include ROOT . '/common.php'; if (!$cur_user || $cur_user['flag'] < 99) { exit('error: 403 Access Denied'); } $rid = intval($_GET['rid']); $query = "SELECT `id`,`articleid`,`content` FROM `yunbbs_comments` WHERE id='{$rid}'"; $r_obj = $DBS->fetch_one_array($query); if (!$r_obj) { exit('404'); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $r_content = addslashes(trim($_POST['content'])); if ($r_content) { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); $r_content = htmlspecialchars($r_content); $DBM->unbuffered_query("UPDATE `yunbbs_comments` SET `content`='{$r_content}' WHERE `id`='{$rid}'"); $tip = '评论已成功修改'; } else { $tip = '内容 不能留空'; } } else { $r_content = $r_obj['content']; $tip = ''; } // 页面变量 $title = '修改评论'; // 设置回复图片最大宽度 $img_max_w = 590; $pagefile = ROOT . '/templates/default/' . $tpl . 'admin-edit-comment.php'; include ROOT . '/templates/default/' . $tpl . 'layout.php';
$errors[] = '用户名、密码、重复密码、验证码 必填'; } //// if (!$errors) { $pwmd5 = md5($pw); $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); if ($options['register_review']) { $flag = 1; } else { $flag = 5; } $DBM->query("INSERT INTO `yunbbs_users` (`id`,`name`,`flag`,`password`,`regtime`) VALUES (null,'{$name}', {$flag}, '{$pwmd5}', {$timestamp})"); $new_uid = $DBM->insert_id(); if ($new_uid == 1) { $DBM->unbuffered_query("UPDATE `yunbbs_users` SET `flag` = '99' WHERE `id`='1'"); } $MMC->delete('site_infos'); // 记录已注册ip $MMC->set('regip_' . $onlineip, '1', 0, intval($options['reg_ip_space'])); //设置cookie $db_ucode = md5($new_uid . $pwmd5 . $timestamp . '00'); $cur_uid = $new_uid; setcookie("cur_uid", $cur_uid, $timestamp + 86400 * 365, '/'); setcookie("cur_uname", $name, $timestamp + 86400 * 365, '/'); setcookie("cur_ucode", $db_ucode, $timestamp + 86400 * 365, '/'); header('location: /'); exit; } } // 页面变量
if (in_array($tid, $ids_arr)) { foreach ($ids_arr as $k => $v) { if ($v == $tid) { unset($ids_arr[$k]); break; } } $articles = count($ids_arr); $content = implode(',', $ids_arr); $user_fav['content'] = $content; $user_fav['articles'] = $articles; if (!isset($DBM)) { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); } $DBM->unbuffered_query("UPDATE `yunbbs_favorites` SET `articles`='{$articles}',`content`='{$content}' WHERE `uid`='{$cur_uid}'"); $DBM->unbuffered_query("UPDATE `yunbbs_articles` SET `favorites`=`favorites`-1 WHERE `id`='{$tid}'"); $MMC->delete('favorites_' . $cur_uid); $MMC->delete('t-' . $tid); $MMC->delete('t-' . $tid . '_ios'); } unset($ids_arr); } } } } } // 处理正确的页数 // 第一页是1 if ($user_fav && $user_fav['articles']) { $taltol_page = ceil($user_fav['articles'] / $options['list_shownum']);
<?php define('IN_SAESPOT', 1); define('ROOT', pathinfo(__FILE__, PATHINFO_DIRNAME)); include ROOT . '/config.php'; include ROOT . '/common.php'; $tid = $_GET['tid']; $db_user = $DBS->fetch_one_array("SELECT * FROM `yunbbs_users` WHERE `id`='" . $cur_uid . "' LIMIT 1"); if ($db_user['notic']) { $n_arr = explode(',', $db_user['notic']); foreach ($n_arr as $k => $v) { if ($v == $tid) { unset($n_arr[$k]); // 不用break 因为notice 里可能有重复id } } $new_notic = implode(',', $n_arr); $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); $DBM->unbuffered_query("UPDATE `yunbbs_users` SET `notic` = '{$new_notic}' WHERE `id`='{$cur_uid}'"); $MMC->delete('u_' . $cur_uid); unset($n_arr); unset($new_notic); } header('location: /t/' . $tid); exit;
} if ($DBS->geterrdesc()) { exit('指定的数据库不存在, 系统也无法自动建立, 无法安装.<br />'); } else { $DBS->select_db($dbname); //成功建立指定数据库 } } $query - $DBS->query("SELECT COUNT(*) FROM yunbbs_settings", 'SILENT'); if (!$DBS->geterrdesc()) { header('location: /'); exit('数据已经装好了, 不能重复安装, 若要重装,先删除mysql 里全部数据。 <a href="/">现在直接进入首页</a><br />'); } runquery($sql); $timestamp = time(); $DBS->unbuffered_query("UPDATE yunbbs_settings SET value='{$timestamp}' WHERE title='site_create'"); $DBS->close(); // '<br /> 顺利安装完成!<br /><a href="/">点击进入首页</a>'; function runquery($sql) { global $dbcharset, $DBS; $sql = str_replace("\r", "\n", $sql); $ret = array(); $num = 0; foreach (explode(";\n", trim($sql)) as $query) { $queries = explode("\n", trim($query)); foreach ($queries as $query) { $ret[$num] .= $query[0] == '#' ? '' : $query; } $num++; }
} } if ($timestamp - $cur_user['lastposttime'] > $options['article_post_space']) { if ($p_title) { if (mb_strlen($p_title, 'utf-8') <= $options['article_title_max_len'] && mb_strlen($p_content, 'utf-8') <= $options['article_content_max_len']) { $conmd5 = md5($p_title . $p_content); if ($MMC->get('cm_' . $conmd5)) { $tip = '请勿发布相同的内容 或 灌水'; } else { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); $p_title = htmlspecialchars($p_title); $p_content = htmlspecialchars($p_content); $DBM->query("INSERT INTO `yunbbs_articles` (`id`,`cid`,`uid`,`title`,`content`,`addtime`,`edittime`) VALUES (null,{$cid},{$cur_uid}, '{$p_title}', '{$p_content}', {$timestamp}, {$timestamp})"); $new_aid = $DBM->insert_id(); $DBM->unbuffered_query("UPDATE `yunbbs_categories` SET `articles`=`articles`+1 WHERE `id`='{$cid}'"); $DBM->unbuffered_query("UPDATE `yunbbs_users` SET `articles`=`articles`+1, `lastposttime`={$timestamp} WHERE `id`='{$cur_uid}'"); // 更新u_code $cur_user['lastposttime'] = $timestamp; // $MMC->delete('u_' . $cur_uid); $new_ucode = md5($cur_uid . $cur_user['password'] . $cur_user['regtime'] . $cur_user['lastposttime'] . $cur_user['lastreplytime']); if ($cur_user['expires']) { $cookie_ex = $cur_user['expires']; } else { $cookie_ex = $timestamp + 86400 * 365; } setcookie("cur_uid", $cur_uid, $cookie_ex, '/'); setcookie("cur_uname", $cur_uname, $cookie_ex, '/'); setcookie("cur_ucode", $new_ucode, $cookie_ex, '/'); // del cache
} else { $tip3 = '新密码、重复新密码不一致'; } } else { $tip3 = '请填写完整,当前密码、新密码、重复新密码'; } } else { if ($action == 'setpw') { $password_new = addslashes(trim($_POST['password_new'])); $password_again = addslashes(trim($_POST['password_again'])); if ($password_new && $password_again) { if ($password_new == $password_again) { $new_md5pw = md5($password_new); $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); if ($DBM->unbuffered_query("UPDATE `yunbbs_users` SET `password`='{$new_md5pw}' WHERE `id`='{$cur_uid}'")) { //更新缓存和cookie $cur_user['password'] = $new_md5pw; $MMC->set('u_' . $cur_uid, $cur_user, 0, 600); $new_ucode = md5($cur_uid . $new_md5pw . $cur_user['regtime'] . $cur_user['lastposttime'] . $cur_user['lastreplytime']); if ($cur_user['expires']) { $cookie_ex = $cur_user['expires']; } else { $cookie_ex = $timestamp + 86400 * 365; } setcookie("cur_uid", $cur_uid, $cookie_ex, '/'); setcookie("cur_uname", $cur_uname, $cookie_ex, '/'); setcookie("cur_ucode", $new_ucode, $cookie_ex, '/'); $tip3 = '登录密码已成功设置,请记住登录密码'; } else { $tip3 = '数据保存失败,请稍后再试';
ob_start(); imagejpeg($new_image, NULL, 95); $out_img = ob_get_contents(); ob_end_clean(); //header("Content-type:image/jpeg"); //echo $out_img; // 上传到又拍云 include ROOT . '/upyun.class.php'; $upyun = new UpYun($options['upyun_avatar_domain'], $options['upyun_user'], $options['upyun_pw']); // 本地调试失败 if ($upyun->writeFile('/' . $cur_uid . '.jpg', $out_img)) { if (!isset($DBM)) { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); } if ($DBM->unbuffered_query("UPDATE `yunbbs_users` SET `avatar`='{$cur_uid}' WHERE `id`='{$cur_uid}'")) { $MMC->delete('u_' . $cur_uid); } } unset($out_img); } } header('location: /'); exit; } ///// // 页面变量 $title = '设置名字'; $logintype = "微博"; $pagefile = ROOT . '/templates/default/' . $tpl . 'qqsetname.php'; include ROOT . '/templates/default/' . $tpl . 'layout.php';
$ext_list = str_replace("、", ",", $ext_list); $ext_list_arr = explode(",", $ext_list); $ext_list_arr = array_filter(array_unique($ext_list_arr)); if ($ext_list_arr) { $_POST['ext_list'] = implode(",", $ext_list_arr); } else { $_POST['ext_list'] = ''; } } $changed = 0; foreach ($options as $k => $v) { if ($k != 'site_create') { // 使用反斜线引用字符串 $newv = addslashes(trim($_POST[$k])); if (str_replace('\\', '', $newv) != $v) { $DBM->unbuffered_query("UPDATE `yunbbs_settings` SET `value`='{$newv}' WHERE `title`='{$k}'"); $changed += 1; // 更新原数据 去掉反斜线 $options[$k] = str_replace('\\', '', $newv); } } } if ($changed) { $MMC->delete('options'); $MMC->delete('regip_' . $onlineip); $tip1 = '已成功更改了 ' . $changed . ' 个设置'; } } else { if ($action == 'flushmc') { $MMC->flush(); $tip2 = '缓存已清空';
if (!$db_openid['name'] && strpos(' ' . $_SESSION["scope"], 'get_info')) { $user_info = get_info(); if ($user_info['data']['name']) { $oid = $db_openid['id']; $name = $user_info['data']['name']; $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); $DBM->unbuffered_query("UPDATE `yunbbs_qqweibo` SET `name` = '{$name}' WHERE `id`='{$oid}'"); } } // 更新token 和 expires if (!isset($DBM)) { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); } $DBM->unbuffered_query("UPDATE `yunbbs_qqweibo` SET `token` = '" . $cb["access_token"] . "',`expires` = '{$expires}' WHERE `id`='" . $db_openid['id'] . "'"); // 直接登录 $cur_uid = $db_openid['uid']; $db_user = $DBS->fetch_one_array("SELECT * FROM `yunbbs_users` WHERE `id`='" . $cur_uid . "' LIMIT 1"); if ($db_user) { $db_ucode = md5($db_user['id'] . $db_user['password'] . $db_user['regtime'] . $db_user['lastposttime'] . $db_user['lastreplytime']); //设置缓存和cookie $u_key = 'u_' . $cur_uid; $MMC->set($u_key, $db_user, 0, 600); setcookie('cur_uid', $cur_uid, $expires, '/'); setcookie('cur_uname', $db_user['name'], $expires, '/'); setcookie('cur_ucode', $db_ucode, $expires, '/'); //$cur_user = $db_user; if ($expires > $db_user["expires"]) { $DBM->unbuffered_query("UPDATE `yunbbs_users` SET `expires` = '{$expires}' WHERE `id`='" . $cur_uid . "'"); }
$MMC->delete('site_links'); $l_obj['name'] = $n_name; $l_obj['url'] = $n_url; $tip2 = '已成功保存'; } else { $tip2 = '数据库更新失败,修改尚未保存,请稍后再试'; } } else { $tip2 = '链接名 和 网址 不能留空'; } } } } else { if ($act == 'del') { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); $DBM->unbuffered_query("DELETE FROM `yunbbs_links` WHERE `id`='{$lid}'"); $MMC->delete('site_links'); } } // 获取链接列表 $query_sql = "SELECT * FROM `yunbbs_links`"; $query = $DBS->query($query_sql); $linkdb = array(); while ($link = $DBS->fetch_array($query)) { $linkdb[] = $link; } // 页面变量 $title = '链接管理'; $pagefile = ROOT . '/templates/default/' . $tpl . 'admin-link.php'; include ROOT . '/templates/default/' . $tpl . 'layout.php';
