Location: PHPKode > projects > H-tracker > torrents-edit.php
<?
//
//  H-Tracker v0.2
//    http://h-tracker.org
//    Based on TorrentTrader (http://www.torrenttrader.org)
//
//
require_once("backend/functions.php");
dbconn();
loggedinonly();
parked();

$id = (int)$_GET['id']?$_GET['id']:$_POST['id'];
if (!is_valid_id($id)) show_error_msg("Error", "Invalid ID.", 1);

$row = mysql_fetch_assoc(mysql_query("SELECT `owner` FROM `torrents` WHERE id=$id"));
if($CURUSER["edit_torrents"]=="no" && $CURUSER['id'] != $row['owner'])
    show_error_msg("Error","You do not have permission to edit torrents",1);


function uploadimage($x, $imgname, $tid) {
    global $site_config;

    $maxfilesize = 512000; // 500kb

    $imagesdir = "".$site_config["torrent_dir"]."/images";

    $allowed_types = array(
        "image/gif" => "gif",
        "image/pjpeg" => "jpg",
        "image/jpeg" => "jpg",
        "image/jpg" => "jpg",
        "image/png" => "png"
        // Add more types here if you like
        );

    if (!($_FILES[image.$x]['name'] == "")) {
        if ($imgname != "") {
            $img = "$imagesdir/$imgname";
            $del = unlink($img);
        }

        $y = $x + 1;

        if (!array_key_exists($_FILES[image.$x]['type'], $allowed_types))
            show_error_msg("Error","Invalid file type! Image $y",1);
        
        if (!preg_match('/^(.+)\.(jpg|gif|png)$/si', $_FILES[image.$x]['name']))
            show_error_msg("Invalid image", "This file TYPE is not image!",1);

        if ($_FILES[image.$x]['size'] > $maxfilesize)
            show_error_msg("Error","Invalid file size! Image $y - Must be less than 500kb",1);

        $uploaddir = "$imagesdir/";
  
        $ifile = $_FILES[image.$x]['tmp_name'];
  
        $ifilename = $tid . $x . substr($_FILES[image.$x]['name'], strlen($_FILES[image.$x]['name'])-4, 4);

        $copy = copy($ifile, "".$uploaddir."".$ifilename."");

        if (!$copy)
            show_error_msg("Error","Error occured uploading image! - Image $y",1);

        return $ifilename;
    }
}//end func


//GET DATA FROM DB
$res = mysql_query("SELECT * FROM torrents WHERE id = $id");
$row = mysql_fetch_array($res);
if (!$row){
    show_error_msg("Error", "This Torrent id has gone!",1);
}

$torrent_dir = $site_config["torrent_dir"];    
$nfo_dir = $site_config["nfo_dir"];    

//DELETE TORRENT
if ($action=="deleteit"){
    $torrentid = 0 + $_POST["torrentid"];
    $delreason = sqlesc($_POST["delreason"]);
    $torrentname = $_POST["torrentname"];

    if (!is_valid_id($torrentid))
        show_error_msg("Failed", "Invalid Torrent ID",1);

    if (!$delreason){
        show_error_msg("Error", "Missing form data.",1);
    }

    deletetorrent($torrentid);

    write_log($CURUSER['username']." has deleted torrent: ID:$torrentid - $torrentname - Reason: $delreason");
    if ($CURUSER['id'] != $row['owner']) {
	$delreason = $_POST["delreason"];
	mysql_query("INSERT INTO messages (sender, receiver, added, subject, msg, unread, location) VALUES(0, ".$row['owner'].", '".get_date_time()."', 'Your torrent \'$torrentname\' has been deleted by ".$CURUSER['username']."', ".sqlesc("'$torrentname' was deleted by ".$CURUSER['username']."\n\nReason: $delreason").", 'yes', 'in')");
    }

    show_error_msg("Completed", "$torrentname has been deleted from the database",1);
    die;
}

//DO THE SAVE TO DB HERE
if ($action=="doedit"){
    $updateset = array();

    $nfoaction = $_POST['nfoaction'];
    if ($nfoaction == "update"){
      $nfofile = $_FILES['nfofile'];
      if (!$nfofile) die("No data " . var_dump($_FILES));
      if ($nfofile['size'] > 65535)
        show_error_msg("NFO is too big!", "Max 65,535 bytes.",1);
      $nfofilename = $nfofile['tmp_name'];
      if (@is_uploaded_file($nfofilename) && @filesize($nfofilename) > 0){
            @move_uploaded_file($nfofilename, "$nfo_dir/$id.nfo");
            $updateset[] = "nfo = 'yes'";
        }//success
    }

    $updateset[] = "name = " . sqlesc($name);
    $updateset[] = "descr = " . sqlesc($descr);
    $updateset[] = "category = " . (0 + $type);
    $updateset[] = "torrentlang = " . (0 + $language);
    $updateset[] = "torrentage = " . sqlesc($age);

    if ($CURUSER["edit_torrents"] == "yes") {
        if ($_POST["banned"]) {
            $updateset[] = "banned = 'yes'";
            $_POST["visible"] = 0;
        } else {
            $updateset[] = "banned = 'no'";
        }
    }

    $updateset[] = "visible = '" . ($_POST["visible"] ? "yes" : "no") . "'";
    if (!empty($_POST['tube']))
    $tube = unesc($_POST['tube']);
    $updateset[] = "tube = " . sqlesc($tube);

    if ($CURUSER["edit_torrents"] == "yes")
    if(get_user_class($CURUSER) > 4){
        $updateset[] = "freeleech = '".$_POST["freeleech"]."'";
        $updateset[] = "vip = '".$_POST["vip"]."'";
    }
    if ($_POST["sticky"] == "yes"){
        $updateset[] = "sticky = 'yes'";
          }else{
        $updateset[] = "sticky = 'no'";
    }
    if ($_POST["nuked"] == "yes"){
        $updateset[] = "nuked = 'yes'";
          }else{
        $updateset[] = "nuked = 'no'";
    }

    $updateset[] = "anon = '" . ($_POST["anon"] ? "yes" : "no") . "'";

    //update images
    $img1action = $_POST['img1action'];
    if ($img1action == "update")
        $updateset[] = "image1 = " .sqlesc(uploadimage(0, $row[image1], $id));
    if ($img1action == "delete") {
        if ($row[image1]) {
            $del = unlink("".$site_config["torrent_dir"]."/images/$row[image1]");
            $updateset[] = "image1 = ''";
        }
    }

    $img2action = $_POST['img2action'];
    if ($img2action == "update")
        $updateset[] = "image2 = " .sqlesc(uploadimage(1, $row[image2], $id));
    if ($img2action == "delete") {
        if ($row[image2]) {
            $del = unlink("".$site_config["torrent_dir"]."/images/$row[image2]");
            $updateset[] = "image2 = ''";
        }
    }


    mysql_query("UPDATE torrents SET " . join(",", $updateset) . " WHERE id = $id");

    $returl = "torrents-details.php?id=$id";
    if (isset($_POST["returnto"])){
        $returl .= "&returnto=" . urlencode($_POST["returnto"]);
    }

    write_log("Torrent $id ($name) was edited by $CURUSER[username]");

    autolink("$returl", "Torrent $name was successfully edited...");
    die();
}//END SAVE TO DB

//UPDATE CATEGORY DROPDOWN
$catdropdown = "<select name=\"type\">\n";
$cats = genrelist();
    foreach ($cats as $catdropdownubrow) {
        $catdropdown .= "<option value=\"" . $catdropdownubrow["id"] . "\"";
        if ($catdropdownubrow["id"] == $row["category"])
            $catdropdown .= " selected=\"selected\"";
        $catdropdown .= ">" . htmlspecialchars($catdropdownubrow["parent_cat"]) . ": " . htmlspecialchars($catdropdownubrow["name"]) . "</option>\n";
    }
$catdropdown .= "</select>\n";
//END CATDROPDOWN

//UPDATE TORRENTLANG DROPDOWN
$langdropdown = "<select name=\"language\"><option value=0>Unknown</option>\n";
$lang = langlist();
foreach ($lang as $lang) {
    $langdropdown .= "<option value=\"" . $lang["id"] . "\"";
    if ($lang["id"] == $row["torrentlang"])
        $langdropdown .= " selected=\"selected\"";
    $langdropdown .= ">" . htmlspecialchars($lang["name"]) . "</option>\n";
}
$langdropdown .= "</select>\n";
//END TORRENTLANG 
$agedropdown = "<select name=\"age\"><option value=0>Select</option>\n";
$age = agelist();
foreach ($age as $age) {
    $agedropdown .= "<option value=\"" . $age["id"] . "\"";
    if ($age["id"] == $row["torrentage"])
        $agedropdown .= " selected=\"selected\"";
    $agedropdown .= ">" . htmlspecialchars($age["name"]) . "+</option>\n"; 
}

$agedropdown .= "</select>\n"; 
 

$char1 = 55;
$shortname = CutName(htmlspecialchars($row["name"]), $char1);

if ($_GET["edited"]){
    show_error_msg("Edited OK","Torrent has been edited OK",1);
}

stdhead("Edit Torrent \"$shortname\"");

begin_frame("Edit Torrent \"$shortname\"", center);

print("<BR><BR><form method=post name=\"bbform\" enctype=multipart/form-data action=\"$PHP_SELF?action=doedit\">\n");
print("<input type=\"hidden\" name=\"id\" value=\"$id\">\n");

if (isset($_GET["returnto"]))
    print("<input type=\"hidden\" name=\"returnto\" value=\"" . htmlspecialchars($_GET["returnto"]) . "\" />\n");

print("<table border=0 cellspacing=4 cellpadding=2 width=95%>\n");

echo "<tr><td align=right width=60><B>Name: </b></TD><TD><input type=\"text\" name=\"name\" value=\"" . htmlspecialchars($row["name"]) . "\" size=\"55\" /></TD></TR>";

echo "<tr><td align=right><B>Images: </b></TD><TD><b>Image 1:</b>&nbsp&nbsp<input type=radio name=img1action value='keep' checked>Keep Image 1&nbsp&nbsp"."<input type=radio name=img1action value='delete'>Delete Image 1&nbsp&nbsp"."<input type=radio name=img1action value='update'>Update Image 1<br><input type=file name=image0 size=55> <br><br> <b>Image 2:</b>&nbsp&nbsp<input type=radio name=img2action value='keep' checked>Keep Image 2&nbsp&nbsp"."<input type=radio name=img2action value='delete'>Delete Image 2&nbsp&nbsp"."<input type=radio name=img2action value='update'>Update Image 2<BR><input type=file name=image1 size=55></TD></TR>";

echo "<tr><td align=right><B>".NFOFILE.": </b><br></TD><TD><input type=radio name=nfoaction value='keep' checked>".KEEPCURRENT." &nbsp; <input type=radio name=nfoaction value='update'>".UPDATE.":";
if ($row["nfo"] == "yes"){
    echo "&nbsp;&nbsp;<a href=nfo-view.php?id=".$row["id"]." target=_blank>[View Current NFO]</a>";
} else{
    echo "&nbsp;&nbsp;<font color=red>No .NFO Uploaded</font>";
}
echo "<br /><input type=file name=nfofile size=55></TD></TR>";

echo "<tr><td align=right><B>Category: </b></TD><TD>".$catdropdown."</TD></TR>";

echo "<tr><td align=right><B>Language: </b></TD><TD>".$langdropdown."</TD></TR>";
echo "<tr><td align=right><B>Trailer: </b></TD><TD><input type=text name=tube size=55 value='".$row["tube"]."'><br>(Direct link for youtube trailer)</TD></TR>";

if ($CURUSER["edit_torrents"] == "yes")
    echo "<tr><td align=right><B>Banned: </b></TD><TD><input type=\"checkbox\" name=\"banned\"" . (($row["banned"] == "yes") ? " checked=\"checked\"" : "" ) . " value=\"1\" /> Banned?<br>";
echo "<tr><td align=right><B>Visible: </b></TD><TD><input type=\"checkbox\" name=\"visible\"" . (($row["visible"] == "yes") ? " checked=\"checked\"" : "" ) . " value=\"1\" /> " . VISIBLEONMAIN . "<br>";

if ($row["external"] != "yes" && $CURUSER["edit_torrents"] == "yes"){
    echo "<tr><td align=right><B>Free Leech: </b></TD><TD><input type=\"checkbox\" name=\"freeleech\"" . (($row["freeleech"] == "1") ? " checked=\"checked\"" : "" ) . " value=\"1\" />Leeching is free? (Only Uploading Counts)<br>";
}
echo "<tr><td align=right><B>VIP:</td><td><input name=vip value=y type= radio>Yes <input name=vip value=n type=radio checked=checked>No</td>";
echo "<tr><td align=right><B>Sticky?</td><td><input type='checkbox' name='sticky'" .
(($row["sticky"] == "yes") ? " checked='checked'" : "" ) . " value='yes' />";
echo "<tr><td align=right><B>Nuked?</td><td><input type='checkbox' name='nuked'" .
(($row["nuked"] == "yes") ? " checked='checked'" : "" ) . " value='yes' />";
if ($site_config["AGEON"]){ 
echo "<tr><td align=right><B>Select Age: </b></TD><TD>".$agedropdown."Choose the minimum age of persons<br> who can view this torrent</TD></TR>";
}

if ($site_config['ANONYMOUSUPLOAD']) {
	echo "<tr><td align=right><B>Anonymous Upload: </b></TD><TD><input type=\"checkbox\" name=\"anon\"" . (($row["anon"] == "yes") ? " checked=\"checked\"" : "" ) . " value=\"1\" />(Your username will not be associated with this torrent)<br>";
}


print ("<TR><TD align=center colspan=2><B>" . TDESC . ":</B></td></tr></table>");
require_once("backend/bbcode.php");
print ("".textbbcode("bbform","descr","" . htmlspecialchars($row["descr"]) . "")."");

    
print("<BR><CENTER><input type=\"submit\" value='Submit' style='height: 25px; width: 110px'> <input type=reset value='Undo' style='height: 25px; width: 105px'></CENTER>\n");
print("</form>\n");
end_frame();

begin_frame("Delete Torrent");
        print("<CENTER><form method=post action=torrents-edit.php?action=deleteit&id=$id>\n");
        print("<input type=hidden name='torrentid' value='$id'>\n");
        print("<input type=hidden name='torrentname' value='".htmlspecialchars($row["name"])."'>\n");
        echo "<B>Reason:</B><input type=text size=30 name=delreason>";
        echo "&nbsp;<input type=submit value='Delete Torrent'></form></CENTER>";
end_frame();

stdfoot();

?>
Return current item: H-tracker