". "\n"); $s = "\n".$lang_offers['select_type_select']."\n"; $cats = genrelist($browsecatmode); foreach ($cats as $row) $s .= "" . htmlspecialchars($row["name"]) . "\n"; $s .= "\n"; print("". "". "

".$lang_offers['text_offers_open_to_all']."
".$lang_offers['row_type']."*	$s
".$lang_offers['row_title']."*	". "
".$lang_offers['row_post_or_photo']."	". " ".$lang_offers['text_link_to_picture']."
".$lang_offers['row_description']."*	\n"); textbbcode("compose","body",$body,false, 130, true); print("

\n"); stdfoot(); die; } //=== end add offer //=== take new offer if (isset($_GET['new_offer']) && $_GET["new_offer"]){ user_can('addoffer', true); $new_offer = intval($_GET["new_offer"] ?? 0); if($new_offer != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $userid = intval($CURUSER["id"] ?? 0); if (preg_match("/^[0-9]+$/", !$userid)) stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $name = $_POST["name"]; if ($name == "") bark($lang_offers['std_must_enter_name']); $cat = intval($_POST["type"] ?? 0); if (!is_valid_id($cat)) bark($lang_offers['std_must_select_category']); $descrmain = unesc($_POST["body"]); if (!$descrmain) bark($lang_offers['std_must_enter_description']); if (!empty($_POST['picture'])){ $picture = unesc($_POST["picture"]); if(!preg_match("/^https?:\/\/[^\s'\"<>]+\.(jpg|gif|png)$/i", $picture)) stderr($lang_offers['std_error'], $lang_offers['std_wrong_image_format']); $pic = "[img]".$picture."[/img]\n"; } $descr = $pic; $descr .= $descrmain; $res = sql_query("SELECT name FROM offers WHERE name =".sqlesc($_POST['name'])) or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_assoc($res); if (!$arr['name']){ //===add karma //=== uncomment if you use the mod //sql_query("UPDATE users SET seedbonus = seedbonus+10.0 WHERE id = $CURUSER['id']") or sqlerr(__FILE__, __LINE__); //===end $ret = sql_query("INSERT INTO offers (userid, name, descr, category, added) VALUES (" . implode(",", array_map("sqlesc", array($CURUSER["id"], $name, $descr, intval($_POST["type"] ?? 0)))) . ", '" . date("Y-m-d H:i:s") . "')"); if (!$ret) { if (mysql_errno() == 1062) bark("!!!"); bark("mysql puked: ".mysql_error()); } $id = mysql_insert_id(); // add new offer message to staffmessage \App\Models\StaffMessage::query()->insert([ 'sender' => $CURUSER['id'], 'subject' => nexus_trans('offer.msg_new_offer_subject'), 'msg' => nexus_trans('offer.msg_new_offer_msg', [ 'username' => "[url=userdetails.php?id={$CURUSER['id']}]{$CURUSER['username']}[/url]", 'offername' => "[url=offers.php?id={$id}&off_details=1]{$name}[/url]"]), 'added' => now(), ]); clear_staff_message_cache(); write_log("offer $name was added by ".$CURUSER['username'],'normal'); header("Location: offers.php?id=$id&off_details=1"); stdhead($lang_offers['head_success']); } else{ stderr ($lang_offers['std_error'], $lang_offers['std_offer_exists']."".$lang_offers['text_view_all_offers']."",false); } stdfoot(); die; } //==end take new offer //=== offer details if (isset($_GET['off_details']) && $_GET["off_details"]){ $off_details = intval($_GET["off_details"] ?? 0); if($off_details != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $id = intval($_GET["id"] ?? 0); if(!$id) die(); //stderr("Error", "I smell a rat!"); $res = sql_query("SELECT * FROM offers WHERE id = $id") or sqlerr(__FILE__,__LINE__); $num = mysql_fetch_array($res); if (!$num) { bark($lang_offers['text_nothing_found']); } $s = $num["name"]; stdhead($lang_offers['head_offer_detail_for']." \"".$s."\""); print("

".htmlspecialchars($s)."

"); print(""); $offertime = gettime($num['added'],true,false); if ($CURUSER['timetype'] != 'timealive') $offertime = $lang_offers['text_at'].$offertime; else $offertime = $lang_offers['text_blank'].$offertime; tr($lang_offers['row_info'], $lang_offers['text_offered_by'].get_username($num['userid']).$offertime, 1); if ($num["allowed"] == "pending") $status="".$lang_offers['text_pending'].""; elseif ($num["allowed"] == "allowed") $status="".$lang_offers['text_allowed'].""; else $status="".$lang_offers['text_denied'].""; tr($lang_offers['row_status'], $status, 1); //=== if you want to have a pending thing for uploaders use this next bit if (user_can('offermanage') && $num["allowed"] == "pending") tr($lang_offers['row_allow'], "

". "

". "

", 1); $zres = sql_query("SELECT COUNT(*) from offervotes where vote='yeah' and offerid=$id"); $arr = mysql_fetch_row($zres); $za = $arr[0]; $pres = sql_query("SELECT COUNT(*) from offervotes where vote='against' and offerid=$id"); $arr2 = mysql_fetch_row($pres); $protiv = $arr2[0]; //=== in the following section, there is a line to report comment... either remove the link or change it to work with your report script :) //if pending if ($num["allowed"] == "pending"){ tr($lang_offers['row_vote'], "". "".$lang_offers['text_for']."".(user_can('againstoffer') ? " - ". "".$lang_offers['text_against']."" : ""), 1); tr($lang_offers['row_vote_results'], "".$lang_offers['text_for'].": $za ".$lang_offers['text_against']." $protiv     ".$lang_offers['text_see_vote_detail']."", 1); } //===upload torrent message if ($num["allowed"] == "allowed" && $CURUSER["id"] != $num["userid"]) tr($lang_offers['row_offer_allowed'], $lang_offers['text_voter_receives_pm_note'], 1); if ($num["allowed"] == "allowed" && $CURUSER["id"] == $num["userid"]){ tr($lang_offers['row_offer_allowed'], $lang_offers['text_urge_upload_offer_note'], 1); } if ($CURUSER['id'] == $num['userid'] || user_can('offermanage')){ $edit = " ".$lang_offers['text_edit_offer'] . " | "; $delete = " ".$lang_offers['text_delete_offer']." | "; } $report = " ".$lang_offers['report_offer'].""; tr($lang_offers['row_action'], $edit . $delete .$report, 1); if ($num["descr"]){ $off_bb = format_comment($num["descr"]); tr($lang_offers['row_description'], $off_bb, 1); } print(""); // -----------------COMMENT SECTION ---------------------// $commentbar = "

".$lang_offers['text_add_comment']."

\n"; $subres = sql_query("SELECT COUNT(*) FROM comments WHERE offer = $id"); $subrow = mysql_fetch_array($subres); $count = $subrow[0]; if (!$count) { print("

".$lang_offers['text_no_comments']."

\n"); } else { list($pagertop, $pagerbottom, $limit) = pager(10, $count, "offers.php?id=$id&off_details=1&", array('lastpagedefault' => 1)); $subres = sql_query("SELECT id, text, user, added, editedby, editdate FROM comments WHERE offer = " . sqlesc($id) . " ORDER BY id $limit") or sqlerr(__FILE__, __LINE__); $allrows = array(); while ($subrow = mysql_fetch_array($subres)) $allrows[] = $subrow; //end_frame(); //print($commentbar); print($pagertop); commenttable($allrows,"offer",$id); print($pagerbottom); } print("". "

".$lang_offers['text_quick_comment']." ". " ". " "); quickreply('comment', 'body',$lang_offers['submit_add_comment']); print("

"); print($commentbar); stdfoot(); die; } //=== end offer details //=== allow offer by staff if (isset($_GET["allow_offer"]) && $_GET["allow_offer"]) { if (!user_can('offermanage')) stderr($lang_offers['std_access_denied'], $lang_offers['std_mans_job']); $allow_offer = intval($_GET["allow_offer"] ?? 0); if($allow_offer != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); //=== to allow the offer credit to S4NE for this next bit :) //if ($_POST["offerid"]){ $offid = intval($_POST["offerid"] ?? 0); if(!is_valid_id($offid)) stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $res = sql_query("SELECT users.username, offers.userid, offers.name FROM offers inner join users on offers.userid = users.id where offers.id = $offid") or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_assoc($res); $locale = get_user_locale($arr["userid"]); if ($offeruptimeout_main){ $timeouthour = floor($offeruptimeout_main/3600); $timeoutnote = nexus_trans("offer.msg_you_must_upload_in", [], $locale).$timeouthour.nexus_trans("offer.msg_hours_otherwise", [], $locale); } else $timeoutnote = ""; $msg = $CURUSER['username'].nexus_trans("offer.msg_has_allowed", [], $locale)."[b][url=". get_protocol_prefix() . $BASEURL ."/offers.php?id=$offid&off_details=1]" . $arr['name'] . "[/url][/b]. ".nexus_trans("offer.msg_find_offer_option", [], $locale).$timeoutnote; $subject = nexus_trans("offer.msg_your_offer_allowed", [], $locale); $allowedtime = date("Y-m-d H:i:s"); //sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, {$arr['userid']}, '" . $allowedtime . "', " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); \App\Models\Message::add([ 'sender' => 0, 'receiver' => $arr['userid'], 'msg' => $msg, 'subject' => $subject, 'added' => $allowedtime, ]); sql_query ("UPDATE offers SET allowed = 'allowed', allowedtime = '".$allowedtime."' WHERE id = $offid") or sqlerr(__FILE__,__LINE__); write_log("{$CURUSER['username']} allowed offer {$arr['name']}",'normal'); header("Location: " . get_protocol_prefix() . "$BASEURL/offers.php?id=$offid&off_details=1"); } //=== end allow the offer //=== allow offer by vote if (isset($_GET["finish_offer"]) && $_GET["finish_offer"]) { if (!user_can('offermanage')) stderr($lang_offers['std_access_denied'], $lang_offers['std_have_no_permission']); $finish_offer = intval($_GET["finish_offer"] ?? 0); if($finish_offer != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $offid = intval($_POST["finish"] ?? 0); if(!is_valid_id($offid)) stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $res = sql_query("SELECT users.username, offers.userid, offers.name FROM offers inner join users on offers.userid = users.id where offers.id = $offid") or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_assoc($res); $locale = get_user_locale($arr["userid"]); $voteresyes = sql_query("SELECT COUNT(*) from offervotes where vote='yeah' and offerid=$offid"); $arryes = mysql_fetch_row($voteresyes); $yes = $arryes[0]; $voteresno = sql_query("SELECT COUNT(*) from offervotes where vote='against' and offerid=$offid"); $arrno = mysql_fetch_row($voteresno); $no = $arrno[0]; if($yes == '0' && $no == '0') stderr($lang_offers['std_sorry'], $lang_offers['std_no_votes_yet']."".$lang_offers['std_back_to_offer_detail']."",false); $finishvotetime = date("Y-m-d H:i:s"); if (($yes - $no)>=$minoffervotes){ if ($offeruptimeout_main){ $timeouthour = floor($offeruptimeout_main/3600); $timeoutnote = nexus_trans("offer.msg_you_must_upload_in", [], $locale).$timeouthour.nexus_trans("offer.msg_hours_otherwise", [], $locale); } else $timeoutnote = ""; $msg = nexus_trans("offer.msg_offer_voted_on", [], $locale)."[b][url=" . get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr['name'] . "[/url][/b].". nexus_trans("offer.msg_find_offer_option", [], $locale).$timeoutnote; sql_query ("UPDATE offers SET allowed = 'allowed',allowedtime ='".$finishvotetime."' WHERE id = $offid") or sqlerr(__FILE__,__LINE__); } else if(($no - $yes)>=$minoffervotes){ $msg = nexus_trans("offer.msg_offer_voted_off", [], $locale)."[b][url=". get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr['name'] . "[/url][/b].".nexus_trans("offer.msg_offer_deleted", [], $locale) ; sql_query ("UPDATE offers SET allowed = 'denied' WHERE id = $offid") or sqlerr(__FILE__,__LINE__); } //===use this line if you DO HAVE subject in your PM system $subject = nexus_trans("offer.msg_your_offer", [], $locale).$arr['name'].nexus_trans("offer.msg_voted_on", [], $locale); \App\Models\Message::add([ 'sender' => 0, 'subject' => $subject, 'receiver' => $arr['userid'], 'added' => $finishvotetime, 'msg' => $msg, ]); //===use this line if you DO NOT subject in your PM system //sql_query("INSERT INTO messages (sender, receiver, added, msg) VALUES(0, $arr['userid'], '" . date("Y-m-d H:i:s") . "', " . sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__); write_log("{$CURUSER['username']} closed poll {$arr['name']}",'normal'); header("Location: " . get_protocol_prefix() . "$BASEURL/offers.php?id=$offid&off_details=1"); die; } //===end allow offer by vote //=== edit offer if (isset($_GET["edit_offer"]) && $_GET["edit_offer"]) { $edit_offer = intval($_GET["edit_offer"] ?? 0); if($edit_offer != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $id = intval($_GET["id"] ?? 0); $res = sql_query("SELECT * FROM offers WHERE id = $id") or sqlerr(__FILE__, __LINE__); $num = mysql_fetch_array($res); $timezone = $num["added"]; $s = $num["name"]; $id2 = $num["category"]; if ($CURUSER["id"] != $num["userid"] && !user_can('offermanage')) stderr($lang_offers['std_error'], $lang_offers['std_cannot_edit_others_offer']); $body = htmlspecialchars(unesc($num["descr"])); $s2 = "\n"; $cats = genrelist($browsecatmode); foreach ($cats as $row) $s2 .= "" . htmlspecialchars($row["name"]) . "\n"; $s2 .= "\n"; stdhead($lang_offers['head_edit_offer'].": $s"); $title = htmlspecialchars(trim($s)); print("

". ""); tr($lang_offers['row_type']."*", $s2, 1); tr($lang_offers['row_title']."*", "", 1); tr($lang_offers['row_post_or_photo'], "
".$lang_offers['text_link_to_picture'], 1); print(""); print("

".$lang_offers['text_edit_offer']."
".$lang_offers['row_description']."*	"); textbbcode("compose","body",$body, false, 130, true); print("

\n"); stdfoot(); die; } //=== end edit offer //==== take offer edit if (isset($_GET["take_off_edit"]) && $_GET["take_off_edit"]){ $take_off_edit = intval($_GET["take_off_edit"] ?? 0); if($take_off_edit != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $id = intval($_GET["id"] ?? 0); $res = sql_query("SELECT userid FROM offers WHERE id = $id") or sqlerr(__FILE__, __LINE__); $num = mysql_fetch_array($res); if ($CURUSER['id'] != $num['userid'] && !user_can('offermanage')) stderr($lang_offers['std_error'], $lang_offers['std_access_denied']); $name = $_POST["name"]; if (!empty($_POST['picture'])){ $picture = unesc($_POST["picture"]); if(!preg_match("/^https?:\/\/[^\s'\"<>]+\.(jpg|gif|png)$/i", $picture)) stderr($lang_offers['std_error'], $lang_offers['std_wrong_image_format']); $pic = "[img]".$picture."[/img]\n"; } $descr = "$pic"; $descr .= unesc($_POST["body"]); if (!$name) bark($lang_offers['std_must_enter_name']); if (!$descr) bark($lang_offers['std_must_enter_description']); $cat = intval($_POST["category"] ?? 0); if (!is_valid_id($cat)) bark($lang_offers['std_must_select_category']); $name = sqlesc($name); $descr = sqlesc($descr); $cat = sqlesc($cat); sql_query("UPDATE offers SET category=$cat, name=$name, descr=$descr where id=".sqlesc($id)); //header("Location: offers.php?id=$id&off_details=1"); } //======end take offer edit //=== offer votes list if (isset($_GET["offer_vote"]) && $_GET["offer_vote"]){ $offer_vote = intval($_GET["offer_vote"] ?? 0); if($offer_vote != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $offerid = htmlspecialchars(intval($_GET['id'] ?? 0)); $res2 = sql_query("SELECT COUNT(*) FROM offervotes WHERE offerid = ".sqlesc($offerid)) or sqlerr(__FILE__, __LINE__); $row = mysql_fetch_array($res2); $count = $row[0]; $offername = get_single_value("offers","name","WHERE id=".sqlesc($offerid)); stdhead($lang_offers['head_offer_voters']." - \"".$offername."\""); print("

".$lang_offers['text_vote_results_for']." ".htmlspecialchars($offername)."

"); $perpage = 25; list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["PHP_SELF"] ."?id=".$offerid."&offer_vote=1&"); $res = sql_query("SELECT * FROM offervotes WHERE offerid=".sqlesc($offerid)." ".$limit) or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) == 0) print("

".$lang_offers['std_no_votes_yet']."

\n"); else { echo $pagertop; print("\n"); while ($arr = mysql_fetch_assoc($res)) { if ($arr['vote'] == 'yeah') $vote = "".$lang_offers['text_for'].""; elseif ($arr['vote'] == 'against') $vote = "".$lang_offers['text_against'].""; else $vote = "unknown"; print("\n"); } print("

".$lang_offers['col_user']."	".$lang_offers['col_vote']."
" . get_username($arr['userid']) . "	".$vote."

