$_value) { if (!in_array($_key,array('atc_content','atc_title','prosign','pwuser','pwpwd'))) { CheckVar($_POST[$_key]); } } foreach ($_GET as $_key => $_value) { CheckVar($_GET[$_key]); } $db_debug && error_reporting(E_ALL ^ E_NOTICE ^ E_DEPRECATED); list($wind_version,$wind_repair,$wind_from) = explode(',',WIND_VERSION); $db_olsize = 96; /* if (in_array(SCR,array('index','cate','mode'))) { $defaultMode = empty($db_mode) ? 'bbs' : $db_mode; $M_domain = $pwServer['HTTP_HOST']; ($m = GetGP('m')) || ($db_modedomain && $m = array_search($M_domain,$db_modedomain)); if ($m == 'bbs') { $db_mode = ''; } elseif ($db_modes && isset($db_modes[$m]) && is_array($db_modes[$m]) && $db_modes[$m]['ifopen']) { $db_mode = $m; } if (in_array(SCR,array('cate')) && $db_modes['area']['ifopen']) $db_mode = 'area'; if (!empty($db_mode) && file_exists(R_P."mode/$db_mode/")) { define('M_P',R_P."mode/$db_mode/"); $m = $db_mode; $db_modepages = $db_modepages[$db_mode]; $pwModeImg = "mode/$db_mode/images"; } else { $db_mode = ''; } } else { $db_mode = ''; } */ $dirstrpos = strpos($pwServer['PHP_SELF'],$db_dir); if ($dirstrpos !== false) { $tmp = substr($pwServer['PHP_SELF'],0,$dirstrpos); $pwServer['PHP_SELF'] = "$tmp.php"; } else { $tmp = $pwServer['PHP_SELF']; } $REQUEST_URI = $pwServer['PHP_SELF'].($pwServer['QUERY_STRING'] ? '?'.$pwServer['QUERY_STRING'] : ''); $_mainUrl = $index_url = $db_bbsurl; $R_url = $db_bbsurl = Char_cv("http://".$pwServer['HTTP_HOST'].substr($tmp,0,strrpos($tmp,'/'))); defined('SIMPLE') && SIMPLE && $db_bbsurl = substr($db_bbsurl,0,-7); if (GetCookie('lastvisit')) { list($c_oltime,$lastvisit,$lastpath) = explode("\t",GetCookie('lastvisit')); ($onbbstime=$timestamp-$lastvisit)<$db_onlinetime && $c_oltime+=$onbbstime; } else { $lastvisit = $lastpath = ''; $c_oltime = $onbbstime = 0; Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI); } /*!is_array($db_bbstitle) && $db_bbstitle = array('index' => $db_bbstitle,'other' => ''); if ($SCR!='index' && $SCR!='other') { $db_bbstitle = $db_bbstitle['other']; } else { $db_bbstitle = $db_bbstitle[$SCR]; } $db_bbsname && $db_bbstitle = $db_bbsname.' '.$db_bbstitle;*/ InitGP(array('fid','tid'),'GP',2); $db = $ftp = $credit = null; require_once(D_P.'data/sql_config.php'); !is_array($manager) && $manager = array(); $newmanager = array(); foreach ($manager as $key => $value) { if (!empty($value) && !is_array($value)) { $newmanager[$key] = $value; } } $manager = $newmanager; if ($database == 'mysqli' && Pwloaddl('mysqli') === false) { $database = 'mysql'; } ObStart();//noizy if ($db_http != 'N') { $imgpath = $db_http; if (D_P != R_P) { $R_url = substr($db_http,-1)=='/' ? substr($db_http,0,-1) : $db_http; $R_url = substr($R_url,0,strrpos($R_url,'/')); } } else { $imgpath = $db_picpath; } $attachpath = $db_attachurl != 'N' ? $db_attachurl : $db_attachname; $imgdir = R_P.$db_picpath; $attachdir = R_P.$db_attachname; $pw_posts = 'pw_posts'; $pw_tmsgs = 'pw_tmsgs'; $runfc = 'N'; list($winduid,$windpwd,$safecv) = explode("\t",addslashes(StrCode(GetCookie('winduser'),'DECODE'))); $loginhash = GetVerify($onlineip,$db_pptkey); if ($db_pptifopen && $db_ppttype == 'client') { if (strpos($db_pptloginurl,'?') === false) { $db_pptloginurl .= '?'; } elseif (substr($db_pptloginurl,-1) != '&') { $db_pptloginurl .= '&'; } if (strpos($db_pptregurl,'?') === false) { $db_pptregurl .= '?'; } elseif (substr($db_pptregurl,-1) != '&') { $db_pptregurl .= '&'; } $urlencode = rawurlencode($db_bbsurl); $loginurl = "$db_pptserverurl/{$db_pptloginurl}forward=$urlencode"; $loginouturl= "$db_pptserverurl/$db_pptloginouturl&forward=$urlencode&verify=$loginhash"; $regurl = "$db_pptserverurl/{$db_pptregurl}forward=$urlencode"; } else { $loginurl = 'login.php'; $loginouturl= "login.php?action=quit&verify=$loginhash"; $regurl = $db_registerfile; } $ol_offset = (int)GetCookie('ol_offset'); $skinco = GetCookie('skinco'); if ($db_refreshtime && $REQUEST_URI == $lastpath && $onbbstime < $db_refreshtime) { !GetCookie('winduser') && $groupid = 'guest'; $skin = $skinco ? $skinco : $db_defaultstyle; Showmsg('refresh_limit'); } if (!$db_bbsifopen && !defined('CK')) { require_once(R_P.'require/bbsclose.php'); } $H_url =& $db_wwwurl; $B_url =& $db_bbsurl; $_time = array('hours'=>get_date($timestamp,'G'),'day'=>get_date($timestamp,'j'),'week'=>get_date($timestamp,'w')); $tdtime = PwStrtoTime(get_date($timestamp,'Y-m-d')); $montime = PwStrtoTime(get_date($timestamp,'Y-m').'-1'); if (!defined('CK') && ($_COOKIE || $timestamp%3 == 0)) { switch (SCR) { case 'thread': $lastpos = "F$fid";break; case 'read': $lastpos = "T$tid";break; case 'cate': $lastpos = "C$fid";break; case 'index': $lastpos = 'index';break; case 'mode': $lastpos = $db_mode;break; default: $lastpos = 'other'; } if ($timestamp-$lastvisit>$db_onlinetime || $lastpos != GetCookie('lastpos')) { $runfc = 'Y'; Cookie('lastpos',$lastpos); } } //zzcity add PwNewDB(); $etuser = $db->get_one("SELECT uid,password FROM pw_members WHERE username=".pwEscape($_POST['pwuser'])); $winduid=$etuser['uid']; $windpwd=$etuser['password']; if (is_numeric($winduid) && strlen($windpwd)>=16) { $winddb = User_info(); $winduid = $winddb['uid']; $groupid = $winddb['groupid']; $userrvrc = floor($winddb['rvrc']/10); $windid = $winddb['username']; $_datefm = $winddb['datefm']; $_timedf = $winddb['timedf']; $credit_pop = $winddb['creditpop']; if ($credit_pop && $db_ifcredit) {//Credit Changes Tips $credit_pop = str_replace(array('<','"','>'),array('<','"','>'),$credit_pop); $creditdb = explode('|',$credit_pop); $credit_pop = Char_cv(GetCreditLang('creditpop',$creditdb['0'])); unset($creditdb['0']); foreach ($creditdb as $val) { list($credit_1,$credit_2) = explode(':',$val); $credit_pop .= ''.pwCreditNames($credit_1).' '.$credit_2.''; } $db->update("UPDATE pw_memberdata SET creditpop='' WHERE uid=".pwEscape($winduid)); } list($winddb['style'],$ifcustomstyle) = explode('|',$winddb['style']); $skin = $winddb['style'] ? $winddb['style'] : $db_defaultstyle; list($winddb['onlineip']) = explode('|',$winddb['onlineip']); $groupid == '-1' && $groupid = $winddb['memberid']; $curvalue = $db_signcurtype == 'rvrc' ? $userrvrc : $winddb[$db_signcurtype]; if (getstatus($winddb['userstatus'],10) && (!$winddb['starttime'] && $db_signmoney && strpos($db_signgroup,",$groupid,") !== false && $curvalue > $db_signmoney || $winddb['starttime'] && $winddb['starttime'] != $tdtime)) { require_once(R_P.'require/Signfunc.php'); Signfunc($winddb['starttime'],$curvalue); } unset($curvalue); } else { $skin = $db_defaultstyle; $groupid = 'guest'; $winddb = $windid = $winduid = $_datefm = $_timedf = ''; } $verifyhash = GetVerify($winduid); if ($db_bbsifopen==2 && SCR!='login' && !defined('CK')) { require_once(R_P.'require/bbsclose.php'); } if ($db_ifsafecv && strpos($db_safegroup,",$groupid,") !== false && !$safecv && !defined('PRO')) { Showmsg('safecv_prompt'); } if ($db_ads && !$windid && (is_numeric($_GET['u']) || ($_GET['a'] && strlen($_GET['a'])<16)) && strpos($pwServer['HTTP_REFERER'],$pwServer['HTTP_HOST'])===false) { InitGP(array('u','a')); Cookie('userads',"$u\t$a\t".md5($pwServer['HTTP_REFERER'])); } elseif (GetCookie('userads') && $db_ads=='1') { list($u,$a) = explode("\t",GetCookie('userads')); if ((int)$u>0 || ($a && strlen($a)<16)) { require_once(R_P.'require/userads.php'); } } if ($_POST['skinco']) { $skinco = $_POST['skinco']; } elseif ($_GET['skinco']) { $skinco = $_GET['skinco']; } if ($skinco && file_exists(D_P."data/style/$skinco.php") && strpos($skinco,'..')===false) { $skin = $skinco; Cookie('skinco',$skin); } if ($db_columns && !defined('W_P') && !defined('SIMPLE') && !defined('COL')) { $j_columns = GetCookie('columns'); if (!$j_columns) { $db_columns==2 && $j_columns = 2; Cookie('columns',$j_columns); } if ($j_columns==2 && (strpos($pwServer['HTTP_REFERER'],$db_bbsurl)===false || strpos($pwServer['HTTP_REFERER'],$db_adminfile)!==false)) { strpos($REQUEST_URI,'index.php')===false ? Cookie('columns','1') : ObHeader('columns.php?action=columns'); } } Ipban(); Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI); if ($groupid == 'guest' && $db_guestdir && GetGcache()) { require_once(R_P.'require/guestfunc.php'); getguestcache(); } PwNewDB(); unset($db_whybbsclose,$db_whycmsclose,$db_ipban,$db_diy,$dbhost,$dbuser,$dbpw,$dbname,$pconnect,$manager_pwd,$newmanager); if ($groupid == 'guest') { require_once(D_P.'data/groupdb/group_2.php'); } elseif (file_exists(D_P."data/groupdb/group_$groupid.php")) { require_once Pcv(D_P."data/groupdb/group_$groupid.php"); } else { require_once(D_P.'data/groupdb/group_1.php'); } if ($_G['pwdlimitime'] && !CkInArray($windid,$manager) && $timestamp-86400*$_G['pwdlimitime']>$winddb['pwdctime'] && !defined('PRO')) { Showmsg('pwdchange_prompt'); } //获取页面title信息 $pw_seoset = L::loadClass('seoset'); $webPageTitle = $pw_seoset->getPageTitle(); $metaDescription = $pw_seoset->getPageMetadescrip(); $metaKeywords = $pw_seoset->getPageMetakeyword(); function runTask(){ $taskClass = L::loadclass('task'); $taskClass->run(); } function runJob(){ global $db_job_isopen,$winduid,$groupid; if(!$db_job_isopen || !$winduid){ /*是否开启用户任务*/ return; } $taskClass = L::loadclass('job'); $taskClass->run($winduid,$groupid); } function selectMode(&$m) { global $defaultMode,$db_mode,$db_modes,$db_modepages,$pwServer,$db_modedomain; if (defined('M_P')) return; if (in_array(SCR, array('index', 'cate', 'mode'))) { //$defaultMode = empty($db_mode) ? 'bbs' : $db_mode; //$M_domain = $pwServer['HTTP_HOST']; //($m = GetGP('m')) || ($db_modedomain && $m = array_search($M_domain,$db_modedomain)); if (!$m && $db_modedomain) { $m = array_search($pwServer['HTTP_HOST'], $db_modedomain); } if ($m == 'bbs') { $db_mode = ''; } elseif ($db_modes && isset($db_modes[$m]) && is_array($db_modes[$m]) && $db_modes[$m]['ifopen']) { $db_mode = $m; } if (!empty($db_mode) && file_exists(R_P."mode/$db_mode/")) { define('M_P',R_P."mode/$db_mode/"); $db_modepages = $db_modepages[$db_mode]; $GLOBALS['pwModeImg'] = "mode/$db_mode/images"; } else { $db_mode = ''; } } else { $db_mode = ''; } } function refreshto($URL,$content,$statime=1,$forcejump=false){ if (defined('AJAX')) Showmsg($content); global $db_ifjump; if ($forcejump || ($db_ifjump && $statime>0)) { ob_end_clean(); global $expires,$db_charset,$tplpath,$fid,$imgpath,$db_obstart,$db_bbsname,$B_url,$forumname,$tpctitle,$db_bbsurl; $index_name =& $db_bbsname; $index_url =& $B_url; ObStart();//noizy extract(L::style()); $content = getLangInfo('refreshto',$content); @require PrintEot('refreshto'); $output = str_replace(array('','',"\r\n\r\n"),'',ob_get_contents()); echo ObContents($output);exit; } else { ObHeader($URL); } } function ObHeader($URL){ global $db_obstart,$db_bbsurl; ob_end_clean(); if (!$db_obstart) { ob_start(); echo "";exit; } header("Location: $URL");exit; } function Showmsg($msg_info,$dejump=0){ @extract($GLOBALS, EXTR_SKIP); global $stylepath,$tablewidth,$mtablewidth,$tplpath,$db; define('PWERROR',1); $msg_info = getLangInfo('msg',$msg_info); if (defined('AJAX')) { echo $msg_info;ajax_footer(); } $showlogin = false; if ($dejump!='1' && $groupid=='guest' && $REQUEST_URI==str_replace(array('register','login'),'',$REQUEST_URI) && (!$db_pptifopen || $db_ppttype != 'client')) { if (strpos($REQUEST_URI,'post.php')!==false || strpos($REQUEST_URI,'job.php?action=vote') !== false || strpos($REQUEST_URI,'job.php?action=pcjoin') !== false) { $tmpTid = (int)GetGP('tid','GP'); $tmpTid && $REQUEST_URI = substr($REQUEST_URI,0,strrpos($REQUEST_URI,'/'))."/read.php?tid=$tmpTid&toread=1"; } $jumpurl = "http://".$pwServer['HTTP_HOST'].$REQUEST_URI; list(,$qcheck)=explode("\t",$db_qcheck); $qkey = $qcheck && $db_question ? array_rand($db_question) : ''; $showlogin = true; } extract(L::style()); list($_Navbar,$_LoginInfo) = pwNavBar(); ob_end_clean();ObStart(); require_once PrintEot('showmsg');exit; } function GetLang($lang,$EXT='php'){ global $tplpath; if (file_exists(R_P."template/$tplpath/lang_$lang.$EXT")) { return R_P."template/$tplpath/lang_$lang.$EXT"; } elseif (file_exists(R_P."template/wind/lang_$lang.$EXT")) { return R_P."template/wind/lang_$lang.$EXT"; } else { exit("Can not find lang_$lang.$EXT file"); } } function PrintEot($template,$EXT='htm'){ //Copyright (c) 2003-09 PHPWind global $db_mode,$db_modes,$pwModeImg,$db_tplstyle,$appdir,$tplapps; $tplpath = L::style('tplpath'); !$template && $template = 'N'; //apps template render if(!defined('PWERROR')) { if(defined('A_P') && $appdir && in_array($template,$tplapps) && file_exists(A_P."$appdir/template/$template.$EXT")){ return A_P."$appdir/template/$template.$EXT"; } if (defined('F_M')/* || ($db_mode && $db_mode != 'bbs')*/) { $temp = modeEot($template,$EXT); if ($temp) return $temp; } } //if (defined('A_P') && !in_array($template,array('header','footer'))/* || ($db_mode && $db_mode != 'bbs')*/) { // return A_P."$appdir/template/$template.$EXT"; //} if (file_exists(R_P."template/$tplpath/$template.$EXT")) { return R_P."template/$tplpath/$template.$EXT"; } elseif (file_exists(R_P."template/wind/$template.$EXT")) { return R_P."template/wind/$template.$EXT"; } else { exit("Can not find $template.$EXT file"); } } function Ipban(){ global $db_ipban; if ($db_ipban) { global $onlineip,$imgpath,$stylepath; $baniparray = explode(',',$db_ipban); foreach ($baniparray as $banip) { if ($banip && strpos(",$onlineip.",','.trim($banip).'.')!==false) { Showmsg('ip_ban'); } } } } function Update_ol(){ global $runfc,$db_online; if ($runfc == 'Y') { if ($db_online) { Sql_ol(); } else { Txt_ol(); } $runfc = 'N'; } } function Txt_ol(){ global $ol_offset,$winduid,$db_ipstates,$isModify; require_once(R_P.'require/userglobal.php'); if ($winduid>0) { list($alt_offset,$isModify) = addonlinefile($ol_offset,$winduid); } else { list($alt_offset,$isModify) = addguestfile($ol_offset); } $alt_offset!=$ol_offset && Cookie('ol_offset',$alt_offset); $ipscookie = GetCookie('ipstate'); if ($db_ipstates && ((!$ipscookie && $isModify===1) || ($ipscookie && $ipscookie<$GLOBALS['tdtime']))) { require_once(R_P.'require/ipstates.php'); } } function Sql_ol(){ global $db,$fid,$tid,$timestamp,$windid,$winduid,$onlineip,$groupid,$wind_in,$db_onlinetime,$db_ipstates,$db_today,$lastvisit; $olid = (int)GetCookie('olid'); $ifhide = $GLOBALS['_G']['allowhide'] && GetCookie('hideid') ? 1 : 0; $isModify = 0; PwNewDB(); if ($olid) { $sqladd = $winduid ? '(uid='.pwEscape($winduid).' OR olid='.pwEscape($olid).' AND uid=0 AND ip='.pwEscape($onlineip).')' : 'olid='.pwEscape($olid).' AND ip='.pwEscape($onlineip); $pwSQL = pwSqlSingle(array( 'username' => $windid, 'lastvisit' => $timestamp, 'fid' => $fid, 'tid' => $tid, 'groupid' => $groupid, 'action' => $wind_in, 'ifhide' => $ifhide, 'uid' => $winduid, 'ip' => $onlineip )); $db->update("UPDATE pw_online SET $pwSQL WHERE $sqladd"); if ($winduid && $db->affected_rows() > 1) { $db->update('DELETE FROM pw_online WHERE uid='.pwEscape($winduid).' AND olid!='.pwEscape($olid)); } } elseif (!$_COOKIE) { $pwSQL = pwSqlSingle(array( 'username' => $windid, 'lastvisit' => $timestamp, 'fid' => $fid, 'tid' => $tid, 'groupid' => $groupid, 'action' => $wind_in, 'ifhide' => $ifhide, 'uid' => $winduid )); $db->update("UPDATE pw_online SET $pwSQL WHERE ip=".pwEscape($onlineip)); } if (!$olid && $_COOKIE || $db->affected_rows()==0) { $db->update('DELETE FROM pw_online WHERE uid!=0 AND uid='.pwEscape($winduid).' OR lastvisit<'.pwEscape($timestamp-$db_onlinetime)); $rt = $db->get_one("SELECT MAX(olid) FROM pw_online",MYSQL_NUM); $olid = $rt[0]+1; $pwSQL = pwSqlSingle(array( 'olid' => $olid, 'username' => $windid, 'lastvisit' => $timestamp, 'ip' => $onlineip, 'fid' => $fid, 'tid' => $tid, 'groupid' => $groupid, 'action' => $wind_in, 'ifhide' => $ifhide, 'uid' => $winduid )); $db->update("REPLACE INTO pw_online SET $pwSQL"); Cookie('olid',$olid); $isModify = 1; } $ipscookie = GetCookie('ipstate'); if ($db_ipstates && ((!$ipscookie && $isModify===1) || ($ipscookie && $ipscookie<$GLOBALS['tdtime']))) { require_once(R_P.'require/ipstates.php'); } if ($db_today && $timestamp-$lastvisit>$db_onlinetime) { require_once(R_P.'require/today.php'); } } function footer() { global $db,$db_obstart,$db_footertime,$db_htmifopen,$P_S_T,$mtablewidth,$db_ceoconnect,$wind_version,$imgpath, $stylepath,$footer_ad,$db_union,$timestamp,$db_icp,$db_icpurl,$db_advertdb,$groupid,$SCR,$db_ystats_ifopen,$db_ystats_unit_id,$db_ystats_style,$db_redundancy,$pwServer,$db_ifcredit,$credit_pop,$db_foot,$db_mode,$db_modes,$shortcutforum,$_G,$winddb,$db_toolbar,$winduid,$db_menuinit,$db_appifopen,$db_job_ispop,$db_job_isopen,$db_siteappkey; defined('AJAX') && ajax_footer(); Update_ol(); $wind_spend = ''; $ft_gzip = ($db_obstart ? 'Gzip enabled' : 'Gzip disabled').$db_union[3]; if ($db_footertime == 1){ $t_array = explode(' ',microtime()); $totaltime = number_format(($t_array[0]+$t_array[1]-$P_S_T),6); $qn = $db ? $db->query_num : 0; $wind_spend = "Total $totaltime(s) query $qn,"; } $ft_time = get_date($timestamp,'m-d H:i'); $db_icp && $db_icp = "$db_icp"; if ($db_toolbar) { if ($_COOKIE['toolbarhide']) { $toolbarstyle = 'style="display:none"'; $openbarstyle = ''; $closebarstyle = 'style="display:none"'; } else { $toolbarstyle = ''; $openbarstyle = 'style="display:none"'; $closebarstyle = ''; if ($db_appifopen) { $appshortcut = trim($winddb['appshortcut'],','); if (!empty($appshortcut) && $db_siteappkey) { $appclient = L::loadClass('appclient'); $bottom_appshortcut = $appclient->userApplist($winduid,$appshortcut,1); } } } } $db_menuinit = trim($db_menuinit,','); runJob(); require PrintEot('footer'); if ($db_advertdb['Site.PopupNotice'] || $db_advertdb['Site.FloatLeft'] || $db_advertdb['Site.FloatRight'] || $db_advertdb['Site.FloatRand']) { require PrintEot('advert'); } $output = ob_get_contents(); if ($db_htmifopen) { $output = preg_replace( "/\]+\s*)href\=([\"|\']?)((index|cate|thread|read|faq|rss)\.php\?[^\"\'>\s]+\s?)[\"|\']?/ies", "Htm_cv('\\3','\n","\n<","}\n","{\n",";\n","/\n","\t ",">\t","\t<","}\t","{\t",";\t","/\t",' ','',''), array('',"\n",' ',' ','>','<','}','{',';','/',' ','>','<','}','{',';','/',' ','',''), $output ); */ $output = str_replace( array("\r",'-->','',"\n",'','',"","\t\t",' ',"\n\t","\n\n"), array('','','','','','','',"\n","\n"), $output ); } else { $output = str_replace(array('-->','',"\r\n",'','',"\t\t\t"),'',$output); } if ($SCR!='post') { $ceversion = defined('CE') ? 1 : 0; $output .= ""; } if ($groupid == 'guest' && !defined('MSG') && GetGcache()) { require_once(R_P.'require/guestfunc.php'); creatguestcache($output); } updateCacheData(); echo ObContents($output); unset($output); N_flush(); exit; } function updateCacheData(){ $pw_tplgetdata = L::loadClass('tplgetdata','',true); if ($pw_tplgetdata) { if ($pw_tplgetdata->updates) { $pw_cachedata = L::loadDB('cachedata'); $pw_cachedata->updates($pw_tplgetdata->updates); } } } function Htm_cv($url,$tag){ global $db_dir,$db_ext; $tmppos = strpos($url,'#'); $add = $tmppos!==false ? substr($url,$tmppos) : ''; $url = str_replace( array('.php?','=','&','&',$add), array($db_dir,'-','-','-',''), $url ).$db_ext.$add; return stripslashes($tag).$url.'"'; } function getUserByUid($uid) { global $db; $sqladd = $sqltab = ''; if (in_array(SCR, array('index','read','thread','post'))) { $sqladd = (SCR == 'post') ? ',md.postcheck,sr.visit,sr.post,sr.reply' : ',sr.visit'; $sqltab = "LEFT JOIN pw_singleright sr ON m.uid=sr.uid"; } $detail = $db->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.email,m.oicq,m.groupid,m.memberid,m.groups,m.icon,m.regdate,m.honor,m.timedf, m.style,m.datefm,m.t_num,m.p_num,m.yz,m.newpm,m.userstatus,m.shortcut,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.thisvisit,md.onlinetime,md.lastpost,md.todaypost,md.monthpost,md.onlineip,md.uploadtime,md.uploadnum,md.starttime,md.pwdctime,md.monoltime,md.digests,md.f_num,md.creditpop,md.jobnum $sqladd FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid $sqltab WHERE m.uid=" . pwEscape($uid) . " AND m.groupid<>'0' AND md.uid IS NOT NULL"); return $detail; } function User_info() { global $db,$timestamp,$db_onlinetime,$winduid,$windpwd,$safecv,$db_ifonlinetime,$c_oltime,$onlineip,$db_ipcheck,$tdtime,$montime,$db_ifsafecv, $db_ifpwcache,$uc_server; PwNewDB(); $detail = getUserByUid($winduid); if (empty($detail) && $uc_server) { require_once(R_P . 'require/ucuseradd.php'); } $loginout = 0; if ($db_ipcheck && strpos($detail['onlineip'],$onlineip) === false) { $iparray = explode('.',$onlineip); strpos($detail['onlineip'],$iparray[0].'.'.$iparray[1]) === false && $loginout = 1; } /* if (!$detail || PwdCode($detail['password']) != $windpwd || ($db_ifsafecv && $safecv != $detail['safecv']) || $loginout || $detail['yz'] > 1) { $GLOBALS['groupid'] = 'guest'; require_once(R_P.'require/checkpass.php'); Loginout(); if ($detail['yz'] > 1) { $GLOBALS['jihuo_uid'] = $detail['uid']; Showmsg('login_jihuo'); } Showmsg('ip_change'); } else { */ list($detail['shortcut'], $detail['appshortcut']) = explode("\t",$detail['shortcut']); unset($detail['password']); $detail['honor'] = substrs($detail['honor'],90); $distime = $timestamp - $detail['lastvisit']; if ($distime > $db_onlinetime || $distime > 3600) { //Start elementupdate if ($db_ifpwcache & 1 && SCR != 'post' && SCR != 'thread') { require_once(R_P.'lib/elementupdate.class.php'); $elementupdate = new ElementUpdate(); $elementupdate->userSortUpdate($detail); } //End elementupdate if (!GetCookie('hideid')) { $ecpvisit = pwEscape($timestamp,false); $ct = 'lastvisit='.$ecpvisit.',thisvisit='.$ecpvisit; if ($db_ifonlinetime) { $c_oltime = $c_oltime <= 0 ? 0 : ($c_oltime > $db_onlinetime*1.2 ? $db_onlinetime : intval($c_oltime)); $s_oltime = pwEscape($c_oltime,false); $ct .= ',onlinetime=onlinetime+'.$s_oltime; if ($detail['lastvisit'] > $montime) { $ct .= ',monoltime=monoltime+'.$s_oltime; } else { $ct .= ',monoltime='.$s_oltime; } $c_oltime && updateDatanalyse($winduid,'memberOnLine',$c_oltime); $c_oltime = 0; } $db->update("UPDATE pw_memberdata SET $ct WHERE uid=".pwEscape($winduid)); $detail['lastvisit'] = $detail['thisvisit'] = $timestamp; } } // } return $detail; } function pwAdvert($ckey,$fid=0,$lou=-1,$scr=0) { global $timestamp,$db_advertdb,$db_mode,$_time; if (empty($db_advertdb[$ckey])) return false; $hours = $_time['hours'] + 1; $fid || $fid = $GLOBALS['fid']; $scr || $scr = SCR; $scr = strtolower($scr); $lou = (int)$lou; $tmpAdvert = $db_advertdb[$ckey]; if ($db_advertdb['config'][$ckey] == 'rand') { shuffle($tmpAdvert); } $arrAdvert = array();$advert = ''; foreach ($tmpAdvert as $key=>$value) { if ($value['stime'] > $timestamp || $value['etime'] < $timestamp || ($value['dtime'] && strpos(",{$value['dtime']},",",{$hours},")===false) || ($value['mode'] && strpos($value['mode'],($db_mode?$db_mode:'bbs'))===false) || ( $value['page'] && (strpos($value['page'],",$scr,") === false || ($scr == 'read' && $value['page'] == 'thread')) ) || ($value['fid'] && $scr != 'index' && strpos(",{$value['fid']},",",$fid,")===false) || ($value['lou'] && strpos(",{$value['lou']},",",$lou,")===false) ) { continue; } if ((!$value['ddate'] && !$value['dweek']) || ($value['ddate'] && strpos(",{$value['ddate']},",",{$_time['day']},")!==false) || ($value['dweek'] && strpos(",{$value['dweek']},",",{$_time['week']},")!==false) ) { $arrAdvert[] = $value['code']; $advert .= is_array($value['code']) ? $value['code']['code'] : $value['code']; if ($db_advertdb['config'][$ckey] != 'all') break; } } return array($advert,$arrAdvert); } function admincheck($forumadmin,$fupadmin,$username){ if (!$username) { return false; } if ($forumadmin && strpos($forumadmin,",$username,")!==false) { return true; } if ($fupadmin && strpos($fupadmin,",$username,")!==false) { return true; } return false; } function getdirname($path=null){ if (!empty($path)) { if (strpos($path,'\\')!==false) { return substr($path,0,strrpos($path,'\\')).'/'; } elseif (strpos($path,'/')!==false) { return substr($path,0,strrpos($path,'/')).'/'; } } return './'; } function allowcheck($allowgroup,$groupid,$groups,$fid='',$allowforum=''){ if ($allowgroup && strpos($allowgroup,",$groupid,")!==false) { return true; } if ($allowgroup && $groups) { $groupids = explode(',',substr($groups,1,-1)); foreach ($groupids as $value) { if (strpos($allowgroup,",$value,")!==false) { return true; } } } if ($fid && $allowforum && strpos(",$allowforum,",",$fid,")!==false) { return true; } return false; } function GetGcache() { global $db_fguestnum,$db_tguestnum,$db_guestindex; $page = isset($GLOBALS['page']) ? $GLOBALS['page'] : (int)$_GET['page']; if (SCR == 'thread' && $page < $db_fguestnum && !isset($_GET['type']) && !GetGP('search')) { return true; } elseif (SCR == 'read' && $page < $db_tguestnum && !isset($_GET['uid'])) { return true; } elseif (SCR == 'index' && $db_guestindex && !isset($_GET['cateid'])) { return true; } return false; } function GetVerify($str,$app = null) { empty($app) && $app = $GLOBALS['db_siteid']; return substr(md5($str.$app.$GLOBALS['pwServer']['HTTP_USER_AGENT']),8,8); } function PostCheck($verify = 1,$gdcheck = 0,$qcheck = 0,$refer = 1) { global $pwServer; $verify && checkVerify(); if ($refer && $pwServer['REQUEST_METHOD'] == 'POST') { $referer_a = @parse_url($pwServer['HTTP_REFERER']); if ($referer_a['host']) { list($http_host) = explode(':',$pwServer['HTTP_HOST']); if ($referer_a['host'] != $http_host) { Showmsg('undefined_action'); } } } $gdcheck && GdConfirm($_POST['gdcode']); $qcheck && Qcheck($_POST['qanswer'],$_POST['qkey']); } function checkVerify($hash = 'verifyhash') { GetGP('verify') <> $GLOBALS[$hash] && Showmsg('illegal_request'); } function GdConfirm($code) { Cookie('cknum','',0); if (!$code || !SafeCheck(explode("\t",StrCode(GetCookie('cknum'),'DECODE')),strtoupper($code),'cknum',1800)) { Showmsg('check_error'); } } function Qcheck($answer,$qkey) { global $db_question,$db_answer; if ($db_question && (!isset($db_answer[$qkey]) || $answer!=$db_answer[$qkey])) { Showmsg('qcheck_error'); } } function PwNewDB() { if (!is_object($GLOBALS['db'])) { global $db,$database,$dbhost,$dbuser,$dbpw,$dbname,$PW,$charset,$pconnect; require_once Pcv(R_P."require/db_$database.php"); $db = new DB($dbhost, $dbuser, $dbpw, $dbname, $PW, $charset, $pconnect); } } function Pwloaddl($mod,$ckfunc='mysqli_get_client_info') { return extension_loaded($mod) && $ckfunc && function_exists($ckfunc) ? true : false; } function setstatus(&$status,$b,$setv = '1') { --$b; for ($i = strlen($setv)-1; $i >= 0 ; $i--) { if ($setv[$i]) { $status |= 1 << $b; } else { $status &= ~(1 << $b); } ++$b; } //return $status; } function sendHeader($num,$rtarr=null){ static $sapi = null; if ($sapi===null) { $sapi = php_sapi_name(); } $header_a = array( '200' => 'OK', '206' => 'Partial Content', '304' => 'Not Modified', '404' => '404 Not Found', '416' => 'Requested Range Not Satisfiable', ); if ($header_a[$num]) { if ($sapi=='cgi' || $sapi=='cgi-fcgi') { $headermsg = "Status: $num ".$header_a[$num]; } else { $headermsg = "HTTP/1.1: $num ".$header_a[$num]; } if (empty($rtarr)) { header($headermsg); } else { return $headermsg; } } return ''; } function getLastDate($time,$type = 1){ global $timestamp,$tdtime; static $timelang = false; if ($timelang==false) { $timelang = array( 'second' =>getLangInfo('other','second'), 'yesterday' =>getLangInfo('other','yesterday'), 'hour' =>getLangInfo('other','hour'), 'minute' =>getLangInfo('other','minute'), 'qiantian' =>getLangInfo('other','qiantian'), ); } $decrease = $timestamp-$time; $thistime = PwStrtoTime(get_date($time,'Y-m-d')); $thisyear = PwStrtoTime(get_date($time,'Y')); $thistime_without_day = get_date($time,'H:i'); $yeartime = PwStrtoTime(get_date($timestamp,'Y')); $result = get_date($time); if ($thistime == $tdtime) { if ($type == 1){ if ($decrease <= 60) { return array($decrease.$timelang['second'],$result); } if ($decrease <= 3600) { return array(ceil($decrease/60).$timelang['minute'],$result); } else { return array(ceil($decrease/3600).$timelang['hour'],$result); } } else { return array(get_date($time,'H:i'),$result); } } elseif ($thistime == $tdtime-86400) { if ($type == 1) { return array($timelang['yesterday']." ".$thistime_without_day,$result); } else { return array(get_date($time,'m-d'),$result); } } elseif ($thistime == $tdtime-172800) { if ($type == 1) { return array($timelang['qiantian']." ".$thistime_without_day,$result); } else { return array(get_date($time,'m-d'),$result); } } elseif ($thisyear == $yeartime){ return array(get_date($time,'m-d'),$result); } else { if ($type == 1) { return array(get_date($time,'Y-m-d'),$result); } else { return array(get_date($time,'y-n-j'),$result); } } } function procLock($t, $u = 0) { global $db,$timestamp; if ($db->query("INSERT INTO pw_proclock (uid,action,time) VALUES ('$u','$t','$timestamp')",'U',false)) { return true; } $db->update("DELETE FROM pw_proclock WHERE uid='$u' AND action='$t' AND time < '$timestamp' - 30"); return false; } function procUnLock($t = '', $u = 0) { $GLOBALS['db']->update("DELETE FROM pw_proclock WHERE uid='$u' AND action='$t'"); } function pwNavBar() { global $winduid,$db_mainnav,$db_menu,$groupid,$winddb,$SCR,$db_modes,$db_mode,$defaultMode,$db_menuinit; $tmpLogin = $tmpNav = array(); if ($groupid != 'guest') { require_once(R_P.'require/showimg.php'); list($tmpLogin['faceurl']) = showfacedesign($winddb['icon'],1,'s'); $tmpLogin['lastlodate'] = get_date($winddb['lastvisit'],'Y-m-d'); } else { global $db_question,$db_logintype,$db_qcheck; if ($db_question) { list(,$tmpLogin['qcheck']) = explode("\t",$db_qcheck); if ($tmpLogin['qcheck']) $tmpLogin['qkey'] = array_rand($db_question); } if ($db_logintype) { for ($i = 0; $i < 3; $i++) { if ($db_logintype & pow(2,$i)) $tmpLogin['logintype'][] = $i; } } else { $tmpLogin['logintype'][0] = 0; } } if (in_array(SCR,array('index','cate','mode')) || $SCR == 'm_home') { $tmpSel= empty($db_mode) ? 'KEYbbs' : 'KEY'.$db_mode; } elseif (in_array(SCR,array('read','thread'))){ $tmpSel = 'KEYbbs'; } else { $tmpSel = ''; } empty($db_mainnav) && $db_mainnav = array(); foreach ($db_mainnav as $key=>$value) { if ($value['pos'] == '-1' || strpos(",{$value['pos']},",','.($db_mode?$db_mode:'bbs').',') !== false) { $tmpNav['main']['html'] .= $tmpSel == $key ? "

{$value['html']}

" : "

{$value['html']}

"; } } return array($tmpNav,$tmpLogin); } function pwGetShortcut() { static $shortcutforum = array(); if (empty($shortcutforum)) { global $winddb,$forum,$winduid,$db_shortcutforum; if (trim($winddb['shortcut'],',')) { isset($forum) || require(D_P.'data/bbscache/forum_cache.php'); $tempshortcut = explode(',',$winddb['shortcut']); foreach ($tempshortcut as $value) { if ($value && isset($forum[$value])) { $shortcutforum[$value] = strip_tags($forum[$value]['name']); } } } if (empty($shortcutforum)) { if (!$db_shortcutforum && $winduid) { require_once(R_P.'require/updateforum.php'); $shortcutforum = updateshortcut(); } else { $shortcutforum = $db_shortcutforum; } } } return $shortcutforum; } function getSecDomain($url, $mainUrl = null) { global $pwServer; if ($mainUrl && $url == $mainUrl) { return ''; } $dirname = substr($pwServer['HTTP_HOST'], 0, strpos($pwServer['HTTP_HOST'], '.')); if (preg_match('/[^\w]' . $dirname . '\./i', $mainUrl)) { return ''; } return $dirname; } //global.php结束************* require_once(R_P.'lib/forum.class.php'); //require_once(R_P.'lib/post.class.php'); //post.class.php 开始************* !defined('P_W') && exit('Forbidden'); /* 发表帖子操作类 * fix by sky_hold@163.com * */ class PwPost { var $db; var $user; var $uid; var $username; var $groupid; var $forum; //class PwForum var $_G; var $isGM; var $isBM; var $admincheck; var $allowsell; var $allowencode; var $hours; var $errMsg = array(); var $errMode = false; function PwPost(&$forum) { global $db,$winddb,$groupid,$_time,$_G,$manager,$windid,$winduid; $this->db =& $db; $this->user =& $winddb; $this->groupid =& $groupid; $this->hours =& $_time['hours']; $this->forum =& $forum; $this->uid =& $winduid; $this->username =& $windid; $this->_G =& $_G; $this->isGM = CkInArray($this->username, $manager); $this->isBM = $this->forum->isBM($this->username); $this->admincheck = ($this->isGM || $this->isBM); $this->allowhide = ($this->forum->foruminfo['allowhide'] && $this->_G['allowhidden']); $this->allowsell = ($this->forum->foruminfo['allowsell'] && $this->_G['allowsell']); $this->allowencode = ($this->forum->forumset['allowencode'] && $this->_G['allowencode']); } function forumcheck() { if (!$this->forum->isForum()) { return $this->showmsg('data_error'); } $this->forum->forumcheck($this->user, $this->groupid); if (!$this->admincheck) { $this->forum->creditcheck($this->user, $this->groupid); } // if (!$this->isGM && !$this->forum->allowtime($this->hours) && !pwRights($this->isBM, 'allowtime')) { // return $this->showmsg('forum_allowtime'); // } } function checkSpecial($special) { if (!($this->forum->foruminfo['allowtype'] & pow(2,$special))) { if (empty($special) && $this->forum->foruminfo['allowtype'] > 0) { $special = (int)log($this->forum->foruminfo['allowtype'],2); } else { return $this->showmsg('post_allowtype'); } } } function postcheck() { global $db_openpost,$db_postallowtime,$timestamp; // list($openpost, $poststart, $postend) = explode("\t", $db_openpost); // if ($openpost == 1 && $this->groupid != 3 && $this->groupid != 4) { // if ($poststart < $postend && ($this->hours < $poststart || $this->hours >= $postend)) { // return $this->showmsg('post_openpost'); // } elseif ($poststart > $postend && ($this->hours < $poststart && $this->hours >= $postend)) { // return $this->showmsg('post_openpost'); // } // } // if ($this->groupid == '7') { // return $this->showmsg('post_check'); // } // if ($db_postallowtime && $timestamp - $this->user['regdate'] < $db_postallowtime*60) { // return $this->showmsg('post_newrg_limit'); // } } function checkUserCredit($add) { global $credit; isset($credit) || require_once(R_P.'require/credit.php'); $flag = 0; $reduce = array(); foreach ($add as $key => $value) { if ($value < 0) { $reduce[$key] = $value; $flag |= is_numeric($key) ? 2 : 1; } } if ($reduce) { $u_credit = $credit->get($this->uid, ($flag == 1 ? 'COMMON' : ($flag == 2 ? 'CUSTOM' : 'ALL'))); $err = array(); foreach ($reduce as $key => $value) { if ($u_credit[$key] + $value < 0) { $err[] = -$value . $credit->cType[$key]; } } if ($err) { $GLOBALS['shortCredit'] = implode(',', $err); return $this->showmsg('post_credit_enough'); } } } function updateUserInfo($type, $add, $content = '') { global $db_creditset,$credit,$db_upgrade,$timestamp,$db_tcheck; if ($this->groupid <> 'guest') { require_once(R_P.'require/credit.php'); $this->user['todaypost'] ++; $this->user['monthpost'] ++; $this->user['postnum'] ++; $this->user['lastpost'] = $timestamp; $credit->addLog('topic_' . $type, $add, array( 'uid' => $this->uid, 'username' => $this->username, 'ip' => $GLOBALS['onlineip'], 'fname' => $this->forum->name )); $credit->sets($this->uid, $add, false); $this->user['rvrc'] += $add['rvrc']; $this->user['money'] += $add['money']; $this->user['credit'] += $add['credit']; $this->user['currency'] += $add['currency']; $usercredit = array( 'postnum' => $this->user['postnum'], 'digests' => $this->user['digests'], 'rvrc' => $this->user['rvrc'], 'money' => $this->user['money'], 'credit' => $this->user['credit'], 'currency' => $this->user['currency'], 'onlinetime'=> $this->user['onlinetime'] ); $upgradeset = unserialize($db_upgrade); foreach ($upgradeset as $key => $val) { if (is_numeric($key) && $val) { foreach ($credit->get($this->user['uid'], 'CUSTOM') as $key => $value) { $usercredit[$key] = $value; } break; } } $memberid = getmemberid(CalculateCredit($usercredit, $upgradeset)); if ($this->user['memberid'] != $memberid) { $this->db->update("UPDATE pw_members SET memberid=".pwEscape($memberid)." WHERE uid=" . pwEscape($this->user['uid'])); } $credit->runsql(); $pwSQL = array( 'postnum' => $this->user['postnum'], 'todaypost' => $this->user['todaypost'], 'monthpost' => $this->user['monthpost'], 'lastpost' => $this->user['lastpost'], 'uploadtime' => $this->user['uploadtime'], 'uploadnum' => $this->user['uploadnum'] ); $db_tcheck && $pwSQL['postcheck'] = PwPost::tcheck($content); $this->db->update("UPDATE pw_memberdata SET " . pwSqlSingle($pwSQL) . " WHERE uid=" . pwEscape($this->uid)); } else { Cookie('userlastptime',$timestamp); } } function showmsg($msg) { if ($this->errMode) { $this->errMsg[] = $msg; } else { // Showmsg($msg); exitmsg($msg); } return true; } //static function function tcheck($content) { $content = trim($content); $content = strlen($content)>100 ? substr($content,0,100) : $content; return substr(md5($content),5,16); } } //abstract class postData { /** 设置 **/ var $titlemax; var $postmax; var $postmin; var $posturlnum; var $db; var $post; var $forum; var $filter; var $linkChecker = null; var $linkCheckStrategy; var $blackListLinkCheckStrategy; var $data; var $att = null; var $tag = null; var $hide = 0; var $enhide = array(); var $sell = array(); var $code_htm; var $code_id; function postData(&$post) { global $db,$db_titlemax,$db_postmax,$db_postmin,$db_posturlnum; $this->titlemax =& $db_titlemax; $this->postmax =& $db_postmax; $this->postmin =& $db_postmin; $this->posturlnum =& $db_posturlnum; $this->db =& $db; $this->post =& $post; $this->forum =& $post->forum; $this->filter = L::loadClass('FilterUtil'); $this->data = array( 'fid' => $this->forum->fid, 'author' => $this->post->username, 'authorid' => $this->post->uid, 'title' => '', 'content' => '', 'convert' => 1, 'ifcheck' => 1, 'ifwordsfb' => $this->filter->code, 'ifsign' => 0, 'icon' => 0, 'hideatt' => 0, 'aid' => 0, 'ifupload' => 0, 'lastposter' => $this->post->username ); $this->initLinkChecker(); } function initLinkChecker() { global $db_urlcheck, $db_urlblacklist, $db_urlcheckstrategy, $db_blurlcheckstrategy, $db_urlchecklimit; if ($db_urlcheckstrategy || $db_blurlcheckstrategy) { $this->linkChecker = L::loadClass('LinkChecker'); $this->linkChecker->setConfig(explode(",", $db_urlcheck), explode(",", $db_urlblacklist), $db_urlchecklimit); $this->linkCheckStrategy = $db_urlcheckstrategy; $this->blackListLinkCheckStrategy = $db_blurlcheckstrategy; } } function initData($bhv) { $this->data = array_merge($this->data, $bhv->resetData()); } //abstract function setTitle($title) {} function setContent($content) { $check_content = $content; for ($i = 10; $i < 14; $i++) { $check_content = str_replace(Chr($i),'',$check_content); } if (strlen(trim($check_content)) >= $this->postmax || strlen(trim($check_content)) < $this->postmin) { return $this->post->showmsg('postfunc_content_limit'); } /* if (($GLOBALS['banword'] = $this->wordsfb->comprise($content, false)) !== false) { return $this->post->showmsg('content_wordsfb'); } */ $this->data['content'] = $content; } function setConvert($convert, $autourl = 1) { if ($convert) { $autourl && $this->data['content'] = $this->autourl($this->data['content']); // if ($this->posturlnum > 0 && $this->post->user['postnum'] < $this->posturlnum && !$this->post->isGM && $this->urlCheck($this->data['content'])) { // return $this->post->showmsg('postfunc_urlnum_limit'); // } } $this->data['convert'] = $convert ? 1 : 0; } function setAnonymous($anonymous) { $this->data['anonymous'] = ($anonymous && ($this->post->isGM || $this->forum->forumset['anonymous'] && $this->post->_G['anonymous'])) ? 1 : 0; if ($this->data['anonymous']) { $this->data['lastposter'] = $GLOBALS['db_anonymousname']; } } function setIfsign($usesign, $usehtml) { $ifsign = $usesign ? 1 : 0; if ($usehtml && $this->post->_G['htmlcode']) { $ifsign += 2; } $this->data['ifsign'] = $ifsign; } function setHideatt($hideatt) { $this->data['hideatt'] = ($hideatt && ($this->post->isGM || $this->forum->foruminfo['allowhide'] && $this->post->_G['allowhidden'])) ? 1 : 0; } function setIconid($iconid) { $this->data['icon'] = $iconid; } function setHide($hide) { $this->hide = $hide; } function setEnhide($requireenhide, $enhidervrc, $enhidetype) { global $db_enhideset; if ($requireenhide) { !in_array($enhidetype, $db_enhideset['type']) && $enhidetype = 'rvrc'; $this->enhide = array($enhidervrc, $enhidetype); } } function setSell($requiresell, $money, $credittype) { global $db_sellset; if ($requiresell) { !in_array($credittype, $db_sellset['type']) && $credittype = 'moeny'; $this->sell = array($money, $credittype); } } function setAttachs() { if (is_object($this->att)) { $this->data['ifupload'] = $this->att->ifupload; $this->data['aid'] = $this->att->getAttachNum(); if ($idrelate = $this->att->getIdRelate()) { foreach ($idrelate as $aid => $id) { $this->data['content'] = str_replace("[upload=$id]", "[attachment=$aid]", $this->data['content']); } } } } function setData($key, $value) { if (isset($this->data[$key])) { $this->data[$key] = $value; } } //abstract function setIfcheck() {} function getIfcheck() { return $this->data['ifcheck']; } function checkdata() { $this->data['title'] = Char_cv($this->data['title']); //$this->data['ifwordsfb'] = $this->wordsfb->ifwordsfb(stripslashes($this->data['content'])); if ($this->data['convert']) { $this->data['content'] = $this->html_check($this->data['content']); $this->windcodeCheck(); } else { $this->data['convert'] = 1; } if ($this->data['ifsign'] < 2) { $this->data['content'] = Char_cv($this->data['content']); } else { $this->data['content'] = preg_replace( array("/.*<\/script>/is","/<(([^\"']|\"[^\"]*\"|'[^']*')*?)>/eis","/javascript/i"), array("","\$this->jscv('\\1')","java script"), str_replace('.','.',$this->data['content']) ); } $this->wordFilter(); $this->setIfcheck(); $this->setAttachs(); $this->checkLinks(); } function checkLinks() { if ($this->linkChecker) { $this->linkChecker->checkContent($this->data['content']); if ($this->linkCheckStrategy && $this->linkChecker->isReachLimit()) { if ('verify' == $this->linkCheckStrategy) { $this->data['ifcheck'] = 0; } elseif ('exception' == $this->linkCheckStrategy) { $this->post->showmsg('urlcheck_toomany'); } } if ($this->blackListLinkCheckStrategy && $this->linkChecker->haveBlackDomains()) { $GLOBALS['blackurl'] = implode(", ", $this->linkChecker->getBlackUrls()); $this->post->showmsg('urlcheck_inblack'); } } } function windcodeCheck() { foreach (array('wmv','rm','flash') as $key => $value) { if (strpos(",{$this->post->_G[media]},",",$value,") === false) { $this->data['content'] = preg_replace("/(\[$value=([0-9]{1,3}\,[0-9]{1,3}\,)?)1(\].+?\[\/$value\])/is", "\${1}0\\3", $this->data['content']); } } if (!$this->post->isGM && (!$this->forum->foruminfo['allowhide'] || !$this->post->_G['allowhidden'])) { $this->data['content'] = str_replace("[post]","[\tpost]", $this->data['content']); } elseif ($this->hide == '1') { $this->data['content'] = "[post]".str_replace(array('[post]','[/post]'), "", $this->data['content'])."[/post]"; $this->data['convert'] = 2; } elseif (false !== strpos($this->data['content'], '[post]') && false !== strpos($this->data['content'], '[/post]')) { $this->data['convert'] = 2; } if (!$this->post->isGM && (!$this->forum->forumset['allowencode'] || !$this->post->_G['allowencode'])) { $this->data['content'] = str_replace("[hide=","[\thide=", $this->data['content']); } elseif ($this->enhide) { $this->data['content'] = preg_replace("/\[hide=(.+?)\]/is","",$this->data['content']); $this->data['content'] = "[hide=".$this->enhide[0].",{$this->enhide[1]}]".str_replace("[/hide]","",$this->data['content'])."[/hide]"; $this->data['convert'] = 2; } if (!$this->post->isGM && (!$this->forum->foruminfo['allowsell'] || !$this->post->_G['allowsell'])) { $this->data['content'] = str_replace("[sell=","[\tsell=", $this->data['content']); } elseif ($this->sell) { $this->data['content'] = str_replace("[/sell]","",preg_replace("/\[sell=(.+?)\]/is","",$this->data['content'])); $this->data['content'] = "[sell=".$this->sell[0].",{$this->sell[1]}]{$this->data[content]}[/sell]"; $this->data['convert'] = 2; } elseif (false !== strpos($this->data['content'], '[sell') && false !== strpos($this->data['content'], '[/sell]')) { $this->data['convert'] = 2; } if ($this->data['convert'] == 1) { $this->data['content'] != convert($this->data['content'],'') && $this->data['convert'] = 2; } } function wordFilter() { $this->filter->getFilterResult($this->data['title'] . "\t" . $this->data['content']); if ($this->filter->filter_weight) { $title_filter_word = ''; $titlelen = strlen($this->data['title']); $arrPos = array_keys($this->filter->filter_word); foreach ($arrPos as $key) { if ($key < $titlelen) { $title_filter_word .= $title_filter_word ? ','.$this->filter->filter_word[$key] : $this->filter->filter_word[$key]; } else { break; } } if ($title_filter_word) { $GLOBALS['banword'] = $title_filter_word; return $this->post->showmsg('title_wordsfb'); } if ($this->filter->filter_weight == 1) { $GLOBALS['banword'] = implode(',',$this->filter->filter_word); return $this->post->showmsg('content_wordsfb'); } $this->data['ifwordsfb'] = 0; } } function conentCheck() { global $db_tcheck; // if ($db_tcheck && $this->post->user['postcheck'] == PwPost::tcheck($this->data['content'])) { // return $this->post->showmsg('content_same'); // } } function getData() { $this->checkdata(); return $this->data; } function urlCheck($str) { return (strpos($str,'[/URL]') !== false || strpos($str,'[/url]') !== false); } function html_check($souce) { global $db_bbsurl,$db_picpath,$db_attachname; if (strpos($souce,$db_bbsurl) !== false) { $souce = str_replace($db_picpath, 'p_w_picpath', $souce); $souce = str_replace($db_attachname, 'p_w_upload', $souce); } return $souce; } function jscv($code) { $code = str_replace('\\"','"',$code); $code = preg_replace('/[\s]on[\w]+\s*=\s*(\\\"|\\\\\').+?\\1/is',"",$code); $code = preg_replace("/[\s]on[\w]+\s*=[^\s]*/is","",$code); return '<'.$code.'>'; } function autourl($message){ global $db_autoimg,$db_cvtimes; $this->code_htm = array(); $this->code_id = 0; if (strpos($message,"[code]") !== false && strpos($message,"[/code]") !== false) { $message = preg_replace("/\[code\](.+?)\[\/code\]/eis","\$this->code_check('\\1')", $message, $db_cvtimes); } if ($db_autoimg == 1) { $message = preg_replace( array("/(?<=[^\]a-z0-9-=\"'\\/])((https?|ftp):\/\/|www\.)([a-z0-9\/\-_+=.~!%@?#%&;:$\\│]+\.(gif|jpg|png))(?![\w\/\-+\.$&?#]{1})/i"), array("[img]\\1\\3[/img]"), ' ' . $message ); $message = substr($message,1); } $message = preg_replace( array( "/(?<=[^\]a-z0-9-=\"'\\/])((https?|ftp|gopher|news|telnet|mms|rtsp):\/\/|www\.)([a-z0-9\/\-_+=.~!%@?#%&;:$\\│\|]+)/i", "/(?<=[^\]a-z0-9\/\-_.~?=:.])([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4}))/i" ), array( "[url]\\1\\3[/url]", "[email]\\0[/email]" ), ' '.$message ); if (is_array($this->code_htm)) { foreach($this->code_htm as $key => $value){ $message = str_replace("<\twind_phpcode_$key\t>", $value, $message); } } $message = substr($message,1); return $message; } function code_check($code){ $this->code_id++; $this->code_htm[$this->code_id] = '[code]' . str_replace('\\"','"',$code) . '[/code]'; return "<\twind_phpcode_{$this->code_id}\t>"; } } class topicPostData extends postData { function topicPostData(&$post) { parent::postData($post); $this->data = array_merge($this->data,array( 'w_type' => 0, 'digest' => 0, 'topped' => 0, 'special' => 0, 'ifmail' => 0, 'tpcstatus' => 0, 'ifmagic' => 0, 'magic' => '', 'modelid' => 0, )); } function setTitle($title) { $title = trim($title); if (empty($title) || strlen($title) > $this->titlemax) { return $this->post->showmsg('postfunc_subject_limit'); } /* if (($GLOBALS['banword'] = $this->wordsfb->comprise($title)) !== false) { return $this->post->showmsg('title_wordsfb'); } */ $this->data['title'] = $title; } function setWtype($p_type, $p_sub_type, $t_per, $t_db) { if (!$p_type || empty($t_db[$p_type]) || ($t_per == 0 && !$this->post->admincheck)) { $w_type = 0; } else { $w_type = $p_type; } if (!$p_sub_type || empty($t_db[$p_sub_type]) || ($t_per == 0 && !$this->post->admincheck)) { $w_sub_type = 0; } else { $w_sub_type = $p_sub_type; } $w_type = $w_sub_type ? $w_sub_type : $w_type; if ($GLOBALS['db_forcetype'] && $w_type == '0') { return $this->post->showmsg('force_tid_select'); } $this->data['w_type'] = $w_type; } function setTags($tags) { global $db_iftag; if ($db_iftag) { /* if (($GLOBALS['banword'] = $this->wordsfb->comprise($tags)) !== false) { return $this->post->showmsg('tag_wordsfb'); } */ $this->tag = new BbsTag($this->post); $this->data['tags'] = $this->tag->setTags($tags); } } function setIfmail($mail,$newrp) { global $db_replysendmail,$db_replysitemail; $ifmail = ($mail && $db_replysendmail) ? 1 : 0; $newrp && $db_replysitemail && $ifmail += 2; $this->data['ifmail'] = $ifmail; } function setDigest($digest) { if ($digest && !pwRights($this->post->isBM,'digestadmin')) { $digest = 0; } $this->data['digest'] = $digest; } function setTopped($topped) { global $db_topped; if ($db_topped == 0 || $topped && !$this->post->isGM && (pwRights($this->post->isBM, 'topped') < $topped)) { $topped = 0; } $this->data['topped'] = $topped; } function setMagic($magicid,$magicname) { global $db_windmagic; if ($db_windmagic) { $this->data['ifmagic'] = $magicid ? 1 : 0; $this->data['magic'] = $magicid ? ($magicid . "\t" . $magicname) : ''; } } function setStatus($pos, $value = '1') { setstatus($this->data['tpcstatus'], $pos, $value); } function setIfcheck() { if (($this->forum->foruminfo['f_check'] == 1 || $this->forum->foruminfo['f_check'] == 3) && $this->post->_G['atccheck'] && !$this->post->admincheck && $this->post->groupid != 3) { $ifcheck = 0; } else { $ifcheck = (!$this->post->admincheck && $this->filter->filter_weight == 2) ? 0 : 1; } $this->data['ifcheck'] = $ifcheck; } } class replyPostData extends postData { function replyPostData(&$post) { parent::postData($post); } function setTitle($title) { $title = trim($title); if (strlen($title) > $this->titlemax) { return $this->post->showmsg('postfunc_subject_limit'); } /* if (stripslashes($title) == 'Re:' . $this->tpcArr['subject']) { $title = ''; } if (($GLOBALS['banword'] = $this->wordsfb->comprise($title)) !== false) { return $this->post->showmsg('title_wordsfb'); } */ $this->data['title'] = $title; } function setIfcheck() { if ($this->forum->foruminfo['f_check'] > 1 && $this->post->_G['atccheck'] && !$this->post->admincheck && $this->post->groupid != 3) { $ifcheck = 0; } else { $ifcheck = (!$this->post->admincheck && $this->filter->filter_weight == 2) ? 0 : 1; } $this->data['ifcheck'] = $ifcheck; } } class BbsTag { var $post; var $tags; var $db; function BbsTag(&$post) { global $db; $this->tags = array(); $this->db =& $db; $this->post =& $post; } function setTags($tags) { if (!$tags) { return ''; } $this->tags = array_unique(explode(" ",preg_replace('/\s+/is',' ',trim($tags)))); if (count($this->tags) > 5) { return $this->post->showmsg("tags_num_limit"); } foreach ($this->tags as $key => $value) { if (strlen($value)>15 || strlen($value)<3) { return $this->post->showmsg('tag_length_limit'); } } return implode(" ",$this->tags); } function insert($tid) { $sql = array(); foreach ($this->tags as $key => $value) { if (!$value) continue; $rt = $this->db->get_one("SELECT tagid FROM pw_tags WHERE tagname=".pwEscape($value)); if (!$rt) { $this->db->update("INSERT INTO pw_tags SET ".pwSqlSingle(array('tagname'=>$value,'num'=>1))); $tagid = $this->db->insert_id(); } else { $tagid = $rt['tagid']; $this->db->update("UPDATE pw_tags SET num=num+1 WHERE tagid=".pwEscape($tagid)); } $sql[] = array($tagid,$tid); } $sql && $this->db->update("INSERT INTO pw_tagdata (tagid,tid) VALUES ".pwSqlMulti($sql)); } function update($tid) { $tagids = array(); $tags = array(); $query = $this->db->query("SELECT * FROM pw_tagdata td LEFT JOIN pw_tags t USING(tagid) WHERE td.tid=" . pwEscape($tid)); while ($rt = $this->db->fetch_array($query)) { if (!in_array($rt['tagname'], $this->tags)) { $tagids[] = $rt['tagid']; } else { $tags[] = $rt['tagname']; } } if ($tagids) { $tagids = pwImplode($tagids); $this->db->update("DELETE FROM pw_tagdata WHERE tid=" . pwEscape($tid) . " AND tagid IN($tagids)"); $this->db->update("UPDATE pw_tags SET num=num-1 WHERE tagid IN($tagids)"); } if ($this->tags = array_diff($this->tags, $tags)) { $this->insert($tid); } } function relate($subject,$content){ @include(D_P.'data/bbscache/tagdb.php'); $i = 0; $tags = ''; if(!$tagdb){ return ''; } foreach ($tagdb as $tag => $num) { if (strpos($subject,$tag) !== false || strpos($content,$tag) !== false) { $tags .= $tags ? ' '.$tag : $tag; if(++$i > 9) break; } } return $tags; } } //post.class.php 结束************* include_once(D_P.'data/bbscache/cache_post.php'); /** * 版块缓冲文件 */ function exitmsg($msg,$flag=0){ if ($flag==0){ $msg=getLangInfo('msg',$msg); echo('[err]'.$msg.'[/err]'); }else{ echo($msg); } exit(); } //empty($fid) && Showmsg('undefined_action'); empty($fid) && exitmsg('undefined_action'); $pwforum = new PwForum($fid); $pwpost = new PwPost($pwforum); //$pwpost->forumcheck(); //$pwpost->postcheck(); list($uploadcredit,$uploadmoney,,) = explode("\t", $pwforum->forumset['uploadset']); InitGP(array('action','article','pid','page')); InitGP(array('special','modelid','pcid'),2); //zzcity add if ($vercode!=$vercode2){ echo('[err]invalid vercode[/err]'); exit(); } $replacedb = array(); $secondurl = "thread.php?fid=$fid"; //!$action && $action = "new"; $action = "reply"; $replayorder_default = 'checked'; $pcid=0; //zzcity add $step = "2";//zzcity add //if ($action == 'new') { // if ($modelid > 0) {/*主题分类*/ // require_once(R_P.'lib/posttopic.class.php'); // $postTopic = new postTopic($pwpost); // if (!$_G['allowmodelid']) { // //Showmsg('post_allowtype'); // exitmsg('post_allowtype'); // } // if (strpos(",".$pwforum->foruminfo['modelid'].",",",".$modelid.",") === false) { // //Showmsg('forum_model_unfined'); // exitmsg('forum_model_unfined'); // } // if (!$postTopic->topiccatedb[$postTopic->topicmodeldb[$modelid]['cateid']]['ifable']) { // //Showmsg('topic_cate_unable'); // exitmsg('topic_cate_unable'); // } // //!$postTopic->topicmodeldb[$modelid]['ifable'] && Showmsg('topic_model_unable'); // !$postTopic->topicmodeldb[$modelid]['ifable'] && exitmsg('topic_model_unable'); // $special = $pcid = 0; //// } elseif ($pcid > 0) {/*团购活动*/ //// require_once(R_P.'lib/postcate.class.php'); //// $postCate = new postCate($pwpost); //// if (strpos(",".$pwforum->foruminfo['pcid'].",",",".$pcid.",") === false || !$postCate->postcatedb[$pcid]['ifable']) { //// Showmsg('forum_pc_unfined'); //// } //// if (strpos(",".$_G['allowpcid'].",",",".$pcid.",") === false) { //// Showmsg('post_allowtype'); //// } //// $special = $modelid = 0; // } elseif (!($pwforum->foruminfo['allowtype'] & pow(2,$special))) { // if (empty($special) && $pwforum->foruminfo['allowtype'] > 0) { // $special = (int)log($pwforum->foruminfo['allowtype'],2); // } else { // //Showmsg('post_allowtype'); // exitmsg('post_allowtype'); // } // $modelid = $pcid = 0; // } //} /** * 禁止受限制用户发言 if ($groupid == 6 || getstatus($winddb['userstatus'],1)) { $pwSQL = ''; $flag = 0; $bandb = $delban = array(); $query = $db->query("SELECT * FROM pw_banuser WHERE uid=".pwEscape($winduid)); while ($rt = $db->fetch_array($query)) { if ($rt['type'] == 1 && $timestamp - $rt['startdate'] > $rt['days']*86400) { $delban[] = $rt['id']; } elseif ($rt['fid'] == 0 || $rt['fid'] == $fid) { $bandb[$rt['fid']] = $rt; } else { $flag = 1; } } $delban && $db->update('DELETE FROM pw_banuser WHERE id IN('.pwImplode($delban).')'); ($groupid == 6 && !isset($bandb[0])) && $pwSQL .= "groupid='-1',"; if (getstatus($winddb['userstatus'],1) && !isset($bandb[$fid]) && !$flag) { $pwSQL .= 'userstatus=userstatus&(~1),'; } if ($pwSQL = rtrim($pwSQL,',')) { $db->update("UPDATE pw_members SET $pwSQL WHERE uid=".pwEscape($winduid)); } if ($bandb) { $bandb = current($bandb); if ($bandb['type'] == 1) { $s_date = get_date($bandb['startdate']); $e_date = $bandb['startdate'] + $bandb['days']*86400; $e_date = get_date($e_date); Showmsg('ban_info1'); } else { if ($bandb['type'] == 3) { Cookie('force',$winduid); Showmsg('ban_info3'); } else { Showmsg('ban_info2'); } } } } if (GetCookie('force') && $winduid != GetCookie('force')) { $force = GetCookie('force'); $bandb = $db->get_one("SELECT type FROM pw_banuser WHERE uid=".pwEscape($force)." AND fid='0'"); if ($bandb['type'] == 3) { Showmsg('ban_info3'); } else { Cookie('force','',0); } } */ $userlastptime = $groupid != 'guest' ? $winddb['lastpost'] : GetCookie('userlastptime'); /** * 灌水预防 $tdtime >= $winddb['lastpost'] && $winddb['todaypost'] = 0; $montime >= $winddb['lastpost'] && $winddb['monthpost'] = 0; if ($_G['postlimit'] && $winddb['todaypost'] >= $_G['postlimit']) { Showmsg('post_gp_limit'); } if ($action != "modify" && !$pwpost->isGM && $_G['postpertime'] && $timestamp>=$userlastptime && $timestamp-$userlastptime<=$_G['postpertime'] && !pwRights($pwpost->isBM,'postpers')) { Showmsg('post_limit'); }*/ list(,,$postq) = explode("\t", $db_qcheck); $_G['uploadtype'] && $db_uploadfiletype = $_G['uploadtype']; $db_uploadfiletype = !empty($db_uploadfiletype) ? (is_array($db_uploadfiletype) ? $db_uploadfiletype : unserialize($db_uploadfiletype)) : array(); empty($db_sellset['type']) && $db_sellset['type'] = array('money'); empty($db_enhideset['type']) && $db_enhideset['type'] = array('rvrc'); /* if (empty($_POST['step'])) { require_once(R_P.'require/credit.php'); $editor = getstatus($winddb['userstatus'],11) ? 'wysiwyg' : 'textmode'; !is_numeric($db_attachnum) && $db_attachnum = 1; $htmlsell = ($pwforum->foruminfo['allowsell'] && $_G['allowsell']) ? '' : 'disabled'; $htmlhide = ($pwforum->forumset['allowencode'] && $_G['allowencode']) ? '' : 'disabled'; $htmlpost = $htmlatt = ($pwforum->foruminfo['allowhide'] && $_G['allowhidden']) ? '' : 'disabled'; $ifanonymous= ($pwpost->isGM || $pwforum->forumset['anonymous'] && $_G['anonymous']) ? '' : 'disabled'; $groupid == 'guest' && $userrvrc = 0; $atc_title = $atc_content = $ifmailck = $selltype = $enhidetype = $alltype = ''; $uploadfiletype = $uploadfilesize = ' '; foreach ($db_uploadfiletype as $key => $value) { $uploadfiletype .= $key.' '; $uploadfilesize .= $key.':'.$value.'KB; '; } foreach ($credit->cType as $key => $value) { $alltype .= "".$value.""; } foreach ($db_sellset['type'] as $key => $value) { $selltype .= "".$credit->cType[$value].""; } if(is_array($db_enhideset['type'])){ foreach ($db_enhideset['type'] as $key => $value) { $enhidetype .= "".$credit->cType[$value].""; } } require_once(R_P.'require/showimg.php'); list($postFaceUrl) = showfacedesign($winddb['icon'],1,'s'); ** * 标题表情 * $icondb = array( '1'=>'1.gif', '2'=>'2.gif', '3'=>'3.gif', '4'=>'4.gif', '5'=>'5.gif', '6'=>'6.gif', '7'=>'7.gif', '8'=>'8.gif' ); if ($db_allowupload && $_G['allowupload']) { $mutiupload = $db->get_value("SELECT COUNT(*) AS sum FROM pw_attachs WHERE tid=0 AND pid='0' AND uid=" . pwEscape($winduid)); } } else { PostCheck(1, ($db_gdcheck & 4) && $winddb['postnum'] < $db_postgd, $winddb['postnum'] < $postq); !$windid && $windid = '游客'; ** if ($db_xforwardip && $_POST['_hexie'] != GetVerify($onlineip.$winddb['regdate'].$fid.$tid)) { Showmsg('undefined_action'); } ** } //默认动漫表情处理 if ($db_windmagic && ($action == 'new' || ($action == 'modify' && $pid == 'tpc'))) { $mDef = ''; @include_once(D_P."data/bbscache/myshow_default.php"); } if ($action == "new") { require_once(R_P.'require/postnew.php'); } elseif ($action == "reply" || $action == "quote") { require_once(R_P.'require/postreply.php'); } elseif ($action == "modify") { require_once(R_P.'require/postmodify.php'); } else { Showmsg('undefined_action'); } */ //postreply.php开始 !function_exists('readover') && exit('Forbidden'); /** * 版块权限判断 */ //if (!$pwpost->admincheck && !$pwforum->allowreply($pwpost->user, $pwpost->groupid)) { // Showmsg('reply_forum_right'); //} /** * 用户组权限判断 */ //if (!$pwforum->foruminfo['allowrp'] && !$pwpost->admincheck && $_G['allowrp'] == 0) { // Showmsg('reply_group_right'); //} if ($article == '0') { $pw_tmsgs = GetTtable($tid); $S_sql = ',m.uid,m.groupid,m.userstatus,tm.ifsign,tm.content'; $J_sql = "LEFT JOIN pw_members m ON m.uid=t.authorid LEFT JOIN $pw_tmsgs tm ON tm.tid=t.tid"; } else { $S_sql = $J_sql = ''; } $tpcarray = $db->get_one("SELECT t.tid,t.fid,t.locked,t.ifcheck,t.author,t.authorid,t.postdate,t.lastpost,t.ifmail,t.special,t.subject,t.type,t.ifshield,t.anonymous,t.ptable,t.replies,t.tpcstatus $S_sql FROM pw_threads t $J_sql WHERE t.tid=" . pwEscape($tid)); $pw_posts = GetPtable($tpcarray['ptable']); $tpcarray['openIndex'] = getstatus($tpcarray['tpcstatus'], 2); //$t_date = $tpcarray['postdate'];//主题发表时间 bbspostguide 中用到 if ($tpcarray['fid'] != $fid) { //Showmsg('illegal_tid'); exitmsg('illegal_tid'); } $replytitle = $tpcarray['subject']; /** * convert()需要$tpc_author变量 */ $tpc_author = $tpcarray['author']; //if ($pwforum->forumset['lock']&& !$pwpost->isGM && $timestamp - $tpcarray['postdate'] > $pwforum->forumset['lock'] * 86400 && !pwRights($pwpost->isBM,'replylock')) { // $forumset['lock'] = $pwforum->forumset['lock']; // Showmsg('forum_locked'); //} //if (!$pwpost->isGM && !$tpcarray['ifcheck'] && !pwRights($pwpost->isBM,'viewcheck')) { // Showmsg('reply_ifcheck'); //} //if (!$pwpost->isGM && $tpcarray['locked']%3<>0 && !pwRights($pwpost->isBM,'replylock')) { // Showmsg('reply_lockatc'); //} $special = 0; $icon = (int)$icon; require_once(R_P . 'lib/replypost.class.php'); $replypost = new replyPost($pwpost); $replypost->check(); /*if (empty($_POST['step'])) { ##主题分类 $db_forcetype = 0; require_once(R_P.'require/bbscode.php'); $hideemail = 'disabled'; if ($action == 'quote') { if ($article == '0') { $atcarray = $tpcarray; } else { !is_numeric($pid) && Showmsg('illegal_tid'); $atcarray = $db->get_one("SELECT p.author,p.authorid,p.subject,p.ifsign,p.postdate,p.content,p.ifshield,p.anonymous,m.uid,m.groupid,m.userstatus FROM $pw_posts p LEFT JOIN pw_members m ON m.uid=p.authorid WHERE p.pid=".pwEscape($pid)); } if ($atcarray['ifshield']) {//单帖屏蔽 $atcarray['content'] = shield($atcarray['ifshield']=='1' ? 'shield_article' : 'shield_del_article'); } elseif ($pwforum->forumBan($atcarray)) { $atcarray['content'] = shield('ban_article'); } $ifsign = $atcarray['ifsign']; $old_author = $atcarray['anonymous'] ? $db_anonymousname : $atcarray['author']; $replytitle = $atcarray['subject']; $wtof_oldfile = get_date($atcarray['postdate']); $old_content = $atcarray['content']; $old_content = preg_replace("/\[hide=(.+?)\](.+?)\[\/hide\]/is",getLangInfo('post','hide_post'),$old_content); $old_content = preg_replace("/\[post\](.+?)\[\/post\]/is",getLangInfo('post','post_post'),$old_content); $old_content = preg_replace("/\[sell=(.+?)\](.+?)\[\/sell\]/is",getLangInfo('post','sell_post'),$old_content); $old_content = preg_replace("/\[quote\](.*)\[\/quote\]/is","",$old_content); $bit_content = explode("\n",$old_content); if (count($bit_content) > 5) { $old_content = "$bit_content[0]\n$bit_content[1]\n$bit_content[2]\n$bit_content[3]\n$bit_content[4]\n......."; } if (strpos($old_content,$db_bbsurl) !== false) { $old_content = str_replace('p_w_picpath',$db_picpath,$old_content); $old_content = str_replace('p_w_upload',$db_attachname,$old_content); } $old_content = preg_replace("/\<(.+?)\>/is","",$old_content); $atc_content = "[quote]".($article==0 ? getLangInfo('post','info_post_1') : getLangInfo('post','info_post_2'))."\n{$old_content} [url={$db_bbsurl}/job.php?action=topost&tid=$tid&pid=$pid][img]{$imgpath}/back.gif[/img][/url]\n[/quote]\n"; } list($guidename, $forumtitle) = $pwforum->getTitle(); $guidename .= " » $tpcarray[subject]"; if (!$replytitle) { $atc_title = "Re:$tpcarray[subject]"; $forumtitle = "$atc_title|$forumtitle"; } else { $atc_title = "Re:$replytitle"; $forumtitle = "$atc_title|$tpcarray[subject]|$forumtitle"; } $atc_title = substrs(str_replace(' ',' ',$atc_title), $db_titlemax - 2); $db_metakeyword = str_replace(array('|',' - '),',',$forumtitle).'phpwind'; require_once(R_P.'require/header.php'); $msg_guide = $pwforum->headguide($guidename); $post_reply = ''; if ($db_showreplynum > 0) { $wordsfb = L::loadClass('FilterUtil'); $pwAnonyHide = $pwpost->isGM || pwRights($pwpost->isBM,'anonyhide'); $query = $db->query("SELECT p.author,p.authorid,p.subject,p.postdate,p.content,p.anonymous,p.ifconvert,p.ifwordsfb,p.ifshield,m.uid,m.groupid,m.userstatus FROM $pw_posts p LEFT JOIN pw_members m ON p.authorid=m.uid WHERE tid=".pwEscape($tid)."AND ifcheck='1' ORDER BY postdate DESC LIMIT 0,$db_showreplynum"); while ($rt = $db->fetch_array($query)) { $tpc_author = ($rt['anonymous'] && !$pwAnonyHide && $windid != $rt['author']) ? $db_anonymousname : $rt['author']; if ($rt['ifshield']) { $groupid != '3' && $rt['content'] = shield($rt['ifshield'] == '1' ? 'shield_article' : 'shield_del_article'); } elseif ($groupid != 3 && $db_shield && $pwforum->forumBan($rt)) { $rt['content'] = shield('ban_article'); } else { if (!$wordsfb->equal($rt['ifwordsfb'])) { $rt['content'] = $wordsfb->convert($rt['content']); } $rt['ifconvert'] == 2 && $rt['content'] = convert($rt['content'],$db_windpost); if (strpos($rt['content'],'[p:') !== false || strpos($rt['content'],'[s:') !== false) { $rt['content'] = showface($rt['content']); } } $post_reply .= "

$tpc_author:$rt[subject] $rt[content]

---

"; } } if ($winduid && $tpcarray['special'] == 5) { $debatestand = $db->get_value("SELECT standpoint FROM pw_debatedata WHERE pid='0' AND tid=".pwEscape($tid)."AND authorid=".pwEscape($winduid)); $debatestand = (int)$debatestand; ${'debate_'.$debatestand} = 'SELECTED'; } ** * 索引设计时为了减少空间,回复的主题可能为空,所以默认为回复主题! * require_once PrintEot('post');footer(); } elseif ($_POST['step'] == 2) { */ InitGP(array('atc_title','atc_content'), 'P', 0); InitGP(array('atc_anonymous','atc_hideatt','atc_enhidetype','atc_credittype','flashatt'), 'P'); InitGP(array('atc_iconid','atc_convert','atc_autourl','atc_usesign','atc_html','atc_hide','atc_requireenhide','atc_rvrc','atc_requiresell', 'atc_money'), 'P', 2); require_once(R_P . 'require/bbscode.php'); $replypost->setTpc($tpcarray); $postdata = new replyPostData($pwpost); $postdata->setTitle($atc_title); $postdata->setContent($atc_content); $postdata->setConvert($atc_convert, $atc_autourl); $postdata->setAnonymous($atc_anonymous); $postdata->setHideatt($atc_hideatt); $postdata->setIconid($atc_iconid); //$postdata->setIfsign($atc_usesign, $atc_html); $postdata->data['ifsign']=2; //允许HTML $postdata->setHide($atc_hide); $postdata->setEnhide($atc_requireenhide, $atc_rvrc, $atc_enhidetype); $postdata->setSell($atc_requiresell, $atc_money, $atc_credittype); //$replypost->checkdata(); $postdata->conentCheck(); require_once(R_P . 'lib/upload/attupload.class.php'); if (PwUpload::getUploadNum() || $flashatt) { $postdata->att = new AttUpload($winduid, $flashatt); $postdata->att->check(); $postdata->att->transfer(); PwUpload::upload($postdata->att); } $replypost->execute($postdata); $pid = $replypost->getNewId(); if ($winduid && $tpcarray['special'] == 5) { require_once(R_P . 'lib/special/post_5.class.php'); $postdebate = new postSpecial($pwpost); $postdebate->reply($tid, $pid); } exitmsg('[ok]pid='.$pid,1); //zzcity add //job sign /* $threads = L::loadClass('Threads'); $thread = $threads->getThreads($tid,!($page>1)); initJob($winduid,"doReply",array('tid'=>$tid,'user'=>$thread['author'])); if ($postdata->getIfcheck()) { if ($postdata->filter->filter_weight == 3) { $pinfo = 'enter_words'; $banword = implode(',',$postdata->filter->filter_word); } else { $pinfo = 'enter_thread'; } $j_p = "read.php?tid=$tid&page=e&#a"; refreshto($j_p,$pinfo); } else { if ($postdata->filter->filter_weight == 2) { $banword = implode(',',$postdata->filter->filter_word); $pinfo = 'post_word_check'; } elseif ($postdata->linkCheckStrategy) { $pinfo = 'post_link_check'; } else { $pinfo = 'post_check'; } refreshto("thread.php?fid=$fid",$pinfo); } *///} ?>