function setloginstatus($member, $cookietime)
{
global $_G;
$_G['uid'] = intval($member['uid']);
$_G['username'] = $member['username'];
$_G['adminid'] = $member['adminid'];
$_G['groupid'] = $member['groupid'];
$_G['formhash'] = formhash();
$_G['session']['invisible'] = getuserprofile('invisible');
$_G['member'] = $member;
loadcache('usergroup_' . $_G['groupid']);
C::app()->session->isnew = true;
C::app()->session->updatesession();
dsetcookie('auth', authcode("{$member['password']}\t{$member['uid']}", 'ENCODE'), $cookietime, 1, true);
dsetcookie('loginuser');
dsetcookie('activationauth');
dsetcookie('pmnum');
include_once libfile('function/stat');
updatestat('login', 1);
if (defined('IN_MOBILE')) {
updatestat('mobilelogin', 1);
}
if ($_G['setting']['connect']['allow'] && $_G['member']['conisbind']) {
updatestat('connectlogin', 1);
}
$rule = updatecreditbyaction('daylogin', $_G['uid']);
if (!$rule['updatecredit']) {
checkusergroup($_G['uid']);
}
}
function xwb_setSiteUserLogin($uid)
{
global $_G;
if (empty($uid)) {
return false;
}
//登录
$member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='" . $uid . "'");
if (!$member) {
return false;
}
setloginstatus($member, time() + 60 * 60 * 24 ? 2592000 : 0);
DB::query("UPDATE " . DB::table('common_member_status') . " SET lastip='" . $_G['clientip'] . "', lastvisit='" . time() . "' WHERE uid='{$uid}'");
include_once libfile('function/stat');
updatestat('login');
updatecreditbyaction('daylogin', $uid);
checkusergroup($uid);
return true;
}
$setarr = array('uid' => $uid, 'fromuid' => $_G['uid'], 'fromusername' => $_G['username'], 'note' => getstr($_POST['note'], 150, 1, 1), 'dateline' => $_G['timestamp'], 'iconid' => intval($_POST['iconid']));
DB::insert('home_poke', $setarr, 0, true);
if (!$oldpoke) {
DB::query("UPDATE " . DB::table('common_member_status') . " SET pokes=pokes+1 WHERE uid='{$uid}'");
DB::query("UPDATE " . DB::table('common_member') . " SET newprompt=newprompt+1 WHERE uid='{$uid}'");
}
require_once libfile('function/friend');
friend_addnum($tospace['uid']);
if ($op == 'reply') {
DB::query("DELETE FROM " . DB::table('home_poke') . " WHERE uid='{$_G['uid']}' AND fromuid='{$uid}'");
DB::query("UPDATE " . DB::table('common_member_status') . " SET pokes=pokes-'1' WHERE uid='{$_G['uid']}'");
DB::query("UPDATE " . DB::table('common_member') . " SET newprompt=newprompt-'1' WHERE uid='{$_G['uid']}'");
}
updatecreditbyaction('poke', 0, array(), $uid);
include_once libfile('function/stat');
updatestat('poke');
showmessage('poke_success', dreferer(), array('username' => $tospace['username'], 'uid' => $uid, 'from' => $_G['gp_from']), array('showdialog' => 1, 'showmsg' => true, 'closetime' => true));
}
} elseif ($op == 'ignore') {
if (submitcheck('ignoresubmit')) {
$where = empty($uid) ? '' : "AND fromuid='{$uid}'";
DB::query("DELETE FROM " . DB::table('home_poke') . " WHERE uid='{$_G['uid']}' {$where}");
$pokenum = getcount('home_poke', array('uid' => $_G['uid']));
space_merge($space, 'status');
if ($pokenum != $space['pokes']) {
$changenum = $pokenum - $space['pokes'];
member_status_update($space['uid'], array('pokes' => $changenum));
}
showmessage('has_been_hailed_overlooked', '', array('uid' => $uid, 'from' => $_G['gp_from']), array('showdialog' => 1, 'showmsg' => true, 'closetime' => 0));
}
} elseif ($op == 'view') {
public function newthread($parameters)
{
require_once libfile('function/post');
$this->tid = $this->pid = 0;
$this->_init_parameters($parameters);
if (trim($this->param['subject']) == '') {
return $this->showmessage('post_sm_isnull');
}
if (!$this->param['sortid'] && !$this->param['special'] && trim($this->param['message']) == '') {
return $this->showmessage('post_sm_isnull');
}
list($this->param['modnewthreads'], $this->param['modnewreplies']) = threadmodstatus($this->param['subject'] . "\t" . $this->param['message'] . $this->param['extramessage']);
if ($post_invalid = checkpost($this->param['subject'], $this->param['message'], $this->param['special'] || $this->param['sortid'])) {
return $this->showmessage($post_invalid, '', array('minpostsize' => $this->setting['minpostsize'], 'maxpostsize' => $this->setting['maxpostsize']));
}
if (checkflood()) {
return $this->showmessage('post_flood_ctrl', '', array('floodctrl' => $this->setting['floodctrl']));
} elseif (checkmaxperhour('tid')) {
return $this->showmessage('thread_flood_ctrl_threads_per_hour', '', array('threads_per_hour' => $this->group['maxthreadsperhour']));
}
$this->param['save'] = $this->member['uid'] ? $this->param['save'] : 0;
$this->param['typeid'] = isset($this->param['typeid']) && isset($this->forum['threadtypes']['types'][$this->param['typeid']]) && (!$this->forum['threadtypes']['moderators'][$this->param['typeid']] || $this->forum['ismoderator']) ? $this->param['typeid'] : 0;
$this->param['displayorder'] = $this->param['modnewthreads'] ? -2 : ($this->forum['ismoderator'] && $this->group['allowstickthread'] && !empty($this->param['sticktopic']) ? 1 : (empty($this->param['save']) ? 0 : -4));
if ($this->param['displayorder'] == -2) {
C::t('forum_forum')->update($this->forum['fid'], array('modworks' => '1'));
}
$this->param['digest'] = $this->forum['ismoderator'] && $this->group['allowdigestthread'] && !empty($this->param['digest']) ? 1 : 0;
$this->param['readperm'] = $this->group['allowsetreadperm'] ? $this->param['readperm'] : 0;
$this->param['isanonymous'] = $this->group['allowanonymous'] && $this->param['isanonymous'] ? 1 : 0;
$this->param['price'] = intval($this->param['price']);
if (!$this->param['special']) {
$this->param['price'] = $this->group['maxprice'] ? $this->param['price'] <= $this->group['maxprice'] ? $this->param['price'] : $this->group['maxprice'] : 0;
}
if (!$this->param['typeid'] && $this->forum['threadtypes']['required'] && !$this->param['special']) {
return $this->showmessage('post_type_isnull');
}
if (!$this->param['sortid'] && $this->forum['threadsorts']['required'] && !$this->param['special']) {
return $this->showmessage('post_sort_isnull');
}
if (!$this->param['special'] && $this->param['price'] > 0 && floor($this->param['price'] * (1 - $this->setting['creditstax'])) == 0) {
return $this->showmessage('post_net_price_iszero');
}
$this->param['sortid'] = $this->param['special'] && $this->forum['threadsorts']['types'][$this->param['sortid']] ? 0 : $this->param['sortid'];
$this->param['typeexpiration'] = intval($this->param['typeexpiration']);
if ($this->forum['threadsorts']['expiration'][$this->param['typeid']] && !$this->param['typeexpiration']) {
return $this->showmessage('threadtype_expiration_invalid');
}
$author = !$this->param['isanonymous'] ? $this->member['username'] : '';
$this->param['moderated'] = $this->param['digest'] || $this->param['displayorder'] > 0 ? 1 : 0;
$this->param['ordertype'] && ($this->param['tstatus'] = setstatus(4, 1, $this->param['tstatus']));
$this->param['imgcontent'] && ($this->param['tstatus'] = setstatus(15, $this->param['imgcontent'], $this->param['tstatus']));
$this->param['hiddenreplies'] && ($this->param['tstatus'] = setstatus(2, 1, $this->param['tstatus']));
$this->param['allownoticeauthor'] && ($this->param['tstatus'] = setstatus(6, 1, $this->param['tstatus']));
$this->param['isgroup'] = $this->forum['status'] == 3 ? 1 : 0;
$this->param['publishdate'] = !$this->param['modnewthreads'] ? $this->param['publishdate'] : TIMESTAMP;
$newthread = array('fid' => $this->forum['fid'], 'posttableid' => 0, 'readperm' => $this->param['readperm'], 'price' => $this->param['price'], 'typeid' => $this->param['typeid'], 'sortid' => $this->param['sortid'], 'author' => $author, 'authorid' => $this->member['uid'], 'subject' => $this->param['subject'], 'dateline' => $this->param['publishdate'], 'lastpost' => $this->param['publishdate'], 'lastposter' => $author, 'displayorder' => $this->param['displayorder'], 'digest' => $this->param['digest'], 'special' => $this->param['special'], 'attachment' => 0, 'moderated' => $this->param['moderated'], 'status' => $this->param['tstatus'], 'isgroup' => $this->param['isgroup'], 'replycredit' => $this->param['replycredit'], 'closed' => $this->param['closed'] ? 1 : 0);
$this->tid = C::t('forum_thread')->insert($newthread, true);
C::t('forum_newthread')->insert(array('tid' => $this->tid, 'fid' => $this->forum['fid'], 'dateline' => $this->param['publishdate']));
useractionlog($this->member['uid'], 'tid');
if (!getuserprofile('threads') && $this->setting['newbie']) {
C::t('forum_thread')->update($this->tid, array('icon' => $this->setting['newbie']));
}
if ($this->param['publishdate'] != TIMESTAMP) {
$cron_publish_ids = dunserialize($this->cache('cronpublish'));
$cron_publish_ids[$this->tid] = $this->tid;
$cron_publish_ids = serialize($cron_publish_ids);
savecache('cronpublish', $cron_publish_ids);
}
if (!$this->param['isanonymous']) {
C::t('common_member_field_home')->update($this->member['uid'], array('recentnote' => $this->param['subject']));
}
if ($this->param['moderated']) {
updatemodlog($this->tid, $this->param['displayorder'] > 0 ? 'STK' : 'DIG');
updatemodworks($this->param['displayorder'] > 0 ? 'STK' : 'DIG', 1);
}
$this->param['bbcodeoff'] = checkbbcodes($this->param['message'], !empty($this->param['bbcodeoff']));
$this->param['smileyoff'] = checksmilies($this->param['message'], !empty($this->param['smileyoff']));
$this->param['parseurloff'] = !empty($this->param['parseurloff']);
$this->param['htmlon'] = $this->group['allowhtml'] && !empty($this->param['htmlon']) ? 1 : 0;
$this->param['usesig'] = !empty($this->param['usesig']) && $this->group['maxsigsize'] ? 1 : 0;
$class_tag = new tag();
$this->param['tagstr'] = $class_tag->add_tag($this->param['tags'], $this->tid, 'tid');
$this->param['pinvisible'] = $this->param['modnewthreads'] ? -2 : (empty($this->param['save']) ? 0 : -3);
$this->param['message'] = preg_replace('/\\[attachimg\\](\\d+)\\[\\/attachimg\\]/is', '[attach]\\1[/attach]', $this->param['message']);
$this->param['pstatus'] = intval($this->param['pstatus']);
defined('IN_MOBILE') && ($this->param['pstatus'] = setstatus(4, 1, $this->param['pstatus']));
if ($this->param['imgcontent']) {
stringtopic($this->param['message'], $this->tid, true, $this->param['imgcontentwidth']);
}
$this->pid = insertpost(array('fid' => $this->forum['fid'], 'tid' => $this->tid, 'first' => '1', 'author' => $this->member['username'], 'authorid' => $this->member['uid'], 'subject' => $this->param['subject'], 'dateline' => $this->param['publishdate'], 'message' => $this->param['message'], 'useip' => $this->param['clientip'] ? $this->param['clientip'] : getglobal('clientip'), 'port' => $this->param['remoteport'] ? $this->param['remoteport'] : getglobal('remoteport'), 'invisible' => $this->param['pinvisible'], 'anonymous' => $this->param['isanonymous'], 'usesig' => $this->param['usesig'], 'htmlon' => $this->param['htmlon'], 'bbcodeoff' => $this->param['bbcodeoff'], 'smileyoff' => $this->param['smileyoff'], 'parseurloff' => $this->param['parseurloff'], 'attachment' => '0', 'tags' => $this->param['tagstr'], 'replycredit' => 0, 'status' => $this->param['pstatus']));
$statarr = array(0 => 'thread', 1 => 'poll', 2 => 'trade', 3 => 'reward', 4 => 'activity', 5 => 'debate', 127 => 'thread');
include_once libfile('function/stat');
updatestat($this->param['isgroup'] ? 'groupthread' : $statarr[$this->param['special']]);
if ($this->param['geoloc'] && IN_MOBILE == 2) {
list($mapx, $mapy, $location) = explode('|', $this->param['geoloc']);
if ($mapx && $mapy && $location) {
C::t('forum_post_location')->insert(array('pid' => $this->pid, 'tid' => $this->tid, 'uid' => $this->member['uid'], 'mapx' => $mapx, 'mapy' => $mapy, 'location' => $location));
}
}
if ($this->param['modnewthreads']) {
updatemoderate('tid', $this->tid);
C::t('forum_forum')->update_forum_counter($this->forum['fid'], 0, 0, 1);
manage_addnotify('verifythread');
return 'post_newthread_mod_succeed';
} else {
if ($this->param['displayorder'] != -4) {
if ($this->param['digest']) {
updatepostcredits('+', $this->member['uid'], 'digest', $this->forum['fid']);
}
updatepostcredits('+', $this->member['uid'], 'post', $this->forum['fid']);
if ($this->param['isgroup']) {
C::t('forum_groupuser')->update_counter_for_user($this->member['uid'], $this->forum['fid'], 1);
}
$subject = str_replace("\t", ' ', $this->param['subject']);
$lastpost = "{$this->tid}\t" . $subject . "\t" . TIMESTAMP . "\t{$author}";
C::t('forum_forum')->update($this->forum['fid'], array('lastpost' => $lastpost));
C::t('forum_forum')->update_forum_counter($this->forum['fid'], 1, 1, 1);
if ($this->forum['type'] == 'sub') {
C::t('forum_forum')->update($this->forum['fup'], array('lastpost' => $lastpost));
}
}
if ($this->param['isgroup']) {
C::t('forum_forumfield')->update($this->forum['fid'], array('lastupdate' => TIMESTAMP));
require_once libfile('function/grouplog');
updategroupcreditlog($this->forum['fid'], $this->member['uid']);
}
C::t('forum_sofa')->insert(array('tid' => $this->tid, 'fid' => $this->forum['fid']));
return 'post_newthread_succeed';
}
}
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name='', $title='', $delsize=0, $from = false) {
global $_SGLOBAL, $space, $_SCONFIG, $_SC;
if($albumid<0) $albumid = 0;
$setarr = array();
$filepath = getfilepath($fileext, true);
$newfilename = $_SC['attachdir'].'./'.$filepath;
if($handle = fopen($newfilename, 'wb')) {
if(fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
//检查空间大小
if(empty($space)) {
$space = getspace($_SGLOBAL['supe_uid']);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('space')." WHERE uid='$_SGLOBAL[supe_uid]'");
$space = $_SGLOBAL['db']->fetch_array($query);
$_SGLOBAL['supe_username'] = addslashes($space['username']);
}
$_SGLOBAL['member'] = $space;
$maxattachsize = checkperm('maxattachsize');//单位MB
if($maxattachsize) {//0为不限制
if($space['attachsize'] + $size - $delsize > $maxattachsize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
//检查是否图片
if(function_exists('getimagesize')) {
$tmp_imagesize = @getimagesize($newfilename);
list($tmp_width, $tmp_height, $tmp_type) = (array)$tmp_imagesize;
$tmp_size = $tmp_width * $tmp_height;
if($tmp_size > 16777216 || $tmp_size < 4 || empty($tmp_type) || strpos($tmp_imagesize['mime'], 'flash') > 0) {
@unlink($newfilename);
return -2;
}
}
//缩略图
include_once(S_ROOT.'./source/function_image.php');
$thumbpath = makethumb($newfilename);
$thumb = empty($thumbpath)?0:1;
//大头帖不添加水印
if($_SCONFIG['allowwatermark']) {
makewatermark($newfilename);
}
//入库
$filename = addslashes(($name ? $name : substr(strrchr($filepath, '/'), 1)));
$title = getstr($title, 200, 1, 1, 1);
if($albumid) {
preg_match("/^new\:(.+)$/i", $albumid, $matchs);
if(!empty($matchs[1])) {
$albumname = shtmlspecialchars(trim($matchs[1]));
if(empty($albumname)) $albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if($albumid) {
$query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM ".tname('album')." WHERE albumid='$albumid' AND uid='$_SGLOBAL[supe_uid]'");
if($value = $_SGLOBAL['db']->fetch_array($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
} else {
$albumid = 0;
}
$setarr = array(
'albumid' => $albumid,
'uid' => $_SGLOBAL['supe_uid'],
'username' => $_SGLOBAL['supe_username'],
'dateline' => $_SGLOBAL['timestamp'],
'filename' => $filename,
'postip' => getonlineip(),
'title' => $title,
'type' => $fileext,
'size' => $size,
'filepath' => $filepath,
'thumb' => $thumb
);
$setarr['picid'] = inserttable('pic', $setarr, 1);
//更新附件大小
//积分
$setsql = '';
if($from) {
$reward = getreward($from, 0);
if($reward['credit']) {
$setsql = ",credit=credit+$reward[credit]";
}
if($reward['experience']) {
$setsql .= ",experience=experience+$reward[experience]";
}
}
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET attachsize=attachsize+'$size', updatetime='$_SGLOBAL[timestamp]' $setsql WHERE uid='$_SGLOBAL[supe_uid]'");
//相册更新
if($albumid) {
$file = $filepath.($thumb?'.thumb.jpg':'');
$_SGLOBAL['db']->query("UPDATE ".tname('album')."
