function AddGbook($add)
{
global $empire, $dbtbpre, $level_r, $public_r;
//验证IP
eCheckAccessDoIp('gbook');
CheckCanPostUrl();
//验证来源
$bid = (int) getcvar('gbookbid');
if (empty($bid)) {
$bid = intval($add[bid]);
}
$name = RepPostStr(trim($add[name]));
$email = RepPostStr($add[email]);
$call = RepPostStr($add[call]);
$lytext = RepPostStr($add[lytext]);
if (empty($bid) || empty($name) || empty($email) || !trim($lytext)) {
printerror("EmptyGbookname", "history.go(-1)", 1);
}
if (!chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
//验证码
$keyvname = 'checkgbookkey';
if ($public_r['gbkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$lasttime = getcvar('lastgbooktime');
if ($lasttime) {
if (time() - $lasttime < $public_r['regbooktime']) {
printerror("GbOutTime", "", 1);
}
}
//版面是否存在
$br = $empire->fetch1("select bid,checked,groupid from {$dbtbpre}enewsgbookclass where bid='{$bid}';");
if (empty($br[bid])) {
printerror("EmptyGbook", "history.go(-1)", 1);
}
//权限
if ($br['groupid']) {
$user = islogin();
if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) {
printerror("HaveNotEnLevel", "history.go(-1)", 1);
}
}
$lytime = date("Y-m-d H:i:s");
$ip = egetip();
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
$sql = $empire->query("insert into {$dbtbpre}enewsgbook(name,email,`call`,lytime,lytext,retext,bid,ip,checked,userid,username) values('{$name}','{$email}','{$call}','{$lytime}','{$lytext}','','{$bid}','{$ip}','{$br['checked']}','{$userid}','{$username}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
esetcookie("lastgbooktime", time(), time() + 3600 * 24);
//设置最后发表时间
$reurl = DoingReturnUrl("../tool/gbook/?bid={$bid}", $add['ecmsfrom']);
printerror("AddGbookSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function register($username, $password, $repassword, $email)
{
global $empire, $user_tablename, $public_r, $user_groupid, $user_username, $user_userid, $user_email, $user_password, $user_dopass, $user_rnd, $user_registertime, $user_register, $user_group, $user_saltnum, $user_salt, $user_seting, $forumgroupid, $registerurl, $dbtbpre, $user_regcookietime, $user_userfen, $user_checked, $level_r;
if ($public_r['register_ok']) {
printerror("CloseRegister", "history.go(-1)", 1);
}
//验证IP
eCheckAccessDoIp('register');
if (!empty($registerurl)) {
Header("Location:{$registerurl}");
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror("LoginToRegister", "history.go(-1)", 1);
}
CheckCanPostUrl();
//验证来源
$add = $_POST;
$username = trim($username);
$password = trim($password);
$username = RepPostVar($username);
$password = RepPostVar($password);
if (!$username || !$password || !$email) {
printerror("EmptyMember", "history.go(-1)", 1);
}
//验证码
$keyvname = 'checkregkey';
if ($public_r['regkey_ok']) {
ecmsCheckShowKey($keyvname, $_POST['key'], 1);
}
$user_groupid = (int) $user_groupid;
$groupid = (int) $add[groupid];
$groupid = empty($groupid) ? $user_groupid : $groupid;
CheckMemberGroupCanReg($groupid);
//IP
$regip = egetip();
//用户字数
$pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
$userlen = strlen($username);
if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
printerror("FaiUserlen", "history.go(-1)", 1);
}
//密码字数
$passlen = strlen($password);
if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
printerror("FailPasslen", "history.go(-1)", 1);
}
if ($repassword !== $password) {
printerror("NotRepassword", "history.go(-1)", 1);
}
if (!chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
if (strstr($username, "|") || strstr($username, "*")) {
printerror("NotSpeWord", "history.go(-1)", 1);
}
//同一IP注册
eCheckIpRegTime($regip, $pr['regretime']);
//保留用户
toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
$username = RepPostStr($username);
//重复用户
$num = $empire->gettotal("select count(*) as total from " . $user_tablename . " where " . $user_username . "='{$username}' limit 1");
