$note_message = 'share_album';
$note_values = array('url' => "home.php?mod=space&uid={$album['uid']}&do=album&id={$album['albumid']}", 'albumname' => $album['albumname'], 'from_id' => $id, 'from_idtype' => 'albumid');
break;
case 'pic':
$feed_hash_data = "picid{$id}";
$query = DB::query("SELECT album.username, album.albumid, album.albumname, album.friend, pf.*, pic.*\r\n\t\t\t\tFROM " . DB::table('home_pic') . " pic\r\n\t\t\t\tLEFT JOIN " . DB::table('home_picfield') . " pf ON pf.picid=pic.picid\r\n\t\t\t\tLEFT JOIN " . DB::table('home_album') . " album ON album.albumid=pic.albumid\r\n\t\t\t\tWHERE pic.picid='{$id}'");
if (!($pic = DB::fetch($query))) {
showmessage('image_does_not_exist');
}
if (in_array($pic['status'], array(1, 2))) {
showmessage('moderate_pic_not_share');
}
if ($pic['friend']) {
showmessage('image_can_not_share');
}
if (isblacklist($pic['uid'])) {
showmessage('is_blacklist');
}
if (empty($pic['albumid'])) {
$pic['albumid'] = 0;
}
if (empty($pic['albumname'])) {
$pic['albumname'] = lang('spacecp', 'default_albumname');
}
$arr['itemid'] = $id;
$arr['fromuid'] = $pic['uid'];
$arr['title_template'] = lang('spacecp', 'share_image');
$arr['body_template'] = lang('spacecp', 'album') . ': <b>{albumname}</b><br>{username}<br>{title}';
$arr['body_data'] = array('albumname' => "<a href=\"home.php?mod=space&uid={$pic['uid']}&do=album&id={$pic['albumid']}\">{$pic['albumname']}</a>", 'username' => "<a href=\"home.php?mod=space&uid={$pic['uid']}\">" . $pic['username'] . "</a>", 'title' => getstr($pic['title'], 100, 0, 1, 0, -1));
$arr['image'] = pic_get($pic['filepath'], 'album', $pic['thumb'], $pic['remote']);
$arr['image_link'] = "home.php?mod=space&uid={$pic['uid']}&do=album&picid={$pic['picid']}";
break;
}
$query = $_SGLOBAL['db']->query($sql);
if (!($item = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('click_item_error');
}
$hash = md5($item['uid'] . "\t" . $item['dateline']);
if ($_GET['op'] == 'add') {
if (!checkperm('allowclick') || $_GET['hash'] != $hash) {
showmessage('no_privilege');
}
if ($item['uid'] == $_SGLOBAL['supe_uid']) {
showmessage('click_no_self');
}
//Blacklist
if (isblacklist($item['uid'])) {
showmessage('is_blacklist');
}
//Check for click
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('clickuser') . " WHERE uid='{$space['uid']}' AND id='{$id}' AND idtype='{$idtype}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
showmessage('click_have');
}
//Involved in
$setarr = array('uid' => $space['uid'], 'username' => $_SGLOBAL['supe_username'], 'id' => $id, 'idtype' => $idtype, 'clickid' => $clickid, 'dateline' => $_SGLOBAL['timestamp']);
inserttable('clickuser', $setarr);
//Increase click number
$_SGLOBAL['db']->query("UPDATE {$tablename} SET click_{$clickid}=click_{$clickid}+1 WHERE {$idtype}='{$id}'");
//Update Hot
hot_update($idtype, $id, $item['hotuser']);
//Real name
include_once S_ROOT . './data/data_eventclass.php';
$arr['image'] = $_SGLOBAL['eventclass'][$event['classid']]['poster'];
}
$arr['image_link'] = "space.php?do=event&id={$event['eventid']}";
$hotarr = array('eventid', $event['eventid'], $event['hotuser']);
break;
case 'poll':
$query = $_SGLOBAL['db']->query("SELECT p.*,pf.* FROM " . tname('poll') . " p\r\n\t\t\t\tLEFT JOIN " . tname('pollfield') . " pf ON pf.pid=p.pid\r\n\t\t\t\tWHERE p.pid='{$id}'");
if (!($poll = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('poll_does_not_exist');
}
if ($poll['uid'] == $space['uid']) {
showmessage('share_not_self');
}
//Blacklist
if (isblacklist($poll['uid'])) {
showmessage('is_blacklist');
}
// real name
realname_set($poll['uid'], $poll['username']);
realname_get();
$arr['title_template'] = cplang('share_poll', array($poll['percredit'] ? cplang('reward') : ''));
$arr['body_template'] = '<b>{subject}</b><br>{user}<br>{option}';
$optionstr = '';
$poll['option'] = unserialize($poll['option']);
foreach ($poll['option'] as $key => $val) {
$optionstr .= '<input type="' . ($poll['multiple'] ? 'checkbox' : 'radio') . '" disabled name="poll_' . $key . '"/>' . $val . '<br/>';
}
$arr['body_data'] = array('user' => "<a href=\"space.php?uid={$poll['uid']}\">" . $_SN[$poll['uid']] . "</a>", 'subject' => "<a href=\"space.php?uid={$poll['uid']}&do=poll&pid={$poll['pid']}\">{$poll['subject']}</a>", 'option' => $optionstr);
// notice
$note_uid = $poll['uid'];
$multi = multi($count, $perpage, $page, $theurl);
} elseif ($op == 'acceptinvite') {
//Accept the invitation
if (!$eventid) {
showmessage("event_does_not_exist");
// Event does not exist or has been deleted
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("eventinvite") . " WHERE eventid='{$eventid}' AND touid='{$_SGLOBAL['supe_uid']}' LIMIT 1");
$eventinvite = $_SGLOBAL['db']->fetch_array($query);
if (!$eventinvite) {
showmessage('eventinvite_does_not_exist');
//You do not have the event invitation
}
$_SGLOBAL['db']->query("DELETE FROM " . tname("eventinvite") . " WHERE eventid='{$eventid}' AND touid='{$_SGLOBAL['supe_uid']}'");
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET eventinvitenum=eventinvitenum-1 WHERE uid = '{$_SGLOBAL['supe_uid']}' AND eventinvitenum>0");
if (isblacklist($event['uid'])) {
showmessage('is_blacklist');
//Blacklist
}
if ($_SGLOBAL['timestamp'] > $event['endtime']) {
showmessage('event_is_over');
// Event is over
}
if ($_SGLOBAL['timestamp'] > $event['deadline']) {
showmessage("event_meet_deadline");
// Activities have been Deadline
}
if ($event['limitnum'] > 0 && $event['membernum'] >= $event['limitnum']) {
showmessage('event_already_full');
//Event Number of members is full
}
function IHomeServiceVoteComplainOperation($params = NULL)
{
global $_SGLOBAL;
if ($params['uid']) {
if ($params['uid'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter uid must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select username,name from " . tname('space') . " where uid = " . $params['uid']);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
if ($row['name']) {
$params['uname'] = $row['name'];
} else {
$params['uname'] = $row['username'];
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the uid is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter uid is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if ($params['complainId']) {
if ($params['complainId'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter complainId must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select uname from " . tname('complain') . " where doid = " . $params['complainId']);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
if (isblacklist($row['uid'])) {
$errorMsg = array("errorNo" => "500", "content" => "the user of complain is in blacklist.");
return json_encode($errorMsg);
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the complain id is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter complainId is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if ($params['reply_id']) {
if ($params['reply_id'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter reply_id must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select * from " . tname('complain_op') . " where id = " . $params['reply_id']);
if (!($row = $_SGLOBAL['db']->fetch_array($query))) {
$errorMsg = array("errorNo" => "4001", "content" => "the reply_id isn't exist.");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter reply_id is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if (!$params['vote']) {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter vote is not exist.");
return json_encode($errorMsg);
} else {
if ($params['vote'] != 'up' & $params['vote'] != 'down') {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter vote is our of range.");
return json_encode($errorMsg);
}
}
# check over
$query = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where doid=" . $params['complainId']);
$complain = $_SGLOBAL['db']->fetch_array($query);
# checked
if ($params['vote'] == 'up') {
$query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']);
$updown = $_SGLOBAL['db']->fetch_array($query);
if (!empty($updown)) {
if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 2) {
$errorMsg = array("errorNo" => "403", "content" => "updown again");
return json_encode($errorMsg);
}
$_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 1");
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum-1 where id=" . $params['reply_id']);
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum-1,updownnum=updownnum-1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
} else {
$downarr = array();
$downarr['opid'] = $params['reply_id'];
$downarr['uid'] = $params['uid'];
$downarr['updown'] = 1;
$downarr['username'] = $params['uname'];
$downarr['dateline'] = $_SGLOBAL['timestamp'];
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum+1,updownnum=updownnum+1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id= " . $params['reply_id'] . ")");
inserttable("complain_op_updown", $downarr);
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum+1 where id=" . $params['reply_id']);
$q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1");
if ($r = $_SGLOBAL['db']->fetch_array($q)) {
updatetable('complain', array('status' => 2), array('id' => $r['id']));
$oparr = array();
$oparr['doid'] = $params['complainId'];
$oparr['message'] = '';
$oparr['uid'] = $params['uid'];
$oparr['username'] = $params['uname'];
$oparr['optype'] = 6;
$oparr['dateline'] = $_SGLOBAL['timestamp'];
$oparr['opvalue'] = 1;
inserttable("complain_op", $oparr);
}
}
} else {
if ($params['vote'] == 'down') {
$query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']);
$updown = $_SGLOBAL['db']->fetch_array($query);
if (!empty($updown)) {
if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 1) {
$errorMsg = array("errorNo" => "403", "content" => "updown again");
return json_encode($errorMsg);
}
$_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 2");
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum-1 where id=" . $params['reply_id']);
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum-1,updownnum=updownnum-1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
} else {
$downarr = array();
$downarr['opid'] = $params['reply_id'];
$downarr['uid'] = $params['uid'];
$downarr['updown'] = 2;
$downarr['username'] = $params['uname'];
$downarr['dateline'] = $_SGLOBAL['timestamp'];
inserttable("complain_op_updown", $downarr);
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum+1,updownnum=updownnum+1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum+1 where id=" . $params['reply_id']);
$sql = "select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1";
$q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1");
if ($r = $_SGLOBAL['db']->fetch_array($q)) {
updatetable('complain', array('status' => 0, 'lastopid' => 0, 'dateline' => $_SGLOBAL['timestamp'], 'times' => 1, 'issendmsg' => 0), array('id' => $r['id']));
$note = cplang("complain_down", array("space.php?do=complain_item&doid={$complain['doid']}"));
notification_complain_add($complain["atuid"], "complain", $note);
$oparr = array();
$oparr['doid'] = $params['complainId'];
$oparr['message'] = '';
$oparr['uid'] = $params['uid'];
$oparr['username'] = $params['uname'];
$oparr['optype'] = 5;
$oparr['dateline'] = $_SGLOBAL['timestamp'];
$oparr['opvalue'] = 1;
inserttable("complain_op", $oparr);
}
}
}
}
}
function notification_add($uid, $type, $note, $returnid = 0, $system = 0)
{
global $_SGLOBAL;
//获取对方的筛选条件
$tospace = getspace($uid);
if (isblacklist($uid)) {
return;
}
//更新我的好友关系热度
if ($_SGLOBAL['supe_uid']) {
addfriendnum($tospace['uid'], $tospace['username']);
}
$authorid = $system ? 0 : $_SGLOBAL['supe_uid'];
$setarr = array('uid' => $uid, 'type' => $type, 'new' => 1, 'authorid' => $authorid, 'author' => $_SGLOBAL['supe_username'], 'note' => addslashes(sstripslashes($note)), 'dateline' => $_SGLOBAL['timestamp']);
$filter = empty($tospace['privacy']['filter_note']) ? array() : array_keys($tospace['privacy']['filter_note']);
if (cknote_uid($setarr, $filter)) {
//更新用户通知
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid='{$uid}'");
if ($returnid) {
return inserttable('notification', $setarr, $returnid);
} else {
inserttable('notification', $setarr);
}
}
}
function add_comment($message, $id, $idtype, $cid = 0)
{
global $_G, $bbcode;
$allowcomment = false;
switch ($idtype) {
case 'uid':
$allowcomment = helper_access::check_module('wall');
break;
case 'picid':
$allowcomment = helper_access::check_module('album');
break;
case 'blogid':
$allowcomment = helper_access::check_module('blog');
break;
case 'sid':
$allowcomment = helper_access::check_module('share');
break;
}
if (!$allowcomment) {
showmessage('quickclear_noperm');
}
$summay = getstr($message, 150, 0, 0, 0, -1);
$comment = array();
if ($cid) {
$comment = C::t('home_comment')->fetch_by_id_idtype($id, $idtype, $cid);
if ($comment && $comment['authorid'] != $_G['uid']) {
$comment['message'] = preg_replace("/\\<div class=\"quote\"\\>\\<blockquote\\>.*?\\<\\/blockquote\\>\\<\\/div\\>/is", '', $comment['message']);
$comment['message'] = $bbcode->html2bbcode($comment['message']);
$message = "<div class=\"quote\"><blockquote><b>" . $comment['author'] . "</b>: " . getstr($comment['message'], 150, 0, 0, 2, 1) . '</blockquote></div>' . $message;
if ($comment['idtype'] == 'uid') {
$id = $comment['authorid'];
}
} else {
$comment = array();
}
}
$hotarr = array();
$stattype = '';
$tospace = $pic = $blog = $album = $share = $poll = array();
switch ($idtype) {
case 'uid':
$tospace = getuserbyuid($id);
$stattype = 'wall';
break;
case 'picid':
$pic = C::t('home_pic')->fetch($id);
if (empty($pic)) {
showmessage('view_images_do_not_exist');
}
$picfield = C::t('home_picfield')->fetch($id);
$pic['hotuser'] = $picfield['hotuser'];
$tospace = getuserbyuid($pic['uid']);
$album = array();
if ($pic['albumid']) {
$query = C::t('home_album')->fetch($pic['albumid']);
if (!$query['albumid']) {
C::t('home_pic')->update_for_albumid($albumid, array('albumid' => 0));
}
}
if (!ckfriend($album['uid'], $album['friend'], $album['target_ids'])) {
showmessage('no_privilege_ckfriend_pic');
} elseif (!$tospace['self'] && $album['friend'] == 4) {
$cookiename = "view_pwd_album_{$album['albumid']}";
$cookievalue = empty($_G['cookie'][$cookiename]) ? '' : $_G['cookie'][$cookiename];
if ($cookievalue != md5(md5($album['password']))) {
showmessage('no_privilege_ckpassword_pic');
}
}
$hotarr = array('picid', $pic['picid'], $pic['hotuser']);
$stattype = 'piccomment';
break;
case 'blogid':
$blog = array_merge(C::t('home_blog')->fetch($id), C::t('home_blogfield')->fetch_targetids_by_blogid($id));
if (empty($blog)) {
showmessage('view_to_info_did_not_exist');
}
$tospace = getuserbyuid($blog['uid']);
if (!ckfriend($blog['uid'], $blog['friend'], $blog['target_ids'])) {
showmessage('no_privilege_ckfriend_blog');
} elseif (!$tospace['self'] && $blog['friend'] == 4) {
$cookiename = "view_pwd_blog_{$blog['blogid']}";
$cookievalue = empty($_G['cookie'][$cookiename]) ? '' : $_G['cookie'][$cookiename];
if ($cookievalue != md5(md5($blog['password']))) {
showmessage('no_privilege_ckpassword_blog');
}
}
if (!empty($blog['noreply'])) {
showmessage('do_not_accept_comments');
}
if ($blog['target_ids']) {
$blog['target_ids'] .= ",{$blog['uid']}";
}
$hotarr = array('blogid', $blog['blogid'], $blog['hotuser']);
$stattype = 'blogcomment';
break;
case 'sid':
$share = C::t('home_share')->fetch($id);
if (empty($share)) {
showmessage('sharing_does_not_exist');
}
$tospace = getuserbyuid($share['uid']);
$hotarr = array('sid', $share['sid'], $share['hotuser']);
$stattype = 'sharecomment';
break;
default:
showmessage('non_normal_operation');
break;
}
if (empty($tospace)) {
showmessage('space_does_not_exist', '', array(), array('return' => true));
}
if (isblacklist($tospace['uid'])) {
showmessage('is_blacklist');
}
if ($hotarr && $tospace['uid'] != $_G['uid']) {
hot_update($hotarr[0], $hotarr[1], $hotarr[2]);
}
$fs = array();
$fs['icon'] = 'comment';
$fs['target_ids'] = '';
$fs['friend'] = '';
$fs['body_template'] = '';
$fs['body_data'] = array();
$fs['body_general'] = '';
$fs['images'] = array();
$fs['image_links'] = array();
switch ($idtype) {
case 'uid':
$fs['icon'] = 'wall';
$fs['title_template'] = 'feed_comment_space';
$fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">{$tospace['username']}</a>");
break;
case 'picid':
$fs['title_template'] = 'feed_comment_image';
$fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">" . $tospace['username'] . "</a>");
$fs['body_template'] = '{pic_title}';
$fs['body_data'] = array('pic_title' => $pic['title']);
$fs['body_general'] = $summay;
$fs['images'] = array(pic_get($pic['filepath'], 'album', $pic['thumb'], $pic['remote']));
$fs['image_links'] = array("home.php?mod=space&uid={$tospace['uid']}&do=album&picid={$pic['picid']}");
$fs['target_ids'] = $album['target_ids'];
$fs['friend'] = $album['friend'];
break;
case 'blogid':
C::t('home_blog')->increase($id, 0, array('replynum' => 1));
$fs['title_template'] = 'feed_comment_blog';
$fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">" . $tospace['username'] . "</a>", 'blog' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}&do=blog&id={$id}\">{$blog['subject']}</a>");
$fs['target_ids'] = $blog['target_ids'];
$fs['friend'] = $blog['friend'];
break;
case 'sid':
$fs['title_template'] = 'feed_comment_share';
$fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">" . $tospace['username'] . "</a>", 'share' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}&do=share&id={$id}\">" . str_replace(lang('spacecp', 'share_action'), '', $share['title_template']) . "</a>");
break;
}
$message = censor($message);
if (censormod($message)) {
$comment_status = 1;
} else {
$comment_status = 0;
}
$setarr = array('uid' => $tospace['uid'], 'id' => $id, 'idtype' => $idtype, 'authorid' => $_G['uid'], 'author' => $_G['username'], 'dateline' => $_G['timestamp'], 'message' => $message, 'ip' => $_G['clientip'], 'port' => $_G['remoteport'], 'status' => $comment_status);
$cid = C::t('home_comment')->insert($setarr, true);
$action = 'comment';
$becomment = 'getcomment';
$note = $q_note = '';
$note_values = $q_values = array();
switch ($idtype) {
case 'uid':
$n_url = "home.php?mod=space&uid={$tospace['uid']}&do=wall&cid={$cid}";
$note_type = 'wall';
$note = 'wall';
$note_values = array('url' => $n_url);
$q_note = 'wall_reply';
$q_values = array('url' => $n_url);
if ($comment) {
$msg = 'note_wall_reply_success';
$magvalues = array('username' => $tospace['username']);
$becomment = '';
} else {
$msg = 'do_success';
$magvalues = array();
$becomment = 'getguestbook';
}
$action = 'guestbook';
break;
case 'picid':
$n_url = "home.php?mod=space&uid={$tospace['uid']}&do=album&picid={$id}&cid={$cid}";
$note_type = 'comment';
$note = 'pic_comment';
$note_values = array('url' => $n_url);
$q_note = 'pic_comment_reply';
$q_values = array('url' => $n_url);
$msg = 'do_success';
$magvalues = array();
break;
case 'blogid':
$n_url = "home.php?mod=space&uid={$tospace['uid']}&do=blog&id={$id}&cid={$cid}";
$note_type = 'comment';
$note = 'blog_comment';
$note_values = array('url' => $n_url, 'subject' => $blog['subject']);
$q_note = 'blog_comment_reply';
$q_values = array('url' => $n_url);
$msg = 'do_success';
$magvalues = array();
break;
case 'sid':
$n_url = "home.php?mod=space&uid={$tospace['uid']}&do=share&id={$id}&cid={$cid}";
$note_type = 'comment';
$note = 'share_comment';
$note_values = array('url' => $n_url);
$q_note = 'share_comment_reply';
$q_values = array('url' => $n_url);
$msg = 'do_success';
$magvalues = array();
break;
}
if (empty($comment)) {
if ($tospace['uid'] != $_G['uid']) {
if (ckprivacy('comment', 'feed')) {
require_once libfile('function/feed');
$fs['title_data']['hash_data'] = "{$idtype}{$id}";
feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general'], $fs['images'], $fs['image_links'], $fs['target_ids'], $fs['friend']);
}
$note_values['from_id'] = $id;
$note_values['from_idtype'] = $idtype;
$note_values['url'] .= "&goto=new#comment_{$cid}_li";
notification_add($tospace['uid'], $note_type, $note, $note_values);
}
} elseif ($comment['authorid'] != $_G['uid']) {
notification_add($comment['authorid'], $note_type, $q_note, $q_values);
}
if ($comment_status == 1) {
updatemoderate($idtype . '_cid', $cid);
manage_addnotify('verifycommontes');
}
if ($stattype) {
include_once libfile('function/stat');
updatestat($stattype);
}
if ($tospace['uid'] != $_G['uid']) {
$needle = $id;
if ($idtype != 'uid') {
$needle = $idtype . $id;
} else {
$needle = $tospace['uid'];
}
updatecreditbyaction($action, 0, array(), $needle);
if ($becomment) {
if ($idtype == 'uid') {
$needle = $_G['uid'];
}
updatecreditbyaction($becomment, $tospace['uid'], array(), $needle);
}
}
C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp']), 'UNBUFFERED');
$magvalues['cid'] = $cid;
return array('cid' => $cid, 'msg' => $msg, 'magvalues' => $magvalues);
}
}
//检测用户
if ($uid == $_SGLOBAL['supe_uid']) {
showmessage('friend_self_error');
}
if ($space['friends'] && in_array($uid, $space['friends'])) {
showmessage('you_have_friends');
}
//实名认证
ckrealname('friend');
$tospace = getspace($uid);
if (empty($tospace)) {
showmessage('space_does_not_exist');
}
//黑名单
if (isblacklist($tospace['uid'])) {
showmessage('is_blacklist');
}
//用户组
$groups = getfriendgroup();
//检测现在状态
$status = getfriendstatus($_SGLOBAL['supe_uid'], $uid);
if ($status == 1) {
showmessage('you_have_friends');
} else {
//检查数目
$maxfriendnum = checkperm('maxfriendnum');
if ($maxfriendnum && $space['friendnum'] >= $maxfriendnum + $space['addfriend']) {
if ($_SGLOBAL['magic']['friendnum']) {
showmessage('enough_of_the_number_of_friends_with_magic');
} else {
include_once 'do_mobileverify.php';
//$userid = 96;
//$username = '******';
$Body = trim($_POST['message']);
//$Body ='This is a message.';
//$type = 'doing';
//$id = 484;
$type = trim($_POST['type']);
$id = intval($_POST['typeid']);
$FromDevice = trim($_POST['fromdevice']);
//am 修改 start
//检查类别
switch ($type) {
case 'space':
$tospace = getspace($id);
if ($id == $space['uid'] || empty($tospace) || isblacklist($tospace['uid'])) {
$arrs = array('flag' => 'fail');
$result = json_encode($arrs);
$result = preg_replace("#\\\\u([0-9a-f]{4})#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result);
echo $result;
exit;
}
$arr['title_template'] = cplang('share_space');
$arr['body_template'] = '<b>{username}</b><br>{reside}<br>{spacenote}';
$arr['body_data'] = array('username' => "<a href=\"space.php?uid={$id}\">" . $_SN[$tospace['uid']] . "</a>", 'reside' => $tospace['resideprovince'] . $tospace['residecity'], 'spacenote' => $tospace['spacenote']);
$arr['image'] = ckavatar($id) ? avatar($id, 'middle', true) : UC_API . '/images/noavatar_middle.gif';
$arr['image_link'] = "space.php?uid={$id}";
//通知
$note_uid = $id;
$note_message = cplang('note_share_space');
break;
private function _pmSend($res, $data)
{
global $_G;
$touid = (int) $data['toUid'];
$pmid = (int) $data['pmid'];
$_GET['topmuid'] = $touid;
$_POST['message'] = $this->_transMessage($data['msg']);
$_POST['subject'] = '';
$users = array();
$type = 0;
$waittime = interval_check('post');
if ($waittime > 0) {
// showmessage('message_can_not_send_2', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_2'));
}
if (($checkMessage = mobcent_cknewuser()) != '') {
return $this->makeErrorInfo($res, WebUtils::emptyHtml($checkMessage));
}
if (!checkperm('allowsendpm')) {
// showmessage('no_privilege_sendpm', '', array(), array('return' => true));
return $this->makeErrorInfo($res, 'no_privilege_sendpm');
}
if ($touid) {
if (isblacklist($touid)) {
// showmessage('is_blacklist', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'is_blacklist'));
}
}
// !($_G['group']['exempt'] & 1) && checklowerlimit('sendpm', 0, $coef);
$message = (!empty($_POST['messageappend']) ? $_POST['messageappend'] . "\n" : '') . trim($_POST['message']);
if (empty($message)) {
// showmessage('unable_to_send_air_news', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'unable_to_send_air_news'));
}
// $message = censor($message);
loadcache(array('smilies', 'smileytypes'));
foreach ($_G['cache']['smilies']['replacearray'] as $key => $smiley) {
