if ($gzipcompress && function_exists('ob_gzhandler') && CURSCRIPT != 'wap') { ob_start('ob_gzhandler'); } else { $gzipcompress = 0; ob_start(); } $dblink = new db_sql(); $dblink->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $_DCOOKIE = $_DCACHE = array(); list($cyask_uid, $username, $email) = explode("\t", uc_authcode($_COOKIE['auth'], 'DECODE')); define('FORMHASH', form_hash()); $styleid = $_DCOOKIE['styleid'] ? $_DCOOKIE['styleid'] : 1; $cyask_adminid = 0; if ($cyask_uid) { $query = $dblink->query("SELECT username,password,adminid,groupid FROM {$dbprefix}members WHERE uid={$cyask_uid}"); $members = $dblink->fetch_array($query); if (empty($members)) { $members = array(); list($uid, $uname, $email) = uc_get_user($cyask_uid, 1); $dblink->query("INSERT INTO {$dbprefix}members(uid,username,email,adminid,groupid,regdate) VALUES('{$cyask_uid}','{$username}','{$email}','5','0','" . time() . "')"); $cyask_user = $username; unset($uid, $uname); $adminid = '5'; $groupid = 0; $cyask_adminid = $adminid == 1 || $groupid == 3 ? 1 : 0; } else { $cyask_user = $members['username']; $adminid = $members['adminid']; $groupid = $members['groupid']; $cyask_adminid = $adminid == 1 || $groupid == 3 ? 1 : 0;
$dblink->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $_DCOOKIE = $_DCACHE = array(); $prelength = strlen($cookiepre); foreach ($_COOKIE as $key => $val) { if (substr($key, 0, $prelength) == $cookiepre) { $_DCOOKIE[substr($key, $prelength)] = daddslashes($val); } } unset($prelength); list($cyask_uid, $cyask_user, $cyask_pw) = isset($_DCOOKIE['compound']) ? explode("\t", authcode($_DCOOKIE['compound'], 'DECODE', $cyask_key)) : array(0, '', ''); $cyask_uid = intval($cyask_uid); $styleid = $_DCOOKIE['styleid'] ? $_DCOOKIE['styleid'] : 1; ///////////////////////提取身份/////////////////////////// if ($cyask_uid) { $query = $dblink->query("SELECT adminid FROM {$tablepre}member WHERE uid={$cyask_uid}"); $members = $dblink->fetch_array($query); $cyask_adminid = $members['adminid']; } $cache_variable_file = CYASK_ROOT . './askdata/cache/cache_variable.php'; if (file_exists($cache_variable_file)) { include_once $cache_variable_file; } else { create_cache('variable'); include_once $cache_variable_file; } $cache_style_file = CYASK_ROOT . './askdata/cache/cache_style.php'; if (file_exists($cache_style_file)) { include_once $cache_style_file; } else { create_cache('style');
$fp = fopen($cachefile, 'w'); $s = "<?php\r\n"; $s .= '$_CACHE[\'settings\'] = ' . var_export($post, TRUE) . ";\r\n"; fwrite($fp, $s); fclose($fp); exit(API_RETURN_SUCCEED); } elseif ($action == 'updatecredit') { !UPDATECREDIT && exit(API_RETURN_FORBIDDEN); $credit = intval($get['credit']); $amount = intval($get['amount']); $uid = intval($get['uid']); require_once DISCUZ_ROOT . './include/db_' . $database . '.php'; $dblink = new db_sql(); $dblink->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $dblink->query("UPDATE {$dbprefix}members SET scores=scores+'{$amount}' WHERE uid='{$uid}'"); if ($amount > 0) { $add = $amount; $minus = 0; } else { $add = 0; $minus = $amount; } $query = $dblink->query("SEELCT scores FROM {$dbprefix}members WHERE uid='{$uid}'"); $row = $dblink->fetch_array($query); $time = time(); $scores = $row['scores']; unset($query, $row); $dblink->query("INSERT INTO {$dbprefix}scorelog(uid,optime,add,minus,op,scores,opuid) VALUES('{$uid}','{$time}','{$add}','{$minus}','{$op}','{$scores}','{$opuid}')"); exit(API_RETURN_SUCCEED); } elseif ($action == 'getcreditsettings') {
echo " <tr>\n"; echo " <td>\n"; echo " <hr noshade align=\"center\" width=\"100%\" size=\"1\">\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td><b><font color=\"#FF0000\">></font><font color=\"#000000\"> {$lang['create_table']}</font></b></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n"; $fp = fopen($sqlfile, 'rb'); $sqlcontent = fread($fp, 2048000); $sqlcontent = str_replace("\r\n", "\n", $sqlcontent); fclose($fp); run_query($sqlcontent); $db->query("DELETE FROM {$tablepre}member"); $db->query("INSERT INTO {$tablepre}member SET uid='{$uid}',username='******',password='******',email='{$email}',adminid=1,attachopen=1"); $db->query("DELETE FROM {$tablepre}admin"); $db->query("INSERT INTO {$tablepre}admin SET uid='{$uid}',adminid=1,sid='all'"); echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n"; echo " <hr noshade align=\"center\" width=\"100%\" size=\"1\">\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td><b><font color=\"#FF0000\">></font><font color=\"#000000\"> {$lang['init_file']}</font></b></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n";
echo " <tr>\n"; echo " <td>\n"; echo " <hr noshade align=\"center\" width=\"100%\" size=\"1\">\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td><b><font color=\"#FF0000\">></font><font color=\"#000000\"> {$lang['create_table']}</font></b></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n"; $fp = fopen($sqlfile, 'rb'); $sql = fread($fp, filesize($sqlfile)); fclose($fp); $db->select_db($dbname); runquery($sql); $query = $db->query("INSERT INTO {$dbprefix}members(uid,username,email,adminid,regdate,groupid) VALUES('{$uid}','{$username}','{$email}','1','" . time() . "','1')"); echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n"; echo " <hr noshade align=\"center\" width=\"100%\" size=\"1\">\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td><b><font color=\"#FF0000\">></font><font color=\"#000000\"> {$lang['init_file']}</font></b></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n"; loginit('adminlog'); loginit('errorlog'); dir_clear('./askdata/templates');
function OnCheckRegId() { ShowMsg("OnCheckRegId."); $userid = $_GET['memberid']; global $db; global $dbaddr, $dbuser, $dbpwd, $dbname; if (!$db) { $db = new db_sql(); $db->connect($dbaddr, $dbuser, $dbpwd, $dbname); ShowMsg("receate db ."); } if (!$db) { return; } $sql = "select userid from tb_members where userid='" . $userid . "'"; ShowMsg("query db width ." . $sql); $query = $db->query($sql); if (!$query) { echo GetErrorResult("CHECK_MEM_ID", 0); $db->close(); return; } $count = $db->num_rows($query); $db->close(); if ($count > 0) { echo GetErrorResult("CHECK_MEM_ID", 2); } else { echo GetErrorResult("CHECK_MEM_ID", 0); } return TRUE; }