function wap_check($fid, $action)
{
global $db, $groupid, $_G, $_time, $db_titlemax, $db_postmin, $db_postmax, $subject, $content;
$subject = trim($subject);
$content = trim($content);
if ($action == 'new' && (!$subject || strlen($subject) > $db_titlemax)) {
wap_msg('subject_limit');
}
if (strlen($content) >= $db_postmax || strlen($content) < $db_postmin) {
wap_msg('content_limit');
}
$fm = $db->get_one("SELECT f.forumadmin,f.fupadmin,f.password,f.allowvisit,f.f_type,f.f_check,f.allowpost,f.allowrp,fe.forumset FROM pw_forums f LEFT JOIN pw_forumsextra fe USING(fid) WHERE f.fid=" . pwEscape($fid));
$forumset = unserialize($fm['forumset']);
if (!$fm || $fm['password'] != '' || $fm['f_type'] == 'hidden' || $fm['allowvisit'] && @strpos($fm['allowvisit'], ",{$groupid},") === false) {
wap_msg('post_right');
}
if ($action == 'new') {
$isGM = CkInArray($GLOBALS['windid'], $GLOBALS['manager']);
$isBM = admincheck($fm['forumadmin'], $fm['fupadmin'], $GLOBALS['windid']);
if ($fm['f_check'] == '1' || $fm['f_check'] == '3') {
wap_msg('post_right');
}
if ($fm['allowpost'] && strpos($fm['allowpost'], ",{$groupid},") === false) {
wap_msg('post_right');
}
if (!$fm['allowpost'] && $_G['allowpost'] == 0) {
wap_msg('post_group');
}
if ($forumset['allowtime'] && !$isGM && !allowcheck($forumset['allowtime'], "{$_time['hours']}", '') && !pwRights($isBM, 'allowtime')) {
wap_msg('post_right');
}
} elseif ($action == 'reply') {
if ($fm['f_check'] == '2' || $fm['f_check'] == '3') {
wap_msg('reply_right');
}
if ($fm['allowrp'] && strpos($fm['allowrp'], ",{$groupid},") === false) {
wap_msg('reply_right');
}
if (!$fm['allowrp'] && $_G['allowrp'] == 0) {
wap_msg('reply_group');
}
}
}
<?php
!defined('P_W') && exit('Forbidden');
!$winduid && Showmsg('undefined_action');
require_once R_P . 'require/forum.php';
S::gp(array('ifmsg', 'type'));
$rt = $db->get_one('SELECT r.*,t.fid,t.author,t.authorid,t.postdate,t.fid,t.subject,t.ptable,t.special,t.state,f.forumadmin,f.fupadmin FROM pw_reward r LEFT JOIN pw_threads t ON r.tid=t.tid LEFT JOIN pw_forums f ON t.fid=f.fid WHERE r.tid=' . S::sqlEscape($tid));
if (empty($rt) || $rt['special'] != 3 || $rt['state'] != 0) {
Showmsg('illegal_tid');
}
$fid = $rt['fid'];
$authorid = $rt['authorid'];
$author = $rt['author'];
$pw_posts = GetPtable($rt['ptable']);
if ($groupid != '3' && $groupid != '4' && !admincheck($rt['forumadmin'], $rt['fupadmin'], $windid)) {
Showmsg('mawhole_right');
}
if (empty($_POST['step'])) {
require_once R_P . 'require/header.php';
require_once PrintEot('reward');
footer();
} else {
PostCheck();
require_once R_P . 'require/credit.php';
//* include_once pwCache::getPath(D_P . 'data/bbscache/forum_cache.php');
pwCache::getData(D_P . 'data/bbscache/forum_cache.php');
if ($type == '1') {
//$db->update("UPDATE pw_threads SET state='2' WHERE tid=" . S::sqlEscape($tid));
pwQuery::update('pw_threads', 'tid=:tid', array($tid), array('state' => 2));
$credit->addLog('reward_return', array($rt['cbtype'] => $rt['cbval'] * 2), array('uid' => $authorid, 'username' => $author, 'ip' => $onlineip, 'fname' => $forum[$fid]['name']));
$credit->set($authorid, $rt['cbtype'], $rt['cbval'] * 2);
function checkpass($CK)
{
Add_S($CK);
