cloudsearch.inc.php
5.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: cloudsearch.inc.php 29366 2012-04-09 03:00:26Z zhouxiaobo $
*/
if(!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if($_GET['formhash'] != FORMHASH) {
showmessage('undefined_action');
}
if(!$_G['uid']) {
showmessage('undefined_action');
}
if($_G['cookie']['ffids' . $_G['uid']]) {
showmessage('get_forbidden_formula_forum_already');
}
require_once libfile('function/forum');
$forbiddenFids = array();
foreach(C::t('#cloudsearch#forum_forum_plugin')->fetch_all_forum_by_formula_for_plugin() as $forum) {
if (check_formula_forum_isforbidden($forum['formulaperm'])) {
$forbiddenFids[] = $forum['fid'];
}
}
dsetcookie('ffids' . $_G['uid'], authcode(implode('D', $forbiddenFids), 'ENCODE'), 86400);
function check_formula_forum_isforbidden($formula) {
global $_G;
$formula = dunserialize($formula);
$medalperm = $formula['medal'];
$permusers = $formula['users'];
$permmessage = $formula['message'];
$formulatext = $formula[0];
$formula = $formula[1];
if($_G['adminid'] == 1 || $_G['forum']['ismoderator'] || in_array($_G['groupid'], explode("\t", $_G['forum']['spviewperm']))) {
return FALSE;
}
if($permusers) {
$permusers = str_replace(array("\r\n", "\r"), array("\n", "\n"), $permusers);
$permusers = explode("\n", trim($permusers));
if(!in_array($_G['member']['username'], $permusers)) {
return TRUE;
}
}
if(!$formula) {
return FALSE;
}
if(strexists($formula, '$memberformula[')) {
preg_match_all("/\\\$memberformula\['(\w+?)'\]/", $formula, $a);
$profilefields = array();
foreach($a[1] as $field) {
switch($field) {
case 'regdate':
$formula = preg_replace("/\{(\d{4})\-(\d{1,2})\-(\d{1,2})\}/e", "'\'\\1-'.sprintf('%02d', '\\2').'-'.sprintf('%02d', '\\3').'\''", $formula);
case 'regday':
break;
case 'regip':
case 'lastip':
$formula = preg_replace("/\{([\d\.]+?)\}/", "'\\1'", $formula);
$formula = preg_replace('/(\$memberformula\[\'(regip|lastip)\'\])\s*=+\s*\'([\d\.]+?)\'/', "strpos(\\1, '\\3')===0", $formula);
case 'buyercredit':
case 'sellercredit':
space_merge($_G['member'], 'status');break;
case substr($field, 0, 5) == 'field':
space_merge($_G['member'], 'profile');
$profilefields[] = $field;break;
}
}
$memberformula = array();
if($_G['uid']) {
$memberformula = $_G['member'];
if(in_array('regday', $a[1])) {
$memberformula['regday'] = intval((TIMESTAMP - $memberformula['regdate']) / 86400);
}
if(in_array('regdate', $a[1])) {
$memberformula['regdate'] = date('Y-m-d', $memberformula['regdate']);
}
$memberformula['lastip'] = $memberformula['lastip'] ? $memberformula['lastip'] : $_G['clientip'];
} else {
if(isset($memberformula['regip'])) {
$memberformula['regip'] = $_G['clientip'];
}
if(isset($memberformula['lastip'])) {
$memberformula['lastip'] = $_G['clientip'];
}
}
}
@eval("\$formulaperm = ($formula) ? TRUE : FALSE;");
if(!$formulaperm) {
if(!$permmessage) {
$language = lang('forum/misc');
$search = array('regdate', 'regday', 'regip', 'lastip', 'buyercredit', 'sellercredit', 'digestposts', 'posts', 'threads', 'oltime');
$replace = array($language['formulaperm_regdate'], $language['formulaperm_regday'], $language['formulaperm_regip'], $language['formulaperm_lastip'], $language['formulaperm_buyercredit'], $language['formulaperm_sellercredit'], $language['formulaperm_digestposts'], $language['formulaperm_posts'], $language['formulaperm_threads'], $language['formulaperm_oltime']);
for($i = 1; $i <= 8; $i++) {
$search[] = 'extcredits'.$i;
$replace[] = $_G['setting']['extcredits'][$i]['title'] ? $_G['setting']['extcredits'][$i]['title'] : $language['formulaperm_extcredits'].$i;
}
if($profilefields) {
loadcache(array('fields_required', 'fields_optional'));
foreach($profilefields as $profilefield) {
$search[] = $profilefield;
$replace[] = !empty($_G['cache']['fields_optional']['field_'.$profilefield]) ? $_G['cache']['fields_optional']['field_'.$profilefield]['title'] : $_G['cache']['fields_required']['field_'.$profilefield]['title'];
}
}
$i = 0;$_G['forum_usermsg'] = '';
foreach($search as $s) {
if(in_array($s, array('digestposts', 'posts', 'threads', 'oltime', 'extcredits1', 'extcredits2', 'extcredits3', 'extcredits4', 'extcredits5', 'extcredits6', 'extcredits7', 'extcredits8'))) {
$_G['forum_usermsg'] .= strexists($formulatext, $s) ? '<br /> '.$replace[$i].': '.(@eval('return intval(getuserprofile(\''.$s.'\'));')) : '';
} elseif(in_array($s, array('regdate', 'regip', 'regday'))) {
$_G['forum_usermsg'] .= strexists($formulatext, $s) ? '<br /> '.$replace[$i].': '.(@eval('return $memberformula[\''.$s.'\'];')) : '';
}
$i++;
}
$search = array_merge($search, array('and', 'or', '>=', '<=', '=='));
$replace = array_merge($replace, array(' <b>'.$language['formulaperm_and'].'</b> ', ' <b>'.$language['formulaperm_or'].'</b> ', '≥', '≤', '='));
$_G['forum_formulamessage'] = str_replace($search, $replace, $formulatext);
} else {
$_G['forum_formulamessage'] = $permmessage;
}
return TRUE;
}
return FALSE;
}