<?php !defined('R_P') && exit('Forbidden'); S::gp(array('a')); $pwforum = new PwForum($fid); if (!$pwforum->isForum(true)) { Showmsg('data_error'); } $foruminfo =& $pwforum->foruminfo; $groupRight =& $newColony->getRight(); $pwModeImg = "{$imgpath}/apps"; require_once R_P . 'u/require/core.php'; //* include_once pwCache::getPath(D_P . 'data/bbscache/o_config.php'); pwCache::getData(D_P . 'data/bbscache/o_config.php'); require_once R_P . 'require/header.php'; list($guidename, $forumtitle) = $pwforum->getTitle(); $msg_guide = $pwforum->headguide($guidename); $styleid = $colony['styleid']; $basename = "thread.php?cyid={$cyid}&showtype=member"; if (empty($a)) { $a_key = 'member'; if (!$colony['ifmemberopen'] && !$ifadmin && (!$colony['ifcyer'] || $colony['ifadmin'] == '-1')) { Showmsg('colony_cnmenber'); } if (empty($_POST['operateStep'])) { require_once R_P . 'require/showimg.php'; S::gp(array('group', 'orderby')); $group && ($tmpUrlAdd .= '&group=' . $group); $lang_no_member = array('2' => '没有普通成员', '3' => '没有未验证会员', '4' => '没有最近访客'); $order_lastpost = $order_lastvisit = ''; if ($group && $group == 4) {
$_thread = $_cacheService->get('thread_tid_' . $tid); $_thread && ($_tmsg = $_cacheService->get('thread_tmsg_tid_' . $tid)); $read = $_thread && $_tmsg ? array_merge($_thread, $_tmsg) : false; if (!$read) { $_cacheService = Perf::gatherCache('pw_threads'); $read = $page > 1 ? $_cacheService->getThreadByThreadId($tid) : $_cacheService->getThreadAndTmsgByThreadId($tid); } } else { $read = $db->get_one("SELECT t.* ,tm.* FROM pw_threads t LEFT JOIN " . S::sqlMetadata(GetTtable($tid)) . " tm ON t.tid=tm.tid WHERE t.tid=" . S::sqlEscape($tid)); } !$read && Showmsg('illegal_tid'); $postdate = get_date($read['postdate'], 'Y-m-d'); list($fid, $ptable, $ifcheck, $openIndex, $topped_count, $subject, $authorid, $author) = array($read['fid'], $read['ptable'], $read['ifcheck'], getstatus($read['tpcstatus'], 2), $read['topreplays'], $read['subject'], $read['authorid'], $read['author']); $pw_posts = GetPtable($ptable); $pwforum = new PwForum($fid); if (!$pwforum->isForum()) { Showmsg('data_error'); } $foruminfo =& $pwforum->foruminfo; $forumset =& $pwforum->forumset; if (!S::inArray($windid, $manager)) { $pwforum->forumcheck($winddb, $groupid); } if (!$foruminfo['allowvisit'] && $_G['allowread'] == 0 && $_COOKIE) { Showmsg('read_group_right'); } /**************************************/ //帖子浏览及管理权限 $isGM = $isBM = $admincheck = $managecheck = $pwPostHide = $pwSellHide = $pwEncodeHide = 0; $pwSystem = array(); if ($groupid != 'guest') {
function postModify($tid, $fid, $uid, $title, $content, $tags = '', $convert = 1, $usesign = 1, $usehtml = 0, $topped = 0, $digest = 0, $p_type = '', $p_sub_type = '') { global $winddb, $winduid, $windid, $groupid, $_G, $SYSTEM, $timestamp; require_once R_P . 'lib/forum.class.php'; $pwforum = new PwForum($fid); if (!$pwforum->isForum()) { return new ErrorMsg(API_THREAD_FORUM_NOT_EXISTS, 'Forum not exists'); } $winddb = $this->db->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.email,m.oicq,m.groupid,m.memberid,m.groups,m.icon,m.regdate,m.honor,m.timedf,m.style,m.datefm,m.t_num,m.p_num,m.yz,m.newpm,m.userstatus,m.shortcut,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.thisvisit,md.onlinetime,md.lastpost,md.todaypost,md.monthpost,md.onlineip,md.uploadtime,md.uploadnum,md.starttime,md.pwdctime,md.monoltime,md.digests,md.f_num,md.creditpop FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid WHERE m.uid=" . pwEscape($uid)); if (empty($winddb)) { return new ErrorMsg(API_THREAD_AUTHOR_NOT_EXISTS, 'User not exists'); } $winduid = $winddb['uid']; $groupid = $winddb['groupid']; $windid = $winddb['username']; $groupid == '-1' && ($groupid = $winddb['memberid']); if (file_exists(D_P . "data/groupdb/group_{$groupid}.php")) { include Pcv(D_P . "data/groupdb/group_{$groupid}.php"); } else { include D_P . 'data/groupdb/group_1.php'; } require_once R_P . 'lib/post.class.php'; require_once R_P . 'require/bbscode.php'; $pwpost = new PwPost($pwforum); $pwpost->errMode = true; require_once R_P . 'lib/postmodify.class.php'; $postmodify = new topicModify($tid, 0, $pwpost); $atcdb = $postmodify->init(); if (empty($atcdb) || $atcdb['fid'] != $fid) { return new ErrorMsg(API_THREAD_ILLEGAL_TID, 'The tid is illegal'); } if ($winduid != $atcdb['authorid'] && $groupid != 3 && $groupid != 4) { $authordb = $this->db->get_one("SELECT groupid FROM pw_members WHERE uid=" . pwEscape($atcdb['authorid'])); if ($authordb['groupid'] == 3 || $authordb['groupid'] == 4) { return new ErrorMsg(API_THREAD_MODIFY_ADMIN, 'The tid is not modify'); } } if ($_G['edittime'] && $timestamp - $atcdb['postdate'] > $_G['edittime'] * 60) { return new ErrorMsg(API_THREAD_MODIFY_TIMELIMIT, 'The modify time limit'); } $postdata = new topicPostData($pwpost); include_once D_P . 'data/bbscache/cache_post.php'; $t_db = $topic_type_cache[$fid]; $postdata->setWtype($p_type, $p_sub_type, 0, $t_db); $postdata->initData($postmodify); $postdata->setTitle($title); $postdata->setContent($content); $postdata->setConvert($convert, 1); $postdata->setTags($tags); $postdata->setDigest($digest); $postdata->setTopped($topped); $postdata->setIfsign($usesign, $usehtml); if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) { $errmsg = $this->getErrMsg($msg); return new ErrorMsg($errmsg[0], $errmsg[1]); } $postmodify->execute($postdata); return new ApiResponse(true); }
function _checkForum() { $this->tid = $this->attach['tid']; $thread = $this->_db->get_one("SELECT fid,tpcstatus,ifcheck FROM pw_threads WHERE tid=" . S::sqlEscape($this->tid, false)); if (getstatus($thread['tpcstatus'], 1) && !$thread['fid'] && $thread['ifcheck'] == '2') { return true; } L::loadClass('forum', 'forum', false); $pwforum = new PwForum($thread['fid']); if (!$pwforum->isForum()) { return 'forum_purview_erro'; //读取数据错误,原因:您要访问的链接无效,可能链接不完整,或数据已被删除! } if ($pwforum->foruminfo['f_type'] == 'former' && $this->groupid == 'guest' && $_COOKIE) { return 'forum_purview_erro'; //本版块为正规版块,只有注册会员才能进入! } if (!empty($pwforum->foruminfo['style']) && file_exists(D_P . "data/style/{$pwforum->foruminfo[style]}.php")) { $GLOBALS['skin'] = $pwforum->foruminfo['style']; } $pwdcheck = GetCookie('pwdcheck'); if ($pwforum->foruminfo['password'] != '' && ($groupid == 'guest' || $pwdcheck[$pwforum->fid] != $pwforum->foruminfo['password'] && !S::inArray($this->user['username'], $GLOBALS['manager']))) { require_once R_P . 'require/forumpw.php'; } if (!$pwforum->allowvisit($this->user, $this->groupid)) { return 'forum_purview_erro'; //对不起,本版块为认证版块,您没有权限查看此版块的内容! } if (!$pwforum->foruminfo['cms'] && $pwforum->foruminfo['f_type'] == 'hidden' && !$pwforum->foruminfo['allowvisit']) { return 'forum_purview_erro'; //本版块为隐藏版块,您无权进入! } $this->foruminfo =& $pwforum->foruminfo; $this->admincheck = $this->groupid == '3' || $pwforum->isBM($this->username) ? 1 : 0; if (!$this->admincheck && !$pwforum->allowdownload($this->user, $this->groupid)) { //版块权限判断 return 'forum_purview_erro'; //对不起,本版块只有特定用户可以下载附件,请返回 } if (!$this->foruminfo['allowdownload'] && $this->_G['allowdownload'] == 0 && !$this->admincheck) { //用户组权限判断 return 'forum_purview_erro'; //用户组权限:你所属的用户组没有下载附件的权限 } return true; }
function sendPost($tid, $uid, $title, $content) { global $winddb, $winduid, $windid, $groupid, $fid, $timestamp, $pwforum, $pwpost, $_G, $db_uploadfiletype, $uploadcredit, $uploadmoney, $manager, $isBM, $_time; $timestamp = time(); $_time = array('hours' => get_date($timestamp, 'G'), 'day' => get_date($timestamp, 'j'), 'week' => get_date($timestamp, 'w')); list($uid, $tid, $title, $content) = array(intval($uid), intval($tid), trim($title), trim($content)); if ($uid < 1 || $tid < 1 || !$content) { return $this->buildResponse(THREAD_INVALID_PARAMS); } ACloud_Sys_Core_Common::setGlobal('customized_current_uid', $uid); $user = $this->getCurrentUser(); if (!$user->isLogin()) { return $this->buildResponse(USER_NOT_LOGIN); } if ($user->groupid == 6 || getstatus($user->info['userstatus'], PW_USERSTATUS_BANUSER)) { return $this->buildResponse(THREAD_USER_NOT_RIGHT); } $user->initRight(); $winduid = $user->uid; $groupid = $user->groupid; $windid = $user->username; $winddb = $user->info; $_G = $user->_G; if ($_G['postlimit'] && $winddb['todaypost'] >= $_G['postlimit']) { return $this->buildResponse(POST_GP_LIMIT); } $tpcarray = $GLOBALS['db']->get_one("SELECT t.tid,t.fid,t.locked,t.ifcheck,t.author,t.authorid,t.postdate,t.lastpost,t.ifmail,t.special,t.subject,t.type,t.ifshield,t.anonymous,t.ptable,t.replies,t.tpcstatus FROM pw_threads t WHERE t.tid=" . pwEscape($tid)); L::loadClass('forum', 'forum', false); $pwforum = new PwForum($tpcarray['fid']); if (!$pwforum->isForum()) { return $this->buildResponse(THREAD_FORUM_NOT_EXIST); } $fid = $tpcarray['fid']; $isBM = $pwforum->isBM($windid); $isGM = S::inArray($windid, $manager); if (!$isGM && $tpcarray['locked'] % 3 != 0 && !pwRights($isBM, 'replylock')) { return $this->buildResponse(THREAD_LOCKED); } L::loadClass('post', 'forum', false); require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.bbscode.php'; $pwpost = new PwPost($pwforum); $pwpost->errMode = true; $pwpost->forumcheck(); $pwpost->postcheck(); L::loadClass('replypost', 'forum', false); $replypost = new replyPost($pwpost); $replypost->setTpc($tpcarray); $replypost->check(); $pw_posts = GetPtable($replypost->tpcArr['ptable']); $postdata = new replyPostData($pwpost); $postdata->setTitle($title); $postdata->setContent($content); $postdata->conentCheck(); if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) { return $this->buildResponse(THREAD_SYSTEM_ERROR, $msg); } require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.attupload.php'; if (PwUpload::getUploadNum()) { $_G['uploadtype'] && ($db_uploadfiletype = $_G['uploadtype']); $db_uploadfiletype = !empty($db_uploadfiletype) ? is_array($db_uploadfiletype) ? $db_uploadfiletype : unserialize($db_uploadfiletype) : array(); $postdata->att = new AttUpload($user->uid); $return = $postdata->att->check(); if ($return) { $msginfo = getLangInfo('msg', $return); return $this->errMessage(THREAD_USER_NOT_RIGHT, $msginfo); } list($windVersion) = explode(',', WIND_VERSION); if ($windVersion && $windVersion < '8.5') { $postdata->att->transfer(); PwUpload::upload($postdata->att); } } $replypost->execute($postdata); $pid = $replypost->getNewId(); return $this->buildResponse(0, array('pid' => $pid)); }
function _checkForum($fid) { L::loadClass('forum', 'forum', false); $pwforum = new PwForum($fid); if (!$pwforum->isForum()) { return 'data_error'; } $pwforum->forumcheck($this->user, $this->groupid); $this->foruminfo =& $pwforum->foruminfo; $isBM = $pwforum->isBM($this->username); $this->admincheck = $this->isGM || pwRights($isBM, 'delattach', $fid) ? 1 : 0; return true; }
