Skip to content

Instantly share code, notes, and snippets.

@zacyu

zacyu/view.php Secret

Created October 11, 2015 07:56
Show Gist options
  • Save zacyu/8ed569008acff5ed05b5 to your computer and use it in GitHub Desktop.
Save zacyu/8ed569008acff5ed05b5 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
view.php
<?php
/*
if (!$_GET['nocache'] && strpos($_SERVER['HTTP_REFERER'],'bilibili.tv')===false && @file_exists(dirname(__FILE__)."/..".$path))
{
$path=preg_replace("#/[0-9]{2}/([0-9]+)/#","/av\\1/",$path);
# header("Location: ".str_replace("/index.html","/",$path));
# exit;
}
*/
if (!$_GET['aid'])
{
$_SERVER['REQUEST_URI'] = ($_SERVER['REQUEST_URI'] == "/plus/view.php" && $_SERVER['HTTP_X_REQUEST_URI'] ? $_SERVER['HTTP_X_REQUEST_URI'] : $_SERVER['REQUEST_URI']);
$noCached = false;
if (preg_match("/^\/video\/av([0-9]+)\/(.*)$/",$_SERVER['REQUEST_URI'],$m))
{
$noCached = true;
$_GET['aid'] = $m[1];
if (preg_match("/index_([0-9]+)\.html?$/",$m[2],$ms))
{
$_GET['pageno'] = $ms[1];
}elseif (preg_match("/index_([0-9]+)\.js$/",$m[2],$ms))
{
$_GET['pageno'] = $ms[1];
$_GET['js']=1;
}elseif ($m[2]=="index.html" || $m[2]=="index.htm" || $m[2]=="" || $m[2]=="index.js")
{
$_GET['pageno'] = 1;
if ($m[2]=="index.js") $_GET['js']=1;
}else
{
echo file_get_contents(dirname(__FILE__)."/../404.htm");
exit;
}
}
}
require(dirname(__FILE__)."/../include/common.inc.php");
$t1 = ExecTime();
if(empty($okview))
{
$okview = '';
}
if(isset($arcID))
{
$aid = $arcID;
}
$arcID = $aid = (isset($aid) && is_numeric($aid)) ? $aid : 0;
if($aid==0)
{
header("Pragma: no-cache");
header("Cache-Control: no-cache, must-revalidate, max-age=0, no-store");
header("Expires: Thu, 31 Dec 1997 23:55:55 GMT");
header("HTTP/1.1 404 Not Found");
echo file_get_contents(dirname(__FILE__)."/../404.htm");
exit;
}
$arc = new Archives($aid);
if($arc->IsError)
{
header("Pragma: no-cache");
header("Cache-Control: no-cache, must-revalidate, max-age=0, no-store");
header("Expires: Thu, 31 Dec 1997 23:55:55 GMT");
ParamError();
}
if ($arc->Fields['arcrank']!=0){
if (!is_object($_member)) $_member = new MemoryMember(true);
header("Pragma: no-cache");
header("Cache-Control: no-cache, must-revalidate, max-age=0, no-store");
header("Expires: Thu, 31 Dec 1997 23:55:55 GMT");
}
//修复待审
if ($arc->Fields['arcrank'] == -6)
{
if ($arc->Fields['mid']!=$_member->M_ID && !$_member->CheckMultiRank(array(32000)))
{
$nocache = 1;
$arc = new Archives($aid,true);
}
}
//检查阅读权限
$needMoney = $arc->Fields['money'];
$needRank = $arc->Fields['arcrank'];
//设置了权限限制的文章
//arctitle msgtitle moremsg
if($needMoney>0 || $needRank>1 || $needRank < 0)
{
if (!is_object($_member)) $_member = new MemoryMember(true);
if (!$_member->CheckMultiRank(array(32000))){
switch($_member->CheckNotAllow())
{
case -2: ShowMsg("你已经被禁言,请与管理员联系!", "-1");exit(); break;
case -3: ShowMsg('请到邮箱收取激活邮件,并点击其中的激活链接激活账号以得到正常使用!', '-1');exit(); break;
case -4: ShowMsg("你已经被临时禁言,请与管理员联系!", "-1");exit(); break;
}
}
$arctitle = $arc->Fields['title'];
/*
$arclink = GetFileUrl($arc->ArcID,$arc->Fields["typeid"],$arc->Fields["senddate"],
$arc->Fields["title"],$arc->Fields["ismake"],$arc->Fields["arcrank"]);
*/
$arclink = $cfg_phpurl.'/view.php?aid='.$arc->ArcID;
$description = $arc->Fields["description"];
$pubdate = GetDateTimeMk($arc->Fields["pubdate"]);
//会员级别不足
if((($needRank>1 && $_member->mInfo['M_Rank'] < $needRank) || ($needRank <= -1 && $arc->Fields['mid']!=$_member->M_ID) && $needRank!=-5) && !$_member->CheckMultiRank(array(32000)))
{
if ($needRank == -4 && $arc->addTableRow['forward'])
{
ShowMsg("撞车视频,正在转向原地址……<br /><span style='display:block;text-align:left'>内容简介: <br />".$arc->Fields['description']."</span>","/video/av".$arc->addTableRow['forward']."/");
exit;
}
$dsql->Execute('me' , "Select * From `#@__arcrank` ");
while($row = $dsql->GetObject('me'))
{
$memberTypes[$row->rank] = $row->membername;
}
$memberTypes[0] = "游客或没权限会员";
$msgtitle = "你没有权限浏览";
$moremsg = "无法读取信息 错误代码<font color=#red>403</font>! 错误可能 1.您<font color=#red>无权访问</font>本页面 2.本页面已被<font color=#red>删除</font>";
if (!$_member->mInfo)
{
$moremsg.="<br /><br />您可以尝试 <a href=\"https://secure.bilibili.tv/login.php\">登陆</a> 或 <a href=\"https://secure.bilibili.tv/member/index_do.php?fmdo=user&dopost=regnew\">注册帐号</a>";
}
if($needRank < 0)
{
$moremsg = "此视频不存在或被删除.";
}
include_once(DEDETEMPLATE.'/plus/view_msg.htm');
exit();
}
//需要金币的情况
if( $needMoney > 0 && $arc->Fields['mid'] != $_member->M_ID)
{
$sql = "Select aid,money From `#@__member_operation` where buyid='ARCHIVE".$aid."' And mid='".$_member->M_ID."'";
$row = $dsql->GetOne($sql);
//未购买过此文章
if(!is_array($row))
{
if( $_member->mInfo['fields']['M_Money']=='' || $needMoney > $_member->mInfo['fields']['M_Money'])
{
$msgtitle = "你没有权限浏览文档:{$arctitle} !";
$moremsg = "这篇文档需要 <font color='red'>".$needMoney." 金币</font> 才能访问,你目前拥有金币:<font color='red'>".$_member->mInfo['fields']['M_Money']." 个</font> !";
include_once(DEDETEMPLATE.'/plus/view_msg.htm');
$arc->Close();
exit();
}
else
{
$inquery = "INSERT INTO `#@__member_operation`(mid,oldinfo,money,mtime,buyid,product,pname,sta)
VALUES ('".$_member->M_ID."','$arctitle','$needMoney','".time()."', 'ARCHIVE".$aid."', 'archive','购买文章', 2); ";
if(!$dsql->ExecuteNoneQuery($inquery))
{
ShowMsg('保存购买记录失败, 请与管理员联系!', '-1');
exit;
}
$dsql->ExecuteNoneQuery("Update `#@__member` set money=money-$needMoney where mid='".$_member->M_ID."'");
}
}
}//金币处理付处理
}
if (0 && $arc->Fields['arcrank']==0 && ($upcache || !$nocache))
{
//echo "<!-- Make html -->";
if(empty($GLOBALS['pageno']))
{
$arc->NowPage = 1;
}
else
{
$arc->NowPage = $GLOBALS['pageno'];
}
$arcurl = $arc->MakeHtml($arc->NowPage);
}else
{
$arc->Display();
}
if ($noCached)
{
if ($js) echo "//";
echo "<!--nocache-->";
}
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment