你需要修改attachment.php文件 在根目录下
在$attachexists = $ispaid = FALSE;下面添加
if (!empty($checktwo)) {
在最末尾的?>前添加
} else {
echo "<script>alert('写上你要提示的内容')</script>";
echo "";
}
我在本机架设Discuz! 5.0.1调试通过了
完整代码如下:
/*
[Discuz!] (C)2001-2006 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$RCSfile: attachment.php,v $
$Revision: 1.13 $
$Date: 2006/08/11 06:51:07 $
*/
require_once './include/common.inc.php';
$discuz_action = 14;
if($attachrefcheck && $_SERVER['HTTP_REFERER'] && preg_replace("/https?:\/\/([^\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) != $_SERVER['HTTP_HOST']) {
//header("Location: {$boardurl}images/common/invalidreferer.gif");
showmessage('attachment_referer_invalid', NULL, 'HALTED');
}
/*
$query = $db->query("SELECT a.*, t.fid, p.authorid FROM {$tablepre}attachments a, {$tablepre}threads t, {$tablepre}posts p
WHERE a.aid='$aid' AND t.tid=a.tid AND p.pid=a.pid AND t.displayorder>='0' AND p.invisible='0'");
$attach = $db->fetch_array($query);
*/
periodscheck('attachbanperiods');
$attachexists = $ispaid = FALSE;
if (!empty($checktwo)) {
if(!empty($aid)) {
$query = $db->query("SELECT * FROM {$tablepre}attachments WHERE aid='$aid'");
if($attach = $db->fetch_array($query)) {
$query = $db->query("SELECT tid, fid, price, special FROM {$tablepre}threads WHERE tid='$attach[tid]' AND displayorder>='0'");
$thread = $db->fetch_array($query);
if($thread['fid']) {
$query = $db->query("SELECT authorid FROM {$tablepre}posts WHERE pid='$attach[pid]' AND invisible='0'");
if($db->num_rows($query)) {
$attach['authorid'] = $db->result($query, 0);
$attachexists = TRUE;
}
}
}
}
if($allowgetattach && ($attach['readperm'] && $attach['readperm'] > $readaccess) && $adminid showmessage('attachment_forum_nopermission', NULL, 'NOPERM');
}
if(!$thread['special'] && $thread['price'] > 0 && (!$discuz_uid || ($discuz_uid && $discuz_uid != $attach['authorid'] && $adminid $query = $db->query("SELECT uid FROM {$tablepre}paymentlog WHERE uid='$discuz_uid' AND tid='$attach[tid]'");
if($db->result($query, 0)) {
$ispaid = TRUE;
} else {
showmessage('attachment_payto', 'viewthread.php?tid='.$attach['tid']);
}
}
$filename = $attachdir.'/'.$attach['attachment'];
if(is_readable($filename) && $attachexists) {
$query = $db->query("SELECT f.viewperm, f.getattachperm, f.getattachcredits, a.allowgetattach FROM {$tablepre}forumfields f
LEFT JOIN {$tablepre}access a ON a.uid='$discuz_uid' AND a.fid=f.fid
WHERE f.fid='$thread[fid]'");
$forum = $db->fetch_array($query);
if(!$ispaid) {
if(!$forum['allowgetattach']) {
if(!$forum['getattachperm'] && !$allowgetattach) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif(($forum['getattachperm'] && !forumperm($forum['getattachperm'])) || ($forum['viewperm'] && !forumperm($forum['viewperm']))) {
showmessage('attachment_forum_nopermission', NULL, 'NOPERM');
}
}
}
if(!($isimage = preg_match("/^image\/.+/", $attach['filetype']))) {
checklowerlimit($creditspolicy['getattach'], -1);
}
if(empty($noupdate)) {
if($delayviewcount == 2 || $delayviewcount == 3) {
$logfile = './forumdata/cache/cache_attachviews.log';
if(substr($timestamp, -1) == '0') {
require_once DISCUZ_ROOT.'./include/misc.func.php';
updateviews('attachments', 'aid', 'downloads', $logfile);
}
if(@$fp = fopen(DISCUZ_ROOT.$logfile, 'a')) {
fwrite($fp, "$aid\n");
fclose($fp);
} elseif($adminid == 1) {
showmessage('view_log_invalid');
}
} else {
$db->query("UPDATE {$tablepre}attachments SET downloads=downloads+'1' WHERE aid='$aid'", 'UNBUFFERED');
}
}
if(!$isimage) {
$forum['getattachcredits'] = $forum['getattachcredits'] ? unserialize($forum['getattachcredits']) : array();
$getattachcredits = $forum['getattachcredits'] ? $forum['getattachcredits'] : $creditspolicy['getattach'];
updatecredits($discuz_uid, $getattachcredits, -1);
}
$filesize = filesize($filename);
ob_end_clean();
header('Cache-control: max-age=31536000');
header('Expires: '.gmdate('D, d M Y H:i:s', $timestamp + 31536000).' GMT');
header('Content-Encoding: none');
$attach['filename'] = (strtolower($charset) == 'utf-8' && strexists($_SERVER['HTTP_USER_AGENT'], 'MSIE')) ? urlencode($attach['filename']) : $attach['filename'];
if($isimage && !empty($noupdate)) {
header('Content-Disposition: inline; filename='.$attach['filename']);
} else {
header('Content-Disposition: attachment; filename='.$attach['filename']);
}
header('Content-Type: '.$attach['filetype']);
@$fp = fopen($filename, 'rb');
@flock($fp, 2);
$attachment = @fread($fp, $filesize);
@fclose($fp);
echo $attachment;
} else {
showmessage('attachment_nonexistence');
}
} else {
echo "<script>alert('$PHP_SELF')</script>";
echo "";
}
?>
热AI工具
Undresser.AI Undress
人工智能驱动的应用程序,用于创建逼真的裸体照片
AI Clothes Remover
用于从照片中去除衣服的在线人工智能工具。
Undress AI Tool
免费脱衣服图片
Clothoff.io
AI脱衣机
Video Face Swap
使用我们完全免费的人工智能换脸工具轻松在任何视频中换脸!
热门文章
热工具
SecLists
SecLists是最终安全测试人员的伙伴。它是一个包含各种类型列表的集合,这些列表在安全评估过程中经常使用,都在一个地方。SecLists通过方便地提供安全测试人员可能需要的所有列表,帮助提高安全测试的效率和生产力。列表类型包括用户名、密码、URL、模糊测试有效载荷、敏感数据模式、Web shell等等。测试人员只需将此存储库拉到新的测试机上,他就可以访问到所需的每种类型的列表。
记事本++7.3.1
好用且免费的代码编辑器
DVWA
Damn Vulnerable Web App (DVWA) 是一个PHP/MySQL的Web应用程序,非常容易受到攻击。它的主要目标是成为安全专业人员在合法环境中测试自己的技能和工具的辅助工具,帮助Web开发人员更好地理解保护Web应用程序的过程,并帮助教师/学生在课堂环境中教授/学习Web应用程序安全。DVWA的目标是通过简单直接的界面练习一些最常见的Web漏洞,难度各不相同。请注意,该软件中
Dreamweaver CS6
视觉化网页开发工具
MinGW - 适用于 Windows 的极简 GNU
这个项目正在迁移到osdn.net/projects/mingw的过程中,你可以继续在那里关注我们。MinGW:GNU编译器集合(GCC)的本地Windows移植版本,可自由分发的导入库和用于构建本地Windows应用程序的头文件;包括对MSVC运行时的扩展,以支持C99功能。MinGW的所有软件都可以在64位Windows平台上运行。
