discuz论坛 用户登录 后台程序代码

1
中文问题,在使用MySQL实例配置工具的使用,将使用的字符集设置为GBK,而不要设置为UTF-82
MySQL安装后密码无法访问问题:mysql SET PASSWORD FOR – ‘some_user’@’some_host’ =
OLD_PASSWORD(‘newpwd’);3
PHP有Warning在php.ini里面找到bug_combat_warning = 1 两行,1 改成 04
MySQL
对SQL插入实行更强的格式检查.所以如果某个列是整数,就不能使用''来插入.因此修改Discuz的一个函数如下function
updatesession() { if(empty($GLOBALS[‘sessionupdated’])) { global $db,
$sessionexists, $sessionupdated, $sid, $onlineip, $discuz_uid,
$discuz_user, $timestamp, $groupid, $styleid, $invisible,
$discuz_action, $fid, $tid, $onlinehold, $logincredits,
$table_sessions, $table_members, $user_lastactivity, $onlinehold;
if($sessionexists == 1) { $db-query(“UPDATE $table_sessions SET
uid=’$discuz_uid’, username=’$discuz_user’, groupid=’$groupid’,
styleid=’$styleid’, invisible='” . ($invisible==””?0:1) . “‘,
action=’$discuz_action’, lastactivity=’$timestamp’, fid='” .
($fid==””?0:1) . “‘, tid='” . ($tid==””?0:1) . “‘ WHERE sid=’$sid'”); if
($onlinehold $user_lastactivity $timestamp – $user_lastactivity
$onlinehold) { $db-query(“UPDATE $table_members SET
lastvisit=lastactivity, lastactivity=$timestamp WHERE
uid=’$discuz_uid'”, ‘UNBUFFERED’); } } else { $ips = explode(‘.’,
$onlineip); $db-query(“DELETE FROM $table_sessions WHERE sid=’$sid’ OR
lastactivity($timestamp-$onlinehold) OR (‘$discuz_uid”0′ AND
uid=’$discuz_uid’) OR (uid=’0′ AND ip1=’$ips[0]’ AND ip2=’$ips[1]’
AND ip3=’$ips[2]’ AND ip4=’$ips[3]’ AND
lastactivity$timestamp-60)”); $db-query(“INSERT INTO $table_sessions
(sid, ip1, ip2, ip3, ip4, uid, username, groupid, styleid, invisible,
action, lastactivity, fid, tid) VALUES (‘$sid’, ‘$ips[0]’,
‘$ips[1]’, ‘$ips[2]’, ‘$ips[3]’, ‘$discuz_uid’, ‘$discuz_user’,
‘$groupid’, ‘$styleid’, ‘” . ($invisible==””?0:1) . “‘,
‘$discuz_action’, ‘$timestamp’, ‘” . ($fid==””?0:1) . “‘, ‘” .
($tid==””?0:1) . “‘)”); if($discuz_uid) { $db-query(“UPDATE
$table_members SET credit=credit “.intval($logincredits).”,
lastip=’$onlineip’, lastvisit=lastactivity, lastactivity=$timestamp
WHERE uid=’$discuz_uid'”, ‘UNBUFFERED’); } } $sessionupdated = 1; }}

PS:对原文件的修改较大,程序中注释已经很详尽,这里就不多说了。
复制代码 代码如下:
// header(‘Content-Type:text/html;charset=UTF-8’);
//if(function_exists(“mb_convert_encoding”)){
// $tmp = checkAndTranslate(“使用前请将该文件直接上传至论坛根目录”,
0);
// header(‘Content-Type:text/html;charset=UTF-8’);
// print($tmp);
//}else{
// print(“NO”);
//}
// exit(“this.line=”.__line__);
/*
文件名:locoyonline_for_discuz610.php
*使用前请将该文件直接上传至论坛根目录
*本文件为GBK编码;
*处理后导入数据库的编码为:utf-8;
*需要替换字符时,需把replace.txt复制到同目录下;
*/
//处理全局变量
//foreach($_POST as $key => $value){
//$$key = $value ;
//print($key.’ = ‘.$value.’n’);
//}
//var_dump($_POST);
//exit(‘end-0’);
// 需要插入的数据表
// 1.cdb_threads
// 2.cdb_rewardlog // ok 悬赏记录表
// 3.cdb_mythreads
// 4.cdb_posts
// 5.cdb_tags _update
// 6.cdb_threadtags
// 7.cdb_forums _update
// 8.cdb_members _update ok 更改悬赏表
//done end !
