function setloginstatus($member, $cookietime) { global $_G; $_G['uid'] = intval($member['uid']); $_G['username'] = $member['username']; $_G['adminid'] = $member['adminid']; $_G['groupid'] = $member['groupid']; $_G['formhash'] = formhash(); $_G['session']['invisible'] = getuserprofile('invisible'); $_G['member'] = $member; loadcache('usergroup_' . $_G['groupid']); C::app()->session->isnew = true; C::app()->session->updatesession(); dsetcookie('auth', authcode("{$member['password']}\t{$member['uid']}", 'ENCODE'), $cookietime, 1, true); dsetcookie('loginuser'); dsetcookie('activationauth'); dsetcookie('pmnum'); include_once libfile('function/stat'); updatestat('login', 1); if (defined('IN_MOBILE')) { updatestat('mobilelogin', 1); } if ($_G['setting']['connect']['allow'] && $_G['member']['conisbind']) { updatestat('connectlogin', 1); } $rule = updatecreditbyaction('daylogin', $_G['uid']); if (!$rule['updatecredit']) { checkusergroup($_G['uid']); } }
function xwb_setSiteUserLogin($uid) { global $_G; if (empty($uid)) { return false; } //登录 $member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='" . $uid . "'"); if (!$member) { return false; } setloginstatus($member, time() + 60 * 60 * 24 ? 2592000 : 0); DB::query("UPDATE " . DB::table('common_member_status') . " SET lastip='" . $_G['clientip'] . "', lastvisit='" . time() . "' WHERE uid='{$uid}'"); include_once libfile('function/stat'); updatestat('login'); updatecreditbyaction('daylogin', $uid); checkusergroup($uid); return true; }
$setarr = array('uid' => $uid, 'fromuid' => $_G['uid'], 'fromusername' => $_G['username'], 'note' => getstr($_POST['note'], 150, 1, 1), 'dateline' => $_G['timestamp'], 'iconid' => intval($_POST['iconid'])); DB::insert('home_poke', $setarr, 0, true); if (!$oldpoke) { DB::query("UPDATE " . DB::table('common_member_status') . " SET pokes=pokes+1 WHERE uid='{$uid}'"); DB::query("UPDATE " . DB::table('common_member') . " SET newprompt=newprompt+1 WHERE uid='{$uid}'"); } require_once libfile('function/friend'); friend_addnum($tospace['uid']); if ($op == 'reply') { DB::query("DELETE FROM " . DB::table('home_poke') . " WHERE uid='{$_G['uid']}' AND fromuid='{$uid}'"); DB::query("UPDATE " . DB::table('common_member_status') . " SET pokes=pokes-'1' WHERE uid='{$_G['uid']}'"); DB::query("UPDATE " . DB::table('common_member') . " SET newprompt=newprompt-'1' WHERE uid='{$_G['uid']}'"); } updatecreditbyaction('poke', 0, array(), $uid); include_once libfile('function/stat'); updatestat('poke'); showmessage('poke_success', dreferer(), array('username' => $tospace['username'], 'uid' => $uid, 'from' => $_G['gp_from']), array('showdialog' => 1, 'showmsg' => true, 'closetime' => true)); } } elseif ($op == 'ignore') { if (submitcheck('ignoresubmit')) { $where = empty($uid) ? '' : "AND fromuid='{$uid}'"; DB::query("DELETE FROM " . DB::table('home_poke') . " WHERE uid='{$_G['uid']}' {$where}"); $pokenum = getcount('home_poke', array('uid' => $_G['uid'])); space_merge($space, 'status'); if ($pokenum != $space['pokes']) { $changenum = $pokenum - $space['pokes']; member_status_update($space['uid'], array('pokes' => $changenum)); } showmessage('has_been_hailed_overlooked', '', array('uid' => $uid, 'from' => $_G['gp_from']), array('showdialog' => 1, 'showmsg' => true, 'closetime' => 0)); } } elseif ($op == 'view') {
public function newthread($parameters) { require_once libfile('function/post'); $this->tid = $this->pid = 0; $this->_init_parameters($parameters); if (trim($this->param['subject']) == '') { return $this->showmessage('post_sm_isnull'); } if (!$this->param['sortid'] && !$this->param['special'] && trim($this->param['message']) == '') { return $this->showmessage('post_sm_isnull'); } list($this->param['modnewthreads'], $this->param['modnewreplies']) = threadmodstatus($this->param['subject'] . "\t" . $this->param['message'] . $this->param['extramessage']); if ($post_invalid = checkpost($this->param['subject'], $this->param['message'], $this->param['special'] || $this->param['sortid'])) { return $this->showmessage($post_invalid, '', array('minpostsize' => $this->setting['minpostsize'], 'maxpostsize' => $this->setting['maxpostsize'])); } if (checkflood()) { return $this->showmessage('post_flood_ctrl', '', array('floodctrl' => $this->setting['floodctrl'])); } elseif (checkmaxperhour('tid')) { return $this->showmessage('thread_flood_ctrl_threads_per_hour', '', array('threads_per_hour' => $this->group['maxthreadsperhour'])); } $this->param['save'] = $this->member['uid'] ? $this->param['save'] : 0; $this->param['typeid'] = isset($this->param['typeid']) && isset($this->forum['threadtypes']['types'][$this->param['typeid']]) && (!$this->forum['threadtypes']['moderators'][$this->param['typeid']] || $this->forum['ismoderator']) ? $this->param['typeid'] : 0; $this->param['displayorder'] = $this->param['modnewthreads'] ? -2 : ($this->forum['ismoderator'] && $this->group['allowstickthread'] && !empty($this->param['sticktopic']) ? 1 : (empty($this->param['save']) ? 0 : -4)); if ($this->param['displayorder'] == -2) { C::t('forum_forum')->update($this->forum['fid'], array('modworks' => '1')); } $this->param['digest'] = $this->forum['ismoderator'] && $this->group['allowdigestthread'] && !empty($this->param['digest']) ? 1 : 0; $this->param['readperm'] = $this->group['allowsetreadperm'] ? $this->param['readperm'] : 0; $this->param['isanonymous'] = $this->group['allowanonymous'] && $this->param['isanonymous'] ? 1 : 0; $this->param['price'] = intval($this->param['price']); if (!$this->param['special']) { $this->param['price'] = $this->group['maxprice'] ? $this->param['price'] <= $this->group['maxprice'] ? $this->param['price'] : $this->group['maxprice'] : 0; } if (!$this->param['typeid'] && $this->forum['threadtypes']['required'] && !$this->param['special']) { return $this->showmessage('post_type_isnull'); } if (!$this->param['sortid'] && $this->forum['threadsorts']['required'] && !$this->param['special']) { return $this->showmessage('post_sort_isnull'); } if (!$this->param['special'] && $this->param['price'] > 0 && floor($this->param['price'] * (1 - $this->setting['creditstax'])) == 0) { return $this->showmessage('post_net_price_iszero'); } $this->param['sortid'] = $this->param['special'] && $this->forum['threadsorts']['types'][$this->param['sortid']] ? 0 : $this->param['sortid']; $this->param['typeexpiration'] = intval($this->param['typeexpiration']); if ($this->forum['threadsorts']['expiration'][$this->param['typeid']] && !$this->param['typeexpiration']) { return $this->showmessage('threadtype_expiration_invalid'); } $author = !$this->param['isanonymous'] ? $this->member['username'] : ''; $this->param['moderated'] = $this->param['digest'] || $this->param['displayorder'] > 0 ? 1 : 0; $this->param['ordertype'] && ($this->param['tstatus'] = setstatus(4, 1, $this->param['tstatus'])); $this->param['imgcontent'] && ($this->param['tstatus'] = setstatus(15, $this->param['imgcontent'], $this->param['tstatus'])); $this->param['hiddenreplies'] && ($this->param['tstatus'] = setstatus(2, 1, $this->param['tstatus'])); $this->param['allownoticeauthor'] && ($this->param['tstatus'] = setstatus(6, 1, $this->param['tstatus'])); $this->param['isgroup'] = $this->forum['status'] == 3 ? 1 : 0; $this->param['publishdate'] = !$this->param['modnewthreads'] ? $this->param['publishdate'] : TIMESTAMP; $newthread = array('fid' => $this->forum['fid'], 'posttableid' => 0, 'readperm' => $this->param['readperm'], 'price' => $this->param['price'], 'typeid' => $this->param['typeid'], 'sortid' => $this->param['sortid'], 'author' => $author, 'authorid' => $this->member['uid'], 'subject' => $this->param['subject'], 'dateline' => $this->param['publishdate'], 'lastpost' => $this->param['publishdate'], 'lastposter' => $author, 'displayorder' => $this->param['displayorder'], 'digest' => $this->param['digest'], 'special' => $this->param['special'], 'attachment' => 0, 'moderated' => $this->param['moderated'], 'status' => $this->param['tstatus'], 'isgroup' => $this->param['isgroup'], 'replycredit' => $this->param['replycredit'], 'closed' => $this->param['closed'] ? 1 : 0); $this->tid = C::t('forum_thread')->insert($newthread, true); C::t('forum_newthread')->insert(array('tid' => $this->tid, 'fid' => $this->forum['fid'], 'dateline' => $this->param['publishdate'])); useractionlog($this->member['uid'], 'tid'); if (!getuserprofile('threads') && $this->setting['newbie']) { C::t('forum_thread')->update($this->tid, array('icon' => $this->setting['newbie'])); } if ($this->param['publishdate'] != TIMESTAMP) { $cron_publish_ids = dunserialize($this->cache('cronpublish')); $cron_publish_ids[$this->tid] = $this->tid; $cron_publish_ids = serialize($cron_publish_ids); savecache('cronpublish', $cron_publish_ids); } if (!$this->param['isanonymous']) { C::t('common_member_field_home')->update($this->member['uid'], array('recentnote' => $this->param['subject'])); } if ($this->param['moderated']) { updatemodlog($this->tid, $this->param['displayorder'] > 0 ? 'STK' : 'DIG'); updatemodworks($this->param['displayorder'] > 0 ? 'STK' : 'DIG', 1); } $this->param['bbcodeoff'] = checkbbcodes($this->param['message'], !empty($this->param['bbcodeoff'])); $this->param['smileyoff'] = checksmilies($this->param['message'], !empty($this->param['smileyoff'])); $this->param['parseurloff'] = !empty($this->param['parseurloff']); $this->param['htmlon'] = $this->group['allowhtml'] && !empty($this->param['htmlon']) ? 1 : 0; $this->param['usesig'] = !empty($this->param['usesig']) && $this->group['maxsigsize'] ? 