function getPost($tid, $sort, $offset, $limit) { global $db_postmin, $db_postmax, $foruminfo, $fid, $pwforum; list($tid, $offset, $limit) = array(intval($tid), intval($offset), intval($limit)); if ($tid < 1) { return $this->buildResponse(THREAD_INVALID_PARAMS); } $threadInfo = $GLOBALS['db']->get_one("SELECT * FROM pw_threads WHERE tid=" . S::sqlEscape($tid) . " AND ifcheck = 1 AND fid != 0"); if (!S::isArray($threadInfo)) { return $this->buildResponse(THREAD_NOT_EXIST); } $user = $this->getCurrentUser(); $user->init(array('reply')); $user->initRight(); $this->getCustomizedCommonService()->getReadRight($user); L::loadClass('forum', 'forum', false); $pwforum = new PwForum($threadInfo['fid']); if (!$pwforum->isForum(true)) { return $this->buildResponse(THREAD_FORUM_NOT_EXIST); } $fid = $pwforum->fid; $foruminfo = $pwforum->foruminfo; $pwforum->forumcheck($user->info, $user->groupid); $pwforum->creditcheck($user->info, $user->groupid); if (!$user->allowcheck($pwforum->foruminfo['allowread']) && !$pwforum->isBM($user->username)) { return $this->buildResponse(THREAD_ALLOW_READ); } if ($threadInfo['ifcheck'] == 0 && $user->username != $threadInfo['author'] && !$user->getSystemRight('viewcheck')) { return $this->buildResponse(THREAD_READ_CHECK); } if ($threadInfo['locked'] % 3 == 2 && !$user->getSystemRight('viewclose')) { return $this->buildResponse(THREAD_READ_LOCKED); } $return = $_pids = array(); $pw_posts = $this->getCustomizedCommonService()->getPtable($tid); $return['count'] = $GLOBALS['db']->get_value("SELECT count(*) FROM {$pw_posts} WHERE tid=" . S::sqlEscape($tid) . " AND ifcheck='1'"); $comments = $this->_getreplys($tid, $offset, $limit, $sort); foreach ($comments as $key => $value) { $value['aid'] && ($_pids[$value['pid']] = $value['pid']); } $_attachList = array(); if ($_pids) { $query = $GLOBALS['db']->query('SELECT * FROM pw_attachs WHERE tid=' . pwEscape($tid) . " AND pid IN (" . pwImplode($_pids) . ")"); while ($rt = $GLOBALS['db']->fetch_array($query)) { $_attachList[$rt['pid']][] = $rt; } } $return['posts'] = array(); foreach ($comments as $key => $value) { $value['content'] = $this->getCustomizedCommonService()->clearHtmlTag($value['content'], '<br>'); $value['content'] = $this->getCustomizedCommonService()->parseEmotionInContent($value['content']); $value['attachlist'] = array_merge($value['attachlist'], $this->getCustomizedCommonService()->getAttachWithThumblist($_attachList[$value['pid']])); $this->getCustomizedCommonService()->clearAttachSign($_attachList[$value['pid']], &$value['content']); $return['posts'][] = $value; } return $this->buildResponse(0, $return); }
} } else { $read = $db->get_one("SELECT t.* ,tm.* FROM pw_threads t LEFT JOIN " . S::sqlMetadata(GetTtable($tid)) . " tm ON t.tid=tm.tid WHERE t.tid=" . S::sqlEscape($tid)); } !$read && Showmsg('illegal_tid'); $postdate = get_date($read['postdate'], 'Y-m-d'); list($fid, $ptable, $ifcheck, $openIndex, $topped_count, $subject, $authorid, $author) = array($read['fid'], $read['ptable'], $read['ifcheck'], getstatus($read['tpcstatus'], 2), $read['topreplays'], $read['subject'], $read['authorid'], $read['author']); $pw_posts = GetPtable($ptable); $pwforum = new PwForum($fid); if (!$pwforum->isForum()) { Showmsg('data_error'); } $foruminfo =& $pwforum->foruminfo; $forumset =& $pwforum->forumset; if (!S::inArray($windid, $manager)) { $pwforum->forumcheck($winddb, $groupid); } if (!$foruminfo['allowvisit'] && $_G['allowread'] == 0 && $_COOKIE) { Showmsg('read_group_right'); } /**************************************/ //帖子浏览及管理权限 $isGM = $isBM = $admincheck = $managecheck = $pwPostHide = $pwSellHide = $pwEncodeHide = 0; $pwSystem = array(); if ($groupid != 'guest') { $isGM = S::inArray($windid, $manager); $isBM = $pwforum->isBM($windid); $admincheck = $isGM || $isBM ? 1 : 0; if (!$isGM) { #非创始人权限获取 $pwSystem = pwRights($isBM);
function _checkForum($fid) { L::loadClass('forum', 'forum', false); $pwforum = new PwForum($fid); if (!$pwforum->isForum()) { return 'data_error'; } $pwforum->forumcheck($this->user, $this->groupid); $this->foruminfo =& $pwforum->foruminfo; $isBM = $pwforum->isBM($this->username); $this->admincheck = $this->isGM || pwRights($isBM, 'delattach', $fid) ? 1 : 0; return true; }
function _checkForum() { $this->tid = $this->attach['tid']; $thread = $this->_db->get_one("SELECT fid,tpcstatus,ifcheck FROM pw_threads WHERE tid=" . S::sqlEscape($this->tid, false)); if (getstatus($thread['tpcstatus'], 1) && !$thread['fid'] && $thread['ifcheck'] == '2') { return true; } L::loadClass('forum', 'forum', false); $pwforum = new PwForum($thread['fid']); if (!$pwforum->isForum()) { return 'data_error'; } $pwforum->forumcheck($this->user, $this->groupid); $this->foruminfo =& $pwforum->foruminfo; $this->admincheck = $this->groupid == '3' || $pwforum->isBM($this->username) ? 1 : 0; $forumset = $this->foruminfo['forumset']; list($this->uploadcredit, , $this->downloadmoney, ) = explode("\t", $forumset['uploadset']); if (!$this->admincheck && !$pwforum->allowdownload($this->user, $this->groupid)) { //版块权限判断 return 'job_attach_forum'; } if ($this->groupid == 'guest' && $this->_G['allowdownload'] == 0) { return 'download_not_login'; } if (!$this->foruminfo['allowdownload'] && $this->_G['allowdownload'] == 0 && !$this->admincheck) { //用户组权限判断 return 'job_attach_group'; } return true; }