public static function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0)
{
if (!getgpc($var)) {
return FALSE;
} else {
global $_G;
if ($allowget || $_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && $_GET['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) || preg_replace("/https?:\\/\\/([^\\:\\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\\:]+).*/", "\\1", $_SERVER['HTTP_HOST']))) {
if (empty($_GET['phone_reg'])) {
if (checkperm('seccode')) {
if ($secqaacheck && !check_secqaa($_GET['secanswer'], $_GET['sechash'])) {
showmessage('submit_secqaa_invalid');
}
if ($seccodecheck && !check_seccode($_GET['seccodeverify'], $_GET['sechash'])) {
showmessage('submit_seccode_invalid');
}
}
}
return TRUE;
// For ios reg modify by heavenK
} elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && !empty($_GET['phone_reg']) && empty($_SERVER['HTTP_X_FLASH_VERSION']) && empty($_SERVER['HTTP_REFERER'])) {
return TRUE;
} else {
//add by zh
if ($_GET['mod'] == 'sms' && $_GET['flag'] == 1) {
exit(lang('message', 'submit_invalid'));
} else {
showmessage('submit_invalid');
}
}
}
}
function showcategoryrowpush($key, $level = 0, $last = '')
{
global $category, $permissioncategory, $permission;
$value = $category[$key];
$return = '';
$op = '';
if (checkperm('allowmanagearticle') || checkperm('allpublish') || $permission[$key]['allowpublish'] || checkperm('allowmanage') || $permission[$key]['allowmanage']) {
$value['pushurl'] = '<a href="portal.php?mod=portalcp&ac=article&catid=' . $key . '&from_idtype=' . $_GET['idtype'] . '&from_id=' . $_GET['id'] . '" target="_blank" onclick="hideWindow(\'' . $_G[gp_handlekey] . '\\)">' . htmlspecialchars($value['catname']) . '</a>';
}
if ($level == 2) {
$class = $last ? 'lastchildcat' : 'childcat';
$return = '<tr class="hover"><td><div class="' . $class . '">' . $value['pushurl'] . '</div></td></tr>';
} elseif ($level == 1) {
$return = '<tr class="hover"><td><div class="cat">' . $value['pushurl'] . '</div></td></tr>';
$children = checkperm('allowmanagearticle') ? $category[$key]['children'] : $permissioncategory[$key]['permissionchildren'];
for ($i = 0, $L = count($children); $i < $L; $i++) {
$return .= showcategoryrowpush($children[$i], 2, $i == $L - 1);
}
} else {
$return = '<tr class="hover"><td><div class="parentcat">' . $value['pushurl'] . '</div></td></tr>';
$children = checkperm('allowmanagearticle') ? $category[$key]['children'] : $permissioncategory[$key]['permissionchildren'];
for ($i = 0, $L = count($children); $i < $L; $i++) {
$return .= showcategoryrowpush($children[$i], 1, '');
}
}
return $return;
}
private function _commentReply($res, $data)
{
global $_G;
require DISCUZ_ROOT . './source/function/function_home.php';
require_once libfile('function/portalcp');
// 在DISCUZ_ROOT/source/include/portalcp/portalcp_comment.php基础上二次开发
if (!checkperm('allowcommentarticle')) {
return $this->makeErrorInfo($res, 'group_nopermission', array('{grouptitle}' => $_G['group']['grouptitle']), array('login' => 1));
}
switch ($data['idType']) {
case 'aid':
$_POST['aid'] = $data['id'];
break;
case 'tid':
$_POST['topicid'] = $data['id'];
break;
default:
return $this->makeErrorInfo($res, 'mobcent_error_params');
}
$id = 0;
$idtype = '';
if (!empty($_POST['aid'])) {
$id = intval($_POST['aid']);
$idtype = 'aid';
} elseif (!empty($_POST['topicid'])) {
$id = intval($_POST['topicid']);
$idtype = 'topicid';
}
// 获取评论内容
$_POST['message'] = $commentText = '';
foreach ($data['content'] as $line) {
$line['type'] = $this->_transCommentType($line['type']);
// 引用评论
if (isset($data['quoteCommentId']) && $data['quoteCommentId'] > 0) {
$quoteComment = DzPortalComment::getCommentById($data['quoteCommentId']);
if (!empty($quoteComment)) {
$commentText .= $this->_getCommentMessage($quoteComment);
}
}
if ($line['type'] == 'text') {
$line['infor'] = rawurldecode($line['infor']);
$commentText .= WebUtils::t($line['infor']);
}
}
$_POST['message'] = $commentText;
$message = $_POST['message'];
require_once libfile('function/spacecp');
if (($checkMessage = mobcent_cknewuser()) != '') {
return $this->makeErrorInfo($res, WebUtils::emptyHtml($checkMessage));
}
$waittime = interval_check('post');
if ($waittime > 0) {
return $this->makeErrorInfo($res, 'operating_too_fast', array('{waittime}' => $waittime), array('return' => true));
}
$retmessage = addportalarticlecomment($id, $message, $idtype);
return $this->makeErrorInfo($res, $retmessage, array('noError' => $retmessage == 'do_success' ? 1 : 0));
}
function HookFormat_chooserAllGetdownloadurl($ref, $size, $ext, $page = 1, $alternative = -1)
{
global $baseurl_short;
$path = get_resource_path($ref, true, $size, false, $ext, -1, $page, $size == "scr" && checkperm("w") && $alternative == -1, '', $alternative);
if (file_exists($path)) {
return false;
}
return $baseurl_short . 'plugins/format_chooser/pages/convert.php?ref=' . $ref . '&size=' . $size . '&ext=' . $ext . '&page=' . $page . '&alt=' . $alternative;
}
function HookGrant_editEditEditstatushide()
{
// Needed to prevent user changing the archive state, otherwise a user with temporary edit access to an active resource could change it from active to pending submission
global $status, $resource;
if (!checkperm("e" . $resource["archive"])) {
return true;
}
return false;
}
function HookLegacy_actionsCollection_publicRender_collections_public_list_tools($collection_data)
{
global $baseurl_short, $lang, $contact_sheet, $home_dash, $anonymous_login, $username;
?>
<a href="<?php
echo $baseurl_short;
?>
pages/search.php?search=<?php
echo urlencode('!collection' . $collection_data['ref']);
?>
" onClick="return CentralSpaceLoad(this, true);">> <?php
echo $lang['viewall'];
?>
</a>
<?php
if ($contact_sheet == true) {
?>
<a href="<?php
echo $baseurl_short;
?>
pages/contactsheet_settings.php?ref=<?php
echo urlencode($collection_data['ref']);
?>
" onClick="return CentralSpaceLoad(this);">> <?php
echo $lang['contactsheet'];
?>
</a>
<?php
}
if (!checkperm('b')) {
?>
<a href="#" onclick="document.getElementById('collectionadd').value='<?php
echo urlencode($collection_data['ref']);
?>
'; document.getElementById('collectionform').submit(); return false;">> <?php
echo $lang['addtomycollections'];
?>
</a>
<?php
}
if ($home_dash && checkPermission_dashcreate()) {
?>
<a href="<?php
echo $baseurl_short;
?>
pages/dash_tile.php?create=true&tltype=srch&promoted_resource=true&freetext=true&all_users=1&link=/pages/search.php?search=!collection<?php
echo urlencode($collection_data['ref']);
?>
&order_by=relevance&sort=DESC" onClick="return CentralSpaceLoad(this, true);">> <?php
echo $lang['dashtile'];
?>
</a>
<?php
}
}
function HookTransformAllRender_actions_add_collection_option($top_actions, $options)
{
global $cropper_enable_batch, $count_result, $lang, $collection_data, $baseurl_short, $userref;
$c = count($options);
if ($cropper_enable_batch && $count_result > 0 && ($userref == $collection_data['user'] || $collection_data['allow_changes'] == 1 || checkperm('h'))) {
$data_attribute['url'] = sprintf('%splugins/transform/pages/collection_transform.php?collection=%s', $baseurl_short, urlencode($collection_data['ref']));
$options[$c]['value'] = 'transform';
$options[$c]['label'] = $lang["transform"];
$options[$c]['data_attr'] = $data_attribute;
return $options;
}
}
function _space2user($space, $spaceInfos = array())
{
global $_SC, $_SGLOBAL;
if (!$space) {
return array();
}
$founders = explode(',', $_SC['founder']);
$adminLevel = 'none';
if (in_array($space['uid'], $founders)) {
$adminLevel = 'founder';
} else {
$_SGLOBAL['supe_uid'] = $space['uid'];
if (checkperm('manageconfig')) {
$adminLevel = 'manager';
}
}
// profile privacy
$profilePrivacy = array();
if (!$spaceInfos) {
$query = $_SGLOBAL['db']->query(sprintf('SELECT * FROM %s where uid = %d', tname('spaceinfo'), $space['uid']));
while ($row = $_SGLOBAL['db']->fetch_array($query)) {
$spaceInfos[] = $row;
}
}
foreach ($spaceInfos as $value) {
$_PP = array();
switch ($value['friend']) {
case 1:
$_PP = 'friends';
break;
case 3:
$_PP = 'me';
break;
case 0:
default:
$_PP = 'public';
}
$fields = array('marry' => 'relationshipStatus', 'birth' => 'birthday', 'blood' => 'bloodType', 'birthcity' => 'birthPlace', 'residecity' => 'residePlace', 'mobile' => 'mobile', 'qq' => 'qq', 'msn' => 'msn');
if (array_key_exists($value['subtype'], $fields)) {
$profilePrivacy[$fields[$value['subtype']]] = $_PP;
}
}
$privacy = unserialize($space['privacy']);
if (!$privacy) {
$privacy = array();
}
$user = array('uId' => $space['uid'], 'handle' => $space['username'], 'action' => $space['action'], 'realName' => $space['name'], 'realNameChecked' => $space['namestatus'] ? true : false, 'gender' => $space['sex'] == 1 ? 'male' : ($space['sex'] == 2 ? 'female' : 'unknown'), 'email' => $space['email'], 'qq' => $space['qq'], 'msn' => $space['msn'], 'birthday' => sprintf('%04d-%02d-%02d', $space['birthyear'], $space['birthmonth'], $space['birthday']), 'bloodType' => empty($space['blood']) ? 'unknown' : $space['blood'], 'relationshipStatus' => $space['marry'] == 1 ? 'single' : ($space['marry'] == 2 ? 'notSingle' : 'unknown'), 'birthProvince' => $space['birthprovince'], 'birthCity' => $space['birthcity'], 'resideProvince' => $space['resideprovince'], 'resideCity' => $space['residecity'], 'viewNum' => $space['viewnum'], 'friendNum' => $space['friendnum'], 'myStatus' => $space['note'], 'lastActivity' => $space['updatetime'], 'created' => $space['dateline'], 'credit' => $space['credit'], 'isUploadAvatar' => $space['avatar'] ? true : false, 'adminLevel' => $adminLevel, 'homepagePrivacy' => $privacy['view']['index'] == 1 ? 'friends' : ($privacy['view']['index'] == 2 ? 'me' : 'public'), 'profilePrivacyList' => $profilePrivacy, 'friendListPrivacy' => $privacy['view']['friend'] == 1 ? 'friends' : ($privacy['view']['friend'] == 2 ? 'me' : 'public'));
return $user;
}
function HookCsv_uploadAllTopnavlinksafterhome()
{
global $baseurl, $lang;
if (checkperm("c")) {
?>
<li><a href="<?php
echo $baseurl;
?>
/plugins/csv_upload/pages/csv_upload.php" onClick="CentralSpaceLoad(this,true);return false;"><?php
echo $lang["csv_upload_nav_link"];
?>
</a></li>
<?php
}
}
/**
* 保存附件
*/
private function _saveAttachment($res, $type, $module = '', $albumId = '')
{
global $_G;
$allowFile = array();
foreach ($_FILES['uploadFile']['name'] as $key => $file) {
if ($this->_checkUploadFile($key)) {
$allowFile[] = $key;
}
}
if (!empty($allowFile)) {
if ($type == 'image' && !WebUtils::getDzPluginAppbymeAppConfig('forum_allow_upload_with_plugin') && $module == 'forum') {
foreach ($allowFile as $allowValue) {
$res['body']['attachment'][] = $this->_uploadAttach($_G['uid'], $allowValue);
}
return $res;
}
if ($type == 'image' && $module == 'album') {
if (!checkperm('allowupload') || !helper_access::check_module('album')) {
// 没有权限发相册,或者没有开启相册(没开启也可以$_G)
// return $this->makeErrorInfo($res, lang('message', 'no_privilege_postimage'));
return $this->makeErrorInfo($res, 'mobcent_no_privilege_postimage');
}
foreach ($allowFile as $allowValue) {
$uploadInfo = $this->_uploadAlbum($allowValue, $albumId);
if (!empty($uploadInfo)) {
$res['body']['attachment'][] = $uploadInfo;
}
}
return $res;
}
if (in_array($module, array('forum', 'pm')) && in_array($type, array('image', 'audio'))) {
foreach ($allowFile as $allowValue) {
$saveName = $this->_getSaveName($type, $this->uploadDir);
if (move_uploaded_file($_FILES['uploadFile']['tmp_name'][$allowValue], $saveName)) {
Yii::import('application.components.discuz.source.class.class_image', true);
$image = new Mobcent_Image();
if ($image->param['watermarkstatus']['forum'] > 0) {
$image->makeWatermark($saveName, '', 'forum');
}
$urlFileName = $this->_getUrlFileName($this->_getPathFileName($type), $saveName);
$type == 'image' && ImageUtils::getThumbImageEx($urlFileName, 10, false, false, true);
$res['body']['attachment'][] = array('id' => 0, 'urlName' => $urlFileName);
}
}
}
}
return $res;
}
function checkperm($path)
{
echoperms($path, '0777');
if ($h = @opendir($path)) {
while (FALSE !== ($filename = @readdir($h))) {
if ($filename == '.' || $filename == '..' || $filename == '.svn') {
continue;
}
if (@is_dir($path . $filename)) {
checkperm($path . $filename . DIRECTORY_SEPARATOR);
} else {
echoperms($path . $filename, '0666');
}
}
@closedir($h);
}
}
function HookNewsTeam_homeCustomteamfunction()
{
global $baseurl, $lang;
if (checkperm("o")) {
?>
<li><a href="<?php
echo $baseurl;
?>
/plugins/news/pages/news_edit.php"><?php
echo $lang["news_manage"];
?>
</a></li>
<?php
}
?>
<?php
}
/**
* 修改原cknewuser方法
*
* @author 谢建平 <*****@*****.**>
* @param int $return 1为返回bool, 0为返回错误message
* @return bool|string
*/
function mobcent_cknewuser($return = 0)
{
global $_G;
$result = true;
if (!$_G['uid']) {
return true;
}
if (checkperm('disablepostctrl')) {
return empty($return) ? '' : $result;
}
$ckuser = $_G['member'];
if ($_G['setting']['newbiespan'] && $_G['timestamp'] - $ckuser['regdate'] < $_G['setting']['newbiespan'] * 60) {
if (empty($return)) {
// showmessage('no_privilege_newbiespan', '', array('newbiespan' => $_G['setting']['newbiespan']), array());
return lang('message', 'no_privilege_newbiespan', array('newbiespan' => $_G['setting']['newbiespan']));
}
$result = false;
}
if ($_G['setting']['need_avatar'] && empty($ckuser['avatarstatus'])) {
if (empty($return)) {
// showmessage('no_privilege_avatar', '', array(), array());
return lang('message', 'no_privilege_avatar');
}
$result = false;
}
if ($_G['setting']['need_email'] && empty($ckuser['emailstatus'])) {
if (empty($return)) {
// showmessage('no_privilege_email', '', array(), array());
return lang('message', 'no_privilege_email');
}
$result = false;
}
if ($_G['setting']['need_friendnum']) {
space_merge($ckuser, 'count');
if ($ckuser['friends'] < $_G['setting']['need_friendnum']) {
if (empty($return)) {
// showmessage('no_privilege_friendnum', '', array('friendnum' => $_G['setting']['need_friendnum']), array());
return lang('message', 'no_privilege_friendnum', array('friendnum' => $_G['setting']['need_friendnum']));
}
$result = false;
}
}
return empty($return) ? '' : $result;
}
function HookRemotedownloadAllGetdownloadurl($ref, $size, $ext, $page = 1, $alternative = -1)
{
global $remotedownload_prepend, $remotedownload_append, $remotedownload_replace, $remotedownload_addquery;
global $storageurl;
$url = get_resource_path($ref, false, $size, false, $ext, -1, $page, $size == "scr" && checkperm("w") && $alternative == -1, "", $alternative);
if (!empty($remotedownload_prepend) && strpos($url, $storageurl) === 0) {
$storageurl_len = strlen($storageurl);
$url = substr($url, 0, $storageurl_len) . $remotedownload_prepend . substr($url, $storageurl_len);
}
if (!empty($remotedownload_append)) {
$url = $url . $remotedownload_append;
}
foreach ($remotedownload_replace as $replace) {
$url = str_replace($replace['match'], $replace['with'], $url);
}
foreach ($remotedownload_addquery as $query) {
$url = $url . (strpos($url, "?") !== FALSE ? "?" : "&") . $query;
}
return $url;
}
public static function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0)
{
if (!getgpc($var)) {
return FALSE;
} else {
global $_G;
if ($allowget || $_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && $_GET['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) || strncmp($_SERVER['HTTP_REFERER'], 'http://wsq.discuz.qq.com', 24) === 0 || strncmp($_SERVER['HTTP_REFERER'], 'http://m.wsq.qq.com', 19) === 0 || preg_replace("/https?:\\/\\/([^\\:\\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\\:]+).*/", "\\1", $_SERVER['HTTP_HOST']))) {
if (checkperm('seccode')) {
if ($secqaacheck && !check_secqaa($_GET['secanswer'], $_GET['secqaahash'])) {
showmessage('submit_secqaa_invalid');
}
if ($seccodecheck && !check_seccode($_GET['seccodeverify'], $_GET['seccodehash'], 0, $_GET['seccodemodid'])) {
showmessage('submit_seccode_invalid');
}
}
return TRUE;
} else {
showmessage('submit_invalid');
}
}
}
function HookResourceConnectAllSearchfiltertop()
{
# Option to search affiliate systems in the basic search panel
global $lang, $language, $resourceconnect_affiliates, $baseurl, $resourceconnect_selected;
if (!checkperm("resourceconnect")) {
return false;
}
?>
<div class="SearchItem"><?php
echo $lang["resourceconnect_affiliate"];
?>
<br />
<select class="SearchWidth" name="resourceconnect_selected">
<?php
for ($n = 0; $n < count($resourceconnect_affiliates); $n++) {
?>
<option value="<?php
echo $n;
?>
" <?php
if ($resourceconnect_selected == $n) {
?>
selected<?php
}
?>
><?php
echo i18n_get_translated($resourceconnect_affiliates[$n]["name"]);
?>
</option>
<?php
}
?>
</select>
</div>
<?php
}
function alt_from_resource($source, $target, $name = '', $delete = false)
{
// Copy a resource as an alt file of another resource
// alt is the source resource, $ref is the target resource that will get the new alternate
global $view_title_field;
$srcdata = get_resource_data($source);
$srcext = $srcdata['file_extension'];
$srcpath = get_resource_path($source, true, "", false, $srcext);
if ($name == '') {
$name = sql_value("select value from resource_data where resource_type_field = '{$view_title_field}' and resource = '{$source}'", 'Untitled');
}
$description = '';
if (!file_exists($srcpath)) {
echo "ERROR: File not found.";
return false;
} else {
$file_size = filesize_unlimited($srcpath);
$altid = add_alternative_file($target, $name, $description = "", $file_name = "", $file_extension = "", $file_size, $alt_type = '');
$newpath = get_resource_path($target, true, "", true, $srcext, -1, 1, false, '', $altid);
copy($srcpath, $newpath);
# Preview creation for alternative files (enabled via config)
global $alternative_file_previews;
if ($alternative_file_previews) {
create_previews($target, false, $srcext, false, false, $altid);
}
if ($delete) {
// we are supposed to delete the original resource when we're done
# Not allowed to edit this resource? They shouldn't have been able to get here.
if (!get_edit_access($source, $srcdata["archive"], false, $srcdata) || checkperm('D')) {
exit("Permission denied.");
} else {
delete_resource($source);
}
}
return true;
}
}
}
?>
<a class="lightbox" href="<?php
echo $path;
?>
" title="<?php
echo $displaytitle;
?>
"><img width="<?php
echo $result[$n]["thumb_width"];
?>
" height="<?php
echo $result[$n]["thumb_height"];
?>
" src="<?php
echo get_resource_path($ref, false, "thm", false, $result[$n]["preview_extension"], -1, 1, (checkperm("w") || $k != "" && isset($watermark)) && $access == 1, $result[$n]["file_modified"]);
?>
" class="ImageBorder"></a>
<?php
} else {
?>
<img border=0 src="../gfx/<?php
echo get_nopreview_icon($result[$n]["resource_type"], $result[$n]["file_extension"], false);
?>
"/><?php
}
?>
</td>
</tr></table>
selected<?php
}
?>
><?php
echo str_pad("", $n, "*");
?>
</option>
<?php
}
?>
</select>
<div class="clearerleft"> </div>
</div>
<?php
if (checkperm("h") && $cinfo["theme"] != "") {
?>
<div class="Question">
<label for="use_as_theme_thumbnail"><?php
echo $lang["useasthemethumbnail"];
?>
</label>
<input name="use_as_theme_thumbnail" id="use_as_theme_thumbnail" type="checkbox" value="yes" <?php
if ($commentdata["use_as_theme_thumbnail"] == 1) {
?>
checked<?php
}
?>
>
<div class="clearerleft"> </div>
</div>
<?php
include "../../../include/db.php";
include "../../../include/authenticate.php";
if (!checkperm("r")) {
exit("Permission denied.");
}
include "../../../include/general.php";
include "../../../include/resource_functions.php";
$ref = getvalescaped("ref", "");
$resource = getvalescaped("resource", "");
# Check access
$edit_access = get_edit_access($resource);
if (!$edit_access) {
exit("Access denied");
}
# Should never arrive at this page without edit access
if (getval("submitted", "") != "") {
# Save license data
# Construct expiry date
$expires = getvalescaped("expires_year", "") . "-" . getvalescaped("expires_month", "") . "-" . getvalescaped("expires_day", "");
# Construct usage
$license_usage = "";
if (isset($_POST["license_usage"])) {
$license_usage = escape_check(join(", ", $_POST["license_usage"]));
}
if ($ref == "new") {
# New record
sql_query("insert into resource_license (resource,outbound,holder,license_usage,description,expires) values ('" . getvalescaped("resource", "") . "', '" . getvalescaped("outbound", "") . "', '" . getvalescaped("holder", "") . "', '{$license_usage}', '" . getvalescaped("description", "") . "', '{$expires}')");
$ref = sql_insert_id();
resource_log($resource, "", "", $lang["new_license"] . " " . $ref);
$appid = empty($_GET['id']) ? '' : intval($_GET['id']);
if ($appid) {
$mod = 'app';
}
$discuz->cachelist = $cachelist;
$discuz->init();
if (empty($_G['uid']) && $mod == 'app') {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
dsetcookie('_refer', rawurlencode($_SERVER['REQUEST_URI']));
} else {
dsetcookie('_refer', rawurlencode('userapp.php?mod=app&id=' . $appid));
}
showmessage('to_login', null, array(), array('showmsg' => true, 'login' => 1));
}
if (empty($_G['setting']['my_app_status'])) {
showmessage('no_privilege_my_app_status', '', array(), array('return' => true));
}
if ($mod == 'app' && !checkperm('allowmyop')) {
showmessage('no_privilege_myop', '', array(), array('return' => true));
}
$space = $_G['uid'] ? getuserbyuid($_G['uid']) : array();
define('CURMODULE', 'userapp');
runhooks();
getuserapp();
$navtitle = str_replace('{bbname}', $_G['setting']['bbname'], $_G['setting']['seotitle']['userapp']);
if (!$navtitle) {
$navtitle = $_G['setting']['navs'][5]['navname'];
} else {
$nobbname = true;
}
require_once libfile('userapp/' . $mod, 'module');
} else {
showmessage('message_can_not_send');
}
}
}
} elseif ($_GET['op'] == 'ignore') {
if (submitcheck('ignoresubmit')) {
$single = intval($_G['gp_single']);
if ($single) {
uc_pm_blackls_add($_G['uid'], $_POST['ignoreuser']);
showmessage('do_success', dreferer(), array(), array('showdialog' => 1, 'showmsg' => true, 'closetime' => 1));
} else {
uc_pm_blackls_set($_G['uid'], $_POST['ignorelist']);
showmessage('do_success', 'home.php?mod=space&do=pm&view=ignore', array(), array('showdialog' => 1, 'showmsg' => true, 'closetime' => 1));
}
}
} else {
cknewuser();
if (!checkperm('allowsendpm')) {
showmessage('no_privilege');
}
$friends = array();
if ($space['friendnum']) {
$query = DB::query("SELECT fuid AS uid, fusername AS username FROM " . DB::table('home_friend') . " WHERE uid={$_G['uid']} AND status='1' ORDER BY num DESC, dateline DESC LIMIT 0,100");
while ($value = DB::fetch($query)) {
$value['username'] = daddslashes($value['username']);
$friends[] = $value;
}
}
}
include_once template("home/spacecp_pm");
<?php
if (!defined('iBUAA') || !defined('IN_ADMINCP')) {
exit('Access Denied');
}
if (!checkperm('managerecommendpublic')) {
cpmessage('no_authority_management_operation');
}
//1为学院、2为部处、3为名人、4为学生组织、5为兴趣社团、6为学生党组织、7为活动主页、8为品牌主页、20为班级主页、100为航路研语、默认0为其他
if ($_GET['op'] == 'query') {
$query_str = $_POST['query'];
$sql = 'SELECT * FROM ' . tname('space') . ' WHERE uid="' . $query_str . '" and groupid=3 or name="' . $query_str . '" and groupid=3';
$query = $_SGLOBAL['db']->query($sql);
$query_value = array();
while ($res = $_SGLOBAL['db']->fetch_array($query)) {
$query1 = $_SGLOBAL['db']->query("SELECT * FROM " . tname("rec_public") . " WHERE uid=" . $res['uid']);
if ($_SGLOBAL['db']->fetch_array($query1)) {
$res['recommend_or_not'] = '已推荐';
} else {
$res['recommend_or_not'] = '推荐';
}
$query_value[] = $res;
}
}
if ($_GET['op'] == 'add') {
$add_item = $_POST['uid'];
$name = $_POST['username'];
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("rec_public") . " WHERE uid=" . $add_item);
if ($_SGLOBAL['db']->fetch_array($query)) {
showmessage("该公共主页已经存在推荐列表,请不要重复添加");
} else {
}
// end if checksums and temp tables turned on
?>
<li><a href="<?php
echo $baseurl_short;
?>
pages/search.php?search=<?php
echo urlencode("!unused");
?>
" onClick="return CentralSpaceLoad(this,true);"><?php
echo $lang["viewuncollectedresources"];
?>
</a></li>
<?php
if (checkperm("k")) {
// Check if user can manage keywords and fields
?>
<li><a href="<?php
echo $baseurl_short;
?>
pages/team/team_related_keywords.php" onClick="return CentralSpaceLoad(this,true);"><?php
echo $lang["managerelatedkeywords"];
?>
</a></li>
<li><a onClick="return CentralSpaceLoad(this,true);" href="<?php
echo $baseurl_short;
?>
pages/team/team_fields.php"><?php
echo $lang["managefieldoptions"];
?>
showmessage('theme_does_not_exist');
}
}
space_merge($space, 'field_home');
$blockdata = unserialize($space['blockposition']);
$blockdata['block'] = $layoutdata;
$blockdata['currentlayout'] = $currentlayout;
$setarr['spacecss'] = daddslashes($spacecss);
$setarr['blockposition'] = daddslashes(serialize($blockdata));
$setarr['theme'] = $style;
DB::update('common_member_field_home', $setarr, "uid = {$_G['uid']}");
showmessage('do_success', 'home.php?mod=space' . ($_G['adminid'] == 1 && $_G['setting']['allowquickviewprofile'] ? '&view=admin' : ''));
}
if (submitcheck('uploadsubmit')) {
$albumid = $picid = 0;
if (!checkperm('allowupload')) {
echo "<script>";
echo "alert(\"" . lang('spacecp', 'not_allow_upload') . "\")";
echo "</script>";
exit;
}
$uploadfiles = pic_save($_FILES['attach'], $_POST['albumid'], $_POST['pic_title'], false);
if ($uploadfiles && is_array($uploadfiles)) {
$albumid = $uploadfiles['albumid'];
$picid = $uploadfiles['picid'];
$uploadStat = 1;
require_once libfile('function/spacecp');
album_update_pic($albumid);
} else {
$uploadStat = $uploadfiles;
}
function cknewuser($return=0) {
global $_SGLOBAL, $_SCONFIG, $space;
$result = true;
//不受防灌水限制
if(checkperm('spamignore')) {
return $result;
}
//见习时间
if($_SCONFIG['newusertime'] && $_SGLOBAL['timestamp']-$space['dateline']<$_SCONFIG['newusertime']*3600) {
if(empty($return)) showmessage('no_privilege_newusertime', '', 1, array($_SCONFIG['newusertime']));
$result = false;
}
//需要上传头像
if($_SCONFIG['need_avatar'] && empty($space['avatar'])) {
if(empty($return)) showmessage('no_privilege_avatar');
$result = false;
}
//强制新用户好友个数
if($_SCONFIG['need_friendnum'] && $space['friendnum']<$_SCONFIG['need_friendnum']) {
if(empty($return)) showmessage('no_privilege_friendnum', '', 1, array($_SCONFIG['need_friendnum']));
$result = false;
}
//强制新用户好友个数
if($_SCONFIG['need_email'] && empty($space['emailcheck'])) {
if(empty($return)) showmessage('no_privilege_email');
$result = false;
}
return $result;
}
<?php
/*
[SupeSite] (C) 2007-2009 Comsenz Inc.
$Id: do.php 7412 2008-05-20 02:45:44Z zhaofei $
*/
include_once './common.php';
//Õ¾µã¹Ø±Õ
if (!empty($_SCONFIG['closesite']) && $_GET['action'] != 'seccode' && !in_array($_GET['op'], array('checkusername', 'checkseccode'))) {
if ((empty($_SGLOBAL['group']['groupid']) || $_SGLOBAL['group']['groupid'] != 1) && !checkperm('closeignore')) {
if (empty($_SCONFIG['closemessage'])) {
$_SCONFIG['closemessage'] = $lang['site_close'];
}
$userinfo = empty($_SGLOBAL['supe_username']) ? '' : "{$lang['welcome']}, {$_SGLOBAL['supe_username']} <a href=\"" . S_URL . "/batch.login.php?action=logout\" style=\"color:#aaa;\">[{$lang[logout]}]</a><br/>";
showmessage("{$_SCONFIG['closemessage']}<br /><p style=\"font-size:12px;color:#aaa;\">{$userinfo}<a href=\"" . geturl("action/login") . "\" style=\"color:#aaa;\">{$lang['admin_login']}</a></p>");
}
}
if (in_array($_GET['action'], array('register', 'seccode', 'lostpasswd', 'click'))) {
include_once S_ROOT . './source/do_' . $_GET['action'] . '.php';
} else {
showmessage('no_permission');
}
include "../include/header.php";
$log=get_collection_log($ref, $offset+$per_page);
$results=count($log);
$totalpages=ceil($results/$per_page);
$curpage=floor($offset/$per_page)+1;
$url=$baseurl . "/pages/collection_log.php?ref=" . $ref;
$jumpcount=1;
?>
<?php
# Fetch and translate collection name
$colinfo = get_collection($ref);
$colname = i18n_get_collection_name($colinfo);
if (!checkperm("b"))
{
# Add selection link to collection name.
$colname = "<a href=\"" . $baseurl_short . "pages/collections.php?collection=" . $ref . "\" onClick=\"return CollectionDivLoad(this);\">" . $colname . "</a>";
}
?>
<div class="BasicsBox">
<?php if ($back_to_collections_link != "") { ?><div style="float:right;"><a href="<?php echo $baseurl_short?>pages/collection_manage.php" onClick="return CentralSpaceLoad(this,true);"><strong><?php echo $back_to_collections_link ?></strong> </a></div> <?php } ?>
<h1><?php echo str_replace("%collection", $colname, $lang["collectionlogheader"]);?></h1>
<div class="TopInpageNav">
<div class="InpageNavLeftBlock"><?php echo $lang["resultsdisplay"]?>:
<?php
for($n=0;$n<count($list_display_array);$n++){?>
<?php if ($per_page==$list_display_array[$n]){?><span class="Selected"><?php echo $list_display_array[$n]?></span><?php } else { ?><a onClick="return CentralSpaceLoad(this,true);" href="<?php echo $url; ?>&per_page_list_log=<?php echo $list_display_array[$n]?>"><?php echo $list_display_array[$n]?></a><?php } ?> |
<?php } ?>
<?php
include "../../../include/db.php";
include "../../../include/general.php";
include "../../../include/authenticate.php";
if (!checkperm("u")) {
exit("Permission denied.");
}
if (!isset($magictouch_account_id)) {
$magictouch_account_id = "";
}
if (!isset($magictouch_secure)) {
$magictouch_secure = "http";
}
if (getval("submit", "") != "") {
$resourcetype = getvalescaped("resourcetype", "");
$f = fopen("../config/config.php", "w");
fwrite($f, "<?php \$embedvideo_resourcetype='{$resourcetype}'; ?>");
fclose($f);
redirect("pages/team/team_home.php");
}
$resource_types = get_resource_types();
include "../../../include/header.php";
?>
<div class="BasicsBox">
<h2> </h2>
<h1><?php
echo $lang["embed_video_configuration"];
?>
</h1>
if(! $event){
showmessage("event_does_not_exist"); // 活动不存在或者已被删除
}
if($event['grade'] == 0 && $event['uid'] != $_SGLOBAL['supe_uid'] && !checkperm('manageevent')){
showmessage('event_under_verify');// 活动正在审核中
}
realname_set($event['uid'], $event['username']);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname("userevent")." WHERE eventid='$eventid' AND uid='$_SGLOBAL[supe_uid]'");
$value = $_SGLOBAL['db']->fetch_array($query);
if($value){
$_SGLOBAL['supe_userevent'] = $value;
} else {
$_SGLOBAL['supe_userevent'] = array();
}
$allowmanage = false; // 活动管理权限
if($value['status'] >= 3 || checkperm('manageevent')){
$allowmanage = true;
}
// 私密活动,仅已参加活动的人和有管理权限的人或有邀请的人可见
if($event['public'] == 0 && $_SGLOBAL['supe_userevent']['status'] < 2 && !$allowmanage){
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname("eventinvite")." WHERE eventid = '$eventid' AND touid = '$_SGLOBAL[supe_uid]' LIMIT 1");
$value = $_SGLOBAL['db']->fetch_array($query);
if(empty($value)){
showmessage("event_not_public"); // 这是一个私密活动,需要通过邀请才能查看
}
}
if($view == "thread" && !$event['tagid']) {
$view = "all";
}