$var) {
foreach($var as $id => $val) {
$attachments[$id][$key] = $val;
}
}
}
if(empty($attachments)) {
return FALSE;
}
foreach($attachments as $key => $attach) {
$attach_saved = false;
$attach['uid'] = $discuz_uid;
if(!disuploadedfile($attach['tmp_name']) || !($attach['tmp_name'] != 'none' && $attach['tmp_name'] && $attach['name'])) {
continue;
}
$filename = daddslashes($attach['name']);
$attach['ext'] = strtolower(fileext($attach['name']));
$extension = in_array($attach['ext'], $safeext) ? $attach['ext'] : 'attach';
if(in_array($attach['ext'], $imgext)) {
$attach['isimage'] = 1;
}else{
$attach['isimage'] = 0;
}
$attach['thumb'] = 0;
$attach['name'] = htmlspecialchars($attach['name'], ENT_QUOTES);
if(strlen($attach['name']) > 90) {
$attach['name'] = 'abbr_'.md5($attach['name']).'.'.$attach['ext'];
}
if($attachextensions && (!preg_match("/(^|\s|,)".preg_quote($attach['ext'], '/')."($|\s|,)/i", $attachextensions) || !$attach['ext'])) {
upload_error('post_attachment_ext_notallowed', $attacharray);
}
if(empty($attach['size'])) {
upload_error('post_attachment_size_invalid', $attacharray);
}
if($maxattachsize && $attach['size'] > $maxattachsize) {
upload_error('post_attachment_toobig', $attacharray);
}
$query = $db->query("SELECT maxsize FROM {$tablepre}attachtypes WHERE extension='".addslashes($attach['ext'])."'");
if($type = $db->fetch_array($query)) {
if($type['maxsize'] == 0) {
upload_error('post_attachment_ext_notallowed', $attacharray);
} elseif($attach['size'] > $type['maxsize']) {
require_once DISCUZ_ROOT.'./include/attachment.func.php';
$typemaxsize = sizecount($type['maxsize']);
upload_error('post_attachment_type_toobig', $attacharray);
}
}
if($attach['size'] && $maxsizeperday) {
if(!isset($todaysize)) {
$query = $db->query("SELECT SUM(filesize) FROM {$tablepre}attachments
WHERE uid='$GLOBALS[discuz_uid]' AND dateline>'$GLOBALS[timestamp]'-86400");
$todaysize = intval($db->result($query, 0));
}
$todaysize += $attach['size'];
if($todaysize >= $maxsizeperday) {
upload_error('post_attachment_quota_exceed', $attacharray);
}
}
if($attachsave) {
switch($attachsave) {
case 1: $attach_subdir = 'forumid_'.$GLOBALS['fid']; break;
case 2: $attach_subdir = 'ext_'.$extension; break;
case 3: $attach_subdir = 'month_'.date('ym'); break;
case 4: $attach_subdir = 'day_'.date('ymd'); break;
}
$attach_dir = $attachdir.'/'.$attach_subdir;
if(!is_dir($attach_dir)) {
@mkdir($attach_dir, 0777);
@fclose(fopen($attach_dir.'/index.htm', 'w'));
}
$attach['attachment'] = $attach_subdir.'/';
} else {
$attach['attachment'] = '';
}
$attach['attachment'] .= preg_replace("/(php|phtml|php3|php4|jsp|exe|dll|asp|cer|asa|shtml|shtm|aspx|asax|cgi|fcgi|pl)(\.|$)/i", "_\\1\\2",
date('Ymd').'_'.substr(md5($filename.microtime()), 12).random(12).'.'.$extension);
$target = $attachdir.'/'.$attach['attachment'];
if(@copy($attach['tmp_name'], $target) || (function_exists('move_uploaded_file') && @move_uploaded_file($attach['tmp_name'], $target))) {
@unlink($attach['tmp_name']);
$attach_saved = true;
}
if(!$attach_saved && @is_readable($attach['tmp_name'])) {
@$fp = fopen($attach['tmp_name'], 'rb');
@flock($fp, 2);
@$attachedfile = fread($fp, $attach['size']);
@fclose($fp);
@$fp = fopen($target, 'wb');
@flock($fp, 2);
if(@fwrite($fp, $attachedfile)) {
@unlink($attach['tmp_name']);
$attach_saved = true;
}
@fclose($fp);
}
if($attach_saved) {
@chmod($target, 0644);
if(in_array($attach['ext'], array('jpg', 'jpeg', 'gif', 'png', 'swf', 'bmp')) && function_exists('getimagesize') && !@getimagesize($target)) {
@unlink($target);
upload_error('post_attachment_ext_notallowed', $attacharray);
} else {
require_once DISCUZ_ROOT.'./include/image.class.php';
$image = new Image($attachedfile, $target, $attach);
if($image->imagecreatefromfunc && $image->imagefunc) {
$image->Thumb($thumbwidth, $thumbheight);
$image->Watermark();
$attach = $image->attach;
}
$attach['remote'] = ftpupload($target, $attach['attachment'], $attach['thumb']);
$attach['perm'] = $allowsetattachperm ? $attachperm[$key] : 0;
$attach['description'] = cutstr(dhtmlspecialchars($attachdesc[$key]), 100);
