function encrypt($txt, $key = 'abcd9667676effff')
{
return xn_urlencode(base64_encode(xxtea_encrypt($txt, $key)));
}
function attach_safe_name($name, $whitearr)
{
global $time;
$ext = file_ext($name);
$pre = file_pre($name);
$pre = xn_urlencode($pre);
$pre = substr($pre, 0, 89) . '_' . $time;
// 时间放到后面,好根据文件名前缀进行管理,比如 rm -rf 123_aaa*
$ext = xn_urlencode($ext);
!in_array($ext, $whitearr) and $ext = '_' . $ext;
return $pre . '.' . $ext;
}
} else {
$_uid = param(1, 0);
$pid = param(2, 0);
// 接受 pid,通过 pid 查询 userip
if ($_uid == 0) {
$post = post_read($pid);
$_ip = long2ip($post['userip']);
$_ip_url = xn_urlencode($_ip);
$banip = banip_read_by_ip($_ip);
$_user = user_guest();
} else {
$banip = array();
$_user = user_read($_uid);
$_ip = long2ip($_user['create_ip']);
$banip = banip_read_by_ip($_ip);
$_ip_url = xn_urlencode($_ip);
empty($_user) and message(0, '用户不存在');
}
$header['title'] = $_user['username'];
include './flarum/view/user_profile.htm';
}
// 获取用户来路
function user_http_referer()
{
$referer = param('referer');
// 优先从参数获取
empty($referer) and $referer = array_value($_SERVER, 'HTTP_REFERER', '');
$referer = str_replace(array('\\"', '"', '<', '>', ' ', '*', "\t", "\r", "\n"), '', $referer);
// 干掉特殊字符
if (!preg_match('#^(http|https)://[\\w\\-=/\\.]+/[\\w\\-=.%\\#?]*$#is', $referer) || strpos($referer, 'user-login.htm') !== FALSE || strpos($referer, 'user-logout.htm') !== FALSE || strpos($referer, 'user-create.htm') !== FALSE || strpos($referer, 'user-setpw.htm') !== FALSE) {
$referer = './';
