/**
* 是否有群管理权限
* return bool
*/
function getIfadmin()
{
global $windid, $SYSTEM, $manager, $groupid;
/*关联版块权限*/
$rForumAdmin = false;
if ($SYSTEM['forumcolonyright'] && $this->info['classid'] > 0) {
if ($groupid == 5) {
L::loadClass('forum', 'forum', false);
$rForum = new PwForum($this->info['classid']);
$rForumAdmin = $rForum->isBM($windid);
} else {
$rForumAdmin = true;
}
}
/* end */
return $rForumAdmin || $this->info['ifadmin'] == '1' || $this->info['admin'] == $windid || S::inArray($windid, $manager) || $SYSTEM['colonyright'];
}
<?php
!defined('P_W') && exit('Forbidden');
InitGP(array('id'), null, 2);
InitGP(array('record'));
$rt = $db->get_one("SELECT tid,fid FROM pw_pinglog WHERE ifhide=0 AND id=" . S::sqlEscape($id));
if (empty($rt) || !$rt['fid']) {
Showmsg('data_error');
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($rt['fid']);
$isGM = CkInArray($windid, $manager);
if (!$isGM && !pwRights($pwforum->isBM($windid), 'pingcp', $rt['fid'])) {
Showmsg('mawhole_right');
}
//$db->update("UPDATE pw_pinglog SET record=" . S::sqlEscape($record) . " WHERE id=" . S::sqlEscape($id));
pwQuery::update('pw_pinglog', 'id=:id', array($id), array('record' => $record));
echo "success";
# memcache reflesh
if ($db_memcache) {
//* $threads = L::loadClass('Threads', 'forum');
//* $threads->delThreads($rt['tid']);
Perf::gatherInfo('changeThreadWithThreadIds', array('tid' => $rt['tid']));
}
ajax_footer();
}
$foruminfo =& $pwforum->foruminfo;
$forumset =& $pwforum->forumset;
if (!S::inArray($windid, $manager)) {
$pwforum->forumcheck($winddb, $groupid);
}
if (!$foruminfo['allowvisit'] && $_G['allowread'] == 0 && $_COOKIE) {
Showmsg('read_group_right');
}
/**************************************/
//帖子浏览及管理权限
$isGM = $isBM = $admincheck = $managecheck = $pwPostHide = $pwSellHide = $pwEncodeHide = 0;
$pwSystem = array();
if ($groupid != 'guest') {
$isGM = S::inArray($windid, $manager);
$isBM = $pwforum->isBM($windid);
$admincheck = $isGM || $isBM ? 1 : 0;
if (!$isGM) {
#非创始人权限获取
$pwSystem = pwRights($isBM);
if ($pwSystem && ($pwSystem['tpccheck'] || $pwSystem['digestadmin'] || $pwSystem['lockadmin'] || $pwSystem['pushadmin'] || $pwSystem['coloradmin'] || $pwSystem['downadmin'] || $pwSystem['delatc'] || $pwSystem['moveatc'] || $pwSystem['copyatc'] || $pwSystem['topped'] || $pwSystem['unite'] || $pwSystem['pingcp'] || $pwSystem['areapush'] || $pwSystem['split'])) {
$managecheck = 1;
}
$pwPostHide = $pwSystem['posthide'];
$pwSellHide = $pwSystem['sellhide'];
$pwEncodeHide = $pwSystem['encodehide'];
} else {
$managecheck = $pwPostHide = $pwSellHide = $pwEncodeHide = 1;
}
}
//版块查看权限
function sendPost($tid, $uid, $title, $content)
{
global $winddb, $winduid, $windid, $groupid, $fid, $timestamp, $pwforum, $pwpost, $_G, $db_uploadfiletype, $uploadcredit, $uploadmoney, $manager, $isBM, $_time;
$timestamp = time();
$_time = array('hours' => get_date($timestamp, 'G'), 'day' => get_date($timestamp, 'j'), 'week' => get_date($timestamp, 'w'));
list($uid, $tid, $title, $content) = array(intval($uid), intval($tid), trim($title), trim($content));
if ($uid < 1 || $tid < 1 || !$content) {
return $this->buildResponse(THREAD_INVALID_PARAMS);
}
ACloud_Sys_Core_Common::setGlobal('customized_current_uid', $uid);
$user = $this->getCurrentUser();
if (!$user->isLogin()) {
return $this->buildResponse(USER_NOT_LOGIN);
}
if ($user->groupid == 6 || getstatus($user->info['userstatus'], PW_USERSTATUS_BANUSER)) {
return $this->buildResponse(THREAD_USER_NOT_RIGHT);
}
$user->initRight();
$winduid = $user->uid;
$groupid = $user->groupid;
