65535) bark($lang_takeupload['std_nfo_too_big']); $nfofilename = $nfofile['tmp_name']; if (@!is_uploaded_file($nfofilename)) bark($lang_takeupload['std_nfo_upload_failed']); $nfo = str_replace("\x0d\x0d\x0a", "\x0d\x0a", @file_get_contents($nfofilename)); } } $small_descr = unesc($_POST["small_descr"] ?? ''); $descr = unesc($_POST["descr"]); if (!$descr) bark($lang_takeupload['std_blank_description']); $catid = intval($_POST["type"] ?? 0); $catmod = get_single_value("categories","mode","WHERE id=".sqlesc($catid)); if (!$catmod) { bark('Invalid category'); } $sourceid = intval($_POST["source_sel"][$catmod] ?? 0); $mediumid = intval($_POST["medium_sel"][$catmod] ?? 0); $codecid = intval($_POST["codec_sel"][$catmod] ?? 0); $standardid = intval($_POST["standard_sel"][$catmod] ?? 0); $processingid = intval($_POST["processing_sel"][$catmod] ?? 0); $teamid = intval($_POST["team_sel"][$catmod] ?? 0); $audiocodecid = intval($_POST["audiocodec_sel"][$catmod] ?? 0); if (!is_valid_id($catid)) bark($lang_takeupload['std_category_unselected']); if (!preg_match('/^(.+)\.torrent$/si', $fname, $matches)) bark($lang_takeupload['std_filename_not_torrent']); $shortfname = $torrent = $matches[1]; if (!empty($_POST["name"])) $torrent = trim(unesc($_POST["name"])); if ($f['size'] > $max_torrent_size) bark($lang_takeupload['std_torrent_file_too_big'].number_format($max_torrent_size).$lang_takeupload['std_remake_torrent_note']); $tmpname = $f["tmp_name"]; if (!is_uploaded_file($tmpname)) { do_log("eek, FILE: " . nexus_json_encode($f), 'error'); bark("eek"); } if (!filesize($tmpname)) bark($lang_takeupload['std_empty_file']); //check max price $maxPrice = get_setting("torrent.max_price"); $paidTorrentEnabled = get_setting("torrent.paid_torrent_enabled") == "yes"; if ($maxPrice > 0 && isset($_POST['price']) && $_POST['price'] > $maxPrice && $paidTorrentEnabled) { bark('price too much'); } try { $dict = TorrentFile::load($tmpname); $dict = $dict->unhybridizedTo(); $dict->parse(); } catch (ParseException $e) { bark($e->getMessage()); } //The following line requires uploader to re-download torrents after uploading //even the torrent is set as private and with uploader's passkey in it. $dict->cleanRootFields() ->setComment(getSchemeAndHttpHost()) ->setCreationDate(time()) ->setCreatedBy($SITENAME) ->setAnnounce(get_protocol_prefix() . $announce_urls[0]) // change announce url to local ->setPrivate(true) ->setSource("[$BASEURL] $SITENAME"); $filelist = $dict->getFileList(); $dname = $dict->getName(); $type = $dict->getFileMode(); $totallen = $dict->getSize(); $pieces = $dict->getInfoField('pieces'); $piecesCount = strlen($pieces) / 20; $maxPieceCount = 24576; $idealPiecesCount = $totallen / (8 * 1024 ** 2); if ($piecesCount > $maxPieceCount && $idealPiecesCount < $maxPieceCount) { bark('Too many pieces'); } $infohash = $dict->getInfoHashV1ForAnnounce(); $exists = \App\Models\Torrent::query()->where('info_hash', $infohash)->first(['id']); if ($exists) { // bark($lang_takeupload['std_torrent_existed']); nexus_redirect(sprintf("details.php?id=%d&existed=1", $exists['id'])); } // ------------- start: check upload authority ------------------// $allowtorrents = user_can_upload("torrents"); $allowspecial = user_can_upload("music"); $offerid = intval($_POST['offer'] ?? 0); $is_offer=false; if ($browsecatmode != $specialcatmode && $catmod == $specialcatmode){//upload to special section if (!$allowspecial) bark($lang_takeupload['std_unauthorized_upload_freely']); } elseif($catmod == $browsecatmode){//upload to torrents section if ($offerid){//it is a offer $allowed_offer_count = get_row_count("offers","WHERE allowed='allowed' AND userid=".sqlesc($CURUSER["id"])); if ($allowed_offer_count && $enableoffer == 'yes'){ $allowed_offer = get_row_count("offers","WHERE id=".sqlesc($offerid)." AND allowed='allowed' AND userid=".sqlesc($CURUSER["id"])); if ($allowed_offer != 1)//user uploaded torrent that is not an allowed offer bark($lang_takeupload['std_uploaded_not_offered']); else $is_offer = true; } else bark($lang_takeupload['std_uploaded_not_offered']); } elseif (!$allowtorrents) bark($lang_takeupload['std_unauthorized_upload_freely']); } else //upload to unknown section die("Upload to unknown section."); // ------------- end: check upload authority ------------------// // Replace punctuation characters with spaces //$torrent = str_replace("_", " ", $torrent); if ($largesize_torrent && $totallen > ($largesize_torrent * 1073741824)) //Large Torrent Promotion { switch($largepro_torrent) { case 2: //Free { $sp_state = 2; break; } case 3: //2X { $sp_state = 3; break; } case 4: //2X Free { $sp_state = 4; break; } case 5: //Half Leech { $sp_state = 5; break; } case 6: //2X Half Leech { $sp_state = 6; break; } case 7: //30% Leech { $sp_state = 7; break; } default: //normal { $sp_state = 1; break; } } } else{ //ramdom torrent promotion $sp_id = mt_rand(1,100); if($sp_id <= ($probability = $randomtwoupfree_torrent)) //2X Free $sp_state = 4; elseif($sp_id <= ($probability += $randomtwoup_torrent)) //2X $sp_state = 3; elseif($sp_id <= ($probability += $randomfree_torrent)) //Free $sp_state = 2; elseif($sp_id <= ($probability += $randomhalfleech_torrent)) //Half Leech $sp_state = 5; elseif($sp_id <= ($probability += $randomtwouphalfdown_torrent)) //2X Half Leech $sp_state = 6; elseif($sp_id <= ($probability += $randomthirtypercentdown_torrent)) //30% Leech $sp_state = 7; else $sp_state = 1; //normal } // //if ($altname_main == 'yes'){ //$cnname_part = unesc(trim($_POST["cnname"])); //$size_part = str_replace(" ", "", mksize($totallen)); //$date_part = date("m.d.y"); //$category_part = get_single_value("categories","name","WHERE id = ".sqlesc($catid)); //$torrent = "【".$date_part."】".($_POST["name"] ? "[".$_POST["name"]."]" : "").($cnname_part ? "[".$cnname_part."]" : ""); //} // some ugly code of automatically promoting torrents based on some rules //if ($prorules_torrent == 'yes'){ //foreach ($promotionrules_torrent as $rule) //{ // if (!array_key_exists('catid', $rule) || in_array($catid, $rule['catid'])) // if (!array_key_exists('sourceid', $rule) || in_array($sourceid, $rule['sourceid'])) // if (!array_key_exists('mediumid', $rule) || in_array($mediumid, $rule['mediumid'])) // if (!array_key_exists('codecid', $rule) || in_array($codecid, $rule['codecid'])) // if (!array_key_exists('standardid', $rule) || in_array($standardid, $rule['standardid'])) // if (!array_key_exists('processingid', $rule) || in_array($processingid, $rule['processingid'])) // if (!array_key_exists('teamid', $rule) || in_array($teamid, $rule['teamid'])) // if (!array_key_exists('audiocodecid', $rule) || in_array($audiocodecid, $rule['audiocodecid'])) // if (!array_key_exists('pattern', $rule) || preg_match($rule['pattern'], $torrent)) // if (is_numeric($rule['promotion'])){ // $sp_state = $rule['promotion']; // break; // } //} //} $dateTimeStringNow = \Carbon\Carbon::now()->toDateTimeString(); $torrentSavePath = getFullDirectory($torrent_dir); if (!is_dir($torrentSavePath)) { bark("torrent save path: $torrentSavePath not exists."); } if (!is_writable($torrentSavePath)) { bark("torrent save path: $torrentSavePath not writeable."); } /** * get cover * @since 1.7.8 */ $descriptionArr = format_description($descr); $cover = get_image_from_description($descriptionArr, true, false); $insert = [ 'filename' => $fname, 'owner' => $CURUSER['id'], 'visible' => 'yes', 'anonymous' => $anonymous, 'name' => $torrent, 'size' => $totallen, 'numfiles' => count($filelist), 'type' => $type, 'url' => $url, 'small_descr' => $small_descr, // 'descr' => $descr, // 'ori_descr' => $descr, 'category' => $catid, 'source' => $sourceid, 'medium' => $mediumid, 'codec' => $codecid, 'audiocodec' => $audiocodecid, 'standard' => $standardid, 'processing' => $processingid, 'team' => $teamid, 'save_as' => $dname, 'sp_state' => $sp_state, 'added' => $dateTimeStringNow, 'last_action' => $dateTimeStringNow, // 'nfo' => $nfo, 'info_hash' => $infohash, // 'pt_gen' => $_POST['pt_gen'] ?? '', // 'technical_info' => $_POST['technical_info'] ?? '', 'cover' => $cover, 'pieces_hash' => sha1($pieces), 'cache_stamp' => time(), ]; /** * migrate to extra table * @since 1.9 */ $extra = [ 'descr' => $descr, 'media_info' => $_POST['technical_info'] ?? '', 'nfo' => $nfo, 'pt_gen' => $_POST['pt_gen'] ?? '', ]; if (isset($_POST['hr'][$catmod]) && isset(\App\Models\Torrent::$hrStatus[$_POST['hr'][$catmod]]) && user_can('torrent_hr')) { $insert['hr'] = $_POST['hr'][$catmod]; } if(user_can('torrentsticky')) { if (isset($_POST['pos_state']) && isset(\App\Models\Torrent::$posStates[$_POST['pos_state']])) { $posStateUntil = $_POST['pos_state_until'] ?: null; $posState = $_POST['pos_state']; if ($posState == \App\Models\Torrent::POS_STATE_STICKY_NONE) { $posStateUntil = null; } if ($posStateUntil && \Carbon\Carbon::parse($posStateUntil)->lte(now())) { $posState = \App\Models\Torrent::POS_STATE_STICKY_NONE; $posStateUntil = null; } $insert['pos_state'] = $posState; $insert['pos_state_until'] = $posStateUntil; } } if(user_can('torrentmanage') && ($CURUSER['picker'] == 'yes' || get_user_class() >= \App\Models\User::CLASS_SYSOP)) { if (isset($_POST['picktype']) && isset(\App\Models\Torrent::$pickTypes[$_POST['picktype']])) { $insert['picktype'] = $_POST['picktype']; if ($insert['picktype'] == \App\Models\Torrent::PICK_NORMAL) { $insert['picktime'] = null; } else { $insert['picktime'] = now()->toDateTimeString(); } } } if (user_can('torrent-approval-allow-automatic')) { $insert['approval_status'] = \App\Models\Torrent::APPROVAL_STATUS_ALLOW; } if (user_can('torrent-set-price') && $paidTorrentEnabled) { $insert['price'] = $_POST['price'] ?? 0; } do_log("[INSERT_TORRENT]: " . nexus_json_encode($insert)); $id = \Nexus\Database\NexusDB::insert('torrents', $insert); //$ret = sql_query("INSERT INTO torrents (filename, owner, visible, anonymous, name, size, numfiles, type, url, small_descr, descr, ori_descr, category, source, medium, codec, audiocodec, standard, processing, team, save_as, sp_state, added, last_action, nfo, info_hash, pt_gen, technical_info) VALUES (".sqlesc($fname).", ".sqlesc($CURUSER["id"]).", 'yes', ".sqlesc($anonymous).", ".sqlesc($torrent).", ".sqlesc($totallen).", ".count($filelist).", ".sqlesc($type).", ".sqlesc($url).", ".sqlesc($small_descr).", ".sqlesc($descr).", ".sqlesc($descr).", ".sqlesc($catid).", ".sqlesc($sourceid).", ".sqlesc($mediumid).", ".sqlesc($codecid).", ".sqlesc($audiocodecid).", ".sqlesc($standardid).", ".sqlesc($processingid).", ".sqlesc($teamid).", ".sqlesc($dname).", ".sqlesc($sp_state) . //", " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc(date("Y-m-d H:i:s")) . ", ".sqlesc($nfo).", " . sqlesc($infohash). ", " . sqlesc($_POST['pt_gen']) . ", " . sqlesc($_POST['technical_info'] ?? '') . ")"); //if (!$ret) { // if (mysql_errno() == 1062) // bark($lang_takeupload['std_torrent_existed']); // bark("mysql puked: ".mysql_error()); // //bark("mysql puked: ".preg_replace_callback('/./s', "hex_esc2", mysql_error())); //} //$id = mysql_insert_id(); $torrentFilePath = "$torrentSavePath/$id.torrent"; $saveResult = $dict->dump($torrentFilePath); if ($saveResult === false) { sql_query("delete from torrents where id = $id limit 1"); bark("save torrent to $torrentFilePath fail."); } //remove announce info_hash not exists cache //@see announce.php \Nexus\Database\NexusDB::cache_del("torrent_not_exists:$infohash"); /** * add custom fields * @since v1.6 */ if (!empty($_POST['custom_fields'][$catmod])) { $customField = new \Nexus\Field\Field(); $customField->saveFieldValues($catmod, $id, $_POST['custom_fields'][$catmod]); } /** * handle tags * * @since v1.6 */ $tagIdArr = array_filter($_POST['tags'][$catmod] ?? []); if (!empty($tagIdArr)) { insert_torrent_tags($id, $tagIdArr); } @sql_query("DELETE FROM files WHERE torrent = $id"); foreach ($filelist as $file) { @sql_query("INSERT INTO files (torrent, filename, size) VALUES ($id, ".sqlesc($file['path']).",".$file['size'].")"); } $extra['torrent_id'] = $id; \App\Models\TorrentExtra::query()->create($extra); //===add karma KPS("+",$uploadtorrent_bonus,$CURUSER["id"]); //===end $torrentRep = new \App\Repositories\TorrentRepository(); $torrentRep->addPiecesHashCache($id, $insert['pieces_hash']); write_log("Torrent $id ($torrent) was uploaded by $anon"); //move to event listener //$searchRep = new \App\Repositories\SearchRepository(); //$searchRep->addTorrent($id); // //$meiliSearch = new \App\Repositories\MeiliSearchRepository(); //$meiliSearch->doImportFromDatabase($id); //trigger event fire_event(\App\Enums\ModelEventEnum::TORRENT_CREATED, \App\Models\Torrent::query()->find($id)); //===notify people who voted on offer thanks CoLdFuSiOn :) if ($is_offer) { $res = sql_query("SELECT `userid` FROM `offervotes` WHERE `userid` != " . $CURUSER["id"] . " AND `offerid` = ". sqlesc($offerid)." AND `vote` = 'yeah'") or sqlerr(__FILE__, __LINE__); while($row = mysql_fetch_assoc($res)) { $locale = get_user_locale($row['userid']); $pn_msg = nexus_trans("torrent.msg_offer_you_voted", [], $locale).$torrent.nexus_trans("torrent.msg_was_uploaded_by", [], $locale). $CURUSER["username"] .nexus_trans("torrent.msg_you_can_download", [], $locale) ."[url=" . get_protocol_prefix() . "$BASEURL/details.php?id=$id&hit=1]".nexus_trans("torrent.msg_here", [], $locale)."[/url]"; //=== use this if you DO have subject in your PMs $subject = nexus_trans("torrent.msg_offer", [], $locale).$torrent.nexus_trans("torrent.msg_was_just_uploaded", [], $locale); //=== use this if you DO NOT have subject in your PMs //$some_variable .= "(0, $row[userid], '" . date("Y-m-d H:i:s") . "', " . sqlesc($pn_msg) . ")"; //=== use this if you DO have subject in your PMs \App\Models\Message::add([ 'sender' => 0, 'subject' => $subject, 'receiver' => $row['userid'], 'added' => now(), 'msg' => $pn_msg, ]); //=== use this if you do NOT have subject in your PMs //sql_query("INSERT INTO messages (sender, receiver, added, msg) VALUES ".$some_variable."") or sqlerr(__FILE__, __LINE__); //===end } //=== delete all offer stuff sql_query("DELETE FROM offers WHERE id = ". $offerid); sql_query("DELETE FROM offervotes WHERE offerid = ". $offerid); sql_query("DELETE FROM comments WHERE offer = ". $offerid); //increment user offer_allowed_count sql_query("update users set offer_allowed_count = offer_allowed_count + 1 where id = " . $CURUSER["id"]); } //=== end notify people who voted on offer /* Email notifs */ ////move to event listener //if ($emailnotify_smtp=='yes' && $smtptype != 'none') //{ //$cat = get_single_value("categories","name","WHERE id=".sqlesc($catid)); //$res = sql_query("SELECT id, email, lang FROM users WHERE enabled='yes' AND parked='no' AND status='confirmed' AND notifs LIKE '%[cat$catid]%' AND notifs LIKE '%[email]%' ORDER BY lang ASC") or sqlerr(__FILE__, __LINE__); // //$uploader = $anon; // //$size = mksize($totallen); // //$description = format_comment($descr); // ////dirty code, change later //$baseUrl = getSchemeAndHttpHost(); //$langfolder_array = array("en", "chs", "cht", "ko", "ja"); //$body_arr = array("en" => "", "chs" => "", "cht" => "", "ko" => "", "ja" => ""); //$i = 0; //foreach($body_arr as $body) //{ //$body_arr[$langfolder_array[$i]] = <<{$lang_takeupload_target[$langfolder_array[$i]]['mail_here']}
//$baseUrl/details.php?id=$id&hit=1 // //------{$lang_takeupload_target[$langfolder_array[$i]]['mail_yours']} //{$lang_takeupload_target[$langfolder_array[$i]]['mail_team']} //EOD; // //$body_arr[$langfolder_array[$i]] = str_replace("
","
",nl2br($body_arr[$langfolder_array[$i]])); // $i++; //} // //while($arr = mysql_fetch_array($res)) //{ // $current_lang = $arr["lang"]; // $to = $arr["email"]; // // sent_mail( // $to,$SITENAME,$SITEEMAIL, // $lang_takeupload_target[validlang($current_lang)]['mail_title'], // $torrent, // validlang($current_lang), // $body_arr[validlang($current_lang)], // "torrent upload",false,false,'', // ); //} //} header("Location: " . get_protocol_prefix() . "$BASEURL/details.php?id=".htmlspecialchars($id)."&uploaded=1"); ?>