Bravo List
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Bravo List (http://www.bvlist.com/index.php)
-   Template Shares (http://www.bvlist.com/forumdisplay.php?f=26)
-   -   Poster not showing in torrent details TS 1.3.9 (http://www.bvlist.com/showthread.php?t=12197)

Floky123 22nd December 2019 12:48
Quote:
Originally Posted by Napon (Post 54357)
Code:
ALTER TABLE `torrents` ADD `poster` varchar(255) NOT NULL default '';
yeah, thank you..but then i got another error in when i press Upload torrent:

mysql puked: Column count doesn't match value count at row 1

elvira 22nd December 2019 14:02
preveri takeupload.php moraš imeti poster in ret-u



Quote:
$ret = sql_query("INSERT INTO torrents (search_text, filename, owner, visible, imdb, imdbrating, subs, release_group, request, anonymous, poster, tube, info_hash, name, size, numfiles, type, descr, description, ori_descr, category, save_as, added, last_action, nfo) VALUES (" .
implode(",", array_map("sqlesc", array(searchfield("$shortfname $dname $torrent"), $fname, $CURUSER["id"], "no", $subs, $imdb, $imdbrating, $release_group, $request, $anonymous, $poster, $tube, $infohash, $torrent, $totallen, count($filelist), $type, $descr, $smalldescr, $descr, 0 + $_POST["type"], $dname))) .
", '" . get_date_time() . "', '" . get_date_time() . "', $nfo)");

Floky123 22nd December 2019 14:11
Quote:
Originally Posted by elvira (Post 54359)
preveri takeupload.php moraš imeti poster in ret-u
To je moj takeupload.php in mislim da je.

PHP Code:
<?php
require_once("include/benc.php");
require_once("include/bittorrent.php");
ini_set("upload_max_filesize",$max_torrent_size);


session_start();
$_SESSION["upload"] = $_POST;



function bark($msg) {
    genbark($msg"Nalaganje torrenta neuspešno!");
}
dbconn(); 
loggedinorreturn();
iplogger ();


if ($CURUSER["uploadpos"] == 'no')
    die;

foreach(explode(":","descr:type:name") as $v)
{
    if (!isset($_POST[$v]))
        bark("Pozabili ste izpolniti eno izmed polj!");
}

if (!isset($_FILES["file"]))
    bark("Pozabili ste izbrati .torrent datoteko ali .nfo datoteko!");

$f $_FILES["file"];
$fname unesc($f["name"]);
if (empty($fname))
    bark("Prazna datoteka!");
if ($_POST['uplver'] == 'yes') {
    $anonymous "yes";
    $anon "Anonymous";
}
else {
    $anonymous "no";
    $anon $CURUSER["username"];
}

$torrentposter null;
$poster $_FILES['torrentposterfile'];
if (!empty($poster['name']))
{
    $dir ROOT DS 'torrents_poster';
    if (!is_dir($dir))
    {
        mkdir($dir0777);
        file_put_contents($dir DS 'index.php'':))');
    }
    if ($poster['size'] > (1024 1024))
    {
        bark('Prevelika slika. Največja velikost je 1MB');
    }
    $fileName explode('.'$poster['name']);
    $koncnica end($fileName);
    $fileName md5(uniqid() . rand(0100) . microtime()) . '.' $koncnica;
    $filePath ROOT DS 'torrents_poster' DS $fileName;
    if (@is_uploaded_file($poster['tmp_name']) && move_uploaded_file($poster['tmp_name'], $filePath))
    {
        $torrentposter $BASEURL '/torrents_poster/' $fileName;
    }
}
else if (!empty($_POST['torrentposter'])) 
{
    $torrentposter unesc($_POST['torrentposter']);
}

if (!empty($_POST['short_descr']))
    $short_descr $_POST['short_descr'];

if (!empty($_POST['info_link']))
$info_link $_POST['info_link'];
    
$nfofile $_FILES['nfo'];
if ($nfofile['name'] != '') {


if (get_user_class() >= UC_MODERATOR || $CURUSER["canfree"] == "da")
{
    if ($_POST["free"] == "yes")
    {
        $freeleech "yes";
    }
    else
    {
        $freeleech "no";
    }
}
else
{
    $freeleech "no";
}

$zanri $_POST["zanr"];
$zanri implode("|"$zanri);


if ($nfofile['size'] == 0)
    bark("0-byte NFO");

if ($nfofile['size'] > 65535)
    bark("NFO datoteka je prevelika! Max 65,535 bajtov.");

$nfofilename $nfofile['tmp_name'];

if (@!is_uploaded_file($nfofilename))
    bark("Nalaganje NFO datoteke neuspešno!");
}

$descr unesc($_POST["descr"]);
if (!$descr)
  bark("Vpisati morate opis vsebine torrenta!");

$catid = ($_POST["type"]);
if (!is_valid_id($catid))
    bark("Če želite naložiti torrent morate izbrati kategorijo!");
    
if (!validfilename($fname))
    bark("Nepravilna vrsta datoteke!");
if (!preg_match('/^(.+)\.torrent$/si'$fname$matches))
    bark("Nepravilna končnica datoteke (ime datoteke ni .torrent).");
$shortfname $torrent $matches[1];
if (!empty($_POST["name"]))
    $torrent unesc($_POST["name"]);

$tmpname $f["tmp_name"];
if (!is_uploaded_file($tmpname))
    bark("eek");
if (!filesize($tmpname))
    bark("Prazna datoteka!");

$dict bdec_file($tmpname$max_torrent_size);
if (!isset($dict))
    bark("Nepravilna datoteka za nalaganje!");

function dict_check($d$s) {
    if ($d["type"] != "dictionary")
        bark("Direktorij ni zapisljiv!");
    $a explode(":"$s);
    $dd $d["value"];
    $ret = array();
    foreach ($a as $k) {
        unset($t);
        if (preg_match('/^(.*)\((.*)\)$/'$k$m)) {
            $k $m[1];
            $t $m[2];
        }
        if (!isset($dd[$k]))
            bark("dictionary is missing key(s)");
        if (isset($t)) {
            if ($dd[$k]["type"] != $t)
                bark("invalid entry in dictionary");
            $ret[] = $dd[$k]["value"];
        }
        else
            $ret[] = $dd[$k];
    }
    return $ret;
}

function dict_get($d$k$t) {
    if ($d["type"] != "dictionary")
        bark("not a dictionary");
    $dd $d["value"];
    if (!isset($dd[$k]))
        return;
    $v $dd[$k];
    if ($v["type"] != $t)
        bark("invalid dictionary entry type");
    return $v["value"];
}

list($ann$info) = dict_check($dict"announce(string):info");
list($dname$plen$pieces) = dict_check($info"name(string):piece length(integer):pieces(string)");

if(get_user_class() <UC_OWNER && $CURUSER["speed"] != "da")
{
    if (!in_array($ann$announce_urls1))
    {
        $aok=false;
        foreach($announce_urls as $au)
        {
            if($ann=="$au?passkey=$CURUSER[passkey]")  $aok=true;
        }
        if(!$aok)
            bark("Invalid announce url! Must be: " $announce_urls[0] . "?passkey=$CURUSER[passkey]");
    }
}



if (strlen($pieces) % 20 != 0)
    bark("invalid pieces");

$filelist = array();
$totallen dict_get($info"length""integer");
if (isset($totallen)) {
    $filelist[] = array($dname$totallen);
    $type "single";
}
else {
    $flist dict_get($info"files""list");
    if (!isset($flist))
        bark("missing both length and files");
    if (!count($flist))
        bark("no files");
    $totallen 0;
    foreach ($flist as $fn) {
        list($ll$ff) = dict_check($fn"length(integer):path(list)");
        $totallen += $ll;
        $ffa = array();
        foreach ($ff as $ffe) {
            if ($ffe["type"] != "string")
                bark("filename error");
            $ffa[] = $ffe["value"];
        }
        if (!count($ffa))
            bark("filename error");
        $ffe implode("/"$ffa);
        $filelist[] = array($ffe$ll);
    }
    $type "multi";
}

$infohash pack("H*"sha1($info["string"]));

// Replace punctuation characters with spaces

$torrent str_replace("_"" "$torrent);

$nfo sqlesc(str_replace("\x0d\x0d\x0a""\x0d\x0a", @file_get_contents($nfofilename)));

$ret sql_query("INSERT INTO torrents (search_text, filename, poster, info_link, owner, visible, anonymous, zanri, free, info_hash, name, size, numfiles, type, descr, ori_descr, category, save_as, added, last_action, nfo) VALUES (" .
        implode(","array_map("sqlesc", array(searchfield("$shortfname $dname $torrent"), $fname$torrentposter$short_descr$info_link$CURUSER["id"], "no"$anonymous$zanri$freeleech$infohash$torrent$totallencount($filelist), $type$descr$descr$_POST["type"], $dname))) .
        ", '" get_date_time() . "', '" get_date_time() . "', $nfo)");
if (!$ret) {
    if (mysql_errno() == 1062)
        bark("torrent already uploaded!");
    bark("mysql puked: ".mysql_error());
}
$id mysql_insert_id();

@sql_query("DELETE FROM files WHERE torrent = $id");
foreach ($filelist as $file) {
    @sql_query("INSERT INTO files (torrent, filename, size) VALUES ($id, ".sqlesc($file[0]).",".$file[1].")");
}

move_uploaded_file($tmpname"$torrent_dir/$id.torrent");

//===add karma
KPS("+","10.0",$CURUSER["id"]);
//===end

if ($CURUSER["anonymous"]=='yes')
    write_log("Torrent $id ($torrent) je naložil uporabnik Anonymous");
else
    write_log("Torrent $id ($torrent) je naložil uporabnik $CURUSER[username]");

//===notify people who voted on offer thanks CoLdFuSiOn :)
if (isset($_POST['offer'])) {
$res mysql_query("SELECT `userid` FROM `offervotes` WHERE `userid` != " $CURUSER["id"] . " AND `offerid` = ". ($_POST['offer'] + 0)) or sqlerr(__FILE____LINE__);
$pn_msg "The Offer you voted for: \"$torrent\" was uploaded by " $CURUSER["username"] . ".\nYou can Download the Torrent [url=$DEFAULTBASEURL/details.php?id=$id&hit=1]here[/url]";

while($row mysql_fetch_assoc($res)) {
//=== use this if you DO have subject in your PMs
$subject "Offer $torrent was just uploaded";
//=== use this if you DO NOT have subject in your PMs
//$some_variable .= "(0, 0, $row[userid], '" . get_date_time() . "', " . sqlesc($pn_msg) . ")";

//=== use this if you DO have subject in your PMs
mysql_query("INSERT INTO messages (poster, sender, subject, receiver, added, msg) VALUES (0, 0, ".sqlesc($subject).", $row[userid], ".sqlesc(get_date_time()).", " sqlesc($pn_msg) . ")") or sqlerr(__FILE____LINE__);
//=== use this if you do NOT have subject in your PMs
//mysql_query("INSERT INTO messages (poster, sender, receiver, added, msg) VALUES ".$some_variable."") or sqlerr(__FILE__, __LINE__);
//===end
}
//=== delete all offer stuff
@mysql_query("DELETE FROM `offers` WHERE `id` = ". ($_POST['offer'] + 0));
@mysql_query("DELETE FROM `offervotes` WHERE `offerid` = ". ($_POST['offer'] + 0));
@mysql_query("DELETE FROM `comments` WHERE `offer` = ". ($_POST['offer'] + 0). "");
}
//=== end notify people who voted on offer

/* Email notifs */


$res sql_query("SELECT name FROM categories WHERE id=$catid") or sqlerr(__FILE__,__LINE__);
$arr mysql_fetch_assoc($res);
$cat $arr["name"];
$res sql_query("SELECT email FROM users WHERE enabled='yes' AND parked='no' AND status='confirmed' AND notifs LIKE '%[cat$catid]%' AND notifs LIKE '%[email]%'") or sqlerr(__FILE____LINE__);

$uploader $anon;

$size mksize($totallen);
$description = ($html strip_tags($descr) : $descr);

$body = <<<EOD
Hi,

A new torrent has been uploaded.

Name: $torrent
Size: $size
Category: $cat
Uploaded by: $uploader

Description
-------------------------------------------------------------------------------
$description
-------------------------------------------------------------------------------

You can use the URL below to download the torrent (you may have to login).

