<?php
/*
EditorTools自动采集助手-phpwind7.0(GBK、UTF-8)文章回复接口
----------------------------------
文件名
etreply.php
phpwind7文章回复接口文件，请复制在phpwind7论坛根目录使用，为保密，请自行修改文件名



附加参数
vercode  安全校验码，请自行设定，本项用以防止接口被他人利用，如果需要进行更多校验，请自行填加相关代码。

*/

$vercode=''; //此处取值请自行修改

/*



ET发布配置-文章检查网址处，填写参考如下：
http://您的网址/etreply.php?vercode=

*/
if ($_REQUEST['vercode']!=$vercode){
 echo("[err]invalid vercode[/err]");
 exit();
}


define('SCR','post');
//require_once('global.php');
//global.php开始

//file_exists('install.php') && ObHeader('install.php');
error_reporting(E_ERROR | E_PARSE);
set_magic_quotes_runtime(0);
function_exists('date_default_timezone_set') && date_default_timezone_set('Etc/GMT+0');

$defined_vars = get_defined_vars();
foreach ($defined_vars as $_key => $_value) {
 if (!in_array($_key,array('GLOBALS','_POST','_GET','_COOKIE','_SERVER','_FILES','wind_in'))) {
  ${$_key} = '';
  unset(${$_key});
 }
}

$t_array = explode(' ',microtime());
$P_S_T  = $t_array[0] + $t_array[1];
$timestamp = time();

define('R_P',getdirname(__FILE__));
define('D_P',R_P);
define('P_W','global');
!defined('SCR') && define('SCR','other');

require_once(R_P.'require/common.php');
require_once(R_P.'require/defend.php');


//open pw mode
if (!empty($db_mode) && file_exists(R_P."mode/$db_mode/")) {
 define('M_P',R_P."mode/$db_mode/");
 $pwModeImg = "mode/$db_mode/images";
 $db_modepages = unserialize($db_modepages);
} else {
 $db_mode = '';
}
$dirstrpos = strpos($pwServer['PHP_SELF'],$db_dir);
if ($dirstrpos !== false) {
 $tmp = substr($pwServer['PHP_SELF'],0,$dirstrpos);
 $pwServer['PHP_SELF'] = "$tmp.php";
} else {
 $tmp = $pwServer['PHP_SELF'];
}
$REQUEST_URI = $pwServer['PHP_SELF'].'?'.$pwServer['QUERY_STRING'];

if (GetCookie('lastvisit')) {
 list($c_oltime,$lastvisit,$lastpath) = explode("\t",GetCookie('lastvisit'));
 ($onbbstime=$timestamp-$lastvisit)<$db_onlinetime && $c_oltime+=$onbbstime;
} else {
 $lastvisit = $lastpath = '';
 $c_oltime = $onbbstime = 0;
 Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI);
}
if (defined('AJAX')) {
 require_once(R_P.'require/ajaxfunc.php');
}
$db_cvtime != 0 && $timestamp += $db_cvtime*60;

$db_debug && error_reporting(E_ALL ^ E_NOTICE);
$wind_version = '7.0';
$db_olsize   = 96;

$R_url = $db_bbsurl = Char_cv("http://".$pwServer['HTTP_HOST'].substr($tmp,0,strrpos($tmp,'/')));
defined('SIMPLE') && SIMPLE && $db_bbsurl = substr($db_bbsurl,0,-7);

InitGP(array('fid','tid'),'GP',2);
$db  = $credit = null;

require_once(D_P.'data/sql_config.php');
!is_array($manager) && $manager = array();
$newmanager = array();
foreach ($manager as $key => $value) {
 if (!empty($value) && !is_array($value)) {
  $newmanager[$key] = $value;
 }
}
$manager = $newmanager;
if ($database == 'mysqli' && Pwloaddl('mysqli') === false) {
 $database = 'mysql';
}
ObStart();//noizy

if ($db_http != 'N') {
 $imgpath = $db_http;
 if (D_P != R_P) {
  $R_url = substr($db_http,-1)=='/' ?  substr($db_http,0,-1) : $db_http;
  $R_url = substr($R_url,0,strrpos($R_url,'/'));
 }
} else {
 $imgpath = $db_picpath;
}
$attachpath = $db_attachurl != 'N' ? $db_attachurl : $db_attachname;
$imgdir  = R_P.$db_picpath;
$attachdir = R_P.$db_attachname;
$pw_posts   = 'pw_posts';
$pw_tmsgs   = 'pw_tmsgs';
$runfc  = 'N';

list($winduid,$windpwd,$safecv) = explode("\t",addslashes(StrCode(GetCookie('winduser'),'DECODE')));

$loginhash = GetVerify($onlineip,$db_pptkey);
if ($db_pptifopen && $db_ppttype == 'client') {
 if (strpos($db_pptloginurl,'?') === false) {
  $db_pptloginurl .= '?';
 } elseif (substr($db_pptloginurl,-1) != '&') {
  $db_pptloginurl .= '&';
 }
 if (strpos($db_pptregurl,'?') === false) {
  $db_pptregurl .= '?';
 } elseif (substr($db_pptregurl,-1) != '&') {
  $db_pptregurl .= '&';
 }
 $urlencode = rawurlencode($db_bbsurl);
 $loginurl = "$db_pptserverurl/{$db_pptloginurl}forward=$urlencode";
 $loginouturl= "$db_pptserverurl/$db_pptloginouturl&forward=$urlencode&verify=$loginhash";
 $regurl  = "$db_pptserverurl/{$db_pptregurl}forward=$urlencode";
} else {
 $loginurl = 'login.php';
 $loginouturl= "login.php?action=quit&verify=$loginhash";
 $regurl  = $db_registerfile;
}

$ol_offset = GetCookie('ol_offset');
$skinco    = GetCookie('skinco');
if ($db_refreshtime && $REQUEST_URI == $lastpath && $onbbstime < $db_refreshtime) {
 !GetCookie('winduser') && $groupid = 'guest';
 $skin = $skinco ? $skinco : $db_defaultstyle;
 Showmsg('refresh_limit');
}
if (!$db_bbsifopen && !defined('CK')) {
 require_once(R_P.'require/bbsclose.php');
}

$H_url =& $db_wwwurl;
$B_url =& $db_bbsurl;
$t  = array('hours'=>gmdate('G',$timestamp+$db_timedf*3600));
$tdtime = PwStrtoTime(get_date($timestamp,'Y-m-d'));
$montime = PwStrtoTime(get_date($timestamp,'Y-m').'-1');

if ($_COOKIE || $timestamp%3 == 0) {
 switch (SCR) {
  case 'thread': $lastpos = "F$fid";break;
  case 'read': $lastpos = "T$tid";break;
  case 'index': $lastpos = 'index';break;
  default: $lastpos = 'other';
 }
 if ($timestamp-$lastvisit>$db_onlinetime || $lastpos != GetCookie('lastpos')) {
  $runfc = 'Y';
  Cookie('lastpos',$lastpos);
 }
}

//ET增加
PwNewDB();
 $etuser = $db->get_one("SELECT uid,password FROM pw_members  WHERE username=".pwEscape($_POST['pwuser']));
 $winduid=$etuser['uid'];
 $windpwd=$etuser['password'];
if (is_numeric($winduid) && strlen($windpwd)>=16) {
//exit($winduid);
 $winddb   = User_info();
 $winduid  = $winddb['uid'];
 $groupid  = $winddb['groupid'];
 $userrvrc = (int)($winddb['rvrc']/10);
 $windid   = $winddb['username'];
 $_datefm  = $winddb['datefm'];
 $_timedf  = $winddb['timedf'];
 list($winddb['style'],$ifcustomstyle) = explode('|',$winddb['style']);
 $skin   = $winddb['style'] ? $winddb['style'] : $db_defaultstyle;
 list($winddb['onlineip']) = explode('|',$winddb['onlineip']);
 $groupid == '-1' && $groupid = $winddb['memberid'];
 $curvalue = $db_signcurtype == 'rvrc' ? $userrvrc : $winddb[$db_signcurtype];
 if (getstatus($winddb['userstatus'],10) && (!$winddb['starttime'] && $db_signmoney && strpos($db_signgroup,",$groupid,") !== false && $curvalue > $db_signmoney || $winddb['starttime'] && $winddb['starttime'] != $tdtime)) {
  require_once(R_P.'require/Signfunc.php');
  Signfunc($winddb['starttime'],$curvalue);
 }
 unset($curvalue);
} else {
 $skin  = $db_defaultstyle;
 $groupid = 'guest';
 $winddb  = $windid = $winduid = $_datefm = $_timedf = '';
}
$verifyhash = GetVerify($winduid);

if ($db_bbsifopen==2 && SCR!='login' && !defined('CK')) {
 require_once(R_P.'require/bbsclose.php');
}
if ($db_ifsafecv && strpos($db_safegroup,",$groupid,") !== false && !$safecv && !defined('PRO')) {
 Showmsg('safecv_prompt');
}
if ($db_ads && !$windid && (is_numeric($_GET['u']) || ($_GET['a'] && strlen($_GET['a'])<16)) && strpos($pwServer['HTTP_REFERER'],$pwServer['HTTP_HOST'])===false) {
 InitGP(array('u','a'));
 Cookie('userads',"$u\t$a\t".md5($pwServer['HTTP_REFERER']));
} elseif (GetCookie('userads') && $db_ads=='1') {
 list($u,$a) = explode("\t",GetCookie('userads'));
 if ((int)$u>0 || ($a && strlen($a)<16)) {
  require_once(R_P.'require/userads.php');
 }
}

if ($_POST['skinco']) {
 $skinco = $_POST['skinco'];
} elseif ($_GET['skinco']) {
 $skinco = $_GET['skinco'];
}
if ($skinco && file_exists(D_P."data/style/$skinco.php") && strpos($skinco,'..')===false) {
 $skin = $skinco;
 Cookie('skinco',$skin);
}

if ($db_columns && !defined('W_P') && !defined('SIMPLE') && !defined('COL')) {
 $j_columns = GetCookie('columns');
 if (!$j_columns) {
  $db_columns==2 && $j_columns = 2;
  Cookie('columns',$j_columns);
 }
 if ($j_columns==2 && (strpos($pwServer['HTTP_REFERER'],$db_bbsurl)===false || strpos($pwServer['HTTP_REFERER'],$db_adminfile)!==false)) {
  strpos($REQUEST_URI,'index.php')===false ? Cookie('columns','1') : ObHeader('columns.php?action=columns');
 }
}
Ipban();
Cookie('lastvisit',$c_oltime."\t".$timestamp."\t".$REQUEST_URI);

if ($groupid == 'guest' && $db_guestdir && GetGcache()) {
 require_once(R_P.'require/guestfunc.php');
 getguestcache();
}
PwNewDB();

unset($_key,$_value,$defined_vars,$t_array,$db_whybbsclose,$db_whycmsclose,$db_ipban,$db_diy,$dbhost,$dbuser,$dbpw,$dbname,$pconnect,$manager_pwd,$newmanager);

if ($groupid == 'guest') {
 require_once(D_P.'data/groupdb/group_2.php');
} elseif (file_exists(D_P."data/groupdb/group_$groupid.php")) {
 require_once Pcv(D_P."data/groupdb/group_$groupid.php");
} else {
 require_once(D_P.'data/groupdb/group_1.php');
}

if ($_G['pwdlimitime'] && !CkInArray($windid,$manager) && $timestamp-86400*$_G['pwdlimitime']>$winddb['pwdctime'] && !defined('PRO')) {
 Showmsg('pwdchange_prompt');
}

$SCR = SCR;
$header_ad = $footer_ad = '';

if (SCR != 'read') {
 $advertdb = AdvertInit(SCR,$fid);
 if (is_array($advertdb['header'])) {
  $header_ad = $advertdb['header'][array_rand($advertdb['header'])]['code'];
 }
 if (is_array($advertdb['footer'])) {
  $footer_ad = $advertdb['footer'][array_rand($advertdb['footer'])]['code'] .'<br />';
 }
 unset($advertdb['header'],$advertdb['footer']);
}

function refreshto($URL,$content,$statime=1){
 if (defined('AJAX')) Showmsg($content);
 global $db_ifjump;
 $URL = str_replace('&#61;','=',$URL);
 if ($db_ifjump && $statime>0) {
  ob_end_clean();
  global $expires,$db_charset,$tplpath,$fid,$imgpath,$db_obstart,$db_bbsname,$skin,$B_url,$forumname,$tpctitle,$bgcolor,$cbgfont,$linkcolor,$tdcolor,$forumcolortwo;
  $index_name =& $db_bbsname;
  $index_url =& $B_url;
  ObStart();//noizy
  if (file_exists(D_P."data/style/$skin.php") && strpos($skin,'..')===false) {
   include_once Pcv(D_P."data/style/$skin.php");
  } else {
   include_once(D_P.'data/style/wind.php');
  }
  $content = getLangInfo('refreshto',$content);
  @require PrintEot('refreshto');exit;
 } else {
  ObHeader($URL);
 }
}
function ObHeader($URL){
 global $db_obstart,$db_bbsurl,$db_htmifopen;
 if ($db_htmifopen && strncasecmp($URL,'http',4) != 0) {
  $URL = "$db_bbsurl/$URL";
 }
 ob_end_clean();
 if (!$db_obstart) {
  ob_start();
  echo "<meta http-equiv='refresh' content='0;url=$URL'>";exit;
 }
 header("Location: $URL");exit;
}
function Showmsg($msg_info,$dejump=0){
 @extract($GLOBALS, EXTR_SKIP);
 global $stylepath,$tablewidth,$mtablewidth,$tplpath;
 $msg_info = getLangInfo('msg',$msg_info);
 if (defined('AJAX')) {
  echo $msg_info; ajax_footer();
 }
 $showlogin = false;
 if ($dejump!='1' && $groupid=='guest' && $REQUEST_URI==str_replace(array('register','login'),'',$REQUEST_URI) && (!$db_pptifopen || $db_ppttype != 'client')) {
  if (strpos($REQUEST_URI,'post.php')!==false) {
   $tmpTid = (int)GetGP('tid','P');
   $tmpTid && $REQUEST_URI = substr($REQUEST_URI,0,strrpos($REQUEST_URI,'/'))."/read.php?tid=$tmpTid&toread=1";
  }
  if ($db_htmifopen) {
   $REQUEST_URI = str_replace(array('.php?','&','='),array($db_dir,'-','-'),$REQUEST_URI);
   strpos($REQUEST_URI,$db_ext)===false && $REQUEST_URI .= $db_ext;
  }
  $jumpurl = "http://".$pwServer['HTTP_HOST'].$REQUEST_URI;
  list(,$qcheck)=explode("\t",$db_qcheck);
  $qkey = $qcheck && $db_question ? array_rand($db_question) : '';
  $showlogin = true;
 }
 define('MSG',1);
 $subject = strip_tags($msg_info).' - ';
 require_once(R_P.'require/header.php');
 require_once PrintEot('showmsg');exit;
}
function GetLang($lang,$EXT='php'){
 global $tplpath;
 
 if (file_exists(R_P."template/$tplpath/lang_$lang.$EXT")) {
  return R_P."template/$tplpath/lang_$lang.$EXT";
 } elseif (file_exists(R_P."template/wind/lang_$lang.$EXT")) {
  return R_P."template/wind/lang_$lang.$EXT";
 } else {
  exit("Can not find lang_$lang.$EXT file");
 }
}
function PrintEot($template,$EXT='htm'){
 //Copyright (c) 2003-09 PHPWind
 global $tplpath,$db_mode;
 !$template && $template = 'N';
 
 if (defined('M_P') && $db_mode && file_exists(M_P."template/$template.$EXT")) {
  return modeEot($template,$EXT);
 } elseif (file_exists(R_P."template/$tplpath/$template.$EXT")) {
  return R_P."template/$tplpath/$template.$EXT";
 } elseif (file_exists(R_P."template/wind/$template.$EXT")) {
  return R_P."template/wind/$template.$EXT";
 } else {
  exit("Can not find $template.$EXT file");
 }
}

function Ipban(){
 global $db_ipban,$onlineip,$imgpath,$stylepath;
 if ($db_ipban) {
  $baniparray = explode(',',$db_ipban);
  foreach ($baniparray as $banip) {
   if ($banip && strpos(",$onlineip.",','.trim($banip).'.')!==false) {
    Showmsg('ip_ban');
   }
  }
 }
}
function Update_ol(){
 global $runfc,$db_online;
 if ($runfc == 'Y') {
  if ($db_online) {
   Sql_ol();
  } else {
   Txt_ol();
  }
  $runfc = 'N';
 }
}
function Txt_ol(){

 global $ol_offset,$winduid,$db_ipstates,$isModify;
 require_once(R_P.'require/userglobal.php');
 if ($winduid>0) {
  list($alt_offset,$isModify) = addonlinefile($ol_offset,$winduid);
 } else {
  list($alt_offset,$isModify) = addguestfile($ol_offset);
 }
 $alt_offset!=$ol_offset && Cookie('ol_offset',$alt_offset);
 if ($db_ipstates && ((!GetCookie('ipstate') && $isModify===1) || (GetCookie('ipstate') && GetCookie('ipstate')<$GLOBALS['tdtime']))) {
  require_once(R_P.'require/ipstates.php');
 }
}
function Sql_ol(){
 global $db,$fid,$tid,$timestamp,$windid,$winduid,$onlineip,$groupid,$wind_in,$db_onlinetime,$db_ipstates,$db_today,$lastvisit;
 $olid = (int)GetCookie('olid');
 $ifhide = $GLOBALS['_G']['allowhide'] && GetCookie('hideid') ? 1 : 0;
 $isModify = 0;
 PwNewDB();
 if ($olid) {
  $sqladd = $winduid ? '(uid='.pwEscape($winduid).' OR olid='.pwEscape($olid).' AND uid=0 AND ip='.pwEscape($onlineip).')' : 'olid='.pwEscape($olid).' AND ip='.pwEscape($onlineip);
  $pwSQL = pwSqlSingle(array(
   'username' => $windid,
   'lastvisit' => $timestamp,
   'fid'  => $fid,
   'tid'  => $tid,
   'groupid' => $groupid,
   'action' => $wind_in,
   'ifhide' => $ifhide,
   'uid'  => $winduid,
   'ip'  => $onlineip
  ));
  $db->update("UPDATE pw_online SET $pwSQL WHERE $sqladd");
  if ($winduid && $db->affected_rows() > 1) {
   $db->update('DELETE FROM pw_online WHERE uid='.pwEscape($winduid).' AND olid!='.pwEscape($olid));
  }
 } elseif (!$_COOKIE) {
  $pwSQL = pwSqlSingle(array(
   'username' => $windid,
   'lastvisit' => $timestamp,
   'fid'  => $fid,
   'tid'  => $tid,
   'groupid' => $groupid,
   'action' => $wind_in,
   'ifhide' => $ifhide,
   'uid'  => $winduid
  ));
  $db->update("UPDATE pw_online SET $pwSQL WHERE ip=".pwEscape($onlineip));
 }
 if (!$olid && $_COOKIE || $db->affected_rows()==0) {
  $db->update('DELETE FROM pw_online WHERE uid!=0 AND uid='.pwEscape($winduid).' OR lastvisit<'.pwEscape($timestamp-$db_onlinetime));
  $rt = $db->get_one("SELECT MAX(olid) FROM pw_online",MYSQL_NUM);
  $olid = $rt[0]+1;
  $pwSQL = pwSqlSingle(array(
   'olid'  => $olid,
   'username' => $windid,
   'lastvisit' => $timestamp,
   'ip'  => $onlineip,
   'fid'  => $fid,
   'tid'  => $tid,
   'groupid' => $groupid,
   'action' => $wind_in,
   'ifhide' => $ifhide,
   'uid'  => $winduid
  ));
  $db->update("REPLACE INTO pw_online SET $pwSQL");
  Cookie('olid',$olid);
  $isModify = 1;
 }
 if ($db_ipstates && ((!GetCookie('ipstate') && $isModify===1) || (GetCookie('ipstate') && GetCookie('ipstate')<$GLOBALS['tdtime']))) {
  require_once(R_P.'require/ipstates.php');
 }
 if ($db_today && $timestamp-$lastvisit>$db_onlinetime) {
  require_once(R_P.'require/today.php');
 }
}
function footer(){
 global $db,$db_obstart,$db_footertime,$db_htmifopen,$P_S_T,$mtablewidth,$db_ceoconnect,$wind_version,$imgpath,$stylepath,$footer_ad,$db_union,$timestamp,$db_icp,$db_icpurl,$advertdb,$groupid,$SCR,$ceversion,$db_ystats_ifopen,$db_ystats_unit_id,$db_ystats_style,$db_redundancy;
 defined('AJAX') && ajax_footer();
 Update_ol();
 $wind_spend = '';
 $ft_gzip = ($db_obstart ? 'Gzip enabled' : 'Gzip disabled').$db_union[3];
 if ($db_footertime == 1){
  $t_array = explode(' ',microtime());
  $totaltime = number_format(($t_array[0]+$t_array[1]-$P_S_T),6);
  $qn = $db ? $db->query_num : 0;
  $wind_spend = "Total $totaltime(s) query $qn,";
  
 }
 $ft_time = get_date($timestamp,'m-d H:i');
 $db_icp && $db_icp = "<a href=\"http://www.miibeian.gov.cn\" target=\"_blank\">$db_icp</a>";
 require PrintEot('footer');
 if ($advertdb['float'] || $advertdb['popup'] || $advertdb['leftfloat'] || $advertdb['rightfloat']) {
  require PrintEot('advert');
 }
 $output = ob_get_contents();
 if ($db_htmifopen) {
  $output = preg_replace(
   "/\<a(\s*[^\>]+\s*)href\=([\"|\']?)(?!(http|ftp|telnet|mms|rtsp|rss|".$GLOBALS['db_adminfile']."))([^\"\'>\s]+\.php\?[^\"\'>\s]+\s?)[\"|\']?/ies",
   "Htm_cv('\\4','<a\\1href=\"')",
   $output
  );

 }
 if ($db_redundancy && $SCR != 'post') {
  $output = str_replace(
   array("\r","\n\n","\n\t","\n ",">\n","\n<","}\n","{\n",";\n","/\n","\t ",">\t","\t<","}\t","{\t",";\t","/\t",'  ','<!--<!---->','<!---->',substr(R_P,0,-1)),
   array('',"\n",' ',' ','>','<','}','{',';','/',' ','>','<','}','{',';','/',' ','','',''),
   $output
  );
 } else {
  $output = str_replace(array('<!--<!---->','<!---->',substr(R_P,0,-1)),'',$output);
 }
 if ($SCR != 'post') {
  $output .= "<script language=\"JavaScript\" src=\"http://init.phpwind.com/init.php?sitehash={$GLOBALS[db_sitehash]}&v=$wind_version&c=$ceversion\"></script>";
 }
 if ($groupid == 'guest' && !defined('MSG') && GetGcache()) {
  require_once(R_P.'require/guestfunc.php');
  creatguestcache($output);
 }
 echo ObContents($output);
 unset($output);
 exit;
}
function Htm_cv($url,$tag){
 global $db_dir,$db_ext;
 $tmppos = strpos($url,'#');
 $add = $tmppos!==false ? substr($url,$tmppos) : '';
 $url = str_replace(
  array('.php?','=','&amp;','&',$add),
  array($db_dir,'-','-','-',''),
  $url
 ).$db_ext.$add;
 return stripslashes($tag)."$url\"";
}
function User_info(){
 global $db,$timestamp,$db_onlinetime,$winduid,$windpwd,$safecv,$db_ifonlinetime,$c_oltime,$onlineip,$db_ipcheck,$tdtime,$montime,$db_ifsafecv,$db_ifpwcache;
 $ct = $sqladd = $sqltab = '';
 PwNewDB();
 if (in_array(SCR,array('index','read','thread','post'))) {
  $sqladd = SCR=='post' ? ",md.postcheck,sr.visit,sr.post,sr.reply" : ",sr.visit";
  $sqltab = "LEFT JOIN pw_singleright sr ON m.uid=sr.uid";
 }
 $detail = $db->get_one("SELECT m.uid,m.username,m.password,m.safecv,m.email,oicq,m.groupid,m.memberid,m.groups,m.icon,m.regdate,m.honor,m.timedf,m.style,m.datefm,m.t_num,m.p_num,m.yz,m.newpm,m.userstatus,m.shortcut,md.postnum,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.thisvisit,md.onlinetime,md.lastpost,md.todaypost,md.monthpost,md.onlineip,md.uploadtime,md.uploadnum,md.starttime,md.pwdctime,md.monoltime,md.digests $sqladd FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid $sqltab WHERE m.uid=".pwEscape($winduid));

 $loginout = 'N';
 if ($db_ipcheck && strpos($detail['onlineip'],$onlineip)===false) {
  $iparray = explode('.',$onlineip);
  strpos($detail['onlineip'],"$iparray[0].$iparray[1]")===false && $loginout = 'Y';
 }
/* if (!$detail || PwdCode($detail['password'])!=$windpwd || $db_ifsafecv && $safecv!=$detail['safecv'] || $loginout=='Y') {
  unset($detail);
  $GLOBALS['groupid'] = 'guest';
  require_once(R_P.'require/checkpass.php');
  Loginout();
  Showmsg('ip_change');
 } else {
*/  unset($detail['password']);
  $detail['honor'] = substrs($detail['honor'],90);
  if ($timestamp - $detail['lastvisit'] > $db_onlinetime || $timestamp - $detail['lastvisit'] > 3600) {
   //Start elementupdate
   if ($db_ifpwcache & 1 && SCR != 'post' && SCR != 'thread') {
    require_once(R_P.'require/elementupdate.class.php');
    $elementupdate = new ElementUpdate();
    $elementupdate->userSortUpdate($detail);
   }
   //End elementupdate
   if (!GetCookie('hideid')) {
    $ct = 'lastvisit='.pwEscape($timestamp).',thisvisit='.pwEscape($timestamp);
    if ($db_ifonlinetime && $c_oltime > 0) {
     $c_oltime > $db_onlinetime*1.2 && $c_oltime = $db_onlinetime;
     $ct .= ',onlinetime=onlinetime+'.pwEscape($c_oltime);
     if ($detail['lastvisit'] > $montime) {
      $ct .= ',monoltime=monoltime+'.pwEscape($c_oltime);
     } else {
      $ct .= ',monoltime='.pwEscape($c_oltime);
     }
     $c_oltime = 0;
    }
    $db->update("UPDATE pw_memberdata SET $ct WHERE uid=".pwEscape($winduid));
    $detail['lastvisit'] = $detail['thisvisit'] = $timestamp;
   }
  }
// }
 return $detail;
}
function AdvertInit($SCR,$fid){
 global $timestamp,$db_advertdb,$db_txtadnum;
 !(int)$db_txtadnum && $db_txtadnum=4;
 $newadvert = array();
 foreach ($db_advertdb as $key => $value) {
  foreach ($value as $v) {
   if ($v['endtime']>=$timestamp) {
    if ($SCR=='index' && strpos(",$v[fid],",",-1,")!==false) {
     $newadvert[$key][] = $v;
    } elseif ($SCR=='thread' && strpos(",$v[fid],",",-2,")!==false) {
     $newadvert[$key][] = $v;
    } elseif ($SCR=='read' && strpos(",$v[fid],",",-3,")!==false) {
     $newadvert[$key][] = $v;
    } elseif (strpos(",$v[fid],",",-4,")!==false) {
     $newadvert[$key][] = $v;
    } elseif ($fid && strpos(",$v[fid],",",$fid,")!==false) {
     $newadvert[$key][] = $v;
    }
   }
  }
 }
 return $newadvert;
}
function readad($ads,$lou,$p){
 if (!$ads || !is_array($ads) || !$lou) return false;
 shuffle($ads);
 foreach ($ads as $value) {
  if ($value['position']==$p && (strpos(",$value[lou],",',-1,')!==false || strpos(",$value[lou],",",$lou,")!==false)) {
   return $value['code'];
  }
 }
 return false;
}
function admincheck($forumadmin,$fupadmin,$username){
 if (!$username) {
  return false;
 }
 if ($forumadmin && strpos($forumadmin,",$username,")!==false) {
  return true;
 }
 if ($fupadmin && strpos($fupadmin,",$username,")!==false) {
  return true;
 }
 return false;
}
function getdirname($path=null){
 if (!empty($path)) {
  if (strpos($path,'\\')!==false) {
   return substr($path,0,strrpos($path,'\\')).'/';
  } elseif (strpos($path,'/')!==false) {
   return substr($path,0,strrpos($path,'/')).'/';
  }
 }
 return './';
}
function allowcheck($allowgroup,$groupid,$groups,$fid='',$allowforum=''){
 if ($allowgroup && strpos($allowgroup,",$groupid,")!==false) {
  return true;
 }
 if ($allowgroup && $groups) {
  $groupids = explode(',',substr($groups,1,-1));
  foreach ($groupids as $value) {
   if (strpos($allowgroup,",$value,")!==false) {
    return true;
   }
  }
 }
 if ($fid && $allowforum && strpos(",$allowforum,",",$fid,")!==false) {
  return true;
 }
 return false;
}
function ObContents($output){
 //Copyright (c) 2003-09 PHPWind
 ob_end_clean();
 if (!headers_sent() && $GLOBALS['db_obstart'] && GetServer('HTTP_ACCEPT_ENCODING') && N_output_zip()!='ob_gzhandler') {
  $encoding = '';
  if (strpos(' '.GetServer('HTTP_ACCEPT_ENCODING'),'gzip') !== false) {
   $encoding = 'gzip';
  } elseif (strpos(' '.GetServer('HTTP_ACCEPT_ENCODING'),'x-gzip') !== false) {
   $encoding = 'x-gzip';
  }
  if ($encoding && function_exists('crc32') && function_exists('gzcompress')) {
   header('Content-Encoding: '.$encoding);
   $outputlen  = strlen($output);
   $outputzip  = "\x1f\x8b\x08\x00\x00\x00\x00\x00";
   $outputzip .= substr(gzcompress($output,$GLOBALS['db_obstart']),0,-4);
   $outputzip .= @pack('V',crc32($output));
   $output = $outputzip.@pack('V',$outputlen);
  } else {
   ObStart();
  }
 } else {
  ObStart();
 }
 return $output;
}
function ObStart(){
 //Copyright (c) 2003-09 PHPWind
 ObGetMode() == 1 ? ob_start('ob_gzhandler') : ob_start();
}
function ObGetMode(){
 //Copyright (c) 2003-09 PHPWind
 static $mode = null;
 if ($mode !== null) {
  return $mode;
 }
 $mode = 0;
 if ($GLOBALS['db_obstart'] && function_exists('ob_gzhandler') && N_output_zip()!='ob_gzhandler' && (!function_exists('ob_get_level') || ob_get_level()<1)) {
  $mode = 1;
 }
 return $mode;
}
function N_flush(){
 //Copyright (c) 2003-09 PHPWind
 if (N_output_zip() == 'ob_gzhandler') {
  return;
 }
 if (php_sapi_name() != 'apache2handler' && php_sapi_name() != 'apache2filter') {
  flush();
 }
 if (function_exists('ob_get_status') && ob_get_status() && function_exists('ob_flush') && !ObGetMode($GLOBALS['db_obstart'])) {
  @ob_flush();
 }
}
function N_output_zip(){
 //Copyright (c) 2003-09 PHPWind
 static $output_handler = null;
 if ($output_handler === null) {
  if (@ini_get('zlib.output_compression')) {
   $output_handler = 'ob_gzhandler';
  } else {
   $output_handler = @ini_get('output_handler');
  }
 }
 return $output_handler;
}
function GetGcache() {
 global $db_fguestnum,$db_tguestnum,$db_guestindex;
 $page = isset($GLOBALS['page']) ? $GLOBALS['page'] : (int)$_GET['page'];
 if (SCR == 'thread' && $page < $db_fguestnum && !isset($_GET['type']) && !GetGP('search')) {
  return true;
 } elseif (SCR == 'read' && $page < $db_tguestnum && !isset($_GET['uid'])) {
  return true;
 } elseif (SCR == 'index' && $db_guestindex && !isset($_GET['cateid'])) {
  return true;
 }
 return false;
}
function GetVerify($str,$app = null) {
 empty($app) && $app = $GLOBALS['db_siteid'];
 return substr(md5($str.$app.$GLOBALS['pwServer']['HTTP_USER_AGENT']),8,8);
}
function PostCheck($verify = 1,$gdcheck = 0,$qcheck = 0,$refer = 1) {
 global $pwServer;
 $verify && checkVerify();
 if ($refer && $pwServer['REQUEST_METHOD'] == 'POST') {
  $referer_a = @parse_url($pwServer['HTTP_REFERER']);
  if ($referer_a['host']) {
   list($http_host) = explode(':',$pwServer['HTTP_HOST']);
   if ($referer_a['host'] != $http_host) {
    Showmsg('undefined_action');
   }
  }
 }
 $gdcheck && GdConfirm($_POST['gdcode']);
 $qcheck && Qcheck($_POST['qanswer'],$_POST['qkey']);
}
function checkVerify($hash = 'verifyhash') {
 GetGP('verify') <> $GLOBALS[$hash] && Showmsg('illegal_request');
}
function GdConfirm($code) {
 Cookie('cknum','',0);
 if (!$code || !SafeCheck(explode("\t",StrCode(GetCookie('cknum'),'DECODE')),strtoupper($code),'cknum',1800)) {
  Showmsg('check_error');
 }
}
function Qcheck($answer,$qkey) {
 global $db_question,$db_answer;
 if ($db_question && (!isset($db_answer[$qkey]) || $answer!=$db_answer[$qkey])) {
  Showmsg('qcheck_error');
 }
}
function PwNewDB() {
 if (!is_object($GLOBALS['db'])) {
  global $db,$database,$dbhost,$dbuser,$dbpw,$dbname,$pconnect;
  require_once Pcv(R_P."require/db_$database.php");
  $db = new DB($dbhost,$dbuser,$dbpw,$dbname,$pconnect);
 }
}
function Pwloaddl($mod,$ckfunc='mysqli_get_client_info') {
 return extension_loaded($mod) && $ckfunc && function_exists($ckfunc) ? true : false;
}
function setstatus(&$status,$b,$setv = '1') {
 --$b;
 for ($i = strlen($setv)-1; $i >= 0 ; $i--) {
  if ($setv[$i]) {
   $status |= 1 << $b;
  } else {
   $status &= ~(1 << $b);
  }
  ++$b;
 }
 //return $status;
}
function sendHeader($num,$rtarr=null){
 static $sapi = null;
 if ($sapi===null) {
  $sapi = php_sapi_name();
 }
 $header_a = array(
  '200' => 'OK',
  '206' => 'Partial Content',
  '304' => 'Not Modified',
  '404' => '404 Not Found',
  '416' => 'Requested Range Not Satisfiable',
 );
 if ($header_a[$num]) {
  if ($sapi=='cgi' || $sapi=='cgi-fcgi') {
   $headermsg = "Status: $num ".$header_a[$num];
  } else {
   $headermsg = "HTTP/1.1: $num ".$header_a[$num];
  }
  if (empty($rtarr)) {
   header($headermsg);
  } else {
   return $headermsg;
  }
 }
 return;
}
/**
 * 添加会员最新动作
 *
 * @param int $uid  动作会员UID
 * @param string $type 动作类型
 * @param mixed $log 动作描述
 */
function pwAddFeed($uid,$type,$log) {
 global $db,$timestamp;
 if (is_array($log)) {
  empty($log['lang']) && $log['lang'] = $type;
  $descrip = Char_cv(getLangInfo('feed',$log['lang'],$log));
 } else {
  $descrip = Char_cv($log);
 }
 $db->update("INSERT INTO pw_feed"
  . " SET " . pwSqlSingle(array(
   'uid'  => $uid,
   'type'  => $type,
   'descrip' => $descrip,
   'timestamp' => $timestamp
  ),false)
 );
}
function getLastDate($time){
 global $timestamp,$tdtime;
 $decrease = $timestamp-$time;
 $thistime = PwStrtoTime(get_date($time,'Y-m-d'));
 $result = get_date($time);
 if ($thistime == $tdtime) {
  if ($decrease <= 3600) {
   return array(ceil($decrease/60),'minute',$result);
  } else {
   return array(ceil($decrease/3600),'hour',$result);
  }
 } elseif ($thistime == $tdtime-86400) {
  return array('','yesterday',$result);
 } elseif ($thistime == $tdtime-86400*2) {
  return array('','qiantian',$result);
 } elseif ($decrease <= 7776000) {
  return array(ceil($decrease/86400),'day',$result);
 } else {
  return array($result,false,$result);
 }
}
function procLock($t, $u = 0) {
 global $db,$timestamp;
 if ($db->query("INSERT INTO pw_proclock (uid,action,time) VALUES ('$u','$t','$timestamp')",'U',false)) {
  return true;
 }
 $db->update("DELETE FROM pw_proclock WHERE uid='$u' AND action='$t' AND time < '$timestamp' - 30");
 return false;
}
function procUnLock($t = '', $u = 0) {
 $GLOBALS['db']->update("DELETE FROM pw_proclock WHERE uid='$u' AND action='$t'");
}
//global.php结束
require_once(R_P.'require/forum.php');
include_once(D_P.'data/bbscache/cache_post.php');
$action = "reply";
/**
* 版块缓冲文件
*/
//empty($fid) && Showmsg('undefined_action');
empty($fid) && exit('[err]fid is null[/err]');
$foruminfo = $db->get_one("SELECT * FROM pw_forums f LEFT JOIN pw_forumsextra fe USING(fid) WHERE f.fid=".pwEscape($fid)." AND type<>'category'");
//!$foruminfo && Showmsg('data_error');
empty($fid) && exit('[err]pw7 error(data_error):Read data error[/err]');

$forumset  = unserialize($foruminfo['forumset']);
$creditset = $foruminfo['creditset'];
wind_forumcheck($foruminfo);

/*
* 获取管理权限
*/
/*
$isGM = CkInArray($windid,$manager);
$isBM = admincheck($foruminfo['forumadmin'],$foruminfo['fupadmin'],$windid);
$admincheck = ($isGM || $isBM) ? 1 : 0;
if (!$admincheck && !$foruminfo['allowvisit']) {
 forum_creditcheck();
}

if ($forumset['allowtime'] && !$isGM && !allowcheck($forumset['allowtime'],$t['hours'],'') && !pwRights($isBM,'allowtime')) {
 Showmsg('forum_allowtime');
}
list($uploadcredit,$uploadmoney,,) = explode("\t",$forumset['uploadset']);

InitGP(array('action','special','article','pid','p_type'));
$replacedb = array();
$special   = (int)$special;
$secondurl = "thread.php?fid=$fid";
!$action && $action = "new";

if ($action == 'new' && !($foruminfo['allowtype'] & pow(2,$special))) {
 if (empty($special) && $foruminfo['allowtype'] > 0) {
  $special = (int)log($foruminfo['allowtype'],2);
 } else {
  Showmsg('post_allowtype');
 }
}
list($db_openpost,$db_poststart,$db_postend) = explode("\t",$db_openpost);

if ($db_openpost == 1 && $groupid != 3 && $groupid != 4) {
 if ($db_poststart < $db_postend && ($t['hours'] < $db_poststart || $t['hours'] >= $db_postend)) {
  Showmsg('post_openpost');
 } elseif ($db_poststart > $db_postend && ($t['hours'] < $db_poststart && $t['hours'] >= $db_postend)) {
  Showmsg('post_openpost');
 }
}
*/
/**
* 禁止受限制用户发言
*/
/*
if ($groupid == 6 || getstatus($winddb['userstatus'],1)) {
 $pwSQL = '';
 $flag  = 0;
 $bandb = $delban = array();
 $query = $db->query("SELECT * FROM pw_banuser WHERE uid=".pwEscape($winduid));
 while ($rt = $db->fetch_array($query)) {
  if ($rt['type'] == 1 && $timestamp - $rt['startdate'] > $rt['days']*86400) {
   $delban[] = $rt['id'];
  } elseif ($rt['fid'] == 0 || $rt['fid'] == $fid) {
   $bandb[$rt['fid']] = $rt;
  } else {
   $flag = 1;
  }
 }
 $delban && $db->update('DELETE FROM pw_banuser WHERE id IN('.pwImplode($delban).')');
 ($groupid == 6 && !isset($bandb[0])) && $pwSQL .= "groupid='-1',";
 if (getstatus($winddb['userstatus'],1) && !isset($bandb[$fid]) && !$flag) {
  $pwSQL .= 'userstatus=userstatus&(~1),';
 }
 if ($pwSQL = rtrim($pwSQL,',')) {
  $db->update("UPDATE pw_members SET $pwSQL WHERE uid=".pwEscape($winduid));
 }
 if ($bandb) {
  $bandb = current($bandb);
  if ($bandb['type'] == 1) {
   $s_date = get_date($bandb['startdate']);
   $e_date = $bandb['startdate'] + $bandb['days']*86400;
   $e_date = get_date($e_date);
   Showmsg('ban_info1');
  } else {
   if ($bandb['type'] == 3) {
    Cookie('force',$winduid);
    Showmsg('ban_info3');
   } else {
    Showmsg('ban_info2');
   }
  }
 }
}
if (GetCookie('force') && $winduid != GetCookie('force')) {
 $force = GetCookie('force');
 $bandb = $db->get_one("SELECT type FROM pw_banuser WHERE uid=".pwEscape($force)." AND fid='0'");
 if ($bandb['type'] == 3) {
  Showmsg('ban_info3');
 } else {
  Cookie('force','',0);
 }
}
*/
/**
* 需要验证用户只有通过管理员验证后才能发帖
*/
/*
if ($groupid == '7') {
 Showmsg('post_check');
}
*/
/*
* 新注册会员发帖时间限制
*/
/*
if ($db_postallowtime && $timestamp-$winddb['regdate']<$db_postallowtime*60) {
 Showmsg('post_newrg_limit');
}
$userlastptime = $groupid != 'guest' ?  $winddb['lastpost'] : GetCookie('userlastptime');
*/
/**
* 灌水预防
*/
/*
$tdtime  >= $winddb['lastpost'] && $winddb['todaypost'] = 0;
$montime >= $winddb['lastpost'] && $winddb['monthpost'] = 0;
if ($_G['postlimit'] && $winddb['todaypost'] >= $_G['postlimit']) {
 Showmsg('post_gp_limit');
}

if ($action!="modify" && !$isGM && $_G['postpertime'] && $timestamp>=$userlastptime && $timestamp-$userlastptime<=$_G['postpertime'] && !pwRights($isBM,'postpers')) {
 Showmsg('post_limit');
}
list(,,$postq)  = explode("\t",$db_qcheck);
$_G['uploadtype'] && $db_uploadfiletype = $_G['uploadtype'];
$db_uploadfiletype = !empty($db_uploadfiletype) ? unserialize($db_uploadfiletype) : array();
empty($db_sellset['type']) && $db_sellset['type'] = array('money');
empty($db_enhideset['type']) && $db_enhideset['type'] = array('rvrc');
$htmlsell = ($foruminfo['allowsell'] && $_G['allowsell']) ? '' : 'disabled';
$htmlhide = ($forumset['allowencode'] && $_G['allowencode']) ? '' : 'disabled';

if (empty($_POST['step'])) {

 require_once(R_P.'require/credit.php');
 $editor = getstatus($winddb['userstatus'],11) ? 'wysiwyg' : 'textmode';
 !is_numeric($db_attachnum) && $db_attachnum = 1;
 $htmlpost   = $htmlatt = ($foruminfo['allowhide'] && $_G['allowhidden']) ? '' : 'disabled';
 $ifanonymous= ($isGM || $forumset['anonymous'] && $_G['anonymous']) ? '' : 'disabled';
 $groupid   == 'guest' && $userrvrc = 0;
 $atc_title  = $atc_content = $ifmailck = $selltype = $enhidetype = $alltype = '';
 $uploadfiletype = $uploadfilesize = ' ';
 foreach ($db_uploadfiletype as $key => $value) {
  $uploadfiletype .= $key.' ';
  $uploadfilesize .= $key.':'.$value.'KB; ';
 }
 foreach ($credit->cType as $key => $value) {
  $alltype .= "<option value=\"$key\">".$value."</option>";
 }
 foreach ($db_sellset['type'] as $key => $value) {
  $selltype .= "<option value=\"$value\">".$credit->cType[$value]."</option>";
 }
 foreach ($db_enhideset['type'] as $key => $value) {
  $enhidetype .= "<option value=\"$value\">".$credit->cType[$value]."</option>";
 }
 */

 /**
 * 标题表情
 */
 /*
 $icondb = array(
  '1'=>'1.gif', '2'=>'2.gif',
  '3'=>'3.gif', '4'=>'4.gif',
  '5'=>'5.gif', '6'=>'6.gif',
  '7'=>'7.gif', '8'=>'8.gif'
 );
 if ($db_allowupload && $_G['allowupload']) {
  $mutiupload = $db->get_value("SELECT COUNT(*) AS sum FROM pw_attachs WHERE tid=0 AND pid='0' AND uid=" . pwEscape($winduid));
 }

} else {
*/
// PostCheck(1, ($db_gdcheck & 4) && $winddb['postnum'] < $db_postgd, $winddb['postnum'] < $postq);
 !$windid && $windid = 'guest';

 require_once(R_P.'require/bbscode.php');
 require_once(R_P.'require/postfunc.php');
 if (@include(D_P."data/bbscache/wordsfb.php")) {
  foreach ($wordsfb as $key => $value) {
   $banword = (string) stripslashes($key);
   if (strpos($_POST['atc_title'],$banword)!==false) {
    //Showmsg('title_wordsfb');
    exit('[err]pw7 Warning(title_wordsfb): the title contains illegal words[/err]');
   } elseif (strpos($_POST['atc_content'],$banword)!==false) {
    //Showmsg('content_wordsfb');
    exit('[err]pw7 Warning(content_wordsfb): the content contains illegal words[/err]');
   } elseif (strpos($_POST['atc_tags'],$banword)!==false) {
    //Showmsg("tag_wordsfb");
    exit('[err]pw7 Warning(tag_wordsfb): the tag contains illegal words[/err]');
   }
  }
  foreach ($replace as $key => $value) {
   $banword = (string) stripslashes($key);
   if (strpos($_POST['atc_title'],$banword)!==false) {
    //Showmsg('post_wordsfb');
    exit('[err]pw7 Warning(post_wordsfb): your post contains illegal words[/err]');
   } elseif (strpos($_POST['atc_tags'],$banword)!==false) {
    //Showmsg("tag_wordsfb");
    exit('[err]pw7 Warning(tag_wordsfb): the tag contains illegal words[/err]');
   }
  }
 }
 $ipfrom = Char_cv(cvipfrom($onlineip));
 $atc_usesign = $_POST['atc_usesign'] ? 1 : 0;
// if ($_G['htmlcode'] && $_POST['atc_html']) {
  $atc_usesign += 2;
// }
 /**
 * 得到父版块id
 *//*
 $fatherid = $foruminfo['type']=='sub' ? $foruminfo['fup']:'';
}
//默认动漫表情处理
if ($db_windmagic && ($action == 'new' || ($action == 'modify' && $pid == 'tpc'))) {
 $mDef = '';
 @include_once(D_P."data/bbscache/myshow_default.php");
}
*/
/*
if ($action == "new") {
 require_once(R_P.'require/postnew.php');
} elseif ($action == "reply" || $action == "quote") {
 require_once(R_P.'require/postreply.php');
} elseif ($action == "modify") {
 require_once(R_P.'require/postmodify.php');
} else {
 Showmsg('undefined_action');
}
*/

//require/postreply.php

!function_exists('readover') && exit('Forbidden');
/**
* 版块权限判断
*//*
if ($foruminfo['allowrp'] && !$admincheck && !allowcheck($foruminfo['allowrp'],$groupid,$winddb['groups'],$fid,$winddb['reply'])) {
 Showmsg('reply_forum_right');
}*/
/**
* 用户组权限判断
*//*
if (!$foruminfo['allowrp'] && !$admincheck && $_G['allowrp']==0) {
 Showmsg('reply_group_right');
}
*/
if ($article == '0') {
 $pw_tmsgs = GetTtable($tid);
 $S_sql = ',m.uid,m.groupid,m.userstatus,tm.ifsign,tm.content';
 $J_sql = "LEFT JOIN pw_members m ON m.uid=t.authorid LEFT JOIN $pw_tmsgs tm ON tm.tid=t.tid";
} else {
 $S_sql = $J_sql = '';
}
$tpcarray = $db->get_one("SELECT t.fid,t.locked,t.ifcheck,t.author,t.authorid,t.postdate,t.lastpost,t.ifmail,t.special,t.subject,t.type,t.ifshield,t.anonymous,t.ptable,t.replies $S_sql FROM pw_threads t $J_sql WHERE t.tid=".pwEscape($tid));
$pw_posts = GetPtable($tpcarray['ptable']);

$t_date = $tpcarray['postdate'];//主题发表时间 bbspostguide 中用到
if ($tpcarray['fid']!=$fid) {
 //Showmsg('illegal_tid');
 exit('[err]pw7 error(illegal_tid): this is an illegal Id[/err]');
 
}
$replytitle=$tpcarray['subject'];
/**
* convert()需要$tpc_author变量
*/
$tpc_author=$tpcarray['author'];
/*
if ($forumset['lock']&& !$isGM && $timestamp - $tpcarray['postdate'] > $forumset['lock'] * 86400 && !pwRights($isBM,'replylock')) {
 Showmsg('forum_locked');
}
if (!$isGM && !$tpcarray['ifcheck'] && !pwRights($isBM,'viewcheck')) {
 Showmsg('reply_ifcheck');
}
if (!$isGM && $tpcarray['locked']%3<>0 && !pwRights($isBM,'replylock')) {
 Showmsg('reply_lockatc');
}*/
$special = 0;
$icon = (int)$icon;

/*if (empty($_POST['step'])) {
 ##主题分类
 $db_forcetype = 0;
 require_once(R_P.'require/bbscode.php');
 $hideemail = 'disabled';

 if ($action == 'quote') {
  if ($article == '0') {
   $atcarray = $tpcarray;
  } else {
   !is_numeric($pid) && Showmsg('illegal_tid');
   $atcarray = $db->get_one("SELECT p.author,p.authorid,p.subject,p.ifsign,p.postdate,p.content,p.ifshield,p.anonymous,m.uid,m.groupid,m.userstatus FROM $pw_posts p LEFT JOIN pw_members m ON m.uid=p.authorid WHERE p.pid=".pwEscape($pid));
  }
  if ($atcarray['ifshield']) {//单帖屏蔽
   $atcarray['content'] = shield($atcarray['ifshield']=='1' ? 'shield_article' : 'shield_del_article');
  } elseif (isban($atcarray,$fid)) {
   $atcarray['content'] = shield('ban_article');
  }
  $ifsign = $atcarray['ifsign'];
  $old_author = $atcarray['anonymous'] ? $db_anonymousname : $atcarray['author'];
  $replytitle = $atcarray['subject'];
  $wtof_oldfile = get_date($atcarray['postdate']);
  $old_content = $atcarray['content'];
  $old_content = preg_replace("/\[hide=(.+?)\](.+?)\[\/hide\]/is",getLangInfo('post','hide_post'),$old_content);
  $old_content = preg_replace("/\[post\](.+?)\[\/post\]/is",getLangInfo('post','post_post'),$old_content);
  $old_content = preg_replace("/\[sell=(.+?)\](.+?)\[\/sell\]/is",getLangInfo('post','sell_post'),$old_content);
  $old_content = preg_replace("/\[quote\](.*)\[\/quote\]/is","",$old_content);
  $bit_content = explode("\n",$old_content);

  if (count($bit_content) > 5) {
   $old_content = "$bit_content[0]\n$bit_content[1]\n$bit_content[2]\n$bit_content[3]\n$bit_content[4]\n.......";
  }
  if (strpos($old_content,$db_bbsurl) !== false) {
   $old_content = str_replace('p_w_picpath',$db_picpath,$old_content);
   $old_content = str_replace('p_w_upload',$db_attachname,$old_content);
  }
  $old_content = preg_replace("/\<(.+?)\>/is","",$old_content);
  $atc_content = "[quote]".($article==0 ? getLangInfo('post','info_post_1') : getLangInfo('post','info_post_2'))."\n{$old_content}\n[/quote]\n";
 }
 list($guidename,$forumtitle) = getforumtitle(forumindex($foruminfo['fup'],1),1);
 $guidename .= " <span class=\"crumbs-item current\"><i> </i><strong><a href=\"read.php?tid=$tid\">$tpcarray[subject]</a></strong>";
 if (!$replytitle) {
  $atc_title = "Re:$tpcarray[subject]";
  $forumtitle = "$atc_title|$forumtitle";
 } else {
  $atc_title = "Re:$replytitle";
  $forumtitle = "$atc_title|$tpcarray[subject]|$forumtitle";
 }
 $db_metakeyword = str_replace(array('|',' - '),',',$forumtitle).'phpwind';

 require_once(R_P.'require/header.php');
 $post_reply = '';
 if ($db_showreplynum > 0) {
  $pwViewHide = $isGM || pwRights($isBM,'viewhide');
  $query = $db->query("SELECT p.author,p.authorid,p.subject,p.postdate,p.content,p.anonymous,p.ifconvert,p.ifwordsfb,p.ifshield,m.uid,m.groupid,m.userstatus FROM $pw_posts p LEFT JOIN pw_members m ON p.authorid=m.uid WHERE tid=".pwEscape($tid)."AND ifcheck='1' ORDER BY postdate DESC LIMIT 0,$db_showreplynum");

  while ($rt = $db->fetch_array($query)) {
   $tpc_author = ($rt['anonymous'] && !$pwViewHide && $windid != $rt['author']) ? $db_anonymousname : $rt['author'];
   if ($rt['ifshield']) {
    $groupid != '3' && $rt['content'] = shield($rt['ifshield'] == '1' ? 'shield_article' : 'shield_del_article');
   } elseif ($groupid != 3 && $db_shield && isban($rt,$fid)) {
    $rt['content'] = shield('ban_article');
   } else {
    $rt['ifwordsfb'] != $db_wordsfb && $rt['content'] = wordsfb($rt['content']);
    $rt['ifconvert'] == 2 && $rt['content'] = convert($rt['content'],$db_windpost);
    if (strpos($rt['content'],'[p:') !== false || strpos($rt['content'],'[s:') !== false) {
     $rt['content'] = showface($rt['content']);
    }
   }
   $post_reply .= "<table align=center width=70% cellspacing=1 cellpadding=2 style='TABLE-LAYOUT: fixed;WORD-WRAP: break-word'><tr><td width=100%>$tpc_author:$rt[subject]<br /><br />$rt[content]</td></tr></table><hr size=1 color=$tablecolor width=80%>";
  }
 }
 if ($winduid && $tpcarray['special'] == 5) {
  $debatestand = $db->get_value("SELECT standpoint FROM pw_debatedata WHERE pid='0' AND tid=".pwEscape($tid)."AND authorid=".pwEscape($winduid));
  $debatestand = (int)$debatestand;
  ${'debate_'.$debatestand} = 'SELECTED';
 }*/
 /**
 * 索引设计时为了减少空间,回复的主题可能为空,所以默认为回复主题!
 *//*
 list($msg_guide,$forumlist) = headguide($guidename);
 require_once PrintEot('post');footer();

} elseif ($_POST['step'] == 2) {*/

 InitGP(array('atc_anonymous','atc_hideatt'),'P');
 InitGP(array('atc_iconid'),'P',2);
 list($atc_title,$atc_content,$ifconvert,$ifwordsfb)=check_data('reply');
 /*
 *下句主要是为了节省数据的重复,可以用智能判断
 */
 //stripslashes($atc_title)=='Re:'.$replytitle && $atc_title='';
 $atc_title='';
 //$db_tcheck && $winddb['postcheck'] == tcheck($atc_content) && Showmsg('content_same'); //内容验证

 //!$atc_usesign && $atc_usesign=0;
 require_once(R_P.'require/postupload.php');
 $sqladd = $attachs ? array('ifupload'=>$ifupload) : array();
 $sqladd1 = '';
/*
 if ($foruminfo['f_check']>1 && $_G['atccheck'] && !$admincheck && $groupid!=3) {
  $ifcheck = 0;
 } else {
  $ifcheck = alarm($atc_title,$atc_content);
 }
 */
 $ifcheck=1;
 $atc_content=trim($atc_content);
 $anonymous = (($isGM || $forumset['anonymous'] && $_G['anonymous']) && $atc_anonymous) ? 1 : 0;
 $ifhide  = (($isGM || $foruminfo['allowhide'] && $_G['allowhidden']) && $atc_hideatt) ? 1 : 0;

 bbspostguide('Reply');

 if ($db_plist) {
  $db->update("INSERT INTO pw_pidtmp(pid) VALUES('')");
  $pid = $db->insert_id();
 } else {
  $pid = '';
 }
 $pwSQL = pwSqlSingle(array(
  'pid'  => $pid,  'fid'  => $fid,
  'tid'  => $tid,  'aid'  => $attachs,
  'author' => $windid,  'authorid' => $winddb['uid'],
  'icon'  => $atc_iconid, 'postdate' => $timestamp,
  'subject' => $atc_title, 'userip' => $onlineip,
  'ifsign' => $atc_usesign,'ipfrom' => $ipfrom,
  'ifconvert' => $ifconvert, 'ifwordsfb' => $ifwordsfb,
  'ifcheck' => $ifcheck, 'content' => $atc_content,
  'anonymous' => $anonymous, 'ifhide' => $ifhide
 ));
 $db->update("INSERT INTO $pw_posts SET $pwSQL");
 !$pid && $pid = $db->insert_id();
 if ($ifcheck == 1) {
  if ($windid <> $tpcarray['author']) {
   if ($db_replysendmail == 1 && ($tpcarray['ifmail'] == 1 || $tpcarray['ifmail'] == 3)) {
    $receiver  = $tpcarray['author'];
    $old_title = $read['subject'];
    $detail = $db->get_one("SELECT email,userstatus FROM pw_members WHERE uid=".pwEscape($tpcarray['authorid']));
    $send_address = $detail['email'];
    if (getstatus($detail['userstatus'],8)) {
     require_once(R_P.'require/sendemail.php');
     if (sendemail($send_address,'email_reply_subject','email_reply_content','email_additional') === true) {
      $sqladd1 = ",ifmail=ifmail-1";
     }
    }
   }
   if ($db_replysitemail && ($tpcarray['ifmail'] == 2 || $tpcarray['ifmail'] == 3)) {
    $rt = $db->get_one("SELECT mb.replyinfo,m.userstatus FROM pw_memberinfo mb LEFT JOIN pw_members m USING(uid) WHERE mb.uid=".pwEscape($tpcarray['authorid']));
    if (empty($rt)) {
     $db->update("INSERT INTO pw_memberinfo SET ".pwSqlSingle(array('uid'=>$tpcarray['authorid'],'replyinfo'=>$tid)));
    } elseif (strpos($rt['replyinfo'],",$tid,") === false) {
     $replyinfo = $rt['replyinfo'] ? $rt['replyinfo'].$tid.',' : ",$tid,";
     $db->update("UPDATE pw_memberinfo SET replyinfo=".pwEscape($replyinfo)." WHERE uid=".pwEscape($tpcarray['authorid']));
    }
    if (!getstatus($rt['userstatus'],6)) {
     $db->update("UPDATE pw_members SET userstatus=userstatus|(1<<5) WHERE uid=".pwEscape($tpcarray['authorid']));
    }
    $sqladd['ifmail'] = 4;
   }
  }
  $atc_author = $anonymous ? $db_anonymousname : $windid;
  $tpcarray['locked']<3 && $tpcarray['lastpost']<$timestamp && $sqladd['lastpost'] = $timestamp;
  $sqladd['lastposter'] = $atc_author;
  $db->update("UPDATE pw_threads SET replies=replies+1 $sqladd1,hits=hits+1,".pwSqlSingle($sqladd)." WHERE tid=".pwEscape($tid));
 }
 if ($aids) {
  $db->update("UPDATE pw_attachs SET ".pwSqlSingle(array('tid'=>$tid,'pid'=>$pid))."WHERE aid IN($aids)");
 }
 if ($winduid && $tpcarray['special'] == 5) {
  require_once(R_P.'require/postdebate.php');
 }
 $j_p = '';
 //if ($ifcheck == 1) {
  if ($foruminfo['allowhtm'] && !$foruminfo['cms']) {
   include_once(R_P.'require/template.php');
  }
  if ($tpcarray['locked'] < 3) {
   lastinfo($fid,$foruminfo['allowhtm'],'reply',$foruminfo['cms'].'B');
  }
  //Start Here pwcache
  /*
  if ($db_ifpwcache&270) {
   require_once(R_P.'require/elementupdate.class.php');
   $elementupdate = new ElementUpdate($fid);
   $elementupdate->special = $tpcarray['special'];
   if ($db_ifpwcache&14) {
    $elementupdate->replySortUpdate($tid,$fid,$tpcarray['postdate'],$tpcarray['replies']+1);
   }
   if ($db_ifpwcache&256) {
    $elementupdate->newReplyUpdate($tid,$fid,$tpcarray['postdate']);
   }
   $elementupdate->updateSQL();
  }*/
  //End Here
 // if (empty($j_p)) $j_p="read.php?tid=$tid&page=e&#a";
 // refreshto($j_p,'enter_thread');
  echo("[ok]pid=$pid");
  exit(); 
 
 //} else {
 // refreshto("thread.php?fid=$fid",'post_check');
 //}
//}
?>