function wap_check($fid, $action) { global $db, $groupid, $_G, $_time, $db_titlemax, $db_postmin, $db_postmax, $subject, $content; $subject = trim($subject); $content = trim($content); if ($action == 'new' && (!$subject || strlen($subject) > $db_titlemax)) { wap_msg('subject_limit'); } if (strlen($content) >= $db_postmax || strlen($content) < $db_postmin) { wap_msg('content_limit'); } $fm = $db->get_one("SELECT f.forumadmin,f.fupadmin,f.password,f.allowvisit,f.f_type,f.f_check,f.allowpost,f.allowrp,fe.forumset FROM pw_forums f LEFT JOIN pw_forumsextra fe USING(fid) WHERE f.fid=" . pwEscape($fid)); $forumset = unserialize($fm['forumset']); if (!$fm || $fm['password'] != '' || $fm['f_type'] == 'hidden' || $fm['allowvisit'] && @strpos($fm['allowvisit'], ",{$groupid},") === false) { wap_msg('post_right'); } if ($action == 'new') { $isGM = CkInArray($GLOBALS['windid'], $GLOBALS['manager']); $isBM = admincheck($fm['forumadmin'], $fm['fupadmin'], $GLOBALS['windid']); if ($fm['f_check'] == '1' || $fm['f_check'] == '3') { wap_msg('post_right'); } if ($fm['allowpost'] && strpos($fm['allowpost'], ",{$groupid},") === false) { wap_msg('post_right'); } if (!$fm['allowpost'] && $_G['allowpost'] == 0) { wap_msg('post_group'); } if ($forumset['allowtime'] && !$isGM && !allowcheck($forumset['allowtime'], "{$_time['hours']}", '') && !pwRights($isBM, 'allowtime')) { wap_msg('post_right'); } } elseif ($action == 'reply') { if ($fm['f_check'] == '2' || $fm['f_check'] == '3') { wap_msg('reply_right'); } if ($fm['allowrp'] && strpos($fm['allowrp'], ",{$groupid},") === false) { wap_msg('reply_right'); } if (!$fm['allowrp'] && $_G['allowrp'] == 0) { wap_msg('reply_group'); } } }
function wind_forumcheck($forum) { global $windid, $groupid, $tid, $fid, $skin, $winddb, $manager; if ($forum['f_type'] == 'former' && $groupid == 'guest' && $_COOKIE) { Showmsg('forum_former'); } if (!empty($forum['style']) && file_exists(D_P . "data/style/{$forum['style']}.php")) { $skin = $forum['style']; } $pwdcheck = GetCookie('pwdcheck'); if ($forum['password'] != '' && ($groupid == 'guest' || $pwdcheck[$fid] != $forum['password'] && !CkInArray($windid, $manager))) { require_once R_P . 'require/forumpw.php'; } if ($forum['allowvisit'] && !allowcheck($forum['allowvisit'], $groupid, $winddb['groups'], $fid, $winddb['visit'])) { Showmsg('forum_jiami'); } if (!$forum['cms'] && $forum['f_type'] == 'hidden' && !$forum['allowvisit']) { Showmsg('forum_hidden'); } }
} } if ($areaids) { $areaService = L::loadClass('AreasService', 'utility'); $areas = $areaService->getFullAreaByAreaIds($areaids); } } unset($_cache, $sign, $ltitle, $lpic, $lneed, $_G['right'], $_MEDALDB, $fieldadd, $tablaadd, $read, $order, $readnum, $pwMembers); //快速回复 if ($groupid != 'guest' && !$tpc_locked && empty($colony) && ($admincheck || !$foruminfo['allowrp'] || allowcheck($foruminfo['allowrp'], $groupid, $winddb['groups'], $fid, $winddb['reply'])) || $colony['ifcyer'] && $colony > '-1') { $psot_sta = 'reply'; //control the faster reply $titletop1 = substrs('Re:' . str_replace(' ', ' ', $subject), $db_titlemax - 2); $fastpost = 'fastpost'; $db_forcetype = 0; if (!allowcheck($foruminfo['allowrp'], $groupid, $winddb['groups'], $fid, $winddb['reply'])) { $fastpost = ''; } else { $fastpost = 'fastpost'; } !$foruminfo['allowrp'] && $_G['allowrp'] && ($fastpost = 'fastpost'); } elseif ($groupid == 'guest' && !$tpc_locked) { //显示快速回复表单 $fastpost = 'fastpost'; $psot_sta = 'reply'; $titletop1 = substrs('Re:' . str_replace(' ', ' ', $subject), $db_titlemax - 2); $db_forcetype = 0; if (!$_G['allowrp'] && !$foruminfo['allowrp'] || $foruminfo['allowrp']) { $anonymity = true; } }