SET picnum=picnum+1, updatetime='$_SGLOBAL[timestamp]', pic='$file', picflag='1'
WHERE albumid='$albumid'");
}
//最后进行ftp上传,防止垃圾产生
if($_SCONFIG['allowftp']) {
include_once(S_ROOT.'./source/function_ftp.php');
if(ftpupload($newfilename, $filepath)) {
$setarr['remote'] = 1;
updatetable('pic', array('remote'=>$setarr['remote']), array('picid'=>$setarr['picid']));
if($albumid) updatetable('album', array('picflag'=>2), array('albumid'=>$albumid));
} else {
return -4;
}
}
//统计
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
updatemembercount($uid, array($_G['setting']['inviteconfig']['inviterewardcredit'] => $_G['setting']['inviteconfig']['inviteaddcredit']));
}
if ($_G['setting']['inviteconfig']['invitedaddcredit']) {
updatemembercount($invite['uid'], array($_G['setting']['inviteconfig']['inviterewardcredit'] => $_G['setting']['inviteconfig']['invitedaddcredit']));
}
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
space_merge($invite, 'field_home');
if (!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if ($invite['appid']) {
updatestat('appinvite');
}
}
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomtitle = !empty($_G['setting']['welcomemsgtitle']) ? $_G['setting']['welcomemsgtitle'] : "Welcome to " . $_G['setting']['bbname'] . "!";
$welcomtitle = addslashes(replacesitevar($welcomtitle));
$welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt));
if ($welcomemsg == 1) {
sendpm($uid, $welcomtitle, $welcomemsgtxt, 0);
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomtitle, $welcomemsgtxt);
}
}
if ($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
$touid =& $_G['collection']['uid'];
$coef = 1;
if ($touid) {
$subject = $message = lang('message', 'collection_recommend_message', array('fromuser' => $_G['username'], 'collectioname' => $_G['collection']['name'], 'url' => $_GET['threadurl']));
if (C::t('home_blacklist')->count_by_uid_buid($touid, $_G['uid'])) {
showmessage('is_blacklist', '', array(), array('return' => true));
}
if ($value = getuserbyuid($touid)) {
require_once libfile('function/friend');
$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && friend_check($touid)) {
$return = sendpm($touid, $subject, $message, '', 0, 0);
} else {
showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
}
} else {
showmessage('message_bad_touid', '', array(), array('return' => true));
}
} else {
$return = sendpm(0, $subject, $message, '', $pmid, 0);
}
if ($return > 0) {
include_once libfile('function/stat');
updatestat('sendpm', 0, $coef);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP), 'UNBUFFERED');
!($_G['group']['exempt'] & 1) && updatecreditbyaction('sendpm', 0, array(), '', $coef);
showmessage('collection_recommend_succ', '', array(), array('alert' => 'right', 'closetime' => true, 'showdialog' => 1));
}
}
}
function blog_post($POST, $olds=array()) {
global $_G, $space;
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_G['uid']) {
$isself = 0;
$__G = $_G;
$_G['uid'] = $olds['uid'];
$_G['username'] = addslashes($olds['username']);
}
$POST['subject'] = getstr(trim($POST['subject']), 80);
$POST['subject'] = censor($POST['subject']);
if(strlen($POST['subject'])<1) $POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d');
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
$uids = array();
$names = empty($_POST['target_names'])?array():explode(',', preg_replace("/(\s+)/s", ',', $_POST['target_names']));
if($names) {
$uids = C::t('common_member')->fetch_all_uid_by_username($names);
}
if(empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500);
$POST['tag'] = censor($POST['tag']);
$POST['message'] = checkhtml($POST['message']);
if($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
if(censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) {
$blog_status = 1;
} else {
$blog_status = 0;
}
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname);
$classname = censor($classname);
if(empty($classname)) {
$classid = 0;
} else {
$classid = C::t('home_class')->fetch_classid_by_uid_classname($_G['uid'], $classname);
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_G['uid'],
'dateline' => $_G['timestamp']
);
$classid = C::t('home_class')->insert($setarr, true);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
$query = C::t('home_class')->fetch($classid);
$classname = ($query['uid'] == $_G['uid']) ? $query['classname'] : '';
if(empty($classname)) $classid = 0;
}
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
'password' => $POST['password'],
'noreply' => empty($POST['noreply'])?0:1,
'catid' => intval($POST['catid']),
'status' => $blog_status,
);
$titlepic = '';
$uploads = array();
if(!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = C::t('home_pic')->fetch_all_by_uid($_G['uid'], 0, 0, $picids);
foreach($query as $value) {
if(empty($titlepic) && $value['thumb']) {
$titlepic = getimgthumbname($value['filepath']);
$blogarr['picflag'] = $value['remote']?2:1;
}
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$uploads[md5($picurl)] = $value;
}
if(empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote']?2:1;
}
}
if($uploads) {
$albumid = 0;
if($POST['savealbumid'] < 0 && !empty($POST['newalbum'])) {
$albumname = addslashes(dhtmlspecialchars(trim($POST['newalbum'])));
if(empty($albumname)) $albumname = dgmdate($_G['timestamp'],'Ymd');
$albumarr = array('albumname' => $albumname);
$albumid = album_creat($albumarr);
} else {
$albumid = $POST['savealbumid'] < 0 ? 0 : intval($POST['savealbumid']);
}
if($albumid) {
C::t('home_pic')->update_for_uid($_G['uid'], $picids, array('albumid' => $albumid));
album_update_pic($albumid);
}
preg_match_all("/\s*\<img src=\"(.+?)\".*?\>\s*/is", $message, $mathes);
if(!empty($mathes[1])) {
foreach ($mathes[1] as $key => $value) {
$urlmd5 = md5($value);
if(!empty($uploads[$urlmd5])) {
unset($uploads[$urlmd5]);
}
}
}
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
}
}
$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
if(empty($ckmessage)) {
return false;
}
if(checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if($olds['blogid']) {
if($blogarr['catid'] != $olds['catid']) {
if($olds['catid']) {
C::t('home_blog_category')->update_num_by_catid(-1, $olds['catid'], true, true);
}
if($blogarr['catid']) {
C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']);
}
}
$blogid = $olds['blogid'];
C::t('home_blog')->update($blogid, $blogarr);
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
if($blogarr['catid']) {
C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']);
}
$blogarr['uid'] = $_G['uid'];
$blogarr['username'] = $_G['username'];
$blogarr['dateline'] = empty($POST['dateline'])?$_G['timestamp']:$POST['dateline'];
$blogid = C::t('home_blog')->insert($blogarr, true);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp']));
C::t('common_member_field_home')->update($_G['uid'], array('recentnote'=>$POST['subject']));
}
$blogarr['blogid'] = $blogid;
$class_tag = new tag();
$POST['tag'] = $olds ? $class_tag->update_field($POST['tag'], $blogid, 'blogid') : $class_tag->add_tag($POST['tag'], $blogid, 'blogid');
$fieldarr = array(
'message' => $message,
'postip' => $_G['clientip'],
'target_ids' => $POST['target_ids'],
'tag' => $POST['tag']
);
if(!empty($titlepic)) {
$fieldarr['pic'] = $titlepic;
}
if($olds) {
C::t('home_blogfield')->update($blogid, $fieldarr);
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
C::t('home_blogfield')->insert($fieldarr);
}
if($isself && !$olds && $blog_status == 0) {
updatecreditbyaction('publishblog', 0, array('blogs' => 1));
include_once libfile('function/stat');
updatestat('blog');
}
if($olds['blogid'] && $blog_status == 1) {
updatecreditbyaction('publishblog', 0, array('blogs' => -1), '', -1);
include_once libfile('function/stat');
updatestat('blog');
}
if($POST['makefeed'] && $blog_status == 0) {
include_once libfile('function/feed');
feed_publish($blogid, 'blogid', $olds?0:1);
}
if(!empty($__G)) $_G = $__G;
if($blog_status == 1) {
updatemoderate('blogid', $blogid);
manage_addnotify('verifyblog');
}
return $blogarr;
}
if (cknote_uid(array("type" => "eventmember", "authorid" => $_SGLOBAL['supe_uid']), $filter)) {
$note_ids[] = $value['uid'];
$note_inserts[] = "('{$value['uid']}', 'eventmember', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')";
}
}
if ($note_inserts) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts));
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")");
}
//E-mail notice
smail($event['uid'], '', $note_msg, 'event');
}
// Bonus Points
getreward('joinevent', 1, 0, $eventid);
//Statistics
updatestat('eventjoin');
//Process Event Invites
if ($eventinvite) {
$_SGLOBAL['db']->query("DELETE FROM " . tname("eventinvite") . " WHERE eventid='{$eventid}' AND touid='{$_SGLOBAL['supe_uid']}'");
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET eventinvitenum=eventinvitenum-1 WHERE uid = '{$_SGLOBAL['supe_uid']}' AND eventinvitenum>0");
}
showmessage("do_success", "space.php?do=event&id={$eventid}", 0);
// Join the event successfully
}
} elseif ($op == "quit") {
// Quit Event
if (!$eventid) {
showmessage("event_does_not_exist");
// Event does not exist or has been deleted
}
if (submitcheck("quitsubmit")) {
if ($res = $_SGLOBAL['db']->fetch_array($query)) {
$school = $res['school'];
$query1 = $_SGLOBAL['db']->query("SELECT * FROM " . tname("mtag") . " WHERE tagname='{$school}'");
if ($r = $_SGLOBAL['db']->fetch_array($query1)) {
$tagid = $r['tagid'];
}
}
$setarr = array('tagid' => $tagid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'subject' => $msg, 'lastpost' => $_SGLOBAL['timestamp'], 'lastauthor' => $_SGLOBAL['supe_username'], 'lastauthorid' => $_SGLOBAL['supe_uid']);
$tid = inserttable('thread', $setarr, 1);
$psetarr = array('tagid' => $tagid, 'tid' => $tid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'ip' => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'message' => $msg, 'isthread' => 1);
//添加
inserttable('post', $psetarr);
//更新群组统计
$_SGLOBAL['db']->query("UPDATE " . tname("mtag") . " SET threadnum=threadnum+1 WHERE tagid='{$tagid}'");
//统计
updatestat('thread');
//更新用户统计
if (empty($space['threadnum'])) {
$space['threadnum'] = getcount('thread', array('uid' => $space['uid']));
$threadnumsql = "threadnum=" . $space['threadnum'];
} else {
$threadnumsql = 'threadnum=threadnum+1';
}
//积分
$reward = getreward('publishthread', 0);
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$threadnumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
$returnarr = array("tagid" => $tagid, "tid" => $tid);
echo json_encode($returnarr);
return;
}
if ($_GET['sync'] == 'false') {
}
if ($_G['gp_tradeaid']) {
$attachment = DB::fetch_first("SELECT * FROM " . DB::table('forum_attachment') . " WHERE aid='{$_G['gp_tradeaid']}'");
if (in_array($attachment['filetype'], array('image/gif', 'image/jpeg', 'image/png'))) {
$_G['setting']['attachurl'] = preg_match("/^((https?|ftps?):\\/\\/|www\\.)/i", $_G['setting']['attachurl']) ? $_G['setting']['attachurl'] : $_G['siteurl'] . $_G['setting']['attachurl'];
$imgurl = $_G['setting']['attachurl'] . '/forum/' . $attachment['attachment'] . ($attachment['thumb'] && $attachment['filetype'] != 'image/gif' ? '.thumb.jpg' : '');
$feed['images'][] = $attachment['attachment'] ? $imgurl : '';
$feed['image_links'][] = $attachment['attachment'] ? "{$_G['siteurl']}forum.php?mod=viewthread&tid={$tid}" : '';
}
}
$feed['title_data']['hash_data'] = "tid{$tid}";
$feed['id'] = $tid;
$feed['idtype'] = 'tid';
postfeed($feed);
}
if ($digest) {
foreach ($digestcredits as $id => $addcredits) {
$postcredits[$id] = (isset($postcredits[$id]) ? $postcredits[$id] : 0) + $addcredits;
}
}
updatepostcredits('+', $_G['uid'], 'post', $_G['fid']);
DB::query("UPDATE " . DB::table('common_member_count') . " SET threads=threads+1 WHERE uid='{$_G['uid']}'");
$lastpost = "{$tid}\t{$subject}\t{$_G['timestamp']}\t{$author}";
DB::query("UPDATE " . DB::table('forum_forum') . " SET lastpost='{$lastpost}', threads=threads+1, posts=posts+2, todayposts=todayposts+1 WHERE fid='{$_G['fid']}'", 'UNBUFFERED');
if ($_G['forum']['type'] == 'sub') {
DB::query("UPDATE " . DB::table('forum_forum') . " SET lastpost='{$lastpost}' WHERE fid='" . $_G['forum']['fup'] . "'", 'UNBUFFERED');
}
include_once libfile('function/stat');
updatestat('trade');
showmessage('post_newthread_succeed', "forum.php?mod=viewthread&tid={$tid}&extra={$extra}", $param);
}
}
if ($_G['forum']['picstyle']) {
setthreadcover($pid, 0, $threadimageaid);
}
}
if ($threadimageaid) {
if (!$threadimage) {
$threadimage = DB::fetch_first("SELECT attachment, remote FROM " . DB::table(getattachtablebytid($tid)) . " WHERE aid='{$threadimageaid}'");
}
$threadimage = daddslashes($threadimage);
DB::insert('forum_threadimage', array('tid' => $tid, 'attachment' => $threadimage['attachment'], 'remote' => $threadimage['remote']));
}
$param = array('fid' => $_G['fid'], 'tid' => $tid, 'pid' => $pid);
$statarr = array(0 => 'thread', 1 => 'poll', 2 => 'trade', 3 => 'reward', 4 => 'activity', 5 => 'debate', 127 => 'thread');
include_once libfile('function/stat');
updatestat($isgroup ? 'groupthread' : $statarr[$special]);
dsetcookie('clearUserdata', 'forum');
if ($specialextra) {
$classname = 'threadplugin_' . $specialextra;
if (class_exists($classname) && method_exists($threadpluginclass = new $classname(), 'newthread_submit_end')) {
$threadpluginclass->newthread_submit_end($_G['fid'], $tid);
}
}
if ($modnewthreads) {
updatemoderate('tid', $tid);
DB::query("UPDATE " . DB::table('forum_forum') . " SET todayposts=todayposts+1 WHERE fid='{$_G['fid']}'", 'UNBUFFERED');
manage_addnotify('verifythread');
showmessage('post_newthread_mod_succeed', "forum.php?mod=viewthread&tid={$tid}&extra={$extra}", $param);
} else {
$feed = array('icon' => '', 'title_template' => '', 'title_data' => array(), 'body_template' => '', 'body_data' => array(), 'title_data' => array(), 'images' => array());
if (!empty($_G['gp_addfeed']) && $_G['forum']['allowfeed'] && !$isanonymous) {
if ($comment['authorid'] != $_SGLOBAL['supe_uid']) {
//发送邮件通知
smail($comment['authorid'], '', cplang($q_msgtype, array($_SN[$userid], shtmlspecialchars(getsiteurl() . $n_url))), '', $q_msgtype);
notification_add($comment['authorid'], $note_type, $q_note);
}
//通知被@的用户
if ($UserIds) {
$note = cplang('note_comment_at', array($n_url));
foreach ($UserIds as $UserId) {
notification_add($UserId, 'atyou', $note);
}
}
}
//统计
if ($stattype) {
updatestat($stattype);
}
if ($cid) {
$arrs = array('flag' => 'success');
} else {
$arrs = array('flag' => 'failed');
}
returnflag($arrs);
}
function returnflag($flag)
{
$result = json_encode($flag);
$result = preg_replace("#\\\\u([0-9a-f]{4})#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result);
echo $result;
exit;
}
} elseif ($stand == 2) {
$feed['title_template'] = 'feed_thread_debatevote_title_2';
} else {
$feed['title_template'] = 'feed_thread_debatevote_title_3';
}
$feed['title_data'] = array('subject' => "<a href=\"{$_G['siteurl']}forum.php?mod=viewthread&tid={$_G['tid']}\">{$thread['subject']}</a>", 'author' => "<a href=\"home.php?mod=space&uid={$thread['authorid']}\">{$thread['author']}</a>");
} elseif ($thread['authorid'] != $_G['uid']) {
$post_url = "forum.php?mod=redirect&goto=findpost&pid={$pid}&ptid={$_G['tid']}";
$feed['icon'] = 'post';
$feed['title_template'] = !empty($thread['author']) ? 'feed_reply_title' : 'feed_reply_title_anonymous';
$feed['title_data'] = array('subject' => "<a href=\"{$post_url}\">{$thread['subject']}</a>", 'author' => "<a href=\"home.php?mod=space&uid={$thread['authorid']}\">{$thread['author']}</a>");
if (!empty($_G['forum_attachexist'])) {
$firstaid = DB::result_first("SELECT aid FROM " . DB::table('forum_attachment') . " WHERE pid='{$pid}' AND dateline>'0' AND isimage='1' ORDER BY dateline LIMIT 1");
if ($firstaid) {
$feed['images'] = array(getforumimg($firstaid));
$feed['image_links'] = array($post_url);
}
}
}
$feed['title_data']['hash_data'] = "tid{$_G[tid]}";
$feed['id'] = $tid;
$feed['idtype'] = 'tid';
postfeed($feed);
}
include_once libfile('function/stat');
updatestat($thread['isgroup'] ? 'grouppost' : 'post');
$page = getstatus($thread['status'], 4) ? 1 : @ceil(($thread['special'] ? $thread['replies'] + 1 : $thread['replies'] + 2) / $_G['ppp']);
$url = empty($_POST['portal_referer']) ? "forum.php?mod=viewthread&tid={$thread[tid]}&pid={$pid}&page={$page}&extra={$extra}#pid{$pid}" : $_POST['portal_referer'];
showmessage($replymessage, $url, $param);
}
}
function blog_post($POST, $olds=array()) {
global $_SGLOBAL, $_SC, $space;
//操作者角色切换
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if(strlen($POST['subject'])<1) $POST['subject'] = sgmdate('Y-m-d');
$POST['friend'] = intval($POST['friend']);
//隐私
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names'])?array():explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM ".tname('space')." WHERE username IN (".simplode($names).")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if(empty($uids)) {
$POST['friend'] = 3;//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;//公开
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1); //语词屏蔽
//内容
if($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
//个人分类
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//分类名
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if(empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname'=>$classname, 'uid'=>$_SGLOBAL['supe_uid']), 'classid');
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_SGLOBAL['supe_uid'],
'dateline' => $_SGLOBAL['timestamp']
);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
//是否是自己的
$classname = getcount('class', array('classid'=>$classid, 'uid'=>$_SGLOBAL['supe_uid']), 'classname');
if(empty($classname)) $classid = 0;
}
//主表
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
'password' => $POST['password'],
'noreply' => empty($_POST['noreply'])?0:1
);
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if(!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('pic')." WHERE picid IN (".simplode($picids).") AND uid='$_SGLOBAL[supe_uid]'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if(empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'].'.thumb.jpg';
$blogarr['picflag'] = $value['remote']?2:1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if(empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote']?2:1;
}
}
//插入文章
if($uploads) {
preg_match_all("/\<img\s.*?\_uchome\_localimg\_([0-9]+).+?src\=\"(.+?)\"/i", $message, $mathes);
if(!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if(!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_$value";
$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
unset($uploads[$value]);
}
}
if($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//未插入文章
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
}
}
//没有填写任何东西
$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
if(empty($ckmessage)) {
return false;
}
//添加slashes
$message = addslashes($message);
//从内容中读取图片
if(empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
//热度
if(checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if($olds['blogid']) {
//更新
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid'=>$blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
//参与热闹
$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline'])?$_SGLOBAL['timestamp']:$POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//附表
$fieldarr = array(
'message' => $message,
'postip' => getonlineip(),
'target_ids' => $POST['target_ids']
);
//TAG
$oldtagstr = addslashes(empty($olds['tag'])?'':implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if($POST['tag'] != $oldtagstr) {
if(!empty($olds['tag'])) {
//先把以前的给清理掉
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM ".tname('tagblog')." WHERE blogid='$blogid'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if($oldtags) {
$_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum-1 WHERE tagid IN (".simplode($oldtags).")");
$_SGLOBAL['db']->query("DELETE FROM ".tname('tagblog')." WHERE blogid='$blogid'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//更新附表中的tag
$fieldarr['tag'] = empty($tagarr)?'':addslashes(serialize($tagarr));
}
if($olds) {
//更新
updatetable('blogfield', $fieldarr, array('blogid'=>$blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//空间更新
if($isself) {
if($olds) {
//空间更新
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET updatetime='$_SGLOBAL[timestamp]' WHERE uid='$_SGLOBAL[supe_uid]'");
} else {
if(empty($space['blognum'])) {
$space['blognum'] = getcount('blog', array('uid'=>$space['uid']));
$blognumsql = "blognum=".$space['blognum'];
} else {
$blognumsql = 'blognum=blognum+1';
}
//积分
$reward = getreward('publishblog', 0);
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET {$blognumsql}, lastpost='$_SGLOBAL[timestamp]', updatetime='$_SGLOBAL[timestamp]', credit=credit+$reward[credit], experience=experience+$reward[experience] WHERE uid='$_SGLOBAL[supe_uid]'");
//统计
updatestat('blog');
}
}
//产生feed
if($POST['makefeed']) {
include_once(S_ROOT.'./source/function_feed.php');
feed_publish($blogid, 'blogid', $olds?0:1);
}
//热闹
if(empty($olds) && $blogarr['topicid']) {
topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}
//角色切换
if(!empty($__SGLOBAL)) $_SGLOBAL = $__SGLOBAL;
return $blogarr;
}
if ($_G['setting']['heatthread']['type'] == 2) {
require_once libfile('function/forum');
update_threadpartake($id);
}
break;
case 'article':
DB::query("UPDATE " . DB::table('portal_article_count') . " SET sharetimes=sharetimes+1 WHERE aid='{$id}'");
break;
}
if ($arr['status'] == 1) {
updatemoderate('sid', $sid);
manage_addnotify('verifyshare');
}
if ($type == 'link' || !DB::result_first("SELECT COUNT(*) FROM " . DB::table('home_share') . " WHERE uid='{$_G['uid']}' AND itemid='{$id}' AND type='{$type}'")) {
include_once libfile('function/stat');
updatestat('share');
}
if ($note_uid && $note_uid != $_G['uid']) {
notification_add($note_uid, 'sharenotice', $note_message, $note_values);
}
$needle = $id ? $type . $id : '';
updatecreditbyaction('createshare', $_G['uid'], array('sharings' => 1), $needle);
$referer = "home.php?mod=space&uid={$_G['uid']}&do=share&view={$_GET['view']}&from={$_GET['from']}";
$magvalues['sid'] = $sid;
if (!$redirecturl) {
$redirecturl = dreferer();
}
if (!$showmessagecontent) {
$showmessagecontent = 'do_success';
}
showmessage($showmessagecontent, $redirecturl, $magvalues, $_G['inajax'] && $_GET['view'] != 'me' ? array('showdialog' => 1, 'showmsg' => true, 'closetime' => true) : array());
$levelid = DB::result_first("SELECT levelid FROM " . DB::table('forum_grouplevel') . " WHERE creditshigher<='0' AND '0'<creditslower LIMIT 1");
DB::query("INSERT INTO " . DB::table('forum_forum') . "(fup, type, name, status, level) VALUES ('{$_G['gp_fup']}', 'sub', '{$_G['gp_name']}', '3', '{$levelid}')");
$newfid = DB::insert_id();
if ($newfid) {
$jointype = intval($_G['gp_jointype']);
$gviewperm = intval($_G['gp_gviewperm']);
$descriptionnew = dhtmlspecialchars(censor(trim($_G['gp_descriptionnew'])));
DB::query("INSERT INTO " . DB::table('forum_forumfield') . "(fid, description, jointype, gviewperm, dateline, founderuid, foundername, membernum) VALUES ('{$newfid}', '{$descriptionnew}', '{$jointype}', '{$gviewperm}', '" . TIMESTAMP . "', '{$_G['uid']}', '{$_G['username']}', '1')");
DB::query("UPDATE " . DB::table('forum_forumfield') . " SET groupnum=groupnum+1 WHERE fid='{$_G['gp_fup']}'");
DB::query("INSERT INTO " . DB::table('forum_groupuser') . "(fid, uid, username, level, joindateline) VALUES ('{$newfid}', '{$_G['uid']}', '{$_G['username']}', '1', '" . TIMESTAMP . "')");
update_usergroups($_G['uid']);
require_once libfile('function/cache');
updatecache('grouptype');
}
include_once libfile('function/stat');
updatestat('group');
showmessage('group_create_succeed', "forum.php?mod=group&action=manage&fid={$newfid}", array(), array('showdialog' => 1, 'showmsg' => true, 'locationtime' => true));
}
include template('diy:group/group:' . $_G['fid']);
} elseif ($action == 'manage') {
if (!$_G['forum']['ismoderator']) {
showmessage('group_admin_noallowed');
}
$specialswitch = $_G['current_grouplevel']['specialswitch'];
$oparray = array('group', 'checkuser', 'manageuser', 'threadtype', 'demise');
$_G['gp_op'] = getgpc('op') && in_array($_G['gp_op'], $oparray) ? $_G['gp_op'] : 'group';
if (empty($groupmanagers[$_G[uid]]) && !in_array($_G['gp_op'], array('group', 'threadtype', 'demise')) && $_G['adminid'] != 1) {
showmessage('group_admin_noallowed');
}
$page = intval(getgpc('page')) ? intval($_G['gp_page']) : 1;
$perpage = 54;
} else {
$poll['percredit'] = 0;
}
$_SGLOBAL['db']->query("UPDATE " . tname('poll') . " SET voternum=voternum+1, lastvote='{$_SGLOBAL['timestamp']}', credit=credit-{$poll['percredit']} {$sql} WHERE pid='{$pid}'");
// real name
realname_get();
if ($poll['uid'] != $_SGLOBAL['supe_uid']) {
//Reward points
getreward('joinpoll', 1, 0, $pid);
}
// hot value
if ($poll['uid'] != $_SGLOBAL['supe_uid']) {
hot_update('pid', $poll['pid'], $poll['hotuser']);
}
//Statistics
updatestat('pollvote');
// event feed
if (!isset($_POST['anonymous']) && $_SGLOBAL['supe_uid'] != $poll['uid'] && ckprivacy('joinpoll', 1)) {
$fs = array();
$fs['icon'] = 'poll';
$fs['images'] = $fs['image_links'] = array();
$fs['title_template'] = cplang('take_part_in_the_voting');
$fs['title_data'] = array('touser' => "<a href=\"space.php?uid={$poll['uid']}\">" . $_SN[$poll['uid']] . "</a>", 'url' => "space.php?uid={$poll['uid']}&do=poll&pid={$pid}", 'subject' => $poll['subject'], 'reward' => $poll['percredit'] ? cplang('reward') : '');
$fs['body_template'] = '';
$fs['body_data'] = array();
include_once S_ROOT . './source/function_cp.php';
feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data']);
}
showmessage('do_success', 'space.php?uid=' . $poll['uid'] . '&do=poll&pid=' . $pid . ($poll['percredit'] ? '&reward=' . $poll['percredit'] : ''), 0);
}
} elseif ($op == 'endreward') {
function friend_make($touid, $tousername, $checkrequest = true)
{
global $_G;
if ($touid == $_G['uid']) {
return false;
}
if ($checkrequest) {
$to_freind_request = DB::fetch_first("SELECT * FROM " . DB::table('home_friend_request') . " WHERE uid='{$touid}' AND fuid='{$_G['uid']}'");
if ($to_freind_request) {
DB::query("DELETE FROM " . DB::table('home_friend_request') . " WHERE uid='{$touid}' AND fuid='{$_G['uid']}'");
}
$to_freind_request = DB::fetch_first("SELECT * FROM " . DB::table('home_friend_request') . " WHERE uid='{$_G['uid']}' AND fuid='{$touid}'");
if ($to_freind_request) {
DB::query("DELETE FROM " . DB::table('home_friend_request') . " WHERE uid='{$_G['uid']}' AND fuid='{$touid}'");