unset($node); $DBS->free_result($query); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $old_cid = $t_obj['cid']; $p_cid = $_POST['select_cid']; $p_title = addslashes(trim($_POST['title'])); $p_content = addslashes(trim($_POST['content'])); $p_closecomment = intval($_POST['closecomment']); $p_visible = intval($_POST['visible']); if ($p_title) { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); $p_title = htmlspecialchars($p_title); $p_content = htmlspecialchars($p_content); $DBM->unbuffered_query("UPDATE `yunbbs_articles` SET `cid`='{$p_cid}',`title`='{$p_title}',`content`='{$p_content}',`closecomment`='{$p_closecomment}',`visible`='{$p_visible}' WHERE `id`='{$tid}'"); $MMC->delete('t-' . $tid); $MMC->delete('t-' . $tid . '_ios'); if ($p_cid != $old_cid) { $DBM->unbuffered_query("UPDATE `yunbbs_categories` SET `articles`=`articles`+1 WHERE `id`='{$p_cid}'"); $DBM->unbuffered_query("UPDATE `yunbbs_categories` SET `articles`=`articles`-1 WHERE `id`='{$old_cid}'"); } header('location: /t/' . $tid); exit; } else { $tip = '标题 不能留空'; } } else { $p_title = $t_obj['title']; $p_content = $t_obj['content']; $tip = '';
define('IN_SAESPOT', 1); define('ROOT', pathinfo(__FILE__, PATHINFO_DIRNAME)); include ROOT . '/config.php'; include ROOT . '/common.php'; if (!$cur_user || $cur_user['flag'] < 99) { exit('error: 403 Access Denied'); } $tip1 = ''; $tip2 = ''; $act = trim($_GET['act']); $mid = intval(trim($_GET['mid'])); if ($act == 'pass' || $act == 'active') { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); if ($DBM->unbuffered_query("UPDATE `yunbbs_users` SET `flag`=5 WHERE `id`='{$mid}'")) { //更新缓存 $MMC->delete('u_' . $mid); if ($act == 'pass') { $tip1 = '已成功操作'; $MMC->delete('flag1_users'); } else { $tip2 = '已成功操作'; $MMC->delete('flag0_users'); } } else { if ($act == 'pass') { $tip1 = '数据库更新失败,修改尚未保存,请稍后再试'; } else { $tip2 = '数据库更新失败,修改尚未保存,请稍后再试'; }
} $m_obj['regtime'] = showtime($m_obj['regtime']); $tip1 = ''; $tip2 = ''; $tip3 = ''; $tip4 = ''; $av_time = ''; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $action = $_POST['action']; $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); if ($action == 'info') { $email = addslashes(filter_chr(trim($_POST['email']))); $url = char_cv(filter_chr(trim($_POST['url']))); $about = addslashes(trim($_POST['about'])); if ($DBM->unbuffered_query("UPDATE `yunbbs_users` SET `email`='{$email}', `url`='{$url}', `about`='{$about}' WHERE `id`='{$mid}'")) { //更新缓存 $m_obj['email'] = $email; $m_obj['url'] = $url; $m_obj['about'] = $about; $MMC->delete('u_' . $mid); $tip1 = '已成功保存'; } else { $tip1 = '数据库更新失败,修改尚未保存,请稍后再试'; } } else { if ($action == 'avatar') { if ($_FILES['avatar']['size'] && $_FILES['avatar']['size'] < 301000) { $img_info = getimagesize($_FILES['avatar']['tmp_name']); if ($img_info) { //创建源图片
$query = $DB->query("SELECT cid, name, displayorder FROM {$db_prefix}categories"); while ($cate = $DB->fetch_array($query)) { $DB->query("INSERT INTO {$db_prefix}metas (name, type, displayorder) VALUES ('" . addslashes($cate['name']) . "', 'category', '" . addslashes($cate['displayorder']) . "')"); $mid = $DB->insert_id(); $articles = $DB->query("SELECT articleid, visible FROM {$db_prefix}articles WHERE cid='" . $cate['cid'] . "'"); while ($article = $DB->fetch_array($articles)) { $r = $DB->fetch_one_array("SELECT cid FROM {$db_prefix}relationships WHERE mid='{$mid}' LIMIT 1"); if (!$r) { $DB->query("INSERT INTO {$db_prefix}relationships (cid,mid) VALUES ('" . $article['articleid'] . "', '{$mid}')"); } else { if ($article['articleid'] != $r['cid']) { $DB->query("INSERT INTO {$db_prefix}relationships (cid,mid) VALUES ('" . $article['articleid'] . "', '{$mid}')"); } } if ($article['visible']) { $DB->unbuffered_query("UPDATE {$db_prefix}metas SET count=count+1 WHERE mid='{$mid}' AND type='category'"); } } } echo '<div class="install_main">'; echo '<p class="p2">成功重建所有分类数据</p><p class="p2"><a href="' . $php_self . '?action=second">程序将自动跳转.如果没有自动跳转,请点击这里.</a></p>'; echo '<meta HTTP-EQUIV="REFRESH" content="2;URL=' . $php_self . '?action=second">'; echo '</div></body></html>'; exit; } elseif ($action == 'second') { $query = $DB->query("SELECT articleid, cid, keywords, visible FROM {$db_prefix}articles LIMIT {$start}, {$percount}"); while ($article = $DB->fetch_array($query)) { $goon = 1; //关联标签 if ($article['keywords']) { $tagdb = explode(',', $article['keywords']);
if ($mingci) { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); foreach ($mingci as $tag) { $tag_obj = $DBS->fetch_one_array("SELECT `id`,`articles`,`ids` FROM `yunbbs_tags` WHERE `name`='{$tag}'"); if (empty($tag_obj)) { $DBM->query("INSERT INTO `yunbbs_tags` (`id`,`name`,`articles`,`ids`) VALUES (null,'{$tag}', '1', '{$tid}')"); } else { if ($tag_obj['ids']) { if (!strpos(' ,' . $tag_obj['ids'] . ',', ',' . $tid . ',')) { $ids = $tid . ',' . $tag_obj['ids']; } } else { $ids = $tid; } if (isset($ids)) { $DBM->unbuffered_query("UPDATE `yunbbs_tags` SET `articles`=`articles`+1, `ids`='{$ids}' WHERE `name`='{$tag}'"); } } } // $tags = implode(",", $mingci); $DBM->unbuffered_query("UPDATE `yunbbs_articles` SET `tags`='{$tags}' WHERE `id`='{$tid}'"); } echo 'set tags done: ' . $tid; $MMC->set('last_topicid', $tid + 1, 0, 600); } } else { exit('tags exist.'); } }
$MMC->delete('bot_nodes'); $MMC->delete('site_infos'); $tip1 = '已成功添加'; } else { $tip1 = '数据库更新失败,修改尚未保存,请稍后再试'; } } } else { $tip1 = '分类名不能留空'; } } else { if ($action == 'edit') { $n_name = trim($_POST['name']); $n_about = trim($_POST['about']); if ($n_name) { if ($DBM->unbuffered_query("UPDATE `yunbbs_categories` SET `name`='{$n_name}',`about`='{$n_about}' WHERE `id`='{$nid}'")) { //更新缓存 $MMC->delete('newest_nodes'); $MMC->delete('bot_nodes'); $MMC->delete('n-' . $nid); $c_obj['name'] = $n_name; $c_obj['about'] = $n_about; $tip2 = '已成功保存'; } else { $tip2 = '数据库更新失败,修改尚未保存,请稍后再试'; } } else { $tip2 = '分类名不能留空'; } } }
if ($db_openid["expires"] > $timestamp) { include 'saetv2.ex.class.php'; $c = new SaeTClientV2($options['wb_key'], $options['wb_secret'], $db_openid["token"]); $ret = $c->update($options['name'] . ' - ' . $msg . ' ' . $url); //$retarr = json_decode($ret, true); if (isset($ret['error_code']) && $ret['error_code'] > 0) { //echo "<p>发送失败,错误:{$ret['error_code']}:{$ret['error']}</p>"; if (in_array($ret['error_code'], array(21315, 21319, 21327))) { // 重新走登录流程 if (!isset($DBM)) { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); } $DBM->unbuffered_query("UPDATE `yunbbs_users` SET `expires` = '0' WHERE `id`='" . $uid . "'"); } } else { //echo "<p>发送成功</p>"; } } else { $expnum += 1; } } // if ($expnum == 2) { if (!isset($DBM)) { $DBM = new DB_MySQL(); $DBM->connect($servername_m, $dbport, $dbusername, $dbpassword, $dbname); } $DBM->unbuffered_query("UPDATE `yunbbs_users` SET `expires` = '0' WHERE `id`='" . $uid . "'"); } }