Example #1
0
function Signfunc($starttime, $currency)
{
    global $db, $winduid, $windid, $onlineip, $groupid, $tdtime, $db_signgroup, $db_signmoney, $db_signcurtype, $credit;
    if (!in_array($db_signcurtype, array('money', 'rvrc', 'credit', 'currency'))) {
        return false;
    }
    $set_a = array();
    require_once R_P . 'require/credit.php';
    if (!$starttime) {
        $set_a = array($tdtime, $db_signmoney);
    } elseif (!$db_signmoney || strpos($db_signgroup, ",{$groupid},") === false) {
        $db->update("UPDATE pw_memberdata SET starttime='0' WHERE uid=" . pwEscape($winduid));
    } else {
        $days = floor(($tdtime - $starttime) / 86400);
        $cost = $days * $db_signmoney;
        $cost < 0 && ($cost = 0);
        if ($currency >= $cost) {
            $set_a = array($tdtime, $cost);
        } else {
            $cost = $currency - $currency % $db_signmoney;
            $cost < 0 && ($cost = 0);
            $set_a = array(0, $cost);
        }
    }
    if ($set_a) {
        $credit->addLog('main_showsign', array($db_signcurtype => -$set_a[1]), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip));
        $credit->set($winduid, $db_signcurtype, -$set_a[1], false);
        $credit->runsql();
        $db->update("UPDATE pw_memberdata SET starttime=" . pwEscape($set_a[0], false) . " WHERE uid=" . pwEscape($winduid));
    }
    return true;
}
Example #2
0
 function execute(&$postdata)
 {
     global $timestamp, $db_ptable, $onlineip;
     $this->setPostData($postdata);
     $pwSQL = pwSqlSingle(array('fid' => $this->data['fid'], 'icon' => $this->data['icon'], 'author' => $this->data['author'], 'authorid' => $this->data['authorid'], 'subject' => $this->data['title'], 'ifcheck' => $this->data['ifcheck'], 'type' => $this->data['w_type'], 'postdate' => $timestamp, 'lastpost' => $timestamp, 'lastposter' => $this->data['lastposter'], 'hits' => 1, 'replies' => 0, 'topped' => $this->data['topped'], 'digest' => $this->data['digest'], 'special ' => $this->data['special'], 'state' => 0, 'ifupload' => $this->data['ifupload'], 'ifmail' => $this->data['ifmail'], 'anonymous' => $this->data['anonymous'], 'ptable' => $db_ptable, 'ifmagic' => $this->data['ifmagic'], 'ifhide' => $this->data['hideatt'], 'tpcstatus' => $this->data['tpcstatus'], 'modelid' => $this->data['modelid']));
     $this->db->update("INSERT INTO pw_threads SET {$pwSQL}");
     $this->tid = $this->db->insert_id();
     # memcache refresh
     $threadList = L::loadClass("threadlist");
     $threadList->updateThreadIdsByForumId($this->data['fid'], $this->tid);
     $pw_tmsgs = GetTtable($this->tid);
     if (is_object($postdata->tag)) {
         $postdata->tag->insert($this->tid);
         $this->data['tags'] .= "\t" . $postdata->tag->relate($this->data['title'], $this->data['content']);
     }
     if (is_object($this->att) && ($aids = $this->att->getAids())) {
         $this->att->pw_attachs->updateById($aids, array('tid' => $this->tid));
     }
     $ipTable = L::loadClass('IPTable');
     $pwSQL = pwSqlSingle(array('tid' => $this->tid, 'aid' => $this->data['aid'], 'userip' => $onlineip, 'ifsign' => $this->data['ifsign'], 'buy' => '', 'ipfrom' => $ipTable->getIpFrom($onlineip), 'tags' => $this->data['tags'], 'ifconvert' => $this->data['convert'], 'ifwordsfb' => $this->data['ifwordsfb'], 'content' => $this->data['content'], 'magic' => $this->data['magic']));
     $this->db->update("INSERT INTO {$pw_tmsgs} SET {$pwSQL}");
     if ($this->data['digest']) {
         $this->db->update("UPDATE pw_memberdata SET digests=digests+1 WHERE uid=" . pwEscape($this->data['authorid']));
         $this->post->user['digests']++;
     }
     $this->post->updateUserInfo($this->type, $this->creditSet(), $this->data['content']);
     $this->afterpost();
 }
Example #3
0
function vote($readvote)
{
    global $db, $votetype, $ifview, $votedb, $votesum, $action, $viewvoter, $tid, $admincheck, $vote_close;
    $votearray = unserialize($readvote['voteopts']);
    $votetype = $readvote['multiple'] ? 'checkbox' : 'radio';
    $votesum = 0;
    $votedb = $voter = array();
    $ifview = $viewvoter == 'yes' ? 'no' : 'yes';
    foreach ($votearray as $key => $option) {
        $votesum += $option[1];
    }
    if ($viewvoter == 'yes') {
        $query = $db->query("SELECT username,vote FROM pw_voter WHERE tid=" . pwEscape($tid) . " LIMIT 500");
        while ($rt = $db->fetch_array($query)) {
            $voter[$rt['vote']] .= "<span class=bold>{$rt['username']}</span>" . ' ';
        }
    }
    foreach ($votearray as $key => $value) {
        $vote = array();
        if ($readvote['previewable'] == 0 || $readvote['havevote'] || $vote_close) {
            $vote['width'] = floor(500 * $value[1] / ($votesum + 1));
            $vote['num'] = $value[1];
        } else {
            $vote['width'] = 0;
            $vote['num'] = '*';
        }
        $vote['name'] = $value[0];
        $vote['voter'] = $voter[$key];
        $votedb[$key] = $vote;
    }
}
Example #4
0
 function alterName($uid, $oldname, $username)
 {
     global $db_plist;
     $this->db->update("UPDATE pw_threads SET author=" . pwEscape($username) . " WHERE authorid=" . pwEscape($uid));
     $ptable_a = array('pw_posts');
     if ($db_plist && count($db_plist) > 1) {
         foreach ($db_plist as $key => $val) {
             if ($key == 0) {
                 continue;
             }
             $ptable_a[] = 'pw_posts' . $key;
         }
     }
     foreach ($ptable_a as $val) {
         $this->db->update("UPDATE {$val} SET author=" . pwEscape($username) . " WHERE authorid=" . pwEscape($uid));
     }
     $this->db->update("UPDATE pw_cmembers SET username="******" WHERE uid=" . pwEscape($uid));
     $this->db->update("UPDATE pw_colonys SET admin=" . pwEscape($username) . " WHERE admin=" . pwEscape($oldname));
     $this->db->update("UPDATE pw_announce SET author=" . pwEscape($username) . " WHERE author=" . pwEscape($oldname));
     $this->db->update("UPDATE pw_medalslogs SET awardee=" . pwEscape($username) . " WHERE awardee=" . pwEscape($oldname));
     $query = $this->db->query("SELECT fid,forumadmin,fupadmin FROM pw_forums WHERE forumadmin LIKE " . pwEscape("%,{$oldname},%", false) . " OR fupadmin LIKE " . pwEscape("%,{$oldname},%", false));
     while ($rt = $this->db->fetch_array($query)) {
         $rt['forumadmin'] = str_replace(",{$oldname},", ",{$username},", $rt['forumadmin']);
         $rt['fupadmin'] = str_replace(",{$oldname},", ",{$username},", $rt['fupadmin']);
         $this->db->update("UPDATE pw_forums SET forumadmin=" . pwEscape($rt['forumadmin'], false) . ",fupadmin=" . pwEscape($rt['fupadmin'], false) . " WHERE fid=" . pwEscape($rt['fid'], false));
     }
 }
Example #5
0
 /**
  * 获取个人APP列表
  */
 function userApplist($uids, $appids = '', $arrt = 0)
 {
     if (!$uids) {
         return false;
     }
     if (is_numeric($uids)) {
         $sql_uid = ' uid=' . pwEscape($uids);
     } else {
         $sql_uid = ' uid IN(' . pwImplode(explode(',', $uids)) . ')';
     }
     if (is_numeric($appids)) {
         $sql_appid = ' AND appid=' . pwEscape($appids);
     } elseif ($appids) {
         $sql_appid = ' AND appid IN(' . pwImplode(explode(',', $appids)) . ')';
     }
     $query = $this->_db->query("SELECT uid,appid,appname FROM pw_userapp WHERE {$sql_uid} {$sql_appid}");
     while ($rt = $this->_db->fetch_array($query)) {
