public function actionRegister()
{
global $_G;
if ($_G['uid']) {
dheader('location: index.php?r=site/index');
}
//极验验证码配置
define("GEETEST", "../extensions/gt-php-sdk-master/");
$modelName = Dii::useModel();
define('CURSCRIPT', $modelName);
require __DIR__ . '/../models/' . $modelName . '.php';
$model = new $modelName();
$template = Dii::template();
$submit = Dii::submit();
if (submitcheck($submit, 1)) {
$result = $model->register();
if ($result === true) {
//注册成功
dheader('location: ' . dreferer());
return true;
}
}
include Dii::view('common:header');
include Dii::view($template);
include Dii::view('common:footer');
return true;
}
function xweather_cp(){
parent::dxcore();
$this->dxanchor = in_array(($dxanchor = getgpc('dxanchor')), $this->anchors) ? $dxanchor : 'basic';
if(!submitcheck('dxsubmit')){
$this->showbody();
}else{
$this->save();
}
$this->footer();
}
function common()
{
global $_G;
if (submitcheck('hash', true) && $_G['uid']) {
$r = updatecreditbyaction('mobilesign', $_G['uid']);
if ($r['updatecredit']) {
$_G['messageparam'][0] = 'mobilesign_success';
} else {
$_G['messageparam'][0] = 'mobilesign_failed';
}
} else {
$_G['messageparam'][0] = 'mobilesign_formhash_failed';
}
mobile_core::result(mobile_core::variable(array()));
}
public function common()
{
global $_G;
if (self::$securityStatus != TRUE) {
return false;
}
if ($_G['uid']) {
$lastCookieReportTime = $this->_decodeReportTime($_G['cookie']['security_cookiereport']);
if ($lastCookieReportTime < strtotime('today')) {
$this->_reportLoginUser(array('uid' => $_G['uid']));
}
}
if ($_G['adminid'] > 0) {
self::$isAdminGroup = 1;
}
if ($_G['setting']['connect']['allow'] && $_G['setting']['security_qqlogin_alone']) {
$_G['setting']['regstatus'] = 0;
$_G['setting']['regconnect'] = 1;
}
if ($_G['setting']['connect']['allow'] && $_G['setting']['security_safelogin'] && (!$_G['uid'] && $_G['connectguest'] || $_G['uid'] && !$_G['member']['conisbind']) && CURMODULE == 'post') {
$msg = '<p>' . lang('plugin/security', 'safelogintips') . '</p><p class="mtm"><a href="connect.php?mod=config" target="_blank"><img src="' . IMGDIR . '/qq_bind_small.gif" class="qq_bind" align="absmiddle" /></a></p>';
if ($_G['inajax']) {
if (!$_GET['ajaxtarget']) {
$_GET['handlekey'] = 'safelogin';
}
if (!$_G['uid'] && $_G['connectguest']) {
showmessage('qqconnect:connectguest_message_complete_or_bind');
} else {
showmessage($msg, 'connect.php?mod=config', array(), array('alert' => 'info', 'showdialog' => true, 'striptags' => false, 'locationtime' => 0));
}
} else {
if (!$_G['uid'] && $_G['connectguest']) {
dheader('location: ' . $_G['siteurl'] . 'member.php?mod=connect&ac=bind');
} else {
showmessage($msg, '', array(), array('alert' => 'info', 'showdialog' => true, 'msgtype' => 2, 'striptags' => false));
}
}
}
if ($_G['setting']['connect']['allow'] && $_G['setting']['security_qqlogin_alone'] && CURMODULE == 'logging' && $_GET['action'] == 'login' && submitcheck('loginsubmit', 1)) {
showmessage('security:qqloginaloneopened');
}
return true;
}
function common()
{
global $_G, $seccodecheck, $secqaacheck, $connect_guest;
if ($_G['uid'] && $_G['member']['conisbind']) {
dheader('location: ' . $_G['siteurl'] . 'index.php');
}
$connect_guest = array();
if ($_G['connectguest'] && (submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck) || submitcheck('loginsubmit', 1, $seccodestatus))) {
if (!$_GET['auth_hash']) {
$_GET['auth_hash'] = $_G['cookie']['con_auth_hash'];
}
$conopenid = authcode($_GET['auth_hash']);
$connect_guest = C::t('#qqconnect#common_connect_guest')->fetch($conopenid);
if (!$connect_guest) {
dsetcookie('con_auth_hash');
showmessage('qqconnect:connect_login_first');
}
}
}
function seo_set()
{
global $head_url;
if (!submitcheck('submit')) {
$info = pick_common_get();
$info['open_seo_mod'] = dunserialize($info['open_seo_mod']);
$info['open_seo_mod_show'][0] = in_array(1, $info['open_seo_mod']) ? 1 : 0;
//门户
$info['open_seo_mod_show'][1] = in_array(2, $info['open_seo_mod']) ? 1 : 0;
//论坛
$info['open_seo_mod_show'][2] = in_array(3, $info['open_seo_mod']) ? 1 : 0;
//博客
$info = dhtmlspecialchars($info);
return $info;
} else {
$set = $_GET['set'];
$set['open_seo_mod'] = serialize($set['open_seo_mod']);
pick_common_set($set);
cpmsg(milu_lang('op_success'), PICK_GO . "seo", 'succeed');
}
}
function virtualdata_set()
{
global $head_url, $header_config;
if (!submitcheck('submit')) {
require_once libfile('function/forumlist');
$info = pick_common_get();
$info['vir_cache_time'] = $info['vir_cache_time'] ? $info['vir_cache_time'] : 10;
$info['vir_data_forum'] = unserialize($info['vir_data_forum']);
$info['vir_data_usergroup'] = unserialize($info['vir_data_usergroup']);
$info['forumselect'] = '<select name="set[vir_data_forum][]" size="10" multiple="multiple"><option value="">' . cplang('plugins_empty') . '</option>' . forumselect(FALSE, 0, $info['vir_data_forum'], TRUE) . '</select>';
return $info;
} else {
$set = $_GET['set'];
if (!$set['vir_data_forum'][0] && count($set['vir_data_forum']) == 1) {
$set['vir_data_forum'] = '';
}
pick_common_set($set);
save_syscache('milu_pick_vir_postdata', '');
save_syscache('milu_pick_vir_data', '');
save_syscache('milu_pick_vir_online', '');
cpmsg(milu_lang('op_success'), PICK_GO . "virtual_data", 'succeed');
}
}
function on_login()
{
global $_G;
empty($mrefreshtime) && ($mrefreshtime = 2000);
if ($_G['uid']) {
$ucsynlogin = uc_user_synlogin($_G['uid']);
$param = array('username' => $_G['member']['username'], 'ucsynlogin' => $ucsynlogin, 'uid' => $_G['member']['uid']);
showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => 1));
}
if (!($_G['member_loginperm'] = logincheck())) {
showmessage('login_strike');
}
if (!submitcheck('loginsubmit', 1)) {
$_G['referer'] = dreferer();
$cookietimecheck = !empty($_G['cookie']['cookietime']) ? 'checked="checked"' : '';
$username = !empty($_G['cookie']['loginuser']) ? htmlspecialchars($_G['cookie']['loginuser']) : '';
include template('member/login');
} else {
$_G['uid'] = $_G['member']['uid'] = 0;
$_G['username'] = $_G['member']['username'] = $_G['member']['password'] = '';
$result = userlogin($_G['gp_username'], $_G['gp_password'], null, null, 'auto');
if ($result['status'] > 0) {
setloginstatus($result['member'], $_G['gp_cookietime'] ? 2592000 : 0);
$ucsynlogin = uc_user_synlogin($_G['uid']);
$message = 1;
$param = array('username' => $_G['member']['username'], 'ucsynlogin' => $ucsynlogin, 'uid' => $_G['uid']);
showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => 1));
} else {
$password = preg_replace("/^(.{" . round(strlen($_G['gp_password']) / 4) . "})(.+?)(.{" . round(strlen($_G['gp_password']) / 6) . "})\$/s", "\\1***\\3", $_G['gp_password']);
$errorlog = dhtmlspecialchars(TIMESTAMP . "\t" . ($result['ucresult']['username'] ? $result['ucresult']['username'] : dstripslashes($_G['gp_username'])) . "\t" . $password . "\t" . "Ques #" . intval($_G['gp_questionid']) . "\t" . $_G['clientip']);
writelog('illegallog', $errorlog);
loginfailed($_G['member_loginperm']);
$fmsg = $result['ucresult']['uid'] == '-3' ? empty($_G['gp_questionid']) || $answer == '' ? 'login_question_empty' : 'login_question_invalid' : 'login_invalid';
showmessage($fmsg, '', array('loginperm' => $_G['member_loginperm']));
}
}
}
function common()
{
global $_G;
if (!$_G['uid'] || !in_array('wechat', $_G['setting']['plugins']['available'])) {
mobile_core::result(mobile_core::variable(array()));
}
$_G['wechat']['setting'] = unserialize($_G['setting']['mobilewechat']);
if (!$_G['wechat']['setting']['wsq_apicredit']) {
mobile_core::result(mobile_core::variable(array()));
}
$extcredit = 'extcredits' . $_G['wechat']['setting']['wsq_apicredit'];
$ac = $_GET['ac'];
$return = array();
if (submitcheck('creditsubmit') && ($ac == 'inc' || $ac == 'dec') && $_GET['value'] > 0) {
$v = $ac == 'inc' ? $_GET['value'] : -$_GET['value'];
$log = lang('plugin/wechat', 'wsq_apicredit_log_' . $ac);
updatemembercount(array($_G['uid']), array($extcredit => $v), true, '', 0, '', $log);
$data = C::t('common_member_count')->fetch($_G['uid']);
$return['extcredit'] = $data[$extcredit];
} elseif ($ac == 'get') {
$return['extcredit'] = getuserprofile($extcredit);
}
mobile_core::result(mobile_core::variable($return));
}
$threadsdel = deletethread($moderation['delete']);
$threadsundel = undeletethreads($moderation['undelete']);
if ($threadsdel || $threadsundel) {
$cpmsg = cplang('recyclebin_succeed', array('threadsdel' => $threadsdel, 'threadsundel' => $threadsundel));
} else {
$cpmsg = cplang('recyclebin_nothread');
}
?>
<script type="text/JavaScript">alert('<?php
echo $cpmsg;
?>
');parent.$('rbsearchform').searchsubmit.click();</script>
<?php
}
} elseif ($operation == 'clean') {
if (!submitcheck('rbsubmit', 1)) {
shownav('topic', 'nav_recyclebin');
showsubmenu('nav_recyclebin', array(array('recyclebin_list', 'recyclebin', 0), array('search', 'recyclebin&operation=search', 0), array('clean', 'recyclebin&operation=clean', 1)));
showformheader('recyclebin&operation=clean');
showtableheader('recyclebin_clean');
showsetting('recyclebin_clean_days', 'days', '30', 'text');
showsubmit('rbsubmit');
showtablefooter();
showformfooter();
} else {
$deletetids = array();
$timestamp = TIMESTAMP;
$pernum = 500;
$threadsdel = intval($_GET['threadsdel']);
$days = intval($_GET['days']);
foreach (C::t('forum_threadmod')->fetch_all_recyclebin_by_dateline($timestamp - $days * 86400, 0, $pernum) as $thread) {
<?php
(!defined('M_COM') || !defined('M_ADMIN')) && exit('No Permission');
if (!submitcheck('bmtagadd') && !submitcheck('bmtagsdetail') && !submitcheck('bmtagcode')) {
templatebox(lang('tagtemplate'), 'mtagnew[template]', empty($mtag['template']) ? '' : $mtag['template'], 10, 110);
trbasic(lang('arr_pre'), 'mtagnew[setting][val]', empty($mtag['setting']['val']) ? 'v' : $mtag['setting']['val'], 'text', lang('agarr_pre'));
$nextarr = array('0' => lang('pre'), '1' => lang('next'));
trbasic(lang('context_choose'), '', makeradio('mtagnew[setting][next]', $nextarr, isset($mtag['setting']['next']) ? $mtag['setting']['next'] : '0'), '');
trbasic(lang('limitin_current_channel'), 'mtagnew[setting][chid]', empty($mtag['setting']['chid']) ? '0' : $mtag['setting']['chid'], 'radio');
trbasic(lang('limitin_current_catalog'), 'mtagnew[setting][caid]', empty($mtag['setting']['caid']) ? '0' : $mtag['setting']['caid'], 'radio');
foreach ($cotypes as $k => $cotype) {
if ($cotype['sortable']) {
trbasic(lang('limitin_current_coclass') . " [{$cotype['cname']}]", 'mtagnew[setting][ccid' . $k . ']', empty($mtag['setting']['ccid' . $k]) ? '0' : $mtag['setting']['ccid' . $k], 'radio');
}
}
trbasic(lang('limitin_active_member'), 'mtagnew[setting][mid]', empty($mtag['setting']['mid']) ? '0' : $mtag['setting']['mid'], 'radio');
trbasic(lang('nocp'), 'mtagnew[setting][nocp]', empty($mtag['setting']['nocp']) ? 0 : $mtag['setting']['nocp'], 'radio', lang('agnocp'));
trbasic(lang('tagjspick'), 'mtagnew[setting][js]', empty($mtag['setting']['js']) ? 0 : $mtag['setting']['js'], 'radio');
tabfooter();
} else {
if (empty($mtagnew['template'])) {
if (!submitcheck('bmtagcode')) {
amessage('input_tag_tpl', M_REFERER);
} else {
$errormsg = lang('input_tag_tpl');
}
//生成代码出错的提示信息
}
}
}
if (mysql_select_db($_POST['db']['dbname'])) {
if (mysql_query("SELECT COUNT(*) FROM {$_POST['db']['tablepre']}members")) {
$havedata = true;
}
} else {
if (!mysql_query("CREATE DATABASE `" . $_POST['db']['dbname'] . "`")) {
show_msg('设定的SupeSite数据库无权限操作,请先手工操作后,再执行安装程序');
}
}
if ($havedata) {
show_msg('危险!指定的SupeSite数据库已有数据,如果继续将会清空原有数据!', $step + 1);
} else {
show_msg('数据库配置成功,进入下一步操作', $step + 1, 1);
}
} elseif (submitcheck('opensubmit')) {
//检查用户身份
$step = 5;
include_once S_ROOT . './common.php';
//UC注册用户
if (!@(include_once S_ROOT . './uc_client/client.php')) {
showmessage('system_error');
}
$uid = uc_user_register($_POST['username'], $_POST['password'], '*****@*****.**');
if ($uid == -3) {
//已存在,登录
if (!($passport = getpassport($_POST['username'], $_POST['password']))) {
show_msg('输入的用户名密码不正确,请确认');
}
$setarr = array('uid' => $passport['uid'], 'username' => addslashes($passport['username']));
} elseif ($uid > 0) {
$return = uc_pm_send($_G['uid'], implode(',', $newusers), $subject, $message, 1, $pmid, 1);
}
if ($return > 0) {
DB::query("UPDATE " . DB::table('common_member_status') . " SET lastpost='{$_G['timestamp']}' WHERE uid='{$_G['uid']}'");
updatecreditbyaction('sendpm');
showmessage('do_success', "home.php?mod=space&do=pm&filter=privatepm", array(), array('msgtype' => $_G['gp_inajax'] ? 3 : 1, 'showmsg' => true));
} else {
if (in_array($return, array(-1, -2, -3, -4))) {
showmessage('message_can_not_send' . abs($return));
} else {
showmessage('message_can_not_send');
}
}
}
} elseif ($_GET['op'] == 'ignore') {
if (submitcheck('ignoresubmit')) {
$single = intval($_G['gp_single']);
if ($single) {
uc_pm_blackls_add($_G['uid'], $_POST['ignoreuser']);
showmessage('do_success', dreferer(), array(), array('showdialog' => 1, 'showmsg' => true, 'closetime' => 1));
} else {
uc_pm_blackls_set($_G['uid'], $_POST['ignorelist']);
showmessage('do_success', 'home.php?mod=space&do=pm&view=ignore', array(), array('showdialog' => 1, 'showmsg' => true, 'closetime' => 1));
}
}
} else {
cknewuser();
if (!checkperm('allowsendpm')) {
showmessage('no_privilege');
}
$friends = array();
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: modcp_report.php 14289 2010-10-21 11:32:50Z liulanbo $
*/
if (!defined('IN_DISCUZ') || !defined('IN_MODCP')) {
exit('Access Denied');
}
if (!empty($_G['fid'])) {
$curcredits = $_G['setting']['creditstransextra'][8] ? $_G['setting']['creditstransextra'][8] : $_G['setting']['creditstrans'];
if (submitcheck('reportsubmit')) {
if ($_G['gp_reportids']) {
foreach ($_G['gp_reportids'] as $reportid) {
if (DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_report') . " WHERE id='{$reportid}' AND opuid='0'")) {
$creditchange = '';
$uid = $_G['gp_reportuids'][$reportid];
if ($uid != $_G['uid']) {
$msg = !empty($_G['gp_msg'][$reportid]) ? '<br />' . htmlspecialchars($_G['gp_msg'][$reportid]) : '';
if (!empty($_G['gp_creditsvalue'][$reportid])) {
$credittag = $_G['gp_creditsvalue'][$reportid] > 0 ? '+' : '';
$creditchange = '<br />' . lang('forum/misc', 'report_msg_your') . $_G['setting']['extcredits'][$curcredits]['title'] . ' ' . $credittag . $_G['gp_creditsvalue'][$reportid];
updatemembercount($uid, array($curcredits => intval($_G['gp_creditsvalue'][$reportid])), true, 'RPC', $reportid);
}
if ($creditchange || $msg) {
notification_add($uid, 'report', 'report_change_credits', array('creditchange' => $creditchange, 'msg' => $msg), 1);
}
}
$opresult = !empty($_G['gp_creditsvalue'][$reportid]) ? $curcredits . "\t" . intval($_G['gp_creditsvalue'][$reportid]) : 'ignore';
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: member_lostpasswd.php 31164 2012-07-20 07:50:57Z chenmengshu $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
define('NOROBOT', TRUE);
$discuz_action = 141;
if (submitcheck('lostpwsubmit')) {
loaducenter();
$_GET['email'] = strtolower(trim($_GET['email']));
if ($_GET['username']) {
list($tmp['uid'], , $tmp['email']) = uc_get_user(addslashes($_GET['username']));
$tmp['email'] = strtolower(trim($tmp['email']));
if ($_GET['email'] != $tmp['email']) {
showmessage('getpasswd_account_notmatch');
}
$member = getuserbyuid($tmp['uid'], 1);
} else {
$emailcount = C::t('common_member')->count_by_email($_GET['email'], 1);
if (!$emailcount) {
showmessage('lostpasswd_email_not_exist');
}
if ($emailcount > 1) {
showmessage('lostpasswd_many_users_use_email');
}
showformfooter();
showtagfooter('div');
} else {
$sids = authcode($sids, 'DECODE');
$sidsadd = $sids ? explode(',', $sids) : $_G['gp_delete'];
include_once libfile('function/delete');
$deletecount = count(deleteshares($sidsadd));
$cpmsg = cplang('share_succeed', array('deletecount' => $deletecount));
?>
<script type="text/JavaScript">alert('<?php
echo $cpmsg;
?>
');parent.$('shareforum').searchsubmit.click();</script>
<?php
}
if (submitcheck('searchsubmit', 1) || $newlist) {
$sids = $sharecount = '0';
$sql = $error = '';
$users = trim($users);
if ($users != '') {
$uids = '-1';
$query = DB::query("SELECT uid FROM " . DB::table('home_share') . " WHERE username IN ('" . str_replace(',', '\',\'', str_replace(' ', '', $users)) . "')");
while ($arr = DB::fetch($query)) {
$uids .= ",{$arr['uid']}";
}
$sql .= " AND s.uid IN ({$uids})";
}
if ($type != '') {
$query = DB::query("SELECT type FROM " . DB::table('home_share') . " WHERE type ='{$type}'");
$arr = DB::fetch($query);
$type = $arr['type'];
showtagheader('div', 'postlist', $searchsubmit);
showformheader('recyclebinpost&operation=search&frame=no', 'target="rbframe"', 'rbform');
showtableheader(cplang('recyclebinpost_result') . ' ' . $postlistcount . ' <a href="#" onclick="$(\'postlist\').style.display=\'none\';$(\'postsearch\').style.display=\'\';" class="act lightlink normal">' . cplang('research') . '</a>', 'fixpadding');
if ($postlistcount && recyclebinpostshowpostlist($inforum, $authors, $pstarttime, $pendtime, $keywords, $start_limit, $lpp)) {
$multi = multi($postlistcount, $lpp, $page, ADMINSCRIPT . "?action=recyclebinpost");
$multi = preg_replace("/href=\"" . ADMINSCRIPT . "\\?action=recyclebinpost&page=(\\d+)\"/", "href=\"javascript:page(\\1)\"", $multi);
$multi = str_replace("window.location='" . ADMINSCRIPT . "?action=recyclebinpost&page='+this.value", "page(this.value)", $multi);
}
showsubmit('rbsubmit', 'submit', '', '<a href="#rb" onclick="checkAll(\'option\', $(\'rbform\'), \'delete\')">' . cplang('recyclebin_all_delete') . '</a> <a href="#rb" onclick="checkAll(\'option\', $(\'rbform\'), \'undelete\')">' . cplang('recyclebin_all_undelete') . '</a> <a href="#rb" onclick="checkAll(\'option\', $(\'rbform\'), \'ignore\')">' . cplang('recyclebin_all_ignore') . '</a> ', $multi);
showtablefooter();
showformfooter();
echo '<iframe name="rbframe" style="display:none"></iframe>';
showtagfooter('div');
}
} elseif ($operation == 'clean') {
if (!submitcheck('cleanrbsubmit', 1)) {
shownav('topic', 'nav_recyclebinpost');
showsubmenu('nav_recyclebinpost', array(array('recyclebinpost_list', 'recyclebinpost', 0), array('search', 'recyclebinpost&operation=search', 0), array('clean', 'recyclebinpost&operation=clean', 1)));
showformheader('recyclebinpost&operation=clean');
showtableheader('recyclebinpost_clean');
showsetting('recyclebinpost_clean_days', 'days', '30', 'text');
showsubmit('cleanrbsubmit');
showtablefooter();
showformfooter();
} else {
$deletetids = array();
$pernum = 200;
$postsdel = intval($_GET['postsdel']);
$days = intval($_GET['days']);
$timestamp = TIMESTAMP - max(0, $days * 86400);
$postlist = array();
DB::update('common_block', array('notinherited' => $notinherited), array('bid' => $bid));
}
cpmsg('block_perm_update_succeed', "action=block&operation=perm&bid={$bid}", 'succeed');
}
} else {
if (submitcheck('deletesubmit')) {
if ($_POST['ids']) {
$_POST['ids'] = daddslashes($_POST['ids']);
DB::query('DELETE FROM ' . DB::table('common_block_item') . " WHERE bid IN (" . dimplode($_POST['ids']) . ")");
DB::query('DELETE FROM ' . DB::table('common_block') . " WHERE bid IN (" . dimplode($_POST['ids']) . ")");
DB::delete('common_block_permission', 'bid IN (' . dimplode($_POST['ids']) . ')');
cpmsg('block_delete_succeed', 'action=block&operation=jscall', 'succeed');
} else {
cpmsg('block_choose_at_least_one_block', 'action=block&operation=jscall', 'error');
}
} elseif (submitcheck('clearsubmit')) {
include_once libfile('function/block');
block_clear();
cpmsg('block_clear_unused_succeed', 'action=block', 'succeed');
} else {
loadcache(array('diytemplatename'));
$searchctrl = '<span style="float: right; padding-right: 40px;">' . '<a href="javascript:;" onclick="$(\'tb_search\').style.display=\'\';$(\'a_search_show\').style.display=\'none\';$(\'a_search_hide\').style.display=\'\';" id="a_search_show" style="display:none">' . cplang('show_search') . '</a>' . '<a href="javascript:;" onclick="$(\'tb_search\').style.display=\'none\';$(\'a_search_show\').style.display=\'\';$(\'a_search_hide\').style.display=\'none\';" id="a_search_hide">' . cplang('hide_search') . '</a>' . '</span>';
showsubmenu('block', array(array('block_list', 'block', $operation == 'list'), array('block_jscall', 'block&operation=jscall', $operation == 'jscall')), $searchctrl);
$mpurl = ADMINSCRIPT . '?action=block&operation=' . $operation;
$intkeys = array('bid');
$strkeys = array('blockclass');
$strkeys[] = 'targettplname';
$randkeys = array();
$likekeys = array('name');
$results = getwheres($intkeys, $strkeys, $randkeys, $likekeys);
foreach ($likekeys as $k) {
<?php
/*
[Discuz!] (C)2001-2009 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: magic_move.inc.php 16688 2008-11-14 06:41:07Z cnteacher $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if (submitcheck('usesubmit')) {
if (empty($tid) && empty($moveto)) {
showmessage('magics_info_nonexistence');
}
$thread = getpostinfo($tid, 'tid', array('fid', 'tid', 'authorid', 'special'));
checkmagicperm($magicperm['forum'], $thread['fid']);
if ($thread['authorid'] != $discuz_uid) {
showmessage('magics_operation_nopermission');
}
if ($thread['special']) {
$query = $db->query("SELECT allowpostspecial FROM {$tablepre}forums WHERE fid='{$moveto}'");
if (!substr(sprintf('%04b', $forum['allowpostspecial']), -$thread['special'], 1)) {
showmessage('admin_move_nopermission');
}
}
$query = $db->query("SELECT postperm FROM {$tablepre}forumfields WHERE fid='{$moveto}'");
if ($forum = $db->fetch_array($query)) {
if (!$forum['postperm'] && !$allowpost) {
showmessage('group_nopermission');
} elseif ($forum['postperm'] && !forumperm($forum['postperm'])) {
}
if ($_G['adminid'] != 1 && !($_G['group']['allowsearch'] & 1)) {
showmessage('group_nopermission', NULL, array('grouptitle' => $_G['group']['grouptitle']), array('login' => 1));
}
$_G['setting']['search']['portal']['searchctrl'] = intval($_G['setting']['search']['portal']['searchctrl']);
$srchmod = 1;
$cachelife_time = 300;
// Life span for cache of searching in specified range of time
$cachelife_text = 3600;
// Life span for cache of text searching
$srchtype = empty($_G['gp_srchtype']) ? '' : trim($_G['gp_srchtype']);
$checkarray = array('posts' => '', 'trade' => '', 'threadsort' => '');
$searchid = isset($_G['gp_searchid']) ? intval($_G['gp_searchid']) : 0;
$srchtxt = $_G['gp_srchtxt'];
$keyword = isset($srchtxt) ? htmlspecialchars(trim($srchtxt)) : '';
if (!submitcheck('searchsubmit', 1)) {
include template('search/portal');
} else {
$orderby = in_array($_G['gp_orderby'], array('aid')) ? $_G['gp_orderby'] : 'aid';
$ascdesc = isset($_G['gp_ascdesc']) && $_G['gp_ascdesc'] == 'asc' ? 'asc' : 'desc';
if (!empty($searchid)) {
$page = max(1, intval($_G['gp_page']));
$start_limit = ($page - 1) * $_G['tpp'];
$index = DB::fetch_first("SELECT searchstring, keywords, num, ids FROM " . DB::table('common_searchindex') . " WHERE searchid='{$searchid}' AND srchmod='{$srchmod}'");
if (!$index) {
showmessage('search_id_invalid');
}
$keyword = htmlspecialchars($index['keywords']);
$keyword = $keyword != '' ? str_replace('+', ' ', $keyword) : '';
$index['keywords'] = rawurlencode($index['keywords']);
$articlelist = array();
$setting['button'][$k]['sub_button'][] = $sub_button;
}
}
if (count($setting['button'][$k]['sub_button']) > 7) {
cpmsg(lang('plugin/wechat', 'wsq_menu_sub_button_max'), '', 'error');
}
usort($setting['button'][$k]['sub_button'], 'buttoncmp');
}
if (count($setting['button']) > 3) {
cpmsg(lang('plugin/wechat', 'wsq_menu_button_max'), '', 'error');
}
usort($setting['button'], 'buttoncmp');
$settings = array('wechatmenu' => serialize($setting));
C::t('common_setting')->update_batch($settings);
updatecache('setting');
if (submitcheck('pubsubmit')) {
if (!$setting['button']) {
cpmsg(lang('plugin/wechat', 'wsq_menu_button_pub_error'), '', 'error');
}
$pubmenu = array('button' => array());
foreach ($setting['button'] as $button) {
if (!$button['sub_button']) {
if (!$button['name']) {
cpmsg(lang('plugin/wechat', 'wsq_menu_name_empty'), '', 'error');
}
if (!$button['keyurl']) {
cpmsg(lang('plugin/wechat', 'wsq_menu_keyurl_empty'), '', 'error');
}
$parse = parse_url($button['keyurl']);
$item = array('type' => $parse['host'] ? 'view' : 'click', 'name' => convertname($button['name']), $parse['host'] ? 'url' : 'key' => $button['keyurl']);
$pubmenu['button'][] = $item;
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: spacecp_avatar.php 18515 2010-11-25 07:35:31Z zhengqingpeng $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if (submitcheck('avatarsubmit')) {
showmessage('do_success', 'cp.php?ac=avatar&quickforward=1');
}
loaducenter();
$uc_avatarflash = uc_avatar($_G['uid'], 'virtual', 0);
if (empty($space['avatarstatus']) && uc_check_avatar($_G['uid'], 'middle')) {
DB::update('common_member', array('avatarstatus' => '1'), array('uid' => $_G['uid']));
updatecreditbyaction('setavatar');
manyoulog('user', $_G['uid'], 'update');
}
$actives = array('avatar' => ' class="a"');
include template("home/spacecp_avatar");
amessage('enameillegal', '?entry=alangs&action=alangsedit');
}
$alangnew['ename'] = strtolower(trim(strip_tags($alangnew['ename'])));
if (in_array($alangnew['ename'], array_keys($alangs))) {
amessage('enamerepeat', '?entry=alangs&action=alangsedit');
}
$alangnew['content'] = trim($alangnew['content']);
$db->query("INSERT INTO {$tblprefix}alangs SET \n\t\t\t\t\tename='{$alangnew['ename']}', \n\t\t\t\t\tcontent='{$alangnew['content']}',\n\t\t\t\t\tcreatedate='{$timestamp}'\n\t\t\t\t\t");
adminlog(lang('add_alang'));
updatecache('alangs');
amessage('alangaddfin', "?entry=alangs&action=alangsedit");
}
} elseif ($action == 'alangdetail' && $ename) {
if (!($alang = $db->fetch_one("SELECT * FROM {$tblprefix}alangs WHERE ename='{$ename}'"))) {
amessage('chooseclang');
}
if (!submitcheck('balangdetail')) {
tabheader(lang('edit_alang'), 'alangdetail', "?entry=alangs&action=alangdetail&ename={$ename}");
trbasic(lang('alang_ename'), '', $alang['ename'], '');
trbasic(lang('alang_content'), 'alangnew[content]', $alang['content'], 'textarea');
tabfooter('balangdetail');
a_guide('alangdetail');
} else {
$alangnew['content'] = trim($alangnew['content']);
$sql = $alangnew['content'] != $alang['content'] ? ",createdate='{$timestamp}'" : '';
$db->query("UPDATE {$tblprefix}alangs SET \n\t\t\t\t\tcontent='{$alangnew['content']}'\n\t\t\t\t\t{$sql}\n\t\t\t\t\tWHERE ename='{$ename}'");
adminlog(lang('edit_alang_detail'));
updatecache('alangs');
amessage('alangmodfin', "?entry=alangs&action=alangsedit");
}
}
if (protectguard($protect)) {
if (empty($option['permprompt'])) {
echo lang('forum/misc', 'view_noperm');
} else {
echo $option['permprompt'];
}
} else {
echo nl2br($typeoptionvarvalue[0]['value']);
}
} else {
echo lang('forum/misc', 'has_expired');
}
include template('common/footer_ajax');
} elseif ($_GET['action'] == 'usertag') {
if ($_G['tid']) {
if (!submitcheck('addusertag')) {
$recent_use_tag = $lastlog = $polloptions = array();
$i = 0;
$query = C::t('common_tagitem')->select(0, 0, 'uid', 'tagid', 'DESC', 200);
foreach ($query as $result) {
if ($i > 4) {
break;
}
if ($recent_use_tag[$result['tagid']] == '') {
$i++;
}
$recent_use_tag[$result['tagid']] = 1;
}
if ($recent_use_tag) {
$query = C::t('common_tag')->fetch_all(array_keys($recent_use_tag));
foreach ($query as $result) {
if (!defined('IN_ADMINCP')) {
exit('Access Denied');
}
include_once DISCUZ_ROOT . './source/plugin/dsu_updater/core.func.php';
showtableheader($du_lang['installed_plugin']);
showsubtitle(array($du_lang['plugin_name'], $du_lang['ver_installed'], $du_lang['ver_new'], $du_lang['action']));
$query = DB::query('SELECT name,identifier,version FROM ' . DB::table('common_plugin') . " WHERE identifier LIKE 'dsu_%'");
while ($result = DB::fetch($query)) {
$output = array();
$output[] = $result['name'];
$output[] = $result['version'];
$plugin[$result['identifier']] = $result['name'];
$output[] = $_G['dsu_updater']['plugin'][$result['identifier']];
if ($result['version'] == $_G['dsu_updater']['plugin'][$result['identifier']] || $_G['dsu_updater']['plugin'][$result['identifier']] == '') {
$output[] = '';
} else {
$output[] = '<a href="admin.php?action=plugins&operation=config&identifier=dsu_updater&pmod=main&plugin=' . $result['identifier'] . '&formhash=' . FORMHASH . "\">{$du_lang[update_do]}</a>";
}
showtablerow('', '', $output);
}
showtablefooter();
if (submitcheck('plugin', 1)) {
showtableheader($du_lang['update_status'] . $plugin[$_G['gp_plugin']]);
echo '<tr><td class="tipsblock"><ul id="update_status"><li>正在请求 Callback 系统, 请稍候...</li></ul></td></tr>';
showtablefooter();
@(include_once DISCUZ_ROOT . './source/discuz_version.php');
echo '<script onerror="document.getElementById(\'update_status\').innerHTML+=\'<li><font color=red>发送 CallBack 数据失败.</font></li>\'" src="http://update.dsu.cc/plugin.php?id=' . $_G['gp_plugin'] . '&site_id=' . $_G['dsu_updater']['site_id'] . '&keyhash=' . md5($_G['dsu_updater']['key']) . '&dv=' . DISCUZ_VERSION . '"></script>';
}
@(include_once DISCUZ_ROOT . './source/discuz_version.php');
callback('plugin', 0, '&dv=' . DISCUZ_VERSION);
$filterstr = '';
foreach (array('nmuid', 'caid', 'keyword') as $k) {
${$k} && ($filterstr .= "&{$k}=" . rawurlencode(stripslashes(${$k})));
}
foreach (array('checked', 'valid') as $k) {
${$k} != -1 && ($filterstr .= "&{$k}=" . ${$k});
}
//处理ucotype的筛选
foreach ($ucotypes as $k => $v) {
if (!empty(${'uccid' . $k}) && $v['cclass'] == 'offer') {
$filterstr .= "&uccid{$k}=" . ${'uccid' . $k};
$wheresql .= " AND cu.uccid{$k}='" . ${'uccid' . $k} . "'";
}
}
$wheresql = "WHERE " . (empty($no_list) ? $wheresql : '1=0');
if (!submitcheck('barcsedit')) {
if (empty($u_tplname)) {
echo form_str($action . 'archivesedit', "?action=offers&nmuid={$nmuid}&page={$page}");
tabheader_e();
echo "<tr><td class=\"item2\">";
echo lang('keyword') . " <input class=\"text\" name=\"keyword\" type=\"text\" value=\"{$keyword}\" size=\"8\" style=\"vertical-align: middle;\"> ";
//审核状态
if (in_array('check', $u_filters)) {
$checkedarr = array('-1' => lang('nolimit') . lang('check'), '0' => lang('nocheck'), '1' => lang('checked'));
echo "<select style=\"vertical-align: middle;\" name=\"checked\">" . makeoption($checkedarr, $checked) . "</select> ";
}
//有效状态
if (in_array('valid', $u_filters)) {
$validarr = array('-1' => lang('nolimit') . lang('available'), '0' => lang('invalid'), '1' => lang('available'));
echo "<select style=\"vertical-align: middle;\" name=\"valid\">" . makeoption($validarr, $valid) . "</select> ";
}
}
if (isset($_POST['privacy'])) {
foreach ($_POST['privacy'] as $key => $value) {
if (isset($_G['cache']['profilesetting'][$key])) {
$space['privacy']['profile'][$key] = intval($value);
}
}
DB::update('common_member_field_home', array('privacy' => addslashes(serialize($space['privacy']))), array('uid' => $space['uid']));
}
manyoulog('user', $_G['uid'], 'update');
include_once libfile('function/feed');
feed_add('profile', 'feed_profile_update_' . $operation, array('hash_data' => 'profile'));
countprofileprogress();
$message = $vid ? lang('spacecp', 'profile_verify_verifying', array('verify' => $verifyconfig['title'])) : '';
profile_showsuccess($message);
} elseif (submitcheck('passwordsubmit', 0, $seccodecheck, $secqaacheck)) {
$membersql = $memberfieldsql = $authstradd1 = $authstradd2 = $newpasswdadd = '';
$setarr = array();
$emailnew = dhtmlspecialchars($_G['gp_emailnew']);
$ignorepassword = 0;
if ($_G['setting']['connect']['allow'] && DB::result_first("SELECT conisregister FROM " . DB::table('common_member_connect') . " WHERE uid='{$_G['uid']}'")) {
$_G['gp_oldpassword'] = '';
$ignorepassword = 1;
if (empty($_G['gp_newpassword'])) {
showmessage('profile_passwd_empty');
}
}
if ($_G['gp_questionidnew'] === '') {
$_G['gp_questionidnew'] = $_G['gp_answernew'] = '';
} else {
$secquesnew = $_G['gp_questionidnew'] > 0 ? random(8) : '';
function spacecp_profile_bottom()
{
global $_G;
if (submitcheck('profilesubmit')) {
$_G['group']['maxsigsize'] = $_G['group']['maxsigsize'] < 200 ? 200 : $_G['group']['maxsigsize'];
return;
}
if ($_G['uid'] && $_G['setting']['connect']['allow']) {
require_once libfile('function/connect');
connect_merge_member();
if ($_G['member']['conuin'] && $_G['member']['conuinsecret']) {
$arr = array();
$arr['oauth_consumer_key'] = $_G['setting']['connectappid'];
$arr['oauth_nonce'] = mt_rand();
$arr['oauth_timestamp'] = TIMESTAMP;
$arr['oauth_signature_method'] = 'HMAC_SHA1';
$arr['oauth_token'] = $_G['member']['conuin'];
ksort($arr);
$arr['oauth_signature'] = connect_get_oauth_signature('http://cp.discuz.qq.com/connect/getSignature', $arr, 'GET', $_G['member']['conuinsecret']);
$result = connect_output_php('http://cp.discuz.qq.com/connect/getSignature?' . http_build_query($arr, '', '&'));
if ($result['status'] == 0) {
$js = 'a.onclick = function () { seditor_insertunit(\'sightml\', \'[wb=' . $result['result']['username'] . ']' . $result['result']['signature_url'] . '[/wb]\'); };';
} else {
$js = 'a.onclick = function () { showDialog(\'' . lang('plugin/qqconnect', 'connect_wbsign_no_account') . '\'); };';
}
} else {
$js = 'a.onclick = function () { showDialog(\'' . lang('plugin/qqconnect', 'connect_wbsign_no_bind') . '\'); };';
}
return '<script type="text/javascript">if($(\'sightmlsml\')) {' . 'var a = document.createElement(\'a\');a.href = \'javascript:;\';a.style.background = \'url(\' + STATICURL + \'image/common/weibo.png) no-repeat 0 2px\';' . 'a.onmouseover = function () { showTip(this); };a.setAttribute(\'tip\', \'' . lang('plugin/qqconnect', 'connect_wbsign_tip') . '\');' . $js . '$(\'sightmlsml\').parentNode.appendChild(a);' . '}</script>';
}
}
if ($member['email'] != $tmp['email']) {
$db->query("UPDATE {$tablepre}members SET email='" . addslashes($tmp['email']) . "' WHERE uid='" . addslashes($tmp['uid']) . "'");
}
$idstring = random(6);
$db->query("UPDATE {$tablepre}memberfields SET authstr='{$timestamp}\t1\t{$idstring}' WHERE uid='{$member['uid']}'");
sendmail("{$username} <{$tmp['email']}>", 'get_passwd_subject', 'get_passwd_message');
showmessage('getpasswd_send_succeed', '', 141);
}
} elseif ($action == 'getpasswd' && $uid && $id) {
$discuz_action = 141;
$member = $db->fetch_first("SELECT m.username, m.email, mf.authstr FROM {$tablepre}members m, {$tablepre}memberfields mf\r\n\t\tWHERE m.uid='{$uid}' AND mf.uid=m.uid");
list($dateline, $operation, $idstring) = explode("\t", $member['authstr']);
if ($dateline < $timestamp - 86400 * 3 || $operation != 1 || $idstring != $id) {
showmessage('getpasswd_illegal', NULL, 'HALTED');
}
if (!submitcheck('getpwsubmit') || $newpasswd1 != $newpasswd2) {
$hashid = $id;
include template('getpasswd');
} else {
if ($newpasswd1 != addslashes($newpasswd1)) {
showmessage('profile_passwd_illegal');
}
require_once DISCUZ_ROOT . './uc_client/client.php';
uc_user_edit($member['username'], $newpasswd1, $newpasswd1, $member['email'], 1);
$password = md5(random(10));
$db->query("UPDATE {$tablepre}members SET password='******' WHERE uid='{$uid}'");
$db->query("UPDATE {$tablepre}memberfields SET authstr='' WHERE uid='{$uid}'");
showmessage('getpasswd_succeed');
}
} elseif ($action == 'groupexpiry' && $discuz_uid) {
if (!$groupexpiry) {
$cssfile = DISCUZ_ROOT . './static/space/' . $style . '/style.css';
if (!file_exists($cssfile)) {
showmessage('theme_does_not_exist');
}
}
space_merge($space, 'field_home');
$blockdata = unserialize($space['blockposition']);
$blockdata['block'] = $layoutdata;
$blockdata['currentlayout'] = $currentlayout;
$setarr['spacecss'] = daddslashes($spacecss);
$setarr['blockposition'] = daddslashes(serialize($blockdata));
$setarr['theme'] = $style;
DB::update('common_member_field_home', $setarr, "uid = {$_G['uid']}");
showmessage('do_success', 'home.php?mod=space' . ($_G['adminid'] == 1 && $_G['setting']['allowquickviewprofile'] ? '&view=admin' : ''));
}
if (submitcheck('uploadsubmit')) {
$albumid = $picid = 0;
if (!checkperm('allowupload')) {
echo "<script>";
echo "alert(\"" . lang('spacecp', 'not_allow_upload') . "\")";
echo "</script>";
exit;
}
$uploadfiles = pic_save($_FILES['attach'], $_POST['albumid'], $_POST['pic_title'], false);
if ($uploadfiles && is_array($uploadfiles)) {
$albumid = $uploadfiles['albumid'];
$picid = $uploadfiles['picid'];
$uploadStat = 1;
require_once libfile('function/spacecp');
album_update_pic($albumid);
} else {
