static function init($init = true) { if (is_file(ROOT_PATH . 'index.html')) { echo file_get_contents(ROOT_PATH . 'index.html'); exit; } $method = strtolower($_SERVER['REQUEST_METHOD']); if ($method != 'get' && $method != 'post') { exit; } define('CHARSET', 'UTF-8'); define('TIMESTAMP', time()); define('URL', '/' . CURSCRIPT . '.php?'); include ROOT_PATH . 'inc/class/app.class.php'; include_once ROOT_PATH . 'inc/function/core.function.php'; include_once ROOT_PATH . 'inc/function/extends.function.php'; include_once ROOT_PATH . 'inc/function/tae.function.php'; self::_init_tae(); self::_init_rewrite(); define('DEBUG', $_GET['debug'] ? true : false); set_error_handler('error_handler'); _xss_check(); if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST)) { foreach ($_POST as $k => $v) { if (!isset($_GET[$k])) { $_GET[$k] = $v; } } } foreach ($_GET as $k => $v) { $k1 = trim_html($k, 1); $v1 = safe_filter($v); $_GET[$k1] = $v1; } define('ROBOT', checkrobot()); if ($init) { ob_start(); self::_init_global(); self::_init_web(); self::_init_db(); self::_init_cache(); self::_init_mobile(); self::_init_tpl(); self::_init_user(); } }
function say_post() { global $_G; if ($_G[member][groupid] == 3) { msg('抱歉,您当前是禁止用户,无法使用'); } else { if ($_G[member][check] == 0) { msg('抱歉,您当前账号未审核无法使用'); } } if (!$_G[setting][say_status]) { msg('抱歉,系统已关闭发布讨论功能', 'error'); } $goods = ''; $url = 'm=home&a=say_post'; if ($_GET[onsubmit] && check()) { if ($_G[setting][say_block]) { $list = explode(',', $_G[setting][say_block]); if (in_array($_G[username], $list)) { msg('抱歉,您当前账号已被加入黑名单,无法发布讨论'); } } if ($_GET[id]) { $arr = array(); } else { $arr = get_filed('say'); } $arr[title] = safe_filter($_GET['postdb'][title]); $arr[picurl] = trim($_GET['postdb'][picurl]); $arr[keywords] = safe_filter($_GET['postdb'][keywords]); $arr[message] = safe_filter($_GET['postdb'][message]); if (!$arr[title]) { msg('标题不能为空'); } if (!$arr[message]) { msg('讨论内容不能为空'); } $arr[post] = 1; $arr[check] = intval($_G[setting][say_check]); $arr[cate] = intval($_GET['postdb'][cate]); $arr[description] = cutstr(trim_html($arr[message], 1), 250, ''); if ($_FILES[file]) { $pic = upload(); if ($pic) { $arr[picurl] = $pic; } } /*if(!$arr[picurl] && preg_match("/<img.*?src=\"(.*?)\"/is",$arr[message],$say_arr)){ if($say_arr[1])$arr[picurl] = $say_arr[1]; }*/ //$arr = daddslashes($arr); if ($_GET['id']) { $id = intval($_GET['id']); $goods = D(array('table' => 'say', 'and' => ' AND id = ' . $id)); if ($goods[uid] != $_G[uid]) { msg('抱歉,您无权编辑非自己发布的信息', 'error', 'm=home&a=say_list'); } $id = intval($_GET['id']); $url .= "&id=" . $id; DB::update('say', $arr, "id=" . $id); $msg = '修改成功'; } else { $arr['dateline'] = TIMESTAMP; $arr[uid] = $_G[uid]; $arr[username] = $_G[username]; $id = DB::insert('say', $arr, 1); $msg = '发布成功'; $jf = intval($_G[setting][style_jf]); if ($_G[setting][say_post_jf] > 0) { $jf = intval($_G[setting][say_post_jf]); insert_sign(array('desc' => '发布讨论主题-id-' . $id, 'type' => 'say', 'org_jf' => $_G[member][jf], 'jf' => $jf, 'aid' => 0)); update_member(array('jf' => $_G[member][jf] + $jf), $_G[uid]); } } if (!$id) { msg('抱歉,发布失败,请联系在线客服'); } if ($arr[check] == 0) { $msg .= ',您所发布的信息需等审核后才能查看'; } msg($msg, 'success', $url); } else { if ($_GET[id]) { $id = intval($_GET[id]); $goods = D(array('table' => 'say', 'and' => ' AND id = ' . $id)); if (!$goods[id]) { msg('抱歉,未找到要编辑的讨论主题信息', 'error', 'm=home&a=say_list'); } if ($goods[uid] != $_G[uid]) { msg('抱歉,您无权编辑非自己发布的信息', 'error', 'm=home&a=say_list'); } if ($goods[check] == 1) { msg('已审核的信息无法再次编辑', 'error', 'm=home&a=say_list'); } } } $this->add(array('goods' => $goods)); seo('发布讨论'); $this->show(); }
function dreferer() { global $_G; if ($_G['referer_init'] == 1) { return $_G['referer']; } $_G['referer_init'] = 1; if ($_GET['referer']) { $referer = urldecode($_GET['referer']); } else { if ($_SERVER['HTTP_REFERER']) { $referer = $_SERVER['HTTP_REFERER']; } else { $referer = $_G[siteurl]; $_G['referer'] = $referer; return $referer; } } $referer = dhtmlspecialchars($referer, ENT_QUOTES); $referer = safe_filter($referer); $referer = str_replace('amp;', '', $referer); $reurl = parse_url($referer); $host = preg_replace("/:\\d+/is", '', $_SERVER['HTTP_HOST']); if (!empty($reurl['host']) && !in_array($reurl['host'], array($host, 'www.' . $host)) && !in_array($host, array($reurl['host'], 'www.' . $reurl['host']))) { $referer = $_G[siteurl]; } else { if ($_G[uid] && preg_match("/member/is", $_G['referer'])) { $referer = URL . "m=home"; } elseif (!$_G[uid] && preg_match("/home/is", $_G['referer'])) { $referer = URL . "m=member&a=login"; } } if (!$referer) { $referer = $_G[siteurl]; } $_G['referer'] = $referer; return $referer; }
function post() { global $_G; if (!is_login()) { return false; } if (!$_G[uid]) { msg('未登录无法进行操作'); } if ($_G[member][groupid] == 3) { msg('抱歉,您当前是禁止用户,无法使用'); } else { if ($_G[member][check] == 0) { msg('抱歉,您当前账号未审核无法使用'); } } if ($_G[setting][say_status] != 1) { msg('系统已关闭评论功能'); } if ($_SESSION['comment'] && $_SESSION['comment']['time'] > 0) { $last_comment_time = $_SESSION['comment']['time'] > 0 ? TIMESTAMP - intval($_SESSION['comment']['time']) : 0; if ($last_comment_time < 5) { msg('发言太快,请休息一下吧'); } } $type = trim($_GET[type]); $id = intval($_GET[id]); if (!$id) { msg('抱歉,您要提交的id不能为空'); } if (!$type) { msg('抱歉,评论类型不能为空'); } if (!preg_match("/^[a-z_]+\$/", $type)) { msg('评论类型格式不正确'); } if (!array_key_exists($type, $_G[setting][comment_types])) { msg('当前模块不允许评论或留言'); } $content = trim($_GET[content]); if (!$content) { msg('您要评论的内容不能为空'); } $content = safe_filter($content); $comment_day = $_G[setting][comment_day] > 0 ? $_G[setting][comment_day] : 30; //天限制 $today = dmktime(dgmdate(TIMESTAMP, 'd')); $count_day = getcount('comment', " uid=" . $_G[uid] . " AND type = '" . $type . "' AND dateline>" . $today); if ($count_day > $comment_day) { msg('您今日发布的评论已超过' . $comment_day . '条,待明日再评论吧.'); } $comment_month_mod = $_G[setting][comment_month_mod] > 0 ? $_G[setting][comment_month_mod] : 300; //月限制 $day30 = dmktime(dgmdate(TIMESTAMP - 86400 * 30, 'd')); $count = getcount('comment', " uid=" . $_G[uid] . " AND type = '" . $type . "' AND dateline>" . $day30); if ($count_day > $comment_month_mod) { msg('您本月发布的 ' . $_G[setting][comment_types][$type] . ' 评论已超过' . $comment_month_mod . '条,待下月再来吧.'); } $comment_month_sum = $_G[setting][comment_month_sum] > 0 ? $_G[setting][comment_month_sum] : 1000; //不限制分类,月限制 $day30 = dmktime(dgmdate(TIMESTAMP - 86400 * 30, 'd')); $count = getcount('comment', " uid=" . $_G[uid] . " AND dateline>" . $day30); if ($count_day > $comment_month_sum) { msg('您本月发布的总评论已超过' . $comment_month_sum . '条,待下月再来吧.'); } //检查回复的主题id是否存在 $idname = $type == 'goods' ? 'aid' : 'id'; $count_len = getcount($type, $idname . '=' . $id); if (!$count_len) { msg('回复的主题不存在'); } if ($_G['setting']['comment_filter'] != 1) { $content = trim($content); // $html_arr = array('<p><img><a><b><strong><h1><h2><h3><h4><h5><h6><span><em><i><div><table><tr><td><th>'); //$html_arr = array('<p><img>'); $content = strip_tags($content); $content = str_replace(array('"', "'"), '', $content); $content = trim_html($content, 1); } $content = daddslashes($content); if ($_SESSION['comment'] && $_SESSION['comment']['time'] > 0) { $last_content = $_SESSION['comment']['content']; if ($last_content && $content == $last_content) { msg('请勿发布同样的内容'); } } $arr = array(); $arr['uid'] = $_G[uid]; $arr['username'] = $_G[username]; $arr['dateline'] = TIMESTAMP; $arr['ip'] = $_G[clientip]; $arr['type_id'] = $id; $arr['type'] = $type; $arr['content'] = $content; if ($_GET['num_iid']) { $arr['num_iid'] = trim_html($_GET['num_iid']); } if ($_GET[is_reply] && $_GET[reply_id] > 0) { $arr['is_reply'] = 1; $arr['reply_id'] = intval($_GET[reply_id]); } else { $arr['is_reply'] = 0; $arr['reply_id'] = 0; } $arr['picurl'] = ''; $arr['check'] = intval($_G[setting][comment_check]); $jf = intval($_G[setting][comment_jf]); $arr['jf'] = $jf; $insert_id = DB::insert('comment', $arr, 1); if (!$insert_id) { msg('评论失败'); } $msg = '评论成功'; if ($jf > 0) { $msg .= ',恭喜您获得' . $jf . '积分'; insert_sign(array('desc' => $msg, 'type' => 'comment', 'org_jf' => $_G[member][jf], 'jf' => $jf, 'aid' => $insert_id)); update_member(array('jf' => $_G[member][jf] + $jf), $_G[uid]); } $_SESSION['comment']['time'] = TIMESTAMP; $_SESSION['comment']['content'] = $arr['content']; $fd = table($type); if (isset($fd['comment_count'])) { $where = ''; if (isset($fd['id'])) { $where = 'id=' . $id; } else { if (isset($fd['aid'])) { $where = 'aid=' . $id; } } $count = getcount(__CLASS__, " AND type = '{$type}' AND type_id = " . $id . " AND `check` =1 "); if ($where) { $r = DB::update($type, array('comment_count' => $count), $where); } } /*$data = array('user_pic'=>$_G[member][picurl],'id'=>$insert_id,'username'=>$_G[username], 'dateline'=>TIMESTAMP,'content'=>$arr[content]); */ if ($arr[check] == 0) { $msg .= ' 需待审核后才能显示'; } if ($_G['inajax'] == 1) { json(array('status' => 'success', 'msg' => $msg, 'data' => $data)); } else { msg($msg, 'success'); } }