$_G['cache']['smilies']['replacearray'][$key] = '[img]' . $_G['siteurl'] . 'static/image/smiley/' . $_G['cache']['smileytypes'][$_G['cache']['smilies']['typearray'][$key]]['directory'] . '/' . $smiley . '[/img]';
}
$message = preg_replace($_G['cache']['smilies']['searcharray'], $_G['cache']['smilies']['replacearray'], $message);
$subject = '';
if ($type == 1) {
$subject = dhtmlspecialchars(trim($_POST['subject']));
}
include_once libfile('function/friend');
$return = 0;
if ($touid || $pmid) {
if ($touid) {
if ($value = getuserbyuid($touid)) {
$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && friend_check($touid)) {
$return = sendpm($touid, $subject, $message, '', 0, 0, $type);
} else {
// showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_onlyfriend'));
}
} else {
// showmessage('message_bad_touid', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_bad_touid'));
}
} else {
$topmuid = intval($_GET['topmuid']);
$return = sendpm($topmuid, $subject, $message, '', $pmid, 0);
}
} elseif ($users) {
$newusers = $uidsarr = $membersarr = array();
if ($users) {
$membersarr = C::t('common_member')->fetch_all_by_username($users);
foreach ($membersarr as $aUsername => $aUser) {
$uidsarr[] = $aUser['uid'];
}
}
if (empty($membersarr)) {
showmessage('message_bad_touser', '', array(), array('return' => true));
}
if (isset($membersarr[$_G['uid']])) {
showmessage('message_can_not_send_to_self', '', array(), array('return' => true));
}
friend_check($uidsarr);
foreach ($membersarr as $key => $value) {
$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && $_G['home_friend_' . $value['uid'] . '_' . $_G['uid']]) {
$newusers[$value['uid']] = $value['username'];
unset($users[array_search($value['username'], $users)]);
}
}
if (empty($newusers)) {
showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
}
foreach ($newusers as $key => $value) {
if (isblacklist($key)) {
showmessage('is_blacklist', '', array(), array('return' => true));
}
}
$coef = count($newusers);
$return = sendpm(implode(',', $newusers), $subject, $message, '', 0, 1, $type);
} else {
// showmessage('message_can_not_send_9', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_9'));
}
if ($return > 0) {
include_once libfile('function/stat');
updatestat('sendpm', 0, $coef);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP));
!($_G['group']['exempt'] & 1) && updatecreditbyaction('sendpm', 0, array(), '', $coef);
if (!empty($newusers)) {
if ($type == 1) {
$returnurl = 'home.php?mod=space&do=pm&filter=privatepm';
} else {
$returnurl = 'home.php?mod=space&do=pm';
}
showmessage(count($users) ? 'message_send_result' : 'do_success', $returnurl, array('users' => implode(',', $users), 'succeed' => count($newusers)));
} else {
if (!defined('IN_MOBILE')) {
// showmessage('do_success', 'home.php?mod=space&do=pm&subop=view&touid='.$touid, array('pmid' => $return), $_G['inajax'] ? array('msgtype' => 3, 'showmsg' => false) : array());
} else {
// showmessage('do_success', 'home.php?mod=space&do=pm&subop=view'.(intval($_POST['touid']) ? '&touid='.intval($_POST['touid']) : ( intval($_POST['plid']) ? '&plid='.intval($_POST['plid']).'&daterange=1&type=1' : '' )));
}
$res = $this->makeErrorInfo($res, 'do_success', array('noError' => 1, 'alert' => 0));
$msgInfo = uc_pm_viewnode($_G['uid'], $type, $return);
$res['body']['plid'] = (int) $msgInfo['plid'];
$res['body']['pmid'] = (int) $msgInfo['pmid'];
$res['body']['sendTime'] = $msgInfo['dateline'] . '000';
// ios push
UserUtils::pushIOSMessage($touid, 'pm', $_G['username'] . WebUtils::t(' 对 您 说: ') . $message);
}
} else {
if (in_array($return, range(-16, -1))) {
// showmessage('message_can_not_send_'.abs($return));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_' . abs($return)));
} else {
// showmessage('message_can_not_send', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send'));
}
}
return $res;
}
private function _adminUser($act, $uid)
{
global $_G;
$errorMsg = '';
require_once libfile('function/spacecp');
require_once libfile('function/home');
require_once libfile('function/friend');
if (friend_request_check($uid) && $act == 'add') {
$act = 'add2';
}
if ($act == 'add' || $act == 'add2') {
if ($uid == $_G['uid']) {
$list = $this->makeErrorInfo($res, 'friend_self_error');
$this->_exitWithHtmlAlert($list['errcode']);
}
if (friend_check($uid)) {
$list = $this->makeErrorInfo($res, 'you_have_friends');
$this->_exitWithHtmlAlert($list['errcode']);
}
$tospace = getuserbyuid($uid);
if (empty($tospace)) {
$list = $this->makeErrorInfo($res, 'space_does_not_exist');
$this->_exitWithHtmlAlert($list['errcode']);
}
if (isblacklist($tospace['uid'])) {
$list = $this->makeErrorInfo($res, 'is_blacklist');
$this->_exitWithHtmlAlert($list['errcode']);
}
space_merge($space, 'count');
space_merge($space, 'field_home');
$maxfriendnum = checkperm('maxfriendnum');
if ($maxfriendnum && $space['friends'] >= $maxfriendnum + $space['addfriend']) {
if ($_G['magic']['friendnum']) {
$list = $this->makeErrorInfo($res, 'enough_of_the_number_of_friends_with_magic');
$this->_exitWithHtmlAlert($list['errcode']);
} else {
$list = $this->makeErrorInfo($res, 'enough_of_the_number_of_friends');
$this->_exitWithHtmlAlert($list['errcode']);
}
}
if ($act == 'add') {
if (!checkperm('allowfriend')) {
$list = $this->makeErrorInfo($res, 'no_privilege_addfriend');
$this->_exitWithHtmlAlert($list['errcode']);
}
if (C::t('home_friend_request')->count_by_uid_fuid($uid, $_G['uid'])) {
$list = $this->makeErrorInfo($res, 'waiting_for_the_other_test');
$this->_exitWithHtmlAlert($list['errcode']);
}
}
}
require_once libfile('function/friend');
require_once libfile('function/spacecp');
if (!empty($_POST)) {
switch ($act) {
case 'add':
$note = $_GET['note'];
if (!friend_request_check($uid)) {
$_POST['gid'] = $gid;
$_POST['note'] = censor(htmlspecialchars(cutstr($note, strtolower(CHARSET) == 'utf-8' ? 30 : 20, '')));
friend_add($uid, $_POST['gid'], $_POST['note']);
$note = array('uid' => $_G['uid'], 'url' => 'home.php?mod=spacecp&ac=friend&op=add&uid=' . $_G['uid'] . '&from=notice', 'from_id' => $_G['uid'], 'from_idtype' => 'friendrequest', 'note' => !empty($_POST['note']) ? lang('spacecp', 'friend_request_note', array('note' => $_POST['note'])) : '');
notification_add($uid, 'friend', 'friend_request', $note);
// ios push
UserUtils::pushIOSMessage($uid, 'friend', $_G['username'] . WebUtils::t(' 请求加您为好友') . $note['note']);
require_once libfile('function/mail');
$values = array('username' => $tospace['username'], 'url' => getsiteurl() . 'home.php?mod=spacecp&ac=friend&op=request');
sendmail_touser($uid, lang('spacecp', 'friend_subject', $values), '', 'friend_add');
$list = $this->makeErrorInfo($res, 'request_has_been_sent');
$this->_exitWithHtmlAlert($list['errcode']);
}
$this->_exitWithHtmlAlert($res['errcode']);
case 'add2':
global $_G;
require_once libfile('function/home');
$_POST['gid'] = intval($gid);
friend_add($uid, $uid);
if (ckprivacy('friend', 'feed')) {
require_once libfile('function/feed');
feed_add('friend', 'feed_friend_title', array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">{$tospace['username']}</a>"));
}
notification_add($uid, 'friend', 'friend_add');
// showmessage('friends_add', dreferer(), array('username' => $tospace['username'], 'uid'=>$uid, 'from' => $_GET['from']), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true));
$list = $this->makeErrorInfo($res, 'friends_add', array('{username}' => $tospace['username']));
$this->_exitWithHtmlAlert($list['errcode']);
break;
case 'ignore':
global $_G;
require_once libfile('function/friend');
friend_delete($uid);
$params['noError'] = 1;
$list = $this->makeErrorInfo($res, 'do_success', $params);
$this->_exitWithHtmlAlert($list['errcode']);
break;
case 'shield':
global $_G, $space;
// $type = empty($_GET['type'])?'':preg_replace("/[^0-9a-zA-Z\_\-\.]/", '', $_GET['type']);
// if(submitcheck('ignoresubmit')) {
$authorid = empty($_POST['authorid']) ? 0 : intval($_POST['authorid']);
$type = 'friend';
if ($type) {
$type_uid = $type . '|' . $authorid;
if (empty($space['privacy']['filter_note']) || !is_array($space['privacy']['filter_note'])) {
$space['privacy']['filter_note'] = array();
}
$space['privacy']['filter_note'][$type_uid] = $type_uid;
privacy_update();
}
$this->_exitWithHtmlAlert('do_success');
// showmessage('do_success', dreferer(), array(), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true));
// }
$formid = random(8);
break;
default:
$errorMsg = '错误的动作参数';
break;
}
} else {
if ($act == 'add') {
require_once libfile('function/friend');
$groups = $this->_getFriendGroupList();
$tospace = getuserbyuid($uid);
} elseif ($act == 'add2') {
require_once libfile('function/friend');
$groups = $this->_getFriendGroupList();
$tospace = $this->_getFriendUserByUid($uid);
}
}
$this->getController()->renderPartial('userAdmin', array('formUrl' => WebUtils::createUrl_oldVersion('user/useradminview', array('uid' => $uid, 'act' => $act, 'type' => $type)), 'errorMsg' => $errorMsg, 'action' => $act, '_G' => $_G, 'groups' => $groups, 'tospace' => $tospace));
}
$arr['title_template'] = cplang('share_image');
$arr['body_template'] = cplang('album') . ': <b>{albumname}</b><br>{username}<br>{title}';
$arr['body_data'] = array('albumname' => "<a href=\"space.php?uid={$pic['uid']}&do=album&id={$pic['albumid']}\">{$pic['albumname']}</a>", 'username' => "<a href=\"space.php?uid={$pic['uid']}\">" . $_SN[$pic['uid']] . "</a>", 'title' => getstr($pic['title'], 100, 0, 1, 0, 0, -1));
$arr['image'] = mkpicurl($pic);
$arr['image_link'] = "space.php?uid={$pic['uid']}&do=album&picid={$pic['picid']}";
//通知
$note_uid = $pic['uid'];
$note_message = cplang('note_share_pic', array("space.php?uid={$pic['uid']}&do=album&picid={$pic['picid']}", $pic['albumname']));
break;
case 'thread':
$query = $_SGLOBAL['db']->query("SELECT t.*, p.message FROM " . tname('thread') . " t\r\n\t\t\t\tLEFT JOIN " . tname('post') . " p ON p.tid=t.tid AND p.isthread='1'\r\n\t\t\t\tWHERE t.tid='{$id}'");
if (!($thread = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('topics_does_not_exist');
}
//黑名单
if (isblacklist($thread['uid'])) {
showmessage('is_blacklist');
}
include_once S_ROOT . './data/data_profield.php';
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('mtag') . " WHERE tagid='{$thread['tagid']}'");
$mtag = $_SGLOBAL['db']->fetch_array($query);
$mtag['title'] = $_SGLOBAL['profield'][$mtag['fieldid']]['title'];
//实名
realname_set($thread['uid'], $thread['username']);
realname_get();
$arr['title_template'] = cplang('share_thread');
$arr['body_template'] = '<b>{subject}</b><br>{username}<br>' . cplang('mtag') . ': {mtag} ({field})<br>{message}';
$arr['body_data'] = array('subject' => "<a href=\"space.php?uid={$thread['uid']}&do=thread&id={$thread['tid']}\">{$thread['subject']}</a>", 'username' => "<a href=\"space.php?uid={$thread['uid']}\">" . $_SN[$thread['uid']] . "</a>", 'mtag' => "<a href=\"space.php?do=mtag&tagid={$mtag['tagid']}\">{$mtag['tagname']}</a>", 'field' => "<a href=\"space.php?do=mtag&id={$mtag['fieldid']}\">{$mtag['title']}</a>", 'message' => getstr($thread['message'], 150, 0, 1, 0, 0, -1));
$arr['image'] = '';
$arr['image_link'] = '';
//通知
include_once S_ROOT . './source/function_delete.php';
if (deleteblogs(array($blogid))) {
showmessage('do_success', "space.php?uid={$blog['uid']}&do=blog&view=me");
} else {
showmessage('failed_to_delete_operation');
}
}
} elseif ($_GET['op'] == 'trace') {
if (!checkperm('allowtrace')) {
showmessage('no_privilege');
}
if ($blog['uid'] == $_SGLOBAL['supe_uid']) {
showmessage('trace_no_self');
}
//黑名单
if (isblacklist($blog['uid'])) {
showmessage('is_blacklist');
}
//检查是否留过脚印
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('trace') . " WHERE blogid='{$blog['blogid']}' AND uid='{$_SGLOBAL['supe_uid']}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
showmessage('trace_have');
} else {
$setarr = array('blogid' => $blog['blogid'], 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp']);
inserttable('trace', $setarr, 0, true);
//更新日志脚印数
$_SGLOBAL['db']->query("UPDATE " . tname('blog') . " SET tracenum=tracenum+1 WHERE blogid='{$blog['blogid']}'");
//发送通知
notification_add($blog['uid'], 'blogtrace', cplang('note_blog_trace', array("space.php?uid={$blog['uid']}&do=blog&id={$blog['blogid']}", $blog['subject'])));
//feed
if (ckprivacy('trace', 1)) {
private function _userFriendSetting($res, $uid, $gid, $note)
{
global $_G;
require_once libfile('function/friend');
require_once libfile('function/spacecp');
require_once libfile('function/home');
if (!checkperm('allowfriend')) {
return $this->makeErrorInfo($res, 'no_privilege_addfriend');
}
if ($uid == $_G['uid']) {
return $this->makeErrorInfo($res, 'friend_self_error');
}
if (friend_check($uid)) {
return $this->makeErrorInfo($res, 'you_have_friends');
}
$tospace = getuserbyuid($uid);
if (empty($tospace)) {
return $this->makeErrorInfo($res, 'space_does_not_exist');
}
if (isblacklist($tospace['uid'])) {
return $this->makeErrorInfo($res, 'is_blacklist');
}
// $res['body']['gidInfo'] = $this->_getFriendGroupList();
space_merge($space, 'count');
space_merge($space, 'field_home');
$maxfriendnum = checkperm('maxfriendnum');
if ($maxfriendnum && $space['friends'] >= $maxfriendnum + $space['addfriend']) {
if ($_G['magic']['friendnum']) {
return $this->makeErrorInfo($res, 'enough_of_the_number_of_friends_with_magic');
} else {
return $this->makeErrorInfo($res, 'enough_of_the_number_of_friends');
}
}
if (friend_request_check($uid)) {
// if(submitcheck('add2submit')) {
$_POST['gid'] = intval($gid);
friend_add($uid, $uid);
if (ckprivacy('friend', 'feed')) {
require_once libfile('function/feed');
feed_add('friend', 'feed_friend_title', array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">{$tospace['username']}</a>"));
}
notification_add($uid, 'friend', 'friend_add');
// showmessage('friends_add', dreferer(), array('username' => $tospace['username'], 'uid'=>$uid, 'from' => $_GET['from']), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true));
return $this->makeErrorInfo($res, 'friends_add', array('{username}' => $tospace['username']));
// }
// $op = 'add2';
// $groupselect = empty($space['privacy']['groupname']) ? array(1 => ' checked') : array();
// $navtitle = lang('core', 'title_friend_add');
// include template('home/spacecp_friend');
// exit();
} else {
if (C::t('home_friend_request')->count_by_uid_fuid($uid, $_G['uid'])) {
return $this->makeErrorInfo($res, 'waiting_for_the_other_test');
}
$_POST['gid'] = $gid;
$_POST['note'] = censor(htmlspecialchars(cutstr($note, strtolower(CHARSET) == 'utf-8' ? 30 : 20, '')));
friend_add($uid, $_POST['gid'], $_POST['note']);
$note = array('uid' => $_G['uid'], 'url' => 'home.php?mod=spacecp&ac=friend&op=add&uid=' . $_G['uid'] . '&from=notice', 'from_id' => $_G['uid'], 'from_idtype' => 'friendrequest', 'note' => !empty($_POST['note']) ? lang('spacecp', 'friend_request_note', array('note' => $_POST['note'])) : '');
notification_add($uid, 'friend', 'friend_request', $note);
require_once libfile('function/mail');
$values = array('username' => $tospace['username'], 'url' => getsiteurl() . 'home.php?mod=spacecp&ac=friend&op=request');
sendmail_touser($uid, lang('spacecp', 'friend_subject', $values), '', 'friend_add');
return $this->makeErrorInfo($res, 'request_has_been_sent');
}
return $res;
}
$arr['body_data'] = array('user' => "<a href=\"space.php?uid={$poll['uid']}\">" . $_SN[$poll['uid']] . "</a>", 'subject' => "<a href=\"space.php?uid={$poll['uid']}&do=poll&pid={$poll['pid']}\">{$poll['subject']}</a>", 'option' => $optionstr);
//通知
$note_uid = $poll['uid'];
$note_message = cplang('note_share_poll', array("space.php?uid={$poll['uid']}&do=poll&pid={$poll['pid']}", $poll['subject']));
$hotarr = array('pid', $poll['pid'], $poll['hotuser']);
break;
case 'job':
$query = $_SGLOBAL['db']->query("SELECT j.*,jc.description FROM " . tname('job') . " j left join " . tname('job_content_3') . " jc on j.id=jc.jobid where j.id={$id}");
if (!($job = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('job_does_not_exist');
}
if ($job['uid'] == $space['uid']) {
showmessage('share_not_self');
}
//黑名单
if (isblacklist($job['uid'])) {
showmessage('is_blacklist');
}
//实名
realname_set($job['uid']);
realname_get();
$arr['title_template'] = cplang('share_job');
$arr['body_template'] = '<b>{subject}</b><br>{username}<br>{message}';
$arr['body_data'] = array('userby' => $_SN[$job['uid']], 'userby_id' => $_job['uid'], 'subject' => "<a href=\"job.php?do=nei&m=view&id={$job['id']}\">{$job['title']}</a>", 'username' => "<a href=\"space.php?uid={$job['uid']}\">" . $_SN[$job['uid']] . "</a>", 'message' => getstr($job['description'], 150, 0, 1, 0, 0, -1));
//通知
$note_uid = $job['uid'];
$note_message = cplang('note_share_blog', array("job.php?do=nei&m=view&id={$job['id']}", $job['title']));
break;
default:
//获得feed
$topic = array();
showmessage('should_write_that');
}
$updo = array();
if ($id) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('docomment') . " WHERE id='{$id}'");
$updo = $_SGLOBAL['db']->fetch_array($query);
}
if (empty($updo) && $doid) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('doing') . " WHERE doid='{$doid}'");
$updo = $_SGLOBAL['db']->fetch_array($query);
}
if (empty($updo)) {
showmessage('docomment_error');
} else {
//黑名单
if (isblacklist($updo['uid'])) {
showmessage('is_blacklist');
}
}
$updo['id'] = intval($updo['id']);
$updo['grade'] = intval($updo['grade']);
$setarr = array('doid' => $updo['doid'], 'upid' => $updo['id'], 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message, 'ip' => getonlineip(), 'grade' => $updo['grade'] + 1);
//最多层级
if ($updo['grade'] >= 3) {
$setarr['upid'] = $updo['upid'];
//更母一个级别
}
$newid = inserttable('docomment', $setarr, 1);
//更新回复数
$_SGLOBAL['db']->query("UPDATE " . tname('doing') . " SET replynum=replynum+1 WHERE doid='{$updo['doid']}'");
//通知
}
}
}
$message = getstr($message, 0, 1, 1, 1, 2);
if (strlen($message) < 2) {
showmessage('content_is_not_less_than_four_characters');
}
//摘要
$summay = getstr($message, 150, 1, 1);
//引用回复
$pid = empty($_POST['pid']) ? 0 : intval($_POST['pid']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('post') . " WHERE pid='{$pid}' AND tid='{$tid}' AND isthread='0'");
$post = $_SGLOBAL['db']->fetch_array($query);
if ($post) {
//黑名单
if (isblacklist($post['uid'])) {
showmessage('is_blacklist');
}
//实名
realname_set($post['uid'], $post['username']);
realname_get();
$post['message'] = preg_replace("/\\<div class=\"quote\"\\>\\<span class=\"q\"\\>.*?\\<\\/span\\>\\<\\/div\\>/is", '', $post['message']);
//移除编辑记录
$post['message'] = preg_replace("/<ins class=\"modify\".+?<\\/ins>/is", '', $post['message']);
$post['message'] = html2bbcode($post['message']);
//显示用
$message = addslashes("<div class=\"quote\"><span class=\"q\"><b>" . $_SN[$post['uid']] . "</b>: " . getstr($post['message'], 150, 0, 0, 0, 2, 1) . '</span></div>') . $message;
}
$anonymous = empty($_POST['anonymous']) ? 0 : intval($_POST['anonymous']);
$setarr = array('tagid' => intval($thread['tagid']), 'anonymous' => $anonymous, 'tid' => $tid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'ip' => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message);
$pid = inserttable('post', $setarr, 1);
$me = '%,' . $_SGLOBAL['supe_uid'] . ',%';
$query = $_SGLOBAL['db']->query("SELECT uid, name FROM " . tname("autorecpub") . " WHERE exclude not like '" . $me . "' and recTo like '" . $me . "'");
while ($res = $_SGLOBAL['db']->fetch_array($query)) {
if (!isblacklist($res['uid']) && $res[uid] != $_SGLOBAL['supe_uid']) {
$recommendpublic[] = $res;
}
}
$query = $_SGLOBAL['db']->query("SELECT a.uid as uid, b.name as name FROM " . tname("rec_public") . " as a left join " . tname("space") . " as b on a.uid=b.uid order by id desc limit 6");
while ($res = $_SGLOBAL['db']->fetch_array($query)) {
if (in_array($res, $recommendpublic)) {
continue;
}
$q = $_SGLOBAL['db']->query("SELECT count(*) FROM " . tname("space") . " where uid=" . $res['uid'] . " and (aud like '" . $me . "' or aud like '" . $_SGLOBAL['supe_uid'] . ",%' or aud like '%," . $_SGLOBAL['supe_uid'] . "' or aud like '" . $_SGLOBAL['supe_uid'] . "')");
$count = $_SGLOBAL['db']->fetch_array($q);
if (!$count['count(*)']) {
if (!isblacklist($res['uid']) && $res[uid] != $_SGLOBAL['supe_uid']) {
$recommendpublic[] = $res;
}
}
}
$reccount = count($recommendpublic);
$allflag = 0;
if ($reccount <= 2) {
$allflag = 1;
}
//ᅧᅦ워ᅳᅬ
$ols = array();
if ($oluids) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('session') . " WHERE uid IN (" . simplode($oluids) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (!$value['magichidden']) {
showmessage('do_success', $_POST['refer'], 0);
} else {
showmessage('this_message_could_not_be_deleted');
}
}
} elseif ($_GET['op'] == 'send') {
//判断是否发布太快
$waittime = interval_check('post');
if ($waittime > 0) {
showmessage('operating_too_fast', '', 1, array($waittime));
}
//新用户见习
cknewuser();
//黑名单
if ($touid) {
if (isblacklist($touid)) {
showmessage('is_blacklist');
}
}
if (submitcheck('pmsubmit')) {
//发送消息
$username = empty($_POST['username']) ? '' : $_POST['username'];
$message = trim($_POST['message']);
if (empty($message)) {
showmessage('unable_to_send_air_news');
}
$subject = '';
$return = 0;
if ($touid) {
//直接给一个用户发PM
$return = uc_pm_send($_SGLOBAL['supe_uid'], $touid, $subject, $message, 1, $pmid, 0);
$newusers = array();
$users = daddslashes(explode(',', dstripslashes($username)));
if ($users) {
$query = DB::query('SELECT uid, username FROM ' . DB::table('common_member') . " WHERE username IN (" . dimplode($users) . ')');
while ($value = DB::fetch($query)) {
$newusers[$value['uid']] = $value['username'];
}
}
if (empty($newusers)) {
showmessage('message_bad_touser', dreferer());
}
if (isset($newusers[$_G['uid']])) {
showmessage('message_can_not_send_to_self', dreferer());
}
foreach ($newusers as $key => $value) {
if (isblacklist($key)) {
showmessage('is_blacklist', dreferer());
}
}
$return = uc_pm_send($_G['uid'], implode(',', $newusers), $subject, $message, 1, $pmid, 1);
}
if ($return > 0) {
DB::query("UPDATE " . DB::table('common_member_status') . " SET lastpost='{$_G['timestamp']}' WHERE uid='{$_G['uid']}'");
updatecreditbyaction('sendpm');
showmessage('do_success', "home.php?mod=space&do=pm&filter=privatepm", array(), array('msgtype' => $_G['gp_inajax'] ? 3 : 1, 'showmsg' => true));
} else {
if (in_array($return, array(-1, -2, -3, -4))) {
showmessage('message_can_not_send' . abs($return));
} else {
showmessage('message_can_not_send');
}
function checkcomment($id, $idtype)
{
global $_SGLOBAL;
global $tospace, $pic, $blog, $album, $share;
switch ($idtype) {
case 'uid':
//检索空间
$tospace = getspace($id);
break;
case 'picid':
//检索图片
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid='{$id}' LIMIT 1");
$pic = $_SGLOBAL['db']->fetch_array($query);
//图片不存在
if (empty($pic)) {
showmessage('view_images_do_not_exist');
}
//检索空间
$tospace = getspace($pic['uid']);
//获取相册
$album = array();
if ($pic['albumid']) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('album') . " WHERE albumid='{$pic['albumid']}'");
if (!($album = $_SGLOBAL['db']->fetch_array($query))) {
updatetable('pic', array('albumid' => 0), array('albumid' => $pic['albumid']));
//相册丢失
} else {
if ($album['target_ids']) {
$album['target_ids'] .= ",{$album['uid']}";
}
}
}
break;
case 'blogid':
//读取日志
$query = $_SGLOBAL['db']->query("SELECT b.*, bf.target_ids\r\n\t\t\t\tFROM " . tname('blog') . " b\r\n\t\t\t\tLEFT JOIN " . tname('blogfield') . " bf ON bf.blogid=b.blogid\r\n\t\t\t\tWHERE b.blogid='{$id}'");
$blog = $_SGLOBAL['db']->fetch_array($query);
//日志不存在
if (empty($blog)) {
showmessage('view_to_info_did_not_exist');
}
//是否允许评论
if (!empty($blog['noreply'])) {
showmessage('do_not_accept_comments');
}
if ($blog['target_ids']) {
$blog['target_ids'] .= ",{$blog['uid']}";
}
//检索空间
$tospace = getspace($blog['uid']);
break;
case 'sid':
//读取日志
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('share') . " WHERE sid='{$id}'");
$share = $_SGLOBAL['db']->fetch_array($query);
//日志不存在
if (empty($share)) {
showmessage('sharing_does_not_exist');
}
//检索空间
$tospace = getspace($share['uid']);
break;
default:
showmessage('non_normal_operation');
break;
}
if (empty($tospace)) {
showmessage('space_does_not_exist');
}
//黑名单
if (isblacklist($tospace['uid'])) {
showmessage('is_blacklist');
}
}
