} else { if ($message == '') { wapmsg('post_sm_isnull'); } if ($post_invalid = checkpost()) { wapmsg($post_invalid); } if ($formhash != formhash()) { wapmsg('wap_submit_invalid'); } if (checkflood()) { wapmsg('post_flood_ctrl'); } $pinvisible = $modnewreplies ? -2 : 0; $db->query("INSERT INTO {$tablepre}posts (fid, tid, first, author, authorid, dateline, message, useip, invisible, usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment)\r\n\t\t\t\tVALUES ('{$fid}', '{$tid}', '0', '{$discuz_user}', '{$discuz_uid}', '{$timestamp}', '{$message}', '{$onlineip}', '{$pinvisible}', '1', '0', '0', '0', '0', '0')"); $pid = $db->insert_id(); $db->query("REPLACE INTO {$tablepre}myposts (uid, tid, pid, position, dateline) VALUES ('{$discuz_uid}', '{$tid}', '{$pid}', '" . ($thread['replies'] + 1) . "', '{$timestamp}')", 'UNBUFFERED'); if ($modnewreplies) { wapmsg('post_mod_succeed', array('title' => 'post_mod_forward', 'link' => "index.php?action=forum&fid={$fid}")); } else { $db->query("UPDATE {$tablepre}threads SET lastposter='{$discuz_user}', lastpost='{$timestamp}', replies=replies+1 WHERE tid='{$tid}' AND fid='{$fid}'", 'UNBUFFERED'); updatepostcredits('+', $discuz_uid, $replycredits); $lastpost = "{$thread['tid']}\t" . addslashes($thread['subject']) . "\t{$timestamp}\t{$discuz_user}"; $db->query("UPDATE {$tablepre}forums SET lastpost='{$lastpost}', posts=posts+1, todayposts=todayposts+1 WHERE fid='{$fid}'", 'UNBUFFERED'); if ($forum['type'] == 'sub') { $db->query("UPDATE {$tablepre}forums SET lastpost='{$lastpost}' WHERE fid='{$forum['fup']}'", 'UNBUFFERED'); } wapmsg('post_newreply_succeed', array('title' => 'post_newreply_forward', 'link' => "index.php?action=thread&tid={$tid}&page=" . @ceil(($thread['replies'] + 2) / $wapppp))); } } }
function checkflood() { global $db, $tablepre, $disablepostctrl, $floodctrl, $maxpostsperhour, $discuz_uid, $timestamp, $lastpost, $forum; if (!$disablepostctrl && $discuz_uid) { $floodmsg = $floodctrl && $timestamp - $floodctrl <= $lastpost ? 'post_flood_ctrl' : ''; if (empty($floodmsg) && $maxpostsperhour) { $query = $db->query("SELECT COUNT(*) from {$tablepre}posts WHERE authorid='{$discuz_uid}' AND dateline>{$timestamp}-3600"); $floodmsg = ($userposts = $db->result($query, 0)) && $userposts >= $maxpostsperhour ? 'thread_maxpostsperhour_invalid' : ''; } if (empty($floodmsg)) { return FALSE; } elseif (CURSCRIPT != 'wap') { showmessage($floodmsg); } else { wapmsg($floodmsg); } } return FALSE; }
} else { wapmsg('undefined_action'); } } $password = md5(random(10)); $idstring = random(6); $authstr = $regverify == 1 ? "{$timestamp}\t2\t{$idstring}" : ''; $db->query("REPLACE INTO {$tablepre}members (uid, username, password, secques, gender, adminid, groupid, regip, regdate, lastvisit, lastactivity, posts, credits, extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, email, bday, sigstatus, tpp, ppp)\r\n\t\tVALUES ('{$uid}', '{$username}', '{$password}', '', '', '0', '{$groupinfo['groupid']}', '{$onlineip}', '{$timestamp}', '{$timestamp}', '{$timestamp}', '0', {$initcredits}, '{$email}', '', '', '20', '20')"); $db->query("REPLACE INTO {$tablepre}memberfields (uid, authstr) VALUES ('{$uid}', '{$authstr}')"); if ($regverify == 2) { $db->query("REPLACE INTO {$tablepre}validating (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\tVALUES ('{$uid}', '{$timestamp}', '0', '', '1', '0', '{$regmessage}', '')"); } $discuz_uid = $uid; $discuz_user = $username; $discuz_userss = stripslashes($discuz_user); $discuz_pw = $password; $groupid = $groupinfo['groupid']; $styleid = $styleid ? $styleid : $_DCACHE['settings']['styleid']; switch ($regverify) { case 1: sendmail("{$discuz_userss} <{$email}>", 'email_verify_subject', 'email_verify_message'); wapmsg('profile_email_verify'); break; case 2: wapmsg('register_manual_verify'); break; default: wapmsg('register_succeed'); break; } }
