<?
//
// H-Tracker v0.2
// http://h-tracker.org
// Based on TorrentTrader (http://www.torrenttrader.org)
//
//
require_once("backend/functions.php");
dbconn();
//ini_set("upload_max_filesize",$max_torrent_size);
// check access and rights
if ($site_config["MEMBERSONLY"]){
loggedinonly();
if($CURUSER["can_upload"]=="no")
show_error_msg("Error","<font size=2>You do not have permission to upload.<br> Please click </font><a href=uploadapp.php><font color=red size=2><b>here</b></font></a> <font size=2>to fill out an uploader application.</font>",1);
if ($site_config["UPLOADERSONLY"] && $CURUSER["class"] < 4)
show_error_msg("Error", "Only uploaders can upload.<br>Request to be <a href=uploadapp.php><font color=red>Uploader</font></a>",1);
}
$announce_urls = explode(",", strtolower($site_config["announce_list"])); //generate announce_urls[] from config.php
if($takeupload == "yes") {
require_once("backend/parse.php");
//check form data
foreach(explode(":","type:name") as $v) {
if (!isset($_POST[$v]))
$message = "Missing form data";
}
if (!isset($_FILES["torrent"]))
$message = "Missing form data";
$f = $_FILES["torrent"];
$fname = unesc($f["name"]);
if (empty($fname))
$message = "Empty filename!";
if ($_FILES['nfo']['size'] != 0) {
$nfofile = $_FILES['nfo'];
if ($nfofile['name'] == '')
$message = "No NFO!";
if (!preg_match('/^(.+)\.nfo$/si', $nfofile['name'], $fmatches))
$message = "Invalid filename (not a .NFO).";
if ($nfofile['size'] == 0)
$message = "0-byte NFO";
if ($nfofile['size'] > 65535)
$message = "NFO is too big! Max 65,535 bytes.";
$nfofilename = $nfofile['tmp_name'];
if (@!is_uploaded_file($nfofilename))
$message = "NFO upload failed";
$nfo = 'yes';
}
$vip = ($_POST["vip"]);
$descr = sqlesc($_POST['descr']);
if (!$descr)
$descr = "No description given.";
$langid = (0 + $_POST["lang"]);
$ageid = (0 + $_POST["age"]);
if ($site_config["AGEON"]){
if (empty($ageid))
$message = "Please be sure to select a age for torrent";
}
$catid = (0 + $_POST["type"]);
if (!is_valid_id($catid))
$message = "Please be sure to select a torrent category";
if (!empty($_POST['tube']))
$tube = unesc($_POST['tube']);
if (!validfilename($fname))
$message = "Invalid filename!";
if (!preg_match('/^(.+)\.torrent$/si', $fname, $matches))
$message = "Invalid filename (not a .torrent).";
$shortfname = $torrent = $matches[1];
if (!empty($_POST["name"]))
$torrent = unesc($_POST["name"]);
$tmpname = $f["tmp_name"];
if (!is_uploaded_file($tmpname))
$message = "The file was uploaded, but wasn't found on the temp directoy.";
//end check form data
if (!$message) {
//parse torrent file
$torrent_dir = $site_config["torrent_dir"];
$nfo_dir = $site_config["nfo_dir"];
//if(!copy($f, "$torrent_dir/$fname"))
if(!move_uploaded_file($tmpname, "$torrent_dir/$fname"))
show_error_msg("Error:","Error: File Could not be copied $tmpname - $torrent_dir - $fname",1);
$TorrentInfo = array();
$TorrentInfo = ParseTorrent("$torrent_dir/$fname");
$announce = strtolower($TorrentInfo[0]);
$infohash = $TorrentInfo[1];
$creationdate = $TorrentInfo[2];
$internalname = $TorrentInfo[3];
$torrentsize = $TorrentInfo[4];
$filecount = $TorrentInfo[5];
$annlist = $TorrentInfo[6];
$comment = $TorrentInfo[7];
/*
//for debug...
print ("<BR><BR>announce: ".$announce."");
print ("<BR><BR>infohash: ".$infohash."");
print ("<BR><BR>creationdate: ".$creationdate."");
print ("<BR><BR>internalname: ".$internalname."");
print ("<BR><BR>torrentsize: ".$torrentsize."");
print ("<BR><BR>filecount: ".$filecount."");
print ("<BR><BR>annlist: ".$annlist."");
print ("<BR><BR>comment: ".$comment."");
*/
//check announce url is local or external
if (!in_array($announce, $announce_urls, 1)){
$external='yes';
}else{
$external='no';
}
//if externals is turned off
if (!$site_config["ALLOWEXTERNAL"] && $external == 'yes')
$message = "The .torrent you are trying to upload does not have this trackers announce url!";
}
if ($message) {
@unlink("$torrent_dir/$fname");
@unlink($tmpname);
@unlink("$nfo_dir/$nfofilename");
show_error_msg("Upload Failed", $message,1);
}
//release name check and adjust
if ($name ==""){
$name = $internalname;
}
$name = str_replace(".torrent","",$name);
$name = str_replace("_", " ", $name);
//upload images
$maxfilesize = 512000; // 500kb
$allowed_types = array(
"image/gif" => "gif",
"image/pjpeg" => "jpg",
"image/jpeg" => "jpg",
"image/jpg" => "jpg",
"image/png" => "png"
);
for ($x=0; $x < 2; $x++) {
if (!($_FILES[image.$x]['name'] == "")) {
$y = $x + 1;
if (!array_key_exists($_FILES[image.$x]['type'], $allowed_types))
show_error_msg("Error","Invalid file type! Image $y",1);
if (!preg_match('/^(.+)\.(jpg|gif|png)$/si', $_FILES[image.$x]['name']))
show_error_msg("Invalid image", "This file TYPE is not image!",1);
if ($_FILES[image.$x]['size'] > $maxfilesize)
show_error_msg("Error","Invalid file size! Image $y - Must be less than 500kb",1);
$uploaddir = "".$site_config["torrent_dir"]."/images/";
$ifile = $_FILES[image.$x]['tmp_name'];
$ret = mysql_query("SHOW TABLE STATUS LIKE 'torrents'");
$row = mysql_fetch_array($ret);
$next_id = $row['Auto_increment'];
$ifilename = $next_id . $x . substr($_FILES[image.$x]['name'], strlen($_FILES[image.$x]['name'])-4, 4);
$copy = copy($ifile, $uploaddir.$ifilename);
if (!$copy)
show_error_msg("Error","Error occured uploading image! - Image $y",1);
$inames[] = $ifilename;
}
}
//end upload images
//anonymous upload
$anonyupload = unesc($_POST["anonycheck"]);
if ($anonyupload == "yes") {
$anon = "yes";
}else{
$anon = "no";
}
$ret = mysql_query("INSERT INTO torrents (filename, owner, name, descr, vip, image1, image2, category, tube, added, info_hash, size, numfiles, save_as, announce, external, nfo, torrentlang, torrentage, anon) VALUES (" .
implode(",", array_map("sqlesc", array($fname, $CURUSER['id'], $name, $descr, $vip, $inames[0], $inames[1], $type, $tube, get_date_time(), $infohash, $torrentsize, $filecount, $fname, $announce, $external, $nfo, $langid, $ageid, $anon))).")");
$id = mysql_insert_id();
if (mysql_errno() == 1062)
show_error_msg("Upload Failed", "Torrent already uploaded.", 1);
//Update the members uploaded torrent count
/*if ($ret){
mysql_query("UPDATE users SET torrents = torrents + 1 WHERE id = $userid");*/
if($id == 0){
unlink("$torrent_dir/$fname");
$message = "No ID. Server error, please report.";
show_error_msg("Upload Failed", $message,1);
}
rename("$torrent_dir/$fname", "$torrent_dir/$id.torrent");
if ($nfo == 'yes') {
move_uploaded_file($nfofilename, "$nfo_dir/$id.nfo");
}
//EXTERNAL SCRAPE
if ($external=='yes'){
$tracker=str_replace("/announce","/scrape",$announce);
$stats = torrent_scrape_url($tracker, $infohash);
$seeders = strip_tags($stats['seeds']);
$leechers = strip_tags($stats['peers']);
$downloaded = strip_tags($stats['downloaded']);
mysql_query("UPDATE torrents SET leechers='".$leechers."', seeders='".$seeders."',times_completed='".$downloaded."',last_action= '".get_date_time()."',visible='yes' WHERE id='".$id."'");
}
//END SCRAPE
write_log("Torrent $id ($name) was Uploaded by $CURUSER[username]");
//insert email notif, irc, req notif, etc here
if (isset($_POST['request'])) {
if ($_POST['request'] > 0) {
/* PM for requested user */
$res = mysql_query("SELECT `userid` FROM `requests` WHERE `id` = ". ($_POST['request'] + 0)) or die(mysql_error());
$re_msg = "Your request \"$torrent\" was filled by " . $CURUSER["username"] . ".You can download it
[url=".$site_config["SITEURL"]."/torrents-details.php?id=".$id."]HERE[/url]";
while($row = mysql_fetch_assoc($res)) {
mysql_query("INSERT INTO messages (poster, sender, receiver, added, msg) VALUES(0, 0, $row[userid], '" .
get_date_time(time()+(3600)) . "', " . sqlesc($re_msg) . ")") or die(mysql_error());
}
/* Fill request */
$filledurl = "$id";
// @mysql_query("UPDATE requests SET WHERE `id` = ". ($_POST['request'] + 0));
mysql_query ("UPDATE requests SET filled = '$filledurl', filledby = $CURUSER[id] WHERE id = ". $_POST[request] ."") or die(mysql_error());
mysql_query ("UPDATE torrents SET req = 'y' WHERE id = $filledurl") or die(mysql_error());
mysql_query("DELETE FROM `addedrequests` WHERE `requestid` = ". ($_POST['request'] + 0));
write_log("The request ($torrent) was filled by " . $CURUSER["username"] . "");
//Update points
}
}
//Uploaded ok message (update later)
if ($external=='no')
$message = "Torrent Uploaded OK:<BR><BR>".$name." was uploaded.<BR><BR> Please remember to re-download so that your passkey is added and you can seed this torrent<BR><BR><a href=download.php?id=".$id.">Download Now</a><BR><a href=torrents-details.php?id=".$id.">View Uploaded Torrent</a><BR><BR>";
else
$message = "Torrent Uploadeded OK:<BR><BR>".$name." was uploaded.<BR><BR><a href=torrents-details.php?id=".$id.">View Uploaded Torrent</a><BR><BR>";
show_error_msg("Upload Complete", $message,1);
die();
}//takeupload
///////////////////// FORMAT PAGE ////////////////////////
stdhead("Upload");
begin_frame("" . UPLOAD_RULES . "");
echo "<b>".stripslashes($site_config["UPLOADRULES"])."</b>";
echo "<BR>";
end_frame();
begin_frame("" . UPLOAD . "");
?>
<form name="upload" enctype="multipart/form-data" action="torrents-upload.php" method="post">
<input type="hidden" name="takeupload" value="yes" />
<table class=ttable_col1 border="0" cellspacing="0" cellpadding="6" align="center">
<?
print ("<TR><TD align=right valign=top>" . ANNOUNCE . ": </td><td align=left>");
while (list($key,$value) = each($announce_urls)) {
echo "<B>$value</B><br>";
}
if ($site_config["ALLOWEXTERNAL"]){
echo "<BR><B>This site accepts ALL external torrents also!</B>";
}
print ("</td></tr>");
print ("<TR><TD align=right>" . TORRENT_FILE . ": </td><td align=left> <input type=file name=torrent size=50 value=" . $_FILES['torrent']['name'] . ">\n</td></tr>");
print ("<TR><TD align=right>" . NFO . ": </td><td align=left> <input type=file name=nfo size=50 value=" . $_FILES['nfo']['name'] . "><br />\n</td></tr>");
print ("<TR><TD align=right>" . TNAME . ": </td><td align=left><input type=text name=name size=60 value=" . $_POST['name'] . "><BR>This will be taken from .torrent if left empty\n</td></tr>");
//VIP
$vip = ($_POST["vip"]);
if (get_user_class($CURUSER) >= 4) {
echo("<tr><td align=right>VIP Torrent: </td><td align=left><input name=vip value=y type= radio>Yes <input name=vip value=n type=radio checked=checked>No<BR><font color=red>This torrent will be available just for VIP Members?</font></td></tr>");
}
if (!empty($_POST['age']))
show_error_msg("Error","You must choise Age",1);
print ("<TR><TD align=right>Images</b>: </td><td align=left>Max File Size: 500kb<br>Accepted Formats: .gif, .jpg, .png<br><b>Image 1:</b>  <input type=file name=image0 size=50><br><b>Image 2:</b>  <input type=file name=image1 size=50>\n</td></tr>");
$category = "<select name=\"type\">\n<option value=\"0\">" . CHOOSE_ONE . "</option>\n";
$cats = genrelist();
foreach ($cats as $row)
$category .= "<option value=\"" . $row["id"] . "\">" . htmlspecialchars($row["parent_cat"]) . ": " . htmlspecialchars($row["name"]) . "</option>\n";
$category .= "</select>\n";
print ("<TR><TD align=right>" . TTYPE . ": </td><td align=left>".$category."</td></tr>");
$language = "<select name=\"lang\">\n<option value=\"0\">Unknown/NA</option>\n";
$langs = langlist();
foreach ($langs as $row)
$language .= "<option value=\"" . $row["id"] . "\">" . htmlspecialchars($row["name"]) . "</option>\n";
$language .= "</select>\n";
$agedropdown = "<select name=\"age\"><option value=0>--Select--</option>\n";
$age = agelist();
foreach ($age as $age) {
$agedropdown .= "<option value=\"" . $age["id"] . "\"";
if ($age["id"] == $row["torrentage"])
$agedropdown .= " selected=\"selected\"";
$agedropdown .= ">" . htmlspecialchars($age["name"]) . "+</option>\n";
}
$agedropdown .= "</select>\n";
print ("<TR><TD align=right>Language: </td><td align=left>".$language."</td></tr>");
if ($site_config["AGEON"]){
print ("<TR><TD align=right>Age: </td><td align=left>".$agedropdown."</td></tr>");
}
print ("<TR><TD align=right>YouTube Video Link: </td><td align=left><input type=\"text\" name=\"tube\" size=\"60\" /><br />For Samples Should be in the format of<br><font color=red><b>http://www.youtube.com/watch?v=Jc9KR3tOP</b></font></td></tr>");
if ($site_config['ANONYMOUSUPLOAD'] && $site_config["MEMBERSONLY"] ){ ?>
<TR><TD align=right>Upload Anonymous: </td><td><? printf("<input name=anonycheck value=yes type=radio" . ($anonycheck ? " checked" : "") . ">Yes <input name=anonycheck value=no type=radio" . (!$anonycheck ? " checked" : "") . ">No"); ?> <I>(Your userid will not be associated to this upload)</font>
</td></tr>
<?
}
//Request filled?
if ($site_config["REQUESTSON"]){
$sql_request = "SELECT `id`, `request` FROM requests WHERE filledby=0 ORDER BY `request` ASC";
$res = mysql_query($sql_request) or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) > 0) {
$request = "<select name=\"request\">\n<option value=\"0\">(Chose the request to be filled)</option>\n";
while($row = mysql_fetch_array($res)) {
$request .= "<option value=\"" . $row["id"] . "\">" . htmlspecialchars($row["request"]) . "</option>\n";
}
$request .= "</select>\n";
print("<tr><td align=right>If your upload is to fill a request, select it here</td><td align=left>$request</td></tr><br>");
}
}
//end requests
print ("</table><br><table class=ttable_col1 align=center width=100%><TR><TD align=center colspan=2>" . TDESC . "</td></tr></table>");
require_once("backend/bbcode.php");
print ("".textbbcode("upload","descr","$descr")."");
?>
<BR><BR><CENTER><input type="submit" value="<? print("" . UPLOADT . "\n"); ?>"><BR>
<I>Click Once! - Uploading an image may take longer</I>
</CENTER>
</form>
<?
end_frame();
stdfoot();
?>