write_ing.php

php写的论坛,代码精简到极点 请相看说明文件。是从英文翻译过来的：）

<?
//////////////////////////////////ready
include"connect.php";
include"lib.php";
$member=member_info($HTTP_COOKIE_VARS[$member_cookie]);

//////////////////////////////////check
if(!$mode){$mode="write";}
chk_bd($bd);
$name=cut2(tag(addslashes(trim($name))),49);
#$title=tag(addslashes(trim($title)));
if(!$name){error($error.'input name');}
if(!$title){error($error.'input subject');}
if(!$memo){error($error.'input content');}

//////////////////////////////////To bring establishment
$set=bd_info($bd);
$security=sec_info();

//////////////////////////////////Competence check
$chk_admin=chk_admin_return($bd);
if(!$chk_admin){
if($mode=="write"){chk_level($set[auth_write],"${error}no competence to write",0);}
if($mode=="reply"){chk_level($set[auth_reply],"${error}no competence to reply",0);}
}

//////////////////////////////////notice competence check
$notice_enable=0;

if($mode=="write" && ($chk_admin || $member[level]==1)){$notice_enable=1;}
if($mode=="reply"){$notice_enable=0;}
if($mode=="edit" && $article[step]==0 && ($chk_admin || $member[level]==1)){$notice_enable=1;}
if($notice && !$notice_enable){error($error.'no notice competence');}

//////////////////////////////////member to $id....
if($HTTP_COOKIE_VARS[$member_cookie]){$id=$HTTP_COOKIE_VARS[$member_cookie];}
else{$id="";}

//////////////////////////////////member
if($id){
$name=$member[name];

if($mode!="edit"){$home=$member[home];$mail=$member[mail];}
else{$home=trim($home);$mail=trim($mail);}
}

//////////////////////////////////non member
else{
$name=addslashes(trim($name));
$home=trim($home);
if($home && $home!="http://"){chk_home($home,"${error}incorrect homepage address");}
$mail=trim($mail);
if($mail){chk_mail($mail,"${error}incorrect email address");}
}

//////////////////////////////////when no category
if(!$cat){
$query_cat="select min(no) from $cat_table$bd";
$min_cat=mysql_fetch_array(mysql_query($query_cat)); 
$cat=$min_cat["min(no)"];
}

//////////////////////////////////default variable setting
$date=time();
$ip=$REMOTE_ADDR;
$name=cut2(tag(addslashes($name)),49);
#$title=tag(addslashes($title));
$memo=addslashes($memo);
if(!$html){
$memo=str_replace("  ","&nbsp;&nbsp;",$memo);
$memo=str_replace("\t","&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;",$memo);
}

//////////////////////////////////no HTML
if(!$html){$memo=tag($memo);}
if(!$br){$html=2;}

//////////////////////////////////if HTML can be used, tag filtering
if($html && $set[use_ban_tag]){
$tmp_memo=strtolower($memo);
$security[ban_tag]=strtolower($security[ban_tag]);
$ban_tag=explode(",",$security[ban_tag]);
$ban_tag_length=sizeof($ban_tag);
for($i=0;$i<$ban_tag_length;$i++){
$ban_tag_start=str_replace(">","",$ban_tag[$i]);
$ban_tag_end=str_replace("<","</",$ban_tag_start);
if(eregi("$ban_tag_start",$tmp_memo) || eregi("$ban_tag_end",$tmp_memo))
{error($error.$ban_tag[$i].'that tag can\\\'t be used');}
}
}

//////////////////////////////////Refusal word filtering
if($set[use_ban_word]){
$tmp_title=strtolower($title);
$tmp_memo=strtolower($memo);
$security[ban_word]=strtolower($security[ban_word]);
$ban_word=explode(",",$security[ban_word]);
$ban_word_length=sizeof($ban_word);
for($i=0;$i<$ban_word_length;$i++){
if(eregi("$ban_word[$i]",$tmp_memo) || eregi("$ban_word[$i]",$tmp_title))
{error($error.$ban_word[$i].'that words can`t be used');}
}
}

//////////////////////////////////link address check
if($link && $link!="http://"){$link=trim($link);chk_home($link,"${error}link(1) wrong address");}
if($link2 && $link2!="http://"){$link2=trim($link2);chk_home($link2,"${error}link(2) wrong address");}

//////////////////////////////////to take out article info
if($mode=="edit" || $mode=="reply"){$article=selects($board_table.$bd,"and no=$no");}

