$img = new PhotoUpload($aid);
PwUpload::upload($img);
pwFtpClose($ftp);
if (!($photos = $img->getAttachs())) {
refreshto("{$basename}a=upload", 'colony_uploadnull');
}
$photoNum = count($photos);
$pid = $img->getNewID();
$lastpid = getLastPid($aid, 4);
array_unshift($lastpid, $pid);
if (!$rt['private']) {
$feedText = "[url={$db_bbsurl}/{$basename}space=1&a=album&aid={$aid}&u={$winduid}]{$rt[aname]}[/url]\n";
foreach ($photos as $value) {
$feedText .= "[url={$db_bbsurl}/{#APPS_BASEURL#}q=photos&space=1&a=view&pid={$pid}&u={$winduid}][img]" . getphotourl($value['path'], $value['ifthumb']) . "[/img][/url] ";
}
pwAddFeed($winduid, 'photo', $pid, array('num' => $photoNum, 'text' => $feedText));
//会员资讯缓存
$usercache = L::loadDB('Usercache');
$usercachedata = $usercache->get($winduid, 'photos');
$usercachedata = explode(',', $usercachedata['value']);
is_array($usercachedata) || ($usercachedata = array());
if (count($usercachedata) >= 4) {
array_pop($usercachedata);
}
array_unshift($usercachedata, $pid);
$usercachedata = implode(',', $usercachedata);
$usercache->update($winduid, 'photos', $pid, $usercachedata);
}
$db->update("UPDATE pw_cnalbum SET photonum=photonum+" . pwEscape($photoNum, false) . ",lasttime=" . pwEscape($timestamp, false) . ',lastpid=' . pwEscape(implode(',', $lastpid)) . (!$rt['lastphoto'] ? ',lastphoto=' . pwEscape($img->getLastPhoto()) : '') . " WHERE aid=" . pwEscape($aid));
countPosts("+{$photoNum}");
//积分变动
} else {
$groups = str_replace(",{$newgroupid},", ",{$userdb['groupid']},", $userdb['groups']);
}
$upmembers['groupid'] = $newgroupid;
$upmembers['groups'] = $groups;
}
}
$prooicq && !is_numeric($prooicq) && Showmsg('illegal_OICQ');
$proicq && !is_numeric($proicq) && Showmsg('illegal_OICQ');
strlen($prointroduce) > 500 && Showmsg('introduce_limit');
$_G['signnum'] && strlen($prosign) > $_G['signnum'] && Showmsg('sign_limit');
if ($_G['allowhonor']) {
$prohonor = substrs($prohonor, 90);
$upmembers['honor'] = $prohonor;
if ($userdb['honor'] != $prohonor) {
pwAddFeed($winduid, 'honor', '', array('honor' => $prohonor));
}
}
require_once R_P . 'require/bbscode.php';
$wordsfb = L::loadClass('FilterUtil');
foreach (array($prosign, $prointroduce, $prohonor) as $key => $value) {
if (($banword = $wordsfb->comprise($value)) !== false) {
Showmsg('sign_wordsfb');
}
}
//upmeminfo
if ($db_union[7]) {
list($customdata) = Getcustom($customdata, false, true);
!empty($customdata) && ($upmeminfo['customdata'] = addslashes(serialize($customdata)));
}
foreach ($customfield as $value) {
$share_code = '';
} elseif ($type == 'topic') {
$title = $share['topic']['subject'];
$abstract = $share['topic']['abstract'];
$attimages = unserialize($share['topic']['imgs']);
$imgs = '';
foreach ($attimages as $k => $v) {
$imgs .= "[img]" . $v . "[/img]";
}
$share_code = '';
} else {
$share_code = '';
}
$type_name = getLangInfo('app', $type);
!$title && ($title = substrs($share['link'], 40));
pwAddFeed($winduid, 'share', $f_id, array('lang' => 'share_view', 'link' => $share['link'], 'title' => $title, 'descrip' => $descrip, 'abstract' => $abstract, 'imgs' => $imgs, 'share_code' => $share_code, 'uid' => $winduid, 'username' => $windid, 'type_name' => $type_name));
$a = 'self';
} else {
$a = 'my';
}
countPosts('+1');
//积分变动
require_once R_P . 'require/credit.php';
