📄 wapaction.java
字号:
Map<String,String> groupinfo=dataBaseService.executeQuery("SELECT groupid, allownickname, allowcstatus, allowavatar, allowcusbbcode, allowsigbbcode, allowsigimgcode, maxsigsize FROM jrun_usergroups WHERE "+ (regverify >0 ? "groupid='8'" : "creditshigher <= "+ credits + " AND " + credits+ "< creditslower LIMIT 1")).get(0);
String username = request.getParameter("username");
if(username==null||username.equals("")){
RegisterVO registerVO = wapService.getRegisterVO(request, settingMap, memberInSession, formhashInSession, sid);
request.setAttribute("valueObject", registerVO);
return mapping.findForward("register");
}else{
String email = request.getParameter("email");
email = email!=null?email.trim():"";
username = username.trim();
if(username.length()>15){
wapService.forwardToMessage(request, response, settingMap, "对不起,您的用户名超过 15 个字符,请返回输入一个较短的用户名。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}
if(username.length()<3){
wapService.forwardToMessage(request, response, settingMap, "对不起,您输入的用户名小于3个字符, 请返回输入一个较长的用户名。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}
String censoruser=settingMap.get("censoruser");
if (Common.censoruser(username, censoruser)) {
wapService.forwardToMessage(request, response, settingMap, "用户名包含敏感字符或被系统屏蔽,请返回重新填写。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}
String password = request.getParameter("password");
if(password == null||password.equals("")||password.contains("'")||password.contains("\"")||password.contains("\\")){
wapService.forwardToMessage(request, response, settingMap, "密码空或包含非法字符,请返回重新填写。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}
String accessemail=settingMap.get("accessemail");
String censoremail=settingMap.get("censoremail");
boolean invalidemail = !accessemail.equals("") ? !Common.matches(email,"(" + accessemail.replaceAll("\r\n", "1")+ ")$") : !censoremail.equals("")&& Common.matches(email, "(" + censoremail.replaceAll("\r\n", "1")+ ")$");
if (!Common.isEmail(email) || invalidemail) {
wapService.forwardToMessage(request, response, settingMap, "Email 地址无效或包含不可使用的邮箱域名,请返回重新填写。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}
String onlineIp = request.getRemoteAddr();
String ipregctrl =settingMap.get("ipregctrl");
String ctrlip = "";
int regctrl = Integer.valueOf(settingMap.get("regctrl"));
if (!"".equals(ipregctrl)) {
String[] ipregctrls = ipregctrl.split("\n");
for (String obj : ipregctrls) {
if (Common.matches(onlineIp, "^(" + obj + ")")) {
ctrlip = obj + "%";
regctrl = 72;
break;
} else {
ctrlip = onlineIp;
}
}
ipregctrls=null;
} else {
ctrlip = onlineIp;
}
if (regctrl > 0) {
List<Map<String,String>> regips=dataBaseService.executeQuery("SELECT ip FROM jrun_regips WHERE ip LIKE '"+ ctrlip+ "' AND count='-1' AND dateline>"+(timestamp - regctrl * 3600)+" LIMIT 1");
if (regips != null && regips.size() > 0) {
wapService.forwardToMessage(request, response, settingMap, "对不起,您的 IP 地址在 " + regctrl + " 小时内只能注册一个帐号,请返回。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}
}
List<Map<String,String>> user=dataBaseService.executeQuery("SELECT uid FROM jrun_members WHERE username='"+username+"'");
if (user != null&&user.size()>0) {
wapService.forwardToMessage(request, response, settingMap, "该用户名已经被注册了,请返回重新填写。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}
if (Integer.valueOf(settingMap.get("doublee"))==0) {
List<Map<String,String>> members=dataBaseService.executeQuery("SELECT uid FROM jrun_members WHERE email='"+email+"' LIMIT 1");
if (members != null && members.size() > 0) {
wapService.forwardToMessage(request, response, settingMap, "该 Email 地址已经被注册了,请返回重新填写。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}
}
int regfloodctrl = Integer.valueOf(settingMap.get("regfloodctrl"));
if(regfloodctrl>0){
List<Map<String,String>> regips=dataBaseService.executeQuery("SELECT count FROM jrun_regips WHERE ip='"+onlineIp+"' AND count>'0' AND dateline>"+(timestamp-86400));
if(regips!=null&®ips.size()>0){
Map<String,String> regip=regips.get(0);
if(Integer.valueOf(regip.get("count"))>=regfloodctrl){
wapService.forwardToMessage(request, response, settingMap, "对不起,同一 IP 地址在 24 小时内只能进行 "+regfloodctrl+" 次注册尝试,请返回。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}else{
dataBaseService.runQuery("UPDATE jrun_regips SET count=count+1 WHERE ip='"+onlineIp+"' AND count>'0'",true);
}
}
else{
dataBaseService.runQuery("INSERT INTO jrun_regips (ip, count, dateline) VALUES ('"+onlineIp+"', '1', '"+timestamp+"')",true);
}
}
byte sigstatus = 0;
String idstring =Common.getRandStr(6,false);
String authstr = regverify==1 ? timestamp + "\t2\t" +idstring: "";
Members member = new Members();
member = (Members) setValues(member, request);
member.setUsername(username);
member.setPassword(Md5Token.getInstance().getLongToken(password));
member.setSecques("");
member.setAdminid((byte)0);
member.setGroupid(Short.valueOf(groupinfo.get("groupid")));
member.setRegdate(timestamp);
member.setRegip(onlineIp);
member.setLastvisit(timestamp);
member.setLastactivity(timestamp);
member.setPosts(0);
member.setCredits(credits);
member.setSigstatus(sigstatus);
member.setExtcredits1(initcredit1);
member.setExtcredits2(initcredit2);
member.setExtcredits3(initcredit3);
member.setExtcredits4(initcredit4);
member.setExtcredits5(initcredit5);
member.setExtcredits6(initcredit6);
member.setExtcredits7(initcredit7);
member.setExtcredits8(initcredit8);
memberService.insertMember(member);
int uid = member.getUid();
dataBaseService.runQuery("INSERT INTO jrun_memberfields (uid, authstr) VALUES ('"+uid+"', '"+authstr+"')",true);
if (regverify==2) {
dataBaseService.runQuery("REPLACE INTO jrun_validating (uid, submitdate, moddate, admin, submittimes, status, message, remark) VALUES ('"+uid+"', '"+timestamp+"', '0', '', '1', '0', '', '')",true);
}
request.setAttribute("sessionexists", false);
session.setAttribute("jsprun_uid", member.getUid());
session.setAttribute("jsprun_userss", member.getUsername());
session.setAttribute("jsprun_groupid", member.getGroupid());
session.setAttribute("jsprun_adminid", member.getAdminid());
session.setAttribute("jsprun_pw", member.getPassword());
session.setAttribute("user", memberService.findMemberById(member.getUid()));
session.setAttribute("formhash", Common.getRandStr(8,false));
request.setAttribute("refresh", "true");
String realPath=servlet.getServletContext().getRealPath("/");
Cache cache=new Cache(realPath);
try {
cache.updatecache("settings");
} catch (Exception e) {
e.printStackTrace();
}
cache=null;
if (regverify==1) {
Map<String,String> mails=dataParse.characterParse(settingMap.get("mail"), false);
mails.put("jsprun_root",servlet.getServletContext().getRealPath("/"));
Mail mail=new Mail(mails);
String boardurl=(String)session.getAttribute("boardurl");
mail.sendMessage(mails.get("from"),username+" <"+email+">","Email 地址验证","\n"+username+" ,\n这封信是由 "+settingMap.get("bbname")+" 发送的。\n\n您收到这封邮件,是因为在我们论坛的新用户注册,或用户修改 Email 使用\n了您的地址。如果您并没有访问过我们的论坛,或没有进行上述操作,请忽\n略这封邮件。您不需要退订或进行其他进一步的操作。\n\n----------------------------------------------------------------------\n帐号激活说明\n----------------------------------------------------------------------\n\n您是我们论坛的新用户,或在修改您的注册 Email 时使用了本地址,我们需\n要对您的地址有效性进行验证以避免垃圾邮件或地址被滥用。\n\n您只需点击下面的链接即可激活您的帐号:\n\n"+boardurl+"member.jsp?action=activate&uid="+uid+"&id="+idstring+"\n\n(如果上面不是链接形式,请将地址手工粘贴到浏览器地址栏再访问)\n\n感谢您的访问,祝您使用愉快!\n\n\n\n此致\n\n"+settingMap.get("bbname")+" 管理团队.\n"+boardurl,null);
wapService.forwardToMessage(request, response, settingMap, "确认 Email 已经发送,请用邮件中提供的方法激活您的帐号。如果您没有收到我们发送的系统邮件,请点击控制面板首页中的“重新验证 Email 有效性”,或尝试更换另外一个地址。注意:在完成激活之前,根据管理员设置,您将只能以等验证会员的身份访问论坛,您可能不能进行发帖等操作。激活成功后,上述限制将自动取消。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
} else if (regverify==2) {
wapService.forwardToMessage(request, response, settingMap, "非常感谢您的注册,管理员设置了人工验证新注册用户,请等待审核通过,现在将转入控制面板首页。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
} else {
wapService.forwardToMessage(request, response, settingMap, "非常感谢您的注册,现在将以会员身份登录论坛。", null, settingMap.get("bbname"), memberInSession, "register", formhashInSession, sid);
return null;
}
}
}
public ActionForward forum(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response){
request.setAttribute("jsprun_action", "191");
HttpSession session = request.getSession();
Members currentMember = (Members)session.getAttribute("user");
String formhashInSession = (String)session.getAttribute("formhash");
short groupid=(Short)session.getAttribute("jsprun_groupid");
Map<String,String> settingMap = (Map<String,String>)request.getAttribute("settings");
if(!wapService.validateWap(request, response, settingMap, currentMember, formhashInSession,session.getId())){
return null;
}
String pageString = request.getParameter("page");
String fidString = request.getParameter("fid");
short fid = fidString!=null?Short.parseShort(fidString):0;
if(fid!=0){
Map<String,String> forumsCache = (Map<String,String>)request.getAttribute("forums");
String forumsString = forumsCache.get("forums");
DataParse dataParse= (DataParse)BeanFactory.getBean("dataParse");
Map<String,Map<String,String>> forums = dataParse.characterParse(forumsString, false);
Map<String,String> forum = null;
if(forums==null||forums.size()==0){
wapService.forwardToMessage(request, response, settingMap, "指定版块不存在", null, settingMap.get("bbname"), currentMember, "forum", formhashInSession, session.getId());
return null;
}else{
forum = forums.get(fid+"");
if(forum==null){
wapService.forwardToMessage(request, response, settingMap, "指定版块不存在", null, settingMap.get("bbname"), currentMember, "forum", formhashInSession, session.getId());
return null;
}
}
String viewperm = forum.get("viewperm");
String extgroupid=currentMember!=null?currentMember.getExtgroupids():null;
if(!viewperm.equals("")&&!Common.forumperm(viewperm, groupid, extgroupid)){
wapService.forwardToMessage(request, response, settingMap, "无权访问本版块", null, settingMap.get("bbname"), currentMember, "forum", formhashInSession, session.getId());
return null;
}
String dow = request.getParameter("do");
Map<String,String> groupCache = (Map<String,String>)request.getAttribute("usergroups");
Forums_threadsVO forums_threadsVO = wapService.getPartOfT(request, response, pageString, dow, fid, groupid, settingMap, forums, groupCache, currentMember, (String)session.getAttribute("formhash"), session.getId());
request.setAttribute("valueObject", forums_threadsVO);
}else{
int jsprun_uid = (Integer)session.getAttribute("jsprun_uid");
Forums_threadsVO forums_threadsVO = wapService.getPartOfF(request, response, pageString, settingMap, currentMember, jsprun_uid, groupid, (String)session.getAttribute("formhash"), session.getId());
request.setAttribute("valueObject", forums_threadsVO);
}
return mapping.findForward("showFOT");
}
public ActionForward thread(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response){
request.setAttribute("jsprun_action", "193");
HttpSession session = request.getSession();
Map<String,String> settingMap = (Map<String,String>)request.getAttribute("settings");
Map<String,String> groupCache = (Map<String,String>)request.getAttribute("usergroups");
Members currentMember = (Members)session.getAttribute("user");
String formhashInSession = (String)session.getAttribute("formhash");
if(!wapService.validateWap(request, response, settingMap, currentMember, formhashInSession,session.getId())){
return null;
}
float timeoffset=(Float)session.getAttribute("timeoffset");
String tid = request.getParameter("tid");
String pid = request.getParameter("pid");
String pageString = request.getParameter("page");
String offsetString = request.getParameter("offset");
String startString = request.getParameter("start");
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -