www.gusucode.com > ShopEx481 & PHPWind 整合版码程序 > bbs/show.php
<?php
require_once('global.php');
require_once(R_P.'require/header.php');
require_once(R_P.'require/forum.php');
include_once(D_P.'data/bbscache/forumcache.php');
include_once(D_P.'data/bbscache/forum_cache.php');
!$_G['show'] && Showmsg('groupright_show');
$db_showperpage = 16;
InitGP(array('pwuser','uid','action','type','page','aid'));
$fidoff= array();
$query = $db->query("SELECT f.fid,f.allowvisit,f.password,f.f_type,fe.forumset FROM pw_forums f LEFT JOIN pw_forumsextra fe ON fe.fid=f.fid WHERE f.type<>'category'");
while ($rt = $db->fetch_array($query)) {
$forumset = $rt['forumset'] ? unserialize($rt['forumset']) : '';
if ($rt['f_type']=='hidden' || $rt['password'] || $forumset['forumsell'] || ($rt['allowvisit'] && strpos($rt['allowvisit'],",$groupid,") === false)) {
is_numeric($rt['fid']) && $fidoff[] = $rt['fid'];
}
}
$sqladd = "1";
if($pwuser || is_numeric($uid)){
if($pwuser){
$rt = $db->get_one("SELECT uid,username FROM pw_members WHERE username='$pwuser'");
} elseif(is_numeric($uid)){
$rt = $db->get_one("SELECT uid,username FROM pw_members WHERE uid='$uid'");
}
if(!$rt){
$errorname = Char_cv($pwuser);
Showmsg('user_not_exists');
} else{
$uid = $rt['uid'];
$owner = $rt['username'];
$sqladd .= " AND a.uid='$uid'";
}
}
if(is_numeric($fid) && $fid > 0){
if (in_array($fid,$fidoff)) {
Showmsg('forum_not_allow');
}
$sqladd .= " AND a.fid='$fid'";
$forumcache = str_replace("<option value=\"$fid\">","<option value=\"$fid\" selected>",$forumcache);
}
$type_1 = $type_2 = '';
if($type == 1){
$sqladd .= " AND a.type='img'";
$type_1 = "selected";
} elseif($type == 2){
$sqladd .= " AND a.type!='img'";
$type_2 = "selected";
}
if(!$action){
$url = "show.php?uid=$uid&fid=$fid&type=$type&";
(!is_numeric($page) || $page<1) && $page = 1;
$limit = "LIMIT ".($page-1)*$db_showperpage.",$db_showperpage";
$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_attachs a WHERE $sqladd");
$pages = numofpage($rt['sum'],$page,ceil($rt['sum']/$db_showperpage),$url);
$showdb= $ttable_a = $ptable_a = $read = $repost = array();
$pids = '';
$query = $db->query("SELECT a.aid,a.uid,a.attachurl,a.type,a.fid,a.tid,a.pid,a.name,a.needrvrc,a.descrip,a.ifthumb FROM pw_attachs a WHERE $sqladd ORDER BY aid DESC $limit");
while($rt = $db->fetch_array($query)){
$showdb[] = $rt;
if ($rt['pid']) {
$pids .= ','.$rt['pid'];
}
$ttable_a[GetTtable($rt['tid'])] .= ','.$rt['tid'];
}
foreach($ttable_a as $pw_tmsgs=>$value){
$value = substr($value,1);
if ($value) {
$query = $db->query("SELECT t.tid,t.fid,t.authorid,t.author as username,t.subject,t.ifcheck,t.ifshield,t.ptable,tm.content,tm.buy FROM pw_threads t LEFT JOIN $pw_tmsgs tm USING(tid) WHERE t.tid IN($value)");
while($rt = $db->fetch_array($query)){
$read[$rt['tid']] = $rt;
$ptable_a[$rt['ptable']] = 1;
}
}
}
$pids = substr($pids,1);
if ($pids) {
foreach($ptable_a as $ptable=>$value){
$pw_posts = GetPtable($ptable);
$query = $db->query("SELECT pid,tid,fid,authorid,author as username,subject,ifcheck,ifshield,content,buy FROM $pw_posts WHERE pid IN($pids)");
while($rt = $db->fetch_array($query)){
$repost[$rt['pid']] = $rt;
}
}
}
foreach ($showdb as $key => $rt) {
$flag = false;
if ($read[$rt['tid']]['fid']) {
$flag = true;
if ($rt['pid'] && $repost[$rt['pid']]) {
$rt = array_merge($rt,$repost[$rt['pid']]);
} else {
$rt = array_merge($rt,$read[$rt['tid']]);
}
if (empty($rt['fid']) || empty($rt['tid']) || in_array($rt['fid'],$fidoff) || $rt['ifshield']=='2'){
$flag = false;
}elseif($groupid!='3' && $groupid!='4'){
if(!$rt['ifcheck'] || $rt['ifshield']){
$flag = false;
}elseif($rt['authorid']==$winduid){
$flag = true;
}elseif($rt['needrvrc']>$userrvrc){
$flag = false;
}elseif(strpos($rt['content'],"[post]") !== false && strpos($rt['content'],"[/post]") !== false){
$flag = false;
}elseif(strpos($rt['content'],"[hide") !== false && strpos($rt['content'],"[/hide]") !== false){
preg_match("/\[hide=(.+?)\].+?\[\/hide\]/eis",$rt['content'],$rtu);
if($userrvrc < $rtu[1]){
$flag = false;
}
}elseif(strpos($rt['content'],"[sell") !== false && strpos($rt['content'],"[/sell]") !== false){
if(strpos(','.$rt['buy'],','.$windid)===false){
$flag = false;
}
}
}
}
if ($flag == false){
$rt['a_url'] = 'none';
} else {
$a_url = geturl($rt['attachurl'],'show');
$rt['a_url'] = is_array($a_url) ? $a_url[0] : $a_url;
$rt['ifthumb']==1 && $rt['a_url'] = str_replace($rt['attachurl'],'thumb/'.$rt['attachurl'],$rt['a_url']);
!$rt['descrip'] && $rt['descrip'] = substrs($rt['subject'],20);
}
!$rt['pid'] && $rt['pid'] = 'tpc';
$rt['fname'] = $forum[$rt['fid']]['name'];
$showdb[$key] = $rt;
}
require_once PrintEot('show');footer();
} else{
$pw_tmsgs = GetTtable($tid);
$rt=$db->get_one("SELECT a.aid,a.uid,a.attachurl,a.type,a.fid,a.tid,a.pid,a.name,a.needrvrc,a.descrip,t.subject,t.ifcheck,t.ifshield,tm.content,m.username FROM pw_attachs a LEFT JOIN pw_threads t ON t.tid=a.tid LEFT JOIN $pw_tmsgs tm ON tm.tid=a.tid LEFT JOIN pw_members m ON m.uid=a.uid WHERE a.aid='$aid' AND a.tid='$tid' AND a.fid!='0'");
if($rt){
$a_url = geturl($rt['attachurl'],'show');
$rt['a_url'] = is_array($a_url) ? $a_url[0] : $a_url;
if(in_array($rt['fid'],$fidoff) || $rt['ifshield']=='2' || $groupid!='3' && $groupid!='4' && ($rt['needrvrc']>$userrvrc || !$rt['ifcheck'] || $rt['ifshield'] || (strpos($rt['content'],"[post]") !== false && strpos($rt['content'],"[/post]") !== false) || (strpos($rt['content'],"[hide") !== false && strpos($rt['content'],"[/hide]") !== false) || (strpos($rt['content'],"[sell") !== false && strpos($rt['content'],"[/sell]") !== false))){
Showmsg('pic_not_exists');
}
} else{
Showmsg('pic_not_exists');
}
$uid = $rt['uid'];
$type = 1;
$owner= $rt['username'];
!$rt['pid'] && $rt['pid']='tpc';
!$rt['descrip'] && $rt['descrip'] = substrs($rt['subject'],20);
require_once PrintEot('show');footer();
}
?>