job.php

很好的一套PHP树形论坛程序

	}
	/**
	* 版块权限判断
	*/
	if($foruminfo['allowdownload'] && strpos($foruminfo['allowdownload'],','.$groupid.',')===false && !$admincheck){
		Showmsg('job_attach_forum');
	}
	/**
	* 用户组权限判断
	*/
	if(!$foruminfo['allowdownload'] && $gp_allowdownload==0 && !$admincheck){
		Showmsg('job_attach_group');
	}
	if($needrvrc && $userrvrc < $needrvrc && !$admincheck){
		list(,,$db_rvrcname,)=explode("\t",$db_credits);
		Showmsg('job_attach_rvrc');
	}
	if(!$attach_url && !is_readable("$attachdir/$attachurl")){
		Showmsg('job_attach_error');
	}
	$db->update("UPDATE pw_attachs SET hits=hits+1 WHERE aid='$aid'");

	$attach[$aid]['hits']++;
	$attach=addslashes(serialize($attach));
	$db->update("UPDATE $table SET aid='$attach' WHERE $where");

	$filename =basename("$attachdir/$attachurl");
	$fileext = substr(strrchr($attachurl,'.'),1);

	if(strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE')!==false && $fileext=='torrent' ){
		$attachment='inline';
	} else{
		$attachment='attachment';
	}
	ob_end_clean();
	//header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
	header('Last-Modified: '.gmdate('D, d M Y H:i:s',$timestamp+31536000).' GMT');
	header('Pragma: no-cache');
	header('Content-Encoding: none');
	header('Content-Disposition: '.$attachment.'; filename='.$name);
	header('Content-type: '.$fileext);

	if($attach_url && !file_exists("$attachdir/$attachurl") && function_exists('file_get_contents')){
		$downcontent=file_get_contents($attach_url."/$attachurl");
	}else{
		$filesize = filesize($attachdir.'/'.$attachurl);
		header('Content-Length: '.$filesize);
		$downcontent=readover("$attachdir/$attachurl");
	}
	echo $downcontent;
	exit;
} elseif($action=='deldownfile'){
	if(is_numeric($aid)){
		if(is_numeric($pid)){
			$table = 'pw_posts';
			$where = "pid='$pid'";
			$post  = $db->get_one("SELECT fid,tid,aid AS oldaid,authorid FROM pw_posts WHERE pid='$pid'");
		} else{
			$table = 'pw_tmsgs';
			$where = "tid='$tid'";
			$post  = $db->get_one("SELECT t.tid,t.fid,t.authorid,tm.aid AS oldaid FROM pw_threads t LEFT JOIN pw_tmsgs tm USING(tid) WHERE t.tid='$tid'");
		}
		$tid    = $post['tid'];
		$fid    = $post['fid'];
		$attach = unserialize(stripslashes($post['oldaid']));
		$attachurl='';
		!$attach[$aid] && Showmsg('job_attach_error');
		@extract($attach[$aid]);
		if(!$attachurl || strpos($attachurl,'..')!==false){
			Showmsg('job_attach_error');
		}
	} else{
		Showmsg('job_attach_error');
	}
	require_once(R_P.'require/forum.php');
	require_once(R_P.'require/updateforum.php');

	$foruminfo=$db->get_one("SELECT f_type,style,password,allowvisit,forumadmin,allowhtm,cms FROM pw_forums WHERE fid='$fid'");
	if(!$foruminfo){
		require_once(R_P.'require/url_error.php');
	}
	wind_forumcheck($foruminfo);
	/*
	*  获取管理权限
	*/
	if($windid==$manager || ($foruminfo['forumadmin'] && strpos($foruminfo['forumadmin'],','.$windid.',')!==false)){
		$admincheck=1;
	} else{
		$admincheck=0;
	}
	if ($groupid!='guest' && ($admincheck || $post['authorid']==$winduid || $SYSTEM['delattach'])){
		P_unlink("$attachdir/$attachurl");

		$attach=unserialize(stripslashes($post['oldaid']));
		unset($attach[$aid]);
		if($attach){
			$attach=addslashes(serialize($attach));
		} else{
			$attach='';
		}
		$db->update("UPDATE $table SET aid='$attach' WHERE $where");
		$db->update("DELETE FROM pw_attachs WHERE aid='$aid'");

		$ifupload=getattachtype($tid);
		$db->update("UPDATE pw_threads SET ifupload='$ifupload' WHERE tid='$tid'");

		if($foruminfo['allowhtm']){
			if($foruminfo['cms']){
				require_once $db_cp.'require/c_buildhtml.php';
				BuildTopicHtml($tid,$foruminfo);
			} else {
				include_once R_P.'require/template.php';
			}
			require_once R_P.'require/template.php';
			refreshto($jumpurl,'operate_success');
		} else{
			refreshto("read.php?fid=$fid&tid=$tid",'operate_success');
		}
	} else{
		Showmsg('job_attach_right');
	}
} elseif($action=='viewtody'){
	$wind_in='vt';
	if($db_today==0){
		Showmsg('job_viewtody_close');
	}
	require_once(R_P.'require/header.php');
	require_once(R_P.'require/forum.php');
	$check_admin="N";
	if ($windid==$manager) 
		$check_admin="Y";
	if(!is_numeric($page) || $page<1){
		$page=1;
	}
	$filename=D_P.'data/bbscache/today.php';
	$dbtdsize=100+1;
	$seed=$page*$db_perpage;$count=0;
	if($fp=@fopen($filename,"rb")){
		flock($fp,LOCK_SH);
		$node=fread($fp,$dbtdsize);
		$nodedb=explode("\t",$node);/*头结点在第二个数据段*/
		$nodefp=$dbtdsize*$nodedb[1];
		fseek($fp,$nodefp,SEEK_SET);
		$todayshow=fseeks($fp,$dbtdsize,$seed);/*传回数组*/
		fseek($fp,0,SEEK_END);
		$count=floor(ftell($fp)/$dbtdsize)-1;
		fclose($fp);
	}
	if ($count%$db_perpage==0){
		$numofpage=$count/$db_perpage;  //$numofpage为 一共多少页
	} else{
		$numofpage=floor($count/$db_perpage)+1; 
	}
	if ($page>$numofpage)
		$page=$numofpage;
	$pagemin=min(($page-1)*$db_perpage , $count-1);  
	$pagemax=min($pagemin+$db_perpage-1, $count-1);
	$pages=numofpage($count,$page,$numofpage,"job.php?action=viewtody&");
	
	$inbbsdb=array();
	for ($i=$pagemin; $i<=$pagemax; $i++) {
		if (!trim($todayshow[$i]))
			continue;
		list($inbbs['user'],$null1,$null2,$inbbs['rgtime'],$inbbs['logintime'],$inbbs['intime'],$inbbs['ip'],$inbbs['post'],$inbbs['rvrc'],$null)=explode("\t",$todayshow[$i]);
		$inbbs['rawuser']=rawurlencode($inbbs['user']);
		$inbbs['rvrc']=floor($inbbs['rvrc']/10);
		$inbbs['rgtime']=get_date($inbbs['rgtime']);
		$inbbs['logintime']=get_date($inbbs['logintime']);
		$inbbs['intime']=get_date($inbbs['intime']);
		if ($check_admin=="N")
		{
			$inbbs['ip']="secret";
		}
		$inbbsdb[]=$inbbs;
	}
	list(,,$db_rvrcname,)=explode("\t",$db_credits);

	require_once PrintEot('todayinbbs');footer();
}elseif($action=='buytopic'){
	$tpcs=$db->get_one("SELECT authorid,content FROM pw_threads t LEFT JOIN pw_tmsgs tm ON tm.tid=t.tid WHERE t.tid='$tid'");
	$tpcs['content']=substr($tpcs['content'],strpos($tpcs['content'],'[sell=')+6);
	$sellmoney = substr($tpcs['content'],0,strpos($tpcs['content'],']'));
	list($db_moneyname,)=explode("\t",$db_credits);
	if (empty($windid) || $winduid==$tpcs['authorid'] || !is_numeric($sellmoney) || $sellmoney<0){
		Showmsg('undefined_action');
	}
	$sellmoney = (int)$sellmoney;
	if($sellmoney > 1000){
		$sellmoney = 1000;
	}
	$winddb['money'] < $sellmoney && Showmsg('job_buy_noenough');
	$rs=$db->get_one("SELECT buy FROM pw_tmsgs  WHERE tid='$tid'");
	if($rs['buy'] && strpos($rs['buy'].',',','.$windid.',')!==false){
		Showmsg('job_havebuy');
	}
	$db->update("UPDATE pw_memberdata SET money=money-'$sellmoney' WHERE uid='$winduid'");
	$sellmoney>10 && $sellmoney=$sellmoney*0.9;
	$db->update("UPDATE pw_memberdata SET money=money+'$sellmoney' WHERE uid='$tpcs[authorid]'");	

	$buy=$rs['buy'].",".$windid;
	$db->update("UPDATE pw_tmsgs SET buy='".addslashes($buy)."' WHERE tid='$tid'");
	refreshto("read.php?tid=$tid",'operate_success');
}elseif($votejop=='vote'){
	require_once(R_P.'require/forum.php');
	@extract($db->get_one("SELECT t.fid,t.tid,t.postdate,t.locked,t.ifcheck,p.voteopts FROM pw_polls p LEFT JOIN pw_threads t ON p.pollid=t.pollid WHERE p.pollid='$pollid'"));
	/**
	* 得到版块基本信息,版块权限验证
	*/
	
	$foruminfo=$db->get_one("SELECT name,f_type,style,password,allowvisit,forumadmin,allowhtm,cms FROM pw_forums WHERE fid='$fid'");
	if(!$foruminfo){
		require_once(R_P.'require/url_error.php');
	}
	wind_forumcheck($foruminfo);

	/*
	*  获取管理权限
	*/
	if($windid==$manager || ($foruminfo['forumadmin'] && strpos($foruminfo['forumadmin'],','.$windid.',')!==false)){
		$admincheck=1;
	} else{
		$admincheck=0;
	}

	/*
	*用户组权限验证
	*/
	$gp_allowvote==0 && Showmsg('job_vote_right');
	$v_uid = $windid ? $windid : $onlineip;
	if(!$admincheck && $locked>0){
		Showmsg('job_vote_lock');
	}

	$votearray = unserialize($voteopts);

	if(!$voteaction){
		foreach($votearray['options'] as $option){
			if(@in_array($v_uid,$option[2])){
				Showmsg('job_havevote');
			}
		}
	}

	if(empty($voteid)){
		Showmsg('job_vote_sel');
	}
	if(count($voteid)>$votearray['multiple'][1]){
		Showmsg('job_vote_num');
	}
	if($voteaction=='modify'){
		if ($gp_edittime && ($timestamp-$postdate)>$gp_edittime*60){
			Showmsg('modify_timelimit');
		}
		foreach($votearray['options'] as $key=>$option){
			foreach($option[2] as $vid=>$value){
				if($value==$v_uid){
					$votearray['options'][$key][1]--;
					unset($votearray['options'][$key][2][$vid]);
				}
			}
		}
	}
	foreach($voteid as $k=>$id){
		$votearray['options'][(int)$id][1]++;
		$votearray['options'][(int)$id][2][]=$v_uid;
	}
	$voteopts = addslashes(serialize($votearray));
	$db->update("UPDATE pw_polls SET voteopts='$voteopts' WHERE pollid='$pollid'");
	$db->update("UPDATE pw_threads SET lastpost='$timestamp' WHERE tid='$tid'");
	if($foruminfo['allowhtm']==1){
		if($foruminfo['cms']){
			require_once $db_cp.'require/c_buildhtml.php';
			BuildTopicHtml($tid,$foruminfo);
		} else {
			include_once R_P.'require/template.php';
		}
	}
	empty($j_p) && $j_p="read.php?tid=$tid";
	refreshto($j_p,'operate_success');
}

//elseif($s_user=='htm'){
	//$
//}
function fseeks($fp,$dbtdsize,$seed){
	$num=0;
	while($break!=1 && $num<$seed){
		$num++;
		$sdata=fread($fp,$dbtdsize);
		$sdb=explode("\t",$sdata);
		$sdbnext=$sdb[2]*$dbtdsize;
		if($sdbnext!='NULL'){
			fseek($fp,$sdbnext,SEEK_SET);
		}else{
			$break=1;
		}
		$todayshow[]=$sdata;
	}
	return $todayshow;
}
function addcredit($uid,$cid,$addpoint){
	global $db;
	if($cid=='rvrc'){
		$addpoint*=10;
		$db->update("UPDATE pw_memberdata SET rvrc=rvrc+'$addpoint' WHERE uid='$uid'");
	}elseif($cid=='money'){
		$db->update("UPDATE pw_memberdata SET money=money+'$addpoint' WHERE uid='$uid'");
	}elseif($cid=='credit'){
		$db->update("UPDATE pw_memberdata SET credit=credit+'$addpoint' WHERE uid='$uid'");
	}elseif(is_numeric($cid)){
		$db->pw_update(
			"SELECT uid FROM pw_membercredit WHERE uid='$uid' AND cid='$cid'",
			"UPDATE pw_membercredit SET value=value+'$addpoint' WHERE uid='$uid' AND cid='$cid'",
			"INSERT INTO pw_membercredit SET uid='$uid',cid='$cid',value='$addpoint'"
		);
	} else{
		Showmsg('credit_error');
	}
}
?>