www.gusucode.com > HadSky PHP轻论坛系统源码 v2.4.2源码程序 > ytqlt_v2.4.2.0701/phpscript/post.php
<?php if (!defined('puyuetian')) exit('Not Found puyuetian!Please contact QQ632827168'); /* * 用户权限说明: * 多个,分开 post:发表文章 reply:发表回复 admin:帖子管理员 */ if ($_G['USER']['ID'] == 2 && !chkUserQx($_G['USER']['QUANXIAN'], 'read') && !chkUserQx($_G['USER']['QUANXIAN'], 'reply')) { header("Location:index.php?c=login&referer=" . urlencode("index.php?c=read&id={$_GET['rid']}&replycontent=" . urlencode($_POST['content']) . "#reply")); exit(); } //===============================新用户见习时长判断============================ if (time() - Cnum(ArrayData($_G['USER']['DATA'], 'regtime')) < (Cnum($_G['SET']['NEWUSERPOSTWAITTIME']) * 60)) { header('Location:index.php?c=error&id=104&message=暂无法发帖,新用户见习期时长' . Cnum($_G['SET']['NEWUSERPOSTWAITTIME']) . '分钟&gourl=index.php'); exit('Please back'); } //===================================防水机制============================== //获取当前用户最后一次发帖时间 $lptime = Cnum(ArrayData($_G['USER']['DATA'], 'lastposttime')); //初始化写入数据 $pi = Cnum($_G['SET']['POSTINGTIMEINTERVAL'], 30); if (time() - $lptime > $pi) { //间隔合法,记录最后一次发帖时间 $array = array(); $array['id'] = $_G['USER']['ID']; $array['data'] = ArrayData($_G['USER']['DATA'], 'lastposttime', time()); $_G['TABLE']['USER'] -> newData($array); unset($array); //============================验证码机制================================== if ($verifycode == $_SESSION['VERIFYCODE_POST'] || !$_G['SET']['OPENVERIFYCODE'] || chkUserQx($_G['USER']['QUANXIAN'], 'noverifycode')) { $_SESSION['VERIFYCODE_POST'] = ''; //============================检测权限================================== if ($type == 'read' && !chkUserQx($_G['USER']['QUANXIAN'], 'read')) { $_G['HTMLCODE']['TIP'] = '抱歉,您的用户无权发帖,请联系管理员。'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } elseif ($type == 'reply' && !chkUserQx($_G['USER']['QUANXIAN'], 'reply')) { $_G['HTMLCODE']['TIP'] = '抱歉,您的用户无权回复,请联系管理员。'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } else { //=======================获取和初始化发布数据========================== isset($_POST['title']) ? $title = trim(htmlspecialchars($_POST['title'])) : $title = ''; isset($_POST['content']) ? $content = trim($_POST['content']) : $content = ''; isset($_POST['readlevel']) ? $readlevel = Cnum($_POST['readlevel']) : $readlevel = 0; isset($_GET['rid']) ? $rid = Cnum($_GET['rid']) : $rid = 0; if ($sortid == '') $sortid = 0; if (Cnum($_G['USER']['READLEVEL']) < $readlevel) $readlevel = Cnum($_G['USER']['READLEVEL']); $replyafterlook = Cnum($_POST['replyafterlook']); $top = $high = 0; if (chkUserQx($_G['USER']['QUANXIAN'], 'admin')) { //管理置顶,精华 $top = Cnum($_POST['top']); $high = Cnum($_POST['high']); } $array = $uarray = array(); $posttime = time(); $uarray['id'] = $_G['USER']['ID']; switch ($type) { //==============================发布新文章================== case 'read' : //======================版权发帖权限检测====================== if (isset($_POST['sortid'])) { $sortid = Cnum($_POST['sortid']); if ($sortid) { $__sortdata = $_G['TABLE']['READSORT'] -> getData($sortid); if ($_G['USER']['READLEVEL'] < $__sortdata['postlevel']) { $banpost = TRUE; } } } if ($banpost) { $_G['HTMLCODE']['TIP'] = '发表失败!您的阅读权限未达到要求值'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); //===============帖子大小检测=================================== } elseif (strlen($title) < Cnum($_G['SET']['READTITLEMIN'], 3) || strlen($title) > Cnum($_G['SET']['READTITLEMAX'], 255) || strlen($content) < Cnum($_G['SET']['READCONTENTMIN'], 10) || strlen($content) > Cnum($_G['SET']['READCONTENTMAX'], 25000)) { $_G['HTMLCODE']['TIP'] = '发表失败!发帖要求:标题字节范围' . Cnum($_G['SET']['READTITLEMIN'], 3) . '-' . Cnum($_G['SET']['READTITLEMAX'], 255) . ',内容字节范围' . Cnum($_G['SET']['READCONTENTMIN'], 10) . '-' . Cnum($_G['SET']['READCONTENTMAX'], 25000) . '。'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } else { $array['title'] = $title; $array['content'] = $content; $array['readlevel'] = $readlevel; $array['sortid'] = $sortid; $array['replyafterlook'] = $replyafterlook; $array['top'] = $top; $array['high'] = $high; if ($id) { //==============================编辑文章=============== $chka = $_G['TABLE']['READ'] -> getData($id); if (chkUserQx($_G['USER']['QUANXIAN'], 'superman') || chkUserQx($_G['USER']['QUANXIAN'], 'admin') || ($chka['uid'] == $_G['USER']['ID'] && $_G['USER']['ID'] != 2)) { $array['id'] = $id; $_G['TABLE']['READ'] -> newData($array); $newid = $id; header("Location:index.php?c=read&id={$newid}"); } else { $_G['HTMLCODE']['TIP'] = '编辑失败!您无权对此文章操作。'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } } else { //============================新文章==================== if (($_G['SET']['POSTAUDIT'] || chkUserQx($_G['USER']['QUANXIAN'], 'postaudit')) && !chkUserQx($_G['USER']['QUANXIAN'], 'nopostaudit')) { //发帖需要验证 $array['del'] = 2; } $array['uid'] = $_G['USER']['ID']; $array['posttime'] = $posttime; $array['postip'] = $_G['SYSTEM']['CLIENTIP']; $_G['TABLE']['READ'] -> newData($array); $newid = $_G['TABLE']['READ'] -> getNewId(); //写入上传信息********************************************** //上传的图片信息 if (preg_match_all('#<img alt="帖内图片" title="点击查看大图" src="uploadfiles/' . $_G['USER']['ID'] . '/([a-z0-9\.]+)" />#', $content, $match)) { foreach ($match as $key => $value) { if ($key == 1) { foreach ($value as $value2) { $getuploadid = $_G['TABLE']['UPLOAD'] -> getId("filename", $value2); if ($getuploadid) { $uploadarray['id'] = $getuploadid; $uploadarray['rid'] = $newid; $_G['TABLE']['UPLOAD'] -> newData($uploadarray); } } } } } //=====================上传的文件信息==================== if (preg_match_all('#<a class="downloada" target="_blank" href="index.php\?c=download\&\;uid=' . $_G['USER']['ID'] . '\&\;id=([0-9]+)\&\;#', $content, $match)) { foreach ($match as $key => $value) { if ($key == 1) { foreach ($value as $value2) { $getuploadid = $_G['TABLE']['UPLOAD'] -> getId("uploadtime", $value2); if ($getuploadid) { $uploadarray['id'] = $getuploadid; $uploadarray['rid'] = $newid; $_G['TABLE']['UPLOAD'] -> newData($uploadarray); } } } } } //******************************************************** //=================用户积分变动============================ UserDataChange(array("jifen" => Cnum($_G['SET']['POSTREADJIFEN']), "tiandou" => Cnum($_G['SET']['POSTREADTIANDOU']))); if ($array['del'] == 2) { $_G['HTMLCODE']['TIP'] = '发表成功!请等待审核通过。'; $_G['HTMLCODE']['TIPJS'] = "location.href='index.php?c=list'"; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } else { header("Location:index.php?c=read&id={$newid}"); } } } break; //==================================发布新回复========================== case 'reply' : if (strlen($content) < Cnum($_G['SET']['REPLYCONTENTMIN'], 1) || strlen($content) > Cnum($_G['SET']['REPLYCONTENTMAX'], 25000)) { $_G['HTMLCODE']['TIP'] = '发表失败!回复要求:内容字节范围' . Cnum($_G['SET']['REPLYCONTENTMIN'], 1) . '-' . Cnum($_G['SET']['REPLYCONTENTMAX'], 25000) . '。'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } else { $RA = $_G['TABLE']['READ'] -> getData($rid); if ($RA) { $array['content'] = $content; if ($RA['sortid']) { $__sortdata = $_G['TABLE']['READSORT'] -> getData($RA['sortid']); if ($_G['USER']['READLEVEL'] < $__sortdata['replylevel']) { $banreply = TRUE; } } if ($banreply) { $_G['HTMLCODE']['TIP'] = '回复失败!您的阅读权限未达到要求值'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } elseif ($id) { //编辑回复 $chka = $_G['TABLE']['REPLY'] -> getData($id); if (chkUserQx($_G['USER']['QUANXIAN'], 'admin') || ($chka['uid'] == $_G['USER']['ID'] && $_G['USER']['ID'] != 2)) { $array['id'] = $id; $_G['TABLE']['REPLY'] -> newData($array); $newreplyid = $id; header("Location:index.php?c=read&id=$rid&sortid=$sortid&page=999999#reply{$newreplyid}"); } else { $_G['HTMLCODE']['TIP'] = '编辑失败!您无权对此回复操作。'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } } else { //===================新回复========================= if (($_G['SET']['POSTAUDIT'] || chkUserQx($_G['USER']['QUANXIAN'], 'postaudit')) && !chkUserQx($_G['USER']['QUANXIAN'], 'nopostaudit')) { //发帖需要验证 $array['del'] = 2; } $rid = $RA['id']; $array['rid'] = $rid; $array['uid'] = $_G['USER']['ID']; $array['posttime'] = $posttime; $array['postip'] = $_G['SYSTEM']['CLIENTIP']; $_G['TABLE']['REPLY'] -> newData($array); $newreplyid = $_G['TABLE']['REPLY'] -> getNewId(); //最新回复写入对应文章下 $_array['id'] = $rid; $_array['replyuid'] = $_G['USER']['ID']; $_array['replytime'] = $posttime; $array['del'] == 2 ? $_array['replycontent'] = '[需审核回复]' : $_array['replycontent'] = $content; $_array['replyip'] = $_G['SYSTEM']['CLIENTIP']; $_G['TABLE']['READ'] -> newData($_array); //用户积分变动 UserDataChange(array("jifen" => Cnum($_G['SET']['POSTREPLYJIFEN']), "tiandou" => Cnum($_G['SET']['POSTREPLYTIANDOU']))); //通知相关用户 //通知文章作者 $rua = $_G['TABLE']['READ'] -> getData($rid); //文章信息 $uid = $rua['uid']; if ($_G['USER']['ID'] != 2) { $uhref = "index.php?c=user&id={$_G['USER']['ID']}"; $a = "{$_G['USER']['USERNAME']}"; } else { $uhref = "javascript:"; $a = "论坛游客"; } $rhref = "index.php?c=read&id={$rid}"; $mcontent = "<a class='message_a_user' target='_blank' href='{$uhref}'>{$a}</a>回复了你的文章“<a class='message_a_readtitle' target='_blank' href='{$rhref}'>" . htmlspecialchars(BBcode($rua['title'], '')) . "</a>”,快去看看吧~"; //. htmlspecialchars($content); NewMessage($uid, $mcontent, 1, 2); //若为回复回复,则通知@id if (substr($content, 0, 6) == '<!--@(') { $epos = strpos($content, ')-->'); if ($epos) { $uid = substr($content, 6, $epos - 6); if (Cnum($uid) && $uid != 2) { $mcontent = "<a class='message_a_user' target='_blank' href='{$uhref}'>{$a}</a>在文章“<a class='message_a_readtitle' target='_blank' href='{$rhref}'>" . htmlspecialchars(BBcode($rua['title'], '')) . "</a>”中回复了你的回复,快去看看吧~"; // . htmlspecialchars($content); NewMessage($uid, $mcontent, 1, 2); } } } //邮件通知相关用户 if (function_exists("sendmail") && $uid != 2) { $udata = $_G['TABLE']['USER'] -> getData($uid); if (filter_var($udata['mail'], FILTER_VALIDATE_EMAIL)) { $mailcontent = " {$a}在文章“<a target='_blank' href='http://{$_G['SYSTEM']['DOMAIN']}/{$rhref}'>" . htmlspecialchars(BBcode($rua['title'], '')) . "</a>”中回复了您,快<a target='_blank' href='http://{$_G['SYSTEM']['DOMAIN']}/index.php?c=login'>登录</a>去看看吧~ "; sendmail($udata['mail'], "您收到了新回复 - {$_G['SET']['LOGOTEXT']}", $mailcontent); } } if ($array['del'] == 2) { $_G['HTMLCODE']['TIP'] = '回复成功,请等待审核通过。'; $_G['HTMLCODE']['TIPJS'] = "location.href='index.php?c=read&id={$rid}'"; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } else { header("Location:index.php?c=read&id={$rid}&sortid={$sortid}&page=999999#reply{$newreplyid}"); } } } else { $_G['HTMLCODE']['TIP'] = '发表失败!对不存在的帖子回复。'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } } break; //错误的参数 default : $_G['HTMLCODE']['TIP'] = '非法的GET参数。'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); break; } } } else { $_SESSION['VERIFYCODE_POST'] = ''; $_G['HTMLCODE']['TIP'] = '验证码错误!'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); } } else { //不合法 $_G['HTMLCODE']['TIP'] = '您的手速太快了,请等待 <span id="s" style="font-weight:bold;color:red">' . ($pi - (time() - $lptime)) . '</span> 秒后再操作~ <script> var s = document.getElementById("s"); setInterval(function() { if (s.innerHTML == 0) { history.back(); } else { s.innerHTML -= 1; } }, 1000); </script>'; $_G['HTMLCODE']['OUTPUT'] = template('tip', true); }