コード例 #1
0
 public function run()
 {
     if (MobcentDiscuz::getDiscuzVersion() >= 'X3.1') {
         $this->_run_x31();
     } else {
         $this->_run();
     }
 }
コード例 #2
0
 private function _applyActivityTopic($res, $tid, $uid, $data)
 {
     // from forum_misc.php
     require_once libfile('function/post');
     $activity = DzForumActivity::getActivityByTid($tid);
     if ($activity['expiration'] && $activity['expiration'] < TIMESTAMP) {
         return $this->_makeErrorInfo($res, 'activity_stop');
     }
     $applyinfo = DzForumActivityApply::getApplyByTidUid($tid, $uid);
     if ($applyinfo && $applyinfo['verified'] < DzForumActivityApply::STATUS_VERIFIED_IMPROVE) {
         return $this->_makeErrorInfo($res, 'activity_repeat_apply');
     }
     global $_G;
     $_GET = $data;
     $thread = ForumUtils::getTopicInfo($tid);
     $payvalue = intval($_GET['payvalue']);
     $payment = $_GET['payment'] ? $payvalue : -1;
     $message = cutstr(dhtmlspecialchars($_GET['message']), 200);
     $verified = $thread['authorid'] == $uid ? 1 : 0;
     $ufielddata = '';
     if ($activity['ufield']) {
         $ufielddata = array();
         $version = MobcentDiscuz::getMobcentDiscuzVersion();
         $activity['ufield'] = $version != MobcentDiscuz::VERSION_X20 ? dunserialize($activity['ufield']) : unserialize($activity['ufield']);
         if (!empty($activity['ufield']['userfield'])) {
             if ($version == MobcentDiscuz::VERSION_X20) {
                 if (!class_exists('discuz_censor')) {
                     include libfile('class/censor');
                 }
             }
             $censor = discuz_censor::instance();
             loadcache('profilesetting');
             foreach ($data as $key => $value) {
                 if (empty($_G['cache']['profilesetting'][$key])) {
                     continue;
                 }
                 if (is_array($value)) {
                     $value = implode(',', $value);
                 }
                 $value = cutstr(dhtmlspecialchars(trim($value)), 100, '.');
                 // if ($_G['cache']['profilesetting'][$key]['formtype'] == 'file' && !preg_match("/^https?:\/\/(.*)?\.(jpg|png|gif|jpeg|bmp)$/i", $value)) {
                 //     showmessage('activity_imgurl_error');
                 // }
                 if (empty($value) && $key != 'residedist' && $key != 'residecommunity') {
                     return $this->_makeErrorInfo($res, 'activity_exile_field');
                 }
                 $ufielddata['userfield'][$key] = $value;
             }
         }
         if (!empty($activity['ufield']['extfield'])) {
             foreach ($activity['ufield']['extfield'] as $fieldid) {
                 $value = cutstr(dhtmlspecialchars(trim($_GET['' . $fieldid])), 50, '.');
                 $ufielddata['extfield'][$fieldid] = $value;
             }
         }
         $ufielddata = !empty($ufielddata) ? serialize($ufielddata) : '';
     }
     if ($_G['setting']['activitycredit'] && $activity['credit'] && empty($applyinfo['verified'])) {
         checklowerlimit(array('extcredits' . $_G['setting']['activitycredit'] => '-' . $activity['credit']));
         updatemembercount($uid, array($_G['setting']['activitycredit'] => '-' . $activity['credit']), true, 'ACC', $tid);
     }
     $data = array('tid' => $tid, 'username' => $_G['username'], 'uid' => $uid, 'message' => $message, 'verified' => $verified, 'dateline' => $_G['timestamp'], 'payment' => $payment, 'ufielddata' => $ufielddata);
     if ($applyinfo && $applyinfo['verified'] == DzForumActivityApply::STATUS_VERIFIED_IMPROVE) {
         DzForumActivityApply::updateApplyById($data, $applyinfo['applyid']);
     } else {
         DzForumActivityApply::insertApply($data);
     }
     DzForumActivity::updateApplyNumberByTid($tid);
     if ($thread['authorid'] != $uid) {
         notification_add($thread['authorid'], 'activity', 'activity_notice', array('tid' => $tid, 'subject' => $thread['subject']));
         $space = array();
         space_merge($space, 'field_home');
         if (!empty($space['privacy']['feed']['newreply'])) {
             $feed['icon'] = 'activity';
             $feed['title_template'] = 'feed_reply_activity_title';
             $feed['title_data'] = array('subject' => "<a href=\"forum.php?mod=viewthread&tid={$tid}\">{$thread['subject']}</a>", 'hash_data' => "tid{$tid}");
             $feed['id'] = $tid;
             $feed['idtype'] = 'tid';
             postfeed($feed);
         }
     }
     $res = $this->_makeErrorInfo($res, 'activity_completion');
     $res['rs'] = 1;
     return $res;
 }
コード例 #3
0
 public static function getPostExtraPanel()
 {
     $panels = array('topic' => array(), 'post' => array());
     global $_G;
     // 评分的权限控制
     $ratePlugConfig = (int) WebUtils::getDzPluginAppbymeAppConfig('forum_allow_topic_rate');
     if ($ratePlugConfig && $_G['group']['raterange']) {
         $panels['topic'][] = array('action' => 'rate', 'title' => WebUtils::t('评分'));
         // $panels['post'][] = array('action' => 'rate', 'title' => WebUtils::t('评分'));
     }
     // 赞
     $topicConfig = (int) WebUtils::getDzPluginAppbymeAppConfig('forum_allow_topic_recommend');
     $postConfig = (int) WebUtils::getDzPluginAppbymeAppConfig('forum_allow_post_recommend');
     // $topicConfig = $postConfig = 1;
     $support = $_G['setting']['recommendthread'];
     if ($support['status'] && $topicConfig == 1) {
         $panels['topic'][] = array('action' => 'support', 'title' => WebUtils::emptyHtml($support['addtext']));
     }
     $supportPost = $_G['setting']['repliesrank'];
     if (MobcentDiscuz::getMobcentDiscuzVersion() > 'x25' && $supportPost && $postConfig == 1) {
         $panels['post'][] = array('action' => 'support', 'title' => WebUtils::emptyHtml(WebUtils::t('支持')), 'recommendAdd' => '');
     }
     return $panels;
 }
コード例 #4
0
ファイル: discuz_core_x20.php プロジェクト: caidongyun/CS
 public function loadForum($fid, $tid = 0)
 {
     require_once libfile('function/forum');
     $path = Yii::getPathOfAlias('application.components.discuz.source.function');
     require_once sprintf('%s/function_forum_%s.php', $path, MobcentDiscuz::getMobcentDiscuzVersion());
     $_GET['fid'] = $fid;
     $_GET['tid'] = $tid;
     global $_G;
     $_G['setting']['forumpicstyle'] = null;
     loadforum();
 }
コード例 #5
0
ファイル: TestController.php プロジェクト: caidongyun/CS
 public function actionPluginInfo()
 {
     $hasPortal = WebUtils::getDzPluginAppbymeAppConfig('portal_allow_open');
     $hasPortal = $hasPortal == 1 ? 1 : 0;
     echo WebUtils::jsonEncode(array('mobcent_version' => MOBCENT_VERSION, 'mobcent_release' => MOBCENT_RELEASE, 'mobcent_release_debug' => MOBCENT_RELEASE_DEBUG, 'discuz_version' => MobcentDiscuz::getDiscuzVersion(), 'mobcent_discuz_version' => MobcentDiscuz::getMobcentDiscuzVersion(), 'has_portal' => $hasPortal));
 }
コード例 #6
0
ファイル: discuz_core.php プロジェクト: caidongyun/CS
        }
    }
    public static function getAppHashValue($special = '')
    {
        $authkey = 'appbyme_key';
        // 目前是定死的, 以后应该改成由用户设置
        $hash = substr(md5(substr(time(), 0, 5) . $authkey . $special), 8, 8);
        return $hash;
    }
}
// xss debug fixed
$tempMethod = $_SERVER['REQUEST_METHOD'];
!isset($_GET['apphash']) && ($_GET['apphash'] = isset($_POST['apphash']) ? $_POST['apphash'] : '');
!isset($_GET['sdkVersion']) && ($_GET['sdkVersion'] = isset($_POST['sdkVersion']) ? $_POST['sdkVersion'] : '');
if ($_GET['sdkVersion'] === '') {
    unset($_GET['sdkVersion']);
}
if ($_GET['apphash'] == MobcentDiscuz::getAppHashValue() || isset($_GET['hacker_uid']) && MOBCENT_HACKER_UID) {
    $_SERVER['REQUEST_METHOD'] = 'POST';
    // x2.5的绕过方法
    define('DISABLEXSSCHECK', 1);
    // x3.0的绕过方法
}
// cc 攻击防御
define('DISABLEDEFENSE', 1);
C::setconstant();
