function auth_update($set, $where)
{
$set = base_protect($set);
$where = base_protect($where);
$flag = updatetable('authmap', $set, $where);
return $flag;
}
function update($uId, $appIds, $appName, $privacy, $allowSideNav, $allowFeed, $allowProfileLink, $version, $displayMethod, $displayOrder = null)
{
global $_SGLOBAL;
switch ($privacy) {
case 'public':
$privacy = 0;
break;
case 'friends':
$privacy = 1;
break;
case 'me':
$privacy = 3;
break;
case 'none':
$privacy = 5;
break;
default:
$privacy = 0;
}
$where = sprintf('uid = %d AND appid IN (%s)', $uId, simplode($appIds));
$setarr = array('appname' => $appName, 'privacy' => $privacy, 'allowsidenav' => $allowSideNav, 'allowfeed' => $allowFeed, 'allowprofilelink' => $allowProfileLink);
if ($displayOrder !== null) {
$setarr['displayorder'] = $displayOrder;
}
updatetable('userapp', $setarr, $where);
$result = $_SGLOBAL['db']->affected_rows();
$displayMethod = $displayMethod == 'iframe' ? 1 : 0;
if (is_array($appIds)) {
foreach ($appIds as $appId) {
$this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, null);
}
}
return new APIResponse($result);
}
function setActionLink($uId, $appId, $actionMarkup)
{
global $_SGLOBAL;
$fields = array('profilelink' => $actionMarkup);
$where = array('uid' => $uId, 'appid' => $appId);
updatetable('userappfield', $fields, $where);
$result = $_SGLOBAL['db']->affected_rows();
return new APIResponse($result);
}
function update($appId, $appName, $version, $displayMethod, $displayOrder = null)
{
$fields = array('appname' => $appName);
$where = array('appid' => $appId);
$result = updatetable('userapp', $fields, $where);
$displayMethod = $displayMethod == 'iframe' ? 1 : 0;
$this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, $displayOrder);
return new APIResponse($result);
}
/**
* 编辑指定ID信息
*
* @param unknown_type $eid
* @return unknown
*/
function edit($eid, $dataarray)
{
if (is_array($dataarray) && !empty($eid)) {
//更新数据库操作
$wheresqlarr = " " . $this->idname . "='{$eid}'";
updatetable($this->table, $dataarray, $wheresqlarr);
return "OK";
}
return lang('Array_format_error');
}
public function update($appId, $appName, $version, $displayMethod, $displayOrder = null)
{
$db_prefix = getDbPrefix();
global $_SGLOBAL;
$fields = array('appname' => $appName);
$where = array('appid' => $appId);
$result = updatetable('myop_myapp', $fields, $where);
$result = updatetable('myop_userapp', $fields, $where) || $result;
$displayMethod = $displayMethod == 'iframe' ? 1 : 0;
$this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, $displayOrder);
return new APIResponse($result);
}
function update($appId, $appName, $version, $displayMethod, $displayOrder = null) {
global $_SGLOBAL;
$fields = array('appname' => $appName);
$where = array('appid' => $appId);
updatetable('myapp', $fields, $where);
updatetable('userapp', $fields, $where);
$result = $_SGLOBAL['db']->affected_rows();
$displayMethod = ($displayMethod == 'iframe') ? 1 : 0;
$this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, $displayOrder);
return new APIResponse($result);
}
function update_doing($db_uch, $uid, $uname, $msg)
{
$mtime = explode(' ', microtime());
$doingarr = array("uid" => $uid, "username" => $uname, "dateline" => $mtime[1], "message" => $msg, "ip" => "IM");
inserttable($db_uch, "doing", $doingarr, 1);
updatetable($db_uch, "spacefield", array("note" => $uname), array("uid" => $uid));
$feedarr = array("appid" => 1, "icon" => "doing", "uid" => $uid, "username" => $uname, "dateline" => $mtime[1], "title_template" => "{actor}:{message}", "body_template" => "", "body_general" => "", "image_1" => "", "image_1_link" => "", "image_2" => "", "image_2_link" => "", "image_3" => "", "image_3_link" => "", "image_4" => "", "image_4_link" => "", "target_ids" => "", "friend" => "");
$feedarr = sstripslashes($feedarr);
$feedarr['title_data'] = serialize(sstripslashes(array("message" => $msg)));
$feedarr['body_data'] = serialize(sstripslashes(array()));
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
$feedarr = sstripslashes($feedarr);
inserttable($db_uch, "feed", $feedarr);
}
function auth($uId, $picData, $picExt = 'jpg', $isReward = false)
{
global $_SGLOBAL;
$pic = base64_decode($picData);
if (!$pic || strlen($pic) == strlen($picData)) {
$errCode = '200';
$errMessage = 'Error argument';
return new APIErrorResponse($errCode, $errMessage);
}
$secret = md5($_SGLOBAL['timestamp'] . "\t" . $_SGLOBAL['supe_uid']);
$picDir = S_ROOT . './data/avatar/' . substr($secret, 0, 1);
if (!is_dir($picDir)) {
if (!mkdir($picDir, 0777)) {
$errCode = '300';
$errMessage = 'Cannot create directory';
return new APIErrorResponse($errCode, $errMessage);
}
}
$picDir .= '/' . substr($secret, 1, 1);
if (!is_dir($picDir)) {
if (!@mkdir($picDir, 0777)) {
$errCode = '300';
$errMessage = 'Cannot create directory';
return new APIErrorResponse($errCode, $errMessage);
}
}
$picPath = $picDir . '/' . $secret . '.' . $picExt;
$fp = @fopen($picPath, 'wb');
if ($fp) {
if (fwrite($fp, $pic) !== FALSE) {
fclose($fp);
//The main table
updatetable('space', array('videostatus' => 1), array('uid' => $uId));
//Attached table
$fields = array('videopic' => $secret);
updatetable('spacefield', $fields, array('uid' => $uId));
$result = $_SGLOBAL['db']->affected_rows();
if ($isReward) {
// Bonus Points
getreward('videophoto', 1, $uId, '', 0);
}
return new APIResponse($result);
}
}
$errCode = '300';
$errMessage = 'Video Auth Error';
return new APIErrorResponse($errCode, $errMessage);
}
function insertsession($setarr)
{
global $_SGLOBAL, $_SCONFIG;
$_SCONFIG['onlinehold'] = intval($_SCONFIG['onlinehold']);
if ($_SCONFIG['onlinehold'] < 300) {
$_SCONFIG['onlinehold'] = 300;
}
$_SGLOBAL['db']->query("DELETE FROM " . tname('session') . " WHERE uid='{$setarr['uid']}' OR lastactivity<'" . ($_SGLOBAL['timestamp'] - $_SCONFIG['onlinehold']) . "'");
//添加在线
$ip = getonlineip(1);
$setarr['lastactivity'] = $_SGLOBAL['timestamp'];
$setarr['ip'] = $ip;
inserttable('session', $setarr, 0, true, 1);
//更新用户
updatetable('space', array('lastlogin' => $_SGLOBAL['timestamp'], 'ip' => $ip), array('uid' => $setarr['uid']), 1);
}
function update($appId, $appName, $version, $displayMethod, $displayOrder = null)
{
global $_SGLOBAL;
$result = true;
$sql = "SELECT appname FROM " . tname('myapp') . " WHERE appid = {$appId}";
$query = $_SGLOBAL['db']->query($sql);
$row = $_SGLOBAL['db']->fetch_array($query);
if ($row['appname'] != $appName) {
$fields = array('appname' => $appName);
$where = array('appid' => $appId);
updatetable('myapp', $fields, $where);
updatetable('userapp', $fields, $where);
$result = $_SGLOBAL['db']->affected_rows();
}
$displayMethod = $displayMethod == 'iframe' ? 1 : 0;
$this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, $displayOrder);
return new APIResponse($result);
}
/**
@param (忘记密码)通过地址栏用户名和新密码登陆
@param return null
*/
function find_pwd()
{
global $_MooClass, $dbTablePre, $userid, $_MooCookie;
// if($userid){
// return;
// }
$uid = MooGetGPC('uid', 'string', G);
$pwd = MooGetGPC('upwd', 'string', G);
/* echo md5($uid).'<br>';
echo md5($pwd);
print_r($_COOKIE);
exit;
*/
if ($_MooCookie['findpwd'] == md5($pwd) && md5($uid) == $_MooCookie['finduser']) {
$newpwd = md5(base64_decode($pwd));
//note 修改密码
//$_MooClass['MooMySQL']->query("update {$dbTablePre}members set password = '******' where uid = '{$uid}'");
//if(MOOPHP_ALLOW_FASTDB){
// MooFastdbUpdate('members','uid',$uid);
// }
MooSetCookie('auth', MooAuthCode("{$uid}\t{$newpwd}", 'ENCODE'), 86400);
//note 写入session表需要的字段值
$online_ip = GetIP();
$lastactive = $GLOBALS['timestamp'];
//$uid = $user['uid'];
//note 更新用户的最近登录ip和最近登录时间
$updatesqlarr = array('lastip' => $online_ip, 'lastvisit' => $lastactive, 'password' => $newpwd);
$wheresqlarr = array('uid' => $uid);
updatetable("members_search", $updatesqlarr, $wheresqlarr);
if (MOOPHP_ALLOW_FASTDB) {
$val = array();
$val['lastip'] = $online_ip;
$val['lastvisit'] = $lastactive;
$val['password'] = $newpwd;
MooFastdbUpdate('members_search', 'uid', $uid, $val);
//!!
}
//note 先删除表里面已存在对应用户的session
//$_MooClass['MooMySQL']->query("DELETE FROM `{$dbTablePre}membersession` WHERE `uid` ='$uid'");
//$_MooClass['MooMySQL']->query("REPLACE INTO `{$dbTablePre}membersession` SET `username`= '$user[username]',`password`='$user[password]',`ip` = '$online_ip',`lastactive` = '$lastactive',`uid` = '$uid'");
return 1;
}
return 0;
}
function wz_checkauth($wxid, $token, $mid, $op_wxid)
{
global $_SGLOBAL;
if ($_COOKIE['site_auth']) {
@(list($password, $token_id) = explode(" ", authcode($_COOKIE['site_auth'], 'DECODE')));
$_SGLOBAL['supe_token_id'] = intval($token_id);
if ($password && $_SGLOBAL['supe_token_id']) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("wz_session") . " WHERE token_id=" . $_SGLOBAL['supe_token_id']);
if ($session = $_SGLOBAL['db']->fetch_array($query)) {
if ($session['password'] == $password) {
$token_mid = $_SGLOBAL['db']->getone('select mid from ' . tname('wz_token') . ' where id=' . $_SGLOBAL['supe_token_id']);
$token_op_wxid = $_SGLOBAL['db']->getone('select op_wxid from ' . tname('wz_token') . ' where id=' . $_SGLOBAL['supe_token_id']);
if ($token_mid == $mid && $token_op_wxid == $op_wxid) {
updatetable(tname('wz_token'), array('state' => 1), array('wxid' => $session['wxid'], 'mid' => $mid, 'op_wxid' => $op_wxid));
$_SGLOBAL['supe_wxid'] = addslashes($session['wxid']);
wz_insertsession($session);
//更新session
return $_SGLOBAL['supe_token_id'];
}
}
}
}
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("wz_token") . " WHERE wxid='" . $wxid . "' and mid=" . $mid . " and op_wxid=" . $op_wxid . " and state=0");
if ($wz = $_SGLOBAL['db']->fetch_array($query)) {
if ($wz['token'] == $token) {
updatetable(tname('wz_token'), array('state' => 1), array('wxid' => $wxid, 'mid' => $mid, 'op_wxid' => $op_wxid));
$_SGLOBAL['supe_wxid'] = addslashes($wz['wxid']);
$session = array('token_id' => $wz['id'], 'wxid' => $_SGLOBAL['supe_wxid'], 'password' => $token);
wz_insertsession($session);
//登录
$cookietime = 3600;
//3600 * 24 * 15;
//设置cookie
ssetcookie('site_auth', authcode($session["password"] . ' ' . $session["token_id"], 'ENCODE'), $cookietime);
$_SGLOBAL['supe_token_id'] = $session['token_id'];
return $_SGLOBAL['supe_token_id'];
}
}
obclean();
ssetcookie('site_auth', '', -86400 * 365);
return 0;
}
function space_friend_stat($start, $perpage)
{
global $_SGLOBAL;
$next = false;
$query = $_SGLOBAL['db']->query("SELECT uid, friend FROM " . tname('spacefield') . " LIMIT {$start},{$perpage}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$next = true;
$fuids = array();
$subquery = $_SGLOBAL['db']->query("SELECT fuid FROM " . tname('friend') . " WHERE uid='{$value['uid']}' AND status='1'");
while ($subvalue = $_SGLOBAL['db']->fetch_array($subquery)) {
$fuids[$subvalue['fuid']] = $subvalue['fuid'];
}
$fuidstr = implode(',', $fuids);
if ($fuidstr != $value['friend']) {
updatetable('spacefield', array('friend' => $fuidstr), array('uid' => $value['uid']));
}
}
return $next;
}
function refreshApplication($appId, $appName, $version, $displayMethod, $narrow, $flag, $displayOrder)
{
global $_SGLOBAL;
$fields = array();
if ($appName !== null && strlen($appName) > 1) {
$fields['appname'] = $appName;
}
if ($version !== null) {
$fields['version'] = $version;
}
if ($displayMethod !== null) {
// todo: remove
$fields['displaymethod'] = $displayMethod;
}
if ($narrow !== null) {
$fields['narrow'] = $narrow;
}
if ($flag !== null) {
$fields['flag'] = $flag;
}
if ($displayOrder !== null) {
$fields['displayorder'] = $displayOrder;
}
$sql = sprintf('SELECT * FROM %s WHERE appid = %d', tname('myapp'), $appId);
$query = $_SGLOBAL['db']->query($sql);
if ($application = $_SGLOBAL['db']->fetch_array($query)) {
$where = sprintf('appid = %d', $appId);
updatetable('myapp', $fields, $where);
} else {
$fields['appid'] = $appId;
$result = inserttable('myapp', $fields, 1);
}
//update cache
include_once S_ROOT . './source/function_cache.php';
userapp_cache();
}
function topic_join($topicid, $uid, $username) {
global $_SGLOBAL;
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('topicuser')." WHERE uid='$uid' AND topicid='$topicid'");
if($value = $_SGLOBAL['db']->fetch_array($query)) {
updatetable('topicuser', array('dateline'=>$_SGLOBAL['timestamp']), array('id'=>$value['id']));
} else {
$_SGLOBAL['db']->query("UPDATE ".tname('topic')." SET joinnum=joinnum+1, lastpost='$_SGLOBAL[timestamp]' WHERE topicid='$topicid'");
$setarr = array(
'uid' => $uid,
'topicid' => $topicid,
'username' => $username,
'dateline' => $_SGLOBAL['timestamp']
);
inserttable('topicuser', $setarr);
}
}
updatetable('space', $space, array('uid' => $newuid));
if ($bp['birthday']) {
$birth_year = intval(substr($bp['birthday'], 0, 4));
$birth_month = intval(substr($bp['birthday'], 4, 2));
$birth_day = intval(substr($bp['birthday'], 6, 2));
$birthday_info = array('birthyear' => $birth_year, 'birthmonth' => $birth_month, 'birthday' => $birth_day);
updatetable('spacefield', $birthday_info, array('uid' => $newuid));
$_SGLOBAL['db']->query("INSERT INTO " . tname('spaceinfo') . " (type,subtype,uid,friend) VALUES ('base','birth'," . $newuid . ",1)");
}
if ($bp['unit']) {
$workinfo = array('uid' => $newuid, 'type' => 'work', 'title' => $bp['unit']);
inserttable('spaceinfo', $workinfo, 1);
}
if ($bp['academy'] && $bp['class'] && $bp['startyear']) {
$eduinfo = array('uid' => $newuid, 'type' => 'edu', 'title' => '北京航空航天大学', 'subtitle' => $bp['academy'] . $bp['startyear'] . '级' . $bp['class'] . '班', 'startyear' => $bp['startyear']);
$tagname = $bp['startyear'] . '年' . $bp['class'] . '班';
auto_join($newuid, $tagname, $_SGLOBAL['db']);
inserttable('spaceinfo', $eduinfo, 1);
}
//更新手机验证表记录
$_SGLOBAL['db']->query("UPDATE " . tname('mobilereg') . " SET status=1 WHERE mobile = '{$mobile}' and verifycode = '{$verifycode}'");
//设置隐私
$_SGLOBAL['db']->query("INSERT INTO " . tname('spaceinfo') . " (type,subtype,uid,friend) VALUES ('contact','mobile'," . $newuid . ",1)");
//更新用户手机绑定字段
updatetable('spacefield', array('mobile' => $mobile, 'mobiletask' => 1), array('uid' => $newuid));
//变更记录--用户登录时间
if ($_SCONFIG['my_status']) {
inserttable('userlog', array('uid' => $newuid, 'action' => 'add', 'dateline' => $_SGLOBAL['timestamp']), 0, true);
}
showmessage('registered', 'space.php?do=home', 1);
}
$ucsynlogin = uc_user_synlogin($setarr['uid']);
//好友邀请
if ($invitearr) {
//成为好友
include_once S_ROOT . './source/function_cp.php';
invite_update($invitearr['id'], $setarr['uid'], $setarr['username'], $invitearr['uid'], $invitearr['username'], $app);
}
//判断用户是否设置了头像
$setarr = array();
$avatar_exists = ckavatar($space['uid']);
if ($avatar_exists) {
if (!$space['avatar']) {
$setarr['avatar'] = 1;
$setarr['updatetime'] = $_SGLOBAL['timestamp'];
}
} else {
if ($space['avatar']) {
$setarr['avatar'] = 0;
}
}
if ($setarr) {
updatetable('space', $setarr, array('uid' => $space['uid']));
}
if (empty($_POST['refer'])) {
$_POST['refer'] = 'space.php?do=home';
}
showmessage('login_success', $app ? "userapp.php?id={$app}" : $_POST['refer'], 1, array($ucsynlogin));
}
$membername = empty($_SCOOKIE['loginuser']) ? '' : sstripslashes($_SCOOKIE['loginuser']);
$cookiecheck = ' checked';
include template('do_login');
<?php
if (!defined('iBUAA')) {
exit('Access Denied');
}
//idtype到含有magiccolor字段的表映射
$mapping = array('blogid' => 'blogfield', 'tid' => 'thread');
if (!isset($mapping[$idtype])) {
showmessage('magicuse_bad_object');
}
magic_check_idtype($id, $idtype);
//彩色灯
if (submitcheck("usesubmit")) {
//颜色代号
$tablename = $mapping[$idtype];
$_POST['color'] = intval($_POST['color']);
updatetable($tablename, array('magiccolor' => $_POST['color']), array($idtype => $id, 'uid' => $_SGLOBAL['supe_uid']));
//feed也加上颜色
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('feed') . " WHERE id='{$id}' AND idtype='{$idtype}' AND uid='{$_SGLOBAL['supe_uid']}'");
$feed = $_SGLOBAL['db']->fetch_array($query);
if ($feed) {
$feed['body_data'] = unserialize($feed['body_data']);
$feed['body_data'] = is_array($feed['body_data']) ? $feed['body_data'] : array();
$feed['body_data']['magic_color'] = $_POST['color'];
$feed['body_data'] = serialize($feed['body_data']);
updatetable('feed', array('body_data' => $feed['body_data']), array('feedid' => $feed['feedid']));
}
magic_use($mid, array('id' => $id, 'idtype' => $idtype), true);
showmessage('magicuse_success', $_POST['refer'], 0);
}
$id = intval($_GET['id']);
$uid = $id ? getcount('blog', array('blogid' => $id), 'uid') : 0;
showmessage('do_success', "space.php?uid={$uid}&do=blog&id={$id}", 0);
} elseif ($_GET['op'] == 'edithot') {
//权限
if (!checkperm('manageblog')) {
showmessage('no_privilege');
}
if (submitcheck('hotsubmit')) {
$_POST['hot'] = intval($_POST['hot']);
updatetable('blog', array('hot' => $_POST['hot']), array('blogid' => $blog['blogid']));
if ($_POST['hot'] > 0) {
include_once S_ROOT . './source/function_feed.php';
feed_publish($blog['blogid'], 'blogid');
} else {
updatetable('feed', array('hot' => $_POST['hot']), array('id' => $blog['blogid'], 'idtype' => 'blogid'));
}
showmessage('do_success', "space.php?uid={$blog['uid']}&do=blog&id={$blog['blogid']}", 0);
}
} else {
//添加编辑
//获取个人分类
$classarr = $blog['uid'] ? getclassarr($blog['uid']) : getclassarr($_SGLOBAL['supe_uid']);
//获取相册
$albums = getalbums($_SGLOBAL['supe_uid']);
$tags = empty($blog['tag']) ? array() : unserialize($blog['tag']);
$blog['tag'] = implode(' ', $tags);
$blog['target_names'] = '';
$friendarr = array($blog['friend'] => ' selected');
$passwordstyle = $selectgroupstyle = 'display:none';
if ($blog['friend'] == 4) {
$f_index = 'USE INDEX(dateline)';
$actives = array('we' => ' class="active"');
}
//类型
if ($_GET['type']) {
$sub_actives = array('type_' . $_GET['type'] => ' class="active"');
$wheresql .= " AND type='{$_GET['type']}'";
} else {
$sub_actives = array('type_all' => ' class="active"');
}
$list = array();
$sid = empty($_GET['sid']) ? 0 : intval($_GET['sid']);
$sharesql = $sid ? "sid='{$sid}' AND" : '';
$count = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('share') . " WHERE {$sharesql} {$wheresql}"), 0);
//update statistics
if (empty($sharesql) && $wheresql == "uid='{$space['uid']}'" && $space['sharenum'] != $count) {
updatetable('space', array('sharenum' => $count), array('uid' => $space['uid']));
}
if ($count) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('share') . " {$f_index}\r\n\t\t\tWHERE {$sharesql} {$wheresql}\r\n\t\t\tORDER BY dateline DESC\r\n\t\t\tLIMIT {$start},{$perpage}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value['uid'], $value['username']);
$value = mkshare($value);
$list[] = $value;
}
}
// pagination
$multi = multi($count, $perpage, $page, $theurl . "&type={$_GET['type']}");
realname_get();
include_once template("space_share_list");
}
function mtag_out($mtag, $uids) {
global $_SGLOBAL;
$_SGLOBAL['db']->query("DELETE FROM ".tname('tagspace')." WHERE tagid='$mtag[tagid]' AND uid IN (".simplode($uids).")");
//更新成员数
$count = getcount('tagspace', array('tagid'=>$mtag['tagid']));
if($count > 0) {
updatetable('mtag', array('membernum'=>$count), array('tagid'=>$mtag['tagid']));
} else {
$_SGLOBAL['db']->query("DELETE FROM ".tname('tagspace')." WHERE tagid='$mtag[tagid]'");
$_SGLOBAL['db']->query("DELETE FROM ".tname('mtag')." WHERE tagid='$mtag[tagid]'");
$_SGLOBAL['db']->query("DELETE FROM ".tname('thread')." WHERE tagid='$mtag[tagid]'");
$_SGLOBAL['db']->query("DELETE FROM ".tname('post')." WHERE tagid='$mtag[tagid]'");
$_SGLOBAL['db']->query("DELETE FROM ".tname('mtaginvite')." WHERE tagid='$mtag[tagid]'");
//删除举报
$_SGLOBAL['db']->query("DELETE FROM ".tname('report')." WHERE id='$mtag[tagid]' AND idtype='tagid'");
}
}
}
$setsqlarr['jobname'] = trim($_POST['jobname']) ? trim($_POST['jobname']) : adminmsg('您没有填写职位名称!', 1);
$setsqlarr['amount'] = intval($_POST['amount']);
$setsqlarr['comname'] = trim($_POST['comname']) ? trim($_POST['comname']) : adminmsg('您没有填写单位名称!', 1);
$setsqlarr['contact'] = trim($_POST['contact']) ? trim($_POST['contact']) : adminmsg('您没有填写联系人!', 1);
$setsqlarr['tel'] = trim($_POST['tel']) ? trim($_POST['tel']) : adminmsg('您没有填写联系电话!', 1);
$setsqlarr['district'] = intval($_POST['district']) ? intval($_POST['district']) : adminmsg("您没有选择地区");
$setsqlarr['sdistrict'] = intval($_POST['sdistrict']) ? intval($_POST['sdistrict']) : adminmsg("您没有选择地区");
$district_cn = explode("/", trim($_POST['district_cn']));
$setsqlarr['district_cn'] = $district_cn[0];
$setsqlarr['sdistrict_cn'] = $district_cn[1];
$setsqlarr['detailed'] = trim($_POST['detailed']);
$setsqlarr['refreshtime'] = time();
$days = intval($_POST['days']);
if ($days > 0) {
$time = $_POST['olddeadline'] > time() ? $_POST['olddeadline'] : time();
$setsqlarr['deadline'] = strtotime("{$days} day", $time);
}
require_once QISHI_ROOT_PATH . 'include/splitword.class.php';
$sp = new SPWord();
$setsqlarr['key'] = $setsqlarr['jobname'] . $setsqlarr['comname'] . $setsqlarr['address'] . $setsqlarr['detailed'];
$setsqlarr['key'] = "{$setsqlarr['jobname']} {$setsqlarr['comname']} " . $sp->extracttag($setsqlarr['key']);
$setsqlarr['key'] = $sp->pad($setsqlarr['key']);
if (updatetable(table('simple'), $setsqlarr, " id='{$id}' ")) {
$link[0]['text'] = "返回列表";
$link[0]['href'] = '?act=list';
adminmsg("修改成功!", 2, $link);
} else {
adminmsg("修改失败!", 0);
}
}
}
if (submitcheck('setsubmit')) {
include_once S_ROOT . './source/function_cache.php';
cache_write('convert', "set", $_POST['set']);
show_msg('数据库保存完成', $turl . '?step=300');
} elseif (submitcheck('opensubmit')) {
$uid = getcount('member', array('username' => $_POST['username']), 'uid');
if (!$uid) {
show_msg('指定的用户名不存在,请谨慎填写管理员用户名', 'convert.php?step=18');
}
//写log
if (@($fp = fopen($lockfile, 'w'))) {
fwrite($fp, 'UCenter Home');
fclose($fp);
}
updatetable('space', array('groupid' => 1), array('uid' => $uid));
show_msg('设置管理员成功,数据转换全部完成!<br>
<font color=blue>请立即删除本转换文件!</font><br>
<a href="space.php">登录全新的 UCenter Home 吧</a><br>
登录后,推荐你进行一下操作:<br>
进入 管理平台 => 统计更新 页面,对各项统计数据进行一下重新统计。');
}
//处理开始
if (empty($_GET['step'])) {
//开始
$_GET['step'] = 0;
show_msg("<span style=\"font-size:14px;\">本程序会将X-Space 3.x/4.x系列转换到 UCenter Home。</span><br><br>\r\n\t\t<strong>数据转换说明,请务必阅读</strong><br>\r\n\t\t由于UCenter Home与SupeSite/X-Space功能的不同,本转换程序,只会进行以下数据信息的转换,其他数据不做转换,请认真了解:<br><br>\r\n\t\t<table width=\"100%\" class=\"datatable\">\r\n\t\t<tr style=\"font-weight:bold;\"><td width=\"100\">X-Space</td><td width=\"100\">UCenter Home</td><td>备注</td></tr>\r\n\t\t<tr><td>用户空间数据</td><td>用户空间数据</td><td>包括空间查看数、创建时间、积分、附件使用大小、居住城市</td></tr>\r\n\t\t<tr><td>日志</td><td>日志</td></td><td>其中,日志中的自定义字段不能转换</td></tr>\r\n\t\t<tr><td>图片主题</td><td>日志</td><td>图片主题中的图片、介绍等构成这篇日志的内容。同时,图片全部转换到用户的默认相册里面</td></tr>\r\n\t\t<tr><td>文件</td><td>日志</td><td>文件的介绍、下载地址等构成这篇日志的内容</td></tr>\r\n\t\t<tr><td>商品</td><td>日志</td><td>商品价格、数量、介绍等构成这篇日志的内容</td></tr>\r\n\t\t<tr><td>视频</td><td>日志</td><td>视频的播放器、视频介绍等构成这篇日志的内容</td></tr>\r\n\t\t<tr><td>书签</td><td>日志</td><td>书签的链接、书签的介绍等沟通这篇日志的内容</td></tr>\r\n\t\t<tr><td>好友</td><td>好友</td><td>好友转换后为申请好友状态,需要对方批准一下</td></tr>\r\n\t\t<tr><td>留言</td><td>留言</td><td>其中,悄悄话变为公开的</td></tr>\r\n\t\t<tr><td>日志分类</td><td>日志分类</td></td><td> </td></tr>\r\n\t\t<tr><td>评论</td><td>评论</td></td><td> </td></tr>\r\n\t\t</table>\r\n\t\t<br>\r\n\t\t<strong>不做转换的数据</strong>:<br>\r\n\t\tSupeSite/X-Space中的广告、公告、系统分类、频道、模型、模块、收藏、友情链接、投票、资讯、采集器、专题、用户风格、脚印等数据不会做转换。\r\n\t\t<br><br>\r\n\t\t\r\n\t\t根据您的站点规模,转换数据可能需要数分钟,甚至几小时的时间<br>在此期间,请关闭X-Space站点,禁止访问,并耐心等候!<br><br>\r\n\t\t<a href=\"{$turl}?step=100\">我已经认真阅读以上规则,开始数据转换操作</a>");
} elseif ($_GET['step'] == 1) {
$next = false;
$query = $_SGLOBAL['db']->query("SELECT * FROM {$tpre}userspaces LIMIT {$start},{$perpage}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
}
stat_write_static_cache($cache_file_path, $catarr);
function stat_write_static_cache($cache_file_path, $config_arr)
{
$content = "<?php\r\n";
$content .= "\$data = " . var_export($config_arr, true) . ";\r\n";
$content .= "?>";
file_put_contents($cache_file_path, $content, LOCK_EX);
}
//更新任务时间表
if ($crons['weekday'] >= 0) {
$weekday = array('Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday');
$nextrun = strtotime("Next " . $weekday[$crons['weekday']]);
} elseif ($crons['day'] > 0) {
$nextrun = strtotime('+1 months');
$nextrun = mktime(0, 0, 0, date("m", $nextrun), $crons['day'], date("Y", $nextrun));
} else {
$nextrun = time();
}
if ($crons['hour'] >= 0) {
$nextrun = strtotime('+1 days', $nextrun);
$nextrun = mktime($crons['hour'], 0, 0, date("m", $nextrun), date("d", $nextrun), date("Y", $nextrun));
}
if (intval($crons['minute']) > 0) {
$nextrun = strtotime('+1 hours', $nextrun);
$nextrun = mktime(date("H", $nextrun), $crons['minute'], 0, date("m", $nextrun), date("d", $nextrun), date("Y", $nextrun));
}
$setsqlarr['nextrun'] = $nextrun;
$setsqlarr['lastrun'] = time();
updatetable(table('crons'), $setsqlarr, " cronid ='" . intval($crons['cronid']) . "'");
$_SGLOBAL['space_theme'] = $_SGLOBAL['space_css'] = '';
}
}
//ᅲ○ᄑ애ᅪ테ᅡᄐ
if (!$space['self'] && $_SGLOBAL['supe_uid']) {
$query = $_SGLOBAL['db']->query("SELECT dateline FROM " . tname('visitor') . " WHERE uid='{$space['uid']}' AND vuid='{$_SGLOBAL['supe_uid']}'");
$visitor = $_SGLOBAL['db']->fetch_array($query);
$is_anonymous = empty($_SCOOKIE['anonymous_visit_' . $_SGLOBAL['supe_uid'] . '_' . $space['uid']]) ? 0 : 1;
if (empty($visitor['dateline'])) {
$setarr = array('uid' => $space['uid'], 'vuid' => $_SGLOBAL['supe_uid'], 'vusername' => $is_anonymous ? '' : $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp']);
inserttable('visitor', $setarr, 0, true);
show_credit();
//ᄒᄎ틔ᅤᅤᅢ
} else {
if ($_SGLOBAL['timestamp'] - $visitor['dateline'] >= 300) {
updatetable('visitor', array('dateline' => $_SGLOBAL['timestamp'], 'vusername' => $is_anonymous ? '' : $_SGLOBAL['supe_username']), array('uid' => $space['uid'], 'vuid' => $_SGLOBAL['supe_uid']));
}
if ($_SGLOBAL['timestamp'] - $visitor['dateline'] >= 3600) {
show_credit();
//1겨ᄆᄎᄒᄎ틔ᅤᅤᅢ
}
}
//ᄑᄆ애ᅪ
getreward('visit', 1, 0, $space['uid']);
}
//ᄎ↓ᄚᄉᄒ
$space['magiccredit'] = 0;
if ($_SGLOBAL['magic']['gift'] && $_SGLOBAL['supe_uid']) {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('magicuselog') . " WHERE uid='{$space['uid']}' AND mid='gift' LIMIT 1");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
$data = empty($value['data']) ? array() : unserialize($value['data']);
function IHomeServiceVoteComplainOperation($params = NULL)
{
global $_SGLOBAL;
if ($params['uid']) {
if ($params['uid'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter uid must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select username,name from " . tname('space') . " where uid = " . $params['uid']);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
if ($row['name']) {
$params['uname'] = $row['name'];
} else {
$params['uname'] = $row['username'];
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the uid is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter uid is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if ($params['complainId']) {
if ($params['complainId'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter complainId must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select uname from " . tname('complain') . " where doid = " . $params['complainId']);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
if (isblacklist($row['uid'])) {
$errorMsg = array("errorNo" => "500", "content" => "the user of complain is in blacklist.");
return json_encode($errorMsg);
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the complain id is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter complainId is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if ($params['reply_id']) {
if ($params['reply_id'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter reply_id must be a positive integer.");
return json_encode($errorMsg);
} else {
$query = $_SGLOBAL['db']->query("select * from " . tname('complain_op') . " where id = " . $params['reply_id']);
if (!($row = $_SGLOBAL['db']->fetch_array($query))) {
$errorMsg = array("errorNo" => "4001", "content" => "the reply_id isn't exist.");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter reply_id is not exist or is not a positive integer.");
return json_encode($errorMsg);
}
if (!$params['vote']) {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter vote is not exist.");
return json_encode($errorMsg);
} else {
if ($params['vote'] != 'up' & $params['vote'] != 'down') {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter vote is our of range.");
return json_encode($errorMsg);
}
}
# check over
$query = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where doid=" . $params['complainId']);
$complain = $_SGLOBAL['db']->fetch_array($query);
# checked
if ($params['vote'] == 'up') {
$query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']);
$updown = $_SGLOBAL['db']->fetch_array($query);
if (!empty($updown)) {
if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 2) {
$errorMsg = array("errorNo" => "403", "content" => "updown again");
return json_encode($errorMsg);
}
$_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 1");
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum-1 where id=" . $params['reply_id']);
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum-1,updownnum=updownnum-1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
} else {
$downarr = array();
$downarr['opid'] = $params['reply_id'];
$downarr['uid'] = $params['uid'];
$downarr['updown'] = 1;
$downarr['username'] = $params['uname'];
$downarr['dateline'] = $_SGLOBAL['timestamp'];
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum+1,updownnum=updownnum+1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id= " . $params['reply_id'] . ")");
inserttable("complain_op_updown", $downarr);
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum+1 where id=" . $params['reply_id']);
$q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1");
if ($r = $_SGLOBAL['db']->fetch_array($q)) {
updatetable('complain', array('status' => 2), array('id' => $r['id']));
$oparr = array();
$oparr['doid'] = $params['complainId'];
$oparr['message'] = '';
$oparr['uid'] = $params['uid'];
$oparr['username'] = $params['uname'];
$oparr['optype'] = 6;
$oparr['dateline'] = $_SGLOBAL['timestamp'];
$oparr['opvalue'] = 1;
inserttable("complain_op", $oparr);
}
}
} else {
if ($params['vote'] == 'down') {
$query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']);
$updown = $_SGLOBAL['db']->fetch_array($query);
if (!empty($updown)) {
if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 1) {
$errorMsg = array("errorNo" => "403", "content" => "updown again");
return json_encode($errorMsg);
}
$_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 2");
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum-1 where id=" . $params['reply_id']);
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum-1,updownnum=updownnum-1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
} else {
$downarr = array();
$downarr['opid'] = $params['reply_id'];
$downarr['uid'] = $params['uid'];
$downarr['updown'] = 2;
$downarr['username'] = $params['uname'];
$downarr['dateline'] = $_SGLOBAL['timestamp'];
inserttable("complain_op_updown", $downarr);
$_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum+1,updownnum=updownnum+1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
$_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum+1 where id=" . $params['reply_id']);
$sql = "select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1";
$q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1");
if ($r = $_SGLOBAL['db']->fetch_array($q)) {
updatetable('complain', array('status' => 0, 'lastopid' => 0, 'dateline' => $_SGLOBAL['timestamp'], 'times' => 1, 'issendmsg' => 0), array('id' => $r['id']));
$note = cplang("complain_down", array("space.php?do=complain_item&doid={$complain['doid']}"));
notification_complain_add($complain["atuid"], "complain", $note);
$oparr = array();
$oparr['doid'] = $params['complainId'];
$oparr['message'] = '';
$oparr['uid'] = $params['uid'];
$oparr['username'] = $params['uname'];
$oparr['optype'] = 5;
$oparr['dateline'] = $_SGLOBAL['timestamp'];
$oparr['opvalue'] = 1;
inserttable("complain_op", $oparr);
}
}
}
}
}
[UCenter Home] (C) 2007-2008 Comsenz Inc.
$Id: avatar.php 10586 2008-12-10 06:53:47Z liguode $
*/
if (!defined('IN_UCHOME')) {
exit('Access Denied');
}
//判断用户是否设置了头像
$avatar_exists = trim(ckavatar($space['uid']));
if (strlen($avatar_exists) < 1) {
showmessage('这个功能要求您的UCenter的Server端的 avatar.php 程序需要进行升级。<br>如果您是本站管理员,请通过下面的地址下载 avatar.php 文件的压缩包,并覆盖您的UCenter根目录中的同名文件即可。<br><a href="http://u.discuz.net/download/avatar.zip">http://u.discuz.net/download/avatar.zip</a>');
}
if ($avatar_exists) {
//活动完成
$task['done'] = 1;
//更新用户头像标识位
updatetable('space', array('avatar' => 1), array('uid' => $space['uid']));
//找热门异性有头像的用户
$wherearr = array();
$wherearr[] = "s.uid=sf.uid";
$wherearr[] = "s.avatar='1'";
if ($space['sex'] == 2) {
$title = '帅哥';
$wherearr[] = "sf.sex='1'";
} else {
$title = '美女';
$wherearr[] = "sf.sex='2'";
}
$nouids = $space['friend'] ? $space['friend'] . ",{$space['uid']}" : $space['uid'];
$wherearr[] = "s.uid NOT IN ({$nouids})";
$query = $_SGLOBAL['db']->query("SELECT s.uid,s.username,s.name,s.namestatus\r\n\t\tFROM " . tname('space') . " s, " . tname('spacefield') . " sf\r\n\t\tWHERE " . implode(' AND ', $wherearr) . "\r\n\t\tORDER BY s.friendnum DESC LIMIT 0,10");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
function download_update($setarr, $index)
{
$wherearr = array('index' => (int) $index);
$setarr = base_protect($setarr);
return updatetable('download', $setarr, $wherearr) ? $index : false;
}
<?php
/*
[UCenter Home] (C) 2007-2008 Comsenz Inc.
$Id: function_image.php 7350 2008-05-12 09:36:04Z liguode $
*/
if (!defined('IN_UCHOME')) {
exit('Access Denied');
}
//检查对象及重复使用
$idtype = 'cid';
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('comment') . " WHERE cid = '{$id}' AND authorid = '{$_SGLOBAL['supe_uid']}'");
$value = $_SGLOBAL['db']->fetch_array($query);
if (empty($value)) {
showmessage('magicuse_bad_object');
} elseif ($value['magicflicker']) {
showmessage('magicuse_object_once_limit');
}
//彩虹炫
if (submitcheck("usesubmit")) {
updatetable('comment', array('magicflicker' => 1), array('cid' => $id, 'authorid' => $_SGLOBAL['supe_uid']));
magic_use($mid, array('id' => $id, 'idtype' => $idtype), true);
showmessage('magicuse_success', $_POST['refer']);
}