1 : 0; $class_tag = new tag(); $this->param['tagstr'] = $class_tag->add_tag($this->param['tags'], $this->tid, 'tid'); $this->param['pinvisible'] = $this->param['modnewthreads'] ? -2 : (empty($this->param['save']) ? 0 : -3); $this->param['message'] = preg_replace('/\\[attachimg\\](\\d+)\\[\\/attachimg\\]/is', '[attach]\\1[/attach]', $this->param['message']); $this->param['pstatus'] = intval($this->param['pstatus']); defined('IN_MOBILE') && ($this->param['pstatus'] = setstatus(4, 1, $this->param['pstatus'])); if ($this->param['imgcontent']) { stringtopic($this->param['message'], $this->tid, true, $this->param['imgcontentwidth']); } $this->pid = insertpost(array('fid' => $this->forum['fid'], 'tid' => $this->tid, 'first' => '1', 'author' => $this->member['username'], 'authorid' => $this->member['uid'], 'subject' => $this->param['subject'], 'dateline' => $this->param['publishdate'], 'message' => $this->param['message'], 'useip' => $this->param['clientip'] ? $this->param['clientip'] : getglobal('clientip'), 'port' => $this->param['remoteport'] ? $this->param['remoteport'] : getglobal('remoteport'), 'invisible' => $this->param['pinvisible'], 'anonymous' => $this->param['isanonymous'], 'usesig' => $this->param['usesig'], 'htmlon' => $this->param['htmlon'], 'bbcodeoff' => $this->param['bbcodeoff'], 'smileyoff' => $this->param['smileyoff'], 'parseurloff' => $this->param['parseurloff'], 'attachment' => '0', 'tags' => $this->param['tagstr'], 'replycredit' => 0, 'status' => $this->param['pstatus'])); $statarr = array(0 => 'thread', 1 => 'poll', 2 => 'trade', 3 => 'reward', 4 => 'activity', 5 => 'debate', 127 => 'thread'); include_once libfile('function/stat'); updatestat($this->param['isgroup'] ? 'groupthread' : $statarr[$this->param['special']]); if ($this->param['geoloc'] && IN_MOBILE == 2) { list($mapx, $mapy, $location) = explode('|', $this->param['geoloc']); if ($mapx && $mapy && $location) { C::t('forum_post_location')->insert(array('pid' => $this->pid, 'tid' => $this->tid, 'uid' => $this->member['uid'], 'mapx' => $mapx, 'mapy' => $mapy, 'location' => $location)); } } if ($this->param['modnewthreads']) { updatemoderate('tid', $this->tid); C::t('forum_forum')->update_forum_counter($this->forum['fid'], 0, 0, 1); manage_addnotify('verifythread'); return 'post_newthread_mod_succeed'; } else { if ($this->param['displayorder'] != -4) { if ($this->param['digest']) { updatepostcredits('+', $this->member['uid'], 'digest', $this->forum['fid']); } updatepostcredits('+', $this->member['uid'], 'post', $this->forum['fid']); if ($this->param['isgroup']) { C::t('forum_groupuser')->update_counter_for_user($this->member['uid'], $this->forum['fid'], 1); } $subject = str_replace("\t", ' ', $this->param['subject']); $lastpost = "{$this->tid}\t" . $subject . "\t" . TIMESTAMP . "\t{$author}"; C::t('forum_forum')->update($this->forum['fid'], array('lastpost' => $lastpost)); C::t('forum_forum')->update_forum_counter($this->forum['fid'], 1, 1, 1); if ($this->forum['type'] == 'sub') { C::t('forum_forum')->update($this->forum['fup'], array('lastpost' => $lastpost)); } } if ($this->param['isgroup']) { C::t('forum_forumfield')->update($this->forum['fid'], array('lastupdate' => TIMESTAMP)); require_once libfile('function/grouplog'); updategroupcreditlog($this->forum['fid'], $this->member['uid']); } C::t('forum_sofa')->insert(array('tid' => $this->tid, 'fid' => $this->forum['fid'])); return 'post_newthread_succeed'; } }
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name='', $title='', $delsize=0, $from = false) { global $_SGLOBAL, $space, $_SCONFIG, $_SC; if($albumid<0) $albumid = 0; $setarr = array(); $filepath = getfilepath($fileext, true); $newfilename = $_SC['attachdir'].'./'.$filepath; if($handle = fopen($newfilename, 'wb')) { if(fwrite($handle, $strdata) !== FALSE) { fclose($handle); $size = filesize($newfilename); //检查空间大小 if(empty($space)) { $space = getspace($_SGLOBAL['supe_uid']); $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('space')." WHERE uid='$_SGLOBAL[supe_uid]'"); $space = $_SGLOBAL['db']->fetch_array($query); $_SGLOBAL['supe_username'] = addslashes($space['username']); } $_SGLOBAL['member'] = $space; $maxattachsize = checkperm('maxattachsize');//单位MB if($maxattachsize) {//0为不限制 if($space['attachsize'] + $size - $delsize > $maxattachsize + $space['addsize']) { @unlink($newfilename); return -1; } } //检查是否图片 if(function_exists('getimagesize')) { $tmp_imagesize = @getimagesize($newfilename); list($tmp_width, $tmp_height, $tmp_type) = (array)$tmp_imagesize; $tmp_size = $tmp_width * $tmp_height; if($tmp_size > 16777216 || $tmp_size < 4 || empty($tmp_type) || strpos($tmp_imagesize['mime'], 'flash') > 0) { @unlink($newfilename); return -2; } } //缩略图 include_once(S_ROOT.'./source/function_image.php'); $thumbpath = makethumb($newfilename); $thumb = empty($thumbpath)?0:1; //大头帖不添加水印 if($_SCONFIG['allowwatermark']) { makewatermark($newfilename); } //入库 $filename = addslashes(($name ? $name : substr(strrchr($filepath, '/'), 1))); $title = getstr($title, 200, 1, 1, 1); if($albumid) { preg_match("/^new\:(.+)$/i", $albumid, $matchs); if(!empty($matchs[1])) { $albumname = shtmlspecialchars(trim($matchs[1])); if(empty($albumname)) $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } else { $albumid = intval($albumid); if($albumid) { $query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM ".tname('album')." WHERE albumid='$albumid' AND uid='$_SGLOBAL[supe_uid]'"); if($value = $_SGLOBAL['db']->fetch_array($query)) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } } } } else { $albumid = 0; } $setarr = array( 'albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'filename' => $filename, 'postip' => getonlineip(), 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb ); $setarr['picid'] = inserttable('pic', $setarr, 1); //更新附件大小 //积分 $setsql = ''; if($from) { $reward = getreward($from, 0); if($reward['credit']) { $setsql = ",credit=credit+$reward[credit]"; } if($reward['experience']) { $setsql .= ",experience=experience+$reward[experience]"; } } $_SGLOBAL['db']->query("UPDATE ".tname('space')." SET attachsize=attachsize+'$size', updatetime='$_SGLOBAL[timestamp]' $setsql WHERE uid='$_SGLOBAL[supe_uid]'"); //相册更新 if($albumid) { $file = $filepath.($thumb?'.thumb.jpg':''); $_SGLOBAL['db']->query("UPDATE ".tname('album')." SET picnum=picnum+1, updatetime='$_SGLOBAL[timestamp]', pic='$file', picflag='1' WHERE albumid='$albumid'"); } //最后进行ftp上传,防止垃圾产生 if($_SCONFIG['allowftp']) { include_once(S_ROOT.'./source/function_ftp.php'); if(ftpupload($newfilename, $filepath)) { $setarr['remote'] = 1; updatetable('pic', array('remote'=>$setarr['remote']), array('picid'=>$setarr['picid'])); if($albumid) updatetable('album', array('picflag'=>2), array('albumid'=>$albumid)); } else { return -4; } } //统计 updatestat('pic'); return $setarr; } else { fclose($handle); } } return -3; }
updatemembercount($uid, array($_G['setting']['inviteconfig']['inviterewardcredit'] => $_G['setting']['inviteconfig']['inviteaddcredit'])); } if ($_G['setting']['inviteconfig']['invitedaddcredit']) { updatemembercount($invite['uid'], array($_G['setting']['inviteconfig']['inviterewardcredit'] => $_G['setting']['inviteconfig']['invitedaddcredit'])); } require_once libfile('function/friend'); friend_make($invite['uid'], $invite['username'], false); notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1); space_merge($invite, 'field_home'); if (!empty($invite['privacy']['feed']['invite'])) { require_once libfile('function/feed'); $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>'); feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']); } if ($invite['appid']) { updatestat('appinvite'); } } if ($welcomemsg && !empty($welcomemsgtxt)) { $welcomtitle = !empty($_G['setting']['welcomemsgtitle']) ? $_G['setting']['welcomemsgtitle'] : "Welcome to " . $_G['setting']['bbname'] . "!"; $welcomtitle = addslashes(replacesitevar($welcomtitle)); $welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt)); if ($welcomemsg == 1) { sendpm($uid, $welcomtitle, $welcomemsgtxt, 0); } elseif ($welcomemsg == 2) { sendmail_cron($email, $welcomtitle, $welcomemsgtxt); } } if ($fromuid) { updatecreditbyaction('promotion_register', $fromuid); dsetcookie('promotion', '');
} $touid =& $_G['collection']['uid']; $coef = 1; if ($touid) { $subject = $message = lang('message', 'collection_recommend_message', array('fromuser' => $_G['username'], 'collectioname' => $_G['collection']['name'], 'url' => $_GET['threadurl'])); if (C::t('home_blacklist')->count_by_uid_buid($touid, $_G['uid'])) { showmessage('is_blacklist', '', array(), array('return' => true)); } if ($value = getuserbyuid($touid)) { require_once libfile('function/friend'); $value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2); if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && friend_check($touid)) { $return = sendpm($touid, $subject, $message, '', 0, 0); } else { showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true)); } } else { showmessage('message_bad_touid', '', array(), array('return' => true)); } } else { $return = sendpm(0, $subject, $message, '', $pmid, 0); } if ($return > 0) { include_once libfile('function/stat'); updatestat('sendpm', 0, $coef); C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP), 'UNBUFFERED'); !($_G['group']['exempt'] & 1) && updatecreditbyaction('sendpm', 0, array(), '', $coef); showmessage('collection_recommend_succ', '', array(), array('alert' => 'right', 'closetime' => true, 'showdialog' => 1)); } } }
