X1.5保存草稿 也加分导致会员利用此漏洞刷分....
因为草稿贴在论坛不可见更可怕的是自己回复草稿贴也会加分......
版主和管理员只能眼睁睁看着他们刷....
在这里将本人的临时解决方案分享下.......解决方案是,加分前判断帖子的状态,如果是草 稿贴,
clarks mary jane,
timberland outlet sale785790,就不加分
需要修改两个文件,
supra vaier shoes,蓝色代码为原来的,红色为增加的
1. \source\include\post\post_newthread.php (防止发帖时存草稿加分)
找到
if($digest) {
updatepostcredits('+', $_G['uid'], 'digest',
womens birkenstock clogs, $_G['fid']);
}
updatepostcredits('+',
puma outlet, $_G['uid'], 'post',
women Canada Goose down Gloves, $_G['fid']);
替换为
//存草稿不更新积分
if ($displayorder != -4)
{
if($digest) {
updatepostcredits('+', $_G['uid'],
Discuz! X1.5我的分享工具 怎么乱了, 'digest',
discount ralph lauren uk, $_G['fid']);
}
updatepostcredits('+',
birkenstock sandals455241, $_G['uid'], 'post', $_G['fid']);
}复制代码2. \source\include\post\post_newreply.php (防止回复草稿贴加分)
找到(有两处,
discount boat shoes,需要全部修改)
updatepostcredits('+', $_G['uid'],
kids ralph lauren sale, 'reply', $_G['fid']);
替换为
if ($thread['displayorder'] ,
men Vest!= -4)
{
updatepostcredits('+', $_G['uid'],
juicy bag, 'reply', $_G['fid']);
}
复制代码