}
}
DB::query("REPLACE INTO " . DB::table('home_friend') . " (uid,fuid,fusername,dateline)\r\n\t\tVALUES ('{$touid}', '{$_G['uid']}', '{$_G['username']}', '{$_G['timestamp']}'),\r\n\t\t\t('{$_G['uid']}', '{$touid}', '{$tousername}', '{$_G['timestamp']}')");
addfriendlog($_G['uid'], $touid);
include_once libfile('function/stat');
updatestat('friend');
friend_cache($touid);
friend_cache($_G['uid']);
}
function _init_misc()
{
if (!$this->init_misc) {
return false;
}
lang('core');
if ($this->init_setting && $this->init_user) {
if (!isset($this->var['member']['timeoffset']) || $this->var['member']['timeoffset'] == 9999 || $this->var['member']['timeoffset'] === '') {
$this->var['member']['timeoffset'] = $this->var['setting']['timeoffset'];
}
}
$timeoffset = $this->init_setting ? $this->var['member']['timeoffset'] : $this->var['setting']['timeoffset'];
$this->var['timenow'] = array('time' => dgmdate(TIMESTAMP), 'offset' => $timeoffset >= 0 ? $timeoffset == 0 ? '' : '+' . $timeoffset : $timeoffset);
$this->timezone_set($timeoffset);
$this->var['formhash'] = formhash();
define('FORMHASH', $this->var['formhash']);
if ($this->init_user) {
if ($this->var['group'] && isset($this->var['group']['allowvisit']) && !$this->var['group']['allowvisit']) {
if ($this->var['uid']) {
sysmessage('user_banned', null);
} elseif ((!defined('ALLOWGUEST') || !ALLOWGUEST) && !in_array(CURSCRIPT, array('member', 'api')) && !$this->var['inajax']) {
dheader('location: member.php?mod=logging&action=login&referer=' . rawurlencode($_SERVER['REQUEST_URI']));
}
}
if ($this->var['member']['status'] == -1) {
sysmessage('user_banned', null);
}
}
if ($this->var['setting']['ipaccess'] && !ipaccess($this->var['clientip'], $this->var['setting']['ipaccess'])) {
sysmessage('user_banned', null);
}
if ($this->var['setting']['bbclosed']) {
if ($this->var['uid'] && ($this->var['group']['allowvisit'] == 2 || $this->var['groupid'] == 1)) {
} elseif (in_array(CURSCRIPT, array('admin', 'member', 'api')) || defined('ALLOWGUEST') && ALLOWGUEST) {
} else {
$closedreason = DB::result_first("SELECT svalue FROM " . DB::table('common_setting') . " WHERE skey='closedreason'");
$closedreason = str_replace(':', ':', $closedreason);
showmessage($closedreason ? $closedreason : 'board_closed', NULL, array('adminemail' => $this->var['setting']['adminemail']), array('login' => 1));
}
}
if (CURSCRIPT != 'admin' && !in_array($this->var['mod'], array('logging', 'seccode'))) {
periodscheck('visitbanperiods');
}
if (defined('IN_MOBILE')) {
$this->var['tpp'] = $this->var['setting']['mobile']['mobiletopicperpage'] ? intval($this->var['setting']['mobile']['mobiletopicperpage']) : 20;
$this->var['ppp'] = $this->var['setting']['mobile']['mobilepostperpage'] ? intval($this->var['setting']['mobile']['mobilepostperpage']) : 5;
} else {
$this->var['tpp'] = $this->var['setting']['topicperpage'] ? intval($this->var['setting']['topicperpage']) : 20;
$this->var['ppp'] = $this->var['setting']['postperpage'] ? intval($this->var['setting']['postperpage']) : 10;
}
if ($this->var['setting']['nocacheheaders']) {
@header("Expires: -1");
@header("Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0", FALSE);
@header("Pragma: no-cache");
}
if ($this->session->isnew && $this->var['uid']) {
updatecreditbyaction('daylogin', $this->var['uid']);
include_once libfile('function/stat');
updatestat('login', 1);
if (defined('IN_MOBILE')) {
updatestat('mobilelogin', 1);
}
if ($this->var['setting']['connect']['allow'] && $this->var['member']['conisbind']) {
updatestat('connectlogin', 1);
}
}
if ($this->var['member']['conisbind'] && $this->var['setting']['connect']['newbiespan'] !== '') {
$this->var['setting']['newbiespan'] = $this->var['setting']['connect']['newbiespan'];
}
$lastact = TIMESTAMP . "\t" . htmlspecialchars(basename($this->var['PHP_SELF'])) . "\t" . htmlspecialchars($this->var['mod']);
dsetcookie('lastact', $lastact, 86400);
setglobal('currenturl_encode', base64_encode('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']));
if ((!empty($this->var['gp_fromuid']) || !empty($this->var['gp_fromuser'])) && ($this->var['setting']['creditspolicy']['promotion_visit'] || $this->var['setting']['creditspolicy']['promotion_register'])) {
require_once libfile('misc/promotion', 'include');
}
$this->var['seokeywords'] = !empty($this->var['setting']['seokeywords'][CURSCRIPT]) ? $this->var['setting']['seokeywords'][CURSCRIPT] : '';
$this->var['seodescription'] = !empty($this->var['setting']['seodescription'][CURSCRIPT]) ? $this->var['setting']['seodescription'][CURSCRIPT] : '';
}
public static function register($username, $return = 0, $groupid = 0)
{
global $_G;
if (!$username) {
return;
}
if (!$_G['wechat']['setting']) {
$_G['wechat']['setting'] = unserialize($_G['setting']['mobilewechat']);
}
loaducenter();
$groupid = !$groupid ? $_G['wechat']['setting']['wechat_newusergroupid'] ? $_G['wechat']['setting']['wechat_newusergroupid'] : $_G['setting']['newusergroupid'] : $groupid;
$password = md5(random(10));
$email = 'wechat_' . strtolower(random(10)) . '@null.null';
$usernamelen = dstrlen($username);
if ($usernamelen < 3) {
$username = $username . '_' . random(5);
}
if ($usernamelen > 15) {
if (!$return) {
showmessage('profile_username_toolong');
} else {
return;
}
}
$censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($_G['setting']['censoruser'] = trim($_G['setting']['censoruser']), '/')) . ')$/i';
if ($_G['setting']['censoruser'] && @preg_match($censorexp, $username)) {
if (!$return) {
showmessage('profile_username_protect');
} else {
return;
}
}
if (!$_G['wechat']['setting']['wechat_disableregrule']) {
loadcache('ipctrl');
if ($_G['cache']['ipctrl']['ipregctrl']) {
foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
$ctrlip = $ctrlip . '%';
$_G['setting']['regctrl'] = $_G['setting']['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if ($_G['setting']['regctrl']) {
if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $_G['setting']['regctrl'] * 3600)) {
if (!$return) {
showmessage('register_ctrl', NULL, array('regctrl' => $_G['setting']['regctrl']));
} else {
return;
}
}
}
$setregip = null;
if ($_G['setting']['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
if ($regip) {
if ($regip['count'] >= $_G['setting']['regfloodctrl']) {
if (!$return) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $_G['setting']['regfloodctrl']));
} else {
return;
}
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
if ($setregip !== null) {
if ($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
}
$uid = uc_user_register(addslashes($username), $password, $email, '', '', $_G['clientip']);
if ($uid <= 0) {
if (!$return) {
if ($uid == -1) {
showmessage('profile_username_illegal');
} elseif ($uid == -2) {
showmessage('profile_username_protect');
} elseif ($uid == -3) {
showmessage('profile_username_duplicate');
} elseif ($uid == -4) {
showmessage('profile_email_illegal');
} elseif ($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif ($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
} else {
return;
}
}
$init_arr = array('credits' => explode(',', $_G['setting']['initcredits']));
C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupid, $init_arr);
if ($_G['setting']['regctrl'] || $_G['setting']['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($_G['setting']['regctrl'] > 72 ? $_G['setting']['regctrl'] : 72) * 3600);
if ($_G['setting']['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
if ($_G['setting']['regverify'] == 2) {
C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => '', 'remark' => ''), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array('uid' => $uid, 'username' => $username, 'password' => $password, 'groupid' => $groupid), 0);
//统计
include_once libfile('function/stat');
updatestat('register');
return $uid;
}
function blog_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC, $space;
//�����߽�ɫ�л�
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//����
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//��˽
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//�ض�����
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//���Լ��ɼ�
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//����
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//����
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//�������
//����
if ($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
//���˷���
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//������
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if (empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid');
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
//�Ƿ����Լ���
$classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname');
if (empty($classname)) {
$classid = 0;
}
}
//����
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
//����ͼƬ
$titlepic = '';
//��ȡ�ϴ���ͼƬ
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
}
//��������
if ($uploads) {
preg_match_all("/\\<img\\s.*?\\_uchome\\_localimg\\_([0-9]+).+?src\\=\"(.+?)\"/i", $message, $mathes);
if (!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if (!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_{$value}";
$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
unset($uploads[$value]);
}
}
if ($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//�������
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>";
}
}
//û����д�κζ���
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
//���slashes
$message = addslashes($message);
//�������ж�ȡͼƬ
if (empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
//�ȶ�
if (checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
//����
if ($_POST['attachid'] && $_POST['attachpath'] && $_POST['attachname'] && $_POST['attachsize']) {
$blogarr['attachid'] = $_POST['attachid'];
$blogarr['attachpath'] = $_POST['attachpath'];
$blogarr['attachname'] = $_POST['attachname'];
$blogarr['attachsize'] = $_POST['attachsize'];
}
if ($olds['blogid']) {
//����
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid' => $blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
//��������
$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//����
$fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']);
//TAG
$oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if ($POST['tag'] != $oldtagstr) {
if (!empty($olds['tag'])) {
//�Ȱ���ǰ�ĸ������
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if ($oldtags) {
$_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET blognum=blognum-1 WHERE tagid IN (" . simplode($oldtags) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//���¸����е�tag
$fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr));
}
if ($olds) {
//����
updatetable('blogfield', $fieldarr, array('blogid' => $blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//�ռ����
if ($isself) {
if ($olds) {
//�ռ����
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'");
} else {
if (empty($space['blognum'])) {
$space['blognum'] = getcount('blog', array('uid' => $space['uid']));
$blognumsql = "blognum=" . $space['blognum'];
} else {
$blognumsql = 'blognum=blognum+1';
}
//���
$reward = getreward('publishblog', 0);
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$blognumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
//ͳ��
updatestat('blog');
}
}
//����feed
if ($POST['makefeed']) {
include_once S_ROOT . './source/function_feed.php';
feed_publish($blogid, 'blogid', $olds ? 0 : 1);
}
//����
if (empty($olds) && $blogarr['topicid']) {
topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}
//��ɫ�л�
if (!empty($__SGLOBAL)) {
$_SGLOBAL = $__SGLOBAL;
}
return $blogarr;
}
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false)
{
global $_G, $space;
if ($albumid < 0) {
$albumid = 0;
}
$setarr = array();
require_once libfile('class/upload');
$upload = new discuz_upload();
$filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext;
$newfilename = $_G['setting']['attachdir'] . './album/' . $filepath;
if ($handle = fopen($newfilename, 'wb')) {
if (fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
if (empty($space)) {
$_G['member'] = $space = getspace($_G['uid']);
$_G['username'] = addslashes($space['username']);
}
$_G['member'] = $space;
$maxspacesize = checkperm('maxspacesize');
$maxspacesize = $maxspacesize * 1024 * 1024;
if ($maxspacesize) {
space_merge($space, 'common_member_count');
space_merge($space, 'common_member_field_home');
if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
if (!$upload->get_image_info($newfilename)) {
@unlink($newfilename);
return -2;
}
require_once libfile('class/image');
$image = new image();
$result = $image->Thumb($newfilename, NULL, 140, 140, 1);
$thumb = empty($result) ? 0 : 1;
$image->Watermark($newfilename);
$pic_remote = 0;
$album_picflag = 1;
if (getglobal('setting/ftp/on')) {
$ftpresult_thumb = 0;
$ftpresult = ftpupload('album/' . $filepath);
if ($ftpresult) {
if ($thumb) {
ftpupload('album/' . $filepath . '.thumb.jpg');
}
$pic_remote = 1;
$album_picflag = 2;
} else {
if (getglobal('setting/ftp/mirror')) {
@unlink($newfilename);
@unlink($newfilename . '.thumb.jpg');
return -3;
}
}
}
$filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1));
$title = getstr($title, 200, 1, 1, 1);
if ($albumid) {
$albumid = album_creat_by_id($albumid);
} else {
$albumid = 0;
}
$setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote);
$setarr['picid'] = DB::insert('home_pic', $setarr, 1);
DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$size} WHERE uid='{$_G['uid']}'");
include_once libfile('function/stat');
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
$fs['title_data'] = array('touser' => "<a href=\"space.php?uid={$item['uid']}\">{$_SN[$item['uid']]}</a>", 'click' => $click['name']);
$fs['images'] = array(pic_get($item['filepath'], $item['thumb'], $item['remote']));
$fs['image_links'] = array("space.php?uid={$item['uid']}&do=album&picid={$item['picid']}");
$fs['body_general'] = $item['title'];
$note_type = 'clickpic';
$q_note = cplang('note_click_pic', array("space.php?uid={$item['uid']}&do=album&picid={$item['picid']}"));
break;
}
//Event Publishing
if (empty($item['friend']) && ckprivacy('click', 1)) {
feed_add('click', $fs['title_template'], $fs['title_data'], '', array(), $fs['body_general'], $fs['images'], $fs['image_links']);
}
//Reward visitors
getreward('click', 1, 0, $idtype . $id);
//Statistics
updatestat('click');
//Notice
notification_add($item['uid'], $note_type, $q_note);
showmessage('click_success', $_SGLOBAL['refer']);
} elseif ($_GET['op'] == 'show') {
foreach ($clicks as $key => $value) {
$value['clicknum'] = $item["click_{$key}"];
$value['classid'] = mt_rand(1, 4);
if ($value['clicknum'] > $maxclicknum) {
$maxclicknum = $value['clicknum'];
}
$clicks[$key] = $value;
}
$start = intval($_GET['start']);
if ($start < 0) {
$start = 0;
ssetcookie('loginuser', $username, 31536000);
ssetcookie('_refer', '');
//好友邀请
if ($invitearr) {
include_once S_ROOT . './source/function_cp.php';
invite_update($invitearr['id'], $setarr['uid'], $setarr['username'], $invitearr['uid'], $invitearr['username'], $app);
//如果提交的邮箱地址与邀请相符的则直接通过邮箱验证
if ($invitearr['email'] == $email) {
updatetable('spacefield', array('emailcheck' => 1), array('uid' => $newuid));
}
//统计更新
include_once S_ROOT . './source/function_cp.php';
if ($app) {
updatestat('appinvite');
} else {
updatestat('invite');
}
}
//加入新用户
inserttable('spacefield', array('uid' => $newuid), 0, true);
$activate = array('isactive' => 1);
updatetable('baseprofile', $activate, array('userid' => $bp[userid]));
if ($bp['sex'] == '男') {
$sexc = 1;
} elseif ($bp['sex'] == '女') {
$sexc = 2;
} else {
$sexc = 0;
}
$insertinfo = array('realname' => $bp['realname'], 'sex' => $sexc, 'email' => $email);
updatetable('spacefield', $insertinfo, array('uid' => $newuid));
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
}
//替换表情
$Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message);
$Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message);
//print_r($Message);
$arr = array("username" => getstr($username, 15, 1, 1, 1), "message" => $Message, "uid" => intval($userid), "replynum" => 0, "mood" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip());
$newdoid = inserttable('doing', $arr, 1);
//事件feed
$feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $userid, 'username' => $username, 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid');
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
//喜好hash
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
//合并hash
inserttable('feed', $feedarr, 1);
updatestat('doing');
//更新空间note
$setarr = array('note' => $Message);
if (!empty($_POST['spacenote'])) {
$reward = getreward('updatemood', 0);
$setarr['spacenote'] = $Message;
} else {
$reward = getreward('doing', 0);
}
updatetable('spacefield', $setarr, array('uid' => $userid));
$setarr = array('updatetime' => "updatetime='{$_SGLOBAL['timestamp']}'", 'lastpost' => "lastpost='{$_SGLOBAL['timestamp']}'");
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET " . implode(',', $setarr) . " WHERE uid='{$userid}'");
//返回flag
if ($newdoid) {
$arrs = array('flag' => 'success');
} else {
function IHomeServiceCreateComplain($params = NULL)
{
global $_SGLOBAL;
if ($params['uid']) {
if ($params['uid'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct. the id must be a positive interger.");
return json_encode($errorMsg);
} else {
$sql = "select name,username from " . tname('space') . " where uid = " . $params['uid'];
$query = $_SGLOBAL['db']->query($sql);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
if ($row['name']) {
$params['uname'] = $row['name'];
} else {
$params['uname'] = $row['username'];
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the uid is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter uid.the uid is not exist or the uid is not a positive interger.");
return json_encode($errorMsg);
}
// 忽略department_id_list
if (!$params['content']) {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter message.the message is not exist or the message is empty.");
return json_encode($errorMsg);
}
if ($params['device'] && !in_array($params['device'], array('web', 'wechat', 'mobile'))) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct. the parameter device is out of range.");
return json_encode($errorMsg);
}
$UserIds = array();
$mood = 0;
$params['status'] = 'init';
$params['reply_count'] = 0;
$params['timestamp'] = time();
$params['department_list'] = array();
$params['operation_list'] = array();
$params['reply_list'] = array();
preg_match("/\\[em\\:(\\d+)\\:\\]/s", $params['content'], $ms);
$mood = empty($ms[1]) ? 0 : intval($ms[1]);
$message = rawurldecode(getstr($params['content'], 1000, 1, 1, 1, 2));
preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s*/U", $message, $matches, PREG_SET_ORDER);
# 加上链接
foreach ($matches as $value) {
$TmpString = $value[0];
$TmpName = $value[1];
$UserId = $value[2];
$result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}");
if ($rs = $_SGLOBAL['db']->fetch_array($result)) {
$realname = $rs['name'];
if (empty($realname)) {
$realname = $rs['username'];
}
$params['department_list'][intval($UserId)] = $realname;
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
if ($ValidValue != false) {
$message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $message);
if (!in_array($UserId, $UserIds)) {
$UserIds[] = $UserId;
}
}
}
}
$message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $message);
$message = preg_replace("/\\<br.*?\\>/is", ' ', $message);
$params['content'] = $message;
$setarr = array('uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'from' => $params['uid'], 'message' => $message, 'mood' => $mood, 'ip' => getonlineip(), 'fromdevice' => 'web');
if ($params['device']) {
$setarr['fromdevice'] = $params['device'];
}
if ($params['ip']) {
$setarr['ip'] = $params['ip'];
}
$newdoid = inserttable('doing', $setarr, 1);
@(include_once S_ROOT . './data/data_creditrule.php');
$isComplain = TRUE;
/*if($isComplain && ($_SGLOBAL['member']['credit'] < $_SGLOBAL['creditrule']['complain']['credit'])){ # 如果积分不够
$isComplain = FALSE;
$note = cplang('note_complain_credit_failed', array("space.php?do=doing&doid=$newdoid"));
notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note);
$complain_msg = 'note_complain_credit_failed';
}*/
# 这部分可能会出错
foreach ($UserIds as $UserId) {
if ($isComplain) {
$UserDept = isDepartment($UserId, 1);
if ($UserDept) {
$nowtime = time();
$complain = array('doid' => $newdoid, 'uid' => $params['uid'], 'uname' => $params['uname'], 'atdepartment' => $UserDept['department'], 'atdeptuid' => $UserId, 'from' => $params['uid'], 'atuid' => $UserId, 'atuname' => $UserDept['department'], 'isreply' => 0, 'addtime' => $nowtime, 'dateline' => $nowtime, 'expire' => 0, 'times' => 1, 'issendmsg' => 0, 'message' => $message, 'datatime' => date("Ymd", $nowtime));
inserttable('complain', $complain, 0);
$note = cplang('note_complain_buchu', array("space.php?do=complain_item&doid={$newdoid}", date('Y-m-d H:i', $nowtime + 3600 * 24)));
notification_complain_add($UserId, 'complain', $note);
$complainOK = TRUE;
} else {
$note = cplang('note_doing_at', array("space.php?do=doing&doid={$newdoid}"));
notification_add($UserId, 'atyou', $note);
}
}
}
if ($complainOK) {
$note = cplang('note_complain_user_success', array("space.php?do=complain_item&doid={$newdoid}"));
notification_complain_add($params['uid'], 'complain', $note);
$complain_msg = 'note_complain_user_success';
getreward('complain', 1, $params['uid']);
}
if (!$complainOK && $isComplain) {
if ($UserId == '0000') {
//系统管理员 虽然并没有什么用
$note = cplang("您好,您的诉求已发送成功。谢谢您对ihome社区的大力支持!", array("space.php?do=doing&doid={$newdoid}"));
notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note);
} else {
$note = cplang('note_complain_user_failed', array("space.php?do=doing&doid={$newdoid}"));
notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note);
$complain_msg = 'note_complain_user_failed';
}
}
$feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid', 'fromdevice' => 'web', 'ip' => getonlineip());
if ($params['device']) {
$feedarr['fromdevice'] = $params['device'];
}
if ($params['ip']) {
$feedarr['ip'] = $params['ip'];
}
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
//ϲºÃhash
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
//ºÏ²¢hash
$feedid = inserttable('feed', $feedarr, 1);
updatestat('doing');
$setarr = array('note' => $message);
$reward = getreward('doing', 0);
updatetable('spacefield', $setarr, array('uid' => $params['uid']));
return json_encode($params);
}
}
}
$updo['id'] = intval($updo['id']);
$updo['grade'] = intval($updo['grade']);
$setarr = array('doid' => $updo['doid'], 'upid' => $updo['id'], 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'message' => $message, 'ip' => $_G['clientip'], 'grade' => $updo['grade'] + 1);
if ($updo['grade'] >= 3) {
$setarr['upid'] = $updo['upid'];
}
$newid = C::t('home_docomment')->insert($setarr, true);
C::t('home_doing')->update_replynum_by_doid(1, $updo['doid']);
if ($updo['uid'] != $_G['uid']) {
notification_add($updo['uid'], 'comment', 'doing_reply', array('url' => "home.php?mod=space&uid={$updo['uid']}&do=doing&view=me&doid={$updo['doid']}&highlight={$newid}", 'from_id' => $updo['doid'], 'from_idtype' => 'doid'));
updatecreditbyaction('comment', 0, array(), 'doing' . $updo['doid']);
}
include_once libfile('function/stat');
updatestat('docomment');
C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP), 'UNBUFFERED');
showmessage('do_success', dreferer(), array('doid' => $updo['doid']));
}
}
if ($_GET['op'] == 'delete') {
if (submitcheck('deletesubmit')) {
if ($id) {
$allowmanage = checkperm('managedoing');
if ($value = C::t('home_docomment')->fetch($id)) {
$home_doing = C::t('home_doing')->fetch($value['doid']);
$value['duid'] = $home_doing['uid'];
if ($allowmanage || $value['uid'] == $_G['uid'] || $value['duid'] == $_G['uid']) {
C::t('home_docomment')->update($id, array('uid' => 0, 'username' => '', 'message' => ''));
if ($value['uid'] != $_G['uid'] && $value['duid'] != $_G['uid']) {
batchupdatecredit('comment', $value['uid'], array(), -1);
//调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
if ($ValidValue != false) {
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
$UserIds[] = $UserId;
}
}
}
//Add by Add by am 2013-12-07 end
$arr = array('tid' => intval($Commentid), "tagid" => intval($TagId), "uid" => intval($userid), "username" => getstr($username, 15, 1, 1, 1), "message" => getstr($Message, 5000, 1, 1, 1), "ip" => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], "isthread" => 0);
$pid = inserttable('post', $arr, 1);
//更新统计数据
$_SGLOBAL['db']->query("UPDATE " . tname('thread') . "\r\n\tSET replynum=replynum+1, lastpost='{$_SGLOBAL['timestamp']}', lastauthor='{$username}', lastauthorid='{$userid}'\r\n\tWHERE tid='{$Commentid}'");
//通知
$note = cplang('note_thread_reply') . " <a href=\"space.php?uid={$userid}&do=thread&id={$Commentid}&pid={$pid}\" target=\"_blank\">{$thread['subject']}</a>";
notification_add($userid, 'post', $note);
//统计
updatestat('post');
if ($pid) {
$arrs = array('flag' => 'success');
} else {
$arrs = array('flag' => 'fail');
}
}
}
$result = json_encode($arrs);
$result = preg_replace("#\\\\u([0-9a-f]+)#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result);
echo $result;
exit;
notification_add($uid, 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '" target="_blank">' . $_G['username'] . '</a>'), 1);
}
space_merge($space, 'field_home');
if (!empty($space['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $space['uid'], $space['username']);
}
if ($_G['setting']['inviteconfig']['inviteaddcredit']) {
updatemembercount($_G['uid'], array($_G['setting']['inviteconfig']['inviterewardcredit'] => $_G['setting']['inviteconfig']['inviteaddcredit']));
}
if ($_G['setting']['inviteconfig']['invitedaddcredit']) {
updatemembercount($uid, array($_G['setting']['inviteconfig']['inviterewardcredit'] => $_G['setting']['inviteconfig']['invitedaddcredit']));
}
include_once libfile('function/stat');
updatestat($appid ? 'appinvite' : 'invite');
showmessage('invite_friend_ok', $jumpurl);
} else {
dsetcookie('invite_auth', $cookievar, 604800);
}
space_merge($space, 'count');
space_merge($space, 'field_home');
space_merge($space, 'profile');
$flist = array();
$query = C::t('home_friend')->fetch_all_by_uid($uid, 0, 12, true);
foreach ($query as $value) {
$value['uid'] = $value['fuid'];
$value['username'] = $value['fusername'];
$flist[] = $value;
}
$jumpurl = urlencode($jumpurl);