📄 misc.php
字号:
<?php
/*
[Discuz!] (C)2001-2007 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: misc.php 13442 2008-04-16 02:04:52Z liuqiang $
*/
define('NOROBOT', TRUE);
require_once './include/common.inc.php';
$feed = array();
if($action == 'maxpages') {
$pages = intval($pages);
if(empty($pages)) {
showmessage('undefined_action', NULL, 'HALTED');
} else {
showmessage('max_pages');
}
} elseif($action == 'customtopics') {
if(!submitcheck('keywordsubmit', 1)) {
if($_DCOOKIE['customkw']) {
$customkwlist = array();
foreach(@explode("\t", trim($_DCOOKIE['customkw'])) as $key => $keyword) {
$keyword = dhtmlspecialchars(trim(stripslashes($keyword)));
$customkwlist[$key]['keyword'] = $keyword;
$customkwlist[$key]['url'] = '<a href="topic.php?keyword='.rawurlencode($keyword).'" target="_blank">'.$keyword.'</a> ';
}
}
include template('customtopics');
} else {
if(!empty($delete) && is_array($delete)) {
$keywords = implode("\t", array_diff(explode("\t", $_DCOOKIE['customkw']), $delete));
} else {
$keywords = $_DCOOKIE['customkw'];
}
if($newkeyword = cutstr(dhtmlspecialchars(preg_replace("/[\s\|\t\,\'\<\>]/", '', $newkeyword)), 20)) {
if($_DCOOKIE['customkw']) {
if(!preg_match("/(^|\t)".preg_quote($newkeyword, '/')."($|\t)/i", $keywords)) {
if(count(explode("\t", $keywords)) >= $qihoo['maxtopics']) {
$keywords = substr($keywords, (strpos($keywords, "\t") + 1))."\t".$newkeyword;
} else {
$keywords .= "\t".$newkeyword;
}
}
} else {
$keywords = $newkeyword;
}
}
dsetcookie('customkw', stripslashes($keywords), 315360000);
dheader("Location: {$boardurl}misc.php?action=customtopics");
}
} elseif($action == 'attachpay') {
$aid = intval($aid);
if(!$aid) {
showmessage('undefined_action', NULL, 'HALTED');
} elseif(!isset($extcredits[$creditstrans])) {
showmessage('credits_transaction_disabled');
} elseif(!$discuz_uid) {
showmessage('group_nopermission', NULL, 'NOPERM');
} else {
$attach = $db->fetch_first("SELECT a.tid, a.uid, a.price, a.filename, a.description, m.username AS author FROM {$tablepre}attachments a LEFT JOIN {$tablepre}members m ON a.uid=m.uid WHERE a.aid='$aid'");
if($attach['price'] <= 0) {
showmessage('undefined_action', NULL, 'HALTED');
}
}
if(($balance = ${'extcredits'.$creditstrans} - $attach['price']) < ($minbalance = 0)) {
showmessage('credits_balance_insufficient');
}
if($db->result_first("SELECT COUNT(*) FROM {$tablepre}attachpaymentlog WHERE aid='$aid' AND uid='$discuz_uid'")) {
showmessage('attachment_yetpay', "attachment.php?aid=$aid&k=".md5($aid.md5($authkey).$timestamp)."&t=$timestamp");
}
$discuz_action = 81;
$attach['netprice'] = round($attach['price'] * (1 - $creditstax));
if(!submitcheck('paysubmit')) {
include template('attachpay');
} else {
$updateauthor = 1;
if($maxincperthread > 0) {
if(($db->result_first("SELECT SUM(netamount) FROM {$tablepre}attachpaymentlog WHERE aid='$aid'")) > $maxincperthread) {
$updateauthor = 0;
}
}
if($updateauthor) {
$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans+$attach[netprice] WHERE uid='$attach[uid]'");
}
$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans-$attach[price] WHERE uid='$discuz_uid'");
$db->query("INSERT INTO {$tablepre}attachpaymentlog (uid, aid, authorid, dateline, amount, netamount)
VALUES ('$discuz_uid', '$aid', '$attach[uid]', '$timestamp', '$attach[price]', '$attach[netprice]')");
showmessage('attachment_buy', "attachment.php?aid=$aid&k=".md5($aid.md5($authkey).$timestamp)."&t=$timestamp");
}
} elseif($action == 'viewattachpayments') {
$discuz_action = 82;
$loglist = array();
$query = $db->query("SELECT a.*, m.username FROM {$tablepre}attachpaymentlog a
LEFT JOIN {$tablepre}members m USING (uid)
WHERE aid='$aid' ORDER BY dateline");
while($log = $db->fetch_array($query)) {
$log['dateline'] = gmdate("$dateformat $timeformat", $log['dateline'] + $timeoffset * 3600);
$loglist[] = $log;
}
include template('attachpay_view');
} elseif($action == 'getonlines') {