if ($forums['type'] === 'forum') { if ($forums['showsub'] && $forums['childid']) { $showsub[$forums['fid']] = ''; } $forums['topics'] = $forums['topic'] + $forums['subtopic']; $article += $forums['article']; $topics += $forums['topics']; $tposts += $forums['tpost']; $forums['au'] = $forums['admin'] = ''; if (S::inArray($windid, $manager) || !$forums['password'] && (!$forums['allowvisit'] || allowcheck($forums['allowvisit'], $groupid, $winddb['groups'], $forums['fid'], $winddb['visit']))) { list($forums['t'], $forums['au'], $forums['newtitle'], $forums['ft']) = explode("\t", $forums['lastpost']); $forums['pic'] = $newpic < $forums['newtitle'] && $forums['newtitle'] + $db_newtime > $timestamp ? 'new' : 'old'; $forums['newtitle'] = get_date($forums['newtitle']); $forums['t'] = substrs($forums['t'], 26); } elseif ($forum[$forums['fid']]['f_type'] === 'hidden') { if ($forums['password'] && allowcheck($forums['allowvisit'], $groupid, $winddb['groups'], $forums['fid'], $winddb['visit'])) { $forums['pic'] = 'lock'; } else { if (!S::inArray($windid, $manager)) { continue; } } } else { $forums['pic'] = 'lock'; } $forums['allowhtm'] == 1 && ($c_htm = 1); if ($db_indexfmlogo == 2) { if (!empty($forums['logo']) && strpos($forums['logo'], 'http://') !== false) { $forums['logo'] = $forums[logo]; } elseif (!empty($forums['logo'])) { $forumLogo = geturl($forums[logo]);
} elseif ($rg_allowregister == 2) { S::gp(array('invcode'), 'GP'); $invcode = trim($invcode, ','); //$invitelink = '<a href="' . $db_bbsurl . '/' . $db_registerfile . '?invcode=' . $invcode . '">' . $db_bbsurl . '/' . $db_registerfile . '?invcode=' . $invcode . '</a><br>'; $inv_email = str_replace(array('$username', '$sitename', '$invitecode', '$uid'), array($windid, $db_sitename, $invcode, $winduid), $inv_email); $email_content .= $inv_email . "\r\n"; } } elseif ($step == 'delInvCode') { S::gp(array('invcode'), 'GP'); empty($invcode) && ajaxExport("请选择要删除的邀请码"); $invcode = explode(',', trim($invcode, ',')); $db->update("DELETE FROM pw_invitecode WHERE id IN (" . S::sqlImplode($invcode) . ") AND uid=" . S::sqlEscape($winduid)); ajaxExport("删除操作成功!"); } elseif ($step == 'addInvCode') { require_once R_P . 'require/credit.php'; $allowinvite = allowcheck($inv_groups, $groupid, $winddb['groups']) ? 1 : 0; $allowinvite == 0 && ajaxExport("抱歉,您没有购买权限"); $usrecredit = ${'db_' . $inv_credit . 'name'}; $creditto = array('rvrc' => $userrvrc, 'money' => $winddb['money'], 'credit' => $winddb['credit'], 'currency' => $winddb['currency']); if ($inv_limitdays) { $rt = $db->get_one("SELECT createtime FROM pw_invitecode WHERE uid=" . S::sqlEscape($winduid) . "ORDER BY createtime DESC LIMIT 0,1"); if ($timestamp - $rt['createtime'] < $inv_limitdays * 86400) { ajaxExport("邀请码购买时间限制,请稍侯"); } } S::gp(array('invnum'), 'GP'); $invnum = (int) $invnum; if ($invnum < 1) { ajaxExport("购买的邀请码数量必须大于0"); } //(!is_numeric($invnum) || $invnum < 1) && $invnum = 1;
$admincheck = $isGM || $isBM ? 1 : 0; if (!$isGM) { #非创始人权限获取 $pwSystem = pwRights($isBM); if ($pwSystem && ($pwSystem['tpccheck'] || $pwSystem['digestadmin'] || $pwSystem['lockadmin'] || $pwSystem['pushadmin'] || $pwSystem['coloradmin'] || $pwSystem['downadmin'] || $pwSystem['delatc'] || $pwSystem['moveatc'] || $pwSystem['copyatc'] || $pwSystem['topped'] || $pwSystem['unite'] || $pwSystem['pingcp'] || $pwSystem['areapush'] || $pwSystem['split'])) { $managecheck = 1; } $pwPostHide = $pwSystem['posthide']; $pwSellHide = $pwSystem['sellhide']; $pwEncodeHide = $pwSystem['encodehide']; } else { $managecheck = $pwPostHide = $pwSellHide = $pwEncodeHide = 1; } } //版块查看权限 if ($foruminfo['allowread'] && !