Beispiel #1
0
<?php

include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/top.php";
$db = new DbMySqli();
$idx = $_POST['idx'];
$page = $_POST['page'];
$search = $_POST['search'];
$table = "tbl_session2";
$fields = "*";
$where_sql = " where idx = '{$idx}'";
$data = $db->get_record($table, $fields, $where_sql);
if ($data == "") {
    alert_error("not_data");
}
$regdate = $data['regdate'];
$userip = $data['userip'];
$name = stripslashes($data['name']);
$state_positive_think1 = stripslashes($data['state_positive_think1']);
$state_positive_reaction1 = stripslashes($data['state_positive_reaction1']);
$state_negative_think1 = stripslashes($data['state_negative_think1']);
$state_negative_reaction1 = stripslashes($data['state_negative_reaction1']);
$state_positive_think2 = stripslashes($data['state_positive_think2']);
$state_positive_reaction2 = stripslashes($data['state_positive_reaction2']);
$state_negative_think2 = stripslashes($data['state_negative_think2']);
$state_negative_reaction2 = stripslashes($data['state_negative_reaction2']);
$positive_emotion = stripslashes($data['positive_emotion']);
$negative_emotion = stripslashes($data['negative_emotion']);
$positive_think = stripslashes($data['positive_think']);
$negative_think = stripslashes($data['negative_think']);
$positive_act = stripslashes($data['positive_act']);
Beispiel #2
0
function createShare($fid, $code, $token, $cookie, $return = false)
{
    global $ua;
    if (strlen($code) != 4) {
        //我看你还抽不
        $post = "fid_list=%5B{$fid}%5D&schannel=0&channel_list=%5B%5D";
    } else {
        $post = "fid_list=%5B{$fid}%5D&schannel=4&channel_list=%5B%5D&pwd={$code}";
    }
    $ret = request("http://pan.baidu.com/share/set?channel=chunlei&clienttype=0&web=1&bdstoken={$token}&channel=chunlei&clienttype=0&web=1&app_id=250528", $ua, $cookie, $post);
    $ret = json_decode($ret['body']);
    if ($return !== false) {
        if ($ret->errno) {
            alert_error('分享失败', $return);
            die;
        }
        echo '<p>分享创建成功。<br />分享地址为:' . $ret->link . '<br />短地址为:' . $ret->shorturl . '<br />提取码为:' . $code . '</p>';
    } elseif ($ret->errno || !isset($ret->shorturl) || !$ret->shorturl) {
        wlog('分享失败:' . print_r($ret, true), 2);
        return false;
    }
    return $ret->shorturl;
}
Beispiel #3
0
} catch (PDOException $e) {
    print_header('出错了!');
    echo '<h1>错误:无法连接数据库</h1>';
}
$mysql->query('set names utf8');
session_start();
if (!isset($_SESSION['user_id'])) {
    header('Location: browse.php');
    die;
}
print_header('添加文件');
if (!isset($_POST['fid']) || !isset($_POST['filename']) || !isset($_SESSION['filecheck'][$_POST['fid']])) {
    alert_error('请勿直接访问本页。', 'browse.php');
}
if (!$_SESSION['filecheck'][$_POST['fid']]) {
    alert_error('本文件无法添加至自动补档,可能fs_id不存在,或者存在路径问题,或者已经添加过了。', 'browse.php');
}
if (isset($_POST['submit']) && $_POST['submit'] == '提交') {
    $test = $mysql->prepare('select * from watchlist where fid=? and name=? and user_id=?');
    $test->execute(array($_POST['fid'], $_POST['filename'], $_SESSION['user_id']));
    $test = $test->fetch();
    $md5 = getFileMeta($_POST['filename'], $_SESSION['bds_token'], $_SESSION['cookie']);
    if ($_POST['code'] == '') {
        $_POST['code'] = '0';
    }
    if (!empty($test)) {
        echo "<h1>上次提交已经成功,请勿重复提交。</h1>";
    } elseif (strtolower($_POST['code']) !== 'md5' && $_POST['code'] !== '0' && strlen($_POST['code']) != 4) {
        echo '<h1>错误:提取码位数不对。请输入4个半角字符,或者1个全角字符和1个半角字符的组合。</h1>';
    } elseif (strtolower($_POST['code']) == 'md5') {
        if ($md5 === false) {
        }
    }
}
switch ($action) {
    case "step1":
