die('管理员设置不可以发表评论');
} elseif ($webdb[Info_PostCommentType] == 1 && !$lfjuid) {
die('管理员设置游客不可以发表评论');
}
if ($webdb[Info_PassCommentType] == 2) {
$yz = 0;
} elseif ($webdb[Info_PassCommentType] == 1 && !$lfjuid) {
$yz = 0;
}
}
$username = filtrate($username);
$content = filtrate($content);
$content = str_replace("@@br@@", "<br>", $content);
//过滤不健康的字
$username = replace_bad_word($username);
$content = replace_bad_word($content);
//处理有人恶意用他人帐号做署名的
if ($username) {
$rs = $db->get_one(" SELECT {$TB['uid']} AS uid FROM {$TB['table']} WHERE {$TB['username']}='{$username}' ");
if ($rs[uid] != $lfjuid) {
$username = "******";
}
}
$rss = $db->get_one(" SELECT * FROM {$_pre}content WHERE id='{$id}' ");
if (!$rss) {
die("原数据不存在");
}
$username || ($username = $lfjid);
$type = 2;
//仅作参考,没太大意义
/*如果系统做了限制,那么有的评论将不给提交成功,但没做提示评论失败*/
$icon_array = getimagesize(ROOT_PATH . "{$webdb['updir']}/{$icon}");
if ($icon_array[0] > 150 || $icon_array[1] > 150) {
$icon_url = "{$webdb['www_url']}/{$webdb['updir']}/{$icon}";
}
}
if ($icon) {
$filetype = strtolower(strrchr($icon, "."));
$icon = filtrate($icon);
if ($filetype != '.gif' && $filetype != '.jpg') {
showerr("头像只能是.gif或.jpg格式");
}
}
//过滤不健康的字
$truename = replace_bad_word($truename);
$introduce = replace_bad_word($introduce);
$address = replace_bad_word($address);
if ($cityid) {
@extract($db->get_one("SELECT fup AS provinceid FROM {$pre}area WHERE fid='{$cityid}'"));
}
$array = array("uid" => $lfjuid, "username" => $lfjid, "email" => $email, "password" => $password, "icon" => $icon, "sex" => $sex, "bday" => $bday, "introduce" => $introduce, "oicq" => $oicq, "msn" => $msn, "homepage" => $homepage, "address" => $address, "postalcode" => $postalcode, "mobphone" => $mobphone, "telephone" => $telephone, "idcard" => $idcard, "truename" => $truename, "provinceid" => $provinceid, "cityid" => $cityid);
if ($lfjdb[email_yz] && $lfjdb[email] != $email) {
if (!$webdb[EditYzEmail]) {
showerr("你不可以再修改邮箱,因为已经审核过了.");
} else {
$array[email_yz] = 0;
}
}
if ($lfjdb[mob_yz] && $lfjdb[mobphone] != $mobphone) {
if (!$webdb[EditYzMob]) {
showerr("你不可以再修改手机号码,因为已经审核过了.");
} else {
if ($job == 'postnew' && $webdb[autoGetKeyword] && !$postdb[keywords]) {
$postdb[keywords] = keyword_ck($postdb[keywords], $postdb[title]);
}
//添加作者来源
if ($postdb[copyfrom] && $postdb[addcopyfrom] && $web_admin) {
if (!$db->get_one("SELECT * FROM {$pre}copyfrom WHERE name='{$postdb['copyfrom']}' ")) {
$db->query("INSERT INTO `{$pre}copyfrom` (`name` , `list`,uid ) VALUES ('{$postdb['copyfrom']}', '{$timestamp}','{$lfjdb['uid']}')");
}
}
//过滤不健康的字
$postdb[content] = replace_bad_word($postdb[content]);
$postdb[title] = replace_bad_word($postdb[title]);
$postdb[author] = replace_bad_word($postdb[author]);
$postdb[keywords] = replace_bad_word($postdb[keywords]);
