<?php include "funcs.php"; $requesttext = int_getreq(); $request = json_decode($requesttext); set_fromhost(); if (bbs_check_ban_ip($request->userid, $fromhost) != 0) { ie("ip denied."); } if ($request->userid == "guest" || bbs_checkpasswd($request->userid, $request->passwd) != 0) { ie("invalid user."); } $bid = $request->bid; $userec = array(); bbs_getuser($request->userid, $userec); $uid = $userec["index"]; $bname = bbs_getbname($bid); if ($bname == "") { ie("board not found."); } if (!bbs_checkreadperm($uid, $bid)) { ie("permission denied."); } $barr = array(); bbs_getboard($bname, $barr); if (bbs_is_readonly_board($barr)) { ie("board is readonly."); } if (!bbs_checkpostperm($uid, $bid)) { ie("post is denied."); }
<?php require "www2-funcs.php"; set_fromhost(); cache_header("nocache"); @($id = $_POST["id"]); @($passwd = $_POST["passwd"]); @($kick_multi = $_POST["kick_multi"]); @($mainurl = $_GET["mainurl"]); if ($mainurl != "") { $mainurl = urlencode($mainurl); } if ($id == "") { error_alert("用户名不能为空"); } $ret = bbs_check_ban_ip($id, $fromhost); switch ($ret) { case 1: error_alert("对不起,当前位置不允许登录该ID。"); break; case 2: error_alert("该 ID 不欢迎来自该 IP 的用户。"); break; case 3: error_alert("用户密码错误,请重新登录!"); break; } if ($id != "guest" && bbs_checkpasswd($id, $passwd) != 0) { error_alert("用户密码错误,请重新登录!"); } $error = bbs_wwwlogin($kick_multi != "" ? 1 : 0, $fromhost, $fullfromhost);
public static function checkBanIP($id, $from) { $ret = bbs_check_ban_ip($id, $from); return $ret; }