public function fetch_all_validate_uid($submittimes = '', $regdate = '', $moddate = '', $regip = '') { $sql = 'm.groupid=8'; $sql .= $submittimes ? ' AND v.submittimes>' . intval($submittimes) : ''; $sql .= $regdate ? ' AND m.regdate<' . (TIMESTAMP - intval($regdate) * 86400) : ''; $sql .= $moddate ? ' AND v.moddate<' . (TIMESTAMP - intval($moddate) * 86400) : ''; $sql .= ($regip = stripsearchkey(addslashes((string) $regip))) ? " AND m.regip LIKE '" . $regip . "%'" : ''; return DB::fetch_all("SELECT v.uid FROM " . DB::table('common_member_validate') . " v, " . DB::table('common_member') . " m\n\t\t\tWHERE {$sql} AND m.uid=v.uid", null, 'uid'); }
public function count_by_type_find($type = null, $find = null) { $parameter = array($this->_table); $wherearr = array(); if ($type !== null) { $parameter[] = $type; $wherearr[] = "`type`=%d"; } if ($find !== null) { $parameter[] = '%' . addslashes(stripsearchkey($find)) . '%'; $wherearr[] = "`find` LIKE %s"; } $wheresql = !empty($wherearr) && is_array($wherearr) ? ' WHERE ' . implode(' AND ', $wherearr) : ''; return DB::result_first("SELECT COUNT(*) FROM %t {$wheresql}", $parameter); }
public function fetch_all_for_search($cid, $ctid, $username, $uid, $useip, $rate, $message, $starttime, $endtime, $start = 0, $limit = 20) { $where = '1'; $where .= $cid ? ' AND ' . DB::field('cid', $cid) : ''; $where .= $ctid ? ' AND ' . DB::field('ctid', $ctid) : ''; $where .= $username ? ' AND ' . DB::field('username', '%' . stripsearchkey($username) . '%', 'like') : ''; $where .= $uid ? ' AND ' . DB::field('uid', $uid) : ''; $where .= $useip ? ' AND ' . DB::field('useip', stripsearchkey($useip) . '%', 'like') : ''; $where .= $rate ? ' AND ' . DB::field('rate', $rate, '>') : ''; $where .= $message ? ' AND ' . DB::field('message', '%' . stripsearchkey($message) . '%', 'like') : ''; $where .= $starttime != '' ? ' AND ' . DB::field('dateline', $starttime, '>') : ''; $where .= $endtime != '' ? ' AND ' . DB::field('dateline', $endtime, '<') : ''; if ($start == -1) { return DB::result_first("SELECT count(*) FROM %t WHERE %i", array($this->_table, $where)); } return DB::fetch_all("SELECT * FROM %t WHERE %i ORDER BY dateline DESC %i", array($this->_table, $where, DB::limit($start, $limit))); }
function getwheres($intkeys, $strkeys, $randkeys, $likekeys, $pre='') { $wherearr = array(); $urls = array(); foreach ($intkeys as $var) { $value = isset($_GET[$var])?$_GET[$var]:''; if(strlen($value)) { $wherearr[] = "{$pre}{$var}='".intval($value)."'"; $urls[] = "$var=$value"; } } foreach ($strkeys as $var) { $value = isset($_GET[$var])?trim($_GET[$var]):''; if(strlen($value)) { $wherearr[] = "{$pre}{$var}='$value'"; $urls[] = "$var=".rawurlencode($value); } } foreach ($randkeys as $vars) { $value1 = isset($_GET[$vars[1].'1'])?$vars[0]($_GET[$vars[1].'1']):''; $value2 = isset($_GET[$vars[1].'2'])?$vars[0]($_GET[$vars[1].'2']):''; if($value1) { $wherearr[] = "{$pre}{$vars[1]}>='$value1'"; $urls[] = "{$vars[1]}1=".rawurlencode($_GET[$vars[1].'1']); } if($value2) { $wherearr[] = "{$pre}{$vars[1]}<='$value2'"; $urls[] = "{$vars[1]}2=".rawurlencode($_GET[$vars[1].'2']); } } foreach ($likekeys as $var) { $value = isset($_GET[$var])?stripsearchkey($_GET[$var]):''; if(strlen($value)>1) { $wherearr[] = "{$pre}{$var} LIKE BINARY '%$value%'"; $urls[] = "$var=".rawurlencode($value); } } return array('wherearr'=>$wherearr, 'urls'=>$urls); }
showmessage('not_find_qualified_information', $theurl); } } elseif (submitcheck('search2submit') || !empty($search2)) { $_SGET['message'] = trim(postget('message')); $_SGET['postip'] = trim(postget('postip')); $_SGET['type'] = trim(postget('type')); $_SGET['detail'] = trim(postget('detail')); $urlplusarr[] = 'search2=1'; $urlplusarr[] = 'type=' . $_SGET['type']; $where1arr = array(); if (!empty($_SGET['message'])) { $urlplusarr[] = 'message=' . $_SGET['message']; $sarr = explode(',', $_SGET['message']); $newsarr = array(); foreach ($sarr as $value) { $value = stripsearchkey($value); if (!empty($value)) { $newsarr[] = "ii.message LIKE '%" . $value . "%'"; } } if (!empty($newsarr)) { $where1arr[] = "(" . implode(" OR ", $newsarr) . ")"; } } if (!empty($_SGET['postip'])) { $urlplusarr[] = 'postip=' . $_SGET['postip']; $_SGET['postip'] = str_replace('*', '888', $_SGET['postip']); $sarr = explode('.', $_SGET['postip']); $newips = array(); foreach ($sarr as $value) { $value = intval($value);
$tablename = 'postitems'; } else { $tablename = 'spaceitems'; if ($status == 'yes') { if (empty($grade)) { $wheresqlarr[] = 'i.grade>0'; } else { $wheresqlarr[] = 'i.grade=\'' . $grade . '\''; } } elseif ($status == 'ban') { $wheresqlarr[] = 'i.grade=\'-1\''; } else { $wheresqlarr[] = 'i.grade=0'; } } if ($searchkeys = stripsearchkey($searchkey)) { if ($searchtype == 'username') { $wheresqlarr[] = 'i.username LIKE \'%' . $searchkeys . '%\''; } else { $wheresqlarr[] = 'i.subject LIKE \'%' . $searchkeys . '%\''; } } $wheresqlstr = implode(' AND ', $wheresqlarr); $query = $_SGLOBAL['db']->query('SELECT COUNT(*) FROM ' . tname($tablename) . ' i WHERE ' . $wheresqlstr); $listcount = $_SGLOBAL['db']->result($query, 0); $multipage = ''; if ($listcount) { $query = $_SGLOBAL['db']->query('SELECT i.*, f.name FROM ' . tname($tablename) . ' i LEFT JOIN ' . tname('categories') . ' f ON f.catid=i.catid WHERE ' . $wheresqlstr . ' ORDER BY i.dateline DESC LIMIT ' . $start . ',' . $perpage); while ($item = $_SGLOBAL['db']->fetch_array($query)) { $item['url'] = geturl('action/viewnews/itemid/' . $item['itemid']); $listarr[] = $item;
public function fetch_all_stat_memberlist($username, $orderby = '', $sort = '', $start = 0, $limit = 0) { $orderby = in_array($orderby, array('uid', 'credits', 'regdate', 'gender', 'username', 'posts', 'lastvisit'), true) ? $orderby : 'uid'; $sql = ''; $sql = !empty($username) ? " WHERE username LIKE '" . addslashes(stripsearchkey($username)) . "%'" : ''; $memberlist = array(); $query = DB::query("SELECT m.uid, m.username, mp.gender, m.email, m.regdate, ms.lastvisit, mc.posts, m.credits\n\t\t\tFROM " . DB::table($this->_table) . " m\n\t\t\tLEFT JOIN " . DB::table('common_member_profile') . " mp ON mp.uid=m.uid\n\t\t\tLEFT JOIN " . DB::table('common_member_status') . " ms ON ms.uid=m.uid\n\t\t\tLEFT JOIN " . DB::table('common_member_count') . " mc ON mc.uid=m.uid\n\t\t\t{$sql} ORDER BY " . DB::order($orderby, $sort) . DB::limit($start, $limit)); while ($member = DB::fetch($query)) { $member['usernameenc'] = rawurlencode($member['username']); $member['regdate'] = dgmdate($member['regdate']); $member['lastvisit'] = dgmdate($member['lastvisit']); $memberlist[$member['uid']] = $member; } return $memberlist; }
<?php /* [UCenter Home] (C) 2007-2008 Comsenz Inc. $Id: space_tag.php 10944 2009-01-09 01:56:13Z liguode $ */ if (!defined('IN_UCHOME')) { exit('Access Denied'); } $id = empty($_GET['id']) ? 0 : intval($_GET['id']); $name = empty($_GET['name']) ? 0 : stripsearchkey($_GET['name']); $start = empty($_GET['start']) ? 0 : intval($_GET['start']); $list = array(); $count = 0; if ($id || $name) { // pagination $perpage = 30; //Check start number ckstart($start, $perpage); //获取TAG $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('tag') . " WHERE " . ($id ? "tagid='{$id}'" : "tagname='{$name}'") . " LIMIT 1"); $tag = $_SGLOBAL['db']->fetch_array($query); if (empty($tag)) { showmessage('tag_does_not_exist'); } elseif ($tag['close']) { showmessage('tag_locked'); } //获取tag关联 $prinum = 0; $query = $_SGLOBAL['db']->query("SELECT blog.* FROM " . tname('tagblog') . " tb , " . tname('blog') . " blog WHERE tb.tagid='{$tag['tagid']}' AND blog.blogid=tb.blogid LIMIT {$start},{$perpage}"); while ($value = $_SGLOBAL['db']->fetch_array($query)) {
function goods() { global $_G; $sql = make_sql(); $url = 'm=ajax&a=goods'; $size = $_G[setting][cate_page] ? $_G[setting][cate_page] : 120; if ($_GET['field']) { $sql['field'] = trim($_GET['field']); } $and = ''; if ($_GET['kw']) { $string = stripsearchkey(trim($_GET['kw'])); if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) { msg('非法搜索关键字'); } $string = safe_output($string); if (dstrlen($string) < 2) { msg('要搜索的关键字长度不能小于2'); } $_GET[kw] = $string; $and .= " AND title like '%{$string}%' "; $url .= "&kw=" . urlencode_utf8($string); } if ($_GET[tag]) { $tag = trim_html($tag, 1); $tag = daddslashes($_GET[tag]); $and .= "AND FIND_IN_SET('" . $tag . "', keywords) "; $url .= "&tag=" . urlencode_utf8($tag); $sql['and'] .= $and; $sql['url'] .= $url; } $rs = D(array('and' => $and . $sql['and'], 'all' => false, 'order' => $sql[order]), array('url' => $url . $sql[url], 'size' => $size)); $goods = array(); foreach ($rs['goods'] as $k => $v) { $tmp = array(); $tmp['picurl'] = $v['picurl']; $tmp['url'] = $v['url']; $tmp['id_url'] = $v['id_url']; $tmp['num_iid'] = $v['num_iid']; $tmp['aid'] = $v['aid']; $tmp['yh_price'] = $v['yh_price']; $tmp['sum'] = $v['sum']; $tmp['like'] = $v['like']; $tmp['title'] = $v['title']; $tmp['username'] = $v['username']; $goods[] = $tmp; } json(array('data' => $goods, 'status' => 'success')); }
$fuid_actives = array($fuid => ' selected'); } else { $wheresql = "t.sellerid IN ({$space['feedfriend']})"; $theurl = "home.php?mod=space&uid={$space['uid']}&do={$do}&view=we"; } $query = DB::query("SELECT * FROM " . DB::table('home_friend') . " WHERE uid='{$space['uid']}' ORDER BY num DESC LIMIT 0,100"); while ($value = DB::fetch($query)) { $userlist[] = $value; } } else { $need_count = false; } } $actives = array($_GET['view'] => ' class="a"'); if ($need_count) { if ($searchkey = stripsearchkey($_G['gp_searchkey'])) { $wheresql .= " AND t.subject LIKE '%{$searchkey}%'"; } $havecache = false; if ($_G['gp_view'] == 'all') { $cachetime = $_G['gp_order'] == 'hot' ? 43200 : 3000; if (!empty($_G['cache']['space_trade'][$alltype]) && is_array($_G['cache']['space_trade'][$alltype])) { $cachearr = $_G['cache']['space_trade'][$alltype]; if (!empty($cachearr['dateline']) && $cachearr['dateline'] > $_G['timestamp'] - $cachetime) { $list = $cachearr['data']; $hiddennum = $threadarr['hiddennum']; $havecache = true; } } } if (!$havecache) {
if ($offset++ == $_GET['line']) { $log = parselog($line, true); $log['line'] = $_GET['line']; $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('space') . " WHERE uid = '{$log['uid']}'"); $value = $_SGLOBAL['db']->fetch_array($query); realname_set($value['uid'], $value['username']); realname_get(); break; } } fclose($fp); } } else { $perpage = 50; $_GET['uid'] = intval($_GET['uid']); $_GET['keysearch'] = stripsearchkey($_GET['keysearch']); $_GET['ip'] = trim($_GET['ip']); $mpurl = "admincp.php?ac=log&file={$_GET['file']}&uid={$_GET['uid']}&ip={$_GET['ip']}&starttime={$_GET['starttime']}&endtime={$_GET['endtime']}&keysearch={$_GET['keysearch']}"; // use a temporary file cache search results $tmpfile = S_ROOT . './data/temp/logsearch_' . substr(md5($mpurl), 8, 8) . '.tmp'; if (!is_dir(S_ROOT . './data/temp/')) { @mkdir(S_ROOT . './data/temp/', 0777); } $page = empty($_GET['page']) ? 1 : intval($_GET['page']); if ($page < 1) { $page = 1; } $start = ($page - 1) * $perpage; //Check start number ckstart($start, $perpage); $list = $uids = array();
public function fetch_all_search($start, $limit, $fetchtype, $uids, $useip, $keywords, $lengthlimit, $starttime, $endtime, $basickeywords = 0, $doid = '', $findex = '') { $parameter = array($this->_table); $wherearr = array(); if ($doid) { $parameter[] = (array) $doid; $wherearr[] = 'doid IN(%n)'; } if (is_array($uids) && count($uids)) { $parameter[] = $uids; $wherearr[] = 'uid IN(%n)'; } if ($useip) { $parameter[] = str_replace('*', '%', $useip); $wherearr[] = 'ip LIKE %s'; } if ($keywords) { if (!$basickeywords) { $sqlkeywords = ''; $or = ''; $keywords = explode(',', str_replace(' ', '', $keywords)); for ($i = 0; $i < count($keywords); $i++) { $keywords[$i] = addslashes(stripsearchkey($keywords[$i])); if (preg_match("/\\{(\\d+)\\}/", $keywords[$i])) { $keywords[$i] = preg_replace("/\\\\{(\\d+)\\\\}/", ".{0,\\1}", preg_quote($keywords[$i], '/')); $sqlkeywords .= " {$or} message REGEXP '" . $keywords[$i] . "'"; } else { $sqlkeywords .= " {$or} message LIKE '%" . $keywords[$i] . "%'"; } $or = 'OR'; } $parameter[] = $sqlkeywords; $wherearr[] = '%i'; } else { $parameter[] = '%' . $basickeywords . '%'; $wherearr[] = 'message LIKE %s'; } } if ($lengthlimit) { $parameter[] = intval($lengthlimit); $wherearr[] = 'LENGTH(message) < %d'; } if ($starttime) { $parameter[] = is_numeric($starttime) ? $starttime : strtotime($starttime); $wherearr[] = 'dateline>%d'; } if ($endtime) { $parameter[] = is_numeric($endtime) ? $endtime : strtotime($endtime); $wherearr[] = 'dateline<%d'; } if ($fetchtype == 3) { $selectfield = "count(*)"; } elseif ($fetchtype == 2) { $selectfield = "doid"; } else { $selectfield = "*"; $parameter[] = DB::limit($start, $limit); $ordersql = ' ORDER BY dateline DESC %i'; } if ($findex) { $findex = 'USE INDEX(dateline)'; } $wheresql = !empty($wherearr) && is_array($wherearr) ? ' WHERE ' . implode(' AND ', $wherearr) : ''; if ($fetchtype == 3) { return DB::result_first("SELECT {$selectfield} FROM %t {$wheresql}", $parameter); } else { return DB::fetch_all("SELECT {$selectfield} FROM %t {$findex} {$wheresql} {$ordersql}", $parameter); } }
//开始搜索 $wherearr = array(); if ($gets['username']) { $wherearr[] = "main.username = '******'username']}'"; } if ($gets['tagid']) { $wherearr[] = "main.tagid = '{$gets['tagid']}'"; } if ($value = sstrtotime($gets['starttime'])) { $wherearr[] = "main.dateline >= '{$value}'"; } if ($value = sstrtotime($gets['endtime'])) { $wherearr[] = "main.dateline <= '{$value}'"; } //关键字 if ($inkey = stripsearchkey($gets['key'])) { if (preg_match("/( AND |\\+|&|\\s)/i", $inkey) && !preg_match("/( OR |\\|)/i", $inkey)) { $keys = preg_replace("/( AND |&| )/i", "+", $inkey); $andor = ' AND '; } else { $keys = preg_replace("/( OR |\\|)/i", "+", $inkey); $andor = ' OR '; } $is = array(); foreach (explode('+', $keys) as $value) { if ($value = trim($value)) { $is[] = "main.subject LIKE '%{$value}%'"; } } if ($is) { $wherearr[] = '(' . implode($andor, $is) . ')';
realname_set($value['uid'], $value['username'], $value['name'], $value['namestatus']); $fuids[] = $value['uid']; $list[] = $value; } } $multi = multi($count, $perpage, $page, $theurl); } else { //处理查询 $theurl = "space.php?uid={$space['uid']}&do={$do}"; $actives = array('me' => ' class="active"'); //好友分组 $wheresql = ''; if ($space['self']) { $groups = getfriendgroup(); $group = !isset($_GET['group']) ? '-1' : intval($_GET['group']); $get_key = empty($_GET['key']) ? '' : stripsearchkey($_GET['key']); if ($group > -1) { $wheresql = "AND main.gid='{$group}'"; $theurl .= "&group={$group}"; } elseif ($get_key) { if ($_SCONFIG['realname']) { //搜索实名 $uids = array(); $query = $_SGLOBAL['db']->query("SELECT s.uid FROM " . tname('space') . " s, " . tname('friend') . " f\r\n\t\t\t\t\tWHERE s.name LIKE '%{$get_key}%' AND s.uid=f.fuid AND f.uid='{$_SGLOBAL['supe_uid']}' AND f.status='1'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $uids[] = $value['uid']; } $wheresql = "AND (main.fuid IN (" . simplode($uids) . ") OR main.fusername LIKE '%{$get_key}%')"; } else { $wheresql = "AND main.fusername LIKE '%{$get_key}%'"; }
function stripsearchkey($string) { if (is_array($string)) { foreach ($string as $key => $val) { $string[$key] = stripsearchkey($val); } } else { $string = trim($string); $string = str_replace('*', '%', addcslashes($string, '%_')); $string = str_replace('_', '\\_', $string); } return $string; }
public function fetch_all_for_search($name, $ctid, $username, $uid, $start = 0, $limit = 20) { $where = '1'; $where .= $name ? ' AND ' . DB::field('name', '%' . stripsearchkey($name) . '%', 'like') : ''; $where .= $ctid ? ' AND ' . DB::field('ctid', $ctid) : ''; $where .= $username ? ' AND ' . DB::field('username', '%' . stripsearchkey($username) . '%', 'like') : ''; $where .= $uid ? ' AND ' . DB::field('uid', $uid) : ''; if ($start == -1) { return DB::result_first("SELECT count(*) FROM %t WHERE %i", array($this->_table, $where)); } return DB::fetch_all("SELECT * FROM %t \tWHERE %i ORDER BY dateline DESC %i", array($this->_table, $where, DB::limit($start, $limit))); }
$leftjoin = ' LEFT JOIN ' . DB::table('common_block_permission') . ' bp ON b.bid=bp.bid'; $wherearr[] = "bp.uid='{$_G['uid']}'"; $wherearr[] = "(bp.allowmanage='1' OR (bp.allowrecommend='1'" . ($op == 'recommend' ? '' : "AND bp.needverify='0'") . "))"; } $hasinblocks = array(); if ($op == 'recommend' && in_array($_GET['idtype'], array('tid', 'gtid', 'blogid', 'picid', 'aid'), true) && ($_GET['id'] = dintval($_GET['id']))) { $hasinblocks = C::t('common_block')->fetch_all_recommended_block($_GET['id'], $_GET['idtype'], $wherearr, $leftjoin, $fields); } if ($_GET['searchkey']) { $_GET['searchkey'] = trim($_GET['searchkey']); $showfavorite = false; if (preg_match('/^[#]?(\\d+)$/', $_GET['searchkey'], $match)) { $bid = intval($match[1]); $wherearr[] = " (b.bid='{$bid}' OR b.name='{$bid}')"; } else { $wherearr[] = " b.name LIKE '%" . stripsearchkey($_GET['searchkey']) . "%'"; $perpage = 10000; } $_GET['searchkey'] = dhtmlspecialchars($_GET['searchkey']); $theurl .= '&searchkey=' . $_GET['searchkey']; } if ($_GET['targettplname']) { $showfavorite = false; $targettplname = trim($_GET['targettplname']); $pagebids = array_keys(C::t('common_template_block')->fetch_all_by_targettplname($targettplname)); if (!empty($pagebids)) { $wherearr[] = "b.bid IN (" . dimplode($pagebids) . ")"; $perpage = 10000; } else { $wherearr[] = "b.bid='0'"; }
* This is NOT a freeware, use is subject to license terms * * $Id: portal_topic.php 7476 2010-04-07 09:38:29Z zhangguosheng $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } if ($_GET['diy'] == 'yes' && !$_G['group']['allowaddtopic'] && !$_G['group']['allowmanagetopic']) { $_GET['diy'] = ''; showmessage('topic_edit_nopermission'); } $topicid = $_GET['topicid'] ? intval($_GET['topicid']) : 0; if ($topicid) { $topic = DB::fetch_first('SELECT * FROM ' . DB::table('portal_topic') . " WHERE topicid = '{$topicid}'"); } elseif ($_GET['topic']) { $_GET['topic'] = stripsearchkey($_GET['topic']); $topic = DB::fetch_first('SELECT * FROM ' . DB::table('portal_topic') . " WHERE name = '{$_GET['topic']}'"); } if (empty($topic)) { showmessage('topic_not_exist'); } if ($topic['closed'] && !$_G['group']['allowmanagetopic'] && !($topic['uid'] == $_G['uid'] && $_G['group']['allowaddtopic'])) { showmessage('topic_is_closed'); } if ($_GET['diy'] == 'yes' && $topic['uid'] != $_G['uid'] && !$_G['group']['allowmanagetopic']) { $_GET['diy'] = ''; showmessage('topic_edit_nopermission'); } $topicid = intval($topic['topicid']); $diyurl = "portal.php?mod=topic&topicid={$topicid}&diy=yes"; DB::query("UPDATE " . DB::table('portal_topic') . " SET viewnum=viewnum+1 WHERE topicid='{$topicid}'");
public function responsemsg() { global $_G; $config = $_G['cache']['plugin']['aljwsq']; define("TOKEN", $config['token']); if ($_G['wechat']['setting']['wechat_token']) { $config['token'] = $_G['wechat']['setting']['wechat_token']; } $postStr = file_get_contents("php://input"); if (!empty($postStr)) { $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA); $textTpl = "<xml>\n\t\t\t\t\t\t\t<ToUserName><![CDATA[%s]]></ToUserName>\n\t\t\t\t\t\t\t<FromUserName><![CDATA[%s]]></FromUserName>\n\t\t\t\t\t\t\t<CreateTime>%s</CreateTime>\n\t\t\t\t\t\t\t<MsgType><![CDATA[text]]></MsgType>\n\t\t\t\t\t\t\t<Content><![CDATA[%s]]></Content>\n\t\t\t\t\t\t\t<FuncFlag>0</FuncFlag>\n\t\t\t\t\t\t\t</xml>"; if ($postObj->MsgType == 'event' && $postObj->Event == 'CLICK') { $contentStr = trim($postObj->EventKey); $contentStr = $this->u2g($contentStr); } else { if ($postObj->MsgType == 'event' && $postObj->Event == 'SCAN') { $check = C::t('#aljwsq#aljwsq_wxqrcode_record')->count_by_openid_dateline($this->u2g($postObj->FromUserName), TIMESTAMP); if (empty($check)) { DB::query('update %t set num = num+1 where scene_id=%d', array('aljwsq_wxqrcode', $this->u2g($postObj->EventKey))); $scene_id = $postObj->EventKey; C::t('#aljwsq#aljwsq_wxqrcode_record')->insert(array('openid' => $this->u2g($postObj->FromUserName), 'scene_id' => $this->u2g($scene_id), 'dateline' => TIMESTAMP)); } $scan = C::t('#aljwsq#aljwsq_wxqrcode')->fetch_by_scene_id($scene_id); //echo $this->responsetext($postObj, $scene_id);exit; } else { if ($postObj->MsgType == 'voice') { C::t('#aljwsq#aljwsq_voice')->insert(array('toUser' => $this->u2g($postObj->ToUserName), 'fromUser' => $this->u2g($postObj->FromUserName), 'CreateTime' => $this->u2g($postObj->CreateTime), 'MsgType' => $this->u2g($postObj->MsgType), 'MediaId' => $this->u2g($postObj->MediaId), 'Format' => $this->u2g($postObj->Format), 'Recognition' => $this->u2g($postObj->Recognition), 'MsgId' => $this->u2g($postObj->MsgId))); exit; } else { if ($postObj->MsgType == 'event' && $postObj->Event == 'subscribe') { $config = $_G['cache']['plugin']['aljwsq']; require_once 'source/plugin/aljwsq/function_core.php'; if ($config['appid'] && $config['appsecret']) { $wuser = getwuserinfo($postObj, $config['appid'], $config['appsecret']); } $openid = (string) $this->u2g($postObj->FromUserName); $user = C::t('#aljwsq#aljwsq_user')->fetch($openid); if ($openid) { if (!