mirror of
https://github.com/torrentpier/torrentpier
synced 2025-07-07 05:21:39 -07:00
161 lines
5.4 KiB
PHP
161 lines
5.4 KiB
PHP
<?php
|
||
/**
|
||
* TorrentPier – Bull-powered BitTorrent tracker engine
|
||
*
|
||
* @copyright Copyright (c) 2005-2023 TorrentPier (https://torrentpier.com)
|
||
* @link https://github.com/torrentpier/torrentpier for the canonical source repository
|
||
* @license https://github.com/torrentpier/torrentpier/blob/master/LICENSE MIT License
|
||
*/
|
||
|
||
if (!defined('IN_AJAX')) {
|
||
die(basename(__FILE__));
|
||
}
|
||
|
||
global $bb_cfg, $lang;
|
||
|
||
if (!$user_id = (int)$this->request['user_id'] or !$profiledata = get_userdata($user_id)) {
|
||
$this->ajax_die($lang['NO_USER_ID_SPECIFIED']);
|
||
}
|
||
if (!$field = (string)$this->request['field']) {
|
||
$this->ajax_die('invalid profile field');
|
||
}
|
||
|
||
$table = BB_USERS;
|
||
$value = $this->request['value'] = (string)(isset($this->request['value'])) ? $this->request['value'] : 0;
|
||
|
||
switch ($field) {
|
||
case 'username':
|
||
$value = clean_username($value);
|
||
if ($err = \TorrentPier\Legacy\Validate::username($value)) {
|
||
$this->ajax_die(strip_tags($err));
|
||
}
|
||
$this->response['new_value'] = $this->request['value'];
|
||
break;
|
||
|
||
case 'user_email':
|
||
$value = htmlCHR($value);
|
||
if ($err = \TorrentPier\Legacy\Validate::email($value)) {
|
||
$this->ajax_die($err);
|
||
}
|
||
$this->response['new_value'] = $this->request['value'];
|
||
break;
|
||
|
||
case 'user_website':
|
||
if ($value == '' || preg_match('#^https?://[\w\#!$%&~/.\-;:=,?@а-яА-Я\[\]+]+$#iu', $value)) {
|
||
$this->response['new_value'] = htmlCHR($value);
|
||
} else {
|
||
$this->ajax_die($lang['WEBSITE_ERROR']);
|
||
}
|
||
break;
|
||
|
||
case 'user_gender':
|
||
if (!$bb_cfg['gender']) {
|
||
$this->ajax_die($lang['MODULE_OFF']);
|
||
}
|
||
if (!isset($lang['GENDER_SELECT'][$value])) {
|
||
$this->ajax_die($lang['ERROR']);
|
||
} else {
|
||
$this->response['new_value'] = $lang['GENDER_SELECT'][$value];
|
||
}
|
||
break;
|
||
|
||
case 'user_birthday':
|
||
if (!$bb_cfg['birthday_enabled']) {
|
||
$this->ajax_die($lang['MODULE_OFF']);
|
||
}
|
||
$birthday_date = date_parse($value);
|
||
|
||
if (!empty($birthday_date['year'])) {
|
||
if (strtotime($value) >= TIMENOW) {
|
||
$this->ajax_die($lang['WRONG_BIRTHDAY_FORMAT']);
|
||
} elseif (bb_date(TIMENOW, 'Y', 'false') - $birthday_date['year'] > $bb_cfg['birthday_max_age']) {
|
||
$this->ajax_die(sprintf($lang['BIRTHDAY_TO_HIGH'], $bb_cfg['birthday_max_age']));
|
||
} elseif (bb_date(TIMENOW, 'Y', 'false') - $birthday_date['year'] < $bb_cfg['birthday_min_age']) {
|
||
$this->ajax_die(sprintf($lang['BIRTHDAY_TO_LOW'], $bb_cfg['birthday_min_age']));
|
||
}
|
||
}
|
||
|
||
$this->response['new_value'] = $this->request['value'];
|
||
break;
|
||
|
||
case 'user_icq':
|
||
if ($value && !preg_match('#^\d{6,15}$#', $value)) {
|
||
$this->ajax_die($lang['ICQ_ERROR']);
|
||
}
|
||
$this->response['new_value'] = $this->request['value'];
|
||
break;
|
||
|
||
case 'user_skype':
|
||
if ($value && !preg_match("#^[a-zA-Z0-9_.\-@,]{6,32}$#", $value)) {
|
||
$this->ajax_die($lang['SKYPE_ERROR']);
|
||
}
|
||
$this->response['new_value'] = $this->request['value'];
|
||
break;
|
||
|
||
case 'user_twitter':
|
||
if ($value && !preg_match("#^[a-zA-Z0-9_]{1,15}$#", $value)) {
|
||
$this->ajax_die($lang['TWITTER_ERROR']);
|
||
}
|
||
$this->response['new_value'] = $this->request['value'];
|
||
break;
|
||
|
||
case 'user_from':
|
||
case 'user_occ':
|
||
case 'user_interests':
|
||
$value = htmlCHR($value);
|
||
$this->response['new_value'] = $value;
|
||
break;
|
||
|
||
case 'user_regdate':
|
||
case 'user_lastvisit':
|
||
$tz = TIMENOW + (3600 * $bb_cfg['board_timezone']);
|
||
if (($value = strtotime($value, $tz)) < $bb_cfg['board_startdate'] or $value > TIMENOW) {
|
||
$this->ajax_die($lang['INVALID_DATE'] . $this->request['value']);
|
||
}
|
||
$this->response['new_value'] = bb_date($value, 'Y-m-d H:i', false);
|
||
break;
|
||
|
||
case 'u_up_total':
|
||
case 'u_down_total':
|
||
case 'u_up_release':
|
||
case 'u_up_bonus':
|
||
if (!IS_ADMIN) {
|
||
$this->ajax_die($lang['NOT_ADMIN']);
|
||
}
|
||
|
||
$table = BB_BT_USERS;
|
||
$value = (float)str_replace(',', '.', $this->request['value']);
|
||
|
||
foreach (array('KB' => 1, 'MB' => 2, 'GB' => 3, 'TB' => 4) as $s => $m) {
|
||
if (strpos($this->request['value'], $s) !== false) {
|
||
$value *= (1024 ** $m);
|
||
break;
|
||
}
|
||
}
|
||
$value = sprintf('%.0f', $value);
|
||
$this->response['new_value'] = humn_size($value, null, null, ' ');
|
||
|
||
if (!$btu = get_bt_userdata($user_id)) {
|
||
\TorrentPier\Legacy\Torrent::generate_passkey($user_id, true);
|
||
$btu = get_bt_userdata($user_id);
|
||
}
|
||
$btu[$field] = $value;
|
||
$this->response['update_ids']['u_ratio'] = (string)get_bt_ratio($btu);
|
||
break;
|
||
|
||
case 'user_points':
|
||
$value = (float)str_replace(',', '.', $this->request['value']);
|
||
$value = sprintf('%.2f', $value);
|
||
$this->response['new_value'] = $value;
|
||
break;
|
||
|
||
default:
|
||
$this->ajax_die("invalid profile field: $field");
|
||
}
|
||
|
||
$value_sql = DB()->escape($value, true);
|
||
DB()->query("UPDATE $table SET $field = $value_sql WHERE user_id = $user_id");
|
||
|
||
\TorrentPier\Legacy\Sessions::cache_rm_user_sessions($user_id);
|
||
|
||
$this->response['edit_id'] = $this->request['edit_id'];
|