forked from Moearly/YouBBS-EOEN
-
Notifications
You must be signed in to change notification settings - Fork 0
/
common.php
356 lines (317 loc) · 13.2 KB
/
common.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
<?php
/**
*程序官方支持社区 http://youbbs.sinaapp.com/
*欢迎交流!
*youBBS是开源项目,可自由修改,但要保留Powered by 链接信息
*在 youBBS 的代码基础之上发布派生版本,名字可以不包含youBBS,
*但是页脚需要带有 based on youBBS 的字样和链接。
*/
define('SAESPOT_VER', '2.3');
if (!defined('IN_SAESPOT')) exit('error: 403 Access Denied');
error_reporting(0);
$mtime = explode(' ', microtime());
$starttime = $mtime[1] + $mtime[0];
$timestamp = time();
$php_self = addslashes(htmlspecialchars($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']));
$url_path = substr($php_self, 1,-4);
include (CURRENT_DIR . '/include/mysql.class.php');
// 初始化从数据类,若要写、删除数据则需要定义主数据类
$DBS = new DB_MySQL;
$DBS->connect($servername, $dbport, $dbusername, $dbpassword, $dbname);
// cache
include(CURRENT_DIR . '/include/JG_Cache.php');
$cache = new JG_Cache(CURRENT_DIR . '/cache');
// 去除转义字符
function stripslashes_array(&$array) {
if (is_array($array)) {
foreach ($array as $k => $v) {
$array[$k] = stripslashes_array($v);
}
} else if (is_string($array)) {
$array = stripslashes($array);
}
return $array;
}
@set_magic_quotes_runtime(0);
// 判断 magic_quotes_gpc 状态
if (@get_magic_quotes_gpc()) {
$_GET = stripslashes_array($_GET);
$_POST = stripslashes_array($_POST);
$_COOKIE = stripslashes_array($_COOKIE);
}
// 获取当前用户
$cur_user = null;
$cur_uid = isset($_COOKIE['cur_uid']) ? intval($_COOKIE['cur_uid']) : '';
$cur_uname = isset($_COOKIE['cur_uname']) ? $_COOKIE['cur_uname'] : '';
$cur_ucode = isset($_COOKIE['cur_ucode']) ? $_COOKIE['cur_ucode'] : '';
if($cur_uname && $cur_uid && $cur_ucode){
$u_key = 'u_'.$cur_uid;
// 从数据库里读取
$db_user = $DBS->fetch_one_array("SELECT * FROM yunbbs_users WHERE id='".$cur_uid."' LIMIT 1");
if($db_user){
$db_ucode = md5($db_user['id'].$db_user['password'].$db_user['regtime'].$db_user['lastposttime'].$db_user['lastreplytime']);
if($cur_uname == $db_user['name'] && $cur_ucode == $db_ucode){
//设置cookie
setcookie('cur_uid', $cur_uid, $timestamp+ 86400 * 365, '/');
setcookie('cur_uname', $cur_uname, $timestamp+86400 * 365, '/');
setcookie('cur_ucode', $cur_ucode, $timestamp+86400 * 365, '/');
$cur_user = $db_user;
unset($db_user);
}
}
// 取出未读私信数量
$db_msg = $DBS->fetch_one_array("SELECT count(1) as count FROM yunbbs_messages WHERE IsRead=0 and ToUID='".$cur_uid."'");
if($db_msg){
$msg_count = $db_msg['count'];
unset($db_msg);
}
}
include (CURRENT_DIR . '/model.php');
// 获得散列
function formhash() {
global $cur_ucode, $options;
return substr(md5($options['site_create'].$cur_ucode.'yoursecretwords'), 8, 8);
}
$formhash = formhash();
// 限制不能打开.php的网址
if(strpos($_SERVER["REQUEST_URI"], '.php')){
header('location: /404.html');
exit('no php script');
}
// 只允许注册用户访问
if($options['authorized'] && (!$cur_user || $cur_user['flag']<5)){
if( !in_array($url_path, array('login','logout','sigin','forgot','qqlogin','qqcallback','qqsetname','wblogin','wbcallback','wbsetname'))){
header('location: /login');
exit('authorized only');
}
}
// 网站暂时关闭
if($options['close'] && (!$cur_user || $cur_user['flag']<99)){
if( !in_array($url_path, array('login','forgot'))){
header('location: /login');
exit('site close');
}
}
// 获得IP地址
if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
$onlineip = getenv('HTTP_CLIENT_IP');
} elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
$onlineip = getenv('HTTP_X_FORWARDED_FOR');
} elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
$onlineip = getenv('REMOTE_ADDR');
} elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
$onlineip = $_SERVER['REMOTE_ADDR'];
}
$onlineip = addslashes($onlineip);
//if(!$onlineip) exit('error: 400 no ip');
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
if($user_agent){
$is_spider = preg_match('/(bot|crawl|spider|slurp|sohu-search|lycos|robozilla|google)/i', $user_agent);
$is_mobie = preg_match('/(Mobile|iPod|iPhone|Android|Opera Mini|BlackBerry|webOS|UCWEB|Blazer|PSP)/i', $user_agent);
if($is_mobie){
// 设置模板前缀
@$viewat = $_COOKIE['vtpl'];
if($viewat=='desktop'){
$tpl = '';
}else{
$tpl = 'ios_';
}
}else{
$tpl = '';
}
}else{
//exit('error: 400 no agent');
$is_spider = '';
$is_mobie = '';
}
//设置基本环境变量
/*
$cur_user
$is_spider
$is_mobie
$options
*/
// 一些常用的函数
// 显示时间格式化
function showtime($db_time){
$diftime = time() - $db_time;
if($diftime < 31536000){
// 小于1年如下显示
if($diftime>=86400){
return round($diftime/86400,1).'天前';
}else if($diftime>=3600){
return round($diftime/3600,1).'小时前';
}else if($diftime>=60){
return round($diftime/60,1).'分钟前';
}else{
return ($diftime+1).'秒钟前';
}
}else{
// 大于一年
//return gmdate("Y-m-d H:i:s", $db_time);
return date("Y-m-d H:i:s", $db_time);
}
}
// 显示时间格式化
function showtime2($db_time){
return date("Y-m-d H:i:s", $db_time);
}
// 格式化帖子、回复内容
function set_content_rich($text, $spider='0'){
global $options;
// images
$img_re = '/(http[s]?:\/\/?('.$options['safe_imgdomain'].').+\.(jpg|jpe|jpeg|gif|png))\w*/';
if(preg_match($img_re, $text)){
if(!$spider){
$text = preg_replace($img_re, '<img src="'.$options['base_url'].'/static/grey2.gif" data-original="\1" alt="" />', $text);
}else{
// 搜索引擎来这样显示 更利于SEO 参见 http://saepy.sinaapp.com/t/81
$text = preg_replace($img_re, '<img src="\1"/ class="photo">', $text);
}
}
// 腾讯微博图片
if(strpos($text, 'qpic.cn')){
// http://t1.qpic.cn/mblogpic/4c7dfb4b2d3c665c4fa4/460
$qq_img_re = '/(http:\/\/t\d+\.qpic\.cn\/[a-zA-Z0-9]+\/[a-zA-Z0-9]+)\/\d+\w*/';
if(!$spider){
$text = preg_replace($qq_img_re, '<img src="'.$options['base_url'].'/static/grey2.gif" data-original="\1/460" alt="" />', $text);
}else{
$text = preg_replace($qq_img_re, '<img src="\1/460" alt="" />', $text);
}
}
// 网易音乐
if(strpos($text, 'music.163.com')){
if(strpos($text, 'id=')){
$text = preg_replace('/http:\/\/music\.163\.com\/(.+)id=([a-zA-Z0-9]{6,})/', '<iframe src="http://music.163.com/outchain/player?type=2&id=\2&auto=0&height=66" width="100%" height="86" frameborder="0" allowfullscreen></iframe>', $text);
}
}
//bilibili
if(strpos($text, 'www.bilibili.com')){
$text = preg_replace('/http:\/\/www\.bilibili\.com\/video\/([a-zA-Z0-9]{6,})/', '<iframe src="https://secure.bilibili.tv/secure,cid=\2" class="video" frameborder=0></iframe>', $text);
}
// youku
if(strpos($text, 'player.youku.com')){
$text = preg_replace('/http:\/\/player\.youku\.com\/player\.php\/sid\/([a-zA-Z0-9\=]+)\/v\.swf/', '<embed src="http://player.youku.com/player.php/sid/\1/v.swf" quality="high" width="590" height="492" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash"></embed>', $text);
}
if(strpos($text, 'v.youku.com')){
$text = preg_replace('/http:\/\/v\.youku\.com\/v_show\/id_([a-zA-Z0-9\=]+)(\/|\.html?)?/', '<iframe src="http://player.youku.com/embed/\1" class="video" frameborder=0></iframe>', $text);
}
// tudou
if(strpos($text, 'www.tudou.com')){
if(strpos($text, 'programs/view')){
$text = preg_replace('/http:\/\/www\.tudou\.com\/(programs\/view|listplay)\/([a-zA-Z0-9\=\_\-]+)(\/|\.html?)?/', '<embed src="http://www.tudou.com/v/\2/" quality="high" width="100%" height="auto" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash"></embed>', $text);
}else if(strpos($text, 'albumplay')){
$text = preg_replace('/http:\/\/www\.tudou\.com\/albumplay\/([a-zA-Z0-9\=\_\-]+)\/([a-zA-Z0-9\=\_\-]+)(\/|\.html?)?/', '<embed src="http://www.tudou.com/a/\1/" quality="high" width="100%" height="auto" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash"></embed>', $text);
}else if(strpos($text, "tudou.com/a/")){
//播放器地址
$text = preg_replace('/(http:\/\/www\.tudou\.com\/a\/([a-zA-Z0-9\=]+)\/\&resourceId\=([0-9\_]+)\&iid\=([0-9\_]+)\/v\.swf)/', '<embed src="\\1" quality="high" width="100%" height="auto" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash"></embed>', $text);
}else{
$text = preg_replace('/http:\/\/www\.tudou\.com\/(programs\/view|listplay)\/([a-zA-Z0-9\=\_\-]+)(\/|\.html?)?/', '<embed src="http://www.tudou.com/l/\2/" quality="high" width="100%" height="auto" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash"></embed>', $text);
}
}
// qq
if(strpos($text, 'v.qq.com')){
if(strpos($text, 'vid=')){
$text = preg_replace('/https:\/\/v\.qq\.com\/(.+)vid=([a-zA-Z0-9]{8,})/', '<iframe src="https://v.qq.com/iframe/player.html?vid=\2&tiny=0&auto=0" class="video" frameborder="0" allowfullscreen></iframe>', $text);
}else{
$text = preg_replace('/https:\/\/v\.qq\.com\/(.+)\/([a-zA-Z0-9]{8,})\.(html?)/', '<iframe src="https://v.qq.com/iframe/player.html?vid=\2&tiny=0&auto=0" class="video" frameborder="0" allowfullscreen></iframe>', $text);
}
}
// gist
if(strpos($text, '://gist')){
$text = preg_replace('/(https?:\/\/gist\.github\.com\/([a-zA-Z0-9-]+\/)?[\d]+)/', '<script src="\1.js"></script>', $text);
}
// mentions
if(strpos($text, '@') !== false){
@$text = preg_replace('/\B\@([a-zA-Z0-9\x80-\xff]{4,20})/', '@<a href="'.$options['base_url'].'/user/\1" class="user">\1</a>', $text);
}
// url
if(strpos($text, 'http') !== false){
$text = ' ' . $text;
$text = preg_replace(
'`([^"=\'>])((http|https|ftp)://[^\s<]+[^\s<\.)])`i',
'$1<a href="$2" target="_blank" rel="nofollow">$2</a>',
$text
);
$text = substr($text, 1);
}
$text = preg_replace("/\s{4,}/", '</p><p>', $text);
//$text = str_replace("\r\n", '<br/>', $text);
$text = str_replace("<p></p>", '', $text);
return $text;
}
// 附加代码高亮
function set_content($text, $spider='0'){
return set_content_rich($text, $spider);
}
// 匹配文本里呼叫某人,为了保险,使用时常在其前后加空格,如 @admin 吧
function find_mentions($text, $filter_name=''){
// 正则跟用户注册、登录保持一致
preg_match_all('/\B\@([a-zA-Z0-9\x80-\xff]{4,20})/' ,$text, $out, PREG_PATTERN_ORDER);
$new_arr = array_unique($out[1]);
if($filter_name && in_array($filter_name, $new_arr)){
foreach($new_arr as $k=>$v){
if($v == $filter_name){
unset($new_arr[$k]);
break;
}
}
}
return $new_arr;
}
//转换字符
function char_cv($string) {
$string = nl2br(addslashes($string));
return $string;
}
// 过滤掉一些非法字符
function filter_chr($string){
$string = str_replace("<", "", $string);
$string = str_replace(">", "", $string);
return $string;
}
//判断是否为邮件地址
function isemail($email) {
return strlen($email) > 6 && preg_match("/^[\w\-\.]+@[\w\-\.]+(\.\w+)+$/", $email);
}
// 过滤tags
function gettags($string){
if($string){
$string = str_replace(" ", ",", strtolower($string));
$string = str_replace(",", ",", $string);
$string_arr = explode(",", $string);
foreach($string_arr as $k=>$tag){
if(preg_match('/^[a-zA-Z0-9\x80-\xff\.]{1,20}$/i', $tag)){
//pass
}else{
unset($string_arr[$k]);
}
}
$string_arr = array_filter(array_unique($string_arr));
// 只取前5个标签
$string_arr = array_slice($string_arr, 0, 5, true);
return implode(",", $string_arr);
}else{
return '';
}
}
function curl_file_get_contents($url){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_USERAGENT, _USERAGENT_);
curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
// 密码加盐,可以自己修改这个函数
function encode_password($pw, $salt){
$a = sha1($pw) . md5($salt);
$b = substr(md5($a), 8, 18);
return substr(md5($b), 6, 16);
}
?>