function wz_record($get)
{
global $_SGLOBAL, $_SC;
reset($get);
foreach ($get as $k => $v) {
if ($k == 'wxid') {
$wxid = getstr($get[$k]);
}
if ($k == 'token') {
$token = getstr($get[$k]);
}
if ($k == 'mid') {
$mid = intval($get[$k]) ? intval($get[$k]) : 0;
}
if ($k == 'wxid' || $k == 'token' || $k == 'mid') {
unset($get[$k]);
continue;
} else {
$get[$k] = getstr($get[$k]);
}
$get[$k] = getstr($get[$k]);
}
$query = json_encode($get);
$arr = array('token_id' => $_SGLOBAL['supe_token_id'], 'query' => $query, 'ip' => getonlineip(), 'user_agent' => $_SERVER["HTTP_USER_AGENT"], 'wxid' => $wxid, 'token' => $token, 'mid' => $mid, 'addtime' => $_SGLOBAL['timestamp']);
$record_id = inserttable(tname('wz_record'), $arr, 1);
return $record_id;
}
function insertsession($setarr)
{
global $_SGLOBAL, $_SCONFIG;
$_SCONFIG['onlinehold'] = intval($_SCONFIG['onlinehold']);
if ($_SCONFIG['onlinehold'] < 300) {
$_SCONFIG['onlinehold'] = 300;
}
$_SGLOBAL['db']->query("DELETE FROM " . tname('session') . " WHERE uid='{$setarr['uid']}' OR lastactivity<'" . ($_SGLOBAL['timestamp'] - $_SCONFIG['onlinehold']) . "'");
//添加在线
$ip = getonlineip(1);
$setarr['lastactivity'] = $_SGLOBAL['timestamp'];
$setarr['ip'] = $ip;
//检查是否使用了道具隐身草
if ($_SGLOBAL['magic']['invisible']) {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('magicuselog') . " WHERE uid='{$setarr['uid']}' AND mid='invisible'");
$value = $_SGLOBAL['db']->fetch_array($query);
if ($value && $value['expire'] > $_SGLOBAL['timestamp']) {
$setarr['magichidden'] = '1';
}
}
//查询实名
$uid = $setarr[uid];
$query = $_SGLOBAL['db']->query("SELECT uid, name, namestatus FROM " . tname('space') . " WHERE uid='{$uid}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
$setarr['name'] = addslashes($value['name']);
}
inserttable('session', $setarr, 0, true, 1);
$spacearr = array('lastlogin' => "lastlogin='******'timestamp']}'", 'ip' => "ip='{$ip}'");
$_SGLOBAL['supe_uid'] = $setarr['uid'];
$experience = $credit = 0;
//每天登陆奖励
$reward = getreward('daylogin', 0, $setarr['uid']);
$credit = $reward['credit'];
$experience = $reward['experience'];
if ($credit) {
$spacearr['credit'] = "credit=credit+{$credit}";
}
if ($experience) {
$spacearr['experience'] = "experience=experience+{$experience}";
}
//更新用户
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET " . implode(',', $spacearr) . " WHERE uid='{$setarr['uid']}'");
//验证用户组是否过期
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spacelog') . " WHERE uid='{$setarr['uid']}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['expiration'] <= $_SGLOBAL['timestamp']) {
//到期
//清除用户组
updatetable('space', array('groupid' => 0), array('uid' => $setarr['uid']));
//删除记录
$_SGLOBAL['db']->query("DELETE FROM " . tname('spacelog') . " WHERE uid='{$setarr['uid']}'");
}
}
//统计更新
include_once S_ROOT . './source/function_cp.php';
updatestat('login', 1);
}
function email_reg($email, $backurl = '')
{
global $_SGLOBAL, $_SC;
$email_reg['email'] = $email;
$email_reg['ip'] = getonlineip(1);
$email_reg['salt'] = random(6);
$email_reg['hash'] = substr(md5(md5($email) . $email_reg['salt']), 8, 7);
$email_reg['addtime'] = $_SGLOBAL['timestamp'];
$email_reg['used'] = 0;
$email_reg['backurl'] = $backurl;
$id = inserttable(tname("open_email_reg"), $email_reg, 1, 1);
$h = $email_reg['hash'];
return $_SC['site_host'] . "/?r=" . $h;
}
function insertsession($setarr)
{
global $_SGLOBAL, $_SCONFIG;
$_SCONFIG['onlinehold'] = intval($_SCONFIG['onlinehold']);
if ($_SCONFIG['onlinehold'] < 300) {
$_SCONFIG['onlinehold'] = 300;
}
$_SGLOBAL['db']->query("DELETE FROM " . tname('session') . " WHERE uid='{$setarr['uid']}' OR lastactivity<'" . ($_SGLOBAL['timestamp'] - $_SCONFIG['onlinehold']) . "'");
//添加在线
$ip = getonlineip(1);
$setarr['lastactivity'] = $_SGLOBAL['timestamp'];
$setarr['ip'] = $ip;
inserttable('session', $setarr, 0, true, 1);
//更新用户
updatetable('space', array('lastlogin' => $_SGLOBAL['timestamp'], 'ip' => $ip), array('uid' => $setarr['uid']), 1);
}
$configs = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('config'));
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$configs[$value['var']] = shtmlspecialchars($value['datavalue']);
}
if (empty($configs['feedfilternum']) || $configs['feedfilternum'] < 1) {
$configs['feedfilternum'] = 1;
}
$datasets = $datas = $mails = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('data'));
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['var'] == 'setting' || $value['var'] == 'mail') {
$datasets[$value['var']] = empty($value['datavalue']) ? array() : unserialize($value['datavalue']);
} else {
$datasets[$value['var']] = shtmlspecialchars($value['datavalue']);
}
}
$datas = $datasets['setting'];
$mails = $datasets['mail'];
// templates directory
$templatearr = array('default' => 'default');
$tpl_dir = sreaddir(S_ROOT . './template');
foreach ($tpl_dir as $dir) {
if (file_exists(S_ROOT . './template/' . $dir . '/style.css')) {
$templatearr[$dir] = $dir;
}
}
$templateselect = array($configs['template'] => ' selected');
$toselect = array($configs['timeoffset'] => ' selected');
$onlineip = getonlineip();
$TmpName = $value[1];
$UserId = $value[2];
$result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}");
$rs = $_SGLOBAL['db']->fetch_array($result);
$realname = $rs['name'];
//调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
}
//替换表情
$Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message);
$Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message);
//print_r($Message);
$arr = array("username" => getstr($username, 15, 1, 1, 1), "message" => $Message, "uid" => intval($userid), "replynum" => 0, "mood" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip());
$newdoid = inserttable('doing', $arr, 1);
//事件feed
$feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $userid, 'username' => $username, 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid');
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
//喜好hash
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
//合并hash
inserttable('feed', $feedarr, 1);
updatestat('doing');
//更新空间note
$setarr = array('note' => $Message);
if (!empty($_POST['spacenote'])) {
$reward = getreward('updatemood', 0);
$setarr['spacenote'] = $Message;
} else {
$list = $ols = $fuids = array();
$count = 0;
$page = empty($_GET['page']) ? 0 : intval($_GET['page']);
if ($page < 1) {
$page = 1;
}
$start = ($page - 1) * $perpage;
//检查开始数
ckstart($start, $perpage);
if ($_GET['view'] == 'online') {
$theurl = "space.php?uid={$space['uid']}&do=friend&view=online";
$actives = array('me' => ' class="active"');
$wheresql = '';
if ($_GET['type'] == 'near') {
$theurl = "space.php?uid={$space['uid']}&do=friend&view=online&type=near";
$wheresql = " WHERE main.ip='" . getonlineip(1) . "'";
} elseif ($_GET['type'] == 'friend' && $space['feedfriend']) {
$theurl = "space.php?uid={$space['uid']}&do=friend&view=online&type=friend";
$wheresql = " WHERE main.uid IN ({$space['feedfriend']})";
}
