📄 upload.php
字号:
$ua[] = $annex[codedig];
$urllist .= "<li><A href=\\\"javascript:void(0)\\\" onclick=insertText('[ax" . $annex['id'] . "]')>" . htmlspecialchars($annex[title]) . " [ax" . $annex['id'] . "]</A>" . $temp . "\t<input name=delid[] value=" . $annex['id'] . " type=checkbox />" . $_p_upload[3] . "\t".$_p_upload[4].'<input name=downid['.$annex['id'].'] type=text '.$_disabled.' value='.$annex['downnum'].' size=7 maxlength=7 /></li>';
} elseif ($annex["code"] == "file") {
$tks = explode('|', $annex['type']);
if ($tks[0] == "a") {
$temp .= $abc[0] . ':' . $tks[1];
} else if ($tks[0] == 'b') {
$temp .= $abc[1] . ':' . $tks[1];
} else if ($tks[0] == 'c') {
$temp .= $abc[2] . ':' . $tks[1];
} else {
$temp .= $_p_upload[2];
}
$fa[] = $annex[codedig];
$filelist .= "<li><A href=\\\"javascript:void(0)\\\" onclick=insertText('[ax"
. $annex['id'] . "]')>" . htmlspecialchars($annex[title]) . " [ax" . $annex['id'] . "]</A>" . $temp . "\t<input name=delid[] value=" . $annex['id'] . " type=checkbox />" . $_p_upload[3] . "\t".$_p_upload[4].'<input name=downid['.$annex['id'].'] type=text '.$_disabled.' value='.$annex['downnum'].' size=7 maxlength=7 /></li>';
} elseif ($annex['code'] == 'poll') {
$temp .= $annex['type']?$_p_upload[1]: $_p_upload[0];
$pa[] = $annex['codedig'];
$polllist .= "<li><A href=\\\"javascript:void(0)\\\" onclick=insertText('[ax" . $annex['id'] . "]')>" . htmlspecialchars($annex[title]) . " [ax" . $annex['id'] . "]</A>" . $temp . "\t<input name=delid[] value=" . $annex['id'] . " type=checkbox />" . $_p_upload[3] . "</li>";
}
}
if ($uptype) {
$userrank = rank($user['postnum'], $user['a'], $user['b'], $user['c']);
if (!$userp1[1]) {
jsechoerror(101);
}
if ($userp1[1] <= $user['up_today']) {
jsechoerror(102);
}
$gg = (is_numeric($_POST['gg']) && (($_POST['gg'] <= $userrank) || $userp1[5]))?$_POST['gg']: 0;
$twt = ($_POST['twt'] == 'a' && $userp1[10]) || ($_POST['twt'] == "b" && $userp1[11]) || ($_POST['twt'] == 'c' && $userp1[12])?$_POST['twt']: 0;
if ($_POST['twt'] == 'a') {
$annexfuj = " " . $abc[0] . ':' . $gg;
} else if ($_POST['twt'] == 'b') {
$annexfuj = ' '. $abc[1] . ':' . $gg;
} else if ($_POST['twt'] == 'c') {
$annexfuj = ' ' . $abc[2] . ':' . $gg;
} else {
$annexfuj = ' ' . $_p_upload[2];
}
$twt = $twt . '|' . $gg;
$title = trim($_POST['uptitle']);
$content = trim($_POST['upcontent']);
if ($uptype == 'txt') {
bstrlen($title) > 100?jsechoerror(86): null;
$content_strlen = bstrlen($content);
$content_strlen < $pols_min?jsechoerror(87): null;
$content_strlen > $pols_max?jsechoerror(88): null;
mysql_query("insert into {$db_prefix}annex (sign,type, uptime,code,content,title,filetype,downuser) values('$sign','$twt','$time','$uptype','$content','$title','txt','')" , $myconn);
$insert_id = mysql_insert_id();
mysql_query("update {$db_prefix}members set up_num=up_num+1,up_today=up_today+1 where username='$username'" , $myconn);
$txtlist .= "<li><a href=\\\"javascript:void(0)\\\" onclick=insertText('[ax" . $insert_id . "]')>" . htmlspecialchars($title) . " [ax" . $insert_id . "]</a>" . $annexfuj . "\t<input name=delid[] value=" . $insert_id . " type=checkbox />" . $_p_upload[3] . "\t".$_p_upload[4].'<input name=downid['.$insert_id.'] type=text '.$_disabled.' value=0 size=7 maxlength=7 /></li>';
} else if ($uptype == "url") {
bstrlen($title) > 100?jsechoerror(86): null;
bstrlen($content) > 100?jsechoerror(92): null;
!eregi("^((http|ftp|telnet|mms|rtsp|gopher|news):\/\/)", $content)?jsechoerror(8): null;
eregi("annex\.php", $content)?jsechoerror(85): null;
$upsize?$upsize .= $sizet: $upsize = "";
