function wz_record($get)
{
global $_SGLOBAL, $_SC;
reset($get);
foreach ($get as $k => $v) {
if ($k == 'wxid') {
$wxid = getstr($get[$k]);
}
if ($k == 'token') {
$token = getstr($get[$k]);
}
if ($k == 'mid') {
$mid = intval($get[$k]) ? intval($get[$k]) : 0;
}
if ($k == 'wxid' || $k == 'token' || $k == 'mid') {
unset($get[$k]);
continue;
} else {
$get[$k] = getstr($get[$k]);
}
$get[$k] = getstr($get[$k]);
}
$query = json_encode($get);
$arr = array('token_id' => $_SGLOBAL['supe_token_id'], 'query' => $query, 'ip' => getonlineip(), 'user_agent' => $_SERVER["HTTP_USER_AGENT"], 'wxid' => $wxid, 'token' => $token, 'mid' => $mid, 'addtime' => $_SGLOBAL['timestamp']);
$record_id = inserttable(tname('wz_record'), $arr, 1);
return $record_id;
}
function getjokes($num)
{
for ($i = 2; $i <= $num; $i++) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://www.haha365.com/er_joke/index_' . $i . '.htm');
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 4);
$data = curl_exec($curl);
curl_close($curl);
if ($data == null) {
continue;
}
while (strstr($data, '<div id="endtext">')) {
$index = strpos($data, '<div id="endtext">');
$index2 = strpos($data, '</div>', $index);
$len = strlen('<div id="endtext">');
$joke = substr($data, $index + $len, $index2 - $index - $len);
$joke = str_replace('“', '"', $joke);
$joke = str_replace('”', '"', $joke);
$joke = str_replace('¡¡', '', $joke);
$joke = str_replace('…', '...', $joke);
$joke = str_replace('<br />', '', $joke);
$joke = str_replace("<p>", '"', $joke);
$joke = str_replace("</p>", '"', $joke);
$joke = trim($joke);
$data = substr($data, $index2);
$joke = iconv("gb2312", "utf-8", $joke);
echo $joke . "\n\n";
inserttable($joke, "å„¿ç");
}
}
}
function active_rightbottom_sitemail()
{
if ($_POST) {
$sid = MooGetGPC('msg_sid', 'integer', 'P');
if (empty($_POST['msg_sid']) && !empty($_POST['msg_username'])) {
$username = MooGetGPC('msg_username', 'string', 'P');
$sql = "SELECT uid FROM {$GLOBALS['dbTablePre']}admin_user WHERE username='******'";
$admin_user = $GLOBALS['_MooClass']['MooMySQL']->getOne($sql);
if (empty($admin_user)) {
salert('此用户不存在');
exit;
}
$sid = $admin_user['uid'];
}
$data['sid'] = $sid;
$data['title'] = "{$GLOBALS['adminid']}号客服:" . MooGetGPC('msg_title', 'string', 'P');
$data['content'] = MooGetGPC('msg_content', 'string', 'P');
$data['awoketime'] = time() + 120;
$data['dateline'] = time();
$data['send_id'] = $GLOBALS['adminid'];
inserttable('admin_remark', $data);
salert('发送成功');
exit;
}
$group_list = get_group_type();
require adminTemplate('other_rightbottom_sitemail');
}
function auth_add($ownertype, $ownerid, $domain, $did, $auth, $level, $iscancel)
{
$arr = array('ownertype' => base_protect($ownertype), 'ownerid' => (int) $ownerid, 'domain' => base_protect($domain), 'did' => (int) $did, 'auth' => base_protect($auth), 'level' => (int) $level, 'iscancel' => (int) $iscancel);
$arr['grantat'] = date('Y-m-d H:i:s');
$arr['grantby'] = $_SESSION['twt_uid'];
$flag = inserttable('authmap', $arr);
return $flag;
}
function active_activity_add()
{
$data = array();
if (!empty($_POST)) {
$data['title'] = trim(MooGetGPC('title', 'string', 'P'));
if (empty($data['title'])) {
MooMessageAdmin('请活动主题', 'index.php?action=active_activity&h=add');
exit;
}
$data['type'] = MooGetGPC('type', 'integer', 'P');
$data['price'] = MooGetGPC('price', 'integer', 'P');
$data['price_online'] = MooGetGPC('price_online', 'integer', 'P');
$data['starttime'] = MooGetGPC('starttime', 'string', 'P');
if (empty($data['starttime'])) {
MooMessageAdmin('请填写活动的报名开始时间', 'index.php?action=active_activity&h=add');
exit;
}
$data['starttime'] = strtotime($data['starttime'] . ' 0:0:0');
$data['endtime'] = MooGetGPC('endtime', 'string', 'P');
if (empty($data['endtime'])) {
MooMessageAdmin('请填写活动的报名结束时间', 'index.php?action=active_activity&h=add');
exit;
}
$data['endtime'] = strtotime($data['endtime'] . ' 23:59:59');
$data['opentime'] = MooGetGPC('opentime', 'array', 'P');
if (empty($data['opentime']['day'])) {
$data['opentime'] = 0;
} else {
$data['opentime'] = strtotime($data['opentime']['day'] . ' ' . $data['opentime']['hour'] . ':' . $data['opentime']['mintue'] . ':0');
}
$data['closetime'] = MooGetGPC('closetime', 'array', 'P');
if (empty($data['closetime']['day'])) {
$data['closetime'] = 0;
} else {
$data['closetime'] = strtotime($data['closetime']['day'] . ' ' . $data['closetime']['hour'] . ':' . $data['closetime']['mintue'] . ':0');
}
$data['issex'] = MooGetGPC('issex', 'string', 'P');
$data['issex'] = $data['issex'] < 1 ? 100 : ($data['issex'] > 100 ? 100 : $data['issex']);
$data['province'] = MooGetGPC('province', 'integer', 'P');
$data['city'] = MooGetGPC('city', 'integer', 'P');
$data['activity_img'] = 'module/activity/templates/default/images/activity_new/' . MooGetGPC('img', 'string', 'P');
$data['href'] = 'index.php?n=activity&h=' . MooGetGPC('href', 'string', 'P');
$data['place'] = htmlspecialchars(trim(MooGetGPC('place', 'string', 'P')));
$data['profile'] = htmlspecialchars(trim(MooGetGPC('profile', 'string', 'P')));
$data['introduction'] = htmlspecialchars(trim(MooGetGPC('introduction', 'string', 'P')));
$data['regtime'] = time();
$data['adminid'] = $GLOBALS['adminid'];
$id = inserttable('activity', $data, true);
if (empty($id)) {
MooMessageAdmin('活动添加失败,请联系技术支持,或者重新填写表单项', 'index.php?action=active_activity&h=add');
exit;
} else {
MooMessageAdmin('活动添加成功', 'index.php?action=active_activity&h=add');
exit;
}
}
require adminTemplate('active_activity_detail');
}
function post($uId, $message, $clientIdentify, $ip = '')
{
$fields = array('uid' => $uId, 'message' => $message, 'from' => $clientIdentify, 'dateline' => time());
if ($ip) {
$fields['ip'] = $ip;
}
$result = inserttable('doing', $fields, 1);
return new APIResponse($result);
}
function addComment($type, $id)
{
global $_MooClass, $dbTablePre, $user_arr;
$content = Text2Html(MooGetGPC('content', 'string', 'P'));
$temp = mb_convert_encoding($content, 'gbk', 'utf-8');
if ($content == '' || isset($temp[220])) {
return false;
}
$arr_in = array('type' => $type, 'id' => $id, 'uid' => $user_arr['uid'], 'username' => $user_arr['nickname'], 'dateline' => time(), 'ischeck' => 0, 'comment' => $content);
return inserttable('comment', $arr_in, 1);
}
/**
* 添加信息
*
* @param unknown_type $garray
* @return unknown
*/
function add($dataarray)
{
if (is_array($dataarray)) {
$oid = inserttable($this->table, $dataarray, 1);
if (is_numeric($oid)) {
return $oid;
} else {
return lang('insert_data_error');
}
}
return lang('datatype_error');
}
function cron_config()
{
global $_SGLOBAL;
//下次执行cron时间
$query = $_SGLOBAL['db']->query("SELECT nextrun FROM " . tname('cron') . " WHERE available>'0' ORDER BY nextrun LIMIT 1");
$nextrun = $_SGLOBAL['db']->result($query, 0);
if (empty($nextrun)) {
$nextrun = 0;
}
//更新config
inserttable('config', array('var' => 'cronnextrun', 'datavalue' => $nextrun), 0, true);
include_once S_ROOT . './source/function_cache.php';
config_cache(false);
}
function email_reg($email, $backurl = '')
{
global $_SGLOBAL, $_SC;
$email_reg['email'] = $email;
$email_reg['ip'] = getonlineip(1);
$email_reg['salt'] = random(6);
$email_reg['hash'] = substr(md5(md5($email) . $email_reg['salt']), 8, 7);
$email_reg['addtime'] = $_SGLOBAL['timestamp'];
$email_reg['used'] = 0;
$email_reg['backurl'] = $backurl;
$id = inserttable(tname("open_email_reg"), $email_reg, 1, 1);
$h = $email_reg['hash'];
return $_SC['site_host'] . "/?r=" . $h;
}
function add($uId, $appId, $appName, $privacy, $allowSideNav, $allowFeed, $allowProfileLink, $defaultBoxType, $defaultMYML, $defaultProfileLink, $version, $displayMethod, $displayOrder = null) {
$sql = sprintf('SELECT appid FROM %s WHERE uid = %d AND appid = %d', $GLOBALS['tablepre'].'userapp', $uId, $appId);
$query = $GLOBALS['db']->query($sql);
$row = $GLOBALS['db']->fetch_array($query);
if($row['appid']) {
$errCode = '170';
$errMessage = 'Application has been already added';
return new APIErrorResponse($errCode, $errMessage);
}
switch($privacy) {
case 'public':
$privacy = 0;
break;
case 'friends':
$privacy = 1;
break;
case 'me':
$privacy = 3;
break;
case 'none':
$privacy = 5;
break;
default:
$privacy = 0;
}
$narrow = ($defaultBoxType == 'narrow') ? 1 : 0;
$fields = array(
'appid' => $appId,
'appname' => $appName,
'uid' => $uId,
'privacy' => $privacy,
'allowsidenav' => $allowSideNav,
'allowfeed' => $allowFeed,
'allowprofilelink' => $allowProfileLink,
'narrow' => $narrow,
'profilelink' => $defaultProfileLink,
'myml' => $defaultMYML
);
if($displayOrder !== null) {
$fields['displayOrder'] = $displayOrder;
}
$result = inserttable('userapp', $fields, 1);
$displayMethod = ($displayMethod == 'iframe') ? 1 : 0;
$this->refreshApplication($appId, $appName, $version, $displayMethod, $narrow, null, null);
return new APIResponse($result);
}
function insertsession($setarr)
{
global $_SGLOBAL, $_SCONFIG;
$_SCONFIG['onlinehold'] = intval($_SCONFIG['onlinehold']);
if ($_SCONFIG['onlinehold'] < 300) {
$_SCONFIG['onlinehold'] = 300;
}
$_SGLOBAL['db']->query("DELETE FROM " . tname('session') . " WHERE uid='{$setarr['uid']}' OR lastactivity<'" . ($_SGLOBAL['timestamp'] - $_SCONFIG['onlinehold']) . "'");
//添加在线
$ip = getonlineip(1);
$setarr['lastactivity'] = $_SGLOBAL['timestamp'];
$setarr['ip'] = $ip;
inserttable('session', $setarr, 0, true, 1);
//更新用户
updatetable('space', array('lastlogin' => $_SGLOBAL['timestamp'], 'ip' => $ip), array('uid' => $setarr['uid']), 1);
}
function send($uId, $recipientIds, $appId, $requestName, $myml, $type)
{
global $_SGLOBAL;
include_once S_ROOT . './source/function_cp.php';
$now = time();
$result = array();
$type = $type == 'request' ? 1 : 0;
$fields = array('typename' => $requestName, 'appid' => $appId, 'type' => $type, 'fromuid' => $uId, 'dateline' => $now);
foreach ($recipientIds as $key => $val) {
$hash = crc32($appId . $val . $now . rand(0, 1000));
$hash = sprintf('%u', $hash);
$fields['touid'] = intval($val);
$fields['hash'] = $hash;
$fields['myml'] = str_replace('{{MyReqHash}}', $hash, $myml);
$result[] = inserttable('myinvite', $fields, 1);
}
return new APIResponse($result);
}
function system_adminteam_addteam()
{
if ($_POST) {
$manage_list = MooGetGPC('grouparr', 'string', 'P');
if ($manage_list) {
$manage_list = array_unique($manage_list);
$arr['manage_list'] = implode(',', $manage_list);
}
$arr['manage_name'] = MooGetGPC('manage_name', 'string', 'P');
$arr['manage_desc'] = MooGetGPC('manage_desc', 'string', 'P');
$arr['leader_uid'] = MooGetGPC('team_leader', 'string', 'P');
$arr['type'] = 2;
inserttable('admin_manage', $arr);
salert('添加成功');
exit;
}
require_once adminTemplate('adminteam_addteam');
}
function system_adminmanage_addgroup()
{
if ($_POST) {
$manage_list = MooGetGPC('userlist', 'string', 'P');
if ($manage_list) {
$manage_list = array_unique($manage_list);
$arr['manage_list'] = implode(',', $manage_list);
}
$arr['manage_name'] = MooGetGPC('manage_name', 'string', 'P');
$arr['manage_desc'] = MooGetGPC('manage_desc', 'string', 'P');
$arr['manage_type'] = MooGetGPC('manage_type', 'integer', 'P');
$arr['type'] = 1;
$arr['dateline'] = time();
inserttable('admin_manage', $arr);
salert('添加成功');
exit;
}
require_once adminTemplate('adminmanage_addgroup');
}
public function add($uId, $appId, $appName, $privacy, $allowSideNav, $allowFeed, $allowProfileLink, $defaultBoxType, $defaultMYML, $defaultProfileLink, $version, $displayMethod, $displayOrder = null)
{
$db_prefix = getDbPrefix();
$is_installed = doQuery("SELECT `appid` FROM {$db_prefix}myop_userapp WHERE `uid` = {$uId} AND `appid` = {$appId}");
if ($is_installed) {
$errCode = '170';
$errMessage = 'Application has been already added';
return new APIErrorResponse($errCode, $errMessage);
}
switch ($privacy) {
case 'public':
$privacy = 0;
break;
case 'friends':
$privacy = 1;
break;
case 'me':
$privacy = 3;
break;
case 'none':
$privacy = 5;
break;
default:
$privacy = 0;
}
$narrow = $defaultBoxType == 'narrow' ? 1 : 0;
$setarr = array('uid' => $uId, 'appid' => $appId, 'appname' => $appName, 'privacy' => $privacy, 'allowsidenav' => $allowSideNav, 'allowfeed' => $allowFeed, 'allowprofilelink' => $allowProfileLink, 'narrow' => $narrow);
if ($displayOrder !== null) {
$setarr['displayorder'] = $displayOrder;
}
inserttable('myop_userapp', $setarr);
$fields = array('uid' => $uId, 'appid' => $appId, 'profilelink' => $defaultProfileLink, 'myml' => $defaultMYML);
$result = inserttable('myop_userappfield', $fields, 1);
/* TODO: 更新用户、增加积分
//获取指定动作能获得多少积分
$reward = getreward('installapp', 0, $uId, $appId, 0);
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET updatetime='$_SGLOBAL[timestamp]', credit=credit+$reward[credit], experience=experience+$reward[experience] WHERE uid='$uId'");
*/
$displayMethod = $displayMethod == 'iframe' ? 1 : 0;
$this->refreshApplication($appId, $appName, $version, $displayMethod, $narrow, null, null);
return new APIResponse($result);
}
function add($uId, $appId, $appName, $privacy, $allowSideNav, $allowFeed, $allowProfileLink, $defaultBoxType, $defaultMYML, $defaultProfileLink, $version, $displayMethod, $displayOrder = null)
{
global $_SGLOBAL;
$sql = sprintf('SELECT appid FROM %s WHERE uid = %d AND appid = %d', tname('userapp'), $uId, $appId);
$query = $_SGLOBAL['db']->query($sql);
$row = $_SGLOBAL['db']->fetch_array($query);
if ($row['appid']) {
$errCode = '170';
$errMessage = 'Application has been already added';
return new APIErrorResponse($errCode, $errMessage);
}
switch ($privacy) {
case 'public':
$privacy = 0;
break;
case 'friends':
$privacy = 1;
break;
case 'me':
$privacy = 3;
break;
case 'none':
$privacy = 5;
break;
default:
$privacy = 0;
}
$narrow = $defaultBoxType == 'narrow' ? 1 : 0;
$setarr = array('uid' => $uId, 'appid' => $appId, 'appname' => $appName, 'privacy' => $privacy, 'allowsidenav' => $allowSideNav, 'allowfeed' => $allowFeed, 'allowprofilelink' => $allowProfileLink, 'narrow' => $narrow);
if ($displayOrder !== null) {
$setarr['displayorder'] = $displayOrder;
}
inserttable('userapp', $setarr);
$fields = array('uid' => $uId, 'appid' => $appId, 'profilelink' => $defaultProfileLink, 'myml' => $defaultMYML);
$result = inserttable('userappfield', $fields, 1);
$reward = getreward('installapp', 0, $uId, $appId, 0);
// update user
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$uId}'");
$displayMethod = $displayMethod == 'iframe' ? 1 : 0;
$this->refreshApplication($appId, $appName, $version, $displayMethod, $narrow, null, null);
return new APIResponse($result);
}
function send($uId, $recipientIds, $appId, $requestName, $myml, $type)
{
$db_prefix = getDbPrefix();
$now = time();
$result = array();
$type = $type == 'request' ? '1' : '0';
$fields = array('typename' => $requestName, 'appid' => $appId, 'type' => $type, 'fromuid' => $uId, 'dateline' => $now);
foreach ($recipientIds as $key => $val) {
$myml = str_replace('space.php?', U('home/Space/index') . '&', $myml);
$myml = str_replace('userapp.php', MYOP_URL . '/userapp.php', $myml);
$hash = crc32($appId . $val . $now . rand(0, 1000));
$hash = sprintf('%u', $hash);
$fields['touid'] = intval($val);
$fields['hash'] = $hash;
$fields['myml'] = str_replace('{{MyReqHash}}', $hash, $myml);
$result[] = inserttable('myop_myinvite', $fields, 1);
//TODO: 更新统计
//doQuery("UPDATE ".tname('space')." SET myinvitenum=myinvitenum+1 WHERE `uid`='{$fields['touid']}'");
}
return new APIResponse($result);
}
/**
* 更新用户的积分
*
* @param integer $uId 用户Id
* @param integer $credits 积分值
* @param integer $appId 应用Id
* @param string $note 操作记录
* @return integer 更新后的用户积分
*/
function update($uId, $credits, $appId, $note)
{
global $_SGLOBAL;
$where = '';
$type = 1;
if ($credits < 0) {
$where = ' AND credit >= ' . abs($credits);
$type = 0;
}
$sql = sprintf('UPDATE %s SET credit = credit + %d WHERE uid=%d %s', tname('space'), $credits, $uId, $where);
$result = $_SGLOBAL['db']->query($sql);