if ($num) {
printerror("ReUsername", "history.go(-1)", 1);
}
//重复邮箱
$email = RepPostStr($email);
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . $user_tablename . " where " . $user_email . "='{$email}' limit 1");
if ($num) {
printerror("ReEmailFail", "history.go(-1)", 1);
}
}
//注册时间
if ($user_register) {
$registertime = time();
} else {
$registertime = date("Y-m-d H:i:s");
}
$birthday = $y . $m . $d;
$rnd = make_password(12);
//产生随机密码
//密码
if (empty($user_dopass)) {
$password = md5($password);
} elseif ($user_dopass == 2) {
$salt = make_password($user_saltnum);
$password = md5(md5($password) . $salt);
} elseif ($user_dopass == 3) {
$password = substr(md5($password), 8, 16);
}
//审核
$checked = ReturnGroupChecked($groupid);
if ($checked && $public_r['regacttype'] == 1) {
$checked = 0;
}
//验证附加表必填项
$fid = GetMemberFormId($groupid);
$member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
$sql = $empire->query("insert into " . $user_tablename . "(" . $user_username . "," . $user_password . "," . $user_email . "," . $user_registertime . "," . $user_group . "," . $user_rnd . "," . $user_userfen . "," . $user_checked . ") values('{$username}','{$password}','{$email}','{$registertime}','{$groupid}','{$rnd}','{$public_r['reggetfen']}','{$checked}');");
//取得userid
$userid = $empire->lastid();
//附加表
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
if (!$addr[userid]) {
$spacestyleid = ReturnGroupSpaceStyleid($groupid);
$sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}'" . $member_r[1] . ");");
}
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
//邮箱激活
if ($checked == 0 && $public_r['regacttype'] == 1) {
include '../class/qmemberfun.php';
SendActUserEmail($userid, $username, $email);
}
//审核
if ($checked == 0) {
$location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
printerror("RegisterSuccessCheck", $location, 1);
}
$logincookie = 0;
if ($user_regcookietime) {
$logincookie = time() + $user_regcookietime;
}
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $userid, $logincookie);
$set3 = esetcookie("mlgroupid", $groupid, $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
$location = $returnurl;
}
$set5 = esetcookie("returnurl", "");
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("RegisterSuccess", $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
require "../../class/connect.php";
require "../../class/db_sql.php";
require "../../class/q_functions.php";
require "../../member/class/user.php";
require "../../data/dbcache/class.php";
require "../../data/dbcache/MemberLevel.php";
require "../class/DownSysFun.php";
eCheckCloseMods('down');
//关闭模块
$link = db_connect();
$empire = new mysqlquery();
$editor = 1;
$ecmsreurl = 2;
//验证IP
eCheckAccessDoIp('downinfo');
$id = (int) $_GET['id'];
$pathid = (int) $_GET['pathid'];
$classid = (int) $_GET['classid'];
if (!$classid || empty($class_r[$classid][tbname]) || !$id) {
echo "<script>alert('此信息不存在');window.close();</script>";
exit;
}
$mid = $class_r[$classid][modid];
$tbname = $class_r[$classid][tbname];
$query = "select * from {$dbtbpre}ecms_" . $tbname . " where id='{$id}' limit 1";
$r = $empire->fetch1($query);
if (!$r['id'] || $r['classid'] != $classid) {
echo "<script>alert('此信息不存在');window.close();</script>";
exit;
}
require '../class/db_sql.php';
require '../class/functions.php';
require '../class/t_functions.php';
require LoadLang('pub/fun.php');
require '../data/dbcache/class.php';
require '../data/dbcache/MemberLevel.php';
$link = db_connect();
$empire = new mysqlquery();
$classid = (int) $_GET['classid'];
$id = (int) $_GET['id'];
$page = (int) $_GET['page'];
$page = RepPIntvar($page);
$mid = $class_r[$classid]['modid'];
$tbname = $class_r[$classid]['tbname'];
//验证IP
eCheckAccessDoIp('showinfo');
if (!$classid || !$id || !$mid || !$tbname || InfoIsInTable($tbname)) {
printerror('此信息不存在', '', 1, 0, 1);
}
$r = $empire->fetch1("select * from {$dbtbpre}ecms_" . $tbname . " where id='{$id}' limit 1");
if (!$r['id'] || $classid != $r['classid']) {
printerror('此信息不存在', '', 1, 0, 1);
}
//外部链接
if ($r['isurl']) {
$titleurl = $r['titleurl'];
Header("Location:{$titleurl}");
exit;
}
//moreport
if (Moreport_ReturnMustDt()) {
<?php
require "../class/connect.php";
require "../class/db_sql.php";
$link = db_connect();
$empire = new mysqlquery();
//关闭投稿
if ($public_r['addnews_ok']) {
printerror("CloseQAdd", "", 1);
}
//验证IP
eCheckAccessDoIp('postinfo');
$mid = (int) $_GET['mid'];
if (empty($mid)) {
printerror("ErrorUrl", "", 1);
}
$mr = $empire->fetch1("select mid,qenter,qmname from {$dbtbpre}enewsmod where mid='{$mid}'");
if (!$mr['mid'] || !$mr['qenter']) {
printerror("ErrorUrl", "", 1);
}
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
if (empty($musername)) {
$musername = "******";
}
$classjs = $public_r['newsurl'] . "d/js/js/addinfo" . $mid . ".js";
//导入模板
require ECMS_PATH . 'e/template/DoInfo/ChangeClass.php';
db_close();
$empire = null;
function register($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
//关闭注册
if ($public_r['register_ok']) {
printerror('CloseRegister', '', 1);
}
//验证时间段允许操作
eCheckTimeCloseDo('reg');
//验证IP
eCheckAccessDoIp('register');
if (!empty($ecms_config['member']['registerurl'])) {
Header("Location:" . $ecms_config['member']['registerurl']);
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror('LoginToRegister', '', 1);
}
CheckCanPostUrl();
//验证来源
$username = trim($add['username']);
$password = trim($add['password']);
$username = RepPostVar($username);
$password = RepPostVar($password);
$email = RepPostStr($add['email']);
if (!$username || !$password || !$email) {
printerror("EmptyMember", "history.go(-1)", 1);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkregkey';
if ($public_r['regkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$user_groupid = eReturnMemberDefGroupid();
$groupid = (int) $add['groupid'];
$groupid = empty($groupid) ? $user_groupid : $groupid;
CheckMemberGroupCanReg($groupid);
//IP
$regip = egetip();
$regipport = egetipport();
//用户字数
$pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
$userlen = strlen($username);
if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
printerror('FaiUserlen', '', 1);
}
//密码字数
$passlen = strlen($password);
if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
printerror('FailPasslen', '', 1);
}
if ($add['repassword'] !== $password) {
printerror('NotRepassword', '', 1);
}
if (!chemail($email)) {
printerror('EmailFail', '', 1);
}
if (strstr($username, '|') || strstr($username, '*')) {
printerror('NotSpeWord', '', 1);
}
//同一IP注册
eCheckIpRegTime($regip, $pr['regretime']);
//保留用户
toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
$username = RepPostStr($username);
//重复用户
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if ($num) {
printerror('ReUsername', '', 1);
}
//重复邮箱
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' limit 1");
if ($num) {
printerror('ReEmailFail', '', 1);
}
}
//注册时间
$lasttime = time();
$registertime = eReturnAddMemberRegtime();
$rnd = make_password(20);
//产生随机密码
$userkey = eReturnMemberUserKey();
//密码
$truepassword = $password;
$salt = eReturnMemberSalt();
$password = eDoMemberPw($password, $salt);
//审核
$checked = ReturnGroupChecked($groupid);
if ($checked && $public_r['regacttype'] == 1) {
$checked = 0;
}
//验证附加表必填项
$mr['add_filepass'] = ReturnTranFilepass();
$fid = GetMemberFormId($groupid);
$member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
$sql = $empire->query("insert into " . eReturnMemberTable() . "(" . eReturnInsertMemberF('username,password,rnd,email,registertime,groupid,userfen,userdate,money,zgroupid,havemsg,checked,salt,userkey') . ") values('{$username}','{$password}','{$rnd}','{$email}','{$registertime}','{$groupid}','{$public_r['reggetfen']}','0','0','0','0','{$checked}','{$salt}','{$userkey}');");
//取得userid
$userid = $empire->lastid();
//附加表
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
if (!$addr[userid]) {
$spacestyleid = ReturnGroupSpaceStyleid($groupid);
$sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}','{$lasttime}','{$regip}','1','{$regipport}','{$regipport}'" . $member_r[1] . ");");
}
//更新附件
UpdateTheFileOther(6, $userid, $mr['add_filepass'], 'member');
ecmsEmptyShowKey($keyvname);
//清空验证码
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($userid);
}
if ($sql) {
//邮箱激活
if ($checked == 0 && $public_r['regacttype'] == 1) {
include 'class/member_actfun.php';
SendActUserEmail($userid, $username, $email);
}
//审核
if ($checked == 0) {
$location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
printerror("RegisterSuccessCheck", $location, 1);
}
$logincookie = 0;
if ($ecms_config['member']['regcookietime']) {
$logincookie = time() + $ecms_config['member']['regcookietime'];
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $userid, $logincookie);
$set3 = esetcookie("mlgroupid", $groupid, $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($userid, $username, $rnd, $groupid, $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
$location = $returnurl;
}
$set5 = esetcookie("returnurl", "");
//易通行系统
DoEpassport('reg', $userid, $username, $truepassword, $salt, $email, $groupid, $registertime);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("RegisterSuccess", $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
<?php
require "../../class/connect.php";
require "../../class/user.php";
require "../../class/db_sql.php";
$link = db_connect();
$empire = new mysqlquery();
$editor = 1;
//关闭
if ($public_r[register_ok]) {
printerror("CloseRegister", "history.go(-1)", 1);
}
//验证IP
eCheckAccessDoIp('register');
//转向注册
if (!empty($registerurl)) {
Header("Location:{$registerurl}");
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror("LoginToRegister", "history.go(-1)", 1);
}
if (!empty($changeregisterurl) && !$_GET['groupid']) {
Header("Location:{$changeregisterurl}");
exit;
}
$groupid = (int) $_GET['groupid'];
$groupid = $groupid ? $groupid : $user_groupid;
CheckMemberGroupCanReg($groupid);
$formid = GetMemberFormId($groupid);
function GetSofturl($classid, $id, $pathid, $p, $pass, $onlinetime, $onlinepass)
{
global $empire, $dbtbpre, $public_r, $class_r, $emod_r, $level_r, $ecms_config;
//验证IP
eCheckAccessDoIp('onlineinfo');
$classid = (int) $classid;
$id = (int) $id;
$pathid = (int) $pathid;
$onlinetime = (int) $onlinetime;
$p = RepPostVar($p);
if (!$classid || empty($id) || empty($p)) {
exit;
}
$p_r = explode(":::", $p);
$userid = $p_r[0];
$rnd = $p_r[1];
//验证码
$cpass = md5(ReturnDownSysCheckIp() . "wm_chief" . $public_r[downpass] . $userid);
if ($cpass != $pass) {
exit;
}
//验证验证码
CheckOnlinePass($onlinetime, $onlinepass);
//表不存在
if (empty($class_r[$classid][tbname])) {
exit;
}
$mid = $class_r[$classid][modid];
$tbname = $class_r[$classid][tbname];
$r = $empire->fetch1("select * from {$dbtbpre}ecms_" . $tbname . " where id='{$id}' limit 1");
if (empty($r['id']) || $r['classid'] != $classid) {
exit;
}
//副表
$finfor = $empire->fetch1("select " . ReturnSqlFtextF($mid) . " from {$dbtbpre}ecms_" . $tbname . "_data_" . $r[stb] . " where id='{$r['id']}' limit 1");
$r = array_merge($r, $finfor);
//区分下载地址
$path_r = explode("\r\n", $r[onlinepath]);
if (!$path_r[$pathid]) {
exit;
}
$showdown_r = explode("::::::", $path_r[$pathid]);
$downgroup = $showdown_r[2];
//下载权限
if ($downgroup) {
$userid = (int) $userid;
$rnd = RepPostVar($rnd);
//取得会员资料
$u = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' and " . egetmf('rnd') . "='{$rnd}' limit 1");
if (empty($u['userid'])) {
exit;
}
//下载次数限制
$setuserday = "";
if ($level_r[$u['groupid']]['daydown']) {
$setuserday = DoCheckMDownNum($userid, $u['groupid'], 1);
}
if ($level_r[$downgroup][level] > $level_r[$u[groupid]][level]) {
exit;
}
//点数是否足够
$showdown_r[3] = intval($showdown_r[3]);
if ($showdown_r[3]) {
//---------是否有历史记录
$bakr = $empire->fetch1("select id,truetime from {$dbtbpre}enewsdownrecord where id='{$id}' and classid='{$classid}' and userid='{$userid}' and pathid='{$pathid}' and online=1 order by truetime desc limit 1");
if ($bakr[id] && time() - $bakr[truetime] <= $public_r[redodown] * 3600) {
} else {
//包月卡
if ($u['userdate'] - time() > 0) {
} else {
if ($showdown_r[3] > $u['userfen']) {
exit;
}
//去除点数
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('userfen') . "=" . egetmf('userfen') . "-" . $showdown_r[3] . " where " . egetmf('userid') . "='{$userid}'");
}
//备份下载记录
$utfusername = $u['username'];
BakDown($classid, $id, $pathid, $userid, $utfusername, $r[title], $showdown_r[3], 1);
}
}
//更新用户下载次数
if ($setuserday) {
$usql = $empire->query($setuserday);
}
}
//总下载数据增一
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set totaldown=totaldown+1 where id='{$id}'");
//选择播放器
$ftype = GetFiletype($showdown_r[1]);
if (strstr($ecms_config['sets']['realplayertype'], ',' . $ftype . ',')) {
Header("Content-Type: audio/x-pn-realaudio");
} else {
Header("Content-Type: video/x-ms-asf");
}
$downurl = stripSlashes($showdown_r[1]);
$downurlr = ReturnDownQzPath($downurl, $showdown_r[4]);
$downurl = $downurlr['repath'];
//防盗链
@(include ECMS_PATH . DASHBOARD . "/DownSys/class/enpath.php");
$downurl = DoEnOnlinepath($downurl);
db_close();
$empire = null;
echo $downurl;
exit;
}
function AddPl($username, $password, $nomember, $key, $saytext, $id, $classid, $repid, $add)
{
global $empire, $dbtbpre, $public_r, $class_r, $level_r;
//验证本时间允许操作
eCheckTimeCloseDo('pl');
//验证IP
eCheckAccessDoIp('pl');
$id = (int) $id;
$repid = (int) $repid;
$classid = (int) $classid;
//验证码
$keyvname = 'checkplkey';
if ($public_r['plkey_ok']) {
ecmsCheckShowKey($keyvname, $key, 1);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
$mgroupid = (int) getcvar('mlgroupid');
if ($muserid) {
$cklgr = qCheckLoginAuthstr();
if ($cklgr['islogin']) {
$username = $musername;
} else {
$muserid = 0;
}
} else {
if (empty($nomember)) {
if (!$username || !$password) {
printerror("FailPassword", "history.go(-1)", 1);
}
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password,checked,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (empty($ur['userid'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if ($ur['checked'] == 0) {
printerror("NotCheckedUser", '', 1);
}
$muserid = $ur['userid'];
$mgroupid = $ur['groupid'];
} else {
$muserid = 0;
}
}
if ($public_r['plgroupid']) {
if (!$muserid) {
printerror("GuestNotToPl", "history.go(-1)", 1);
}
if ($level_r[$mgroupid][level] < $level_r[$public_r['plgroupid']][level]) {
printerror("NotLevelToPl", "history.go(-1)", 1);
}
}
//专题
$doaction = $add['doaction'];
if ($doaction == 'dozt') {
if (!trim($saytext) || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select ztid,closepl,checkpl,restb from {$dbtbpre}enewszt where ztid='{$classid}'");
if (!$r['ztid']) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($r['closepl']) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//审核
if ($r['checkpl']) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pubid = '-' . $classid;
$id = 0;
$pagefunr = eReturnRewritePlUrl($classid, $id, 'dozt', 0, 0, 1);
$returl = $pagefunr['pageurl'];
} else {
if (!trim($saytext) || !$id || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//表存在
if (empty($class_r[$classid][tbname])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select classid,stb,restb from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' limit 1");
if (!$r['classid'] || $r['classid'] != $classid) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($class_r[$r[classid]][openpl]) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//单信息关闭评论
$pubid = ReturnInfoPubid($classid, $id);
$finfor = $empire->fetch1("select closepl from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_data_" . $r['stb'] . " where id='{$id}' limit 1");
if ($finfor['closepl']) {
printerror("CloseInfoPl", "history.go(-1)", 1);
}
//审核
if ($class_r[$classid][checkpl]) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pagefunr = eReturnRewritePlUrl($classid, $id, 'doinfo', 0, 0, 1);
$returl = $pagefunr['pageurl'];
}
//设置参数
$plsetr = $empire->fetch1("select pltime,plsize,plincludesize,plclosewords,plmustf,plf,plmaxfloor,plquotetemp from {$dbtbpre}enewspl_set limit 1");
if (strlen($saytext) > $plsetr['plsize']) {
$GLOBALS['setplsize'] = $plsetr['plsize'];
printerror("PlSizeTobig", "history.go(-1)", 1);
}
$time = time();
$saytime = $time;
$pltime = getcvar('lastpltime');
if ($pltime) {
if ($time - $pltime < $plsetr['pltime']) {
$GLOBALS['setpltime'] = $plsetr['pltime'];
printerror("PlOutTime", "history.go(-1)", 1);
}
}
$sayip = egetip();
$eipport = egetipport();
$username = str_replace("\r\n", "", $username);
$username = RepPostStr($username);
$saytext = nl2br(RepFieldtextNbsp(RepPostStr($saytext)));
if ($repid) {
$saytext = RepPlTextQuote($repid, $saytext, $plsetr, $restb);
CkPlQuoteFloor($plsetr['plmaxfloor'], $saytext);
//验证楼层
}
//过滤字符
$saytext = ReplacePlWord($plsetr['plclosewords'], $saytext);
if ($level_r[$mgroupid]['plchecked']) {
$checked = 0;
}
$ret_r = ReturnPlAddF($add, $plsetr, 0);
//主表
$sql = $empire->query("insert into {$dbtbpre}enewspl_" . $restb . "(pubid,username,sayip,saytime,id,classid,checked,zcnum,fdnum,userid,isgood,saytext,eipport" . $ret_r['fields'] . ") values('{$pubid}','" . $username . "','{$sayip}','{$saytime}','{$id}','{$classid}','{$checked}',0,0,'{$muserid}',0,'" . addslashes($saytext) . "','{$eipport}'" . $ret_r['values'] . ");");
$plid = $empire->lastid();
if ($doaction != 'dozt') {
//信息表加1
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set plnum=plnum+1 where id='{$id}' limit 1");
}
//更新新评论数
DoUpdateAddDataNum('pl', $restb, 1);
//设置最后发表时间
$set1 = esetcookie("lastpltime", time(), time() + 3600 * 24);
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
$reurl = DoingReturnUrl($returl, $_POST['ecmsfrom']);
printerror("AddPlSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
require "../../class/connect.php";
require "../../class/db_sql.php";
require "../../class/q_functions.php";
require "../../class/user.php";
require "../../data/dbcache/class.php";
require "../../data/dbcache/MemberLevel.php";
require "../../class/DownSysFun.php";
eCheckCloseMods('movie');
//关闭模块
$link = db_connect();
$empire = new mysqlquery();
$editor = 1;
$ecmsreurl = 2;
//验证IP
eCheckAccessDoIp('onlineinfo');
$id = (int) $_GET['id'];
$pathid = (int) $_GET['pathid'];
$classid = (int) $_GET['classid'];
//扣点函数
function ViewOnlineKFen($showdown_r, $u, $userid, $classid, $id, $pathid, $r)
{
global $user_tablename, $level_r, $user_group, $user_userid, $class_r, $dbtbpre, $public_r, $user_userdate, $user_userfen, $user_username, $empire, $have_bak, $have_fen;
if ($showdown_r[2]) {
//下载次数限制
$setuserday = "";
if ($level_r[$u[$user_group]][daydown]) {
$setuserday = DoCheckMDownNum($userid, $u[$user_group], 1);
}
//点数是否足够
$showdown_r[3] = intval($showdown_r[3]);
function AddPl($username, $password, $nomember, $key, $saytext, $id, $classid, $repid, $add)
{
global $empire, $public_r, $class_r, $user_userid, $user_username, $user_password, $user_dopass, $user_tablename, $user_salt, $user_checked, $user_group, $dbtbpre, $level_r;
//验证IP
eCheckAccessDoIp('pl');
$id = (int) $id;
$repid = (int) $repid;
$classid = (int) $classid;
//验证码
$keyvname = 'checkplkey';
if ($public_r['plkey_ok']) {
ecmsCheckShowKey($keyvname, $key, 1);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