mysql_query("insert into {$db_prefix}annex (sign,type, uptime,code,content,title,filetype,size,downuser) values('$sign','$twt','$time','$uptype','$content','$title','url','$upsize','')" , $myconn);
$insert_id = mysql_insert_id();
mysql_query("update {$db_prefix}members set up_num=up_num+1,up_today=up_today+1 where username='$username'" , $myconn);
$urllist .= "<li><a href=\\\"javascript:void(0)\\\" onclick=insertText('[ax" . $insert_id . "]')>" . htmlspecialchars($title) . " [ax" . $insert_id . "]</a>" . $annexfuj . "\t<input name=delid[] value=" . $insert_id . " type=checkbox />" . $_p_upload[3] . "\t".$_p_upload[4].'<input name=downid['.$insert_id.'] type=text '.$_disabled.' value=0 size=7 maxlength=7 /></li>';
} else if ($uptype == "file") {
bstrlen($title) > 100?jsechoerror(86): null;
$upcd = date('y', $time) . number_format(date('z', $time) / $updirdate);
$updir = $softdir . '/uploads/' . $upcd;
if (!is_dir($updir)) {
if (@mkdir($updir, 0777) == false) {
jsechoerror(9);
}
}
$filetype = strtolower(str_replace(".", "", strrchr($_FILES['upcontent']['name'], ".")));
if (!@in_array($filetype, $upfiletype)) {
jsechoerror(5);
}
if ($_FILES['upcontent']['size'] > $userp1[20] * 1024) {
jsechoerror(16);
}
$filename = date('ymdHis', $time).rand(0,99);
$k = 1;
while (file_exists($updir . '/' . $filename . '.' . $filetype)) {
$filename++;
};
if (@move_uploaded_file(StripSlashes($_FILES['upcontent']['tmp_name']), $updir . "/" . $filename . "." . $filetype)) {
$uploadioy = 1;
} else {
$uploadioy = null;
}
if ($uploadioy) {
$content = $upcd . '/' . $filename . '.' . $filetype;
if ($_FILES['upcontent']['size'] < 1024) {
$upsize = $_FILES['upcontent']['size'] . 'B';
} else if ($_FILES['upcontent']['size'] < 1048576) {
$upsize = number_format($_FILES['upcontent'
]['size'] / 1024, 2) . "K";
} else if ($_FILES['upcontent']['size'] < 1073741824) {
$upsize = number_format($_FILES['upcontent']['size'] / 1048576, 2) . 'M';
} else {
$upsize = number_format($_FILES['upcontent']['size'] / 1073741824, 2) . 'G';
}
mysql_query("insert into {$db_prefix}annex (sign,type, uptime,code,content,title,filetype,size,downuser) values('$sign','$twt','$time','$uptype','$content','$title','$filetype','$upsize','')" , $myconn);
$insert_id = mysql_insert_id();
mysql_query("update {$db_prefix}members set up_num=up_num+1,up_today=up_today+1 where username='$username'" , $myconn);
$filelist .= "<li><a href=\\\"javascript:void(0)\\\" onclick=insertText('[ax" . $insert_id . "]')>" . htmlspecialchars($title) . " [ax" . $insert_id . "]</a>" . $annexfuj . "\t<input name=delid[] value=" . $insert_id . " type=checkbox />" . $_p_upload[3] . "\t".$_p_upload[4].'<input name=downid['.$insert_id.'] type=text '.$_disabled.' value=0 size=7 maxlength=7 /></li>';
} else {
jsechoerror(17);
}
} else if ($uptype == 'poll') {
bstrlen($title) > 100?jsechoerror(86): null;
$cbstrlen = bstrlen($content);
$cbstrlen < $pols_min?jsechoerror(95): null;
$cbstrlen > $pols_max?jsechoerror(96): null;
$content = str_replace('|', '', $content);
$content = str_replace("\t", '', $content);
$content = explode("\r\n", $content);
while (list($key, $val) = each($content)) {
if (trim($val) == '') {
unset($content[$key]);
} else {
}
}
if (count($content) == 1) {
jsechoerror(20);
}
$content = implode("\t0|", $content);
$content .= "\t0";
$sun = $sun . "|" . $mars;
mysql_query("insert into {$db_prefix}annex (sign,type, uptime,code,content,title,filetype,downuser) values('$sign','$sun','$time','$uptype','$content','$title','poll','')" , $myconn);
$insert_id = mysql_insert_id();
mysql_query("update {$db_prefix}members set up_num=up_num+1,up_today=up_today+1 where username='$username'" , $myconn);