$count = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('session') . " main {$wheresql}"), 0);
if ($count) {
$query = $_SGLOBAL['db']->query("SELECT f.resideprovince, f.residecity, f.note, f.sex, f.note, f.spacenote, main.uid, main.username, main.lastactivity \r\n\t\t\tFROM " . tname('session') . " main\r\n\t\t\tLEFT JOIN " . tname('spacefield') . " f ON f.uid=main.uid\r\n\t\t\t{$wheresql}\r\n\t\t\tLIMIT {$start},{$perpage}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($_GET['type'] == 'near') {
if ($value['uid'] = $space['uid']) {
$count = $count - 1;
continue;
}
}
realname_set($value['uid'], $value['username']);
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name='', $title='', $delsize=0, $from = false) {
global $_SGLOBAL, $space, $_SCONFIG, $_SC;
if($albumid<0) $albumid = 0;
$setarr = array();
$filepath = getfilepath($fileext, true);
$newfilename = $_SC['attachdir'].'./'.$filepath;
if($handle = fopen($newfilename, 'wb')) {
if(fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
//检查空间大小
if(empty($space)) {
$space = getspace($_SGLOBAL['supe_uid']);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('space')." WHERE uid='$_SGLOBAL[supe_uid]'");
$space = $_SGLOBAL['db']->fetch_array($query);
$_SGLOBAL['supe_username'] = addslashes($space['username']);
}
$_SGLOBAL['member'] = $space;
$maxattachsize = checkperm('maxattachsize');//单位MB
if($maxattachsize) {//0为不限制
if($space['attachsize'] + $size - $delsize > $maxattachsize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
//检查是否图片
if(function_exists('getimagesize')) {
$tmp_imagesize = @getimagesize($newfilename);
list($tmp_width, $tmp_height, $tmp_type) = (array)$tmp_imagesize;
$tmp_size = $tmp_width * $tmp_height;
if($tmp_size > 16777216 || $tmp_size < 4 || empty($tmp_type) || strpos($tmp_imagesize['mime'], 'flash') > 0) {
@unlink($newfilename);
return -2;
}
}
//缩略图
include_once(S_ROOT.'./source/function_image.php');
$thumbpath = makethumb($newfilename);
$thumb = empty($thumbpath)?0:1;
//大头帖不添加水印
if($_SCONFIG['allowwatermark']) {
makewatermark($newfilename);
}
//入库
$filename = addslashes(($name ? $name : substr(strrchr($filepath, '/'), 1)));
$title = getstr($title, 200, 1, 1, 1);
if($albumid) {
preg_match("/^new\:(.+)$/i", $albumid, $matchs);
if(!empty($matchs[1])) {
$albumname = shtmlspecialchars(trim($matchs[1]));
if(empty($albumname)) $albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if($albumid) {
$query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM ".tname('album')." WHERE albumid='$albumid' AND uid='$_SGLOBAL[supe_uid]'");
if($value = $_SGLOBAL['db']->fetch_array($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
} else {
$albumid = 0;
}
$setarr = array(
'albumid' => $albumid,
'uid' => $_SGLOBAL['supe_uid'],
'username' => $_SGLOBAL['supe_username'],
'dateline' => $_SGLOBAL['timestamp'],
'filename' => $filename,
'postip' => getonlineip(),
'title' => $title,
'type' => $fileext,
'size' => $size,
'filepath' => $filepath,
'thumb' => $thumb
);
$setarr['picid'] = inserttable('pic', $setarr, 1);
//更新附件大小
//积分
$setsql = '';
if($from) {
$reward = getreward($from, 0);
if($reward['credit']) {
$setsql = ",credit=credit+$reward[credit]";
}
if($reward['experience']) {
$setsql .= ",experience=experience+$reward[experience]";
}
}
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET attachsize=attachsize+'$size', updatetime='$_SGLOBAL[timestamp]' $setsql WHERE uid='$_SGLOBAL[supe_uid]'");
//相册更新
if($albumid) {
$file = $filepath.($thumb?'.thumb.jpg':'');
$_SGLOBAL['db']->query("UPDATE ".tname('album')."
SET picnum=picnum+1, updatetime='$_SGLOBAL[timestamp]', pic='$file', picflag='1'
WHERE albumid='$albumid'");
}
//最后进行ftp上传,防止垃圾产生
if($_SCONFIG['allowftp']) {
include_once(S_ROOT.'./source/function_ftp.php');
if(ftpupload($newfilename, $filepath)) {
$setarr['remote'] = 1;
updatetable('pic', array('remote'=>$setarr['remote']), array('picid'=>$setarr['picid']));
if($albumid) updatetable('album', array('picflag'=>2), array('albumid'=>$albumid));
} else {
return -4;
}
}
//统计
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
if (empty($realname)) {
$realname = $rs['username'];
}
//调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
if ($ValidValue != false) {
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
$UserIds[] = $UserId;
}
}
}
//Add by Add by am 2013-12-07 end
$arr = array("topicid" => 0, "uid" => intval($userid), "username" => getstr($username, 15, 1, 1, 1), "subject" => getstr($Subject, 80, 1, 1, 1), "classid" => 0, "viewnum" => 0, "replynum" => 0, "hot" => 0, "picflag" => 0, "noreply" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'friend' => 1, 'click_1' => 0, 'click_2' => 0, 'click_3' => 0, 'click_4' => 0, 'click_5' => 0, 'fromdevice' => $FromDevice);
$blogid = inserttable('blog', $arr, 1);
$arr1 = array("blogid" => intval($blogid), "uid" => intval($userid), "message" => getstr($Message, 5000, 1, 1, 1), "postip" => getonlineip(), "relatedtime" => 0, "magiccolor" => 0, "magicpaper" => 0, "magiccall" => 0);
$blogfield = inserttable('blogfield', $arr1, 1);
include_once S_ROOT . './source/function_feed.php';
feed_publish($blogid, 'blogid', 0, $FromDevice);
if ($blogid) {
$arrs = array('flag' => 'success');
} else {
$arrs = array('flag' => 'fail');
}
}
}
$result = json_encode($arrs);
$result = preg_replace("#\\\\u([0-9a-f]+)#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result);
echo $result;
exit;
$_POST["country"] = $res['country'];
$_POST["school"] = $res['school'];
$_SGLOBAL["inviteactive_showemail"] = true;
$_SGLOBAL["no_inviteactive"] = true;
$inviteactive_showmsg = true;
$country = $_POST['country'];
$school = $_POST['school'];
$_SCONFIG['overseas'] = true;
include_once 'do_quickmarkregister.php';
$lng = '';
$lat = '';
try {
$res = getIpDetails();
$lng = $res['longitude'];
$lat = $res['latitude'];
$forg = array("uid" => $newuid, "ip" => getonlineip(), "country" => $country, "school" => $school, "lng" => $lng, "lat" => $lat);
inserttable("spaceforeign", $forg);
//设置隐私
$_SGLOBAL['db']->query("INSERT INTO " . tname('spaceinfo') . " (type,subtype,uid,friend) VALUES ('contact','mobile'," . $newuid . ",1)");
$query = $_SGLOBAL['db']->query("UPDATE " . tname("spaceforeign") . " SET dataline='" . time() . "' WHERE uid={$newuid}");
//给外事处发消息进行认证
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("space") . " WHERE consul=1");
if ($res = $_SGLOBAL['db']->fetch_array($query)) {
$recver = $res['uid'];
}
$setarr = array('uid' => $recver, 'type' => "friend", 'new' => 1, 'authorid' => $newuid, 'author' => $name, 'note' => "({$birthday},{$academy}," . $startyear . "级)" . '向您发起了' . $country . $school . '学校的认证请求<br/><a href="space.php?do=friend&view=confirmoverseas&uid=%27' . $newuid . '%27&type=overseas">通过请求</a><span class="pipe">|</span><a href="space.php?do=friend&view=refuseoverseas&uid=%27' . $newuid . '%27&type=overseas">忽略</a>', 'dateline' => $_SGLOBAL['timestamp']);
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid='{$recver}'");
inserttable('notification', $setarr);
//变更记录
if ($_SCONFIG['my_status']) {
inserttable('userlog', array('uid' => $newuid, 'action' => 'add', 'dateline' => $_SGLOBAL['timestamp']), 0, true);
}
if (empty($updo) && $doid) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('doing') . " WHERE doid='{$doid}'");
$updo = $_SGLOBAL['db']->fetch_array($query);
}
if (empty($updo)) {
showmessage('docomment_error');
} else {
//黑名单
if (isblacklist($updo['uid'])) {
showmessage('is_blacklist');
}
}
$updo['id'] = intval($updo['id']);
$updo['grade'] = intval($updo['grade']);
$setarr = array('doid' => $updo['doid'], 'upid' => $updo['id'], 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message, 'ip' => getonlineip(), 'grade' => $updo['grade'] + 1);
//最多层级
if ($updo['grade'] >= 3) {
$setarr['upid'] = $updo['upid'];
//更母一个级别
}
$newid = inserttable('docomment', $setarr, 1);
//更新回复数
$_SGLOBAL['db']->query("UPDATE " . tname('doing') . " SET replynum=replynum+1 WHERE doid='{$updo['doid']}'");
//通知
if ($updo['uid'] != $_SGLOBAL['supe_uid']) {
$note = cplang('note_doing_reply', array("space.php?do=doing&doid={$updo['doid']}&highlight={$newid}"));
notification_add($updo['uid'], 'doing', $note);
}
$_POST['refer'] = preg_replace("/((\\#|\\&highlight|\\-highlight|\\.html).*?)\$/", '', $_POST['refer']);
if (strexists($_POST['refer'], '?')) {
//以下摘取addnews部分代码,私下觉得@功能不完整!
preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s/U", $Message, $Matches, PREG_SET_ORDER);
foreach ($Matches as $value) {
$TmpString = $value[0];
$TmpName = $value[1];
$UserId = $value[2];
$result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}");
$rs = $_SGLOBAL['db']->fetch_array($result);
$realname = $rs['name'];
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
}
$Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message);
$Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message);
chdir("../../");
include_once 'source/function_cp.php';
$MobileFile = pic_save($File, $_POST['albumid'], $Message, $_POST['topicid']);
if ($MobileFile && is_array($MobileFile)) {
$arr = array("username" => getstr($username, 30, 1, 1, 1), "message" => $Message, "uid" => intval($userid), "replynum" => 0, "mood" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip(), 'fromdevice' => $FromDevice, 'image_1' => pic_get($MobileFile['filepath'], $MobileFile['thumb'], $MobileFile['remote']), 'image_1_link' => "space.php?uid={$MobileFile['uid']}&do=album&picid={$MobileFile['picid']}");
$newdoid = inserttable('doing', $arr, 1);
$Feedarray = array('appid' => 'UC_APPID', 'icon' => 'doing', 'id' => $newdoid, 'idtype' => 'doid', 'uid' => $MobileFile['uid'], 'username' => $MobileFile['username'], 'dateline' => $MobileFile['dateline'], 'fromdevice' => $FromDevice, 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'image_1' => pic_get($MobileFile['filepath'], $MobileFile['thumb'], $MobileFile['remote']), 'image_1_link' => "space.php?uid={$MobileFile['uid']}&do=album&picid={$MobileFile['picid']}");
$Feedarray['hash_template'] = md5($Feedarray['title_template'] . "\t" . $Feedarray['body_template']);
$Feedarray['hash_data'] = md5($Feedarray['title_template'] . "\t" . $Feedarray['title_data'] . "\t" . $Feedarray['body_template'] . "\t" . $Feedarray['body_data']);
$Feedid = inserttable('feed', $Feedarray, 1);
updatestat('doing');
$Result = array('flag' => 'success');
} else {
$Result = array('flag' => 'fail_file&msg');
}
$value = saddslashes($value);
$dateline = intval(sstrtotime($value['dateCreated']));
$subject = getstr($value['title'], 80, 1, 1, 1);
$message = isset($value['description']) ? $value['description'] : $value['content'];
$message = getstr($message, 0, 1, 1, 1, 0, 1);
$message = checkhtml($message);
if (empty($subject) || empty($message)) {
$results[$key]['status'] = '--';
$results[$key]['blogid'] = 0;
continue;
}
//开始导入
$blogarr = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'subject' => $subject, 'pic' => getmessagepic($message), 'dateline' => $dateline ? $dateline : $_SGLOBAL['timestamp']);
$blogid = inserttable('blog', $blogarr, 1);
//插入内容
$fieldarr = array('blogid' => $blogid, 'message' => $message, 'postip' => getonlineip());
inserttable('blogfield', $fieldarr);
//统计
$incount = $incount + 1;
$results[$key]['status'] = 'OK';
$results[$key]['blogid'] = $blogid;
} else {
$results[$key]['status'] = '--';
$results[$key]['blogid'] = 0;
}
}
if ($incount) {
//扣除积分
updatespacestatus('pay', 'xmlrpc');
@unlink($userfile);
}
//黑名单
if (isblacklist($post['uid'])) {
showmessage('is_blacklist');
}
//实名
realname_set($post['uid'], $post['username']);
realname_get();
$post['message'] = preg_replace("/\\<div class=\"quote\"\\>\\<span class=\"q\"\\>.*?\\<\\/span\\>\\<\\/div\\>/is", '', $post['message']);
//移除编辑记录
$post['message'] = preg_replace("/<ins class=\"modify\".+?<\\/ins>/is", '', $post['message']);
$post['message'] = html2bbcode($post['message']);
//显示用
$message = addslashes("<div class=\"quote\"><span class=\"q\"><b>" . $_SN[$post['uid']] . "</b>: " . getstr($post['message'], 150, 0, 0, 0, 2, 1) . '</span></div>') . $message;
}
$anonymous = empty($_POST['anonymous']) ? 0 : intval($_POST['anonymous']);
$setarr = array('tagid' => intval($thread['tagid']), 'anonymous' => $anonymous, 'tid' => $tid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'ip' => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message);
$pid = inserttable('post', $setarr, 1);
//邮件通知
smail($thread['uid'], '', cplang('mtag_reply', array($_SN[$space['uid']], shtmlspecialchars(getsiteurl() . "space.php?uid={$thread['uid']}&do=thread&id={$thread['tid']}"))), '', 'mtag_reply');
//更新统计数据
$last_author_name = $anonymous ? 'null' : $_SGLOBAL[supe_username];
$_SGLOBAL['db']->query("UPDATE " . tname('thread') . "\r\n\t\tSET replynum=replynum+1, lastpost='{$_SGLOBAL['timestamp']}', lastauthor='{$last_author_name}', lastauthorid='{$_SGLOBAL['supe_uid']}'\r\n\t\tWHERE tid='{$tid}'");
//更新群组统计
$_SGLOBAL['db']->query("UPDATE " . tname("mtag") . " SET postnum=postnum+1 WHERE tagid='{$thread['tagid']}'");
//普通回复
if (empty($post) && $thread['uid'] != $_SGLOBAL['supe_uid']) {
//积分
getreward('replythread', 1, 0, $thread['tid']);
realname_set($thread['uid'], $thread['username']);
realname_get();
if (empty($mtag['viewperm'])) {
function blog_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC;
//操作者角色切换
if (!empty($olds['uid'])) {
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//隐私
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//公开
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//语词屏蔽
//内容
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace("/\\<div\\>\\<\\/div\\>/i", '', $POST['message']);
$message = $POST['message'];
//个人分类
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//分类名
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if (empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid');
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
//是否是自己的
$classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname');
if (empty($classname)) {
