--- fenglin/bbs/post_service.php	2025/04/04 03:35:16	1.1
+++ fenglin/bbs/post_service.php	2025/04/07 06:30:21	1.5
@@ -6,8 +6,7 @@
 	require_once "../lib/lml.inc.php";
 	require_once "./check_sub.inc.php";
 	require_once "../lib/str_process.inc.php";
-?>
-<? 
+
 	force_login();
 
 	$id = (isset($_POST["id"]) ? intval($_POST["id"]) : 0);
@@ -42,6 +41,39 @@
 		));
 	}
 
+	$r_title = split_line($title, "", 80, 1);
+	if ($title != $r_title)
+	{
+		$result_set["return"]["code"] = -1;
+		array_push($result_set["return"]["errorFields"], array(
+			"id" => "title",
+			"errMsg" => "超过长度限制",
+			"updateValue" => $r_title,
+		));
+	}
+
+	$r_title = check_badwords($title, "****");
+	if ($title != $r_title)
+	{
+		$result_set["return"]["code"] = -1;
+		array_push($result_set["return"]["errorFields"], array(
+			"id" => "title",
+			"errMsg" => "已过滤",
+			"updateValue" => $r_title,
+		));
+	}
+
+	$r_content = check_badwords($content, "****");
+	if ($content != $r_content)
+	{
+		$result_set["return"]["code"] = -1;
+		array_push($result_set["return"]["errorFields"], array(
+			"id" => "content",
+			"errMsg" => "已过滤",
+			"updateValue" => $r_content,
+		));
+	}
+
 	if ($emoji <= 0 || $emoji > $BBS_emoji_count)
 	{
 		$result_set["return"]["code"] = -1;
@@ -66,8 +98,8 @@
 		exit(json_encode($result_set));
 	}
 
-	// Append sign
-	if ($sign_id > 0)
+	// Append sign for new post
+	if ($id == 0 && $sign_id > 0)
 	{
 		$sql = "SELECT sign_" . $sign_id . " AS sign FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];
 		$rs = mysqli_query($db_conn, $sql);
@@ -93,9 +125,7 @@
 		$content .= ("\n--\n※作者已于 " . date("Y-m-d H:i:s") . " 修改本文※\n");
 	}
 
-	// Filter badwords and truncate
-	$title = check_badwords(split_line($title, "", 80, 1));
-	$content = check_badwords($content);
+	// Calculate length of content
 	$length = str_length(LML($content, false, false, 1024));
 
 	// Initial variables
@@ -363,11 +393,10 @@
 		} 
 	}
 
-	//Process upload attachment
+	// Get upload quota and used space
 	$atta_id_list = "-1";
 	$attachment_count = (isset($_FILES['attachment']['error']) ? count($_FILES['attachment']['error']) : 0);
-
-	if ($attachment_count >= $BBS_upload_count_limit)
+	if ($attachment_count > $BBS_upload_count_limit)
 	{
 		$result_set["return"]["code"] = -1;
 		array_push($result_set["return"]["errorFields"], array(
@@ -624,9 +653,8 @@
 			while ($row = mysqli_fetch_array($rs))
 			{
 				//Send notification message
-
 				$msg_content = "[hide]SYS_Reply_Article[/hide]有人回复了您所发表/回复的主题文章，快来".
-					"[article " . $tid . "#" . $aid . "]看看[/article]《" . $r_title . "》吧！\n";
+					"[article $aid]看看[/article]《" . $r_title . "》吧！\n";
 
 				$sql = "INSERT INTO bbs_msg(fromUID, toUID, content, send_dt, send_ip)
 						VALUES($BBS_sys_uid, " . $row["UID"] . ", '" . 
@@ -646,7 +674,7 @@
 
 			mysqli_free_result($rs);
 		}
-		else
+		else // Post new article
 		{
 			$tid = $aid;
 		}
@@ -683,6 +711,7 @@
 		}
 	}
 
+	// Link content to article
 	$sql = "UPDATE bbs_content SET AID = $aid WHERE CID = $cid";
 
 	$rs = mysqli_query($db_conn, $sql);
@@ -695,6 +724,7 @@
 		exit(json_encode($result_set));
 	}
 
+	// Link attachments to article
 	$sql = "UPDATE upload_file SET ref_AID = $aid WHERE AID IN ($atta_id_list)";
 
 	$rs = mysqli_query($db_conn, $sql);
@@ -707,7 +737,7 @@
 		exit(json_encode($result_set));
 	}
 
-	//Add log
+	// Add log
 	$rs = article_op_log($aid, $_SESSION["BBS_uid"], ($id == 0 ? "A" : "M"), client_addr(), $db_conn);
 	if ($rs == false)
 	{
@@ -730,7 +760,6 @@
 	}
 
 	// Set return path
-	$result_set["return"]["tid"] = $tid;
 	$result_set["return"]["aid"] = $aid;
 
 	$_SESSION["BBS_last_sub_tm"] = time();