Location: PHPKode > projects > Open ShareLive > F3-OSL-pre_alpha-2005_05_30/addrel_e.php
<?php
/******************************************************************************
*
*    Open ShareLive (main site code)
*    Copyright (C) 2002-2005  ShareLive
*
*    This program is free software; you can redistribute it and/or
*    modify it under the terms of the GNU General Public License
*    as published by the Free Software Foundation; either version 2
*    of the License, or (at your option) any later version.
*
*    This program is distributed in the hope that it will be useful,
*    but WITHOUT ANY WARRANTY; without even the implied warranty of
*    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*    GNU General Public License for more details.
*
*    You should have received a copy of the GNU General Public License
*    along with this program; if not, write to the Free Software
*    Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
*
******************************************************************************/

	// Add Existing Release PHP
	// 07/02/03 18:08 - Added when user releases they are automaticly subscribed to the duscussion of that release, they can always unsubscribe if they wish (DaySleeper)
	// 15/02/03 - Emails people who made requests with email notification (DaySleeper)

	require_once("./Connections/Default.php");
	require_once("backend/usermgr_functions.php");
	require_once("backend/date_functions.php");
	require_once("validators.php");
	require_once('backend/tags_functions.php');
  require_once('errmsg.php');

	$rel = $_POST['rel'];

	$q = mysql_query("SELECT req_state FROM ".$dbprefix."shares WHERE (rel_id=$rel) AND (req_state=2)", $Default);
	if ($q && mysql_num_rows($q)) {
		echo "This item has already been released. If you clicked the 'Release' button and filled in the form, someone may have just released it before you within the last minute or two. <a href=\"view.php?pid=$rel\">Click here</a> to go back to the release page and check. If you believe there is an error, contact an admin member.";
		exit;
	}

	// check login state
	if (!QuickCheck()) {
		ShowError("You must be logged in to add a release.", "Please Log In");
	}

	//if ($_POST['network'] == 5 && !$is_admin) 
	//	ShowError("Only moderators may submit BitTorrent releases at this time.", "Permission Denied");

	if (empty($_POST['desc'])) {
		ShowError("You must provide a description.<br><br>The description can be up to 1000 words and should describe the item you are releasing. The first part of the description is shown in the search results, so try and include as much information as you can in the first few lines.<br><br>You may wish to copy the description from the item's offical website.", "No Description Given");
	}

	if (empty($_POST['comments'])) $_POST['comments'] = "No comments were given for this item.";

	if (empty($_POST['agree'])) {
		ShowError("You MUST agree you are not posting copyrighted content, otherwise we cannot accept your post.", "Oops...");
	}

	$_POST[desc] = str_replace("\r\n", "<br>", $_POST[desc]);
	$_POST[comments] = str_replace("\r\n", "<br>", $_POST[comments]);

	$_POST['desc'] = strip_tags($_POST['desc'], "<a><b><i><br><img>");
	$_POST['comments'] = strip_tags($_POST['comments'], "<a><b><i><br>");

	if (strlen($_POST['desc']) > 1000) $_POST['desc'] = substr($_POST['desc'], 0, 1000) . "...";
	if (strlen($_POST['comments']) > 1000) $_POST['comments'] = substr($_POST['comments'], 0, 1000) . "...";

	$notmine = $_POST['notmine'] == '1' ? 1 : 0;



	/*if (sizeof($links) > 0) {
		for ($i = 0; $i < sizeof($links); $i++) {
			if (strlen($links[$i])) {
				if (!ValidateED2kFileLink($links[$i])) {
					echo "Error: you have an invalid eDonkey link on line " . ($i+1) . "<br>";
					echo "<b><font color=red>$links[$i]</font></b>";
					exit; // get out - make'm fix it!
				}
			}
		}
	}*/

