$op = empty($_GET['op']) ? '' : $_GET['op']; $poll = array(); $_SCONFIG['maxreward'] = $_SCONFIG['maxreward'] < 2 ? 10 : $_SCONFIG['maxreward']; if ($pid) { $query = $_SGLOBAL['db']->query("SELECT pf.*, p.* FROM " . tname('poll') . " p \n\t\tLEFT JOIN " . tname('pollfield') . " pf ON pf.pid=p.pid \n\t\tWHERE p.pid='{$pid}'"); $poll = $_SGLOBAL['db']->fetch_array($query); realname_set($poll['uid'], $poll['username']); } //Check permission if (empty($poll)) { if (!checkperm('allowpoll')) { ckspacelog(); showmessage('no_authority_to_add_poll'); } // Real-name authentication ckrealname('poll'); // Video Authentication ckvideophoto('poll'); //New User cknewuser(); //Determine whether published too fast $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } } else { if (!in_array($op, array('vote', 'get', 'invite')) && $_SGLOBAL['supe_uid'] != $poll['uid'] && !checkperm('managepoll')) { showmessage('no_authority_operation_of_the_poll'); } } include_once S_ROOT . './source/function_bbcode.php';
ckspacelog(); showmessage('you_do_not_have_permission_to_visit'); } if (empty($_SCONFIG['my_status'])) { showmessage('no_privilege_my_status'); } if ($appid == '1036584') { //视频认证 } else { //验证是否有权限玩应用 if (!checkperm('allowmyop')) { showmessage('no_privilege'); } //实名认证 include_once S_ROOT . './source/function_cp.php'; ckrealname('userapp'); //视频认证 ckvideophoto('userapp'); //更新状态 updatetable('session', array('lastactivity' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid'])); } $app = array(); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('myapp') . " WHERE appid='{$appid}' LIMIT 1"); if ($app = $_SGLOBAL['db']->fetch_array($query)) { if ($app['flag'] < 0) { showmessage('no_privilege_myapp'); } } //漫游 $my_appId = $appid; $my_suffix = base64_decode(urldecode($_GET['my_suffix']));
function video_save($FILE, $title, $desc, $tovideoid = 0, $albumid) { global $_SGLOBAL, $_SCONFIG, $space, $_SC; //允许上传类型 $allowpictype = array('flv'); //检查 $FILE['size'] = intval($FILE['size']); if (empty($FILE['size']) || empty($FILE['tmp_name']) || !empty($FILE['error'])) { return cplang('lack_of_access_to_upload_file_size'); } //判断后缀 $fileext = fileext($FILE['name']); if (!in_array($fileext, $allowpictype)) { return cplang('only_allows_upload_file_types'); } //获取目录 if (!($filepath = getfilepath($fileext, true))) { return cplang('unable_to_create_upload_directory_server'); } //检查空间大小 if (empty($space)) { $space = getspace($_SGLOBAL['supe_uid']); } //用户组 if (!checkperm('allowupload')) { ckspacelog(); return cplang('inadequate_capacity_space'); } //实名认证 if (!ckrealname('album', 1)) { return cplang('inadequate_capacity_space'); } //视频认证 if (!ckvideophoto('album', array(), 1)) { return cplang('inadequate_capacity_space'); } //新用户见习 if (!cknewuser(1)) { return cplang('inadequate_capacity_space'); } $maxattachsize = checkperm('maxattachsize'); //单位MB if ($maxattachsize) { //0为不限制 if ($space['attachsize'] + $FILE['size'] > $maxattachsize + $space['addsize']) { return cplang('inadequate_capacity_space'); } } if ($albumid < 0) { $albumid = 0; } $showtip = true; $albumfriend = 0; if ($albumid) { preg_match("/^new\\:(.+)\$/i", $albumid, $matchs); if (!empty($matchs[1])) { $albumname = shtmlspecialchars(trim($matchs[1])); if (empty($albumname)) { $albumname = sgmdate('Ymd'); } $albumid = album_creat(array('albumname' => $albumname)); } else { $albumid = intval($albumid); if ($albumid) { $query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM " . tname('album') . " WHERE albumid='{$albumid}' AND uid='{$_SGLOBAL['supe_uid']}'"); if ($value = $_SGLOBAL['db']->fetch_array($query)) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } } } } else { $albumid = 0; $showtip = false; } //本地上传 $new_name = $_SC['attachdir'] . './' . $filepath; $tmp_name = $FILE['tmp_name']; if (@copy($tmp_name, $new_name)) { @unlink($tmp_name); } elseif (function_exists('move_uploaded_file') && @move_uploaded_file($tmp_name, $new_name)) { } elseif (@rename($tmp_name, $new_name)) { } else { return cplang('mobile_picture_temporary_failure'); } //入库 $setarr = array('albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'postip' => getonlineip(), 'filename' => addslashes($FILE['name']), 'title' => $title, 'desc' => $desc, 'size' => $FILE['size'], 'filepath' => $filepath); $setarr['id'] = inserttable('video', $setarr, 1); $setsql = ''; if ($showtip) { $reward = getreward('uploadimage', 0); if ($reward['credit']) { $setsql = ",credit=credit+{$reward['credit']}"; } if ($reward['experience']) { $setsql .= ",experience=experience+{$reward['experience']}"; } } $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET attachsize=attachsize+'{$FILE['size']}', updatetime='{$_SGLOBAL['timestamp']}' {$setsql} WHERE uid='{$_SGLOBAL['supe_uid']}'"); updatestat('video'); return $setarr; }
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE groupid IN (" . simplode($groups) . ") LIMIT 0 , 5"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $notearr[] = array('uid' => $value['uid'], 'type' => 'mtag', 'new' => 1, 'authorid' => $_SGLOBAL['supe_uid'], 'author' => $_SGLOBAL['supe_username'], 'note' => addslashes(sstripslashes($message)), 'dateline' => $_SGLOBAL['timestamp']); } } } note_apply($notearr); showmessage('do_success'); } } else { //创建新群组 if (!checkperm('allowmtag')) { showmessage('no_privilege'); } //实名认证 ckrealname('share'); //新用户见习 cknewuser(); if (submitcheck('mtagsubmit')) { $fieldid = intval($_POST['fieldid']); $profield = $_SGLOBAL['profield'][$fieldid]; if (empty($fieldid) || empty($profield)) { showmessage('mtag_fieldid_does_not_exist'); } $_POST['tagname'] = $_POST['tagname'][$fieldid]; if ($profield['formtype'] == 'multi') { $mtags = array(); foreach ($_POST['tagname'] as $value) { $s = stripslashes($value); if (in_array($s, $profield['choice'])) { if ($mtag = mtag_join('tagname', $s, $fieldid)) {
******************************/ if (!defined('iBUAA')) { exit('Access Denied'); } $query = $_SGLOBAL['db']->query('SELECT groupid,pptype from ' . tname('space') . ' WHERE uid=' . $_SGLOBAL['supe_uid']); if ($res = $_SGLOBAL['db']->fetch_array($query)) { $_SGLOBAL['mygroupid'] = $res['groupid']; $_SGLOBAL['pptype'] = $res['pptype']; } $pptype_res = array("1" => "学院", "2" => "部处", "3" => "名人", "4" => "学生组织", "5" => "兴趣社团", "6" => "学生党组织", "7" => "活动主页", "8" => "品牌主页", "20" => "班级主页", "100" => "航路研语", "200" => "名师工作坊"); //ᅧ새ᅬᅱᄂ if ($space['namestatus']) { include_once S_ROOT . './source/function_cp.php'; if (!ckrealname('viewspace', 1)) { $_SGLOBAL['realname_privacy'] = 1; include template('space_privacy'); exit; } } //ᄋᄌ $_SGLOBAL['space_theme'] = $space['theme']; $_SGLOBAL['space_css'] = $space['css']; $_SGLOBAL['index_bg'] = $space['index_bg']; //ᅧᅦᄋ채ᅮ $space['isfriend'] = $space['self']; if ($space['friends'] && in_array($_SGLOBAL['supe_uid'], $space['friends'])) { $space['isfriend'] = 1; //ᅧᅦ채ᅮ }
//检查信息 $blogid = empty($_GET['blogid']) ? 0 : intval($_GET['blogid']); $op = empty($_GET['op']) ? '' : $_GET['op']; $blog = array(); if ($blogid) { $query = $_SGLOBAL['db']->query("SELECT bf.*, b.* FROM " . tname('blog') . " b \n\t\tLEFT JOIN " . tname('blogfield') . " bf ON bf.blogid=b.blogid \n\t\tWHERE b.blogid='{$blogid}'"); $blog = $_SGLOBAL['db']->fetch_array($query); } //权限检查 if (empty($blog)) { if (!checkperm('allowblog')) { ckspacelog(); showmessage('no_authority_to_add_log'); } //实名认证 ckrealname('blog'); //视频认证 ckvideophoto('blog'); //新用户见习 cknewuser(); //判断是否发布太快 $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } //接收外部标题 $blog['subject'] = empty($_GET['subject']) ? '' : getstr($_GET['subject'], 80, 1, 0); $blog['message'] = empty($_GET['message']) ? '' : getstr($_GET['message'], 5000, 1, 0); } else { if ($_SGLOBAL['supe_uid'] != $blog['uid'] && !checkperm('manageblog')) { showmessage('no_authority_operation_of_the_log');
