function admin_check($adminitem)
{
global $adminperm, $currentuser;
if (!isset($adminperm[$adminitem])) {
html_error_quit("没有这样的管理功能。");
exit;
}
if (!($currentuser["userlevel"] & $adminperm[$adminitem])) {
html_error_quit("您没有进入此管理页面的权限。");
exit;
}
}
function pc_admin_check_permission()
{
global $loginok, $currentuser, $pcconfig;
if ($loginok != 1) {
html_nologin();
} elseif (!strcmp($currentuser["userid"], "guest")) {
html_init("gb2312");
html_error_quit("对不起,请先登录");
exit;
} elseif (!pc_is_manager($currentuser)) {
html_init("gb2312");
html_error_quit("对不起,您无权访问该页");
exit;
} else {
return;
}
}
require "www2-funcs.php";
login_init();
bbs_session_modify_user_mode(BBS_MODE_READING);
assert_login();
if (isset($_GET["board"])) {
$board = $_GET["board"];
} else {
html_error_quit("讨论区错误");
}
$brdarr = array();
$brdnum = bbs_getboard($board, $brdarr);
if ($brdnum == 0) {
html_error_quit("错误的讨论区");
}
if (bbs_checkreadperm($currentuser["index"], $brdnum) == 0) {
html_error_quit("您没有权限");
}
$votearr = array();
$retnum = bbs_get_tmpls($board, $votearr);
if ($retnum < 0) {
$retnum = 0;
}
if (isset($_GET["id"])) {
$restr = "&reid=" . $_GET["id"];
} else {
$restr = "";
}
bbs_board_nav_header($brdarr, "模板列表");
?>
<table class="main adj">
<caption>版面 <?php
$board = $brdarr["NAME"];
$board_desc = $brdarr["DESC"];
$brd_encode = urlencode($board);
//$isnormalboard = bbs_normalboard($board);
$lookupuser = array();
$guestUID = bbs_getuser("guest", $lookupuser);
$isnormalboard = bbs_checkreadperm($guestUID, $bid);
//bbs_set_onboard($bid,1);
$usernum = $currentuser["index"];
if (!$isnormalboard && bbs_checkreadperm($usernum, $bid) == 0) {
html_error_quit("错误的讨论区");
}
$haveprev = 0;
$num = bbs_get_threads_from_gid($bid, $gid, $start, $articles, $haveprev);
if ($num == 0) {
html_error_quit("错误的参数");
}
$pagesize = 20;
$totalpage = ($num - 1) / $pagesize + 1;
$totalpage = intval($totalpage);
if ($pno < 1 || $pno > $totalpage) {
$pno = 1;
}
$startnum = ($pno - 1) * $pagesize;
$endnum = $startnum + $pagesize;
if ($endnum > $num) {
$endnum = $num;
}
bbs_checkorigin($board);
$origins = array();
$origin_num = bbs_get_records_from_id($board, $gid, $dir_modes["ORIGIN"], $origins);
** blog黑名单
** windinsn Mar 5 , 2004
*/
require "pcfuncs.php";
if ($loginok != 1) {
html_nologin();
} elseif (!strcmp($currentuser["userid"], "guest")) {
html_init("gb2312");
html_error_quit("guest 没有Blog!");
exit;
} else {
$link = pc_db_connect();
$pc = pc_load_infor($link, $currentuser["userid"]);
if (!$pc || !pc_is_admin($currentuser, $pc)) {
pc_db_close($link);
html_error_quit("对不起,您要查看的Blog不存在");
exit;
}
pc_html_init("gb2312", $pc["NAME"]);
$buserid = $_GET["userid"];
if ($_GET["act"] == "add" && $buserid) {
$lookupuser = array();
if (bbs_getuser($buserid, $lookupuser) == 0) {
echo "<script language=\"javascript\">用户" . $buserid . "不存在!</script>";
} else {
$buserid = $lookupuser["userid"];
if (!pc_in_blacklist($link, $buserid, $pc["UID"])) {
pc_add_blacklist($link, $buserid, $pc["UID"]);
}
}
}
<?php
require "pcfuncs.php";
$userid = addslashes($_GET["id"]);
$uid = (int) $_GET["id"];
$link = pc_db_connect();
$pc = pc_load_infor($link, $userid, $uid);
if (!$pc) {
pc_db_close($link);
html_init("gb2312", $pcconfig["BBSNAME"] . "Blog");
html_error_quit("对不起,您要查看的Blog不存在");
exit;
}
$query = "SELECT nodexsl , stylesheet FROM userstyle WHERE uid = " . $pc["UID"] . " LIMIT 0 , 1;";
$result = mysql_query($query, $link);
$rows = mysql_fetch_array($result);
mysql_free_result($result);
pc_db_close($link);
if (!$rows) {
html_init("gb2312", $pcconfig["BBSNAME"] . "Blog");
html_error_quit("对不起,您要查看的用户尚未设定自定义XSL文件");
exit;
}
if ($rows[stylesheet] == 1) {
header("Content-Type: text/css");
header("Content-Disposition: inline;filename=SMTHBlog_" . $pc["USER"] . ".css");
} else {
header("Content-Type: text/xml");
header("Content-Disposition: inline;filename=SMTHBlog_" . $pc["USER"] . ".xsl");
}
echo stripslashes($rows[nodexsl]);
function display_fav_folder($link, $pc, $pid = 0, $pur, $order = "")
{
$rootpid = pc_fav_rootpid($link, $pc["UID"]);
if (!$rootpid) {
$pif = pc_init_fav($link, $pc["UID"]);
if ($pif) {
?>
<script language="javascript">window.location.href="pcdoc.php?userid=<?php
echo $pc["USER"];
?>
&tag=3";</script>
<?php
} else {
html_error_quit("对不起,Blog收藏夹初始化错误!");
exit;
}
}
if ($pid == 0) {
$pid = $rootpid;
} else {
$query = "UPDATE nodes SET `visitcount` = visitcount + 1 WHERE `access` = '3' AND `nid` = '" . $pid . "' AND `uid` = '" . $pc["UID"] . "';";
mysql_query($query, $link);
}
$query = "SELECT `nid` , `type` , `created` , `changed` , `emote` , `comment` , `commentcount` , `subject` , `visitcount`,`pid`,`htmltag` " . " FROM nodes WHERE `access` = '3' AND `uid` = '" . $pc["UID"] . "' AND `pid` = '" . $pid . "' ";
switch ($order) {
case "c":
$query .= " ORDER BY `created` DESC , ";
break;
case "u":
$query .= " ORDER BY `changed` DESC ,";
break;
case "v":
$query .= " ORDER BY `visitcount` DESC ,";
break;
case "r":
$query .= " ORDER BY `commentcount` DESC ,";
break;
case "co":
$query .= " ORDER BY `comment` ASC ,";
break;
default:
$query .= " ORDER BY ";
}
$query .= " `type` DESC ;";
$result = mysql_query($query, $link);
$i = 0;
?>
<form action="pcmanage.php?userid=<?php
echo $pc["USER"];
?>
" method="post">
<table cellspacing="0" cellpadding="5" border="0" width="99%" class="t1">
<?php
if ($pur > 2) {
?>
<tr>
<td class="t2" width="30">序号</td>
<td class="t2" width="30">选中</td>
<td class="t2" width="30">类型</td>
<td class="t2" width="30"><a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=co";
?>
" class="f3">状态</a></td>
<td class="t2">主题</td>
<td class="t2" width="120">
<a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=c";
?>
" class="f3">创建</a>
|
<a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=u";
?>
" class="f3">更新</a>
</td>
<td class="t2" width="30"><a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=v";
?>
" class="f3">浏览</a></td>
<td class="t2" width="30"><a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=r";
?>
" class="f3">评论</a></td>
<td class="t2" width="15">改</td>
<td class="t2" width="15">删</td>
<td class="t2" colspan="<?php
echo $_COOKIE["BLOGFAVACTION"] ? 3 : 2;
?>
">操作</a>
</tr>
<?php
} else {
?>
<tr>
<td class="t2" width="30">序号</td>
<td class="t2" width="30">类型</td>
<td class="t2" width="30"><a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=co";
?>
" class="f3">状态</a></td>
<td class="t2">主题</td>
<td class="t2" width="120">
<a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=c";
?>
" class="f3">创建</a>
|
<a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=u";
?>
" class="f3">更新</a></td>
<td class="t2" width="30"><a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=v";
?>
" class="f3">浏览</a></td>
<td class="t2" width="30"><a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $pid . "&order=r";
?>
" class="f3">评论</a></td>
</tr>
<?php
}
while ($rows = mysql_fetch_array($result)) {
$i++;
if ($rows["comment"] == 1 && $rows["type"] == 0) {
$c = "<img src='images/open.gif' alt='开放的主题' border='0'>";
} else {
$c = "<img src='images/lock.gif' alt='被锁定的主题' border='0'>";
}
if ($rows["type"] == 1) {
$type = "<img src='images/dir.gif' alt='目录' border='0'>";
$url = "pcdoc.php?userid=" . $pc["USER"] . "&tag=3&pid=" . $rows["nid"];
} else {
$type = "<img src='images/art.gif' alt='文章' border='0'>";
$url = "pccon.php?id=" . $pc["UID"] . "&nid=" . $rows["nid"] . "&order=" . $order;
}
if ($pur > 2) {
echo "<tr>\n<td class='t3'>" . $i . "</td>\n<td align=\"center\" class='t4'>";
if ($rows["type"] == 0) {
echo "<input type=\"checkbox\" name=\"art" . $i . "\" value=\"" . $rows["nid"] . "\" class=\"b2\">";
} else {
echo " ";
}
echo "</td>\n<td class='t3'>" . $type . "</td>\n" . "<td class='t4'>" . $c . "</td>\n" . "<td class='t8'>";
echo $rows["htmltag"] == 1 ? " " : "#";
echo "<img src=\"icon/" . $rows["emote"] . ".gif\" border=\"0\" align=\"absmiddle\">\n<a href=\"" . $url . "\">" . html_format($rows["subject"]) . "</a></td>\n" . "<td class='t4'>" . time_format($rows["created"]) . "<br/>" . time_format($rows["changed"]) . "</td>\n" . "<td class='t3'>" . $rows["visitcount"] . "</td>\n" . "<td class='t4'>" . $rows["commentcount"] . "</td>\n" . "<td class='t3'><a href=\"pcmanage.php?userid=" . $pc["USER"] . "&act=edit&nid=" . $rows["nid"] . "\">改</a></td>\n" . "<td class='t4'><a href=\"#\" onclick=\"bbsconfirm('pcmanage.php?userid=" . $pc["USER"] . "&act=del&nid=" . $rows["nid"] . "','确认删除?')\">删</a></td>\n";
if ($rows["type"] == 0) {
echo "<td class='t3' width=20><a href=\"pcmanage.php?userid=" . $pc["USER"] . "&act=favcut&nid=" . $rows["nid"] . "\">剪</a></td>" . "<td class='t3' width=20><a href=\"pcmanage.php?userid=" . $pc["USER"] . "&act=favcopy&nid=" . $rows["nid"] . "\">复</a></td>";
} else {
echo "<td class='t3' width=20>-</td>\n<td class='t3'>-</td>\n";
}
if (isset($_COOKIE["BLOGFAVACTION"]) && $_COOKIE["BLOGFAVACTION"]) {
if ($rows["type"] == 1) {
echo "<td class='t3' width=20><a href=\"pcmanage.php?userid=" . $pc["USER"] . "&act=favpaste&pid=" . $rows["nid"] . "\">贴</a></td>";
} else {
echo "<td class='t3' width=20>-</td>";
}
}
echo "</tr>\n";
} else {
echo "<tr>\n<td class='t3'>" . $i . "</td>\n" . "<td class='t4'>" . $type . "</td>\n" . "<td class='t3'>" . $c . "</td>\n" . "<td class='t5'> <img src=\"icon/" . $rows["emote"] . ".gif\" border=\"0\" align=\"absmiddle\">\n<a href=\"" . $url . "\">" . html_format($rows["subject"]) . "</a></td>\n" . "<td class='t3'>" . time_format($rows["created"]) . "<br/>" . time_format($rows["changed"]) . "</td>\n" . "<td class='t4'>" . $rows["visitcount"] . "</td>\n" . "<td class='t3'>" . $rows["commentcount"] . "</td>\n" . "</tr>\n";
}
}
mysql_free_result($result);
?>
</table>
<?php
if ($pid != $rootpid) {
$query = "SELECT `pid` FROM nodes WHERE `nid` = '" . $pid . "' LIMIT 0 , 1 ;";
$result = mysql_query($query);
$rows = mysql_fetch_array($result);
mysql_free_result($result);
$prepid = $rows["pid"] > $rootpid ? $rows["pid"] : $rootpid;
?>
<p align="center" class="b2">
[<a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3&pid=" . $rows["pid"];
?>
">返回上层目录</a>]
[<a href="pcdoc.php?<?php
echo "userid=" . $pc["USER"] . "&tag=3";
?>
">返回根目录</a>]
</p>
<?php
}
if ($pur > 2) {
display_action_bar(3, 0, $pid);
?>
</form>
<?php
if (isset($_COOKIE["BLOGFAVACTION"]) && $_COOKIE["BLOGFAVACTION"]) {
echo "<p align='center' class='b2'>[<a href=\"pcmanage.php?userid=" . $pc["USER"] . "&act=favpaste&pid=" . $rootpid . "\">粘贴到根目录</a>]</p>\n";
}
?>
<form action="pcmanage.php?userid=<?php
echo $pc["USER"];
?>
&act=adddir" method="post" onsubmit="if(this.dir.value==''){alert('请输入目录名!');return false;}">
<input type="hidden" name="pid" value="<?php
echo $pid;
?>
">
<p class="b2" align="center">
新建目录:
<input type="text" name="dir" maxlength="200" size="40" id="dir" class="b2">
<input type="submit" value="新建目录" class="b1">
</p>
</form>
<?php
}
}
break;
case UPLOAD_ERR_PARTIAL:
$msg = "文件传输出错!";
break;
case UPLOAD_ERR_NO_FILE:
$msg = "没有文件上传!";
break;
default:
$msg = "未知错误";
}
}
}
if (!is_array($ret)) {
$attachments = bbs_attachment_list($board, $id);
if (!is_array($attachments)) {
html_error_quit(bbs_error_get_desc($attachments));
}
} else {
$attachments = $ret;
}
$filecount = count($attachments);