	//echo "Network: " . $_POST['network'];

	if ($_POST['network'] != 5 ) {
	
		$link = stripslashes($_POST['links']);
		if (empty($link)) {
			ShowError("You have not given any links.", "No Links");
		} else {
			$links = explode("\n", $link);
		}
		
		if (sizeof($links) > 0) {
			for ($i = 0; $i < sizeof($links); $i++) {
				if (strlen($links[$i])) {
					if ($_POST['network']==1 || $_POST['network']==2) {
						if (!ValidateED2kFileLink($links[$i])) {
							echo "Error: you have an invalid eDonkey link on line " . ($i+1) . "<br>";
							echo "<b><font color=red>$links[$i]</font></b>";
							exit; // get out - make'm fix it!
						}
					} elseif ($_POST['network']==3) {
						if (stristr($links[$i], '">')) 	$links[$i] = substr($links[$i], 0, strpos($links[$i], '">'));
						if (stristr($links[$i], 'HREF')) $links[$i] = substr($links[$i], strpos($links[$i], '"') + 1);
						if (!ValidateG2Link($links[$i])) {
							echo "Error: you have an invalid magnet/ed2k link on line " . ($i+1) . "<br>";
							echo "<b><font color=red>$links[$i]</font></b>";
							exit; // get out - make'm fix it!
						}
					} elseif ($_POST['network']==4) {
						if (stristr($links[$i], '\">')) $links[$i] = substr($links[$i], 0, strpos($links[$i], '\">'));
						if (stristr($links[$i], '">')) $links[$i] = substr($links[$i], 0, strpos($links[$i], '">'));
						if (stristr($links[$i], 'HREF')) $links[$i] = substr($links[$i], strpos($links[$i], '"') + 1);
						if (!ValidateMP2PLink($links[$i])) {
							echo "Error: you have an invalid mp2p link on line " . ($i+1) . "<br>";
							echo "<b><font color=red>$links[$i]</font></b>";
							exit;	//bllah..
						}
					} else {
						if (!ValidateSig2DatLink($links[$i])) {
							echo "Error: you have an invalid sig2dat link on line " . ($i+1) . "<br>";
							echo "<b><font color=red>$links[$i]</font></b>";
							exit; // do do d-do ..
						}
					}
				}
			}
		}
	}

	require('torrentextras.php');

	// upload the file first if this is network 5
	if ($_POST['network'] == 5) {
		if ($_FILES['torrent']['size'] && stristr($_FILES['torrent']['name'], '.torrent'))  {
			$t = explode(' ', microtime());
			$tname = $t[0] . '-' . $t[1] . '-torrent';
			move_uploaded_file($_FILES['torrent']['tmp_name'], dirname(__FILE__) .  '/torrent7la4ndx34/' . $tname);
			// uploaded ok! do validation here...
		} else {
			ShowError("ShareLive could not read the contents of your .torrent. If the upload was interrupted or you did not specify a valid filename, press Back and try again.<br><br>Please be patient while the file uploads.", "Torrent File Error");
		}
		
		$l = FixTorrent("torrent7la4ndx34/$tname", $notmine);
	}
	
	CheckTags();
	
	// insert the item into the db...
	include_once('ipaddress.php');
	$users_ip = GetUsersIP();
	
	$res = mysql_query("UPDATE ".$dbprefix."shares SET req_state=2, reqrel_date='" . GetMySQLDate() . "', description='". $_POST['desc'] . "', comments='". $_POST['comments'] . "', rel_userid=$userid, notmine=$notmine, users_ip='".$users_ip."' WHERE rel_id=$rel", $Default);
	$res = mysql_query("UPDATE ".$dbprefix."users SET relcount=relcount+1 WHERE user_id = $userid");

	//echo "UPDATE shares SET req_type=2, reqrel_date='" . GetMySQLDate() . "', description='". $_POST['desc'] . "', comments='". $_POST['comments'] . "' WHERE rel_id=$rel";



	if (sizeof($links) > 0) {
		for ($i = 0; $i < sizeof($links); $i++) {
			$links[$i] = addslashes($links[$i]);
			if (strlen($links[$i])) {
				if (stristr($links[$i], 'ed2k:')) {
					list($none, $type, $filename, $size, $hash,$source) = explode("|", $links[$i]);
					$ed2klink = "ed2k://|$type|$filename|$size|$hash|$source";
					if ($type == "file")
						$res = mysql_query("INSERT INTO ".$dbprefix."links (rel_id, link) VALUES ($rel, '$ed2klink')", $Default);
				} else {
					$res = mysql_query("INSERT INTO ".$dbprefix."links (rel_id, link) VALUES ($rel, '$links[$i]')", $Default);
				}
			}
		}
	}
	
	if ($_POST['network'] == 5) {
		
		//echo $l;
		mysql_query("INSERT INTO " . $dbprefix . "links (rel_id, link) VALUES ($rel, '" . $tname . '|' . $_FILES['torrent']['name'] . "$l')");
		echo mysql_error();
	}