$DEFAULTBASEURL/details.php?id=$id&hit=1

------
Yours,
The $SITENAME Team.
EOD;
$to "";
$nmax 100// Max recipients per message
$nthis 0;
$ntotal 0;
$total mysql_num_rows($res);
while ($arr mysql_fetch_row($res))
{
  if ($nthis == 0)
    $to $arr[0];
  else
    $to .= "," $arr[0];
  ++$nthis;
  ++$ntotal;
  if ($nthis == $nmax || $ntotal == $total)
  {
      $sm sent_mail("Multiple recipients <$SITEEMAIL>",$SITENAME,$SITEEMAIL,"$SITENAME New torrent - $torrent",$body,"torrent upload",false,true,$to);
    if (!$sm)
      stderr("Error""Your torrent has been been uploaded. DO NOT RELOAD THE PAGE!\n" .
        "There was however a problem delivering the e-mail notifcations.\n" .
        "Please let an administrator know about this error!\n");
    $nthis 0;
  }
}

/**
* User Upload če je 10. torrent :D || START
*/

$torrents_res mysql_query("SELECT COUNT(*) FROM torrents WHERE owner = '" $CURUSER["id"] . "'") or sqlerr();
$torrents_row mysql_fetch_row($torrents_res);
$count $torrents_row[0];

if ($count 10 == 0//če je ostanek pri deljenju z 10 enak 0
{
    //doda upload
    $pristej 1024 1024 1024 5;
    mysql_query("UPDATE users SET uploaded = uploaded + " $pristej " WHERE id = '" $CURUSER["id"] . "'") or sqlerr();
    
    
    $msg sqlesc("Sistem vam je dodelil 5 Gb uploada. (Za vsak deseti naloženi torrent prejmete 5 Gb uploada)."); //vsebina sporočila
    $added sqlesc(get_date_time());
    sql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES (0, " $CURUSER["id"] . ", $msg$added)") or sqlerr(__FILE____LINE__);
    write_log("Uporabniku " $CURUSER["username"] . " je Sistem dodelil 5 Gb uploada."); //log strani
}

/**
* User Upload če je 10. torrent :D || END
*/

$userid 2738;
$usernamehtmlspecialchars("Sistem");
$date=sqlesc(time());
$text="<font color=red><b>Naložen je bil nov torrent: </b></font><a href=details.php?id=" htmlspecialchars($id) . " target=_blank>" htmlspecialchars($torrent) . "</a>" ;
    
sql_query("INSERT INTO shoutbox (id, userid, username, date, text) VALUES ('id'," sqlesc($userid) . ", " sqlesc($username) . ", $date, " sqlesc($text) . ")") or sqlerr(__FILE____LINE__);

unset($_SESSION["upload"]);
header("Location: $BASEURL/details.php?id=".htmlspecialchars($id)."&uploaded=1");
?>

elvira 22nd December 2019 14:20
you must have poster and $poster to sql query try this one


Code:
require_once("include/benc.php");
require_once("include/bittorrent.php");
ini_set("upload_max_filesize",$max_torrent_size);


session_start();
$_SESSION["upload"] = $_POST;



function bark($msg) {
    genbark($msg, "Nalaganje torrenta neuspešno!");
}
dbconn();
loggedinorreturn();
iplogger ();


if ($CURUSER["uploadpos"] == 'no')
    die;

foreach(explode(":","descr:type:name") as $v)
{
    if (!isset($_POST[$v]))
        bark("Pozabili ste izpolniti eno izmed polj!");
}

if (!isset($_FILES["file"]))
    bark("Pozabili ste izbrati .torrent datoteko ali .nfo datoteko!");

$f = $_FILES["file"];
$fname = unesc($f["name"]);
if (empty($fname))
    bark("Prazna datoteka!");
if ($_POST['uplver'] == 'yes') {
    $anonymous = "yes";
    $anon = "Anonymous";
}
else {
    $anonymous = "no";
    $anon = $CURUSER["username"];
}

$torrentposter = null;
$poster = $_FILES['torrentposterfile'];
if (!empty($poster['name']))
{
    $dir = ROOT . DS . 'torrents_poster';
    if (!is_dir($dir))
    {
        mkdir($dir, 0777);
        file_put_contents($dir . DS . 'index.php', ':))');
    }
    if ($poster['size'] > (1024 * 1024))
    {
        bark('Prevelika slika. Največja velikost je 1MB');
    }
    $fileName = explode('.', $poster['name']);
    $koncnica = end($fileName);
    $fileName = md5(uniqid() . rand(0, 100) . microtime()) . '.' . $koncnica;
    $filePath = ROOT . DS . 'torrents_poster' . DS . $fileName;
    if (@is_uploaded_file($poster['tmp_name']) && move_uploaded_file($poster['tmp_name'], $filePath))
    {
        $torrentposter = $BASEURL . '/torrents_poster/' . $fileName;
    }
}
else if (!empty($_POST['torrentposter']))
{
    $torrentposter = unesc($_POST['torrentposter']);
}

if (!empty($_POST['short_descr']))
    $short_descr = $_POST['short_descr'];

if (!empty($_POST['info_link']))
$info_link = $_POST['info_link'];
   
$nfofile = $_FILES['nfo'];
if ($nfofile['name'] != '') {


if (get_user_class() >= UC_MODERATOR || $CURUSER["canfree"] == "da")
{
    if ($_POST["free"] == "yes")
    {
        $freeleech = "yes";
    }
    else
    {
        $freeleech = "no";
    }
}
else
{
    $freeleech = "no";
}

$zanri = $_POST["zanr"];
$zanri = implode("|", $zanri);


if ($nfofile['size'] == 0)
    bark("0-byte NFO");

if ($nfofile['size'] > 65535)
    bark("NFO datoteka je prevelika! Max 65,535 bajtov.");

$nfofilename = $nfofile['tmp_name'];

if (@!is_uploaded_file($nfofilename))
    bark("Nalaganje NFO datoteke neuspešno!");
}

$descr = unesc($_POST["descr"]);
if (!$descr)
  bark("Vpisati morate opis vsebine torrenta!");

$catid = (0 + $_POST["type"]);
if (!is_valid_id($catid))
    bark("Če želite naložiti torrent morate izbrati kategorijo!");
   
if (!validfilename($fname))
    bark("Nepravilna vrsta datoteke!");
if (!preg_match('/^(.+)\.torrent$/si', $fname, $matches))
    bark("Nepravilna končnica datoteke (ime datoteke ni .torrent).");
$shortfname = $torrent = $matches[1];
if (!empty($_POST["name"]))
    $torrent = unesc($_POST["name"]);

$tmpname = $f["tmp_name"];
if (!is_uploaded_file($tmpname))
    bark("eek");
if (!filesize($tmpname))
    bark("Prazna datoteka!");

$dict = bdec_file($tmpname, $max_torrent_size);
if (!isset($dict))
    bark("Nepravilna datoteka za nalaganje!");

function dict_check($d, $s) {
    if ($d["type"] != "dictionary")
        bark("Direktorij ni zapisljiv!");
    $a = explode(":", $s);
    $dd = $d["value"];
    $ret = array();
    foreach ($a as $k) {
        unset($t);
        if (preg_match('/^(.*)\((.*)\)$/', $k, $m)) {
            $k = $m[1];
            $t = $m[2];
        }
        if (!isset($dd[$k]))
            bark("dictionary is missing key(s)");
        if (isset($t)) {
            if ($dd[$k]["type"] != $t)
                bark("invalid entry in dictionary");
            $ret[] = $dd[$k]["value"];
        }
        else
            $ret[] = $dd[$k];
    }
    return $ret;
}

function dict_get($d, $k, $t) {
    if ($d["type"] != "dictionary")
        bark("not a dictionary");
    $dd = $d["value"];
    if (!isset($dd[$k]))
        return;
    $v = $dd[$k];
    if ($v["type"] != $t)
        bark("invalid dictionary entry type");
    return $v["value"];
}

list($ann, $info) = dict_check($dict, "announce(string):info");
list($dname, $plen, $pieces) = dict_check($info, "name(string):piece length(integer):pieces(string)");

if(get_user_class() {
    if (!in_array($ann, $announce_urls, 1))
    {
        $aok=false;
        foreach($announce_urls as $au)
        {
            if($ann=="$au?passkey=$CURUSER[passkey]")  $aok=true;
        }
        if(!$aok)
            bark("Invalid announce url! Must be: " . $announce_urls[0] . "?passkey=$CURUSER[passkey]");
    }
}



if (strlen($pieces) % 20 != 0)
    bark("invalid pieces");