if ($_SGLOBAL['db']->affected_rows() < 1) {
$errCode = 180;
$errMessage = 'No Credits Enough';
return new APIErrorResponse($errCode, $errMessage);
}
$fields = array('uid' => $uId, 'appid' => $appId, 'type' => $type, 'credit' => abs($credits), 'note' => $note, 'dateline' => time());
$result = inserttable('appcreditlog', $fields, 1);
$query = $_SGLOBAL['db']->query('SELECT credit FROM ' . tname('space') . ' WHERE uid =' . $uId);
$row = $_SGLOBAL['db']->fetch_array($query);
return new APIResponse($row['credit']);
}
/**
* 創建相冊
* @param
* @return 相冊id
*/
function createalbum($shopid = 0, $catid = 0, $uid = 0, $username = '', $subject = '', $description = '')
{
global $_G, $_SGLOBAL;
$arr_data = array();
//id
foreach (array('shopid', 'catid', 'uid') as $value) {
${$value} = intval(${$value});
}
//字符串
foreach (array('subject', 'description') as $value) {
${$value} = trim(strip_tags(${$value}));
}
//判斷必填,設置插入數據庫的數據
foreach (array('shopid', 'catid', 'uid', 'username', 'subject') as $value) {
if (empty(${$value})) {
cpmsg($value . '_not_selected', '', '', '', true, true);
}
$arr_data[$value] = ${$value};
}
$arr_data['description'] = $description;
if ($_SGLOBAL['panelinfo']['group']['verifyalbum'] && !pkperm('isadmin')) {
$arr_data['grade'] = 0;
} else {
$arr_data['grade'] = 3;
}
$arr_data['dateline'] = $_G['timestamp'];
$albumid = inserttable('albumitems', $arr_data, 1);
if (!$albumid) {
cpmsg('album_creat_error', '', '', '', true, true);
}
//相冊屬性
if (!empty($_POST['attr_ids'])) {
require_once B_ROOT . "./batch.attribute.php";
setattributesettings($catid, $albumid, $_POST['attr_ids']);
}
return $albumid;
}
function refreshApplication($appId, $appName, $version, $displayMethod, $narrow, $flag, $displayOrder)
{
global $_SGLOBAL;
$fields = array();
if ($appName !== null && strlen($appName) > 1) {
$fields['appname'] = $appName;
}
if ($version !== null) {
$fields['version'] = $version;
}
if ($displayMethod !== null) {
// todo: remove
$fields['displaymethod'] = $displayMethod;
}
if ($narrow !== null) {
$fields['narrow'] = $narrow;
}
if ($flag !== null) {
$fields['flag'] = $flag;
}
if ($displayOrder !== null) {
$fields['displayorder'] = $displayOrder;
}
$sql = sprintf('SELECT * FROM %s WHERE appid = %d', tname('myapp'), $appId);
$query = $_SGLOBAL['db']->query($sql);
if ($application = $_SGLOBAL['db']->fetch_array($query)) {
$where = sprintf('appid = %d', $appId);
updatetable('myapp', $fields, $where);
} else {
$fields['appid'] = $appId;
$result = inserttable('myapp', $fields, 1);
}
//update cache
include_once S_ROOT . './source/function_cache.php';
userapp_cache();
}
function send($uId, $recipientIds, $appId, $requestName, $myml, $type) {
$now = time();
$result = array();
$type = ($type == 'request') ? 1 : 0;
$fields = array(
'typename' => $requestName,
'appid' => $appId,
'type' => $type,
'fromuid' => $uId,
'dateline' => $now
);
foreach($recipientIds as $key => $val) {
$hash = crc32($appId.$val.$now.rand(0, 1000));
$hash = sprintf('%u', $hash);
$fields['touid'] = intval($val);
$fields['hash'] = $hash;
$fields['myml'] = str_replace('{{MyReqHash}}', $hash, $myml);
$result[] = inserttable('myinvite', $fields, 1);
$number = $GLOBALS['db']->result_first('SELECT count(*) FROM '.$GLOBALS['tablepre'].'myinvite WHERE touid=\''.$fields['touid'].'\'');
updateprompt('myinvite', $fields['touid'], $number);
}
return new APIResponse($result);
}
if (empty($realname)) {
$realname = $rs['username'];
}
//调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
if ($ValidValue != false) {
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
$UserIds[] = $UserId;
}
}
}
//Add by Add by am 2013-12-07 end
$arr = array('tid' => intval($Commentid), "tagid" => intval($TagId), "uid" => intval($userid), "username" => getstr($username, 15, 1, 1, 1), "message" => getstr($Message, 5000, 1, 1, 1), "ip" => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], "isthread" => 0);
$pid = inserttable('post', $arr, 1);
//更新统计数据
$_SGLOBAL['db']->query("UPDATE " . tname('thread') . "\r\n\tSET replynum=replynum+1, lastpost='{$_SGLOBAL['timestamp']}', lastauthor='{$username}', lastauthorid='{$userid}'\r\n\tWHERE tid='{$Commentid}'");
//通知
$note = cplang('note_thread_reply') . " <a href=\"space.php?uid={$userid}&do=thread&id={$Commentid}&pid={$pid}\" target=\"_blank\">{$thread['subject']}</a>";
notification_add($userid, 'post', $note);
//统计
updatestat('post');
if ($pid) {
$arrs = array('flag' => 'success');
} else {
$arrs = array('flag' => 'fail');
}
}
}
$result = json_encode($arrs);
$setarr = array('uid' => $passport['uid'], 'username' => addslashes($passport['username']));
} elseif ($uid > 0) {
$setarr = array('uid' => $uid, 'username' => $_POST['username']);
} else {
show_msg('输入的用户名无法注册,请重新确认');
}
$setarr['dateline'] = $_SGLOBAL['timestamp'];
$setarr['updatetime'] = $_SGLOBAL['timestamp'];
$setarr['lastlogin'] = $_SGLOBAL['timestamp'];
$setarr['ip'] = $_SGLOBAL['onlineip'];
$setarr['password'] = md5("{$setarr['uid']}|{$_SGLOBAL['timestamp']}");
//本地密码随机生成
$setarr['groupid'] = 1;
//管理员
//更新本地用户库
inserttable('members', $setarr, 0, true);
//反馈受保护
$result = uc_user_addprotected($_POST['username'], $_POST['username']);
//设置cookie
ssetcookie('auth', authcode("{$setarr['password']}\t{$setarr['uid']}", 'ENCODE'), 2592000);
//写log
if (@($fp = fopen($lockfile, 'w'))) {
fwrite($fp, 'SupeSite');
fclose($fp);
}
show_msg('<font color="red">恭喜! SupeSite安装全部完成!</font>
<br>为了您的数据安全,请登录ftp,删除本安装文件<br><br>
您的管理员身份已经成功确认。接下来,您可以:<br>
<br><a href="../admincp.php" target="_blank">进入站点管理平台</a>
<br>以管理员身份对站点参数进行设置
<br><a href="../index.php" target="_blank">访问站点首页</a>
$uc_avatar = capi_uc_avatar($_SGLOBAL['supe_uid'], empty($_SCONFIG['avatarreal']) ? 'virtual' : 'real');
//判断用户是否设置了头像
$setarr = array();
$avatar_exists = ckavatar($space['uid']);
if ($avatar_exists) {
if (!$space['avatar']) {
//奖励积分
$reward = getreward('setavatar', 0);
if ($reward['credit']) {
$setarr['credit'] = "credit=credit+{$reward['credit']}";
}
if ($reward['experience']) {
$setarr['experience'] = "experience=experience+{$reward['experience']}";
}
$setarr['avatar'] = 'avatar=1';
$setarr['updatetime'] = "updatetime={$_SGLOBAL['timestamp']}";
}
} else {
if ($space['avatar']) {
$setarr['avatar'] = 'avatar=0';
}
}
if ($setarr) {
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET " . implode(',', $setarr) . " WHERE uid='{$space['uid']}'");
//变更记录
if ($_SCONFIG['my_status']) {
inserttable('userlog', array('uid' => $_SGLOBAL['supe_uid'], 'action' => 'update', 'dateline' => $_SGLOBAL['timestamp']), 0, true);
}
}
//include template("cp_avatar");
capi_showmessage_by_data('do_success', 0, array('uc_avatar' => $uc_avatar));
function download_insert($insertarr)
{
$insertarr = base_protect($insertarr);
return inserttable('download', $insertarr);
}
$setsqlarr['refreshtime'] = time();
$setsqlarr['deadline'] = 0;
$validity = intval($_POST['validity']);
if ($validity > 0) {
$setsqlarr['deadline'] = strtotime("{$validity} day");
}
$setsqlarr['pwd'] = trim($_POST['pwd']) ? trim($_POST['pwd']) : adminmsg('您没有填写管理密码!', 1);
$setsqlarr['pwd_hash'] = substr(md5(uniqid() . mt_rand()), mt_rand(0, 6), 6);
$setsqlarr['pwd'] = md5(md5($setsqlarr['pwd']) . $setsqlarr['pwd_hash'] . $QS_pwdhash);
$setsqlarr['addip'] = $online_ip;
require_once QISHI_ROOT_PATH . 'include/splitword.class.php';
$sp = new SPWord();
$setsqlarr['key'] = $setsqlarr['jobname'] . $setsqlarr['comname'] . $setsqlarr['address'] . $setsqlarr['detailed'];
$setsqlarr['key'] = "{$setsqlarr['jobname']} {$setsqlarr['comname']} " . $sp->extracttag($setsqlarr['key']);
$setsqlarr['key'] = $sp->pad($setsqlarr['key']);
if (inserttable(table('simple'), $setsqlarr)) {
$link[0]['text'] = "返回列表";
$link[0]['href'] = '?act=list';
$link[1]['text'] = "继续添加";
$link[1]['href'] = "?act=simple_add";
adminmsg("添加成功!", 2, $link);
} else {
adminmsg("添加失败!", 0);
}
} elseif ($act == 'simple_edit') {
get_token();
$id = intval($_REQUEST['id']);
if (empty($id)) {
adminmsg("您没有选择项目!", 1);
}
check_permissions($_SESSION['admin_purview'], "simple_edit");
$res['recommend_or_not'] = '已推荐';
} else {
$res['recommend_or_not'] = '推荐';
}
$query_value[] = $res;
}
}
if ($_GET['op'] == 'add') {
$add_item = $_POST['uid'];
$name = $_POST['username'];
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("rec_public") . " WHERE uid=" . $add_item);
if ($_SGLOBAL['db']->fetch_array($query)) {
showmessage("该公共主页已经存在推荐列表,请不要重复添加");
} else {
$arr = array("id" => "0", "uid" => $add_item, "username" => $name, "addtime" => time());
inserttable("rec_public", $arr);
}
}
if ($_GET['op'] == 'delete') {
$uid = $_POST['uid'];
$sql = "SELECT * FROM " . tname("rec_public") . " WHERE uid=" . $uid;
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("rec_public") . " WHERE uid=" . $uid);
if ($_SGLOBAL['db']->fetch_array($query)) {
$_SGLOBAL['db']->query("DELETE FROM " . tname("rec_public") . " WHERE uid=" . $uid);
} else {
echo "<script>alert('不允许的操作');</script>";
}
}
if ($_GET['op'] == 'edit') {
$uid = $_POST['uid'];
$edit_input = $_POST['edit_input'];
function IHomeServiceVoteComplainOperation($params = NULL)
{
global $_SGLOBAL;
if ($params['uid']) {
if ($params['uid'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter uid must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select username,name from " . tname('space') . " where uid = " . $params['uid']);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
if ($row['name']) {
$params['uname'] = $row['name'];
} else {
$params['uname'] = $row['username'];
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the uid is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter uid is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if ($params['complainId']) {
if ($params['complainId'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter complainId must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select uname from " . tname('complain') . " where doid = " . $params['complainId']);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
if (isblacklist($row['uid'])) {
$errorMsg = array("errorNo" => "500", "content" => "the user of complain is in blacklist.");
return json_encode($errorMsg);
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the complain id is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter complainId is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if ($params['reply_id']) {
if ($params['reply_id'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter reply_id must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select * from " . tname('complain_op') . " where id = " . $params['reply_id']);
if (!($row = $_SGLOBAL['db']->fetch_array($query))) {
$errorMsg = array("errorNo" => "4001", "content" => "the reply_id isn't exist.");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter reply_id is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if (!$params['vote']) {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter vote is not exist.");
return json_encode($errorMsg);
} else {
if ($params['vote'] != 'up' & $params['vote'] != 'down') {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter vote is our of range.");
return json_encode($errorMsg);
}
}
# check over
$query = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where doid=" . $params['complainId']);
$complain = $_SGLOBAL['db']->fetch_array($query);
# checked
if ($params['vote'] == 'up') {
$query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']);
$updown = $_SGLOBAL['db']->fetch_array($query);
if (!empty($updown)) {
if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 2) {
$errorMsg = array("errorNo" => "403", "content" => "updown again");
return json_encode($errorMsg);
}
$_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 1");
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum-1 where id=" . $params['reply_id']);
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum-1,updownnum=updownnum-1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
} else {
$downarr = array();
$downarr['opid'] = $params['reply_id'];
$downarr['uid'] = $params['uid'];
$downarr['updown'] = 1;
$downarr['username'] = $params['uname'];
$downarr['dateline'] = $_SGLOBAL['timestamp'];
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum+1,updownnum=updownnum+1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id= " . $params['reply_id'] . ")");
inserttable("complain_op_updown", $downarr);
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum+1 where id=" . $params['reply_id']);
$q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1");
if ($r = $_SGLOBAL['db']->fetch_array($q)) {
updatetable('complain', array('status' => 2), array('id' => $r['id']));
$oparr = array();
$oparr['doid'] = $params['complainId'];
$oparr['message'] = '';
$oparr['uid'] = $params['uid'];
$oparr['username'] = $params['uname'];
$oparr['optype'] = 6;
$oparr['dateline'] = $_SGLOBAL['timestamp'];
$oparr['opvalue'] = 1;
inserttable("complain_op", $oparr);
}
}
} else {
if ($params['vote'] == 'down') {
$query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']);
$updown = $_SGLOBAL['db']->fetch_array($query);
if (!empty($updown)) {
if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 1) {
$errorMsg = array("errorNo" => "403", "content" => "updown again");
return json_encode($errorMsg);
}
$_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 2");
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum-1 where id=" . $params['reply_id']);
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum-1,updownnum=updownnum-1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
} else {
$downarr = array();
$downarr['opid'] = $params['reply_id'];
$downarr['uid'] = $params['uid'];
$downarr['updown'] = 2;
$downarr['username'] = $params['uname'];
$downarr['dateline'] = $_SGLOBAL['timestamp'];
inserttable("complain_op_updown", $downarr);
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum+1,updownnum=updownnum+1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum+1 where id=" . $params['reply_id']);
$sql = "select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1";
$q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1");
if ($r = $_SGLOBAL['db']->fetch_array($q)) {
updatetable('complain', array('status' => 0, 'lastopid' => 0, 'dateline' => $_SGLOBAL['timestamp'], 'times' => 1, 'issendmsg' => 0), array('id' => $r['id']));
$note = cplang("complain_down", array("space.php?do=complain_item&doid={$complain['doid']}"));
notification_complain_add($complain["atuid"], "complain", $note);
$oparr = array();
$oparr['doid'] = $params['complainId'];
$oparr['message'] = '';
$oparr['uid'] = $params['uid'];
$oparr['username'] = $params['uname'];
$oparr['optype'] = 5;
$oparr['dateline'] = $_SGLOBAL['timestamp'];
$oparr['opvalue'] = 1;
inserttable("complain_op", $oparr);
}
}
}
}
}
<?php
/*
addsharereply.php评论某个分享
Add by am@ihome.2012-10-17 10:34
*/
include_once '../iauth_verify_forward.php';
$userid = intval(iauth_verify());
include_once '../../../common.php';
include_once S_ROOT . './uc_client/client.php';
@(include_once S_ROOT . './data/data_profield.php');
//$userid =96;
//$username = '******';
$Message = empty($_POST['message']) ? '' : getstr($_POST['message']);
$ShareId = empty($_POST['shareid']) ? 0 : intval($_POST['shareid']);
$arr = array("id" => intval($ShareId), "uid" => intval($userid), "idtype" => 'sid', "message" => getstr($Message, 5000, 1, 1, 1), "authorid" => intval($userid), "author" => getstr($username, 15, 1, 1, 1), "ip" => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'magicflicker' => 0);
$shareid = inserttable('comment', $arr, 1);
if ($shareid) {
$arrs = array('flag' => 'success');
} else {
$arrs = array('flag' => 'fail');
}
$result = json_encode($arrs);
$result = preg_replace("#\\\\u([0-9a-f]{4})#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result);
echo $result;
exit;
