exit('Access Denied'); } // Check Permissions if (!checkperm('managetask')) { cpmessage('no_authority_management_operation'); } $list = $thevalue = array(); $taskid = empty($_GET['taskid']) ? 0 : intval($_GET['taskid']); if (submitcheck('tasksubmit')) { $_POST['name'] = shtmlspecialchars($_POST['name']); $_POST['filename'] = str_replace(array('..', '/', '\\'), array('', '', ''), $_POST['filename']); if (empty($_POST['filename']) || !is_readable(S_ROOT . './source/task/' . $_POST['filename'])) { cpmessage('designated_script_file_incorrect'); } $starttime = empty($_POST['starttime']) ? 0 : sstrtotime($_POST['starttime']); $endtime = empty($_POST['endtime']) ? 0 : sstrtotime($_POST['endtime']); $setarr = array('name' => $_POST['name'], 'note' => trim($_POST['note']), 'filename' => $_POST['filename'], 'image' => trim($_POST['image']), 'available' => intval($_POST['available']), 'starttime' => $starttime, 'endtime' => $endtime, 'nexttype' => trim($_POST['nexttype']), 'credit' => intval($_POST['credit']), 'maxnum' => intval($_POST['maxnum']), 'displayorder' => intval($_POST['displayorder'])); $setarr['nexttime'] = $setarr['nexttype'] == 'time' ? intval($_POST['nexttime']) : 0; if (empty($taskid)) { //ADD inserttable('task', $setarr); // return taskid } else { //UPDATE updatetable('task', $setarr, array('taskid' => $taskid)); } // update config include_once S_ROOT . './source/function_cache.php'; task_cache(); cpmessage('do_success', 'admincp.php?ac=task'); }
} //缓存结果 swritefile($userfile, serialize($results)); } elseif (submitcheck('import2submit')) { include_once S_ROOT . './source/function_blog.php'; if (empty($results) || empty($_POST['ids'])) { showmessage('choose_at_least_one_log', 'cp.php?ac=import'); } $allcount = $incount = 0; krsort($results); //倒序 foreach ($results as $key => $value) { $allcount = $allcount + 1; if (in_array($key, $_POST['ids'])) { $value = saddslashes($value); $dateline = intval(sstrtotime($value['dateCreated'])); $subject = getstr($value['title'], 80, 1, 1, 1); $message = isset($value['description']) ? $value['description'] : $value['content']; $message = getstr($message, 0, 1, 1, 1, 0, 1); $message = checkhtml($message); if (empty($subject) || empty($message)) { $results[$key]['status'] = '--'; $results[$key]['blogid'] = 0; continue; } //开始导入 $blogarr = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'subject' => $subject, 'pic' => getmessagepic($message), 'dateline' => $dateline ? $dateline : $_SGLOBAL['timestamp']); $blogid = inserttable('blog', $blogarr, 1); //插入内容 $fieldarr = array('blogid' => $blogid, 'message' => $message, 'postip' => getonlineip()); inserttable('blogfield', $fieldarr);
$fromsql = tname("userevent")." ue, ".tname('event')." e"; $wherearr[] = " ue.eventid = e.eventid"; $joinsql = ""; } } //活动分类 if($_GET['classid']){ $_GET['classid'] = intval($_GET['classid']); $wherearr[] = "e.classid = '$_GET[classid]'"; $theurl .= "&classid=$_GET[classid]"; } //活动时间 if($_GET['date']){ $daystart = sstrtotime($_GET['date']); $dayend = $daystart + 86400; $wherearr[] = "e.starttime <= '$dayend' AND e.endtime >= '$daystart'"; $theurl .= "&date=$_GET[date]"; } //活动城市 if($_GET['province']) { $_GET['province'] = getstr($_GET['province'], 20, 1, 1); $wherearr[] = "e.province = '$_GET[province]'"; $theurl .= "&province=$_GET[province]"; } if($_GET['city']) { $_GET['city'] = getstr($_GET['city'], 20, 1, 1); $wherearr[] = "e.city = '$_GET[city]'"; $theurl .= "&city=$_GET[city]";
$setsqlarr['pollid'] = $_POST['pollid']; $setsqlarr['top'] = intval($_POST['top']); empty($_POST['allowreply']) ? $setsqlarr['allowreply'] = 1 : ($setsqlarr['allowreply'] = intval($_POST['allowreply'])); $setsqlarr['grade'] = intval($_POST['grade']); //附件 if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) { $setsqlarr['haveattach'] = 1; $picflag = 1; } else { $setsqlarr['haveattach'] = 0; } //发布时间 if (empty($_POST['dateline'])) { $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } else { $setsqlarr['dateline'] = sstrtotime($_POST['dateline']); if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp']) { $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } } $othercatidarr = array(); if (!empty($_POST['othercatid'])) { $othercatidarr = $_POST['othercatid']; } $othercatidarr = array_unique($othercatidarr); $setsqlarr['othercatid'] = implode(',', $othercatidarr); if (empty($itemid)) { //添加数据 $op = 'add'; $setsqlarr['tid'] = empty($_POST['tid']) ? 0 : intval($_POST['tid']); $setsqlarr['type'] = $type;
} elseif ($op == 'delete') { //Delete poll if (submitcheck('deletesubmit')) { include_once S_ROOT . './source/function_delete.php'; if (deletepolls(array($pid))) { showmessage('do_success', "space.php?uid={$poll['uid']}&do=poll&view=me"); } else { showmessage('failed_to_delete_operation'); } } } elseif ($op == 'modify') { //Modify end time if (submitcheck('modifysubmit')) { $expiration = 0; if ($_POST['expiration']) { $expiration = sstrtotime(trim($_POST['expiration']) . ' 23:59:59'); if ($expiration <= $_SGLOBAL['timestamp']) { showmessage('time_expired_error', $_POST['refer']); } } updatetable('poll', array('expiration' => $expiration), array('pid' => $pid)); showmessage('do_success', 'space.php?uid=' . $space['uid'] . '&do=poll&pid=' . $pid, 0); } } elseif ($op == 'summary') { //Write poll summary if (submitcheck('summarysubmit')) { $summary = getstr($_POST['summary'], 0, 1, 1, 1, 2); updatetable('pollfield', array('summary' => $summary), array('pid' => $pid)); showmessage('do_success', 'space.php?uid=' . $space['uid'] . '&do=poll&pid=' . $pid, 0); } //bbcode transform
/** * 模型在线投稿提交处理函数 */ function modelpost($cacheinfo, $cp = 1) { global $_SGLOBAL, $theurl, $_SCONFIG; include_once S_ROOT . './function/upload.func.php'; $_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $resultitems = $resultmessage = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; //获取等级信息 if ($cacheinfo['models']['modelname'] == 'defect') { switch ($_POST['grade']) { case 1: $_POST['grade'] = '64'; break; case 2: $_POST['grade'] = '32'; break; case 3: $_POST['grade'] = '16'; break; case 4: $_POST['grade'] = '9'; break; case 5: $_POST['grade'] = '4'; break; case 6: $_POST['grade'] = '1'; break; case 7: $_POST['grade'] = '-1'; break; case 8: $_POST['grade'] = '-2'; break; case 9: $_POST['grade'] = '-3'; break; } $gradearr = array('0' => $alang['general_state'], '64' => $alang['check_grade_1'], '32' => $alang['check_grade_2'], '16' => $alang['check_grade_3_1'], '9' => $alang['check_grade_3_2'], '4' => $alang['check_grade_3_3'], '1' => $alang['check_grade_4'], '-1' => $alang['check_grade_5'], '-2' => $alang['check_grade_6'], '-3' => $alang['check_grade_7']); if (!empty($_SCONFIG['checkgrade'])) { $newgradearr = explode("\t", $_SCONFIG['checkgrade']); $gradearr['64'] = $newgradearr[0]; $gradearr['32'] = $newgradearr[1]; $gradearr['16'] = $newgradearr[2]; $gradearr['9'] = $newgradearr[3]; $gradearr['4'] = $newgradearr[4]; $gradearr['1'] = $newgradearr[5]; $gradearr['-1'] = $newgradearr[6]; $gradearr['-2'] = $newgradearr[7]; $gradearr['-3'] = $newgradearr[8]; } } else { $gradearr = array('0' => $alang['general_state'], '1' => $alang['check_grade_1'], '2' => $alang['check_grade_2'], '3' => $alang['check_grade_3'], '4' => $alang['check_grade_4'], '5' => $alang['check_grade_5'], '6' => $alang['check_grade_6'], '7' => $alang['check_grade_7']); if (!empty($_SCONFIG['checkgrade'])) { $newgradearr = explode("\t", $_SCONFIG['checkgrade']); for ($i = 0; $i < count($newgradearr); $i++) { if (!empty($newgradearr[$i])) { $gradearr[$i + 1] = $newgradearr[$i]; } } } } if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) { showmessage('parameter_error'); } $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_SGLOBAL['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //更新用户最新更新时间 if (empty($itemid) && $_SGLOBAL['supe_uid']) { updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid'])); } //输入检查 $_POST['catid'] = intval($_POST['catid']); $_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0; $_POST['subject'] = shtmlspecialchars(trim($_POST['subject'])); //检查输入 if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) { showmessage('space_suject_length_error'); } if (empty($_POST['catid'])) { showmessage('admin_func_catid_error'); } if (!empty($_FILES['subjectimage']['name'])) { $fileext = fileext($_FILES['subjectimage']['name']); if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) { showmessage('document_types_can_only_upload_pictures'); } } //数据检查 checkvalues(array_merge($resultitems, $resultmessage), 0, 1); //修改时检验标题图片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //当file删除时,或修改时执行删除操作 $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); $hash = getmodelhash($_GET['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //构建数据 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $setsqlarr['catid'] = $_POST['catid']; $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = $_POST['allowreply']; $setsqlarr['grade'] = intval($_POST['grade']); //modify by jyf,没权限的用户不能改审核等级 if ($setsqlarr['grade'] > 0) { if (!checkperm('manageeditpost')) { showmessage('no_permission'); } } //end $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; $setsqlarr['uid'] = $_SGLOBAL['supe_uid']; $setsqlarr['username'] = $_SGLOBAL['supe_username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; $modelsinfoarr['subjectimagewidth'] = 400; $modelsinfoarr['subjectimageheight'] = 300; if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //词语过滤 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //发布时间 if (empty($_POST['dateline'])) { $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } else { $setsqlarr['dateline'] = sstrtotime($_POST['dateline']); if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) { //不能早于2年 $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } } //附件处理-by jyf if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) { $setsqlarr['attaches'] = implode(',', $_POST['divupload']); } //创新园地新增两个字段-------89184 if ($cacheinfo['models']['modelname'] == 'creative') { if (empty($_POST['creative_value'])) { showmessage('请输入创新价值说明'); } if (empty($_POST['creative_days'])) { showmessage('本创新所耗的工作量'); } $setsqlarr['value'] = $_POST['creative_value']; $setsqlarr['days'] = $_POST['creative_days']; } if (!checkperm('allowdirectpost') || checkperm('managemodpost')) { //不需要审核时入item表 if (empty($itemid)) { //插入数据 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); //取消邮件通知 --89184 $email = get_cate_mail($_POST['catid']); $url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); if ($_POST['modelname'] == 'creative') { if ($_POST['creative_type'] == '流程建议') { $email = $email . ',' . get_cate_process_mail($setsqlarr['catid']); } } $emails = explode(',', $email); if (count($emails) > 0) { include S_ROOT . './function/sendmail.fun.php'; $url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); if ($cacheinfo['models']['modelname'] == 'creative') { $msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的创新:<br />' . $url1; sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的创新《' . $_POST['subject'] . "》", $msg1); } else { if ($cacheinfo['models']['modelname'] == 'defect') { $msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例:<br />' . $url1; sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例《' . $_POST['subject'] . "》", $msg1); } } } } else { //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); if ($setsqlarr['grade'] > 0) { $setsqlarr['shenhezhe'] = $_SGLOBAL['supe_username']; if ($_POST['modelname'] == 'creative') { if ($_POST['creative_type'] == '主管月度创新') { if (!check_cate_director($setsqlarr['catid'])) { showmessage('no_permission'); } } } } updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); //邮件通知--等级审核 if ($setsqlarr['grade'] > 0) { $sqlstr = 'SELECT u.*, s.* FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' s LEFT JOIN ' . tname('members') . ' u ON u.uid=s.uid WHERE s.itemid=\'' . $itemid . '\''; $query = $_SGLOBAL['db']->query($sqlstr); $value = $_SGLOBAL['db']->fetch_array($query); $email = $value['email']; if (!empty($email)) { include S_ROOT . './function/sendmail.fun.php'; $url = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); $emails = explode(',', $email); if ($_POST['modelname'] == 'creative') { $msg = '你的创新已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url; } else { $msg = '你的缺陷预防案例已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url; } sendmail($emails, $setsqlarr['subject'], $msg); } } } if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) { $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=1, type=\'' . $modelsinfoarr['modelname'] . '\', itemid=' . $itemid . ', catid=\'' . $_POST['catid'] . '\' WHERE hash=\'' . $_POST['hash'] . '\''); } $hash = getmodelhash($_POST['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; } else { if (!empty($uploadfilearr['subjectimage']['aid'])) { $subjectimageid = $uploadfilearr['subjectimage']['aid']; } $setitemsqlarr = $setsqlarr; $do = 'me'; } if ($op == 'update') { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //当file删除时,或修改时执行删除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid'])); $ext = fileext($defaultmessage[$value['fieldname']]); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //内容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['postip'] = $_SGLOBAL['onlineip']; if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加内容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') { //不需要审核时入message表 if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加内容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); getreward('postinfo'); if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) { $feed['icon'] = 'comment'; $feed['title_template'] = 'feed_model_title'; $murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); $aurl = A_URL; if (empty($_SCONFIG['siteurl'])) { $siteurl = getsiteurl(); $murl = $siteurl . $murl; $aurl = $siteurl . $aurl; } else { $siteurl = S_URL_ALL; } $feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>'); $feed['body_template'] = 