r($phpinfo,0,$end); $length = strlen($phpinfo)-1; $phpinfo=substr($phpinfo,$length); return $phpinfo; } /* ヘッダ */ function head(&$dat){ $dat['title'] = TITLE; $dat['home'] = HOME; $dat['self'] = PHP_SELF; $dat['self2'] = PHP_SELF2; $dat['paint'] = USE_PAINT ? true : false; $dat['applet'] = APPLET ? true : false; $dat['usepbbs'] = APPLET!=1 ? true : false; $dat['ver'] = POTI_VER; $dat['verlot'] = POTI_VERLOT; $dat['tver'] = TEMPLATE_VER; $dat['userdel'] = USER_DEL; $dat['charset'] = CHARSET_HTML; } /* 投稿フォーム */ function form(&$dat,$resno,$admin="",$tmp=""){ global $addinfo,$stime; global $fontcolors,$undo,$undo_in_mg,$quality,$qualitys; $dat['form'] = true; if(USE_PAINT){ $dat['palette'] = ''; $lines = file(PALETTEFILE); foreach ( $lines as $line ) { $line=ereg_replace("[\t\r\n]","",$line); list($pid,$pname,) = explode(",", $line); $dat['palette'] .= '\n"; } $dat['pdefw'] = PDEF_W; $dat['pdefh'] = PDEF_H; $dat['anime'] = USE_ANIME ? true : false; $dat['animechk'] = DEF_ANIME ? ' checked' : ''; $dat['pmaxw'] = PMAX_W; $dat['pmaxh'] = PMAX_H; if(USE_PAINT==2 && !$resno && !$admin){ $dat['paint2'] = true; $dat['form'] = false; } } if($resno){ $dat['resno'] = $resno; if(RES_UPLOAD) $dat['paintform'] = true; }else{ $dat['paintform'] = true; $dat['notres'] = true; } if($admin) $dat['admin'] = ADMIN_PASS; if($stime && DSP_PAINTTIME){ //描画時間 $ptime = ''; if($stime){ $psec = time()-$stime; if($psec >= 86400){ $D = intval($psec/86400); $ptime .= $D.PTIME_D; $psec -= $D*86400; } if($psec >= 3600){ $H = intval($psec/3600); $ptime .= $H.PTIME_H; $psec -= $H*3600; } if($psec >= 60){ $M = intval($psec/60); $ptime .= $M.PTIME_M; $psec -= $M*60; } if($psec){ $ptime .= $psec.PTIME_S; } } $dat['ptime'] = $ptime; } $dat['maxbyte'] = MAX_KB * 1024; $dat['usename'] = USE_NAME ? ' *' : ''; $dat['usesub'] = USE_SUB ? ' *' : ''; if(USE_COM||$resno) $dat['usecom'] = ' *'; if((!$resno && !$tmp) || (RES_UPLOAD && !$tmp)) $dat['upfile'] = true; $dat['maxkb'] = MAX_KB; $dat['maxw'] = $resno ? MAX_RESW : MAX_W; $dat['maxh'] = $resno ? MAX_RESH : MAX_H; $dat['addinfo'] = $addinfo; $dat['potitag'] = USE_POTITAG ? true : false; //文字色 if(USE_FONTCOLOR){ foreach ( $fontcolors as $fontcolor ){ list($color,$name) = explode(",", $fontcolor); $dat['fctable'][] = compact('color','name'); } } //アプレット設定 $dat['undo'] = $undo ? $undo : UNDO; $dat['undo_in_mg'] = $undo_in_mg ? $undo_in_mg : UNDO_IN_MG; $qline=''; foreach ( $qualitys as $q ){ $selq = ($q == $quality) ? ' selected' : ''; $qline .= '\n"; } $dat['qualitys'] = $qline; } /* 記事部分 */ function updatelog($resno=0){ global $path; $tree = file(TREEFILE); $find = false; if($resno){ $counttree=count($tree); for($i = 0;$i<$counttree;$i++){ list($artno,)=explode(",",rtrim($tree[$i])); if($artno==$resno){$st=$i;$find=true;break;} //レス先検索 } if(!$find) error(MSG001); } $line = file(LOGFILE); $countline=count($line); for($i = 0; $i < $countline; $i++){ list($no,) = explode(",", $line[$i]); $lineindex[$no]=$i + 1; //逆変換テーブル作成 } $counttree = count($tree); for($page=0;$page<$counttree;$page+=PAGE_DEF){ $oya = 0; //親記事のメイン添字 head($dat); form($dat,$resno); if(!$resno){ $st = $page; } for($i = $st; $i < $st+PAGE_DEF; $i++){ if($tree[$i]=="") continue; $treeline = explode(",", rtrim($tree[$i])); $disptree = $treeline[0]; $j=$lineindex[$disptree] - 1; //該当記事を探して$jにセット if($line[$j]=="") continue; //$jが範囲外なら次の行 list($no,$now,$name,$email,$sub,$com,$url, $host,$pwd,$ext,$w,$h,$time,$chk,$ptime,$fcolor) = explode(",", rtrim(charconvert($line[$j],CHARSET_IN))); // URLとメールにリンク //if($email) $name = "$name"; if(AUTOLINK) $com = auto_link($com); // '>'色設定 $com = eregi_replace("(^|>)((>|>)[^<]*)", "\\1".RE_START."\\2".RE_END, $com); // 画像ファイル名 $img = $path.$time.$ext; // 画像系変数セット if($ext && @is_file($img)){ $src = IMG_DIR.$time.$ext; $srcname = $time.$ext; $size = filesize($img); if($w && $h){ //サイズがある時 if(@is_file(THUMB_DIR.$time.'s.jpg')){ $thumb = true; $imgsrc = THUMB_DIR.$time.'s.jpg'; }else{ $imgsrc = $src; } } //描画時間 if(DSP_PAINTTIME) $painttime = $ptime; //動画リンク if(USE_ANIME){ if(@file_exists(PCH_DIR.$time.'.pch')) $pch = $time.$ext; if(@file_exists(PCH_DIR.$time.'.spch')) $pch = $time.$ext.'&shi=1'; } //コンティニュー if(USE_CONTINUE){ //if(@file_exists(PCH_DIR.$time.'.pch')||@file_exists(PCH_DIR.$time.'.spch')||$ext=='.jpg') $continue = $no; } } // そろそろ消える。 if($lineindex[$no]-1 >= LOG_MAX*LOG_LIMIT/100) $limit = true; // ミニフォーム用 if(USE_RESUB) $resub = 'Re: '.$sub; // レス省略 if(!$resno){ $s=count($treeline) - DSP_RES; if(ADMIN_NEWPOST&&!DSP_RES) {$skipres = $s - 1;} elseif($s<1 || !DSP_RES) {$s=1;} elseif($s>1) {$skipres = $s - 1;} //レス画像数調整 if(RES_UPLOAD){ //画像テーブル作成 $imgline=array(); for($k = $s; $k < count($treeline); $k++){ $disptree = $treeline[$k]; $j=$lineindex[$disptree] - 1; if($line[$j]=="") continue; list(,,,,,,,,,$rext,,,$rtime,,,) = explode(",", rtrim($line[$j])); $resimg = $path.$rtime.$rext; if($rext && @is_file($resimg)){ $imgline[]='img'; }else{ $imgline[]='0'; } } $resimgs = array_count_values($imgline); while($resimgs['img'] > DSP_RESIMG){ while($imgline[0]='0'){ //画像付きレスが出るまでシフト array_shift($imgline); $s++; } array_shift($imgline); //画像付きレス1つシフト $s++; $resimgs = array_count_values($imgline); } if($s>1) $skipres = $s - 1; //再計算 } }else{ $s=1; $dat['resub'] = $resub; //レス画面用 } //日付とIDを分離 if(ereg("( ID:)(.*)",$now,$regs)){ $id=$regs[2]; $now=ereg_replace("( ID:.*)","",$now); }else{$id='';} //日付と編集マークを分離 $updatemark=''; if(UPDATE_MARK){ if(strstr($now,UPDATE_MARK)){ $updatemark = UPDATE_MARK; $now=str_replace(UPDATE_MARK,"",$now); } } //名前とトリップを分離 $name=strip_tags($name);//タグ除去 if(ereg("(◆.*)",$name,$regs)){ $trip=$regs[1]; $name=ereg_replace("(◆.*)","",$name); }else{$trip='';} //TAB $tab=$oya+1; //文字色 $fontcolor = $fcolor ? $fcolor : DEF_FONTCOLOR; //

へ $com = eregi_replace("","
",$com); //独自タグ変換 if(USE_POTITAG) $com = potitag($com); // 親記事格納 $dat['oya'][$oya] = compact('src','srcname','size','painttime','pch','continue','thumb','imgsrc','w','h','no','sub','name','now','com','limit','skipres','resub','url','email','id','updatemark','trip','tab','fontcolor'); // 変数クリア unset($src,$srcname,$size,$painttime,$pch,$continue,$thumb,$imgsrc,$w,$h,$no,$sub,$name,$now,$com,$limit,$skipres,$resub,$url,$email); //レス作成 for($k = $s; $k < count($treeline); $k++){ $disptree = $treeline[$k]; $j=$lineindex[$disptree] - 1; if($line[$j]=="") continue; list($no,$now,$name,$email,$sub,$com,$url, $host,$pwd,$ext,$w,$h,$time,$chk,$ptime,$fcolor) = explode(",", rtrim(charconvert($line[$j],CHARSET_IN))); // URLとメールにリンク //if($email) $name = "$name"; if(AUTOLINK) $com = auto_link($com); // '>'色設定 $com = eregi_replace("(^|>)((>|>)[^<]*)", "\\1".RE_START."\\2".RE_END, $com); // ---------- レス画像対応 ---------- // 画像ファイル名 $img = $path.$time.$ext; // 画像系変数セット if($ext && @is_file($img)){ $src = IMG_DIR.$time.$ext; $srcname = $time.$ext; $size = filesize($img); if($w && $h){ //サイズがある時 if(@is_file(THUMB_DIR.$time.'s.jpg')){ $thumb = true; $imgsrc = THUMB_DIR.$time.'s.jpg'; }else{ $imgsrc = $src; } } //描画時間 if(DSP_PAINTTIME) $painttime = $ptime; //動画リンク if(USE_ANIME){ if(@file_exists(PCH_DIR.$time.'.pch')) $pch = $time.$ext; if(@file_exists(PCH_DIR.$time.'.spch')) $pch = $time.$ext.'&shi=1'; } //コンティニュー if(USE_CONTINUE){ //if(@file_exists(PCH_DIR.$time.'.pch')||@file_exists(PCH_DIR.$time.'.spch')||$ext=='.jpg') $continue = $no; } } //日付とIDを分離 if(ereg("( ID:)(.*)",$now,$regs)){ $id=$regs[2]; $now=ereg_replace("( ID:.*)","",$now); }else{$id='';} //日付と編集マークを分離 $updatemark=''; if(UPDATE_MARK){ if(strstr($now,UPDATE_MARK)){ $updatemark = UPDATE_MARK; $now=str_replace(UPDATE_MARK,"",$now); } } //名前とトリップを分離 $name=strip_tags($name);//タグ除去 if(ereg("(◆.*)",$name,$regs)){ $trip=$regs[1]; $name=ereg_replace("(◆.*)","",$name); }else{$trip='';} //文字色 $fontcolor = $fcolor ? $fcolor : DEF_FONTCOLOR; //

へ $com = eregi_replace("","
",$com); //独自タグ変換 if(USE_POTITAG) $com = potitag($com); // レス記事一時格納 $rres[$oya][] = compact('no','sub','name','now','com','url','email','id','updatemark','trip','fontcolor' ,'src','srcname','size','painttime','pch','continue','thumb','imgsrc','w','h'); // 変数クリア unset($no,$sub,$name,$now,$com,$url,$email ,$src,$srcname,$size,$painttime,$pch,$continue,$thumb,$imgsrc,$w,$h); } // レス記事一括格納 $dat['oya'][$oya]['res'] = $rres[$oya]; unset($rres); //クリア clearstatcache(); //ファイルのstatをクリア $oya++; if($resno){break;} //res時はtree1行だけ } if(!$resno){ //res時は表示しない $prev = $st - PAGE_DEF; $next = $st + PAGE_DEF; // 改ページ処理 if($prev >= 0){ if($prev==0){ $dat['prev'] = PHP_SELF2; }else{ $dat['prev'] = $prev/PAGE_DEF.PHP_EXT; } } $paging = ""; for($i = 0; $i < count($tree) ; $i+=PAGE_DEF){ if($st==$i){ $pformat = str_replace("", $i/PAGE_DEF, NOW_PAGE); }else{ if($i==0){ $pno = str_replace("", "0", OTHER_PAGE); $pformat = str_replace("", PHP_SELF2, $pno); }else{ $pno = str_replace("", $i/PAGE_DEF, OTHER_PAGE); $pformat = str_replace("", ($i/PAGE_DEF).PHP_EXT, $pno); } } $paging.=$pformat; } $dat['paging'] = $paging; if($oya >= PAGE_DEF && count($tree) > $next){ $dat['next'] = $next/PAGE_DEF.PHP_EXT; } } if($resno){htmloutput(RESFILE,$dat);break;} $dat['resform'] = RES_FORM ? true : false; htmltemplate::removeTag("q_escape"); htmltemplate::addTag("q_escape2"); $buf = htmloutput(MAINFILE,$dat,true); if($page==0){$logfilename=PHP_SELF2;} else{$logfilename=$page/PAGE_DEF.PHP_EXT;} $fp = fopen($logfilename, "w"); set_file_buffer($fp, 0); flock($fp, 2); //* rewind($fp); fputs($fp, $buf); fclose($fp); //chmod($logfilename,0666); //拡張子を.phpにした場合、↑で500エラーでるなら↓に変更 if(PHP_EXT!='.php'){chmod($logfilename,0666);} unset($dat); //クリア } if(!$resno&&@is_file(($page/PAGE_DEF+1).PHP_EXT)){unlink(($page/PAGE_DEF+1).PHP_EXT);} } /* オートリンク */ function auto_link($proto){ $proto = ereg_replace("(https?|ftp|news)(://[[:alnum:]\+\$\;\?\.%,!#~*/:@&=_-]+)","\\1\\2",$proto); return $proto; } /* 日付 */ function now_date($time){ $youbi = array('日','月','火','水','木','金','土'); $yd = $youbi[gmdate("w", $time+9*60*60)] ; $now = gmdate(DATE_FORMAT, $time+9*60*60); $now = str_replace("<1>", $yd, $now); //漢字の曜日セット1 $now = str_replace("<2>", $yd.'曜', $now); //漢字の曜日セット2 return $now; } /* エラー画面 */ function error($mes,$dest=''){ if(@is_file($dest)) unlink($dest); $dat['err_mode'] = true; head($dat); $dat['mes'] = $mes; htmloutput(OTHERFILE,$dat); exit; } function proxy_connect($port) { $fp = fsockopen (getenv("REMOTE_ADDR"), $port,$a,$b,2); if(!$fp){return 0;}else{return 1;} } /* 文字列の類似性を見積もる */ function similar_str($str1,$str2){ similar_text($str1, $str2, $p); return $p; } /* 記事書き込み */ function regist($name,$email,$sub,$com,$url,$pwd,$upfile,$upfile_name,$resto,$pictmp,$picfile){ global $path,$badstring,$badfile,$badip,$pwdc,$textonly,$bad_country; global $REQUEST_METHOD,$temppath,$ptime; global $fcolor,$usercode; // 時間 $time = time(); $tim = $time.substr(microtime(),2,3); // レス先が無ければエラー(v1.33) if($resto){ $tree = file(TREEFILE); $find = false; $counttree=count($tree); for($i = 0;$i<$counttree;$i++){ list($artno,)=explode(",",rtrim($tree[$i])); if($artno==$resto){$find=true;break;} //レス先検索 } if(!$find) error(MSG001); } // お絵かき絵アップロード処理 if($pictmp==2){ if(!$picfile) error(MSG002); $upfile = $temppath.$picfile; $upfile_name = $picfile; $picfile = str_replace(strrchr($picfile,"."),"",$picfile); //拡張子除去 $tim = KASIRA.$tim; //選択された絵が投稿者の絵か再チェック if(@file_exists($temppath.$picfile.".dat")){ $fp = fopen($temppath.$picfile.".dat", "r"); $userdata = fread($fp, 1024); fclose($fp); list($uip,$uhost,,,$ucode,) = explode("\t", rtrim($userdata)); $userip = getenv("HTTP_CLIENT_IP"); if(!$userip) $userip = getenv("HTTP_X_FORWARDED_FOR"); if(!$userip) $userip = getenv("REMOTE_ADDR"); if(($ucode != $usercode) && (IP_CHECK && $uip != $userip)){error(MSG007);} }else{error(MSG007);} } if($upfile&&@file_exists($upfile)){ $dest = $path.$tim.'.tmp'; if($pictmp==2){ copy($upfile, $dest); }else{ move_uploaded_file($upfile, $dest); //↑でエラーなら↓に変更 //copy($upfile, $dest); } $upfile_name = CleanStr($upfile_name); if(!@file_exists($dest)) error(MSG003,$dest); if(filesize($dest) > MAX_KB * 1024) error(MSG034,$dest); //追加(v1.32) $size = getimagesize($dest); if(!is_array($size)) error(MSG004,$dest); $chk = md5_of_file($dest); foreach($badfile as $value){if(ereg("^$value",$chk)){ error(MSG005,$dest); //拒絶画像 }} chmod($dest,0666); $W = $size[0]; $H = $size[1]; switch ($size[2]) { case 1 : $ext=".gif";break; case 2 : $ext=".jpg";break; case 3 : $ext=".png";break; default : error(MSG004,$dest); } // 画像表示縮小 $max_w = $resto ? MAX_RESW : MAX_W; $max_h = $resto ? MAX_RESH : MAX_H; if($W > $max_w || $H > $max_h){ $W2 = $max_w / $W; $H2 = $max_h / $H; ($W2 < $H2) ? $key = $W2 : $key = $H2; $W = ceil($W * $key); $H = ceil($H * $key); } $mes = "画像 $upfile_name のアップロードが成功しました

"; } $name = charconvert($name ,CHARSET_IN); $sub = charconvert($sub ,CHARSET_IN); $com = charconvert($com ,CHARSET_IN); $email = charconvert($email,CHARSET_IN); $url = charconvert($url ,CHARSET_IN); $ptime = charconvert($ptime,CHARSET_IN); foreach($badstring as $value){if(ereg($value,$com)||ereg($value,$sub)||ereg($value,$name)||ereg($value,$email)){error(MSG032,$dest);};} if($REQUEST_METHOD != "POST") error(MSG006,$dest); // フォーム内容をチェック if(!$name||ereg("^[ | |]*$",$name)) $name=""; if(!$com||ereg("^[ | |\t]*$",$com)) $com=""; if(!$sub||ereg("^[ | |]*$",$sub)) $sub=""; if(!$url||ereg("^[ | |]*$",$url)) $url=""; if(!$resto&&!$textonly&&!@is_file($dest)) error(MSG007,$dest); if(RES_UPLOAD&&$resto&&!$textonly&&!@is_file($dest)) error(MSG007,$dest); if(!$com&&!@is_file($dest)) error(MSG008,$dest); if(USE_NAME&&!$name) error(MSG009,$dest); if(USE_COM&&!$com) error(MSG008,$dest); if(USE_SUB&&!$sub) error(MSG010,$dest); //$name=ereg_replace("管理","\"管理\"",$name); //$name=ereg_replace("削除","\"削除\"",$name); if(strlen($com) > MAX_COM) error(MSG011,$dest); if(strlen($name) > MAX_NAME) error(MSG012,$dest); if(strlen($email) > MAX_EMAIL) error(MSG013,$dest); if(strlen($sub) > MAX_SUB) error(MSG014,$dest); if(strlen($resto) > 10) error(MSG015,$dest); //ホスト取得 $host = gethostbyaddr(getenv("REMOTE_ADDR")); foreach($badip as $value){ //拒絶host if(eregi("$value$",$host)) error(MSG016,$dest); } if(eregi("^mail",$host) || eregi("^ns",$host) || eregi("^dns",$host) || eregi("^ftp",$host) || eregi("^prox",$host) || eregi("^pc",$host) || eregi("^[^\.]\.[^\.]$",$host)){ $pxck = "on"; } if(eregi("ne\\.jp$",$host) || eregi("ad\\.jp$",$host) || eregi("bbtec\\.net$",$host) || eregi("aol\\.com$",$host) || eregi("uu\\.net$",$host) || eregi("asahi-net\\.or\\.jp$",$host) || eregi("rim\\.or\\.jp$",$host)){ $pxck = "off"; }else{ $pxck = "on"; } if($pxck=="on" && PROXY_CHECK){ if(proxy_connect('80') == 1){ error(MSG017,$dest); }elseif(proxy_connect('8080') == 1){ error(MSG018,$dest); } } //http回数チェック(v1.33) if(preg_match_all("/http/i", $com, $matches) > HTTP_COUNT) error(MSG032.'(http over)',$dest); //コメント内のURLが規制国かチェック(v1.33) $dummy = $com.$url; $comhttp = array(); while(ereg('(https?|ftp|news)(://[[:alnum:]\+\$\;\?\.%,!#~*/:@&=_-]+)', $dummy, $match)){ $dummy = str_replace($match[1].$match[2], '', $dummy); array_push($comhttp, $match[1].$match[2]); } if(is_array($comhttp)){ foreach($comhttp as $com_http){ $comurl = parse_url($com_http); if($comurl['host']){ $country = country_check(gethostbyname($comurl['host'])); if($country == 'XX' && (eregi("\.jp$",$comurl['host']) || eregi("bbtec\.net$",$comurl['host']) || eregi("aol\.com$",$comurl['host']) || eregi("uu\.net$",$comurl['host']))) $country = 'JP'; foreach($bad_country as $bad){ if(preg_match("/$bad/i", $country)) error(MSG032.'(http Country[ '.$country.' ])',$dest); } } } } // No.とパスと時間とURLフォーマット srand((double)microtime()*1000000); if($pwd==""){ if($pwdc==""){ $pwd=rand();$pwd=substr($pwd,0,8); }else{ $pwd=$pwdc; } } $c_pass = $pwd; $pass = ($pwd) ? substr(md5($pwd),2,8) : "*"; $now = now_date($time);//日付取得 if(DISP_ID){ if($email&&DISP_ID==1){ $now .= " ID:???"; }else{ $now .= " ID:".substr(crypt(md5(getenv("REMOTE_ADDR").ID_SEED.gmdate("Ymd", $time+9*60*60)),'id'),-8); } } //カンマを変換 $now = str_replace(",", ",", $now); $ptime = str_replace(",", ",", $ptime); //テキスト整形 $email= CleanStr($email); $email=ereg_replace("[\r\n]","",$email); $sub = CleanStr($sub); $sub =ereg_replace("[\r\n]","",$sub); $resto= CleanStr($resto); $resto=ereg_replace("[\r\n]","",$resto); $url = CleanStr($url); $url =ereg_replace("[\r\n]","",$url); $url = str_replace(" ", "", $url); $com = CleanStr($com); // 改行文字の統一。 $com = str_replace("\r\n", "\n", $com); $com = str_replace("\r", "\n", $com); // 連続する空行を一行 $com = ereg_replace("\n(( | )*\n){3,}","\n",$com); if(!BR_CHECK || substr_count($com,"\n")を代入する } $com = str_replace("\n", "", $com); //\nを文字列から消す $name=ereg_replace("◆","◇",$name); $name=ereg_replace("[\r\n]","",$name); $names=$name; if (get_magic_quotes_gpc()) {//¥を削除 $names = stripslashes($names); } $name=CleanStr($name); if(ereg("(#|#)(.*)",$names,$regs)){ $cap = $regs[2]; $cap=strtr($cap,"&", "&"); $cap=strtr($cap,",", ","); $name=ereg_replace("(#|#)(.*)","",$name); $salt=substr($cap."H.",1,2); $salt=ereg_replace("[^\.-z]",".",$salt); $salt=strtr($salt,":;<=>?@[\\]^_`","ABCDEFGabcdef"); $name.="◆".substr(crypt($cap,$salt),-10); } //ログ読み込み $fp=fopen(LOGFILE,"r+"); flock($fp, 2); rewind($fp); $buf=fread($fp,1000000); if($buf==''){error(MSG019,$dest);} $buf = charconvert($buf,CHARSET_IN); $line = explode("\n",$buf); $countline=count($line); for($i = 0; $i < $countline; $i++){ if($line[$i]!=""){ list($artno,)=explode(",", rtrim($line[$i])); //逆変換テーブル作成 $lineindex[$artno]=$i+1; $line[$i].="\n"; } } // 連続・二重投稿チェック (v1.32:仕様変更) for($i=0;$i<20;$i++){ list($lastno,,$lname,$lemail,$lsub,$lcom,$lurl,$lhost,$lpwd,,,,$ltime,) = explode(",", $line[$i]); $pchk=0; switch(POST_CHECKLEVEL){ case 1: //low if($host==$lhost || substr(md5($pwd),2,8)==$lpwd || substr(md5($pwdc),2,8)==$lpwd ){$pchk=1;} break; case 2: //middle if($host==$lhost || substr(md5($pwd),2,8)==$lpwd || substr(md5($pwdc),2,8)==$lpwd || (isset($name) && $name==$lname) || (isset($email) && $email==$lemail) || (isset($url) && $url==$lurl) || (isset($sub) && $sub==$lsub) ){$pchk=1;} break; case 3: //high if($host==$lhost || substr(md5($pwd),2,8)==$lpwd || substr(md5($pwdc),2,8)==$lpwd || (isset($name) && similar_str($name,$lname) > VALUE_LIMIT) || (isset($email) && similar_str($email,$lemail) > VALUE_LIMIT) || (isset($url) && similar_str($url,$lurl) > VALUE_LIMIT) || (isset($sub) && similar_str($sub,$lsub) > VALUE_LIMIT) ){$pchk=1;} break; case 4: //full $pchk=1; } if($pchk){ if(strlen($ltime)>10){$ltime=substr($ltime,0,-3);} if(RENZOKU && $time - $ltime < RENZOKU){error(MSG020,$dest);} if(RENZOKU2 && $time - $ltime < RENZOKU2 && $upfile_name){error(MSG021,$dest);} if(isset($com)){ switch(D_POST_CHECKLEVEL){ case 1: //low if($com == $lcom){error(MSG022,$dest);} break; case 2: //middle if(similar_str($com,$lcom) > COMMENT_LIMIT_MIDDLE){error(MSG022,$dest);} break; case 3: //high if(similar_str($com,$lcom) > COMMENT_LIMIT_HIGH){error(MSG022,$dest);} break; default: if($com == $lcom && !$upfile_name){error(MSG022,$dest);} } } } } // 移動(v1.32) if(!$name) $name=DEF_NAME; if(!$com) $com=DEF_COM; if(!$sub) $sub=DEF_SUB; // ログ行数オーバー if(count($line) >= LOG_MAX){ for($d = count($line)-1; $d >= LOG_MAX-1; $d--){ list($dno,,,,,,,,,$dext,,,$dtime,) = explode(",", $line[$d]); if(@is_file($path.$dtime.$dext)) unlink($path.$dtime.$dext); if(@is_file(THUMB_DIR.$dtime.'s.jpg')) unlink(THUMB_DIR.$dtime.'s.jpg'); if(@is_file(PCH_DIR.$dtime.'.pch')) unlink(PCH_DIR.$dtime.'.pch'); if(@is_file(PCH_DIR.$dtime.'.spch')) unlink(PCH_DIR.$dtime.'.spch'); $line[$d] = ""; treedel($dno); } } // アップロード処理 if($dest&&@file_exists($dest)){ for($i=0;$i<200;$i++){ //画像重複チェック list(,,,,,,,,,$extp,,,$timep,$chkp,) = explode(",", $line[$i]); if($chkp==$chk&&@file_exists($path.$timep.$extp)){ error(MSG005,$dest); } } } list($lastno,) = explode(",", $line[0]); $no = $lastno + 1; $newline = "$no,$now,$name,$email,$sub,$com,$url,$host,$pass,$ext,$W,$H,$tim,$chk,$ptime,$fcolor\n"; $newline.= implode('', $line); ftruncate($fp,0); set_file_buffer($fp, 0); rewind($fp); fputs($fp, charconvert($newline,CHARSET_OUT)); //ツリー更新 $find = false; $newline = ''; $tp=fopen(TREEFILE,"r+"); set_file_buffer($tp, 0); flock($tp, 2); //* rewind($tp); $buf=fread($tp,1000000); if($buf==''){error(MSG023,$dest);} $line = explode("\n",$buf); $countline=count($line); for($i = 0; $i < $countline; $i++){ if($line[$i]!=""){ $line[$i].="\n"; $j=explode(",", rtrim($line[$i])); if($lineindex[$j[0]]==0){ $line[$i]=''; } } } if($resto){ for($i = 0; $i < $countline; $i++){ $rtno = explode(",", rtrim($line[$i])); if($rtno[0]==$resto){ $find = TRUE; $line[$i]=rtrim($line[$i]).','.$no."\n"; $j=explode(",", rtrim($line[$i])); if(!(stristr($email,'sage') || (count($j)>MAX_RES))){ $newline=$line[$i]; $line[$i]=''; } break; } } } if(!$find){if(!$resto){$newline="$no\n";}else{error(MSG025,$dest);}} $newline.