📄 post.php
字号:
<?php
/*
[Discuz!] (C)2001-2007 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$RCSfile: post.php,v $
$Revision: 1.58.2.8 $
$Date: 2007/03/21 15:52:05 $
*/
define('CURSCRIPT', 'post');
define('NOROBOT', TRUE);
require_once './include/common.inc.php';
require_once DISCUZ_ROOT.'./include/post.func.php';
if(empty($action)) {
showmessage('undefined_action', NULL, 'HALTED');
} elseif($action == 'smilies' && $smileyinsert) {
$page = max(1, intval($page));
$spp = $smcols * $smrows;
$multipage = multi(count($_DCACHE['smilies_display']), $spp, $page, '###', 0, 4, 1, 'getSmilies');
$_DCACHE['smilies_display'] = arrayslice($_DCACHE['smilies_display'], $spp * ($page - 1), $spp);
include ajaxtemplate('post_smilies');
exit;
} elseif($forum['simple'] || $forum['redirect']) {
showmessage('forum_disablepost');
}
require_once DISCUZ_ROOT.'./include/discuzcode.func.php';
$editorid = 'posteditor';
$editoroptions = str_pad(decbin($editoroptions), 2, 0, STR_PAD_LEFT);
$editormode = $editormode == 2 ? $editoroptions{0} : $editormode;
$allowswitcheditor = $editoroptions{1};
$previewdisplay = !empty($previewpost) ? '' : 'none';
periodscheck('postbanperiods');
$allowpostattach = !empty($forum['allowpostattach']) || (!$forum['postattachperm'] && $allowpostattach) || ($forum['postattachperm'] && forumperm($forum['postattachperm']));
$attachextensions = $forum['attachextensions'] ? $forum['attachextensions'] : $attachextensions;
$allowanonymous = $forum['allowanonymous'] || $allowanonymous ? 1 : 0;
$postcredits = $forum['postcredits'] ? $forum['postcredits'] : $creditspolicy['post'];
$replycredits = $forum['replycredits'] ? $forum['replycredits'] : $creditspolicy['reply'];
$digestcredits = $forum['digestcredits'] ? $forum['digestcredits'] : $creditspolicy['digest'];
$postattachcredits = $forum['postattachcredits'] ? $forum['postattachcredits'] : $creditspolicy['postattach'];
$maxprice = isset($extcredits[$creditstrans]) ? $maxprice : 0;
if(!empty($tid) && !empty($fid)) {
$query = $db->query("SELECT * FROM {$tablepre}threads WHERE tid='$tid'".($auditstatuson ? '' : " AND displayorder>='0'"));
$thread = $db->fetch_array($query);
$fid = $thread['fid'];
$navigation = "» <a href=\"viewthread.php?tid=$tid\">$thread[subject]</a>";
$navtitle = $thread['subject'].' - ';
if($thread['readperm'] && $thread['readperm'] > $readaccess && !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid) {
showmessage('thread_nopermission', NULL, 'NOPERM');
}
}
$navigation = "» <a href=\"forumdisplay.php?fid=$fid".($extra ? '&'.preg_replace("/^(&)*/", '', $extra) : '')."\">$forum[name]</a> $navigation";
$navtitle = $navtitle.strip_tags($forum['name']).' - ';
if($forum['type'] == 'sub') {
$query = $db->query("SELECT name, fid FROM {$tablepre}forums WHERE fid='$forum[fup]'");
$fup = $db->fetch_array($query);
$navigation = "» <a href=\"forumdisplay.php?fid=$fup[fid]\">$fup[name]</a> $navigation";
$navtitle = $navtitle.strip_tags($fup['name']).' - ';
}
if(empty($forum['allowview'])) {
if(!$forum['viewperm'] && !$readaccess) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif($forum['viewperm'] && !forumperm($forum['viewperm'])) {
showmessage('forum_nopermission', NULL, 'NOPERM');
}
}
if(empty($bbcodeoff) && !$allowhidecode && preg_match("/\[hide=?\d*\].+?\[\/hide\]/is", preg_replace("/(\[code\](.+?)\[\/code\])/is", ' ', $message))) {
showmessage('post_hide_nopermission');
}
if(!$adminid && $newbiespan && (!$lastpost || $timestamp - $lastpost < $newbiespan * 3600)) {
$query = $db->query("SELECT regdate FROM {$tablepre}members WHERE uid='$discuz_uid'");
if($timestamp - ($db->result($query, 0)) < $newbiespan * 3600) {
showmessage('post_newbie_span');
}
}
$extra = rawurlencode($extra);
$blogcheck = empty($isblog) && empty($addtoblog) ? '' : 'checked';
$notifycheck = empty($emailnotify) ? '' : 'checked';
$stickcheck = empty($sticktopic) ? '' : 'checked';
$digestcheck = empty($addtodigest) ? '' : 'checked';
$subject = isset($subject) ? dhtmlspecialchars(censor(trim($subject))) : '';
$message = isset($message) ? censor(trim($message)) : '';
$readperm = isset($readperm) ? intval($readperm) : 0;
$price = isset($price) ? intval($price) : 0;
if(periodscheck('postmodperiods', 0)) {
$modnewthreads = $modnewreplies = 1;
} else {
$censormod = censormod($subject."\t".$message);
$modnewthreads = (!$allowdirectpost || $allowdirectpost == 1) && ($forum['modnewposts'] || $censormod) ? 1 : 0;
$modnewreplies = (!$allowdirectpost || $allowdirectpost == 2) && ($forum['modnewposts'] == 2 || $censormod) ? 1 : 0;
}
$urloffcheck = $usesigcheck = $smileyoffcheck = $codeoffcheck = $htmloncheck = $emailcheck = '';
$enctype = $allowpostattach ? 'enctype="multipart/form-data"' : '';
$maxattachsize_kb = $maxattachsize / 1000;
//get secure code checking status (pos. -3)
$seccodecheck = substr(sprintf('%05b', $seccodestatus), -3, 1);
$secqaacheck = $secqaa['status'][2] && (!$secqaa['minposts'] || $posts < $secqaa['minposts']);
$iscircle = $supe['status'] && $supe['circlestatus'] && $forum['status'] == 2;
if($action == 'newthread' && $forum['allowspecialonly'] && !isset($poll) && !isset($trade) && !isset($reward) && !isset($activity)) {
showmessage('post_allowspecialonly');
}
$allowpostpoll = $allowpost && $allowpostpoll && substr(sprintf('%04b', $forum['allowpostspecial']), -1, 1);
$allowposttrade = $allowpost && $allowposttrade && substr(sprintf('%04b', $forum['allowpostspecial']), -2, 1);
$allowpostreward = $allowpost && $allowpostreward && substr(sprintf('%04b', $forum['allowpostspecial']), -3, 1) && isset($extcredits[$creditstrans]);
$allowpostactivity = $allowpost && $allowpostactivity && substr(sprintf('%04b', $forum['allowpostspecial']), -4, 1);
if(!empty($previewpost) || (empty($previewpost) && empty($topicsubmit) && empty($replysubmit) && empty($editsubmit))) {
$typeid = preg_replace("/.*typeid%3D(\d+).*/", "\\1", $extra);
$smileyinsert = $smileyinsert && is_array($_DCACHE['smilies_display']) ? 1 : 0;
$smilies = '';
if($smileyinsert) {
$spp = $smcols * $smrows;
$smpage = max(1, intval($_COOKIE['smpage']));
$smiliesnum = count($_DCACHE['smilies_display']);
$smmultipage = $smiliesnum > $spp ? multi($smiliesnum, $spp, 1, '###', 0, 4, 1, 'getSmilies') : '';
$i = 0;
foreach($_DCACHE['smilies_display'] as $key => $smiley) {
if($i >= $spp) {
break;
}
$smilies .= !($i % $smcols) && $i ? '</tr>' : '';
$smilies .= !($i % $smcols) ? '<tr align="center" height="'.($smthumb + 6).'">' : '';
$smilies .= '<td valign="middle"><img src="'.SMDIR.'/'.$smiley['url'].'" id="smilie_'.$key.'" alt="'.$smiley['code'].'" border="0" onClick="insertSmiley('.$key.')" onMouseover="smileyMenu(this)" width="'.$smiley['w'].'" height="'.$smiley['h'].'" title="'.$smiley['lw'].'" /></td>'."\n";
$i++;
}
$smilies .= '</tr>';
}
if($discuz_uid && $sigstatus && !$usesigcheck) {
$usesigcheck = 'checked';
}
if(!empty($trade)) {
if(isset($seller)) {
$seller = dhtmlspecialchars(stripslashes($seller));
} else {
$query = $db->query("SELECT alipay FROM {$tablepre}memberfields WHERE uid='$discuz_uid'");
$alipay = $db->result($query, 0);
$seller = $alipay ? $alipay : $email;
}
$item_price = isset($item_price) ? (float)$item_price : '';
$item_name = isset($item_name) ? dhtmlspecialchars(stripslashes($item_name)) : '';
$item_quality = isset($item_quality) ? dhtmlspecialchars(stripslashes($item_quality)) : '';
$item_locus = isset($item_locus) ? dhtmlspecialchars(stripslashes($item_locus)) : '';
$postage_mail = isset($postage_mail) ? dhtmlspecialchars(stripslashes($postage_mail)) : '';
$postage_express = isset($postage_express) ? dhtmlspecialchars(stripslashes($postage_express)) : '';
$checktp = array((isset($transport) ? $transport : 'seller') => 'checked');
$postagedisabled = isset($transport) && $transport == 'buyer' ? '' : 'disabled';
}
$currtime = gmdate("$dateformat $timeformat", $timestamp + $timeoffset * 3600);
if(empty($previewpost)) {
$subject = $message = $polloptions = '';
} else {
$subject = stripslashes($subject);
$message = stripslashes($message);
if($editormode == 1 && !(isopera() && isopera() < 9)) {
$message_preview = $message = discuzcode($message, !empty($smileyoff), !empty($bbcodeoff), !empty($htmlon), $forum['allowsmilies'], $forum['allowbbcode'], $forum['allowimgcode'], $forum['allowhtml'], 0, 1);
} else {
$message_preview = discuzcode($message, !empty($smileyoff), !empty($bbcodeoff), !empty($htmlon), $forum['allowsmilies'], $forum['allowbbcode'], $forum['allowimgcode'], $forum['allowhtml'], 0, 1);
$message = dhtmlspecialchars($message);
}
$urloffcheck = !empty($parseurloff) ? 'checked' : '';
$usesigcheck = !empty($usesig) ? 'checked' : '';
$smileyoffcheck = !empty($smileyoff) ? 'checked' : '';
$codeoffcheck = !empty($bbcodeoff) ? 'checked' : '';
$htmloncheck = !empty($htmlon) ? 'checked' : '';
$emailcheck = !empty($emailnotify) ? 'checked' : '';
$topicsubmit = $replysubmit = $editsubmit = '';
}
} else {
if((!empty($topicsubmit) || !empty($replysubmit)) && (($seccodecheck && !isset($seccodeverify)) || ($secqaacheck && !isset($secanswer)))) {
if($seccodecheck) {
$seccode = random(6, 1) + $seccode{0} * 1000000;
}
if($secqaacheck) {
$seccode = random(1, 1) * 1000000 + substr($seccode, -6);
}
$request = array
(
'method' => $_SERVER['REQUEST_METHOD'],
'action' => $PHP_SELF,
'elements' => ''
);
$quesand = '?';
foreach($_GET as $key => $value) {
$request['action'] .= $quesand.rawurlencode($key).'='.rawurlencode($value);
$quesand = '&';
}
foreach($_POST as $key => $value) {
if(is_array($value)) {
foreach($value as $arraykey => $arrayvalue) {
$request['elements'] .= '<input type="hidden" name="'.dhtmlspecialchars($key.'['.$arraykey.']').'" value="'.dhtmlspecialchars(stripslashes($arrayvalue)).'">';
}
} else {
$request['elements'] .= '<input type="hidden" name="'.dhtmlspecialchars($key).'" value="'.dhtmlspecialchars(stripslashes($value)).'">';
}
}
include template('post_seccode');
dexit();
}
}
if($forum['password'] && $forum['password'] != $_DCOOKIE['fidpw'.$fid]) {
dheader("Location: {$boardurl}forumdisplay.php?fid=$fid&sid=$sid");
}
if($action == 'newthread') {
require_once DISCUZ_ROOT.'./include/newthread.inc.php';
} elseif($action == 'reply') {
require_once DISCUZ_ROOT.'./include/newreply.inc.php';
} elseif($action == 'edit') {
require_once DISCUZ_ROOT.'./include/editpost.inc.php';
} elseif($action == 'import') {
require_once DISCUZ_ROOT.'./include/supesite_import.inc.php';
}
?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -