function() {
// 用户名不可包含<">
var par = { nick: form("user") };
if(!par.nick) return { err: "缺少用户名" };
if(/[<">]/.test(par.nick)) return { err: "非法的用户名/昵称" };
if(db().scalar("select userid from users where nick=@nick", par)) return { err: "此用户名已经被注册了" };
par.pass = md5(form("pass") || "a", 16);
par.lasttime = sys.sTime.getVarDate();
par.lastip = env("REMOTE_ADDR");
db().insert("users", par);
var uid = db().scalar("select @@identity");
// 如果新用户ID为 1,则自动更新权限为坛主
if(uid < 2) db().update("users", { roleid: 7 }, { userid: 1 });
// 自动登录
var user = db().fetch("select * from users where userid=@userid", { userid: uid });
sys.onlineMe.nick = user.nick;
sys.onlineMe.roleid = user.roleid;
me().bind.call(0, user);
dbg().trace("用户『" + user.nick + "』注册成功");
wxBotMsg("用户『" + user.nick + "』注册成功");
return { msg: "注册成功" };
}function() {
var par = { user: form("user") || "", pass: md5(form("pass") || "a", 16) };
if(!par.user) return { err: "未提供用户名" };
var user = db().fetch("select * from users where nick=@user and pass=@pass", par);
dbg().trace(par.user + " 登录" + (!user ? "失败[登录IP: " + env("REMOTE_ADDR") + "]" : "成功"));
if(!user) return { err: "登录失败" };
user.lastip = env("REMOTE_ADDR");
user.lasttime = sys.sTime.getVarDate();
user.jifen++;
db().query("update users set lastip=@lastip, lasttime=@lasttime, jifen=jifen+1 where userid=@userid", { lastip: user.lastip, lasttime: user.lasttime, userid: user.userid });
me().bind.call(0, user);
sys.onlineMe.nick = user.nick;
sys.onlineMe.roleid = user.roleid;
wxBotMsg(par.user + " 登录成功");
return { msg: "登录成功" };
}function() {
if(form("user")) {
var rs = this.login();
if(rs.err) return rs;
}
if(!me().isLogin) return { err: "您未登录,或登录已过期,发帖失败。" };
if(!form().title) return { err: "请填写主题" };
if(!form().message) return { err: "请填写帖子内容" };
var forumid = ~~form().forumid;
if(!forumid) return { err: "缺少版块ID" };
form().title = html(form().title);
form().message = html(form().message);
if(form().message.length > 4000) return { err: "内容太长,请尝试减少内容。" };
// 插入主题表
db().insert("topic", { title: form().title, forumid: forumid, userid: me().userid });
var topicid = db().scalar("select @@identity");
// 插入评论表
db().insert("reply", { topicid: topicid, userid: me().userid, ip: env("REMOTE_ADDR"), message: form().message });
var replyid = db().scalar("select @@identity");
// 更新发帖量
db().query("update forums set topicnum=topicnum+1, replyid=@replyid where forumid=@forumid", { replyid: replyid, forumid: forumid });
db().query("update users set fatie=fatie+1, jifen=jifen+5 where userid=@userid", { userid: me().userid });
me().fatie++; me().jifen += 5;
dbg().trace(me().nick + "发表了帖子《" + form().title + "》");
wxBotMsg(me().nick + "发表了帖子《" + form().title + "》");
return { msg: "发帖成功", topicid: topicid };
}function() {
if(form("user")) {
var rs = this.login();
if(rs.err) return rs;
}
if(!me().isLogin) return { err: "您未登录,或登录已过期,发帖失败。" };
var par = { topicid: ~~form("topicid"), message: html(form("message")), ip: env("REMOTE_ADDR"), userid: me().userid };
if(!par.message.replace(/\s/g, "")) return { err: "请填写帖子内容" };
if(par.message.length > 4000) return { err: "内容太长,请尝试减少内容。" };
var topic = db().table("topic a").join("forums b on b.forumid=a.forumid").
where("a.topicid=@topicid").select("a.forumid, a.title").fetch({ topicid: par.topicid });
if(!topic) return { err: "回复的帖子不存在" };
db().insert("reply", par);
var replyid = db().scalar("select @@identity");
db().query("update forums set replynum=replynum+1, replyid=@replyid where forumid=@forumid", { replyid: replyid, forumid: topic.forumid });
db().query("update topic set replynum=replynum+1, replytime=getdate(), replyid=@userid where topicid=@topicid", { userid: me().userid, topicid: par.topicid });
db().query("update users set jifen=jifen+2 where userid=@userid", { userid: me().userid });
dbg().trace(me().nick + "评论了帖子《" + topic.title + "》");
wxBotMsg(me().nick + "评论了帖子《" + topic.title + "》");
me().jifen += 2; return { msg: "评论成功" };
}function() {
if(!me().isLogin) return { err: "您尚未登录" };
var par = { replyid: ~~form("replyid") };
var reply = db().table("reply a").join("reply b on b.topicid=a.topicid").groupby("a.replyid").
where("a.replyid=@replyid").select("a.replyid, min(b.replyid) as minid").astable("a").
join("reply b on b.replyid=a.replyid").join("topic c on c.topicid=b.topicid").
select("a.*, b.userid, b.topicid, c.forumid").fetch(par);
if(!reply) return { err: "此评论不存在" };
if(reply.userid != me().userid && !isBanZhu(reply.forumid)) return { err: "您没删除此评论的权限" };
if(reply.replyid == reply.minid) return this.topicdrop(reply.topicid);
db().query("delete from reply where replyid=@replyid", par);
db().query("update topic set replynum=replynum-1 where topicid=@topicid", { topicid: reply.topicid });
db().query("update forums set replynum=replynum-1 where forumid=@forumid", { forumid: reply.forumid });
return { msg: "评论删除成功" };
}function(topicid) {
if(!me().isLogin) return { err: "您尚未登录" };
var par = { topicid: topicid || ~~form().topicid };
var topic = db().fetch("select userid, forumid, replynum from topic where topicid=@topicid", par);
if(!topic) return { err: "删除的话题不存在" };
if(me().userid != topic.userid && !isBanZhu(topic.forumid)) return { err: "您没有权限删除这个帖子。" };
db().query("delete from reply where topicid=@topicid", par);
db().query("delete from topic where topicid=@topicid", par);
db().query("update forums set replynum=replynum-@replynum, topicnum=topicnum-1 where forumid=@forumid", {
replynum: topic.replynum, forumid: topic.forumid
});
return { msg: "主题删除成功" };
}function() {
if(!me().isLogin) return { err: "您尚未登录或登录已超时" };
var par = { replyid: ~~form("replyid") };
var reply = db().table("reply a").join("topic b on b.topicid=a.topicid").
where("a.replyid=@replyid").select("a.message, a.userid, b.forumid").fetch(par);
if(!reply) return { err: "您要编辑的评论不存在" };
if(reply.userid != me().userid && !isBanZhu(reply.forumid)) return { err: "您没有此评论的编辑权限。" };
return reply;
}function() {
if(!me().isLogin) return { err: "您尚未登录或登录已超时" };
var message = form("message") || "";
if(!message.replace(/\s/g, "")) return { err: "请填写评论内容" };
var par = { replyid: ~~form("replyid") };
var reply = db().table("reply a").join("topic b on b.topicid=a.topicid").
where("a.replyid=@replyid").select("a.message, a.userid, b.forumid").fetch(par);
if(!reply) return { err: "您要编辑的评论不存在" };
if(reply.userid != me().userid && !isBanZhu(reply.forumid)) return { err: "您没有此评论的编辑权限。" };
db().update("reply", { message: html(message) }, par);
return { msg: "编辑成功" };
}function() {
if(!me().isLogin) return { err: "请登录后操作" };
if(me().roleid < 3) return { err: "没有权限执行此操作" };
var par = { topicid: ~~form("topicid") };
var topic = db().fetch("select forumid from topic where topicid=@topicid", par);
if(!topic) return { err: "操作的帖子不存在" };
if(!isBanZhu(topic.forumid)) return { err: "没有权限执行此操作" };
db().update("topic", { ding: ~~form("state") }, par);
return { msg: "操作完成" };
}function() {
if(!me().isLogin) return { err: "请登录后操作" };
if(me().roleid < 3) return { err: "没有权限执行此操作" };
var par = { topicid: ~~form("topicid") };
var topic = db().fetch("select forumid from topic where topicid=@topicid", par);
if(!topic) return { err: "操作的帖子不存在" };
if(!isBanZhu(topic.forumid)) return { err: "没有权限执行此操作" };
db().update("topic", { jing: ~~form("state") }, par);
return { msg: "操作完成" };
}function() {
if(!me().isLogin) return { err: "需要登录" };
if(me().jifen < 50 && me().roleid < 2) return { err: "您的积分不到50,暂不允许上传文件" };
var up = lib("/AspLib/lib/FyUpload.sct");
up.Filter = "jpg|jpg|png|gif|zip|rar|txt|mp3|m4a";
up.MaxSize = 1024 * 1024; // 允许 1M
up.Charset = "UTF-8"; up.ReadForm(2e5);
var file = up.Form("file");
if(!file || !file.SourceName) return { err: "未上传文件" };
var time = tojson(sys.sTime.getVarDate()).replace(/\D/g, "");
var path = "Upload/JsAspBBS/" + time.substr(2, 4) + "/" + time.substr(6, 2);
up.EnsurePath(path); // 确保目录存在
file.SaveName = time.slice(8) + Math.random().toFixed(3).slice(1);
up.SaveFile(path); up.Dispose();
if(file.Message) return { err: file.Message };
return { path: path + "/" + file.FileName };
}