$_value) { if (!in_array($_key,array('GLOBALS','_POST','_GET','_COOKIE','_SERVER','_FILES','wind_in'))) { ${$_key} = ''; unset(${$_key}); } } $t_array = explode(' ',microtime()); $P_S_T = $t_array[0] + $t_array[1]; $timestamp = time(); define('R_P',getdirname(__FILE__)); define('D_P',R_P); define('P_W','global'); !defined('SCR') && define('SCR','other'); require_once(R_P.'require/common.php'); require_once(R_P.'require/defend.php'); //open pw mode if (!empty($db_mode) && file_exists(R_P."mode/$db_mode/")) { define('M_P',R_P."mode/$db_mode/"); $pwModeImg = "mode/$db_mode/images"; $db_modepages = unserialize($db_modepages); } else { $db_mode = ''; } $dirstrpos = strpos($pwServer['PHP_SELF'],$db_dir); if ($dirstrpos !== false) { $tmp = substr($pwServer['PHP_SELF'],0,$dirstrpos); $pwServer['PHP_SELF'] = "$tmp.php"; } else { $tmp = $pwServer['PHP_SELF']; } $REQUEST_URI = $pwServer['PHP_SELF'].'?'.$pwServer['QUERY_STRING']; if (GetCookie('lastvisit')) { list($c_oltime,$lastvisit,$lastpath) = explode("\t",GetCookie('lastvisit')); ($onbbstime=$timestamp-$lastvisit)<$db_onlinetime && $c_oltime+=$onbbstime; } else { $lastvisit = $lastpath = ''; $c_oltime = $onbbstime = 0; Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI); } if (defined('AJAX')) { require_once(R_P.'require/ajaxfunc.php'); } $db_cvtime != 0 && $timestamp += $db_cvtime*60; $db_debug && error_reporting(E_ALL ^ E_NOTICE); $wind_version = '7.0'; $db_olsize = 96; $R_url = $db_bbsurl = Char_cv("http://".$pwServer['HTTP_HOST'].substr($tmp,0,strrpos($tmp,'/'))); defined('SIMPLE') && SIMPLE && $db_bbsurl = substr($db_bbsurl,0,-7); InitGP(array('fid','tid'),'GP',2); $db = $credit = null; require_once(D_P.'data/sql_config.php'); !is_array($manager) && $manager = array(); $newmanager = array(); foreach ($manager as $key => $value) { if (!empty($value) && !is_array($value)) { $newmanager[$key] = $value; } } $manager = $newmanager; if ($database == 'mysqli' && Pwloaddl('mysqli') === false) { $database = 'mysql'; } ObStart();//noizy if ($db_http != 'N') { $imgpath = $db_http; if (D_P != R_P) { $R_url = substr($db_http,-1)=='/' ? substr($db_http,0,-1) : $db_http; $R_url = substr($R_url,0,strrpos($R_url,'/')); } } else { $imgpath = $db_picpath; } $attachpath = $db_attachurl != 'N' ? $db_attachurl : $db_attachname; $imgdir = R_P.$db_picpath; $attachdir = R_P.$db_attachname; $pw_posts = 'pw_posts'; $pw_tmsgs = 'pw_tmsgs'; $runfc = 'N'; list($winduid,$windpwd,$safecv) = explode("\t",addslashes(StrCode(GetCookie('winduser'),'DECODE'))); $loginhash = GetVerify($onlineip,$db_pptkey); if ($db_pptifopen && $db_ppttype == 'client') { if (strpos($db_pptloginurl,'?') === false) { $db_pptloginurl .= '?'; } elseif (substr($db_pptloginurl,-1) != '&') { $db_pptloginurl .= '&'; } if (strpos($db_pptregurl,'?') === false) { $db_pptregurl .= '?'; } elseif (substr($db_pptregurl,-1) != '&') { $db_pptregurl .= '&'; } $urlencode = rawurlencode($db_bbsurl); $loginurl = "$db_pptserverurl/{$db_pptloginurl}forward=$urlencode"; $loginouturl= "$db_pptserverurl/$db_pptloginouturl&forward=$urlencode&verify=$loginhash"; $regurl = "$db_pptserverurl/{$db_pptregurl}forward=$urlencode"; } else { $loginurl = 'login.php'; $loginouturl= "login.php?action=quit&verify=$loginhash"; $regurl = $db_registerfile; } $ol_offset = GetCookie('ol_offset'); $skinco = GetCookie('skinco'); if ($db_refreshtime && $REQUEST_URI == $lastpath && $onbbstime < $db_refreshtime) { !GetCookie('winduser') && $groupid = 'guest'; $skin = $skinco ? $skinco : $db_defaultstyle; Showmsg('refresh_limit'); } if (!$db_bbsifopen && !defined('CK')) { require_once(R_P.'require/bbsclose.php'); } $H_url =& $db_wwwurl; $B_url =& $db_bbsurl; $t = array('hours'=>gmdate('G',$timestamp+$db_timedf*3600)); $tdtime = PwStrtoTime(get_date($timestamp,'Y-m-d')); $montime = PwStrtoTime(get_date($timestamp,'Y-m').'-1'); if ($_COOKIE || $timestamp%3 == 0) { switch (SCR) { case 'thread': $lastpos = "F$fid";break; case 'read': $lastpos = "T$tid";break; case 'index': $lastpos = 'index';break; default: $lastpos = 'other'; } if ($timestamp-$lastvisit>$db_onlinetime || $lastpos != GetCookie('lastpos')) { $runfc = 'Y'; Cookie('lastpos',$lastpos); } } //ET增加 PwNewDB(); $etuser = $db->get_one("SELECT uid,password FROM pw_members WHERE username=".pwEscape($_POST['pwuser'])); $winduid=$etuser['uid']; $windpwd=$etuser['password']; if (is_numeric($winduid) && strlen($windpwd)>=16) { //exit($winduid); $winddb = User_info(); $winduid = $winddb['uid']; $groupid = $winddb['groupid']; $userrvrc = (int)($winddb['rvrc']/10); $windid = $winddb['username']; $_datefm = $winddb['datefm']; $_timedf = $winddb['timedf']; list($winddb['style'],$ifcustomstyle) = explode('|',$winddb['style']); $skin = $winddb['style'] ? $winddb['style'] : $db_defaultstyle; list($winddb['onlineip']) = explode('|',$winddb['onlineip']); $groupid == '-1' && $groupid = $winddb['memberid']; $curvalue = $db_signcurtype == 'rvrc' ? $userrvrc : $winddb[$db_signcurtype]; if (getstatus($winddb['userstatus'],10) && (!$winddb['starttime'] && $db_signmoney && strpos($db_signgroup,",$groupid,") !== false && $curvalue > $db_signmoney || $winddb['starttime'] && $winddb['starttime'] != $tdtime)) { require_once(R_P.'require/Signfunc.php'); Signfunc($winddb['starttime'],$curvalue); } unset($curvalue); } else { $skin = $db_defaultstyle; $groupid = 'guest'; $winddb = $windid = $winduid = $_datefm = $_timedf = ''; } $verifyhash = GetVerify($winduid); if ($db_bbsifopen==2 && SCR!='login' && !defined('CK')) { require_once(R_P.'require/bbsclose.php'); } if ($db_ifsafecv && strpos($db_safegroup,",$groupid,") !== false && !$safecv && !defined('PRO')) { Showmsg('safecv_prompt'); } if ($db_ads && !$windid && (is_numeric($_GET['u']) || ($_GET['a'] && strlen($_GET['a'])<16)) && strpos($pwServer['HTTP_REFERER'],$pwServer['HTTP_HOST'])===false) { InitGP(array('u','a')); Cookie('userads',"$u\t$a\t".md5($pwServer['HTTP_REFERER'])); } elseif (GetCookie('userads') && $db_ads=='1') { list($u,$a) = explode("\t",GetCookie('userads')); if ((int)$u>0 || ($a && strlen($a)<16)) { require_once(R_P.'require/userads.php'); } } if ($_POST['skinco']) { $skinco = $_POST['skinco']; } elseif ($_GET['skinco']) { $skinco = $_GET['skinco']; } if ($skinco && file_exists(D_P."data/style/$skinco.php") && strpos($skinco,'..')===false) { $skin = $skinco; Cookie('skinco',$skin); } if ($db_columns && !defined('W_P') && !defined('SIMPLE') && !defined('COL')) { $j_columns = GetCookie('columns'); if (!$j_columns) { $db_columns==2 && $j_columns = 2; Cookie('columns',$j_columns); } if ($j_columns==2 && (strpos($pwServer['HTTP_REFERER'],$db_bbsurl)===false || strpos($pwServer['HTTP_REFERER'],$db_adminfile)!==false)) { strpos($REQUEST_URI,'index.php')===false ? Cookie('columns','1') : ObHeader('columns.php?action=columns'); } } Ipban(); Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI); if ($groupid == 'guest' && $db_guestdir && GetGcache()) { require_once(R_P.'require/guestfunc.php'); getguestcache(); } PwNewDB(); unset($_key,$_value,$defined_vars,$t_array,$db_whybbsclose,$db_whycmsclose,$db_ipban,$db_diy,$dbhost,$dbuser,$dbpw,$dbname,$pconnect,$manager_pwd,$newmanager); if ($groupid == 'guest') { require_once(D_P.'data/groupdb/group_2.php'); } elseif (file_exists(D_P."data/groupdb/group_$groupid.php")) { require_once Pcv(D_P."data/groupdb/group_$groupid.php"); } else { require_once(D_P.'data/groupdb/group_1.php'); } if ($_G['pwdlimitime'] && !CkInArray($windid,$manager) && $timestamp-86400*$_G['pwdlimitime']>$winddb['pwdctime'] && !defined('PRO')) { Showmsg('pwdchange_prompt'); } $SCR = SCR; $header_ad = $footer_ad = ''; if (SCR != 'read') { $advertdb = AdvertInit(SCR,$fid); if (is_array($advertdb['header'])) { $header_ad = $advertdb['header'][array_rand($advertdb['header'])]['code']; } if (is_array($advertdb['footer'])) { $footer_ad = $advertdb['footer'][array_rand($advertdb['footer'])]['code'] .'
'; } unset($advertdb['header'],$advertdb['footer']); } function refreshto($URL,$content,$statime=1){ if (defined('AJAX')) Showmsg($content); global $db_ifjump; $URL = str_replace('=','=',$URL); if ($db_ifjump && $statime>0) { ob_end_clean(); global $expires,$db_charset,$tplpath,$fid,$imgpath,$db_obstart,$db_bbsname,$skin,$B_url,$forumname,$tpctitle,$bgcolor,$cbgfont,$linkcolor,$tdcolor,$forumcolortwo; $index_name =& $db_bbsname; $index_url =& $B_url; ObStart();//noizy if (file_exists(D_P."data/style/$skin.php") && strpos($skin,'..')===false) { include_once Pcv(D_P."data/style/$skin.php"); } else { include_once(D_P.'data/style/wind.php'); } $content = getLangInfo('refreshto',$content); @require PrintEot('refreshto');exit; } else { ObHeader($URL); } } function ObHeader($URL){ global $db_obstart,$db_bbsurl,$db_htmifopen; if ($db_htmifopen && strncasecmp($URL,'http',4) != 0) { $URL = "$db_bbsurl/$URL"; } ob_end_clean(); if (!$db_obstart) { ob_start(); echo "";exit; } header("Location: $URL");exit; } function Showmsg($msg_info,$dejump=0){ @extract($GLOBALS, EXTR_SKIP); global $stylepath,$tablewidth,$mtablewidth,$tplpath; $msg_info = getLangInfo('msg',$msg_info); if (defined('AJAX')) { echo $msg_info; ajax_footer(); } $showlogin = false; if ($dejump!='1' && $groupid=='guest' && $REQUEST_URI==str_replace(array('register','login'),'',$REQUEST_URI) && (!$db_pptifopen || $db_ppttype != 'client')) { if (strpos($REQUEST_URI,'post.php')!==false) { $tmpTid = (int)GetGP('tid','P'); $tmpTid && $REQUEST_URI = substr($REQUEST_URI,0,strrpos($REQUEST_URI,'/'))."/read.php?tid=$tmpTid&toread=1"; } if ($db_htmifopen) { $REQUEST_URI = str_replace(array('.php?','&','='),array($db_dir,'-','-'),$REQUEST_URI); strpos($REQUEST_URI,$db_ext)===false && $REQUEST_URI .= $db_ext; } $jumpurl = "http://".$pwServer['HTTP_HOST'].$REQUEST_URI; list(,$qcheck)=explode("\t",$db_qcheck); $qkey = $qcheck && $db_question ? array_rand($db_question) : ''; $showlogin = true; } define('MSG',1); $subject = strip_tags($msg_info).' - '; require_once(R_P.'require/header.php'); require_once PrintEot('showmsg');exit; } function GetLang($lang,$EXT='php'){ global $tplpath; if (file_exists(R_P."template/$tplpath/lang_$lang.$EXT")) { return R_P."template/$tplpath/lang_$lang.$EXT"; } elseif (file_exists(R_P."template/wind/lang_$lang.$EXT")) { return R_P."template/wind/lang_$lang.$EXT"; } else { exit("Can not find lang_$lang.$EXT file"); } } function PrintEot($template,$EXT='htm'){ //Copyright (c) 2003-09 PHPWind global $tplpath,$db_mode; !$template && $template = 'N'; if (defined('M_P') && $db_mode && file_exists(M_P."template/$template.$EXT")) { return modeEot($template,$EXT); } elseif (file_exists(R_P."template/$tplpath/$template.$EXT")) { return R_P."template/$tplpath/$template.$EXT"; } elseif (file_exists(R_P."template/wind/$template.$EXT")) { return R_P."template/wind/$template.$EXT"; } else { exit("Can not find $template.$EXT file"); } } function Ipban(){ global $db_ipban,$onlineip,$imgpath,$stylepath; if ($db_ipban) { $baniparray = explode(',',$db_ipban); foreach ($baniparray as $banip) { if ($banip && strpos(",$onlineip.",','.trim($banip).'.')!==false) { Showmsg('ip_ban'); } } } } function Update_ol(){ global $runfc,$db_online; if ($runfc == 'Y') { if ($db_online) { Sql_ol(); } else { Txt_ol(); } $runfc = 'N'; } } function Txt_ol(){ global $ol_offset,$winduid,$db_ipstates,$isModify; require_once(R_P.'require/userglobal.php'); if ($winduid>0) { list($alt_offset,$isModify) = addonlinefile($ol_offset,$winduid); } else { list($alt_offset,$isModify) = addguestfile($ol_offset); } $alt_offset!=$ol_offset && Cookie('ol_offset',$alt_offset); if ($db_ipstates && ((!GetCookie('ipstate') && $isModify===1) || (GetCookie('ipstate') && GetCookie('ipstate')<$GLOBALS['tdtime']))) { require_once(R_P.'require/ipstates.php'); } } function Sql_ol(){ global $db,$fid,$tid,$timestamp,$windid,$winduid,$onlineip,$groupid,$wind_in,$db_onlinetime,$db_ipstates,$db_today,$lastvisit; $olid = (int)GetCookie('olid'); $ifhide = $GLOBALS['_G']['allowhide'] && GetCookie('hideid') ? 1 : 0; $isModify = 0; PwNewDB(); if ($olid) { $sqladd = $winduid ? '(uid='.pwEscape($winduid).' OR olid='.pwEscape($olid).' AND uid=0 AND ip='.pwEscape($onlineip).')' : 'olid='.pwEscape($olid).' AND ip='.pwEscape($onlineip); $pwSQL = pwSqlSingle(array( 'username' => $windid, 'lastvisit' => $timestamp, 'fid' => $fid, 'tid' => $tid, 'groupid' => $groupid, 'action' => $wind_in, 'ifhide' => $ifhide, 'uid' => $winduid, 'ip' => $onlineip )); $db->update("UPDATE pw_online SET $pwSQL WHERE $sqladd"); if ($winduid && $db->affected_rows() > 1) { $db->update('DELETE FROM pw_online WHERE uid='.pwEscape($winduid).' AND olid!='.pwEscape($olid)); } } elseif (!$_COOKIE) { $pwSQL = pwSqlSingle(array( 'username' => $windid, 'lastvisit' => $timestamp, 'fid' => $fid, 'tid' => $tid, 'groupid' => $groupid, 'action' => $wind_in, 'ifhide' => $ifhide, 'uid' => $winduid )); $db->update("UPDATE pw_online SET $pwSQL WHERE ip=".pwEscape($onlineip)); } if (!$olid && $_COOKIE || $db->affected_rows()==0) { $db->update('DELETE FROM pw_online WHERE uid!=0 AND uid='.pwEscape($winduid).' OR lastvisit<'.pwEscape($timestamp-$db_onlinetime)); $rt = $db->get_one("SELECT MAX(olid) FROM pw_online",MYSQL_NUM); $olid = $rt[0]+1; $pwSQL = pwSqlSingle(array( 'olid' => $olid, 'username' => $windid, 'lastvisit' => $timestamp, 'ip' => $onlineip, 'fid' => $fid, 'tid' => $tid, 'groupid' => $groupid, 'action' => $wind_in, 'ifhide' => $ifhide, 'uid' => $winduid )); $db->update("REPLACE INTO pw_online SET $pwSQL"); Cookie('olid',$olid); $isModify = 1; } if ($db_ipstates && ((!GetCookie('ipstate') && $isModify===1) || (GetCookie('ipstate') && GetCookie('ipstate')<$GLOBALS['tdtime']))) { require_once(R_P.'require/ipstates.php'); } if ($db_today && $timestamp-$lastvisit>$db_onlinetime) { require_once(R_P.'require/today.php'); } } function footer(){ global $db,$db_obstart,$db_footertime,$db_htmifopen,$P_S_T,$mtablewidth,$db_ceoconnect,$wind_version,$imgpath,$stylepath,$footer_ad,$db_union,$timestamp,$db_icp,$db_icpurl,$advertdb,$groupid,$SCR,$ceversion,$db_ystats_ifopen,$db_ystats_unit_id,$db_ystats_style,$db_redundancy; defined('AJAX') && ajax_footer(); Update_ol(); $wind_spend = ''; $ft_gzip = ($db_obstart ? 'Gzip enabled' : 'Gzip disabled').$db_union[3]; if ($db_footertime == 1){ $t_array = explode(' ',microtime()); $totaltime = number_format(($t_array[0]+$t_array[1]-$P_S_T),6); $qn = $db ? $db->query_num : 0; $wind_spend = "Total $totaltime(s) query $qn,"; } $ft_time = get_date($timestamp,'m-d H:i'); $db_icp && $db_icp = "$db_icp"; require PrintEot('footer'); if ($advertdb['float'] || $advertdb['popup'] || $advertdb['leftfloat'] || $advertdb['rightfloat']) { require PrintEot('advert'); } $output = ob_get_contents(); if ($db_htmifopen) { $output = preg_replace( "/\]+\s*)href\=([\"|\']?)(?!(http|ftp|telnet|mms|rtsp|rss|".$GLOBALS['db_adminfile']."))([^\"\'>\s]+\.php\?[^\"\'>\s]+\s?)[\"|\']?/ies", "Htm_cv('\\4','\n","\n<","}\n","{\n",";\n","/\n","\t ",">\t","\t<","}\t","{\t",";\t","/\t",' ','','',substr(R_P,0,-1)), array('',"\n",' ',' ','>','<','}','{',';','/',' ','>','<','}','{',';','/',' ','','',''), $output ); } else { $output = str_replace(array('','',substr(R_P,0,-1)),'',$output); } if ($SCR != 'post') { $output .= ""; } if ($groupid == 'guest' && !defined('MSG') && GetGcache()) { require_once(R_P.'require/guestfunc.php'); creatguestcache($output); } echo ObContents($output); unset($output); exit; } function Htm_cv($url,$tag){ global $db_dir,$db_ext; $tmppos = strpos($url,'#'); $add = $tmppos!==false ? substr($url,$tmppos) : ''; $url = str_replace( array('.php?','=','&','&',$add), array($db_dir,'-','-','-',''), $url ).$db_ext.$add; return stripslashes($tag)."$url\""; } function User_info(){ global $db,$timestamp,$db_onlinetime,$winduid,$windpwd,$safecv,$db_ifonlinetime,$c_oltime,$onlineip,$db_ipcheck,$tdtime,$montime,$db_ifsafecv,$db_ifpwcache; $ct = $sqladd = $sqltab = ''; PwNewDB(); if (in_array(SCR,array('index','read','thread','post'))) { $sqladd = SCR=='post' ? ",md.postcheck,sr.visit,sr.post,sr.reply" : ",sr.visit"; $sqltab = "LEFT JOIN pw_singleright sr ON m.uid=sr.uid"; } $detail = $db->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.email,oicq,m.groupid,m.memberid,m.groups,m.icon,m.regdate,m.honor,m.timedf,m.style,m.datefm,m.t_num,m.p_num,m.yz,m.newpm,m.userstatus,m.shortcut,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.thisvisit,md.onlinetime,md.lastpost,md.todaypost,md.monthpost,md.onlineip,md.uploadtime,md.uploadnum,md.starttime,md.pwdctime,md.monoltime,md.digests $sqladd FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid $sqltab WHERE m.uid=".pwEscape($winduid)); $loginout = 'N'; if ($db_ipcheck && strpos($detail['onlineip'],$onlineip)===false) { $iparray = explode('.',$onlineip); strpos($detail['onlineip'],"$iparray[0].