$totalsize = 0;
$allnames = array();
$allnames_p = array();
$allpos = array();
$alllen = array();
for ($i = 0; $i < $filecount; $i++) {
$allnames[] = $attachments[$i]["name"];
$allnames_p[] = "'" . addslashes($attachments[$i]["name"]) . "'";
$allpos[] = $attachments[$i]["pos"];
$alllen[] = $attachments[$i]["size"];
if ($start >= $total) {
$start = $total - 20;
if ($start < 0) {
$start = 0;
}
} else {
if ($start < 0) {
$start = $total - 20;
if ($start < 0) {
$start = 0;
}
}
}
$friends = bbs_getfriends($currentuser["userid"], $start);
if ($friends === FALSE) {
html_error_quit("系统错误1");
}
?>
<table class="main adj">
<col class="center"/><col/><col/><col class="center"/>
<caption>好友名单 (共 <?php
echo $total;
?>
位好友)</caption>
<tbody>
<tr><th>序号</th><th>好友代号</th><th>好友说明</th><th>删除好友</th></tr>
<?php
$i = 0;
foreach ($friends as $friend) {
$i++;
?>
<?php
require "pcadmin_inc.php";
pc_admin_check_permission();
$link = pc_db_connect();
$nid = intval($_GET["nid"]);
$query = 'SELECT * FROM filter WHERE nid = ' . $nid . ' LIMIT 1;';
$result = mysql_query($query);
$node = mysql_fetch_array($result);
if ($node) {
html_error_quit("文章已经被删除过");
}
$query = 'SELECT * FROM nodes WHERE nid = ' . $nid . ' LIMIT 1;';
$result = mysql_query($query);
$node = mysql_fetch_array($result);
if (!$node) {
html_error_quit("文章不存在");
}
$uid = $node[uid];
$query = "INSERT INTO `filter` ( `pid` , `nid` , `tid` , `type` , `state` , `recuser` , `emote` , `hostname` , `changed` , `created` , `uid` , `username` , `comment` , `commentcount` , `subject` , `body` , `access` , `visitcount` , `htmltag`,`trackback` ,`trackbackcount`,`nodetype`,`theme`,`publisher`) " . "VALUES ( '" . $node[pid] . "' , '" . $node[nid] . "' , '" . $node[tid] . "' , '" . $node[type] . "' , 4 , '" . $currentuser["userid"] . "' , '" . $node[emote] . "' , '" . $node[hostname] . "' , '" . $node[changed] . "' , '" . $node[created] . "' , '" . $node[uid] . "' , '" . addslashes($_GET["userid"]) . "' , '" . $node[comment] . "' , '" . $node[commentcount] . "' , '" . $node[subject] . "' , '" . $node[body] . "' , '" . $node[access] . "' , '" . $node[visitcount] . "' , '" . $node[htmltag] . "','" . $node[trackback] . "' ,'" . $node[trackbackcount] . "','" . $node[nodetype] . "','" . $node[theme] . "','" . $node[publisher] . "');";
if (!mysql_query($query)) {
html_error_quit("插入过滤表出错");
}
$query = "UPDATE nodes SET `body` = '@ @ 本文已被管理员屏蔽 @ @' where `nid` = " . $nid . ";";
if (!mysql_query($query)) {
html_error_quit("修改原文出错");
}
pc_update_record($link, $uid);
pc_db_close($link);
pc_return("pcdoc.php?userid=_filter&tag=4");
require "www2-funcs.php";
login_init();
assert_login();
page_header("发送手机短信");
if (isset($_POST["dest"])) {
$dest = $_POST["dest"];
if (!isset($_POST["msgstr"])) {
html_error_quit("请输入信息");
}
$msgstr = $_POST["msgstr"];
$ret = bbs_send_sms($dest, $msgstr);
if ($ret == 0) {
html_success_quit("发送成功");
} else {
html_error_quit("发送失败" . $ret);
}
} else {
?>
<form action="bbssendsms.php" method="post" class="small">
<fieldset><legend>发送手机短信</legend>
<div class="inputs">
<label>对方手机号:</label><input type="text" name="dest" maxlength="11" id="sfocus"/><br/>
<label>信息:</label><input type="text" name="msgstr"/>
</div>
</fieldset>
<div class="oper"><input type="submit" value="发送"/></div>
</form>
<?php
page_footer();
}
if (!$m_register) {
$mobile_phone = "";
}
$ret = @bbs_createregform($userid, $realname, $dept, $address, $gender, $year, $month, $day, $reg_email, $phone, $mobile_phone, $_POST['OICQ'], $_POST['ICQ'], $_POST['MSN'], $_POST['homepage'], intval($_POST['face']), $_POST['myface'], intval($_POST['width']), intval($_POST['height']), intval($_POST['groupname']), $_POST['country'], $_POST['province'], $_POST['city'], intval($_POST['shengxiao']), intval($_POST['blood']), intval($_POST['belief']), intval($_POST['occupation']), intval($_POST['marital']), intval($_POST['education']), $_POST['college'], intval($_POST['character']), FALSE);
//自动生成注册单
switch ($ret) {
case 0:
break;
case 2:
html_error_quit("该用户不存在!");
break;
case 3:
html_error_quit("生成注册单发生 参数错误! 请手工填写注册单");
break;
default:
html_error_quit("生成注册单发生 未知的错误! 请手工填写注册单");
break;
}
html_init("gb2312");
?>
<body>
<h1>申请ID成功</h1>
申请<?php
echo BBS_FULL_NAME;
?>
ID成功,你现在还没有通过身份认证,只有最基本的权限,不能发文,发信,聊天等,系统已经自动生成注册单.<br>
注册单通过站长审核后,你将获得合法用户权限!<br/><a href="index.html">现在登录进站</a>
</body>
</html>
<?php
function show_reg_form()
}
break;
case 'cp':
case 'mv':
setcookie('PCFILEACT', $_GET['act']);
setcookie('PCFILEFID', $f->fid);
break;
case 'pt':
if ($_COOKIE['PCFILEACT'] == 'cp') {
if (!$f->uf_cp($_GET['tid'])) {
html_error_quit($f->err);
}
}
if ($_COOKIE['PCFILEACT'] == 'mv') {
if (!$f->uf_mv($_GET['tid'])) {
html_error_quit($f->err);
}
}
setcookie('PCFILEACT');
setcookie('PCFILEFID');
break;
case 'cl':
setcookie('PCFILEACT');
setcookie('PCFILEFID');
break;
default:
}
if ($_GET['act'] == 'add' || $_GET['act'] == 'mkdir') {
pc_get_userfiles($link, $pc, $used, $total);
}
pc_get_userfiles($link, $pc, $used, $total);
html_error_quit("您的注册单还没有处理,请耐心等候");
break;
case 2:
html_error_quit("该用户不存在!");
break;
case 3:
html_error_quit("参数错误");
break;
case 4:
html_error_quit("你已经通过注册了!");
break;
case 5:
html_error_quit("您注册尚不满48小时,请在首次注册48小时后再填写注册单.");
break;
default:
html_error_quit("未知的错误!");
break;
}
?>
<body>
注册单已经提交,24小时内站务将会审核,如果通过,你就会获得合法用户权限!<br>
<a href="javascript:history.go(-1)">快速返回</a>
</body>
</html>
<?php
function show_fill_form()
{
$SITENAME = BBS_FULL_NAME;
echo <<<EOF
<html>
<meta HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=gb2312">
}
?>
type="text" name="destid" maxlength="12" value="<?php
echo $destid;
?>
" size="12"/><br/>
<label>讯息内容:</label><input <?php
if ($destid) {
echo 'id="sfocus"';
}
?>
type="text" name="msg" maxlength="50" size="50" value="<?php
echo $msg;
?>
"/>
</div></fieldset>
<div class="oper"><input type="submit" value="确认"/></div>
</form>
<?php
page_footer();
} else {
$ret = bbs_sendwebmsg($destid, $msg, $destutmp, $errmsg);
?>
<script>top.fmsg.location="bbsgetmsg.php?refresh";</script>
<?php
if ($ret) {
html_success_quit($errmsg);
} else {
html_error_quit($errmsg);
}
}
<?php
require "www2-funcs.php";
login_init();
page_header("讯息回寄");
assert_login();
if (bbs_mailwebmsgs() === false) {
html_error_quit("讯息备份寄回信箱失败");
} else {
html_success_quit("讯息备份已经寄回您的信箱");
}
html_error_quit("错误的文章号,原文可能已经被删除");
break;
case -4:
html_error_quit("本文章已经推荐过,感谢您的热心推荐");
break;
case -5:
html_error_quit("对不起,请勿推荐内部版面文章");
break;
case -6:
html_error_quit("对不起,您被停止了推荐的权力");
break;
case -7:
html_error_quit("推荐系统错误");
break;
default:
html_error_quit("系统错误,请联系管理员");
}
?>
<form action="<?php
echo $_SERVER['PHP_SELF'];
?>
?do&board=<?php
echo $brd_encode;
?>
&id=<?php
echo $id;
?>
" method="post" class="medium"/>
<fieldset>
<legend>推荐文章:<?php
echo $articles[1]["OWNER"];
pc_return("pcdoc.php?userid=" . $pc["USER"] . "&tag=3&pid=" . $rows[pid]);
} elseif ($act == "favpaste") {
if (!$_COOKIE["BLOGFAVACTION"]) {
pc_html_init("gb2312", stripslashes($pc["NAME"]));
html_error_quit("您的剪贴板是空的,请先剪切或者复制一个文件!");
exit;
}
$pid = intval($_GET["pid"]);
if (!pc_load_directory($link, $pc["UID"], $pid)) {
pc_html_init("gb2312", stripslashes($pc["NAME"]));
html_error_quit("目标文件夹不存在!");
exit;
}
if (pc_file_num($link, $pc["UID"], $pid) + 1 > $pc["NLIM"]) {
pc_html_init("gb2312", stripslashes($pc["NAME"]));
html_error_quit("目标文件夹中的文件数已达上限 " . $pc["NLIM"] . " 个!");
exit;
}
if (intval($_COOKIE["BLOGFAVNID"])) {
if ($_COOKIE["BLOGFAVACTION"] == "favcut") {
$query = "UPDATE nodes SET `pid` = '" . $pid . "' WHERE `nid` = '" . intval($_COOKIE["BLOGFAVNID"]) . "';";
} elseif ($_COOKIE["BLOGFAVACTION"] == "favcopy") {
$query = "SELECT * FROM nodes WHERE `nid` = '" . intval($_COOKIE["BLOGFAVNID"]) . "' LIMIT 0 , 1 ;";
$result = mysql_query($query, $link);
$rows = mysql_fetch_array($result);
mysql_free_result($result);
$query = "INSERT INTO `nodes` ( `nid` , `pid` , `type` , `source` , `hostname` , `changed` , `created` , `uid` , `comment` , `commentcount` , `subject` , `body` , `access` , `visitcount` , `tid` , `emote` ,`htmltag`) " . "VALUES ('', '" . $pid . "', '0', '" . addslashes($rows["source"]) . "', '" . addslashes($rows["hostname"]) . "', NOW( ) , '" . addslashes($rows["created"]) . "', '" . $pc["UID"] . "', '" . intval($rows["comment"]) . "', '" . intval($rows["commentcount"]) . "', '" . addslashes($rows["subject"]) . "', '" . addslashes($rows["body"]) . "', '3', '" . intval($rows["visitcount"]) . "', '" . intval($rows["tid"]) . "', '" . intval($rows["emote"]) . "','" . intval($rows["htmltag"]) . "');";
}
mysql_query($query, $link);
}
setcookie("BLOGFAVACTION");
echo $edit_id;
?>
" method=post>
<?php
al_print_form($row);
page_footer(FALSE);
}
}
}
}
}
}
$sqlstr = "SELECT * FROM addr WHERE userid=\"" . $currentuser["userid"] . "\" ORDER BY " . $order . " " . $descstr . " LIMIT " . $startnum . "," . $count;
$result = mysql_query($sqlstr) or die(mysql_error());
if (!$result) {
html_error_quit("没有数据");
} else {
page_header("通讯录管理");
?>
<a href="javascript:location.reload()">刷新</a>
</center>
<hr class=default>
<table border="1" width="613" align="center" cellpadding="0" cellspacing="0">
<tr><td>序号</td><td>姓名</td><td>bbsid</td><td>分组</td><td>注释</td><td></td></tr>
<?php
$i = 0;
while ($row = mysql_fetch_row($result)) {
?>
<tr>
<td><?php
echo $startnum + $i + 1;
$link = sysvote_db_connect();
if ($_GET["svid"]) {
$vote = sysvote_load_vote_infor($link, $_GET["svid"]);
if (!$vote) {
html_error_quit("对不起,所选择的投票不存在!");
}
if ($vote[active] != 1) {
echo "<script language=javascript>window.location.href=\"bbsssysvote.php?svid=" . $vote[svid] . "\";</script>";
}
$per = sysvote_user_can_vote($link, $vote, $currentuser);
if ($per == -1) {
html_error_quit("对不起,本次投票需要登录!");
} elseif ($per == -2) {
html_error_quit("对不起,您已经投过票了!");
} elseif ($per == -3) {
html_error_quit("对不起,您所在的位置已经投过" . $vote[votesperip] . "次票了!");
} else {
if ($_GET["sv"] == "sv") {
$ans = "";
for ($i = 0; $i < count($vote[probs]); $i++) {
if ($ans != "") {
$ans .= "|";
}
if ($vote[probs][$i][type] == 4) {
//单选
$ans .= base64_encode($_POST["ans" . $i]);
} elseif ($vote[probs][$i][type] == 1 || $vote[probs][$i][type] == 3) {
$l = 0;
for ($j = 0; $j < count($vote[probs][$i][etems]); $j++) {
if ($_POST["ans" . $i . "e" . $j]) {
if ($l != 0) {
$logs = BBS_HOME . "/bbsbfind.log";
if (!($fn = fopen($logs, "a"))) {
return FALSE;
}
if (!flock($fn, LOCK_EX)) {
fclose($fh);
return FALSE;
}
fputs($fn, $action);
flock($fn, LOCK_UN);
fclose($fn);
return TRUE;
}
$articles = bbs_search_articles($board, $title, $title2, $title3, $userid, $dt, $mgon, $agon, $ogon);
if ($articles <= 0) {
html_error_quit("系统错误:" . $articles);
}
// log_it($currentuser["userid"], $_SERVER["REMOTE_ADDR"], $board, $title, $title2, $title3, $userid, $dt, $mgon, $agon, $ogon, count($articles));
?>
<script>
var ta = new tabWriter(0,'main wide',0,[['编号','6%','center'],['标记','6%','center'],['作者','12%','center'],['日期','8%','center'],['标题',0,0]]);
<?php
foreach ($articles as $article) {
$flags = $article["FLAGS"];
$col1 = $article["NUM"] + 1;
$col2 = $flags[0] . $flags[3];
$col3 = '<a href="bbsqry.php?userid=' . $article["OWNER"] . '">' . $article["OWNER"] . '</a>';
$col4 = strftime("%b %e", $article["POSTTIME"]);
$col5 = '<a href="bbscon.php?bid=' . $brdnum . '&id=' . $article["ID"] . '">' . htmlspecialchars($article["TITLE"], ENT_QUOTES) . ' </a>';
echo "ta.r('{$col1}','{$col2}','{$col3}','{$col4}','{$col5}');\n";
}
} else {
$link = pc_db_connect();
$pc = pc_load_infor($link, $_GET["userid"]);
if (!$pc) {
pc_db_close($link);
html_error_quit("对不起,您要查看的Blog不存在");
exit;
}
if (!pc_is_admin($currentuser, $pc)) {
pc_db_close($link);
html_error_quit("对不起,您要查看的Blog不存在");
exit;
}
if (!pc_is_groupwork($pc)) {
pc_db_close($link);
html_error_quit("对不起,只有公有BLOG才能编辑成员");
exit;
}
if ($_GET["act"] == "add" && $_GET["id"]) {
pc_add_member($link, $pc, $_GET["id"]);
}
if ($_GET["act"] == "del" && $_GET["id"]) {
pc_del_member($link, $pc, $_GET["id"]);
}
$members = pc_get_members($link, $pc);
pc_html_init("gb2312", $pc["NAME"]);
?>
<br /><br />
<p align="center"><b>成员管理</b></p>
<center>
<table cellspacing="0" cellpadding="3" border="0" class="t1">
if (!$pc) {
html_error_quit("文件不存在");
}
if ($f->access == 2) {
if (!pc_is_admin($currentuser, $pc)) {
html_error_quit("文件不存在");
}
}
if ($f->access == 1) {
if (!pc_is_friend($currentuser["userid"], $pc["USER"])) {
html_error_quit("文件不存在");
}
}
}
}
pc_db_close($link);
if (!$pcconfig["USERFILEPERM"] || $f->access == 0) {
if (cache_header("public", $f->filetime, 600)) {
return;
}
}
if (!($file = fopen($f->filepath, "rb"))) {
html_error_quit("文件不存在");
}
Header("Content-type: " . $f->filetype);
Header("Accept-Ranges: bytes");
Header("Content-Length: " . filesize($f->filepath));
Header("Content-Disposition: inline;filename=" . $f->filename);
echo fread($file, filesize($f->filepath));
fclose($file);
exit;
} else {
$group = 0;
}
settype($group, "integer");
if (isset($_GET["group2"])) {
$group2 = $_GET["group2"];
} else {
$group2 = 0;
}
settype($group2, "integer");
if ($group < 0 || $group >= BBS_SECNUM) {
html_error_quit("错误的参数");
}
$boards = bbs_getboards(constant("BBS_SECCODE" . $group), $group2, 8);
if ($boards === FALSE) {
html_error_quit("该目录尚未有版面");
}
page_header(constant("BBS_SECNAME" . $group . "_0"), "", "<meta name='kbsrc.brd' content='' />");
?>
<h1><?php
echo constant("BBS_SECNAME" . $group . "_0");
?>
分区</h1>
<script type="text/javascript"><!--
var o = new brdWriter(<?php
echo $group;
?>
, <?php
echo $group2;
?>
);
if ($target == "") {
html_error_quit("请指定对象");
}
if (!bbs_sufficient_score_to_sendmail($target)) {
html_error_quit("积分不足,不能转寄信件给" . $target);
}
if (isset($_POST["big5"])) {
$big5 = $_POST["big5"];
} else {
$big5 = 0;
}
settype($big5, "integer");
if (isset($_POST["noansi"])) {
$noansi = $_POST["noansi"];
} else {
$noansi = 0;
}
settype($noansi, "integer");
if (isset($_POST["noattach"])) {
$noattach = $_POST["noattach"];
} else {
$noattach = 0;
}
settype($noattach, "integer");
$ret = bbs_doforward($brdarr["NAME"], $articles[1]["FILENAME"], $articles[1]["TITLE"], $target, $big5, $noansi, $noattach);
if ($ret < 0) {
html_error_quit("系统错误:" . $ret);
}
html_success_quit("文章已转寄给" . $target);
}
page_footer();
$keyword1 .= " " . $keyword[$i];
}
}
} else {
$query .= " `" . $key . "` = '" . addslashes($keyword) . "' ";
$keyword1 = $keyword;
}
$query .= " ORDER BY `username`;";
$link = pc_db_connect();
$result = mysql_query($query, $link);
$num_rows = mysql_num_rows($result);
if ($num_rows == 0) {
mysql_free_result($result);
pc_db_close($link);
pc_html_init("gb2312", "Blog搜索");
html_error_quit("对不起,没有符合条件的Blog,请尝试缩减关键字重新查询");
} elseif ($num_rows == 1) {
$rows = mysql_fetch_array($result);
header("Location: index.php?id=" . $rows["username"]);
} else {
pc_html_init("gb2312", "Blog搜索");
echo "<br>按照 <font class=f2>" . $keyname . "</font> 查询,关键字为 <font class=f2>" . $keyword1 . "</font> 。<br>" . "系统共为您查到 <font class=f2>" . $num_rows . "</font> 笔记录:";
?>
<center><br><br><br>