'feed_model_message'; $feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150)); if (!empty($feedsubjectimg)) { $feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl); } else { foreach ($feedcolum as $feedimgvalue) { if ($feedimgvalue['filepath']) { $feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl); break; } } if (empty($feed['images'])) { $picurl = getmessagepic(stripslashes($_POST['message'])); if ($picurl && strpos($picurl, '://') === false) { $picurl = $siteurl . '/' . $picurl; } if (!empty($picurl)) { $feed['images'][] = array('url' => $picurl, 'link' => $murl); } } } postfeed($feed); } } else { //更新内容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); if (checkperm('allowdirectpost') && $op == 'update') { deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1); } if (checkperm('allowdirectpost') && $op == 'update') { $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } else { $jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('online_contributions_success', $jpurl); } } else { $setsqlarr = array_merge($setitemsqlarr, $setsqlarr); $setsqlarr['addfeed'] = $_POST['addfeed']; $setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1); if (!empty($_POST['itemid'])) { $itemid = intval($_POST['itemid']); updatetable('modelfolders', $setsqlarr, array('itemid' => $itemid)); } else { $itemid = inserttable('modelfolders', $setsqlarr, 1); } if (!empty($subjectimageid)) { $ids[] = $subjectimageid; } if (!empty($ids)) { $ids = simplode($ids); $hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } }
if (!empty($cacheinfo['linkage']['info'][$key][$tmpvalue])) { $_GET[$tmpkey] = $tmpvalue = $cacheinfo['linkage']['info'][$key][$tmpvalue]; } } if ($columnsinfoarr[$key]['formtype'] == 'timestamp') { if (preg_match("/_from\$/i", $tmpkey)) { if (empty($sqlbetweenarr[$pre . '`' . $key . '`'][1])) { $sqlbetweenarr[$pre . '`' . $key . '`'] = array(sstrtotime($tmpvalue), ''); } else { $sqlbetweenarr[$pre . '`' . $key . '`'][0] = sstrtotime($tmpvalue); } } elseif (preg_match("/_to\$/i", $tmpkey)) { if (empty($sqlbetweenarr[$pre . '`' . $key . '`'][0])) { $sqlbetweenarr[$pre . '`' . $key . '`'] = array('', sstrtotime($tmpvalue)); } else { $sqlbetweenarr[$pre . '`' . $key . '`'][1] = sstrtotime($tmpvalue); } } } elseif (preg_match("/^(select|radio|linkage)\$/i", $columnsinfoarr[$key]['formtype']) || !preg_match("/^(VARCHAR|CHAR|TEXT|MEDIUMTEXT|LONGTEXT|)\$/i", $columnsinfoarr[$key]['fieldtype'])) { //= if (preg_match("/^(VARCHAR|CHAR|TEXT|MEDIUMTEXT|LONGTEXT|)\$/i", $columnsinfoarr[$key]['fieldtype'])) { //char $sqlchararr[$pre . '`' . $key . '`'] = stripsearchkey(shtmlspecialchars($tmpvalue)); } else { $sqlintarr[$pre . '`' . $key . '`'] = intval($tmpvalue); } } elseif (preg_match("/^(text|textarea|checkbox)\$/i", $columnsinfoarr[$key]['formtype'])) { //like $sqllikearr[$pre . '`' . $key . '`'] = stripsearchkey(shtmlspecialchars($tmpvalue)); } }
} elseif (submitcheck('valuesubmit')) { //采集器编辑与添加的提交表单的处理 $postlisturl = addslashes(serialize(array('manual' => $_POST['listurl_manual'], 'auto' => $_POST['listurl_auto']))); $_POST['autotype'] = !empty($_POST['autotype']) && intval($_POST['autotype']) == 2 ? 2 : 1; if (empty($_POST['name'])) { $_POST['name'] = $_SGLOBAL['timestamp']; } $_POST['subjectreplace'] = !empty($_POST['subjectreplace']) ? implode("\n", $_POST['subjectreplace']) : ''; $_POST['subjectreplaceto'] = !empty($_POST['subjectreplaceto']) ? implode("\n", $_POST['subjectreplaceto']) : ''; $_POST['messagereplace'] = !empty($_POST['messagereplace']) ? implode("\n", $_POST['messagereplace']) : ''; $_POST['messagereplaceto'] = !empty($_POST['messagereplaceto']) ? implode("\n", $_POST['messagereplaceto']) : ''; #Modify by jiangyanfeng $_POST['messagesize'] = !empty($_POST['messagesize']) ? intval($_POST['messagesize']) : 0; #End $catarr = explode('_', $_POST['import']); $setsqlarr = array('name' => $_POST['name'], 'dateline' => $_SGLOBAL['timestamp'], 'listurltype' => 'new', 'listurl' => $postlisturl, 'listpagestart' => $_POST['listpagestart'], 'listpageend' => $_POST['listpageend'], 'allnum' => $_POST['allnum'], 'pernum' => $_POST['pernum'], 'importcatid' => intval($catarr[1]), 'importtype' => $catarr[0], 'reverseorder' => intval($_POST['reverseorder']), 'encode' => $_POST['encode'], 'savepic' => $_POST['savepic'], 'saveflash' => $_POST['saveflash'], 'subjecturlrule' => striptbr($_POST['subjecturlrule']), 'subjecturllinkrule' => striptbr($_POST['subjecturllinkrule']), 'subjecturllinkpre' => $_POST['subjecturllinkpre'], 'subjectrule' => striptbr($_POST['subjectrule']), 'subjectfilter' => striptbr($_POST['subjectfilter']), 'subjectreplace' => $_POST['subjectreplace'], 'subjectreplaceto' => $_POST['subjectreplaceto'], 'subjectkey' => $_POST['subjectkey'], 'subjectallowrepeat' => $_POST['subjectallowrepeat'], 'datelinerule' => striptbr($_POST['datelinerule']), 'fromrule' => striptbr($_POST['fromrule']), 'authorrule' => striptbr($_POST['authorrule']), 'messagerule' => striptbr($_POST['messagerule']), 'messagefilter' => striptbr($_POST['messagefilter']), 'messagepagetype' => $_POST['messagepagetype'], 'messagepagerule' => striptbr($_POST['messagepagerule']), 'messagepageurlrule' => striptbr($_POST['messagepageurlrule']), 'messagepageurllinkpre' => $_POST['messagepageurllinkpre'], 'messagereplace' => $_POST['messagereplace'], 'messagereplaceto' => $_POST['messagereplaceto'], 'messagesize' => $_POST['messagesize'], 'picurllinkpre' => $_POST['picurllinkpre'], 'autotype' => $_POST['autotype'], 'wildcardlen' => $_POST['autotype'] == 1 ? $_POST['wildcardlen'] : '', 'subjecturllinkcancel' => striptbr($_POST['subjecturllinkcancel']), 'subjecturllinkfilter' => striptbr($_POST['subjecturllinkfilter']), 'subjecturllinkpf' => $_POST['subjecturllinkpf'], 'subjectkeycancel' => $_POST['subjectkeycancel'], 'messagekey' => $_POST['messagekey'], 'messagekeycancel' => $_POST['messagekeycancel'], 'messageformat' => $_POST['messageformat'], 'messagepageurllinkpf' => $_POST['messagepageurllinkpf'], 'uidrule' => shtmlspecialchars($_POST['uidrule']), 'defaultdateline' => empty($_POST['defaultdateline']) ? 0 : sstrtotime($_POST['defaultdateline'])); //对于新增的采集器与编辑的采集器的分别处理 if (empty($_POST['robotid'])) { $robotid = 0; $setsqlarr['uid'] = $_SGLOBAL['supe_uid']; $robotid = inserttable('robots', $setsqlarr, 1); updaterobot($robotid); //更新采集器缓存 showmessage('robot_add_success', $theurl); } else { //UPDATE $wheresqlarr = array('robotid' => $_POST['robotid']); updatetable('robots', $setsqlarr, $wheresqlarr); updaterobot($_POST['robotid']); //更新采集器缓存 showmessage('robot_edit_success', $theurl);
