//public proxy()
protected override void OnInit(System.EventArgs e)
{
if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()))
{
return;
}
string url = DNTRequest.GetQueryString("url");
if (url == null || url == string.Empty)
{
return;
}
url = HttpUtility.UrlDecode(url);
string enc = "utf-8";
if (DNTRequest.GetQueryString("enc") != "")
{
enc = DNTRequest.GetQueryString("enc");
}
string err = "";
if (enc == "gb2312")
{
url = Globals.EncodeStringAsGB2312(url);
}
HttpWebResponse response = Globals.GetPageResponse(url, out err);
if (response == null)
{
HttpContext.Current.Response.Write(err);
HttpContext.Current.Response.End();
return;
}
// WebHeaderCollection headers = response.Headers;
// foreach (string key in headers.Keys)
// {
// HttpContext.Current.Response.AppendHeader(key, headers[key]);
// }
Encoding encoding = Encoding.GetEncoding(enc);
HttpContext.Current.Response.ContentType = response.ContentType;
Stream instream = response.GetResponseStream();
StreamReader sr = new StreamReader(instream, encoding);
//返回结果网页(html)代码
string content = sr.ReadToEnd();
HttpContext.Current.Response.ContentEncoding = encoding;
HttpContext.Current.Response.Write(content);
HttpContext.Current.Response.End();
}
protected override void ShowPage()
{
pagetitle = "用户管理";
if (userid == -1)
{
AddErrLine("请先登录");
return;
}
if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()) || Utils.StrIsNullOrEmpty(action))
{
AddErrLine("非法提交");
return;
}
if (action == "")
{
AddErrLine("操作类型参数为空");
return;
}
// 如果拥有管理组身份
admininfo = AdminGroups.GetAdminGroupInfo(usergroupid);
// 如果所属管理组不存在
if (admininfo == null)
{
AddErrLine("你没有管理权限");
return;
}
if (operateduid == -1)
{
AddErrLine("没有选择要操作的用户");
return;
}
operateduser = Users.GetShortUserInfo(operateduid);
if (operateduser == null)
{
AddErrLine("选择的用户不存在");
return;
}
if (operateduser.Adminid > 0)
{
AddErrLine("无法对拥有管理权限的用户进行操作, 请管理员登录后台进行操作");
return;
}
operatedusername = operateduser.Username;
if (!ispost)
{
Utils.WriteCookie("reurl", DNTRequest.GetUrlReferrer());
if (action == "banuser")
{
operationtitle = "禁止用户";
switch (operateduser.Groupid)
{
case 4:
bantype = 1;
groupexpiry = "(" + Utils.FormatDate(operateduser.Groupexpiry) + ")";
break;
case 5:
bantype = 2;
groupexpiry = "(" + Utils.FormatDate(operateduser.Groupexpiry) + ")";
break;
case 6:
bantype = 3;
groupexpiry = "(" + Utils.FormatDate(operateduser.Groupexpiry) + ")";
break;
default:
bantype = 0;
break;
}
if (admininfo.Allowbanuser != 1)
{
AddErrLine("您没有禁止用户的权限");
return;
}
}
}
else if (action == "banuser")
{
operationtitle = "禁止用户";
DoBanUserOperation();
}
}
public AjaxPage()
{
config = GeneralConfigs.GetConfig();
//如果是Flash提交
if (Utils.StrIsNullOrEmpty(DNTRequest.GetUrlReferrer()))
{
string[] input = DecodeUid(DNTRequest.GetString("input")).Split(','); //下标0为Uid,1为Olid
UserInfo userInfo = Users.GetUserInfo(TypeConverter.StrToInt((input[0])));
if (userInfo == null || DNTRequest.GetString("appid") != Utils.MD5(userInfo.Username + userInfo.Password + userInfo.Uid + input[1]))
{
return;
}
}
else if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost())) //如果是跨站提交...
{
return;
}
string type = DNTRequest.GetString("t");
if (Utils.InArray(type, "deleteattach,getattachlist,deletepostsbyuidanddays,deletepost,ignorepost,passpost,deletetopic,ignoretopic,passtopic,getimagelist,getblocklist,getpagelist,forumtree,topictree,quickreply,report,getdebatepostpage,confirmbuyattach,getnewpms,getnewnotifications,getajaxforums,checkuserextcredit,diggdebates,imagelist,debatevote"))
{
//如果需要验证用户身份,跳转至继承了PageBase的页面
try
{
HttpContext.Current.Server.Transfer("sessionajax.aspx?t=" + type + "&reason=" + DNTRequest.GetString("reason"));
}
catch //子页面请求错误,期待更好方案
{ }
return;
}
switch (type)
{
case "checkusername":
CheckUserName(); //检查用户名是否存在
break;
case "album": //相册
GetAlbum();
break;
case "checkrewritename":
CheckRewriteName();
break;
case "ratelist":
GetRateLogList(); //帖子评分记录
break;
case "smilies":
GetSmilies();
break;
case "relatekw":
GetRelateKeyword();
break;
case "gettopictags":
GetTopicTags();
break;
case "topicswithsametag":
GetTopicsWithSameTag();
break;
case "getforumhottags":
GetForumHotTags();
break;
case "getspaceposttags":
GetSpacePostTags();
break;
case "getspacehottags":
GetSpaceHotTags();
break;
case "getphototags":
GetPhotoTags();
break;
case "getphotohottags":
GetPhotoHotTags();
break;
case "getgoodstradelog":
GetGoodsTradeLog(DNTRequest.GetInt("goodsid", 0), DNTRequest.GetInt("pagesize", 0), DNTRequest.GetInt("pageindex", 0), DNTRequest.GetString("orderby", true), DNTRequest.GetInt("ascdesc", 1));
break;
case "getgoodsleavewordbyid":
GetGoodsLeaveWordById(DNTRequest.GetInt("leavewordid", 0));
break;
case "getgoodsleaveword":
GetGoodsLeaveWord(DNTRequest.GetInt("goodsid", 0), DNTRequest.GetInt("pagesize", 0), DNTRequest.GetInt("pageindex", 0));
break;
case "ajaxgetgoodsratelist":
GetGoodsRatesList(DNTRequest.GetInt("uid", 0), DNTRequest.GetInt("uidtype", 0), DNTRequest.GetInt("ratetype", 0), DNTRequest.GetString("filter", true));
break;
case "getmallhottags":
GetMallHotTags();
break;
case "gethotgoods":
GetHotGoods(DNTRequest.GetInt("days", 0), DNTRequest.GetInt("categoryid", 0), DNTRequest.GetInt("count", 0));
break;
case "getshopinfo": //获取热门或新开的店铺信息
GetShopInfoJson(DNTRequest.GetInt("shoptype", 0));
break;
case "getgoodslist":
GetGoodsList(DNTRequest.GetInt("categoryid", 0), DNTRequest.GetInt("order", 0), DNTRequest.GetInt("topnumber", 0));
break;
case "gethotdebatetopic":
Getdebatesjsonlist("gethotdebatetopic", DNTRequest.GetString("tidlist", true));
break;
case "recommenddebates":
Getdebatesjsonlist("recommenddebates", DNTRequest.GetString("tidlist", true));
break;
case "addcommentdebates":
ResponseXML(Debates.CommentDabetas(DNTRequest.GetInt("tid", 0), DNTRequest.GetString("commentdebates", true), DNTRequest.IsPost()));
break;
case "getpostinfo":
GetPostInfo();
break;
case "getattachpaymentlog": //获取指定符件id的附件交易日志
GetAttachPaymentLogByAid(DNTRequest.GetInt("aid", 0));
break;
case "getiplist":
GetIpList();
break;
case "getforumtopictypelist":
GetForumTopicTypeList();
break;
case "image":
GetImage();
break;
case "resetemail":
ResetEmail();
break;
}
if (DNTRequest.GetString("Filename") != "" && DNTRequest.GetString("Upload") != "")
{
string uid = DecodeUid(DNTRequest.GetString("input")).Split(',')[0];
ResponseText(UploadTempAvatar(uid));
return;
}
if (DNTRequest.GetString("avatar1") != "" && DNTRequest.GetString("avatar2") != "" && DNTRequest.GetString("avatar3") != "")
{
string uid = DecodeUid(DNTRequest.GetString("input")).Split(',')[0];
CreateDir(uid);
if (!(SaveAvatar("avatar1", uid) && SaveAvatar("avatar2", uid) && SaveAvatar("avatar3", uid)))
{
File.Delete(Utils.GetMapPath(BaseConfigs.GetForumPath + "upload\\temp\\avatar_" + uid + ".jpg"));
ResponseText("<?xml version=\"1.0\" ?><root><face success=\"0\"/></root>");
return;
}
File.Delete(Utils.GetMapPath(BaseConfigs.GetForumPath + "upload\\temp\\avatar_" + uid + ".jpg"));
ResponseText("<?xml version=\"1.0\" ?><root><face success=\"1\"/></root>");
return;
}
}
public AttachUploadPage()
{
if (!DNTRequest.GetRawUrl().Contains("action=swfupload") && ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost())) //如果是跨站提交...
{
return;
}
//处理flash批量上传无法获取userid的问题
bool canpostattach = true;
if (DNTRequest.GetString("operation") == "upload")
{
string uploadUserid = DNTRequest.GetString("uid");
int olid = Discuz.Forum.OnlineUsers.GetOlidByUid(TypeConverter.StrToInt(uploadUserid));
if (olid > 0)
{
OnlineUserInfo oluserinfo = Discuz.Forum.OnlineUsers.GetOnlineUser(olid);
string hash = Discuz.Common.DES.Encode(oluserinfo.Olid.ToString() + "," + oluserinfo.Username.ToString(), oluserinfo.Password.Substring(0, 10)).Replace("+", "[");
if (DNTRequest.GetString("hash") == hash)
{
userid = oluserinfo.Userid;
usergroupinfo = UserGroups.GetUserGroupInfo(oluserinfo.Groupid);
}
else
{
canpostattach = false;
}
}
else
{
canpostattach = false;
}
}
UserInfo userinfo = Users.GetUserInfo(userid);
ForumInfo forum = Forums.GetForumInfo(forumid);
int MaxTodaySize = (userid > 0 ? Attachments.GetUploadFileSizeByuserid(userid) : 0);
//今天可上传得大小
int attachsize = usergroupinfo.Maxsizeperday - MaxTodaySize;
//得到用户可以上传的文件类型
string attachmentTypeSelect = Attachments.GetAllowAttachmentType(usergroupinfo, forum);
string attachextensions = Attachments.GetAttachmentTypeArray(attachmentTypeSelect);
string attachextensionsnosize = Attachments.GetAttachmentTypeString(attachmentTypeSelect);
if (DNTRequest.GetString("action") == "swfupload" && DNTRequest.GetString("operation") == "config")
{
GetConfig(userid, attachextensionsnosize, attachsize, DNTRequest.GetString("type").Trim() == "image");
}
else
{
//处理附件
string msg = "";
StringBuilder sb = new StringBuilder();
canpostattach &= UserAuthority.PostAttachAuthority(forum, usergroupinfo, userid, ref msg);
if (!canpostattach)
{
ResponseXML(sb.Append("DISCUZUPLOAD|11|0|-1").ToString());//11,上传权限
return;
}
if (attachsize <= 0)
{
ResponseXML(sb.Append("DISCUZUPLOAD|3|0|-1").ToString());//3,附件大小超限
return;
}
//得到今天允许用户上传的附件总大小(字节)
AttachmentInfo[] attachmentinfoarray = ForumUtils.SaveRequestFiles(forumid, config.Maxattachments, usergroupinfo.Maxsizeperday, usergroupinfo.Maxattachsize, MaxTodaySize,
attachextensions, forum.Disablewatermark == 1 ? 0 : config.Watermarkstatus, config, "Filedata", DNTRequest.GetString("type") == "image");
if (attachmentinfoarray.Length > 0)//已有上传文件
{
int aId = DNTRequest.GetInt("aid", 0);
string noUpload = "";
foreach (AttachmentInfo attachmentinfo in attachmentinfoarray)
{
noUpload = string.IsNullOrEmpty(attachmentinfo.Sys_noupload) ? noUpload : attachmentinfo.Sys_noupload;
attachmentinfo.Uid = userid;
}
if (aId <= 0)
{
Attachments.CreateAttachments(attachmentinfoarray);
}
else if (string.IsNullOrEmpty(noUpload))
{
AttachmentInfo attchmentInfo = Attachments.GetAttachmentInfo(aId);
//判断当前用户是否为附件所有者
if (attchmentInfo == null || (userinfo.Adminid <= 0 && attchmentInfo.Uid != userid))
{
return;
}
attchmentInfo.Postdatetime = attachmentinfoarray[0].Postdatetime;
attchmentInfo.Filename = attachmentinfoarray[0].Filename;
attchmentInfo.Description = attachmentinfoarray[0].Description;
attchmentInfo.Filetype = attachmentinfoarray[0].Filetype;
attchmentInfo.Filesize = attachmentinfoarray[0].Filesize;
attchmentInfo.Attachment = attachmentinfoarray[0].Attachment;
attchmentInfo.Width = attachmentinfoarray[0].Width;
attchmentInfo.Height = attachmentinfoarray[0].Height;
attchmentInfo.Isimage = attachmentinfoarray[0].Isimage;
Attachments.UpdateAttachment(attchmentInfo);
}
StringBuilder text = new StringBuilder();
int type = attachmentinfoarray[0].Filetype.StartsWith("image") ? 0 : -1;
int resultCode = GetNoUploadCode(noUpload);
if (aId <= 0)
{
if (DNTRequest.GetString("action") != "swfupload")
{
text.AppendFormat("DISCUZUPLOAD|{0}|{1}|{2}", resultCode, attachmentinfoarray[0].Aid, type);
}
else
{
text.AppendFormat(resultCode != 0 ? "error" : attachmentinfoarray[0].Aid.ToString());
}
}
else
{
text.AppendFormat("DISCUZUPDATE|{0}|{1}|{2}|{3}", resultCode, attachmentinfoarray[0].Attachment, aId, type);
}
ResponseXML(text.ToString());
}
}
}
protected override void ShowPage()
{
if (config.Enablemall == 0) //未启用交易服务
{
AddErrLine("系统未开启交易服务, 当前页面暂时无法访问!");
return;
}
if (userid == -1)
{
AddErrLine("请先登录");
return;
}
if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()) || action == "")
{
AddErrLine("非法提交");
return;
}
goodscategoryinfo = GoodsCategories.GetGoodsCategoryInfoById(categoryid);
forumid = goodscategoryinfo.Fid;
// 检查是否具有版主的身份
ismoder = Moderators.IsModer(useradminid, userid, forumid);
// 如果拥有管理组身份
AdminGroupInfo admininfo = AdminGroups.GetAdminGroupInfo(usergroupid);
operationtitle = "操作提示";
SetUrl(base.ShowGoodsListAspxRewrite(categoryid, 0));
if (action == "")
{
AddErrLine("操作类型参数为空");
return;
}
if (forumid == -1)
{
AddErrLine("无效的商品分类ID");
return;
}
if (DNTRequest.GetFormString("goodsid") != "" && !Goods.InSameCategory(goodslist, categoryid))
{
AddErrLine("无法对非本分类商品进行管理操作");
return;
}
forum = Forums.GetForumInfo(forumid);
forumname = forum.Name;
if (!Forums.AllowViewByUserId(forum.Permuserlist, userid)) //判断当前用户在当前版块浏览权限
{
if (forum.Viewperm == null || forum.Viewperm == string.Empty) //当板块权限为空时,按照用户组权限
{
if (useradminid != 1 && (usergroupinfo.Allowvisit != 1 || usergroupinfo.Allowtrade != 1))
{
AddErrLine("您当前的身份 \"" + usergroupinfo.Grouptitle + "\" 没有浏览该商品的权限");
return;
}
}
else //当板块权限不为空,按照板块权限
{
if (!Forums.AllowView(forum.Viewperm, usergroupid))
{
AddErrLine("您没有浏览该商品的权限");
return;
}
}
}
pagetitle = Utils.RemoveHtml(forumname);
forumnav = ForumUtils.UpdatePathListExtname(forum.Pathlist.Trim(), config.Extname);
if (goodslist.CompareTo("") == 0)
{
AddErrLine("您没有选择商品或相应的管理操作,请返回修改");
return;
}
if (operation.CompareTo("") != 0)
{
// DoOperations执行管理操作
if (!DoOperations(forum, admininfo, config.Reasonpm))
{
return;
}
}
if (action.CompareTo("moderate") != 0)
{
if ("delete,highlight,close".IndexOf(operation) == -1)
{
AddErrLine("你无权操作此功能");
return;
}
operation = action;
}
else
{
if (operation.CompareTo("") == 0)
{
operation = DNTRequest.GetString("operat");
}
if (operation.CompareTo("") == 0)
{
AddErrLine("您没有选择商品或相应的管理操作,请返回修改");
return;
}
}
if (!BindTitle())
{
return;
}
}
public feedproxy()
{
if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()))
{
return;
}
// if (ForumUtils.IsCrossSitePost())
// return;
XmlDocument doc = new XmlDocument();
string url = DNTRequest.GetQueryString("url");
if (url == null || url == string.Empty)
{
return;
}
url = HttpUtility.UrlDecode(url);
string enc = "utf-8";
if (DNTRequest.GetQueryString("enc") != "")
{
enc = DNTRequest.GetQueryString("enc");
}
string err = "";
HttpWebResponse response = Globals.GetPageResponse(url, out err);
if (response == null)
{
HttpContext.Current.Response.Write(err);
HttpContext.Current.Response.End();
return;
}
Encoding encoding = Encoding.GetEncoding(enc);
HttpContext.Current.Response.ContentType = "text/html"; //response.ContentType;
HttpContext.Current.Response.ContentEncoding = Encoding.UTF8;
Stream instream = response.GetResponseStream();
doc.Load(instream);
XmlNode rootnode = doc.SelectSingleNode("/rss/channel");
StringBuilder json = new StringBuilder("{");
foreach (XmlNode node in rootnode.ChildNodes)
{
switch (node.Name.ToLower())
{
case "image":
break;
case "item":
break;
default:
json.AppendFormat("\"{0}\":\"{1}\",", node.Name.ToLower(), node.InnerText.Replace("\"", "\\\""));
break;
}
}
json.Remove(json.Length - 1, 1);
json.Append(",\"items\":[");
XmlNodeList items = doc.SelectNodes("/rss/channel/item");
foreach (XmlNode node in items)
{
json.Append("{");
foreach (XmlNode newnode in node)
{
json.AppendFormat(@"""{0}"":""{1}"",", newnode.Name.ToLower(), newnode.InnerText.Replace("\"", "\\\"").Replace("\n", "\\n").Replace("\r", ""));
}
json.Remove(json.Length - 1, 1);
json.Append("},");
}
json.Remove(json.Length - 1, 1);
json.Append("]}");
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.Write(json.ToString());
HttpContext.Current.Response.End();
}
protected override void ShowPage()
{
pagetitle = "用户管理";
operationtitle = "操作提示";
if (userid == -1)
{
AddErrLine("请先登录");
return;
}
action = DNTRequest.GetQueryString("action");
if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()) || action == "")
{
AddErrLine("非法提交");
return;
}
if (action == "")
{
AddErrLine("操作类型参数为空");
return;
}
// 如果拥有管理组身份
admininfo = AdminGroups.GetAdminGroupInfo(useradminid);
// 如果所属管理组不存在
if (admininfo == null)
{
AddErrLine("你没有管理权限");
return;
}
operateduid = DNTRequest.GetInt("uid", -1);
if (operateduid == -1)
{
AddErrLine("没有选择要操作的用户");
return;
}
operateduser = Discuz.Forum.Users.GetShortUserInfo(operateduid);
if (operateduser == null)
{
AddErrLine("选择的用户不存在");
return;
}
if (operateduser.Adminid > 0)
{
AddErrLine("无法对拥有管理权限的用户进行操作, 请管理员登录后台进行操作");
return;
}
operatedusername = operateduser.Username;
if (!ispost)
{
Utils.WriteCookie("reurl", DNTRequest.GetUrlReferrer());
switch (action)
{
case "banuser":
operationtitle = "禁止用户";
switch (operateduser.Groupid)
{
case 4:
bantype = 1;
break;
case 5:
bantype = 2;
break;
case 6:
bantype = 3;
break;
default:
bantype = 0;
break;
}
if (!ValidateBanUser())
{
AddErrLine("您没有禁止用户的权限");
return;
}
break;
default:
break;
}
}
else
{
switch (action)
{
case "banuser":
operationtitle = "禁止用户";
DoBanUserOperation();
break;
default:
break;
}
}
}
