} else {
if ($message == '') {
wapmsg('post_sm_isnull');
}
if ($post_invalid = checkpost()) {
wapmsg($post_invalid);
}
if ($formhash != formhash()) {
wapmsg('wap_submit_invalid');
}
if (checkflood()) {
wapmsg('post_flood_ctrl');
}
$pinvisible = $modnewreplies ? -2 : 0;
$db->query("INSERT INTO {$tablepre}posts (fid, tid, first, author, authorid, dateline, message, useip, invisible, usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment)\r\n\t\t\t\tVALUES ('{$fid}', '{$tid}', '0', '{$discuz_user}', '{$discuz_uid}', '{$timestamp}', '{$message}', '{$onlineip}', '{$pinvisible}', '1', '0', '0', '0', '0', '0')");
$pid = $db->insert_id();
$db->query("REPLACE INTO {$tablepre}myposts (uid, tid, pid, position, dateline) VALUES ('{$discuz_uid}', '{$tid}', '{$pid}', '" . ($thread['replies'] + 1) . "', '{$timestamp}')", 'UNBUFFERED');
if ($modnewreplies) {
wapmsg('post_mod_succeed', array('title' => 'post_mod_forward', 'link' => "index.php?action=forum&fid={$fid}"));
} else {
$db->query("UPDATE {$tablepre}threads SET lastposter='{$discuz_user}', lastpost='{$timestamp}', replies=replies+1 WHERE tid='{$tid}' AND fid='{$fid}'", 'UNBUFFERED');
updatepostcredits('+', $discuz_uid, $replycredits);
$lastpost = "{$thread['tid']}\t" . addslashes($thread['subject']) . "\t{$timestamp}\t{$discuz_user}";
$db->query("UPDATE {$tablepre}forums SET lastpost='{$lastpost}', posts=posts+1, todayposts=todayposts+1 WHERE fid='{$fid}'", 'UNBUFFERED');
if ($forum['type'] == 'sub') {
$db->query("UPDATE {$tablepre}forums SET lastpost='{$lastpost}' WHERE fid='{$forum['fup']}'", 'UNBUFFERED');
}
wapmsg('post_newreply_succeed', array('title' => 'post_newreply_forward', 'link' => "index.php?action=thread&tid={$tid}&page=" . @ceil(($thread['replies'] + 2) / $wapppp)));
}
}
}
function checkflood()
{
global $db, $tablepre, $disablepostctrl, $floodctrl, $maxpostsperhour, $discuz_uid, $timestamp, $lastpost, $forum;
if (!$disablepostctrl && $discuz_uid) {
$floodmsg = $floodctrl && $timestamp - $floodctrl <= $lastpost ? 'post_flood_ctrl' : '';
if (empty($floodmsg) && $maxpostsperhour) {
$query = $db->query("SELECT COUNT(*) from {$tablepre}posts WHERE authorid='{$discuz_uid}' AND dateline>{$timestamp}-3600");
$floodmsg = ($userposts = $db->result($query, 0)) && $userposts >= $maxpostsperhour ? 'thread_maxpostsperhour_invalid' : '';
}
if (empty($floodmsg)) {
return FALSE;
} elseif (CURSCRIPT != 'wap') {
showmessage($floodmsg);
} else {
wapmsg($floodmsg);
}
}
return FALSE;
}
} else {
wapmsg('undefined_action');
}
}
$password = md5(random(10));
$idstring = random(6);
$authstr = $regverify == 1 ? "{$timestamp}\t2\t{$idstring}" : '';
$db->query("REPLACE INTO {$tablepre}members (uid, username, password, secques, gender, adminid, groupid, regip, regdate, lastvisit, lastactivity, posts, credits, extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, email, bday, sigstatus, tpp, ppp)\r\n\t\tVALUES ('{$uid}', '{$username}', '{$password}', '', '', '0', '{$groupinfo['groupid']}', '{$onlineip}', '{$timestamp}', '{$timestamp}', '{$timestamp}', '0', {$initcredits}, '{$email}', '', '', '20', '20')");
$db->query("REPLACE INTO {$tablepre}memberfields (uid, authstr) VALUES ('{$uid}', '{$authstr}')");
if ($regverify == 2) {
$db->query("REPLACE INTO {$tablepre}validating (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\tVALUES ('{$uid}', '{$timestamp}', '0', '', '1', '0', '{$regmessage}', '')");
}
$discuz_uid = $uid;
$discuz_user = $username;
$discuz_userss = stripslashes($discuz_user);
$discuz_pw = $password;
$groupid = $groupinfo['groupid'];
$styleid = $styleid ? $styleid : $_DCACHE['settings']['styleid'];
switch ($regverify) {
case 1:
sendmail("{$discuz_userss} <{$email}>", 'email_verify_subject', 'email_verify_message');
wapmsg('profile_email_verify');
break;
case 2:
wapmsg('register_manual_verify');
break;
default:
wapmsg('register_succeed');
break;
}
}
$discuz_action = 194;
$do = !empty($do) && in_array($do, array('last', 'next')) ? $do : '';
if ($do == 'last') {
if ($fid && $tid) {
$this_lastpost = $db->result_first("SELECT lastpost FROM {$tablepre}threads WHERE tid='{$tid}' AND displayorder>='0'");
if ($next = $db->fetch_first("SELECT tid FROM {$tablepre}threads WHERE fid='{$fid}' AND displayorder>='0' AND lastpost>'{$this_lastpost}' ORDER BY lastpost ASC LIMIT 1")) {
$tid = $next['tid'];
header("Location: index.php?action=thread&tid={$tid}");
exit;
} else {
wapmsg('goto_last_nonexistence');
}
} else {
wapmsg('undefined_action');
}
} elseif ($do == 'next') {
if ($fid && $tid) {
$this_lastpost = $db->result_first("SELECT lastpost FROM {$tablepre}threads WHERE tid='{$tid}' AND displayorder>='0'");
if ($last = $db->fetch_first("SELECT tid FROM {$tablepre}threads WHERE fid='{$fid}' AND displayorder>='0' AND lastpost<'{$this_lastpost}' ORDER BY lastpost DESC LIMIT 1")) {
$tid = $last['tid'];
header("Location: index.php?action=thread&tid={$tid}");
exit;
} else {
wapmsg('goto_next_nonexistence');
}
} else {
wapmsg('undefined_action');
}
} else {
echo "<p>{$lang['goto']}:<br />\n" . "<input title=\"url\" name=\"url\" type=\"text\" value=\"http://\" /><br />\n" . "<anchor title=\"{$lang['submit']}\">{$lang['submit']}<go href=\"index.php?action=goto&url=\$(url:escape)\" /></anchor></p>\n";
}
function checkflood()
{
global $_G;
if (!$_G['group']['disablepostctrl'] && $_G['uid']) {
$floodmsg = $_G['setting']['floodctrl'] && TIMESTAMP - $_G['setting']['floodctrl'] <= getuserprofile('lastpost') ? 'post_flood_ctrl' : '';
if (empty($floodmsg) && $_G['group']['maxpostsperhour']) {
$userposts = getcountofposts(DB::table('forum_post'), "authorid='{$_G['uid']}' AND dateline>{$_G['timestamp']}-3600");
$floodmsg = $userposts && $userposts >= $_G['group']['maxpostsperhour'] ? 'thread_maxpostsperhour_invalid' : '';
}
if (empty($floodmsg)) {
return FALSE;
} elseif (CURMODULE != 'wap') {
showmessage($floodmsg, '', array('maxpostsperhour' => $_G['group']['maxpostsperhour'], 'floodctrl' => $_G['setting']['floodctrl']));
} else {
wapmsg($floodmsg);
}
}
return FALSE;
}
@extract($member);
$discuz_user = addslashes($discuz_user);
dsetcookie('auth', authcode("$discuz_pw\t$discuz_secques\t$discuz_uid", 'ENCODE'), 2592000, 1, true);
wapmsg('login_succeed');
} else {
$errorlog = dhtmlspecialchars(
$timestamp."\t".
($member['discuz_user'] ? $member['discuz_user'] : stripslashes($username))."\t".
$password."\t".
($secques ? "Ques #".intval($questionid) : '')."\t".
$onlineip);
writelog('illegallog', $errorlog);
wapmsg('login_invalid');
}
}
} elseif(!empty($formhash) && $formhash == FORMHASH) {
$discuz_uid = 0;
$discuz_user = '';
$groupid = 7;
wapmsg('logout_succeed');
}
?>
$threadposts = '';
$start = isset($start) ? intval($start) : 0;
$offset = isset($offset) ? intval($offset) : 0;
$do = !empty($do) ? $do : '';
$thread = $db->fetch_first("SELECT * FROM {$tablepre}threads WHERE tid='{$tid}' AND displayorder>='0'");
if (!$thread) {
wapmsg('thread_nonexistence');
}
if ($thread['readperm'] && $thread['readperm'] > $readaccess && !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid || empty($forum['allowview']) && (!$forum['viewperm'] && !$readaccess || $forum['viewperm'] && !forumperm($forum['viewperm'])) || $forum['password'] || $forum['redirect']) {
wapmsg('thread_nopermission');
} elseif ($thread['price'] > 0) {
if ($maxchargespan && $timestamp - $thread['dateline'] >= $maxchargespan * 3600) {
$db->query("UPDATE {$tablepre}threads SET price='0' WHERE tid='{$tid}'");
$thread['price'] = 0;
} elseif (!$discuz_uid || !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid && !$db->num_rows($db->query("SELECT tid FROM {$tablepre}paymentlog WHERE tid='{$tid}' AND uid='{$discuz_uid}'"))) {
wapmsg('thread_nopermission');
}
}
if (empty($do)) {
echo "<p>{$lang['subject']}{$thread['subject']}<br />" . "{$lang['author']}<a href=\"index.php?action=my&uid={$thread['authorid']}\">{$thread['author']}</a><br />" . "{$lang['dateline']}" . gmdate("{$wapdateformat} {$timeformat}", $thread['dateline'] + $timeoffset * 3600) . "<br /><br />";
$page = max(1, intval($page));
$start_limit = $number = ($page - 1) * $wapppp;
if ($page < 2) {
$end_limit = $wapppp + 1;
} else {
$start_limit = $start_limit + 1;
$end_limit = $wapppp;
}
$query = $db->query("SELECT * FROM {$tablepre}posts\r\n\t\tWHERE tid='{$tid}' AND invisible='0'\r\n\t\tORDER BY dateline LIMIT {$start_limit}, {$end_limit}");
while ($post = $db->fetch_array($query)) {
$post['message'] = wapcode($post['message']);
}
echo "<p>{$lang['my']}<br /><br />" . "{$lang['my_uid']} {$member['uid']}<br />" . "{$lang['my_username']} {$member['username']}<br />" . "{$lang['my_gender']} {$member['gender']}<br />" . ($member['bday'] != '0000-00-00' ? "{$lang['my_bday']} {$member['bday']}<br />" : '') . ($member['location'] ? "{$lang['my_location']} {$member['location']}<br />" : '') . ($member['bio'] ? "{$lang['my_bio']} {$member['bio']}<br /><br />" : '');
if ($uid == $discuz_uid) {
echo "<a href=\"index.php?action=myphone\">{$lang['my_phone']}</a><br />" . "<a href=\"index.php?action=my&do=fav\">{$lang['my_favorites']}</a><br />" . "<a href=\"index.php?action=pm\">{$lang['pm']}</a></p>";
} else {
echo "<br /><a href=\"index.php?action=pm&do=send&pmuid={$member['uid']}\">{$lang['pm_send']}</a></p>";
}
} else {
if ($do == 'fav') {
if (!empty($favid)) {
$selectid = $type == 'thread' ? 'tid' : 'fid';
if ($db->result_first("SELECT {$selectid} FROM {$tablepre}favorites WHERE uid='{$discuz_uid}' AND {$selectid}='{$favid}' LIMIT 1")) {
wapmsg('fav_existence');
} else {
$db->query("INSERT INTO {$tablepre}favorites (uid, {$selectid})\r\n\t\t\t\t\tVALUES ('{$discuz_uid}', '{$favid}')");
wapmsg('fav_add_succeed');
}
} else {
echo "<p>{$lang['my_threads']}<br />";
$query = $db->query("SELECT m.*, t.subject FROM {$tablepre}mythreads m, {$tablepre}threads t\r\n\t\t\t\t\tWHERE m.uid = '{$discuz_uid}' AND m.tid = t.tid ORDER BY m.dateline DESC LIMIT 0, 3");
while ($mythread = $db->fetch_array($query)) {
echo "<a href=\"index.php?action=thread&tid={$mythread['tid']}\">" . cutstr($mythread['subject'], 15) . "</a><br />";
}
echo "<br />{$lang['my_replies']}<br />";
$query = $db->query("SELECT m.*, t.subject FROM {$tablepre}myposts m, {$tablepre}threads t\r\n\t\t\t\t\tWHERE m.uid = '{$discuz_uid}' AND m.tid = t.tid ORDER BY m.dateline DESC LIMIT 0, 3");
