function task_reward_credit($extcreditid, $credits)
{
global $db, $tablepre, $discuz_uid, $timestamp;
$creditsarray[$extcreditid] = $credits;
updatecredits($discuz_uid, $creditsarray);
$db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation) VALUES ('{$discuz_uid}', 'TASK REWARD', '{$extcreditid}', '{$extcreditid}', '0', '{$credits}', '{$timestamp}', 'RCV')");
}
}
include template('rate');
} else {
checkreasonpm();
if (!empty($logidarray)) {
if ($sendreasonpm) {
$ratescore = $slash = '';
}
$query = $db->query("SELECT * FROM {$tablepre}ratelog WHERE pid='{$pid}'");
$rate = $ratetimes = 0;
$logs = array();
while ($ratelog = $db->fetch_array($query)) {
if (in_array($ratelog['uid'] . ' ' . $ratelog['extcredits'] . ' ' . $ratelog['dateline'], $logidarray)) {
$rate += $ratelog['score'] = -$ratelog['score'];
$ratetimes += ceil(max(abs($rating['min']), abs($rating['max'])) / 5);
updatecredits($post['authorid'], array($ratelog['extcredits'] => $ratelog['score']));
$db->query("DELETE FROM {$tablepre}ratelog WHERE pid='{$pid}' AND uid='{$ratelog['uid']}' AND extcredits='{$ratelog['extcredits']}' AND dateline='{$ratelog['dateline']}'", 'UNBUFFERED');
$logs[] = dhtmlspecialchars("{$timestamp}\t{$discuz_userss}\t{$adminid}\t{$post['author']}\t{$ratelog['extcredits']}\t{$ratelog['score']}\t{$tid}\t{$thread['subject']}\t{$reason}\tD");
if ($sendreasonpm) {
$ratescore .= $slash . $extcredits[$ratelog['extcredits']]['title'] . ' ' . ($ratelog['score'] > 0 ? '+' . $ratelog['score'] : $ratelog['score']) . ' ' . $extcredits[$ratelog['extcredits']]['unit'];
$slash = ' / ';
}
}
}
writelog('ratelog', $logs);
if ($sendreasonpm) {
sendreasonpm('post', 'rate_removereason');
}
$db->query("UPDATE {$tablepre}posts SET rate=rate+({$rate}), ratetimes=ratetimes-{$ratetimes} WHERE pid='{$pid}'");
if ($post['first']) {
$threadrate = @intval(@($post['rate'] + $rate) / abs($post['rate'] + $rate));
//check credit limit
if(!empty($allow['ratealllimit']) && abs($credit * count($awardulist)) > $allow['ratealllimit']) {
showmessage('dps_postawards:msg_credit_all_limit');
}
// if use user's credit, updatecredits
if($selfcreditmode) {
$usercredit = $db->result_first("SELECT $extcredit FROM {$tablepre}members WHERE uid='$discuz_uid'");
if($usercredit < $credit * count($awardulist)) {
showmessage('dps_postawards:msg_over_user_credit');
}
$updatecredits[$credittype]= -1 * abs($credit) * count($awardulist);
updatecredits($discuz_uid, $updatecredits);
}
updatecredits($uidlist, array($credittype => $credit));
if($ratemode){
if(!$raterange) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif ($modratelimit && $adminid == 3 && !$forum['ismoderator']) {
showmessage('thread_rate_moderator_invalid', NULL, 'HALTED');
}
foreach($raterange as $id => $rating) {
$maxratetoday[$id] = $rating['mrpd'];
}
$query = $db->query("SELECT extcredits, SUM(ABS(score)) AS todayrate FROM {$tablepre}ratelog
WHERE uid='$discuz_uid' AND dateline>=$timestamp-86400
GROUP BY extcredits");
while($rate = $db->fetch_array($query)) {
$forum = $db->fetch_first("SELECT f.viewperm, f.getattachperm, f.getattachcredits, a.allowgetattach FROM {$tablepre}forumfields f\r\n\t\tLEFT JOIN {$tablepre}access a ON a.uid='{$discuz_uid}' AND a.fid=f.fid\r\n\t\tWHERE f.fid='{$thread['fid']}'");
if (!$ispaid && !$forum['allowgetattach']) {
if (!$forum['getattachperm'] && !$allowgetattach) {
showmessage('group_nopermission', NULL, 'NOPERM');
} elseif ($forum['getattachperm'] && !forumperm($forum['getattachperm']) || $forum['viewperm'] && !forumperm($forum['viewperm'])) {
showmessage('attachment_forum_nopermission', NULL, 'NOPERM');
}
}
$range = 0;
if ($readmod == 4 && !empty($_SERVER['HTTP_RANGE'])) {
list($range) = explode('-', str_replace('bytes=', '', $_SERVER['HTTP_RANGE']));
}
if (!$isimage) {
$getattachcredits = $forum['getattachcredits'] ? unserialize($forum['getattachcredits']) : $creditspolicy['getattach'];
checklowerlimit($getattachcredits, -1);
$range < 1024 && updatecredits($discuz_uid, $getattachcredits, -1);
}
if (empty($noupdate)) {
if ($delayviewcount == 2 || $delayviewcount == 3) {
$logfile = './forumdata/cache/cache_attachviews.log';
if (substr($timestamp, -1) == '0') {
require_once DISCUZ_ROOT . './include/misc.func.php';
updateviews('attachments', 'aid', 'downloads', $logfile);
}
if (@($fp = fopen(DISCUZ_ROOT . $logfile, 'a'))) {
fwrite($fp, "{$aid}\n");
fclose($fp);
} elseif ($adminid == 1) {
showmessage('view_log_invalid');
}
} else {
}
}
}
}
$tradeaid = 0;
if ($attachment) {
$searcharray = $pregarray = $replacearray = array();
foreach ($attachments as $key => $attach) {
$db->query("INSERT INTO {$tablepre}attachments (tid, pid, dateline, readperm, price, filename, description, filetype, filesize, attachment, downloads, isimage, uid, thumb, remote, width)\r\n\t\t\t\tVALUES ('{$tid}', '{$pid}', '{$timestamp}', '{$attach['perm']}', '{$attach['price']}', '{$attach['name']}', '{$attach['description']}', '{$attach['type']}', '{$attach['size']}', '{$attach['attachment']}', '0', '{$attach['isimage']}', '{$attach['uid']}', '{$attach['thumb']}', '{$attach['remote']}', '{$attach['width']}')");
$searcharray[] = '[local]' . $localid[$key] . '[/local]';
$pregarray[] = '/\\[localimg=(\\d{1,3}),(\\d{1,3})\\]' . $localid[$key] . '\\[\\/localimg\\]/is';
$replacearray[] = '[attach]' . $db->insert_id() . '[/attach]';
}
$message = str_replace($searcharray, $replacearray, preg_replace($pregarray, $replacearray, $message));
$db->query("UPDATE {$tablepre}posts SET message='{$message}' WHERE pid='{$pid}'");
updatecredits($discuz_uid, $postattachcredits, count($attachments));
}
if ($swfupload) {
updateswfattach();
}
if ($modnewthreads) {
$db->query("UPDATE {$tablepre}forums SET todayposts=todayposts+1 WHERE fid='{$fid}'", 'UNBUFFERED');
showmessage('post_newthread_mod_succeed', "forumdisplay.php?fid={$fid}");
} else {
$feed = array('icon' => '', 'title_template' => '', 'title_data' => array(), 'body_template' => '', 'body_data' => array(), 'title_data' => array(), 'images' => array());
if ($addfeed && $forum['allowfeed']) {
if ($special == 0) {
$feed['icon'] = 'thread';
$feed['title_template'] = 'feed_thread_title';
$feed['body_template'] = 'feed_thread_message';
$feed['body_data'] = array('subject' => "<a href=\"{$boardurl}viewthread.php?tid={$tid}\">{$subject}</a>", 'message' => cutstr(strip_tags(preg_replace(array("/\\[hide=?\\d*\\].+?\\[\\/hide\\]/is", "/\\[.+?\\]/is"), array('', ''), $message)), 150));
$sqltxtsrch .= $andor;
$sqltxtsrch .= "tr.subject LIKE '%{$text}%'";
}
}
$sqlsrch .= " AND ({$sqltxtsrch})";
}
if ($srchuid) {
$sqlsrch .= " AND tr.sellerid IN ({$srchuid})";
}
if (!empty($srchfrom)) {
$searchfrom = ($before ? '<=' : '>=') . ($timestamp - $srchfrom);
$sqlsrch .= " AND tr.dateline{$searchfrom}";
}
$keywords = str_replace('%', '+', $srchtxt) . (trim($srchuname) ? '+' . str_replace('%', '+', $srchuname) : '');
$expiration = $timestamp + $cachelife_text;
}
$threads = $tids = 0;
$query = $db->query("SELECT tr.tid, tr.pid, t.closed {$sqlsrch} ORDER BY tr.pid DESC LIMIT {$maxsearchresults}");
while ($post = $db->fetch_array($query)) {
if ($thread['closed'] <= 1) {
$tids .= ',' . $post['pid'];
$threads++;
}
}
$db->free_result($query);
$db->query("INSERT INTO {$tablepre}searchindex (keywords, searchstring, useip, uid, dateline, expiration, threads, tids)\r\n\t\t\t\tVALUES ('{$keywords}', '{$searchstring}', '{$onlineip}', '{$discuz_uid}', '{$timestamp}', '{$expiration}', '{$threads}', '{$tids}')");
$searchid = $db->insert_id();
updatecredits($discuz_uid, $creditspolicy['search'], -1);
}
showmessage('search_redirect', "search.php?searchid={$searchid}&srchtype=trade&orderby={$orderby}&ascdesc={$ascdesc}&searchsubmit=yes");
}
}
if (!$outexange) {
$creditsarray[$fromcredits] = -$netamount;
$creditsarray[$tocredits] = $amount;
updatecredits($discuz_uid, $creditsarray);
} else {
if (!array_key_exists($fromcredits, $outextcredits[$tocredits]['creditsrc'])) {
showmessage('extcredits_dataerror', NULL, 'HALTED');
}
list($toappid, $tocredits) = explode('|', $tocredits);
$ucresult = uc_credit_exchange_request($discuz_uid, $fromcredits, $tocredits, $toappid, $amount);
if (!$ucresult) {
showmessage('extcredits_dataerror', NULL, 'HALTED');
}
$creditsarray[$fromcredits] = -$netamount;
updatecredits($discuz_uid, $creditsarray);
$netamount = $amount;
$amount = $tocredits = 0;
}
$db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation)\r\n\t\t\t\t\tVALUES ('{$discuz_uid}', '{$discuz_user}', '{$fromcredits}', '{$tocredits}', '{$netamount}', '{$amount}', '{$timestamp}', 'EXC')");
showmessage('credits_transaction_succeed', '', 1);
}
} else {
showmessage('action_closed', NULL, 'HALTED');
}
} elseif (submitcheck('addfundssubmit')) {
if ($ec_ratio) {
if (!submitcheck('confirm')) {
$price = round($addfundamount / $ec_ratio * 100 / 100, 1);
include template('memcp_credits_action');
} else {
} else {
$sql = "value LIKE '%{$option['value']}%'";
}
$sqlsrch .= $or . "(optionid='{$optionid}' AND {$sql}) ";
$or = 'OR ';
}
}
}
$threads = $tids = 0;
$query = $db->query("SELECT tid, sortid FROM {$tablepre}typeoptionvars WHERE (expiration='0' OR expiration>'{$timestamp}') " . ($sqlsrch ? 'AND ' . $sqlsrch : '') . "");
while ($post = $db->fetch_array($query)) {
if ($post['sortid'] == $selectsortid) {
$tids .= ',' . $post['tid'];
}
}
$db->free_result($query);
if ($fids) {
$query = $db->query("SELECT tid, closed FROM {$tablepre}threads WHERE tid IN ({$tids}) AND fid IN ({$fids}) LIMIT {$maxsearchresults}");
while ($post = $db->fetch_array($query)) {
if ($thread['closed'] <= 1) {
$tids .= ',' . $post['tid'];
$threads++;
}
}
}
$db->query("INSERT INTO {$tablepre}searchindex (keywords, searchstring, useip, uid, dateline, expiration, threads, threadsortid, tids)\r\n\t\t\t\tVALUES ('{$keywords}', '{$searchstring}', '{$onlineip}', '{$discuz_uid}', '{$timestamp}', '{$expiration}', '{$threads}', '{$selectsortid}', '{$tids}')");
$searchid = $db->insert_id();
!($exempt & 2) && updatecredits($discuz_uid, $creditspolicy['search'], -1);
}
showmessage('search_redirect', "search.php?searchid={$searchid}&srchtype=threadsort&sortid={$selectsortid}&searchsubmit=yes");
}
eval("\$cpmsg = \"".$msglang['threads_succeed']."\";");
} elseif($operation == 'stick') {
$db->query("UPDATE {$tablepre}threads SET displayorder='$stick_level' WHERE $tidsadd");
if($globalstick) {
updatecache('globalstick');
}
eval("\$cpmsg = \"".$msglang['threads_succeed']."\";");
} elseif($operation == 'adddigest') {
$query = $db->query("SELECT tid, authorid, digest FROM {$tablepre}threads WHERE $tidsadd");
while($thread = $db->fetch_array($query)) {
updatecredits($thread['authorid'], $creditspolicy['digest'], $digest_level - $thread['digest'], 'digestposts=digestposts-1');
}
$db->query("UPDATE {$tablepre}threads SET digest='$digest_level' WHERE $tidsadd");
eval("\$cpmsg = \"".$msglang['threads_succeed']."\";");
} elseif($operation == 'addstatus') {
$db->query("UPDATE {$tablepre}threads SET closed='$status' WHERE $tidsadd");
eval("\$cpmsg = \"".$msglang['threads_succeed']."\";");
} elseif($operation == 'supe_pushsetting' && $supe['status']) {
$db->query("UPDATE {$tablepre}threads SET supe_pushstatus='$supe_pushstatus' WHERE $tidsadd");
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if ($creditspolicy['promotion_visit']) {
$uidarray = $userarray = array();
$query = $db->query("SELECT * FROM {$tablepre}promotions");
while ($promotion = $db->fetch_array($query)) {
if ($promotion['uid']) {
$uidarray[] = $promotion['uid'];
} elseif ($promotion['username']) {
$userarray[] = addslashes($promotion['username']);
}
}
if ($uidarray || $userarray) {
if ($userarray) {
$query = $db->query("SELECT uid FROM {$tablepre}members WHERE username IN ('" . implode('\',\'', $userarray) . "')");
while ($member = $db->fetch_array($query)) {
$uidarray[] = $member['uid'];
}
}
$countarray = array();
foreach (array_count_values($uidarray) as $uid => $count) {
$countarray[$count][] = $uid;
}
foreach ($countarray as $count => $uids) {
updatecredits(implode('\',\'', $uids), $creditspolicy['promotion_visit'], $count);
}
$db->query("DELETE FROM {$tablepre}promotions");
}
}
function updateswfattach()
{
global $db, $tablepre, $attachsave, $attachdir, $discuz_uid, $postattachcredits, $tid, $pid, $swfattachnew, $swfattachdel, $allowsetattachperm, $maxprice, $updateswfattach, $watermarkstatus;
$imageexists = 0;
$swfattachnew = (array) $swfattachnew;
$query = $db->query("SELECT * FROM {$tablepre}attachments WHERE tid='0' AND pid='0' AND uid='{$discuz_uid}'");
if ($db->num_rows($query) && $updateswfattach) {
$swfattachcount = 0;
$delaids = array();
while ($swfattach = $db->fetch_array($query)) {
if (in_array($swfattach['aid'], $swfattachdel)) {
dunlink($swfattach['attachment'], $swfattach['thumb']);
$delaids[] = $swfattach['aid'];
continue;
}
$extension = strtolower(fileext($swfattach['filename']));
$attach_basename = basename($swfattach['attachment']);
$attach_src = $attachdir . '/' . $swfattach['attachment'];
if ($attachsave) {
switch ($attachsave) {
case 1:
$attach_subdir = 'forumid_' . $GLOBALS['fid'];
break;
case 2:
$attach_subdir = 'ext_' . $extension;
break;
case 3:
$attach_subdir = 'month_' . date('ym');
break;
case 4:
$attach_subdir = 'day_' . date('ymd');
break;
}
$attach_descdir = $attachdir . '/' . $attach_subdir;
$swfattachnew[$swfattach['aid']]['attachment'] = $attach_subdir . '/' . $attach_basename;
} else {
$attach_descdir = $attachdir;
$swfattachnew[$swfattach['aid']]['attachment'] = $attach_basename;
}
$swfattachnew[$swfattach['aid']]['thumb'] = $swfattach['thumb'];
$attach_desc = $attach_descdir . '/' . $attach_basename;
if ($swfattach['isimage'] && $watermarkstatus) {
require_once DISCUZ_ROOT . './include/image.class.php';
$image = new Image($attach_src, $swfattach);
if ($image->imagecreatefromfunc && $image->imagefunc) {
$image->Watermark();
$swfattach = $image->attach;
}
}
if (!is_dir($attach_descdir)) {
@mkdir($attach_descdir, 0777);
@fclose(fopen($attach_descdir . '/index.htm', 'w'));
}
if ($swfattach['thumb'] == 1) {
if (!@rename($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg') && @copy($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg')) {
@unlink($attach_src . '.thumb.jpg');
}
}
if (!@rename($attach_src, $attach_desc) && @copy($attach_src, $attach_desc)) {
@unlink($attach_src);
}
if ($swfattach['isimage']) {
$imageexists = 1;
}
$attachnew = $swfattachnew[$swfattach['aid']];
$attachnew['remote'] = ftpupload($attach_desc, $attachnew);
$attachnew['perm'] = $allowsetattachperm ? $attachnew['perm'] : 0;
$attachnew['description'] = cutstr(dhtmlspecialchars($attachnew['description']), 100);
$attachnew['price'] = $maxprice ? intval($attachnew['price']) <= $maxprice ? intval($attachnew['price']) : $maxprice : 0;
$db->query("UPDATE {$tablepre}attachments SET tid='{$tid}', pid='{$pid}', attachment='{$attachnew['attachment']}', description='{$attachnew['description']}', readperm='{$attachnew['readperm']}', price='{$attachnew['price']}', remote='{$attachnew['remote']}' WHERE aid='{$swfattach['aid']}'");
$swfattachcount++;
}
if ($delaids) {
$db->query("DELETE FROM {$tablepre}attachments WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED');
}
$attachment = $imageexists ? 2 : 1;
if ($swfattachcount) {
$db->query("UPDATE {$tablepre}threads SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED');
$db->query("UPDATE {$tablepre}posts SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED');
updatecredits($discuz_uid, $postattachcredits, $swfattachcount);
}
}
}
if (substr($timestamp, -1) == '0') {
require_once DISCUZ_ROOT . './include/misc.func.php';
updateviews('attachments', 'aid', 'downloads', $logfile);
}
if (@($fp = fopen(DISCUZ_ROOT . $logfile, 'a'))) {
fwrite($fp, "{$aid}\n");
fclose($fp);
} elseif ($adminid == 1) {
showmessage('view_log_invalid');
}
} else {
$db->query("UPDATE {$tablepre}attachments SET downloads=downloads+'1' WHERE aid='{$aid}'", 'UNBUFFERED');
}
}
if (!$isimage) {
updatecredits($discuz_uid, $getattachcredits, -1);
}
ob_end_clean();
//dheader('Cache-control: max-age=31536000');
//dheader('Expires: '.gmdate('D, d M Y H:i:s', $timestamp + 31536000).' GMT');
if ($attach['remote'] && !$ftp['hideurl']) {
dheader('location:' . $ftp['attachurl'] . '/' . $attach['attachment']);
}
$filesize = filesize($filename);
$attach['filename'] = '"' . (strtolower($charset) == 'utf-8' && strexists($_SERVER['HTTP_USER_AGENT'], 'MSIE') ? urlencode($attach['filename']) : $attach['filename']) . '"';