$windid = $user->username;
$winddb = $user->info;
$_G = $user->_G;
if ($_G['postlimit'] && $winddb['todaypost'] >= $_G['postlimit']) {
return $this->buildResponse(POST_GP_LIMIT);
}
$tpcarray = $GLOBALS['db']->get_one("SELECT t.tid,t.fid,t.locked,t.ifcheck,t.author,t.authorid,t.postdate,t.lastpost,t.ifmail,t.special,t.subject,t.type,t.ifshield,t.anonymous,t.ptable,t.replies,t.tpcstatus FROM pw_threads t WHERE t.tid=" . pwEscape($tid));
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($tpcarray['fid']);
if (!$pwforum->isForum()) {
return $this->buildResponse(THREAD_FORUM_NOT_EXIST);
}
$fid = $tpcarray['fid'];
$isBM = $pwforum->isBM($windid);
$isGM = S::inArray($windid, $manager);
if (!$isGM && $tpcarray['locked'] % 3 != 0 && !pwRights($isBM, 'replylock')) {
return $this->buildResponse(THREAD_LOCKED);
}
L::loadClass('post', 'forum', false);
require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.bbscode.php';
$pwpost = new PwPost($pwforum);
$pwpost->errMode = true;
$pwpost->forumcheck();
$pwpost->postcheck();
L::loadClass('replypost', 'forum', false);
$replypost = new replyPost($pwpost);
$replypost->setTpc($tpcarray);
$replypost->check();
$pw_posts = GetPtable($replypost->tpcArr['ptable']);
$postdata = new replyPostData($pwpost);
$postdata->setTitle($title);
$postdata->setContent($content);
$postdata->conentCheck();
if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) {
return $this->buildResponse(THREAD_SYSTEM_ERROR, $msg);
}
require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.attupload.php';
if (PwUpload::getUploadNum()) {
$_G['uploadtype'] && ($db_uploadfiletype = $_G['uploadtype']);
$db_uploadfiletype = !empty($db_uploadfiletype) ? is_array($db_uploadfiletype) ? $db_uploadfiletype : unserialize($db_uploadfiletype) : array();
$postdata->att = new AttUpload($user->uid);
$return = $postdata->att->check();
if ($return) {
$msginfo = getLangInfo('msg', $return);
return $this->errMessage(THREAD_USER_NOT_RIGHT, $msginfo);
}
list($windVersion) = explode(',', WIND_VERSION);
if ($windVersion && $windVersion < '8.5') {
$postdata->att->transfer();
PwUpload::upload($postdata->att);
}
}
$replypost->execute($postdata);
$pid = $replypost->getNewId();
return $this->buildResponse(0, array('pid' => $pid));
}
function _checkForum()
{
$this->tid = $this->attach['tid'];
$thread = $this->_db->get_one("SELECT fid,tpcstatus,ifcheck FROM pw_threads WHERE tid=" . S::sqlEscape($this->tid, false));
if (getstatus($thread['tpcstatus'], 1) && !$thread['fid'] && $thread['ifcheck'] == '2') {
return true;
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($thread['fid']);
if (!$pwforum->isForum()) {
return 'forum_purview_erro';
//读取数据错误,原因:您要访问的链接无效,可能链接不完整,或数据已被删除!
}
if ($pwforum->foruminfo['f_type'] == 'former' && $this->groupid == 'guest' && $_COOKIE) {
return 'forum_purview_erro';
//本版块为正规版块,只有注册会员才能进入!
}
if (!empty($pwforum->foruminfo['style']) && file_exists(D_P . "data/style/{$pwforum->foruminfo[style]}.php")) {
$GLOBALS['skin'] = $pwforum->foruminfo['style'];
}
$pwdcheck = GetCookie('pwdcheck');
if ($pwforum->foruminfo['password'] != '' && ($groupid == 'guest' || $pwdcheck[$pwforum->fid] != $pwforum->foruminfo['password'] && !S::inArray($this->user['username'], $GLOBALS['manager']))) {
require_once R_P . 'require/forumpw.php';
}
if (!$pwforum->allowvisit($this->user, $this->groupid)) {
return 'forum_purview_erro';
//对不起,本版块为认证版块,您没有权限查看此版块的内容!
}
if (!$pwforum->foruminfo['cms'] && $pwforum->foruminfo['f_type'] == 'hidden' && !$pwforum->foruminfo['allowvisit']) {
return 'forum_purview_erro';
//本版块为隐藏版块,您无权进入!
