function task_reward_credit($extcreditid, $credits) { global $db, $tablepre, $discuz_uid, $timestamp; $creditsarray[$extcreditid] = $credits; updatecredits($discuz_uid, $creditsarray); $db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation) VALUES ('{$discuz_uid}', 'TASK REWARD', '{$extcreditid}', '{$extcreditid}', '0', '{$credits}', '{$timestamp}', 'RCV')"); }
} include template('rate'); } else { checkreasonpm(); if (!empty($logidarray)) { if ($sendreasonpm) { $ratescore = $slash = ''; } $query = $db->query("SELECT * FROM {$tablepre}ratelog WHERE pid='{$pid}'"); $rate = $ratetimes = 0; $logs = array(); while ($ratelog = $db->fetch_array($query)) { if (in_array($ratelog['uid'] . ' ' . $ratelog['extcredits'] . ' ' . $ratelog['dateline'], $logidarray)) { $rate += $ratelog['score'] = -$ratelog['score']; $ratetimes += ceil(max(abs($rating['min']), abs($rating['max'])) / 5); updatecredits($post['authorid'], array($ratelog['extcredits'] => $ratelog['score'])); $db->query("DELETE FROM {$tablepre}ratelog WHERE pid='{$pid}' AND uid='{$ratelog['uid']}' AND extcredits='{$ratelog['extcredits']}' AND dateline='{$ratelog['dateline']}'", 'UNBUFFERED'); $logs[] = dhtmlspecialchars("{$timestamp}\t{$discuz_userss}\t{$adminid}\t{$post['author']}\t{$ratelog['extcredits']}\t{$ratelog['score']}\t{$tid}\t{$thread['subject']}\t{$reason}\tD"); if ($sendreasonpm) { $ratescore .= $slash . $extcredits[$ratelog['extcredits']]['title'] . ' ' . ($ratelog['score'] > 0 ? '+' . $ratelog['score'] : $ratelog['score']) . ' ' . $extcredits[$ratelog['extcredits']]['unit']; $slash = ' / '; } } } writelog('ratelog', $logs); if ($sendreasonpm) { sendreasonpm('post', 'rate_removereason'); } $db->query("UPDATE {$tablepre}posts SET rate=rate+({$rate}), ratetimes=ratetimes-{$ratetimes} WHERE pid='{$pid}'"); if ($post['first']) { $threadrate = @intval(@($post['rate'] + $rate) / abs($post['rate'] + $rate));
//check credit limit if(!empty($allow['ratealllimit']) && abs($credit * count($awardulist)) > $allow['ratealllimit']) { showmessage('dps_postawards:msg_credit_all_limit'); } // if use user's credit, updatecredits if($selfcreditmode) { $usercredit = $db->result_first("SELECT $extcredit FROM {$tablepre}members WHERE uid='$discuz_uid'"); if($usercredit < $credit * count($awardulist)) { showmessage('dps_postawards:msg_over_user_credit'); } $updatecredits[$credittype]= -1 * abs($credit) * count($awardulist); updatecredits($discuz_uid, $updatecredits); } updatecredits($uidlist, array($credittype => $credit)); if($ratemode){ if(!$raterange) { showmessage('group_nopermission', NULL, 'NOPERM'); } elseif ($modratelimit && $adminid == 3 && !$forum['ismoderator']) { showmessage('thread_rate_moderator_invalid', NULL, 'HALTED'); } foreach($raterange as $id => $rating) { $maxratetoday[$id] = $rating['mrpd']; } $query = $db->query("SELECT extcredits, SUM(ABS(score)) AS todayrate FROM {$tablepre}ratelog WHERE uid='$discuz_uid' AND dateline>=$timestamp-86400 GROUP BY extcredits"); while($rate = $db->fetch_array($query)) {
$forum = $db->fetch_first("SELECT f.viewperm, f.getattachperm, f.getattachcredits, a.allowgetattach FROM {$tablepre}forumfields f\r\n\t\tLEFT JOIN {$tablepre}access a ON a.uid='{$discuz_uid}' AND a.fid=f.fid\r\n\t\tWHERE f.fid='{$thread['fid']}'"); if (!$ispaid && !$forum['allowgetattach']) { if (!$forum['getattachperm'] && !$allowgetattach) { showmessage('group_nopermission', NULL, 'NOPERM'); } elseif ($forum['getattachperm'] && !forumperm($forum['getattachperm']) || $forum['viewperm'] && !forumperm($forum['viewperm'])) { showmessage('attachment_forum_nopermission', NULL, 'NOPERM'); } } $range = 0; if ($readmod == 4 && !empty($_SERVER['HTTP_RANGE'])) { list($range) = explode('-', str_replace('bytes=', '', $_SERVER['HTTP_RANGE'])); } if (!$isimage) { $getattachcredits = $forum['getattachcredits'] ? unserialize($forum['getattachcredits']) : $creditspolicy['getattach']; checklowerlimit($getattachcredits, -1); $range < 1024 && updatecredits($discuz_uid, $getattachcredits, -1); } if (empty($noupdate)) { if ($delayviewcount == 2 || $delayviewcount == 3) { $logfile = './forumdata/cache/cache_attachviews.log'; if (substr($timestamp, -1) == '0') { require_once DISCUZ_ROOT . './include/misc.func.php'; updateviews('attachments', 'aid', 'downloads', $logfile); } if (@($fp = fopen(DISCUZ_ROOT . $logfile, 'a'))) { fwrite($fp, "{$aid}\n"); fclose($fp); } elseif ($adminid == 1) { showmessage('view_log_invalid'); } } else {
} } } } $tradeaid = 0; if ($attachment) { $searcharray = $pregarray = $replacearray = array(); foreach ($attachments as $key => $attach) { $db->query("INSERT INTO {$tablepre}attachments (tid, pid, dateline, readperm, price, filename, description, filetype, filesize, attachment, downloads, isimage, uid, thumb, remote, width)\r\n\t\t\t\tVALUES ('{$tid}', '{$pid}', '{$timestamp}', '{$attach['perm']}', '{$attach['price']}', '{$attach['name']}', '{$attach['description']}', '{$attach['type']}', '{$attach['size']}', '{$attach['attachment']}', '0', '{$attach['isimage']}', '{$attach['uid']}', '{$attach['thumb']}', '{$attach['remote']}', '{$attach['width']}')"); $searcharray[] = '[local]' . $localid[$key] . '[/local]'; $pregarray[] = '/\\[localimg=(\\d{1,3}),(\\d{1,3})\\]' . $localid[$key] . '\\[\\/localimg\\]/is'; $replacearray[] = '[attach]' . $db->insert_id() . '[/attach]'; } $message = str_replace($searcharray, $replacearray, preg_replace($pregarray, $replacearray, $message)); $db->query("UPDATE {$tablepre}posts SET message='{$message}' WHERE pid='{$pid}'"); updatecredits($discuz_uid, $postattachcredits, count($attachments)); } if ($swfupload) { updateswfattach(); } if ($modnewthreads) { $db->query("UPDATE {$tablepre}forums SET todayposts=todayposts+1 WHERE fid='{$fid}'", 'UNBUFFERED'); showmessage('post_newthread_mod_succeed', "forumdisplay.php?fid={$fid}"); } else { $feed = array('icon' => '', 'title_template' => '', 'title_data' => array(), 'body_template' => '', 'body_data' => array(), 'title_data' => array(), 'images' => array()); if ($addfeed && $forum['allowfeed']) { if ($special == 0) { $feed['icon'] = 'thread'; $feed['title_template'] = 'feed_thread_title'; $feed['body_template'] = 'feed_thread_message'; $feed['body_data'] = array('subject' => "<a href=\"{$boardurl}viewthread.php?tid={$tid}\">{$subject}</a>", 'message' => cutstr(strip_tags(preg_replace(array("/\\[hide=?\\d*\\].+?\\[\\/hide\\]/is", "/\\[.+?\\]/is"), array('', ''), $message)), 150));
$sqltxtsrch .= $andor; $sqltxtsrch .= "tr.subject LIKE '%{$text}%'"; } } $sqlsrch .= " AND ({$sqltxtsrch})"; } if ($srchuid) { $sqlsrch .= " AND tr.sellerid IN ({$srchuid})"; } if (!empty($srchfrom)) { $searchfrom = ($before ? '<=' : '>=') . ($timestamp - $srchfrom); $sqlsrch .= " AND tr.dateline{$searchfrom}"; } $keywords = str_replace('%', '+', $srchtxt) . (trim($srchuname) ? '+' . str_replace('%', '+', $srchuname) : ''); $expiration = $timestamp + $cachelife_text; } $threads = $tids = 0; $query = $db->query("SELECT tr.tid, tr.pid, t.closed {$sqlsrch} ORDER BY tr.pid DESC LIMIT {$maxsearchresults}"); while ($post = $db->fetch_array($query)) { if ($thread['closed'] <= 1) { $tids .= ',' . $post['pid']; $threads++; } } $db->free_result($query); $db->query("INSERT INTO {$tablepre}searchindex (keywords, searchstring, useip, uid, dateline, expiration, threads, tids)\r\n\t\t\t\tVALUES ('{$keywords}', '{$searchstring}', '{$onlineip}', '{$discuz_uid}', '{$timestamp}', '{$expiration}', '{$threads}', '{$tids}')"); $searchid = $db->insert_id(); updatecredits($discuz_uid, $creditspolicy['search'], -1); } showmessage('search_redirect', "search.php?searchid={$searchid}&srchtype=trade&orderby={$orderby}&ascdesc={$ascdesc}&searchsubmit=yes"); }
