int bbsdenyadd_main() { int i; char exp[80], board[80], *userid; int dt; struct userec *x; struct boardmem *x1; html_header(1); check_msg(); if (!loginok || isguest) http_fatal("您尚未登录, 请先登录"); changemode(READING); getparmboard(board, sizeof(board)); strsncpy(exp, getparm("exp"), 30); dt = atoi(getparm("dt")); if (!(x1 = getboard(board))) http_fatal("错误的讨论区"); if (!has_BM_perm(currentuser, x1)) http_fatal("你无权进行本操作"); loaddenyuser(board); userid = getparm("userid"); if (userid[0] == 0) return show_form(board); if (getuser(userid, &x) <= 0) http_fatal("错误的使用者帐号"); if (!has_post_perm(x, x1)) http_fatal("这个人本来就没有post权"); strcpy(userid, x->userid); if (!(currentuser->userlevel & PERM_SYSOP) && (dt > 14)) http_fatal("封禁时间大于14天,超过了权限,若需要,请联系站长"); if (dt < 1 || dt > 99) http_fatal("请输入被封天数(1-99)"); if (exp[0] == 0) http_fatal("请输入封人原因"); for (i = 0; i < denynum; i++) if (!strcasecmp(denyuser[i].id, userid)) http_fatal("此用户已经被封"); if (denynum > 40) http_fatal("太多人被封了"); strsncpy(denyuser[denynum].id, userid, 13); strsncpy(denyuser[denynum].exp, exp, 30); denyuser[denynum].free_time = now_t + dt * 86400; denynum++; savedenyuser(board); printf("封禁 %s 成功<br>\n", userid); tracelog("%s deny %s %s", currentuser->userid, board, userid); inform(board, userid, exp, dt); printf("[<a href=bbsdenyall?B=%d>返回被封帐号名单</a>]", getbnumx(x1)); http_quit(); return 0; }
//struct file_to_appendix a; int main() { FILE *fp; char filename[80], dir[80], board[80], title[80], buf[80], *content, vfrom[80]; char tmpbuf [5], title2 [10]; char redirfile[80]; int r, i=0, length=0, sig, mode=0, accessed=0; struct fileheader x; struct shortfile *brd; init_all(); if(!loginok) http_fatal("匆匆过客不能发表文章,请先登录"); mode=atoi(getparm("mode")); if(mode) strsncpy(redirfile, getparm("redir"), 20); strsncpy(board, getparm("board"), 18); strsncpy(vfrom, getparm("vfrom"), 18); if (!*vfrom) { strcpy(vfrom, board); } if(dashf("NOPOST")&&!HAS_PERM(PERM_OBOARDS) && insec(1,board) ) http_fatal("对不起,系统进入只读状态,暂停发表文章.你先四处看看吧"); /* efan: very faint */ if (dashf ("NOPOST.2") && ! HAS_PERM (PERM_OBOARDS) && ( !strcmp (board, "VoiceofNankai") || !strcmp (board, "Military") || !strcmp (board, "TaiWan") || !strcmp (board, "Salon")) ) http_fatal("对不起,本板进入只读状态,暂停发表文章"); if(!(currentuser.userlevel & PERM_POST)&&strcmp(board, "appeal")&&strcmp(board, "sysop")) http_fatal("您尚未通过注册,暂无发表文章权限"); if(check_post_limit(board)) return 0; strsncpy(title, getparm("title"), 50); strsncpy (tmpbuf, getparm ("title2"), 5); if (tmpbuf [0] != 0) sprintf (title2, "【%s】", tmpbuf); else title2[0] = 0; content=getparm("text"); brd=getbcache(board); /* add by wzk for outgo post */ //out=strlen(getparm("out")); //if (!(brd->flag & OUT_FLAG)) out=0; /* end */ if(brd==0) http_fatal("错误的讨论区名称"); strcpy(board, brd->filename); //huangxu@070217:no_word_filter flag int bd=0; char temp[80]; if(!(brd->flag2&NOFILTER_FLAG)&&(bad_words(title) || bad_words (tmpbuf) || bad_words(content) )){ bd=1; printf("您的文章可能包含不便显示的内容,已经提交审核。请返回并进行修改。"); sprintf(temp,"TEMP-%s",board); strcpy(board,"TEMP"); }else strcpy(temp,board); for(i=0; i<strlen(title); i++) if(title[i]<=27 && title[i]>=-1) title[i]=' '; sig=atoi(getparm("signature")); if(title[0]==0) http_fatal("文章必须要有标题"); if (title2 [0] == 0 && !strcmp (board, "Secondhand")) http_fatal ("在Secondhand板请说清楚您的需要!"); if (tmpbuf [0] != ' ') { char tmptmpbuf [80]; sprintf (tmptmpbuf, "%s%s", title2, title); strcpy (title, tmptmpbuf); } sprintf(dir, "boards/%s/.DIR", board); if(bd==0) if(!has_post_perm(¤tuser, board)) http_fatal("此讨论区是唯读的, 或是您尚无权限在此发表文章."); sprintf(filename, "boards/%s/deny_users", board); if(file_has_word(filename, currentuser.userid)) http_fatal("很抱歉, 你被板务人员停止了本板的post权利."); if(abs(time(0) - *(int*)(u_info->from+36))<6) { *(int*)(u_info->from+36)=time(0); http_fatal("两次发文间隔过密, 请休息几秒后再试"); } *(int*)(u_info->from+36)=time(0); sprintf(filename, "tmp/%d.%s.tmp", getpid(),currentuser.userid); f_append(filename, content); accessed=0; if(strlen(getparm("noreply"))>0) accessed=FILE_NOREPLY; int outgo=0; if(strlen(getparm("outgo"))>0) outgo=1; int attach=atoi(getparm("attach")); r=0; r=post_article2(temp, title, filename, currentuser.userid, currentuser.username, fromhost, sig-1, accessed, attach,outgo); if(r<=0) http_fatal("内部错误,无法发文"); char path[STRLEN]; /* while( appendix != NULL ) { bzero(&a,sizeof(struct appendix)); strcpy(a.appendixname,appendix); a.filename=r; a.sign=0; strcpy(a.path,board); sprintf(path,"%s/file_appendix",UPLOAD_PATH); append_record(&a,sizeof(struct appendix),path); appendix = strtok( NULL, "," ); } */ sprintf(buf,"M.%d.A",r); brc_init(currentuser.userid, board); brc_add_read(buf); brc_update(currentuser.userid, board); unlink(filename); sprintf(buf, "posted WWW '%s' on '%s'", title, board); report(buf); if(mode==0) sprintf(buf, "bbsdoc?board=%s#bottom", vfrom); else if(mode==1) sprintf(buf, "bbstcon?board=%s&file=%s&vfrom=%s#bottom", board, redirfile, vfrom); else if(mode==2) sprintf(buf, "bbstdoc?board=%s#bottom", vfrom); if(!junkboard(board)) { currentuser.numposts++; save_user_data(¤tuser); // write_posts(currentuser.userid, board, title); } if(toptenboard(board)) { write_posts(currentuser.userid, board, title); } else if(!strcmp("Blessing",board)) write_posts(currentuser.userid, board, title); // return 0; if(bd==0) redirect(buf); }
int main() { FILE *fp,*fp2; struct shortfile *brd; struct fileheader f; struct userec *u; char buf[80], dir[80], path[80], board[80], file[80], *id; char jdir[80]; int num=0; init_all(); if(!loginok) http_fatal("请先登录"); id=currentuser.userid; strsncpy(board, getparm("board"), 60); strsncpy(file, getparm("file"), 20); brd=getbcache(board); if(strncmp(file, "M.", 2) && strncmp(file, "G.", 2)) http_fatal("错误的参数"); if(strstr(file, "..")) http_fatal("错误的参数"); if(brd==0) http_fatal("板面错误"); if(!has_post_perm(¤tuser, board)) http_fatal("错误的讨论区"); sprintf(dir, "boards/%s/.DIR", board); sprintf(path, "boards/%s/%s", board, file); sprintf(jdir, "boards/%s/.junk", board); fp=fopen(dir, "r"); if(fp==0) http_fatal("错误的参数"); while(1) { if(fread(&f, sizeof(struct fileheader), 1, fp)<=0) break; if(!strcmp(f.filename, file)) {//huangxu@060715:web下删除m文章 