<?php
include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/top.php";
$db = new DbMySqli();
$idx = $_POST['idx'];
$page = $_POST['page'];
$search = $_POST['search'];
$table = "tbl_session2";
$fields = "*";
$where_sql = " where idx = '{$idx}'";
$data = $db->get_record($table, $fields, $where_sql);
if ($data == "") {
alert_error("not_data");
}
$regdate = $data['regdate'];
$userip = $data['userip'];
$name = stripslashes($data['name']);
$state_positive_think1 = stripslashes($data['state_positive_think1']);
$state_positive_reaction1 = stripslashes($data['state_positive_reaction1']);
$state_negative_think1 = stripslashes($data['state_negative_think1']);
$state_negative_reaction1 = stripslashes($data['state_negative_reaction1']);
$state_positive_think2 = stripslashes($data['state_positive_think2']);
$state_positive_reaction2 = stripslashes($data['state_positive_reaction2']);
$state_negative_think2 = stripslashes($data['state_negative_think2']);
$state_negative_reaction2 = stripslashes($data['state_negative_reaction2']);
$positive_emotion = stripslashes($data['positive_emotion']);
$negative_emotion = stripslashes($data['negative_emotion']);
$positive_think = stripslashes($data['positive_think']);
$negative_think = stripslashes($data['negative_think']);
$positive_act = stripslashes($data['positive_act']);
function createShare($fid, $code, $token, $cookie, $return = false)
{
global $ua;
if (strlen($code) != 4) {
//我看你还抽不
$post = "fid_list=%5B{$fid}%5D&schannel=0&channel_list=%5B%5D";
} else {
$post = "fid_list=%5B{$fid}%5D&schannel=4&channel_list=%5B%5D&pwd={$code}";
}
$ret = request("http://pan.baidu.com/share/set?channel=chunlei&clienttype=0&web=1&bdstoken={$token}&channel=chunlei&clienttype=0&web=1&app_id=250528", $ua, $cookie, $post);
$ret = json_decode($ret['body']);
if ($return !== false) {
if ($ret->errno) {
alert_error('分享失败', $return);
die;
}
echo '<p>分享创建成功。<br />分享地址为:' . $ret->link . '<br />短地址为:' . $ret->shorturl . '<br />提取码为:' . $code . '</p>';
} elseif ($ret->errno || !isset($ret->shorturl) || !$ret->shorturl) {
wlog('分享失败:' . print_r($ret, true), 2);
return false;
}
return $ret->shorturl;
}
} catch (PDOException $e) {
print_header('出错了!');
echo '<h1>错误:无法连接数据库</h1>';
}
$mysql->query('set names utf8');
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: browse.php');
die;
}
print_header('添加文件');
if (!isset($_POST['fid']) || !isset($_POST['filename']) || !isset($_SESSION['filecheck'][$_POST['fid']])) {
alert_error('请勿直接访问本页。', 'browse.php');
}
if (!$_SESSION['filecheck'][$_POST['fid']]) {
alert_error('本文件无法添加至自动补档,可能fs_id不存在,或者存在路径问题,或者已经添加过了。', 'browse.php');
}
if (isset($_POST['submit']) && $_POST['submit'] == '提交') {
$test = $mysql->prepare('select * from watchlist where fid=? and name=? and user_id=?');
$test->execute(array($_POST['fid'], $_POST['filename'], $_SESSION['user_id']));
$test = $test->fetch();
$md5 = getFileMeta($_POST['filename'], $_SESSION['bds_token'], $_SESSION['cookie']);
if ($_POST['code'] == '') {
$_POST['code'] = '0';
}
if (!empty($test)) {
echo "<h1>上次提交已经成功,请勿重复提交。</h1>";
} elseif (strtolower($_POST['code']) !== 'md5' && $_POST['code'] !== '0' && strlen($_POST['code']) != 4) {
echo '<h1>错误:提取码位数不对。请输入4个半角字符,或者1个全角字符和1个半角字符的组合。</h1>';
} elseif (strtolower($_POST['code']) == 'md5') {
if ($md5 === false) {
}
}
}
switch ($action) {
case "step1":
function gm2autobr($string)
{
// transforms GM's |*| into b2's <br />\n
$string = str_replace("|*|", "<br />\n", $string);
return $string;
}
if (!chdir($archivespath)) {
alert_error("Wrong path, {$archivespath}\ndoesn't exist\non the server");
}
if (!chdir($gmpath)) {
alert_error("Wrong path, {$gmpath}\ndoesn't exist\non the server");
}
?>
<html>
<head>
<title>GM 2 b2 - converting...</title>
<link rel="stylesheet" href="wp-admin/b2.css" type="text/css">
<style type="text/css">
<!--
<?php
if (!preg_match("/Nav/", $HTTP_USER_AGENT)) {
?>
textarea,input,select {
background-color: #f0f0f0;
border-width: 1px;
border-color: #cccccc;
<?php
include_once '../common.php';
session_start();
print_header('下载文件');
if (!isset($_SERVER['QUERY_STRING']) || !isset($_SESSION['bds_token']) || !isset($_SESSION['cookie'])) {
alert_error('找不到文件', false);
}
$link = getDownloadLink(urldecode($_SERVER['QUERY_STRING']), $_SESSION['bds_token'], $_SESSION['cookie']);
if (!$link) {
alert_error('找不到文件', false);
}
echo '下载地址:';
foreach ($link as $v) {
echo '<br /><a target="_blank" rel="noreferrer" href="' . $v . '">' . $v . '</a><br />';
}
?>
</body>
</html>
<?php
ini_set('display_errors', 'Off');
require 'common.php';
try {
$mysql = new PDO("mysql:host={$host};dbname={$db}", $user, $pass);
} catch (PDOException $e) {
print_header('出错了!');
echo '<h1>错误:无法连接数据库</h1>';
}
$mysql->query('set names utf8');
session_start();
if (isset($_POST['cookie'])) {
if (!isset($_SESSION['user_id'])) {
alert_error('没选择用户', 'switch_user.php');
}
$mysql->prepare('update users set cookie=? where ID=?')->execute(array($_POST['cookie'], $_SESSION['user_id']));
$_SESSION['cookie'] = $_POST['cookie'];
header('Location: browse.php');
die;
} elseif (!isset($_SESSION['user_id'])) {
header('Location: switch_user.php');
die;
} elseif (isset($_GET['switch_dir'])) {
$_SESSION['folder'][] = urldecode($_GET['switch_dir']);
header('Location: browse.php');
die;
} elseif (isset($_GET['goup'])) {
array_pop($_SESSION['folder']);
header('Location: browse.php');
die;
print_header('添加用户');
if (isset($_POST['create_user'])) {
if (!isset($_POST['name']) || $_POST['name'] == '') {
echo '<h1>错误:请输入用户名</h1>';
} elseif (!isset($_POST['password']) || $_POST['password'] == '') {
echo '<h1>错误:请输入密码</h1>';
} else {
if (isset($_POST['code_string'])) {
$result = baidu_login($_POST['name'], $_POST['password'], $_POST['code_string'], $_POST['captcha']);
} else {
$result = baidu_login($_POST['name'], $_POST['password']);
}
if (!$result['errno']) {
$mysql->prepare('insert into users values (null,?,?,?,"") on duplicate key update cookie=?, bduss=?')->execute(array($_POST['name'], $result['cookie'], $result['bduss'], $result['cookie'], $result['bduss']));
wlog('添加用户:' . $_POST['name']);
alert_error('用户【' . $_POST['name'] . '】添加成功!', 'switch_user.php');
}
if ($result['errno'] == 2) {
echo '<h1>密码错误</h1>';
} elseif ($result['errno'] == 5) {
echo '<h1>请输入验证码</h1>';
} else {
echo '<h1>错误编号:' . $result['errno'] . '</h1>';
}
}
}
?>
<h1>添加用户</h1>
<h2>注意:您的密码将被明文传输到本服务器。然后再从本服务器明文传输到百度服务器(因为用了贴吧客户端API,服务器到百度也没有RSA加密)。<br />建议建立补档专用的百度ID而非使用常用ID,且不要使用常用密码</h2>
<form method="post" action="switch_user.php?add_user=1">
用户名:<input type="text" name="name" value="<?php
if ($_POST['type'] == 0) {
$result = share($_POST['fid'], $_POST['code'], true);
} elseif ($_POST['type'] == 1) {
$result = share($_POST['fid'], '无', true);
} elseif ($_POST['type'] == 2) {
alert_error('暂不支持此种分享的创建!', false);
}
if (!$result) {
alert_error('分享创建失败!', false);
}
die;
}
}
} else {
if (!isset($_SERVER['QUERY_STRING']) || !isset($_SESSION['file_can_add'][$_SERVER['QUERY_STRING']])) {
alert_error('请勿直接访问本页。', '../browse.php');
}
}
echo "<h2>创建分享</h2>";
?>
<form method="post" action="share.php">
<input type="hidden" name="fid" value="<?php
echo $_SERVER['QUERY_STRING'];
?>
" />
分享选项:<br />
<input type="radio" name="type" value="0" checked="checked" />私密分享(有提取码:<input type="text" name="code" />)<br />
<input type="radio" name="type" value="2" disabled="disabled" />私密分享(无提取码)(开发中!)<br />
<input type="radio" name="type" value="1" />公开分享<br />
<br />
<input type="submit" name="submit" value="创建" />
echo $v . '<br />';
}
echo '默认将使用第一个,将在文件被温馨提示时自动切换到下一个。</p>';
die;
}
} else {
if (!$md5['info'][0]['isdir'] && isset($_POST['no_share']) && $_POST['no_share'] > 0) {
if ($enable_direct_link && $_POST['no_share'] == '2') {
$_POST['link'] = '/s/notallow';
} else {
$_POST['link'] = '/s/fakelink';
}
} elseif ($_POST['link'] == '') {
$_POST['link'] = substr(share($_POST['fid'], $_POST['code'], true), 20);
if (!$_POST['link']) {
alert_error('分享创建失败!', 'browse.php');
}
} elseif (substr($_POST['link'], 0, 20) == 'http://pan.baidu.com') {
$_POST['link'] = substr($_POST['link'], 20);
} elseif (substr($_POST['link'], 0, 13) == 'pan.baidu.com') {
$_POST['link'] = substr($_POST['link'], 13);
} else {
$_POST['link'] = false;
echo '<h1>错误:地址输入有误。</h1>';
}
if ($_POST['link']) {
$mysql->prepare('insert into watchlist values(null,?,?,?,0,?,?,0)')->execute(array($_POST['fid'], $_POST['filename'], $_POST['link'], $_POST['code'], $uid));
$id = $mysql->lastInsertId();
wlog('在文件浏览页添加记录:用户名:' . $username . ',文件完整路径:' . $_POST['filename'] . ',文件fs_id:' . $_POST['fid'] . ',文件访问地址为:' . $jumper . $id);
echo '<h1>添加成功!文件访问地址为:<a href="' . $jumper . $id . '" target="_blank">' . $jumper . $id . '</a><br />';
echo '<a href="browse.php">返回</a></h1>';
function new_check_ext($ext)
{
global $prohibit_ext;
if (in_array($ext, $prohibit_ext)) {
alert_error("not_upload");
exit;
}
}
<?php
ini_set('display_errors', 'Off');
require 'includes/common.php';
session_start();
if (!isset($_SESSION['uid']) || !is_numeric($_SESSION['uid'])) {
header('Location: switch_user.php');
die;
}
if (!loginFromDatabase($_SESSION['uid'])) {
alert_error('cookie失效,或者百度封了IP!', 'switch_user.php');
}
if (isset($_GET['switch_dir'])) {
$_SESSION['folder'][] = urldecode($_GET['switch_dir']);
header('Location: browse.php');
die;
}
if (isset($_GET['goup'])) {
array_pop($_SESSION['folder']);
header('Location: browse.php');
die;
}
print_header('添加文件');
if (!isset($_SESSION['folder']) || empty($_SESSION['folder'])) {
$_SESSION['folder'] = ['/'];
}
?>
<h1>当前用户:<?php
echo $username;
?>
<a href="switch_user.php">切换</a></h1>