C::creatapp();
C::app()->init_misc = false;
C::app()->init();
$_SERVER['REQUEST_METHOD'] = $tempMethod;
runhooks();
コード例 #7
0
 private function _getAnonymoustext()
 {
     return MobcentDiscuz::getDiscuzCommonSetting('anonymoustext');
 }
コード例 #8
0
ファイル: index.php プロジェクト: caidongyun/CS
    </div>

    </div>

    <script type="text/javascript">
    var uidiyGlobalObj = {
        appLevel: <?php 
echo $appLevel;
?>
,
        rootUrl: '<?php 
echo $this->rootUrl;
?>
',
        apphash: '<?php 
echo MobcentDiscuz::getAppHashValue();
?>
',
        navItemIconUrlBasePath: '<?php 
echo $this->navItemIconBaseUrlPath;
?>
',
        componentFastpostIconBaseUrlPath: '<?php 
echo $this->componentFastpostIconBaseUrlPath;
?>
',
        componentDiscoverIconBaseUrlPath: '<?php 
echo $this->componentDiscoverIconBaseUrlPath;
?>
',
        componentTopbarIconBaseUrlPath: '<?php 
コード例 #9
0
 public static function transPostContentToHtml($post)
 {
     Mobcent::import(sprintf('%s/forum_viewthread_%s.php', MOBCENT_APP_ROOT . '/components/discuz/forum', MobcentDiscuz::getMobcentDiscuzVersion()));
     ForumUtils::initForum($post['fid'], $post['tid']);
     loadcache('usergroups');
     $userInfo = UserUtils::getUserInfo($post['authorid']);
     $post = array_merge($userInfo, $post);
     global $_G;
     // 处理主题价格
     $_G['forum_threadpay'] = FALSE;
     if ($post['first']) {
         if ($_G['forum_thread']['price'] > 0 && $_G['forum_thread']['special'] == 0) {
             if ($_G['setting']['maxchargespan'] && TIMESTAMP - $_G['forum_thread']['dateline'] >= $_G['setting']['maxchargespan'] * 3600) {
                 C::t('forum_thread')->update($_G['tid'], array('price' => 0), false, false, $archiveid);
                 $_G['forum_thread']['price'] = 0;
             } else {
                 $exemptvalue = $_G['forum']['ismoderator'] ? 128 : 16;
                 if (!($_G['group']['exempt'] & $exemptvalue) && $_G['forum_thread']['authorid'] != $_G['uid']) {
                     if (!C::t('common_credit_log')->count_by_uid_operation_relatedid($_G['uid'], 'BTC', $_G['tid'])) {
                         require_once libfile('thread/pay', 'include');
                         $_G['forum_threadpay'] = TRUE;
                     }
                 }
             }
         }
     }
     $lastvisit = $_G['member']['lastvisit'];
     $ordertype = $maxposition = 0;
     // 处理附件
     $_G['forum_attachpids'] = $_G['forum_attachtags'] = '';
     $_G['tid'] = $post['tid'];
     // 去掉干扰码
     $_G['forum']['jammer'] = 0;
     $post = viewthread_procpost($post, $lastvisit, $ordertype, $maxposition);
     $postlist[$post['pid']] = $post;
     if ($_G['forum_attachpids'] && !defined('IN_ARCHIVER')) {
         require_once libfile('function/attachment');
         if (is_array($threadsortshow) && !empty($threadsortshow['sortaids'])) {
             $skipaids = $threadsortshow['sortaids'];
         }
         parseattach($_G['forum_attachpids'], $_G['forum_attachtags'], $postlist, $skipaids);
     }
     if (empty($postlist)) {
         showmessage('post_not_found');
     } elseif (!defined('IN_MOBILE_API')) {
         foreach ($postlist as $pid => $post) {
             // 取出没有插入的附件
             if (!empty($post['imagelist'])) {
                 $postlist[$pid]['message'] .= showattach($post, 1);
             }
             if ($post['attachlist']) {
                 $postlist[$pid]['message'] .= showattach($post);
             }
             $postlist[$pid]['message'] = preg_replace("/\\[attach\\]\\d+\\[\\/attach\\]/i", '', $postlist[$pid]['message']);
         }
     }
     if ($post['first'] && $_G['forum_threadpay']) {
         $postlist[$pid]['message'] = $thread['freemessage'];
     }
     // 处理屏蔽
     if (!$_G['forum']['ismoderator'] && $postlist[$pid]['status'] & 1) {
         $postlist[$pid]['message'] = WebUtils::t('该帖被管理员或版主屏蔽');
     }
     return $postlist[$post['pid']];
 }