$discuz_action = 194; $do = !empty($do) && in_array($do, array('last', 'next')) ? $do : ''; if ($do == 'last') { if ($fid && $tid) { $this_lastpost = $db->result_first("SELECT lastpost FROM {$tablepre}threads WHERE tid='{$tid}' AND displayorder>='0'"); if ($next = $db->fetch_first("SELECT tid FROM {$tablepre}threads WHERE fid='{$fid}' AND displayorder>='0' AND lastpost>'{$this_lastpost}' ORDER BY lastpost ASC LIMIT 1")) { $tid = $next['tid']; header("Location: index.php?action=thread&tid={$tid}"); exit; } else { wapmsg('goto_last_nonexistence'); } } else { wapmsg('undefined_action'); } } elseif ($do == 'next') { if ($fid && $tid) { $this_lastpost = $db->result_first("SELECT lastpost FROM {$tablepre}threads WHERE tid='{$tid}' AND displayorder>='0'"); if ($last = $db->fetch_first("SELECT tid FROM {$tablepre}threads WHERE fid='{$fid}' AND displayorder>='0' AND lastpost<'{$this_lastpost}' ORDER BY lastpost DESC LIMIT 1")) { $tid = $last['tid']; header("Location: index.php?action=thread&tid={$tid}"); exit; } else { wapmsg('goto_next_nonexistence'); } } else { wapmsg('undefined_action'); } } else { echo "<p>{$lang['goto']}:<br />\n" . "<input title=\"url\" name=\"url\" type=\"text\" value=\"http://\" /><br />\n" . "<anchor title=\"{$lang['submit']}\">{$lang['submit']}<go href=\"index.php?action=goto&url=\$(url:escape)\" /></anchor></p>\n"; }
function checkflood() { global $_G; if (!$_G['group']['disablepostctrl'] && $_G['uid']) { $floodmsg = $_G['setting']['floodctrl'] && TIMESTAMP - $_G['setting']['floodctrl'] <= getuserprofile('lastpost') ? 'post_flood_ctrl' : ''; if (empty($floodmsg) && $_G['group']['maxpostsperhour']) { $userposts = getcountofposts(DB::table('forum_post'), "authorid='{$_G['uid']}' AND dateline>{$_G['timestamp']}-3600"); $floodmsg = $userposts && $userposts >= $_G['group']['maxpostsperhour'] ? 'thread_maxpostsperhour_invalid' : ''; } if (empty($floodmsg)) { return FALSE; } elseif (CURMODULE != 'wap') { showmessage($floodmsg, '', array('maxpostsperhour' => $_G['group']['maxpostsperhour'], 'floodctrl' => $_G['setting']['floodctrl'])); } else { wapmsg($floodmsg); } } return FALSE; }
@extract($member); $discuz_user = addslashes($discuz_user); dsetcookie('auth', authcode("$discuz_pw\t$discuz_secques\t$discuz_uid", 'ENCODE'), 2592000, 1, true); wapmsg('login_succeed'); } else { $errorlog = dhtmlspecialchars( $timestamp."\t". ($member['discuz_user'] ? $member['discuz_user'] : stripslashes($username))."\t". $password."\t". ($secques ? "Ques #".intval($questionid) : '')."\t". $onlineip); writelog('illegallog', $errorlog); wapmsg('login_invalid'); } } } elseif(!empty($formhash) && $formhash == FORMHASH) { $discuz_uid = 0; $discuz_user = ''; $groupid = 7; wapmsg('logout_succeed'); } ?>
$threadposts = ''; $start = isset($start) ? intval($start) : 0; $offset = isset($offset) ? intval($offset) : 0; $do = !empty($do) ? $do : ''; $thread = $db->fetch_first("SELECT * FROM {$tablepre}threads WHERE tid='{$tid}' AND displayorder>='0'"); if (!$thread) { wapmsg('thread_nonexistence'); } if ($thread['readperm'] && $thread['readperm'] > $readaccess && !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid || empty($forum['allowview']) && (!$forum['viewperm'] && !$readaccess || $forum['viewperm'] && !forumperm($forum['viewperm'])) || $forum['password'] || $forum['redirect']) { wapmsg('thread_nopermission'); } elseif ($thread['price'] > 0) { if ($maxchargespan && $timestamp - $thread['dateline'] >= $maxchargespan * 3600) { $db->query("UPDATE {$tablepre}threads SET price='0' WHERE tid='{$tid}'"); $thread['price'] = 0; } elseif (!$discuz_uid || !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid && !$db->num_rows($db->query("SELECT tid FROM {$tablepre}paymentlog WHERE tid='{$tid}' AND uid='{$discuz_uid}'"))) { wapmsg('thread_nopermission'); } } if (empty($do)) { echo "<p>{$lang['subject']}{$thread['subject']}<br />" . "{$lang['author']}<a href=\"index.php?action=my&uid={$thread['authorid']}\">{$thread['author']}</a><br />" . "{$lang['dateline']}" . gmdate("{$wapdateformat} {$timeformat}", $thread['dateline'] + $timeoffset * 3600) . "<br /><br />"; $page = max(1, intval($page)); $start_limit = $number = ($page - 1) * $wapppp; if ($page < 2) { $end_limit = $wapppp + 1; } else { $start_limit = $start_limit + 1; $end_limit = $wapppp; } $query = $db->query("SELECT * FROM {$tablepre}posts\r\n\t\tWHERE tid='{$tid}' AND invisible='0'\r\n\t\tORDER BY dateline LIMIT {$start_limit}, {$end_limit}"); while ($post = $db->fetch_array($query)) { $post['message'] = wapcode($post['message']);
} echo "<p>{$lang['my']}<br /><br />" . "{$lang['my_uid']} {$member['uid']}<br />" . "{$lang['my_username']} {$member['username']}<br />" . "{$lang['my_gender']} {$member['gender']}<br />" . ($member['bday'] != '0000-00-00' ? "{$lang['my_bday']} {$member['bday']}<br />" : '') . ($member['location'] ? "{$lang['my_location']} {$member['location']}<br />" : '') . ($member['bio'] ? "{$lang['my_bio']} {$member['bio']}<br /><br />" : ''); if ($uid == $discuz_uid) { echo "<a href=\"index.php?action=myphone\">{$lang['my_phone']}</a><br />" . "<a href=\"index.php?action=my&do=fav\">{$lang['my_favorites']}</a><br />" . "<a href=\"index.php?action=pm\">{$lang['pm']}</a></p>"; } else { echo "<br /><a href=\"index.php?action=pm&do=send&pmuid={$member['uid']}\">{$lang['pm_send']}</a></p>"; } } else { if ($do == 'fav') { if (!empty($favid)) { $selectid = $type == 'thread' ? 'tid' : 'fid'; if ($db->result_first("SELECT {$selectid} FROM {$tablepre}favorites WHERE uid='{$discuz_uid}' AND {$selectid}='{$favid}' LIMIT 1")) { wapmsg('fav_existence'); } else { $db->query("INSERT INTO {$tablepre}favorites (uid, {$selectid})\r\n\t\t\t\t\tVALUES ('{$discuz_uid}', '{$favid}')"); wapmsg('fav_add_succeed'); } } else { echo "<p>{$lang['my_threads']}<br />"; $query = $db->query("SELECT m.*, t.subject FROM {$tablepre}mythreads m, {$tablepre}threads t\r\n\t\t\t\t\tWHERE m.uid = '{$discuz_uid}' AND m.tid = t.tid ORDER BY m.dateline DESC LIMIT 0, 3"); while ($mythread = $db->fetch_array($query)) { echo "<a href=\"index.php?action=thread&tid={$mythread['tid']}\">" . cutstr($mythread['subject'], 15) . "</a><br />"; } echo "<br />{$lang['my_replies']}<br />"; $query = $db->query("SELECT m.*, t.subject FROM {$tablepre}myposts m, {$tablepre}threads t\r\n\t\t\t\t\tWHERE m.uid = '{$discuz_uid}' AND m.tid = t.tid ORDER BY m.dateline DESC LIMIT 0, 3"); while ($mypost = $db->fetch_array($query)) { echo "<a href=\"index.php?action=thread&tid={$mypost['tid']}\">" . cutstr($mypost['subject'], 15) . "</a><br />"; } echo "<br />{$lang['my_fav_thread']}<br />"; $query = $db->query("SELECT t.tid, t.subject FROM {$tablepre}favorites fav, {$tablepre}threads t\r\n\t\t\t\t\tWHERE fav.tid=t.tid AND t.displayorder>='0' AND fav.uid='{$discuz_uid}' ORDER BY t.lastpost DESC LIMIT 0, 3"); while ($favthread = $db->fetch_array($query)) {