}
$this->foruminfo =& $pwforum->foruminfo;
$this->admincheck = $this->groupid == '3' || $pwforum->isBM($this->username) ? 1 : 0;
if (!$this->admincheck && !$pwforum->allowdownload($this->user, $this->groupid)) {
//版块权限判断
return 'forum_purview_erro';
//对不起,本版块只有特定用户可以下载附件,请返回
}
if (!$this->foruminfo['allowdownload'] && $this->_G['allowdownload'] == 0 && !$this->admincheck) {
//用户组权限判断
return 'forum_purview_erro';
//用户组权限:你所属的用户组没有下载附件的权限
}
return true;
}
function _checkForum($fid)
{
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($fid);
if (!$pwforum->isForum()) {
return 'data_error';
}
$pwforum->forumcheck($this->user, $this->groupid);
$this->foruminfo =& $pwforum->foruminfo;
$isBM = $pwforum->isBM($this->username);
$this->admincheck = $this->isGM || pwRights($isBM, 'delattach', $fid) ? 1 : 0;
return true;
}
function _getPermission()
{
global $windid;
$isGM = $this->isGM();
if ($isGM) {
return true;
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($this->fid);
$isBM = $pwforum->isBM($windid);
return $isBM ? true : false;
}
<?php
!defined('P_W') && exit('Forbidden');
S::gp(array('tid', 'fid', 'article', 'pid'), 'GP', 2);
if ($tid < 1 || $fid < 1) {
quickPostMessage('undefined_action');
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($fid);
if (!$pwforum->isForum()) {
quickPostMessage('data_error');
}
list($isGM, $isBM, $forumset, $foruminfo) = array(S::inArray($windid, $manager), $pwforum->isBM($windid), $pwforum->forumset, $pwforum->foruminfo);
$cacheService = Perf::gatherCache('pw_threads');
$read = $cacheService->getThreadAndTmsgByThreadId($tid);
if (!$read) {
quickPostMessage('illegal_tid');
}
list($tpc_locked, $admincheck) = array($read['locked'] % 3 != 0 ? 1 : 0, $isGM || $isBM ? 1 : 0);
//实名认证权限
if ($db_authstate && !$admincheck && $forumset['auth_allowrp'] && true !== ($authMessage = $pwforum->authStatus($winddb['userstatus'], $forumset['auth_logicalmethod']))) {
quickPostMessage($authMessage . '_rp');
}
//quote required
require_once R_P . 'require/bbscode.php';
if ($article == '0') {
$atcarray = $read;
$userservice = L::loadClass('userservice', 'user');
$userinfo = $userservice->get($read['authorid']);
$userinfo && ($atcarray = array_merge($atcarray, $userinfo));
} else {
function _checkForum()
{
$this->tid = $this->attach['tid'];
$thread = $this->_db->get_one("SELECT fid,tpcstatus,ifcheck FROM pw_threads WHERE tid=" . S::sqlEscape($this->tid, false));
if (getstatus($thread['tpcstatus'], 1) && !$thread['fid'] && $thread['ifcheck'] == '2') {
return true;
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($thread['fid']);
if (!$pwforum->isForum()) {
return 'data_error';
}
$pwforum->forumcheck($this->user, $this->groupid);
$this->foruminfo =& $pwforum->foruminfo;
$this->admincheck = $this->groupid == '3' || $pwforum->isBM($this->username) ? 1 : 0;
$forumset = $this->foruminfo['forumset'];
list($this->uploadcredit, , $this->downloadmoney, ) = explode("\t", $forumset['uploadset']);
if (!$this->admincheck && !$pwforum->allowdownload($this->user, $this->groupid)) {
//版块权限判断
return 'job_attach_forum';
}
if ($this->groupid == 'guest' && $this->_G['allowdownload'] == 0) {
return 'download_not_login';
}
if (!$this->foruminfo['allowdownload'] && $this->_G['allowdownload'] == 0 && !$this->admincheck) {
//用户组权限判断
return 'job_attach_group';
}
return true;
}
function isEditAttachRight($aid, $tid)
{
global $isGM, $winduid;
$aid = intval($aid);
$tid = intval($tid);
if ($aid < 1 || $tid < 1) {
return false;
}
$threadsService = L::loadClass('threads', 'forum');
$read = $threadsService->getByThreadId($tid);
if (!$read) {
return false;
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($read['fid']);
if (!$pwforum->isForum()) {
return false;
}
$isBM = $pwforum->isBM($windid);
return $isGM || $isBM || $read['authorid'] == $winduid ? true : false;
}