exit('Access Denied'); } //权限 if (!checkperm('managesitefeed')) { cpmessage('no_authority_management_operation'); } if (submitcheck('feedsubmit')) { $setarr = array('title_template' => trim($_POST['title_template']), 'body_template' => trim($_POST['body_template'])); if (empty($setarr['title_template']) && empty($setarr['body_template'])) { cpmessage('sitefeed_error'); } $feedid = intval($_POST['feedid']); //时间问题 $_POST['dateline'] = trim($_POST['dateline']); if ($_POST['dateline']) { $newtimestamp = sstrtotime($_POST['dateline']); if ($newtimestamp > $_SGLOBAL['timestamp']) { $_SGLOBAL['timestamp'] = $newtimestamp; } } if (empty($feedid)) { $_SGLOBAL['supe_uid'] = 0; include_once S_ROOT . './source/function_cp.php'; feed_add('sitefeed', trim($_POST['title_template']), array(), trim($_POST['body_template']), array(), trim($_POST['body_general']), array(trim($_POST['image_1']), trim($_POST['image_2']), trim($_POST['image_3']), trim($_POST['image_4'])), array(trim($_POST['image_1_link']), trim($_POST['image_2_link']), trim($_POST['image_3_link']), trim($_POST['image_4_link']))); } else { $setarr['body_general'] = trim($_POST['body_general']); $setarr['image_1'] = trim($_POST['image_1']); $setarr['image_1_link'] = trim($_POST['image_1_link']); $setarr['image_2'] = trim($_POST['image_2']); $setarr['image_2_link'] = trim($_POST['image_2_link']); $setarr['image_3'] = trim($_POST['image_3']);
$isnewer = $space['friendnum'] < $_SCONFIG['showallfriendnum'] ? 1 : 0; if (empty($_GET['view']) && $space['self'] && $isnewer) { $_GET['view'] = 'ours'; //默认显示 } //分页 $perpage = $_SCONFIG['feedmaxnum'] < 50 ? 50 : $_SCONFIG['feedmaxnum']; $perpage = mob_perpage($perpage); if ($_GET['view'] == 'hot') { $perpage = 50; } $start = empty($_GET['start']) ? 0 : intval($_GET['start']); //检查开始数 ckstart($start, $perpage); //今天时间开始线 $_SGLOBAL['today'] = sstrtotime(sgmdate('Y-m-d')); //最少热度 $minhot = $_SCONFIG['feedhotmin'] < 1 ? 3 : $_SCONFIG['feedhotmin']; $_SGLOBAL['gift_appid'] = '1027468'; if ($_GET['view'] == 'all') { $wheresql = "1"; $ordersql = "dateline DESC"; $theurl = "space.php?uid={$space['uid']}&do={$do}&view=all"; $f_index = ''; } elseif ($_GET['view'] == 'hot') { $wheresql = "hot>='{$minhot}'"; $ordersql = "dateline DESC"; $theurl = "space.php?uid={$space['uid']}&do={$do}&view=hot"; $f_index = ''; } elseif ($_GET['view'] == 'work') { $wheresql = "icontype='work'";
$gets['starttime'] = $gets['endtime'] = ''; } //搜索积分 cksearchcredit($ac); //开始搜索 $wherearr = array(); if ($gets['username']) { $wherearr[] = "main.username = '******'username']}'"; } if ($gets['tagid']) { $wherearr[] = "main.tagid = '{$gets['tagid']}'"; } if ($value = sstrtotime($gets['starttime'])) { $wherearr[] = "main.dateline >= '{$value}'"; } if ($value = sstrtotime($gets['endtime'])) { $wherearr[] = "main.dateline <= '{$value}'"; } //关键字 if ($inkey = stripsearchkey($gets['key'])) { if (preg_match("/( AND |\\+|&|\\s)/i", $inkey) && !preg_match("/( OR |\\|)/i", $inkey)) { $keys = preg_replace("/( AND |&| )/i", "+", $inkey); $andor = ' AND '; } else { $keys = preg_replace("/( OR |\\|)/i", "+", $inkey); $andor = ' OR '; } $is = array(); foreach (explode('+', $keys) as $value) { if ($value = trim($value)) { $is[] = "main.subject LIKE '%{$value}%'";
function getreward($action, $update = 1, $uid = 0, $needle = '', $setcookie = 1) { global $_SGLOBAL, $_SCOOKIE; $reward = array('credit' => 0, 'experience' => 0); $creditlog = array(); @(include_once S_ROOT . './data/system/creditrule.cache.php'); $rule = $_SGLOBAL['creditrule'][$action]; if ($rule['credit'] || $rule['experience']) { $uid = $uid ? intval($uid) : $_SGLOBAL['supe_uid']; $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('members') . " WHERE uid='{$uid}'"); if ($member = $_SGLOBAL['db']->fetch_array($query)) { if ($rule['rewardtype'] == 1) { //Ôö¼Ó»ý·Ö $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('creditlog') . " WHERE uid='{$uid}' AND rid='{$rule['rid']}'"); $creditlog = $_SGLOBAL['db']->fetch_array($query); if (empty($creditlog)) { $reward['credit'] = $rule['credit']; $reward['experience'] = $rule['experience']; $setarr = array('uid' => $uid, 'rid' => $rule['rid'], 'total' => 1, 'cyclenum' => 1, 'credit' => $rule['credit'], 'experience' => $rule['experience'], 'dateline' => $_SGLOBAL['timestamp']); //ÅжÏÊÇ·ñÐèҪȥÖØ if ($rule['norepeat']) { if ($rule['norepeat'] == 1) { $setarr['info'] = $needle; } elseif ($rule['norepeat'] == 2) { $setarr['user'] = $needle; } } if (in_array($rule['cycletype'], array(2, 3))) { $setarr['starttime'] = $_SGLOBAL['timestamp']; } $clid = inserttable('creditlog', $setarr, 1); } else { $newcycle = false; $setarr = array(); $clid = $creditlog['clid']; switch ($rule['cycletype']) { case 0: //Ò»´ÎÐÔ½±Àø break; case 1: //ÿÌìÏÞ´ÎÊý //ÿÌìÏÞ´ÎÊý case 4: //²»ÏÞÖÜÆÚ $sql = 'cyclenum+1'; if ($rule['cycletype'] == 1) { $today = sstrtotime(sgmdate($_SGLOBAL['timetemp'], 'Y-m-d')); //ÅжÏÊÇ·ñΪ×òÌì if ($creditlog['dateline'] < $today && $rule['rewardnum']) { $creditlog['cyclenum'] = 0; $sql = 1; $newcycle = true; } } if (empty($rule['rewardnum']) || $creditlog['cyclenum'] < $rule['rewardnum']) { //ÑéÖ¤ÊÇ·ñΪÐèҪȥÖزÙ×÷ if ($rule['norepeat']) { $repeat = checkcheating($creditlog, $needle, $rule['norepeat']); if ($repeat && !$newcycle) { return $reward; } } $reward['credit'] = $rule['credit']; $reward['experience'] = $rule['experience']; //¸üдÎÊý $setarr = array('cyclenum' => "cyclenum={$sql}", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'experience' => "experience='{$reward['experience']}'"); } break; case 2: //Õûµã //Õûµã case 3: //¼ä¸ô·ÖÖÓ $nextcycle = 0; if ($creditlog['starttime']) { if ($rule['cycletype'] == 2) { //ÉÏÒ»´ÎÖ´ÐÐʱ¼ä $start = sstrtotime(sgmdate($creditlog['starttime'], 'Y-m-d H:00:00')); $nextcycle = $start + $rule['cycletime'] * 3600; } else { $nextcycle = $creditlog['starttime'] + $rule['cycletime'] * 60; } } if ($_SGLOBAL['timestamp'] <= $nextcycle && $creditlog['cyclenum'] < $rule['rewardnum']) { //ÑéÖ¤ÊÇ·ñΪÐèҪȥÖزÙ×÷ if ($rule['norepeat']) { $repeat = checkcheating($creditlog, $needle, $rule['norepeat']); if ($repeat && !$newcycle) { return $reward; } } $reward['experience'] = $rule['experience']; $reward['credit'] = $rule['credit']; $setarr = array('cyclenum' => "cyclenum=cyclenum+1", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'experience' => "experience='{$reward['experience']}'"); } elseif ($_SGLOBAL['timestamp'] >= $nextcycle) { $newcycle = true; $reward['experience'] = $rule['experience']; $reward['credit'] = $rule['credit']; $setarr = array('cyclenum' => "cyclenum=1", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'starttime' => "starttime='{$_SGLOBAL['timestamp']}'", 'experience' => "experience='{$reward['experience']}'"); } break; } //¼Ç¼²Ù×÷ÀúÊ· if ($rule['norepeat'] && $needle) { switch ($rule['norepeat']) { case 0: break; case 1: //ÐÅϢȥÖØ $info = empty($creditlog['info']) || $newcycle ? $needle : $creditlog['info'] . ',' . $needle; $setarr['info'] = "`info`='{$info}'"; break; case 2: //Óû§È¥ÖØ $user = empty($creditlog['user']) || $newcycle ? $needle : $creditlog['user'] . ',' . $needle; $setarr['user'] = "******"; break; } } if ($setarr) { $_SGLOBAL['db']->query("UPDATE " . tname('creditlog') . " SET " . implode(',', $setarr) . " WHERE clid='{$creditlog['clid']}'"); } } } elseif ($rule['rewardtype'] == 0) { //¿Û»ý·Ö£¬¼Ó¾Ñé if ($member['credit'] < $rule['credit']) { return false; } $reward['credit'] = "-{$rule['credit']}"; $reward['experience'] = "{$rule['experience']}"; } else { //¿Û»ý·Ö£¬¿Û¾Ñé $reward['credit'] = "-{$rule['credit']}"; $reward['experience'] = "-{$rule['experience']}"; } if ($update && ($reward['credit'] || $reward['experience'])) { $setarr = array(); if ($reward['credit']) { $setarr['credit'] = $reward['credit'] >= 0 ? "credit=credit+{$reward['credit']}" : "credit=credit{$reward['credit']}"; } if ($reward['experience']) { $setarr['experience'] = "experience=experience+{$reward['experience']}"; } $_SGLOBAL['db']->query("UPDATE " . tname('members') . " SET " . implode(',', $setarr) . " WHERE uid='{$uid}'"); } } } return array('credit' => abs($reward['credit']), 'experience' => abs($reward['experience'])); }
include_once S_ROOT . './uc_client/client.php'; if ($_POST['flag'] == 1) { $result = uc_user_addprotected(array($member['username']), $_SGLOBAL['supe_username']); } else { $_POST['flag'] = 0; $result = uc_user_deleteprotected(array($member['username']), $_SGLOBAL['supe_username']); } if ($result) { $setarr['flag'] = $_POST['flag']; } } if ($uid != $_SGLOBAL['supe_uid'] || ckfounder($_SGLOBAL['supe_uid'])) { if (empty($_POST['groupid'])) { $_POST['groupid'] = getgroupid($_POST['experience'], 0); } else { $expiration = $_POST['expiration'] ? sstrtotime($_POST['expiration']) : 0; if ($expiration && $expiration <= $_SGLOBAL['timestamp']) { showmessage('time_expired_error'); } } include_once S_ROOT . './data/data_usergroup_' . $_POST['groupid'] . '.php'; $group = $_SGLOBAL['usergroup'][$_POST['groupid']]; if ($group['manageconfig'] && !ckfounder($_SGLOBAL['supe_uid'])) { cpmessage('no_authority_management_operation'); } //有效期 if ($expiration) { $setlogarr = array('uid' => $member['uid'], 'username' => addslashes($member['username']), 'opuid' => $_SGLOBAL['supe_uid'], 'opusername' => $_SGLOBAL['supe_username'], 'expiration' => $expiration, 'dateline' => $_SGLOBAL['timestamp'], 'flag' => 1); inserttable('spacelog', $setlogarr, 0, true); } $setarr['groupid'] = intval($_POST['groupid']);
<?php if (!defined('iBUAA')) { exit('Access Denied'); } //检查参数 $blog = magic_check_idtype($id, $idtype); //时空机 if (submitcheck("usesubmit")) { $newdateline = sstrtotime($_POST['newdateline']); if (!$_POST['newdateline'] || $newdateline < sstrtotime('1970-1-1') || $newdateline > $blog['dateline']) { showmessage('magicuse_bad_dateline'); //输入的时间无效 } //修改对象时间 $tablename = gettablebyidtype($idtype); $_SGLOBAL['db']->query("UPDATE " . tname($tablename) . " SET dateline='{$newdateline}' WHERE {$idtype}='{$id}' AND uid='{$_SGLOBAL['supe_uid']}'"); //同时修改feed的时间 $_SGLOBAL['db']->query("UPDATE " . tname('feed') . " SET dateline='{$newdateline}' WHERE id='{$id}' AND idtype='{$idtype}' AND uid='{$_SGLOBAL['supe_uid']}'"); magic_use($mid, array('id' => $id, 'idtype' => $idtype), true); showmessage('magicuse_success', $_POST['refer'], 0); }
ckspacelog(); showmessage('no_privilege'); } } $topicid = 0; } else { if ($_GET['op'] != 'join') { if ($_SGLOBAL['supe_uid'] != $topic['uid'] && !checkperm('managetopic')) { showmessage('no_privilege'); } } $topic['pic'] = pic_get($topic['pic'], $topic['thumb'], $topic['remote'], 1); } //添加编辑操作 if (submitcheck('topicsubmit')) { $setarr = array('subject' => getstr($_POST['subject'], 80, 1, 1, 1), 'message' => getstr($_POST['message'], 0, 1, 1, 1), 'jointype' => empty($_POST['jointype']) ? '' : implode(',', $_POST['jointype']), 'joingid' => empty($_POST['joingid']) ? '' : implode(',', $_POST['joingid']), 'endtime' => $_POST['endtime'] ? sstrtotime($_POST['endtime']) : 0); if (strlen($setarr['subject']) < 4) { showmessage('topic_subject_error'); } //封面 if ($_FILES['pic']['size'] && ($filearr = pic_save($_FILES['pic'], -1))) { $setarr['pic'] = $filearr['filepath']; $setarr['thumb'] = $filearr['thumb']; $setarr['remote'] = $filearr['remote']; } if (empty($topicid)) { $setarr['uid'] = $_SGLOBAL['supe_uid']; $setarr['username'] = $_SGLOBAL['supe_username']; $setarr['dateline'] = $setarr['lastpost'] = $_SGLOBAL['timestamp']; $topicid = inserttable('topic', $setarr, 1); } else {
} elseif ($_GET['view'] == 'uselog') { //使用记录 $mpurl = 'admincp.php?ac=magiclog&view=uselog'; //处理搜索 $intkeys = array('id'); $strkeys = array('mid', 'idtype'); $randkeys = array(); $likekeys = array('username'); $results = getwheres($intkeys, $strkeys, $randkeys, $likekeys); $wherearr = $results['wherearr']; if ($_GET['starttime']) { $wherearr[] = 'dateline >= ' . sstrtotime($_GET['starttime']); $mpurl .= '&starttime=' . $_GET['starttime']; } if ($_GET['endtime']) { $wherearr[] = 'dateline <= ' . sstrtotime($_GET['endtime']); $mpurl .= '&endtime=' . $_GET['endtime']; } $wheresql = empty($wherearr) ? '1' : implode(' AND ', $wherearr); $mpurl .= '&' . implode('&', $results['urls']); //排序 $ordersql = 'ORDER BY dateline DESC'; //显示分页 $perpage = 50; $mpurl .= '&perpage=' . $perpage; $page = empty($_GET['page']) ? 1 : intval($_GET['page']); if ($page < 1) { $page = 1; } $start = ($page - 1) * $perpage; //检查开始数
$subjectlen = strlen($_POST['subject']); } if ($subjectlen < 2 || $subjectlen > 80) { showmessage('space_suject_length_error'); } if (empty($_POST['starttime']) || !empty($_POST['endtime']) && sstrtotime($_POST['endtime']) <= sstrtotime($_POST['starttime'])) { showmessage('announcements_time_error'); } if (empty($_POST['message'])) { showmessage('announcements_no_message'); } $setsqlarr = array(); $setsqlarr['subject'] = addslashes($_POST['subject']); $setsqlarr['starttime'] = sstrtotime($_POST['starttime']); if (!empty($_POST['endtime'])) { $setsqlarr['endtime'] = sstrtotime($_POST['endtime']); } else { $setsqlarr['endtime'] = ''; } $setsqlarr['announcementsurl'] = shtmlspecialchars(trim($_POST['announcementsurl'])); $setsqlarr['message'] = $_POST['message']; if (empty($_POST['id'])) { $setsqlarr['uid'] = $_SGLOBAL['supe_uid']; $setsqlarr['author'] = $_SGLOBAL['supe_username']; inserttable('announcements', $setsqlarr); updateannouncementcache(); showmessage('announcements_add_succeed', $theurl); } else { $wheresqlarr = array('id' => $_POST['id']); updatetable('announcements', $setsqlarr, $wheresqlarr); updateannouncementcache();
for ($i = $start; $i <= $end; $i++) { if ($days[$i]['count'] < 10) { //Only up to 10 activities per day $days[$i]['events'][] = $value; $days[$i]['count'] += 1; $days[$i]['class'] = " on_link"; } } } unset($events); if ($month == intval(sgmdate("m")) && $year == intval(sgmdate("Y"))) { $d = intval(sgmdate("j")); $days[$d]['class'] = "on_today"; } if ($_GET['date']) { $t = sstrtotime($_GET['date']); if ($month == intval(sgmdate("m", $t)) && $year == intval(sgmdate("Y", $t))) { $d = intval(sgmdate("j", $t)); $days[$d]['class'] = "on_select"; } } //URL $url = $_GET['url'] ? preg_replace("/date=[\\d\\-]+/", '', $_GET['url']) : "space.php?do=event"; } elseif ($_GET['op'] == 'edithot') { // Permissions if (!checkperm('manageevent')) { showmessage('no_privilege'); } if (submitcheck('hotsubmit')) { $_POST['hot'] = intval($_POST['hot']); updatetable('event', array('hot' => $_POST['hot']), array('eventid' => $eventid));
$delfilearr[] = array(H_DIR . '/' . $file, 0); } } } } } if (empty($delfilearr)) { $delfilearr[] = array(H_DIR, 2); } $_GET['op'] = 'deleteresult'; } elseif (submitcheck('makesubmit')) { $pagearr = array(array(), array(), array()); $itemid1 = intval($_POST['itemid1']); $itemid2 = intval($_POST['itemid2']); $dateline1 = empty($_POST['dateline1']) ? 0 : sstrtotime($_POST['dateline1']); $dateline2 = empty($_POST['dateline2']) ? 0 : sstrtotime($_POST['dateline2']); $catid = $_POST['catid']; $types = empty($_POST['type']) ? '' : simplode($_POST['type']); //页面类型 //action/itemid/uid/ $wheresql = array(); if (!empty($_POST['pagetype'])) { foreach ($_POST['pagetype'] as $value) { if ($value == 'viewnews' && $_SCONFIG['htmlviewnews']) { //查看资讯页面 $wheresql = array(); $wheresql[] = "type='news'"; if ($itemid2 > $itemid1) { $wheresql[] = "itemid>'{$itemid1}' AND itemid<'{$itemid2}'"; } if (!empty($catid)) {
function pkpost($cacheinfo, $cp = 1) { global $_G, $_SGLOBAL, $theurl, $mname, $checkresults; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $mustverify = false; $resultitems = $resultmessage = $updateitem = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($mname == "groupbuy" && preg_match('/^user_|^ext_/', $result['fieldname'])) { continue; } if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_G['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //輸入檢查 $_POST['subject'] = trim(strip_tags($_POST['subject'])); $itemid = $_POST['itemid']; $checkresults = array(); if (bstrlen($_POST['subject']) < 1 || bstrlen($_POST['subject']) > 80) { array_push($checkresults, array('subject' => lang('space_suject_length_error'))); } //數據檢查 checkvalues(array_merge($resultitems, $resultmessage), 1, 1); //商品價格處理 Start if ($modelsinfoarr['modelname'] == 'good') { if ($_POST['minprice'] > 0 && $_POST['maxprice'] > 0 && $_POST['maxprice'] < $_POST['minprice']) { array_push($checkresults, array('maxprice' => lang('maxprice_must_big_then_minprice'))); } } //商品價格處理 End //修改時檢驗標題圖片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //當file刪除時,或修改時執行刪除操作 $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); $hash = getmodelhash($modelsinfoarr['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //構建數據 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $itemgrade = DB::result_first("SELECT grade FROM " . tname($mname . "items") . " WHERE itemid = '{$itemid}'"); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['subjectimage'] = $_POST['subjectimage_value']; } if (empty($_POST['catid']) || $_POST['catid'] < 0) { array_push($checkresults, array('catid' => lang('cat_not_selected'))); } $setsqlarr['catid'] = $_POST['catid']; if ($modelsinfoarr['modelname'] != 'shop') { //限制必填信息所屬店舖 if (pkperm('isadmin')) { if (empty($_POST['shopid'])) { array_push($checkresults, array('shopid' => lang('please_select_shopid'))); } $setsqlarr['shopid'] = intval($_POST['shopid']); } else { $setsqlarr['shopid'] = $_G['myshopid']; } } else { $setsqlarr['letter'] = !empty($_POST['letter']) ? trim($_POST['letter']) : getletter(trim($_POST['subject'])); $setsqlarr['keywords'] = trim(strip_tags($_POST['keywords'])); $setsqlarr['description'] = trim(strip_tags($_POST['description'])); if (!empty($_POST['syncfid'])) { require_once B_ROOT . './api/bbs_syncpost.php'; if (checkbbsfid($_POST['syncfid'])) { $setsqlarr['syncfid'] = intval($_POST['syncfid']); } else { array_push($checkresults, array('syncfid' => lang('syncfid_noexists'))); } } } $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = 1; if (!empty($checkresults)) { cpmsg('addobject_error', '', '', '', true, true, $checkresults); } if (pkperm('isadmin')) { $setsqlarr['grade'] = isset($_POST['grade']) ? $_POST['grade'] : 3; } elseif ($_G['myshopstatus'] == 'verified') { if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy')) && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['grade'] = !empty($itemid) ? 5 : 0; if (!empty($itemid)) { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } } $mustverify = true; } else { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } else { $setsqlarr['grade'] = $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] ? 0 : 3; } } } elseif ($_G['myshopstatus'] == 'unverified') { $setsqlarr['grade'] = 0; } $setsqlarr['dateline'] = $_G['timestamp']; $setsqlarr['uid'] = $_G['uid']; $setsqlarr['username'] = $_G['username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; // 標題圖片處理 Start if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { if ($_GET['action'] == 'add') { $hotline = $_SGLOBAL['panelinfo']['tel']; $address = $_SGLOBAL['panelinfo']['address']; } else { $shopinfo = DB::fetch(DB::query("SELECT tel, address FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'")); $hotline = $shopinfo['tel']; $address = $shopinfo['address']; } $dealer_name = DB::result_first("SELECT subject FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'"); $createimgarr = array('id' => intval($_POST['imgtplid']), 'mid' => intval($modelsinfoarr['mid']), 'itemid' => intval($itemid), 'coupon_title' => $setsqlarr['subject'], 'dealer_id' => $setsqlarr['uid'], 'dealer_name' => $dealer_name, 'begin_date' => date('Y-m-d', $setsqlarr['validity_start']), 'end_date' => date('Y-m-d', $setsqlarr['validity_end']), 'brief' => trim($_POST['message']), 'exception' => trim($_POST['exception']), 'address' => $address, 'hotline' => $hotline, 'subjectimagewidth' => $modelsinfoarr['subjectimagewidth'], 'subjectimageheight' => $modelsinfoarr['subjectimageheight']); require_once B_ROOT . './source/adminfunc/tool.func.php'; if ($consumeimgpath = image_text($createimgarr)) { $setsqlarr['subjectimage'] = $consumeimgpath; $setsqlarr['imagetype'] = 0; $setsqlarr['imgtplid'] = intval($_POST['imgtplid']); } } else { $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => '圖片標題', 'formtype' => 'img')), $modelsinfoarr['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['imagetype'] = 1; } } /* --------- 標題圖片處理 End --------------*/ //詞語過濾 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //發佈時間 $setsqlarr['dateline'] = $_G['timestamp']; // 商品添加簡介 if ($mname == "good") { $setsqlarr['intro'] = trim(strip_tags($_POST['intro'])); } if (empty($itemid)) { //插入數據 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy'))) { itemnumreset($modelsinfoarr['modelname'], $setsqlarr['shopid']); } } else { $_SGLOBAL['itemupdate'] = 1; //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); if ($itemgrade == 1 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 1 && pkperm('isadmin')) { $setsqlarr['grade'] = 1; } elseif ($itemgrade == 0 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 0 && pkperm('isadmin')) { $setsqlarr['grade'] = 0; } if (pkperm('isadmin')) { //站長可以post任何數據 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); //權限限制 } else { // 店長不允許更改店舖組 unset($setsqlarr['groupid']); if ($modelsinfoarr['modelname'] == 'shop') { unset($setsqlarr['validity_start']); unset($setsqlarr['validity_end']); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長提交店舖權限檢查 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $_G['myshopid'])); } } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長只能更改管理的店舖的信息 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid, 'shopid' => $_G['myshopid'])); } } } $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); } $hash = getmodelhash($modelsinfoarr['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); DB::query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; if ($op == 'update' && !$_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //當file刪除時,或修改時執行刪除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('itemid' => $itemid)); @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']] . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //內容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $modelsinfoarr['modelname'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['message'] = saddslashes(html2bbcode(stripslashes($setsqlarr['message']))); if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['exception'] = trim($_POST['exception']); } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { $setsqlarr['address'] = trim($_POST['address']); $setsqlarr['hotline'] = trim($_POST['hotline']); } $setsqlarr['postip'] = $_G['clientip']; if ($modelsinfoarr['modelname'] == 'shop' && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['banner'] = $_POST['banner_value']; $setsqlarr['windowsimg'] = $_POST['windowsimg_value']; } if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加內容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加內容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] && !pkperm('isadmin')) { $_SGLOBAL['updatesqlarr'] = array_merge($updatesqlarr, $setsqlarr); } else { //更新內容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); return $itemid; }
if (empty($_GET['op'])) { // 搜索 $mpurl = 'admincp.php?ac=event'; //处理搜索 $intkeys = array('eventid', 'uid', 'public', 'grade', "classid"); $strkeys = array('province', 'city'); $randkeys = array(array('intval', 'hot')); $likekeys = array('title'); $results = getwheres($intkeys, $strkeys, $randkeys, $likekeys); $wherearr = $results['wherearr']; if ($_GET['starttime']) { $wherearr[] = "starttime >= " . sstrtotime($_GET['starttime']); $mpurl .= '&starttime=' . $_GET['starttime']; } if ($_GET['endtime']) { $wherearr[] = "starttime <= " . sstrtotime($_GET['endtime']); $mpurl .= '&endtime=' . $_GET['endtime']; } if ($_GET['over'] == 1) { $wherearr[] = "endtime < '{$_SGLOBAL['timestamp']}'"; $mpurl .= '&over=1'; } elseif ($_GET['over'] === '0') { $wherearr[] = "endtime >= '{$_SGLOBAL['timestamp']}'"; $mpurl .= '&over=1'; } $wheresql = empty($wherearr) ? '1' : implode(' AND ', $wherearr); $mpurl .= '&' . implode('&', $results['urls']); //激活 if (strlen($_GET['grade']) && $_GET['grade'] == 0) { $actives = array('grade0' => ' class="active"'); } elseif ($_GET['grade'] == -1) {
function getreward($action, $update = 1, $uid = 0, $needle = '', $setcookie = 1) { global $_SGLOBAL, $_SCOOKIE; $credit = 0; $reward = array('credit' => 0, 'experience' => 0); $creditlog = array(); @(include_once S_ROOT . './data/data_creditrule.php'); $rule = $_SGLOBAL['creditrule'][$action]; if ($rule['credit'] || $rule['experience']) { $uid = $uid ? intval($uid) : $_SGLOBAL['supe_uid']; if ($rule['rewardtype']) { //增加积分 $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('creditlog') . " WHERE uid='{$uid}' AND rid='{$rule['rid']}'"); $creditlog = $_SGLOBAL['db']->fetch_array($query); if (empty($creditlog)) { $reward['credit'] = $rule['credit']; $reward['experience'] = $rule['experience']; $setarr = array('uid' => $uid, 'rid' => $rule['rid'], 'total' => 1, 'cyclenum' => 1, 'credit' => $rule['credit'], 'experience' => $rule['experience'], 'dateline' => $_SGLOBAL['timestamp']); //判断是否需要去重 if ($rule['norepeat']) { if ($rule['norepeat'] == 1) { $setarr['info'] = $needle; } elseif ($rule['norepeat'] == 2) { $setarr['user'] = $needle; } elseif ($rule['norepeat'] == 3) { $setarr['app'] = $needle; } } if (in_array($rule['cycletype'], array(2, 3))) { $setarr['starttime'] = $_SGLOBAL['timestamp']; } $clid = inserttable('creditlog', $setarr, 1); } else { $newcycle = false; $setarr = array(); $clid = $creditlog['clid']; switch ($rule['cycletype']) { case 0: //一次性奖励 break; case 1: //每天限次数 //每天限次数 case 4: //不限周期 $sql = 'cyclenum+1'; if ($rule['cycletype'] == 1) { $today = sstrtotime(sgmdate('Y-m-d')); //判断是否为昨天 if ($creditlog['dateline'] < $today && $rule['rewardnum']) { $creditlog['cyclenum'] = 0; $sql = 1; $newcycle = true; } } if (empty($rule['rewardnum']) || $creditlog['cyclenum'] < $rule['rewardnum']) { //验证是否为需要去重操作 if ($rule['norepeat']) { $repeat = checkcheating($creditlog, $needle, $rule['norepeat']); if ($repeat && !$newcycle) { return $reward; } } $reward['credit'] = $rule['credit']; $reward['experience'] = $rule['experience']; //更新次数 $setarr = array('cyclenum' => "cyclenum={$sql}", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'experience' => "experience='{$reward['experience']}'"); } break; case 2: //整点 //整点 case 3: //间隔分钟 $nextcycle = 0; if ($creditlog['starttime']) { if ($rule['cycletype'] == 2) { //上一次执行时间 $start = sstrtotime(sgmdate('Y-m-d H:00:00', $creditlog['starttime'])); $nextcycle = $start + $rule['cycletime'] * 3600; } else { $nextcycle = $creditlog['starttime'] + $rule['cycletime'] * 60; } } if ($_SGLOBAL['timestamp'] <= $nextcycle && $creditlog['cyclenum'] < $rule['rewardnum']) { //验证是否为需要去重操作 if ($rule['norepeat']) { $repeat = checkcheating($creditlog, $needle, $rule['norepeat']); if ($repeat && !$newcycle) { return $reward; } } $reward['experience'] = $rule['experience']; $reward['credit'] = $rule['credit']; $setarr = array('cyclenum' => "cyclenum=cyclenum+1", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'experience' => "experience='{$reward['experience']}'"); } elseif ($_SGLOBAL['timestamp'] >= $nextcycle) { $newcycle = true; $reward['experience'] = $rule['experience']; $reward['credit'] = $rule['credit']; $setarr = array('cyclenum' => "cyclenum=1", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'starttime' => "starttime='{$_SGLOBAL['timestamp']}'", 'experience' => "experience='{$reward['experience']}'"); } break; } //记录操作历史 if ($rule['norepeat'] && $needle) { switch ($rule['norepeat']) { case 0: break; case 1: //信息去重 $info = empty($creditlog['info']) || $newcycle ? $needle : $creditlog['info'] . ',' . $needle; $setarr['info'] = "`info`='{$info}'"; break; case 2: //用户去重 $user = empty($creditlog['user']) || $newcycle ? $needle : $creditlog['user'] . ',' . $needle; $setarr['user'] = "******"; break; case 3: //应用去重 $app = empty($creditlog['app']) || $newcycle ? $needle : $creditlog['app'] . ',' . $needle; $setarr['app'] = "`app`='{$app}'"; break; } } if ($setarr) { $_SGLOBAL['db']->query("UPDATE " . tname('creditlog') . " SET " . implode(',', $setarr) . " WHERE clid='{$creditlog['clid']}'"); } } if ($setcookie && ($uid = $_SGLOBAL['supe_uid'])) { //其中有新值时才重写cookie值 if ($reward['credit'] || $reward['experience']) { $logstr = $action . ',' . $clid; ssetcookie('reward_log', $logstr); $_SCOOKIE['reward_log'] = $logstr; } } } else { //扣除积分 $reward['credit'] = "-{$rule['credit']}"; $reward['experience'] = "-{$rule['experience']}"; } if ($update && ($reward['credit'] || $reward['experience'])) { $setarr = array(); if ($reward['credit']) { $setarr['credit'] = "credit=credit+{$reward['credit']}"; } if ($reward['experience']) { $setarr['experience'] = "experience=experience+{$reward['experience']}"; } $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET " . implode(',', $setarr) . " WHERE uid='{$uid}'"); } } return array('credit' => abs($reward['credit']), 'experience' => abs($reward['experience'])); }
/** * 模型在线投稿提交处理函数 */ function modelpost($cacheinfo, $cp = 1) { global $_SGLOBAL, $theurl, $_SCONFIG; include_once S_ROOT . './function/upload.func.php'; $_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $resultitems = $resultmessage = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) { showmessage('parameter_error'); } $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_SGLOBAL['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //更新用户最新更新时间 if (empty($itemid) && $_SGLOBAL['supe_uid']) { updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid'])); } //输入检查 $_POST['catid'] = intval($_POST['catid']); $_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0; $_POST['subject'] = shtmlspecialchars(trim($_POST['subject'])); //检查输入 if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) { showmessage('space_suject_length_error'); } if (empty($_POST['catid'])) { showmessage('admin_func_catid_error'); } if (!empty($_FILES['subjectimage']['name'])) { $fileext = fileext($_FILES['subjectimage']['name']); if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) { showmessage('document_types_can_only_upload_pictures'); } } //数据检查 checkvalues(array_merge($resultitems, $resultmessage), 0, 1); //修改时检验标题图片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //当file删除时,或修改时执行删除操作 $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); $hash = getmodelhash($_GET['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //构建数据 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $setsqlarr['catid'] = $_POST['catid']; $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = $_POST['allowreply']; if (checkperm('managefolder') || checkperm('managemodpost')) { $setsqlarr['grade'] = intval($_POST['grade']); } else { $setsqlarr['grade'] = 0; } $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; $setsqlarr['uid'] = $_SGLOBAL['supe_uid']; $setsqlarr['username'] = $_SGLOBAL['supe_username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; $modelsinfoarr['subjectimagewidth'] = 400; $modelsinfoarr['subjectimageheight'] = 300; if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //词语过滤 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //发布时间 if (empty($_POST['dateline'])) { $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } else { $setsqlarr['dateline'] = sstrtotime($_POST['dateline']); if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) { //不能早于2年 $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } } if (!checkperm('allowdirectpost') || checkperm('managemodpost')) { //不需要审核时入item表 if (empty($itemid)) { //插入数据 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); } else { //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); } $hash = getmodelhash($_POST['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; } else { if (!empty($uploadfilearr['subjectimage']['aid'])) { $subjectimageid = $uploadfilearr['subjectimage']['aid']; } $setitemsqlarr = $setsqlarr; $do = 'me'; } if ($op == 'update') { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //当file删除时,或修改时执行删除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid'])); $ext = fileext($defaultmessage[$value['fieldname']]); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //内容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['postip'] = $_SGLOBAL['onlineip']; if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加内容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') { //不需要审核时入message表 if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加内容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) { $feed['icon'] = 'comment'; $feed['title_template'] = 'feed_model_title'; $murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); $aurl = A_URL; if (empty($_SCONFIG['siteurl'])) { $siteurl = getsiteurl(); $murl = $siteurl . $murl; $aurl = $siteurl . $aurl; } else { $siteurl = S_URL_ALL; } $feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>'); $feed['body_template'] = 'feed_model_message'; $feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150)); if (!empty($feedsubjectimg)) { $feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl); } else { foreach ($feedcolum as $feedimgvalue) { if ($feedimgvalue['filepath']) { $feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl); break; } } if (empty($feed['images'])) { $picurl = getmessagepic(stripslashes($_POST['message'])); if ($picurl && strpos($picurl, '://') === false) { $picurl = $siteurl . '/' . $picurl; } if (!empty($picurl)) { $feed['images'][] = array('url' => $picurl, 'link' => $murl); } } } postfeed($feed); } } else { //更新内容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); if (checkperm('allowdirectpost') && $op == 'update') { deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1); } if (checkperm('allowdirectpost') && $op == 'update') { $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } else { $jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('online_contributions_success', $jpurl); } } else { $setsqlarr = array_merge($setitemsqlarr, $setsqlarr); $setsqlarr['addfeed'] = $_POST['addfeed']; $setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1); $itemid = inserttable('modelfolders', $setsqlarr, 1); if (!empty($subjectimageid)) { $ids[] = $subjectimageid; } if (!empty($ids)) { $ids = simplode($ids); $hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } }
function convertDate($time) { return sstrtotime($time); }
showmessage('no_privilege'); } } $topic['pic'] = pic_get($topic['pic'], $topic['thumb'], $topic['remote'], 1); } //添加编辑操作 if(submitcheck('topicsubmit')) { $setarr = array( 'subject' => getstr($_POST['subject'], 80, 1, 1), 'message' => trim($_POST['message']), 'jointype' => empty($_POST['jointype'])?'':implode(',', $_POST['jointype']), 'joingid' => empty($_POST['joingid'])?'':implode(',', $_POST['joingid']), 'endtime' => $_POST['endtime']?sstrtotime($_POST['endtime']):0 ); if(strlen($setarr['subject']) < 4) { showmessage('topic_subject_error'); } //封面 if($_FILES['pic']['size'] && $filearr = pic_save($_FILES['pic'], -1)) { $setarr['pic'] = $filearr['filepath']; $setarr['thumb'] = $filearr['thumb']; $setarr['remote'] = $filearr['remote']; } if(empty($topicid)) { $setarr['uid'] = $_SGLOBAL['supe_uid'];