<?php

require dirname(__FILE__) . "/global.php";
$dbFile = dirname(__FILE__) . "/../database/db.links.php";
if (isset($_GET['action']) && $_GET['action'] == "update") {
    if (isset($_POST['ID'], $_POST['NAME'], $_POST['URL'])) {
        $friendLink = array();
        $IdNum = count($_POST['ID']) - 1;
        for ($i = 0; $i <= $IdNum; $i++) {
            $siteName = stripslashes(trim($_POST['NAME'][$i]));
            $siteUrl = stripslashes(trim($_POST['URL'][$i]));
            if (!empty($siteName) && !empty($siteUrl)) {
                if (!wordCheck($siteName)) {
                    die("<script>alert('网站名称不合法');</script>");
                }
                $friendLink[] = array("name" => $siteName, "url" => $siteUrl);
            }
        }
        if (@is_writable($dbFile)) {
            $handle = @fopen($dbFile, 'w');
            if (@flock($handle, LOCK_EX)) {
                @fwrite($handle, '<?php exit;?>' . serialize($friendLink));
                @flock($handle, LOCK_UN);
            }
            @fclose($handle);
            die("<script>alert('更新成功');</script>");
        } else {
            die("<script>alert('数据文件不可写');</script>");
        }
    }
}
            }
        }
        $DB->close();
    }
    exit;
}
if (isset($_GET['fid']) && is_numeric($_GET['fid']) && $_GET['fid'] >= 1) {
    $DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname);
    $forumArr = $QA->getForumInfo($_GET['fid']);
    if (!empty($forumArr['fid'])) {
        if (isset($_POST['name'], $_POST['category'], $_POST['intro'], $_POST['push'])) {
            $name = strAddslashes(trim($_POST['name']));
            $cid = $_POST['category'];
            $intro = filterCode($_POST['intro']);
            $push = $_POST['push'];
            if (empty($name) || getStrlen($name) > 15 || !wordCheck($name)) {
                echo "<script>alert('换一个吧名吧');</script>";
            } else {
                $BId = $DB->fetch_one("SELECT `fid` FROM `" . $table_forum . "` WHERE lower(`name`)='" . strtolower($name) . "'");
                if (!empty($BId) && $BId != $forumArr['fid']) {
                    echo "<script>alert('该吧已存在,请更换吧名。');</script>";
                } else {
                    if (getStrlen($intro) > 90) {
                        echo "<script>alert('吧简介不能超过90个字');</script>";
                    } else {
                        $forumInfo['cid'] = $cid;
                        $forumInfo['name'] = $name;
                        $forumInfo['synopsis'] = $intro;
                        if ($forumArr['commend'] == 0) {
                            if ($push > 0) {
                                $forumInfo['commend'] = time();
 } else {
     for ($i = 0; $i < count($ForumArr['moderator']); $i++) {
         if ($ForumArr['moderator'][$i]['uid'] == $loginArr['uid']) {
             $isModerator = 1;
         }
     }
     if (!isset($isModerator)) {
         if ($site_rewrite) {
             echo "<script>top.location.href='./bar-" . $ForumArr['fid'] . "-1.html';</script>";
         } else {
             echo "<script>top.location.href='./forum.php?fid=" . $ForumArr['fid'] . "';</script>";
         }
     } else {
         if (isset($_GET['do'], $_POST['bar']) && $_GET['do'] == "append") {
             $forumName = strAddslashes(trim($_POST['bar']));
             if (empty($forumName) || !wordCheck($forumName)) {
                 echo "<script>alert('请输入正确的同盟吧吧名');</script>";
             } else {
                 $FSQL = "SELECT `fid`,`name` FROM `" . $table_forum . "` WHERE lower(`name`)='" . strtolower($forumName) . "'";
                 $FriendArr = $DB->fetch_one_array($FSQL);
                 if (empty($FriendArr['fid']) || $FriendArr['fid'] == $ForumArr['fid']) {
                     echo "<script>alert('吧名无效');</script>";
                 } else {
                     for ($j = 0; $j < count($ForumArr['friend']); $j++) {
                         if ($ForumArr['friend'][$j]['fid'] == $FriendArr['fid']) {
                             $isFriend = 1;
                         }
                     }
                     if (isset($isFriend)) {
                         echo "<script>alert('该同盟吧已存在');</script>";
                     } else {
Exemple #4
0
<?php

require dirname(__FILE__) . "/global.php";
require dirname(__FILE__) . "/class/class_Main.php";
if (isset($_GET['do'], $_POST['bar'], $_POST['intro']) && $_GET['do'] == "create") {
    $barName = strAddslashes(trim($_POST['bar']));
    $barIntro = filterCode($_POST['intro']);
    if ($create_allow != 1) {
        echo "0 很抱歉,系统当前禁止创建新吧!";
    } else {
        if (empty($barName) || getStrlen($barName) > 15 || !wordCheck($barName) || !filterCheck($barName)) {
            echo "0 很抱歉,您无权创建这个吧!换一个吧名吧 ^_^";
        } else {
            $intro_length = getStrlen($barIntro);
            if ($intro_length < 10 || $intro_length > 90) {
                echo "0 很抱歉,该吧简介的长度不符合要求 ^_^";
            } else {
                $DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname);
                $FSQL = "SELECT `fid` FROM `" . $table_forum . "` WHERE lower(`name`)='" . strtolower($barName) . "'";
                $forumId = $DB->fetch_one($FSQL);
                if (!empty($forumId)) {
                    if ($site_rewrite) {
                        echo "1 ./bar-" . $forumId . "-1.html";
                    } else {
                        echo "1 ./forum.php?fid=" . $forumId;
                    }
                } else {
                    $TSQL = "SELECT `fid` FROM `" . $table_temp . "` WHERE lower(`name`)='" . strtolower($barName) . "'";
                    $tempId = $DB->fetch_one($TSQL);
                    if (!empty($tempId)) {
                        echo "0 该吧已创建,正在审核中。";
<?php

require dirname(__FILE__) . "/global.php";
if (isset($_GET['action']) && $_GET['action'] == "update") {
    if (isset($_POST['ID'], $_POST['NAME'], $_POST['TOPIC'], $_POST['REPLY'], $_POST['VERIFY'])) {
        $config_str = "<?php";
        $config_str .= "\n";
        $config_str .= '$userGroup = array';
        $config_str .= "\n";
        $config_str .= "(";
        $config_str .= "\n";
        $IdNum = count($_POST['ID']) - 1;
        for ($i = 0; $i <= $IdNum; $i++) {
            $GN = stripslashes(trim($_POST['NAME'][$i]));
            if (empty($GN) || !wordCheck($GN)) {
                die("<script>alert('用户组名称不合法');</script>");
            }
            $GT = $_POST['TOPIC'][$i];
            $GR = $_POST['REPLY'][$i];
            $GV = $_POST['VERIFY'][$i];
            $GU = $_POST['UPLOAD'][$i];
            $config_str .= '	array("name"=>"' . $GN . '","topic"=>' . $GT . ',"reply"=>' . $GR . ',"verify"=>' . $GV . ',"upload"=>' . $GU . ')';
            if ($i == $IdNum) {
                $config_str .= "\n";
            } else {
                $config_str .= ",\n\n";
            }
        }
        $config_str .= ");";
        $config_str .= "\n";
        $config_str .= "?>";
Exemple #6
0
     die("<script>alert('站点名称不合法');</script>");
 }
 $siteDomain = strtolower(trim($_POST['site_domain']));
 if (empty($siteDomain) || substr($siteDomain, 0, 7) == "http://" || substr($siteDomain, -1) == "/") {
     die("<script>alert('站点域名不正确');</script>");
 }
 $domainip2long = ip2long(gethostbyname($siteDomain));
 if ($domainip2long == -1 || $domainip2long === FALSE) {
     die("<script>alert('域名 " . $siteDomain . " 解析尚未生效');</script>");
 }
 $siteCatalog = stripslashes(trim($_POST['site_catalog']));
 if (empty($siteCatalog) || substr($siteCatalog, -1) != "/" || strpos($siteCatalog, '"')) {
     die("<script>alert('安装目录不正确');</script>");
 }
 $siteIcp = stripslashes(trim($_POST['site_icp']));
 if (!empty($siteIcp) && (!wordCheck($siteIcp) || getStrlen($siteIcp) < 10)) {
     die("<script>alert('备案信息不正确');</script>");
 }
 $siteRewrite = isset($_POST['site_rewrite']) ? $_POST['site_rewrite'] : 0;
 $siteTimezone = isset($_POST['site_timezone']) ? $_POST['site_timezone'] : "Asia/Shanghai";
 $createAllow = isset($_POST['create_allow']) ? $_POST['create_allow'] : 1;
 $cacheLifetime = isset($_POST['cache_lifetime']) ? $_POST['cache_lifetime'] * 60 : 60;
 $perTopicNum = isset($_POST['per_topic_num']) ? $_POST['per_topic_num'] : 50;
 $perPostNum = isset($_POST['per_post_num']) ? $_POST['per_post_num'] : 30;
 $postAnonymous = isset($_POST['post_anonymous']) ? $_POST['post_anonymous'] : 0;
 $integralTopic = isset($_POST['integral_topic']) ? $_POST['integral_topic'] : 2;
 $integralReply = isset($_POST['integral_reply']) ? $_POST['integral_reply'] : 1;
 $integralElite = isset($_POST['integral_elite']) ? $_POST['integral_elite'] : 3;
 $config_str = "<?php";
 $config_str .= "\n";
 $config_str .= '$code_name			= "' . $code_name . '";';