$img = new PhotoUpload($aid); PwUpload::upload($img); pwFtpClose($ftp); if (!($photos = $img->getAttachs())) { refreshto("{$basename}a=upload", 'colony_uploadnull'); } $photoNum = count($photos); $pid = $img->getNewID(); $lastpid = getLastPid($aid, 4); array_unshift($lastpid, $pid); if (!$rt['private']) { $feedText = "[url={$db_bbsurl}/{$basename}space=1&a=album&aid={$aid}&u={$winduid}]{$rt[aname]}[/url]\n"; foreach ($photos as $value) { $feedText .= "[url={$db_bbsurl}/{#APPS_BASEURL#}q=photos&space=1&a=view&pid={$pid}&u={$winduid}][img]" . getphotourl($value['path'], $value['ifthumb']) . "[/img][/url] "; } pwAddFeed($winduid, 'photo', $pid, array('num' => $photoNum, 'text' => $feedText)); //会员资讯缓存 $usercache = L::loadDB('Usercache'); $usercachedata = $usercache->get($winduid, 'photos'); $usercachedata = explode(',', $usercachedata['value']); is_array($usercachedata) || ($usercachedata = array()); if (count($usercachedata) >= 4) { array_pop($usercachedata); } array_unshift($usercachedata, $pid); $usercachedata = implode(',', $usercachedata); $usercache->update($winduid, 'photos', $pid, $usercachedata); } $db->update("UPDATE pw_cnalbum SET photonum=photonum+" . pwEscape($photoNum, false) . ",lasttime=" . pwEscape($timestamp, false) . ',lastpid=' . pwEscape(implode(',', $lastpid)) . (!$rt['lastphoto'] ? ',lastphoto=' . pwEscape($img->getLastPhoto()) : '') . " WHERE aid=" . pwEscape($aid)); countPosts("+{$photoNum}"); //积分变动
} else { $groups = str_replace(",{$newgroupid},", ",{$userdb['groupid']},", $userdb['groups']); } $upmembers['groupid'] = $newgroupid; $upmembers['groups'] = $groups; } } $prooicq && !is_numeric($prooicq) && Showmsg('illegal_OICQ'); $proicq && !is_numeric($proicq) && Showmsg('illegal_OICQ'); strlen($prointroduce) > 500 && Showmsg('introduce_limit'); $_G['signnum'] && strlen($prosign) > $_G['signnum'] && Showmsg('sign_limit'); if ($_G['allowhonor']) { $prohonor = substrs($prohonor, 90); $upmembers['honor'] = $prohonor; if ($userdb['honor'] != $prohonor) { pwAddFeed($winduid, 'honor', '', array('honor' => $prohonor)); } } require_once R_P . 'require/bbscode.php'; $wordsfb = L::loadClass('FilterUtil'); foreach (array($prosign, $prointroduce, $prohonor) as $key => $value) { if (($banword = $wordsfb->comprise($value)) !== false) { Showmsg('sign_wordsfb'); } } //upmeminfo if ($db_union[7]) { list($customdata) = Getcustom($customdata, false, true); !empty($customdata) && ($upmeminfo['customdata'] = addslashes(serialize($customdata))); } foreach ($customfield as $value) {
$share_code = ''; } elseif ($type == 'topic') { $title = $share['topic']['subject']; $abstract = $share['topic']['abstract']; $attimages = unserialize($share['topic']['imgs']); $imgs = ''; foreach ($attimages as $k => $v) { $imgs .= "[img]" . $v . "[/img]"; } $share_code = ''; } else { $share_code = ''; } $type_name = getLangInfo('app', $type); !$title && ($title = substrs($share['link'], 40)); pwAddFeed($winduid, 'share', $f_id, array('lang' => 'share_view', 'link' => $share['link'], 'title' => $title, 'descrip' => $descrip, 'abstract' => $abstract, 'imgs' => $imgs, 'share_code' => $share_code, 'uid' => $winduid, 'username' => $windid, 'type_name' => $type_name)); $a = 'self'; } else { $a = 'my'; } countPosts('+1'); //积分变动 require_once R_P . 'require/credit.php'; $o_share_creditset = unserialize($o_share_creditset); $creditset = getCreditset($o_share_creditset['Post']); $creditset = array_diff($creditset, array(0)); if (!empty($creditset)) { $credit->sets($winduid, $creditset, true); updateMemberid($winduid); } if ($creditlog = unserialize($o_share_creditlog)) {
