adminmsg('user_not_exists');
}
$uid = $userdb['uid'];
}
if ($uid) {
$sql .= " AND fs.uid=" . S::sqlEscape($uid);
}
if ($fid) {
$sql .= " AND fs.fid=" . S::sqlEscape($fid);
}
$page < 1 && ($page = 1);
$limit = S::sqlLimit(($page - 1) * $db_perpage, $db_perpage);
$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_forumsell fs {$sql}");
$pages = numofpage($rt['sum'], $page, ceil($rt['sum'] / $db_perpage), "{$basename}&uid={$uid}&fid={$fid}&");
$buydb = array();
$query = $db->query("SELECT fs.*,m.username,m.uid FROM pw_forumsell fs LEFT JOIN pw_members m USING(uid) {$sql} ORDER BY fs.overdate DESC {$limit}");
while ($rt = $db->fetch_array($query)) {
$rt['buydate'] = get_date($rt['buydate']);
$rt['overtime'] = get_date($rt['overdate']);
$buydb[] = $rt;
}
include PrintEot('forumsell');
exit;
} elseif ($_POST['action'] == 'del') {
S::gp(array('selid'));
if (!($selid = checkselid($selid))) {
adminmsg('operate_error');
}
$db->update("DELETE FROM pw_forumsell WHERE id IN({$selid})");
adminmsg('operate_success');
}
$query = $db->query("SELECT fid,name,allowhtm FROM pw_forums {$sqladd}");
while ($rt = $db->fetch_array($query)) {
$num++;
$htm_tr = $num % 5 == 0 ? '' : '';
$checked = $rt['allowhtm'] ? 'checked' : ($checked = '');
$tmpName = strip_tags($rt['name'], '<img>');
$forumcheck .= "<li><input type='checkbox' name='selid[]' value='{$rt['fid']}' {$checked}>{$tmpName}</li>{$htm_tr}";
$rt['allowhtm'] && ($select .= "<option value=\"{$rt['fid']}\">{$rt['name']}</option>");
}
$forumcheck .= "</ul>";
include PrintEot('creathtm');
exit;
} elseif ($_POST['action'] == 'submit') {
S::gp(array('selid'), 'P');
$_tmpSelid = $selid;
$selid = checkselid($selid);
if ($selid === false) {
$basename = "javascript:history.go(-1);";
adminmsg('operate_error');
} elseif ($selid == '') {
//* $db->update("UPDATE pw_forums SET allowhtm='0' $sqladd");
$db->update(pwQuery::buildClause("UPDATE :pw_table SET allowhtm='0' {$sqladd}", array('pw_forums')));
} elseif ($selid) {
//* $db->update("UPDATE pw_forums SET allowhtm='1' $sqladd AND fid IN($selid)");
//* $db->update("UPDATE pw_forums SET allowhtm='0' $sqladd AND fid NOT IN($selid)");
$db->update(pwQuery::buildClause("UPDATE :pw_table SET allowhtm='1' {$sqladd} AND fid IN(:fid)", array('pw_forums', $_tmpSelid)));
$db->update(pwQuery::buildClause("UPDATE :pw_table SET allowhtm='0' {$sqladd} AND fid NOT IN(:fid)", array('pw_forums', $_tmpSelid)));
}
updatecache_f();
adminmsg('operate_success');
} elseif ($action == 'creat') {
${'r_' . $i . '_' . $s} = 'checked';
}
include PrintEot('pwcode');
exit;
} else {
S::gp(array('id', 'name', 'icon', 'pattern', 'param', 'title', 'descrip'));
S::gp(array('replace'), 'P', 0);
$pattern = implode("\t", $pattern);
$db->update("UPDATE pw_windcode" . " SET " . S::sqlSingle(array('name' => $name, 'icon' => $icon, 'pattern' => $pattern, 'replacement' => $replace, 'param' => $param, 'title' => $title, 'descrip' => $descrip)) . " WHERE id=" . S::sqlEscape($id));
//updatecache_wcode();
updatecache_c();
adminmsg("operate_success");
}
} elseif ($_POST['action'] == 'submit') {
S::gp(array('selid', 'icon'));
$delids = checkselid($selid);
if ($delids) {
$db->update("DELETE FROM pw_windcode WHERE id IN({$delids})");
}
adminmsg('operate_success');
}
} elseif ($adminitem == 'commonsmile') {
if (empty($action)) {
$facedb = array();
//type=0:使用的分类 type=-1:未启用的分类
$query = $db->query("SELECT * FROM pw_smiles WHERE type=0 OR type=-1 ORDER BY vieworder");
$maxOrder = 1;
while ($postcache = $db->fetch_array($query)) {
$facedb[] = $postcache;
if ($postcache['vieworder'] >= $maxOrder) {
$maxOrder = $postcache['vieworder'] + 1;
}
$grouplist = str_replace("<option value=\"{$gid}\">", "<option value=\"{$gid}\" selected>", $groupstitle);
$togrouplist = str_replace("<option value=\"{$men['togid']}\">", "<option value=\"{$men['togid']}\" selected>", $groupstitle);
include PrintEot('uptime');
exit;
} elseif ($_POST['step'] == 3) {
PostCheck($verify);
InitGP(array('togid', 'days', 'treset'), 'P');
$gid == 3 && !If_manager && adminmsg('manager_right');
$gid == $togid && adminmsg('gid_same');
$rt = $db->get_one("SELECT * FROM pw_extragroups WHERE uid=" . pwEscape($uid) . "AND gid=" . pwEscape($gid));
(int) $days < 1 && ($days = 30);
if ($rt) {
$sql = $treset ? ",startdate=" . pwEscape($timestamp) : '';
$db->update('UPDATE pw_extragroups SET days=' . pwEscape($days) . ',togid=' . pwEscape($togid) . " {$sql} WHERE uid=" . pwEscape($uid) . 'AND gid=' . pwEscape($gid));
} else {
$db->update("INSERT INTO pw_extragroups" . " SET " . pwSqlSingle(array('uid' => $uid, 'gid' => $gid, 'togid' => $togid, 'startdate' => $timestamp, 'days' => $days)));
}
adminmsg('operate_success');
}
} elseif ($_POST['action'] == 'del') {
PostCheck($verify);
InitGP(array('selid'), 'P');
(!$selid || !is_array($selid)) && adminmsg('operate_error');
foreach ($selid as $gid => $value) {
if ($uids = checkselid($value)) {
$db->update("DELETE FROM pw_extragroups WHERE gid=" . pwEscape($gid) . "AND uid IN({$uids})");
}
}
adminmsg('operate_success');
}
InitGP(array('id'));
@extract($db->get_one("SELECT name,value FROM pw_setform WHERE id=" . pwEscape($id)));
!$name && adminmsg('operate_error');
$setform = unserialize($value);
$num = count($setform);
include PrintEot('setform');
exit;
} else {
InitGP(array('id', 'name', 'value', 'descipt'), 'P');
(!$name || !$value) && adminmsg('setform_empty');
$setform = array();
foreach ($value as $k => $v) {
$setform[] = array($v, $descipt[$k]);
}
$setform = serialize($setform);
$db->update("UPDATE pw_setform SET" . pwSqlSingle(array('name' => $name, 'value' => $setform)) . "WHERE id=" . pwEscape($id));
updatecache_form();
adminmsg("operate_success");
}
} elseif ($_POST['action'] == 'del') {
InitGP(array('selid', 'ifopen'), 'P');
if ($selid = checkselid($selid)) {
$db->update("DELETE FROM pw_setform WHERE id IN({$selid})");
}
$db->update("UPDATE pw_setform SET ifopen='0'");
if ($ifopen = checkselid($ifopen)) {
$db->update("UPDATE pw_setform SET ifopen='1' WHERE id IN({$ifopen})");
}
updatecache_form();
adminmsg("operate_success");
}
