$_value) {
if (!in_array($_key,array('atc_content','atc_title','prosign','pwuser','pwpwd'))) {
S::checkVar($_POST[$_key]);
}
}
foreach ($_GET as $_key => $_value) {
S::checkVar($_GET[$_key]);
}
list($wind_version,$wind_repair,$wind_from) = explode(',',WIND_VERSION);
$db_olsize = 96;
if (false !== ($dirstrpos = strpos($pwServer['SCRIPT_NAME'],$db_dir))) {
$tmp = substr($pwServer['SCRIPT_NAME'],0,$dirstrpos);
$pwServer['PHP_SELF'] = "$tmp.php";
unset($dirstrpos);
} else {
$tmp = $pwServer['SCRIPT_NAME'];
}
$REQUEST_URI = $pwServer['PHP_SELF'].($pwServer['QUERY_STRING'] ? '?'.$pwServer['QUERY_STRING'] : '');
$_mainUrl = $index_url = $db_bbsurl;
$R_url = $db_bbsurl = S::escapeChar("http://".$pwServer['HTTP_HOST'].substr($tmp,0,strrpos($tmp,'/')));
defined('SIMPLE') && SIMPLE && $db_bbsurl = substr($db_bbsurl,0,-7);
$defaultMode = empty($db_mode) ? 'bbs' : $db_mode;
$db_mode = 'bbs';
if ($cookie_lastvisit = GetCookie('lastvisit')) {
list($c_oltime,$lastvisit,$lastpath) = explode("\t",$cookie_lastvisit);
($onbbstime=$timestamp-$lastvisit)<$db_onlinetime && $c_oltime+=$onbbstime;
unset($cookie_lastvisit);
} else {
$lastvisit = $lastpath = '';
$c_oltime = $onbbstime = 0;
Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI);
}
S::gp(array('fid','tid'),'GP',2);
//zzcity add
S::gp(array('fid'));
$zzfids=explode(',',$fid);
if (count($zzfids)>0){
$fid=(int)$zzfids[rand(0,count($zzfids)-1)];
}else
{
echo('[err]参数fid设置错误[/err]');
exit;
}
//zzcity add end
#$db = $ftp = $credit = null;
$ftp = $credit = null;//distributed
//* require_once pwCache::getPath(D_P.'data/sql_config.php');
!is_array($manager) && $manager = array();
$newmanager = array();
foreach ($manager as $key => $value) {
if (!empty($value) && !is_array($value)) {
$newmanager[$key] = $value;
}
}
$manager = $newmanager;
if ($database == 'mysqli' && Pwloaddl('mysqli') === false) {
$database = 'mysql';
}
ObStart();//noizy
if ($db_http != 'N') {
$imgpath = $db_http;
if (D_P != R_P) {
$R_url = substr($db_http,-1)=='/' ? substr($db_http,0,-1) : $db_http;
$R_url = substr($R_url,0,strrpos($R_url,'/'));
}
} else {
$imgpath = $db_picpath;
}
list($attachpath,$imgdir,$attachdir,$pw_posts,$pw_tmsgs,$runfc) = array($db_attachurl != 'N' ? $db_attachurl : $db_attachname, R_P.$db_picpath, R_P.$db_attachname, 'pw_posts', 'pw_tmsgs', 'N');
list($winduid,$windpwd,$safecv) = explode("\t",addslashes(StrCode(GetCookie('winduser'),'DECODE')));
$loginhash = GetVerify($onlineip,$db_pptkey);
if ($db_pptifopen && $db_ppttype == 'client') {
if (strpos($db_pptloginurl,'?') === false) {
$db_pptloginurl .= '?';
} elseif (substr($db_pptloginurl,-1) != '&') {
$db_pptloginurl .= '&';
}
if (strpos($db_pptregurl,'?') === false) {
$db_pptregurl .= '?';
} elseif (substr($db_pptregurl,-1) != '&') {
$db_pptregurl .= '&';
}
$urlencode = rawurlencode($db_bbsurl);
$loginurl = "$db_pptserverurl/{$db_pptloginurl}forward=$urlencode";
$loginouturl= "$db_pptserverurl/$db_pptloginouturl&forward=$urlencode&verify=$loginhash";
$regurl = "$db_pptserverurl/{$db_pptregurl}forward=$urlencode";
} else {
$loginurl = 'login.php';
$loginouturl= "login.php?action=quit&verify=$loginhash";
$regurl = $db_registerfile;
}
$ol_offset = (int)GetCookie('ol_offset');
$skinco = GetCookie('skinco');
if ($db_refreshtime && SCR != 'register' && str_replace("=",'',$REQUEST_URI) == $lastpath && $onbbstime < $db_refreshtime) {
!GetCookie('winduser') && $groupid = 'guest';
$skin = $skinco ? $skinco : $db_defaultstyle;
Showmsg('refresh_limit');
}
if (!$db_bbsifopen && !defined('CK')) {
require_once(R_P.'require/bbsclose.php');
}
$H_url =& $db_wwwurl;
$B_url =& $db_bbsurl;
$_time = array('hours'=>get_date($timestamp,'G'),'day'=>get_date($timestamp,'j'),'week'=>get_date($timestamp,'w'));
$tdtime = PwStrtoTime(get_date($timestamp,'Y-m-d'));
$montime = PwStrtoTime(get_date($timestamp,'Y-m').'-1');
if (!defined('CK')) {
switch (SCR) {
case 'thread': $lastpos = "F$fid";break;
case 'read': $lastpos = "T$tid";break;
case 'cate': $lastpos = "C$fid";break;
case 'index': $lastpos = 'index';break;
case 'mode': $lastpos = $db_mode;break;
default: $lastpos = 'other';
}
if ($timestamp-$lastvisit>$db_onlinetime || $lastpos != GetCookie('lastpos') || GetCookie('oltoken') == 'init') {
$runfc = 'Y';
Cookie('lastpos',$lastpos);
}
}
//zzcity add 用户登录
PwNewDB();
$etuser = $db->get_one("SELECT uid,password FROM pw_members WHERE username=".pwEscape($_POST['pwuser']));
$winduid=$etuser['uid'];
$windpwd=$etuser['password'];
//zzcity add end
if (is_numeric($winduid) && strlen($windpwd)>=16) {
$winddb = User_info();
list($winduid,$groupid,$userrvrc,$windid,$_datefm,$_timedf,$credit_pop) = array($winddb['uid'],$winddb['groupid'],floor($winddb['rvrc']/10),$winddb['username'],$winddb['datefm'],$winddb['timedf'],$winddb['creditpop']);
if ($credit_pop && $db_ifcredit) {//Credit Changes Tips
$credit_pop = str_replace(array('<','"','>'),array('<','"','>'),$credit_pop);
$creditdb = explode('|',$credit_pop);
$credit_pop = S::escapeChar(GetCreditLang('creditpop',$creditdb['0']));
unset($creditdb['0']);
foreach ($creditdb as $val) {
list($credit_1,$credit_2) = explode(':',$val);
$credit_pop .= ''.pwCreditNames($credit_1).' '.$credit_2.'';
}
$userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */
$userService->update($winduid, array(), array('creditpop' => ''));
}
list($winddb['style'],$ifcustomstyle) = explode('|',$winddb['style']);
$skin = $winddb['style'] ? $winddb['style'] : $db_defaultstyle;
list($winddb['onlineip']) = explode('|',$winddb['onlineip']);
$groupid == '-1' && $groupid = $winddb['memberid'];
$winddb['lastpost'] < $tdtime && $winddb['todaypost'] = 0;
$curvalue = $db_signcurtype == 'rvrc' ? $userrvrc : $winddb[$db_signcurtype];
if (getstatus($winddb['userstatus'], PW_USERSTATUS_SHOWSIGN) && (!$winddb['starttime'] && $db_signmoney && strpos($db_signgroup,",$groupid,") !== false && $curvalue > $db_signmoney || $winddb['starttime'] && $winddb['starttime'] != $tdtime)) {
require_once(R_P.'require/Signfunc.php');
Signfunc($winddb['starttime'],$curvalue);
}
unset($curvalue);
} else {
$skin = $db_defaultstyle;
$groupid = 'guest';
$winddb = $windid = $winduid = $_datefm = $_timedf = '';
}
$verifyhash = GetVerify($winduid);
if ($db_bbsifopen==2 && SCR!='login' && !defined('CK')) {
require_once(R_P.'require/bbsclose.php');
}
if ($db_ifsafecv && !$safecv && !defined('PRO') && strpos($db_safegroup,",$groupid,") !== false ) {
Showmsg('safecv_prompt');
}
//* include_once pwCache::getPath(D_P.'data/bbscache/inv_config.php',true);
pwCache::getData(D_P.'data/bbscache/inv_config.php');
if ($inv_linkopen && !$windid && (is_numeric($_GET['u']) || ($_GET['a'] && strlen(rawurldecode($_GET['a']))<16)) && strpos($pwServer['HTTP_REFERER'],$pwServer['HTTP_HOST']) === false) {
S::gp(array('u','a'));
if ($inv_linktype == 0) {
$a = rawurldecode($a);
require_once(R_P.'require/userads.php');
} else {
Cookie('userads',"$u\t$a\t".md5($pwServer['HTTP_REFERER']));
}
}
unset($u,$a,$cookie_userads);
($_POST['skinco']) ? $skinco = $_POST['skinco'] : (($_GET['skinco']) ? $skinco = $_GET['skinco'] : '');
if ($skinco && strpos($skinco,'..')===false && file_exists(D_P."data/style/$skinco.php") ) {
$skin = $skinco;
Cookie('skinco',$skin);
}
if ($db_columns && !defined('W_P') && !defined('SIMPLE') && !defined('COL') && !defined('CK')) {
$j_columns = GetCookie('columns');
if (!$j_columns) {
$db_columns==2 && $j_columns = 2;
Cookie('columns',$j_columns);
}
if ($j_columns==2 && (strpos($pwServer['HTTP_REFERER'],$db_bbsurl)===false || strpos($pwServer['HTTP_REFERER'],$db_adminfile)!==false)) {
strpos($REQUEST_URI,'index.php')===false ? Cookie('columns','1') : ObHeader('columns.php?action=columns');
}
unset($j_columns);
}
Ipban();
Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI);
if ($groupid == 'guest' && $db_guestdir && GetGcache()) {
require_once(R_P.'require/guestfunc.php');
getguestcache();
}
PwNewDB();
unset($db_whybbsclose,$db_whycmsclose,$db_ipban,$db_diy,$dbhost,$dbuser,$dbpw,$dbname,$pconnect,$manager_pwd,$newmanager);
if ($groupid == 'guest') {
//* require_once pwCache::getPath(D_P.'data/groupdb/group_2.php');
pwCache::getData(D_P.'data/groupdb/group_2.php');
} elseif (file_exists(D_P."data/groupdb/group_$groupid.php")) {
//* require_once pwCache::getPath(S::escapePath(D_P."data/groupdb/group_$groupid.php"));
pwCache::getData(S::escapePath(D_P."data/groupdb/group_$groupid.php"));
} else {
//* require_once pwCache::getPath(D_P.'data/groupdb/group_1.php');
pwCache::getData(D_P.'data/groupdb/group_1.php');
}
visitRightByGroup();
if ($_G['pwdlimitime'] && !defined('PRO') && !S::inArray($windid,$manager) && $timestamp-86400*$_G['pwdlimitime']>$winddb['pwdctime'] ) {
Showmsg('pwdchange_prompt');
}
//响应
/**
* 跳转
*
* @global string $db_ifjump
* @param string $URL 跳转url
* @param string $content 跳转提示信息
* @param int $statime 几秒后跳转
* @param bool $forcejump
*/
function refreshto($URL, $content, $statime = 1, $forcejump = false) {
if (defined('AJAX')) Showmsg($content);
global $db_ifjump,$db_htmifopen;
if (!$forcejump && !($db_ifjump && $statime > 0)) {
ObHeader($URL);
} else {
if ($db_htmifopen && strtolower(substr($URL,0,4))!=='http') {
$URL = urlRewrite($URL);
}
ob_end_clean();
global $expires, $db_charset, $tplpath, $fid, $imgpath, $db_obstart, $db_bbsname, $B_url, $forumname, $tpctitle, $db_bbsurl;
$index_name = & $db_bbsname;
$index_url = & $B_url;
ObStart(); //noizy
extract(L::style());
//css file for showmsg
require (L::style('', $skinco, true));
if ("wind" != $tplpath && file_exists(D_P.'data/style/'.$tplpath.'_css.htm')) {
$css_path = D_P.'data/style/'.$tplpath.'_css.htm';
} else{
$css_path = D_P.'data/style/wind_css.htm';
}
//end css file
$content = getLangInfo('refreshto', $content);
if (defined('AREA_PAGE') && function_exists('areaLoadFrontView')) {
require_once areaLoadFrontView('area_manage_refreshto');
} else {
require PrintEot('refreshto');
}
$output = str_replace(array('', '', "\r\n\r\n"), '', ob_get_contents());
echo ObContents($output);
exit();
}
}
/**
* 302跳转
*
* @param string $url
*/
/*
function ObHeader($url) {
ob_end_clean();
header("Location: $url");
exit();
}*/
function ObHeader($URL){
global $db_obstart,$db_bbsurl,$db_htmifopen;
if ($db_htmifopen && strtolower(substr($URL,0,4))!=='http') {
$URL = urlRewrite($URL);
}
ob_end_clean();
if (!$db_obstart) {
ObStart();
echo "";
exit;
}
header("Location: $URL");
exit;
}
/**
* 显示系统提示信息
*
* @param string $msg_info 信息内容
* @param int $dejump ?