global $db, $manager, $db_ifsafecv, $db_gdcheck;
if ($_POST['Login_f'] == 1 && $db_gdcheck & 32) {
GdConfirm($_POST['lg_num']);
}
if (CkInArray($CK[1], $manager)) {
global $manager_pwd;
$v_key = array_search($CK[1], $manager);
if (!SafeCheck($CK, PwdCode($manager_pwd[$v_key]))) {
$rt = $db->get_one("SELECT uid,username,groupid,groups,password,safecv FROM pw_members WHERE username="******"SELECT m.uid,m.username,m.groupid,m.groups,m.password,m.safecv,m.groupid,u.gptype,p.rvalue as allowadmincp FROM pw_members m LEFT JOIN pw_usergroups u ON u.gid=m.groupid LEFT JOIN pw_permission p ON p.uid='0' AND p.fid='0' AND p.gid=m.groupid AND p.rkey='allowadmincp' WHERE m.username=" . pwEscape($CK[1]));
if (!$rt['allowadmincp'] || $rt['gptype'] != 'system' && $rt['gptype'] != 'special' || $db_ifsafecv && $rt['safecv'] != $CK['3']) {
return false;
}
if (!SafeCheck($CK, PwdCode($rt['password'])) || !admincheck($rt['uid'], $CK[1], $rt['groupid'], $rt['groups'], 'check')) {
return false;
}
$rightset = $db->get_value('SELECT value FROM pw_adminset WHERE gid=' . pwEscape($rt['groupid']));
if ($rightset) {
if (!is_array($rightset = unserialize($rightset))) {
$rightset = array();
}
} else {
$rightset = array();
}
require GetLang('purview');
foreach ($rightset as $key => $value) {
$rightset[$key] = isset($purview[$key]) && $rightset[$key] == 1 ? 1 : 0;
}
$rightset['gid'] = $rt['groupid'];
}
return $rightset;
}
$groups = explode(",", $members);
$groups = array_unique($groups);
$uids = $memberdb = array();
foreach ($groups as $value) {
if ($value) {
$member = $userService->getByUserName($value);
if (!$member['uid']) {
$errorname = $value;
adminmsg('user_not_exists');
} elseif ($member['groupid'] != '-1') {
adminmsg('member_only');
}
$uids[] = $member['uid'];
$memberdb[] = $member;
}
}
!$uids && adminmsg('operate_fail');
$gids = array();
$query = $db->query("SELECT gid FROM pw_usergroups WHERE gptype IN ('system','special','default') AND gid NOT IN (1,2,5)");
while ($rt = $db->fetch_array($query)) {
$gids[] = $rt['gid'];
}
if (in_array($gid, $gids)) {
foreach ($memberdb as $member) {
admincheck($member['uid'], $member['username'], $gid, $member['groups'], 'update');
}
}
$uids && $userService->updates($uids, array('groupid' => $gid));
adminmsg('operate_success');
}
}
function delforum($fid)
{
global $db, $db_guestdir, $db_guestthread, $db_guestread;
$foruminfo = $db->get_one("SELECT fid,fup,forumadmin FROM pw_forums WHERE fid=" . S::sqlEscape($fid));
//$db->update("DELETE FROM pw_forums WHERE fid=".S::sqlEscape($fid));
pwQuery::delete('pw_forums', 'fid=:fid', array($fid));
//* $db->update("DELETE FROM pw_forumdata WHERE fid=".S::sqlEscape($fid));
pwQuery::delete('pw_forumdata', 'fid=:fid', array($fid));
$db->update("DELETE FROM pw_forumsextra WHERE fid=" . S::sqlEscape($fid));
$db->update("DELETE FROM pw_permission WHERE fid>'0' AND fid=" . S::sqlEscape($fid));
if ($foruminfo['forumadmin']) {
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$forumadmin = explode(",", $foruminfo['forumadmin']);
foreach ($forumadmin as $key => $value) {
if ($value) {
$gid = $userService->getByUserName($value);
if ($gid['groupid'] == 5 && !ifadmin($value)) {
$userService->update($gid['uid'], array('groupid' => -1));
admincheck($gid['uid'], $value, $gid['groupid'], '', 'delete');
}
}
}
}
if ($db_guestthread || $db_guestread) {
require_once R_P . 'require/guestfunc.php';
$db_guestthread && deldir(D_P . "{$db_guestdir}/T_{$fid}");
}
//* P_unlink(D_P."data/forums/fid_{$fid}.php");
pwCache::deleteData(D_P . "data/forums/fid_{$fid}.php");
require_once R_P . 'require/functions.php';
require_once R_P . 'require/updateforum.php';
$pw_attachs = L::loadDB('attachs', 'forum');
$ttable_a = $ptable_a = array();
$query = $db->query("SELECT tid,replies,ptable FROM pw_threads WHERE fid=" . S::sqlEscape($fid));
while ($tpc = $db->fetch_array($query)) {
$tid = $tpc['tid'];
$ttable_a[GetTtable($tid)][] = $tid;
$ptable_a[$tpc['ptable']] = 1;
$db_guestread && clearguestcache($tid, $tpc['replies']);
if ($attachdb = $pw_attachs->getByTid($tid)) {
delete_att($attachdb);
}
}
pwFtpClose($GLOBALS['ftp']);
foreach ($ttable_a as $pw_tmsgs => $val) {
//* $val = S::sqlImplode($val,false);
//* $db->update("DELETE FROM $pw_tmsgs WHERE tid IN($val)");
pwQuery::delete($pw_tmsgs, 'tid IN(:tid)', array($val));
}
# $db->update("DELETE FROM pw_threads WHERE fid=".S::sqlEscape($fid));
# ThreadManager
//* $threadManager = L::loadClass("threadmanager", 'forum');
//* $threadManager->deleteByForumId($fid);
$threadService = L::loadclass('threads', 'forum');
$threadService->deleteByForumId($fid);
//* Perf::gatherInfo('changeThreadWithForumIds', array('fid'=>$fid));
foreach ($ptable_a as $key => $val) {
$pw_posts = GetPtable($key);
//$db->update("DELETE FROM $pw_posts WHERE fid=".S::sqlEscape($fid));
pwQuery::delete($pw_posts, 'fid=:fid', array($fid));
}
updateforum($foruminfo['fup']);
}
$gids[] = $gid;
$glist[] = $gid;
}
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$query = $db->query("SELECT uid,username,groupid,groups FROM pw_members WHERE groupid<>'-1'");
while (@extract($db->fetch_array($query))) {
$username = addslashes($username);
if (!in_array($groupid, $gids)) {
$userService->update($uid, array('groupid' => -1));
//* $_cache->delete('UID_'.$uid);
if ($groups == '') {
admincheck($uid, $username, $groupid, $groups, 'delete');
}
} else {
admincheck($uid, $username, $groupid, $groups, 'update');
}
}
$db->update("DELETE FROM pw_administrators WHERE groupid NOT IN(" . S::sqlImplode($glist, false) . ") AND groups=''");
adminmsg('operate_success');
} elseif ($action == 'appcount') {
$pwServer['REQUEST_METHOD'] != 'POST' && PostCheck($verify);
S::gp(array('step', 'percount'));
!$step && ($step = 1);
!$percount && ($percount = 300);
$start = ($step - 1) * $percount;
$next = $start + $percount;
$step++;
$j_url = "{$basename}&action={$action}&step={$step}&percount={$percount}";
$goon = 0;
$query = $db->query("SELECT uid,username FROM pw_members WHERE uid>" . S::sqlEscape($start) . " AND uid <= " . S::sqlEscape($next));
adminmsg('manager_right');
}
if (ifadmin($oldinfo['username']) && $groupid != '5' && strpos($newgroups, ',5,') === false) {
if (strpos($oldinfo['groups'], ',5,') !== false) {
adminmsg('setuser_forumadmin');
} else {
$newgroups .= $newgroups ? '5,' : ',5,';
}
} elseif (!ifadmin($oldinfo['username']) && ($groupid == '5' || strpos($newgroups, ',5,') !== false)) {
adminmsg('setuser_forumadmin');
}
$newgroups == ',' && ($newgroups = '');
if ($groupid != '-1' || $newgroups) {
admincheck($uid, $username, $groupid, $newgroups, 'update');
} elseif ($oldinfo['groupid'] != '-1' || $oldinfo['groups']) {
admincheck($uid, $username, $groupid, $newgroups, 'delete');
}
$newgroups != $oldinfo['groups'] && ($upmembers['groups'] = $newgroups);
/*
list($iconurl,$icontype,$iconwidth,$iconheight,$iconfile,$iconpig,$ifhavasmallicon) = showfacedesign(addslashes($oldinfo['icon']),true);
if ($facetype == 2) {
if (substr($_POST['i_http'],0,4) != 'http' || strrpos($_POST['i_http'],'|') !== false) {
adminmsg('illegal_customimg');
}
$icontype == 3 && DelIcon($iconfile);
$i_w = (int)$_POST['i_w'];
$i_h = (int)$_POST['i_h'];
$iconfile = $_POST['i_http'];
list($iconwidth,$iconheight) = getfacelen($i_w,$i_h);
} elseif ($facetype == 3 && $delupload) {
DelIcon($delupload);
}
if ($groupid == '3' && !If_manager) {
adminmsg('manager_right');
}
$register = L::loadClass('Register', 'user');
$register->setField('username', $username);
$register->setField('password', $password);
$register->setField('email', $email);
$register->setField('groupid', $groupid);
$register->setField('yz', 1);
$register->execute();
$customfieldService = L::loadClass('CustomerFieldService', 'user');
/* @var $customfieldService PW_CustomerFieldService */
$customfieldService->saveRegisterCustomerData();
if ($groupid != '-1') {
admincheck($register->uid, $username, $groupid, '', 'update');
}
adminmsg('operate_success');
} else {
initGroupOptions();
include PrintEot('usermanage');
exit;
}
} elseif ($adminitem == 'usertitle') {
//头衔管理
if ($action == 'groups') {
S::gp(array('groupid', 'schname'), 'P');
$sql = is_numeric($groupid) ? "a.groups LIKE '%,{$groupid},%'" : "a.groups!=''";
$schname = trim($schname);
if ($schname != '') {
if (strpos($schname, '*') !== false) {
function pwUpdateManager($username, $password)
{
global $db;
$rt = $db->get_one('SELECT uid,groups FROM pw_members WHERE username='******'uid']) {
global $timestamp, $onlineip;
$db->update('INSERT INTO pw_members' . ' SET ' . pwSqlSingle(array('username' => $username, 'password' => $password, 'groupid' => 3, 'regdate' => $timestamp)));
$rt['uid'] = $db->insert_id();
$db->update('INSERT INTO pw_memberdata' . ' SET ' . pwSqlSingle(array('uid' => $rt['uid'], 'postnum' => 0, 'lastvisit' => $timestamp, 'thisvisit' => $timestamp, 'onlineip' => $onlineip)));
} else {
$db->update('UPDATE pw_members SET password='******'3' WHERE uid=" . pwEscape($rt['uid']));
}
admincheck($rt['uid'], $username, '3', $rt['groups'], 'update');
}
function pwUpdateManager($username, $password)
{
global $db;
$userService = L::loadclass('UserService', 'user');
/* @var $userService PW_UserService */
$rt = $userService->getByUserName($username);
if (!$rt['uid']) {
global $timestamp, $onlineip;
$mainFields = array('username' => $username, 'password' => $password, 'groupid' => 3, 'memberid' => 8, 'regdate' => $timestamp);
$memberDataFields = array('postnum' => 0, 'lastvisit' => $timestamp, 'thisvisit' => $timestamp, 'onlineip' => $onlineip);
$userService->add($mainFields, $memberDataFields);
} else {
$userService->update($rt['uid'], array('groupid' => 3, 'password' => $password));
}
admincheck($rt['uid'], $username, '3', $rt['groups'], 'update');
}
while ($forum = $db->fetch_array($query1)) {
if ($forum['forumadmin'] && strpos($forum['forumadmin'], ",{$rt['username']},") !== false) {
$newadmin = str_replace(",{$rt['username']},", ',', $forum['forumadmin']);
$newadmin == ',' && ($newadmin = '');
$db->update("UPDATE pw_forums SET forumadmin='{$newadmin}' WHERE fid='{$forum['fid']}'");
}
}
$updatecache_fd = 1;
}
$newgroups == ',' && ($newgroups = '');
$db->update("UPDATE pw_members SET groupid=" . pwEscape($newgid, false) . ',groups=' . pwEscape($newgroups, false) . "WHERE uid=" . pwEscape($rt['uid']));
$db->update("DELETE FROM pw_extragroups WHERE uid=" . pwEscape($rt['uid'], false) . 'AND gid=' . pwEscape($rt['gid'], false));
if ($newgid == '-1' && $newgroups == '') {
admincheck($rt['uid'], $rt['username'], $newgid, $newgroups, 'delete');
} else {
admincheck($rt['uid'], $rt['username'], $newgid, $newgroups, 'update');
}
continue;
}
if ($rt['gid'] != $rt['groupid'] && strpos($rt['groups'], "," . $rt['gid'] . ",") === false) {
$db->update("DELETE FROM pw_extragroups WHERE uid=" . pwEscape($rt['uid'], false) . 'AND gid=' . pwEscape($rt['gid'], false));
continue;
}
$rt['startdate'] = get_date($rt['startdate']);
$rt['slevel'] = $ltitle[$rt['gid']];
$rt['tolevel'] = $ltitle[$rt['togid']];
$memberdb[] = $rt;
}
$updatecache_fd && updatecache_fd();
include PrintEot('uptime');
exit;
}
wind_forumcheck($foruminfo);
$foruminfo['topic'] = $db->get_value("SELECT topic FROM pw_forumdata WHERE fid=" . S::sqlEscape($fid));
$forumset = $foruminfo['forumset'];
$forumname = strip_tags($foruminfo['name']);
if ($forumset['link']) {
$flink = str_replace("&", "&", $forumset['link']);
ObHeader($flink);
}
//SEO setting
$_seo = array('title' => $foruminfo['title'], 'metaDescription' => $foruminfo['metadescrip'], 'metaKeywords' => $foruminfo['keywords']);
bbsSeoSettings('thread', $_seo, $foruminfo['name']);
if ($groupid != 3 && !$foruminfo['allowvisit'] && !admincheck($foruminfo['forumadmin'], $foruminfo['fupadmin'], $windid)) {
forum_creditcheck();
}
if ($groupid != 3 && $foruminfo['forumsell'] && !admincheck($foruminfo['forumadmin'], $foruminfo['fupadmin'], $windid)) {
forum_sell($fid);
}
$db_perpage = 100;
$db_maxpage && $page > $db_maxpage && ($page = $db_maxpage);
(!is_numeric($page) || $page < 1) && ($page = 1);
if ($page > 1) {
$start_limit = ($page - 1) * $db_perpage;
} else {
$start_limit = 0;
$page = 1;
}
$startid = $start_limit + 1;
$count = $foruminfo['topic'];
$numofpage = ceil($count / $db_perpage);
if ($numofpage && $page > $numofpage) {
/**
* 返回报名列表管理/浏览权限
* @param int $authorid 发起人id
* @return bool
* @access private
*/
function getAdminRight($authorid)
{
global $groupid, $manager, $foruminfo, $windid;
$isGM = S::inArray($windid, $manager);
//是否是创始人
$isBM = admincheck($foruminfo['forumadmin'], $foruminfo['fupadmin'], $windid);
//是否有管理权限
if (!$isGM) {
#非创始人权限获取
$pwSystem = pwRights($isBM);
if ($pwSystem && $pwSystem['activitylist']) {
$isBM = 1;
} else {
$isBM = 0;
}
}
if ($groupid == 3 || $isGM || $isBM || $authorid == $this->winduid) {
return true;
}
return false;
}
$reason_a = explode("\n", $db_adminreason);
foreach ($reason_a as $k => $v) {
if ($v = trim($v)) {
$reason_sel .= "<option value=\"{$v}\">{$v}</option>";
} else {
$reason_sel .= "<option value=\"\">-------</option>";
}
}
$rt['leaveword'] = str_replace(' ', ' ', $rt['leaveword']);
require_once PrintEot('ajax');
ajax_footer();
} else {
PostCheck();
S::gp(array('pid', 'atc_content', 'ifmsg'), 'P');
$tpc = $db->get_one("SELECT t.authorid,t.ptable,f.forumadmin,f.fupadmin FROM pw_threads t LEFT JOIN pw_forums f USING(fid) WHERE t.tid=" . S::sqlEscape($tid));
if ($tpc['authorid'] != $winduid && !S::inArray($windid, $manager) && !admincheck($tpc['forumadmin'], $tpc['fupadmin'], $windid)) {
Showmsg('leaveword_error');
}
require_once R_P . 'require/bbscode.php';
$atc_content = str_replace('=', '=', $atc_content);
$ptable = $tpc['ptable'];
$content = convert($atc_content, $db_windpost);
//$sqladd = $atc_content == $content ? '' : ",ifconvert='2'";
$_tmp = array();
$_tmp['leaveword'] = $atc_content;
$atc_content != $content && ($_tmp['ifconvert'] = 2);
$pw_posts = GetPtable($ptable);
if ($ifmsg && !empty($atc_content)) {
//* include_once pwCache::getPath(D_P . 'data/bbscache/forum_cache.php');
pwCache::getData(D_P . 'data/bbscache/forum_cache.php');
$atc = $db->get_one("SELECT author,fid,subject,content,postdate FROM {$pw_posts} WHERE pid=" . S::sqlEscape($pid) . ' AND tid=' . S::sqlEscape($tid));
function getThreadLevel($type, $fid)
{
if (!in_array($type, array('thread', 'special'))) {
return array('', '', '');
}
global $windid, $manager, $SYSTEM;
/* thread level */
$isGM = S::inArray($windid, $manager);
$isGM ? $admincheck = 1 : 0;
if (!$admincheck && $fid) {
$_forumsService = L::loadClass('forums', 'forum');
$foruminfo = $_forumsService->getForum($fid);
$isBM = admincheck($foruminfo['forumadmin'], $foruminfo['fupadmin'], $windid);
$pwSystem = pwRights($isBM, false, $fid);
if ($pwSystem && ($pwSystem['tpccheck'] || $pwSystem['digestadmin'] || $pwSystem['lockadmin'] || $pwSystem['pushadmin'] || $pwSystem['coloradmin'] || $pwSystem['downadmin'] || $pwSystem['delatc'] || $pwSystem['moveatc'] || $pwSystem['copyatc'] || $pwSystem['topped'])) {
$admincheck = 1;
}
}
$superdelete = $SYSTEM['superright'] && $SYSTEM['delatc'] ? true : false;
$superedit = $SYSTEM['superright'] && $SYSTEM['deltpcs'] ? true : false;
return array($admincheck, $superdelete, $superedit);
}
if ($action) {
!$fid && Showmsg('data_error');
if (!($forums = L::forum($fid))) {
Showmsg('data_error');
}
(!$forums || $forums['type'] == 'category') && Showmsg('data_error');
$isBM = admincheck($forums['forumadmin'], $forums['fupadmin'], $windid);
if (!in_array($groupid, array('3', '4')) && !$isBM) {
Showmsg('not_forumadmin');
}
$forumset = $forums['forumset'];
$first_admin = $db_adminset && strpos($forums['forumadmin'], ',' . $windid . ',') === 0 ? 1 : 0;
} else {
$query = $db->query("SELECT fid,forumadmin,fupadmin FROM pw_forums WHERE cms=0 AND type!='category'");
while ($rt = $db->fetch_array($query)) {
if (in_array($groupid, array('3', '4')) || admincheck($rt['forumadmin'], $rt['fupadmin'], $windid)) {
$fiddb[] = $rt['fid'];
}
}
!$fiddb && Showmsg('not_forumadmin');
}
require_once R_P . 'require/header.php';
if (!$action) {
$forum_name = '';
$fids = pwImplode($fiddb);
$froumdb = array();
