$includepath = true;
require_once '../../Connections/SQL.php';
require_once '../../config.php';
$_SESSION_scratch = $_SESSION;
session_write_close();
if (!isset($_SESSION_scratch['Center_Username'])) {
exit;
}
if (isset($_GET['sent'])) {
if (isset($_POST['content']) && trim($_POST['content']) != '') {
$_chat = sc_get_result("SELECT * FROM `chat` ORDER BY `mktime` ASC");
if ($_chat['num_rows'] > 50) {
$SQL->query("TRUNCATE TABLE `chat`");
}
$SQL->query("INSERT INTO `chat` (`content`, `mktime`, `author`) VALUES ('%s', now(), '%s')", array(htmlspecialchars($_POST['content']), $_SESSION_scratch['Center_Id']));
sc_tag_member(htmlspecialchars($_POST['content']), rtrim(sc_get_headurl(), 'include/ajax') . '/chat.php', $_SESSION_scratch['Center_Username'] . '在聊天室提到你', $_SESSION_scratch['Center_Id']);
header("Content-type: application/json");
echo json_encode(array("success" => true));
}
} elseif (isset($_POST['last'])) {
$_last = intval($_POST['last']);
$_timeout = 20;
$i = 0;
while ($i < $_timeout) {
$_result = sc_get_result("SELECT * FROM `chat` WHERE `mktime` > '%s'", array(date('Y-m-d H:i:s', $_last)));
$_data = array();
$_data['last'] = time();
if ($_result['num_rows'] > 0) {
do {
$_member = $SQL->query("SELECT `username` FROM `member` WHERE `id` = '%d'", array($_result['row']['author']))->fetch_assoc();
$t = strtotime($_result['row']['mktime']);
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU AGPL, see
<http://www.gnu.org/licenses/>.
*/
require_once 'Connections/SQL.php';
require_once 'config.php';
require_once 'include/view.php';
if (isset($_POST['username']) && isset($_POST['email']) && trim($_POST['username']) != '' && trim($_POST['email']) != '') {
$_username = sc_namefilter($_POST['username']);
$_member = sc_get_result("SELECT * FROM `member` WHERE `username` = '%s'", array($_username));
if ($_member['num_rows'] < 1 or $_POST['email'] != $_member['row']['email']) {
$_GET['nouser'] = true;
} else {
$_subject = "重設密碼 - {$center['site_name']}";
$_body = "{$_member['row']['username']} 您好\n\t\t\n 請點擊以下連結重設您的密碼 \n\t\t\n " . sc_get_headurl() . "getpassword.php?id={$_member['row']['id']}&auth=" . md5($_member['row']['rekey']) . "\n\t\t\n (若是您沒有申請重設密碼,請忽略此信件)";
$_header = "From: {$center['site_name']} <{$center['mail']}> \n";
$_header .= 'Content-type:text/plain; charset=UTF-8';
mb_internal_encoding('UTF-8');
$_subject = mb_encode_mimeheader($_subject, 'UTF-8');
if (mail($_member['row']['email'], $_subject, $_body, $_header)) {
$_step = 2;
}
}
} elseif (isset($_GET['auth']) && trim($_GET['auth']) != '' && isset($_GET['id']) && abs($_GET['id']) != '') {
$_uid = abs($_GET['id']);
$_member = sc_get_result("SELECT * FROM member WHERE `id` = '%d'", array($_uid));
if ($_member['num_rows'] > 0) {
if (md5($_member['row']['rekey']) == $_GET['auth']) {
$_rekey_SQL = sprintf(",`rekey` = '%s'", substr(sc_keygen($_GET['auth']), 0, 16));
$_step = 3;
if ($_post['num_rows'] <= 0) {
header("Location: forum.php");
exit;
}
if (isset($_GET['reply'])) {
if ($_SESSION['Center_UserGroup'] == 0) {
header("Location: forumview.php?banned&id=" . $_GET['id']);
exit;
}
}
if (isset($_GET['reply']) && isset($_POST['content']) && trim($_POST['content'], " ") != '') {
$SQL->query("INSERT INTO `forum_reply` ( `post_id`,`content`, `mktime`, `author`) VALUES ('%s','%s',now(),'%d')", array($_post['row']['id'], sc_xss_filter($_POST['content']), $_SESSION['Center_Id']));
if ($_SESSION['Center_Id'] != $_post['row']['author']) {
sc_add_notice(sc_get_headurl() . 'forumview.php?id=' . $_post['row']['id'], $_SESSION['Center_Username'] . '在您的帖子中發表回覆', $_SESSION['Center_Id'], $_post['row']['author']);
}
sc_tag_member(sc_xss_filter($_POST['content']), sc_get_headurl() . 'forumview.php?id=' . $_post['row']['id'], $_SESSION['Center_Username'] . '在論壇提到你', $_SESSION['Center_Id']);
header("Location: forumview.php?replying&id=" . $_GET['id']);
}
$_block = sc_get_result("SELECT * FROM `forum_block` WHERE `id`='%d'", array($_post['row']['block']));
$limit_row = $center['forum']['limit'];
if (isset($_GET['page'])) {
$limit_start = abs(intval(($_GET['page'] - 1) * $limit_row));
$_reply = sc_get_result("SELECT * FROM `forum_reply` WHERE `post_id`='%d' ORDER BY `mktime` ASC LIMIT %d,%d", array($_post['row']['id'], $limit_start, $limit_row));
} else {
$limit_start = 0;
$_reply = sc_get_result("SELECT * FROM `forum_reply` WHERE `post_id`='%d' ORDER BY `mktime` ASC LIMIT %d,%d", array($_post['row']['id'], $limit_start, $limit_row));
}
$_author = sc_get_result("SELECT `username` FROM `member` WHERE `id` = '%d'", array($_post['row']['author']));
$view = new View('include/theme/default.html', 'include/nav.php', NULL, $center['site_name'], $_post['row']['title']);
$view->addScript("include/js/notice.js");
if (isset($_GET['replying'])) {
function sc_avatar_url($_id, $_only_file_name = false)
{
$_avatar = sc_get_result("SELECT `avatar` FROM `member` WHERE `id` = '%s'", array(abs($_id)));
if ($_avatar['num_rows'] > 0) {
if ($_only_file_name) {
return $_avatar['row']['avatar'];
} else {
$_headurl = rtrim(rtrim(rtrim(sc_get_headurl(), '/include'), '/admin'), '/ajax') . '/';
return $_headurl . 'include/avatar/' . $_avatar['row']['avatar'];
}
} else {
return -1;
}
}