$filelist = array();
$totallen = dict_get($info, "length", "integer");
if (isset($totallen)) {
    $filelist[] = array($dname, $totallen);
    $type = "single";
}
else {
    $flist = dict_get($info, "files", "list");
    if (!isset($flist))
        bark("missing both length and files");
    if (!count($flist))
        bark("no files");
    $totallen = 0;
    foreach ($flist as $fn) {
        list($ll, $ff) = dict_check($fn, "length(integer):path(list)");
        $totallen += $ll;
        $ffa = array();
        foreach ($ff as $ffe) {
            if ($ffe["type"] != "string")
                bark("filename error");
            $ffa[] = $ffe["value"];
        }
        if (!count($ffa))
            bark("filename error");
        $ffe = implode("/", $ffa);
        $filelist[] = array($ffe, $ll);
    }
    $type = "multi";
}

$infohash = pack("H*", sha1($info["string"]));

// Replace punctuation characters with spaces

$torrent = str_replace("_", " ", $torrent);

$nfo = sqlesc(str_replace("\x0d\x0d\x0a", "\x0d\x0a", @file_get_contents($nfofilename)));

$ret = sql_query("INSERT INTO torrents (search_text, filename, poster, info_link, owner, visible, anonymous, zanri, free, info_hash, name, size, numfiles, type, descr, ori_descr, category, save_as, added, last_action, nfo) VALUES (" .
        implode(",", array_map("sqlesc", array(searchfield("$shortfname $dname $torrent"), $fname, $torrentposter, $short_descr, $poster, $info_link, $CURUSER["id"], "no", $anonymous, $zanri, $freeleech, $infohash, $torrent, $totallen, count($filelist), $type, $descr, $descr, 0 + $_POST["type"], $dname))) .
        ", '" . get_date_time() . "', '" . get_date_time() . "', $nfo)");
if (!$ret) {
    if (mysql_errno() == 1062)
        bark("torrent already uploaded!");
    bark("mysql puked: ".mysql_error());
}
$id = mysql_insert_id();

@sql_query("DELETE FROM files WHERE torrent = $id");
foreach ($filelist as $file) {
    @sql_query("INSERT INTO files (torrent, filename, size) VALUES ($id, ".sqlesc($file[0]).",".$file[1].")");
}

move_uploaded_file($tmpname, "$torrent_dir/$id.torrent");

//===add karma
KPS("+","10.0",$CURUSER["id"]);
//===end

if ($CURUSER["anonymous"]=='yes')
    write_log("Torrent $id ($torrent) je naložil uporabnik Anonymous");
else
    write_log("Torrent $id ($torrent) je naložil uporabnik $CURUSER[username]");

//===notify people who voted on offer thanks CoLdFuSiOn :)
if (isset($_POST['offer'])) {
$res = mysql_query("SELECT `userid` FROM `offervotes` WHERE `userid` != " . $CURUSER["id"] . " AND `offerid` = ". ($_POST['offer'] + 0)) or sqlerr(__FILE__, __LINE__);
$pn_msg = "The Offer you voted for: \"$torrent\" was uploaded by " . $CURUSER["username"] . ".\nYou can Download the Torrent here";

while($row = mysql_fetch_assoc($res)) {
//=== use this if you DO have subject in your PMs
$subject = "Offer $torrent was just uploaded";
//=== use this if you DO NOT have subject in your PMs
//$some_variable .= "(0, 0, $row[userid], '" . get_date_time() . "', " . sqlesc($pn_msg) . ")";

