Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [fsk141@FSK-Main ~/gazelle/v1/branches/v1.5/sections/torrents]$ cat edit.php takeedit.php
- <?
- //*********************************************************************//
- //~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Edit form ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
- // This page relies on the TORRENT_FORM class. All it does is call //
- // the necessary functions. //
- //---------------------------------------------------------------------//
- // At the bottom, there are grouping functions which are off limits to //
- // most members. //
- //*********************************************************************//
- require_once(SERVER_ROOT.'/classes/class_torrent_form.php');
- if(!is_number($_GET['id']) || !$_GET['id']) { error('','Invalid form data', '', '', true); }
- $TorrentID = $_GET['id'];
- $DB->query("SELECT
- t.Year AS RemasterYear,
- t.Remastered,
- t.RemasterTitle,
- t.FreeTorrent,
- t.Dupable,
- t.DupeReason,
- t.Description AS TorrentDescription,
- tg.CategoryID,
- tg.Name AS Title,
- tg.Year,
- tg.ArtistID,
- a.Name AS ArtistName,
- t.GroupID,
- t.UserID,
- t.FreeTorrent,
- t.DiskNumber,
- t.NativeTitle,
- t.Runtime,
- t.Color,
- t.Rating,
- t.SourceMedia,
- t.SourceResolution,
- t.ScreenFormat,
- t.Language,
- t.AudioFormat,
- t.AudioChannel,
- t.Subtitle,
- t.TorrentLog
- FROM torrents AS t
- JOIN torrents_group AS tg ON tg.ID=t.GroupID
- LEFT JOIN artists AS a ON a.ID=tg.ArtistID
- WHERE t.ID='$TorrentID'");
- list($Properties) = $DB->to_array(false,MYSQLI_BOTH);
- $UploadForm = $Categories[$Properties['CategoryID']-1];
- if($LoggedUser['Err']) {
- $Err = $LoggedUser['Err'];
- unset($_SESSION['logged_user']['Err']);
- }
- show_header('Edit torrent', 'upload');
- if(!$Properties) { error('', 'Torrent does not exist!', '', '', true); }
- if($LoggedUser['ID']!=$Properties['UserID'] && !check_perms('torrents_edit')) {
- error(403);
- }
- $TorentForm = new TORRENT_FORM($Properties, $Err, false);
- $TorentForm->head();
- switch ($UploadForm) {
- case 'Movies':
- $TorentForm->movies_form('');
- break;
- case 'Television':
- $TorentForm->television_form();
- break;
- default:
- $TorentForm->movies_form('');
- }
- $TorentForm->foot();
- if(check_perms('torrents_edit') && $Properties['CategoryID'] == 1){
- ?>
- <div class="thin">
- <h2>Change Group</h2>
- <form action="torrents.php" method="post">
- <table>
- <tr>
- <td class="label">Group ID</td>
- <td>
- <input type="hidden" name="action" value="editgroupid" />
- <input type="hidden" name="torrentid" value="<?=$TorrentID?>" />
- <input type="hidden" name="oldgroupid" value="<?=$Properties['GroupID']?>" />
- <input type="text" name="groupid" value="<?=$Properties['GroupID']?>" size="10" />
- </td>
- </tr>
- <tr>
- <td colspan="2" class="center">
- <input type="submit" value="Change group ID" />
- </td>
- </tr>
- </table>
- </form>
- <h2>Split off into new group</h2>
- <form action="torrents.php" method="post">
- <table>
- <tr>
- <td class="label">Director</td>
- <td>
- <input type="hidden" name="action" value="newgroup" />
- <input type="hidden" name="torrentid" value="<?=$TorrentID?>" />
- <input type="hidden" name="oldgroupid" value="<?=$Properties['GroupID']?>" />
- <input type="hidden" name="oldartistid" value="<?=$Properties['ArtistID']?>" />
- <input type="text" name="artist" value="<?=$Properties['ArtistName']?>" size="50" />
- </td>
- </tr>
- <tr>
- <td class="label">Title</td>
- <td>
- <input type="text" name="title" value="<?=$Properties['Title']?>" size="50" />
- </td>
- </tr>
- <tr>
- <td class="label">Year</td>
- <td>
- <input type="text" name="year" value="<?=$Properties['Year']?>" size="10" />
- </td>
- </tr>
- <tr>
- <td colspan="2" class="center">
- <input type="submit" value="Split into new group" />
- </td>
- </tr>
- </table>
- </form>
- <br />
- </div>
- <?
- } // if check_perms('torrents_edit')
- show_footer();
- ?>
- <?
- //******************************************************************************//
- //--------------- Take edit ----------------------------------------------------//
- // This pages handles the backend of the 'edit torrent' function. It checks //
- // the data, and if it all validates, it edits the values in the database //
- // that correspond to the torrent in question. //
- //******************************************************************************//
- enforce_login();
- require_once(SERVER_ROOT.'/classes/class_validate.php');
- $Validate = new VALIDATE;
- //******************************************************************************//
- //--------------- Set $Properties array ----------------------------------------//
- // This is used if the form doesn't validate, and when the time comes to enter //
- // it into the database. //
- $Properties=array();
- $TypeID = (int)$_POST['type'];
- $Type = $Categories[$TypeID-1];
- $TorrentID = (int)$_POST['torrentid'];
- $Properties['Remastered'] = (isset($_POST['remaster']))? 1 : 0;
- if($Properties['Remastered']) {
- $Properties['RemasterYear'] = $_POST['remaster_year'];
- $Properties['RemasterTitle'] = $_POST['remaster_title'];
- } else {
- $Properties['RemasterYear'] = '';
- $Properties['RemasterTitle'] = '';
- }
- $Properties['TorrentDescription'] = $_POST['release_desc'];
- $Properties['NativeTitle'] = $_POST['native_title'];
- $Properties['Runtime'] = $_POST['runtime'];
- $Properties['Color'] = $_POST['color'];
- $Properties['Rating'] = $_POST['rating'];
- $Properties['DiskNumber'] = $_POST['disknumber'];
- $Properties['SourceMedia'] = $_POST['sourcemedia'];
- $Properties['SourceResolution'] = $_POST['sourceresolution'];
- $Properties['ScreenFormat'] = $_POST['screenformat'];
- $Properties['Language'] = $_POST['language'];
- $Properties['AudioFormat'] = $_POST['audioformat'];
- $Properties['AudioChannel'] = $_POST['audiochannel'];
- $Properties['Subtitle'] = $_POST['subtitle'];
- $Properties['TorrentLog'] = $_POST['torrent_log'];
- if($_POST['album_desc']) {
- $Properties['GroupDescription'] = $_POST['album_desc'];
- }
- if(check_perms('torrents_freeleech')) {
- $Properties['FreeTorrent'] = (isset($_POST['freeleech']))? "'1'" : "'0'";
- } else {
- $Properties['FreeTorrent'] = 'freetorrent';
- }
- //******************************************************************************//
- //--------------- Validate data in edit form -----------------------------------//
- $DB->query('SELECT UserID FROM torrents WHERE ID='.$TorrentID);
- list($UserID) = $DB->next_record();
- if($LoggedUser['ID']!=$UserID && !check_perms('torrents_edit')) {
- error(403);
- }
- $Validate->SetFields('type','1','number','Not a valid type.',array('maxlength'=>count($Categories), 'minlength'=>1));
- $Validate->SetFields('type','1','number','Invalid torrent ID.',array('maxlength'=>1000000000, 'minlength'=>1)); // we shouldn't have torrent IDs higher than a billion
- switch ($Type) {
- case 'Movies':
- if(isset($_POST['remaster'])) {
- $Validate->SetFields('remaster_year',
- '1','number','Year of remaster/re-issue must be entered.');
- $Validate->SetFields('remaster_title',
- '0','string','Remaster title must be between 2 and 40 characters.',array('maxlength'=>40, 'minlength'=>2));
- }
- $Validate->SetFields('color',
- '1','inarray','Please select a valid "Color".',array('inarray'=>$Color));
- $Validate->SetFields('rating',
- '1','inarray','Please select a valid "Rating".',array('inarray'=>$Rating));
- $Validate->SetFields('disknumber',
- '1','inarray','Please select a valid "Disk Number".',array('inarray'=>$DiskNumber));
- $Validate->SetFields('sourcemedia',
- '1','inarray','Please select a valid "Source Media".',array('inarray'=>$SourceMedia));
- $Validate->SetFields('sourceresolution',
- '1','inarray','Please select a valid "Source Resolution".',array('inarray'=>$SourceResolution));
- $Validate->SetFields('screenformat',
- '1','inarray','Please select a valid "Screen Format".',array('inarray'=>$ScreenFormat));
- $Validate->SetFields('language',
- '1','string','Language must be between 1 and 200 characters.',array('maxlength'=>200, 'minlength'=>1));
- $Validate->SetFields('image',
- '0','link','The image URL you entered was invalid.',array('maxlength'=>255, 'minlength'=>12));
- $Validate->SetFields('release_desc',
- '0','string','The release description has a minimum length of 10 characters.',array('maxlength'=>1000000, 'minlength'=>10));
- break;
- }
- $Err=$Validate->ValidateForm($_POST); // Validate the form
- if($Err){ // Show the upload form, with the data the user entered
- $_SESSION['logged_user']['Err'] = $Err;
- header('Location: '.$_SERVER['HTTP_REFERER']);
- die();
- }
- //******************************************************************************//
- //--------------- Make variables ready for database input ----------------------//
- // Shorten and escape $Properties for database input
- $T = array();
- while(list($Key, $Value) = each($Properties)){
- $T[$Key]="'".db_string(trim($Value))."'";
- if(!$T[$Key]){
- $T[$Key] = NULL;
- }
- }
- //******************************************************************************//
- //--------------- Start database stuff -----------------------------------------//
- // Update info for the torrent
- $DB->query("
- UPDATE torrents SET
- Year=$T[RemasterYear],
- Remastered=$T[Remastered],
- RemasterTitle=$T[RemasterTitle],
- Description=$T[TorrentDescription],
- FreeTorrent=$Properties[FreeTorrent],
- NativeTitle=$T[NativeTitle],
- Runtime=$T[Runtime],
- Color=$T[Color],
- Rating=$T[Rating],
- DiskNumber=$T[DiskNumber],
- SourceMedia=$T[SourceMedia],
- SourceResolution=$T[SourceResolution],
- ScreenFormat=$T[ScreenFormat],
- Language=$T[Language],
- AudioFormat=$T[AudioFormat],
- AudioChannel=$T[AudioChannel],
- Subtitle=$T[Subtitle],
- flags='2'
- WHERE ID=$TorrentID
- ");
- $DB->query("SELECT GroupID FROM torrents WHERE ID='$TorrentID'");
- list($GroupID) = $DB->next_record();
- write_log("Torrent $TorrentID ($Name) was edited by " . $LoggedUser['Username']); // TODO: this is probably broken
- $Cache->delete_value('detail_'.$GroupID.'_');
- // All done!
- header("Location: torrents.php?id=$GroupID");
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement