query("SELECT * FROM {$tablepre}threads WHERE tid='$tid'".($auditstatuson ? '' : " AND displayorder>='0'")); if($thread = $db->fetch_array($query)) { $navigation = "» $thread[subject]"; $navtitle = $thread['subject'].' - '; if($thread['readperm'] && $thread['readperm'] > $readaccess && !$forum['ismoderator'] && $thread['authorid'] != $discuz_uid) { showmessage('thread_nopermission', NULL, 'NOPERM'); } $fid = $thread['fid']; $special = $thread['special']; } else { showmessage('thread_nonexistence'); } } */ $navigation = "» $forum[name] $navigation"; $navtitle = $navtitle.strip_tags($forum['name']).' - '; if($forum['type'] == 'sub') { $query = $db->query("SELECT name, fid FROM {$tablepre}forums WHERE fid='$forum[fup]'"); $fup = $db->fetch_array($query); $navigation = "» $fup[name] $navigation"; $navtitle = $navtitle.strip_tags($fup['name']).' - '; } periodscheck('postbanperiods'); /* if($forum['password'] && $forum['password'] != $_DCOOKIE['fidpw'.$fid]) { dheader("Location: {$boardurl}forumdisplay.php?fid=$fid&sid=$sid"); } */ /*用户组、版块操作权限校验 if(empty($forum['allowview'])) { if(!$forum['viewperm'] && !$readaccess) { showmessage('group_nopermission', NULL, 'NOPERM'); } elseif($forum['viewperm'] && !forumperm($forum['viewperm'])) { showmessage('forum_nopermission', NULL, 'NOPERM'); } } */ forumformulaperm($forum['formulaperm']); /*注册时间限制 if(!$adminid && $newbiespan && (!$lastpost || $timestamp - $lastpost < $newbiespan * 3600)) { $query = $db->query("SELECT regdate FROM {$tablepre}members WHERE uid='$discuz_uid'"); if($timestamp - ($db->result($query, 0)) < $newbiespan * 3600) { showmessage('post_newbie_span'); } } */ $special = empty($special) || !is_numeric($special) || $special < 0 || $special > 6 ? 0 : intval($special); $allowpostattach = !empty($forum['allowpostattach']) || (!$forum['postattachperm'] && $allowpostattach) || ($forum['postattachperm'] && forumperm($forum['postattachperm'])); $attachextensions = $forum['attachextensions'] ? $forum['attachextensions'] : $attachextensions; $enctype = $allowpostattach ? 'enctype="multipart/form-data"' : ''; $maxattachsize_kb = $maxattachsize / 1000; $postcredits = $forum['postcredits'] ? $forum['postcredits'] : $creditspolicy['post']; $replycredits = $forum['replycredits'] ? $forum['replycredits'] : $creditspolicy['reply']; $digestcredits = $forum['digestcredits'] ? $forum['digestcredits'] : $creditspolicy['digest']; $postattachcredits = $forum['postattachcredits'] ? $forum['postattachcredits'] : $creditspolicy['postattach']; $maxprice = isset($extcredits[$creditstrans]) ? $maxprice : 0; $extra = rawurlencode($extra); $blogcheck = empty($isblog) && empty($addtoblog) ? '' : 'checked="checked"'; $notifycheck = empty($emailnotify) ? '' : 'checked="checked"'; $stickcheck = empty($sticktopic) ? '' : 'checked="checked"'; $digestcheck = empty($addtodigest) ? '' : 'checked="checked"'; $subject = isset($subject) ? dhtmlspecialchars(censor(trim($subject))) : ''; $message = isset($message) ? censor(trim($message)) : ''; $readperm = isset($readperm) ? intval($readperm) : 0; $price = isset($price) ? intval($price) : 0; /* [hide]权限校验 if(empty($bbcodeoff) && !$allowhidecode && !empty($message) && preg_match("/\[hide=?\d*\].+?\[\/hide\]/is", preg_replace("/(\[code\](.+?)\[\/code\])/is", ' ', $message))) { showmessage('post_hide_nopermission'); } */ if(periodscheck('postmodperiods', 0)) { $modnewthreads = $modnewreplies = 1; } else { $censormod = censormod($subject."\t".$message); $modnewthreads = (!$allowdirectpost || $allowdirectpost == 1) && ($forum['modnewposts'] || $censormod) ? 1 : 0; $modnewreplies = (!$allowdirectpost || $allowdirectpost == 2) && ($forum['modnewposts'] == 2 || $censormod) ? 1 : 0; } $urloffcheck = $usesigcheck = $smileyoffcheck = $codeoffcheck = $htmloncheck = $emailcheck = ''; $seccodecheck = ($seccodestatus & 4) && (!$seccodedata['minposts'] || $posts < $seccodedata['minposts']); $secqaacheck = $secqaa['status'][2] && (!$secqaa['minposts'] || $posts < $secqaa['minposts']); if($iscircle = $supe['status'] && $supe['circlestatus'] && $forum['status'] == 2) { unset($forum['threadtypes']); } $allowpostpoll = $allowpost && $allowpostpoll && ($forum['allowpostspecial'] & 1); $allowposttrade = $allowpost && $allowposttrade && ($forum['allowpostspecial'] & 2); $allowpostreward = $allowpost && $allowpostreward && ($forum['allowpostspecial'] & 4) && isset($extcredits[$creditstrans]); $allowpostactivity = $allowpost && $allowpostactivity && ($forum['allowpostspecial'] & 8); $allowpostdebate = $allowpost && $allowpostdebate && ($forum['allowpostspecial'] & 16); $allowpostvideo = $allowpost && $allowpostvideo && ($forum['allowpostspecial'] & 32) && $videoopen; $allowanonymous = $forum['allowanonymous'] || $allowanonymous ? 1 : 0; if($action == 'newthread' && $forum['allowspecialonly'] && !$special) { if($allowpostpoll) { $special = 1; } elseif($allowposttrade) { $special = 2; } elseif($allowpostreward) { $special = 3; } elseif($allowpostactivity) { $special = 4; } elseif($allowpostdebate) { $special = 5; } elseif($allowpostvideo) { $special = 6; } if(!$special) { //showmessage('undefined_action', NULL, 'HALTED'); echo('[err]undefined_action[/err]'); dexit(); } } $editorid = 'posteditor'; $editoroptions = str_pad(decbin($editoroptions), 2, 0, STR_PAD_LEFT); $editormode = $editormode == 2 ? $editoroptions{0} : $editormode; $allowswitcheditor = $editoroptions{1}; $advanceeditor = $special ? 0 : 1; $previewdisplay = !empty($previewpost) ? '' : 'none'; if(!empty($previewpost) || (empty($previewpost) && empty($topicsubmit) && empty($replysubmit) && empty($editsubmit))) { !$typeid && preg_replace("/.*typeid%3D(\d+).*/e", "\$typeid = \\1;", $extra); if($discuz_uid && $sigstatus && !$usesigcheck) { $usesigcheck = 'checked="checked"'; } $trade = array(); if(($action == 'newthread' || $action == 'reply') && $special == 2) { $query = $db->query("SELECT alipay FROM {$tablepre}memberfields WHERE uid='$discuz_uid'"); $trade['account'] = $db->result($query, 0); $trade['amount'] = 1; $trade['transport'] = 2; } $currtime = gmdate("$dateformat $timeformat", $timestamp + $timeoffset * 3600); if(empty($previewpost)) { $subject = $message = $polloptions = ''; } else { $subject = stripslashes($subject); $message = stripslashes($message); $message_preview = discuzcode($message, !empty($smileyoff), !empty($bbcodeoff), !empty($htmlon), $forum['allowsmilies'], $forum['allowbbcode'], $forum['allowimgcode'], $forum['allowhtml'], 0, 1); $message = $editormode == 1 && $bbinsert && !(isopera() && isopera() < 9) ? $message_preview : dhtmlspecialchars($message); $urloffcheck = !empty($parseurloff) ? 'checked="checked"' : ''; $usesigcheck = !empty($usesig) ? 'checked="checked"' : ''; $smileyoffcheck = !empty($smileyoff) ? 'checked="checked"' : ''; $codeoffcheck = !empty($bbcodeoff) ? 'checked="checked"' : ''; $htmloncheck = !empty($htmlon) ? 'checked="checked"' : ''; $emailcheck = !empty($emailnotify) ? 'checked="checked"' : ''; $topicsubmit = $replysubmit = $editsubmit = ''; } } else { if((!empty($topicsubmit) || !empty($replysubmit)) && (($seccodecheck && !isset($seccodeverify)) || ($secqaacheck && !isset($secanswer)))) { if($seccodecheck) { $seccode = random(6, 1) + $seccode{0} * 1000000; } if($secqaacheck) { $seccode = random(1, 1) * 1000000 + substr($seccode, -6); } $request = array ( 'method' => $_SERVER['REQUEST_METHOD'], 'action' => $PHP_SELF, 'elements' => '' ); $quesand = '?'; foreach($_GET as $key => $value) { $request['action'] .= $quesand.rawurlencode($key).'='.rawurlencode($value); $quesand = '&'; } foreach($_POST as $key => $value) { if(is_array($value)) { foreach($value as $arraykey => $arrayvalue) { $request['elements'] .= ''; } } else { $request['elements'] .= ''; } } include template('post_seccode'); dexit(); } } /* if($action == 'newthread') { require_once DISCUZ_ROOT.'./include/newthread.inc.php'; } elseif($action == 'reply') { require_once DISCUZ_ROOT.'./include/newreply.inc.php'; } elseif($action == 'edit') { require_once DISCUZ_ROOT.'./include/editpost.inc.php'; } elseif($action == 'import') { require_once DISCUZ_ROOT.'./include/supesite_import.inc.php'; } elseif($action == 'newtrade') { require_once DISCUZ_ROOT.'./include/newtrade.inc.php'; } */ //取用户名 $discuz_user=$_POST['username']; $query =$db->query("SELECT uid,password,secques FROM {$tablepre}members m WHERE m.username='$discuz_user'"); if ($rs=$db->fetch_row($query)){ list($discuz_uid,$discuz_pw, $discuz_secques ) =$rs; } else { echo('[err]帐号错误[/err]'); $db->close; dexit(); } if ($discuz_pw<>md5($_POST['password'])){ echo('[err]密码错误[/err]'); $db->close; dexit(); } //以下为newthread.inc.php内容 if(!defined('IN_DISCUZ')) { exit('Access Denied'); } $discuz_action = 11; if(empty($forum['fid']) || $forum['type'] == 'group') { //showmessage('forum_nonexistence'); echo('[err]指定的版块不存在[/err]'); $db->close; dexit(); } if(($special == 1 && !$allowpostpoll) || ($special == 2 && !$allowposttrade) || ($special == 3 && !$allowpostreward) || ($special == 4 && !$allowpostactivity) || ($special == 5 && !$allowpostdebate) || ($special == 6 && !$allowpostvideo)) { //showmessage('group_nopermission', NULL, 'NOPERM'); echo('[err]您所在的用户组(管理员)无法进行此操作[/err]'); $db->close; dexit(); } $sgid = intval($sgid); if($iscircle) { $mycircles = array(); if($discuz_uid) { supe_dbconnect(); $query = $supe['db']->query("SELECT gid, groupname FROM {$supe[tablepre]}groupuid WHERE uid='$discuz_uid' AND flag>0", 'SILENT'); while($mycircle = $supe['db']->fetch_array($query)) { $mycircles[$mycircle['gid']] = cutstr($mycircle['groupname'], 30); } } if($sgid) { supe_dbconnect(); $query = $supe['db']->query("SELECT g.groupname, gf.headerimage, gf.css FROM {$supe[tablepre]}groups g, {$supe[tablepre]}groupfields gf WHERE g.gid='$sgid' AND g.flag=1 AND g.gid=gf.gid", 'SILENT'); $circle = $supe['db']->fetch_array($query); if(!$discuz_uid || !$supe['db']->result($supe['db']->query("SELECT COUNT(*) FROM {$supe[tablepre]}groupuid WHERE uid='$discuz_uid' AND gid='$sgid' AND flag>0", 'SILENT'), 0)) { //showmessage('circle_nopermission'); echo('[err]你尚未加入本圈[/err]'); $db->close; dexit(); } } } /*组权限校验 if(!$discuz_uid && !((!$forum['postperm'] && $allowpost) || ($forum['postperm'] && forumperm($forum['postperm'])))) { showmessage('group_nopermission', NULL, 'NOPERM'); } elseif(empty($forum['allowpost'])) { if(!$forum['postperm'] && !$allowpost) { showmessage('group_nopermission', NULL, 'NOPERM'); } elseif($forum['postperm'] && !forumperm($forum['postperm'])) { showmessage('post_forum_newthread_nopermission', NULL, 'HALTED'); } } */ $isblog = empty($isblog) ? '' : 'yes'; if($isblog && (!$allowuseblog || !$forum['allowshare'])) { //showmessage('post_newthread_blog_invalid', NULL, 'HALT'); echo('[err]无权加入日志[/err]'); $db->close; dexit(); } /*QIHOO转帖校验 if($url && !empty($qihoo['relate']['webnum'])) { $from = in_array($from, array('direct', 'iframe')) ? $from : ''; if($data = @implode('', file("http://search.qihoo.com/sint/content.html?surl=$url&md5=$md5&ocs=$charset&ics=$charset&from=$from"))) { preg_match_all("/(\w+):([^\>]+)/i", $data, $data); if(!$data[2][1]) { $subject = trim($data[2][3]); $message = !$editormode ? str_replace('[br]', "\n", trim($data[2][4])) : str_replace('[br]', '
', trim($data[2][4])); } else { showmessage('reprint_invalid'); } } } */ checklowerlimit($postcredits); /*if(!submitcheck('topicsubmit', 0, $seccodecheck, $secqaacheck)) { $special = !$allowspecialonly ? intval($special) : 'only'; $modelid = $modelid ? intval($modelid) : ''; $typeselect = typeselect($selecttypeid, $special, '', $modelid); $icons = ''; if(!$special && is_array($_DCACHE['icons'])) { $key = 1; foreach($_DCACHE['icons'] as $id => $icon) { $icons .= ' '; $icons .= !(++$key % 10) ? '
' : ''; } } if($special == 2 && $allowposttrade) { $expiration_7days = date('Y-m-d', $timestamp + 86400 * 7); $expiration_14days = date('Y-m-d', $timestamp + 86400 * 14); $trade['expiration'] = $expiration_month = date('Y-m-d', mktime(0, 0, 0, date('m')+1, date('d'), date('Y'))); $expiration_3months = date('Y-m-d', mktime(0, 0, 0, date('m')+3, date('d'), date('Y'))); $expiration_halfyear = date('Y-m-d', mktime(0, 0, 0, date('m')+6, date('d'), date('Y'))); $expiration_year = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y')+1)); $tradetypeselect = ''; $forum['tradetypes'] = $forum['tradetypes'] == '' ? -1 : unserialize($forum['tradetypes']); if($tradetypes && !empty($forum['tradetypes'])) { $tradetypeselect = ''; } } elseif($special == 6 && $allowpostvideo) { $query = $db->query("SELECT value FROM {$tablepre}settings WHERE variable='videoinfo'"); $settings = unserialize($db->result($query, 0)); $vclassesselect = "'; } if($special == 2) { include template('post_newthread_trade'); } elseif($special == 4) { $activitytypelist = $activitytype ? explode("\n", trim($activitytype)) : ''; include template('post_newthread_activity'); } else { include template('post_newthread'); } */ //} else { if(True){ if($subject == '' || $message == '') { //showmessage('post_sm_isnull'); echo('[err]您没有输入标题或内容[/err]'); $db->close; dexit(); } $ETreplycontents=explode("#-page-#",$message); //ET增加 $message=$ETreplycontents[0]; if($post_invalid = checkpost()) { //showmessage($post_invalid); echo('[err]'.$post_invalid.'[/err]'); $db->close; dexit(); } /*灌水时间校验 if(checkflood()) { showmessage('post_flood_ctrl'); } */ if($allowpostattach && is_array($_FILES['attach'])) { foreach($_FILES['attach']['name'] as $attachname) { if($attachname != '') { checklowerlimit($postattachcredits); break; } } } $typeid = isset($typeid) && isset($forum['threadtypes']['types'][$typeid]) ? $typeid : 0; $iconid = !empty($iconid) && isset($_DCACHE['icons'][$iconid]) ? $iconid : 0; $displayorder = $modnewthreads ? -2 : (($forum['ismoderator'] && !empty($sticktopic)) ? 1 : 0); $digest = ($forum['ismoderator'] && !empty($addtodigest)) ? 1 : 0; $blog = $allowuseblog && $forum['allowshare'] && !empty($addtoblog) ? 1 : 0; $readperm = $allowsetreadperm ? $readperm : 0; $isanonymous = $isanonymous && $allowanonymous ? 1 : 0; $price = intval($price); $price = $maxprice && !$special ? ($price <= $maxprice ? $price : $maxprice) : 0; if(!$typeid && $forum['threadtypes']['required'] && !$special) { //showmessage('post_type_isnull'); echo('[err]主题分类不能为空[/err]'); $db->close; dexit(); } if($price > 0 && floor($price * (1 - $creditstax)) == 0) { //showmessage('post_net_price_iszero'); echo('[err]您的主题售价扣除积分交易税后为 0[/err]'); $db->close; dexit(); } /* if($special == 1) { $pollarray = array(); $polloptions = explode("\n", $polloptions); foreach($polloptions as $key => $value) { if(!$value = trim($value)) { unset($polloptions[$key]); } } if(count($polloptions) > $maxpolloptions) { showmessage('post_poll_option_toomany'); } elseif(count($polloptions) < 2) { showmessage('post_poll_inputmore'); } $maxchoices = $maxchoices >= count($polloptions) ? count($polloptions) : $maxchoices; $pollarray['options'] = $polloptions; $pollarray['multiple'] = !empty($multiplepoll); $pollarray['visible'] = empty($visiblepoll); if(preg_match("/^\d*$/", trim($maxchoices)) && preg_match("/^\d*$/", trim($expiration))) { if(!$pollarray['multiple']) { $pollarray['maxchoices'] = 1; } elseif(empty($maxchoices)) { $pollarray['maxchoices'] = 0; } elseif($maxchoices == 1) { $pollarray['multiple'] = 0; $pollarray['maxchoices'] = $maxchoices; } else { $pollarray['maxchoices'] = $maxchoices; } if(empty($expiration)) { $pollarray['expiration'] = 0; } else { $pollarray['expiration'] = $timestamp + 86400 * $expiration; } } else { showmessage('poll_maxchoices_expiration_invalid'); } } elseif($special == 3) { $rewardprice = intval($rewardprice); if($rewardprice < 1) { showmessage('reward_credits_please'); } elseif($rewardprice > 32767) { showmessage('reward_credits_overflow'); } elseif($rewardprice < $minrewardprice || ($maxrewardprice > 0 && $rewardprice > $maxrewardprice)) { showmessage('reward_credits_between'); } elseif(($realprice = $rewardprice + ceil($rewardprice * $creditstax)) > $_DSESSION["extcredits$creditstrans"]) { showmessage('reward_credits_shortage'); } $price = $rewardprice; $db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans-$realprice WHERE uid='$discuz_uid'"); } elseif($special == 4) { if(empty($starttimefrom[$activitytime])) { showmessage('activity_fromtime_please'); } elseif(@strtotime($starttimefrom[$activitytime]) === -1 || @strtotime($starttimefrom[$activitytime]) === FALSE) { showmessage('activity_fromtime_error'); } elseif(@strtotime($starttimefrom[$activitytime]) < $timestamp) { showmessage('activity_smaller_current'); } elseif($activitytime && ((@strtotime($starttimefrom) > @strtotime($starttimeto) || !$starttimeto))) { showmessage('activity_fromtime_error'); } elseif(!trim($activityclass)) { showmessage('activity_sort_please'); } elseif(!trim($activityplace)) { showmessage('activity_address_please'); } elseif(trim($activityexpiration) && (@strtotime($activityexpiration) === -1 || @strtotime($activityexpiration) === FALSE)) { showmessage('activity_totime_error'); } $activity = array(); $activity['class'] = dhtmlspecialchars(trim($activityclass)); $activity['starttimefrom'] = @strtotime($starttimefrom[$activitytime]); $activity['starttimeto'] = $activitytime ? @strtotime($starttimeto) : 0; $activity['place'] = dhtmlspecialchars(trim($activityplace)); $activity['cost'] = intval($cost); $activity['gender'] = intval($gender); $activity['number'] = intval($activitynumber); if($activityexpiration) { $activity['expiration'] = @strtotime($activityexpiration); } else { $activity['expiration'] = 0; } if(trim($activitycity)) { $subject .= '['.dhtmlspecialchars(trim($activitycity)).']'; } } elseif($special == 5) { if(empty($affirmpoint) || empty($negapoint)) { showmessage('debate_position_nofound'); } elseif(!empty($endtime) && (!($endtime = @strtotime($endtime)) || $endtime < $timestamp)) { showmessage('debate_endtime_invalid'); } elseif(!empty($umpire)) { $query = $db->query("SELECT COUNT(*) FROM {$tablepre}members WHERE username='$umpire'"); if(!$db->result($query, 0)) { $umpire = dhtmlspecialchars($umpire); showmessage('debate_umpire_invalid'); } } $affirmpoint = dhtmlspecialchars($affirmpoint); $negapoint = dhtmlspecialchars($negapoint); $stand = intval($stand); } */ $typeid = $special && $forum['threadtypes']['special'][$typeid] ? 0 : $typeid; $typeexpiration = intval($typeexpiration); if($forum['threadtypes']['expiration'][$typeid] && !$typeexpiration) { //showmessage('threadtype_expiration_invalid'); echo('[err]此主题必须指定有效期[/err]'); $db->close; dexit(); } $optiondata = array(); if($forum['threadtypes']['special'][$typeid] && $typeoption && is_array($typeoption) && $checkoption && !$allowspecialonly) { $optiondata = threadtype_validator($typeoption); } $author = !$isanonymous ? $discuz_user : ''; $moderated = $digest || $displayorder > 0 ? 1 : 0; //$attachment = ($allowpostattach && $attachments = attach_upload()) ? 1 : 0; //ET增加关于附件 $ETattachs=trim($_POST['ETattachs']); if(strlen($ETattachs)>0){ $attachment=1; } $subscribed = !empty($emailnotify) && $discuz_uid ? 1 : 0; $supe_pushstatus = $supe['status'] && $forum['supe_pushsetting']['status'] == 1 && !$modnewthreads ? '1' : '0'; $sgidadd1 = $sgidadd2 = ''; if($iscircle) { $sgidadd1 = ', sgid'; $sgidadd2 = ", '$sgid'"; } $db->query("INSERT INTO {$tablepre}threads (fid, readperm, price, iconid, typeid, author, authorid, subject, dateline, lastpost, lastposter, displayorder, digest, blog, special, attachment, subscribed, moderated, supe_pushstatus $sgidadd1) VALUES ('$fid', '$readperm', '$price', '$iconid', '$typeid', '$author', '$discuz_uid', '$subject', '$timestamp', '$timestamp', '$author', '$displayorder', '$digest', '$blog', '$special', '$attachment', '$subscribed', '$moderated', '$supe_pushstatus' $sgidadd2)"); $tid = $db->insert_id(); if($subscribed) { $db->query("REPLACE INTO {$tablepre}subscriptions (uid, tid, lastpost, lastnotify) VALUES ('$discuz_uid', '$tid', '$timestamp', '$timestamp')", 'UNBUFFERED'); } /* if($special == 3 && $allowpostreward) { $db->query("INSERT INTO {$tablepre}rewardlog (tid, authorid, netamount, dateline) VALUES ('$tid', '$discuz_uid', $realprice, '$timestamp')"); } */ $db->query("REPLACE INTO {$tablepre}mythreads (uid, tid, dateline, special) VALUES ('$discuz_uid', '$tid', '$timestamp', '$special')", 'UNBUFFERED'); if($moderated) { updatemodlog($tid, ($displayorder > 0 ? 'STK' : 'DIG')); updatemodworks(($displayorder > 0 ? 'STK' : 'DIG'), 1); } /* if($special == 1) { $db->query("INSERT INTO {$tablepre}polls (tid, multiple, visible, maxchoices, expiration) VALUES ('$tid', '$pollarray[multiple]', '$pollarray[visible]', '$pollarray[maxchoices]', '$pollarray[expiration]')"); foreach($pollarray['options'] as $polloptvalue) { $polloptvalue = dhtmlspecialchars(trim($polloptvalue)); $db->query("INSERT INTO {$tablepre}polloptions (tid, polloption) VALUES ('$tid', '$polloptvalue')"); } } elseif($special == 4 && $allowpostactivity) { $db->query("INSERT INTO {$tablepre}activities (tid, uid, cost, starttimefrom, starttimeto, place, class, gender, number, expiration) VALUES ('$tid', '$discuz_uid', '$activity[cost]', '$activity[starttimefrom]', '$activity[starttimeto]', '$activity[place]', '$activity[class]', '$activity[gender]', '$activity[number]', '$activity[expiration]')"); } elseif($special == 5 && $allowpostdebate) { $db->query("INSERT INTO {$tablepre}debates (tid, uid, starttime, endtime, affirmdebaters, negadebaters, affirmvotes, negavotes, umpire, winner, bestdebater, affirmpoint, negapoint, umpirepoint) VALUES ('$tid', '$discuz_uid', '$timestamp', '$endtime', '0', '0', '0', '0', '$umpire', '', '', '$affirmpoint', '$negapoint', '')"); } else */ // if($special == 6 && $allowpostvideo) { // // $vid = dhtmlspecialchars($vid); // $vclass = intval($vclass); // $visup = intval($visup); // $vautoplay = intval($vautoplay); // $code = urlencode(authcode("vid=$vid&isup=$visup&vautoplay=$vautoplay&vshare=$vshare&vtitle=$subjectu8&vtag=$tagsu8&vclass=$vclass", 'ENCODE', $vkey)); // $returninfo = dfopen("http://union.bokecc.com/discuz2/addv.bo?siteid=$vsiteid&code=$code"); // // list($vthumb, $shareurl) = explode(',', $returninfo);//note $shareurl : [video]视频id[/video] 预留 // $vthumb = dhtmlspecialchars(addslashes($vthumb)); // $query = $db->query("INSERT INTO {$tablepre}videos (vid, tid, uid, dateline, vthumb, vtitle, vclass, visup, vautoplay) // VALUES ('$vid', '$tid', '$discuz_uid', '$timestamp', '$vthumb', '$subject', '$vclass', '$visup', '$vautoplay')", 'SILENT'); // $videotags = preg_split("/[\s,]+/", str_replace(array(chr(0xa1).chr(0xa1), chr(0xa1).chr(0x40), chr(0xe3).chr(0x80).chr(0x80)), '', $tags)); // if($videotags) { // $i = 0; // foreach($videotags as $videotag) { // if($i++ > 5) { // break; // } // $videotag = trim($videotag); // if(preg_match('/^([\x7f-\xff_-]|\w){3,20}$/', $videotag)) { // $vid && $vid != '-1' && $db->query("INSERT INTO {$tablepre}videotags(tagname, vid) VALUES ('$videotag', '$vid')", 'SILENT'); // } // } // } // // } if($forum['threadtypes']['special'][$typeid] && $optiondata && is_array($optiondata)) { foreach($optiondata as $optionid => $value) { $db->query("INSERT INTO {$tablepre}typeoptionvars (typeid, tid, optionid, value, expiration) VALUES ('$typeid', '$tid', '$optionid', '$value', '".($typeexpiration ? $timestamp + $typeexpiration : 0)."')"); } } $bbcodeoff = checkbbcodes($message, !empty($bbcodeoff)); $smileyoff = checksmilies($message, !empty($smileyoff)); $parseurloff = !empty($parseurloff); //$htmlon = bindec(($tagstatus && !empty($tagoff) ? 1 : 0).($allowhtml && !empty($htmlon) ? 1 : 0)); $htmlon=1; //允许使用HTML $attachment=0; //正文里不做附件标记,以避免显示重复 $pinvisible = $modnewthreads ? -2 : 0; $db->query("INSERT INTO {$tablepre}posts (fid, tid, first, author, authorid, subject, dateline, message, useip, invisible, anonymous, usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment) VALUES ('$fid', '$tid', '1', '$discuz_user', '$discuz_uid', '$subject', '$timestamp', '$message', '$onlineip', '$pinvisible', '$isanonymous', '$usesig', '$htmlon', '$bbcodeoff', '$smileyoff', '$parseurloff', '$attachment')"); $pid = $db->insert_id(); if($tagstatus && $tags != '') { $tags = str_replace(array(chr(0xa1).chr(0xa1), chr(0xa1).chr(0x40), chr(0xe3).chr(0x80).chr(0x80)), ' ', $tags); $tagarray = array_unique(explode(' ', censor($tags))); $tagcount = 0; foreach($tagarray as $tagname) { $tagname = trim($tagname); if(preg_match('/^([\x7f-\xff_-]|\w){3,20}$/', $tagname)) { $query = $db->query("SELECT closed FROM {$tablepre}tags WHERE tagname='$tagname'"); if($db->num_rows($query)) { if(!$tagstatus = $db->result($query, 0)) { $db->query("UPDATE {$tablepre}tags SET total=total+1 WHERE tagname='$tagname'", 'UNBUFFERED'); } } else { $db->query("INSERT INTO {$tablepre}tags (tagname, closed, total) VALUES ('$tagname', 0, 1)", 'UNBUFFERED'); $tagstatus = 0; } if(!$tagstatus) { $db->query("INSERT {$tablepre}threadtags (tagname, tid) VALUES ('$tagname', $tid)", 'UNBUFFERED'); } $tagcount++; if($tagcount > 4) { unset($tagarray); break; } } } } $tradeaid = 0; // if($attachment) { // $searcharray = $pregarray = $replacearray = array(); // foreach($attachments as $key => $attach) { // $db->query("INSERT INTO {$tablepre}attachments (tid, pid, dateline, readperm, price, filename, description, filetype, filesize, attachment, downloads, isimage, uid, thumb, remote) // VALUES ('$tid', '$pid', '$timestamp', '$attach[perm]', '$attach[price]', '$attach[name]', '$attach[description]', '$attach[type]', '$attach[size]', '$attach[attachment]', '0', '$attach[isimage]', '$attach[uid]', '$attach[thumb]', '$attach[remote]')"); // $searcharray[] = '[local]'.$localid[$key].'[/local]'; // $pregarray[] = '/\[localimg=(\d{1,3}),(\d{1,3})\]'.$localid[$key].'\[\/localimg\]/is'; // $replacearray[] = '[attach]'.$db->insert_id().'[/attach]'; // } // $message = str_replace($searcharray, $replacearray, preg_replace($pregarray, $replacearray, $message)); // $db->query("UPDATE {$tablepre}posts SET message='$message' WHERE pid='$pid'"); // updatecredits($discuz_uid, $postattachcredits, count($attachments)); // } if(strlen($ETattachs)>0){ $ETimgext = array('jpg', 'gif', 'png', 'bmp'); $ETattachlist=explode(",",$ETattachs); // $searcharray = $pregarray = $replacearray = array(); foreach($ETattachlist as $attach) { $attach=preg_replace("/(.*?)attachments\//i","",$attach); $tmpattach=explode("/",$attach); $attachname=$tmpattach[count($tmpattach)-1]; $tmpattach=explode(".",$attachname); $attachext=$tmpattach[count($tmpattach)-1]; if(empty($attachname)||empty($attachext)){ continue; } if(in_array($attachext, $ETimgext)) { $ETisimage = 1; }else{ $ETisimage= 0; } $timestamp++; $db->query("INSERT INTO {$tablepre}attachments (tid, pid, dateline, filename, filetype, attachment, downloads, isimage, uid) VALUES ('$tid', '$pid', '$timestamp', '$attachname', '', '$attach', '0', '$ETisimage', '$discuz_uid')"); // $searcharray[] = '/]*)'.$attachname.'([^<>]*?)>/'; // $replacearray[] = '[attach]'.$db->insert_id().'[/attach]'; } // $message =preg_replace($searcharray, $replacearray, $message); // $db->query("UPDATE {$tablepre}posts SET message='$message' WHERE pid='$pid'"); // updatecredits($discuz_uid, $postattachcredits, count($attachments)); } if($iscircle && $sgid) { supe_dbconnect(); $query = $supe['db']->query("UPDATE {$supe[tablepre]}groups SET lastpost='$timestamp' WHERE gid='$sgid'", 'SILENT'); } if($modnewthreads) { $db->query("UPDATE {$tablepre}forums SET todayposts=todayposts+1 WHERE fid='$fid'", 'UNBUFFERED'); //$allowuseblog && $isblog && $blog ? showmessage('post_newthread_mod_blog_succeed', "blog.php?uid=$discuz_uid") : showmessage('post_newthread_mod_succeed', "forumdisplay.php?fid=$fid"); $success=true; } else { if($digest) { foreach($digestcredits as $id => $addcredits) { $postcredits[$id] = (isset($postcredits[$id]) ? $postcredits[$id] : 0) + $addcredits; } } updatepostcredits('+', $discuz_uid, $postcredits); $subject = str_replace("\t", ' ', $subject); $lastpost = "$tid\t$subject\t$timestamp\t$author"; $db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost', threads=threads+1, posts=posts+1, todayposts=todayposts+1 WHERE fid='$fid'", 'UNBUFFERED'); if($forum['type'] == 'sub') { $db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost' WHERE fid='$forum[fup]'", 'UNBUFFERED'); } /* if($allowuseblog && $isblog && $blog) { showmessage('post_newthread_blog_succeed', "blog.php?tid=$tid"); } else { showmessage('post_newthread_succeed', "viewthread.php?tid=$tid&extra=$extra".(!empty($frombbs) ? "&frombbs=$frombbs" : '')); } */ $success=true; } } //回复 for($i=1;$i <= count($ETreplycontents); $i++) { if(trim($ETreplycontents[$i])==''){ unset($ETreplycontents[$i]); } } $ETreplycontents=array_values($ETreplycontents); if (count($ETreplycontents)>1){ $ruser=$_POST['ruser']; $ruser=empty($ruser)?$discuz_user:$ruser; $ETreplyusers=explode(",",$ruser); for($i=1;$i <= count($ETreplycontents); $i++) { $message=$ETreplycontents[$i]; $user_j=rand(0,count($ETreplyusers)-1); $ETreplyuser=explode("|",$ETreplyusers[$user_j]); if(count($ETreplyuser)==2){ $discuz_user=$author=$ETreplyuser[0]; $discuz_uid=$ETreplyuser[1]; } $timestamp=$timestamp+rand(1,1000); if(trim($message)!=''){ $db->query("INSERT INTO {$tablepre}posts (fid, tid, first, author, authorid, subject, dateline, message, useip, invisible, anonymous, usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment) VALUES ('$fid', '$tid', '0', '$discuz_user', '$discuz_uid', '', '$timestamp', '$message', '$onlineip', '$pinvisible', '$isanonymous', '$usesig', '$htmlon', '$bbcodeoff', '$smileyoff', '$parseurloff', '$attachment')"); $pid = $db->insert_id(); $db->query("REPLACE INTO {$tablepre}myposts (uid, tid, pid, position, dateline, special) VALUES ('$discuz_uid', '$tid', '$pid', '".($thread['replies'] + 1)."', '$timestamp', '$special')", 'UNBUFFERED'); } } $i=$i-2; $db->query("UPDATE {$tablepre}threads SET lastposter='$author', lastpost='$timestamp', replies=replies+'$i' ".($attachment ? ', attachment=\'1\'' : '').", subscribed='".($subscribed || $newsubscribed ? 1 : 0)."' WHERE tid='$tid'", 'UNBUFFERED'); updatepostcredits('+', $discuz_uid, $replycredits); $lastpost = "$tid\t$subject\t$timestamp\t$author"; $db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost', posts=posts+'$i', todayposts=todayposts+'$i' WHERE fid='$fid'", 'UNBUFFERED'); if($forum['type'] == 'sub') { $db->query("UPDATE {$tablepre}forums SET lastpost='$lastpost' WHERE fid='$forum[fup]'", 'UNBUFFERED'); } } //回复结束 if ($success){echo('1');} ?>