while ($mypost = $db->fetch_array($query)) {
echo "<a href=\"index.php?action=thread&tid={$mypost['tid']}\">" . cutstr($mypost['subject'], 15) . "</a><br />";
}
echo "<br />{$lang['my_fav_thread']}<br />";
$query = $db->query("SELECT t.tid, t.subject FROM {$tablepre}favorites fav, {$tablepre}threads t\r\n\t\t\t\t\tWHERE fav.tid=t.tid AND t.displayorder>='0' AND fav.uid='{$discuz_uid}' ORDER BY t.lastpost DESC LIMIT 0, 3");
while ($favthread = $db->fetch_array($query)) {
if (preg_match("/(^{ALL}\$|(,|^)\\s*" . preg_quote($discuz_user, '/') . "\\s*(,|\$))/i", $member['ignorepm'])) {
wapmsg('pm_send_ignore');
}
if (empty($subject) || empty($message)) {
wapmsg('pm_sm_isnull');
}
$subject = wapconvert($subject);
$message = wapconvert($message);
$subject = dhtmlspecialchars(cutstr(trim($subject), 75));
$db->query("INSERT INTO {$tablepre}pms (msgfrom, msgfromid, msgtoid, folder, new, subject, dateline, message)\r\n\t\t\t\tVALUES('{$discuz_user}', '{$discuz_uid}', '{$member['msgtoid']}', 'inbox', '1', '{$subject}', '{$timestamp}', '{$message}')");
$db->query("UPDATE {$tablepre}members SET newpm='1' WHERE uid='{$member['msgtoid']}'", 'UNBUFFERED');
if ($floodctrl) {
$db->query("UPDATE {$tablepre}members SET lastpost='{$timestamp}' WHERE uid='{$discuz_uid}'");
}
wapmsg('pm_send_succeed', array('title' => 'pm_home', 'link' => "index.php?action=pm"));
}
} elseif ($do == 'delete') {
if (!empty($pmid)) {
$db->query("DELETE FROM {$tablepre}pms WHERE pmid='{$pmid}' AND msgtoid='{$discuz_uid}' AND folder='inbox'");
wapmsg('pm_delete_succeed');
} else {
if (empty($confirm)) {
echo "<p><a href=\"index.php?action=pm&do=delete&confirm=yes\">{$lang['pm_delete_confirm']}</a>";
} else {
$db->query("DELETE FROM {$tablepre}pms WHERE new='0' AND msgtoid='{$discuz_uid}' AND folder='inbox'");
wapmsg('pm_delete_succeed');
}
}
}
echo "<br /><br /><a href=\"index.php?action=pm\">{$lang['pm_home']}</a></p>\n";
}
while ($index = $db->fetch_array($query)) {
if ($index['indexvalid'] && $index['dateline'] > $searchindex['dateline']) {
$searchindex = array('id' => $index['searchid'], 'dateline' => $index['dateline']);
break;
} elseif ($index['flood']) {
wapmsg('search_ctrl');
}
}
if ($searchindex['id']) {
$searchid = $searchindex['id'];
} else {
if (empty($srchfid)) {
$srchfid = 'all';
}
if (!$srchtxt && !empty($srchuid) && !$srchuname && !$srchfrom) {
wapmsg('search_invalid');
}
if (!empty($srchfrom) && empty($srchtxt) && empty($srchuid) && empty($srchuname)) {
$searchfrom = !empty($before) ? '<=' : '>=';
$searchfrom .= $timestamp - $srchfrom;
$sqlsrch = "FROM {$tablepre}threads t WHERE t.displayorder>='0' AND t.lastpost{$searchfrom}";
$expiration = $timestamp + $cachelife_time;
$keywords = '';
} else {
if (!empty($mytopics) && $srchuid) {
$srchfrom = 2592000;
$srchuname = $srchtxt = $before = '';
}
$sqlsrch = "FROM {$tablepre}threads t WHERE t.displayorder>='0'";
if ($srchuname) {
$srchuid = $comma = '';
echo "<br />[".(!$post['anonymous'] ? $post['author'].' ' : $lang['anonymous'].' ').gmdate("$wapdateformat $timeformat", $post['dateline'] + $timeoffset * 3600)."]<br />";
}
echo wapmulti($thread['replies'], $wapppp, $page, "index.php?action=thread&tid=$thread[tid]");
}
} elseif($do == 'reply') {
$post = $db->fetch_first("SELECT * FROM {$tablepre}posts WHERE pid='$pid' AND invisible='0'");
if($post['status'] & 1) {
$post['message'] = $lang['thread_banned'];
}
$needhiddenreply = ($hiddenreplies && $discuz_uid != $post['authorid'] && $discuz_uid != $thread['authorid'] && !$post['first'] && !$forum['ismoderator']);
if($needhiddenreply) {
wapmsg('message_ishidden_hiddenreplies');
}
if($offset > 0) {
$post['message'] = '..'.substr($post['message'], $offset - 4);
}
if(strlen($threadposts) + strlen($post['message']) - $wapmps > 0) {
$length = $wapmps - strlen($threadposts);
