[AJAX_AUTH, IN_ADMIN_CP (optional)]
'edit_user_profile' => ['admin'],
'change_user_rank' => ['admin'],
'change_user_opt' => ['admin'],
'manage_user' => ['admin'],
'manage_admin' => ['admin', true],
'sitemap' => ['admin', true],
'book' => ['user'],
'rutor' => ['admin'],
'tor_bonus' => ['user'],
'mod_action' => ['mod'],
'warning' => ['mod'],
'topic_tpl' => ['mod'],
'group_membership' => ['mod'],
'post_mod_comment' => ['mod'],
'user_todey' => ['user'],
'avatar' => ['user'],
'gen_passkey' => ['user'],
'change_torrent' => ['user'],
'change_tor_status' => ['user'],
'friends' => ['user'],
'manage_group' => ['user'],
'pars' => ['user'],
'releases' => ['user'],
'portal' => ['user'],
'view_post' => ['guest'],
'new_messages' => ['guest'],
'user_stats' => ['user'],
'chat' => ['user'],
'view_torrent' => ['guest'],
'user_register' => ['guest'],
'posts' => ['guest'],
'index_data' => ['guest'],
'QuickSearch' => ['user'],
'like_post' => ['user'],
'update_peers' => ['guest'],
'thank' => ['user'],
'rate' => ['user'],
'order' => ['user'],
];
public $action;
/**
* Constructor
*/
public function __construct()
{
ob_start([&$this, 'ob_handler']);
header('Content-Type: text/plain');
}
/**
* Perform action
*/
public function exec()
{
global $lang, $bb_cfg;
// Exit if we already have errors
if (!empty($this->response['error_code'])) {
$this->send();
}
// Check that requested action is valid
$action = $this->action;
// Action params
$action_params = null;
if (!is_ajax()) {
$this->ajax_die('Not AJAX request', E_AJAX_NOT_REQUEST);
}
if (!$action || !\is_string($action)) {
$this->ajax_die('no action specified');
} elseif (!$action_params =& $this->valid_actions[$action]) {
$this->ajax_die('invalid action: ' . $action);
}
// Exit if board is disabled via ON/OFF trigger or by admin
if ($bb_cfg['board_disable'] || file_exists(BB_DISABLED)) {
if ($action_params[1] !== true) {
if ($bb_cfg['board_disable']) {
$this->ajax_die($lang['BOARD_DISABLE']);
} elseif (file_exists(BB_DISABLED)) {
$this->ajax_die($lang['BOARD_DISABLE_CRON']);
}
}
}
// Auth check
switch ($action_params[0]) {
// GUEST
case 'guest':
break;
// USER
case 'user':
if (IS_GUEST) {
$this->ajax_die($lang['NEED_TO_LOGIN_FIRST']);
}
break;
// MOD
case 'mod':
if (!IS_AM) {
$this->ajax_die($lang['ONLY_FOR_MOD']);
}
$this->check_admin_session();
break;
// ADMIN
case 'admin':
if (!IS_ADMIN) {
$this->ajax_die($lang['ONLY_FOR_ADMIN']);
}
$this->check_admin_session();
break;
// SUPER_ADMIN
case 'super_admin':
if (!IS_SUPER_ADMIN) {
$this->ajax_die($lang['ONLY_FOR_SUPER_ADMIN']);
}
$this->check_admin_session();
break;
default:
trigger_error("invalid auth type for $action", E_USER_ERROR);
}
// Run action
$this->$action();
// Send output
$this->send();
}
/**
* Exit on error
*
* @param $error_msg
* @param int $error_code
*/
public function ajax_die($error_msg, $error_code = E_AJAX_GENERAL_ERROR)
{
$this->response['error_code'] = $error_code;
$this->response['error_msg'] = $error_msg;
$this->send();
}
/**
* Initialization
*/
public function init()
{
$this->request = $_POST;
$this->action =& $this->request['action'];
}
/**
* Send data
*/
public function send()
{
$this->response['action'] = $this->action;
if (DBG_USER && SQL_DEBUG && !empty($_COOKIE['sql_log'])) {
$this->response['sql_log'] = Dev::get_sql_log();
}
// sending output will be handled by $this->ob_handler()
exit();
}
/**
* OB Handler
*
* @param $contents
* @return string
*/
public function ob_handler($contents)
{
if (DBG_USER) {
if ($contents) {
$this->response['raw_output'] = $contents;
}
}
$response_js = json_encode($this->response);
if (GZIP_OUTPUT_ALLOWED && !\defined('NO_GZIP')) {
if (UA_GZIP_SUPPORTED && \strlen($response_js) > 2000) {
header('Content-Encoding: gzip');
$response_js = gzencode($response_js, 1);
}
}
return $response_js;
}
/**
* Admin session
*/
public function check_admin_session()
{
global $user;
if (!$user->data['session_admin']) {
if (empty($this->request['user_password'])) {
$this->prompt_for_password();
} else {
$login_args = [
'login_username' => $user->data['username'],
'login_password' => $_POST['user_password'],
];
if (!$user->login($login_args, true)) {
$this->ajax_die('Wrong password');
}
}
}
}
/**
* Prompt for password
*/
public function prompt_for_password()
{
$this->response['prompt_password'] = 1;
$this->send();
}
/**
* Prompt for confirmation
*
* @param string $confirm_msg
*/
public function prompt_for_confirm($confirm_msg)
{
if (empty($confirm_msg)) {
$this->ajax_die('false');
}
$this->response['prompt_confirm'] = 1;
$this->response['confirm_msg'] = $confirm_msg;
$this->send();
}
/**
* Verify mod rights
*
* @param int $forum_id
*/
public function verify_mod_rights($forum_id)
{
global $userdata, $lang;
$is_auth = auth(AUTH_MOD, $forum_id, $userdata);
if (!$is_auth['auth_mod']) {
$this->ajax_die($lang['ONLY_FOR_MOD']);
}
}
public function edit_user_profile()
{
require AJAX_DIR . '/edit_user_profile.php';
}
public function change_user_rank()
{
require AJAX_DIR . '/change_user_rank.php';
}
public function change_user_opt()
{
require AJAX_DIR . '/change_user_opt.php';
}
public function gen_passkey()
{
require AJAX_DIR . '/gen_passkey.php';
}
public function group_membership()
{
require AJAX_DIR . '/group_membership.php';
}
public function manage_group()
{
require AJAX_DIR . '/edit_group_profile.php';
}
public function pars()
{
require AJAX_DIR . '/parser.php';
}
public function post_mod_comment()
{
require AJAX_DIR . '/post_mod_comment.php';
}
public function tor_bonus()
{
require AJAX_DIR . '/tor_bonus.php';
}
public function view_post()
{
require AJAX_DIR . '/view_post.php';
}
public function change_tor_status()
{
require AJAX_DIR . '/change_tor_status.php';
}
public function change_torrent()
{
require AJAX_DIR . '/change_torrent.php';
}
public function QuickSearch()
{
require AJAX_DIR . '/QuickSearch.php';
}
public function view_torrent()
{
require AJAX_DIR . '/view_torrent.php';
}
public function user_register()
{
require AJAX_DIR . '/user_register.php';
}
public function mod_action()
{
require AJAX_DIR . '/mod_action.php';
}
public function warning()
{
require AJAX_DIR . '/warning.php';
}
public function posts()
{
require AJAX_DIR . '/posts.php';
}
public function manage_user()
{
require AJAX_DIR . '/manage_user.php';
}
public function chat()
{
require AJAX_DIR . '/chats.php';
}
public function manage_admin()
{
require AJAX_DIR . '/manage_admin.php';
}
public function topic_tpl()
{
require AJAX_DIR . '/topic_tpl.php';
}
public function index_data()
{
require AJAX_DIR . '/index_data.php';
}
function friends()
{
require AJAX_DIR . '/friends.php';
}
public function avatar()
{
require AJAX_DIR . '/avatar.php';
}
public function presents()
{
require AJAX_DIR . '/present.php';
}
public function sitemap()
{
require AJAX_DIR . '/sitemap.php';
}
public function user_todey()
{
require AJAX_DIR . '/user_todey.php';
}
public function like_post()
{
require AJAX_DIR . '/like_post.php';
}
public function order()
{
require(AJAX_DIR . '/order.php');
}
public function book()
{
require AJAX_DIR . '/book.php';
}
public function releases()
{
require AJAX_DIR . '/releases.php';
}
public function portal()
{
require AJAX_DIR . '/portal.php';
}
public function user_stats()
{
global $bb_cfg, $lang;
$user_id = (int) $this->request['user_id'];
$btu = get_bt_userdata($user_id);
$ratio = get_bt_ratio($btu);
$u_up_total = humn_size($btu['u_up_total']);
$u_up_bonus = humn_size($btu['u_up_bonus']);
$u_up_release = humn_size($btu['u_up_release']);
$u_down_total = humn_size($btu['u_down_total']);
if ($btu['u_down_total'] < MIN_DL_FOR_RATIO) $ratio = '---';
############ Закончили ###################
############ Выводим данные ##############
$this->response['post_id'] = (int) $this->request['post_id'];
$this->response['html'] = '
';
}
public function rate()
{
global $userdata, $lang;
$attach_id = (int)$this->request['a'];
$rating = (int)$this->request['v'];
$result['error'] = false;
if (is_numeric($rating) && is_numeric($attach_id) && $rating >= 1 && $rating <= 5) {
$sql = "insert into " . BB_ATTACHMENTS_RATING . "(attach_id,user_id,rating)values("
. $attach_id . "," . $userdata['user_id'] . "," . $rating . ")on duplicate key update rating=values(rating)";
if (DB()->sql_query($sql)) {
$sql = "select sum(rating) as r, count(*) as c from " . BB_ATTACHMENTS_RATING . " where rating>0 and attach_id=" . $attach_id;
if ($res = DB()->sql_query($sql)) {
if ($row = DB()->sql_fetchrow($res)) {
$result['attach_id'] = $attach_id;
$result['rating'] = round($row['r'] / $row['c'], 1);
$result['rating_count'] = $row['c'];
$result['your_rating'] = $lang['YOUR_VOTE'] . ' ' . $lang['RATING_' . $rating] . ' ' . $lang['VOTE_COUNTED'];
$sql = "update " . BB_ATTACHMENTS_DESC . " set rating_sum=" . $row['r'] . ", rating_count=" . $row['c'] . " where attach_id=" . $attach_id;
DB()->sql_query($sql);
} else {
$result['error'] = true;
}
} else {
$result['error'] = true;
}
} else {
$result['error'] = true;
}
} else {
$result['error'] = true;
}
$this->response['message'] = $result;
}
public function thank()
{
global $userdata, $lang;
$mode = (string)$this->request['m'];
$attach_id = (int)$this->request['a'];
if (is_numeric($attach_id)) {
$result = array('attach_id' => $attach_id, 'error' => false);
// Thank!
if ($mode == 'thank') {
$sql = "INSERT INTO " . BB_ATTACHMENTS_RATING . " (attach_id,user_id,thanked) VALUES ("
. $attach_id . "," . $userdata['user_id'] . ",1)on duplicate key update thanked=1";
if (DB()->sql_query($sql)) {
$sql = "select sum(thanked) as c from " . BB_ATTACHMENTS_RATING . " where attach_id=" . $attach_id;
if ($res = DB()->sql_query($sql)) {
if ($row = DB()->sql_fetchrow($res)) {
$result['thanked'] = $row['c'];
$result['mode'] = $mode;
$result['list_button'] = ' (' . $lang['THANK_LIST'] . ')';
$sql = "UPDATE " . BB_ATTACHMENTS_DESC . " SET thanks=" . $row['c'] . " where attach_id=" . $attach_id;
DB()->sql_query($sql);
} else {
$result['error'] = true;
}
} else {
$result['error'] = true;
}
} else {
$result['error'] = true;
}
} // Thanks list
elseif ($mode == 'list') {
$sql = DB()->fetch_rowset("SELECT u.user_id, u.username, u.user_rank FROM " . BB_ATTACHMENTS_RATING . " r join " . BB_USERS . " u on u.user_id=r.user_id where r.thanked=1 and r.attach_id=" . $attach_id);
$html = '';
foreach ($sql as $row) {
if ($html) $html .= ', ';
$html .= profile_url($row);
}
$result['list'] = $html;
$result['mode'] = $mode;
} else {
$result['error'] = true;
}
} else {
$result['error'] = true;
}
$this->response['message'] = $result;
}
public function update_peers()
{
global $db, $cfg_ann, $lang;
$seed = $leech = 0;
$topic_id = (int)$this->request['topic_id'];
$row = DB()->fetch_row("SELECT info_hash FROM " . BB_BT_TORRENTS . " WHERE topic_id = " . $topic_id . " LIMIT 1");
if ($row && $info_hash = $row['info_hash']) {
$gp = new \getpeers();
$data = $gp->get_peers(1, serialize($cfg_ann), bin2hex($info_hash), false);
foreach ($data['peers'] as $announce) {
$seed = (int)$seed + $announce[0];
$leech = (int)$leech + $announce[1];
}
//DB()->query("UPDATE ".BB_BT_TORRENTS." SET last_update = ".$data['last_update'].", ext_seeder = ".$seed.", ext_leecher = ".$leech." WHERE info_hash = '".DB()->escape($info_hash)."'");
DB()->query("UPDATE " . BB_BT_TORRENTS . " SET last_update = " . $data['last_update'] . ", ext_seeder = " . $seed . ", ext_leecher = " . $leech . " WHERE topic_id = $topic_id");
$html = '';
$html .= '' . $lang['SEEDERS'] . ': ' . $seed . ' [ 0 KB/s ] ';
$html .= '' . $lang['LEECHERS'] . ': ' . $leech . ' [ 0 KB/s ] ';
$html .= '
';
}
$this->response['html'] = $html;
$this->response['topic_id'] = $topic_id;
}
}
function new_messages()
{
global $bb_cfg;
if(!$bb_cfg['new_messages']['enabled']) $this->ajax_die('Модуль отключён.');
$type = (int) $this->request['type'];
$limit = $type * $bb_cfg['new_messages']['limit'];
if (!$sql = CACHE('bb_cache')->get('new_messages_limit'.$limit.''))
{
$sql = DB()->fetch_rowset("SELECT
t.*,
p.*,
h.post_html, IF(h.post_html IS NULL, pt.post_text, NULL) AS post_text,
IF(p.poster_id = " . GUEST_UID . ", p.post_username, u.username) AS username, u.user_id, u.user_rank, u.avatar_ext_id, u.user_opt
FROM " . BB_POSTS . " p
INNER JOIN " . BB_TOPICS . " t ON(t.topic_id = p.topic_id)
INNER JOIN " . BB_POSTS_TEXT . " pt ON(pt.post_id = p.post_id)
LEFT JOIN " . BB_POSTS_HTML . " h ON(h.post_id = pt.post_id)
INNER JOIN " . BB_USERS . " u ON(u.user_id = p.poster_id)
WHERE
" . TIMENOW . " > p.post_time
AND p.post_id <> t.topic_id
AND p.poster_id <> " . BOT_UID . "
AND t.topic_first_post_id <> p.post_id
AND t.topic_last_post_id = p.post_id
ORDER BY p.post_id DESC
LIMIT $limit,{$bb_cfg['new_messages']['limit']}");
CACHE('bb_cache')->set('new_messages_limit'.$limit.'', $sql, $bb_cfg['new_messages']['cache']*60);
}
$message = ($type) ? '« Новые сообщения »
' : 'Новые сообщения»
';
$message .= '';
$this->response['html'] = $message;
}