function getexif($img)
{
$imgtype = array("", "GIF", "JPG", "PNG", "SWF", "PSD", "BMP", "TIFF(intel byte order)", "TIFF(motorola byte order)", "JPC", "JP2", "JPX", "JB2", "SWC", "IFF", "WBMP", "XBM");
$Orientation = array("", "top left side", "top right side", "bottom right side", "bottom left side", "left side top", "right side top", "right side bottom", "left side bottom");
$ResolutionUnit = exif_lang('resolutionunit');
$YCbCrPositioning = array("", "the center of pixel array", "the datum point");
$ExposureProgram = exif_lang('exposureprogram');
$MeteringMode_arr = exif_lang('meteringmode');
$Lightsource_arr = exif_lang('lightsource');
$Flash_arr = array("0" => "flash did not fire", "1" => "flash fired", "5" => "flash fired but strobe return light not detected", "7" => "flash fired and strobe return light detected");
if (!function_exists('exif_read_data')) {
return exif_lang('img_info');
}
$exif = @exif_read_data($img, "IFD0");
if ($exif === false) {
$new_img_info = exif_lang('img_info');
} else {
@($exif = exif_read_data($img, 0, true));
foreach ($exif as $type => $typearr) {
foreach ($typearr as $key => $kval) {
if (is_array($kval)) {
foreach ($kval as $vkey => $value) {
$str = dhtmlspecialchars(preg_replace("/[^\\[A-Za-z0-9_\\.\\/:\\s-\\]]/", '', trim($value)));
$exif[$type][$key][$vkey] = $str;
}
} elseif (!in_array($key, array('ComponentsConfiguration', 'FileSource', 'SceneType'))) {
$str = dhtmlspecialchars(preg_replace("/[^\\[A-Za-z0-9_\\.\\/:\\s-\\]]/", '', trim($kval)));
$exif[$type][$key] = $str;
}
}
}
$new_img_info = array(exif_lang('FileName') => $exif[FILE][FileName], exif_lang('FileType') => $imgtype[$exif[FILE][FileType]], exif_lang('MimeType') => $exif[FILE][MimeType], exif_lang('FileSize') => $exif[FILE][FileSize], exif_lang('FileDateTime') => date("Y-m-d H:i:s", $exif[FILE][FileDateTime]), exif_lang('ImageDescription') => $exif[IFD0][ImageDescription], exif_lang('Make') => $exif[IFD0][Make], exif_lang('Model') => $exif[IFD0][Model], exif_lang('Orientation') => $Orientation[$exif[IFD0][Orientation]], exif_lang('XResolution') => $exif[IFD0][XResolution] . $ResolutionUnit[$exif[IFD0][ResolutionUnit]], exif_lang('YResolution') => $exif[IFD0][YResolution] . $ResolutionUnit[$exif[IFD0][ResolutionUnit]], exif_lang('Software') => $exif[IFD0][Software], exif_lang('DateTime') => $exif[IFD0][DateTime], exif_lang('Artist') => $exif[IFD0][Artist], exif_lang('YCbCrPositioning') => $YCbCrPositioning[$exif[IFD0][YCbCrPositioning]], exif_lang('Copyright') => $exif[IFD0][Copyright], exif_lang('Photographer') => $exif[COMPUTED][Copyright . Photographer], exif_lang('Editor') => $exif[COMPUTED][Copyright . Editor], exif_lang('ExifVersion') => $exif[EXIF][ExifVersion], exif_lang('FlashPixVersion') => "Ver. " . number_format($exif[EXIF][FlashPixVersion] / 100, 2), exif_lang('DateTimeOriginal') => $exif[EXIF][DateTimeOriginal], exif_lang('DateTimeDigitized') => $exif[EXIF][DateTimeDigitized], exif_lang('Height') => $exif[COMPUTED][Height], exif_lang('Width') => $exif[COMPUTED][Width], exif_lang('ApertureValue') => $exif[EXIF][ApertureValue], exif_lang('ShutterSpeedValue') => $exif[EXIF][ShutterSpeedValue], exif_lang('ApertureFNumber') => $exif[COMPUTED][ApertureFNumber], exif_lang('MaxApertureValue') => "F" . $exif[EXIF][MaxApertureValue], exif_lang('ExposureTime') => $exif[EXIF][ExposureTime], exif_lang('FNumber') => $exif[EXIF][FNumber], exif_lang('MeteringMode') => getimageinfoval($exif[EXIF][MeteringMode], $MeteringMode_arr), exif_lang('LightSource') => getimageinfoval($exif[EXIF][LightSource], $Lightsource_arr), exif_lang('Flash') => getimageinfoval($exif[EXIF][Flash], $Flash_arr), exif_lang('ExposureMode') => $exif[EXIF][ExposureMode] == 1 ? exif_lang('manual') : exif_lang('auto'), exif_lang('WhiteBalance') => $exif[EXIF][WhiteBalance] == 1 ? exif_lang('manual') : exif_lang('auto'), exif_lang('ExposureProgram') => $ExposureProgram[$exif[EXIF][ExposureProgram]], exif_lang('ExposureBiasValue') => $exif[EXIF][ExposureBiasValue] . "EV", exif_lang('ISOSpeedRatings') => $exif[EXIF][ISOSpeedRatings], exif_lang('ComponentsConfiguration') => bin2hex($exif[EXIF][ComponentsConfiguration]) == "01020300" ? "YCbCr" : "RGB", exif_lang('CompressedBitsPerPixel') => $exif[EXIF][CompressedBitsPerPixel] . "Bits/Pixel", exif_lang('FocusDistance') => $exif[COMPUTED][FocusDistance] . "m", exif_lang('FocalLength') => $exif[EXIF][FocalLength] . "mm", exif_lang('FocalLengthIn35mmFilm') => $exif[EXIF][FocalLengthIn35mmFilm] . "mm", exif_lang('UserCommentEncoding') => $exif[COMPUTED][UserCommentEncoding], exif_lang('UserComment') => $exif[COMPUTED][UserComment], exif_lang('ColorSpace') => $exif[EXIF][ColorSpace] == 1 ? "sRGB" : "Uncalibrated", exif_lang('ExifImageLength') => $exif[EXIF][ExifImageLength], exif_lang('ExifImageWidth') => $exif[EXIF][ExifImageWidth], exif_lang('FileSource') => bin2hex($exif[EXIF][FileSource]) == 0x3 ? "digital still camera" : "unknown", exif_lang('SceneType') => bin2hex($exif[EXIF][SceneType]) == 0x1 ? "A directly photographed image" : "unknown", exif_lang('ThumbFileType') => $exif[COMPUTED][Thumbnail . FileType], exif_lang('ThumbMimeType') => $exif[COMPUTED][Thumbnail . MimeType]);
}
return $new_img_info;
}
function getstr($string, $length, $in_slashes = 0, $out_slashes = 0, $bbcode = 0, $html = 0)
{
global $_G;
$string = trim($string);
$sppos = strpos($string, chr(0) . chr(0) . chr(0));
if ($sppos !== false) {
$string = substr($string, 0, $sppos);
}
if ($in_slashes) {
$string = dstripslashes($string);
}
$string = preg_replace("/\\[hide=?\\d*\\](.*?)\\[\\/hide\\]/is", '', $string);
if ($html < 0) {
$string = preg_replace("/(\\<[^\\<]*\\>|\r|\n|\\s|\\[.+?\\])/is", ' ', $string);
} elseif ($html == 0) {
$string = dhtmlspecialchars($string);
}
if ($length) {
$string = cutstr($string, $length);
}
if ($bbcode) {
require_once DISCUZ_ROOT . './source/class/class_bbcode.php';
$bb =& bbcode::instance();
$string = $bb->bbcode2html($string, $bbcode);
}
if ($out_slashes) {
$string = daddslashes($string);
}
return trim($string);
}
public function CreateHtml()
{
$HtmlValue = dhtmlspecialchars($this->Value);
$Html = '';
if ($this->IsCompatible()) {
$File = 'fckeditor.html';
$Link = "{$this->BasePath}/editor/{$File}?InstanceName={$this->InstanceName}";
if ($this->ToolbarSet != '') {
$Link .= "&Toolbar={$this->ToolbarSet}";
}
// Render the linked hidden field.
$Html .= "<input type=\"hidden\" id=\"{$this->InstanceName}\" name=\"{$this->InstanceName}\" value=\"{$HtmlValue}\" style=\"display:none\" />";
// Render the configurations hidden field.
$Html .= "<input type=\"hidden\" id=\"{$this->InstanceName}___Config\" value=\"" . $this->GetConfigFieldString() . "\" style=\"display:none\" />";
// Render the editor IFRAME.
$Html .= "<iframe id=\"{$this->InstanceName}___Frame\" src=\"{$Link}\" width=\"{$this->Width}\" height=\"{$this->Height}\" frameborder=\"0\" scrolling=\"no\"></iframe>";
} else {
if (strpos($this->Width, '%') === false) {
$WidthCSS = $this->Width . 'px';
} else {
$WidthCSS = $this->Width;
}
if (strpos($this->Height, '%') === false) {
$HeightCSS = $this->Height . 'px';
} else {
$HeightCSS = $this->Height;
}
$Html .= "<textarea name=\"{$this->InstanceName}\" rows=\"4\" cols=\"40\" style=\"width: {$WidthCSS}; height: {$HeightCSS}\">{$HtmlValue}</textarea>";
}
return $Html;
}
function poll_upload()
{
global $_G;
$this->uid = intval($_G['gp_uid']);
$swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $this->uid);
if (!$_FILES['Filedata']['error'] && $_G['gp_hash'] == $swfhash && $this->uid) {
$this->aid = 0;
$this->simple = 0;
$this->user = getuserbyuid($this->uid);
if (empty($this->user['adminid'])) {
$this->uploadmsg(9);
}
$_G['uid'] = $this->uid;
$this->pollid = !empty($_G['gp_pollid']) ? intval($_G['gp_pollid']) : 0;
if ($this->pollid <= 0 || !intval(DB::result_first("SELECT contenttype FROM " . DB::table('poll_item') . " WHERE itemid='{$this->pollid}'"))) {
$this->uploadmsg(9);
}
$attach = upload_images($_FILES['Filedata'], 'poll', 176, 176);
$caption = dhtmlspecialchars(trim($attach['name']));
$caption = substr($caption, 0, -(strlen(fileext($caption)) + 1));
$data = array('itemid' => $this->pollid, 'caption' => $caption, 'displayorder' => 0, 'imageurl' => $attach['attachment'], 'aid' => $attach['aid']);
DB::insert('poll_choice', $data);
$this->aid = $this->pollid;
$this->uploadmsg(0);
}
}
function doSave()
{
$uid = (int) $_POST['uid'];
$info = array();
if ($_POST['pwd'] || $_POST['pwd1'] || $_POST['pwd2']) {
$pwd = md5(trim($_POST['pwd']));
$pwd1 = md5(trim($_POST['pwd1']));
$pwd2 = md5(trim($_POST['pwd2']));
if (!$_POST['pwd'] || !$_POST['pwd1'] || !$_POST['pwd2']) {
javascript::alert("修改密码.原密码,新密码,确认密码不能为空");
}
$pwd != $user['password'] && javascript::alert("原密码错误!");
$pwd1 != $pwd2 && javascript::alert("新密码与确认密码不一致!");
iCMS_DB::query("UPDATE `#iCMS@__members` SET `password` = '{$pwd2}' WHERE `uid` ='{$uid}' LIMIT 1");
}
// $username=dhtmlspecialchars($_POST['name']);
$_POST['email'] && !eregi("^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$", $_POST['email']) && javascript::alert("E-mail格式错误!!");
$email = stripslashes($_POST['email']);
$gender = intval($_POST['gender']);
$info['nickname'] = dhtmlspecialchars(stripslashes($_POST['nickname']));
cstrlen($info['nickname']) > 12 && javascript::alert("昵称长度大于12");
$info['icq'] = intval($_POST['icq']);
$info['home'] = dhtmlspecialchars(stripslashes($_POST['home']));
$info['year'] = intval($_POST['year']);
$info['month'] = intval($_POST['month']);
$info['day'] = intval($_POST['day']);
$info['from'] = dhtmlspecialchars(stripslashes($_POST['from']));
$info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature']));
$user['info'] = $info;
iCMS_DB::query("UPDATE `#iCMS@__members` SET `info` = '" . addslashes(serialize($user['info'])) . "',`email`='{$email}',`gender`='{$gender}' WHERE `uid` ='{$uid}' LIMIT 1");
javascript::dialog('用户编辑完成!', 'url:' . __SELF__ . '?mo=user&do=manage');
}
function build_cache_diytemplatename()
{
$data = array();
$apps = array('portal', 'forum', 'group', 'home');
$nullname = lang('portalcp', 'diytemplate_name_null');
$scriptarr = $lostname = array();
foreach (C::t('common_diy_data')->range() as $datarow) {
$datarow['name'] = $datarow['name'] ? $datarow['name'] : lang('portalcp', $datarow['targettplname'], '', '');
if (empty($datarow['name'])) {
$lostname[$datarow['targettplname']] = $datarow['targettplname'];
$datarow['name'] = $nullname;
}
$data[$datarow['targettplname']] = dhtmlspecialchars($datarow['name']);
$curscript = substr($datarow['targettplname'], 0, strpos($datarow['targettplname'], '/'));
if (in_array($curscript, $apps)) {
$scriptarr[$curscript][$datarow['targettplname']] = true;
}
}
if ($lostname) {
require_once libfile('function/portalcp');
foreach (getdiytplnames($lostname) as $pre => $datas) {
foreach ($datas as $id => $name) {
$data[$pre . $id] = $name;
}
}
}
savecache('diytemplatename', $data);
foreach ($scriptarr as $curscript => $value) {
savecache('diytemplatename' . $curscript, $value);
}
}
function fields_update($post_fields, $table, $itemid, $keyname = 'itemid', $fd = array())
{
global $FD, $db;
if (!$table || !$itemid) {
return '';
}
if ($fd) {
$FD = $fd;
}
$sql = '';
foreach ($FD as $k => $v) {
if (isset($post_fields[$v['name']]) || $v['html'] == 'checkbox') {
$mk = $v['name'];
$mv = $post_fields[$v['name']];
if ($v['html'] == 'checkbox') {
$mv = implode(',', $post_fields[$v['name']]);
}
$mv = $v['html'] == 'editor' ? dsafe($mv) : dhtmlspecialchars(trim($mv));
$sql .= ",{$mk}='{$mv}'";
}
}
$sql = substr($sql, 1);
if ($sql) {
$db->query("UPDATE {$table} SET {$sql} WHERE `{$keyname}`={$itemid}");
}
}
function getdata($style, $parameter)
{
global $_G;
$parameter = $this->cookparameter($parameter);
loadcache('portalcategory');
$thecatid = !empty($parameter['thecatid']) ? explode(',', $parameter['thecatid']) : array();
if (!empty($parameter['catid'])) {
$catid = $parameter['catid'];
} else {
$catid = array_keys($_G['cache']['portalcategory']);
$catid[] = '0';
}
$orderby = $parameter['orderby'] == 'articles' ? ' ORDER BY articles DESC' : ' ORDER BY displayorder';
$wheres = array();
if ($thecatid) {
$wheres[] = "catid IN (" . dimplode($thecatid) . ")";
}
if ($catid) {
$wheres[] = "upid IN (" . dimplode($catid) . ")";
}
$wheresql = $wheres ? implode(' AND ', $wheres) : '1';
$list = array();
$query = DB::query('SELECT * FROM ' . DB::table('portal_category') . " WHERE {$wheresql} {$orderby}");
while ($data = DB::fetch($query)) {
$list[] = array('id' => $data['catid'], 'idtype' => 'catid', 'title' => dhtmlspecialchars($data['catname']), 'url' => $_G['cache']['portalcategory'][$data['catid']]['caturl'], 'pic' => '', 'picflag' => '0', 'summary' => '', 'fields' => array('dateline' => $data['dateline'], 'articles' => $data['articles']));
}
return array('html' => '', 'data' => $list);
}
function pdnovelcache($cachename, $identifier = "")
{
global $_G;
$cachearray = array("pdnovelcategory", "pdnovelcreditrule");
$cachename = in_array($cachename, $cachearray) ? $cachename : "";
if ($cachename == "pdnovelcategory") {
$data = array();
$query = DB::query("SELECT * FROM " . DB::table("pdnovel_category") . " ORDER BY displayorder,catid");
while ($value = DB::fetch($query)) {
$value['catname'] = dhtmlspecialchars($value['catname']);
$data[$value['catid']] = $value;
}
foreach ($data as $k => $v) {
if (!$v['catid']) {
continue;
} elseif ($v['upid'] > 0) {
$data[$k]['level'] = 1;
continue;
}
foreach ($data as $ks => $vs) {
if ($vs['upid'] == $v['catid']) {
$data[$k]['children'][] = $vs['catid'];
$data[$k]['level'] = 0;
}
}
}
save_syscache("pdnovelcategory", $data);
}
}
function getstr($string, $length, $in_slashes = 0, $out_slashes = 0, $censor = 0, $bbcode = 0, $html = 0)
{
global $_G;
$string = trim($string);
if ($in_slashes) {
$string = dstripslashes($string);
}
if ($html < 0) {
$string = preg_replace("/(\\<[^\\<]*\\>|\r|\n|\\s|\\[.+?\\])/is", ' ', $string);
} elseif ($html == 0) {
$string = dhtmlspecialchars($string);
}
if ($censor) {
if (!class_exists('discuz_censor')) {
include libfile('class/censor');
}
$censor = discuz_censor::instance();
$censor->check($string);
if ($censor->modbanned() || $censor->modmoderated()) {
showmessage('word_banned');
}
}
if ($length) {
$string = cutstr($string, $length);
}
if ($bbcode) {
require_once DISCUZ_ROOT . './source/class/class_bbcode.php';
$bb =& bbcode::instance();
$string = $bb->bbcode2html($string, $bbcode);
}
if ($out_slashes) {
$string = daddslashes($string);
}
return trim($string);
}
function doSave()
{
$id = (int) $_POST['id'];
$name = dhtmlspecialchars($_POST['name']);
$table = dhtmlspecialchars($_POST['table']);
$description = dhtmlspecialchars($_POST['desc']);
$position2 = $_POST['pos'];
$position = $_POST['position'];
$binding = isset($_POST['binding']) ? 1 : 0;
empty($name) && javascript::alert('模块名称不能为空!');
empty($table) && $binding && javascript::alert('模块名不能为空!');
if (!$binding && empty($id)) {
if (empty($table)) {
include iPATH . 'include/cn.class.php';
$table = CN::pinyin($name);
}
$table = $table . '_content';
}
if ($id) {
iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__model` where `table` = '{$table}' and `id`!='{$id}'") && javascript::alert('该模块已经存在!请检查是否重复');
iCMS_DB::query("UPDATE `#iCMS@__model` SET `name` = '{$name}', `table` = '{$table}', `binding` = '{$binding}', `description` = '{$description}', `position` = '{$position}', `position2` = '{$position2}' WHERE `id` = '{$id}';");
} else {
iCMS_DB::query("INSERT INTO `#iCMS@__model`(`name`, `table`, `binding`, `description`, `position`,`position2`, `addtime`)VALUES ('{$name}', '{$table}', '{$binding}', '{$description}', '{$position}','{$position2}', '" . time() . "');");
$id = iCMS_DB::$insert_id;
}
model::cache();
$moreaction = array(array("text" => "下一步添加字段", "url" => __SELF__ . "?mo=models&do=addfield&id=<?php echo {$id};?>"), array("text" => "返回模块列表", "url" => __SELF__ . "?mo=models&do=manage"));
javascript::dialog('模块添加完成!<br />10秒后返回模块列表', "url:" . __SELF__ . "?mo=models&do=manage", $moreaction, 10);
}
public function checkhtml($html)
{
preg_match_all("/\\<([^\\<]+)\\>/is", $html, $ms);
$searchs[] = '<';
$replaces[] = '<';
$searchs[] = '>';
$replaces[] = '>';
if ($ms[1]) {
$allowtags = 'img|a|font|div|table|tbody|caption|tr|td|th|br|p|b|strong|i|u|em|span|ol|ul|li|blockquote|pre';
$ms[1] = array_unique($ms[1]);
foreach ($ms[1] as $value) {
$searchs[] = "<" . $value . ">";
$value = str_replace('&', '_uch_tmp_str_', $value);
$value = dhtmlspecialchars($value);
$value = str_replace('_uch_tmp_str_', '&', $value);
$value = str_replace(array('\\', '/*'), array('.', '/.'), $value);
$skipkeys = array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload', 'javascript:;', 'javascript', 'script', 'eval', 'behaviour', 'expression');
$skipstr = implode('|', $skipkeys);
$value = preg_replace(array("/({$skipstr})/i"), '.', $value);
if (!preg_match("/^[\\/|\\s]?({$allowtags})(\\s+|\$)/is", $value)) {
$value = '';
}
$replaces[] = empty($value) ? '' : "<" . str_replace('"', '"', $value) . ">";
}
}
$html = str_replace($searchs, $replaces, $html);
return getstr($html, 0, 0, 0, 0, 1);
}
function complie($message)
{
$message = dhtmlspecialchars($message);
if (strpos($message, '[/code]') !== FALSE) {
$message = preg_replace_callback("/\\s*\\[code\\](.+?)\\[\\/code\\]\\s*/is", function ($match) {
return $this->codedisp($matches[1]);
}, $message);
}
if (strpos($message, '[/url]') !== FALSE) {
$message = preg_replace_callback("/\\[url(=((https?|ftp|gopher|news|telnet|rtsp|mms|callto|bctp|ed2k|thunder|synacast){1}:\\/\\/|www\\.)([^\\[\"']+?))?\\](.+?)\\[\\/url\\]/is", function ($match) {
return $this->parseurl($matches[1], $matches[5]);
}, $message);
}
if (strpos($message, '[/email]') !== FALSE) {
$message = preg_replace_callback("/\\[email(=([a-z0-9\\-_.+]+)@([a-z0-9\\-_]+[.][a-z0-9\\-_.]+))?\\](.+?)\\[\\/email\\]/is", function ($match) {
return $this->parseemail($matches[1], $matches[4]);
}, $message);
}
$message = str_replace(array('[/color]', '[/size]', '[/font]', '[/align]', '[b]', '[/b]', '[i]', '[/i]', '[u]', '[/u]', '[list]', '[list=1]', '[list=a]', '[list=A]', '[*]', '[/list]', '[indent]', '[/indent]', '[/float]'), array('</font>', '</font>', '</font>', '</p>', '<strong>', '</strong>', '<i>', '</i>', '<u>', '</u>', '<ul>', '<ul type="1">', '<ul type="a">', '<ul type="A">', '<li>', '</ul>', '<blockquote>', '</blockquote>', '</span>'), preg_replace(array("/\\[color=([#\\w]+?)\\]/i", "/\\[size=(\\d+?)\\]/i", "/\\[size=(\\d+(\\.\\d+)?(px|pt|in|cm|mm|pc|em|ex|%)+?)\\]/i", "/\\[font=([^\\[\\<]+?)\\]/i", "/\\[align=(left|center|right)\\]/i", "/\\[float=(left|right)\\]/i"), array("<font color=\"\\1\">", "<font size=\"\\1\">", "<font style=\"font-size: \\1\">", "<font face=\"\\1 \">", "<p align=\"\\1\">", "<span style=\"float: \\1;\">"), $message));
if (strpos($message, '[/quote]') !== FALSE) {
$message = preg_replace("/\\s*\\[quote\\][\n\r]*(.+?)[\n\r]*\\[\\/quote\\]\\s*/is", $this->tpl_quote(), $message);
}
if (strpos($message, '[/img]') !== FALSE) {
$message = preg_replace(array("/\\[img\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/ies", "/\\[img=(\\d{1,4})[x|\\,](\\d{1,4})\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/ies"), array("\$this->bbcodeurl('\\1', '<img src=\"%s\" border=\"0\" alt=\"\" />')", "\$this->bbcodeurl('\\3', '<img width=\"\\1\" height=\"\\2\" src=\"%s\" border=\"0\" alt=\"\" />')"), $message);
}
for ($i = 0; $i <= $this->uccode['pcodecount']; $i++) {
$message = str_replace("[\tUCENTER_CODE_{$i}\t]", $this->uccode['codehtml'][$i], $message);
}
return nl2br(str_replace(array("\t", ' ', ' '), array(' ', ' ', ' '), $message));
}
function set($post)
{
global $MOD, $DT_TIME, $_username, $_userid;
$post['edittime'] = $DT_TIME;
$post['title'] = trim($post['title']);
$post['listorder'] = intval($post['listorder']);
clear_upload($post['content']);
if ($this->itemid) {
$post['editor'] = $_username;
$new = $post['content'];
$r = $this->get_one();
$old = $r['content'];
delete_diff($new, $old);
} else {
$post['addtime'] = $DT_TIME;
}
$content = $post['content'];
unset($post['content']);
$post = dhtmlspecialchars($post);
$post['content'] = dsafe($content);
if ($MOD['page_clear'] || $MOD['page_save']) {
$post['content'] = stripslashes($post['content']);
$post['content'] = save_local($post['content']);
if ($MOD['page_clear']) {
$post['content'] = clear_link($post['content']);
}
if ($MOD['page_save']) {
$post['content'] = save_remote($post['content']);
}
$post['content'] = addslashes($post['content']);
}
return array_map("trim", $post);
}
function set($post)
{
global $MOD, $DT_TIME, $DT_IP, $_username, $_userid;
$post['addtime'] = isset($post['addtime']) && $post['addtime'] ? strtotime($post['addtime']) : $DT_TIME;
$post['edittime'] = $DT_TIME;
if ($this->itemid) {
$post['editor'] = $_username;
$new = '';
if ($post['thumb']) {
$new .= '<img src="' . $post['thumb'] . '"/>';
}
$r = $this->get_one();
$old = '';
if ($r['thumb']) {
$old .= '<img src="' . $r['thumb'] . '"/>';
}
delete_diff($new, $old);
} else {
$post['ip'] = $DT_IP;
}
$post['join_type'] = $post['join_type'] ? 1 : 0;
$post['list_type'] = $post['list_type'] ? 1 : 0;
$post['show_type'] = $post['show_type'] ? 1 : 0;
$post['post_type'] = $post['post_type'] ? 1 : 0;
$post['reply_type'] = $post['reply_type'] ? 1 : 0;
foreach (array('group_list', 'group_show', 'group_post', 'group_reply') as $v) {
$post[$v] = isset($post[$v]) ? implode(',', $post[$v]) : '';
}
$post = dhtmlspecialchars($post);
return array_map("trim", $post);
}
function init($attach, $type = 'temp', $extid = 0, $forcename = '')
{
if (!is_array($attach) || empty($attach) || !$this->is_upload_file($attach['tmp_name']) || trim($attach['name']) == '' || $attach['size'] == 0) {
$this->attach = array();
$this->errorcode = -1;
return false;
} else {
$this->type = $this->check_dir_type($type);
$this->extid = intval($extid);
$this->forcename = $forcename;
$attach['size'] = intval($attach['size']);
$attach['name'] = trim($attach['name']);
$attach['thumb'] = '';
$attach['ext'] = $this->fileext($attach['name']);
$attach['name'] = dhtmlspecialchars($attach['name'], ENT_QUOTES);
if (strlen($attach['name']) > 90) {
$attach['name'] = cutstr($attach['name'], 80, '') . '.' . $attach['ext'];
}
$attach['isimage'] = $this->is_image_ext($attach['ext']);
$attach['extension'] = $this->get_target_extension($attach['ext']);
$attach['attachdir'] = $this->get_target_dir($this->type, $extid);
$attach['attachment'] = $attach['attachdir'] . $this->get_target_filename($this->type, $this->extid, $this->forcename) . '.' . $attach['extension'];
$attach['target'] = getglobal('setting/attachdir') . './' . $this->type . '/' . $attach['attachment'];
$this->attach =& $attach;
$this->errorcode = 0;
return true;
}
}
function dhtmlspecialchars($string, $flags = null)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = dhtmlspecialchars($val, $flags);
}
} else {
if ($flags === null) {
$string = str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $string);
if (strpos($string, '&#') !== false) {
$string = preg_replace('/&((#(\\d{3,5}|x[a-fA-F0-9]{4}));)/', '&\\1', $string);
}
} else {
if (PHP_VERSION < '5.4.0') {
$string = htmlspecialchars($string, $flags);
} else {
if (strtolower(CHARSET) == 'utf-8') {
$charset = 'UTF-8';
} else {
$charset = 'ISO-8859-1';
}
$string = htmlspecialchars($string, $flags, $charset);
}
}
}
return $string;
}
function doUpdate()
{
foreach ($_POST as $key => $value) {
updateConfig(dhtmlspecialchars($value), $key);
}
CreateConfigFile();
javascript::dialog('配置已更新!');
}
function doEdit()
{
$defArray['source'] = explode("\r\n", dhtmlspecialchars($_POST['source']));
$defArray['author'] = explode("\r\n", dhtmlspecialchars($_POST['author']));
$defArray['editor'] = explode("\r\n", dhtmlspecialchars($_POST['editor']));
$this->iCMS->setCache('system/default', $defArray, 0);
javascript::dialog('编辑完成!<br />3秒后返回', 'url:' . __SELF__ . '?mo=defaults');
}
function build_cache_medals()
{
$data = array();
foreach (C::t('forum_medal')->fetch_all_data(1) as $medal) {
$data[$medal['medalid']] = array('name' => $medal['name'], 'image' => $medal['image'], 'description' => dhtmlspecialchars($medal['description']));
}
savecache('medals', $data);
}
function set($post)
{
global $MOD, $DT_TIME, $_username;
$post['edittime'] = $DT_TIME;
$post['editor'] = $_username;
$post = dhtmlspecialchars($post);
return array_map("trim", $post);
}
public function range($start = 0, $limit = 0)
{
$data = array();
$query = DB::query('SELECT * FROM ' . DB::table($this->_table) . ' ORDER BY displayorder,catid' . DB::limit($start, $limit));
while ($value = DB::fetch($query)) {
$value['catname'] = dhtmlspecialchars($value['catname']);
$data[$value['catid']] = $value;
}
return $data;
}
function getdata($style, $parameter)
{
$parameter = dhtmlspecialchars($this->cookparameter($parameter));
$return = '<img src="' . $parameter['pic'] . '"' . ($parameter['width'] ? ' width="' . $parameter['width'] . '"' : '') . ($parameter['height'] ? ' height="' . $parameter['height'] . '"' : '') . ($parameter['text'] ? ' alt="' . $parameter['text'] . '" title="' . $parameter['text'] . '"' : '') . ' />';
if ($parameter['url']) {
$target = $parameter['atarget'] ? " target=\"{$parameter['atarget']}\"" : '';
$return = "<a href=\"{$parameter['url']}\"{$target}>{$return}</a>";
}
return array('html' => $return, 'data' => null);
}
private function _userReportType($res, $rtype, $rid, $message)
{
global $_G;
if ($rtype == 'post') {
$tid = UserReport::getTidByPid($rid);
}
$fid = intval($_GET['fid']);
$uid = intval($_GET['uid']);
$message = WebUtils::t(rawurldecode($message));
$default_url = array('user' => 'home.php?mod=space&uid=', 'post' => 'forum.php?mod=redirect&goto=findpost&ptid=' . $tid . '&pid=', 'thread' => 'forum.php?mod=viewthread&tid=', 'group' => 'forum.php?mod=group&fid=', 'album' => 'home.php?mod=space&do=album&uid=' . $uid . '&id=', 'blog' => 'home.php?mod=space&do=blog&uid=' . $uid . '&id=', 'pic' => 'home.php?mod=space&do=album&uid=' . $uid . '&picid=');
$url = '';
if ($rid && !empty($default_url[$rtype])) {
$url = $default_url[$rtype] . intval($rid);
} else {
$url = addslashes(dhtmlspecialchars(base64_decode($_GET['url'])));
$url = preg_match("/^http[s]?:\\/\\/[^\\[\"']+\$/i", trim($url)) ? trim($url) : '';
}
if (empty($url)) {
$res = $this->makeErrorInfo($res, 'report_parameters_invalid');
} else {
$urlkey = md5($url);
$message = censor(cutstr(dhtmlspecialchars(trim($message)), 200, ''));
$message = $_G['username'] . ' : ' . rtrim($message, "\\");
if ($reportid = C::t('common_report')->fetch_by_urlkey($urlkey)) {
C::t('common_report')->update_num($reportid, $message);
} else {
$data = array('url' => $url, 'urlkey' => $urlkey, 'uid' => $_G['uid'], 'username' => $_G['username'], 'message' => $message, 'dateline' => TIMESTAMP);
if ($fid) {
$data['fid'] = $fid;
}
C::t('common_report')->insert($data);
$report_receive = unserialize($_G['setting']['report_receive']);
$moderators = array();
if ($report_receive['adminuser']) {
foreach ($report_receive['adminuser'] as $touid) {
notification_add($touid, 'report', 'new_report', array('from_id' => 1, 'from_idtype' => 'newreport'), 1);
}
}
if ($fid && $rtype == 'post') {
foreach (C::t('forum_moderator')->fetch_all_by_fid($fid, false) as $row) {
$moderators[] = $row['uid'];
}
if ($report_receive['supmoderator']) {
$moderators = array_unique(array_merge($moderators, $report_receive['supmoderator']));
}
foreach ($moderators as $touid) {
$touid != $_G['uid'] && !in_array($touid, $report_receive) && notification_add($touid, 'report', 'new_post_report', array('fid' => $fid, 'from_id' => 1, 'from_idtype' => 'newreport'), 1);
}
}
}
$params['noError'] = 1;
$res = $this->makeErrorInfo($res, 'report_succeed', $params);
}
return $res;
}
function spacecutstr($str, $length)
{
global $_DCACHE;
include_once DISCUZ_ROOT . './forumdata/cache/cache_post.php';
$bbcodes = 'b|i|u|color|size|font|align|list|indent|url|email|code|free|table|tr|td|img|swf|payto|float' . ($_DCACHE['bbcodes_display'] ? '|' . implode('|', array_keys($_DCACHE['bbcodes_display'])) : '');
$str = dhtmlspecialchars(cutstr(strip_tags(preg_replace(array("/\\[hide=?\\d*\\](.+?)\\[\\/hide\\]/is", "/\\[quote](.*)\\[\\/quote]/siU", "/\\[({$bbcodes})=?.*\\]/iU", "/\\[\\/({$bbcodes})\\]/i", "/\\[attach\\](\\d+)\\[\\/attach\\]/i", "/\\[media=(\\w{1,4}),(\\d{1,4}),(\\d{1,4}),(\\d)\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/media\\]/i"), array('', '', '', '', '', "\\5"), $str)), $length));
$find = array("/http:\\/\\/[a-z0-9\\/\\-_+=.~!%@?#%&;:\$\\()|]+?\\.(jpg|gif|png|bmp)/is", "/(\n|\r|\r\n){2,}/", "/\\s{2,}/");
$replace = array("<img onload=\"if(this.width>320) {this.resized=true;this.width=320;}\" src=\"\\0\">", "\r\n", '');
$str = preg_replace($find, $replace, $str);
return trim(nl2br($str));
}
function build_cache_diytemplatename()
{
$data = array();
$query = DB::query("SELECT * FROM " . DB::table('common_diy_data'));
while ($datarow = DB::fetch($query)) {
$langtplname = lang('portalcp', $datarow['targettplname'], '', lang('portalcp', 'diytemplate_name_null'));
$datarow['name'] = $datarow['name'] ? $datarow['name'] : $langtplname;
$data[$datarow['targettplname']] = dhtmlspecialchars($datarow['name']);
}
save_syscache('diytemplatename', $data);
}
function set($post)
{
global $MOD, $DT_TIME, $_username, $_userid;
if (!$this->itemid) {
$post['addtime'] = $DT_TIME;
}
$post['edittime'] = $DT_TIME;
$post['editor'] = $_username;
$post = dhtmlspecialchars($post);
return array_map("trim", $post);
}
function doEdit()
{
$disable = explode("\r\n", dhtmlspecialchars($_POST['disable']));
$filter = explode("\r\n", dhtmlspecialchars($_POST['filter']));
foreach ($filter as $k => $val) {
$filterArray[$k] = explode("=", $val);
}
$this->iCMS->setCache('system/word.filter', $filterArray, 0);
$this->iCMS->setCache('system/word.disable', $disable, 0);
javascript::dialog('更新完成!<br />3秒后返回', 'url:' . __SELF__ . '?mo=filter');
}
function dhtmlspecialchars($string)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = dhtmlspecialchars($val);
}
} else {
$string = preg_replace('/&((#(\\d{3,5}|x[a-fA-F0-9]{4})|[a-zA-Z][a-z0-9]{2,5});)/', '&\\1', str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $string));
}
return $string;
}
function build_cache_smilies()
{
$data = array();
$data = array('searcharray' => array(), 'replacearray' => array(), 'typearray' => array());
foreach (C::t('smiley')->fetch_all_cache() as $smiley) {
$data['searcharray'][$smiley['id']] = '/' . preg_quote(dhtmlspecialchars($smiley['code']), '/') . '/';
$data['replacearray'][$smiley['id']] = $smiley['url'];
$data['typearray'][$smiley['id']] = $smiley['typeid'];
}
savecache('smilies', $data);
}
