function getInfo($uids, $fields = array()) { if (!$uids) { return new ApiResponse(false); } if (is_numeric($uids)) { $sql = ' uid=' . pwEscape($uids); } else { $sql = ' uid IN(' . pwImplode(explode(',', $uids)) . ')'; } require_once R_P . 'require/showimg.php'; $users = array(); $query = $this->db->query("SELECT uid,username,icon,gender,location,bday FROM pw_members WHERE " . $sql); while ($rt = $this->db->fetch_array($query)) { list($rt['icon']) = showfacedesign($rt['icon'], 1, 'm'); if ($fields) { $rt_a = array(); foreach ($fields as $field) { if (isset($rt[$field])) { $rt_a[$field] = $rt[$field]; } } } else { $rt_a = $rt; } $users[$rt['uid']] = $rt_a; } return new ApiResponse($users); }
/** * 获取个人APP列表 */ function userApplist($uids, $appids = '', $arrt = 0) { if (!$uids) { return false; } if (is_numeric($uids)) { $sql_uid = ' uid=' . pwEscape($uids); } else { $sql_uid = ' uid IN(' . pwImplode(explode(',', $uids)) . ')'; } if (is_numeric($appids)) { $sql_appid = ' AND appid=' . pwEscape($appids); } elseif ($appids) { $sql_appid = ' AND appid IN(' . pwImplode(explode(',', $appids)) . ')'; } $query = $this->_db->query("SELECT uid,appid,appname FROM pw_userapp WHERE {$sql_uid} {$sql_appid}"); while ($rt = $this->_db->fetch_array($query)) { if ($this->_appslist[$rt['appid']] && $this->_appslist[$rt['appid']]) { if ($arrt == 1) { $this->_app_array[$rt['appid']] = $rt['appname']; } elseif ($arrt == 2) { $this->_app_array[$rt['uid']][$rt['appid']] = $rt; } else { $this->_app_array[] = $rt; } } } if (!$this->_app_array || !$this->appifopen) { $this->_app_array = array(); } return $this->_app_array; }
/** * @param $replies * @param $order * @param $isDesc * @param $page * @return unknown_type */ function getThreadsByReplies($replies, $page) { if (!$replies) { return; } $sql = "SELECT p.tid FROM pw_postsfloor p GROUP BY p.tid ORDER BY p.tid DESC"; $query = $this->db->query($sql); while ($rt = $this->db->fetch_array($query)) { $tid[] = $rt['tid']; } if ($tid) { $w_tid = " t.tid NOT IN ( " . pwImplode($tid) . " ) AND "; } $sql = "SELECT COUNT(*) AS sum FROM pw_threads t WHERE {$w_tid} t.replies > " . pwEscape($replies); $rt = $this->db->get_one($sql); (!is_numeric($page) || $page < 1) && ($page = 1); $limit = pwLimit(($page - 1) * $this->db_perpage, $this->db_perpage); $result['pages'] = numofpage($rt['sum'], $page, ceil($rt['sum'] / $this->db_perpage), $this->basename . "&sub=y&action=search&replies={$replies}&"); $sql = "SELECT t.tid, t.subject, t.replies, t.postdate, t.fid\r\n\t\t\t\tFROM pw_threads t\r\n\t\t\t\tWHERE {$w_tid} t.replies > " . pwEscape($replies) . " {$limit}"; $query = $this->db->query($sql); while ($rt = $this->db->fetch_array($query)) { list($lastDate) = PostIndexUtility::getLastDate($rt["postdate"]); $rt["postdate"] = $lastDate; $result['data'][] = $rt; } return $result; }
function updateForumCount($fid, $topic, $replies, $tpost = 0) { global $db, $db_fcachenum; $fm = $db->get_one("SELECT fup,type,password,allowvisit,f_type FROM pw_forums WHERE fid=" . pwEscape($fid)); if ($fm['type'] == 'category') { return false; } delfcache($fid, $db_fcachenum); $topic = intval($topic); $article = $topic + intval($replies); $tpost = intval($tpost); $lastpost = ''; $lt = $db->get_one("SELECT tid,author,postdate,lastpost,lastposter,subject FROM pw_threads WHERE fid=" . pwEscape($fid) . " AND topped='0' AND ifcheck='1' AND lastpost>0 ORDER BY lastpost DESC LIMIT 1"); if ($lt) { if ($lt['postdate'] == $lt['lastpost']) { $subject = substrs($lt['subject'], 26); } else { $subject = 'Re:' . substrs($lt['subject'], 26); } $lastpost = ",lastpost=" . pwEscape($subject . "\t" . $lt['lastposter'] . "\t" . $lt['lastpost'] . "\t" . "read.php?tid={$lt['tid']}&page=e#a"); } $db->update("UPDATE pw_forumdata SET article=article+'{$article}',topic=topic+'{$topic}',tpost=tpost+'{$tpost}'{$lastpost} WHERE fid=" . pwEscape($fid)); if (($fm['type'] == 'sub' || $fm['type'] == 'sub2') && ($fids = getUpFids($fid))) { if ($fm['password'] != '' || $fm['allowvisit'] != '' || $fm['f_type'] == 'hidden') { $lastpost = ''; } $db->update("UPDATE pw_forumdata SET article=article+'{$article}',subtopic=subtopic+'{$topic}',tpost=tpost+'{$tpost}'{$lastpost} WHERE fid IN(" . pwImplode($fids) . ')'); } }
function updateAreaStaticRefreshTime($timeToUpdate = 0) { global $db; require_once R_P . 'admin/cache.php'; $update = array('area_static_next', 'string', $timeToUpdate, ''); $db->update("REPLACE INTO pw_hack VALUES (" . pwImplode($update) . ')'); updatecache_conf('area', true); }
