aboutsummaryrefslogtreecommitdiff
path: root/Html/admin/download.php
diff options
context:
space:
mode:
authorcitizenz7 <citizenz7@protonmail.com>2017-04-20 18:50:55 +0200
committercitizenz7 <citizenz7@protonmail.com>2017-04-20 18:50:55 +0200
commit5fd9fa480f302902328b81f912dd67ce378284f8 (patch)
tree66234843ae2857fda12442e4f7577c527d48977c /Html/admin/download.php
parentebe731862c7c741171138b1083906f391fc35aff (diff)
downloadfreetorrent-5fd9fa480f302902328b81f912dd67ce378284f8.tar.xz
freetorrent-5fd9fa480f302902328b81f912dd67ce378284f8.zip
V.1.4.6
Diffstat (limited to '')
-rw-r--r--Html/admin/download.php90
1 files changed, 90 insertions, 0 deletions
diff --git a/Html/admin/download.php b/Html/admin/download.php
new file mode 100644
index 0000000..136cc35
--- /dev/null
+++ b/Html/admin/download.php
@@ -0,0 +1,90 @@
+<?php
+require_once('../includes/config.php');
+
+//Pas d'accès direct
+if(!isset($_GET['id']) || $_GET['id'] == '') {
+ header('Location: '.SITEURL.'/torrents.php?action=nodirect');
+ exit;
+}
+
+
+//on détermine l'id du fichier
+$fid = html($_GET['id']);
+
+// Si une session membre est lancée, on détermine l'id du membre
+if(isset($_SESSION['username'])) {
+ $stmt = $db->prepare('SELECT * FROM blog_members WHERE username = :username');
+ $stmt->execute(array(':username' => html($_SESSION['username'])));
+ $row = $stmt->fetch();
+ $uid = $row['memberID'];
+}
+else {
+ // s'il n'y a pas de session, c'est donc un visiteur avec l'id 32
+ $uid = 32;
+}
+
+/*
+//on recherche le hash dans la base xbt_files
+$stmt1 = $db->prepare('SELECT * FROM xbt_files WHERE fid = :fid');
+$stmt1->execute(array(':fid' => $fid));
+$row1 = $stmt1->fetch();
+*/
+
+//on recherche le torrent dans la base blog_posts_seo
+$stmt2 = $db->prepare('SELECT * FROM blog_posts_seo WHERE postID = :postID');
+$stmt2->execute(array(':postID' => $fid));
+$row2 = $stmt2->fetch();
+
+if($row2['postID'] == '') {
+ header('Location: '.SITEURL.'/torrents.php?action=noexist');
+}
+
+
+$torrent = $row2['postTorrent'];
+
+$torrentfile = $REP_TORRENTS.'/'.$torrent;
+
+// On décode le fichier torrent
+$fd = fopen($torrentfile, "rb");
+$alltorrent = fread($fd, filesize($torrentfile));
+$array = BDecode($alltorrent);
+fclose($fd);
+
+//On cherche le pid
+$stmt3 = $db->prepare('SELECT * FROM blog_members WHERE memberID = :uid');
+$stmt3->execute(array(':uid' => $uid));
+$row3 = $stmt3->fetch();
+
+// Il n'y a que les membres + les visiteurs qui peuvent télécharger
+// pas de userid = 0
+if ($row3['pid'] == '') {
+ header('Location: '.SITEURL);
+}
+
+if ($row3['pid'] == '00000000000000000000000000000000') {
+ $pid = '00000000000000000000000000000000';
+}
+else {
+ $pid = $row3['pid'];
+}
+
+$tracker_announce_urls = SITEURL.':'.ANNOUNCEPORT.'/announce';
+
+// On construit la nouvelle announce avec le pid (passkey ...)
+$array["announce"] = SITEURL.":".ANNOUNCEPORT."/".$pid."/announce";
+
+$alltorrent=BEncode($array);
+
+// On construit le header
+header("Content-Type: application/x-bittorrent");
+header('Content-Disposition: attachment; filename="['.SITENAMELONG.']'.$torrent.'"');
+print($alltorrent);
+
+if(isset($_SESSION['username'])) {
+ write_log('<span style="color:blue; font-weight:bold;">Download torrent :</span> '.html($row2['postTitle']).' par '.html($_SESSION['username']), $db);
+}
+else {
+ write_log('<span style="color:blue; font-weight:bold;">Download torrent :</span> '.html($row2['postTitle']).' par Visiteur', $db);
+}
+
+?>