示例#1
0
        //public proxy()
        protected override void OnInit(System.EventArgs e)
        {
            if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()))
            {
                return;
            }

            string url = DNTRequest.GetQueryString("url");

            if (url == null || url == string.Empty)
            {
                return;
            }
            url = HttpUtility.UrlDecode(url);

            string enc = "utf-8";

            if (DNTRequest.GetQueryString("enc") != "")
            {
                enc = DNTRequest.GetQueryString("enc");
            }
            string err = "";

            if (enc == "gb2312")
            {
                url = Globals.EncodeStringAsGB2312(url);
            }
            HttpWebResponse response = Globals.GetPageResponse(url, out err);

            if (response == null)
            {
                HttpContext.Current.Response.Write(err);
                HttpContext.Current.Response.End();
                return;
            }
//			WebHeaderCollection headers = response.Headers;
//			foreach (string key in headers.Keys)
//			{
//				HttpContext.Current.Response.AppendHeader(key, headers[key]);
//			}
            Encoding encoding = Encoding.GetEncoding(enc);

            HttpContext.Current.Response.ContentType = response.ContentType;
            Stream       instream = response.GetResponseStream();
            StreamReader sr       = new StreamReader(instream, encoding);

            //返回结果网页(html)代码
            string content = sr.ReadToEnd();

            HttpContext.Current.Response.ContentEncoding = encoding;
            HttpContext.Current.Response.Write(content);
            HttpContext.Current.Response.End();
        }
示例#2
0
        protected override void ShowPage()
        {
            int logoutUid = userid;

            pagetitle = "用户退出";
            username  = "******";
            userid    = -1;

            base.AddScript("if (top.document.getElementById('leftmenu')){ top.frames['leftmenu'].location.reload(); }");

            if (!DNTRequest.IsPost() || reurl != "")
            {
                string r = (!Utils.StrIsNullOrEmpty(reurl)) ? reurl : "";

                if (reurl == "")
                {
                    r = (DNTRequest.GetUrlReferrer() == "" || DNTRequest.GetUrlReferrer().IndexOf("login") > -1 || DNTRequest.GetUrlReferrer().IndexOf("logout") > -1) ?
                        "index.aspx" : DNTRequest.GetUrlReferrer();
                }

                Utils.WriteCookie("reurl", (reurl == "" || reurl.IndexOf("login.aspx") > -1) ? r : reurl);
            }

            if (DNTRequest.GetString("userkey") == userkey || IsApplicationLogout())
            {
                AddMsgLine("已经清除了您的登录信息, 稍后您将以游客身份返回首页");

                OnlineUsers.DeleteRows(olid);
                ForumUtils.ClearUserCookie();
                Utils.WriteCookie(Utils.GetTemplateCookieName(), "", -999999);

                System.Web.HttpContext.Current.Response.AppendCookie(new System.Web.HttpCookie("dntadmin"));

                //同步登录到第三方应用
                if (APIConfigs.GetConfig().Enable)
                {
                    AddMsgLine(Sync.GetLogoutScript(logoutUid));
                }

                if (!APIConfigs.GetConfig().Enable || !Sync.NeedAsyncLogout())
                {
                    MsgForward("logout_succeed");
                }
            }
            else
            {
                AddMsgLine("无法确定您的身份, 稍后返回首页");
            }

            SetUrl(Utils.UrlDecode(ForumUtils.GetReUrl()));
            SetMetaRefresh();
            SetShowBackLink(false);
        }
        protected override void ShowPage()
        {
            pagetitle = "选择模板";

            if (userid == -1 && config.Guestcachepagetimeout > 0)
            {
                AddErrLine("当前的系统设置不允许游客选择模板");
                return;
            }

            int templateid = DNTRequest.GetInt("templateid", 0);

            if (templateid > 0)
            {
                if (!System.IO.Directory.Exists(Utils.GetMapPath("../" + templateid)))
                {
                    AddErrLine("您所选择的模板不存在!");
                    return;
                }
                if (!Utils.InArray(templateid.ToString(), Templates.GetValidTemplateIDList()))
                {
                    templateid = config.Templateid;
                }

                Utils.WriteCookie(Utils.GetTemplateCookieName(), templateid.ToString(), 999999);
                string referrer = string.Format("http://{0}{1}", DNTRequest.GetCurrentFullHost(), forumpath);

                if (referrer != "")
                {
                    SetUrl(Utils.InArray(referrer, "logout.aspx,showtemplate.aspx") ? "index.aspx" : referrer);
                }
                else
                {
                    SetUrl("index.aspx");
                }
                MsgForward("showtemplate_succeed", true);
                AddMsgLine("切换模板成功, 返回切换模板前页面");
                SetMetaRefresh();
                SetShowBackLink(false);
            }
            else
            {
                if ((DNTRequest.GetUrlReferrer() == "") || (DNTRequest.GetUrlReferrer().IndexOf("showtemplate") > -1))
                {
                    ForumUtils.WriteCookie("reurl", "index.aspx");
                }
                else
                {
                    ForumUtils.WriteCookie("reurl", DNTRequest.GetUrlReferrer());
                }
            }
        }
示例#4
0
        protected override void ShowPage()
        {
            pagetitle = "选择模板";

            if (userid == -1 && config.Guestcachepagetimeout > 0)
            {
                AddErrLine("当前的系统设置不允许游客选择模板");
                return;
            }

            int templateid = DNTRequest.GetInt("templateid", 0);

            if (templateid > 0)
            {
                if (!System.IO.Directory.Exists(Utils.GetMapPath("../" + templateid)))
                {
                    AddErrLine("您所选择的模板不存在!");
                    return;
                }
                string strtemplateid = Templates.GetValidTemplateIDList();
                if (!Utils.InArray(templateid.ToString(), strtemplateid))
                {
                    templateid = config.Templateid;
                }
                Utils.WriteCookie(Utils.GetTemplateCookieName(), templateid.ToString(), 999999);

                string rurl = ForumUtils.GetReUrl();
                SetUrl(rurl.IndexOf("logout.aspx") > -1 || rurl.IndexOf("showtemplate.aspx") > -1 ? "index.aspx" : rurl);
                AddMsgLine("切换模板成功, 返回切换模板前页面");
                SetMetaRefresh();
                SetShowBackLink(false);
            }
            else
            {
                templatelist = Templates.GetValidTemplateList();
                if ((DNTRequest.GetUrlReferrer() == "") || (DNTRequest.GetUrlReferrer().IndexOf("showtemplate") > -1))
                {
                    ForumUtils.WriteCookie("reurl", "index.aspx");
                }
                else
                {
                    ForumUtils.WriteCookie("reurl", DNTRequest.GetUrlReferrer());
                }
            }
        }
示例#5
0
        public static void Process()
        {
            if (Utils.StrIsNullOrEmpty(DNTRequest.GetUrlReferrer()))
            {
                string[] array    = DecodeUid(DNTRequest.GetString("input")).Split(',');
                var      userInfo = Users.GetUserInfo(array[0].ToInt());
                if (userInfo == null || DNTRequest.GetString("appid") != Utils.MD5(userInfo.Name + userInfo.Password + userInfo.ID + array[1]))
                {
                    return;
                }
            }
            else
            {
                if (ForumUtils.IsCrossSitePost())
                {
                    return;
                }
            }
            string t = DNTRequest.GetString("t");

            try
            {
                if (Utils.InArray(t, "deleteattach,getattachlist,deletepostsbyuidanddays,deletepost,ignorepost,passpost,deletetopic,ignoretopic,passtopic,getimagelist,getblocklist,getpagelist,forumtree,topictree,quickreply,report,getdebatepostpage,confirmbuyattach,getnewpms,getnewnotifications,getajaxforums,checkuserextcredit,diggdebates,imagelist,debatevote"))
                {
                    //HttpContext.Current.Server.Transfer("sessionajax.aspx?t=" + t + "&reason=" + DNTRequest.GetString("reason"));
                    //return;
                    new SessionAjaxPage();
                }
                else
                {
                    new AjaxPage();
                }
            }
            catch (Exception ex)
            {
                XTrace.WriteException(ex);
            }
        }
示例#6
0
 /// <summary>
 /// 设置reurl
 /// </summary>
 private void SetReUrl()
 {
     //未提交或跨页提交时
     if (!DNTRequest.IsPost() || referer != "")
     {
         string r = "";
         if (referer != "")
         {
             r = DNTRequest.GetUrlReferrer();
         }
         else
         {
             if ((DNTRequest.GetUrlReferrer() == "") || (DNTRequest.GetUrlReferrer().IndexOf("login") > -1) || DNTRequest.GetUrlReferrer().IndexOf("logout") > -1)
             {
                 r = "index.aspx";
             }
             else
             {
                 r = DNTRequest.GetUrlReferrer();
             }
         }
         Utils.WriteCookie("reurl", (DNTRequest.GetQueryString("reurl") == "" || DNTRequest.GetQueryString("reurl").IndexOf("login.aspx") > -1) ? r : DNTRequest.GetQueryString("reurl"));
     }
 }
示例#7
0
        protected override void ShowPage()
        {
            if (!ispost)
            {
                if (tid <= 0)
                {
                    AddErrLine("不存在的主题ID"); return;
                }
                TopicInfo topic = Topics.GetTopicInfo(tid);
                if (topic == null)
                {
                    AddErrLine("不存在的主题"); return;
                }
                switch (action)
                {
                case "emailfriend":
                    title        = "分享";
                    emailcontent = "你好!我在 {0} 看到了这篇帖子,认为很有价值,特推荐给你。\r\n{1}\r\n地址 {2}\r\n希望你能喜欢。";
                    if (topic != null)
                    {
                        topictitle   = topic.Title;
                        emailcontent = string.Format(emailcontent, config.Forumtitle, topictitle, DNTRequest.GetUrlReferrer());
                    }
                    break;

                case "viewvote":
                    title = "参与投票的会员";
                    PollInfo pollinfo = Polls.GetPollInfo(tid);
                    if (pollinfo == null)
                    {
                        AddErrLine("不存在的调查"); return;
                    }
                    if (!(pollinfo.Allowview == 1 || pollinfo.Uid == userid || Moderators.IsModer(useradminid, userid, topic.Fid)))
                    {
                        AddErrLine("您没有查看投票人的权限"); return;
                    }
                    pollOptionList = Polls.GetPollOptionList(tid);
                    bool allowvote;
                    if (polloptionid == "0" || polloptionid == "")
                    {
                        voters = Polls.GetVoters(tid, userid, username, out allowvote);
                    }
                    else
                    {
                        foreach (DataRow dr in pollOptionList.Rows)
                        {
                            if (dr["polloptionid"].ToString() == polloptionid.ToString())
                            {
                                string[] votername = Utils.SplitString(dr["votername"].ToString().Trim(), " <");
                                foreach (string user in votername)
                                {
                                    voters += "<li>" + (user.StartsWith("<") ? user : "******" + user) + "</li>";
                                }
                            }
                        }
                        if (voters == "")
                        {
                            voters = "<li>暂无人投票</li>";
                        }
                    }
                    break;
                }
            }
            else
            {
                SendEmail();
            }
        }
示例#8
0
        protected override void ShowPage()
        {
            if (!this.ispost)
            {
                if (this.tid <= 0)
                {
                    base.AddErrLine("不存在的主题ID");
                    return;
                }
                var topicInfo = Topic.FindByID(this.tid);
                if (topicInfo == null)
                {
                    base.AddErrLine("不存在的主题");
                    return;
                }
                string a;
                if ((a = this.action) != null)
                {
                    if (!(a == "emailfriend"))
                    {
                        if (!(a == "viewvote"))
                        {
                            return;
                        }
                        this.title = "参与投票的会员";

                        var pollInfo = Poll.FindByTid(tid);
                        if (pollInfo == null)
                        {
                            base.AddErrLine("不存在的调查");
                            return;
                        }
                        if (pollInfo.AllowView != true && pollInfo.Uid != this.userid && !Moderators.IsModer(this.useradminid, this.userid, topicInfo.Fid))
                        {
                            base.AddErrLine("您没有查看投票人的权限");
                            return;
                        }
                        this.pollOptionList = PollOption.FindAllByTid(tid);

                        if (polloptionid == 0)
                        {
                            bool flag;
                            this.voters = GetVoters(this.tid, this.userid, this.username, out flag);
                            return;
                        }
                        foreach (var item in pollOptionList)
                        {
                            if (item.ID == polloptionid)
                            {
                                string[] array  = Utils.SplitString(item.VoterNames.Trim(), " <");
                                string[] array2 = array;
                                for (int i = 0; i < array2.Length; i++)
                                {
                                    string text = array2[i];
                                    this.voters = this.voters + "<li>" + (text.StartsWith("<") ? text : ("<" + text)) + "</li>";
                                }
                            }
                        }
                        if (String.IsNullOrEmpty(this.voters))
                        {
                            this.voters = "<li>暂无人投票</li>";
                            return;
                        }
                    }
                    else
                    {
                        this.title        = "分享";
                        this.emailcontent = "你好!我在 {0} 看到了这篇帖子,认为很有价值,特推荐给你。\r\n{1}\r\n地址 {2}\r\n希望你能喜欢。";
                        if (topicInfo != null)
                        {
                            this.topictitle   = topicInfo.Title;
                            this.emailcontent = string.Format(this.emailcontent, this.config.Forumtitle, this.topictitle, DNTRequest.GetUrlReferrer());
                            return;
                        }
                    }
                }
            }
            else
            {
                this.SendEmail();
            }
        }
示例#9
0
        public AttachUploadPage()
        {
            if (!DNTRequest.GetRawUrl().Contains("action=swfupload") && ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost())) //如果是跨站提交...
            {
                return;
            }