$postdb[copyfrom] = replace_bad_word($postdb[copyfrom]);
$postdb[description] = replace_bad_word($postdb[description]);
$postdb[picurl] && ($postdb[ispic] = 1);
//对附件地址做处理,防止更换域名后,无法访问
$postdb[content] = En_TruePath($postdb[content]);
} else {
//如果系统与栏目禁用评论的话,则文章强制禁用评论
$forbidcomment = " ";
if ($job == 'postnew') {
if (!$webdb[showComment] || $fidDB && !$fidDB[allowcomment]) {
$forbidcomment = " checked ";
}
} elseif ($rsdb[forbidcomment]) {
$forbidcomment = " checked ";
}
$fonttype = $rsdb[fonttype] == 1 ? " checked " : "";
if ($job == 'edit') {
} else {
$myotherDB[] = $rs;
}
}
//我的图片主题
$myphotoDB = '';
$query = $db->query("SELECT * FROM {$pre}article WHERE ispic=1 AND uid='{$uid}' ORDER BY aid DESC LIMIT 6");
while ($rs = $db->fetch_array($query)) {
$rs[picurl] = tempdir($rs[picurl]);
$myphotoDB[] = $rs;
}
//论坛贴子
$mybbsDB = '';
if (ereg("^pwbbs", $webdb[passport_type])) {
$query = $db->query("SELECT * FROM {$TB_pre}threads WHERE authorid='{$uid}' ORDER BY tid DESC LIMIT 10");
while ($rs = $db->fetch_array($query)) {
$mybbsDB[] = $rs;
}
}
//过滤不健康的字
$rsdb[truename] = replace_bad_word($rsdb[truename]);
$rsdb[introduce] = replace_bad_word($rsdb[introduce]);
$rsdb[address] = replace_bad_word($rsdb[address]);
require get_member_tpl('homepage');
$content = ob_get_contents();
ob_end_clean();
ob_start();
if ($webdb[www_url] == '/.') {
$content = str_replace('/./', '/', $content);
}
echo $content;
}
$rsdb[picurl] = tempdir($rsdb[picurl]);
$webdb[AutoTitleNum] && $rsdb[pages] > 1 && ($rsdb[title] = Set_Title_PageNum($rsdb[title], $page));
if ($rsdb[keywords]) {
unset($array);
$detail = explode(" ", $rsdb[keywords]);
foreach ($detail as $key => $value) {
$_value = urlencode($value);
$array[] = "<A HREF='{$webdb['www_url']}/do/search.php?type=keyword&keyword={$_value}' target=_blank>{$value}</A>";
}
$rsdb[keywords] = implode(" ", $array);
}
//过滤不良词语
$rsdb[content] = replace_bad_word($rsdb[content]);
$rsdb[title] = replace_bad_word($rsdb[title]);
$rsdb[subhead] = replace_bad_word($rsdb[subhead]);
//多模型扩展接口
@(include ROOT_PATH . "inc/bencandy_{$rsdb[mid]}.php");
require ROOT_PATH . "inc/head.php";
require $chdb[main_tpl];
require ROOT_PATH . "inc/foot.php";
/*处理伪静态*/
if ($webdb[NewsMakeHtml] == 2) {
$content = ob_get_contents();
ob_end_clean();
ob_start();
$content = fake_html($content);
echo "{$content}";
}
if (!$jobs && $webdb[bencandy_cache_time] && time() - filemtime($Cache_FileName) > $webdb[bencandy_cache_time] * 60) {
if (!is_dir(dirname($Cache_FileName))) {
if (!$rs[username]) {
$detail = explode(".", $rs[ip]);
$rs[username] = "{$detail['0']}.{$detail['1']}.{$detail['2']}.*";
}
if ($rs[icon]) {
$rs[icon] = tempdir($rs[icon]);
}
$rs[posttime] = date("Y-m-d H:i:s", $rs[posttime]);
