function usrdel() { $PIO = PMCLibrary::getPIOInstance(); $FileIO = PMCLibrary::getFileIOInstance(); $PMS = PMCLibrary::getPMSInstance(); // $pwd: 使用者輸入值, $pwdc: Cookie記錄密碼 $pwd = isset($_POST['pwd']) ? $_POST['pwd'] : ''; $pwdc = isset($_COOKIE['pwdc']) ? $_COOKIE['pwdc'] : ''; $onlyimgdel = isset($_POST['onlyimgdel']) ? $_POST['onlyimgdel'] : ''; $delno = array(); reset($_POST); while ($item = each($_POST)) { if ($item[1] !== 'delete') { continue; } if (!is_numeric($item[0])) { continue; } array_push($delno, intval($item[0])); } $haveperm = passwordVerify($pwd) || adminAuthenticate('check'); $PMS->useModuleMethods('Authenticate', array($pwd, 'userdel', &$haveperm)); if ($haveperm && isset($_POST['func'])) { // 前端管理功能 $message = ''; $PMS->useModuleMethods('AdminFunction', array('run', &$delno, $_POST['func'], &$message)); // "AdminFunction" Hook Point if ($_POST['func'] != 'delete') { if (isset($_SERVER['HTTP_REFERER'])) { header('HTTP/1.1 302 Moved Temporarily'); header('Location: ' . $_SERVER['HTTP_REFERER']); } exit; // 僅執行AdminFunction,終止刪除動作 } } if ($pwd == '' && $pwdc != '') { $pwd = $pwdc; } $pwd_md5 = substr(md5($pwd), 2, 8); $host = gethostbyaddr(getREMOTE_ADDR()); $search_flag = $delflag = false; if (!count($delno)) { error(_T('del_notchecked')); } $delposts = array(); // 真正符合刪除條件文章 $posts = $PIO->fetchPosts($delno); foreach ($posts as $post) { if ($pwd_md5 == $post['pwd'] || $host == $post['host'] || $haveperm) { $search_flag = true; // 有搜尋到 array_push($delposts, intval($post['no'])); } } if ($search_flag) { if (!$onlyimgdel) { $PMS->useModuleMethods('PostOnDeletion', array($delposts, 'frontend')); } // "PostOnDeletion" Hook Point $files = $onlyimgdel ? $PIO->removeAttachments($delposts) : $PIO->removePosts($delposts); $FileIO->updateStorageSize(-$FileIO->deleteImage($files)); // 更新容量快取 deleteCache($delposts); $PIO->dbCommit(); } else { error(_T('del_wrongpwornotfound')); } if (isset($_POST['func']) && $_POST['func'] == 'delete') { // 前端管理刪除文章返回管理頁面 if (isset($_SERVER['HTTP_REFERER'])) { header('HTTP/1.1 302 Moved Temporarily'); header('Location: ' . $_SERVER['HTTP_REFERER']); } exit; } }
function ModulePage() { global $PIO, $FileIO, $PMS, $language, $BAD_STRING, $BAD_FILEMD5, $BAD_IPADDR, $LIMIT_SENSOR; if (!isset($_GET['no'])) { die('[Error] not enough parameter.'); } if (!isset($_POST['mode'])) { // 顯示表單 if (!$this->shown_in_page && !adminAuthenticate('check')) { die('[Error] Access Denied.'); } $post = $PIO->fetchPosts($_GET['no']); if (!count($post)) { die('[Error] Post does not exist.'); } extract($post[0]); $PMS->loadModules('mod_bbcode'); //嘗試載入mod_bbcode if ($bbcode = $PMS->getModuleInstance('mod_bbcode')) { $bbcode->_html2bb($com); } $name = preg_replace('|<span.*?>(.*?)