www.gusucode.com > 迪恩育儿亲子4商城商家+手机版【整站带测试数据】源码程序 > web/source/class/helper/helper_form.php
<?php /** * [Discuz!] (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: helper_form.php 35986 2016-06-06 01:37:04Z nemohou $ */ if(!defined('IN_DISCUZ')) { exit('Access Denied'); } class helper_form { public static function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0) { if(!getgpc($var)) { return FALSE; } else { global $_G; if($allowget || ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && $_GET['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) || strncmp($_SERVER['HTTP_REFERER'], 'http://wsq.discuz.com/', 22) === 0 || preg_replace("/https?:\/\/([^\:\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\:]+).*/", "\\1", $_SERVER['HTTP_HOST'])))) { if(checkperm('seccode')) { if($secqaacheck && !check_secqaa($_GET['secanswer'], $_GET['secqaahash'])) { showmessage('submit_secqaa_invalid'); } if($seccodecheck && !check_seccode($_GET['seccodeverify'], $_GET['seccodehash'], 0, $_GET['seccodemodid'])) { showmessage('submit_seccode_invalid'); } } return TRUE; } else { showmessage('submit_invalid'); } } } public static function censor($message, $modword = NULL, $return = FALSE) { global $_G; $censor = discuz_censor::instance(); $censor->check($message, $modword); if($censor->modbanned() && empty($_G['group']['ignorecensor'])) { $wordbanned = implode(', ', $censor->words_found); if($return) { return array('message' => lang('message', 'word_banned', array('wordbanned' => $wordbanned))); } if(!defined('IN_ADMINCP')) { showmessage('word_banned', '', array('wordbanned' => $wordbanned)); } else { cpmsg(lang('message', 'word_banned'), '', 'error', array('wordbanned' => $wordbanned)); } } if($_G['group']['allowposturl'] == 0 || $_G['group']['allowposturl'] == 2) { $urllist = self::get_url_list($message); if(is_array($urllist[1])) foreach($urllist[1] as $key => $val) { if(!$val = trim($val)) continue; if(!iswhitelist($val)) { if($_G['group']['allowposturl'] == 0) { if($return) { return array('message' => 'post_url_nopermission'); } showmessage('post_url_nopermission'); } elseif($_G['group']['allowposturl'] == 2) { $message = str_replace('[url]'.$urllist[0][$key].'[/url]', $urllist[0][$key], $message); $message = preg_replace( array( "@\[url=[^\]]*?".preg_quote($urllist[0][$key],'@')."[^\]]*?\](.*?)\[/url\]@is", "@href=('|\")".preg_quote($urllist[0][$key],'@')."\\1@is", "@\[url\]([^\]]*?".preg_quote($urllist[0][$key],'@')."[^\]]*?)\[/url\]@is", ), array( '\\1', '', '\\1', ), $message); } } } } return $message; } public static function censormod($message) { global $_G; if($_G['group']['ignorecensor']) { return false; } $modposturl = false; if($_G['group']['allowposturl'] == 1) { $urllist = self::get_url_list($message); if(is_array($urllist[1])) foreach($urllist[1] as $key => $val) { if(!$val = trim($val)) continue; if(!iswhitelist($val)) { $modposturl = true; } } } if($modposturl) { return true; } $censor = discuz_censor::instance(); $censor->check($message); return $censor->modmoderated(); } public static function get_url_list($message) { $return = array(); (strpos($message, '[/img]') || strpos($message, '[/flash]')) && $message = preg_replace("/\[img[^\]]*\]\s*([^\[\<\r\n]+?)\s*\[\/img\]|\[flash[^\]]*\]\s*([^\[\<\r\n]+?)\s*\[\/flash\]/is", '', $message); if(preg_match_all("/((https?|ftp|gopher|news|telnet|rtsp|mms|callto|bctp|thunder|qqdl|synacast){1}:\/\/|www\.)[^ \[\]\"']+/i", $message, $urllist)) { foreach($urllist[0] as $key => $val) { $val = trim($val); $return[0][$key] = $val; if(!preg_match('/^http:\/\//is', $val)) $val = 'http://'.$val; $tmp = parse_url($val); $return[1][$key] = $tmp['host']; if($tmp['port']){ $return[1][$key] .= ":$tmp[port]"; } } } return $return; } public static function updatemoderate($idtype, $ids, $status = 0) { $ids = is_array($ids) ? $ids : array($ids); if(!$ids) { return; } if(!$status) { foreach($ids as $id) { C::t('common_moderate')->insert($idtype, array( 'id' => $id, 'status' => 0, 'dateline' => TIMESTAMP, ), false, true); } } elseif($status == 1) { C::t('common_moderate')->update($ids, $idtype, array('status' => 1)); } elseif($status == 2) { C::t('common_moderate')->delete($ids, $idtype); } } } ?>