\n"); echo $pagerbottom; } stdfoot(); die; } //=== end offer votes list //=== offer votes if (isset($_GET["vote"]) && $_GET["vote"]){ $offerid = htmlspecialchars(intval($_GET["id"] ?? 0)); $vote = htmlspecialchars($_GET["vote"]); if ($vote == 'against' && !user_can('againstoffer')) stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); if ($vote =='yeah' || $vote =='against') { $userid = intval($CURUSER["id"] ?? 0); $res = sql_query("SELECT * FROM offervotes WHERE offerid=".sqlesc($offerid)." AND userid=".sqlesc($userid)) or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_assoc($res); $voted = $arr; $offer_userid = get_single_value("offers", "userid", "WHERE id=".sqlesc($offerid)); if ($offer_userid == $CURUSER['id']) { stderr($lang_offers['std_error'], $lang_offers['std_cannot_vote_youself']); } elseif ($voted) { stderr($lang_offers['std_already_voted'],$lang_offers['std_already_voted_note']."".$lang_offers['std_back_to_offer_detail'] ,false); } else { $res = sql_query("SELECT users.username, offers.userid, offers.name FROM offers LEFT JOIN users ON offers.userid = users.id WHERE offers.id = ".sqlesc($offerid)) or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_assoc($res); if (!$arr) { bark($lang_offers['text_nothing_found']); } sql_query("UPDATE offers SET $vote = $vote + 1 WHERE id=".sqlesc($offerid)) or sqlerr(__FILE__,__LINE__); $locale = get_user_locale($arr['userid']); $rs = sql_query("SELECT yeah, against, allowed FROM offers WHERE id=".sqlesc($offerid)) or sqlerr(__FILE__,__LINE__); $ya_arr = mysql_fetch_assoc($rs); $yeah = $ya_arr["yeah"]; $against = $ya_arr["against"]; $finishtime = date("Y-m-d H:i:s"); //allowed and send offer voted on message if(($yeah-$against)>=$minoffervotes && $ya_arr['allowed'] != "allowed") { if ($offeruptimeout_main){ $timeouthour = floor($offeruptimeout_main/3600); $timeoutnote = nexus_trans("offer.msg_you_must_upload_in", [], $locale).$timeouthour.nexus_trans("offer.msg_hours_otherwise", [], $locale); } else $timeoutnote = ""; sql_query("UPDATE offers SET allowed='allowed', allowedtime=".sqlesc($finishtime)." WHERE id=".sqlesc($offerid)) or sqlerr(__FILE__,__LINE__); $msg = nexus_trans("offer.msg_offer_voted_on", [], $locale)."[b][url=". get_protocol_prefix() . $BASEURL."/offers.php?id=$offerid&off_details=1]" . $arr['name'] . "[/url][/b].". nexus_trans("offer.msg_find_offer_option", [], $locale).$timeoutnote; $subject = nexus_trans("offer.msg_your_offer_allowed", [], $locale); \App\Models\Message::add([ 'sender' => 0, 'receiver' => $arr['userid'], 'msg' => $msg, 'subject' => $subject, 'added' => now(), ]); write_log("System allowed offer {$arr['name']}",'normal'); } //denied and send offer voted off message if(($against-$yeah)>=$minoffervotes && $ya_arr['allowed'] != "denied") { sql_query("UPDATE offers SET allowed='denied' WHERE id=".sqlesc($offerid)) or sqlerr(__FILE__,__LINE__); $msg = nexus_trans("offer.msg_offer_voted_off", [], $locale)."[b][url=" . get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr['name'] . "[/url][/b].".nexus_trans("offer.msg_offer_deleted", [], $locale) ; $subject = nexus_trans("offer.msg_offer_deleted", [], $locale); \App\Models\Message::add([ 'sender' => 0, 'receiver' => $arr['userid'], 'msg' => $msg, 'subject' => $subject, 'added' => now(), ]); write_log("System denied offer {$arr['name']}",'normal'); } sql_query("INSERT INTO offervotes (offerid, userid, vote) VALUES($offerid, $userid, ".sqlesc($vote).")") or sqlerr(__FILE__,__LINE__); KPS("+",$offervote_bonus,$CURUSER["id"]); stdhead($lang_offers['head_vote_for_offer']); print("

".$lang_offers['std_vote_accepted']."

