/**
* 变量检查
* @param $var
*/
function checkVar(&$var)
{
if (is_array($var)) {
foreach ($var as $key => $value) {
S::checkVar($var[$key]);
}
} elseif (P_W != 'admincp') {
$var = str_replace(array('..', ')', '<', '='), array('..', ')', '<', '='), $var);
} elseif (str_replace(array('<iframe', '<meta', '<script'), '', $var) != $var) {
global $basename;
$basename = 'javascript:history.go(-1);';
adminmsg('word_error');
}
}
/**
* 检查变量
*
* @param mixed $var
* @return mixed
*/
function CheckVar(&$var)
{
S::checkVar($var);
}
$bubbleInfo = $rightset['bubble'];
$uidForBubble = $rightset['uid'];
$admin_gid = $rightset['gid'];
if ($db_ifsafecv && strpos($db_safegroup, ",{$admin_gid},") !== false && !$CK[3]) {
Cookie('AdminUser', '', 0);
adminmsg('safecv_prompt');
}
//* include_once pwCache::getPath(D_P.'data/bbscache/level.php');
pwCache::getData(D_P . 'data/bbscache/level.php');
!defined('If_manager') && define('If_manager', 0);
if (!If_manager) {
Iplimit();
$temp_a = array_merge($_POST, $_GET);
foreach ($temp_a as $key => $value) {
if ($key != 'module') {
S::checkVar($value);
}
}
unset($temp_a);
$admin_level = $ltitle[$admin_gid];
} else {
$admin_level = getLangInfo('other', 'admin_level');
//'manager';
}
$_postdata = $_POST ? PostLog($_POST) : '';
$new_record = '|' . str_replace('|', '|', S::escapeChar($admin_name)) . '||' . str_replace('|', '|', S::escapeChar($REQUEST_URI)) . "|{$onlineip}|{$timestamp}|{$_postdata}|\n";
writeover($bbsrecordfile, $new_record, "ab");
//* pwCache::setData($bbsrecordfile,$new_record, false, "ab");
if ($pwServer['REQUEST_METHOD'] == 'POST') {
$referer_a = @parse_url($pwServer['HTTP_REFERER']);
if ($referer_a['host']) {
$db_cc = 2;
}
if ($db_cc && !defined('COL')) {
pwDefendCc($db_cc);
}
if ($db_htmifopen) {
$_NGET = parseRewriteQueryString($pwServer['QUERY_STRING']);
!empty($_NGET) && ($_GET = $_NGET);
}
foreach ($_POST as $_key => $_value) {
if (!in_array($_key, array('atc_content', 'atc_title', 'quote_content', 'prosign', 'pwuser', 'pwpwd'))) {
S::checkVar($_POST[$_key]);
}
}
foreach ($_GET as $_key => $_value) {
S::checkVar($_GET[$_key]);
}
list($wind_version, $wind_repair, $wind_from) = explode(',', WIND_VERSION);
$db_olsize = 96;
if (false !== ($dirstrpos = strpos($pwServer['SCRIPT_NAME'], $db_dir))) {
$tmp = substr($pwServer['SCRIPT_NAME'], 0, $dirstrpos);
$pwServer['PHP_SELF'] = "{$tmp}.php";
unset($dirstrpos);
} else {
$tmp = $pwServer['SCRIPT_NAME'];
}
$REQUEST_URI = $pwServer['PHP_SELF'] . ($pwServer['QUERY_STRING'] ? '?' . $pwServer['QUERY_STRING'] : '');
//手机跳转
S::gp(array('fromWap'), 'G', 2);
isHeaderWap($fromWap);
$_mainUrl = $index_url = $db_bbsurl;