</span>|', '\\1', $name); $dat = ''; head($dat); $PMS->hookModuleMethod('PostInfo', array($this, '_EditPostInfo')); form($dat, $resto, false, $this->mypage . '&no=' . $_GET['no'], $name, $email, $sub, str_replace('<br />', "\n", $com), substr(str_replace(',', ',', $category), 1, -1), 'edit'); foot($dat); echo $dat; } else { // 儲存 if ($_SERVER['REQUEST_METHOD'] != 'POST') { error(_T('regist_notpost')); } // 非正規POST方式 $post = $PIO->fetchPosts($_GET['no']); $newValues = array(); if (!count($post)) { die('[Error] Post does not exist.'); } $name = isset($_POST[FT_NAME]) ? $_POST[FT_NAME] : ''; $email = isset($_POST[FT_EMAIL]) ? $_POST[FT_EMAIL] : ''; $sub = isset($_POST[FT_SUBJECT]) ? $_POST[FT_SUBJECT] : ''; $com = isset($_POST[FT_COMMENT]) ? $_POST[FT_COMMENT] : ''; $pwd = isset($_POST['pwd']) ? $_POST['pwd'] : ''; $category = isset($_POST['category']) ? $_POST['category'] : ''; $resto = isset($_POST['resto']) ? $_POST['resto'] : 0; $upfile = ''; $upfile_path = ''; $upfile_name = false; $upfile_status = 4; $pwdc = isset($_COOKIE['pwdc']) ? $_COOKIE['pwdc'] : ''; if ($resto && !$PIO->isThread($resto)) { die('[Error] Thread was deleted.'); } $is_admin = $haveperm = $pwd == ADMIN_PASS || adminAuthenticate('check'); $PMS->useModuleMethods('Authenticate', array($pwd, 'useredit', &$haveperm)); if ($pwd == '' && $pwdc != '') { $pwd = $pwdc; } $pwd_md5 = substr(md5($pwd), 2, 8); $host = gethostbyaddr(getREMOTE_ADDR()); if (!($pwd_md5 == $post[0]['pwd'] || $host == $post[0]['host'] || $haveperm)) { die('[Error] Access denied.'); } // 欄位陷阱 $FTname = isset($_POST['name']) ? $_POST['name'] : ''; $FTemail = isset($_POST['email']) ? $_POST['email'] : ''; $FTsub = isset($_POST['sub']) ? $_POST['sub'] : ''; $FTcom = isset($_POST['com']) ? $_POST['com'] : ''; $FTreply = isset($_POST['reply']) ? $_POST['reply'] : ''; if ($FTname != 'spammer' || $FTemail != '*****@*****.**' || $FTsub != 'DO NOT FIX THIS' || $FTcom != 'EID OG SMAPS' || $FTreply != '') { error(_T('regist_nospam')); } // 封鎖:IP/Hostname/DNSBL 檢查機能 $ip = getREMOTE_ADDR(); $host = gethostbyaddr($ip); $baninfo = ''; if (BanIPHostDNSBLCheck($ip, $host, $baninfo)) { error(_T('regist_ipfiltered', $baninfo)); } // 封鎖:限制出現之文字 foreach ($BAD_STRING as $value) { if (strpos($com, $value) !== false || strpos($sub, $value) !== false || strpos($name, $value) !== false || strpos($email, $value) !== false) { error(_T('regist_wordfiltered')); } } $PMS->useModuleMethods('RegistBegin', array(&$name, &$email, &$sub, &$com, array('file' => &$upfile, 'path' => &$upfile_path, 'name' => &$upfile_name, 'status' => &$upfile_status), array('ip' => $ip, 'host' => $host))); // "RegistBegin" Hook Point // 檢查是否輸入櫻花日文假名 $chkanti = array($name, $email, $sub, $com); foreach ($chkanti as $anti) { if (anti_sakura($anti)) { error(_T('regist_sakuradetected')); } } // 檢查表單欄位內容並修整 if (strlen($name) > 100) { error(_T('regist_nametoolong')); } if (strlen($email) > 100) { error(_T('regist_emailtoolong')); } if (strlen($sub) > 100) { error(_T('regist_topictoolong')); } if (strlen($resto) > 10) { error(_T('regist_longthreadnum')); } $email = CleanStr($email); $email = str_replace("\r\n", '', $email); $sub = CleanStr($sub); $sub = str_replace("\r\n", '', $sub); $resto = CleanStr($resto); $resto = str_replace("\r\n", '', $resto); // 名稱修整 $name = CleanStr($name); $name = str_replace(_T('trip_pre'), _T('trip_pre_fake'), $name); // 防止トリップ偽造 $name = str_replace(CAP_SUFFIX, _T('cap_char_fake'), $name); // 防止管理員キャップ偽造 $name = str_replace("\r\n", '', $name); $nameOri = $name; // 名稱 if (preg_match('/(.*?)[##](.*)/u', $name, $regs)) { // トリップ(Trip)機能 $name = $nameOri = $regs[1]; $cap = strtr($regs[2], array('&' => '&')); $salt = preg_replace('/[^\\.-z]/', '.', substr($cap . 'H.', 1, 2)); $salt = strtr($salt, ':;<=>?@[\\]^_`', 'ABCDEFGabcdef'); $name = $name . _T('trip_pre') . substr(crypt($cap, $salt), -10); } if (CAP_ENABLE && preg_match('/(.*?)[##](.*)/', $email, $aregs)) { // 管理員キャップ(Cap)機能 $acap_name = $nameOri; $acap_pwd = strtr($aregs[2], array('&' => '&')); if ($acap_name == CAP_NAME && $acap_pwd == CAP_PASS) { $name = '<span class="admin_cap">' . $name . CAP_SUFFIX . '</span>'; $is_admin = true; $email = $aregs[1]; // 去除 #xx 密碼 } } if (!$is_admin) { // 非管理員 $name = str_replace(_T('admin'), '"' . _T('admin') . '"', $name); $name = str_replace(_T('deletor'), '"' . _T('deletor') . '"', $name); } $name = str_replace('&◆', '&◆', $name); // 避免 &#xxxx; 後面被視為 Trip 留下 & 造成解析錯誤 // 內文修整 if (strlen($com) > COMM_MAX && !$is_admin) { error(_T('regist_commenttoolong')); } $com = CleanStr($com, $is_admin); // 引入$is_admin參數是因為當管理員キャップ啟動時,允許管理員依config設定是否使用HTML $com = str_replace("\r\n", "\n", $com); $com = str_replace("\r", "\n", $com); $com = ereg_replace("\n(( | )*\n){3,}", "\n", $com); if (!BR_CHECK || substr_count($com, "\n") < BR_CHECK) { $com = nl2br($com); } // 換行字元用<br />代替 $com = str_replace("\n", '', $com); // 若還有\n換行字元則取消換行 if ($category && USE_CATEGORY) { // 修整標籤樣式 $category = explode(',', $category); // 把標籤拆成陣列 $category = ',' . implode(',', array_map('trim', $category)) . ','; // 去空白再合併為單一字串 (左右含,便可以直接以,XX,形式搜尋) } else { $category = ''; } $age = false; $dest = ''; $W = $post[0]['tw']; $H = $post[0]['th']; $imgW = $post[0]['imgw']; $imgH = $post[0]['imgh']; $status = $post[0]['status']; $PMS->useModuleMethods('RegistBeforeCommit', array(&$name, &$email, &$sub, &$com, &$category, &$age, $dest, $resto, array($W, $H, $imgW, $imgH), &$status)); // "RegistBeforeCommit" Hook Point if ($name != $post[0]['name'] && $_POST[FT_NAME]) { $newValues['name'] = $name; } if ($email != $post[0]['email'] && $_POST[FT_EMAIL]) { $newValues['email'] = $email; } if ($sub != $post[0]['sub'] && $_POST[FT_SUBJECT]) { $newValues['sub'] = $sub; } if ($com != $post[0]['com'] && $_POST[FT_COMMENT]) { $newValues['com'] = $com; } if ($category != $post[0]['category'] && $_POST['category']) { $newValues['category'] = $category; } $PIO->updatePost($_GET['no'], $newValues); $PIO->dbCommit(); $parentNo = $post[0]['resto'] ? $post[0]['resto'] : $post[0]['no']; $threads = array_flip($PIO->fetchThreadList()); $threadPage = floor($threads[$parentNo] / PAGE_DEF); if (STATIC_HTML_UNTIL == -1 || $threadPage <= STATIC_HTML_UNTIL) { updatelog(0, $threadPage, true); } // 僅更新討論串出現那頁 deleteCache(array($parentNo)); // 刪除討論串舊快取 header('HTTP/1.1 302 Moved Temporarily'); header('Location: ' . fullURL() . PHP_SELF2 . '?' . time()); } }
