while ($row = RenDB_Fetch_Array($result)) {
if ($row['u_stand'] == 0) {
//游客
continue;
}
if (In_names($row['fake_name'], $udata['friends']) || IsSameName($row['fake_name'], $udata['u_name'])) {
continue;
}
$contact_options .= "<option style=\"color:999999#\" value=\"{$row['fake_name']}\" >{$row['fake_name']}</option>";
}
eval("echo \"" . LoadTemplate("pm_form_invite") . "\";");
exit;
break;
case 'new2':
$message = BBInputFilter($message, 10);
$message = CSubStr($message, 0, $cfg['maxmsg']);
if ($message == '') {
SimplyBox('请填写内容');
}
case 'invite2':
if ($sendto == '') {
SimplyBox('请填写收件人');
}
if (IsSameName($sendto, $udata['u_name'])) {
SimplyBox('不能给自己发消息');
}
if ($action == 'invite2') {
$pm_stand = 4;
$message = '[url=m_view.php?name=' . urlencode($udata['u_name']) . "]{$udata['u_name']}[/url] 邀请您下棋,点击[url=room_new.php?byname={$udata['u_name']}]这里[/url]查看.";
} else {
$pm_stand = $udata['u_stand'];
//if(!array_key_exists($qq_type,explode('|',$cfg['qq_types'])))$qq_type=0;
require_once('./include/txt_func.php');
$u_qq=BBInputFilter($u_qq,1);
$u_qq=CSubStr( $u_qq, 0, 60 );
$u_website=BBInputFilter($u_website,1);
$u_website=CSubStr( $u_website, 0, 120 );
$u_from=BBInputFilter($u_from,1);
$u_from=CSubStr( $u_from, 0, 20 );
$u_bio=BBInputFilter($u_bio,10);
$u_bio=CSubStr( $u_bio, 0, $cfg['maxbio'] );
//$u_sig=BBInputFilter($u_sig,5);
//$u_sig=CSubStr( $u_sig, 0, $cfg['maxsig'] );
$u_avatar=BBInputFilter($u_avatar,1);
$u_avatar=CSubStr( $u_avatar, 0, 120 );
//insert into database
$sql="UPDATE $cfg[tb_members] SET ";
$sql.="u_pass ='******',";
$sql.="u_email ='$new_email',";
$sql.="show_email ='$show_email',";
$sql.="u_bio ='$u_bio',";
//$sql.="u_sig ='$u_sig',";
$sql.="u_avatar ='$u_avatar', ";
$sql.="u_gender ='$u_gender', ";
$sql.="u_qq ='$u_qq', ";
//$sql.="qq_type ='$qq_type', ";
$sql.="u_from ='$u_from', ";
$sql.="u_website='$u_website' ";
ACP_MessageBox('IP格式不正确');
}
$mycell = explode('.', $userip);
//检查是不是自己的IP
$cell = explode('.', $ban_ip);
if ($cell[3] == '*') {
if ($mycell[0] == $cell[0] && $mycell[1] == $cell[1] && $mycell[2] == $cell[2]) {
ACP_MessageBox('不能屏蔽自己的IP');
}
} else {
if ($ban_ip == $userip) {
ACP_MessageBox('不能屏蔽自己的IP');
}
}
require_once '../include/txt_func.php';
$ban_reason = CSubStr($ban_reason, 0, 40);
$sql = "SELECT COUNT(*) FROM `{$cfg['tb_banips']}` WHERE ban_ip='{$ban_ip}'";
$result = RenDB_Query($sql);
if ($row = RenDB_Fetch_Row($result)) {
if ($row[0]) {
ACP_MessageBox($ban_ip . ' 已经在屏蔽列表中');
}
}
$sql = "INSERT INTO `{$cfg['tb_banips']}` SET ban_ip='{$ban_ip}',ban_time='{$nowtime}', ban_reason='{$ban_reason}'";
RenDB_Query($sql);
ACP_WriteLog("屏蔽IP {$ban_ip} ");
Header("Location: index.php?mode=ip_man");
exit;
break;
case 'unban':
if (!isset($ban_ip)) {
}
if ($timeadd > 525600 || $timeadd < 10) {
ACP_MessageBox('总限时应该在10分钟-365天之间');
}
if ($timestep > $timeadd) {
$timestep = $timeadd;
}
$timeadd *= 60;
$timestep *= 60;
$startdate = strtotime($startdate);
if ($startdate < $nowtime) {
ACP_MessageBox('开始时间不能早于现在');
}
require_once '../include/txt_func.php';
$description = CSubStr($description, 0, 65533);
$cp_name = CSubStr($cp_name, 0, 253);
$group_player = str_replace("\r\n", "\n", $group_player);
$group_player = explode("\n\n", $group_player);
require_once '../include/m_func.php';
$players = array();
foreach ($group_player as $k => $v) {
$v = explode("\n", $v);
foreach ($v as $k1 => $v1) {
$v1 = trim($v1);
$v[$k1] = $v1;
if ($v1 == '') {
unset($v[$k1]);
} elseif (!IsMember($v1)) {
ACP_MessageBox("{$v1}不是注册用户");
}
}
<?php
require_once './include/common.php';
if (!isset($gid, $message)) {
ErrorBox($str['act_err']);
}
$gid = intval($gid);
require_once './include/txt_func.php';
$message = BBInputFilter($message, 1);
$message = CSubStr($message, 0, 253);
if ($message == '') {
MessageBox($str['req_content']);
}
$sql = "SELECT COUNT(*) FROM `{$cfg['tb_games']}` WHERE gid='{$gid}' LIMIT 1";
$result = RenDB_Query($sql);
$row = RenDB_Fetch_Row($result);
if (!$row[0]) {
MessageBox($str['g_not_found']);
}
$sql = "SELECT COUNT(*) FROM `{$cfg['tb_chats']}` WHERE gid='{$gid}'";
$result = RenDB_Query($sql);
$row = RenDB_Fetch_Row($result);
if ($row[0] > 25) {
$sql = "SELECT * FROM `{$cfg['tb_chats']}` WHERE gid='{$gid}' ORDER BY chat_id LIMIT 3,1";
$result = RenDB_Query($sql);
if ($chatdata = RenDB_Fetch_Array($result)) {
$sql = "DELETE FROM `{$cfg['tb_chats']}` WHERE gid='{$gid}' AND chat_id<'{$chatdata['chat_id']}'";
RenDB_Query($sql, true);
}
}
//$author=$udata['is_member']?$udata['u_name']:'Guest';
$u_qq = BBInputFilter($u_qq, 1);
$u_qq = CSubStr($u_qq, 0, 60);
$u_website = BBInputFilter($u_website, 1);
$u_website = CSubStr($u_website, 0, 120);
$u_from = BBInputFilter($u_from, 1);
$u_from = CSubStr($u_from, 0, 20);
$u_bio = BBInputFilter($u_bio, 10);
$u_bio = CSubStr($u_bio, 0, $cfg['maxbio']);
//$u_sig=BBInputFilter($u_sig,5);
//$u_sig=CSubStr( $u_sig, 0, $cfg['maxsig'] );
$u_avatar = BBInputFilter($u_avatar, 1);
$u_avatar = CSubStr($u_avatar, 0, 120);
$friends = BBInputFilter($u_friends, 1);
$friends = CSubStr($friends, 0, 253);
$blacklist = BBInputFilter($u_blacklist, 1);
$blacklist = CSubStr($blacklist, 0, 253);
//insert into database
$sql = "UPDATE {$cfg['tb_members']} SET ";
$sql .= "u_pass\t='{$new_pass}',";
$sql .= "u_email\t\t='{$u_email}',";
$sql .= "show_email\t='{$show_email}',";
$sql .= "u_gender\t='{$u_gender}', ";
//$sql.="posts ='$posts', ";
//$sql.="credit ='$credit', ";
$sql .= "skill\t='{$skill}', ";
$sql .= "g_w\t='{$g_w}', ";
$sql .= "g_d\t='{$g_d}', ";
$sql .= "g_l\t='{$g_l}', ";
$sql .= "g_to\t='{$g_to}', ";
$sql .= "u_from\t='{$u_from}', ";
$sql .= "u_qq\t='{$u_qq}', ";