function blog_post($POST, $olds=array()) { global $_G, $space; $isself = 1; if(!empty($olds['uid']) && $olds['uid'] != $_G['uid']) { $isself = 0; $__G = $_G; $_G['uid'] = $olds['uid']; $_G['username'] = addslashes($olds['username']); } $POST['subject'] = getstr(trim($POST['subject']), 80); $POST['subject'] = censor($POST['subject']); if(strlen($POST['subject'])<1) $POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d'); $POST['friend'] = intval($POST['friend']); $POST['target_ids'] = ''; if($POST['friend'] == 2) { $uids = array(); $names = empty($_POST['target_names'])?array():explode(',', preg_replace("/(\s+)/s", ',', $_POST['target_names'])); if($names) { $uids = C::t('common_member')->fetch_all_uid_by_username($names); } if(empty($uids)) { $POST['friend'] = 3; } else { $POST['target_ids'] = implode(',', $uids); } } elseif($POST['friend'] == 4) { $POST['password'] = trim($POST['password']); if($POST['password'] == '') $POST['friend'] = 0; } if($POST['friend'] !== 2) { $POST['target_ids'] = ''; } if($POST['friend'] !== 4) { $POST['password'] == ''; } $POST['tag'] = dhtmlspecialchars(trim($POST['tag'])); $POST['tag'] = getstr($POST['tag'], 500); $POST['tag'] = censor($POST['tag']); $POST['message'] = checkhtml($POST['message']); if($_G['mobile']) { $POST['message'] = getstr($POST['message'], 0, 0, 0, 1); $POST['message'] = censor($POST['message']); } else { $POST['message'] = getstr($POST['message'], 0, 0, 0, 0, 1); $POST['message'] = censor($POST['message']); $POST['message'] = preg_replace(array( "/\<div\>\<\/div\>/i", "/\<a\s+href\=\"([^\>]+?)\"\>/i" ), array( '', '<a href="\\1" target="_blank">' ), $POST['message']); } $message = $POST['message']; if(censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) { $blog_status = 1; } else { $blog_status = 0; } if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) { if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') { $classname = dhtmlspecialchars(trim(substr($POST['classid'], 4))); $classname = getstr($classname); $classname = censor($classname); if(empty($classname)) { $classid = 0; } else { $classid = C::t('home_class')->fetch_classid_by_uid_classname($_G['uid'], $classname); if(empty($classid)) { $setarr = array( 'classname' => $classname, 'uid' => $_G['uid'], 'dateline' => $_G['timestamp'] ); $classid = C::t('home_class')->insert($setarr, true); } } } else { $classid = intval($POST['classid']); } } else { $classid = $olds['classid']; } if($classid && empty($classname)) { $query = C::t('home_class')->fetch($classid); $classname = ($query['uid'] == $_G['uid']) ? $query['classname'] : ''; if(empty($classname)) $classid = 0; } $blogarr = array( 'subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($POST['noreply'])?0:1, 'catid' => intval($POST['catid']), 'status' => $blog_status, ); $titlepic = ''; $uploads = array(); if(!empty($POST['picids'])) { $picids = array_keys($POST['picids']); $query = C::t('home_pic')->fetch_all_by_uid($_G['uid'], 0, 0, $picids); foreach($query as $value) { if(empty($titlepic) && $value['thumb']) { $titlepic = getimgthumbname($value['filepath']); $blogarr['picflag'] = $value['remote']?2:1; } $picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0); $uploads[md5($picurl)] = $value; } if(empty($titlepic) && $value) { $titlepic = $value['filepath']; $blogarr['picflag'] = $value['remote']?2:1; } } if($uploads) { $albumid = 0; if($POST['savealbumid'] < 0 && !empty($POST['newalbum'])) { $albumname = addslashes(dhtmlspecialchars(trim($POST['newalbum']))); if(empty($albumname)) $albumname = dgmdate($_G['timestamp'],'Ymd'); $albumarr = array('albumname' => $albumname); $albumid = album_creat($albumarr); } else { $albumid = $POST['savealbumid'] < 0 ? 0 : intval($POST['savealbumid']); } if($albumid) { C::t('home_pic')->update_for_uid($_G['uid'], $picids, array('albumid' => $albumid)); album_update_pic($albumid); } preg_match_all("/\s*\<img src=\"(.+?)\".*?\>\s*/is", $message, $mathes); if(!empty($mathes[1])) { foreach ($mathes[1] as $key => $value) { $urlmd5 = md5($value); if(!empty($uploads[$urlmd5])) { unset($uploads[$urlmd5]); } } } foreach ($uploads as $value) { $picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0); $message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>"; } } $ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message); if(empty($ckmessage)) { return false; } if(checkperm('manageblog')) { $blogarr['hot'] = intval($POST['hot']); } if($olds['blogid']) { if($blogarr['catid'] != $olds['catid']) { if($olds['catid']) { C::t('home_blog_category')->update_num_by_catid(-1, $olds['catid'], true, true); } if($blogarr['catid']) { C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']); } } $blogid = $olds['blogid']; C::t('home_blog')->update($blogid, $blogarr); $fuids = array(); $blogarr['uid'] = $olds['uid']; $blogarr['username'] = $olds['username']; } else { if($blogarr['catid']) { C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']); } $blogarr['uid'] = $_G['uid']; $blogarr['username'] = $_G['username']; $blogarr['dateline'] = empty($POST['dateline'])?$_G['timestamp']:$POST['dateline']; $blogid = C::t('home_blog')->insert($blogarr, true); C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp'])); C::t('common_member_field_home')->update($_G['uid'], array('recentnote'=>$POST['subject'])); } $blogarr['blogid'] = $blogid; $class_tag = new tag(); $POST['tag'] = $olds ? $class_tag->update_field($POST['tag'], $blogid, 'blogid') : $class_tag->add_tag($POST['tag'], $blogid, 'blogid'); $fieldarr = array( 'message' => $message, 'postip' => $_G['clientip'], 'target_ids' => $POST['target_ids'], 'tag' => $POST['tag'] ); if(!empty($titlepic)) { $fieldarr['pic'] = $titlepic; } if($olds) { C::t('home_blogfield')->update($blogid, $fieldarr); } else { $fieldarr['blogid'] = $blogid; $fieldarr['uid'] = $blogarr['uid']; C::t('home_blogfield')->insert($fieldarr); } if($isself && !$olds && $blog_status == 0) { updatecreditbyaction('publishblog', 0, array('blogs' => 1)); include_once libfile('function/stat'); updatestat('blog'); } if($olds['blogid'] && $blog_status == 1) { updatecreditbyaction('publishblog', 0, array('blogs' => -1), '', -1); include_once libfile('function/stat'); updatestat('blog'); } if($POST['makefeed'] && $blog_status == 0) { include_once libfile('function/feed'); feed_publish($blogid, 'blogid', $olds?0:1); } if(!empty($__G)) $_G = $__G; if($blog_status == 1) { updatemoderate('blogid', $blogid); manage_addnotify('verifyblog'); } return $blogarr; }
if (cknote_uid(array("type" => "eventmember", "authorid" => $_SGLOBAL['supe_uid']), $filter)) { $note_ids[] = $value['uid']; $note_inserts[] = "('{$value['uid']}', 'eventmember', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')"; } } if ($note_inserts) { $_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts)); $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")"); } //E-mail notice smail($event['uid'], '', $note_msg, 'event'); } // Bonus Points getreward('joinevent', 1, 0, $eventid); //Statistics updatestat('eventjoin'); //Process Event Invites if ($eventinvite) { $_SGLOBAL['db']->query("DELETE FROM " . tname("eventinvite") . " WHERE eventid='{$eventid}' AND touid='{$_SGLOBAL['supe_uid']}'"); $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET eventinvitenum=eventinvitenum-1 WHERE uid = '{$_SGLOBAL['supe_uid']}' AND eventinvitenum>0"); } showmessage("do_success", "space.php?do=event&id={$eventid}", 0); // Join the event successfully } } elseif ($op == "quit") { // Quit Event if (!$eventid) { showmessage("event_does_not_exist"); // Event does not exist or has been deleted } if (submitcheck("quitsubmit")) {
if ($res = $_SGLOBAL['db']->fetch_array($query)) { $school = $res['school']; $query1 = $_SGLOBAL['db']->query("SELECT * FROM " . tname("mtag") . " WHERE tagname='{$school}'"); if ($r = $_SGLOBAL['db']->fetch_array($query1)) { $tagid = $r['tagid']; } } $setarr = array('tagid' => $tagid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'subject' => $msg, 'lastpost' => $_SGLOBAL['timestamp'], 'lastauthor' => $_SGLOBAL['supe_username'], 'lastauthorid' => $_SGLOBAL['supe_uid']); $tid = inserttable('thread', $setarr, 1); $psetarr = array('tagid' => $tagid, 'tid' => $tid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'ip' => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'message' => $msg, 'isthread' => 1); //添加 inserttable('post', $psetarr); //更新群组统计 $_SGLOBAL['db']->query("UPDATE " . tname("mtag") . " SET threadnum=threadnum+1 WHERE tagid='{$tagid}'"); //统计 updatestat('thread'); //更新用户统计 if (empty($space['threadnum'])) { $space['threadnum'] = getcount('thread', array('uid' => $space['uid'])); $threadnumsql = "threadnum=" . $space['threadnum']; } else { $threadnumsql = 'threadnum=threadnum+1'; } //积分 $reward = getreward('publishthread', 0); $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$threadnumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'"); $returnarr = array("tagid" => $tagid, "tid" => $tid); echo json_encode($returnarr); return; } if ($_GET['sync'] == 'false') {
} if ($_G['gp_tradeaid']) { $attachment = DB::fetch_first("SELECT * FROM " . DB::table('forum_attachment') . " WHERE aid='{$_G['gp_tradeaid']}'"); if (in_array($attachment['filetype'], array('image/gif', 'image/jpeg', 'image/png'))) { $_G['setting']['attachurl'] = preg_match("/^((https?|ftps?):\\/\\/|www\\.)/i", $_G['setting']['attachurl']) ? $_G['setting']['attachurl'] : $_G['siteurl'] . $_G['setting']['attachurl']; $imgurl = $_G['setting']['attachurl'] . '/forum/' . $attachment['attachment'] . ($attachment['thumb'] && $attachment['filetype'] != 'image/gif' ? '.thumb.jpg' : ''); $feed['images'][] = $attachment['attachment'] ? $imgurl : ''; $feed['image_links'][] = $attachment['attachment'] ? "{$_G['siteurl']}forum.php?mod=viewthread&tid={$tid}" : ''; } } $feed['title_data']['hash_data'] = "tid{$tid}"; $feed['id'] = $tid; $feed['idtype'] = 'tid'; postfeed($feed); } if ($digest) { foreach ($digestcredits as $id => $addcredits) { $postcredits[$id] = (isset($postcredits[$id]) ? $postcredits[$id] : 0) + $addcredits; } } updatepostcredits('+', $_G['uid'], 'post', $_G['fid']); DB::query("UPDATE " . DB::table('common_member_count') . " SET threads=threads+1 WHERE uid='{$_G['uid']}'"); $lastpost = "{$tid}\t{$subject}\t{$_G['timestamp']}\t{$author}"; DB::query("UPDATE " . DB::table('forum_forum') . " SET lastpost='{$lastpost}', threads=threads+1, posts=posts+2, todayposts=todayposts+1 WHERE fid='{$_G['fid']}'", 'UNBUFFERED'); if ($_G['forum']['type'] == 'sub') { DB::query("UPDATE " . DB::table('forum_forum') . " SET lastpost='{$lastpost}' WHERE fid='" . $_G['forum']['fup'] . "'", 'UNBUFFERED'); } include_once libfile('function/stat'); updatestat('trade'); showmessage('post_newthread_succeed', "forum.php?mod=viewthread&tid={$tid}&extra={$extra}", $param); }
} if ($_G['forum']['picstyle']) { setthreadcover($pid, 0, $threadimageaid); } } if ($threadimageaid) { if (!$threadimage) { $threadimage = DB::fetch_first("SELECT attachment, remote FROM " . DB::table(getattachtablebytid($tid)) . " WHERE aid='{$threadimageaid}'"); } $threadimage = daddslashes($threadimage); DB::insert('forum_threadimage', array('tid' => $tid, 'attachment' => $threadimage['attachment'], 'remote' => $threadimage['remote'])); } $param = array('fid' => $_G['fid'], 'tid' => $tid, 'pid' => $pid); $statarr = array(0 => 'thread', 1 => 'poll', 2 => 'trade', 3 => 'reward', 4 => 'activity', 5 => 'debate', 127 => 'thread'); include_once libfile('function/stat'); updatestat($isgroup ? 'groupthread' : $statarr[$special]); dsetcookie('clearUserdata', 'forum'); if ($specialextra) { $classname = 'threadplugin_' . $specialextra; if (class_exists($classname) && method_exists($threadpluginclass = new $classname(), 'newthread_submit_end')) { $threadpluginclass->newthread_submit_end($_G['fid'], $tid); } } if ($modnewthreads) { updatemoderate('tid', $tid); DB::query("UPDATE " . DB::table('forum_forum') . " SET todayposts=todayposts+1 WHERE fid='{$_G['fid']}'", 'UNBUFFERED'); manage_addnotify('verifythread'); showmessage('post_newthread_mod_succeed', "forum.php?mod=viewthread&tid={$tid}&extra={$extra}", $param); } else { $feed = array('icon' => '', 'title_template' => '', 'title_data' => array(), 'body_template' => '', 'body_data' => array(), 'title_data' => array(), 'images' => array()); if (!empty($_G['gp_addfeed']) && $_G['forum']['allowfeed'] && !$isanonymous) {
if ($comment['authorid'] != $_SGLOBAL['supe_uid']) { //发送邮件通知 smail($comment['authorid'], '', cplang($q_msgtype, array($_SN[$userid], shtmlspecialchars(getsiteurl() . $n_url))), '', $q_msgtype); notification_add($comment['authorid'], $note_type, $q_note); } //通知被@的用户 if ($UserIds) { $note = cplang('note_comment_at', array($n_url)); foreach ($UserIds as $UserId) { notification_add($UserId, 'atyou', $note); } } } //统计 if ($stattype) { updatestat($stattype); } if ($cid) { $arrs = array('flag' => 'success'); } else { $arrs = array('flag' => 'failed'); } returnflag($arrs); } function returnflag($flag) { $result = json_encode($flag); $result = preg_replace("#\\\\u([0-9a-f]{4})#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result); echo $result; exit; }
} elseif ($stand == 2) { $feed['title_template'] = 'feed_thread_debatevote_title_2'; } else { $feed['title_template'] = 'feed_thread_debatevote_title_3'; } $feed['title_data'] = array('subject' => "<a href=\"{$_G['siteurl']}forum.php?mod=viewthread&tid={$_G['tid']}\">{$thread['subject']}</a>", 'author' => "<a href=\"home.php?mod=space&uid={$thread['authorid']}\">{$thread['author']}</a>"); } elseif ($thread['authorid'] != $_G['uid']) { $post_url = "forum.php?mod=redirect&goto=findpost&pid={$pid}&ptid={$_G['tid']}"; $feed['icon'] = 'post'; $feed['title_template'] = !empty($thread['author']) ? 'feed_reply_title' : 'feed_reply_title_anonymous'; $feed['title_data'] = array('subject' => "<a href=\"{$post_url}\">{$thread['subject']}</a>", 'author' => "<a href=\"home.php?mod=space&uid={$thread['authorid']}\">{$thread['author']}</a>"); if (!empty($_G['forum_attachexist'])) { $firstaid = DB::result_first("SELECT aid FROM " . DB::table('forum_attachment') . " WHERE pid='{$pid}' AND dateline>'0' AND isimage='1' ORDER BY dateline LIMIT 1"); if ($firstaid) { $feed['images'] = array(getforumimg($firstaid)); $feed['image_links'] = array($post_url); } } } $feed['title_data']['hash_data'] = "tid{$_G[tid]}"; $feed['id'] = $tid; $feed['idtype'] = 'tid'; postfeed($feed); } include_once libfile('function/stat'); updatestat($thread['isgroup'] ? 'grouppost' : 'post'); $page = getstatus($thread['status'], 4) ? 1 : @ceil(($thread['special'] ? $thread['replies'] + 1 : $thread['replies'] + 2) / $_G['ppp']); $url = empty($_POST['portal_referer']) ? "forum.php?mod=viewthread&tid={$thread[tid]}&pid={$pid}&page={$page}&extra={$extra}#pid{$pid}" : $_POST['portal_referer']; showmessage($replymessage, $url, $param); } }
function blog_post($POST, $olds=array()) { global $_SGLOBAL, $_SC, $space; //操作者角色切换 $isself = 1; if(!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) { $isself = 0; $__SGLOBAL = $_SGLOBAL; $_SGLOBAL['supe_uid'] = $olds['uid']; $_SGLOBAL['supe_username'] = addslashes($olds['username']); } //标题 $POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1); if(strlen($POST['subject'])<1) $POST['subject'] = sgmdate('Y-m-d'); $POST['friend'] = intval($POST['friend']); //隐私 $POST['target_ids'] = ''; if($POST['friend'] == 2) { //特定好友 $uids = array(); $names = empty($_POST['target_names'])?array():explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names'])); if($names) { $query = $_SGLOBAL['db']->query("SELECT uid FROM ".tname('space')." WHERE username IN (".simplode($names).")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $uids[] = $value['uid']; } } if(empty($uids)) { $POST['friend'] = 3;//仅自己可见 } else { $POST['target_ids'] = implode(',', $uids); } } elseif($POST['friend'] == 4) { //加密 $POST['password'] = trim($POST['password']); if($POST['password'] == '') $POST['friend'] = 0;//公开 } if($POST['friend'] !== 2) { $POST['target_ids'] = ''; } if($POST['friend'] !== 4) { $POST['password'] == ''; } $POST['tag'] = shtmlspecialchars(trim($POST['tag'])); $POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1); //语词屏蔽 //内容 if($_SGLOBAL['mobile']) { $POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1); } else { $POST['message'] = checkhtml($POST['message']); $POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1); $POST['message'] = preg_replace(array( "/\<div\>\<\/div\>/i", "/\<a\s+href\=\"([^\>]+?)\"\>/i" ), array( '', '<a href="\\1" target="_blank">' ), $POST['message']); } $message = $POST['message']; //个人分类 if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) { if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') { //分类名 $classname = shtmlspecialchars(trim(substr($POST['classid'], 4))); $classname = getstr($classname, 0, 1, 1, 1); if(empty($classname)) { $classid = 0; } else { $classid = getcount('class', array('classname'=>$classname, 'uid'=>$_SGLOBAL['supe_uid']), 'classid'); if(empty($classid)) { $setarr = array( 'classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp'] ); $classid = inserttable('class', $setarr, 1); } } } else { $classid = intval($POST['classid']); } } else { $classid = $olds['classid']; } if($classid && empty($classname)) { //是否是自己的 $classname = getcount('class', array('classid'=>$classid, 'uid'=>$_SGLOBAL['supe_uid']), 'classname'); if(empty($classname)) $classid = 0; } //主表 $blogarr = array( 'subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply'])?0:1 ); //标题图片 $titlepic = ''; //获取上传的图片 $uploads = array(); if(!empty($POST['picids'])) { $picids = array_keys($POST['picids']); $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('pic')." WHERE picid IN (".simplode($picids).") AND uid='$_SGLOBAL[supe_uid]'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { if(empty($titlepic) && $value['thumb']) { $titlepic = $value['filepath'].'.thumb.jpg'; $blogarr['picflag'] = $value['remote']?2:1; } $uploads[$POST['picids'][$value['picid']]] = $value; } if(empty($titlepic) && $value) { $titlepic = $value['filepath']; $blogarr['picflag'] = $value['remote']?2:1; } } //插入文章 if($uploads) { preg_match_all("/\<img\s.*?\_uchome\_localimg\_([0-9]+).+?src\=\"(.+?)\"/i", $message, $mathes); if(!empty($mathes[1])) { $searchs = $idsearchs = array(); $replaces = array(); foreach ($mathes[1] as $key => $value) { if(!empty($mathes[2][$key]) && !empty($uploads[$value])) { $searchs[] = $mathes[2][$key]; $idsearchs[] = "_uchome_localimg_$value"; $replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0); unset($uploads[$value]); } } if($searchs) { $message = str_replace($searchs, $replaces, $message); $message = str_replace($idsearchs, 'uchomelocalimg[]', $message); } } //未插入文章 foreach ($uploads as $value) { $picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0); $message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>"; } } //没有填写任何东西 $ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message); if(empty($ckmessage)) { return false; } //添加slashes $message = addslashes($message); //从内容中读取图片 if(empty($titlepic)) { $titlepic = getmessagepic($message); $blogarr['picflag'] = 0; } $blogarr['pic'] = $titlepic; //热度 if(checkperm('manageblog')) { $blogarr['hot'] = intval($POST['hot']); } if($olds['blogid']) { //更新 $blogid = $olds['blogid']; updatetable('blog', $blogarr, array('blogid'=>$blogid)); $fuids = array(); $blogarr['uid'] = $olds['uid']; $blogarr['username'] = $olds['username']; } else { //参与热闹 $blogarr['topicid'] = topic_check($POST['topicid'], 'blog'); $blogarr['uid'] = $_SGLOBAL['supe_uid']; $blogarr['username'] = $_SGLOBAL['supe_username']; $blogarr['dateline'] = empty($POST['dateline'])?