function delUserByIds($uids) { if (!($delids = pwImplode($uids))) { return; } $this->db->update("DELETE FROM pw_members WHERE uid IN ({$delids})"); $this->db->update("DELETE FROM pw_memberdata WHERE uid IN ({$delids})"); $this->db->update("DELETE FROM pw_memberinfo WHERE uid IN ({$delids})"); $this->db->update("DELETE FROM pw_banuser WHERE uid IN ({$delids})"); @extract($this->db->get_one("SELECT count(*) AS count FROM pw_members")); @extract($this->db->get_one("SELECT username FROM pw_members ORDER BY uid DESC LIMIT 1")); $this->db->update("UPDATE pw_bbsinfo SET newmember=" . pwEscape($username) . ',totalmember=' . pwEscape($count) . " WHERE id='1'"); }
function delete_msgc($ids = null) { global $db; if ($db->server_info() > '4') { $GLOBALS['db']->update("DELETE " . ($db->server_info() > '4.1' ? 'mc' : 'pw_msgc') . " FROM pw_msgc mc LEFT JOIN pw_msg m ON mc.mid=m.mid LEFT JOIN pw_msglog ml ON mc.mid=ml.mid WHERE m.mid is NULL AND ml.mid is NULL" . ($ids ? " AND mc.mid IN({$ids})" : '')); } else { $delids = array(); $query = $db->query("SELECT mc.mid FROM pw_msgc mc LEFT JOIN pw_msg m ON mc.mid=m.mid LEFT JOIN pw_msglog ml ON mc.mid=ml.mid WHERE m.mid is NULL AND ml.mid is NULL" . ($ids ? " AND mc.mid IN({$ids})" : '')); while ($rt = $db->fetch_array($query)) { $delids[] = $rt['mid']; } //TODO SQL太长 !empty($delids) && $db->update("DELETE FROM pw_msgc WHERE mid IN(" . pwImplode($delids) . ")"); } }
function getHaveDelays($invokepieces, $fid = 0) { global $timestamp; if (!is_array($invokepieces) || !$invokepieces) { return array(); } $temp_invokepieces = array_keys($invokepieces); $temp = array(); $query = $this->_db->query("SELECT invokepieceid,fid,loopid FROM pw_pushdata WHERE starttime>" . pwEscape($timestamp) . " AND fid = " . pwEscape($fid) . " AND invokepieceid IN(" . pwImplode($temp_invokepieces) . ") GROUP BY invokepieceid,fid,loopid"); while ($rt = $this->_db->fetch_array($query)) { $key = md5($rt['invokepieceid'] . $rt['fid'] . $rt['loopid']); $temp[$key] = $rt; } return $temp; }
function deleteByThreadIds($forumId, $threadIds) { if (empty($threadIds)) { return null; } if (is_array($threadIds)) { $threads = L::loadClass('Threads'); $threads->delThreads($threadIds); $threadIds = pwImplode($threadIds); } $this->_db->update("DELETE FROM " . $this->_tableName . " WHERE tid in(" . $threadIds . ")"); $result = $this->_db->affected_rows(); if ($result && $this->_memcache) { $threadList = $this->_getThreadList(); $threadList->refreshThreadIdsByForumId($forumId); } return $result; }
function insertApp($fids, $appid, $appinfo = '') { //更新版块APP信息 if (!$fids) { return new ApiResponse(false); } if (is_numeric($fids)) { $sql = ' fid=' . pwEscape($fids); } else { $sql = ' fid IN(' . pwImplode(explode(",", $fids)) . ')'; } $query = $this->db->query("SELECT fid,appinfo FROM pw_forumsextra WHERE appinfo!=''"); while ($rt = $this->db->fetch_array($query)) { $appdb = array(); $appdb = unserialize($rt['appinfo']); unset($appdb[$appid]); $appdb = serialize($appdb); $this->db->update("UPDATE pw_forumsextra SET appinfo=" . pwEscape($appdb) . " WHERE fid=" . pwEscape($rt['fid'])); } $oldfids = array(); $query = $this->db->query("SELECT fid,appinfo FROM pw_forumsextra WHERE {$sql}"); while ($rt = $this->db->fetch_array($query)) { $appdb = array(); $appdb = unserialize($rt['appinfo']); $appdb[$appid] = $appinfo; $appdb = serialize($appdb); $oldfids[$rt['fid']] = $rt['fid']; $this->db->update("UPDATE pw_forumsextra SET appinfo=" . pwEscape($appdb) . " WHERE fid=" . pwEscape($rt['fid'])); } $forumset = array('lock' => 0, 'cutnums' => 0, 'threadnum' => 0, 'readnum' => 0, 'newtime' => 0, 'orderway' => 'lastpost', 'asc' => 'DESC', 'allowencode' => 0, 'anonymous' => 0, 'rate' => 0, 'dig' => 0, 'inspect' => 0, 'watermark' => 0, 'commend' => 0, 'autocommend' => 0, 'commendlist' => '', 'commendnum' => 0, 'commendlength' => 0, 'commendtime' => 0, 'addtpctype' => 0, 'ifrelated' => 0, 'relatednums' => 0, 'relatedcon' => 'ownpost', 'relatedcustom' => array(), 'rvrcneed' => 0, 'moneyneed' => 0, 'creditneed' => 0, 'postnumneed' => 0, 'sellprice' => array(), 'uploadset' => 'money 0', 'rewarddb' => '', 'allowtime' => ''); $forumset = serialize($forumset); foreach (explode(",", $fids) as $key => $value) { if (!$oldfids[$value]) { $appdb = array(); $appdb[$appid] = $appinfo; $appdb = serialize($appdb); $this->db->update("INSERT INTO pw_forumsextra SET " . pwSqlSingle(array('fid' => $value, 'forumset' => $forumset, 'appinfo' => $appdb))); } } require_once R_P . 'admin/cache.php'; updatecache_f(); return new ApiResponse(true); }
function getByUid($uids) { #$uids array|int $data = array(); if (is_array($uids)) { $query = $this->_db->query("SELECT uid,type,value,typeid FROM " . $this->_tableName . " WHERE uid IN (" . pwImplode($uids, false) . ") AND expire>" . pwEscape($this->now, false)); while ($rt = $this->_db->fetch_array($query)) { $value = $this->_unserialize($rt['value']); $data[$rt['uid']][$rt['type']] = array('value' => $value, 'id' => $rt['typeid']); } } else { $query = $this->_db->query("SELECT type,value,typeid FROM " . $this->_tableName . " WHERE uid=" . pwEscape($uids, false)); while ($rt = $this->_db->fetch_array($query)) { $value = $this->_unserialize($rt['value']); $data[$rt['type']] = array('value' => $value, 'id' => $rt['typeid']); } } return $data; }
/** * @param $uid 用户ID * @param $page 当前页数 * @return unknown_type 返回类型 */ function getFavsByUser($uid, $page = 1) { $uid = (int) $uid; if (!$uid) { return array(); } $result = array(); (int) $page < 1 && ($page = 1); $start = ($page - 1) * $this->perPage; $_favs = $this->db->get_one("SELECT tids FROM pw_favors WHERE uid=" . pwEscape($uid)); $_tids = explode(',', trim($_favs['tids'], ',')); $_count = count($_tids); $tids = array_slice($_tids, $start, $this->perPage); if ($tids) { $sql = "SELECT fid,tid,subject,postdate,author,authorid,replies,hits,topped,digest,ifupload FROM pw_threads \r\n\t\t\t\t\tWHERE tid IN(" . pwImplode($tids) . ") ORDER BY postdate DESC"; $result = $this->_query($sql, $start, 'fav'); } return $result; }
function getAppUsers($appid, $uid, $num, $start = 0) { if ($num == 'all') { $num = 500; } elseif (!is_numeric($num) || $num < 1) { $num = 20; } elseif ($num > 500) { $num = 500; } (!is_numeric($start) || $start < 0) && ($start = 0); $users = $appusers = array(); $query = $this->db->query("SELECT friendid FROM pw_friends WHERE status='0' AND uid=" . pwEscape($uid) . pwLimit($start, $num)); while ($rt = $this->db->fetch_array($query)) { $users[] = $rt['friendid']; } $query = $this->db->query("SELECT uid FROM pw_userapp WHERE uid IN (" . pwImplode($users) . ") AND appid=" . pwEscape($appid)); while ($rt = $this->db->fetch_array($query)) { $appusers[] = $rt['uid']; } return new ApiResponse($appusers); }
function execute($postdata) { global $timestamp, $db_ptable, $onlineip, $db_plist; $this->setPostData($postdata); if ($db_plist && count($db_plist) > 1) { $this->db->update("INSERT INTO pw_pidtmp(pid) VALUES('')"); $pid = $this->db->insert_id(); } else { $pid = ''; } $ipTable = L::loadClass('IPTable'); $pwSQL = pwSqlSingle(array('pid' => $pid, 'fid' => $this->data['fid'], 'tid' => $this->tid, 'aid' => $this->data['aid'], 'author' => $this->data['author'], 'authorid' => $this->data['authorid'], 'icon' => $this->data['icon'], 'postdate' => $timestamp, 'subject' => $this->data['title'], 'userip' => $onlineip, 'ifsign' => $this->data['ifsign'], 'ipfrom' => $ipTable->getIpFrom($onlineip), 'ifconvert' => $this->data['convert'], 'ifwordsfb' => $this->data['ifwordsfb'], 'ifcheck' => $this->data['ifcheck'], 'content' => $this->data['content'], 'anonymous' => $this->data['anonymous'], 'ifhide' => $this->data['hideatt'])); $pw_posts = GetPtable($this->tpcArr['ptable']); $this->db->update("INSERT INTO {$pw_posts} SET {$pwSQL}"); !$pid && ($pid = $this->db->insert_id()); $this->tpcArr['openIndex'] && $this->setPostFloor($pid); $this->pid = $pid; if (is_object($this->att) && ($aids = $this->att->getAids())) { $this->db->update("UPDATE pw_attachs SET " . pwSqlSingle(array('tid' => $this->tid, 'pid' => $this->pid)) . ' WHERE aid IN(' . pwImplode($aids) . ')'); } if ($this->data['ifcheck'] == 1) { $sqladd1 = ''; $sqladd = array('lastposter' => $this->data['lastposter']); $this->tpcArr['locked'] < 3 && $this->tpcArr['lastpost'] < $timestamp && ($sqladd['lastpost'] = $timestamp); $this->data['ifupload'] && ($sqladd['ifupload'] = $this->data['ifupload']); $ret = $this->sendMail(); if ($ret & 2) { $sqladd['ifmail'] = 4; } elseif ($ret & 1) { $sqladd1 = "ifmail=ifmail-1,"; } $this->db->update("UPDATE pw_threads SET {$sqladd1}replies=replies+1,hits=hits+1," . pwSqlSingle($sqladd) . " WHERE tid=" . pwEscape($this->tid)); if (getstatus($this->tpcArr['tpcstatus'], 1)) { $this->db->update("UPDATE pw_argument SET lastpost=" . pwEscape($timestamp) . ' WHERE tid=' . pwEscape($this->tid)); } } $this->post->updateUserInfo($this->type, $this->creditSet(), $this->data['content']); $this->afterReply(); }
} elseif ($_POST['step'] == '4') { PostCheck(); InitGP(array('selid')); if ($selid && is_array($selid)) { $arr = array(); $query = $db->query("SELECT u2.uid FROM pw_userbinding u1 LEFT JOIN pw_userbinding u2 ON u1.id=u2.id WHERE u1.uid=" . pwEscape($winduid)); while ($rt = $db->fetch_array($query)) { $arr[] = $rt['uid']; } if ($delarr = array_intersect($arr, $selid)) { $db->update("DELETE FROM pw_userbinding WHERE uid IN(" . pwImplode($delarr) . ')'); $tmp = $delarr + array($winduid); if (count(array_unique($tmp)) == count($arr)) { $delarr = $tmp; } $db->update("UPDATE pw_members SET userstatus=userstatus&~(1<<11) WHERE uid IN (" . pwImplode($delarr) . ')'); } } refreshto("profile.php?action=modify&info_type=binding", 'operate_success', 2, true); } function Getcustom($data, $unserialize = true, $strips = null) { global $db_union; $customdata = array(); if (!$data || ($unserialize ? !is_array($data = unserialize($data)) : !is_array($data))) { $data = array(); } elseif (!is_array($custominfo = unserialize($db_union[7]))) { $custominfo = array(); } if (!empty($data) && !empty($custominfo)) { foreach ($data as $key => $value) {