$query = $db->query("SELECT * FROM pw_forums f LEFT JOIN pw_forumdata fd USING(fid) WHERE f.fid IN({$fids})");
while ($rt = $db->fetch_array($query)) {
$forumdb[] = $rt;
}
$i = count($forumdb);
function updateadmin()
{
global $db;
$f_admin = array();
$query = $db->query("SELECT forumadmin FROM pw_forums");
while ($forum = $db->fetch_array($query)) {
$adminarray = explode(",", $forum['forumadmin']);
foreach ($adminarray as $key => $value) {
$value = trim($value);
if ($value) {
$f_admin[] = $value;
}
}
}
$f_admin = array_unique($f_admin);
$query = $db->query("SELECT uid,username,groupid,groups FROM pw_administrators WHERE groupid=5 OR groups LIKE '%,5,%'");
while ($rt = $db->fetch_array($query)) {
if (!in_array($rt['username'], $f_admin)) {
if ($rt['groupid'] == '5') {
$db->update("UPDATE pw_members SET groupid='-1' WHERE uid='{$rt['uid']}'");
$rt['groupid'] = -1;
} else {
$rt['groups'] = str_replace(',5,', ',', $rt['groups']);
$rt['groups'] == ',' && ($rt['groups'] = '');
$db->update("UPDATE pw_members SET groups='{$rt['groups']}' WHERE uid='{$rt['uid']}'");
}
if ($rt['groupid'] == '-1' && $rt['groups'] == '') {
admincheck($rt['uid'], $rt['username'], $rt['groupid'], $rt['groups'], 'delete');
} else {
admincheck($rt['uid'], $rt['username'], $rt['groupid'], $rt['groups'], 'update');
}
}
}
if ($f_admin) {
$usernames = pwImplode($f_admin);
$pwSQL = array();
$query = $db->query("SELECT m.uid,m.username,m.groupid,m.groups,a.groupid AS gid,a.groups AS gps FROM pw_members m LEFT JOIN pw_administrators a ON m.uid=a.uid WHERE m.username IN({$usernames})");
while ($rt = $db->fetch_array($query)) {
if ($rt['groupid'] == '-1') {
$rt['groups'] = str_replace(',5,', ',', $rt['groups']);
$rt['groups'] == ',' && ($rt['groups'] = '');
$db->update("UPDATE pw_members SET groupid='5',groups=" . pwEscape($rt['groups']) . ' WHERE uid=' . pwEscape($rt['uid']));
$rt['groupid'] = 5;
} elseif ($rt['groupid'] != '5' && strpos($rt['groups'], ',5,') === false) {
$rt['groups'] = $rt['groups'] ? $rt['groups'] . '5,' : ",5,";
$db->update("UPDATE pw_members SET groups=" . pwEscape($rt['groups']) . ' WHERE uid=' . pwEscape($rt['uid']));
}
if ($rt['groupid'] != $rt['gid'] || $rt['groups'] != $rt['gps']) {
$pwSQL[] = array($rt['uid'], $rt['username'], $rt['groupid'], $rt['groups']);
}
}
if ($pwSQL) {
$db->update("REPLACE INTO pw_administrators (uid,username,groupid,groups) VALUES " . pwSqlMulti($pwSQL));
}
}
}
}
}
define('FX', 1);
}
if (!($foruminfo = L::forum($fid))) {
$foruminfo = $db->get_one("SELECT f.*,fe.creditset,fe.forumset,fe.commend FROM pw_forums f LEFT JOIN pw_forumsextra fe ON f.fid=fe.fid WHERE f.fid=" . pwEscape($fid));
if ($foruminfo) {
$foruminfo['creditset'] = unserialize($foruminfo['creditset']);
$foruminfo['forumset'] = unserialize($foruminfo['forumset']);
$foruminfo['commend'] = unserialize($foruminfo['commend']);
}
}
!$foruminfo && wap_msg('data_error', $basename);
require_once R_P . 'require/forum.php';
wind_forumcheck($foruminfo);
if ($groupid == '3' || admincheck($foruminfo['forumadmin'], $foruminfo['fupadmin'], $windid)) {
#获取管理权限
$admincheck = 1;
} else {
$admincheck = 0;
}
if ($foruminfo['allowdownload'] && !allowcheck($foruminfo['allowdownload'], $groupid, $winddb['groups']) && !$admincheck) {
