connect_error) { die("Connection failed: " . $conn->connect_error); } $conn->set_charset("utf8"); // Get website settings $result = $conn->query("SELECT webname, keywords, description, indexwebname, copyright FROM inc LIMIT 1"); if ($result) { $row = $result->fetch_assoc(); $webname = textUncode($row['webname']); $webkeywords = textUncode($row['keywords']); $webdescription = textUncode($row['description']); $indexwebname = textUncode($row['indexwebname']); $copyright = textUncode($row['copyright']); $result->close(); } // Global variables $useid = ''; $usename = ''; $usesex = ''; $usecompany = ''; $usetel = ''; $useemail = ''; // Session handling functions function addSession($key, $value) { $_SESSION['hjunkel.com' . $key] = $value; } function loadSession($key) { return $_SESSION['hjunkel.com' . $key] ?? ''; } // Check login function function checkLogin($permission = '') { global $conn; $loginId = loadSession('loginid'); $loginUser = loadSession('loginuser'); $loginName = loadSession('loginname'); $loginPower = loadSession('loginpower'); if (empty($loginId) || empty($loginUser) || empty($loginName) || empty($loginPower)) { echo ""; exit; } if (!is_numeric($loginId) || !is_numeric($loginPower)) { echo ""; exit; } $loginId = $conn->real_escape_string($loginId); $loginUser = $conn->real_escape_string($loginUser); $result = $conn->query("SELECT loginstate, loginpower FROM login WHERE id=$loginId AND loginuser='$loginUser'"); if ($result->num_rows === 0) { echo ""; exit; } $row = $result->fetch_assoc(); if ($row['loginstate'] == 0) { echo ""; exit; } if ($row['loginpower'] != (int)$loginPower) { echo ""; exit; } $result = $conn->query("SELECT powerstate, powercontent FROM power WHERE id=$loginPower"); if ($result->num_rows === 0) { echo ""; exit; } $row = $result->fetch_assoc(); if ($row['powerstate'] == 0) { echo ""; exit; } $powerContent = $row['powercontent']; if (!empty($permission) && strpos($powerContent, $permission) === false) { echo ""; exit; } } function chkLogin($permission) { global $conn; $loginPower = loadSession('loginpower'); $result = $conn->query("SELECT powercontent FROM power WHERE id=" . (int)$loginPower); if ($result->num_rows === 0) { return false; } $row = $result->fetch_assoc(); if (!empty($permission) && strpos($row['powercontent'], $permission) === false) { return false; } return true; } function checkPost() { // 可以根据需要实现POST检查 // if (!isset($_SERVER['HTTP_REFERER']) || parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) !== $_SERVER['SERVER_NAME']) { // die(""); // } } function txt2HTML($text) { if (empty($text) || is_null($text)) { return ''; } return htmlspecialchars($text, ENT_QUOTES | ENT_HTML5, 'UTF-8'); } function html2Txt($text) { if (empty($text) || is_null($text)) { return ''; } return htmlspecialchars_decode($text, ENT_QUOTES); } function htmlEncode($text) { if (empty($text) || is_null($text)) { return ''; } $chars = [ '&' => '&', "\t" => ' ', "\n" => ' ', "\r" => ' ', ' ' => ' ', '"' => '"', '%' => '%', "'" => ''', '(' => '(', ')' => ')', '<' => '<', '>' => '>', '[' => '[', ']' => ']', '^' => '^', '_' => '_', '{' => '{', '|' => '|', '}' => '}' ]; return strtr($text, $chars); } function htmlUncode($text) { if (empty($text) || is_null($text)) { return ''; } $chars = array_flip([ '&' => '&', "\t" => ' ', "\n" => ' ', "\r" => ' ', ' ' => ' ', '"' => '"', '%' => '%', "'" => ''', '(' => '(', ')' => ')', '<' => '<', '>' => '>', '[' => '[', ']' => ']', '^' => '^', '_' => '_', '{' => '{', '|' => '|', '}' => '}' ]); return strtr($text, $chars); } function textEncode($text) { if (empty($text) || is_null($text)) { return ''; } $text = trim($text); // Remove control characters $text = preg_replace('/[\x00-\x1F\x7F]/', '', $text); return htmlEncode($text); } function textUncode($text) { if (empty($text) || is_null($text)) { return ''; } return htmlUncode($text); } function htmlUncode1($text) { if (empty($text) || is_null($text)) { return ''; } $replacements = [ ' ' => "\t", '' => "\v", ' ' => '
', ' ' => '
', ' ' => '
', ' ' => ' ', '&' => '&' ]; return strtr($text, $replacements); } function strLeft($str, $length) { if (empty($str)) { return ''; } $substr = mb_substr($str, 0, $length, 'UTF-8'); return ($substr != $str) ? $substr . '..' : $substr; } function enMonth($m) { $months = [ '1' => 'Jan', '2' => 'Feb', '3' => 'Mar', '4' => 'Apr', '5' => 'May', '6' => 'Jun', '7' => 'Jul', '8' => 'Aug', '9' => 'Sep', '10' => 'Oct', '11' => 'Nov', '12' => 'Dec' ]; return $months[$m] ?? 'Dec'; } function sitelinkReplace($content, $search, $replace, $limit = -1) { if (empty($content) || is_null($content)) { return ''; } // 保存HTML标签内容 $patterns = [ '/]+>.+?<\/a>/is', // 链接 '/]+>/is', // 图片 '/.+?<\/h[1-6]+>/is' // 标题 ]; $savedTags = []; $i = 0; foreach ($patterns as $pattern) { $content = preg_replace_callback($pattern, function($match) use (&$savedTags, &$i) { $savedTags[$i] = $match[0]; $placeholder = "[{$i}]"; $i++; return $placeholder; }, $content); } if ($i == 0) { // 如果没有需要保护的HTML标签，直接替换 return str_replace($search, $replace, $content, $limit); } // 执行替换 $content = str_replace($search, $replace, $content, $limit); // 还原保存的标签 for ($j = 0; $j < $i; $j++) { $content = str_replace("[{$j}]", $savedTags[$j], $content); } return $content; } function getIp() { $ip = $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['REMOTE_ADDR'] ?? ''; if (strlen($ip) > 15) { $ip = 'Unknown'; } return htmlEncode($ip); } function formatTime($time, $format) { if (!strtotime($time)) { return ''; } $replacements = [ 'yyyy' => 'Y', 'yy' => 'y', 'mm' => 'm', 'dd' => 'd', 'hh' => 'H', 'ff' => 'i', 'ss' => 's' ]; $phpFormat = strtr($format, $replacements); return date($phpFormat, strtotime($time)); } function removeHTML($text) { if (empty($text) || is_null($text)) { return ''; } // Remove scripts and iframes $text = preg_replace(['/]*>(.*?)<\/script>/is', '/]*>(.*?)<\/iframe>/is'], '', $text); // Convert special characters $text = str_replace(['<', '>'], ['<', '>'], $text); // Remove all remaining HTML tags $text = strip_tags($text); // Remove special characters and whitespace $text = str_replace([' ', "\r", "\n", "\t", "\x09", "\x0A", "\x0D", "\x16"], '', $text); return trim($text); } function isValidEmail($email) { if (empty($email)) { return false; } $parts = explode('@', $email); if (count($parts) !== 2) { return false; } list($local, $domain) = $parts; if (empty($local) || empty($domain)) { return false; } if (!preg_match('/^[a-zA-Z0-9._-]+$/', $local)) { return false; } if (strpos($domain, '.') === false) { return false; } $tld = substr($domain, strrpos($domain, '.') + 1); if (strlen($tld) < 2 || strlen($tld) > 3) { return false; } if (strpos($email, '..') !== false) { return false; } return true; } //处理特殊字符 function htmlspecialcharsFix($input_str) { return $input_str; }