www.gusucode.com > 电影影院门户论坛源码程序网站 > 整站安装/整站源码/source/plugin/manyou/Service/Server/Security.php
<?php /** * [Discuz!] (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: Security.php 33923 2013-09-03 02:59:43Z nemohou $ */ if(!defined('IN_DISCUZ')) { exit('Access Denied'); } Cloud::loadFile('Service_Server_Restful'); class Cloud_Service_Server_Security extends Cloud_Service_Server_Restful { protected static $_instance; public static function getInstance() { if (!(self::$_instance instanceof self)) { self::$_instance = new self(); } return self::$_instance; } public function onSecuritySetEvilPost($data) { $results = array(); foreach ($data as $evilPost) { $results[] = $this->_handleEvilPost($evilPost['tid'], $evilPost['pid'], $evilPost['evilType'], $evilPost['evilLevel']); } return $results; } public function onSecuritySetEvilUser($data, $days = 1) { $results = array(); foreach ($data as $evilUser) { $results[] = $this->_handleEvilUser($evilUser['uid'], $evilUser['evilType'], $evilUser['evilLevel'], $days); } return $results; } protected function _handleEvilPost($tid, $pid, $evilType, $evilLevel = 1) { include_once DISCUZ_ROOT.'./source/language/lang_admincp_cloud.php'; $securityService = Cloud::loadClass('Service_Security'); $securityService->writeLog($pid, 'pid'); $evilPost = C::t('#security#security_evilpost')->fetch($pid); if (count($evilPost)) { return true; } else { require_once libfile('function/delete'); require_once libfile('function/forum'); require_once libfile('function/post'); $data = array('pid' => $pid, 'tid' => $tid, 'evilcount' => 1, 'eviltype' => $evilType, 'createtime' => TIMESTAMP); $post = get_post_by_pid($pid); if (is_array($post) && count($post) > 0) { if ($tid != $post['tid']) { return false; } $thread = get_thread_by_tid($tid); if ($post['first']) { $data['type'] = 1; if ($this->_checkThreadIgnore($tid)) { return false; } C::t('#security#security_evilpost')->insert($data, false, true); $this->_updateEvilCount('thread'); deletethread(array($tid), true, true, true); updatemodlog($tid, 'DEL', 0, 1, $extend_lang['security_modreason']); } else { $data['type'] = 0; if ($this->_checkPostIgnore($pid, $post)) { return false; } C::t('#security#security_evilpost')->insert($data, false, true); $this->_updateEvilCount('post'); deletepost(array($pid), 'pid', true, false, true); } if(!empty($post['authorid'])) { $data = array('uid' => $post['authorid'], 'createtime' => TIMESTAMP); C::t('#security#security_eviluser')->insert($data, false, true); } } else { $data['operateresult'] = 2; C::t('#security#security_evilpost')->insert($data, false, true); } if($evilLevel >= 5) { $user = C::t('common_member')->fetch($post['authorid'], 0, 1); $this->_handleBandUser($user, 1); } } return true; } protected function _handleBandUser($user, $days = 1) { $uid = $user['uid']; if($this->_checkUserIgnore($uid)) { return false; } require_once libfile('function/forum'); $setarr = array('groupid' => 4); if($days) { $days = !empty($days) ? TIMESTAMP + $days * 86400 : 0; $days = $days > TIMESTAMP ? $days : 0; if($days) { $user['groupterms']['main'] = array('time' => $days, 'adminid' => $user['adminid'], 'groupid' => $user['groupid']); $user['groupterms']['ext'][4] = $days; C::t('common_member_field_forum')->update($uid, array('groupterms' => serialize($user['groupterms']))); $setarr['groupexpiry'] = groupexpiry($user['groupterms']); } else { $setarr['groupexpiry'] = 0; } } require_once libfile('function/misc'); return C::t('common_member')->update($uid, $setarr); } protected function _handleEvilUser($uid, $evilType, $evilLevel = 1, $days = 1) { global $_G; include_once DISCUZ_ROOT.'./source/language/lang_admincp_cloud.php'; $securityService = Cloud::loadClass('Service_Security'); $securityService->writeLog($uid, 'uid'); if($this->_checkUserIgnore($uid)) { return false; } $user = C::t('common_member')->fetch($uid, 0, 1); if(is_array($user)) { $update = $this->_handleBandUser($user, $days); if ($update) { $_G['member']['username'] = 'SYSTEM'; savebanlog($user['username'], $user['groupid'], 4, 0, $extend_lang['security_modreason']); } } $evilUser = C::t('#security#security_eviluser')->fetch($uid); if (count($evilUser)) { return true; } else { $data = array('uid' => $uid, 'evilcount' => 1, 'eviltype' => $evilType, 'createtime' => TIMESTAMP); C::t('#security#security_eviluser')->insert($data, false, true); $this->_updateEvilCount('member'); } return true; } protected function _checkThreadIgnore($tid) { if (!intval($tid)) { return true; } require_once libfile('function/forum'); $checkFiled = array('highlight', 'displayorder', 'digest'); $thread = get_thread_by_tid($tid); $checkResult = false; $checkResult = $this->_checkBoardIgnore($thread['fid']); $checkResult = $checkResult ? true : $this->_checkUserIgnore($thread['authorid']); foreach ($checkFiled as $field) { if ($thread[$field] > 0) { $checkResult = true; }; } return $checkResult; } protected function _updateEvilCount($type) { if (empty($type)) { return false; } $settingKey = 'cloud_security_stats_' . $type; $count = intval(C::t('common_setting')->fetch($settingKey)); C::t('common_setting')->update($settingKey, $count + 1); } protected function _checkPostIgnore($pid, $post) { if (!intval($pid)) { return true; } $checkResult = false; $checkResult = $this->_checkBoardIgnore($post['fid']); $checkResult = $checkResult ? true : $this->_checkUserIgnore($post['authorid']); $postStick = C::t('forum_poststick')->count_by_pid($pid); if ($checkResult || $postStick) { $checkResult = true; } return $checkResult; } protected function _checkBoardIgnore($fid) { global $_G; $checkResult = false; $whiteList = $_G['setting']['security_forums_white_list']; $whiteList = is_array($whiteList) ? $whiteList : array(); if (in_array($fid, $whiteList)) { $checkResult = true; } return $checkResult; } protected function _checkUserIgnore($uid) { global $_G; if (!intval($uid)) { return true; } $whiteList = $_G['setting']['security_usergroups_white_list']; $whiteList = is_array($whiteList) ? $whiteList : array(); $memberInfo = C::t('common_member')->fetch($uid, 0, 1); $checkResult = false; if (in_array($memberInfo['groupid'], $whiteList)) { $checkResult = true; } return $checkResult; } }