*/
//function Showmsg($msg_info, $dejump = 0) {
// @extract($GLOBALS, EXTR_SKIP);
// global $stylepath, $tablewidth, $mtablewidth, $tplpath, $db;
// define('PWERROR', 1);
// $msg_info = getLangInfo('msg', $msg_info);
// if (defined('AJAX')) {
// echo $msg_info;
// ajax_footer();
// }
// $showlogin = false;
// if ($dejump != '1' && $groupid == 'guest' && $REQUEST_URI == str_replace(array('register', 'login'), '', $REQUEST_URI) && (!$db_pptifopen || $db_ppttype != 'client')) {
// if (strpos($REQUEST_URI, 'post.php') !== false || strpos($REQUEST_URI, 'job.php?action=vote') !== false || strpos($REQUEST_URI, 'job.php?action=pcjoin') !== false) {
// $tmpTid = (int) S::getGP('tid', 'GP');
// $tmpTid && $REQUEST_URI = substr($REQUEST_URI, 0, strrpos($REQUEST_URI, '/')) . "/read.php?tid=$tmpTid&toread=1";
// }
// $jumpurl = "http://" . $pwServer['HTTP_HOST'] . $REQUEST_URI;
// //list(, $qcheck) = explode("\t", $db_qcheck);
// $qkey = $db_ckquestion & 2 && $db_question ? array_rand($db_question) : '';
// $showlogin = true;
// }
// extract(L::style());
// //css file for showmsg
// require (L::style('', $skinco, true));
// if ("wind" != $tplpath && file_exists(D_P.'data/style/'.$tplpath.'_css.htm')) {
// $css_path = D_P.'data/style/'.$tplpath.'_css.htm';
// } else{
// $css_path = D_P.'data/style/wind_css.htm';
// }
// //end css file
// list($_Navbar, $_LoginInfo) = pwNavBar();
// ob_end_clean();
// ObStart();
// /*
// if (defined('AREA_PAGE') && function_exists('areaLoadFrontView')) {
// require_once areaLoadFrontView('area_manage_showmsg');exit;
// }*/
// require_once PrintEot('showmsg');
// exit();
//}
//zzcity add
function Showmsg($msg_info, $dejump = 0) {
@extract($GLOBALS, EXTR_SKIP);
global $stylepath, $tablewidth, $mtablewidth, $tplpath, $db;
define('PWERROR', 1);
$msg_info = getLangInfo('msg', $msg_info);
//ob_end_clean();
//ObStart();
echo '[err]'.$msg_info.'[/err]';
exit();
}
//zzcity add end
/**
* 设置响应头
*
* @param int $num 响应状态码
* @param bool $rtarr 是否返回响应头字符串
* @return string
*/
function sendHeader($num, $rtarr = null) {
static $sapi = null;
if ($sapi === null) {
$sapi = php_sapi_name();
}
$header_a = array('200' => 'OK', '206' => 'Partial Content', '304' => 'Not Modified', '404' => '404 Not Found',
'416' => 'Requested Range Not Satisfiable');
if ($header_a[$num]) {
if ($sapi == 'cgi' || $sapi == 'cgi-fcgi') {
$headermsg = "Status: $num " . $header_a[$num];
} else {
$headermsg = "HTTP/1.1: $num " . $header_a[$num];
}
if (empty($rtarr)) {
header($headermsg);
} else {
return $headermsg;
}
}
return '';
}
//全局业务
/**
* 禁止ip
*
* @global string $db_ipban
*/
function Ipban() {
global $db_ipban;
if ($db_ipban) {
global $onlineip, $imgpath, $stylepath;
$baniparray = explode(',', $db_ipban);
$ip = explode(".",$onlineip);
if( in_array($ip[0],$baniparray) || in_array($ip[0].'.'.$ip[1],$baniparray) || in_array($ip[0].'.'.$ip[1].'.'.$ip[2],$baniparray) || in_array($ip[0].'.'.$ip[1].'.'.$ip[2].'.'.$ip[3],$baniparray)) {
Showmsg('ip_ban');
}
}
}
//用户业务
/**
* 获取用户信息
*
* @global DB $db
* @param int $uid
* @return array
*/
function getUserByUid($uid) {
$uid = S::int($uid);
if ($uid < 1) return false;
if (perf::checkMemcache()){
$_cacheService = Perf::getCacheService();
$detail = $_cacheService->get('member_all_uid_' . $uid);
if ($detail && in_array(SCR, array('index', 'read', 'thread', 'post'))){
$_singleRight = $_cacheService->get('member_singleright_uid_' . $uid);
$detail = ($_singleRight === false) ? false : (array)$detail + (array)$_singleRight;
}
if ($detail){
return $detail && $detail['groupid'] != 0 && isset($detail['md.uid']) ? $detail : false;
}
$cache = perf::gatherCache('pw_members');
if (in_array(SCR, array('index', 'read', 'thread', 'post'))){
$detail = $cache->getMembersAndMemberDataAndSingleRightByUserId($uid);
} else {
$detail = $cache->getAllByUserId($uid, true, true);
}
return $detail && $detail['groupid'] != 0 && isset($detail['md.uid']) ? $detail : false;
}else {
global $db;
$sqladd = $sqltab = '';
if (in_array(SCR, array('index', 'read', 'thread', 'post'))) {
$sqladd = (SCR == 'post') ? ',md.postcheck,sr.visit,sr.post,sr.reply' : (SCR == 'read' ? ',sr.visit,sr.reply' : ',sr.visit');
$sqltab = "LEFT JOIN pw_singleright sr ON m.uid=sr.uid";
}
$detail = $db->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.email,m.bday,m.oicq,m.groupid,m.memberid,m.groups,m.icon,m.regdate,m.honor,m.timedf, m.style,m.datefm,m.t_num,m.p_num,m.yz,m.newpm,m.userstatus,m.shortcut,m.medals,md.lastmsg,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.thisvisit,md.onlinetime,md.lastpost,md.todaypost,md.monthpost,md.onlineip,md.uploadtime,md.uploadnum,md.starttime,md.pwdctime,md.monoltime,md.digests,md.f_num,md.creditpop,md.jobnum,md.lastgrab,md.follows,md.fans,md.newfans,md.newreferto,md.newcomment,md.punch $sqladd FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid $sqltab WHERE m.uid=" . S::sqlEscape($uid) . " AND m.groupid<>'0' AND md.uid IS NOT NULL");
return $detail;
}
}
/**
* 获取用户信息
*/
function User_info() {
global $db, $timestamp, $db_onlinetime, $winduid, $windpwd, $bday, $safecv, $db_ifonlinetime, $c_oltime, $onlineip, $db_ipcheck, $tdtime, $montime, $db_ifsafecv, $db_ifpwcache, $uc_server;
PwNewDB();
$detail = getUserByUid($winduid);
if (empty($detail) && $uc_server) {
require_once (R_P . 'require/ucuseradd.php');
}
$loginout = 0;
if ($db_ipcheck && strpos($detail['onlineip'], $onlineip) === false) {
$iparray = explode('.', $onlineip);
strpos($detail['onlineip'], $iparray[0] . '.' . $iparray[1]) === false && $loginout = 1;
}
//zzcity modi
// if (!$detail || PwdCode($detail['password']) != $windpwd || ($db_ifsafecv && $safecv != $detail['safecv']) || $loginout || $detail['yz'] > 1) {
// $GLOBALS['groupid'] = 'guest';
// require_once (R_P . 'require/checkpass.php');
// Loginout();
// if ($detail['yz'] > 1) {
// $GLOBALS['jihuo_uid'] = $detail['uid'];
// Showmsg('login_jihuo');
// }
// Showmsg('ip_change');
// } else {
list($detail['shortcut'], $detail['appshortcut']) = explode("\t", $detail['shortcut']);
unset($detail['password']);
$detail['honor'] = substrs($detail['honor'], 90);
$distime = $timestamp - $detail['lastvisit'];
if ($distime > $db_onlinetime || $distime > 3600) {
/*--- element update ---start*/
if ($db_ifpwcache & 1 && SCR != 'post' && SCR != 'thread') {
L::loadClass('elementupdate', '', false);
$elementupdate = new ElementUpdate();
$elementupdate->userSortUpdate($detail);
}
/*--- element update ---end*/
if (!GetCookie('hideid')) {
$userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */
$updateMemberData = $updateByIncrementMemberData = array();
$updateMemberData['lastvisit'] = $timestamp;
$updateMemberData['thisvisit'] = $timestamp;
if ($db_ifonlinetime) {
$c_oltime = intval($c_oltime);
$c_oltime = $c_oltime <= 0 ? 0 : ($c_oltime > $db_onlinetime * 1.2 ? $db_onlinetime : $c_oltime);
$updateByIncrementMemberData['onlinetime'] = $c_oltime;
if ($detail['lastvisit'] > $montime) {
$updateByIncrementMemberData['monoltime'] = $c_oltime;
} else {
$updateMemberData['monoltime'] = $c_oltime;
}
if ($c_oltime) {
require_once (R_P . 'require/functions.php');
updateDatanalyse($winduid, 'memberOnLine', $c_oltime);
}
$c_oltime = 0;
}
if(get_date($timestamp,'Y-m-d') > get_date($detail['lastvisit'],'Y-m-d')){
/*更新今日登录数*/
$stasticsService = L::loadClass('Statistics', 'datanalyse');
$stasticsService->login($winduid);
}
$userService->update($winduid, array(), $updateMemberData);
$updateByIncrementMemberData && $userService->updateByIncrement($winduid, array(), $updateByIncrementMemberData);
$detail['lastvisit'] = $detail['thisvisit'] = $timestamp;
}
}
//}
return $detail;
}
/**
* 检查用户是否为版块管理员
*
* @param string $forumAdmins 版块管理员
* @param string $fupAdmins 父版块管理员
* @param string $username 用户名
* @return bool
*/
function admincheck($forumAdmins, $fupAdmins, $username) {
if (!$username) {
return false;
}
if ($forumAdmins && strpos($forumAdmins, ",$username,") !== false) {
return true;
}
if ($fupAdmins && strpos($fupAdmins, ",$username,") !== false) {
return true;
}
return false;
}
/**
* 检查是否允许?
*
* @param string $allowGroups 允许的用户组
* @param int $groupId 用户用户组
* @param string $userGroups 用户的用户组
* @param int|string $fid
* @param string $allowForums 允许的论坛
* @return bool
*/
function allowcheck($allowGroups, $groupId, $userGroups, $fid = '', $allowForums = '') {
if ($allowGroups && strpos($allowGroups, ",$groupId,") !== false) {
return true;
}
if ($allowGroups && $userGroups) {
$groupIds = explode(',', substr($userGroups, 1, -1));
foreach ($groupIds as $value) {
if (strpos($allowGroups, ",$value,") !== false) {
return true;
}
}
}
if ($fid && $allowForums && strpos(",$allowForums,", ",$fid,") !== false) {
return true;
}
return false;
}
//在线用户业务
/**
* 更新在线用户
*
* @global string $runfc
* @global string $db_online
*/
function Update_ol() {
global $runfc, $db_online;
if ($runfc == 'Y') {
if ($db_online) {
Sql_ol();
} else {
Txt_ol();
}
$runfc = 'N';
}
}
/**
* 在线用户文本存储实现
*/
function Txt_ol() {
global $ol_offset, $winduid, $db_ipstates, $isModify;
require_once (R_P . 'require/userglobal.php');
if ($winduid > 0) {
list($alt_offset, $isModify) = addonlinefile($ol_offset, $winduid);
} else {
list($alt_offset, $isModify) = addguestfile($ol_offset);
}
$alt_offset != $ol_offset && Cookie('ol_offset', $alt_offset);
$ipscookie = GetCookie('ipstate');
if ($db_ipstates && ((!$ipscookie && $isModify === 1) || ($ipscookie && $ipscookie < $GLOBALS['tdtime']))) {
require_once (R_P . 'require/ipstates.php');
}
}
/**
* 在线用户数据库存储实现
*/
function Sql_ol() {
/**
global $db, $fid, $tid, $timestamp, $windid, $winduid, $onlineip, $groupid, $wind_in, $db_onlinetime, $db_ipstates, $db_today, $lastvisit, $tdtime;
$olid = (int) GetCookie('olid');
$ifhide = $GLOBALS['_G']['allowhide'] && GetCookie('hideid') ? 1 : 0;
$isModify = 0;
$rand = rand(1,10000);
PwNewDB();
if ($olid) {
$sqladd = $winduid ? '(uid=' . S::sqlEscape($winduid) . ' OR olid=' . S::sqlEscape($olid) . ' AND uid=0 AND ip=' . S::sqlEscape($onlineip) . ')' : 'olid=' . S::sqlEscape($olid) . ' AND ip=' . S::sqlEscape($onlineip);
$pwSQL = S::sqlSingle(array('username' => $windid, 'lastvisit' => $timestamp, 'fid' => $fid, 'tid' => $tid,
'groupid' => $groupid, 'action' => $wind_in, 'ifhide' => $ifhide, 'uid' => $winduid, 'ip' => $onlineip,'rand'=>$rand));
$db->update("UPDATE pw_online SET $pwSQL WHERE $sqladd");
if ($winduid && $db->affected_rows() > 1) {
$db->update('DELETE FROM pw_online WHERE uid=' . S::sqlEscape($winduid) . ' AND olid!=' . S::sqlEscape($olid));
}
} elseif (!$_COOKIE) {
$pwSQL = S::sqlSingle(array('username' => $windid, 'lastvisit' => $timestamp, 'fid' => $fid, 'tid' => $tid,
'groupid' => $groupid, 'action' => $wind_in, 'ifhide' => $ifhide, 'uid' => $winduid,'rand'=>$rand));
$db->update("UPDATE pw_online SET $pwSQL WHERE ip=" . S::sqlEscape($onlineip));
}
if (!$olid && $_COOKIE || $db->affected_rows() == 0) {
$db->update('DELETE FROM pw_online WHERE uid!=0 AND uid=' . S::sqlEscape($winduid) . ' OR lastvisit<' . S::sqlEscape($timestamp - $db_onlinetime));
$rt = $db->get_one("SELECT MAX(olid) FROM pw_online", MYSQL_NUM);
$olid = $rt[0] + 1;
$pwSQL = S::sqlSingle(array('olid' => $olid, 'username' => $windid, 'lastvisit' => $timestamp,
'ip' => $onlineip, 'fid' => $fid, 'tid' => $tid, 'groupid' => $groupid, 'action' => $wind_in,
'ifhide' => $ifhide, 'uid' => $winduid));
$db->update("REPLACE INTO pw_online SET $pwSQL");
Cookie('olid', $olid);
$isModify = 1;
}
$ipscookie = GetCookie('ipstate');
if ($db_ipstates && ((!$ipscookie && $isModify === 1) || ($ipscookie && $ipscookie < $GLOBALS['tdtime']))) {
require_once (R_P . 'require/ipstates.php');
}
if ($db_today && $timestamp - $lastvisit > $db_onlinetime) {
require_once (R_P . 'require/today.php');
}
**/
global $winduid, $timestamp, $db_onlinetime, $db_ipstates, $db_today, $lastvisit, $tdtime, $onlineip;
$onlineService = L::loadClass('OnlineService', 'user');
// 统计每日来访IP
$ipscookie = GetCookie('ipstate');
$guestInfo = $onlineService->getGuestInfo();
if ($db_ipstates && (
$ipscookie && $ipscookie < $GLOBALS['tdtime'] ||
!$ipscookie && GetCookie('oltoken')=='init' && $onlineService->countOnlineGuestByIp($guestInfo['ip']) == 0 ||
$guestInfo['ipchange'])) {
require_once (R_P . 'require/ipstates.php');
}
// 统计每日来访会员
if ($db_today && $timestamp - $lastvisit > $db_onlinetime) {
require_once (R_P . 'require/today.php');
}
// 更新在线信息
if (!$_COOKIE || (GetCookie('oltoken') === null && !$winduid)){
$onlineService->setGuestToken();
}else {
$winduid ? $onlineService->updateOnlineUser() : $onlineService->updateOnlineGuest();
}
}
//论坛业务
/**
* 判断
*
* @return bool
*/
function GetGcache() {
global $db_fguestnum, $db_tguestnum, $db_guestindex,$defaultMode;
$page = isset($GLOBALS['page']) ? (int)$GLOBALS['page'] : (int) $_GET['page'];
if (SCR == 'thread' && $page < $db_fguestnum && !isset($_GET['type']) && !S::getGP('search')) {
return true;
} elseif (SCR == 'read' && $page < $db_tguestnum && !isset($_GET['uid'])) {
return true;
} elseif (SCR == 'index' && $db_guestindex && !isset($_GET['cateid']) && (($defaultMode=='bbs' && !$_GET['m']) || $_GET['m']=='bbs')) {
return true;
}
return false;
}
/**
* 获取版块短名
*
* @global array $winddb
* @global array $forum
* @global string $winduid
* @global string $db_shortcutforum
* @return array
*/
function pwGetShortcut() {
static $sForumsShortcut = array();
if (empty($sForumsShortcut)) {
global $winduid, $db_shortcutforum;
$sForumsShortcut = pwGetMyShortcut();
if (empty($sForumsShortcut)) {
if (!$db_shortcutforum && $winduid) {
require_once (R_P . 'require/updateforum.php');
updateshortcut();
//$sForumsShortcut = updateshortcut();
}
}
}
/*侧栏 等处因删除无权查看的隐藏板块*/
global $winddb, $forum ,$groupid,$windid;
//* include_once pwCache::getPath(D_P . 'data/bbscache/forum_cache.php');
extract(pwCache::getData(D_P . 'data/bbscache/forum_cache.php', false));
foreach($sForumsShortcut as $k=>$v){
if($forum[$k]['f_type'] == 'hidden'
&& (!allowcheck($forum['allowvisit'], $groupid, $winddb['groups'], $forum['fid'], $winddb['visit']) && !S::inArray($windid, $manager))) {
unset($sForumsShortcut[$k]);
}
}
return $sForumsShortcut;
}
function pwGetMyShortcut(){
static $sMyForumsShortcut = array();
if (empty($sMyForumsShortcut)) {
global $winddb, $forum;
if (trim($winddb['shortcut'], ',')) {
if (!isset($forum)) {
//* require pwCache::getPath(D_P . 'data/bbscache/forum_cache.php');
extract(pwCache::getData(D_P . 'data/bbscache/forum_cache.php', false));
}
$shortcuts = explode(',', $winddb['shortcut']);
foreach ($shortcuts as $value) {
if ($value && isset($forum[$value])) {
$sMyForumsShortcut[$value] = strip_tags($forum[$value]['name']);
}
}
}
}
return $sMyForumsShortcut;
}
//任务调度业务
/**
* 运行任务调度
*/
function runTask() {
$taskClass = L::loadclass('task', 'task');
$taskClass->run();
}
//任务系统业务
/**
* 运行用户任务系统
*
* @global string $db_job_isopen
* @global int $winduid
* @global int $groupid
*/
function runJob() {
global $db_job_isopen, $winduid, $groupid;
if (!$db_job_isopen || !$winduid) {
return;
}
$taskClass = L::loadclass('autojob', 'job');
$taskClass->run($winduid, $groupid);
}
//模式
/**
* 选择模式
*
* @param string $modeName 模式名
*/
function selectMode(&$modeName,$controll = '') {
global $defaultMode, $db_mode, $db_modes, $db_modepages, $pwServer, $db_modedomain;
if (defined('M_P'))
return;
if (in_array(SCR, array('index', 'mode'))) {
$db_mode = $defaultMode;
if (!$modeName && $db_modedomain) {
$modeName = array_search($pwServer['HTTP_HOST'], $db_modedomain);
}
if ($db_modes && isset($db_modes[$modeName]) && is_array($db_modes[$modeName]) && ($db_modes[$modeName]['ifopen'] || ($modeName == 'area' && in_array($controll,array('manage','dialog'))))) {
$db_mode = $modeName;
}
if (!empty($db_mode) && $db_mode != 'bbs' && file_exists(R_P . "mode/$db_mode/")) {
define('M_P', R_P . "mode/$db_mode/");
$db_modepages = $db_modepages[$db_mode];
$GLOBALS['pwModeImg'] = "mode/$db_mode/images";
}
}
}
/**
* 获取二级域名 //TODO 没有被调用
*
* @param string $url
* @param string $mainUrl
* @return string
*/
function getSecDomain($url, $mainUrl = null) {
global $pwServer;
if ($mainUrl && $url == $mainUrl) {
return '';
}
$dirname = substr($pwServer['HTTP_HOST'], 0, strpos($pwServer['HTTP_HOST'], '.'));
if (preg_match('/[^\w]' . $dirname . '\./i', $mainUrl)) {
return '';
}
return $dirname;
}
//语言包
/**
* 获取语言包文件路径
*
* @param string $lang 语言文件包名
* @param string $EXT 扩展名
*/
function GetLang($lang, $EXT = 'php') {
global $tplpath;
if (file_exists(R_P . "template/$tplpath/lang_$lang.$EXT")) {
return R_P . "template/$tplpath/lang_$lang.$EXT";
} elseif (file_exists(R_P . "template/wind/lang_$lang.$EXT")) {
return R_P . "template/wind/lang_$lang.$EXT";
} else {
exit("Can not find lang_$lang.$EXT file");
}
}
//模板
/**
* 获取模板文件路径
*
* @global string $db_mode
* @global array $db_modes //TODO 未使用
* @global string $pwModeImg
* @global string $db_tplstyle
* @global string $appdir
* @global array $tplapps
* @global string $db_tplpath
* @param string $template 模板文件名
* @param string $EXT 扩展名
* @return string
*/
function PrintEot($template, $EXT = 'htm') {
!$template && $template = 'N';
static $bbsTemplate = null;
isset($bbsTemplate) || $bbsTemplate = new template(new bbsTemplate());
return $bbsTemplate->printEot($template, $EXT);
global $db_mode, $db_modes, $pwModeImg, $db_tplstyle, $appdir;
!$template && $template = 'N';
if (!defined('PWERROR')) { //apps template render
//zhudong 通过判断模板名称为'm_'开头的调用apps目录下的模板
if (defined('A_P') && $appdir && substr($template,0,2) == 'm_' && file_exists(A_P . "$appdir/template/$template.$EXT")) {
return S::escapePath(A_P . "$appdir/template/$template.$EXT");
}
if (defined('F_M')/* || ($db_mode && $db_mode != 'bbs')*/) {
$temp = modeEot($template, $EXT);
if ($temp)
return S::escapePath($temp);
}
}
//if (defined('A_P') && !in_array($template,array('header','footer'))/* || ($db_mode && $db_mode != 'bbs')*/) {
// return A_P."$appdir/template/$template.$EXT";
//}
if (file_exists(R_P . "template/$tplpath/$template.$EXT")) {
return S::escapePath(R_P . "template/$tplpath/$template.$EXT");
} elseif (file_exists(R_P . "template/wind/$template.$EXT")) {
return S::escapePath(R_P . "template/wind/$template.$EXT");
} else {
exit("Can not find $template.$EXT file");
}
}
/**
* 输出页脚,并处理输出缓存中的内容
*/
function footer() {
global $db, $db_obstart, $db_footertime, $P_S_T, $mtablewidth, $db_ceoconnect, $wind_version, $imgpath, $stylepath, $footer_ad, $db_union, $timestamp, $db_icp, $db_icpurl, $db_advertdb, $groupid, $db_ystats_ifopen, $db_ystats_unit_id, $db_ystats_style, $pwServer, $db_ifcredit, $credit_pop, $db_foot, $db_mode, $db_modes, $shortcutforum, $_G, $winddb, $db_toolbar, $winduid, $db_menuinit, $db_appifopen, $db_job_ispop, $db_job_isopen, $db_siteappkey, $_Navbar,$db_statscode;
defined('AJAX') && ajax_footer();
$wind_spend = '';
//$db_statscode = html_entity_decode($db_statscode);
$ft_gzip = ($db_obstart ? 'Gzip enabled' : 'Gzip disabled') . $db_union[3];
if ($db_footertime == 1) {
$totaltime = number_format((pwMicrotime() - $P_S_T), 6);
$qn = $db ? $db->query_num : 0;
$wind_spend = "Total $totaltime(s) query $qn,";
}
$ft_time = get_date($timestamp, 'm-d H:i');
$db_icp && $db_icp = "$db_icp";
if ($db_toolbar) {
if ($_COOKIE['toolbarhide']) {
$toolbarstyle = 'style="display:none"';
$openbarstyle = '';
$closebarstyle = 'style="display:none"';
} else {
$toolbarstyle = '';
$openbarstyle = 'style="display:none"';
$closebarstyle = '';
if ($db_appifopen) {
$appshortcut = trim($winddb['appshortcut'], ',');
if (!empty($appshortcut) && $db_siteappkey) {
$appshortcut = explode(',', $appshortcut);
$bottom_appshortcut = array();
$appclient = L::loadClass('appclient');
$bottom_appshortcut = $appclient->userApplist($winduid, $appshortcut, 1);
}
}
}
}
$db_menuinit = trim($db_menuinit, ',');
runJob();
require PrintEot('footer');
if ($db_advertdb['Site.PopupNotice'] || $db_advertdb['Site.FloatLeft'] || $db_advertdb['Site.FloatRight'] || $db_advertdb['Site.FloatRand']) {
require PrintEot('advert');
}
pwOutPut();
}
function pwOutPut() {
global $db_htmifopen, $db_redundancy, $SCR, $groupid;
Update_ol();
$output = parseHtmlUrlRewrite(ob_get_contents(), $db_htmifopen);
if ($db_redundancy && $SCR != 'post') {
$output = str_replace(array("\r", '-->', '-->', '', "\n", '', '', "", "\t\t", ' ', "\n\t", "\n\n"), array('', '', '', '', '', '', '', '', '', '',"\n", "\n"), $output);
} else {
$output = str_replace(array('-->','-->', '', "\r\n", '', '', "\t\t\t"), '', $output);
}
if ($SCR != 'post' && !defined('AJAX')) {
$ceversion = defined('CE') ? 1 : 0;
$output .= "";
}
if ($groupid == 'guest' && !defined('MSG') && GetGcache()) {
require_once (R_P . 'require/guestfunc.php');
creatguestcache($output);
}
if (defined('SHOWLOG')) Error::writeLog();
if (defined('PW_PACK_FILES')) pwPack::files();
echo ObContents($output);
unset($output);
N_flush();
exit();
}
/**
* 获取目录路径
*
* @param string $path 文件路径
* @return string
*/
function getdirname($path = null) {
if (!empty($path)) {
if (strpos($path, '\\') !== false) {
return substr($path, 0, strrpos($path, '\\')) . '/';
} elseif (strpos($path, '/') !== false) {
return substr($path, 0, strrpos($path, '/')) . '/';
}
}
return './';
}
/**
* 设置状态
*
* @param int $status
* @param int $b
* @param string $setv
*/
function setstatus(&$status, $b, $setv = '1') {
--$b;
for ($i = strlen($setv) - 1; $i >= 0; $i--) {
if ($setv[$i]) {
$status |= 1 << $b;
} else {
$status &= ~(1 << $b);
}
++$b;
}
//return $status;
}
//安全
/**
* 获取客户端唯一hash
*
* @param string $str 附加信息
* @param string $app
* @return string
*/
function GetVerify($str, $app = null) {
empty($app) && $app = $GLOBALS['db_siteid'];
return substr(md5($str . $app . $GLOBALS['pwServer']['HTTP_USER_AGENT']), 8, 8);
}
/**
* POST请求检查
*
* @global array $pwServer
* @param int $checkHash 是否检查请求hash
* @param int $checkGd 是否检查验证码
* @param int $checkQuestion 是否检查安全问题
* @param int $checkReferer 是否检查refer
*/
function PostCheck($checkHash = 1, $checkGd = 0, $checkQuestion = 0, $checkReferer = 1) {
global $pwServer;
$checkHash && checkVerify();
if ($checkReferer && $pwServer['REQUEST_METHOD'] == 'POST') {
$refererParsed = @parse_url($pwServer['HTTP_REFERER']);
if ($refererParsed['host']) {
list($httpHost) = explode(':', $pwServer['HTTP_HOST']);
if ($refererParsed['host'] != $httpHost) {
Showmsg('undefined_action');
}
}
}
$checkGd && GdConfirm($_POST['gdcode']);
$checkQuestion && Qcheck($_POST['qanswer'], $_POST['qkey']);
}
/**
* 校验请求的hash字符串
*
* @param string $hash 系统hash的key
*/
function checkVerify($hash = 'verifyhash') {
//zzcity modi
// S::getGP('verify') != $GLOBALS[$hash] && Showmsg('illegal_request');
}
/**
* 校验验证码
*
* @param string $code
*/
function GdConfirm($code,$bool = null) {
Cookie('cknum', '', 0);
if (!$code || !SafeCheck(explode("\t", StrCode(GetCookie('cknum'), 'DECODE')), strtoupper($code), 'cknum', 1800)) {
if($bool){
return false;
}else{
Showmsg('check_error');
}
}
return true;
}
/**
* 随机机器问题1
* @param boolean $setCookie
*/
function getMachineQuestion_1($setCookie = true){
global $timestamp;
$alg = mt_rand(0,1);//+-
$num1 = mt_rand(1,100);
switch($alg){
case 0:
$num2 = mt_rand(0,100-$num1);
$symbol = '+';
$answer = $num1 + $num2;
break;
case 1:
$num2 = mt_rand(0,$num1);
$symbol = '-';
$answer = $num1 - $num2;
break;
}
$setCookie && Cookie('ckquestion',StrCode($timestamp."\t\t".md5($answer.$timestamp)));
return sprintf('%s %s %s = ?',$num1,$symbol,$num2);
}
/**
* 校验问题
*
* @global string $db_question
* @global array $db_answer
* @param string $answer 答案
* @param string $qkey
*/
function Qcheck($answer, $qkey) {
global $db_question, $db_answer;
if($qkey < 0){
//机选问题
//Cookie('ckquestion', '', 0);
if(!is_string($answer) || $answer === '' || !SafeCheck(explode("\t", StrCode(GetCookie('ckquestion'), 'DECODE')), $answer, 'ckquestion', 1800 , false ,false)){
Showmsg('qcheck_error');
}
}elseif($db_question && (!isset($db_answer[$qkey]) || $answer != $db_answer[$qkey])){
Showmsg('qcheck_error');
}
}
//数据库
/**
* 初始化数据库连接
*/
function PwNewDB() {
if (!is_object($GLOBALS['db'])) {
global $db, $database, $dbhost, $dbuser, $dbpw, $dbname, $PW, $charset, $pconnect;
require_once S::escapePath(R_P . "require/db_$database.php");
$db = new DB($dbhost, $dbuser, $dbpw, $dbname, $PW, $charset, $pconnect);
}
}
//系统
/**
* 加载扩展
*
* @param string $module 扩展模块名
* @param string $checkFunction 检测函数
* @return bool
*/
function Pwloaddl($module, $checkFunction = 'mysqli_get_client_info') {
return extension_loaded($module) && $checkFunction && function_exists($checkFunction) ? true : false;
}
/**
* 操作加锁
*
* @param string $action 操作名
* @param int $uid
* @return bool 是否成功
*/
function procLock($action, $uid = 0) {
global $db, $timestamp;
if ($db->query("INSERT INTO pw_proclock (uid,action,time) VALUES ('$uid','$action','$timestamp')", 'U', false)) {
return true;
}
$db->update("DELETE FROM pw_proclock WHERE uid='$uid' AND action='$action' AND time < '$timestamp' - 30");
return false;
}
/**
* 操作解锁
*
* @param string $action 操作名
* @param int $uid
*/
function procUnLock($action = '', $uid = 0) {
$GLOBALS['db']->update("DELETE FROM pw_proclock WHERE uid='$uid' AND action='$action'");
}
/**
* 获取微妙时间
*
* performance 2010-2-10
* @return float
*/
function pwMicrotime() {
$t_array = explode(' ', microtime());
return $t_array[0] + $t_array[1];
}
/**
* 生成导航条信息
*
* @return array
*/
function pwNavBar() {
global $winduid, $db_mainnav, $db_menu, $groupid, $winddb, $SCR, $db_modes, $db_mode, $defaultMode, $db_menuinit;
global $alias;
$tmpLogin = $tmpNav = array();
if ($groupid != 'guest') {
require_once (R_P . 'require/showimg.php');
list($tmpLogin['faceurl']) = showfacedesign($winddb['icon'], 1, 's');
$tmpLogin['lastlodate'] = get_date($winddb['lastvisit'], 'Y-m-d');
} else {
global $db_question, $db_logintype, $db_qcheck,$db_ckquestion;
if ($db_question) {
list(,$tmpLogin['showq']) = explode("\t", $db_qcheck);
$tmpLogin['qcheck'] = $db_ckquestion & 2;
if ($tmpLogin['qcheck'])
$tmpLogin['qkey'] = array_rand($db_question);
}
if ($db_logintype) {
for ($i = 0; $i < 3; $i++) {
if ($db_logintype & pow(2, $i))
$tmpLogin['logintype'][] = $i;
}
} else {
$tmpLogin['logintype'][0] = 0;
}
}
$postion = $db_mode;
if (defined('APP_GROUP')) $postion = 'group'; //群组定位特殊处理
$currentPostion = array();
$currentPostion['mode'] = $postion;
if (in_array(SCR, array('index', 'cate', 'mode', 'read', 'thread')) || $SCR == 'm_home') {
$currentPostion['mode'] = empty($postion) ? 'bbs' : $postion;
}
if ($currentPostion['mode'] == 'area' && $alias) $currentPostion['alias'] = $alias;
$navConfigService = L::loadClass('navconfig', 'site'); /* @var $navConfigService PW_NavConfig */
$tmpNav[PW_NAV_TYPE_MAIN] = $navConfigService->findValidNavListByTypeAndPostion(PW_NAV_TYPE_MAIN, $postion, $currentPostion);
$tmpNav[PW_NAV_TYPE_HEAD_LEFT] = $navConfigService->findValidNavListByTypeAndPostion(PW_NAV_TYPE_HEAD_LEFT, $postion);
$tmpNav[PW_NAV_TYPE_HEAD_RIGHT] = $navConfigService->findValidNavListByTypeAndPostion(PW_NAV_TYPE_HEAD_RIGHT, $postion);
$tmpNav[PW_NAV_TYPE_FOOT] = $navConfigService->findValidNavListByTypeAndPostion(PW_NAV_TYPE_FOOT, $postion);
return array($tmpNav, $tmpLogin);
}
/**
* 生成导航html
*
* @param array $navData 导航配置数据数组
*/
function buildNavLinkHtml($navData) {
$title = strip_tags($navData['title']);
$navData['style']['b'] && $title = "$title";
$navData['style']['i'] && $title = "$title";
$navData['style']['u'] && $title = "$title";
$navData['style']['color'] && $title = "$title";
$target = $navData['target'] ? 'target="_blank"' : '';
return ''.$title.'';
}
/**
* 根据用户组来判断站点访问权限
*/
function visitRightByGroup() {
global $_G, $groupid, $manager, $windid, $pwServer;
if (defined('CK') && CK == 1) return;
if (S::inArray(SCR,array('sendpwd', 'login', 'register', 'job'))) {
$action = S::getGP('action');
if (SCR !== 'job' || $pwServer['HTTP_USER_AGENT'] == 'Shockwave Flash' && S::inArray($action, array('mutiupload', 'mutiuploadphoto', 'uploadicon'))) return;
}
if (empty($_G['allowvisit'])) {
if (empty($groupid) || $groupid == 'guest') {
if (defined('AJAX') && $_GET['action'] == 'pwschools') return;
ObHeader('login.php');
} elseif (!S::inArray($windid, $manager)) {
@extract($GLOBALS, EXTR_SKIP);
require_once (R_P.'header.php');
require_once PrintEot('error');
footer();
}
}
}
class bbsTemplate {
var $dir;
function bbsTemplate() {
$this->dir = R_P . 'template/';
}
function getpath($template, $EXT = 'htm') {
if (!defined('PWERROR')) {
global $appdir;
if (defined('A_P') && $appdir && substr($template,0,2) == 'm_' && file_exists(A_P . "$appdir/template/$template.$EXT")) {
return S::escapePath(A_P . "$appdir/template/$template.$EXT");
}
if (defined('F_M')/* || ($db_mode && $db_mode != 'bbs')*/) {
$temp = modeEot($template, $EXT);
if ($temp)
return S::escapePath($temp);
}
}
$tplpath = L::style('tplpath');
if (file_exists($this->dir . "$tplpath/$template.$EXT")) {
return $this->dir . "$tplpath/$template.$EXT";
}
if (file_exists($this->dir . "wind/$template.$EXT")) {
return $this->dir . "wind/$template.$EXT";
}
return false;
}
function getDefaultDir() {
return $this->dir . 'wind/';
}
}
//global.php结束
require_once(R_P.'require/functions.php');
$m = S::getGP('m');
S::gp ( array ('q') );
$m='cms'; //zzcity add
$q='post'; //zzcity add
selectMode($m,$q);
$_POST['cms_sourcetype']='thread'; //zzcity add
if ($m && $pwServer ['HTTP_HOST'] == $db_modedomain[$m]) {
$baseUrl = "mode.php";
$basename = "mode.php?";
} else {
$baseUrl = "mode.php?m=$m";
$basename = "mode.php?m=$m&";
}
if (file_exists ( M_P . "m_{$q}.php" )) {
@include_once pwCache::getPath(S::escapePath(D_P . 'data/bbscache/' . $db_mode . '_config.php'));
${$db_mode.'_sitename'} = ${$db_mode.'_sitename'} ? ${$db_mode.'_sitename'} : $db_bbsname;
$db_mode == 'cms' && $db_bbsname = ${$db_mode.'_sitename'};
//current user
$tname = ($q != "user" && isset($winddb['username'])) ? $winddb['username'].' - ' : '';
isset($o_navinfo['KEY'.$q]) && $webPageTitle = strip_tags($o_navinfo['KEY'.$q]['html']).' - '.$tname.$webPageTitle;
unset($tname);
if ($groupid != 3 && $o_share_groups && strpos ( $o_share_groups, ",$groupid," ) === false) {
$shareGM = 1;
}
if (file_exists ( M_P . 'require/core.php' )) {
require_once (M_P . 'require/core.php');
}
// require_once S::escapePath ( M_P . "m_{$q}.php" );
// zzcity add mode/cms/m_post.php 开始
//!defined('M_P') && exit('Forbidden');
S::gp(array('action', 'step', 'cid', 'ajax','iscontinue'));
if ($ajax == 1) define('AJAX', '1');
//if (!getPostPurview($windid, $_G) && !checkEditPurview($windid, $cid)) Showmsg('您没有发表文章的权限');
$articleService = C::loadClass('articleservice'); /* @var $articleService PW_ArticleService */
cmsSeoSettings();
//if (!$action) {
// if (!$step) {
// $pagePosition = $cms_sitename ? "$cms_sitename":'首页';
// S::gp(array('sourcetype', 'sourceid'));
// $columnService = C::loadClass('columnservice');
// /* @var $columnService PW_columnService */
// $columns = $columnService->getAllOrderColumns(0,$windid);
// $purviews = $columnService->getAllPurviewColumns($windid);
//
// $hasSource = isGM($windid) || checkEditPurview($windid) ? true : false;//栏目编辑或创始人才有权限使用自动调用
// if (!$hasSource) {
// $sourcetype = $sourceid = null;
// }
// $articleModule = $articleService->getArticleModuleFromSource($sourcetype, $sourceid);
// $content = $articleModule->content;
// $articleModule->setColumnId($cid);
//
// list($filetype, $filetypeinfo) = initFileTypeInfo($db_uploadfiletype);
// require_once (M_P . 'require/header.php');
// } else {
S::gp(array('cms_subject', 'atc_content', 'cms_descrip'), 'P', 0);
S::gp(array('cms_sourcetype', 'cms_sourceid', 'cid', 'cms_jumpurl', 'cms_author', 'cms_frominfo',
'cms_fromurl', 'cms_relate', 'addnewpage', 'cms_timelimit', 'flashatt'));
// $cms_timelimit = ($cms_timelimit && (isGM($windid) || checkEditPurview($windid))) ? PwStrtoTime($cms_timelimit) : $timestamp;
//zzcity modi
$cms_timelimit = $_POST['newstime'] ? PwStrtoTime($_POST['newstime']) : $timestamp;
$cms_jumpurl = ($cms_jumpurl && (isGM($windid) || checkEditPurview($windid))) ? $cms_jumpurl : '';
PostCheck();
$columnService = C::loadClass('columnservice');
$column = $columnService->findColumnById((int)$cid);
$purviews = $columnService->getAllPurviewColumns($windid);
// if (!windid && !isGM($windid) && !in_array($column['column_id'], $purviews) && (!$column['allowoffer'] || !getPostPurview($windid, $_G))) {
// Showmsg('你没有权限向本栏目添加文章');
// }
//zzcity add
$zzcids=explode(',',$cid);
if (count($zzcids)>0){
$cid=(int)$zzcids[rand(0,count($zzcids)-1)];
}else
{
echo('[err]cid is error[/err]');
exit;
}
function jscv($code) {
$code = str_replace('\\"','"',$code);
$code = preg_replace('/[\s]on[\w]+\s*=\s*(\\\"|\\\\\').+?\\1/is',"",$code);
$code = preg_replace("/[\s]on[\w]+\s*=[^\s]*/is","",$code);
return '<'.$code.'>';
}
//zzcity add end
$articleModule = C::loadClass('articleModule'); /* @var $articleModule PW_ArticleModule */
$articleModule->setSubject($cms_subject);
$articleModule->setContent($atc_content);
$articleModule->setDescrip($cms_descrip);
$articleModule->setColumnId($cid);
$articleModule->setJumpUrl($cms_jumpurl);
$articleModule->setPostDate($cms_timelimit);
$articleModule->setModifyDate($timestamp);
$articleModule->setFromInfo($cms_frominfo);
$articleModule->setFromUrl($cms_fromurl);
$articleModule->setAuthor($cms_author);
$articleModule->setUser($windid);
$articleModule->setUserId($winduid);
$articleModule->setIfCheck(1);
$articleModule->setSourceType($cms_sourcetype);
$articleModule->setSourceId($cms_sourceid);
$articleModule->setRelate($cms_relate);
$articleModule->showError();//解决因错误导致附件丢失问题
$articleModule->setAttach($flashatt);
$articleModule->showError();
$result = $articleService->addArticle($articleModule);
if ($result) {
// $jumpUrl = $addnewpage ? $basename . "q=post&action=edit&id=" . $result . "&page=add" : $basename . "q=view&id=" . $result;
$columnService = C::loadClass('columnservice'); /* @var $columnService PW_ColumnService */
$cname = $columnService->getColumnNameByCIds($cid);
$weiboService = L::loadClass('weibo','sns');/* @var $weiboService PW_Weibo */
$weiboContent = substrs(stripWindCode($weiboService->escapeStr($articleModule->descrip)), 125);
$weiboExtra = array(
'title' => stripslashes($cms_subject),
'cid' => $cid,
'cname' => $cname,
);
$weiboService->send($winduid,$weiboContent,'cms',$result,$weiboExtra);
// $msg = defined('AJAX') ? "success\t".urlRewrite($jumpUrl) : '添加文章成功!';
// refreshto($jumpUrl, $msg);
echo('[ok]');
} else {
Showmsg('添加文章失败');
}
// }
//} elseif ($action == 'edit') {
// S::gp(array('id', 'page'));
// $articleModule = $articleService->getArticleModule($id);
// $userid = $articleModule->userId;
// if (!checkEditPurview($windid, $articleModule->columnId) && $userid != $winduid) Showmsg('你没有权限编辑本栏目的文章');
// if (!$step) {
// if (!$page) $page = 1;
// if (!is_object($articleModule)) Showmsg('文章不存在');
//
// $pagePosition = getPosition($articleModule->columnId,'','',$cms_sitename);
//
// $columnService = C::loadClass('columnservice'); /* @var $columnService PW_columnService */
// $columns = $columnService->getAllOrderColumns(0,$windid);
//
// $attach = initAttach($articleModule->attach);
// $postdate = get_date($articleModule->postDate);
//
// $content = $articleModule->getPageContent($page);
// $articleModule->showError();
//
// $pages = $articleModule->getPages($page, CMS_BASEURL.'q=post&action=edit&id=' . $id . '&');
//
// list($filetype, $filetypeinfo) = initFileTypeInfo($db_uploadfiletype);
// require_once (M_P . 'require/header.php');
// } else {
// S::gp(array('cms_subject', 'atc_content', 'cms_descrip'), 'P', 0);
// S::gp(array('cms_sourcetype', 'cms_sourceid', 'cid', 'cms_jumpurl', 'cms_author', 'cms_frominfo',
// 'cms_fromurl', 'cms_relate', 'keep', 'oldatt_desc', 'addnewpage', 'cms_timelimit'));
// $cms_timelimit = ($cms_timelimit && (isGM($windid) || checkEditPurview($windid))) ? PwStrtoTime($cms_timelimit) : $timestamp;
// $cms_jumpurl = ($cms_jumpurl && (isGM($windid) || checkEditPurview($windid))) ? $cms_jumpurl : '';
// PostCheck();
// $articleModule->setSubject($cms_subject);
// $articleModule->setContent($atc_content, $page);
// $articleModule->setDescrip($cms_descrip);
// $articleModule->setColumnId($cid);
// $articleModule->setJumpUrl($cms_jumpurl);
// $articleModule->setPostDate($cms_timelimit);
// $articleModule->setModifyDate($timestamp);
// $articleModule->setFromInfo($cms_frominfo);
// $articleModule->setFromUrl($cms_fromurl);
// $articleModule->setAuthor($cms_author);
// $articleModule->setUser($windid);
// $articleModule->setUserId($winduid);
// $articleModule->setRelate($cms_relate);
// $articleModule->setSourceType($cms_sourcetype);
// $articleModule->setSourceId($cms_sourceid);
// $articleModule->setAttach($oldatt_desc, $keep);
// $articleModule->showError();
//
// $result = $articleService->updateArticle($articleModule);
// if ($result) {
// $jumpUrl = $addnewpage ? $basename . "q=post&action=edit&id=" . $id . "&page=add" : $basename . "q=view&id=" . $id;
// $msg = defined('AJAX') ? "success\t".$jumpUrl : '修改文章成功!';
// refreshto($jumpUrl, $msg);
// } else {
// Showmsg('修改文章失败');
// }
// }
//} elseif ($action == 'deletepage') {
// S::gp(array('id', 'page'));
// $articleModule = $articleService->getArticleModule($id);
//
// if (!checkEditPurview($windid, $articleModule->columnId) && $articleModule->user != $windid) Showmsg('你没有权限编辑本栏目的文章');
//
// $articleModule->deletePage($page);
// $articleModule->showError();
// $result = $articleService->updateArticle($articleModule);
// if ($result) {
// refreshto("{$basename}q=post&action=edit&id=$id&page=1", 'operate_success', 2);
// } else {
// Showmsg('删除分页失败');
// }
//}
//
//require cmsTemplate::printEot('post');
//footer();
function initFileTypeInfo($db_uploadfiletype) {
$uploadfiletype = ($db_uploadfiletype) ? unserialize($db_uploadfiletype) : array();
$attachAllow = pwJsonEncode($uploadfiletype);
$imageAllow = pwJsonEncode(getAllowKeysFromArray($uploadfiletype, array('jpg','jpeg','gif','png','bmp')));
return array($attachAllow, $imageAllow);
}
function initAttach($attachs) {
$attach = '';
if ($attachs) {
foreach ($attachs as $key => $value) {
$attach .= "'$key' : ['$value[name]', '$value[size]', '$value[attachurl]', '$value[type]', '0', '0', '', '$value[descrip]'],";
}
$attach = rtrim($attach, ',');
}
return $attach;
}
// zzcity add mode/cms/m_post.php 结束
} else {
Showmsg ( 'undefined_action' );
}
?>