版块', + 'desc' => '添加、编辑、删除、移动论坛版块', + ], + 'viewuserlist' => [ + 'text' => '查看用户列表', + 'desc' => '查看、搜索用户列表', + ], + 'torrentmanage' => [ + 'text' => '管理种子', + 'desc' => '编辑、删除种子,但不能将种子设为置顶或促销', + ], + 'torrentsticky' => [ + 'text' => '设定种子置顶', + 'desc' => '将种子设为置顶', + ], + 'torrentonpromotion' => [ + 'text' => '设定种子为促销', + 'desc' => '将种子设为促销', + ], + 'torrent_hr' => [ + 'text' => '设定种子 H&R', + 'desc' => '将种子设置为参与 H&R 考察', + ], + 'askreseed' => [ + 'text' => '请求续种', + 'desc' => '当种子断种时请求续种', + ], + 'viewnfo' => [ + 'text' => '查看NFO', + 'desc' => '查看NFO文件', + ], + 'torrentstructure' => [ + 'text' => '查看种子结构', + 'desc' => '查看种子文件的结构', + ], + 'sendinvite' => [ + 'text' => '发送邀请', + 'desc' => '发送加入网站的邀请函给其他人', + ], + 'viewhistory' => [ + 'text' => '查看历史记录', + 'desc' => '查看其他用户的评论和帖子历史记录', + ], + 'topten' => [ + 'text' => '查看排行榜', + 'desc' => '查看排行榜', + ], + 'log' => [ + 'text' => '查看一般日志', + 'desc' => '查看一般日志,不能查看机密日志', + ], + 'confilog' => [ + 'text' => '查看机密日志', + 'desc' => '查看机密日志,如站点设定更改', + ], + 'userprofile' => [ + 'text' => '查看用户机密档案', + 'desc' => '查看用户的机密档案,如IP地址,邮箱地址', + ], + 'torrenthistory' => [ + 'text' => '查看用户种子历史记录', + 'desc' => '查看用户的种子历史记录,如下载种子的历史记录。只有用户的隐私等级没有设为’强‘时才生效', + ], + 'prfmanage' => [ + 'text' => '管理用户基本档案', + 'desc' => '改变用户的基本档案,但不能改变其中重要的项目,如邮箱地址、用户名、上传量、下载量、魔力值数', + ], + 'cruprfmanage' => [ + 'text' => '管理用户重要档案信息', + 'desc' => '改变用户所有档案信息,除了捐赠信息外(只有主管能管理捐赠信息)', + ], + 'uploadsub' => [ + 'text' => '上传字幕', + 'desc' => '上传种子对应的字幕', + ], + 'delownsub' => [ + 'text' => '删除自己的字幕', + 'desc' => '删除自己上传的字幕', + ], + 'submanage' => [ + 'text' => '管理字幕', + 'desc' => '删除任何字幕', + ], + 'updateextinfo' => [ + 'text' => '更新外部信息', + 'desc' => '更新外部信息,如IMDb信息', + ], + 'viewanonymous' => [ + 'text' => '查看匿名者', + 'desc' => '查看匿名者的真实身份', + ], + 'beanonymous' => [ + 'text' => '作为匿名', + 'desc' => '在发布种子、上传字幕时选择匿名', + ], + 'addoffer' => [ + 'text' => '添加候选', + 'desc' => '允许发起候选', + ], + 'offermanage' => [ + 'text' => '管理候选', + 'desc' => '通过、编辑、删除候选', + ], + 'upload' => [ + 'text' => '发布种子', + 'desc' => '发布种子到种子区', + ], + 'uploadspecial' => [ + 'text' => '发布种子至特别区', + 'desc' => '发布种子到特别区', + ], + 'view_special_torrent' => [ + 'text' => '查看特别区种子', + 'desc' => '查看特别区种子', + ], + 'movetorrent' => [ + 'text' => '移动种子', + 'desc' => '将种子在各区间移动', + ], + 'chrmanage' => [ + 'text' => '管理史册', + 'desc' => '添加、编辑、删除史册内容', + ], + 'viewinvite' => [ + 'text' => '查看邀请', + 'desc' => '查看用户的邀请历史记录', + ], + 'buyinvite' => [ + 'text' => '购买邀请', + 'desc' => '允许在魔力值中心购买邀请', + ], + 'seebanned' => [ + 'text' => '查看被禁止的种子', + 'desc' => '查看、下载被禁止的种子', + ], + 'againstoffer' => [ + 'text' => '对候选投反对票', + 'desc' => '对候选投反对票', + ], + 'userbar' => [ + 'text' => '允许个性条', + 'desc' => '允许用户使用个性条', + ], +]; diff --git a/resources/lang/zh_TW/permission.php b/resources/lang/zh_TW/permission.php new file mode 100644 index 00000000..7c7f5935 --- /dev/null +++ b/resources/lang/zh_TW/permission.php @@ -0,0 +1,196 @@ + [ + 'text' => '審核種子', + 'desc' => '通過種子、拒絕種子、或將種子標記為未審', + ], + 'defaultclass' => [ + 'text' => '預設等級', + 'desc' => '註冊時獲得的等級', + ], + 'staffmem' => [ + 'text' => '管理組成員', + 'desc' => '被認為是管理組成員的等級,如可以檢視管理組郵箱', + ], + 'newsmanage' => [ + 'text' => '管理最近訊息', + 'desc' => '添加、編輯、移除最近訊息', + ], + 'newfunitem' => [ + 'text' => '發布趣味盒內容', + 'desc' => '允許發布新的趣味盒內容及編輯自己發布的趣味盒內容', + ], + 'funmanage' => [ + 'text' => '管理趣味盒', + 'desc' => '編輯、移除、禁止任何人發布的趣味盒內容', + ], + 'sbmanage' => [ + 'text' => '管理群聊區', + 'desc' => '移除群聊區和救助區的資訊', + ], + 'pollmanage' => [ + 'text' => '管理投票', + 'desc' => '添加、編輯、移除投票', + ], + 'applylink' => [ + 'text' => '申請鏈結', + 'desc' => '申請在首頁的友情鏈結', + ], + 'linkmanage' => [ + 'text' => '管理友情鏈結', + 'desc' => '添加、編輯、移除友情鏈結', + ], + 'postmanage' => [ + 'text' => '管理論壇帖子', + 'desc' => '編輯、移除、移動、置頂、鎖定論壇帖子', + ], + 'commanage' => [ + 'text' => '管理評論', + 'desc' => '編輯、移除種子和候選的評論', + ], + 'forummanage' => [ + 'text' => '管理論壇版塊', + 'desc' => '添加、編輯、移除、移動論壇版塊', + ], + 'viewuserlist' => [ + 'text' => '檢視用戶清單', + 'desc' => '檢視、搜索用戶清單', + ], + 'torrentmanage' => [ + 'text' => '管理種子', + 'desc' => '編輯、移除種子,但無法將種子設為置頂或促銷', + ], + 'torrentsticky' => [ + 'text' => '設定種子置頂', + 'desc' => '將種子設為置頂', + ], + 'torrentonpromotion' => [ + 'text' => '設定種子為促銷', + 'desc' => '將種子設為促銷', + ], + 'torrent_hr' => [ + 'text' => '設定種子 H&R', + 'desc' => '將種子設置為參與 H&R 考察', + ], + 'askreseed' => [ + 'text' => '要求續種', + 'desc' => '當種子斷種時要求續種', + ], + 'viewnfo' => [ + 'text' => '檢視NFO', + 'desc' => '檢視NFO檔案', + ], + 'torrentstructure' => [ + 'text' => '檢視種子架構', + 'desc' => '檢視種子檔案的架構', + ], + 'sendinvite' => [ + 'text' => '傳送邀請', + 'desc' => '傳送加入網站的邀請函給其他人', + ], + 'viewhistory' => [ + 'text' => '檢視曆史記錄', + 'desc' => '檢視其他用戶的評論和帖子曆史記錄', + ], + 'topten' => [ + 'text' => '檢視排行榜', + 'desc' => '檢視排行榜', + ], + 'log' => [ + 'text' => '檢視一般日誌', + 'desc' => '檢視一般日誌,無法檢視機密日誌', + ], + 'confilog' => [ + 'text' => '檢視機密日誌', + 'desc' => '檢視機密日誌,如網站設定變更', + ], + 'userprofile' => [ + 'text' => '檢視用戶機密檔案', + 'desc' => '檢視用戶的機密檔案,如IP位址,郵箱位址', + ], + 'torrenthistory' => [ + 'text' => '檢視用戶種子曆史記錄', + 'desc' => '檢視用戶的種子曆史記錄,如下載種子的曆史記錄。只有用戶的隱私等級沒有設為’強‘時才生效', + ], + 'prfmanage' => [ + 'text' => '管理用戶基本檔案', + 'desc' => '改變用戶的基本檔案,但無法改變其中重要的項目,如郵箱位址、用戶名、上傳量、下載量、魔力值數', + ], + 'cruprfmanage' => [ + 'text' => '管理用戶重要檔案資訊', + 'desc' => '改變用戶所有檔案資訊,除了捐贈資訊外(只有主管能管理捐贈資訊)', + ], + 'uploadsub' => [ + 'text' => '上傳字幕', + 'desc' => '上傳種子對應的字幕', + ], + 'delownsub' => [ + 'text' => '移除自己的字幕', + 'desc' => '移除自己上傳的字幕', + ], + 'submanage' => [ + 'text' => '管理字幕', + 'desc' => '移除任何字幕', + ], + 'updateextinfo' => [ + 'text' => '更新外部資訊', + 'desc' => '更新外部資訊,如IMDb資訊', + ], + 'viewanonymous' => [ + 'text' => '檢視匿名者', + 'desc' => '檢視匿名者的真實身份', + ], + 'beanonymous' => [ + 'text' => '作為匿名', + 'desc' => '在發布種子、上傳字幕時選取匿名', + ], + 'addoffer' => [ + 'text' => '添加候選', + 'desc' => '允許發起候選', + ], + 'offermanage' => [ + 'text' => '管理候選', + 'desc' => '通過、編輯、移除候選', + ], + 'upload' => [ + 'text' => '發布種子', + 'desc' => '發布種子到種子區', + ], + 'uploadspecial' => [ + 'text' => '發布種子至特別區', + 'desc' => '發布種子到特別區', + ], + 'view_special_torrent' => [ + 'text' => '查看特別區種子', + 'desc' => '查看特別區種子', + ], + 'movetorrent' => [ + 'text' => '移動種子', + 'desc' => '將種子在各區間移動', + ], + 'chrmanage' => [ + 'text' => '管理史冊', + 'desc' => '添加、編輯、移除史冊內容', + ], + 'viewinvite' => [ + 'text' => '檢視邀請', + 'desc' => '檢視用戶的邀請曆史記錄', + ], + 'buyinvite' => [ + 'text' => '購買邀請', + 'desc' => '允許在魔力值中心購買邀請', + ], + 'seebanned' => [ + 'text' => '檢視被禁止的種子', + 'desc' => '檢視、下載被禁止的種子', + ], + 'againstoffer' => [ + 'text' => '對候選投反對票', + 'desc' => '對候選投反對票', + ], + 'userbar' => [ + 'text' => '允許個性條', + 'desc' => '允許用戶使用個性條', + ], +]; diff --git a/resources/lang/zh_TW/user.php b/resources/lang/zh_TW/user.php index 7e744363..9fa65910 100644 --- a/resources/lang/zh_TW/user.php +++ b/resources/lang/zh_TW/user.php @@ -17,7 +17,7 @@ return [ 'attendance_card' => '補簽卡', 'props' => '道具', ], - 'class_name' => [ + 'class_names' => [ \App\Models\User::CLASS_VIP => '貴賓', \App\Models\User::CLASS_RETIREE => '養老族', \App\Models\User::CLASS_UPLOADER => '發布員', diff --git a/resources/views/filament/resources/user/user-resource/pages/user-profile.blade.php b/resources/views/filament/resources/user/user-resource/pages/user-profile.blade.php index e1b3b996..38f4c15f 100644 --- a/resources/views/filament/resources/user/user-resource/pages/user-profile.blade.php +++ b/resources/views/filament/resources/user/user-resource/pages/user-profile.blade.php @@ -49,6 +49,7 @@ @endif + {!! do_action('user_detail_rows', $record->id, 'admin') !!} {{__('label.user.invite_by')}} {{$record->inviter->username ?? ''}}