	SaveTags($rel, false);

	//require('backend/mailer.php');
	$q = mysql_query("SELECT username, email_address, str_short, ".$dbprefix."shares.email_notify FROM ".$dbprefix."users INNER JOIN ".$dbprefix."shares ON user_id = req_userid WHERE ".$dbprefix."shares.rel_id = $rel");
	$qres = mysql_fetch_array($q);

	if ($qres['email_notify'] && $qres['email_address']) {

		//$smail = new SMTP('127.0.0.1'); //Initiate class into object.

    /*  $smail->SetFrom('hide@address.com');
		$smail->SetFromTitle('ShareLive');
        $smail->SetToTitle($qres['username']);
        $smail->SetTo($qres['email_address']);
        $smail->SetSubject('NOTIFY: Someone released ' . $qres['releasename']);
        $smail->SetText("Someone has released " . $qres['releasename'] . ". You asked us to notify you, so here's the link.\r\nhttp://www.sharelive.com/view.php?pid=$rel\r\n");
        $smail->sendmail('text');
		$smail->end();
		*/   // fix later

		$message = "Someone has released " . $qres['str_short'] . ". You asked us to notify you, so here's the link.\r\nhttp://www.sharelive.com/view.php?pid=$rel\r\n";

		mail($qres['email_address'], 'ShareLive: Someone released ' . $qres['str_short'], $message,
     	"From: hide@address.com\r\n"
    	."Reply-To: hide@address.com\r\n"
    	."X-Mailer: PHP/" . phpversion());


	}

	// Start - 15/02/03 (DaySleeper)
	$sql="SELECT username, email_address, str_full, str_short FROM ".$dbprefix."requests INNER JOIN ".$dbprefix."users ON (".$dbprefix."requests.user_id = ".$dbprefix."users.user_id) INNER JOIN ".$dbprefix."shares ON (".$dbprefix."requests.request_id = ".$dbprefix."shares.rel_id) WHERE ".$dbprefix."requests.request_id = $rel AND ".$dbprefix."requests.email_notify = 1 AND ".$dbprefix."requests.user_id <> $userid";
	$qres = mysql_query($sql);
	if ($qres && mysql_num_rows($qres)) {
		while($row = mysql_fetch_array($qres)) {
			$message = "Someone has released " . $row['str_full'] . ". You asked us to notify you, so here's the link.\r\nhttp://www.sharelive.com/view.php?pid=$rel\r\n";
			mail($row['email_address'], 'ShareLive: Someone released ' . $row['str_short'], $message,
			"From: hide@address.com\r\n"
			."Reply-To: hide@address.com\r\n"
			."X-Mailer: PHP/" . phpversion());
		}
	}
	// End - 15/02/03 (DaySleeper)

	// Start - 07/02/03 (DaySleeper)
	mysql_query("INSERT INTO ".$dbprefix."comments_notify SET rel_id='$rel', user_id='$_SESSION[userid]'");
	// End - 07/02/03 (DaySleeper)
	
	// add log item to the discussion
	mysql_query("INSERT INTO ".$dbprefix."comments SET user_id = 5, subject = 'LOGGER: Item Was Released', message = 'Item was Released by user ".$username."', rel_id = $rel, datetime = ".GetMySQLDate(), $Default);

	if (!$notmine && stristr($l, 'REPLACEHASH')) {
		header("Location: hash1.php?pid=$rel");
	} else {
		header("Location: view.php?pid=$rel");
	}
?>
Return current item: Open ShareLive