$ubinding = array();
$ubindingneedupdatepwd = false;
$query = $db->query("SELECT u2.uid as uuid, u1.password as oldpassword, m.password, m.uid,m.username,m.groupid,m.memberid,m.regdate,mb.postnum FROM pw_userbinding u1 LEFT JOIN pw_userbinding u2 ON u1.id=u2.id LEFT JOIN pw_members m ON m.uid=u2.uid LEFT JOIN pw_memberdata mb ON m.uid=mb.uid WHERE u1.uid=" . S::sqlEscape($winduid));
while ($rt = $db->fetch_array($query)) {
if (empty($rt['uid'])) {
$db->update("DELETE FROM pw_userbinding WHERE uid=" . S::sqlEscape($rt['uuid'], false));
} elseif ($rt['uid'] != $winduid) {
$rt['groupid'] == '-1' && ($rt['groupid'] = $rt['memberid']);
$rt['regdate'] = get_date($rt['regdate']);
$ubinding[] = $rt;
} else {
$ubindingneedupdatepwd = $rt['password'] == $rt['oldpassword'] ? false : true;
}
unset($rt['password'], $rt['oldpassword']);
}
require_once uTemplate::PrintEot('info_binding');
pwOutPut();
} else {
if ($_POST['step'] == '2' || $_POST['step'] == '3') {
PostCheck();
!$_G['userbinding'] && Showmsg('undefined_action');
S::gp(array('username', 'password', 'question', 'customquest', 'answer'));
require_once R_P . 'require/checkpass.php';
if (empty($username) || empty($password)) {
Showmsg('login_empty');
}
if ($username == $windid) {
Showmsg('userbinding_same');
}
$password = md5($password);
$safecv = $db_ifsafecv ? questcode($question, $customquest, $answer) : '';
}
} elseif ($action == 'change') {
require_once R_P . 'require/credit.php';
$rt = $db->get_one("SELECT db_value FROM pw_config WHERE db_name='jf_A'");
$jf_A = $rt['db_value'] ? unserialize($rt['db_value']) : array();
if (empty($_POST['step'])) {
$creditdb = $credit->get($winduid, 'CUSTOM');
$jf = array();
foreach ($jf_A as $key => $value) {
if ($value[2]) {
list($j_1, $j_2) = explode('_', $key);
$jf[$key] = array($credit->cType[$j_1], $credit->cType[$j_2], $value[0], $value[1]);
}
}
!$jf && Showmsg('jfchange_empty');
require_once uTemplate::PrintEot('userpay');
pwOutPut();
} else {
PostCheck();
S::gp(array('type', 'change'));
if (!$jf_A[$type] || !$jf_A[$type][2]) {
Showmsg('bk_credit_type_error');
}
$change = (int) $change;
if (!is_numeric($change) || $change <= 0) {
Showmsg('bk_credit_fillin_error');
}
$change % $jf_A[$type][0] != 0 && Showmsg('change_error');
list($sell, $buy) = explode('_', $type);
$credit1 = $change;
$credit2 = intval($change / $jf_A[$type][0] * $jf_A[$type][1]);
!function_exists('readover') && exit('Forbidden');
if (!$_POST['step']) {
/* modify for authentication */
$isAuthMobile = getstatus($userdb['userstatus'], PW_USERSTATUS_AUTHMOBILE);
if ($db_authstate) {
if ($isAuthMobile && $userdb['authmobile']) {
//将手机号的中间四位隐掉
$authmobile = $userdb['authmobile'];
for ($i = 3; $i <= 6; $i++) {
$authmobile[$i] = '*';
}
}
}
/* modify for authentication */
$customFieldsString = getCustomFieldsAndDefaultValue('contact');
require_once uTemplate::PrintEot('info_link');
pwOutPut();
} elseif ($_POST['step'] == '2') {
PostCheck();
S::slashes($userdb);
S::gp(array('prooicq', 'proaliww', 'proicq', 'proyahoo', 'promsn', 'proauthmobile', 'oicq', 'aliww'), 'P');
//联系方式 处理
//$prooicq && !is_numeric($prooicq) && Showmsg('illegal_OICQ');
$proicq && !is_numeric($proicq) && Showmsg('illegal_OICQ');
$oicq && !is_numeric($oicq) && Showmsg('QQ号码只能输入数字');
if ($aliww && strlen($aliww) > 31) {
Showmsg('阿里旺旺账号字符不能超过30');
}
//update member
$pwSQL = array('icq' => $proicq);
/* modify for authentication */
$swfhash = GetVerify($winduid);
//$upload_param = rawurlencode($db_bbsurl.'/job.php?action=uploadicon&verify='.$swfhash.'&uid='.$winduid.'&');
$save_param = rawurlencode($db_bbsurl . '/job.php?action=uploadicon&step=2&');
$default_pic = rawurlencode("{$db_picpath}/facebg.jpg");
//$icon_encode_url = 'up='.$upload_param.'&saveFace='.$save_param.'&url='.$default_pic.'&PHPSESSID='.$sid.'&'.'imgsize='.$db_imgsize.'&';
$icon_encode_url = 'saveFace=' . $save_param . '&url=' . $default_pic . '&imgsize=' . $db_imgsize . '&';
} else {
$icon_encode_url = '';
}
if ($icontype == 2) {
$httpurl = $iconurl;
}
if ($icontype != 1) {
$iconfile = '';
}
require_once uTemplate::PrintEot('info_face');
pwOutPut();
} else {
if ($step == '2') {
PostCheck();
S::slashes($userdb);
S::gp(array('facetype', 'proicon'), 'P');
require_once R_P . 'require/showimg.php';
$user_a = explode('|', $winddb['icon']);
$usericon = '';
if ($facetype == 1) {
$usericon = setIcon($proicon, $facetype, $user_a);
} elseif ($_G['allowportait'] && $facetype == 2) {
$httpurl = S::getGP('httpurl', 'P');
if (strncmp($httpurl[0], 'http://', 7) != 0 || strrpos($httpurl[0], '|') !== false) {
refreshto("profile.php?action=modify&info_type={$info_type}&facetype={$facetype}", getLangInfo('msg', 'illegal_customimg'), 2, true);
$page = (int) $page;
if ($date && isset($forumset['sellprice'][$date])) {
} else {
(!is_numeric($page) || $page < 1) && ($page = 1);
$limit = S::sqlLimit(($page - 1) * 10, 10);
$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_forumsell WHERE uid=" . S::sqlEscape($winduid));
$pages = numofpage($rt['sum'], $page, ceil($rt['sum'] / 10), "profile.php?action=forumsell&fid={$fid}&");
$query = $db->query("SELECT * FROM pw_forumsell WHERE uid=" . S::sqlEscape($winduid) . " ORDER BY overdate DESC {$limit}");
$buydb = array();
while ($rt = $db->fetch_array($query)) {
$rt['buydate'] = get_date($rt['buydate']);
$rt['overdate'] = get_date($rt['overdate']);
$buydb[] = $rt;
}
}
require_once uTemplate::PrintEot('profile_forumsell');
pwOutPut();
} else {
PostCheck();
S::gp(array('date', 'buymethod'));
$rt = $db->get_one("SELECT MAX(overdate) AS u FROM pw_forumsell WHERE uid=" . S::sqlEscape($winduid) . " AND fid=" . S::sqlEscape($fid));
if ($rt['u'] > $timestamp) {
Showmsg('forumsell_already');
}
if (!isset($forumset['sellprice'][$date])) {
Showmsg('forumsell_date');
}
if ($buymethod) {
if ($forumset['sellprice'][$date]['rprice'] <= 0) {
Showmsg('undefined_action');
}
//$db_union[7] && list($customdata,$custominfo) = Getcustom($userdb['customdata']);
$customFieldsString = getCustomFieldsAndDefaultValue('basic');
$sexselect[(int) $userdb['gender']] = 'checked';
//$tradeinfo = unserialize($userdb['tradeinfo']);
if ($userdb['timedf']) {
$temptimedf = str_replace('.', '_', abs($userdb['timedf']));
$userdb['timedf'] < 0 ? ${'zone_0' . $temptimedf} = 'selected' : (${'zone_' . $temptimedf} = 'selected');
}
!$rg_timestart && ($rg_timestart = 1960);
!$rg_timeend && ($rg_timeend = 2010);
//$getbirthday = explode('-',$userdb['bday']);
//$yearslect[(int)$getbirthday[0]] = $monthslect[(int)$getbirthday[1]] = $dayslect[(int)$getbirthday[2]] = 'selected';
if ($userdb['signature'] || $userdb['introduce']) {
$SCR = 'post';
}
require_once uTemplate::PrintEot('info_base');
pwOutPut();
} elseif ($_POST['step'] == '2') {
PostCheck();
S::slashes($userdb);
$upmembers = $upmemdata = $upmeminfo = array();
//自我简介长度
strlen($_POST['prointroduce']) > 500 && Showmsg('introduce_limit');
//签名难
$_G['signnum'] && strlen($_POST['prosign']) > $_G['signnum'] && Showmsg('sign_limit');
S::gp(array('prohomepage', 'prohonor', 'prointroduce', 'prosign', 'timedf', 'alipay'), 'P');
S::gp(array('newgroupid', 'showsign', 'proreceivemail'), 'P', 2);
//strlen($prointroduce)>500 && Showmsg('introduce_limit');
if ($_G['allowhonor']) {
$prohonor = trim(substrs($prohonor, 90));
$upmembers['honor'] = $prohonor;
foreach ($creditset as $key => $value) {
foreach ($value as $k => $v) {
$forumright[$k][$key] = (int) $v;
}
}
$per['upload'] = $per['down'] = $per['rp'] = $per['post'] = $per['visit'] = 1;
$per['name'] = strip_tags($rt['name']);
if ($rt['allowvisit'] && strpos($rt['allowvisit'], ',' . $groupid . ',') === false) {
$per['visit'] = 0;
}
if ($rt['allowpost'] && strpos($rt['allowpost'], ',' . $groupid . ',') === false || !$rt['allowpost'] && $_G['allowpost'] == 0) {
$per['post'] = 0;
}
if ($rt['allowrp'] && strpos($rt['allowrp'], ',' . $groupid . ',') === false || !$rt['allowrp'] && $_G['allowpost'] == 0) {
$per['rp'] = 0;
}
if ($rt['allowdownload'] && strpos($rt['allowdownload'], ',' . $groupid . ',') === false) {
$per['down'] = 0;
} elseif (!$rt['allowdownload'] && $_G['allowpost'] == 0) {
$per['down'] = 0;
}
if ($rt['allowupload'] && strpos($rt['allowupload'], ',' . $groupid . ',') === false) {
$per['upload'] = 0;
} elseif (!$rt['allowupload'] && $_G['allowpost'] == 0) {
$per['upload'] = 0;
}
unset($forumset, $rt);
}
}
require_once uTemplate::PrintEot('profile_permission');
pwOutPut();
/**
* 资料设置页模板
*/
function getProfileTemplateByInfotype($infotype)
{
global $winduid;
$customFields = $this->customerField->getFieldsByCategoryName($infotype);
$templateString = '';
if ($customFields) {
$this->customerFieldData = L::loadClass('CustomerFieldData', 'user');
require_once uTemplate::PrintEot('customerfield_profile');
$template = new customerFieldProfileTemplate();
foreach ($customFields as $value) {
$customFieldValue = $this->customerFieldData->getCustomerData($value, $winduid);
if ($value['fieldname'] == 'bday' && $customFieldValue == '0000-00-00') {
$customFieldValue = date('Y-m-d', $GLOBALS['winddb']['regdate']);
}
$templateString .= $template->buildHtml($value, $customFieldValue);
}
}
return "<!--{$templateString}-->";
}
} elseif ($check_step == 'certificate') {
//证件认证
$step = S::getGP('step');
$authService = L::loadClass('Authentication', 'user');
if (empty($step)) {
$certificateTypesHtml = $authService->getCertificateTypeHtml();
} elseif ($step == 2) {
S::gp(array('certificate'));
L::loadClass('certificateupload', 'upload', false);
!$certificate['number'] && Showmsg("请输入证件编号");
//删除原有认证
$certificateInfo = $authService->getCertificateInfoByUid($winduid);
$certificateInfo && $authService->deleteCertificateById($certificateInfo['id']);
$certificateUploadBehavior = new CertificateUpload($winduid);
PwUpload::upload($certificateUploadBehavior);
$certificateInfo = $authService->getCertificateInfoByUid($winduid);
$data = array('type' => $certificate['type'], 'number' => $certificate['number'], 'createtime' => $timestamp, 'state' => 1);
if (!S::isArray($certificateInfo) || !$certificateInfo['attach1'] && !$certificateInfo['attach2']) {
/*
$data['uid'] = $winduid;
$authService->addCertificateInfo($data);
*/
Showmsg("请上传至少一张证件图片再提交");
} else {
$authService->updateCertificateInfo($data, $certificateInfo['id']);
}
refreshto("profile.php?action=auth", '提交成功,请等待管理员审核');
}
}
require_once uTemplate::PrintEot('profile_auth');
pwOutPut();
<?php
!function_exists('readover') && exit('Forbidden');
S::gp(array('step'));
if (empty($step)) {
$customFieldsString = getCustomFieldsAndDefaultValue('education');
require_once uTemplate::PrintEot('info_education');
pwOutPut();
} elseif ($step == 2) {
//update customerfield data
$customfieldService = L::loadClass('CustomerFieldService', 'user');
/* @var $customfieldService PW_CustomerFieldService */
$customfieldService->saveProfileCustomerData('education');
// defend start
CloudWind::yunUserDefend('editprofile', $winduid, $windid, $timestamp, 0, 101, '', '', '', array('profile' => 'updateeducation'));
// defend end
refreshto("profile.php?action=modify&info_type={$info_type}", 'operate_success', 2, true);
}
<?php
!function_exists('readover') && exit('Forbidden');
if (!$_POST['step']) {
$customFieldsString = getCustomFieldsAndDefaultValue('other');
require_once uTemplate::PrintEot('info_other');
pwOutPut();
} else {
if ($_POST['step'] == '2') {
PostCheck();
//update customerfield data
$customfieldService = L::loadClass('CustomerFieldService', 'user');
/* @var $customfieldService PW_CustomerFieldService */
$customfieldService->saveProfileCustomerData('other');
/*S::slashes($userdb);
$upmembers = $upmemdata = $upmeminfo = array();
foreach ($customfield as $value) {
$fieldvalue = S::escapeChar($_POST[$value['field']]);
if ($value['required'] && ($value['editable'] == 1 || strlen($userdb[$value['field']]) == 0) && !$fieldvalue) {
Cookie('pro_modify', 'other', 'F', false);
Showmsg('field_empty');
}
if (strlen($userdb[$value['field']]) == 0 || ($userdb[$value['field']] != $fieldvalue && $value['editable'] == 1)) {
if ($value['maxlen'] && strlen($fieldvalue) > $value['maxlen']) {
Showmsg('field_lenlimit');
}
$upmeminfo[$value['field']] = $fieldvalue;
}
}
//update meminfo
if ($upmeminfo) {
$query = $db->query("SELECT o.*,m.icon as face FROM pw_oboard o LEFT JOIN pw_members m ON o.uid=m.uid WHERE o.touid=" . S::sqlEscape($uid) . " ORDER BY o.id DESC {$limit}");
while ($rt = $db->fetch_array($query)) {
$rt['postdate'] = get_date($rt['postdate']);
list($rt['face']) = showfacedesign($rt['face'], 1, 'm');
if ($rt['groupid'] == 6 && $db_shield && $groupid != 3) {
$rt['title'] = appShield('ban_feed');
} elseif (!$wordsfb->equal($rt['ifwordsfb'])) {
$rt['title'] = $wordsfb->convert($rt['title'], array('id' => $rt['id'], 'type' => 'comments', 'code' => $rt['ifwordsfb']));
}
if (strpos($rt['title'], '[s:') !== false) {
$tpc_author = $rt['username'];
$rt['title'] = showface($rt['title']);
}
if (strpos($rt['title'], '[url') !== false) {
$rt['title'] = convert($rt['title'], $db_windpost);
}
$boardids[] = $rt['id'];
$boards[] = $rt;
}
if (!empty($boardids)) {
$commentdb = getCommentDb('board', $boardids);
}
$friendsService = L::loadClass('Friend', 'friend');
/* @var $friendsService PW_Friend */
$ismyfriend = 1;
if ($friendsService->isFriend($winduid, $uid) !== true) {
$is_friend = 0;
}
$isSpace = true;
require_once uTemplate::PrintEot('space_board');
pwOutPut();
<?php
!function_exists('readover') && exit('Forbidden');
if (!$step) {
$ifppt = false;
if (!$db_pptifopen || $db_ppttype == 'server') {
$ifppt = true;
}
$ifpublic = $userService->getUserStatus($winduid, PW_USERSTATUS_PUBLICMAIL) ? 'checked' : '';
require_once uTemplate::PrintEot('info_safe');
pwOutPut();
} else {
if ($step == '2') {
PostCheck();
S::slashes($userdb);
$upmembers = $upmemdata = $upmeminfo = array();
if ($ifppt) {
//* include_once pwCache::getPath(D_P.'data/bbscache/dbreg.php');
extract(pwCache::getData(D_P . 'data/bbscache/dbreg.php', false));
S::gp(array('propwd', 'proemail', 'question'), 'P');
if ($propwd || $userdb['email'] != $proemail) {
if ($_POST['oldpwd']) {
if (strlen($userdb['password']) == 16) {
$_POST['oldpwd'] = substr(md5($_POST['oldpwd']), 8, 16);
//支持 16 位 md5截取密码
} else {
$_POST['oldpwd'] = md5($_POST['oldpwd']);
}
}
$userdb['password'] != $_POST['oldpwd'] && Showmsg('pwd_confirm_fail');
if ($propwd) {
}
refreshto("profile.php?action=toolcenter", 'operate_success');
}
} elseif ($job == 'use' || $job == 'ajax') {
$toolid = (int) S::getGP('toolid');
if (!$toolid) {
$tooldb = array();
$query = $db->query("SELECT * FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid=" . S::sqlEscape($winduid) . "ORDER BY vieworder");
while ($rt = $db->fetch_array($query)) {
$rt['descrip'] = substrs($rt['descrip'], 45);
$tooldb[] = $rt;
}
if (!$tooldb) {
Showmsg('no_tool');
}
require_once uTemplate::PrintEot('profile_toolcenter');
pwOutPut();
}
$tooldb = $db->get_one("SELECT u.nums,t.name,t.filename,t.state,t.type,t.conditions FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid=" . S::sqlEscape($winduid) . "AND u.toolid=" . S::sqlEscape($toolid));
!$db_toolifopen && Showmsg('toolcenter_close');
if (!$tooldb || $tooldb['nums'] <= 0) {
Showmsg('nothistool');
}
if ($tooldb['type'] == 1) {
!$tid && Showmsg('illegal_tid');
$condition = unserialize($tooldb['conditions']);
$tpcdb = $db->get_one("SELECT fid,subject,authorid,topped,toolfield FROM pw_threads WHERE tid=" . S::sqlEscape($tid));
if (!$tpcdb) {
Showmsg('illegal_tid');
}
if ($condition['forum'] && strpos($condition['forum'], ",{$tpcdb['fid']},") === false) {
<?php
!function_exists('readover') && exit('Forbidden');
S::gp(array('step', 'info_type'));
if (!$step) {
$memberTagsService = L::loadClass('MemberTagsService', 'user');
$modelList['tags'] = array('num' => 10, 'expire' => 7200);
$spaceData = $newSpace->getSpaceData($modelList);
$memberTags = $spaceData['tags'];
//¸öÈ˱êÇ©
$hotTagsNum = $memberTagsService->countHotTagsNum();
$hotTags = $memberTagsService->getTagsByNum(8);
require_once uTemplate::PrintEot('info_tags');
pwOutPut();
}
Showmsg('specialgroup_exists');
}
$rt = $db->get_one("SELECT gid,grouptitle FROM pw_usergroups WHERE gptype='special' AND gid=" . S::sqlEscape($gid));
if (!$rt) {
Showmsg('specialgroup_error');
}
$query = $db->query("SELECT gid,rkey,rvalue FROM pw_permission WHERE uid='0' AND fid='0' AND gid=" . S::sqlEscape($gid) . " AND rkey IN ('sellinfo','sellprice','rmbprice','selltype','selllimit','allowbuy')");
while ($permi = $db->fetch_array($query)) {
$rt['sright'][$permi['rkey']] = $permi['rvalue'];
}
if (!$rt['sright']['allowbuy']) {
Showmsg('special_allowbuy');
}
if (empty($_POST['step'])) {
$rt['sright']['selltype'] = $credit->cType[$rt['sright']['selltype']];
require_once uTemplate::PrintEot('profile_buy');
pwOutPut();
} else {
PostCheck();
S::gp(array('pwpwd'), 'P');
S::gp(array('days', 'buymethod', 'options'), null, 2);
if (!is_numeric($days) || $days <= 0) {
Showmsg('illegal_nums');
}
if ($days < $rt['sright']['selllimit']) {
Showmsg('special_selllimit');
}
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$mb = $userService->get($winduid);
if ($gid == $groupid || strpos($mb['groups'], ",{$gid},") !== false) {
} else {
$joblists = $jobService->getFinishJobs($winduid);
$jobs = $jobService->buildLists($joblists, $action, $winduid, $groupid);
}
$current[2] = "current";
require_once uTemplate::PrintEot('jobcenter');
pwOutPut();
} elseif ($action == "quit") {
if ($step == 2) {
list($bool, $message) = $jobService->jobQuitController($winduid, $id);
ajaxResponse($message, $bool);
}
$joblists = $jobService->getQuitJobs($winduid);
$jobs = $jobService->buildLists($joblists, $action, $winduid, $groupid);
$current[3] = "current";
require_once uTemplate::PrintEot('jobcenter');
pwOutPut();
} elseif ($action == "start") {
//获取任务开始链接
list($bool, $message, $link) = $jobService->jobStartController($winduid, $id);
if (S::getGP('ajax')) {
ajax_footer();
}
if (!$bool) {
refreshto("jobcenter.php?action=applied", $message);
}
if ($link == "") {
refreshto("jobcenter.php?action=applied", "任务开始");
} else {
ObHeader($link);
}
