}
$TagsArray = array_merge($TagsExist, $NewTags);
//往Topics表插入数据
$TopicData = array("ID" => null, "Topic" => htmlspecialchars($Title), "Tags" => implode("|", $TagsArray), "UserID" => $CurUserID, "UserName" => $CurUserName, "LastName" => "", "PostTime" => $TimeStamp, "LastTime" => $TimeStamp, "IsGood" => 0, "IsTop" => 0, "IsLocked" => 0, "IsDel" => 0, "IsVote" => 0, "Views" => 0, "Replies" => 0, "Favorites" => 0, "RatingSum" => 0, "TotalRatings" => 0, "LastViewedTime" => 0, "PostsTableName" => null, "ThreadStyle" => "", "Lists" => "", "ListsTime" => $TimeStamp, "Log" => "");
$NewTopicResult = $DB->query("INSERT INTO `" . $Prefix . "topics` \r\n\t\t\t\t\t(\r\n\t\t\t\t\t\t`ID`, \r\n\t\t\t\t\t\t`Topic`, \r\n\t\t\t\t\t\t`Tags`, \r\n\t\t\t\t\t\t`UserID`, \r\n\t\t\t\t\t\t`UserName`, \r\n\t\t\t\t\t\t`LastName`, \r\n\t\t\t\t\t\t`PostTime`, \r\n\t\t\t\t\t\t`LastTime`, \r\n\t\t\t\t\t\t`IsGood`, \r\n\t\t\t\t\t\t`IsTop`, \r\n\t\t\t\t\t\t`IsLocked`, \r\n\t\t\t\t\t\t`IsDel`, \r\n\t\t\t\t\t\t`IsVote`, \r\n\t\t\t\t\t\t`Views`, \r\n\t\t\t\t\t\t`Replies`, \r\n\t\t\t\t\t\t`Favorites`, \r\n\t\t\t\t\t\t`RatingSum`, \r\n\t\t\t\t\t\t`TotalRatings`, \r\n\t\t\t\t\t\t`LastViewedTime`, \r\n\t\t\t\t\t\t`PostsTableName`, \r\n\t\t\t\t\t\t`ThreadStyle`, \r\n\t\t\t\t\t\t`Lists`, \r\n\t\t\t\t\t\t`ListsTime`, \r\n\t\t\t\t\t\t`Log`\r\n\t\t\t\t\t) \r\n\t\t\t\t\tVALUES \r\n\t\t\t\t\t(\r\n\t\t\t\t\t\t:ID,\r\n\t\t\t\t\t\t:Topic,\r\n\t\t\t\t\t\t:Tags,\r\n\t\t\t\t\t\t:UserID,\r\n\t\t\t\t\t\t:UserName,\r\n\t\t\t\t\t\t:LastName,\r\n\t\t\t\t\t\t:PostTime,\r\n\t\t\t\t\t\t:LastTime,\r\n\t\t\t\t\t\t:IsGood,\r\n\t\t\t\t\t\t:IsTop,\r\n\t\t\t\t\t\t:IsLocked,\r\n\t\t\t\t\t\t:IsDel,\r\n\t\t\t\t\t\t:IsVote,\r\n\t\t\t\t\t\t:Views,\r\n\t\t\t\t\t\t:Replies,\r\n\t\t\t\t\t\t:Favorites,\r\n\t\t\t\t\t\t:RatingSum,\r\n\t\t\t\t\t\t:TotalRatings,\r\n\t\t\t\t\t\t:LastViewedTime,\r\n\t\t\t\t\t\t:PostsTableName,\r\n\t\t\t\t\t\t:ThreadStyle,\r\n\t\t\t\t\t\t:Lists,\r\n\t\t\t\t\t\t:ListsTime,\r\n\t\t\t\t\t\t:Log\r\n\t\t\t\t\t)", $TopicData);
$TopicID = $DB->lastInsertId();
//往Posts表插入数据
$PostData = array("ID" => null, "TopicID" => $TopicID, "IsTopic" => 1, "UserID" => $CurUserID, "UserName" => $CurUserName, "Subject" => htmlspecialchars($Title), "Content" => XssEscape($Content), "PostIP" => $CurIP, "PostTime" => $TimeStamp);
$NewPostResult = $DB->query("INSERT INTO `" . $Prefix . "posts` \r\n\t\t\t\t\t(`ID`, `TopicID`, `IsTopic`, `UserID`, `UserName`, `Subject`, `Content`, `PostIP`, `PostTime`) \r\n\t\t\t\t\tVALUES (:ID,:TopicID,:IsTopic,:UserID,:UserName,:Subject,:Content,:PostIP,:PostTime)", $PostData);
$PostID = $DB->lastInsertId();
if ($NewTopicResult && $NewPostResult) {
//更新全站统计数据
$NewConfig = array("NumTopics" => $Config["NumTopics"] + 1, "DaysTopics" => $Config["DaysTopics"] + 1);
UpdateConfig($NewConfig);
//更新用户自身统计数据
UpdateUserInfo(array("Topics" => $CurUserInfo['Topics'] + 1, "LastPostTime" => $TimeStamp));
//标记附件所对应的帖子标签
$DB->query("UPDATE `" . $Prefix . "upload` SET PostID=? WHERE `PostID`=0 and `UserName`=?", array($PostID, $CurUserName));
//记录标签与TopicID的对应关系
foreach ($TagsID as $TagID) {
$DB->query("INSERT INTO `" . $Prefix . "posttags` \r\n\t\t\t\t\t\t\t(`TagID`, `TopicID`, `PostID`) \r\n\t\t\t\t\t\t\tVALUES (?,?,?)", array($TagID, $TopicID, $PostID));
}
//更新标签统计数据
if ($TagsExist) {
$DB->query("UPDATE `" . $Prefix . "tags` SET TotalPosts=TotalPosts+1, MostRecentPostTime=" . $TimeStamp . " WHERE `Name` in (?)", $TagsExist);
}
//添加提醒消息
AddingNotifications($Content, $TopicID, $PostID);
//清理首页内存缓存
if ($MCache) {
$MCache->delete(MemCachePrefix . 'Homepage');
$Error = $Lang['Verification_Code_Error'];
$ErrorCode = 101002;
break;
}
$DBUser = $DB->row("SELECT ID,UserName,Salt,Password,UserRoleID,UserMail,UserIntro FROM " . $Prefix . "users WHERE UserName = :UserName", array("UserName" => $UserName));
if (!$DBUser) {
$Error = $Lang['User_Does_Not_Exist'];
$ErrorCode = 101003;
break;
}
if (!HashEquals($DBUser['Password'], md5($Password . $DBUser['Salt']))) {
$Error = $Lang['Password_Error'];
$ErrorCode = 101004;
break;
}
UpdateUserInfo(array('LastLoginTime' => $TimeStamp, 'UserLastIP' => CurIP()), $DBUser['ID']);
$TemporaryUserExpirationTime = $Expires * 86400 + $TimeStamp;
if (!$IsApp) {
SetCookies(array('UserID' => $DBUser['ID'], 'UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($DBUser['Password'] . $DBUser['Salt'] . $TemporaryUserExpirationTime . $SALT)), $Expires);
if ($ReturnUrl) {
header('location: ' . $ReturnUrl);
exit('logined');
} else {
header('location: ' . $Config['WebsitePath'] . '/');
exit('logined');
}
}
} while (false);
}
$DB->CloseConnection();
// 页面变量
break;
//User
//User
case 3:
$UserInfo = $DB->row("SELECT * FROM " . $Prefix . "users force index(PRI) Where ID=:ID", array("ID" => $ID));
switch ($Action) {
case 'Delete':
Auth(4);
# code...
break;
//屏蔽用户
//屏蔽用户
case 'Block':
Auth(4);
$NewUserAccountStatus = $UserInfo['UserAccountStatus'] ? 0 : 1;
if (UpdateUserInfo(array('UserAccountStatus' => $NewUserAccountStatus), $ID)) {
$Message = $NewUserAccountStatus ? $Lang['Block_User'] : $Lang['Unblock_User'];
}
break;
//重置头像
//重置头像
case 'ResetAvatar':
Auth(4, $ID);
if (extension_loaded('gd')) {
require dirname(__FILE__) . "/includes/MaterialDesign.Avatars.class.php";
$Avatar = new MDAvtars(mb_substr($UserInfo['UserName'], 0, 1, "UTF-8"), 256);
$Avatar->Save('upload/avatar/large/' . $ID . '.png', 256);
$Avatar->Save('upload/avatar/middle/' . $ID . '.png', 48);
$Avatar->Save('upload/avatar/small/' . $ID . '.png', 24);
$Avatar->Free();
$Message = $Lang['Reset_Avatar_Successfully'];
if (!$UserInfo) {
AlertMsg('404 Not Found', '404 Not Found', 404);
} else {
if (HashEquals(md5($UserInfo['Password'] . $UserInfo['Salt'] . md5($TokenExpirationTime) . md5($SALT)), $Token)) {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//重设密码
$Password = Request('Post', 'Password');
$Password2 = Request('Post', 'Password2');
$VerifyCode = intval(Request('Post', 'VerifyCode'));
if ($Password && $Password2 && $VerifyCode) {
if ($Password === $Password2) {
session_start();
if (isset($_SESSION[$Prefix . 'VerificationCode']) && $VerifyCode === intval($_SESSION[$Prefix . 'VerificationCode'])) {
$NewSalt = $UserInfo['Salt'];
$NewPasswordHash = md5(md5($Password) . $NewSalt);
if (UpdateUserInfo(array('Salt' => $NewSalt, 'Password' => $NewPasswordHash), $UserInfo['ID'])) {
$TemporaryUserExpirationTime = 30 * 86400 + $TimeStamp;
//默认保持30天登陆状态
SetCookies(array('UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($NewPasswordHash . $NewSalt . $TemporaryUserExpirationTime . $SALT)), 30);
$CurUserInfo['Salt'] = $NewSalt;
$CurUserInfo['Password'] = $NewPasswordHash;
AlertMsg($Lang['Reset_Password_Success'], $Lang['Reset_Password_Success']);
} else {
AlertMsg($Lang['Reset_Password_Failure'], $Lang['Reset_Password_Failure']);
}
} else {
$Message = $Lang['VerificationCode_Error'];
}
unset($_SESSION[$Prefix . 'VerificationCode']);
} else {
$Message = $Lang['Passwords_Inconsistent'];
$UpdateUserInfoMessage = $Lang['Profile_Do_Not_Modify'];
}
break;
case 'ChangePassword':
$OriginalPassword = Request('Post', 'OriginalPassword');
$NewPassword = Request('Post', 'NewPassword');
$NewPassword2 = Request('Post', 'NewPassword2');
if (($OriginalPassword || $DoNotNeedOriginalPassword) && $NewPassword && $NewPassword2) {
if ($NewPassword == $NewPassword2) {
if (md5(md5($OriginalPassword) . $CurUserInfo['Salt']) === $CurUserInfo['Password'] || $DoNotNeedOriginalPassword) {
if ($OriginalPassword != $NewPassword || $DoNotNeedOriginalPassword) {
//$NewSalt = mt_rand(100000,999999);
//修改Salt会导致密码问题出错
$NewSalt = $CurUserInfo['Salt'];
$NewPasswordHash = md5(md5($NewPassword) . $NewSalt);
if (UpdateUserInfo(array('Password' => $NewPasswordHash))) {
$TemporaryUserExpirationTime = 30 * 86400 + $TimeStamp;
//默认保持30天登陆状态
SetCookies(array('UserExpirationTime' => $TemporaryUserExpirationTime, 'UserCode' => md5($NewPasswordHash . $NewSalt . $TemporaryUserExpirationTime . $SALT)), 30);
$CurUserInfo['Salt'] = $NewSalt;
$CurUserInfo['Password'] = $NewPasswordHash;
$ChangePasswordMessage = $Lang['Change_Password_Success'];
} else {
$ChangePasswordMessage = $Lang['Change_Password_Failure'];
}
} else {
$ChangePasswordMessage = $Lang['Password_Do_Not_Modify'];
}
} else {
$ChangePasswordMessage = $Lang['Current_Password_Is_Uncorrect'];
}
}
$Content = Request('Post', 'Content');
if ($Content) {
if (strlen($Content) <= $Config['MaxPostChars']) {
//往Posts表插入数据
$PostData = array("ID" => null, "TopicID" => $TopicID, "IsTopic" => 0, "UserID" => $CurUserID, "UserName" => $CurUserName, "Subject" => $Topic['Topic'], "Content" => XssEscape($Content), "PostIP" => $CurIP, "PostTime" => $TimeStamp, "IsDel" => 0);
$NewPostResult = $DB->query("INSERT INTO `" . $Prefix . "posts`(`ID`, `TopicID`, `IsTopic`, `UserID`, `UserName`, `Subject`, `Content`, `PostIP`, `PostTime`, `IsDel`) VALUES (:ID,:TopicID,:IsTopic,:UserID,:UserName,:Subject,:Content,:PostIP,:PostTime,:IsDel)", $PostData);
$PostID = $DB->lastInsertId();
if ($NewPostResult) {
//更新全站统计数据
$NewConfig = array("NumPosts" => $Config["NumPosts"] + 1, "DaysPosts" => $Config["DaysPosts"] + 1);
UpdateConfig($NewConfig);
//更新主题统计数据
$DB->query("UPDATE `" . $Prefix . "topics` SET Replies=Replies+1,LastTime=?,LastName=? WHERE `ID`=?", array($TimeStamp > $Topic['LastTime'] ? $TimeStamp : $Topic['LastTime'], $CurUserName, $TopicID));
//更新用户自身统计数据
UpdateUserInfo(array("Replies" => $CurUserInfo['Replies'] + 1, "LastPostTime" => $TimeStamp));
//标记附件所对应的帖子标签
$DB->query("UPDATE `" . $Prefix . "upload` SET PostID=? WHERE `PostID`=0 and `UserName`=?", array($PostID, $CurUserName));
//添加提醒消息
AddingNotifications($Content, $TopicID, $PostID, $Topic['UserName']);
if ($CurUserID != $Topic['UserID']) {
$DB->query('INSERT INTO `' . $Prefix . 'notifications`(`ID`, `UserID`, `UserName`, `Type`, `TopicID`, `PostID`, `Time`, `IsRead`) VALUES (null,?,?,?,?,?,?,?)', array($Topic['UserID'], $CurUserName, 1, $TopicID, $PostID, $TimeStamp, 0));
$DB->query('UPDATE `' . $Prefix . 'users` SET `NewMessage` = `NewMessage`+1 WHERE ID = :UserID', array('UserID' => $Topic['UserID']));
//清理内存缓存
if ($MCache) {
$MCache->delete(MemCachePrefix . 'UserInfo_' . $Topic['UserID']);
}
}
if ($MCache) {
//清理首页内存缓存
$MCache->delete(MemCachePrefix . 'Homepage');
<?php
require dirname(__FILE__) . '/common.php';
require dirname(__FILE__) . '/language/' . ForumLanguage . '/notifications.php';
Auth(1);
$ReplyArray = $DB->query('SELECT n.ID as NID, n.Type, n.IsRead, p.ID, p.TopicID, p.IsTopic, p.UserID, p.UserName, p.Subject, p.Content, p.PostTime, p.IsDel
FROM ' . $Prefix . 'notifications n LEFT JOIN ' . $Prefix . 'posts p
on p.ID=n.PostID
Where n.UserID = ? and n.Type=1
ORDER BY n.Time DESC LIMIT 30', array($CurUserID));
$MentionArray = $DB->query('SELECT n.ID as NID, n.Type, n.IsRead, p.ID, p.TopicID, p.IsTopic, p.UserID, p.UserName, p.Subject, p.Content, p.PostTime, p.IsDel
FROM ' . $Prefix . 'notifications n
LEFT JOIN ' . $Prefix . 'posts p
on p.ID=n.PostID
Where n.UserID = ? and n.Type=2
ORDER BY n.Time DESC LIMIT 30', array($CurUserID));
//Clear unread marks
UpdateUserInfo(array('NewMessage' => 0));
$CurUserInfo['NewMessage'] = 0;
$DB->CloseConnection();
// 页面变量
$PageTitle = $Lang['Notifications'];
$ContentFile = $TemplatePath . 'notifications.php';
include $TemplatePath . 'layout.php';
