function wap_login($username, $password, $safecv, $lgt = 0)
{
global $db, $timestamp, $onlineip, $db_ckpath, $db_ckdomain, $db_bbsurl, $db_ifsafecv;
$men = $db->get_one("SELECT m.uid,m.password,m.safecv,m.groupid,m.yz,md.onlineip FROM pw_members m LEFT JOIN pw_memberdata md ON md.uid=m.uid WHERE m." . ($lgt ? 'uid' : 'username') . "=" . pwEscape($username));
if ($men) {
$e_login = explode("|", $men['onlineip']);
if ($e_login[0] != $onlineip . ' *' || $timestamp - $e_login[1] > 600 || $e_login[2] > 1) {
$men_uid = $men['uid'];
$men_pwd = $men['password'];
$check_pwd = $password;
if ($men['yz'] > 2) {
wap_msg('login_jihuo');
}
if (strlen($men_pwd) == 16) {
$check_pwd = substr($password, 8, 16);
/*支持 16 位 md5截取密码*/
}
if ($men_pwd == $check_pwd && (!$db_ifsafecv || $men['safecv'] == $safecv)) {
if (strlen($men_pwd) == 16) {
$db->update("UPDATE pw_members SET password="******" WHERE uid=" . pwEscape($men_uid));
}
$L_groupid = (int) $men['groupid'];
Cookie("ck_info", $db_ckpath . "\t" . $db_ckdomain);
} else {
global $L_T;
$L_T = $e_login[2];
$L_T ? $L_T-- : ($L_T = 5);
$F_login = "******";
$db->update("UPDATE pw_memberdata SET onlineip=" . pwEscape($F_login) . " WHERE uid=" . pwEscape($men_uid));
wap_msg('login_pwd_error');
}
} else {
global $L_T;
$L_T = 600 - ($timestamp - $e_login[1]);
wap_msg('login_forbid');
}
} else {
global $errorname;
$errorname = $username;
wap_msg('user_not_exists');
}
Cookie("winduser", StrCode($men_uid . "\t" . PwdCode($password) . "\t" . $safecv));
Cookie('lastvisit', '', 0);
wap_msg('wap_login', 'index.php');
}
function wap_check($fid, $action)
{
global $db, $groupid, $_G, $_time, $db_titlemax, $db_postmin, $db_postmax, $subject, $content;
$subject = trim($subject);
$content = trim($content);
if ($action == 'new' && (!$subject || strlen($subject) > $db_titlemax)) {
wap_msg('subject_limit');
}
if (strlen($content) >= $db_postmax || strlen($content) < $db_postmin) {
wap_msg('content_limit');
}
$fm = $db->get_one("SELECT f.forumadmin,f.fupadmin,f.password,f.allowvisit,f.f_type,f.f_check,f.allowpost,f.allowrp,fe.forumset FROM pw_forums f LEFT JOIN pw_forumsextra fe USING(fid) WHERE f.fid=" . pwEscape($fid));
$forumset = unserialize($fm['forumset']);
if (!$fm || $fm['password'] != '' || $fm['f_type'] == 'hidden' || $fm['allowvisit'] && @strpos($fm['allowvisit'], ",{$groupid},") === false) {
wap_msg('post_right');
}
if ($action == 'new') {
$isGM = CkInArray($GLOBALS['windid'], $GLOBALS['manager']);
$isBM = admincheck($fm['forumadmin'], $fm['fupadmin'], $GLOBALS['windid']);
if ($fm['f_check'] == '1' || $fm['f_check'] == '3') {
wap_msg('post_right');
}
if ($fm['allowpost'] && strpos($fm['allowpost'], ",{$groupid},") === false) {
wap_msg('post_right');
}
if (!$fm['allowpost'] && $_G['allowpost'] == 0) {
wap_msg('post_group');
}
if ($forumset['allowtime'] && !$isGM && !allowcheck($forumset['allowtime'], "{$_time['hours']}", '') && !pwRights($isBM, 'allowtime')) {
wap_msg('post_right');
}
} elseif ($action == 'reply') {
if ($fm['f_check'] == '2' || $fm['f_check'] == '3') {
wap_msg('reply_right');
}
if ($fm['allowrp'] && strpos($fm['allowrp'], ",{$groupid},") === false) {
wap_msg('reply_right');
}
if (!$fm['allowrp'] && $_G['allowrp'] == 0) {
wap_msg('reply_group');
}
}
}
}
if ($keyword) {
$condition .= " AND title LIKE '%{$keyword}%'";
}
$r = $db->get_one("SELECT COUNT(*) AS num FROM {$DT_PRE}message WHERE {$condition}");
$pages = wap_pages($r['num'], $page, $pagesize);
$lists = array();
$result = $db->query("SELECT * FROM {$DT_PRE}message WHERE {$condition} ORDER BY itemid DESC LIMIT {$offset},{$pagesize}");
while ($r = $db->fetch_array($result)) {
