mirror of
https://github.com/torrentpier/torrentpier.git
synced 2024-12-14 08:01:14 -08:00
188 lines
6.3 KiB
PHP
188 lines
6.3 KiB
PHP
<?php
|
||
/**
|
||
* TorrentPier – Bull-powered BitTorrent tracker engine
|
||
*
|
||
* @copyright Copyright (c) 2005-2024 TorrentPier (https://torrentpier.com)
|
||
* @link https://github.com/torrentpier/torrentpier for the canonical source repository
|
||
* @license https://github.com/torrentpier/torrentpier/blob/master/LICENSE MIT License
|
||
*/
|
||
|
||
if (!empty($setmodules)) {
|
||
$module['USERS']['RANKS'] = basename(__FILE__);
|
||
return;
|
||
}
|
||
|
||
require __DIR__ . '/pagestart.php';
|
||
|
||
if (isset($_GET['mode']) || isset($_POST['mode'])) {
|
||
$mode = $_GET['mode'] ?? $_POST['mode'];
|
||
} else {
|
||
//
|
||
// These could be entered via a form button
|
||
//
|
||
if (isset($_POST['add'])) {
|
||
$mode = 'add';
|
||
} elseif (isset($_POST['save'])) {
|
||
$mode = 'save';
|
||
} else {
|
||
$mode = '';
|
||
}
|
||
}
|
||
|
||
if ($mode != '') {
|
||
if ($mode == 'edit' || $mode == 'add') {
|
||
//
|
||
// They want to add a new rank, show the form.
|
||
//
|
||
$rank_id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
|
||
|
||
$s_hidden_fields = '';
|
||
|
||
if ($mode == 'edit') {
|
||
if (empty($rank_id)) {
|
||
bb_die($lang['MUST_SELECT_RANK']);
|
||
}
|
||
|
||
$sql = 'SELECT * FROM ' . BB_RANKS . " WHERE rank_id = $rank_id";
|
||
if (!$result = DB()->sql_query($sql)) {
|
||
bb_die('Could not obtain ranks data #1');
|
||
}
|
||
|
||
$rank_info = DB()->sql_fetchrow($result);
|
||
$s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />';
|
||
}
|
||
|
||
$s_hidden_fields .= '<input type="hidden" name="mode" value="save" />';
|
||
|
||
$template->assign_vars([
|
||
'TPL_RANKS_EDIT' => true,
|
||
|
||
'RANK' => !empty($rank_info['rank_title']) ? $rank_info['rank_title'] : '',
|
||
'IMAGE' => !empty($rank_info['rank_image']) ? $rank_info['rank_image'] : 'styles/images/ranks/rank_image.png',
|
||
'STYLE' => !empty($rank_info['rank_style']) ? $rank_info['rank_style'] : '',
|
||
'IMAGE_DISPLAY' => !empty($rank_info['rank_image']) ? '<img src="../' . $rank_info['rank_image'] . '" />' : '',
|
||
|
||
'S_RANK_ACTION' => 'admin_ranks.php',
|
||
'S_HIDDEN_FIELDS' => $s_hidden_fields
|
||
]);
|
||
} elseif ($mode == 'save') {
|
||
//
|
||
// Ok, they sent us our info, let's update it.
