PageRenderTime 53ms CodeModel.GetById 23ms RepoModel.GetById 1ms app.codeStats 0ms

/source/function/function_connect.php

https://github.com/jinbo51/DiscuzX
PHP | 678 lines | 554 code | 118 blank | 6 comment | 67 complexity | 459a9b71a3a8414137601e6913e7bbe0 MD5 | raw file
Possible License(s): BSD-3-Clause
  1. <?php
  2. /**
  3. * [Discuz!] (C)2001-2099 Comsenz Inc.
  4. * This is NOT a freeware, use is subject to license terms
  5. *
  6. * $Id: function_connect.php 27641 2012-02-08 09:51:14Z zhouxiaobo $
  7. */
  8. if(!defined('IN_DISCUZ')) {
  9. exit('Access Denied');
  10. }
  11. require_once libfile('function/cloud');
  12. function connect_output_javascript($jsurl) {
  13. return '<script type="text/javascript">_attachEvent(window, \'load\', function () { appendscript(\''.$jsurl.'\', \'\', 1, \'utf-8\') }, document);</script>';
  14. }
  15. function connect_output_php($url, $postData = '') {
  16. global $_G;
  17. $response = dfsockopen($url, 0, $postData, '', false, $_G['setting']['cloud_api_ip']);
  18. $result = (array) unserialize($response);
  19. return $result;
  20. }
  21. function connect_user_bind_js($params) {
  22. global $_G;
  23. $jsname = $_G['cookie']['connect_js_name'];
  24. if($jsname != 'user_bind') {
  25. return false;
  26. }
  27. $jsparams = unserialize(base64_decode($_G['cookie']['connect_js_params']));
  28. $jsurl = $_G['connect']['url'].'/notify/user/bind';
  29. if($jsparams) {
  30. $params = array_merge($params, $jsparams);
  31. }
  32. $func = 'connect_'.$jsname.'_params';
  33. $other_params = $func ();
  34. $params = array_merge($other_params, $params);
  35. $params['sig'] = connect_get_sig($params, connect_get_sig_key());
  36. $jsurl .= '?'.cloud_http_build_query($params, '', '&');
  37. dsetcookie('connect_js_name');
  38. dsetcookie('connect_js_params');
  39. return connect_output_javascript($jsurl);
  40. }
  41. function connect_load_qshare_js($appkey) {
  42. global $_G;
  43. $jsurl = $_G['siteurl'] . 'static/js/qshare.js';
  44. $sitename = isset($_G['setting']['bbname']) ? $_G['setting']['bbname'] : '';
  45. return '<script type="text/javascript" src="' . $jsurl . '"></script><script type="text/javascript">_share_tencent_weibo(null, $C("t_f", null, "td"), "' . $_G['siteurl'] . '", "' . $appkey . '", "' . $sitename . '");</script>';
  46. }
  47. function connect_check_token_js() {
  48. global $_G;
  49. $request_url = $_G['siteurl'] . 'connect.php?mod=check&op=token&_r=' . rand(1, 10000);
  50. $js = <<<EOF
  51. <script type="text/javascript">
  52. function connect_handle_check_token(response, ajax) {
  53. if (typeof(response) == "string" && response.indexOf("&") > 0) {
  54. var errCode = response.substring(0, response.indexOf("&"));
  55. errCode = errCode.substring(errCode.indexOf("=") + 1);
  56. var result = response.substring(response.indexOf("&") + 1);
  57. result = result.substring(result.indexOf("=") + 1);
  58. response = {"errCode" : errCode, "result" : result};
  59. } else {
  60. return false;
  61. }
  62. if (response.errCode == '0' && response.result == '2') {
  63. if (typeof(_is_token_outofdate) != "undefined") {
  64. _is_feed_auth = false;
  65. _is_token_outofdate = true;
  66. connect_post_init();
  67. }
  68. if (typeof(_is_token_outofdate_infloat) != "undefined") {
  69. _is_feed_auth_infloat = false;
  70. _is_token_outofdate_infloat = true;
  71. connect_post_init_infloat();
  72. }
  73. if (typeof(_share_buttons) != "undefined" && typeof(_is_oauth_user) != "undefined") {
  74. _is_oauth_user = false;
  75. _is_share_token_outofdate = true;
  76. }
  77. }
  78. }
  79. function connect_ajax_check_token() {
  80. var _check_token_ajax = Ajax("HTML", null);
  81. _check_token_ajax.get("{$request_url}", connect_handle_check_token);
  82. }
  83. _attachEvent(window, 'load', connect_ajax_check_token);
  84. </script>
  85. EOF;
  86. return $js;
  87. }
  88. function connect_cookie_login_report($loginTimes) {
  89. global $_G;
  90. $response = '';
  91. if ($loginTimes) {
  92. $api_url = $_G['connect']['api_url'].'/connect/discuz/batchCookieReport';
  93. $params = array (
  94. 'oauth_consumer_key' => $_G['setting']['connectappid'],
  95. 'login_times' => $loginTimes,
  96. 'date' => dgmdate(TIMESTAMP - 86400, 'Y-m-d'),
  97. 'ts' => TIMESTAMP,
  98. );
  99. $params['sig'] = connect_get_sig($params, connect_get_sig_key());
  100. $response = connect_output_php($api_url.'?', cloud_http_build_query($params, '', '&'));
  101. }
  102. return $response;
  103. }
  104. function connect_cookie_login_params() {
  105. global $_G;
  106. connect_merge_member();
  107. $oauthToken = $_G['member']['conuin'];
  108. $api_url = $_G['connect']['api_url'].'/connect/discuz/cookieReport';
  109. if($oauthToken) {
  110. $extra = array (
  111. 'oauth_token' => $oauthToken
  112. );
  113. $sig_params = connect_get_oauth_signature_params($extra);
  114. $oauth_token_secret = $_G['member']['conuinsecret'];
  115. $sig_params['oauth_signature'] = connect_get_oauth_signature($api_url, $sig_params, 'POST', $oauth_token_secret);
  116. $params = array (
  117. 'client_ip' => $_G['clientip'],
  118. 'u_id' => $_G['uid']
  119. );
  120. $params = array_merge($sig_params, $params);
  121. $params['response_type'] = 'php';
  122. return $params;
  123. } else {
  124. return false;
  125. }
  126. }
  127. function connect_cookie_login_js() {
  128. global $_G;
  129. $ajaxUrl = 'connect.php?mod=check&op=cookie';
  130. return '<script type="text/javascript">var cookieLogin = Ajax("TEXT");cookieLogin.get("' . $ajaxUrl . '", function() {});</script>';
  131. }
  132. function connect_user_unbind() {
  133. global $_G;
  134. $api_url = $_G['connect']['api_url'].'/connect/user/unbind';
  135. $extra = array (
  136. 'oauth_token' => $_G['member']['conuin']
  137. );
  138. $sig_params = connect_get_oauth_signature_params($extra);
  139. $oauth_token_secret = $_G['member']['conuinsecret'];
  140. $sig_params['oauth_signature'] = connect_get_oauth_signature($api_url, $sig_params, 'POST', $oauth_token_secret);
  141. $params = array (
  142. 'client_ip' => $_G['clientip']
  143. );
  144. $params = array_merge($sig_params, $params);
  145. $params['response_type'] = 'php';
  146. $response = connect_output_php($api_url.'?', cloud_http_build_query($params, '', '&'));
  147. return $response;
  148. }
  149. function connect_user_bind_params() {
  150. global $_G;