function ModulePage() { global $PIO, $PTE, $language; $sqlerr = ''; $nodb = false; if (!file_exists($this->rankDB)) { $nodb = true; } $this->conn = sqlite_popen($this->rankDB, 0666, $sqlerr); if ($nodb) { $str = "CREATE TABLE [eggpoll_votes] (\r\n[no] INTEGER PRIMARY KEY NOT NULL,\r\n[up] INTEGER DEFAULT '0' NOT NULL,\r\n[down] INTEGER DEFAULT '0' NOT NULL\r\n);\r\nCREATE TABLE [eggpoll_detail] (\r\n[no] INTEGER NOT NULL,\r\n[option] INTEGER DEFAULT '0' NOT NULL,\r\n[ip] TEXT NOT NULL,\r\n[date] TEXT NOT NULL\r\n);\r\nCREATE INDEX eggpoll_detail_index_ip_date ON eggpoll_detail(ip,date);"; sqlite_exec($this->conn, $str, $sqlerr); if ($sqlerr) { echo $sqlerr; } } if (isset($_GET['get'])) { $this->_getPollValues($_GET['get']); } else { if (isset($_GET['no']) && isset($_GET['rank'])) { $ip = getREMOTE_ADDR(); $tim = time() + TIME_ZONE * 60 * 60; $datestr = gmdate('Ymd', $tim); $deldate = gmdate('Ymd', strtotime('-' . $this->daysThreshold . ' days', $tim)); $no = intval($_GET['no']); $rank = intval($_GET['rank']); // 查IP $baninfo = ''; $host = gethostbyaddr($ip); if (BanIPHostDNSBLCheck($ip, $host, $baninfo)) { die(_T('regist_ipfiltered', $baninfo)); } $post = $PIO->fetchPosts($no); if (!count($post)) { die('[Error] Post does not exist.'); } // 被評之文章不存在 // 檢查是否已經投票 $qry = 'SELECT no,ip,date FROM eggpoll_detail WHERE ip = "' . $ip . '" AND date = "' . $datestr . '" AND no ="' . $no . '"'; $rs = sqlite_query($this->conn, $qry); if (sqlite_num_rows($rs)) { die('[Error] Already voted.'); } // 刐除舊詳細評價 $qry = 'SELECT date FROM eggpoll_detail WHERE date < "' . $deldate . '" LIMIT 1'; $rs = sqlite_query($this->conn, $qry); if (sqlite_num_rows($rs)) { $str = 'DELETE FROM eggpoll_detail WHERE date < "' . $deldate . '"'; sqlite_exec($this->conn, $str, $sqlerr); sqlite_exec($this->conn, 'VACUUM', $sqlerr); } $str = 'INSERT INTO eggpoll_detail (no,option,ip,date) VALUES (' . $no . ',' . $rank . ',"' . $ip . '","' . $datestr . '")'; sqlite_exec($this->conn, $str, $sqlerr); if ($sqlerr) { echo $sqlerr; } $qry = 'SELECT * FROM eggpoll_votes WHERE no =' . $no; $rs = sqlite_query($this->conn, $qry); if (!sqlite_num_rows($rs)) { $str = 'INSERT INTO eggpoll_votes (no,up,down) VALUES (' . $no . ($rank ? ',1,0)' : ',0,1)'); } else { if ($rank) { $str = 'UPDATE eggpoll_votes SET up = up+1 WHERE no=' . $no; } else { $str = 'UPDATE eggpoll_votes SET down = down+1 WHERE no=' . $no; } } sqlite_exec($this->conn, $str, $sqlerr); if ($sqlerr) { echo $sqlerr; } echo '+OK '; $this->_getPollValues($no); } } }
public function ModulePage() { $PIO = PMCLibrary::getPIOInstance(); if (!isset($_GET['no'])) { die('[Error] not enough parameter.'); } if (isset($_GET['action'])) { if (adminAuthenticate('check')) { $pushcount = ''; $puststart = 0; $post = $PIO->fetchPosts($_GET['no']); if (!count($post)) { die('[Error] Post does not exist.'); } // 被推之文章不存在 extract($post[0]); if ($status != '') { $f = $PIO->getPostStatus($status); $pushcount = $f->value('mppCnt'); // 被推次數 } if (($puststart = strpos($com, $this->PUSHPOST_SEPARATOR . '<br />')) === false) { die('[Error] No pushpost.'); } $ocom = substr($com, 0, $puststart); $pushpost = explode('<br />', substr($com, $puststart + strlen($this->PUSHPOST_SEPARATOR . '<br />'))); $com = $ocom; if ($_GET['action'] == 'del') { // list $p_count = 1; $com .= '<div class="pushpost">'; foreach ($pushpost as $p) { $com .= '<input type="checkbox" name="' . $p_count++ . '" value="delete" />' . $p . '<br />'; } $com .= '</div>'; $dat = ''; head($dat); $dat .= '<div class="bar_reply">' . $this->_T('deletepush') . '</div>'; $dat .= '<form action="' . $this->getModulePageURL(array('action' => 'delpush', 'no' => $_GET['no'])) . '" method="post">'; $dat .= PMCLibrary::getPTEInstance()->ParseBlock('SEARCHRESULT', array('{$NO}' => $no, '{$SUB}' => $sub, '{$NAME}' => $name, '{$NOW}' => $now, '{$COM}' => $com, '{$CATEGORY}' => $category, '{$NAME_TEXT}' => _T('post_name'), '{$CATEGORY_TEXT}' => _T('post_category'))); echo $dat, '<input type="submit" value="' . _T('del_btn') . '" /></form></body></html>'; return; } else { if ($_GET['action'] == 'delpush') { // delete $delno = array(); reset($_POST); while ($item = each($_POST)) { if ($item[1] == 'delete' && $item[0] != 'func') { array_push($delno, $item[0]); } } if (count($delno)) { foreach ($delno as $d) { if (isset($pushpost[$d - 1])) { unset($pushpost[$d - 1]); } } } $pushcount = count($pushpost); if ($pushcount) { $f->update('mppCnt', $pushcount); // 更新推文次數 $com = $ocom . $this->PUSHPOST_SEPARATOR . '<br />' . implode('<br />', $pushpost); } else { $f->remove('mppCnt'); // 刪除推文次數 $com = $ocom; } $PIO->updatePost($_GET['no'], array('com' => $com, 'status' => $f->toString())); // 更新推文 $PIO->dbCommit(); header('HTTP/1.1 302 Moved Temporarily'); header('Location: ' . fullURL() . PHP_SELF . '?page_num=0'); return; } else { die('[Error] unknown action.'); } } } else { die('[Error] unauthenticated action.'); } } // 非 AJAX 推文,產出表單供填寫 if (!isset($_POST['comm'])) { echo $this->printStaticForm(intval($_GET['no'])); } else { // 處理推文 // 傳送方法不正確 if ($_SERVER['REQUEST_METHOD'] != 'POST') { die(_T('regist_notpost')); } // 查IP $baninfo = ''; $ip = getREMOTE_ADDR(); $host = gethostbyaddr($ip); if (BanIPHostDNSBLCheck($ip, $host, $baninfo)) { die(_T('regist_ipfiltered', $baninfo)); } $name = CleanStr($_POST['name']); $comm = CleanStr($_POST['comm']); if (strlen($name) > 30) { die($this->_T('maxlength')); } // 名稱太長 if (strlen($comm) > 160) { die($this->_T('maxlength')); } // 太多字 if (strlen($comm) == 0) { die($this->_T('nocomment')); } // 沒打字 $name = str_replace(array(_T('trip_pre'), _T('admin'), _T('deletor')), array(_T('trip_pre_fake'), '"' . _T('admin') . '"', '"' . _T('deletor') . '"'), $name); // 生成ID, Trip 等識別資訊 $pushID = $this->getID(); $pushtime = gmdate('y/m/d H:i', time() + intval(TIME_ZONE) * 3600); if (preg_match('/(.*?)[##](.*)/u', $name, $regs)) { $cap = strtr($regs[2], array('&' => '&')); $salt = strtr(preg_replace('/[^\\.