$_SGLOBAL['timestamp']:$POST['dateline']; $blogid = inserttable('blog', $blogarr, 1); } $blogarr['blogid'] = $blogid; //附表 $fieldarr = array( 'message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids'] ); //TAG $oldtagstr = addslashes(empty($olds['tag'])?'':implode(' ', unserialize($olds['tag']))); $tagarr = array(); if($POST['tag'] != $oldtagstr) { if(!empty($olds['tag'])) { //先把以前的给清理掉 $oldtags = array(); $query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM ".tname('tagblog')." WHERE blogid='$blogid'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $oldtags[] = $value['tagid']; } if($oldtags) { $_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum-1 WHERE tagid IN (".simplode($oldtags).")"); $_SGLOBAL['db']->query("DELETE FROM ".tname('tagblog')." WHERE blogid='$blogid'"); } } $tagarr = tag_batch($blogid, $POST['tag']); //更新附表中的tag $fieldarr['tag'] = empty($tagarr)?'':addslashes(serialize($tagarr)); } if($olds) { //更新 updatetable('blogfield', $fieldarr, array('blogid'=>$blogid)); } else { $fieldarr['blogid'] = $blogid; $fieldarr['uid'] = $blogarr['uid']; inserttable('blogfield', $fieldarr); } //空间更新 if($isself) { if($olds) { //空间更新 $_SGLOBAL['db']->query("UPDATE ".tname('space')." SET updatetime='$_SGLOBAL[timestamp]' WHERE uid='$_SGLOBAL[supe_uid]'"); } else { if(empty($space['blognum'])) { $space['blognum'] = getcount('blog', array('uid'=>$space['uid'])); $blognumsql = "blognum=".$space['blognum']; } else { $blognumsql = 'blognum=blognum+1'; } //积分 $reward = getreward('publishblog', 0); $_SGLOBAL['db']->query("UPDATE ".tname('space')." SET {$blognumsql}, lastpost='$_SGLOBAL[timestamp]', updatetime='$_SGLOBAL[timestamp]', credit=credit+$reward[credit], experience=experience+$reward[experience] WHERE uid='$_SGLOBAL[supe_uid]'"); //统计 updatestat('blog'); } } //产生feed if($POST['makefeed']) { include_once(S_ROOT.'./source/function_feed.php'); feed_publish($blogid, 'blogid', $olds?0:1); } //热闹 if(empty($olds) && $blogarr['topicid']) { topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']); } //角色切换 if(!empty($__SGLOBAL)) $_SGLOBAL = $__SGLOBAL; return $blogarr; }
if ($_G['setting']['heatthread']['type'] == 2) { require_once libfile('function/forum'); update_threadpartake($id); } break; case 'article': DB::query("UPDATE " . DB::table('portal_article_count') . " SET sharetimes=sharetimes+1 WHERE aid='{$id}'"); break; } if ($arr['status'] == 1) { updatemoderate('sid', $sid); manage_addnotify('verifyshare'); } if ($type == 'link' || !DB::result_first("SELECT COUNT(*) FROM " . DB::table('home_share') . " WHERE uid='{$_G['uid']}' AND itemid='{$id}' AND type='{$type}'")) { include_once libfile('function/stat'); updatestat('share'); } if ($note_uid && $note_uid != $_G['uid']) { notification_add($note_uid, 'sharenotice', $note_message, $note_values); } $needle = $id ? $type . $id : ''; updatecreditbyaction('createshare', $_G['uid'], array('sharings' => 1), $needle); $referer = "home.php?mod=space&uid={$_G['uid']}&do=share&view={$_GET['view']}&from={$_GET['from']}"; $magvalues['sid'] = $sid; if (!$redirecturl) { $redirecturl = dreferer(); } if (!$showmessagecontent) { $showmessagecontent = 'do_success'; } showmessage($showmessagecontent, $redirecturl, $magvalues, $_G['inajax'] && $_GET['view'] != 'me' ? array('showdialog' => 1, 'showmsg' => true, 'closetime' => true) : array());
$levelid = DB::result_first("SELECT levelid FROM " . DB::table('forum_grouplevel') . " WHERE creditshigher<='0' AND '0'<creditslower LIMIT 1"); DB::query("INSERT INTO " . DB::table('forum_forum') . "(fup, type, name, status, level) VALUES ('{$_G['gp_fup']}', 'sub', '{$_G['gp_name']}', '3', '{$levelid}')"); $newfid = DB::insert_id(); if ($newfid) { $jointype = intval($_G['gp_jointype']); $gviewperm = intval($_G['gp_gviewperm']); $descriptionnew = dhtmlspecialchars(censor(trim($_G['gp_descriptionnew']))); DB::query("INSERT INTO " . DB::table('forum_forumfield') . "(fid, description, jointype, gviewperm, dateline, founderuid, foundername, membernum) VALUES ('{$newfid}', '{$descriptionnew}', '{$jointype}', '{$gviewperm}', '" . TIMESTAMP . "', '{$_G['uid']}', '{$_G['username']}', '1')"); DB::query("UPDATE " . DB::table('forum_forumfield') . " SET groupnum=groupnum+1 WHERE fid='{$_G['gp_fup']}'"); DB::query("INSERT INTO " . DB::table('forum_groupuser') . "(fid, uid, username, level, joindateline) VALUES ('{$newfid}', '{$_G['uid']}', '{$_G['username']}', '1', '" . TIMESTAMP . "')"); update_usergroups($_G['uid']); require_once libfile('function/cache'); updatecache('grouptype'); } include_once libfile('function/stat'); updatestat('group'); showmessage('group_create_succeed', "forum.php?mod=group&action=manage&fid={$newfid}", array(), array('showdialog' => 1, 'showmsg' => true, 'locationtime' => true)); } include template('diy:group/group:' . $_G['fid']); } elseif ($action == 'manage') { if (!$_G['forum']['ismoderator']) { showmessage('group_admin_noallowed'); } $specialswitch = $_G['current_grouplevel']['specialswitch']; $oparray = array('group', 'checkuser', 'manageuser', 'threadtype', 'demise'); $_G['gp_op'] = getgpc('op') && in_array($_G['gp_op'], $oparray) ? $_G['gp_op'] : 'group'; if (empty($groupmanagers[$_G[uid]]) && !in_array($_G['gp_op'], array('group', 'threadtype', 'demise')) && $_G['adminid'] != 1) { showmessage('group_admin_noallowed'); } $page = intval(getgpc('page')) ? intval($_G['gp_page']) : 1; $perpage = 54;
} else { $poll['percredit'] = 0; } $_SGLOBAL['db']->query("UPDATE " . tname('poll') . " SET voternum=voternum+1, lastvote='{$_SGLOBAL['timestamp']}', credit=credit-{$poll['percredit']} {$sql} WHERE pid='{$pid}'"); // real name realname_get(); if ($poll['uid'] != $_SGLOBAL['supe_uid']) { //Reward points getreward('joinpoll', 1, 0, $pid); } // hot value if ($poll['uid'] != $_SGLOBAL['supe_uid']) { hot_update('pid', $poll['pid'], $poll['hotuser']); } //Statistics updatestat('pollvote'); // event feed if (!isset($_POST['anonymous']) && $_SGLOBAL['supe_uid'] != $poll['uid'] && ckprivacy('joinpoll', 1)) { $fs = array(); $fs['icon'] = 'poll'; $fs['images'] = $fs['image_links'] = array(); $fs['title_template'] = cplang('take_part_in_the_voting'); $fs['title_data'] = array('touser' => "<a href=\"space.php?uid={$poll['uid']}\">" . $_SN[$poll['uid']] . "</a>", 'url' => "space.php?uid={$poll['uid']}&do=poll&pid={$pid}", 'subject' => $poll['subject'], 'reward' => $poll['percredit'] ? cplang('reward') : ''); $fs['body_template'] = ''; $fs['body_data'] = array(); include_once S_ROOT . './source/function_cp.php'; feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data']); } showmessage('do_success', 'space.php?uid=' . $poll['uid'] . '&do=poll&pid=' . $pid . ($poll['percredit'] ? '&reward=' . $poll['percredit'] : ''), 0); } } elseif ($op == 'endreward') {
function friend_make($touid, $tousername, $checkrequest = true) { global $_G; if ($touid == $_G['uid']) { return false; } if ($checkrequest) { $to_freind_request = DB::fetch_first("SELECT * FROM " . DB::table('home_friend_request') . " WHERE uid='{$touid}' AND fuid='{$_G['uid']}'"); if ($to_freind_request) { DB::query("DELETE FROM " . DB::table('home_friend_request') . " WHERE uid='{$touid}' AND fuid='{$_G['uid']}'"); } $to_freind_request = DB::fetch_first("SELECT * FROM " . DB::table('home_friend_request') . " WHERE uid='{$_G['uid']}' AND fuid='{$touid}'"); if ($to_freind_request) { DB::query("DELETE FROM " . DB::table('home_friend_request') . " WHERE uid='{$_G['uid']}' AND fuid='{$touid}'"); } } DB::query("REPLACE INTO " . DB::table('home_friend') . " (uid,fuid,fusername,dateline)\r\n\t\tVALUES ('{$touid}', '{$_G['uid']}', '{$_G['username']}', '{$_G['timestamp']}'),\r\n\t\t\t('{$_G['uid']}', '{$touid}', '{$tousername}', '{$_G['timestamp']}')"); addfriendlog($_G['uid'], $touid); include_once libfile('function/stat'); updatestat('friend'); friend_cache($touid); friend_cache($_G['uid']); }