dheader('Date: ' . gmdate('D, d M Y H:i:s', $attach['dateline']) . ' GMT');
dheader('Last-Modified: ' . gmdate('D, d M Y H:i:s', $attach['dateline']) . ' GMT');
dheader('Content-Encoding: none');
if ($isimage && !empty($noupdate)) {
dheader('Content-Disposition: inline; filename=' . $attach['filename']);
} else {
$stickmodify = 0;
foreach ($threadlist as $thread) {
$stickmodify = (in_array($thread['displayorder'], array(2, 3)) || in_array($level, array(2, 3))) && $level != $thread['displayorder'] ? 1 : $stickmodify;
}
if ($globalstick && $stickmodify) {
require_once DISCUZ_ROOT . './include/cache.func.php';
updatecache('globalstick');
}
$modaction = $level ? $expiration ? 'EST' : 'STK' : 'UST';
$db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$moderatetids}) AND action IN ('STK', 'UST', 'EST', 'UES')", 'UNBUTTERED');
} elseif ($operation == 'digest') {
$db->query("UPDATE {$tablepre}threads SET digest='{$level}', moderated='1' WHERE tid IN ({$moderatetids})");
foreach ($threadlist as $thread) {
if ($thread['digest'] != $level) {
$digestpostsadd = $thread['digest'] > 0 && $level == 0 || $thread['digest'] == 0 && $level > 0 ? 'digestposts=digestposts' . ($level == 0 ? '-' : '+') . '1' : '';
updatecredits($thread['authorid'], $digestcredits, $level - $thread['digest'], $digestpostsadd);
}
}
$modaction = $level ? $expiration ? 'EDI' : 'DIG' : 'UDG';
$db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$moderatetids}) AND action IN ('DIG', 'UDI', 'EDI', 'UED')", 'UNBUTTERED');
}
} elseif ($operation == 'close') {
$modaction = empty($close) ? $expiration ? 'EOP' : 'OPN' : ($expiration ? 'ECL' : 'CLS');
$close = $modaction == 'ECL' || $modaction == 'CLS' ? 1 : 0;
$db->query("UPDATE {$tablepre}threads SET closed='{$close}', moderated='1' WHERE tid IN ({$moderatetids})");
$db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$moderatetids}) AND action IN ('CLS','OPN', 'ECL', 'UCL', 'EOP', 'UEO')", 'UNBUTTERED');
} elseif ($operation == 'move') {
$toforum = $db->fetch_first("SELECT fid, name, modnewposts, allowpostspecial FROM {$tablepre}forums WHERE fid='{$moveto}' AND status>0 AND type<>'group'");
if (!$toforum) {
showmessage('admin_move_invalid');
} elseif ($fid == $toforum['fid']) {
if(!submitcheck('paysubmit')) {
include template('pay');
} else {
$updateauthor = true;
if($maxincperthread > 0) {
if(($db->result_first("SELECT SUM(netamount) FROM {$tablepre}paymentlog WHERE tid='$tid'")) > $maxincperthread) {
$updateauthor = false;
}
}
if($updateauthor) {
updatecredits($thread['authorid'], array($creditstransextra[1] => $thread['netprice']));
}
updatecredits($discuz_uid, array($creditstransextra[1] => $thread['price']), -1);
$db->query("INSERT INTO {$tablepre}paymentlog (uid, tid, authorid, dateline, amount, netamount)
VALUES ('$discuz_uid', '$tid', '$thread[authorid]', '$timestamp', '$thread[price]', '$thread[netprice]')");
showmessage('thread_pay_succeed', "viewthread.php?tid=$tid");
}
} elseif($action == 'viewpayments') {
$discuz_action = 82;
$loglist = array();
$query = $db->query("SELECT p.*, m.username FROM {$tablepre}paymentlog p
LEFT JOIN {$tablepre}members m USING (uid)
WHERE tid='$tid' ORDER BY dateline");
$db->query("DELETE FROM {$tablepre}rewardlog WHERE tid='{$tid}'", 'UNBUFFERED');
}
$thread_attachment = $post_attachment = 0;
$query = $db->query("SELECT pid, attachment, thumb, remote FROM {$tablepre}attachments WHERE tid='{$tid}'");
while ($attach = $db->fetch_array($query)) {
if ($attach['pid'] == $pid) {
$post_attachment++;
dunlink($attach['attachment'], $attach['thumb'], $attach['remote']);
} else {
$thread_attachment = 1;
}
}
if ($post_attachment) {
$db->query("DELETE FROM {$tablepre}attachments WHERE pid='{$pid}'", 'UNBUFFEREED');
$db->query("DELETE FROM {$tablepre}attachmentfields WHERE pid='{$pid}'", 'UNBUFFERED');
updatecredits($orig['authorid'], $postattachcredits, -$post_attachment);
}
$db->query("DELETE FROM {$tablepre}posts WHERE pid='{$pid}'");
if ($thread['special'] == 2) {
$db->query("DELETE FROM {$tablepre}trades WHERE pid='{$pid}'");
}
if ($isfirstpost) {
$forumadd = 'threads=threads-\'1\', posts=posts-\'1\'';
$tablearray = array('threadsmod', 'relatedthreads', 'threads', 'debates', 'debateposts', 'polloptions', 'polls', 'typeoptionvars');
foreach ($tablearray as $table) {
$db->query("DELETE FROM {$tablepre}{$table} WHERE tid='{$tid}'", 'UNBUFFERED');
}
if ($globalstick && in_array($thread['displayorder'], array(2, 3))) {
require_once DISCUZ_ROOT . './include/cache.func.php';
updatecache('globalstick');
}
<?php
define('IN_DISCUZ', true);
include_once '../../config.inc.php';
require_once '../../include/global.func.php';
require_once '../../include/db_' . $database . '.class.php';
$uid = $_GET['uid'];
$buyer = $_GET['buyer'];
$price = $_GET['price'];
$amount = $_GET['amount'];
$orderid = $_GET['orderid'];
$submitdate = $_GET['submitdate'];
$db = new dbstuff();
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset);
$db->select_db($dbname);
$settings = array();
$query = $db->query("SELECT * FROM {$tablepre}settings");
while ($setting = $db->fetch_array($query)) {
$settings[$setting['variable']] = $setting['value'];
}
$settings['creditstrans'] = explode(',', $settings['creditstrans']);
$extcredits = $settings['creditstrans'][0];
updatecredits($uid, array($extcredits => $amount));
$timestamp = time();
$db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation)VALUES ({$uid}, '{$buyer}', 0, {$extcredits}, 0, {$amount}, {$timestamp}, 'AFD')");
$db->query("UPDATE {$tablepre}orders SET status = '2', confirmdate = {$timestamp} WHERE orderid = '{$orderid}'");
$discuz_pw = $password;
$discuz_secques = $secques;
$groupid = $groupinfo['groupid'];
$styleid = $styleid ? $styleid : $_DCACHE['settings']['styleid'];
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomtitle = !empty($welcomemsgtitle) ? $welcomemsgtitle : "Welcome to {$bbname}!";
$welcomtitle = addslashes(replacesitevar($welcomtitle));
$welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt));
if ($welcomemsg == 1) {
sendpm($uid, $welcomtitle, $welcomemsgtxt, 0);
} elseif ($welcomemsg == 2) {
sendmail("{$username} <{$email}>", $welcomtitle, $welcomemsgtxt);
}
}
if ($fromuid) {
updatecredits($fromuid, $creditspolicy['promotion_register']);
dsetcookie('promotion', '');
}
if ($taskon && $newbietask && ($task = $db->fetch_first("SELECT * FROM {$tablepre}tasks WHERE taskid='{$newbietask}' AND available='2'"))) {
require_once DISCUZ_ROOT . './include/task.func.php';
$task['newbie'] = 1;
task_apply($task);
} else {
$newbietask = 0;
}
require_once DISCUZ_ROOT . './include/cache.func.php';
$_DCACHE['settings']['totalmembers']++;
updatesettings();
dsetcookie('loginuser', '');
dsetcookie('activationauth', '', -86400 * 365);
if (!empty($inajax)) {
}
}
if ($discuz_uid == $msgto) {
showmessage('pm_send_self_ignore');
}
if (trim($message) === '') {
showmessage('pm_send_empty');
}
include_once './forumdata/cache/cache_bbcodes.php';
foreach ($_DCACHE['smilies']['replacearray'] as $key => $smiley) {
$_DCACHE['smilies']['replacearray'][$key] = '[img]' . $boardurl . 'images/smilies/' . $_DCACHE['smileytypes'][$_DCACHE['smilies']['typearray'][$key]]['directory'] . '/' . $smiley . '[/img]';
}
$message = preg_replace($_DCACHE['smilies']['searcharray'], $_DCACHE['smilies']['replacearray'], $message);
$pmid = uc_pm_send($discuz_uid, $msgto, '', $message, 1, 0, 0);
if ($pmid > 0) {
!($exempt & 1) && updatecredits($discuz_uid, $creditspolicy['sendpm'], -1);
if (empty($sendnew)) {
$pm = uc_pm_viewnode($discuz_uid, 0, $pmid);
$dateline = $pm['dateline'] + $timeoffset * 3600;
$pm['daterange'] = gmdate($dateformat, $dateline);
$pm['daterange'] = $pm['daterange'] != $lastdaterange ? $pm['daterange'] : '';
$pm['dateline'] = gmdate("{$dateformat} {$timeformat}", $dateline);
include template('header_ajax');
include template('pm_node');
include template('footer_ajax');
exit;
} else {
showmessage('pm_send_succeed', '', 1);
exit;
}
} elseif ($pmid == -1) {
case 'UEH':
$db->query("UPDATE {$tablepre}threads SET highlight='0' WHERE tid IN ({$tids})", 'UNBUFFERED');
$db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$tids}) AND action IN ('EHL', 'CCK')", 'UNBUFFERED');
break;
case 'UEC':
case 'UEO':
$closed = $action == 'UEO' ? 1 : 0;
$db->query("UPDATE {$tablepre}threads SET closed='{$closed}' WHERE tid IN ({$tids})", 'UNBUFFERED');
$db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$tids}) AND action IN ('EOP', 'ECL', 'CLK')", 'UNBUFFERED');
break;
case 'UED':
$db->query("UPDATE {$tablepre}threadsmod SET status='0' WHERE tid IN ({$tids}) AND action='EDI'", 'UNBUFFERED');
$digestarray = $authoridarry = array();
$query = $db->query("SELECT authorid, digest FROM {$tablepre}threads WHERE tid IN ({$tids})");
while ($digest = $db->fetch_array($query)) {
$authoridarry[] = $digest['authorid'];
$digestarray[$digest['digest']][] = $digest['authorid'];
}
$db->query("UPDATE {$tablepre}members SET digestposts=digestposts-1 WHERE uid IN (" . implode(',', $authoridarry) . ")", 'UNBUFFERED');
foreach ($digestarray as $digest => $authorids) {
updatecredits(implode('\',\'', $authorids), $creditspolicy['digest'], 0 - $digest);
}
$db->query("UPDATE {$tablepre}threads SET digest='0' WHERE tid IN ({$tids})", 'UNBUFFERED');
break;
}
}
require_once DISCUZ_ROOT . './include/post.func.php';
foreach ($actionarray as $action => $tids) {
updatemodlog(implode(',', $tids), $action, 0, 1);
}
}
} elseif ($operation == 'down') {
if (!$allowbumpthread) {
showmessage('undefined_action');
}
$modaction = 'DWN';
$downtime = $timestamp - 86400 * 730;
$db->query("UPDATE {$tablepre}threads SET lastpost='{$downtime}', moderated='1' WHERE tid IN ({$moderatetids})");
$forum['threadcaches'] && deletethreadcaches($thread['tid']);
} elseif ($operation == 'delete') {
if (!$allowdelpost) {
showmessage('undefined_action');
}
$stickmodify = 0;
foreach ($threadlist as $thread) {
if ($thread['digest']) {
updatecredits($thread['authorid'], $digestcredits, -$thread['digest'], 'digestposts=digestposts-1');
}
if (in_array($thread['displayorder'], array(2, 3))) {
$stickmodify = 1;
}
}
$losslessdel = $losslessdel > 0 ? $timestamp - $losslessdel * 86400 : 0;
//Update members' credits and post counter
$uidarray = $tuidarray = $ruidarray = array();
$query = $db->query("SELECT first, authorid, dateline FROM {$tablepre}posts WHERE tid IN ({$moderatetids})");
while ($post = $db->fetch_array($query)) {
if ($post['dateline'] < $losslessdel) {
$uidarray[] = $post['authorid'];
} else {
if ($post['first']) {
$tuidarray[] = $post['authorid'];
function updateattach()
{
global $db, $tablepre, $attachsave, $attachdir, $discuz_uid, $postattachcredits, $tid, $pid, $attachextensions, $attachnew, $attachdel, $allowsetattachperm, $maxprice, $watermarkstatus;
$imageexists = 0;
$attachnew = (array) $attachnew;
$sqladd = $pid > 0 ? "OR pid='{$pid}'" : '';
$query = $db->query("SELECT * FROM {$tablepre}attachments WHERE (uid='{$discuz_uid}' AND tid='0') {$sqladd}");
$attachnum = $db->num_rows($query);
if ($attachnum) {
if ($attachnum -= count($attachdel)) {
checklowerlimit($postattachcredits, $attachnum);
}
$attachcount = 0;
$delaids = array();
while ($attach = $db->fetch_array($query)) {
if (is_array($attachdel) && in_array($attach['aid'], $attachdel)) {
dunlink($attach['attachment'], $attach['thumb']);
$delaids[] = $attach['aid'];
continue;
}
$extension = strtolower(fileext($attach['filename']));
if ($attachextensions && (!preg_match("/(^|\\s|,)" . preg_quote($extension, '/') . "(\$|\\s|,)/i", $attachextensions) || !$extension)) {
continue;
}
$anew = $attachnew[$attach['aid']];
$anew['aid'] = $attach['aid'];
$anew['ext'] = $extension;
$anew['size'] = $attach['filesize'];
if ($attach['pid'] == 0) {
$attach_basename = basename($attach['attachment']);
$attach_src = $attachdir . '/' . $attach['attachment'];
if ($attachsave) {
switch ($attachsave) {
case 1:
$attach_subdir = 'forumid_' . $GLOBALS['fid'];
break;
case 2:
$attach_subdir = 'ext_' . $extension;
break;
case 3:
$attach_subdir = 'month_' . date('ym');
break;
case 4:
$attach_subdir = 'day_' . date('ymd');
break;
}
$attach_descdir = $attachdir . '/' . $attach_subdir;
$anew['attachment'] = $attach_subdir . '/' . $attach_basename;
} else {
$attach_descdir = $attachdir;
$anew['attachment'] = $attach_basename;
}
$anew['thumb'] = $attach['thumb'];
$attach_desc = $attach_descdir . '/' . $attach_basename;
if ($attach['isimage'] && $watermarkstatus) {
require_once DISCUZ_ROOT . './include/image.class.php';
$image = new Image($attach_src, $attach);
if ($image->imagecreatefromfunc && $image->imagefunc) {
$image->Watermark();
$attach = $image->attach;
$attach['filesize'] = $attach['size'];
}
}
if (!is_dir($attach_descdir)) {
@mkdir($attach_descdir, 0777);
@fclose(fopen($attach_descdir . '/index.htm', 'w'));
}
if ($attach['thumb'] == 1) {
if (!@rename($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg') && @copy($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg')) {
@unlink($attach_src . '.thumb.jpg');
}
}
if (!@rename($attach_src, $attach_desc) && @copy($attach_src, $attach_desc)) {
@unlink($attach_src);
}
$anew['remote'] = ftpupload($attach_desc, $anew);
$attachcount++;
}
if ($attach['isimage']) {
$imageexists = 1;
}
$anew['filesize'] = $attach['filesize'];
$anew['perm'] = $allowsetattachperm ? $anew['perm'] : 0;
$anew['description'] = cutstr(dhtmlspecialchars($anew['description']), 100);
$anew['price'] = $maxprice ? intval($anew['price']) <= $maxprice ? intval($anew['price']) : $maxprice : 0;
$sqladd = $attach['pid'] == 0 ? ", tid='{$tid}', pid='{$pid}', attachment='{$anew['attachment']}', remote='{$anew['remote']}'" : '';
$db->query("UPDATE {$tablepre}attachments SET readperm='{$anew['readperm']}', price='{$anew['price']}', filesize='{$anew['filesize']}' {$sqladd} WHERE aid='{$attach['aid']}'");
if ($anew['description']) {
$db->query("REPLACE INTO {$tablepre}attachmentfields (aid, tid, pid, uid, description) VALUES ('{$attach['aid']}', '{$tid}', '{$pid}', '{$attach['uid']}', '{$anew['description']}')");
}
}
if ($delaids) {
$db->query("DELETE FROM {$tablepre}attachments WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED');
$db->query("DELETE FROM {$tablepre}attachmentfields WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED');
}
$attachment = $imageexists ? 2 : 1;
if ($attachcount) {
$db->query("UPDATE {$tablepre}threads SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED');
$db->query("UPDATE {$tablepre}posts SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED');
updatecredits($discuz_uid, $postattachcredits, $attachcount);
}
}
}
$netcredit = round($tradelog['number'] * $tradelog['basecredit'] * (1 - $creditstax));
updatecredits($tradelog['sellerid'], array($creditstransextra[5] => $netcredit));
} else {
$netcredit = 0;
}
$db->query("UPDATE {$tablepre}trades SET lastbuyer='$tradelog[buyer]', lastupdate='$timestamp', totalitems=totalitems+'$tradelog[number]', tradesum=tradesum+'$tradelog[price]', credittradesum=credittradesum+'$netcredit' WHERE tid='$tradelog[tid]' AND pid='$tradelog[pid]'", 'UNBUFFERED');
$itemsubject = $tradelog['subject'];
sendnotice($tradelog['sellerid'], 'trade_success', 'threads');
sendnotice($tradelog['buyerid'], 'trade_success', 'threads');
} elseif($offlinestatus == STATUS_REFUND_CLOSE) {
$db->query("UPDATE {$tablepre}trades SET amount=amount+'$tradelog[number]' WHERE tid='$tradelog[tid]' AND pid='$tradelog[pid]'", 'UNBUFFERED');
$itemsubject = $tradelog['subject'];
sendnotice($tradelog['sellerid'], 'trade_fefund_success', 'threads');
sendnotice($tradelog['buyerid'], 'trade_fefund_success', 'threads');
if($creditstransextra[5] != -1 && $tradelog['basecredit']) {
updatecredits($tradelog['buyerid'], array($creditstransextra[5] => $tradelog['number'] * $tradelog['basecredit']));
}
}
$message = trim($message);
if($message) {
$message = daddslashes(stripslashes($tradelog['message'])."\t\t\t".$discuz_uid."\t".$discuz_userss."\t".$timestamp."\t".nl2br(strip_tags(substr($message, 0, 200))), 1);
} else {
$message = daddslashes($tradelog['message'], 1);
}
$db->query("UPDATE {$tablepre}tradelog SET status='$offlinestatus', lastupdate='$timestamp', message='$message' WHERE orderid='$orderid'");
showmessage('trade_orderstatus_updated', 'trade.php?orderid='.$orderid);
}
if(submitcheck('tradesubmit')) {