#版块权限判断
wap_msg('job_attach_forum', $basename);
}
if (!$foruminfo['allowdownload'] && $_G['allowdownload'] == 0 && !$admincheck) {
#用户组权限判断
wap_msg('job_attach_group', $basename);
}
if (!$attach_url && !$db_ftpweb && !is_readable("{$attachdir}/" . $attach['attachurl'])) {
wap_msg('job_attach_error', $basename);
$showfield = array();
$custominfo = $db_union[7] ? (array) unserialize($db_union[7]) : array();
foreach ($custominfo as $key => $val) {
if (substr($val[3], 2, 1) == '1') {
$showfield[] = $key;
}
}
!empty($showfield) && ($fieldinfo .= ',mi.customdata');
$fieldinfo && ($tableinfo = 'LEFT JOIN pw_memberinfo mi ON mi.uid=m.uid');
/**************************************/
//帖子浏览及管理权限
$isGM = $isBM = $admincheck = $managecheck = $pwPostHide = $pwSellHide = $pwEncodeHide = 0;
$pwSystem = array();
if ($groupid != 'guest') {
$isGM = S::inArray($windid, $manager);
$isBM = admincheck($foruminfo['forumadmin'], $foruminfo['fupadmin'], $windid);
$admincheck = $isGM || $isBM ? 1 : 0;
if (!$isGM) {
#非创始人权限获取
$pwSystem = pwRights($isBM);
if ($pwSystem && ($pwSystem['tpccheck'] || $pwSystem['digestadmin'] || $pwSystem['lockadmin'] || $pwSystem['pushadmin'] || $pwSystem['coloradmin'] || $pwSystem['downadmin'] || $pwSystem['delatc'] || $pwSystem['moveatc'] || $pwSystem['copyatc'] || $pwSystem['topped'] || $pwSystem['unite'] || $pwSystem['pingcp'] || $pwSystem['areapush'])) {
$managecheck = 1;
}
$pwPostHide = $pwSystem['posthide'];
$pwSellHide = $pwSystem['sellhide'];
$pwEncodeHide = $pwSystem['encodehide'];
} else {
$managecheck = $pwPostHide = $pwSellHide = $pwEncodeHide = 1;
}
}
//版块查看权限
$sql->query("UPDATE `announcements` SET `forum`='{$mergeid}' WHERE `forum`='{$id}'") or die(mysql_error());
$sql->query("DELETE FROM `forummods` WHERE `forum`='{$id}'") or die(mysql_error());
$sql->query("DELETE FROM `forums` WHERE `id`='{$id}'") or die(mysql_error());
$lastthread = $sql->fetchq("SELECT * FROM `threads` WHERE `forum`='{$mergeid}' ORDER BY `lastpostdate` DESC LIMIT 1");
$sql->query("UPDATE `forums` SET\r\n\t\t`numthreads`=`numthreads`+'{$counts['numthreads']}',\r\n\t\t`numposts`=`numposts`+'{$counts['numposts']}',\r\n\t\t`lastpostdate`='{$lastthread['lastpostdate']}',\r\n\t\t`lastpostuser`='{$lastthread['lastposter']}',\r\n\t\t`lastpostid`='{$lastthread['id']}'\r\n\tWHERE `id`='{$mergeid}'") or die(mysql_error());
if (isset($_GET['preview'])) {
$prevtext = "preview=" . $_GET['preview'];
}
trigger_error("DELETED forum ID {$id}; merged into forum ID {$mergeid}", E_USER_NOTICE);
header("Location: ?{$prevtext}");
die;
}
$windowtitle = "Editing Forum List";
require_once 'lib/layout.php';
print "{$header}<br>";
admincheck();
print adminlinkbar('admin-editforums.php');
foreach ($pwlnames as $pwl => $pwlname) {
if ($pwl < 0) {
continue;
}
$powers[] = $pwlname;
}
$powers[] = '[no access]';
$pollstyles = array(-2 => 'Disallowed', -1 => 'Normal', 0 => 'Force Regular', 1 => 'Force Influence');
if (isset($_GET['delete'])) {
$forum = intval($_GET['delete']);
$forums[-1] = "Choose a forum to merge into...";
$forumquery = $sql->query("SELECT id,title FROM forums ORDER BY catid,forder");
while ($f = $sql->fetch($forumquery, MYSQL_ASSOC)) {
$forums[$f['id']] = $f['title'];
