public function before_newthread($parameters) { $item_price = floatval($_GET['item_price']); $item_credit = intval($_GET['item_credit']); $_GET['item_name'] = censor($_GET['item_name']); if (!trim($_GET['item_name'])) { return $this->showmessage('trade_please_name'); } elseif ($this->group['maxtradeprice'] && $item_price > 0 && ($this->group['mintradeprice'] > $item_price || $this->group['maxtradeprice'] < $item_price)) { return $this->showmessage('trade_price_between', '', array('mintradeprice' => $this->group['mintradeprice'], 'maxtradeprice' => $this->group['maxtradeprice'])); } elseif ($this->group['maxtradeprice'] && $item_credit > 0 && ($this->group['mintradeprice'] > $item_credit || $this->group['maxtradeprice'] < $item_credit)) { return $this->showmessage('trade_credit_between', '', array('mintradeprice' => $this->group['mintradeprice'], 'maxtradeprice' => $this->group['maxtradeprice'])); } elseif (!$this->group['maxtradeprice'] && $item_price > 0 && $this->group['mintradeprice'] > $item_price) { return $this->showmessage('trade_price_more_than', '', array('mintradeprice' => $this->group['mintradeprice'])); } elseif (!$this->group['maxtradeprice'] && $item_credit > 0 && $this->group['mintradeprice'] > $item_credit) { return $this->showmessage('trade_credit_more_than', '', array('mintradeprice' => $this->group['mintradeprice'])); } elseif ($item_price <= 0 && $item_credit <= 0) { return $this->showmessage('trade_pricecredit_need'); } elseif ($_GET['item_number'] < 1) { return $this->showmessage('tread_please_number'); } if (!empty($_FILES['tradeattach']['tmp_name'][0])) { $_FILES['attach'] = array_merge_recursive((array) $_FILES['attach'], $_FILES['tradeattach']); } if (($this->group['allowpostattach'] || $this->group['allowpostimage']) && is_array($_FILES['attach'])) { foreach ($_FILES['attach']['name'] as $attachname) { if ($attachname != '') { checklowerlimit('postattach', 0, 1, $this->forum['fid']); break; } } } $this->trademessage = $parameters['message']; $this->param['message'] = ''; }
} else { showmessage('postperm_login_nopermission_mobile', NULL, array('referer' => rawurlencode(dreferer())), array('login' => 1)); } } elseif (empty($_G['forum']['allowpost'])) { if (!$_G['forum']['postperm'] && !$_G['group']['allowpost']) { showmessage('postperm_none_nopermission', NULL, array(), array('login' => 1)); } elseif ($_G['forum']['postperm'] && !forumperm($_G['forum']['postperm'])) { showmessagenoperm('postperm', $_G['fid'], $_G['forum']['formulaperm']); } } elseif ($_G['forum']['allowpost'] == -1) { showmessage('post_forum_newthread_nopermission', NULL); } if (!$_G['uid'] && ($_G['setting']['need_avatar'] || $_G['setting']['need_email'] || $_G['setting']['need_friendnum'])) { showmessage('postperm_login_nopermission', NULL, array(), array('login' => 1)); } checklowerlimit('post', 0, 1, $_G['forum']['fid']); if (!submitcheck('topicsubmit', 0, $seccodecheck, $secqaacheck)) { $savethreads = array(); $savethreadothers = array(); $query = DB::query("SELECT dateline, fid, tid, pid, subject FROM " . DB::table(getposttable()) . " WHERE authorid='{$_G['uid']}' AND invisible='-3' AND first='1'"); while ($savethread = DB::fetch($query)) { $savethread['dateline'] = dgmdate($savethread['dateline'], 'u'); if ($_G['fid'] == $savethread['fid']) { $savethreads[] = $savethread; } else { $savethreadothers[] = $savethread; } } $savethreadcount = count($savethreads); $savethreadothercount = count($savethreadothers); if ($savethreadothercount) {
showmessage('replyperm_none_nopermission', NULL, array(), array('login' => 1)); } elseif ($_G['forum']['replyperm'] && !forumperm($_G['forum']['replyperm'])) { showmessagenoperm('replyperm', $_G['forum']['fid']); } } elseif ($_G['forum']['allowreply'] == -1) { showmessage('post_forum_newreply_nopermission', NULL); } if (!$_G['uid'] && ($_G['setting']['need_avatar'] || $_G['setting']['need_email'] || $_G['setting']['need_friendnum'])) { showmessage('replyperm_login_nopermission', NULL, array(), array('login' => 1)); } if (empty($thread)) { showmessage('thread_nonexistence'); } elseif ($thread['price'] > 0 && $thread['special'] == 0 && !$_G['uid']) { showmessage('group_nopermission', NULL, array('grouptitle' => $_G['group']['grouptitle']), array('login' => 1)); } checklowerlimit('reply'); if ($_G['setting']['commentnumber'] && !empty($_G['gp_comment'])) { $posttable = getposttablebytid($_G['tid']); if (!submitcheck('commentsubmit', 0, $seccodecheck, $secqaacheck)) { showmessage('undefined_action', NULL); } $post = DB::fetch_first('SELECT * FROM ' . DB::table($posttable) . " WHERE pid='{$_G['gp_pid']}'"); if (!$post) { showmessage('undefined_action', NULL); } if ($thread['closed'] && !$_G['forum']['ismoderator']) { showmessage('post_thread_closed'); } elseif ($post_autoclose = checkautoclose($thread)) { showmessage($post_autoclose, '', array('autoclose' => $_G['forum']['autoclose'])); } elseif (checkflood()) { showmessage('post_flood_ctrl', '', array('floodctrl' => $_G['setting']['floodctrl']));
} if (!$_G['uid'] && !(!$_G['forum']['postperm'] && $_G['group']['allowpost'] || $_G['forum']['postperm'] && forumperm($_G['forum']['postperm']))) { showmessage('postperm_login_nopermission', NULL, array(), array('login' => 1)); } elseif (empty($_G['forum']['allowpost'])) { if (!$_G['forum']['postperm'] && !$_G['group']['allowpost']) { showmessage('postperm_none_nopermission', NULL, array(), array('login' => 1)); } elseif ($_G['forum']['postperm'] && !forumperm($_G['forum']['postperm'])) { showmessagenoperm('postperm', $_G['fid']); } } elseif ($_G['forum']['allowpost'] == -1) { showmessage('post_forum_newthread_nopermission', NULL); } if (!$_G['uid'] && ($_G['setting']['need_avatar'] || $_G['setting']['need_email'] || $_G['setting']['need_friendnum'])) { showmessage('postperm_login_nopermission', NULL, array(), array('login' => 1)); } checklowerlimit('post'); if (!submitcheck('topicsubmit', 0, $seccodecheck, $secqaacheck)) { $isfirstpost = 1; $tagoffcheck = ''; $showthreadsorts = !empty($sortid) || $_G['forum']['threadsorts']['required']; if ($special == 2 && $_G['group']['allowposttrade']) { $expiration_7days = date('Y-m-d', TIMESTAMP + 86400 * 7); $expiration_14days = date('Y-m-d', TIMESTAMP + 86400 * 14); $trade['expiration'] = $expiration_month = date('Y-m-d', mktime(0, 0, 0, date('m') + 1, date('d'), date('Y'))); $expiration_3months = date('Y-m-d', mktime(0, 0, 0, date('m') + 3, date('d'), date('Y'))); $expiration_halfyear = date('Y-m-d', mktime(0, 0, 0, date('m') + 6, date('d'), date('Y'))); $expiration_year = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 1)); } elseif ($specialextra) { $threadpluginclass = null; if (isset($_G['setting']['threadplugins'][$specialextra]['module'])) { $threadpluginfile = DISCUZ_ROOT . './source/plugin/' . $_G['setting']['threadplugins'][$specialextra]['module'] . '.class.php';
showmessage('this_message_could_not_be_deleted'); } } } elseif ($_GET['op'] == 'send') { $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } cknewuser(); if ($touid) { if (isblacklist($touid)) { showmessage('is_blacklist'); } } if (submitcheck('pmsubmit')) { checklowerlimit('sendpm'); $username = empty($_POST['username']) ? '' : $_POST['username']; $message = (!empty($_POST['messageappend']) ? $_POST['messageappend'] . "\n" : '') . trim($_POST['message']); if (empty($message)) { showmessage('unable_to_send_air_news'); } $message = censor($message); loadcache(array('smilies', 'smileytypes')); foreach ($_G['cache']['smilies']['replacearray'] as $key => $smiley) { $_G['cache']['smilies']['replacearray'][$key] = '[img]' . $_G['siteurl'] . 'static/image/smiley/' . $_G['cache']['smileytypes'][$_G['cache']['smilies']['typearray'][$key]]['directory'] . '/' . $smiley . '[/img]'; } $message = preg_replace($_G['cache']['smilies']['searcharray'], $_G['cache']['smilies']['replacearray'], $message); $subject = ''; $return = 0; if ($touid) { $return = uc_pm_send($_G['uid'], $touid, $subject, $message, 1, $pmid, 0);
$keyword = $keyword != '' ? str_replace('+', ' ', $keyword) : ''; $index['keywords'] = rawurlencode($index['keywords']); $articlelist = array(); $query = DB::query("SELECT at.*,ac.viewnum, ac.commentnum FROM " . DB::table('portal_article_title') . " at LEFT JOIN " . DB::table('portal_article_count') . " ac ON at.aid=ac.aid WHERE at.aid IN ({$index['ids']}) ORDER BY {$orderby} {$ascdesc} LIMIT {$start_limit}, {$_G['tpp']}"); while ($article = DB::fetch($query)) { $article['dateline'] = dgmdate($article['dateline']); $article['pic'] = pic_get($article['pic'], 'portal', $article['thumb'], $article['remote']); $article['title'] = bat_highlight($article['title'], $keyword); $article['summary'] = bat_highlight($article['summary'], $keyword); $articlelist[] = $article; } $multipage = multi($index['num'], $_G['tpp'], $page, "search.php?mod=portal&searchid={$searchid}&orderby={$orderby}&ascdesc={$ascdesc}&searchsubmit=yes"); $url_forward = 'search.php?mod=portal&' . $_SERVER['QUERY_STRING']; include template('search/portal'); } else { !($_G['group']['exempt'] & 2) && checklowerlimit('search'); $searchstring = 'portal|title|' . addslashes($srchtxt); $searchindex = array('id' => 0, 'dateline' => '0'); $query = DB::query("SELECT searchid, dateline,\r\n\t\t\t('" . $_G['setting']['search']['portal']['searchctrl'] . "'<>'0' AND " . (empty($_G['uid']) ? "useip='{$_G['clientip']}'" : "uid='{$_G['uid']}'") . " AND {$_G['timestamp']}-dateline<'" . $_G['setting']['search']['portal']['searchctrl'] . "') AS flood,\r\n\t\t\t(searchstring='{$searchstring}' AND expiration>'{$_G['timestamp']}') AS indexvalid\r\n\t\t\tFROM " . DB::table('common_searchindex') . "\r\n\t\t\tWHERE srchmod='{$srchmod}' AND ('" . $_G['setting']['search']['portal']['searchctrl'] . "'<>'0' AND " . (empty($_G['uid']) ? "useip='{$_G['clientip']}'" : "uid='{$_G['uid']}'") . " AND {$_G['timestamp']}-dateline<" . $_G['setting']['search']['portal']['searchctrl'] . ") OR (searchstring='{$searchstring}' AND expiration>'{$_G['timestamp']}')\r\n\t\t\tORDER BY flood"); while ($index = DB::fetch($query)) { if ($index['indexvalid'] && $index['dateline'] > $searchindex['dateline']) { $searchindex = array('id' => $index['searchid'], 'dateline' => $index['dateline']); break; } elseif ($_G['adminid'] != '1' && $index['flood']) { showmessage('search_ctrl', 'search.php?mod=portal', array('searchctrl' => $_G['setting']['search']['portal']['searchctrl'])); } } if ($searchindex['id']) { $searchid = $searchindex['id']; } else { if (!$srchtxt) {
$_G['gp_op'] = getgpc('op') && in_array($_G['gp_op'], $oparray) ? $_G['gp_op'] : 'group'; if (empty($groupmanagers[$_G[uid]]) && !in_array($_G['gp_op'], array('group', 'threadtype', 'demise')) && $_G['adminid'] != 1) { showmessage('group_admin_noallowed'); } $page = intval(getgpc('page')) ? intval($_G['gp_page']) : 1; $perpage = 54; $start = ($page - 1) * $perpage; $url = 'forum.php?mod=group&action=manage&op=' . $_G['gp_op'] . '&fid=' . $_G['fid']; if ($_G['gp_op'] == 'group') { $domainlength = checkperm('domainlength'); if (submitcheck('groupmanage')) { $forumarr = array(); if (isset($_G['gp_domain']) && $_G['forum']['domain'] != $_G['gp_domain']) { $domain = strtolower(trim($_G['gp_domain'])); if ($_G['setting']['allowgroupdomain'] && !empty($_G['setting']['domain']['root']['group']) && $domainlength) { checklowerlimit('modifydomain'); } if (empty($domainlength) || empty($domain)) { $domain = ''; } else { require_once libfile('function/domain'); if (domaincheck($domain, $_G['setting']['domain']['root']['group'], $domainlength)) { require_once libfile('function/delete'); deletedomain($_G['fid'], 'group'); DB::insert('common_domain', array('domain' => $domain, 'domainroot' => addslashes($_G['setting']['domain']['root']['group']), 'id' => $_G['fid'], 'idtype' => 'group')); } } $forumarr['domain'] = $domain; updatecreditbyaction('modifydomain'); } if ($_G['gp_name'] && !empty($specialswitch['allowchangename']) || $_G['gp_fup'] && !empty($specialswitch['allowchangetype'])) {
if ($tradethread['expiration']) { $tradethread['expiration'] = ($tradethread['expiration'] - $timestamp) / 86400; if ($tradethread['expiration'] > 0) { $tradethread['expirationhour'] = floor(($tradethread['expiration'] - floor($tradethread['expiration'])) * 24); $tradethread['expiration'] = floor($tradethread['expiration']); } else { $tradethread['expiration'] = -1; } } $tradelist[] = $tradethread; } $multipage = multi($index['threads'], $tpp, $page, "search.php?searchid={$searchid}" . ($orderby ? "&orderby={$orderby}" : '') . "&srchtype=trade&searchsubmit=yes"); $url_forward = 'search.php?' . $_SERVER['QUERY_STRING']; include template('search_trade'); } else { checklowerlimit($creditspolicy['search'], -1); $srchtxt = isset($srchtxt) ? trim($srchtxt) : ''; $srchuname = isset($srchuname) ? trim($srchuname) : ''; $forumsarray = array(); if (!empty($srchfid)) { foreach (is_array($srchfid) ? $srchfid : explode('_', $srchfid) as $forum) { if ($forum = intval(trim($forum))) { $forumsarray[] = $forum; } } } $fids = $comma = ''; foreach ($_DCACHE['forums'] as $fid => $forum) { if ($forum['type'] != 'group' && (!$forum['viewperm'] && $readaccess) || $forum['viewperm'] && forumperm($forum['viewperm'])) { if (!$forumsarray || in_array($fid, $forumsarray)) { $fids .= "{$comma}'{$fid}'";
} elseif ($forum['allowpost'] == -1) { showmessage('post_forum_newthread_nopermission', NULL, 'HALTED'); } if ($url && !empty($qihoo['relate']['webnum'])) { $from = in_array($from, array('direct', 'iframe')) ? $from : ''; if ($data = @implode('', file("http://search.qihoo.com/sint/content.html?surl={$url}&md5={$md5}&ocs={$charset}&ics={$charset}&from={$from}"))) { preg_match_all("/(\\w+):([^\\>]+)/i", $data, $data); if (!$data[2][1]) { $subject = trim($data[2][3]); $message = !$editormode ? str_replace('[br]', "\n", trim($data[2][4])) : str_replace('[br]', '<br />', trim($data[2][4])); } else { showmessage('reprint_invalid'); } } } checklowerlimit($postcredits); if (!submitcheck('topicsubmit', 0, $seccodecheck, $secqaacheck)) { $modelid = $modelid ? intval($modelid) : ''; $isfirstpost = 1; $tagoffcheck = ''; $showthreadsorts = !empty($sortid); $icons = ''; if (!$special && is_array($_DCACHE['icons'])) { $key = 1; foreach ($_DCACHE['icons'] as $id => $icon) { $icons .= ' <input class="radio" type="radio" name="iconid" value="' . $id . '" /><img src="images/icons/' . $icon . '" alt="" />'; $icons .= !(++$key % 10) ? '<br />' : ''; } } if ($special == 2 && $allowposttrade) { $expiration_7days = date('Y-m-d', $timestamp + 86400 * 7);
require_once libfile('function/post'); $feed = array(); if ($_G['gp_action'] == 'paysucceed') { $url = !empty($_G['gp_orderid']) ? 'forum.php?mod=trade&orderid=' . intval($_G['gp_orderid']) : 'home.php?mod=spacecp&ac=credit'; showmessage('payonline_succeed', $url); } elseif ($_G['gp_action'] == 'nav') { require_once libfile('misc/forumselect', 'include'); exit; } elseif ($_G['gp_action'] == 'attachcredit') { if ($_G['gp_formhash'] != FORMHASH) { showmessage('undefined_action', NULL); } $aid = intval($_G['gp_aid']); $attach = DB::fetch_first("SELECT tid, filename FROM " . DB::table('forum_attachment') . " WHERE aid='{$aid}'"); $thread = DB::fetch_first("SELECT fid FROM " . DB::table('forum_thread') . " WHERE tid='{$attach['tid']}' AND displayorder>='0'"); checklowerlimit('getattach'); $getattachcredits = updatecreditbyaction('getattach', $_G['uid'], array(), '', 1, 1, $thread['fid']); $_G['policymsg'] = $p = ''; if ($getattachcredits['updatecredit']) { if ($getattachcredits['updatecredit']) { for ($i = 1; $i <= 8; $i++) { if ($policy = $getattachcredits['extcredits' . $i]) { $_G['policymsg'] .= $p . ($_G['setting']['extcredits'][$i]['img'] ? $_G['setting']['extcredits'][$i]['img'] . ' ' : '') . $_G['setting']['extcredits'][$i]['title'] . ' ' . $policy . ' ' . $_G['setting']['extcredits'][$i]['unit']; $p = ', '; } } } } $ck = substr(md5($aid . TIMESTAMP . md5($_G['config']['security']['authkey'])), 0, 8); $aidencode = aidencode($aid); showmessage('attachment_credit', "forum.php?mod=attachment&aid={$aidencode}&ck={$ck}", array('policymsg' => $_G['policymsg'], 'filename' => $attach['filename']), array('redirectmsg' => 1, 'login' => 1));
