Exemplo n.º 1
0
<?php

include __DIR__ . '/common.php';
require __DIR__ . '/language/' . ForumLanguage . '/new.php';
Auth(1, 0, true);
$Error = '';
$Title = '';
$Content = '';
$TagsArray = array();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    SetStyle('api', 'API');
    if (!ReferCheck($_POST['FormHash'])) {
        AlertMsg($Lang['Error_Unknown_Referer'], $Lang['Error_Unknown_Referer'], 403);
    }
    if ($TimeStamp - $CurUserInfo['LastPostTime'] <= 5) {
        //发帖至少要间隔5秒
        AlertMsg($Lang['Posting_Too_Often'], $Lang['Posting_Too_Often']);
    }
    $Title = Request('Post', 'Title');
    $Content = Request('Post', 'Content');
    $TagsArray = $_POST['Tag'];
    if ($Title) {
        if (strlen($Title) <= $Config['MaxTitleChars'] || strlen($Content) <= $Config['MaxPostChars']) {
            if (!empty($TagsArray) && !in_array('', $TagsArray) && count($TagsArray) <= $Config["MaxTagsNum"]) {
                //获取已存在的标签
                $TagsExistArray = $DB->query("SELECT ID,Name FROM `" . $Prefix . "tags` WHERE `Name` in (?)", $TagsArray);
                $TagsExist = ArrayColumn($TagsExistArray, 'Name');
                $TagsID = ArrayColumn($TagsExistArray, 'ID');
                //var_dump($TagsExist);
                $NewTags = TagsDiff($TagsArray, $TagsExist);
                //新建不存在的标签
Exemplo n.º 2
0
$Error = '';
$ErrorCode = 101000;
$UserName = '';
$ReturnUrl = isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER["HTTP_REFERER"]) : '';
if (isset($_GET['logout']) && $_GET['logout'] == $CurUserCode) {
    LogOut();
    if ($ReturnUrl) {
        header('location: ' . $ReturnUrl);
        exit('logout');
    } else {
        header('location: ' . $Config['WebsitePath'] . '/');
        exit('logout');
    }
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' || $IsApp) {
    if (!ReferCheck(Request('Post', 'FormHash'))) {
        AlertMsg($Lang['Error_Unknown_Referer'], $Lang['Error_Unknown_Referer'], 403);
    }
    $ReturnUrl = htmlspecialchars(Request('Post', 'ReturnUrl'));
    $UserName = strtolower(Request('Post', 'UserName'));
    $Password = Request('Post', 'Password');
    $Expires = min(intval(Request('Post', 'Expires', 30)), 30);
    //最多保持登陆30天
    $VerifyCode = intval(Request('Post', 'VerifyCode'));
    do {
        if (!$UserName || !$Password || !$VerifyCode) {
            $Error = $Lang['Forms_Can_Not_Be_Empty'];
            $ErrorCode = 101001;
            break;
        }
        session_start();
Exemplo n.º 3
0
    if (!$OauthObject->GetAccessToken($CurProtocol . $_SERVER['HTTP_HOST'] . $Config['WebsitePath'], $AppID, $AppInfo['AppSecret'], $Code)) {
        AlertMsg('400 Bad Request', '400 Bad Request', 400);
    }
    if (!$OauthObject->GetOpenID()) {
        AlertMsg('400 Bad Request', '400 Bad Request', 400);
    }
    // 非Post页,储存AccessToken
    $_SESSION[$Prefix . 'OauthAccessToken'] = $OauthObject->AccessToken;
    // 释放session防止阻塞
    session_write_close();
    $OauthUserID = $DB->single("SELECT UserID FROM " . $Prefix . "app_users \n\t\tWHERE AppID=:AppID AND OpenID = :OpenID", array('AppID' => $AppID, 'OpenID' => $OauthObject->OpenID));
    $OauthObject->GetUserInfo();
    CheckOpenID();
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    if (!ReferCheck(Request('Post', 'FormHash')) || empty($_SESSION[$Prefix . 'OauthAccessToken']) || !$State || empty($_SESSION[$Prefix . 'OauthState']) || $State != $_SESSION[$Prefix . 'OauthState']) {
        AlertMsg($Lang['Error_Unknown_Referer'], $Lang['Error_Unknown_Referer'], 403);
    }
    // 读入Access Token
    $OauthObject->AccessToken = $_SESSION[$Prefix . 'OauthAccessToken'];
    // 释放session防止阻塞
    session_write_close();
    if (!$OauthObject->GetOpenID()) {
        AlertMsg('400 Bad Request', '400 Bad Request', 400);
    }
    $OauthUserInfo = $OauthObject->GetUserInfo();
    CheckOpenID();
    $UserName = strtolower(Request('Post', 'UserName'));
    if ($UserName && IsName($UserName)) {
        $UserExist = $DB->single("SELECT ID FROM " . $Prefix . "users WHERE UserName = :UserName", array('UserName' => $UserName));
        if (!$UserExist) {