public function fetch_all_validate_uid($submittimes = '', $regdate = '', $moddate = '', $regip = '')
{
$sql = 'm.groupid=8';
$sql .= $submittimes ? ' AND v.submittimes>' . intval($submittimes) : '';
$sql .= $regdate ? ' AND m.regdate<' . (TIMESTAMP - intval($regdate) * 86400) : '';
$sql .= $moddate ? ' AND v.moddate<' . (TIMESTAMP - intval($moddate) * 86400) : '';
$sql .= ($regip = stripsearchkey(addslashes((string) $regip))) ? " AND m.regip LIKE '" . $regip . "%'" : '';
return DB::fetch_all("SELECT v.uid FROM " . DB::table('common_member_validate') . " v, " . DB::table('common_member') . " m\n\t\t\tWHERE {$sql} AND m.uid=v.uid", null, 'uid');
}
public function count_by_type_find($type = null, $find = null)
{
$parameter = array($this->_table);
$wherearr = array();
if ($type !== null) {
$parameter[] = $type;
$wherearr[] = "`type`=%d";
}
if ($find !== null) {
$parameter[] = '%' . addslashes(stripsearchkey($find)) . '%';
$wherearr[] = "`find` LIKE %s";
}
$wheresql = !empty($wherearr) && is_array($wherearr) ? ' WHERE ' . implode(' AND ', $wherearr) : '';
return DB::result_first("SELECT COUNT(*) FROM %t {$wheresql}", $parameter);
}
public function fetch_all_for_search($cid, $ctid, $username, $uid, $useip, $rate, $message, $starttime, $endtime, $start = 0, $limit = 20)
{
$where = '1';
$where .= $cid ? ' AND ' . DB::field('cid', $cid) : '';
$where .= $ctid ? ' AND ' . DB::field('ctid', $ctid) : '';
$where .= $username ? ' AND ' . DB::field('username', '%' . stripsearchkey($username) . '%', 'like') : '';
$where .= $uid ? ' AND ' . DB::field('uid', $uid) : '';
$where .= $useip ? ' AND ' . DB::field('useip', stripsearchkey($useip) . '%', 'like') : '';
$where .= $rate ? ' AND ' . DB::field('rate', $rate, '>') : '';
$where .= $message ? ' AND ' . DB::field('message', '%' . stripsearchkey($message) . '%', 'like') : '';
$where .= $starttime != '' ? ' AND ' . DB::field('dateline', $starttime, '>') : '';
$where .= $endtime != '' ? ' AND ' . DB::field('dateline', $endtime, '<') : '';
if ($start == -1) {
return DB::result_first("SELECT count(*) FROM %t WHERE %i", array($this->_table, $where));
}
return DB::fetch_all("SELECT * FROM %t WHERE %i ORDER BY dateline DESC %i", array($this->_table, $where, DB::limit($start, $limit)));
}
function getwheres($intkeys, $strkeys, $randkeys, $likekeys, $pre='') {
$wherearr = array();
$urls = array();
foreach ($intkeys as $var) {
$value = isset($_GET[$var])?$_GET[$var]:'';
if(strlen($value)) {
$wherearr[] = "{$pre}{$var}='".intval($value)."'";
$urls[] = "$var=$value";
}
}
foreach ($strkeys as $var) {
$value = isset($_GET[$var])?trim($_GET[$var]):'';
if(strlen($value)) {
$wherearr[] = "{$pre}{$var}='$value'";
$urls[] = "$var=".rawurlencode($value);
}
}
foreach ($randkeys as $vars) {
$value1 = isset($_GET[$vars[1].'1'])?$vars[0]($_GET[$vars[1].'1']):'';
$value2 = isset($_GET[$vars[1].'2'])?$vars[0]($_GET[$vars[1].'2']):'';
if($value1) {
$wherearr[] = "{$pre}{$vars[1]}>='$value1'";
$urls[] = "{$vars[1]}1=".rawurlencode($_GET[$vars[1].'1']);
}
if($value2) {
$wherearr[] = "{$pre}{$vars[1]}<='$value2'";
$urls[] = "{$vars[1]}2=".rawurlencode($_GET[$vars[1].'2']);
}
}
foreach ($likekeys as $var) {
$value = isset($_GET[$var])?stripsearchkey($_GET[$var]):'';
if(strlen($value)>1) {
$wherearr[] = "{$pre}{$var} LIKE BINARY '%$value%'";
$urls[] = "$var=".rawurlencode($value);
}
}
return array('wherearr'=>$wherearr, 'urls'=>$urls);
}
showmessage('not_find_qualified_information', $theurl);
}
} elseif (submitcheck('search2submit') || !empty($search2)) {
$_SGET['message'] = trim(postget('message'));
$_SGET['postip'] = trim(postget('postip'));
$_SGET['type'] = trim(postget('type'));
$_SGET['detail'] = trim(postget('detail'));
$urlplusarr[] = 'search2=1';
$urlplusarr[] = 'type=' . $_SGET['type'];
$where1arr = array();
if (!empty($_SGET['message'])) {
$urlplusarr[] = 'message=' . $_SGET['message'];
$sarr = explode(',', $_SGET['message']);
$newsarr = array();
foreach ($sarr as $value) {
$value = stripsearchkey($value);
if (!empty($value)) {
$newsarr[] = "ii.message LIKE '%" . $value . "%'";
}
}
if (!empty($newsarr)) {
$where1arr[] = "(" . implode(" OR ", $newsarr) . ")";
}
}
if (!empty($_SGET['postip'])) {
$urlplusarr[] = 'postip=' . $_SGET['postip'];
$_SGET['postip'] = str_replace('*', '888', $_SGET['postip']);
$sarr = explode('.', $_SGET['postip']);
$newips = array();
foreach ($sarr as $value) {
$value = intval($value);
$tablename = 'postitems';
} else {
$tablename = 'spaceitems';
if ($status == 'yes') {
if (empty($grade)) {
$wheresqlarr[] = 'i.grade>0';
} else {
$wheresqlarr[] = 'i.grade=\'' . $grade . '\'';
}
} elseif ($status == 'ban') {
$wheresqlarr[] = 'i.grade=\'-1\'';
} else {
$wheresqlarr[] = 'i.grade=0';
}
}
if ($searchkeys = stripsearchkey($searchkey)) {
if ($searchtype == 'username') {
$wheresqlarr[] = 'i.username LIKE \'%' . $searchkeys . '%\'';
} else {
$wheresqlarr[] = 'i.subject LIKE \'%' . $searchkeys . '%\'';
}
}
$wheresqlstr = implode(' AND ', $wheresqlarr);
$query = $_SGLOBAL['db']->query('SELECT COUNT(*) FROM ' . tname($tablename) . ' i WHERE ' . $wheresqlstr);
$listcount = $_SGLOBAL['db']->result($query, 0);
$multipage = '';
if ($listcount) {
$query = $_SGLOBAL['db']->query('SELECT i.*, f.name FROM ' . tname($tablename) . ' i LEFT JOIN ' . tname('categories') . ' f ON f.catid=i.catid WHERE ' . $wheresqlstr . ' ORDER BY i.dateline DESC LIMIT ' . $start . ',' . $perpage);
while ($item = $_SGLOBAL['db']->fetch_array($query)) {
$item['url'] = geturl('action/viewnews/itemid/' . $item['itemid']);
$listarr[] = $item;
public function fetch_all_stat_memberlist($username, $orderby = '', $sort = '', $start = 0, $limit = 0)
{
$orderby = in_array($orderby, array('uid', 'credits', 'regdate', 'gender', 'username', 'posts', 'lastvisit'), true) ? $orderby : 'uid';
$sql = '';
$sql = !empty($username) ? " WHERE username LIKE '" . addslashes(stripsearchkey($username)) . "%'" : '';
$memberlist = array();
$query = DB::query("SELECT m.uid, m.username, mp.gender, m.email, m.regdate, ms.lastvisit, mc.posts, m.credits\n\t\t\tFROM " . DB::table($this->_table) . " m\n\t\t\tLEFT JOIN " . DB::table('common_member_profile') . " mp ON mp.uid=m.uid\n\t\t\tLEFT JOIN " . DB::table('common_member_status') . " ms ON ms.uid=m.uid\n\t\t\tLEFT JOIN " . DB::table('common_member_count') . " mc ON mc.uid=m.uid\n\t\t\t{$sql} ORDER BY " . DB::order($orderby, $sort) . DB::limit($start, $limit));
while ($member = DB::fetch($query)) {
$member['usernameenc'] = rawurlencode($member['username']);
$member['regdate'] = dgmdate($member['regdate']);
$member['lastvisit'] = dgmdate($member['lastvisit']);
$memberlist[$member['uid']] = $member;
}
return $memberlist;
}
<?php
/*
[UCenter Home] (C) 2007-2008 Comsenz Inc.
$Id: space_tag.php 10944 2009-01-09 01:56:13Z liguode $
*/
if (!defined('IN_UCHOME')) {
exit('Access Denied');
}
$id = empty($_GET['id']) ? 0 : intval($_GET['id']);
$name = empty($_GET['name']) ? 0 : stripsearchkey($_GET['name']);
$start = empty($_GET['start']) ? 0 : intval($_GET['start']);
$list = array();
$count = 0;
if ($id || $name) {
// pagination
$perpage = 30;
//Check start number
ckstart($start, $perpage);
//获取TAG
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('tag') . " WHERE " . ($id ? "tagid='{$id}'" : "tagname='{$name}'") . " LIMIT 1");
$tag = $_SGLOBAL['db']->fetch_array($query);
if (empty($tag)) {
showmessage('tag_does_not_exist');
} elseif ($tag['close']) {
showmessage('tag_locked');
}
//获取tag关联
$prinum = 0;
$query = $_SGLOBAL['db']->query("SELECT blog.* FROM " . tname('tagblog') . " tb , " . tname('blog') . " blog WHERE tb.tagid='{$tag['tagid']}' AND blog.blogid=tb.blogid LIMIT {$start},{$perpage}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
function goods()
{
global $_G;
$sql = make_sql();
$url = 'm=ajax&a=goods';
$size = $_G[setting][cate_page] ? $_G[setting][cate_page] : 120;
if ($_GET['field']) {
$sql['field'] = trim($_GET['field']);
}
$and = '';
if ($_GET['kw']) {
$string = stripsearchkey(trim($_GET['kw']));
if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) {
msg('非法搜索关键字');
}
$string = safe_output($string);
if (dstrlen($string) < 2) {
msg('要搜索的关键字长度不能小于2');
}
$_GET[kw] = $string;
$and .= " AND title like '%{$string}%' ";
$url .= "&kw=" . urlencode_utf8($string);
}
if ($_GET[tag]) {
$tag = trim_html($tag, 1);
$tag = daddslashes($_GET[tag]);
$and .= "AND FIND_IN_SET('" . $tag . "', keywords) ";
$url .= "&tag=" . urlencode_utf8($tag);
$sql['and'] .= $and;
$sql['url'] .= $url;
}
$rs = D(array('and' => $and . $sql['and'], 'all' => false, 'order' => $sql[order]), array('url' => $url . $sql[url], 'size' => $size));
$goods = array();
foreach ($rs['goods'] as $k => $v) {
$tmp = array();
$tmp['picurl'] = $v['picurl'];
$tmp['url'] = $v['url'];
$tmp['id_url'] = $v['id_url'];
$tmp['num_iid'] = $v['num_iid'];
$tmp['aid'] = $v['aid'];
$tmp['yh_price'] = $v['yh_price'];
$tmp['sum'] = $v['sum'];
$tmp['like'] = $v['like'];
$tmp['title'] = $v['title'];
$tmp['username'] = $v['username'];
$goods[] = $tmp;
}
json(array('data' => $goods, 'status' => 'success'));
}
$fuid_actives = array($fuid => ' selected');
} else {
$wheresql = "t.sellerid IN ({$space['feedfriend']})";
$theurl = "home.php?mod=space&uid={$space['uid']}&do={$do}&view=we";
}
$query = DB::query("SELECT * FROM " . DB::table('home_friend') . " WHERE uid='{$space['uid']}' ORDER BY num DESC LIMIT 0,100");
while ($value = DB::fetch($query)) {
$userlist[] = $value;
}
} else {
$need_count = false;
}
}
$actives = array($_GET['view'] => ' class="a"');
if ($need_count) {
if ($searchkey = stripsearchkey($_G['gp_searchkey'])) {
$wheresql .= " AND t.subject LIKE '%{$searchkey}%'";
}
$havecache = false;
if ($_G['gp_view'] == 'all') {
$cachetime = $_G['gp_order'] == 'hot' ? 43200 : 3000;
if (!empty($_G['cache']['space_trade'][$alltype]) && is_array($_G['cache']['space_trade'][$alltype])) {
$cachearr = $_G['cache']['space_trade'][$alltype];
if (!empty($cachearr['dateline']) && $cachearr['dateline'] > $_G['timestamp'] - $cachetime) {
$list = $cachearr['data'];
$hiddennum = $threadarr['hiddennum'];
$havecache = true;
}
}
}
if (!$havecache) {
if ($offset++ == $_GET['line']) {
$log = parselog($line, true);
$log['line'] = $_GET['line'];
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('space') . " WHERE uid = '{$log['uid']}'");
$value = $_SGLOBAL['db']->fetch_array($query);
realname_set($value['uid'], $value['username']);
realname_get();
break;
}
}
fclose($fp);
}
} else {
$perpage = 50;
$_GET['uid'] = intval($_GET['uid']);
$_GET['keysearch'] = stripsearchkey($_GET['keysearch']);
$_GET['ip'] = trim($_GET['ip']);
$mpurl = "admincp.php?ac=log&file={$_GET['file']}&uid={$_GET['uid']}&ip={$_GET['ip']}&starttime={$_GET['starttime']}&endtime={$_GET['endtime']}&keysearch={$_GET['keysearch']}";
// use a temporary file cache search results
$tmpfile = S_ROOT . './data/temp/logsearch_' . substr(md5($mpurl), 8, 8) . '.tmp';
if (!is_dir(S_ROOT . './data/temp/')) {
@mkdir(S_ROOT . './data/temp/', 0777);
}
$page = empty($_GET['page']) ? 1 : intval($_GET['page']);
if ($page < 1) {
$page = 1;
}
$start = ($page - 1) * $perpage;
//Check start number
ckstart($start, $perpage);
$list = $uids = array();
public function fetch_all_search($start, $limit, $fetchtype, $uids, $useip, $keywords, $lengthlimit, $starttime, $endtime, $basickeywords = 0, $doid = '', $findex = '')
{
$parameter = array($this->_table);
$wherearr = array();
if ($doid) {
$parameter[] = (array) $doid;
$wherearr[] = 'doid IN(%n)';
}
if (is_array($uids) && count($uids)) {
$parameter[] = $uids;
$wherearr[] = 'uid IN(%n)';
}
if ($useip) {
$parameter[] = str_replace('*', '%', $useip);
$wherearr[] = 'ip LIKE %s';
}
if ($keywords) {
if (!$basickeywords) {
$sqlkeywords = '';
$or = '';
$keywords = explode(',', str_replace(' ', '', $keywords));
for ($i = 0; $i < count($keywords); $i++) {
$keywords[$i] = addslashes(stripsearchkey($keywords[$i]));
if (preg_match("/\\{(\\d+)\\}/", $keywords[$i])) {
$keywords[$i] = preg_replace("/\\\\{(\\d+)\\\\}/", ".{0,\\1}", preg_quote($keywords[$i], '/'));
$sqlkeywords .= " {$or} message REGEXP '" . $keywords[$i] . "'";
} else {
$sqlkeywords .= " {$or} message LIKE '%" . $keywords[$i] . "%'";
}
$or = 'OR';
}
$parameter[] = $sqlkeywords;
$wherearr[] = '%i';
} else {
$parameter[] = '%' . $basickeywords . '%';
$wherearr[] = 'message LIKE %s';
}
}
if ($lengthlimit) {
$parameter[] = intval($lengthlimit);
$wherearr[] = 'LENGTH(message) < %d';
}
if ($starttime) {
$parameter[] = is_numeric($starttime) ? $starttime : strtotime($starttime);
$wherearr[] = 'dateline>%d';
}
if ($endtime) {
$parameter[] = is_numeric($endtime) ? $endtime : strtotime($endtime);
$wherearr[] = 'dateline<%d';
}
if ($fetchtype == 3) {
$selectfield = "count(*)";
} elseif ($fetchtype == 2) {
$selectfield = "doid";
} else {
$selectfield = "*";
$parameter[] = DB::limit($start, $limit);
$ordersql = ' ORDER BY dateline DESC %i';
}
if ($findex) {
$findex = 'USE INDEX(dateline)';
}
$wheresql = !empty($wherearr) && is_array($wherearr) ? ' WHERE ' . implode(' AND ', $wherearr) : '';
if ($fetchtype == 3) {
return DB::result_first("SELECT {$selectfield} FROM %t {$wheresql}", $parameter);
} else {
return DB::fetch_all("SELECT {$selectfield} FROM %t {$findex} {$wheresql} {$ordersql}", $parameter);
}
}
//开始搜索
$wherearr = array();
if ($gets['username']) {
$wherearr[] = "main.username = '******'username']}'";
}
if ($gets['tagid']) {
$wherearr[] = "main.tagid = '{$gets['tagid']}'";
}
if ($value = sstrtotime($gets['starttime'])) {
$wherearr[] = "main.dateline >= '{$value}'";
}
if ($value = sstrtotime($gets['endtime'])) {
$wherearr[] = "main.dateline <= '{$value}'";
}
//关键字
if ($inkey = stripsearchkey($gets['key'])) {
if (preg_match("/( AND |\\+|&|\\s)/i", $inkey) && !preg_match("/( OR |\\|)/i", $inkey)) {
$keys = preg_replace("/( AND |&| )/i", "+", $inkey);
$andor = ' AND ';
} else {
$keys = preg_replace("/( OR |\\|)/i", "+", $inkey);
$andor = ' OR ';
}
$is = array();
foreach (explode('+', $keys) as $value) {
if ($value = trim($value)) {
$is[] = "main.subject LIKE '%{$value}%'";
}
}
if ($is) {
$wherearr[] = '(' . implode($andor, $is) . ')';
realname_set($value['uid'], $value['username'], $value['name'], $value['namestatus']);
$fuids[] = $value['uid'];
$list[] = $value;
}
}
$multi = multi($count, $perpage, $page, $theurl);
} else {
//处理查询
$theurl = "space.php?uid={$space['uid']}&do={$do}";
$actives = array('me' => ' class="active"');
//好友分组
$wheresql = '';
if ($space['self']) {
$groups = getfriendgroup();
$group = !isset($_GET['group']) ? '-1' : intval($_GET['group']);
$get_key = empty($_GET['key']) ? '' : stripsearchkey($_GET['key']);
if ($group > -1) {
$wheresql = "AND main.gid='{$group}'";
$theurl .= "&group={$group}";
} elseif ($get_key) {
if ($_SCONFIG['realname']) {
//搜索实名
$uids = array();
$query = $_SGLOBAL['db']->query("SELECT s.uid FROM " . tname('space') . " s, " . tname('friend') . " f\r\n\t\t\t\t\tWHERE s.name LIKE '%{$get_key}%' AND s.uid=f.fuid AND f.uid='{$_SGLOBAL['supe_uid']}' AND f.status='1'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
$wheresql = "AND (main.fuid IN (" . simplode($uids) . ") OR main.fusername LIKE '%{$get_key}%')";
} else {
$wheresql = "AND main.fusername LIKE '%{$get_key}%'";
}
function stripsearchkey($string)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = stripsearchkey($val);
}
} else {
$string = trim($string);
$string = str_replace('*', '%', addcslashes($string, '%_'));
$string = str_replace('_', '\\_', $string);
}
return $string;
}
public function fetch_all_for_search($name, $ctid, $username, $uid, $start = 0, $limit = 20)
{
$where = '1';
$where .= $name ? ' AND ' . DB::field('name', '%' . stripsearchkey($name) . '%', 'like') : '';
$where .= $ctid ? ' AND ' . DB::field('ctid', $ctid) : '';
$where .= $username ? ' AND ' . DB::field('username', '%' . stripsearchkey($username) . '%', 'like') : '';
$where .= $uid ? ' AND ' . DB::field('uid', $uid) : '';
if ($start == -1) {
return DB::result_first("SELECT count(*) FROM %t WHERE %i", array($this->_table, $where));
}
return DB::fetch_all("SELECT * FROM %t \tWHERE %i ORDER BY dateline DESC %i", array($this->_table, $where, DB::limit($start, $limit)));
}
$leftjoin = ' LEFT JOIN ' . DB::table('common_block_permission') . ' bp ON b.bid=bp.bid';
$wherearr[] = "bp.uid='{$_G['uid']}'";
$wherearr[] = "(bp.allowmanage='1' OR (bp.allowrecommend='1'" . ($op == 'recommend' ? '' : "AND bp.needverify='0'") . "))";
}
$hasinblocks = array();
if ($op == 'recommend' && in_array($_GET['idtype'], array('tid', 'gtid', 'blogid', 'picid', 'aid'), true) && ($_GET['id'] = dintval($_GET['id']))) {
$hasinblocks = C::t('common_block')->fetch_all_recommended_block($_GET['id'], $_GET['idtype'], $wherearr, $leftjoin, $fields);
}
if ($_GET['searchkey']) {
$_GET['searchkey'] = trim($_GET['searchkey']);
$showfavorite = false;
if (preg_match('/^[#]?(\\d+)$/', $_GET['searchkey'], $match)) {
$bid = intval($match[1]);
$wherearr[] = " (b.bid='{$bid}' OR b.name='{$bid}')";
} else {
$wherearr[] = " b.name LIKE '%" . stripsearchkey($_GET['searchkey']) . "%'";
$perpage = 10000;
}
$_GET['searchkey'] = dhtmlspecialchars($_GET['searchkey']);
$theurl .= '&searchkey=' . $_GET['searchkey'];
}
if ($_GET['targettplname']) {
$showfavorite = false;
$targettplname = trim($_GET['targettplname']);
$pagebids = array_keys(C::t('common_template_block')->fetch_all_by_targettplname($targettplname));
if (!empty($pagebids)) {
$wherearr[] = "b.bid IN (" . dimplode($pagebids) . ")";
$perpage = 10000;
} else {
$wherearr[] = "b.bid='0'";
}
* This is NOT a freeware, use is subject to license terms
*
* $Id: portal_topic.php 7476 2010-04-07 09:38:29Z zhangguosheng $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if ($_GET['diy'] == 'yes' && !$_G['group']['allowaddtopic'] && !$_G['group']['allowmanagetopic']) {
$_GET['diy'] = '';
showmessage('topic_edit_nopermission');
}
$topicid = $_GET['topicid'] ? intval($_GET['topicid']) : 0;
if ($topicid) {
$topic = DB::fetch_first('SELECT * FROM ' . DB::table('portal_topic') . " WHERE topicid = '{$topicid}'");
} elseif ($_GET['topic']) {
$_GET['topic'] = stripsearchkey($_GET['topic']);
$topic = DB::fetch_first('SELECT * FROM ' . DB::table('portal_topic') . " WHERE name = '{$_GET['topic']}'");
}
if (empty($topic)) {
showmessage('topic_not_exist');
}
if ($topic['closed'] && !$_G['group']['allowmanagetopic'] && !($topic['uid'] == $_G['uid'] && $_G['group']['allowaddtopic'])) {
showmessage('topic_is_closed');
}
if ($_GET['diy'] == 'yes' && $topic['uid'] != $_G['uid'] && !$_G['group']['allowmanagetopic']) {
$_GET['diy'] = '';
showmessage('topic_edit_nopermission');
}
$topicid = intval($topic['topicid']);
$diyurl = "portal.php?mod=topic&topicid={$topicid}&diy=yes";
DB::query("UPDATE " . DB::table('portal_topic') . " SET viewnum=viewnum+1 WHERE topicid='{$topicid}'");
public function responsemsg()
{
global $_G;
$config = $_G['cache']['plugin']['aljwsq'];
define("TOKEN", $config['token']);
if ($_G['wechat']['setting']['wechat_token']) {
$config['token'] = $_G['wechat']['setting']['wechat_token'];
}
$postStr = file_get_contents("php://input");
if (!empty($postStr)) {
$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
$textTpl = "<xml>\n\t\t\t\t\t\t\t<ToUserName><![CDATA[%s]]></ToUserName>\n\t\t\t\t\t\t\t<FromUserName><![CDATA[%s]]></FromUserName>\n\t\t\t\t\t\t\t<CreateTime>%s</CreateTime>\n\t\t\t\t\t\t\t<MsgType><![CDATA[text]]></MsgType>\n\t\t\t\t\t\t\t<Content><![CDATA[%s]]></Content>\n\t\t\t\t\t\t\t<FuncFlag>0</FuncFlag>\n\t\t\t\t\t\t\t</xml>";
if ($postObj->MsgType == 'event' && $postObj->Event == 'CLICK') {
$contentStr = trim($postObj->EventKey);
$contentStr = $this->u2g($contentStr);
} else {
if ($postObj->MsgType == 'event' && $postObj->Event == 'SCAN') {
$check = C::t('#aljwsq#aljwsq_wxqrcode_record')->count_by_openid_dateline($this->u2g($postObj->FromUserName), TIMESTAMP);
if (empty($check)) {
DB::query('update %t set num = num+1 where scene_id=%d', array('aljwsq_wxqrcode', $this->u2g($postObj->EventKey)));
$scene_id = $postObj->EventKey;
C::t('#aljwsq#aljwsq_wxqrcode_record')->insert(array('openid' => $this->u2g($postObj->FromUserName), 'scene_id' => $this->u2g($scene_id), 'dateline' => TIMESTAMP));
}
$scan = C::t('#aljwsq#aljwsq_wxqrcode')->fetch_by_scene_id($scene_id);
//echo $this->responsetext($postObj, $scene_id);exit;
} else {
if ($postObj->MsgType == 'voice') {
C::t('#aljwsq#aljwsq_voice')->insert(array('toUser' => $this->u2g($postObj->ToUserName), 'fromUser' => $this->u2g($postObj->FromUserName), 'CreateTime' => $this->u2g($postObj->CreateTime), 'MsgType' => $this->u2g($postObj->MsgType), 'MediaId' => $this->u2g($postObj->MediaId), 'Format' => $this->u2g($postObj->Format), 'Recognition' => $this->u2g($postObj->Recognition), 'MsgId' => $this->u2g($postObj->MsgId)));
exit;
} else {
if ($postObj->MsgType == 'event' && $postObj->Event == 'subscribe') {
$config = $_G['cache']['plugin']['aljwsq'];
require_once 'source/plugin/aljwsq/function_core.php';
if ($config['appid'] && $config['appsecret']) {
$wuser = getwuserinfo($postObj, $config['appid'], $config['appsecret']);
}
$openid = (string) $this->u2g($postObj->FromUserName);
$user = C::t('#aljwsq#aljwsq_user')->fetch($openid);
if ($openid) {
if (!$user && $openid) {
C::t('#aljwsq#aljwsq_user')->insert(array('openid' => $openid, 'nickname' => $this->u2g($wuser['nickname']), 'sex' => $wuser['sex'], 'city' => $this->u2g($wuser['city']), 'country' => $this->u2g($wuser['country']), 'province' => $this->u2g($wuser['province']), 'language' => $wuser['language'], 'headimgurl' => $wuser['headimgurl'], 'subscribe_time' => TIMESTAMP));
} else {
C::t('#aljwsq#aljwsq_user')->update($this->u2g($postObj->FromUserName), array('nickname' => $this->u2g($wuser['nickname']), 'sex' => $wuser['sex'], 'city' => $this->u2g($wuser['city']), 'country' => $this->u2g($wuser['country']), 'province' => $this->u2g($wuser['province']), 'language' => $wuser['language'], 'headimgurl' => $wuser['headimgurl']));
}
}
$subscribe = C::t('#aljwsq#aljwsq_autoreply')->fetch_by_msgtype('subscribe');
} else {
if ($postObj->MsgType == 'event' && strtolower($postObj->Event) == 'location') {
$location = C::t('#aljwsq#aljwsq_autoreply')->fetch_by_msgtype('location');
} else {
$contentStr = $this->u2g(trim($postObj->Content));
}
}
}
}
}
if ($contentStr || $subscribe || $location || $scan) {
if ($subscribe) {
if (file_exists('source/plugin/aljwsq/com/subscribe.php')) {
include 'source/plugin/aljwsq/com/subscribe.php';
}
} else {
if ($location) {
if (file_exists('source/plugin/aljwsq/com/location.php')) {
include 'source/plugin/aljwsq/com/location.php';
}
} else {
if ($scan) {
if (file_exists('source/plugin/aljwsq/com/scan.php')) {
include 'source/plugin/aljwsq/com/scan.php';
}
} else {
C::t('#aljwsq#aljwsq_keywordlog')->insert(array('keyword' => $contentStr, 'openid' => $this->u2g($postObj->FromUserName), 'nickname' => $this->u2g($wuser['nickname']), 'dateline' => TIMESTAMP));
if (strpos($contentStr, lang('plugin/aljwsq', 'w1')) !== false) {
$str = mb_substr($contentStr, -2, 2, CHARSET);
$str_key = mb_substr($contentStr, 0, -2, CHARSET);
if ($str == lang('plugin/aljwsq', 'w1') && !empty($str_key)) {
$data = $this->weather($str_key);
if (empty($data[weatherinfo])) {
$contentStr = lang('plugin/aljwsq', 'w2') . $str_key . lang('plugin/aljwsq', 'w3');
} else {
$info = $data['weatherinfo'];
$contentStr = $str_key . lang('plugin/aljwsq', 'w4') . $info['temp'] . lang('plugin/aljwsq', 'w5') . $info['SD'] . lang('plugin/aljwsq', 'w6') . $this->u2g($info['WD']) . $info['WSE'] . lang('plugin/aljwsq', 'w7');
}
echo $this->responsetext($postObj, $contentStr);
}
exit;
}
$news = C::t('#aljwsq#aljwsq_autoreply')->fetch_by_mykeyword($contentStr);
$user = DB::fetch_first('select * from %t where openid=%s and bindtime!=0', array('aljwsq_user', $this->u2g($postObj->FromUserName)));
if (!$user && $config['isnot'] && $news['msgtype'] != 'bind' && $news['msgtype'] != 'register') {
echo $this->responsetext($postObj, $config['btips']);
exit;
}
if ($news['msgtype'] == 'bindkeyword') {
if (file_exists('source/plugin/aljwsq/com/bindkeyword.php')) {
include 'source/plugin/aljwsq/com/bindkeyword.php';
}
}
}
}
}
if ($news['msgtype'] == 'text') {
if (file_exists('source/plugin/aljwsq/com/text.php')) {
include 'source/plugin/aljwsq/com/text.php';
}
} else {
if ($news['msgtype'] == 'register') {
if (file_exists('source/plugin/aljwsq/com/register.php')) {
include 'source/plugin/aljwsq/com/register.php';
}
} else {
if ($news['msgtype'] == 'index' || $news['msgtype'] == 'ggk' || $news['msgtype'] == 'mes' || $news['msgtype'] == 'brandindex' || $news['msgtype'] == 'wsq') {
echo $this->responsenews($postObj, $news);
} else {
if ($news['msgtype'] == 'bind') {
if (file_exists('source/plugin/aljwsq/com/bind.php')) {
include 'source/plugin/aljwsq/com/bind.php';
}
} else {
if ($news['msgtype'] == 'unbind') {
if (file_exists('source/plugin/aljwsq/com/unbind.php')) {
include 'source/plugin/aljwsq/com/unbind.php';
}
} else {
if ($news['msgtype'] == 'url') {
if (file_exists('source/plugin/aljwsq/com/url.php')) {
include 'source/plugin/aljwsq/com/url.php';
}
} else {
if ($news['msgtype'] == 'singlenews') {
if (file_exists('source/plugin/aljwsq/com/singlenews.php')) {
include 'source/plugin/aljwsq/com/singlenews.php';
}
} else {
if ($news['msgtype'] == 'multinews') {
if (file_exists('source/plugin/aljwsq/com/multinews.php')) {
include 'source/plugin/aljwsq/com/multinews.php';
}
} else {
if ($news['msgtype'] == 'thread') {
if (file_exists('source/plugin/aljwsq/com/thread.php')) {
include 'source/plugin/aljwsq/com/thread.php';
}
} else {
if ($news['msgtype'] == 'forum') {
if (file_exists('source/plugin/aljwsq/com/forum.php')) {
include 'source/plugin/aljwsq/com/forum.php';
}
} else {
if ($news['msgtype'] == 'forumlist') {
if (file_exists('source/plugin/aljwsq/com/forumlist.php')) {
include 'source/plugin/aljwsq/com/forumlist.php';
}
} else {
if ($news['msgtype'] == 'post') {
if (file_exists('source/plugin/aljwsq/com/post.php')) {
include 'source/plugin/aljwsq/com/post.php';
}
} else {
if ($news['msgtype'] == 'hotthread') {
if (file_exists('source/plugin/aljwsq/com/hotthread.php')) {
include 'source/plugin/aljwsq/com/hotthread.php';
}
} else {
if ($news['msgtype'] == 'digesthread') {
if (file_exists('source/plugin/aljwsq/com/digesthread.php')) {
include 'source/plugin/aljwsq/com/digesthread.php';
}
} else {
if ($news['msgtype'] == 'comb') {
if (file_exists('source/plugin/aljwsq/com/comb.php')) {
include 'source/plugin/aljwsq/com/comb.php';
}
} else {
if ($news['msgtype'] == 'newthread') {
if (file_exists('source/plugin/aljwsq/com/newthread.php')) {
include 'source/plugin/aljwsq/com/newthread.php';
}
} else {
if ($news['msgtype'] == 'newarticle') {
if (file_exists('source/plugin/aljwsq/com/newarticle.php')) {
include 'source/plugin/aljwsq/com/newarticle.php';
}
} else {
if ($news['msgtype'] == 'invite') {
if (file_exists('source/plugin/aljwsq/com/invite.php')) {
include 'source/plugin/aljwsq/com/invite.php';
}
} else {
if ($news['msgtype'] == 'sign') {
if (file_exists('source/plugin/aljwsq/com/sign.php')) {
include 'source/plugin/aljwsq/com/sign.php';
}
} else {
if ($news['msgtype'] == 'orderlist') {
if (file_exists('source/plugin/aljwsq/com/orderlist.php')) {
include 'source/plugin/aljwsq/com/orderlist.php';
}
} else {
if ($news['msgtype'] == 'music') {
if (file_exists('source/plugin/aljwsq/com/music.php')) {
include 'source/plugin/aljwsq/com/music.php';
}
} else {
if ($news['msgtype'] == 'voice') {
if (file_exists('source/plugin/aljwsq/com/voice.php')) {
include 'source/plugin/aljwsq/com/voice.php';
}
} else {
if ($news['msgtype'] == 'aljbd') {
if (file_exists('source/plugin/aljwsq/com/aljbd.php')) {
include 'source/plugin/aljwsq/com/aljbd.php';
}
} else {
global $_G;
$config = $_G['cache']['plugin']['aljwsq'];
$form = C::t('#aljwsq#aljwsq_autoreply_advanced')->fetch_by_mykeyword($contentStr);
if ($form) {
$form['url'] = 'plugin.php?id=aljwsq:form&fid=' . $form['id'];
echo $this->responsenews($postObj, $form);
exit;
}
$tid = intval($contentStr);
if ($config['isthread'] && $tid && is_int($tid)) {
$thread = C::t('forum_thread')->fetch($tid);
if ($thread) {
$news = $this->getnews($contentStr);
echo $this->responsenews($postObj, $news);
exit;
}
}
$keyword = stripsearchkey($contentStr);
if ($config['isservice']) {
if ($config['skeywords']) {
$config['skeywords'] = str_replace('\\r', '\\n', $config['skeywords']);
$skeywords = explode("\n", $config['skeywords']);
foreach ($skeywords as $wd) {
$wd = trim($wd);
if ($wd == $keyword) {
echo $this->responseservice($postObj);
exit;
}
}
} else {
echo $this->responseservice($postObj);
exit;
}
}
if (file_exists('source/plugin/aljwsq/com/so.php')) {
if ($config['isso']) {
$threads = C::t('forum_thread')->fetch_all_by_authorid_displayorder('', 'tid', '>=', '', $keyword, 0, $config['sonum']);
}
}
$keyword = '%' . $keyword . '%';
if ($config['sobrand']) {
$brands = DB::fetch_all('select * from %t where name like %s order by id desc limit 0,9', array('aljbd', $keyword));
}
if ($threads) {
if (file_exists('source/plugin/aljwsq/com/so.php')) {
include 'source/plugin/aljwsq/com/so.php';
}
} else {
if ($brands) {
$i = 0;
foreach ($brands as $brand) {
$tmp = $this->getbrands($brand['id'], $news);
if (empty($i)) {
if (empty($tmp['picurl'])) {
$tmp['picurl'] = $config['default'];
}
}
$items[] = $tmp;
$i++;
}
echo $this->reponsemultinews($postObj, $items);
} else {
if (preg_match('/(http:\\/\\/)?(.*?)\\.(.*?)\\.(.*?)/is', $contentStr)) {
if (file_exists('source/plugin/aljwsq/com/seo.php')) {
include 'source/plugin/aljwsq/com/seo.php';
}
} else {
$config = $_G['cache']['plugin']['aljwsq'];
if (file_exists('source/plugin/aljwsq/com/third.php')) {
include 'source/plugin/aljwsq/com/third.php';
}
if ($return && $return != 'Request Failed') {
echo $return;
} else {
if ($config['so']) {
echo $this->responsetext($postObj, $config['so']);
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
$sqlbetweenarr[$pre . '`' . $key . '`'] = array('', sstrtotime($tmpvalue));
} else {
$sqlbetweenarr[$pre . '`' . $key . '`'][1] = sstrtotime($tmpvalue);
}
}
} elseif (preg_match("/^(select|radio|linkage)\$/i", $columnsinfoarr[$key]['formtype']) || !preg_match("/^(VARCHAR|CHAR|TEXT|MEDIUMTEXT|LONGTEXT|)\$/i", $columnsinfoarr[$key]['fieldtype'])) {
//=
if (preg_match("/^(VARCHAR|CHAR|TEXT|MEDIUMTEXT|LONGTEXT|)\$/i", $columnsinfoarr[$key]['fieldtype'])) {
//char
$sqlchararr[$pre . '`' . $key . '`'] = stripsearchkey(shtmlspecialchars($tmpvalue));
} else {
$sqlintarr[$pre . '`' . $key . '`'] = intval($tmpvalue);
}
} elseif (preg_match("/^(text|textarea|checkbox)\$/i", $columnsinfoarr[$key]['formtype'])) {
//like
$sqllikearr[$pre . '`' . $key . '`'] = stripsearchkey(shtmlspecialchars($tmpvalue));
}
}
}
}
$where = getmodelsearchsql($sqlchararr, $sqlintarr, $sqllikearr, $sqlbetweenarr);
if (empty($isfixedsearch)) {
$query = $_SGLOBAL['db']->query('SELECT COUNT(*) FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' i, ' . tname($modelsinfoarr['modelname'] . 'message') . ' m ' . ' WHERE i.itemid=m.itemid AND ' . $wherecatid . $where);
} else {
$query = $_SGLOBAL['db']->query('SELECT COUNT(*) FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' i ' . ' WHERE ' . $wherecatid . $where);
}
$listcount = $_SGLOBAL['db']->result($query, 0);
$multipage = '';
$theurl = S_URL . '/m.php?' . str_replace('&page=' . $page, '', $_SERVER["QUERY_STRING"]);
if ($listcount) {
if ($channel == 'tool') {
$getidarr = array_filter($getidarr);
if ($getidarr) {
$list = array();
$query = C::t('portal_article_title')->fetch_all($getidarr);
foreach ($query as $value) {
$list[$value['aid']] = $value;
}
foreach ($getidarr as $getid) {
if ($list[$getid]) {
$articlelist[] = $list[$getid];
}
}
}
} elseif ($op == 'search') {
$catids = array();
$searchkey = addslashes(stripsearchkey($_GET['searchkey']));
$searchcate = intval($_GET['searchcate']);
$catids = category_get_childids('portal', $searchcate);
$catids[] = $searchcate;
if ($searchkey) {
$wherearr[] = "title LIKE '%{$searchkey}%'";
}
$searchkey = dhtmlspecialchars($searchkey);
if ($searchcate) {
$wherearr[] = "catid IN (" . dimplode($catids) . ")";
}
$wheresql = implode(' AND ', $wherearr);
$count = C::t('portal_article_title')->fetch_all_by_sql($wheresql, '', 0, 0, 1);
if ($count) {
$query = C::t('portal_article_title')->fetch_all_by_sql($wheresql, 'ORDER BY dateline', 0, 50);
foreach ($query as $value) {
* $Id: portalcp_article.php 7701 2010-04-12 06:01:33Z zhengqingpeng $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
$catid = max(0, intval($_GET['catid']));
$permission = getallowblock($_G['uid']);
include_once libfile('function/block');
$wherearr = array();
$_GET['searchkey'] = trim($_GET['searchkey']);
if (!empty($_GET['searchkey'])) {
if (preg_match('/^[#]?(\\d+)$/', $_GET['searchkey'], $match)) {
$bid = intval($match[1]);
$wherearr[] = " b.bid='{$bid}'";
} else {
$_GET['searchkey'] = stripsearchkey($_GET['searchkey']);
$wherearr[] = " b.name LIKE '%{$_GET['searchkey']}%'";
}
}
if ($_GET['from'] == 'push') {
$wherearr[] = "b.blockclass='portal_article'";
if (!checkperm('allowdiy')) {
$wherearr[] = "bp.allowdata='1'";
$wherearr[] = "bp.uid='{$_G['uid']}'";
}
} elseif (!checkperm('allowdiy')) {
$wherearr[] = "bp.uid='{$_G['uid']}'";
$wherearr[] = "(bp.allowdata='1' OR bp.allowsetting='1')";
}
$wheresql = empty($wherearr) ? '' : 'WHERE ' . implode(' AND ', $wherearr);
$page = !empty($_GET['page']) ? max(1, intval($_GET['page'])) : 1;
function checkkey($str, $ischeck = 0)
{
$str = stripsearchkey(postget($str));
if ($ischeck) {
if (empty($str)) {
showmessage('keyword_import_inquiry');
} elseif (strlen($str) < 2) {
showmessage('kwyword_import_short');
}
}
return $str;
}
private function api_get($add_page)
{
global $_G;
$url = URL . 'm=list';
if ($_G['fid'] > 0) {
$url .= "&fid=" . $_G['fid'];
}
$channel = $_G['channel'];
$cid = 0;
$arr = array();
if ($_GET['cid']) {
$cid = intval($_GET['cid']);
$cates = (include libfile('config/taobao_cate'));
$cate = array();
foreach ($cates as $k => $v) {
if ($v['cid'] == $cid) {
$cate = $v;
break;
} elseif ($v['sub']) {
foreach ($v['sub'] as $k1 => $v2) {
if ($v2['cid'] == $cid) {
$cate = $v2;
break;
}
}
}
}
if (!$cate['cid']) {
msg('分类ID不存在');
}
$title = $cate['name'];
} elseif ($channel) {
$cid = intval($channel['classname']);
$title = $channel[name];
}
if ($cid > 0) {
$arr['cid'] = $cid;
}
if ($_GET['kw']) {
$string = stripsearchkey(trim($_GET['kw']));
if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) {
msg('非法搜索关键字');
}
$string = safe_output($string);
if (dstrlen($string) < 2) {
msg('要搜索的关键字长度不能小于2');
}
$_GET[kw] = $string;
$arr['keyword'] = $string;
$url .= "&kw=" . $string;
$title .= " " . $string;
unset($arr['cid']);
}
if ($_GET['sort']) {
$order_in = array('price_asc', 'sales_desc', 'credit_desc');
if (in_array($_GET['sort'], $order_in)) {
$arr['sort'] = $_GET['sort'];
$url .= "&sort = " . $_GET['sort'];
unset($_GET['sort']);
}
}
if (!$_GET[kw]) {
unset($_GET['kw']);
}
if (!$arr[keyword] && !$arr['cid']) {
$arr[keyword] = '特价';
}
$arr['start_price'] = 1;
$arr['end_price'] = 99999;
if ($_GET['price1']) {
$_GET['price1'] = $arr['start_price'] = floatval($_GET['price1']);
$url .= "&price1=" . $arr['start_price'];
}
if ($_GET['price2']) {
$_GET['price2'] = $arr['end_price'] = floatval($_GET['price2']);
$url .= "&price2=" . $arr['end_price'];
}
if ($_GET['sort']) {
$sort_arr = array("price_desc", "price_asc", "credit_desc", "credit_asc", "commission_num_desc", "commission_rate_asc");
if (in_array($_GET['sort'], $sort_arr)) {
$arr['sort'] = $_GET['sort'];
$url .= "&sort=" . $arr['sort'];
}
}
//分页大小,优站 40 淘客 40 - 100
$size = $channel['page'] > 0 ? intval($channel['page']) : $_G['setting'][cate_page];
if ($size > 100) {
$size = 100;
}
$arr[page_no] = $add_page ? $_G[page] + $add_page : $_G[page];
$arr[page_size] = $size;
$key = md5(http_build_query($arr));
$size = 40;
$rs = memory('get', $key);
//接口类型 1 = 优站 2= 淘客
if (!$rs) {
if ($goods) {
$rs = array('showpage' => $showpage, 'count' => $count, 'goods' => $goods);
memory('set', $key, $rs, 3600);
}
}
return $rs;
}
if ($startage && $endage && $endage > $startage) {
$wherearr[] = '(sf.birthyear>=' . $startage . ' AND sf.birthyear<=' . $endage . ')';
} else {
if ($startage && empty($endage)) {
$wherearr[] = 'sf.birthyear>=' . $startage;
} else {
if (empty($startage) && $endage) {
$wherearr[] = 'sf.birthyear<=' . $endage;
}
}
}
//自定义
$havefield = 0;
foreach ($fields as $fkey => $fvalue) {
if ($fvalue['allowsearch']) {
$_GET['field_' . $fkey] = empty($_GET['field_' . $fkey]) ? '' : stripsearchkey($_GET['field_' . $fkey]);
if ($_GET['field_' . $fkey]) {
$havefield = 1;
$wherearr[] = "sf.field_{$fkey} LIKE '%" . $_GET['field_' . $fkey] . "%'";
}
}
}
if ($havefield) {
$fromarr['spacefield'] = tname('spacefield') . ' sf';
$wherearr['spacefield'] = "sf.uid=s.uid";
}
//扩展
if ($_GET['type'] == 'edu' || $_GET['type'] == 'work') {
foreach (array('type', 'title', 'subtitle', 'startyear') as $value) {
if ($_GET[$value]) {
$fromarr['spaceinfo'] = tname('spaceinfo') . ' si';
* WebSite:www.SmartCome.com
* QQ:2811931192
*
*/
if (!defined('IN_DISCUZ') || !defined('IN_ADMINCP')) {
exit('Access Denied');
}
require_once libfile("function/video", "plugin/smart_video");
loadcache('plugin');
$smart = $_G['cache']['plugin']['smart_video'];
$lan = lang("plugin/smart_video");
if (submitcheck('submit')) {
$key = stripsearchkey(trim($_POST['key']));
$where = "subject LIKE '%" . $key . "%'";
} else {
$key = stripsearchkey(htmlspecialchars_decode($_GET['key']));
if (empty($key)) {
$where = '1=1';
} else {
$where = "subject LIKE '%" . $key . "%'";
}
}
$htmlkey = htmlspecialchars($key);
$url = ADMINSCRIPT . "?action=plugins&identifier=smart_video&pmod=manage&key=" . $htmlkey;
if (submitcheck('msubmit')) {
$type = trim($_POST['type']);
$select = $_POST['smart_select'];
if ($type == "t") {
foreach ($select as $sk => $sv) {
C::t("#smart_video#video")->update_by_where("smart_video_thread", array('visiable' => 1), "tid=" . intval($sv));
$authorid = C::t("#smart_video#video")->result_first('authorid', 'smart_video_thread', "tid=" . intval($sv));
if(!empty($_POST['joinmode'])) {
//二次确认
$mtag = mtag_join('tagname', stripslashes($tagname), $fieldid);
if(empty($mtag)) {
showmessage('mtag_join_error');
} else {
$url = "space.php?uid=$_SGLOBAL[supe_uid]&do=mtag&tagid=$mtag[tagid]";
showmessage('join_success', $url, 0);
}
} else {
//寻找
$newtagname = stripslashes($_POST['tagname']);
$findmtag = $likemtags = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mtag')." WHERE tagname='$tagname' AND fieldid='$fieldid'");
if(!$findmtag = $_SGLOBAL['db']->fetch_array($query)) {
$key = stripsearchkey($_POST['tagname']);
//找相似的
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mtag')." WHERE tagname LIKE '%$key%' ORDER BY membernum DESC LIMIT 0,20");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$likemtags[] = $value;
}
} else {
if(empty($findmtag['pic'])) $findmtag['pic'] = 'image/nologo.jpg';
}
$_GET['op'] = 'confirm';
include template("cp_mtag");
exit();
}
} elseif(submitcheck('choicesubmit')) {
$mtags = array();
function getwheres($intkeys, $strkeys, $randkeys, $likekeys, $pre = '')
{
$wherearr = array();
$urls = array();
foreach ($intkeys as $var) {
$value = isset($_GET[$var]) ? stripsearchkey($_GET[$var]) : '';
if (strlen($value)) {
if ($var == 'groupid') {
$wherearr[] = "FIND_IN_SET('" . $value . "', {$pre}{$var})";
} else {
$wherearr[] = "{$pre}{$var}='" . intval($value) . "'";
}
$urls[] = "{$var}={$value}";
}
}
foreach ($strkeys as $var) {
$value = isset($_GET[$var]) ? stripsearchkey($_GET[$var]) : '';
if (strlen($value)) {
$wherearr[] = "{$pre}{$var}='{$value}'";
$urls[] = "{$var}=" . rawurlencode($value);
}
}
foreach ($randkeys as $vars) {
$value1 = isset($_GET[$vars[1] . '1']) ? $vars[0]($_GET[$vars[1] . '1']) : '';
$value2 = isset($_GET[$vars[1] . '2']) ? $vars[0]($_GET[$vars[1] . '2']) : '';
if ($value1) {
$wherearr[] = "{$pre}{$vars[1]}>='{$value1}'";
$urls[] = "{$vars[1]}1=" . rawurlencode($_GET[$vars[1] . '1']);
}
if ($value2) {
$wherearr[] = "{$pre}{$vars[1]}<='{$value2}'";
$urls[] = "{$vars[1]}2=" . rawurlencode($_GET[$vars[1] . '2']);
}
}
foreach ($likekeys as $var) {
$value = isset($_GET[$var]) ? stripsearchkey($_GET[$var]) : '';
if (strlen($value) > 1) {
$wherearr[] = "{$pre}{$var} LIKE BINARY '%{$value}%'";
$urls[] = "{$var}=" . rawurlencode($value);
}
}
return array('wherearr' => $wherearr, 'urls' => $urls);
}
} else {
$wheresql = "t.authorid IN ({$space['feedfriend']})";
$theurl = "home.php?mod=space&uid={$space['uid']}&do={$do}&view=we";
}
$query = DB::query("SELECT * FROM " . DB::table('home_friend') . " WHERE uid='{$space['uid']}' ORDER BY num DESC LIMIT 0,100");
while ($value = DB::fetch($query)) {
$userlist[] = $value;
}
} else {
$need_count = false;
}
}
$actives = array($_GET['view'] => ' class="a"');
if ($need_count) {
$wheresql .= " AND t.special='1'";
if ($searchkey = stripsearchkey($_GET['searchkey'])) {
$wheresql .= " AND t.subject LIKE '%{$searchkey}%'";
$searchkey = dhtmlspecialchars($searchkey);
}
$count = DB::result(DB::query("SELECT COUNT(*) FROM " . DB::table('forum_thread') . " t {$apply_sql} WHERE {$wheresql}"), 0);
if ($count) {
$query = DB::query("SELECT t.* FROM " . DB::table('forum_thread') . " t {$apply_sql}\r\n\t\t\tWHERE {$wheresql}\r\n\t\t\tORDER BY {$ordersql} LIMIT {$start},{$perpage}");
}
}
if ($count) {
loadcache('forums');
$tids = array();
require_once libfile('function/misc');
while ($value = DB::fetch($query)) {
if (empty($value['author']) && $value['authorid'] != $_G['uid']) {
$hiddennum++;
$cacheinfo = getmodelinfoall('mid', $_GET['mid']);
if (empty($cacheinfo['models'])) {
showmessage('exists_module_error');
}
$resultmodels = $cacheinfo['models'];
} else {
showmessage('exists_module_error');
}
if (in_array($resultmodels['modelname'], $_SCONFIG['closechannels'])) {
showmessage('usetype_no_open');
}
//获取的变量初始化
$_SGET['page'] = intval(postget('page'));
$_SGET['order'] = postget('order');
$_SGET['sc'] = postget('sc');
$_SGET['searchkey'] = stripsearchkey(postget('searchkey'));
$_SGET['folder'] = intval(postget('folder')) == 0 ? 1 : intval(postget('folder'));
$_SGET['page'] < 1 ? $_SGET['page'] = 1 : '';
if ($_SGET['order'] != 'dateline') {
$_SGET['order'] = '';
}
if (!in_array($_SGET['sc'], array('ASC', 'DESC'))) {
$_SGET['sc'] = 'DESC';
}
$urlplus = '&order=' . $_SGET['order'] . '&sc=' . $_SGET['sc'] . '&searchkey=' . rawurlencode($_SGET['searchkey']);
$newurl = $theurl . $urlplus . '&page=' . $_SGET['page'];
$listarr = array();
//POST METHOD
if (submitcheck('listvaluesubmit')) {
if (empty($_POST['item'])) {
//判断提交过来的是否存在待操作的记录,如果没有,则显示提示信息并退出
