-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathtakeupdate.php
51 lines (48 loc) · 2.08 KB
/
takeupdate.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
<?php
require_once("include/bittorrent.php");
function bark($msg)
{
stdhead();
stdmsg("Failed", $msg);
stdfoot();
exit;
}
dbconn();
global $staffmem_class;
loggedinorreturn();
if (get_user_class() < $staffmem_class)
permissiondenied();
if ($_POST['bonus']) {
if ($_POST['bonus'] > 1000)
$_POST['bonus'] = 1000;
if ($_POST['bonus'] < -1000)
$_POST['bonus'] = -1000;
// injection bug here?
// seems that implode does not take two strings anyways
$reportres = sql_query("SELECT * FROM reports WHERE dealtwith=0 AND id IN (" . implode(", ", $_POST['delreport']) . ")");
while ($row = mysql_fetch_array($reportres)) {
$dt = sqlesc(date("Y-m-d H:i:s"));
if ($_POST['bonus'] > 0) {
$msg = "感谢举报,系统为您增加了" . $_POST['bonus'] . "个魔力值。";
$subject = "感谢举报";
} else {
$msg = "举报内容不属实," . $_POST['bonus'] . "个魔力值。";
$subject = "举报不属实";
}
sql_query("update users set seedbonus = seedbonus + " . $_POST['bonus'] . " where id = " . $row['addedby']) or sqlerr(__FILE__, __LINE__);
sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, " . $row['addedby'] . ", $dt, '" . $msg . "', '" . $subject . "')") or sqlerr(__FILE__, __LINE__);
}
}
if ($_POST['setdealt']) {
$res = sql_query("SELECT id FROM reports WHERE dealtwith=0 AND id IN (" . implode(", ", $_POST['delreport']) . ")");
while ($arr = mysql_fetch_assoc($res))
sql_query("UPDATE reports SET dealtwith=1, dealtby = $CURUSER[id] WHERE id = $arr[id]") or sqlerr();
$Cache->delete_value('staff_new_report_count');
} elseif ($_POST['delete']) {
$res = sql_query("SELECT id FROM reports WHERE id IN (" . implode(", ", $_POST['delreport']) . ")");
while ($arr = mysql_fetch_assoc($res))
sql_query("DELETE from reports WHERE id = $arr[id]") or sqlerr();
$Cache->delete_value('staff_new_report_count');
$Cache->delete_value('staff_report_count');
}
header("Refresh: 0; url=reports.php");