            //处理flash批量上传无法获取userid的问题
            bool canpostattach = true;

            if (DNTRequest.GetString("operation") == "upload")
            {
                string uploadUserid = DNTRequest.GetString("uid");
                int    olid         = Discuz.Forum.OnlineUsers.GetOlidByUid(TypeConverter.StrToInt(uploadUserid));
                if (olid > 0)
                {
                    OnlineUserInfo oluserinfo = Discuz.Forum.OnlineUsers.GetOnlineUser(olid);
                    string         hash       = Discuz.Common.DES.Encode(oluserinfo.Olid.ToString() + "," + oluserinfo.Username.ToString(), oluserinfo.Password.Substring(0, 10)).Replace("+", "[");
                    if (DNTRequest.GetString("hash") == hash)
                    {
                        userid        = oluserinfo.Userid;
                        usergroupinfo = UserGroups.GetUserGroupInfo(oluserinfo.Groupid);
                    }
                    else
                    {
                        canpostattach = false;
                    }
                }
                else
                {
                    canpostattach = false;
                }
            }

            UserInfo  userinfo     = Users.GetUserInfo(userid);
            ForumInfo forum        = Forums.GetForumInfo(forumid);
            int       MaxTodaySize = (userid > 0 ? Attachments.GetUploadFileSizeByuserid(userid) : 0);
            //今天可上传得大小
            int attachsize = usergroupinfo.Maxsizeperday - MaxTodaySize;
            //得到用户可以上传的文件类型
            string attachmentTypeSelect   = Attachments.GetAllowAttachmentType(usergroupinfo, forum);
            string attachextensions       = Attachments.GetAttachmentTypeArray(attachmentTypeSelect);
            string attachextensionsnosize = Attachments.GetAttachmentTypeString(attachmentTypeSelect);

            if (DNTRequest.GetString("action") == "swfupload" && DNTRequest.GetString("operation") == "config")
            {
                GetConfig(userid, attachextensionsnosize, attachsize, DNTRequest.GetString("type").Trim() == "image");
            }
            else
            {
                //处理附件
                string        msg = "";
                StringBuilder sb  = new StringBuilder();
                canpostattach &= UserAuthority.PostAttachAuthority(forum, usergroupinfo, userid, ref msg);
                if (!canpostattach)
                {
                    ResponseXML(sb.Append("DISCUZUPLOAD|11|0|-1").ToString());//11,上传权限
                    return;
                }
                if (attachsize <= 0)
                {
                    ResponseXML(sb.Append("DISCUZUPLOAD|3|0|-1").ToString());//3,附件大小超限
                    return;
                }

                //得到今天允许用户上传的附件总大小(字节)
                AttachmentInfo[] attachmentinfoarray = ForumUtils.SaveRequestFiles(forumid, config.Maxattachments, usergroupinfo.Maxsizeperday, usergroupinfo.Maxattachsize, MaxTodaySize,
                                                                                   attachextensions, forum.Disablewatermark == 1 ? 0 : config.Watermarkstatus, config, "Filedata", DNTRequest.GetString("type") == "image");
                if (attachmentinfoarray.Length > 0)//已有上传文件
                {
                    int    aId      = DNTRequest.GetInt("aid", 0);
                    string noUpload = "";

                    foreach (AttachmentInfo attachmentinfo in attachmentinfoarray)
                    {
                        noUpload           = string.IsNullOrEmpty(attachmentinfo.Sys_noupload) ? noUpload : attachmentinfo.Sys_noupload;
                        attachmentinfo.Uid = userid;
                    }

                    if (aId <= 0)
                    {
                        Attachments.CreateAttachments(attachmentinfoarray);
                    }
                    else if (string.IsNullOrEmpty(noUpload))
                    {
                        AttachmentInfo attchmentInfo = Attachments.GetAttachmentInfo(aId);
                        //判断当前用户是否为附件所有者
                        if (attchmentInfo == null || (userinfo.Adminid <= 0 && attchmentInfo.Uid != userid))
                        {
                            return;
                        }
                        attchmentInfo.Postdatetime = attachmentinfoarray[0].Postdatetime;
                        attchmentInfo.Filename     = attachmentinfoarray[0].Filename;
                        attchmentInfo.Description  = attachmentinfoarray[0].Description;
                        attchmentInfo.Filetype     = attachmentinfoarray[0].Filetype;
                        attchmentInfo.Filesize     = attachmentinfoarray[0].Filesize;
                        attchmentInfo.Attachment   = attachmentinfoarray[0].Attachment;
                        attchmentInfo.Width        = attachmentinfoarray[0].Width;
                        attchmentInfo.Height       = attachmentinfoarray[0].Height;
                        attchmentInfo.Isimage      = attachmentinfoarray[0].Isimage;
                        Attachments.UpdateAttachment(attchmentInfo);
                    }
                    StringBuilder text = new StringBuilder();
                    int           type = attachmentinfoarray[0].Filetype.StartsWith("image") ? 0 : -1;

                    int resultCode = GetNoUploadCode(noUpload);

                    if (aId <= 0)
                    {
                        if (DNTRequest.GetString("action") != "swfupload")
                        {
                            text.AppendFormat("DISCUZUPLOAD|{0}|{1}|{2}", resultCode, attachmentinfoarray[0].Aid, type);
                        }
                        else
                        {
                            text.AppendFormat(resultCode != 0 ? "error" : attachmentinfoarray[0].Aid.ToString());
                        }
                    }
                    else
                    {
                        text.AppendFormat("DISCUZUPDATE|{0}|{1}|{2}|{3}", resultCode, attachmentinfoarray[0].Attachment, aId, type);
                    }
                    ResponseXML(text.ToString());
                }
            }
        }
示例#10
0
文件: useradmin.cs 项目: xiongeee/BBX
        protected override void ShowPage()
        {
            this.pagetitle = "用户管理";
            if (this.userid == -1)
            {
                base.AddErrLine("请先登录");
                return;
            }
            if (ForumUtils.IsCrossSitePost() || this.action.IsNullOrEmpty())
            {
                base.AddErrLine("非法提交");
                return;
            }
            if (String.IsNullOrEmpty(this.action))
            {
                base.AddErrLine("操作类型参数为空");
                return;
            }
            this.admininfo = AdminGroup.FindByID(this.usergroupid);
            if (this.admininfo == null)
            {
                base.AddErrLine("你没有管理权限");
                return;
            }
            if (this.operateduid == -1)
            {
                base.AddErrLine("没有选择要操作的用户");
                return;
            }
            this.operateduser = BBX.Entity.User.FindByID(this.operateduid);
            if (this.operateduser == null)
            {
                base.AddErrLine("选择的用户不存在");
                return;
            }
            if (this.operateduser.AdminID > 0)
            {
                base.AddErrLine("无法对拥有管理权限的用户进行操作, 请管理员登录后台进行操作");
                return;
            }
            this.operatedusername = this.operateduser.Name;
            if (!this.ispost)
            {
                Utils.WriteCookie("reurl", DNTRequest.GetUrlReferrer());
                if (this.action == "banuser")
                {
                    this.operationtitle = "禁止用户";
                    switch (this.operateduser.GroupID)
                    {
                    case 4:
                        this.bantype     = 1;
                        this.groupexpiry = "(" + Utils.FormatDate(this.operateduser.GroupExpiry) + ")";
                        break;

                    case 5:
                        this.bantype     = 2;
                        this.groupexpiry = "(" + Utils.FormatDate(this.operateduser.GroupExpiry) + ")";
                        break;

                    case 6:
                        this.bantype     = 3;
                        this.groupexpiry = "(" + Utils.FormatDate(this.operateduser.GroupExpiry) + ")";
                        break;

                    default:
                        this.bantype = 0;
                        break;
                    }
                    if (!admininfo.AllowBanUser)
                    {
                        base.AddErrLine("您没有禁止用户的权限");
                        return;
                    }
                }
            }
            else
            {
                if (this.action == "banuser")
                {
                    this.operationtitle = "禁止用户";
                    this.DoBanUserOperation();
                }
            }
        }
示例#11
0
        private void CreatePmFriendMessage()
        {
            int tid = DNTRequest.GetInt("tid", 0);

            if (tid == 0)
            {
                return;
            }

            var tp = Topic.FindByID(tid);

            this.message = string.Format("你好!我在 {0} 看到了这篇帖子,认为很有价值,特推荐给你。\r\n\r\n{1}\r\n地址 {2}\r\n\r\n希望你能喜欢。", this.config.Forumtitle, tp.Title, DNTRequest.GetUrlReferrer());
        }
示例#12
0
        /// <summary>
        /// 获取主题帖信息
        /// </summary>
        /// <param name="admininfo"></param>
        /// <returns></returns>
        public PostInfo GetPostAndTopic(AdminGroupInfo admininfo)
        {
            PostInfo postinfo = new PostInfo();

            //如果帖子id和主题id都没有指定
            if (postid == -1 && topicid == -1)
            {
                AddErrLine("无效的主题ID");
                return(postinfo);
            }

            //如果帖子id被指定
            if (postid != -1)
            {
                postinfo = Posts.GetPostInfo(topicid, postid);
                if (postinfo == null)
                {
                    AddErrLine("无效的帖子ID");
                    return(postinfo);
                }
                if (topicid != postinfo.Tid)
                {
                    AddErrLine("主题ID无效");
                    return(postinfo);
                }

                //如果帖子作者是禁止发言,禁止访问,禁止IP用户组或者帖子invisible属性小于0,则不允许引用及回复


                if (!string.IsNullOrEmpty(DNTRequest.GetString("quote")))
                {
                    if (Utils.InArray(Users.GetShortUserInfo(postinfo.Posterid).Groupid.ToString(), "4,5,6") || postinfo.Invisible != 0)
                    {
                        postinfo.Message = "**** 作者被禁止或删除 内容自动屏蔽 ****";
                    }

                    if ((postinfo.Message.IndexOf("[hide]") > -1) && (postinfo.Message.IndexOf("[/hide]") > -1))
                    {
                        message = string.Format("[quote] 原帖由 [b]{0}[/b] 于 {1} 发表\r\n ***隐藏帖*** [/quote]", postinfo.Poster, postinfo.Postdatetime);
                    }
                    //message = "[quote] 原帖由 [b]" + postinfo.Poster + "[/b] 于 " + postinfo.Postdatetime + " 发表\r\n ***隐藏帖*** [/quote]";
                    else
                    {
                        message = string.Format("[quote]{0}\r\n [color=#999999]{1} 发表于 {2} [/color][url={3}#{4}][img]{5}images/common/back.gif[/img][/url][/size][/quote]"
                                                , UBB.ClearAttachUBB(Utils.GetSubString(postinfo.Message, 200, "......")), postinfo.Poster, postinfo.Postdatetime, DNTRequest.GetUrlReferrer(), postid, Utils.GetRootUrl(forumpath));
                    }
                }
            }

            // 获取该主题的信息
            topic = Topics.GetTopicInfo(topicid);
            // 如果该主题不存在
            if (topic == null)
            {
                AddErrLine("不存在的主题ID");
                return(postinfo);
            }

            topictitle = topic.Title.Trim();
            pagetitle  = topictitle;
            forumid    = topic.Fid;

            // 如果当前用户非管理员并且该主题已关闭,不允许用户发帖
            if ((admininfo == null || !Moderators.IsModer(admininfo.Admingid, userid, forumid)) && topic.Closed == 1)
            {
                AddErrLine("主题已关闭无法回复");
                return(postinfo);
            }

            if (topic.Readperm > usergroupinfo.Readaccess && topic.Posterid != userid && useradminid != 1)
            {
                if (forum.Moderators != null && !Utils.InArray(username, forum.Moderators.Split(',')))
                {
                    AddErrLine("本主题阅读权限为: " + topic.Readperm + ", 您当前的身份 \"" + usergroupinfo.Grouptitle + "\" 阅读权限不够");
                }
            }

            return(postinfo);
        }
示例#13
0
        private void CreatePmFriendMessage()
        {
            int tid = DNTRequest.GetInt("tid", 0);

            if (tid == 0)
            {
                return;
            }
            message = string.Format("你好!我在 {0} 看到了这篇帖子,认为很有价值,特推荐给你。\r\n\r\n{1}\r\n地址 {2}\r\n\r\n希望你能喜欢。",
                                    config.Forumtitle, Topics.GetTopicInfo(tid).Title, DNTRequest.GetUrlReferrer());
        }
示例#14
0
        protected override void ShowPage()
        {
            if (config.Enablemall == 0) //未启用交易服务
            {
                AddErrLine("系统未开启交易服务, 当前页面暂时无法访问!");
                return;
            }

            if (userid == -1)
            {
                AddErrLine("请先登录");
                return;
            }
            if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()) || action == "")
            {
                AddErrLine("非法提交");
                return;
            }

            goodscategoryinfo = GoodsCategories.GetGoodsCategoryInfoById(categoryid);
            forumid           = goodscategoryinfo.Fid;
            // 检查是否具有版主的身份
            ismoder = Moderators.IsModer(useradminid, userid, forumid);
            // 如果拥有管理组身份
            AdminGroupInfo admininfo = AdminGroups.GetAdminGroupInfo(usergroupid);

            operationtitle = "操作提示";
            SetUrl(base.ShowGoodsListAspxRewrite(categoryid, 0));

            if (action == "")
            {
                AddErrLine("操作类型参数为空");
                return;
            }
            if (forumid == -1)
            {
                AddErrLine("无效的商品分类ID");
                return;
            }
            if (DNTRequest.GetFormString("goodsid") != "" && !Goods.InSameCategory(goodslist, categoryid))
            {
                AddErrLine("无法对非本分类商品进行管理操作");
                return;
            }

            forum     = Forums.GetForumInfo(forumid);
            forumname = forum.Name;

            if (!Forums.AllowViewByUserId(forum.Permuserlist, userid))        //判断当前用户在当前版块浏览权限
            {
                if (forum.Viewperm == null || forum.Viewperm == string.Empty) //当板块权限为空时,按照用户组权限
                {
                    if (useradminid != 1 && (usergroupinfo.Allowvisit != 1 || usergroupinfo.Allowtrade != 1))
                    {
                        AddErrLine("您当前的身份 \"" + usergroupinfo.Grouptitle + "\" 没有浏览该商品的权限");
                        return;
                    }
                }
                else //当板块权限不为空,按照板块权限
                {
                    if (!Forums.AllowView(forum.Viewperm, usergroupid))
                    {
                        AddErrLine("您没有浏览该商品的权限");
                        return;
                    }
                }
            }

            pagetitle = Utils.RemoveHtml(forumname);
            forumnav  = ForumUtils.UpdatePathListExtname(forum.Pathlist.Trim(), config.Extname);

            if (goodslist.CompareTo("") == 0)
            {
                AddErrLine("您没有选择商品或相应的管理操作,请返回修改");
                return;
            }

            if (operation.CompareTo("") != 0)
            {
                // DoOperations执行管理操作
                if (!DoOperations(forum, admininfo, config.Reasonpm))
                {
                    return;
                }
            }

            if (action.CompareTo("moderate") != 0)
            {
                if ("delete,highlight,close".IndexOf(operation) == -1)
                {
                    AddErrLine("你无权操作此功能");
                    return;
                }
                operation = action;
            }
            else
            {
                if (operation.CompareTo("") == 0)
                {
                    operation = DNTRequest.GetString("operat");
                }

                if (operation.CompareTo("") == 0)
                {
                    AddErrLine("您没有选择商品或相应的管理操作,请返回修改");
                    return;
                }
            }

            if (!BindTitle())
            {
                return;
            }
        }
示例#15
0
        public feedproxy()
        {
            if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()))
            {
                return;
            }
//			if (ForumUtils.IsCrossSitePost())
//				return;

            XmlDocument doc = new XmlDocument();
            string      url = DNTRequest.GetQueryString("url");

            if (url == null || url == string.Empty)
            {
                return;
            }
            url = HttpUtility.UrlDecode(url);

            string enc = "utf-8";

            if (DNTRequest.GetQueryString("enc") != "")
            {
                enc = DNTRequest.GetQueryString("enc");
            }
            string err = "";

            HttpWebResponse response = Globals.GetPageResponse(url, out err);

            if (response == null)
            {
                HttpContext.Current.Response.Write(err);
                HttpContext.Current.Response.End();
                return;
            }
            Encoding encoding = Encoding.GetEncoding(enc);

            HttpContext.Current.Response.ContentType     = "text/html";         //response.ContentType;
            HttpContext.Current.Response.ContentEncoding = Encoding.UTF8;
            Stream instream = response.GetResponseStream();

            doc.Load(instream);

            XmlNode rootnode = doc.SelectSingleNode("/rss/channel");

            StringBuilder json = new StringBuilder("{");

            foreach (XmlNode node in rootnode.ChildNodes)
            {
                switch (node.Name.ToLower())
                {
                case "image":
                    break;

                case "item":
                    break;

                default:
                    json.AppendFormat("\"{0}\":\"{1}\",", node.Name.ToLower(), node.InnerText.Replace("\"", "\\\""));
                    break;
                }
            }
            json.Remove(json.Length - 1, 1);
            json.Append(",\"items\":[");

            XmlNodeList items = doc.SelectNodes("/rss/channel/item");

            foreach (XmlNode node in items)
            {
                json.Append("{");
                foreach (XmlNode newnode in node)
                {
                    json.AppendFormat(@"""{0}"":""{1}"",", newnode.Name.ToLower(), newnode.InnerText.Replace("\"", "\\\"").Replace("\n", "\\n").Replace("\r", ""));
                }
                json.Remove(json.Length - 1, 1);
                json.Append("},");
            }
            json.Remove(json.Length - 1, 1);
            json.Append("]}");

            HttpContext.Current.Response.Clear();
            HttpContext.Current.Response.Write(json.ToString());
            HttpContext.Current.Response.End();
        }
示例#16
0
        protected override void ShowPage()
        {
            pagetitle = "用户登录";

            postusername = Utils.UrlDecode(DNTRequest.GetString("postusername")).Trim();

            if (this.userid != -1)
            {
                //SetUrl("/Forum/");
                SetMetaRefresh();
                SetShowBackLink(false);
                AddMsgLine("您已经登录,无须重复登录");
                ispost = true;
                SetLeftMenuRefresh();

                APIConfigInfo apiInfo = APIConfigs.GetConfig();
                if (apiInfo.Enable)
                {
                    APILogin(apiInfo);
                }
            }

            /*
             * if (LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), false) >= 5)
             * {
             *  AddMsgLine("您已经多次输入密码错误, 请15分钟后再登录");
             *  loginsubmit = false;
             *  return;
             * }
             */

