$conf['seo_url_rewrite'] and $seo_url and thread_read_by_seo_url($seo_url) and message(4, '自定义的 URL 已经存在,请修改。'); // 这里可能有并发问题,seo_url 并非 UNIQUE KEY $gid != 1 and $message = xn_html_safe($message); $gid != 1 and $message = badword_filter($message, $badword); $message === FALSE and message(2, '内容中包含敏感关键词: ' . $badword); strlen($seo_url) > 128 and message(3, '自定义 URL 太长'); mb_strlen($subject, 'UTF-8') > 128 and message(1, '标题最长80个字符'); mb_strlen($message, 'UTF-8') > 2028000 and message(2, '内容太长'); // 检测是否灌水 thread_check_flood($gid, $fid, $subject) and message(1, '系统检测到您可能在灌水。'); $thread = array('fid' => $fid, 'uid' => $uid, 'sid' => $sid, 'subject' => $subject, 'message' => $message, 'time' => $time, 'longip' => $longip, 'sid' => $sid); $seo_url and $thread['seo_url'] = $seo_url; $tid = thread_create($thread, $pid); $pid === FALSE and message(1, '创建帖子失败'); $tid === FALSE and message(1, '创建主题失败'); $conf['ipaccess_on'] and ipaccess_inc($longip, 'threads'); if ($ajax) { ob_start(); $thread = thread_read($tid); $threadlist = array($thread); include './pc/view/thread_list_body.inc.htm'; $middle = ob_get_clean(); message(0, $middle); } else { message(0, '发帖成功'); } } // 处理 2.1 老版本 URL } else { if ($action == 'index') { $tid = param(5, 0);
if ($isimage && $conf['tietuku_on']) { include './plugin/xn_tietuku/tietuku.func.php'; $tmpfile = tempnam($conf['tmp_path'], 'tmp_'); file_put_contents($tmpfile, $data); $r = tietuku_upload_file($tmpfile); $r === FALSE and message($errno, $errstr); unlink($tmpfile); message(0, array('url' => $r['linkurl'], 'name' => $name, 'width' => $r['width'], 'height' => $r['height'])); } $day = date('Ymd', $time); $path = $conf['upload_path'] . 'attach/' . $day; $url = $conf['upload_url'] . 'attach/' . $day; !IN_SAE and !is_dir($path) and (mkdir($path, 0777, TRUE) or message(-2, '目录创建失败')); $savename = $uid . '_' . attach_safe_name($name, $allowtypes); $destfile = $path . '/' . $savename; $desturl = $url . '/' . $savename; attach_create(array('tid' => $tid, 'pid' => 0, 'uid' => $uid, 'filesize' => $size, 'width' => $width, 'height' => $height, 'filename' => $day . '/' . $savename, 'filetype' => $type, 'orgfilename' => $name, 'create_date' => $time, 'comment' => '', 'downloads' => '0', 'isimage' => $isimage)) or message(-1, '保存附件数据失败'); file_put_contents($destfile, $data) or message(-1, '写入文件失败'); $ext = file_ext($destfile); if ($width > 0 && $ext != 'gif') { image_thumb($destfile, $destfile, $width, $height); } $conf['ipaccess_on'] and ipaccess_inc($longip, 'attachs'); $conf['ipaccess_on'] and ipaccess_inc($longip, 'attachsizes', $size); if ($ext == 'gif') { list($width, $height, $type, $attr) = getimagesize($destfile); } message(0, array('url' => $desturl, 'name' => $name, 'width' => $width, 'height' => $height)); } else { message(-1, '没有此功能'); }
$conf['ipaccess_on'] and !ipaccess_check_freq($longip) and message(0, '发送邮件比较耗费资源,请您休息一会再来。'); $smtplist = (include './conf/smtp.conf.php'); $n = array_rand($smtplist); $smtp = $smtplist[$n]; $email = param('email'); !is_email($email, $err) and message(1, $err); $r = user_read_by_email($email); !$r and message(1, 'Email 未被注册。'); $rand = rand(100000, 999999); online_set('reset_email', $email); online_set('reset_verifycode', $rand); $subject = "重设密码验证码:{$rand} - 【{$conf['sitename']}】"; $message = $subject; $r = xn_send_mail($smtp, $conf['sitename'], $email, $subject, $message); if ($r === TRUE) { $conf['ipaccess_on'] and ipaccess_inc($longip, 'mails'); message(0, '发送成功。'); } else { message(1, $errstr); } // 找回密码第3步 } elseif ($action == 'resetpw') { $email = online_get('reset_email'); $verifycode = online_get('reset_verifycode'); empty($email) || empty($verifycode) and message(0, '数据为空,请返回上一步重新填写。'); $_user = user_read_by_email($email); empty($_user) and message(0, '用户不存在'); $_uid = $_user['uid']; if ($method == 'GET') { $header['title'] = '重置密码'; include './flarum/view/user_resetpw.htm';