--- lbbs/src/article_post.c	2025/11/05 01:04:05	1.39
+++ lbbs/src/article_post.c	2025/11/07 06:41:43	1.41
@@ -9,6 +9,7 @@
 #include "article_cache.h"
 #include "article_post.h"
 #include "bbs.h"
+#include "bwf.h"
 #include "database.h"
 #include "editor.h"
 #include "io.h"
@@ -21,11 +22,12 @@
 #include <stdlib.h>
 #include <time.h>
 
-#define TITLE_INPUT_MAX_LEN 72
-#define ARTICLE_CONTENT_MAX_LEN 1024 * 1024 * 4 // 4MB
-#define ARTICLE_QUOTE_MAX_LINES 20
-
-#define MODIFY_DT_MAX_LEN 50
+enum _article_post_constant_t
+{
+	TITLE_INPUT_MAX_LEN = 72,
+	ARTICLE_QUOTE_MAX_LINES = 20,
+	MODIFY_DT_MAX_LEN = 50,
+};
 
 int article_post(const SECTION_LIST *p_section, ARTICLE *p_article_new)
 {
@@ -102,7 +104,7 @@ int article_post(const SECTION_LIST *p_s
 			ch = 0;
 		}
 
-		for (; !SYS_server_exit; ch = igetch_t(BBS_max_user_idle_time))
+		while (!SYS_server_exit)
 		{
 			switch (toupper(ch))
 			{
@@ -121,6 +123,15 @@ int article_post(const SECTION_LIST *p_s
 				len = q - p;
 				if (*p != '\0')
 				{
+					if ((ret = check_badwords(p, '*')) < 0)
+					{
+						log_error("check_badwords(title) error\n");
+					}
+					else if (ret > 0)
+					{
+						memcpy(title_input, p, (size_t)len + 1);
+						continue;
+					}
 					memcpy(p_article_new->title, p, (size_t)len + 1);
 					memcpy(title_input, p_article_new->title, (size_t)len + 1);
 				}
@@ -145,6 +156,7 @@ int article_post(const SECTION_LIST *p_s
 				sign_id = ch - '0';
 				break;
 			default: // Invalid selection
+				ch = igetch_t(BBS_max_user_idle_time);
 				continue;
 			}
 
@@ -220,6 +232,13 @@ int article_post(const SECTION_LIST *p_s
 		goto cleanup;
 	}
 
+	if (check_badwords(content, '*') < 0)
+	{
+		log_error("check_badwords(content) error\n");
+		ret = -1;
+		goto cleanup;
+	}
+
 	db = db_open();
 	if (db == NULL)
 	{
@@ -566,6 +585,13 @@ int article_modify(const SECTION_LIST *p
 		goto cleanup;
 	}
 
+	if (check_badwords(content, '*') < 0)
+	{
+		log_error("check_badwords(content) error\n");
+		ret = -1;
+		goto cleanup;
+	}
+
 	time(&now);
 	localtime_r(&now, &tm_modify_dt);
 	strftime(str_modify_dt, sizeof(str_modify_dt), "%Y-%m-%d %H:%M:%S (UTC %z)", &tm_modify_dt);
@@ -914,7 +940,7 @@ int article_reply(const SECTION_LIST *p_
 			ch = 0;
 		}
 
-		for (; !SYS_server_exit; ch = igetch_t(BBS_max_user_idle_time))
+		while (!SYS_server_exit)
 		{
 			switch (toupper(ch))
 			{
@@ -933,6 +959,15 @@ int article_reply(const SECTION_LIST *p_
 				len = q - p;
 				if (*p != '\0')
 				{
+					if ((ret = check_badwords(p, '*')) < 0)
+					{
+						log_error("check_badwords(title) error\n");
+					}
+					else if (ret > 0)
+					{
+						memcpy(title_input, p, (size_t)len + 1);
+						continue;
+					}
 					memcpy(p_article_new->title, p, (size_t)len + 1);
 					memcpy(title_input, p_article_new->title, (size_t)len + 1);
 				}
@@ -954,6 +989,7 @@ int article_reply(const SECTION_LIST *p_
 				sign_id = ch - '0';
 				break;
 			default: // Invalid selection
+				ch = igetch_t(BBS_max_user_idle_time);
 				continue;
 			}
 
@@ -1028,6 +1064,13 @@ int article_reply(const SECTION_LIST *p_
 		ret = -1;
 		goto cleanup;
 	}
+
+	if (check_badwords(content, '*') < 0)
+	{
+		log_error("check_badwords(content) error\n");
+		ret = -1;
+		goto cleanup;
+	}
 
 	db = db_open();
 	if (db == NULL)