$user && $openid) { C::t('#aljwsq#aljwsq_user')->insert(array('openid' => $openid, 'nickname' => $this->u2g($wuser['nickname']), 'sex' => $wuser['sex'], 'city' => $this->u2g($wuser['city']), 'country' => $this->u2g($wuser['country']), 'province' => $this->u2g($wuser['province']), 'language' => $wuser['language'], 'headimgurl' => $wuser['headimgurl'], 'subscribe_time' => TIMESTAMP)); } else { C::t('#aljwsq#aljwsq_user')->update($this->u2g($postObj->FromUserName), array('nickname' => $this->u2g($wuser['nickname']), 'sex' => $wuser['sex'], 'city' => $this->u2g($wuser['city']), 'country' => $this->u2g($wuser['country']), 'province' => $this->u2g($wuser['province']), 'language' => $wuser['language'], 'headimgurl' => $wuser['headimgurl'])); } } $subscribe = C::t('#aljwsq#aljwsq_autoreply')->fetch_by_msgtype('subscribe'); } else { if ($postObj->MsgType == 'event' && strtolower($postObj->Event) == 'location') { $location = C::t('#aljwsq#aljwsq_autoreply')->fetch_by_msgtype('location'); } else { $contentStr = $this->u2g(trim($postObj->Content)); } } } } } if ($contentStr || $subscribe || $location || $scan) { if ($subscribe) { if (file_exists('source/plugin/aljwsq/com/subscribe.php')) { include 'source/plugin/aljwsq/com/subscribe.php'; } } else { if ($location) { if (file_exists('source/plugin/aljwsq/com/location.php')) { include 'source/plugin/aljwsq/com/location.php'; } } else { if ($scan) { if (file_exists('source/plugin/aljwsq/com/scan.php')) { include 'source/plugin/aljwsq/com/scan.php'; } } else { C::t('#aljwsq#aljwsq_keywordlog')->insert(array('keyword' => $contentStr, 'openid' => $this->u2g($postObj->FromUserName), 'nickname' => $this->u2g($wuser['nickname']), 'dateline' => TIMESTAMP)); if (strpos($contentStr, lang('plugin/aljwsq', 'w1')) !== false) { $str = mb_substr($contentStr, -2, 2, CHARSET); $str_key = mb_substr($contentStr, 0, -2, CHARSET); if ($str == lang('plugin/aljwsq', 'w1') && !empty($str_key)) { $data = $this->weather($str_key); if (empty($data[weatherinfo])) { $contentStr = lang('plugin/aljwsq', 'w2') . $str_key . lang('plugin/aljwsq', 'w3'); } else { $info = $data['weatherinfo']; $contentStr = $str_key . lang('plugin/aljwsq', 'w4') . $info['temp'] . lang('plugin/aljwsq', 'w5') . $info['SD'] . lang('plugin/aljwsq', 'w6') . $this->u2g($info['WD']) . $info['WSE'] . lang('plugin/aljwsq', 'w7'); } echo $this->responsetext($postObj, $contentStr); } exit; } $news = C::t('#aljwsq#aljwsq_autoreply')->fetch_by_mykeyword($contentStr); $user = DB::fetch_first('select * from %t where openid=%s and bindtime!=0', array('aljwsq_user', $this->u2g($postObj->FromUserName))); if (!$user && $config['isnot'] && $news['msgtype'] != 'bind' && $news['msgtype'] != 'register') { echo $this->responsetext($postObj, $config['btips']); exit; } if ($news['msgtype'] == 'bindkeyword') { if (file_exists('source/plugin/aljwsq/com/bindkeyword.php')) { include 'source/plugin/aljwsq/com/bindkeyword.php'; } } } } } if ($news['msgtype'] == 'text') { if (file_exists('source/plugin/aljwsq/com/text.php')) { include 'source/plugin/aljwsq/com/text.php'; } } else { if ($news['msgtype'] == 'register') { if (file_exists('source/plugin/aljwsq/com/register.php')) { include 'source/plugin/aljwsq/com/register.php'; } } else { if ($news['msgtype'] == 'index' || $news['msgtype'] == 'ggk' || $news['msgtype'] == 'mes' || $news['msgtype'] == 'brandindex' || $news['msgtype'] == 'wsq') { echo $this->responsenews($postObj, $news); } else { if ($news['msgtype'] == 'bind') { if (file_exists('source/plugin/aljwsq/com/bind.php')) { include 'source/plugin/aljwsq/com/bind.php'; } } else { if ($news['msgtype'] == 'unbind') { if (file_exists('source/plugin/aljwsq/com/unbind.php')) { include 'source/plugin/aljwsq/com/unbind.php'; } } else { if ($news['msgtype'] == 'url') { if (file_exists('source/plugin/aljwsq/com/url.php')) { include 'source/plugin/aljwsq/com/url.php'; } } else { if ($news['msgtype'] == 'singlenews') { if (file_exists('source/plugin/aljwsq/com/singlenews.php')) { include 'source/plugin/aljwsq/com/singlenews.php'; } } else { if ($news['msgtype'] == 'multinews') { if (file_exists('source/plugin/aljwsq/com/multinews.php')) { include 'source/plugin/aljwsq/com/multinews.php'; } } else { if ($news['msgtype'] == 'thread') { if (file_exists('source/plugin/aljwsq/com/thread.php')) { include 'source/plugin/aljwsq/com/thread.php'; } } else { if ($news['msgtype'] == 'forum') { if (file_exists('source/plugin/aljwsq/com/forum.php')) { include 'source/plugin/aljwsq/com/forum.php'; } } else { if ($news['msgtype'] == 'forumlist') { if (file_exists('source/plugin/aljwsq/com/forumlist.php')) { include 'source/plugin/aljwsq/com/forumlist.php'; } } else { if ($news['msgtype'] == 'post') { if (file_exists('source/plugin/aljwsq/com/post.php')) { include 'source/plugin/aljwsq/com/post.php'; } } else { if ($news['msgtype'] == 'hotthread') { if (file_exists('source/plugin/aljwsq/com/hotthread.php')) { include 'source/plugin/aljwsq/com/hotthread.php'; } } else { if ($news['msgtype'] == 'digesthread') { if (file_exists('source/plugin/aljwsq/com/digesthread.php')) { include 'source/plugin/aljwsq/com/digesthread.php'; } } else { if ($news['msgtype'] == 'comb') { if (file_exists('source/plugin/aljwsq/com/comb.php')) { include 'source/plugin/aljwsq/com/comb.php'; } } else { if ($news['msgtype'] == 'newthread') { if (file_exists('source/plugin/aljwsq/com/newthread.php')) { include 'source/plugin/aljwsq/com/newthread.php'; } } else { if ($news['msgtype'] == 'newarticle') { if (file_exists('source/plugin/aljwsq/com/newarticle.php')) { include 'source/plugin/aljwsq/com/newarticle.php'; } } else { if ($news['msgtype'] == 'invite') { if (file_exists('source/plugin/aljwsq/com/invite.php')) { include 'source/plugin/aljwsq/com/invite.php'; } } else { if ($news['msgtype'] == 'sign') { if (file_exists('source/plugin/aljwsq/com/sign.php')) { include 'source/plugin/aljwsq/com/sign.php'; } } else { if ($news['msgtype'] == 'orderlist') { if (file_exists('source/plugin/aljwsq/com/orderlist.php')) { include 'source/plugin/aljwsq/com/orderlist.php'; } } else { if ($news['msgtype'] == 'music') { if (file_exists('source/plugin/aljwsq/com/music.php')) { include 'source/plugin/aljwsq/com/music.php'; } } else { if ($news['msgtype'] == 'voice') { if (file_exists('source/plugin/aljwsq/com/voice.php')) { include 'source/plugin/aljwsq/com/voice.php'; } } else { if ($news['msgtype'] == 'aljbd') { if (file_exists('source/plugin/aljwsq/com/aljbd.php')) { include 'source/plugin/aljwsq/com/aljbd.php'; } } else { global $_G; $config = $_G['cache']['plugin']['aljwsq']; $form = C::t('#aljwsq#aljwsq_autoreply_advanced')->fetch_by_mykeyword($contentStr); if ($form) { $form['url'] = 'plugin.php?id=aljwsq:form&fid=' . $form['id']; echo $this->responsenews($postObj, $form); exit; } $tid = intval($contentStr); if ($config['isthread'] && $tid && is_int($tid)) { $thread = C::t('forum_thread')->fetch($tid); if ($thread) { $news = $this->getnews($contentStr); echo $this->responsenews($postObj, $news); exit; } } $keyword = stripsearchkey($contentStr); if ($config['isservice']) { if ($config['skeywords']) { $config['skeywords'] = str_replace('\\r', '\\n', $config['skeywords']); $skeywords = explode("\n", $config['skeywords']); foreach ($skeywords as $wd) { $wd = trim($wd); if ($wd == $keyword) { echo $this->responseservice($postObj); exit; } } } else { echo $this->responseservice($postObj); exit; } } if (file_exists('source/plugin/aljwsq/com/so.php')) { if ($config['isso']) { $threads = C::t('forum_thread')->fetch_all_by_authorid_displayorder('', 'tid', '>=', '', $keyword, 0, $config['sonum']); } } $keyword = '%' . $keyword . '%'; if ($config['sobrand']) { $brands = DB::fetch_all('select * from %t where name like %s order by id desc limit 0,9', array('aljbd', $keyword)); } if ($threads) { if (file_exists('source/plugin/aljwsq/com/so.php')) { include 'source/plugin/aljwsq/com/so.php'; } } else { if ($brands) { $i = 0; foreach ($brands as $brand) { $tmp = $this->getbrands($brand['id'], $news); if (empty($i)) { if (empty($tmp['picurl'])) { $tmp['picurl'] = $config['default']; } } $items[] = $tmp; $i++; } echo $this->reponsemultinews($postObj, $items); } else { if (preg_match('/(http:\\/\\/)?(.*?)\\.(.*?)\\.(.*?)/is', $contentStr)) { if (file_exists('source/plugin/aljwsq/com/seo.php')) { include 'source/plugin/aljwsq/com/seo.php'; } } else { $config = $_G['cache']['plugin']['aljwsq']; if (file_exists('source/plugin/aljwsq/com/third.php')) { include 'source/plugin/aljwsq/com/third.php'; } if ($return && $return != 'Request Failed') { echo $return; } else { if ($config['so']) { echo $this->responsetext($postObj, $config['so']); } } } } } } } } } } } } } } } } } } } } } } } } } } } } } } }
$sqlbetweenarr[$pre . '`' . $key . '`'] = array('', sstrtotime($tmpvalue)); } else { $sqlbetweenarr[$pre . '`' . $key . '`'][1] = sstrtotime($tmpvalue); } } } elseif (preg_match("/^(select|radio|linkage)\$/i", $columnsinfoarr[$key]['formtype']) || !preg_match("/^(VARCHAR|CHAR|TEXT|MEDIUMTEXT|LONGTEXT|)\$/i", $columnsinfoarr[$key]['fieldtype'])) { //= if (preg_match("/^(VARCHAR|CHAR|TEXT|MEDIUMTEXT|LONGTEXT|)\$/i", $columnsinfoarr[$key]['fieldtype'])) { //char $sqlchararr[$pre . '`' . $key . '`'] = stripsearchkey(shtmlspecialchars($tmpvalue)); } else { $sqlintarr[$pre . '`' . $key . '`'] = intval($tmpvalue); } } elseif (preg_match("/^(text|textarea|checkbox)\$/i", $columnsinfoarr[$key]['formtype'])) { //like $sqllikearr[$pre . '`' . $key . '`'] = stripsearchkey(shtmlspecialchars($tmpvalue)); } } } } $where = getmodelsearchsql($sqlchararr, $sqlintarr, $sqllikearr, $sqlbetweenarr); if (empty($isfixedsearch)) { $query = $_SGLOBAL['db']->query('SELECT COUNT(*) FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' i, ' . tname($modelsinfoarr['modelname'] . 'message') . ' m ' . ' WHERE i.itemid=m.itemid AND ' . $wherecatid . $where); } else { $query = $_SGLOBAL['db']->query('SELECT COUNT(*) FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' i ' . ' WHERE ' . $wherecatid . $where); } $listcount = $_SGLOBAL['db']->result($query, 0); $multipage = ''; $theurl = S_URL . '/m.php?' . str_replace('&page=' . $page, '', $_SERVER["QUERY_STRING"]); if ($listcount) { if ($channel == 'tool') {
$getidarr = array_filter($getidarr); if ($getidarr) { $list = array(); $query = C::t('portal_article_title')->fetch_all($getidarr); foreach ($query as $value) { $list[$value['aid']] = $value; } foreach ($getidarr as $getid) { if ($list[$getid]) { $articlelist[] = $list[$getid]; } } } } elseif ($op == 'search') { $catids = array(); $searchkey = addslashes(stripsearchkey($_GET['searchkey'])); $searchcate = intval($_GET['searchcate']); $catids = category_get_childids('portal', $searchcate); $catids[] = $searchcate; if ($searchkey) { $wherearr[] = "title LIKE '%{$searchkey}%'"; } $searchkey = dhtmlspecialchars($searchkey); if ($searchcate) { $wherearr[] = "catid IN (" . dimplode($catids) . ")"; } $wheresql = implode(' AND ', $wherearr); $count = C::t('portal_article_title')->fetch_all_by_sql($wheresql, '', 0, 0, 1); if ($count) { $query = C::t('portal_article_title')->fetch_all_by_sql($wheresql, 'ORDER BY dateline', 0, 50); foreach ($query as $value) {
* $Id: portalcp_article.php 7701 2010-04-12 06:01:33Z zhengqingpeng $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } $catid = max(0, intval($_GET['catid'])); $permission = getallowblock($_G['uid']); include_once libfile('function/block'); $wherearr = array(); $_GET['searchkey'] = trim($_GET['searchkey']); if (!empty($_GET['searchkey'])) { if (preg_match('/^[#]?(\\d+)$/', $_GET['searchkey'], $match)) { $bid = intval($match[1]); $wherearr[] = " b.bid='{$bid}'"; } else { $_GET['searchkey'] = stripsearchkey($_GET['searchkey']); $wherearr[] = " b.name LIKE '%{$_GET['searchkey']}%'"; } } if ($_GET['from'] == 'push') { $wherearr[] = "b.blockclass='portal_article'"; if (!checkperm('allowdiy')) { $wherearr[] = "bp.allowdata='1'"; $wherearr[] = "bp.uid='{$_G['uid']}'"; } } elseif (!checkperm('allowdiy')) { $wherearr[] = "bp.uid='{$_G['uid']}'"; $wherearr[] = "(bp.allowdata='1' OR bp.allowsetting='1')"; } $wheresql = empty($wherearr) ? '' : 'WHERE ' . implode(' AND ', $wherearr); $page = !empty($_GET['page']) ? max(1, intval($_GET['page'])) : 1;
function checkkey($str, $ischeck = 0) { $str = stripsearchkey(postget($str)); if ($ischeck) { if (empty($str)) { showmessage('keyword_import_inquiry'); } elseif (strlen($str) < 2) { showmessage('kwyword_import_short'); } } return $str; }
private function api_get($add_page) { global $_G; $url = URL . 'm=list'; if ($_G['fid'] > 0) { $url .= "&fid=" . $_G['fid']; } $channel = $_G['channel']; $cid = 0; $arr = array(); if ($_GET['cid']) { $cid = intval($_GET['cid']); $cates = (include libfile('config/taobao_cate')); $cate = array(); foreach ($cates as $k => $v) { if ($v['cid'] == $cid) { $cate = $v; break; } elseif ($v['sub']) { foreach ($v['sub'] as $k1 => $v2) { if ($v2['cid'] == $cid) { $cate = $v2; break; } } } } if (!$cate['cid']) { msg('分类ID不存在'); } $title = $cate['name']; } elseif ($channel) { $cid = intval($channel['classname']); $title = $channel[name]; } if ($cid > 0) { $arr['cid'] = $cid; } if ($_GET['kw']) { $string = stripsearchkey(trim($_GET['kw'])); if (preg_match("/^%+\$|^_+\$|^\\*+\$/is", $string)) { msg('非法搜索关键字'); } $string = safe_output($string); if (dstrlen($string) < 2) { msg('要搜索的关键字长度不能小于2'); } $_GET[kw] = $string; $arr['keyword'] = $string; $url .= "&kw=" . $string; $title .= " " . $string; unset($arr['cid']); } if ($_GET['sort']) { $order_in = array('price_asc', 'sales_desc', 'credit_desc'); if (in_array($_GET['sort'], $order_in)) { $arr['sort'] = $_GET['sort']; $url .= "&sort = " . $_GET['sort']; unset($_GET['sort']); } } if (!$_GET[kw]) { unset($_GET['kw']); } if (!$arr[keyword] && !$arr['cid']) { $arr[keyword] = '特价'; } $arr['start_price'] = 1; $arr['end_price'] = 99999; if ($_GET['price1']) { $_GET['price1'] = $arr['start_price'] = floatval($_GET['price1']); $url .= "&price1=" . $arr['start_price']; } if ($_GET['price2']) { $_GET['price2'] = $arr['end_price'] = floatval($_GET['price2']); $url .= "&price2=" . $arr['end_price']; } if ($_GET['sort']) { $sort_arr = array("price_desc", "price_asc", "credit_desc", "credit_asc", "commission_num_desc", "commission_rate_asc"); if (in_array($_GET['sort'], $sort_arr)) { $arr['sort'] = $_GET['sort']; $url .= "&sort=" . $arr['sort']; } } //分页大小,优站 40 淘客 40 - 100 $size = $channel['page'] > 0 ? intval($channel['page']) : $_G['setting'][cate_page]; if ($size > 100) { $size = 100; } $arr[page_no] = $add_page ? $_G[page] + $add_page : $_G[page]; $arr[page_size] = $size; $key = md5(http_build_query($arr)); $size = 40; $rs = memory('get', $key); //接口类型 1 = 优站 2= 淘客 if (!$rs) { if ($goods) { $rs = array('showpage' => $showpage, 'count' => $count, 'goods' => $goods); memory('set', $key, $rs, 3600); } } return $rs; }
if ($startage && $endage && $endage > $startage) { $wherearr[] = '(sf.birthyear>=' . $startage . ' AND sf.birthyear<=' . $endage . ')'; } else { if ($startage && empty($endage)) { $wherearr[] = 'sf.birthyear>=' . $startage; } else { if (empty($startage) && $endage) { $wherearr[] = 'sf.birthyear<=' . $endage; } } } //自定义 $havefield = 0; foreach ($fields as $fkey => $fvalue) { if ($fvalue['allowsearch']) { $_GET['field_' . $fkey] = empty($_GET['field_' . $fkey]) ? '' : stripsearchkey($_GET['field_' . $fkey]); if ($_GET['field_' . $fkey]) { $havefield = 1; $wherearr[] = "sf.field_{$fkey} LIKE '%" . $_GET['field_' . $fkey] . "%'"; } } } if ($havefield) { $fromarr['spacefield'] = tname('spacefield') . ' sf'; $wherearr['spacefield'] = "sf.uid=s.uid"; } //扩展 if ($_GET['type'] == 'edu' || $_GET['type'] == 'work') { foreach (array('type', 'title', 'subtitle', 'startyear') as $value) { if ($_GET[$value]) { $fromarr['spaceinfo'] = tname('spaceinfo') . ' si';
* WebSite:www.SmartCome.com * QQ:2811931192 * */ if (!defined('IN_DISCUZ') || !defined('IN_ADMINCP')) { exit('Access Denied'); } require_once libfile("function/video", "plugin/smart_video"); loadcache('plugin'); $smart = $_G['cache']['plugin']['smart_video']; $lan = lang("plugin/smart_video"); if (submitcheck('submit')) { $key = stripsearchkey(trim($_POST['key'])); $where = "subject LIKE '%" . $key . "%'"; } else { $key = stripsearchkey(htmlspecialchars_decode($_GET['key'])); if (empty($key)) { $where = '1=1'; } else { $where = "subject LIKE '%" . $key . "%'"; } } $htmlkey = htmlspecialchars($key); $url = ADMINSCRIPT . "?action=plugins&identifier=smart_video&pmod=manage&key=" . $htmlkey; if (submitcheck('msubmit')) { $type = trim($_POST['type']); $select = $_POST['smart_select']; if ($type == "t") { foreach ($select as $sk => $sv) { C::t("#smart_video#video")->update_by_where("smart_video_thread", array('visiable' => 1), "tid=" . intval($sv)); $authorid = C::t("#smart_video#video")->result_first('authorid', 'smart_video_thread', "tid=" . intval($sv));
if(!empty($_POST['joinmode'])) { //二次确认 $mtag = mtag_join('tagname', stripslashes($tagname), $fieldid); if(empty($mtag)) { showmessage('mtag_join_error'); } else { $url = "space.php?uid=$_SGLOBAL[supe_uid]&do=mtag&tagid=$mtag[tagid]"; showmessage('join_success', $url, 0); } } else { //寻找 $newtagname = stripslashes($_POST['tagname']); $findmtag = $likemtags = array(); $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mtag')." WHERE tagname='$tagname' AND fieldid='$fieldid'"); if(!$findmtag = $_SGLOBAL['db']->fetch_array($query)) { $key = stripsearchkey($_POST['tagname']); //找相似的 $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mtag')." WHERE tagname LIKE '%$key%' ORDER BY membernum DESC LIMIT 0,20"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $likemtags[] = $value; } } else { if(empty($findmtag['pic'])) $findmtag['pic'] = 'image/nologo.jpg'; } $_GET['op'] = 'confirm'; include template("cp_mtag"); exit(); } } elseif(submitcheck('choicesubmit')) { $mtags = array();
function getwheres($intkeys, $strkeys, $randkeys, $likekeys, $pre = '') { $wherearr = array(); $urls = array(); foreach ($intkeys as $var) { $value = isset($_GET[$var]) ? stripsearchkey($_GET[$var]) : ''; if (strlen($value)) { if ($var == 'groupid') { $wherearr[] = "FIND_IN_SET('" . $value . "', {$pre}{$var})"; } else { $wherearr[] = "{$pre}{$var}='" . intval($value) . "'"; } $urls[] = "{$var}={$value}"; } } foreach ($strkeys as $var) { $value = isset($_GET[$var]) ? stripsearchkey($_GET[$var]) : ''; if (strlen($value)) { $wherearr[] = "{$pre}{$var}='{$value}'"; $urls[] = "{$var}=" . rawurlencode($value); } } foreach ($randkeys as $vars) { $value1 = isset($_GET[$vars[1] . '1']) ? $vars[0]($_GET[$vars[1] . '1']) : ''; $value2 = isset($_GET[$vars[1] . '2']) ? $vars[0]($_GET[$vars[1] . '2']) : ''; if ($value1) { $wherearr[] = "{$pre}{$vars[1]}>='{$value1}'"; $urls[] = "{$vars[1]}1=" . rawurlencode($_GET[$vars[1] . '1']); } if ($value2) { $wherearr[] = "{$pre}{$vars[1]}<='{$value2}'"; $urls[] = "{$vars[1]}2=" . rawurlencode($_GET[$vars[1] . '2']); } } foreach ($likekeys as $var) { $value = isset($_GET[$var]) ? stripsearchkey($_GET[$var]) : ''; if (strlen($value) > 1) { $wherearr[] = "{$pre}{$var} LIKE BINARY '%{$value}%'"; $urls[] = "{$var}=" . rawurlencode($value); } } return array('wherearr' => $wherearr, 'urls' => $urls); }
} else { $wheresql = "t.authorid IN ({$space['feedfriend']})"; $theurl = "home.php?mod=space&uid={$space['uid']}&do={$do}&view=we"; } $query = DB::query("SELECT * FROM " . DB::table('home_friend') . " WHERE uid='{$space['uid']}' ORDER BY num DESC LIMIT 0,100"); while ($value = DB::fetch($query)) { $userlist[] = $value; } } else { $need_count = false; } } $actives = array($_GET['view'] => ' class="a"'); if ($need_count) { $wheresql .= " AND t.special='1'"; if ($searchkey = stripsearchkey($_GET['searchkey'])) { $wheresql .= " AND t.subject LIKE '%{$searchkey}%'"; $searchkey = dhtmlspecialchars($searchkey); } $count = DB::result(DB::query("SELECT COUNT(*) FROM " . DB::table('forum_thread') . " t {$apply_sql} WHERE {$wheresql}"), 0); if ($count) { $query = DB::query("SELECT t.* FROM " . DB::table('forum_thread') . " t {$apply_sql}\r\n\t\t\tWHERE {$wheresql}\r\n\t\t\tORDER BY {$ordersql} LIMIT {$start},{$perpage}"); } } if ($count) { loadcache('forums'); $tids = array(); require_once libfile('function/misc'); while ($value = DB::fetch($query)) { if (empty($value['author']) && $value['authorid'] != $_G['uid']) { $hiddennum++;
$cacheinfo = getmodelinfoall('mid', $_GET['mid']); if (empty($cacheinfo['models'])) { showmessage('exists_module_error'); } $resultmodels = $cacheinfo['models']; } else { showmessage('exists_module_error'); } if (in_array($resultmodels['modelname'], $_SCONFIG['closechannels'])) { showmessage('usetype_no_open'); } //获取的变量初始化 $_SGET['page'] = intval(postget('page')); $_SGET['order'] = postget('order'); $_SGET['sc'] = postget('sc'); $_SGET['searchkey'] = stripsearchkey(postget('searchkey')); $_SGET['folder'] = intval(postget('folder')) == 0 ? 1 : intval(postget('folder')); $_SGET['page'] < 1 ? $_SGET['page'] = 1 : ''; if ($_SGET['order'] != 'dateline') { $_SGET['order'] = ''; } if (!in_array($_SGET['sc'], array('ASC', 'DESC'))) { $_SGET['sc'] = 'DESC'; } $urlplus = '&order=' . $_SGET['order'] . '&sc=' . $_SGET['sc'] . '&searchkey=' . rawurlencode($_SGET['searchkey']); $newurl = $theurl . $urlplus . '&page=' . $_SGET['page']; $listarr = array(); //POST METHOD if (submitcheck('listvaluesubmit')) { if (empty($_POST['item'])) { //判断提交过来的是否存在待操作的记录,如果没有,则显示提示信息并退出