<table cellspacing="0" cellpadding="3" width="95%" class="t1">
<tr>
<td class="t2" width="30">编号</td>
<td class="t2" width="70">用户名</td>
<td class="t2">Blog名称</td>
<td class="t2" width="50">类别</td>
<td class="t2" width="50">文章数</td>
$total = bbs_getmailnum2($dir);
if ($total <= 0 || $total > 30000) {
html_error_quit("读取邮件数据失败!");
}
if ($num < 0 || $num >= $total) {
html_error_quit("错误的参数");
}
$articles = array();
if (bbs_get_records_from_num($dir, $num, $articles)) {
$file = $articles[0]["FILENAME"];
} else {
html_error_quit("错误的参数");
}
$filename = bbs_setmailfile($currentuser["userid"], $file);
if (!file_exists($filename)) {
html_error_quit("信件不存在...");
}
@($attachpos = $_GET["ap"]);
//pointer to the size after ATTACHMENT PAD
if ($attachpos != 0) {
bbs_file_output_attachment($filename, $attachpos);
exit;
}
mailbox_header("信件阅读");
?>
<div class="large">
<div class="article">
<script type="text/javascript"><!--
<?php
$s = bbs2_readfile($filename);
if (is_string($s)) {
if (!$_GET["isgroup"] && !pc_is_groupwork($pcc)) {
$newtype--;
}
$query = "UPDATE users SET createtime = createtime , pctype = " . $newtype . " WHERE uid = " . $pcc["UID"] . " LIMIT 1;";
mysql_query($query, $link);
if ($_GET["isgroup"] && !pc_is_groupwork($pcc)) {
pc_convertto_group($link, $pcc);
}
$action = "调整 " . $pcc["USER"] . " 的BLOG参数(N:" . $newtype . ";O:" . $pcc["TYPE"] . ")";
pc_logs($link, $action, "", $pcc["USER"]);
unset($_GET["userid"]);
}
if ($_GET["userid"]) {
$pcc = pc_load_infor($link, $_GET["userid"]);
if (!$pcc) {
html_error_quit($_GET["userid"] . "尚无BLOG");
exit;
}
?>
<form action="<?php
echo $_SERVER["PHP_SELF"];
?>
" method="get">
<input type="hidden" name="conv" value="1">
处理的用户名:<input type="text" name="userid" value="<?php
echo $pcc["USER"];
?>
"><br />
是否为公有BLOG:
<input type="checkbox" name="isgroup" value="1" <?php
if ($mail_num < 0 || $mail_num > 30000) {
html_error_quit("Too many mails!");
}
$num = 19;
if ($start > $mail_num - 19) {
$start = $mail_num - 19;
}
if ($start < 0) {
$start = 0;
if ($num > $mail_num) {
$num = $mail_num;
}
}
$maildata = bbs_getmails($mail_fullpath, $start, $num);
if ($maildata == FALSE) {
html_error_quit("读取邮件数据失败!");
}
//system mailboxs
$mail_box = array(".DIR", ".SENT", ".DELETED");
$mail_boxtitle = array("收件箱", "发件箱", "垃圾箱");
//$mail_boxnums = array(bbs_getmailnum2(bbs_setmailfile($currentuser["userid"],".DIR")),bbs_getmailnum2(bbs_setmailfile($currentuser["userid"],".SENT")),bbs_getmailnum2(bbs_setmailfile($currentuser["userid"],".DELETED")));
//custom mailboxs
$mail_cusbox = bbs_loadmaillist($currentuser["userid"]);
//$totle_mails = $mail_boxnums[0]+$mail_boxnums[1]+$mail_boxnums[2];
$i = 2;
if ($mail_cusbox != -1) {
foreach ($mail_cusbox as $mailbox) {
$i++;
$mail_box[$i] = $mailbox["pathname"];
$mail_boxtitle[$i] = $mailbox["boxname"];
//$mail_boxnums[$i] = bbs_getmailnum2(bbs_setmailfile($currentuser["userid"],$mailbox["pathname"]));
if (!bbs_is_bm($bid, $usernum)) {
html_error_quit("你不是版主");
}
$board = $brdarr['NAME'];
$brd_encode = urlencode($board);
bbs_board_nav_header($brdarr, "自定版面封禁理由");
if (isset($_GET['act'])) {
switch ($_GET['act']) {
case 'set':
if (!isset($_POST['setreason'])) {
html_error_quit("错误的参数");
}
$setreason = $_POST['setreason'];
switch (bbs_setdenyreason($board, $setreason)) {
case -1:
html_error_quit("讨论区错误");
break;
default:
html_success_quit("自定义版面封禁理由保存成功<br/><br/>", array("<a href=bbsdoc.php?board=" . $board . ">返回版面</a>", "<a href=\"javascript:history.go(-1)\">继续修改</a>"));
}
break;
default:
}
}
$denyreasons = array();
$maxreason = bbs_getdenyreason($board, $denyreasons, 0);
?>
<script type="text/javascript">
function remove(r) {
var table = document.getElementById("tableId");
var tbody = table.tBodies[0];