diff options
author | citizenz7 <citizenz7@protonmail.com> | 2017-04-20 18:50:55 +0200 |
---|---|---|
committer | citizenz7 <citizenz7@protonmail.com> | 2017-04-20 18:50:55 +0200 |
commit | 5fd9fa480f302902328b81f912dd67ce378284f8 (patch) | |
tree | 66234843ae2857fda12442e4f7577c527d48977c /Html/admin/download.php | |
parent | ebe731862c7c741171138b1083906f391fc35aff (diff) | |
download | freetorrent-5fd9fa480f302902328b81f912dd67ce378284f8.tar.xz freetorrent-5fd9fa480f302902328b81f912dd67ce378284f8.zip |
V.1.4.6
Diffstat (limited to '')
-rw-r--r-- | Html/admin/download.php | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/Html/admin/download.php b/Html/admin/download.php new file mode 100644 index 0000000..136cc35 --- /dev/null +++ b/Html/admin/download.php @@ -0,0 +1,90 @@ +<?php +require_once('../includes/config.php'); + +//Pas d'accès direct +if(!isset($_GET['id']) || $_GET['id'] == '') { + header('Location: '.SITEURL.'/torrents.php?action=nodirect'); + exit; +} + + +//on détermine l'id du fichier +$fid = html($_GET['id']); + +// Si une session membre est lancée, on détermine l'id du membre +if(isset($_SESSION['username'])) { + $stmt = $db->prepare('SELECT * FROM blog_members WHERE username = :username'); + $stmt->execute(array(':username' => html($_SESSION['username']))); + $row = $stmt->fetch(); + $uid = $row['memberID']; +} +else { + // s'il n'y a pas de session, c'est donc un visiteur avec l'id 32 + $uid = 32; +} + +/* +//on recherche le hash dans la base xbt_files +$stmt1 = $db->prepare('SELECT * FROM xbt_files WHERE fid = :fid'); +$stmt1->execute(array(':fid' => $fid)); +$row1 = $stmt1->fetch(); +*/ + +//on recherche le torrent dans la base blog_posts_seo +$stmt2 = $db->prepare('SELECT * FROM blog_posts_seo WHERE postID = :postID'); +$stmt2->execute(array(':postID' => $fid)); +$row2 = $stmt2->fetch(); + +if($row2['postID'] == '') { + header('Location: '.SITEURL.'/torrents.php?action=noexist'); +} + + +$torrent = $row2['postTorrent']; + +$torrentfile = $REP_TORRENTS.'/'.$torrent; + +// On décode le fichier torrent +$fd = fopen($torrentfile, "rb"); +$alltorrent = fread($fd, filesize($torrentfile)); +$array = BDecode($alltorrent); +fclose($fd); + +//On cherche le pid +$stmt3 = $db->prepare('SELECT * FROM blog_members WHERE memberID = :uid'); +$stmt3->execute(array(':uid' => $uid)); +$row3 = $stmt3->fetch(); + +// Il n'y a que les membres + les visiteurs qui peuvent télécharger +// pas de userid = 0 +if ($row3['pid'] == '') { + header('Location: '.SITEURL); +} + +if ($row3['pid'] == '00000000000000000000000000000000') { + $pid = '00000000000000000000000000000000'; +} +else { + $pid = $row3['pid']; +} + +$tracker_announce_urls = SITEURL.':'.ANNOUNCEPORT.'/announce'; + +// On construit la nouvelle announce avec le pid (passkey ...) +$array["announce"] = SITEURL.":".ANNOUNCEPORT."/".$pid."/announce"; + +$alltorrent=BEncode($array); + +// On construit le header +header("Content-Type: application/x-bittorrent"); +header('Content-Disposition: attachment; filename="['.SITENAMELONG.']'.$torrent.'"'); +print($alltorrent); + +if(isset($_SESSION['username'])) { + write_log('<span style="color:blue; font-weight:bold;">Download torrent :</span> '.html($row2['postTitle']).' par '.html($_SESSION['username']), $db); +} +else { + write_log('<span style="color:blue; font-weight:bold;">Download torrent :</span> '.html($row2['postTitle']).' par Visiteur', $db); +} + +?> |