lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-22 02:47:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

add requests and tags

Browse Source
This commit is contained in:
xiaomlove
2021-02-20 18:22:19 +08:00
parent 605ec25284
commit d506a4ebfb
13 changed files with 613 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/functions.php
+91 -13
View File
@@ -2108,7 +2108,7 @@ function menu ($selected = "home") {
global $enableoffer, $enablespecial, $enableextforum, $extforumurl, $where_tweak;
global $USERUPDATESET;
//no this option in config.php
$enablerequest = 'no';
$enablerequest = 'yes';
$script_name = $_SERVER["SCRIPT_FILENAME"];
if (preg_match("/index/i", $script_name)) {
$selected = "home";
@@ -2120,6 +2120,8 @@ function menu ($selected = "home") {
$selected = "music";
}elseif (preg_match("/offers/i", $script_name) OR preg_match("/offcomment/i", $script_name)) {
$selected = "offers";
}elseif (preg_match("/requests/i", $script_name)) {
$selected = "requests";
}elseif (preg_match("/upload/i", $script_name)) {
$selected = "upload";
}elseif (preg_match("/subtitles/i", $script_name)) {
@@ -2153,7 +2155,7 @@ function menu ($selected = "home") {
print ("<li" . ($selected == "requests" ? " class=\"selected\"" : "") . "><a href=\"viewrequests.php\">".$lang_functions['text_request']."</a></li>");
print ("<li" . ($selected == "upload" ? " class=\"selected\"" : "") . "><a href=\"upload.php\">".$lang_functions['text_upload']."</a></li>");
print ("<li" . ($selected == "subtitles" ? " class=\"selected\"" : "") . "><a href=\"subtitles.php\">".$lang_functions['text_subtitles']."</a></li>");
print ("<li" . ($selected == "usercp" ? " class=\"selected\"" : "") . "><a href=\"usercp.php\">".$lang_functions['text_user_cp']."</a></li>");
// print ("<li" . ($selected == "usercp" ? " class=\"selected\"" : "") . "><a href=\"usercp.php\">".$lang_functions['text_user_cp']."</a></li>");
print ("<li" . ($selected == "topten" ? " class=\"selected\"" : "") . "><a href=\"topten.php\">".$lang_functions['text_top_ten']."</a></li>");
print ("<li" . ($selected == "log" ? " class=\"selected\"" : "") . "><a href=\"log.php\">".$lang_functions['text_log']."</a></li>");
print ("<li" . ($selected == "rules" ? " class=\"selected\"" : "") . "><a href=\"rules.php\">".$lang_functions['text_rules']."</a></li>");
@@ -2428,12 +2430,24 @@ else {
<table id="info_block" cellpadding="4" cellspacing="0" border="0" width="100%"><tr>
<td><table width="100%" cellspacing="0" cellpadding="0" border="0"><tr>
<td class="bottom" align="left"><span class="medium"><?php echo $lang_functions['text_welcome_back'] ?>, <?php echo get_username($CURUSER['id'])?> [<a href="logout.php"><?php echo $lang_functions['text_logout'] ?></a>]<?php if (get_user_class() >= UC_MODERATOR) { ?> [<a href="staffpanel.php"><?php echo $lang_functions['text_staff_panel'] ?></a>] <?php }?> <?php if (get_user_class() >= UC_SYSOP) { ?> [<a href="settings.php"><?php echo $lang_functions['text_site_settings'] ?></a>]<?php } ?> [<a href="torrents.php?inclbookmarked=1&amp;allsec=1&amp;incldead=0"><?php echo $lang_functions['text_bookmarks'] ?></a>] <font class = 'color_bonus'><?php echo $lang_functions['text_bonus'] ?></font>[<a href="mybonus.php"><?php echo $lang_functions['text_use'] ?></a>]: <?php echo number_format($CURUSER['seedbonus'], 1)?> <font class = 'color_invite'><?php echo $lang_functions['text_invite'] ?></font>[<a href="invite.php?id=<?php echo $CURUSER['id']?>"><?php echo $lang_functions['text_send'] ?></a>]: <?php echo $CURUSER['invites']?><br />
<font class="color_ratio"><?php echo $lang_functions['text_ratio'] ?></font> <?php echo $ratio?> <font class='color_uploaded'><?php echo $lang_functions['text_uploaded'] ?></font> <?php echo mksize($CURUSER['uploaded'])?><font class='color_downloaded'> <?php echo $lang_functions['text_downloaded'] ?></font> <?php echo mksize($CURUSER['downloaded'])?> <font class='color_active'><?php echo $lang_functions['text_active_torrents'] ?></font> <img class="arrowup" alt="Torrents seeding" title="<?php echo $lang_functions['title_torrents_seeding'] ?>" src="pic/trans.gif" /><?php echo $activeseed?> <img class="arrowdown" alt="Torrents leeching" title="<?php echo $lang_functions['title_torrents_leeching'] ?>" src="pic/trans.gif" /><?php echo $activeleech?>&nbsp;&nbsp;<font class='color_connectable'><?php echo $lang_functions['text_connectable'] ?></font><?php echo $connectable?> <?php echo maxslots();?></span></td>
<td class="bottom" align="left">
<span class="medium">
<?php echo $lang_functions['text_welcome_back'] ?>, <?php echo get_username($CURUSER['id'])?>
[<a href="logout.php"><?php echo $lang_functions['text_logout'] ?></a>]
[<a href="usercp.php"><?php echo $lang_functions['text_user_cp'] ?></a>]
<?php if (get_user_class() >= UC_MODERATOR) { ?> [<a href="staffpanel.php"><?php echo $lang_functions['text_staff_panel'] ?></a>] <?php }?>
<?php if (get_user_class() >= UC_SYSOP) { ?> [<a href="settings.php"><?php echo $lang_functions['text_site_settings'] ?></a>]<?php } ?>
[<a href="torrents.php?inclbookmarked=1&amp;allsec=1&amp;incldead=0"><?php echo $lang_functions['text_bookmarks'] ?></a>]
<font class = 'color_bonus'><?php echo $lang_functions['text_bonus'] ?></font>[<a href="mybonus.php"><?php echo $lang_functions['text_use'] ?></a>]: <?php echo number_format($CURUSER['seedbonus'], 1)?>
<font class = 'color_invite'><?php echo $lang_functions['text_invite'] ?></font>[<a href="invite.php?id=<?php echo $CURUSER['id']?>"><?php echo $lang_functions['text_send'] ?></a>]: <?php echo $CURUSER['invites']?><br />
<font class="color_ratio"><?php echo $lang_functions['text_ratio'] ?></font> <?php echo $ratio?>
<font class='color_uploaded'><?php echo $lang_functions['text_uploaded'] ?></font> <?php echo mksize($CURUSER['uploaded'])?>
<font class='color_downloaded'> <?php echo $lang_functions['text_downloaded'] ?></font> <?php echo mksize($CURUSER['downloaded'])?>
<font class='color_active'><?php echo $lang_functions['text_active_torrents'] ?></font> <img class="arrowup" alt="Torrents seeding" title="<?php echo $lang_functions['title_torrents_seeding'] ?>" src="pic/trans.gif" /><?php echo $activeseed?> <img class="arrowdown" alt="Torrents leeching" title="<?php echo $lang_functions['title_torrents_leeching'] ?>" src="pic/trans.gif" /><?php echo $activeleech?>&nbsp;&nbsp;
<font class='color_connectable'><?php echo $lang_functions['text_connectable'] ?></font><?php echo $connectable?> <?php echo maxslots();?>
</span>
</td>
<td class="bottom" align="right"><span class="medium"><?php echo $lang_functions['text_the_time_is_now'] ?><?php echo $datum['hours'].":".$datum['minutes']?><br />
<?php
if (get_user_class() >= $staffmem_class){
$totalreports = $Cache->get_value('staff_report_count');
@@ -3177,9 +3191,8 @@ while ($row = mysql_fetch_assoc($res))
if ($row['pos_state'] == 'sticky' && $CURUSER['appendsticky'] == 'yes')
$stickyicon = "<img class=\"sticky\" src=\"pic/trans.gif\" alt=\"Sticky\" title=\"".$lang_functions['title_sticky']."\" />&nbsp;";
else $stickyicon = "";
print("<td class=\"rowfollow\" width=\"100%\" align=\"left\"><table class=\"torrentname\" width=\"100%\"><tr" . $sphighlight . "><td class=\"embedded\">".$stickyicon."<a $short_torrent_name_alt $mouseovertorrent href=\"details.php?id=".$id."&amp;hit=1\"><b>".htmlspecialchars($dispname)."</b></a>");
$sp_torrent = get_torrent_promotion_append($row['sp_state'],"",true,$row["added"], $row['promotion_time_type'], $row['promotion_until']);
$sp_torrent = get_torrent_promotion_append($row['sp_state'],"",true,$row["added"], $row['promotion_time_type'], $row['promotion_until']);
print("<td class=\"rowfollow\" width=\"100%\" align=\"left\"><table class=\"torrentname\" width=\"100%\"><tr" . $sphighlight . "><td class=\"embedded\">".$stickyicon."<a $short_torrent_name_alt $mouseovertorrent href=\"details.php?id=".$id."&amp;hit=1\"><b>".htmlspecialchars($dispname)."</b></a>" . $sp_torrent);
$picked_torrent = "";
if ($CURUSER['appendpicked'] != 'no'){
if($row['picktype']=="hot")
@@ -3193,7 +3206,8 @@ while ($row = mysql_fetch_assoc($res))
print("<b> (<font class='new'>".$lang_functions['text_new_uppercase']."</font>)</b>");
$banned_torrent = ($row["banned"] == 'yes' ? " <b>(<font class=\"striking\">".$lang_functions['text_banned']."</font>)</b>" : "");
print($banned_torrent.$picked_torrent.$sp_torrent);
print($banned_torrent.$picked_torrent);
$tags = torrentTags($row['tags'], 'span');
if ($displaysmalldescr){
//small descr
$dissmall_descr = trim($row["small_descr"]);
@@ -3203,8 +3217,10 @@ while ($row = mysql_fetch_assoc($res))
{
$dissmall_descr=mb_substr($dissmall_descr, 0, $max_lenght_of_small_descr-2,"UTF-8") . "..";
}
print($dissmall_descr == "" ? "" : "<br />".htmlspecialchars($dissmall_descr));
}
print($dissmall_descr == "" ? "" : "<br />".$tags.htmlspecialchars($dissmall_descr));
} else {
print("<br />$tags");
}
print("</td>");
if ($enablePtGen && !empty($row['pt_gen'])) {
echo $ptGen->renderTorrentsPageAverageRating(json_decode($row['pt_gen'], true));
@@ -4421,6 +4437,68 @@ function return_category_image($categoryid, $link="")
/******************************************** bellow functioons avaliable since v1.6 ***********************************************************/
function get_requestcount()
{
global $CURUSER, $Cache;
//return;
$CURUSERID = 0 + $CURUSER['id'];
if (!$count = $Cache->get_value($CURUSERID . '_get_requestcount')) {
$row = @mysql_fetch_array(sql_query(" SELECT count(*) FROM requests LEFT JOIN resreq ON reqid=requests.id WHERE reqid>0 and finish = 'no' and userid= " . $CURUSERID));
$count = ($row[0] ? " style='background: none red;' " : " style='' ");
$Cache->cache_value($CURUSERID . '_get_requestcount', $count, 120);
}
return $count;
}
function torrentTags($tags = 0, $type = 'checkbox')
{
global $lang_functions;
$tagsOptions = [
[
'text' => $lang_functions['text_tag_no_release_to_any_other'],
'color' => '#D74D4D',
],
[
'text' => $lang_functions['text_tag_first_release'],
'color' => '#8F77B5',
],
[
'text' => $lang_functions['text_tag_official'],
'color' => '#2F7DB8',
],
[
'text' => $lang_functions['text_tag_diy'],
'color' => '#787878',
],
[
'text' => $lang_functions['text_tag_mother_language'],
'color' => '#FFAA32',
],
[
'text' => $lang_functions['text_tag_mother_language_subtitle'],
'color' => '#91B493',
],
];
$html = '';
foreach ($tagsOptions as $key => $value) {
$currentValue = pow(2, $key);
if ($type == 'checkbox') {
$checked = '';
if ($currentValue & $tags) {
$checked = 'checked';
}
$html .= sprintf(
'<label><input type="checkbox" name="tags[]" value="%s" %s />%s</label>',
$currentValue, $checked, $value['text']
);
}
if ($type == 'span' && ($currentValue & $tags)) {
$html .= "<span style=\"background-color:{$value['color']};color:white;border-radius:15%\">{$value['text']}</span> ";
}
}
return $html;
}
function saveSetting($prefix, $nameAndValue)
{
$prefix = strtolower($prefix);
lang/chs/lang_functions.php
+6 -3
View File
@@ -233,9 +233,7 @@ $lang_functions = array
'col_to_make_a' => "得到...",
'text_year' => "",
'text_month' => "",
'text_day' => "",
'text_hour' => "",
'text_min' => "",
'select_color' => "颜色",
'select_font' => "字体",
'select_size' => "字号",
@@ -251,7 +249,6 @@ $lang_functions = array
'text_reply' => "回复",
'submit_submit' => "提交",
'submit_preview' => "预览",
'text_tags' => "标签",
'row_subject' => "主题",
'row_body' => "正文",
'text_peasant' => "Peasant",
@@ -298,6 +295,12 @@ $lang_functions = array
'imdb_cache_dir_is_not_writeable' => 'imdb 缓存目录不可写',
'imdb_photo_dir_can_not_create' => 'imdb 图片目录无法创建',
'imdb_photo_dir_is_not_writeable' => 'imdb 图片目录不可写',
'text_tag_no_release_to_any_other' => '禁转',
'text_tag_first_release' => '首发',
'text_tag_official' => '官方',
'text_tag_diy' => '自制',
'text_tag_mother_language' => '国语',
'text_tag_mother_language_subtitle' => '中字',
);
?>
lang/chs/lang_viewrequests.php
+21
View File
@@ -0,0 +1,21 @@
<?php
$lang_viewrequests = [
'page_title' => '求种区',
'add_request' => '添加',
'view_request_all' => '查看所有',
'view_request_resolved' => '查看已解决',
'view_request_unresolved' => '查看未解决',
'view_request_resolving' => '查看解决中',
'view_request_my' => '查看我发布的',
'thead_name' => '名称',
'thead_price_newest' => '最新出价',
'thead_price_original' => '原始出价',
'thead_comment_count' => '评论数',
'thead_on_request_count' => '应求数',
'thead_request_user' => '求种者',
'thead_created_at' => '时间',
'thead_status' => '状态',
'request_status_resolved' => '求种成功',
'request_status_resolving' => '求种中',
'action_search' => '搜索',
];
lang/cht/lang_functions.php
+6 -1
View File
@@ -251,7 +251,6 @@ $lang_functions = array
'text_reply' => "回復",
'submit_submit' => "提交",
'submit_preview' => "預覽",
'text_tags' => "標籤",
'row_subject' => "主題",
'row_body' => "正文",
'text_peasant' => "Peasant",
@@ -297,6 +296,12 @@ $lang_functions = array
'imdb_cache_dir_is_not_writeable' => 'imdb 緩存目錄不可寫',
'imdb_photo_dir_can_not_create' => 'imdb 圖片目錄無法創建',
'imdb_photo_dir_is_not_writeable' => 'imdb 圖片目錄不可寫',
'text_tag_no_release_to_any_other' => '禁轉',
'text_tag_first_release' => '首發',
'text_tag_official' => '官方',
'text_tag_diy' => '自制',
'text_tag_mother_language' => '國語',
'text_tag_mother_language_subtitle' => '中字',
);
?>
lang/cht/lang_viewrequests.php
+5
View File
@@ -0,0 +1,5 @@
<?php
$lang_viewrequests = [
'page_title' => 'Requests',
''
];
lang/en/lang_functions.php
+6 -1
View File
@@ -251,7 +251,6 @@ $lang_functions = array
'text_reply' => "Reply",
'submit_submit' => "Submit",
'submit_preview' => "Preview",
'text_tags' => "Tags",
'row_subject' => "Subject",
'row_body' => "Body",
'text_peasant' => "Peasant",
@@ -298,6 +297,12 @@ $lang_functions = array
'imdb_cache_dir_is_not_writeable' => 'imdb cache dir is not writeable',
'imdb_photo_dir_can_not_create' => 'imdb photo dir can not create',
'imdb_photo_dir_is_not_writeable' => 'imdb photo dir is not writeable',
'text_tag_no_release_to_any_other' => 'No release to any other',
'text_tag_first_release' => 'First release',
'text_tag_official' => 'Official',
'text_tag_diy' => 'DIY',
'text_tag_mother_language' => 'Mother language',
'text_tag_mother_language_subtitle' => 'Mother language subtitle',
);
?>
lang/en/lang_viewrequests.php
+5
View File
@@ -0,0 +1,5 @@
<?php
$lang_viewrequests = [
'page_title' => 'Requests',
''
];
public/edit.php
+1
View File
@@ -132,6 +132,7 @@ else {
tr($lang_edit['row_content'],$team_select,1);
}
tr($lang_functions['text_tags'], torrentTags($row['tags'], 'checkbox'), 1);
tr($lang_edit['row_check'], "<input type=\"checkbox\" name=\"visible\"" . ($row["visible"] == "yes" ? " checked=\"checked\"" : "" ) . " value=\"1\" /> ".$lang_edit['checkbox_visible']."&nbsp;&nbsp;&nbsp;".(get_user_class() >= $beanonymous_class || get_user_class() >= $torrentmanage_class ? "<input type=\"checkbox\" name=\"anonymous\"" . ($row["anonymous"] == "yes" ? " checked=\"checked\"" : "" ) . " value=\"1\" />".$lang_edit['checkbox_anonymous_note']."&nbsp;&nbsp;&nbsp;" : "").(get_user_class() >= $torrentmanage_class ? "<input type=\"checkbox\" name=\"banned\"" . (($row["banned"] == "yes") ? " checked=\"checked\"" : "" ) . " value=\"yes\" /> ".$lang_edit['checkbox_banned'] : ""), 1);
if (get_user_class()>= $torrentsticky_class || (get_user_class() >= $torrentmanage_class && $CURUSER["picker"] == 'yes')){
$pickcontent = "";
public/takeedit.php
+2
View File
@@ -55,6 +55,8 @@ if (!empty($_POST['pt_gen'])) {
$updateset[] = "pt_gen = ''";
}
$updateset[] = "tags = " . array_sum($_POST['tags']);
if ($enablenfo_main=='yes'){
$nfoaction = $_POST['nfoaction'];
if ($nfoaction == "update")
public/takeupload.php
+2 -2
View File
@@ -342,8 +342,8 @@ if (empty($url) && !empty($ptGenImdbLink)) {
$url = str_replace('tt', '', $ptGenImdbInfo['id']);
}
$ret = sql_query("INSERT INTO torrents (filename, owner, visible, anonymous, name, size, numfiles, type, url, small_descr, descr, ori_descr, category, source, medium, codec, audiocodec, standard, processing, team, save_as, sp_state, added, last_action, nfo, info_hash, pt_gen) VALUES (".sqlesc($fname).", ".sqlesc($CURUSER["id"]).", 'yes', ".sqlesc($anonymous).", ".sqlesc($torrent).", ".sqlesc($totallen).", ".count($filelist).", ".sqlesc($type).", ".sqlesc($url).", ".sqlesc($small_descr).", ".sqlesc($descr).", ".sqlesc($descr).", ".sqlesc($catid).", ".sqlesc($sourceid).", ".sqlesc($mediumid).", ".sqlesc($codecid).", ".sqlesc($audiocodecid).", ".sqlesc($standardid).", ".sqlesc($processingid).", ".sqlesc($teamid).", ".sqlesc($dname).", ".sqlesc($sp_state) .
", " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc(date("Y-m-d H:i:s")) . ", ".sqlesc($nfo).", " . sqlesc($infohash). ", " . sqlesc(json_encode($postPtGen)) . ")");
$ret = sql_query("INSERT INTO torrents (filename, owner, visible, anonymous, name, size, numfiles, type, url, small_descr, descr, ori_descr, category, source, medium, codec, audiocodec, standard, processing, team, save_as, sp_state, added, last_action, nfo, info_hash, pt_gen, tags) VALUES (".sqlesc($fname).", ".sqlesc($CURUSER["id"]).", 'yes', ".sqlesc($anonymous).", ".sqlesc($torrent).", ".sqlesc($totallen).", ".count($filelist).", ".sqlesc($type).", ".sqlesc($url).", ".sqlesc($small_descr).", ".sqlesc($descr).", ".sqlesc($descr).", ".sqlesc($catid).", ".sqlesc($sourceid).", ".sqlesc($mediumid).", ".sqlesc($codecid).", ".sqlesc($audiocodecid).", ".sqlesc($standardid).", ".sqlesc($processingid).", ".sqlesc($teamid).", ".sqlesc($dname).", ".sqlesc($sp_state) .
", " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc(date("Y-m-d H:i:s")) . ", ".sqlesc($nfo).", " . sqlesc($infohash). ", " . sqlesc(json_encode($postPtGen)) . ", " . array_sum($_POST['tags']) . ")");
if (!$ret) {
if (mysql_errno() == 1062)
bark($lang_takeupload['std_torrent_existed']);
public/torrents.php
+2 -2
View File
@@ -859,10 +859,10 @@ if ($count)
list($pagertop, $pagerbottom, $limit) = pager($torrentsperpage, $count, "?" . $addparam);
if ($allsec == 1 || $enablespecial != 'yes'){
$query = "SELECT torrents.id, torrents.sp_state, torrents.promotion_time_type, torrents.promotion_until, torrents.banned, torrents.picktype, torrents.pos_state, torrents.category, torrents.source, torrents.medium, torrents.codec, torrents.standard, torrents.processing, torrents.team, torrents.audiocodec, torrents.leechers, torrents.seeders, torrents.name, torrents.small_descr, torrents.times_completed, torrents.size, torrents.added, torrents.comments,torrents.anonymous,torrents.owner,torrents.url,torrents.cache_stamp,torrents.pt_gen FROM torrents ".($search_area == 3 || $column == "owner" ? "LEFT JOIN users ON torrents.owner = users.id " : "")." $where $orderby $limit";
$query = "SELECT torrents.id, torrents.sp_state, torrents.promotion_time_type, torrents.promotion_until, torrents.banned, torrents.picktype, torrents.pos_state, torrents.category, torrents.source, torrents.medium, torrents.codec, torrents.standard, torrents.processing, torrents.team, torrents.audiocodec, torrents.leechers, torrents.seeders, torrents.name, torrents.small_descr, torrents.times_completed, torrents.size, torrents.added, torrents.comments,torrents.anonymous,torrents.owner,torrents.url,torrents.cache_stamp,torrents.pt_gen,tags FROM torrents ".($search_area == 3 || $column == "owner" ? "LEFT JOIN users ON torrents.owner = users.id " : "")." $where $orderby $limit";
}
else{
$query = "SELECT torrents.id, torrents.sp_state, torrents.promotion_time_type, torrents.promotion_until, torrents.banned, torrents.picktype, torrents.pos_state, torrents.category, torrents.source, torrents.medium, torrents.codec, torrents.standard, torrents.processing, torrents.team, torrents.audiocodec, torrents.leechers, torrents.seeders, torrents.name, torrents.small_descr, torrents.times_completed, torrents.size, torrents.added, torrents.comments,torrents.anonymous,torrents.owner,torrents.url,torrents.cache_stamp,torrents.pt_gen FROM torrents ".($search_area == 3 || $column == "owner" ? "LEFT JOIN users ON torrents.owner = users.id " : "")." LEFT JOIN categories ON torrents.category=categories.id $where $orderby $limit";
$query = "SELECT torrents.id, torrents.sp_state, torrents.promotion_time_type, torrents.promotion_until, torrents.banned, torrents.picktype, torrents.pos_state, torrents.category, torrents.source, torrents.medium, torrents.codec, torrents.standard, torrents.processing, torrents.team, torrents.audiocodec, torrents.leechers, torrents.seeders, torrents.name, torrents.small_descr, torrents.times_completed, torrents.size, torrents.added, torrents.comments,torrents.anonymous,torrents.owner,torrents.url,torrents.cache_stamp,torrents.pt_gen,tags FROM torrents ".($search_area == 3 || $column == "owner" ? "LEFT JOIN users ON torrents.owner = users.id " : "")." LEFT JOIN categories ON torrents.category=categories.id $where $orderby $limit";
}
$res = sql_query($query) or die(mysql_error());
public/upload.php
+1
View File
@@ -149,6 +149,7 @@ stdhead($lang_upload['head_upload']);
{
tr($lang_upload['row_show_uploader'], "<input type=\"checkbox\" name=\"uplver\" value=\"yes\" />".$lang_upload['checkbox_hide_uploader_note'], 1);
}
tr($lang_functions['text_tags'], torrentTags(0, 'checkbox'), 1);
?>
<tr><td class="toolbox" align="center" colspan="2"><b><?php echo $lang_upload['text_read_rules']?></b> <input id="qr" type="submit" class="btn" value="<?php echo $lang_upload['submit_upload']?>" /></td></tr>
</table>
public/viewrequests.php
+465
View File
@@ -0,0 +1,465 @@
<?php
require "../include/bittorrent.php";
dbconn();
require_once(get_langfile_path());
loggedinorreturn();
parked();
$action = isset($_POST['action']) ? htmlspecialchars($_POST['action']) : (isset($_GET['action']) ? htmlspecialchars($_GET['action']) : '');
$allowed_actions = array("list", "new", "newmessage", "view", "edit", "takeedit", "takeadded", "res", "takeres", "addamount", "delete", "confirm", "message", "search");
if (!$action)
if (!empty($_GET['id'])) $action = 'view';
else $action = 'list';
if (!in_array($action, $allowed_actions))
$action = 'list';
else {
$limitorder = $limit = '';
switch ($action) {
case "list":
{
$finished = $_REQUEST['finished'] ?? '';
$finishedlimit = isset($_GET['finished']) ? "finished=" . $_GET['finished'] . "&" : '';
$allowed_finished = array("yes", "no", "all", "ing", "my");
switch ($finished) {
case "yes":
{
$limit = "finish = 'yes'";
break;
}
case "no":
{
$limit = "finish = 'no'";
break;
}
case "all":
{
$limit = "1";
break;
}
case "my":
{
$limit = "1 and userid=" . $CURUSER["id"];
break;
}
case "ing":
{
$limit = "(SELECT count(DISTINCT torrentid) FROM resreq where reqid=requests.id )>=1 and finish = 'no'";
break;
}
default:
{
$limit = "finish = 'no'";
break;
}
}
//if (!in_array($finished, $allowed_finished)){$limit = "finish = 'no'";(get_user_class() >= 13?$limitorder="Totalreq DESC ,":"");}
//else $limit = ( $finished=="all" ? "1" : ( $finished=="all" ? "1" : "finish ='".$finished."'"));
if (!empty($_POST['query'])) $limit = $limit . " and (request like " . sqlesc("%" . $_POST['query'] . "%") . " or descr like " . sqlesc("%" . $_POST['query'] . "%") . ")";
$rows = sql_query("SELECT requests.* FROM requests WHERE " . $limit . " ORDER BY id DESC") or sqlerr(__FILE__, __LINE__);
list($pagertop, $pagerbottom, $limit2) = pager(20, mysql_num_rows($rows), "?$finishedlimit");
//if (mysql_num_rows($rows) == 0) stderr( "没有求种" , "没有符合条件的求种项目,<a href=viewrequests.php?action=new>点击这里增加新求种</a>",0);
//else
{
stdhead($lang_viewrequests['page_title']);
$rows = sql_query("SELECT requests.* ,(SELECT count(DISTINCT torrentid) FROM resreq where reqid=requests.id ) as Totalreq FROM requests WHERE " . $limit . " ORDER BY $limitorder id DESC $limit2") or sqlerr(__FILE__, __LINE__);
print("<h1 align=center>{$lang_viewrequests['page_title']}</h1>");
print("<br><b><a href='viewrequests.php?action=new'>{$lang_viewrequests['add_request']}</a> | <a href='viewrequests.php?finished=all'>{$lang_viewrequests['view_request_all']}</a> | <a href='viewrequests.php?finished=yes'>{$lang_viewrequests['view_request_resolved']}</a> | <a href='viewrequests.php?finished=no'>{$lang_viewrequests['view_request_unresolved']}</a> | <a href='viewrequests.php?finished=ing'>{$lang_viewrequests['view_request_resolving']}</a> | <a href='viewrequests.php?finished=my' " . get_requestcount() . ">{$lang_viewrequests['view_request_my']}</a></b><p>\n");
print("<table width=98% border=1 cellspacing=0 cellpadding=5 style=border-collapse:collapse >\n");
if (mysql_num_rows($rows) == 0) {
print("<tr><td class=colhead align=center>Nothing</td></tr>\n");
} else {
print("<tr><td class=colhead align=left>{$lang_viewrequests['thead_name']}</td><td class=colhead align=center>{$lang_viewrequests['thead_price_newest']}</td><td class=colhead align=center>{$lang_viewrequests['thead_price_original']}</td><td class=colhead align=center>{$lang_viewrequests['thead_comment_count']}</td><td class=colhead align=center>{$lang_viewrequests['thead_on_request_count']}</td><td class=colhead align=center>{$lang_viewrequests['thead_request_user']}</td><td class=colhead align=center>{$lang_viewrequests['thead_created_at']}</td><td class=colhead align=center>{$lang_viewrequests['thead_status']}</td></tr>\n");
while ($row = mysql_fetch_array($rows)) {
print("<tr>
<td align=left class='rowfollow'><a href='viewrequests.php?action=view&id=" . $row["id"] . "'><b>" . $row["request"] . "</b></a></td>
<td align=center class='rowfollow nowrap'><font color=#ff0000><b>" . $row['amount'] . "</b></font></td>
<td align=center class='rowfollow nowrap'>" . $row['ori_amount'] . "</td>
<td align=center class='rowfollow nowrap'>" . ($row['comments']) . "</td><td align=center>" . ($row['Totalreq']) . "</td>
<td align=center class='rowfollow nowrap'>" . get_username($row['userid']) . "</td>
<td align=center class='rowfollow nowrap'>" . gettime($row['added'], true, false) . "</td>
<td align=center class='rowfollow nowrap'>" . ($row['finish'] == "yes" ? $lang_viewrequests['request_status_resolved'] : ($row['userid'] == $CURUSER['id'] ? $lang_viewrequests['request_status_resolving'] : "<a href='viewrequests.php?action=res&id=" . $row["id"] . "'>{$lang_viewrequests['request_status_resolving']}</a>")) . "</td></tr>\n");
}
}
print("</table>\n");
print($pagerbottom);
//print("<br><b><a href=viewrequests.php?action=new>添加</a> <a href=viewrequests.php?finished=all>查看所有</a> <a href=viewrequests.php?finished=yes>查看已解决</a> <a href=viewrequests.php?finished=no>查看未解决</a></b>\n");
print("<table border=1 cellspacing=0 cellpadding=5>\n");
print("<tr><td class=toolbox align=left><form method=\"post\" action='viewrequests.php'>\n");
print("<input type=\"text\" name=\"query\" style=\"width:500px\" >\n");
print("<input type=\"hidden\" name=\"action\" value='list'>");
print("<input type=\"hidden\" name=\"finished\" value='all'>");
print("<input type=submit value='{$lang_viewrequests['action_search']}'></form>\n");
print("</td></tr></table><br />\n");
stdfoot();
}
die;
break;
}
case "view":
{
if (is_numeric($_GET["id"])) {
$id = $_GET["id"];
$res = sql_query("SELECT * FROM requests WHERE id ='" . $_GET["id"] . "'") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) stderr("错误", "ID不存在");
else $arr = mysql_fetch_assoc($res);
stdhead("求种区");
print("<h1 align=center id=top>求种-" . htmlspecialchars($arr["request"]) . "</h1>\n");
print("<table width=940 cellspacing=0 cellpadding=5>\n");
$res = sql_query("SELECT * FROM resreq WHERE reqid ='" . $_GET["id"] . "'" . $limit) or sqlerr(__FILE__, __LINE__);
tr("基本信息", get_username($arr['userid']) . "发表于" . gettime($arr["added"], true, false) . "\n", 1);
tr("悬赏", "最新竞价为" . $arr['amount'] . " 原始竞价为" . $arr["ori_amount"] . "\n", 1);
tr("操作", "<a href='report.php?reportrequestid=" . $id . "' >举报</a>" .
(($arr['userid'] == $CURUSER['id'] || get_user_class() >= 13) && $arr["finish"] == "no" ? " | <a href='viewrequests.php?action=edit&id=" . $id . "' >编辑</a>" : "") . "\n" .
($arr['userid'] == $CURUSER['id'] || $arr["finish"] == "yes" ? "" : " | <a href='viewrequests.php?action=res&id=" . $id . "' >应求</a>\n") .
((get_user_class() >= 13 || $arr['userid'] == $CURUSER['id']) && $arr['finish'] == "no" ? " | <a href='viewrequests.php?action=delete&id=" . $id . "' " . (mysql_num_rows($res) ? ">删除" : "title='回收返还80%魔力值'>回收") . "</a>" : "") . "\n"
, 1);
if ($arr["finish"] == "no") tr("追加悬赏", "<form action=viewrequests.php method=post> <input type=hidden name=action value=addamount><input type=hidden name=reqid value=" . $arr["id"] . "><input size=6 name=amount value=1000 ><input type=submit value=提交 > 追加悬赏每次将扣减25个魔力值作为手续费</form>", 1);
tr("介绍", format_comment(unesc($arr["descr"])), 1);
$limit = ($arr['finish'] == "no" ? "" : " AND chosen = 'yes' ");
$ress = "";
if (mysql_num_rows($res) == 0) $ress = "还没有应求";
else {
if ($arr['userid'] == $CURUSER['id'] || get_user_class() >= 13)
$ress .= "<form action=viewrequests.php method=post>\n<input type=hidden name=action value=confirm > <input type=hidden name=id value=" . $id . " >\n";
while ($row = mysql_fetch_array($res)) {
$each = mysql_fetch_assoc(sql_query("SELECT * FROM torrents WHERE id = '" . $row["torrentid"] . "'"));
if (mysql_num_rows(sql_query("SELECT * FROM torrents WHERE id = '" . $row["torrentid"] . "'")) == 1)
$ress .= (($arr['userid'] == $CURUSER['id'] || get_user_class() >= 13) && $arr['finish'] == "no" ? "<input type=checkbox name=torrentid[] value=" . $each["id"] . ">" : "") . "<a href='details.php?id=" . $each["id"] . "&hit=1' >" . $each["name"] . "</a> " . ($arr['finish'] == "no" ? "" : "by " . get_username($each[owner])) . "<br/>\n";
}
$ress .= "";
if (($arr['userid'] == $CURUSER['id'] || get_user_class() >= 13) && $arr['finish'] == "no")
$ress .= "<input type=submit value=使用勾选的资源作为所需资源>\n";
$ress .= "</form>\n";
}
tr("应求", $ress, 1);
print("</table><br/><br/>\n");
$count = get_row_count("comments", "WHERE request=" . sqlesc($_GET["id"]));
if ($count) {
print("<br /><br />");
print("<h1 align=\"center\" id=\"startcomments\">评论</h1>\n");
list($pagertop, $pagerbottom, $limit) = pager(10, $count, "viewrequests.php?action=view&id=" . $_GET["id"] . "&", array('lastpagedefault' => 1), "page");
$subres = sql_query("SELECT * FROM comments WHERE request=" . sqlesc($_GET["id"]) . " ORDER BY id $limit") or sqlerr(__FILE__, __LINE__);
$allrows = array();
while ($subrow = mysql_fetch_array($subres)) {
$allrows[] = $subrow;
}
print($pagertop);
commenttable($allrows, 'request', $_GET["id"]);
print($pagerbottom);
}
print ("
<table style='border:1px solid #000000;'>
<tr><td class=\"text\" align=\"center\"><b>" . $lang_details['text_quick_comment'] . "</b><br /><br />
<form id=\"compose\" name=\"comment\" method=\"post\" action=\"" . htmlspecialchars("comment.php?action=add&type=request") . "\" onsubmit=\"return postvalid(this);\">
<input type=\"hidden\" name=\"pid\" value=\"" . $id . "\" /><br />");
quickreply('comment', 'body', "添加");
print("</form></td></tr></table>");
print ("
<a class=\"index\" href='comment.php?action=add&pid=$id&type=request'>添加评论</a></td></tr></table>");
stdfoot();
} else stderr("出错了!!!", "ID不存在");
die;
break;
}
case "edit":
{
if (!is_numeric($_GET["id"])) stderr("出错了!!!", "求种ID必须为数字");
$res = sql_query("SELECT * FROM requests WHERE id ='" . $_GET["id"] . "'") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) stderr("出错了!", "该求种已被删除!");
$arr = mysql_fetch_assoc($res);
if ($arr["finish"] == "yes") stderr("出错了!", "该求种已完成!");
if ($arr['userid'] == $CURUSER['id'] || get_user_class() >= 13) {
stdhead("编辑求种");
print(
"<form id=edit method=post name=edit action=viewrequests.php >\n
<input type=hidden name=action value=takeedit >
<input type=hidden name=reqid value=" . $_GET["id"] . " >
");
print("<table width=940 cellspacing=0 cellpadding=3><tr><td class=colhead align=center colspan=2>编辑求种</td></tr>");
tr("标题:", "<input name=request value=\"" . $arr["request"] . "\" size=134 ><br/>", 1);
print("<tr><td class=rowhead align=right valign=top><b>介绍:</b></td><td class=rowfollow align=left>");
textbbcode("edit", "descr", $arr["descr"]);
print("</td></tr>");
print("</td></tr><tr><td class=toolbox align=center colspan=2><input id=qr type=submit class=btn value=编辑求种 ></td></tr></table></form><br />\n");
stdfoot();
die;
} else stderr("出错了!!!", "你没有该权限!!!<a href='viewrequests.php?action=view&id=" . $_GET["id"] . "'>点击这里返回</a>", 0);
}
case "new":
{
if (get_user_class() >= 1) {
stdhead("新增求种");
print(
"<form id=edit method=post name=edit action=viewrequests.php >\n<input type=hidden name=action value=takeadded >\n");
print("<table width=940 cellspacing=0 cellpadding=3><tr><td class=colhead align=center colspan=2>新增求种</td></tr>\n");
tr("标题:", "<input name=request size=134><br/>", 1);
tr("悬赏:", "<input name=amount size=11 value=2000>赏金不得低于100魔力值,每次求种将扣去100魔力值作为手续费。<br/>", 1);
print("<tr><td class=rowhead align=right valign=top><b>介绍:</b></td><td class=rowfollow align=left>");
textbbcode("edit", "descr", $arr["descr"]);
print("</td></tr>");
print("<tr><td class=toolbox style=vertical-align: middle; padding-top: 10px; padding-bottom: 10px; align=center colspan=2><input id=qr type=submit value=新增求种 class=btn /></td></tr></table></form><br />\n");
stdfoot();
die;
} else stderr("出错了!!!", "你没有该权限!!!<a href='viewrequests.php'>点击这里返回</a>", 0);
}
case "newmessage":
{
{
stdhead("回复");
//<input type=hidden name=id value=$id ><br />");
//quickreply('reply', 'message', "我要留言");
//print("</form></td></tr></table>");
$ruserid = 0 + $_GET["userid"];
print(
"<form id=reply name=reply method=post action=viewrequests.php >\n<input type=hidden name=action value=message ><input type=hidden name=id value=" . $_GET["id"] . " >\n");
print("<table width=940 cellspacing=0 cellpadding=3>\n");
print("<tr><td class=rowfollow align=left>");
if ($ruserid) {
textbbcode("reply", "message", "[b]回复:" . get_plain_username($ruserid) . "[/b]\n");
print("<input id=ruserid type=hidden value=$ruserid />");
} else
textbbcode("reply", "message");
print("</td></tr>");
print("</table><input id=qr type=submit value=添加评论 class=btn /></form><br />\n");
stdfoot();
die;
}
}
case "search":
{
{
stdhead("搜索");
print("<table border=1 cellspacing=0 cellpadding=5>\n");
print("<tr><td class=colhead align=left>搜索</td></tr>\n");
print("<tr><td class=toolbox align=left><form method=\"post\" action='viewrequests.php'>\n");
print("<input type=\"text\" name=\"query\" style=\"width:500px\" >\n");
print("<input type=\"hidden\" name=\"action\" value='list'>");
print("<input type=submit value='搜索'></form>\n");
print("</td></tr></table><br />\n");
stdfoot();
die;
}
}
case "takeadded":
{
if (!$_POST["descr"]) stderr("出错了!", "介绍未填!<a href='viewrequests.php?action=new'>点击这里返回</a>", 0);
if (!$_POST["request"]) stderr("出错了!", "名称未填!<a href='viewrequests.php?action=new'>点击这里返回</a>", 0);
if (!$_POST["amount"]) stderr("出错了!", "赏金未填!<a href='viewrequests.php?action=new'>点击这里返回</a>", 0);
if (!is_numeric($_POST["amount"])) stderr("出错了!!!", "赏金必须为数字!<a href=viewrequests.php?action=new>点击这里返回</a>", 0);
$amount = $_POST["amount"];
if ($amount < 100) stderr("出错了!", "发布求种赏金不得小于100个魔力值!<a href='viewrequests.php?action=new'>点击这里返回</a>", 0);
if ($amount > 10000) stderr("出错了!", "发布求种赏金不得大于10000个魔力值!<a href='viewrequests.php?action=new'>点击这里返回</a>", 0);
$amount += 100;
if ($amount + 100 > $CURUSER['seedbonus']) stderr("出错了!", "你没有那么多魔力值!!!<a href='viewrequests.php?action=new'>点击这里返回</a>", 0);
if (get_user_class() >= 1) {
sql_query("UPDATE users SET seedbonus = seedbonus - " . $amount . " WHERE id = " . $CURUSER['id']);
sql_query("INSERT requests ( request , descr, ori_descr ,amount , ori_amount , userid ,added ) VALUES ( " . sqlesc($_POST["request"]) . " , " . sqlesc($_POST["descr"]) . " , " . sqlesc($_POST["descr"]) . " , " . sqlesc($_POST["amount"]) . " , " . sqlesc($_POST["amount"]) . " , " . sqlesc($CURUSER['id']) . " , '" . date("Y-m-d H:i:s") . "' )") or sqlerr(__FILE__, __LINE__);
// shoutbox_into('[rid' . ($id = mysql_insert_id()) . ']');
$id = mysql_insert_id();
stderr("成功", "新增求种成功,<a href='viewrequests.php?action=view&id=" . $id . "'>点击这里返回</a>", 0);
} else stderr("出错了!!!", "你没有该权限!!!<a href='viewrequests.php'>点击这里返回</a>", 0);
die;
break;
}
case "takeedit":
{
if (!is_numeric($_POST["reqid"])) stderr("出错了!!!", "求种ID必须为数字!<a href='viewrequests.php?action=edit&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
$res = sql_query("SELECT * FROM requests WHERE id ='" . $_POST["reqid"] . "'") or sqlerr(__FILE__, __LINE__);
if (!$_POST["descr"]) stderr("出错了!!!", "介绍未填!<a href='viewrequests.php?action=edit&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
if (!$_POST["request"]) stderr("出错了!!!", "名称未填!<a href='viewrequests.php?action=edit&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
if (mysql_num_rows($res) == 0) stderr("出错了!", "该求种已被删除!<a href='viewrequests.php'>点击这里返回</a>", 0);
$arr = mysql_fetch_assoc($res);
if ($arr["finish"] == "yes") stderr("出错了!", "该求种已完成!<a href='viewrequests.php?action=view&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
if ($arr['userid'] == $CURUSER['id'] || get_user_class() >= 13) {
sql_query("UPDATE requests SET descr = " . sqlesc($_POST["descr"]) . " , request = " . sqlesc($_POST["request"]) . " WHERE id ='" . $_POST["reqid"] . "'") or sqlerr(__FILE__, __LINE__);
stderr("成功", "编辑成功,<a href='viewrequests.php?action=view&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
} else stderr("出错了!!!", "你没有该权限!!!<a href='viewrequests.php?action=view&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
die;
break;
}
case "res":
{
stdhead("应求");
stdmsg("我要应求", "
<form action=viewrequests.php method=post>
<input type=hidden name=action value=takeres />
<input type=hidden name=reqid value=\"" . $_GET["id"] . "\" />
请输入种子的ID:http://$BASEURL/details.php?id=<input type=text name=torrentid size=11/>
<input type=submit value=提交></form><a href='viewrequests.php?action=view&id=" . $_GET["id"] . "'>点击这里返回</a>", 0);
stdfoot();
die;
break;
}
case "takeres":
{
if (!is_numeric($_POST["reqid"])) stderr("出错了!!!", "不要试图入侵系统!");
$res = sql_query("SELECT * FROM requests WHERE id ='" . $_POST["reqid"] . "'") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) stderr("出错了!", "该求种已被删除!<a href='viewrequests.php'>点击这里返回</a>", 0);
$arr = mysql_fetch_assoc($res);
if ($arr["finish"] == "yes") stderr("出错了!", "该求种已完成!<a href='viewrequests.php?action=view&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
if (!is_numeric($_POST["torrentid"])) stderr("出错了!!!", "种子ID必须为数字!<a href='viewrequests.php?action=res&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
$res = sql_query("SELECT * FROM torrents WHERE id ='" . $_POST["torrentid"] . "'") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) stderr("出错了!", "该种子不存在!<a href='viewrequests.php?action=res&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
$tor = mysql_fetch_assoc($res);
if ($tor[last_seed] == "0000-00-00 00:00:00") stderr("出错了!!!", "该种子尚未正式发布!<a href='viewrequests.php?action=res&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
if (get_row_count('resreq', "where reqid ='" . $_POST["reqid"] . "' and torrentid='" . $_POST["torrentid"] . "'"))
stderr("出错了!!!", "该应求已经存在!<a href='viewrequests.php?action=res&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
sql_query("INSERT resreq (reqid , torrentid) VALUES ( '" . $_POST["reqid"] . "' , '" . $_POST["torrentid"] . "')");