if (preg_match("/(^{ALL}\$|(,|^)\\s*" . preg_quote($discuz_user, '/') . "\\s*(,|\$))/i", $member['ignorepm'])) { wapmsg('pm_send_ignore'); } if (empty($subject) || empty($message)) { wapmsg('pm_sm_isnull'); } $subject = wapconvert($subject); $message = wapconvert($message); $subject = dhtmlspecialchars(cutstr(trim($subject), 75)); $db->query("INSERT INTO {$tablepre}pms (msgfrom, msgfromid, msgtoid, folder, new, subject, dateline, message)\r\n\t\t\t\tVALUES('{$discuz_user}', '{$discuz_uid}', '{$member['msgtoid']}', 'inbox', '1', '{$subject}', '{$timestamp}', '{$message}')"); $db->query("UPDATE {$tablepre}members SET newpm='1' WHERE uid='{$member['msgtoid']}'", 'UNBUFFERED'); if ($floodctrl) { $db->query("UPDATE {$tablepre}members SET lastpost='{$timestamp}' WHERE uid='{$discuz_uid}'"); } wapmsg('pm_send_succeed', array('title' => 'pm_home', 'link' => "index.php?action=pm")); } } elseif ($do == 'delete') { if (!empty($pmid)) { $db->query("DELETE FROM {$tablepre}pms WHERE pmid='{$pmid}' AND msgtoid='{$discuz_uid}' AND folder='inbox'"); wapmsg('pm_delete_succeed'); } else { if (empty($confirm)) { echo "<p><a href=\"index.php?action=pm&do=delete&confirm=yes\">{$lang['pm_delete_confirm']}</a>"; } else { $db->query("DELETE FROM {$tablepre}pms WHERE new='0' AND msgtoid='{$discuz_uid}' AND folder='inbox'"); wapmsg('pm_delete_succeed'); } } } echo "<br /><br /><a href=\"index.php?action=pm\">{$lang['pm_home']}</a></p>\n"; }
while ($index = $db->fetch_array($query)) { if ($index['indexvalid'] && $index['dateline'] > $searchindex['dateline']) { $searchindex = array('id' => $index['searchid'], 'dateline' => $index['dateline']); break; } elseif ($index['flood']) { wapmsg('search_ctrl'); } } if ($searchindex['id']) { $searchid = $searchindex['id']; } else { if (empty($srchfid)) { $srchfid = 'all'; } if (!$srchtxt && !empty($srchuid) && !$srchuname && !$srchfrom) { wapmsg('search_invalid'); } if (!empty($srchfrom) && empty($srchtxt) && empty($srchuid) && empty($srchuname)) { $searchfrom = !empty($before) ? '<=' : '>='; $searchfrom .= $timestamp - $srchfrom; $sqlsrch = "FROM {$tablepre}threads t WHERE t.displayorder>='0' AND t.lastpost{$searchfrom}"; $expiration = $timestamp + $cachelife_time; $keywords = ''; } else { if (!empty($mytopics) && $srchuid) { $srchfrom = 2592000; $srchuname = $srchtxt = $before = ''; } $sqlsrch = "FROM {$tablepre}threads t WHERE t.displayorder>='0'"; if ($srchuname) { $srchuid = $comma = '';
echo "<br />[".(!$post['anonymous'] ? $post['author'].' ' : $lang['anonymous'].' ').gmdate("$wapdateformat $timeformat", $post['dateline'] + $timeoffset * 3600)."]<br />"; } echo wapmulti($thread['replies'], $wapppp, $page, "index.php?action=thread&tid=$thread[tid]"); } } elseif($do == 'reply') { $post = $db->fetch_first("SELECT * FROM {$tablepre}posts WHERE pid='$pid' AND invisible='0'"); if($post['status'] & 1) { $post['message'] = $lang['thread_banned']; } $needhiddenreply = ($hiddenreplies && $discuz_uid != $post['authorid'] && $discuz_uid != $thread['authorid'] && !$post['first'] && !$forum['ismoderator']); if($needhiddenreply) { wapmsg('message_ishidden_hiddenreplies'); } if($offset > 0) { $post['message'] = '..'.substr($post['message'], $offset - 4); } if(strlen($threadposts) + strlen($post['message']) - $wapmps > 0) { $length = $wapmps - strlen($threadposts); $post['message'] = wapcutstr($post['message'], $length); $offset += $length; $breaked = 1; } $post['author'] = !$post['anonymous'] ? $post['author'] : $lang['anonymous']; $post['message'] = wapcode($post['message']);
