$blogid = inserttable('blog', $blogarr, 1); //插入内容 $fieldarr = array('blogid' => $blogid, 'message' => $message, 'postip' => getonlineip()); inserttable('blogfield', $fieldarr); //统计 $incount = $incount + 1; $results[$key]['status'] = 'OK'; $results[$key]['blogid'] = $blogid; } else { $results[$key]['status'] = '--'; $results[$key]['blogid'] = 0; } } if ($incount) { //扣除积分 updatespacestatus('pay', 'xmlrpc'); @unlink($userfile); } } elseif (submitcheck('resubmit')) { @unlink($userfile); $results = array(); } include template('cp_import'); //xmlrpc结果解析 function xmltoarray($xmldata) { global $_SC; $struct = array(); $__type = 0; $tmp_value = ''; $parser = xml_parser_create();
function blog_post($POST, $olds = array()) { global $_SGLOBAL, $_SC; //操作者角色切换 if (!empty($olds['uid'])) { $__SGLOBAL = $_SGLOBAL; $_SGLOBAL['supe_uid'] = $olds['uid']; $_SGLOBAL['supe_username'] = addslashes($olds['username']); } //标题 $POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1); if (strlen($POST['subject']) < 1) { $POST['subject'] = sgmdate('Y-m-d'); } $POST['friend'] = intval($POST['friend']); //隐私 $POST['target_ids'] = ''; if ($POST['friend'] == 2) { //特定好友 $uids = array(); $names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names'])); if ($names) { $query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $uids[] = $value['uid']; } } if (empty($uids)) { $POST['friend'] = 3; //仅自己可见 } else { $POST['target_ids'] = implode(',', $uids); } } elseif ($POST['friend'] == 4) { //加密 $POST['password'] = trim($POST['password']); if ($POST['password'] == '') { $POST['friend'] = 0; } //公开 } if ($POST['friend'] !== 2) { $POST['target_ids'] = ''; } if ($POST['friend'] !== 4) { $POST['password'] == ''; } $POST['tag'] = shtmlspecialchars(trim($POST['tag'])); $POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1); //语词屏蔽 //内容 $POST['message'] = checkhtml($POST['message']); $POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1); $POST['message'] = preg_replace("/\\<div\\>\\<\\/div\\>/i", '', $POST['message']); $message = $POST['message']; //个人分类 if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) { if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') { //分类名 $classname = shtmlspecialchars(trim(substr($POST['classid'], 4))); $classname = getstr($classname, 0, 1, 1, 1); if (empty($classname)) { $classid = 0; } else { $classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid'); if (empty($classid)) { $setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']); $classid = inserttable('class', $setarr, 1); } } } else { $classid = intval($POST['classid']); } } else { $classid = $olds['classid']; } if ($classid && empty($classname)) { //是否是自己的 $classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname'); if (empty($classname)) { $classid = 0; } } //主表 $blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1); //标题图片 $titlepic = ''; //获取上传的图片 $uploads = array(); if (!empty($POST['picids'])) { $picids = array_keys($POST['picids']); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { if (empty($titlepic) && $value['thumb']) { $titlepic = $value['filepath'] . '.thumb.jpg'; $blogarr['picflag'] = $value['remote'] ? 2 : 1; } $uploads[$POST['picids'][$value['picid']]] = $value; } if (empty($titlepic) && $value) { $titlepic = $value['filepath']; $blogarr['picflag'] = $value['remote'] ? 2 : 1; } } //插入文章 if ($uploads) { preg_match_all("/\\<img\\s.*?\\_uchome\\_localimg\\_([0-9]+).+?src\\=\"(.+?)\"/i", $message, $mathes); if (!empty($mathes[1])) { $searchs = $idsearchs = array(); $replaces = array(); foreach ($mathes[1] as $key => $value) { if (!empty($mathes[2][$key]) && !empty($uploads[$value])) { $searchs[] = $mathes[2][$key]; $idsearchs[] = "_uchome_localimg_{$value}"; $replaces[] = mkpicurl($uploads[$value], 0); unset($uploads[$value]); } } if ($searchs) { $message = str_replace($searchs, $replaces, $message); $message = str_replace($idsearchs, 'uchomelocalimg[]', $message); } } //未插入文章 foreach ($uploads as $value) { $picurl = mkpicurl($value, 0); $message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>"; } } //没有填写任何东西 $ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message); if (empty($ckmessage)) { return false; } //添加slashes $message = addslashes($message); //从内容中读取图片 if (empty($titlepic)) { $titlepic = getmessagepic($message); $blogarr['picflag'] = 0; } $blogarr['pic'] = $titlepic; if ($olds['blogid']) { //更新 $blogid = $olds['blogid']; updatetable('blog', $blogarr, array('blogid' => $blogid)); $fuids = array(); $blogarr['uid'] = $olds['uid']; $blogarr['username'] = $olds['username']; } else { $blogarr['uid'] = $_SGLOBAL['supe_uid']; $blogarr['username'] = $_SGLOBAL['supe_username']; $blogarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline']; $blogid = inserttable('blog', $blogarr, 1); } $blogarr['blogid'] = $blogid; //附表 $fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']); //TAG $oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag']))); $tagarr = array(); if ($POST['tag'] != $oldtagstr) { if (!empty($olds['tag'])) { //先把以前的给清理掉 $oldtags = array(); $query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $oldtags[] = $value['tagid']; } if ($oldtags) { $_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET blognum=blognum-1 WHERE tagid IN (" . simplode($oldtags) . ")"); $_SGLOBAL['db']->query("DELETE FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'"); } } $tagarr = tag_batch($blogid, $POST['tag']); //更新附表中的tag $fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr)); } if ($olds) { //更新 updatetable('blogfield', $fieldarr, array('blogid' => $blogid)); } else { $fieldarr['blogid'] = $blogid; $fieldarr['uid'] = $blogarr['uid']; inserttable('blogfield', $fieldarr); } //空间更新 if ($olds) { //空间更新 $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'"); } else { //积分 updatespacestatus('get', 'blog'); } //feed if (empty($olds) && $blogarr['friend'] != 3) { //事件feed $fs = array(); $fs['icon'] = 'blog'; $fs['title_data'] = array(); $fs['images'] = $fs['image_links'] = array(); if ($blogarr['friend'] == 4) { //加密日志feed $fs['title_template'] = cplang('feed_blog_password'); $fs['title_data'] = array('subject' => "<a href=\"space.php?uid={$_SGLOBAL['supe_uid']}&do=blog&id={$blogid}\">{$blogarr['subject']}</a>"); $fs['body_template'] = ''; $fs['body_data'] = array(); } else { if ($blogarr['pic']) { $fs['images'] = array(mkpicurl($blogarr)); $fs['image_links'] = array("space.php?uid={$_SGLOBAL['supe_uid']}&do=blog&id={$blogid}"); } $fs['title_template'] = cplang('feed_blog'); $fs['body_template'] = '<b>{subject}</b><br>{summary}'; $fs['body_data'] = array('subject' => "<a href=\"space.php?uid={$_SGLOBAL['supe_uid']}&do=blog&id={$blogid}\">{$blogarr['subject']}</a>", 'summary' => getstr($message, 150, 1, 1, 0, 0, -1)); } $fs['body_general'] = ''; $fs['target_ids'] = $fieldarr['target_ids']; $fs['friend'] = $blogarr['friend']; if (ckprivacy('blog', 1)) { include_once S_ROOT . './source/function_cp.php'; feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general'], $fs['images'], $fs['image_links'], $fs['target_ids'], $fs['friend']); } } //角色切换 if (!empty($__SGLOBAL)) { $_SGLOBAL = $__SGLOBAL; } return $blogarr; }
realname_get(); $post['message'] = preg_replace("/\\<div class=\"quote\"\\>\\<span class=\"q\"\\>.*?\\<\\/span\\>\\<\\/div\\>/is", '', $post['message']); //移除编辑记录 $post['message'] = preg_replace("/<ins class=\"modify\".+?<\\/ins>/is", '', $post['message']); $post['message'] = html2bbcode($post['message']); //显示用 $message = addslashes("<div class=\"quote\"><span class=\"q\"><b>" . $_SN[$post['uid']] . "</b>: " . getstr($post['message'], 150, 0, 0, 0, 2, 1) . '</span></div>') . $message; } $setarr = array('tagid' => intval($thread['tagid']), 'tid' => $tid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'ip' => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message, 'pic' => getpicurl($_POST['pic'])); $pid = inserttable('post', $setarr, 1); //邮件通知 smail($thread['uid'], '', cplang('mtag_reply', array($_SN[$space['uid']], shtmlspecialchars(getsiteurl() . "space.php?uid={$thread['uid']}&do=thread&id={$thread['tid']}")))); //更新统计数据 $_SGLOBAL['db']->query("UPDATE " . tname('thread') . "\r\n\t\tSET replynum=replynum+1, lastpost='{$_SGLOBAL['timestamp']}', lastauthor='{$_SGLOBAL['supe_username']}', lastauthorid='{$_SGLOBAL['supe_uid']}'\r\n\t\tWHERE tid='{$tid}'"); //积分 updatespacestatus('get', 'post'); //普通回复 if (empty($post) && $thread['uid'] != $_SGLOBAL['supe_uid']) { realname_set($thread['uid'], $thread['username']); realname_get(); if (empty($mtag['viewperm'])) { $fs = array(); $fs['icon'] = 'post'; $fs['body_template'] = ''; $fs['body_data'] = array(); $fs['body_general'] = ''; $fs['title_template'] = cplang('feed_thread_reply'); $fs['title_data'] = array('touser' => "<a href=\"space.php?uid={$thread['uid']}\">" . $_SN[$thread['uid']] . "</a>", 'thread' => "<a href=\"space.php?uid={$thread['uid']}&do=thread&id={$thread['tid']}\">{$thread['subject']}</a>"); if (ckprivacy('post', 1)) { feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general']); }
} if ($is) { $wherearr[] = '(' . implode($andor, $is) . ')'; } } if (empty($wherearr)) { showmessage('set_the_correct_search_content'); } $query = $_SGLOBAL['db']->query("SELECT main.*,mtag.tagname,mtag.membernum,mtag.fieldid \r\n\t\tFROM " . tname('thread') . " main, " . tname('mtag') . " mtag\r\n\t\tWHERE " . implode(' AND ', $wherearr) . " AND mtag.tagid=main.tagid AND mtag.viewperm='0'\r\n\t\tORDER BY main.dateline DESC LIMIT 0, 100"); //最多100条 while ($value = $_SGLOBAL['db']->fetch_array($query)) { realname_set($value['uid'], $value['username']); $list[] = $value; } //更新最后操作时间 updatespacestatus('pay', 'search'); } else { //分页 $perpage = 50; $page = empty($_GET['page']) ? 1 : intval($_GET['page']); if ($page < 1) { $page = 1; } $start = ($page - 1) * $perpage; if (empty($_SCONFIG['networkpage'])) { $start = 0; } //检查开始数 ckstart($start, $perpage); //处理查询 $tagids = array();
feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general'], $fs['images'], $fs['image_links'], $fs['target_ids'], $fs['friend']); } //发送通知 notification_add($tospace['uid'], $note_type, $note); //留言发送短消息 if ($_POST['idtype'] == 'uid' && $tospace['updatetime'] == $tospace['dateline']) { include_once S_ROOT . './uc_client/client.php'; uc_pm_send($_SGLOBAL['supe_uid'], $tospace['uid'], cplang('wall_pm_subject'), cplang('wall_pm_message', array(addslashes(getsiteurl() . $n_url))), 1, 0, 0); } } } elseif ($comment['authorid'] != $_SGLOBAL['supe_uid']) { notification_add($comment['authorid'], $note_type, $q_note); } //积分 if ($tospace['uid'] != $_SGLOBAL['supe_uid']) { updatespacestatus('get', 'comment'); } showmessage($msg, $_POST['refer'], 0, $magvalues); } $cid = empty($_GET['cid']) ? 0 : intval($_GET['cid']); //编辑 if ($_GET['op'] == 'edit') { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('comment') . " WHERE cid='{$cid}' AND authorid='{$_SGLOBAL['supe_uid']}'"); if (!($comment = $_SGLOBAL['db']->fetch_array($query))) { showmessage('no_privilege'); } //提交编辑 if (submitcheck('editsubmit')) { $message = getstr($_POST['message'], 0, 1, 1, 1, 2); if (strlen($message) < 2) { showmessage('content_is_too_short');