function getblockhtml($blockname, $parameters = array()) { global $_G, $space; $parameters = empty($parameters) ? array() : $parameters; $list = array(); $sql = $title = $html = $wheresql = $ordersql = $titlemore = $do = $contentclassname = ''; $view = $from = false; $contenttagname = 'div'; $shownum = 6; $uid = intval($space['uid']); $shownum = empty($parameters['shownum']) ? $shownum : intval($parameters['shownum']); switch ($blockname) { case 'personalinfo': $do = 'profile'; space_merge($space, 'profile'); require_once libfile('function/friend'); $isfriend = friend_check($space['uid']); require_once libfile('function/spacecp'); loadcache('profilesetting'); include_once libfile('function/profile'); $profiles = array(); $privacy = $space['privacy']['profile'] ? $space['privacy']['profile'] : array(); foreach ($_G['cache']['profilesetting'] as $fieldid => $field) { if (!$field['available'] || in_array($fieldid, array('birthprovince', 'birthdist', 'birthcommunity', 'resideprovince', 'residedist', 'residecommunity'))) { continue; } if ($field['available'] && $field['invisible'] != '1' && strlen($space[$fieldid]) > 0 && ($field['showinthread'] || $field['showincard'] || ($space['self'] || empty($privacy[$fieldid]) || $isfriend && $privacy[$fieldid] == 1))) { $val = profile_show($fieldid, $space); if ($val !== false) { if ($fieldid == 'realname' && $_G['uid'] != $space['uid'] && !ckrealname(1)) { continue; } if ($field['formtype'] == 'file' && $val) { $imgurl = getglobal('setting/attachurl') . './profile/' . $val; $val = '<span><a href="' . $imgurl . '" target="_blank"><img src="' . $imgurl . '" style="max-width: 300px;" /></a></span>'; } if ($val == '') { $val = ''; } $html .= '<li><em>' . $field['title'] . '</em>' . $val . '</li>'; } } } $html = $html ? $html : '<li>' . lang('space', 'block_view_profileinfo_noperm') . '</li>'; $html = '<ul id="pprl" class="mbm pbm bbda cl">' . $html . $more . '</ul>'; $more = lang('space', 'block_profile_all', array('uid' => $uid)); $html = $html . $more; $titlemore = $space['self'] ? lang('space', 'block_profile_edit') : ''; break; case 'profile': $do = $blockname; $managehtml = ''; $avatar = empty($parameters['banavatar']) ? 'middle' : $parameters['banavatar']; $html .= "<div class=\"hm\"><p><a href=\"home.php?mod=space&uid={$uid}\" target=\"_blank\">" . avatar($uid, $avatar) . '</a></p>'; $space['medals'] = DB::result_first("SELECT medals FROM " . DB::table('common_member_field_forum') . " WHERE uid='{$space['uid']}'"); $usermedals = $medal_detial = ''; if ($space['medals']) { loadcache('medals'); foreach ($space['medals'] = explode("\t", $space['medals']) as $key => $medalid) { list($medalid, $medalexpiration) = explode("|", $medalid); if (isset($_G['cache']['medals'][$medalid]) && (!$medalexpiration || $medalexpiration > TIMESTAMP)) { $usermedals .= '<img src="' . STATICURL . 'image/common/' . $_G['cache']['medals'][$medalid]['image'] . '" id="md_' . $medalid . '" alt="' . $_G['cache']['medals'][$medalid]['name'] . '\'" onmouseover="showTip(this)" tip="<h4>' . $_G['cache']['medals'][$medalid]['name'] . '</h4><p>' . $_G['cache']['medals'][$medalid]['description'] . '</p>" /> '; } } if ($usermedals) { $usermedals = '<p class="md_ctrl"><a href="home.php?mod=medal">' . $usermedals . '</a></p>'; } } $html .= "<h2 class=\"mbn\"><a href=\"home.php?mod=space&uid={$uid}\" target=\"_blank\">" . $space['username'] . "</a></h2>{$usermedals}"; $html .= '</div><ul class="xl xl2 cl ul_list">'; $magicinfo = $showmagicgift = false; if ($_G['setting']['magicstatus'] && $_G['setting']['magics']['gift']) { $showmagicgift = true; $magicinfo = !empty($space['magicgift']) ? unserialize($space['magicgift']) : array(); } if ($space['self']) { $html .= '<li class="ul_diy"><a href="home.php?mod=space&diy=yes">' . lang('space', 'block_profile_diy') . '</a></li>'; $html .= '<li class="ul_msg"><a href="home.php?mod=space&uid=' . $uid . '&do=wall">' . lang('space', 'block_profile_wall') . '</a></li>'; $html .= '<li class="ul_avt"><a href="home.php?mod=spacecp&ac=avatar">' . lang('space', 'block_profile_avatar') . '</a></li>'; $html .= '<li class="ul_profile"><a href="home.php?mod=spacecp&ac=profile">' . lang('space', 'block_profile_update') . '</a></li>'; if ($showmagicgift) { $html .= '<li class="ul_magicgift"><div style="' . 'background: url(' . STATICURL . 'image/magic/gift.small.gif) no-repeat 0 50%;' . '">'; if ($magicinfo) { $html .= '<a onclick="showWindow(\'magicgift\', this.href, \'get\', 0)" href="home.php?mod=spacecp&ac=magic&op=retiregift">' . lang('magic/gift', 'gift_gc') . '</a>'; } else { $html .= '<a onclick="showWindow(\'magicgift\', this.href, \'get\', 0)" href="home.php?mod=magic&mid=gift">' . lang('magic/gift', 'gift_use') . '</a>'; } $html .= '</div></li>'; } } else { require_once libfile('function/friend'); $isfriend = friend_check($uid); if (!$isfriend) { $html .= "<li class='ul_add'><a href=\"home.php?mod=spacecp&ac=friend&op=add&uid={$space['uid']}&handlekey=addfriendhk_{$space[uid]}\" id=\"a_friend_li_{$space[uid]}\" onclick=\"showWindow(this.id, this.href, 'get', 0);\">" . lang('space', 'block_profile_friend_add') . "</a></li>"; } else { $html .= "<li class='ul_ignore'><a href=\"home.php?mod=spacecp&ac=friend&op=ignore&uid={$space['uid']}&handlekey=ignorefriendhk_{$space[uid]}\" id=\"a_ignore_{$space[uid]}\" onclick=\"showWindow(this.id, this.href, 'get', 0);\">" . lang('space', 'block_profile_friend_ignore') . "</a></li>"; } $html .= "<li class='ul_msg'><a href=\"home.php?mod=space&uid={$space['uid']}&do=wall\">" . lang('space', 'block_profile_wall_to_me') . "</a></li>"; $html .= "<li class='ul_poke'><a href=\"home.php?mod=spacecp&ac=poke&op=send&uid={$space['uid']}&handlekey=propokehk_{$space[uid]}\" id=\"a_poke_{$space[uid]}\" onclick=\"showWindow(this.id, this.href, 'get', 0);\">" . lang('space', 'block_profile_poke') . "</a></li>"; $html .= "<li class='ul_pm'><a href=\"home.php?mod=spacecp&ac=pm&op=showmsg&handlekey=showmsg_{$space['uid']}&touid={$space['uid']}&pmid=0&daterange=2\" id=\"a_sendpm_{$space['uid']}\" onclick=\"showWindow('showMsgBox', this.href, 'get', 0)\">" . lang('space', 'block_profile_sendmessage') . "</a></li>"; } $html .= '</ul>'; $encodeusername = rawurlencode($space['username']); if (checkperm('allowbanuser')) { $managehtml .= '<li><a href="' . ($_G['adminid'] == 1 ? "admin.php?action=members&operation=ban&username={$encodeusername}&frames=yes" : "forum.php?mod=modcp&action=member&op=ban&uid={$space['uid']}") . '" id="usermanageli" onmouseover="showMenu(this.id)" class="showmenu" target="_blank">' . lang('home/template', 'member_manage') . '</a></li>'; } elseif (checkperm('allowedituser')) { $managehtml .= '<li><a href="' . ($_G['adminid'] == 1 ? "admin.php?action=members&operation=search&username={$encodeusername}&submit=yes&frames=yes" : "forum.php?mod=modcp&action=member&op=edit&uid={$space['uid']}") . '" id="usermanageli" onmouseover="showMenu(this.id)" class="showmenu" target="_blank">' . lang('home/template', 'member_manage') . '</a></li>'; } if ($_G['adminid'] == 1) { $managehtml .= "<li><a href=\"forum.php?mod=modcp&action=thread&op=post&do=search&searchsubmit=1&users={$encodeusername}\" id=\"umanageli\" onmouseover=\"showMenu(this.id)\" class=\"showmenu\">" . lang('home/template', 'content_manage') . "</a></li>"; } if (!empty($managehtml)) { /*vot*/ $html .= '<hr class="da mtn m0" /><ul class="ptn xl xl2 cl">' . $managehtml . '</ul><ul id="usermanageli_menu" class="p_pop" style="display:none;">'; if (checkperm('allowbanuser')) { $html .= '<li><a href="' . ($_G['adminid'] == 1 ? "admin.php?action=members&operation=ban&username={$encodeusername}&frames=yes" : "forum.php?mod=modcp&action=member&op=ban&uid={$space['uid']}") . '" target="_blank">' . lang('home/template', 'user_ban') . '</a></li>'; } if (checkperm('allowedituser')) { $html .= '<li><a href="' . ($_G['adminid'] == 1 ? "admin.php?action=members&operation=search&username={$encodeusername}&submit=yes&frames=yes" : "forum.php?mod=modcp&action=member&op=edit&uid={$space['uid']}") . '" target="_blank">' . lang('home/template', 'user_edit') . '</a></li>'; } $html .= '</ul>'; if ($_G['adminid'] == 1) { /*vot*/ $html .= '<ul id="umanageli_menu" class="p_pop" style="display:none;">'; $html .= '<li><a href="forum.php?mod=modcp&action=thread&op=post&searchsubmit=1&do=search&users=' . $encodeusername . '" target="_blank">' . lang('space', 'manage_post') . '</a></li>'; $html .= '<li><a href="admin.php?action=doing&searchsubmit=1&search=true&fromumanage=1&users=' . $encodeusername . '" target="_blank">' . lang('space', 'manage_doing') . '</a></li>'; $html .= '<li><a href="admin.php?action=blog&searchsubmit=1&search=true&fromumanage=1&uid=' . $uid . '" target="_blank">' . lang('space', 'manage_blog') . '</a></li>'; $html .= '<li><a href="admin.php?action=feed&searchsubmit=1&fromumanage=1&uid=' . $uid . '" target="_blank">' . lang('space', 'manage_feed') . '</a></li>'; $html .= '<li><a href="admin.php?action=album&searchsubmit=1&search=true&fromumanage=1&uid=' . $uid . '" target="_blank">' . lang('space', 'manage_album') . '</a></li>'; $html .= '<li><a href="admin.php?action=pic&searchsubmit=1&detail=1&search=true&fromumanage=1&users=' . $encodeusername . '" target="_blank">' . lang('space', 'manage_pic') . '</a></li>'; $html .= '<li><a href="admin.php?action=comment&searchsubmit=1&fromumanage=1&authorid=' . $uid . '" target="_blank">' . lang('space', 'manage_comment') . '</a></li>'; $html .= '<li><a href="admin.php?action=share&searchsubmit=1&search=true&fromumanage=1&uid=' . $uid . '" target="_blank">' . lang('space', 'manage_share') . '</a></li>'; $html .= '<li><a href="admin.php?action=threads&operation=group&searchsubmit=1&detail=1&search=true&fromumanage=1&users=' . $encodeusername . '" target="_blank">' . lang('space', 'manage_group_threads') . '</a></li>'; $html .= '<li><a href="admin.php?action=prune&searchsubmit=1&detail=1&operation=group&fromumanage=1&users=' . $encodeusername . '" target="_blank">' . lang('space', 'manage_group_prune') . '</a></li>'; $html .= '</ul>'; } } if ($_G['setting']['magicstatus'] && $_G['setting']['magics']['gift']) { $info = !empty($space['magicgift']) ? unserialize($space['magicgift']) : array(); if ($space['self']) { } elseif ($info) { if ($info['left'] && !in_array($_G['uid'], (array) $info['receiver'])) { $percredit = min($info['percredit'], $info['left']); if ($info['credittype'] == 'credits') { $credittype = lang('core', 'title_credit'); } else { $extcredits = str_replace('extcredits', '', $info['credittype']); $credittype = $_G['setting']['extcredits'][$extcredits]['title']; } $html .= '<div id="magicreceivegift">'; $html .= '<a onclick="showWindow(\'magicgift\', this.href, \'get\', 0)" href="home.php?mod=spacecp&ac=magic&op=receivegift&uid=' . $uid . '" title="' . lang('magic/gift', 'gift_receive_gift', array('percredit' => $percredit, 'credittype' => $credittype)) . '">'; $html .= '<img src="' . STATICURL . 'image/magic/gift.gif" alt="gift" />'; $html .= '</a>'; $html .= '</div>'; } } } $html = '<div>' . $html . '</div>'; break; case 'statistic': space_merge($space, 'count'); $html .= '<p class="mbm xw1">'; if (empty($parameters['banviews'])) { $html .= lang('space', 'space_views', array('views' => $space['views'] ? $space['views'] : '--')); } $html .= '</p><ul class="xl xl2 cl">'; if (empty($parameters['bancredits'])) { $html .= "<li>" . lang('space', 'credits') . ': <a href="home.php?mod=spacecp&ac=credit">' . ($space['credits'] ? $space['credits'] : '--') . "</a></li>"; foreach ($_G['setting']['extcredits'] as $extcreditid => $extcredit) { $html .= "<li>" . ($extcredit['img'] ? $extcredit['img'] . ' ' : '') . $extcredit['title'] . ': <a href="home.php?mod=spacecp&ac=credit">' . ($space['extcredits' . $extcreditid] ? $space['extcredits' . $extcreditid] : '--') . '</a>'; } } if (empty($parameters['banfriends'])) { $html .= "<li>" . lang('space', 'friends') . ': <a href="home.php?mod=space&uid=' . $uid . '&do=friend&view=me&from=space">' . ($space['friends'] ? $space['friends'] : '--') . "</a></li>"; } if (empty($parameters['banthreads']) && $_G['setting']['allowviewuserthread'] !== false || $_G['adminid'] == 1) { $html .= "<li>" . lang('space', 'threads') . ': <a href="home.php?mod=space&uid=' . $uid . '&do=thread&view=me&from=space">' . ($space['threads'] ? $space['threads'] : '--') . "</a></li>"; } if (empty($parameters['banblogs'])) { $html .= "<li>" . lang('space', 'blogs') . ': <a href="home.php?mod=space&uid=' . $uid . '&do=blog&view=me&from=space">' . ($space['blogs'] ? $space['blogs'] : '--') . "</a></li>"; } if (empty($parameters['banalbums'])) { $html .= "<li>" . lang('space', 'albums') . ': <a href="home.php?mod=space&uid=' . $uid . '&do=album&view=me&from=space">' . ($space['albums'] ? $space['albums'] : '--') . "</a></li>"; } if (empty($parameters['bansharings'])) { $html .= "<li>" . lang('space', 'sharings') . ': <a href="home.php?mod=space&uid=' . $uid . '&do=share&view=me&from=space">' . ($space['sharings'] ? $space['sharings'] : '--') . "</a></li>"; } $html .= '</ul>'; $html = '<div>' . $html . '</div>'; break; case 'doing': $do = $blockname; $view = 'me'; $from = 'space'; if (ckprivacy('doing', 'view')) { $dolist = array(); $sql = "SELECT * FROM " . DB::table('home_doing') . " WHERE uid='{$uid}' ORDER BY dateline DESC LIMIT 0,{$shownum}"; $query = DB::query($sql); while ($value = DB::fetch($query)) { if ($value['status'] == 0 || $value['uid'] == $_G['uid']) { $dolist[] = $value; } } if ($dolist) { foreach ($dolist as $dv) { $doid = $dv['doid']; $_G[gp_key] = $key = random(8); $html .= "<li class=\"pbn bbda\">"; $html .= $dv['message']; $html .= " <a href=\"home.php?mod=space&uid={$dv['uid']}&do=doing&view=me&from=space&doid={$dv['doid']}\" target=\"_blank\" class=\"xg1\">" . lang('space', 'block_doing_reply') . "</a>"; $html .= "</li>"; } } else { $html .= "<p class=\"emp\">" . lang('space', 'block_doing_no_content') . ($space['self'] ? lang('space', 'block_doing_no_content_publish', $space) : '') . "</p>"; } } else { $html .= "<p class=\"emp\">" . lang('space', 'block_view_noperm') . "</p>"; } $html = '<ul class="xl">' . $html . '</ul>'; break; case 'stickblog': space_merge($space, 'profile'); $stickblogs = explode(',', $space['stickblogs']); if (!empty($stickblogs)) { $bids = array_slice($stickblogs, 0, $shownum); $bids = dimplode($bids); if (!empty($bids)) { if (!isset($parameters['showmessage'])) { $parameters['showmessage'] = 150; } $sql = $parameters['showmessage'] > 0 ? "SELECT bf.*, b.* FROM " . DB::table('home_blog') . " b\r\n\t\t\t\t\t\tLEFT JOIN " . DB::table('home_blogfield') . " bf ON bf.blogid=b.blogid\r\n\t\t\t\t\t\tWHERE b.blogid IN ({$bids})" : "SELECT * FROM " . DB::table('home_blog') . "WHERE blogid IN ({$bids})"; $query = DB::query($sql); while ($value = DB::fetch($query)) { if (ckfriend($value['uid'], $value['friend'], $value['target_ids'])) { if ($value['pic']) { $value['pic'] = pic_cover_get($value['pic'], $value['picflag']); } $value['message'] = $value['friend'] == 4 ? '' : getstr($value['message'], $parameters['showmessage'], 0, 0, 0, -1); $html .= lang('space', 'blog_li', array('uid' => $value['uid'], 'blogid' => $value['blogid'], 'subject' => $value['subject'], 'date' => dgmdate($value['dateline'], 'Y-m-d'))); if (!empty($parameters['showmessage'])) { if ($value['pic']) { $html .= lang('space', 'blog_li_img', array('uid' => $value['uid'], 'blogid' => $value['blogid'], 'src' => $value['pic'])); } $html .= "<dd>{$value['message']}</dd>"; } $html .= lang('space', 'blog_li_ext', array('uid' => $value['uid'], 'blogid' => $value['blogid'], 'viewnum' => $value['viewnum'], 'replynum' => $value['replynum'])); $html .= "</dl>"; } else { $html .= '<p>' . lang('space', 'block_view_noperm') . '</p>'; } } } } $more = $html ? '<p class="ptm" style="text-align: right;"><a href="home.php?mod=space&uid=' . $uid . '&do=blog&view=me&from=space">' . lang('space', 'viewmore') . '</a></p>' : ''; $contentclassname = ' xld'; $html = $html . $more; break; case 'blog': $do = $blockname; $view = 'me'; $from = 'space'; if (!isset($parameters['showmessage'])) { $parameters['showmessage'] = 150; } $query = DB::query("SELECT bf.*, b.* FROM " . DB::table('home_blog') . " b\r\n\t\t\t\tLEFT JOIN " . DB::table('home_blogfield') . " bf ON bf.blogid=b.blogid\r\n\t\t\t\tWHERE b.uid='{$uid}'\r\n\t\t\t\tORDER BY b.dateline DESC LIMIT 0,{$shownum}"); while ($value = DB::fetch($query)) { if (ckfriend($value['uid'], $value['friend'], $value['target_ids'])) { if ($value['pic']) { $value['pic'] = pic_cover_get($value['pic'], $value['picflag']); } $value['message'] = $value['friend'] == 4 ? '' : getstr($value['message'], $parameters['showmessage'], 0, 0, 0, -1); $html .= lang('space', 'blog_li', array('uid' => $value['uid'], 'blogid' => $value['blogid'], 'subject' => $value['subject'], 'date' => dgmdate($value['dateline'], 'Y-m-d'))); if (!empty($parameters['showmessage'])) { if ($value['pic']) { $html .= lang('space', 'blog_li_img', array('uid' => $value['uid'], 'blogid' => $value['blogid'], 'src' => $value['pic'])); } $html .= "<dd>{$value['message']}</dd>"; } $html .= lang('space', 'blog_li_ext', array('uid' => $value['uid'], 'blogid' => $value['blogid'], 'viewnum' => $value['viewnum'], 'replynum' => $value['replynum'])); $html .= "</dl>"; } else { $html .= '<p>' . lang('space', 'block_view_noperm') . '</p>'; } } if ($html) { $more = '<p class="ptm" style="text-align: right;"><a href="home.php?mod=space&uid=' . $uid . '&do=blog&view=me&from=space">' . lang('space', 'viewmore') . '</a></p>'; } else { $html = '<p class="emp">' . lang('space', 'block_blog_no_content') . ($space['self'] ? lang('space', 'block_blog_no_content_publish', $space) : '') . '</p>'; $more = ''; } $contentclassname = ' xld'; $html = $html . $more; break; case 'album': $do = $blockname; $view = 'me'; $from = 'space'; if (ckprivacy('album', 'view')) { $query = DB::query("SELECT * FROM " . DB::table('home_album') . " WHERE uid='{$uid}' ORDER BY updatetime DESC LIMIT 0,{$shownum}"); while ($value = DB::fetch($query)) { if (ckfriend($value['uid'], $value['friend'], $value['target_ids'])) { $value['pic'] = pic_cover_get($value['pic'], $value['picflag']); $html .= lang('space', 'album_li', array('albumid' => $value['albumid'], 'src' => $value['pic'], 'albumname' => $value['albumname'], 'uid' => $value['uid'], 'picnum' => $value['picnum'], 'date' => dgmdate($value['updatetime'], 'n-j'))); } } if (!$html) { $html = '<p class="emp">' . lang('space', 'block_album_no_content') . ($space['self'] ? lang('space', 'block_album_no_content_publish', $space) : '') . '</p>'; } } else { $html .= '<li>' . lang('space', 'block_view_noperm') . '</li>'; } $html = '<ul class="ml cl">' . $html . '</ul>'; break; case 'feed': $do = 'home'; $view = 'me'; $from = 'space'; if (!IS_ROBOT && ckprivacy('feed', 'view')) { require_once libfile('function/feed'); $query = DB::query("SELECT * FROM " . DB::table('home_feed') . " WHERE uid='{$uid}' ORDER BY dateline DESC LIMIT 0,{$shownum}"); while ($value = DB::fetch($query)) { if (ckfriend($value['uid'], $value['friend'], $value['target_ids'])) { $html .= mkfeedhtml(mkfeed($value)); } } } $contenttagname = 'ul'; $contentclassname = ' el'; $html = !$html ? '<p class="emp">' . lang('space', 'block_feed_no_content') . '</p>' : $html; break; case 'thread': $do = $blockname; $view = 'me'; $from = 'space'; if ($_G['setting']['allowviewuserthread'] !== false) { $fidsql = empty($_G['setting']['allowviewuserthread']) ? '' : " AND fid IN({$_G[setting][allowviewuserthread]}) "; $query = DB::query("SELECT * FROM " . DB::table('forum_thread') . " WHERE authorid='{$uid}' {$fidsql} AND displayorder>='0' ORDER BY tid DESC LIMIT 0,{$shownum}"); while ($thread = DB::fetch($query)) { if ($thread['author']) { $html .= "<li><a href=\"forum.php?mod=viewthread&tid={$thread['tid']}\" target=\"_blank\">{$thread['subject']}</a></li>"; } } } $html = !$html ? '<p class="emp">' . lang('space', 'block_thread_no_content') . ($space['self'] ? lang('space', 'block_thread_no_content_publish', $space) : '') . '</p>' : '<ul class="xl">' . $html . '</ul>'; break; case 'friend': $do = $blockname; $view = 'me'; $from = 'space'; require_once libfile('function/friend'); $friendlist = array(); $friendlist = friend_list($uid, $shownum); $fuids = array_keys($friendlist); getonlinemember($fuids); foreach ($friendlist as $key => $value) { $classname = $_G['ols'][$value['fuid']] ? 'gol' : ''; $html .= '<li><a href="home.php?mod=space&uid=' . $value['fuid'] . '" target="_blank" class="avt"><em class="' . $classname . '"></em>' . avatar($value['fuid'], 'small') . '</a><p><a href="home.php?mod=space&uid=' . $value[fuid] . '" target="_blank">' . $value['fusername'] . '</a></p></li>'; } $html = !$html ? '<p class="emp">' . lang('space', 'block_friend_no_content') . ($space['self'] ? lang('space', 'block_friend_no_content_publish', $space) : '') . '</p>' : '<ul class="ml mls cl">' . $html . '</ul>'; break; case 'visitor': if ($space['self']) { $do = 'friend'; $view = 'visitor'; } $query = DB::query("SELECT * FROM " . DB::table('home_visitor') . " WHERE uid='{$uid}' ORDER BY dateline DESC LIMIT 0,{$shownum}"); $list = $fuids = array(); while ($value = DB::fetch($query)) { $list[] = $value; $fuids[] = $value['vuid']; } getonlinemember($fuids); foreach ($list as $value) { $html .= "<li>"; if ($value['vusername'] == '') { $html .= lang('space', 'visitor_anonymity'); } else { $html .= lang('space', 'visitor_list', array('uid' => $value['vuid'], 'username' => $value['vusername'], 'class' => $_G['ols'][$value['vuid']] ? 'gol' : '', 'avatar' => avatar($value['vuid'], 'small'))); } $html .= "<span class=\"xg2\">" . dgmdate($value['dateline'], 'u', '9999', 'Y-m-d') . "</span>"; $html .= "</li>"; } $html = !$html ? '<p class="emp">' . lang('space', 'block_visitor_no_content') . ($space['self'] ? lang('space', 'block_visitor_no_content_publish', $space) : '') . '</p>' : '<ul class="ml mls cl">' . $html . '</ul>'; break; case 'share': $do = $blockname; $view = 'me'; $from = 'space'; if (!IS_ROBOT && ckprivacy('share', 'view')) { require_once libfile('function/share'); $query = DB::query("SELECT * FROM " . DB::table('home_share') . " WHERE uid='{$uid}' ORDER BY dateline DESC LIMIT 0,{$shownum}"); while ($value = DB::fetch($query)) { $value = mkshare($value); $html .= '<li><em><a href="home.php?mod=space&uid=' . $value['uid'] . '&do=share&id=' . $value['sid'] . '">' . $value['title_template'] . '</a>(' . dgmdate($value['dateline'], 'u') . ')</em><div class="ec cl">'; if ($value['image']) { $html .= '<a href="' . $value['image_link'] . '" target="_blank"><img src="' . $value['image'] . '" class="tn" alt="" /></a>'; } $html .= '<div class="d">' . $value['body_template'] . '</div>'; if ($value['type'] == 'video') { if (!empty($value['body_data']['imgurl'])) { $html .= '<table class="mtm" title="' . lang('space', 'click_play') . '" onclick="javascript:showFlash(\'' . $value['body_data']['host'] . '\', \'' . $value['body_data']['flashvar'] . '\', this, \'' . $value['sid'] . '\');"><tr><td class="vdtn hm" style="background: url(' . $value['body_data']['imgurl'] . ') no-repeat"><img src="' . STATICURL . '/image/common/vds.png" alt="' . lang('space', 'click_play') . '" /></td></tr></table>'; } else { $html .= "<img src=\"" . STATICURL . "/image/common/vd.gif\" alt=\"" . lang('space', 'click_play') . "\" onclick=\"javascript:showFlash('{$value['body_data']['host']}', '{$value['body_data']['flashvar']}', this, '{$value['sid']}');\" class=\"tn\" />"; } } elseif ($value['type'] == 'music') { $html .= "<img src=\"" . STATICURL . "/image/common/music.gif\" alt=\"" . lang('space', 'click_play') . "\" onclick=\"javascript:showFlash('music', '{$value['body_data']['musicvar']}', this, '{$value['sid']}');\" class=\"tn\" />"; } elseif ($value['type'] == 'flash') { $html .= "<img src=\"" . STATICURL . "/image/common/flash.gif\" alt=\"" . lang('space', 'click_view') . "\" onclick=\"javascript:showFlash('flash', '{$value['body_data']['flashaddr']}', this, '{$value['sid']}');\" class=\"tn\" />"; } if ($value['body_general']) { $html .= '<div class="quote' . ($value['image'] ? 'z' : '') . "\"><blockquote>{$value['body_general']}</blockquote></div>"; } $html .= '</div></li>'; } $html = !$html ? '<p class="emp">' . lang('space', 'block_share_no_content') . '</p>' : '<ul class="el">' . $html . '</ul>'; } break; case 'wall': $do = $blockname; $walllist = array(); if (ckprivacy('wall', 'view')) { $query = DB::query("SELECT * FROM " . DB::table('home_comment') . " WHERE id='{$uid}' AND idtype='uid' ORDER BY dateline DESC LIMIT 0,{$shownum}"); while ($value = DB::fetch($query)) { $value['message'] = strlen($value['message']) > 500 ? getstr($value['message'], 500, 0, 0, 0, -1) . ' ...' : $value['message']; if ($value['status'] == 0 || $value['authorid'] == $_G['uid']) { $walllist[] = $value; } } } foreach ($walllist as $key => $value) { $op = ''; if ($value['author']) { $author_avatar = '<a href="home.php?mod=space&uid=' . $value['authorid'] . '" target="_blank">' . avatar($value['authorid'], 'small') . '</a>'; $author = '<a href="home.php?mod=space&uid=' . $value['authorid'] . '" id="author_' . $value['cid'] . '" target="_blank">' . $value['author'] . '</a>'; } else { $author_avatar = '<img src="static/image/magic/hidden.gif" alt="hidden" />'; $author = $_G['setting']['anonymoustext']; } if ($value['authorid'] == $_G['uid']) { $op .= lang('space', 'wall_edit', array('cid' => $value['cid'])); } if ($value['authorid'] == $_G['uid'] || $space['self'] || checkperm('managecomment')) { $op .= lang('space', 'wall_del', array('cid' => $value['cid'])); } if ($value['authorid'] != $_G['uid'] && ($value['idtype'] != 'uid' || $space['self'])) { $op .= lang('space', 'wall_reply', array('cid' => $value['cid'])); } $moderate_need = $value['status'] == 1 ? lang('template', 'moderate_need') : ''; $date = dgmdate($value['dateline'], 'u'); $replacearr = array('author' => $author, 'author_avatar' => $author_avatar, 'moderated' => $moderate_need, 'cid' => $value['cid'], 'message' => $value['message'], 'date' => $date, 'op' => $op); $html .= lang('space', 'wall_li', $replacearr); } $html = !empty($walllist) ? $html . lang('space', 'wall_more', array('uid' => $uid)) : '<p class="emp">' . lang('space', 'block_wall_no_content') . '</p>'; $html = '<div class="xld xlda el" id="comment_ul">' . $html . '</div>'; $html = lang('space', 'wall_form', array('uid' => $uid, 'FORMHASH' => FORMHASH)) . '<hr class="da mtm m0">' . $html; $titlemore = '<span class="y xw0"><a href="home.php?mod=space&uid=' . $uid . '&do=wall">' . lang('space', 'all') . '</a></span>'; break; case 'group': require_once libfile('function/group'); $grouplist = mygrouplist($uid, 'lastupdate', array('f.name', 'ff.icon'), $shownum); if (empty($grouplist)) { $grouplist = array(); } foreach ($grouplist as $groupid => $group) { $group['groupid'] = $groupid; $html .= lang('space', 'group_li', $group); } $html = !$html ? '<p class="emp">' . lang('space', 'block_group_no_content') . ($space['self'] ? lang('space', $_G['group']['allowbuildgroup'] ? 'block_group_no_content_publish' : 'block_group_no_content_join', $space) : '') . '</p>' : '<ul class="ml mls cl">' . $html . '</ul>'; break; case 'music': if (!empty($parameters['mp3list'])) { $authcode = substr(md5($_G['authkey'] . $uid), 6, 16); $view = $_G['adminid'] == 1 && $_G['setting']['allowquickviewprofile'] ? '&view=admin' : ''; $querystring = urlencode("home.php?mod=space&uid={$uid}&do=index&op=getmusiclist&hash={$authcode}{$view}&t=" . TIMESTAMP); $swfurl = STATICURL . 'image/common/mp3player.swf?config=' . $querystring; if (empty($parameters['config']['height']) && $parameters['config']['height'] !== 0) { $parameters['config']['height'] = '200px'; } else { $parameters['config']['height'] .= 'px'; } $html = "<script language=\"javascript\" type=\"text/javascript\">document.write(AC_FL_RunContent('id', 'mp3player', 'name', 'mp3player', 'devicefont', 'false', 'width', '100%', 'height', '" . $parameters['config']['height'] . "', 'src', '{$swfurl}', 'menu', 'false', 'allowScriptAccess', 'sameDomain', 'swLiveConnect', 'true', 'wmode', 'transparent'));</script>"; } else { $html = lang('space', 'music_no_content'); } $html = '<div class="ml mls cl">' . $html . '</div>'; break; case 'myapp': $html = ''; $listclass = 'ptm ml mls cl'; $query = DB::query("SELECT ua.appid, ua.appname, my.iconstatus, my.userpanelarea FROM " . DB::table('home_userapp') . " ua LEFT JOIN " . DB::table('common_myapp') . " my USING(appid) WHERE ua.uid='{$uid}' ORDER BY ua.menuorder DESC LIMIT 0,{$shownum}"); while ($value = DB::fetch($query)) { if (!empty($value['appname'])) { $replace = array('appid' => $value['appid'], 'appname' => $value['appname']); $parameters['logotype'] = !empty($parameters['logotype']) && in_array($parameters['logotype'], array('icon', 'logo')) ? $parameters['logotype'] : 'logo'; if ($parameters['logotype'] == 'icon') { $listclass = 'xl xl1 cl'; $replace['icon'] = getmyappiconpath($value['appid'], $value['iconstatus']); } $html .= lang('space', 'myapp_li_' . $parameters['logotype'], $replace); } } $html = !$html ? '<p class="emp">' . lang('space', 'block_myapp_no_content') . ($space['self'] ? lang('space', 'block_myapp_no_content_publish', $space) : '') . '</p>' : '<ul class="' . $listclass . '">' . $html . '</ul>'; break; case 'block1': case 'block2': case 'block3': case 'block4': case 'block5': if ($space['self']) { $_G['space_group'] = $_G['group']; } elseif (empty($_G['space_group'])) { $_G['space_group'] = DB::fetch_first("SELECT * FROM " . DB::table('common_usergroup_field') . " WHERE groupid='{$space['groupid']}'"); } require_once libfile('function/discuzcode'); if ($_G['space_group']['allowspacediyimgcode']) { if (empty($_G['cache']['smilies']['loaded'])) { loadcache(array('smilies', 'smileytypes')); foreach ($_G['cache']['smilies']['replacearray'] as $skey => $smiley) { $_G['cache']['smilies']['replacearray'][$skey] = '[img]' . $_G['siteurl'] . 'static/image/smiley/' . $_G['cache']['smileytypes'][$_G['cache']['smilies']['typearray'][$skey]]['directory'] . '/' . $smiley . '[/img]'; } $_G['cache']['smilies']['loaded'] = 1; } $parameters['content'] = preg_replace($_G['cache']['smilies']['searcharray'], $_G['cache']['smilies']['replacearray'], trim($parameters['content'])); } if ($_G['space_group']['allowspacediybbcode'] || $_G['space_group']['allowspacediyimgcode'] || $_G['space_group']['allowspacediyhtml']) { $parameters['content'] = discuzcode($parameters['content'], 1, 0, 1, 0, $_G['space_group']['allowspacediybbcode'], $_G['space_group']['allowspacediyimgcode'], $_G['space_group']['allowspacediyhtml']); } else { $parameters['content'] = dhtmlspecialchars($parameters['content']); } $parameters['content'] = nl2br($parameters['content']); if (empty($parameters['content'])) { $parameters['content'] = lang('space', $blockname); } $html .= $parameters['content']; break; default: return false; } if (isset($parameters['title'])) { if (empty($parameters['title'])) { $title = ''; } else { $view = $view === false ? '' : '&view=' . $view; $from = $from === false ? '' : '&from=' . $from; $bnamelink = $do ? '<a href="home.php?mod=space&uid=' . $uid . '&do=' . $do . $view . $from . '">' . stripslashes($parameters['title']) . '</a>' : stripslashes($parameters['title']); $title = lang('space', 'block_title', array('bname' => $bnamelink, 'more' => $titlemore)); } } else { $view = $view === false ? '' : '&view=' . $view; $from = $from === false ? '' : '&from=' . $from; $bnamelink = $do ? '<a href="home.php?mod=space&uid=' . $uid . '&do=' . $do . $view . $from . '">' . getblockdata($blockname) . '</a>' : getblockdata($blockname); $title = lang('space', 'block_title', array('bname' => $bnamelink, 'more' => $titlemore)); } $html = $title . '<' . $contenttagname . ' id="' . $blockname . '_content" class="dxb_bc' . $contentclassname . '">' . $html . '</' . $contenttagname . '>'; return $html; }
