function output() { global $_G; $noticelang = lang('notification', 'reppost_noticeauthor'); $noticepreg = '/^' . str_replace(array('\\{actor\\}', '\\{subject\\}', '\\{tid\\}', '\\{pid\\}'), array('(.+?)', '(.+?)', '(\\d+)', '(\\d+)'), preg_quote($noticelang, '/')) . '$/'; $actorlang = '<a href="home.php?mod=space&uid={actoruid}">{actorusername}</a>'; $actorpreg = '/^' . str_replace(array('\\{actoruid\\}', '\\{actorusername\\}'), array('(\\d+)', '(.+?)'), preg_quote($actorlang, '/')) . '$/'; foreach ($GLOBALS['list'] as $_k => $_v) { if (preg_match($noticepreg, $_v['note'], $_r)) { list(, $actor, $tid, $pid, $subject) = $_r; if (preg_match($actorpreg, $actor, $_r)) { list(, $actoruid, $actorusername) = $_r; } //取出回帖的内容 include_once libfile('function/forum'); require_once libfile('function/discuzcode'); loadforum(null, $tid); if ($pid) { $postlist = $this->post = get_post_by_pid($pid, 'message'); $GLOBALS['list'][$_k]['message'] = discuzcode($postlist['message']); } $GLOBALS['list'][$_k]['dateline'] = dgmdate($GLOBALS['list'][$_k]['dateline']); $GLOBALS['list'][$_k]['dbdateline'] = $GLOBALS['list'][$_k]['dateline']; $GLOBALS['list'][$_k]['notevar'] = array('tid' => $tid, 'pid' => $pid, 'subject' => $subject, 'actoruid' => $actoruid, 'actorusername' => $actorusername); } } $variable = array('hash' => md5(substr(md5($_G['config']['security']['authkey']), 8) . $_G['uid']), 'list' => mobile_core::getvalues(array_values($GLOBALS['list']), array('/^\\d+$/'), array('id', 'uid', 'type', 'new', 'authorid', 'author', 'note', 'dateline', 'from_id', 'from_idtype', 'from_num', 'style', 'rowid', 'notevar', 'message')), 'count' => $GLOBALS['count'], 'perpage' => $GLOBALS['perpage'], 'page' => intval($GLOBALS['page'])); mobile_core::result(mobile_core::variable($variable)); }
protected function _handleEvilPost($tid, $pid, $evilType, $evilLevel = 1) { /*vot*/ include_once DISCUZ_ROOT.'./source/language/'.DISCUZ_LANG.'/lang_admincp_cloud.php'; $securityService = Cloud::loadClass('Service_Security'); $securityService->writeLog($pid, 'pid'); $evilPost = C::t('#security#security_evilpost')->fetch($pid); if (count($evilPost)) { return true; } else { require_once libfile('function/delete'); require_once libfile('function/forum'); require_once libfile('function/post'); $data = array('pid' => $pid, 'tid' => $tid, 'evilcount' => 1, 'eviltype' => $evilType, 'createtime' => TIMESTAMP); $post = get_post_by_pid($pid); if (is_array($post) && count($post) > 0) { if ($tid != $post['tid']) { return false; } $thread = get_thread_by_tid($tid); if ($post['first']) { $data['type'] = 1; if ($this->_checkThreadIgnore($tid)) { return false; } C::t('#security#security_evilpost')->insert($data, false, true); $this->_updateEvilCount('thread'); deletethread(array($tid), true, true, true); updatemodlog($tid, 'DEL', 0, 1, $extend_lang['security_modreason']); } else { $data['type'] = 0; if ($this->_checkPostIgnore($pid, $post)) { return false; } C::t('#security#security_evilpost')->insert($data, false, true); $this->_updateEvilCount('post'); deletepost(array($pid), 'pid', true, false, true); } if(!empty($post['authorid'])) { $data = array('uid' => $post['authorid'], 'createtime' => TIMESTAMP); C::t('#security#security_eviluser')->insert($data, false, true); } } else { $data['operateresult'] = 2; C::t('#security#security_evilpost')->insert($data, false, true); } } return true; }
public function common() { if (!$this->allow) { return; } if ($_GET['mod'] == 'redirect' && $_GET['goto'] == 'findpost' && $_GET['ptid'] && $_GET['pid']) { $post = get_post_by_pid($_GET['pid']); if (empty($post)) { $searchHelper = Cloud::loadClass('Cloud_Service_SearchHelper'); $searchHelper->myPostLog('redelete', array('pid' => $_GET['pid'])); } } }
public function getOperateData($type, $limit = 20) { if (!self::$_secStatus) { return false; } $allowType = array('post', 'user', 'member'); $operateData = array(); $operateResultData = array(); if ($type == 'member') { $type = 'user'; } if (!in_array($type, $allowType)) { return false; } $tableName = '#security#security_evil' . $type; $operateData = C::t($tableName)->fetch_all_report($limit); foreach ($operateData as $tempData) { $operateResult = $tempData['operateresult'] == 1 ? 'recover' : 'delete'; if ($type == 'post') { require_once libfile('function/forum'); $detailData = get_post_by_pid($tempData['pid']); $detailData['pid'] = $tempData['pid']; $detailData['tid'] = $tempData['tid']; $detailData['uid'] = $id = $tempData['pid']; } elseif ($type == 'user') { $detailData = C::t('common_member')->fetch($tempData['uid'], 0, 1); $detailData['uid'] = $id = $tempData['uid']; } if ($type == 'post') { $operateType = $detailData['first'] ? 'thread' : 'post'; } elseif ($type == 'user') { $operateType = 'member'; } $data = array('tid' => $detailData['tid'] ? $detailData['tid'] : 0, 'pid' => $detailData['pid'] ? $detailData['pid'] : 0, 'fid' => $detailData['fid'] ? $detailData['fid'] : 0, 'operateType' => $operateType, 'operate' => $operateResult, 'operateId' => $id, 'uid' => $detailData['authorid'] ? $detailData['authorid'] : $detailData['uid']); $data['openId'] = $this->_getOpenId($data['uid']); $data['clientIp'] = $detailData['useip'] ? $detailData['useip'] : $this->_getMemberIp($data['uid']); $operateResultData[] = $data; } return $operateResultData; }