$Id: forum.inc.php 16688 2008-11-14 06:41:07Z cnteacher $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } $discuz_action = 192; $page = max(1, intval($page)); $start_limit = $number = ($page - 1) * $waptpp; if (!empty($fid)) { require_once DISCUZ_ROOT . './include/forum.func.php'; if (empty($forum)) { wapmsg('forum_nonexistence'); } if ($forum['viewperm'] && !forumperm($forum['viewperm']) && !$forum['allowview'] || $forum['redirect'] || $forum['password']) { wapmsg('forum_nopermission'); } echo "<p>" . strip_tags($forum['name']) . "<br />" . "<a href=\"index.php?action=post&do=newthread&fid={$forum['fid']}\">{$lang['post_new']}</a> " . "<a href=\"index.php?action=forum&do=digest&fid={$forum['fid']}\">{$lang['digest']}</a><br /><br />" . "{$lang['forum_list']} <a href=\"index.php?action=forum&fid={$forum['fid']}\">{$lang['reload']}</a><br />"; $do = !empty($do) ? 'digest' : ''; $filteradd = $do == 'digest' ? 'AND digest>\'0\'' : ''; $threadcount = $sdb->result_first("SELECT COUNT(*) FROM {$tablepre}threads WHERE fid='{$fid}' {$filteradd} AND displayorder>='0'"); $thread['prefix'] = ''; $query = $sdb->query("SELECT * FROM {$tablepre}threads\r\n\t\tWHERE fid='{$fid}' {$filteradd} AND displayorder>='0'\r\n\t\tORDER BY displayorder DESC, lastpost DESC LIMIT {$start_limit}, {$waptpp}"); while ($thread = $sdb->fetch_array($query)) { $thread['prefix'] .= $thread['displayorder'] > 0 ? $lang['forum_thread_sticky'] : ''; $thread['prefix'] .= $thread['digest'] ? $lang['forum_thread_digest'] : ''; echo "<a href=\"index.php?action=thread&tid={$thread['tid']}\">#" . ++$number . " " . cutstr($thread['subject'], 30) . "</a>{$thread['prefix']}<br />\n" . "<small>[{$thread['author']} {$lang['replies']}{$thread['replies']} {$lang['views']}{$thread['views']}]</small><br />\n"; } echo wapmulti($threadcount, $waptpp, $page, "index.php?action=forum&fid={$forum['fid']}&sid={$sid}"); if ($do != 'digest') { $subforums = '';
function formulaperm($formula, $type = 0, $wap = FALSE) { global $db, $tablepre, $_DSESSION, $extcredits, $formulamessage, $usermsg, $forum, $language, $medalstatus, $discuz_uid, $timestamp; $formula = unserialize($formula); $medalperm = $formula['medal']; $permusers = $formula['users']; $permmessage = $formula['message']; if (!$type && $medalstatus && $medalperm) { $exists = 1; $formulamessage = ''; $medalpermc = $medalperm; if ($discuz_uid) { $medals = explode("\t", $db->result_first("SELECT medals FROM {$tablepre}memberfields WHERE uid='{$discuz_uid}'")); foreach ($medalperm as $k => $medal) { foreach ($medals as $r) { list($medalid) = explode("|", $r); if ($medalid == $medal) { $exists = 0; unset($medalpermc[$k]); } } } } else { $exists = 0; } if ($medalpermc) { if (!$wap) { @(include DISCUZ_ROOT . './forumdata/cache/cache_medals.php'); foreach ($medalpermc as $medal) { if ($_DCACHE['medals'][$medal]) { $formulamessage .= '<img src="images/common/' . $_DCACHE['medals'][$medal]['image'] . '" />' . $_DCACHE['medals'][$medal]['name'] . ' '; } } showmessage('forum_permforum_nomedal', NULL, 'NOPERM'); } else { wapmsg('forum_nopermission'); } } } $formula = $formula[1]; if (!$type && ($_DSESSION['adminid'] == 1 || $forum['ismoderator'])) { return FALSE; } if (!$type && $permusers) { $permusers = str_replace(array("\r\n", "\r"), array("\n", "\n"), $permusers); $permusers = explode("\n", trim($permusers)); if (!in_array($GLOBALS['discuz_user'], $permusers)) { showmessage('forum_permforum_disallow', NULL, 'NOPERM'); } } if (!$formula) { return FALSE; } if (strexists($formula, '$memberformula[')) { preg_match_all("/\\\$memberformula\\['(\\w+?)'\\]/", $formula, $a); $fields = $profilefields = array(); $mfadd = ''; foreach ($a[1] as $field) { switch ($field) { case 'regdate': $formula = preg_replace("/\\{(\\d{4})\\-(\\d{1,2})\\-(\\d{1,2})\\}/e", "'\\1-'.sprintf('%02d', '\\2').'-'.sprintf('%02d', '\\3')", $formula); case 'regday': $fields[] = 'm.regdate'; break; case 'regip': case 'lastip': $formula = preg_replace("/\\{([\\d\\.]+?)\\}/", "'\\1'", $formula); $fields[] = 'm.' . $field; break; case substr($field, 0, 6) == 'field_': $profilefields[] = $field; case 'buyercredit': case 'sellercredit': $mfadd = "LEFT JOIN {$tablepre}memberfields mf ON m.uid=mf.uid"; $fields[] = 'mf.' . $field; break; } } $memberformula = array(); if ($discuz_uid) { $memberformula = $db->fetch_first("SELECT " . implode(',', $fields) . " FROM {$tablepre}members m {$mfadd} WHERE m.uid='{$discuz_uid}'"); if (in_array('regday', $a[1])) { $memberformula['regday'] = intval(($timestamp - $memberformula['regdate']) / 86400); } if (in_array('regdate', $a[1])) { $memberformula['regdate'] = date('Y-m-d', $memberformula['regdate']); } $memberformula['lastip'] = $memberformula['lastip'] ? $memberformula['lastip'] : $GLOBALS['onlineip']; } else { if (isset($memberformula['regip'])) { $memberformula['regip'] = $GLOBALS['onlineip']; } if (isset($memberformula['lastip'])) { $memberformula['lastip'] = $GLOBALS['onlineip']; } } } @eval("\$formulaperm = ({$formula}) ? TRUE : FALSE;"); if (!$formulaperm || $type == 2) { if (!$permmessage) { include_once language('misc'); $search = array('$memberformula[\'regdate\']', '$memberformula[\'regday\']', '$memberformula[\'regip\']', '$memberformula[\'lastip\']', '$memberformula[\'buyercredit\']', '$memberformula[\'sellercredit\']', '$_DSESSION[\'digestposts\']', '$_DSESSION[\'posts\']', '$_DSESSION[\'threads\']', '$_DSESSION[\'oltime\']', '$_DSESSION[\'pageviews\']'); $replace = array($language['formulaperm_regdate'], $language['formulaperm_regday'], $language['formulaperm_regip'], $language['formulaperm_lastip'], $language['formulaperm_buyercredit'], $language['formulaperm_sellercredit'], $language['formulaperm_digestposts'], $language['formulaperm_posts'], $language['formulaperm_threads'], $language['formulaperm_oltime'], $language['formulaperm_pageviews']); for ($i = 1; $i <= 8; $i++) { $search[] = '$_DSESSION[\'extcredits' . $i . '\']'; $replace[] = $extcredits[$i]['title'] ? $extcredits[$i]['title'] : $language['formulaperm_extcredits'] . $i; } if ($profilefields) { @(include DISCUZ_ROOT . './forumdata/cache/cache_profilefields.php'); foreach ($profilefields as $profilefield) { $search[] = '$memberformula[\'' . $profilefield . '\']'; $replace[] = !empty($_DCACHE['fields_optional'][$profilefield]) ? $_DCACHE['fields_optional'][$profilefield]['title'] : $_DCACHE['fields_required'][$profilefield]['title']; } } $i = 0; $usermsg = ''; foreach ($search as $s) { if (!in_array($s, array('$memberformula[\'regdate\']', '$memberformula[\'regip\']', '$memberformula[\'lastip\']'))) { $usermsg .= strexists($formula, $s) ? '<br /> ' . $replace[$i] . ': ' . @eval('return intval(' . $s . ');') : ''; } elseif ($s == '$memberformula[\'regdate\']') { $usermsg .= strexists($formula, $s) ? '<br /> ' . $replace[$i] . ': ' . @eval('return ' . $s . ';') : ''; } $i++; } $search = array_merge($search, array('and', 'or', '>=', '<=', '==')); $replace = array_merge($replace, array(' <b>' . $language['formulaperm_and'] . '</b> ', ' <b>' . $language['formulaperm_or'] . '</b> ', '≥', '≤', '=')); $formulamessage = str_replace($search, $replace, $formula); } else { $formulamessage = nl2br(htmlspecialchars($permmessage)); } if ($type == 1 || $type == 2) { return $formulamessage; } elseif (!$wap) { if (!$permmessage) { showmessage('forum_permforum_nopermission', NULL, 'NOPERM'); } else { showmessage('forum_permforum_nopermission_custommsg', NULL, 'NOPERM'); } } else { wapmsg('forum_nopermission'); } } return TRUE; }
