DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 31 Activity
Browse Source

会员投稿防灌水

tags/6.2.0
tianya 3 years ago
parent
aab40c2796
commit
043795dd92
14 changed files with 77 additions and 10 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      src/admin/member_do.php
  2. +9
    -7
      src/admin/templets/member_main.htm
  3. +7
    -1
      src/admin/templets/member_view.htm
  4. +1
    -0
      src/install/sql-dftables.txt
  5. +2
    -1
      src/install/update.txt
  6. +25
    -0
      src/system/memberlogin.class.php
  7. +4
    -0
      src/user/album_add.php
  8. +4
    -0
      src/user/album_edit.php
  9. +4
    -0
      src/user/archives_add.php
  10. +4
    -0
      src/user/archives_edit.php
  11. +4
    -0
      src/user/archives_sg_add.php
  12. +4
    -0
      src/user/archives_sg_edit.php
  13. +4
    -0
      src/user/article_add.php
  14. +4
    -0
      src/user/article_edit.php

+ 1
- 1
src/admin/member_do.php View File

@@ -155,7 +155,7 @@ else if ($dopost == 'edituser') {
ShowMsg("对不起,为安全起见,不支持直接把前台会员转为管理的操作", "-1"); ShowMsg("对不起,为安全起见,不支持直接把前台会员转为管理的操作", "-1");
exit(); exit();
} }
$query = "UPDATE `#@__member` SET email='$email',uname='$uname',sex='$sex',matt='$matt',money='$money',scores='$scores',`rank`='$rank',spacesta='$spacesta',uptime='$uptime',exptime='$exptime'$pwdsql WHERE mid='$id' AND matt<>10 ";
$query = "UPDATE `#@__member` SET send_max='$send_max',email='$email',uname='$uname',sex='$sex',matt='$matt',money='$money',scores='$scores',`rank`='$rank',spacesta='$spacesta',uptime='$uptime',exptime='$exptime'$pwdsql WHERE mid='$id' AND matt<>10 ";
$rs = $dsql->ExecuteNoneQuery2($query); $rs = $dsql->ExecuteNoneQuery2($query);
if ($rs == 0) { if ($rs == 0) {
$query = "UPDATE `#@__member` SET email='$email',uname='$uname',sex='$sex',money='$money',scores='$scores',`rank`='$rank',spacesta='$spacesta',uptime='$uptime',exptime='$exptime'$pwdsql WHERE mid='$id' "; $query = "UPDATE `#@__member` SET email='$email',uname='$uname',sex='$sex',money='$money',scores='$scores',`rank`='$rank',spacesta='$spacesta',uptime='$uptime',exptime='$exptime'$pwdsql WHERE mid='$id' ";


+ 9
- 7
src/admin/templets/member_main.htm View File

@@ -58,21 +58,22 @@
<form name="form2"> <form name="form2">
<table cellpadding="2" cellspacing="1" align="center" class="table maintable mb-3"> <table cellpadding="2" cellspacing="1" align="center" class="table maintable mb-3">
<tr> <tr>
<td bgcolor="#f5f5f5" colspan="10">注册会员列表</td>
<td bgcolor="#f5f5f5" colspan="11">注册会员列表</td>
</tr> </tr>
<tr bgcolor="#e9ecef" align="center"> <tr bgcolor="#e9ecef" align="center">
<td width="6%">选择</td> <td width="6%">选择</td>
<td width="6%">mid</td> <td width="6%">mid</td>
<td width="16%">用户</td>
<td width="12%">用户</td>
<td width="8%">名称</td> <td width="8%">名称</td>
<td width="8%">邮箱</td> <td width="8%">邮箱</td>
<td width="6%">性别</td> <td width="6%">性别</td>
<td width="6%">会员等级</td> <td width="6%">会员等级</td>
<td width="14%">会员属性</td>
<td width="14%">地址时间</td>
<td width="12%">会员属性</td>
<td width="12%">地址时间</td>
<td width="8%">发布限制</td>
<td>操作</td> <td>操作</td>
</tr> </tr>
{dede:datalist empty='<tr><td colspan="10" align="center">暂无文档</td></tr>'}
{dede:datalist empty='<tr><td colspan="11" align="center">暂无文档</td></tr>'}
<tr align="center" onmousemove="javascript:this.bgColor='#e9ecef';" onmouseout="javascript:this.bgColor='#ffffff';"> <tr align="center" onmousemove="javascript:this.bgColor='#e9ecef';" onmouseout="javascript:this.bgColor='#ffffff';">
<td><input type="checkbox" name="mid" id="mid" value="{dede:field.mid/}"></td> <td><input type="checkbox" name="mid" id="mid" value="{dede:field.mid/}"></td>
<td>{dede:field.mid/}</td> <td>{dede:field.mid/}</td>
@@ -91,6 +92,7 @@
<td><a href="member_main.php?rank={dede:field.rank/}">{dede:field.rank function="GetMemberName(@me,'限制会员')"/}</a></td> <td><a href="member_main.php?rank={dede:field.rank/}">{dede:field.rank function="GetMemberName(@me,'限制会员')"/}</a></td>
<td>{dede:field.mtype/}用户丨金币{dede:field.money/}丨积分{dede:field.scores/}</td> <td>{dede:field.mtype/}用户丨金币{dede:field.money/}丨积分{dede:field.scores/}</td>
<td>{dede:field.loginip/}丨{dede:field.logintime function="MyDate('y-m-d H:i',@me)"/}</td> <td>{dede:field.loginip/}丨{dede:field.logintime function="MyDate('y-m-d H:i',@me)"/}</td>
<td>{dede:field.send_max/}</td>
<td align="center"> <td align="center">
<a href="member_view.php?id={dede:field.mid/}" class="btn btn-success btn-sm">修改</a> <a href="member_view.php?id={dede:field.mid/}" class="btn btn-success btn-sm">修改</a>
<a href="member_do.php?id={dede:field.mid/}&dopost=delmember" class="btn btn-danger btn-sm">删除</a> <a href="member_do.php?id={dede:field.mid/}&dopost=delmember" class="btn btn-danger btn-sm">删除</a>
@@ -100,14 +102,14 @@
</tr> </tr>
{/dede:datalist} {/dede:datalist}
<tr> <tr>
<td colspan="10">
<td colspan="11">
<a href="javascript:selAll()" class="btn btn-success btn-sm">全选</a> <a href="javascript:selAll()" class="btn btn-success btn-sm">全选</a>
<a href="javascript:noSelAll()" class="btn btn-success btn-sm">取消</a> <a href="javascript:noSelAll()" class="btn btn-success btn-sm">取消</a>
<a href="javascript:delArc(0)" class="btn btn-danger btn-sm">删除</a> <a href="javascript:delArc(0)" class="btn btn-danger btn-sm">删除</a>
</td> </td>
</tr> </tr>
<tr> <tr>
<td colspan="10" bgcolor="#f5f5f5" align="center">{dede:pagelist listsize='6'/}</td>
<td colspan="11" bgcolor="#f5f5f5" align="center">{dede:pagelist listsize='6'/}</td>
</tr> </tr>
</table> </table>
</form> </form>


+ 7
- 1
src/admin/templets/member_view.htm View File

@@ -134,6 +134,12 @@
<input name="matt" type="text" id="matt" value="<?php echo $row['matt']?>" class="admin-input-sm">(0为普通,1为推荐,10为管理员不能在前台登录非管理员id是严格使用10属性的,要新建管理在<a href="sys_admin_user_add.php" target="_blank">系统帐号</a>地方增加) <input name="matt" type="text" id="matt" value="<?php echo $row['matt']?>" class="admin-input-sm">(0为普通,1为推荐,10为管理员不能在前台登录非管理员id是严格使用10属性的,要新建管理在<a href="sys_admin_user_add.php" target="_blank">系统帐号</a>地方增加)
</td> </td>
</tr> </tr>
<tr>
<td class="admin-td">投稿限制:</td>
<td class="admin-td">
<input name="send_max" type="text" value="<?php echo $row['send_max']?>" class="admin-input-sm">(0为不能投稿)
</td>
</tr>
<tr> <tr>
<td class="admin-td">资料状况:</td> <td class="admin-td">资料状况:</td>
<td class="admin-td"> <td class="admin-td">
@@ -168,7 +174,7 @@
<tr> <tr>
<td bgcolor="#f5f5f5" colspan="2" align="center"> <td bgcolor="#f5f5f5" colspan="2" align="center">
<button type="submit" name="Submit" class="btn btn-success btn-sm">保存</button> <button type="submit" name="Submit" class="btn btn-success btn-sm">保存</button>
<button type="button" onclick="javascript:history.go(-1);" class="btn btn-success btn-sm">返回</button>
<button type="button" onclick="javascript:history.go(-1);" class="btn btn-outline-success btn-sm">返回</button>
</td> </td>
</tr> </tr>
</form> </form>


+ 1
- 0
src/install/sql-dftables.txt View File

@@ -490,6 +490,7 @@ CREATE TABLE `#@__member` (
`loginip` char(46) NOT NULL default '', `loginip` char(46) NOT NULL default '',
`checkmail` smallint(6) NOT NULL default '-1', `checkmail` smallint(6) NOT NULL default '-1',
`loginerr` tinyint NULL DEFAULT 0, `loginerr` tinyint NULL DEFAULT 0,
`send_max` int DEFAULT '0',
PRIMARY KEY (`mid`), PRIMARY KEY (`mid`),
KEY `userid` (`userid`,`sex`), KEY `userid` (`userid`,`sex`),
KEY `logintime` (`logintime`) KEY `logintime` (`logintime`)


+ 2
- 1
src/install/update.txt View File

@@ -105,4 +105,5 @@ DELETE FROM `#@__sysconfig` WHERE `#@__sysconfig`.`varname` = 'cfg_vdcode_member
-- 6.2.0 -- 6.2.0
ALTER TABLE `#@__arctype` CHANGE COLUMN `iscross` `cross` tinyint(1) NOT NULL DEFAULT 0 AFTER `ishidden`; ALTER TABLE `#@__arctype` CHANGE COLUMN `iscross` `cross` tinyint(1) NOT NULL DEFAULT 0 AFTER `ishidden`;
ALTER TABLE `#@__admin` ADD COLUMN `loginerr` tinyint NULL DEFAULT 0 AFTER `loginip`; ALTER TABLE `#@__admin` ADD COLUMN `loginerr` tinyint NULL DEFAULT 0 AFTER `loginip`;
ALTER TABLE `#@__member` ADD COLUMN `loginerr` tinyint NULL DEFAULT 0 AFTER `checkmail`;
ALTER TABLE `#@__member` ADD COLUMN `loginerr` tinyint NULL DEFAULT 0 AFTER `checkmail`;
ALTER TABLE `#@__member` ADD COLUMN `send_max` int NULL DEFAULT 0 AFTER `loginerr`;

+ 25
- 0
src/system/memberlogin.class.php View File

@@ -113,6 +113,7 @@ class MemberLogin
var $M_HasDay; var $M_HasDay;
var $M_JoinTime; var $M_JoinTime;
var $M_Honor = ''; var $M_Honor = '';
var $M_SendMax = 0;
var $memberCache = 'memberlogin'; var $memberCache = 'memberlogin';
//php5构造函数 //php5构造函数
function __construct($kptime = -1, $cache = FALSE) function __construct($kptime = -1, $cache = FALSE)
@@ -164,6 +165,7 @@ class MemberLogin
if ($this->fields['matt'] == 10) $this->isAdmin = TRUE; if ($this->fields['matt'] == 10) $this->isAdmin = TRUE;
$this->M_UpTime = $this->fields['uptime']; $this->M_UpTime = $this->fields['uptime'];
$this->M_ExpTime = $this->fields['exptime']; $this->M_ExpTime = $this->fields['exptime'];
$this->M_SendMax = $this->fields['send_max'];
$this->M_JoinTime = MyDate('Y-m-d', $this->fields['jointime']); $this->M_JoinTime = MyDate('Y-m-d', $this->fields['jointime']);
if ($this->M_Rank > 10 && $this->M_UpTime > 0) { if ($this->M_Rank > 10 && $this->M_UpTime > 0) {
$this->M_HasDay = $this->Judgemember(); $this->M_HasDay = $this->Judgemember();
@@ -340,6 +342,29 @@ class MemberLogin
default: default:
return md5($pwd); return md5($pwd);
} }
}
/**
* 投稿是否被限制
*
* @return bool
*/
function IsSendLimited()
{
global $dsql;
$arr = $dsql->GetOne("SELECT COUNT(*) as dd FROM `#@__arctiny` WHERE mid='{$this->M_ID}'");
if ($this->isAdmin === true ) {
return false;
}
if (is_array($arr)) {
if ($arr['dd'] >= $this->M_SendMax) {
return true;
} else {
return false;
}
} else {
return true;
}
} }
/** /**
* 把数据库密码转为特定长度 * 把数据库密码转为特定长度


+ 4
- 0
src/user/album_add.php View File

@@ -28,6 +28,10 @@ $channelid = isset($channelid) && is_numeric($channelid) ? $channelid : 2;
$typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0; $typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0;
$menutype = 'content'; $menutype = 'content';
if (empty($formhtml)) $formhtml = 0; if (empty($formhtml)) $formhtml = 0;
if ($cfg_ml->IsSendLimited()) {
ShowMsg("对不起,当前用户已经超出投稿限制,投稿限制次数:{$cfg_ml->M_SendMax}次", "-1", "0", 5000);
exit();
}
/*------------- /*-------------
function _ShowForm(){ } function _ShowForm(){ }
--------------*/ --------------*/


+ 4
- 0
src/user/album_edit.php View File

@@ -26,6 +26,10 @@ $channelid = isset($channelid) && is_numeric($channelid) ? $channelid : 2;
$aid = isset($aid) && is_numeric($aid) ? $aid : 0; $aid = isset($aid) && is_numeric($aid) ? $aid : 0;
$menutype = 'content'; $menutype = 'content';
if (empty($formhtml)) $formhtml = 0; if (empty($formhtml)) $formhtml = 0;
if ($cfg_ml->IsSendLimited()) {
ShowMsg("对不起,当前用户已经超出投稿限制,投稿限制次数:{$cfg_ml->M_SendMax}次", "-1", "0", 5000);
exit();
}
/*------------- /*-------------
function _ShowForm(){ } function _ShowForm(){ }
--------------*/ --------------*/


+ 4
- 0
src/user/archives_add.php View File

@@ -18,6 +18,10 @@ $channelid = isset($channelid) && is_numeric($channelid) ? $channelid : 1;
$typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0; $typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0;
$mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0; $mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0;
$menutype = 'content'; $menutype = 'content';
if ($cfg_ml->IsSendLimited()) {
ShowMsg("对不起,当前用户已经超出投稿限制,投稿限制次数:{$cfg_ml->M_SendMax}次", "-1", "0", 5000);
exit();
}
/*------------- /*-------------
function _ShowForm(){ } function _ShowForm(){ }
--------------*/ --------------*/


+ 4
- 0
src/user/archives_edit.php View File

@@ -18,6 +18,10 @@ $channelid = isset($channelid) && is_numeric($channelid) ? $channelid : 1;
$aid = isset($aid) && is_numeric($aid) ? $aid : 0; $aid = isset($aid) && is_numeric($aid) ? $aid : 0;
$mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0; $mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0;
$menutype = 'content'; $menutype = 'content';
if ($cfg_ml->IsSendLimited()) {
ShowMsg("对不起,当前用户已经超出投稿限制,投稿限制次数:{$cfg_ml->M_SendMax}次", "-1", "0", 5000);
exit();
}
/*------------- /*-------------
function _ShowForm(){ } function _ShowForm(){ }
--------------*/ --------------*/


+ 4
- 0
src/user/archives_sg_add.php View File

@@ -18,6 +18,10 @@ $channelid = isset($channelid) && is_numeric($channelid) ? $channelid : 1;
$typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0; $typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0;
$mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0; $mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0;
$menutype = 'content'; $menutype = 'content';
if ($cfg_ml->IsSendLimited()) {
ShowMsg("对不起,当前用户已经超出投稿限制,投稿限制次数:{$cfg_ml->M_SendMax}次", "-1", "0", 5000);
exit();
}
/*------------- /*-------------
function _ShowForm(){ } function _ShowForm(){ }
--------------*/ --------------*/


+ 4
- 0
src/user/archives_sg_edit.php View File

@@ -18,6 +18,10 @@ $channelid = isset($channelid) && is_numeric($channelid) ? $channelid : 1;
$aid = isset($aid) && is_numeric($aid) ? $aid : 0; $aid = isset($aid) && is_numeric($aid) ? $aid : 0;
$mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0; $mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0;
$menutype = 'content'; $menutype = 'content';
if ($cfg_ml->IsSendLimited()) {
ShowMsg("对不起,当前用户已经超出投稿限制,投稿限制次数:{$cfg_ml->M_SendMax}次", "-1", "0", 5000);
exit();
}
/*------------- /*-------------
function _ShowForm(){ } function _ShowForm(){ }
--------------*/ --------------*/


+ 4
- 0
src/user/article_add.php View File

@@ -18,6 +18,10 @@ $channelid = isset($channelid) && is_numeric($channelid) ? $channelid : 1;
$typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0; $typeid = isset($typeid) && is_numeric($typeid) ? $typeid : 0;
$mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0; $mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0;
$menutype = 'content'; $menutype = 'content';
if ($cfg_ml->IsSendLimited()) {
ShowMsg("对不起,当前用户已经超出投稿限制,投稿限制次数:{$cfg_ml->M_SendMax}次", "-1", "0", 5000);
exit();
}
/*------------- /*-------------
function _ShowForm(){ } function _ShowForm(){ }
--------------*/ --------------*/


+ 4
- 0
src/user/article_edit.php View File

@@ -18,6 +18,10 @@ $channelid = isset($channelid) && is_numeric($channelid) ? $channelid : 1;
$aid = isset($aid) && is_numeric($aid) ? $aid : 0; $aid = isset($aid) && is_numeric($aid) ? $aid : 0;
$mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0; $mtypesid = isset($mtypesid) && is_numeric($mtypesid) ? $mtypesid : 0;
$menutype = 'content'; $menutype = 'content';
if ($cfg_ml->IsSendLimited()) {
ShowMsg("对不起,当前用户已经超出投稿限制,投稿限制次数:{$cfg_ml->M_SendMax}次", "-1", "0", 5000);
exit();
}
/*------------- /*-------------
function _ShowForm(){ } function _ShowForm(){ }
--------------*/ --------------*/


Write Preview
Loading…
Cancel
Save