function uploadFile($file)
{
global $_G;
$upload = new discuz_upload();
if (!$upload->init($file, 'common', rand(0, 100000), 'bigapp_' . md5_file($file['tmp_name']))) {
returnData(7, 'init discuz init failed');
}
if (!$upload->save()) {
returnData(8, 'save file as attachment failed');
}
$url = $upload->attach['attachment'];
if (strpos($_G['setting']['attachurl'], 'http') === false) {
$url = $_G['siteurl'] . $_G['setting']['attachurl'] . 'common/' . $url;
} else {
$url = $_G['setting']['attachurl'] . 'common/' . $url;
}
return $url;
}
function forum_upload()
{
global $_G;
$this->uid = intval($_G['gp_uid']);
$swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $this->uid);
if (!$_FILES['Filedata']['error'] && $_G['gp_hash'] == $swfhash) {
$this->aid = 0;
$this->simple = !empty($_G['gp_simple']) ? $_G['gp_simple'] : 0;
$_G['groupid'] = intval(DB::result_first("SELECT groupid FROM " . DB::table('common_member') . " WHERE uid='" . $this->uid . "'"));
loadcache('usergroup_' . $_G['groupid']);
$_G['group'] = $_G['cache']['usergroup_' . $_G['groupid']];
require_once libfile('class/upload');
$upload = new discuz_upload();
$upload->init($_FILES['Filedata'], 'forum');
$this->attach =& $upload->attach;
if ($upload->error()) {
$this->uploadmsg(2);
}
$allowupload = !$_G['group']['maxattachnum'] || $_G['group']['maxattachnum'] && $_G['group']['maxattachnum'] > DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE uid='{$_G['uid']}' AND dateline>'{$_G['timestamp']}'-86400");
if (!$allowupload) {
$this->uploadmsg(9);
}
if ($_G['group']['attachextensions'] && (!preg_match("/(^|\\s|,)" . preg_quote($upload->attach['ext'], '/') . "(\$|\\s|,)/i", $_G['group']['attachextensions']) || !$upload->attach['ext'])) {
$this->uploadmsg(1);
}
if (empty($upload->attach['size'])) {
$this->uploadmsg(2);
}
if ($_G['group']['maxattachsize'] && $upload->attach['size'] > $_G['group']['maxattachsize']) {
$this->uploadmsg(3);
}
if ($type = DB::fetch_first("SELECT maxsize FROM " . DB::table('forum_attachtype') . " WHERE extension='" . addslashes($upload->attach['ext']) . "'")) {
if ($type['maxsize'] == 0) {
$this->uploadmsg(4);
} elseif ($upload->attach['size'] > $type['maxsize']) {
$this->uploadmsg(5);
}
}
if ($upload->attach['size'] && $_G['group']['maxsizeperday']) {
$todaysize = intval(DB::result_first("SELECT SUM(filesize) FROM " . DB::table('forum_attachment') . " WHERE uid='{$_G['uid']}' AND dateline>'{$_G['timestamp']}'-86400"));
$todaysize += $upload->attach['size'];
if ($todaysize >= $_G['group']['maxsizeperday']) {
$this->uploadmsg(6);
}
}
$upload->save();
if ($upload->error() == -103) {
$this->uploadmsg(8);
} elseif ($upload->error()) {
$this->uploadmsg(9);
}
$thumb = $remote = $width = 0;
if ($upload->attach['isimage']) {
require_once libfile('class/image');
$image = new image();
$thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], $_G['setting']['thumbsource']) ? 1 : 0;
$image->Watermark($upload->attach['target']);
$width = $image->imginfo['width'];
}
if (!$this->simple) {
$upload->attach['name'] = diconv($upload->attach['name'], 'utf-8');
}
if ($_G['gp_type'] != 'image' && $upload->attach['isimage']) {
$upload->attach['isimage'] = -1;
}
DB::query("INSERT INTO " . DB::table('forum_attachment') . " (tid, pid, dateline, readperm, price, filename, filetype, filesize, attachment, downloads, isimage, uid, thumb, remote, width)\n\t\t\t\tVALUES ('0', '0', '{$_G['timestamp']}', '0', '0', '" . $upload->attach['name'] . "', '" . $upload->attach['type'] . "', '" . $upload->attach['size'] . "', '" . $upload->attach['attachment'] . "', '0', '" . $upload->attach['isimage'] . "', '" . $this->uid . "', '{$thumb}', '{$remote}', '{$width}')");
$this->aid = DB::insert_id();
$this->uploadmsg(0);
}
}
}
unset($setarr[$key]);
}
}
if ($_G['gp_deletefile'] && is_array($_G['gp_deletefile'])) {
foreach ($_G['gp_deletefile'] as $key => $value) {
if (isset($_G['cache']['profilesetting'][$key])) {
@unlink(getglobal('setting/attachdir') . './profile/' . $space[$key]);
@unlink(getglobal('setting/attachdir') . './profile/' . $verifyinfo['field'][$key]);
$verifyarr[$key] = $setarr[$key] = '';
}
}
}
if ($_FILES) {
require_once libfile('class/upload');
$upload = new discuz_upload();
foreach ($_FILES as $key => $file) {
if (!isset($_G['cache']['profilesetting'][$key])) {
continue;
}
if (!empty($file) && $file['error'] == 0 || !empty($space[$key]) && empty($_G['gp_deletefile'][$key])) {
$value = '1';
} else {
$value = '';
}
if (profile_check($key, $value, $space)) {
$upload->init($file, 'profile');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
if (!$upload->get_image_info($attach['target'])) {
} elseif (strlen($advnew['title']) > 50) {
cpmsg('adv_title_more', '', 'error');
} elseif ($advnew['endtime'] && ($advnew['endtime'] <= TIMESTAMP || $advnew['endtime'] <= $advnew['starttime'])) {
cpmsg('adv_endtime_invalid', '', 'error');
} elseif ($advnew['style'] == 'code' && !$advnew['code']['html'] || $advnew['style'] == 'text' && (!$advnew['text']['title'] || !$advnew['text']['link']) || $advnew['style'] == 'image' && (!$_FILES['advnewimage'] && !$_G['gp_advnewimage'] || !$advnew['image']['link']) || $advnew['style'] == 'flash' && (!$_FILES['advnewflash'] && !$_G['gp_advnewflash'] || !$advnew['flash']['width'] || !$advnew['flash']['height'])) {
cpmsg('adv_parameter_invalid', '', 'error');
}
if ($operation == 'add') {
$advid = DB::insert('advertisement', array('available' => 1, 'type' => $type), 1);
} else {
$type = DB::result_first("SELECT type FROM " . DB::table('advertisement') . " WHERE advid='{$advid}'");
}
if ($advnew['style'] == 'image' || $advnew['style'] == 'flash') {
if ($_FILES['advnew' . $advnew['style']]) {
require_once libfile('class/upload');
$upload = new discuz_upload();
if ($upload->init($_FILES['advnew' . $advnew['style']], 'common') && $upload->save()) {
$advnew[$advnew['style']]['url'] = $_G['setting']['attachurl'] . 'common/' . $upload->attach['attachment'];
}
} else {
$advnew[$advnew['style']]['url'] = $_G['gp_advnew' . $advnew['style']];
}
}
foreach ($advnew[$advnew['style']] as $key => $val) {
$advnew[$advnew['style']][$key] = dstripslashes($val);
}
$advnew['displayorder'] = isset($advnew['displayorder']) ? implode("\t", $advnew['displayorder']) : '';
$advnew['code'] = encodeadvcode($advnew);
$extra = $type != 'custom' ? '' : '&customid=' . $parameters['extra']['customid'];
$advnew['parameters'] = addslashes(serialize(array_merge(is_array($parameters) ? $parameters : array(), array('style' => $advnew['style']), $advnew['style'] == 'code' ? array() : $advnew[$advnew['style']], array('html' => $advnew['code']), array('displayorder' => $advnew['displayorder']))));
$advnew['code'] = addslashes($advnew['code']);
} else {
showmessage('diy_export_tpl_invalid', '/');
}
}
showmessage('diy_operation_invalid', '/');
} elseif ($op == 'import') {
$tpl = $_POST['tpl'] ? $_POST['tpl'] : $_GET['tpl'];
tpl_checkperm($tpl);
if (submitcheck('importsubmit')) {
$isinner = false;
$filename = '';
if ($_POST['importfilename']) {
$filename = DISCUZ_ROOT . './template/default/portal/diyxml/' . $_POST['importfilename'] . '.xml';
$isinner = true;
} else {
$upload = new discuz_upload();
$upload->init($_FILES['importfile'], 'temp');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
}
if ($upload->error()) {
showmessage($upload->error(), 'portal.php', array('status' => $upload->error()));
} else {
$filename = $attach['target'];
}
}
if ($filename) {
$arr = import_diy($filename);
if (!$isinner) {
@unlink($filename);
function stringtopic($value, $key = '', $force = false, $rlength = 0)
{
if ($key === '') {
$key = $value;
}
$basedir = !getglobal('setting/attachdir') ? './data/attachment' : getglobal('setting/attachdir');
$url = !getglobal('setting/attachurl') ? './data/attachment/' : getglobal('setting/attachurl');
$subdir1 = substr(md5($key), 0, 2);
$subdir2 = substr(md5($key), 2, 2);
$target = 'temp/' . $subdir1 . '/' . $subdir2 . '/';
$targetname = substr(md5($key), 8, 16) . '.png';
discuz_upload::check_dir_exists('temp', $subdir1, $subdir2);
if (!$force && file_exists($basedir . '/' . $target . $targetname)) {
return $url . $target . $targetname;
}
$value = str_replace("\n", '', $value);
$fontfile = $fontname = '';
$ttfenabled = false;
$size = 10;
$w = 130;
$rowh = 25;
$value = explode("\r", $value);
if ($rlength) {
$temp = array();
foreach ($value as $str) {
$strlen = dstrlen($str);
if ($strlen > $rlength) {
for ($i = 0; $i < $strlen; $i++) {
$sub = cutstr($str, $rlength, '');
$temp[] = $sub;
$str = substr($str, strlen($sub));
$strlen = $strlen - $rlength;
}
} else {
$temp[] = $str;
}
}
$value = $temp;
unset($temp);
}
if (function_exists('imagettftext')) {
$fontroot = DISCUZ_ROOT . './static/image/seccode/font/ch/';
$dirs = opendir($fontroot);
while ($entry = readdir($dirs)) {
if ($entry != '.' && $entry != '..' && in_array(strtolower(fileext($entry)), array('ttf', 'ttc'))) {
$fontname = $entry;
break;
}
}
if (!empty($fontname)) {
$fontfile = DISCUZ_ROOT . './static/image/seccode/font/ch/' . $fontname;
}
if ($fontfile) {
if (strtoupper(CHARSET) != 'UTF-8') {
include DISCUZ_ROOT . './source/class/class_chinese.php';
$cvt = new Chinese(CHARSET, 'utf8');
$value = $cvt->Convert(implode("\r", $value));
$value = explode("\r", $value);
}
$ttfenabled = true;
}
}
foreach ($value as $str) {
if ($ttfenabled) {
$box = imagettfbbox($size, 0, $fontfile, $str);
$height = max($box[1], $box[3]) - min($box[5], $box[7]);
$len = max($box[2], $box[4]) - min($box[0], $box[6]);
$rowh = max(array($height, $rowh));
} else {
$len = strlen($str) * 12;
}
$w = max(array($len, $w));
}
$h = $rowh * count($value) + count($value) * 2;
$im = @imagecreate($w, $h);
$background_color = imagecolorallocate($im, 255, 255, 255);
$text_color = imagecolorallocate($im, 60, 60, 60);
$h = $ttfenabled ? $rowh : 4;
foreach ($value as $str) {
if ($ttfenabled) {
imagettftext($im, $size, 0, 0, $h, $text_color, $fontfile, $str);
$h += 2;
} else {
imagestring($im, $size, 0, $h, $str, $text_color);
}
$h += $rowh;
}
imagepng($im, $basedir . '/' . $target . $targetname);
imagedestroy($im);
return $url . $target . $targetname;
}
function save_to_local($source, $target)
{
if (!discuz_upload::is_upload_file($source)) {
$succeed = false;
} elseif (@copy($source, $target)) {
$succeed = true;
} elseif (function_exists('move_uploaded_file') && @move_uploaded_file($source, $target)) {
$succeed = true;
} elseif (@is_readable($source) && @($fp_s = fopen($source, 'rb')) && @($fp_t = fopen($target, 'wb'))) {
while (!feof($fp_s)) {
$s = @fread($fp_s, 1024 * 512);
@fwrite($fp_t, $s);
}
fclose($fp_s);
fclose($fp_t);
$succeed = true;
}
if ($succeed) {
$this->errorcode = 0;
@chmod($target, 0644);
@unlink($source);
} else {
$this->errorcode = 0;
}
return $succeed;
}
}
} else {
if ($_G['gp_ac'] == "upload") {
if ($_G['gp_inajax'] != "yes") {
$imgexts = "jpg, jpeg, gif, png, bmp";
include template("pdnovel/upload");
} else {
if (!in_array(strrchr(strtolower($_FILES['file']['name']), "."), array(".gif", ".jpg", ".jpeg", ".bmp", ".png"))) {
novel_upload_error($upload->error());
}
if ($version == 'X2.5') {
require_once "source/class/discuz/discuz_upload.php";
} elseif ($version == 'X2') {
require_once "source/class/class_upload.php";
}
$upload = new discuz_upload();
$upload->init($_FILES['file']);
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
}
if ($upload->error()) {
novel_upload_error($upload->error());
}
if ($attach) {
echo "data/attachment/temp/" . $attach['attachment'];
}
}
}
}
}
function on_register()
{
global $_G;
$_GET['username'] = $_GET['' . $this->setting['reginput']['username']];
$_GET['password'] = $_GET['' . $this->setting['reginput']['password']];
$_GET['password2'] = $_GET['' . $this->setting['reginput']['password2']];
$_GET['email'] = $_GET['' . $this->setting['reginput']['email']];
if ($_G['uid']) {
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$url_forward = dreferer();
if (strpos($url_forward, $this->setting['regname']) !== false) {
$url_forward = 'forum.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
} elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
if ($_GET['action'] == 'activation' || $_GET['activationauth']) {
if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif (!$this->setting['regstatus']) {
if ($this->setting['regconnect']) {
dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple');
}
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules =& $this->setting['bbrules'];
$bbrulesforce =& $this->setting['bbrulesforce'];
$bbrulestxt =& $this->setting['bbrulestxt'];
$welcomemsg =& $this->setting['welcomemsg'];
$welcomemsgtitle =& $this->setting['welcomemsgtitle'];
$welcomemsgtxt =& $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
if ($this->setting['regverify']) {
if ($this->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$this->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$this->setting['regverify'] = 0;
break;
}
}
}
}
$invitestatus = false;
if ($this->setting['regstatus'] == 2) {
if ($this->setting['inviteconfig']['inviteareawhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$invitestatus = true;
}
}
}
if ($this->setting['inviteconfig']['inviteipwhite']) {
foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$invitestatus = true;
break;
}
}
}
}
$groupinfo = array();
if ($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$seccodecheck = $this->setting['seccodestatus'] & 1;
$secqaacheck = $this->setting['secqaa']['status'] & 1;
$fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
$username = isset($_GET['username']) ? $_GET['username'] : '';
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_GET['auth'];
if (!$invitestatus) {
$invite = getinvite();
}
$sendurl = $this->setting['sendregisterurl'] ? true : false;
if ($sendurl) {
if (!empty($_GET['hash'])) {
$_GET['hash'] = preg_replace("/[^\\[A-Za-z0-9_\\]%]/", '', $_GET['hash']);
$hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey']));
if (is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) {
$sendurl = false;
}
}
}
if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
if ($_GET['action'] == 'activation') {
$auth = explode("\t", authcode($auth, 'DECODE'));
if (FORMHASH != $auth[1]) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$username = $auth[0];
$activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
$sendurl = false;
}
if (!$sendurl) {
if ($fromuid) {
$member = getuserbyuid($fromuid);
if (!empty($member)) {
$fromuser = dhtmlspecialchars($member['username']);
} else {
dsetcookie('promotion');
}
}
if ($_GET['action'] == 'activation') {
$auth = dhtmlspecialchars($auth);
}
if ($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach ($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if ($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
}
$bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
$dreferer = dreferer();
include template($this->template);
} else {
$activationauth = array();
if (isset($_GET['activationauth']) && $_GET['activationauth']) {
$activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE'));
if ($activationauth[1] != FORMHASH) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$sendurl = false;
}
if (!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) {
checkemail($_GET['email']);
}
if ($sendurl) {
$hashstr = urlencode(authcode("{$_GET['email']}\t{$_G['timestamp']}", 'ENCODE', $_G['config']['security']['authkey']));
$registerurl = "{$_G[siteurl]}member.php?mod=" . $this->setting['regname'] . "&hash={$hashstr}&email={$_GET[email]}";
$email_register_message = lang('email', 'email_register_message', array('bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $registerurl));
if (!sendmail("{$_GET['email']} <{$_GET['email']}>", lang('email', 'email_register_subject'), $email_register_message)) {
runlog('sendmail', "{$_GET['email']} sendmail failed.");
}
showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10));
}
$emailstatus = 0;
if ($this->setting['sendregisterurl'] && !$sendurl) {
$_GET['email'] = strtolower($hash[0]);
$this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify'];
if (!$this->setting['regverify']) {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$emailstatus = 1;
}
if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
$activation = array();
if (isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) {
if ($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
}
if (!$activation) {
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif ($usernamelen > 15) {
showmessage('profile_username_toolong');
}
if (uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) {
if ($_G['inajax']) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username));
}
}
if ($this->setting['pwlength']) {
if (strlen($_GET['password']) < $this->setting['pwlength']) {
showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
}
}
if ($this->setting['strongpw']) {
$strongpw_str = array();
if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_1');
}
if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_2');
}
if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_3');
}
if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_4');
}
if ($strongpw_str) {
showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
}
}
$email = strtolower(trim($_GET['email']));
if (empty($email) && $_G['setting']['forgeemail']) {
$_GET['email'] = $email = strtolower(random(6)) . '@' . $_SERVER['HTTP_HOST'];
}
if (empty($this->setting['ignorepassword'])) {
if ($_GET['password'] !== $_GET['password2']) {
showmessage('profile_passwd_notmatch');
}
if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_GET['password'];
} else {
$password = md5(random(10));
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
showmessage('profile_username_protect');
}
if ($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) {
showmessage('profile_required_info_invalid');
}
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$this->setting['regctrl'] = $this->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($this->setting['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $this->setting['regctrl'] * 3600)) {
showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
}
}
$setregip = null;
if ($this->setting['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $this->setting['regfloodctrl']) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
$profile = $verifyarr = array();
foreach ($_G['cache']['fields_register'] as $field) {
if (defined('IN_MOBILE')) {
break;
}
$field_key = $field['fieldid'];
$field_val = $_GET['' . $field_key];
if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if (!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
}
if ($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
if (!$activation) {
$uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
}
} else {
list($uid, $username, $email) = $activation;
}
$_G['username'] = $username;
if (getuserbyuid($uid, 1)) {
if (!$activation) {
uc_user_delete($uid);
}
showmessage('profile_uid_duplicate', '', array('uid' => $uid));
}
$password = md5(random(10));
$secques = $questionid > 0 ? random(8) : '';
if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if (isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if ($_FILES) {
$upload = new discuz_upload();
foreach ($_FILES as $key => $file) {
$field_key = 'field_' . $key;
if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
$upload->init($file, 'profile');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
if (!$upload->get_image_info($attach['target'])) {
@unlink($attach['target']);
continue;
}
$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
if ($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attach['attachment'];
} else {
$profile[$key] = $attach['attachment'];
}
}
}
}
}
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
$groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
}
$init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus);
C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if ($emailstatus) {
updatecreditbyaction('realemail', $uid);
}
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP);
C::t('common_member_verify_info')->insert($setverify);
C::t('common_member_verify')->insert(array('uid' => $uid));
}
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
if ($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) * 3600);
if ($this->setting['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
$regmessage = dhtmlspecialchars($_GET['regmessage']);
if ($this->setting['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
updatestat('register');
if ($invite['id']) {
$result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid);
if (!$result) {
C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2));
updatestat('invite');
} else {
$invite = array();
}
}
if ($invite['uid']) {
if ($this->setting['inviteconfig']['inviteaddcredit']) {
updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
}
if ($this->setting['inviteconfig']['invitedaddcredit']) {
updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
}
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
space_merge($invite, 'field_home');
if (!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if ($invite['appid']) {
updatestat('appinvite');
}
}
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = replacesitevar($welcomemsgtitle);
$welcomemsgtxt = replacesitevar($welcomemsgtxt);
if ($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif ($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
}
}
if ($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
dsetcookie('loginuser', '');
dsetcookie('activationauth', '');
dsetcookie('invite_auth', '');
$url_forward = dreferer();
$refreshtime = 3000;
switch ($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "{$email} sendmail failed.");
}
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$refreshtime = 10000;
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
break;
}
$param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'forum.php';
}
$href = str_replace("'", "\\'", $url_forward);
$extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", ' . $refreshtime . ');' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
showmessage($message, $url_forward, $param, $extra);
}
}
function on_register()
{
global $_G;
$_G['gp_username'] = $_G['gp_' . $this->setting['reginput']['username']];
$_G['gp_password'] = $_G['gp_' . $this->setting['reginput']['password']];
$_G['gp_password2'] = $_G['gp_' . $this->setting['reginput']['password2']];
$_G['gp_email'] = $_G['gp_' . $this->setting['reginput']['email']];
if ($_G['uid']) {
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$url_forward = dreferer();
if (strpos($url_forward, $this->setting['regname']) !== false) {
$url_forward = 'forum.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
} elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
if ($_G['gp_action'] == 'activation' || $this->setting['gp_activationauth']) {
if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif (!$this->setting['regstatus']) {
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules =& $this->setting['bbrules'];
$bbrulesforce =& $this->setting['bbrulesforce'];
$bbrulestxt =& $this->setting['bbrulestxt'];
$welcomemsg =& $this->setting['welcomemsg'];
$welcomemsgtitle =& $this->setting['welcomemsgtitle'];
$welcomemsgtxt =& $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
if ($this->setting['regverify']) {
if ($this->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$this->setting['regverify'] = 0;
}
}
}
if ($_G['cache']['ipctrl']['ipverifywhite']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$this->setting['regverify'] = 0;
break;
}
}
}
}
$invitestatus = false;
if ($this->setting['regstatus'] == 2) {
if ($this->setting['inviteconfig']['inviteareawhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if ($location) {
$whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*' . $whitearea . '.*';
$whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
if (@preg_match($whitearea, $location)) {
$invitestatus = true;
}
}
}
if ($this->setting['inviteconfig']['inviteipwhite']) {
foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$invitestatus = true;
break;
}
}
}
}
$groupinfo = array();
if ($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$seccodecheck = $this->setting['seccodestatus'] & 1;
$secqaacheck = $this->setting['secqaa']['status'] & 1;
$fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
$username = isset($_G['gp_username']) ? $_G['gp_username'] : '';
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_G['gp_auth'];
if (!$invitestatus) {
$invite = getinvite();
}
if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
if ($_G['gp_action'] == 'activation') {
$auth = explode("\t", authcode($auth, 'DECODE'));
if (FORMHASH != $auth[1]) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$username = $auth[0];
$activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
}
if ($fromuid) {
$query = DB::query("SELECT username FROM " . DB::table('common_member') . " WHERE uid='{$fromuid}'");
if (DB::num_rows($query)) {
$fromuser = dhtmlspecialchars(DB::result($query, 0));
} else {
dsetcookie('promotion');
}
}
$bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
if ($_G['gp_action'] == 'activation') {
$auth = dhtmlspecialchars($auth);
}
if ($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach ($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if ($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) {
require_once libfile('member/' . $this->extrafile, 'module');
}
$dreferer = dreferer();
include template($this->template);
} else {
if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
$activation = array();
if (isset($_G['gp_activationauth'])) {
$activationauth = explode("\t", authcode($_G['gp_activationauth'], 'DECODE'));
if ($activationauth[1] == FORMHASH && !($activation = daddslashes(uc_get_user($activationauth[0]), 1))) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
}
if (!$activation) {
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif ($usernamelen > 15) {
showmessage('profile_username_toolong');
}
