public function antiWord($text) { //先干掉所有空格,不管你是所有空格+全角空格 $text = preg_replace("/\\s| /", "", $text); $arrWords = $this->findAll('anti_word'); foreach ($arrWords as $key => $item) { $arrWord[] = $item['word']; } $strWord = ''; $count = 1; if (is_array($arrWord)) { foreach ($arrWord as $item) { if ($count == 1) { $strWord .= $item; } else { $strWord .= '|' . $item; } $count++; } //第一过滤层,大致的扫一下 if ($text) { preg_match("/{$strWord}/i", $text, $matche1); if (!empty($matche1[0])) { //tsNotice('提示:内容中存在被禁止使用的词汇:'.$matche1[0]); tsNotice('非法操作'); } } //第二过滤层 preg_match("/{$strWord}/i", t($text), $matche2); if (!empty($matche2[0])) { //tsNotice('内容中存在被禁止使用的词汇:'.$matche2[0]); tsNotice('非法操作'); } //第三过滤层,滤中文中的特殊字符 $text3 = @preg_replace("/[^\\x{4e00}-\\x{9fa5}]/iu", '', $text); preg_match("/{$strWord}/i", t($text3), $matche3); if (!empty($matche3[0])) { //tsNotice('内容中存在被禁止使用的词汇:'.$matche3[0]); tsNotice('非法操作'); } //第四过滤层,过滤QQ号,电话,妈的,老子就不信搞不死你 $text4 = @preg_replace("/[^\\d]/iu", '', $text); preg_match("/{$strWord}/i", t($text4), $matche4); if (!empty($matche4[0])) { //tsNotice('内容中存在被禁止使用的词汇:'.$matche4[0]); tsNotice('非法操作'); } } return true; }
<?php //插件条件入口 defined('IN_TS') or die('Access Denied.'); if (is_file('plugins/' . $app . '/' . $plugin . '/' . $in . '.php')) { require_once 'plugins/' . $app . '/' . $plugin . '/' . $in . '.php'; } else { tsNotice('sorry:no plugin!'); } //形如这样 //index.php?app=group&ac=plugin&plugin=qq&in=do
$TS_SITE = fileRead('data/system_options.php'); if ($TS_SITE == '') { $TS_SITE = $tsMySqlCache->get('system_options'); } //加载APP导航 $TS_SITE['appnav'] = fileRead('data/system_appnav.php'); if ($TS_SITE['appnav'] == '') { $TS_SITE['appnav'] = $tsMySqlCache->get('system_appnav'); } if (is_file('data/' . $TS_URL['app'] . '_options.php')) { $TS_APP = fileRead('data/' . $TS_URL['app'] . '_options.php'); if ($TS_APP == '') { $TS_APP = $tsMySqlCache->get($TS_URL['app'] . '_options'); } if ($TS_APP['isenable'] == '1' && $TS_URL['ac'] != 'admin') { tsNotice($TS_URL['app'] . "应用关闭,请开启后访问!"); } } //定义网站URL define('SITE_URL', $TS_SITE['site_url']); //设置时区 date_default_timezone_set($TS_SITE['timezone']); //接管SESSION,前台用户基本数据,$TS_USER数组 $TS_USER = isset($_SESSION['tsuser']) ? $_SESSION['tsuser'] : ''; //记录日志 if ($TS_CF['logs']) { //打印用户日志记录 userlog($_POST, intval($TS_USER['userid'])); userlog($_GET, intval($TS_USER['userid'])); } //控制前台ADMIN访问权限
switch ($ts) { case "": $title = '发布活动'; include template("add"); break; case "do": $title = trim($_POST['title']); $typeid = intval($_POST['typeid']); $starttime = trim($_POST['starttime']); $endtime = trim($_POST['endtime']); $address = trim($_POST['address']); $coordinate = trim($_POST['coordinate']); //坐标 $content = tsClean($_POST['content']); if ($title == '' || $content == '') { tsNotice('标题和内容不能为空'); } $eventid = $new['event']->create('event', array('userid' => $userid, 'title' => $title, 'typeid' => $typeid, 'starttime' => $starttime, 'endtime' => $endtime, 'address' => $address, 'coordinate' => $coordinate, 'content' => $content, 'isaudit' => 1, 'addtime' => time())); //上传 $arrUpload = tsUpload($_FILES['photo'], $eventid, 'event', array('jpg', 'gif', 'png')); if ($arrUpload) { $new['event']->update('event', array('eventid' => $eventid), array('path' => $arrUpload['path'], 'photo' => $arrUpload['url'])); } header("Location: " . tsUrl('event', 'show', array('id' => $eventid))); break; //地图 //地图 case "map": $dd = isset($_GET['dd']) ? $_GET['dd'] : '中国北京'; include template('add_map'); break;
//必须上传头像 case "face": $userid = aac('user')->isLogin(); $strUser = $new['user']->getOneUser($userid); $title = '上传头像'; include template('verify_face'); break; case "facedo": $userid = aac('user')->isLogin(); if ($_FILES['picfile']) { //上传 $arrUpload = tsUpload($_FILES['picfile'], $userid, 'user', array('jpg', 'gif', 'png')); if ($arrUpload) { $new['user']->update('user_info', array('userid' => $userid), array('path' => $arrUpload['path'], 'face' => $arrUpload['url'])); $filesize = abs(filesize('uploadfile/user/' . $arrUpload['url'])); if ($filesize <= 0) { $new['user']->update('user_info', array('userid' => $userid), array('path' => '', 'face' => '')); tsNotice('上传头像失败!'); } else { //更新缓存头像 $_SESSION['tsuser']['face'] = $arrUpload['url']; $_SESSION['tsuser']['path'] = $arrUpload['path']; tsDimg($arrUpload['url'], 'user', '120', '120', $arrUpload['path']); header('Location: ' . tsUrl('user', 'verify', array('ts' => 'face'))); } } else { tsNotice('头像修改失败'); } } break; }
tsNotice('用户已经加入小组!'); } $new['group']->create('group_user', array('userid' => $iuserid, 'groupid' => $groupid, 'addtime' => time())); //计算小组会员数 $count_user = $new['group']->findCount('group_user', array('groupid' => $groupid)); //更新小组成员统计 $new['group']->update('group', array('groupid' => $groupid), array('count_user' => $count_user)); //发送系统消息开始 $msg_userid = '0'; $msg_touserid = $iuserid; $msg_content = '你被邀请加入一个小组,快去看看吧<br />' . tsUrl('group', 'show', array('id' => $groupid)); aac('message')->sendmsg($msg_userid, $msg_touserid, $msg_content); //发送系统消息end header('Location: ' . tsUrl('group', 'show', array('id' => $groupid))); } else { tsNotice('倒霉了吧?'); } break; //usertips //usertips case "usertips": $data = fileRead('data/user_tips.php'); if ($data == '') { $query = $db->fetch_all_assoc("select * from " . dbprefix . "user_info"); foreach ($query as $user) { $usertip[] = array('user' => $user['username'], 'name' => $user['userid']); } fileWrite('user_tips.php', 'data', json_encode($usertip)); $data = fileRead('data/user_tips.php'); } echo $data;
<?php defined('IN_TS') or die('Access Denied.'); //用户是否登录 $userid = aac('user')->isLogin(); switch ($ts) { //发送消息页面 case "add": $touserid = intval($_GET['touserid']); if ($userid == $touserid || !$touserid) { tsNotice("Sorry!自己不能给自己发送消息的!& 对方为空!"); } $strUser = $new['user']->getOneUser($userid); $strTouser = $new['user']->getOneUser($touserid); if (!$strTouser) { tsNotice("Sorry!对方不存在!"); } $title = "发送短消息"; include template("message_add"); break; case "do": $msg_userid = $userid; $msg_touserid = intval($_POST['touserid']); $msg_content = tsFilter($_POST['content']); aac('system')->antiWord($msg_content); aac('message')->sendmsg($msg_userid, $msg_touserid, $msg_content); header("Location: " . tsUrl('message', 'my')); break; }
$userid = aac('user')->isLogin(); switch ($ts) { case "": $title = '创建圖'; include template("create"); break; case "do": if ($_POST['token'] != $_SESSION['token']) { tsNotice('非法操作!'); } //用户是否登录 $userid = aac('user')->isLogin(); $albumname = trim($_POST['albumname']); $albumdesc = tsClean($_POST['albumdesc']); if ($albumname == '') { tsNotice("圖名称不能为空!"); } //1审核后显示0不审核 if ($TS_APP['isaudit'] == 1) { $isaudit = 1; } else { $isaudit = 0; } if ($TS_USER['isadmin'] == 0) { //过滤内容开始 aac('system')->antiWord($albumname); aac('system')->antiWord($albumdesc); //过滤内容结束 } $albumid = $new['photo']->create('photo_album', array('userid' => $userid, 'albumname' => $albumname, 'albumdesc' => $albumdesc, 'isaudit' => $isaudit, 'addtime' => date('Y-m-d H:i:s'), 'uptime' => date('Y-m-d H:i:s'))); header("Location: " . tsUrl('photo', 'upload', array('albumid' => $albumid)));
} switch ($ts) { case "": $title = '创建相册'; include template("create"); break; case "do": if ($_POST['token'] != $_SESSION['token']) { tsNotice('非法操作!'); } //用户是否登录 $userid = aac('user')->isLogin(); $albumname = trim($_POST['albumname']); $albumdesc = trim($_POST['albumdesc']); if ($albumname == '') { tsNotice("相册名称不能为空!"); } //1审核后显示0不审核 if ($TS_APP['isaudit'] == 1) { $isaudit = 1; } else { $isaudit = 0; } if ($TS_USER['isadmin'] == 0) { //过滤内容开始 aac('system')->antiWord($albumname); aac('system')->antiWord($albumdesc); //过滤内容结束 } $albumid = $new['photo']->create('photo_album', array('userid' => $userid, 'albumname' => $albumname, 'albumdesc' => $albumdesc, 'isaudit' => $isaudit, 'addtime' => date('Y-m-d H:i:s'), 'uptime' => date('Y-m-d H:i:s'))); header("Location: " . tsUrl('photo', 'upload', array('albumid' => $albumid)));
//添加评论 //添加评论 case "comment_do": //用户是否登录 $userid = aac('user')->isLogin(); $photoid = intval($_POST['photoid']); $content = tsClean($_POST['content']); if ($TS_USER['isadmin'] == 0) { //过滤内容开始 aac('system')->antiWord($content); //过滤内容结束 } $commentid = $new['photo']->create('photo_comment', array('photoid' => $photoid, 'userid' => $userid, 'content' => $content, 'addtime' => time())); header("Location: " . tsUrl('photo', 'show', array('id' => $photoid))); break; //删除评论 //删除评论 case "delcomment": //用户是否登录 $userid = aac('user')->isLogin(); $commentid = intval($_GET['commentid']); $strComment = $new['photo']->find('photo_comment', array('commentid' => $commentid)); $strTopic = $new['photo']->find('photo', array('photoid' => $strComment['photoid'])); if ($userid == $strPhoto['userid'] || $TS_USER['isadmin'] == '1') { $new['photo']->delete('photo_comment', array('commentid' => $commentid)); tsNotice("删除评论成功!"); } else { tsNotice("非法操作!"); } break; }
$userid = $new['user']->isLogin(); $touserid = intval($_POST['touserid']); $reid = intval($_POST['reid']); $content = tsClean($_POST['content']); $arrContent = explode('#', $content); $content = $arrContent['1']; if ($content == '') { tsNotice('留言不能为空!'); } aac('system')->antiWord($content); $new['user']->create('user_gb', array('userid' => $userid, 'reid' => $reid, 'touserid' => $touserid, 'content' => $content, 'addtime' => date('Y-m-d H:i:s'))); //发送系统消息 $msg_userid = '0'; $msg_touserid = $touserid; $msg_content = '有人在你的留言板上留言了哦,快去看看吧!'; $msg_tourl = tsUrl('user', 'space', array('id' => $touserid)); aac('message')->sendmsg($msg_userid, $msg_touserid, $msg_content, $msg_tourl); tsNotice('回复成功!'); break; //删除留言 //删除留言 case "delete": $userid = $new['user']->isLogin(); $gbid = intval($_GET['gbid']); $strGuest = $new['user']->find('user_gb', array('id' => $gbid)); if ($strGuest['touserid'] == $userid) { $new['user']->delete('user_gb', array('id' => $gbid)); } tsNotice('留言删除成功'); break; }
unset($_GET); $res = $new['group']->find('user_topic_declare', array('commentid' => $id, 'userid' => $userid)); if ($res) { tsNotice('不要重复评价,请保持良好的心态,有益身体健康!'); } // 增加支持数 $comment_data = $new['group']->find('group_topic_comment', array('commentid' => $id)); $support_nums = $comment_data['support'] + 1; $new['group']->update('group_topic_comment', array('commentid' => $id), array('support' => $support_nums)); // 增加评价记录 $new['group']->create('user_topic_declare', array('commentid' => $id, 'userid' => $userid)); tsNotice('表态成功!', '点击返回>>', $_SERVER['HTTP_REFERER'], true); break; // 评论支持 // 评论支持 case "oppose": $id = isset($_GET['commentid']) && intval($_GET['commentid']) ? intval($_GET['commentid']) : tsNotice('请指定要支持的评论!'); unset($_GET); $res = $new['group']->find('user_topic_declare', array('commentid' => $id, 'userid' => $userid)); if ($res) { tsNotice('不要重复评价,请保持良好的心态,有益身体健康!'); } // 增加支持数 $comment_data = $new['group']->find('group_topic_comment', array('commentid' => $id)); $oppose_nums = $comment_data['oppose'] + 1; $new['group']->update('group_topic_comment', array('commentid' => $id), array('oppose' => $oppose_nums)); // 增加评价记录 $new['group']->create('user_topic_declare', array('commentid' => $id, 'userid' => $userid)); tsNotice('表态成功!', '点击返回>>', $_SERVER['HTTP_REFERER'], true); break; }
if ($_POST['token'] != $_SESSION['token']) { tsNotice('非法操作!'); } $email = trim($_POST['email']); $pwd = trim($_POST['pwd']); $cktime = $_POST['cktime']; if ($email == '' || $pwd == '') { qiMsg("所有输入项都不能为空^_^"); } $countAdmin = $new['system']->findCount('user', array('email' => $email)); if ($countAdmin == 0) { qiMsg('用户Email不存在!'); } $strAdmin = $new['system']->find('user', array('email' => $email)); if (md5($strAdmin['salt'] . $pwd) !== $strAdmin['pwd']) { tsNotice('用户密码错误!'); } $strAdminInfo = $new['system']->find('user_info', array('email' => $email), 'userid,username,isadmin'); if ($strAdminInfo['isadmin'] != 1) { qiMsg("你无权登录后台管理!"); } $_SESSION['tsadmin'] = $strAdminInfo; header("Location: " . SITE_URL . "index.php?app=system"); break; //退出 //退出 case "out": unset($_SESSION['tsadmin']); header("Location: " . SITE_URL . "index.php?app=system&ac=login"); break; }
break; //编辑帖子执行 //编辑帖子执行 case "do": if ($_POST['token'] != $_SESSION['token']) { tsNotice('非法操作!'); } $topicid = intval($_POST['topicid']); $typeid = intval($_POST['typeid']); $title = trim($_POST['title']); //echo br2nl($_POST['content']);exit; $content = tsClean($_POST['content']); $iscomment = intval($_POST['iscomment']); $iscommentshow = intval($_POST['iscommentshow']); if ($topicid == '' || $title == '' || $content == '') { tsNotice("都不能为空的哦!"); } if ($TS_USER['isadmin'] == 0) { //过滤内容开始 aac('system')->antiWord($title); aac('system')->antiWord($content); //过滤内容结束 } $strTopic = $new['group']->find('group_topic', array('topicid' => $topicid)); $strGroup = $new['group']->find('group', array('groupid' => $strTopic['groupid'])); $strGroupUser = $new['group']->find('group_user', array('userid' => $userid, 'groupid' => $strTopic['groupid'])); if ($strTopic['userid'] == $userid || $strGroup['userid'] == $userid || $TS_USER['isadmin'] == 1 || $strGroupUser['isadmin'] == 1) { $new['group']->update('group_topic', array('topicid' => $topicid), array('typeid' => $typeid, 'title' => $title, 'content' => $content, 'iscomment' => $iscomment, 'iscommentshow' => $iscommentshow)); //处理标签 $tag = trim($_POST['tag']); if ($tag) {
if (aac('user')->isPublisher() == false) { tsNotice('不好意思,你还没有权限发布内容!'); } switch ($ts) { case "": $title = '创建资料库'; include template('create'); break; case "do": $title = trim($_POST['title']); $content = tsClean($_POST['content']); if (intval($TS_USER['isadmin']) == 0) { // 过滤内容开始 aac('system')->antiWord($title); aac('system')->antiWord($content); // 过滤内容结束 } //1审核后显示0不审核 if ($TS_APP['isaudit'] == 1) { $isaudit = 1; } else { $isaudit = 0; } if ($title && $content) { $albumid = $new['attach']->create('attach_album', array('userid' => $userid, 'title' => $title, 'content' => $content, 'isaudit' => $isaudit, 'addtime' => date('Y-m-d H:i:s'), 'uptime' => date('Y-m-d H:i:s'))); header('Location: ' . tsUrl('attach', 'upload', array('albumid' => $albumid))); } else { tsNotice('资料库信息填写不完整'); } break; }
//更新Email $new['my']->update('user', array('userid' => $strUser['userid']), array('email' => $email)); //修改信息并将用户设为未验证状态 $new['my']->update('user_info', array('userid' => $strUser['userid']), array('email' => $email, 'isverify' => '0')); tsNotice('Email帐号修改成功,下次请用' . $email . '登录网站!'); } else { tsNotice('新Email帐号不能和旧Email帐号一样!'); } break; //设置常居地 //设置常居地 case "city": $title = '常居地修改'; include template("setting_city"); break; case "citydo": $province = trim($_POST['province']); $city = trim($_POST['city']); $new['my']->update('user_info', array('userid' => $userid), array('province' => $province, 'city' => $city)); tsNotice("常居地更新成功!"); break; //个人标签 //个人标签 case "tag": $arrTag = aac('tag')->getObjTagByObjid('user', 'userid', $userid); $title = '个人标签修改'; include template("setting_tag"); break; case "tagdo": break; }
} if ($TS_USER['isadmin'] == 0) { aac('system')->antiWord($title); aac('system')->antiWord($content); aac('system')->antiWord($tag); } $iscomment = intval($_POST['iscomment']); $iscommentshow = intval($_POST['iscommentshow']); // 帖子是否需要审核 if ($strGroup['ispostaudit'] == 1) { $isaudit = 1; } else { $isaudit = 0; } if ($title == '' || $content == '') { tsNotice('没有任何内容是不允许你通过滴^_^'); } /** * ****************** */ // 防止用户发布重复内容,调出用户上一次发表的内容 $strPreTopic = $new['group']->find('group_topic', array('userid' => $userid), 'topicid,title,addtime', 'addtime desc'); // print_r($strPreTopic);exit; // 发帖间隔时间 $IntervalTime = time() - $strPreTopic['addtime']; // if($strPreTopic && $IntervalTime<3600){ if ($strPreTopic) { similar_text($strPreTopic['title'], $title, $percent); if ($percent >= 90) { $new['group']->update('group_topic', array('topicid' => $strPreTopic['topicid']), array('isaudit' => 1)); $isaudit = 1;
<?php defined('IN_TS') or die('Access Denied.'); //管理入口 if (is_file('app/' . $app . '/action/admin/' . $mg . '.php')) { include_once 'app/' . $app . '/action/admin/' . $mg . '.php'; } else { tsNotice('sorry:no index!'); }
tsNotice('小组名称和介绍不能为空!'); } //过滤内容开始 if ($TS_USER['isadmin'] != 1) { aac('system')->antiWord($groupname); aac('system')->antiWord($groupdesc); } //过滤内容结束 //配置文件是否需要审核 $isaudit = intval($TS_APP['isaudit']); if ($TS_USER['isadmin'] == 1) { $isaudit = 0; } $isGroup = $new['group']->findCount('group', array('groupname' => $groupname)); if ($isGroup > 0) { tsNotice("小组名称已经存在,请更换其他小组名称!"); } $groupid = $new['group']->create('group', array('userid' => $userid, 'groupname' => $groupname, 'groupdesc' => $groupdesc, 'isaudit' => $isaudit, 'addtime' => time())); //上传 $arrUpload = tsUpload($_FILES['photo'], $groupid, 'group', array('jpg', 'gif', 'png', 'jpeg')); if ($arrUpload) { $new['group']->update('group', array('groupid' => $groupid), array('path' => $arrUpload['path'], 'photo' => $arrUpload['url'])); } //绑定成员 $new['group']->create('group_user', array('userid' => $userid, 'groupid' => $groupid, 'addtime' => time())); //更新 $count_group = $new['group']->findCount('group_user', array('userid' => $userid)); $new['group']->update('user_info', array('userid' => $userid), array('count_group' => $count_group)); //更新小组人数 $new['group']->update('group', array('groupid' => $groupid), array('count_user' => 1)); //更新分类统计
<?php defined('IN_TS') or die('Access Denied.'); //程序主体 switch ($ts) { case "": if (intval($TS_USER['userid']) > 0) { tsNotice("已经登陆啦!"); } //记录上次访问地址 $jump = $_SERVER['HTTP_REFERER']; $title = '登录'; include template("login"); break; //执行登录 //执行登录 case "do": //用于JS提交验证 $js = intval($_GET['js']); $ad = intval($_POST['ad']); if ($_POST['token'] != $_SESSION['token']) { getJson('非法操作!', $js); } /*禁止以下IP用户登陆或注册*/ $arrIp = aac('system')->antiIp(); if (in_array(getIp(), $arrIp)) { getJson('你的IP已被锁定,暂无法登录!', $js); } $jump = trim($_POST['jump']); $email = trim($_POST['email']); $pwd = trim($_POST['pwd']);
<?php defined('IN_TS') or die('Access Denied.'); $articleid = intval($_GET['id']); $strArticle = $new['article']->find('article', array('articleid' => $articleid)); if ($articleid == 0 || $strArticle == '') { header("HTTP/1.1 404 Not Found"); header("Status: 404 Not Found"); $title = '404'; include pubTemplate("404"); exit; } // 是否审核 if ($strArticle['isaudit'] == 1) { tsNotice('内容审核中...'); } $strArticle['title'] = tsTitle($strArticle['title']); $strArticle['content'] = tsDecode($strArticle['content']); $strArticle['tags'] = aac('tag')->getObjTagByObjid('article', 'articleid', $articleid); $strArticle['user'] = aac('user')->getOneUser($strArticle['userid']); $strArticle['cate'] = $new['article']->find('article_cate', array('cateid' => $strArticle['cateid'])); // 获取评论 $page = isset($_GET['page']) ? intval($_GET['page']) : 1; $url = tsUrl('article', 'show', array('id' => $articleid, 'page' => '')); $lstart = $page * 10 - 10; $arrComments = $new['article']->findAll('article_comment', array('articleid' => $articleid), 'addtime desc', null, $lstart . ',10'); foreach ($arrComments as $key => $item) { $arrComment[] = $item; $arrComment[$key]['content'] = tsDecode($item['content']); $arrComment[$key]['user'] = aac('user')->getOneUser($item['userid']); }
} else { tsNotice('非法操作!'); } break; //批量修改 //批量修改 case "info": //用户是否登录 $userid = aac('user')->isLogin(); $albumid = intval($_GET['albumid']); $addtime = intval($_GET['addtime']); $strAlbum = $new['photo']->find('photo_album', array('albumid' => $albumid)); $strAlbum['albumname'] = stripslashes($strAlbum['albumname']); $strAlbum['albumdesc'] = stripslashes($strAlbum['albumdesc']); if ($strAlbum['userid'] != $userid) { tsNotice('非法操作'); } //统计 $count_photo = $new['photo']->findCount('photo', array('albumid' => $albumid)); $new['photo']->update('photo_album', array('albumid' => $albumid), array('count_photo' => $count_photo)); //添加圖封面 if ($strAlbum['albumface'] == '') { $strPhoto = $new['photo']->find('photo', array('albumid' => $strAlbum['albumid'])); $new['photo']->update('photo_album', array('albumid' => $albumid), array('path' => $strPhoto['path'], 'albumface' => $strPhoto['photourl'])); } if ($addtime) { $arr = array('albumid' => $albumid, 'addtime' => date('Y-m-d H:i:s', $addtime)); } else { $arr = array('albumid' => $albumid); } $arrPhoto = $new['photo']->findAll('photo', $arr);
<?php defined('IN_TS') or die('Access Denied.'); //修改单个图片信息 $userid = aac('user')->isLogin(); switch ($ts) { case "": $photoid = intval($_GET['photoid']); $strPhoto = $new['photo']->find('photo', array('photoid' => $photoid)); $strPhoto['photoname'] = stripslashes($strPhoto['photoname']); $strPhoto['photodesc'] = stripslashes($strPhoto['photodesc']); if ($strPhoto['userid'] == $userid || $TS_USER['isadmin'] == 1) { $title = '修改图片信息'; include template('photo_edit'); } else { tsNotice('非法操作!'); } break; case "do": if ($_POST['token'] != $_SESSION['token']) { tsNotice('非法操作!'); } $photoid = intval($_POST['photoid']); $photoname = tsClean($_POST['photoname']); $photodesc = tsClean($_POST['photodesc']); $new['photo']->update('photo', array('photoid' => $photoid), array('photoname' => $photoname, 'photodesc' => $photodesc)); header('Location: ' . tsUrl('photo', 'show', array('id' => $photoid))); break; }
<?php defined('IN_TS') or die('Access Denied.'); //用户注册 switch ($ts) { case "": if (intval($TS_USER['userid']) > 0) { tsNotice("请退出后再注册!"); } //邀请用户ID $fuserid = intval($_GET['fuserid']); require_once "thinksaas/class.geetest.php"; $geetest = new Geetest(); $geetest->set_captchaid("1af5a4e60b594c11fb017d6ad7da0f37"); //TO DO 请使用自己的验证码ID替换此处 $title = '注册'; include template("register"); break; case "do": require_once "thinksaas/class.geetest.php"; $geetest = new Geetest(); $geetest->set_privatekey("83dfaed7e0a54f214ca1b91c968f40e5"); //TO DO 请使用自己的验证码KEY替换此处 //用于JS提交验证 $js = intval($_GET['js']); if ($_POST['token'] != $_SESSION['token']) { getJson('非法操作!', $js); } $email = trim($_POST['email']); $pwd = trim($_POST['pwd']); $repwd = trim($_POST['repwd']);
$title = $strTopic['title']; include template("topic_isopen"); exit; } $strTopic['title'] = tsTitle($strTopic['title']); $tpUrl = tpPage($strTopic['content'], 'group', 'topic', array('id' => $topicid)); $strTopic['content'] = tsDecode($strTopic['content'], $tp); //判断是否评论后显示帖子内容 $isComment = $new['group']->findCount('group_topic_comment', array('userid' => intval($TS_USER['userid']), 'topicid' => $strTopic['topicid'])); if ($strTopic['iscommentshow'] == 1 && $isComment == 0 && $strTopic['userid'] != intval($TS_USER['userid'])) { $strTopic['content'] = '<div class="alert alert-info">你需要回复后才可以浏览帖子内容!</div>'; } //编辑的数据 if ($strTopic['userid'] == $TS_USER['userid']) { if ($strTopic['isdelete'] == '1') { tsNotice('你的帖子删除中...'); } } // 帖子分类 if ($strTopic['typeid'] != '0') { $strTopic['type'] = $new['group']->find('group_topic_type', array('typeid' => $strTopic['typeid'])); } $strTopic['content'] = @preg_replace("/\\[@(.*)\\:(.*)]/U", "<a href='" . tsUrl('user', 'space', array('id' => '$2')) . " ' rel=\"face\" uid=\"\$2\"'>@\$1</a>", $strTopic['content']); // 最新帖子 $newTopic = $new['group']->findAll('group_topic', array('isaudit' => '0'), 'addtime desc', null, 10); foreach ($newTopic as $key => $item) { $newTopic[$key]['title'] = tsTitle($item['title']); $newTopic[$key]['content'] = tsDecode($item['content']); } // 帖子标签 $strTopic['tags'] = aac('tag')->getObjTagByObjid('topic', 'topicid', $topicid);
<?php defined('IN_TS') or die('Access Denied.'); $userid = aac('user')->isLogin(); $articleid = intval($_GET['articleid']); $strArticle = $new['article']->find('article', array('articleid' => $articleid)); //普通用户不允许删除内容 if ($TS_SITE['isallowdelete'] && $TS_USER['isadmin'] == 0) { tsNotice('系统不允许用户删除内容,请联系管理员删除!'); } if ($strArticle['userid'] == $userid || $TS_USER['isadmin'] == 1) { $new['article']->delete('article', array('articleid' => $articleid)); $new['article']->delete('article_comment', array('articleid' => $articleid)); $new['article']->delete('article_recommend', array('articleid' => $articleid)); } header('Location: ' . tsUrl('article'));
//更新一级 if ($cateid) { $count_group = $new['group']->findCount('group', array('cateid' => $cateid)); $new['group']->update('group_cate', array('cateid' => $cateid), array('count_group' => $count_group)); } //更新二级 if ($cateid2) { $count_group = $new['group']->findCount('group', array('cateid2' => $cateid2)); $new['group']->update('group_cate', array('cateid' => $cateid2), array('count_group' => $count_group)); } //更新三级 if ($cateid3) { $count_group = $new['group']->findCount('group', array('cateid3' => $cateid3)); $new['group']->update('group_cate', array('cateid' => $cateid3), array('count_group' => $count_group)); } tsNotice('分类修改成功!'); break; //二级分类 //二级分类 case "two": $cateid = intval($_GET['cateid']); $arrCate = $db->fetch_all_assoc("select * from " . dbprefix . "group_cate where referid='{$cateid}'"); if ($arrCate) { echo '<select id="cateid2" name="cateid2">'; echo '<option value="0">请选择</option>'; foreach ($arrCate as $item) { echo '<option value="' . $item['cateid'] . '">' . $item['catename'] . '</option>'; } echo "</select>"; } else { echo '';
$cateid = intval($_POST['cateid']); $title = trim($_POST['title']); $content = tsClean($_POST['content']); $nums = intval($_POST['nums']); $scores = intval($_POST['scores']); $return = intval($_POST['return']); if ($title && $content && $nums) { $goodsid = $new['redeem']->create('redeem_goods', array('cateid' => $cateid, 'title' => $title, 'content' => $content, 'nums' => $nums, 'scores' => $scores, '`return`' => $return, 'addtime' => date('Y-m-d H:i:s'))); $arrUpload = tsUpload($_FILES['photo'], $goodsid, 'redeem', array('jpg', 'gif', 'png', 'jpeg')); if ($arrUpload) { $new['redeem']->update('redeem_goods', array('goodsid' => $goodsid), array('path' => $arrUpload['path'], 'photo' => $arrUpload['url'])); } header('Location: ' . SITE_URL . 'index.php?app=redeem&ac=admin&mg=goods&ts=list'); exit; } else { tsNotice('标题,内容和数量都不能为空!'); } break; case "edit": $goodsid = intval($_GET['goodsid']); $arrCate = $new['redeem']->findAll('redeem_cate'); $strGoods = $new['redeem']->find('redeem_goods', array('goodsid' => $goodsid)); include template('admin/goods_edit'); break; case "editdo": $goodsid = intval($_POST['goodsid']); $cateid = intval($_POST['cateid']); $title = trim($_POST['title']); $content = tsClean($_POST['content']); $nums = intval($_POST['nums']); $scores = intval($_POST['scores']);
//更新登录时间 $new['pubs']->update('user_info', array('userid' => $strOpen['userid']), array('ip' => getIp(), 'uptime' => time())); $_SESSION['tsuser'] = $userData; header("Location: " . SITE_URL); exit; } else { //获取用户基本资料 $c = new SaeTClientV2(WB_AKEY, WB_SKEY, $access_token); $uid_get = $c->get_uid(); $uid = $uid_get['uid']; $arrUserInfo = $c->show_user_by_id($uid); /* Array ( [id] => 2741015883 [idstr] => 2741015883 [class] => 1 [screen_name] => 哥哥很伤心啦 [name] => 哥哥很伤心啦 [province] => 11 [city] => 5 [location] => 北京 朝阳区 [description] => [url] => [profile_image_url] => http://tp4.sinaimg.cn/2741015883/50/5633423902/1 [profile_url] => u/2741015883 [domain] => [weihao] => [gender] => m [followers_count] => 3 [friends_count] => 30 [statuses_count] => 0 [favourites_count] => 0 [created_at] => Thu May 31 17:22:49 +0800 2012 [following] => [allow_all_act_msg] => [geo_enabled] => 1 [verified] => [verified_type] => -1 [remark] => [ptype] => 0 [allow_all_comment] => 1 [avatar_large] => http://tp4.sinaimg.cn/2741015883/180/5633423902/1 [avatar_hd] => http://tp4.sinaimg.cn/2741015883/180/5633423902/1 [verified_reason] => [follow_me] => [online_status] => 0 [bi_followers_count] => 0 [lang] => zh-cn [star] => 0 [mbtype] => 0 [mbrank] => 0 [block_word] => 0 ) */ if ($arrUserInfo['screen_name'] == '') { tsNotice('登陆失败!请使用Email登陆'); } $salt = md5(rand()); $pwd = random(5, 0); $userid = $new['pubs']->create('user', array('pwd' => md5($salt . $pwd), 'salt' => $salt, 'email' => $openid)); //插入ts_user_info $new['pubs']->create('user_info', array('userid' => $userid, 'username' => $arrUserInfo['screen_name'], 'email' => $openid, 'ip' => getIp(), 'addtime' => time(), 'uptime' => time())); //插入ts_user_open $new['pubs']->create('user_open', array('userid' => $userid, 'sitename' => 'weibo', 'openid' => $openid, 'access_token' => $access_token, 'uptime' => time())); //更新用户头像 if ($arrUserInfo['avatar_large']) { //1000个图片一个目录 $menu2 = intval($userid / 1000); $menu1 = intval($menu2 / 1000); $menu = $menu1 . '/' . $menu2; $photo = $userid . '.jpg';
function getJson($data, $js = 1, $status = 0, $url = '') { if ($js) { //header("Content-type: application/json;charset=utf-8"); if ($status == 2 && $url) { echo json_encode(array('status' => $status, 'data' => $data, 'url' => $url)); } else { echo json_encode(array('status' => $status, 'data' => $data)); } exit; } elseif ($js == 0 && $status == 2 && $url) { header('Location: ' . $url); exit; } else { tsNotice($data); } }