exit('Access Denied');
}
// Check Permissions
if (!checkperm('managetask')) {
cpmessage('no_authority_management_operation');
}
$list = $thevalue = array();
$taskid = empty($_GET['taskid']) ? 0 : intval($_GET['taskid']);
if (submitcheck('tasksubmit')) {
$_POST['name'] = shtmlspecialchars($_POST['name']);
$_POST['filename'] = str_replace(array('..', '/', '\\'), array('', '', ''), $_POST['filename']);
if (empty($_POST['filename']) || !is_readable(S_ROOT . './source/task/' . $_POST['filename'])) {
cpmessage('designated_script_file_incorrect');
}
$starttime = empty($_POST['starttime']) ? 0 : sstrtotime($_POST['starttime']);
$endtime = empty($_POST['endtime']) ? 0 : sstrtotime($_POST['endtime']);
$setarr = array('name' => $_POST['name'], 'note' => trim($_POST['note']), 'filename' => $_POST['filename'], 'image' => trim($_POST['image']), 'available' => intval($_POST['available']), 'starttime' => $starttime, 'endtime' => $endtime, 'nexttype' => trim($_POST['nexttype']), 'credit' => intval($_POST['credit']), 'maxnum' => intval($_POST['maxnum']), 'displayorder' => intval($_POST['displayorder']));
$setarr['nexttime'] = $setarr['nexttype'] == 'time' ? intval($_POST['nexttime']) : 0;
if (empty($taskid)) {
//ADD
inserttable('task', $setarr);
// return taskid
} else {
//UPDATE
updatetable('task', $setarr, array('taskid' => $taskid));
}
// update config
include_once S_ROOT . './source/function_cache.php';
task_cache();
cpmessage('do_success', 'admincp.php?ac=task');
}
}
//缓存结果
swritefile($userfile, serialize($results));
} elseif (submitcheck('import2submit')) {
include_once S_ROOT . './source/function_blog.php';
if (empty($results) || empty($_POST['ids'])) {
showmessage('choose_at_least_one_log', 'cp.php?ac=import');
}
$allcount = $incount = 0;
krsort($results);
//倒序
foreach ($results as $key => $value) {
$allcount = $allcount + 1;
if (in_array($key, $_POST['ids'])) {
$value = saddslashes($value);
$dateline = intval(sstrtotime($value['dateCreated']));
$subject = getstr($value['title'], 80, 1, 1, 1);
$message = isset($value['description']) ? $value['description'] : $value['content'];
$message = getstr($message, 0, 1, 1, 1, 0, 1);
$message = checkhtml($message);
if (empty($subject) || empty($message)) {
$results[$key]['status'] = '--';
$results[$key]['blogid'] = 0;
continue;
}
//开始导入
$blogarr = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'subject' => $subject, 'pic' => getmessagepic($message), 'dateline' => $dateline ? $dateline : $_SGLOBAL['timestamp']);
$blogid = inserttable('blog', $blogarr, 1);
//插入内容
$fieldarr = array('blogid' => $blogid, 'message' => $message, 'postip' => getonlineip());
inserttable('blogfield', $fieldarr);
$fromsql = tname("userevent")." ue, ".tname('event')." e";
$wherearr[] = " ue.eventid = e.eventid";
$joinsql = "";
}
}
//活动分类
if($_GET['classid']){
$_GET['classid'] = intval($_GET['classid']);
$wherearr[] = "e.classid = '$_GET[classid]'";
$theurl .= "&classid=$_GET[classid]";
}
//活动时间
if($_GET['date']){
$daystart = sstrtotime($_GET['date']);
$dayend = $daystart + 86400;
$wherearr[] = "e.starttime <= '$dayend' AND e.endtime >= '$daystart'";
$theurl .= "&date=$_GET[date]";
}
//活动城市
if($_GET['province']) {
$_GET['province'] = getstr($_GET['province'], 20, 1, 1);
$wherearr[] = "e.province = '$_GET[province]'";
$theurl .= "&province=$_GET[province]";
}
if($_GET['city']) {
$_GET['city'] = getstr($_GET['city'], 20, 1, 1);
$wherearr[] = "e.city = '$_GET[city]'";
$theurl .= "&city=$_GET[city]";
$setsqlarr['pollid'] = $_POST['pollid'];
$setsqlarr['top'] = intval($_POST['top']);
empty($_POST['allowreply']) ? $setsqlarr['allowreply'] = 1 : ($setsqlarr['allowreply'] = intval($_POST['allowreply']));
$setsqlarr['grade'] = intval($_POST['grade']);
//附件
if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) {
$setsqlarr['haveattach'] = 1;
$picflag = 1;
} else {
$setsqlarr['haveattach'] = 0;
}
//发布时间
if (empty($_POST['dateline'])) {
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
} else {
$setsqlarr['dateline'] = sstrtotime($_POST['dateline']);
if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp']) {
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
}
}
$othercatidarr = array();
if (!empty($_POST['othercatid'])) {
$othercatidarr = $_POST['othercatid'];
}
$othercatidarr = array_unique($othercatidarr);
$setsqlarr['othercatid'] = implode(',', $othercatidarr);
if (empty($itemid)) {
//添加数据
$op = 'add';
$setsqlarr['tid'] = empty($_POST['tid']) ? 0 : intval($_POST['tid']);
$setsqlarr['type'] = $type;
} elseif ($op == 'delete') {
//Delete poll
if (submitcheck('deletesubmit')) {
include_once S_ROOT . './source/function_delete.php';
if (deletepolls(array($pid))) {
showmessage('do_success', "space.php?uid={$poll['uid']}&do=poll&view=me");
} else {
showmessage('failed_to_delete_operation');
}
}
} elseif ($op == 'modify') {
//Modify end time
if (submitcheck('modifysubmit')) {
$expiration = 0;
if ($_POST['expiration']) {
$expiration = sstrtotime(trim($_POST['expiration']) . ' 23:59:59');
if ($expiration <= $_SGLOBAL['timestamp']) {
showmessage('time_expired_error', $_POST['refer']);
}
}
updatetable('poll', array('expiration' => $expiration), array('pid' => $pid));
showmessage('do_success', 'space.php?uid=' . $space['uid'] . '&do=poll&pid=' . $pid, 0);
}
} elseif ($op == 'summary') {
//Write poll summary
if (submitcheck('summarysubmit')) {
$summary = getstr($_POST['summary'], 0, 1, 1, 1, 2);
updatetable('pollfield', array('summary' => $summary), array('pid' => $pid));
showmessage('do_success', 'space.php?uid=' . $space['uid'] . '&do=poll&pid=' . $pid, 0);
}
//bbcode transform
/**
* 模型在线投稿提交处理函数
*/
function modelpost($cacheinfo, $cp = 1)
{
global $_SGLOBAL, $theurl, $_SCONFIG;
include_once S_ROOT . './function/upload.func.php';
$_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0;
$itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0;
$hash = '';
$op = 'add';
$resultitems = $resultmessage = array();
$modelsinfoarr = $cacheinfo['models'];
$columnsinfoarr = $cacheinfo['columns'];
//获取等级信息
if ($cacheinfo['models']['modelname'] == 'defect') {
switch ($_POST['grade']) {
case 1:
$_POST['grade'] = '64';
break;
case 2:
$_POST['grade'] = '32';
break;
case 3:
$_POST['grade'] = '16';
break;
case 4:
$_POST['grade'] = '9';
break;
case 5:
$_POST['grade'] = '4';
break;
case 6:
$_POST['grade'] = '1';
break;
case 7:
$_POST['grade'] = '-1';
break;
case 8:
$_POST['grade'] = '-2';
break;
case 9:
$_POST['grade'] = '-3';
break;
}
$gradearr = array('0' => $alang['general_state'], '64' => $alang['check_grade_1'], '32' => $alang['check_grade_2'], '16' => $alang['check_grade_3_1'], '9' => $alang['check_grade_3_2'], '4' => $alang['check_grade_3_3'], '1' => $alang['check_grade_4'], '-1' => $alang['check_grade_5'], '-2' => $alang['check_grade_6'], '-3' => $alang['check_grade_7']);
if (!empty($_SCONFIG['checkgrade'])) {
$newgradearr = explode("\t", $_SCONFIG['checkgrade']);
$gradearr['64'] = $newgradearr[0];
$gradearr['32'] = $newgradearr[1];
$gradearr['16'] = $newgradearr[2];
$gradearr['9'] = $newgradearr[3];
$gradearr['4'] = $newgradearr[4];
$gradearr['1'] = $newgradearr[5];
$gradearr['-1'] = $newgradearr[6];
$gradearr['-2'] = $newgradearr[7];
$gradearr['-3'] = $newgradearr[8];
}
} else {
$gradearr = array('0' => $alang['general_state'], '1' => $alang['check_grade_1'], '2' => $alang['check_grade_2'], '3' => $alang['check_grade_3'], '4' => $alang['check_grade_4'], '5' => $alang['check_grade_5'], '6' => $alang['check_grade_6'], '7' => $alang['check_grade_7']);
if (!empty($_SCONFIG['checkgrade'])) {
$newgradearr = explode("\t", $_SCONFIG['checkgrade']);
for ($i = 0; $i < count($newgradearr); $i++) {
if (!empty($newgradearr[$i])) {
$gradearr[$i + 1] = $newgradearr[$i];
}
}
}
}
if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) {
showmessage('parameter_error');
}
$feedcolum = array();
foreach ($columnsinfoarr as $result) {
if ($result['isfixed'] == 1) {
$resultitems[] = $result;
} else {
$resultmessage[] = $result;
}
if ($result['formtype'] == 'linkage') {
if (!empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]];
}
} elseif ($result['formtype'] == 'timestamp') {
if (empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $_SGLOBAL['timestamp'];
} else {
$_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]);
}
}
}
//更新用户最新更新时间
if (empty($itemid) && $_SGLOBAL['supe_uid']) {
updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid']));
}
//输入检查
$_POST['catid'] = intval($_POST['catid']);
$_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0;
$_POST['subject'] = shtmlspecialchars(trim($_POST['subject']));
//检查输入
if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) {
showmessage('space_suject_length_error');
}
if (empty($_POST['catid'])) {
showmessage('admin_func_catid_error');
}
if (!empty($_FILES['subjectimage']['name'])) {
$fileext = fileext($_FILES['subjectimage']['name']);
if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) {
showmessage('document_types_can_only_upload_pictures');
}
}
//数据检查
checkvalues(array_merge($resultitems, $resultmessage), 0, 1);
//修改时检验标题图片是否修改
$defaultmessage = array();
if (!empty($itemid)) {
if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) {
//当file删除时,或修改时执行删除操作
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\'');
$defaultmessage = $_SGLOBAL['db']->fetch_array($query);
$hash = getmodelhash($_GET['mid'], $itemid);
deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage'));
//删除附件表
updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid));
$ext = fileext($defaultmessage['subjectimage']);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage['subjectimage']);
}
}
//构建数据
$setsqlarr = $setitemsqlarr = array();
$setsqlarr = getsetsqlarr($resultitems);
$setsqlarr['catid'] = $_POST['catid'];
$setsqlarr['subject'] = $_POST['subject'];
$setsqlarr['allowreply'] = $_POST['allowreply'];
$setsqlarr['grade'] = intval($_POST['grade']);
//modify by jyf,没权限的用户不能改审核等级
if ($setsqlarr['grade'] > 0) {
if (!checkperm('manageeditpost')) {
showmessage('no_permission');
}
}
//end
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
$setsqlarr['uid'] = $_SGLOBAL['supe_uid'];
$setsqlarr['username'] = $_SGLOBAL['supe_username'];
$setsqlarr['lastpost'] = $setsqlarr['dateline'];
$modelsinfoarr['subjectimagewidth'] = 400;
$modelsinfoarr['subjectimageheight'] = 300;
if (!empty($modelsinfoarr['thumbsize'])) {
$modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize']));
$modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0];
$modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1];
}
$uploadfilearr = $ids = array();
$subjectimageid = '';
$uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']);
if (!empty($uploadfilearr)) {
$feedsubjectimg = $uploadfilearr;
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//词语过滤
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
//发布时间
if (empty($_POST['dateline'])) {
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
} else {
$setsqlarr['dateline'] = sstrtotime($_POST['dateline']);
if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) {
//不能早于2年
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
}
}
//附件处理-by jyf
if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) {
$setsqlarr['attaches'] = implode(',', $_POST['divupload']);
}
//创新园地新增两个字段-------89184
if ($cacheinfo['models']['modelname'] == 'creative') {
if (empty($_POST['creative_value'])) {
showmessage('请输入创新价值说明');
}
if (empty($_POST['creative_days'])) {
showmessage('本创新所耗的工作量');
}
$setsqlarr['value'] = $_POST['creative_value'];
$setsqlarr['days'] = $_POST['creative_days'];
}
if (!checkperm('allowdirectpost') || checkperm('managemodpost')) {
//不需要审核时入item表
if (empty($itemid)) {
//插入数据
$itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1);
//取消邮件通知 --89184
$email = get_cate_mail($_POST['catid']);
$url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
if ($_POST['modelname'] == 'creative') {
if ($_POST['creative_type'] == '流程建议') {
$email = $email . ',' . get_cate_process_mail($setsqlarr['catid']);
}
}
$emails = explode(',', $email);
if (count($emails) > 0) {
include S_ROOT . './function/sendmail.fun.php';
$url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
if ($cacheinfo['models']['modelname'] == 'creative') {
$msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的创新:<br />' . $url1;
sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的创新《' . $_POST['subject'] . "》", $msg1);
} else {
if ($cacheinfo['models']['modelname'] == 'defect') {
$msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例:<br />' . $url1;
sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例《' . $_POST['subject'] . "》", $msg1);
}
}
}
} else {
//更新
$op = 'update';
unset($setsqlarr['uid']);
unset($setsqlarr['username']);
unset($setsqlarr['lastpost']);
if ($setsqlarr['grade'] > 0) {
$setsqlarr['shenhezhe'] = $_SGLOBAL['supe_username'];
if ($_POST['modelname'] == 'creative') {
if ($_POST['creative_type'] == '主管月度创新') {
if (!check_cate_director($setsqlarr['catid'])) {
showmessage('no_permission');
}
}
}
}
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid));
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\'');
$defaultmessage = $_SGLOBAL['db']->fetch_array($query);
//邮件通知--等级审核
if ($setsqlarr['grade'] > 0) {
$sqlstr = 'SELECT u.*, s.* FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' s LEFT JOIN ' . tname('members') . ' u ON u.uid=s.uid WHERE s.itemid=\'' . $itemid . '\'';
$query = $_SGLOBAL['db']->query($sqlstr);
$value = $_SGLOBAL['db']->fetch_array($query);
$email = $value['email'];
if (!empty($email)) {
include S_ROOT . './function/sendmail.fun.php';
$url = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
$emails = explode(',', $email);
if ($_POST['modelname'] == 'creative') {
$msg = '你的创新已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url;
} else {
$msg = '你的缺陷预防案例已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url;
}
sendmail($emails, $setsqlarr['subject'], $msg);
}
}
}
if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) {
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=1, type=\'' . $modelsinfoarr['modelname'] . '\', itemid=' . $itemid . ', catid=\'' . $_POST['catid'] . '\' WHERE hash=\'' . $_POST['hash'] . '\'');
}
$hash = getmodelhash($_POST['mid'], $itemid);
if (!empty($ids)) {
$ids = simplode($ids);
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$do = 'pass';
} else {
if (!empty($uploadfilearr['subjectimage']['aid'])) {
$subjectimageid = $uploadfilearr['subjectimage']['aid'];
}
$setitemsqlarr = $setsqlarr;
$do = 'me';
}
if ($op == 'update') {
if (!empty($resultmessage)) {
foreach ($resultmessage as $value) {
if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) {
if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) {
//当file删除时,或修改时执行删除操作
deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname']));
//删除附件表
updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid']));
$ext = fileext($defaultmessage[$value['fieldname']]);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]);
}
}
}
}
}
//内容
$setsqlarr = $uploadfilearr = $ids = array();
$setsqlarr = getsetsqlarr($resultmessage);
$uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0);
$setsqlarr['message'] = trim($_POST['message']);
$setsqlarr['postip'] = $_SGLOBAL['onlineip'];
if (!empty($uploadfilearr)) {
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//添加内容
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') {
//不需要审核时入message表
if ($op == 'add') {
$setsqlarr['itemid'] = $itemid;
//添加内容
inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr);
getreward('postinfo');
if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) {
$feed['icon'] = 'comment';
$feed['title_template'] = 'feed_model_title';
$murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
$aurl = A_URL;
if (empty($_SCONFIG['siteurl'])) {
$siteurl = getsiteurl();
$murl = $siteurl . $murl;
$aurl = $siteurl . $aurl;
} else {
$siteurl = S_URL_ALL;
}
$feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>');
$feed['body_template'] = 'feed_model_message';
$feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150));
if (!empty($feedsubjectimg)) {
$feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl);
} else {
foreach ($feedcolum as $feedimgvalue) {
if ($feedimgvalue['filepath']) {
$feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl);
break;
}
}
if (empty($feed['images'])) {
$picurl = getmessagepic(stripslashes($_POST['message']));
if ($picurl && strpos($picurl, '://') === false) {
$picurl = $siteurl . '/' . $picurl;
}
if (!empty($picurl)) {
$feed['images'][] = array('url' => $picurl, 'link' => $murl);
}
}
}
postfeed($feed);
}
} else {
//更新内容
updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid));
}
updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash));
if (checkperm('allowdirectpost') && $op == 'update') {
deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1);
}
if (checkperm('allowdirectpost') && $op == 'update') {
$jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('writing_success_online_please_wait_for_audit', $jpurl);
} else {
$jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('online_contributions_success', $jpurl);
}
} else {
$setsqlarr = array_merge($setitemsqlarr, $setsqlarr);
$setsqlarr['addfeed'] = $_POST['addfeed'];
$setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1);
if (!empty($_POST['itemid'])) {
$itemid = intval($_POST['itemid']);
updatetable('modelfolders', $setsqlarr, array('itemid' => $itemid));
} else {
$itemid = inserttable('modelfolders', $setsqlarr, 1);
}
if (!empty($subjectimageid)) {
$ids[] = $subjectimageid;
}
if (!empty($ids)) {
$ids = simplode($ids);
$hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT);
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('writing_success_online_please_wait_for_audit', $jpurl);
}
}
if (!empty($cacheinfo['linkage']['info'][$key][$tmpvalue])) {
$_GET[$tmpkey] = $tmpvalue = $cacheinfo['linkage']['info'][$key][$tmpvalue];
}
}
if ($columnsinfoarr[$key]['formtype'] == 'timestamp') {
if (preg_match("/_from\$/i", $tmpkey)) {
if (empty($sqlbetweenarr[$pre . '`' . $key . '`'][1])) {
$sqlbetweenarr[$pre . '`' . $key . '`'] = array(sstrtotime($tmpvalue), '');
} else {
$sqlbetweenarr[$pre . '`' . $key . '`'][0] = sstrtotime($tmpvalue);
}
} elseif (preg_match("/_to\$/i", $tmpkey)) {
if (empty($sqlbetweenarr[$pre . '`' . $key . '`'][0])) {
$sqlbetweenarr[$pre . '`' . $key . '`'] = array('', sstrtotime($tmpvalue));
} else {
$sqlbetweenarr[$pre . '`' . $key . '`'][1] = sstrtotime($tmpvalue);
}
}
} elseif (preg_match("/^(select|radio|linkage)\$/i", $columnsinfoarr[$key]['formtype']) || !preg_match("/^(VARCHAR|CHAR|TEXT|MEDIUMTEXT|LONGTEXT|)\$/i", $columnsinfoarr[$key]['fieldtype'])) {
//=
if (preg_match("/^(VARCHAR|CHAR|TEXT|MEDIUMTEXT|LONGTEXT|)\$/i", $columnsinfoarr[$key]['fieldtype'])) {
//char
$sqlchararr[$pre . '`' . $key . '`'] = stripsearchkey(shtmlspecialchars($tmpvalue));
} else {
$sqlintarr[$pre . '`' . $key . '`'] = intval($tmpvalue);
}
} elseif (preg_match("/^(text|textarea|checkbox)\$/i", $columnsinfoarr[$key]['formtype'])) {
//like
$sqllikearr[$pre . '`' . $key . '`'] = stripsearchkey(shtmlspecialchars($tmpvalue));
}
}
} elseif (submitcheck('valuesubmit')) {
//采集器编辑与添加的提交表单的处理
$postlisturl = addslashes(serialize(array('manual' => $_POST['listurl_manual'], 'auto' => $_POST['listurl_auto'])));
$_POST['autotype'] = !empty($_POST['autotype']) && intval($_POST['autotype']) == 2 ? 2 : 1;
if (empty($_POST['name'])) {
$_POST['name'] = $_SGLOBAL['timestamp'];
}
$_POST['subjectreplace'] = !empty($_POST['subjectreplace']) ? implode("\n", $_POST['subjectreplace']) : '';
$_POST['subjectreplaceto'] = !empty($_POST['subjectreplaceto']) ? implode("\n", $_POST['subjectreplaceto']) : '';
$_POST['messagereplace'] = !empty($_POST['messagereplace']) ? implode("\n", $_POST['messagereplace']) : '';
$_POST['messagereplaceto'] = !empty($_POST['messagereplaceto']) ? implode("\n", $_POST['messagereplaceto']) : '';
#Modify by jiangyanfeng
$_POST['messagesize'] = !empty($_POST['messagesize']) ? intval($_POST['messagesize']) : 0;
#End
$catarr = explode('_', $_POST['import']);
$setsqlarr = array('name' => $_POST['name'], 'dateline' => $_SGLOBAL['timestamp'], 'listurltype' => 'new', 'listurl' => $postlisturl, 'listpagestart' => $_POST['listpagestart'], 'listpageend' => $_POST['listpageend'], 'allnum' => $_POST['allnum'], 'pernum' => $_POST['pernum'], 'importcatid' => intval($catarr[1]), 'importtype' => $catarr[0], 'reverseorder' => intval($_POST['reverseorder']), 'encode' => $_POST['encode'], 'savepic' => $_POST['savepic'], 'saveflash' => $_POST['saveflash'], 'subjecturlrule' => striptbr($_POST['subjecturlrule']), 'subjecturllinkrule' => striptbr($_POST['subjecturllinkrule']), 'subjecturllinkpre' => $_POST['subjecturllinkpre'], 'subjectrule' => striptbr($_POST['subjectrule']), 'subjectfilter' => striptbr($_POST['subjectfilter']), 'subjectreplace' => $_POST['subjectreplace'], 'subjectreplaceto' => $_POST['subjectreplaceto'], 'subjectkey' => $_POST['subjectkey'], 'subjectallowrepeat' => $_POST['subjectallowrepeat'], 'datelinerule' => striptbr($_POST['datelinerule']), 'fromrule' => striptbr($_POST['fromrule']), 'authorrule' => striptbr($_POST['authorrule']), 'messagerule' => striptbr($_POST['messagerule']), 'messagefilter' => striptbr($_POST['messagefilter']), 'messagepagetype' => $_POST['messagepagetype'], 'messagepagerule' => striptbr($_POST['messagepagerule']), 'messagepageurlrule' => striptbr($_POST['messagepageurlrule']), 'messagepageurllinkpre' => $_POST['messagepageurllinkpre'], 'messagereplace' => $_POST['messagereplace'], 'messagereplaceto' => $_POST['messagereplaceto'], 'messagesize' => $_POST['messagesize'], 'picurllinkpre' => $_POST['picurllinkpre'], 'autotype' => $_POST['autotype'], 'wildcardlen' => $_POST['autotype'] == 1 ? $_POST['wildcardlen'] : '', 'subjecturllinkcancel' => striptbr($_POST['subjecturllinkcancel']), 'subjecturllinkfilter' => striptbr($_POST['subjecturllinkfilter']), 'subjecturllinkpf' => $_POST['subjecturllinkpf'], 'subjectkeycancel' => $_POST['subjectkeycancel'], 'messagekey' => $_POST['messagekey'], 'messagekeycancel' => $_POST['messagekeycancel'], 'messageformat' => $_POST['messageformat'], 'messagepageurllinkpf' => $_POST['messagepageurllinkpf'], 'uidrule' => shtmlspecialchars($_POST['uidrule']), 'defaultdateline' => empty($_POST['defaultdateline']) ? 0 : sstrtotime($_POST['defaultdateline']));
//对于新增的采集器与编辑的采集器的分别处理
if (empty($_POST['robotid'])) {
$robotid = 0;
$setsqlarr['uid'] = $_SGLOBAL['supe_uid'];
$robotid = inserttable('robots', $setsqlarr, 1);
updaterobot($robotid);
//更新采集器缓存
showmessage('robot_add_success', $theurl);
} else {
//UPDATE
$wheresqlarr = array('robotid' => $_POST['robotid']);
updatetable('robots', $setsqlarr, $wheresqlarr);
updaterobot($_POST['robotid']);
//更新采集器缓存
showmessage('robot_edit_success', $theurl);
exit('Access Denied');
}
//权限
if (!checkperm('managesitefeed')) {
cpmessage('no_authority_management_operation');
}
if (submitcheck('feedsubmit')) {
$setarr = array('title_template' => trim($_POST['title_template']), 'body_template' => trim($_POST['body_template']));
if (empty($setarr['title_template']) && empty($setarr['body_template'])) {
cpmessage('sitefeed_error');
}
$feedid = intval($_POST['feedid']);
//时间问题
$_POST['dateline'] = trim($_POST['dateline']);
if ($_POST['dateline']) {
$newtimestamp = sstrtotime($_POST['dateline']);
if ($newtimestamp > $_SGLOBAL['timestamp']) {
$_SGLOBAL['timestamp'] = $newtimestamp;
}
}
if (empty($feedid)) {
$_SGLOBAL['supe_uid'] = 0;
include_once S_ROOT . './source/function_cp.php';
feed_add('sitefeed', trim($_POST['title_template']), array(), trim($_POST['body_template']), array(), trim($_POST['body_general']), array(trim($_POST['image_1']), trim($_POST['image_2']), trim($_POST['image_3']), trim($_POST['image_4'])), array(trim($_POST['image_1_link']), trim($_POST['image_2_link']), trim($_POST['image_3_link']), trim($_POST['image_4_link'])));
} else {
$setarr['body_general'] = trim($_POST['body_general']);
$setarr['image_1'] = trim($_POST['image_1']);
$setarr['image_1_link'] = trim($_POST['image_1_link']);
$setarr['image_2'] = trim($_POST['image_2']);
$setarr['image_2_link'] = trim($_POST['image_2_link']);
$setarr['image_3'] = trim($_POST['image_3']);
$isnewer = $space['friendnum'] < $_SCONFIG['showallfriendnum'] ? 1 : 0;
if (empty($_GET['view']) && $space['self'] && $isnewer) {
$_GET['view'] = 'ours';
//默认显示
}
//分页
$perpage = $_SCONFIG['feedmaxnum'] < 50 ? 50 : $_SCONFIG['feedmaxnum'];
$perpage = mob_perpage($perpage);
if ($_GET['view'] == 'hot') {
$perpage = 50;
}
$start = empty($_GET['start']) ? 0 : intval($_GET['start']);
//检查开始数
ckstart($start, $perpage);
//今天时间开始线
$_SGLOBAL['today'] = sstrtotime(sgmdate('Y-m-d'));
//最少热度
$minhot = $_SCONFIG['feedhotmin'] < 1 ? 3 : $_SCONFIG['feedhotmin'];
$_SGLOBAL['gift_appid'] = '1027468';
if ($_GET['view'] == 'all') {
$wheresql = "1";
$ordersql = "dateline DESC";
$theurl = "space.php?uid={$space['uid']}&do={$do}&view=all";
$f_index = '';
} elseif ($_GET['view'] == 'hot') {
$wheresql = "hot>='{$minhot}'";
$ordersql = "dateline DESC";
$theurl = "space.php?uid={$space['uid']}&do={$do}&view=hot";
$f_index = '';
} elseif ($_GET['view'] == 'work') {
$wheresql = "icontype='work'";
$gets['starttime'] = $gets['endtime'] = '';
}
//搜索积分
cksearchcredit($ac);
//开始搜索
$wherearr = array();
if ($gets['username']) {
$wherearr[] = "main.username = '******'username']}'";
}
if ($gets['tagid']) {
$wherearr[] = "main.tagid = '{$gets['tagid']}'";
}
if ($value = sstrtotime($gets['starttime'])) {
$wherearr[] = "main.dateline >= '{$value}'";
}
if ($value = sstrtotime($gets['endtime'])) {
$wherearr[] = "main.dateline <= '{$value}'";
}
//关键字
if ($inkey = stripsearchkey($gets['key'])) {
if (preg_match("/( AND |\\+|&|\\s)/i", $inkey) && !preg_match("/( OR |\\|)/i", $inkey)) {
$keys = preg_replace("/( AND |&| )/i", "+", $inkey);
$andor = ' AND ';
} else {
$keys = preg_replace("/( OR |\\|)/i", "+", $inkey);
$andor = ' OR ';
}
$is = array();
foreach (explode('+', $keys) as $value) {
if ($value = trim($value)) {
$is[] = "main.subject LIKE '%{$value}%'";
function getreward($action, $update = 1, $uid = 0, $needle = '', $setcookie = 1)
{
global $_SGLOBAL, $_SCOOKIE;
$reward = array('credit' => 0, 'experience' => 0);
$creditlog = array();
@(include_once S_ROOT . './data/system/creditrule.cache.php');
$rule = $_SGLOBAL['creditrule'][$action];
if ($rule['credit'] || $rule['experience']) {
$uid = $uid ? intval($uid) : $_SGLOBAL['supe_uid'];
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('members') . " WHERE uid='{$uid}'");
if ($member = $_SGLOBAL['db']->fetch_array($query)) {
if ($rule['rewardtype'] == 1) {
//Ôö¼Ó»ý·Ö
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('creditlog') . " WHERE uid='{$uid}' AND rid='{$rule['rid']}'");
$creditlog = $_SGLOBAL['db']->fetch_array($query);
if (empty($creditlog)) {
$reward['credit'] = $rule['credit'];
$reward['experience'] = $rule['experience'];
$setarr = array('uid' => $uid, 'rid' => $rule['rid'], 'total' => 1, 'cyclenum' => 1, 'credit' => $rule['credit'], 'experience' => $rule['experience'], 'dateline' => $_SGLOBAL['timestamp']);
//ÅжÏÊÇ·ñÐèҪȥÖØ
if ($rule['norepeat']) {
if ($rule['norepeat'] == 1) {
$setarr['info'] = $needle;
} elseif ($rule['norepeat'] == 2) {
$setarr['user'] = $needle;
}
}
if (in_array($rule['cycletype'], array(2, 3))) {
$setarr['starttime'] = $_SGLOBAL['timestamp'];
}
$clid = inserttable('creditlog', $setarr, 1);
} else {
$newcycle = false;
$setarr = array();
$clid = $creditlog['clid'];
switch ($rule['cycletype']) {
case 0:
//Ò»´ÎÐÔ½±Àø
break;
case 1:
//ÿÌìÏÞ´ÎÊý
//ÿÌìÏÞ´ÎÊý
case 4:
//²»ÏÞÖÜÆÚ
$sql = 'cyclenum+1';
if ($rule['cycletype'] == 1) {
$today = sstrtotime(sgmdate($_SGLOBAL['timetemp'], 'Y-m-d'));
//ÅжÏÊÇ·ñΪ×òÌì
if ($creditlog['dateline'] < $today && $rule['rewardnum']) {
$creditlog['cyclenum'] = 0;
$sql = 1;
$newcycle = true;
}
}
if (empty($rule['rewardnum']) || $creditlog['cyclenum'] < $rule['rewardnum']) {
//ÑéÖ¤ÊÇ·ñΪÐèҪȥÖزÙ×÷
if ($rule['norepeat']) {
$repeat = checkcheating($creditlog, $needle, $rule['norepeat']);
if ($repeat && !$newcycle) {
return $reward;
}
}
$reward['credit'] = $rule['credit'];
$reward['experience'] = $rule['experience'];
//¸üдÎÊý
$setarr = array('cyclenum' => "cyclenum={$sql}", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'experience' => "experience='{$reward['experience']}'");
}
break;
case 2:
//Õûµã
//Õûµã
case 3:
//¼ä¸ô·ÖÖÓ
$nextcycle = 0;
if ($creditlog['starttime']) {
if ($rule['cycletype'] == 2) {
//ÉÏÒ»´ÎÖ´ÐÐʱ¼ä
$start = sstrtotime(sgmdate($creditlog['starttime'], 'Y-m-d H:00:00'));
$nextcycle = $start + $rule['cycletime'] * 3600;
} else {
$nextcycle = $creditlog['starttime'] + $rule['cycletime'] * 60;
}
}
if ($_SGLOBAL['timestamp'] <= $nextcycle && $creditlog['cyclenum'] < $rule['rewardnum']) {
//ÑéÖ¤ÊÇ·ñΪÐèҪȥÖزÙ×÷
if ($rule['norepeat']) {
$repeat = checkcheating($creditlog, $needle, $rule['norepeat']);
if ($repeat && !$newcycle) {
return $reward;
}
}
$reward['experience'] = $rule['experience'];
$reward['credit'] = $rule['credit'];
$setarr = array('cyclenum' => "cyclenum=cyclenum+1", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'experience' => "experience='{$reward['experience']}'");
} elseif ($_SGLOBAL['timestamp'] >= $nextcycle) {
$newcycle = true;
$reward['experience'] = $rule['experience'];
$reward['credit'] = $rule['credit'];
$setarr = array('cyclenum' => "cyclenum=1", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'starttime' => "starttime='{$_SGLOBAL['timestamp']}'", 'experience' => "experience='{$reward['experience']}'");
}
break;
}
//¼Ç¼²Ù×÷ÀúÊ·
if ($rule['norepeat'] && $needle) {
switch ($rule['norepeat']) {
case 0:
break;
case 1:
//ÐÅϢȥÖØ
$info = empty($creditlog['info']) || $newcycle ? $needle : $creditlog['info'] . ',' . $needle;
$setarr['info'] = "`info`='{$info}'";
break;
case 2:
//Óû§È¥ÖØ
$user = empty($creditlog['user']) || $newcycle ? $needle : $creditlog['user'] . ',' . $needle;
$setarr['user'] = "******";
break;
}
}
if ($setarr) {
$_SGLOBAL['db']->query("UPDATE " . tname('creditlog') . " SET " . implode(',', $setarr) . " WHERE clid='{$creditlog['clid']}'");
}
}
} elseif ($rule['rewardtype'] == 0) {
//¿Û»ý·Ö£¬¼Ó¾Ñé
if ($member['credit'] < $rule['credit']) {
return false;
}
$reward['credit'] = "-{$rule['credit']}";
$reward['experience'] = "{$rule['experience']}";
} else {
//¿Û»ý·Ö£¬¿Û¾Ñé
$reward['credit'] = "-{$rule['credit']}";
$reward['experience'] = "-{$rule['experience']}";
}
if ($update && ($reward['credit'] || $reward['experience'])) {
$setarr = array();
if ($reward['credit']) {
$setarr['credit'] = $reward['credit'] >= 0 ? "credit=credit+{$reward['credit']}" : "credit=credit{$reward['credit']}";
}
if ($reward['experience']) {
$setarr['experience'] = "experience=experience+{$reward['experience']}";
}
$_SGLOBAL['db']->query("UPDATE " . tname('members') . " SET " . implode(',', $setarr) . " WHERE uid='{$uid}'");
}
}
}
return array('credit' => abs($reward['credit']), 'experience' => abs($reward['experience']));
}
include_once S_ROOT . './uc_client/client.php';
if ($_POST['flag'] == 1) {
$result = uc_user_addprotected(array($member['username']), $_SGLOBAL['supe_username']);
} else {
$_POST['flag'] = 0;
$result = uc_user_deleteprotected(array($member['username']), $_SGLOBAL['supe_username']);
}
if ($result) {
$setarr['flag'] = $_POST['flag'];
}
}
if ($uid != $_SGLOBAL['supe_uid'] || ckfounder($_SGLOBAL['supe_uid'])) {
if (empty($_POST['groupid'])) {
$_POST['groupid'] = getgroupid($_POST['experience'], 0);
} else {
$expiration = $_POST['expiration'] ? sstrtotime($_POST['expiration']) : 0;
if ($expiration && $expiration <= $_SGLOBAL['timestamp']) {
showmessage('time_expired_error');
}
}
include_once S_ROOT . './data/data_usergroup_' . $_POST['groupid'] . '.php';
$group = $_SGLOBAL['usergroup'][$_POST['groupid']];
if ($group['manageconfig'] && !ckfounder($_SGLOBAL['supe_uid'])) {
cpmessage('no_authority_management_operation');
}
//有效期
if ($expiration) {
$setlogarr = array('uid' => $member['uid'], 'username' => addslashes($member['username']), 'opuid' => $_SGLOBAL['supe_uid'], 'opusername' => $_SGLOBAL['supe_username'], 'expiration' => $expiration, 'dateline' => $_SGLOBAL['timestamp'], 'flag' => 1);
inserttable('spacelog', $setlogarr, 0, true);
}
$setarr['groupid'] = intval($_POST['groupid']);
<?php
if (!defined('iBUAA')) {
exit('Access Denied');
}
//检查参数
$blog = magic_check_idtype($id, $idtype);
//时空机
if (submitcheck("usesubmit")) {
$newdateline = sstrtotime($_POST['newdateline']);
if (!$_POST['newdateline'] || $newdateline < sstrtotime('1970-1-1') || $newdateline > $blog['dateline']) {
showmessage('magicuse_bad_dateline');
//输入的时间无效
}
//修改对象时间
$tablename = gettablebyidtype($idtype);
$_SGLOBAL['db']->query("UPDATE " . tname($tablename) . " SET dateline='{$newdateline}' WHERE {$idtype}='{$id}' AND uid='{$_SGLOBAL['supe_uid']}'");
//同时修改feed的时间
$_SGLOBAL['db']->query("UPDATE " . tname('feed') . " SET dateline='{$newdateline}' WHERE id='{$id}' AND idtype='{$idtype}' AND uid='{$_SGLOBAL['supe_uid']}'");
magic_use($mid, array('id' => $id, 'idtype' => $idtype), true);
showmessage('magicuse_success', $_POST['refer'], 0);
}
ckspacelog();
showmessage('no_privilege');
}
}
$topicid = 0;
} else {
if ($_GET['op'] != 'join') {
if ($_SGLOBAL['supe_uid'] != $topic['uid'] && !checkperm('managetopic')) {
showmessage('no_privilege');
}
}
$topic['pic'] = pic_get($topic['pic'], $topic['thumb'], $topic['remote'], 1);
}
//添加编辑操作
if (submitcheck('topicsubmit')) {
$setarr = array('subject' => getstr($_POST['subject'], 80, 1, 1, 1), 'message' => getstr($_POST['message'], 0, 1, 1, 1), 'jointype' => empty($_POST['jointype']) ? '' : implode(',', $_POST['jointype']), 'joingid' => empty($_POST['joingid']) ? '' : implode(',', $_POST['joingid']), 'endtime' => $_POST['endtime'] ? sstrtotime($_POST['endtime']) : 0);
if (strlen($setarr['subject']) < 4) {
showmessage('topic_subject_error');
}
//封面
if ($_FILES['pic']['size'] && ($filearr = pic_save($_FILES['pic'], -1))) {
$setarr['pic'] = $filearr['filepath'];
$setarr['thumb'] = $filearr['thumb'];
$setarr['remote'] = $filearr['remote'];
}
if (empty($topicid)) {
$setarr['uid'] = $_SGLOBAL['supe_uid'];
$setarr['username'] = $_SGLOBAL['supe_username'];
$setarr['dateline'] = $setarr['lastpost'] = $_SGLOBAL['timestamp'];
$topicid = inserttable('topic', $setarr, 1);
} else {
} elseif ($_GET['view'] == 'uselog') {
//使用记录
$mpurl = 'admincp.php?ac=magiclog&view=uselog';
//处理搜索
$intkeys = array('id');
$strkeys = array('mid', 'idtype');
$randkeys = array();
$likekeys = array('username');
$results = getwheres($intkeys, $strkeys, $randkeys, $likekeys);
$wherearr = $results['wherearr'];
if ($_GET['starttime']) {
$wherearr[] = 'dateline >= ' . sstrtotime($_GET['starttime']);
$mpurl .= '&starttime=' . $_GET['starttime'];
}
if ($_GET['endtime']) {
$wherearr[] = 'dateline <= ' . sstrtotime($_GET['endtime']);
$mpurl .= '&endtime=' . $_GET['endtime'];
}
$wheresql = empty($wherearr) ? '1' : implode(' AND ', $wherearr);
$mpurl .= '&' . implode('&', $results['urls']);
//排序
$ordersql = 'ORDER BY dateline DESC';
//显示分页
$perpage = 50;
$mpurl .= '&perpage=' . $perpage;
$page = empty($_GET['page']) ? 1 : intval($_GET['page']);
if ($page < 1) {
$page = 1;
}
$start = ($page - 1) * $perpage;
//检查开始数
$subjectlen = strlen($_POST['subject']);
}
if ($subjectlen < 2 || $subjectlen > 80) {
showmessage('space_suject_length_error');
}
if (empty($_POST['starttime']) || !empty($_POST['endtime']) && sstrtotime($_POST['endtime']) <= sstrtotime($_POST['starttime'])) {
showmessage('announcements_time_error');
}
if (empty($_POST['message'])) {
showmessage('announcements_no_message');
}
$setsqlarr = array();
$setsqlarr['subject'] = addslashes($_POST['subject']);
$setsqlarr['starttime'] = sstrtotime($_POST['starttime']);
if (!empty($_POST['endtime'])) {
$setsqlarr['endtime'] = sstrtotime($_POST['endtime']);
} else {
$setsqlarr['endtime'] = '';
}
$setsqlarr['announcementsurl'] = shtmlspecialchars(trim($_POST['announcementsurl']));
$setsqlarr['message'] = $_POST['message'];
if (empty($_POST['id'])) {
$setsqlarr['uid'] = $_SGLOBAL['supe_uid'];
$setsqlarr['author'] = $_SGLOBAL['supe_username'];
inserttable('announcements', $setsqlarr);
updateannouncementcache();
showmessage('announcements_add_succeed', $theurl);
} else {
$wheresqlarr = array('id' => $_POST['id']);
updatetable('announcements', $setsqlarr, $wheresqlarr);
updateannouncementcache();
for ($i = $start; $i <= $end; $i++) {
if ($days[$i]['count'] < 10) {
//Only up to 10 activities per day
$days[$i]['events'][] = $value;
$days[$i]['count'] += 1;
$days[$i]['class'] = " on_link";
}
}
}
unset($events);
if ($month == intval(sgmdate("m")) && $year == intval(sgmdate("Y"))) {
$d = intval(sgmdate("j"));
$days[$d]['class'] = "on_today";
}
if ($_GET['date']) {
$t = sstrtotime($_GET['date']);
if ($month == intval(sgmdate("m", $t)) && $year == intval(sgmdate("Y", $t))) {
$d = intval(sgmdate("j", $t));
$days[$d]['class'] = "on_select";
}
}
//URL
$url = $_GET['url'] ? preg_replace("/date=[\\d\\-]+/", '', $_GET['url']) : "space.php?do=event";
} elseif ($_GET['op'] == 'edithot') {
// Permissions
if (!checkperm('manageevent')) {
showmessage('no_privilege');
}
if (submitcheck('hotsubmit')) {
$_POST['hot'] = intval($_POST['hot']);
updatetable('event', array('hot' => $_POST['hot']), array('eventid' => $eventid));
$delfilearr[] = array(H_DIR . '/' . $file, 0);
}
}
}
}
}
if (empty($delfilearr)) {
$delfilearr[] = array(H_DIR, 2);
}
$_GET['op'] = 'deleteresult';
} elseif (submitcheck('makesubmit')) {
$pagearr = array(array(), array(), array());
$itemid1 = intval($_POST['itemid1']);
$itemid2 = intval($_POST['itemid2']);
$dateline1 = empty($_POST['dateline1']) ? 0 : sstrtotime($_POST['dateline1']);
$dateline2 = empty($_POST['dateline2']) ? 0 : sstrtotime($_POST['dateline2']);
$catid = $_POST['catid'];
$types = empty($_POST['type']) ? '' : simplode($_POST['type']);
//页面类型
//action/itemid/uid/
$wheresql = array();
if (!empty($_POST['pagetype'])) {
foreach ($_POST['pagetype'] as $value) {
if ($value == 'viewnews' && $_SCONFIG['htmlviewnews']) {
//查看资讯页面
$wheresql = array();
$wheresql[] = "type='news'";
if ($itemid2 > $itemid1) {
$wheresql[] = "itemid>'{$itemid1}' AND itemid<'{$itemid2}'";
}
if (!empty($catid)) {
function pkpost($cacheinfo, $cp = 1)
{
global $_G, $_SGLOBAL, $theurl, $mname, $checkresults;
$itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0;
$hash = '';
$op = 'add';
$mustverify = false;
$resultitems = $resultmessage = $updateitem = array();
$modelsinfoarr = $cacheinfo['models'];
$columnsinfoarr = $cacheinfo['columns'];
$feedcolum = array();
foreach ($columnsinfoarr as $result) {
if ($mname == "groupbuy" && preg_match('/^user_|^ext_/', $result['fieldname'])) {
continue;
}
if ($result['isfixed'] == 1) {
$resultitems[] = $result;
} else {
$resultmessage[] = $result;
}
if ($result['formtype'] == 'linkage') {
if (!empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]];
}
} elseif ($result['formtype'] == 'timestamp') {
if (empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $_G['timestamp'];
} else {
$_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]);
}
}
}
//輸入檢查
$_POST['subject'] = trim(strip_tags($_POST['subject']));
$itemid = $_POST['itemid'];
$checkresults = array();
if (bstrlen($_POST['subject']) < 1 || bstrlen($_POST['subject']) > 80) {
array_push($checkresults, array('subject' => lang('space_suject_length_error')));
}
//數據檢查
checkvalues(array_merge($resultitems, $resultmessage), 1, 1);
//商品價格處理 Start
if ($modelsinfoarr['modelname'] == 'good') {
if ($_POST['minprice'] > 0 && $_POST['maxprice'] > 0 && $_POST['maxprice'] < $_POST['minprice']) {
array_push($checkresults, array('maxprice' => lang('maxprice_must_big_then_minprice')));
}
}
//商品價格處理 End
//修改時檢驗標題圖片是否修改
$defaultmessage = array();
if (!empty($itemid)) {
if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) {
//當file刪除時,或修改時執行刪除操作
$query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\'');
$defaultmessage = DB::fetch($query);
$hash = getmodelhash($modelsinfoarr['mid'], $itemid);
deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage'));
//刪除附件表
updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid));
$ext = fileext($defaultmessage['subjectimage']);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage['subjectimage']);
}
}
//構建數據
$setsqlarr = $setitemsqlarr = array();
$setsqlarr = getsetsqlarr($resultitems);
$itemgrade = DB::result_first("SELECT grade FROM " . tname($mname . "items") . " WHERE itemid = '{$itemid}'");
if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$setsqlarr['subjectimage'] = $_POST['subjectimage_value'];
}
if (empty($_POST['catid']) || $_POST['catid'] < 0) {
array_push($checkresults, array('catid' => lang('cat_not_selected')));
}
$setsqlarr['catid'] = $_POST['catid'];
if ($modelsinfoarr['modelname'] != 'shop') {
//限制必填信息所屬店舖
if (pkperm('isadmin')) {
if (empty($_POST['shopid'])) {
array_push($checkresults, array('shopid' => lang('please_select_shopid')));
}
$setsqlarr['shopid'] = intval($_POST['shopid']);
} else {
$setsqlarr['shopid'] = $_G['myshopid'];
}
} else {
$setsqlarr['letter'] = !empty($_POST['letter']) ? trim($_POST['letter']) : getletter(trim($_POST['subject']));
$setsqlarr['keywords'] = trim(strip_tags($_POST['keywords']));
$setsqlarr['description'] = trim(strip_tags($_POST['description']));
if (!empty($_POST['syncfid'])) {
require_once B_ROOT . './api/bbs_syncpost.php';
if (checkbbsfid($_POST['syncfid'])) {
$setsqlarr['syncfid'] = intval($_POST['syncfid']);
} else {
array_push($checkresults, array('syncfid' => lang('syncfid_noexists')));
}
}
}
$setsqlarr['subject'] = $_POST['subject'];
$setsqlarr['allowreply'] = 1;
if (!empty($checkresults)) {
cpmsg('addobject_error', '', '', '', true, true, $checkresults);
}
if (pkperm('isadmin')) {
$setsqlarr['grade'] = isset($_POST['grade']) ? $_POST['grade'] : 3;
} elseif ($_G['myshopstatus'] == 'verified') {
if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy')) && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$setsqlarr['grade'] = !empty($itemid) ? 5 : 0;
if (!empty($itemid)) {
if (in_array($_POST['grade'], array(2, 3))) {
$setsqlarr['grade'] = $_POST['grade'];
}
}
$mustverify = true;
} else {
if (in_array($_POST['grade'], array(2, 3))) {
$setsqlarr['grade'] = $_POST['grade'];
} else {
$setsqlarr['grade'] = $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] ? 0 : 3;
}
}
} elseif ($_G['myshopstatus'] == 'unverified') {
$setsqlarr['grade'] = 0;
}
$setsqlarr['dateline'] = $_G['timestamp'];
$setsqlarr['uid'] = $_G['uid'];
$setsqlarr['username'] = $_G['username'];
$setsqlarr['lastpost'] = $setsqlarr['dateline'];
// 標題圖片處理 Start
if (!empty($modelsinfoarr['thumbsize'])) {
$modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize']));
$modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0];
$modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1];
}
if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) {
if ($_GET['action'] == 'add') {
$hotline = $_SGLOBAL['panelinfo']['tel'];
$address = $_SGLOBAL['panelinfo']['address'];
} else {
$shopinfo = DB::fetch(DB::query("SELECT tel, address FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'"));
$hotline = $shopinfo['tel'];
$address = $shopinfo['address'];
}
$dealer_name = DB::result_first("SELECT subject FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'");
$createimgarr = array('id' => intval($_POST['imgtplid']), 'mid' => intval($modelsinfoarr['mid']), 'itemid' => intval($itemid), 'coupon_title' => $setsqlarr['subject'], 'dealer_id' => $setsqlarr['uid'], 'dealer_name' => $dealer_name, 'begin_date' => date('Y-m-d', $setsqlarr['validity_start']), 'end_date' => date('Y-m-d', $setsqlarr['validity_end']), 'brief' => trim($_POST['message']), 'exception' => trim($_POST['exception']), 'address' => $address, 'hotline' => $hotline, 'subjectimagewidth' => $modelsinfoarr['subjectimagewidth'], 'subjectimageheight' => $modelsinfoarr['subjectimageheight']);
require_once B_ROOT . './source/adminfunc/tool.func.php';
if ($consumeimgpath = image_text($createimgarr)) {
$setsqlarr['subjectimage'] = $consumeimgpath;
$setsqlarr['imagetype'] = 0;
$setsqlarr['imgtplid'] = intval($_POST['imgtplid']);
}
} else {
$uploadfilearr = $ids = array();
$subjectimageid = '';
$uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => '圖片標題', 'formtype' => 'img')), $modelsinfoarr['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']);
if (!empty($uploadfilearr)) {
$feedsubjectimg = $uploadfilearr;
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
if ($modelsinfoarr['modelname'] == 'consume') {
$setsqlarr['imagetype'] = 1;
}
}
/* --------- 標題圖片處理 End --------------*/
//詞語過濾
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
//發佈時間
$setsqlarr['dateline'] = $_G['timestamp'];
// 商品添加簡介
if ($mname == "good") {
$setsqlarr['intro'] = trim(strip_tags($_POST['intro']));
}
if (empty($itemid)) {
//插入數據
$itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1);
if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy'))) {
itemnumreset($modelsinfoarr['modelname'], $setsqlarr['shopid']);
}
} else {
$_SGLOBAL['itemupdate'] = 1;
//更新
$op = 'update';
unset($setsqlarr['uid']);
unset($setsqlarr['username']);
unset($setsqlarr['lastpost']);
if ($itemgrade == 1 && !pkperm('isadmin')) {
$setsqlarr['grade'] = 0;
} elseif ($itemgrade == 1 && pkperm('isadmin')) {
$setsqlarr['grade'] = 1;
} elseif ($itemgrade == 0 && !pkperm('isadmin')) {
$setsqlarr['grade'] = 0;
} elseif ($itemgrade == 0 && pkperm('isadmin')) {
$setsqlarr['grade'] = 0;
}
if (pkperm('isadmin')) {
//站長可以post任何數據
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid));
//權限限制
} else {
// 店長不允許更改店舖組
unset($setsqlarr['groupid']);
if ($modelsinfoarr['modelname'] == 'shop') {
unset($setsqlarr['validity_start']);
unset($setsqlarr['validity_end']);
if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$updatesqlarr = $setsqlarr;
} else {
//店長提交店舖權限檢查
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $_G['myshopid']));
}
} else {
if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$updatesqlarr = $setsqlarr;
} else {
//店長只能更改管理的店舖的信息
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid, 'shopid' => $_G['myshopid']));
}
}
}
$query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE itemid = \'' . $itemid . '\'');
$defaultmessage = DB::fetch($query);
}
$hash = getmodelhash($modelsinfoarr['mid'], $itemid);
if (!empty($ids)) {
$ids = simplode($ids);
DB::query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$do = 'pass';
if ($op == 'update' && !$_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
if (!empty($resultmessage)) {
foreach ($resultmessage as $value) {
if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) {
if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) {
//當file刪除時,或修改時執行刪除操作
deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname']));
//刪除附件表
updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('itemid' => $itemid));
@unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg');
@unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']] . '.thumb.jpg');
@unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]);
}
}
}
}
}
//內容
$setsqlarr = $uploadfilearr = $ids = array();
$setsqlarr = getsetsqlarr($resultmessage);
$uploadfilearr = $feedcolum = uploadfile($resultmessage, $modelsinfoarr['modelname'], $itemid, 0);
$setsqlarr['message'] = trim($_POST['message']);
$setsqlarr['message'] = saddslashes(html2bbcode(stripslashes($setsqlarr['message'])));
if ($modelsinfoarr['modelname'] == 'consume') {
$setsqlarr['exception'] = trim($_POST['exception']);
}
if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) {
$setsqlarr['address'] = trim($_POST['address']);
$setsqlarr['hotline'] = trim($_POST['hotline']);
}
$setsqlarr['postip'] = $_G['clientip'];
if ($modelsinfoarr['modelname'] == 'shop' && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$setsqlarr['banner'] = $_POST['banner_value'];
$setsqlarr['windowsimg'] = $_POST['windowsimg_value'];
}
if (!empty($uploadfilearr)) {
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//添加內容
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
if ($op == 'add') {
$setsqlarr['itemid'] = $itemid;
//添加內容
inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr);
} else {
if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] && !pkperm('isadmin')) {
$_SGLOBAL['updatesqlarr'] = array_merge($updatesqlarr, $setsqlarr);
} else {
//更新內容
updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid));
}
}
updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash));
return $itemid;
}
if (empty($_GET['op'])) {
// 搜索
$mpurl = 'admincp.php?ac=event';
//处理搜索
$intkeys = array('eventid', 'uid', 'public', 'grade', "classid");
$strkeys = array('province', 'city');
$randkeys = array(array('intval', 'hot'));
$likekeys = array('title');
$results = getwheres($intkeys, $strkeys, $randkeys, $likekeys);
$wherearr = $results['wherearr'];
if ($_GET['starttime']) {
$wherearr[] = "starttime >= " . sstrtotime($_GET['starttime']);
$mpurl .= '&starttime=' . $_GET['starttime'];
}
if ($_GET['endtime']) {
$wherearr[] = "starttime <= " . sstrtotime($_GET['endtime']);
$mpurl .= '&endtime=' . $_GET['endtime'];
}
if ($_GET['over'] == 1) {
$wherearr[] = "endtime < '{$_SGLOBAL['timestamp']}'";
$mpurl .= '&over=1';
} elseif ($_GET['over'] === '0') {
$wherearr[] = "endtime >= '{$_SGLOBAL['timestamp']}'";
$mpurl .= '&over=1';
}
$wheresql = empty($wherearr) ? '1' : implode(' AND ', $wherearr);
$mpurl .= '&' . implode('&', $results['urls']);
//激活
if (strlen($_GET['grade']) && $_GET['grade'] == 0) {
$actives = array('grade0' => ' class="active"');
} elseif ($_GET['grade'] == -1) {
function getreward($action, $update = 1, $uid = 0, $needle = '', $setcookie = 1)
{
global $_SGLOBAL, $_SCOOKIE;
$credit = 0;
$reward = array('credit' => 0, 'experience' => 0);
$creditlog = array();
@(include_once S_ROOT . './data/data_creditrule.php');
$rule = $_SGLOBAL['creditrule'][$action];
if ($rule['credit'] || $rule['experience']) {
$uid = $uid ? intval($uid) : $_SGLOBAL['supe_uid'];
if ($rule['rewardtype']) {
//增加积分
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('creditlog') . " WHERE uid='{$uid}' AND rid='{$rule['rid']}'");
$creditlog = $_SGLOBAL['db']->fetch_array($query);
if (empty($creditlog)) {
$reward['credit'] = $rule['credit'];
$reward['experience'] = $rule['experience'];
$setarr = array('uid' => $uid, 'rid' => $rule['rid'], 'total' => 1, 'cyclenum' => 1, 'credit' => $rule['credit'], 'experience' => $rule['experience'], 'dateline' => $_SGLOBAL['timestamp']);
//判断是否需要去重
if ($rule['norepeat']) {
if ($rule['norepeat'] == 1) {
$setarr['info'] = $needle;
} elseif ($rule['norepeat'] == 2) {
$setarr['user'] = $needle;
} elseif ($rule['norepeat'] == 3) {
$setarr['app'] = $needle;
}
}
if (in_array($rule['cycletype'], array(2, 3))) {
$setarr['starttime'] = $_SGLOBAL['timestamp'];
}
$clid = inserttable('creditlog', $setarr, 1);
} else {
$newcycle = false;
$setarr = array();
$clid = $creditlog['clid'];
switch ($rule['cycletype']) {
case 0:
//一次性奖励
break;
case 1:
//每天限次数
//每天限次数
case 4:
//不限周期
$sql = 'cyclenum+1';
if ($rule['cycletype'] == 1) {
$today = sstrtotime(sgmdate('Y-m-d'));
//判断是否为昨天
if ($creditlog['dateline'] < $today && $rule['rewardnum']) {
$creditlog['cyclenum'] = 0;
$sql = 1;
$newcycle = true;
}
}
if (empty($rule['rewardnum']) || $creditlog['cyclenum'] < $rule['rewardnum']) {
//验证是否为需要去重操作
if ($rule['norepeat']) {
$repeat = checkcheating($creditlog, $needle, $rule['norepeat']);
if ($repeat && !$newcycle) {
return $reward;
}
}
$reward['credit'] = $rule['credit'];
$reward['experience'] = $rule['experience'];
//更新次数
$setarr = array('cyclenum' => "cyclenum={$sql}", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'experience' => "experience='{$reward['experience']}'");
}
break;
case 2:
//整点
//整点
case 3:
//间隔分钟
$nextcycle = 0;
if ($creditlog['starttime']) {
if ($rule['cycletype'] == 2) {
//上一次执行时间
$start = sstrtotime(sgmdate('Y-m-d H:00:00', $creditlog['starttime']));
$nextcycle = $start + $rule['cycletime'] * 3600;
} else {
$nextcycle = $creditlog['starttime'] + $rule['cycletime'] * 60;
}
}
if ($_SGLOBAL['timestamp'] <= $nextcycle && $creditlog['cyclenum'] < $rule['rewardnum']) {
//验证是否为需要去重操作
if ($rule['norepeat']) {
$repeat = checkcheating($creditlog, $needle, $rule['norepeat']);
if ($repeat && !$newcycle) {
return $reward;
}
}
$reward['experience'] = $rule['experience'];
$reward['credit'] = $rule['credit'];
$setarr = array('cyclenum' => "cyclenum=cyclenum+1", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'experience' => "experience='{$reward['experience']}'");
} elseif ($_SGLOBAL['timestamp'] >= $nextcycle) {
$newcycle = true;
$reward['experience'] = $rule['experience'];
$reward['credit'] = $rule['credit'];
$setarr = array('cyclenum' => "cyclenum=1", 'total' => 'total=total+1', 'dateline' => "dateline='{$_SGLOBAL['timestamp']}'", 'credit' => "credit='{$reward['credit']}'", 'starttime' => "starttime='{$_SGLOBAL['timestamp']}'", 'experience' => "experience='{$reward['experience']}'");
}
break;
}
//记录操作历史
if ($rule['norepeat'] && $needle) {
switch ($rule['norepeat']) {
case 0:
break;
case 1:
//信息去重
$info = empty($creditlog['info']) || $newcycle ? $needle : $creditlog['info'] . ',' . $needle;
$setarr['info'] = "`info`='{$info}'";
break;
case 2:
//用户去重
$user = empty($creditlog['user']) || $newcycle ? $needle : $creditlog['user'] . ',' . $needle;
$setarr['user'] = "******";
break;
case 3:
//应用去重
$app = empty($creditlog['app']) || $newcycle ? $needle : $creditlog['app'] . ',' . $needle;
$setarr['app'] = "`app`='{$app}'";
break;
}
}
if ($setarr) {
$_SGLOBAL['db']->query("UPDATE " . tname('creditlog') . " SET " . implode(',', $setarr) . " WHERE clid='{$creditlog['clid']}'");
}
}
if ($setcookie && ($uid = $_SGLOBAL['supe_uid'])) {
//其中有新值时才重写cookie值
if ($reward['credit'] || $reward['experience']) {
$logstr = $action . ',' . $clid;
ssetcookie('reward_log', $logstr);
$_SCOOKIE['reward_log'] = $logstr;
}
}
} else {
//扣除积分
$reward['credit'] = "-{$rule['credit']}";
$reward['experience'] = "-{$rule['experience']}";
}
if ($update && ($reward['credit'] || $reward['experience'])) {
$setarr = array();
if ($reward['credit']) {
$setarr['credit'] = "credit=credit+{$reward['credit']}";
}
if ($reward['experience']) {
$setarr['experience'] = "experience=experience+{$reward['experience']}";
}
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET " . implode(',', $setarr) . " WHERE uid='{$uid}'");
}
}
return array('credit' => abs($reward['credit']), 'experience' => abs($reward['experience']));
}
/**
* 模型在线投稿提交处理函数
*/
function modelpost($cacheinfo, $cp = 1)
{
global $_SGLOBAL, $theurl, $_SCONFIG;
include_once S_ROOT . './function/upload.func.php';
$_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0;
$itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0;
$hash = '';
$op = 'add';
$resultitems = $resultmessage = array();
$modelsinfoarr = $cacheinfo['models'];
$columnsinfoarr = $cacheinfo['columns'];
if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) {
showmessage('parameter_error');
}
$feedcolum = array();
foreach ($columnsinfoarr as $result) {
if ($result['isfixed'] == 1) {
$resultitems[] = $result;
} else {
$resultmessage[] = $result;
}
if ($result['formtype'] == 'linkage') {
if (!empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]];
}
} elseif ($result['formtype'] == 'timestamp') {
if (empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $_SGLOBAL['timestamp'];
} else {
$_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]);
}
}
}
//更新用户最新更新时间
if (empty($itemid) && $_SGLOBAL['supe_uid']) {
updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid']));
}
//输入检查
$_POST['catid'] = intval($_POST['catid']);
$_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0;
$_POST['subject'] = shtmlspecialchars(trim($_POST['subject']));
//检查输入
if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) {
showmessage('space_suject_length_error');
}
if (empty($_POST['catid'])) {
showmessage('admin_func_catid_error');
}
if (!empty($_FILES['subjectimage']['name'])) {
$fileext = fileext($_FILES['subjectimage']['name']);
if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) {
showmessage('document_types_can_only_upload_pictures');
}
}
//数据检查
checkvalues(array_merge($resultitems, $resultmessage), 0, 1);
//修改时检验标题图片是否修改
$defaultmessage = array();
if (!empty($itemid)) {
if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) {
//当file删除时,或修改时执行删除操作
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\'');
$defaultmessage = $_SGLOBAL['db']->fetch_array($query);
$hash = getmodelhash($_GET['mid'], $itemid);
deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage'));
//删除附件表
updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid));
$ext = fileext($defaultmessage['subjectimage']);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage['subjectimage']);
}
}
//构建数据
$setsqlarr = $setitemsqlarr = array();
$setsqlarr = getsetsqlarr($resultitems);
$setsqlarr['catid'] = $_POST['catid'];
$setsqlarr['subject'] = $_POST['subject'];
$setsqlarr['allowreply'] = $_POST['allowreply'];
if (checkperm('managefolder') || checkperm('managemodpost')) {
$setsqlarr['grade'] = intval($_POST['grade']);
} else {
$setsqlarr['grade'] = 0;
}
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
$setsqlarr['uid'] = $_SGLOBAL['supe_uid'];
$setsqlarr['username'] = $_SGLOBAL['supe_username'];
$setsqlarr['lastpost'] = $setsqlarr['dateline'];
$modelsinfoarr['subjectimagewidth'] = 400;
$modelsinfoarr['subjectimageheight'] = 300;
if (!empty($modelsinfoarr['thumbsize'])) {
$modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize']));
$modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0];
$modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1];
}
$uploadfilearr = $ids = array();
$subjectimageid = '';
$uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']);
if (!empty($uploadfilearr)) {
$feedsubjectimg = $uploadfilearr;
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//词语过滤
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
//发布时间
if (empty($_POST['dateline'])) {
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
} else {
$setsqlarr['dateline'] = sstrtotime($_POST['dateline']);
if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) {
//不能早于2年
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
}
}
if (!checkperm('allowdirectpost') || checkperm('managemodpost')) {
//不需要审核时入item表
if (empty($itemid)) {
//插入数据
$itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1);
} else {
//更新
$op = 'update';
unset($setsqlarr['uid']);
unset($setsqlarr['username']);
unset($setsqlarr['lastpost']);
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid));
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\'');
$defaultmessage = $_SGLOBAL['db']->fetch_array($query);
}
$hash = getmodelhash($_POST['mid'], $itemid);
if (!empty($ids)) {
$ids = simplode($ids);
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$do = 'pass';
} else {
if (!empty($uploadfilearr['subjectimage']['aid'])) {
$subjectimageid = $uploadfilearr['subjectimage']['aid'];
}
$setitemsqlarr = $setsqlarr;
$do = 'me';
}
if ($op == 'update') {
if (!empty($resultmessage)) {
foreach ($resultmessage as $value) {
if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) {
if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) {
//当file删除时,或修改时执行删除操作
deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname']));
//删除附件表
updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid']));
$ext = fileext($defaultmessage[$value['fieldname']]);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]);
}
}
}
}
}
//内容
$setsqlarr = $uploadfilearr = $ids = array();
$setsqlarr = getsetsqlarr($resultmessage);
$uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0);
$setsqlarr['message'] = trim($_POST['message']);
$setsqlarr['postip'] = $_SGLOBAL['onlineip'];
if (!empty($uploadfilearr)) {
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//添加内容
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') {
//不需要审核时入message表
if ($op == 'add') {
$setsqlarr['itemid'] = $itemid;
//添加内容
inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr);
if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) {
$feed['icon'] = 'comment';
$feed['title_template'] = 'feed_model_title';
$murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
$aurl = A_URL;
if (empty($_SCONFIG['siteurl'])) {
$siteurl = getsiteurl();
$murl = $siteurl . $murl;
$aurl = $siteurl . $aurl;
} else {
$siteurl = S_URL_ALL;
}
$feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>');
$feed['body_template'] = 'feed_model_message';
$feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150));
if (!empty($feedsubjectimg)) {
$feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl);
} else {
foreach ($feedcolum as $feedimgvalue) {
if ($feedimgvalue['filepath']) {
$feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl);
break;
}
}
if (empty($feed['images'])) {
$picurl = getmessagepic(stripslashes($_POST['message']));
if ($picurl && strpos($picurl, '://') === false) {
$picurl = $siteurl . '/' . $picurl;
}
if (!empty($picurl)) {
$feed['images'][] = array('url' => $picurl, 'link' => $murl);
}
}
}
postfeed($feed);
}
} else {
//更新内容
updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid));
}
updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash));
if (checkperm('allowdirectpost') && $op == 'update') {
deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1);
}
if (checkperm('allowdirectpost') && $op == 'update') {
$jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('writing_success_online_please_wait_for_audit', $jpurl);
} else {
$jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('online_contributions_success', $jpurl);
}
} else {
$setsqlarr = array_merge($setitemsqlarr, $setsqlarr);
$setsqlarr['addfeed'] = $_POST['addfeed'];
$setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1);
$itemid = inserttable('modelfolders', $setsqlarr, 1);
if (!empty($subjectimageid)) {
$ids[] = $subjectimageid;
}
if (!empty($ids)) {
$ids = simplode($ids);
$hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT);
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('writing_success_online_please_wait_for_audit', $jpurl);
}
}
function convertDate($time)
{
return sstrtotime($time);
}
showmessage('no_privilege');
}
}
$topic['pic'] = pic_get($topic['pic'], $topic['thumb'], $topic['remote'], 1);
}
//添加编辑操作
if(submitcheck('topicsubmit')) {
$setarr = array(
'subject' => getstr($_POST['subject'], 80, 1, 1),
'message' => trim($_POST['message']),
'jointype' => empty($_POST['jointype'])?'':implode(',', $_POST['jointype']),
'joingid' => empty($_POST['joingid'])?'':implode(',', $_POST['joingid']),
'endtime' => $_POST['endtime']?sstrtotime($_POST['endtime']):0
);
if(strlen($setarr['subject']) < 4) {
showmessage('topic_subject_error');
}
//封面
if($_FILES['pic']['size'] && $filearr = pic_save($_FILES['pic'], -1)) {
$setarr['pic'] = $filearr['filepath'];
$setarr['thumb'] = $filearr['thumb'];
$setarr['remote'] = $filearr['remote'];
}
if(empty($topicid)) {
$setarr['uid'] = $_SGLOBAL['supe_uid'];