function _init_misc() { if (!$this->init_misc) { return false; } lang('core'); if ($this->init_setting && $this->init_user) { if (!isset($this->var['member']['timeoffset']) || $this->var['member']['timeoffset'] == 9999 || $this->var['member']['timeoffset'] === '') { $this->var['member']['timeoffset'] = $this->var['setting']['timeoffset']; } } $timeoffset = $this->init_setting ? $this->var['member']['timeoffset'] : $this->var['setting']['timeoffset']; $this->var['timenow'] = array('time' => dgmdate(TIMESTAMP), 'offset' => $timeoffset >= 0 ? $timeoffset == 0 ? '' : '+' . $timeoffset : $timeoffset); $this->timezone_set($timeoffset); $this->var['formhash'] = formhash(); define('FORMHASH', $this->var['formhash']); if ($this->init_user) { if ($this->var['group'] && isset($this->var['group']['allowvisit']) && !$this->var['group']['allowvisit']) { if ($this->var['uid']) { sysmessage('user_banned', null); } elseif ((!defined('ALLOWGUEST') || !ALLOWGUEST) && !in_array(CURSCRIPT, array('member', 'api')) && !$this->var['inajax']) { dheader('location: member.php?mod=logging&action=login&referer=' . rawurlencode($_SERVER['REQUEST_URI'])); } } if ($this->var['member']['status'] == -1) { sysmessage('user_banned', null); } } if ($this->var['setting']['ipaccess'] && !ipaccess($this->var['clientip'], $this->var['setting']['ipaccess'])) { sysmessage('user_banned', null); } if ($this->var['setting']['bbclosed']) { if ($this->var['uid'] && ($this->var['group']['allowvisit'] == 2 || $this->var['groupid'] == 1)) { } elseif (in_array(CURSCRIPT, array('admin', 'member', 'api')) || defined('ALLOWGUEST') && ALLOWGUEST) { } else { $closedreason = DB::result_first("SELECT svalue FROM " . DB::table('common_setting') . " WHERE skey='closedreason'"); $closedreason = str_replace(':', ':', $closedreason); showmessage($closedreason ? $closedreason : 'board_closed', NULL, array('adminemail' => $this->var['setting']['adminemail']), array('login' => 1)); } } if (CURSCRIPT != 'admin' && !in_array($this->var['mod'], array('logging', 'seccode'))) { periodscheck('visitbanperiods'); } if (defined('IN_MOBILE')) { $this->var['tpp'] = $this->var['setting']['mobile']['mobiletopicperpage'] ? intval($this->var['setting']['mobile']['mobiletopicperpage']) : 20; $this->var['ppp'] = $this->var['setting']['mobile']['mobilepostperpage'] ? intval($this->var['setting']['mobile']['mobilepostperpage']) : 5; } else { $this->var['tpp'] = $this->var['setting']['topicperpage'] ? intval($this->var['setting']['topicperpage']) : 20; $this->var['ppp'] = $this->var['setting']['postperpage'] ? intval($this->var['setting']['postperpage']) : 10; } if ($this->var['setting']['nocacheheaders']) { @header("Expires: -1"); @header("Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0", FALSE); @header("Pragma: no-cache"); } if ($this->session->isnew && $this->var['uid']) { updatecreditbyaction('daylogin', $this->var['uid']); include_once libfile('function/stat'); updatestat('login', 1); if (defined('IN_MOBILE')) { updatestat('mobilelogin', 1); } if ($this->var['setting']['connect']['allow'] && $this->var['member']['conisbind']) { updatestat('connectlogin', 1); } } if ($this->var['member']['conisbind'] && $this->var['setting']['connect']['newbiespan'] !== '') { $this->var['setting']['newbiespan'] = $this->var['setting']['connect']['newbiespan']; } $lastact = TIMESTAMP . "\t" . htmlspecialchars(basename($this->var['PHP_SELF'])) . "\t" . htmlspecialchars($this->var['mod']); dsetcookie('lastact', $lastact, 86400); setglobal('currenturl_encode', base64_encode('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'])); if ((!empty($this->var['gp_fromuid']) || !empty($this->var['gp_fromuser'])) && ($this->var['setting']['creditspolicy']['promotion_visit'] || $this->var['setting']['creditspolicy']['promotion_register'])) { require_once libfile('misc/promotion', 'include'); } $this->var['seokeywords'] = !empty($this->var['setting']['seokeywords'][CURSCRIPT]) ? $this->var['setting']['seokeywords'][CURSCRIPT] : ''; $this->var['seodescription'] = !empty($this->var['setting']['seodescription'][CURSCRIPT]) ? $this->var['setting']['seodescription'][CURSCRIPT] : ''; }
public static function register($username, $return = 0, $groupid = 0) { global $_G; if (!$username) { return; } if (!$_G['wechat']['setting']) { $_G['wechat']['setting'] = unserialize($_G['setting']['mobilewechat']); } loaducenter(); $groupid = !$groupid ? $_G['wechat']['setting']['wechat_newusergroupid'] ? $_G['wechat']['setting']['wechat_newusergroupid'] : $_G['setting']['newusergroupid'] : $groupid; $password = md5(random(10)); $email = 'wechat_' . strtolower(random(10)) . '@null.null'; $usernamelen = dstrlen($username); if ($usernamelen < 3) { $username = $username . '_' . random(5); } if ($usernamelen > 15) { if (!$return) { showmessage('profile_username_toolong'); } else { return; } } $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($_G['setting']['censoruser'] = trim($_G['setting']['censoruser']), '/')) . ')$/i'; if ($_G['setting']['censoruser'] && @preg_match($censorexp, $username)) { if (!$return) { showmessage('profile_username_protect'); } else { return; } } if (!$_G['wechat']['setting']['wechat_disableregrule']) { loadcache('ipctrl'); if ($_G['cache']['ipctrl']['ipregctrl']) { foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) { if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) { $ctrlip = $ctrlip . '%'; $_G['setting']['regctrl'] = $_G['setting']['ipregctrltime']; break; } else { $ctrlip = $_G['clientip']; } } } else { $ctrlip = $_G['clientip']; } if ($_G['setting']['regctrl']) { if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $_G['setting']['regctrl'] * 3600)) { if (!$return) { showmessage('register_ctrl', NULL, array('regctrl' => $_G['setting']['regctrl'])); } else { return; } } } $setregip = null; if ($_G['setting']['regfloodctrl']) { $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400); if ($regip) { if ($regip['count'] >= $_G['setting']['regfloodctrl']) { if (!$return) { showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $_G['setting']['regfloodctrl'])); } else { return; } } else { $setregip = 1; } } else { $setregip = 2; } } if ($setregip !== null) { if ($setregip == 1) { C::t('common_regip')->update_count_by_ip($_G['clientip']); } else { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp'])); } } } $uid = uc_user_register(addslashes($username), $password, $email, '', '', $_G['clientip']); if ($uid <= 0) { if (!$return) { if ($uid == -1) { showmessage('profile_username_illegal'); } elseif ($uid == -2) { showmessage('profile_username_protect'); } elseif ($uid == -3) { showmessage('profile_username_duplicate'); } elseif ($uid == -4) { showmessage('profile_email_illegal'); } elseif ($uid == -5) { showmessage('profile_email_domain_illegal'); } elseif ($uid == -6) { showmessage('profile_email_duplicate'); } else { showmessage('undefined_action'); } } else { return; } } $init_arr = array('credits' => explode(',', $_G['setting']['initcredits'])); C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupid, $init_arr); if ($_G['setting']['regctrl'] || $_G['setting']['regfloodctrl']) { C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($_G['setting']['regctrl'] > 72 ? $_G['setting']['regctrl'] : 72) * 3600); if ($_G['setting']['regctrl']) { C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp'])); } } if ($_G['setting']['regverify'] == 2) { C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => '', 'remark' => ''), false, true); manage_addnotify('verifyuser'); } setloginstatus(array('uid' => $uid, 'username' => $username, 'password' => $password, 'groupid' => $groupid), 0); //统计 include_once libfile('function/stat'); updatestat('register'); return $uid; }
function blog_post($POST, $olds = array()) { global $_SGLOBAL, $_SC, $space; //�����߽�ɫ�л� $isself = 1; if (!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) { $isself = 0; $__SGLOBAL = $_SGLOBAL; $_SGLOBAL['supe_uid'] = $olds['uid']; $_SGLOBAL['supe_username'] = addslashes($olds['username']); } //���� $POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1); if (strlen($POST['subject']) < 1) { $POST['subject'] = sgmdate('Y-m-d'); } $POST['friend'] = intval($POST['friend']); //��˽ $POST['target_ids'] = ''; if ($POST['friend'] == 2) { //�ض����� $uids = array(); $names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names'])); if ($names) { $query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $uids[] = $value['uid']; } } if (empty($uids)) { $POST['friend'] = 3; //���Լ��ɼ� } else { $POST['target_ids'] = implode(',', $uids); } } elseif ($POST['friend'] == 4) { //���� $POST['password'] = trim($POST['password']); if ($POST['password'] == '') { $POST['friend'] = 0; } //���� } if ($POST['friend'] !== 2) { $POST['target_ids'] = ''; } if ($POST['friend'] !== 4) { $POST['password'] == ''; } $POST['tag'] = shtmlspecialchars(trim($POST['tag'])); $POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1); //������� //���� if ($_SGLOBAL['mobile']) { $POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1); } else { $POST['message'] = checkhtml($POST['message']); $POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1); $POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']); } $message = $POST['message']; //���˷��� if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) { if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') { //������ $classname = shtmlspecialchars(trim(substr($POST['classid'], 4))); $classname = getstr($classname, 0, 1, 1, 1); if (empty($classname)) { $classid = 0; } else { $classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid'); if (empty($classid)) { $setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']); $classid = inserttable('class', $setarr, 1); } } } else { $classid = intval($POST['classid']); } } else { $classid = $olds['classid']; } if ($classid && empty($classname)) { //�Ƿ����Լ��� $classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname'); if (empty($classname)) { $classid = 0; } } //���� $blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1); //����ͼƬ $titlepic = ''; //��ȡ�ϴ���ͼƬ $uploads = array(); if (!empty($POST['picids'])) { $picids = array_keys($POST['picids']); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { if (empty($titlepic) && $value['thumb']) { $titlepic = $value['filepath'] . '.thumb.jpg'; $blogarr['picflag'] = $value['remote'] ? 2 : 1; } $uploads[$POST['picids'][$value['picid']]] = $value; } if (empty($titlepic) && $value) { $titlepic = $value['filepath']; $blogarr['picflag'] = $value['remote'] ? 2 : 1; } } //�������� if ($uploads) { preg_match_all("/\\<img\\s.*?\\_uchome\\_localimg\\_([0-9]+).