} if (!$outexange) { $creditsarray[$fromcredits] = -$netamount; $creditsarray[$tocredits] = $amount; updatecredits($discuz_uid, $creditsarray); } else { if (!array_key_exists($fromcredits, $outextcredits[$tocredits]['creditsrc'])) { showmessage('extcredits_dataerror', NULL, 'HALTED'); } list($toappid, $tocredits) = explode('|', $tocredits); $ucresult = uc_credit_exchange_request($discuz_uid, $fromcredits, $tocredits, $toappid, $amount); if (!$ucresult) { showmessage('extcredits_dataerror', NULL, 'HALTED'); } $creditsarray[$fromcredits] = -$netamount; updatecredits($discuz_uid, $creditsarray); $netamount = $amount; $amount = $tocredits = 0; } $db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation)\r\n\t\t\t\t\tVALUES ('{$discuz_uid}', '{$discuz_user}', '{$fromcredits}', '{$tocredits}', '{$netamount}', '{$amount}', '{$timestamp}', 'EXC')"); showmessage('credits_transaction_succeed', '', 1); } } else { showmessage('action_closed', NULL, 'HALTED'); } } elseif (submitcheck('addfundssubmit')) { if ($ec_ratio) { if (!submitcheck('confirm')) { $price = round($addfundamount / $ec_ratio * 100 / 100, 1); include template('memcp_credits_action'); } else {
} else { $sql = "value LIKE '%{$option['value']}%'"; } $sqlsrch .= $or . "(optionid='{$optionid}' AND {$sql}) "; $or = 'OR '; } } } $threads = $tids = 0; $query = $db->query("SELECT tid, sortid FROM {$tablepre}typeoptionvars WHERE (expiration='0' OR expiration>'{$timestamp}') " . ($sqlsrch ? 'AND ' . $sqlsrch : '') . ""); while ($post = $db->fetch_array($query)) { if ($post['sortid'] == $selectsortid) { $tids .= ',' . $post['tid']; } } $db->free_result($query); if ($fids) { $query = $db->query("SELECT tid, closed FROM {$tablepre}threads WHERE tid IN ({$tids}) AND fid IN ({$fids}) LIMIT {$maxsearchresults}"); while ($post = $db->fetch_array($query)) { if ($thread['closed'] <= 1) { $tids .= ',' . $post['tid']; $threads++; } } } $db->query("INSERT INTO {$tablepre}searchindex (keywords, searchstring, useip, uid, dateline, expiration, threads, threadsortid, tids)\r\n\t\t\t\tVALUES ('{$keywords}', '{$searchstring}', '{$onlineip}', '{$discuz_uid}', '{$timestamp}', '{$expiration}', '{$threads}', '{$selectsortid}', '{$tids}')"); $searchid = $db->insert_id(); !($exempt & 2) && updatecredits($discuz_uid, $creditspolicy['search'], -1); } showmessage('search_redirect', "search.php?searchid={$searchid}&srchtype=threadsort&sortid={$selectsortid}&searchsubmit=yes"); }
eval("\$cpmsg = \"".$msglang['threads_succeed']."\";"); } elseif($operation == 'stick') { $db->query("UPDATE {$tablepre}threads SET displayorder='$stick_level' WHERE $tidsadd"); if($globalstick) { updatecache('globalstick'); } eval("\$cpmsg = \"".$msglang['threads_succeed']."\";"); } elseif($operation == 'adddigest') { $query = $db->query("SELECT tid, authorid, digest FROM {$tablepre}threads WHERE $tidsadd"); while($thread = $db->fetch_array($query)) { updatecredits($thread['authorid'], $creditspolicy['digest'], $digest_level - $thread['digest'], 'digestposts=digestposts-1'); } $db->query("UPDATE {$tablepre}threads SET digest='$digest_level' WHERE $tidsadd"); eval("\$cpmsg = \"".$msglang['threads_succeed']."\";"); } elseif($operation == 'addstatus') { $db->query("UPDATE {$tablepre}threads SET closed='$status' WHERE $tidsadd"); eval("\$cpmsg = \"".$msglang['threads_succeed']."\";"); } elseif($operation == 'supe_pushsetting' && $supe['status']) { $db->query("UPDATE {$tablepre}threads SET supe_pushstatus='$supe_pushstatus' WHERE $tidsadd");
*/ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } if ($creditspolicy['promotion_visit']) { $uidarray = $userarray = array(); $query = $db->query("SELECT * FROM {$tablepre}promotions"); while ($promotion = $db->fetch_array($query)) { if ($promotion['uid']) { $uidarray[] = $promotion['uid']; } elseif ($promotion['username']) { $userarray[] = addslashes($promotion['username']); } } if ($uidarray || $userarray) { if ($userarray) { $query = $db->query("SELECT uid FROM {$tablepre}members WHERE username IN ('" . implode('\',\'', $userarray) . "')"); while ($member = $db->fetch_array($query)) { $uidarray[] = $member['uid']; } } $countarray = array(); foreach (array_count_values($uidarray) as $uid => $count) { $countarray[$count][] = $uid; } foreach ($countarray as $count => $uids) { updatecredits(implode('\',\'', $uids), $creditspolicy['promotion_visit'], $count); } $db->query("DELETE FROM {$tablepre}promotions"); } }
function updateswfattach() { global $db, $tablepre, $attachsave, $attachdir, $discuz_uid, $postattachcredits, $tid, $pid, $swfattachnew, $swfattachdel, $allowsetattachperm, $maxprice, $updateswfattach, $watermarkstatus; $imageexists = 0; $swfattachnew = (array) $swfattachnew; $query = $db->query("SELECT * FROM {$tablepre}attachments WHERE tid='0' AND pid='0' AND uid='{$discuz_uid}'"); if ($db->num_rows($query) && $updateswfattach) { $swfattachcount = 0; $delaids = array(); while ($swfattach = $db->fetch_array($query)) { if (in_array($swfattach['aid'], $swfattachdel)) { dunlink($swfattach['attachment'], $swfattach['thumb']); $delaids[] = $swfattach['aid']; continue; } $extension = strtolower(fileext($swfattach['filename'])); $attach_basename = basename($swfattach['attachment']); $attach_src = $attachdir . '/' . $swfattach['attachment']; if ($attachsave) { switch ($attachsave) { case 1: $attach_subdir = 'forumid_' . $GLOBALS['fid']; break; case 2: $attach_subdir = 'ext_' . $extension; break; case 3: $attach_subdir = 'month_' . date('ym'); break; case 4: $attach_subdir = 'day_' . date('ymd'); break; } $attach_descdir = $attachdir . '/' . $attach_subdir; $swfattachnew[$swfattach['aid']]['attachment'] = $attach_subdir . '/' . $attach_basename; } else { $attach_descdir = $attachdir; $swfattachnew[$swfattach['aid']]['attachment'] = $attach_basename; } $swfattachnew[$swfattach['aid']]['thumb'] = $swfattach['thumb']; $attach_desc = $attach_descdir . '/' . $attach_basename; if ($swfattach['isimage'] && $watermarkstatus) { require_once DISCUZ_ROOT . './include/image.class.php'; $image = new Image($attach_src, $swfattach); if ($image->imagecreatefromfunc && $image->imagefunc) { $image->Watermark(); $swfattach = $image->attach; } } if (!is_dir($attach_descdir)) { @mkdir($attach_descdir, 0777); @fclose(fopen($attach_descdir . '/index.htm', 'w')); } if ($swfattach['thumb'] == 1) { if (!@rename($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg') && @copy($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg')) { @unlink($attach_src . '.thumb.jpg'); } } if (!@rename($attach_src, $attach_desc) && @copy($attach_src, $attach_desc)) { @unlink($attach_src); } if ($swfattach['isimage']) { $imageexists = 1; } $attachnew = $swfattachnew[$swfattach['aid']]; $attachnew['remote'] = ftpupload($attach_desc, $attachnew); $attachnew['perm'] = $allowsetattachperm ? $attachnew['perm'] : 0; $attachnew['description'] = cutstr(dhtmlspecialchars($attachnew['description']), 100); $attachnew['price'] = $maxprice ? intval($attachnew['price']) <= $maxprice ? intval($attachnew['price']) : $maxprice : 0; $db->query("UPDATE {$tablepre}attachments SET tid='{$tid}', pid='{$pid}', attachment='{$attachnew['attachment']}', description='{$attachnew['description']}', readperm='{$attachnew['readperm']}', price='{$attachnew['price']}', remote='{$attachnew['remote']}' WHERE aid='{$swfattach['aid']}'"); $swfattachcount++; } if ($delaids) { $db->query("DELETE FROM {$tablepre}attachments WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED'); } $attachment = $imageexists ? 2 : 1; if ($swfattachcount) { $db->query("UPDATE {$tablepre}threads SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED'); $db->query("UPDATE {$tablepre}posts SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED'); updatecredits($discuz_uid, $postattachcredits, $swfattachcount); } } }
if (substr($timestamp, -1) == '0') { require_once DISCUZ_ROOT . './include/misc.func.php'; updateviews('attachments', 'aid', 'downloads', $logfile); } if (@($fp = fopen(DISCUZ_ROOT . $logfile, 'a'))) { fwrite($fp, "{$aid}\n"); fclose($fp); } elseif ($adminid == 1) { showmessage('view_log_invalid'); } } else { $db->query("UPDATE {$tablepre}attachments SET downloads=downloads+'1' WHERE aid='{$aid}'", 'UNBUFFERED'); } } if (!$isimage) { updatecredits($discuz_uid, $getattachcredits, -1); } ob_end_clean(); //dheader('Cache-control: max-age=31536000'); //dheader('Expires: '.gmdate('D, d M Y H:i:s', $timestamp + 31536000).' GMT'); if ($attach['remote'] && !$ftp['hideurl']) { dheader('location:' . $ftp['attachurl'] . '/' . $attach['attachment']); } $filesize = filesize($filename); $attach['filename'] = '"' . (strtolower($charset) == 'utf-8' && strexists($_SERVER['HTTP_USER_AGENT'], 'MSIE') ? urlencode($attach['filename']) : $attach['filename']) . '"'; dheader('Date: ' . gmdate('D, d M Y H:i:s', $attach['dateline']) . ' GMT'); dheader('Last-Modified: ' . gmdate('D, d M Y H:i:s', $attach['dateline']) . ' GMT'); dheader('Content-Encoding: none'); if ($isimage && !empty($noupdate)) { dheader('Content-Disposition: inline; filename=' . $attach['filename']); } else {
$stickmodify = 0; foreach ($threadlist as $thread) { $stickmodify = (in_array($thread['displayorder'], array(2, 3)) || in_array($level, array(2, 3))) && $level != $thread['displayorder'] ? 1 : $stickmodify; } if ($globalstick && $stickmodify) { require_once DISCUZ_ROOT . './include/cache.func.php'; updatecache('globalstick'); } $modaction = $level ? $expiration ? 'EST' : 'STK' : 'UST'; $db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$moderatetids}) AND action IN ('STK', 'UST', 'EST', 'UES')", 'UNBUTTERED'); } elseif ($operation == 'digest') { $db->query("UPDATE {$tablepre}threads SET digest='{$level}', moderated='1' WHERE tid IN ({$moderatetids})"); foreach ($threadlist as $thread) { if ($thread['digest'] != $level) { $digestpostsadd = $thread['digest'] > 0 && $level == 0 || $thread['digest'] == 0 && $level > 0 ? 'digestposts=digestposts' . ($level == 0 ? '-' : '+') . '1' : ''; updatecredits($thread['authorid'], $digestcredits, $level - $thread['digest'], $digestpostsadd); } } $modaction = $level ? $expiration ? 'EDI' : 'DIG' : 'UDG'; $db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$moderatetids}) AND action IN ('DIG', 'UDI', 'EDI', 'UED')", 'UNBUTTERED'); } } elseif ($operation == 'close') { $modaction = empty($close) ? $expiration ? 'EOP' : 'OPN' : ($expiration ? 'ECL' : 'CLS'); $close = $modaction == 'ECL' || $modaction == 'CLS' ? 1 : 0; $db->query("UPDATE {$tablepre}threads SET closed='{$close}', moderated='1' WHERE tid IN ({$moderatetids})"); $db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$moderatetids}) AND action IN ('CLS','OPN', 'ECL', 'UCL', 'EOP', 'UEO')", 'UNBUTTERED'); } elseif ($operation == 'move') { $toforum = $db->fetch_first("SELECT fid, name, modnewposts, allowpostspecial FROM {$tablepre}forums WHERE fid='{$moveto}' AND status>0 AND type<>'group'"); if (!$toforum) { showmessage('admin_move_invalid'); } elseif ($fid == $toforum['fid']) {
if(!submitcheck('paysubmit')) { include template('pay'); } else { $updateauthor = true; if($maxincperthread > 0) { if(($db->result_first("SELECT SUM(netamount) FROM {$tablepre}paymentlog WHERE tid='$tid'")) > $maxincperthread) { $updateauthor = false; } } if($updateauthor) { updatecredits($thread['authorid'], array($creditstransextra[1] => $thread['netprice'])); } updatecredits($discuz_uid, array($creditstransextra[1] => $thread['price']), -1); $db->query("INSERT INTO {$tablepre}paymentlog (uid, tid, authorid, dateline, amount, netamount) VALUES ('$discuz_uid', '$tid', '$thread[authorid]', '$timestamp', '$thread[price]', '$thread[netprice]')"); showmessage('thread_pay_succeed', "viewthread.php?tid=$tid"); } } elseif($action == 'viewpayments') { $discuz_action = 82; $loglist = array(); $query = $db->query("SELECT p.*, m.username FROM {$tablepre}paymentlog p LEFT JOIN {$tablepre}members m USING (uid) WHERE tid='$tid' ORDER BY dateline");
$db->query("DELETE FROM {$tablepre}rewardlog WHERE tid='{$tid}'", 'UNBUFFERED'); } $thread_attachment = $post_attachment = 0; $query = $db->query("SELECT pid, attachment, thumb, remote FROM {$tablepre}attachments WHERE tid='{$tid}'"); while ($attach = $db->fetch_array($query)) { if ($attach['pid'] == $pid) { $post_attachment++; dunlink($attach['attachment'], $attach['thumb'], $attach['remote']); } else { $thread_attachment = 1; } } if ($post_attachment) { $db->query("DELETE FROM {$tablepre}attachments WHERE pid='{$pid}'", 'UNBUFFEREED'); $db->query("DELETE FROM {$tablepre}attachmentfields WHERE pid='{$pid}'", 'UNBUFFERED'); updatecredits($orig['authorid'], $postattachcredits, -$post_attachment); } $db->query("DELETE FROM {$tablepre}posts WHERE pid='{$pid}'"); if ($thread['special'] == 2) { $db->query("DELETE FROM {$tablepre}trades WHERE pid='{$pid}'"); } if ($isfirstpost) { $forumadd = 'threads=threads-\'1\', posts=posts-\'1\''; $tablearray = array('threadsmod', 'relatedthreads', 'threads', 'debates', 'debateposts', 'polloptions', 'polls', 'typeoptionvars'); foreach ($tablearray as $table) { $db->query("DELETE FROM {$tablepre}{$table} WHERE tid='{$tid}'", 'UNBUFFERED'); } if ($globalstick && in_array($thread['displayorder'], array(2, 3))) { require_once DISCUZ_ROOT . './include/cache.func.php'; updatecache('globalstick'); }
<?php define('IN_DISCUZ', true); include_once '../../config.inc.php'; require_once '../../include/global.func.php'; require_once '../../include/db_' . $database . '.class.php'; $uid = $_GET['uid']; $buyer = $_GET['buyer']; $price = $_GET['price']; $amount = $_GET['amount']; $orderid = $_GET['orderid']; $submitdate = $_GET['submitdate']; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset); $db->select_db($dbname); $settings = array(); $query = $db->query("SELECT * FROM {$tablepre}settings"); while ($setting = $db->fetch_array($query)) { $settings[$setting['variable']] = $setting['value']; } $settings['creditstrans'] = explode(',', $settings['creditstrans']); $extcredits = $settings['creditstrans'][0]; updatecredits($uid, array($extcredits => $amount)); $timestamp = time(); $db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation)VALUES ({$uid}, '{$buyer}', 0, {$extcredits}, 0, {$amount}, {$timestamp}, 'AFD')"); $db->query("UPDATE {$tablepre}orders SET status = '2', confirmdate = {$timestamp} WHERE orderid = '{$orderid}'");
$discuz_pw = $password; $discuz_secques = $secques; $groupid = $groupinfo['groupid']; $styleid = $styleid ? $styleid : $_DCACHE['settings']['styleid']; if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomtitle = !empty($welcomemsgtitle) ? $welcomemsgtitle : "Welcome to {$bbname}!"; $welcomtitle = addslashes(replacesitevar($welcomtitle)); $welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt)); if ($welcomemsg == 1) { sendpm($uid, $welcomtitle, $welcomemsgtxt, 0); } elseif ($welcomemsg == 2) { sendmail("{$username} <{$email}>", $welcomtitle, $welcomemsgtxt); } } if ($fromuid) { updatecredits($fromuid, $creditspolicy['promotion_register']); dsetcookie('promotion', ''); } if ($taskon && $newbietask && ($task = $db->fetch_first("SELECT * FROM {$tablepre}tasks WHERE taskid='{$newbietask}' AND available='2'"))) { require_once DISCUZ_ROOT . './include/task.func.php'; $task['newbie'] = 1; task_apply($task); } else { $newbietask = 0; } require_once DISCUZ_ROOT . './include/cache.func.php'; $_DCACHE['settings']['totalmembers']++; updatesettings(); dsetcookie('loginuser', ''); dsetcookie('activationauth', '', -86400 * 365); if (!empty($inajax)) {
} } if ($discuz_uid == $msgto) { showmessage('pm_send_self_ignore'); } if (trim($message) === '') { showmessage('pm_send_empty'); } include_once './forumdata/cache/cache_bbcodes.php'; foreach ($_DCACHE['smilies']['replacearray'] as $key => $smiley) { $_DCACHE['smilies']['replacearray'][$key] = '[img]' . $boardurl . 'images/smilies/' . $_DCACHE['smileytypes'][$_DCACHE['smilies']['typearray'][$key]]['directory'] . '/' . $smiley . '[/img]'; } $message = preg_replace($_DCACHE['smilies']['searcharray'], $_DCACHE['smilies']['replacearray'], $message); $pmid = uc_pm_send($discuz_uid, $msgto, '', $message, 1, 0, 0); if ($pmid > 0) { !($exempt & 1) && updatecredits($discuz_uid, $creditspolicy['sendpm'], -1); if (empty($sendnew)) { $pm = uc_pm_viewnode($discuz_uid, 0, $pmid); $dateline = $pm['dateline'] + $timeoffset * 3600; $pm['daterange'] = gmdate($dateformat, $dateline); $pm['daterange'] = $pm['daterange'] != $lastdaterange ? $pm['daterange'] : ''; $pm['dateline'] = gmdate("{$dateformat} {$timeformat}", $dateline); include template('header_ajax'); include template('pm_node'); include template('footer_ajax'); exit; } else { showmessage('pm_send_succeed', '', 1); exit; } } elseif ($pmid == -1) {
case 'UEH': $db->query("UPDATE {$tablepre}threads SET highlight='0' WHERE tid IN ({$tids})", 'UNBUFFERED'); $db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$tids}) AND action IN ('EHL', 'CCK')", 'UNBUFFERED'); break; case 'UEC': case 'UEO': $closed = $action == 'UEO' ? 1 : 0; $db->query("UPDATE {$tablepre}threads SET closed='{$closed}' WHERE tid IN ({$tids})", 'UNBUFFERED'); $db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$tids}) AND action IN ('EOP', 'ECL', 'CLK')", 'UNBUFFERED'); break; case 'UED': $db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$tids}) AND action='EDI'", 'UNBUFFERED'); $digestarray = $authoridarry = array(); $query = $db->query("SELECT authorid, digest FROM {$tablepre}threads WHERE tid IN ({$tids})"); while ($digest = $db->fetch_array($query)) { $authoridarry[] = $digest['authorid']; $digestarray[$digest['digest']][] = $digest['authorid']; } $db->query("UPDATE {$tablepre}members SET digestposts=digestposts-1 WHERE uid IN (" . implode(',', $authoridarry) . ")", 'UNBUFFERED'); foreach ($digestarray as $digest => $authorids) { updatecredits(implode('\',\'', $authorids), $creditspolicy['digest'], 0 - $digest); } $db->query("UPDATE {$tablepre}threads SET digest='0' WHERE tid IN ({$tids})", 'UNBUFFERED'); break; } } require_once DISCUZ_ROOT . './include/post.func.php'; foreach ($actionarray as $action => $tids) { updatemodlog(implode(',', $tids), $action, 0, 1); } }
} elseif ($operation == 'down') { if (!$allowbumpthread) { showmessage('undefined_action'); } $modaction = 'DWN'; $downtime = $timestamp - 86400 * 730; $db->query("UPDATE {$tablepre}threads SET lastpost='{$downtime}', moderated='1' WHERE tid IN ({$moderatetids})"); $forum['threadcaches'] && deletethreadcaches($thread['tid']); } elseif ($operation == 'delete') { if (!$allowdelpost) { showmessage('undefined_action'); } $stickmodify = 0; foreach ($threadlist as $thread) { if ($thread['digest']) { updatecredits($thread['authorid'], $digestcredits, -$thread['digest'], 'digestposts=digestposts-1'); } if (in_array($thread['displayorder'], array(2, 3))) { $stickmodify = 1; } } $losslessdel = $losslessdel > 0 ? $timestamp - $losslessdel * 86400 : 0; //Update members' credits and post counter $uidarray = $tuidarray = $ruidarray = array(); $query = $db->query("SELECT first, authorid, dateline FROM {$tablepre}posts WHERE tid IN ({$moderatetids})"); while ($post = $db->fetch_array($query)) { if ($post['dateline'] < $losslessdel) { $uidarray[] = $post['authorid']; } else { if ($post['first']) { $tuidarray[] = $post['authorid'];
function updateattach() { global $db, $tablepre, $attachsave, $attachdir, $discuz_uid, $postattachcredits, $tid, $pid, $attachextensions, $attachnew, $attachdel, $allowsetattachperm, $maxprice, $watermarkstatus; $imageexists = 0; $attachnew = (array) $attachnew; $sqladd = $pid > 0 ? "OR pid='{$pid}'" : ''; $query = $db->query("SELECT * FROM {$tablepre}attachments WHERE (uid='{$discuz_uid}' AND tid='0') {$sqladd}"); $attachnum = $db->num_rows($query); if ($attachnum) { if ($attachnum -= count($attachdel)) { checklowerlimit($postattachcredits, $attachnum); } $attachcount = 0; $delaids = array(); while ($attach = $db->fetch_array($query)) { if (is_array($attachdel) && in_array($attach['aid'], $attachdel)) { dunlink($attach['attachment'], $attach['thumb']); $delaids[] = $attach['aid']; continue; } $extension = strtolower(fileext($attach['filename'])); if ($attachextensions && (!preg_match("/(^|\\s|,)" . preg_quote($extension, '/') . "(\$|\\s|,)/i", $attachextensions) || !$extension)) { continue; } $anew = $attachnew[$attach['aid']]; $anew['aid'] = $attach['aid']; $anew['ext'] = $extension; $anew['size'] = $attach['filesize']; if ($attach['pid'] == 0) { $attach_basename = basename($attach['attachment']); $attach_src = $attachdir . '/' . $attach['attachment']; if ($attachsave) { switch ($attachsave) { case 1: $attach_subdir = 'forumid_' . $GLOBALS['fid']; break; case 2: $attach_subdir = 'ext_' . $extension; break; case 3: $attach_subdir = 'month_' . date('ym'); break; case 4: $attach_subdir = 'day_' . date('ymd'); break; } $attach_descdir = $attachdir . '/' . $attach_subdir; $anew['attachment'] = $attach_subdir . '/' . $attach_basename; } else { $attach_descdir = $attachdir; $anew['attachment'] = $attach_basename; } $anew['thumb'] = $attach['thumb']; $attach_desc = $attach_descdir . '/' . $attach_basename; if ($attach['isimage'] && $watermarkstatus) { require_once DISCUZ_ROOT . './include/image.class.php'; $image = new Image($attach_src, $attach); if ($image->imagecreatefromfunc && $image->imagefunc) { $image->Watermark(); $attach = $image->attach; $attach['filesize'] = $attach['size']; } } if (!is_dir($attach_descdir)) { @mkdir($attach_descdir, 0777); @fclose(fopen($attach_descdir . '/index.htm', 'w')); } if ($attach['thumb'] == 1) { if (!@rename($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg') && @copy($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg')) { @unlink($attach_src . '.thumb.jpg'); } } if (!@rename($attach_src, $attach_desc) && @copy($attach_src, $attach_desc)) { @unlink($attach_src); } $anew['remote'] = ftpupload($attach_desc, $anew); $attachcount++; } if ($attach['isimage']) { $imageexists = 1; } $anew['filesize'] = $attach['filesize']; $anew['perm'] = $allowsetattachperm ? $anew['perm'] : 0; $anew['description'] = cutstr(dhtmlspecialchars($anew['description']), 100); $anew['price'] = $maxprice ? intval($anew['price']) <= $maxprice ? intval($anew['price']) : $maxprice : 0; $sqladd = $attach['pid'] == 0 ? ", tid='{$tid}', pid='{$pid}', attachment='{$anew['attachment']}', remote='{$anew['remote']}'" : ''; $db->query("UPDATE {$tablepre}attachments SET readperm='{$anew['readperm']}', price='{$anew['price']}', filesize='{$anew['filesize']}' {$sqladd} WHERE aid='{$attach['aid']}'"); if ($anew['description']) { $db->query("REPLACE INTO {$tablepre}attachmentfields (aid, tid, pid, uid, description) VALUES ('{$attach['aid']}', '{$tid}', '{$pid}', '{$attach['uid']}', '{$anew['description']}')"); } } if ($delaids) { $db->query("DELETE FROM {$tablepre}attachments WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED'); $db->query("DELETE FROM {$tablepre}attachmentfields WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED'); } $attachment = $imageexists ? 2 : 1; if ($attachcount) { $db->query("UPDATE {$tablepre}threads SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED'); $db->query("UPDATE {$tablepre}posts SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED'); updatecredits($discuz_uid, $postattachcredits, $attachcount); } } }
$netcredit = round($tradelog['number'] * $tradelog['basecredit'] * (1 - $creditstax)); updatecredits($tradelog['sellerid'], array($creditstransextra[5] => $netcredit)); } else { $netcredit = 0; } $db->query("UPDATE {$tablepre}trades SET lastbuyer='$tradelog[buyer]', lastupdate='$timestamp', totalitems=totalitems+'$tradelog[number]', tradesum=tradesum+'$tradelog[price]', credittradesum=credittradesum+'$netcredit' WHERE tid='$tradelog[tid]' AND pid='$tradelog[pid]'", 'UNBUFFERED'); $itemsubject = $tradelog['subject']; sendnotice($tradelog['sellerid'], 'trade_success', 'threads'); sendnotice($tradelog['buyerid'], 'trade_success', 'threads'); } elseif($offlinestatus == STATUS_REFUND_CLOSE) { $db->query("UPDATE {$tablepre}trades SET amount=amount+'$tradelog[number]' WHERE tid='$tradelog[tid]' AND pid='$tradelog[pid]'", 'UNBUFFERED'); $itemsubject = $tradelog['subject']; sendnotice($tradelog['sellerid'], 'trade_fefund_success', 'threads'); sendnotice($tradelog['buyerid'], 'trade_fefund_success', 'threads'); if($creditstransextra[5] != -1 && $tradelog['basecredit']) { updatecredits($tradelog['buyerid'], array($creditstransextra[5] => $tradelog['number'] * $tradelog['basecredit'])); } } $message = trim($message); if($message) { $message = daddslashes(stripslashes($tradelog['message'])."\t\t\t".$discuz_uid."\t".$discuz_userss."\t".$timestamp."\t".nl2br(strip_tags(substr($message, 0, 200))), 1); } else { $message = daddslashes($tradelog['message'], 1); } $db->query("UPDATE {$tablepre}tradelog SET status='$offlinestatus', lastupdate='$timestamp', message='$message' WHERE orderid='$orderid'"); showmessage('trade_orderstatus_updated', 'trade.php?orderid='.$orderid); } if(submitcheck('tradesubmit')) {