} else { $deldb[] = $rt['uid']; } } if ($frdb) { $db->update("UPDATE pw_friends" . " SET status='0',descrip='',joindate=" . pwEscape($timestamp) . " WHERE friendid=" . pwEscape($userdb['uid']) . " AND uid IN(" . pwImplode($frdb) . ")"); $fcount = count($frdb); if ($adddb) { $db->update("REPLACE INTO pw_friends (uid,friendid,status,joindate,descrip) VALUES " . pwSqlMulti($adddb, false)); $count = count($adddb); } require_once R_P . 'require/msg.php'; require_once R_P . 'require/postfunc.php'; send_msgc($msgdb); foreach ($feed as $key => $log) { pwAddFeed($key, 'friend', '', $log); } } if ($deldb) { $db->update("DELETE FROM pw_friends WHERE friendid=" . pwEscape($userdb['uid']) . " AND uid IN(" . pwImplode($deldb) . ")"); $count -= count($deldb); } if ($fcount) { $db->update("UPDATE pw_memberdata SET f_num=f_num+1 WHERE uid IN (" . pwImplode($frdb) . ")"); } $db->update("UPDATE pw_memberdata SET f_num=f_num+" . pwEscape($count) . " WHERE uid=" . pwEscape($winduid)); refreshto('u.php?action=friend', 'friend_accept_success'); } elseif ($job == 'refuse') { PostCheck(); !$isU && Showmsg('space_over_right'); InitGP(array('selid', 'refusemsg'));
!$_G['allowhonor'] && Showmsg('undefined_action'); if (empty($_POST['step'])) { require_once PrintEot('ajax'); ajax_footer(); } else { PostCheck(); InitGP(array('content'), 'P'); $content = str_replace("\n", '', $content); strlen($content) > 90 && ($content = substrs($content, 90)); if ($winddb['honor'] != stripslashes($content)) { $db->update("UPDATE pw_members SET honor=" . pwEscape($content) . " WHERE uid=" . pwEscape($winduid)); if ($db_modes['o']['ifopen']) { $db->update("INSERT INTO pw_owritedata SET" . pwSQLSingle(array('uid' => $winduid, 'touid' => 0, 'postdate' => $timestamp, 'isshare' => 0, 'source' => 'signature', 'content' => $content))); } require_once R_P . 'require/postfunc.php'; pwAddFeed($winduid, 'honor', '', array('honor' => $content)); } echo "success\t" . stripslashes($content); ajax_footer(); } } elseif ($action == 'readlog') { $readlog = explode(',', GetCookie('readlog')); @krsort($readlog); $tids = array(); $i = 0; foreach ($readlog as $key => $value) { if (is_numeric($value)) { $tids[] = $value; if (++$i > 9) { break; }
$photos[] = array('aid' => $selaid, 'pintro' => '', 'path' => $path, 'uploader' => $windid, 'uptime' => $timestamp, 'ifthumb' => $ifthumb); $lastphoto = $path; } if ($photos) { $db->update("INSERT INTO pw_cnphoto (aid,pintro,path,uploader,uptime,ifthumb) VALUES " . pwSqlMulti($photos)); $pid = $db->insert_id(); $photoNum = count($photos); $lastpid = getLastPid($selaid, 4); array_unshift($lastpid, $pid); $db->update("UPDATE pw_cnalbum SET photonum=photonum+" . pwEscape($photoNum) . ",lasttime=" . pwEscape($timestamp) . ',lastpid=' . pwEscape(implode(',', $lastpid)) . (!$selalbum['lastphoto'] ? ',lastphoto=' . pwEscape($lastphoto) : '') . " WHERE aid=" . pwEscape($selaid)); countPosts("+{$photoNum}"); $feedText = ''; foreach ($photos as $value) { $feedText .