while ($row = RenDB_Fetch_Array($result)) { if ($row['u_stand'] == 0) { //游客 continue; } if (In_names($row['fake_name'], $udata['friends']) || IsSameName($row['fake_name'], $udata['u_name'])) { continue; } $contact_options .= "<option style=\"color:999999#\" value=\"{$row['fake_name']}\" >{$row['fake_name']}</option>"; } eval("echo \"" . LoadTemplate("pm_form_invite") . "\";"); exit; break; case 'new2': $message = BBInputFilter($message, 10); $message = CSubStr($message, 0, $cfg['maxmsg']); if ($message == '') { SimplyBox('请填写内容'); } case 'invite2': if ($sendto == '') { SimplyBox('请填写收件人'); } if (IsSameName($sendto, $udata['u_name'])) { SimplyBox('不能给自己发消息'); } if ($action == 'invite2') { $pm_stand = 4; $message = '[url=m_view.php?name=' . urlencode($udata['u_name']) . "]{$udata['u_name']}[/url] 邀请您下棋,点击[url=room_new.php?byname={$udata['u_name']}]这里[/url]查看."; } else { $pm_stand = $udata['u_stand'];
//if(!array_key_exists($qq_type,explode('|',$cfg['qq_types'])))$qq_type=0; require_once('./include/txt_func.php'); $u_qq=BBInputFilter($u_qq,1); $u_qq=CSubStr( $u_qq, 0, 60 ); $u_website=BBInputFilter($u_website,1); $u_website=CSubStr( $u_website, 0, 120 ); $u_from=BBInputFilter($u_from,1); $u_from=CSubStr( $u_from, 0, 20 ); $u_bio=BBInputFilter($u_bio,10); $u_bio=CSubStr( $u_bio, 0, $cfg['maxbio'] ); //$u_sig=BBInputFilter($u_sig,5); //$u_sig=CSubStr( $u_sig, 0, $cfg['maxsig'] ); $u_avatar=BBInputFilter($u_avatar,1); $u_avatar=CSubStr( $u_avatar, 0, 120 ); //insert into database $sql="UPDATE $cfg[tb_members] SET "; $sql.="u_pass ='******',"; $sql.="u_email ='$new_email',"; $sql.="show_email ='$show_email',"; $sql.="u_bio ='$u_bio',"; //$sql.="u_sig ='$u_sig',"; $sql.="u_avatar ='$u_avatar', "; $sql.="u_gender ='$u_gender', "; $sql.="u_qq ='$u_qq', "; //$sql.="qq_type ='$qq_type', "; $sql.="u_from ='$u_from', "; $sql.="u_website='$u_website' ";
ACP_MessageBox('IP格式不正确'); } $mycell = explode('.', $userip); //检查是不是自己的IP $cell = explode('.', $ban_ip); if ($cell[3] == '*') { if ($mycell[0] == $cell[0] && $mycell[1] == $cell[1] && $mycell[2] == $cell[2]) { ACP_MessageBox('不能屏蔽自己的IP'); } } else { if ($ban_ip == $userip) { ACP_MessageBox('不能屏蔽自己的IP'); } } require_once '../include/txt_func.php'; $ban_reason = CSubStr($ban_reason, 0, 40); $sql = "SELECT COUNT(*) FROM `{$cfg['tb_banips']}` WHERE ban_ip='{$ban_ip}'"; $result = RenDB_Query($sql); if ($row = RenDB_Fetch_Row($result)) { if ($row[0]) { ACP_MessageBox($ban_ip . ' 已经在屏蔽列表中'); } } $sql = "INSERT INTO `{$cfg['tb_banips']}` SET ban_ip='{$ban_ip}',ban_time='{$nowtime}', ban_reason='{$ban_reason}'"; RenDB_Query($sql); ACP_WriteLog("屏蔽IP {$ban_ip} "); Header("Location: index.php?mode=ip_man"); exit; break; case 'unban': if (!isset($ban_ip)) {
} if ($timeadd > 525600 || $timeadd < 10) { ACP_MessageBox('总限时应该在10分钟-365天之间'); } if ($timestep > $timeadd) { $timestep = $timeadd; } $timeadd *= 60; $timestep *= 60; $startdate = strtotime($startdate); if ($startdate < $nowtime) { ACP_MessageBox('开始时间不能早于现在'); } require_once '../include/txt_func.php'; $description = CSubStr($description, 0, 65533); $cp_name = CSubStr($cp_name, 0, 253); $group_player = str_replace("\r\n", "\n", $group_player); $group_player = explode("\n\n", $group_player); require_once '../include/m_func.php'; $players = array(); foreach ($group_player as $k => $v) { $v = explode("\n", $v); foreach ($v as $k1 => $v1) { $v1 = trim($v1); $v[$k1] = $v1; if ($v1 == '') { unset($v[$k1]); } elseif (!IsMember($v1)) { ACP_MessageBox("{$v1}不是注册用户"); } }
<?php require_once './include/common.php'; if (!isset($gid, $message)) { ErrorBox($str['act_err']); } $gid = intval($gid); require_once './include/txt_func.php'; $message = BBInputFilter($message, 1); $message = CSubStr($message, 0, 253); if ($message == '') { MessageBox($str['req_content']); } $sql = "SELECT COUNT(*) FROM `{$cfg['tb_games']}` WHERE gid='{$gid}' LIMIT 1"; $result = RenDB_Query($sql); $row = RenDB_Fetch_Row($result); if (!$row[0]) { MessageBox($str['g_not_found']); } $sql = "SELECT COUNT(*) FROM `{$cfg['tb_chats']}` WHERE gid='{$gid}'"; $result = RenDB_Query($sql); $row = RenDB_Fetch_Row($result); if ($row[0] > 25) { $sql = "SELECT * FROM `{$cfg['tb_chats']}` WHERE gid='{$gid}' ORDER BY chat_id LIMIT 3,1"; $result = RenDB_Query($sql); if ($chatdata = RenDB_Fetch_Array($result)) { $sql = "DELETE FROM `{$cfg['tb_chats']}` WHERE gid='{$gid}' AND chat_id<'{$chatdata['chat_id']}'"; RenDB_Query($sql, true); } } //$author=$udata['is_member']?$udata['u_name']:'Guest';
$u_qq = BBInputFilter($u_qq, 1); $u_qq = CSubStr($u_qq, 0, 60); $u_website = BBInputFilter($u_website, 1); $u_website = CSubStr($u_website, 0, 120); $u_from = BBInputFilter($u_from, 1); $u_from = CSubStr($u_from, 0, 20); $u_bio = BBInputFilter($u_bio, 10); $u_bio = CSubStr($u_bio, 0, $cfg['maxbio']); //$u_sig=BBInputFilter($u_sig,5); //$u_sig=CSubStr( $u_sig, 0, $cfg['maxsig'] ); $u_avatar = BBInputFilter($u_avatar, 1); $u_avatar = CSubStr($u_avatar, 0, 120); $friends = BBInputFilter($u_friends, 1); $friends = CSubStr($friends, 0, 253); $blacklist = BBInputFilter($u_blacklist, 1); $blacklist = CSubStr($blacklist, 0, 253); //insert into database $sql = "UPDATE {$cfg['tb_members']} SET "; $sql .= "u_pass\t='{$new_pass}',"; $sql .= "u_email\t\t='{$u_email}',"; $sql .= "show_email\t='{$show_email}',"; $sql .= "u_gender\t='{$u_gender}', "; //$sql.="posts ='$posts', "; //$sql.="credit ='$credit', "; $sql .= "skill\t='{$skill}', "; $sql .= "g_w\t='{$g_w}', "; $sql .= "g_d\t='{$g_d}', "; $sql .= "g_l\t='{$g_l}', "; $sql .= "g_to\t='{$g_to}', "; $sql .= "u_from\t='{$u_from}', "; $sql .= "u_qq\t='{$u_qq}', ";