$admincheck && !allowcheck($foruminfo['allowread'], $groupid, $winddb['groups'])) { Showmsg('forum_read_right'); } if (!$admincheck) { $pwforum->creditcheck($winddb, $groupid); #积分限制浏览 $pwforum->sellcheck($winduid); #出售版块 } if ($read['ifcheck'] == 0 && !$isGM && $windid != $read['author'] && !$pwSystem['viewcheck']) { Showmsg('read_check'); } if ($read['locked'] % 3 == 2 && !$isGM && !$pwSystem['viewclose']) { Showmsg('read_locked'); } unset($S_sql, $J_sql, $foruminfo['forumset']);
foreach ($readlog as $key => $value) { if (is_numeric($value)) { $tids[] = $value; if (++$i > 9) { break; } } } Cookie('readlog', ',' . implode(',', $tids) . ','); $tids && ($tids = pwImplode($tids)); !$tids && Showmsg('readlog_data_error'); include_once D_P . 'data/bbscache/forum_cache.php'; $readb = array(); $query = $db->query("SELECT t.tid,t.fid,t.subject,t.author,t.authorid,t.anonymous,f.f_type,f.password,f.allowvisit FROM pw_threads t LEFT JOIN pw_forums f USING(fid) WHERE t.tid IN({$tids})"); while ($rt = $db->fetch_array($query)) { if (empty($rt['password']) && $rt['f_type'] != 'hidden' && (empty($rt['allowvisit']) || allowcheck($rt['allowvisit'], $groupid, $winddb['groups']))) { if ($rt['anonymous'] && !in_array($groupid, array('3', '4')) && $rt['authorid'] != $winduid) { $rt['author'] = $db_anonymousname; $rt['authorid'] = 0; } $readb[] = $rt; } } require_once PrintEot('ajax'); ajax_footer(); } elseif ($action == 'threadlog') { $threadlog = explode(',', GetCookie('threadlog')); @krsort($threadlog); $fids = ','; $i = 0; foreach ($threadlog as $key => $value) {
if ($foruminfo) { $foruminfo['creditset'] = unserialize($foruminfo['creditset']); $foruminfo['forumset'] = unserialize($foruminfo['forumset']); $foruminfo['commend'] = unserialize($foruminfo['commend']); } } !$foruminfo && wap_msg('data_error', $basename); require_once R_P . 'require/forum.php'; wind_forumcheck($foruminfo); if ($groupid == '3' || admincheck($foruminfo['forumadmin'], $foruminfo['fupadmin'], $windid)) { #获取管理权限 $admincheck = 1; } else { $admincheck = 0; } if ($foruminfo['allowdownload'] && !allowcheck($foruminfo['allowdownload'], $groupid, $winddb['groups']) && !$admincheck) { #版块权限判断 wap_msg('job_attach_forum', $basename); } if (!$foruminfo['allowdownload'] && $_G['allowdownload'] == 0 && !$admincheck) { #用户组权限判断 wap_msg('job_attach_group', $basename); } if (!$attach_url && !$db_ftpweb && !is_readable("{$attachdir}/" . $attach['attachurl'])) { wap_msg('job_attach_error', $basename); } $fgeturl = geturl($attach['attachurl']); !$fgeturl[0] && wap_msg('job_attach_error', $basename); $filename = basename("{$attachdir}/" . $attach['attachurl']); $fileext = substr(strrchr($attach['attachurl'], '.'), 1); $filesize = 0;
if ($read['istop'] == 'topped') { $readdb[$key] = viewread($read, ''); } else { if ($pageinverse) { $readdb[$key] = viewread($read, $start_limit--); } else { $readdb[$key] = viewread($read, $start_limit++); } } if ($db_mode == 'area') { $db_menuinit .= ",'td_read_" . $read['pid'] . "':'menu_read_" . $read['pid'] . "'"; } } unset($_cache, $sign, $ltitle, $lpic, $lneed, $_G['right'], $_MEDALDB, $fieldadd, $tablaadd, $read, $order, $readnum, $pwMembers, $attachdb); //快速回复 if ($groupid != 'guest' && !$tpc_locked && ($admincheck || !$foruminfo['allowrp'] || allowcheck($foruminfo['allowrp'], $groupid, $winddb['groups'], $fid, $winddb['reply']))) { $psot_sta = 'reply'; //control the faster reply $titletop1 = substrs('Re:' . str_replace(' ', ' ', $subject), $db_titlemax - 2); $fastpost = 'fastpost'; $db_forcetype = 0; } else { if ($groupid == 'guest' && !$tpc_locked) { //显示快速回复表单 $fastpost = 'fastpost'; $psot_sta = 'reply'; $titletop1 = substrs('Re:' . str_replace(' ', ' ', $subject), $db_titlemax - 2); $db_forcetype = 0; if (!$_G['allowrp'] && !$foruminfo['allowrp'] || $foruminfo['allowrp']) { $anonymity = true; }