  151. connect_merge_member();
  152. getuserprofile('birthyear');
  153. getuserprofile('birthmonth');
  154. getuserprofile('birthday');
  155. switch ($_G['member']['gender']) {
  156. case 1 :
  157. $sex = 'male';
  158. break;
  159. case 2 :
  160. $sex = 'female';
  161. break;
  162. default :
  163. $sex = 'unknown';
  164. }
  165. $is_public_email = 2;
  166. $is_use_qq_avatar = $_G['member']['conisqzoneavatar'] == 1 ? 1 : 2;
  167. $birthday = sprintf('%04d', $_G['member']['birthyear']).'-'.sprintf('%02d', $_G['member']['birthmonth']).'-'.sprintf('%02d', $_G['member']['birthday']);
  168. $agent = md5(time().rand().uniqid());
  169. $inputArray = array (
  170. 'uid' => $_G['uid'],
  171. 'agent' => $agent,
  172. 'time' => TIMESTAMP
  173. );
  174. require_once DISCUZ_ROOT.'./config/config_ucenter.php';
  175. $input = 'uid='.$_G['uid'].'&agent='.$agent.'&time='.TIMESTAMP;
  176. $avatar_input = authcode($input, 'ENCODE', UC_KEY);
  177. $params = array (
  178. 'oauth_consumer_key' => $_G['setting']['connectappid'],
  179. 'u_id' => $_G['uid'],
  180. 'username' => $_G['member']['username'],
  181. 'email' => $_G['member']['email'],
  182. 'birthday' => $birthday,
  183. 'sex' => $sex,
  184. 'is_public_email' => $is_public_email,
  185. 'is_use_qq_avatar' => $is_use_qq_avatar,
  186. 's_id' => $_G['setting']['connectsiteid'],
  187. 'avatar_input' => $avatar_input,
  188. 'avatar_agent' => $agent,
  189. 'site_ucenter_id' => UC_APPID
  190. );
  191. return $params;
  192. }
  193. function connect_feed_resend_js() {
  194. global $_G;
  195. $jsname = $_G['cookie']['connect_js_name'];
  196. if($jsname != 'feed_resend') {
  197. return false;
  198. }
  199. $params = unserialize(base64_decode($_G['cookie']['connect_js_params']));
  200. $params['sig'] = connect_get_sig($params, connect_get_sig_key());
  201. $jsurl = $_G['connect']['discuz_new_feed_url'];
  202. $jsurl .= '?' . cloud_http_build_query($params, '', '&');
  203. dsetcookie('connect_js_name');
  204. dsetcookie('connect_js_params');
  205. return connect_output_javascript($jsurl);
  206. }
  207. function connect_feed_remove($tid) {
  208. global $_G;
  209. $feedlog = DB :: fetch_first("SELECT * FROM ".DB :: table('connect_feedlog')." WHERE tid='$tid'");
  210. if(!$feedlog) {
  211. return false;
  212. }
  213. if(!getstatus($feedlog['status'], 4)) {
  214. $feedlog['status'] = setstatus(4, 1, $feedlog['status']);
  215. DB :: query("UPDATE ".DB :: table('connect_feedlog')." SET status='{$feedlog['status']}' WHERE tid='$tid'");
  216. }
  217. $params = array (
  218. 'thread_id' => $tid,
  219. 'ts' => TIMESTAMP
  220. );
  221. $params['sig'] = connect_get_sig($params, connect_get_sig_key());
  222. return sprintf('%s&%s', $_G['connect']['discuz_remove_feed_url'], cloud_http_build_query($params, '', '&'));
  223. }
  224. function connect_params($params, & $connect_params) {
  225. global $_G;
  226. if(!$params) {
  227. return false;
  228. }
  229. $connect_params = array ();
  230. foreach ($params as $key => $value) {
  231. if(substr($key, 0, 4) == 'con_') {
  232. $connect_params[substr($key, 4)] = $value;
  233. }
  234. }
  235. }
  236. function connect_check_sig($params) {
  237. global $_G;
  238. if(!$params) {
  239. return false;
  240. }
  241. $valid_params = array();
  242. foreach($params as $key => $value) {
  243. if(substr($key, 0, 4) == 'con_') {
  244. $valid_params[$key] = $value;
  245. }
  246. }
  247. $sig = $valid_params['con_sig'];
  248. unset($valid_params['con_sig']);
  249. ksort($valid_params);
  250. $str = '';
  251. foreach($valid_params as $k => $v) {
  252. if($v) {
  253. $str .= $k.'='.$v.'&';
  254. }
  255. }
  256. return $sig === md5($str.$_G['setting']['connectappkey']);
  257. }
  258. function connect_get_sig_key() {
  259. global $_G;
  260. return $_G['setting']['connectappid'] . '|' . $_G['setting']['connectappkey'];
  261. }
  262. function connect_get_sig($params, $app_key) {
  263. ksort($params);
  264. $base_string = '';
  265. foreach($params as $key => $value) {
  266. $base_string .= $key.'='.$value;
  267. }
  268. $base_string .= $app_key;
  269. return md5($base_string);
  270. }
  271. function connect_get_request_token() {
  272. global $_G;
  273. $api_url = $_G['connect']['api_url'].'/oauth/requestToken';
  274. $extra = array();
  275. $extra['oauth_callback'] = urlencode($_G['connect']['callback_url'] . '&referer=' . urlencode($_G['gp_referer']));
  276. $sig_params = connect_get_oauth_signature_params($extra);
  277. $sig_params['oauth_signature'] = connect_get_oauth_signature($api_url, $sig_params, 'POST');
  278. $params = array (
  279. 'client_ip' => $_G['clientip']
  280. );
  281. $params['type'] = $_G['gp_type'];
  282. if(empty ($params['type'])) {
  283. $params['type'] = 'login';
  284. }
  285. if($_G['gp_statfrom']) {
  286. $params['statfrom'] = $_G['gp_statfrom'];
  287. }
  288. $params = array_merge($sig_params, $params);
  289. $response = connect_output_php($api_url.'?', cloud_http_build_query($params, '', '&'));
  290. return $response;
  291. }
  292. function connect_get_access_token($request_token, $verify_code) {
  293. global $_G;
  294. $api_url = $_G['connect']['api_url'].'/oauth/accessToken';
  295. $extra = array();
  296. $extra['oauth_token'] = $request_token;
  297. $extra['oauth_verifier'] = $verify_code;
  298. $sig_params = connect_get_oauth_signature_params($extra);
  299. $oauth_token_secret = $_G['cookie']['con_request_token_secret'];
  300. $sig_params['oauth_signature'] = connect_get_oauth_signature($api_url, $sig_params, 'POST', $oauth_token_secret);
  301. $params = array (
  302. 'client_ip' => $_G['clientip']
  303. );
  304. $params = array_merge($sig_params, $params);
  305. dsetcookie('con_request_token');
  306. dsetcookie('con_request_token_secret');
  307. $response = connect_output_php($api_url.'?', cloud_http_build_query($params, '', '&'));
  308. return $response;
  309. }
  310. function connect_get_oauth_signature($url, $params, $method = 'POST', $oauth_token_secret = '') {
  311. global $_G;
  312. $method = strtoupper($method);
  313. if(!in_array($method, array ('GET', 'POST'))) {
  314. return FALSE;
  315. }
  316. $url = urlencode($url);
  317. $param_str = urlencode(cloud_http_build_query($params, '', '&'));
  318. $base_string = $method.'&'.$url.'&'.$param_str;
  319. $key = $_G['setting']['connectappkey'].'&'.$oauth_token_secret;
  320. if(function_exists('hash_hmac')) {
  321. $signature = hash_hmac('sha1', $base_string, $key);
  322. } else {
  323. $signature = connect_custom_hmac('sha1', $base_string, $key);
  324. }
  325. return $signature;
  326. }
  327. function connect_get_oauth_signature_params($extra = array ()) {
  328. global $_G;
  329. $params = array (
  330. 'oauth_consumer_key' => $_G['setting']['connectappid'],
  331. 'oauth_nonce' => connect_get_nonce(),
  332. 'oauth_signature_method' => 'HMAC_SHA1',
  333. 'oauth_timestamp' => TIMESTAMP
  334. );
  335. if($extra) {
  336. $params = array_merge($params, $extra);
  337. }
  338. ksort($params);
  339. return $params;
  340. }
  341. function connect_custom_hmac($algo, $data, $key, $raw_output = false) {
  342. $algo = strtolower($algo);
  343. $pack = 'H'.strlen($algo ('test'));
  344. $size = 64;
  345. $opad = str_repeat(chr(0x5C), $size);
  346. $ipad = str_repeat(chr(0x36), $size);
  347. if(strlen($key) > $size) {
  348. $key = str_pad(pack($pack, $algo ($key)), $size, chr(0x00));
  349. } else {
  350. $key = str_pad($key, $size, chr(0x00));
  351. }
  352. for ($i = 0; $i < strlen($key) - 1; $i++) {
  353. $opad[$i] = $opad[$i] ^ $key[$i];
  354. $ipad[$i] = $ipad[$i] ^ $key[$i];
  355. }
  356. $output = $algo ($opad.pack($pack, $algo ($ipad.$data)));
  357. return ($raw_output) ? pack($pack, $output) : $output;
  358. }
  359. function connect_get_nonce() {
  360. $mt = microtime();
  361. $rand = mt_rand();
  362. return md5($mt.$rand);
  363. }
  364. function connect_js_ouput_message($msg = '', $errMsg = '', $errCode = '') {
  365. $result = array (
  366. 'result' => $msg,
  367. 'errMessage' => $errMsg,
  368. 'errCode' => $errCode
  369. );
  370. echo sprintf('con_handle_response(%s);', json_encode(connect_urlencode($result)));
  371. exit;
  372. }
  373. function connect_ajax_ouput_message($msg = '', $errCode = '') {
  374. @header("Content-type: text/html; charset=".CHARSET);
  375. echo "errCode=$errCode&result=$msg";
  376. exit;
  377. }
  378. function connect_urlencode($value) {
  379. if (is_array($value)) {
  380. foreach ($value as $k => $v) {
  381. $value[$k] = connect_urlencode($v);
  382. }
  383. } else if (is_string($value)) {
  384. $value = urlencode(str_replace(array("\r\n", "\r", "\n", "\"", "\/", "\t"), array('\\n', '\\n', '\\n', '\\"', '\\/', '\\t'), $value));
  385. }
  386. return $value;
  387. }
  388. function connect_merge_member() {
  389. global $_G;
  390. if (!$_G['member']['conisbind']) {
  391. return false;
  392. }
  393. $connect_member = DB::fetch_first("SELECT * FROM ".DB::table('common_member_connect')." WHERE uid='$_G[uid]'");
  394. if ($connect_member) {
  395. $_G['member'] = array_merge($_G['member'], $connect_member);
  396. $user_auth_fields = $connect_member['conisfeed'];
  397. if ($user_auth_fields == 0) {
  398. $_G['member']['is_user_info'] = 0;
  399. $_G['member']['is_feed'] = 0;
  400. } elseif ($user_auth_fields == 1) {
  401. $_G['member']['is_user_info'] = 1;
  402. $_G['member']['is_feed'] = 1;
  403. } elseif ($user_auth_fields == 2) {
  404. $_G['member']['is_user_info'] = 1;
  405. $_G['member']['is_feed'] = 0;
  406. } elseif ($user_auth_fields == 3) {
  407. $_G['member']['is_user_info'] = 0;
  408. $_G['member']['is_feed'] = 1;
  409. }
  410. unset($connect_member, $_G['member']['conisfeed']);
  411. }
  412. }
  413. function connect_auth_field($is_user_info, $is_feed) {
  414. if ($is_user_info && $is_feed) {
  415. return 1;
  416. } elseif (!$is_user_info && !$is_feed) {
  417. return 0;
  418. } elseif ($is_user_info && !$is_feed) {
  419. return 2;
  420. } elseif (!$is_user_info && $is_feed) {
  421. return 3;
  422. }
  423. }
  424. function connect_errlog($errno, $error) {
  425. return true;
  426. global $_G;
  427. writelog('errorlog', $_G['timestamp']."\t[QQConnect]".$errno." ".$error);
  428. }
  429. define('X_BOARDURL', $_G['setting']['discuzurl']);
  430. function connect_parse_bbcode($bbcode, $fId, $pId, $isHtml, &$attachImages) {
  431. include_once libfile('function/discuzcode');
  432. $result = preg_replace('/\[hide(=\d+)?\].+?\[\/hide\](\r\n|\n|\r)/i', '', $bbcode);
  433. $result = preg_replace('/\[payto(=\d+)?\].+?\[\/payto\](\r\n|\n|\r)/i', '', $result);
  434. $result = discuzcode($result, 0, 0, $isHtml, 1, 2, 1, 0, 0, 0, 0, 1, 0);
  435. $result = preg_replace('/<img src="images\//i', "<img src=\"".$_G['siteurl']."images/", $result);
  436. $result = connect_parse_attach($result, $fId, $pId, $attachImages, $attachImageThumb);
  437. return $result;
  438. }
  439. function connect_parse_attach($content, $fId, $pId, &$attachImages) {
  440. global $_G;
  441. $permissions = connect_get_user_group_permissions(array(7), $fId);
  442. $visitorPermission = $permissions[7];
  443. $attachIds = array();
  444. $attachImages = array ();
  445. $query = DB :: query("SELECT aid, filename, isimage, readperm, price FROM ".DB :: table(getattachtablebypid($pId))." WHERE pid='$pId'");
  446. while ($attach = DB :: fetch($query)) {
  447. $aid = $attach['aid'];
  448. if($attach['isimage'] == 0 || $attach['price'] > 0 || $attach['readperm'] > $visitorPermission['readPermission'] || in_array($fId, $visitorPermission['forbidViewAttachForumIds']) || in_array($attach['aid'], $attachIds)) {
  449. continue;
  450. }
  451. $imageItem = array ();
  452. $thumbWidth = '100';
  453. $thumbHeight = '100';
  454. $bigWidth = '400';
  455. $bigHeight = '400';
  456. $key = md5($aid.'|'.$thumbWidth.'|'.$thumbHeight);
  457. $thumbImageURL = $_G['siteurl'] . 'forum.php?mod=image&aid='.$aid.'&size='.$thumbWidth.'x'.$thumbHeight.'&key='.rawurlencode($key).'&type=fixwr&nocache=1';
  458. $key = md5($aid.'|'.$bigWidth.'|'.$bigHeight);
  459. $bigImageURL = $_G['siteurl'] . 'forum.php?mod=image&aid='.$aid.'&size='.$bigWidth.'x'.$bigHeight.'&key='.rawurlencode($key).'&type=fixnone&nocache=1';
  460. $imageItem['aid'] = $aid;
  461. $imageItem['thumb'] = $thumbImageURL;
  462. $imageItem['big'] = $bigImageURL;
  463. $attachIds[] = $aid;
  464. $attachImages[] = $imageItem;
  465. }
  466. $content = preg_replace('/\[attach\](\d+)\[\/attach\]/ie', 'connect_parse_attach_tag(\\1, $attachNames)', $content);
  467. return $content;
  468. }
  469. function connect_parse_attach_tag($attachId, $attachNames) {
  470. include_once libfile('function/discuzcode');
  471. if(array_key_exists($attachId, $attachNames)) {
