exit; } if (pc_file_num($link, $pc["UID"], $pid) + 1 > $pc["NLIM"]) { pc_html_init("gb2312", stripslashes($pc["NAME"])); html_error_quit("目标文件夹中的文件数已达上限 " . $pc["NLIM"] . " 个!"); exit; } if (intval($_COOKIE["BLOGFAVNID"])) { if ($_COOKIE["BLOGFAVACTION"] == "favcut") { $query = "UPDATE nodes SET `pid` = '" . $pid . "' WHERE `nid` = '" . intval($_COOKIE["BLOGFAVNID"]) . "';"; } elseif ($_COOKIE["BLOGFAVACTION"] == "favcopy") { $query = "SELECT * FROM nodes WHERE `nid` = '" . intval($_COOKIE["BLOGFAVNID"]) . "' LIMIT 0 , 1 ;"; $result = mysql_query($query, $link); $rows = mysql_fetch_array($result); mysql_free_result($result); $query = "INSERT INTO `nodes` ( `nid` , `pid` , `type` , `source` , `hostname` , `changed` , `created` , `uid` , `comment` , `commentcount` , `subject` , `body` , `access` , `visitcount` , `tid` , `emote` ,`htmltag`) " . "VALUES ('', '" . $pid . "', '0', '" . addslashes($rows["source"]) . "', '" . addslashes($rows["hostname"]) . "', NOW( ) , '" . addslashes($rows["created"]) . "', '" . $pc["UID"] . "', '" . intval($rows["comment"]) . "', '" . intval($rows["commentcount"]) . "', '" . addslashes($rows["subject"]) . "', '" . addslashes($rows["body"]) . "', '3', '" . intval($rows["visitcount"]) . "', '" . intval($rows["tid"]) . "', '" . intval($rows["emote"]) . "','" . intval($rows["htmltag"]) . "');"; } mysql_query($query, $link); } setcookie("BLOGFAVACTION"); setcookie("BLOGFAVNID"); pc_html_init("gb2312", stripslashes($pc["NAME"])); pc_update_record($link, $pc["UID"]); $log_action = "CUT/COPY FAV"; pc_return("pcdoc.php?userid=" . $pc["USER"] . "&tag=3&pid=" . $pid); } if (pc_is_groupwork($pc)) { pc_group_logs($link, $pc, $log_action, $log_content); } html_normal_quit(); }
if ($node[state] == 0 || $node[state] == 1) { $query = 'UPDATE filter SET state = 2 WHERE fid = ' . $fid . ' LIMIT 1;'; mysql_query($query); } } if (strtolower($_GET['filter']) == 'r') { if ($node[state] == 4) { $nid = $node[nid]; $query = 'SELECT * FROM nodes WHERE nid = ' . $nid . ' LIMIT 1;'; $result = mysql_query($query); $node_o = mysql_fetch_array($result); if (!$node_o) { html_error_quit("作者已经将文章删除"); } if ($node_o[body] != '@ @ 本文已被管理员屏蔽 @ @' && !isset($_GET["or"])) { html_error_quit("原文已经被修改过<br/><a href='pcadmin_flt.php?filter=r&or=1&fid=" . $fid . "'>强行恢复</a>"); } $body = addslashes($node[body]); $query = "UPDATE nodes SET `body` = '" . $body . "', `changed`='" . $node[changed] . "' where `nid` = " . $nid . ";"; if (!mysql_query($query)) { html_error_quit("修改原文出错"); } pc_update_record($link, $node[uid]); $query = "DELETE FROM filter WHERE `fid` = '" . $fid . "' "; if (!mysql_query($query)) { html_error_quit("从过滤表删除出错,但是文章已经恢复..."); } } } pc_db_close($link); pc_return("pcdoc.php?userid=_filter&tag=" . $node[state]);
<?php require "pcadmin_inc.php"; pc_admin_check_permission(); $link = pc_db_connect(); $nid = intval($_GET["nid"]); $query = 'SELECT * FROM filter WHERE nid = ' . $nid . ' LIMIT 1;'; $result = mysql_query($query); $node = mysql_fetch_array($result); if ($node) { html_error_quit("文章已经被删除过"); } $query = 'SELECT * FROM nodes WHERE nid = ' . $nid . ' LIMIT 1;'; $result = mysql_query($query); $node = mysql_fetch_array($result); if (!$node) { html_error_quit("文章不存在"); } $uid = $node[uid]; $query = "INSERT INTO `filter` ( `pid` , `nid` , `tid` , `type` , `state` , `recuser` , `emote` , `hostname` , `changed` , `created` , `uid` , `username` , `comment` , `commentcount` , `subject` , `body` , `access` , `visitcount` , `htmltag`,`trackback` ,`trackbackcount`,`nodetype`,`theme`,`publisher`) " . "VALUES ( '" . $node[pid] . "' , '" . $node[nid] . "' , '" . $node[tid] . "' , '" . $node[type] . "' , 4 , '" . $currentuser["userid"] . "' , '" . $node[emote] . "' , '" . $node[hostname] . "' , '" . $node[changed] . "' , '" . $node[created] . "' , '" . $node[uid] . "' , '" . addslashes($_GET["userid"]) . "' , '" . $node[comment] . "' , '" . $node[commentcount] . "' , '" . $node[subject] . "' , '" . $node[body] . "' , '" . $node[access] . "' , '" . $node[visitcount] . "' , '" . $node[htmltag] . "','" . $node[trackback] . "' ,'" . $node[trackbackcount] . "','" . $node[nodetype] . "','" . $node[theme] . "','" . $node[publisher] . "');"; if (!mysql_query($query)) { html_error_quit("插入过滤表出错"); } $query = "UPDATE nodes SET `body` = '@ @ 本文已被管理员屏蔽 @ @' where `nid` = " . $nid . ";"; if (!mysql_query($query)) { html_error_quit("修改原文出错"); } pc_update_record($link, $uid); pc_db_close($link); pc_return("pcdoc.php?userid=_filter&tag=4");
function pc_add_node($link, $pc, $pid, $tid, $emote, $comment, $access, $htmlTag, $trackback, $theme, $subject, $body, $nodeType, $autodetecttbp, $tbpUrl, $tbpArt, $convert_encoding, $filtered, $address, $publisher) { global $pcconfig, $support_encodings, $sending_encoding; $pid = intval($pid); $tid = intval($tid); $emote = intval($emote); $comment = $comment == 1 ? 1 : 0; $access = intval($access); $htmlTag = $htmlTag == 1 ? 1 : 0; $trackback = $trackback == 1 ? 1 : 0; $subject = addslashes(trim($subject)); $body = html_editorstr_format(trim($body)); $nodeType = intval($nodeType); //0: 普通;1: log,不可删除 if ($convert_encoding) { if (!strstr($support_encodings, $convert_encoding)) { $convert_encoding = $sending_encoding; } } else { $convert_encoding = $sending_encoding; } if (!$pc || !is_array($pc)) { return FALSE; } if (!$subject) { //检查主题 return -1; } if ($access < 0 || $access > 4) { $access = 2; } //如果参数错误先在私人区发表 if ($access == 3) { if (!pc_load_directory($link, $pc["UID"], $pid)) { return -2; } if (pc_used_space($link, $pc["UID"], 3, $pid) >= $pc["NLIM"]) { //目标文件夹使用空间 return -3; } $tid = 0; } else { $pid = 0; if (pc_used_space($link, $pc["UID"], $access) >= $pc["NLIM"]) { //目标文件夹使用空间 return -3; } if ($tid != 0) { if (!pc_load_topic($link, $pc["UID"], $tid, $topicname, $access)) { return -4; } } } if ($access != 0) { $tbpUrl = ""; $autodetecttbp = FALSE; } $into_filter = false; if (!$filtered) { //未经过过滤检查的要先检查一次 if (bbs_checkbadword($subject) || bbs_checkbadword($body)) { $into_filter = true; } } if (!pc_is_groupwork($pc)) { $publisher = ""; } elseif (!$publisher) { return -10; } else { } if (!$into_filter) { if ($tbpUrl && pc_tbp_check_url($tbpUrl) && $tbpArt) { if ($htmlTag) { $body .= "<br /><br /><strong>相关文章</strong><br />\n" . "<a href='" . $tbpArt . "'>" . $tbpArt . "</a>"; } else { $body .= "\n\n[相关文章]\n" . $tbpArt; } } if (pc_is_groupwork($pc)) { //群体BLOG文章要加一个头 $body = pc_groupwork_addhead($pc, $body, $htmlTag, $publisher); } } if (!isset($pcconfig["SECTION"][$theme])) { $theme = "others"; } $theme = addslashes($theme); $body = addslashes($body); if (!