= "[url={$db_bbsurl}/{#APPS_BASEURL#}space=1&q=galbum&a=view&cyid={$cyid}&pid={$pid}][img]" . getphotourl($value['path'], $value['ifthumb']) . "[/img][/url] "; } pwAddFeed($winduid, 'colony_photo', $cyid, array('lang' => 'colony_photo', 'cyid' => $cyid, 'num' => $photoNum, 'colony_name' => $colony['cname'], 'text' => $feedText)); //积分变动 require_once R_P . 'require/credit.php'; $o_groups_creditset = unserialize($o_groups_creditset); $creditset = getCreditset($o_groups_creditset['Uploadphoto']); $creditset = array_diff($creditset, array(0)); if (!empty($creditset)) { $credit->sets($winduid, $creditset, true); updateMemberid($winduid); addLog($creditlog, $windid, $winduid, 'groups_Uploadphoto'); } if ($creditlog = unserialize($o_groups_creditlog)) { addLog($creditlog['Post'], $windid, $winduid, 'groups_Uploadphoto'); } refreshto("{$basename}a=view&cyid={$cyid}&pid={$pid}", 'operate_success'); } else {
} elseif ($count > 20) { $dtid = 0; } else { $dtid = $check['dtid']; $db->update("UPDATE pw_diarytype SET num=num+1 WHERE dtid=".pwEscape($dtid)); } }*/ //分类不存在则自动生成分类 $dtid = (int) $dtid; $privacy = (int) $privacy; $pwSQL = pwSqlSingle(array('uid' => $winduid, 'dtid' => $dtid, 'username' => $windid, 'privacy' => $privacy, 'subject' => $diary['subject'], 'content' => $diary['content'], 'copyurl' => $diary['copyurl'], 'ifcopy' => $diary['ifcopy'], 'ifconvert' => $diary['ifconvert'], 'ifwordsfb' => $diary['ifwordsfb'], 'postdate' => $timestamp)); $db->update("INSERT INTO pw_diary SET {$pwSQL}"); $db->update("UPDATE pw_diarytype SET num=num+1 WHERE uid=" . pwEscape($winduid) . " AND dtid=" . pwEscape($dtid)); //更新分类日志数 $did = $db->insert_id(); pwAddFeed($winduid, 'diary', $did, array('lang' => 'diary_copy', 'username' => $windid, 'uid' => $winduid, 'did' => $did, 'subject' => $diary['subject'])); countPosts('+1'); updateUserAppNum($winduid, 'diary'); echo "success"; ajax_footer(); } elseif ($a == 'feedsetting') { if (empty($_POST['step'])) { $friend = getFriends($winduid); if (empty($friend)) { Showmsg('no_friend'); } foreach ($friend as $key => $value) { $value['iffeed'] && ($checked[$key] = 'CHECKED'); $frienddb[$value['ftid']][] = $value; } $query = $db->query("SELECT * FROM pw_friendtype WHERE uid=" . pwEscape($winduid) . " ORDER BY ftid");
$oldattach = ''; } /** * 附件修改 */ $pwSQL = pwSqlSingle(array('dtid' => $dtid, 'aid' => $oldattach, 'privacy' => $privacy, 'subject' => $atc_title, 'content' => $atc_content, 'ifcopy' => $ifcopy, 'ifconvert' => $ifconvert, 'ifupload' => $ifupload, 'ifwordsfb' => $ifwordsfb)); $db->update("UPDATE pw_diary SET {$pwSQL} WHERE uid=" . pwEscape($winduid) . " AND did=" . pwEscape($did)); if ($aids) { $db->update("UPDATE pw_attachs SET did=" . pwEscape($did) . " WHERE aid IN({$aids})"); } if ($dtided != $dtid) { $db->update("UPDATE pw_diarytype SET num=num-1 WHERE uid=" . pwEscape($winduid) . " AND dtid=" . pwEscape($dtided)); $db->update("UPDATE pw_diarytype SET num=num+1 WHERE uid=" . pwEscape($winduid) . " AND dtid=" . pwEscape($dtid)); } if ($privacyed == 2 && $privacy != 2) { pwAddFeed($winduid, 'diary', $did, array('lang' => 'diary_data', 'username' => $windid, 'uid' => $winduid, 'did' => $did, 'subject' => $atc_title)); countPosts('+1'); } elseif ($privacyed != 2 && $privacy == 2) { if ($affected_rows = delAppAction('diary', $did)) { countPosts("-{$affected_rows}"); } } refreshto("{$basename}q=diary", 'operate_success'); } } elseif ($a == 'copydiary') { define('AJAX', 1); define('F_M', true); banUser(); InitGP(array('did')); empty($did) && Showmsg('data_error'); $dtsel = '';