+?src\\=\"(.+?)\"/i", $message, $mathes); if (!empty($mathes[1])) { $searchs = $idsearchs = array(); $replaces = array(); foreach ($mathes[1] as $key => $value) { if (!empty($mathes[2][$key]) && !empty($uploads[$value])) { $searchs[] = $mathes[2][$key]; $idsearchs[] = "_uchome_localimg_{$value}"; $replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0); unset($uploads[$value]); } } if ($searchs) { $message = str_replace($searchs, $replaces, $message); $message = str_replace($idsearchs, 'uchomelocalimg[]', $message); } } //δ�������� foreach ($uploads as $value) { $picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0); $message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>"; } } //û����д�κζ��� $ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message); if (empty($ckmessage)) { return false; } //���slashes $message = addslashes($message); //�������ж�ȡͼƬ if (empty($titlepic)) { $titlepic = getmessagepic($message); $blogarr['picflag'] = 0; } $blogarr['pic'] = $titlepic; //�ȶ� if (checkperm('manageblog')) { $blogarr['hot'] = intval($POST['hot']); } //���� if ($_POST['attachid'] && $_POST['attachpath'] && $_POST['attachname'] && $_POST['attachsize']) { $blogarr['attachid'] = $_POST['attachid']; $blogarr['attachpath'] = $_POST['attachpath']; $blogarr['attachname'] = $_POST['attachname']; $blogarr['attachsize'] = $_POST['attachsize']; } if ($olds['blogid']) { //���� $blogid = $olds['blogid']; updatetable('blog', $blogarr, array('blogid' => $blogid)); $fuids = array(); $blogarr['uid'] = $olds['uid']; $blogarr['username'] = $olds['username']; } else { //�������� $blogarr['topicid'] = topic_check($POST['topicid'], 'blog'); $blogarr['uid'] = $_SGLOBAL['supe_uid']; $blogarr['username'] = $_SGLOBAL['supe_username']; $blogarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline']; $blogid = inserttable('blog', $blogarr, 1); } $blogarr['blogid'] = $blogid; //���� $fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']); //TAG $oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag']))); $tagarr = array(); if ($POST['tag'] != $oldtagstr) { if (!empty($olds['tag'])) { //�Ȱ���ǰ�ĸ������ $oldtags = array(); $query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $oldtags[] = $value['tagid']; } if ($oldtags) { $_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET blognum=blognum-1 WHERE tagid IN (" . simplode($oldtags) . ")"); $_SGLOBAL['db']->query("DELETE FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'"); } } $tagarr = tag_batch($blogid, $POST['tag']); //���¸����е�tag $fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr)); } if ($olds) { //���� updatetable('blogfield', $fieldarr, array('blogid' => $blogid)); } else { $fieldarr['blogid'] = $blogid; $fieldarr['uid'] = $blogarr['uid']; inserttable('blogfield', $fieldarr); } //�ռ���� if ($isself) { if ($olds) { //�ռ���� $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'"); } else { if (empty($space['blognum'])) { $space['blognum'] = getcount('blog', array('uid' => $space['uid'])); $blognumsql = "blognum=" . $space['blognum']; } else { $blognumsql = 'blognum=blognum+1'; } //��� $reward = getreward('publishblog', 0); $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$blognumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'"); //ͳ�� updatestat('blog'); } } //����feed if ($POST['makefeed']) { include_once S_ROOT . './source/function_feed.php'; feed_publish($blogid, 'blogid', $olds ? 0 : 1); } //���� if (empty($olds) && $blogarr['topicid']) { topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']); } //��ɫ�л� if (!empty($__SGLOBAL)) { $_SGLOBAL = $__SGLOBAL; } return $blogarr; }
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false) { global $_G, $space; if ($albumid < 0) { $albumid = 0; } $setarr = array(); require_once libfile('class/upload'); $upload = new discuz_upload(); $filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext; $newfilename = $_G['setting']['attachdir'] . './album/' . $filepath; if ($handle = fopen($newfilename, 'wb')) { if (fwrite($handle, $strdata) !== FALSE) { fclose($handle); $size = filesize($newfilename); if (empty($space)) { $_G['member'] = $space = getspace($_G['uid']); $_G['username'] = addslashes($space['username']); } $_G['member'] = $space; $maxspacesize = checkperm('maxspacesize'); $maxspacesize = $maxspacesize * 1024 * 1024; if ($maxspacesize) { space_merge($space, 'common_member_count'); space_merge($space, 'common_member_field_home'); if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize']) { @unlink($newfilename); return -1; } } if (!$upload->get_image_info($newfilename)) { @unlink($newfilename); return -2; } require_once libfile('class/image'); $image = new image(); $result = $image->Thumb($newfilename, NULL, 140, 140, 1); $thumb = empty($result) ? 0 : 1; $image->Watermark($newfilename); $pic_remote = 0; $album_picflag = 1; if (getglobal('setting/ftp/on')) { $ftpresult_thumb = 0; $ftpresult = ftpupload('album/' . $filepath); if ($ftpresult) { if ($thumb) { ftpupload('album/' . $filepath . '.thumb.jpg'); } $pic_remote = 1; $album_picflag = 2; } else { if (getglobal('setting/ftp/mirror')) { @unlink($newfilename); @unlink($newfilename . '.thumb.jpg'); return -3; } } } $filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1)); $title = getstr($title, 200, 1, 1, 1); if ($albumid) { $albumid = album_creat_by_id($albumid); } else { $albumid = 0; } $setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote); $setarr['picid'] = DB::insert('home_pic', $setarr, 1); DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$size} WHERE uid='{$_G['uid']}'"); include_once libfile('function/stat'); updatestat('pic'); return $setarr; } else { fclose($handle); } } return -3; }
$fs['title_data'] = array('touser' => "<a href=\"space.php?uid={$item['uid']}\">{$_SN[$item['uid']]}</a>", 'click' => $click['name']); $fs['images'] = array(pic_get($item['filepath'], $item['thumb'], $item['remote'])); $fs['image_links'] = array("space.php?uid={$item['uid']}&do=album&picid={$item['picid']}"); $fs['body_general'] = $item['title']; $note_type = 'clickpic'; $q_note = cplang('note_click_pic', array("space.php?uid={$item['uid']}&do=album&picid={$item['picid']}")); break; } //Event Publishing if (empty($item['friend']) && ckprivacy('click', 1)) { feed_add('click', $fs['title_template'], $fs['title_data'], '', array(), $fs['body_general'], $fs['images'], $fs['image_links']); } //Reward visitors getreward('click', 1, 0, $idtype . $id); //Statistics updatestat('click'); //Notice notification_add($item['uid'], $note_type, $q_note); showmessage('click_success', $_SGLOBAL['refer']); } elseif ($_GET['op'] == 'show') { foreach ($clicks as $key => $value) { $value['clicknum'] = $item["click_{$key}"]; $value['classid'] = mt_rand(1, 4); if ($value['clicknum'] > $maxclicknum) { $maxclicknum = $value['clicknum']; } $clicks[$key] = $value; } $start = intval($_GET['start']); if ($start < 0) { $start = 0;
ssetcookie('loginuser', $username, 31536000); ssetcookie('_refer', ''); //好友邀请 if ($invitearr) { include_once S_ROOT . './source/function_cp.php'; invite_update($invitearr['id'], $setarr['uid'], $setarr['username'], $invitearr['uid'], $invitearr['username'], $app); //如果提交的邮箱地址与邀请相符的则直接通过邮箱验证 if ($invitearr['email'] == $email) { updatetable('spacefield', array('emailcheck' => 1), array('uid' => $newuid)); } //统计更新 include_once S_ROOT . './source/function_cp.php'; if ($app) { updatestat('appinvite'); } else { updatestat('invite'); } } //加入新用户 inserttable('spacefield', array('uid' => $newuid), 0, true); $activate = array('isactive' => 1); updatetable('baseprofile', $activate, array('userid' => $bp[userid])); if ($bp['sex'] == '男') { $sexc = 1; } elseif ($bp['sex'] == '女') { $sexc = 2; } else { $sexc = 0; } $insertinfo = array('realname' => $bp['realname'], 'sex' => $sexc, 'email' => $email); updatetable('spacefield', $insertinfo, array('uid' => $newuid));
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message); } //替换表情 $Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message); $Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message); //print_r($Message); $arr = array("username" => getstr($username, 15, 1, 1, 1), "message" => $Message, "uid" => intval($userid), "replynum" => 0, "mood" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip()); $newdoid = inserttable('doing', $arr, 1); //事件feed $feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $userid, 'username' => $username, 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid'); $feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']); //喜好hash $feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']); //合并hash inserttable('feed', $feedarr, 1); updatestat('doing'); //更新空间note $setarr = array('note' => $Message); if (!empty($_POST['spacenote'])) { $reward = getreward('updatemood', 0); $setarr['spacenote'] = $Message; } else { $reward = getreward('doing', 0); } updatetable('spacefield', $setarr, array('uid' => $userid)); $setarr = array('updatetime' => "updatetime='{$_SGLOBAL['timestamp']}'", 'lastpost' => "lastpost='{$_SGLOBAL['timestamp']}'"); $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET " . implode(',', $setarr) . " WHERE uid='{$userid}'"); //返回flag if ($newdoid) { $arrs = array('flag' => 'success'); } else {