$address) { $address = $_SERVER["REMOTE_ADDR"]; } //日志入库 if ($into_filter) { $query = "INSERT INTO `filter` ( `pid` , `nid` , `tid` , `type` , `state` , `recuser` , `emote` , `hostname` , `changed` , `created` , `uid` , `username` , `comment` , `commentcount` , `subject` , `body` , `access` , `visitcount` , `htmltag`,`trackback` ,`trackbackcount`,`nodetype`,`tbp_url`,`tbp_art`,`auto_tbp`,`tbpencoding`,`theme`,`publisher`) " . "VALUES ( '" . $pid . "', 0 , '" . $tid . "' , '0', '0' , '', '" . $emote . "' , '" . addslashes($_SERVER["REMOTE_ADDR"]) . "',NOW( ) , NOW( ), '" . $pc["UID"] . "' , '" . addslashes($pc["USER"]) . "' , '" . $comment . "', '0', '" . $subject . "', '" . $body . "', '" . $access . "', '0' , '" . $htmlTag . "' ,'" . $trackback . "','0','" . $nodeType . "','" . addslashes($tbpUrl) . "','" . addslashes($tbpArt) . "','" . intval($autodetecttbp) . "','" . addslashes($convert_encoding) . "','" . $theme . "','" . addslashes($publisher) . "');"; } else { $query = "INSERT INTO `nodes` ( `pid` , `tid` , `type` , `recuser` , `emote` , `hostname` , `changed` , `created` , `uid` , `comment` , `commentcount` , `subject` , `body` , `access` , `visitcount` , `htmltag`,`trackback` ,`trackbackcount`,`nodetype`,`theme`,`publisher`) " . "VALUES ( '" . $pid . "', '" . $tid . "' , '0', '', '" . $emote . "' , '" . addslashes($address) . "',NOW( ) , NOW( ), '" . $pc["UID"] . "', '" . $comment . "', '0', '" . $subject . "', '" . $body . "', '" . $access . "', '0' , '" . $htmlTag . "' ,'" . $trackback . "','0','" . $nodeType . "','" . $theme . "','" . addslashes($publisher) . "');"; } if (!mysql_query($query, $link)) { return -5; } //公开区文章发布后更新文章数 if (!$into_filter) { if ($access == 0) { pc_update_record($link, $pc["UID"], "+1"); } } if (!$into_filter) { $detectnum = 0; if ($autodetecttbp) { $detecttbps = array(); $detectnum = pc_detect_trackbackpings($body, $detecttbps, $tbpUrl); } if ($tbpUrl || $detectnum) { //提取日志的nid $query = "SELECT `nid` FROM nodes WHERE `subject` = '" . $subject . "' AND `body` = '" . $body . "' AND `uid` = '" . $pc["UID"] . "' AND `access` = '" . $access . "' AND `pid` = '" . $pid . "' AND `tid` = '" . $tid . "' ORDER BY nid DESC LIMIT 0,1;"; $result = mysql_query($query, $link); $rows = mysql_fetch_array($result); if (!$rows) { return -6; } $thisNid = $rows[nid]; mysql_free_result($result); if ($htmlTag) { $tbbody = undo_html_format(strip_tags(stripslashes($body))); } else { $tbbody = stripslashes($body); } if (strlen($tbbody) > 255) { $tbbody = substr($tbbody, 0, 251) . " ..."; } $subject = stripslashes($subject); $blogname = undo_html_format($pc["NAME"]); if ($pcconfig["ENCODINGTBP"]) { iconv_set_encoding("internal_encoding", $convert_encoding); iconv_set_encoding("output_encoding", $convert_encoding); $subject = iconv($default_encoding, $convert_encoding, $subject); $tbbody = iconv($default_encoding, $convert_encoding, $tbbody); $blogname = iconv($default_encoding, $convert_encoding, $blogname); } $tbarr = array("title" => $subject, "excerpt" => $tbbody, "url" => "http://" . $pcconfig["SITE"] . "/pc/pccon.php?id=" . $pc["UID"] . "&tid=" . $tid . "&nid=" . $thisNid . "&s=all", "blogname" => $blogname); if ($tbpUrl) { //发送引用通告 pc_tbp_trackback_ping($tbpUrl, $tbarr); } for ($i = 0; $i < $detectnum; $i++) { pc_tbp_trackback_ping($detecttbps[$i], $tbarr); } } } if ($into_filter) { return -9; } else { return 0; } }