本文整理汇总了PHP中create_control_verification函数的典型用法代码示例。如果您正苦于以下问题:PHP create_control_verification函数的具体用法?PHP create_control_verification怎么用?PHP create_control_verification使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了create_control_verification函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: ReportToModerator2
function ReportToModerator2()
{
global $txt, $scripturl, $topic, $board, $user_info, $modSettings, $sourcedir, $language, $context, $smcFunc;
// You must have the proper permissions!
isAllowedTo('report_any');
// Make sure they aren't spamming.
spamProtection('reporttm');
require_once $sourcedir . '/Subs-Post.php';
// No errors, yet.
$post_errors = array();
// Check their session.
if (checkSession('post', '', false) != '') {
$post_errors[] = 'session_timeout';
}
// Make sure we have a comment and it's clean.
if (!isset($_POST['comment']) || $smcFunc['htmltrim']($_POST['comment']) === '') {
$post_errors[] = 'no_comment';
}
$poster_comment = strtr($smcFunc['htmlspecialchars']($_POST['comment']), array("\r" => '', "\n" => '', "\t" => ''));
// Guests need to provide their address!
if ($user_info['is_guest']) {
$_POST['email'] = !isset($_POST['email']) ? '' : trim($_POST['email']);
if ($_POST['email'] === '') {
$post_errors[] = 'no_email';
} elseif (preg_match('~^[0-9A-Za-z=_+\\-/][0-9A-Za-z=_\'+\\-/\\.]*@[\\w\\-]+(\\.[\\w\\-]+)*(\\.[\\w]{2,6})$~', $_POST['email']) == 0) {
$post_errors[] = 'bad_email';
}
isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt['guest_title']));
$user_info['email'] = htmlspecialchars($_POST['email']);
}
// Could they get the right verification code?
if ($user_info['is_guest'] && !empty($modSettings['guests_report_require_captcha'])) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'report');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
$post_errors = array_merge($post_errors, $context['require_verification']);
}
}
// Any errors?
if (!empty($post_errors)) {
loadLanguage('Errors');
$context['post_errors'] = array();
foreach ($post_errors as $post_error) {
$context['post_errors'][] = $txt['error_' . $post_error];
}
return ReportToModerator();
}
// Get the basic topic information, and make sure they can see it.
$_POST['msg'] = (int) $_POST['msg'];
$request = $smcFunc['db_query']('', '
SELECT m.id_topic, m.id_board, m.subject, m.body, m.id_member AS id_poster, m.poster_name, mem.real_name
FROM {db_prefix}messages AS m
LEFT JOIN {db_prefix}members AS mem ON (m.id_member = mem.id_member)
WHERE m.id_msg = {int:id_msg}
AND m.id_topic = {int:current_topic}
LIMIT 1', array('current_topic' => $topic, 'id_msg' => $_POST['msg']));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_board', false);
}
$message = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$poster_name = un_htmlspecialchars($message['real_name']) . ($message['real_name'] != $message['poster_name'] ? ' (' . $message['poster_name'] . ')' : '');
$reporterName = un_htmlspecialchars($user_info['name']) . ($user_info['name'] != $user_info['username'] && $user_info['username'] != '' ? ' (' . $user_info['username'] . ')' : '');
$subject = un_htmlspecialchars($message['subject']);
// Get a list of members with the moderate_board permission.
require_once $sourcedir . '/Subs-Members.php';
$moderators = membersAllowedTo('moderate_board', $board);
$request = $smcFunc['db_query']('', '
SELECT id_member, email_address, lngfile, mod_prefs
FROM {db_prefix}members
WHERE id_member IN ({array_int:moderator_list})
AND notify_types != {int:notify_types}
ORDER BY lngfile', array('moderator_list' => $moderators, 'notify_types' => 4));
// Check that moderators do exist!
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_mods', false);
}
// If we get here, I believe we should make a record of this, for historical significance, yabber.
if (empty($modSettings['disable_log_report'])) {
$request2 = $smcFunc['db_query']('', '
SELECT id_report, ignore_all
FROM {db_prefix}log_reported
WHERE id_msg = {int:id_msg}
AND (closed = {int:not_closed} OR ignore_all = {int:ignored})
ORDER BY ignore_all DESC', array('id_msg' => $_POST['msg'], 'not_closed' => 0, 'ignored' => 1));
if ($smcFunc['db_num_rows']($request2) != 0) {
list($id_report, $ignore) = $smcFunc['db_fetch_row']($request2);
}
$smcFunc['db_free_result']($request2);
// If we're just going to ignore these, then who gives a monkeys...
if (!empty($ignore)) {
redirectexit('topic=' . $topic . '.msg' . $_POST['msg'] . '#msg' . $_POST['msg']);
}
// Already reported? My god, we could be dealing with a real rogue here...
if (!empty($id_report)) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}log_reported
SET num_reports = num_reports + 1, time_updated = {int:current_time}
WHERE id_report = {int:id_report}', array('current_time' => time(), 'id_report' => $id_report));
//.........这里部分代码省略.........
示例2: Register2
function Register2($verifiedOpenID = false)
{
global $txt, $modSettings, $context, $sourcedir;
// Start collecting together any errors.
$reg_errors = array();
// Did we save some open ID fields?
if ($verifiedOpenID && !empty($context['openid_save_fields'])) {
foreach ($context['openid_save_fields'] as $id => $value) {
$_POST[$id] = $value;
}
}
// You can't register if it's disabled.
if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 3) {
fatal_lang_error('registration_disabled', false);
}
// Things we don't do for people who have already confirmed their OpenID allegances via register.
if (!$verifiedOpenID) {
// Well, if you don't agree, you can't register.
if (!empty($modSettings['requireAgreement']) && empty($_SESSION['registration_agreed'])) {
redirectexit();
}
// Make sure they came from *somewhere*, have a session.
if (!isset($_SESSION['old_url'])) {
redirectexit('action=register');
}
// Are they under age, and under age users are banned?
if (!empty($modSettings['coppaAge']) && empty($modSettings['coppaType']) && empty($_SESSION['skip_coppa'])) {
// !!! This should be put in Errors, imho.
loadLanguage('Login');
fatal_lang_error('under_age_registration_prohibited', false, array($modSettings['coppaAge']));
}
// Check whether the visual verification code was entered correctly.
if (!empty($modSettings['reg_verification'])) {
require_once $sourcedir . '/lib/Subs-Editor.php';
$verificationOptions = array('id' => 'register');
$context['visual_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['visual_verification'])) {
loadLanguage('Errors');
foreach ($context['visual_verification'] as $error) {
$reg_errors[] = $txt['error_' . $error];
}
}
}
}
foreach ($_POST as $key => $value) {
if (!is_array($_POST[$key])) {
$_POST[$key] = htmltrim__recursive(str_replace(array("\n", "\r"), '', $_POST[$key]));
}
}
// Collect all extra registration fields someone might have filled in.
$possible_strings = array('location', 'birthdate', 'time_format', 'buddy_list', 'pm_ignore_list', 'smiley_set', 'signature', 'personal_text', 'avatar', 'lngfile', 'secret_question', 'secret_answer');
$possible_ints = array('pm_email_notify', 'notify_types', 'gender', 'id_theme');
$possible_floats = array('time_offset');
$possible_bools = array('notify_announcements', 'notify_regularity', 'notify_send_body', 'hide_email', 'show_online');
if (isset($_POST['secret_answer']) && $_POST['secret_answer'] != '') {
$_POST['secret_answer'] = md5($_POST['secret_answer']);
}
// Needed for isReservedName() and registerMember().
require_once $sourcedir . '/lib/Subs-Members.php';
// Validation... even if we're not a mall.
if (isset($_POST['real_name']) && (!empty($modSettings['allow_editDisplayName']) || allowedTo('moderate_forum'))) {
$_POST['real_name'] = trim(preg_replace('~[\\s]~u', ' ', $_POST['real_name']));
if (trim($_POST['real_name']) != '' && !isReservedName($_POST['real_name']) && commonAPI::strlen($_POST['real_name']) < 60) {
$possible_strings[] = 'real_name';
}
}
// Handle a string as a birthdate...
if (isset($_POST['birthdate']) && $_POST['birthdate'] != '') {
$_POST['birthdate'] = strftime('%Y-%m-%d', strtotime($_POST['birthdate']));
} elseif (!empty($_POST['bday1']) && !empty($_POST['bday2'])) {
$_POST['birthdate'] = sprintf('%04d-%02d-%02d', empty($_POST['bday3']) ? 0 : (int) $_POST['bday3'], (int) $_POST['bday1'], (int) $_POST['bday2']);
}
// By default assume email is hidden, only show it if we tell it to.
$_POST['hide_email'] = !empty($_POST['allow_email']) ? 0 : 1;
// Validate the passed language file.
if (isset($_POST['lngfile']) && !empty($modSettings['userLanguage'])) {
// Do we have any languages?
if (empty($context['languages'])) {
getLanguages();
}
// Did we find it?
if (isset($context['languages'][$_POST['lngfile']])) {
$_SESSION['language'] = $_POST['lngfile'];
} else {
unset($_POST['lngfile']);
}
} else {
unset($_POST['lngfile']);
}
// Set the options needed for registration.
$regOptions = array('interface' => 'guest', 'username' => !empty($_POST['user']) ? $_POST['user'] : '', 'email' => !empty($_POST['email']) ? $_POST['email'] : '', 'password' => !empty($_POST['passwrd1']) ? $_POST['passwrd1'] : '', 'password_check' => !empty($_POST['passwrd2']) ? $_POST['passwrd2'] : '', 'openid' => !empty($_POST['openid_identifier']) ? $_POST['openid_identifier'] : '', 'auth_method' => !empty($_POST['authenticate']) ? $_POST['authenticate'] : '', 'check_reserved_name' => true, 'check_password_strength' => true, 'check_email_ban' => true, 'send_welcome_email' => !empty($modSettings['send_welcomeEmail']), 'require' => !empty($modSettings['coppaAge']) && !$verifiedOpenID && empty($_SESSION['skip_coppa']) ? 'coppa' : (empty($modSettings['registration_method']) ? 'nothing' : ($modSettings['registration_method'] == 1 ? 'activation' : 'approval')), 'extra_register_vars' => array(), 'theme_vars' => array());
// Include the additional options that might have been filled in.
foreach ($possible_strings as $var) {
if (isset($_POST[$var])) {
$regOptions['extra_register_vars'][$var] = commonAPI::htmlspecialchars($_POST[$var], ENT_QUOTES);
}
}
foreach ($possible_ints as $var) {
if (isset($_POST[$var])) {
$regOptions['extra_register_vars'][$var] = (int) $_POST[$var];
//.........这里部分代码省略.........
示例3: action_contact
/**
* Shows the contact form for the user to fill out
* Needs to be enabled to be used
*/
public function action_contact()
{
global $context, $txt, $user_info, $modSettings;
// Already inside, no need to use this, just send a PM
// Disabled, you cannot enter.
if (!$user_info['is_guest'] || empty($modSettings['enable_contactform']) || $modSettings['enable_contactform'] == 'disabled') {
redirectexit();
}
loadLanguage('Login');
loadTemplate('Register');
if (isset($_REQUEST['send'])) {
checkSession('post');
validateToken('contact');
spamProtection('contact');
// No errors, yet.
$context['errors'] = array();
loadLanguage('Errors');
// Could they get the right send topic verification code?
require_once SUBSDIR . '/VerificationControls.class.php';
require_once SUBSDIR . '/Members.subs.php';
// form validation
require_once SUBSDIR . '/DataValidator.class.php';
$validator = new Data_Validator();
$validator->sanitation_rules(array('emailaddress' => 'trim', 'contactmessage' => 'trim|Util::htmlspecialchars'));
$validator->validation_rules(array('emailaddress' => 'required|valid_email', 'contactmessage' => 'required'));
$validator->text_replacements(array('emailaddress' => $txt['error_email'], 'contactmessage' => $txt['error_message']));
// Any form errors
if (!$validator->validate($_POST)) {
$context['errors'] = $validator->validation_errors();
}
// How about any verification errors
$verificationOptions = array('id' => 'contactform');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $error) {
$context['errors'][] = $txt['error_' . $error];
}
}
// No errors, then send the PM to the admins
if (empty($context['errors'])) {
$admins = admins();
if (!empty($admins)) {
require_once SUBSDIR . '/PersonalMessage.subs.php';
sendpm(array('to' => array_keys($admins), 'bcc' => array()), $txt['contact_subject'], $_REQUEST['contactmessage'], false, array('id' => 0, 'name' => $validator->emailaddress, 'username' => $validator->emailaddress));
}
// Send the PM
redirectexit('action=contact;sa=done');
} else {
$context['emailaddress'] = $validator->emailaddress;
$context['contactmessage'] = $validator->contactmessage;
}
}
if (isset($_GET['sa']) && $_GET['sa'] == 'done') {
$context['sub_template'] = 'contact_form_done';
} else {
$context['sub_template'] = 'contact_form';
$context['page_title'] = $txt['admin_contact_form'];
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'contactform');
$context['require_verification'] = create_control_verification($verificationOptions);
$context['visual_verification_id'] = $verificationOptions['id'];
}
createToken('contact');
}示例4: Post2
function Post2()
{
global $board, $topic, $txt, $modSettings, $sourcedir, $context;
global $user_info, $board_info, $options, $smcFunc;
// Sneaking off, are we?
if (empty($_POST) && empty($topic)) {
redirectexit('action=post;board=' . $board . '.0');
} elseif (empty($_POST) && !empty($topic)) {
redirectexit('action=post;topic=' . $topic . '.0');
}
// No need!
$context['robot_no_index'] = true;
// If we came from WYSIWYG then turn it back into BBC regardless.
if (!empty($_REQUEST['message_mode']) && isset($_REQUEST['message'])) {
require_once $sourcedir . '/Subs-Editor.php';
$_REQUEST['message'] = html_to_bbc($_REQUEST['message']);
// We need to unhtml it now as it gets done shortly.
$_REQUEST['message'] = un_htmlspecialchars($_REQUEST['message']);
// We need this for everything else.
$_POST['message'] = $_REQUEST['message'];
}
// Previewing? Go back to start.
if (isset($_REQUEST['preview'])) {
return Post();
}
// Prevent double submission of this form.
checkSubmitOnce('check');
// No errors as yet.
$post_errors = array();
// If the session has timed out, let the user re-submit their form.
if (checkSession('post', '', false) != '') {
$post_errors[] = 'session_timeout';
}
// Wrong verification code?
if (!$user_info['is_admin'] && !$user_info['is_mod'] && !empty($modSettings['posts_require_captcha']) && ($user_info['posts'] < $modSettings['posts_require_captcha'] || $user_info['is_guest'] && $modSettings['posts_require_captcha'] == -1)) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
$post_errors = array_merge($post_errors, $context['require_verification']);
}
}
require_once $sourcedir . '/Subs-Post.php';
loadLanguage('Post');
// If this isn't a new topic load the topic info that we need.
if (!empty($topic)) {
$request = $smcFunc['db_query']('', '
SELECT locked, is_sticky, id_poll, approved, id_first_msg, id_last_msg, id_member_started, id_board
FROM {db_prefix}topics
WHERE id_topic = {int:current_topic}
LIMIT 1', array('current_topic' => $topic));
$topic_info = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
// Though the topic should be there, it might have vanished.
if (!is_array($topic_info)) {
fatal_lang_error('topic_doesnt_exist');
}
// Did this topic suddenly move? Just checking...
if ($topic_info['id_board'] != $board) {
fatal_lang_error('not_a_topic');
}
}
// Replying to a topic?
if (!empty($topic) && !isset($_REQUEST['msg'])) {
// Don't allow a post if it's locked.
if ($topic_info['locked'] != 0 && !allowedTo('moderate_board')) {
fatal_lang_error('topic_locked', false);
}
// Sorry, multiple polls aren't allowed... yet. You should stop giving me ideas :P.
if (isset($_REQUEST['poll']) && $topic_info['id_poll'] > 0) {
unset($_REQUEST['poll']);
}
// Do the permissions and approval stuff...
$becomesApproved = true;
if ($topic_info['id_member_started'] != $user_info['id']) {
if ($modSettings['postmod_active'] && allowedTo('post_unapproved_replies_any') && !allowedTo('post_reply_any')) {
$becomesApproved = false;
} else {
isAllowedTo('post_reply_any');
}
} elseif (!allowedTo('post_reply_any')) {
if ($modSettings['postmod_active'] && allowedTo('post_unapproved_replies_own') && !allowedTo('post_reply_own')) {
$becomesApproved = false;
} else {
isAllowedTo('post_reply_own');
}
}
if (isset($_POST['lock'])) {
// Nothing is changed to the lock.
if (empty($topic_info['locked']) && empty($_POST['lock']) || !empty($_POST['lock']) && !empty($topic_info['locked'])) {
unset($_POST['lock']);
} elseif (!allowedTo(array('lock_any', 'lock_own')) || !allowedTo('lock_any') && $user_info['id'] != $topic_info['id_member_started']) {
unset($_POST['lock']);
} elseif (!allowedTo('lock_any')) {
// You cannot override a moderator lock.
if ($topic_info['locked'] == 1) {
unset($_POST['lock']);
} else {
$_POST['lock'] = empty($_POST['lock']) ? 0 : 2;
}
//.........这里部分代码省略.........
示例5: KB_knowcont
function KB_knowcont()
{
global $smcFunc, $txt, $scripturl, $sourcedir, $boardurl, $modSettings, $user_info, $context;
$context['sub_template'] = 'kb_knowcont';
if (isset($_REQUEST['cont'])) {
if (($listData = cache_get_data('kb_articles_listinfo' . $_GET['cont'] . '', 3600)) === null) {
$params = array('table' => 'kb_articles AS a', 'call' => 'a.title,a.kbnid,a.id_cat,c.name', 'left_join' => '{db_prefix}kb_category AS c ON (a.id_cat = c.kbid)', 'where' => 'a.kbnid = {int:kbnid}');
$data = array('kbnid' => (int) $_GET['cont']);
$listData = KB_ListData($params, $data);
cache_put_data('kb_articles_listinfo' . $_GET['cont'] . '', $listData, 3600);
}
$artname = $listData['title'];
$aid = $listData['kbnid'];
$cid = $listData['id_cat'];
$cname = $listData['name'];
if (!$aid) {
fatal_error('' . $txt['kb_pinfi7'] . ' <strong>' . $_GET['cont'] . '</strong> ' . $txt['kb_jumpgo1'] . '', false);
}
$context['linktree'][] = array('url' => $scripturl . '?action=kb;area=cats;cat=' . $cid . '', 'name' => $cname);
$context['linktree'][] = array('url' => $scripturl . '?action=kb;area=article;cont=' . $_GET['cont'] . '', 'name' => $artname);
if (($context['know'] = cache_get_data('kb_articles' . $_GET['cont'] . '', 3600)) === null) {
$result = $smcFunc['db_query']('', '
SELECT k.kbnid,k.content, k.source, k.title,k.id_cat,k.date,k.id_member,m.real_name, k.views, k.rate, k.approved
FROM {db_prefix}kb_articles AS k
LEFT JOIN {db_prefix}members AS m ON (k.id_member = m.id_member)
LEFT JOIN {db_prefix}attachments AS a ON (a.id_member = m.id_member)
WHERE kbnid = {int:kbnid}', array('kbnid' => (int) $_GET['cont']));
$context['know'] = array();
while ($row = $smcFunc['db_fetch_assoc']($result)) {
$context['know'][] = array('content' => KB_parseTags($row['content'], $row['kbnid'], 3), 'title' => parse_bbc($row['title']), 'source' => parse_bbc($row['source']), 'kbnid' => $row['kbnid'], 'approved' => $row['approved'], 'views' => $row['views'], 'rate' => $row['rate'], 'date' => date('D d M Y', $row['date']), 'id_cat' => $row['id_cat'], 'id_member' => $row['id_member'], 'real_name' => $row['real_name']);
}
$smcFunc['db_free_result']($result);
cache_put_data('kb_articles' . $_GET['cont'] . '', $context['know'], 3600);
}
$context['page_title'] = $context['know'][0]['title'];
if ($context['know'][0]['approved'] == 0 && $context['know'][0]['id_member'] != $user_info['id'] && !allowedTo('manage_kb')) {
fatal_lang_error('kb_articlwnot_approved', false);
}
KBisAllowedto($context['know'][0]['id_cat'], 'view');
$context['kbimg'] = KB_getimages($_GET['cont']);
if (!empty($modSettings['kb_ecom'])) {
$context['kbcom'] = KB_getcomments($_GET['cont']);
KB_showediter(!empty($_POST['description']) ? $_POST['description'] : '', 'description');
}
KB_dojprint();
$query_params = array('table' => 'kb_articles', 'set' => 'views = views + 1', 'where' => 'kbnid = {int:kbnid}');
$query_data = array('kbnid' => (int) $_GET['cont']);
kb_UpdateData($query_params, $query_data);
}
if ($user_info['is_guest']) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'register');
$context['visual_verification'] = create_control_verification($verificationOptions);
$context['visual_verification_id'] = $verificationOptions['id'];
}
//comment
if (isset($_REQUEST['comment'])) {
if ($user_info['is_guest']) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'register');
$context['visual_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['visual_verification'])) {
loadLanguage('Errors');
foreach ($context['visual_verification'] as $error) {
fatal_error($txt['error_' . $error]);
}
}
}
isAllowedTo('com_kb');
checkSession();
$_POST['description'] = $smcFunc['htmlspecialchars']($_POST['description'], ENT_QUOTES);
$_GET['arid'] = (int) $_GET['arid'];
if (empty($_POST['description'])) {
fatal_lang_error('knowledgebase_emtydesc', false);
}
$approved = allowedTo('auto_approvecom_kb') ? 1 : 0;
$mes = '' . $txt['kb_log_text4'] . ' <strong><a href="' . $scripturl . '?action=kb;area=article;cont=' . $_GET['arid'] . '">' . $context['know'][0]['title'] . '</a></strong>';
KB_log_actions('add_com', $_GET['arid'], $mes);
$data = array('table' => 'kb_comments', 'cols' => array('id_article' => 'int', 'comment' => 'string', 'date' => 'int', 'id_member' => 'int', 'approved' => 'int'));
$values = array($_GET['arid'], $_POST['description'], time(), $user_info['id'], $approved);
$indexes = array('id_article');
KB_InsertData($data, $values, $indexes);
KBrecountcomments();
KB_cleanCache();
redirectexit('action=kb;area=article;cont=' . $_GET['arid'] . '');
}
if (isset($_REQUEST['commentdel'])) {
isAllowedTo('comdel_kb');
$mes = '' . $txt['kb_log_text3'] . ' <strong><a href="' . $scripturl . '?action=kb;area=article;cont=' . $_GET['cont'] . '">' . $context['know'][0]['title'] . '</a></strong>';
KB_log_actions('del_com', $_GET['cont'], $mes);
$query_params = array('table' => 'kb_comments', 'where' => 'id = {int:kbid}');
$query_data = array('kbid' => (int) $_GET['arid']);
KB_DeleteData($query_params, $query_data);
KB_cleanCache();
KBrecountcomments();
redirectexit('action=kb;area=article;cont=' . $_GET['cont'] . '');
}
//approve
if (isset($_REQUEST['approve'])) {
checkSession('get');
//.........这里部分代码省略.........
示例6: Contact
function Contact()
{
global $context, $mbname, $webmaster_email, $txt, $sourcedir, $user_info, $modSettings, $scripturl, $smcFunc;
// Check if the current user can send a message
isAllowedTo('view_contact');
if (isset($_REQUEST['sa'])) {
if ($_REQUEST['sa'] == 'save') {
if ($context['user']['is_guest'] == true) {
if (isset($modSettings['recaptcha_enabled']) && !empty($modSettings['recaptcha_enabled']) && ($modSettings['recaptcha_enabled'] == 1 && !empty($modSettings['recaptcha_public_key']) && !empty($modSettings['recaptcha_private_key']))) {
if (!empty($_POST["recaptcha_response_field"]) && !empty($_POST["recaptcha_challenge_field"])) {
require_once "{$sourcedir}/recaptchalib.php";
$resp = recaptcha_check_answer($modSettings['recaptcha_private_key'], $_SERVER['REMOTE_ADDR'], $_REQUEST['recaptcha_challenge_field'], $_REQUEST['recaptcha_response_field']);
if (!$resp->is_valid) {
fatal_lang_error('error_wrong_verification_code', false);
}
} else {
fatal_lang_error('error_wrong_verification_code', false);
}
} else {
if (!empty($modSettings['reg_verification'])) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'post');
$context['visual_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['visual_verification'])) {
loadLanguage('Errors');
foreach ($context['visual_verification'] as $error) {
fatal_error($txt['error_' . $error], false);
}
}
}
}
}
$from = $_POST['from'];
if ($from == '') {
fatal_error($txt['smfcontact_errname'], false);
}
$subject = $_POST['subject'];
if ($subject == '') {
fatal_error($txt['smfcontact_errsubject'], false);
}
$message = $_POST['message'];
if ($message == '') {
fatal_error($txt['smfcontact_errmessage'], false);
}
$email = $_POST['email'];
if ($email == '') {
fatal_error($txt['smfcontact_erremail'], false);
}
$subject = $smcFunc['htmlspecialchars']($subject, ENT_QUOTES);
$message = $smcFunc['htmlspecialchars']($message, ENT_QUOTES);
$from = $smcFunc['htmlspecialchars']($from, ENT_QUOTES);
$email = $smcFunc['htmlspecialchars']($email, ENT_QUOTES);
$m = $txt['smfcontact_form'] . $mbname . " \n";
$m .= $txt['smfcontact_formname'] . $from . "\n";
$m .= $txt['smfcontact_formemail'] . $email . "\n";
$m .= $txt['smfcontact_ip'] . $_SERVER['REMOTE_ADDR'] . "\n";
$m .= $txt['smfcontact_formmessage'];
$m .= $message;
$m .= "\n";
// For send mail function
require_once $sourcedir . '/Subs-Post.php';
// Send email to webmaster
if (empty($modSettings['smfcontactpage_email'])) {
sendmail($webmaster_email, $subject, $m, $email);
} else {
sendmail($modSettings['smfcontactpage_email'], $subject, $m, $email);
}
// Show template that mail was sent
loadtemplate('Contact2');
// Load the main contact template
$context['sub_template'] = 'send';
// Set the page title
$context['page_title'] = $mbname . $txt['smfcontact_titlesent'];
}
} else {
// Load the main Contact template
loadtemplate('Contact2');
// Language strings
loadLanguage('Login');
// Load the main Contact template
$context['sub_template'] = 'main';
// Set the page title
$context['page_title'] = $mbname . ' - ' . $txt['smfcontact_contact'];
// Do we need to show the visual verification image?
$context['require_verification'] = !empty($modSettings['reg_verification']) && $context['user']['is_guest'] == true;
if ($context['require_verification']) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions);
$context['visual_verification_id'] = $verificationOptions['id'];
}
}
}示例7: setCaptchaError
function setCaptchaError()
{
global $sourcedir, $context;
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
fatal_lang_error('adkfatal_captcha_invalid', false);
}
}示例8: PlushSearch2
//.........这里部分代码省略.........
}
}
$did_you_mean['search'] = array_merge($did_you_mean['search'], $temp_excluded['search']);
$did_you_mean['display'] = array_merge($did_you_mean['display'], $temp_excluded['display']);
$temp_params = $search_params;
$temp_params['search'] = implode(' ', $did_you_mean['search']);
if (isset($temp_params['brd'])) {
$temp_params['brd'] = implode(',', $temp_params['brd']);
}
$context['params'] = array();
foreach ($temp_params as $k => $v) {
$context['did_you_mean_params'][] = $k . '|\'|' . $v;
}
$context['did_you_mean_params'] = base64_encode(implode('|"|', $context['did_you_mean_params']));
$context['did_you_mean'] = implode(' ', $did_you_mean['display']);
}
}
// Let the user adjust the search query, should they wish?
$context['search_params'] = $search_params;
if (isset($context['search_params']['search'])) {
$context['search_params']['search'] = $smcFunc['htmlspecialchars']($context['search_params']['search']);
}
if (isset($context['search_params']['userspec'])) {
$context['search_params']['userspec'] = $smcFunc['htmlspecialchars']($context['search_params']['userspec']);
}
// Do we have captcha enabled?
if ($user_info['is_guest'] && !empty($modSettings['search_enable_captcha']) && empty($_SESSION['ss_vv_passed']) && (empty($_SESSION['last_ss']) || $_SESSION['last_ss'] != $search_params['search'])) {
// If we come from another search box tone down the error...
if (!isset($_REQUEST['search_vv'])) {
$context['search_errors']['need_verification_code'] = true;
} else {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'search');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $error) {
$context['search_errors'][$error] = true;
}
} else {
$_SESSION['ss_vv_passed'] = true;
}
}
}
// *** Encode all search params
// All search params have been checked, let's compile them to a single string... made less simple by PHP 4.3.9 and below.
$temp_params = $search_params;
if (isset($temp_params['brd'])) {
$temp_params['brd'] = implode(',', $temp_params['brd']);
}
$context['params'] = array();
foreach ($temp_params as $k => $v) {
$context['params'][] = $k . '|\'|' . $v;
}
if (!empty($context['params'])) {
// Due to old IE's 2083 character limit, we have to compress long search strings
$params = @gzcompress(implode('|"|', $context['params']));
// Gzcompress failed, use try non-gz
if (empty($params)) {
$params = implode('|"|', $context['params']);
}
// Base64 encode, then replace +/= with uri safe ones that can be reverted
$context['params'] = str_replace(array('+', '/', '='), array('-', '_', '.'), base64_encode($params));
}
// ... and add the links to the link tree.
$context['linktree'][] = array('url' => $scripturl . '?action=search;params=' . $context['params'], 'name' => $txt['search']);
$context['linktree'][] = array('url' => $scripturl . '?action=search2;params=' . $context['params'], 'name' => $txt['search_results']);示例9: action_reporttm2
/**
* Send the emails.
*
* - Sends off emails to all the moderators.
* - Sends to administrators and global moderators. (1 and 2)
* - Called by action_reporttm(), and thus has the same permission and setting requirements as it does.
* - Accessed through ?action=reporttm when posting.
*/
public function action_reporttm2()
{
global $txt, $scripturl, $topic, $board, $user_info, $modSettings, $language, $context;
// You must have the proper permissions!
isAllowedTo('report_any');
// Make sure they aren't spamming.
spamProtection('reporttm');
require_once SUBSDIR . '/Mail.subs.php';
// No errors, yet.
$report_errors = Error_Context::context('report', 1);
// Check their session.
if (checkSession('post', '', false) != '') {
$report_errors->addError('session_timeout');
}
// Make sure we have a comment and it's clean.
if (!isset($_POST['comment']) || Util::htmltrim($_POST['comment']) === '') {
$report_errors->addError('no_comment');
}
$poster_comment = strtr(Util::htmlspecialchars($_POST['comment']), array("\r" => '', "\t" => ''));
if (Util::strlen($poster_comment) > 254) {
$report_errors->addError('post_too_long');
}
// Guests need to provide their address!
if ($user_info['is_guest']) {
require_once SUBSDIR . '/DataValidator.class.php';
if (!Data_Validator::is_valid($_POST, array('email' => 'valid_email'), array('email' => 'trim'))) {
empty($_POST['email']) ? $report_errors->addError('no_email') : $report_errors->addError('bad_email');
}
isBannedEmail($_POST['email'], 'cannot_post', sprintf($txt['you_are_post_banned'], $txt['guest_title']));
$user_info['email'] = htmlspecialchars($_POST['email'], ENT_COMPAT, 'UTF-8');
}
// Could they get the right verification code?
if ($user_info['is_guest'] && !empty($modSettings['guests_report_require_captcha'])) {
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'report');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $error) {
$report_errors->addError($error, 0);
}
}
}
// Any errors?
if ($report_errors->hasErrors()) {
return $this->action_reporttm();
}
// Get the basic topic information, and make sure they can see it.
$msg_id = (int) $_POST['msg'];
$message = posterDetails($msg_id, $topic);
if (empty($message)) {
fatal_lang_error('no_board', false);
}
$poster_name = un_htmlspecialchars($message['real_name']) . ($message['real_name'] != $message['poster_name'] ? ' (' . $message['poster_name'] . ')' : '');
$reporterName = un_htmlspecialchars($user_info['name']) . ($user_info['name'] != $user_info['username'] && $user_info['username'] != '' ? ' (' . $user_info['username'] . ')' : '');
$subject = un_htmlspecialchars($message['subject']);
// Get a list of members with the moderate_board permission.
require_once SUBSDIR . '/Members.subs.php';
$moderators = membersAllowedTo('moderate_board', $board);
$result = getBasicMemberData($moderators, array('preferences' => true, 'sort' => 'lngfile'));
$mod_to_notify = array();
foreach ($result as $row) {
if ($row['notify_types'] != 4) {
$mod_to_notify[] = $row;
}
}
// Check that moderators do exist!
if (empty($mod_to_notify)) {
fatal_lang_error('no_mods', false);
}
// If we get here, I believe we should make a record of this, for historical significance, yabber.
if (empty($modSettings['disable_log_report'])) {
require_once SUBSDIR . '/Messages.subs.php';
$id_report = recordReport($message, $poster_comment);
// If we're just going to ignore these, then who gives a monkeys...
if ($id_report === false) {
redirectexit('topic=' . $topic . '.msg' . $msg_id . '#msg' . $msg_id);
}
}
// Find out who the real moderators are - for mod preferences.
require_once SUBSDIR . '/Boards.subs.php';
$real_mods = getBoardModerators($board, true);
// Send every moderator an email.
foreach ($mod_to_notify as $row) {
// Maybe they don't want to know?!
if (!empty($row['mod_prefs'])) {
list(, , $pref_binary) = explode('|', $row['mod_prefs']);
if (!($pref_binary & 1) && (!($pref_binary & 2) || !in_array($row['id_member'], $real_mods))) {
continue;
}
}
$replacements = array('TOPICSUBJECT' => $subject, 'POSTERNAME' => $poster_name, 'REPORTERNAME' => $reporterName, 'TOPICLINK' => $scripturl . '?topic=' . $topic . '.msg' . $msg_id . '#msg' . $msg_id, 'REPORTLINK' => !empty($id_report) ? $scripturl . '?action=moderate;area=reports;report=' . $id_report : '', 'COMMENT' => $_POST['comment']);
$emaildata = loadEmailTemplate('report_to_moderator', $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
//.........这里部分代码省略.........
示例10: Register2
function Register2($verifiedOpenID = false)
{
global $scripturl, $txt, $modSettings, $context, $sourcedir;
global $user_info, $options, $settings, $smcFunc;
// Start collecting together any errors.
$reg_errors = array();
// Did we save some open ID fields?
if ($verifiedOpenID && !empty($context['openid_save_fields'])) {
foreach ($context['openid_save_fields'] as $id => $value) {
$_POST[$id] = $value;
}
}
// You can't register if it's disabled.
if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 3) {
fatal_lang_error('registration_disabled', false);
}
// Things we don't do for people who have already confirmed their OpenID allegances via register.
if (!$verifiedOpenID) {
// Well, if you don't agree, you can't register.
if (!empty($modSettings['requireAgreement']) && empty($_SESSION['registration_agreed'])) {
redirectexit();
}
// Make sure they came from *somewhere*, have a session.
if (!isset($_SESSION['old_url'])) {
redirectexit('action=register');
}
// Are they under age, and under age users are banned?
if (!empty($modSettings['coppaAge']) && empty($modSettings['coppaType']) && empty($_SESSION['skip_coppa'])) {
// !!! This should be put in Errors, imho.
loadLanguage('Login');
fatal_lang_error('under_age_registration_prohibited', false, array($modSettings['coppaAge']));
}
// Check whether the visual verification code was entered correctly.
if (!empty($modSettings['reg_verification'])) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'register');
$context['visual_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['visual_verification'])) {
loadLanguage('Errors');
foreach ($context['visual_verification'] as $error) {
$reg_errors[] = $txt['error_' . $error];
}
}
}
}
foreach ($_POST as $key => $value) {
if (!is_array($_POST[$key])) {
$_POST[$key] = htmltrim__recursive(str_replace(array("\n", "\r"), '', $_POST[$key]));
}
}
// Collect all extra registration fields someone might have filled in.
$possible_strings = array('website_url', 'website_title', 'aim', 'yim', 'skype', 'gtalk', 'location', 'birthdate', 'time_format', 'buddy_list', 'pm_ignore_list', 'smiley_set', 'signature', 'personal_text', 'avatar', 'lngfile', 'secret_question', 'secret_answer');
$possible_ints = array('pm_email_notify', 'notify_types', 'icq', 'gender', 'id_theme');
$possible_floats = array('time_offset');
$possible_bools = array('notify_announcements', 'notify_regularity', 'notify_send_body', 'hide_email', 'show_online');
if (isset($_POST['secret_answer']) && $_POST['secret_answer'] != '') {
$_POST['secret_answer'] = md5($_POST['secret_answer']);
}
// Needed for isReservedName() and registerMember().
require_once $sourcedir . '/Subs-Members.php';
// Validation... even if we're not a mall.
if (isset($_POST['real_name']) && (!empty($modSettings['allow_editDisplayName']) || allowedTo('moderate_forum'))) {
$_POST['real_name'] = trim(preg_replace('~[\\t\\n\\r \\x0B\\0' . ($context['utf8'] ? $context['server']['complex_preg_chars'] ? '\\x{A0}\\x{AD}\\x{2000}-\\x{200F}\\x{201F}\\x{202F}\\x{3000}\\x{FEFF}' : " -‟ ‟ " : '\\x00-\\x08\\x0B\\x0C\\x0E-\\x19\\xA0') . ']+~' . ($context['utf8'] ? 'u' : ''), ' ', $_POST['real_name']));
if (trim($_POST['real_name']) != '' && !isReservedName($_POST['real_name']) && $smcFunc['strlen']($_POST['real_name']) < 60) {
$possible_strings[] = 'real_name';
}
}
if (isset($_POST['msn']) && preg_match('~^[0-9A-Za-z=_+\\-/][0-9A-Za-z=_\'+\\-/\\.]*@[\\w\\-]+(\\.[\\w\\-]+)*(\\.[\\w]{2,6})$~', $_POST['msn']) != 0) {
$profile_strings[] = 'msn';
}
// Handle a string as a birthdate...
if (isset($_POST['birthdate']) && $_POST['birthdate'] != '') {
$_POST['birthdate'] = strftime('%Y-%m-%d', strtotime($_POST['birthdate']));
} elseif (!empty($_POST['bday1']) && !empty($_POST['bday2'])) {
$_POST['birthdate'] = sprintf('%04d-%02d-%02d', empty($_POST['bday3']) ? 0 : (int) $_POST['bday3'], (int) $_POST['bday1'], (int) $_POST['bday2']);
}
// By default assume email is hidden, only show it if we tell it to.
$_POST['hide_email'] = !empty($_POST['allow_email']) ? 0 : 1;
// Validate the passed language file.
if (isset($_POST['lngfile']) && !empty($modSettings['userLanguage'])) {
// Do we have any languages?
if (empty($context['languages'])) {
getLanguages();
}
// Did we find it?
if (isset($context['languages'][$_POST['lngfile']])) {
$_SESSION['language'] = $_POST['lngfile'];
} else {
unset($_POST['lngfile']);
}
} else {
unset($_POST['lngfile']);
}
// Some of these fields we may not want.
if (!empty($modSettings['registration_fields'])) {
// But we might want some of them if the admin asks for them.
$standard_fields = array('icq', 'msn', 'aim', 'yim', 'location', 'gender');
$reg_fields = explode(',', $modSettings['registration_fields']);
$exclude_fields = array_diff($standard_fields, $reg_fields);
// Website is a little different
//.........这里部分代码省略.........
示例11: Display
//.........这里部分代码省略.........
}
} elseif (substr($_REQUEST['start'], 0, 3) == 'msg') {
$virtual_msg = (int) substr($_REQUEST['start'], 3);
if (!$topicinfo['unapproved_posts'] && $virtual_msg >= $topicinfo['id_last_msg']) {
$context['start_from'] = $context['total_visible_posts'] - 1;
} elseif (!$topicinfo['unapproved_posts'] && $virtual_msg <= $topicinfo['id_first_msg']) {
$context['start_from'] = 0;
} else {
// Find the start value for that message......
$request = smf_db_query('
SELECT COUNT(*)
FROM {db_prefix}messages
WHERE id_msg < {int:virtual_msg}
AND id_topic = {int:current_topic}' . ($modSettings['postmod_active'] && $topicinfo['unapproved_posts'] && !allowedTo('approve_posts') ? '
AND (approved = {int:is_approved}' . ($user_info['is_guest'] ? '' : ' OR id_member = {int:current_member}') . ')' : ''), array('current_member' => $user_info['id'], 'current_topic' => $topic, 'virtual_msg' => $virtual_msg, 'is_approved' => 1, 'no_member' => 0));
list($context['start_from']) = mysql_fetch_row($request);
mysql_free_result($request);
}
// We need to reverse the start as well in this case.
if (isset($_REQUEST['perma'])) {
$_REQUEST['start'] = $virtual_msg;
} else {
$_REQUEST['start'] = empty($options['view_newest_first']) ? $context['start_from'] : $context['total_visible_posts'] - $context['start_from'] - 1;
}
}
}
// Create a previous next string if the selected theme has it as a selected option.
$context['previous_next'] = $modSettings['enablePreviousNext'] ? '<a href="' . $scripturl . '?topic=' . $topic . '.0;prev_next=prev#new">' . $txt['previous_next_back'] . '</a> <a href="' . $scripturl . '?topic=' . $topic . '.0;prev_next=next#new">' . $txt['previous_next_forward'] . '</a>' : '';
// Do we need to show the visual verification image?
$context['require_verification'] = !$user_info['is_mod'] && !$user_info['is_admin'] && !empty($modSettings['posts_require_captcha']) && ($user_info['posts'] < $modSettings['posts_require_captcha'] || $user_info['is_guest'] && $modSettings['posts_require_captcha'] == -1);
if ($context['require_verification']) {
require_once $sourcedir . '/lib/Subs-Editor.php';
$verificationOptions = array('id' => 'post', 'skip_template' => true);
$context['require_verification'] = create_control_verification($verificationOptions);
$context['visual_verification_id'] = $verificationOptions['id'];
}
// Are we showing signatures - or disabled fields?
$context['signature_enabled'] = substr($modSettings['signature_settings'], 0, 1) == 1;
$context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array();
// Censor the title...
censorText($topicinfo['subject']);
$context['page_title'] = $topicinfo['subject'] . ((int) $context['page_number'] > 0 ? ' - ' . $txt['page'] . ' ' . ($context['page_number'] + 1) : '');
// Is this topic sticky, or can it even be?
$topicinfo['is_sticky'] = empty($modSettings['enableStickyTopics']) ? '0' : $topicinfo['is_sticky'];
// Default this topic to not marked for notifications... of course...
$context['is_marked_notify'] = false;
// Did we report a post to a moderator just now?
$context['report_sent'] = isset($_GET['reportsent']);
// Let's get nosey, who is viewing this topic?
if (!empty($settings['display_who_viewing'])) {
// Start out with no one at all viewing it.
$context['view_members'] = array();
$context['view_members_list'] = array();
$context['view_num_hidden'] = 0;
// Search for members who have this topic set in their GET data.
$request = smf_db_query('
SELECT
lo.id_member, lo.log_time, mem.real_name, mem.member_name, mem.show_online, mem.id_group, mem.id_post_group
FROM {db_prefix}log_online AS lo
LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = lo.id_member)
WHERE INSTR(lo.url, {string:in_url_string}) > 0 OR lo.session = {string:session}', array('in_url_string' => 's:5:"topic";i:' . $topic . ';', 'session' => $user_info['is_guest'] ? 'ip' . $user_info['ip'] : session_id()));
while ($row = mysql_fetch_assoc($request)) {
if (empty($row['id_member'])) {
continue;
}
$class = 'member group_' . (empty($row['id_group']) ? $row['id_post_group'] : $row['id_group']) . (in_array($row['id_member'], $user_info['buddies']) ? ' buddy' : '');示例12: action_post2
/**
* Posts or saves the message composed with Post().
*
* requires various permissions depending on the action.
* handles attachment, post, and calendar saving.
* sends off notifications, and allows for announcements and moderation.
* accessed from ?action=post2.
*/
public function action_post2()
{
global $board, $topic, $txt, $modSettings, $context, $user_settings;
global $user_info, $board_info, $options, $ignore_temp;
// Sneaking off, are we?
if (empty($_POST) && empty($topic)) {
if (empty($_SERVER['CONTENT_LENGTH'])) {
redirectexit('action=post;board=' . $board . '.0');
} else {
fatal_lang_error('post_upload_error', false);
}
} elseif (empty($_POST) && !empty($topic)) {
redirectexit('action=post;topic=' . $topic . '.0');
}
// No need!
$context['robot_no_index'] = true;
// We are now in post2 action
$context['current_action'] = 'post2';
require_once SOURCEDIR . '/AttachmentErrorContext.class.php';
// No errors as yet.
$post_errors = Error_Context::context('post', 1);
$attach_errors = Attachment_Error_Context::context();
// If the session has timed out, let the user re-submit their form.
if (checkSession('post', '', false) != '') {
$post_errors->addError('session_timeout');
// Disable the preview so that any potentially malicious code is not executed
$_REQUEST['preview'] = false;
return $this->action_post();
}
// Wrong verification code?
if (!$user_info['is_admin'] && !$user_info['is_mod'] && !empty($modSettings['posts_require_captcha']) && ($user_info['posts'] < $modSettings['posts_require_captcha'] || $user_info['is_guest'] && $modSettings['posts_require_captcha'] == -1)) {
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $verification_error) {
$post_errors->addError($verification_error);
}
}
}
require_once SUBSDIR . '/Boards.subs.php';
require_once SUBSDIR . '/Post.subs.php';
loadLanguage('Post');
// Drafts enabled and needed?
if (!empty($modSettings['drafts_enabled']) && (isset($_POST['save_draft']) || isset($_POST['id_draft']))) {
require_once SUBSDIR . '/Drafts.subs.php';
}
// First check to see if they are trying to delete any current attachments.
if (isset($_POST['attach_del'])) {
$keep_temp = array();
$keep_ids = array();
foreach ($_POST['attach_del'] as $dummy) {
if (strpos($dummy, 'post_tmp_' . $user_info['id']) !== false) {
$keep_temp[] = $dummy;
} else {
$keep_ids[] = (int) $dummy;
}
}
if (isset($_SESSION['temp_attachments'])) {
foreach ($_SESSION['temp_attachments'] as $attachID => $attachment) {
if (isset($_SESSION['temp_attachments']['post']['files'], $attachment['name']) && in_array($attachment['name'], $_SESSION['temp_attachments']['post']['files']) || in_array($attachID, $keep_temp) || strpos($attachID, 'post_tmp_' . $user_info['id']) === false) {
continue;
}
unset($_SESSION['temp_attachments'][$attachID]);
@unlink($attachment['tmp_name']);
}
}
if (!empty($_REQUEST['msg'])) {
require_once SUBSDIR . '/ManageAttachments.subs.php';
$attachmentQuery = array('attachment_type' => 0, 'id_msg' => (int) $_REQUEST['msg'], 'not_id_attach' => $keep_ids);
removeAttachments($attachmentQuery);
}
}
// Then try to upload any attachments.
$context['attachments']['can']['post'] = !empty($modSettings['attachmentEnable']) && $modSettings['attachmentEnable'] == 1 && (allowedTo('post_attachment') || $modSettings['postmod_active'] && allowedTo('post_unapproved_attachments'));
if ($context['attachments']['can']['post'] && empty($_POST['from_qr'])) {
require_once SUBSDIR . '/Attachments.subs.php';
if (isset($_REQUEST['msg'])) {
processAttachments((int) $_REQUEST['msg']);
} else {
processAttachments();
}
}
// Previewing? Go back to start.
if (isset($_REQUEST['preview'])) {
return $this->action_post();
}
// Prevent double submission of this form.
checkSubmitOnce('check');
// If this isn't a new topic load the topic info that we need.
if (!empty($topic)) {
require_once SUBSDIR . '/Topic.subs.php';
//.........这里部分代码省略.........
示例13: action_send2
//.........这里部分代码省略.........
if (!$is_recipient_change) {
foreach (array_keys($recipientList) as $recipientType) {
if (!empty($namesNotFound[$recipientType])) {
$post_errors->addError('bad_' . $recipientType);
// Since we already have a post error, remove the previous one.
$post_errors->removeError('no_to');
foreach ($namesNotFound[$recipientType] as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}
}
}
}
// Did they make any mistakes like no subject or message?
if ($_REQUEST['subject'] == '') {
$post_errors->addError('no_subject');
}
if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') {
$post_errors->addError('no_message');
} elseif (!empty($modSettings['max_messageLength']) && Util::strlen($_REQUEST['message']) > $modSettings['max_messageLength']) {
$post_errors->addError('long_message');
} else {
// Preparse the message.
$message = $_REQUEST['message'];
preparsecode($message);
// Make sure there's still some content left without the tags.
if (Util::htmltrim(strip_tags(parse_bbc(Util::htmlspecialchars($message, ENT_QUOTES), false), '<img>')) === '' && (!allowedTo('admin_forum') || strpos($message, '[html]') === false)) {
$post_errors->addError('no_message');
}
}
// Wrong verification code?
if (!$user_info['is_admin'] && !isset($_REQUEST['xml']) && !empty($modSettings['pm_posts_verification']) && $user_info['posts'] < $modSettings['pm_posts_verification']) {
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'pm');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $error) {
$post_errors->addError($error);
}
}
}
// If they made any errors, give them a chance to make amends.
if ($post_errors->hasErrors() && !$is_recipient_change && !isset($_REQUEST['preview']) && !isset($_REQUEST['xml'])) {
return messagePostError($namedRecipientList, $recipientList);
}
// Want to take a second glance before you send?
if (isset($_REQUEST['preview'])) {
// Set everything up to be displayed.
$context['preview_subject'] = Util::htmlspecialchars($_REQUEST['subject']);
$context['preview_message'] = Util::htmlspecialchars($_REQUEST['message'], ENT_QUOTES, 'UTF-8', true);
preparsecode($context['preview_message'], true);
// Parse out the BBC if it is enabled.
$context['preview_message'] = parse_bbc($context['preview_message']);
// Censor, as always.
censorText($context['preview_subject']);
censorText($context['preview_message']);
// Set a descriptive title.
$context['page_title'] = $txt['preview'] . ' - ' . $context['preview_subject'];
// Pretend they messed up but don't ignore if they really did :P.
return messagePostError($namedRecipientList, $recipientList);
} elseif ($is_recipient_change) {
// Maybe we couldn't find one?
foreach ($namesNotFound as $recipientType => $names) {
$post_errors->addError('bad_' . $recipientType);
foreach ($names as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}示例14: doTPpage
//.........这里部分代码省略.........
// set bars on/off according to options, setting override
$all = array('upperpanel', 'leftpanel', 'rightpanel', 'toppanel', 'bottompanel', 'lowerpanel');
for ($p = 0; $p < 5; $p++) {
if (isset($cat_opts[$all[$p]])) {
$context['TPortal'][$all[$p]] = $cat_opts[$all[$p]];
}
}
}
// should we supply links to articles in same category?
if (in_array('category', $context['TPortal']['article']['visual_options'])) {
$request = $smcFunc['db_query']('', '
SELECT id, subject, shortname
FROM {db_prefix}tp_articles
WHERE category = {int:cat}
AND off = 0
AND approved = 1', array('cat' => $context['TPortal']['article']['category']));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['article']['others'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if ($row['id'] == $context['TPortal']['article']['id']) {
$row['selected'] = 1;
}
$context['TPortal']['article']['others'][] = $row;
}
$smcFunc['db_free_result']($request);
}
}
// can we rate this article?
$context['TPortal']['article']['can_rate'] = in_array($context['user']['id'], explode(',', $article['voters'])) ? false : true;
// Generate a visual verification code for comments in the article.
if (!empty($context['TPortal']['articles_comment_captcha'])) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'post');
$context['require_verification'] = create_control_verification($verificationOptions);
$context['visual_verification_id'] = $verificationOptions['id'];
}
// are we rather printing this article and printing page is allowed?
if (isset($_GET['print']) && $context['TPortal']['print_articles'] == 1) {
if (!isset($article['id'])) {
redirectexit();
}
$what = '<h2>' . $article['subject'] . ' </h2>' . $article['body'];
$pwhat = 'echo \'<h2>\' . $article[\'subject\'] . \'</h2>\';' . $article['body'];
if ($article['type'] == 'php') {
$context['TPortal']['printbody'] = eval($pwhat);
} elseif ($article['type'] == 'import') {
if (!file_exists($boarddir . '/' . $article['fileimport'])) {
echo '<em>', $txt['tp-cannotfetchfile'], '</em>';
} else {
include $article['fileimport'];
}
$context['TPortal']['printbody'] = '';
} elseif ($article['type'] == 'bbc') {
$context['TPortal']['printbody'] = parse_bbc($what);
} else {
$context['TPortal']['printbody'] = $what;
}
$context['TPortal']['print'] = '<a href="' . $scripturl . '?page=' . $article['id'] . '"><strong>' . $txt['tp-printgoback'] . '</strong></a>';
loadtemplate('TPprint');
$context['template_layers'] = array('tp_print');
$context['sub_template'] = 'tp_print_body';
tp_hidebars();
}
// linktree?
if (!in_array('linktree', $context['TPortal']['article']['visual_options'])) {
$context['linktree'][0] = array('url' => '', 'name' => '');示例15: MessagePost2
//.........这里部分代码省略.........
if (!$is_recipient_change) {
foreach ($recipientList as $recipientType => $dummy) {
if (!empty($namesNotFound[$recipientType])) {
$post_errors[] = 'bad_' . $recipientType;
// Since we already have a post error, remove the previous one.
$post_errors = array_diff($post_errors, array('no_to'));
foreach ($namesNotFound[$recipientType] as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}
}
}
}
// Did they make any mistakes?
if ($_REQUEST['subject'] == '') {
$post_errors[] = 'no_subject';
}
if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '') {
$post_errors[] = 'no_message';
} elseif (!empty($modSettings['max_messageLength']) && $smcFunc['strlen']($_REQUEST['message']) > $modSettings['max_messageLength']) {
$post_errors[] = 'long_message';
} else {
// Preparse the message.
$message = $_REQUEST['message'];
preparsecode($message);
// Make sure there's still some content left without the tags.
if ($smcFunc['htmltrim'](strip_tags(parse_bbc($smcFunc['htmlspecialchars']($message, ENT_QUOTES), false), '<img>')) === '' && (!allowedTo('admin_forum') || strpos($message, '[html]') === false)) {
$post_errors[] = 'no_message';
}
}
// Wrong verification code?
if (!$user_info['is_admin'] && !isset($_REQUEST['xml']) && !empty($modSettings['pm_posts_verification']) && $user_info['posts'] < $modSettings['pm_posts_verification']) {
require_once $sourcedir . '/Subs-Editor.php';
$verificationOptions = array('id' => 'pm');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
$post_errors = array_merge($post_errors, $context['require_verification']);
}
}
// If they did, give a chance to make ammends.
if (!empty($post_errors) && !$is_recipient_change && !isset($_REQUEST['preview']) && !isset($_REQUEST['xml'])) {
return messagePostError($post_errors, $namedRecipientList, $recipientList);
}
// Want to take a second glance before you send?
if (isset($_REQUEST['preview'])) {
// Set everything up to be displayed.
$context['preview_subject'] = $smcFunc['htmlspecialchars']($_REQUEST['subject']);
$context['preview_message'] = $smcFunc['htmlspecialchars']($_REQUEST['message'], ENT_QUOTES);
preparsecode($context['preview_message'], true);
// Parse out the BBC if it is enabled.
$context['preview_message'] = parse_bbc($context['preview_message']);
// Censor, as always.
censorText($context['preview_subject']);
censorText($context['preview_message']);
// Set a descriptive title.
$context['page_title'] = $txt['preview'] . ' - ' . $context['preview_subject'];
// Pretend they messed up but don't ignore if they really did :P.
return messagePostError($post_errors, $namedRecipientList, $recipientList);
} elseif ($is_recipient_change) {
// Maybe we couldn't find one?
foreach ($namesNotFound as $recipientType => $names) {
$post_errors[] = 'bad_' . $recipientType;
foreach ($names as $name) {
$context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
}
}
return messagePostError(array(), $namedRecipientList, $recipientList);