         if ($this->_appslist[$rt['appid']] && $this->_appslist[$rt['appid']]) {
             if ($arrt == 1) {
                 $this->_app_array[$rt['appid']] = $rt['appname'];
             } elseif ($arrt == 2) {
                 $this->_app_array[$rt['uid']][$rt['appid']] = $rt;
             } else {
                 $this->_app_array[] = $rt;
             }
         }
     }
     if (!$this->_app_array || !$this->appifopen) {
         $this->_app_array = array();
     }
     return $this->_app_array;
 }
Example #6
0
 function updataById($tplid, $array)
 {
     $array = $this->_checkData($array);
     if (!$array) {
         return null;
     }
     $this->_db->update("UPDATE " . $this->_tableName . " SET " . pwSqlSingle($array, false) . " WHERE tplid=" . pwEscape($tplid));
 }
Example #7
0
 /**
  * 获得页面的SEO设置信息
  * @param $mode
  * @param $page
  * @param $type
  * @return String
  */
 function getSEOSetForPage($mode, $page, $type)
 {
     $r = $this->_db->get_value("SElECT content FROM " . $this->_tableName . " WHERE mode = " . pwEscape($mode) . " AND page = " . pwEscape($page) . " AND type = " . pwEscape($type));
     if (!$r && strpos($page, '_') === false) {
         $r = $this->_db->get_value("SElECT content FROM " . $this->_tableName . " WHERE mode = " . pwEscape($mode) . " AND page = 'thread' AND type = " . pwEscape($type));
     }
     return $r;
 }
Example #8
0
 function deleteByAuthorId($authorId)
 {
     if ($authorId < 1) {
         return false;
     }
     $this->_db->update("DELETE FROM " . $this->_tableName . " WHERE authorid=" . pwEscape($authorId, false));
     return $this->_db->affected_rows();
 }
Example #9
0
 function getDatasByInvokePiece($invokePieceId)
 {
     $temp = array();
     $query = $this->_db->query("SELECT * FROM " . $this->_tableName . " WHERE invokepieceid=" . pwEscape($invokePieceId));
     while ($rt = $this->_db->fetch_array($query)) {
         $temp[] = $rt;
     }
     return $temp;
 }
Example #10
0
 function isInstall($uid)
 {
     $appid = array();
     $query = $this->db->query("SELECT appid FROM " . UC_DBTABLEPRE . "userapp WHERE uid=" . pwEscape($uid));
     while ($rt = $this->db->fetch_array($query)) {
         $appid[] = $rt['appid'];
     }
     return new ApiResponse($appid);
 }
Example #11
0
 function getDatasBySid($sid)
 {
     $temp = array();
     $query = $this->_db->query("SELECT * FROM pw_block WHERE sid=" . pwEscape($sid));
     while ($rt = $this->_db->fetch_array($query)) {
         $temp[] = $rt;
     }
     return $temp;
 }
Example #12
0
function getImagesByTid($tid)
{
    global $db;
    $temp = array();
    $query = $db->query("SELECT attachurl FROM pw_attachs WHERE tid=" . pwEscape($tid, false) . " AND type='img' LIMIT 5");
    while ($rt = $db->fetch_array($query)) {
        $a_url = geturl($rt['attachurl'], 'show');
        $temp[] = is_array($a_url) ? $a_url[0] : $a_url;
    }
    return $temp;
}
Example #13
0
 function deleteDataByParam($mode, $scr = '', $fid = false)
 {
     $sqladd = '';
     if ($scr) {
         $sqladd = ' AND scr=' . pwEscape($scr);
     }
     if (is_numeric($fid)) {
         $sqladd = ' AND fid=' . pwEscape($fid);
     }
     $this->_db->update("DELETE FROM " . $this->_tableName . " WHERE mode=" . pwEscape($mode) . $sqladd);
 }
Example #14
0
 function insertAppevent($uid, $appevent = array(), $appid)
 {
     //插入用户的单个应用信息
     $rt = $this->db->get_one("SELECT uid FROM pw_userapp WHERE uid=" . pwEscape($uid) . " AND appid=" . pwEscape($appid));
     if ($rt && $appevent) {
         $appevent = serialize($appevent);
         $this->db->update("UPDATE pw_userapp SET appevent=" . pwEscape($appevent) . "WHERE uid=" . pwEscape($uid) . " AND appid=" . pwEscape($appid));
         return new ApiResponse(true);
     }
     return new ApiResponse(false);
 }
Example #15
0
 function getForumByFid($fid)
 {
     $fid = intval($fid);
     if ($fid < 1) {
         return $this->buildResponse(FORUM_INVALID_PARAMS);
     }
     $data = array();
     $result = $GLOBALS['db']->get_one("SELECT f.fid,f.name as forumname,fdata.tpost as todaypost FROM pw_forums f LEFT JOIN pw_forumdata fdata ON f.fid = fdata.fid  WHERE f.fid= " . pwEscape($fid) . " ORDER BY f.vieworder");
     $result['forumname'] = strip_tags($result['forumname']);
     return $this->buildResponse(0, array('forum' => $result));
 }
Example #16
0
 function send($uids, $fromUid, $subject, $content)
 {
     $fromUser = '';
     if ($fromUid) {
         $fromUser = $this->db->get_value("SELECT username FROM pw_members WHERE uid=" . pwEscape($fromUid));
     }
     !is_numeric($uids) && ($uids = explode(',', $uids));
     $msg = array('toUid' => $uids, 'fromUid' => $fromUid, 'fromUser' => $fromUser, 'subject' => Char_cv(stripslashes($subject)), 'content' => Char_cv(stripslashes($content)));
     require_once R_P . 'require/msg.php';
     pwSendMsg($msg);
     return new ApiResponse(true);
 }
Example #17
0
 function alterName($uid, $newname)
 {
     $u = $this->db->get_one("SELECT username FROM pw_members WHERE uid=" . pwEscape($uid));
     if (!$u || $u['username'] == $newname) {
         return new ApiResponse(1);
     }
     if ($unique = $this->db->get_one("SELECT uid FROM pw_members WHERE username="******"UPDATE pw_members SET username="******" WHERE uid=" . pwEscape($uid));
     $user = L::loadClass('ucuser');
     $user->alterName($uid, $u['username'], $newname);
     return new ApiResponse(1);
 }
Example #18
0
function wap_login($username, $password, $safecv, $lgt = 0)
{
    global $db, $timestamp, $onlineip, $db_ckpath, $db_ckdomain, $db_bbsurl, $db_ifsafecv;
    $men = $db->get_one("SELECT m.uid,m.password,m.safecv,m.groupid,m.yz,md.onlineip FROM pw_members m LEFT JOIN pw_memberdata md ON md.uid=m.uid WHERE m." . ($lgt ? 'uid' : 'username') . "=" . pwEscape($username));
    if ($men) {
        $e_login = explode("|", $men['onlineip']);
        if ($e_login[0] != $onlineip . ' *' || $timestamp - $e_login[1] > 600 || $e_login[2] > 1) {
            $men_uid = $men['uid'];
            $men_pwd = $men['password'];
            $check_pwd = $password;
            if ($men['yz'] > 2) {
                wap_msg('login_jihuo');
            }
            if (strlen($men_pwd) == 16) {
                $check_pwd = substr($password, 8, 16);
                /*支持 16 位 md5截取密码*/
            }
            if ($men_pwd == $check_pwd && (!$db_ifsafecv || $men['safecv'] == $safecv)) {
                if (strlen($men_pwd) == 16) {
                    $db->update("UPDATE pw_members SET password="******" WHERE uid=" . pwEscape($men_uid));
                }
                $L_groupid = (int) $men['groupid'];
                Cookie("ck_info", $db_ckpath . "\t" . $db_ckdomain);
            } else {
                global $L_T;
                $L_T = $e_login[2];
                $L_T ? $L_T-- : ($L_T = 5);
                $F_login = "******";
                $db->update("UPDATE pw_memberdata SET onlineip=" . pwEscape($F_login) . " WHERE uid=" . pwEscape($men_uid));
                wap_msg('login_pwd_error');
            }
        } else {
            global $L_T;
            $L_T = 600 - ($timestamp - $e_login[1]);
            wap_msg('login_forbid');
        }
    } else {
        global $errorname;
        $errorname = $username;
        wap_msg('user_not_exists');
    }
    Cookie("winduser", StrCode($men_uid . "\t" . PwdCode($password) . "\t" . $safecv));
    Cookie('lastvisit', '', 0);
