post.func.php

来自「速度很快的PHP论坛源程序」· PHP 代码 · 共 282 行

<?php

/*
	[DISCUZ!] include/post.func.php - common functions for post module
	This is NOT a freeware, use is subject to license terms
`
	Version: 4.0.0
	Web: http://www.comsenz.com
	Copyright: 2001-2005 Comsenz Technology Ltd.
	Last Modified: 2004/10/11 10:51
*/

if(!defined('IN_DISCUZ')) {
	exit('Access Denied');
}

function attach_upload() {
	global $db, $tablepre, $extension, $typemaxsize, $allowsetattachperm, $attachperm;
	global $HTTP_POST_FILES, $attachsave, $attachdir, $maxattachsize, $maxsizeperday, $attachextensions;

	$attachments = $attacharray = array();

	if(is_array($HTTP_POST_FILES['attach'])) {
		foreach($HTTP_POST_FILES['attach'] as $key => $var) {
			foreach($var as $id => $val) {
				$attachments[$id][$key] = $val;
			}
		}
	}

	foreach($attachments as $key => $attach) {

		$attach_saved = false;

		if(!disuploadedfile($attach['tmp_name']) || !($attach['tmp_name'] != 'none' && $attach['tmp_name'] && $attach['name'])) {
			continue;
		}

		$attach['name'] = $filename = daddslashes($attach['name']);
		$attach['ext'] = $extension = strtolower(fileext($attach['name']));

		if($attachextensions && !preg_match("/(^|\s|,)".preg_quote($attach['ext'], '/')."($|\s|,)/i", $attachextensions)) {
			showmessage('post_attachment_ext_notallowed');
		}

		if(!$attach['size'] || ($maxattachsize && $attach['size'] > $maxattachsize)) {
			showmessage('post_attachment_toobig');
		}

		$query = $db->query("SELECT maxsize FROM {$tablepre}attachtypes WHERE extension='".addslashes($attach['ext'])."'");
		if($type = $db->fetch_array($query)) {
			if($type['maxsize'] == 0) {
				showmessage('post_attachment_ext_notallowed');
			} elseif($attach_size > $type['maxsize']) {
				$typemaxsize = sizecount($type['maxsize']);
				showmessage('post_attachment_type_toobig');
			}
		}

		if($attach['size'] && $maxsizeperday) {
			if(!isset($todaysize)) {
				$query = $db->query("SELECT SUM(a.filesize) FROM {$tablepre}posts p
					LEFT JOIN {$tablepre}attachments a USING (pid)
					WHERE p.authorid='$GLOBALS[discuz_uid]' AND p.dateline>'$GLOBALS[timestamp]'-86400 AND p.attachment>'0'");
				$todaysize = intval($db->result($query, 0));
			}
			$todaysize += $attach['size'];
			if($todaysize >= $maxsizeperday) {
				showmessage('post_attachment_quota_exceed');
			}
		}

		if($attachsave) {
			switch($attachsave) {
				case 1: $attach_subdir = 'forumid_'.$GLOBALS['fid']; break;
				case 2: $attach_subdir = 'ext_'.$extension; break;
				case 3: $attach_subdir = 'month_'.date('ym'); break;
				case 4: $attach_subdir = 'day_'.date('ymd'); break;
			}
			$attach_dir = $attachdir.'/'.$attach_subdir;
			if(!is_dir($attach_dir)) {
				mkdir($attach_dir, 0777);
				fclose(fopen($attach_dir.'/index.htm', 'w'));
			}
			$attach['attachment'] = $attach_subdir.'/';
		} else {
			$attach['attachment'] = '';
		}

		$filename = substr($filename, 0, strlen($filename) - strlen($extension) - 1);
		if(preg_match("/([\x7f-\xff]|\%)+/s", $filename)) {
			$filename = str_replace('/', '', base64_encode(substr($filename, 0, 20)));
		}

		$attach['attachment'] .= preg_replace("/(\.)(php|phtml|php3|jsp|exe|dll|asp|aspx|cgi|fcgi|pl)(\.|$)/i", "\\1_\\2\\3",
			substr($filename, 0, 64).'_'.random(12).'.'.$extension);