////////////////////////////////When is correction, to ignore appended file that there is no delete check
if(!$attach_del && $mode=="edit" && $article[attach_name]){$attach_name="";}
if(!$attach2_del && $mode=="edit" && $article[attach2_name]){$attach2_name="";}

//////////////////////////////////When there is appended file
if($attach_name){

//////////////////////////////////confirmation that can be attached
$can=explode(",",$set[can_attach]);
$length=sizeof($can);$j=0;
for($i=0;$i<$length;$i++){if(eregi("\.$can[$i]$",$attach_name)){$j++;}}
if(!$j){error($error.'extension that is not admitted');}

//////////////////////////////////confirmation that can't be attached
$cant=explode(",",$set[cant_attach]);
$length=sizeof($cant);$j=0;
for($i=0;$i<$length;$i++){if(eregi("\.$cant[$i]$",$attach_name)){$j++;}}
if($j){error($error.'extension that is not limited');}

//////////////////////////////////Appending work
$attach_dir=time()."a".(double)microtime();
$attach_hit=0;
@mkdir("file/$attach_dir",0777);
if(!$attach_size){error($error."upload failed");}
if(!@move_uploaded_file($attach,"file/$attach_dir/$attach_name")){error($error."upload failed");}
@unlink($attach);
}


//////////////////////////////////When there is appended file 2
if($attach2_name){

//////////////////////////////////confirmation that can be attached
$can=explode(",",$set[can_attach2]);
$length=sizeof($can);$j=0;
for($i=0;$i<$length;$i++){if(eregi("\.$can[$i]$",$attach2_name)){$j++;}}
if(!$j){error($error.'extension that is not admitted');}

//////////////////////////////////confirmation that can't be attached
$cant=explode(",",$set[cant_attach2]);
$length=sizeof($cant);$j=0;
for($i=0;$i<$length;$i++){if(eregi("\.$cant[$i]$",$attach2_name)){$j++;}}
if($j){error($error.'extension that is not limited');}

//////////////////////////////////Appending work
$attach2_dir=time()."b".(double)microtime();
$attach2_hit=0;
@mkdir("file/$attach2_dir",0777);
if(!$attach2_size){error($error."upload failed");}
if(!@move_uploaded_file($attach2,"file/$attach2_dir/$attach2_name")){error($error."upload failed");}
@unlink($attach2);
}


////////////////////////////////////////////////////////////////////when to write, to reply
if($mode=="write" || $mode=="reply"){

////////////////////////////////When is to write, writing number appointment
if($mode=="write"){
$abs=@mysql_fetch_array(@mysql_query("select min(abs) from $board_table$bd where abs>-2147483648",$connect)); 
$abs=$abs["min(abs)"]-1;
//////////////////////////////////Can no longer writing
if($abs==-2147483647){error($error.'No longer can`t write\\n Empty board');}
//////////////////////////////////when notice
if($notice){$abs=-2147483648;}
//////////////////////////////////step and level
$step=0;
$level=0;
}

//////////////////////////////////When is to reply, writing number appointment
if($mode=="reply"){
$abs=$article[abs];
$step=$article[step];
$level=$article[level];
edit("$board_table$bd","step=step+1","abs='$abs' and step > '$step'");
$step++;
$level--;
}

//////////////////////////////////key name to come
$key="
no,id,name,memo,home,mail,title,date,hit,pass,ip,cat,
abs,step,level,secret,html,remail,
attach_name,attach_size,attach_dir,attach_hit,
attach2_name,attach2_size,attach2_dir,attach2_hit,
link,link_hit,link2,link2_hit,image
";

//////////////////////////////////value to come
$value="
'','$id','$name','$memo','$home','$mail','$title','$date','0',password('$pass'),'$ip','$cat',
'$abs','$step','$level','$secret','$html','$remail',
'$attach_name','$attach_size','$attach_dir','$attach_hit',
'$attach2_name','$attach2_size','$attach2_dir','$attach2_hit',
'$link','$link_hit','$link2','$link2_hit','$image'
";
//////////////////////////////////input
input("$board_table$bd","$key","$value");

//////////////////////////////////feed cookie -0-/
cookie("$name_cookie","$name",$cookie_time);
cookie("$mail_cookie","$mail",$cookie_time);
cookie("$home_cookie","$home",$cookie_time);
}
///////////////////////////////////////////////////////When is to write, to reply, end


////////////////////////////////////////////////////////////////////when modify
if($mode=="edit"){

//////////////////////////////////password confirmation - if password being and correct, that's ok
$pass_temp=@mysql_fetch_array(@mysql_query("select password('$pass')",$connect));$pass_temp=$pass_temp[0];
if($pass_temp && $article[pass] && $pass_temp==$article[pass]){$ok=1;}

///////////////////////////////writer confirmation - if member and same to writer, that's ok
if($id && $article[id] && $id==$article[id]){$ok=1;}

//////////////////////////////////administrator confirmation
$query="select * from $config_table where no=1";
$data=@mysql_fetch_array(@mysql_query($query,$connect));
$auth=explode(",",trim($data[auth]));
$length=sizeof($auth);$j=0;
for($i=0;$i<$length;$i++){if($auth[$i]=="$HTTP_COOKIE_VARS[$member_cookie]" && $auth[$i]){$j++;}}
if($j){$ok=1;}

//////////////////////////////////root confirmation
if($member[level]==1){$ok=1;}

//////////////////////////////////Competence check result
if(!$ok){error($error.'Can`t be modified.\\n\\nPassword is inexact or it is no competence');}

//////////////////////////////////Writing number temporary appointment
$abs_ready=@mysql_fetch_array(@mysql_query("select min(abs) from $board_table$bd where abs>-2147483648",$connect)); 
$abs_ready=$abs_ready["min(abs)"]-1;

//////////////////////////////////when notice
if($notice){$abs=-2147483648;}
if(!$notice && $article[abs]==-2147483648){$abs=$abs_ready;}
if(!$notice && $article[abs]!=-2147483648){$abs=$article[abs];}

//////////////////////////////////When erase appended file (1)
if($attach_del){
@unlink("file/$article[attach_dir]/$article[attach_name]");
@rmdir("file/$article[attach_dir]");
$attach_hit=0;
}

//////////////////////////////////non erase appended file (1)
if(!$attach_name && !$attach_del){
$attach_name=$article[attach_name];
$attach_size=$article[attach_size];
$attach_dir=$article[attach_dir];
$attach_hit=$article[attach_hit];
}

//////////////////////////////////When erase appended file (2)
if($attach2_del){
@unlink("file/$article[attach2_dir]/$article[attach2_name]");
@rmdir("file/$article[attach2_dir]");
$attach2_hit=0;
}

//////////////////////////////////non erase appended file (2)
if(!$attach2_name && !$attach2_del){
$attach2_name=$article[attach2_name];
$attach2_size=$article[attach2_size];
$attach2_dir=$article[attach2_dir];
$attach2_hit=$article[attach2_hit];
}

//////////////////////////////////value to input
if($pass){$pass_value="pass=password('$pass'),";}

$value="
$pass_value
memo='$memo',
home='$home',
mail='$mail',
title='$title',
ip='$ip',
cat='$cat',
abs='$abs',
secret='$secret',
html='$html',
remail='$remail',
attach_name='$attach_name',
attach_size='$attach_size',
attach_dir='$attach_dir',
attach_hit='$article[attach_hit]',
attach2_name='$attach2_name',
attach2_size='$attach2_size',
attach2_dir='$attach2_dir',
attach2_hit='$article[attach2_hit]',
link='$link',
link_hit='$article[link_hit]',
link2='$link2',
link2_hit='$article[link2_hit]',
image='$image'
";
//////////////////////////////////input
edit("$board_table$bd","$value","no=$no");
}
////////////////////////////////////////////////////////////////////when writing modify, the end

//////////////////////////////////when reply, send to reply mail
if($mode=="reply" && $article[remail]){
$header = "Return-Path: $mail\n";
$header .= "From: $name <$mail>\n";
$header .= "Reply-to: $mail\n";
if($html){$header .= "Content-Type: text/html;";}
else{$header .= "Content-Type: text/plain;";}
$header .= "charset=euc-kr\n";
$title="RE : ".$title;
if($html) $memo=nl2br($memo);
$copyright="\n\nn@board v3.0.3 丒2001 navyism";
@mail($article[mail],$title,$memo.$copyright,$header);
}

//////////////////////////////////To increase point
if($mode=="write"){edit("$member_table","article=article+1","id='$HTTP_COOKIE_VARS[$member_cookie]'");}
if($mode=="reply"){edit("$member_table","reply=reply+1","id='$HTTP_COOKIE_VARS[$member_cookie]'");}

//////////////////////////////////move
mysql_close($connect);
if($mode!="edit"){go("naboard.php?bd=$bd&pagenum=$pagenum");}
else{go("memo.php?bd=$bd&no=$no&add_hit=no&pagenum=$pagenum");}
?>