Exemple #1
0
        $conf['seo_url_rewrite'] and $seo_url and thread_read_by_seo_url($seo_url) and message(4, '自定义的 URL 已经存在,请修改。');
        // 这里可能有并发问题,seo_url 并非 UNIQUE KEY
        $gid != 1 and $message = xn_html_safe($message);
        $gid != 1 and $message = badword_filter($message, $badword);
        $message === FALSE and message(2, '内容中包含敏感关键词: ' . $badword);
        strlen($seo_url) > 128 and message(3, '自定义 URL 太长');
        mb_strlen($subject, 'UTF-8') > 128 and message(1, '标题最长80个字符');
        mb_strlen($message, 'UTF-8') > 2028000 and message(2, '内容太长');
        // 检测是否灌水
        thread_check_flood($gid, $fid, $subject) and message(1, '系统检测到您可能在灌水。');
        $thread = array('fid' => $fid, 'uid' => $uid, 'sid' => $sid, 'subject' => $subject, 'message' => $message, 'time' => $time, 'longip' => $longip, 'sid' => $sid);
        $seo_url and $thread['seo_url'] = $seo_url;
        $tid = thread_create($thread, $pid);
        $pid === FALSE and message(1, '创建帖子失败');
        $tid === FALSE and message(1, '创建主题失败');
        $conf['ipaccess_on'] and ipaccess_inc($longip, 'threads');
        if ($ajax) {
            ob_start();
            $thread = thread_read($tid);
            $threadlist = array($thread);
            include './pc/view/thread_list_body.inc.htm';
            $middle = ob_get_clean();
            message(0, $middle);
        } else {
            message(0, '发帖成功');
        }
    }
    // 处理 2.1 老版本 URL
} else {
    if ($action == 'index') {
        $tid = param(5, 0);
Exemple #2
0
    if ($isimage && $conf['tietuku_on']) {
        include './plugin/xn_tietuku/tietuku.func.php';
        $tmpfile = tempnam($conf['tmp_path'], 'tmp_');
        file_put_contents($tmpfile, $data);
        $r = tietuku_upload_file($tmpfile);
        $r === FALSE and message($errno, $errstr);
        unlink($tmpfile);
        message(0, array('url' => $r['linkurl'], 'name' => $name, 'width' => $r['width'], 'height' => $r['height']));
    }
    $day = date('Ymd', $time);
    $path = $conf['upload_path'] . 'attach/' . $day;
    $url = $conf['upload_url'] . 'attach/' . $day;
    !IN_SAE and !is_dir($path) and (mkdir($path, 0777, TRUE) or message(-2, '目录创建失败'));
    $savename = $uid . '_' . attach_safe_name($name, $allowtypes);
    $destfile = $path . '/' . $savename;
    $desturl = $url . '/' . $savename;
    attach_create(array('tid' => $tid, 'pid' => 0, 'uid' => $uid, 'filesize' => $size, 'width' => $width, 'height' => $height, 'filename' => $day . '/' . $savename, 'filetype' => $type, 'orgfilename' => $name, 'create_date' => $time, 'comment' => '', 'downloads' => '0', 'isimage' => $isimage)) or message(-1, '保存附件数据失败');
    file_put_contents($destfile, $data) or message(-1, '写入文件失败');
    $ext = file_ext($destfile);
    if ($width > 0 && $ext != 'gif') {
        image_thumb($destfile, $destfile, $width, $height);
    }
    $conf['ipaccess_on'] and ipaccess_inc($longip, 'attachs');
    $conf['ipaccess_on'] and ipaccess_inc($longip, 'attachsizes', $size);
    if ($ext == 'gif') {
        list($width, $height, $type, $attr) = getimagesize($destfile);
    }
    message(0, array('url' => $desturl, 'name' => $name, 'width' => $width, 'height' => $height));
} else {
    message(-1, '没有此功能');
}
Exemple #3
0
    $conf['ipaccess_on'] and !ipaccess_check_freq($longip) and message(0, '发送邮件比较耗费资源,请您休息一会再来。');
    $smtplist = (include './conf/smtp.conf.php');
    $n = array_rand($smtplist);
    $smtp = $smtplist[$n];
    $email = param('email');
    !is_email($email, $err) and message(1, $err);
    $r = user_read_by_email($email);
    !$r and message(1, 'Email 未被注册。');
    $rand = rand(100000, 999999);
    online_set('reset_email', $email);
    online_set('reset_verifycode', $rand);
    $subject = "重设密码验证码:{$rand} - 【{$conf['sitename']}】";
    $message = $subject;
    $r = xn_send_mail($smtp, $conf['sitename'], $email, $subject, $message);
    if ($r === TRUE) {
        $conf['ipaccess_on'] and ipaccess_inc($longip, 'mails');
        message(0, '发送成功。');
    } else {
        message(1, $errstr);
    }
    // 找回密码第3步
} elseif ($action == 'resetpw') {
    $email = online_get('reset_email');
    $verifycode = online_get('reset_verifycode');
    empty($email) || empty($verifycode) and message(0, '数据为空,请返回上一步重新填写。');
    $_user = user_read_by_email($email);
    empty($_user) and message(0, '用户不存在');
    $_uid = $_user['uid'];
    if ($method == 'GET') {
        $header['title'] = '重置密码';
        include './flarum/view/user_resetpw.htm';