$attach['price'] = $maxprice ? (intval($attachprice[$key]) <= $maxprice ? intval($attachprice[$key]) : $maxprice) : 0;
$attacharray[$key] = $attach;
}
} else {
upload_error('post_attachment_save_error', $attacharray);
}
}
return !empty($attacharray) ? $attacharray : false;
}
$_DTYPE = $checkoption = $optionlist = array();
if($typeid) {
threadtype_checkoption();
}
if(empty($action)) {
$action='newthread'; //此处ET修改
}
if(empty($topicsubmit)) {
$topicsubmit='yes'; //此处ET修改
}
/*
if($action == 'smilies' && $smileyinsert) {
$smile = isset($_DCOOKIE['smile']) ? explode('D', $_DCOOKIE['smile']) : array();
$stypeid = intval($stypeid ? $stypeid : $smile[0]);
$stypeid = isset($_DCACHE['smileytypes'][$stypeid]) ? $stypeid : (isset($_DCACHE['smileytypes'][STYPEID]) ? STYPEID : key($_DCACHE['smileytypes']));
$smilies = $_DCACHE['smilies_display'][$stypeid];
$page = max(1, intval(isset($_GET['page']) ? $_GET['page'] : (!isset($_GET['stypeid']) || $_GET['stypeid'] == $smile[0] ? $smile[1] : 1)));
$spp = $smcols * $smrows;
$multipage = multi(count($smilies), $spp, $page, 'post.php?action=smilies&stypeid='.$stypeid.'&inajax=1', 0, 10, FALSE, TRUE);
$smilies = arrayslice($smilies, $spp * ($page - 1), $spp);
dsetcookie('smile', $stypeid.'D'.$page, 86400 * 365);
include template('post_smilies');
exit;
}elseif($action == 'threadtypes') {
threadtype_optiondata();
$template = intval($operate) ? 'search_typeoption' : 'post_typeoption';
include template($template);
exit;
} elseif(($forum['simple'] & 1) || $forum['redirect']) {
showmessage('forum_disablepost');
}
*/
require_once DISCUZ_ROOT.'./include/discuzcode.func.php';
$navigation = $navtitle = $thread = '';
/*
if($action == 'edit' || $action == 'reply') {
$query = $db->query("SELECT * FROM {$tablepre}threads WHERE tid='$tid'".($auditstatuson ? '' : " AND displayorder>='0'"));
if($thread = $db->fetch_array($query)) {
$navigation = "» $thread[subject]";
$navtitle = $thread['subject'].' - ';
if($thread['readperm'] && $thread['readperm'] > $readaccess && !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid) {
showmessage('thread_nopermission', NULL, 'NOPERM');
}
$fid = $thread['fid'];
$special = $thread['special'];
} else {
showmessage('thread_nonexistence');
}
}
*/
$navigation = "» $forum[name] $navigation";
$navtitle = $navtitle.strip_tags($forum['name']).' - ';
if($forum['type'] == 'sub') {
$query = $db->query("SELECT name, fid FROM {$tablepre}forums WHERE fid='$forum[fup]'");
$fup = $db->fetch_array($query);
$navigation = "» $fup[name] $navigation";
$navtitle = $navtitle.strip_tags($fup['name']).' - ';
}
periodscheck('postbanperiods');
/*
if($forum['password'] && $forum['password'] != $_DCOOKIE['fidpw'.$fid]) {
dheader("Location: {$boardurl}forumdisplay.php?fid=$fid&sid=$sid");
}
*/
/*用户组、版块操作权限校验
if(empty($forum['allowview'])) {
if(!$forum['viewperm'] && !$readaccess) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif($forum['viewperm'] && !forumperm($forum['viewperm'])) {
showmessage('forum_nopermission', NULL, 'NOPERM');
}
}
*/
forumformulaperm($forum['formulaperm']);
/*注册时间限制
if(!$adminid && $newbiespan && (!$lastpost || $timestamp - $lastpost < $newbiespan * 3600)) {
$query = $db->query("SELECT regdate FROM {$tablepre}members WHERE uid='$discuz_uid'");
if($timestamp - ($db->result($query, 0)) < $newbiespan * 3600) {
showmessage('post_newbie_span');
}
}
*/
$special = empty($special) || !is_numeric($special) || $special < 0 || $special > 6 ? 0 : intval($special);
$allowpostattach = !empty($forum['allowpostattach']) || (!$forum['postattachperm'] && $allowpostattach) || ($forum['postattachperm'] && forumperm($forum['postattachperm']));
$attachextensions = $forum['attachextensions'] ? $forum['attachextensions'] : $attachextensions;
$enctype = $allowpostattach ? 'enctype="multipart/form-data"' : '';
$maxattachsize_kb = $maxattachsize / 1000;
$postcredits = $forum['postcredits'] ? $forum['postcredits'] : $creditspolicy['post'];
$replycredits = $forum['replycredits'] ? $forum['replycredits'] : $creditspolicy['reply'];
$digestcredits = $forum['digestcredits'] ? $forum['digestcredits'] : $creditspolicy['digest'];