function afterpost() { global $db_ifpwcache, $timestamp; if ($this->data['ifcheck'] == 1) { if ($this->forum->foruminfo['allowhtm'] && !$this->forum->foruminfo['cms']) { $StaticPage = L::loadClass('StaticPage'); $StaticPage->update($this->tid); } $lastpost = array('subject' => substrs($this->data['title'], 26), 'author' => $this->data['lastposter'], 'lastpost' => $timestamp, 'tid' => $this->tid, 't_date' => $timestamp); $this->forum->lastinfo('topic', '+', $lastpost); if ($this->forum->isOpen() && !$this->data['anonymous']) { pwAddFeed($this->post->uid, 'post', $this->tid, array('subject' => stripslashes($this->data['title']), 'tid' => $this->tid, 'fid' => $this->forum->fid)); //会员资讯缓存 $usercachedata = array(); $usercache = L::loadDB('Usercache'); $usercachedata['subject'] = substrs(stripWindCode($this->data['title']), 100, N); $usercachedata['content'] = substrs(stripWindCode($this->data['content']), 100, N); $usercachedata['postdate'] = $timestamp; if ($this->att) { $usercachedata['attimages'] = $this->att->getImages(4); } $usercache->update($this->data['authorid'], 'topic', $this->tid, $usercachedata); } //Start elementupdate if ($db_ifpwcache & 128 || $db_ifpwcache & 512 && $this->att && $this->att->elementpic) { require_once R_P . 'lib/elementupdate.class.php'; $elementupdate = new ElementUpdate($this->forum->fid); if ($db_ifpwcache & 128) { $elementupdate->newSubjectUpdate($this->tid, $this->forum->fid, $timestamp, $this->data['special']); } if ($db_ifpwcache & 512 && $this->att && $this->att->elementpic) { $elementupdate->newPicUpdate($this->att->elementpic['aid'], $this->forum->fid, $this->tid, $this->att->elementpic['attachurl'], $this->att->elementpic['ifthumb'], $this->data['content']); } $elementupdate->updateSQL(); } updateDatanalyse($this->data['authorid'], 'memberThread', 1); //End elementupdate } if ($this->postdata->filter->filter_weight > 1) { $this->postdata->filter->insert($this->tid, 0, implode(',', $this->postdata->filter->filter_word), $this->postdata->filter->filter_weight); } if ($this->data['topped'] > 0) { require_once R_P . 'require/updateforum.php'; setForumsTopped($this->tid, $this->data['fid'], $this->data['topped']); updatetop(); } }
Showmsg('title_wordsfb'); } $rt = $db->get_one("SELECT id FROM pw_colonys WHERE cname=" . pwEscape($cname)); $rt['id'] > 0 && Showmsg('colony_samename'); /* $credit->addLog('hack_cycreate',array($o_moneytype => -$o_createmoney),array( 'uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'cnname' => stripslashes($cname) )); $credit->set($winduid,$o_moneytype,-$o_createmoney); */ //积分变动 if (!empty($o_groups_creditset['Creategroup'])) { $creditset = getCreditset($o_groups_creditset['Creategroup'], false); $credit->sets($winduid, $creditset, true); updateMemberid($winduid); } if ($creditlog = unserialize($o_groups_creditlog)) { addLog($creditlog['Creategroup'], $windid, $winduid, 'groups_Creategroup'); } $db->update("INSERT INTO pw_colonys SET " . pwSqlSingle(array('cname' => $cname, 'classid' => $cid, 'admin' => $windid, 'members' => 1, 'ifcheck' => 1, 'createtime' => $timestamp, 'descrip' => $descrip))); $cyid = $db->insert_id(); $db->update("INSERT INTO pw_cmembers SET " . pwSqlSingle(array('uid' => $winduid, 'username' => $windid, 'ifadmin' => 1, 'colonyid' => $cyid, 'addtime' => $timestamp))); $db->update("UPDATE pw_cnclass SET cnsum=cnsum+1 WHERE fid=" . pwEscape($cid)); pwAddFeed($winduid, 'colony', '', array('lang' => 'colony_create', 'colonyid' => $cid, 'cname' => $cname, 'link' => "{$db_bbsurl}/{#APPS_BASEURL#}q=group&cyid={$cyid}")); updateUserAppNum($winduid, 'group'); refreshto("{$baseUrl}q=group&cyid={$cyid}&a=set", 'colony_regsuccess'); } }
if ($o_joinmoney > 0) { $credit->addLog('hack_cyjoin', array($o_moneytype => -$o_joinmoney), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'cnname' => $colony['cname'])); $credit->set($winduid, $o_moneytype, -$o_joinmoney); } //积分变动 if (!empty($o_groups_creditset['Joingroup'])) { require_once R_P . 'require/postfunc.php'; $creditset = getCreditset($o_groups_creditset['Joingroup'], false); $credit->sets($winduid, $creditset, true); updateMemberid($winduid); } if ($creditlog = unserialize($o_groups_creditlog)) { addLog($creditlog['Joingroup'], $windid, $winduid, 'groups_Joingroup'); } $db->update("INSERT INTO pw_cmembers SET " . pwSqlSingle(array('uid' => $winduid, 'username' => $windid, 'ifadmin' => $colony['ifcheck'] == 2 ? '0' : '-1', 'colonyid' => $cyid, 'addtime' => $timestamp))); pwAddFeed($winduid, 'colony', $cyid, array('lang' => 'colony_pass', 'colonyid' => $cyid, 'cname' => $colony['cname'], 'link' => "{$db_bbsurl}/{#APPS_BASEURL#}q=group&cyid={$cyid}")); $db->update("UPDATE pw_colonys SET members=members+1 WHERE id=" . pwEscape($cyid)); if ($colony['ifcheck'] == 2) { updateUserAppNum($winduid, 'group'); Showmsg('colony_joinsuccess'); } else { Showmsg('colony_joinsuccess_check'); } } } elseif ($a == 'out') { define('AJAX', 1); define('F_M', true); !$colony['ifcyer'] && Showmsg('undefined_action'); if (empty($_POST['step'])) { require_once PrintEot('m_ajax'); ajax_footer();
} elseif ($timestamp - $rt['postdate'] < 1) { Showmsg('mode_o_write_timelimit'); } $db_blogsource = array('web' => 1, 'other' => 1); //通过哪种客户端发表 if (empty($source)) { $source = 'web'; } elseif (!isset($db_blogsource[$source])) { $source = 'other'; } $text = Char_cv($text); $db->update("INSERT INTO pw_owritedata SET" . pwSQLSingle(array('uid' => $winduid, 'touid' => $ruid, 'postdate' => $timestamp, 'isshare' => 0, 'source' => $source, 'content' => $text))); $f_id = $db->insert_id(); updateUserAppNum($winduid, 'owrite', 'add'); if (getstatus($winddb['userstatus'], 20, 3) != 2) { pwAddFeed($winduid, 'write', $f_id, array('lang' => 'o_write', 'text' => $text)); } if ($tosign && $winddb['honor'] != stripslashes($text)) { $db->update("UPDATE pw_members SET honor=" . pwEscape($text) . " WHERE uid=" . pwEscape($winduid)); } countPosts('+1'); //会员资讯缓存 $usercachedata = array(); $usercache = L::loadDB('Usercache'); $usercachedata['content'] = substrs(stripWindCode($text), 100, N); $usercachedata['postdate'] = $timestamp; $usercache->update($winduid, 'write', $f_id, $usercachedata); //积分变动 require_once R_P . 'require/credit.php'; $o_write_creditset = unserialize($o_write_creditset); $creditset = getCreditset($o_write_creditset['Post']);