$maxheight = $_DTYPE[$optionid]['maxheight'] ? 'height="' . $_DTYPE[$optionid]['maxheight'] . '"' : ''; $resultlist[$tid]['option'][] = $optiondata[$optionid] ? "<a href=\"{$optiondata[$optionid]}\" target=\"_blank\"><img src=\"{$value['value']}\" {$maxwidth} {$maxheight} border=\"0\"></a>" : ''; } elseif ($_DTYPE[$optionid]['type'] == 'url') { $resultlist[$tid]['option'][] = $optiondata[$optionid] ? "<a href=\"{$value['value']}\" target=\"_blank\">{$value['value']}</a>" : ''; } else { $resultlist[$tid]['option'][] = $value['value']; } } } } $colspan = count($optionlist) + 2; $multipage = multi($index['threads'], $tpp, $page, "search.php?searchid={$searchid}&srchtype=threadsort&sortid={$index['threadsortid']}&searchsubmit=yes"); $url_forward = 'search.php?' . $_SERVER['QUERY_STRING']; include template('search_sort'); } else { !($exempt & 2) && checklowerlimit($creditspolicy['search'], -1); $forumsarray = array(); if (!empty($srchfid)) { foreach (is_array($srchfid) ? $srchfid : explode('_', $srchfid) as $forum) { if ($forum = intval(trim($forum))) { $forumsarray[] = $forum; } } } $fids = $comma = ''; foreach ($_DCACHE['forums'] as $fid => $forum) { if ($forum['type'] != 'group' && (!$forum['viewperm'] && $readaccess) || $forum['viewperm'] && forumperm($forum['viewperm'])) { if (!$forumsarray || in_array($fid, $forumsarray)) { $fids .= "{$comma}'{$fid}'"; $comma = ','; }
showmessage('attachment_nonexistence'); } $query = $db->query("SELECT f.viewperm, f.getattachperm, f.getattachcredits, a.allowgetattach FROM {$tablepre}forumfields f\r\n\t\tLEFT JOIN {$tablepre}access a ON a.uid='{$discuz_uid}' AND a.fid=f.fid\r\n\t\tWHERE f.fid='{$thread['fid']}'"); $forum = $db->fetch_array($query); if (!$ispaid) { if (!$forum['allowgetattach']) { if (!$forum['getattachperm'] && !$allowgetattach) { showmessage('group_nopermission', NULL, 'NOPERM'); } elseif ($forum['getattachperm'] && !forumperm($forum['getattachperm']) || $forum['viewperm'] && !forumperm($forum['viewperm'])) { showmessage('attachment_forum_nopermission', NULL, 'NOPERM'); } } } if (!($isimage = preg_match("/^image\\/.+/", $attach['filetype']))) { $getattachcredits = $forum['getattachcredits'] ? unserialize($forum['getattachcredits']) : $creditspolicy['getattach']; checklowerlimit($getattachcredits, -1); } if (empty($noupdate)) { if ($delayviewcount == 2 || $delayviewcount == 3) { $logfile = './forumdata/cache/cache_attachviews.log'; if (substr($timestamp, -1) == '0') { require_once DISCUZ_ROOT . './include/misc.func.php'; updateviews('attachments', 'aid', 'downloads', $logfile); } if (@($fp = fopen(DISCUZ_ROOT . $logfile, 'a'))) { fwrite($fp, "{$aid}\n"); fclose($fp); } elseif ($adminid == 1) { showmessage('view_log_invalid'); } } else {
$optiondata = array(); if ($tradetypes && $typeoption && $checkoption) { $optiondata = threadsort_validator($typeoption); } if (!empty($_FILES['tradeattach']['tmp_name'][0])) { $_FILES['attach'] = array_merge_recursive((array) $_FILES['attach'], $_FILES['tradeattach']); } } $attachnum = 0; if ($allowpostattach && !empty($_FILES['attach']) && is_array($_FILES['attach'])) { foreach ($_FILES['attach']['name'] as $attachname) { if ($attachname != '') { $attachnum++; } } $attachnum && checklowerlimit($postattachcredits, $attachnum); } else { $_FILES = array(); } $attachments = $attachnum ? attach_upload() : array(); $attachment = empty($attachments) ? 0 : ($imageexists ? 2 : 1); $subscribed = $thread['subscribed'] && $timestamp - $thread['lastpost'] < 7776000; $newsubscribed = !empty($emailnotify) && $discuz_uid; if ($subscribed && !$modnewreplies) { $db->query("UPDATE {$tablepre}subscriptions SET lastpost='{$timestamp}' WHERE tid='{$tid}' AND uid<>'{$discuz_uid}'", 'UNBUFFERED'); } if ($newsubscribed) { $db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify)\r\n\t\t\tVALUES ('{$discuz_uid}', '{$tid}', '" . ($modnewreplies ? $thread['lastpost'] : $timestamp) . "', '{$timestamp}')", 'UNBUFFERED'); } $bbcodeoff = checkbbcodes($message, !empty($bbcodeoff)); $smileyoff = checksmilies($message, !empty($smileyoff));
} elseif (!$_G['group']['maxtradeprice'] && $item_price > 0 && $_G['group']['mintradeprice'] > $item_price) { showmessage('trade_price_more_than', '', array('mintradeprice' => $_G['group']['mintradeprice'])); } elseif (!$_G['group']['maxtradeprice'] && $item_credit > 0 && $_G['group']['mintradeprice'] > $item_credit) { showmessage('trade_credit_more_than', '', array('mintradeprice' => $_G['group']['mintradeprice'])); } elseif ($item_price <= 0 && $item_credit <= 0) { showmessage('trade_pricecredit_need'); } elseif ($_G['gp_item_number'] < 1) { showmessage('tread_please_number'); } if (!empty($_FILES['tradeattach']['tmp_name'][0])) { $_FILES['attach'] = array_merge_recursive((array) $_FILES['attach'], $_FILES['tradeattach']); } if (($_G['group']['allowpostattach'] || $_G['group']['allowpostimage']) && is_array($_FILES['attach'])) { foreach ($_FILES['attach']['name'] as $attachname) { if ($attachname != '') { checklowerlimit('postattach'); break; } } } $typeid = isset($typeid) ? $typeid : 0; $displayorder = $modnewthreads ? -2 : ($_G['forum']['ismoderator'] && !empty($_G['gp_sticktopic']) ? 1 : 0); $digest = $_G['forum']['ismoderator'] && !empty($addtodigest) ? 1 : 0; $readperm = $_G['group']['allowsetreadperm'] ? $readperm : 0; $isanonymous = $_G['gp_isanonymous'] && $_G['group']['allowanonymous'] ? 1 : 0; $author = !$isanonymous ? $_G['username'] : ''; $moderated = $digest || $displayorder > 0 ? 1 : 0; $posttableid = getposttableid('p'); $isgroup = $_G['forum']['status'] == 3 ? 1 : 0; DB::query("INSERT INTO " . DB::table('forum_thread') . " (fid, posttableid, readperm, price, typeid, author, authorid, subject, dateline, lastpost, lastposter, displayorder, digest, special, attachment, moderated, replies, status, isgroup)\n\tVALUES ('{$_G['fid']}', '{$posttableid}', '{$readperm}', '{$price}', '{$typeid}', '{$author}', '{$_G['uid']}', '{$subject}', '{$_G['timestamp']}', '{$_G['timestamp']}', '{$author}', '{$displayorder}', '{$digest}', '{$special}', '{$attachment}', '{$moderated}', '1', '{$thread['status']}', '{$isgroup}')"); $tid = DB::insert_id();
$postinfo['message'] = preg_replace($attachfind, $attachreplace, $postinfo['message']); } if ($special == 5) { $standselected = array($firststand => 'selected="selected"'); } include template('post'); } else { $redirecturl = "viewthread.php?tid={$tid}&page={$page}&extra={$extra}" . ($vid && $isfirstpost ? "&vid={$vid}" : '') . "#pid{$pid}"; if (empty($delete)) { if ($post_invalid = checkpost($isfirstpost && $special)) { showmessage($post_invalid); } if ($allowpostattach && is_array($_FILES['attach'])) { foreach ($_FILES['attach']['name'] as $attachname) { if ($attachname != '') { checklowerlimit($creditspolicy['postattach']); break; } } } if (!$isorigauthor && !$allowanonymous) { if ($orig['anonymous'] && !$isanonymous) { $isanonymous = 0; $authoradd = ', author=\'' . addslashes($orig['author']) . '\''; $anonymousadd = ', anonymous=\'0\''; } else { $isanonymous = $orig['anonymous']; $authoradd = $anonymousadd = ''; } } else { $authoradd = ', author=\'' . ($isanonymous ? '' : addslashes($orig['author'])) . '\'';
showmessage('replyperm_login_nopermission', NULL, 'NOPERM'); } elseif (empty($forum['allowreply'])) { if (!$forum['replyperm'] && !$allowreply) { showmessage('replyperm_none_nopermission', NULL, 'NOPERM'); } elseif ($forum['replyperm'] && !forumperm($forum['replyperm'])) { showmessagenoperm('replyperm', $forum['fid']); } } elseif ($forum['allowreply'] == -1) { showmessage('post_forum_newreply_nopermission', NULL, 'HALTED'); } if (empty($thread)) { showmessage('thread_nonexistence'); } elseif ($thread['price'] > 0 && $thread['special'] == 0 && !$discuz_uid) { showmessage('group_nopermission', NULL, 'NOPERM'); } checklowerlimit($replycredits); if ($special == 127) { $postinfo = $db->fetch_first("SELECT message FROM {$tablepre}posts WHERE tid='{$tid}' AND first='1'"); $sppos = strrpos($postinfo['message'], chr(0) . chr(0) . chr(0)); $specialextra = substr($postinfo['message'], $sppos + 3); if (!array_key_exists($specialextra, $threadplugins) || !in_array($specialextra, unserialize($forum['threadplugin'])) || !in_array($specialextra, $allowthreadplugin)) { $special = 0; $specialextra = ''; } } if (!submitcheck('replysubmit', 0, $seccodecheck, $secqaacheck)) { if ($thread['special'] == 2 && ((!isset($addtrade) || $thread['authorid'] != $discuz_uid) && !($tradenum = $db->result_first("SELECT count(*) FROM {$tablepre}trades WHERE tid='{$tid}'")))) { showmessage('trade_newreply_nopermission', NULL, 'HALTED'); } include_once language('misc'); $noticeauthor = $noticetrimstr = '';
if ($touid) { if (isblacklist($touid)) { showmessage('is_blacklist', '', array(), array('return' => true)); } } if (submitcheck('pmsubmit')) { if (!empty($_POST['username'])) { $_POST['users'][] = $_POST['username']; } $users = empty($_POST['users']) ? array() : $_POST['users']; $type = intval($_POST['type']); $coef = 1; if (!empty($users)) { $coef = count($users); } !($_G['group']['exempt'] & 1) && checklowerlimit('sendpm', 0, $coef); $message = (!empty($_POST['messageappend']) ? $_POST['messageappend'] . "\n" : '') . trim($_POST['message']); if (empty($message)) { showmessage('unable_to_send_air_news', '', array(), array('return' => true)); } $message = censor($message); loadcache(array('smilies', 'smileytypes')); foreach ($_G['cache']['smilies']['replacearray'] as $key => $smiley) { $_G['cache']['smilies']['replacearray'][$key] = '[img]' . $_G['siteurl'] . 'static/image/smiley/' . $_G['cache']['smileytypes'][$_G['cache']['smilies']['typearray'][$key]]['directory'] . '/' . $smiley . '[/img]'; } $message = preg_replace($_G['cache']['smilies']['searcharray'], $_G['cache']['smilies']['replacearray'], $message); $subject = ''; if ($type == 1) { $subject = dhtmlspecialchars(trim($_POST['subject'])); } include_once libfile('function/friend');
private function _applyActivityTopic($res, $tid, $uid, $data) { // from forum_misc.php require_once libfile('function/post'); $activity = DzForumActivity::getActivityByTid($tid); if ($activity['expiration'] && $activity['expiration'] < TIMESTAMP) { return $this->_makeErrorInfo($res, 'activity_stop'); } $applyinfo = DzForumActivityApply::getApplyByTidUid($tid, $uid); if ($applyinfo && $applyinfo['verified'] < DzForumActivityApply::STATUS_VERIFIED_IMPROVE) { return $this->_makeErrorInfo($res, 'activity_repeat_apply'); } global $_G; $_GET = $data; $thread = ForumUtils::getTopicInfo($tid); $payvalue = intval($_GET['payvalue']); $payment = $_GET['payment'] ? $payvalue : -1; $message = cutstr(dhtmlspecialchars($_GET['message']), 200); $verified = $thread['authorid'] == $uid ? 1 : 0; $ufielddata = ''; if ($activity['ufield']) { $ufielddata = array(); $version = MobcentDiscuz::getMobcentDiscuzVersion(); $activity['ufield'] = $version != MobcentDiscuz::VERSION_X20 ? dunserialize($activity['ufield']) : unserialize($activity['ufield']); if (!empty($activity['ufield']['userfield'])) { if ($version == MobcentDiscuz::VERSION_X20) { if (!class_exists('discuz_censor')) { include libfile('class/censor'); } } $censor = discuz_censor::instance(); loadcache('profilesetting'); foreach ($data as $key => $value) { if (empty($_G['cache']['profilesetting'][$key])) { continue; } if (is_array($value)) { $value = implode(',', $value); } $value = cutstr(dhtmlspecialchars(trim($value)), 100, '.'); // if ($_G['cache']['profilesetting'][$key]['formtype'] == 'file' && !preg_match("/^https?:\/\/(.*)?\.(jpg|png|gif|jpeg|bmp)$/i", $value)) { // showmessage('activity_imgurl_error'); // } if (empty($value) && $key != 'residedist' && $key != 'residecommunity') { return $this->_makeErrorInfo($res, 'activity_exile_field'); } $ufielddata['userfield'][$key] = $value; } } if (!empty($activity['ufield']['extfield'])) { foreach ($activity['ufield']['extfield'] as $fieldid) { $value = cutstr(dhtmlspecialchars(trim($_GET['' . $fieldid])), 50, '.'); $ufielddata['extfield'][$fieldid] = $value; } } $ufielddata = !empty($ufielddata) ? serialize($ufielddata) : ''; } if ($_G['setting']['activitycredit'] && $activity['credit'] && empty($applyinfo['verified'])) { checklowerlimit(array('extcredits' . $_G['setting']['activitycredit'] => '-' . $activity['credit'])); updatemembercount($uid, array($_G['setting']['activitycredit'] => '-' . $activity['credit']), true, 'ACC', $tid); } $data = array('tid' => $tid, 'username' => $_G['username'], 'uid' => $uid, 'message' => $message, 'verified' => $verified, 'dateline' => $_G['timestamp'], 'payment' => $payment, 'ufielddata' => $ufielddata); if ($applyinfo && $applyinfo['verified'] == DzForumActivityApply::STATUS_VERIFIED_IMPROVE) { DzForumActivityApply::updateApplyById($data, $applyinfo['applyid']); } else { DzForumActivityApply::insertApply($data); } DzForumActivity::updateApplyNumberByTid($tid); if ($thread['authorid'] != $uid) { notification_add($thread['authorid'], 'activity', 'activity_notice', array('tid' => $tid, 'subject' => $thread['subject'])); $space = array(); space_merge($space, 'field_home'); if (!empty($space['privacy']['feed']['newreply'])) { $feed['icon'] = 'activity'; $feed['title_template'] = 'feed_reply_activity_title'; $feed['title_data'] = array('subject' => "<a href=\"forum.php?mod=viewthread&tid={$tid}\">{$thread['subject']}</a>", 'hash_data' => "tid{$tid}"); $feed['id'] = $tid; $feed['idtype'] = 'tid'; postfeed($feed); } } $res = $this->_makeErrorInfo($res, 'activity_completion'); $res['rs'] = 1; return $res; }
$buddyarray[] = $buddy; } } include template('pm_send'); exit; } elseif ($action == 'send' && submitcheck('pmsubmit')) { if (!$allowsendpm) { showmessage('pm_send_disable'); } if (!$adminid && $newbiespan && (!$lastpost || $timestamp - $lastpost < $newbiespan * 3600)) { $query = $db->query("SELECT regdate FROM {$tablepre}members WHERE uid='{$discuz_uid}'"); if ($timestamp - $db->result($query, 0) < $newbiespan * 3600) { showmessage('pm_newbie_span'); } } !($exempt & 1) && checklowerlimit($creditspolicy['sendpm'], -1); if (!empty($uid)) { $msgto = intval($uid); } else { if (!empty($msgtos)) { $buddynum = uc_friend_totalnum($discuz_uid, 3); $buddyarray = uc_friend_ls($discuz_uid, 1, $buddynum, $buddynum, 3); $uids = array(); foreach ($buddyarray as $buddy) { $uids[] = $buddy['friendid']; } $msgto = $p = ''; foreach ($msgtos as $uid) { $msgto .= in_array($uid, $uids) ? $p . $uid : ''; $p = ','; }
showmessage('replyperm_none_nopermission', NULL, array(), array('login' => 1)); } elseif ($_G['forum']['replyperm'] && !forumperm($_G['forum']['replyperm'])) { showmessagenoperm('replyperm', $_G['forum']['fid']); } } elseif ($_G['forum']['allowreply'] == -1) { showmessage('post_forum_newreply_nopermission', NULL); } if (!$_G['uid'] && ($_G['setting']['need_avatar'] || $_G['setting']['need_email'] || $_G['setting']['need_friendnum'])) { showmessage('replyperm_login_nopermission', NULL, array(), array('login' => 1)); } if (empty($thread)) { showmessage('thread_nonexistence'); } elseif ($thread['price'] > 0 && $thread['special'] == 0 && !$_G['uid']) { showmessage('group_nopermission', NULL, array('grouptitle' => $_G['group']['grouptitle']), array('login' => 1)); } checklowerlimit('reply', 0, 1, $_G['forum']['fid']); if ($_G['setting']['commentnumber'] && !empty($_GET['comment'])) { if (!submitcheck('commentsubmit', 0, $seccodecheck, $secqaacheck)) { showmessage('submitcheck_error', NULL); } $post = C::t('forum_post')->fetch('tid:' . $_G['tid'], $_GET['pid']); if (!$post) { showmessage('post_nonexistence', NULL); } if ($thread['closed'] && !$_G['forum']['ismoderator'] && !$thread['isgroup']) { showmessage('post_thread_closed'); } elseif (!$thread['isgroup'] && ($post_autoclose = checkautoclose($thread))) { showmessage($post_autoclose, '', array('autoclose' => $_G['forum']['autoclose'])); } elseif (checkflood()) { showmessage('post_flood_ctrl', '', array('floodctrl' => $_G['setting']['floodctrl'])); } elseif (checkmaxperhour('pid')) {
if ($subject == '') { showmessage('post_sm_isnull'); } if (!$sortid && !$special && $message == '') { showmessage('post_sm_isnull'); } if ($post_invalid = checkpost($special)) { showmessage($post_invalid); } if (checkflood()) { showmessage('post_flood_ctrl'); } if ($allowpostattach && is_array($_FILES['attach'])) { foreach ($_FILES['attach']['name'] as $attachname) { if ($attachname != '') { checklowerlimit($postattachcredits); break; } } } $typeid = isset($typeid) && isset($forum['threadtypes']['types'][$typeid]) ? $typeid : 0; $iconid = !empty($iconid) && isset($_DCACHE['icons'][$iconid]) ? $iconid : 0; $displayorder = $modnewthreads ? -2 : ($forum['ismoderator'] && !empty($sticktopic) ? 1 : 0); $digest = $forum['ismoderator'] && !empty($addtodigest) ? 1 : 0; $readperm = $allowsetreadperm ? $readperm : 0; $isanonymous = $isanonymous && $allowanonymous ? 1 : 0; $price = intval($price); $price = $maxprice && !$special ? $price <= $maxprice ? $price : $maxprice : 0; if (!$typeid && $forum['threadtypes']['required'] && !$special) { showmessage('post_type_isnull'); }
if (empty($value) && $key != 'residedist' && $key != 'residecommunity') { showmessage('activity_exile_field'); } $ufielddata['userfield'][$key] = $value; } } if (!empty($activity['ufield']['extfield'])) { foreach ($activity['ufield']['extfield'] as $fieldid) { $value = cutstr(dhtmlspecialchars(trim($_GET['' . $fieldid])), 50, '.'); $ufielddata['extfield'][$fieldid] = $value; } } $ufielddata = !empty($ufielddata) ? serialize($ufielddata) : ''; } if ($_G['setting']['activitycredit'] && $activity['credit'] && empty($applyinfo['verified'])) { checklowerlimit(array('extcredits' . $_G['setting']['activitycredit'] => '-' . $activity['credit'])); updatemembercount($_G['uid'], array($_G['setting']['activitycredit'] => '-' . $activity['credit']), true, 'ACC', $_G['tid']); } if ($applyinfo && $applyinfo['verified'] == 2) { $newinfo = array('tid' => $_G['tid'], 'username' => $_G['username'], 'uid' => $_G['uid'], 'message' => $message, 'verified' => $verified, 'dateline' => $_G['timestamp'], 'payment' => $payment, 'ufielddata' => $ufielddata); C::t('forum_activityapply')->update($applyinfo['appyid'], $newinfo); } else { $data = array('tid' => $_G['tid'], 'username' => $_G['username'], 'uid' => $_G['uid'], 'message' => $message, 'verified' => $verified, 'dateline' => $_G['timestamp'], 'payment' => $payment, 'ufielddata' => $ufielddata); C::t('forum_activityapply')->insert($data); } $applynumber = C::t('forum_activityapply')->fetch_count_for_thread($_G['tid']); C::t('forum_activity')->update($_G['tid'], array('applynumber' => $applynumber)); if ($thread['authorid'] != $_G['uid']) { notification_add($thread['authorid'], 'activity', 'activity_notice', array('tid' => $_G['tid'], 'subject' => $thread['subject'])); $space = array(); space_merge($space, 'field_home');
private function replyPost($extract) { global $_G; extract($extract); // 获取主题和帖子要插入的状态信息 $topicStatus = ForumUtils::getPostSendStatus('topic', $_GET['platType']); $postStatus = ForumUtils::getPostSendStatus('post', $_GET['platType']); //$navtitle .= ' - '.$thread['subject'].' - '.$_G['forum']['name']; //copy from dz source/include/post/post_newreply.php require_once libfile('function/forumlist'); $isfirstpost = 0; $showthreadsorts = 0; $quotemessage = ''; if (!$_G['uid'] && !(!$_G['forum']['replyperm'] && $_G['group']['allowreply'] || $_G['forum']['replyperm'] && forumperm($_G['forum']['replyperm']))) { return WebUtils::makeErrorInfo_oldVersion($res, 'replyperm_login_nopermission', array('{login}' => 1)); } elseif (empty($_G['forum']['allowreply'])) { if (!$_G['forum']['replyperm'] && !$_G['group']['allowreply']) { return WebUtils::makeErrorInfo_oldVersion($res, 'replyperm_none_nopermission', array('{login}' => 1)); } elseif ($_G['forum']['replyperm'] && !forumperm($_G['forum']['replyperm'])) { $msg = mobcent_showmessagenoperm('replyperm', $_G['forum']['fid']); return WebUtils::makeErrorInfo_oldVersion($res, $msg['message'], $msg['params']); } } elseif ($_G['forum']['allowreply'] == -1) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_forum_newreply_nopermission'); } if (!$_G['uid'] && ($_G['setting']['need_avatar'] || $_G['setting']['need_email'] || $_G['setting']['need_friendnum'])) { return WebUtils::makeErrorInfo_oldVersion($res, 'replyperm_login_nopermission', array('{login}' => 1)); } if (empty($thread)) { return WebUtils::makeErrorInfo_oldVersion($res, 'thread_nonexistence'); } elseif ($thread['price'] > 0 && $thread['special'] == 0 && !$_G['uid']) { return WebUtils::makeErrorInfo_oldVersion($res, 'group_nopermission', array('{grouptitle}' => $_G['group']['grouptitle'])); } checklowerlimit('reply', 0, 1, $_G['forum']['fid']); if ($_G['setting']['commentnumber'] && !empty($_GET['comment'])) { if (!submitcheck('commentsubmit', 0, $seccodecheck, $secqaacheck)) { return WebUtils::makeErrorInfo_oldVersion($res, 'forum_passwd'); showmessage('submitcheck_error', NULL); } $post = C::t('forum_post')->fetch('tid:' . $_G['tid'], $_GET['pid']); if (!$post) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_nonexistence'); } if ($thread['closed'] && !$_G['forum']['ismoderator'] && !$thread['isgroup']) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_thread_closed'); } elseif (!$thread['isgroup'] && ($post_autoclose = checkautoclose($thread))) { return WebUtils::makeErrorInfo_oldVersion($res, $post_autoclose, array('{autoclose}' => $_G['forum']['autoclose'])); } elseif (checkflood()) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_flood_ctrl', array('{floodctrl}' => $_G['setting']['floodctrl'])); } elseif (checkmaxperhour('pid')) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_flood_ctrl_posts_per_hour', array('posts_per_hour' => $_G['group']['maxpostsperhour'])); } $commentscore = ''; if (!empty($_GET['commentitem']) && !empty($_G['uid']) && $post['authorid'] != $_G['uid']) { foreach ($_GET['commentitem'] as $itemk => $itemv) { if ($itemv !== '') { $commentscore .= strip_tags(trim($itemk)) . ': <i>' . intval($itemv) . '</i> '; } } } $comment = cutstr(($commentscore ? $commentscore . '<br />' : '') . censor(trim(dhtmlspecialchars($_GET['message'])), '***'), 200, ' '); if (!$comment) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_sm_isnull'); } C::t('forum_postcomment')->insert(array('tid' => $post['tid'], 'pid' => $post['pid'], 'author' => $_G['username'], 'authorid' => $_G['uid'], 'dateline' => TIMESTAMP, 'comment' => $comment, 'score' => $commentscore ? 1 : 0, 'useip' => $_G['clientip'])); C::t('forum_post')->update('tid:' . $_G['tid'], $_GET['pid'], array('comment' => 1)); if (!empty($_G['uid'])) { Mobcent::import(MOBCENT_APP_ROOT . '/components/discuz/source/function/function_post.php'); mobcent_updatepostcredits('+', $_G['uid'], 'reply', $_G['fid']); } if (!empty($_G['uid']) && $_G['uid'] != $post['authorid']) { notification_add($post['authorid'], 'pcomment', 'comment_add', array('tid' => $_G['tid'], 'pid' => $_GET['pid'], 'subject' => $thread['subject'], 'from_id' => $_G['tid'], 'from_idtype' => 'pcomment', 'commentmsg' => cutstr(str_replace(array('[b]', '[/b]', '[/color]'), '', preg_replace("/\\[color=([#\\w]+?)\\]/i", "", $comment)), 200))); } update_threadpartake($post['tid']); $pcid = C::t('forum_postcomment')->fetch_standpoint_by_pid($_GET['pid']); $pcid = $pcid['id']; if (!empty($_G['uid']) && $_GET['commentitem']) { $totalcomment = array(); foreach (C::t('forum_postcomment')->fetch_all_by_pid_score($_GET['pid'], 1) as $comment) { $comment['comment'] = addslashes($comment['comment']); if (strexists($comment['comment'], '<br />')) { if (preg_match_all("/([^:]+?):\\s<i>(\\d+)<\\/i>/", $comment['comment'], $a)) { foreach ($a[1] as $k => $itemk) { $totalcomment[trim($itemk)][] = $a[2][$k]; } } } } $totalv = ''; foreach ($totalcomment as $itemk => $itemv) { $totalv .= strip_tags(trim($itemk)) . ': <i>' . floatval(sprintf('%1.1f', array_sum($itemv) / count($itemv))) . '</i> '; } if ($pcid) { C::t('forum_postcomment')->update($pcid, array('comment' => $totalv, 'dateline' => TIMESTAMP + 1)); } else { C::t('forum_postcomment')->insert(array('tid' => $post['tid'], 'pid' => $post['pid'], 'author' => '', 'authorid' => '-1', 'dateline' => TIMESTAMP + 1, 'comment' => $totalv)); } } C::t('forum_postcache')->delete($post['pid']); return WebUtils::makeErrorInfo_oldVersion($res, 'comment_add_succeed'); //showmessage('comment_add_succeed', "forum.php?mod=viewthread&tid=$post[tid]&pid=$post[pid]&page=$_GET[page]&extra=$extra#pid$post[pid]", array('tid' => $post['tid'], 'pid' => $post['pid'])); } if ($special == 127) { $postinfo = C::t('forum_post')->fetch_threadpost_by_tid_invisible($_G['tid']); $sppos = strrpos($postinfo['message'], chr(0) . chr(0) . chr(0)); $specialextra = substr($postinfo['message'], $sppos + 3); } if (getstatus($thread['status'], 3)) { $rushinfo = C::t('forum_threadrush')->fetch($_G['tid']); if ($rushinfo['creditlimit'] != -996) { $checkcreditsvalue = $_G['setting']['creditstransextra'][11] ? getuserprofile('extcredits' . $_G['setting']['creditstransextra'][11]) : $_G['member']['credits']; if ($checkcreditsvalue < $rushinfo['creditlimit']) { $creditlimit_title = $_G['setting']['creditstransextra'][11] ? $_G['setting']['extcredits'][$_G['setting']['creditstransextra'][11]]['title'] : lang('forum/misc', 'credit_total'); return WebUtils::makeErrorInfo_oldVersion($res, 'forum_passwd'); showmessage('post_rushreply_creditlimit', '', array('creditlimit_title' => $creditlimit_title, 'creditlimit' => $rushinfo['creditlimit'])); } } // author:HanPengyu Date:2014/11/20 针对x3版本的抢楼帖回帖限制控制 if (isset($rushinfo['replylimit']) && $rushinfo['replylimit'] > 0) { $replycount = C::t('forum_post')->count_by_tid_invisible_authorid($thread['tid'], $_G['uid']); if ($replycount >= $rushinfo['replylimit']) { return WebUtils::makeErrorInfo_oldVersion($res, lang('message', 'noreply_replynum_error')); } } } if ($thread['closed'] && !$_G['forum']['ismoderator'] && !$thread['isgroup']) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_thread_closed'); } elseif (!$thread['isgroup'] && ($post_autoclose = checkautoclose($thread))) { return WebUtils::makeErrorInfo_oldVersion($res, $post_autoclose, array('{autoclose}' => $_G['forum']['autoclose'])); } if (trim($subject) == '' && trim($message) == '' && $thread['special'] != 2) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_sm_isnull'); } elseif ($post_invalid = checkpost($subject, $message, $special == 2 && $_G['group']['allowposttrade'])) { return WebUtils::makeErrorInfo_oldVersion($res, $post_invalid, array('{minpostsize}' => $_G['setting']['minpostsize']), array('{maxpostsize}' => $_G['setting']['maxpostsize'])); //showmessage($post_invalid, '', array('minpostsize' => $_G['setting']['minpostsize'], 'maxpostsize' => $_G['setting']['maxpostsize'])); } elseif (checkflood()) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_flood_ctrl', array('{floodctrl}' => $_G['setting']['floodctrl'])); //showmessage('post_flood_ctrl', '', array('floodctrl' => $_G['setting']['floodctrl'])); } elseif (checkmaxperhour('pid')) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_flood_ctrl_posts_per_hour', array('{posts_per_hour}' => $_G['group']['maxpostsperhour'])); //showmessage('post_flood_ctrl_posts_per_hour', '', array('posts_per_hour' => $_G['group']['maxpostsperhour'])); } $attentionon = empty($_GET['attention_add']) ? 0 : 1; $attentionoff = empty($attention_remove) ? 0 : 1; $heatthreadset = update_threadpartake($_G['tid'], true); if ($_G['group']['allowat']) { $atlist = $atlist_tmp = $ateduids = array(); preg_match_all("/@([^\r\n]*?)\\s/i", $message . ' ', $atlist_tmp); $atlist_tmp = array_slice(array_unique($atlist_tmp[1]), 0, $_G['group']['allowat']); $atnum = $maxselect = 0; foreach (C::t('home_notification')->fetch_all_by_authorid_fromid($_G['uid'], $_G['tid'], 'at') as $row) { $atnum++; $ateduids[$row[uid]] = $row['uid']; } $maxselect = $_G['group']['allowat'] - $atnum; if ($maxselect > 0 && !empty($atlist_tmp)) { if (empty($_G['setting']['at_anyone'])) { foreach (C::t('home_follow')->fetch_all_by_uid_fusername($_G['uid'], $atlist_tmp) as $row) { if (!in_array($row['followuid'], $ateduids)) { $atlist[$row[followuid]] = $row['fusername']; } if (count($atlist) == $maxselect) { break; } } if (count($atlist) < $maxselect) { $query = C::t('home_friend')->fetch_all_by_uid_username($_G['uid'], $atlist_tmp); foreach ($query as $row) { if (!in_array($row['followuid'], $ateduids)) { $atlist[$row[fuid]] = $row['fusername']; } } } } else { foreach (C::t('common_member')->fetch_all_by_username($atlist_tmp) as $row) { if (!in_array($row['uid'], $ateduids)) { $atlist[$row[uid]] = $row['username']; } if (count($atlist) == $maxselect) { break; } } } } if ($atlist) { foreach ($atlist as $atuid => $atusername) { $atsearch[] = "/@" . str_replace('/', '\\/', preg_quote($atusername)) . " /i"; $atreplace[] = "[url=home.php?mod=space&uid={$atuid}]@{$atusername}[/url] "; } $message = preg_replace($atsearch, $atreplace, $message . ' ', 1); } } $bbcodeoff = checkbbcodes($message, !empty($_GET['bbcodeoff'])); $smileyoff = checksmilies($message, !empty($_GET['smileyoff'])); $parseurloff = !empty($_GET['parseurloff']); $htmlon = $_G['group']['allowhtml'] && !empty($_GET['htmlon']) ? 1 : 0; $usesig = !empty($_GET['usesig']) && $_G['group']['maxsigsize'] ? 1 : 0; $isanonymous = $_G['group']['allowanonymous'] && !empty($_GET['isanonymous']) ? 1 : 0; $author = empty($isanonymous) ? $_G['username'] : ''; if ($thread['displayorder'] == -4) { $modnewreplies = 0; } $pinvisible = $modnewreplies ? -2 : ($thread['displayorder'] == -4 ? -3 : 0); $message = preg_replace('/\\[attachimg\\](\\d+)\\[\\/attachimg\\]/is', '[attach]\\1[/attach]', $message); $postcomment = in_array(2, $_G['setting']['allowpostcomment']) && $_G['group']['allowcommentreply'] && !$pinvisible && !empty($_GET['reppid']) && ($nauthorid != $_G['uid'] || $_G['setting']['commentpostself']) ? messagecutstr($message, 200, ' ') : ''; if (!empty($_GET['noticetrimstr'])) { $message = $_GET['noticetrimstr'] . "\n\n" . $message; $bbcodeoff = false; } $pid = insertpost(array('fid' => $_G['fid'], 'tid' => $_G['tid'], 'first' => '0', 'author' => $_G['username'], 'authorid' => $_G['uid'], 'subject' => $subject, 'dateline' => $_G['timestamp'], 'message' => $message, 'useip' => $_G['clientip'], 'invisible' => $pinvisible, 'anonymous' => $isanonymous, 'usesig' => $usesig, 'htmlon' => $htmlon, 'bbcodeoff' => $bbcodeoff, 'smileyoff' => $smileyoff, 'parseurloff' => $parseurloff, 'attachment' => '0', 'status' => (defined('IN_MOBILE') ? 8 : 0) | $postStatus)); if ($_G['group']['allowat'] && $atlist) { foreach ($atlist as $atuid => $atusername) { notification_add($atuid, 'at', 'at_message', array('from_id' => $_G['tid'], 'from_idtype' => 'at', 'buyerid' => $_G['uid'], 'buyer' => $_G['username'], 'tid' => $_G['tid'], 'subject' => $thread['subject'], 'pid' => $pid, 'message' => messagecutstr($message, 150))); } set_atlist_cookie(array_keys($atlist)); } $updatethreaddata = $heatthreadset ? $heatthreadset : array(); $postionid = C::t('forum_post')->fetch_maxposition_by_tid($thread['posttableid'], $_G['tid']); $updatethreaddata[] = DB::field('maxposition', $postionid); if (getstatus($thread['status'], 3) && $postionid) { $rushstopfloor = $rushinfo['stopfloor']; if ($rushstopfloor > 0 && $thread['closed'] == 0 && $postionid >= $rushstopfloor) { $updatethreaddata[] = 'closed=1'; } } useractionlog($_G['uid'], 'pid'); $nauthorid = 0; if (!empty($_GET['noticeauthor']) && !$isanonymous && !$modnewreplies) { list($ac, $nauthorid) = explode('|', authcode($_GET['noticeauthor'], 'DECODE')); if ($nauthorid != $_G['uid']) { if ($ac == 'q') { notification_add($nauthorid, 'post', 'reppost_noticeauthor', array('tid' => $thread['tid'], 'subject' => $thread['subject'], 'fid' => $_G['fid'], 'pid' => $pid, 'from_id' => $pid, 'from_idtype' => 'quote')); } elseif ($ac == 'r') { notification_add($nauthorid, 'post', 'reppost_noticeauthor', array('tid' => $thread['tid'], 'subject' => $thread['subject'], 'fid' => $_G['fid'], 'pid' => $pid, 'from_id' => $thread['tid'], 'from_idtype' => 'post')); } } if ($postcomment) { $rpid = intval($_GET['reppid']); if ($rpost = C::t('forum_post')->fetch('tid:' . $thread['tid'], $rpid)) { if (!$rpost['first']) { C::t('forum_postcomment')->insert(array('tid' => $thread['tid'], 'pid' => $rpid, 'rpid' => $pid, 'author' => $_G['username'], 'authorid' => $_G['uid'], 'dateline' => TIMESTAMP, 'comment' => $postcomment, 'score' => 0, 'useip' => $_G['clientip'])); C::t('forum_post')->update('tid:' . $thread['tid'], $rpid, array('comment' => 1)); C::t('forum_postcache')->delete($rpid); } } unset($postcomment); } } if ($thread['authorid'] != $_G['uid'] && getstatus($thread['status'], 6) && empty($_GET['noticeauthor']) && !$isanonymous && !$modnewreplies) { $thapost = C::t('forum_post')->fetch_threadpost_by_tid_invisible($_G['tid'], 0); notification_add($thapost['authorid'], 'post', 'reppost_noticeauthor', array('tid' => $thread['tid'], 'subject' => $thread['subject'], 'fid' => $_G['fid'], 'pid' => $pid, 'from_id' => $thread['tid'], 'from_idtype' => 'post')); // ios push UserUtils::pushIOSMessage($thread['authorid'], 'reply', $_G['username'] . WebUtils::t(' 回复了您的帖子 ') . $thread['subject']); } $feedid = 0; if (helper_access::check_module('follow') && !empty($_GET['adddynamic']) && !$isanonymous) { require_once libfile('function/discuzcode'); require_once libfile('function/followcode'); $feedcontent = C::t('forum_threadpreview')->count_by_tid($thread['tid']); $firstpost = C::t('forum_post')->fetch_threadpost_by_tid_invisible($thread['tid']); if (empty($feedcontent)) { $feedcontent = array('tid' => $thread['tid'], 'content' => followcode($firstpost['message'], $thread['tid'], $pid, 1000)); C::t('forum_threadpreview')->insert($feedcontent); C::t('forum_thread')->update_status_by_tid($thread['tid'], '512'); } else { C::t('forum_threadpreview')->update_relay_by_tid($thread['tid'], 1); } $notemsg = cutstr(followcode($message, $thread['tid'], $pid, 0, false), 140); $followfeed = array('uid' => $_G['uid'], 'username' => $_G['username'], 'tid' => $thread['tid'], 'note' => $notemsg, 'dateline' => TIMESTAMP); $feedid = C::t('home_follow_feed')->insert($followfeed, true); C::t('common_member_count')->increase($_G['uid'], array('feeds' => 1)); } if ($thread['replycredit'] > 0 && !$modnewreplies && $thread['authorid'] != $_G['uid'] && $_G['uid']) { $replycredit_rule = C::t('forum_replycredit')->fetch($_G['tid']); if (!empty($replycredit_rule['times'])) { $have_replycredit = C::t('common_credit_log')->count_by_uid_operation_relatedid($_G['uid'], 'RCA', $_G['tid']); if ($replycredit_rule['membertimes'] - $have_replycredit > 0 && $thread['replycredit'] - $replycredit_rule['extcredits'] >= 0) { $replycredit_rule['extcreditstype'] = $replycredit_rule['extcreditstype'] ? $replycredit_rule['extcreditstype'] : $_G['setting']['creditstransextra'][10]; if ($replycredit_rule['random'] > 0) { $rand = rand(1, 100); $rand_replycredit = $rand <= $replycredit_rule['random'] ? true : false; } else { $rand_replycredit = true; } if ($rand_replycredit) { updatemembercount($_G['uid'], array($replycredit_rule['extcreditstype'] => $replycredit_rule['extcredits']), 1, 'RCA', $_G[tid]); C::t('forum_post')->update('tid:' . $_G['tid'], $pid, array('replycredit' => $replycredit_rule['extcredits'])); $updatethreaddata[] = DB::field('replycredit', $thread['replycredit'] - $replycredit_rule['extcredits']); } } } } ($_G['group']['allowpostattach'] || $_G['group']['allowpostimage']) && ($_GET['attachnew'] || $special == 2 && $_GET['tradeaid']) && updateattach($thread['displayorder'] == -4 || $modnewreplies, $_G['tid'], $pid, $_GET['attachnew']); $replymessage = 'post_reply_succeed'; if ($special == 2 && $_G['group']['allowposttrade'] && $thread['authorid'] == $_G['uid'] && !empty($_GET['trade']) && !empty($_GET['item_name'])) { require_once libfile('function/trade'); trade_create(array('tid' => $_G['tid'], 'pid' => $pid, 'aid' => $_GET['tradeaid'], 'item_expiration' => $_GET['item_expiration'], 'thread' => $thread, 'discuz_uid' => $_G['uid'], 'author' => $author, 'seller' => empty($_GET['paymethod']) && $_GET['seller'] ? dhtmlspecialchars(trim($_GET['seller'])) : '', 'item_name' => $_GET['item_name'], 'item_price' => $_GET['item_price'], 'item_number' => $_GET['item_number'], 'item_quality' => $_GET['item_quality'], 'item_locus' => $_GET['item_locus'], 'transport' => $_GET['transport'], 'postage_mail' => $_GET['postage_mail'], 'postage_express' => $_GET['postage_express'], 'postage_ems' => $_GET['postage_ems'], 'item_type' => $_GET['item_type'], 'item_costprice' => $_GET['item_costprice'], 'item_credit' => $_GET['item_credit'], 'item_costcredit' => $_GET['item_costcredit'])); $replymessage = 'trade_add_succeed'; if (!empty($_GET['tradeaid'])) { convertunusedattach($_GET['tradeaid'], $_G['tid'], $pid); } } $_G['forum']['threadcaches'] && deletethreadcaches($_G['tid']); include_once libfile('function/stat'); updatestat($thread['isgroup'] ? 'grouppost' : 'post'); $param = array('fid' => $_G['fid'], 'tid' => $_G['tid'], 'pid' => $pid, 'from' => $_GET['from'], 'sechash' => !empty($_GET['sechash']) ? $_GET['sechash'] : ''); if ($feedid) { $param['feedid'] = $feedid; } dsetcookie('clearUserdata', 'forum'); if ($modnewreplies) { updatemoderate('pid', $pid); unset($param['pid']); if ($updatethreaddata) { C::t('forum_thread')->update($_G['tid'], $updatethreaddata, false, false, 0, true); } C::t('forum_forum')->update_forum_counter($_G['fid'], 0, 0, 1, 1); $url = empty($_POST['portal_referer']) ? "forum.php?mod=viewthread&tid={$thread[tid]}" : $_POST['portal_referer']; manage_addnotify('verifypost'); // if(!isset($inspacecpshare)) { return WebUtils::makeErrorInfo_oldVersion($res, 'post_reply_mod_succeed', array('noError' => 1)); //showmessage('post_reply_mod_succeed', $url, $param); // } } else { $fieldarr = array('lastposter' => array($author), 'replies' => 1); if ($thread['lastpost'] < $_G['timestamp']) { $fieldarr['lastpost'] = array($_G['timestamp']); } $row = C::t('forum_threadaddviews')->fetch($_G['tid']); if (!empty($row)) { C::t('forum_threadaddviews')->update($_G['tid'], array('addviews' => 0)); $fieldarr['views'] = $row['addviews']; } $updatethreaddata = array_merge($updatethreaddata, C::t('forum_thread')->increase($_G['tid'], $fieldarr, false, 0, true)); if ($thread['displayorder'] != -4) { Mobcent::import(MOBCENT_APP_ROOT . '/components/discuz/source/function/function_post.php'); mobcent_updatepostcredits('+', $_G['uid'], 'reply', $_G['fid']); if ($_G['forum']['status'] == 3) { if ($_G['forum']['closed'] > 1) { C::t('forum_thread')->increase($_G['forum']['closed'], $fieldarr, true); } C::t('forum_groupuser')->update_counter_for_user($_G['uid'], $_G['fid'], 0, 1); C::t('forum_forumfield')->update($_G['fid'], array('lastupdate' => TIMESTAMP)); require_once libfile('function/grouplog'); updategroupcreditlog($_G['fid'], $_G['uid']); } $lastpost = "{$thread['tid']}\t{$thread['subject']}\t{$_G['timestamp']}\t{$author}"; C::t('forum_forum')->update($_G['fid'], array('lastpost' => $lastpost)); C::t('forum_forum')->update_forum_counter($_G['fid'], 0, 1, 1); if ($_G['forum']['type'] == 'sub') { C::t('forum_forum')->update($_G['forum']['fup'], array('lastpost' => $lastpost)); } } $page = getstatus($thread['status'], 4) ? 1 : @ceil(($thread['special'] ? $thread['replies'] + 1 : $thread['replies'] + 2) / $_G['ppp']); if ($updatethreaddata) { C::t('forum_thread')->update($_G['tid'], $updatethreaddata, false, false, 0, true); } /* if(!isset($inspacecpshare)) { // showmessage($replymessage, $url, $param); } */ } if ($jsonInfo['isShowPostion']) { $data = DB::query('INSERT INTO %t VALUES(poi_id,%f,%f,%d,%d,%s)', array('home_surrounding_user', $jsonInfo['longitude'], $jsonInfo['latitude'], $pid, 2, (string) $jsonInfo['location'])); } /* //客户端回复帖子积分入库 $temp = DB::fetch_first('SELECT extcredits3 FROM '.DB::table('common_credit_rule').' WHERE rid =%d',array(2)); $extcredits3 = DB::fetch_first('SELECT extcredits3 FROM '.DB::table('common_member_count').' WHERE uid = %d',array($_G['uid'])); $temp = $extcredits3['extcredits3'] + $temp['extcredits3']; DB::query('UPDATE '.DB::table('common_member_count').' set extcredits3 = %d WHERE uid = %d',array($temp,$_G['uid'])); */ // return array('rs'=>1,'errcode'=>WebUtils::t('发贴成功')); return $this->makeErrorInfo($res, 'mobcent_post_reply_succeed', array('noError' => 1)); }
function updateattach() { global $db, $tablepre, $attachsave, $attachdir, $discuz_uid, $postattachcredits, $tid, $pid, $attachextensions, $attachnew, $attachdel, $allowsetattachperm, $maxprice, $watermarkstatus; $imageexists = 0; $attachnew = (array) $attachnew; $sqladd = $pid > 0 ? "OR pid='{$pid}'" : ''; $query = $db->query("SELECT * FROM {$tablepre}attachments WHERE (uid='{$discuz_uid}' AND tid='0') {$sqladd}"); $attachnum = $db->num_rows($query); if ($attachnum) { if ($attachnum -= count($attachdel)) { checklowerlimit($postattachcredits, $attachnum); } $attachcount = 0; $delaids = array(); while ($attach = $db->fetch_array($query)) { if (is_array($attachdel) && in_array($attach['aid'], $attachdel)) { dunlink($attach['attachment'], $attach['thumb']); $delaids[] = $attach['aid']; continue; } $extension = strtolower(fileext($attach['filename'])); if ($attachextensions && (!preg_match("/(^|\\s|,)" . preg_quote($extension, '/') . "(\$|\\s|,)/i", $attachextensions) || !$extension)) { continue; } $anew = $attachnew[$attach['aid']]; $anew['aid'] = $attach['aid']; $anew['ext'] = $extension; $anew['size'] = $attach['filesize']; if ($attach['pid'] == 0) { $attach_basename = basename($attach['attachment']); $attach_src = $attachdir . '/' . $attach['attachment']; if ($attachsave) { switch ($attachsave) { case 1: $attach_subdir = 'forumid_' . $GLOBALS['fid']; break; case 2: $attach_subdir = 'ext_' . $extension; break; case 3: $attach_subdir = 'month_' . date('ym'); break; case 4: $attach_subdir = 'day_' . date('ymd'); break; } $attach_descdir = $attachdir . '/' . $attach_subdir; $anew['attachment'] = $attach_subdir . '/' . $attach_basename; } else { $attach_descdir = $attachdir; $anew['attachment'] = $attach_basename; } $anew['thumb'] = $attach['thumb']; $attach_desc = $attach_descdir . '/' . $attach_basename; if ($attach['isimage'] && $watermarkstatus) { require_once DISCUZ_ROOT . './include/image.class.php'; $image = new Image($attach_src, $attach); if ($image->imagecreatefromfunc && $image->imagefunc) { $image->Watermark(); $attach = $image->attach; $attach['filesize'] = $attach['size']; } } if (!is_dir($attach_descdir)) { @mkdir($attach_descdir, 0777); @fclose(fopen($attach_descdir . '/index.htm', 'w')); } if ($attach['thumb'] == 1) { if (!@rename($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg') && @copy($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg')) { @unlink($attach_src . '.thumb.jpg'); } } if (!@rename($attach_src, $attach_desc) && @copy($attach_src, $attach_desc)) { @unlink($attach_src); } $anew['remote'] = ftpupload($attach_desc, $anew); $attachcount++; } if ($attach['isimage']) { $imageexists = 1; } $anew['filesize'] = $attach['filesize']; $anew['perm'] = $allowsetattachperm ? $anew['perm'] : 0; $anew['description'] = cutstr(dhtmlspecialchars($anew['description']), 100); $anew['price'] = $maxprice ? intval($anew['price']) <= $maxprice ? intval($anew['price']) : $maxprice : 0; $sqladd = $attach['pid'] == 0 ? ", tid='{$tid}', pid='{$pid}', attachment='{$anew['attachment']}', remote='{$anew['remote']}'" : ''; $db->query("UPDATE {$tablepre}attachments SET readperm='{$anew['readperm']}', price='{$anew['price']}', filesize='{$anew['filesize']}' {$sqladd} WHERE aid='{$attach['aid']}'"); if ($anew['description']) { $db->query("REPLACE INTO {$tablepre}attachmentfields (aid, tid, pid, uid, description) VALUES ('{$attach['aid']}', '{$tid}', '{$pid}', '{$attach['uid']}', '{$anew['description']}')"); } } if ($delaids) { $db->query("DELETE FROM {$tablepre}attachments WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED'); $db->query("DELETE FROM {$tablepre}attachmentfields WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED'); } $attachment = $imageexists ? 2 : 1; if ($attachcount) { $db->query("UPDATE {$tablepre}threads SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED'); $db->query("UPDATE {$tablepre}posts SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED'); updatecredits($discuz_uid, $postattachcredits, $attachcount); } } }
$keyword = $keyword != '' ? str_replace('+', ' ', $keyword) : ''; $index['keywords'] = rawurlencode($index['keywords']); $searchstring = explode('|', $index['searchstring']); $index['searchtype'] = $searchstring[0]; //preg_replace("/^([a-z]+)\|.*/", "\\1", $index['searchstring']); $srchuname = $searchstring[3]; $threadlist = array(); $query = $sdb->query("SELECT * FROM " . DB::table('forum_thread') . " WHERE tid IN ({$index['tids']}) AND displayorder>='0' ORDER BY {$orderby} {$ascdesc} LIMIT {$start_limit}, {$_G['tpp']}"); while ($thread = $sdb->fetch_array($query)) { $threadlist[] = procthread($thread); } $multipage = multi($index['threads'], $_G['tpp'], $page, "forum.php?mod=search&searchid={$searchid}&orderby={$orderby}&ascdesc={$ascdesc}&searchsubmit=yes"); $url_forward = 'forum.php?mod=search&' . $_SERVER['QUERY_STRING']; include template('forum/search'); } else { !($_G['group']['exempt'] & 2) && checklowerlimit('getattach'); $srchuname = isset($_G['gp_srchuname']) ? trim($_G['gp_srchuname']) : ''; if ($_G['group']['allowsearch'] == 2 && $srchtype == 'fulltext') { periodscheck('searchbanperiods'); } elseif ($srchtype != 'title') { $srchtype = 'title'; } $forumsarray = array(); if (!empty($srchfid)) { foreach (is_array($srchfid) ? $srchfid : explode('_', $srchfid) as $forum) { if ($forum = intval(trim($forum))) { $forumsarray[] = $forum; } } } $fids = $comma = '';