include ROOT . '/common.php';
if (!$cur_user || $cur_user['flag'] < 99) {
exit('error: 403 Access Denied');
}
$rid = intval($_GET['rid']);
$query = "SELECT `id`,`articleid`,`content` FROM `yunbbs_comments` WHERE id='{$rid}'";
$r_obj = $DBS->fetch_one_array($query);
if (!$r_obj) {
exit('404');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$r_content = addslashes(trim($_POST['content']));
if ($r_content) {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
$r_content = htmlspecialchars($r_content);
$DBM->unbuffered_query("UPDATE `yunbbs_comments` SET `content`='{$r_content}' WHERE `id`='{$rid}'");
$tip = '评论已成功修改';
} else {
$tip = '内容 不能留空';
}
} else {
$r_content = $r_obj['content'];
$tip = '';
}
// 页面变量
$title = '修改评论';
// 设置回复图片最大宽度
$img_max_w = 590;
$pagefile = ROOT . '/templates/default/' . $tpl . 'admin-edit-comment.php';
include ROOT . '/templates/default/' . $tpl . 'layout.php';
$errors[] = '用户名、密码、重复密码、验证码 必填';
}
////
if (!$errors) {
$pwmd5 = md5($pw);
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
if ($options['register_review']) {
$flag = 1;
} else {
$flag = 5;
}
$DBM->query("INSERT INTO `yunbbs_users` (`id`,`name`,`flag`,`password`,`regtime`) VALUES (null,'{$name}', {$flag}, '{$pwmd5}', {$timestamp})");
$new_uid = $DBM->insert_id();
if ($new_uid == 1) {
$DBM->unbuffered_query("UPDATE `yunbbs_users` SET `flag` = '99' WHERE `id`='1'");
}
$MMC->delete('site_infos');
// 记录已注册ip
$MMC->set('regip_' . $onlineip, '1', 0, intval($options['reg_ip_space']));
//设置cookie
$db_ucode = md5($new_uid . $pwmd5 . $timestamp . '00');
$cur_uid = $new_uid;
setcookie("cur_uid", $cur_uid, $timestamp + 86400 * 365, '/');
setcookie("cur_uname", $name, $timestamp + 86400 * 365, '/');
setcookie("cur_ucode", $db_ucode, $timestamp + 86400 * 365, '/');
header('location: /');
exit;
}
}
// 页面变量
if (in_array($tid, $ids_arr)) {
foreach ($ids_arr as $k => $v) {
if ($v == $tid) {
unset($ids_arr[$k]);
break;
}
}
$articles = count($ids_arr);
$content = implode(',', $ids_arr);
$user_fav['content'] = $content;
$user_fav['articles'] = $articles;
if (!isset($DBM)) {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
}
$DBM->unbuffered_query("UPDATE `yunbbs_favorites` SET `articles`='{$articles}',`content`='{$content}' WHERE `uid`='{$cur_uid}'");
$DBM->unbuffered_query("UPDATE `yunbbs_articles` SET `favorites`=`favorites`-1 WHERE `id`='{$tid}'");
$MMC->delete('favorites_' . $cur_uid);
$MMC->delete('t-' . $tid);
$MMC->delete('t-' . $tid . '_ios');
}
unset($ids_arr);
}
}
}
}
}
// 处理正确的页数
// 第一页是1
if ($user_fav && $user_fav['articles']) {
$taltol_page = ceil($user_fav['articles'] / $options['list_shownum']);
<?php
define('IN_SAESPOT', 1);
define('ROOT', pathinfo(__FILE__, PATHINFO_DIRNAME));
include ROOT . '/config.php';
include ROOT . '/common.php';
$tid = $_GET['tid'];
$db_user = $DBS->fetch_one_array("SELECT * FROM `yunbbs_users` WHERE `id`='" . $cur_uid . "' LIMIT 1");
if ($db_user['notic']) {
$n_arr = explode(',', $db_user['notic']);
foreach ($n_arr as $k => $v) {
if ($v == $tid) {
unset($n_arr[$k]);
// 不用break 因为notice 里可能有重复id
}
}
$new_notic = implode(',', $n_arr);
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
$DBM->unbuffered_query("UPDATE `yunbbs_users` SET `notic` = '{$new_notic}' WHERE `id`='{$cur_uid}'");
$MMC->delete('u_' . $cur_uid);
unset($n_arr);
unset($new_notic);
}
header('location: /t/' . $tid);
exit;
}
if ($DBS->geterrdesc()) {
exit('指定的数据库不存在, 系统也无法自动建立, 无法安装.<br />');
} else {
$DBS->select_db($dbname);
//成功建立指定数据库
}
}
$query - $DBS->query("SELECT COUNT(*) FROM yunbbs_settings", 'SILENT');
if (!$DBS->geterrdesc()) {
header('location: /');
exit('数据已经装好了, 不能重复安装, 若要重装,先删除mysql 里全部数据。 <a href="/">现在直接进入首页</a><br />');
}
runquery($sql);
$timestamp = time();
$DBS->unbuffered_query("UPDATE yunbbs_settings SET value='{$timestamp}' WHERE title='site_create'");
$DBS->close();
// '<br /> 顺利安装完成!<br /><a href="/">点击进入首页</a>';
function runquery($sql)
{
global $dbcharset, $DBS;
$sql = str_replace("\r", "\n", $sql);
$ret = array();
$num = 0;
foreach (explode(";\n", trim($sql)) as $query) {
$queries = explode("\n", trim($query));
foreach ($queries as $query) {
$ret[$num] .= $query[0] == '#' ? '' : $query;
}
$num++;
}
}
}
if ($timestamp - $cur_user['lastposttime'] > $options['article_post_space']) {
if ($p_title) {
if (mb_strlen($p_title, 'utf-8') <= $options['article_title_max_len'] && mb_strlen($p_content, 'utf-8') <= $options['article_content_max_len']) {
$conmd5 = md5($p_title . $p_content);
if ($MMC->get('cm_' . $conmd5)) {
$tip = '请勿发布相同的内容 或 灌水';
} else {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
$p_title = htmlspecialchars($p_title);
$p_content = htmlspecialchars($p_content);
$DBM->query("INSERT INTO `yunbbs_articles` (`id`,`cid`,`uid`,`title`,`content`,`addtime`,`edittime`) VALUES (null,{$cid},{$cur_uid}, '{$p_title}', '{$p_content}', {$timestamp}, {$timestamp})");
$new_aid = $DBM->insert_id();
$DBM->unbuffered_query("UPDATE `yunbbs_categories` SET `articles`=`articles`+1 WHERE `id`='{$cid}'");
$DBM->unbuffered_query("UPDATE `yunbbs_users` SET `articles`=`articles`+1, `lastposttime`={$timestamp} WHERE `id`='{$cur_uid}'");
// 更新u_code
$cur_user['lastposttime'] = $timestamp;
//
$MMC->delete('u_' . $cur_uid);
$new_ucode = md5($cur_uid . $cur_user['password'] . $cur_user['regtime'] . $cur_user['lastposttime'] . $cur_user['lastreplytime']);
if ($cur_user['expires']) {
$cookie_ex = $cur_user['expires'];
} else {
$cookie_ex = $timestamp + 86400 * 365;
}
setcookie("cur_uid", $cur_uid, $cookie_ex, '/');
setcookie("cur_uname", $cur_uname, $cookie_ex, '/');
setcookie("cur_ucode", $new_ucode, $cookie_ex, '/');
// del cache
} else {
$tip3 = '新密码、重复新密码不一致';
}
} else {
$tip3 = '请填写完整,当前密码、新密码、重复新密码';
}
} else {
if ($action == 'setpw') {
$password_new = addslashes(trim($_POST['password_new']));
$password_again = addslashes(trim($_POST['password_again']));
if ($password_new && $password_again) {
if ($password_new == $password_again) {
$new_md5pw = md5($password_new);
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
if ($DBM->unbuffered_query("UPDATE `yunbbs_users` SET `password`='{$new_md5pw}' WHERE `id`='{$cur_uid}'")) {
//更新缓存和cookie
$cur_user['password'] = $new_md5pw;
$MMC->set('u_' . $cur_uid, $cur_user, 0, 600);
$new_ucode = md5($cur_uid . $new_md5pw . $cur_user['regtime'] . $cur_user['lastposttime'] . $cur_user['lastreplytime']);
if ($cur_user['expires']) {
$cookie_ex = $cur_user['expires'];
} else {
$cookie_ex = $timestamp + 86400 * 365;
}
setcookie("cur_uid", $cur_uid, $cookie_ex, '/');
setcookie("cur_uname", $cur_uname, $cookie_ex, '/');
setcookie("cur_ucode", $new_ucode, $cookie_ex, '/');
$tip3 = '登录密码已成功设置,请记住登录密码';
} else {
$tip3 = '数据保存失败,请稍后再试';
ob_start();
imagejpeg($new_image, NULL, 95);
$out_img = ob_get_contents();
ob_end_clean();
//header("Content-type:image/jpeg");
//echo $out_img;
// 上传到又拍云
include ROOT . '/upyun.class.php';
$upyun = new UpYun($options['upyun_avatar_domain'], $options['upyun_user'], $options['upyun_pw']);
// 本地调试失败
if ($upyun->writeFile('/' . $cur_uid . '.jpg', $out_img)) {
if (!isset($DBM)) {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
}
if ($DBM->unbuffered_query("UPDATE `yunbbs_users` SET `avatar`='{$cur_uid}' WHERE `id`='{$cur_uid}'")) {
$MMC->delete('u_' . $cur_uid);
}
}
unset($out_img);
}
}
header('location: /');
exit;
}
/////
// 页面变量
$title = '设置名字';
$logintype = "微博";
$pagefile = ROOT . '/templates/default/' . $tpl . 'qqsetname.php';
include ROOT . '/templates/default/' . $tpl . 'layout.php';
$ext_list = str_replace("、", ",", $ext_list);
$ext_list_arr = explode(",", $ext_list);
$ext_list_arr = array_filter(array_unique($ext_list_arr));
if ($ext_list_arr) {
$_POST['ext_list'] = implode(",", $ext_list_arr);
} else {
$_POST['ext_list'] = '';
}
}
$changed = 0;
foreach ($options as $k => $v) {
if ($k != 'site_create') {
// 使用反斜线引用字符串
$newv = addslashes(trim($_POST[$k]));
if (str_replace('\\', '', $newv) != $v) {
$DBM->unbuffered_query("UPDATE `yunbbs_settings` SET `value`='{$newv}' WHERE `title`='{$k}'");
$changed += 1;
// 更新原数据 去掉反斜线
$options[$k] = str_replace('\\', '', $newv);
}
}
}
if ($changed) {
$MMC->delete('options');
$MMC->delete('regip_' . $onlineip);
$tip1 = '已成功更改了 ' . $changed . ' 个设置';
}
} else {
if ($action == 'flushmc') {
$MMC->flush();
$tip2 = '缓存已清空';
if (!$db_openid['name'] && strpos(' ' . $_SESSION["scope"], 'get_info')) {
$user_info = get_info();
if ($user_info['data']['name']) {
$oid = $db_openid['id'];
$name = $user_info['data']['name'];
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
$DBM->unbuffered_query("UPDATE `yunbbs_qqweibo` SET `name` = '{$name}' WHERE `id`='{$oid}'");
}
}
// 更新token 和 expires
if (!isset($DBM)) {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
}
$DBM->unbuffered_query("UPDATE `yunbbs_qqweibo` SET `token` = '" . $cb["access_token"] . "',`expires` = '{$expires}' WHERE `id`='" . $db_openid['id'] . "'");
// 直接登录
$cur_uid = $db_openid['uid'];
$db_user = $DBS->fetch_one_array("SELECT * FROM `yunbbs_users` WHERE `id`='" . $cur_uid . "' LIMIT 1");
if ($db_user) {
$db_ucode = md5($db_user['id'] . $db_user['password'] . $db_user['regtime'] . $db_user['lastposttime'] . $db_user['lastreplytime']);
//设置缓存和cookie
$u_key = 'u_' . $cur_uid;
$MMC->set($u_key, $db_user, 0, 600);
setcookie('cur_uid', $cur_uid, $expires, '/');
setcookie('cur_uname', $db_user['name'], $expires, '/');
setcookie('cur_ucode', $db_ucode, $expires, '/');
//$cur_user = $db_user;
if ($expires > $db_user["expires"]) {
$DBM->unbuffered_query("UPDATE `yunbbs_users` SET `expires` = '{$expires}' WHERE `id`='" . $cur_uid . "'");
}
$MMC->delete('site_links');
$l_obj['name'] = $n_name;
$l_obj['url'] = $n_url;
$tip2 = '已成功保存';
} else {
$tip2 = '数据库更新失败,修改尚未保存,请稍后再试';
}
} else {
$tip2 = '链接名 和 网址 不能留空';
}
}
}
} else {
if ($act == 'del') {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
$DBM->unbuffered_query("DELETE FROM `yunbbs_links` WHERE `id`='{$lid}'");
$MMC->delete('site_links');
}
}
// 获取链接列表
$query_sql = "SELECT * FROM `yunbbs_links`";
$query = $DBS->query($query_sql);
$linkdb = array();
while ($link = $DBS->fetch_array($query)) {
$linkdb[] = $link;
}
// 页面变量
$title = '链接管理';
$pagefile = ROOT . '/templates/default/' . $tpl . 'admin-link.php';
include ROOT . '/templates/default/' . $tpl . 'layout.php';