function postDelete($tids, $uid) { global $db_recycle, $db_ifpwcache; $tiddb = explode(',', $tids); $delids = array(); foreach ($tiddb as $key => $value) { if (is_numeric($value)) { $delids[] = $value; } } if (!$delids) { return new ApiResponse(false); } foreach ($readdb as $key => $read) { if ($read['authorid'] != $uid) { return new ErrorMsg(API_THREAD_AUTHOR_ERROR, 'The author is not right'); } } $delarticle = L::loadClass('DelArticle'); $readdb = $delarticle->getTopicDb('tid ' . $delarticle->sqlFormatByIds($delids)); $delarticle->delTopic($readdb, 0); if ($db_ifpwcache ^ 1) { $this->db->update("DELETE FROM pw_elements WHERE type !='usersort' AND id IN(" . pwImplode($delids) . ')'); } P_unlink(D_P . 'data/bbscache/c_cache.php'); return new ApiResponse(true); }
list($uploadcredit, $uploadmoney, $downloadmoney, $downloadimg) = explode("\t", $pwforum->forumset['uploadset']); if ($groupid == 6 || getstatus($winddb['userstatus'], 1)) { $pwSQL = ''; $flag = 0; $bandb = $delban = array(); $query = $db->query("SELECT * FROM pw_banuser WHERE uid=" . pwEscape($winduid)); while ($rt = $db->fetch_array($query)) { if ($rt['type'] == 1 && $timestamp - $rt['startdate'] > $rt['days'] * 86400) { $delban[] = $rt['id']; } elseif ($rt['fid'] == 0 || $rt['fid'] == $fid) { $bandb[$rt['fid']] = $rt; } else { $flag = 1; } } $delban && $db->update('DELETE FROM pw_banuser WHERE id IN(' . pwImplode($delban) . ')'); $groupid == 6 && !isset($bandb[0]) && ($pwSQL .= "groupid='-1',"); if (getstatus($winddb['userstatus'], 1) && !isset($bandb[$fid]) && !$flag) { $pwSQL .= 'userstatus=userstatus&(~1),'; } if ($pwSQL = rtrim($pwSQL, ',')) { $db->update('UPDATE pw_members SET $pwSQL WHERE uid=' . pwEscape($winduid)); $_cache = getDatastore(); $_cache->delete('UID_' . $winduid); } if ($bandb) { $bandb = current($bandb); if ($bandb['type'] == 1) { $s_date = get_date($bandb['startdate']); $e_date = $bandb['startdate'] + $bandb['days'] * 86400; $e_date = get_date($e_date);
function recycle($ids) { global $db, $fid; $delids = array(); foreach ($ids as $key => $value) { if (is_numeric($value)) { $delids[] = $value; } } if ($delids) { $delids = pwImplode($delids); } else { Showmsg('forumcp_recycle_nodata'); } $query = $db->query("SELECT r.*,t.special,t.ifshield,t.ifupload,t.ptable,t.replies,t.fid AS ckfid FROM pw_recycle r LEFT JOIN pw_threads t ON r.tid=t.tid WHERE r.tid IN ({$delids}) AND r.pid='0' AND r.fid=" . pwEscape($fid)); $taid_a = $ttable_a = $ptable_a = array(); $delids = $pollids = $actids = $delaids = $rewids = $ids = array(); while (@extract($db->fetch_array($query))) { $ids[] = $tid; ($ifshield != '2' || $replies == '0' || $ckfid == '0') && ($delids[] = $tid); $special == 1 && ($pollids[] = $tid); $special == 2 && ($actids[] = $tid); $special == 3 && ($rewids[] = $tid); if ($ifshield != '2' || $replies == '0' || $ckfid == '0') { $ptable_a[$ptable] = 1; $ttable_a[GetTtable($tid)][] = $tid; } if ($ifupload) { $taid_a[GetTtable($tid)][] = $tid; if ($ifshield != '2' || $replies == '0' || $ckfid == '0') { $pw_posts = GetPtable($ptable); $query2 = $db->query("SELECT aid FROM {$pw_posts} WHERE tid=" . pwEscape($tid) . " AND aid!=''"); while (@extract($db->fetch_array($query2))) { if (!$aid) { continue; } $attachs = unserialize(stripslashes($aid)); foreach ($attachs as $key => $value) { is_numeric($key) && ($delaids[] = $key); pwDelatt($value['attachurl'], $GLOBALS['db_ifftp']); $value['ifthumb'] && pwDelatt("thumb/{$value['attachurl']}", $GLOBALS['db_ifftp']); } } } } } foreach ($taid_a as $pw_tmsgs => $value) { $value = pwImplode($value); $query = $db->query("SELECT aid FROM {$pw_tmsgs} WHERE tid IN({$value}) AND aid!=''"); while (@extract($db->fetch_array($query))) { if (!$aid) { continue; } $attachs = unserialize(stripslashes($aid)); foreach ($attachs as $key => $value) { is_numeric($key) && ($delaids[] = $key); pwDelatt($value['attachurl'], $GLOBALS['db_ifftp']); $value['ifthumb'] && pwDelatt("thumb/{$value['attachurl']}", $GLOBALS['db_ifftp']); } } } if ($pollids) { $pollids = pwImplode($pollids); $db->update("DELETE FROM pw_polls WHERE tid IN({$pollids})"); } if ($actids) { $actids = pwImplode($actids); $db->update("DELETE FROM pw_activity WHERE tid IN({$actids})"); $db->update("DELETE FROM pw_actmember WHERE actid IN({$actids})"); } if ($rewids) { $rewids = pwImplode($rewids); $db->update("DELETE FROM pw_reward WHERE tid IN({$rewids})"); } if ($delaids) { $pw_attachs = L::loadDB('attachs'); $pw_attachs->delete($delaids); } $delids = pwImplode($delids); if ($delids) { # $db->update("DELETE FROM pw_threads WHERE tid IN($delids)"); # ThreadManager $threadManager = L::loadClass("threadmanager"); $threadManager->deleteByThreadIds($fid, $delids); } foreach ($ttable_a as $pw_tmsgs => $val) { $val = pwImplode($val); $db->update("DELETE FROM {$pw_tmsgs} WHERE tid IN({$val})"); } foreach ($ptable_a as $key => $val) { $pw_posts = GetPtable($key); $db->update("DELETE FROM {$pw_posts} WHERE tid IN({$delids})"); } delete_tag($delids); if ($ids) { $ids = pwImplode($ids); $db->update("DELETE FROM pw_recycle WHERE tid IN ({$ids})"); } pwFtpClose($GLOBALS['ftp']); }
} else { $type = $share['type'] = 'web'; } } elseif (preg_match("/\\.(mp3|wma)\$/i", $link)) { $type = $share['type'] = 'music'; $f_hash = $share['link']; } elseif (preg_match("/\\.swf\$/i", $link)) { $type = $share['type'] = 'flash'; $f_hash = $share['link']; } else { $type = $share['type'] = 'web'; } } $content = serialize($share); $arr = array($type, $winduid, $windid, $timestamp, $content, $ifhidden); $db->update("INSERT INTO pw_share(type,uid,username,postdate,content,ifhidden) VALUES(" . pwImplode($arr) . ")"); if ($type == 'topic') { $db->update("UPDATE pw_threads SET shares=shares+1 WHERE tid=" . pwEscape($id)); } if (!$ifhidden) { $f_id = $db->insert_id(); if ($type != 'web' && $f_hash) { $share_code = '[share]' . ($type == 'video' ? $share['video']['host'] : $type) . ',' . $f_hash . ',' . $f_id . '[/share]'; } elseif ($type == 'user') { $share_code = '[url=' . $share['link'] . '][img]' . $share['user']['image'] . '[/img][/url]'; $title = $share['user']['username']; } elseif ($type == 'photo') { $belong = getLangInfo('app', 'photo_belong'); $image_link = $link; $share['link'] = $db_bbsurl . '/u.php?uid=' . $photo['ownerid']; $title = $share['photo']['username'];
updatecache_postcate(); adminmsg('operate_success', $basename); } } elseif ($action == 'postcatelist') { InitGP(array('selid', 'vieworder')); !is_array($selid) && ($selid = array()); $updatedb = array(); foreach ($selid as $key => $value) { if (is_numeric($key)) { $key = (int) $key; $updatedb[] = $key; } } if ($updatedb) { $db->update("UPDATE pw_postcate SET ifable=1 WHERE pcid IN (" . pwImplode($updatedb) . ')'); $db->update("UPDATE pw_postcate SET ifable=0 WHERE pcid NOT IN (" . pwImplode($updatedb) . ')'); } else { $db->update("UPDATE pw_postcate SET ifable=0"); } foreach ($vieworder as $key => $value) { $key && $db->update("UPDATE pw_postcate SET vieworder=" . pwEscape($value) . "WHERE pcid=" . pwEscape($key)); } updatecache_postcate(); adminmsg('operate_success', $basename); } elseif ($action == 'editmodel') { if (!$_POST['step']) { @(include_once D_P . 'data/bbscache/postcate_config.php'); $ajax_basename = EncodeUrl($basename); $ajax_basename_edit = EncodeUrl($basename . "&action=editfield"); $ajax_basename_add = EncodeUrl($basename . "&action=addfield"); $ajax_basename_delfield = EncodeUrl($basename . "&action=delfield");
/** * 更新缓存 */ function updatecache_search() { global $db; $query = $db->query("SELECT * FROM pw_searchadvert WHERE ifshow = 1 ORDER BY orderby ASC"); while ($rt = $db->fetch_array($query)) { $t = array(); $t['keyword'] = $rt['keyword']; $t['starttime'] = $rt['starttime']; $t['endtime'] = $rt['endtime']; $t['code'] = str_replace(array("\\\\", "\\'", '<', '>', '"'), array("\\", "'", '<', '>', '"'), $rt['code']); $rt['config'] = unserialize($rt['config']); $rt['config']['ddate'] && ($t['ddate'] = $rt['config']['ddate']); $rt['config']['dweek'] && ($t['dweek'] = $rt['config']['dweek']); $rt['config']['dtime'] && ($t['dtime'] = $rt['config']['dtime']); $_cachedb[] = $t; } $_cachedb = $_cachedb ? $_cachedb : array(); $query = $db->query("SELECT fid,vieworder FROM pw_searchforum ORDER BY vieworder,fid DESC"); while ($rt = $db->fetch_array($query)) { $fids[] = $rt['fid']; } $db->free_result($query); $forumsDB = $_cacheforumsdb = array(); if ($fids) { $query = $db->query("SELECT fid,name FROM pw_forums WHERE fid IN(" . pwImplode($fids) . ")"); while ($rt = $db->fetch_array($query)) { $forumsDB[$rt['fid']] = $rt; } $db->free_result($query); foreach ($fids as $fid) { if (!$forumsDB[$fid]['name']) { continue; } $_cacheforumsdb[$fid] = $forumsDB[$fid]['name']; } } pwCache::setData(D_P . 'data/bbscache/search_config.php', array('s_searchforumdb' => $_cacheforumsdb, 's_advertdb' => $_cachedb), true); }
} require_once R_P . 'require/bbscode.php'; $wordsfb = L::loadClass('FilterUtil'); if (($banword = $wordsfb->comprise($pintro)) !== false) { Showmsg('content_wordsfb'); } $pwSQL = array('pintro' => $pintro); $ischage = false; if ($aid != $photo['aid'] && ($isGM || $winduid == $db->get_value("SELECT ownerid FROM pw_cnalbum WHERE aid=" . pwEscape($aid)))) { $pwSQL['aid'] = $aid; $ischage = true; } $db->update("UPDATE pw_cnphoto SET " . pwSqlSingle($pwSQL) . ' WHERE pid=' . pwEscape($pid)); if ($ischage) { $phnum = array(); $query = $db->query("SELECT aid,COUNT(*) AS sum FROM pw_cnphoto WHERE aid IN(" . pwImplode(array($aid, $photo['aid'])) . ') GROUP BY aid'); while ($rt = $db->fetch_array($query)) { $phnum[$rt['aid']] = $rt['sum']; } if ($photo['path'] == $photo['lastphoto']) { $lastphoto = $db->get_value("SELECT path FROM pw_cnphoto WHERE aid=" . pwEscape($photo['aid']) . " ORDER BY pid DESC LIMIT 1"); } $db->update("UPDATE pw_cnalbum SET " . pwSqlSingle(array('photonum' => $phnum[$aid] ? $phnum[$aid] : 0, 'lastpid' => implode(',', getLastPid($aid)))) . ' WHERE aid=' . pwEscape($aid)); $db->update("UPDATE pw_cnalbum SET " . pwSqlSingle(array('photonum' => $phnum[$photo['aid']] ? $phnum[$photo['aid']] : 0, 'lastpid' => implode(',', getLastPid($photo['aid'])), 'lastphoto' => $lastphoto)) . ' WHERE aid=' . pwEscape($photo['aid'])); } refreshto("{$basename}a=view&pid={$pid}", 'operate_success'); } } elseif ($a == 'delphoto') { define('AJAX', '1'); InitGP(array('pid'), null, 2); $isGM = CkInArray($windid, $manager);
function updateadmin() { global $db; $f_admin = array(); $query = $db->query("SELECT forumadmin FROM pw_forums"); while ($forum = $db->fetch_array($query)) { $adminarray = explode(",", $forum['forumadmin']); foreach ($adminarray as $key => $value) { $value = trim($value); if ($value) { $f_admin[] = $value; } } } $f_admin = array_unique($f_admin); $query = $db->query("SELECT uid,username,groupid,groups FROM pw_administrators WHERE groupid=5 OR groups LIKE '%,5,%'"); while ($rt = $db->fetch_array($query)) { if (!in_array($rt['username'], $f_admin)) { if ($rt['groupid'] == '5') { $db->update("UPDATE pw_members SET groupid='-1' WHERE uid='{$rt['uid']}'"); $rt['groupid'] = -1; } else { $rt['groups'] = str_replace(',5,', ',', $rt['groups']); $rt['groups'] == ',' && ($rt['groups'] = ''); $db->update("UPDATE pw_members SET groups='{$rt['groups']}' WHERE uid='{$rt['uid']}'"); } if ($rt['groupid'] == '-1' && $rt['groups'] == '') { admincheck($rt['uid'], $rt['username'], $rt['groupid'], $rt['groups'], 'delete'); } else { admincheck($rt['uid'], $rt['username'], $rt['groupid'], $rt['groups'], 'update'); } } } if ($f_admin) { $usernames = pwImplode($f_admin); $pwSQL = array(); $query = $db->query("SELECT m.uid,m.username,m.groupid,m.groups,a.groupid AS gid,a.groups AS gps FROM pw_members m LEFT JOIN pw_administrators a ON m.uid=a.uid WHERE m.username IN({$usernames})"); while ($rt = $db->fetch_array($query)) { if ($rt['groupid'] == '-1') { $rt['groups'] = str_replace(',5,', ',', $rt['groups']); $rt['groups'] == ',' && ($rt['groups'] = ''); $db->update("UPDATE pw_members SET groupid='5',groups=" . pwEscape($rt['groups']) . ' WHERE uid=' . pwEscape($rt['uid'])); $rt['groupid'] = 5; } elseif ($rt['groupid'] != '5' && strpos($rt['groups'], ',5,') === false) { $rt['groups'] = $rt['groups'] ? $rt['groups'] . '5,' : ",5,"; $db->update("UPDATE pw_members SET groups=" . pwEscape($rt['groups']) . ' WHERE uid=' . pwEscape($rt['uid'])); } if ($rt['groupid'] != $rt['gid'] || $rt['groups'] != $rt['gps']) { $pwSQL[] = array($rt['uid'], $rt['username'], $rt['groupid'], $rt['groups']); } } if ($pwSQL) { $db->update("REPLACE INTO pw_administrators (uid,username,groupid,groups) VALUES " . pwSqlMulti($pwSQL)); } } }
$query = $db->query("SELECT * FROM pw_tools"); while ($rt = $db->fetch_array($query)) { !$rt['creditype'] && ($rt['creditype'] = 'currency'); $tooldb[] = $rt; } include PrintHack('admin'); exit; } elseif ($action == 'submit') { InitGP(array('tools'), 'P'); $toolids = array(0); if (is_array($tools)) { foreach ($tools as $key => $value) { is_numeric($key) && ($toolids[] = $key); } } $toolids = pwImplode($toolids); if ($toolids) { $db->update("UPDATE pw_tools SET state='1' WHERE id IN({$toolids})"); $db->update("UPDATE pw_tools SET state='0' WHERE id NOT IN({$toolids})"); } else { $db->update("UPDATE pw_tools SET state='0'"); } adminmsg('operate_success'); } elseif ($action == 'edit' || $action == 'add') { if (!$_POST['step']) { if ($action == 'edit') { InitGP(array('id')); $rt = $db->get_one("SELECT * FROM pw_tools WHERE id=" . pwEscape($id)); !$rt && adminmsg('operate_fail'); } else { $rt = array();
function getCommentDbByTypeid($type, $typeid, $page, $url) { global $db, $groupid, $db_shield, $db_perpage, $db_windpost; if (!checkCommType($type)) { Showmsg('undefined_action'); } $wordsfb = L::loadClass('FilterUtil'); $commentdb = $subcommentdb = array(); $count = $db->get_value("SELECT COUNT(*) FROM pw_comment WHERE type=" . pwEscape($type) . " AND typeid=" . pwEscape($typeid) . " AND upid='0'"); $numofpage = ceil($count / $db_perpage); $start = ($page - 1) * $db_perpage; $limit = pwLimit($start, $db_perpage); $query = $db->query("SELECT c.id,c.uid,c.username,c.title,c.postdate,c.typeid,c.upid,c.ifwordsfb,m.icon as face,m.groupid FROM pw_comment c LEFT JOIN pw_members m ON c.uid=m.uid WHERE c.type=" . pwEscape($type) . " AND c.typeid=" . pwEscape($typeid) . " AND upid='0' ORDER BY postdate DESC {$limit}"); while ($rt = $db->fetch_array($query)) { $rt['postdate'] = get_date($rt['postdate']); list($rt['face']) = showfacedesign($rt['face'], 1, 'm'); if ($rt['groupid'] == 6 && $db_shield && $groupid != 3) { $rt['title'] = getLangInfo('other', 'ban_comment'); } elseif (!$wordsfb->equal($rt['ifwordsfb'])) { $rt['title'] = $wordsfb->convert($rt['title'], array('id' => $rt['id'], 'type' => 'comments', 'code' => $rt['ifwordsfb'])); } if (strpos($rt['title'], '[s:') !== false) { $rt['title'] = showface($rt['title']); } if (strpos($rt['title'], '[url') !== false) { $rt['title'] = convert($rt['title'], $db_windpost); } $commentids[] = $rt['id']; $commentdb[$rt['id']] = $rt; } if ($commentids) { $query = $db->query("SELECT c.id,c.uid,c.username,c.title,c.postdate,c.typeid,c.upid,c.ifwordsfb,m.icon as face,m.groupid FROM pw_comment c LEFT JOIN pw_members m ON c.uid=m.uid WHERE c.type=" . pwEscape($type) . " AND c.typeid=" . pwEscape($typeid) . " AND upid IN (" . pwImplode($commentids) . ") ORDER BY postdate ASC"); while ($rt = $db->fetch_array($query)) { $rt['postdate'] = get_date($rt['postdate']); list($rt['face']) = showfacedesign($rt['face'], 1, 'm'); if ($rt['groupid'] == 6 && $db_shield && $groupid != 3) { $rt['title'] = getLangInfo('other', 'ban_comment'); } elseif (!$wordsfb->equal($rt['ifwordsfb'])) { $rt['title'] = $wordsfb->convert($rt['title'], array('id' => $rt['id'], 'type' => 'comments', 'code' => $rt['ifwordsfb'])); } $subcommentdb[$rt['upid']][$rt['id']] = $rt; } } $pages = numofpage($count, $page, $numofpage, $url); return array($commentdb, $subcommentdb, $pages); }
updatecache_f(); $db_bbstitle = array('index' => Char_cv(strip_tags($contents['title_index'])), 'thread' => Char_cv(strip_tags($contents['title_thread'])), 'read' => Char_cv(strip_tags($contents['title_read']))); $db_metadescrip = array('index' => Char_cv(strip_tags($contents['metadesc_index'])), 'thread' => Char_cv(strip_tags($contents['metadesc_thread'])), 'read' => Char_cv(strip_tags($contents['metadesc_read']))); $db_metakeyword = array('index' => Char_cv(strip_tags($contents['metakeyword_index'])), 'thread' => Char_cv(strip_tags($contents['metakeyword_thread'])), 'read' => Char_cv(strip_tags($contents['metakeyword_read']))); $config = array(); $config[] = array('db_name' => $db_names[0], 'vtype' => 'array', 'db_value' => serialize($db_bbstitle)); $config[] = array('db_name' => $db_names[1], 'vtype' => 'array', 'db_value' => serialize($db_metadescrip)); $config[] = array('db_name' => $db_names[2], 'vtype' => 'array', 'db_value' => serialize($db_metakeyword)); $sql = "REPLACE INTO pw_config (db_name,vtype,db_value) VALUES " . pwSqlMulti($config); $db->update($sql); updatecache_c(); $basename = $basename . '&mode=' . $mode; adminmsg('operate_success'); } else { if (!file_exists(D_P . 'data/bbscache/config.php') || !isset($db_bbstitle) || !isset($db_metadescrip) || !isset($db_metakeyword)) { $sql = "SELECT * FROM pw_config WHERE db_name IN ( " . pwImplode($db_names) . " ) "; $query = $db->query($sql); while ($rt = $db->fetch_array($query)) { ${$rt['db_name']} = unserialize($rt['db_value']); } } $config['title'] = is_array(${$db_names[0]}) ? ${$db_names[0]} : array('index' => ${$db_names[0]}, 'thread' => ${$db_names[0]}, 'read' => ${$db_names[0]}); $config['metadescrip'] = is_array(${$db_names[1]}) ? ${$db_names[1]} : array('index' => ${$db_names[1]}, 'thread' => ${$db_names[1]}, 'read' => ${$db_names[1]}); $config['metakeyword'] = is_array(${$db_names[2]}) ? ${$db_names[2]} : array('index' => ${$db_names[2]}, 'thread' => ${$db_names[2]}, 'read' => ${$db_names[2]}); #get forums $sql = "SELECT fid,fup,name,type,title,metadescrip,keywords FROM pw_forums ORDER BY vieworder"; $query = $db->query($sql); while ($rt = $db->fetch_array($query)) { $rt['name'] = Quot_cv(strip_tags($rt['name'])); if ($rt['type'] == 'category') { $categorys[] = $rt;
$rt['startdate'] && ($rt['date'] = get_date($rt['startdate'])); $bandb[] = $rt; } } if ($ids) { $db->update("DELETE FROM pw_banuser WHERE id IN(" . pwImplode($ids) . ")"); $uids1 && $db->update("UPDATE pw_members SET groupid='-1' WHERE uid IN(" . pwImplode($uids1) . ")"); $uids2 && $db->update("UPDATE pw_members m LEFT JOIN pw_banuser b ON m.uid=b.uid AND b.fid>0 SET m.userstatus=m.userstatus&(~1) WHERE b.uid is NULL AND m.uid IN(" . pwImplode($uids2) . ")"); } include PrintEot('viewban'); exit; } elseif ($_POST['action'] == 'freeban') { InitGP(array('free'), 'P'); !$free && adminmsg('operate_error'); $ids = pwImplode($free); $uids1 = $uids2 = array(); $_cache = getDatastore(); $query = $db->query("SELECT * FROM pw_banuser WHERE uid IN ({$ids})"); while ($rt = $db->fetch_array($query)) { $_cache->delete('UID_' . $rt['uid']); if ($rt['fid']) { $uids2[] = $rt['uid']; } else { $uids1[] = $rt['uid']; } } $db->update("DELETE FROM pw_banuser WHERE uid IN({$ids})"); $uids1 && $db->update("UPDATE pw_members SET groupid='-1' WHERE uid IN(" . pwImplode($uids1) . ")"); $uids2 && $db->update("UPDATE pw_members m LEFT JOIN pw_banuser b ON m.uid=b.uid AND b.fid>0 SET m.userstatus=m.userstatus&(~1) WHERE b.uid is NULL AND m.uid IN(" . pwImplode($uids2) . ")"); adminmsg('operate_success'); }