$user_list = file(‘./makeuser/username.txt’);
// 随机发帖的用户名单,必须是已经注册的
// 关于批量注册用户名可以参考 Discuz 6.0+ 批量注册用户名
$user_list = array_map(“curlAndCopy”, $user_list);
function curlAndCopy($a){
return trim($a);
}
$replyusers = implode(“|”,$user_list);
//处理回复的格式
function trimAndCurl($str){
$str = preg_replace(‘/ns{5,}/’,”, $str , 1);
$str = trim($str);
$str = checkAndTranslate($str);
return $str;
}
function checkAndTranslate($mess, $if_replace =1,
$in_char_type=’GBK’, $out_char_type=’UTF-8′){
//if replace ?
if($if_replace){
$mess = curlAndReplace($mess);
}
//if chinese GBK ?
if(preg_match(‘/[x80-xff]./’, $mess) ){
$mess = mb_convert_encoding($mess, $out_char_type,
$in_char_type);
}
return addslashes($mess) ;
}
function curlAndReplace($message){
$replace_list = file(‘./makeuser/replace.txt’);
foreach($replace_list as $item){
$item = preg_replace(“/s+/”,”||”,$item);
$items = explode(“||”,$item);
$tmp = ”;
$message = str_replace($items[0],$tmp,$message);
$message = str_replace($items[1],$items[0],$message);
$message = str_replace($tmp,$items[1],$message);
}
return $message;
}
define(‘CURSCRIPT’, ‘post’);
define(‘NOROBOT’, TRUE);
require_once ‘./include/common.inc.php’;
require_once DISCUZ_ROOT.’./include/post.func.php’;
$_DTYPE = $checkoption = $optionlist = array();
if($typeid) {
threadtype_checkoption();
}
require_once DISCUZ_ROOT.’./include/discuzcode.func.php’;
$navigation = $navtitle = $thread = ”;
//这里是新添加的代码以,开始
if ( $lid <> “locoy” )
{
// die(验证密码错误);
}
//这里是添加的代码,结束,
//rq204,Q285576545,2008.7.29
$navigation = “»
$forum[name]
$navigation”;
$navtitle = $navtitle.strip_tags($forum[‘name’]).’ – ‘;
if($forum[‘type’] == ‘sub’) {
$query = $db->query(“SELECT name, fid FROM {$tablepre}forums WHERE
fid=’$forum[fup]'”);
$fup = $db->fetch_array($query);
$navigation = “»
$fup[name]
$navigation”;
$navtitle = $navtitle.strip_tags($fup[‘name’]).’ – ‘;
}
$special = empty($special) || !is_numeric($special) || $special < 0
|| $special > 6 ? 0 : intval($special);
$allowpostattach = !empty($forum[‘allowpostattach’]) ||
(!$forum[‘postattachperm’] && $allowpostattach) ||
($forum[‘postattachperm’] && forumperm($forum[‘postattachperm’]));
$attachextensions = $forum[‘attachextensions’] ?
$forum[‘attachextensions’] : $attachextensions;
$enctype = $allowpostattach ? ‘enctype=”multipart/form-data”‘ : ”;
$maxattachsize_kb = $maxattachsize / 1000;
$postcredits = $forum[‘postcredits’] ? $forum[‘postcredits’] :
$creditspolicy[‘post’];
$replycredits = $forum[‘replycredits’] ? $forum[‘replycredits’] :
$creditspolicy[‘reply’];
$digestcredits = $forum[‘digestcredits’] ? $forum[‘digestcredits’] :
$creditspolicy[‘digest’];
$postattachcredits = $forum[‘postattachcredits’] ?
$forum[‘postattachcredits’] : $creditspolicy[‘postattach’];
$maxprice = isset($extcredits[$creditstrans]) ? $maxprice : 0;
$extra = rawurlencode($extra);
$blogcheck = empty($isblog) && empty($addtoblog) ? ” :
‘checked=”checked”‘;
$notifycheck = empty($emailnotify) ? ” : ‘checked=”checked”‘;
$stickcheck = empty($sticktopic) ? ” : ‘checked=”checked”‘;
$digestcheck = empty($addtodigest) ? ” : ‘checked=”checked”‘;
$subject = isset($subject) ? dhtmlspecialchars(censor(trim($subject))) :
”;
$message = isset($message) ? censor(trim($message)) : ”;
$readperm = isset($readperm) ? intval($readperm) : 0;
$price = isset($price) ? intval($price) : 0;
$urloffcheck = $usesigcheck = $smileyoffcheck = $codeoffcheck =
$htmloncheck = $emailcheck = ”;
$seccodecheck = ($seccodestatus & 4) && (!$seccodedata[‘minposts’] ||
$posts < $seccodedata[‘minposts’]);
$secqaacheck = $secqaa[‘status’][2] && (!$secqaa[‘minposts’] ||
$posts < $secqaa[‘minposts’]);
if($iscircle = $supe[‘status’] && $supe[‘circlestatus’] &&
$forum[‘status’] == 2) {
unset($forum[‘threadtypes’]);
}
$allowpostpoll = $allowpost && $allowpostpoll &&
($forum[‘allowpostspecial’] & 1);
$allowposttrade = $allowpost && $allowposttrade &&
($forum[‘allowpostspecial’] & 2);
$allowpostreward = $allowpost && $allowpostreward &&
($forum[‘allowpostspecial’] & 4) &&
isset($extcredits[$creditstrans]);
$allowpostactivity = $allowpost && $allowpostactivity &&
($forum[‘allowpostspecial’] & 8);
$allowpostdebate = $allowpost && $allowpostdebate &&
($forum[‘allowpostspecial’] & 16);
$allowpostvideo = $allowpost && $allowpostvideo &&
($forum[‘allowpostspecial’] & 32) && $videoopen;
$allowanonymous = $forum[‘allowanonymous’] || $allowanonymous ? 1 :
0;
$editorid = ‘posteditor’;
$editoroptions = str_pad(decbin($editoroptions), 2, 0,
STR_PAD_LEFT);
$editormode = $editormode == 2 ? $editoroptions{0} : $editormode;
$allowswitcheditor = $editoroptions{1};
$advanceeditor = $special ? 0 : 1;
$previewdisplay = !empty($previewpost) ? ” : ‘none’;
if($action == ‘newthread’) {
//复制newthread.inc.php
$discuz_action = 11;
if(empty($forum[‘fid’]) || $forum[‘type’] == ‘group’) {
exit(‘未选择版块或版块不能发帖’);
}
$isblog = empty($isblog) ? ” : ‘yes’;
if($subject == ” || $message == ”) {
exit(‘标题或内容为空’);
}
if($post_invalid = checkpost()) {
exit(‘标题或内容超过发帖限制’);
}
if($allowpostattach && is_array($_FILES[‘attach’])) {
foreach($_FILES[‘attach’][‘name’] as $attachname) {
if($attachname != ”) {
checklowerlimit($postattachcredits);
break;
}
}
}
$typeid = isset($typeid) &&
isset($forum[‘threadtypes’][‘types’][$typeid]) ? $typeid : 0;
$iconid = !empty($iconid) && isset($_DCACHE[‘icons’][$iconid]) ?
$iconid : 0;
$displayorder = $modnewthreads ? -2 : (($forum[‘ismoderator’] &&
!empty($sticktopic)) ? 1 : 0);
$digest = ($forum[‘ismoderator’] && !empty($addtodigest)) ? 1 : 0;
$blog = $allowuseblog && $forum[‘allowshare’] && !empty($addtoblog) ?
1 : 0;
$readperm = $allowsetreadperm ? $readperm : 0;
$isanonymous = $isanonymous && $allowanonymous ? 1 : 0;
$price = intval($price);
$price = $maxprice && !$special ? ($price <= $maxprice ? $price :
$maxprice) : 0;
//echo $typeid.’,’.’,’.’,’
if(!$typeid && $forum[‘threadtypes’][‘required’] && !$special) {
// exit(‘未填写主题分类’);
}
$discuz_user=$_POST[‘username’];
$discuz_user = checkAndTranslate($discuz_user, 0);
$sql_tmp = “SELECT uid,password,secques FROM {$tablepre}members m WHERE
m.username like ‘%$discuz_user%'”;
$query =$db->query($sql_tmp);
if ($rs=$db->fetch_row($query)){
list($discuz_uid,$discuz_pw, $discuz_secques ) =$rs;
}
else
{
// exit(‘不存在的用户名’.$discuz_user);
exit(‘不存在的用户名’.$sql_tmp);
}
//var_dump($_POST);exit(‘
this.line=’.__line__);
$messages = explode(“|||”,$message);
//是否需要去除对最佳答案的评论
//$messages = array_merge(array_slice($messages, 0, 2),
array_slice($messages, 3));
$mc = count($messages);
$replycount = $mc -1;
$author = !$isanonymous ? $discuz_user : ”;
$moderated = $digest || $displayorder > 0 ? 1 : 0;
$attachment = ($allowpostattach && $attachments = attach_upload()) ? 1
: 0;
$subscribed = !empty($emailnotify) && $discuz_uid ? 1 : 0;
$supe_pushstatus = $supe[‘status’] &&
$forum[‘supe_pushsetting’][‘status’] == 1 && !$modnewthreads ? ‘1’
: ‘0’;
$sgidadd1 = $sgidadd2 = ”;
if($iscircle) {
$sgidadd1 = ‘, sgid’;
$sgidadd2 = “, ‘$sgid'”;
}
/*预处理数据*/
//$price = mt_rand(3,10);
$price = 0;
$views = mt_rand(30,256);
$timestamp = mt_rand(strtotime(‘2008-12-25’)
,strtotime(‘2008-12-29’));
$tagstatus = 0;
$tags = “”;
//已解决:
//$price = -$price;
//$closed = 1;
//未解决:
$closed = 0;
$db->query(“INSERT INTO {$tablepre}threads (fid, readperm, price,
iconid, typeid, author, authorid, subject, dateline, lastpost,
lastposter, displayorder, digest, blog,attachment, subscribed,
moderated, supe_pushstatus $sgidadd1 ,special ,closed ,views)
VALUES (‘$fid’, ‘$readperm’, ‘$price’, ‘$iconid’, ‘$typeid’, ‘$author’,
‘$discuz_uid’, ‘”.checkAndTranslate($subject).”‘, ‘$timestamp’,
‘$timestamp’, ‘$author’, ‘$displayorder’, ‘$digest’, ‘$blog’,
‘$attachment’, ‘$subscribed’, ‘$moderated’, ‘$supe_pushstatus’
$sgidadd2 ,0 ,$closed ,$views )”);
$tid = $db->insert_id();
// making reward logs !
$db->query(“INSERT INTO {$tablepre}rewardlog
(tid,authorid,netamount,dateline) VALUES (‘$tid’, ‘$discuz_uid’,
‘$price’, ‘0’)”);
// updating members logs !
//if minus credits ?
//$db->query(“UPDATE {$tablepre}members SET
posts=posts+1,credits=credits+$price,lastpost='”.$_SERVER[‘REQUEST_TIME’].”‘
WHERE uid =’$discuz_uid’ “);
$db->query(“UPDATE {$tablepre}members SET
posts=posts+1,lastpost='”.$_SERVER[‘REQUEST_TIME’].”‘ WHERE uid
=’$discuz_uid’ “);
if($subscribed) {
$db->query(“REPLACE INTO {$tablepre}subscriptions (uid, tid,
lastpost, lastnotify)
VALUES (‘$discuz_uid’, ‘$tid’, ‘$timestamp’, ‘$timestamp’)”,
‘UNBUFFERED’);
}
$db->query(“REPLACE INTO {$tablepre}mythreads (uid, tid, dateline,
special) VALUES (‘$discuz_uid’, ‘$tid’, ‘$timestamp’, ‘0’)”,
‘UNBUFFERED’);
if($moderated) {
updatemodlog($tid, ($displayorder > 0 ? ‘STK’ : ‘DIG’));
updatemodworks(($displayorder > 0 ? ‘STK’ : ‘DIG’), 1);
}
if($forum[‘threadtypes’][‘special’][$typeid] && $optiondata &&
is_array($optiondata)) {
foreach($optiondata as $optionid => $value) {
$db->query(“INSERT INTO {$tablepre}typeoptionvars (typeid, tid,
optionid, value, expiration)
VALUES (‘$typeid’, ‘$tid’, ‘$optionid’, ‘$value’, ‘”.($typeexpiration ?
$timestamp + $typeexpiration : 0).”‘)”);
}
}
$bbcodeoff = checkbbcodes($message, !empty($bbcodeoff));
$smileyoff = checksmilies($message, !empty($smileyoff));
$parseurloff = !empty($parseurloff);
//$htmlon = bindec(($tagstatus && !empty($tagoff) ? 1 : 0).($allowhtml
&& !empty($htmlon) ? 1 : 0));
$htmlon = 1;
$pinvisible = $modnewthreads ? -2 : 0;
$db->query(“INSERT INTO {$tablepre}posts (fid, tid, first, author,
authorid, subject, dateline, message, useip, invisible, anonymous,
usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment)
VALUES (‘$fid’, ‘$tid’, ‘1’, ‘$discuz_user’, ‘$discuz_uid’,
‘$subject’, ‘$timestamp’, ‘”.checkAndTranslate($messages[0]).”‘,
‘$onlineip’, ‘$pinvisible’, ‘$isanonymous’, ‘$usesig’, ‘$htmlon’,
‘$bbcodeoff’, ‘$smileyoff’, ‘$parseurloff’, ‘$attachment’)”);
$pid = $db->insert_id();
if($tagstatus && $tags != ”) {
$tags = str_replace(array(chr(0xa1).chr(0xa1), chr(0xa1).chr(0x40),
chr(0xe3).chr(0x80).chr(0x80)), ‘ ‘, $tags);
$tagarray = array_unique(explode(‘ ‘, censor($tags)));
$tagcount = 0;
foreach($tagarray as $tagname) {
$tagname = trim($tagname);
if(preg_match(‘/^([x7f-xff_-]|w){3,20}$/’, $tagname)) {
$query = $db->query(“SELECT closed FROM {$tablepre}tags WHERE
tagname='”.checkAndTranslate($tagname, 0).”‘”);
if($db->num_rows($query)) {
if(!$tagstatus = $db->result($query, 0)) {
$db->query(“UPDATE {$tablepre}tags SET total=total+1 WHERE
tagname='”.checkAndTranslate($tagname, 0).”‘”, ‘UNBUFFERED’);
}
} else {
$db->query(“INSERT INTO {$tablepre}tags (tagname, closed, total)
VALUES (‘”.checkAndTranslate($tagname, 0).”‘, 0, 1)”, ‘UNBUFFERED’);
$tagstatus = 0;
}
if(!$tagstatus) {
$db->query(“INSERT {$tablepre}threadtags (tagname, tid) VALUES
(‘”.checkAndTranslate($tagname, 0).”‘, $tid)”, ‘UNBUFFERED’);
}
$tagcount++;
if($tagcount > 4) {
unset($tagarray);
break;
}
}
}
}
$tradeaid = 0;
if($attachment) {
$searcharray = $pregarray = $replacearray = array();
foreach($attachments as $key => $attach) {
$db->query(“INSERT INTO {$tablepre}attachments (tid, pid, dateline,
readperm, price, filename, description, filetype, filesize, attachment,
downloads, isimage, uid, thumb, remote)
VALUES (‘$tid’, ‘$pid’, ‘$timestamp’, ‘$attach[perm]’,
‘$attach[price]’, ‘$attach[name]’, ‘$attach[description]’,
‘$attach[type]’, ‘$attach[size]’, ‘$attach[attachment]’, ‘0’,
‘$attach[isimage]’, ‘$attach[uid]’, ‘$attach[thumb]’,
‘$attach[remote]’)”);
$searcharray[] = ‘[local]’.$localid[$key].'[/local]’;
$pregarray[] =
‘/[localimg=(d{1,3}),(d{1,3})]’.$localid[$key].'[/localimg]/is’;
$replacearray[] = ‘[attach]’.$db->insert_id().'[/attach]’;
}
$message = str_replace($searcharray, $replacearray,
preg_replace($pregarray, $replacearray, $message));
$db->query(“UPDATE {$tablepre}posts SET
message='”.checkAndTranslate($message, 0).”‘ WHERE pid=’$pid'”);
updatecredits($discuz_uid, $postattachcredits, count($attachments));
}
if($iscircle && $sgid) {
supe_dbconnect();
$query = $supe[‘db’]->query(“UPDATE {$supe[tablepre]}groups SET
lastpost=’$timestamp’ WHERE gid=’$sgid'”, ‘SILENT’);
}
if($modnewthreads) {
$db->query(“UPDATE {$tablepre}forums SET todayposts=todayposts+1
WHERE fid=’$fid'”, ‘UNBUFFERED’);
} else {
if($digest) {
foreach($digestcredits as $id => $addcredits) {
$postcredits[$id] = (isset($postcredits[$id]) ? $postcredits[$id]
: 0) + $addcredits;
}
}
updatepostcredits(‘+’, $discuz_uid, $postcredits);
$subject = str_replace(“t”, ‘ ‘, $subject);
$lastpost =
“$tidt”.checkAndTranslate($subject).”t$timestampt$author”;
$db->query(“UPDATE {$tablepre}forums SET lastpost=’$lastpost’,
threads=threads+1, posts=posts+1, todayposts=todayposts+1 WHERE
fid=’$fid'”, ‘UNBUFFERED’);
if($forum[‘type’] == ‘sub’) {
$db->query(“UPDATE {$tablepre}forums SET lastpost=’$lastpost’ WHERE
fid=’$forum[fup]'”, ‘UNBUFFERED’);
}
}
echo(“成功发表主题|”.$tid);
}
if($replycount)
{
//开始发布回复
$discuz_action = 12;
require_once DISCUZ_ROOT.’./include/forum.func.php’;
print_r($replyuser);
$replyusers = explode(“|”,$replyusers);
$reusercount = count($replyusers);
for($re=1;$re<=$replycount;$re++)
{
$index = mt_rand(1,$reusercount-1);
while( in_array( $index ,$post_arr ) || $replyusers[$index]
==$_POST[‘username’] ){
$index = mt_rand(1,$reusercount-1);
}
$post_arr[] = $index;
$discuz_user = $replyusers[$index];
$discuz_user = checkAndTranslate($discuz_user, 0);
$query =$db->query(“SELECT uid,password,secques FROM
{$tablepre}members m WHERE m.username like ‘%$discuz_user%'”);
if ($rs=$db->fetch_row($query)){
list($discuz_uid,$discuz_pw, $discuz_secques ) =$rs;
}
else
{
echo(‘不存在的用户名’.$discuz_user);
continue;
}
$attachnum = 0;
if($allowpostattach && !empty($_FILES[‘attach’]) &&
is_array($_FILES[‘attach’])) {
foreach($_FILES[‘attach’][‘name’] as $attachname) {
if($attachname != ”) {
$attachnum ++;
}
}
$attachnum && checklowerlimit($postattachcredits, $attachnum);
} else {
$_FILES = array();
}
$attachments = $attachnum ? attach_upload() : array();
$attachment = empty($attachments) ? 0 : 1;
$subscribed = $thread[‘subscribed’] && $timestamp –
$thread[‘lastpost’] < 7776000;
$newsubscribed = !empty($emailnotify) && $discuz_uid;
if($subscribed && !$modnewreplies) {
$db->query(“UPDATE {$tablepre}subscriptions SET lastpost=’$timestamp’
WHERE tid=’$tid’ AND uid<>’$discuz_uid'”, ‘UNBUFFERED’);
}
if($newsubscribed) {
$db->query(“REPLACE INTO {$tablepre}subscriptions (uid, tid,
lastpost, lastnotify)
VALUES (‘$discuz_uid’, ‘$tid’, ‘”.($modnewreplies ?
