function parse_seo_url()
{
global $conf;
// 支持 seo url rewrite
$tid = 0;
$thread = array();
$seo_url = '';
if ($conf['seo_url_rewrite']) {
$url = $_SERVER['REQUEST_URI'];
$lastpos = strrpos($url, '/');
$qmark = strpos($url, '?');
$qmark = $qmark === FALSE ? strlen($url) : $qmark - 1;
$tid = 0;
$url2 = substr($url, $lastpos + 1, $qmark);
if (preg_match('#^[\\w\\-]+$#', $url2)) {
$seo_url = $url2;
$thread = thread_read_by_seo_url($seo_url);
$tid = empty($thread) ? -1 : $thread['tid'];
$_REQUEST[0] = 'thread';
$_REQUEST[1] = $tid;
return array($tid, $thread);
}
}
return array($tid, $thread);
}
$gid != 1 and $message = xn_html_safe($message);
mb_strlen($message, 'UTF-8') > 2048000 and message('内容太长');
$arr = array();
if ($isfirst) {
$newfid = param('fid');
$forum = forum_read($newfid);
empty($forum) and message(1, '板块不存在:' . $newfid);
if ($fid != $newfid) {
!forum_access_user($fid, $gid, 'allowthread') and message(-1, '您(' . $user['groupname'] . ')无权限在此版块回帖');
$post['uid'] != $uid and !forum_access_mod($fid, $gid, 'allowupdate') and message(-1, '您(' . $user['groupname'] . ')无权限在此版块编辑帖子');
$arr['fid'] = $newfid;
}
if ($seo_url != $thread['seo_url'] && $conf['seo_url_rewrite'] && $group['allowcustomurl']) {
$seo_url = preg_replace('#[\\W]#', '-', $seo_url);
// 只允许英文和 -
$seo_url and thread_read_by_seo_url($seo_url) and message(4, '自定义的 URL 已经存在,请修改。');
// 这里可能有并发问题,seo_url 并非 UNIQUE KEY
strlen($seo_url) > 128 and message(3, '自定义 URL 太长');
$arr['seo_url'] = $seo_url;
}
if ($subject != $thread['subject']) {
mb_strlen($subject, 'UTF-8') > 80 and message(1, '标题最长80个字符');
$arr['subject'] = $subject;
}
$arr and thread_update($tid, $arr) === FALSE and message(-1, '更新主题失败');
}
$r = post_update($pid, array('message' => $message));
$r === FALSE and message(-1, '更新帖子失败');
message(0, array('pid' => $pid, 'subject' => $subject, 'message' => $message));
}
} elseif ($action == 'delete') {
if (!$r) {
if ($gid == 0) {
$r = forum_access_user($fid, 101, 'allowthread');
$r and user_login_check($user);
}
message(10, '您(' . $user['groupname'] . ')无权限在此版块发帖');
}
$subject = htmlspecialchars(param('subject', '', FALSE));
$message = param('message', '', FALSE);
$seo_url = $conf['seo_url_rewrite'] && $group['allowcustomurl'] ? preg_replace('#[^\\w\\-]#', '', strtolower(param('seo_url'))) : '';
// 只允许英文和 -
empty($subject) and message(1, '标题不能为空' . $fid);
$gid != 1 and $subject = badword_filter($subject, $badword);
$subject === FALSE and message(1, '标题中包含敏感关键词: ' . $badword);
empty($message) and message(2, '内容不能为空' . $fid);
$conf['seo_url_rewrite'] and $seo_url and thread_read_by_seo_url($seo_url) and message(4, '自定义的 URL 已经存在,请修改。');
// 这里可能有并发问题,seo_url 并非 UNIQUE KEY
$gid != 1 and $message = xn_html_safe($message);
$gid != 1 and $message = badword_filter($message, $badword);
$message === FALSE and message(2, '内容中包含敏感关键词: ' . $badword);
strlen($seo_url) > 128 and message(3, '自定义 URL 太长');
mb_strlen($subject, 'UTF-8') > 128 and message(1, '标题最长80个字符');
mb_strlen($message, 'UTF-8') > 2028000 and message(2, '内容太长');
// 检测是否灌水
thread_check_flood($gid, $fid, $subject) and message(1, '系统检测到您可能在灌水。');
$thread = array('fid' => $fid, 'uid' => $uid, 'sid' => $sid, 'subject' => $subject, 'message' => $message, 'time' => $time, 'longip' => $longip, 'sid' => $sid);
$seo_url and $thread['seo_url'] = $seo_url;
$tid = thread_create($thread, $pid);
$pid === FALSE and message(1, '创建帖子失败');
$tid === FALSE and message(1, '创建主题失败');
$conf['ipaccess_on'] and ipaccess_inc($longip, 'threads');