/** * 检查用户名中是否包含敏感词或用户信息保留字 * * @param string * @return boolean */ public function check_username_sensitive_words($user_name) { if (H::sensitive_word_exists($user_name)) { return true; } if (!get_setting('censoruser')) { return false; } if ($censorusers = explode("\n", get_setting('censoruser'))) { foreach ($censorusers as $name) { if (!($name = trim($name))) { continue; } if (preg_match('/(' . $name . ')/is', $user_name)) { return true; } } } return false; }
public function save_comment_action() { if (!($article_info = $this->model('article')->get_article_info_by_id($_POST['article_id']))) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('指定文章不存在'))); } if ($article_info['lock'] and !($this->user_info['permission']['is_administortar'] or $this->user_info['permission']['is_moderator'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('已经锁定的文章不能回复'))); } $message = trim($_POST['message'], "\r\n\t"); if (!$message) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请输入回复内容'))); } if (strlen($message) < get_setting('answer_length_lower')) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('回复内容字数不得少于 %s 字节', get_setting('answer_length_lower')))); } if (!$this->user_info['permission']['publish_url'] and FORMAT::outside_url_exists($message)) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你所在的用户组不允许发布站外链接'))); } if (human_valid('answer_valid_hour') and !AWS_APP::captcha()->is_validate($_POST['seccode_verify'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请填写正确的验证码'))); } // !注: 来路检测后面不能再放报错提示 if (!valid_post_hash($_POST['post_hash'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('页面停留时间过长,或内容已提交,请刷新页面'))); } if ($this->publish_approval_valid() or H::sensitive_word_exists($message)) { $this->model('publish')->publish_approval('article_comment', array('article_id' => intval($_POST['article_id']), 'message' => $message, 'at_uid' => intval($_POST['at_uid'])), $this->user_id); H::ajax_json_output(AWS_APP::RSM(array('url' => get_js_url('/publish/wait_approval/article_id-' . intval($_POST['article_id']) . '__is_mobile-' . $_POST['_is_mobile'])), 1, null)); } else { $comment_id = $this->model('publish')->publish_article_comment($_POST['article_id'], $message, $this->user_id, $_POST['at_uid']); //$url = get_js_url('/article/' . intval($_POST['article_id']) . '?item_id=' . $comment_id); $comment_info = $this->model('article')->get_comment_by_id($comment_id); $comment_info['message'] = $this->model('question')->parse_at_user($comment_info['message']); TPL::assign('comment_info', $comment_info); if (is_mobile()) { H::ajax_json_output(AWS_APP::RSM(array('ajax_html' => TPL::output('m/ajax/article_answer', false)), 1, null)); } else { H::ajax_json_output(AWS_APP::RSM(array('ajax_html' => TPL::output('article/ajax/comment', false)), 1, null)); } } }
public function publish_article_action() { if (!$this->user_info['permission']['publish_article']) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你没有权限发布文章'))); } if (!$_POST['title']) { H::ajax_json_output(AWS_APP::RSM(null, -1, AWS_APP::lang()->_t('请输入文章标题'))); } if (get_setting('category_enable') == 'N') { $_POST['category_id'] = 1; } if (!$_POST['category_id']) { H::ajax_json_output(AWS_APP::RSM(null, -1, AWS_APP::lang()->_t('请选择文章分类'))); } if (get_setting('question_title_limit') > 0 and cjk_strlen($_POST['title']) > get_setting('question_title_limit')) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('文章标题字数不得大于 %s 字节', get_setting('question_title_limit')))); } if (!$this->user_info['permission']['publish_url'] and FORMAT::outside_url_exists($_POST['message'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你所在的用户组不允许发布站外链接'))); } if (!$this->model('publish')->insert_attach_is_self_upload($_POST['message'], $_POST['attach_ids'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('只允许插入当前页面上传的附件'))); } if (human_valid('question_valid_hour') and !AWS_APP::captcha()->is_validate($_POST['seccode_verify'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请填写正确的验证码'))); } if ($_POST['topics']) { foreach ($_POST['topics'] as $key => $topic_title) { $topic_title = trim($topic_title); if (!$topic_title) { unset($_POST['topics'][$key]); } else { $_POST['topics'][$key] = $topic_title; } } if (get_setting('question_topics_limit') and sizeof($_POST['topics']) > get_setting('question_topics_limit')) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('单个文章话题数量最多为 %s 个, 请调整话题数量', get_setting('question_topics_limit')))); } } if (get_setting('new_question_force_add_topic') == 'Y' and !$_POST['topics']) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请为文章添加话题'))); } // !注: 来路检测后面不能再放报错提示 if (!valid_post_hash($_POST['post_hash'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('页面停留时间过长,或内容已提交,请刷新页面'))); } $this->model('draft')->delete_draft(1, 'article', $this->user_id); if ($this->publish_approval_valid() or H::sensitive_word_exists(array($_POST['title'], $_POST['message']))) { $this->model('publish')->publish_approval('article', array('title' => $_POST['title'], 'message' => $_POST['message'], 'category_id' => $_POST['category_id'], 'topics' => $_POST['topics'], 'permission_create_topic' => $this->user_info['permission']['create_topic']), $this->user_id, $_POST['attach_access_key']); H::ajax_json_output(AWS_APP::RSM(array('url' => get_js_url('/publish/wait_approval/')), 1, null)); } else { $article_id = $this->model('publish')->publish_article($_POST['title'], $_POST['message'], $this->user_id, $_POST['topics'], $_POST['category_id'], $_POST['attach_access_key'], $this->user_info['permission']['create_topic']); if ($_POST['_is_mobile']) { $url = get_js_url('/m/article/' . $article_id); } else { $url = get_js_url('/article/' . $article_id); } H::ajax_json_output(AWS_APP::RSM(array('url' => $url), 1, null)); } }
public function save_answer_action() { // if ($this->user_info['integral'] < 0 and get_setting('integral_system_enabled') == 'Y') // { // H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你的剩余积分已经不足以进行此操作'))); // } if (!($question_info = $this->model('question')->get_question_info_by_id($_POST['question_id']))) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('问题不存在'))); } if ($question_info['lock'] and !($this->user_info['permission']['is_administortar'] or $this->user_info['permission']['is_moderator'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('已经锁定的问题不能回复'))); } $answer_content = trim($_POST['answer_content'], "\r\n\t"); if (!$answer_content) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请输入回复内容'))); } // // 判断是否是问题发起者 // if (get_setting('answer_self_question') == 'N' and $question_info['published_uid'] == $this->user_id) // { // H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('不能回复自己发布的问题,你可以修改问题内容'))); // } // // 判断是否已回复过问题 // if ((get_setting('answer_unique') == 'Y') AND $this->model('answer')->has_answer_by_uid($question_info['question_id'], $this->user_id)) // { // H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('一个问题只能回复一次,你可以编辑回复过的回复'))); // } if (strlen($answer_content) < get_setting('answer_length_lower')) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('回复内容字数不得少于 %s 字节', get_setting('answer_length_lower')))); } if (!$this->user_info['permission']['publish_url'] and FORMAT::outside_url_exists($answer_content)) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你所在的用户组不允许发布站外链接'))); } if (!$this->model('publish')->insert_attach_is_self_upload($answer_content, $_POST['attach_ids'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('只允许插入当前页面上传的附件'))); } if (human_valid('answer_valid_hour') and !AWS_APP::captcha()->is_validate($_POST['seccode_verify'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请填写正确的验证码'))); } // !注: 来路检测后面不能再放报错提示 if (!valid_post_hash($_POST['post_hash'])) { H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('页面停留时间过长,或内容已提交,请刷新页面'))); } $this->model('draft')->delete_draft($question_info['question_id'], 'answer', $this->user_id); if ($this->publish_approval_valid() or H::sensitive_word_exists($answer_content)) { $this->model('publish')->publish_approval('answer', array('question_id' => $question_info['question_id'], 'answer_content' => $answer_content, 'anonymous' => $_POST['anonymous'], 'attach_access_key' => $_POST['attach_access_key'], 'auto_focus' => $_POST['auto_focus']), $this->user_id, $_POST['attach_access_key']); H::ajax_json_output(AWS_APP::RSM(array('url' => get_js_url('/publish/wait_approval/question_id-' . $question_info['question_id'])), 1, null)); } else { $answer_id = $this->model('publish')->publish_answer($question_info['question_id'], $answer_content, $this->user_id, $_POST['anonymous'], $_POST['attach_access_key'], $_POST['auto_focus']); $answer_info = $this->model('answer')->get_answer_by_id($answer_id); if ($answer_info['has_attach']) { $answer_info['attachs'] = $this->model('publish')->get_attach('answer', $answer_id, 'min'); $answer_info['insert_attach_ids'] = FORMAT::parse_attachs($answer_info['answer_content'], true); } $answer_info['user_info'] = $this->user_info; $answer_info['answer_content'] = $this->model('question')->parse_at_user(FORMAT::parse_attachs(nl2br(FORMAT::parse_bbcode($answer_info['answer_content'])))); TPL::assign('answer_info', $answer_info); H::ajax_json_output(AWS_APP::RSM(array('ajax_html' => TPL::output('question/ajax/answer', false)), 1, null)); } }
public function publish_approval_valid($content = null) { if ($this->user_info['permission']['is_administortar'] or $this->user_info['permission']['is_moderator']) { return false; } if ($default_timezone = get_setting('default_timezone')) { date_default_timezone_set($default_timezone); } if ($this->user_info['permission']['publish_approval'] == 1) { if (!$this->user_info['permission']['publish_approval_time']['start'] and !$this->user_info['permission']['publish_approval_time']['end']) { if ($this->user_info['default_timezone']) { date_default_timezone_set($this->user_info['default_timezone']); } return true; } if ($this->user_info['permission']['publish_approval_time']['start'] < $this->user_info['permission']['publish_approval_time']['end']) { if (intval(date('H')) >= $this->user_info['permission']['publish_approval_time']['start'] and intval(date('H')) < $this->user_info['permission']['publish_approval_time']['end']) { if ($this->user_info['default_timezone']) { date_default_timezone_set($this->user_info['default_timezone']); } return true; } } if ($this->user_info['permission']['publish_approval_time']['start'] > $this->user_info['permission']['publish_approval_time']['end']) { if (intval(date('H')) >= $this->user_info['permission']['publish_approval_time']['start'] or intval(date('H')) < $this->user_info['permission']['publish_approval_time']['end']) { if ($this->user_info['default_timezone']) { date_default_timezone_set($this->user_info['default_timezone']); } return true; } } if ($this->user_info['permission']['publish_approval_time']['start'] == $this->user_info['permission']['publish_approval_time']['end']) { if (intval(date('H')) == $this->user_info['permission']['publish_approval_time']['start']) { if ($this->user_info['default_timezone']) { date_default_timezone_set($this->user_info['default_timezone']); } return true; } } } if ($this->user_info['default_timezone']) { date_default_timezone_set($this->user_info['default_timezone']); } if ($content and H::sensitive_word_exists($content)) { return true; } return false; }