<?php require dirname(__FILE__) . "/global.php"; if ($loginArr['state'] == 0) { header("location:./login.php"); } else { if (isset($_GET['do'], $_POST['reportcontent'], $_POST['reportpid']) && $_GET['do'] == "report") { $content = trim(filterCode($_POST['reportcontent'])); $pid = intval($_POST['reportpid']); $content_len = getStrlen($content); if ($content_len < 3 || $content_len > 80) { echo "1 举报原由应控制在3到80个字之间"; } else { $DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname); $postArr = $TB->getPostInfo($pid); if (empty($postArr['pid'])) { echo "0 该帖已被删除!"; } else { $reportArr['uname'] = $loginArr['name']; $reportArr['uid'] = $loginArr['uid']; $reportArr['fid'] = $postArr['fid']; $reportArr['tid'] = $postArr['tid']; $reportArr['pid'] = $postArr['pid']; $reportArr['author'] = $postArr['author']; $reportArr['authorid'] = $postArr['authorid']; $reportArr['message'] = $content; $reportArr['dateline'] = time(); if ($DB->query($DB->insert_sql("`" . $table_report . "`", $reportArr))) { echo "0 举报成功,感谢您对本吧的支持。"; } else { echo "1 数据库繁忙,请重试!";
$DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname); $forumArr = $QA->getForumInfo($_GET['fid']); if (!empty($forumArr['fid'])) { if (isset($_POST['name'], $_POST['category'], $_POST['intro'], $_POST['push'])) { $name = strAddslashes(trim($_POST['name'])); $cid = $_POST['category']; $intro = filterCode($_POST['intro']); $push = $_POST['push']; if (empty($name) || getStrlen($name) > 15 || !wordCheck($name)) { echo "<script>alert('换一个吧名吧');</script>"; } else { $BId = $DB->fetch_one("SELECT `fid` FROM `" . $table_forum . "` WHERE lower(`name`)='" . strtolower($name) . "'"); if (!empty($BId) && $BId != $forumArr['fid']) { echo "<script>alert('该吧已存在,请更换吧名。');</script>"; } else { if (getStrlen($intro) > 90) { echo "<script>alert('吧简介不能超过90个字');</script>"; } else { $forumInfo['cid'] = $cid; $forumInfo['name'] = $name; $forumInfo['synopsis'] = $intro; if ($forumArr['commend'] == 0) { if ($push > 0) { $forumInfo['commend'] = time(); } } else { if ($push == 0) { $forumInfo['commend'] = 0; } if ($push == 2) { $forumInfo['commend'] = time();
<?php require dirname(__FILE__) . "/global.php"; if (isset($_POST['do'], $_POST['fid'], $_POST['title'], $_POST['content']) && $_POST['do'] == "Topic") { if ($userGroup[$loginArr['group']]['topic'] == 0) { die("0 " . $userGroup[$loginArr['group']]['name'] . "不能发表主题帖"); } $postTime = time(); if (isset($_COOKIE['lastPostTime']) && $postTime - $_COOKIE['lastPostTime'] < 15) { die("0 您的发帖速度太快了!"); } $title = ltrim(filterCode($_POST['title'])); $title_len = getStrlen($title); if ($title_len < 3 || $title_len > 32) { die("0 帖子标题:至少3个字符,不超过32个字符"); } if (!filterCheck($title)) { die("0 帖子标题中含有系统不允许的关键词"); } $content = filterCode(htmlToUBB($_POST['content']), false); $checkContent = checkPostContent($content, 5, 22); if ($checkContent != "") { die("0 " . $checkContent); } $DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname); $forumArr = $DB->fetch_one_array("SELECT `fid`,`moderator` FROM `" . $table_forum . "` WHERE `fid`='" . $_POST['fid'] . "'"); if (empty($forumArr['fid'])) { echo "0 该吧不存在或者已被删除"; } else { if ($loginArr['state'] == 1) { $authorid = $loginArr['uid'];
echo "1"; } else { echo "0"; } } else { echo "2"; } } $DB->close(); exit; } if (isset($_GET['action'], $_POST['father'], $_POST['name'], $_POST['cid']) && $_GET['action'] == "do") { $fatherId = $_POST['father']; $name = trim(strAddslashes($_POST['name'])); $cid = $_POST['cid']; if (empty($name) || !wordCheck($name) || getStrlen($name) > 15) { echo "<script>alert('名称不合法');</script>"; } else { if ($fatherId > 0 && $DB->fetch_one("SELECT COUNT(`cid`) FROM `" . $table_catalog . "` WHERE `cid`=" . $fatherId) < 1) { echo "<script>alert('上级目录不存在');</script>"; } else { $infoArr['fatherid'] = $fatherId; $infoArr['name'] = $name; if (empty($cid)) { $Sql = $DB->insert_sql("`" . $table_catalog . "`", $infoArr); } else { $Sql = $DB->update_sql("`" . $table_catalog . "`", $infoArr, "`cid`=" . $cid); } if ($DB->query($Sql)) { echo "<script>alert('操作成功');top.location.reload();</script>"; } else {
<?php require dirname(__FILE__) . "/global.php"; require dirname(__FILE__) . "/class/class_Main.php"; if (isset($_GET['do'], $_POST['bar'], $_POST['intro']) && $_GET['do'] == "create") { $barName = strAddslashes(trim($_POST['bar'])); $barIntro = filterCode($_POST['intro']); if ($create_allow != 1) { echo "0 很抱歉,系统当前禁止创建新吧!"; } else { if (empty($barName) || getStrlen($barName) > 15 || !wordCheck($barName) || !filterCheck($barName)) { echo "0 很抱歉,您无权创建这个吧!换一个吧名吧 ^_^"; } else { $intro_length = getStrlen($barIntro); if ($intro_length < 10 || $intro_length > 90) { echo "0 很抱歉,该吧简介的长度不符合要求 ^_^"; } else { $DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname); $FSQL = "SELECT `fid` FROM `" . $table_forum . "` WHERE lower(`name`)='" . strtolower($barName) . "'"; $forumId = $DB->fetch_one($FSQL); if (!empty($forumId)) { if ($site_rewrite) { echo "1 ./bar-" . $forumId . "-1.html"; } else { echo "1 ./forum.php?fid=" . $forumId; } } else { $TSQL = "SELECT `fid` FROM `" . $table_temp . "` WHERE lower(`name`)='" . strtolower($barName) . "'"; $tempId = $DB->fetch_one($TSQL); if (!empty($tempId)) { echo "0 该吧已创建,正在审核中。";
die("<script>alert('站点名称不合法');</script>"); } $siteDomain = strtolower(trim($_POST['site_domain'])); if (empty($siteDomain) || substr($siteDomain, 0, 7) == "http://" || substr($siteDomain, -1) == "/") { die("<script>alert('站点域名不正确');</script>"); } $domainip2long = ip2long(gethostbyname($siteDomain)); if ($domainip2long == -1 || $domainip2long === FALSE) { die("<script>alert('域名 " . $siteDomain . " 解析尚未生效');</script>"); } $siteCatalog = stripslashes(trim($_POST['site_catalog'])); if (empty($siteCatalog) || substr($siteCatalog, -1) != "/" || strpos($siteCatalog, '"')) { die("<script>alert('安装目录不正确');</script>"); } $siteIcp = stripslashes(trim($_POST['site_icp'])); if (!empty($siteIcp) && (!wordCheck($siteIcp) || getStrlen($siteIcp) < 10)) { die("<script>alert('备案信息不正确');</script>"); } $siteRewrite = isset($_POST['site_rewrite']) ? $_POST['site_rewrite'] : 0; $siteTimezone = isset($_POST['site_timezone']) ? $_POST['site_timezone'] : "Asia/Shanghai"; $createAllow = isset($_POST['create_allow']) ? $_POST['create_allow'] : 1; $cacheLifetime = isset($_POST['cache_lifetime']) ? $_POST['cache_lifetime'] * 60 : 60; $perTopicNum = isset($_POST['per_topic_num']) ? $_POST['per_topic_num'] : 50; $perPostNum = isset($_POST['per_post_num']) ? $_POST['per_post_num'] : 30; $postAnonymous = isset($_POST['post_anonymous']) ? $_POST['post_anonymous'] : 0; $integralTopic = isset($_POST['integral_topic']) ? $_POST['integral_topic'] : 2; $integralReply = isset($_POST['integral_reply']) ? $_POST['integral_reply'] : 1; $integralElite = isset($_POST['integral_elite']) ? $_POST['integral_elite'] : 3; $config_str = "<?php"; $config_str .= "\n"; $config_str .= '$code_name = "' . $code_name . '";';