<?php
!defined('R_P') && exit('Forbidden');
S::gp(array('a'));
$pwforum = new PwForum($fid);
if (!$pwforum->isForum(true)) {
Showmsg('data_error');
}
$foruminfo =& $pwforum->foruminfo;
$groupRight =& $newColony->getRight();
$pwModeImg = "{$imgpath}/apps";
require_once R_P . 'u/require/core.php';
//* include_once pwCache::getPath(D_P . 'data/bbscache/o_config.php');
pwCache::getData(D_P . 'data/bbscache/o_config.php');
require_once R_P . 'require/header.php';
list($guidename, $forumtitle) = $pwforum->getTitle();
$msg_guide = $pwforum->headguide($guidename);
$styleid = $colony['styleid'];
$basename = "thread.php?cyid={$cyid}&showtype=member";
if (empty($a)) {
$a_key = 'member';
if (!$colony['ifmemberopen'] && !$ifadmin && (!$colony['ifcyer'] || $colony['ifadmin'] == '-1')) {
Showmsg('colony_cnmenber');
}
if (empty($_POST['operateStep'])) {
require_once R_P . 'require/showimg.php';
S::gp(array('group', 'orderby'));
$group && ($tmpUrlAdd .= '&group=' . $group);
$lang_no_member = array('2' => '没有普通成员', '3' => '没有未验证会员', '4' => '没有最近访客');
$order_lastpost = $order_lastvisit = '';
if ($group && $group == 4) {
$_thread = $_cacheService->get('thread_tid_' . $tid);
$_thread && ($_tmsg = $_cacheService->get('thread_tmsg_tid_' . $tid));
$read = $_thread && $_tmsg ? array_merge($_thread, $_tmsg) : false;
if (!$read) {
$_cacheService = Perf::gatherCache('pw_threads');
$read = $page > 1 ? $_cacheService->getThreadByThreadId($tid) : $_cacheService->getThreadAndTmsgByThreadId($tid);
}
} else {
$read = $db->get_one("SELECT t.* ,tm.* FROM pw_threads t LEFT JOIN " . S::sqlMetadata(GetTtable($tid)) . " tm ON t.tid=tm.tid WHERE t.tid=" . S::sqlEscape($tid));
}
!$read && Showmsg('illegal_tid');
$postdate = get_date($read['postdate'], 'Y-m-d');
list($fid, $ptable, $ifcheck, $openIndex, $topped_count, $subject, $authorid, $author) = array($read['fid'], $read['ptable'], $read['ifcheck'], getstatus($read['tpcstatus'], 2), $read['topreplays'], $read['subject'], $read['authorid'], $read['author']);
$pw_posts = GetPtable($ptable);
$pwforum = new PwForum($fid);
if (!$pwforum->isForum()) {
Showmsg('data_error');
}
$foruminfo =& $pwforum->foruminfo;
$forumset =& $pwforum->forumset;
if (!S::inArray($windid, $manager)) {
$pwforum->forumcheck($winddb, $groupid);
}
if (!$foruminfo['allowvisit'] && $_G['allowread'] == 0 && $_COOKIE) {
Showmsg('read_group_right');
}
/**************************************/
//帖子浏览及管理权限
$isGM = $isBM = $admincheck = $managecheck = $pwPostHide = $pwSellHide = $pwEncodeHide = 0;
$pwSystem = array();
if ($groupid != 'guest') {
function postModify($tid, $fid, $uid, $title, $content, $tags = '', $convert = 1, $usesign = 1, $usehtml = 0, $topped = 0, $digest = 0, $p_type = '', $p_sub_type = '')
{
global $winddb, $winduid, $windid, $groupid, $_G, $SYSTEM, $timestamp;
require_once R_P . 'lib/forum.class.php';
$pwforum = new PwForum($fid);
if (!$pwforum->isForum()) {
return new ErrorMsg(API_THREAD_FORUM_NOT_EXISTS, 'Forum not exists');
}
$winddb = $this->db->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.email,m.oicq,m.groupid,m.memberid,m.groups,m.icon,m.regdate,m.honor,m.timedf,m.style,m.datefm,m.t_num,m.p_num,m.yz,m.newpm,m.userstatus,m.shortcut,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.thisvisit,md.onlinetime,md.lastpost,md.todaypost,md.monthpost,md.onlineip,md.uploadtime,md.uploadnum,md.starttime,md.pwdctime,md.monoltime,md.digests,md.f_num,md.creditpop FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid WHERE m.uid=" . pwEscape($uid));