$post['message'] = wapcutstr($post['message'], $length);
$offset += $length;
$breaked = 1;
}
$post['author'] = !$post['anonymous'] ? $post['author'] : $lang['anonymous'];
$post['message'] = wapcode($post['message']);
$Id: forum.inc.php 16688 2008-11-14 06:41:07Z cnteacher $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
$discuz_action = 192;
$page = max(1, intval($page));
$start_limit = $number = ($page - 1) * $waptpp;
if (!empty($fid)) {
require_once DISCUZ_ROOT . './include/forum.func.php';
if (empty($forum)) {
wapmsg('forum_nonexistence');
}
if ($forum['viewperm'] && !forumperm($forum['viewperm']) && !$forum['allowview'] || $forum['redirect'] || $forum['password']) {
wapmsg('forum_nopermission');
}
echo "<p>" . strip_tags($forum['name']) . "<br />" . "<a href=\"index.php?action=post&do=newthread&fid={$forum['fid']}\">{$lang['post_new']}</a> " . "<a href=\"index.php?action=forum&do=digest&fid={$forum['fid']}\">{$lang['digest']}</a><br /><br />" . "{$lang['forum_list']} <a href=\"index.php?action=forum&fid={$forum['fid']}\">{$lang['reload']}</a><br />";
$do = !empty($do) ? 'digest' : '';
$filteradd = $do == 'digest' ? 'AND digest>\'0\'' : '';
$threadcount = $sdb->result_first("SELECT COUNT(*) FROM {$tablepre}threads WHERE fid='{$fid}' {$filteradd} AND displayorder>='0'");
$thread['prefix'] = '';
$query = $sdb->query("SELECT * FROM {$tablepre}threads\r\n\t\tWHERE fid='{$fid}' {$filteradd} AND displayorder>='0'\r\n\t\tORDER BY displayorder DESC, lastpost DESC LIMIT {$start_limit}, {$waptpp}");
while ($thread = $sdb->fetch_array($query)) {
$thread['prefix'] .= $thread['displayorder'] > 0 ? $lang['forum_thread_sticky'] : '';
$thread['prefix'] .= $thread['digest'] ? $lang['forum_thread_digest'] : '';
echo "<a href=\"index.php?action=thread&tid={$thread['tid']}\">#" . ++$number . " " . cutstr($thread['subject'], 30) . "</a>{$thread['prefix']}<br />\n" . "<small>[{$thread['author']} {$lang['replies']}{$thread['replies']} {$lang['views']}{$thread['views']}]</small><br />\n";
}
echo wapmulti($threadcount, $waptpp, $page, "index.php?action=forum&fid={$forum['fid']}&sid={$sid}");
if ($do != 'digest') {
$subforums = '';
function formulaperm($formula, $type = 0, $wap = FALSE)
{
global $db, $tablepre, $_DSESSION, $extcredits, $formulamessage, $usermsg, $forum, $language, $medalstatus, $discuz_uid, $timestamp;
$formula = unserialize($formula);
$medalperm = $formula['medal'];
$permusers = $formula['users'];
$permmessage = $formula['message'];
if (!$type && $medalstatus && $medalperm) {
$exists = 1;
$formulamessage = '';
$medalpermc = $medalperm;
if ($discuz_uid) {
$medals = explode("\t", $db->result_first("SELECT medals FROM {$tablepre}memberfields WHERE uid='{$discuz_uid}'"));
foreach ($medalperm as $k => $medal) {
foreach ($medals as $r) {
list($medalid) = explode("|", $r);
if ($medalid == $medal) {
$exists = 0;
unset($medalpermc[$k]);
}
}
}
} else {
$exists = 0;
}
if ($medalpermc) {
if (!$wap) {
@(include DISCUZ_ROOT . './forumdata/cache/cache_medals.php');
foreach ($medalpermc as $medal) {
if ($_DCACHE['medals'][$medal]) {
$formulamessage .= '<img src="images/common/' . $_DCACHE['medals'][$medal]['image'] . '" />' . $_DCACHE['medals'][$medal]['name'] . ' ';
}
}
showmessage('forum_permforum_nomedal', NULL, 'NOPERM');
} else {
wapmsg('forum_nopermission');
}
}
}
$formula = $formula[1];
if (!$type && ($_DSESSION['adminid'] == 1 || $forum['ismoderator'])) {
return FALSE;
}
if (!$type && $permusers) {
$permusers = str_replace(array("\r\n", "\r"), array("\n", "\n"), $permusers);
$permusers = explode("\n", trim($permusers));
if (!in_array($GLOBALS['discuz_user'], $permusers)) {
showmessage('forum_permforum_disallow', NULL, 'NOPERM');
}
}
if (!$formula) {
return FALSE;
}
if (strexists($formula, '$memberformula[')) {
preg_match_all("/\\\$memberformula\\['(\\w+?)'\\]/", $formula, $a);
$fields = $profilefields = array();
$mfadd = '';
foreach ($a[1] as $field) {
switch ($field) {
case 'regdate':
$formula = preg_replace("/\\{(\\d{4})\\-(\\d{1,2})\\-(\\d{1,2})\\}/e", "'\\1-'.sprintf('%02d', '\\2').'-'.sprintf('%02d', '\\3')", $formula);
case 'regday':
$fields[] = 'm.regdate';
break;
case 'regip':
case 'lastip':
$formula = preg_replace("/\\{([\\d\\.]+?)\\}/", "'\\1'", $formula);
$fields[] = 'm.' . $field;
break;
case substr($field, 0, 6) == 'field_':
$profilefields[] = $field;
case 'buyercredit':
case 'sellercredit':
$mfadd = "LEFT JOIN {$tablepre}memberfields mf ON m.uid=mf.uid";
$fields[] = 'mf.' . $field;
break;
}
}
$memberformula = array();
if ($discuz_uid) {
$memberformula = $db->fetch_first("SELECT " . implode(',', $fields) . " FROM {$tablepre}members m {$mfadd} WHERE m.uid='{$discuz_uid}'");
if (in_array('regday', $a[1])) {
$memberformula['regday'] = intval(($timestamp - $memberformula['regdate']) / 86400);
}
if (in_array('regdate', $a[1])) {
$memberformula['regdate'] = date('Y-m-d', $memberformula['regdate']);
}
$memberformula['lastip'] = $memberformula['lastip'] ? $memberformula['lastip'] : $GLOBALS['onlineip'];
} else {
if (isset($memberformula['regip'])) {
$memberformula['regip'] = $GLOBALS['onlineip'];
}
if (isset($memberformula['lastip'])) {
$memberformula['lastip'] = $GLOBALS['onlineip'];
}
}
}
@eval("\$formulaperm = ({$formula}) ? TRUE : FALSE;");
if (!$formulaperm || $type == 2) {
if (!$permmessage) {
include_once language('misc');
$search = array('$memberformula[\'regdate\']', '$memberformula[\'regday\']', '$memberformula[\'regip\']', '$memberformula[\'lastip\']', '$memberformula[\'buyercredit\']', '$memberformula[\'sellercredit\']', '$_DSESSION[\'digestposts\']', '$_DSESSION[\'posts\']', '$_DSESSION[\'threads\']', '$_DSESSION[\'oltime\']', '$_DSESSION[\'pageviews\']');
$replace = array($language['formulaperm_regdate'], $language['formulaperm_regday'], $language['formulaperm_regip'], $language['formulaperm_lastip'], $language['formulaperm_buyercredit'], $language['formulaperm_sellercredit'], $language['formulaperm_digestposts'], $language['formulaperm_posts'], $language['formulaperm_threads'], $language['formulaperm_oltime'], $language['formulaperm_pageviews']);
for ($i = 1; $i <= 8; $i++) {
$search[] = '$_DSESSION[\'extcredits' . $i . '\']';
$replace[] = $extcredits[$i]['title'] ? $extcredits[$i]['title'] : $language['formulaperm_extcredits'] . $i;
}
if ($profilefields) {
@(include DISCUZ_ROOT . './forumdata/cache/cache_profilefields.php');
foreach ($profilefields as $profilefield) {
$search[] = '$memberformula[\'' . $profilefield . '\']';
$replace[] = !empty($_DCACHE['fields_optional'][$profilefield]) ? $_DCACHE['fields_optional'][$profilefield]['title'] : $_DCACHE['fields_required'][$profilefield]['title'];
}
}
$i = 0;
$usermsg = '';
foreach ($search as $s) {
if (!in_array($s, array('$memberformula[\'regdate\']', '$memberformula[\'regip\']', '$memberformula[\'lastip\']'))) {
$usermsg .= strexists($formula, $s) ? '<br /> ' . $replace[$i] . ': ' . @eval('return intval(' . $s . ');') : '';
} elseif ($s == '$memberformula[\'regdate\']') {
$usermsg .= strexists($formula, $s) ? '<br /> ' . $replace[$i] . ': ' . @eval('return ' . $s . ';') : '';
}
$i++;
}
$search = array_merge($search, array('and', 'or', '>=', '<=', '=='));
$replace = array_merge($replace, array(' <b>' . $language['formulaperm_and'] . '</b> ', ' <b>' . $language['formulaperm_or'] . '</b> ', '≥', '≤', '='));
$formulamessage = str_replace($search, $replace, $formula);
} else {
$formulamessage = nl2br(htmlspecialchars($permmessage));
}
if ($type == 1 || $type == 2) {
return $formulamessage;
} elseif (!$wap) {
if (!$permmessage) {
showmessage('forum_permforum_nopermission', NULL, 'NOPERM');
} else {
showmessage('forum_permforum_nopermission_custommsg', NULL, 'NOPERM');
}
} else {
wapmsg('forum_nopermission');
}