$postattachcredits = $forum['postattachcredits'] ? $forum['postattachcredits'] : $creditspolicy['postattach'];
$maxprice = isset($extcredits[$creditstrans]) ? $maxprice : 0;
$extra = rawurlencode($extra);
$blogcheck = empty($isblog) && empty($addtoblog) ? '' : 'checked="checked"';
$notifycheck = empty($emailnotify) ? '' : 'checked="checked"';
$stickcheck = empty($sticktopic) ? '' : 'checked="checked"';
$digestcheck = empty($addtodigest) ? '' : 'checked="checked"';
$subject = isset($subject) ? dhtmlspecialchars(censor(trim($subject))) : '';
$message = isset($message) ? censor(trim($message)) : '';
$readperm = isset($readperm) ? intval($readperm) : 0;
$price = isset($price) ? intval($price) : 0;
/* [hide]权限校验
if(empty($bbcodeoff) && !$allowhidecode && !empty($message) && preg_match("/\[hide=?\d*\].+?\[\/hide\]/is", preg_replace("/(\[code\](.+?)\[\/code\])/is", ' ', $message))) {
showmessage('post_hide_nopermission');
}
*/
if(periodscheck('postmodperiods', 0)) {
$modnewthreads = $modnewreplies = 1;
} else {
$censormod = censormod($subject."\t".$message);
$modnewthreads = (!$allowdirectpost || $allowdirectpost == 1) && ($forum['modnewposts'] || $censormod) ? 1 : 0;
$modnewreplies = (!$allowdirectpost || $allowdirectpost == 2) && ($forum['modnewposts'] == 2 || $censormod) ? 1 : 0;
}
$urloffcheck = $usesigcheck = $smileyoffcheck = $codeoffcheck = $htmloncheck = $emailcheck = '';
$seccodecheck = ($seccodestatus & 4) && (!$seccodedata['minposts'] || $posts < $seccodedata['minposts']);
$secqaacheck = $secqaa['status'][2] && (!$secqaa['minposts'] || $posts < $secqaa['minposts']);
if($iscircle = $supe['status'] && $supe['circlestatus'] && $forum['status'] == 2) {
unset($forum['threadtypes']);
}
$allowpostpoll = $allowpost && $allowpostpoll && ($forum['allowpostspecial'] & 1);
$allowposttrade = $allowpost && $allowposttrade && ($forum['allowpostspecial'] & 2);
$allowpostreward = $allowpost && $allowpostreward && ($forum['allowpostspecial'] & 4) && isset($extcredits[$creditstrans]);
$allowpostactivity = $allowpost && $allowpostactivity && ($forum['allowpostspecial'] & 8);
$allowpostdebate = $allowpost && $allowpostdebate && ($forum['allowpostspecial'] & 16);
$allowpostvideo = $allowpost && $allowpostvideo && ($forum['allowpostspecial'] & 32) && $videoopen;
$allowanonymous = $forum['allowanonymous'] || $allowanonymous ? 1 : 0;
if($action == 'newthread' && $forum['allowspecialonly'] && !$special) {
if($allowpostpoll) {
$special = 1;
} elseif($allowposttrade) {
$special = 2;
} elseif($allowpostreward) {
$special = 3;
} elseif($allowpostactivity) {
$special = 4;
} elseif($allowpostdebate) {
$special = 5;
} elseif($allowpostvideo) {
$special = 6;
}
if(!$special) {
//showmessage('undefined_action', NULL, 'HALTED');
echo('[err]undefined_action[/err]');
dexit();
}
}
$editorid = 'posteditor';
$editoroptions = str_pad(decbin($editoroptions), 2, 0, STR_PAD_LEFT);
$editormode = $editormode == 2 ? $editoroptions{0} : $editormode;
$allowswitcheditor = $editoroptions{1};
$advanceeditor = $special ? 0 : 1;
$previewdisplay = !empty($previewpost) ? '' : 'none';
if(!empty($previewpost) || (empty($previewpost) && empty($topicsubmit) && empty($replysubmit) && empty($editsubmit))) {
!$typeid && preg_replace("/.*typeid%3D(\d+).*/e", "\$typeid = \\1;", $extra);
if($discuz_uid && $sigstatus && !$usesigcheck) {
$usesigcheck = 'checked="checked"';
}
$trade = array();
if(($action == 'newthread' || $action == 'reply') && $special == 2) {
$query = $db->query("SELECT alipay FROM {$tablepre}memberfields WHERE uid='$discuz_uid'");
$trade['account'] = $db->result($query, 0);
$trade['amount'] = 1;
$trade['transport'] = 2;
}
$currtime = gmdate("$dateformat $timeformat", $timestamp + $timeoffset * 3600);
if(empty($previewpost)) {
$subject = $message = $polloptions = '';
} else {
$subject = stripslashes($subject);
$message = stripslashes($message);
$message_preview = discuzcode($message, !empty($smileyoff), !empty($bbcodeoff), !empty($htmlon), $forum['allowsmilies'], $forum['allowbbcode'], $forum['allowimgcode'], $forum['allowhtml'], 0, 1);
$message = $editormode == 1 && $bbinsert && !(isopera() && isopera() < 9) ? $message_preview : dhtmlspecialchars($message);
$urloffcheck = !empty($parseurloff) ? 'checked="checked"' : '';
$usesigcheck = !empty($usesig) ? 'checked="checked"' : '';
$smileyoffcheck = !empty($smileyoff) ? 'checked="checked"' : '';
$codeoffcheck = !empty($bbcodeoff) ? 'checked="checked"' : '';
$htmloncheck = !empty($htmlon) ? 'checked="checked"' : '';
$emailcheck = !empty($emailnotify) ? 'checked="checked"' : '';
$topicsubmit = $replysubmit = $editsubmit = '';
}
} else {
if((!empty($topicsubmit) || !empty($replysubmit)) && (($seccodecheck && !isset($seccodeverify)) || ($secqaacheck && !isset($secanswer)))) {
if($seccodecheck) {
$seccode = random(6, 1) + $seccode{0} * 1000000;
}
if($secqaacheck) {
$seccode = random(1, 1) * 1000000 + substr($seccode, -6);
}
$request = array
(
'method' => $_SERVER['REQUEST_METHOD'],
'action' => $PHP_SELF,
'elements' => ''
);
$quesand = '?';
foreach($_GET as $key => $value) {
$request['action'] .= $quesand.rawurlencode($key).'='.rawurlencode($value);
$quesand = '&';
}
foreach($_POST as $key => $value) {
if(is_array($value)) {
foreach($value as $arraykey => $arrayvalue) {
$request['elements'] .= '';
}
} else {
$request['elements'] .= '';
}
}
include template('post_seccode');
dexit();
}
}
/*
if($action == 'newthread') {
require_once DISCUZ_ROOT.'./include/newthread.inc.php';
} elseif($action == 'reply') {
require_once DISCUZ_ROOT.'./include/newreply.inc.php';
} elseif($action == 'edit') {
require_once DISCUZ_ROOT.'./include/editpost.inc.php';
} elseif($action == 'import') {
require_once DISCUZ_ROOT.'./include/supesite_import.inc.php';
} elseif($action == 'newtrade') {
require_once DISCUZ_ROOT.'./include/newtrade.inc.php';
}
*/
//取用户名
$discuz_user=$_POST['username'];
$query =$db->query("SELECT uid,password,secques FROM {$tablepre}members m WHERE m.username='$discuz_user'");
if ($rs=$db->fetch_row($query)){
list($discuz_uid,$discuz_pw, $discuz_secques ) =$rs;
}
else
{
echo('[err]帐号错误[/err]');
$db->close;
dexit();
}
if ($discuz_pw<>md5($_POST['password'])){
echo('[err]密码错误[/err]');
$db->close;
dexit();
}
//以下为newthread.inc.php内容
if(!defined('IN_DISCUZ')) {
exit('Access Denied');
}
$discuz_action = 11;
if(empty($forum['fid']) || $forum['type'] == 'group') {
//showmessage('forum_nonexistence');
echo('[err]指定的版块不存在[/err]');
$db->close;
dexit();
}
if(($special == 1 && !$allowpostpoll) || ($special == 2 && !$allowposttrade) || ($special == 3 && !$allowpostreward) || ($special == 4 && !$allowpostactivity) || ($special == 5 && !$allowpostdebate) || ($special == 6 && !$allowpostvideo)) {
//showmessage('group_nopermission', NULL, 'NOPERM');
echo('[err]您所在的用户组(管理员)无法进行此操作[/err]');
$db->close;
dexit(); }
$sgid = intval($sgid);
if($iscircle) {
$mycircles = array();
if($discuz_uid) {
supe_dbconnect();
$query = $supe['db']->query("SELECT gid, groupname FROM {$supe[tablepre]}groupuid WHERE uid='$discuz_uid' AND flag>0", 'SILENT');
while($mycircle = $supe['db']->fetch_array($query)) {
$mycircles[$mycircle['gid']] = cutstr($mycircle['groupname'], 30);
}
}
if($sgid) {
supe_dbconnect();
$query = $supe['db']->query("SELECT g.groupname, gf.headerimage, gf.css FROM {$supe[tablepre]}groups g, {$supe[tablepre]}groupfields gf WHERE g.gid='$sgid' AND g.flag=1 AND g.gid=gf.gid", 'SILENT');
$circle = $supe['db']->fetch_array($query);
if(!$discuz_uid || !$supe['db']->result($supe['db']->query("SELECT COUNT(*) FROM {$supe[tablepre]}groupuid WHERE uid='$discuz_uid' AND gid='$sgid' AND flag>0", 'SILENT'), 0)) {
//showmessage('circle_nopermission');
echo('[err]你尚未加入本圈[/err]');
$db->close;
dexit();
}
}
}
/*组权限校验
if(!$discuz_uid && !((!$forum['postperm'] && $allowpost) || ($forum['postperm'] && forumperm($forum['postperm'])))) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif(empty($forum['allowpost'])) {
if(!$forum['postperm'] && !$allowpost) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif($forum['postperm'] && !forumperm($forum['postperm'])) {
showmessage('post_forum_newthread_nopermission', NULL, 'HALTED');
}
}
*/
$isblog = empty($isblog) ? '' : 'yes';
if($isblog && (!$allowuseblog || !$forum['allowshare'])) {
//showmessage('post_newthread_blog_invalid', NULL, 'HALT');
echo('[err]无权加入日志[/err]');
$db->close;
dexit();
}
/*QIHOO转帖校验
if($url && !empty($qihoo['relate']['webnum'])) {
$from = in_array($from, array('direct', 'iframe')) ? $from : '';
if($data = @implode('', file("http://search.qihoo.com/sint/content.html?surl=$url&md5=$md5&ocs=$charset&ics=$charset&from=$from"))) {
preg_match_all("/(\w+):([^\>]+)/i", $data, $data);
if(!$data[2][1]) {
$subject = trim($data[2][3]);
$message = !$editormode ? str_replace('[br]', "\n", trim($data[2][4])) : str_replace('[br]', '
', trim($data[2][4]));
} else {
showmessage('reprint_invalid');
}
}
}
*/
checklowerlimit($postcredits);
/*if(!submitcheck('topicsubmit', 0, $seccodecheck, $secqaacheck)) {
$special = !$allowspecialonly ? intval($special) : 'only';
$modelid = $modelid ? intval($modelid) : '';
$typeselect = typeselect($selecttypeid, $special, '', $modelid);
$icons = '';
if(!$special && is_array($_DCACHE['icons'])) {
$key = 1;
foreach($_DCACHE['icons'] as $id => $icon) {
$icons .= ' 
';
$icons .= !(++$key % 10) ? '
' : '';
}
}
if($special == 2 && $allowposttrade) {
$expiration_7days = date('Y-m-d', $timestamp + 86400 * 7);
$expiration_14days = date('Y-m-d', $timestamp + 86400 * 14);
$trade['expiration'] = $expiration_month = date('Y-m-d', mktime(0, 0, 0, date('m')+1, date('d'), date('Y')));
$expiration_3months = date('Y-m-d', mktime(0, 0, 0, date('m')+3, date('d'), date('Y')));
$expiration_halfyear = date('Y-m-d', mktime(0, 0, 0, date('m')+6, date('d'), date('Y')));
$expiration_year = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y')+1));
$tradetypeselect = '';
$forum['tradetypes'] = $forum['tradetypes'] == '' ? -1 : unserialize($forum['tradetypes']);
if($tradetypes && !empty($forum['tradetypes'])) {
$tradetypeselect = '';
}
} elseif($special == 6 && $allowpostvideo) {
$query = $db->query("SELECT value FROM {$tablepre}settings WHERE variable='videoinfo'");
$settings = unserialize($db->result($query, 0));
$vclassesselect = "';
}
if($special == 2) {
include template('post_newthread_trade');
} elseif($special == 4) {
$activitytypelist = $activitytype ? explode("\n", trim($activitytype)) : '';
include template('post_newthread_activity');
} else {
include template('post_newthread');
}
*/
//} else {
if(True){
if($subject == '' || $message == '') {
//showmessage('post_sm_isnull');
echo('[err]您没有输入标题或内容[/err]');
$db->close;
dexit();
}
if($post_invalid = checkpost()) {
//showmessage($post_invalid);
echo('[err]'.$post_invalid.'[/err]');
$db->close;
dexit();
}
/*灌水时间校验
if(checkflood()) {
showmessage('post_flood_ctrl');
}
*/
if($allowpostattach && is_array($_FILES['attach'])) {
foreach($_FILES['attach']['name'] as $attachname) {
if($attachname != '') {
checklowerlimit($postattachcredits);
break;
}
}
}
$typeid = isset($typeid) && isset($forum['threadtypes']['types'][$typeid]) ? $typeid : 0;
$iconid = !empty($iconid) && isset($_DCACHE['icons'][$iconid]) ? $iconid : 0;
$displayorder = $modnewthreads ? -2 : (($forum['ismoderator'] && !empty($sticktopic)) ? 1 : 0);
$digest = ($forum['ismoderator'] && !empty($addtodigest)) ? 1 : 0;
$blog = $allowuseblog && $forum['allowshare'] && !empty($addtoblog) ? 1 : 0;
$readperm = $allowsetreadperm ? $readperm : 0;
$isanonymous = $isanonymous && $allowanonymous ? 1 : 0;
$price = intval($price);
$price = $maxprice && !$special ? ($price <= $maxprice ? $price : $maxprice) : 0;
if(!$typeid && $forum['threadtypes']['required'] && !$special) {
//showmessage('post_type_isnull');
echo('[err]主题分类不能为空[/err]');
$db->close;
dexit();
}
if($price > 0 && floor($price * (1 - $creditstax)) == 0) {
//showmessage('post_net_price_iszero');
echo('[err]您的主题售价扣除积分交易税后为 0[/err]');
$db->close;
dexit();
}
/*
if($special == 1) {
$pollarray = array();
$polloptions = explode("\n", $polloptions);
foreach($polloptions as $key => $value) {
if(!$value = trim($value)) {
unset($polloptions[$key]);
}
}
if(count($polloptions) > $maxpolloptions) {
showmessage('post_poll_option_toomany');
} elseif(count($polloptions) < 2) {
showmessage('post_poll_inputmore');
}
$maxchoices = $maxchoices >= count($polloptions) ? count($polloptions) : $maxchoices;
$pollarray['options'] = $polloptions;
$pollarray['multiple'] = !empty($multiplepoll);
$pollarray['visible'] = empty($visiblepoll);
if(preg_match("/^\d*$/", trim($maxchoices)) && preg_match("/^\d*$/", trim($expiration))) {
if(!$pollarray['multiple']) {
$pollarray['maxchoices'] = 1;
} elseif(empty($maxchoices)) {
$pollarray['maxchoices'] = 0;
} elseif($maxchoices == 1) {
$pollarray['multiple'] = 0;
$pollarray['maxchoices'] = $maxchoices;
} else {
$pollarray['maxchoices'] = $maxchoices;
}
if(empty($expiration)) {
$pollarray['expiration'] = 0;
} else {
$pollarray['expiration'] = $timestamp + 86400 * $expiration;
}
} else {
showmessage('poll_maxchoices_expiration_invalid');
}
} elseif($special == 3) {
$rewardprice = intval($rewardprice);
if($rewardprice < 1) {
showmessage('reward_credits_please');
} elseif($rewardprice > 32767) {
showmessage('reward_credits_overflow');
} elseif($rewardprice < $minrewardprice || ($maxrewardprice > 0 && $rewardprice > $maxrewardprice)) {
showmessage('reward_credits_between');
} elseif(($realprice = $rewardprice + ceil($rewardprice * $creditstax)) > $_DSESSION["extcredits$creditstrans"]) {
showmessage('reward_credits_shortage');
}
$price = $rewardprice;
$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans-$realprice WHERE uid='$discuz_uid'");
} elseif($special == 4) {
if(empty($starttimefrom[$activitytime])) {
showmessage('activity_fromtime_please');
} elseif(@strtotime($starttimefrom[$activitytime]) === -1 || @strtotime($starttimefrom[$activitytime]) === FALSE) {
showmessage('activity_fromtime_error');
} elseif(@strtotime($starttimefrom[$activitytime]) < $timestamp) {
showmessage('activity_smaller_current');
} elseif($activitytime && ((@strtotime($starttimefrom) > @strtotime($starttimeto) || !$starttimeto))) {
showmessage('activity_fromtime_error');
} elseif(!trim($activityclass)) {
showmessage('activity_sort_please');
} elseif(!trim($activityplace)) {
showmessage('activity_address_please');
} elseif(trim($activityexpiration) && (@strtotime($activityexpiration) === -1 || @strtotime($activityexpiration) === FALSE)) {
showmessage('activity_totime_error');
}
$activity = array();
$activity['class'] = dhtmlspecialchars(trim($activityclass));
$activity['starttimefrom'] = @strtotime($starttimefrom[$activitytime]);
$activity['starttimeto'] = $activitytime ? @strtotime($starttimeto) : 0;
$activity['place'] = dhtmlspecialchars(trim($activityplace));
$activity['cost'] = intval($cost);
$activity['gender'] = intval($gender);
$activity['number'] = intval($activitynumber);
if($activityexpiration) {
$activity['expiration'] = @strtotime($activityexpiration);
} else {
$activity['expiration'] = 0;
}
if(trim($activitycity)) {
$subject .= '['.dhtmlspecialchars(trim($activitycity)).']';
}
} elseif($special == 5) {
if(empty($affirmpoint) || empty($negapoint)) {
showmessage('debate_position_nofound');
} elseif(!empty($endtime) && (!($endtime = @strtotime($endtime)) || $endtime < $timestamp)) {
showmessage('debate_endtime_invalid');
} elseif(!empty($umpire)) {
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}members WHERE username='$umpire'");
if(!$db->result($query, 0)) {
$umpire = dhtmlspecialchars($umpire);
showmessage('debate_umpire_invalid');
}
}
$affirmpoint = dhtmlspecialchars($affirmpoint);
$negapoint = dhtmlspecialchars($negapoint);
$stand = intval($stand);
}
*/
$typeid = $special && $forum['threadtypes']['special'][$typeid] ? 0 : $typeid;
$typeexpiration = intval($typeexpiration);
if($forum['threadtypes']['expiration'][$typeid] && !$typeexpiration) {
//showmessage('threadtype_expiration_invalid');
echo('[err]此主题必须指定有效期[/err]');
$db->close;
dexit();
}
$optiondata = array();
if($forum['threadtypes']['special'][$typeid] && $typeoption && is_array($typeoption) && $checkoption && !$allowspecialonly) {
$optiondata = threadtype_validator($typeoption);
}
$author = !$isanonymous ? $discuz_user : '';
$moderated = $digest || $displayorder > 0 ? 1 : 0;
$attachment = ($allowpostattach && $attachments = attach_upload()) ? 1 : 0;