function IHomeServiceCreateComplain($params = NULL) { global $_SGLOBAL; if ($params['uid']) { if ($params['uid'] <= 0) { $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct. the id must be a positive interger."); return json_encode($errorMsg); } else { $sql = "select name,username from " . tname('space') . " where uid = " . $params['uid']; $query = $_SGLOBAL['db']->query($sql); if ($row = $_SGLOBAL['db']->fetch_array($query)) { if ($row['name']) { $params['uname'] = $row['name']; } else { $params['uname'] = $row['username']; } } else { $errorMsg = array("errorNo" => "500", "content" => "the uid is not exist"); return json_encode($errorMsg); } } } else { $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter uid.the uid is not exist or the uid is not a positive interger."); return json_encode($errorMsg); } // 忽略department_id_list if (!$params['content']) { $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter message.the message is not exist or the message is empty."); return json_encode($errorMsg); } if ($params['device'] && !in_array($params['device'], array('web', 'wechat', 'mobile'))) { $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct. the parameter device is out of range."); return json_encode($errorMsg); } $UserIds = array(); $mood = 0; $params['status'] = 'init'; $params['reply_count'] = 0; $params['timestamp'] = time(); $params['department_list'] = array(); $params['operation_list'] = array(); $params['reply_list'] = array(); preg_match("/\\[em\\:(\\d+)\\:\\]/s", $params['content'], $ms); $mood = empty($ms[1]) ? 0 : intval($ms[1]); $message = rawurldecode(getstr($params['content'], 1000, 1, 1, 1, 2)); preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s*/U", $message, $matches, PREG_SET_ORDER); # 加上链接 foreach ($matches as $value) { $TmpString = $value[0]; $TmpName = $value[1]; $UserId = $value[2]; $result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}"); if ($rs = $_SGLOBAL['db']->fetch_array($result)) { $realname = $rs['name']; if (empty($realname)) { $realname = $rs['username']; } $params['department_list'][intval($UserId)] = $realname; $ValidValue = getAtName($TmpString, $TmpName, $realname); $ValidValue = trim($ValidValue); $at_friend = "space.php?uid=" . $UserId; if ($ValidValue != false) { $message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $message); if (!in_array($UserId, $UserIds)) { $UserIds[] = $UserId; } } } } $message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $message); $message = preg_replace("/\\<br.*?\\>/is", ' ', $message); $params['content'] = $message; $setarr = array('uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'from' => $params['uid'], 'message' => $message, 'mood' => $mood, 'ip' => getonlineip(), 'fromdevice' => 'web'); if ($params['device']) { $setarr['fromdevice'] = $params['device']; } if ($params['ip']) { $setarr['ip'] = $params['ip']; } $newdoid = inserttable('doing', $setarr, 1); @(include_once S_ROOT . './data/data_creditrule.php'); $isComplain = TRUE; /*if($isComplain && ($_SGLOBAL['member']['credit'] < $_SGLOBAL['creditrule']['complain']['credit'])){ # 如果积分不够 $isComplain = FALSE; $note = cplang('note_complain_credit_failed', array("space.php?do=doing&doid=$newdoid")); notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note); $complain_msg = 'note_complain_credit_failed'; }*/ # 这部分可能会出错 foreach ($UserIds as $UserId) { if ($isComplain) { $UserDept = isDepartment($UserId, 1); if ($UserDept) { $nowtime = time(); $complain = array('doid' => $newdoid, 'uid' => $params['uid'], 'uname' => $params['uname'], 'atdepartment' => $UserDept['department'], 'atdeptuid' => $UserId, 'from' => $params['uid'], 'atuid' => $UserId, 'atuname' => $UserDept['department'], 'isreply' => 0, 'addtime' => $nowtime, 'dateline' => $nowtime, 'expire' => 0, 'times' => 1, 'issendmsg' => 0, 'message' => $message, 'datatime' => date("Ymd", $nowtime)); inserttable('complain', $complain, 0); $note = cplang('note_complain_buchu', array("space.php?do=complain_item&doid={$newdoid}", date('Y-m-d H:i', $nowtime + 3600 * 24))); notification_complain_add($UserId, 'complain', $note); $complainOK = TRUE; } else { $note = cplang('note_doing_at', array("space.php?do=doing&doid={$newdoid}")); notification_add($UserId, 'atyou', $note); } } } if ($complainOK) { $note = cplang('note_complain_user_success', array("space.php?do=complain_item&doid={$newdoid}")); notification_complain_add($params['uid'], 'complain', $note); $complain_msg = 'note_complain_user_success'; getreward('complain', 1, $params['uid']); } if (!$complainOK && $isComplain) { if ($UserId == '0000') { //系统管理员 虽然并没有什么用 $note = cplang("您好,您的诉求已发送成功。谢谢您对ihome社区的大力支持!", array("space.php?do=doing&doid={$newdoid}")); notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note); } else { $note = cplang('note_complain_user_failed', array("space.php?do=doing&doid={$newdoid}")); notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note); $complain_msg = 'note_complain_user_failed'; } } $feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid', 'fromdevice' => 'web', 'ip' => getonlineip()); if ($params['device']) { $feedarr['fromdevice'] = $params['device']; } if ($params['ip']) { $feedarr['ip'] = $params['ip']; } $feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']); //ϲºÃhash $feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']); //ºÏ²¢hash $feedid = inserttable('feed', $feedarr, 1); updatestat('doing'); $setarr = array('note' => $message); $reward = getreward('doing', 0); updatetable('spacefield', $setarr, array('uid' => $params['uid'])); return json_encode($params); }
} } $updo['id'] = intval($updo['id']); $updo['grade'] = intval($updo['grade']); $setarr = array('doid' => $updo['doid'], 'upid' => $updo['id'], 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'message' => $message, 'ip' => $_G['clientip'], 'grade' => $updo['grade'] + 1); if ($updo['grade'] >= 3) { $setarr['upid'] = $updo['upid']; } $newid = C::t('home_docomment')->insert($setarr, true); C::t('home_doing')->update_replynum_by_doid(1, $updo['doid']); if ($updo['uid'] != $_G['uid']) { notification_add($updo['uid'], 'comment', 'doing_reply', array('url' => "home.php?mod=space&uid={$updo['uid']}&do=doing&view=me&doid={$updo['doid']}&highlight={$newid}", 'from_id' => $updo['doid'], 'from_idtype' => 'doid')); updatecreditbyaction('comment', 0, array(), 'doing' . $updo['doid']); } include_once libfile('function/stat'); updatestat('docomment'); C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP), 'UNBUFFERED'); showmessage('do_success', dreferer(), array('doid' => $updo['doid'])); } } if ($_GET['op'] == 'delete') { if (submitcheck('deletesubmit')) { if ($id) { $allowmanage = checkperm('managedoing'); if ($value = C::t('home_docomment')->fetch($id)) { $home_doing = C::t('home_doing')->fetch($value['doid']); $value['duid'] = $home_doing['uid']; if ($allowmanage || $value['uid'] == $_G['uid'] || $value['duid'] == $_G['uid']) { C::t('home_docomment')->update($id, array('uid' => 0, 'username' => '', 'message' => '')); if ($value['uid'] != $_G['uid'] && $value['duid'] != $_G['uid']) { batchupdatecredit('comment', $value['uid'], array(), -1);
//调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false $ValidValue = getAtName($TmpString, $TmpName, $realname); $ValidValue = trim($ValidValue); $at_friend = "space.php?uid=" . $UserId; if ($ValidValue != false) { $Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message); $UserIds[] = $UserId; } } } //Add by Add by am 2013-12-07 end $arr = array('tid' => intval($Commentid), "tagid" => intval($TagId), "uid" => intval($userid), "username" => getstr($username, 15, 1, 1, 1), "message" => getstr($Message, 5000, 1, 1, 1), "ip" => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], "isthread" => 0); $pid = inserttable('post', $arr, 1); //更新统计数据 $_SGLOBAL['db']->query("UPDATE " . tname('thread') . "\r\n\tSET replynum=replynum+1, lastpost='{$_SGLOBAL['timestamp']}', lastauthor='{$username}', lastauthorid='{$userid}'\r\n\tWHERE tid='{$Commentid}'"); //通知 $note = cplang('note_thread_reply') . " <a href=\"space.php?uid={$userid}&do=thread&id={$Commentid}&pid={$pid}\" target=\"_blank\">{$thread['subject']}</a>"; notification_add($userid, 'post', $note); //统计 updatestat('post'); if ($pid) { $arrs = array('flag' => 'success'); } else { $arrs = array('flag' => 'fail'); } } } $result = json_encode($arrs); $result = preg_replace("#\\\\u([0-9a-f]+)#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result); echo $result; exit;
notification_add($uid, 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '" target="_blank">' . $_G['username'] . '</a>'), 1); } space_merge($space, 'field_home'); if (!empty($space['privacy']['feed']['invite'])) { require_once libfile('function/feed'); $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>'); feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $space['uid'], $space['username']); } if ($_G['setting']['inviteconfig']['inviteaddcredit']) { updatemembercount($_G['uid'], array($_G['setting']['inviteconfig']['inviterewardcredit'] => $_G['setting']['inviteconfig']['inviteaddcredit'])); } if ($_G['setting']['inviteconfig']['invitedaddcredit']) { updatemembercount($uid, array($_G['setting']['inviteconfig']['inviterewardcredit'] => $_G['setting']['inviteconfig']['invitedaddcredit'])); } include_once libfile('function/stat'); updatestat($appid ? 'appinvite' : 'invite'); showmessage('invite_friend_ok', $jumpurl); } else { dsetcookie('invite_auth', $cookievar, 604800); } space_merge($space, 'count'); space_merge($space, 'field_home'); space_merge($space, 'profile'); $flist = array(); $query = C::t('home_friend')->fetch_all_by_uid($uid, 0, 12, true); foreach ($query as $value) { $value['uid'] = $value['fuid']; $value['username'] = $value['fusername']; $flist[] = $value; } $jumpurl = urlencode($jumpurl);