$thread[‘lastpost’] : $timestamp).”‘, ‘$timestamp’)”, ‘UNBUFFERED’);
}
$bbcodeoff = checkbbcodes($message, !empty($bbcodeoff));
$smileyoff = checksmilies($message, !empty($smileyoff));
$parseurloff = !empty($parseurloff);
// $htmlon = $allowhtml && !empty($htmlon) ? 1 : 0;
$htmlon = 1;
$usesig = !empty($usesig) ? 1 : 0;
$isanonymous = $allowanonymous && !empty($isanonymous)? 1 : 0;
//$discuz_user = checkAndTranslate($discuz_user, 0);
$author = empty($isanonymous) ? $discuz_user : ”;
$pinvisible = $modnewreplies ? -2 : 0;
$rand_time = mt_rand(150,3600);
$timestamp = $timestamp + $rand_time;
$db->query(“INSERT INTO {$tablepre}posts (fid, tid, first, author,
authorid, subject, dateline, message, useip, invisible, anonymous,
usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment)
VALUES (‘$fid’, ‘$tid’, ‘0’, ‘$discuz_user’, ‘$discuz_uid’, ”,
‘$timestamp’, ‘”.trimAndCurl($messages[$re]).”‘, ‘$onlineip’,
‘$pinvisible’, ‘$isanonymous’, ‘$usesig’, ‘$htmlon’, ‘$bbcodeoff’,
‘$smileyoff’, ‘$parseurloff’, ‘$attachment’)”);
$pid = $db->insert_id();
// updating reward logs
$db->query(“UPDATE {$tablepre}rewardlog SET
answererid=’$discuz_uid’,dateline=’$timestamp’ WHERE tid=’$tid'”);
// updating members logs !
if($re == 1){
//添加积分问题
$db->query(“UPDATE {$tablepre}members SET
posts=posts+1,credits=credits+$price,lastpost='”.$_SERVER[‘REQUEST_TIME’].”‘
WHERE uid =’$discuz_uid’ “);
}else{
$db->query(“UPDATE {$tablepre}members SET
posts=posts+1,lastpost='”.$_SERVER[‘REQUEST_TIME’].”‘ WHERE uid
=’$discuz_uid’ “);
}
$db->query(“REPLACE INTO {$tablepre}myposts (uid, tid, pid, position,
dateline, special) VALUES (‘$discuz_uid’, ‘$tid’, ‘$pid’,
‘”.($thread[‘replies’] + 1).”‘, ‘$timestamp’, ‘0’)”, ‘UNBUFFERED’);
$tradeaid = 0;
if($attachment) {
$searcharray = $pregarray = $replacearray = array();
foreach($attachments as $key => $attach) {
$db->query(“INSERT INTO {$tablepre}attachments (tid, pid, dateline,
readperm, price, filename, description, filetype, filesize, attachment,
downloads, isimage, uid, thumb, remote)
VALUES (‘$tid’, ‘$pid’, ‘$timestamp’, ‘$attach[perm]’,
‘$attach[price]’, ‘$attach[name]’, ‘$attach[description]’,
‘$attach[type]’, ‘$attach[size]’, ‘$attach[attachment]’, ‘0’,
‘$attach[isimage]’, ‘$attach[uid]’, ‘$attach[thumb]’,
‘$attach[remote]’)”);
$searcharray[] = ‘[local]’.$localid[$key].'[/local]’;
$pregarray[] =
‘/[localimg=(d{1,3}),(d{1,3})]’.$localid[$key].'[/localimg]/is’;
$insertid = $db->insert_id();
$replacearray[] = ‘[attach]’.$insertid.'[/attach]’;
}
if(!empty($trade) && $thread[‘special’] == 2 &&
!empty($_FILES[‘tradeattach’][‘tmp_name’][0])) {
$tradeaid = $insertid;
}
$message = str_replace($searcharray, $replacearray,
preg_replace($pregarray, $replacearray, $message));
$db->query(“UPDATE {$tablepre}posts SET
message='”.checkAndTranslate($message).”‘ WHERE pid=’$pid'”);
updatecredits($discuz_uid, $postattachcredits, count($attachments));
}
if($modnewreplies) {
$db->query(“UPDATE {$tablepre}forums SET todayposts=todayposts+1
WHERE fid=’$fid'”, ‘UNBUFFERED’);
if($newsubscribed) {
$db->query(“UPDATE {$tablepre}threads SET subscribed=’1′ WHERE
tid=’$tid'”, ‘UNBUFFERED’);
}
} else {
$db->query(“UPDATE {$tablepre}threads SET lastposter=’$author’,
lastpost=’$timestamp’, replies=replies+1 “.($attachment ? ‘,
attachment=’1” : ”).”, subscribed='”.($subscribed ||
$newsubscribed ? 1 : 0).”‘ WHERE tid=’$tid'”, ‘UNBUFFERED’);
updatepostcredits(‘+’, $discuz_uid, $replycredits);
$lastpost =
“$thread[tid]t”.checkAndTranslate($thread[‘subject’]).”t$timestampt$author”;
$db->query(“UPDATE {$tablepre}forums SET lastpost=’$lastpost’,
posts=posts+1, todayposts=todayposts+1 WHERE fid=’$fid'”,
‘UNBUFFERED’);
if($forum[‘type’] == ‘sub’) {
$db->query(“UPDATE {$tablepre}forums SET lastpost=’$lastpost’ WHERE
fid=’$forum[fup]'”, ‘UNBUFFERED’);
}
}
echo “成功回复”;
}
}
//exit(‘Run end.this.line=’.__line__);

还好,用户登录这里通过一个小小的方法可以实现和论坛同步了.可以不用passport接口.
这是我整理的数据,仅供参考.
登录传两值过来就行(username和password);
复制代码 代码如下:
session_start();
define(‘NOROBOT’, TRUE);
define(‘CURSCRIPT’, ‘logging’);
require_once ‘./include/common.inc.php’;
require_once DISCUZ_ROOT.’./include/misc.func.php’;
if($action == ‘login’) {
$field = $loginfield == ‘uid’ ? ‘uid’ : ‘username’;
//get secure code checking status (pos. -2)
$seccodecheck = substr(sprintf(‘%05b’, $seccodestatus), -2, 1);
if($seccodecheck && $seccodedata[‘loginfailedcount’]) {
$seccodecheck = $db->result($db->query(“SELECT count(*) FROM
{$tablepre}failedlogins WHERE ip=’$onlineip’ AND
count>=’$seccodedata[loginfailedcount]’ AND
$timestamp-lastupdate<=900”), 0);
}
$discuz_uid = 0;
$discuz_user = $discuz_pw = $discuz_secques = $md5_password = ”;
$member = array();
$loginperm = logincheck();
if(!$loginperm) {
showmessage(‘login_strike’);
}
$secques = quescrypt($questionid, $answer);
if(isset($loginauth)) {
$field = ‘username’;
$password = ‘VERIFIED’;
list($username, $md5_password) = daddslashes(explode(“t”,
authcode($loginauth, ‘DECODE’)), 1);
} else {
$md5_password = md5($password);
$password = preg_replace(“/^(.{“.round(strlen($password) /
4).”})(.+?)(.{“.round(strlen($password) / 6).”})$/s”,
“\1***\3”, $password);
}
$query = $db->query(“SELECT m.uid AS discuz_uid, m.username AS
discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,
m.adminid, m.groupid, m.styleid AS styleidmem, m.lastvisit, m.lastpost,
u.allowinvisible
FROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING
(groupid)
WHERE m.$field=’$username'”);
$member = $db->fetch_array($query);
//判断登录是否正确
if($member[‘password’]!=$md5_password){
echo “您输入的用户名或密码错误!”;
exit();
}
//通过就执行下边的程序
extract($member);
$discuz_userss = $discuz_user;
$discuz_user = addslashes($discuz_user);
if(($allowinvisible && $loginmode == ‘invisible’) || $loginmode ==
‘normal’) {
$db->query(“UPDATE {$tablepre}members SET invisible='”.($loginmode ==
‘invisible’ ? 1 : 0).”‘ WHERE uid=’$member[discuz_uid]'”,
‘UNBUFFERED’);
}
$styleid = intval(empty($_POST[‘styleid’]) ? ($styleidmem ?
$styleidmem :
$_DCACHE[‘settings’][‘styleid’]) : $_POST[‘styleid’]);
$cookietime = intval(isset($_POST[‘cookietime’]) ?
$_POST[‘cookietime’] :
($_DCOOKIE[‘cookietime’] ? $_DCOOKIE[‘cookietime’] : 0));
dsetcookie(‘cookietime’, $cookietime, 31536000);
dsetcookie(‘auth’,
authcode(“$discuz_pwt$discuz_secquest$discuz_uid”, ‘ENCODE’),
$cookietime);
$sessionexists = 0;
updatesession();//更新论坛USERPASS数据
echo “{‘action’:’ture’}”;//这里是您要输出的数据
print_r($_DSESSION);
echo $discuz_userss;
}
?>

发表评论

电子邮件地址不会被公开。 必填项已用*标注