$username = addslashes(trim(dstripslashes($username)));
if (uc_get_user($username) && !DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'")) {
if ($_G['inajax']) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => stripslashes($username)));
}
}
$email = trim($_G['gp_email']);
if (empty($this->setting['ignorepassword'])) {
if ($_G['gp_password'] !== $_G['gp_password2']) {
showmessage('profile_passwd_notmatch');
}
if (!$_G['gp_password'] || $_G['gp_password'] != addslashes($_G['gp_password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_G['gp_password'];
} else {
$password = md5(random(10));
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
showmessage('profile_username_protect');
}
if ($this->setting['regverify'] == 2 && !trim($_G['gp_regmessage'])) {
showmessage('profile_required_info_invalid');
}
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$this->setting['regctrl'] = $this->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($this->setting['regctrl']) {
$query = DB::query("SELECT ip FROM " . DB::table('common_regip') . " WHERE ip LIKE '{$ctrlip}' AND count='-1' AND dateline>{$_G['timestamp']}-'" . $this->setting['regctrl'] . "'*3600 LIMIT 1");
if (DB::num_rows($query)) {
showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
}
}
$regipsql = '';
if ($this->setting['regfloodctrl']) {
if ($regattempts = DB::result_first("SELECT count FROM " . DB::table('common_regip') . " WHERE ip='{$_G['clientip']}' AND count>'0' AND dateline>'{$_G['timestamp']}'-86400")) {
if ($regattempts >= $this->setting['regfloodctrl']) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
} else {
$regipsql = "UPDATE " . DB::table('common_regip') . " SET count=count+1 WHERE ip='{$_G['clientip']}' AND count>'0'";
}
} else {
$regipsql = "INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '1', '{$_G['timestamp']}')";
}
}
$profile = $verifyarr = array();
foreach ($_G['cache']['fields_register'] as $field) {
if (defined('IN_MOBILE')) {
break;
}
$field_key = $field['fieldid'];
$field_val = $_G['gp_' . $field_key];
if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if (!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
}
if ($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
if (!$activation) {
$uid = uc_user_register($username, $password, $email, $questionid, $answer, $_G['clientip']);
if ($uid <= 0) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
}
} else {
list($uid, $username, $email) = $activation;
}
$_G['username'] = $username;
if (DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE uid='{$uid}'")) {
if (!$activation) {
uc_user_delete($uid);
}
showmessage('profile_uid_duplicate', '', array('uid' => $uid));
}
$password = md5(random(10));
$secques = $questionid > 0 ? random(8) : '';
if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if (isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if ($_FILES) {
require_once libfile('class/upload');
$upload = new discuz_upload();
foreach ($_FILES as $key => $file) {
$field_key = 'field_' . $key;
if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
$upload->init($file, 'profile');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
if (!$upload->get_image_info($attach['target'])) {
@unlink($attach['target']);
continue;
}
$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
if ($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attach['attachment'];
} else {
$profile[$key] = $attach['attachment'];
}
}
}
}
}
if ($regipsql) {
DB::query($regipsql);
}
if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
$groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
}
$init_arr = explode(',', $this->setting['initcredits']);
$userdata = array('uid' => $uid, 'username' => $username, 'password' => $password, 'email' => $email, 'adminid' => 0, 'groupid' => $groupinfo['groupid'], 'regdate' => TIMESTAMP, 'credits' => $init_arr[0], 'timeoffset' => 9999);
$status_data = array('uid' => $uid, 'regip' => $_G['clientip'], 'lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP, 'lastpost' => 0, 'lastsendmail' => 0);
$profile['uid'] = $uid;
$field_forum['uid'] = $uid;
$field_home['uid'] = $uid;
if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) {
require_once libfile('member/' . $this->extrafile, 'module');
}
DB::insert('common_member', $userdata);
DB::insert('common_member_status', $status_data);
DB::insert('common_member_profile', $profile);
DB::insert('common_member_field_forum', $field_forum);
DB::insert('common_member_field_home', $field_home);
if ($verifyarr) {
$setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => daddslashes(serialize($verifyarr)), 'dateline' => TIMESTAMP);
DB::insert('common_member_verify_info', $setverify);
DB::insert('common_member_verify', array('uid' => $uid));
}
$count_data = array('uid' => $uid, 'extcredits1' => $init_arr[1], 'extcredits2' => $init_arr[2], 'extcredits3' => $init_arr[3], 'extcredits4' => $init_arr[4], 'extcredits5' => $init_arr[5], 'extcredits6' => $init_arr[6], 'extcredits7' => $init_arr[7], 'extcredits8' => $init_arr[8]);
DB::insert('common_member_count', $count_data);
DB::insert('common_setting', array('skey' => 'lastmember', 'svalue' => $username), false, true);
manyoulog('user', $uid, 'add');
$totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member'));
$userstats = array('totalmembers' => $totalmembers, 'newsetuser' => stripslashes($username));
save_syscache('userstats', $userstats);
if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
DB::query("DELETE FROM " . DB::table('common_regip') . " WHERE dateline<='{$_G['timestamp']}'-" . ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) . "*3600", 'UNBUFFERED');
if ($this->setting['regctrl']) {
DB::query("INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '-1', '{$_G['timestamp']}')");
}
}
$regmessage = dhtmlspecialchars($_G['gp_regmessage']);
if ($this->setting['regverify'] == 2) {
DB::query("REPLACE INTO " . DB::table('common_member_validate') . " (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\t\t\tVALUES ('{$uid}', '{$_G['timestamp']}', '0', '', '1', '0', '{$regmessage}', '')");
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => dstripslashes($_G['username']), 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
include_once libfile('function/stat');
updatestat('register');
if ($invite['id']) {
$result = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_invite') . " WHERE uid='{$invite['uid']}' AND fuid='{$uid}'");
if (!$result) {
DB::update("common_invite", array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2), array('id' => $invite['id']));
updatestat('invite');
} else {
$invite = array();
}
}
if ($invite['uid']) {
if ($this->setting['inviteconfig']['inviteaddcredit']) {
updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
}
if ($this->setting['inviteconfig']['invitedaddcredit']) {
updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
}
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
space_merge($invite, 'field_home');
if (!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if ($invite['appid']) {
updatestat('appinvite');
}
}
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = addslashes(replacesitevar($welcomemsgtitle));
$welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt));
if ($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array(), 1);
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif ($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array(), 1);
}
}
if ($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
dsetcookie('loginuser', '');
dsetcookie('activationauth', '');
dsetcookie('invite_auth', '');
loadcache('setting', true);
$_G['setting']['lastmember'] = stripslashes($username);
$settingnew = $_G['setting'];
$settingnew['pluginhooks'] = array();
save_syscache('setting', $settingnew);
switch ($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
DB::query("UPDATE " . DB::table('common_member_field_forum') . " SET authstr='{$authstr}' WHERE uid='{$_G['uid']}'");
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id={$idstring}";
$email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message);
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$url_forward = dreferer();
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
$url_forward = $_G['setting']['homestatus'] ? 'home.php?mod=space&do=home' : 'home.php?mod=spacecp';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
$url_forward = dreferer();
break;
}
$param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'forum.php';
}
$href = str_replace("'", "\\'", $url_forward);
$extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
showmessage($message, $url_forward, $param, $extra);
}
}
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: portalcp_upload.php 30107 2012-05-11 02:10:58Z svn_project_zhangjie $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
$operation = $_GET['op'] ? $_GET['op'] : '';
$upload = new discuz_upload();
$downremotefile = false;
$aid = intval(getgpc('aid'));
$catid = intval(getgpc('catid'));
if ($aid) {
$article = C::t('portal_article_title')->fetch($aid);
if (!$article) {
portal_upload_error(lang('portalcp', 'article_noexist'));
}
if (check_articleperm($catid, $aid, $article, false, true) !== true) {
portal_upload_error(lang('portalcp', 'article_noallowed'));
}
} else {
if (($return = check_articleperm($catid, $aid, null, false, true)) !== true) {
portal_upload_error(lang('portalcp', $return));
}
}
if ($operation == 'downremotefile') {
$arrayimageurl = $temp = $imagereplace = array();
function onVideoAuthAuth($uId, $picData, $picExt = 'jpg', $isReward = false)
{
global $_G;
$res = $this->getUserSpace($uId);
if (!$res) {
return new ErrorResponse('1', "User({$uId}) Not Exists");
}
$allowPicType = array('jpg', 'jpeg', 'gif', 'png');
if (in_array($picExt, $allowPicType)) {
$pic = base64_decode($picData);
if (!$pic || strlen($pic) == strlen($picData)) {
$errCode = '200';
$errMessage = 'Error argument';
return new ErrorResponse($errCode, $errMessage);
}
$secret = md5($_G['timestamp'] . "\t" . $_G['uid']);
$picDir = DISCUZ_ROOT . './data/avatar/' . substr($secret, 0, 1);
if (!is_dir($picDir)) {
if (!mkdir($picDir, 0777)) {
$errCode = '300';
$errMessage = 'Cannot create directory';
return new ErrorResponse($errCode, $errMessage);
}
}
$picDir .= '/' . substr($secret, 1, 1);
if (!is_dir($picDir)) {
if (!@mkdir($picDir, 0777)) {
$errCode = '300';
$errMessage = 'Cannot create directory';
return new ErrorResponse($errCode, $errMessage);
}
}
$picPath = $picDir . '/' . $secret . '.' . $picExt;
$fp = @fopen($picPath, 'wb');
if ($fp) {
if (fwrite($fp, $pic) !== FALSE) {
fclose($fp);
require_once libfile('class/upload');
$upload = new discuz_upload();
if (!$upload->get_image_info($picPath)) {
@unlink($picPath);
} else {
DB::update('common_member', array('videophotostatus' => 1), array('uid' => $uId));
$count = DB::result(DB::query("SELECT COUNT(*) FROM " . DB::table('common_member_verify') . " WHERE uid='{$uId}'"), 0);
if (!$count) {
DB::insert('common_member_verify', array('uid' => $uId, 'verify7' => 1));
} else {
DB::update('common_member_verify', array('verify7' => 1), array('uid' => $uId));
}
$fields = array('videophoto' => $secret);
DB::update('common_member_field_home', $fields, array('uid' => $uId));
$result = DB::affected_rows();
if ($isReward) {
updatecreditbyaction('videophoto', $uId);
}
return $result;
}
}
fclose($fp);
}
}
$errCode = '300';
$errMessage = 'Video Auth Error';
return new ErrorResponse($errCode, $errMessage);
}
function threadsort_insertfile($tid, &$files, $sortid, $edit = 0, $modidentifier, $channel)
{
global $_G;
$allowtype = 'jpg, jpeg, gif, bmp, png';
$newfiles = $aid = array();
if (empty($tid)) {
return;
}
if ($files['categoryimg']) {
foreach ($files['categoryimg']['name'] as $key => $val) {
$newfiles[$key]['name'] = $val;
$newfiles[$key]['type'] = $files['categoryimg']['type'][$key];
$newfiles[$key]['tmp_name'] = $files['categoryimg']['tmp_name'][$key];
$newfiles[$key]['error'] = $files['categoryimg']['error'][$key];
$newfiles[$key]['size'] = $files['categoryimg']['size'][$key];
}
} else {
return;
}
require_once libfile('class/upload');
$upload = new discuz_upload();
$uploadtype = 'category';
if ($channel['imageinfo']['watermarkstatus']) {
require_once libfile('class/house_image');
$image = new image($channel);
}
foreach ($newfiles as $key => $file) {
if (!$upload->init($file, $uploadtype)) {
continue;
}
if (!$upload->save()) {
if (count($newfiles) == 1) {
showmessage($upload->errormessage());
}
}
$newattach[$key] = $upload->attach['attachment'];
if ($channel['imageinfo']['watermarkstatus']) {
$image->Watermark($upload->attach['target']);
}
DB::query("INSERT INTO " . DB::table('category_' . $modidentifier . '_pic') . " (tid, url, dateline) VALUES ('{$tid}', '" . $upload->attach['attachment'] . "', '" . TIMESTAMP . "')");
$aid[$key] = DB::insert_id();
}
$attachnum = $edit ? intval(DB::result_first("SELECT COUNT(*) FROM " . DB::table('category_' . $modidentifier . '_pic') . " WHERE tid='{$tid}'")) : intval(count($aid));
if (substr($_G['gp_coverpic'], 0, 4) == 'old_') {
$newaid = substr($_G['gp_coverpic'], 4);
} else {
$_G['gp_coverpic'] = intval($_G['gp_coverpic']);
if ($aid[$_G['gp_coverpic']]) {
$newaid = $aid[$_G['gp_coverpic']];
} else {
$aid = array_slice($aid, 0, 1);
$newaid = $aid[0];
}
}
if (!empty($newaid)) {
DB::query("UPDATE " . DB::table('category_sortvalue') . "{$sortid} SET attachid='{$newaid}', attachnum='{$attachnum}' WHERE tid='{$tid}'");
}
}
} else {
$chezhengname = dhtmlspecialchars(trim($_GET['chezhengname']));
$chezhengtitle = strip_tags(trim($_GET['chezhengtitle']));
$status = intval($_GET['status']);
$createtime = strtotime($_GET['createtime']);
$description = dhtmlspecialchars(trim($_GET['description']));
$chezhengsort = trim($_GET['chezhengsort']);
if (!$chezhengname) {
cpmsg(lang('plugin/yiqixueba', 'chezhengname_invalid'), '', 'error');
}
if (!ispluginkey($chezhengname)) {
cpmsg(lang('plugin/yiqixueba', 'chezhengname_invalid'), '', 'error');
}
$ico = addslashes($_GET['chezhengimages']);
if ($_FILES['chezhengimages']) {
$upload = new discuz_upload();
if ($upload->init($_FILES['chezhengimages'], 'common') && $upload->save()) {
$ico = $upload->attach['attachment'];
}
}
if ($_POST['delete'] && addslashes($_POST['chezhengimages'])) {
$valueparse = parse_url(addslashes($_POST['chezhengimages']));
if (!isset($valueparse['host']) && !strexists(addslashes($_POST['chezhengimages']), '{STATICURL}')) {
@unlink($_G['setting']['attachurl'] . 'common/' . addslashes($_POST['chezhengimages']));
}
$ico = '';
}
$data = array('chezhengname' => $chezhengname, 'chezhengtitle' => $chezhengtitle, 'description' => $description, 'chezhengimages' => $ico, 'chezhengsort' => $chezhengsort, 'status' => $status, 'createtime' => $createtime);
if ($chezhengid) {
$data['updatetime'] = time();
C::t(GM('cheyouhui_' . $infotype))->update($chezhengid, $data);
function sanree_common_upload($bid)
{
global $_G, $config;
$this->uid = $_G['uid'];
$where = ' AND uid=' . $_G['uid'];
$maxpiccount = intval($config['maxpiccount']);
if ($maxpiccount > 0 && $_G['uid'] != 1) {
$piccount = C::t('#sanree_brand#sanree_brand_attachment')->count_by_where($where);
if ($piccount > $maxpiccount) {
$this->uploadmsg(12);
}
}
$swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $this->uid);
$this->aid = 0;
$this->simple = 2;
if ($_GET['hash'] != $swfhash) {
$this->uploadmsg(10);
}
$appVer = $_G['setting']['version'];
if ($appVer == 'X2') {
require_once libfile('class/upload');
}
$upload = new discuz_upload();
if (!$config['isbird']) {
$upload->init($_FILES['Filedata'], 'common');
} else {
$file = 'Filedata' . $_G['sr_newbanner'];
$upload->init($_FILES[$file], 'category');
$this->newbanner_flag = $_G['sr_newbanner'];
}
$this->attach =& $upload->attach;
if ($upload->error()) {
$this->uploadmsg(2);
}
$allowupload = !$_G['group']['maxattachnum'] || $_G['group']['maxattachnum'] && $_G['group']['maxattachnum'] > getuserprofile('todayattachs');
if (!$allowupload) {
$this->uploadmsg(6);
}
if ($_G['group']['attachextensions'] && (!preg_match("/(^|\\s|,)" . preg_quote($upload->attach['ext'], '/') . "(\$|\\s|,)/i", $_G['group']['attachextensions']) || !$upload->attach['ext'])) {
$this->uploadmsg(1);
}
if (empty($upload->attach['size'])) {
$this->uploadmsg(2);
}
if ($_G['group']['maxattachsize'] && $upload->attach['size'] > $_G['group']['maxattachsize']) {
$this->error_sizelimit = $_G['group']['maxattachsize'];
$this->uploadmsg(3);
}
loadcache('attachtype');
if ($_G['fid'] && isset($_G['cache']['attachtype'][$_G['fid']][$upload->attach['ext']])) {
$maxsize = $_G['cache']['attachtype'][$_G['fid']][$upload->attach['ext']];
} elseif (isset($_G['cache']['attachtype'][0][$upload->attach['ext']])) {
$maxsize = $_G['cache']['attachtype'][0][$upload->attach['ext']];
}
if (isset($maxsize)) {
if (!$maxsize) {
$this->error_sizelimit = 'ban';
$this->uploadmsg(4);
} elseif ($upload->attach['size'] > $maxsize) {
$this->error_sizelimit = $maxsize;
$this->uploadmsg(5);
}
}
if ($upload->attach['size'] && $_G['group']['maxsizeperday']) {
$todaysize = getuserprofile('todayattachsize') + $upload->attach['size'];
if ($todaysize >= $_G['group']['maxsizeperday']) {
$this->error_sizelimit = 'perday|' . $_G['group']['maxsizeperday'];
$this->uploadmsg(11);
}
}
updatemembercount($_G['uid'], array('todayattachs' => 1, 'todayattachsize' => $upload->attach['size']));
$upload->save();
if ($upload->error() == -103) {
$this->uploadmsg(8);
} elseif ($upload->error()) {
$this->uploadmsg(9);
}
$thumb = $remote = $width = 0;
if (!$upload->attach['isimage']) {
$this->uploadmsg(7);
}
if ($upload->attach['isimage']) {
if ($_G['setting']['showexif']) {
require_once libfile('function/attachment');
$exif = getattachexif(0, $upload->attach['target']);
}
if ($_G['setting']['thumbsource'] || $_G['setting']['thumbstatus']) {
require_once libfile('class/image');
$image = new image();
}
if ($_G['setting']['thumbsource'] && $_G['setting']['sourcewidth'] && $_G['setting']['sourceheight']) {
$thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['sourcewidth'], $_G['setting']['sourceheight'], 1, 1) ? 1 : 0;
$width = $image->imginfo['width'];
$upload->attach['size'] = $image->imginfo['size'];
}
if ($_G['setting']['thumbstatus']) {
$thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], 0) ? 1 : 0;
$width = $image->imginfo['width'];
}
if ($_G['setting']['thumbsource'] || !$_G['setting']['thumbstatus']) {
list($width) = @getimagesize($upload->attach['target']);
}
}
$this->aid = $aid = getattachnewaid($this->uid);
$insert = array('aid' => $aid, 'dateline' => $_G['timestamp'], 'filename' => censor($upload->attach['name']), 'filesize' => $upload->attach['size'], 'attachment' => $upload->attach['attachment'], 'isimage' => $upload->attach['isimage'], 'uid' => $this->uid, 'thumb' => $thumb, 'remote' => $remote, 'width' => $width);
///C::t('forum_attachment_unused')->insert($insert);
C::t('#sanree_brand#sanree_brand_attachment')->insert($insert);
$result = C::t('#sanree_brand#sanree_brand_businesses')->getusername_by_bidanduid($_G['uid'], $bid);
if ($result['banner']) {
@unlink($_G['setting']['attachdir'] . 'common/' . $result['banner']);
}
if (!$config['isbird']) {
$setarr = array();
$setarr['banner'] = $upload->attach['attachment'];
C::t('#sanree_brand#sanree_brand_businesses')->update($bid, $setarr);
} else {
$newbanner = explode(',', $result['newbanner']);
$newbanner[$_G['sr_newbanner']] = $upload->attach['attachment'];
$setarr = array();
$setarr['newbanner'] = implode(',', $newbanner);
C::t('#sanree_brand#sanree_brand_businesses')->update($bid, $setarr);
}
if ($upload->attach['isimage'] && $_G['setting']['showexif']) {
///C::t('forum_attachment_exif')->insert($aid, $exif);
}
$this->uploadmsg(0);
}
function QQGroupUpload($tid) {
global $_G;
$imageDir = 'qqgroup';
$imageName = 'miniportal_tid_'.$tid.'.jpg';
$fieldName = 'imageFile';
$_FILES[$fieldName]['name'] = addslashes(urldecode($_FILES[$fieldName]['name']));
$_FILES[$fieldName]['type'] = addslashes(urldecode($_FILES[$fieldName]['type']));
$upload = new discuz_upload();
$upload->init($_FILES[$fieldName]);
$attach = & $upload->attach;
if (!$attach['isimage']) {
return false;
}
if ($attach['size'] > 5000000) {
return false;
}
$upload->save();
list($imgwidth, $imgheight) = $attach['imageinfo'];
if($imgwidth < 75 || $imgheight < 75) {
@unlink($attach['target']);
return false;
}
require_once libfile('class/image');
$image = new image;
$image->param['thumbquality'] = 100;
$thumbTarget = $imageDir.'/'.$imageName;
@unlink($_G['setting']['attachdir'].'./'.$thumbTarget);
$thumb = $image->Thumb($attach['target'], $thumbTarget, 75, 75) ? 1 : 0;
if(!$thumb && !@copy($attach['target'], $_G['setting']['attachdir'].'./'.$thumbTarget)) {
@unlink($attach['target']);
return false;
}
@unlink($attach['target']);
$res = $attach;
$res['thumbTarget'] = $thumbTarget;
return $res;
}
} else {
$settingname = dhtmlspecialchars(trim($_GET['settingname']));
$settingtitle = strip_tags(trim($_GET['settingtitle']));
$status = intval($_GET['status']);
$createtime = strtotime($_GET['createtime']);
$description = dhtmlspecialchars(trim($_GET['description']));
$settingsort = trim($_GET['settingsort']);
if (!$settingname) {
cpmsg(lang('plugin/yiqixueba', 'settingname_invalid'), '', 'error');
}
if (!ispluginkey($settingname)) {
cpmsg(lang('plugin/yiqixueba', 'settingname_invalid'), '', 'error');
}
$ico = addslashes($_GET['settingimages']);
if ($_FILES['settingimages']) {
$upload = new discuz_upload();
if ($upload->init($_FILES['settingimages'], 'common') && $upload->save()) {
$ico = $upload->attach['attachment'];
}
}
if ($_POST['delete'] && addslashes($_POST['settingimages'])) {
$valueparse = parse_url(addslashes($_POST['settingimages']));
if (!isset($valueparse['host']) && !strexists(addslashes($_POST['settingimages']), '{STATICURL}')) {
@unlink($_G['setting']['attachurl'] . 'common/' . addslashes($_POST['settingimages']));
}
$ico = '';
}
$data = array('settingname' => $settingname, 'settingtitle' => $settingtitle, 'description' => $description, 'settingimages' => $ico, 'settingsort' => $settingsort, 'status' => $status, 'createtime' => $createtime);
if ($settingid) {
$data['updatetime'] = time();
C::t(GM('main_setting'))->update($settingid, $data);
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false)
{
global $_G, $space;
if ($albumid < 0) {
$albumid = 0;
}
$allowPicType = array('jpg', 'jpeg', 'gif', 'png');
if (!in_array($fileext, $allowPicType)) {
return -3;
}
$setarr = array();
$upload = new discuz_upload();
$filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext;
$newfilename = $_G['setting']['attachdir'] . './album/' . $filepath;
if ($handle = fopen($newfilename, 'wb')) {
if (fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
if (empty($space)) {
$_G['member'] = $space = getuserbyuid($_G['uid']);
$_G['username'] = $space['username'];
}
$_G['member'] = $space;
loadcache('usergroup_' . $space['groupid']);
$_G['group'] = $_G['cache']['usergroup_' . $space['groupid']];
$maxspacesize = checkperm('maxspacesize');
if ($maxspacesize) {
space_merge($space, 'count');
space_merge($space, 'field_home');
if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize'] * 1024 * 1024) {
@unlink($newfilename);
return -1;
}
}
if (!$upload->get_image_info($newfilename)) {
@unlink($newfilename);
return -2;
}
require_once libfile('class/image');
$image = new image();
$result = $image->Thumb($newfilename, NULL, 140, 140, 1);
$thumb = empty($result) ? 0 : 1;
$image->Watermark($newfilename);
$pic_remote = 0;
$album_picflag = 1;
if (getglobal('setting/ftp/on')) {
$ftpresult_thumb = 0;
$ftpresult = ftpcmd('upload', 'album/' . $filepath);
if ($ftpresult) {
@unlink($_G['setting']['attachdir'] . 'album/' . $filepath);
if ($thumb) {
$thumbpath = getimgthumbname($filepath);
ftpcmd('upload', 'album/' . $thumbpath);
@unlink($_G['setting']['attachdir'] . 'album/' . $thumbpath);
}
$pic_remote = 1;
$album_picflag = 2;
} else {
if (getglobal('setting/ftp/mirror')) {
@unlink($newfilename);
@unlink(getimgthumbname($newfilename));
return -3;
}
}
}
$filename = $name ? $name : substr(strrchr($filepath, '/'), 1);
$title = getstr($title, 200);
$title = censor($title);
if (censormod($title) || $_G['group']['allowuploadmod']) {
$pic_status = 1;
} else {
$pic_status = 0;
}
if ($albumid) {
$albumid = album_creat_by_id($albumid);
} else {
$albumid = 0;
}
$setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote, 'status' => $pic_status);
$setarr['picid'] = C::t('home_pic')->insert($setarr, 1);
C::t('common_member_count')->increase($_G['uid'], array('attachsize' => $size));
include_once libfile('function/stat');
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
showsubmit('editsubmit');
showtablefooter();
showformfooter();
} else {
$namenew = trim(dhtmlspecialchars($_GET['namenew']));
$titlenew = trim(dhtmlspecialchars($_GET['titlenew']));
$urlnew = str_replace(array('&'), array('&'), dhtmlspecialchars($_GET['urlnew']));
$targetnew = intval($_GET['targetnew']) ? 1 : 0;
$levelnew = intval($_GET['levelnew']) && $_GET['levelnew'] > 0 && $_GET['levelnew'] < 4 ? intval($_GET['levelnew']) : 0 ;
$urladd = $nav['type'] != '0' && $urlnew ? ", url='$urlnew'" : '';
$iconnew = addslashes($nav['icon']);
if($_FILES['iconnew']) {
$upload = new discuz_upload();
if($upload->init($_FILES['iconnew'], 'common') && $upload->save()) {
$iconnew = $upload->attach['attachment'];
}
} else {
$iconnew = $_GET['iconnew'];
}
if($_GET['deleteicon'] && $nav['icon']) {
$valueparse = parse_url($nav['icon']);
if(!isset($valueparse['host']) && !strexists($nav['icon'], '{STATICURL}')) {
@unlink($_G['setting']['attachurl'].'common/'.$nav['icon']);
}
$iconnew = '';
}
$iconadd = ", icon='$iconnew'";
function forum_upload()
{
global $_G;
$_G['uid'] = $this->uid = intval($_G['gp_uid']);
$swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $this->uid);
$this->aid = 0;
$this->simple = !empty($_G['gp_simple']) ? $_G['gp_simple'] : 0;
if ($_G['gp_hash'] != $swfhash) {
$this->uploadmsg(10);
}
$_G['groupid'] = intval(DB::result_first("SELECT groupid FROM " . DB::table('common_member') . " WHERE uid='" . $this->uid . "'"));
loadcache('usergroup_' . $_G['groupid']);
$_G['group'] = $_G['cache']['usergroup_' . $_G['groupid']];
require_once libfile('class/upload');
$upload = new discuz_upload();
$upload->init($_FILES['Filedata'], 'forum');
$this->attach =& $upload->attach;
if ($upload->error()) {
$this->uploadmsg(2);
}
$allowupload = !$_G['group']['maxattachnum'] || $_G['group']['maxattachnum'] && $_G['group']['maxattachnum'] > getuserprofile('todayattachs');
if (!$allowupload) {
$this->uploadmsg(6);
}
if ($_G['group']['attachextensions'] && (!preg_match("/(^|\\s|,)" . preg_quote($upload->attach['ext'], '/') . "(\$|\\s|,)/i", $_G['group']['attachextensions']) || !$upload->attach['ext'])) {
$this->uploadmsg(1);
}
if (empty($upload->attach['size'])) {
$this->uploadmsg(2);
}
if ($_G['group']['maxattachsize'] && $upload->attach['size'] > $_G['group']['maxattachsize']) {
$this->error_sizelimit = $_G['group']['maxattachsize'];
$this->uploadmsg(3);
}
if ($type = DB::fetch_first("SELECT maxsize FROM " . DB::table('forum_attachtype') . " WHERE extension='" . addslashes($upload->attach['ext']) . "'")) {
if ($type['maxsize'] == 0) {
$this->error_sizelimit = 'ban';
$this->uploadmsg(4);
} elseif ($upload->attach['size'] > $type['maxsize']) {
$this->error_sizelimit = $type['maxsize'];
$this->uploadmsg(5);
}
}
if ($upload->attach['size'] && $_G['group']['maxsizeperday']) {
$todaysize = getuserprofile('todayattachsize') + $upload->attach['size'];
if ($todaysize >= $_G['group']['maxsizeperday']) {
$this->error_sizelimit = 'perday|' . $_G['group']['maxsizeperday'];
$this->uploadmsg(11);
}
}
updatemembercount($_G['uid'], array('todayattachs' => 1, 'todayattachsize' => $upload->attach['size']));
$upload->save();
if ($upload->error() == -103) {
$this->uploadmsg(8);
} elseif ($upload->error()) {
$this->uploadmsg(9);
}
$thumb = $remote = $width = 0;
if ($_G['gp_type'] == 'image' && !$upload->attach['isimage']) {
$this->uploadmsg(7);
}
if ($upload->attach['isimage']) {
if ($_G['setting']['thumbstatus']) {
require_once libfile('class/image');
$image = new image();
$thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], $_G['setting']['thumbsource']) ? 1 : 0;
$width = $image->imginfo['width'];
}
if ($_G['setting']['thumbsource'] || !$_G['setting']['thumbstatus']) {
list($width) = @getimagesize($upload->attach['target']);
}
}
if ($_G['gp_type'] != 'image' && $upload->attach['isimage']) {
$upload->attach['isimage'] = -1;
}
$this->aid = $aid = getattachnewaid($this->uid);
DB::query("INSERT INTO " . DB::table('forum_attachment_unused') . " (aid, dateline, filename, filesize, attachment, isimage, uid, thumb, remote, width)\r\n\t\t\tVALUES ('{$aid}', '{$_G['timestamp']}', '" . $upload->attach['name'] . "', '" . $upload->attach['size'] . "', '" . $upload->attach['attachment'] . "', '" . $upload->attach['isimage'] . "', '" . $this->uid . "', '{$thumb}', '{$remote}', '{$width}')");
$this->uploadmsg(0);
}
function upload_icon_banner(&$data, $file, $type)
{
global $_G;
$data['extid'] = empty($data['extid']) ? $data['fid'] : $data['extid'];
if (empty($data['extid'])) {
return '';
}
if ($data['status'] == 3 && $_G['setting']['group_imgsizelimit']) {
$file['size'] > $_G['setting']['group_imgsizelimit'] * 1024 && showmessage('file_size_overflow', '', array('size' => $_G['setting']['group_imgsizelimit'] * 1024));
}
require_once libfile('class/upload');
$upload = new discuz_upload();
$uploadtype = $data['status'] == 3 ? 'group' : 'common';
if (!$upload->init($file, $uploadtype, $data['extid'], $type)) {
return false;
}
if (!$upload->save()) {
if (!defined('IN_ADMINCP')) {
showmessage($upload->errormessage());
} else {
cpmsg($upload->errormessage(), '', 'error');
}
}
if ($data['status'] == 3) {
$imgwh = array('icon' => array('48', '48'), 'banner' => array('720', '168'));
require_once libfile('class/image');
$img = new image();
$img->Thumb($upload->attach['target'], './' . $uploadtype . '/' . $upload->attach['attachment'], $imgwh[$type][0], $imgwh[$type][1], 'fixwr');
}
return $upload->attach['attachment'];
}
$errorcode = 0;
require_once libfile('function/portalcp');
if ($aid) {
$article = C::t('portal_article_title')->fetch($aid);
if (!$article) {
$errorcode = 1;
}
if (check_articleperm($catid, $aid, $article, false, true) !== true) {
$errorcode = 2;
}
} else {
if (check_articleperm($catid, $aid, null, false, true) !== true) {
$errorcode = 3;
}
}
$upload = new discuz_upload();
$_FILES["Filedata"]['name'] = addslashes(diconv(urldecode($_FILES["Filedata"]['name']), 'UTF-8'));
$upload->init($_FILES['Filedata'], 'portal');
$attach = $upload->attach;
if (!$upload->error()) {
$upload->save();
}
if ($upload->error()) {
$errorcode = 4;
}
if (!$errorcode) {
if ($attach['isimage'] && empty($_G['setting']['portalarticleimgthumbclosed'])) {
require_once libfile('class/image');
$image = new image();
$thumbimgwidth = $_G['setting']['portalarticleimgthumbwidth'] ? $_G['setting']['portalarticleimgthumbwidth'] : 300;
$thumbimgheight = $_G['setting']['portalarticleimgthumbheight'] ? $_G['setting']['portalarticleimgthumbheight'] : 300;
showsetting(lang('plugin/wechat', 'wsq_sitesummary'), 'setting[wsq_sitesummary]', $setting['wsq_sitesummary'], 'textarea');
showsetting(lang('plugin/wechat', 'wsq_siteurl'), 'setting[wsq_siteurl]', $setting['wsq_siteurl'], 'text', 0, 0, lang('plugin/wechat', 'wsq_siteurl_comment'));
showsetting(lang('plugin/wechat', 'wsq_fid'), '', '', $forums, 0, 0, lang('plugin/wechat', 'wsq_fid_comment'));
if (!empty($_G['setting']['domain']['root']['forum'])) {
showsetting(lang('plugin/wechat', 'wsq_domain'), '', '', 'http://<input type="text" name="setting[wsq_domain]" class="txt" value="' . $setting['wsq_domain'] . '" style="width:100px; margin-right:0px;" >.' . $_G['setting']['domain']['root']['forum'], !function_exists('domain_create'), 0, lang('plugin/wechat', 'wsq_domain_comment'));
} else {
showsetting(lang('plugin/wechat', 'wsq_domain'), 'setting[wsq_domain]', '', 'text', 1, 0, lang('plugin/wechat', 'wsq_domain_comment'));
}
showsetting(lang('plugin/wechat', 'wechat_float_qrcode'), 'setting[wechat_float_qrcode]', $setting['wechat_float_qrcode'], 'radio');
showsetting(lang('plugin/wechat', 'wsq_wapdefault'), 'setting[wsq_wapdefault]', $setting['wsq_wapdefault'], 'radio');
showsubmit('settingsubmit');
showtablefooter();
showformfooter();
} else {
if ($_FILES['wsq_sitelogo']['tmp_name']) {
$upload = new discuz_upload();
if (!$upload->init($_FILES['wsq_sitelogo'], 'common', random(3, 1), random(8)) || !$upload->save()) {
cpmsg($upload->errormessage(), '', 'error');
}
$parsev = parse_url($_G['setting']['attachurl']);
$_GET['setting']['wsq_sitelogo'] = ($parsev['host'] ? '' : $_G['siteurl']) . $_G['setting']['attachurl'] . 'common/' . $upload->attach['attachment'];
} else {
$_GET['setting']['wsq_sitelogo'] = $setting['wsq_sitelogo'];
}
if (!$_GET['setting']['wsq_fid']) {
cpmsg(lang('plugin/wechat', 'wsq_fid_empty'), '', 'error');
}
if (!$setting['wsq_sitetoken']) {
$siteinfo = wsq::register($_GET['setting']['wsq_sitename'], $_GET['setting']['wsq_siteurl'], $_GET['setting']['wsq_sitelogo'], $_GET['setting']['wsq_sitesummary'], $setting['wechat_mtype'], $setting['wechat_qrtype']);
if (!$siteinfo || $siteinfo->code) {
cpmsg(lang('plugin/wechat', 'wsq_api_register_error'), '', 'error');
$shopid = intval($_GET['shopid']);
$price = intval($_GET['price']);
$youxiaotime = strtotime($_GET['youxiaotime']);
$description = dhtmlspecialchars(trim($_GET['goodsdescription']));
$goodssort = trim($_GET['goodssort']);
if (!$goodsname) {
dump('no');
cpmsg(lang('plugin/yiqixueba', 'goodsname_invalid'), '', 'error');
}
if (ispluginkey($goodsname)) {
dump('sql');
cpmsg(lang('plugin/yiqixueba', 'goodsname_invalid'), '', 'error');
}
$ico = addslashes($_GET['goodsimages']);
if ($_FILES['goodsimages']) {
$upload = new discuz_upload();
if ($upload->init($_FILES['goodsimages'], 'common') && $upload->save()) {
$ico = $upload->attach['attachment'];
}
}
if ($_POST['delete'] && addslashes($_POST['goodsimages'])) {
$valueparse = parse_url(addslashes($_POST['goodsimages']));
if (!isset($valueparse['host']) && !strexists(addslashes($_POST['goodsimages']), '{STATICURL}')) {
@unlink($_G['setting']['attachurl'] . 'common/' . addslashes($_POST['goodsimages']));
}
$ico = '';
}
$data = array('shopid' => $shopid, 'goodsname' => $goodsname, 'goodstitle' => $goodstitle, 'description' => $description, 'goodsimages' => $ico, 'goodssort' => $goodssort, 'status' => $status, 'newprice' => $newprice, 'price' => $price, 'youxiaotime' => $youxiaotime);
if ($goodsid) {
$data['updatetime'] = time();
C::t(GM('shop_goods'))->update($goodsid, $data);
preg_match_all("/\\[img\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]|\\[img=\\d{1,4}[x|\\,]\\d{1,4}\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/is", $_GET['message'], $image1, PREG_SET_ORDER);
preg_match_all("/\\<img.+src=('|\"|)?(.*)(\\1)([\\s].*)?\\>/ismUe", $_GET['message'], $image2, PREG_SET_ORDER);
$temp = $aids = $existentimg = array();
if (is_array($image1) && !empty($image1)) {
foreach ($image1 as $value) {
$temp[] = array('0' => $value[0], '1' => trim(!empty($value[1]) ? $value[1] : $value[2]));
}
}
if (is_array($image2) && !empty($image2)) {
foreach ($image2 as $value) {
$temp[] = array('0' => $value[0], '1' => trim($value[2]));
}
}
require_once libfile('class/image');
if (is_array($temp) && !empty($temp)) {
$upload = new discuz_upload();
$attachaids = array();
foreach ($temp as $value) {
$imageurl = $value[1];
$hash = md5($imageurl);
if (strlen($imageurl)) {
$imagereplace['oldimageurl'][] = $value[0];
if (!isset($existentimg[$hash])) {
$existentimg[$hash] = $imageurl;
$attach['ext'] = $upload->fileext($imageurl);
if (!$upload->is_image_ext($attach['ext'])) {
continue;
}
$content = '';
if (preg_match('/^(http:\\/\\/|\\.)/i', $imageurl)) {
$content = dfsockopen($imageurl);
if ($_GET['setting']['wechat_appId'] && $_GET['setting']['wechat_appsecret']) {
require_once DISCUZ_ROOT . './source/plugin/wechat/wechat.lib.class.php';
$wechat_client = new WeChatClient($_GET['setting']['wechat_appId'], $_GET['setting']['wechat_appsecret']);
if (!$wechat_client->getAccessToken(1, 1)) {
cpmsg(lang('plugin/wechat', 'wechat_at_geterror'), '', 'error');
}
$option = array('scene_id' => 100000, 'expire' => 30, 'ticketOnly' => 1);
$ticket = $wechat_client->getQrcodeTicket($option);
if (!$wechat_client->getQrcodeImgUrlByTicket($ticket)) {
cpmsg(lang('plugin/wechat', 'wechat_at_qrgeterror'), '', 'error');
}
}
$_GET['setting']['wechat_qrtype'] = !$_GET['setting']['wechat_mtype'] ? 3 : 0;
$_GET['setting']['wechat_token'] = $_GET['setting']['wechat_token'] ? $_GET['setting']['wechat_token'] : random(16);
if ($_FILES['wechat_qrcode']['tmp_name']) {
$upload = new discuz_upload();
if (!$upload->init($_FILES['wechat_qrcode'], 'common', random(3, 1), random(8)) || !$upload->save()) {
cpmsg($upload->errormessage(), '', 'error');
}
$_GET['setting']['wechat_qrcode'] = $upload->attach['attachment'];
}
if ($setting['wsq_siteid']) {
$siteinfo = wsq::edit($setting['wsq_sitename'], $setting['wsq_siteurl'], $setting['wsq_sitelogo'], $setting['wsq_sitesummary'], $_GET['setting']['wechat_mtype'], $_GET['setting']['wechat_qrtype']);
if (!$siteinfo || $siteinfo->code) {
cpmsg(lang('plugin/wechat', 'wsq_api_edit_error'), '', 'error');
}
}
$settings = array('mobilewechat' => serialize($_GET['setting'] + $setting));
C::t('common_setting')->update_batch($settings);
updatecache('setting');
cpmsg('setting_update_succeed', 'action=plugins&operation=config&do=' . $pluginid . '&identifier=wechat&pmod=wechat_setting', 'succeed');
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false)
{
global $_G, $space;
if ($albumid < 0) {
$albumid = 0;
}
$setarr = array();
require_once libfile('class/upload');
$upload = new discuz_upload();
$filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext;
$newfilename = $_G['setting']['attachdir'] . './album/' . $filepath;
if ($handle = fopen($newfilename, 'wb')) {
if (fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
if (empty($space)) {
$_G['member'] = $space = getspace($_G['uid']);
$_G['username'] = addslashes($space['username']);
}
$_G['member'] = $space;
$maxspacesize = checkperm('maxspacesize');
$maxspacesize = $maxspacesize * 1024 * 1024;
if ($maxspacesize) {
space_merge($space, 'common_member_count');
space_merge($space, 'common_member_field_home');
if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
if (!$upload->get_image_info($newfilename)) {
@unlink($newfilename);
return -2;
}
require_once libfile('class/image');
$image = new image();
$result = $image->Thumb($newfilename, NULL, 140, 140, 1);
$thumb = empty($result) ? 0 : 1;
$image->Watermark($newfilename);
$pic_remote = 0;
$album_picflag = 1;
if (getglobal('setting/ftp/on')) {
$ftpresult_thumb = 0;
$ftpresult = ftpupload('album/' . $filepath);
if ($ftpresult) {
if ($thumb) {
ftpupload('album/' . $filepath . '.thumb.jpg');
}
$pic_remote = 1;
$album_picflag = 2;
} else {
if (getglobal('setting/ftp/mirror')) {
@unlink($newfilename);
@unlink($newfilename . '.thumb.jpg');
return -3;
}
}
}
$filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1));
$title = getstr($title, 200, 1, 1, 1);
if ($albumid) {
$albumid = album_creat_by_id($albumid);
} else {
$albumid = 0;
}
$setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote);
$setarr['picid'] = DB::insert('home_pic', $setarr, 1);
DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$size} WHERE uid='{$_G['uid']}'");
include_once libfile('function/stat');
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
} else {
$membername = dhtmlspecialchars(trim($_GET['membername']));
$membertitle = strip_tags(trim($_GET['membertitle']));
$status = intval($_GET['status']);
$createtime = strtotime($_GET['createtime']);
$description = dhtmlspecialchars(trim($_GET['description']));
$membersort = trim($_GET['membersort']);
if (!$membername) {
cpmsg(lang('plugin/yiqixueba', 'membername_invalid'), '', 'error');
}
if (!ispluginkey($membername)) {
cpmsg(lang('plugin/yiqixueba', 'membername_invalid'), '', 'error');
}
$ico = addslashes($_GET['memberimages']);
if ($_FILES['memberimages']) {
$upload = new discuz_upload();
if ($upload->init($_FILES['memberimages'], 'common') && $upload->save()) {
$ico = $upload->attach['attachment'];
}
}
if ($_POST['delete'] && addslashes($_POST['memberimages'])) {
$valueparse = parse_url(addslashes($_POST['memberimages']));
if (!isset($valueparse['host']) && !strexists(addslashes($_POST['memberimages']), '{STATICURL}')) {
@unlink($_G['setting']['attachurl'] . 'common/' . addslashes($_POST['memberimages']));
}
$ico = '';
}
$data = array('membername' => $membername, 'membertitle' => $membertitle, 'description' => $description, 'memberimages' => $ico, 'membersort' => $membersort, 'status' => $status, 'createtime' => $createtime);
if ($memberid) {
$data['updatetime'] = time();
C::t(GM('cheyouhui_member'))->update($memberid, $data);
function pic_upload($FILES, $type = 'album', $thumb_width = 0, $thumb_height = 0, $thumb_type = 2)
{
$upload = new discuz_upload();
$result = array('pic' => '', 'thumb' => 0, 'remote' => 0);
$upload->init($FILES, $type);
if ($upload->error()) {
return array();
}
$upload->save();
if ($upload->error()) {
return array();
}
$result['pic'] = $upload->attach['attachment'];
if ($thumb_width && $thumb_height) {
require_once libfile('class/image');
$image = new image();
if ($image->Thumb($upload->attach['target'], '', $thumb_width, $thumb_height, $thumb_type)) {
$result['thumb'] = 1;
}
}
if (getglobal('setting/ftp/on')) {
if (ftpcmd('upload', $type . '/' . $upload->attach['attachment'])) {
if ($result['thumb']) {
ftpcmd('upload', $type . '/' . getimgthumbname($upload->attach['attachment']));
}
ftpcmd('close');
$result['remote'] = 1;
} else {
if (getglobal('setting/ftp/mirror')) {
@unlink($upload->attach['target']);
@unlink(getimgthumbname($upload->attach['target']));
return array();
}
}
}
return $result;
}
} else {
$_GET['data']['pic'] = $_GET['pic'];
}
$data = array('name' => $_GET['name'], 'data' => $_GET['data']);
C::t('#wechat#mobile_wechat_resource')->insert($data);
cpmsg('setting_update_succeed', RSELF, 'succeed');
} elseif (submitcheck('editsubmit')) {
$resource = C::t('#wechat#mobile_wechat_resource')->fetch($_GET['id']);
if (!$resource) {
cpmsg(lang('plugin/wechat', 'resource_msg_nofound'), '', 'error');
}
if (dstrlen($_GET['data']['desc'], CHARSET) > 120) {
cpmsg(lang('plugin/wechat', 'resource_msg_desc_toolong'), '', 'error');
}
if ($_FILES['pic']['tmp_name']) {
$upload = new discuz_upload();
if (!getimagesize($_FILES['pic']['tmp_name']) || !$upload->init($_FILES['pic'], 'common', random(3, 1), random(8)) || !$upload->save()) {
cpmsg($upload->errormessage(), '', 'error');
}
$_GET['data']['pic'] = (preg_match('/^http:/', $_G['setting']['attachurl']) ? '' : $_G['siteurl']) . $_G['setting']['attachurl'] . 'common/' . $upload->attach['attachment'];
$_GET['data']['local'] = $upload->attach['attachment'];
@unlink($_G['setting']['attachdir'] . 'common/' . $resource['data']['local']);
} else {
$_GET['data']['pic'] = $_GET['pic'];
}
$data = array('name' => $_GET['name'], 'data' => $_GET['data']);
C::t('#wechat#mobile_wechat_resource')->update($_GET['id'], $data);
cpmsg('setting_update_succeed', RSELF, 'succeed');
} elseif (submitcheck('delsubmit')) {
$resource = C::t('#wechat#mobile_wechat_resource')->fetch($_GET['id']);
if (!$resource) {