-z]/', '.', substr($cap . 'H.', 1, 2)), ':;<=>?@[\\]^_`', 'ABCDEFGabcdef'); $name = $regs[1] . _T('trip_pre') . substr(crypt($cap, $salt), -10); } if (!$name || preg_match("/^[ | |]*\$/", $name)) { if (ALLOW_NONAME) { $name = DEFAULT_NONAME; } else { die(_T('regist_withoutname')); } // 不接受匿名 } if (ALLOW_NONAME == 2) { // 強制砍名 $name = preg_match('/(\\' . _T('trip_pre') . '.{10})/', $name, $matches) ? $matches[1] . ':' : DEFAULT_NONAME . ':'; } else { $name .= ':'; } $pushpost = "{$name} {$comm} ({$pushID} {$pushtime})"; // 推文主體 $post = $PIO->fetchPosts($_GET['no']); if (!count($post)) { die('[Error] Post does not exist.'); } // 被推之文章不存在 $parentNo = $post[0]['resto'] ? $post[0]['resto'] : $post[0]['no']; $threads = array_flip($PIO->fetchThreadList()); $threadPage = floor($threads[$parentNo] / PAGE_DEF); $p = $parentNo == $post[0]['no'] ? $post : $PIO->fetchPosts($parentNo); // 取出首篇 $flgh = $PIO->getPostStatus($p[0]['status']); if ($flgh->exists('TS')) { die('[Error] ' . _T('regist_threadlocked')); } // 首篇禁止回應/同時表示禁止推文 $post[0]['com'] .= (strpos($post[0]['com'], $this->PUSHPOST_SEPARATOR . '<br />') === false ? '<br />' . $this->PUSHPOST_SEPARATOR : '') . '<br /> ' . $pushpost; $flgh2 = $PIO->getPostStatus($post[0]['status']); $flgh2->plus('mppCnt'); // 推文次數+1 $PIO->updatePost($_GET['no'], array('com' => $post[0]['com'], 'status' => $flgh2->toString())); // 更新推文 $PIO->dbCommit(); // mod_audit logcat $this->callCHP('mod_audit_logcat', array(sprintf('[%s] No.%d %s (%s)', __CLASS__, $_GET['no'], $comm, $pushID))); if (STATIC_HTML_UNTIL == -1 || $threadPage <= STATIC_HTML_UNTIL) { // 僅更新討論串出現那頁 updatelog(0, $threadPage, true); } deleteCache(array($parentNo)); // 刪除討論串舊快取 if (isset($_POST['ajaxmode'])) { echo '+OK ', $pushpost; } else { header('HTTP/1.1 302 Moved Temporarily'); header('Location: ' . fullURL() . PHP_SELF2 . '?' . time()); } } }
echo recaptcha_get_html($publickey, $error); echo '<input type="submit" value="確認"> </form> </body></html>'; return false; } $subject = CleanStr($_REQUEST['subject']); $FROM1 = $_REQUEST['nick']; $FROM = CleanStr($_REQUEST['nick']); $FROM = preg_replace("/[\r\n]/", "", $FROM); $MESSAGE = CleanStr($_REQUEST['content']); $mail = Cleanstr($_REQUEST['mail']); $c_pass = $_REQUEST['delk']; $delk = substr(md5($_REQUEST['delk']), 2, 8); $key = $_REQUEST['key']; $HOST = gethostbyaddr($IP = getREMOTE_ADDR()); $idtag = false; if (preg_match("/^( | |\t)*\$/", $MESSAGE)) { error("本文がありません!", $FROM, $mail, $HOST, $MESSAGE); } if ($key == "" && preg_match("/^( | |\t)*\$/", $subject)) { error("サブジェクトが存在しません!", $FROM, $mail, $HOST, $MESSAGE); } if (!isset($_REQUEST['url']) || isset($_REQUEST['url']) && $_REQUEST['url'] != "") { error("投稿が禁止されています", $FROM, $mail, $HOST, $MESSAGE); } // reCAPTCHA if (!$key) { if (reCAPTCHA('スレッド作成', 'スレッド作成のは CAPTCHA 認証が必要です。') === false) { exit; }
function _log($info) { $t = time() + TIME_ZONE * 3600; error_log(getREMOTE_ADDR() . ' [' . gmdate('y/m/d H:i:s', $t) . '] ' . "{$info}\n", 3, $this->logname); }