$classid = 0;
}
}
//主表
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
}
//插入文章
if ($uploads) {
preg_match_all("/\\<img\\s.*?\\_uchome\\_localimg\\_([0-9]+).+?src\\=\"(.+?)\"/i", $message, $mathes);
if (!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if (!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_{$value}";
$replaces[] = mkpicurl($uploads[$value], 0);
unset($uploads[$value]);
}
}
if ($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//未插入文章
foreach ($uploads as $value) {
$picurl = mkpicurl($value, 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>";
}
}
//没有填写任何东西
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
//添加slashes
$message = addslashes($message);
//从内容中读取图片
if (empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
if ($olds['blogid']) {
//更新
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid' => $blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//附表
$fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']);
//TAG
$oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if ($POST['tag'] != $oldtagstr) {
if (!empty($olds['tag'])) {
//先把以前的给清理掉
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if ($oldtags) {
$_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET blognum=blognum-1 WHERE tagid IN (" . simplode($oldtags) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//更新附表中的tag
$fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr));
}
if ($olds) {
//更新
updatetable('blogfield', $fieldarr, array('blogid' => $blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//空间更新
if ($olds) {
//空间更新
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'");
} else {
//积分
updatespacestatus('get', 'blog');
}
//feed
if (empty($olds) && $blogarr['friend'] != 3) {
//事件feed
$fs = array();
$fs['icon'] = 'blog';
$fs['title_data'] = array();
$fs['images'] = $fs['image_links'] = array();
if ($blogarr['friend'] == 4) {
//加密日志feed
$fs['title_template'] = cplang('feed_blog_password');
$fs['title_data'] = array('subject' => "<a href=\"space.php?uid={$_SGLOBAL['supe_uid']}&do=blog&id={$blogid}\">{$blogarr['subject']}</a>");
$fs['body_template'] = '';
$fs['body_data'] = array();
} else {
if ($blogarr['pic']) {
$fs['images'] = array(mkpicurl($blogarr));
$fs['image_links'] = array("space.php?uid={$_SGLOBAL['supe_uid']}&do=blog&id={$blogid}");
}
$fs['title_template'] = cplang('feed_blog');
$fs['body_template'] = '<b>{subject}</b><br>{summary}';
$fs['body_data'] = array('subject' => "<a href=\"space.php?uid={$_SGLOBAL['supe_uid']}&do=blog&id={$blogid}\">{$blogarr['subject']}</a>", 'summary' => getstr($message, 150, 1, 1, 0, 0, -1));
}
$fs['body_general'] = '';
$fs['target_ids'] = $fieldarr['target_ids'];
$fs['friend'] = $blogarr['friend'];
if (ckprivacy('blog', 1)) {
include_once S_ROOT . './source/function_cp.php';
feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general'], $fs['images'], $fs['image_links'], $fs['target_ids'], $fs['friend']);
}
}
//角色切换
if (!empty($__SGLOBAL)) {
$_SGLOBAL = $__SGLOBAL;
}
return $blogarr;
}
$fs['body_data'] = array();
$fs['body_general'] = '';
break;
case 'pid':
// 投票
//更新评论统计
$_SGLOBAL['db']->query("UPDATE " . tname('poll') . " SET replynum=replynum+1 WHERE pid='{$id}'");
$fs['title_template'] = cplang('feed_comment_poll');
$fs['title_data'] = array('touser' => "<a href=\"space.php?uid={$tospace['uid']}\">" . $_SN[$tospace['uid']] . "</a>", 'poll' => "<a href=\"space.php?uid={$tospace['uid']}&do=poll&pid={$id}\">{$poll['subject']}</a>");
$fs['body_template'] = '';
$fs['body_data'] = array();
$fs['body_general'] = '';
$fs['friend'] = '';
break;
}
$setarr = array('refercid' => $cid, 'uid' => $tospace['uid'], 'id' => $id, 'idtype' => $_POST['idtype'], 'authorid' => $_SGLOBAL['supe_uid'], 'author' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message, 'ip' => getonlineip());
//入库
$cid = inserttable('comment', $setarr, 1);
$action = 'comment';
$becomment = 'getcomment';
switch ($_POST['idtype']) {
case 'uid':
$n_url = "space.php?uid={$tospace['uid']}&do=wall&cid={$cid}";
$note_type = 'wall';
$note = cplang('note_wall', array($n_url));
$q_note = cplang('note_wall_reply', array($n_url));
if ($comment) {
$msg = 'note_wall_reply_success';
$magvalues = array($_SN[$tospace['uid']]);
$becomment = '';
} else {
$Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message);
$Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message);
preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s/U", $Message, $Matches, PREG_SET_ORDER);
foreach ($Matches as $value) {
$TmpString = $value[0];
$TmpName = $value[1];
$UserId = $value[2];
$result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}");
$rs = $_SGLOBAL['db']->fetch_array($result);
$realname = $rs['name'];
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
}
$arr = array("username" => getstr($username, 30, 1, 1, 1), "message" => getstr($Message, 480, 1, 1, 1), "uid" => intval($userid), "replynum" => 0, "mood" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip(), 'fromdevice' => $FromDevice);
$newdoid = inserttable('doing', $arr, 1);
$feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $userid, 'username' => $username, 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid', 'fromdevice' => $FromDevice);
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
inserttable('feed', $feedarr, 1);
updatestat('doing');
$setarr = array('note' => $Message);
if (!empty($_POST['spacenote'])) {
$reward = getreward('updatemood', 0);
$setarr['spacenote'] = $Message;
} else {
$reward = getreward('doing', 0);
}
updatetable('spacefield', $setarr, array('uid' => $userid));
$Result = array('flag' => 'success');
function blog_post($POST, $olds=array()) {
global $_SGLOBAL, $_SC, $space;
//操作者角色切换
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if(strlen($POST['subject'])<1) $POST['subject'] = sgmdate('Y-m-d');
$POST['friend'] = intval($POST['friend']);
//隐私
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names'])?array():explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM ".tname('space')." WHERE username IN (".simplode($names).")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if(empty($uids)) {
$POST['friend'] = 3;//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;//公开
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1); //语词屏蔽
//内容
if($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
//个人分类
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//分类名
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if(empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname'=>$classname, 'uid'=>$_SGLOBAL['supe_uid']), 'classid');
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_SGLOBAL['supe_uid'],
'dateline' => $_SGLOBAL['timestamp']
);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
//是否是自己的
$classname = getcount('class', array('classid'=>$classid, 'uid'=>$_SGLOBAL['supe_uid']), 'classname');
if(empty($classname)) $classid = 0;
}
//主表
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
'password' => $POST['password'],
'noreply' => empty($_POST['noreply'])?0:1
);
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if(!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('pic')." WHERE picid IN (".simplode($picids).") AND uid='$_SGLOBAL[supe_uid]'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if(empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'].'.thumb.jpg';
$blogarr['picflag'] = $value['remote']?2:1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if(empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote']?2:1;
}
}
//插入文章
if($uploads) {
preg_match_all("/\<img\s.*?\_uchome\_localimg\_([0-9]+).+?src\=\"(.+?)\"/i", $message, $mathes);
if(!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if(!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_$value";
$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
unset($uploads[$value]);
}
}
if($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//未插入文章
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
}
}
//没有填写任何东西
$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
if(empty($ckmessage)) {
return false;
}
//添加slashes
$message = addslashes($message);
//从内容中读取图片
if(empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
//热度
if(checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if($olds['blogid']) {
//更新
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid'=>$blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
//参与热闹
$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline'])?$_SGLOBAL['timestamp']:$POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//附表
$fieldarr = array(
'message' => $message,
'postip' => getonlineip(),
'target_ids' => $POST['target_ids']
);
//TAG
$oldtagstr = addslashes(empty($olds['tag'])?'':implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if($POST['tag'] != $oldtagstr) {
if(!empty($olds['tag'])) {
//先把以前的给清理掉
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM ".tname('tagblog')." WHERE blogid='$blogid'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if($oldtags) {
$_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum-1 WHERE tagid IN (".simplode($oldtags).")");
$_SGLOBAL['db']->query("DELETE FROM ".tname('tagblog')." WHERE blogid='$blogid'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//更新附表中的tag
$fieldarr['tag'] = empty($tagarr)?'':addslashes(serialize($tagarr));
}
if($olds) {
//更新
updatetable('blogfield', $fieldarr, array('blogid'=>$blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//空间更新
if($isself) {
if($olds) {
//空间更新
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET updatetime='$_SGLOBAL[timestamp]' WHERE uid='$_SGLOBAL[supe_uid]'");
} else {
if(empty($space['blognum'])) {
$space['blognum'] = getcount('blog', array('uid'=>$space['uid']));
$blognumsql = "blognum=".$space['blognum'];
} else {
$blognumsql = 'blognum=blognum+1';
}
//积分
$reward = getreward('publishblog', 0);
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET {$blognumsql}, lastpost='$_SGLOBAL[timestamp]', updatetime='$_SGLOBAL[timestamp]', credit=credit+$reward[credit], experience=experience+$reward[experience] WHERE uid='$_SGLOBAL[supe_uid]'");
//统计
updatestat('blog');
}
}
//产生feed
if($POST['makefeed']) {
include_once(S_ROOT.'./source/function_feed.php');
feed_publish($blogid, 'blogid', $olds?0:1);
}
//热闹
if(empty($olds) && $blogarr['topicid']) {
topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}
//角色切换
if(!empty($__SGLOBAL)) $_SGLOBAL = $__SGLOBAL;
return $blogarr;
}
function ipbanned($ipbanned)
{
return empty($ipbanned) ? false : preg_match("/^(" . str_replace(array("\r\n", ' '), array('|', ''), preg_quote($ipbanned, '/')) . ")/", getonlineip());
}
/**
* 修改用户状态
* @param $userId
* @param $status
* 返回 001 成功,002失败
*/
public function updateUserStatus($userId, $status)
{
$ip = new IPFilter(getonlineip());
if ($ip->isAllowable() != 1) {
return lang('ip_denied');
}
$account = new Account($userId);
$res = $account->updateStatus($status);
return $res;
}
}
if ($addnum) {
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET addfriendnum=addfriendnum+{$addnum} WHERE uid='{$_SGLOBAL['supe_uid']}'");
}
ssetcookie('synfriend', 1, 1800);
//30分钟检查一次
exit;
} elseif ($op == 'find') {
//自动找好友
$maxnum = 18;
$nouids = $space['friends'];
$nouids[] = $space['uid'];
//就在您附近的
$nearlist = array();
$i = 0;
$myip = getonlineip(1);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('session') . "\n\t\tWHERE ip='{$myip}' LIMIT 0,200");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (!in_array($value['uid'], $nouids)) {
realname_set($value['uid'], $value['username']);
$nearlist[] = $value;
$i++;
if ($i >= $maxnum) {
break;
}
}
}
//好友的好友
$i = 0;
$friendlist = array();
if ($space['feedfriend']) {
$starttime = $_POST['starttime'] ? strtotime($_POST['starttime']) : strtotime('2036-12-31');
$endtime = $_POST['endtime'] ? strtotime($_POST['endtime']) : strtotime('2036-12-31');
//使用对象
$undergraduate = isset($_POST['undergraduate']) ? intval($_POST['undergraduate']) : 0;
$postgraduate = isset($_POST['postgraduate']) ? intval($_POST['postgraduate']) : 0;
$teacher = isset($_POST['teacher']) ? intval($_POST['teacher']) : 0;
$alumnus = isset($_POST['alumnus']) ? intval($_POST['alumnus']) : 0;
//二进制形式
$usertype = $undergraduate . $postgraduate . $teacher . $alumnus;
//转换为十进制形式
$usertype = bindec($usertype);
//以下信息是自动完成
$applypass = 0;
$applyuid = $_SGLOBAL['supe_uid'];
$applytime = time();
$applyip = getonlineip();
$email = $_SGLOBAL['member']['email'];
$name = getstr($name, 30, 1, 1, 1);
//接收图片流:在这之前要验明$name的正身
if ($_FILES['logo']['tmp_name']) {
$pic = pic_save($_FILES['logo'], -1, $name);
if (is_array($pic) && $pic['filepath']) {
$logo = $pic['filepath'];
}
}
if ($category == 3) {
$useapi = substr($_POST['api'], 4);
$iauth_type = $_POST['iauthtype'];
} else {
$useapi = '';
$iauth_type = '';
}
$needlogin = false;
//二次登录确认(半个小时)
if ($needlogin) {
$cpaccess = 0;
$query = $_SGLOBAL['db']->query("SELECT errorcount FROM " . tname('adminsession') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND dateline+1800>='{$_SGLOBAL['timestamp']}'");
if ($session = $_SGLOBAL['db']->fetch_array($query)) {
if ($session['errorcount'] == -1) {
$_SGLOBAL['db']->query("UPDATE " . tname('adminsession') . " SET dateline='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'");
$cpaccess = 2;
} elseif ($session['errorcount'] <= 3) {
$cpaccess = 1;
}
} else {
$_SGLOBAL['db']->query("DELETE FROM " . tname('adminsession') . " WHERE uid='{$_SGLOBAL['supe_uid']}' OR dateline+1800<'{$timestamp}'");
$_SGLOBAL['db']->query("INSERT INTO " . tname('adminsession') . " (uid, ip, dateline, errorcount)\r\n\t\t\tVALUES ('{$_SGLOBAL['supe_uid']}', '" . getonlineip() . "', '{$_SGLOBAL['timestamp']}', '0')");
$cpaccess = 1;
}
} else {
$cpaccess = 2;
}
switch ($cpaccess) {
case '1':
//可以登录
if (submitcheck('loginsubmit')) {
if (!($passport = getpassport($_SGLOBAL['supe_username'], $_POST['password']))) {
$_SGLOBAL['db']->query("UPDATE " . tname('adminsession') . " SET errorcount=errorcount+1 WHERE uid='{$_SGLOBAL['supe_uid']}'");
cpmessage('enter_the_password_is_incorrect', 'admincp.php');
} else {
$_SGLOBAL['db']->query("UPDATE " . tname('adminsession') . " SET errorcount='-1' WHERE uid='{$_SGLOBAL['supe_uid']}'");
$refer = empty($_SCOOKIE['_refer']) ? $_SGLOBAL['refer'] : rawurldecode($_SCOOKIE['_refer']);
$remember = $_POST['remember'];
if ($remember == 'true') {
$_SGLOBAL['db']->query("UPDATE " . tname("spaceforeign") . " SET sync='yes' WHERE uid=" . $_POST['uid']);
$_SGLOBAL['db']->query("UPDATE " . tname("space") . " SET overseas_tip='never' WHERE uid=" . $_SGLOBAL['supe_uid']);
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("spaceforeign") . " WHERE uid='{$uid}'");
if ($res = $_SGLOBAL['db']->fetch_array($query)) {
$school = $res['school'];
$query1 = $_SGLOBAL['db']->query("SELECT * FROM " . tname("mtag") . " WHERE tagname='{$school}'");
if ($r = $_SGLOBAL['db']->fetch_array($query1)) {
$tagid = $r['tagid'];
}
}
$setarr = array('tagid' => $tagid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'subject' => $msg, 'lastpost' => $_SGLOBAL['timestamp'], 'lastauthor' => $_SGLOBAL['supe_username'], 'lastauthorid' => $_SGLOBAL['supe_uid']);
$tid = inserttable('thread', $setarr, 1);
$psetarr = array('tagid' => $tagid, 'tid' => $tid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'ip' => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'message' => $msg, 'isthread' => 1);
//添加
inserttable('post', $psetarr);
//更新群组统计
$_SGLOBAL['db']->query("UPDATE " . tname("mtag") . " SET threadnum=threadnum+1 WHERE tagid='{$tagid}'");
//统计
updatestat('thread');
//更新用户统计
if (empty($space['threadnum'])) {
$space['threadnum'] = getcount('thread', array('uid' => $space['uid']));
$threadnumsql = "threadnum=" . $space['threadnum'];
} else {
$threadnumsql = 'threadnum=threadnum+1';
}
//积分
$reward = getreward('publishthread', 0);
$yesterday = $_SGLOBAL['timestamp'] - 86400;
$sql = $_SGLOBAL['db']->query("SELECT mobile FROM " . tname('mobilereg') . " WHERE mobile = '" . $mobile . "' AND dateline > '" . $yesterday . "' ");
$count = $_SGLOBAL['db']->num_rows($sql);
if ($count >= 3) {
showmessage('已经存在手机号:' . $mobile . '发出的' . $count . '条验证码还未完成注册。');
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('mobilereg') . " WHERE mobile = '" . $mobile . "' and status=0 ORDER BY dateline DESC LIMIT 1");
if ($value = $_SGLOBAL['db']->fetch_array($query) && $_SGLOBAL['timestamp'] - $value['dateline'] <= 60) {
showmessage('对不起,您的操作过快,请等待30秒再接收验证码', 'index.php', 2);
} else {
$mquery = $_SGLOBAL['db']->query("SELECT mobile FROM " . tname('spacefield') . " WHERE mobile = '" . $mobile . "'");
if ($bind = $_SGLOBAL['db']->fetch_array($mquery)) {
showmessage('此手机号已经绑定,如果忘记密码,请用手机找回。');
} else {
if (sendsms($mobile, '验证码', $content)) {
$setarr = array('mobile' => $mobile, 'verifycode' => $verifycode, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip());
inserttable('mobilereg', $setarr, 1);
showmessage('successfully');
} else {
showmessage('注册验证码发送失败...');
}
}
}
} elseif ($op == "checkinputverifycode") {
$query = $_SGLOBAL['db']->query("SELECT mobile FROM " . tname('mobilereg') . " WHERE mobile = '" . trim($_GET['mobile']) . "' and verifycode = '" . trim($_GET['verifycode']) . "'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
showmessage('succeed');
} else {
showmessage('手机验证码输入不正确!');
}
} elseif ($op == "checkinvitecode") {
function IHomeServiceCreateComplainReply($params = NULL)
{
global $_SGLOBAL;
$cpid = 0;
# complain 表中的 id
$relay_times = 0;
if ($params['uid']) {
if ($params['uid'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter uid must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select name,username from " . tname('space') . " where uid = " . $params['uid']);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
if ($row['name']) {
$params['uname'] = $row['name'];
} else {
$params['uname'] = $row['username'];
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the uid is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter uid is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
$complain = array();
if ($params['complainId']) {
if ($params['complainId'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter complainId must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where doid = " . $params['complainId']);
if ($complain = $_SGLOBAL['db']->fetch_array($query)) {
if (isblacklist($complain['uid'])) {
$errorMsg = array("errorNo" => "500", "content" => "the user of complain is in blacklist.");
return json_encode($errorMsg);
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the complain id is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter complainId is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if (!$params['message']) {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter message.");
return json_encode($errorMsg);
}
$params['timestamp'] = time();
$doid = $params['complainId'];
$message = getstr($params['message'], 480, 1, 1, 1);
preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s*/U", $params['message'], $matches, PREG_SET_ORDER);
preg_match_all("/回复[@](.*)[(]([\\d]+)[)]\\s*/U", $params['message'], $reply_matches, PREG_SET_ORDER);
if ($reply_matches) {
$exclude_relay = 1;
}
# 如果带有回复字眼,则默认不为relay
$newid = 0;
$addtype = 0;
$query = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where doid=" . $params['complainId'] . ' and atuid=' . $params['uid']);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
$complain = $row;
$addtype = 2;
$cpid = $complain['id'];
$relay_times = $complain['relay_times'];
}
$isrelay = 0;
if ($addtype && $matches && !$exclude_relay) {
$isrelay = 1;
}
if ($isrelay && $relay_times >= 3) {
$errorMsg = array("errorNo" => "500", "content" => "relay times reach the ceiling'.");
return json_encode($errorMsg);
}
$UserIds = array();
$relay_depid = 0;
foreach ($matches as $value) {
$TmpString = $value[0];
$TmpName = $value[1];
$UserId = $value[2];
$result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid=" . $UserId);
if ($rs = $_SGLOBAL['db']->fetch_array($result)) {
$realname = $rs['name'];
if (empty($realname)) {
$realname = $rs['username'];
}
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
if ($ValidValue != false) {
$message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $message);
if (!in_array($UserId, $UserIds)) {
$UserIds[] = $UserId;
}
}
}
if ($isrelay) {
$q = $_SGLOBAL['db']->query("select * from " . tname('powerlevel') . " where dept_uid = " . $UserId);
if ($r = $_SGLOBAL['db']->fetch_array($q)) {
$relay_depid = $UserId;
}
}
}
$message = preg_replace("/\\[am:(\\d+):]/is", "<img src=\"image/face_new/face_1/\\1.gif\" class=\"face\">", $message);
$message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $message);
$message = preg_replace("/\\[bm:(\\d+):]/is", "<img src=\"image/face_new/face_2/\\1.gif\" class=\"face\">", $message);
$message = preg_replace("/\\<br.*?\\>/is", ' ', $message);
$params['message'] = $message;
if (strlen($message) < 1) {
$errorMsg = array("errorNo" => "4002", "content" => "the parameter message is too short'.");
return json_encode($errorMsg);
}
if (!$addtype) {
if ($UserIds) {
$temp = implode(',', $UserIds);
$_SGLOBAL['db']->query("UPDATE " . tname('complain') . " SET locked=0 WHERE doid= " . $params['complainId'] . " AND uid=" . $params['uid'] . " AND locked AND atuid in ({$temp})");
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('doing') . " WHERE doid=" . $params['complainId']);
$updo = $_SGLOBAL['db']->fetch_array($query);
$updo['id'] = intval($updo['id']);
$updo['grade'] = intval($updo['grade']);
$setarr = array('doid' => $updo['doid'], 'upid' => $updo['id'], 'uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message, 'ip' => getonlineip(), 'grade' => $updo['grade'] + 1);
if ($params['ip']) {
$setarr['ip'] = $params['ip'];
} else {
$params['ip'] = $setarr['ip'];
}
if ($updo['grade'] >= 3) {
$setarr['upid'] = $updo['upid'];
}
$newid = inserttable('docomment', $setarr, 1);
$params['id'] = $newid;
$params['operation'] = 0;
$_SGLOBAL['db']->query("UPDATE " . tname('doing') . " SET replynum=replynum+1 WHERE doid='{$updo['doid']}'");
$note = cplang('note_complain_reply', array("space.php?do=complain_item&doid={$setarr['doid']}"));
notification_add($userId, 'complain', $note);
if (empty($UserIds)) {
// not @
$query = $_SGLOBAL['db']->query("SELECT * FROM ihome_complain where doid=" . $updo[doid]);
$value = $_SGLOBAL['db']->fetch_array($query);
if ($value['from'] == $params['uid']) {
//发起方
notification_add($value['atuid'], 'complain', $note);
} else {
notification_add($value['from'], 'complain', $note);
}
}
unset($params['complainId']);
return json_encode($params);
}
$optype = 2;
if ($isrelay) {
$optype = 3;
$addtype = 0;
}
$oparr = array('doid' => $params['complainId'], 'message' => $params['message'], 'uid' => $params['uid'], 'username' => $params['uname'], 'optype' => $optype, 'dateline' => time(), 'opvalue' => $relay_depid, 'finish' => $addtype == 2 ? 1 : 0);
$params['operation'] = $opid = inserttable('complain_op', $oparr, true);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('doing') . " WHERE doid=" . $params['complainId']);
$updo = $_SGLOBAL['db']->fetch_array($query);
$updo['id'] = intval($updo['id']);
$updo['grade'] = intval($updo['grade']);
$setarr = array('doid' => $updo['doid'], 'upid' => $updo['id'], 'uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message, 'ip' => getonlineip(), 'grade' => $updo['grade'] + 1, 'complainBorn' => 1, 'complainopid' => $opid);
if ($params['ip']) {
$setarr['ip'] = $params['ip'];
} else {
$params['ip'] = $setarr['ip'];
}
if ($updo['grade'] >= 3) {
$setarr['upid'] = $updo['upid'];
}
$params['id'] = $newid = inserttable('docomment', $setarr, 1);
$_SGLOBAL['db']->query("UPDATE " . tname('doing') . " SET replynum=replynum+1 WHERE doid='{$updo['doid']}'");
if ($optype == 3) {
$query = $_SGLOBAL['db']->query("select * from " . tname("space") . " where uid = {$relay_depid}");
$relay_dep = $_SGLOBAL['db']->fetch_array($query);
if (empty($relay_dep)) {
$errorMsg = array("errorNo" => 500, "content" => "the at user is not exist ");
return json_encode($errorMsg);
}
updatetable('complain', array("status" => 3, 'lastopid' => $opid), array('id' => $cpid));
#status = 3 relayed
$query = $_SGLOBAL['db']->query("select * from " . tname("complain") . " where doid= " . $params['complainId'] . " and atuid={$relay_depid} and status != 3");
$already = $_SGLOBAL['db']->fetch_array($query);
if (!$already) {
if ($complain['relayed_by']) {
$relayed_by = $complain['relayed_by'] . $params['uid'] . ',';
} else {
$relayed_by = ',' . $params['uid'] . ',';
}
$newComplain = $complain;
unset($newComplain['id']);
$newComplain['atdeptuid'] = $relay_depid;
$newComplain['atuid'] = $relay_depid;
$newComplain['atuname'] = $relay_dep['name'];
$newComplain['atdepartment'] = $relay_dep['name'];
$newComplain['dateline'] = $_SGLOBAL['timestamp'];
$newComplain['times'] = 1;
$newComplain['issendmsg'] = 0;
$newComplain['relay_times'] = $complain['relay_times'] + 1;
$newComplain['relayed_by'] = $relayed_by;
$newComplainId = inserttable('complain', $newComplain, 1);
if ($complain['lastopid'] == 0) {
$result = $_SGLOBAL['db']->query("select * from " . tname('complain_dep') . " where uid = " . $params['uid']);
$dep = $_SGLOBAL['db']->fetch_array($result);
if (empty($dep)) {
$arr = array();
$arr['uid'] = $params['uid'];
$arr['username'] = $params['uname'];
$arr['upnum'] = 0;
$arr['downnum'] = 0;
$arr['allreplynum'] = 1;
$arr['allreplysecs'] = $_SGLOBAL['timestamp'] - $complain['dateline'];
$arr['score'] = 0;
$arr['aversecs'] = 0;
$arr['lastupdate'] = 0;
inserttable('complain_dep', $arr);
} else {
$arr['allreplynum'] = $dep['allreplynum'] + 1;
$arr['allreplysecs'] = $dep['allreplysecs'] + $_SGLOBAL['timestamp'] - $complain['dateline'];
updatetable("complain_dep", $arr, array('uid' => $params['uid']));
}
}
$note = cplang('complain_relay', array($complain['atuname'], "space.php?do=complain_item&doid={$complain['doid']}"));
notification_complain_add($relay_depid, 'complain', $note);
}
inserttable('complain_resp', array('uid' => $params['uid'], 'doid' => $doid, 'opid' => $opid, 'replysecs' => $_SGLOBAL['timestamp'] - $complain['dateline'], 'dateline' => $_SGLOBAL['timestamp']));
} else {
if ($optype == 2) {
if ($addtype == 2) {
updatetable('complain', array('status' => 1, 'lastopid' => $opid, 'replytime' => $_SGLOBAL['timestamp'], 'dateline' => $_SGLOBAL['timestamp']), array('id' => $cpid));
} else {
updatetable('complain', array('locked' => 1, 'replytime' => $_SGLOBAL['timestamp'], 'dateline' => $_SGLOBAL['timestamp']), array('id' => $cpid));
}
if ($complain['lastopid'] == 0) {
$result = $_SGLOBAL['db']->query("select * from " . tname('complain_dep') . " where uid =" . $params['uid']);
$dep = $_SGLOBAL['db']->fetch_array($result);
if (empty($dep)) {
$arr = array();
$arr['uid'] = $params['uid'];
$arr['username'] = $params['uname'];
$arr['upnum'] = 0;
$arr['downnum'] = 0;
$arr['allreplynum'] = 1;
$arr['allreplysecs'] = $_SGLOBAL['timestamp'] - $complain['dateline'];
$arr['score'] = 0;
$arr['aversecs'] = 0;
$arr['lastupdate'] = 0;
inserttable('complain_dep', $arr);
} else {
$arr['allreplynum'] = $dep['allreplynum'] + 1;
$arr['allreplysecs'] = $dep['allreplysecs'] + $_SGLOBAL['timestamp'] - $complain['dateline'];
updatetable("complain_dep", $arr, array('uid' => $params['uid']));
}
}
inserttable('complain_resp', array('uid' => $params['uid'], 'doid' => $doid, 'opid' => $opid, 'replysecs' => $_SGLOBAL['timestamp'] - $complain['dateline'], 'dateline' => $_SGLOBAL['timestamp']));
$note = cplang('note_doingcomplain_reply', array("space.php?do=complain_item&doid={$complain['doid']}"));
notification_complain_add($complain['uid'], 'complain', $note, $params['uid'], $params['uname']);
}
}
unset($params['complainId']);
return json_encode($params);
}
<?php
/*
addsharereply.php评论某个分享
Add by am@ihome.2012-10-17 10:34
*/
include_once '../iauth_verify_forward.php';
$userid = intval(iauth_verify());
include_once '../../../common.php';
include_once S_ROOT . './uc_client/client.php';
@(include_once S_ROOT . './data/data_profield.php');
//$userid =96;
//$username = '******';
$Message = empty($_POST['message']) ? '' : getstr($_POST['message']);
$ShareId = empty($_POST['shareid']) ? 0 : intval($_POST['shareid']);
$arr = array("id" => intval($ShareId), "uid" => intval($userid), "idtype" => 'sid', "message" => getstr($Message, 5000, 1, 1, 1), "authorid" => intval($userid), "author" => getstr($username, 15, 1, 1, 1), "ip" => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'magicflicker' => 0);
$shareid = inserttable('comment', $arr, 1);
if ($shareid) {
$arrs = array('flag' => 'success');
} else {
$arrs = array('flag' => 'fail');
}
$result = json_encode($arrs);
$result = preg_replace("#\\\\u([0-9a-f]{4})#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result);
echo $result;
exit;
$TmpString = $value[0];
$TmpName = $value[1];
$UserId = $value[2];
$result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}");
$rs = $_SGLOBAL['db']->fetch_array($result);
$realname = $rs['name'];
//调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
}
//替换表情
$Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message);
$Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message);
$arr = array('upid' => intval($Id), "username" => getstr($username, 15, 1, 1, 1), "message" => getstr($Message, 280, 1, 1, 1), "doid" => intval($Doid), "uid" => intval($userid), "grade" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip());
$replyid = inserttable('docomment', $arr, 1);
//更新回复数
$_SGLOBAL['db']->query("UPDATE " . tname('doing') . " SET replynum=replynum+1 WHERE doid='{$Doid}'");
//统计
updatestat('docomment');
if ($replyid) {
$arrs = array('flag' => 'success');
} else {
$arrs = array('flag' => 'fail');
}
}
}
$result = json_encode($arrs);
$result = preg_replace("#\\\\u([0-9a-f]+)#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result);
echo $result;
$realname = $rs['name'];
if (empty($realname)) {
$realname = $rs['username'];
}
//调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
if ($ValidValue != false) {
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
$UserIds[] = $UserId;
}
}
}
//Add by Add by am 2013-12-07 end
$arr = array('tid' => intval($Commentid), "tagid" => intval($TagId), "uid" => intval($userid), "username" => getstr($username, 15, 1, 1, 1), "message" => getstr($Message, 5000, 1, 1, 1), "ip" => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], "isthread" => 0);
$pid = inserttable('post', $arr, 1);
//更新统计数据
$_SGLOBAL['db']->query("UPDATE " . tname('thread') . "\r\n\tSET replynum=replynum+1, lastpost='{$_SGLOBAL['timestamp']}', lastauthor='{$username}', lastauthorid='{$userid}'\r\n\tWHERE tid='{$Commentid}'");
//通知
$note = cplang('note_thread_reply') . " <a href=\"space.php?uid={$userid}&do=thread&id={$Commentid}&pid={$pid}\" target=\"_blank\">{$thread['subject']}</a>";
notification_add($userid, 'post', $note);
//统计
updatestat('post');
if ($pid) {
$arrs = array('flag' => 'success');
} else {
$arrs = array('flag' => 'fail');
}
}
}
function blog_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC, $space;
//�����߽�ɫ�л�
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//����
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//��˽
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//�ض�����
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//���Լ��ɼ�
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//����
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//����
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//�������
//����
if ($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
//���˷���
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//������
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if (empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid');
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
//�Ƿ����Լ���
$classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname');
if (empty($classname)) {
$classid = 0;
}
}
//����
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
//����ͼƬ
$titlepic = '';
//��ȡ�ϴ���ͼƬ
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
}
//��������
if ($uploads) {
preg_match_all("/\\<img\\s.*?\\_uchome\\_localimg\\_([0-9]+).+?src\\=\"(.+?)\"/i", $message, $mathes);
if (!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if (!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_{$value}";
$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
unset($uploads[$value]);
}
}
if ($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//�������
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>";
}
}
//û����д�κζ���
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
//���slashes
$message = addslashes($message);
//�������ж�ȡͼƬ
if (empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
//�ȶ�
if (checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
//����
if ($_POST['attachid'] && $_POST['attachpath'] && $_POST['attachname'] && $_POST['attachsize']) {
$blogarr['attachid'] = $_POST['attachid'];
$blogarr['attachpath'] = $_POST['attachpath'];
$blogarr['attachname'] = $_POST['attachname'];
$blogarr['attachsize'] = $_POST['attachsize'];
}
if ($olds['blogid']) {
//����
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid' => $blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
//��������
$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//����
$fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']);
//TAG
$oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if ($POST['tag'] != $oldtagstr) {
if (!empty($olds['tag'])) {
//�Ȱ���ǰ�ĸ������
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if ($oldtags) {
$_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET blognum=blognum-1 WHERE tagid IN (" . simplode($oldtags) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//���¸����е�tag
$fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr));
}
if ($olds) {
//����
updatetable('blogfield', $fieldarr, array('blogid' => $blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//�ռ����
if ($isself) {
if ($olds) {
//�ռ����
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'");
} else {
if (empty($space['blognum'])) {
$space['blognum'] = getcount('blog', array('uid' => $space['uid']));
$blognumsql = "blognum=" . $space['blognum'];
} else {
$blognumsql = 'blognum=blognum+1';
}
//���
$reward = getreward('publishblog', 0);
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$blognumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
//ͳ��
updatestat('blog');
}
}
//����feed
if ($POST['makefeed']) {
include_once S_ROOT . './source/function_feed.php';
feed_publish($blogid, 'blogid', $olds ? 0 : 1);
}
//����
if (empty($olds) && $blogarr['topicid']) {
topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}
//��ɫ�л�
if (!empty($__SGLOBAL)) {
$_SGLOBAL = $__SGLOBAL;
}
return $blogarr;
}
