0)
{
return false;
}
return true;
}
$act = intval($_GET["act"] ?? 0);
$search = trim($_GET['search'] ?? '');
$letter = trim($_GET["letter"] ?? '');
if (strlen($letter) > 1)
die;
if ($letter == "" || strpos("abcdefghijklmnopqrstuvwxyz", $letter) === false)
$letter = "";
$lang_id = intval($_GET['lang_id'] ?? 0);
if (!is_valid_id($lang_id))
$lang_id = '';
$query = "";
if ($search != '')
{
$query = "subs.title LIKE " . sqlesc("%$search%") . "";
if ($search)
$q = "search=" . rawurlencode($search);
}
elseif ($letter != '')
{
$query = "subs.title LIKE ".sqlesc("$letter%");
$q = "letter=$letter";
}
if ($lang_id)
{
$query .= ($query ? " AND " : "")."subs.lang_id=".sqlesc($lang_id);
$q = ($q ? $q."&" : "") . "lang_id=".sqlesc($lang_id);
}
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["action"]) && $_POST["action"] == "upload" && ($in_detail!= 'in_detail'))
{
//start process upload file
$file = $_FILES['file'];
if (!$file || $file["size"] == 0 || $file["name"] == "")
{
echo($lang_subtitles['std_nothing_received']);
exit;
}
if ($file["size"] > $maxsubsize_main && $maxsubsize_main > 0)
{
echo($lang_subtitles['std_subs_too_big']);
exit;
}
$accept_ext = array('sub' => 'sub', 'srt' => 'srt', 'zip' => 'zip', 'rar' => 'rar', 'ace' => 'ace', 'txt' => 'txt', 'SUB' => 'SUB', 'SRT' => 'SRT', 'ZIP' => 'ZIP', 'RAR' => 'RAR', 'ACE' => 'ACE', 'TXT' => 'TXT', 'ssa' => 'ssa', 'ass' => 'ass', 'cue' => 'cue');
$ext_l = strrpos($file['name'], ".");
$ext = strtolower(substr($file['name'], $ext_l+1, strlen($file['name'])-($ext_l+1)));
if (!array_key_exists($ext, $accept_ext))
{
echo($lang_subtitles['std_wrong_subs_format']);
exit;
}
/*
if (file_exists("$SUBSPATH/$file[name]"))
{
echo($lang_subtitles['std_file_already_exists']);
exit;
}
*/
//end process upload file
//start process torrent ID
if(!$_POST["torrent_id"])
{
echo($lang_subtitles['std_missing_torrent_id']."$file[name] !");
exit;
}
else
{
$torrent_id = $_POST["torrent_id"];
if(!is_numeric($_POST["torrent_id"]) || !isInteger($_POST["torrent_id"]))
{
echo($lang_subtitles['std_invalid_torrent_id']);
exit;
}
$r = sql_query("SELECT * from torrents where id = ". sqlesc($torrent_id)) or sqlerr(__FILE__, __LINE__);
if(!mysql_num_rows($r))
{
echo($lang_subtitles['std_invalid_torrent_id']);
exit;
}
else
{
$r_a = mysql_fetch_assoc($r);
if($r_a["owner"] != $CURUSER["id"] && get_user_class() < $uploadsub_class)
{
echo($lang_subtitles['std_no_permission_uploading_others']);
exit;
}
}
}
//end process torrent ID
//start process title
$title = trim($_POST["title"]);
if ($title == "")
{
$title = substr($file["name"], 0, strrpos($file["name"], "."));
if (!$title)
$title = $file["name"];
$file["name"] = str_replace(" ", "_", htmlspecialchars("$file[name]"));
}
/*
$r = sql_query("SELECT id FROM subs WHERE title=" . sqlesc($title)) or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($r) > 0)
{
echo($lang_subtitles['std_file_same_name_exists']."" . htmlspecialchars($title) . " ");
exit;
}
*/
//end process title
//start process language
if($_POST['sel_lang'] == 0)
{
echo($lang_subtitles['std_must_choose_language']);
exit;
}
else
{
$lang_id = $_POST['sel_lang'];
}
//end process language
if (isset($_POST['uplver']) && $_POST['uplver'] == 'yes' && get_user_class()>=$beanonymous_class) {
$anonymous = "yes";
$anon = "Anonymous";
}
else {
$anonymous = "no";
$anon = $CURUSER["username"];
}
//$file["name"] = str_replace("", "_", htmlspecialchars("$file[name]"));
//$file["name"] = preg_replace('/[^a-z0-9_\-\.]/i', '_', $file[name]);
//make_folder($SUBSPATH."/",$detail_torrent_id);
//stderr("",$file["name"]);
$r = sql_query("SELECT lang_name from language WHERE sub_lang=1 AND id = " . sqlesc($lang_id)) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($r);
$filename = $file["name"];
$added = date("Y-m-d H:i:s");
$uppedby = $CURUSER["id"];
$size = $file["size"];
sql_query("INSERT INTO subs (torrent_id, lang_id, title, filename, added, uppedby, anonymous, size, ext) VALUES (" . implode(",", array_map("sqlesc", array($torrent_id, $lang_id, $title, $filename, $added, $uppedby, $anonymous, $size, $ext))). ")") or sqlerr();
$id = mysql_insert_id();
//stderr("",make_folder($SUBSPATH."/",$torrent_id). "/" . $id . "." .$ext);
if (!move_uploaded_file($file["tmp_name"], make_folder($SUBSPATH."/",$torrent_id). "/" . $id . "." .$ext))
echo($lang_subtitles['std_failed_moving_file']);
KPS("+",$uploadsubtitle_bonus,$uppedby); //subtitle uploader gets bonus
write_log("$arr[lang_name] Subtitle $id ($title) was uploaded by $anon");
$msg_bt = "$arr[lang_name] Subtitle $id ($title) was uploaded by $anon, Download: " . get_protocol_prefix() . "$BASEURL/downloadsubs.php/".$file["name"]."";
}
if (get_user_class() >= $delownsub_class)
{
$delete = intval($_GET["delete"] ?? 0);
if (is_valid_id($delete))
{
$r = sql_query("SELECT id,torrent_id,ext,lang_id,title,filename,uppedby,anonymous FROM subs WHERE id=".sqlesc($delete)) or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($r) == 1)
{
$a = mysql_fetch_assoc($r);
if (get_user_class() >= $submanage_class || $a["uppedby"] == $CURUSER["id"])
{
$sure = intval($_GET["sure"] ?? 0);
if ($sure == 1)
{
$reason = $_POST["reason"];
sql_query("DELETE FROM subs WHERE id=$delete") or sqlerr(__FILE__, __LINE__);
if (!@unlink("$SUBSPATH/$a[torrent_id]/$a[id].$a[ext]"))
{
stdmsg($lang_subtitles['std_error'], $lang_subtitles['std_this_file']."$a[filename]".$lang_subtitles['std_is_invalid']);
stdfoot();
die;
}
else {
KPS("-",$uploadsubtitle_bonus,$a["uppedby"]); //subtitle uploader loses bonus for deleted subtitle
}
if ($CURUSER['id'] != $a['uppedby']){
$msg = $CURUSER['username'].$lang_subtitles_target[get_user_lang($a['uppedby'])]['msg_deleted_your_sub']. $a['title'].($reason != "" ? $lang_subtitles_target[get_user_lang($a['uppedby'])]['msg_reason_is'].$reason : "");
$subject = $lang_subtitles_target[get_user_lang($a['uppedby'])]['msg_your_sub_deleted'];
$time = date("Y-m-d H:i:s");
sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, $a[uppedby], '" . $time . "', " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__);
}
$res = sql_query("SELECT lang_name from language WHERE sub_lang=1 AND id = " . sqlesc($a["lang_id"])) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res);
write_log("$arr[lang_name] Subtitle $delete ($a[title]) was deleted by ". (($a["anonymous"] == 'yes' && $a["uppedby"] == $CURUSER["id"]) ? "Anonymous" : $CURUSER['username']). ($a["uppedby"] != $CURUSER["id"] ? ", Mod Delete":"").($reason != "" ? " (".$reason.")" : ""));
}
else
{
stdmsg($lang_subtitles['std_delete_subtitle'], $lang_subtitles['std_delete_subtitle_note']."
");
stdfoot();
die;
}
}
}
}
}
if (get_user_class() >= UC_PEASANT)
{
//$url = $_COOKIE["subsurl"];
begin_main_frame();
?>
get_value('subtitle_sum_size')){
$res = sql_query("SELECT SUM(size) AS size FROM subs");
$row5 = mysql_fetch_array($res);
$size = $row5['size'];
$Cache->cache_value('subtitle_sum_size', $size, 3600);
}
begin_frame($lang_subtitles['text_upload_subtitles'].mksize($size)."", true,10,"100%","center");
?>
".$lang_subtitles['text_rules']."\n");
print(" ".$lang_subtitles['text_rule_one']."
\n");
print(" ".$lang_subtitles['text_rule_two']."
\n");
print(" ".$lang_subtitles['text_rule_three']."
\n");
print(" ".$lang_subtitles['text_rule_four']."
\n");
print(" ".$lang_subtitles['text_rule_five']."
\n");
print(" ".$lang_subtitles['text_rule_six']."
\n");
print($lang_subtitles['text_red_star_required']);
if($in_detail != "")
{
print("".$lang_subtitles['text_uploading_subtitles_for_torrent']."$torrent_name
\n");
print("
");
}
print("\n");
end_frame();
end_main_frame();
}
if(get_user_class() >= UC_PEASANT)
{
print("\n");
for ($i = 97; $i < 123; ++$i)
{
$l = chr($i);
$L = chr($i - 32);
if ($l == $letter)
print("$L\n");
else
print("$L\n");
}
$perpage = 30;
$query = ($query ? " WHERE ".$query : "");
$res = sql_query("SELECT COUNT(*) FROM subs $query") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
$num = $arr[0];
if (!$num)
{
stdmsg($lang_subtitles['text_sorry'],$lang_subtitles['text_nothing_here']);
stdfoot();
die;
}
list($pagertop, $pagerbottom, $limit) = pager($perpage, $num, "subtitles.php?".$q."&");
print($pagertop);
$i = 0;
$res = sql_query("SELECT subs.*, language.flagpic, language.lang_name FROM subs LEFT JOIN language ON subs.lang_id=language.id $query ORDER BY id DESC $limit") or sqlerr();
print("\n");
print("| ".$lang_subtitles['col_lang']." | ".$lang_subtitles['col_title']." | ![\"time\"](\"pic/trans.gif\" "\\"\".$lang_subtitles['title_date_added'].\"\\"") |
| ".$lang_subtitles['col_hits']." | ".$lang_subtitles['col_upped_by']." | ".$lang_subtitles['col_report']." |
\n");
$mod = get_user_class() >= $submanage_class;
$pu = get_user_class() >= $delownsub_class;
while ($arr = mysql_fetch_assoc($res))
{
// the number $start_subid is just for legacy support of prevoiusly uploaded subs, if the site is completely new, it should be 0 or just remove it
$lang = "" . "![\""](\"pic/flag/". "\\"\"") " . " | \n";
$title = "" . htmlspecialchars($arr["title"]) . "" .
($mod || ($pu && $arr["uppedby"] == $CURUSER["id"]) ? " ".$lang_subtitles['text_delete']."" : "") ." | \n";
$addtime = gettime($arr["added"],false,false);
$added = "" . $addtime . " | \n";
$size = "" . mksize_loose($arr['size']) . " | \n";
$hits = "" . number_format($arr['hits']) . " | \n";
$uppedby = "" . ($arr["anonymous"] == 'yes' ? $lang_subtitles['text_anonymous'] . (get_user_class() >= $viewanonymous_class ? "
".get_username($arr['uppedby'],false,true,true,false,true) : "") : get_username($arr['uppedby'])) . " | \n";
$report = " | \n";
print("".$lang.$title.$added.$size.$hits.$uppedby.$report."
\n");
$i++;
}
print("
\n");
print($pagerbottom);
}
stdfoot();
?>