$annexfuj = " ";
$annexfuj .= $sun?$_p_upload[1]: $_p_upload[0];
$polllist .= "<li><a href=\\\"javascript:void(0)\\\" onclick=insertText('[ax" . $insert_id . "]')>" . htmlspecialchars($title) . " [ax" . $insert_id . "]</a>" . $annexfuj . "\t<input name=delid[] value=" . $insert_id . " type=checkbox />" . $_p_upload[3] . "</li>";
}
}
print "<script type=\"text/javascript\">var attachlist = window.parent.document.getElementById('attachlist');attachlist.innerHTML = \"$txtlist$urllist$filelist$polllist\";</script>";
jsechoioy(31, $uptype);
exit;
function jsechoerror($number)
{
global $templatedir;
include file_exists('./' . $templatedir . '/message.php')?'./' . $templatedir . '/message.php' : './template/default/message.php';
echo"<script language=\"javascript\">\n";
echo"var emessage = window.parent.document.getElementById('annexmessage');";
echo"emessage.innerHTML =\"$errormessage[$number]\";";
echo "var target0 =window.parent.document.getElementById(\"t0\");";
echo "var target1 =window.parent.document.getElementById(\"t1\");";
echo "var target2 =window.parent.document.getElementById(\"t2\");";
echo "var target3 =window.parent.document.getElementById(\"t3\");";
echo "target0.style.display=\"block\";";
echo"target1.style.display=\"block\";";
echo "target2.style.display=\"block\";";
echo"target3.style.display=\"block\";";
echo "</script>";
exit;
}
function jsechoioy($number, $type)
{
global $templatedir;
//include "./$templatedir/message.php";
include file_exists('./' . $templatedir . '/message.php')?'./' . $templatedir . '/message.php' : './template/default/message.php';
echo"<script language=\"javascript\">\n";
echo "var emessage = window.parent.document.getElementById('annexmessage');";
echo "emessage.innerHTML =\"$ioymessage[$number]\";";
if ($type == "txt") {
echo "var emessage = window.parent.document.getElementById('upcontentid-t0');";
echo "emessage.innerHTML =\"<textarea name='upcontent' rows=5 style='width: 98%;'></textarea>\";" ;
echo"var emessage = window.parent.document.getElementById('uptitleid-t0');";
echo "emessage.innerHTML =\"<input name='uptitle' value='' style='width: 98%;'>\";";
echo"var target3 =window.parent.document.getElementById(\"t0\");";
} else if ($type == "url") {
echo "var emessage = window.parent.document.getElementById('upcontentid-t1');";
echo "emessage.innerHTML =\"<input maxLength=100 name='upcontent' style='width: 98%;' value=''>\";" ;
echo"var emessage = window.parent.document.getElementById('uptitleid-t1');";
echo "emessage.innerHTML =\"<input name='uptitle' value='' style='width: 98%;'>\";";
echo"var target3 =window.parent.document.getElementById(\"t1\");";
} else if ($type == "file") {
echo "var emessage = window.parent.document.getElementById('upcontentid-t2');";
echo "emessage.innerHTML =\"<input name='upcontent' type='file'>\";";
echo "var emessage = window.parent.document.getElementById('uptitleid-t2');";
echo "emessage.innerHTML =\"<input name='uptitle' value='' style='width: 98%;'>\";";
echo"var target3 =window.parent.document.getElementById(\"t2\");";
} else if ($type == "poll") {
echo "var emessage = window.parent.document.getElementById('upcontentid-t3');";
echo "emessage.innerHTML =\"<textarea name='upcontent' rows=5 style='width: 98%;'></textarea>\";" ;
echo"var emessage = window.parent.document.getElementById('uptitleid-t3');";
echo "emessage.innerHTML =\"<input name='uptitle' value='' style='width: 98%;'>\";";
echo"var target3 =window.parent.document.getElementById(\"t3\");";
}
echo "target3.style.display='block';";
echo"</script>";
}
?>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -