www.gusucode.com > ShopEx481 & PHPWind 整合版码程序 > bbs/global.php
<?php /** * * Copyright (c) 2003-08 PHPWind.net. All rights reserved. * Support : http://www.phpwind.net * This software is the proprietary information of PHPWind.com. * */ file_exists('install.php') && ObHeader('install.php'); error_reporting(E_ERROR | E_PARSE); set_magic_quotes_runtime(0); function_exists('date_default_timezone_set') && date_default_timezone_set('Etc/GMT+0'); $defined_vars = get_defined_vars(); foreach ($defined_vars as $_key => $_value) { if (!in_array($_key,array('GLOBALS','_POST','_GET','_COOKIE','_SERVER','_FILES','wind_in'))) { ${$_key} = ''; unset(${$_key}); } } $t_array = explode(' ',microtime()); $P_S_T = $t_array[0] + $t_array[1]; define('R_P',getdirname(__FILE__)); define('D_P',R_P); !defined('SCR') && define('SCR','other'); if (!get_magic_quotes_gpc()) { Add_S($_POST); Add_S($_GET); Add_S($_COOKIE); } Add_S($_FILES); $c_agentip = 1; if ($_SERVER['HTTP_X_FORWARDED_FOR']) { $onlineip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif ($_SERVER['HTTP_CLIENT_IP']) { $onlineip = $_SERVER['HTTP_CLIENT_IP']; } else { $onlineip = $_SERVER['REMOTE_ADDR']; $c_agentip = 0; } $onlineip = preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/',$onlineip) ? $onlineip : 'Unknown'; $timestamp = time(); !$_SERVER['PHP_SELF'] && $_SERVER['PHP_SELF'] = $_SERVER['SCRIPT_NAME']; require_once(R_P.'require/defend.php'); $dirstrpos = strpos($_SERVER['PHP_SELF'],$db_dir); if ($dirstrpos!==false) { $tmp = substr($_SERVER['PHP_SELF'],0,$dirstrpos); $_SERVER['PHP_SELF'] = "$tmp.php"; } else { $tmp = $_SERVER['PHP_SELF']; } $REQUEST_URI = $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']; if (GetCookie('lastvisit')) { list($c_oltime,$lastvisit,$lastpath) = explode("\t",GetCookie('lastvisit')); ($onbbstime=$timestamp-$lastvisit)<$db_onlinetime && $c_oltime+=$onbbstime; } else { $lastvisit = $lastpath = ''; $c_oltime = $onbbstime = 0; Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI); } if (defined('AJAX')) { require_once(R_P.'require/ajaxfunc.php'); } $db_cvtime != 0 && $timestamp += $db_cvtime*60; $db_debug && error_reporting(E_ALL ^ E_NOTICE); $wind_version = '6.3.2'; $db_olsize = 96; $R_url = $db_bbsurl = Char_cv("http://$_SERVER[HTTP_HOST]".substr($tmp,0,strrpos($tmp,'/'))); defined('SIMPLE') && SIMPLE && $db_bbsurl = substr($db_bbsurl,0,-7); $fid = (int)GetGP('fid'); $tid = (int)GetGP('tid'); $db = null; require_once(D_P.'data/sql_config.php'); !is_array($manager) && $manager = array(); $newmanager = array(); foreach ($manager as $key => $value) { if (!empty($value) && !is_array($value)) { $newmanager[$key] = $value; } } $manager = $newmanager; if ($database=='mysqli' && Pwloaddl('mysqli')===false) { $database = 'mysql'; } ObStart();//noizy if ($db_http != 'N') { $imgpath = $db_http; if (D_P != R_P) { $R_url = substr($db_http,-1)=='/' ? substr($db_http,0,-1) : $db_http; $R_url = substr($R_url,0,strrpos($R_url,'/')); } } else { $imgpath = $db_picpath; } $attachpath = $db_attachurl != 'N' ? $db_attachurl : $db_attachname; $imgdir = R_P.$db_picpath; $attachdir = R_P.$db_attachname; $pw_posts = 'pw_posts'; $pw_tmsgs = 'pw_tmsgs'; $runfc = 'N'; list($winduid,$windpwd,$safecv) = explode("\t",addslashes(StrCode(GetCookie('winduser'),'DECODE'))); if ($db_pptifopen && $db_ppttype == 'client') { if (strpos($db_pptloginurl,'?')===false) { $db_pptloginurl .= '?'; } elseif (substr($db_pptloginurl,-1)!='&') { $db_pptloginurl .= '&'; } if (strpos($db_pptregurl,'?')===false) { $db_pptregurl .= '?'; } elseif (substr($db_pptregurl,-1)!='&') { $db_pptregurl .= '&'; } $urlencode = rawurlencode($db_bbsurl); $loginurl = "$db_pptserverurl/{$db_pptloginurl}forward=$urlencode"; $loginouturl = PwEncodeUrl("$db_pptserverurl/$db_pptloginouturl&forward=$urlencode"); $regurl = "$db_pptserverurl/{$db_pptregurl}forward=$urlencode"; } else { $loginurl = 'login.php'; $loginouturl = PwEncodeUrl("login.php?action=quit"); $regurl = $db_registerfile; } $ol_offset = GetCookie('ol_offset'); $skinco = GetCookie('skinco'); if ($db_refreshtime && $REQUEST_URI==$lastpath && $onbbstime<$db_refreshtime) { !GetCookie('winduser') && $groupid = 'guest'; $skin = $skinco ? $skinco : $db_defaultstyle; Showmsg('refresh_limit'); } if (!$db_bbsifopen && !defined('CK')) { require_once(R_P.'require/bbsclose.php'); } $H_url =& $db_wwwurl; $B_url =& $db_bbsurl; $t = array('hours'=>gmdate('G',$timestamp+$db_timedf*3600)); $tddays = get_date($timestamp,'j'); $tdtime = (floor($timestamp/3600)-$t['hours'])*3600; $montime = $tdtime-($tddays-1)*86400; if ($_COOKIE || $timestamp%3==0) { if (SCR=='thread') { $lastpos = "F$fid"; } elseif (SCR=='read') { $lastpos = "T$tid"; } elseif (SCR=='index') { $lastpos = 'index'; } else { $lastpos = 'other'; } if ($timestamp-$lastvisit>$db_onlinetime || $lastpos != GetCookie('lastpos')) { $runfc = 'Y'; Cookie('lastpos',$lastpos); } } if (is_numeric($winduid) && strlen($windpwd)>=16) { $winddb = User_info(); $winduid = $winddb['uid']; $groupid = $winddb['groupid']; $userrvrc = (int)($winddb['rvrc']/10); $windid = $winddb['username']; $_datefm = $winddb['datefm']; $_timedf = $winddb['timedf']; $skin = $winddb['style'] ? $winddb['style'] : $db_defaultstyle; list($winddb['onlineip']) = explode('|',$winddb['onlineip']); $groupid=='-1' && $groupid=$winddb['memberid']; $curvalue = $db_signcurtype=='rvrc' ? $userrvrc : $winddb[$db_signcurtype]; if ($winddb['showsign'] && (!$winddb['starttime'] && $db_signmoney && strpos($db_signgroup,",$groupid,") !== false && $curvalue > $db_signmoney || $winddb['starttime'] && $winddb['starttime'] != $tdtime)) { require_once(R_P.'require/Signfunc.php'); Signfunc($winddb['showsign'],$winddb['starttime'],$curvalue); } unset($curvalue); } else { $skin = $db_defaultstyle; $groupid = 'guest'; $winddb = $windid = $winduid = $_datefm = $_timedf = ''; } if ($db_bbsifopen==2 && !defined('CK')) { require_once(R_P.'require/bbsclose.php'); } if ($db_ifsafecv && strpos($db_safegroup,",$groupid,")!==false && !$safecv && !defined('PRO')) { Showmsg('safecv_prompt'); } if ($db_ads && !$windid && (is_numeric($_GET['u']) || ($_GET['a'] && strlen($_GET['a'])<16)) && strpos($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST'])===false) { InitGP(array('u','a')); Cookie('userads',"$u\t$a\t".md5($_SERVER['HTTP_REFERER'])); } elseif (GetCookie('userads') && $db_ads=='1') { list($u,$a) = explode("\t",GetCookie('userads')); if ((int)$u>0 || ($a && strlen($a)<16)) { require_once(R_P.'require/userads.php'); } } if ($_POST['skinco']) { $skinco = $_POST['skinco']; } elseif ($_GET['skinco']) { $skinco = $_GET['skinco']; } if ($skinco && file_exists(D_P."data/style/$skinco.php") && strpos($skinco,'..')===false) { $skin = $skinco; Cookie('skinco',$skin); } if ($db_columns && !defined('W_P') && !defined('SIMPLE') && !defined('COL')) { $j_columns = GetCookie('columns'); if (!$j_columns) { $db_columns==2 && $j_columns = 2; Cookie('columns',$j_columns); } if ($j_columns==2 && (strpos($_SERVER['HTTP_REFERER'],$db_bbsurl)===false || strpos($_SERVER['HTTP_REFERER'],$db_adminfile)!==false)) { strpos($REQUEST_URI,'index.php')===false ? Cookie('columns','1') : ObHeader('columns.php?action=columns'); } } Ipban(); Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI); if ($groupid=='guest' && $db_guestdir && GetGcache()) { require_once(R_P.'require/guestfunc.php'); getguestcache(); } PwNewDB(); unset($_key,$_value,$defined_vars,$t_array,$db_whybbsclose,$db_whycmsclose,$db_ipban,$db_diy,$dbhost,$dbuser,$dbpw,$dbname,$pconnect,$manager_pwd,$newmanager); if ($groupid=='guest') { require_once(D_P.'data/groupdb/group_2.php'); } elseif (file_exists(D_P."data/groupdb/group_$groupid.php")) { require_once Pcv(D_P."data/groupdb/group_$groupid.php"); } else { require_once(D_P.'data/groupdb/group_1.php'); } $SCR = SCR; $header_ad = $footer_ad = ''; if (SCR != 'read') { $advertdb = AdvertInit(SCR,$fid); if (is_array($advertdb['header'])) { $header_ad = $advertdb['header'][array_rand($advertdb['header'])]['code']; } if (is_array($advertdb['footer'])) { $footer_ad = $advertdb['footer'][array_rand($advertdb['footer'])]['code'] .'<br />'; } unset($advertdb['header'],$advertdb['footer']); } if ($_SERVER['REQUEST_METHOD']=='POST' && strpos($REQUEST_URI,'login.php')===false && strpos($REQUEST_URI,$db_registerfile)===false) { $referer_a = @parse_url($_SERVER['HTTP_REFERER']); if ($referer_a['host']) { list($http_host) = explode(':',$_SERVER['HTTP_HOST']); if ($referer_a['host']!=$http_host) { Showmsg('undefined_action'); } } unset($referer_a); } function refreshto($URL,$content,$statime=1){ if (defined('AJAX')) Showmsg($content); global $db_ifjump; $URL = str_replace('=','=',$URL); if ($db_ifjump && $statime>0) { ob_end_clean(); global $tplpath,$fid,$imgpath,$db_obstart,$db_bbsname,$skin,$B_url; $index_name =& $db_bbsname; $index_url =& $B_url; ObStart();//noizy if (file_exists(D_P."data/style/$skin.php") && strpos($skin,'..')===false) { include_once Pcv(D_P."data/style/$skin.php"); } else { include_once(D_P.'data/style/wind.php'); } @extract($GLOBALS, EXTR_SKIP); require_once GetLang('refreshto'); $lang[$content] && $content = $lang[$content]; @require PrintEot('refreshto');exit; } else { ObHeader($URL); } } function ObHeader($URL){ global $db_obstart,$db_bbsurl,$db_htmifopen; if ($db_htmifopen && strtolower(substr($URL,0,4))!='http') { $URL = "$db_bbsurl/$URL"; } ob_end_clean(); if (!$db_obstart) { ob_start(); echo "<meta http-equiv='refresh' content='0;url=$URL'>";exit; } header("Location: $URL");exit; } function Showmsg($msg_info,$dejump=0){ @extract($GLOBALS, EXTR_SKIP); global $stylepath,$tablewidth,$mtablewidth,$tplpath; require_once GetLang('msg'); $lang[$msg_info] && $msg_info = $lang[$msg_info]; if (defined('AJAX')) { echo $msg_info; ajax_footer(); } $showlogin = false; if ($dejump!='1' && $groupid=='guest' && $REQUEST_URI==str_replace(array('register','login'),'',$REQUEST_URI) && (!$db_pptifopen || $db_ppttype != 'client')) { if (strpos($REQUEST_URI,'post.php')!==false && $_POST['tid']) { $REQUEST_URI = substr($REQUEST_URI,0,strrpos($REQUEST_URI,'/'))."/read.php?tid=$_POST[tid]&toread=1"; } if ($db_htmifopen) { $REQUEST_URI = str_replace(array('.php?','&','='),array($db_dir,'-','-'),$REQUEST_URI); strpos($REQUEST_URI,$db_ext)===false && $REQUEST_URI .= $db_ext; } $jumpurl = "http://$_SERVER[HTTP_HOST]".$REQUEST_URI; list(,$qcheck)=explode("\t",$db_qcheck); $qkey = $qcheck && $db_question ? array_rand($db_question) : ''; $showlogin = true; } define('MSG',1); $subject = strip_tags($msg_info).' - '; require_once(R_P.'require/header.php'); require_once PrintEot('showmsg');exit; } function GetLang($lang,$EXT='php'){ global $tplpath; if (file_exists(R_P."template/$tplpath/lang_$lang.$EXT")) { return R_P."template/$tplpath/lang_$lang.$EXT"; } elseif (file_exists(R_P."template/wind/lang_$lang.$EXT")) { return R_P."template/wind/lang_$lang.$EXT"; } else { exit("Can not find lang_$lang.$EXT file"); } } function PrintEot($template,$EXT='htm'){ //Copyright (c) 2003-08 PHPWind global $tplpath; !$template && $template = 'N'; if (file_exists(R_P."template/$tplpath/$template.$EXT")) { return R_P."template/$tplpath/$template.$EXT"; } elseif (file_exists(R_P."template/wind/$template.$EXT")) { return R_P."template/wind/$template.$EXT"; } else { exit("Can not find $template.$EXT file"); } } function Cookie($ck_Var,$ck_Value,$ck_Time='F',$p=true,$ck_Httponly=true){ global $db_ckpath,$db_ckdomain,$timestamp; if (!$_SERVER['REQUEST_URI'] || ($https = @parse_url($_SERVER['REQUEST_URI']))===false) { $https = array(); } if ((empty($https['scheme']) && ($_SERVER['HTTP_SCHEME']=='https' || $_SERVER['HTTPS'] && strtolower($_SERVER['HTTPS'])!='off')) || $https['scheme']=='https') { $ck_Secure = true; } else { $ck_Secure = false; } !$db_ckpath && $db_ckpath = '/'; $p && $ck_Var = CookiePre()."_$ck_Var"; if ($ck_Time=='F') { $ck_Time = $timestamp+31536000; } elseif ($ck_Value=='' && $ck_Time==0) { return setcookie($ck_Var,'',$timestamp-31536000,$db_ckpath,$db_ckdomain,$ck_Secure); } if (PHP_VERSION>='5.2.0') { return setcookie($ck_Var,$ck_Value,$ck_Time,$db_ckpath,$db_ckdomain,$ck_Secure,$ck_Httponly); } else { return setcookie($ck_Var,$ck_Value,$ck_Time,$db_ckpath.($ck_Httponly ? '; HttpOnly' : ''),$db_ckdomain,$ck_Secure); } } function GetCookie($Var){ return $_COOKIE[CookiePre()."_$Var"]; } function CookiePre(){ static $pre = null; !isset($pre) && $pre = substr(md5($GLOBALS['db_sitehash']),0,5); return $pre; } function Ipban(){ global $db_ipban,$onlineip,$imgpath,$stylepath; if ($db_ipban) { $baniparray = explode(',',$db_ipban); foreach ($baniparray as $banip) { if ($banip && strpos(",$onlineip.",','.trim($banip).'.')!==false) { Showmsg('ip_ban'); } } } } function P_unlink($filename){ strpos($filename,'..')!==false && exit('Forbidden'); return @unlink($filename); } function openfile($filename){ $filedb = explode('<:wind:>',str_replace("\n","\n<:wind:>",readover($filename))); $count = count($filedb)-1; if ($count > -1 && (!$filedb[$count] || $filedb[$count]=="\r")) { unset($filedb[$count]); } empty($filedb) && $filedb[0] = ''; return $filedb; } function readover($filename,$method='rb'){ strpos($filename,'..')!==false && exit('Forbidden'); $filedata = ''; if ($handle = @fopen($filename,$method)) { flock($handle,LOCK_SH); $filedata = @fread($handle,filesize($filename)); fclose($handle); } return $filedata; } function writeover($filename,$data,$method='rb+',$iflock=1,$check=1,$chmod=1){ //Copyright (c) 2003-08 PHPWind $check && strpos($filename,'..')!==false && exit('Forbidden'); touch($filename); $handle = fopen($filename,$method); $iflock && flock($handle,LOCK_EX); fwrite($handle,$data); $method=='rb+' && ftruncate($handle,strlen($data)); fclose($handle); $chmod && @chmod($filename,0777); } function Update_ol(){ global $runfc,$db_online; if ($runfc == 'Y') { if ($db_online) { Sql_ol(); } else { Txt_ol(); } $runfc = 'N'; } } function Txt_ol(){ global $ol_offset,$winduid,$db_ipstates,$isModify; require_once(R_P.'require/userglobal.php'); if ($winduid>0) { list($alt_offset,$isModify) = addonlinefile($ol_offset,$winduid); } else { list($alt_offset,$isModify) = addguestfile($ol_offset); } $alt_offset!=$ol_offset && Cookie('ol_offset',$alt_offset); if ($db_ipstates && ((!GetCookie('ipstate') && $isModify===1) || (GetCookie('ipstate') && GetCookie('ipstate')<$GLOBALS['tdtime']))) { require_once(R_P.'require/ipstates.php'); } } function Sql_ol(){ global $db,$fid,$tid,$timestamp,$windid,$winduid,$onlineip,$groupid,$wind_in,$db_onlinetime,$db_ipstates; $olid = (int)GetCookie('olid'); $ifhide = GetCookie('hideid') ? 1 : 0; $isModify = 0; PwNewDB(); if ($olid) { $sqladd = $winduid ? "(uid='$winduid' OR olid='$olid' AND uid=0 AND ip='$onlineip')" : "olid='$olid' AND ip='$onlineip'"; $db->update("UPDATE pw_online SET username='$windid',lastvisit='$timestamp',fid='$fid',tid='$tid',groupid='$groupid',action='$wind_in',ifhide='$ifhide',uid='$winduid',ip='$onlineip' WHERE $sqladd"); if ($winduid && $db->affected_rows() > 1) { $db->update("DELETE FROM pw_online WHERE uid='$winduid' AND olid!='$olid'"); } } elseif (!$_COOKIE) { $db->update("UPDATE pw_online SET username='$windid',lastvisit='$timestamp',fid='$fid',tid='$tid',groupid='$groupid',action='$wind_in',ifhide='$ifhide',uid='$winduid' WHERE ip='$onlineip'"); } if (!$olid && $_COOKIE || $db->affected_rows()==0) { $db->update("DELETE FROM pw_online WHERE uid!=0 AND uid='$winduid' OR lastvisit<($timestamp-$db_onlinetime)"); $rt = $db->get_one("SELECT MAX(olid) FROM pw_online",MYSQL_NUM); $olid = $rt[0]+1; $db->update("REPLACE INTO pw_online (olid,username,lastvisit,ip,fid,tid,groupid,action,ifhide,uid) VALUES ('$olid','$windid','$timestamp','$onlineip','$fid','$tid','$groupid','$wind_in','$ifhide','$winduid')"); Cookie('olid',$olid); $isModify = 1; } if ($db_ipstates && ((!GetCookie('ipstate') && $isModify===1) || (GetCookie('ipstate') && GetCookie('ipstate')<$GLOBALS['tdtime']))) { require_once(R_P.'require/ipstates.php'); } } function footer(){ global $db,$db_obstart,$db_footertime,$db_htmifopen,$P_S_T,$mtablewidth,$db_ceoconnect,$wind_version,$imgpath,$stylepath,$footer_ad,$db_union,$timestamp,$db_icp,$db_icpurl,$advertdb,$groupid,$SCR,$ceversion,$db_ystats_ifopen,$db_ystats_unit_id,$db_ystats_style,$db_redundancy; defined('AJAX') && ajax_footer(); Update_ol(); $wind_spend = ''; $ft_gzip = ($db_obstart ? 'Gzip enabled' : 'Gzip disabled').$db_union[3]; if ($db_footertime == 1){ $t_array = explode(' ',microtime()); $totaltime = number_format(($t_array[0]+$t_array[1]-$P_S_T),6); $qn = $db ? $db->query_num : 0; $wind_spend = "Total $totaltime(s) query $qn,"; } $ft_time = get_date($timestamp,'m-d H:i'); $db_icp && $db_icp = "<a href=\"http://www.miibeian.gov.cn\" target=\"_blank\">$db_icp</a>"; require PrintEot('footer'); if ($advertdb['float'] || $advertdb['popup'] || $advertdb['leftfloat'] || $advertdb['rightfloat']) { require PrintEot('advert'); } $output = ob_get_contents(); if ($db_htmifopen) { $output = preg_replace( "/\<a(\s*[^\>]+\s*)href\=([\"|\']?)([^\"\'>\s]+\.php\?[^\"\'>\s]+)[\"|\']?/ies", "Htm_cv('\\3','<a\\1href=\"')", $output ); } if ($db_redundancy && $SCR != 'post') { $output = str_replace( array("\r","\n\n","\n\t","\n ",">\n","\n<","}\n","{\n",";\n","/\n","\t ",">\t","\t<","}\t","{\t",";\t","/\t",' ','<!--<!---->','<!---->',substr(R_P,0,-1)), array('',"\n",' ',' ','>','<','}','{',';','/',' ','>','<','}','{',';','/',' ','','',''), $output ); } else { $output = str_replace(array('<!--<!---->','<!---->',substr(R_P,0,-1)),'',$output); } if ($SCR != 'post') { $output .= "<script language=\"JavaScript\" src=\"http://init.phpwind.com/init.php?sitehash={$GLOBALS[db_sitehash]}&v=$wind_version&c=$ceversion\"></script>"; } if ($groupid == 'guest' && !defined('MSG') && GetGcache()) { require_once(R_P.'require/guestfunc.php'); creatguestcache($output); } echo ObContents($output); unset($output); exit; } function Htm_cv($url,$tag){ global $db_dir,$db_ext; if (!preg_match('/^(http|ftp|telnet|mms|rtsp)|admin.php|rss.php/i',$url)) { $tmppos = strpos($url,'#'); $add = $tmppos!==false ? substr($url,$tmppos) : ''; $url = str_replace( array('.php?','=','&',$add), array($db_dir,'-','-',''), $url ).$db_ext.$add; } return stripslashes($tag)."$url\""; } function User_info(){ global $db,$timestamp,$db_onlinetime,$winduid,$windpwd,$safecv,$db_ifonlinetime,$c_oltime,$onlineip,$db_ipcheck,$tdtime,$montime,$db_ifsafecv,$db_ifsort; $ct = $sqladd = $sqltab = ''; PwNewDB(); if (in_array(SCR,array('index','read','thread','post'))) { $sqladd = SCR=='post' ? ",md.postcheck,sr.visit,sr.post,sr.reply" : ",sr.visit"; $sqltab = "LEFT JOIN pw_singleright sr ON m.uid=sr.uid"; } $detail = $db->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.email,oicq,m.groupid,m.memberid,m.groups,m.icon,m.regdate,m.honor,m.timedf,m.style,m.datefm,m.t_num,m.p_num,m.yz,m.newpm,m.newrp,m.showsign,m.payemail,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.thisvisit,md.onlinetime,md.lastpost,md.todaypost,md.monthpost,md.onlineip,md.uploadtime,md.uploadnum,md.editor,md.starttime $sqladd FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid $sqltab WHERE m.uid='$winduid'"); $loginout = 'N'; if ($db_ipcheck && strpos($detail['onlineip'],$onlineip)===false) { $iparray = explode('.',$onlineip); strpos($detail['onlineip'],"$iparray[0].$iparray[1]")===false && $loginout = 'Y'; } if (!$detail || PwdCode($detail['password'])!=$windpwd || $db_ifsafecv && $safecv!=$detail['safecv'] || $loginout=='Y') { unset($detail); $GLOBALS['groupid'] = 'guest'; require_once(R_P.'require/checkpass.php'); Loginout(); Showmsg('ip_change'); } else { unset($detail['password']); //Start Here会员排行榜 if($db_ifsort&1 && $timestamp-$detail['lastvisit']>1800){ require_once(R_P.'require/sort.php'); sort_member($detail); } //End Here if ($timestamp-$detail['lastvisit']>$db_onlinetime || $timestamp-$detail['lastvisit']>3600) { if (!GetCookie('hideid')) { $ct = "lastvisit='$timestamp',thisvisit='$timestamp'"; $detail['lastvisit'] = $detail['thisvisit'] = $timestamp; } if ($db_ifonlinetime && $ct && $c_oltime > 0) { $c_oltime > $db_onlinetime*1.2 && $c_oltime = $db_onlinetime; $ct .= ",onlinetime=onlinetime+'$c_oltime'"; if ($detail['lastvisit']>$montime) { $ct .= ",monoltime = monoltime+'$c_oltime'"; } else { $ct .= ",monoltime='$c_oltime'"; } $c_oltime = 0; } $ct && $db->update("UPDATE pw_memberdata SET $ct WHERE uid='$winduid'"); } } return $detail; } function PwdCode($pwd){ return md5($_SERVER["HTTP_USER_AGENT"].$pwd.$GLOBALS['db_hash']); } function SafeCheck($CK,$PwdCode,$var='AdminUser',$expire=1800){ global $timestamp; if ($timestamp-$CK[0]>$expire || $CK[2]!=md5($PwdCode.$CK[0])) { Cookie($var,'',0); return false; } $CK[0] = $timestamp; $CK[2] = md5($PwdCode.$CK[0]); Cookie($var,StrCode(implode("\t",$CK))); return true; } function StrCode($string,$action='ENCODE'){ $action != 'ENCODE' && $string = base64_decode($string); $code = ''; $key = substr(md5($_SERVER['HTTP_USER_AGENT'].$GLOBALS['db_hash']),8,18); $keylen = strlen($key); $strlen = strlen($string); for ($i=0;$i<$strlen;$i++) { $k = $i % $keylen; $code .= $string[$i] ^ $key[$k]; } return ($action!='DECODE' ? base64_encode($code) : $code); } function substrs($content,$length,$add='Y'){ if ($length && strlen($content)>$length) { global $db_charset; if ($db_charset!='utf-8') { $retstr = ''; for ($i=0;$i<$length-2;$i++) { $retstr .= ord($content[$i]) > 127 ? $content[$i].$content[++$i] : $content[$i]; } return $retstr.($add=='Y' ? ' ..' : ''); } return utf8_trim(substr($content,0,$length)).($add=='Y' ? ' ..' : ''); } return $content; } function utf8_trim($str) { $hex = ''; $len = strlen($str)-1; for ($i=$len;$i>=0;$i-=1) { $ch = ord($str[$i]); $hex .= " $ch"; if (($ch & 128)==0 || ($ch & 192)==192) { return substr($str,0,$i); } } return $str.$hex; } function get_date($timestamp,$timeformat=null){ global $db_datefm,$db_timedf,$_datefm,$_timedf; if (empty($timeformat)) { $timeformat = $_datefm ? $_datefm : $db_datefm; } if ($_timedf && $_timedf!='111') { return gmdate($timeformat,$timestamp+$_timedf*3600); } elseif ($db_timedf && $db_timedf!='111') { return gmdate($timeformat,$timestamp+$db_timedf*3600); } return gmdate($timeformat,$timestamp); } function Add_S(&$array){ if (is_array($array)) { foreach ($array as $key => $value) { if (!is_array($value)) { $array[$key] = addslashes($value); } else { Add_S($array[$key]); } } } } function GdConfirm($code){ Cookie('cknum','',0); if (!$code || !SafeCheck(explode("\t",StrCode(GetCookie('cknum'),'DECODE')),strtoupper($code),'cknum',1800)) { Showmsg('check_error'); } } function Qcheck($answer,$qkey){ global $db_question,$db_answer; if ($db_question && (!isset($db_answer[$qkey]) || $answer!=$db_answer[$qkey])) { Showmsg('qcheck_error'); } } function AdvertInit($SCR,$fid){ global $timestamp,$db_advertdb,$db_txtadnum; !(int)$db_txtadnum && $db_txtadnum=4; $newadvert = array(); foreach ($db_advertdb as $key => $value) { foreach ($value as $v) { if ($v['endtime']>=$timestamp) { if ($SCR=='index' && strpos(",$v[fid],",",-1,")!==false) { $newadvert[$key][] = $v; } elseif ($SCR=='thread' && strpos(",$v[fid],",",-2,")!==false) { $newadvert[$key][] = $v; } elseif ($SCR=='read' && strpos(",$v[fid],",",-3,")!==false) { $newadvert[$key][] = $v; } elseif (strpos(",$v[fid],",",-4,")!==false) { $newadvert[$key][] = $v; } elseif ($fid && strpos(",$v[fid],",",$fid,")!==false) { $newadvert[$key][] = $v; } } } } return $newadvert; } function readad($ads,$lou,$p){ if (!$ads || !is_array($ads) || !$lou) return false; shuffle($ads); foreach ($ads as $value) { if ($value['position']==$p && (strpos(",$value[lou],",',-1,')!==false || strpos(",$value[lou],",",$lou,")!==false)) { return $value['code']; } } return false; } function admincheck($forumadmin,$fupadmin,$username){ if (!$username) { return false; } if ($forumadmin && strpos($forumadmin,",$username,")!==false) { return true; } if ($fupadmin && strpos($fupadmin,",$username,")!==false) { return true; } return false; } function getdirname($path=null){ if (!empty($path)) { if (strpos($path,'\\')!==false) { return substr($path,0,strrpos($path,'\\')).'/'; } elseif (strpos($path,'/')!==false) { return substr($path,0,strrpos($path,'/')).'/'; } } return './'; } function allowcheck($allowgroup,$groupid,$groups,$fid='',$allowforum=''){ if ($allowgroup && strpos($allowgroup,",$groupid,")!==false) { return true; } if ($allowgroup && $groups) { $groupids = explode(',',substr($groups,1,-1)); foreach ($groupids as $value) { if (strpos($allowgroup,",$value,")!==false) { return true; } } } if ($fid && $allowforum && strpos(",$allowforum,",",$fid,")!==false) { return true; } return false; } function geturl($attachurl,$type=null){ global $attachdir,$attachpath,$db_ftpweb,$attach_url; if (file_exists("$attachdir/$attachurl")) { return array("$attachpath/$attachurl",'Local'); } if ($db_ftpweb && !$attach_url || $type=='lf') { return array($db_ftpweb.'/'.$attachurl,'Ftp'); } if (!$db_ftpweb && !is_array($attach_url)) { return array($attach_url.'/'.$attachurl,'att'); } if (!$db_ftpweb && count($attach_url)==1) { return array($attach_url[0].'/'.$attachurl,'att'); } if ($type=='show') { return ($db_ftpweb || $attach_url) ? 'imgurl' : 'nopic'; } if ($db_ftpweb && @$fp=fopen($db_ftpweb.'/'.$attachurl,'rb')) { @fclose($fp); return array($db_ftpweb.'/'.$attachurl,'Ftp'); } if (!empty($attach_url)) { foreach ($attach_url as $value) { if ($value!=$db_ftpweb && ($fp=@fopen($value.'/'.$attachurl,'rb'))) { @fclose($fp); return array($value.'/'.$attachurl,'att'); } } } return false; } function randstr($lenth){ mt_srand((double)microtime() * 1000000); for ($i=0;$i<$lenth;$i++) { $randval .= mt_rand(0,9); } $randval = substr(md5($randval),mt_rand(0,32-$lenth),$lenth); return $randval; } function num_rand($lenth){ mt_srand((double)microtime() * 1000000); for ($i=0;$i<$lenth;$i++) { $randval .= mt_rand(0,9); } return $randval; } function PwStrtoTime($time){ global $db_timedf; return function_exists('date_default_timezone_set') ? strtotime($time) - $db_timedf*3600 : strtotime($time); } function Pcv($filename,$ifcheck=1){ $tmpname = strtolower($filename); if (strpos($tmpname,'http://')!==false || ($ifcheck && strpos($tmpname,'..')!==false)) { exit('Forbidden'); } return $filename; } function GetTtable($tid){ global $db_tlist; if ($db_tlist) { $tlistdb = unserialize($db_tlist); foreach ($tlistdb as $key => $value) { if ($key>0 && $tid>$value) { return 'pw_tmsgs'.(int)$key; } } } return 'pw_tmsgs'; } function GetPtable($tbid,$tid=null){ if ($GLOBALS['db_plist']) { if ($tbid=='N' && !empty($tid)) { $tbid = $GLOBALS['db']->get_one("SELECT ptable FROM pw_threads WHERE tid='$tid'",MYSQL_NUM); $tbid = $tbid[0]; } if ((int)$tbid>0 && strpos(",{$GLOBALS[db_plist]},",",$tbid,")!==false) { return 'pw_posts'.$tbid; } } return 'pw_posts'; } function InitGP($keys,$method=null,$cv=null){ //Copyright (c) 2003-08 PHPWind !is_array($keys) && $keys = array($keys); foreach ($keys as $value) { $GLOBALS[$value] = NULL; if ($method!='P' && isset($_GET[$value])) { $GLOBALS[$value] = $_GET[$value]; } elseif ($method!='G' && isset($_POST[$value])) { $GLOBALS[$value] = $_POST[$value]; } isset($GLOBALS[$value]) && !empty($cv) && $GLOBALS[$value] = value_cv($GLOBALS[$value],$cv); } } function GetGP($key,$method=null){ //Copyright (c) 2003-08 PHPWind if ($method=='G' || $method!='P' && isset($_GET[$key])) { return $_GET[$key]; } return $_POST[$key]; } function value_cv($value,$cv=null){ if (empty($cv)) { return $value; } elseif ($cv=='int') { return (int)$value; } elseif ($cv=='array') { return is_array($value) ? $value : ''; } return Char_cv($value); } function Char_cv($msg,$isurl=null){ $msg = preg_replace('/[\\x00-\\x08\\x0B\\x0C\\x0E-\\x1F]/','',$msg); $msg = str_replace(array("\0","%00","\r"),'',$msg); empty($isurl) && $msg = preg_replace("/&(?!(#[0-9]+|[a-z]+);)/si",'&',$msg); $msg = str_replace(array("%3C",'<'),'<',$msg); $msg = str_replace(array("%3E",'>'),'>',$msg); $msg = str_replace(array('"',"'","\t",' '),array('"',''',' ',' '),$msg); return $msg; } function Sql_cv($var){ global $db; $db->update("INSERT INTO pw_sqlcv(var) VALUES ('$var')",0); $id = $db->insert_id(); $rt = $db->get_one("SELECT var FROM pw_sqlcv WHERE id='$id'"); $db->update("DELETE FROM pw_sqlcv WHERE id='$id'"); return $rt['var']; } function ObContents($output){ //Copyright (c) 2003-08 PHPWind ob_end_clean(); if (!headers_sent() && $GLOBALS['db_obstart'] && $_SERVER['HTTP_ACCEPT_ENCODING'] && N_output_zip()!='ob_gzhandler') { $encoding = ''; if (strpos(' '.$_SERVER['HTTP_ACCEPT_ENCODING'],'gzip') !== false) { $encoding = 'gzip'; } elseif (strpos(' '.$_SERVER['HTTP_ACCEPT_ENCODING'],'x-gzip') !== false) { $encoding = 'x-gzip'; } if ($encoding && function_exists('crc32') && function_exists('gzcompress')) { header('Content-Encoding: '.$encoding); $outputlen = strlen($output); $outputzip = "\x1f\x8b\x08\x00\x00\x00\x00\x00"; $outputzip .= substr(gzcompress($output,$GLOBALS['db_obstart']),0,-4); $outputzip .= @pack('V',crc32($output)); $output = $outputzip.@pack('V',$outputlen); } else { ObStart(); } } else { ObStart(); } return $output; } function ObStart(){ //Copyright (c) 2003-08 PHPWind ObGetMode() == 1 ? ob_start('ob_gzhandler') : ob_start(); } function ObGetMode(){ //Copyright (c) 2003-08 PHPWind static $mode = null; if ($mode!==null) { return $mode; } $mode = 0; if ($GLOBALS['db_obstart'] && function_exists('ob_gzhandler') && N_output_zip()!='ob_gzhandler' && (!function_exists('ob_get_level') || ob_get_level()<1)) { $mode = 1; } return $mode; } function N_flush(){ //Copyright (c) 2003-08 PHPWind if (N_output_zip() == 'ob_gzhandler') { return; } if (php_sapi_name() != 'apache2handler' && php_sapi_name() != 'apache2filter') { flush(); } if (function_exists('ob_get_status') && ob_get_status() && function_exists('ob_flush') && !ObGetMode($GLOBALS['db_obstart'])) { @ob_flush(); } } function N_output_zip(){ //Copyright (c) 2003-08 PHPWind static $output_handler = null; if ($output_handler === null) { if (@ini_get('zlib.output_compression')) { $output_handler = 'ob_gzhandler'; } else { $output_handler = @ini_get('output_handler'); } } return $output_handler; } function GetGcache() { global $db_fguestnum,$db_tguestnum,$db_guestindex; $page = isset($GLOBALS['page']) ? $GLOBALS['page'] : (int)$_GET['page']; if (SCR=='thread' && $page<$db_fguestnum && !isset($_GET['type']) && !GetGP('search')) { return true; } elseif (SCR=='read' && $page<$db_tguestnum && !isset($_GET['uid'])) { return true; } elseif (SCR=='index' && $db_guestindex && !isset($_GET['cateid'])) { return true; } return false; } function PwVerifyUrl($verify){ global $winduid,$db_siteid,$db_pptifopen,$db_pptkey; $VerifyHash = $db_pptifopen ? $db_pptkey : $db_siteid; if($verify != substr(md5($winduid.$VerifyHash),0,8)){ Showmsg('illegal_request'); } return true; } function PwEncodeUrl($url){ global $winduid,$db_siteid,$db_pptifopen,$db_pptkey; $VerifyHash = $db_pptifopen ? $db_pptkey : $db_siteid; $posthash = substr(md5($winduid.$VerifyHash),0,8); $url .= "&verify=$posthash"; return $url; } function PwNewDB(){ if (!is_object($GLOBALS['db'])) { global $db,$database,$dbhost,$dbuser,$dbpw,$dbname,$pconnect; require_once Pcv(R_P."require/db_$database.php"); $db = new DB($dbhost,$dbuser,$dbpw,$dbname,$pconnect); } } function CkInArray($needle,$haystack){ if (!$needle || empty($haystack) || !in_array($needle,$haystack)) { return false; } return true; } function pw_var_export($input,$t = null){ $output = ''; if (is_array($input)) { $output .= "array(\r\n"; foreach ($input as $key => $value) { $output .= $t."\t".pw_var_export($key,$t."\t").' => '.pw_var_export($value,$t."\t"); $output .= ",\r\n"; } $output .= $t.')'; } elseif (is_string($input)) { $output .= "'".str_replace(array("\\","'"),array("\\\\","\'"),$input)."'"; } elseif (is_int($input) || is_double($input)) { $output .= "'".(string)$input."'"; } elseif (is_bool($input)) { $output .= $input ? 'true' : 'false'; } else { $output .= 'NULL'; } return $output; } function Pwloaddl($mod,$ckfunc='mysqli_get_client_info') { return extension_loaded($mod) && $ckfunc && function_exists($ckfunc) ? true : false; } ?>