$mgroupid = (int) getcvar('mlgroupid');
if ($muserid) {
$username = $musername;
} else {
if (empty($nomember)) {
//编码转换
$utfusername = doUtfAndGbk($username, 0);
$password = doUtfAndGbk($password, 0);
//密码
if (empty($user_dopass)) {
$password = md5($password);
}
if ($user_dopass == 3) {
$password = substr(md5($password), 8, 16);
}
//双重md5
if ($user_dopass == 2) {
$ur = $empire->fetch1("select " . $user_userid . "," . $user_salt . "," . $user_password . "," . $user_checked . "," . $user_group . " from " . $user_tablename . " where " . $user_username . "='{$utfusername}' limit 1");
$password = md5(md5($password) . $ur[$user_salt]);
$cuser = 0;
if ($password == $ur[$user_password]) {
$cuser = 1;
}
if (empty($ur[$user_userid])) {
$cuser = 0;
}
} else {
$ur = $empire->fetch1("select " . $user_userid . "," . $user_checked . "," . $user_group . " from " . $user_tablename . " where " . $user_username . "='{$utfusername}' and " . $user_password . "='{$password}' limit 1");
$cuser = 0;
if ($ur[$user_userid]) {
$cuser = 1;
}
}
if (empty($cuser)) {
printerror("FailPassword", "history.go(-1)", 1);
}
if ($ur[$user_checked] == 0) {
printerror("NotCheckedUser", '', 1);
}
$muserid = $ur[$user_userid];
$mgroupid = $ur[$user_group];
} else {
$muserid = 0;
}
}
if ($public_r['plgroupid']) {
if (!$muserid) {
printerror("GuestNotToPl", "history.go(-1)", 1);
}
if ($level_r[$mgroupid][level] < $level_r[$public_r['plgroupid']][level]) {
printerror("NotLevelToPl", "history.go(-1)", 1);
}
}
if (!trim($saytext) || !$id || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//表存在
if (empty($class_r[$classid][tbname])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if (strlen($saytext) > $public_r[plsize]) {
printerror("PlSizeTobig", "history.go(-1)", 1);
}
$saytime = date("Y-m-d H:i:s");
$time = time();
$pltime = getcvar('lastpltime');
if ($pltime) {
if ($time - $pltime < $public_r[pltime]) {
printerror("PlOutTime", "history.go(-1)", 1);
}
}
//是否关闭评论
$r = $empire->fetch1("select classid,closepl from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' and classid='{$classid}'");
if (empty($r[classid])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($class_r[$r[classid]][openpl]) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//单信息关闭评论
if ($r['closepl']) {
printerror("CloseInfoPl", "history.go(-1)", 1);
}
$sayip = egetip();
$username = RepPostStr($username);
$username = str_replace("\r\n", "", $username);
$saytext = nl2br(RepFieldtextNbsp(RepPostStr($saytext)));
$pr = $empire->fetch1("select plclosewords,plf,plmustf,pldeftb from {$dbtbpre}enewspublic limit 1");
if ($repid) {
if (trim($saytext) == "[quote]" . $repid . "[/quote]") {
printerror("EmptyPl", "history.go(-1)", 1);
}
$saytext = RepPlTextQuote($repid, $saytext, $pr);
}
//过滤字符
$saytext = ReplacePlWord($pr['plclosewords'], $saytext);
//审核
if ($class_r[$classid][checkpl]) {
$checked = 1;
} else {
$checked = 0;
}
$ret_r = ReturnPlAddF($add, $pr, 0);
//主表
$sql = $empire->query("insert into {$dbtbpre}enewspl(username,sayip,saytime,id,classid,checked,zcnum,fdnum,userid,isgood,stb) values('" . $username . "','{$sayip}','{$saytime}','{$id}','{$classid}','{$checked}',0,0,'{$muserid}',0,'{$pr['pldeftb']}');");
$plid = $empire->lastid();
//副表
$fsql = $empire->query("insert into {$dbtbpre}enewspl_data_" . $pr['pldeftb'] . "(plid,classid,id,saytext" . $ret_r['fields'] . ") values('{$plid}','{$classid}','{$id}','" . addslashes($saytext) . "'" . $ret_r['values'] . ");");
//信息表加1
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set plnum=plnum+1 where id='{$id}'");
//设置最后发表时间
$set1 = esetcookie("lastpltime", time(), time() + 3600 * 24);
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
$reurl = DoingReturnUrl("../pl/?classid={$classid}&id={$id}", $_POST['ecmsfrom']);
printerror("AddPlSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
