www.gusucode.com > HadSky PHP轻论坛系统源码 v2.4.2源码程序 > ytqlt_v2.4.2.0701/phpscript/post.php
<?php
if (!defined('puyuetian'))
exit('Not Found puyuetian!Please contact QQ632827168');
/*
* 用户权限说明:
* 多个,分开 post:发表文章 reply:发表回复 admin:帖子管理员
*/
if ($_G['USER']['ID'] == 2 && !chkUserQx($_G['USER']['QUANXIAN'], 'read') && !chkUserQx($_G['USER']['QUANXIAN'], 'reply')) {
header("Location:index.php?c=login&referer=" . urlencode("index.php?c=read&id={$_GET['rid']}&replycontent=" . urlencode($_POST['content']) . "#reply"));
exit();
}
//===============================新用户见习时长判断============================
if (time() - Cnum(ArrayData($_G['USER']['DATA'], 'regtime')) < (Cnum($_G['SET']['NEWUSERPOSTWAITTIME']) * 60)) {
header('Location:index.php?c=error&id=104&message=暂无法发帖,新用户见习期时长' . Cnum($_G['SET']['NEWUSERPOSTWAITTIME']) . '分钟&gourl=index.php');
exit('Please back');
}
//===================================防水机制==============================
//获取当前用户最后一次发帖时间
$lptime = Cnum(ArrayData($_G['USER']['DATA'], 'lastposttime'));
//初始化写入数据
$pi = Cnum($_G['SET']['POSTINGTIMEINTERVAL'], 30);
if (time() - $lptime > $pi) {
//间隔合法,记录最后一次发帖时间
$array = array();
$array['id'] = $_G['USER']['ID'];
$array['data'] = ArrayData($_G['USER']['DATA'], 'lastposttime', time());
$_G['TABLE']['USER'] -> newData($array);
unset($array);
//============================验证码机制==================================
if ($verifycode == $_SESSION['VERIFYCODE_POST'] || !$_G['SET']['OPENVERIFYCODE'] || chkUserQx($_G['USER']['QUANXIAN'], 'noverifycode')) {
$_SESSION['VERIFYCODE_POST'] = '';
//============================检测权限==================================
if ($type == 'read' && !chkUserQx($_G['USER']['QUANXIAN'], 'read')) {
$_G['HTMLCODE']['TIP'] = '抱歉,您的用户无权发帖,请联系管理员。';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
} elseif ($type == 'reply' && !chkUserQx($_G['USER']['QUANXIAN'], 'reply')) {
$_G['HTMLCODE']['TIP'] = '抱歉,您的用户无权回复,请联系管理员。';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
} else {
//=======================获取和初始化发布数据==========================
isset($_POST['title']) ? $title = trim(htmlspecialchars($_POST['title'])) : $title = '';
isset($_POST['content']) ? $content = trim($_POST['content']) : $content = '';
isset($_POST['readlevel']) ? $readlevel = Cnum($_POST['readlevel']) : $readlevel = 0;
isset($_GET['rid']) ? $rid = Cnum($_GET['rid']) : $rid = 0;
if ($sortid == '')
$sortid = 0;
if (Cnum($_G['USER']['READLEVEL']) < $readlevel)
$readlevel = Cnum($_G['USER']['READLEVEL']);
$replyafterlook = Cnum($_POST['replyafterlook']);
$top = $high = 0;
if (chkUserQx($_G['USER']['QUANXIAN'], 'admin')) {
//管理置顶,精华
$top = Cnum($_POST['top']);
$high = Cnum($_POST['high']);
}
$array = $uarray = array();
$posttime = time();
$uarray['id'] = $_G['USER']['ID'];
switch ($type) {
//==============================发布新文章==================
case 'read' :
//======================版权发帖权限检测======================
if (isset($_POST['sortid'])) {
$sortid = Cnum($_POST['sortid']);
if ($sortid) {
$__sortdata = $_G['TABLE']['READSORT'] -> getData($sortid);
if ($_G['USER']['READLEVEL'] < $__sortdata['postlevel']) {
$banpost = TRUE;
}
}
}
if ($banpost) {
$_G['HTMLCODE']['TIP'] = '发表失败!您的阅读权限未达到要求值';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
//===============帖子大小检测===================================
} elseif (strlen($title) < Cnum($_G['SET']['READTITLEMIN'], 3) || strlen($title) > Cnum($_G['SET']['READTITLEMAX'], 255) || strlen($content) < Cnum($_G['SET']['READCONTENTMIN'], 10) || strlen($content) > Cnum($_G['SET']['READCONTENTMAX'], 25000)) {
$_G['HTMLCODE']['TIP'] = '发表失败!发帖要求:标题字节范围' . Cnum($_G['SET']['READTITLEMIN'], 3) . '-' . Cnum($_G['SET']['READTITLEMAX'], 255) . ',内容字节范围' . Cnum($_G['SET']['READCONTENTMIN'], 10) . '-' . Cnum($_G['SET']['READCONTENTMAX'], 25000) . '。';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
} else {
$array['title'] = $title;
$array['content'] = $content;
$array['readlevel'] = $readlevel;
$array['sortid'] = $sortid;
$array['replyafterlook'] = $replyafterlook;
$array['top'] = $top;
$array['high'] = $high;
if ($id) {
//==============================编辑文章===============
$chka = $_G['TABLE']['READ'] -> getData($id);
if (chkUserQx($_G['USER']['QUANXIAN'], 'superman') || chkUserQx($_G['USER']['QUANXIAN'], 'admin') || ($chka['uid'] == $_G['USER']['ID'] && $_G['USER']['ID'] != 2)) {
$array['id'] = $id;
$_G['TABLE']['READ'] -> newData($array);
$newid = $id;
header("Location:index.php?c=read&id={$newid}");
} else {
$_G['HTMLCODE']['TIP'] = '编辑失败!您无权对此文章操作。';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
}
} else {
//============================新文章====================
if (($_G['SET']['POSTAUDIT'] || chkUserQx($_G['USER']['QUANXIAN'], 'postaudit')) && !chkUserQx($_G['USER']['QUANXIAN'], 'nopostaudit')) {
//发帖需要验证
$array['del'] = 2;
}
$array['uid'] = $_G['USER']['ID'];
$array['posttime'] = $posttime;
$array['postip'] = $_G['SYSTEM']['CLIENTIP'];
$_G['TABLE']['READ'] -> newData($array);
$newid = $_G['TABLE']['READ'] -> getNewId();
//写入上传信息**********************************************
//上传的图片信息
if (preg_match_all('#<img alt="帖内图片" title="点击查看大图" src="uploadfiles/' . $_G['USER']['ID'] . '/([a-z0-9\.]+)" />#', $content, $match)) {
foreach ($match as $key => $value) {
if ($key == 1) {
foreach ($value as $value2) {
$getuploadid = $_G['TABLE']['UPLOAD'] -> getId("filename", $value2);
if ($getuploadid) {
$uploadarray['id'] = $getuploadid;
$uploadarray['rid'] = $newid;
$_G['TABLE']['UPLOAD'] -> newData($uploadarray);
}
}
}
}
}
//=====================上传的文件信息====================
if (preg_match_all('#<a class="downloada" target="_blank" href="index.php\?c=download\&\;uid=' . $_G['USER']['ID'] . '\&\;id=([0-9]+)\&\;#', $content, $match)) {
foreach ($match as $key => $value) {
if ($key == 1) {
foreach ($value as $value2) {
$getuploadid = $_G['TABLE']['UPLOAD'] -> getId("uploadtime", $value2);
if ($getuploadid) {
$uploadarray['id'] = $getuploadid;
$uploadarray['rid'] = $newid;
$_G['TABLE']['UPLOAD'] -> newData($uploadarray);
}
}
}
}
}
//********************************************************
//=================用户积分变动============================
UserDataChange(array("jifen" => Cnum($_G['SET']['POSTREADJIFEN']), "tiandou" => Cnum($_G['SET']['POSTREADTIANDOU'])));
if ($array['del'] == 2) {
$_G['HTMLCODE']['TIP'] = '发表成功!请等待审核通过。';
$_G['HTMLCODE']['TIPJS'] = "location.href='index.php?c=list'";
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
} else {
header("Location:index.php?c=read&id={$newid}");
}
}
}
break;
//==================================发布新回复==========================
case 'reply' :
if (strlen($content) < Cnum($_G['SET']['REPLYCONTENTMIN'], 1) || strlen($content) > Cnum($_G['SET']['REPLYCONTENTMAX'], 25000)) {
$_G['HTMLCODE']['TIP'] = '发表失败!回复要求:内容字节范围' . Cnum($_G['SET']['REPLYCONTENTMIN'], 1) . '-' . Cnum($_G['SET']['REPLYCONTENTMAX'], 25000) . '。';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
} else {
$RA = $_G['TABLE']['READ'] -> getData($rid);
if ($RA) {
$array['content'] = $content;
if ($RA['sortid']) {
$__sortdata = $_G['TABLE']['READSORT'] -> getData($RA['sortid']);
if ($_G['USER']['READLEVEL'] < $__sortdata['replylevel']) {
$banreply = TRUE;
}
}
if ($banreply) {
$_G['HTMLCODE']['TIP'] = '回复失败!您的阅读权限未达到要求值';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
} elseif ($id) {
//编辑回复
$chka = $_G['TABLE']['REPLY'] -> getData($id);
if (chkUserQx($_G['USER']['QUANXIAN'], 'admin') || ($chka['uid'] == $_G['USER']['ID'] && $_G['USER']['ID'] != 2)) {
$array['id'] = $id;
$_G['TABLE']['REPLY'] -> newData($array);
$newreplyid = $id;
header("Location:index.php?c=read&id=$rid&sortid=$sortid&page=999999#reply{$newreplyid}");
} else {
$_G['HTMLCODE']['TIP'] = '编辑失败!您无权对此回复操作。';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
}
} else {
//===================新回复=========================
if (($_G['SET']['POSTAUDIT'] || chkUserQx($_G['USER']['QUANXIAN'], 'postaudit')) && !chkUserQx($_G['USER']['QUANXIAN'], 'nopostaudit')) {
//发帖需要验证
$array['del'] = 2;
}
$rid = $RA['id'];
$array['rid'] = $rid;
$array['uid'] = $_G['USER']['ID'];
$array['posttime'] = $posttime;
$array['postip'] = $_G['SYSTEM']['CLIENTIP'];
$_G['TABLE']['REPLY'] -> newData($array);
$newreplyid = $_G['TABLE']['REPLY'] -> getNewId();
//最新回复写入对应文章下
$_array['id'] = $rid;
$_array['replyuid'] = $_G['USER']['ID'];
$_array['replytime'] = $posttime;
$array['del'] == 2 ? $_array['replycontent'] = '[需审核回复]' : $_array['replycontent'] = $content;
$_array['replyip'] = $_G['SYSTEM']['CLIENTIP'];
$_G['TABLE']['READ'] -> newData($_array);
//用户积分变动
UserDataChange(array("jifen" => Cnum($_G['SET']['POSTREPLYJIFEN']), "tiandou" => Cnum($_G['SET']['POSTREPLYTIANDOU'])));
//通知相关用户
//通知文章作者
$rua = $_G['TABLE']['READ'] -> getData($rid);
//文章信息
$uid = $rua['uid'];
if ($_G['USER']['ID'] != 2) {
$uhref = "index.php?c=user&id={$_G['USER']['ID']}";
$a = "{$_G['USER']['USERNAME']}";
} else {
$uhref = "javascript:";
$a = "论坛游客";
}
$rhref = "index.php?c=read&id={$rid}";
$mcontent = "<a class='message_a_user' target='_blank' href='{$uhref}'>{$a}</a>回复了你的文章“<a class='message_a_readtitle' target='_blank' href='{$rhref}'>" . htmlspecialchars(BBcode($rua['title'], '')) . "</a>”,快去看看吧~";
//. htmlspecialchars($content);
NewMessage($uid, $mcontent, 1, 2);
//若为回复回复,则通知@id
if (substr($content, 0, 6) == '<!--@(') {
$epos = strpos($content, ')-->');
if ($epos) {
$uid = substr($content, 6, $epos - 6);
if (Cnum($uid) && $uid != 2) {
$mcontent = "<a class='message_a_user' target='_blank' href='{$uhref}'>{$a}</a>在文章“<a class='message_a_readtitle' target='_blank' href='{$rhref}'>" . htmlspecialchars(BBcode($rua['title'], '')) . "</a>”中回复了你的回复,快去看看吧~";
// . htmlspecialchars($content);
NewMessage($uid, $mcontent, 1, 2);
}
}
}
//邮件通知相关用户
if (function_exists("sendmail") && $uid != 2) {
$udata = $_G['TABLE']['USER'] -> getData($uid);
if (filter_var($udata['mail'], FILTER_VALIDATE_EMAIL)) {
$mailcontent = "
{$a}在文章“<a target='_blank' href='http://{$_G['SYSTEM']['DOMAIN']}/{$rhref}'>" . htmlspecialchars(BBcode($rua['title'], '')) . "</a>”中回复了您,快<a target='_blank' href='http://{$_G['SYSTEM']['DOMAIN']}/index.php?c=login'>登录</a>去看看吧~
";
sendmail($udata['mail'], "您收到了新回复 - {$_G['SET']['LOGOTEXT']}", $mailcontent);
}
}
if ($array['del'] == 2) {
$_G['HTMLCODE']['TIP'] = '回复成功,请等待审核通过。';
$_G['HTMLCODE']['TIPJS'] = "location.href='index.php?c=read&id={$rid}'";
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
} else {
header("Location:index.php?c=read&id={$rid}&sortid={$sortid}&page=999999#reply{$newreplyid}");
}
}
} else {
$_G['HTMLCODE']['TIP'] = '发表失败!对不存在的帖子回复。';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
}
}
break;
//错误的参数
default :
$_G['HTMLCODE']['TIP'] = '非法的GET参数。';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
break;
}
}
} else {
$_SESSION['VERIFYCODE_POST'] = '';
$_G['HTMLCODE']['TIP'] = '验证码错误!';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
}
} else {
//不合法
$_G['HTMLCODE']['TIP'] = '您的手速太快了,请等待 <span id="s" style="font-weight:bold;color:red">' . ($pi - (time() - $lptime)) . '</span> 秒后再操作~
<script>
var s = document.getElementById("s");
setInterval(function() {
if (s.innerHTML == 0) {
history.back();
} else {
s.innerHTML -= 1;
}
}, 1000);
</script>';
$_G['HTMLCODE']['OUTPUT'] = template('tip', true);
}