        function gm2autobr($string)
        {
            // transforms GM's |*| into b2's <br />\n
            $string = str_replace("|*|", "<br />\n", $string);
            return $string;
        }
        if (!chdir($archivespath)) {
            alert_error("Wrong path, {$archivespath}\ndoesn't exist\non the server");
        }
        if (!chdir($gmpath)) {
            alert_error("Wrong path, {$gmpath}\ndoesn't exist\non the server");
        }
        ?>
<html>
<head>
<title>GM 2 b2 - converting...</title>
<link rel="stylesheet" href="wp-admin/b2.css" type="text/css">
<style type="text/css">
<!--
<?php 
        if (!preg_match("/Nav/", $HTTP_USER_AGENT)) {
            ?>
textarea,input,select {
	background-color: #f0f0f0;
	border-width: 1px;
	border-color: #cccccc;
Beispiel #5
0
<?php

include_once '../common.php';
session_start();
print_header('下载文件');
if (!isset($_SERVER['QUERY_STRING']) || !isset($_SESSION['bds_token']) || !isset($_SESSION['cookie'])) {
    alert_error('找不到文件', false);
}
$link = getDownloadLink(urldecode($_SERVER['QUERY_STRING']), $_SESSION['bds_token'], $_SESSION['cookie']);
if (!$link) {
    alert_error('找不到文件', false);
}
echo '下载地址:';
foreach ($link as $v) {
    echo '<br /><a target="_blank" rel="noreferrer" href="' . $v . '">' . $v . '</a><br />';
}
?>
</body>
</html>
Beispiel #6
0
<?php

ini_set('display_errors', 'Off');
require 'common.php';
try {
    $mysql = new PDO("mysql:host={$host};dbname={$db}", $user, $pass);
} catch (PDOException $e) {
    print_header('出错了!');
    echo '<h1>错误:无法连接数据库</h1>';
}
$mysql->query('set names utf8');
session_start();
if (isset($_POST['cookie'])) {
    if (!isset($_SESSION['user_id'])) {
        alert_error('没选择用户', 'switch_user.php');
    }
    $mysql->prepare('update users set cookie=? where ID=?')->execute(array($_POST['cookie'], $_SESSION['user_id']));
    $_SESSION['cookie'] = $_POST['cookie'];
    header('Location: browse.php');
    die;
} elseif (!isset($_SESSION['user_id'])) {
    header('Location: switch_user.php');
    die;
} elseif (isset($_GET['switch_dir'])) {
    $_SESSION['folder'][] = urldecode($_GET['switch_dir']);
    header('Location: browse.php');
    die;
} elseif (isset($_GET['goup'])) {
    array_pop($_SESSION['folder']);
    header('Location: browse.php');
    die;
    print_header('添加用户');
    if (isset($_POST['create_user'])) {
        if (!isset($_POST['name']) || $_POST['name'] == '') {
            echo '<h1>错误:请输入用户名</h1>';
        } elseif (!isset($_POST['password']) || $_POST['password'] == '') {
            echo '<h1>错误:请输入密码</h1>';
        } else {
            if (isset($_POST['code_string'])) {
                $result = baidu_login($_POST['name'], $_POST['password'], $_POST['code_string'], $_POST['captcha']);
            } else {
                $result = baidu_login($_POST['name'], $_POST['password']);
            }
            if (!$result['errno']) {
                $mysql->prepare('insert into users values (null,?,?,?,"") on duplicate key update cookie=?, bduss=?')->execute(array($_POST['name'], $result['cookie'], $result['bduss'], $result['cookie'], $result['bduss']));
                wlog('添加用户:' . $_POST['name']);
                alert_error('用户【' . $_POST['name'] . '】添加成功!', 'switch_user.php');
            }
            if ($result['errno'] == 2) {
                echo '<h1>密码错误</h1>';
            } elseif ($result['errno'] == 5) {
                echo '<h1>请输入验证码</h1>';
            } else {
                echo '<h1>错误编号:' . $result['errno'] . '</h1>';
            }
        }
    }
    ?>
<h1>添加用户</h1>
<h2>注意:您的密码将被明文传输到本服务器。然后再从本服务器明文传输到百度服务器(因为用了贴吧客户端API,服务器到百度也没有RSA加密)。<br />建议建立补档专用的百度ID而非使用常用ID,且不要使用常用密码</h2>
<form method="post" action="switch_user.php?add_user=1">
用户名:<input type="text" name="name" value="<?php 
            if ($_POST['type'] == 0) {
                $result = share($_POST['fid'], $_POST['code'], true);
            } elseif ($_POST['type'] == 1) {
                $result = share($_POST['fid'], '无', true);
            } elseif ($_POST['type'] == 2) {
                alert_error('暂不支持此种分享的创建!', false);
            }
            if (!$result) {
                alert_error('分享创建失败!', false);
            }
            die;
        }
    }
} else {
    if (!isset($_SERVER['QUERY_STRING']) || !isset($_SESSION['file_can_add'][$_SERVER['QUERY_STRING']])) {
        alert_error('请勿直接访问本页。', '../browse.php');
    }
}
echo "<h2>创建分享</h2>";
?>
<form method="post" action="share.php">
<input type="hidden" name="fid" value="<?php 
echo $_SERVER['QUERY_STRING'];
?>
" />
分享选项:<br />
<input type="radio" name="type" value="0" checked="checked" />私密分享(有提取码:<input type="text" name="code" />)<br />
<input type="radio" name="type" value="2" disabled="disabled" />私密分享(无提取码)(开发中!)<br />
<input type="radio" name="type" value="1" />公开分享<br />
<br />
<input type="submit" name="submit" value="创建" />
             echo $v . '<br />';
         }
         echo '默认将使用第一个,将在文件被温馨提示时自动切换到下一个。</p>';
         die;
     }
 } else {
     if (!$md5['info'][0]['isdir'] && isset($_POST['no_share']) && $_POST['no_share'] > 0) {
         if ($enable_direct_link && $_POST['no_share'] == '2') {
             $_POST['link'] = '/s/notallow';
         } else {
             $_POST['link'] = '/s/fakelink';
         }
     } elseif ($_POST['link'] == '') {
         $_POST['link'] = substr(share($_POST['fid'], $_POST['code'], true), 20);
         if (!$_POST['link']) {
             alert_error('分享创建失败!', 'browse.php');
         }
     } elseif (substr($_POST['link'], 0, 20) == 'http://pan.baidu.com') {
         $_POST['link'] = substr($_POST['link'], 20);
     } elseif (substr($_POST['link'], 0, 13) == 'pan.baidu.com') {
         $_POST['link'] = substr($_POST['link'], 13);
     } else {
         $_POST['link'] = false;
         echo '<h1>错误:地址输入有误。</h1>';
     }
     if ($_POST['link']) {
         $mysql->prepare('insert into watchlist values(null,?,?,?,0,?,?,0)')->execute(array($_POST['fid'], $_POST['filename'], $_POST['link'], $_POST['code'], $uid));
         $id = $mysql->lastInsertId();
         wlog('在文件浏览页添加记录:用户名:' . $username . ',文件完整路径:' . $_POST['filename'] . ',文件fs_id:' . $_POST['fid'] . ',文件访问地址为:' . $jumper . $id);
         echo '<h1>添加成功!文件访问地址为:<a href="' . $jumper . $id . '" target="_blank">' . $jumper . $id . '</a><br />';
         echo '<a href="browse.php">返回</a></h1>';
Beispiel #10
0
function new_check_ext($ext)
{
    global $prohibit_ext;
    if (in_array($ext, $prohibit_ext)) {
        alert_error("not_upload");
        exit;
    }
}
<?php

ini_set('display_errors', 'Off');
require 'includes/common.php';
session_start();
if (!isset($_SESSION['uid']) || !is_numeric($_SESSION['uid'])) {
    header('Location: switch_user.php');
    die;
}
if (!loginFromDatabase($_SESSION['uid'])) {
    alert_error('cookie失效,或者百度封了IP!', 'switch_user.php');
}
if (isset($_GET['switch_dir'])) {
    $_SESSION['folder'][] = urldecode($_GET['switch_dir']);
    header('Location: browse.php');
    die;
}
if (isset($_GET['goup'])) {
    array_pop($_SESSION['folder']);
    header('Location: browse.php');
    die;
}
print_header('添加文件');
if (!isset($_SESSION['folder']) || empty($_SESSION['folder'])) {
    $_SESSION['folder'] = ['/'];
}
?>
<h1>当前用户:<?php 
echo $username;
?>
 <a href="switch_user.php">切换</a></h1>