$space['key'] = space_key($space); $actives = array($op => ' class="active"'); if ($op == 'add') { if (!checkperm('allowfriend')) { ckspacelog(); showmessage('no_privilege'); } //检测用户 if ($uid == $_SGLOBAL['supe_uid']) { showmessage('friend_self_error'); } if ($space['friends'] && in_array($uid, $space['friends'])) { showmessage('you_have_friends'); } //实名认证 ckrealname('friend'); $tospace = getspace($uid); if (empty($tospace)) { showmessage('space_does_not_exist'); } //黑名单 if (isblacklist($tospace['uid'])) { showmessage('is_blacklist'); } //用户组 $groups = getfriendgroup(); //检测现在状态 $status = getfriendstatus($_SGLOBAL['supe_uid'], $uid); if ($status == 1) { showmessage('you_have_friends'); } else {
$seccodecheck = $_G['group']['seccode'] ? $_G['setting']['seccodestatus'] & 4 : 0; $secqaacheck = $_G['group']['seccode'] ? $_G['setting']['secqaa']['status'] & 2 : 0; if (submitcheck('commentsubmit', 0, $seccodecheck, $secqaacheck)) { if (!checkperm('allowcommentarticle')) { showmessage('group_nopermission', NULL, array('grouptitle' => $_G['group']['grouptitle']), array('login' => 1)); } $aid = intval($_POST['aid']); $article = DB::fetch_first("SELECT * FROM " . DB::table('portal_article_title') . " WHERE aid='{$aid}'"); if (empty($article)) { showmessage("comment_comment_noexist"); } if ($article['allowcomment'] != 1) { showmessage("comment_comment_notallowed"); } require_once libfile('function/spacecp'); ckrealname('comment'); cknewuser(); $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', array('waittime' => $waittime), array('return' => true)); } $message = getstr($_POST['message'], $_G['group']['allowcommentarticle'], 1, 1, 1, 0); if (strlen($message) < 2) { showmessage('content_is_too_short'); } $message = censor($message); if (censormod($message)) { $comment_status = 1; } else { $comment_status = 0; }
private function _getPersonalDataInfo($puid, $space) { global $_G; $res['body']['PersonalData'] = array(); require_once libfile('function/spacecp'); space_merge($space, 'count'); space_merge($space, 'field_home'); space_merge($space, 'field_forum'); space_merge($space, 'profile'); space_merge($space, 'status'); $space['buyerrank'] = 0; if ($space['buyercredit']) { foreach ($_G['setting']['ec_credit']['rank'] as $level => $credit) { if ($space['buyercredit'] <= $credit) { $space['buyerrank'] = $level; break; } } } $space['sellerrank'] = 0; if ($space['sellercredit']) { foreach ($_G['setting']['ec_credit']['rank'] as $level => $credit) { if ($space['sellercredit'] <= $credit) { $space['sellerrank'] = $level; break; } } } require_once libfile('function/friend'); $isfriend = friend_check($space['uid'], 1); loadcache('profilesetting'); include_once libfile('function/profile'); $profiles = array(); $privacy = $space['privacy']['profile'] ? $space['privacy']['profile'] : array(); if ($_G['setting']['verify']['enabled']) { space_merge($space, 'verify'); } if ($_G['uid'] == $space['uid'] || $_G['group']['allowviewip']) { foreach ($_G['cache']['profilesetting'] as $fieldid => $field) { if (!$field['available'] || $field['invisible'] || in_array($fieldid, array('birthmonth', 'birthyear'))) { continue; } $val = profile_show($fieldid, $space); $profiles[] = array('type' => $fieldid, 'title' => $field['title'], 'data' => WebUtils::emptyHtml($val)); } } else { foreach ($_G['cache']['profilesetting'] as $fieldid => $field) { if (!$field['available'] || in_array($fieldid, array('birthprovince', 'birthdist', 'birthcommunity', 'resideprovince', 'residedist', 'residecommunity'))) { continue; } if ($field['available'] && (strlen($space[$fieldid]) > 0 || ($fieldid == 'birthcity' && strlen($space['birthprovince']) || $fieldid == 'residecity' && strlen($space['resideprovince']))) && ($space['self'] || empty($privacy[$fieldid]) || $isfriend && $privacy[$fieldid] == 1) && (!$_G['inajax'] && !$field['invisible'] || $_G['inajax'] && $field['showincard'])) { $val = profile_show($fieldid, $space); if ($val !== false) { if ($fieldid == 'realname' && $_G['uid'] != $space['uid'] && !ckrealname(1)) { continue; } if ($field['formtype'] == 'file' && $val) { $imgurl = getglobal('setting/attachurl') . './profile/' . $val; $val = '<span><a href="' . $imgurl . '" target="_blank"><img src="' . $imgurl . '" style="max-width: 500px;" /></a></span>'; } $profiles[] = array('type' => $fieldid, 'title' => $field['title'], 'data' => WebUtils::emptyHtml($val)); } } } } return $profiles; }
*/ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } if ($_GET['op'] == 'delete') { $favid = intval($_GET['favid']); $thevalue = DB::fetch_first('SELECT * FROM ' . DB::table('home_favorite') . " WHERE favid='{$favid}'"); if (empty($thevalue) || $thevalue['uid'] != $_G['uid']) { showmessage('favorite_does_not_exist'); } if (submitcheck('deletesubmit')) { DB::query('DELETE FROM ' . DB::table('home_favorite') . " WHERE favid='{$favid}'"); showmessage('do_success', 'home.php?mod=space&do=favorite&view=me&type=' . $_GET['type'] . '&quickforward=1', array('favid' => $favid), array('showdialog' => 1, 'showmsg' => true, 'closetime' => 1)); } } else { ckrealname('favorite'); ckvideophoto('favorite'); cknewuser(); $type = empty($_GET['type']) ? '' : $_GET['type']; $id = empty($_GET['id']) ? 0 : intval($_GET['id']); $spaceuid = empty($_GET['spaceuid']) ? 0 : intval($_GET['spaceuid']); $idtype = $title = $icon = ''; switch ($type) { case 'thread': $idtype = 'tid'; $title = DB::result_first('SELECT subject FROM ' . DB::table('forum_thread') . " WHERE tid='{$id}'"); $icon = '<img src="static/image/feed/thread.gif" alt="thread" class="vm" /> '; break; case 'forum': $idtype = 'fid'; $title = DB::result_first('SELECT `name` FROM ' . DB::table('forum_forum') . " WHERE fid='{$id}' AND status !='3'");
$comment['message'] = getstr($comment['message'], 150, 0, 0, 2, -1); } $seccodecheck = $_G['group']['seccode'] ? $_G['setting']['seccodestatus'] & 4 : 0; $secqaacheck = $_G['group']['seccode'] ? $_G['setting']['secqaa']['status'] & 2 : 0; if (submitcheck("commentsubmit", 0, $seccodecheck, $secqaacheck)) { if ($_G['group']['pdnovelcomment'] != 1) { showmessage("group_nopermission", NULL, array("grouptitle" => $_G['group']['grouptitle']), array("login" => 1)); } checkperm("allownewcomment"); $novelid = intval($_POST['novelid']); $novel = DB::fetch_first("SELECT * FROM " . DB::table("pdnovel_view") . (" WHERE novelid='" . $novelid . "'")); if (empty($novel)) { showmessage("comment_comment_noexist"); } require_once libfile("function/spacecp"); ckrealname("comment"); cknewuser(); $waittime = interval_check("post"); if (0 < $waittime) { showmessage("operating_too_fast", "", array("waittime" => $waittime), array("return" => TRUE)); } $message = getstr($_POST['message'], 0, 1, 1, 1, 0); if (strlen($message) < 2) { showmessage("content_is_too_short"); } pdupdatecredit('pdnovelcomment', $lang['common_no_credit']); $message = censor($message); if (censormod($message)) { $comment_status = 1; } else { $comment_status = 0;
echo 'incorrect_code'; exit; } $query = $_SGLOBAL['db']->query("SELECT timeline FROM " . tname('wallfield') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND wallid='{$wallid}' order by timeline desc limit 1 "); $lasttime = $_SGLOBAL['db']->result($query); $waittime = 15 - ($_SGLOBAL['timestamp'] - $lasttime); if ($waittime > 0) { echo 'operating_too_fast'; exit; } } else { if (!checkperm('allowdoing')) { $add_tracking = 0; } //实名 if (!ckrealname('doing', 1)) { $add_tracking = 0; } //视频 if (!ckvideophoto('doing', array(), 1)) { $add_tracking = 0; } //新用户 if (!cknewuser(1)) { $add_tracking = 0; } $waittime = interval_check('post'); if ($waittime > 0) { $add_tracking = 0; } }
$isfriend = friend_check($space['uid'], 1); loadcache('profilesetting'); include_once libfile('function/profile'); $profiles = array(); $privacy = $space['privacy']['profile'] ? $space['privacy']['profile'] : array(); if ($_G['setting']['verify']['enabled']) { space_merge($space, 'verify'); } foreach ($_G['cache']['profilesetting'] as $fieldid => $field) { if (!$field['available'] || in_array($fieldid, array('birthprovince', 'birthdist', 'birthcommunity', 'resideprovince', 'residedist', 'residecommunity'))) { continue; } if ($field['available'] && strlen($space[$fieldid]) > 0 && ($field['showinthread'] || $field['showincard'] || ($space['self'] || empty($privacy[$fieldid]) || $isfriend && $privacy[$fieldid] == 1)) && (!$_G['inajax'] && $field['invisible'] != '1' || $_G['inajax'] && $field['showincard'])) { $val = profile_show($fieldid, $space); if ($val !== false) { if ($fieldid == 'realname' && $_G['uid'] != $space['uid'] && !ckrealname(1)) { continue; } if ($field['formtype'] == 'file' && $val) { $imgurl = getglobal('setting/attachurl') . './profile/' . $val; $val = '<span><a href="' . $imgurl . '" target="_blank"><img src="' . $imgurl . '" style="max-width: 500px;" /></a></span>'; } if ($val == '') { $val = '-'; } $profiles[$fieldid] = array('title' => $field['title'], 'value' => $val); } } } $count = DB::result(DB::query("SELECT COUNT(*) FROM " . DB::table('forum_moderator') . " WHERE uid = '{$space['uid']}'"), 0); if ($count) {
//单个图片feed if ($_POST['topicid']) { topic_join($_POST['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']); $url = "space.php?do=topic&topicid={$_POST['topicid']}&view=pic"; } else { $url = "space.php?uid={$_SGLOBAL['supe_uid']}&do=album&id=" . (empty($_POST['opalbumid']) ? -1 : $_POST['opalbumid']); } capi_showmessage_by_data('upload_images_completed', $url, 0); } } else { if (!checkperm('allowupload')) { ckspacelog(); capi_showmessage_by_data('no_privilege'); } //实名认证 ckrealname('album'); //视频认证 ckvideophoto('album'); //新用户见习 cknewuser(); $siteurl = getsiteurl(); //获取相册 $albums = getalbums($_SGLOBAL['supe_uid']); //激活 $actives = $_GET['op'] == 'flash' || $_GET['op'] == 'cam' ? array($_GET['op'] => ' class="active"') : array('js' => ' class="active"'); //空间大小 $maxattachsize = checkperm('maxattachsize'); if (!empty($maxattachsize)) { $maxattachsize = $maxattachsize + $space['addsize']; //额外空间 $haveattachsize = formatsize($maxattachsize - $space['attachsize']);
$fs['icon'] = 'doing'; $fs['title_template'] = cplang('feed_doing_title'); $fs['title_data'] = array('message' => $message); $fs['body_template'] = ''; $fs['body_data'] = array('doid' => $newdoid); $fs['body_general'] = ''; if ($add_doing && ckprivacy('doing', 1)) { feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general']); } showmessage('do_success', 'space.php?do=doing&view=me', 0); } elseif (submitcheck('commentsubmit')) { if (!checkperm('allowdoing')) { showmessage('no_privilege'); } //实名认证 ckrealname('doing'); //新用户见习 cknewuser(); //判断是否操作太快 $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } $message = getstr($_POST['message'], 200, 1, 1, 1); //替换表情 $message = preg_replace("/\\[em:(.+?):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $message); $message = preg_replace("/\\<br.*?\\>/is", ' ', $message); if (strlen($message) < 1) { showmessage('should_write_that'); } $updo = array();
* This is NOT a freeware, use is subject to license terms * * $Id: spacecp_poke.php 16279 2010-09-02 09:33:15Z zhengqingpeng $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } $uid = empty($_GET['uid']) ? 0 : intval($_GET['uid']); if ($uid == $_G['uid']) { showmessage('not_to_their_own_greeted'); } if ($op == 'send' || $op == 'reply') { if (!checkperm('allowpoke')) { showmessage('no_privilege'); } ckrealname('poke'); cknewuser(); $tospace = array(); if ($uid) { $tospace = getspace($uid); } elseif ($_POST['username']) { $tospace = DB::fetch_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'username']}' LIMIT 1"); } if ($tospace['videophotostatus']) { ckvideophoto('poke', $tospace); } if ($tospace && isblacklist($tospace['uid'])) { showmessage('is_blacklist'); } if (submitcheck('pokesubmit')) { if (empty($tospace)) {
} } } note_apply($notearr); showmessage('do_success'); } } else { //创建新群组 if(!checkperm('allowmtag')) { ckspacelog(); showmessage('no_privilege'); } //实名认证 ckrealname('thread'); //视频认证 ckvideophoto('thread'); //新用户见习 cknewuser(); //提交 if(submitcheck('textsubmit')) { //自由输入 $_POST['tagname'] = $tagname = getstr($_POST['tagname'], 40, 1, 1, 1); $_POST['fieldid'] = $fieldid = intval($_POST['fieldid']); $profield = $_SGLOBAL['profield'][$fieldid];
<?php /* [UCenter Home] (C) 2007-2008 Comsenz Inc. $Id: space_index.php 12256 2009-05-27 03:57:32Z liguode $ */ if (!defined('IN_UCHOME')) { exit('Access Denied'); } //实名认证 if ($space['namestatus']) { include_once S_ROOT . './source/function_cp.php'; ckrealname('viewspace'); } //个人资料 //性别 $space['sex_org'] = $space['sex']; $space['sex'] = $space['sex'] == '1' ? '<a href="cp.php?ac=friend&op=search&sex=1&searchmode=1">' . lang('man') . '</a>' : ($space['sex'] == '2' ? '<a href="cp.php?ac=friend&op=search&sex=2&searchmode=1">' . lang('woman') . '</a>' : ''); $space['birth'] = ($space['birthyear'] ? "{$space['birthyear']}" . lang('year') : '') . ($space['birthmonth'] ? "{$space['birthmonth']}" . lang('month') : '') . ($space['birthday'] ? "{$space['birthday']}" . lang('day') : ''); $space['marry'] = $space['marry'] == '1' ? '<a href="cp.php?ac=friend&op=search&marry=1&searchmode=1">' . lang('unmarried') . '</a>' : ($space['marry'] == '2' ? '<a href="cp.php?ac=friend&op=search&marry=2&searchmode=1">' . lang('married') . '</a>' : ''); $space['birthcity'] = trim(($space['birthprovince'] ? "<a href=\"cp.php?ac=friend&op=search&birthprovince=" . rawurlencode($space['birthprovince']) . "&searchmode=1\">{$space['birthprovince']}</a>" : '') . ($space['birthcity'] ? " <a href=\"cp.php?ac=friend&op=search&birthcity=" . rawurlencode($space['birthcity']) . "&searchmode=1\">{$space['birthcity']}</a>" : '')); $space['residecity'] = trim(($space['resideprovince'] ? "<a href=\"cp.php?ac=friend&op=search&resideprovince=" . rawurlencode($space['resideprovince']) . "&searchmode=1\">{$space['resideprovince']}</a>" : '') . ($space['residecity'] ? " <a href=\"cp.php?ac=friend&op=search&residecity=" . rawurlencode($space['residecity']) . "&searchmode=1\">{$space['residecity']}</a>" : '')); $space['qq'] = empty($space['qq']) ? '' : "<a target=\"_blank\" href=\"http://wpa.qq.com/msgrd?V=1&Uin={$space['qq']}&Site={$space['username']}&Menu=yes\">{$space['qq']}</a>"; @(include_once S_ROOT . './data/data_usergroup.php'); //自定义 @(include_once S_ROOT . './data/data_profilefield.php'); $fields = empty($_SGLOBAL['profilefield']) ? array() : $_SGLOBAL['profilefield']; //更多资料 $base_farr = $contact_farr = array(); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spaceinfo') . " WHERE uid='{$space['uid']}'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) {
function pic_save($FILE, $albumid, $title, $iswatermark = true) { global $_G, $space; if ($albumid < 0) { $albumid = 0; } $allowpictype = array('jpg', 'jpeg', 'gif', 'png'); require_once libfile('class/upload'); $upload = new discuz_upload(); $upload->init($FILE, 'album'); if ($upload->error()) { return lang('spacecp', 'lack_of_access_to_upload_file_size'); } if (!$upload->attach['isimage']) { return lang('spacecp', 'only_allows_upload_file_types'); } if (empty($space)) { $_G['member'] = $space = getspace($_G['uid']); $_G['username'] = addslashes($space['username']); } if (!checkperm('allowupload')) { return lang('spacecp', 'not_allow_upload'); } if (!ckrealname('album', 1)) { return lang('spacecp', 'not_allow_upload'); } if (!ckvideophoto('album', array(), 1)) { return lang('spacecp', 'not_allow_upload'); } if (!cknewuser(1)) { return lang('spacecp', 'not_allow_upload'); } $maxspacesize = checkperm('maxspacesize'); $maxspacesize = $maxspacesize * 1024 * 1024; if ($maxspacesize) { space_merge($space, 'count'); space_merge($space, 'field_home'); if ($space['attachsize'] + $upload->attach['size'] > $maxspacesize + $space['addsize']) { return lang('spacecp', 'inadequate_capacity_space'); } } $showtip = true; $albumfriend = 0; if ($albumid) { $albumid = album_creat_by_id($albumid); } else { $albumid = 0; $showtip = false; } $upload->save(); if ($upload->error()) { return lang('spacecp', 'mobile_picture_temporary_failure'); } $new_name = $upload->attach['target']; require_once libfile('class/image'); $image = new image(); $result = $image->Thumb($new_name, '', 140, 140, 1); $thumb = empty($result) ? 0 : 1; if ($_G['setting']['maxthumbwidth'] && $_G['setting']['maxthumbheight']) { if ($_G['setting']['maxthumbwidth'] < 300) { $_G['setting']['maxthumbwidth'] = 300; } if ($_G['setting']['maxthumbheight'] < 300) { $_G['setting']['maxthumbheight'] = 300; } $image->Thumb($new_name, '', $_G['setting']['maxthumbwidth'], $_G['setting']['maxthumbheight'], 1, 1); } if ($iswatermark) { $image->Watermark($new_name); } $pic_remote = 0; $album_picflag = 1; if (getglobal('setting/ftp/on')) { $ftpresult_thumb = 0; $ftpresult = ftpcmd('upload', 'album/' . $upload->attach['attachment']); if ($ftpresult) { if ($thumb) { ftpcmd('upload', 'album/' . $upload->attach['attachment'] . '.thumb.jpg'); } $pic_remote = 1; $album_picflag = 2; } else { if (getglobal('setting/ftp/mirror')) { @unlink($upload->attach['target']); @unlink($upload->attach['target'] . '.thumb.jpg'); return lang('spacecp', 'ftp_upload_file_size'); } } } $title = getstr($title, 200, 1, 1, 1); $setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => addslashes($upload->attach['name']), 'postip' => $_G['clientip'], 'title' => $title, 'type' => addslashes($upload->attach['ext']), 'size' => $upload->attach['size'], 'filepath' => $upload->attach['attachment'], 'thumb' => $thumb, 'remote' => $pic_remote); $setarr['picid'] = DB::insert('home_pic', $setarr, 1); DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$upload->attach['size']} WHERE uid='{$_G['uid']}'"); include_once libfile('function/stat'); updatestat('pic'); return $setarr; }
showmessage('do_success', "space.php?uid={$event['uid']}&do=event&id={$eventid}", 0); } } elseif ($op == 'edit') { // edit or Create a new activity if ($eventid) { // Check permissions if (!$allowmanage) { showmessage("no_privilege_edit_event"); } } else { //Check user group Permissions for add events if (!checkperm("allowevent")) { showmessage('no_privilege_add_event'); } // Real-name authentication ckrealname('event'); // Video Authentication ckvideophoto('event'); //New user probationary cknewuser(); // Default entry new event [to do: Owner can set the Event default entry, priority: low] $event = array(); $event['eventid'] = ''; $event['starttime'] = ceil($_SGLOBAL['timestamp'] / 3600) * 3600 + 7200; // Event Start Time: Two hours after $event['endtime'] = $event['starttime'] + 14400; // Event Finish Time: four hours after the start time $event['deadline'] = $event['starttime']; // Deadline: Start time $event['allowinvite'] = 1; // Is allowed to Invite Friends
function pic_save($FILE, $albumid, $title, $topicid=0) { global $_SGLOBAL, $_SCONFIG, $space, $_SC; if($albumid<0) $albumid = 0; //允许上传类型 $allowpictype = array('jpg','jpeg','gif','png'); //检查 $FILE['size'] = intval($FILE['size']); if(empty($FILE['size']) || empty($FILE['tmp_name']) || !empty($FILE['error'])) { return cplang('lack_of_access_to_upload_file_size'); } //判断后缀 $fileext = fileext($FILE['name']); if(!in_array($fileext, $allowpictype)) { return cplang('only_allows_upload_file_types'); } //获取目录 if(!$filepath = getfilepath($fileext, true)) { return cplang('unable_to_create_upload_directory_server'); } //检查空间大小 if(empty($space)) { $space = getspace($_SGLOBAL['supe_uid']); } //用户组 if(!checkperm('allowupload')) { ckspacelog(); return cplang('inadequate_capacity_space'); } //实名认证 if(!ckrealname('album', 1)) { return cplang('inadequate_capacity_space'); } //视频认证 if(!ckvideophoto('album', array(), 1)) { return cplang('inadequate_capacity_space'); } //新用户见习 if(!cknewuser(1)) { return cplang('inadequate_capacity_space'); } $maxattachsize = checkperm('maxattachsize');//单位MB if($maxattachsize) {//0为不限制 if($space['attachsize'] + $FILE['size'] > $maxattachsize + $space['addsize']) { return cplang('inadequate_capacity_space'); } } //相册选择 $showtip = true; $albumfriend = 0; if($albumid) { preg_match("/^new\:(.+)$/i", $albumid, $matchs); if(!empty($matchs[1])) { $albumname = shtmlspecialchars(trim($matchs[1])); if(empty($albumname)) $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } else { $albumid = intval($albumid); if($albumid) { $query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM ".tname('album')." WHERE albumid='$albumid' AND uid='$_SGLOBAL[supe_uid]'"); if($value = $_SGLOBAL['db']->fetch_array($query)) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } } } } else { $albumid = 0; $showtip = false; } //本地上传 $new_name = $_SC['attachdir'].'./'.$filepath; $tmp_name = $FILE['tmp_name']; if(@copy($tmp_name, $new_name)) { @unlink($tmp_name); } elseif((function_exists('move_uploaded_file') && @move_uploaded_file($tmp_name, $new_name))) { } elseif(@rename($tmp_name, $new_name)) { } else { return cplang('mobile_picture_temporary_failure'); } //检查是否图片 if(function_exists('getimagesize')) { $tmp_imagesize = @getimagesize($new_name); list($tmp_width, $tmp_height, $tmp_type) = (array)$tmp_imagesize; $tmp_size = $tmp_width * $tmp_height; if($tmp_size > 16777216 || $tmp_size < 4 || empty($tmp_type) || strpos($tmp_imagesize['mime'], 'flash') > 0) { @unlink($new_name); return cplang('only_allows_upload_file_types'); } } //缩略图 include_once(S_ROOT.'./source/function_image.php'); $thumbpath = makethumb($new_name); $thumb = empty($thumbpath)?0:1; //是否压缩 //获取上传后图片大小 if(@$newfilesize = filesize($new_name)) { $FILE['size'] = $newfilesize; } //水印 if($_SCONFIG['allowwatermark']) { makewatermark($new_name); } //进行ftp上传 if($_SCONFIG['allowftp']) { include_once(S_ROOT.'./source/function_ftp.php'); if(ftpupload($new_name, $filepath)) { $pic_remote = 1; $album_picflag = 2; } else { @unlink($new_name); @unlink($new_name.'.thumb.jpg'); runlog('ftp', 'Ftp Upload '.$new_name.' failed.'); return cplang('ftp_upload_file_size'); } } else { $pic_remote = 0; $album_picflag = 1; } //入库 $title = getstr($title, 200, 1, 1, 1); //入库 $setarr = array( 'albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'filename' => addslashes($FILE['name']), 'postip' => getonlineip(), 'title' => $title, 'type' => addslashes($FILE['type']), 'size' => $FILE['size'], 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote, 'topicid' => $topicid ); $setarr['picid'] = inserttable('pic', $setarr, 1); //更新附件大小 //积分 $setsql = ''; if($showtip) { $reward = getreward('uploadimage', 0); if($reward['credit']) { $setsql = ",credit=credit+$reward[credit]"; } if($reward['experience']) { $setsql .= ",experience=experience+$reward[experience]"; } } $_SGLOBAL['db']->query("UPDATE ".tname('space')." SET attachsize=attachsize+'$FILE[size]', updatetime='$_SGLOBAL[timestamp]' $setsql WHERE uid='$_SGLOBAL[supe_uid]'"); //相册更新 if($albumid) { $file = $filepath.($thumb?'.thumb.jpg':''); $_SGLOBAL['db']->query("UPDATE ".tname('album')." SET picnum=picnum+1, updatetime='$_SGLOBAL[timestamp]', pic='$file', picflag='$album_picflag' WHERE albumid='$albumid'"); } //统计 updatestat('pic'); return $setarr; }
//检查信息 $bwztid = empty($_GET['bwztid']) ? 0 : intval($_GET['bwztid']); $op = empty($_GET['op']) ? '' : $_GET['op']; $bwzt = array(); if ($bwztid) { $query = $_SGLOBAL['db']->query("SELECT bf.*, b.* FROM " . tname('bwzt') . " b \n\t\tLEFT JOIN " . tname('bwztfield') . " bf ON bf.bwztid=b.bwztid \n\t\tWHERE b.bwztid='{$bwztid}'"); $bwzt = $_SGLOBAL['db']->fetch_array($query); } //权限检查 if (empty($bwzt)) { if (!checkperm('allowbwzt')) { ckspacelog(); showmessage('no_authority_to_add_log'); } //实名认证 ckrealname('bwzt'); //视频认证 ckvideophoto('bwzt'); //新用户见习 cknewuser(); //判断是否发布太快 $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } //接收外部标题 $bwzt['subject'] = empty($_GET['subject']) ? '' : getstr($_GET['subject'], 80, 1, 0); $bwzt['message'] = empty($_GET['message']) ? '' : getstr($_GET['message'], 5000, 1, 0); } else { if ($_SGLOBAL['supe_uid'] != $bwzt['uid'] && !checkperm('managebwzt')) { showmessage('no_authority_operation_of_the_log');