}
return TRUE;
}
function formulaperm($formula, $type = 0, $wap = FALSE)
{
global $_G;
$formula = unserialize($formula);
$medalperm = $formula['medal'];
$permusers = $formula['users'];
$permmessage = $formula['message'];
if (!$type && $_G['setting']['medalstatus'] && $medalperm) {
$exists = 1;
$_G['forum_formulamessage'] = '';
$medalpermc = $medalperm;
if ($_G['uid']) {
$medals = explode("\t", DB::result_first("SELECT medals FROM " . DB::table('common_member_field_forum') . " WHERE uid='{$_G['uid']}'"));
foreach ($medalperm as $k => $medal) {
foreach ($medals as $r) {
list($medalid) = explode("|", $r);
if ($medalid == $medal) {
$exists = 0;
unset($medalpermc[$k]);
}
}
}
} else {
$exists = 0;
}
if ($medalpermc) {
if (!$wap) {
loadcache('medals');
foreach ($medalpermc as $medal) {
if ($_G['cache']['medals'][$medal]) {
$_G['forum_formulamessage'] .= '<img src="' . STATICURL . 'image/common/' . $_G['cache']['medals'][$medal]['image'] . '" />' . $_G['cache']['medals'][$medal]['name'] . ' ';
}
}
showmessage('forum_permforum_nomedal', NULL, array('forum_permforum_nomedal' => $_G['forum_formulamessage']), array('login' => 1));
} else {
wapmsg('forum_nopermission');
}
}
}
if ($type) {
$formula = $formula['medal'];
}
$formulatext = $formula[0];
$formula = $formula[1];
if (!$type && ($_G['adminid'] == 1 || $_G['forum']['ismoderator'])) {
return FALSE;
}
if (!$type && $permusers) {
$permusers = str_replace(array("\r\n", "\r"), array("\n", "\n"), $permusers);
$permusers = explode("\n", trim($permusers));
if (!in_array($_G['member']['username'], $permusers)) {
showmessage('forum_permforum_disallow', NULL, array(), array('login' => 1));
}
}
if (!$formula) {
return FALSE;
}
if (strexists($formula, '$memberformula[')) {
preg_match_all("/\\\$memberformula\\['(\\w+?)'\\]/", $formula, $a);
$fields = $profilefields = array();
$mfadd = array();
foreach ($a[1] as $field) {
switch ($field) {
case 'regdate':
$formula = preg_replace("/\\{(\\d{4})\\-(\\d{1,2})\\-(\\d{1,2})\\}/e", "'\\1-'.sprintf('%02d', '\\2').'-'.sprintf('%02d', '\\3')", $formula);
case 'regday':
$fields[] = 'm.regdate';
break;
case 'regip':
case 'lastip':
$formula = preg_replace("/\\{([\\d\\.]+?)\\}/", "'\\1'", $formula);
$formula = preg_replace('/(\\$memberformula\\[\'(regip|lastip)\'\\])\\s*=+\\s*\'([\\d\\.]+?)\'/', "strpos(\\1, '\\3')===0", $formula);
case 'buyercredit':
case 'sellercredit':
$mfadd['ms'] = " LEFT JOIN " . DB::table('common_member_status') . " ms ON m.uid=ms.uid";
$fields[] = 'ms.' . $field;
break;
case substr($field, 0, 5) == 'field':
$mfadd['mp'] = " LEFT JOIN " . DB::table('common_member_profile') . " mp ON m.uid=mp.uid";
$fields[] = 'mp.field' . intval(substr($field, 5));
$profilefields[] = $field;
break;
}
}
$memberformula = array();
if ($_G['uid']) {
$memberformula = DB::fetch_first("SELECT " . implode(',', $fields) . " FROM " . DB::table('common_member') . " m " . implode('', $mfadd) . " WHERE m.uid='{$_G['uid']}'");
if (in_array('regday', $a[1])) {
$memberformula['regday'] = intval((TIMESTAMP - $memberformula['regdate']) / 86400);
}
if (in_array('regdate', $a[1])) {
$memberformula['regdate'] = date('Y-m-d', $memberformula['regdate']);
}
$memberformula['lastip'] = $memberformula['lastip'] ? $memberformula['lastip'] : $_G['clientip'];
} else {
if (isset($memberformula['regip'])) {
$memberformula['regip'] = $_G['clientip'];
}
if (isset($memberformula['lastip'])) {
$memberformula['lastip'] = $_G['clientip'];
}
}
}
//print_r($formula);echo $memberformula['regip'];
@eval("\$formulaperm = ({$formula}) ? TRUE : FALSE;");
if (!$formulaperm || $type == 2) {
if (!$permmessage) {
$language = lang('forum/misc');
$search = array('regdate', 'regday', 'regip', 'lastip', 'buyercredit', 'sellercredit', 'digestposts', 'posts', 'threads');