if (empty($winddb)) {
return new ErrorMsg(API_THREAD_AUTHOR_NOT_EXISTS, 'User not exists');
}
$winduid = $winddb['uid'];
$groupid = $winddb['groupid'];
$windid = $winddb['username'];
$groupid == '-1' && ($groupid = $winddb['memberid']);
if (file_exists(D_P . "data/groupdb/group_{$groupid}.php")) {
include Pcv(D_P . "data/groupdb/group_{$groupid}.php");
} else {
include D_P . 'data/groupdb/group_1.php';
}
require_once R_P . 'lib/post.class.php';
require_once R_P . 'require/bbscode.php';
$pwpost = new PwPost($pwforum);
$pwpost->errMode = true;
require_once R_P . 'lib/postmodify.class.php';
$postmodify = new topicModify($tid, 0, $pwpost);
$atcdb = $postmodify->init();
if (empty($atcdb) || $atcdb['fid'] != $fid) {
return new ErrorMsg(API_THREAD_ILLEGAL_TID, 'The tid is illegal');
}
if ($winduid != $atcdb['authorid'] && $groupid != 3 && $groupid != 4) {
$authordb = $this->db->get_one("SELECT groupid FROM pw_members WHERE uid=" . pwEscape($atcdb['authorid']));
if ($authordb['groupid'] == 3 || $authordb['groupid'] == 4) {
return new ErrorMsg(API_THREAD_MODIFY_ADMIN, 'The tid is not modify');
}
}
if ($_G['edittime'] && $timestamp - $atcdb['postdate'] > $_G['edittime'] * 60) {
return new ErrorMsg(API_THREAD_MODIFY_TIMELIMIT, 'The modify time limit');
}
$postdata = new topicPostData($pwpost);
include_once D_P . 'data/bbscache/cache_post.php';
$t_db = $topic_type_cache[$fid];
$postdata->setWtype($p_type, $p_sub_type, 0, $t_db);
$postdata->initData($postmodify);
$postdata->setTitle($title);
$postdata->setContent($content);
$postdata->setConvert($convert, 1);
$postdata->setTags($tags);
$postdata->setDigest($digest);
$postdata->setTopped($topped);
$postdata->setIfsign($usesign, $usehtml);
if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) {
$errmsg = $this->getErrMsg($msg);
return new ErrorMsg($errmsg[0], $errmsg[1]);
}
$postmodify->execute($postdata);
return new ApiResponse(true);
}
function _checkForum()
{
$this->tid = $this->attach['tid'];
$thread = $this->_db->get_one("SELECT fid,tpcstatus,ifcheck FROM pw_threads WHERE tid=" . S::sqlEscape($this->tid, false));
if (getstatus($thread['tpcstatus'], 1) && !$thread['fid'] && $thread['ifcheck'] == '2') {
return true;
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($thread['fid']);
if (!$pwforum->isForum()) {
return 'forum_purview_erro';
//读取数据错误,原因:您要访问的链接无效,可能链接不完整,或数据已被删除!
}
if ($pwforum->foruminfo['f_type'] == 'former' && $this->groupid == 'guest' && $_COOKIE) {
return 'forum_purview_erro';
//本版块为正规版块,只有注册会员才能进入!
}
if (!empty($pwforum->foruminfo['style']) && file_exists(D_P . "data/style/{$pwforum->foruminfo[style]}.php")) {
$GLOBALS['skin'] = $pwforum->foruminfo['style'];
}
$pwdcheck = GetCookie('pwdcheck');
if ($pwforum->foruminfo['password'] != '' && ($groupid == 'guest' || $pwdcheck[$pwforum->fid] != $pwforum->foruminfo['password'] && !S::inArray($this->user['username'], $GLOBALS['manager']))) {
require_once R_P . 'require/forumpw.php';
}
if (!$pwforum->allowvisit($this->user, $this->groupid)) {
return 'forum_purview_erro';
//对不起,本版块为认证版块,您没有权限查看此版块的内容!
}
if (!$pwforum->foruminfo['cms'] && $pwforum->foruminfo['f_type'] == 'hidden' && !$pwforum->foruminfo['allowvisit']) {
return 'forum_purview_erro';
//本版块为隐藏版块,您无权进入!
}
$this->foruminfo =& $pwforum->foruminfo;
$this->admincheck = $this->groupid == '3' || $pwforum->isBM($this->username) ? 1 : 0;
if (!$this->admincheck && !$pwforum->allowdownload($this->user, $this->groupid)) {
//版块权限判断
return 'forum_purview_erro';
//对不起,本版块只有特定用户可以下载附件,请返回
}
if (!$this->foruminfo['allowdownload'] && $this->_G['allowdownload'] == 0 && !$this->admincheck) {
//用户组权限判断
return 'forum_purview_erro';
//用户组权限:你所属的用户组没有下载附件的权限
}
return true;
}
function sendPost($tid, $uid, $title, $content)
{
global $winddb, $winduid, $windid, $groupid, $fid, $timestamp, $pwforum, $pwpost, $_G, $db_uploadfiletype, $uploadcredit, $uploadmoney, $manager, $isBM, $_time;
$timestamp = time();
$_time = array('hours' => get_date($timestamp, 'G'), 'day' => get_date($timestamp, 'j'), 'week' => get_date($timestamp, 'w'));
list($uid, $tid, $title, $content) = array(intval($uid), intval($tid), trim($title), trim($content));
if ($uid < 1 || $tid < 1 || !$content) {
return $this->buildResponse(THREAD_INVALID_PARAMS);
}
ACloud_Sys_Core_Common::setGlobal('customized_current_uid', $uid);
$user = $this->getCurrentUser();
if (!$user->isLogin()) {
return $this->buildResponse(USER_NOT_LOGIN);
}
if ($user->groupid == 6 || getstatus($user->info['userstatus'], PW_USERSTATUS_BANUSER)) {
return $this->buildResponse(THREAD_USER_NOT_RIGHT);
}
$user->initRight();
$winduid = $user->uid;
$groupid = $user->groupid;
$windid = $user->username;
$winddb = $user->info;
$_G = $user->_G;
if ($_G['postlimit'] && $winddb['todaypost'] >= $_G['postlimit']) {
return $this->buildResponse(POST_GP_LIMIT);
}
$tpcarray = $GLOBALS['db']->get_one("SELECT t.tid,t.fid,t.locked,t.ifcheck,t.author,t.authorid,t.postdate,t.lastpost,t.ifmail,t.special,t.subject,t.type,t.ifshield,t.anonymous,t.ptable,t.replies,t.tpcstatus FROM pw_threads t WHERE t.tid=" . pwEscape($tid));
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($tpcarray['fid']);
if (!$pwforum->isForum()) {
return $this->buildResponse(THREAD_FORUM_NOT_EXIST);
}
$fid = $tpcarray['fid'];
$isBM = $pwforum->isBM($windid);
$isGM = S::inArray($windid, $manager);
if (!$isGM && $tpcarray['locked'] % 3 != 0 && !pwRights($isBM, 'replylock')) {
return $this->buildResponse(THREAD_LOCKED);
}
L::loadClass('post', 'forum', false);
require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.bbscode.php';
$pwpost = new PwPost($pwforum);
$pwpost->errMode = true;
$pwpost->forumcheck();
$pwpost->postcheck();
L::loadClass('replypost', 'forum', false);
$replypost = new replyPost($pwpost);
$replypost->setTpc($tpcarray);
$replypost->check();
$pw_posts = GetPtable($replypost->tpcArr['ptable']);
$postdata = new replyPostData($pwpost);
$postdata->setTitle($title);
$postdata->setContent($content);
$postdata->conentCheck();
if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) {
return $this->buildResponse(THREAD_SYSTEM_ERROR, $msg);
}
require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.attupload.php';
if (PwUpload::getUploadNum()) {
$_G['uploadtype'] && ($db_uploadfiletype = $_G['uploadtype']);
$db_uploadfiletype = !empty($db_uploadfiletype) ? is_array($db_uploadfiletype) ? $db_uploadfiletype : unserialize($db_uploadfiletype) : array();
$postdata->att = new AttUpload($user->uid);
$return = $postdata->att->check();
if ($return) {
$msginfo = getLangInfo('msg', $return);
return $this->errMessage(THREAD_USER_NOT_RIGHT, $msginfo);
}
list($windVersion) = explode(',', WIND_VERSION);
if ($windVersion && $windVersion < '8.5') {
$postdata->att->transfer();
PwUpload::upload($postdata->att);
}
}
$replypost->execute($postdata);
$pid = $replypost->getNewId();
return $this->buildResponse(0, array('pid' => $pid));
}
function _checkForum($fid)
{
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($fid);
if (!$pwforum->isForum()) {
return 'data_error';
}
$pwforum->forumcheck($this->user, $this->groupid);
$this->foruminfo =& $pwforum->foruminfo;
$isBM = $pwforum->isBM($this->username);
$this->admincheck = $this->isGM || pwRights($isBM, 'delattach', $fid) ? 1 : 0;
return true;
}
function postThread($uid, $fid, $subject, $content)
{
global $winddb, $winduid, $windid, $groupid, $_G, $timestamp, $pwforum, $pwpost, $uploadcredit, $uploadmoney, $db_uploadfiletype, $_time;
$timestamp = time();
$_time = array('hours' => get_date($timestamp, 'G'), 'day' => get_date($timestamp, 'j'), 'week' => get_date($timestamp, 'w'));
list($uid, $fid, $subject, $content) = array(intval($uid), intval($fid), trim($subject), trim($content));
if ($uid < 1 || $fid < 1 || !$subject || !$content) {
return $this->buildResponse(THREAD_INVALID_PARAMS);
}
ACloud_Sys_Core_Common::setGlobal('customized_current_uid', $uid);
$user = $this->getCurrentUser();
if (!$user->isLogin()) {
return $this->buildResponse(USER_NOT_LOGIN);
}
if ($user->groupid == 6 || getstatus($user->info['userstatus'], PW_USERSTATUS_BANUSER)) {
return $this->buildResponse(THREAD_USER_NOT_RIGHT);
}
$user->initRight();
$winduid = $user->uid;
$groupid = $user->groupid;
$windid = $user->username;
$winddb = $user->info;
$_G = $user->_G;
if ($_G['postlimit'] && $winddb['todaypost'] >= $_G['postlimit']) {
return $this->buildResponse(POST_GP_LIMIT);
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($fid);
if (!$pwforum->isForum()) {
return $this->buildResponse(THREAD_FORUM_NOT_EXIST);
}
list($uploadcredit, $uploadmoney, , ) = explode("\t", $pwforum->forumset['uploadset']);
L::loadClass('post', 'forum', false);
require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.bbscode.php';
$pwpost = new PwPost($pwforum);
$pwpost->errMode = true;
$pwpost->forumcheck();
$pwpost->postcheck();
L::loadClass('topicpost', 'forum', false);
$topicpost = new topicPost($pwpost);
$topicpost->check();
$postdata = new topicPostData($pwpost);
$postdata->setWtype('', '', $pwforum->foruminfo['t_type'], $pwforum->foruminfo['topictype']);
$postdata->setTitle($subject);
$postdata->setContent($content);
$postdata->setConvert(1, 1);
$postdata->setTags('');
$postdata->setDigest('');
$postdata->setTopped('');
$postdata->setIfsign(1, 0);
if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) {
return $this->buildResponse(THREAD_SYSTEM_ERROR, $msg);
}
require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.attupload.php';
if (PwUpload::getUploadNum()) {
$_G['uploadtype'] && ($db_uploadfiletype = $_G['uploadtype']);
$db_uploadfiletype = !empty($db_uploadfiletype) ? is_array($db_uploadfiletype) ? $db_uploadfiletype : unserialize($db_uploadfiletype) : array();
$postdata->att = new AttUpload($user->uid);
$return = $postdata->att->check();
if ($return) {
$msginfo = getLangInfo('msg', $return);
return $this->buildResponse(THREAD_USER_NOT_RIGHT);
}
list($windVersion) = explode(',', WIND_VERSION);
if ($windVersion && $windVersion < '8.5') {
PwUpload::upload($postdata->att);
$postdata->att->transfer();
}
}
$topicpost->execute($postdata);
$tid = $topicpost->getNewId();
return $this->buildResponse(0, array('tid' => $tid));
}
function _checkForum()
{
$this->tid = $this->attach['tid'];
$thread = $this->_db->get_one("SELECT fid,tpcstatus,ifcheck FROM pw_threads WHERE tid=" . S::sqlEscape($this->tid, false));
if (getstatus($thread['tpcstatus'], 1) && !$thread['fid'] && $thread['ifcheck'] == '2') {
return true;
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($thread['fid']);
if (!$pwforum->isForum()) {
return 'data_error';
}
$pwforum->forumcheck($this->user, $this->groupid);
$this->foruminfo =& $pwforum->foruminfo;
$this->admincheck = $this->groupid == '3' || $pwforum->isBM($this->username) ? 1 : 0;
$forumset = $this->foruminfo['forumset'];
list($this->uploadcredit, , $this->downloadmoney, ) = explode("\t", $forumset['uploadset']);
if (!$this->admincheck && !$pwforum->allowdownload($this->user, $this->groupid)) {
//版块权限判断
return 'job_attach_forum';
}
if ($this->groupid == 'guest' && $this->_G['allowdownload'] == 0) {
return 'download_not_login';
}
if (!$this->foruminfo['allowdownload'] && $this->_G['allowdownload'] == 0 && !$this->admincheck) {
//用户组权限判断
return 'job_attach_group';
}
return true;
}
function postModify($tid, $fid, $uid, $title, $content, $tags = '', $convert = 1, $usesign = 1, $usehtml = 0, $topped = 0, $digest = 0, $p_type = '', $p_sub_type = '')
{
global $winddb, $winduid, $windid, $groupid, $_G, $SYSTEM, $timestamp;
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($fid);
if (!$pwforum->isForum()) {
return new ErrorMsg(API_THREAD_FORUM_NOT_EXISTS, 'Forum not exists');
}
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$winddb = $userService->get($uid, true, true);
if (empty($winddb)) {
return new ErrorMsg(API_THREAD_AUTHOR_NOT_EXISTS, 'User not exists');
}
$winduid = $winddb['uid'];
$groupid = $winddb['groupid'];
$windid = $winddb['username'];
$groupid == '-1' && ($groupid = $winddb['memberid']);
if (file_exists(D_P . "data/groupdb/group_{$groupid}.php")) {
//* include pwCache::getPath(S::escapePath(D_P."data/groupdb/group_$groupid.php"));
extract(pwCache::getData(S::escapePath(D_P . "data/groupdb/group_{$groupid}.php", false)));
} else {
//* include pwCache::getPath(D_P.'data/groupdb/group_1.php');
extract(pwCache::getData(D_P . 'data/groupdb/group_1.php', false));
}
L::loadClass('post', 'forum', false);
require_once R_P . 'require/bbscode.php';
$pwpost = new PwPost($pwforum);
$pwpost->errMode = true;
L::loadClass('postmodify', 'forum', false);
$postmodify = new topicModify($tid, 0, $pwpost);
$atcdb = $postmodify->init();
if (empty($atcdb) || $atcdb['fid'] != $fid) {
return new ErrorMsg(API_THREAD_ILLEGAL_TID, 'The tid is illegal');
}
if ($winduid != $atcdb['authorid'] && $groupid != 3 && $groupid != 4) {
$authordb = $userService->get($atcdb['authorid']);
/**Begin modify by liaohu*/
$pce_arr = explode(",", $GLOBALS['SYSTEM']['tcanedit']);
if (($authordb['groupid'] == 3 || $authordb['groupid'] == 4 || $authordb['groupid'] == 5) && !in_array($authordb['groupid'], $pce_arr)) {
return new ErrorMsg(API_THREAD_MODIFY_ADMIN, 'The tid is not modify');
}
/*if (($authordb['groupid'] == 3 || $authordb['groupid'] == 4)) {
return new ErrorMsg(API_THREAD_MODIFY_ADMIN, 'The tid is not modify');
}*/
/**End modify by liaohu*/
}
if ($_G['edittime'] && $timestamp - $atcdb['postdate'] > $_G['edittime'] * 60) {
return new ErrorMsg(API_THREAD_MODIFY_TIMELIMIT, 'The modify time limit');
}
$postdata = new topicPostData($pwpost);
//* include_once pwCache::getPath(D_P.'data/bbscache/cache_post.php');
extract(pwCache::getData(D_P . 'data/bbscache/cache_post.php', false));
$t_db = $topic_type_cache[$fid];
$postdata->setWtype($p_type, $p_sub_type, 0, $t_db);
$postdata->initData($postmodify);
$postdata->setTitle($title);
$postdata->setContent($content);
$postdata->setConvert($convert, 1);
$postdata->setTags($tags);
$postdata->setDigest($digest);
$postdata->setTopped($topped);
$postdata->setIfsign($usesign, $usehtml);
if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) {
$errmsg = $this->getErrMsg($msg);
return new ErrorMsg($errmsg[0], $errmsg[1]);
}
$postmodify->execute($postdata);
return new ApiResponse(true);
}
function isEditAttachRight($aid, $tid)
{
global $isGM, $winduid;
$aid = intval($aid);
$tid = intval($tid);
if ($aid < 1 || $tid < 1) {
return false;
}
$threadsService = L::loadClass('threads', 'forum');
$read = $threadsService->getByThreadId($tid);
if (!$read) {
return false;
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($read['fid']);
if (!$pwforum->isForum()) {
return false;
}
$isBM = $pwforum->isBM($windid);
return $isGM || $isBM || $read['authorid'] == $winduid ? true : false;
}