$subscribed = !empty($emailnotify) && $discuz_uid ? 1 : 0;
$supe_pushstatus = $supe['status'] && $forum['supe_pushsetting']['status'] == 1 && !$modnewthreads ? '1' : '0';
$sgidadd1 = $sgidadd2 = '';
if($iscircle) {
$sgidadd1 = ', sgid';
$sgidadd2 = ", '$sgid'";
}
$db->query("INSERT INTO {$tablepre}threads (fid, readperm, price, iconid, typeid, author, authorid, subject, dateline, lastpost, lastposter, displayorder, digest, blog, special, attachment, subscribed, moderated, supe_pushstatus $sgidadd1)
VALUES ('$fid', '$readperm', '$price', '$iconid', '$typeid', '$author', '$discuz_uid', '$subject', '$timestamp', '$timestamp', '$author', '$displayorder', '$digest', '$blog', '$special', '$attachment', '$subscribed', '$moderated', '$supe_pushstatus' $sgidadd2)");
$tid = $db->insert_id();
if($subscribed) {
$db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)
VALUES ('$discuz_uid', '$tid', '$timestamp', '$timestamp')", 'UNBUFFERED');
}
/*
if($special == 3 && $allowpostreward) {
$db->query("INSERT INTO {$tablepre}rewardlog (tid, authorid, netamount, dateline) VALUES ('$tid', '$discuz_uid', $realprice, '$timestamp')");
}
*/
$db->query("REPLACE INTO {$tablepre}mythreads (uid, tid, dateline, special) VALUES ('$discuz_uid', '$tid', '$timestamp', '$special')", 'UNBUFFERED');
if($moderated) {
updatemodlog($tid, ($displayorder > 0 ? 'STK' : 'DIG'));
updatemodworks(($displayorder > 0 ? 'STK' : 'DIG'), 1);
}
/*
if($special == 1) {
$db->query("INSERT INTO {$tablepre}polls (tid, multiple, visible, maxchoices, expiration)
VALUES ('$tid', '$pollarray[multiple]', '$pollarray[visible]', '$pollarray[maxchoices]', '$pollarray[expiration]')");
foreach($pollarray['options'] as $polloptvalue) {
$polloptvalue = dhtmlspecialchars(trim($polloptvalue));
$db->query("INSERT INTO {$tablepre}polloptions (tid, polloption) VALUES ('$tid', '$polloptvalue')");
}
} elseif($special == 4 && $allowpostactivity) {
$db->query("INSERT INTO {$tablepre}activities (tid, uid, cost, starttimefrom, starttimeto, place, class, gender, number, expiration)
VALUES ('$tid', '$discuz_uid', '$activity[cost]', '$activity[starttimefrom]', '$activity[starttimeto]', '$activity[place]', '$activity[class]', '$activity[gender]', '$activity[number]', '$activity[expiration]')");
} elseif($special == 5 && $allowpostdebate) {
$db->query("INSERT INTO {$tablepre}debates (tid, uid, starttime, endtime, affirmdebaters, negadebaters, affirmvotes, negavotes, umpire, winner, bestdebater, affirmpoint, negapoint, umpirepoint)
VALUES ('$tid', '$discuz_uid', '$timestamp', '$endtime', '0', '0', '0', '0', '$umpire', '', '', '$affirmpoint', '$negapoint', '')");
} else */
if($special == 6 && $allowpostvideo) {
$vid = dhtmlspecialchars($vid);
$vclass = intval($vclass);
$visup = intval($visup);
$vautoplay = intval($vautoplay);
$code = urlencode(authcode("vid=$vid&isup=$visup&vautoplay=$vautoplay&vshare=$vshare&vtitle=$subjectu8&vtag=$tagsu8&vclass=$vclass", 'ENCODE', $vkey));
$returninfo = dfopen("http://union.bokecc.com/discuz2/addv.bo?siteid=$vsiteid&code=$code");
list($vthumb, $shareurl) = explode(',', $returninfo);//note $shareurl : [video]视频id[/video] 预留
$vthumb = dhtmlspecialchars(addslashes($vthumb));
$query = $db->query("INSERT INTO {$tablepre}videos (vid, tid, uid, dateline, vthumb, vtitle, vclass, visup, vautoplay)
VALUES ('$vid', '$tid', '$discuz_uid', '$timestamp', '$vthumb', '$subject', '$vclass', '$visup', '$vautoplay')", 'SILENT');
$videotags = preg_split("/[\s,]+/", str_replace(array(chr(0xa1).chr(0xa1), chr(0xa1).chr(0x40), chr(0xe3).chr(0x80).chr(0x80)), '', $tags));
if($videotags) {
$i = 0;
foreach($videotags as $videotag) {
if($i++ > 5) {
break;
}
$videotag = trim($videotag);
if(preg_match('/^([\x7f-\xff_-]|\w){3,20}$/', $videotag)) {
$vid && $vid != '-1' && $db->query("INSERT INTO {$tablepre}videotags(tagname, vid) VALUES ('$videotag', '$vid')", 'SILENT');
}
}
}
}
if($forum['threadtypes']['special'][$typeid] && $optiondata && is_array($optiondata)) {
foreach($optiondata as $optionid => $value) {
$db->query("INSERT INTO {$tablepre}typeoptionvars (typeid, tid, optionid, value, expiration)