function postThread($uid, $fid, $subject, $content) { global $winddb, $winduid, $windid, $groupid, $_G, $timestamp, $pwforum, $pwpost, $uploadcredit, $uploadmoney, $db_uploadfiletype, $_time; $timestamp = time(); $_time = array('hours' => get_date($timestamp, 'G'), 'day' => get_date($timestamp, 'j'), 'week' => get_date($timestamp, 'w')); list($uid, $fid, $subject, $content) = array(intval($uid), intval($fid), trim($subject), trim($content)); if ($uid < 1 || $fid < 1 || !$subject || !$content) { return $this->buildResponse(THREAD_INVALID_PARAMS); } ACloud_Sys_Core_Common::setGlobal('customized_current_uid', $uid); $user = $this->getCurrentUser(); if (!$user->isLogin()) { return $this->buildResponse(USER_NOT_LOGIN); } if ($user->groupid == 6 || getstatus($user->info['userstatus'], PW_USERSTATUS_BANUSER)) { return $this->buildResponse(THREAD_USER_NOT_RIGHT); } $user->initRight(); $winduid = $user->uid; $groupid = $user->groupid; $windid = $user->username; $winddb = $user->info; $_G = $user->_G; if ($_G['postlimit'] && $winddb['todaypost'] >= $_G['postlimit']) { return $this->buildResponse(POST_GP_LIMIT); } L::loadClass('forum', 'forum', false); $pwforum = new PwForum($fid); if (!$pwforum->isForum()) { return $this->buildResponse(THREAD_FORUM_NOT_EXIST); } list($uploadcredit, $uploadmoney, , ) = explode("\t", $pwforum->forumset['uploadset']); L::loadClass('post', 'forum', false); require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.bbscode.php'; $pwpost = new PwPost($pwforum); $pwpost->errMode = true; $pwpost->forumcheck(); $pwpost->postcheck(); L::loadClass('topicpost', 'forum', false); $topicpost = new topicPost($pwpost); $topicpost->check(); $postdata = new topicPostData($pwpost); $postdata->setWtype('', '', $pwforum->foruminfo['t_type'], $pwforum->foruminfo['topictype']); $postdata->setTitle($subject); $postdata->setContent($content); $postdata->setConvert(1, 1); $postdata->setTags(''); $postdata->setDigest(''); $postdata->setTopped(''); $postdata->setIfsign(1, 0); if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) { return $this->buildResponse(THREAD_SYSTEM_ERROR, $msg); } require_once ACLOUD_VERSION_PATH . '/customized/ver.customized.attupload.php'; if (PwUpload::getUploadNum()) { $_G['uploadtype'] && ($db_uploadfiletype = $_G['uploadtype']); $db_uploadfiletype = !empty($db_uploadfiletype) ? is_array($db_uploadfiletype) ? $db_uploadfiletype : unserialize($db_uploadfiletype) : array(); $postdata->att = new AttUpload($user->uid); $return = $postdata->att->check(); if ($return) { $msginfo = getLangInfo('msg', $return); return $this->buildResponse(THREAD_USER_NOT_RIGHT); } list($windVersion) = explode(',', WIND_VERSION); if ($windVersion && $windVersion < '8.5') { PwUpload::upload($postdata->att); $postdata->att->transfer(); } } $topicpost->execute($postdata); $tid = $topicpost->getNewId(); return $this->buildResponse(0, array('tid' => $tid)); }
function _checkForum() { $this->tid = $this->attach['tid']; $thread = $this->_db->get_one("SELECT fid,tpcstatus,ifcheck FROM pw_threads WHERE tid=" . S::sqlEscape($this->tid, false)); if (getstatus($thread['tpcstatus'], 1) && !$thread['fid'] && $thread['ifcheck'] == '2') { return true; } L::loadClass('forum', 'forum', false); $pwforum = new PwForum($thread['fid']); if (!$pwforum->isForum()) { return 'data_error'; } $pwforum->forumcheck($this->user, $this->groupid); $this->foruminfo =& $pwforum->foruminfo; $this->admincheck = $this->groupid == '3' || $pwforum->isBM($this->username) ? 1 : 0; $forumset = $this->foruminfo['forumset']; list($this->uploadcredit, , $this->downloadmoney, ) = explode("\t", $forumset['uploadset']); if (!$this->admincheck && !$pwforum->allowdownload($this->user, $this->groupid)) { //版块权限判断 return 'job_attach_forum'; } if ($this->groupid == 'guest' && $this->_G['allowdownload'] == 0) { return 'download_not_login'; } if (!$this->foruminfo['allowdownload'] && $this->_G['allowdownload'] == 0 && !$this->admincheck) { //用户组权限判断 return 'job_attach_group'; } return true; }
function postModify($tid, $fid, $uid, $title, $content, $tags = '', $convert = 1, $usesign = 1, $usehtml = 0, $topped = 0, $digest = 0, $p_type = '', $p_sub_type = '') { global $winddb, $winduid, $windid, $groupid, $_G, $SYSTEM, $timestamp; L::loadClass('forum', 'forum', false); $pwforum = new PwForum($fid); if (!$pwforum->isForum()) { return new ErrorMsg(API_THREAD_FORUM_NOT_EXISTS, 'Forum not exists'); } $userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */ $winddb = $userService->get($uid, true, true); if (empty($winddb)) { return new ErrorMsg(API_THREAD_AUTHOR_NOT_EXISTS, 'User not exists'); } $winduid = $winddb['uid']; $groupid = $winddb['groupid']; $windid = $winddb['username']; $groupid == '-1' && ($groupid = $winddb['memberid']); if (file_exists(D_P . "data/groupdb/group_{$groupid}.php")) { //* include pwCache::getPath(S::escapePath(D_P."data/groupdb/group_$groupid.php")); extract(pwCache::getData(S::escapePath(D_P . "data/groupdb/group_{$groupid}.php", false))); } else { //* include pwCache::getPath(D_P.'data/groupdb/group_1.php'); extract(pwCache::getData(D_P . 'data/groupdb/group_1.php', false)); } L::loadClass('post', 'forum', false); require_once R_P . 'require/bbscode.php'; $pwpost = new PwPost($pwforum); $pwpost->errMode = true; L::loadClass('postmodify', 'forum', false); $postmodify = new topicModify($tid, 0, $pwpost); $atcdb = $postmodify->init(); if (empty($atcdb) || $atcdb['fid'] != $fid) { return new ErrorMsg(API_THREAD_ILLEGAL_TID, 'The tid is illegal'); } if ($winduid != $atcdb['authorid'] && $groupid != 3 && $groupid != 4) { $authordb = $userService->get($atcdb['authorid']); /**Begin modify by liaohu*/ $pce_arr = explode(",", $GLOBALS['SYSTEM']['tcanedit']); if (($authordb['groupid'] == 3 || $authordb['groupid'] == 4 || $authordb['groupid'] == 5) && !in_array($authordb['groupid'], $pce_arr)) { return new ErrorMsg(API_THREAD_MODIFY_ADMIN, 'The tid is not modify'); } /*if (($authordb['groupid'] == 3 || $authordb['groupid'] == 4)) { return new ErrorMsg(API_THREAD_MODIFY_ADMIN, 'The tid is not modify'); }*/ /**End modify by liaohu*/ } if ($_G['edittime'] && $timestamp - $atcdb['postdate'] > $_G['edittime'] * 60) { return new ErrorMsg(API_THREAD_MODIFY_TIMELIMIT, 'The modify time limit'); } $postdata = new topicPostData($pwpost); //* include_once pwCache::getPath(D_P.'data/bbscache/cache_post.php'); extract(pwCache::getData(D_P . 'data/bbscache/cache_post.php', false)); $t_db = $topic_type_cache[$fid]; $postdata->setWtype($p_type, $p_sub_type, 0, $t_db); $postdata->initData($postmodify); $postdata->setTitle($title); $postdata->setContent($content); $postdata->setConvert($convert, 1); $postdata->setTags($tags); $postdata->setDigest($digest); $postdata->setTopped($topped); $postdata->setIfsign($usesign, $usehtml); if ($pwpost->errMsg && ($msg = reset($pwpost->errMsg))) { $errmsg = $this->getErrMsg($msg); return new ErrorMsg($errmsg[0], $errmsg[1]); } $postmodify->execute($postdata); return new ApiResponse(true); }
function isEditAttachRight($aid, $tid) { global $isGM, $winduid; $aid = intval($aid); $tid = intval($tid); if ($aid < 1 || $tid < 1) { return false; } $threadsService = L::loadClass('threads', 'forum'); $read = $threadsService->getByThreadId($tid); if (!$read) { return false; } L::loadClass('forum', 'forum', false); $pwforum = new PwForum($read['fid']); if (!$pwforum->isForum()) { return false; } $isBM = $pwforum->isBM($windid); return $isGM || $isBM || $read['authorid'] == $winduid ? true : false; }