//4.1. 原主导航 //原主导航升级,还是升级成主导航。门户的导航属性需要修改 $areaNav = $navConfigService->getByKey('area'); $areaNavId = $areaNav && isset($areaNav['nid']) ? $areaNav['nid'] : 0; $navConfigService->update($areaNavId, array('floattype' => 'cross', 'listtype' => 'space', 'selflisttype' => 'space')); //主导航中增加:门户频道 $channelService = L::loadClass('channelService', 'area'); foreach ($channelService->getChannels() as $alias => $channel) { if (!$navConfigService->getByKey('area_' . $alias)) { $link = "index.php?m=area&alias=" . $alias; $isShow = in_array($alias, array('bbsindex', 'home')) ? 0 : 1; $adds += (bool) $navConfigService->add(PW_NAV_TYPE_MAIN, array('nkey' => 'area_' . $alias, 'pos' => '-1', 'title' => $channel['name'], 'link' => $link, 'view' => $areaNav['view']++, 'upid' => 0, 'isshow' => $isShow)); } } //主导航中增加:群组聚合 $adds += (bool) $navConfigService->add(PW_NAV_TYPE_MAIN, array('nkey' => 'group', 'pos' => '-1', 'title' => '群组', 'style' => '', 'link' => 'group.php', 'alt' => '', 'target' => 0, 'view' => 3, 'upid' => 0, 'isshow' => 1)); //4.2. 原模式导航 //原门户模式导航:升级后成为主导航中“门户”的二级导航。 $db->update("UPDATE pw_nav SET type=" . pwEscape(PW_NAV_TYPE_MAIN) . ", upid=" . pwEscape($areaNavId) . " WHERE type='area_navinfo'"); //原论坛模式导航:升级后成为顶部右侧导航。 $db->update("UPDATE pw_nav SET type=" . pwEscape(PW_NAV_TYPE_HEAD_RIGHT) . ", pos='bbs,area' WHERE type='bbs_navinfo'"); //原圈子模式导航:删除。 $db->update("DELETE FROM pw_nav WHERE type='o_navinfo'"); //4.3. 原顶部导航:升级后成为顶部左侧导航。 $db->update("UPDATE pw_nav SET type=" . pwEscape(PW_NAV_TYPE_HEAD_LEFT) . " WHERE type='head'"); //4.4. 原底部导航:自定义数据保持升级,增加几个默认导航:联系我们、无图版、手机浏览 $db->update("DELETE FROM pw_nav WHERE type=" . pwEscape(PW_NAV_TYPE_FOOT) . " AND link IN (" . pwImplode(array($db_ceoconnect, 'simple/', 'm/index.php')) . ")"); $defaults = array(array('pos' => '-1', 'title' => '联系我们', 'link' => $db_ceoconnect, 'view' => 1, 'target' => 0, 'isshow' => 1), array('pos' => '-1', 'title' => '无图版', 'link' => 'simple/', 'view' => 2, 'target' => 0, 'isshow' => 1), array('pos' => '-1', 'title' => '手机浏览', 'link' => 'm/', 'view' => 3, 'target' => 0, 'isshow' => 1)); foreach ($defaults as $key => $value) { $adds += (bool) $navConfigService->add(PW_NAV_TYPE_FOOT, $value); }
function isban($udb, $fid = null) { global $db; $retu = $uids = array(); if (isset($udb['groupid']) && isset($udb['userstatus'])) { if ($udb['groupid'] == 6) { $retu[$udb['uid']] = 1; } elseif ($fid && getstatus($udb['userstatus'], 1) && ($rt = $db->get_one("SELECT uid FROM pw_banuser WHERE uid=" . pwEscape($udb['uid']) . " AND fid=" . pwEscape($fid)))) { $retu[$udb['uid']] = 2; } } else { foreach ($udb as $key => $u) { if ($u['groupid'] == 6) { //是否全局禁言 $retu[$u['uid']] = 1; } elseif (getstatus($u['userstatus'], 1)) { //是否版块禁言 $uids[] = $u['uid']; } } if ($fid && $uids) { $uids = pwImplode($uids); $query = $db->query("SELECT uid FROM pw_banuser WHERE uid IN ({$uids}) AND fid=" . pwEscape($fid)); while ($rt = $db->fetch_array($query)) { $retu[$rt['uid']] = 2; } } } return $retu; }
$rt['lastpost'] = get_date($rt['lastpost'], 'Y-m-d'); $rt['encode_lastposter'] = rawurlencode($rt['lastposter']); $threaddb[] = $rt; } require_once PrintEot('u'); footer(); } elseif ($action == 'post') { include_once D_P . 'data/bbscache/forum_cache.php'; require_once R_P . 'require/forum.php'; InitGP(array('ptable', 'page')); (!is_numeric($page) || $page < 1) && ($page = 1); $limit = pwLimit(($page - 1) * $db_perpage, $db_perpage); !isset($ptable) && ($ptable = $db_ptable); $pw_posts = GetPtable($ptable); $fidoff = $isU ? array(0) : getFidoff($groupid); $sqloff = ' AND p.fid NOT IN(' . pwImplode($fidoff) . ')'; $count = $db->get_value("SELECT COUNT(*) AS count FROM {$pw_posts} p WHERE authorid=" . pwEscape($userdb['uid']) . " {$sqloff}"); $nurl = "u.php?action=post&uid={$uid}&"; if ($p_list) { $p_table = ""; foreach ($p_list as $key => $val) { $name = $val ? $val : ($key != 0 ? getLangInfo('other', 'posttable') . $key : getLangInfo('other', 'posttable')); $p_table .= "<tr><td id=\"up_post{$key}\" class=\"fav\"><a href=\"{$nurl}ptable={$key}\">" . $name . "</a></td></tr>"; } $nurl .= "ptable={$ptable}&"; } $pages = numofpage($count, $page, ceil($count / $db_perpage), $nurl); $isGM = CkInArray($windid, $manager); $postdb = array(); $query = $db->query("SELECT p.pid,p.postdate,t.tid,t.fid,t.subject,t.authorid,t.author,t.titlefont,t.anonymous FROM {$pw_posts} p LEFT JOIN pw_threads t USING(tid) WHERE p.authorid=" . pwEscape($userdb['uid']) . " {$sqloff} ORDER BY p.postdate DESC {$limit}"); while ($rt = $db->fetch_array($query)) {