function GetPropertiesFromDataSet($DataSet) { $this->ClippingID = ForceInt(@$DataSet["ClippingID"], 0); $this->UserID = ForceInt(@$DataSet["UserID"], 0); $this->Label = ForceString(@$DataSet["Label"], ""); $this->Contents = ForceString(@$DataSet["Contents"], ""); }
function RemoveRole($RemoveRoleID, $ReplacementRoleID) { $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s->SetMainTable('User', 'u'); $s->AddSelect('UserID', 'u'); $s->AddJoin('Role', 'r', 'RoleID', 'u', 'RoleID', 'inner join'); $s->AddWhere('u', 'RoleID', '', $RemoveRoleID, '='); $s->AddWhere('r', 'Unauthenticated', '', '0', '='); $OldRoleUsers = $this->Context->Database->Select($s, $this->Name, 'RemoveRole', 'An error occurred while attempting to remove the role.'); if ($this->Context->Database->RowCount($OldRoleUsers) > 0) { $um = $this->Context->ObjectFactory->NewContextObject($this->Context, 'UserManager'); // Reset the role for all of the affected users $urh = $this->Context->ObjectFactory->NewObject($this->Context, 'UserRoleHistory'); $urh->RoleID = $ReplacementRoleID; $urh->AdminUserID = $this->Context->Session->UserID; $urh->Notes = "The user's previous role has been made obselete."; while ($row = $this->Context->Database->GetRow($OldRoleUsers)) { $urh->UserID = ForceInt($row['UserID'], 0); $um->AssignRole($urh); } } $s->Clear(); $s->SetMainTable('Role', 'r'); $s->AddFieldNameValue('Active', '0'); $s->AddWhere('r', 'RoleID', '', $RemoveRoleID, '='); $this->Context->Database->Update($s, $this->Name, 'RemoveRole', 'An error occurred while attempting to remove the role.'); return 1; }
function AddString($String, $Position = '0', $ForcePosition = '0') { $this->CallDelegate('AddString'); $Position = ForceInt($Position, 0); $StringKey = count($this->Strings); $this->Strings[] = $String; $this->AddItemToCollection($this->PanelElements, array('Type' => 'String', 'Key' => $StringKey), $Position, $ForcePosition); }
function GetPropertiesFromDataSet($DataSet) { $this->CategoryID = ForceInt(@$DataSet['CategoryID'], 0); $this->Name = ForceString(@$DataSet['Name'], ''); $this->Description = ForceString(@$DataSet['Description'], ''); $this->DiscussionCount = ForceInt(@$DataSet['DiscussionCount'], 0); $this->Blocked = ForceBool(@$DataSet['Blocked'], 0); $this->RoleBlocked = ForceBool(@$DataSet['RoleBlocked'], 0); }
function Start(&$Context, $UserID = "0") { if (!session_id()) { session_start(); } $UserID = ForceInt($UserID, 0); if ($UserID > 0) { $this->UserID = $UserID; $this->SetVariable("UserID", $UserID); } else { $this->UserID = $this->GetVariable("UserID", "int"); } $um = false; // If the session vars are not defined, attempt to revalidate the session from cookies if ($this->UserID == 0) { // NOTE: the session object is not yet valid in the context object $um = $Context->ObjectFactory->NewContextObject($Context, "UserManager"); $this->UserID = $um->ValidateCookieCredentials(); $this->SetVariable("UserID", $this->UserID); } // Now retrieve user information if ($this->UserID > 0) { if (!$um) { $um = $Context->ObjectFactory->NewContextObject($Context, "UserManager"); } $this->User = $um->GetSessionDataById($this->UserID); $GrpTmp = $this->User->UserMainGroup; foreach (array_keys($this->User->UserGroups) as $GrpID) { $GrpTmp[$GrpID] = $this->User->UserGroups[$GrpID]; } $this->SetVariable("UserGroups", @$GrpTmp); $this->SetVariable("Settings", $this->User->Settings); // If the session data retrieval failed for some reason, dump the user if (!$this->User) { $this->User = $Context->ObjectFactory->NewContextObject($Context, "User"); $this->User->Clear(); $this->UserID = 0; } } else { $FauxContext = 0; $this->User = $Context->ObjectFactory->NewObject($FauxContext, "User"); $this->User->Clear(); } /*/ Handle Work-Safe Mode Switches $HtmlOn = ForceIncomingString("h", "1"); if ($HtmlOn != "" && $this->UserID > 0) { if (!$um) { $um = $Context->ObjectFactory->NewContextObject($Context, "UserManager", $Context); } if (ForceBool($HtmlOn, 0)) { $um->ShowHtml($this->UserID); } else { $um->HideHtml($this->UserID); } }*/ }
function AddControl($Event, $Control, $Position = "0") { $Position = ForceInt($Position, -1); if ($Position >= 0) { $this->InsertControlAt($this->Controls[$Event], $Control, $Position); } else { $this->Controls[$Event][] = $Control; } }
function ForceIntFrom($VariableName, $DefaultValue = 0) { if (isset($_GET[$VariableName])) { return ForceInt($_GET[$VariableName], $DefaultValue); } elseif (isset($_POST[$VariableName])) { return ForceInt($_POST[$VariableName], $DefaultValue); } else { return $DefaultValue; } }
function GetPropertiesFromDataSet($DataSet, $ParseKeywords = '0') { $ParseKeywords = ForceBool($ParseKeywords, 0); $this->SearchID = ForceInt(@$DataSet['SearchID'], 0); $this->Label = ForceString(@$DataSet['Label'], ''); $this->Type = $this->DefineType(ForceString(@$DataSet['Type'], '')); $this->Keywords = urldecode(ForceString(@$DataSet['Keywords'], '')); if ($ParseKeywords) { $this->ParseKeywords($this->Type, $this->Keywords); } }
function GetSearchList($RecordsToRetrieve = '0', $UserID) { $RecordsToRetrieve = ForceInt($RecordsToRetrieve, 0); $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s = $this->GetSearchBuilder(); $s->AddWhere('us', 'UserID', '', $UserID, '='); if ($RecordsToRetrieve > 0) { $s->AddLimit(0, $RecordsToRetrieve); } return $this->Context->Database->Select($s, $this->Name, 'GetSearchList', 'An error occurred while retrieving saved searches.'); }
function AddControl($Event, &$Control, $Position = '0') { $Position = ForceInt($Position, -1); if ($Position >= 0) { // Create the key/array if it doesn't exist yet if (!array_key_exists($Event, $this->Controls)) { $this->Controls[$Event] = array(); } $this->InsertControlAt($this->Controls[$Event], $Control, $Position); } else { $this->Controls[$Event][] =& $Control; } }
function GetPropertiesFromDataSet($DataSet) { $this->UserID = ForceInt(@$DataSet['UserID'], 0); $this->Username = ForceString(@$DataSet['Username'], ''); $this->FullName = ForceString(@$DataSet['FullName'], ''); $this->RoleID = ForceInt(@$DataSet['RoleID'], 0); $this->Role = ForceString(@$DataSet['Role'], ''); $this->RoleDescription = ForceString(@$DataSet['RoleDescription'], ''); $this->RoleIcon = ForceString(@$DataSet['RoleIcon'], ''); $this->AdminUserID = ForceInt(@$DataSet['AdminUserID'], 0); $this->AdminUsername = ForceString(@$DataSet['AdminUsername'], ''); $this->AdminFullName = ForceString(@$DataSet['AdminFullName'], ''); $this->Notes = ForceString(@$DataSet['Notes'], ''); $this->Date = UnixTimestamp(@$DataSet['Date']); }
function GetPropertiesFromDataSet($DataSet, &$Context) { $this->Title = FormatHtmlStringInline(ForceString($DataSet["Name"], "")); $this->Link = PrependString("http://", AppendFolder(agDOMAIN, "comments.php?DiscussionID=" . ForceInt($DataSet["DiscussionID"], 0))); $this->Id = $this->Link; $this->Published = FixDate(@$DataSet["DateCreated"]); $this->Updated = FixDate(@$DataSet["DateLastActive"]); $this->AuthorName = FormatHtmlStringInline(ForceString($DataSet["AuthUsername"], "")); $this->AuthorUrl = PrependString("http://", AppendFolder(agDOMAIN, "account.php?u=" . ForceInt($DataSet["AuthUserID"], 0))); $this->Content = $this->RemoveHtml(ForceString(@$DataSet["Body"], "")); $this->Summary = SliceString($this->Content, 200); $this->Summary = str_replace("\r\n", " ", $this->Content); $this->Content = str_replace("\r\n", "<br />", $this->Content); if (agUSE_CATEGORIES) { $this->Category = FormatStringForDisplay(ForceString($DataSet["Category"], ""), true); $this->CategoryLink = "http://" . AppendFolder(agDOMAIN, "?CategoryID=" . ForceInt($DataSet["CategoryID"], 0)); } }
function MultiFileUpload_AttachmentForm(&$AttachmentManager) { $AttachmentForm =& $AttachmentManager->DelegateParameters['AttachmentForm']; $AttachmentForm = ' <ul><li><label for="Attachments"><span onclick="showMultiFileUpload(); return false;" style="cursor: pointer;" id="AttachmentsLabel">[+] ' . $AttachmentManager->Context->GetDefinition("Attachments") . '</span></label> ' . $AttachmentManager->GetAttachmentsList($AttachmentManager->CommentID) . ' <div id="MultiFileUpload" style="display: none;"> <div id="AttachmentsList"></div> <input id="AttachmentFile" type="file" name="file" class="AttachmentInput" /> </div> </li></ul> <script type="text/javascript" language="javascript"> function showMultiFileUpload() { var txtAttachments = "' . $AttachmentManager->Context->GetDefinition("Attachments") . '"; var objAttachmentsLabel = document.getElementById("AttachmentsLabel"); var objMultiFileUpload = document.getElementById("MultiFileUpload"); if (objAttachmentsLabel.innerHTML == "[-] " + txtAttachments) { objAttachmentsLabel.innerHTML = "[+] " + txtAttachments; objMultiFileUpload.style.display = "none"; } else { objAttachmentsLabel.innerHTML = "[-] " + txtAttachments; objMultiFileUpload.style.display = "block"; } } var f = document.getElementById(\'' . $AttachmentManager->FormName . '\'); f.encoding = \'multipart/form-data\'; '; if (ForceInt($AttachmentManager->Context->Configuration['MULTI_FILE_UPLOADS'], 0) > 1) { $AttachmentForm .= ' var multi_selector = new MultiSelector(document.getElementById("AttachmentsList"), ' . $AttachmentManager->Context->Configuration['MULTI_FILE_UPLOADS'] . '); multi_selector.addElement(document.getElementById("AttachmentFile")); '; } $AttachmentForm .= ' </script> '; }
function GetPropertiesFromDataSet($DataSet) { $this->RoleID = ForceInt(@$DataSet['RoleID'], 0); $this->RoleName = ForceString(@$DataSet['Name'], ''); $this->Icon = ForceString(@$DataSet['Icon'], ''); $this->Description = ForceString(@$DataSet['Description'], ''); $this->PERMISSION_SIGN_IN = ForceBool(@$DataSet['PERMISSION_SIGN_IN'], 0); $this->PERMISSION_HTML_ALLOWED = ForceBool(@$DataSet['PERMISSION_HTML_ALLOWED'], 0); $this->PERMISSION_RECEIVE_APPLICATION_NOTIFICATION = ForceBool(@$DataSet['PERMISSION_RECEIVE_APPLICATION_NOTIFICATION'], 0); $this->Unauthenticated = ForceBool(@$DataSet['Unauthenticated'], 0); $TempPermissions = ''; $TempPermissions = ForceString(@$DataSet['Permissions'], ''); $TempPermissions = UnserializeAssociativeArray($TempPermissions); $this->Permissions['PERMISSION_SIGN_IN'] = $this->PERMISSION_SIGN_IN; $this->Permissions['PERMISSION_HTML_ALLOWED'] = $this->PERMISSION_HTML_ALLOWED; $this->Permissions['PERMISSION_RECEIVE_APPLICATION_NOTIFICATION'] = $this->PERMISSION_RECEIVE_APPLICATION_NOTIFICATION; while (list($TempKey, $TempValue) = each($TempPermissions)) { $this->Permissions[$TempKey] = $TempValue; } unset($TempPermissions); }
function HighlightTrimmedString($Haystack, $Needles, $TrimLength = '') { $Highlight = '<span class="Highlight">\\1</span>'; $Pattern = '#(?!<.*?)(%s)(?![^<>]*?>)#i'; $TrimLength = ForceInt($TrimLength, 0); if ($TrimLength > 0) { $Haystack = SliceString($Haystack, $TrimLength); } $WordsToHighlight = count($Needles); if ($WordsToHighlight > 0) { $i = 0; for ($i = 0; $i < $WordsToHighlight; $i++) { if (strlen($Needles[$i]) > 2) { $CurrentWord = preg_quote($Needles[$i]); $Regex = sprintf($Pattern, $CurrentWord); $Haystack = preg_replace($Regex, $Highlight, $Haystack); } } } return $Haystack; }
public function updatemyphrases() { $myid = $this->admin['aid']; $page = ForceIntFrom('p', 1); //页码 if (IsPost('updatemyphrases')) { $pids = $_POST['pids']; $sorts = $_POST['sorts']; $activateds = $_POST['activateds']; $msgs = $_POST['msgs']; $msg_ens = $_POST['msg_ens']; for ($i = 0; $i < count($pids); $i++) { $pid = ForceInt($pids[$i]); APP::$DB->exe("UPDATE " . TABLE_PREFIX . "phrase SET sort = '" . ForceInt($sorts[$i]) . "',\r\n\t\t\t\t\tactivated = '" . ForceInt($activateds[$i]) . "',\r\n\t\t\t\t\tmsg = '" . ForceString($msgs[$i]) . "',\r\n\t\t\t\t\tmsg_en = '" . ForceString($msg_ens[$i]) . "'\t\t\t\t\t\r\n\t\t\t\t\tWHERE pid = '{$pid}' AND aid='{$myid}'"); } } else { $deletepids = $_POST['deletepids']; for ($i = 0; $i < count($deletepids); $i++) { $pid = ForceInt($deletepids[$i]); APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "phrase WHERE pid = '{$pid}' AND aid='{$myid}'"); } } Success('myphrases?p=' . $page); }
function Start(&$Context, $Authenticator, $UserID = '0') { $UserManager = false; // If the UserID is not explicitly defined (ie. by some vanilla-based login module), // retrieve the authenticated UserID from the Authenticator module. $this->UserID = ForceInt($UserID, 0); if ($this->UserID == 0) { $this->UserID = $Authenticator->GetIdentity(); } // Now retrieve user information if ($this->UserID > 0) { $UserManager = $Context->ObjectFactory->NewContextObject($Context, 'UserManager'); $this->User = $UserManager->GetSessionDataById($this->UserID); // If the session data retrieval failed for some reason, dump the user if (!$this->User) { $this->User = $Context->ObjectFactory->NewContextObject($Context, 'User'); $this->User->Clear(); $this->UserID = 0; } } else { $this->User = $Context->ObjectFactory->NewContextObject($Context, 'User'); $this->User->Clear(); } }
function ValidateWhisperUsername(&$Comment) { if ($Comment->WhisperUsername != "") { $Name = FormatStringForDatabaseInput($Comment->WhisperUsername); $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder"); $s->SetMainTable("User", "u"); $s->AddSelect("UserID", "u"); $s->AddWhere("Name", $Name, "="); $Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "ValidateWhisperUsername", "An error occurred while attempting to validate the username entered as the whisper recipient."); while ($Row = $this->Context->Database->GetRow($Result)) { $Comment->WhisperUserID = ForceInt($Row["UserID"], 0); } if ($Comment->WhisperUserID == 0) { $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrWhisperInvalid")); } } return $this->Context->WarningCollector->Iif(); }
function RetrieveConfigurationPropertiesFromXml($Path) { $FauxContext = "0"; if ($this->ConfigFile == "") { $this->ErrorManager->AddError($FauxContext, $this->Name, "RetrieveConfigurationPropertiesFromXml", "You must supply a path to the configuration file"); } // Retrieve config file contents $File = new File(); $File->Name = $this->ConfigFile; $File->Path = $Path; $FileManager = new FileManager(); $FileManager->ErrorManager =& $this->ErrorManager; $File = $FileManager->Get($File); // If there were errors retrieving the config file and we're in the CWD, report an error if ($this->ErrorManager->ErrorCount > 0 && $Path == $this->CurrentWorkingDirectory) { $this->ErrorManager->Clear(); $this->ErrorManager->AddError($FauxContext, $this->Name, "RetrieveConfigurationPropertiesFromXml", "The root configuration file could not be found/read (_config.xml)."); // If failed to retrieve the file from a non-root directory, // just accept the root file } elseif ($this->ErrorManager->ErrorCount > 0) { $this->ErrorManager->Clear(); // If no errors occurred, continue to retrieve new configuration settings } else { // Create an XML Parser to retrieve configuration settings $XMan = new XmlManager(); $XMan->ErrorManager =& $this->ErrorManager; $MyConfig = $XMan->ParseNode($File->Body); if ($MyConfig && $this->ErrorManager->ErrorCount == 0) { $this->StyleUrl = $XMan->GetNodeValueByName($MyConfig, "StyleUrl"); $this->PageTitle = $XMan->GetNodeValueByName($MyConfig, "PageTitle"); $this->PageIntroduction = $XMan->GetNodeValueByName($MyConfig, "PageIntroduction"); $this->PageIntroduction = str_replace("[", "<", $this->PageIntroduction); $this->PageIntroduction = str_replace("]", ">", $this->PageIntroduction); $this->PageIntroduction = str_replace("\n", "<br />", $this->PageIntroduction); $this->DisplayHiddenFiles = $XMan->GetNodeValueByName($MyConfig, "DisplayHiddenFiles"); $this->BrowseSubFolders = $XMan->GetNodeValueByName($MyConfig, "BrowseSubFolders"); $this->SortBy = $XMan->GetNodeValueByName($MyConfig, "SortBy"); $this->SortDirection = $XMan->GetNodeValueByName($MyConfig, "SortDirection"); $this->DateFormat = $XMan->GetNodeValueByName($MyConfig, "DateFormat"); $this->UsePageIntroductionInSubFolders = ForceBool($XMan->GetNodeValueByName($MyConfig, "UsePageIntroductionInSubFolders"), false); $this->PluginHeight = ForceInt($XMan->GetNodeValueByName($MyConfig, "PluginHeight"), $this->PluginHeight); $this->PluginWidth = ForceInt($XMan->GetNodeValueByName($MyConfig, "PluginWidth"), $this->PluginWidth); $this->FilesPerPage = ForceIncomingInt("fpp", ForceInt($XMan->GetNodeValueByName($MyConfig, "FilesPerPage"), $this->FilesPerPage)); $this->MaxFilesPerPage = ForceInt($XMan->GetNodeValueByName($MyConfig, "MaxFilesPerPage"), $this->MaxFilesPerPage); $this->FitImagesToPage = ForceBool($XMan->GetNodeValueByName($MyConfig, "FitImagesToPage"), $this->FitImagesToPage); $this->UseThumbnails = ForceBool($XMan->GetNodeValueByName($MyConfig, "UseThumbnails"), $this->UseThumbnails); $this->HideFiles = explode(",", $XMan->GetNodeValueByName($MyConfig, "HideFiles")); for ($i = 0; $i < count($this->HideFiles); $i++) { $this->FullyQualifiedHideFiles[] = $this->CurrentBrowsingDirectory . "/" . $this->HideFiles[$i]; } } } return $this->ErrorManager->Iif(); }
function GetIdentity() { if (!session_id()) { session_start(); } $UserID = ForceInt(@$_SESSION[$this->Context->Configuration['SESSION_USER_IDENTIFIER']], 0); if ($UserID == 0) { // UserID wasn't found in the session, so attempt to retrieve it from the cookies // Retrieve cookie values $EncryptedUserID = ForceIncomingCookieString($this->Context->Configuration['COOKIE_USER_KEY'], ''); $VerificationKey = ForceIncomingCookieString($this->Context->Configuration['COOKIE_VERIFICATION_KEY'], ''); if ($EncryptedUserID != '' && $VerificationKey != '') { // Compare against db values // Sadly, because this class is meant to be an interface for distributed objects, I can't use any of the error checking in the Lussumo Framework $Query = "select UserID\n\t\t\t\t\tfrom LUM_User\n\t\t\t\t\twhere VerificationKey = '" . FormatStringForDatabaseInput($VerificationKey) . "'"; $Result = $this->Context->Database->Execute($Query, 'Authenticator', 'GetIdentity', 'An error occurred while attempting to validate your remember me credentials'); if ($Result) { $UserID = 0; while ($rows = $this->Context->Database->GetRow($Result)) { if ($EncryptedUserID == md5($rows['UserID'])) { $UserID = ForceInt($rows['UserID'], 0); $EncryptedUserID = $rows['EncryptedUserID']; break; } } if ($UserID > 0) { // 1. Set a new verification key $VerificationKey = DefineVerificationKey(); // 2. Update the user's information $this->UpdateLastVisit($UserID, $VerificationKey); // 3. Set the 'remember me' cookies $this->SetCookieCredentials($EncryptedUserID, $VerificationKey); // 4. Log the user's IP address $this->LogIp($UserID); } } } } // If it has now been found, set up the session. $this->AssignSessionUserID($UserID); return $UserID; }
public function index() { $NumPerPage = 10; $page = ForceIntFrom('p', 1); $search = ForceStringFrom('s'); $groupid = ForceStringFrom('g'); if (IsGet('s')) { $search = urldecode($search); } $start = $NumPerPage * ($page - 1); SubMenu('记录列表', array(array('记录列表', 'messages', 1))); TableHeader('搜索及快速删除'); TableRow('<center><form method="post" action="' . BURL('messages') . '" name="searchmessages" style="display:inline-block;*display:inline;"><label>关键字:</label> <input type="text" name="s" size="18"> <label>分类:</label> <select name="g"><option value="0">全部</option><option value="1" ' . Iif($groupid == '1', 'SELECTED') . ' class=red>客人的发言</option><option value="2" ' . Iif($groupid == '2', 'SELECTED') . '>客服的发言</option></select> <input type="submit" value="搜索记录" class="cancel"></form> <form method="post" action="' . BURL('messages/fastdelete') . '" name="fastdelete" style="display:inline-block;margin-left:80px;*display:inline;"><label>快速删除记录:</label> <select name="days"><option value="0">请选择 ...</option><option value="360">12个月前的对话记录</option><option value="180"> 6 个月前的对话记录</option><option value="90"> 3 个月前的对话记录</option><option value="30"> 1 个月前的对话记录</option></select> <input type="submit" value="快速删除" class="save" onclick="var _me=$(this);showDialog(\'确定删除所选记录吗?\', \'确认操作\', function(){_me.closest(\'form\').submit();});return false;"></form></center>'); TableFooter(); if ($search) { if (preg_match("/^[1-9][0-9]*\$/", $search)) { $s = ForceInt($search); $searchsql = " WHERE mid = '{$s}' OR fromid = '{$s}' OR toid = '{$s}' "; //按ID搜索 $title = "搜索ID号为: <span class=note>{$s}</span> 的记录"; } else { $searchsql = " WHERE (fromname LIKE '%{$search}%' OR toname LIKE '%{$search}%' OR msg LIKE '%{$search}%') "; $title = "搜索: <span class=note>{$search}</span> 的记录列表"; } if ($groupid) { if ($groupid == 1 or $groupid == 2) { $searchsql .= " AND type = " . Iif($groupid == 1, 0, 1) . " "; $title = "在 <span class=note>" . Iif($groupid == 1, '客人的发言', '客服的发言') . "</span> 中, " . $title; } } } else { if ($groupid) { if ($groupid == 1 or $groupid == 2) { $searchsql .= " WHERE type = " . Iif($groupid == 1, 0, 1) . " "; $title = "全部 <span class=note>" . Iif($groupid == 1, '客人的发言', '客服的发言') . "</span> 列表"; } } else { $searchsql = ''; $title = '全部记录列表'; } } $getmessages = APP::$DB->query("SELECT * FROM " . TABLE_PREFIX . "msg " . $searchsql . " ORDER BY mid DESC LIMIT {$start},{$NumPerPage}"); $maxrows = APP::$DB->getOne("SELECT COUNT(mid) AS value FROM " . TABLE_PREFIX . "msg " . $searchsql); echo '<form method="post" action="' . BURL('messages/updatemessages') . '" name="messagesform"> <input type="hidden" name="p" value="' . $page . '">'; TableHeader($title . '(' . $maxrows['value'] . '个)'); TableRow(array('ID', '发送人', '对话内容', '接收人', '记录时间', '<input type="checkbox" id="checkAll" for="deletemids[]"> <label for="checkAll">删除</label>'), 'tr0'); if ($maxrows['value'] < 1) { TableRow('<center><BR><font class=redb>未搜索到任何记录!</font><BR><BR></center>'); } else { while ($msg = APP::$DB->fetch($getmessages)) { TableRow(array($msg['mid'], "<a title=\"编辑\" href=\"" . Iif($msg['type'], BURL('users/edit?aid=' . $msg['fromid']), BURL('guests/edit?gid=' . $msg['fromid'])) . "\">{$msg['fromname']}</a>", getSmile($msg['msg']), "<a title=\"编辑\" href=\"" . Iif($msg['type'], BURL('guests/edit?gid=' . $msg['toid']), BURL('users/edit?aid=' . $msg['toid'])) . "\">{$msg['toname']}</a>", DisplayDate($msg['time'], '', 1), '<input type="checkbox" name="deletemids[]" value="' . $msg['mid'] . '">')); } $totalpages = ceil($maxrows['value'] / $NumPerPage); if ($totalpages > 1) { TableRow(GetPageList(BURL('messages'), $totalpages, $page, 10, 's', urlencode($search), 'g', $groupid)); } } TableFooter(); PrintSubmit('删除记录', '', 1, '确定删除所选记录吗?'); }
$DB->exe("UPDATE " . TABLE_PREFIX . "usergroup SET displayorder = '" . ForceInt($displayorders[$i]) . "',\r\n\t\tgroupname = '" . Iif($groupname, $groupname, '未命名') . "',\r\n\t\tgroupename = '" . Iif($groupename, $groupename, 'No name') . "',\r\n\t\tactivated = '" . ForceInt($activateds[$i]) . "',\r\n\t\tdescription = '" . ForceString($descriptions[$i]) . "',\r\n\t\tdescriptionen = '" . ForceString($descriptionens[$i]) . "'\r\n\t\tWHERE usergroupid = '" . ForceInt($usergroupids[$i]) . "'"); } if (!storeCache()) { //更新小面板在线客服缓存文件 $errortitle = '更新客服缓存错误'; $errors = '客服群组信息已保存到数据库, 但更新在线客服缓存文件失败, 前台客服小面板状态无法更新! 请检查cache/目录是否存在或可写?'; $action = 'default'; } else { GotoPage('admin.groups.php', 1); } } //########### DELETE GROUPS ########### if ($action == 'deletegroups') { $deleteusergroupids = $_POST['deleteusergroupids']; for ($i = 0; $i < count($deleteusergroupids); $i++) { $DB->exe("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid <>1 AND usergroupid = '" . ForceInt($deleteusergroupids[$i]) . "'"); } GotoPage('admin.groups.php', 1); } //########### CREATE GROUP ########### if ($action == 'creatgroup') { $groupname = ForceIncomingString('groupname'); $groupename = ForceIncomingString('groupename'); $description = ForceIncomingString('description'); $descriptionen = ForceIncomingString('descriptionen'); if ($groupname == '') { $errors[] = "群组名称不能为空!"; } if ($groupename == '') { $errors[] = "群组英文名称不能为空!"; }
function ValidateWhisperUsername(&$Comment) { if ($Comment->WhisperUsername != '') { $Name = FormatStringForDatabaseInput($Comment->WhisperUsername); $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s->SetMainTable('User', 'u'); $s->AddSelect('UserID', 'u'); $s->AddWhere('u', 'Name', '', $Name, '='); $Result = $this->Context->Database->Select($s, $this->Name, 'ValidateWhisperUsername', 'An error occurred while attempting to validate the username entered as the whisper recipient.'); while ($Row = $this->Context->Database->GetRow($Result)) { $Comment->WhisperUserID = ForceInt($Row['UserID'], 0); } if ($Comment->WhisperUserID == 0) { $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrWhisperInvalid')); } } return $this->Context->WarningCollector->Iif(); }
function GetInactiveUsers($DaysOfMembership = "0") { $MembershipDate = SubtractDaysFromTimeStamp(mktime(), $DaysOfMembership); $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder"); $s->SetMainTable("User", "u"); $s->AddSelect("UserID", "u"); $s->AddWhere("CountComments", "0", "=", "and", "", 0, 1); $s->AddWhere("CountComments", "0", "=", "or"); $s->EndWhereGroup(); $s->AddWhere("CountDiscussions", "0", "=", "and", "", 0, 1); $s->AddWhere("CountDiscussions", "0", "=", "or"); $s->EndWhereGroup(); if ($DaysOfMembership > 0) { $s->AddWhere("DateFirstVisit", MysqlDateTime($MembershipDate), "<"); } $Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "Constructor", "An error occurred while attempting to retrieve inactive user statistics."); $this->InactiveUsers = 0; $aInactiveUsers = array(); while ($Row = $this->Context->Database->GetRow($Result)) { $aInactiveUsers[] = ForceInt($Row["UserID"], 0); } if (count($aInactiveUsers) > 0) { // Now (of these users), remove ones that have whispered $s->Clear(); $s->SetMainTable("DiscussionUserWhisperFrom", "wf"); $s->AddSelect("WhisperFromUserID", "wf"); $s->AddWhere("WhisperFromUserID", "(" . implode(",", $aInactiveUsers) . ")", "in", "and", "", 0); $Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "Constructor", "An error occurred while attempting to retrieve inactive user statistics."); $CurrentWhisperUserID = 0; while ($Row = $this->Context->Database->GetRow($Result)) { $CurrentWhisperUserID = ForceInt($Row["WhisperFromUserID"], 0); $Key = array_search($CurrentWhisperUserID, $aInactiveUsers); if ($Key !== false) { array_splice($aInactiveUsers, $Key, 1); } } } if (count($aInactiveUsers) > 0) { // Now (of these users), remove ones that have received whispers $s->Clear(); $s->SetMainTable("DiscussionUserWhisperTo", "wt"); $s->AddSelect("WhisperToUserID", "wt"); $s->AddWhere("WhisperToUserID", "(" . implode(",", $aInactiveUsers) . ")", "in", "and", "", 0); $Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "Constructor", "An error occurred while attempting to retrieve inactive user statistics."); $CurrentWhisperUserID = 0; while ($Row = $this->Context->Database->GetRow($Result)) { $CurrentWhisperUserID = ForceInt($Row["WhisperToUserID"], 0); $Key = array_search($CurrentWhisperUserID, $aInactiveUsers); if ($Key !== false) { array_splice($aInactiveUsers, $Key, 1); } } } return $aInactiveUsers; }
<?php // +---------------------------------------------+ // | Copyright 2010 - 2028 WeLive | // | http://www.weentech.com | // | This file may not be redistributed. | // +---------------------------------------------+ define('AUTH', true); define('AJAX', true); include 'includes/welive.Core.php'; $uid = ForceIncomingInt('uid'); $gid = ForceIncomingInt('gid', 0); $act = ForceIncomingString('act'); $ajax_last = ForceIncomingFloat('ajax_last'); $lastlogin = ForceInt(ForceIncomingCookie('last' . COOKIE_KEY)); if (!$uid) { die('Hacking!'); } elseif (ForceIncomingCookie('weliveU' . COOKIE_KEY) != md5(WEBSITE_KEY . $uid . $_CFG['cKillRobotCode'])) { setcookie('weliveU' . COOKIE_KEY, '', 0, '/'); die('Hacking!'); } $mktime = explode(' ', microtime()); $realtime = $mktime[1]; $minitime = $mktime[0]; $lastlogin = Iif($lastlogin, $lastlogin - 3600, $realtime - 3600 * 12); $guests = ''; $msgs = ''; $getguests = $DB->query("SELECT guestid, guestip, browser, lang, isonline, isbanned, fromurl FROM " . TABLE_PREFIX . "guest WHERE serverid = '{$uid}' AND created > {$lastlogin} ORDER BY created ASC"); while ($guest = $DB->fetch($getguests)) { $guests .= $guest['guestid'] . '|||' . $guest['guestip'] . '|||' . $guest['browser'] . '|||' . $guest['lang'] . '|||' . $guest['isonline'] . '|||' . $guest['isbanned'] . '|||' . $guest['fromurl'] . '^^^'; }
$Context->WarningCollector->Add("An error occurred while adding LUM_Role.UnAuthenticated. MySQL reported the following error: <code>" . mysql_error($Connection) . '</code>'); } } } // 1c. Retrieve current permissions, serialize, and resave as long as the MasterAdmin column was present if (in_array('MasterAdmin', $RoleColumns)) { // Get an updated version of the columns in the database (Because some were changed above) $RoleColumns = GetColumns($Connection, $DatabaseTables['Role']); $SelectSQL = "select " . implode(',', $RoleColumns) . " from " . $DatabaseTables['Role']; $RoleData = @mysql_query($SelectSQL, $Connection); if (!$RoleData) { $Context->WarningCollector->Add("An error occurred while retrieving existing role data. MySQL reported the following error: <code>" . mysql_error($Connection) . "</code>"); } else { $Permissions = array(); while ($Row = mysql_fetch_array($RoleData)) { $RoleID = ForceInt($Row['RoleID'], 0); $Permissions['PERMISSION_ADD_COMMENTS'] = ForceBool(@$Row['CanPostComment'], 0); $Permissions['PERMISSION_START_DISCUSSION'] = ForceBool(@$Row['CanPostDiscussion'], 0); // Discussion Moderator Permissions $Permissions['PERMISSION_SINK_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0); $Permissions['PERMISSION_STICK_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0); $Permissions['PERMISSION_HIDE_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0); $Permissions['PERMISSION_CLOSE_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0); $Permissions['PERMISSION_EDIT_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0); $Permissions['PERMISSION_VIEW_HIDDEN_DISCUSSIONS'] = ForceBool(@$Row['ShowAllWhispers'], 0); $Permissions['PERMISSION_EDIT_COMMENTS'] = ForceBool(@$Row['AdminCategories'], 0); $Permissions['PERMISSION_HIDE_COMMENTS'] = ForceBool(@$Row['AdminCategories'], 0); $Permissions['PERMISSION_VIEW_HIDDEN_COMMENTS'] = ForceBool(@$Row['ShowAllWhispers'], 0); $Permissions['PERMISSION_ADD_COMMENTS_TO_CLOSED_DISCUSSION'] = ForceBool(@$Row['AdminCategories'], 0); $Permissions['PERMISSION_ADD_CATEGORIES'] = ForceBool(@$Row['AdminCategories'], 0); $Permissions['PERMISSION_EDIT_CATEGORIES'] = ForceBool(@$Row['AdminCategories'], 0);
// +---------------------------------------------+ define('AUTH', true); include 'includes/welive.Core.php'; include BASEPATH . 'includes/welive.Admin.php'; if ($userinfo['usergroupid'] != 1) { exit; } $action = ForceIncomingString('action', 'default'); PrintHeader($userinfo['username'], 'messages'); //########### DELETE COMMENTS ########### if ($action == 'deletecomments') { $deletecommentids = $_POST['deletecommentids']; $page = ForceIncomingInt('p'); $uid = ForceIncomingInt('u'); for ($i = 0; $i < count($deletecommentids); $i++) { $DB->query("DELETE FROM " . TABLE_PREFIX . "msg WHERE msgid = '" . ForceInt($deletecommentids[$i]) . "'"); } GotoPage('admin.messages.php' . Iif($page, '?p=' . $page . Iif($uid, '&u=' . $uid), Iif($uid, '?u=' . $uid)), 1); } //########### FAST DELETE COMMENTS ########### if ($action == 'fastdelete') { $days = ForceIncomingInt('days'); $uid = ForceIncomingInt('u'); $realtime = time(); $searchsql = Iif($uid, " WHERE fromid ='{$uid}' ", ""); $searchsql .= Iif($searchsql, Iif($days, " AND created < " . $realtime - 3600 * 24 * $days), Iif($days, " WHERE created < " . $realtime - 3600 * 24 * $days)); $DB->query("DELETE FROM " . TABLE_PREFIX . "msg " . $searchsql); GotoPage('admin.messages.php' . Iif($uid, '?u=' . $uid), 1); } //########### PRINT DEFAULT ########### if ($action == 'default') {
function RewindDataSet(&$DataSet, $Position = '0') { $Position = ForceInt($Position, 0); sqlite_seek($DataSet, $Position); }
/** * Validate user's Verification * * Return user's id * * @param int $UserID * @param string $VerificationKey * @return unknown */ function ValidateVerificationKey($UserID, $VerificationKey) { $UserID = ForceInt($UserID, 0); $VerificationKey = FormatStringForDatabaseInput($VerificationKey); if ($UserID && $VerificationKey) { $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s->SetMainTable('User', 'u'); $s->AddSelect('UserID', 'u'); $s->AddWhere('u', 'UserID', '', $UserID, '='); $s->AddWhere('u', 'VerificationKey', '', $VerificationKey, '='); $Result = $this->Context->Database->Select($s, $this->Name, 'VerifyVerificationKey', 'An error occurred while attempting to validate your remember me credentials'); if ($Result) { $UserID = 0; while ($rows = $this->Context->Database->GetRow($Result)) { $UserID = ForceInt($rows['UserID'], 0); } return $UserID; } } return 0; }
function CommentLinks_LocateComment(&$Head) { $Context =& $Head->Context; $cm = $Context->ObjectFactory->NewContextObject($Context, 'CommentManager'); $c = $Context->ObjectFactory->NewContextObject($Context, 'Comment'); $c = $cm->GetCommentByID(ForceIncomingInt('CommentID', 0), $Context->Session->UserID); // Insufficient permissions & not logged in, go to the sign-in form if (!$Context->Session->UserID && $c) { if ($c->WhisperUserID || $c->DiscussionWhisperUserID) { CommentLinks_GoSignIn($Context); } } if ($c && $Context->WarningCollector->Iif()) { // A lot of overhead--might be better to just build my own query, but this is easier $dm = $Context->ObjectFactory->NewContextObject($Context, 'DiscussionManager'); $d = $Context->ObjectFactory->NewContextObject($Context, 'Discussion'); $d = $dm->GetDiscussionByID($c->DiscussionID); if ($d && $d->Active || $Context->Session->User->Permission('PERMISSION_VIEW_HIDDEN_DISCUSSIONS') && $Context->Session->User->Preference('ShowDeletedDiscussions')) { // Figure out which page the comment is on. A binary search would be more efficient for huge threads $PageCount = CalculateNumberOfPages($cm->GetCommentCount($c->DiscussionID), $Context->Configuration['COMMENTS_PER_PAGE']); $CurrentPage = 0; $FoundComment = 0; while ($CurrentPage <= $PageCount && !$FoundComment) { $CommentData = $cm->GetCommentList($Context->Configuration['COMMENTS_PER_PAGE'], ++$CurrentPage, $c->DiscussionID); $RowPosition = 0; while ($Row = $Context->Database->GetRow($CommentData)) { $RowPosition++; if (ForceInt($Row['CommentID'], 0) == $c->CommentID) { $FoundComment = 1; break; } } } if (!$FoundComment) { $Context->WarningCollector->Add($Context->GetDefinition('ErrCommentNotFound')); } } else { // Discussion is either missing or deleted. If deleted, say it can't be found. if (!$d->Active) { $Context->WarningCollector->Add($Context->GetDefinition('ErrCommentNotFound')); } } // If all is well, 302 to the comment's location if ($Context->WarningCollector->Iif()) { $Suffix = $Context->Configuration['URL_BUILDING_METHOD'] == 'mod_rewrite' ? cleanupstring($d->Name) . '/' : ''; $Anchor = CommentLinks_YELLOWFADE ? '#Comment_' . $c->CommentID : '#Item_' . $RowPosition; $Url = GetUrl($Context->Configuration, 'comments.php', '', 'DiscussionID', $d->DiscussionID, $CurrentPage, $Anchor, $Suffix); header('Location: ' . str_replace('&', '&', $Url)); $Context->unload(); exit(0); } } else { //Comment probably belongs to a private category if (!$Context->Session->UserID && $c) { CommentLinks_GoSignIn($Context); } } }