<?php !function_exists('readover') && exit('Forbidden'); InitGP(array('flashatt'), 'P'); $attachs = $aids = $elementpic = array(); $ifupload = 0; foreach ($_FILES as $key => $val) { if (!$val['tmp_name'] || $val['tmp_name'] == 'none') { unset($_FILES[$key]); } } $filenum = count($_FILES); if ($filenum > 0 && $filenum <= $db_attachnum || $flashatt && is_array($flashatt)) { if (!$db_allowupload) { Showmsg('upload_close'); } elseif ($foruminfo['allowupload'] && !allowcheck($foruminfo['allowupload'], $groupid, $winddb['groups'])) { Showmsg('upload_forum_right'); } elseif (!$foruminfo['allowupload'] && $_G['allowupload'] == 0) { Showmsg('upload_group_right'); } if ($winddb['uploadtime'] < $tdtime) { $winddb['uploadnum'] = 0; } if (is_array($flashatt)) { $filenum += count($flashatt); } if ($winddb['uploadnum'] + $filenum >= $_G['allownum']) { Showmsg('upload_num_error'); } $uploaddb = UploadFile($winduid); if ($flashatt && is_array($flashatt)) {
/** * 获取版块短名 * * @global array $winddb * @global array $forum * @global string $winduid * @global string $db_shortcutforum * @return array */ function pwGetShortcut() { static $sForumsShortcut = array(); if (empty($sForumsShortcut)) { global $winduid, $db_shortcutforum; $sForumsShortcut = pwGetMyShortcut(); if (empty($sForumsShortcut)) { if (!$db_shortcutforum && $winduid) { require_once R_P . 'require/updateforum.php'; updateshortcut(); //$sForumsShortcut = updateshortcut(); } } } /*侧栏 等处因删除无权查看的隐藏板块*/ global $winddb, $forum, $groupid, $windid; extract(pwCache::getData(D_P . 'data/bbscache/forum_cache.php', false)); foreach ($sForumsShortcut as $k => $v) { if ($forum[$k]['f_type'] == 'hidden' && (!allowcheck($forum['allowvisit'], $groupid, $winddb['groups'], $forum['fid'], $winddb['visit']) && !S::inArray($windid, $manager))) { unset($sForumsShortcut[$k]); } } return $sForumsShortcut; }
$admincheck = $isGM || $isBM ? 1 : 0; if (!$isGM) { #非创始人权限获取 $pwSystem = pwRights($isBM); if ($pwSystem && ($pwSystem['tpccheck'] || $pwSystem['digestadmin'] || $pwSystem['lockadmin'] || $pwSystem['pushadmin'] || $pwSystem['coloradmin'] || $pwSystem['downadmin'] || $pwSystem['delatc'] || $pwSystem['moveatc'] || $pwSystem['copyatc'] || $pwSystem['topped'] || $pwSystem['unite'] || $pwSystem['pingcp'] || $pwSystem['areapush'] || $pwSystem['split'])) { $managecheck = 1; } $pwPostHide = $pwSystem['posthide']; $pwSellHide = $pwSystem['sellhide']; $pwEncodeHide = $pwSystem['encodehide']; } else { $managecheck = $pwPostHide = $pwSellHide = $pwEncodeHide = 1; } } //版块查看权限 if ($foruminfo['allowread'] && !$admincheck && !allowcheck($foruminfo['allowread'], $groupid, $winddb['groups']) && strpos($winddb['visit'], $fid) === false) { Showmsg('forum_read_right'); } //实名认证查看权限 if ($db_authstate && !$admincheck && $forumset['auth_allowread'] && true !== ($authMessage = $pwforum->authStatus($winddb['userstatus'], $forumset['auth_logicalmethod']))) { // Showmsg($authMessage . '_read'); } if (!$admincheck) { $pwforum->creditcheck($winddb, $groupid); #积分限制浏览 $pwforum->sellcheck($winduid); #出售版块 } if ($read['ifcheck'] == 0 && !$isGM && $windid != $read['author'] && !$pwSystem['viewcheck']) { Showmsg('read_check');