$iparray[1]")===false && $loginout = 'Y'; } /* if (!$detail || PwdCode($detail['password'])!=$windpwd || $db_ifsafecv && $safecv!=$detail['safecv'] || $loginout=='Y') { unset($detail); $GLOBALS['groupid'] = 'guest'; require_once(R_P.'require/checkpass.php'); Loginout(); Showmsg('ip_change'); } else { */ unset($detail['password']); $detail['honor'] = substrs($detail['honor'],90); if ($timestamp - $detail['lastvisit'] > $db_onlinetime || $timestamp - $detail['lastvisit'] > 3600) { //Start elementupdate if ($db_ifpwcache & 1 && SCR != 'post' && SCR != 'thread') { require_once(R_P.'require/elementupdate.class.php'); $elementupdate = new ElementUpdate(); $elementupdate->userSortUpdate($detail); } //End elementupdate if (!GetCookie('hideid')) { $ct = 'lastvisit='.pwEscape($timestamp).',thisvisit='.pwEscape($timestamp); if ($db_ifonlinetime && $c_oltime > 0) { $c_oltime > $db_onlinetime*1.2 && $c_oltime = $db_onlinetime; $ct .= ',onlinetime=onlinetime+'.pwEscape($c_oltime); if ($detail['lastvisit'] > $montime) { $ct .= ',monoltime=monoltime+'.pwEscape($c_oltime); } else { $ct .= ',monoltime='.pwEscape($c_oltime); } $c_oltime = 0; } $db->update("UPDATE pw_memberdata SET $ct WHERE uid=".pwEscape($winduid)); $detail['lastvisit'] = $detail['thisvisit'] = $timestamp; } } // } return $detail; } function AdvertInit($SCR,$fid){ global $timestamp,$db_advertdb,$db_txtadnum; !(int)$db_txtadnum && $db_txtadnum=4; $newadvert = array(); foreach ($db_advertdb as $key => $value) { foreach ($value as $v) { if ($v['endtime']>=$timestamp) { if ($SCR=='index' && strpos(",$v[fid],",",-1,")!==false) { $newadvert[$key][] = $v; } elseif ($SCR=='thread' && strpos(",$v[fid],",",-2,")!==false) { $newadvert[$key][] = $v; } elseif ($SCR=='read' && strpos(",$v[fid],",",-3,")!==false) { $newadvert[$key][] = $v; } elseif (strpos(",$v[fid],",",-4,")!==false) { $newadvert[$key][] = $v; } elseif ($fid && strpos(",$v[fid],",",$fid,")!==false) { $newadvert[$key][] = $v; } } } } return $newadvert; } function readad($ads,$lou,$p){ if (!$ads || !is_array($ads) || !$lou) return false; shuffle($ads); foreach ($ads as $value) { if ($value['position']==$p && (strpos(",$value[lou],",',-1,')!==false || strpos(",$value[lou],",",$lou,")!==false)) { return $value['code']; } } return false; } function admincheck($forumadmin,$fupadmin,$username){ if (!$username) { return false; } if ($forumadmin && strpos($forumadmin,",$username,")!==false) { return true; } if ($fupadmin && strpos($fupadmin,",$username,")!==false) { return true; } return false; } function getdirname($path=null){ if (!empty($path)) { if (strpos($path,'\\')!==false) { return substr($path,0,strrpos($path,'\\')).'/'; } elseif (strpos($path,'/')!==false) { return substr($path,0,strrpos($path,'/')).'/'; } } return './'; } function allowcheck($allowgroup,$groupid,$groups,$fid='',$allowforum=''){ if ($allowgroup && strpos($allowgroup,",$groupid,")!==false) { return true; } if ($allowgroup && $groups) { $groupids = explode(',',substr($groups,1,-1)); foreach ($groupids as $value) { if (strpos($allowgroup,",$value,")!==false) { return true; } } } if ($fid && $allowforum && strpos(",$allowforum,",",$fid,")!==false) { return true; } return false; } function ObContents($output){ //Copyright (c) 2003-09 PHPWind ob_end_clean(); if (!headers_sent() && $GLOBALS['db_obstart'] && GetServer('HTTP_ACCEPT_ENCODING') && N_output_zip()!='ob_gzhandler') { $encoding = ''; if (strpos(' '.GetServer('HTTP_ACCEPT_ENCODING'),'gzip') !== false) { $encoding = 'gzip'; } elseif (strpos(' '.GetServer('HTTP_ACCEPT_ENCODING'),'x-gzip') !== false) { $encoding = 'x-gzip'; } if ($encoding && function_exists('crc32') && function_exists('gzcompress')) { header('Content-Encoding: '.$encoding); $outputlen = strlen($output); $outputzip = "\x1f\x8b\x08\x00\x00\x00\x00\x00"; $outputzip .= substr(gzcompress($output,$GLOBALS['db_obstart']),0,-4); $outputzip .= @pack('V',crc32($output)); $output = $outputzip.@pack('V',$outputlen); } else { ObStart(); } } else { ObStart(); } return $output; } function ObStart(){ //Copyright (c) 2003-09 PHPWind ObGetMode() == 1 ? ob_start('ob_gzhandler') : ob_start(); } function ObGetMode(){ //Copyright (c) 2003-09 PHPWind static $mode = null; if ($mode !== null) { return $mode; } $mode = 0; if ($GLOBALS['db_obstart'] && function_exists('ob_gzhandler') && N_output_zip()!='ob_gzhandler' && (!function_exists('ob_get_level') || ob_get_level()<1)) { $mode = 1; } return $mode; } function N_flush(){ //Copyright (c) 2003-09 PHPWind if (N_output_zip() == 'ob_gzhandler') { return; } if (php_sapi_name() != 'apache2handler' && php_sapi_name() != 'apache2filter') { flush(); } if (function_exists('ob_get_status') && ob_get_status() && function_exists('ob_flush') && !ObGetMode($GLOBALS['db_obstart'])) { @ob_flush(); } } function N_output_zip(){ //Copyright (c) 2003-09 PHPWind static $output_handler = null; if ($output_handler === null) { if (@ini_get('zlib.output_compression')) { $output_handler = 'ob_gzhandler'; } else { $output_handler = @ini_get('output_handler'); } } return $output_handler; } function GetGcache() { global $db_fguestnum,$db_tguestnum,$db_guestindex; $page = isset($GLOBALS['page']) ? $GLOBALS['page'] : (int)$_GET['page']; if (SCR == 'thread' && $page < $db_fguestnum && !isset($_GET['type']) && !GetGP('search')) { return true; } elseif (SCR == 'read' && $page < $db_tguestnum && !isset($_GET['uid'])) { return true; } elseif (SCR == 'index' && $db_guestindex && !isset($_GET['cateid'])) { return true; } return false; } function GetVerify($str,$app = null) { empty($app) && $app = $GLOBALS['db_siteid']; return substr(md5($str.