$o_share_creditset = unserialize($o_share_creditset);
$creditset = getCreditset($o_share_creditset['Post']);
$creditset = array_diff($creditset, array(0));
if (!empty($creditset)) {
$credit->sets($winduid, $creditset, true);
updateMemberid($winduid);
}
if ($creditlog = unserialize($o_share_creditlog)) {
} else {
$deldb[] = $rt['uid'];
}
}
if ($frdb) {
$db->update("UPDATE pw_friends" . " SET status='0',descrip='',joindate=" . pwEscape($timestamp) . " WHERE friendid=" . pwEscape($userdb['uid']) . " AND uid IN(" . pwImplode($frdb) . ")");
$fcount = count($frdb);
if ($adddb) {
$db->update("REPLACE INTO pw_friends (uid,friendid,status,joindate,descrip) VALUES " . pwSqlMulti($adddb, false));
$count = count($adddb);
}
require_once R_P . 'require/msg.php';
require_once R_P . 'require/postfunc.php';
send_msgc($msgdb);
foreach ($feed as $key => $log) {
pwAddFeed($key, 'friend', '', $log);
}
}
if ($deldb) {
$db->update("DELETE FROM pw_friends WHERE friendid=" . pwEscape($userdb['uid']) . " AND uid IN(" . pwImplode($deldb) . ")");
$count -= count($deldb);
}
if ($fcount) {
$db->update("UPDATE pw_memberdata SET f_num=f_num+1 WHERE uid IN (" . pwImplode($frdb) . ")");
}
$db->update("UPDATE pw_memberdata SET f_num=f_num+" . pwEscape($count) . " WHERE uid=" . pwEscape($winduid));
refreshto('u.php?action=friend', 'friend_accept_success');
} elseif ($job == 'refuse') {
PostCheck();
!$isU && Showmsg('space_over_right');
InitGP(array('selid', 'refusemsg'));
!$_G['allowhonor'] && Showmsg('undefined_action');
if (empty($_POST['step'])) {
require_once PrintEot('ajax');
ajax_footer();
} else {
PostCheck();
InitGP(array('content'), 'P');
$content = str_replace("\n", '', $content);
strlen($content) > 90 && ($content = substrs($content, 90));
if ($winddb['honor'] != stripslashes($content)) {
$db->update("UPDATE pw_members SET honor=" . pwEscape($content) . " WHERE uid=" . pwEscape($winduid));
if ($db_modes['o']['ifopen']) {
$db->update("INSERT INTO pw_owritedata SET" . pwSQLSingle(array('uid' => $winduid, 'touid' => 0, 'postdate' => $timestamp, 'isshare' => 0, 'source' => 'signature', 'content' => $content)));
}
require_once R_P . 'require/postfunc.php';
pwAddFeed($winduid, 'honor', '', array('honor' => $content));
}
echo "success\t" . stripslashes($content);
ajax_footer();
}
} elseif ($action == 'readlog') {
$readlog = explode(',', GetCookie('readlog'));
@krsort($readlog);
$tids = array();
$i = 0;
foreach ($readlog as $key => $value) {
if (is_numeric($value)) {
$tids[] = $value;
if (++$i > 9) {
break;
}
$photos[] = array('aid' => $selaid, 'pintro' => '', 'path' => $path, 'uploader' => $windid, 'uptime' => $timestamp, 'ifthumb' => $ifthumb);
$lastphoto = $path;
}
if ($photos) {
$db->update("INSERT INTO pw_cnphoto (aid,pintro,path,uploader,uptime,ifthumb) VALUES " . pwSqlMulti($photos));
$pid = $db->insert_id();
$photoNum = count($photos);
$lastpid = getLastPid($selaid, 4);
array_unshift($lastpid, $pid);
$db->update("UPDATE pw_cnalbum SET photonum=photonum+" . pwEscape($photoNum) . ",lasttime=" . pwEscape($timestamp) . ',lastpid=' . pwEscape(implode(',', $lastpid)) . (!$selalbum['lastphoto'] ? ',lastphoto=' . pwEscape($lastphoto) : '') . " WHERE aid=" . pwEscape($selaid));
countPosts("+{$photoNum}");
$feedText = '';
foreach ($photos as $value) {
$feedText .= "[url={$db_bbsurl}/{#APPS_BASEURL#}space=1&q=galbum&a=view&cyid={$cyid}&pid={$pid}][img]" . getphotourl($value['path'], $value['ifthumb']) . "[/img][/url] ";
}
pwAddFeed($winduid, 'colony_photo', $cyid, array('lang' => 'colony_photo', 'cyid' => $cyid, 'num' => $photoNum, 'colony_name' => $colony['cname'], 'text' => $feedText));
//积分变动
require_once R_P . 'require/credit.php';
$o_groups_creditset = unserialize($o_groups_creditset);
$creditset = getCreditset($o_groups_creditset['Uploadphoto']);
$creditset = array_diff($creditset, array(0));
if (!empty($creditset)) {
$credit->sets($winduid, $creditset, true);
updateMemberid($winduid);
addLog($creditlog, $windid, $winduid, 'groups_Uploadphoto');
}
if ($creditlog = unserialize($o_groups_creditlog)) {
addLog($creditlog['Post'], $windid, $winduid, 'groups_Uploadphoto');
}
refreshto("{$basename}a=view&cyid={$cyid}&pid={$pid}", 'operate_success');
} else {
} elseif ($count > 20) {
$dtid = 0;
} else {
$dtid = $check['dtid'];
$db->update("UPDATE pw_diarytype SET num=num+1 WHERE dtid=".pwEscape($dtid));
}
}*/
//分类不存在则自动生成分类
$dtid = (int) $dtid;
$privacy = (int) $privacy;
$pwSQL = pwSqlSingle(array('uid' => $winduid, 'dtid' => $dtid, 'username' => $windid, 'privacy' => $privacy, 'subject' => $diary['subject'], 'content' => $diary['content'], 'copyurl' => $diary['copyurl'], 'ifcopy' => $diary['ifcopy'], 'ifconvert' => $diary['ifconvert'], 'ifwordsfb' => $diary['ifwordsfb'], 'postdate' => $timestamp));
$db->update("INSERT INTO pw_diary SET {$pwSQL}");
$db->update("UPDATE pw_diarytype SET num=num+1 WHERE uid=" . pwEscape($winduid) . " AND dtid=" . pwEscape($dtid));
//更新分类日志数
$did = $db->insert_id();
pwAddFeed($winduid, 'diary', $did, array('lang' => 'diary_copy', 'username' => $windid, 'uid' => $winduid, 'did' => $did, 'subject' => $diary['subject']));
countPosts('+1');
updateUserAppNum($winduid, 'diary');
echo "success";
ajax_footer();
} elseif ($a == 'feedsetting') {
if (empty($_POST['step'])) {
$friend = getFriends($winduid);
if (empty($friend)) {
Showmsg('no_friend');
}
foreach ($friend as $key => $value) {
$value['iffeed'] && ($checked[$key] = 'CHECKED');
$frienddb[$value['ftid']][] = $value;
}
$query = $db->query("SELECT * FROM pw_friendtype WHERE uid=" . pwEscape($winduid) . " ORDER BY ftid");
$oldattach = '';
}
/**
* 附件修改
*/
$pwSQL = pwSqlSingle(array('dtid' => $dtid, 'aid' => $oldattach, 'privacy' => $privacy, 'subject' => $atc_title, 'content' => $atc_content, 'ifcopy' => $ifcopy, 'ifconvert' => $ifconvert, 'ifupload' => $ifupload, 'ifwordsfb' => $ifwordsfb));
$db->update("UPDATE pw_diary SET {$pwSQL} WHERE uid=" . pwEscape($winduid) . " AND did=" . pwEscape($did));
if ($aids) {
$db->update("UPDATE pw_attachs SET did=" . pwEscape($did) . " WHERE aid IN({$aids})");
}
if ($dtided != $dtid) {
$db->update("UPDATE pw_diarytype SET num=num-1 WHERE uid=" . pwEscape($winduid) . " AND dtid=" . pwEscape($dtided));
$db->update("UPDATE pw_diarytype SET num=num+1 WHERE uid=" . pwEscape($winduid) . " AND dtid=" . pwEscape($dtid));
}
if ($privacyed == 2 && $privacy != 2) {
pwAddFeed($winduid, 'diary', $did, array('lang' => 'diary_data', 'username' => $windid, 'uid' => $winduid, 'did' => $did, 'subject' => $atc_title));
countPosts('+1');
} elseif ($privacyed != 2 && $privacy == 2) {
if ($affected_rows = delAppAction('diary', $did)) {
countPosts("-{$affected_rows}");
}
}
refreshto("{$basename}q=diary", 'operate_success');
}
} elseif ($a == 'copydiary') {
define('AJAX', 1);
define('F_M', true);
banUser();
InitGP(array('did'));
empty($did) && Showmsg('data_error');
$dtsel = '';
function afterpost()
{
global $db_ifpwcache, $timestamp;
if ($this->data['ifcheck'] == 1) {
if ($this->forum->foruminfo['allowhtm'] && !$this->forum->foruminfo['cms']) {
$StaticPage = L::loadClass('StaticPage');
$StaticPage->update($this->tid);
}
$lastpost = array('subject' => substrs($this->data['title'], 26), 'author' => $this->data['lastposter'], 'lastpost' => $timestamp, 'tid' => $this->tid, 't_date' => $timestamp);
$this->forum->lastinfo('topic', '+', $lastpost);
if ($this->forum->isOpen() && !$this->data['anonymous']) {
pwAddFeed($this->post->uid, 'post', $this->tid, array('subject' => stripslashes($this->data['title']), 'tid' => $this->tid, 'fid' => $this->forum->fid));
//会员资讯缓存
$usercachedata = array();
$usercache = L::loadDB('Usercache');
$usercachedata['subject'] = substrs(stripWindCode($this->data['title']), 100, N);
$usercachedata['content'] = substrs(stripWindCode($this->data['content']), 100, N);
$usercachedata['postdate'] = $timestamp;
if ($this->att) {
$usercachedata['attimages'] = $this->att->getImages(4);
}
$usercache->update($this->data['authorid'], 'topic', $this->tid, $usercachedata);
}
//Start elementupdate
if ($db_ifpwcache & 128 || $db_ifpwcache & 512 && $this->att && $this->att->elementpic) {
require_once R_P . 'lib/elementupdate.class.php';
$elementupdate = new ElementUpdate($this->forum->fid);
if ($db_ifpwcache & 128) {
$elementupdate->newSubjectUpdate($this->tid, $this->forum->fid, $timestamp, $this->data['special']);
}
if ($db_ifpwcache & 512 && $this->att && $this->att->elementpic) {
$elementupdate->newPicUpdate($this->att->elementpic['aid'], $this->forum->fid, $this->tid, $this->att->elementpic['attachurl'], $this->att->elementpic['ifthumb'], $this->data['content']);
}
$elementupdate->updateSQL();
}
updateDatanalyse($this->data['authorid'], 'memberThread', 1);
//End elementupdate
}
if ($this->postdata->filter->filter_weight > 1) {
$this->postdata->filter->insert($this->tid, 0, implode(',', $this->postdata->filter->filter_word), $this->postdata->filter->filter_weight);
}
if ($this->data['topped'] > 0) {
require_once R_P . 'require/updateforum.php';
setForumsTopped($this->tid, $this->data['fid'], $this->data['topped']);
updatetop();
}
}
Showmsg('title_wordsfb');
}
$rt = $db->get_one("SELECT id FROM pw_colonys WHERE cname=" . pwEscape($cname));
$rt['id'] > 0 && Showmsg('colony_samename');
/*
$credit->addLog('hack_cycreate',array($o_moneytype => -$o_createmoney),array(
'uid' => $winduid,
'username' => $windid,
'ip' => $onlineip,
'cnname' => stripslashes($cname)
));
$credit->set($winduid,$o_moneytype,-$o_createmoney);
*/
//积分变动
if (!empty($o_groups_creditset['Creategroup'])) {
$creditset = getCreditset($o_groups_creditset['Creategroup'], false);
$credit->sets($winduid, $creditset, true);
updateMemberid($winduid);
}
if ($creditlog = unserialize($o_groups_creditlog)) {
addLog($creditlog['Creategroup'], $windid, $winduid, 'groups_Creategroup');
}
$db->update("INSERT INTO pw_colonys SET " . pwSqlSingle(array('cname' => $cname, 'classid' => $cid, 'admin' => $windid, 'members' => 1, 'ifcheck' => 1, 'createtime' => $timestamp, 'descrip' => $descrip)));
$cyid = $db->insert_id();
$db->update("INSERT INTO pw_cmembers SET " . pwSqlSingle(array('uid' => $winduid, 'username' => $windid, 'ifadmin' => 1, 'colonyid' => $cyid, 'addtime' => $timestamp)));
$db->update("UPDATE pw_cnclass SET cnsum=cnsum+1 WHERE fid=" . pwEscape($cid));
pwAddFeed($winduid, 'colony', '', array('lang' => 'colony_create', 'colonyid' => $cid, 'cname' => $cname, 'link' => "{$db_bbsurl}/{#APPS_BASEURL#}q=group&cyid={$cyid}"));
updateUserAppNum($winduid, 'group');
refreshto("{$baseUrl}q=group&cyid={$cyid}&a=set", 'colony_regsuccess');
}
}
if ($o_joinmoney > 0) {
$credit->addLog('hack_cyjoin', array($o_moneytype => -$o_joinmoney), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'cnname' => $colony['cname']));
$credit->set($winduid, $o_moneytype, -$o_joinmoney);
}
//积分变动
if (!empty($o_groups_creditset['Joingroup'])) {
require_once R_P . 'require/postfunc.php';
$creditset = getCreditset($o_groups_creditset['Joingroup'], false);
$credit->sets($winduid, $creditset, true);
updateMemberid($winduid);
}
if ($creditlog = unserialize($o_groups_creditlog)) {
addLog($creditlog['Joingroup'], $windid, $winduid, 'groups_Joingroup');
}
$db->update("INSERT INTO pw_cmembers SET " . pwSqlSingle(array('uid' => $winduid, 'username' => $windid, 'ifadmin' => $colony['ifcheck'] == 2 ? '0' : '-1', 'colonyid' => $cyid, 'addtime' => $timestamp)));
pwAddFeed($winduid, 'colony', $cyid, array('lang' => 'colony_pass', 'colonyid' => $cyid, 'cname' => $colony['cname'], 'link' => "{$db_bbsurl}/{#APPS_BASEURL#}q=group&cyid={$cyid}"));
$db->update("UPDATE pw_colonys SET members=members+1 WHERE id=" . pwEscape($cyid));
if ($colony['ifcheck'] == 2) {
updateUserAppNum($winduid, 'group');
Showmsg('colony_joinsuccess');
} else {
Showmsg('colony_joinsuccess_check');
}
}
} elseif ($a == 'out') {
define('AJAX', 1);
define('F_M', true);
!$colony['ifcyer'] && Showmsg('undefined_action');
if (empty($_POST['step'])) {
require_once PrintEot('m_ajax');
ajax_footer();
} elseif ($timestamp - $rt['postdate'] < 1) {
Showmsg('mode_o_write_timelimit');
}
$db_blogsource = array('web' => 1, 'other' => 1);
//通过哪种客户端发表
if (empty($source)) {
$source = 'web';
} elseif (!isset($db_blogsource[$source])) {
$source = 'other';
}
$text = Char_cv($text);
$db->update("INSERT INTO pw_owritedata SET" . pwSQLSingle(array('uid' => $winduid, 'touid' => $ruid, 'postdate' => $timestamp, 'isshare' => 0, 'source' => $source, 'content' => $text)));
$f_id = $db->insert_id();
updateUserAppNum($winduid, 'owrite', 'add');
if (getstatus($winddb['userstatus'], 20, 3) != 2) {
pwAddFeed($winduid, 'write', $f_id, array('lang' => 'o_write', 'text' => $text));
}
if ($tosign && $winddb['honor'] != stripslashes($text)) {
$db->update("UPDATE pw_members SET honor=" . pwEscape($text) . " WHERE uid=" . pwEscape($winduid));
}
countPosts('+1');
//会员资讯缓存
$usercachedata = array();
$usercache = L::loadDB('Usercache');
$usercachedata['content'] = substrs(stripWindCode($text), 100, N);
$usercachedata['postdate'] = $timestamp;
$usercache->update($winduid, 'write', $f_id, $usercachedata);
//积分变动
require_once R_P . 'require/credit.php';
$o_write_creditset = unserialize($o_write_creditset);
$creditset = getCreditset($o_write_creditset['Post']);
