html_init("gb2312");
html_error_quit("guest 没有Blog!");
exit;
} else {
$link = pc_db_connect();
$pc = pc_load_infor($link, $currentuser["userid"]);
if (!$pc || !pc_is_admin($currentuser, $pc)) {
pc_db_close($link);
html_error_quit("对不起,您要查看的Blog不存在");
exit;
}
pc_html_init("gb2312", $pc["NAME"]);
$buserid = $_GET["userid"];
if ($_GET["act"] == "add" && $buserid) {
$lookupuser = array();
if (bbs_getuser($buserid, $lookupuser) == 0) {
echo "<script language=\"javascript\">用户" . $buserid . "不存在!</script>";
} else {
$buserid = $lookupuser["userid"];
if (!pc_in_blacklist($link, $buserid, $pc["UID"])) {
pc_add_blacklist($link, $buserid, $pc["UID"]);
}
}
}
if ($_GET["act"] == "del" && $buserid) {
pc_del_blacklist($link, $buserid, $pc["UID"]);
}
$query = "SELECT * FROM blacklist WHERE uid = " . $pc[UID] . ";";
$result = mysql_query($query, $link);
$num = mysql_num_rows($result);
?>
}
if ($start <= 0) {
$start = $gid;
}
$board = $_GET["board"];
$brdarr = array();
$bid = bbs_getboard($board, $brdarr);
if ($bid == 0) {
html_error_quit("错误的讨论区");
}
$board = $brdarr["NAME"];
$board_desc = $brdarr["DESC"];
$brd_encode = urlencode($board);
//$isnormalboard = bbs_normalboard($board);
$lookupuser = array();
$guestUID = bbs_getuser("guest", $lookupuser);
$isnormalboard = bbs_checkreadperm($guestUID, $bid);
//bbs_set_onboard($bid,1);
$usernum = $currentuser["index"];
if (!$isnormalboard && bbs_checkreadperm($usernum, $bid) == 0) {
html_error_quit("错误的讨论区");
}
$haveprev = 0;
$num = bbs_get_threads_from_gid($bid, $gid, $start, $articles, $haveprev);
if ($num == 0) {
html_error_quit("错误的参数");
}
$pagesize = 20;
$totalpage = ($num - 1) / $pagesize + 1;
$totalpage = intval($totalpage);
if ($pno < 1 || $pno > $totalpage) {
<?php
require "www2-funcs.php";
login_init();
bbs_session_modify_user_mode(BBS_MODE_QUERY);
if (isset($_GET["userid"])) {
$userid = trim($_GET["userid"]);
$lookupuser = array();
if ($userid == "" || bbs_getuser($userid, $lookupuser) == 0) {
html_error_quit("该用户不存在");
}
$usermodestr = bbs_getusermode($userid);
page_header($lookupuser["userid"], "<a href='bbsqry.php'>查询网友</a>");
?>
<div class="main smaller">
<pre>
<?php
echo $lookupuser["userid"];
?>
(<?php
echo htmlspecialchars($lookupuser["username"]);
?>
) 共上站 <?php
echo $lookupuser["numlogins"];
?>
次,发表过 <?php
echo $lookupuser["numposts"];
?>
篇文章
上次在 [<?php
echo date("D M j H:i:s Y", $lookupuser["lastlogin"]);
function add_friend($pc)
{
$id = $_GET["id"];
$lookupuser = array();
if ($friendid = pc_is_friend($id, $pc["USER"])) {
return $friendid . "已在好友列表中!";
} elseif ($id == "" || bbs_getuser($id, $lookupuser) == 0) {
return "用户 " . $id . " 不存在!";
} else {
$id = $lookupuser["userid"];
pc_add_friend($id, $pc["USER"]);
}
if (pc_is_groupwork($pc)) {
pc_group_logs($link, $pc, "ADD FRIEND: " . $id);
}
}
<?php
include "funcs.php";
$requesttext = int_getreq();
$request = json_decode($requesttext);
set_fromhost();
if (bbs_check_ban_ip($request->userid, $fromhost) != 0) {
ie("ip denied.");
}
if ($request->userid == "guest" || bbs_checkpasswd($request->userid, $request->passwd) != 0) {
ie("invalid user.");
}
$bid = $request->bid;
$userec = array();
bbs_getuser($request->userid, $userec);
$uid = $userec["index"];
$bname = bbs_getbname($bid);
if ($bname == "") {
ie("board not found.");
}
if (!bbs_checkreadperm($uid, $bid)) {
ie("permission denied.");
}
$barr = array();
bbs_getboard($bname, $barr);
if (bbs_is_readonly_board($barr)) {
ie("board is readonly.");
}
if (!bbs_checkpostperm($uid, $bid)) {
ie("post is denied.");
}
}
$destuserid = $article["OWNER"];
$file = $article["FILENAME"];
} else {
if (isset($_GET["file"])) {
$file = $_GET["file"];
}
if (isset($file) && ($file[0] != 'M' || strstr($file, ".."))) {
html_error_quit("错误的文章..");
}
$title = isset($_GET["title"]) ? $_GET["title"] . ' ' : '';
$destuserid = isset($_GET["userid"]) ? $_GET["userid"] : '';
}
if ($destuserid) {
$lookupuser = array();
if (!bbs_getuser($destuserid, $lookupuser)) {
html_error_quit("错误的收件人ID");
}
if (isset($board) && !bbs_sufficient_score_to_sendmail($lookupuser["userid"])) {
html_error_quit("您积分不足,不能给 " . $lookupuser["userid"] . " 发信!");
}
}
//system mailboxs
$mail_box = array(".DIR", ".SENT", ".DELETED");
$mail_boxtitle = array("收件箱", "发件箱", "垃圾箱");
//custom mailboxs
$mail_cusbox = bbs_loadmaillist($currentuser["userid"]);
$i = 2;
if ($mail_cusbox != -1) {
foreach ($mail_cusbox as $mailbox) {
$i++;
$dirfile = @$_POST["dir"];
if (strstr($dirfile, '..')) {
die;
}
$maildir = bbs_setmailfile($currentuser["userid"], $dirfile);
$num = @intval($_POST["num"]);
if (!bbs_can_send_mail($mailfile ? 1 : 0)) {
html_error_quit("您不能发送信件");
}
if ($mailfile == "") {
$incept = trim(@$_POST['userid']);
if (!$incept) {
html_error_quit("请输入收件人ID");
}
$lookupuser = array();
if (!bbs_getuser($incept, $lookupuser)) {
html_error_quit("错误的收件人ID");
}
$incept = $lookupuser['userid'];
if (!strcasecmp($incept, 'guest')) {
html_error_quit("不能发信给guest");
}
if (!bbs_sufficient_score_to_sendmail($incept)) {
html_error_quit("您积分不足,不能给 " . $incept . " 发信!");
}
}
$title = trim(@$_POST["title"]);
if (!$title) {
$title = '无主题';
}
$sig = intval(@$_POST['signature']);
function pc_del_member($link, $pc, $userid)
{
global $currentuser;
if (!$pc || !is_array($pc)) {
return FALSE;
}
if (!pc_is_groupwork($pc)) {
return FALSE;
}
$query = "DELETE FROM members WHERE uid = '" . $pc["UID"] . "' AND username = '******' LIMIT 1;";
if (!mysql_query($query, $link)) {
return FALSE;
}
$action = "DEL MEMBER: " . $userid;
if (!pc_group_logs($link, $pc, $action)) {
exit("群体BLOG LOG错误");
}
$title = $userid . " 由 " . $currentuser["userid"] . " 取消 " . $pc["USER"] . " 群体BLOG的权利";
$content = " 欢迎下次再来 ";
// post announcement
//bbs_postarticle($pcconfig["APPBOARD"], preg_replace("/\\\(['|\"|\\\])/","$1",$title), preg_replace("/\\\(['|\"|\\\])/","$1",$content), 0 , 0 , 0 , 0);
// post mail
$lookupuser = array();
if (bbs_getuser($userid, $lookupuser) != 0) {
$userid = $lookupuser["userid"];
bbs_postmail($userid, preg_replace("/\\\\(['|\"|\\\\])/", "\$1", $title), preg_replace("/\\\\(['|\"|\\\\])/", "\$1", $content), 0, 0);
}
return TRUE;
}
function atomic_mailpost()
{
global $currentuser;
atomic_mail_header();
if (!bbs_can_send_mail()) {
atomic_error("您不能发送信件");
}
$num = isset($_GET["num"]) ? @intval($_GET["num"]) : 0;
$mail_fullpath = bbs_setmailfile($currentuser["userid"], ".DIR");
if ($num > 0) {
$articles = array();
if (bbs_get_records_from_num($mail_fullpath, $num - 1, $articles)) {
$title = $articles[0]["TITLE"];
$receiver = $articles[0]["OWNER"];
$shortfilename = $articles[0]["FILENAME"];
$filename = bbs_setmailfile($currentuser["userid"], $shortfilename);
} else {
atomic_error("错误的参数");
}
}
if (isset($_GET["post"])) {
$title = atomic_get_input(trim(@$_POST["title"]));
if (!$title) {
$title = '无主题';
}
$content = atomic_get_input(@$_POST["text"]);
$sig = $currentuser["signature"];
$backup = bbs_is_save2sent() != 0;
if ($num > 0) {
$ret = bbs_postmail($mail_fullpath, $shortfilename, $num - 1, $title, $content, $sig, $backup);
} else {
$incept = trim(@$_POST['userid']);
if (!$incept) {
atomic_error("请输入收件人ID");
}
$lookupuser = array();
if (!bbs_getuser($incept, $lookupuser)) {
atomic_error("错误的收件人ID");
}
$incept = $lookupuser['userid'];
if (!strcasecmp($incept, 'guest')) {
atomic_error("不能发信给guest");
}
if (!bbs_sufficient_score_to_sendmail($incept)) {
atomic_error("积分不足,不能发信给" . $incept);
}
$ret = bbs_postmail($incept, $title, $content, $sig, $backup);
}
if ($ret < 0) {
switch ($ret) {
case -1:
case -2:
atomic_error("无法创建文件");
break;
case -3:
atomic_error($incept . " 拒收您的邮件");
break;
case -4:
atomic_error($incept . " 的信箱已满");
break;
case -5:
atomic_error("两次发文/信间隔过密,请休息几秒再试!");
break;
case -6:
atomic_error("添加邮件列表出错");
break;
case -7:
atomic_error("邮件发送成功,但未能保存到发件箱");
break;
case -8:
atomic_error("找不到所回复的原信。");
break;
case -100:
atomic_error("错误的收件人ID");
break;
default:
atomic_error("系统错误,请联系管理员");
}
}
if ($num > 0) {
$url = "?act=mailread&num=" . $num;
echo "发送成功!本页面将在3秒后自动返回<a href='{$url}'>原信件</a><meta http-equiv='refresh' content='3; url=" . $url . "'/>";
} else {
$url = "?act=mail";
echo "发送成功!本页面将在3秒后自动返回<a href='{$url}'>信件列表</a><meta http-equiv='refresh' content='3; url=" . $url . "'/>";
}
atomic_footer();
return;
}
if ($num > 0) {
if (!strncmp($title, "Re: ", 4)) {
$nowtitle = $title;
} else {
$nowtitle = "Re: " . $title;
}
} else {
$nowtitle = "";
}
$html = "<form action='?act=mailpost&num=" . $num . "&post=1' method='post'>";
$html .= '标题: <input type="text" name="title" size="40" maxlength="100" value="' . ($nowtitle ? htmlspecialchars($nowtitle, ENT_QUOTES) . " " : "") . '"/><br/>';
if ($num > 0) {
$html .= "收件人: " . $receiver . "<br/>";
} else {
$html .= '收件人: <input type="text" name="userid"/><br/>';
}
$html .= '<textarea name="text" rows="20" cols="80" wrap="physical">';
if ($num > 0) {
$html .= "\n\n【 在 " . $receiver . " 的来信中提到: 】\n";
$fp = fopen($filename, "r");
if ($fp) {
$lines = 0;
for ($i = 0; $i < 4; $i++) {
if (($buf = fgets($fp, 500)) == FALSE) {
break;
}
}
while (1) {
if (($buf = fgets($fp, 500)) == FALSE) {
break;
}
if (strncmp($buf, ": 【", 4) == 0) {
continue;
}
if (strncmp($buf, ": : ", 4) == 0) {
continue;
}
if (strncmp($buf, "--\n", 3) == 0) {
break;
}
if (strncmp($buf, '\\n', 1) == 0) {
continue;
}
if (++$lines > 10) {
$html .= ": ...................\n";
break;
}
$html .= ": " . htmlspecialchars($buf);
}
fclose($fp);
}
}
$html .= '</textarea><br/><input type="submit" value="发送" /></form>';
echo $html;
atomic_footer();
}
function pc_add_users($link, $userid, $corpusname, $manual, $blogtype = "", $groupmanager = "")
{
global $pcconfig, $currentuser, $bbsman_modes;
if (!$userid || !$corpusname) {
return -1;
}
if (!$blogtype) {
$blogtype = "normal";
}
if ($blogtype == "normal") {
$lookupuser = array();
if (bbs_getuser($userid, $lookupuser) == 0) {
return -2;
}
$userid = $lookupuser["userid"];
} else {
if (!$pcconfig["TYPES"][$blogtype]) {
return -3;
}
$userid = $pcconfig["TYPES"][$blogtype] . '.' . $userid;
if (!$groupmanager) {
return -4;
}
$lookupuser = array();
if (bbs_getuser($groupmanager, $lookupuser) == 0) {
return -4;
}
$groupmanager = $lookupuser["userid"];
}
//更新申请表
if ($manual) {
$query = "INSERT INTO `newapply` ( `naid` , `username` , `appname` , `appself` , `appdirect` , `hostname` , `apptime` , `manager` , `management` ) " . "VALUES ('', '" . addslashes($userid) . "', '" . addslashes($corpusname) . "', '', '', '" . addslashes($_SERVER["REMOTE_ADDR"]) . "', NOW( ) , '" . addslashes($currentuser["userid"]) . "' , '0');";
} else {
$query = "UPDATE newapply SET apptime = apptime ,manager = '" . addslashes($currentuser["userid"]) . "',management = '0' WHERE username = '******'";
}
// ORDER BY naid DESC LIMIT 1 ;";
if (!mysql_query($query, $link)) {
$errstr = "MySQL Error: " . mysql_error($link);
pc_db_close($link);
exit($errstr);
}
if (pc_load_infor($link, $userid)) {
return -5;
}
if ($manual) {
$query = "SELECT username FROM newapply WHERE management != 1 AND management != 3 AND management != 0 AND username = '******' LIMIT 0 , 1;";
$result = mysql_query($query, $link);
if ($rows = mysql_fetch_array($result)) {
return -6;
}
}
//分配个人空间
if ($pcconfig["USERFILES"]) {
$userfile_limit = $pcconfig["USERFILESLIMIT"];
$userfile_num_limit = $pcconfig["USERFILESNUMLIMIT"];
} else {
$userfile_limit = $userfile_num_limit = 0;
}
//添加用户
$query = "INSERT INTO `users` ( `uid` , `username` , `corpusname` , `description` , `theme` , `nodelimit` , `dirlimit` , `createtime` , `style` , `backimage` , `visitcount` , `nodescount` , `logoimage` , `modifytime` , `links` , `htmleditor` , `indexnodechars` , `indexnodes` , `useremail` , `favmode` , `updatetime` , `userinfor` , `pctype` ,`defaulttopic`,`userfile`,`filelimit`) " . "VALUES ('', '" . addslashes($userid) . "', '" . addslashes($corpusname) . "', '" . addslashes($corpusname) . "' , 'others', '300', '300', NOW( ) , '0', '' , '0', '0', '' , NOW( ) , '', '1', '600', '5', '', '0', NOW( ) , '' , '0' , '其他类别' , '" . $userfile_limit . "','" . $userfile_num_limit . "');";
if (!mysql_query($query, $link)) {
$errstr = "MySQL Error: " . mysql_error($link);
pc_db_close($link);
exit($errstr);
}
//log一下
if ($blogtype != "normal") {
$action = $groupmanager . " 申请建立群体Blog:" . $userid . "(www)";
pc_logs($link, $action, "", $userid);
}
$action = $currentuser["userid"] . " 通过 " . $userid . " 的BLOG申请(www)";
pc_logs($link, $action, "", $userid);
//发布公告
if ($blogtype == "normal") {
bbs_user_setflag($userid, BBS_PCORP_FLAG, 1);
$annTitle = "[公告] 批准 " . $userid . " 的 Blog 申请";
$annBody = "\n\n 根据用户 " . $userid . " 申请,经审核、讨论后决定开通该用户\n" . " Blog ,Blog 名称“" . $corpusname . "”。\n\n" . " Blog 大部分功能提供在web 模式下,Blog 名称、描述、\n" . " 分类等属性请用户在web 登录后自行修改。\n\n";
} else {
$annTitle = "[公告] 开设 " . $userid . " 群体Blog";
$annBody = "\n\n 根据用户 " . $groupmanager . " 申请,经审核、讨论后决定开设\n" . " " . $userid . " 群体Blog,Blog 名称“" . $corpusname . "”。\n\n" . " Blog 大部分功能提供在web 模式下,Blog 名称、描述、\n" . " 分类等属性请群体Blog管理员在web 登录后自行修改。\n\n";
}
$ret = bbs_postarticle($pcconfig["APPBOARD"], preg_replace("/\\\\(['|\"|\\\\])/", "\$1", $annTitle), preg_replace("/\\\\(['|\"|\\\\])/", "\$1", $annBody), 0, 0, 0, 0);
if ($ret != 0) {
return -7;
}
//发信件给用户
$ret = bbs_postmail($blogtype == "normal" ? $userid : $groupmanager, preg_replace("/\\\\(['|\"|\\\\])/", "\$1", $annTitle), preg_replace("/\\\\(['|\"|\\\\])/", "\$1", $annBody), 0, 0);
if ($ret < 0) {
return -8;
}
//标记公告
//bbs_bmmanage($pcconfig["APPBOARD"],$ret,$bbsman_modes["MARK"],0);
if ($manual && $blogtype != "normal") {
$pcc = pc_load_infor($link, $userid);
if (!$pcc) {
return -9;
}
pc_convertto_group($link, $pcc);
pc_add_member($link, $pcc, $groupmanager);
}
return 0;
}
/**
*
* construct function, initialize all information
* usage: $foo = class Favorite (string userId);
*
* @parm string $userId: whose favorite information
* @return true on success
* false if some error occur
* @access public
*
*/
function Favorite($userId)
{
$this->userInfo = array();
if (!bbs_getuser($userId, $this->userInfo)) {
$this->err = sprintf('User %s is NOT exist!', $userId);
return false;
}
$this->userId = $this->userInfo['userid'];
$this->file = $this->_get_file();
return $this->_init();
}
public function getRecord($start, $num)
{
$users = array();
$ret = bbs_getonline_user_list($start, $num);
if ($ret == 0) {
return array();
}
foreach ($ret as $v) {
$info = array();
if (bbs_getuser($v['userid'], $info) == 0) {
throw new UserNullException();
}
$users[] = new User($info, $v);
}
return $users;
}
<?php
// this script deals with inter-site post cross.
require "www2-funcs.php";
require "www2-board.php";
if ($_SERVER["REMOTE_ADDR"] != "127.0.0.1") {
exit;
}
$rpid = $_POST["rpid"];
if ($rpid == "") {
exit;
}
// check user exists
$userid = $_POST["user"];
$uarr = array();
if ($userid == "" || bbs_getuser($userid, $uarr) == 0) {
print "用户 {$userid} 不存在。";
exit;
}
$uid = $uarr["index"];
// check board exists
$bname = $_POST["board"];
$barr = array();
$bid = bbs_getboard($bname, $barr);
if ($bid == 0) {
print "版面 {$bname} 不存在。";
exit;
}
$bname = $barr["NAME"];
// check if can post
if (bbs_checkreadperm($uid, $bid) == 0) {
assert_login();
$fname = bbs_sethomefile($currentuser["userid"], "ignores");
if (isset($_POST["badlist"])) {
$empty = "";
for ($i = 0; $i < BBS_IDLEN; $i++) {
$empty .= "";
}
$badlist = explode("\n", $_POST["badlist"]);
$count = count($badlist);
$badstr = "";
$user = array();
$reallist = array();
$rid = 0;
for ($i = 0; $i < $count; $i++) {
$userid = trim($badlist[$i]);
if (bbs_getuser($userid, $user)) {
if ($currentuser["userid"] == $user["userid"]) {
break;
}
$repeat = 0;
for ($j = 0; $j < $rid; $j++) {
if ($reallist[$j] == $user["userid"]) {
$repeat = 1;
break;
}
}
if (!$repeat) {
$badstr .= substr($user["userid"] . $empty, 0, BBS_IDLEN + 1);
$reallist[$rid] = $user["userid"];
$rid++;
}
/**
* function getOnlineFriends get my online friends
* online friends has more info
*
* @return array the element is User
* @access public
*/
public function getOnlineFriends()
{
$friends = array();
$ret = bbs_getonlinefriends();
if ($ret == 0) {
return array();
}
foreach ($ret as $v) {
$info = array();
if (bbs_getuser($v['userid'], $info) == 0) {
throw new UserNullException();
}
$friends[] = new User($info, $v);
}
return $friends;
}
