function readForum($uid, $fid) { list($uid, $fid) = array(intval($uid), intval($fid)); if ($uid < 1 || $fid < 1) { return $this->buildResponse(PERMISSIONS_INVALID_PARAMS); } $userInfo = $GLOBALS['db']->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.email,m.bday,m.oicq,m.groupid,m.memberid,m.groups,m.icon,m.regdate,m.honor,m.timedf, m.style,m.datefm,m.t_num,m.p_num,m.yz,m.newpm,m.userstatus,m.shortcut,m.medals,md.lastmsg,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.thisvisit,md.onlinetime,md.lastpost,md.todaypost,md.monthpost,md.onlineip,md.uploadtime,md.uploadnum,md.starttime,md.pwdctime,md.monoltime,md.digests,md.f_num,md.creditpop,md.jobnum,md.lastgrab,md.follows,md.fans,md.newfans,md.newreferto,md.newcomment,md.postcheck FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid WHERE m.uid=" . S::sqlEscape($uid) . " AND m.groupid<>'0' AND md.uid IS NOT NULL"); if (!S::isArray($userInfo)) { return $this->buildResponse(PERMISSIONS_USER_NOT_EXISTS); } $groupId = $userInfo['groupid'] == -1 ? $userInfo['memberid'] : $userInfo['groupid']; L::loadClass('forum', 'forum', false); $pwforum = new PwForum($fid); $code = !$pwforum->allowvisit($userInfo, $groupId) ? 500 : 0; return $this->buildResponse($code); }
function _checkForum() { $this->tid = $this->attach['tid']; $thread = $this->_db->get_one("SELECT fid,tpcstatus,ifcheck FROM pw_threads WHERE tid=" . S::sqlEscape($this->tid, false)); if (getstatus($thread['tpcstatus'], 1) && !$thread['fid'] && $thread['ifcheck'] == '2') { return true; } L::loadClass('forum', 'forum', false); $pwforum = new PwForum($thread['fid']); if (!$pwforum->isForum()) { return 'forum_purview_erro'; //读取数据错误,原因:您要访问的链接无效,可能链接不完整,或数据已被删除! } if ($pwforum->foruminfo['f_type'] == 'former' && $this->groupid == 'guest' && $_COOKIE) { return 'forum_purview_erro'; //本版块为正规版块,只有注册会员才能进入! } if (!empty($pwforum->foruminfo['style']) && file_exists(D_P . "data/style/{$pwforum->foruminfo[style]}.php")) { $GLOBALS['skin'] = $pwforum->foruminfo['style']; } $pwdcheck = GetCookie('pwdcheck'); if ($pwforum->foruminfo['password'] != '' && ($groupid == 'guest' || $pwdcheck[$pwforum->fid] != $pwforum->foruminfo['password'] && !S::inArray($this->user['username'], $GLOBALS['manager']))) { require_once R_P . 'require/forumpw.php'; } if (!$pwforum->allowvisit($this->user, $this->groupid)) { return 'forum_purview_erro'; //对不起,本版块为认证版块,您没有权限查看此版块的内容! } if (!$pwforum->foruminfo['cms'] && $pwforum->foruminfo['f_type'] == 'hidden' && !$pwforum->foruminfo['allowvisit']) { return 'forum_purview_erro'; //本版块为隐藏版块,您无权进入! } $this->foruminfo =& $pwforum->foruminfo; $this->admincheck = $this->groupid == '3' || $pwforum->isBM($this->username) ? 1 : 0; if (!$this->admincheck && !$pwforum->allowdownload($this->user, $this->groupid)) { //版块权限判断 return 'forum_purview_erro'; //对不起,本版块只有特定用户可以下载附件,请返回 } if (!$this->foruminfo['allowdownload'] && $this->_G['allowdownload'] == 0 && !$this->admincheck) { //用户组权限判断 return 'forum_purview_erro'; //用户组权限:你所属的用户组没有下载附件的权限 } return true; }