require "www2-board.php"; require "www2-bmp.php"; $sessionid = login_init(TRUE); bbs_session_modify_user_mode(BBS_MODE_EDIT); assert_login(); $brdnum = @$_GET["bid"]; settype($brdnum, "integer"); $brdarr = array(); $isnormalboard = bbs_safe_getboard($brdnum, "", $brdarr); if (is_null($isnormalboard)) { html_error_quit("错误的讨论区"); } $board = $brdarr["NAME"]; $usernum = $currentuser["index"]; $brd_encode = urlencode($board); if (bbs_checkpostperm($usernum, $brdnum) == 0) { html_error_quit("错误的讨论区或者您无权在此讨论区发表文章"); } if (bbs_is_readonly_board($brdarr)) { html_error_quit("不能在只读讨论区发表文章"); } $ftype = $dir_modes["NORMAL"]; bbs_board_nav_header($brdarr, "修改附件"); if (isset($_GET['id'])) { $id = intval($_GET['id']); } else { html_error_quit("错误的文编号"); } $articles = array(); $num = bbs_get_records_from_id($brdarr["NAME"], $id, $ftype, $articles); if ($num == 0) {
$userec = array(); bbs_getuser($request->userid, $userec); $uid = $userec["index"]; $bname = bbs_getbname($bid); if ($bname == "") { ie("board not found."); } if (!bbs_checkreadperm($uid, $bid)) { ie("permission denied."); } $barr = array(); bbs_getboard($bname, $barr); if (bbs_is_readonly_board($barr)) { ie("board is readonly."); } if (!bbs_checkpostperm($uid, $bid)) { ie("post is denied."); } $title = rtrim($request->title); if ($title == "") { ie("empty title."); } if ($request->content == "") { ie("empty content."); } $articles = array(); if ($request->reid > 0) { $ret = bbs_get_records_from_id($bname, $request->reid, $dir_modes["NORMAL"], $articles); if ($ret == 0) { ie("no such article."); }
function atomic_get_board($checkpost = false) { global $currentuser, $atomic_board, $atomic_brdarr, $atomic_brdnum, $atomic_ftype, $dir_modes; if (isset($_GET["board"])) { $atomic_board = $_GET["board"]; } else { atomic_error("错误的讨论区"); } $brdarr = array(); $atomic_brdnum = bbs_getboard($atomic_board, $brdarr); $atomic_brdarr = $brdarr; if ($atomic_brdnum == 0) { $boards = array(); if (bbs_searchboard($atomic_board, 0, $boards)) { if (sizeof($boards) == 1) { cache_header("nocache"); header("Location: atomic.php?act=board&board=" . urlencode($boards[0]['NAME'])); exit; } if (sizeof($boards) > 1) { atomic_header(); $html = "多个匹配的讨论区: "; foreach ($boards as $board) { if (!$board['NAME']) { continue; } $html .= '<a href="?act=board&board=' . $board['NAME'] . '">' . $board['NAME'] . '</a> '; } echo $html; atomic_footer(); exit; } } atomic_error("错误的讨论区"); } $atomic_board = $atomic_brdarr["NAME"]; $usernum = $currentuser["index"]; if (bbs_checkreadperm($usernum, $atomic_brdnum) == 0) { atomic_error("错误的讨论区"); } if ($atomic_brdarr["FLAG"] & BBS_BOARD_GROUP) { atomic_error("不支持版面组"); } bbs_set_onboard($atomic_brdnum, 1); if ($checkpost) { if (bbs_checkpostperm($usernum, $atomic_brdnum) == 0) { atomic_error("错误的讨论区或者您无权在此讨论区发表文章"); } if (bbs_is_readonly_board($atomic_brdarr)) { atomic_error("不能在只读讨论区发表文章"); } } if (isset($_GET["ftype"])) { $atomic_ftype = @intval($_GET["ftype"]); switch ($atomic_ftype) { case $dir_modes["DIGEST"]: case $dir_modes["MARK"]: case $dir_modes["NORMAL"]: break; default: atomic_error("错误的模式"); } } else { $atomic_ftype = $dir_modes["NORMAL"]; } }
$bid = bbs_getboard($bname, $barr); if ($bid == 0) { print "版面 {$bname} 不存在。"; exit; } $bname = $barr["NAME"]; // check if can post if (bbs_checkreadperm($uid, $bid) == 0) { print "没有阅读权限。"; exit; } if (bbs_is_readonly_board($barr)) { print "版面为只读状态。"; exit; } if (bbs_checkpostperm($uid, $bid) == 0) { print "没有发表权限。"; exit; } if (bbs_deny_me($userid, $bname)) { print "您被取消了发表权限。"; exit; } // check from $fromsite = $_POST["site"]; $fromboard = $_POST["fromboard"]; // check title and content $title = $_POST["title"]; if ($title == "") { print "没有文章标题。"; exit;
/** * function hasPostPerm whether board can post * * @param User $user * @return boolean true|false * @access public */ public function hasPostPerm($user) { if (bbs_checkpostperm($user->uid, $this->BID) == 0) { return false; } return true; }
} $boardName = $_GET["board"]; $brdArr = array(); $boardID = bbs_getboard($boardName, $brdArr); if ($boardID == 0) { html_error_quit("指定的版面不存在!"); } $boardName = $brdArr["NAME"]; $usernum = $currentuser["index"]; if (bbs_checkreadperm($usernum, $boardID) == 0) { html_error_quit("您无权阅读该版!"); } if (bbs_is_readonly_board($brdArr)) { html_error_quit("本版为只读讨论区!"); } if (bbs_checkpostperm($usernum, $boardID) == 0) { html_error_quit("您无权在该版面发文!"); } if ($currentuser['score_user'] < 2000) { $code = @$_POST['code']; if (!$code) { html_error_quit('请输入验证码'); } if (!@$_SESSION['num_auth'] || strcasecmp($_SESSION['num_auth'], $code)) { html_error_quit('验证码错误,请重新输入'); } } if (!isset($_POST["title"])) { html_error_quit("没有指定文章标题!"); } if (!isset($_POST["tmpl"])) {