<?php require "www2-funcs.php"; login_init(); bbs_session_modify_user_mode(BBS_MODE_MAIL); assert_login(); mailbox_header("阅读信件"); if (isset($_GET["path"])) { $mail_path = $_GET["path"]; $mail_title = $_GET["title"]; } else { $mail_path = ".DIR"; //default is .DIR $mail_title = "收件箱"; } if (isset($_GET["start"])) { $start = $_GET["start"]; } else { $start = 999999; } //default*/ if (strstr($mail_path, '..')) { html_error_quit("读取邮件数据失败!"); } $mail_fullpath = bbs_setmailfile($currentuser["userid"], $mail_path); $mail_num = bbs_getmailnum2($mail_fullpath); if ($mail_num < 0 || $mail_num > 30000) { html_error_quit("Too many mails!"); } $num = 19; if ($start > $mail_num - 19) {
<?php require "www2-funcs.php"; require "www2-board.php"; require "www2-bmp.php"; $sessionid = login_init(TRUE); bbs_session_modify_user_mode(BBS_MODE_EDIT); assert_login(); $brdnum = @$_GET["bid"]; settype($brdnum, "integer"); $brdarr = array(); $isnormalboard = bbs_safe_getboard($brdnum, "", $brdarr); if (is_null($isnormalboard)) { html_error_quit("错误的讨论区"); } $board = $brdarr["NAME"]; $usernum = $currentuser["index"]; $brd_encode = urlencode($board); if (bbs_checkpostperm($usernum, $brdnum) == 0) { html_error_quit("错误的讨论区或者您无权在此讨论区发表文章"); } if (bbs_is_readonly_board($brdarr)) { html_error_quit("不能在只读讨论区发表文章"); } $ftype = $dir_modes["NORMAL"]; bbs_board_nav_header($brdarr, "修改附件"); if (isset($_GET['id'])) { $id = intval($_GET['id']); } else { html_error_quit("错误的文编号"); }
<?php require "www2-funcs.php"; require "www2-rss.php"; login_init(FALSE, TRUE); $query = $_SERVER["QUERY_STRING"]; settype($query, "string"); if (strlen($query) < 2) { die; } $type = substr($query, 0, 1); $board = substr($query, 1); // 检查用户能否阅读该版 $brdarr = array(); $isnormalboard = bbs_safe_getboard(0, $board, $brdarr); if (is_null($isnormalboard)) { die; } if (strcmp($board, $brdarr["NAME"])) { die; } //cache consideration $brdnum = $brdarr["BID"]; if ($brdarr["FLAG"] & BBS_BOARD_GROUP) { die; } /* * 内部版面不提供 rss 的理由: * 1. rss 软件或 rss 网站无法正确实现 session-based 登录,或者实现了也无意义 * 2. 内部版面内容流入 rss 软件或 rss 网站并被保存可能造成信息泄露 * 3. 内部版面 rss 无法在 squid 前端缓存,可能造成潜在负荷问题
<?php /* KBS Codename WaterWood * interfaces for new version of web * pig2532@newsmth, 2007 */ define("PAGE_SIZE", 20); define("THREAD_PAGE_SIZE", 20); define("WWW2ROOT", "/home/www/htdocs/"); exit; /*$clientip = $_SERVER["REMOTE_ADDR"]; if(($clientip != "127.0.0.1") && ($clientip != "192.168.1.100")) exit;*/ include WWW2ROOT . "www2-funcs.php"; include WWW2ROOT . "www2-board.php"; login_init(TRUE); $sid = bbs_getsessionid(); $uid = $currentuser["index"]; $xml_header = false; $domain = bbs_get_webdomain(); $retstr = ""; function int_string($str) { return iconv("gb2312", "UTF-8", $str); } function int_finish($response) { $responsetext = json_encode($response); header("Content-Length: " . strlen($responsetext)); print $responsetext; }
go_die(); } } $id = intval($av[2]); if ($av[1] == 'r') { $bid = 0; $board = "Recommend"; } else { $bid = intval($av[1]); $board = ""; } } if ($ap <= 0) { go_die(); } login_init($sid, TRUE); $brdarr = array(); $isnormalboard = bbs_safe_getboard($bid, $board, $brdarr); if (is_null($isnormalboard)) { go_die(); } $board = $brdarr["NAME"]; $brdnum = $brdarr["BID"]; if ($ftype == $dir_modes["JUNK"]) { if (!($currentuser["userlevel"] & BBS_PERM_SYSOP)) { go_die(); } $dir_perm = 2; } else { $dir_perm = bbs_is_permit_mode($ftype, 1); if (!$dir_perm) {
<?php session_start(); require_once "database.php"; require_once "login.php"; require_once "pagebuilder.php"; include_once "mail_sender.php"; login_init(600); // Auto logout after ten minutes inactivity pb_init(); // first char: _ means public, ! means error, u means user (login privileges 1), e means employee (p 2) $page = "_home"; if (isset($_GET["page"])) { $page = "_" . $_GET["page"]; if (strlen($page) > 2 && (substr($page, 1, 1) === "u" || substr($page, 1, 1) === "e")) { $page = $_GET["page"]; } } if (!db_open()) { $page = "!dberror"; } if (substr($page, 0, 1) === "u" && login_privileges() !== 1) { $page = "!auth"; } else { if (substr($page, 0, 1) === "e" && login_privileges() !== 2) { $page = "!auth"; } } if (login_privileges() !== 0 && substr($page, 0, 1) === "_" && $page !== "_logout") { // $page = (login_privileges() === 1 ? "u" : "e") . "home"; header("Location: index.php?page=" . (login_privileges() === 1 ? "u" : "e") . "home");