|
||
//
|
||
|
||
$rank_id = isset($_POST['id']) ? (int)$_POST['id'] : 0;
|
||
$rank_title = isset($_POST['title']) ? trim($_POST['title']) : '';
|
||
$rank_style = isset($_POST['style']) ? trim($_POST['style']) : '';
|
||
$rank_image = isset($_POST['rank_image']) ? trim($_POST['rank_image']) : '';
|
||
|
||
if ($rank_title == '') {
|
||
bb_die($lang['MUST_SELECT_RANK']);
|
||
}
|
||
|
||
//
|
||
// The rank image has to be a jpg, gif or png
|
||
//
|
||
if ($rank_image != '') {
|
||
if (!preg_match('/(\.gif|\.png|\.jpg|\.jpeg|\.bmp|\.webp|\.avif\.ico)$/is', $rank_image)) {
|
||
$rank_image = '';
|
||
}
|
||
}
|
||
|
||
if ($rank_id) {
|
||
|
||
$sql = 'UPDATE ' . BB_USERS . " SET user_rank = 0 WHERE user_rank = $rank_id";
|
||
if (!$result = DB()->sql_query($sql)) {
|
||
bb_die($lang['NO_UPDATE_RANKS']);
|
||
}
|
||
|
||
$sql = 'UPDATE ' . BB_RANKS . "
|
||
SET rank_title = '" . DB()->escape($rank_title) . "',
|
||
rank_image = '" . DB()->escape($rank_image) . "',
|
||
rank_style = '" . DB()->escape($rank_style) . "'
|
||
WHERE rank_id = $rank_id";
|
||
|
||
$message = $lang['RANK_UPDATED'];
|
||
} else {
|
||
$sql = 'INSERT INTO ' . BB_RANKS . " (rank_title, rank_image, rank_style)
|
||
VALUES ('" . DB()->escape($rank_title) . "', '" . DB()->escape($rank_image) . "', '" . DB()->escape($rank_style) . "')";
|
||
|
||
$message = $lang['RANK_ADDED'];
|
||
}
|
||
|
||
if (!$result = DB()->sql_query($sql)) {
|
||
bb_die('Could not update / insert into ranks table');
|
||
}
|
||
|
||
$message .= '<br /><br />' . sprintf($lang['CLICK_RETURN_RANKADMIN'], '<a href="admin_ranks.php">', '</a>') . '<br /><br />' . sprintf($lang['CLICK_RETURN_ADMIN_INDEX'], '<a href="index.php?pane=right">', '</a>');
|
||
|
||
$datastore->update('ranks');
|
||
|
||
bb_die($message);
|
||
} elseif ($mode == 'delete') {
|
||
//
|
||
// Ok, they want to delete their rank
|
||
//
|
||
|
||
if (isset($_POST['id']) || isset($_GET['id'])) {
|
||
$rank_id = isset($_POST['id']) ? (int)$_POST['id'] : (int)$_GET['id'];
|
||
} else {
|
||
$rank_id = 0;
|
||
}
|
||
|
||
if ($rank_id) {
|
||
$sql = 'DELETE FROM ' . BB_RANKS . " WHERE rank_id = $rank_id";
|
||
|
||
if (!$result = DB()->sql_query($sql)) {
|
||
bb_die('Could not delete rank data');
|
||
}
|
||
|
||
$sql = 'UPDATE ' . BB_USERS . " SET user_rank = 0 WHERE user_rank = $rank_id";
|
||
if (!$result = DB()->sql_query($sql)) {
|
||
bb_die($lang['NO_UPDATE_RANKS']);
|
||
}
|
||
|
||
$datastore->update('ranks');
|
||
|
||
bb_die($lang['RANK_REMOVED'] . '<br /><br />' . sprintf($lang['CLICK_RETURN_RANKADMIN'], '<a href="admin_ranks.php">', '</a>') . '<br /><br />' . sprintf($lang['CLICK_RETURN_ADMIN_INDEX'], '<a href="index.php?pane=right">', '</a>'));
|
||
} else {
|
||
bb_die($lang['MUST_SELECT_RANK']);
|
||
}
|
||
} else {
|
||
bb_die('Invalid mode');
|
||
}
|
||
} else {
|
||
//
|
||
// Show the default page
|
||
//
|
||
$sql = 'SELECT * FROM ' . BB_RANKS . ' ORDER BY rank_title';
|
||
if (!$result = DB()->sql_query($sql)) {
|
||
bb_die('Could not obtain ranks data #2');
|
||
}
|
||
$rank_count = DB()->num_rows($result);
|
||
$rank_rows = DB()->sql_fetchrowset($result);
|
||
|
||
$template->assign_vars([
|
||
'TPL_RANKS_LIST' => true,
|
||
'S_RANKS_ACTION' => 'admin_ranks.php'
|
||
]);
|
||
|
||
for ($i = 0; $i < $rank_count; $i++) {
|
||
$rank = $rank_rows[$i]['rank_title'];
|
||
$rank_id = $rank_rows[$i]['rank_id'];
|
||
|
||
$row_class = !($i % 2) ? 'row1' : 'row2';
|
||
|
||
$template->assign_block_vars('ranks', [
|
||
'ROW_CLASS' => $row_class,
|
||
'RANK' => $rank,
|
||
'STYLE' => $rank_rows[$i]['rank_style'],
|
||
'IMAGE_DISPLAY' => $rank_rows[$i]['rank_image'] ? '<img src="../' . $rank_rows[$i]['rank_image'] . '" />' : '',
|
||
|
||
'U_RANK_EDIT' => "admin_ranks.php?mode=edit&id=$rank_id",
|
||
'U_RANK_DELETE' => "admin_ranks.php?mode=delete&id=$rank_id"
|
||
]);
|
||
}
|
||
}
|
||
|
||
print_page('admin_ranks.tpl', 'admin');
|