$added = sqlesc(date("Y-m-d H:i:s"));
$subject = sqlesc("有人应求你的求种请求,请及时确认该应求");
$notifs = sqlesc("求种名称:[url=viewrequests.php?id=$arr[id]] " . $arr['request'] . "[/url],请及时确认该应求.");
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $arr['userid'] . ", $subject, $notifs, $added)") or sqlerr(__FILE__, __LINE__);
stderr("成功", "应求成功,<a href='viewrequests.php?action=view&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
die;
break;
}
case "addamount":
{
if (!is_numeric($_POST["reqid"])) stderr("出错了!!!", "不要试图入侵系统");
$res = sql_query("SELECT * FROM requests WHERE id ='" . $_POST["reqid"] . "'") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) stderr("出错了!", "该求种已被删除!");
$arr = mysql_fetch_assoc($res);
if ($arr["finish"] == "yes") stderr("出错了!", "该求种已完成!");
if (!is_numeric($_POST["amount"])) stderr("出错了!", "赏金必须为数字!");
$amount = $_POST["amount"];
if ($amount < 100) stderr("出错了!", "追加悬赏赏金不得小于100个魔力值!");
if ($amount > 5000) stderr("出错了!", "追加悬赏赏金不得大于5000个魔力值!");
$amount += 25;
if ($amount > $CURUSER['seedbonus']) stderr("出错了!", "你没有那么多魔力值!");
sql_query("UPDATE users SET seedbonus = seedbonus - " . $amount . " WHERE id = " . $CURUSER['id']);
sql_query("UPDATE requests SET amount = amount + " . $_POST["amount"] . " WHERE id = " . $_POST["reqid"]);
stderr("成功", "追加悬赏成功,<a href='viewrequests.php?action=view&id=" . $_POST["reqid"] . "'>点击这里返回</a>", 0);
die;
break;
}
case "delete":
{
if (!is_numeric($_GET["id"])) stderr("出错了!!!", "求种ID必须为数字");
$res = sql_query("SELECT * FROM requests WHERE id ='" . $_GET["id"] . "'") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) stderr("出错了!", "该求种已被删除!");
$arr = mysql_fetch_assoc($res);
if (get_user_class() >= 13 || $arr['userid'] == $CURUSER["id"] && $arr['finish'] == 'no') {
if (!get_row_count("resreq", "WHERE reqid=" . sqlesc($_GET["id"]))) {
KPS("+", $arr['amount'] * 8 / 10, $arr['userid']);
}
sql_query("DELETE FROM requests WHERE id ='" . $_GET["id"] . "'") or sqlerr(__FILE__, __LINE__);
sql_query("DELETE FROM resreq WHERE reqid ='" . $_GET["id"] . "'") or sqlerr(__FILE__, __LINE__);
sql_query("DELETE FROM comments WHERE request ='" . $_GET["id"] . "'") or sqlerr(__FILE__, __LINE__);
stderr("成功", "删除求种成功,<a href='viewrequests.php'>点击这里返回</a>", 0);
} else stderr("出错了!!!", "你没有该权限!!!");
die;
break;
}
case "confirm":
{
if (!is_numeric($_POST["id"])) stderr("出错了!!!", "不要试图入侵系统");
$res = sql_query("SELECT * FROM requests WHERE id ='" . $_POST["id"] . "'") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) stderr("出错了!", "该求种已被删除!");
$arr = mysql_fetch_assoc($res);
if (empty($_POST["torrentid"])) stderr("出错了!", "你没有选择符合条件的应求!");
else $torrentid = $_POST["torrentid"];
if ($arr['userid'] == $CURUSER['id'] || get_user_class() >= 13) {
$amount = $arr["amount"] / count($torrentid);
sql_query("UPDATE requests SET finish = 'yes' WHERE id = " . $_POST["id"]);
sql_query("UPDATE resreq SET chosen = 'yes' WHERE reqid = " . $_POST["id"] . " AND ( torrentid = '" . join("' OR torrentid = '", $torrentid) . "' )") or sqlerr(__FILE__, __LINE__);
sql_query("DELETE FROM resreq WHERE reqid ='" . $_POST["id"] . "' AND chosen = 'no'") or sqlerr(__FILE__, __LINE__);
$res = sql_query("SELECT owner FROM torrents WHERE ( id = '" . join("' OR id = '", $torrentid) . "' ) ") or sqlerr(__FILE__, __LINE__);
while ($row = mysql_fetch_array($res)) {
$owner[] = $row[0];
$added = sqlesc(date("Y-m-d H:i:s"));
$subject = sqlesc("你的种子被人应求");
$notifs = sqlesc("求种名称:[url=viewrequests.php?id=$arr[id]] " . $arr['request'] . "[/url].你获得: $amount 魔力值");
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $row[0] . ", $subject, $notifs, $added)") or sqlerr(__FILE__, __LINE__);
}
sql_query("UPDATE users SET seedbonus = seedbonus + $amount WHERE id = '" . join("' OR id = '", $owner) . "'") or sqlerr(__FILE__, __LINE__);
stderr("成功", "确认成功,<a href='viewrequests.php?action=view&id=" . $_POST["id"] . "'>点击这里返回</a>", 0);
}
}
case "message":
{
if (!is_numeric($_POST["id"])) stderr("出错了!!!", "不要试图入侵系统");
$res = sql_query("SELECT * FROM requests WHERE id ='" . $_POST["id"] . "'") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) stderr("出错了!", "该求种已被删除!");
if (!$_POST["message"]) stderr("出错了!", "留言不能为空!");
$arr = mysql_fetch_assoc($res);
$message = $arr["message"];
$message .= "<tr><td width=240>由" . $CURUSER["username"] . "添加于" . date("Y-m-d H:i:s") . "</td><td>" . $_POST["message"] . "</td></tr>";
//sql_query("UPDATE requests SET message = '".$message."' WHERE id = ".$_POST["id"])or sqlerr(__FILE__, __LINE__);
//sql_query("INSERT reqcommen (user , added ,text ,reqid) VALUES ( '".$CURUSER["id"]."' , ".sqlesc(date("Y-m-d H:i:s"))." , ".sqlesc($_POST["message"])." , '".$_POST["id"]."' )");
sql_query("INSERT INTO comments (user, request, added, text, ori_text) VALUES (" . $CURUSER["id"] . ",{$_POST['id']}, '" . date("Y-m-d H:i:s") . "', " . sqlesc($_POST["message"]) . "," . sqlesc($_POST["message"]) . ")");
if ($CURUSER["id"] <> $arr['userid']) sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $arr['userid'] . ", '你的求种请求收到新回复', " . sqlesc(" [url=viewrequests.php?action=view&id={$_POST['id']}] " . $arr['request'] . "[/url].") . ", " . sqlesc(date("Y-m-d H:i:s")) . ")") or sqlerr(__FILE__, __LINE__);
$ruserid = 0 + $_POST["ruserid"];
if ($ruserid <> $CURUSER["id"] && $ruserid <> $arr['userid']) sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $ruserid . ", '你的求种评论收到新回复', " . sqlesc(" [url=viewrequests.php?action=view&id={$_POST['id']}] " . $arr['request'] . "[/url].") . ", " . sqlesc(date("Y-m-d H:i:s")) . ")") or sqlerr(__FILE__, __LINE__);
header("Location: viewrequests.php?action=view&id=" . $_POST['id']);
}
}
}
die;
?>