//=== use this if you DO have subject in your PMs
mysql_query("INSERT INTO messages (poster, sender, subject, receiver, added, msg) VALUES (0, 0, ".sqlesc($subject).", $row[userid], ".sqlesc(get_date_time()).", " . sqlesc($pn_msg) . ")") or sqlerr(__FILE__, __LINE__);
//=== use this if you do NOT have subject in your PMs
//mysql_query("INSERT INTO messages (poster, sender, receiver, added, msg) VALUES ".$some_variable."") or sqlerr(__FILE__, __LINE__);
//===end
}
//=== delete all offer stuff
@mysql_query("DELETE FROM `offers` WHERE `id` = ". ($_POST['offer'] + 0));
@mysql_query("DELETE FROM `offervotes` WHERE `offerid` = ". ($_POST['offer'] + 0));
@mysql_query("DELETE FROM `comments` WHERE `offer` = ". ($_POST['offer'] + 0). "");
}
//=== end notify people who voted on offer

/* Email notifs */


$res = sql_query("SELECT name FROM categories WHERE id=$catid") or sqlerr(__FILE__,__LINE__);
$arr = mysql_fetch_assoc($res);
$cat = $arr["name"];
$res = sql_query("SELECT email FROM users WHERE enabled='yes' AND parked='no' AND status='confirmed' AND notifs LIKE '%[cat$catid]%' AND notifs LIKE '%[email]%'") or sqlerr(__FILE__, __LINE__);

$uploader = $anon;

$size = mksize($totallen);
$description = ($html ? strip_tags($descr) : $descr);

$body = << Hi,

A new torrent has been uploaded.

Name: $torrent
Size: $size
Category: $cat
Uploaded by: $uploader

Description
-------------------------------------------------------------------------------
$description
-------------------------------------------------------------------------------

You can use the URL below to download the torrent (you may have to login).

$DEFAULTBASEURL/details.php?id=$id&hit=1

------
Yours,
The $SITENAME Team.
EOD;
$to = "";
$nmax = 100; // Max recipients per message
$nthis = 0;
$ntotal = 0;
$total = mysql_num_rows($res);
while ($arr = mysql_fetch_row($res))
{
  if ($nthis == 0)
    $to = $arr[0];
  else
    $to .= "," . $arr[0];
  ++$nthis;
  ++$ntotal;
  if ($nthis == $nmax || $ntotal == $total)
  {
      $sm = sent_mail("Multiple recipients <$SITEEMAIL>",$SITENAME,$SITEEMAIL,"$SITENAME New torrent - $torrent",$body,"torrent upload",false,true,$to);
    if (!$sm)
      stderr("Error", "Your torrent has been been uploaded. DO NOT RELOAD THE PAGE!\n" .
        "There was however a problem delivering the e-mail notifcations.\n" .
        "Please let an administrator know about this error!\n");
    $nthis = 0;
  }
}

/**
* User Upload če je 10. torrent :D || START
*/

$torrents_res = mysql_query("SELECT COUNT(*) FROM torrents WHERE owner = '" . $CURUSER["id"] . "'") or sqlerr();
$torrents_row = mysql_fetch_row($torrents_res);
$count = $torrents_row[0];

if ($count % 10 == 0) //če je ostanek pri deljenju z 10 enak 0
{
    //doda upload
    $pristej = 1024 * 1024 * 1024 * 5;
    mysql_query("UPDATE users SET uploaded = uploaded + " . $pristej . " WHERE id = '" . $CURUSER["id"] . "'") or sqlerr();
   
   
    $msg = sqlesc("Sistem vam je dodelil 5 Gb uploada. (Za vsak deseti naloženi torrent prejmete 5 Gb uploada)."); //vsebina sporočila
    $added = sqlesc(get_date_time());
    sql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES (0, " . $CURUSER["id"] . ", $msg, $added)") or sqlerr(__FILE__, __LINE__);
    write_log("Uporabniku " . $CURUSER["username"] . " je Sistem dodelil 5 Gb uploada."); //log strani
}

/**
* User Upload če je 10. torrent :D || END
*/

$userid = 2738;
$username= htmlspecialchars("Sistem");
$date=sqlesc(time());
$text="Naložen je bil nov torrent: " . htmlspecialchars($torrent) . "" ;
   
sql_query("INSERT INTO shoutbox (id, userid, username, date, text) VALUES ('id'," . sqlesc($userid) . ", " . sqlesc($username) . ", $date, " . sqlesc($text) . ")") or sqlerr(__FILE__, __LINE__);

unset($_SESSION["upload"]);
header("Location: $BASEURL/details.php?id=".htmlspecialchars($id)."&uploaded=1");
?>

firefly007 22nd December 2019 17:51
Look if u ran the query to add poster to the torrent table then poster will be added at the end of the table so the same needs to apply to the query. U cant added it where ever u like. So backup takeupload.php and then edit and find and replace the main insertion query with this...

PHP Code:

$ret sql_query("INSERT INTO torrents (search_text, filename, info_link, owner, visible, anonymous, zanri, free, info_hash, name, size, numfiles, type, descr, ori_descr, category, save_as, added, last_action, nfo, poster) VALUES (" .
        implode(","array_map("sqlesc", array(searchfield("$shortfname $dname $torrent"), $fname$short_descr$info_link$CURUSER["id"], "no"$anonymous$zanri$freeleech$infohash$torrent$totallencount($filelist), $type$descr$descr$_POST["type"], $dname))) .
        ", '" get_date_time() . "', '" get_date_time() . "', $nfo$torrentposter)"); 

Floky123 22nd December 2019 19:16
Quote:
Originally Posted by firefly007 (Post 54362)
Look if u ran the query to add poster to the torrent table then poster will be added at the end of the table so the same needs to apply to the query. U cant added it where ever u like. So backup takeupload.php and then edit and find and replace the main insertion query with this...

PHP Code:

$ret sql_query("INSERT INTO torrents (search_text, filename, info_link, owner, visible, anonymous, zanri, free, info_hash, name, size, numfiles, type, descr, ori_descr, category, save_as, added, last_action, nfo, poster) VALUES (" .
        implode(","array_map("sqlesc", array(searchfield("$shortfname $dname $torrent"), $fname$short_descr$info_link$CURUSER["id"], "no"$anonymous$zanri$freeleech$infohash$torrent$totallencount($filelist), $type$descr$descr$_POST["type"], $dname))) .
        ", '" get_date_time() . "', '" get_date_time() . "', $nfo$torrentposter)"); 
New problem that i have after this..

mysql puked: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '://tvoj-orion.si/torrents_poster/0831cc6a36b904497d9ea29f43d77b6c.jpg)' at line 1

firefly007 22nd December 2019 19:55
Try and sanitize $torrentposter

Napon 22nd December 2019 23:00
should be


$poster


To match the poster


so it should be



Code:
$ret = sql_query("INSERT INTO torrents (search_text, filename, info_link, owner, visible, anonymous, zanri, free, info_hash, name, size, numfiles, type, descr, ori_descr, category, save_as, added, last_action, nfo, poster) VALUES (" .
        implode(",", array_map("sqlesc", array(searchfield("$shortfname$dname$torrent"), $fname, $short_descr, $info_link, $CURUSER["id"], "no", $anonymous, $zanri, $freeleech, $infohash, $torrent, $totallen, count($filelist), $type, $descr, $descr, 0 + $_POST["type"], $dname))) .
        ", '" . get_date_time() . "', '" . get_date_time() . "', $nfo, $poster)"); 



This is call on a sql_query you do not have $torrentposter

firefly007 23rd December 2019 12:43
Quote:
Originally Posted by Napon (Post 54365)
should be


$poster


To match the poster


so it should be



Code:
$ret = sql_query("INSERT INTO torrents (search_text, filename, info_link, owner, visible, anonymous, zanri, free, info_hash, name, size, numfiles, type, descr, ori_descr, category, save_as, added, last_action, nfo, poster) VALUES (" .
        implode(",", array_map("sqlesc", array(searchfield("$shortfname$dname$torrent"), $fname, $short_descr, $info_link, $CURUSER["id"], "no", $anonymous, $zanri, $freeleech, $infohash, $torrent, $totallen, count($filelist), $type, $descr, $descr, 0 + $_POST["type"], $dname))) .
        ", '" . get_date_time() . "', '" . get_date_time() . "', $nfo, $poster)"); 



This is call on a sql_query you do not have $torrentposter
Napon I'm so glad u are participating rather than just criticizing and flaming members.

Napon 23rd December 2019 18:21
well true but some time like bambam just can not help him self, but there you go with a want to be coder..On a sidenote ill help out where i can


All times are GMT +2. The time now is 11:37.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.