"); print($lang_offers['std_vote_accepted_note']."".$lang_offers['std_back_to_offer_detail']); stdfoot(); die; } } else stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); } //=== end offer votes //=== delete offer if (isset($_GET["del_offer"]) && $_GET["del_offer"]){ $del_offer = intval($_GET["del_offer"] ?? 0); if($del_offer != '1') stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $offer = intval($_GET["id"] ?? 0); $userid = intval($CURUSER["id"] ?? 0); if (!is_valid_id($userid)) stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); $res = sql_query("SELECT * FROM offers WHERE id = $offer") or sqlerr(__FILE__, __LINE__); $num = mysql_fetch_array($res); $name = $num["name"]; if ($userid != $num["userid"] && !user_can('offermanage')) stderr($lang_offers['std_error'], $lang_offers['std_cannot_delete_others_offer']); if ($_GET["sure"]) { $sure = $_GET["sure"]; if($sure == '0' || $sure == '1') $sure = intval($_GET["sure"] ?? 0); else stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); } if ($sure == 0) stderr($lang_offers['std_delete_offer'], $lang_offers['std_delete_offer_note']."

".$lang_offers['text_reason_is']."

",false); elseif ($sure == 1) { $reason = $_POST["reason"]; sql_query("DELETE FROM offers WHERE id=$offer"); sql_query("DELETE FROM offervotes WHERE offerid=$offer"); sql_query("DELETE FROM comments WHERE offer=$offer"); //===add karma //=== use this if you use the karma mod //sql_query("UPDATE users SET seedbonus = seedbonus-10.0 WHERE id = $num['userid']") or sqlerr(__FILE__, __LINE__); //===end if ($CURUSER["id"] != $num["userid"]) { $added = date("Y-m-d H:i:s"); $locale = get_user_locale($num["userid"]); $subject = nexus_trans("offer.msg_offer_deleted", [], $locale); $msg = nexus_trans("offer.msg_your_offer", [], $locale).$num['name'].nexus_trans("offer.msg_was_deleted_by", [], $locale). "[url=userdetails.php?id=".$CURUSER['id']."]".$CURUSER['username']."[/url]".nexus_trans("offer.msg_blank", [], $locale).($reason != "" ? nexus_trans("offer.msg_reason_is", [], $locale).$reason : ""); \App\Models\Message::add([ 'sender' => 0, 'receiver' => $num['userid'], 'msg' => $msg, 'subject' => $subject, 'added' => now(), ]); } write_log("Offer: $offer ({$num['name']}) was deleted by {$CURUSER['username']}".($reason != "" ? " (".$reason.")" : ""),'normal'); header("Location: offers.php"); die; } else stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); } //== end delete offer //=== prolly not needed, but what the hell... basically stopping the page getting screwed up $sort = ''; if (isset($_GET["sort"]) && $_GET["sort"]) { $sort = $_GET["sort"]; if($sort == 'cat' || $sort == 'name' || $sort == 'added' || $sort == 'comments' || $sort == 'yeah' || $sort == 'against' || $sort == 'v_res') $sort = $_GET["sort"]; else stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); } //=== end of prolly not needed, but what the hell :P $categ = intval($_GET["category"] ?? 0); $offerorid = 0; if (isset($_GET["offerorid"]) && $_GET["offerorid"]){ $offerorid = htmlspecialchars(intval($_GET["offerorid"] ?? 0)); if (preg_match("/^[0-9]+$/", !$offerorid)) stderr($lang_offers['std_error'], $lang_offers['std_smell_rat']); } $search = ($_GET["search"] ?? ''); if ($search) { $search = " AND offers.name like ".sqlesc("%$search%"); } else { $search = ""; } $cat_order_type = "desc"; $name_order_type = "desc"; $added_order_type = "desc"; $comments_order_type = "desc"; $v_res_order_type = "desc"; /* if ($cat_order_type == "") { $sort = " ORDER BY added " . $added_order_type; $cat_order_type = "asc"; } // for torrent name if ($name_order_type == "") { $sort = " ORDER BY added " . $added_order_type; $name_order_type = "desc"; } if ($added_order_type == "") { $sort = " ORDER BY added " . $added_order_type; $added_order_type = "desc"; } if ($comments_order_type == "") { $sort = " ORDER BY added " . $added_order_type; $comments_order_type = "desc"; } if ($v_res_order_type == "") { $sort = " ORDER BY added " . $added_order_type; $v_res_order_type = "desc"; } */ if ($sort == "cat") { if ($_GET['type'] == "desc") $cat_order_type = "asc"; $sort = " ORDER BY category ". $cat_order_type; } else if ($sort == "name") { if ($_GET['type'] == "desc") $name_order_type = "asc"; $sort = " ORDER BY name ". $name_order_type; } else if ($sort == "added") { if ($_GET['type'] == "desc") $added_order_type = "asc"; $sort = " ORDER BY added " . $added_order_type; } else if ($sort == "comments") { if ($_GET['type'] == "desc") $comments_order_type = "asc"; $sort = " ORDER BY comments " . $comments_order_type; } else if ($sort == "v_res") { if ($_GET['type'] == "desc") $v_res_order_type = "asc"; $sort = " ORDER BY (yeah - against) " . $v_res_order_type; } if ($offerorid <> NULL) { if (($categ <> NULL) && ($categ <> 0)) $categ = "WHERE offers.category = " . $categ . " AND offers.userid = " . $offerorid; else $categ = "WHERE offers.userid = " . $offerorid; } else if ($categ == 0) $categ = ''; else $categ = "WHERE offers.category = " . $categ; $res = sql_query("SELECT count(offers.id) FROM offers inner join categories on offers.category = categories.id inner join users on offers.userid = users.id $categ $search") or sqlerr(__FILE__, __LINE__); $row = mysql_fetch_array($res); $count = $row[0]; $perpage = 25; list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["PHP_SELF"] ."?" . "category=" . ($_GET["category"] ?? '') . "&sort=" . ($_GET["sort"] ?? '') . "&" ); //stderr("", $sort); if($sort == "") $sort = "ORDER BY added desc "; $res = sql_query("SELECT offers.id, offers.userid, offers.name, offers.added, offers.allowedtime, offers.comments, offers.yeah, offers.against, offers.category as cat_id, offers.allowed, categories.image, categories.name as cat FROM offers inner join categories on offers.category = categories.id $categ $search $sort $limit") or sqlerr(__FILE__,__LINE__); $num = mysql_num_rows($res); stdhead($lang_offers['head_offers']); begin_main_frame(); begin_frame($lang_offers['text_offers_section'], true,10,"100%","center"); print("