if((strcasecmp(id, f.owner)||(f.accessed[0]&FILE_MARKED)) && !has_BM_perm(¤tuser, board)) http_fatal("你无权删除该文"); fp2=fopen(jdir, "a"); fwrite(&f, sizeof(struct fileheader), 1, fp2); fclose(fp2); if(!HAS_PERM(PERM_SYSOP))//huangxu@060406:deleted、junk已经无用 if(strstr(board,"syssecurity")||(!strcmp(board,"Punishment")&&!HAS_PERM(PERM_BLEVELS))) http_fatal("你无权删除该文"); del_record(dir, sizeof(struct fileheader), num); sprintf(buf, "\n※ %s 于 %s 删除·Web[FROM: %s]", currentuser.userid, Ctime(time(0))+4, fromhost); f_append(path, buf); /* if(!strcmp(f.owner, currentuser.userid)) { post_article("junk", f.title, path, f.owner, "", fromhost, -1); } else { post_article("deleted", f.title, path, f.owner, "", fromhost, -1); }*/ //unlink(path); printf("删除成功.<br><a href='bbsdoc?board=%s'>返回本讨论区</a>", board); u=getuser(f.owner); if(!junkboard(board) && u) { if(u->numposts>0) u->numposts--; save_user_data(u); } sprintf(buf, "%s %-12s bbsdel %s\n", Ctime(time(0))+4, id, board); f_append("trace", buf); http_quit(); } num++; } fclose(fp); printf("文件不存在, 删除失败.<br>\n"); printf("<a href='bbsdoc?board=%s'>返回本讨论区</a>", board); http_quit(); }
int main() { FILE *fp; int type=0, i, num, l; char userid[80], buf[512], path[512], file[512], board[512], title[80]=""; //struct shortfile *brd; struct fileheader *x; char c;//huangxu@060331 init_all(); modify_mode(u_info,EDIT+20000); //bluetent if(!loginok) http_fatal("匆匆过客不能修改文章,请先登录"); strsncpy(board, getparm("board"), 20); type=atoi(getparm("type")); brd=getbcache(board); if(brd==0) http_fatal("错误的讨论区!"); strcpy(board, brd->filename); strsncpy(file, getparm("file"), 20); if(!has_post_perm(¤tuser, board)) http_fatal("错误的讨论区或者您无权在此讨论区发表文章"); x=get_file_ent(board, file); if(strstr(file, "..") || strstr(file, "/")) http_fatal("错误的参数"); if(x==0) http_fatal("错误的参数"); if(strcmp(x->owner, currentuser.userid)) if(!has_BM_perm(¤tuser, board)) http_fatal("你无权修改此文章"); printf("<center>%s -- 修改文章 [使用者: %s]<hr color=green>\n", BBSNAME, currentuser.userid); if(type!=0) return update_form(board, file); printf("<table border=1>\n"); printf("<tr><td>"); printf("<tr><td><form method=post action=bbsedit>\n"); hsprintf(buf, "%s", x->title); printf("使用标题: %s 讨论区: %s<br>\n", buf, board); printf("本文作者:%s<br>\n", currentuser.userid); sprintf(path, "boards/%s/%s", board, file); fp=fopen(path, "r"); if(fp==0) http_fatal("文件丢失"); fseek(fp,0,2); l=ftell(fp); fseek(fp,0,0); for (i=4;l>0&&i>0;l--)//huangxu@060331 { c=fgetc(fp); if (c==0x0a) i--; } if (l<=0) http_fatal("错误的文件"); printf("<textarea name=text rows=20 cols=80 wrap=physicle>"); while(1) { if(fgets(buf, 500, fp)==0) break; //为什么这些代码无法工作? /*for (;i>0;i--) { printf("CHAR::%d::",*(buf+44)); pbuf++; pbuf=strchr(pbuf,0x0a); if (!pbuf) { printf("NOTFOUND%d",i); break; } printf("FOUND:%d,Length:%d,str=%s::",pbuf-buf,strlen(buf),buf); }*/ if(!strcasestr(buf, "</textarea>")) printf("%s", buf); } fclose(fp); printf("</textarea>\n"); printf("<tr><td class=post align=center>\n"); printf("<input type=hidden name=type value=1>\n"); printf("<input type=hidden name=board value=%s>\n", board); printf("<input type=hidden name=file value=%s>\n", file); printf("<input type=submit value=存盘> \n"); printf("<input type=button value=放弃编辑 onclick=javascript:history.go(-1)></form>\n"); printf("</table>"); http_quit(); }
int bbsvote_act(char * info) { FILE *fp; struct votebal currvote, ent; char buf[STRLEN], buf1[512]; char buf2[1024]; struct ballot uservote; // struct votelog log; int aborted = NA, pos; int i, chkd; unsigned int j, multiroll = 0; char board[80]; char posturl[256]; char controlfile[STRLEN]; char *date, *tmp1, *tmp2; char flagname[STRLEN]; char logname[STRLEN]; int voted_flag; //用户是否投过该项票 int num_voted; //这个是有多少人投过票 int num_of_vote; //这个是开启的投票数 int votenum; //这个是用户选择进行第几个投票 int votevalue = 0; int procvote; time_t closedate; struct stat st; int now_t=time(0); if (!loginok) { strcpy(info, "匆匆过客不能投票。"); return -1; } strsncpy(board, getparm("B"), 32); if (!*board) { strsncpy(board, getparm("board"), 32); } votenum = atoi(getparm("votenum")); procvote = atoi(getparm("procvote")); modify_mode(u_info, VOTING); if(!has_post_perm(¤tuser, board) || !HAS_PERM(PERM_VOTE))//去死吧倒霉的全站投票 { strcpy(info, "您无权在本板内投票。"); return -1; } sprintf(controlfile, "vote/%s/%s", board, "control"); num_of_vote = (stat(controlfile, &st) == -1) ? 0 : st.st_size / sizeof (struct votebal); if (!num_of_vote) { strcpy(info, "抱歉, 目前并没有任何投票举行。"); return -2; } fp = fopen(controlfile, "r"); if (!fp)//大概不会发生 { strcpy(info, "系统错误。"); return -256; } //从if中提出来的 if (!votenum) //这是投票列表 { printf ("<card title=\"投票箱 -- %s\">", BBSNAME); printf ("<p><anchor><go href=\"bbsdoc.wml?board=%s\" />%s板</anchor>投票</p>", board, board); for (i = 1; i <= num_of_vote; i++) { fread(&ent, sizeof (struct votebal), 1, fp); sprintf(flagname, "vote/%s/flag.%d", board, (int) ent.opendate); num_voted = (stat(flagname, &st) == -1) ? 0 : st.st_size / sizeof (struct ballot); closedate = ent.opendate + ent.maxdays * 86400; //注意,这里的date成了结束时间 w_hsprintf(buf2, "%s", ent.title);//输出标题 printf("<p><anchor><go href=\"bbsvote.wml?board=%s&votenum=%d\" />#%d %s<br />", board, i, i, buf2); //发起投票者被华丽地无视了! datestr(buf2, closedate); //类别也被华丽地无视了! printf ("结束:%s 参与:%d</anchor></p>", buf2, num_voted); } fclose(fp); return 0; } else { if (votenum > num_of_vote) { strcpy(info, "参数错误。"); return -3; } fseek(fp, sizeof (struct votebal) * (votenum - 1), 0); fread(&currvote, sizeof (struct votebal), 1, fp); fclose(fp); sprintf(flagname, "vote/%s/flag.%d", board, (int) currvote.opendate); num_voted = (stat(flagname, &st) == -1) ? 0 : st.st_size / sizeof (struct ballot); pos = 0; fp = fopen(flagname, "r"); voted_flag = NA; if (fp) { for (i = 1; i <= num_voted; i++) { fread(&uservote, sizeof (struct ballot), 1, fp); if (!strcasecmp(uservote.uid, currentuser.userid)) { voted_flag = YEA; pos = i; break; } } fclose(fp); } if (!voted_flag) { memset(&uservote, 0, sizeof (uservote)); } if (procvote == 0) //-------投票权限判断 //没仔细看-_-b { if (currentuser.firstlogin > currvote.opendate) { strcpy(info, "对不起, 本投票在您帐号申请之前开启,您不能投票。"); return -3; } else if (!HAS_PERM(currvote.level & ~(LISTMASK | VOTEMASK))) { strcpy(info, "对不起,您目前尚无权在本票箱投票。"); return -4; } else if(currvote.level & LISTMASK ) { char listfilename[STRLEN]; setvfile(listfilename, board, "vote.list"); if(!dashf(listfilename)) { strcpy(info, "对不起,本票箱需要设定好投票名册方可进行投票。"); return -5; } else if(!seek_in_file(listfilename,currentuser.userid)) { strcpy(info, "对不起, 投票名册上找不到您的大名。"); return -6; } } else if(currvote.level & VOTEMASK ) { if(currentuser.numlogins < currvote.x_logins || currentuser.numposts < currvote.x_posts ||currentuser.stay < currvote.x_stay * 3600 || currentuser.firstlogin > currvote.opendate - currvote.x_live * 86400) { strcpy(info, "对不起,您目前尚不够资格在本票箱投票。"); return -7; } } closedate = currvote.opendate + currvote.maxdays * 86400; printf ("<card title=\"投票箱 -- %s\">", BBSNAME); w_hsprintf (buf2, "%s", currvote.title); printf("<p>投票主题: %s<br />", buf2); printf("投票类型: %s<br />", vote_type[currvote.type - 1]); printf("发起投票: <anchor><go href=\"bbsqry.wml?userid=%s\" />%s</anchor><br />", currvote.userid, currvote.userid); printf("所在板面: <anchor><go href=\"bbsdoc.wml?board=%s\" />%s</anchor><br />", board, board); datetime(buf2, closedate); printf("结束时间: %s<br />", buf2); if (currvote.type != VOTE_ASKING) { printf("最多投票: %d<br />", currvote.maxtkt); printf("投票说明:<br />"); sprintf(buf, "vote/%s/desc.%d", board, (int) currvote.opendate); fp = fopen(buf, "r"); if (fp) { while (1) { if (fgets(buf1, sizeof (buf1), fp) == 0) { break; } w_hprintf("%s", buf1); printf ("<br />"); } fclose(fp); } } printf ("</p>"); //multiroll这种东西没用啦 sprintf (posturl, "bbsvote.wml?board=%s&votenum=%d", board, votenum); switch (currvote.type) { case VOTE_SINGLE: //单选 j = uservote.voted + (uservote.voted << currvote.totalitems); chkd = 0; //这是当前选中的 printf ("<p>选项列表:<br />"); for (i = 0; i < currvote.totalitems; i++) { w_hprintf ("选项%d %s", i + 1, currvote.items[i]); printf ("<br />"); if (j & 1) { chkd = i + 1; } j >>= 1; } printf ("请选择:<select name=\"inp_vote\" value=\"%d\">", chkd); printf ("<option value=\"0\">未选择</option>"); for (i = 0; i < currvote.totalitems; i++) { printf ("<option value=\"%d\">%d</option>", i + 1, i + 1); } printf ("</select></p>"); votesug_inp(&uservote); printf ("<p><anchor><go href=\"%s\" method=\"post\"><postfield name=\"procvote\" value=\"2\" />", posturl); wmlPostfield("vote"); votesug_pst(); printf ("</go>投票</anchor></p>"); break; case VOTE_MULTI: //复选 j = uservote.voted + (uservote.voted << currvote.totalitems); printf ("<p>选项列表<em>(最多投%d票)</em>:<br />", currvote.maxtkt); for (i = 0; i < currvote.totalitems; i++) { printf ("<select name=\"inp_votemulti%d\" value=\"%d\"><option value=\"0\">不选择</option><option value=\"1\">已选择</option></select> ", i + 1, (j & 1)); w_hprintf ("%s", currvote.items[i]); printf ("<br />"); j >>= 1; } printf ("</p>"); votesug_inp(&uservote); printf ("<p><anchor><go href=\"%s\" method=\"post\"><postfield name=\"procvote\" value=\"3\" />", posturl); for (i = 0; i < currvote.totalitems; i++) { sprintf (buf2, "votemulti%d", i + 1); wmlPostfield(buf2); } votesug_pst(); printf ("</go>投票</anchor></p>"); break; case VOTE_YN: //是非 ... 不是跟单选一样的么? j = uservote.voted + (uservote.voted << currvote.totalitems); chkd = 0; //这是当前选中的 printf ("<p>选项列表:<br />"); for (i = 0; i < currvote.totalitems; i++) { if (j & 1) { chkd = i + 1; break; } j >>= 1; } printf ("请选择:<select name=\"inp_vote\" value=\"%d\">", chkd); printf ("<option value=\"0\">未选择</option>"); for (i = 0; i < currvote.totalitems; i++) { printf ("<option value=\"%d\">", i + 1); w_hprintf ("%s", currvote.items[i]); printf ("</option>"); } printf ("</select></p>"); votesug_inp(&uservote); printf ("<p><anchor><go href=\"%s\" method=\"post\"><postfield name=\"procvote\" value=\"1\" />", posturl); //这里不同,单选procvote=2 wmlPostfield("vote"); votesug_pst(); printf ("</go>投票</anchor></p>"); break; case VOTE_VALUE: //数值 printf ("<p>请输入一个值:"); printf ("<input name=\"inp_votevalue\" value=\"%d\" /></p>", uservote.voted); votesug_inp(&uservote); printf ("<p><anchor><go href=\"%s\" method=\"post\"><postfield name=\"procvote\" value=\"4\" />", posturl); wmlPostfield("votevalue"); votesug_pst(); printf ("</go>投票</anchor></p>"); break; case VOTE_ASKING: votesug_inp(&uservote); printf ("<p><anchor><go href=\"%s\" method=\"post\"><postfield name=\"procvote\" value=\"5\" />", posturl); votesug_pst(); printf ("</go>投票</anchor></p>"); break; default: printf ("<p>没有这种类型的投票啊。</p>"); return 0; //:( //<-switch } } else { if (procvote != currvote.type) { strcpy(info, "投票错误。"); return -1; } switch (procvote) { case 2: //VOTE_SINGLE votevalue = 1; votevalue <<= atoi(getparm("vote")) - 1; if (atoi(getparm("vote")) > currvote.totalitems + 1) { strcpy(info, "无效选项。"); return -1; } aborted = (votevalue == uservote.voted); break; case 3: //VOTE_MULTI votevalue = 0; j = 0; for (i = currvote.totalitems - 1; i >= 0; i--) { votevalue <<= 1; sprintf(buf, "votemulti%d", i + 1); votevalue |= !!atoi(getparm(buf)); j += !!atoi(getparm(buf)); } aborted = (votevalue == uservote.voted); if (j > currvote.maxtkt) { sprintf(info, "本投票最多只能选择%d个选项。", currvote.maxtkt); return -1; } break; case 1: //VOTE_YN votevalue = 1; j = atoi(getparm("vote")) - 1; if (j > currvote.totalitems || j < 0) { strcpy(info, "无效选项。"); return -1; } votevalue <<= j; aborted = (votevalue == uservote.voted); break; case 4: //VOTE_VALUE aborted = ((votevalue = atoi(getparm("votevalue"))) == uservote.voted); if (votevalue < 0 || votevalue > currvote.maxtkt) { sprintf(info, "应当介于0到%d之间(含)。", currvote.maxtkt); return -1; } break; case 5: //VOTE_ASKING aborted = NA; break; //<-switch } printf ("<card title=\"投票箱 -- %s\">", BBSNAME); if (aborted == YEA) { printf ("<p>未修改该投票的选项。</p>"); return 0; } else { fp = fopen(flagname, "r+"); if (fp == 0) { fp = fopen(flagname, "w+"); } if (fp) { flock(fileno(fp), LOCK_EX); if (pos > 0) { fseek(fp, (pos - 1) * sizeof (struct ballot), SEEK_SET); } else { fseek(fp, 0, SEEK_END); } strcpy(uservote.uid, currentuser.userid); uservote.voted = votevalue; for (i = 0; i < 3; i++) { sprintf (buf2, "sug%d", i); strncpy (uservote.msg[i], getparm(buf2), 78); removeInvisibleChars(uservote.msg[i], ' '); } fwrite(&uservote, sizeof (struct ballot), 1, fp); flock(fileno(fp), LOCK_UN); fclose(fp); printf("<p>已经帮您投入票箱中。</p>"); sprintf(buf, "%s %s %s", currentuser.userid, currentuser.lasthost, Ctime(now_t)); fs_append(BBSHOME"/vote.log", buf); } else { printf ("<p>系统发生了一点小小的问题-_-b</p>"); } } } }