$num = $db->result_first("SELECT COUNT(*) FROM {$tablepre}sessions", 0);
showmessage($num);
} else {
if(empty($forum['allowview'])) {
if(!$forum['viewperm'] && !$readaccess) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif($forum['viewperm'] && !forumperm($forum['viewperm'])) {
showmessage('forum_nopermission', NULL, 'NOPERM');
}
} elseif($thread['readperm'] && $thread['readperm'] > $readaccess && !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid) {
showmessage('thread_nopermission', NULL, 'NOPERM');
}
$thread = $db->fetch_first("SELECT * FROM {$tablepre}threads WHERE tid='$tid' AND displayorder>='0'");
if(!$thread) {
showmessage('thread_nonexistence');
}
if($forum['type'] == 'forum') {
$navigation = "» <a href=\"forumdisplay.php?fid=$fid\">$forum[name]</a> » <a href=\"viewthread.php?tid=$tid\">$thread[subject]</a> ";
$navtitle = strip_tags($forum['name']).' - '.$thread['subject'];
} elseif($forum['type'] == 'sub') {
$fup = $db->fetch_first("SELECT name, fid FROM {$tablepre}forums WHERE fid='$forum[fup]'");
$navigation = "» <a href=\"forumdisplay.php?fid=$fup[fid]\">$fup[name]</a> » <a href=\"forumdisplay.php?fid=$fid\">$forum[name]</a> » <a href=\"viewthread.php?tid=$tid\">$thread[subject]</a> ";
$navtitle = strip_tags($fup['name']).' - '.strip_tags($forum['name']).' - '.$thread['subject'];
}
}
if($action == 'votepoll' && submitcheck('pollsubmit')) {
if(!$allowvote) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif(!empty($thread['closed'])) {
showmessage('thread_poll_closed');
} elseif(empty($pollanswers)) {
showmessage('thread_poll_invalid');
}
$pollarray = $db->fetch_first("SELECT maxchoices, expiration FROM {$tablepre}polls WHERE tid='$tid'");
if(!$pollarray) {
showmessage('undefined_action', NULL, 'HALTED');
} elseif($pollarray['expiration'] && $pollarray['expiration'] < $timestamp) {
showmessage('poll_overdue');
} elseif($pollarray['maxchoices'] && $pollarray['maxchoices'] < count($pollanswers)) {
showmessage('poll_choose_most');
}
$voterids = $discuz_uid ? $discuz_uid : $onlineip;
$polloptionid = array();
$query = $db->query("SELECT polloptionid, voterids FROM {$tablepre}polloptions WHERE tid='$tid'");
while($pollarray = $db->fetch_array($query)) {
if(strexists("\t".$pollarray['voterids']."\t", "\t".$voterids."\t")) {
showmessage('thread_poll_voted');
}
$polloptionid[] = $pollarray['polloptionid'];
}
$polloptionids = '';
foreach($pollanswers as $key => $id) {
if(!in_array($id, $polloptionid)) {
showmessage('undefined_action', NULL, 'HALTED');
}
unset($polloptionid[$key]);
$polloptionids[] = $id;
}
$pollanswers = implode('\',\'', $polloptionids);
$db->query("UPDATE {$tablepre}polloptions SET votes=votes+1, voterids=CONCAT(voterids,'$voterids\t') WHERE polloptionid IN ('$pollanswers')", 'UNBUFFERED');
$db->query("UPDATE {$tablepre}threads SET lastpost='$timestamp' WHERE tid='$tid'", 'UNBUFFERED');
$db->query("REPLACE INTO {$tablepre}myposts (uid, tid, pid, position, dateline, special) VALUES ('$discuz_uid', '$tid', '', '', '$timestamp', '1')", 'UNBUFFERED');
updatecredits($discuz_uid, $creditspolicy['votepoll']);
if($customaddfeed & 4) {
$feed['icon'] = 'poll';
$feed['title_template'] = 'feed_thread_votepoll_title';
$feed['title_data'] = array(
'subject' => "<a href=\"{$boardurl}viewthread.php?tid=$tid\">$thread[subject]</a>",
'author' => "<a href=\"space.php?uid=$thread[authorid]\">$thread[author]</a>"
);
postfeed($feed);
}
showmessage('thread_poll_succeed', "viewthread.php?tid=$tid");
} elseif($action == 'viewvote') {
if(empty($forum['allowview'])) {
if(!$forum['viewperm'] && !$readaccess) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif($forum['viewperm'] && !forumperm($forum['viewperm'])) {
showmessage('forum_nopermission', NULL, 'NOPERM');
}
}
if($thread['readperm'] && $thread['readperm'] > $readaccess && !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid) {
showmessage('thread_nopermission', NULL, 'NOPERM');
}
if($forum['password'] && $forum['password'] != $_DCOOKIE['fidpw'.$fid]) {
dheader("Location: {$boardurl}forumdisplay.php?fid=$fid&sid=$sid");
}
$voterpp = 180;
$page = $_GET['page'];
if(empty($polloptionid)) {
$voterids = '';
$query = $db->query("SELECT voterids FROM {$tablepre}polloptions WHERE tid='$tid'");
while($polloption = $db->fetch_array($query)) {
$voterids .= ($voterids ? "\t" : '').trim($polloption['voterids']);
}
unset($polloption);
$arrvoterids = explode("\t", trim($voterids));
$num = count($arrvoterids);
$page = max(1, intval($page));
$start_limit = ($page - 1) * $voterpp;
$multipage = multi($num, $voterpp, $page, "misc.php?action=viewvote&tid=$tid");
} elseif($adminid == 1) {
$voterids = '';
$voterids = $db->result_first("SELECT voterids FROM {$tablepre}polloptions WHERE polloptionid='$polloptionid'");
$arrvoterids = explode("\t", trim($voterids));
$num = count($arrvoterids);
$page = max(1, intval($page));
$start_limit = ($page - 1) * $voterpp;
$multipage = multi($num, $voterpp, $page, "misc.php?action=viewvote&tid=$tid&polloptionid=$polloptionid");
}
$arrvoterids = @array_slice($arrvoterids, $start_limit, $voterpp);
$voterids = @implode("','", $arrvoterids);
$voterlist = $voter = array();
$query = $db->query("SELECT uid, username FROM {$tablepre}members WHERE uid IN ('$voterids')");
while($voter = $db->fetch_array($query)) {
$voterlist[] = $voter;
}
include template('viewthread_poll_voters');
} elseif($action == 'emailfriend') {
if(!$discuz_uid) {
showmessage('not_loggedin', NULL, 'NOPERM');
}
$discuz_action = 122;
if(!submitcheck('sendsubmit')) {
$fromuid = $creditspolicy['promotion_visit'] ? '&fromuid='.$discuz_uid : '';
$threadurl = "{$boardurl}viewthread.php?tid=$tid$fromuid";
$email = $db->result_first("SELECT email FROM {$tablepre}members WHERE uid='$discuz_uid'");
include template('emailfriend');
} else {
if(empty($fromname) || empty($fromemail) || empty($sendtoname) || empty($sendtoemail)) {
showmessage('email_friend_invalid', NULL, 'HALTED');
}
sendmail("$sendtoname <$sendtoemail>", 'email_to_friend_subject', 'email_to_friend_message', "$fromname <$fromemail>");
showmessage('email_friend_succeed', "viewthread.php?tid=$tid", NULL, 'HALTED');
}
} elseif($action == 'rate' && $pid) {
if(!$raterange) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif($modratelimit && $adminid == 3 && !$forum['ismoderator']) {
showmessage('thread_rate_moderator_invalid', NULL, 'HALTED');
}
$reasonpmcheck = $reasonpm == 2 || $reasonpm == 3 ? 'checked="checked" disabled' : '';
if(($reasonpm == 2 || $reasonpm == 3) || !empty($sendreasonpm)) {
$forumname = strip_tags($forum['name']);
$sendreasonpm = 1;
} else {
$sendreasonpm = 0;
}
foreach($raterange as $id => $rating) {
$maxratetoday[$id] = $rating['mrpd'];
}
$query = $db->query("SELECT extcredits, SUM(ABS(score)) AS todayrate FROM {$tablepre}ratelog
WHERE uid='$discuz_uid' AND dateline>=$timestamp-86400
GROUP BY extcredits");
while($rate = $db->fetch_array($query)) {
$maxratetoday[$rate['extcredits']] = $raterange[$rate['extcredits']]['mrpd'] - $rate['todayrate'];
}
$post = $db->fetch_first("SELECT * FROM {$tablepre}posts WHERE pid='$pid' AND invisible='0' AND authorid<>'0'");
if(!$post || $post['tid'] != $thread['tid'] || !$post['authorid']) {
showmessage('undefined_action', NULL, 'HALTED');
} elseif(!$forum['ismoderator'] && $karmaratelimit && $timestamp - $post['dateline'] > $karmaratelimit * 3600) {
showmessage('thread_rate_timelimit', NULL, 'HALTED');
} elseif($post['authorid'] == $discuz_uid || $post['tid'] != $tid) {
showmessage('thread_rate_member_invalid', NULL, 'HALTED');
} elseif($post['anonymous']) {
showmessage('thread_rate_anonymous', NULL, 'HALTED');
} elseif($post['status'] & 1) {
showmessage('thread_rate_banned', NULL, 'HALTED');
}
$allowrate = TRUE;
if(!$dupkarmarate) {
$query = $db->query("SELECT pid FROM {$tablepre}ratelog WHERE uid='$discuz_uid' AND pid='$pid' LIMIT 1");
if($db->num_rows($query)) {
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -