149 lines
4.8 KiB
PHP
149 lines
4.8 KiB
PHP
<?php
|
|
|
|
/**
|
|
* [Discuz!] (C)2001-2099 Comsenz Inc.
|
|
* This is NOT a freeware, use is subject to license terms
|
|
*
|
|
* $Id: helper_form.php 35986 2016-06-06 01:37:04Z nemohou $
|
|
*/
|
|
|
|
if(!defined('IN_DISCUZ')) {
|
|
exit('Access Denied');
|
|
}
|
|
|
|
class helper_form {
|
|
|
|
|
|
public static function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0) {
|
|
if(!getgpc($var)) {
|
|
return FALSE;
|
|
} else {
|
|
global $_G;
|
|
if($allowget || ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && $_GET['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) ||
|
|
strncmp($_SERVER['HTTP_REFERER'], 'http://wsq.discuz.com/', 22) === 0 || preg_replace("/https?:\/\/([^\:\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\:]+).*/", "\\1", $_SERVER['HTTP_HOST'])))) {
|
|
if(checkperm('seccode')) {
|
|
if($secqaacheck && !check_secqaa($_GET['secanswer'], $_GET['secqaahash'])) {
|
|
showmessage('submit_secqaa_invalid');
|
|
}
|
|
if($seccodecheck && !check_seccode($_GET['seccodeverify'], $_GET['seccodehash'], 0, $_GET['seccodemodid'])) {
|
|
showmessage('submit_seccode_invalid');
|
|
}
|
|
}
|
|
return TRUE;
|
|
} else {
|
|
showmessage('submit_invalid');
|
|
}
|
|
}
|
|
}
|
|
|
|
public static function censor($message, $modword = NULL, $return = FALSE) {
|
|
global $_G;
|
|
$censor = discuz_censor::instance();
|
|
$censor->check($message, $modword);
|
|
if($censor->modbanned() && empty($_G['group']['ignorecensor'])) {
|
|
$wordbanned = implode(', ', $censor->words_found);
|
|
if($return) {
|
|
return array('message' => lang('message', 'word_banned', array('wordbanned' => $wordbanned)));
|
|
}
|
|
if(!defined('IN_ADMINCP')) {
|
|
showmessage('word_banned', '', array('wordbanned' => $wordbanned));
|
|
} else {
|
|
cpmsg(lang('message', 'word_banned'), '', 'error', array('wordbanned' => $wordbanned));
|
|
}
|
|
}
|
|
if($_G['group']['allowposturl'] == 0 || $_G['group']['allowposturl'] == 2) {
|
|
$urllist = self::get_url_list($message);
|
|
if(is_array($urllist[1])) foreach($urllist[1] as $key => $val) {
|
|
if(!$val = trim($val)) continue;
|
|
if(!iswhitelist($val)) {
|
|
if($_G['group']['allowposturl'] == 0) {
|
|
if($return) {
|
|
return array('message' => 'post_url_nopermission');
|
|
}
|
|
showmessage('post_url_nopermission');
|
|
} elseif($_G['group']['allowposturl'] == 2) {
|
|
$message = str_replace('[url]'.$urllist[0][$key].'[/url]', $urllist[0][$key], $message);
|
|
$message = preg_replace(
|
|
array(
|
|
"@\[url=[^\]]*?".preg_quote($urllist[0][$key],'@')."[^\]]*?\](.*?)\[/url\]@is",
|
|
"@href=('|\")".preg_quote($urllist[0][$key],'@')."\\1@is",
|
|
"@\[url\]([^\]]*?".preg_quote($urllist[0][$key],'@')."[^\]]*?)\[/url\]@is",
|
|
),
|
|
array(
|
|
'\\1',
|
|
'',
|
|
'\\1',
|
|
),
|
|
$message);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return $message;
|
|
}
|
|
|
|
public static function censormod($message) {
|
|
global $_G;
|
|
if($_G['group']['ignorecensor']) {
|
|
return false;
|
|
}
|
|
$modposturl = false;
|
|
if($_G['group']['allowposturl'] == 1) {
|
|
$urllist = self::get_url_list($message);
|
|
if(is_array($urllist[1])) foreach($urllist[1] as $key => $val) {
|
|
if(!$val = trim($val)) continue;
|
|
if(!iswhitelist($val)) {
|
|
$modposturl = true;
|
|
}
|
|
}
|
|
}
|
|
if($modposturl) {
|
|
return true;
|
|
}
|
|
|
|
$censor = discuz_censor::instance();
|
|
$censor->check($message);
|
|
return $censor->modmoderated();
|
|
}
|
|
|
|
public static function get_url_list($message) {
|
|
$return = array();
|
|
|
|
(strpos($message, '[/img]') || strpos($message, '[/flash]')) && $message = preg_replace("/\[img[^\]]*\]\s*([^\[\<\r\n]+?)\s*\[\/img\]|\[flash[^\]]*\]\s*([^\[\<\r\n]+?)\s*\[\/flash\]/is", '', $message);
|
|
if(preg_match_all("/((https?|ftp|gopher|news|telnet|rtsp|mms|callto|bctp|thunder|qqdl|synacast){1}:\/\/|www\.)[^ \[\]\"']+/i", $message, $urllist)) {
|
|
foreach($urllist[0] as $key => $val) {
|
|
$val = trim($val);
|
|
$return[0][$key] = $val;
|
|
if(!preg_match('/^http:\/\//is', $val)) $val = 'http://'.$val;
|
|
$tmp = parse_url($val);
|
|
$return[1][$key] = $tmp['host'];
|
|
if($tmp['port']){
|
|
$return[1][$key] .= ":$tmp[port]";
|
|
}
|
|
}
|
|
}
|
|
return $return;
|
|
}
|
|
|
|
public static function updatemoderate($idtype, $ids, $status = 0) {
|
|
$ids = is_array($ids) ? $ids : array($ids);
|
|
if(!$ids) {
|
|
return;
|
|
}
|
|
if(!$status) {
|
|
foreach($ids as $id) {
|
|
C::t('common_moderate')->insert($idtype, array(
|
|
'id' => $id,
|
|
'status' => 0,
|
|
'dateline' => TIMESTAMP,
|
|
), false, true);
|
|
}
|
|
} elseif($status == 1) {
|
|
C::t('common_moderate')->update($ids, $idtype, array('status' => 1));
|
|
} elseif($status == 2) {
|
|
C::t('common_moderate')->delete($ids, $idtype);
|
|
}
|
|
}
|
|
}
|
|
|
|
?>
|