if (!$f->fid || $f->type != 0) { html_error_quit("文件不存在"); } if ($pcconfig["USERFILEPERM"]) { if ($f->access != 0) { $pc = pc_load_infor($link, '', $f->uid); if (!$pc) { html_error_quit("文件不存在"); } if ($f->access == 2) { if (!pc_is_admin($currentuser, $pc)) { html_error_quit("文件不存在"); } } if ($f->access == 1) { if (!pc_is_friend($currentuser["userid"], $pc["USER"])) { html_error_quit("文件不存在"); } } } } pc_db_close($link); if (!$pcconfig["USERFILEPERM"] || $f->access == 0) { if (cache_header("public", $f->filetime, 600)) { return; } } if (!($file = fopen($f->filepath, "rb"))) { html_error_quit("文件不存在"); } Header("Content-type: " . $f->filetype);
function pc_get_user_permission($currentuser, $pc) { global $loginok; if ($pc['USER'] == '_filter' && pc_is_manager($currentuser)) { $sec = array(0 => "待处理", 1 => "已通过", 2 => "未通过", 4 => "被删除"); $pur = 1; $tags = array(1, 1, 1, 0, 1, 0, 0, 0); } elseif (pc_is_groupwork($pc)) { if (pc_is_admin($currentuser, $pc) && $loginok == 1) { $sec = array(0 => "俱乐部", 1 => "会议室", 4 => "备份中心", 6 => "栏目管理", 7 => "参数设定"); $pur = 3; $tags = array(1, 1, 0, 0, 1, 0, 1, 1); } else { $sec = array(0 => "俱乐部"); $pur = 0; $tags = array(1, 0, 0, 0, 0, 0, 0, 0); } } elseif (pc_is_admin($currentuser, $pc) && $loginok == 1) { $sec = array("公开区", "好友区", "私人区", "收藏区", "删除区", "设定好友", "分类管理", "参数设定"); $pur = 3; $tags = array(1, 1, 1, 1, 1, 1, 1, 1); } elseif (pc_is_friend($currentuser["userid"], $pc["USER"]) || pc_is_manager($currentuser)) { $sec = array("公开区", "好友区"); $pur = 1; $tags = array(1, 1, 0, 0, 0, 0, 0, 0); if ($pc["FAVMODE"] == 1 || $pc["FAVMODE"] == 2) { $sec[3] = "收藏区"; $tags[3] = 1; } } else { $sec = array("公开区"); $pur = 0; $tags = array(1, 0, 0, 0, 0, 0, 0, 0); if ($pc["FAVMODE"] == 2) { $sec[3] = "收藏区"; $tags[3] = 1; } } return array("tags" => $tags, "pur" => $pur, "sec" => $sec); }
function add_friend($pc) { $id = $_GET["id"]; $lookupuser = array(); if ($friendid = pc_is_friend($id, $pc["USER"])) { return $friendid . "已在好友列表中!"; } elseif ($id == "" || bbs_getuser($id, $lookupuser) == 0) { return "用户 " . $id . " 不存在!"; } else { $id = $lookupuser["userid"]; pc_add_friend($id, $pc["USER"]); } if (pc_is_groupwork($pc)) { pc_group_logs($link, $pc, "ADD FRIEND: " . $id); } }
echo $pc["NAME"] . "(" . time_format($archDate[0]) . " ~ " . time_format($archDate[1]) . "档案)"; ?> </TITLE> <style> .date{FONT-WEIGHT: bold;MARGIN-BOTTOM: 10px;FONT-SIZE: 18px;COLOR: #993366;FONT-FAMILY: palatino, georgia, times new roman, serif} .content{font-size:14px;line-height:24px;} </style> </head> <body> <?php echo "<a name=\"top\"></a><p class=date>::Blog信息::<br />名称: " . $pc["NAME"] . "<br />作者: <a href=\"http://" . $pcconfig["SITE"] . "/bbsqry.php?userid=" . $pc["USER"] . "\">" . $pc["USER"] . "</a><br />域名: <a href=\"" . pc_personal_domainname($pc["USER"]) . "\">" . pc_personal_domainname($pc["USER"]) . "</a><br />站点: <a href=\"http://" . $pcconfig["SITE"] . "\">" . $pcconfig["BBSNAME"] . "</a><br /></p>"; echo "<p class=date>档案日期:" . time_format($archDate[0]) . " ~ " . time_format($archDate[1]) . "</p><hr size=1>"; $query = "SELECT * FROM nodes WHERE uid = '" . $pc["UID"] . "' AND type = 0 AND created >= " . $archDate[0] . " AND created <= " . $archDate[1] . " "; if (pc_is_admin($currentuser, $pc) && $loginok == 1) { $query .= " AND ( access = 0 OR access = 1 OR access = 2 ) "; } elseif (pc_is_friend($currentuser["userid"], $pc["USER"]) || pc_is_manager($currentuser)) { $query .= " AND ( access = 0 OR access = 1 ) "; } else { $query .= " AND access = 0 "; } $query .= " ORDER BY nid DESC ;"; $result = mysql_query($query); while ($rows = mysql_fetch_array($result)) { echo "<p class=date>" . time_format($rows[created]) . "</p>"; echo "<p class=content><strong>主题: </strong><a href=\"http://" . $pcconfig["SITE"] . "/pc/pccon.php?id=" . $pc["UID"] . "&nid=" . $rows[nid] . "&s=all\">" . html_format($rows[subject]) . "</a><br />"; echo "<font class=content>" . html_format($rows[body], TRUE, $rows[htmltag]) . "</font><br /><br /><a href=\"#top\">[返回顶部]</a></p><hr size=1>"; } mysql_free_result($result); echo "<p align=center><a href=\"http://" . $pcconfig["SITE"] . "\">" . $pcconfig["BBSNAME"] . "</a></p>"; ?> <p align="center">