<?php
require dirname(__FILE__) . "/global.php";
if ($loginArr['state'] == 0) {
header("location:./login.php");
} else {
if (isset($_GET['do'], $_POST['reportcontent'], $_POST['reportpid']) && $_GET['do'] == "report") {
$content = trim(filterCode($_POST['reportcontent']));
$pid = intval($_POST['reportpid']);
$content_len = getStrlen($content);
if ($content_len < 3 || $content_len > 80) {
echo "1 举报原由应控制在3到80个字之间";
} else {
$DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname);
$postArr = $TB->getPostInfo($pid);
if (empty($postArr['pid'])) {
echo "0 该帖已被删除!";
} else {
$reportArr['uname'] = $loginArr['name'];
$reportArr['uid'] = $loginArr['uid'];
$reportArr['fid'] = $postArr['fid'];
$reportArr['tid'] = $postArr['tid'];
$reportArr['pid'] = $postArr['pid'];
$reportArr['author'] = $postArr['author'];
$reportArr['authorid'] = $postArr['authorid'];
$reportArr['message'] = $content;
$reportArr['dateline'] = time();
if ($DB->query($DB->insert_sql("`" . $table_report . "`", $reportArr))) {
echo "0 举报成功,感谢您对本吧的支持。";
} else {
echo "1 数据库繁忙,请重试!";
$DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname);
$forumArr = $QA->getForumInfo($_GET['fid']);
if (!empty($forumArr['fid'])) {
if (isset($_POST['name'], $_POST['category'], $_POST['intro'], $_POST['push'])) {
$name = strAddslashes(trim($_POST['name']));
$cid = $_POST['category'];
$intro = filterCode($_POST['intro']);
$push = $_POST['push'];
if (empty($name) || getStrlen($name) > 15 || !wordCheck($name)) {
echo "<script>alert('换一个吧名吧');</script>";
} else {
$BId = $DB->fetch_one("SELECT `fid` FROM `" . $table_forum . "` WHERE lower(`name`)='" . strtolower($name) . "'");
if (!empty($BId) && $BId != $forumArr['fid']) {
echo "<script>alert('该吧已存在,请更换吧名。');</script>";
} else {
if (getStrlen($intro) > 90) {
echo "<script>alert('吧简介不能超过90个字');</script>";
} else {
$forumInfo['cid'] = $cid;
$forumInfo['name'] = $name;
$forumInfo['synopsis'] = $intro;
if ($forumArr['commend'] == 0) {
if ($push > 0) {
$forumInfo['commend'] = time();
}
} else {
if ($push == 0) {
$forumInfo['commend'] = 0;
}
if ($push == 2) {
$forumInfo['commend'] = time();
<?php
require dirname(__FILE__) . "/global.php";
if (isset($_POST['do'], $_POST['fid'], $_POST['title'], $_POST['content']) && $_POST['do'] == "Topic") {
if ($userGroup[$loginArr['group']]['topic'] == 0) {
die("0 " . $userGroup[$loginArr['group']]['name'] . "不能发表主题帖");
}
$postTime = time();
if (isset($_COOKIE['lastPostTime']) && $postTime - $_COOKIE['lastPostTime'] < 15) {
die("0 您的发帖速度太快了!");
}
$title = ltrim(filterCode($_POST['title']));
$title_len = getStrlen($title);
if ($title_len < 3 || $title_len > 32) {
die("0 帖子标题:至少3个字符,不超过32个字符");
}
if (!filterCheck($title)) {
die("0 帖子标题中含有系统不允许的关键词");
}
$content = filterCode(htmlToUBB($_POST['content']), false);
$checkContent = checkPostContent($content, 5, 22);
if ($checkContent != "") {
die("0 " . $checkContent);
}
$DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname);
$forumArr = $DB->fetch_one_array("SELECT `fid`,`moderator` FROM `" . $table_forum . "` WHERE `fid`='" . $_POST['fid'] . "'");
if (empty($forumArr['fid'])) {
echo "0 该吧不存在或者已被删除";
} else {
if ($loginArr['state'] == 1) {
$authorid = $loginArr['uid'];
echo "1";
} else {
echo "0";
}
} else {
echo "2";
}
}
$DB->close();
exit;
}
if (isset($_GET['action'], $_POST['father'], $_POST['name'], $_POST['cid']) && $_GET['action'] == "do") {
$fatherId = $_POST['father'];
$name = trim(strAddslashes($_POST['name']));
$cid = $_POST['cid'];
if (empty($name) || !wordCheck($name) || getStrlen($name) > 15) {
echo "<script>alert('名称不合法');</script>";
} else {
if ($fatherId > 0 && $DB->fetch_one("SELECT COUNT(`cid`) FROM `" . $table_catalog . "` WHERE `cid`=" . $fatherId) < 1) {
echo "<script>alert('上级目录不存在');</script>";
} else {
$infoArr['fatherid'] = $fatherId;
$infoArr['name'] = $name;
if (empty($cid)) {
$Sql = $DB->insert_sql("`" . $table_catalog . "`", $infoArr);
} else {
$Sql = $DB->update_sql("`" . $table_catalog . "`", $infoArr, "`cid`=" . $cid);
}
if ($DB->query($Sql)) {
echo "<script>alert('操作成功');top.location.reload();</script>";
} else {
<?php
require dirname(__FILE__) . "/global.php";
require dirname(__FILE__) . "/class/class_Main.php";
if (isset($_GET['do'], $_POST['bar'], $_POST['intro']) && $_GET['do'] == "create") {
$barName = strAddslashes(trim($_POST['bar']));
$barIntro = filterCode($_POST['intro']);
if ($create_allow != 1) {
echo "0 很抱歉,系统当前禁止创建新吧!";
} else {
if (empty($barName) || getStrlen($barName) > 15 || !wordCheck($barName) || !filterCheck($barName)) {
echo "0 很抱歉,您无权创建这个吧!换一个吧名吧 ^_^";
} else {
$intro_length = getStrlen($barIntro);
if ($intro_length < 10 || $intro_length > 90) {
echo "0 很抱歉,该吧简介的长度不符合要求 ^_^";
} else {
$DB->connect($mysql_host, $mysql_user, $mysql_pass, $mysql_dbname);
$FSQL = "SELECT `fid` FROM `" . $table_forum . "` WHERE lower(`name`)='" . strtolower($barName) . "'";
$forumId = $DB->fetch_one($FSQL);
if (!empty($forumId)) {
if ($site_rewrite) {
echo "1 ./bar-" . $forumId . "-1.html";
} else {
echo "1 ./forum.php?fid=" . $forumId;
}
} else {
$TSQL = "SELECT `fid` FROM `" . $table_temp . "` WHERE lower(`name`)='" . strtolower($barName) . "'";
$tempId = $DB->fetch_one($TSQL);
if (!empty($tempId)) {
echo "0 该吧已创建,正在审核中。";
die("<script>alert('站点名称不合法');</script>");
}
$siteDomain = strtolower(trim($_POST['site_domain']));
if (empty($siteDomain) || substr($siteDomain, 0, 7) == "http://" || substr($siteDomain, -1) == "/") {
die("<script>alert('站点域名不正确');</script>");
}
$domainip2long = ip2long(gethostbyname($siteDomain));
if ($domainip2long == -1 || $domainip2long === FALSE) {
die("<script>alert('域名 " . $siteDomain . " 解析尚未生效');</script>");
}
$siteCatalog = stripslashes(trim($_POST['site_catalog']));
if (empty($siteCatalog) || substr($siteCatalog, -1) != "/" || strpos($siteCatalog, '"')) {
die("<script>alert('安装目录不正确');</script>");
}
$siteIcp = stripslashes(trim($_POST['site_icp']));
if (!empty($siteIcp) && (!wordCheck($siteIcp) || getStrlen($siteIcp) < 10)) {
die("<script>alert('备案信息不正确');</script>");
}
$siteRewrite = isset($_POST['site_rewrite']) ? $_POST['site_rewrite'] : 0;
$siteTimezone = isset($_POST['site_timezone']) ? $_POST['site_timezone'] : "Asia/Shanghai";
$createAllow = isset($_POST['create_allow']) ? $_POST['create_allow'] : 1;
$cacheLifetime = isset($_POST['cache_lifetime']) ? $_POST['cache_lifetime'] * 60 : 60;
$perTopicNum = isset($_POST['per_topic_num']) ? $_POST['per_topic_num'] : 50;
$perPostNum = isset($_POST['per_post_num']) ? $_POST['per_post_num'] : 30;
$postAnonymous = isset($_POST['post_anonymous']) ? $_POST['post_anonymous'] : 0;
$integralTopic = isset($_POST['integral_topic']) ? $_POST['integral_topic'] : 2;
$integralReply = isset($_POST['integral_reply']) ? $_POST['integral_reply'] : 1;
$integralElite = isset($_POST['integral_elite']) ? $_POST['integral_elite'] : 3;
$config_str = "<?php";
$config_str .= "\n";
$config_str .= '$code_name = "' . $code_name . '";';