$r['adddate'] = timetodate($r['addtime'], 'm/d H:i');
$r['type'] = $TYPE[$r['typeid']];
$lists[] = $r;
}
if ($TP == 'touch') {
$back_link = 'index.php?moduleid=' . $moduleid;
}
}
include template('message', $TP);
break;
default:
if ($TP == 'touch') {
if (!$_userid) {
wap_msg($L['please_login'], 'index.php?moduleid=' . $moduleid . '&action=login');
}
$back_link = 'index.php';
include template('member', $TP);
} else {
dheader('index.php');
}
break;
}
$fromdate = timetodate($fromtime, 3);
$todate = timetodate($totime, 3);
$update = '';
include DT_ROOT . '/include/update.inc.php';
$head_title = $title . $DT['seo_delimiter'] . $MOD['name'] . $DT['seo_delimiter'] . $head_title;
} else {
if ($kw) {
check_group($_groupid, $MOD['group_search']) or wap_msg($L['msg_no_search']);
} else {
if ($catid) {
$CAT or wap_msg($L['msg_not_cate']);
if (!check_group($_groupid, $MOD['group_list']) || !check_group($_groupid, $CAT['group_list'])) {
wap_msg($L['msg_no_right']);
}
} else {
check_group($_groupid, $MOD['group_index']) or wap_msg($L['msg_no_right']);
}
}
$head_title = $MOD['name'] . $DT['seo_delimiter'] . $head_title;
if ($kw) {
$head_title = $kw . $DT['seo_delimiter'] . $head_title;
}
$condition = "status>2";
if ($keyword) {
$condition .= " AND keyword LIKE '%{$keyword}%'";
}
if ($catid) {
$condition .= $CAT ? " AND catid IN (" . $CAT['arrchildid'] . ")" : " AND catid={$catid}";
}
if ($areaid) {
$condition .= $ARE['child'] ? " AND areaid IN (" . $ARE['arrchildid'] . ")" : " AND areaid={$areaid}";
$db->update("INSERT INTO pw_attachbuy SET " . pwSqlSingle(array('aid' => $aid, 'uid' => $winduid, 'ctype' => $attach['ctype'], 'cost' => $attach['needrvrc'])));
$credit->addLog('topic_attbuy', array($attach['ctype'] => -$attach['needrvrc']), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip));
$credit->set($winduid, $attach['ctype'], -$attach['needrvrc'], false);
if ($db_sellset['income'] < 1 || ($income = $db->get_value("SELECT SUM(cost) AS sum FROM pw_attachbuy WHERE aid=" . pwEscape($aid))) < $db_sellset['income']) {
$username = $db->get_value("SELECT username FROM pw_members WHERE uid=" . pwEscape($attach['uid'], false));
$credit->addLog('topic_attsell', array($attach['ctype'] => $attach['needrvrc']), array('uid' => $attach['uid'], 'username' => $username, 'ip' => $onlineip, 'buyer' => $windid));
$credit->set($attach['uid'], $attach['ctype'], $attach['needrvrc'], false);
}
}
} else {
!$attach['ctype'] && ($attach['ctype'] = 'rvrc');
$usercredit = $credit->get($winduid, $attach['ctype']);
if ($usercredit < $attach['needrvrc']) {
$needrvrc = $attach['needrvrc'];
$creditName = $credit->cType[$attach['ctype']];
wap_msg($downloadmoney > 0 && $uploadcredit == $attach['ctype'] ? 'job_attach_rvrc_download' : 'job_attach_rvrc');
}
}
}
if (isset($credit) && $credit->setUser) {
$credit->runsql();
}
$pw_attachs->increaseField($aid, 'hits');
if ($db_attachhide && $attach['size'] > $db_attachhide && $attach['type'] == 'zip' && !defined('FX')) {
ObHeader($fgeturl[0]);
} elseif ($fgeturl[1] == 'Local') {
$filename = "{$attachdir}/" . $attach['attachurl'];
$filesize = filesize($filename);
}
$ctype = '';
switch ($fileext) {
function forum_sell($fid)
{
global $db, $winduid, $timestamp;
$rt = $db->get_one("SELECT MAX(overdate) AS u FROM pw_forumsell WHERE uid=" . pwEscape($winduid) . ' AND fid=' . pwEscape($fid));
if ($rt['u'] < $timestamp) {
wap_msg('本版块为出售版块', 'index.php?a=list');
}
}
function checkWapPost($iftitle = 1)
{
global $subject, $content, $db_titlemax, $db_postmax, $db_postmin, $refer;
if ($iftitle && (empty($subject) || strlen($subject) > $db_titlemax)) {
wap_msg("标题不能为空,且长度必须小于{$db_titlemax}字节", $refer);
}
if (strlen(trim($content)) >= $db_postmax || strlen(trim($content)) < $db_postmin) {
$msg = $db_postmin ? "内容长度必须大于{$db_postmin}字节" : '';
$msg .= $db_postmax ? "且小于{$db_postmax}字节" : '';
wap_msg($msg, $refer);
}
}
<?php
/*
[Destoon B2B System] Copyright (c) 2008-2013 Destoon.COM
This is NOT a freeware, use is subject to license.txt
*/
define('DT_MEMBER', true);
define('DT_WAP', true);
require '../common.inc.php';
header("Content-type:text/html; charset=utf-8");
require DT_ROOT . '/include/module.func.php';
require 'global.func.php';
include load('wap.lang');
$EXT['wap_enable'] or wap_msg($L['msg_wap_close']);
if ($DT_BOT) {
$TP = 'touch';
} else {
$UA = strtoupper($_SERVER['HTTP_USER_AGENT']);
if (strpos($UA, 'WINDOWS NT') !== false) {
dheader($EXT['wap_url'] . 'mobile.php?action=pc');
}
$TP = 'wap';
$CK = get_cookie('mobile');
if ($CK == 'wap') {
//
} else {
if ($CK == 'touch') {
$TP = 'touch';
} else {
if (preg_match("/(iPhone|iPad|iPod|Android)/i", $UA)) {
$TP = 'touch';
<?php
defined('W_P') or exit('Forbidden');
if (empty($wind_action)) {
wap_header();
require_once PrintWAP('forumpwd');
wap_footer();
} else {
if ($forum['password'] == md5($wind_pwd) && $groupid != 'guest') {
Cookie("pwdcheck[{$fid}]", $forum['password']);
} elseif ($groupid == 'guest') {
wap_msg('forumpw_guest', 'index.php?a=list');
} else {
wap_msg('forumpw_pwd_error', 'index.php?a=forum&fid=' . $fid);
}
}
<?php
!defined('W_P') && exit('Forbidden');
include_once D_P . "data/bbscache/dbreg.php";
InitGP(array('lgt', 'pwuser', 'pwpwd', 'question', 'customquest', 'answer'), 'P');
if ($windid) {
wap_msg('login_have');
} elseif ($pwuser && $pwpwd) {
$safecv = $db_ifsafecv ? wap_quest($question, $customquest, $answer) : '';
wap_login($pwuser, md5($pwpwd), $safecv, $lgt);
}
$returnUrl = getReturnUrl();
wap_header();
require_once PrintWAP('login');
wap_footer();
// 发送邮件
@(include_once D_P . 'data/bbscache/mail_config.php');
if ($rg_emailcheck) {
$verifyhash = GetVerify();
$rg_yz = md5($rg_yz . substr(md5($db_sitehash), 0, 5) . substr(md5($regname), 0, 5));
require_once R_P . 'require/sendemail.php';
$sendinfo = sendemail($regemail, 'email_check_subject', 'email_check_content', 'email_additional');
if ($sendinfo === true) {
ObHeader("{$db_registerfile}?step=finish&email={$regemail}&verify={$verifyhash}");
} else {
wap_msg(is_string($sendinfo) ? $sendinfo : 'reg_email_fail', $basename);
}
} elseif ($rg_regsendemail && $ml_mailifopen) {
require_once R_P . 'require/sendemail.php';
sendemail($regemail, 'email_welcome_subject', 'email_welcome_content', 'email_additional');
}
// 发送结束
if ($db_pptifopen && $db_ppttype == 'server' && ($db_ppturls || $forward)) {
$action = 'login';
$jumpurl = $forward ? $forward : $db_ppturls;
empty($forward) && ($forward = $db_bbsurl);
require_once R_P . 'require/passport_server.php';
}
$verifyhash = GetVerify($winduid);
wap_msg('reg_success', 'index.php');
exit;
}
$returnUrl = getReturnUrl();
wap_header();
require_once PrintWAP('register');
wap_footer();
<?php
!defined('W_P') && exit('Forbidden');
$defaultType = '';
if ($db_waprecommend) {
InitGP(array('type', 'page'), 'GP');
require_once W_P . 'include/db/recommend.db.php';
$recommend = new RecommendDB();
$recommendTypes = $recommend->getRecommendActiveType();
$recommendbs = $recommend->getRecommendByType($type, $page);
$url = "index.php?a=recommend&" . ($type ? "&type={$type}" : "") . '&';
$pages = getPages($page, count($recommendbs), $url);
} else {
wap_msg('recommend_close');
}
Cookie("wap_scr", serialize(array("page" => "recommend")));
wap_header();
require_once PrintWAP('recommend');
wap_footer();
$prer = nextReply($tid, $pid, $rt['ptable'], -1);
} else {
wap_msg('illegal_tid');
}
} elseif ($action == 'modify') {
InitGP(array('step'), 'GP', 2);
$pw_tmsgs = GetTtable($tid);
$rt = $db->get_one("SELECT t.fid,t.tid,t.subject,t.author,t.authorid,t.replies,t.locked,t.postdate,t.anonymous,t.ptable,tm.content FROM pw_threads t LEFT JOIN {$pw_tmsgs} tm ON tm.tid=t.tid WHERE t.tid=" . pwEscape($tid) . " AND ifcheck=1");
//读取板块信息
if (!($foruminfo = L::forum($rt[fid]))) {
wap_msg('data_error');
}
$isBM = admincheck($foruminfo['forumadmin'], $foruminfo['fupadmin'], $windid);
//获得管理权限
$pw_posts = GetPtable($rt['ptable']);
$reply = $db->get_one("SELECT * FROM {$pw_posts} WHERE pid = " . pwEscape($pid));
$editright = $isGM || pwRights($isBM, 'deltpcs') || $reply['authorid'] == $winduid;
!$editright && wap_msg('您没有权限编辑此回复', 'index.php?a=reply&tid=' . $tid . '&pid=' . $pid);
if (empty($step)) {
$reply['content'] = str_replace(array('<', '>', ' '), array('<', '>', ' '), $reply['content']);
} elseif ($step == 2) {
InitGP(array('content'), 'GP');
$pw_posts = GetPtable('N', $tid);
$db->update("UPDATE {$pw_posts} SET content = " . pwEscape(wap_cv($content)) . " WHERE pid = " . pwEscape($pid));
wap_msg('operate_success', 'index.php?a=reply&tid=' . $tid . '&pid=' . $pid);
}
}
Cookie("wap_scr", serialize(array("page" => "reply", "extra" => array("tid" => $tid, "pid" => $pid))));
wap_header();
require_once PrintWAP('reply');
wap_footer();
function checkupload(&$upatt)
{
global $db_allowupload, $returnedit;
if (!$db_allowupload) {
wap_msg('upload_close', $returnedit);
} elseif (!$upatt->forum->allowupload($upatt->post->user, $upatt->post->groupid)) {
wap_msg('upload_forum_right', $returnedit);
} elseif (!$upatt->forum->foruminfo['allowupload'] && $upatt->post->_G['allowupload'] == 0) {
wap_msg('upload_group_right', $returnedit);
}
if ($upatt->post->user['uploadtime'] < $GLOBALS['tdtime']) {
$upatt->post->user['uploadnum'] = 0;
}
if ($upatt->post->_G['allownum'] > 0 && $upatt->post->user['uploadnum'] + count($_FILES) + count($upatt->flashatt) >= $upatt->post->_G['allownum']) {
wap_msg('upload_num_error', $returnedit);
}
if ($upatt->post->_G['allowupload'] == 1 && $upatt->uploadmoney) {
global $credit;
require_once R_P . 'require/credit.php';
if ($upatt->uploadmoney < 0 && $credit->get($upatt->post->uid, $upatt->uploadcredit) < abs($upatt->uploadmoney)) {
$GLOBALS['creditname'] = $credit->cType[$upatt->uploadcredit];
wap_msg('upload_money_limit', $returnedit);
}
}
}
!$uid && !$username && ($uid = $winduid);
if ($uid) {
$sql = 'm.uid=' . pwEscape($uid);
$uid == $winduid && ($isU = true);
} else {
$sql = 'm.username='******'';
wap_msg('user_not_exists');
}
$userdb['honor'] = substrs($userdb['honor'], 90);
if (!$isU && !$_G['allowprofile'] && !$userdb['isfriend']) {
wap_msg('profile_right');
}
$uid = $userdb['uid'];
include_once D_P . 'data/bbscache/level.php';
$systitle = $userdb['groupid'] == '-1' ? '' : $ltitle[$userdb['groupid']];
$p_list = $db_plist ? explode(',', $db_plist) : array();
if (!$winduid && !$_G['allowprofile']) {
Showmsg('not_login');
}
include_once D_P . 'data/bbscache/md_config.php';
require_once R_P . 'require/credit.php';
require_once R_P . 'require/forum.php';
require_once R_P . 'require/postfunc.php';
$customdata = $custominfo = $colonydb = array();
$user_icon = explode('|', $userdb['icon']);
if ($user_icon[4] && $userdb['tooltime'] < $timestamp - 86400) {
$delarticle->delReply($readdb, $db_recycle, $ifdel, true, array('reason' => $atc_content));
$jurl = "index.php?a=read&tid={$seltid}";
} else {
$delarticle->delTopic($readdb, $db_recycle, $ifdel, array('reason' => $atc_content));
}
$credit->runsql();
foreach ($msgdb as $key => $val) {
pwSendMsg($val);
}
if ($db_ifpwcache ^ 1) {
$db->update("DELETE FROM pw_elements WHERE type !='usersort' AND id IN(" . pwImplode($delids) . ')');
}
P_unlink(D_P . 'data/bbscache/c_cache.php');
wap_msg("wap_post_del", $jurl);
} else {
$sql = "SELECT * FROM pw_threads WHERE tid = " . pwEscape($seltid);
$threadb = $db->get_one($sql);
if (!$threadb) {
wap_msg('data_error');
}
$threadb['postdate'] = get_date($threadb['postdate'], "m-d H:i");
//获取回复信息
if ($selpid) {
$ptables = GetPtable('N', $seltid);
$replydb = $db->get_one("SELECT * FROM {$ptables} WHERE pid=" . pwEscape($selpid));
}
$template = 'mawhole';
}
wap_header();
require_once PrintWAP($template);
wap_footer();
$attachpath = $db_bbsurl . '/' . $attachpath;
$wapImages = './images';
$wap_perpage = 10;
if (!$db_wapifopen) {
wap_msg('wap_closed');
}
if ($db_charset != 'utf8') {
L::loadClass('Chinese', 'utility/lang', false);
$chs = new Chinese('UTF8', $db_charset, true);
foreach ($_POST as $key => $value) {
$_POST[$key] = addslashes($chs->Convert(stripslashes($value)));
}
}
$basename = substr($_SERVER['PHP_SELF'], strrpos($_SERVER['PHP_SELF'], '/') + 1);
$headTitle = $db_bbsname;
$isGM = CkInArray($windid, $manager);
if ($_GET['token']) {
$token = deWindToken($_GET['token']);
if ($token) {
Cookie("winduser", $token);
//自动获取勋章_start
require_once R_P . 'require/functions.php';
doMedalBehavior($winduid, 'continue_login');
//自动获取勋章_end
wap_msg("欢迎来到{$db_bbsname}", 'index.php');
} else {
wap_msg("链接已失效,请重新登录", 'index.php');
}
}
$tokenURL = "{$db_bbsurl}/index.php?token=" . enWindToken(GetCookie('winduser'));
$scrMap = array("realy_all" => "index.php?a=realy_all", "reply" => "index.php?a=reply", "read" => "index.php?a=read", "forum" => "index.php?a=forum", "list" => "index.php?a=list", "bbsinfo" => "index.php?a=bbsinfo", "index" => "index.php", "recommend" => "index.php?a=recommend");
<?php
defined('P_W') || exit('Forbidden');
$forumName = $db_bbsname;
InitGP(array('page', 'fid', 'q'));
$q = trim(str_replace("%", "", $q));
(!is_numeric($page) || $page < 1) && ($page = 1);
(!is_numeric($fid) || $page < 1) && ($fid = 0);
$thisp = 0;
if ($_G['allowsearch'] == '0') {
wap_msg('您所在的用户组没有搜索权限', 'index.php');
}
function search($fid)
{
global $page, $thisp, $q, $db, $wap_perpage;
/* 调用搜索Service -- searchThreads 搜索帖子内容 */
$searcherService = L::loadclass('searcher', 'search');
$result = $searcherService->searchThreads($q, 1, '', '', '', array(), $page, $wap_perpage, array());
$start = ($page - 1) * $wap_perpage;
if (is_array($result[1])) {
foreach ($result[1] as $k => $v) {
$id++;
$v['anonymous'] && ($v['author'] = $db_anonymousname);
$v['id'] = $id;
$hots[] = $v;
}
}
return $hots;
}
wap_header();
require_once PrintWAP('search');
function viewOneReply($tid, $pid, $ptable)
{
global $db, $db_waplimit, $c_page, $db_anonymousname, $pwAnonyHide, $winduid;
$pw_posts = GetPtable($ptable);
$sql = "SELECT pid,subject,author,authorid,content,postdate,anonymous,aid FROM {$pw_posts} WHERE pid=" . pwEscape($pid);
$ct = $db->get_one($sql);
if ($ct) {
$ct['subject'] = str_replace(' ', '', wap_cv($ct['subject']));
$content = viewContent($ct['content']);
$yxqw = "";
/*************对内容进行分页**********/
(int) $c_page < 1 && ($c_page = 1);
$clen = wap_strlen($content, $db_charset);
//TODO mbstring
$maxp = ceil($clen / $db_waplimit);
$c_nextp = $c_page + 1;
$c_prep = $c_page - 1;
if ($c_nextp > $maxp) {
$c_nextp = $maxp;
}
if ($c_prep <= 0) {
$c_prep = 1;
}
$yxqw = "";
if ($maxp > 1) {
$content = wap_substr($content, $db_waplimit * ($c_page - 1), $db_waplimit, $db_charset);
$content = wap_img2($content);
if (empty($content)) {
wap_msg("已到最后一页", "index.php?a=read&tid={$tid}");
}
if ($c_page == 1) {
$yxqw = "<a href='index.php?a=reply&pid=" . $pid . "&tid=" . $tid . "&c_page={$c_nextp}'>下一页</a>";
} elseif ($c_page == $maxp) {
$yxqw = "<a href='index.php?a=reply&pid=" . $pid . "&tid=" . $tid . "&c_page={$c_prep}'>上一页</a> ";
} else {
$yxqw = "<a href='index.php?a=reply&pid=" . $pid . "&tid=" . $tid . "&c_page={$c_nextp}'>下一页</a>";
$yxqw .= "<a href='index.php?a=reply&pid=" . $pid . "&tid=" . $tid . "&c_page={$c_prep}'>上一页</a> ";
}
$yxqw .= " ({$c_page}/{$maxp})<br/>";
} else {
$content = wap_img2($content);
}
$ct['content'] = $content;
/*************对内容进行分页**********/
if ($ct['anonymous'] && $ct['authorid'] != $winduid && !$pwAnonyHide) {
$ct['author'] = $db_anonymousname;
$ct['authorid'] = 0;
}
list(, $ct['postdate']) = getLastDate($ct['postdate']);
$ct['id'] = $id;
//$ct ['author'] = $ct ['anonymous'] ? $db_anonymousname : $ct ['author'];
$ct['author'] = wap_cv($ct['author']);
$ct['yxqw'] = $yxqw;
if ($ct['aid'] && $ct['aid'] != '') {
$ct['aidimgs'] = viewAidsForHtml($tid, $pid);
$ct['aidatts'] = viewDownloads($tid, $pid);
} else {
$ct['aidimgs'] = '';
$ct['aidatts'] = '';
}
}
return $ct;
}
<?php
!defined('W_P') && exit('Forbidden');
!$winduid && (wap_msg('not_login') && exit);
$returnUrl = "index.php";
$pwServer['HTTP_ACCEPT_LANGUAGE'] = GetServer('HTTP_ACCEPT_LANGUAGE');
wap_header();
require_once PrintWAP('myphone');
wap_footer();
<?php
!defined('W_P') && exit('Forbidden');
require_once R_P . 'require/checkpass.php';
Loginout();
wap_msg('wap_quit', 'index.php');
<?php
!defined('W_P') && exit('Forbidden');
InitGP(array('uid', 'username', 'action', 'fr', 'tid'));
!$winduid && wap_msg('not_login');
$returnUrl = "index.php";
wap_header();
require_once PrintWAP('mybbs');
wap_footer();
if ($rt['ifupload'] != 0) {
$imgs = viewAids($tid, 0);
$downloads = viewDownloads($tid, 0);
}
$yxqw = "";
if ($maxp > 1) {
$content = wap_substr($content, $db_waplimit * ($page - 1), $db_waplimit, $db_charset);
$content = wap_img2($content);
if (empty($content)) {
wap_msg("已到最后一页", "index.php?a=read&tid={$tid}");
}
if ($page == 1) {
$yxqw = "<a href='index.php?a=read&tid=" . $tid . "&all=1&page={$nextp}'>下一页</a>";
} elseif ($page == $maxp) {
$yxqw = "<a href='index.php?a=read&tid=" . $tid . "&all=1&page={$prep}'>上一页</a> ";
} else {
$yxqw = "<a href='index.php?a=read&tid=" . $tid . "&all=1&page={$nextp}'>下一页</a>";
$yxqw .= "<a href='index.php?a=read&tid=" . $tid . "&all=1&page={$prep}'>上一页</a> ";
}
$yxqw .= " ({$page}/{$maxp})<br/>";
} else {
$content = wap_img2($content);
}
$postdb = viewReply($tid, 1, $rt['replies'], 3, 90, $rt['ptable'], 2);
} else {
wap_msg('illegal_tid');
}
Cookie("wap_scr", serialize(array("page" => "read", "extra" => array("tid" => $tid))));
wap_header();
require_once PrintWAP('read');
wap_footer();
$db_blogsource = array('web' => '网页', 'signature' => '个性签名', 'm' => '手机', 'other' => '其他');
if (!$uid && !$username) {
$uid = $winduid;
}
if ($uid && $uid != $winduid) {
$userdb = $db->get_one("SELECT m.uid,m.icon,m.username,m.honor FROM pw_members m WHERE m.uid = " . pwEscape($uid));
} elseif ($username && $username != $windid) {
$userdb = $db->get_one("SELECT m.uid,m.icon,m.username,m.honor FROM pw_members m WHERE m.username = " . pwEscape($username));
$uid = $userdb['uid'];
} else {
$userdb =& $winddb;
$uid = $userdb['uid'];
}
if (empty($userdb)) {
$errorname = '';
wap_msg('user_not_exists');
}
require_once R_P . 'require/showimg.php';
list($usericon) = showfacedesign($userdb['icon'], 1, 's');
list($lastDate) = getLastDate($userdb['postdate']);
require_once W_P . 'include/db/myspace.db.php';
$myspace = new MyspaceDB();
$myspace->setPerPage(5);
$myArticles = $myspace->getArticlesByUser($uid);
$myReplaies = $myspace->getReplaysByUser($uid);
if ($winduid == $uid) {
$collectionService = L::loadClass('Collection', 'collection');
$mydata = $collectionService->findByUidAndTypeInPage($winduid, 'postfavor', 1, 5, 'all');
$myFavThreads = array();
foreach ($mydata as $key => $value) {
$temp = array();
$pw_posts = GetPtable($tp['ptable']);
if ($db_plist && count($db_plist) > 1) {
$db->update("INSERT INTO pw_pidtmp(pid) values('')");
$pid = $db->insert_id();
} else {
$pid = '';
}
$db->update("INSERT INTO {$pw_posts}" . " SET " . pwSqlSingle(array('pid' => $pid, 'tid' => $tid, 'fid' => $fid, 'ifcheck' => 1, 'subject' => $subject, 'author' => $windid, 'authorid' => $winduid, 'postdate' => $timestamp, 'userip' => $onlineip, 'ipfrom' => $ipfrom, 'content' => $content)));
!$pid && ($pid = $db->insert_id());
$db->update("UPDATE pw_threads" . " SET " . pwSqlSingle(array('lastpost' => $timestamp, 'lastposter' => $windid)) . ",replies=replies+1,hits=hits+1" . " WHERE tid=" . pwEscape($tid));
#增加高楼索引
if ($openIndex && $pid) {
$db->update("INSERT INTO pw_postsfloor SET pid=" . pwEscape($pid) . ", tid=" . pwEscape($tid));
}
# memcache refresh
$threadList = L::loadClass("threadlist");
$threadList->updateThreadIdsByForumId($fid, $tid);
$lastpost = $subject . "\t" . addslashes($windid) . "\t" . $timestamp . "\t" . "read.php?tid={$tid}&page=e#a";
$db->update("UPDATE pw_forumdata SET lastpost=" . pwEscape($lastpost) . ",tpost=tpost+1,article=article+1,topic=topic+1 WHERE fid=" . pwEscape($fid));
require_once R_P . 'require/credit.php';
$fm = $db->get_one("SELECT creditset FROM pw_forumsextra WHERE fid=" . pwEscape($fid));
$creditset = $credit->creditset($fm['creditset'], $db_creditset);
$credit->addLog('topic_Reply', $creditset['Reply'], array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'fname' => $forum[$fid]['name']));
$credit->sets($winduid, $creditset['Reply'], false);
$credit->runsql();
$sqladd = $tdtime >= $winddb['lastpost'] ? 'todaypost=1,' : 'todaypost=todaypost+1,';
$sqladd .= $montime >= $winddb['lastpost'] ? 'monthpost=1,' : 'monthpost=monthpost+1,';
$db->update("UPDATE pw_memberdata SET {$sqladd}postnum=postnum+1,lastpost=" . pwEscape($timestamp) . " WHERE uid=" . pwEscape($winduid));
wap_msg('post_success', "read.php?tid={$tid}&page=e");
}
}
$userService->update($winduid, array('shortcut' => $shortcut));
$url = "index.php?a=forum&fid={$fid}";
wap_msg("wap_shortcutno", $url);
} elseif ($action == 'add') {
$url = "index.php?a=forum&fid={$fid}";
if (in_array($fid, $myshortcut)) {
foreach ($myshortcut as $key => $value) {
if (!$value || $value == $fid) {
unset($myshortcut[$key]);
}
}
$shortcut = ',' . implode(',', $myshortcut) . ',';
$shortcut .= $shortcut . "\t" . $winddb['appshortcut'];
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$userService->update($winduid, array('shortcut' => $shortcut));
wap_msg("wap_shortcutno", $url);
} else {
count($myshortcut) >= 6 && wap_msg('wap_shortcut_numlimit', $url);
require_once D_P . 'data/bbscache/forum_cache.php';
$forumkeys = array_keys($forum);
!in_array($fid, $forumkeys) && wap_msg('undefined_action', $url);
$myshortcut[] = $fid;
$shortcut = ',' . implode(',', $myshortcut) . ',';
$shortcut .= $shortcut . "\t" . $winddb['appshortcut'];
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$userService->update($winduid, array('shortcut' => $shortcut));
wap_msg("wap_shortcutok", $url);
}
}
break;
case '2':
$sexHTML = "\r\n \t\t\t<input type='radio' name='gender' value='0'>保密\r\n \t\t\t<input type='radio' name='gender' value='1'>男\r\n \t\t\t<input type='radio' name='gender' value='2' checked>女";
break;
default:
$sexHTML = "\r\n \t\t\t<input type='radio' name='gender' value='0' checked>保密\r\n \t\t\t<input type='radio' name='gender' value='1'>男\r\n \t\t\t<input type='radio' name='gender' value='2'>女";
}
$db->free_result($rt);
$bodybackground = 'read';
wap_header();
require_once PrintWAP('myedit');
wap_footer();
} elseif ($goto == 'updatemyedit') {
InitGP(array('uid', 'gender', 'bday_year', 'bday_month', 'bday_day', 'regqq', 'proemail', 'propwdold', 'propwdnew'));
empty($propwdold) && wap_msg('密码不能为空', "index.php?a=my&uid={$uid}&goto=myedit");
$rt = $db->get_one("SELECT password FROM pw_members WHERE uid=" . pwEscape($winduid));
if ($propwdnew == $propwdold) {
//wap_msg('输入的新密码和原密码相同,请确认!',"index.php?a=my&uid=$uid&goto=myedit");
}
if ($rt['password'] == md5($propwdold)) {
$bday = $bday_year . "-" . $bday_month . "-" . $bday_day;
$db->update("UPDATE\tpw_members SET\tgender = '" . $gender . "',bday = '" . $bday . "',oicq = '" . $regqq . "',email = '" . $proemail . "',password = '******' WHERE uid = " . S::sqlEscape($winduid));
wap_msg('修改成功!', "index.php?a=my&uid={$uid}&goto=myedit");
} else {
wap_msg('原密码输入有误', "index.php?a=my&uid={$uid}&goto=myedit");
}
$bodybackground = 'read';
wap_header();
require_once PrintWAP('mylist');
wap_footer();
}
MakeThumb($middleFile, $middleFile, 128, 128);
require_once R_P . 'require/imgfunc.php';
if (!($img_size = GetImgSize($middleFile, 'jpg'))) {
P_unlink($middleFile);
wap_msg('upload_content_error', $basename);
}
list($img_w, $img_h) = getimagesize($normalFile);
$smallFile = PwUpload::savePath($db_ifftp, $filename, $smallDir);
$s_ifthumb = 0;
PwUpload::createFolder(dirname($smallFile));
if (MakeThumb($middleFile, $smallFile, 48, 48)) {
$s_ifthumb = 1;
}
if ($db_ifftp) {
PwUpload::movetoftp($middleFile, $middleDir . $filename);
$s_ifthumb && PwUpload::movetoftp($smallFile, $smallDir . $filename);
}
pwFtpClose($GLOBALS['ftp']);
$user_a = explode('|', $winddb['icon']);
$user_a[2] = $img_w;
$user_a[3] = $img_h;
$usericon = setIcon("{$udir}/{$winduid}.{$ext}", 3, $user_a);
$db->update("UPDATE pw_members SET icon=" . pwEscape($usericon, false) . " WHERE uid=" . pwEscape($winduid));
wap_msg("operate_success", "index.php?a=myhome&t=" . $timestamp);
} else {
wap_msg('undefined_action', $basename);
}
}
wap_header();
require_once PrintWAP('upface');
wap_footer();
} else {
$userListHtml = getAllUsersHtml($message);
$smsList = $messageServer->getReplies($userId, $message['mid'], $rid);
}
} elseif ($action == 'post') {
InitGP(array('parentMid', 'atc_content', 'rid'), 'GP');
$_url = "index.php?a=ms_index&action=info&mid={$parentMid}&rid={$rid}&";
if (!$_G['allowmessege']) {
wap_msg('你所在的用户组不能发送消息', $_url);
}
empty($parentMid) && wap_msg('非法操作', $_url);
empty($atc_content) && wap_msg('回复内容不能为空', $_url);
$atc_content = trim(strip_tags($atc_content));
$messageInfo = array('create_uid' => $winduid, 'create_username' => $windid, 'title' => $windid, 'content' => $atc_content);
if (!($message = $messageServer->sendReply($winduid, $rid, $parentMid, $messageInfo))) {
wap_msg('回复失败', $_url);
}
wap_sms_msg('回复成功!');
}
wap_header();
require_once PrintWAP('ms_index');
wap_footer();
function wap_redirect_init($redirect)
{
if ($redirect == 'self') {
$isown = 1;
$_url = "index.php?a=ms_index&action=self";
} else {
$isown = 0;
$_url = "index.php?a=ms_index&action=all";
}
function favShowMsg($s)
{
global $tid;
wap_msg($s, 'index.php?a=read&tid=' . $tid);
}