  472. return '<span class="attach"><a href="'.$_G['siteurl'].'/attachment.php?aid='.aidencode($attachId).'">'.$attachNames[$attachId].'</a></span>';
  473. }
  474. return '';
  475. }
  476. function connect_get_user_group_permissions($userGroupIds, $fId) {
  477. global $_G;
  478. $fields = array (
  479. 'groupid' => 'userGroupId',
  480. 'grouptitle' => 'userGroupName',
  481. 'readaccess' => 'readPermission',
  482. 'allowvisit' => 'allowVisit'
  483. );
  484. $userGroups = array ();
  485. $query = DB :: query("SELECT f.*,ff.* FROM ".DB :: table('common_usergroup')." f
  486. LEFT JOIN ".DB :: table('common_usergroup_field')." ff USING(groupid)
  487. WHERE f.groupid IN (".dimplode($userGroupIds).")");
  488. while ($row = DB :: fetch($query)) {
  489. foreach ($row as $k => $v) {
  490. if(array_key_exists($k, $fields)) {
  491. $userGroups[$row['groupid']][$fields[$k]] = $v;
  492. }
  493. $userGroups[$row['groupid']]['forbidForumIds'] = array ();
  494. $userGroups[$row['groupid']]['allowForumIds'] = array ();
  495. $userGroups[$row['groupid']]['specifyAllowForumIds'] = array ();
  496. $userGroups[$row['groupid']]['allowViewAttachForumIds'] = array ();
  497. $userGroups[$row['groupid']]['forbidViewAttachForumIds'] = array ();
  498. }
  499. }
  500. $row = DB :: fetch_first("SELECT ff.* FROM ".DB :: table('forum_forum')." f
  501. INNER JOIN ".DB :: table('forum_forumfield')." ff USING(fid) WHERE f.fid='$fId' AND f.status='1'");
  502. $allowViewGroupIds = array ();
  503. if($row['viewperm']) {
  504. $allowViewGroupIds = explode("\t", $row['viewperm']);
  505. }
  506. $allowViewAttachGroupIds = array ();
  507. if($row['getattachperm']) {
  508. $allowViewAttachGroupIds = explode("\t", $row['getattachperm']);
  509. }
  510. foreach ($userGroups as $gid => $_v) {
  511. if($row['password']) {
  512. $userGroups[$gid]['forbidForumIds'][] = $row['fid'];
  513. continue;
  514. }
  515. $perm = unserialize($row['formulaperm']);
  516. if(is_array($perm)) {
  517. if($perm[0] || $perm[1] || $perm['users']) {
  518. $userGroups[$gid]['forbidForumIds'][] = $row['fid'];
  519. continue;
  520. }
  521. }
  522. if(!$allowViewGroupIds) {
  523. $userGroups[$gid]['allowForumIds'][] = $row['fid'];
  524. }
  525. elseif(!in_array($gid, $allowViewGroupIds)) {
  526. $userGroups[$gid]['forbidForumIds'][] = $row['fid'];
  527. }
  528. elseif(in_array($gid, $allowViewGroupIds)) {
  529. $userGroups[$gid]['allowForumIds'][] = $row['fid'];
  530. $userGroups[$gid]['specifyAllowForumIds'][] = $row['fid'];
  531. }
  532. if(!$allowViewAttachGroupIds) {
  533. $userGroups[$gid]['allowViewAttachForumIds'][] = $row['fid'];
  534. }
  535. elseif(!in_array($gid, $allowViewAttachGroupIds)) {
  536. $userGroups[$gid]['forbidViewAttachForumIds'][] = $row['fid'];
  537. }
  538. elseif(in_array($gid, $allowViewGroupIds)) {
  539. $userGroups[$gid]['allowViewAttachForumIds'][] = $row['fid'];
  540. }
  541. }
  542. return $userGroups;
  543. }
  544. function connect_share_error($message, $type = 'alert') {
  545. echo "connect_share_loaded = 1;";
  546. echo "\n";
  547. echo "connect_show_dialog('', '$message', '$type');";
  548. exit;
  549. }
  550. ?>