$conf['seo_url_rewrite'] and $seo_url and thread_read_by_seo_url($seo_url) and message(4, '自定义的 URL 已经存在,请修改。');
// 这里可能有并发问题,seo_url 并非 UNIQUE KEY
$gid != 1 and $message = xn_html_safe($message);
$gid != 1 and $message = badword_filter($message, $badword);
$message === FALSE and message(2, '内容中包含敏感关键词: ' . $badword);
strlen($seo_url) > 128 and message(3, '自定义 URL 太长');
mb_strlen($subject, 'UTF-8') > 128 and message(1, '标题最长80个字符');
mb_strlen($message, 'UTF-8') > 2028000 and message(2, '内容太长');
// 检测是否灌水
thread_check_flood($gid, $fid, $subject) and message(1, '系统检测到您可能在灌水。');
$thread = array('fid' => $fid, 'uid' => $uid, 'sid' => $sid, 'subject' => $subject, 'message' => $message, 'time' => $time, 'longip' => $longip, 'sid' => $sid);
$seo_url and $thread['seo_url'] = $seo_url;
$tid = thread_create($thread, $pid);
$pid === FALSE and message(1, '创建帖子失败');
$tid === FALSE and message(1, '创建主题失败');
$conf['ipaccess_on'] and ipaccess_inc($longip, 'threads');
if ($ajax) {
ob_start();
$thread = thread_read($tid);
$threadlist = array($thread);
include './pc/view/thread_list_body.inc.htm';
$middle = ob_get_clean();
message(0, $middle);
} else {
message(0, '发帖成功');
}
}
// 处理 2.1 老版本 URL
} else {
if ($action == 'index') {
$tid = param(5, 0);
if ($isimage && $conf['tietuku_on']) {
include './plugin/xn_tietuku/tietuku.func.php';
$tmpfile = tempnam($conf['tmp_path'], 'tmp_');
file_put_contents($tmpfile, $data);
$r = tietuku_upload_file($tmpfile);
$r === FALSE and message($errno, $errstr);
unlink($tmpfile);
message(0, array('url' => $r['linkurl'], 'name' => $name, 'width' => $r['width'], 'height' => $r['height']));
}
$day = date('Ymd', $time);
$path = $conf['upload_path'] . 'attach/' . $day;
$url = $conf['upload_url'] . 'attach/' . $day;
!IN_SAE and !is_dir($path) and (mkdir($path, 0777, TRUE) or message(-2, '目录创建失败'));
$savename = $uid . '_' . attach_safe_name($name, $allowtypes);
$destfile = $path . '/' . $savename;
$desturl = $url . '/' . $savename;
attach_create(array('tid' => $tid, 'pid' => 0, 'uid' => $uid, 'filesize' => $size, 'width' => $width, 'height' => $height, 'filename' => $day . '/' . $savename, 'filetype' => $type, 'orgfilename' => $name, 'create_date' => $time, 'comment' => '', 'downloads' => '0', 'isimage' => $isimage)) or message(-1, '保存附件数据失败');
file_put_contents($destfile, $data) or message(-1, '写入文件失败');
$ext = file_ext($destfile);
if ($width > 0 && $ext != 'gif') {
image_thumb($destfile, $destfile, $width, $height);
}
$conf['ipaccess_on'] and ipaccess_inc($longip, 'attachs');
$conf['ipaccess_on'] and ipaccess_inc($longip, 'attachsizes', $size);
if ($ext == 'gif') {
list($width, $height, $type, $attr) = getimagesize($destfile);
}
message(0, array('url' => $desturl, 'name' => $name, 'width' => $width, 'height' => $height));
} else {
message(-1, '没有此功能');
}
$conf['ipaccess_on'] and !ipaccess_check_freq($longip) and message(0, '发送邮件比较耗费资源,请您休息一会再来。');
$smtplist = (include './conf/smtp.conf.php');
$n = array_rand($smtplist);
$smtp = $smtplist[$n];
$email = param('email');
!is_email($email, $err) and message(1, $err);
$r = user_read_by_email($email);
!$r and message(1, 'Email 未被注册。');
$rand = rand(100000, 999999);
online_set('reset_email', $email);
online_set('reset_verifycode', $rand);
$subject = "重设密码验证码:{$rand} - 【{$conf['sitename']}】";
$message = $subject;
$r = xn_send_mail($smtp, $conf['sitename'], $email, $subject, $message);
if ($r === TRUE) {
$conf['ipaccess_on'] and ipaccess_inc($longip, 'mails');
message(0, '发送成功。');
} else {
message(1, $errstr);
}
// 找回密码第3步
} elseif ($action == 'resetpw') {
$email = online_get('reset_email');
$verifycode = online_get('reset_verifycode');
empty($email) || empty($verifycode) and message(0, '数据为空,请返回上一步重新填写。');
$_user = user_read_by_email($email);
empty($_user) and message(0, '用户不存在');
$_uid = $_user['uid'];
if ($method == 'GET') {
$header['title'] = '重置密码';
include './flarum/view/user_resetpw.htm';