$app.$GLOBALS['pwServer']['HTTP_USER_AGENT']),8,8); } function PostCheck($verify = 1,$gdcheck = 0,$qcheck = 0,$refer = 1) { global $pwServer; $verify && checkVerify(); if ($refer && $pwServer['REQUEST_METHOD'] == 'POST') { $referer_a = @parse_url($pwServer['HTTP_REFERER']); if ($referer_a['host']) { list($http_host) = explode(':',$pwServer['HTTP_HOST']); if ($referer_a['host'] != $http_host) { Showmsg('undefined_action'); } } } $gdcheck && GdConfirm($_POST['gdcode']); $qcheck && Qcheck($_POST['qanswer'],$_POST['qkey']); } function checkVerify($hash = 'verifyhash') { GetGP('verify') <> $GLOBALS[$hash] && Showmsg('illegal_request'); } function GdConfirm($code) { Cookie('cknum','',0); if (!$code || !SafeCheck(explode("\t",StrCode(GetCookie('cknum'),'DECODE')),strtoupper($code),'cknum',1800)) { Showmsg('check_error'); } } function Qcheck($answer,$qkey) { global $db_question,$db_answer; if ($db_question && (!isset($db_answer[$qkey]) || $answer!=$db_answer[$qkey])) { Showmsg('qcheck_error'); } } function PwNewDB() { if (!is_object($GLOBALS['db'])) { global $db,$database,$dbhost,$dbuser,$dbpw,$dbname,$pconnect; require_once Pcv(R_P."require/db_$database.php"); $db = new DB($dbhost,$dbuser,$dbpw,$dbname,$pconnect); } } function Pwloaddl($mod,$ckfunc='mysqli_get_client_info') { return extension_loaded($mod) && $ckfunc && function_exists($ckfunc) ? true : false; } function setstatus(&$status,$b,$setv = '1') { --$b; for ($i = strlen($setv)-1; $i >= 0 ; $i--) { if ($setv[$i]) { $status |= 1 << $b; } else { $status &= ~(1 << $b); } ++$b; } //return $status; } function sendHeader($num,$rtarr=null){ static $sapi = null; if ($sapi===null) { $sapi = php_sapi_name(); } $header_a = array( '200' => 'OK', '206' => 'Partial Content', '304' => 'Not Modified', '404' => '404 Not Found', '416' => 'Requested Range Not Satisfiable', ); if ($header_a[$num]) { if ($sapi=='cgi' || $sapi=='cgi-fcgi') { $headermsg = "Status: $num ".$header_a[$num]; } else { $headermsg = "HTTP/1.1: $num ".$header_a[$num]; } if (empty($rtarr)) { header($headermsg); } else { return $headermsg; } } return; } /** * 添加会员最新动作 * * @param int $uid 动作会员UID * @param string $type 动作类型 * @param mixed $log 动作描述 */ function pwAddFeed($uid,$type,$log) { global $db,$timestamp; if (is_array($log)) { empty($log['lang']) && $log['lang'] = $type; $descrip = Char_cv(getLangInfo('feed',$log['lang'],$log)); } else { $descrip = Char_cv($log); } $db->update("INSERT INTO pw_feed" . " SET " . pwSqlSingle(array( 'uid' => $uid, 'type' => $type, 'descrip' => $descrip, 'timestamp' => $timestamp ),false) ); } function getLastDate($time){ global $timestamp,$tdtime; $decrease = $timestamp-$time; $thistime = PwStrtoTime(get_date($time,'Y-m-d')); $result = get_date($time); if ($thistime == $tdtime) { if ($decrease <= 3600) { return array(ceil($decrease/60),'minute',$result); } else { return array(ceil($decrease/3600),'hour',$result); } } elseif ($thistime == $tdtime-86400) { return array('','yesterday',$result); } elseif ($thistime == $tdtime-86400*2) { return array('','qiantian',$result); } elseif ($decrease <= 7776000) { return array(ceil($decrease/86400),'day',$result); } else { return array($result,false,$result); } } function procLock($t, $u = 0) { global $db,$timestamp; if ($db->query("INSERT INTO pw_proclock (uid,action,time) VALUES ('$u','$t','$timestamp')",'U',false)) { return true; } $db->update("DELETE FROM pw_proclock WHERE uid='$u' AND action='$t' AND time < '$timestamp' - 30"); return false; } function procUnLock($t = '', $u = 0) { $GLOBALS['db']->update("DELETE FROM pw_proclock WHERE uid='$u' AND action='$t'"); } //global.php结束 require_once(R_P.'require/forum.php'); include_once(D_P.'data/bbscache/cache_post.php'); $action = "reply"; /** * 版块缓冲文件 */ //empty($fid) && Showmsg('undefined_action'); empty($fid) && exit('[err]fid is null[/err]'); $foruminfo = $db->get_one("SELECT * FROM pw_forums f LEFT JOIN pw_forumsextra fe USING(fid) WHERE f.fid=".pwEscape($fid)." AND type<>'category'"); //!$foruminfo && Showmsg('data_error'); empty($fid) && exit('[err]pw7 error(data_error):Read data error[/err]'); $forumset = unserialize($foruminfo['forumset']); $creditset = $foruminfo['creditset']; wind_forumcheck($foruminfo); /* * 获取管理权限 */ /* $isGM = CkInArray($windid,$manager); $isBM = admincheck($foruminfo['forumadmin'],$foruminfo['fupadmin'],$windid); $admincheck = ($isGM || $isBM) ? 1 : 0; if (!$admincheck && !$foruminfo['allowvisit']) { forum_creditcheck(); } if ($forumset['allowtime'] && !$isGM && !allowcheck($forumset['allowtime'],$t['hours'],'') && !pwRights($isBM,'allowtime')) { Showmsg('forum_allowtime'); } list($uploadcredit,$uploadmoney,,) = explode("\t",$forumset['uploadset']); InitGP(array('action','special','article','pid','p_type')); $replacedb = array(); $special = (int)$special; $secondurl = "thread.php?fid=$fid"; !$action && $action = "new"; if ($action == 'new' && !($foruminfo['allowtype'] & pow(2,$special))) { if (empty($special) && $foruminfo['allowtype'] > 0) { $special = (int)log($foruminfo['allowtype'],2); } else { Showmsg('post_allowtype'); } } list($db_openpost,$db_poststart,$db_postend) = explode("\t",$db_openpost); if ($db_openpost == 1 && $groupid != 3 && $groupid != 4) { if ($db_poststart < $db_postend && ($t['hours'] < $db_poststart || $t['hours'] >= $db_postend)) { Showmsg('post_openpost'); } elseif ($db_poststart > $db_postend && ($t['hours'] < $db_poststart && $t['hours'] >= $db_postend)) { Showmsg('post_openpost'); } } */ /** * 禁止受限制用户发言 */ /* if ($groupid == 6 || getstatus($winddb['userstatus'],1)) { $pwSQL = ''; $flag = 0; $bandb = $delban = array(); $query = $db->query("SELECT * FROM pw_banuser WHERE uid=".pwEscape($winduid)); while ($rt = $db->fetch_array($query)) { if ($rt['type'] == 1 && $timestamp - $rt['startdate'] > $rt['days']*86400) { $delban[] = $rt['id']; } elseif ($rt['fid'] == 0 || $rt['fid'] == $fid) { $bandb[$rt['fid']] = $rt; } else { $flag = 1; } } $delban && $db->update('DELETE FROM pw_banuser WHERE id IN('.pwImplode($delban).')'); ($groupid == 6 && !isset($bandb[0])) && $pwSQL .= "groupid='-1',"; if (getstatus($winddb['userstatus'],1) && !isset($bandb[$fid]) && !$flag) { $pwSQL .= 'userstatus=userstatus&(~1),'; } if ($pwSQL = rtrim($pwSQL,',')) { $db->update("UPDATE pw_members SET $pwSQL WHERE uid=".pwEscape($winduid)); } if ($bandb) { $bandb = current($bandb); if ($bandb['type'] == 1) { $s_date = get_date($bandb['startdate']); $e_date = $bandb['startdate'] + $bandb['days']*86400; $e_date = get_date($e_date); Showmsg('ban_info1'); } else { if ($bandb['type'] == 3) { Cookie('force',$winduid); Showmsg('ban_info3'); } else { Showmsg('ban_info2'); } } } } if (GetCookie('force') && $winduid != GetCookie('force')) { $force = GetCookie('force'); $bandb = $db->get_one("SELECT type FROM pw_banuser WHERE uid=".pwEscape($force)." AND fid='0'"); if ($bandb['type'] == 3) { Showmsg('ban_info3'); } else { Cookie('force','',0); } } */ /** * 需要验证用户只有通过管理员验证后才能发帖 */ /* if ($groupid == '7') { Showmsg('post_check'); } */ /* * 新注册会员发帖时间限制 */ /* if ($db_postallowtime && $timestamp-$winddb['regdate']<$db_postallowtime*60) { Showmsg('post_newrg_limit'); } $userlastptime = $groupid != 'guest' ? $winddb['lastpost'] : GetCookie('userlastptime'); */ /** * 灌水预防 */ /* $tdtime >= $winddb['lastpost'] && $winddb['todaypost'] = 0; $montime >= $winddb['lastpost'] && $winddb['monthpost'] = 0; if ($_G['postlimit'] && $winddb['todaypost'] >= $_G['postlimit']) { Showmsg('post_gp_limit'); } if ($action!="modify" && !$isGM && $_G['postpertime'] && $timestamp>=$userlastptime && $timestamp-$userlastptime<=$_G['postpertime'] && !pwRights($isBM,'postpers')) { Showmsg('post_limit'); } list(,,$postq) = explode("\t",$db_qcheck); $_G['uploadtype'] && $db_uploadfiletype = $_G['uploadtype']; $db_uploadfiletype = !empty($db_uploadfiletype) ? unserialize($db_uploadfiletype) : array(); empty($db_sellset['type']) && $db_sellset['type'] = array('money'); empty($db_enhideset['type']) && $db_enhideset['type'] = array('rvrc'); $htmlsell = ($foruminfo['allowsell'] && $_G['allowsell']) ? '' : 'disabled'; $htmlhide = ($forumset['allowencode'] && $_G['allowencode']) ? '' : 'disabled'; if (empty($_POST['step'])) { require_once(R_P.'require/credit.php'); $editor = getstatus($winddb['userstatus'],11) ? 'wysiwyg' : 'textmode'; !is_numeric($db_attachnum) && $db_attachnum = 1; $htmlpost = $htmlatt = ($foruminfo['allowhide'] && $_G['allowhidden']) ? '' : 'disabled'; $ifanonymous= ($isGM || $forumset['anonymous'] && $_G['anonymous']) ? '' : 'disabled'; $groupid == 'guest' && $userrvrc = 0; $atc_title = $atc_content = $ifmailck = $selltype = $enhidetype = $alltype = ''; $uploadfiletype = $uploadfilesize = ' '; foreach ($db_uploadfiletype as $key => $value) { $uploadfiletype .= $key.' '; $uploadfilesize .= $key.':'.$value.'KB; '; } foreach ($credit->cType as $key => $value) { $alltype .= ""; } foreach ($db_sellset['type'] as $key => $value) { $selltype .= ""; } foreach ($db_enhideset['type'] as $key => $value) { $enhidetype .= ""; } */ /** * 标题表情 */ /* $icondb = array( '1'=>'1.gif', '2'=>'2.gif', '3'=>'3.gif', '4'=>'4.gif', '5'=>'5.gif', '6'=>'6.gif', '7'=>'7.gif', '8'=>'8.gif' ); if ($db_allowupload && $_G['allowupload']) { $mutiupload = $db->get_value("SELECT COUNT(*) AS sum FROM pw_attachs WHERE tid=0 AND pid='0' AND uid=" . pwEscape($winduid)); } } else { */ // PostCheck(1, ($db_gdcheck & 4) && $winddb['postnum'] < $db_postgd, $winddb['postnum'] < $postq); !$windid && $windid = 'guest'; require_once(R_P.'require/bbscode.php'); require_once(R_P.'require/postfunc.php'); if (@include(D_P."data/bbscache/wordsfb.php")) { foreach ($wordsfb as $key => $value) { $banword = (string) stripslashes($key); if (strpos($_POST['atc_title'],$banword)!==false) { //Showmsg('title_wordsfb'); exit('[err]pw7 Warning(title_wordsfb): the title contains illegal words[/err]'); } elseif (strpos($_POST['atc_content'],$banword)!==false) { //Showmsg('content_wordsfb'); exit('[err]pw7 Warning(content_wordsfb): the content contains illegal words[/err]'); } elseif (strpos($_POST['atc_tags'],$banword)!==false) { //Showmsg("tag_wordsfb"); exit('[err]pw7 Warning(tag_wordsfb): the tag contains illegal words[/err]'); } } foreach ($replace as $key => $value) { $banword = (string) stripslashes($key); if (strpos($_POST['atc_title'],$banword)!==false) { //Showmsg('post_wordsfb'); exit('[err]pw7 Warning(post_wordsfb): your post contains illegal words[/err]'); } elseif (strpos($_POST['atc_tags'],$banword)!==false) { //Showmsg("tag_wordsfb"); exit('[err]pw7 Warning(tag_wordsfb): the tag contains illegal words[/err]'); } } } $ipfrom = Char_cv(cvipfrom($onlineip)); $atc_usesign = $_POST['atc_usesign'] ? 1 : 0; // if ($_G['htmlcode'] && $_POST['atc_html']) { $atc_usesign += 2; // } /** * 得到父版块id *//* $fatherid = $foruminfo['type']=='sub' ? $foruminfo['fup']:''; } //默认动漫表情处理 if ($db_windmagic && ($action == 'new' || ($action == 'modify' && $pid == 'tpc'))) { $mDef = ''; @include_once(D_P."data/bbscache/myshow_default.php"); } */ /* if ($action == "new") { require_once(R_P.'require/postnew.php'); } elseif ($action == "reply" || $action == "quote") { require_once(R_P.'require/postreply.php'); } elseif ($action == "modify") { require_once(R_P.'require/postmodify.php'); } else { Showmsg('undefined_action'); } */ //require/postreply.php !function_exists('readover') && exit('Forbidden'); /** * 版块权限判断 *//* if ($foruminfo['allowrp'] && !$admincheck && !allowcheck($foruminfo['allowrp'],$groupid,$winddb['groups'],$fid,$winddb['reply'])) { Showmsg('reply_forum_right'); }*/ /** * 用户组权限判断 *//* if (!$foruminfo['allowrp'] && !$admincheck && $_G['allowrp']==0) { Showmsg('reply_group_right'); } */ if ($article == '0') { $pw_tmsgs = GetTtable($tid); $S_sql = ',m.uid,m.groupid,m.userstatus,tm.ifsign,tm.content'; $J_sql = "LEFT JOIN pw_members m ON m.uid=t.authorid LEFT JOIN $pw_tmsgs tm ON tm.tid=t.tid"; } else { $S_sql = $J_sql = ''; } $tpcarray = $db->get_one("SELECT t.fid,t.locked,t.ifcheck,t.author,t.authorid,t.postdate,t.lastpost,t.ifmail,t.special,t.subject,t.type,t.ifshield,t.anonymous,t.ptable,t.replies $S_sql FROM pw_threads t $J_sql WHERE t.tid=".pwEscape($tid)); $pw_posts = GetPtable($tpcarray['ptable']); $t_date = $tpcarray['postdate'];//主题发表时间 bbspostguide 中用到 if ($tpcarray['fid']!=$fid) { //Showmsg('illegal_tid'); exit('[err]pw7 error(illegal_tid): this is an illegal Id[/err]'); } $replytitle=$tpcarray['subject']; /** * convert()需要$tpc_author变量 */ $tpc_author=$tpcarray['author']; /* if ($forumset['lock']&& !$isGM && $timestamp - $tpcarray['postdate'] > $forumset['lock'] * 86400 && !pwRights($isBM,'replylock')) { Showmsg('forum_locked'); } if (!$isGM && !$tpcarray['ifcheck'] && !pwRights($isBM,'viewcheck')) { Showmsg('reply_ifcheck'); } if (!$isGM && $tpcarray['locked']%3<>0 && !pwRights($isBM,'replylock')) { Showmsg('reply_lockatc'); }*/ $special = 0; $icon = (int)$icon; /*if (empty($_POST['step'])) { ##主题分类 $db_forcetype = 0; require_once(R_P.'require/bbscode.php'); $hideemail = 'disabled'; if ($action == 'quote') { if ($article == '0') { $atcarray = $tpcarray; } else { !is_numeric($pid) && Showmsg('illegal_tid'); $atcarray = $db->get_one("SELECT p.author,p.authorid,p.subject,p.ifsign,p.postdate,p.content,p.ifshield,p.anonymous,m.uid,m.groupid,m.userstatus FROM $pw_posts p LEFT JOIN pw_members m ON m.uid=p.authorid WHERE p.pid=".pwEscape($pid)); } if ($atcarray['ifshield']) {//单帖屏蔽 $atcarray['content'] = shield($atcarray['ifshield']=='1' ? 'shield_article' : 'shield_del_article'); } elseif (isban($atcarray,$fid)) { $atcarray['content'] = shield('ban_article'); } $ifsign = $atcarray['ifsign']; $old_author = $atcarray['anonymous'] ? $db_anonymousname : $atcarray['author']; $replytitle = $atcarray['subject']; $wtof_oldfile = get_date($atcarray['postdate']); $old_content = $atcarray['content']; $old_content = preg_replace("/\[hide=(.+?)\](.+?)\[\/hide\]/is",getLangInfo('post','hide_post'),$old_content); $old_content = preg_replace("/\[post\](.+?)\[\/post\]/is",getLangInfo('post','post_post'),$old_content); $old_content = preg_replace("/\[sell=(.+?)\](.+?)\[\/sell\]/is",getLangInfo('post','sell_post'),$old_content); $old_content = preg_replace("/\[quote\](.*)\[\/quote\]/is","",$old_content); $bit_content = explode("\n",$old_content); if (count($bit_content) > 5) { $old_content = "$bit_content[0]\n$bit_content[1]\n$bit_content[2]\n$bit_content[3]\n$bit_content[4]\n......."; } if (strpos($old_content,$db_bbsurl) !== false) { $old_content = str_replace('p_w_picpath',$db_picpath,$old_content); $old_content = str_replace('p_w_upload',$db_attachname,$old_content); } $old_content = preg_replace("/\<(.+?)\>/is","",$old_content); $atc_content = "[quote]".($article==0 ? getLangInfo('post','info_post_1') : getLangInfo('post','info_post_2'))."\n{$old_content}\n[/quote]\n"; } list($guidename,$forumtitle) = getforumtitle(forumindex($foruminfo['fup'],1),1); $guidename .= " $tpcarray[subject]"; if (!$replytitle) { $atc_title = "Re:$tpcarray[subject]"; $forumtitle = "$atc_title|$forumtitle"; } else { $atc_title = "Re:$replytitle"; $forumtitle = "$atc_title|$tpcarray[subject]|$forumtitle"; } $db_metakeyword = str_replace(array('|',' - '),',',$forumtitle).'phpwind'; require_once(R_P.'require/header.php'); $post_reply = ''; if ($db_showreplynum > 0) { $pwViewHide = $isGM || pwRights($isBM,'viewhide'); $query = $db->query("SELECT p.author,p.authorid,p.subject,p.postdate,p.content,p.anonymous,p.ifconvert,p.ifwordsfb,p.ifshield,m.uid,m.groupid,m.userstatus FROM $pw_posts p LEFT JOIN pw_members m ON p.authorid=m.uid WHERE tid=".pwEscape($tid)."AND ifcheck='1' ORDER BY postdate DESC LIMIT 0,$db_showreplynum"); while ($rt = $db->fetch_array($query)) { $tpc_author = ($rt['anonymous'] && !$pwViewHide && $windid != $rt['author']) ? $db_anonymousname : $rt['author']; if ($rt['ifshield']) { $groupid != '3' && $rt['content'] = shield($rt['ifshield'] == '1' ? 'shield_article' : 'shield_del_article'); } elseif ($groupid != 3 && $db_shield && isban($rt,$fid)) { $rt['content'] = shield('ban_article'); } else { $rt['ifwordsfb'] != $db_wordsfb && $rt['content'] = wordsfb($rt['content']); $rt['ifconvert'] == 2 && $rt['content'] = convert($rt['content'],$db_windpost); if (strpos($rt['content'],'[p:') !== false || strpos($rt['content'],'[s:') !== false) { $rt['content'] = showface($rt['content']); } } $post_reply .= "
$tpc_author:$rt[subject]

$rt[content]

"; } } if ($winduid && $tpcarray['special'] == 5) { $debatestand = $db->get_value("SELECT standpoint FROM pw_debatedata WHERE pid='0' AND tid=".pwEscape($tid)."AND authorid=".pwEscape($winduid)); $debatestand = (int)$debatestand; ${'debate_'.$debatestand} = 'SELECTED'; }*/ /** * 索引设计时为了减少空间,回复的主题可能为空,所以默认为回复主题! *//* list($msg_guide,$forumlist) = headguide($guidename); require_once PrintEot('post');footer(); } elseif ($_POST['step'] == 2) {*/ InitGP(array('atc_anonymous','atc_hideatt'),'P'); InitGP(array('atc_iconid'),'P',2); list($atc_title,$atc_content,$ifconvert,$ifwordsfb)=check_data('reply'); /* *下句主要是为了节省数据的重复,可以用智能判断 */ //stripslashes($atc_title)=='Re:'.$replytitle && $atc_title=''; $atc_title=''; //$db_tcheck && $winddb['postcheck'] == tcheck($atc_content) && Showmsg('content_same'); //内容验证 //!$atc_usesign && $atc_usesign=0; require_once(R_P.'require/postupload.php'); $sqladd = $attachs ? array('ifupload'=>$ifupload) : array(); $sqladd1 = ''; /* if ($foruminfo['f_check']>1 && $_G['atccheck'] && !$admincheck && $groupid!=3) { $ifcheck = 0; } else { $ifcheck = alarm($atc_title,$atc_content); } */ $ifcheck=1; $atc_content=trim($atc_content); $anonymous = (($isGM || $forumset['anonymous'] && $_G['anonymous']) && $atc_anonymous) ? 1 : 0; $ifhide = (($isGM || $foruminfo['allowhide'] && $_G['allowhidden']) && $atc_hideatt) ? 1 : 0; bbspostguide('Reply'); if ($db_plist) { $db->update("INSERT INTO pw_pidtmp(pid) VALUES('')"); $pid = $db->insert_id(); } else { $pid = ''; } $pwSQL = pwSqlSingle(array( 'pid' => $pid, 'fid' => $fid, 'tid' => $tid, 'aid' => $attachs, 'author' => $windid, 'authorid' => $winddb['uid'], 'icon' => $atc_iconid, 'postdate' => $timestamp, 'subject' => $atc_title, 'userip' => $onlineip, 'ifsign' => $atc_usesign,'ipfrom' => $ipfrom, 'ifconvert' => $ifconvert, 'ifwordsfb' => $ifwordsfb, 'ifcheck' => $ifcheck, 'content' => $atc_content, 'anonymous' => $anonymous, 'ifhide' => $ifhide )); $db->update("INSERT INTO $pw_posts SET $pwSQL"); !$pid && $pid = $db->insert_id(); if ($ifcheck == 1) { if ($windid <> $tpcarray['author']) { if ($db_replysendmail == 1 && ($tpcarray['ifmail'] == 1 || $tpcarray['ifmail'] == 3)) { $receiver = $tpcarray['author']; $old_title = $read['subject']; $detail = $db->get_one("SELECT email,userstatus FROM pw_members WHERE uid=".pwEscape($tpcarray['authorid'])); $send_address = $detail['email']; if (getstatus($detail['userstatus'],8)) { require_once(R_P.'require/sendemail.php'); if (sendemail($send_address,'email_reply_subject','email_reply_content','email_additional') === true) { $sqladd1 = ",ifmail=ifmail-1"; } } } if ($db_replysitemail && ($tpcarray['ifmail'] == 2 || $tpcarray['ifmail'] == 3)) { $rt = $db->get_one("SELECT mb.replyinfo,m.userstatus FROM pw_memberinfo mb LEFT JOIN pw_members m USING(uid) WHERE mb.uid=".pwEscape($tpcarray['authorid'])); if (empty($rt)) { $db->update("INSERT INTO pw_memberinfo SET ".pwSqlSingle(array('uid'=>$tpcarray['authorid'],'replyinfo'=>$tid))); } elseif (strpos($rt['replyinfo'],",$tid,") === false) { $replyinfo = $rt['replyinfo'] ? $rt['replyinfo'].$tid.',' : ",$tid,"; $db->update("UPDATE pw_memberinfo SET replyinfo=".pwEscape($replyinfo)." WHERE uid=".pwEscape($tpcarray['authorid'])); } if (!getstatus($rt['userstatus'],6)) { $db->update("UPDATE pw_members SET userstatus=userstatus|(1<<5) WHERE uid=".pwEscape($tpcarray['authorid'])); } $sqladd['ifmail'] = 4; } } $atc_author = $anonymous ? $db_anonymousname : $windid; $tpcarray['locked']<3 && $tpcarray['lastpost']<$timestamp && $sqladd['lastpost'] = $timestamp; $sqladd['lastposter'] = $atc_author; $db->update("UPDATE pw_threads SET replies=replies+1 $sqladd1,hits=hits+1,".pwSqlSingle($sqladd)." WHERE tid=".pwEscape($tid)); } if ($aids) { $db->update("UPDATE pw_attachs SET ".pwSqlSingle(array('tid'=>$tid,'pid'=>$pid))."WHERE aid IN($aids)"); } if ($winduid && $tpcarray['special'] == 5) { require_once(R_P.'require/postdebate.php'); } $j_p = ''; //if ($ifcheck == 1) { if ($foruminfo['allowhtm'] && !$foruminfo['cms']) { include_once(R_P.'require/template.php'); } if ($tpcarray['locked'] < 3) { lastinfo($fid,$foruminfo['allowhtm'],'reply',$foruminfo['cms'].'B'); } //Start Here pwcache /* if ($db_ifpwcache&270) { require_once(R_P.'require/elementupdate.class.php'); $elementupdate = new ElementUpdate($fid); $elementupdate->special = $tpcarray['special']; if ($db_ifpwcache&14) { $elementupdate->replySortUpdate($tid,$fid,$tpcarray['postdate'],$tpcarray['replies']+1); } if ($db_ifpwcache&256) { $elementupdate->newReplyUpdate($tid,$fid,$tpcarray['postdate']); } $elementupdate->updateSQL(); }*/ //End Here // if (empty($j_p)) $j_p="read.php?tid=$tid&page=e&#a"; // refreshto($j_p,'enter_thread'); echo("[ok]pid=$pid"); exit(); //} else { // refreshto("thread.php?fid=$fid",'post_check'); //} //} ?>