foreach (array('pid', 'ptid', 'authorid', 'ordertype', 'postno') as $k) { ${$k} = !empty($_GET[$k]) ? intval($_GET[$k]) : 0; } if (empty($_GET['goto']) && $ptid) { $_GET['goto'] = 'findpost'; } if ($_GET['goto'] == 'findpost') { $post = $thread = array(); if ($ptid) { $thread = get_thread_by_tid($ptid); } if ($pid) { if ($thread) { $post = C::t('forum_post')->fetch($thread['posttableid'], $pid); } else { $post = get_post_by_pid($pid); } if ($post && empty($thread)) { $thread = get_thread_by_tid($post['tid']); } } if (empty($thread)) { showmessage('thread_nonexistence'); } else { $tid = $thread['tid']; } if (empty($pid)) { if ($postno) { if (getstatus($thread['status'], 3)) { $rowarr = C::t('forum_post')->fetch_all_by_tid_position($thread['posttableid'], $ptid, $postno); $pid = $rowarr[0]['pid'];
function getOperateData($type, $limit = 20) { if (notOpenService()) { return false; } $allowType = array('post', 'user', 'member'); $operateData = array(); $operateResultData = array(); if ($type == 'member') { $type = 'user'; } if (!in_array($type, $allowType)) { return false; } $tableName = DB::table('security_evil' . $type); $query = "SELECT * FROM " . $tableName . " WHERE isreported = 0 AND operateresult > 0 LIMIT {$limit}"; $query = DB::query($query); while ($tempData = DB::fetch($query)) { $operateData[] = $tempData; } foreach ($operateData as $tempData) { $operateResult = $tempData['operateresult'] == 1 ? 'recover' : 'delete'; if ($type == 'post') { require_once libfile('function/forum'); $detailData = get_post_by_pid($tempData['pid']); $id = $tempData['pid']; } elseif ($type == 'user') { $detailData = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid = '{$tempData['uid']}'"); $id = $tempData['uid']; } if ($type == 'post') { $operateType = $detailData['first'] ? 'thread' : 'post'; } elseif ($type == 'user') { $operateType = 'member'; } $data = array('tid' => $detailData['tid'] ? $detailData['tid'] : 0, 'pid' => $detailData['pid'] ? $detailData['pid'] : 0, 'fid' => $detailData['fid'] ? $detailData['fid'] : 0, 'operateType' => $operateType, 'operate' => $operateResult, 'operateId' => $id, 'uid' => $detailData['authorid'] ? $detailData['authorid'] : $detailData['uid']); $data['openId'] = getOpenId($data['uid']); $data['clientIp'] = $detailData['useip'] ? $detailData['useip'] : getMemberIp($data['uid']); $operateResultData[] = $data; } return $operateResultData; }
function logFailed($reportType, $ids, $reason = '') { global $_G; if (!$this->_secStatus) { return false; } $this->_checkAndClearFailNum(); if (!is_array($ids)) { $ids = array($ids); } $postTime = 0; if (in_array($reportType, $this->postAction) || in_array($reportType, $this->delPostAction)) { $tid = intval($ids[0]) ? intval($ids[0]) : intval($ids['tid']); $pid = intval($ids[1]) ? intval($ids[1]) : intval($ids['pid']); $uid = intval($ids['uid']); if ($pid == 0) { return false; } if (in_array($reportType, $this->delPostAction)) { require_once libfile('function/forum'); $postInfo = get_post_by_pid($pid); $postTime = $postInfo['dateline']; } $oldDataSql = "SELECT * FROM " . DB::table('security_failedlog') . " WHERE pid = '{$pid}' LIMIT 1"; } elseif (in_array($reportType, $this->userAction) || in_array($reportType, $this->delUserAction)) { $tid = 0; $pid = 0; $uid = intval($ids[0]) ? intval($ids[0]) : intval($ids['uid']); if ($uid == 0) { return false; } if (in_array($reportType, $this->delUserAction)) { $postTime = DB::result_first("SELECT lastpost FROM " . DB::table('common_member_status') . " WHERE uid = '{$uid}'"); } $oldDataSql = "SELECT * FROM " . DB::table('security_failedlog') . " WHERE uid = '{$uid}' LIMIT 1"; } else { return false; } $oldData = DB::fetch_first($oldDataSql); if (is_array($oldData)) { $data = $oldData; $data['reporttype'] = $reportType; $data['lastfailtime'] = $_G['timestamp']; $data['scheduletime'] = $_G['timestamp'] + 300; $data['failcount']++; } else { $data = array('reporttype' => $reportType, 'tid' => $tid, 'pid' => $pid, 'uid' => $uid, 'failcount' => 1, 'createtime' => $_G['timestamp'], 'posttime' => $postTime, 'delreason' => daddslashes($reason), 'scheduletime' => $_G['timestamp'] + 60, 'lastfailtime' => $_G['timestamp']); $data['extra2'] = serialize(array('fid' => $ids['fid'], 'clientIp' => $ids['clientIp'], 'openId' => $ids['openId'])); } if (!$data['uid'] && !$data['tid'] && !$data['pid']) { return false; } DB::insert('security_failedlog', $data, 0, 1); }