Beispiel #1
0
$board = $_GET["board"];
$brdarr = array();
$bid = bbs_getboard($board, $brdarr);
if ($bid == 0) {
    html_error_quit("错误的讨论区");
}
$board = $brdarr["NAME"];
$board_desc = $brdarr["DESC"];
$brd_encode = urlencode($board);
//$isnormalboard = bbs_normalboard($board);
$lookupuser = array();
$guestUID = bbs_getuser("guest", $lookupuser);
$isnormalboard = bbs_checkreadperm($guestUID, $bid);
//bbs_set_onboard($bid,1);
$usernum = $currentuser["index"];
if (!$isnormalboard && bbs_checkreadperm($usernum, $bid) == 0) {
    html_error_quit("错误的讨论区");
}
$haveprev = 0;
$num = bbs_get_threads_from_gid($bid, $gid, $start, $articles, $haveprev);
if ($num == 0) {
    html_error_quit("错误的参数");
}
$pagesize = 20;
$totalpage = ($num - 1) / $pagesize + 1;
$totalpage = intval($totalpage);
if ($pno < 1 || $pno > $totalpage) {
    $pno = 1;
}
$startnum = ($pno - 1) * $pagesize;
$endnum = $startnum + $pagesize;
Beispiel #2
0
<?php

include "funcs.php";
$bid = $_GET["bid"];
if (isset($_GET["page"])) {
    $page = $_GET["page"];
} else {
    $page = 0;
}
$bname = bbs_getbname($bid);
if ($bname == "") {
    ie("board not found.");
}
if (!bbs_checkreadperm($uid, $bid)) {
    ie("permission denied.");
}
bbs_checkorigin($bname);
$total = bbs_countarticles($bid, $dir_modes["ORIGIN"]);
$pagecount = ceil($total / PAGE_SIZE);
if ($page < 0) {
    $page = 0;
}
if ($page > $pagecount) {
    $page = $pagecount;
}
if ($page == 0) {
    $page = $pagecount;
}
$start = ($page - 1) * PAGE_SIZE + 1;
$count = PAGE_SIZE;
if ($page == $pagecount) {
Beispiel #3
0
    html_error_quit('错误的讨论区');
}
$brdarr = array();
$bid = bbs_getboard($board, $brdarr);
if (!$bid) {
    html_error_quit('错误的讨论区');
}
$board = $brdarr['NAME'];
$brd_encode = urlencode($board);
if (isset($_GET['id'])) {
    $id = intval($_GET['id']);
} else {
    html_error_quit('错误的文章ID');
}
if (!bbs_normalboard($board)) {
    if (bbs_checkreadperm($currentuser["index"], $bid) == 0) {
        html_error_quit("错误的讨论区");
    }
}
$ftype = $dir_modes["NORMAL"];
$articles = array();
$num = bbs_get_records_from_id($board, $id, $ftype, $articles);
if ($num == 0) {
    html_error_quit("错误的文章号,原文可能已经被删除");
}
$id = $articles[1]["ID"];
bbs_board_nav_header($brdarr, "文章推荐");
$confirmed = isset($_GET['do']) ? 1 : 0;
switch (bbs_docommend($board, $id, $confirmed)) {
    case 0:
        if ($confirmed) {
Beispiel #4
0
assert_login();
if (!isset($_GET["board"]) && !isset($_POST["board"])) {
    html_error_quit("错误的讨论区");
}
if (isset($_GET["board"])) {
    $board = $_GET["board"];
} else {
    $board = $_POST["board"];
}
$brdarr = array();
$brdnum = bbs_getboard($board, $brdarr);
if ($brdnum == 0) {
    html_error_quit("错误的讨论区");
}
$usernum = $currentuser["index"];
if (bbs_checkreadperm($usernum, $brdnum) == 0) {
    html_error_quit("错误的讨论区");
}
if (!isset($_GET["id"]) && !isset($_POST["id"])) {
    html_error_quit("错误的文章号");
}
if (isset($_GET["id"])) {
    $id = $_GET["id"];
} else {
    $id = $_POST["id"];
}
$articles = array();
$num = bbs_get_records_from_id($brdarr["NAME"], $id, $dir_modes["NORMAL"], $articles);
if ($num == 0) {
    html_error_quit("错误的文章号");
}
Beispiel #5
0
    case -9:
        html_error_quit('系统错误');
        break;
    default:
}
$path = $path_tmp;
$isBoard = false;
$up_cnt = bbs_ann_updirs($path, $board, $up_dirs);
$title = bbs_ann_get_title($path);
if ($board) {
    $brdarr = array();
    $bid = bbs_getboard($board, $brdarr);
    if ($bid) {
        $board = $brdarr['NAME'];
        $usernum = $currentuser['index'];
        if (bbs_checkreadperm($usernum, $bid) == 0) {
            html_error_quit('不存在该目录');
        }
        bbs_set_onboard($bid, 1);
        if (bbs_normalboard($board)) {
            $dotnames = BBS_HOME . '/' . $path . '/.Names';
            if (cache_header('public', filemtime($dotnames), 300)) {
                return;
            }
        }
        //bbs_board_header($brdarr,-1,0);
        bbs_ann_header($board);
        print "<h1 class=\"bt\">{$title}</h1>";
        $isBoard = true;
        ?>
<script>
Beispiel #6
0
function atomic_ann()
{
    global $currentuser;
    $file = false;
    $path = @trim($_GET['path']);
    if (isset($_GET['file'])) {
        $path = trim($_GET['file']);
        if ($path[0] == '/') {
            $path = "0Announce" . $path;
        } else {
            $path = "0Announce/" . $path;
        }
        $file = $path;
        $modfile = $file;
    } else {
        if ($path[0] == '/') {
            $path1 = "0Announce" . $path;
        } else {
            $path1 = "0Announce/" . $path;
        }
        $modfile = $path1 . "/.Names";
    }
    if (strstr($path, '.Names') || strstr($path, '..') || strstr($path, 'SYSHome')) {
        atomic_error('不存在该目录');
    }
    $boardName = '';
    $articles = array();
    $path_tmp = '';
    if ($file === false) {
        $ret = bbs_read_ann_dir($path, $boardName, $path_tmp, $articles);
        switch ($ret) {
            case -1:
                atomic_error('精华区目录不存在');
            case -2:
                atomic_error('无法加载目录文件');
            case -3:
                break;
            case -9:
                atomic_error('系统错误');
            default:
        }
        $path = $path_tmp;
    } else {
        if (bbs_ann_traverse_check($path, $currentuser["userid"]) < 0) {
            atomic_error("错误的目录");
        }
    }
    $parent = '';
    $up_dirs = array();
    $up_cnt = bbs_ann_updirs($path, $boardName, $up_dirs);
    $cacheit = true;
    if ($up_cnt >= 2) {
        $parent = $up_dirs[$up_cnt - 2];
    }
    if ($boardName) {
        $brdArr = array();
        $boardID = bbs_getboard($boardName, $brdArr);
        $boardArr = $brdArr;
        if ($boardID) {
            $boardName = $boardArr['NAME'];
            $usernum = $currentuser['index'];
            if (bbs_checkreadperm($usernum, $boardID) == 0) {
                foundErr('不存在该目录');
            }
            bbs_set_onboard($boardID, 1);
            if (!bbs_normalboard($boardName)) {
                $cacheit = false;
            }
        } else {
            $boardName = '';
        }
    } else {
        $boardID = 0;
    }
    if ($cacheit) {
        if (cache_header('public', @filemtime($modfile), 300)) {
            return;
        }
    }
    atomic_header();
    $html = "<p>";
    if ($boardID) {
        $html .= "<a href='?act=board&board=" . $boardName . "'>回 " . $boardName . " 版面</a> ";
    }
    if ($parent) {
        $html .= "<a href='?act=ann&path=" . $parent . "'>回上级目录</a> ";
    }
    $html .= "<a href='?'>回首页</a></p>";
    if ($file !== false) {
        echo $html;
        echo bbs2_readfile_text($file, MAXCHAR, 2);
    } else {
        $html .= "<pre> 编号 [类别] 标    题                               整  理       编辑日期\n";
        if (count($articles) >= 0) {
            $i = 1;
            foreach ($articles as $article) {
                switch ($article['FLAG']) {
                    case 0:
                        continue 2;
                    case 1:
                        $alt = '目录';
                        $url = '?act=ann&path=' . urlencode($article['PATH']);
                        break;
                    case 2:
                    case 3:
                    default:
                        $alt = '文件';
                        $url = '?act=ann&file=' . urlencode($article['PATH']);
                }
                $html .= sprintf("%5d ", $i) . "[" . $alt . "]";
                $html .= $article['FLAG'] == 3 ? "@" : " ";
                $title = sprintf("%-37.37s", trim($article['TITLE']));
                $html .= '<a href="' . $url . '">' . htmlspecialchars($title) . ' </a>';
                $bm = explode(' ', trim($article['BM']));
                $html .= sprintf(" %-12.12s ", $bm[0]);
                $html .= date('Y-m-d', $article['TIME']) . "\n";
                $i++;
            }
        }
        $html .= "</pre>";
        echo $html;
    }
    atomic_footer();
}
Beispiel #7
0
if ($userid == "" || bbs_getuser($userid, $uarr) == 0) {
    print "用户 {$userid} 不存在。";
    exit;
}
$uid = $uarr["index"];
// check board exists
$bname = $_POST["board"];
$barr = array();
$bid = bbs_getboard($bname, $barr);
if ($bid == 0) {
    print "版面 {$bname} 不存在。";
    exit;
}
$bname = $barr["NAME"];
// check if can post
if (bbs_checkreadperm($uid, $bid) == 0) {
    print "没有阅读权限。";
    exit;
}
if (bbs_is_readonly_board($barr)) {
    print "版面为只读状态。";
    exit;
}
if (bbs_checkpostperm($uid, $bid) == 0) {
    print "没有发表权限。";
    exit;
}
if (bbs_deny_me($userid, $bname)) {
    print "您被取消了发表权限。";
    exit;
}
Beispiel #8
0
 /**
  * function hasReadPerm whether board can read
  * it also check the current mode can be read
  *
  * @param User $user
  * @return boolean true|false
  * @access public
  */
 public function hasReadPerm($user)
 {
     if ($this->_mode === Board::$DELETED && !$user->isBM($this) && !$user->isAdmin()) {
         return false;
     }
     if ($this->_mode === Board::$JUNK && !$user->isAdmin()) {
         return false;
     }
     if (bbs_checkreadperm($user->uid, $this->BID) == 0) {
         return false;
     }
     return true;
 }
Beispiel #9
0
require "www2-funcs.php";
require "www2-board.php";
login_init();
assert_login();
if (!isset($_GET["board"])) {
    html_error_quit("未指定发文版面!");
}
$boardName = $_GET["board"];
$brdArr = array();
$boardID = bbs_getboard($boardName, $brdArr);
if ($boardID == 0) {
    html_error_quit("指定的版面不存在!");
}
$boardName = $brdArr["NAME"];
$usernum = $currentuser["index"];
if (bbs_checkreadperm($usernum, $boardID) == 0) {
    html_error_quit("您无权阅读该版!");
}
if (bbs_is_readonly_board($brdArr)) {
    html_error_quit("本版为只读讨论区!");
}
if (bbs_checkpostperm($usernum, $boardID) == 0) {
    html_error_quit("您无权在该版面发文!");
}
if ($currentuser['score_user'] < 2000) {
    $code = @$_POST['code'];
    if (!$code) {
        html_error_quit('请输入验证码');
    }
    if (!@$_SESSION['num_auth'] || strcasecmp($_SESSION['num_auth'], $code)) {
        html_error_quit('验证码错误,请重新输入');