PHP Code:
<?php
/***************************************************************************
* NZB Mass Upload Script/Page
* ========================================
* for NZB Mod - Public v.TB-1.0b
* TBDev version
* ========================================
* created by dodgy
* Special thanks to all who have had a hand in TBDev/TorrentStrike
***************************************************************************/
/* This is the same as takenzb.php - if this script craps out on you after 10 minutes (it will suddenly just stop running), or if you receive memory errors, raise these amounts. They really depend on your server & what you plan on uploading. */
ini_set("max_execution_time", "600");
ini_set("memory_limit","32M");
require_once("include/bittorrent.php");
require_once("include/zipclasses.php");
ini_set("upload_max_filesize",$MAXNZBSIZE);
loggedinorreturn();
/* For maximum security, use hard-coded user id's so only specific people can use this script */
if (get_user_class() < UC_ADMINISTRATOR)
die("Go Away!");
// Change this if you want to (will increase security), no beginning or ending slash:
$AUTOUPLOADFOLDER = "autoupload";
// Check for autoupload & user's directory, if not there, create.
// Adjust this if you're using windows
if (!is_dir($AUTOUPLOADFOLDER))
mkdir($AUTOUPLOADFOLDER, 0777 );
if (!is_dir($AUTOUPLOADFOLDER."/id".$CURUSER["id"]))
mkdir($AUTOUPLOADFOLDER."/id".$CURUSER["id"], 0777 );
// Remove references to apps, keygens, plus other stuff in nfo
function clean_nzb_nfo($string) {
$string = str_ireplace("keygen", "fix ", $string);
$string = str_ireplace("patch", "fix ", $string);
$string = str_ireplace("regged", "fix ", $string);
$string = str_ireplace("keymaker", "fix ", $string);
$string = str_ireplace("crack", "fix", $string);
$string = str_ireplace("key", "fix", $string);
$string = str_ireplace("serial", "fix ", $string);
return $string;
}
// For extracting the num of segments from the subject
function subj_seg($input)
{
for ($i=strlen($input);$i>0;$i--) {
if ($input{$i} == "/") {
break;
}
}
$segs = substr($input,$i);
$segs = str_replace("/", "", $segs);
$segs = str_replace(")", "", $segs);
return $segs;
}
// Prevents simplexml utf-8 errors, forces subjects/poster to utf-8
function clean_utf8($where) {
$filecontent = file_get_contents($where);
$filecontent = @mb_convert_encoding($filecontent, "UTF-8");
file_put_contents($where, $filecontent);
unset ($filecontent);
}
// To get nzb version number (DTD) and strip comments left by anything else
function nzb_ver_num($where) {
global $SITESLOGAN;
$filecontent = file_get_contents($where);
if (eregi("//newzBin//DTD NZB 1.0//EN", $filecontent))
$nzbvernum = "1.0";
elseif (eregi("//newzBin//DTD NZB 0.9//EN", $filecontent)) {
$nzbvernum = "0.9";
// for some odd nzbs that are appearing with no DTD, assume they're 1.0
} elseif (eregi("<nzb>", $filecontent))
$nzbvernum = "1.0";
else
return false;
$goodstring = $SITESLOGAN;
if (eregi("<!--(.*)-->", $filecontent, $matches)) {
$badstring = $matches[1];
$filecontent = str_replace($badstring, $goodstring, $filecontent);
file_put_contents($where, $filecontent);
}
unset ($badstring, $goodstring, $filecontent, $matches);
return $nzbvernum;
}
// To store each piece (<file>***</file>) in the db, *no dupe checker*
// Regexp matches were quicker in testing for this than using simplexml
function storepieces($where, $id) {
$filecontent = file_get_contents($where);
$parts = explode("</file>", $filecontent);
$nzbpiece = 0;
foreach($parts as $part){
if (eregi("<file (.*)", $part, $matches)) {
$filepiece = $matches[1];
$filepiece = "<file ".$filepiece."";
$filepiece = sqlesc($filepiece);
mysql_query("INSERT INTO nzbpiecelist (nzb, nzb_piece, filepiece) VALUES ($id, $nzbpiece, $filepiece)");
$nzbpiece++;
}
}
unset ($parts, $filecontent, $nzbpiece, $matches);
}
// NZB Parser - simplexml version (for php5)
// To gather info about each piece to store in db (to later retrieve and show filelist)
// This is the preferable method as it is very quick
function pieceslisting($where, $id) {
$filecontent = file_get_contents($where);
$xml = simplexml_load_string($filecontent);
if (!$xml)
return false;
$nzbpiece = 0;
foreach($xml->{"file"} as $nfile) {
$nposter = (string) trim($nfile['poster']);
$nposter = sqlesc($nposter);
$ndate = (int) trim($nfile['date']);
$nsubject = (string) trim($nfile['subject']);
// To find num of segments in subject:
$nsubjsegs = (int) subj_seg($nsubject);
// To find out if Par or not
$npar = sqlesc(stristr($nsubject, "par2")?0:1);
$nsubject = sqlesc($nsubject);
$groups = array();
foreach($nfile->groups->group as $group) {
$groups[] = (string) trim($group);
}
$ngroups = sqlesc(serialize($groups));
$nsegcount = 0;
$nsize = 0;
foreach($nfile->segments->segment as $segment) {
$nbytes = (int) trim($segment['bytes']);
$nsize += $nbytes;
$nsegcount++;
}
$query = mysql_query("UPDATE nzbpiecelist SET piece_poster = $nposter, piece_date = $ndate, piece_subject = $nsubject, piece_groups = $ngroups, piece_size = $nsize, piece_segments = $nsegcount, piece_subjseg = $nsubjsegs, piece_par = $npar WHERE nzb = $id AND nzb_piece = $nzbpiece");
if(!$query)
return false;
$nzbpiece++;
}
unset ($filecontent, $nzbpiece, $xml, $nposter, $ndate, $nsubject, $ngroups, $nsize, $nsegcount, $nsubjsegs, $npar);
}
/*
// NZB Parser - DOM xml version (for php5)
// To gather info about each piece to store in db (to later retrieve and show filelist)
// Note that this method is supposedly very slow when handling large documents
function pieceslisting($where, $id) {
// here we must specify the version of XML : i.e: 1.0
$xml = new DOMDocument('1.0');
$xml->loadXML(file_get_contents($where));
$nzbpiece = 0;
foreach($xml->getElementsByTagName('file') as $nfile) {
$nposter = $nfile->getAttribute('poster');
$nposter = sqlesc($nposter);
$ndate = $nfile->getAttribute('date');
$ndate = 0 + $ndate;
$nsubject = $nfile->getAttribute('subject');
// To find num of segments in subject:
$nsubjsegs = 0 + subj_seg($nsubject);
// To find out if Par or not
$npar = sqlesc(stristr($nsubject, "par2")?0:1);
$nsubject = sqlesc($nsubject);
// For groups:
$groups = array();
$xmlgroups = $nfile->getElementsByTagName('groups')->item(0);
foreach ($xmlgroups->getElementsByTagName('group') as $groupNode) {
$groups = $groupNode->firstChild->nodeValue;
}
$ngroups = sqlesc(serialize($groups));
//For segments:
$nsegcount = 0;
$nsize = 0;
$xmlsegments = $nfile->getElementsByTagName('segments')->item(0);
foreach ($xmlsegments->getElementsByTagName('segment') as $segmentNode) {
$nbytes = $segmentNode->getAttribute('bytes');
$nsize += $nbytes;
$nsegcount++;
}
$query = mysql_query("UPDATE nzbpiecelist SET piece_poster = $nposter, piece_date = $ndate, piece_subject = $nsubject, piece_groups = $ngroups, piece_size = $nsize, piece_segments = $nsegcount, piece_subjseg = $nsubjsegs, piece_par = $npar WHERE nzb = $id AND nzb_piece = $nzbpiece");
if(!$query)
return false;
$nzbpiece++;
}
unset ($xml, $nzbpiece, $nposter, $ndate, $nsubject, $ngroups, $nsize, $nsegcount, $nsubjsegs, $npar);
}
*/
/*
// NZB Parser - domxml version (for php4.3.x)
// To gather info about each piece to store in db (to later retrieve and show filelist)
// ***THIS VERSION OF THE NZB PARSER IS CURRENTLY UNTESTED! SEE THE README!***
function pieceslisting($where, $id) {
if (!$xml = domxml_open_file($where))
return false;
$nzbpiece = 0;
foreach($xml->get_elements_by_tagname('file') as $nfile) {
$nposter = $nfile->get_attribute('poster');
$nposter = sqlesc($nposter);
$ndate = $nfile->get_attribute('date');
$ndate = 0 + $ndate;
$nsubject = $nfile->get_attribute('subject');
// To find num of segments in subject:
$nsubjsegs = 0 + subj_seg($nsubject);
// To find out if Par or not
$npar = sqlesc(stristr($nsubject, "par2")?0:1);
$nsubject = sqlesc($nsubject);
// For groups:
$groups = array();
$xmlgroups = $nfile->get_elements_by_tagname('groups');
foreach ($xmlgroups->get_elements_by_tagname('group') as $groupNode) {
$groups = $groupNode->first_child->node_value;
// $groups = $groupNode->get_content(); // ??? This could possibly work instead
}
$ngroups = sqlesc(serialize($groups));
//For segments:
$nsegcount = 0;
$nsize = 0;
$xmlsegments = $nfile->get_elements_by_tagname('segments');
foreach ($xmlsegments->get_elements_by_tagname('segment') as $segmentNode) {
$nbytes = $segmentNode->get_attribute('bytes');
$nsize += $nbytes;
$nsegcount++;
}
$query = mysql_query("UPDATE nzbpiecelist SET piece_poster = $nposter, piece_date = $ndate, piece_subject = $nsubject, piece_groups = $ngroups, piece_size = $nsize, piece_segments = $nsegcount, piece_subjseg = $nsubjsegs, piece_par = $npar WHERE nzb = $id AND nzb_piece = $nzbpiece");
if(!$query)
return false;
$nzbpiece++;
}
unset ($xml, $nzbpiece, $nposter, $ndate, $nsubject, $ngroups, $nsize, $nsegcount, $nsubjsegs, $npar);
}
*/
function auto_upload($dirname, $file, $type, $genre, $addtext, $safenfo, $cuser, $imdbnfo) {
global $CURUSER, $SITENAME4FILE, $SITENZBDIR;
// Just need to declare this
$imdbnums = false;
$fname = unesc($file);
$fname = clean_nzb_name($fname);
if (!validfilename($fname)) {
print(safe($fname)." could not be uploaded - Invalid filename!<br />\n");
return false;
}
$where = $dirname."/".$file;
if (!preg_match('/^(.+)\.nzb$/si', $fname, $matches))
return false; // so will ignore nfo's, etc
$shortfname = $nzbname = $matches[1];
// check for nfo
if ( file_exists ("$dirname/$nzbname.nfo") ) {
if ((filesize("$dirname/$nzbname.nfo") > 0) && (filesize("$dirname/$nzbname.nfo") < 65535)) {
$nfocontents = @file_get_contents("$dirname/$nzbname.nfo");
// Replace square brackets for BB-Code on Drugs™
// $nfocontents = str_replace(array("[", "]"), array("(", ")"), $nfocontents);
// Automatic IMDb url parsing
if ($imdbnfo && preg_match("(http://(www\.|us\.|uk\.|german\.)?imdb\.com/title/tt([0-9]{7})/?)", $nfocontents, $imdbmatches)) {
$imdbnums = $imdbmatches[2];
}
if ($safenfo)
$nfodescr = clean_nzb_nfo($nfocontents);
$descr = sqlesc("[nfo]".$nfodescr."[/nfo]");
$thenfo = str_replace("\x0d\x0d\x0a", "\x0d\x0a", $nfocontents);
$nfo = sqlesc($thenfo);
} else {
$nfo = "''";
$descr = sqlesc($nzbname."\n\nNo nfo.");
}
} elseif ( file_exists ("$dirname/$nzbname.txt") ) {
if ((filesize("$dirname/$nzbname.txt") > 0) && (filesize("$dirname/$nzbname.txt") < 65535)) {
$nfocontents = @file_get_contents("$dirname/$nzbname.txt");
// Replace square brackets for BB-Code on Drugs™
// $nfocontents = str_replace(array("[", "]"), array("(", ")"), $nfocontents);
// Automatic IMDb url parsing
if ($imdbnfo && preg_match("(http://(www\.|us\.|uk\.|german\.)?imdb\.com/title/tt([0-9]{7})/?)", $nfocontents, $imdbmatches)) {
$imdbnums = $imdbmatches[2];
}
if ($safenfo)
$nfodescr = clean_nzb_nfo($nfocontents);
$descr = sqlesc("[nfo]".$nfodescr."[/nfo]");
$thenfo = str_replace("\x0d\x0d\x0a", "\x0d\x0a", $nfocontents);
$nfo = sqlesc($thenfo);
} else {
$nfo = "''";
$descr = sqlesc($nzbname."\n\nNo nfo.");
}
} else {
$nfo = "''";
$descr = sqlesc($nzbname."\n\nNo nfo.");
}
if (!is_valid_id($type))
$type = 63; // Set to current Other/misc cat id
$category = $type;
// check for 'pal' or 'ntsc' in filename
// not perfect, but gets it right most of the time!
if (eregi("pal", $fname))
$format = "pal";
elseif (eregi("ntsc", $fname))
$format = "ntsc";
else
$format = "na";
if (!$imdbnfo)
$genre = sqlesc($genre);
else
$genre = sqlesc("");
if ($imdbnfo && $imdbnums) {
$url = sqlesc("http://www.imdb.com/title/tt$imdbnums/");
$autoimdb = sqlesc("yes");
} else {
$url = sqlesc("");
$autoimdb = sqlesc("no");
}
$addtext = sqlesc($addtext);
$imdbrating = sqlesc("");
// Replace punctuation characters with spaces
$nzbname = str_replace("_", " ", $nzbname);
$nzbname = str_replace("%20", " ", $nzbname);
$cuser = ($cuser==""?$CURUSER["id"]:$cuser);
$cuser = (int) $cuser;
$nzbvernum = nzb_ver_num($where);
if ($nzbvernum == false) {
print(safe($fname)." could not be uploaded - Invalid NZB DTD!<br />\n");
return false;
}
$ret = mysql_query("INSERT INTO nzbs (owner, name, descr, ori_descr, category, nfo, nzbvernum, autoimdb, url, imdbrating, genre, addtext, format) VALUES (" . $cuser . "," . sqlesc($nzbname) . "," . $descr . "," . $descr . "," . $category . "," . $nfo . "," . sqlesc($nzbvernum) . "," . $autoimdb . "," . $url . "," . $imdbrating . "," . $genre . "," . $addtext . "," . sqlesc($format) . ")");
if (!$ret) {
print(safe($fname)." could not be uploaded - Problem adding data with first sql query!<br />\n");
return false;
}
$id = mysql_insert_id();
mysql_query("DELETE FROM nzbpiecelist WHERE nzb = $id");
clean_utf8($where);
storepieces($where, $id);
pieceslisting($where, $id);
$extrainfo = @mysql_query("SELECT piece_poster, piece_date, piece_subject, piece_groups, piece_par FROM nzbpiecelist WHERE nzb = $id AND nzb_piece = 0");
$counting = @mysql_query("SELECT piece_size FROM nzbpiecelist WHERE nzb = $id");
$totsize = @mysql_query("SELECT SUM(piece_size) AS tot_size FROM nzbpiecelist WHERE nzb = $id");
$parcount = @mysql_query("SELECT piece_size FROM nzbpiecelist WHERE nzb = $id AND piece_par = 1 ");
$partotsize = @mysql_query("SELECT SUM(piece_size) AS par_tot_size FROM nzbpiecelist WHERE nzb = $id AND piece_par = 1");
$numfiles = (int) mysql_num_rows($counting);
$numpars = (int) mysql_num_rows($parcount);
// find out total filesize (the size of the to-be-downloaded files)
$ptsize = mysql_result($totsize, 0);
$parsize = mysql_result($partotsize, 0);
if (!$parsize)
$parsize = 0;
$einfo = mysql_fetch_array($extrainfo);
$pposter = sqlesc($einfo['piece_poster']);
$pdate = (int) $einfo['piece_date'];
$psubject = $einfo['piece_subject'];
// remember that groups are in a serialised array!
$pgroups = sqlesc($einfo['piece_groups']);
// get 4 extra digits for filename (to muddy water)
srand( (double)microtime()*1000000 );
$rand = rand(1000, 4999);
// rename nzb (change site name!)
$nzbfilename = $id."-".$nzbname."-".$SITENAME4FILE."-".$rand.".nzb";
// add extra details:
$updateset = array();
$updateset[] = "search_text = " . sqlesc(searchfield("$shortfname $nzbname $psubject"));
$updateset[] = "filename = " . sqlesc($nzbfilename);
$updateset[] = "size = " . $ptsize;
$updateset[] = "numfiles = " . $numfiles;
$updateset[] = "poster = " . $pposter;
$updateset[] = "postdate = " . $pdate;
$updateset[] = "groups = " . $pgroups;
$updateset[] = "pars = " . $numpars;
$updateset[] = "partotsize = " . $parsize;
$updateset[] = "added = '" . get_date_time() ."'";
$ret2 = mysql_query("UPDATE nzbs SET " . join(",", $updateset) . " WHERE id = $id");
if (!$ret2) {
print(safe($fname)." could not be uploaded - Problem adding data with extra details sql query!<br />\n");
return false;
}
// For display regarding IMDb stuff
if ($imdbnfo && $imdbnums) {
print("<span style=\"color:#9900FF;\">Info: Open this link to update IMDb info: <a href=\"nzbdetails.php?id=$id&uploaded=1\" target=\"_blank\">(".safe($fname).")</a></span><br />\n");
}
if ($imdbnfo && !$imdbnums) {
print("<span style=\"color:#006600;\">Info: IMDb link not found for <a href=\"nzbdetails.php?id=$id\" target=\"_blank\">".safe($fname)."</a></span><br />\n");
}
$nzbfilename = str_replace(" ", "_", $nzbfilename);
$nzbfilename = cleannzbfilename($nzbfilename);
// to move nzb file
$nzbcontents = file_get_contents($where);
file_put_contents($SITENZBDIR."/".$nzbfilename, $nzbcontents);
// create zip file:
$createZip = new createZip;
$createZip -> addFile($nzbcontents, $nzbfilename);
$fileName = "$nzbfilename.zip";
$fd = fopen ($fileName, "wb");
$out = fwrite ($fd, $createZip -> getZippedfile());
fclose ($fd);
$formove = file_get_contents($fileName);
file_put_contents($SITENZBDIR."/".$fileName, $formove);
@unlink($fileName);
return true;
}
stdhead("Auto Upload NZB's");
?>