    wap_msg('wap_login', 'index.php');
}
Example #19
0
 function update($uploaddb)
 {
     foreach ($uploaddb as $key => $value) {
         if ($value['attname'] == 'postcate' && ($value['id'] == '13' || $value['id'] == '27')) {
             $fieldname = 'pcattach';
         } else {
             $fieldname = 'field' . $value['id'];
         }
         $this->attachs[$fieldname] = $value['fileuploadurl'];
         if ($value['attname'] == 'topic') {
             $tablename = GetTopcitable($this->pcid);
         } elseif ($value['attname'] == 'postcate') {
             $tablename = GetPcatetable($this->pcid);
         }
         if ($this->attachs) {
             $this->db->update("UPDATE {$tablename} SET " . pwSqlSingle($this->attachs) . " WHERE tid=" . pwEscape($this->tid));
         }
     }
 }
Example #20
0
function wap_check($fid, $action)
{
    global $db, $groupid, $_G, $_time, $db_titlemax, $db_postmin, $db_postmax, $subject, $content;
    $subject = trim($subject);
    $content = trim($content);
    if ($action == 'new' && (!$subject || strlen($subject) > $db_titlemax)) {
        wap_msg('subject_limit');
    }
    if (strlen($content) >= $db_postmax || strlen($content) < $db_postmin) {
        wap_msg('content_limit');
    }
    $fm = $db->get_one("SELECT f.forumadmin,f.fupadmin,f.password,f.allowvisit,f.f_type,f.f_check,f.allowpost,f.allowrp,fe.forumset FROM pw_forums f LEFT JOIN pw_forumsextra fe USING(fid) WHERE f.fid=" . pwEscape($fid));
    $forumset = unserialize($fm['forumset']);
    if (!$fm || $fm['password'] != '' || $fm['f_type'] == 'hidden' || $fm['allowvisit'] && @strpos($fm['allowvisit'], ",{$groupid},") === false) {
        wap_msg('post_right');
    }
    if ($action == 'new') {
        $isGM = CkInArray($GLOBALS['windid'], $GLOBALS['manager']);
        $isBM = admincheck($fm['forumadmin'], $fm['fupadmin'], $GLOBALS['windid']);
        if ($fm['f_check'] == '1' || $fm['f_check'] == '3') {
            wap_msg('post_right');
        }
        if ($fm['allowpost'] && strpos($fm['allowpost'], ",{$groupid},") === false) {
            wap_msg('post_right');
        }
        if (!$fm['allowpost'] && $_G['allowpost'] == 0) {
            wap_msg('post_group');
        }
        if ($forumset['allowtime'] && !$isGM && !allowcheck($forumset['allowtime'], "{$_time['hours']}", '') && !pwRights($isBM, 'allowtime')) {
            wap_msg('post_right');
        }
    } elseif ($action == 'reply') {
        if ($fm['f_check'] == '2' || $fm['f_check'] == '3') {
            wap_msg('reply_right');
        }
        if ($fm['allowrp'] && strpos($fm['allowrp'], ",{$groupid},") === false) {
            wap_msg('reply_right');
        }
        if (!$fm['allowrp'] && $_G['allowrp'] == 0) {
            wap_msg('reply_group');
        }
    }
}
Example #21
0
 /**
  * @param $type
  * @param $page
  * @return unknown_type
  */
 function getRecommendByType($type, $page = 1)
 {
     $result = array();
     $where = " WHERE (t.fid != 0 OR t.fid IS NULL) ";
     if ($type) {
         $where .= " AND  p.typeid = " . pwEscape($type);
     }
     (int) $page < 1 && ($page = 1);
     $start = ($page - 1) * $this->perPage;
     $limit = pwLimit($start, $this->perPage);
     $query = $this->db->query("SELECT p.*,t.replies,t.hits,t.author,t.authorid,t.lastposter,t.lastpost FROM pw_wappush p LEFT JOIN pw_threads t ON p.tid = t.tid \r\n\t\t\t\t\t{$where} ORDER BY p.id DESC {$limit}");
     while ($rt = $this->db->fetch_array($query)) {
         $rt['index'] = ++$start;
         list(, $lastDate) = getLastDate($rt['lastpost']);
         $rt['lastpost'] = $lastDate;
         $result[] = $rt;
     }
     return $result;
 }
Example #22
0
 /**
  * @param $uid			用户ID
  * @param $page			当前页数
  * @return unknown_type	返回类型
  */
 function getFavsByUser($uid, $page = 1)
 {
     $uid = (int) $uid;
     if (!$uid) {
         return array();
     }
     $result = array();
     (int) $page < 1 && ($page = 1);
     $start = ($page - 1) * $this->perPage;
     $_favs = $this->db->get_one("SELECT tids FROM pw_favors WHERE uid=" . pwEscape($uid));
     $_tids = explode(',', trim($_favs['tids'], ','));
     $_count = count($_tids);
     $tids = array_slice($_tids, $start, $this->perPage);
     if ($tids) {
         $sql = "SELECT fid,tid,subject,postdate,author,authorid,replies,hits,topped,digest,ifupload FROM pw_threads \r\n\t\t\t\t\tWHERE tid IN(" . pwImplode($tids) . ") ORDER BY postdate DESC";
         $result = $this->_query($sql, $start, 'fav');
     }
     return $result;
 }
Example #23
0
 function get($appid, $uid, $num, $start = 0)
 {
     if ($num == 'all') {
         $num = 500;
     } elseif (!is_numeric($num) || $num < 1) {
         $num = 20;
     } elseif ($num > 500) {
         $num = 500;
     }
     (!is_numeric($start) || $start < 0) && ($start = 0);
     $users = array();
     $query = $this->db->query("SELECT friendid FROM pw_friends WHERE status='0' AND uid=" . pwEscape($uid) . pwLimit($start, $num));
     while ($rt = $this->db->fetch_array($query)) {
         $app = $this->db->get_one("SELECT * FROM pw_userapp WHERE uid=" . pwEscape($rt['friendid']) . " AND appid=" . pwEscape($appid));
         if (empty($app)) {
             $users[] = $rt['friendid'];
         }
     }
     return new ApiResponse($users);
 }
Example #24
0
 function _getAdvers($ckey)
 {
     $query = $this->_db->query("SELECT * FROM pw_advert WHERE ckey=" . pwEscape($ckey));
     $current = time();
     $title = $descrip = '';
     /* adver title*/
     $up = $down = 0;
     while ($rs = $this->_db->fetch_array($query)) {
         if ($rs['type'] == 0) {
             list($title, $descrip) = explode("~\t~", $rs['descrip']);
             continue;
         }
         if ($rs['ifshow'] == 1 && $current >= $rs['stime'] && $current <= $rs['etime']) {
             $up++;
         } else {
             $down++;
         }
     }
     return array($up, $down, $title);
 }
Example #25
0
 function syncredit($arr)
 {
     if (is_array($arr)) {
         foreach ($arr as $uid => $setv) {
             $sql = '';
             foreach ($setv as $cid => $value) {
                 if (is_numeric($cid)) {
                     $value = intval($value);
                     $this->db->pw_update("SELECT uid FROM pw_membercredit WHERE uid=" . pwEscape($uid) . ' AND cid=' . pwEscape($cid), "UPDATE pw_membercredit SET value=" . pwEscape($value) . ' WHERE uid=' . pwEscape($uid) . ' AND cid=' . pwEscape($cid), "INSERT INTO pw_membercredit SET " . pwSqlSingle(array('uid' => $uid, 'cid' => $cid, 'value' => $value)));
                 } elseif (in_array($cid, array('money', 'rvrc', 'credit', 'currency'))) {
                     $cid == 'rvrc' && ($value *= 10);
                     $sql .= ",{$cid}=" . pwEscape(intval($value));
                 }
             }
             if ($sql) {
                 $this->db->update("UPDATE pw_memberdata SET " . ltrim($sql, ',') . " WHERE uid=" . pwEscape($uid), 0);
             }
         }
     }
     return new ApiResponse(1);
 }
Example #26
0
function CheckUserTool($uid, $tooldb)
{
    global $db, $groupid, $credit;
    if (!$tooldb['state']) {
        Showmsg('tool_close');
    }
    $condition = unserialize($tooldb['conditions']);
    if ($condition['group'] && strpos($condition['group'], ",{$groupid},") === false) {
        Showmsg('tool_grouplimit');
    }
    $userdb = $db->get_one("SELECT postnum,digests,rvrc,money,credit FROM pw_memberdata WHERE uid=" . pwEscape($uid));
    require_once R_P . 'require/credit.php';
    $creditdb = $credit->get($uid, 'CUSTOM');
    foreach ($condition['credit'] as $key => $value) {
        if ($value) {
            if (is_numeric($key)) {
                $creditdb[$key] < $value && Showmsg('tool_creditlimit');
            } elseif ($userdb[$key] < $value) {
                Showmsg('tool_creditlimit');
            }
        }
    }
}
Example #27
0
function autoban($uid)
{
    global $db, $db_banby, $db_banmax, $db_bantype, $db_banlimit, $timestamp;
    $rt = $db->get_one('SELECT m.groupid,m.memberid,md.postnum,md.rvrc,md.money FROM pw_members m LEFT JOIN pw_memberdata md ON md.uid=m.uid WHERE m.uid=' . pwEscape($uid));
    if ($rt['groupid'] == '-1' || $rt['groupid'] == '6') {
        switch ($db_banby) {
            case 1:
                $banby = $rt['postnum'];
                break;
            case 2:
                $banby = $rt['rvrc'] / 10;
                break;
            case 3:
                $banby = $rt['money'];
                break;
            default:
                $banby = $rt['postnum'];
        }
        if ($rt['groupid'] == '-1') {
            if ($banby < $db_banmax) {
                $db->update("UPDATE pw_members SET groupid='6' WHERE uid=" . pwEscape($uid));
                $pwSQL = pwSqlSingle(array('uid' => $uid, 'fid' => 0, 'type' => $db_bantype, 'startdate' => $timestamp, 'days' => $db_banlimit, 'admin' => 'autoban', 'reason' => ''));
                $db->update("REPLACE INTO pw_banuser SET {$pwSQL}");
            }
        } elseif ($banby >= $db_banmax) {
            $bandb = $db->get_one("SELECT id FROM pw_banuser WHERE uid=" . pwEscape($uid) . " AND fid='0'");
            if (!$bandb) {
                $db->update("UPDATE pw_members SET groupid='-1' WHERE uid=" . pwEscape($uid));
            } elseif ($bandb['type'] == 1 && $timestamp - $bandb['startdate'] > $bandb['days'] * 86400) {
                $db->update("UPDATE pw_members SET groupid='-1' WHERE uid=" . pwEscape($uid));
                $db->update("DELETE FROM pw_banuser WHERE id=" . pwEscape($bandb['id']));
            }
        }
        $_cache = getDatastore();
        $_cache->delete('UID_' . $uid);
    }
}
Example #28
0
/**
 * 发送社区短消息或系统通知
 *
 * @param array $msg 信息格式如下:
 * 	$msg = array(
 *		'toUser'	=> 'admin', //接收者用户名,可为数组群发:array('admin','abc')
 *		'toUid'		=> 1,		//接收者uid,可为数组群发:array(1,2),当与 toUser 同时存在时,自然失效
 *		'fromUid'	=> 2,		//发送者UID,与fromUser同时存在才有效 (可选,默认为'0')
 *		'fromUser'	=> 'pwtest',//发送者用户名,与fromUid同时存在才有效(可选,默认为'SYSTEM')
 *		'subject'	=> 'Test',	//消息标题
 *		'content'	=> '~KO~',	//消息内容
 *		'other'		=> array()	//其他信息变量
 *	);
 * @return boolean 返回消息发送是否完成
 */
function pwSendMsg($msg)
{
    global $db, $timestamp;
    if (!$msg['toUser'] && !$msg['toUid'] || !$msg['subject'] || !$msg['content']) {
        return false;
    }
    $toType = 'username';
    if (empty($msg['toUser'])) {
        $msg['toUser'] = $msg['toUid'];
        $toType = 'uid';
    }
    $msg['subject'] = getLangInfo('writemsg', $msg['subject'], $msg);
    $msg['content'] = getLangInfo('writemsg', $msg['content'], $msg);
    if (!$msg['fromUid'] || !$msg['fromUser']) {
        $msg['fromUid'] = 0;
        $msg['fromUser'] = '******';
    }
    if (is_array($msg['toUser'])) {
        //group send message
        $msgdb = array();
        $query = $db->query("SELECT uid FROM pw_members WHERE {$toType} IN (" . pwImplode($msg['toUser'], false) . ')');
        while ($rt = $db->fetch_array($query)) {
            $msgdb[] = array($rt['uid'], $msg['fromUid'], $msg['fromUser'], 'rebox', 1, $timestamp, $msg['subject'], $msg['content']);