$rs[content] = get_word($rs[full_content] = $rs[content], $leng);
$rs[title] = preg_replace("/\\[quote\\](.*)\\[\\/quote\\]/", "", $rs[content]);
$rs[title] = get_word($rs[title], 50);
$rs[content] = get_word($rs[content], $leng);
$rs[content] = preg_replace("/\\[quote\\](.*)\\[\\/quote\\]/", "<div class='quotecomment_div'>\\1</div>", $rs[content]);
$rs[content] = str_replace("\n", "<br>", $rs[content]);
$rs[content] = replace_bad_word($rs[content]);
$rs[username] = replace_bad_word($rs[username]);
$listdb[] = $rs;
}
$showpage = getpage("`{$pre}comment` A", " where A.aid='{$aid}' {$SQL}", "?fid={$fid}&aid={$aid}", $rows);
if ($iframeID) {
$showpage = str_replace("href=\"?", "target=\"{$iframeID}\" href=\"{$webdb['www_url']}/do/comment_ajax.php?iframeID={$iframeID}&", $showpage);
} else {
$showpage = preg_replace("/\\?fid=([\\d]+)&aid=([\\d]+)&page=([\\d]+)/is", "javascript:getcomment('{$webdb['www_url']}/do/comment_ajax.php?fid=\\1&aid=\\2&page=\\3')", $showpage);
}
require_once html('comment_ajax');
if ($iframeID) {
$content = str_replace(array("\n", "\r", "'", "<!---->"), array("", "", "\\'", ""), ob_get_contents());
ob_end_clean();
//处理跨域问题
if ($webdb[cookieDomain]) {
echo "<SCRIPT LANGUAGE=\"JavaScript\">document.domain = \"{$webdb['cookieDomain']}\";</SCRIPT>";
}
if ($fid) {
$SQL .= " AND fid='{$fid}' ";
}
$query = $db->query("SELECT SQL_CALC_FOUND_ROWS G.*,D.icon FROM `{$_pre}content` G LEFT JOIN `{$pre}memberdata` D ON G.uid=D.uid {$SQL} ORDER BY G.id DESC LIMIT {$min},{$rows}");
$RS = $db->get_one("SELECT FOUND_ROWS()");
$totalNum = $RS['FOUND_ROWS()'];
$showpage = getpage("", "", "?fid={$fid}", $rows, $totalNum);
while ($rs = $db->fetch_array($query)) {
$rs[content] = format_text($rs[content]);
$rs[content] = replace_bad_word($rs[content]);
//过滤不健康的字
if ($rs[reply]) {
$replydb = unserialize($rs[reply]);
$replydb[content] = str_replace("\r\n", "<br>", $replydb[content]);
$replydb[content] = replace_bad_word($replydb[content]);
//过滤不健康的字
$replydb[posttime] = date("Y-m-d H:i:s", $replydb[posttime]);
$rs[content] .= "<FIELDSET><LEGEND>留言回复</LEGEND>{$replydb['content']} (署名:{$replydb['username']}/日期:{$replydb['posttime']})</FIELDSET>";
}
$rs[posttime] = date("Y-m-d H:i:s", $rs[posttime]);
$detail = explode(".", $rs[ip]);
$rs[ip] = "{$detail['0']}.{$detail['1']}.{$detail['2']}.*";
if ($web_admin) {
$rs['delete'] = "[<A HREF='replyguestbook.php?fid={$fid}&id={$rs['id']}'>回复</A>] [<A HREF='?action=delete&id={$rs['id']}'>删除</A>]";
} elseif ($lfjuid == $rs[uid]) {
$rs['delete'] = "[<A HREF='?action=delete&id={$rs['id']}'>删除</A>]";
}
if ($rs[weburl]) {
$rs['_weburl'] = "<A HREF='{$rs['weburl']}' target='_blank' title='查看主页'>" . '<img src="' . $webdb[www_url] . '/images/default/home.gif" width="16" height="16" border="0">' . "</A>";
}