=implode('', $line); ftruncate($tp,0); set_file_buffer($tp, 0); rewind($tp); fputs($tp, $newline); fclose($tp); fclose($fp); //-- クッキー保存 -- //漢字を含まない項目はこちらの形式で追加 setcookie ("pwdc", $c_pass,time()+SAVE_COOKIE*24*3600); setcookie ("fcolorc", $fcolor,time()+SAVE_COOKIE*24*3600); //クッキー項目:"クッキー名<>クッキー値" ※漢字を含む項目はこちらに追加 $cooks = array("namec<>$names","emailc<>$email","urlc<>$url"); foreach ( $cooks as $cook ) { list($c_name,$c_cook) = explode('<>',$cook); if(function_exists("mb_convert_encoding")&&function_exists("mb_language")&&USE_MB){ mb_language(LANG); $c_cookie = mb_convert_encoding($c_cook, "UTF-8", "auto"); //to UTF-8 // jcode.php by TOMO }elseif(@file_exists("jcode.phps")||@file_exists("jcode.php")){ if(@file_exists("jcode.phps")){ require_once('jcode.phps'); } else{ require_once('jcode.php'); } global $table_jis_utf8; include_once('code_table.jis2ucs'); $c_cookie = JcodeConvert($c_cook, 0, 4); //to UTF-8 }elseif(function_exists("iconv")){ $c_cookie = iconv("euc-jp", "UTF-8", $c_cook); //to UTF-8 }else{ $c_cookie = $c_cook; } setcookie ($c_name, $c_cookie,time()+SAVE_COOKIE*24*3600); } if($dest&&@file_exists($dest)){ rename($dest,$path.$tim.$ext); if(USE_THUMB){thumb($path,$tim,$ext,$max_w,$max_h);} //ワークファイル削除 if(@file_exists($upfile)) unlink($upfile); if(@file_exists($temppath.$picfile.".dat")) unlink($temppath.$picfile.".dat"); //PCHファイルアップロード $pchtemp = $temppath.$picfile.'.pch'; if(@file_exists($pchtemp)){ copy($pchtemp, PCH_DIR.$tim.'.pch'); if(@file_exists(PCH_DIR.$tim.'.pch')){ chmod(PCH_DIR.$tim.'.pch',0666); unlink($pchtemp); } } //SPCHファイルアップロード $pchtemp = $temppath.$picfile.'.spch'; if(@file_exists($pchtemp)){ copy($pchtemp, PCH_DIR.$tim.'.spch'); if(@file_exists(PCH_DIR.$tim.'.spch')){ chmod(PCH_DIR.$tim.'.spch',0666); unlink($pchtemp); } } } updatelog(); //メール通知 if(@file_exists(NOTICEMAIL_FILE) //メール通知クラスがある場合 && !(NOTICE_NOADMIN && $pwd == ADMIN_PASS)){//管理者の投稿の場合メール出さない require_once(NOTICEMAIL_FILE); $data[to] = TO_MAIL; $data[name] = $name; $data[email] = $email; $data[option][] = 'URL,'.$url; $data[option][] = '記事題名,'.$sub; if(@file_exists($path.$tim.$ext)) $data[option][] = '投稿画像,'.ROOT_URL.IMG_DIR.$tim.$ext; if(@file_exists(THUMB_DIR.$tim.'s.jpg')) $data[option][] = 'サムネイル画像,'.ROOT_URL.THUMB_DIR.$tim.'s.jpg'; if(@file_exists(PCH_DIR.$tim.'.pch')) $data[option][] = 'アニメファイル,'.ROOT_URL.PCH_DIR.$tim.'.pch'; if(@file_exists(PCH_DIR.$tim.'.spch')) $data[option][] = 'アニメファイル,'.ROOT_URL.PCH_DIR.$tim.'.spch'; if($resto){ $data[subject] = '['.TITLE.'] No.'.$resto.'へのレスがありました'; $data[option][] = "\n記事URL,".ROOT_URL.PHP_SELF.'?res='.$resto; }else{ $data[subject] = '['.TITLE.'] 新規投稿がありました'; $data[option][] = "\n記事URL,".ROOT_URL.PHP_SELF.'?res='.$no; } if(SEND_COM) $data[comment] = eregi_replace("","\n", $com); noticemail::send($data,USE_MB); } header("Content-type: text/html; charset=".CHARSET_HTML); $str = "\n"; $str.= "\n"; $str.= "$mes 画面を切り替えます"; echo charconvert($str,CHARSET_OUT); } //ファイルmd5計算 php4.2.0未満用 function md5_of_file($inFile) { if (@file_exists($inFile)){ if(function_exists('md5_file')){ return md5_file($inFile); }else{ $fd = fopen($inFile, 'r'); $fileContents = fread($fd, filesize($inFile)); fclose ($fd); return md5($fileContents); } }else{ return false; } } //ツリー削除 function treedel($delno){ $fp=fopen(TREEFILE,"r+"); set_file_buffer($fp, 0); flock($fp, 2); rewind($fp); $buf=fread($fp,1000000); if($buf==''){error(MSG024);} $line = explode("\n",$buf); $countline=count($line); $find=false; for($i = 0; $i < $countline; $i++){if($line[$i]!=""){$line[$i].="\n";};} for($i = 0; $i < $countline; $i++){ $treeline = explode(",", rtrim($line[$i])); $counttreeline=count($treeline); for($j = 0; $j < $counttreeline; $j++){ if($treeline[$j] == $delno){ if($j==0){//スレ削除 if($countline<3){//スレが1つしかない場合、エラー防止の為に削除不可 fclose($fp); error(MSG026); }else{$line[$i]='';} }else{//レス削除 $treeline[$j]=''; $line[$i]=implode(',', $treeline); $line[$i]=ereg_replace(",,",",",$line[$i]); $line[$i]=ereg_replace(",$","",$line[$i]); $line[$i].="\n"; } $find=true; break 2; } } } if($find){//ツリー更新 ftruncate($fp,0); set_file_buffer($fp, 0); rewind($fp); fputs($fp, implode('', $line)); } fclose($fp); } /* テキスト整形 */ function CleanStr($str){ global $admin; $str = trim($str);//先頭と末尾の空白除去 if (get_magic_quotes_gpc()) {//¥を削除 $str = stripslashes($str); } if($admin!=ADMIN_PASS){//管理者はタグ可能 $str = htmlspecialchars($str);//タグっ禁止 $str = str_replace("&", "&", $str);//特殊文字 } return str_replace(",", ",", $str);//カンマを変換 } /* ユーザー削除 */ function usrdel($del,$pwd){ global $path,$pwdc,$onlyimgdel; $host = gethostbyaddr(getenv("REMOTE_ADDR")); if(is_array($del)){ sort($del); reset($del); if($pwd==""&&$pwdc!="") $pwd=$pwdc; $fp=fopen(LOGFILE,"r+"); set_file_buffer($fp, 0); flock($fp, 2); rewind($fp); $buf=fread($fp,1000000); if($buf==''){error(MSG027);} $buf = charconvert($buf,CHARSET_IN); $line = explode("\n",$buf); $countline=count($line); for($i = 0; $i < $countline; $i++){if($line[$i]!=""){$line[$i].="\n";};} $flag = false; $find = false; for($i = 0; $i 2){$line[$i] = "";$find = true;} } if(USER_DEL > 1){ $delfile = $path.$tim.$ext; //削除ファイル if(@is_file($delfile)) unlink($delfile);//削除 if(@is_file(THUMB_DIR.$tim.'s.jpg')) unlink(THUMB_DIR.$tim.'s.jpg');//削除 if(@is_file(PCH_DIR.$tim.'.pch')) unlink(PCH_DIR.$tim.'.pch');//削除 if(@is_file(PCH_DIR.$tim.'.spch')) unlink(PCH_DIR.$tim.'.spch');//削除 } $flag = true; } } if(!$flag)error(MSG028); if($find){//ログ更新 ftruncate($fp,0); set_file_buffer($fp, 0); rewind($fp); $newline = implode('', $line); fputs($fp, charconvert($newline,CHARSET_OUT)); } fclose($fp); } } /* パス認証 */ function valid($pass){ if($pass && $pass != ADMIN_PASS) error(MSG029); if(!$pass){ $dat['admin_in'] = true; head($dat); htmloutput(OTHERFILE,$dat); exit; } } /* 管理者削除 */ function admindel($pass){ global $path,$onlyimgdel,$del; if(is_array($del)){ sort($del); reset($del); $fp=fopen(LOGFILE,"r+"); set_file_buffer($fp, 0); flock($fp, 2); rewind($fp); $buf=fread($fp,1000000); if($buf==''){error(MSG030);} $buf = charconvert($buf,CHARSET_IN); $line = explode("\n",$buf); $countline=count($line); for($i = 0; $i < $countline; $i++){if($line[$i]!=""){$line[$i].="\n";};} $find = false; for($i = 0; $i < $countline; $i++){ list($no,,,,,,,,,$ext,,,$tim,,) = explode(",",$line[$i]); if(in_array($no,$del)){ if(!$onlyimgdel){ //記事削除 treedel($no); $line[$i] = ""; $find = true; } $delfile = $path.$tim.$ext; //削除ファイル if(@is_file($delfile)) unlink($delfile);//削除 if(@is_file(THUMB_DIR.$tim.'s.jpg')) unlink(THUMB_DIR.$tim.'s.jpg');//削除 if(@is_file(PCH_DIR.$tim.'.pch')) unlink(PCH_DIR.$tim.'.pch');//削除 if(@is_file(PCH_DIR.$tim.'.spch')) unlink(PCH_DIR.$tim.'.spch');//削除 } } if($find){//ログ更新 ftruncate($fp,0); set_file_buffer($fp, 0); rewind($fp); $newline = implode('', $line); fputs($fp, charconvert($newline,CHARSET_OUT)); } fclose($fp); } // 削除画面を表示 $dat['admin_del'] = true; head($dat); $dat['pass'] = $pass; $line = file(LOGFILE); for($j = 0; $j < count($line); $j++){ $img_flag = FALSE; list($no,$now,$name,$email,$sub,$com,$url, $host,$pw,$ext,$w,$h,$time,$chk,) = explode(",",charconvert($line[$j],CHARSET_IN)); // フォーマット //$now=ereg_replace('.{2}/(.*)$','\1',$now); //$now=ereg_replace('\(.*\)',' ',$now); $now = ereg_replace("( ID:.*)","",$now);//ID以降除去 $name = strip_tags($name);//タグ除去 if(strlen($name) > 10) $name = substr($name,0,9)."."; if(strlen($sub) > 10) $sub = substr($sub,0,9)."."; if($email) $name="$name"; $com = eregi_replace(""," ",$com); //$com = str_replace("
"," ",$com); $com = htmlspecialchars($com); if(strlen($com) > 20) $com = substr($com,0,18) . "."; // 画像があるときはリンク if($ext && @is_file($path.$time.$ext)){ $img_flag = TRUE; $clip = "".$time.$ext."
"; $size = filesize($path.$time.$ext); $all += $size; //合計計算 $chk= substr($chk,0,10); }else{ $clip = ""; $size = 0; $chk= ""; } $bg = ($j % 2) ? ADMIN_DELGUSU : ADMIN_DELKISU;//背景色 $dat['del'][$j] = compact('bg','no','now','sub','name','com','host','clip','size','chk'); } $dat['all'] = (int)($all / 1024); htmloutput(OTHERFILE,$dat); exit; } function init(){ $chkfile=array(LOGFILE,TREEFILE); if(!is_writable(realpath("./")))error("カレントディレクトリに書けません
"); foreach($chkfile as $value){ if(!@file_exists(realpath($value))){ $fp = fopen($value, "w"); set_file_buffer($fp, 0); $now = now_date(time());//日付取得 if(DISP_ID) $now .= " ID:???"; $testmes="1,".$now.",".DEF_NAME.",,".DEF_SUB.",".DEF_COM.",,\n"; if($value==LOGFILE)fputs($fp,charconvert($testmes,CHARSET_OUT)); if($value==TREEFILE)fputs($fp,"1\n"); fclose($fp); if(@file_exists(realpath($value)))@chmod($value,0666); } if(!is_writable(realpath($value)))$err.=$value."を書けません
"; if(!is_readable(realpath($value)))$err.=$value."を読めません
"; } @mkdir(IMG_DIR,0777);@chmod(IMG_DIR,0777); if(!is_dir(realpath(IMG_DIR)))$err.=IMG_DIR."がありません
"; if(!is_writable(realpath(IMG_DIR)))$err.=IMG_DIR."を書けません
"; if(!is_readable(realpath(IMG_DIR)))$err.=IMG_DIR."を読めません
"; if(USE_THUMB){ @mkdir(THUMB_DIR,0777);@chmod(THUMB_DIR,0777); if(!is_dir(realpath(THUMB_DIR)))$err.=THUMB_DIR."がありません
"; if(!is_writable(realpath(THUMB_DIR)))$err.=THUMB_DIR."を書けません
"; if(!is_readable(realpath(THUMB_DIR)))$err.=THUMB_DIR."を読めません
"; } if(USE_PAINT){ @mkdir(TEMP_DIR,0777);@chmod(TEMP_DIR,0777); if(!is_dir(realpath(TEMP_DIR)))$err.=TEMP_DIR."がありません
"; if(!is_writable(realpath(TEMP_DIR)))$err.=TEMP_DIR."を書けません
"; if(!is_readable(realpath(TEMP_DIR)))$err.=TEMP_DIR."を読めません
"; } if($err)error($err); if(!@file_exists(realpath(PHP_SELF2)))updatelog(); } /* お絵描き画面 */ function paintform($picw,$pich,$palette,$anime,$pch=""){ global $admin,$shi,$ctype,$type,$no,$pwd,$ext; global $resto,$mode,$savetype,$quality,$qualitys,$usercode; if($picw < 100) $picw = 100; if($pich < 100) $pich = 100; if($picw > PMAX_W) $picw = PMAX_W; if($pich > PMAX_H) $pich = PMAX_H; $w = $picw + 150; $h = $pich + 170; if($w < 400){$w = 400;} if($h < 420){$h = 420;} if($w < 500 && $shi){$w = 500;} if($h < 500 && $shi==2){$h = 500;} $dat['paint_mode'] = true; head($dat); form($dat,$resto); $dat['mode2'] = $mode; if($mode=="contpaint"){ $dat['no'] = $no; $dat['pch'] = $pch; $dat['ctype'] = $ctype; $dat['type'] = $type; $dat['pwd'] = $pwd; $dat['ext'] = $ext; if(@file_exists(PCH_DIR.$pch.'.pch')){ $dat['applet'] = false; }elseif(@file_exists(PCH_DIR.$pch.'.spch')){ $dat['applet'] = true; $dat['usepbbs'] = false; }elseif(@file_exists(IMG_DIR.$pch.$ext)){ $dat['applet'] = true; $dat['usepbbs'] = true; } if((C_SECURITY_CLICK || C_SECURITY_TIMER) && SECURITY_URL){ $dat['security'] = true; $dat['security_click'] = C_SECURITY_CLICK; $dat['security_timer'] = C_SECURITY_TIMER; } }else{ if((SECURITY_CLICK || SECURITY_TIMER) && SECURITY_URL){ $dat['security'] = true; $dat['security_click'] = SECURITY_CLICK; $dat['security_timer'] = SECURITY_TIMER; } $dat['newpaint'] = true; } $dat['security_url'] = SECURITY_URL; switch($savetype){ case 'PNG': $dat['image_jpeg'] = 'false'; $dat['image_size'] = IMAGE_SIZE; $savepng = ' selected'; break; case 'JPEG': $dat['image_jpeg'] = 'true'; $dat['image_size'] = 1; $savejpeg = ' selected'; break; default: $dat['image_jpeg'] = 'true'; $dat['image_size'] = IMAGE_SIZE; $saveauto = ' selected'; } $dat['savetypes'] = "\n"; $dat['savetypes'].= "\n"; $dat['savetypes'].= "\n"; $dat['compress_level'] = COMPRESS_LEVEL; $dat['layer_count'] = LAYER_COUNT; if($shi) $dat['quality'] = $quality ? $quality : $qualitys[0]; if($shi==1){ $dat['normal'] = true; } elseif($shi==2){ $dat['pro'] = true; } else{ $dat['paintbbs'] = true; } $dat['palettes'][0] = 'Palettes[0] = "#000000\n#FFFFFF\n#B47575\n#888888\n#FA9696\n#C096C0\n#FFB6FF\n#8080FF\n#25C7C9\n#E7E58D\n#E7962D\n#99CB7B\n#FCECE2\n#F9DDCF";'."\n"; $pal=array(); $DynP=array(); $p_cnt=1; $lines = file(PALETTEFILE); foreach ( $lines as $line ) { $line=ereg_replace("[\t\r\n]","",$line); list($pid,$pname,$pal[0],$pal[2],$pal[4],$pal[6],$pal[8],$pal[10],$pal[1],$pal[3],$pal[5],$pal[7],$pal[9],$pal[11],$pal[12],$pal[13]) = explode(",", $line); $DynP[]=CleanStr($pname); $palettes = 'Palettes['.$p_cnt.'] = "#'.$pal[0]; ksort($pal); array_shift($pal); foreach ( $pal as $p ) { $palettes.='\n#'.$p; } $palettes.='";'."\n"; $dat['palettes'][$p_cnt] = $palettes; $p_cnt++; if($pid==$palette){ $C_Palette = explode(",", $line); array_shift($C_Palette); array_shift($C_Palette); } } $dat['w'] = $w; $dat['h'] = $h; $dat['picw'] = $picw; $dat['pich'] = $pich; $stime = time(); $dat['stime'] = $stime; if($pwd) $pwd = substr(md5($pwd),2,8); $resto = ($resto) ? '&resto='.$resto : ''; $dat['mode'] = 'piccom'.$resto; $dat['animeform'] = true; $dat['anime'] = ($anime) ? true : false; if($ctype=='pch'){ if(@file_exists(PCH_DIR.$pch.'.pch')) $dat['pchfile'] = './'.PCH_DIR.$pch.'.pch'; if(@file_exists(PCH_DIR.$pch.'.spch')) $dat['pchfile'] = './'.PCH_DIR.$pch.'.spch'; } if($ctype=='img'){ $dat['animeform'] = false; $dat['anime'] = false; $dat['imgfile'] = './'.PCH_DIR.$pch.$ext; } if(ADMIN_NEWPOST&&$admin==ADMIN_PASS) $dat['admin'] = 'picpost'; if(isset($C_Palette)){ for ($n = 1;$n < 7;++$n) $cpal[$n*2-1] = $C_Palette[$n-1]; for ($n = 7;$n < 13;++$n) $cpal[$n-(13-$n)+1] = $C_Palette[$n-1]; for ($n = 13;$n < 15;++$n) $cpal[$n] = $C_Palette[$n-1]; ksort($cpal); $no = 1; foreach ($cpal as $pal){ $dat['cpal'][] = compact('no','pal'); $no++; } } $dat['palsize'] = count($DynP) + 1; foreach ($DynP as $p){ $dat['dynp'][] = $p; } $dat['usercode'] = $usercode; //差し換え時の認識コード追加 if($type=='rep'){ $repcode = substr(crypt(md5($no.getenv("REMOTE_ADDR").$pwd.date("Ymd", time()))),-8); //念の為にエスケープ文字があればアルファベットに変換 $repcode = strtr($repcode,"!\"#$%&'()+,/:;<=>?@[\\]^`/{|}~","ABCDEFGHIJKLMNOabcdefghijklmn"); $dat['mode'] = 'picrep&no='.$no.'&pwd='.$pwd.'&repcode='.$repcode; $dat['usercode'] = $usercode.'&repcode='.$repcode; } $buf = htmloutput(PAINTFILE,$dat,true); list($buf1,$buf2) = explode('', $buf); echo $buf1; if(@file_exists(SIIHELP_FILE)){ $help = implode('', file(SIIHELP_FILE)); echo charconvert($help,CHARSET_OUT); } echo $buf2; } /* お絵かきコメント */ function paintcom($resto=''){ global $admin,$usercode; if(USE_RESUB && $resto) { $lines = file(LOGFILE); $flag = FALSE; foreach($lines as $line){ list($cno,,,,$sub,,,,,,,,,,) = explode(",", charconvert($line,CHARSET_IN)); if($cno == $resto){ $dat['sub'] = 'Re: '.$sub; $flag = TRUE; break; } } if(!$flag) $resto=''; //スレが削除されていた場合、新規投稿 } //テンポラリ画像リスト作成 $tmplist = array(); $handle = @opendir(TEMP_DIR); while ($file = readdir($handle)) { if(!is_dir($file) && preg_match("/\.(dat)$/i",$file)) { $fp = fopen(TEMP_DIR.$file, "r"); $userdata = fread($fp, 1024); fclose($fp); list($uip,$uhost,$uagent,$imgext,$ucode,) = explode("\t", rtrim($userdata)); $file_name = eregi_replace("\.(dat)$","",$file); if(@file_exists(TEMP_DIR.$file_name.$imgext)) //画像があればリストに追加 $tmplist[] = $ucode."\t".$uip."\t".$file_name.$imgext; } } closedir($handle); $tmp = array(); if(count($tmplist)!=0){ //user-codeでチェック foreach($tmplist as $tmpimg){ list($ucode,$uip,$ufilename) = explode("\t", $tmpimg); if($ucode == $usercode) $tmp[] = $ufilename; } //user-codeでhitしなければIPで再チェック if(count($tmp)==0){ $userip = getenv("HTTP_CLIENT_IP"); if(!$userip) $userip = getenv("HTTP_X_FORWARDED_FOR"); if(!$userip) $userip = getenv("REMOTE_ADDR"); foreach($tmplist as $tmpimg){ list($ucode,$uip,$ufilename) = explode("\t", $tmpimg); if(!IP_CHECK || $uip == $userip) $tmp[] = $ufilename; } } } $dat['post_mode'] = true; $dat['regist'] = true; head($dat); if(IP_CHECK) $dat['ipcheck'] = true; if(count($tmp)==0){ $dat['notmp'] = true; $dat['pictmp'] = 1; }else{ $dat['pictmp'] = 2; sort($tmp); reset($tmp); foreach($tmp as $tmpfile){ $src = TEMP_DIR.$tmpfile; $srcname = $tmpfile; $date = gmdate("Y/m/d H:i", filemtime($src)+9*60*60); $dat['tmp'][] = compact('src','srcname','date'); } } if(ADMIN_NEWPOST&&$admin=='picpost') $dat['admin'] = $admin; form($dat,$resto,'',$tmp); htmloutput(OTHERFILE,$dat); } /* 動画表示 */ function openpch($pch,$sp=""){ global $shi; $picfile = IMG_DIR.$pch; $pch = str_replace( strrchr($pch,"."), "", $pch); //拡張子除去 if($shi==1){ $dat['normal'] = true; $pchfile = PCH_DIR.$pch.'.spch'; }else{ $dat['paintbbs'] = true; $pchfile = PCH_DIR.$pch.'.pch'; } $datasize = filesize($pchfile); $size = getimagesize($picfile); if(!$sp) $sp = PCH_SPEED; $picw = $size[0]; $pich = $size[1]; $w = $picw; $h = $pich + 26; if($w < 200){$w = 200;} if($h < 226){$h = 226;} $dat['pch_mode'] = true; head($dat); $dat['w'] = $w; $dat['h'] = $h; $dat['picw'] = $picw; $dat['pich'] = $pich; $dat['pchfile'] = './'.$pchfile; $dat['speed'] = $sp; $dat['datasize'] = $datasize; htmloutput(PAINTFILE,$dat); } /* テンポラリ内のゴミ除去 */ function deltemp(){ $tempfiles = array(); // v1.33 $allsize = 0; // v1.33 $handle = @opendir(TEMP_DIR); while($file = readdir($handle)){ if(!is_dir($file)){ $lapse = time() - filemtime(TEMP_DIR.$file); if($lapse > (TEMP_LIMIT*24*3600)){ // 期日制限による削除 unlink(TEMP_DIR.$file); }else{ // あとの容量制限チェックの為の準備(v1.33) $tempfiles[] = $file; $allsize += filesize(TEMP_DIR.$file); } } } closedir($handle); if($allsize > (TEMPDIR_MAX_KB*1024)){ // 容量制限による古いファイル削除(v1.33) sort($tempfiles); reset($tempfiles); $chkname = str_replace(strrchr($tempfiles[0],"."),"",$tempfiles[0]); foreach($tempfiles as $tempfile){ if(strstr($tempfile,$chkname.'.')){ $allsize -= filesize(TEMP_DIR.$tempfile); unlink(TEMP_DIR.$tempfile); }elseif($allsize > (TEMPDIR_MAX_KB*1024)){ $chkname = str_replace(strrchr($tempfile,"."),"",$tempfile); $allsize -= filesize(TEMP_DIR.$tempfile); unlink(TEMP_DIR.$tempfile); }else{ break; } } } } /* コンティニュー前画面 */ function incontinue($no){ global $addinfo; $lines = file(LOGFILE); $countline=count($line); $flag = FALSE; foreach($lines as $line){ list($cno,,,,,,,,,$cext,$picw,$pich,$ctim,,$cptime,) = explode(",", rtrim(charconvert($line,CHARSET_IN))); if($cno == $no){ $flag = TRUE; break; } } if(!$flag) error(MSG001); $dat['continue_mode'] = true; head($dat); if(CONTINUE_PASS) $dat['passflag'] = true; $dat['picfile'] = IMG_DIR.$ctim.$cext; $size = getimagesize($dat['picfile']); $dat['picw'] = $size[0]; $dat['pich'] = $size[1]; $dat['no'] = $no; $dat['pch'] = $ctim; $dat['ext'] = $cext; //描画時間 if(DSP_PAINTTIME) $dat['painttime'] = $cptime; if(@file_exists(PCH_DIR.$ctim.'.pch')){ $dat['applet'] = false; $dat['ctype_pch'] = true; }elseif(@file_exists(PCH_DIR.$ctim.'.spch')){ $dat['applet'] = true; $dat['usepbbs'] = false; $dat['ctype_pch'] = true; }elseif(@file_exists(IMG_DIR.$ctim.$cext)){ $dat['applet'] = true; $dat['usepbbs'] = true; } //if(@file_exists(IMG_DIR.$ctim.'.jpg')) $dat['ctype_jpg'] = true; $dat['ctype_img'] = true; $lines = file(PALETTEFILE); foreach ( $lines as $line ) { $line=ereg_replace("[\t\r\n]","",$line); list($pid,$pname,) = explode(",", $line); $dat['palette'] .= '\n"; } $dat['addinfo'] = $addinfo; htmloutput(PAINTFILE,$dat); } /* コンティニュー認証 */ function usrchk($no,$pwd){ $lines = file(LOGFILE); $countline=count($line); $flag = FALSE; foreach($lines as $line){ list($cno,,,,,,,,$cpwd,) = explode(",", charconvert($line,CHARSET_IN)); if($cno == $no && substr(md5($pwd),2,8) == $cpwd){ $flag = TRUE; break; } } if(!$flag) error(MSG028); } /* 編集画面 */ function editform($del,$pwd){ global $pwdc,$addinfo; global $fontcolors; $host = gethostbyaddr(getenv("REMOTE_ADDR")); if(is_array($del)){ sort($del); reset($del); if($pwd==""&&$pwdc!="") $pwd=$pwdc; $fp=fopen(LOGFILE,"r"); flock($fp, 2); $buf=fread($fp,1000000); fclose($fp); if($buf==''){error(MSG019);} $buf = charconvert($buf,CHARSET_IN); $line = explode("\n",$buf); $countline=count($line); for($i = 0; $i < $countline; $i++){if($line[$i]!=""){$line[$i].="\n";};} $flag = FALSE; for($i = 0; $i","\n",$com); //
または
を改行へ戻す $dat['com'] = $com; $dat['url'] = $url; $dat['pwd'] = $pwd; //文字色 if(USE_FONTCOLOR){ foreach ( $fontcolors as $fontcolor ){ list($color,$name) = explode(",", $fontcolor); $chk = ($color == $fcolor) ? true : false; $dat['fctable'][] = compact('color','name','chk'); } if(!$fcolor) $dat['fctable'][0]['chk'] = true; //値が無い場合、先頭にチェック } htmloutput(OTHERFILE,$dat); }else{ error(MSG031); } } /* 記事上書き */ function rewrite($no,$name,$email,$sub,$com,$url,$pwd,$admin){ global $badstring,$badip; global $REQUEST_METHOD; global $fcolor; // 時間 $time = time(); $name = charconvert($name ,CHARSET_IN); $sub = charconvert($sub ,CHARSET_IN); $com = charconvert($com ,CHARSET_IN); $email = charconvert($email,CHARSET_IN); $url = charconvert($url ,CHARSET_IN); foreach($badstring as $value){if(ereg($value,$com)||ereg($value,$sub)||ereg($value,$name)||ereg($value,$email)){error(MSG032,$dest);};} if($REQUEST_METHOD != "POST") error(MSG006); // フォーム内容をチェック if(!$name||ereg("^[ | |]*$",$name)) $name=""; if(!$com||ereg("^[ | |\t]*$",$com)) $com=""; if(!$sub||ereg("^[ | |]*$",$sub)) $sub=""; if(!$url||ereg("^[ | |]*$",$url)) $url=""; //$name=ereg_replace("管理","\"管理\"",$name); //$name=ereg_replace("削除","\"削除\"",$name); if(strlen($com) > MAX_COM) error(MSG011); if(strlen($name) > MAX_NAME) error(MSG012); if(strlen($email) > MAX_EMAIL) error(MSG013); if(strlen($sub) > MAX_SUB) error(MSG014); //ホスト取得 $host = gethostbyaddr(getenv("REMOTE_ADDR")); foreach($badip as $value){ //拒絶host if(eregi("$value$",$host)) error(MSG016); } if(eregi("^mail",$host) || eregi("^ns",$host) || eregi("^dns",$host) || eregi("^ftp",$host) || eregi("^prox",$host) || eregi("^pc",$host) || eregi("^[^\.]\.[^\.]$",$host)){ $pxck = "on"; } if(eregi("ne\\.jp$",$host) || eregi("ad\\.jp$",$host) || eregi("bbtec\\.net$",$host) || eregi("aol\\.com$",$host) || eregi("uu\\.net$",$host) || eregi("asahi-net\\.or\\.jp$",$host) || eregi("rim\\.or\\.jp$",$host)){ $pxck = "off"; }else{ $pxck = "on"; } if($pxck=="on" && PROXY_CHECK){ if(proxy_connect('80') == 1){ error(MSG017); }elseif(proxy_connect('8080') == 1){ error(MSG018); } } // パスと時間とURLフォーマット $pass = ($pwd) ? substr(md5($pwd),2,8) : "*"; $now = now_date($time);//日付取得 $now .= UPDATE_MARK; if(DISP_ID){ if($email&&DISP_ID==1){ $now .= " ID:???"; }else{ $now.=" ID:".substr(crypt(md5(getenv("REMOTE_ADDR").ID_SEED.gmdate("Ymd", $time+9*60*60)),'id'),-8); } } $now = str_replace(",", ",", $now);//カンマを変換 //テキスト整形 $email= CleanStr($email); $email=ereg_replace("[\r\n]","",$email); $sub = CleanStr($sub); $sub =ereg_replace("[\r\n]","",$sub); $url = CleanStr($url); $url =ereg_replace("[\r\n]","",$url); $url = str_replace(" ", "", $url); $com = CleanStr($com); // 改行文字の統一。 $com = str_replace("\r\n", "\n", $com); $com = str_replace("\r", "\n", $com); // 連続する空行を一行 $com = ereg_replace("\n(( | )*\n){3,}","\n",$com); if(!BR_CHECK || substr_count($com,"\n")を代入する } $com = str_replace("\n", "", $com); //\nを文字列から消す $name=ereg_replace("◆","◇",$name); $name=ereg_replace("[\r\n]","",$name); $names=$name; $name = CleanStr($name); if(ereg("(#|#)(.*)",$names,$regs)){ $cap = $regs[2]; $cap=strtr($cap,"&", "&"); $cap=strtr($cap,",", ","); $name=ereg_replace("(#|#)(.*)","",$name); $salt=substr($cap."H.",1,2); $salt=ereg_replace("[^\.-z]",".",$salt); $salt=strtr($salt,":;<=>?@[\\]^_`","ABCDEFGabcdef"); $name.="◆".substr(crypt($cap,$salt),-10); } //ログ読み込み $fp=fopen(LOGFILE,"r+"); flock($fp, 2); rewind($fp); $buf=fread($fp,1000000); if($buf==''){error(MSG019);} $buf = charconvert($buf,CHARSET_IN); $line = explode("\n",$buf); $countline=count($line); for($i = 0; $i < $countline; $i++){if($line[$i]!=""){$line[$i].="\n";};} // 記事上書き $flag = FALSE; for($i = 0; $i\n"; $str.= "\n"; $str.= "$mes 画面を切り替えます"; echo charconvert($str,CHARSET_OUT); } /* 画像差し換え */ function replace($no,$pwd,$stime){ global $path,$temppath,$badip,$badfile,$repcode; //ホスト取得 $host = gethostbyaddr(getenv("REMOTE_ADDR")); foreach($badip as $value){ //拒絶host if(eregi("$value$",$host)) error(MSG016); } if(eregi("^mail",$host) || eregi("^ns",$host) || eregi("^dns",$host) || eregi("^ftp",$host) || eregi("^prox",$host) || eregi("^pc",$host) || eregi("^[^\.]\.[^\.]$",$host)){ $pxck = "on"; } if(eregi("ne\\.jp$",$host) || eregi("ad\\.jp$",$host) || eregi("bbtec\\.net$",$host) || eregi("aol\\.com$",$host) || eregi("uu\\.net$",$host) || eregi("asahi-net\\.or\\.jp$",$host) || eregi("rim\\.or\\.jp$",$host)){ $pxck = "off"; }else{ $pxck = "on"; } if($pxck=="on" && PROXY_CHECK){ if(proxy_connect('80') == 1){ error(MSG017); }elseif(proxy_connect('8080') == 1){ error(MSG018); } } /*--- テンポラリ捜査 ---*/ $find=false; $handle = @opendir(TEMP_DIR); while ($file = readdir($handle)) { if(!is_dir($file) && preg_match("/\.(dat)$/i",$file)) { $fp = fopen(TEMP_DIR.$file, "r"); $userdata = fread($fp, 1024); fclose($fp); list($uip,$uhost,$uagent,$imgext,$ucode,$urepcode) = explode("\t", rtrim($userdata)); $file_name = eregi_replace("\.(dat)$","",$file); //画像があり、認識コードがhitすれば抜ける if(@file_exists(TEMP_DIR.$file_name.$imgext) && $urepcode == $repcode){$find=true;break;} } } closedir($handle); if(!$find){ header("Content-type: text/html; charset=".CHARSET_HTML); $str = "画像が見当たりません\n"; $str.= "\n"; $str.= '画像が見当たりません。数秒待ってリロードしてください。

リロードしてもこの画面がでるなら投稿に失敗している可能性があります。
※諦める前に「アップロード途中の画像」を見ましょう。もしかしたら画像が見つかるかもしれません。'; echo charconvert($str,CHARSET_OUT); exit; } // 時間 $time = time(); $tim = KASIRA.$time.substr(microtime(),2,3); $now = now_date($time);//日付取得 $now .= UPDATE_MARK; //描画時間 if($stime && DSP_PAINTTIME){ $ptime = ''; if($stime){ $psec = $time-$stime; if($psec >= 86400){ $D = intval($psec/86400); $ptime .= $D.PTIME_D; $psec -= $D*86400; } if($psec >= 3600){ $H = intval($psec/3600); $ptime .= $H.PTIME_H; $psec -= $H*3600; } if($psec >= 60){ $M = intval($psec/60); $ptime .= $M.PTIME_M; $psec -= $M*60; } if($psec){ $ptime .= $psec.PTIME_S; } } } //ログ読み込み $fp=fopen(LOGFILE,"r+"); flock($fp, 2); rewind($fp); $buf=fread($fp,1000000); if($buf==''){error(MSG019);} $buf = charconvert($buf,CHARSET_IN); $line = explode("\n",$buf); $countline=count($line); for($i = 0; $i < $countline; $i++){if($line[$i]!=""){$line[$i].="\n";};} // 記事上書き $flag = false; for($i = 0; $i\n"; $str.= "\n"; $str.= "$mes 画面を切り替えます"; echo charconvert($str,CHARSET_OUT); } /* カタログ */ function catalog(){ global $path,$page; $line = file(LOGFILE); $countline=count($line); for($i = 0; $i < $countline; $i++){ list($no,) = explode(",", $line[$i]); $lineindex[$no]=$i + 1; //逆変換テーブル作成 } $tree = file(TREEFILE); $counttree = count($tree); $x = 0; $y = 0; $pagedef = CATALOG_X * CATALOG_Y;//1ページに表示する件数 head($dat); form($dat,''); if(!$page) $page=0; for($i = $page; $i < $page+$pagedef; $i++){ if($tree[$i]==""){ $dat['y'][$y]['x'][$x]['noimg'] = true; }else{ $treeline = explode(",", rtrim($tree[$i])); $disptree = $treeline[0]; $j=$lineindex[$disptree] - 1; //該当記事を探して$jにセット if($line[$j]=="") continue; //$jが範囲外なら次の行 list($no,$now,$name,,$sub,,,,,$ext,$w,$h,$time,,) = explode(",", rtrim(charconvert($line[$j],CHARSET_IN))); // 画像ファイル名 $img = $path.$time.$ext; // 画像系変数セット if($ext && @is_file($img)){ $src = IMG_DIR.$time.$ext; if($w){ //サイズがある時 if($w > CATALOG_W) $w=CATALOG_W; //画像幅を揃える if(@is_file(THUMB_DIR.$time.'s.jpg')){ $imgsrc = THUMB_DIR.$time.'s.jpg'; }else{ $imgsrc = $src; } }else{$w=CATALOG_W;} //動画リンク if(USE_ANIME){ if(@file_exists(PCH_DIR.$time.'.pch')) $pch = $time.$ext; if(@file_exists(PCH_DIR.$time.'.spch')) $pch = $time.$ext.'&shi=1'; } }else{$txt=true;} //日付とIDを分離 if(ereg("( ID:)(.*)",$now,$regs)){ $id=$regs[2]; $now=ereg_replace("( ID:.*)","",$now); }else{$id='';} //日付と編集マークを分離 $updatemark=''; if(UPDATE_MARK){ if(strstr($now,UPDATE_MARK)){ $updatemark = UPDATE_MARK; $now=str_replace(UPDATE_MARK,"",$now); } } //名前とトリップを分離 $name=strip_tags($name);//タグ除去 if(ereg("(◆.*)",$name,$regs)){ $trip=$regs[1]; $name=ereg_replace("(◆.*)","",$name); }else{$trip='';} // 記事格納 $dat['y'][$y]['x'][$x] = compact('imgsrc','w','no','sub','name','now','pch','txt','id','updatemark','trip'); // 変数クリア unset($img,$src,$imgsrc,$w,$no,$sub,$name,$now,$pch,$txt); } $x++; if($x == CATALOG_X){$y++; $x=0;} } $prev = $page - $pagedef; $next = $page + $pagedef; // 改ページ処理 if($prev >= 0) $dat['prev'] = PHP_SELF.'?mode=catalog&page='.$prev; $paging = ""; for($i = 0; $i < count($tree) ; $i+=$pagedef){ if($page==$i){ $pformat = str_replace("", $i/$pagedef, NOW_PAGE); }else{ $pno = str_replace("", $i/$pagedef, OTHER_PAGE); $pformat = str_replace("", PHP_SELF."?mode=catalog&page=".$i, $pno); } $paging.=$pformat; } $dat['paging'] = $paging; if(count($tree) > $next){ $dat['next'] = PHP_SELF.'?mode=catalog&page='.$next; } htmloutput(CATALOGFILE,$dat); } /* 独自タグ */ function potitag($str){ global $tags1,$tags2,$ryfont1,$ryfont2; $tagrp = 0; $tagrps1 = array(); $tagrps2 = array(); while(preg_match('/\[([^\]:]+):([^\]]*)\]/',$str,$match)){ $str = str_replace($match[0],'',$str); array_push($tagrps1,'//'); $tag_ex = array(); $tag_ed = array(); $base_tags = explode(",",$match[1]); $com = $match[2]; foreach($base_tags as $base_tag){ $base_tag = trim($base_tag); if(ereg('^F',$base_tag)){ if(ereg('s\(([^\)]+)\)',$base_tag,$m)){$size = $m[1];} if(ereg('c\(([^\)]+)\)',$base_tag,$m)){$color = $m[1];} if(ereg('f\(([^\)]+)\)',$base_tag,$m)){ $face = $m[1]; for($i = 0; $i < count($ryfont1); $i++){ if($face == $ryfont1[$i]){$face = $ryfont2[$i];} } } $font_ex = 1; } if($base_tag=='RB'){ array_push($tag_ex,''); array_push($tag_ed,''); $rb_chk = 1; }else{ for($i = 0; $i < count($tags1); $i++){ if($base_tag==$tags1[$i]){ array_push($tag_ex,'<'.$tags2[$i].'>'); $endtag = ereg_replace("^([[:alpha:]]+)(.*)",'\\1',$tags2[$i]); array_push($tag_ed,''); break; } } } } if($rb_chk){ if(preg_match('/\(([^\):]+):([^\)]+)\)$/',$com,$m)){ $com = str_replace($m[0],'('.$m[2].')',$com); $rb_color = ' style="color:'.$m[1].'"'; } $com = preg_replace('/\(([^\)]+)\)$/','(\\1)',$com); } if($font_ex){ $size = ($size) ? ' size="'.$size.'"' : ''; $color = ($color) ? ' color="'.$color.'"' : ''; $face = ($face) ? ' face="'.$face.'"' : ''; array_unshift($tag_ex,""); array_unshift($tag_ed,""); } for($i = 0; $i < count($tag_ex); $i++){ $com = $tag_ex[$i].$com.$tag_ed[$i]; } array_push($tagrps2,$com); ++$tagrp; unset($tag_ex,$tag_ed,$base_tags,$com,$font_ex,$size,$color,$face,$rb_chk,$rb_color); } return preg_replace($tagrps1, $tagrps2, $str); } /* 独自タグ説明 */ function potitagview(){ global $tags1,$tags2,$ryfont1,$ryfont2; head($dat); $dat['potitag_mode'] = true; htmloutput(OTHERFILE,$dat); exit; } /* 文字コード変換 */ function charconvert($str,$charset){ if(CHARSET_CONVERT) return $str; switch($charset){ case 1 : $charset_mb="EUC-JP";break; case 2 : $charset_mb="SJIS";break; case 3 : $charset_mb="ISO-2022-JP";break; case 4 : $charset_mb="UTF-8";break; default : $charset_mb=$charset; } if(function_exists("mb_convert_encoding")&&function_exists("mb_language")&&USE_MB){ mb_language(LANG); return mb_convert_encoding($str, $charset_mb, "auto"); // jcode.php by TOMO }elseif((@file_exists("jcode.phps")||@file_exists("jcode.php"))&&is_numeric($charset)){ if(@file_exists("jcode.phps")){ require_once('jcode.phps'); } else{ require_once('jcode.php'); } $jc_from = AutoDetect($str); if($charset == 4){ global $table_jis_utf8; include_once('code_table.jis2ucs'); } if($jc_from == 4){ global $table_utf8_jis; include_once('code_table.ucs2jis'); } return JcodeConvert($str, $jc_from, $charset); }else{ return $str; } } /* HTML出力 */ function htmloutput($template,$dat,$buf_flag=''){ $buf = charconvert(HtmlTemplate::t_buffer($template,$dat), CHARSET_OUT); if($buf_flag){ return $buf; }else{ header("Content-type: text/html; charset=".CHARSET_HTML); echo $buf; } } /* スパムチェック(v1.33) */ function spam_check($pwd){ global $rbl_hostlist,$white_list; // 管理者パスと同じならチェックしない if($pwd == ADMIN_PASS) return; // IP と HOST 取得 $ip = getenv("HTTP_CLIENT_IP"); if(!$ip || $ip == "127.0.0.1") $ip = getenv("HTTP_X_FORWARDED_FOR"); if(!$ip) $ip = getenv("REMOTE_ADDR"); $host = gethostbyaddr($ip); if(preg_match("/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/", $ip)){ // IPが正常かチェック $ipr = implode('.',array_reverse(explode('.',$ip))); // 正常なら逆順IP作成 }else{ $ipr = ''; } // 規制対象外のホストかチェック if(is_array($white_list)){ foreach($white_list as $wlist){ if($wlist){ if(eregi($wlist, $host)) return; } } } // Refererを返さないホストは規制 if(DENY_NON_HTTP_REFERER){ $referer = getenv("HTTP_REFERER"); if(!$referer) error(MSG016."(NON HTTP REFERER)"); } // ちゃんとしたIPが取得できないホストは規制 if(DENY_BAD_IP && !$ipr) error(MSG016."(BAD IP)"); // 逆引きできないホスト規制 if(DENY_UNRESOLVABLE_HOST && $host == $ip) error(MSG016."(UNRESOLVABLE HOST)"); // 正引きと逆引きが矛盾しているホストは規制 if(DENY_BAD_HOST){ $host2ip = gethostbyname($host); if($host2ip != $ip) error(MSG016."(BAD HOST)"); } // IP割当国がJP以外は規制 if(DENY_NOT_JP){ $country = country_check($ip); if(($country != 'JP' && $country != 'XX') || ($country == 'XX' && !(eregi("\.jp$",$host) || eregi("bbtec\.net$",$host) || eregi("aol\.com$",$host) || eregi("uu\.net$",$host)))) error(MSG016."(NOT JP)"); } // 公開プロキシ規制 if(is_array($rbl_hostlist) && $ipr){ foreach($rbl_hostlist as $hostlist){ if($hostlist){ $check = $ipr.'.'.$hostlist; $result = gethostbyname($check); if($result != $check) error(MSG016.'(BLACKLISTED[ '.$hostlist.' ])'); } } } } /* どの国かチェック(v1.33) */ function country_check($ip){ $ipdb_host = 'http://api.hostip.info/country.php'; // IPアドレスデータベースAPI $time_out = 5; // socket time out (s) $country = @file_get_contents($ipdb_host.'?ip='.$ip); if(!$country){ // URL指定が許可されてない場合はソケット接続 $url = parse_url($ipdb_host); $timeout = time() + $time_out; $fp = @fsockopen($url['host'], ($url['port'] > 0 ? $url['port'] : 80), $errno, $errstr, $time_out); if(!$fp){ echo "** Socket Connect Error! $errstr ($errno)"; }else{ fputs($fp, "GET ".$url['path']."?ip=".$ip." HTTP/1.0\r\nHost: ".$url['host']."\r\n\r\n"); if($timeout?@[\\]^`/{|}~","ABCDEFGHIJKLMNOabcdefghijklmn"); } setcookie("usercode", $usercode, time()+86400*365);//1年間 switch($mode){ case 'regist': if(ADMIN_NEWPOST && !$resto){ if($pwd != ADMIN_PASS){ error(MSG029); }else{ $admin=$pwd; } } spam_check($pwd); // spam check(v1.33) regist($name,$email,$sub,$com,$url,$pwd,$upfile,$upfile_name,$resto,$pictmp,$picfile); break; case 'admin': valid($pass); if($admin=="del") admindel($pass); if($admin=="post"){ $dat['post_mode'] = true; $dat['regist'] = true; head($dat); form($dat,$res,1); htmloutput(OTHERFILE,$dat); } if($admin=="update"){ updatelog(); echo ""; } break; case 'usrdel': if(USER_DEL){ usrdel($del,$pwd); updatelog(); echo ""; }else{error(MSG033);} break; case 'paint': paintform($picw,$pich,$palette,$anime); break; case 'piccom': paintcom($resto); break; case 'openpch': openpch($pch,$sp); break; case 'continue': incontinue($no); break; case 'contpaint': if(CONTINUE_PASS) usrchk($no,$pwd); if(ADMIN_NEWPOST) $admin=$pwd; paintform($picw,$pich,$palette,$anime,$pch); break; case 'newpost': $dat['post_mode'] = true; $dat['regist'] = true; head($dat); form($dat,''); htmloutput(OTHERFILE,$dat); break; case 'edit': editform($del,$pwd); break; case 'rewrite': rewrite($no,$name,$email,$sub,$com,$url,$pwd,$admin); break; case 'picrep': replace($no,$pwd,$stime); break; case 'catalog': catalog(); break; case 'tag': potitagview(); break; default: if($res){ updatelog($res); }else{ echo ""; } } ?>