unset($node);
$DBS->free_result($query);
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$old_cid = $t_obj['cid'];
$p_cid = $_POST['select_cid'];
$p_title = addslashes(trim($_POST['title']));
$p_content = addslashes(trim($_POST['content']));
$p_closecomment = intval($_POST['closecomment']);
$p_visible = intval($_POST['visible']);
if ($p_title) {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
$p_title = htmlspecialchars($p_title);
$p_content = htmlspecialchars($p_content);
$DBM->unbuffered_query("UPDATE `yunbbs_articles` SET `cid`='{$p_cid}',`title`='{$p_title}',`content`='{$p_content}',`closecomment`='{$p_closecomment}',`visible`='{$p_visible}' WHERE `id`='{$tid}'");
$MMC->delete('t-' . $tid);
$MMC->delete('t-' . $tid . '_ios');
if ($p_cid != $old_cid) {
$DBM->unbuffered_query("UPDATE `yunbbs_categories` SET `articles`=`articles`+1 WHERE `id`='{$p_cid}'");
$DBM->unbuffered_query("UPDATE `yunbbs_categories` SET `articles`=`articles`-1 WHERE `id`='{$old_cid}'");
}
header('location: /t/' . $tid);
exit;
} else {
$tip = '标题 不能留空';
}
} else {
$p_title = $t_obj['title'];
$p_content = $t_obj['content'];
$tip = '';
define('IN_SAESPOT', 1);
define('ROOT', pathinfo(__FILE__, PATHINFO_DIRNAME));
include ROOT . '/config.php';
include ROOT . '/common.php';
if (!$cur_user || $cur_user['flag'] < 99) {
exit('error: 403 Access Denied');
}
$tip1 = '';
$tip2 = '';
$act = trim($_GET['act']);
$mid = intval(trim($_GET['mid']));
if ($act == 'pass' || $act == 'active') {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
if ($DBM->unbuffered_query("UPDATE `yunbbs_users` SET `flag`=5 WHERE `id`='{$mid}'")) {
//更新缓存
$MMC->delete('u_' . $mid);
if ($act == 'pass') {
$tip1 = '已成功操作';
$MMC->delete('flag1_users');
} else {
$tip2 = '已成功操作';
$MMC->delete('flag0_users');
}
} else {
if ($act == 'pass') {
$tip1 = '数据库更新失败,修改尚未保存,请稍后再试';
} else {
$tip2 = '数据库更新失败,修改尚未保存,请稍后再试';
}
}
$m_obj['regtime'] = showtime($m_obj['regtime']);
$tip1 = '';
$tip2 = '';
$tip3 = '';
$tip4 = '';
$av_time = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$action = $_POST['action'];
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
if ($action == 'info') {
$email = addslashes(filter_chr(trim($_POST['email'])));
$url = char_cv(filter_chr(trim($_POST['url'])));
$about = addslashes(trim($_POST['about']));
if ($DBM->unbuffered_query("UPDATE `yunbbs_users` SET `email`='{$email}', `url`='{$url}', `about`='{$about}' WHERE `id`='{$mid}'")) {
//更新缓存
$m_obj['email'] = $email;
$m_obj['url'] = $url;
$m_obj['about'] = $about;
$MMC->delete('u_' . $mid);
$tip1 = '已成功保存';
} else {
$tip1 = '数据库更新失败,修改尚未保存,请稍后再试';
}
} else {
if ($action == 'avatar') {
if ($_FILES['avatar']['size'] && $_FILES['avatar']['size'] < 301000) {
$img_info = getimagesize($_FILES['avatar']['tmp_name']);
if ($img_info) {
//创建源图片
$query = $DB->query("SELECT cid, name, displayorder FROM {$db_prefix}categories");
while ($cate = $DB->fetch_array($query)) {
$DB->query("INSERT INTO {$db_prefix}metas (name, type, displayorder) VALUES ('" . addslashes($cate['name']) . "', 'category', '" . addslashes($cate['displayorder']) . "')");
$mid = $DB->insert_id();
$articles = $DB->query("SELECT articleid, visible FROM {$db_prefix}articles WHERE cid='" . $cate['cid'] . "'");
while ($article = $DB->fetch_array($articles)) {
$r = $DB->fetch_one_array("SELECT cid FROM {$db_prefix}relationships WHERE mid='{$mid}' LIMIT 1");
if (!$r) {
$DB->query("INSERT INTO {$db_prefix}relationships (cid,mid) VALUES ('" . $article['articleid'] . "', '{$mid}')");
} else {
if ($article['articleid'] != $r['cid']) {
$DB->query("INSERT INTO {$db_prefix}relationships (cid,mid) VALUES ('" . $article['articleid'] . "', '{$mid}')");
}
}
if ($article['visible']) {
$DB->unbuffered_query("UPDATE {$db_prefix}metas SET count=count+1 WHERE mid='{$mid}' AND type='category'");
}
}
}
echo '<div class="install_main">';
echo '<p class="p2">成功重建所有分类数据</p><p class="p2"><a href="' . $php_self . '?action=second">程序将自动跳转.如果没有自动跳转,请点击这里.</a></p>';
echo '<meta HTTP-EQUIV="REFRESH" content="2;URL=' . $php_self . '?action=second">';
echo '</div></body></html>';
exit;
} elseif ($action == 'second') {
$query = $DB->query("SELECT articleid, cid, keywords, visible FROM {$db_prefix}articles LIMIT {$start}, {$percount}");
while ($article = $DB->fetch_array($query)) {
$goon = 1;
//关联标签
if ($article['keywords']) {
$tagdb = explode(',', $article['keywords']);
if ($mingci) {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
foreach ($mingci as $tag) {
$tag_obj = $DBS->fetch_one_array("SELECT `id`,`articles`,`ids` FROM `yunbbs_tags` WHERE `name`='{$tag}'");
if (empty($tag_obj)) {
$DBM->query("INSERT INTO `yunbbs_tags` (`id`,`name`,`articles`,`ids`) VALUES (null,'{$tag}', '1', '{$tid}')");
} else {
if ($tag_obj['ids']) {
if (!strpos(' ,' . $tag_obj['ids'] . ',', ',' . $tid . ',')) {
$ids = $tid . ',' . $tag_obj['ids'];
}
} else {
$ids = $tid;
}
if (isset($ids)) {
$DBM->unbuffered_query("UPDATE `yunbbs_tags` SET `articles`=`articles`+1, `ids`='{$ids}' WHERE `name`='{$tag}'");
}
}
}
//
$tags = implode(",", $mingci);
$DBM->unbuffered_query("UPDATE `yunbbs_articles` SET `tags`='{$tags}' WHERE `id`='{$tid}'");
}
echo 'set tags done: ' . $tid;
$MMC->set('last_topicid', $tid + 1, 0, 600);
}
} else {
exit('tags exist.');
}
}
$MMC->delete('bot_nodes');
$MMC->delete('site_infos');
$tip1 = '已成功添加';
} else {
$tip1 = '数据库更新失败,修改尚未保存,请稍后再试';
}
}
} else {
$tip1 = '分类名不能留空';
}
} else {
if ($action == 'edit') {
$n_name = trim($_POST['name']);
$n_about = trim($_POST['about']);
if ($n_name) {
if ($DBM->unbuffered_query("UPDATE `yunbbs_categories` SET `name`='{$n_name}',`about`='{$n_about}' WHERE `id`='{$nid}'")) {
//更新缓存
$MMC->delete('newest_nodes');
$MMC->delete('bot_nodes');
$MMC->delete('n-' . $nid);
$c_obj['name'] = $n_name;
$c_obj['about'] = $n_about;
$tip2 = '已成功保存';
} else {
$tip2 = '数据库更新失败,修改尚未保存,请稍后再试';
}
} else {
$tip2 = '分类名不能留空';
}
}
}
if ($db_openid["expires"] > $timestamp) {
include 'saetv2.ex.class.php';
$c = new SaeTClientV2($options['wb_key'], $options['wb_secret'], $db_openid["token"]);
$ret = $c->update($options['name'] . ' - ' . $msg . ' ' . $url);
//$retarr = json_decode($ret, true);
if (isset($ret['error_code']) && $ret['error_code'] > 0) {
//echo "<p>发送失败,错误:{$ret['error_code']}:{$ret['error']}</p>";
if (in_array($ret['error_code'], array(21315, 21319, 21327))) {
// 重新走登录流程
if (!isset($DBM)) {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
}
$DBM->unbuffered_query("UPDATE `yunbbs_users` SET `expires` = '0' WHERE `id`='" . $uid . "'");
}
} else {
//echo "<p>发送成功</p>";
}
} else {
$expnum += 1;
}
}
//
if ($expnum == 2) {
if (!isset($DBM)) {
$DBM = new DB_MySQL();
$DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname);
}
$DBM->unbuffered_query("UPDATE `yunbbs_users` SET `expires` = '0' WHERE `id`='" . $uid . "'");
}
}