            //未提交或跨页提交时
            if (!DNTRequest.IsPost() || referer != "")
            {
                string r = "";
                if (referer != "")
                {
                    r = referer;
                }
                else
                {
                    if ((DNTRequest.GetUrlReferrer() == "") || (DNTRequest.GetUrlReferrer().IndexOf("login") > -1) ||
                        DNTRequest.GetUrlReferrer().IndexOf("logout") > -1)
                    {
                        r = "index.aspx";
                    }
                    else
                    {
                        r = DNTRequest.GetUrlReferrer();
                    }
                }
                Utils.WriteCookie("reurl", (DNTRequest.GetQueryString("reurl") == "" || DNTRequest.GetQueryString("reurl").IndexOf("login.aspx") > -1) ? r : DNTRequest.GetQueryString("reurl"));
            }

            //如果提交...
            if (DNTRequest.IsPost())
            {
                StringBuilder builder = new StringBuilder();
                foreach (string key in System.Web.HttpContext.Current.Request.QueryString.AllKeys)
                {
                    if (key != "postusername")
                    {
                        builder.Append("&");
                        builder.Append(key);
                        builder.Append("=");
                        builder.Append(DNTRequest.GetQueryString(key));
                    }
                }
                base.SetBackLink("login.aspx?postusername="******"username")) + builder.ToString());


                //如果没输入验证码就要求用户填写
                if (isseccode && DNTRequest.GetString("vcode") == "")
                {
                    postusername = DNTRequest.GetString("username");
                    loginauth    = DES.Encode(DNTRequest.GetString("password"), config.Passwordkey).Replace("+", "[");
                    loginsubmit  = true;
                    return;
                }

                bool isExistsUserByName = Discuz.Forum.Users.Exists(DNTRequest.GetString("username"));
                if (!isExistsUserByName)
                {
                    Discuz.Data.DatabaseProvider.GetInstance().ClubLoginLog(1, -1, System.Web.HttpContext.Current.Request.UserHostAddress, 7);
                    AddErrLine("用户不存在");
                }

                if (DNTRequest.GetString("password").Equals("") && DNTRequest.GetString("loginauth") == "")
                {
                    AddErrLine("密码不能为空");
                }

                if (IsErr())
                {
                    return;
                }

                if (!Utils.StrIsNullOrEmpty(loginauth))
                {
                    postpassword = DES.Decode(loginauth.Replace("[", "+"), config.Passwordkey);
                }
                else
                {
                    postpassword = DNTRequest.GetString("password");
                }

                if (postusername == "")
                {
                    postusername = DNTRequest.GetString("username");
                }

                int uid = -1;
                if (config.Passwordmode == 1)
                {
                    if (config.Secques == 1 && (!Utils.StrIsNullOrEmpty(loginauth) || !loginsubmit))
                    {
                        uid = Discuz.Forum.Users.CheckDvBbsPasswordAndSecques(postusername,
                                                                              postpassword,
                                                                              DNTRequest.GetInt("question", 0),
                                                                              DNTRequest.GetString("answer"));
                    }
                    else
                    {
                        uid = Discuz.Forum.Users.CheckDvBbsPassword(postusername, postpassword);
                    }
                }
                else
                {
                    if (config.Secques == 1 && (!Utils.StrIsNullOrEmpty(loginauth) || !loginsubmit))
                    {
                        uid = Discuz.Forum.Users.CheckPasswordAndSecques(postusername,
                                                                         postpassword,
                                                                         true,
                                                                         DNTRequest.GetInt("question", 0),
                                                                         DNTRequest.GetString("answer"));
                    }
                    else
                    {
                        uid = Discuz.Forum.Users.CheckPassword(postusername, postpassword, true);
                    }
                }


                if (uid != -1)
                {
                    ShortUserInfo userinfo = Discuz.Forum.Users.GetShortUserInfo(uid);
                    if (userinfo.Groupid == 8)
                    {
                        AddErrLine("抱歉, 您的用户身份尚未得到验证");
                        if (config.Regverify == 1)
                        {
                            AddMsgLine("请您到您的邮箱中点击激活链接来激活您的帐号");
                        }

                        if (config.Regverify == 2)
                        {
                            AddMsgLine("您需要等待一些时间, 待系统管理员审核您的帐户后才可登录使用");
                        }
                        loginsubmit = false;
                    }
                    else
                    {
                        if (!Utils.StrIsNullOrEmpty(userinfo.Secques) && loginsubmit && Utils.StrIsNullOrEmpty(DNTRequest.GetString("loginauth")))
                        {
                            loginauth = DES.Encode(DNTRequest.GetString("password"), config.Passwordkey).Replace("+", "[");
                        }
                        else
                        {
                            LoginLogs.DeleteLoginLog(DNTRequest.GetIP());
                            UserCredits.UpdateUserCredits(uid);
                            ForumUtils.WriteUserCookie(
                                uid,
                                Utils.StrToInt(DNTRequest.GetString("expires"), -1),
                                config.Passwordkey,
                                DNTRequest.GetInt("templateid", 0),
                                DNTRequest.GetInt("loginmode", -1));
                            OnlineUsers.UpdateAction(olid, UserAction.Login.ActionID, 0);
                            //无延迟更新在线信息
                            oluserinfo = OnlineUsers.UpdateInfo(config.Passwordkey, config.Onlinetimeout);
                            olid       = oluserinfo.Olid;
                            Discuz.Forum.Users.UpdateUserLastvisit(uid, DNTRequest.GetIP());

                            string reurl = Utils.UrlDecode(ForumUtils.GetReUrl());
                            if (reurl.IndexOf("register.aspx") < 0)
                            {
                                SetUrl(reurl);
                            }
                            else
                            {
                                SetUrl("index.aspx");
                            }

                            APIConfigInfo apiInfo = APIConfigs.GetConfig();
                            if (apiInfo.Enable)
                            {
                                APILogin(apiInfo);
                            }

                            Discuz.Forum.Users.SaveUserIDToCookie(uid);

                            Discuz.Data.DatabaseProvider.GetInstance().ClubLoginLog(1, uid, System.Web.HttpContext.Current.Request.UserHostAddress, 5);
                            AddMsgLine("登录成功, 返回登录前页面");

                            userid        = uid;
                            usergroupinfo = UserGroups.GetUserGroupInfo(userinfo.Groupid);
                            // 根据用户组得到相关联的管理组id
                            useradminid = usergroupinfo.Radminid;

                            SetMetaRefresh();
                            SetShowBackLink(false);

                            SetLeftMenuRefresh();

                            loginsubmit = false;
                        }
                    }
                }
                else
                {
                    int errcount = LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true);
                    if (errcount > 5)
                    {
                        AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
                    }
                    else
                    {
                        if (isExistsUserByName)
                        {
                            uid = Discuz.Data.DatabaseProvider.GetInstance().GetuidByusername(postusername);
                        }
                        Discuz.Data.DatabaseProvider.GetInstance().ClubLoginLog(1, uid, System.Web.HttpContext.Current.Request.UserHostAddress, 6);
                        AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", errcount.ToString()));
                    }
                }
            }
        }
示例#17
0
        public AjaxPage()
        {
            config = GeneralConfigs.GetConfig();
            //如果是Flash提交
            if (Utils.StrIsNullOrEmpty(DNTRequest.GetUrlReferrer()))
            {
                string[] input    = DecodeUid(DNTRequest.GetString("input")).Split(','); //下标0为Uid,1为Olid
                UserInfo userInfo = Users.GetUserInfo(TypeConverter.StrToInt((input[0])));
                if (userInfo == null || DNTRequest.GetString("appid") != Utils.MD5(userInfo.Username + userInfo.Password + userInfo.Uid + input[1]))
                {
                    return;
                }
            }
            else if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost())) //如果是跨站提交...
            {
                return;
            }


            string type = DNTRequest.GetString("t");

            if (Utils.InArray(type, "deleteattach,getattachlist,deletepostsbyuidanddays,deletepost,ignorepost,passpost,deletetopic,ignoretopic,passtopic,getimagelist,getblocklist,getpagelist,forumtree,topictree,quickreply,report,getdebatepostpage,confirmbuyattach,getnewpms,getnewnotifications,getajaxforums,checkuserextcredit,diggdebates,imagelist,debatevote"))
            {
                //如果需要验证用户身份,跳转至继承了PageBase的页面
                try
                {
                    HttpContext.Current.Server.Transfer("sessionajax.aspx?t=" + type + "&reason=" + DNTRequest.GetString("reason"));
                }
                catch //子页面请求错误,期待更好方案
                { }
                return;
            }
            switch (type)
            {
            case "checkusername":
                CheckUserName();        //检查用户名是否存在
                break;

            case "album":      //相册
                GetAlbum();
                break;

            case "checkrewritename":
                CheckRewriteName();
                break;

            case "ratelist":
                GetRateLogList();       //帖子评分记录
                break;

            case "smilies":
                GetSmilies();
                break;

            case "relatekw":
                GetRelateKeyword();
                break;

            case "gettopictags":
                GetTopicTags();
                break;

            case "topicswithsametag":
                GetTopicsWithSameTag();
                break;

            case "getforumhottags":
                GetForumHotTags();
                break;

            case "getspaceposttags":
                GetSpacePostTags();
                break;

            case "getspacehottags":
                GetSpaceHotTags();
                break;

            case "getphototags":
                GetPhotoTags();
                break;

            case "getphotohottags":
                GetPhotoHotTags();
                break;

            case "getgoodstradelog":
                GetGoodsTradeLog(DNTRequest.GetInt("goodsid", 0), DNTRequest.GetInt("pagesize", 0), DNTRequest.GetInt("pageindex", 0), DNTRequest.GetString("orderby", true), DNTRequest.GetInt("ascdesc", 1));
                break;

            case "getgoodsleavewordbyid":
                GetGoodsLeaveWordById(DNTRequest.GetInt("leavewordid", 0));
                break;

            case "getgoodsleaveword":
                GetGoodsLeaveWord(DNTRequest.GetInt("goodsid", 0), DNTRequest.GetInt("pagesize", 0), DNTRequest.GetInt("pageindex", 0));
                break;

            case "ajaxgetgoodsratelist":
                GetGoodsRatesList(DNTRequest.GetInt("uid", 0), DNTRequest.GetInt("uidtype", 0), DNTRequest.GetInt("ratetype", 0), DNTRequest.GetString("filter", true));
                break;

            case "getmallhottags":
                GetMallHotTags();
                break;

            case "gethotgoods":
                GetHotGoods(DNTRequest.GetInt("days", 0), DNTRequest.GetInt("categoryid", 0), DNTRequest.GetInt("count", 0));
                break;

            case "getshopinfo":     //获取热门或新开的店铺信息
                GetShopInfoJson(DNTRequest.GetInt("shoptype", 0));
                break;

            case "getgoodslist":
                GetGoodsList(DNTRequest.GetInt("categoryid", 0), DNTRequest.GetInt("order", 0), DNTRequest.GetInt("topnumber", 0));
                break;

            case "gethotdebatetopic":
                Getdebatesjsonlist("gethotdebatetopic", DNTRequest.GetString("tidlist", true));
                break;

            case "recommenddebates":
                Getdebatesjsonlist("recommenddebates", DNTRequest.GetString("tidlist", true));
                break;

            case "addcommentdebates":
                ResponseXML(Debates.CommentDabetas(DNTRequest.GetInt("tid", 0), DNTRequest.GetString("commentdebates", true), DNTRequest.IsPost()));
                break;

            case "getpostinfo":
                GetPostInfo();
                break;

            case "getattachpaymentlog":    //获取指定符件id的附件交易日志
                GetAttachPaymentLogByAid(DNTRequest.GetInt("aid", 0));
                break;

            case "getiplist":
                GetIpList();
                break;

            case "getforumtopictypelist":
                GetForumTopicTypeList();
                break;

            case "image":
                GetImage();
                break;

            case "resetemail":
                ResetEmail();
                break;
            }
            if (DNTRequest.GetString("Filename") != "" && DNTRequest.GetString("Upload") != "")
            {
                string uid = DecodeUid(DNTRequest.GetString("input")).Split(',')[0];
                ResponseText(UploadTempAvatar(uid));
                return;
            }
            if (DNTRequest.GetString("avatar1") != "" && DNTRequest.GetString("avatar2") != "" && DNTRequest.GetString("avatar3") != "")
            {
                string uid = DecodeUid(DNTRequest.GetString("input")).Split(',')[0];
                CreateDir(uid);
                if (!(SaveAvatar("avatar1", uid) && SaveAvatar("avatar2", uid) && SaveAvatar("avatar3", uid)))
                {
                    File.Delete(Utils.GetMapPath(BaseConfigs.GetForumPath + "upload\\temp\\avatar_" + uid + ".jpg"));
                    ResponseText("<?xml version=\"1.0\" ?><root><face success=\"0\"/></root>");
                    return;
                }
                File.Delete(Utils.GetMapPath(BaseConfigs.GetForumPath + "upload\\temp\\avatar_" + uid + ".jpg"));
                ResponseText("<?xml version=\"1.0\" ?><root><face success=\"1\"/></root>");
                return;
            }
        }
示例#18
0
        protected override void ShowPage()
        {
            pagetitle = "用户退出";
            username  = "******";
            int uid = userid;

            userid = -2;
            StringBuilder script = new StringBuilder();

            script.Append("if (top.document.getElementById('leftmenu')){");
            script.Append("		top.frames['leftmenu'].location.reload();");
            script.Append("}");

            base.AddScript(script.ToString());

            string referer = DNTRequest.GetQueryString("reurl");

            if (!DNTRequest.IsPost() || referer != "")
            {
                string r = "";
                if (referer != "")
                {
                    r = referer;
                }
                else
                {
                    if ((DNTRequest.GetUrlReferrer() == "") || (DNTRequest.GetUrlReferrer().IndexOf("login") > -1) ||
                        DNTRequest.GetUrlReferrer().IndexOf("logout") > -1)
                    {
                        r = "index.aspx";
                    }
                    else
                    {
                        r = DNTRequest.GetUrlReferrer();
                    }
                }
                Utils.WriteCookie("reurl", (referer == "" || referer.IndexOf("login.aspx") > -1) ? r : referer);
            }


            SetUrl(Utils.UrlDecode(ForumUtils.GetReUrl()));

            SetMetaRefresh();
            SetShowBackLink(false);
            if (DNTRequest.GetString("userkey") == userkey || IsApplicationLogout())
            {
                AddMsgLine("已经清除了您的登录信息, 稍后您将以游客身份返回首页");
                //Users.UpdateOnlineTime(uid);
                OnlineUsers.DeleteRows(olid);
                ForumUtils.ClearUserCookie();
                Utils.WriteCookie(Utils.GetTemplateCookieName(), "", -999999);

                System.Web.HttpCookie cookie = new System.Web.HttpCookie("dntadmin");
                System.Web.HttpContext.Current.Response.AppendCookie(cookie);

                //System.Web.Security.FormsAuthentication.SignOut();
            }
            else
            {
                AddMsgLine("无法确定您的身份, 稍后返回首页");
            }

            Discuz.Forum.Users.RemoveUserIDFromCookie();
        }
示例#19
0
        protected override void ShowPage()
        {
            pagetitle = "用户管理";

            if (userid == -1)
            {
                AddErrLine("请先登录");
                return;
            }
            if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()) || Utils.StrIsNullOrEmpty(action))
            {
                AddErrLine("非法提交");
                return;
            }
            if (action == "")
            {
                AddErrLine("操作类型参数为空");
                return;
            }
            // 如果拥有管理组身份
            admininfo = AdminGroups.GetAdminGroupInfo(usergroupid);
            // 如果所属管理组不存在
            if (admininfo == null)
            {
                AddErrLine("你没有管理权限");
                return;
            }
            if (operateduid == -1)
            {
                AddErrLine("没有选择要操作的用户");
                return;
            }
            operateduser = Users.GetShortUserInfo(operateduid);
            if (operateduser == null)
            {
                AddErrLine("选择的用户不存在");
                return;
            }
            if (operateduser.Adminid > 0)
            {
                AddErrLine("无法对拥有管理权限的用户进行操作, 请管理员登录后台进行操作");
                return;
            }
            operatedusername = operateduser.Username;


            if (!ispost)
            {
                Utils.WriteCookie("reurl", DNTRequest.GetUrlReferrer());
                if (action == "banuser")
                {
                    operationtitle = "禁止用户";
                    switch (operateduser.Groupid)
                    {
                    case 4:
                        bantype     = 1;
                        groupexpiry = "(" + Utils.FormatDate(operateduser.Groupexpiry) + ")";
                        break;

                    case 5:
                        bantype     = 2;
                        groupexpiry = "(" + Utils.FormatDate(operateduser.Groupexpiry) + ")";
                        break;

                    case 6:
                        bantype     = 3;
                        groupexpiry = "(" + Utils.FormatDate(operateduser.Groupexpiry) + ")";
                        break;

                    default:
                        bantype = 0;
                        break;
                    }
                    if (admininfo.Allowbanuser != 1)
                    {
                        AddErrLine("您没有禁止用户的权限");
                        return;
                    }
                }
            }
            else if (action == "banuser")
            {
                operationtitle = "禁止用户";
                DoBanUserOperation();
            }
        }
示例#20
0
        protected override void ShowPage()
        {
            pagetitle      = "用户管理";
            operationtitle = "操作提示";

            if (userid == -1)
            {
                AddErrLine("请先登录");
                return;
            }
            action = DNTRequest.GetQueryString("action");
            if (ForumUtils.IsCrossSitePost(DNTRequest.GetUrlReferrer(), DNTRequest.GetHost()) || action == "")
            {
                AddErrLine("非法提交");
                return;
            }
            if (action == "")
            {
                AddErrLine("操作类型参数为空");
                return;
            }
            // 如果拥有管理组身份
            admininfo = AdminGroups.GetAdminGroupInfo(useradminid);
            // 如果所属管理组不存在
            if (admininfo == null)
            {
                AddErrLine("你没有管理权限");
                return;
            }
            operateduid = DNTRequest.GetInt("uid", -1);
            if (operateduid == -1)
            {
                AddErrLine("没有选择要操作的用户");
                return;
            }
            operateduser = Discuz.Forum.Users.GetShortUserInfo(operateduid);
            if (operateduser == null)
            {
                AddErrLine("选择的用户不存在");
                return;
            }
            if (operateduser.Adminid > 0)
            {
                AddErrLine("无法对拥有管理权限的用户进行操作, 请管理员登录后台进行操作");
                return;
            }
            operatedusername = operateduser.Username;

            if (!ispost)
            {
                Utils.WriteCookie("reurl", DNTRequest.GetUrlReferrer());
                switch (action)
                {
                case "banuser":
                    operationtitle = "禁止用户";
                    switch (operateduser.Groupid)
                    {
                    case 4:
                        bantype = 1;
                        break;

                    case 5:
                        bantype = 2;
                        break;

                    case 6:
                        bantype = 3;
                        break;

                    default:
                        bantype = 0;
                        break;
                    }
                    if (!ValidateBanUser())
                    {
                        AddErrLine("您没有禁止用户的权限");
                        return;
                    }
                    break;

                default:
                    break;
                }
            }
            else
            {
                switch (action)
                {
                case "banuser":
                    operationtitle = "禁止用户";
                    DoBanUserOperation();
                    break;

                default:
                    break;
                }
            }
        }