Well it came that i wanted to allow other users to use my TF box, but i DIDNT want them to see what other users were downloading.

So i hacked the code alittle.

This will make NORMAL users only able to see their OWN torrents, they CANT see what other users are downloading. Admins can still see other files.

This wasnt done to a Vanilla install, this is the "torrentflux_2.1+" install pack from one of thee multihacks things.

Heres the changes for mine:

Line 2916
Find:
    if (sizeof($arListTorrent) > 0)
Replace with:
    if ( (sizeof($arListTorrent) > 0) && (IsAdmin() == true) )
 

Thats the only change.
In a vanilla install(Which i havnt tested) the line is 2520, same change as above should be made.

I was thinking of making it so as the users can see the download percentage/speed/status just couldnt see the torrent names, And i may do that later, this was just a quick hack to add the fuction in so i could let others onto it ASAP.


:::EDIT:::
Part 2:
I Forgot about dir.php!

Line: About 34
Find
$dir = stripslashes(urldecode(getRequestVar('dir')));
 
And place this after it:
if (IsAdmin() == false){
	$cfg['path'] = $cfg['path'].$cfg['user'].'/';
	if( substr($dir,0,strlen($cfg['user'])) == $cfg['user'] ){
		$dir = substr($dir,strlen($cfg['user']));
	}
}
 
it now looks like this:
 
$dir = stripslashes(urldecode(getRequestVar('dir')));
 
if (IsAdmin() == false){
	$cfg['path'] = $cfg['path'].$cfg['user'].'/';
	if( substr($dir,0,strlen($cfg['user'])) == $cfg['user'] ){
		$dir = substr($dir,strlen($cfg['user']));
	}
}
 
 

I think i've covered everything thing now

::::Edit2::::
'doh.. noticed another file.
History.php:

Line: About 55
 
Find this:
 
$sql = "SELECT user_id, file, time FROM tf_log WHERE action=".$db->qstr($cfg["constants"]["url_upload"])." OR action=".$db->qstr($cfg["constants"]["file_upload"])." ORDER BY time desc";
 
Replace with this:
 
	if (IsAdmin() == true){
	    $sql = "SELECT user_id, file, time FROM tf_log WHERE action=".$db->qstr($cfg["constants"]["url_upload"])." OR action=".$db->qstr($cfg["constants"]["file_upload"])." ORDER BY time desc";
	} else {
		$sql = "SELECT user_id, file, time FROM tf_log WHERE user_id='".$cfg['user']."' AND ( action=".$db->qstr($cfg["constants"]["url_upload"])." OR action=".$db->qstr($cfg["constants"]["file_upload"])." ) ORDER BY time desc";
	}
 
 

Hope its of use to someone

NOTE: can someone else please tell me if download files/tar directory still works? Its failing on my install, and i cant see any reason for it to.

DD32

EDIT:
The Codebase for this was this: http://www.torrentflux.com/forum/index.php/topic,1265.0.html

just tested the mod and it works great.

Good work DD32

Hey could you pls drop me a line when you have finished the wget support, would be really cool

mb.Tab

im not quite sure how to apply this hack please could some one PM me a step by step guide

thank you

--host-away

whats the point in this? it kinda leads to wasted bandwidth.

Nice one.  Thanks.  Got it working fine now.

Shame I can't get wget to work

yeah that is a bug in this hack.
its based on the fact the hack alters the php-var $dir which the sanity-check for prevention of deleting data not owned by the user relies on.


regards,
b4rt

I've made a crude fix to the delete bug in this hack, simply by commenting out the code that checks user identity. I don't know if this opens up any security issues. I just thought naively that if users can't see each others files then they can't delete them even if I remove the checking of identity

to apply this fix you should find two code sections in dir.php (one is shown below and the other one looks almost the same) and comment-out/delete every thing but the long echo that displays the delete button.

Before:

After:

sorry didnt understand your post

Ok well i got it to work just the icon aint showing

Ive tried all types of HTML and made the link proper and it just shows up wierd :/

Hmmm, not working in 2.2beta1 yet.  The code still fits but it breaks something.  Just an FYI.

-Ghan

Ok, my first post, and a solution to the delete files issue...

Do what is mentioned in the first post, EXCEPT for the modification to the dir.php file!!!

Instead, do this


This then just hard-codes the dir variable with the username, and even if you try to type the name of another user in its place, it will still not allow access to other files EXCEPT your own when not admin...

Also, legend, the CODE section your wondering what file its in, look in functions.php

Hope this helps!

Paul

-function.php-

The file is quite shorter than it was in an earlier version of TF.
I changed it a few minutes ago and it works like a charm

THANKS!

xon