VALUES ('$typeid', '$tid', '$optionid', '$value', '".($typeexpiration ? $timestamp + $typeexpiration : 0)."')");
}
}
$bbcodeoff = checkbbcodes($message, !empty($bbcodeoff));
$smileyoff = checksmilies($message, !empty($smileyoff));
$parseurloff = !empty($parseurloff);
//$htmlon = bindec(($tagstatus && !empty($tagoff) ? 1 : 0).($allowhtml && !empty($htmlon) ? 1 : 0));
$htmlon=1; //允许使用HTML
$pinvisible = $modnewthreads ? -2 : 0;
$db->query("INSERT INTO {$tablepre}posts (fid, tid, first, author, authorid, subject, dateline, message, useip, invisible, anonymous, usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment)
VALUES ('$fid', '$tid', '1', '$discuz_user', '$discuz_uid', '$subject', '$timestamp', '$message', '$onlineip', '$pinvisible', '$isanonymous', '$usesig', '$htmlon', '$bbcodeoff', '$smileyoff', '$parseurloff', '$attachment')");
$pid = $db->insert_id();
if($tagstatus && $tags != '') {
$tags = str_replace(array(chr(0xa1).chr(0xa1), chr(0xa1).chr(0x40), chr(0xe3).chr(0x80).chr(0x80)), ' ', $tags);
$tagarray = array_unique(explode(' ', censor($tags)));
$tagcount = 0;
foreach($tagarray as $tagname) {
$tagname = trim($tagname);
if(preg_match('/^([\x7f-\xff_-]|\w){3,20}$/', $tagname)) {
$query = $db->query("SELECT closed FROM {$tablepre}tags WHERE tagname='$tagname'");
if($db->num_rows($query)) {
if(!$tagstatus = $db->result($query, 0)) {
$db->query("UPDATE {$tablepre}tags SET total=total+1 WHERE tagname='$tagname'", 'UNBUFFERED');
}
} else {
$db->query("INSERT INTO {$tablepre}tags (tagname, closed, total)
VALUES ('$tagname', 0, 1)", 'UNBUFFERED');
$tagstatus = 0;
}
if(!$tagstatus) {
$db->query("INSERT {$tablepre}threadtags (tagname, tid) VALUES ('$tagname', $tid)", 'UNBUFFERED');
}
$tagcount++;
if($tagcount > 4) {
unset($tagarray);
break;
}
}
}
}
$tradeaid = 0;
if($attachment) {
$searcharray = $pregarray = $replacearray = array();
foreach($attachments as $key => $attach) {
$db->query("INSERT INTO {$tablepre}attachments (tid, pid, dateline, readperm, price, filename, description, filetype, filesize, attachment, downloads, isimage, uid, thumb, remote)
VALUES ('$tid', '$pid', '$timestamp', '$attach[perm]', '$attach[price]', '$attach[name]', '$attach[description]', '$attach[type]', '$attach[size]', '$attach[attachment]', '0', '$attach[isimage]', '$attach[uid]', '$attach[thumb]', '$attach[remote]')");
$searcharray[] = '[local]'.$localid[$key].'[/local]';
$pregarray[] = '/\[localimg=(\d{1,3}),(\d{1,3})\]'.$localid[$key].'\[\/localimg\]/is';
$replacearray[] = '[attach]'.$db->insert_id().'[/attach]';
}
$message = str_replace($searcharray, $replacearray, preg_replace($pregarray, $replacearray, $message));
$db->query("UPDATE {$tablepre}posts SET message='$message' WHERE pid='$pid'");
updatecredits($discuz_uid, $postattachcredits, count($attachments));
}
if($iscircle && $sgid) {
supe_dbconnect();
$query = $supe['db']->query("UPDATE {$supe[tablepre]}groups SET lastpost='$timestamp' WHERE gid='$sgid'", 'SILENT');
}
if($modnewthreads) {
$db->query("UPDATE {$tablepre}forums SET todayposts=todayposts+1 WHERE fid='$fid'", 'UNBUFFERED');
//$allowuseblog && $isblog && $blog ? showmessage('post_newthread_mod_blog_succeed', "blog.php?uid=$discuz_uid") : showmessage('post_newthread_mod_succeed', "forumdisplay.php?fid=$fid");
echo('1');
} else {
if($digest) {
foreach($digestcredits as $id => $addcredits) {
$postcredits[$id] = (isset($postcredits[$id]) ? $postcredits[$id] : 0) + $addcredits;
}
}
updatepostcredits('+', $discuz_uid, $postcredits);
$subject = str_replace("\t", ' ', $subject);
$lastpost = "$tid\t$subject\t$timestamp\t$author";
$db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost', threads=threads+1, posts=posts+1, todayposts=todayposts+1 WHERE fid='$fid'", 'UNBUFFERED');
if($forum['type'] == 'sub') {
$db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost' WHERE fid='$forum[fup]'", 'UNBUFFERED');
}
/*
if($allowuseblog && $isblog && $blog) {
showmessage('post_newthread_blog_succeed', "blog.php?tid=$tid");
} else {
showmessage('post_newthread_succeed', "viewthread.php?tid=$tid&extra=$extra".(!empty($frombbs) ? "&frombbs=$frombbs" : ''));
}
*/
echo('1');
}
}
?>