function formulaperm($formula, $type = 0, $wap = FALSE) { global $_G; $formula = unserialize($formula); $medalperm = $formula['medal']; $permusers = $formula['users']; $permmessage = $formula['message']; if (!$type && $_G['setting']['medalstatus'] && $medalperm) { $exists = 1; $_G['forum_formulamessage'] = ''; $medalpermc = $medalperm; if ($_G['uid']) { $medals = explode("\t", DB::result_first("SELECT medals FROM " . DB::table('common_member_field_forum') . " WHERE uid='{$_G['uid']}'")); foreach ($medalperm as $k => $medal) { foreach ($medals as $r) { list($medalid) = explode("|", $r); if ($medalid == $medal) { $exists = 0; unset($medalpermc[$k]); } } } } else { $exists = 0; } if ($medalpermc) { if (!$wap) { loadcache('medals'); foreach ($medalpermc as $medal) { if ($_G['cache']['medals'][$medal]) { $_G['forum_formulamessage'] .= '<img src="' . STATICURL . 'image/common/' . $_G['cache']['medals'][$medal]['image'] . '" />' . $_G['cache']['medals'][$medal]['name'] . ' '; } } showmessage('forum_permforum_nomedal', NULL, array('forum_permforum_nomedal' => $_G['forum_formulamessage']), array('login' => 1)); } else { wapmsg('forum_nopermission'); } } } if ($type) { $formula = $formula['medal']; } $formulatext = $formula[0]; $formula = $formula[1]; if (!$type && ($_G['adminid'] == 1 || $_G['forum']['ismoderator'])) { return FALSE; } if (!$type && $permusers) { $permusers = str_replace(array("\r\n", "\r"), array("\n", "\n"), $permusers); $permusers = explode("\n", trim($permusers)); if (!in_array($_G['member']['username'], $permusers)) { showmessage('forum_permforum_disallow', NULL, array(), array('login' => 1)); } } if (!$formula) { return FALSE; } if (strexists($formula, '$memberformula[')) { preg_match_all("/\\\$memberformula\\['(\\w+?)'\\]/", $formula, $a); $fields = $profilefields = array(); $mfadd = array(); foreach ($a[1] as $field) { switch ($field) { case 'regdate': $formula = preg_replace("/\\{(\\d{4})\\-(\\d{1,2})\\-(\\d{1,2})\\}/e", "'\\1-'.sprintf('%02d', '\\2').'-'.sprintf('%02d', '\\3')", $formula); case 'regday': $fields[] = 'm.regdate'; break; case 'regip': case 'lastip': $formula = preg_replace("/\\{([\\d\\.]+?)\\}/", "'\\1'", $formula); $formula = preg_replace('/(\\$memberformula\\[\'(regip|lastip)\'\\])\\s*=+\\s*\'([\\d\\.]+?)\'/', "strpos(\\1, '\\3')===0", $formula); case 'buyercredit': case 'sellercredit': $mfadd['ms'] = " LEFT JOIN " . DB::table('common_member_status') . " ms ON m.uid=ms.uid"; $fields[] = 'ms.' . $field; break; case substr($field, 0, 5) == 'field': $mfadd['mp'] = " LEFT JOIN " . DB::table('common_member_profile') . " mp ON m.uid=mp.uid"; $fields[] = 'mp.field' . intval(substr($field, 5)); $profilefields[] = $field; break; } } $memberformula = array(); if ($_G['uid']) { $memberformula = DB::fetch_first("SELECT " . implode(',', $fields) . " FROM " . DB::table('common_member') . " m " . implode('', $mfadd) . " WHERE m.uid='{$_G['uid']}'"); if (in_array('regday', $a[1])) { $memberformula['regday'] = intval((TIMESTAMP - $memberformula['regdate']) / 86400); } if (in_array('regdate', $a[1])) { $memberformula['regdate'] = date('Y-m-d', $memberformula['regdate']); } $memberformula['lastip'] = $memberformula['lastip'] ? $memberformula['lastip'] : $_G['clientip']; } else { if (isset($memberformula['regip'])) { $memberformula['regip'] = $_G['clientip']; } if (isset($memberformula['lastip'])) { $memberformula['lastip'] = $_G['clientip']; } } } //print_r($formula);echo $memberformula['regip']; @eval("\$formulaperm = ({$formula}) ? TRUE : FALSE;"); if (!$formulaperm || $type == 2) { if (!$permmessage) { $language = lang('forum/misc'); $search = array('regdate', 'regday', 'regip', 'lastip', 'buyercredit', 'sellercredit', 'digestposts', 'posts', 'threads'); $replace = array($language['formulaperm_regdate'], $language['formulaperm_regday'], $language['formulaperm_regip'], $language['formulaperm_lastip'], $language['formulaperm_buyercredit'], $language['formulaperm_sellercredit'], $language['formulaperm_digestposts'], $language['formulaperm_posts'], $language['formulaperm_threads']); for ($i = 1; $i <= 8; $i++) { $search[] = 'extcredits' . $i; $replace[] = $_G['setting']['extcredits'][$i]['title'] ? $_G['setting']['extcredits'][$i]['title'] : $language['formulaperm_extcredits'] . $i; } if ($profilefields) { loadcache(array('fields_required', 'fields_optional')); foreach ($profilefields as $profilefield) { $search[] = $profilefield; $replace[] = !empty($_G['cache']['fields_optional']['field_' . $profilefield]) ? $_G['cache']['fields_optional']['field_' . $profilefield]['title'] : $_G['cache']['fields_required']['field_' . $profilefield]['title']; } } $i = 0; $_G['forum_usermsg'] = ''; foreach ($search as $s) { if (in_array($s, array('digestposts', 'posts', 'threads', 'extcredits1', 'extcredits2', 'extcredits3', 'extcredits4', 'extcredits5', 'extcredits6', 'extcredits7', 'extcredits8'))) { $_G['forum_usermsg'] .= strexists($formulatext, $s) ? '<br /> ' . $replace[$i] . ': ' . @eval('return intval(getuserprofile(\'' . $s . '\'));') : ''; } elseif (in_array($s, array('regdate', 'regip'))) { $_G['forum_usermsg'] .= strexists($formulatext, $s) ? '<br /> ' . $replace[$i] . ': ' . @eval('return $memberformula[\'' . $s . '\'];') : ''; } $i++; } $search = array_merge($search, array('and', 'or', '>=', '<=', '==')); $replace = array_merge($replace, array(' <b>' . $language['formulaperm_and'] . '</b> ', ' <b>' . $language['formulaperm_or'] . '</b> ', '≥', '≤', '=')); $_G['forum_formulamessage'] = str_replace($search, $replace, $formulatext); } else { $_G['forum_formulamessage'] = $permmessage; } if ($type == 1 || $type == 2) { return $_G['forum_formulamessage']; } elseif (!$wap) { if (!$permmessage) { showmessage('forum_permforum_nopermission', NULL, array('formulamessage' => $_G['forum_formulamessage'], 'usermsg' => $_G['forum_usermsg']), array('login' => 1)); } else { showmessage('forum_permforum_nopermission_custommsg', NULL, array('formulamessage' => $_G['forum_formulamessage']), array('login' => 1)); } } else { wapmsg('forum_nopermission'); } } return TRUE; }
$db->query("INSERT INTO {$tablepre}regips (ip, count, dateline)\r\n\t\t\t\tVALUES ('{$onlineip}', '1', '{$timestamp}')"); } } $password = md5($password); $idstring = random(6); $authstr = $regverify == 1 ? "{$timestamp}\t2\t{$idstring}" : ''; $db->query("INSERT INTO {$tablepre}members (username, password, secques, gender, adminid, groupid, regip, regdate, lastvisit, lastactivity, posts, credits, extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, email, bday, sigstatus, tpp, ppp)\r\n\t\tVALUES ('{$username}', '{$password}', '', '', '0', '{$groupinfo['groupid']}', '{$onlineip}', '{$timestamp}', '{$timestamp}', '{$timestamp}', '0', {$initcredits}, '{$email}', '', '', '20', '20')"); $uid = $db->insert_id(); $db->query("REPLACE INTO {$tablepre}memberfields (uid, authstr) VALUES ('{$uid}', '{$authstr}')"); if ($regverify == 2) { $db->query("REPLACE INTO {$tablepre}validating (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\tVALUES ('{$uid}', '{$timestamp}', '0', '', '1', '0', '{$regmessage}', '')"); } $discuz_uid = $uid; $discuz_user = $username; $discuz_userss = stripslashes($discuz_user); $discuz_pw = $password; $groupid = $groupinfo['groupid']; $styleid = $styleid ? $styleid : $_DCACHE['settings']['styleid']; switch ($regverify) { case 1: sendmail("{$discuz_userss} <{$email}>", 'email_verify_subject', 'email_verify_message'); wapmsg('profile_email_verify'); break; case 2: wapmsg('register_manual_verify', array('title' => 'memcp', 'link' => 'memcp.php')); break; default: wapmsg('register_succeed', array('title' => 'home_page', 'link' => 'index.php')); break; } }