`ID` int(11) NOT NULL,
`block_list` longtext NOT NULL,
PRIMARY KEY (`ID`)
) DEFAULT CHARSET=utf8');
$mysql->exec('ALTER TABLE `users` ADD `newmd5` TEXT NOT NULL AFTER `md5`; ');
$mysql->exec('UPDATE `users` SET `newmd5` = if (`md5` = "", "", concat("[\\"", `md5`, "\\"]"))');
$mysql->exec('ALTER TABLE `users` DROP `md5` ;');
$res = $mysql->prepare('select watchlist.*,username,cookie,newmd5 as usermd5, block_list from watchlist left join block_list on block_list.ID=watchlist.id left join users on users.ID=watchlist.user_id where watchlist.id=?');
$res->execute(array($id));
}
$res = $res->fetch();
if (empty($res)) {
echo '<h1>错误:找不到编号为' . $_SERVER['QUERY_STRING'] . '的记录</h1>';
die;
}
$token = getBaiduToken($res['cookie'], $res['username']);
if ($token === false) {
echo '<h1>由于cookie失效,无法进行补档,';
if ($res['link'] == '/s/fakelink' || $res['link'] == '/s/notallow') {
echo '请联系上传者!';
} else {
echo '请尝试直接<a href="http://pan.baidu.com' . $res['link'] . '">访问分享页</a>';
}
die;
}
$meta = getFileMeta($res['name'], $token, $res['cookie']);
if ($meta === false) {
echo '<h1>文件不存在QuQ</h1>';
$mysql->exec('update watchlist set failed=3 where id=' . $_SERVER['QUERY_STRING']);
die;
} else {
$mysql->query('set names utf8');
session_start();
if (isset($_GET['switch_user'])) {
if (!is_numeric($_GET['switch_user'])) {
alert_error('用户ID错误', 'switch_user.php');
}
$user = $mysql->query('select * from users where ID=' . $_GET['switch_user'])->fetch();
if (empty($user)) {
alert_error('找不到用户', 'switch_user.php');
}
unset($_SESSION['filecheck'], $_SESSION['folder'], $_SESSION['list'], $_SESSION['list_filenames']);
$_SESSION['user_id'] = $user['ID'];
$_SESSION['username'] = $user['username'];
$_SESSION['cookie'] = $user['cookie'];
$_SESSION['md5'] = $user['md5'];
$_SESSION['bds_token'] = getBaiduToken($user['cookie'], $user['username']);
unset($_SESSION['folder']);
wlog('切换用户:[' . $user['ID'] . ']' . $user['username']);
header('Location: browse.php');
die;
} elseif (!isset($_GET['add_user']) && (isset($_POST['password']) || isset($_GET['remove_user']))) {
if (isset($_GET['remove_user'])) {
wlog('请求删除用户[' . $_GET['remove_user'] . ']', 1);
}
if (isset($_POST['password'])) {
if (isset($_POST['code_string'])) {
$result = baidu_login($_POST['name'], $_POST['password'], $_POST['code_string'], $_POST['captcha']);
} else {
$result = baidu_login($_POST['name'], $_POST['password']);
}
if (!$result['errno']) {
