function checkCssPath($dir, $imgdir) { $dir = Pcv($dir); !$dir && ($dir = 'default'); $imgdir = Pcv($imgdir); return is_dir(R_P . 'mode/area/themes/' . $dir . '/images/' . $imgdir); }
function load($model) { if (empty($this->models[$model])) { require_once Pcv(UC_CLIENT_ROOT . "model/{$model}.php"); print '$this->models[$model] = new ' . $model . 'model($this);'; } return $this->models[$model]; }
function getThemeConfigFile($theme) { $filedir = Pcv($this->config['dir'] . '/' . $theme . '/' . $this->config['configfile']); if (file_exists($filedir)) { return $filedir; } return false; }
function getLayoutString($layout) { if (!isset($this->layoutStrings[$layout])) { if ($layout && file_exists(Pcv(A_P . 'data/layout/' . $layout . '/layout.htm'))) { $this->layoutStrings[$layout] = readover(Pcv(A_P . 'data/layout/' . $layout . '/layout.htm')); } else { $this->layoutStrings[$layout] = ''; } } return $this->layoutStrings[$layout]; }
function FileArray($hackdir, $base = 'hack') { if (!in_array($base, array('hack', 'mode'))) { $base = 'hack'; } if (function_exists('file_get_contents')) { $filedata = @file_get_contents(Pcv(R_P . "{$base}/{$hackdir}/sql.txt")); } else { $filedata = readover(R_P . "{$base}/{$hackdir}/sql.txt"); } $filedata = trim(str_replace(array("\t", "\r", "\n\n", ';'), array('', '', '', ";\n"), $filedata)); $sqlarray = $filedata ? explode("\n", $filedata) : array(); return $sqlarray; }
function update_index_forum($config) { global $m; @(include_once D_P . 'data/bbscache/mode_' . $m . '_index_forum.php'); foreach ($index_forum as $key => $value) { $config_fids = array_keys($config); if (!in_array($key, $config_fids)) { unset($index_forum[$key]); continue; } foreach ($value as $k => $v) { if (!in_array($k, $config[$key])) { unset($index_forum[$key][$k]); } } } writeover(Pcv(D_P . 'data/bbscache/mode_' . $m . '_index_forum.php'), "<?php\r\n\$index_forum=" . pw_var_export($index_forum) . ";\r\n?>"); }
$aid = $attach['aid']; $tid = $attach['tid']; $pid = $attach['pid']; $fid = $db->get_value('SELECT fid FROM pw_threads WHERE tid=' . pwEscape($tid, false)); $fid || wap_msg('data_error', $basename); if (!$windid && GetCookie('winduser') && $ol_offset) { $userdb = explode("\t", getuserdb(D_P . "data/bbscache/online.php", $ol_offset)); if ($userdb && $userdb[2] == $onlineip) { $winddb = $db->get_one("SELECT m.uid,m.username,m.groupid,m.memberid,m.groups,md.money,md.rvrc FROM pw_members m LEFT JOIN pw_memberdata md USING(uid) WHERE m.uid=" . pwEscape($userdb['8'])); $winduid = $winddb['uid']; $groupid = $winddb['groupid']; $groupid == '-1' && ($groupid = $winddb['memberid']); $userrvrc = round($winddb['rvrc'] / 10, 1); $windid = $winddb['username']; if (file_exists(D_P . "data/groupdb/group_{$groupid}.php")) { require_once Pcv(D_P . "data/groupdb/group_{$groupid}.php"); } else { require_once D_P . "data/groupdb/group_1.php"; } } define('FX', 1); } if (!($foruminfo = L::forum($fid))) { $foruminfo = $db->get_one("SELECT f.*,fe.creditset,fe.forumset,fe.commend FROM pw_forums f LEFT JOIN pw_forumsextra fe ON f.fid=fe.fid WHERE f.fid=" . pwEscape($fid)); if ($foruminfo) { $foruminfo['creditset'] = unserialize($foruminfo['creditset']); $foruminfo['forumset'] = unserialize($foruminfo['forumset']); $foruminfo['commend'] = unserialize($foruminfo['commend']); } } !$foruminfo && wap_msg('data_error', $basename);
function getTidsCache($type, $start, $per) { global $timestamp, $_filename; if (is_file($_filename) && $type != 'hot') { include Pcv($_filename); $tids = $tidsCache[$type]['tids']; $uptime = $tidsCache[$type]['uptime']; } $overtime = $timestamp - 60 * 2; //3分钟更新一次 if (!$tids || !$uptime || $uptime <= $overtime) { $tids = setTidsCache($type); } $tids = explode(',', trim($tids, ',')); $tids = array_splice($tids, $start, $per); return $tids; }
if ($rt['ifuser']) { $userinbbs = $rt['count']; } else { $guestinbbs = $rt['count']; } } } if ($db_indexonline) { InitGP(array('online')); empty($online) && ($online = GetCookie('online')); if ($online == 'yes') { if ($guestinbbs + $userinbbs > 2000 && !CkInArray($windid, $manager)) { $online = 'no'; } else { $db_online = intval($db_online); include_once Pcv(R_P . "require/online_{$db_online}.php"); } } Cookie('online', $online); } $usertotal = $guestinbbs + $userinbbs; $showgroup = $db_showgroup ? explode(',', $db_showgroup) : array(); // Share union if ($db_indexmqshare && $sharelink[1]) { $sharelink[1] = "<marquee scrolldelay=\"100\" scrollamount=\"4\" onmouseout=\"if (document.all!=null){this.start()}\" onmouseover=\"if (document.all!=null){this.stop()}\" behavior=\"alternate\">{$sharelink['1']}</marquee>"; } //update pw_feed if ($winduid && PwStrtoTime(get_date($lastvisit, 'Y-m-d')) < $tdtime && $db_hostweb == 1 && !$cateid && $groupid != 'guest' && !defined('M_P')) { $_flag = $db->get_value("SELECT id FROM pw_feed WHERE uid = " . pwEscape($winduid) . " ORDER BY id DESC LIMIT 29,1"); $_flag && $db->update("DELETE FROM pw_feed WHERE uid = " . pwEscape($winduid) . " AND id < " . pwEscape($_flag)); }
function PrintWAP($template) { #require_once PrintEot('wap_'.$template,'htm'); return Pcv(W_P . 'template/' . $template . '.htm'); }
function callback($mode, $method, $params) { if (!isset($this->classdb[$mode])) { if (!file_exists(R_P . 'api/class_' . $mode . '.php')) { return new ErrorMsg(API_MODE_NOT_EXISTS, "Class({$mode}) Not Exists"); } require_once Pcv(R_P . 'api/class_' . $mode . '.php'); $this->classdb[$mode] = new $mode($this); } if (!method_exists($this->classdb[$mode], $method)) { return new ErrorMsg(API_METHOD_NOT_EXISTS, "Method({$method} of {$mode}) Not Exists"); } !is_array($params) && ($params = array()); return @call_user_func_array(array(&$this->classdb[$mode], $method), $params); }
require_once Pcv(M_P . 'admin/' . $adminjob . '.php'); } elseif ($adminjob == 'apps' && $admintype && $rightset[$admintype] == 1) { //基础性app管理 list(, $adminname) = explode('_', $admintype); if (!is_dir(R_P . "apps/{$adminname}") || !file_exists(R_P . "apps/{$adminname}/admin.php")) { adminmsg('app_admin_error'); } define('A_P', R_P . "apps/{$adminname}/"); $appdir = $adminname; $pwAppImg = "mode/{$adminname}/images"; $basename = "{$admin_file}?adminjob=apps&admintype={$admintype}"; require_once Pcv(A_P . 'admin.php'); } elseif ($adminjob == 'content' && ($rightset['tpccheck'] && $type == 'tpc' || $rightset['postcheck'] && $type == 'post' || (int) $rightset['message'] == 1 && $type == 'message')) { require_once R_P . 'admin/content.php'; } elseif (managerRight($adminjob) || adminRight($adminjob, $admintype)) { require_once Pcv(R_P . 'admin/' . $adminjob . '.php'); } else { adminmsg('undefine_action'); } function managerRight($adminjob) { return If_manager && in_array($adminjob, array('rightset', 'manager', 'ystats', 'diyoption', 'optimize', 'modepage', 'sphinx', 'app', 'ajaxhandler')); } function adminRight($adminjob, $admintype) { $temp = $admintype ? $admintype : $adminjob; return adminRightCheck($temp); } function getdirname($path = null) { if (!empty($path)) {
<?php !function_exists('readover') && exit('Forbidden'); @set_time_limit(600); @ignore_user_abort(TRUE); $query = $db->query("SELECT * FROM pw_plan WHERE ifopen='1' AND nexttime<" . pwEscape($timestamp)); while ($plan = $db->fetch_array($query)) { if (file_exists(R_P . 'require/plan/' . $plan['filename'] . '.php')) { $nexttime = nexttime($plan); require_once Pcv(R_P . 'require/plan/' . $plan['filename'] . '.php'); $db->update("UPDATE pw_plan SET" . pwSqlSingle(array('usetime' => $timestamp, 'nexttime' => $nexttime), false) . "WHERE id=" . pwEscape($plan['id'], false)); } } $db->free_result($query); unset($plan); require_once R_P . 'admin/cache.php'; updatecache_plan(); function nexttime($plan) { global $timestamp, $db_timedf; $t = gmdate('G', $timestamp + $db_timedf * 3600); $timenow = (int) (floor($timestamp / 3600) - $t) * 3600; $minute = (int) get_date($timestamp, 'i'); $hour = get_date($timestamp, 'G'); $day = get_date($timestamp, 'j'); $month = get_date($timestamp, 'n'); $year = get_date($timestamp, 'Y'); $week = get_date($timestamp, 'w'); $week == 0 && ($week = 7); if (is_numeric($plan['month'])) { $timenow += (min($plan['month'], DaysInMouth($month)) - $day) * 86400;
$pwModeImg = "{$imgpath}/apps"; list($app, $route) = app_specialRoute($q); $appdir = $app; list($basePath, $baseFile) = app_router($app); @(include_once D_P . 'data/bbscache/o_config.php'); if ($groupid != 3 && $o_share_groups && strpos($o_share_groups, ",{$groupid},") === false) { $shareGM = 1; } extract(L::style(null, 'wind')); if ($space == 1 && !in_array($q, array('group', 'galbum'))) { $pwModeCss = $imgpath . '/apps/browse-style.css'; } else { $pwModeCss = $imgpath . '/apps/app-style.css'; } list($_Navbar, $_LoginInfo) = pwNavBar(); require_once Pcv($baseFile); if ($m == "o") { $isheader && (require_once PrintEot('header')); $isleft && (include_once PrintEot('m_appleft')); $tplname && (include_once PrintEot($tplname)); $isfooter && footer(); } else { $cssForum = TRUE; unset($pwModeCss); $isheader && (require_once R_P . 'require/header.php'); $tplname && (include_once PrintEot($tplname)); $isfooter && footer(); } unset($_Navbar, $pwModeCss); function app_router($app) {
$db->update("UPDATE pw_members SET shortcut=" . pwEscape($shortcut) . " WHERE uid=" . pwEscape($winduid)); Showmsg("shortcutno"); } else { count($myshortcut) >= 6 && Showmsg('shortcut_numlimit'); require_once D_P . 'data/bbscache/forum_cache.php'; $forumkeys = array_keys($forum); !in_array($fid, $forumkeys) && Showmsg('undefined_action'); $myshortcut[] = $fid; $shortcut = ',' . implode(',', $myshortcut) . ','; $shortcut .= $shortcut . "\t" . $winddb['appshortcut']; $db->update("UPDATE pw_members SET shortcut=" . pwEscape($shortcut) . " WHERE uid=" . pwEscape($winduid)); Showmsg("shortcutok"); } } elseif ($action == 'pushto') { InitGP(array('fid', 'seltid')); @(include_once Pcv(D_P . 'data/bbscache/mode_push_config.php')); $pushs = array(); if ($groupid == '3' || $groupid == '4' || CkInArray($windid, $manager)) { $pushs = $PUSH; } elseif ($groupid == '5') { foreach ($PUSH as $key => $value) { if (in_array($value['scr'], array('thread', 'cate'))) { $pushs[] = $value; } } } if (!$pushs) { Showmsg('no_aim_to_push'); } require_once PrintEot('ajax'); ajax_footer();
$pw_cachedata = L::loadDB('cachedata'); $pw_cachedata->truncate(); adminmsg('operate_success'); } elseif ($action == 'uninstall') { InitGP('m', null, '1'); !array_key_exists($m, $db_modes) && adminmsg('mode_have_noopen'); require_once R_P . 'require/sql_deal.php'; $sqlarray = file_exists(R_P . "mode/{$m}/sql.txt") ? FileArray($m, 'mode') : array(); !empty($sqlarray) && SQLDrop($sqlarray); $fp = opendir(D_P . 'data/tplcache/'); while ($filename = readdir($fp)) { if ($filename == '..' || $filename == '.' || strpos($filename, '.htm') === false) { continue; } if (strpos($filename, $m . '_') === 0) { P_unlink(Pcv(D_P . 'data/tplcache/' . $filename)); } } $pw_cachedata = L::loadDB('cachedata'); $pw_cachedata->truncate(); closedir($fp); unset($db_modes[$m]); setConfig('db_modes', $db_modes); unset($db_modepages[$m]); setConfig('db_modepages', $db_modepages); if ($m == $db_mode) { setConfig('db_mode', ''); } $navMenu = L::loadClass('navmenu'); $navMenu->settype('main'); $navMenu->del($m);
/** * 更新风格缓冲 */ function updatecache_sy($name = '') { global $db, $db_picpath; $imgpath = '../../' . $db_picpath; $sqlwhere = "WHERE uid=0 "; if ($name) { $sqlwhere .= " AND name=" . pwEscape($name); } $query = $db->query("SELECT * FROM pw_styles {$sqlwhere}"); while (@extract($db->fetch_array($query))) { $stylecontent = "<?php\r\n\$stylepath = " . pw_var_export($stylepath) . ";\r\n\$tplpath = " . pw_var_export($tplpath) . ";\r\n\$yeyestyle = " . pw_var_export($yeyestyle) . ";\r\n\$bgcolor = " . pw_var_export($bgcolor) . ";\r\n\$linkcolor = " . pw_var_export($linkcolor) . ";\r\n\$tablecolor = " . pw_var_export($tablecolor) . ";\r\n\$tdcolor = " . pw_var_export($tdcolor) . ";\r\n\$tablewidth = " . pw_var_export($tablewidth) . ";\r\n\$mtablewidth = " . pw_var_export($mtablewidth) . ";\r\n\$headcolor\t= " . pw_var_export($headcolor) . ";\r\n\$headborder = " . pw_var_export($headborder) . ";\r\n\$headfontone = " . pw_var_export($headfontone) . ";\r\n\$headfonttwo = " . pw_var_export($headfonttwo) . ";\r\n\$cbgcolor = " . pw_var_export($cbgcolor) . ";\r\n\$cbgborder = " . pw_var_export($cbgborder) . ";\r\n\$cbgfont = " . pw_var_export($cbgfont) . ";\r\n\$forumcolorone\t= " . pw_var_export($forumcolorone) . ";\r\n\$forumcolortwo\t= " . pw_var_export($forumcolortwo) . ";\r\n\$extcss = " . pw_var_export($extcss) . ";\r\n\\?>"; $style_css = explode('<!--css-->', readover(D_P . "data/style/{$tplpath}_css.htm")); $style_css = addslashes(str_replace(array('<style type="text/css">', '</style>'), '', $style_css[1])); eval("\$style_css = \"{$style_css}\";"); //writeover(D_P."data/bbscache/$tplpath.css",$style_css); writeover(D_P . "data/bbscache/" . $tplpath . "_" . $stylepath . ".css", $style_css); writeover(D_P . "data/style/{$name}.php", str_replace("\\?>", "?>", $stylecontent)); $sqlStyles[] = $name; } if (empty($name)) { $fp = opendir(D_P . "data/style/"); while ($skinfile = readdir($fp)) { if (eregi("\\.php\$", $skinfile)) { $skinfile = str_replace(".php", "", $skinfile); $styles[] = $skinfile; } } closedir($fp); foreach ($styles as $key => $value) { if (!in_array($value, $sqlStyles)) { include Pcv(D_P . "data/style/{$value}.php"); $style_css = explode('<!--css-->', readover(D_P . "data/style/{$tplpath}_css.htm")); $style_css = addslashes(str_replace(array('<style type="text/css">', '</style>'), '', $style_css[1])); eval("\$style_css = \"{$style_css}\";"); //writeover(D_P."data/bbscache/$tplpath.css",$style_css); writeover(D_P . "data/bbscache/" . $tplpath . "_" . $stylepath . ".css", $style_css); } } } }
error_reporting(0); define('R_P', dirname(__FILE__) . '/'); define('D_P', R_P); define('P_W', 'admincp'); function_exists('date_default_timezone_set') && date_default_timezone_set('Etc/GMT+0'); require_once R_P . 'require/common.php'; //require_once(R_P.'require/defend.php'); pwInitGlobals(); require_once D_P . 'data/bbscache/config.php'; $timestamp = time(); $db_cvtime != 0 && ($timestamp += $db_cvtime * 60); $onlineip = pwGetIp(); require_once R_P . 'api/class_base.php'; require_once D_P . 'data/sql_config.php'; //include_once(D_P.'data/bbscache/o_config.php'); require_once Pcv(R_P . "require/db_{$database}.php"); $dirstrpos = strpos($pwServer['PHP_SELF'], $db_dir); if ($dirstrpos !== false) { $tmp = substr($pwServer['PHP_SELF'], 0, $dirstrpos); $pwServer['PHP_SELF'] = "{$tmp}.php"; } else { $tmp = $pwServer['PHP_SELF']; } $db_bbsurl = Char_cv("http://" . $pwServer['HTTP_HOST'] . substr($tmp, 0, strrpos($tmp, '/'))); if ($db_http != 'N') { $imgpath = $db_http; } else { $imgpath = $db_bbsurl . '/' . $db_picpath; } $attachpath = $db_attachurl != 'N' ? $db_attachurl : $db_bbsurl . '/' . $db_attachname; $imgdir = R_P . $db_picpath;
adminmsg('time_error'); } strpos($filename, '..') !== false && adminmsg("undefined_action"); $plan = array('month' => $month, 'week' => $week, 'day' => $day, 'hour' => $hour_w, 'usetime' => '0', 'ifopen' => $ifopen); $nexttime = nexttime($plan); $db->update("UPDATE pw_plan" . " SET " . pwSqlSingle(array('subject' => $title, 'month' => $month, 'week' => $week, 'day' => $day, 'hour' => $hour_w, 'nexttime' => $nexttime, 'ifopen' => $ifopen, 'filename' => $filename)) . " WHERE id=" . pwEscape($id)); updatecache_plan(); adminmsg("operate_success"); } } elseif ($action == 'detail') { InitGP(array('id')); $rt = $db->get_one("SELECT * FROM pw_plan WHERE id=" . pwEscape($id)); !$rt && adminmsg('operate_error'); $filename = $rt['filename']; if (file_exists(R_P . 'require/plan/' . $filename . '_set.php')) { require_once Pcv(R_P . 'require/plan/' . $filename . '_set.php'); include PrintEot('plantodo'); exit; } else { adminmsg('operate_error'); } } elseif ($action == 'add') { InitGP(array('step')); if (!$step) { $month = makeoption(1, 31); $day = makeoption(0, 23); $hour = makeoption(0, 59); include PrintEot('plantodo'); exit; } elseif ($step == '2') { InitGP(array('title', 'month', 'week', 'day', 'hours', 'ifopen', 'filename'), 'P');
$fourmlimit[$key][$type][$fourmid] = 0; } $updatesql = array_merge($updatesql, $value); } if ($updatesql) { $sql = "INSERT INTO pw_elements(id,value,addition,special,type,mark) VALUES" . pwSqlMulti($updatesql, false); $db->update($sql); } } } else { break; } } foreach ($fourmlimit as $key => $value) { if ($value) { writeover(D_P . 'data/bbscache/' . Pcv('replysort_judge_' . $key) . '.php', "<?php\r\n\$replysort_judge=" . pw_var_export($value) . ";\r\n?>"); } } if ($step < $total) { adminmsg('updatecache_total_step', "{$basename}&action=update&type={$type}&step={$step}"); } } elseif (in_array($type, array('hitsort', 'hitsortday', 'hitsortweek'))) { $step = intval(GetGP('step')); require_once D_P . 'data/bbscache/forum_cache.php'; $arr_forumkeys = array_keys($forum); $fourmlimit = array(); @(include_once D_P . 'data/bbscache/hitsort_judge.php'); $hitsort_judge && ($fourmlimit = $hitsort_judge); if (!$step) { $step = 0; $db->query("DELETE FROM pw_elements WHERE type=" . pwEscape($type));
function &pwNewDBForInstall() { if (!is_object($GLOBALS['db'])) { global $charset, $manager, $PW; include D_P . 'data/sql_config.php'; require_once Pcv(R_P . "require/db_{$database}.php"); $GLOBALS['db'] = new DB($dbhost, $dbuser, $dbpw, $dbname, $PW, $charset, $pconnect); } return $GLOBALS['db']; }
$postdb = array(); $query = $db->query("SELECT p.pid,p.postdate,t.tid,t.fid,t.subject,t.authorid,t.author,t.titlefont,t.anonymous FROM {$pw_posts} p LEFT JOIN pw_threads t USING(tid) WHERE p.authorid=" . pwEscape($userdb['uid']) . " {$sqloff} ORDER BY p.postdate DESC {$limit}"); while ($rt = $db->fetch_array($query)) { $rt['subject'] = substrs($rt['subject'], 45); if ($rt['anonymous'] && $rt['authorid'] != $winduid && !$isGM) { $rt['author'] = $db_anonymousname; $rt['authorid'] = 0; } $rt['forum'] = strip_tags($forum[$rt['fid']]['name']); $rt['postdate'] = get_date($rt['postdate'], 'Y-m-d'); $postdb[] = $rt; } require_once PrintEot('u'); footer(); } elseif (in_array($action, array('favor', 'friend', 'trade'))) { require_once Pcv(R_P . 'require/u_' . $action . '.php'); } function Getcustom($data, $unserialize = true, $strips = null) { global $db_union; $customdata = array(); if (!$data || ($unserialize ? !is_array($data = unserialize($data)) : !is_array($data))) { $data = array(); } elseif (!is_array($custominfo = unserialize($db_union[7]))) { $custominfo = array(); } if (!empty($data) && !empty($custominfo)) { foreach ($data as $key => $value) { if (!empty($strips)) { $customdata[stripslashes(Char_cv($key))] = stripslashes(Char_cv($value)); } elseif ($custominfo[$key] && $value) {
function postModify($tid, $fid, $uid, $title, $content, $tags = '', $convert = 1, $usesign = 1, $usehtml = 0, $topped = 0, $digest = 0, $p_type = '', $p_sub_type = '') { global $winddb, $winduid, $windid, $groupid, $_G, $SYSTEM, $timestamp; require_once R_P . 'lib/forum.class.php'; $pwforum = new PwForum($fid); if (!$pwforum->isForum()) { return new ErrorMsg(API_THREAD_FORUM_NOT_EXISTS, 'Forum not exists'); } $winddb = $this->db->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.email,m.oicq,m.groupid,m.memberid,m.groups,m.icon,m.regdate,m.honor,m.timedf,m.style,m.datefm,m.t_num,m.p_num,m.yz,m.newpm,m.userstatus,m.shortcut,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.thisvisit,md.onlinetime,md.lastpost,md.todaypost,md.monthpost,md.onlineip,md.uploadtime,md.uploadnum,md.starttime,md.pwdctime,md.monoltime,md.digests,md.f_num,md.creditpop FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid WHERE m.uid=" . pwEscape($uid)); if (empty($winddb)) { return new ErrorMsg(API_THREAD_AUTHOR_NOT_EXISTS, 'User not exists'); } $winduid = $winddb['uid']; $groupid = $winddb['groupid']; $windid = $winddb['username']; $groupid == '-1' && ($groupid = $winddb['memberid']); if (file_exists(D_P . "data/groupdb/group_{$groupid}.php")) { include Pcv(D_P . "data/groupdb/group_{$groupid}.php"); } else { include D_P . 'data/groupdb/group_1.php'; } require_once R_P . 'lib/post.class.php'; require_once R_P . 'require/bbscode.php'; $pwpost = new PwPost($pwforum); $pwpost->errMode = true; require_once R_P . 'lib/postmodify.class.php'; $postmodify = new topicModify($tid, 0, $pwpost); $atcdb = $postmodify->init(); if (empty($atcdb) || $atcdb['fid'] != $fid) { return new ErrorMsg(API_THREAD_ILLEGAL_TID, 'The tid is illegal'); } if ($winduid != $atcdb['authorid'] && $groupid != 3 && $groupid != 4) { $authordb = $this->db->get_one("SELECT groupid FROM pw_members WHERE uid=" . pwEscape($atcdb['authorid'])); if ($authordb['groupid'] == 3 || $authordb['groupid'] == 4) { return new ErrorMsg(API_THREAD_MODIFY_ADMIN, 'The tid is not modify'); } } if ($_G['edittime'] && $timestamp - $atcdb['postdate'] > $_G['edittime'] * 60) { return new ErrorMsg(API_THREAD_MODIFY_TIMELIMIT, 'The modify time limit'); } $postdata = new topicPostData($pwpost); include_once D_P . 'data/bbscache/cache_post.php'; $t_db = $topic_type_cache[$fid]; $postdata->setWtype($p_type, $p_sub_type, 0, $t_db); $postdata->initData($postmodify); $postdata->setTitle($title); $postdata->setContent($content); $postdata->setConvert($convert, 1); $postdata->setTags($tags); $postdata->setDigest($digest); $postdata->setTopped($topped); $postdata->setIfsign($usesign, $usehtml); if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) { $errmsg = $this->getErrMsg($msg); return new ErrorMsg($errmsg[0], $errmsg[1]); } $postmodify->execute($postdata); return new ApiResponse(true); }
function PwNewDB() { if (!is_object($GLOBALS['db'])) { global $db, $database, $dbhost, $dbuser, $dbpw, $dbname, $PW, $charset, $pconnect; require_once Pcv(R_P . "require/db_{$database}.php"); $db = new DB($dbhost, $dbuser, $dbpw, $dbname, $PW, $charset, $pconnect); } }
function Pwloaddl($mod, $ckfunc = 'mysqli_get_client_info') { static $isallowed = null; if (extension_loaded($mod)) { if ($ckfunc && !function_exists($ckfunc)) { return false; } return true; } return false; if ($isallowed === null) { if (!@ini_get('safe_mode') && @ini_get('enable_dl') && @function_exists('dl') && @function_exists('phpinfo')) { ob_start(); @phpinfo(INFO_GENERAL); $infomsg = strip_tags(ob_get_contents()); ob_end_clean(); if (preg_match('/thread safety\\s*enabled/i', $infomsg) && !preg_match('/server api\\s*\\(cgi\\|cli\\)/i', $infomsg)) { $isallowed = false; } else { $isallowed = true; } } else { $isallowed = false; } } if (!$isallowed) { return false; } if (strncasecmp(PHP_OS, 'win', 3) == 0) { $module = "php_{$mod}.dll"; } elseif (PHP_OS == 'HP-UX') { $module = "{$mod}.sl"; } else { $module = "{$mod}.so"; } @dl(Pcv($module)); if ($ckfunc && !function_exists($ckfunc)) { return false; } }
$pid = $replypost->getNewId(); pwHook::runHook('after_reply'); $rurl = "index.php?a=read&tid={$tid}&fid={$fid}&page=e"; if ($postdata->getIfcheck() == '0') { wap_msg("发帖成功,请等待管理员审核", $rurl); } if ($_POST['upload']) { $rurl = "index.php?a=upload&tid={$tid}&fid={$fid}&page=e"; header("Location:{$rurl}"); } /*删除缓存*/ $_filename = D_P . "data/wapcache/wap_all_cache.php"; if (file_exists($_filename)) { P_unlink($_filename); } $_filename = Pcv(D_P . "data/wapcache/wap_" . $fid . "_cache.php"); if (file_exists($_filename)) { P_unlink($_filename); } if ($postdata->getIfcheck()) { if ($postdata->filter->filter_weight == 3) { $pinfo = 'enter_words'; $banword = implode(',', $postdata->filter->filter_word); } elseif ($postdata->filter->filter_weight == 2) { $banword = implode(',', $postdata->filter->filter_word); $pinfo = 'post_word_check'; } else { $pinfo = 'post_success'; } } wap_msg($pinfo, $rurl);
<?php error_reporting(0); define('W_P', __FILE__ ? dirname(__FILE__) . '/' : './'); require_once W_P . '../global.php'; $db_bbsurl = $_mainUrl; require_once R_P . 'require/header.php'; require Pcv(W_P . 'template/introduce.htm'); footer();
/** * 解压缩一个文件 * @param $file string 文件名 * @return array 解压缩后的数据,其中包括时间、文件名、数据 */ function extract($file) { $extractedData = array(); $file = Pcv($file); if (!$file || !is_file($file)) { return false; } $filesize = sprintf('%u', filesize($file)); $this->fileHandle = fopen($file, 'rb'); $fileData = fread($this->fileHandle, $filesize); $EofCentralDirData = $this->_findEOFCentralDirectoryRecord($filesize); //获取'End of central directory record'区块的数据 if (!is_array($EofCentralDirData)) { return false; } $centralDirectoryHeaderOffset = $EofCentralDirData['centraldiroffset']; for ($i = 0; $i < $EofCentralDirData['totalentries']; $i++) { rewind($this->fileHandle); fseek($this->fileHandle, $centralDirectoryHeaderOffset); $centralDirectoryData = $this->_readCentralDirectoryData(); // 获取'Central directory' 区块数据 $centralDirectoryHeaderOffset += 46 + $centralDirectoryData['filenamelength'] + $centralDirectoryData['extrafieldlength'] + $centralDirectoryData['commentlength']; if (!is_array($centralDirectoryData) || substr($centralDirectoryData['filename'], -1) == '/') { continue; } $data = $this->_readLocalFileHeaderAndData($centralDirectoryData); // 获取压缩的数据 if (!$data) { continue; } $extractedData[$i] = array('filename' => $centralDirectoryData['filename'], 'timestamp' => $centralDirectoryData['time'], 'data' => $data); } fclose($this->fileHandle); return $extractedData; }
/** * 创建文件夹 * @param $path */ function createFolder($path) { $path = Pcv($path); if ($path && !is_dir($path)) { PW_Backup::createFolder(dirname($path)); mkdir($path); chmod($path, 0777); } }
function _isAllowSend($userId) { $userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */ $user = $userService->get($userId); if (!$user) { return false; } $groupId = $user['groupid']; $groupId == '-1' && ($groupId = $user['memberid']); if ($groupId == 6 || getstatus($user['userstatus'], PW_USERSTATUS_BANUSER)) { return false; } //会员禁言 if (file_exists(D_P . "data/groupdb/group_{$groupId}.php")) { include Pcv(D_P . "data/groupdb/group_{$groupId}.php"); } else { include D_P . 'data/groupdb/group_1.php'; } if (!$_G['allowvisit']) { return false; } //用户组没权限(包含注册未审核) return true; }