$replace = array($language['formulaperm_regdate'], $language['formulaperm_regday'], $language['formulaperm_regip'], $language['formulaperm_lastip'], $language['formulaperm_buyercredit'], $language['formulaperm_sellercredit'], $language['formulaperm_digestposts'], $language['formulaperm_posts'], $language['formulaperm_threads']);
for ($i = 1; $i <= 8; $i++) {
$search[] = 'extcredits' . $i;
$replace[] = $_G['setting']['extcredits'][$i]['title'] ? $_G['setting']['extcredits'][$i]['title'] : $language['formulaperm_extcredits'] . $i;
}
if ($profilefields) {
loadcache(array('fields_required', 'fields_optional'));
foreach ($profilefields as $profilefield) {
$search[] = $profilefield;
$replace[] = !empty($_G['cache']['fields_optional']['field_' . $profilefield]) ? $_G['cache']['fields_optional']['field_' . $profilefield]['title'] : $_G['cache']['fields_required']['field_' . $profilefield]['title'];
}
}
$i = 0;
$_G['forum_usermsg'] = '';
foreach ($search as $s) {
if (in_array($s, array('digestposts', 'posts', 'threads', 'extcredits1', 'extcredits2', 'extcredits3', 'extcredits4', 'extcredits5', 'extcredits6', 'extcredits7', 'extcredits8'))) {
$_G['forum_usermsg'] .= strexists($formulatext, $s) ? '<br /> ' . $replace[$i] . ': ' . @eval('return intval(getuserprofile(\'' . $s . '\'));') : '';
} elseif (in_array($s, array('regdate', 'regip'))) {
$_G['forum_usermsg'] .= strexists($formulatext, $s) ? '<br /> ' . $replace[$i] . ': ' . @eval('return $memberformula[\'' . $s . '\'];') : '';
}
$i++;
}
$search = array_merge($search, array('and', 'or', '>=', '<=', '=='));
$replace = array_merge($replace, array(' <b>' . $language['formulaperm_and'] . '</b> ', ' <b>' . $language['formulaperm_or'] . '</b> ', '≥', '≤', '='));
$_G['forum_formulamessage'] = str_replace($search, $replace, $formulatext);
} else {
$_G['forum_formulamessage'] = $permmessage;
}
if ($type == 1 || $type == 2) {
return $_G['forum_formulamessage'];
} elseif (!$wap) {
if (!$permmessage) {
showmessage('forum_permforum_nopermission', NULL, array('formulamessage' => $_G['forum_formulamessage'], 'usermsg' => $_G['forum_usermsg']), array('login' => 1));
} else {
showmessage('forum_permforum_nopermission_custommsg', NULL, array('formulamessage' => $_G['forum_formulamessage']), array('login' => 1));
}
} else {
wapmsg('forum_nopermission');
}
}
return TRUE;
}
$db->query("INSERT INTO {$tablepre}regips (ip, count, dateline)\r\n\t\t\t\tVALUES ('{$onlineip}', '1', '{$timestamp}')");
}
}
$password = md5($password);
$idstring = random(6);
$authstr = $regverify == 1 ? "{$timestamp}\t2\t{$idstring}" : '';
$db->query("INSERT INTO {$tablepre}members (username, password, secques, gender, adminid, groupid, regip, regdate, lastvisit, lastactivity, posts, credits, extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, email, bday, sigstatus, tpp, ppp)\r\n\t\tVALUES ('{$username}', '{$password}', '', '', '0', '{$groupinfo['groupid']}', '{$onlineip}', '{$timestamp}', '{$timestamp}', '{$timestamp}', '0', {$initcredits}, '{$email}', '', '', '20', '20')");
$uid = $db->insert_id();
$db->query("REPLACE INTO {$tablepre}memberfields (uid, authstr) VALUES ('{$uid}', '{$authstr}')");
if ($regverify == 2) {
$db->query("REPLACE INTO {$tablepre}validating (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\tVALUES ('{$uid}', '{$timestamp}', '0', '', '1', '0', '{$regmessage}', '')");
}
$discuz_uid = $uid;
$discuz_user = $username;
$discuz_userss = stripslashes($discuz_user);
$discuz_pw = $password;
$groupid = $groupinfo['groupid'];
$styleid = $styleid ? $styleid : $_DCACHE['settings']['styleid'];
switch ($regverify) {
case 1:
sendmail("{$discuz_userss} <{$email}>", 'email_verify_subject', 'email_verify_message');
wapmsg('profile_email_verify');
break;
case 2:
wapmsg('register_manual_verify', array('title' => 'memcp', 'link' => 'memcp.php'));
break;
default:
wapmsg('register_succeed', array('title' => 'home_page', 'link' => 'index.php'));
break;
}
}