        }
        $msgdb && send_msgc($msgdb, false);
    } else {
        $rt = $db->get_one("SELECT uid FROM pw_members WHERE {$toType}=" . pwEscape($msg['toUser'], false));
        if (empty($rt)) {
            return false;
        }
        $db->update('INSERT INTO pw_msg SET ' . pwSqlSingle(array('touid' => $rt['uid'], 'fromuid' => $msg['fromUid'], 'username' => $msg['fromUser'], 'type' => 'rebox', 'ifnew' => 1, 'mdate' => $timestamp), false));
        $mid = $db->insert_id();
        $db->update('REPLACE INTO pw_msgc SET ' . pwSqlSingle(array('mid' => $mid, 'title' => $msg['subject'], 'content' => $msg['content']), false));
        $db->update("UPDATE pw_members SET newpm=newpm+1 WHERE uid=" . pwEscape($rt['uid'], false));
    }
    return true;
}
Example #29
0
function update_markinfo($fid, $tid, $pid)
{
    global $db;
    $perpage = 10;
    $pid = intval($pid);
    $whereStr = " fid=" . pwEscape($fid) . " AND tid=" . pwEscape($tid) . " AND pid=" . pwEscape($pid) . " AND ifhide=0 ";
    $count = $db->get_value("SELECT COUNT(*) FROM pw_pinglog WHERE {$whereStr} ");
    $markInfo = "";
    if ($count) {
        $query = $db->query("SELECT id FROM pw_pinglog WHERE {$whereStr} ORDER BY pingdate DESC LIMIT 0,{$perpage}");
        $ids = array();
        while ($rt = $db->fetch_array($query)) {
            $ids[] = $rt['id'];
        }
        $markInfo = $count . ":" . implode(",", $ids);
    }
    if ($pid == 0) {
        $pw_tmsgs = GetTtable($tid);
        $db->update("UPDATE {$pw_tmsgs} SET ifmark=" . pwEscape($markInfo) . " WHERE tid=" . pwEscape($tid));
    } else {
        $db->update("UPDATE " . GetPtable("N", $tid) . " SET ifmark=" . pwEscape($markInfo) . " WHERE pid=" . pwEscape($pid));
    }
    return $markInfo;
}
Example #30
0
         $threadList = L::loadClass("threadlist");
         $threadList->updateThreadIdsByForumId($fid, $tid);
         $db->update("UPDATE {$pw_tmsgs} SET " . pwSqlSingle(array('aid' => $rt['aid'], 'userip' => $rt['userip'], 'ifsign' => $rt['ifsign'], 'ipfrom' => $rt['ipfrom'], 'alterinfo' => $rt['alterinfo'], 'ifconvert' => $rt['ifconvert'], 'content' => $rt['content']), false) . " WHERE tid=" . pwEscape($tid));
     }
     $msg_delrvrc = abs($creditset['Delete']['rvrc']);
     $msg_delmoney = abs($creditset['Delete']['money']);
     $credit->addLog('topic_Delete', $creditset['Delete'], array('uid' => $authorid, 'username' => $author, 'ip' => $onlineip, 'fname' => strip_tags($forum[$fid]['name']), 'operator' => $windid));
     $credit->sets($authorid, $creditset['Delete'], false);
     if ($thread_tpcstatus && getstatus($thread_tpcstatus, 1)) {
         $db->update("DELETE FROM pw_argument WHERE tid=" . pwEscape($tid));
     }
 } else {
     $deltype = 'delrp';
     $deltitle = $subject ? substrs($subject, 28) : substrs($content, 28);
     $db->update("DELETE FROM {$pw_posts} WHERE pid=" . pwEscape($pid));
     $db->update("UPDATE pw_threads SET replies=replies-1 WHERE tid=" . pwEscape($tid));
     $msg_delrvrc = abs($creditset['Deleterp']['rvrc']);
     $msg_delmoney = abs($creditset['Deleterp']['money']);
     $credit->addLog('topic_Deleterp', $creditset['Deleterp'], array('uid' => $authorid, 'username' => $author, 'ip' => $onlineip, 'fname' => strip_tags($forum[$fid]['name']), 'operator' => $windid));
     $credit->sets($authorid, $creditset['Deleterp'], false);
 }
 $credit->setMdata($authorid, 'postnum', -1);
 $credit->runsql();
 if ($db_guestread) {
     require_once R_P . 'require/guestfunc.php';
     clearguestcache($tid, $rs['replies']);
 }
 P_unlink(D_P . 'data/bbscache/c_cache.php');
 require_once R_P . 'require/updateforum.php';
 updateforum($fid);
 if ($rs['topped']) {