".$lang_offers['text_rules']."

\n"); print("

"); print("
• ".$lang_offers['text_rule_one_one'].get_user_class_name($upload_class, false, true, true).$lang_offers['text_rule_one_two'].get_user_class_name($addoffer_class, false, true, true).$lang_offers['text_rule_one_three']."
\n"); $offerSkipApprovedCount = get_setting('main.offer_skip_approved_count'); if (is_numeric($offerSkipApprovedCount) && $offerSkipApprovedCount > 0) { print("
• ".sprintf($lang_offers['text_rule_skip_offer'], $offerSkipApprovedCount)."
\n"); } print("
• ".$lang_offers['text_rule_two_one']."".$minoffervotes."".$lang_offers['text_rule_two_two']."
\n"); if ($offervotetimeout_main) print("
• ".$lang_offers['text_rule_three_one']."".($offervotetimeout_main / 3600)."".$lang_offers['text_rule_three_two']."
\n"); if ($offeruptimeout_main) print("
• ".$lang_offers['text_rule_four_one']."".($offeruptimeout_main / 3600)."".$lang_offers['text_rule_four_two']."
\n"); print("

"); if (user_can('addoffer')) print(""); print(""); end_frame(); print("

"); $last_offer = strtotime($CURUSER['last_offer']); if (!$num) stdmsg($lang_offers['text_nothing_found'],$lang_offers['text_nothing_found']); else { $catid = $_GET['category']; print(""); print("". "". "". "". ""); if ($offervotetimeout_main > 0 && $offeruptimeout_main > 0) print(""); print("". (user_can('offermanage') ? "" : "")."\n"); for ($i = 0; $i < $num; ++$i) { $arr = mysql_fetch_assoc($res); $addedby = get_username($arr['userid']); $comms = $arr['comments']; if ($comms == 0) $comment = "0"; else { if (!$lastcom = $Cache->get_value('offer_'.$arr['id'].'_last_comment_content')){ $res2 = sql_query("SELECT user, added, text FROM comments WHERE offer = {$arr['id']} ORDER BY added DESC LIMIT 1"); $lastcom = mysql_fetch_array($res2); $Cache->cache_value('offer_'.$arr['id'].'_last_comment_content', $lastcom, 1855); } $timestamp = strtotime($lastcom["added"]); $hasnewcom = ($lastcom['user'] != $CURUSER['id'] && $timestamp >= $last_offer); if ($CURUSER['showlastcom'] != 'no') { if ($lastcom) { $title = ""; if ($CURUSER['timetype'] != 'timealive') $lastcomtime = $lang_offers['text_at_time'].$lastcom['added']; else $lastcomtime = $lang_offers['text_blank'].gettime($lastcom["added"],true,false,true); $counter = $i; $lastcom_tooltip[$counter]['id'] = "lastcom_" . $counter; $lastcom_tooltip[$counter]['content'] = ($hasnewcom ? "(".$lang_offers['text_new'].") " : "").$lang_offers['text_last_commented_by'].get_username($lastcom['user']) . $lastcomtime."
". format_comment(mb_substr($lastcom['text'],0,100,"UTF-8") . (mb_strlen($lastcom['text'],"UTF-8") > 100 ? " ......" : "" ),true,false,false,true,600,false,false); $onmouseover = "onmouseover=\"domTT_activate(this, event, 'content', document.getElementById('" . $lastcom_tooltip[$counter]['id'] . "'), 'trail', false, 'delay', 500,'lifetime',3000,'fade','both','styleClass','niceTitle','fadeMax', 87,'maxWidth', 400);\""; } } else { $title = " title=\"".($hasnewcom ? $lang_offers['title_has_new_comment'] : $lang_offers['title_no_new_comment'])."\""; $onmouseover = ""; } $comment = "".($hasnewcom ? "" : ""). $comms .($hasnewcom ? "" : "").""; } //==== if you want allow deny for offers use this next bit if ($arr["allowed"] == 'allowed') $allowed = " [".$lang_offers['text_allowed']."]"; elseif ($arr["allowed"] == 'denied') $allowed = " [".$lang_offers['text_denied']."]"; else $allowed = " [".$lang_offers['text_pending']."]"; //===end if ($arr["yeah"] == 0) $zvote = $arr['yeah']; else $zvote = "".$arr['yeah'].""; if ($arr["against"] == 0) $pvote = $arr['against']; else $pvote = "".$arr['against'].""; if ($arr["yeah"] == 0 && $arr["against"] == 0) { $v_res = "0"; } else { $v_res = "" .$arr['yeah']." - ".$arr['against']." = ".($arr['yeah'] - $arr['against']). ""; } $addtime = gettime($arr['added'],false,true); $dispname = $arr['name']; $count_dispname=mb_strlen($arr['name'],"UTF-8"); $max_length_of_offer_name = 70; if($count_dispname > $max_length_of_offer_name) $dispname=mb_substr($dispname, 0, $max_length_of_offer_name-2,"UTF-8") . ".."; print("".(get_user_class() >= $againstoffer_class ? "" : "")); print(""); if ($offervotetimeout_main > 0 && $offeruptimeout_main > 0){ if ($arr["allowed"] == 'allowed'){ $futuretime = strtotime($arr['allowedtime']) + $offeruptimeout_main; $timeout = gettime(date("Y-m-d H:i:s", $futuretime), false, true, true, false, true); } elseif ($arr["allowed"] == 'pending') { $futuretime = strtotime($arr['added']) + $offervotetimeout_main; $timeout = gettime(date("Y-m-d H:i:s",$futuretime), false, true, true, false, true); } if (!$timeout) $timeout = "N/A"; print(""); } print("".(user_can('offermanage') ? "" : "").""); } print("

".$lang_offers['col_type']."	".$lang_offers['col_title']."	".$lang_offers['col_vote_results']."	".$lang_offers['col_comment']."		".$lang_offers['col_timeout']."	".$lang_offers['col_offered_by']."	".$lang_offers['col_act']."
".return_category_image($arr['cat_id'], "")."	".htmlspecialchars($dispname)."".($CURUSER['appendnew'] != 'no' && strtotime($arr["added"]) >= $last_offer ? " (".$lang_offers['text_new'].")" : "").$allowed."	".$v_res."	".$lang_offers['text_yep']."	".$lang_offers['text_nah']."	".$comment."	" . $addtime. "	".$timeout."	".$addedby."

\n"); echo $pagerbottom; if(!isset($CURUSER) || $CURUSER['showlastcom'] == 'yes') create_tooltip_container($lastcom_tooltip, 400); } end_main_frame(); $USERUPDATESET[] = "last_offer = ".sqlesc(date("Y-m-d H:i:s")); stdfoot(); ?>