		$target = $attachdir.'/'.stripslashes($attach['attachment']);

		if(@copy($attach['tmp_name'], $target) || (function_exists('move_uploaded_file') && @move_uploaded_file($attach['tmp_name'], $target))) {
			$attach_saved = true;
		}

		if(!$attach_saved && @is_readable($attach['tmp_name'])) {
			@$fp = fopen($attach, 'rb');
			@flock($fp, 2);
			@$attachedfile = fread($fp, $attach['size']);
			@fclose($fp);

			@$fp = fopen($target, 'wb');
			@flock($fp, 2);
			if(@fwrite($fp, $attachedfile)) {
				$attach_saved = true;
			}
			@fclose($fp);
		}

		if($attach_saved) {
			if(in_array($attach['ext'], array('jpg', 'gif', 'png', 'swf', 'bmp')) && function_exists('getimagesize') && !getimagesize($target)) {
				@unlink($target);
				showmessage('post_attachment_ext_notallowed');
			} else {
				$attach['perm'] = $allowsetattachperm ? $attachperm[$key] : 0;
				$attacharray[] = $attach;
			}
		} else {
			showmessage('post_attachment_save_error');
		}
	}

	return !empty($attacharray) ? $attacharray : false;
}

function checkflood() {
	global $disablepostctrl, $floodctrl, $discuz_uid, $timestamp, $lastpost, $forum;
	if(!$disablepostctrl && $floodctrl) {
		if($discuz_uid) {
			if($timestamp - $floodctrl <= $lastpost) {
				return TRUE;
			}
		} else {
			$lastpost = explode("\t", $forum['lastpost']);
			if(($timestamp - $floodctrl) <= $lastpost[1] && $discuz_user == $lastpost[2]) {
				return TRUE;
			}
		}
	}
	return FALSE;
}

function checkpost() {
	global $subject, $message, $disablepostctrl, $minpostsize, $maxpostsize;
	if(strlen($subject) > 80) {
		return 'post_subject_toolang';
	}
	if(!$disablepostctrl) {
		if($maxpostsize && strlen($message) > $maxpostsize) {
			return 'post_message_toolang';
		} elseif($minpostsize && strlen(preg_replace("/\[quote\].+?\[\/quote\]/is", '', $message)) < $minpostsize) {
			return 'post_message_tooshort';
		}
	}
	return FALSE;
}

function checkbbcodes($message, $bbcodeoff) {
	return !$bbcodeoff && !preg_match("/\[.+\].*\[\/.+\]/s", $message) ? -1 : $bbcodeoff;
}

function checksmilies($message, $smileyoff) {
	$smilies = array();
	foreach($GLOBALS['_DCACHE']['smilies'] as $smiley) {
		$smilies[]= preg_quote($smiley['code'], '/');
	}
	return !$smileyoff && !preg_match('/'.implode('|', $smilies).'/', stripslashes($message)) ? -1 : $smileyoff;
}

function updatemember($operator, $uids, $postcredits) {
	global $db, $tablepre, $discuz_uid, $adminid, $groupid, $credits, $timestamp;

	@set_time_limit(1000);
	if($uids) {
		if($uids == $discuz_uid) {
			if($adminid) {
				$groupidadd = '';
			} else {
				eval("\$credits = intval(\$credits$operator($postcredits));");
	
				$query = $db->query("SELECT groupid FROM {$tablepre}usergroups WHERE type='member' AND '$credits'>=creditshigher AND '$credits'<creditslower");
				$groupidadd = ', groupid=\''.$db->result($query, 0).'\'';
			}
			$db->query("UPDATE {$tablepre}members SET posts=posts$operator(1), credits=credits$operator$postcredits, lastpost='$timestamp' $groupidadd WHERE uid='$uids'");
		} else {
			$memberposts = array();
			foreach(explode(',', $uids) as $id) {
				$memberposts[trim($id)]++;
			}

			if($credits) {
				$groups = array();
				$query = $db->query("SELECT groupid, creditslower FROM {$tablepre}usergroups WHERE type='member' ORDER BY creditshigher");
				while($group = $db->fetch_array($query)) {
					$groups[] = $group;
				}

				$query = $db->query("SELECT uid, adminid, posts, credits FROM {$tablepre}members WHERE uid IN ($uids)");
				while($member = $db->fetch_array($query)) {
					$groupidadd = '';
					eval('$member[\'posts\'] = '.$member['posts'].$operator.$memberposts[$member['uid']].';');
					eval('$member[\'credits\'] = '.$member['credits'].$operator.($memberposts[$member['uid']] * $postcredits).';');
					if($member['adminid'] == 0) {
						foreach($groups as $group) {
							if($member['credits'] < $group['creditslower']) {
								$groupidadd = ", groupid='$group[groupid]'";
								break;
							}
						}
					}
					$db->query("UPDATE {$tablepre}members SET posts='$member[posts]', credits='$member[credits]' $groupidadd WHERE uid='$member[uid]'", 'UNBUFFERED');
				}
			} else {
				foreach($memberposts as $uid => $posts) {
					$db->query("UPDATE {$tablepre}members SET posts=posts$operator$posts WHERE uid='$uid'", 'UNBUFFERED');
				}
			}
					
		}
	}
}

function updateforumcount($fid) {
	global $db, $tablepre;

	$query = $db->query("SELECT COUNT(*) AS threadcount, SUM(t.replies)+COUNT(*) AS replycount
		FROM {$tablepre}threads t, {$tablepre}forums f
		WHERE f.fid='$fid' AND t.fid=f.fid AND t.displayorder>='0'");

	extract($db->fetch_array($query));

	$query = $db->query("SELECT tid, subject, lastpost, lastposter FROM {$tablepre}threads
		WHERE fid='$fid' AND displayorder>='0' ORDER BY lastpost DESC LIMIT 1");

	$thread = $db->fetch_array($query);

	$thread['subject'] = addslashes($thread['subject']);
	$thread['lastposter'] = addslashes($thread['lastposter']);

	$db->query("UPDATE {$tablepre}forums SET posts='$replycount', threads='$threadcount', lastpost='$thread[tid]\t$thread[subject]\t$thread[lastpost]\t$thread[lastposter]' WHERE fid='$fid'", 'UNBUFFERED');
}

function updatethreadcount($tid, $updateattach = 0) {
	global $db, $tablepre;

	$query = $db->query("SELECT COUNT(*) FROM {$tablepre}posts WHERE tid='$tid' AND invisible='0'");
	$replycount = $db->result($query, 0) - 1;

	$query = $db->query("SELECT author, dateline FROM {$tablepre}posts WHERE tid='$tid' AND invisible='0' ORDER BY dateline DESC LIMIT 1");
	$lastpost = $db->fetch_array($query);
	$lastpost['author'] = addslashes($lastpost['author']);

	if($updateattach) {
		$query = $db->query("SELECT attachment FROM {$tablepre}posts WHERE tid='$tid' AND invisible='0' AND attachment>0 LIMIT 1");
		$attachadd = ', attachment=\''.($db->num_rows($query)).'\'';
	} else {
		$attachadd = '';
	}

	$db->query("UPDATE {$tablepre}threads SET replies='$replycount', lastposter='$lastpost[author]', lastpost='$lastpost[dateline]' $attachadd WHERE tid='$tid'", 'UNBUFFERED');
}

function updatemodlog($tids, $action) {
	global $db, $tablepre, $timestamp, $discuz_uid, $discuz_user;

	foreach(explode(',', str_replace(array('\'', ' '), array('', ''), $tids)) as $tid) {
		if($tid) {
			$db->query("REPLACE INTO {$tablepre}threadsmod (tid, uid, username, dateline, action)
				VALUES ('$tid', '$discuz_uid', '$discuz_user', '$timestamp', '$action')", 'UNBUFFERED');
		}
	}
}

?>