$_SCONFIG['maxreward'] = $_SCONFIG['maxreward'] < 2 ? 10 : $_SCONFIG['maxreward'];
if ($pid) {
$query = $_SGLOBAL['db']->query("SELECT pf.*, p.* FROM " . tname('poll') . " p \n\t\tLEFT JOIN " . tname('pollfield') . " pf ON pf.pid=p.pid \n\t\tWHERE p.pid='{$pid}'");
$poll = $_SGLOBAL['db']->fetch_array($query);
realname_set($poll['uid'], $poll['username']);
}
//Check permission
if (empty($poll)) {
if (!checkperm('allowpoll')) {
ckspacelog();
showmessage('no_authority_to_add_poll');
}
// Real-name authentication
ckrealname('poll');
// Video Authentication
ckvideophoto('poll');
//New User
cknewuser();
//Determine whether published too fast
$waittime = interval_check('post');
if ($waittime > 0) {
showmessage('operating_too_fast', '', 1, array($waittime));
}
} else {
if (!in_array($op, array('vote', 'get', 'invite')) && $_SGLOBAL['supe_uid'] != $poll['uid'] && !checkperm('managepoll')) {
showmessage('no_authority_operation_of_the_poll');
}
}
include_once S_ROOT . './source/function_bbcode.php';
if (submitcheck('pollsubmit')) {
$_POST['topicid'] = topic_check($_POST['topicid'], 'poll');
}
if (empty($_SCONFIG['my_status'])) {
showmessage('no_privilege_my_status');
}
if ($appid == '1036584') {
//视频认证
} else {
//验证是否有权限玩应用
if (!checkperm('allowmyop')) {
showmessage('no_privilege');
}
//实名认证
include_once S_ROOT . './source/function_cp.php';
ckrealname('userapp');
//视频认证
ckvideophoto('userapp');
//更新状态
updatetable('session', array('lastactivity' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid']));
}
$app = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('myapp') . " WHERE appid='{$appid}' LIMIT 1");
if ($app = $_SGLOBAL['db']->fetch_array($query)) {
if ($app['flag'] < 0) {
showmessage('no_privilege_myapp');
}
}
//漫游
$my_appId = $appid;
$my_suffix = base64_decode(urldecode($_GET['my_suffix']));
$my_prefix = getsiteurl();
//奖励积分
include_once S_ROOT . './source/function_feed.php';
feed_publish($sid, 'sid');
} else {
updatetable('feed', array('hot' => $_POST['hot']), array('id' => $sid, 'idtype' => 'sid'));
}
showmessage('do_success', $_POST['refer'], 0);
}
} else {
if (!checkperm('allowshare')) {
ckspacelog();
showmessage('no_privilege');
}
// Real-name authentication
ckrealname('share');
// Video Authentication
ckvideophoto('share');
//New User
cknewuser();
$type = empty($_GET['type']) ? '' : $_GET['type'];
$id = empty($_GET['id']) ? 0 : intval($_GET['id']);
$note_uid = 0;
$note_message = '';
$hotarr = array();
$arr = array();
switch ($type) {
case 'space':
if ($id == $space['uid']) {
showmessage('share_space_not_self');
}
$tospace = getspace($id);
if (empty($tospace)) {
} elseif ($op == 'edit') {
// edit or Create a new activity
if ($eventid) {
// Check permissions
if (!$allowmanage) {
showmessage("no_privilege_edit_event");
}
} else {
//Check user group Permissions for add events
if (!checkperm("allowevent")) {
showmessage('no_privilege_add_event');
}
// Real-name authentication
ckrealname('event');
// Video Authentication
ckvideophoto('event');
//New user probationary
cknewuser();
// Default entry new event [to do: Owner can set the Event default entry, priority: low]
$event = array();
$event['eventid'] = '';
$event['starttime'] = ceil($_SGLOBAL['timestamp'] / 3600) * 3600 + 7200;
// Event Start Time: Two hours after
$event['endtime'] = $event['starttime'] + 14400;
// Event Finish Time: four hours after the start time
$event['deadline'] = $event['starttime'];
// Deadline: Start time
$event['allowinvite'] = 1;
// Is allowed to Invite Friends
$event['allowpost'] = 1;
// Whether to allow the posting
$op = empty($_GET['op']) ? '' : $_GET['op'];
$blog = array();
if ($blogid) {
$query = $_SGLOBAL['db']->query("SELECT bf.*, b.* FROM " . tname('blog') . " b \n\t\tLEFT JOIN " . tname('blogfield') . " bf ON bf.blogid=b.blogid \n\t\tWHERE b.blogid='{$blogid}'");
$blog = $_SGLOBAL['db']->fetch_array($query);
}
//权限检查
if (empty($blog)) {
if (!checkperm('allowblog')) {
ckspacelog();
showmessage('no_authority_to_add_log');
}
//实名认证
ckrealname('blog');
//视频认证
ckvideophoto('blog');
//新用户见习
cknewuser();
//判断是否发布太快
$waittime = interval_check('post');
if ($waittime > 0) {
showmessage('operating_too_fast', '', 1, array($waittime));
}
//接收外部标题
$blog['subject'] = empty($_GET['subject']) ? '' : getstr($_GET['subject'], 80, 1, 0);
$blog['message'] = empty($_GET['message']) ? '' : getstr($_GET['message'], 5000, 1, 0);
} else {
if ($_SGLOBAL['supe_uid'] != $blog['uid'] && !checkperm('manageblog')) {
showmessage('no_authority_operation_of_the_log');
}
}
function video_save($FILE, $title, $desc, $tovideoid = 0, $albumid)
{
global $_SGLOBAL, $_SCONFIG, $space, $_SC;
//允许上传类型
$allowpictype = array('flv');
//检查
$FILE['size'] = intval($FILE['size']);
if (empty($FILE['size']) || empty($FILE['tmp_name']) || !empty($FILE['error'])) {
return cplang('lack_of_access_to_upload_file_size');
}
//判断后缀
$fileext = fileext($FILE['name']);
if (!in_array($fileext, $allowpictype)) {
return cplang('only_allows_upload_file_types');
}
//获取目录
if (!($filepath = getfilepath($fileext, true))) {
return cplang('unable_to_create_upload_directory_server');
}
//检查空间大小
if (empty($space)) {
$space = getspace($_SGLOBAL['supe_uid']);
}
//用户组
if (!checkperm('allowupload')) {
ckspacelog();
return cplang('inadequate_capacity_space');
}
//实名认证
if (!ckrealname('album', 1)) {
return cplang('inadequate_capacity_space');
}
//视频认证
if (!ckvideophoto('album', array(), 1)) {
return cplang('inadequate_capacity_space');
}
//新用户见习
if (!cknewuser(1)) {
return cplang('inadequate_capacity_space');
}
$maxattachsize = checkperm('maxattachsize');
//单位MB
if ($maxattachsize) {
//0为不限制
if ($space['attachsize'] + $FILE['size'] > $maxattachsize + $space['addsize']) {
return cplang('inadequate_capacity_space');
}
}
if ($albumid < 0) {
$albumid = 0;
}
$showtip = true;
$albumfriend = 0;
if ($albumid) {
preg_match("/^new\\:(.+)\$/i", $albumid, $matchs);
if (!empty($matchs[1])) {
$albumname = shtmlspecialchars(trim($matchs[1]));
if (empty($albumname)) {
$albumname = sgmdate('Ymd');
}
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if ($albumid) {
$query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM " . tname('album') . " WHERE albumid='{$albumid}' AND uid='{$_SGLOBAL['supe_uid']}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
} else {
$albumid = 0;
$showtip = false;
}
//本地上传
$new_name = $_SC['attachdir'] . './' . $filepath;
$tmp_name = $FILE['tmp_name'];
if (@copy($tmp_name, $new_name)) {
@unlink($tmp_name);
} elseif (function_exists('move_uploaded_file') && @move_uploaded_file($tmp_name, $new_name)) {
} elseif (@rename($tmp_name, $new_name)) {
} else {
return cplang('mobile_picture_temporary_failure');
}
//入库
$setarr = array('albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'postip' => getonlineip(), 'filename' => addslashes($FILE['name']), 'title' => $title, 'desc' => $desc, 'size' => $FILE['size'], 'filepath' => $filepath);
$setarr['id'] = inserttable('video', $setarr, 1);
$setsql = '';
if ($showtip) {
$reward = getreward('uploadimage', 0);
if ($reward['credit']) {
$setsql = ",credit=credit+{$reward['credit']}";
}
if ($reward['experience']) {
$setsql .= ",experience=experience+{$reward['experience']}";
}
}
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET attachsize=attachsize+'{$FILE['size']}', updatetime='{$_SGLOBAL['timestamp']}' {$setsql} WHERE uid='{$_SGLOBAL['supe_uid']}'");
updatestat('video');
return $setarr;
}
topic_join($_POST['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
$url = "space.php?do=topic&topicid={$_POST['topicid']}&view=pic";
} else {
$url = "space.php?uid={$_SGLOBAL['supe_uid']}&do=album&id=" . (empty($_POST['opalbumid']) ? -1 : $_POST['opalbumid']);
}
capi_showmessage_by_data('upload_images_completed', $url, 0);
}
} else {
if (!checkperm('allowupload')) {
ckspacelog();
capi_showmessage_by_data('no_privilege');
}
//实名认证
ckrealname('album');
//视频认证
ckvideophoto('album');
//新用户见习
cknewuser();
$siteurl = getsiteurl();
//获取相册
$albums = getalbums($_SGLOBAL['supe_uid']);
//激活
$actives = $_GET['op'] == 'flash' || $_GET['op'] == 'cam' ? array($_GET['op'] => ' class="active"') : array('js' => ' class="active"');
//空间大小
$maxattachsize = checkperm('maxattachsize');
if (!empty($maxattachsize)) {
$maxattachsize = $maxattachsize + $space['addsize'];
//额外空间
$haveattachsize = formatsize($maxattachsize - $space['attachsize']);
} else {
$haveattachsize = 0;
note_apply($notearr);
showmessage('do_success');
}
} else {
//创建新群组
if(!checkperm('allowmtag')) {
ckspacelog();
showmessage('no_privilege');
}
//实名认证
ckrealname('thread');
//视频认证
ckvideophoto('thread');
//新用户见习
cknewuser();
//提交
if(submitcheck('textsubmit')) {
//自由输入
$_POST['tagname'] = $tagname = getstr($_POST['tagname'], 40, 1, 1, 1);
$_POST['fieldid'] = $fieldid = intval($_POST['fieldid']);
$profield = $_SGLOBAL['profield'][$fieldid];
if(empty($profield) || $profield['formtype'] != 'text') {
showmessage('mtag_fieldid_does_not_exist');
}
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if ($_GET['op'] == 'delete') {
$favid = intval($_GET['favid']);
$thevalue = DB::fetch_first('SELECT * FROM ' . DB::table('home_favorite') . " WHERE favid='{$favid}'");
if (empty($thevalue) || $thevalue['uid'] != $_G['uid']) {
showmessage('favorite_does_not_exist');
}
if (submitcheck('deletesubmit')) {
DB::query('DELETE FROM ' . DB::table('home_favorite') . " WHERE favid='{$favid}'");
showmessage('do_success', 'home.php?mod=space&do=favorite&view=me&type=' . $_GET['type'] . '&quickforward=1', array('favid' => $favid), array('showdialog' => 1, 'showmsg' => true, 'closetime' => 1));
}
} else {
ckrealname('favorite');
ckvideophoto('favorite');
cknewuser();
$type = empty($_GET['type']) ? '' : $_GET['type'];
$id = empty($_GET['id']) ? 0 : intval($_GET['id']);
$spaceuid = empty($_GET['spaceuid']) ? 0 : intval($_GET['spaceuid']);
$idtype = $title = $icon = '';
switch ($type) {
case 'thread':
$idtype = 'tid';
$title = DB::result_first('SELECT subject FROM ' . DB::table('forum_thread') . " WHERE tid='{$id}'");
$icon = '<img src="static/image/feed/thread.gif" alt="thread" class="vm" /> ';
break;
case 'forum':
$idtype = 'fid';
$title = DB::result_first('SELECT `name` FROM ' . DB::table('forum_forum') . " WHERE fid='{$id}' AND status !='3'");
$icon = '<img src="static/image/feed/discuz.gif" alt="forum" class="vm" /> ';
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: space_videophoto.php 6752 2010-03-25 08:47:54Z cnteacher $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if (empty($_G['setting']['videophoto'])) {
showmessage('no_open_videophoto');
}
require_once libfile('function/spacecp');
ckvideophoto('viewphoto', $space);
$videophoto = getvideophoto($space['videophoto']);
include_once template("home/space_videophoto");
$tospace = getspace($share['uid']);
$hotarr = array('sid', $share['sid'], $share['hotuser']);
$stattype = 'sharecomment';
break;
default:
showmessage('non_normal_operation');
break;
}
if (empty($tospace)) {
showmessage('space_does_not_exist', '', array(), array('return' => true));
}
if ($tospace['videophotostatus']) {
if ($idtype == 'uid') {
ckvideophoto('wall', $tospace);
} else {
ckvideophoto('comment', $tospace);
}
}
if (isblacklist($tospace['uid'])) {
showmessage('is_blacklist');
}
if ($hotarr && $tospace['uid'] != $_G['uid']) {
hot_update($hotarr[0], $hotarr[1], $hotarr[2]);
}
$fs = array();
$fs['icon'] = 'comment';
$fs['target_ids'] = '';
$fs['friend'] = '';
$fs['body_template'] = '';
$fs['body_data'] = array();
$fs['body_general'] = '';
* This is NOT a freeware, use is subject to license terms
*
* $Id: spacecp_doing.php 19863 2011-01-21 02:26:13Z zhengqingpeng $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
$doid = empty($_GET['doid']) ? 0 : intval($_GET['doid']);
$id = empty($_GET['id']) ? 0 : intval($_GET['id']);
if (submitcheck('addsubmit')) {
$add_doing = 1;
if (!checkperm('allowdoing')) {
showmessage('no_privilege');
}
ckrealname('doing');
ckvideophoto('doing');
cknewuser();
$waittime = interval_check('post');
if ($waittime > 0) {
showmessage('operating_too_fast', '', array('waittime' => $waittime));
}
$message = getstr($_POST['message'], 200, 1, 1, 1);
$message = preg_replace("/\\<br.*?\\>/i", ' ', $message);
if (strlen($message) < 1) {
showmessage('should_write_that');
}
$message = censor($message, NULL, TRUE);
if (is_array($message) && $message['message']) {
showmessage('do_success', dreferer(), array('message' => $message['message']));
}
if (censormod($message) || $_G['group']['allowdoingmod']) {
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: space_profile.php 10974 2010-05-19 02:24:31Z xupeng $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
require_once libfile('function/spacecp');
space_merge($space, 'count');
space_merge($space, 'field_home');
space_merge($space, 'field_forum');
space_merge($space, 'profile');
space_merge($space, 'status');
if ($space['videophoto'] && ckvideophoto('viewphoto', $space, 1)) {
$space['videophoto'] = getvideophoto($space['videophoto']);
} else {
$space['videophoto'] = '';
}
$space['admingroup'] = $_G['cache']['usergroups'][$space['adminid']];
$space['admingroup']['icon'] = g_icon($space['adminid'], 1);
$space['group'] = $_G['cache']['usergroups'][$space['groupid']];
$space['group']['icon'] = g_icon($space['groupid'], 1);
if ($space['extgroupids']) {
$newgroup = array();
$e_ids = explode(',', $space['extgroupids']);
foreach ($e_ids as $e_id) {
$newgroup[] = $_G['usergroups'][$e_id]['grouptitle'];
}
$space['extgroupids'] = implode(',', $newgroup);
}
if ($space['medals']) {
loadcache('medals');
foreach ($space['medals'] = explode("\t", $space['medals']) as $key => $medalid) {
list($medalid, $medalexpiration) = explode("|", $medalid);
if (isset($_G['cache']['medals'][$medalid]) && (!$medalexpiration || $medalexpiration > TIMESTAMP)) {
$space['medals'][$key] = $_G['cache']['medals'][$medalid];
$space['medals'][$key]['medalid'] = $medalid;
} else {
unset($space['medals'][$key]);
}
}
}
$upgradecredit = $space['uid'] && $space['group']['type'] == 'member' && $space['group']['creditslower'] != 9999999 ? $space['group']['creditslower'] - $space['credits'] : false;
$allowupdatedoing = $space['uid'] == $_G['uid'] && checkperm('allowdoing');
dsetcookie('home_diymode', 1);
$navtitle = lang('space', 'sb_profile', array('who' => $space['username']));
$metakeywords = lang('space', 'sb_profile', array('who' => $space['username']));
$metadescription = lang('space', 'sb_profile', array('who' => $space['username']));
$showvideophoto = true;
if ($space['videophotostatus'] > 0 && $_G['uid'] != $space['uid'] && !ckvideophoto($space, 1)) {
$showvideophoto = false;
}
if (!$_G['privacy']) {
if (!$_G['inajax']) {
include_once template("home/space_profile");
} else {
$_G['gp_do'] = 'card';
include_once template("home/space_card");
}
}
showmessage('not_to_their_own_greeted');
}
if ($op == 'send' || $op == 'reply') {
if (!checkperm('allowpoke')) {
showmessage('no_privilege');
}
ckrealname('poke');
cknewuser();
$tospace = array();
if ($uid) {
$tospace = getspace($uid);
} elseif ($_POST['username']) {
$tospace = DB::fetch_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'username']}' LIMIT 1");
}
if ($tospace['videophotostatus']) {
ckvideophoto('poke', $tospace);
}
if ($tospace && isblacklist($tospace['uid'])) {
showmessage('is_blacklist');
}
if (submitcheck('pokesubmit')) {
if (empty($tospace)) {
showmessage('space_does_not_exist');
}
$oldpoke = getcount('home_poke', array('uid' => $uid, 'fromuid' => $_G['uid']));
$notetext = getstr($_POST['note'], 150, 1, 1);
$notetext = censor($notetext);
$setarr = array('pokeuid' => $uid + $_G['uid'], 'uid' => $uid, 'fromuid' => $_G['uid'], 'note' => $notetext, 'dateline' => $_G['timestamp'], 'iconid' => intval($_POST['iconid']));
DB::insert('home_pokearchive', $setarr);
$setarr = array('uid' => $uid, 'fromuid' => $_G['uid'], 'fromusername' => $_G['username'], 'note' => getstr($_POST['note'], 150, 1, 1), 'dateline' => $_G['timestamp'], 'iconid' => intval($_POST['iconid']));
DB::insert('home_poke', $setarr, 0, true);
$maxfriendnum = checkperm('maxfriendnum');
if ($maxfriendnum && $space['friendnum'] >= $maxfriendnum + $space['addfriend']) {
if ($_SGLOBAL['magic']['friendnum']) {
showmessage('enough_of_the_number_of_friends_with_magic');
} else {
showmessage('enough_of_the_number_of_friends');
}
}
//对方是否把自己加为了好友
$fstatus = getfriendstatus($uid, $_SGLOBAL['supe_uid']);
if ($fstatus == -1) {
//对方没有加好友,我加别人
if ($status == -1) {
//视频认证
if ($tospace['videostatus']) {
ckvideophoto('friend', $tospace);
}
//添加单向好友
if (submitcheck('addsubmit')) {
$setarr = array('uid' => $_SGLOBAL['supe_uid'], 'fuid' => $uid, 'fusername' => addslashes($tospace['username']), 'gid' => intval($_POST['gid']), 'note' => getstr($_POST['note'], 50, 1, 1), 'dateline' => $_SGLOBAL['timestamp']);
inserttable('friend', $setarr);
//发送邮件通知
smail($uid, '', cplang('friend_subject', array($_SN[$space['uid']], getsiteurl() . 'cp.php?ac=friend&op=request')), '', 'friend_add');
//增加对方好友申请数
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET addfriendnum=addfriendnum+1 WHERE uid='{$uid}'");
showmessage('request_has_been_sent');
} else {
include_once template('cp_friend');
exit;
}
} else {
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: space_videophoto.php 22572 2011-05-12 09:35:18Z zhengqingpeng $
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if (empty($_G['setting']['verify'][7]['available'])) {
showmessage('no_open_videophoto');
}
require_once libfile('function/spacecp');
ckvideophoto($space);
$videophoto = getvideophoto($space['videophoto']);
include_once template("home/space_videophoto");
function pic_save($FILE, $albumid, $title, $iswatermark = true)
{
global $_G, $space;
if ($albumid < 0) {
$albumid = 0;
}
$allowpictype = array('jpg', 'jpeg', 'gif', 'png');
require_once libfile('class/upload');
$upload = new discuz_upload();
$upload->init($FILE, 'album');
if ($upload->error()) {
return lang('spacecp', 'lack_of_access_to_upload_file_size');
}
if (!$upload->attach['isimage']) {
return lang('spacecp', 'only_allows_upload_file_types');
}
if (empty($space)) {
$_G['member'] = $space = getspace($_G['uid']);
$_G['username'] = addslashes($space['username']);
}
if (!checkperm('allowupload')) {
return lang('spacecp', 'not_allow_upload');
}
if (!ckrealname('album', 1)) {
return lang('spacecp', 'not_allow_upload');
}
if (!ckvideophoto('album', array(), 1)) {
return lang('spacecp', 'not_allow_upload');
}
if (!cknewuser(1)) {
return lang('spacecp', 'not_allow_upload');
}
$maxspacesize = checkperm('maxspacesize');
$maxspacesize = $maxspacesize * 1024 * 1024;
if ($maxspacesize) {
space_merge($space, 'count');
space_merge($space, 'field_home');
if ($space['attachsize'] + $upload->attach['size'] > $maxspacesize + $space['addsize']) {
return lang('spacecp', 'inadequate_capacity_space');
}
}
$showtip = true;
$albumfriend = 0;
if ($albumid) {
$albumid = album_creat_by_id($albumid);
} else {
$albumid = 0;
$showtip = false;
}
$upload->save();
if ($upload->error()) {
return lang('spacecp', 'mobile_picture_temporary_failure');
}
$new_name = $upload->attach['target'];
require_once libfile('class/image');
$image = new image();
$result = $image->Thumb($new_name, '', 140, 140, 1);
$thumb = empty($result) ? 0 : 1;
if ($_G['setting']['maxthumbwidth'] && $_G['setting']['maxthumbheight']) {
if ($_G['setting']['maxthumbwidth'] < 300) {
$_G['setting']['maxthumbwidth'] = 300;
}
if ($_G['setting']['maxthumbheight'] < 300) {
$_G['setting']['maxthumbheight'] = 300;
}
$image->Thumb($new_name, '', $_G['setting']['maxthumbwidth'], $_G['setting']['maxthumbheight'], 1, 1);
}
if ($iswatermark) {
$image->Watermark($new_name);
}
$pic_remote = 0;
$album_picflag = 1;
if (getglobal('setting/ftp/on')) {
$ftpresult_thumb = 0;
$ftpresult = ftpcmd('upload', 'album/' . $upload->attach['attachment']);
if ($ftpresult) {
if ($thumb) {
ftpcmd('upload', 'album/' . $upload->attach['attachment'] . '.thumb.jpg');
}
$pic_remote = 1;
$album_picflag = 2;
} else {
if (getglobal('setting/ftp/mirror')) {
@unlink($upload->attach['target']);
@unlink($upload->attach['target'] . '.thumb.jpg');
return lang('spacecp', 'ftp_upload_file_size');
}
}
}
$title = getstr($title, 200, 1, 1, 1);
$setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => addslashes($upload->attach['name']), 'postip' => $_G['clientip'], 'title' => $title, 'type' => addslashes($upload->attach['ext']), 'size' => $upload->attach['size'], 'filepath' => $upload->attach['attachment'], 'thumb' => $thumb, 'remote' => $pic_remote);
$setarr['picid'] = DB::insert('home_pic', $setarr, 1);
DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$upload->attach['size']} WHERE uid='{$_G['uid']}'");
include_once libfile('function/stat');
updatestat('pic');
return $setarr;
}
$waittime = interval_check('post');
if ($waittime > 0) {
//showmessage('operating_too_fast', '', 1, array($waittime));
echo "fast_error";
exit;
}
} else {
if (!checkperm('allowdoing')) {
$add_doing = 0;
}
//ʵÃû
if (!ckrealname('doing', 1)) {
$add_doing = 0;
}
//ÊÓƵ
if (!ckvideophoto('doing', array(), 1)) {
$add_doing = 0;
}
//ÐÂÓû§
if (!cknewuser(1)) {
$add_doing = 0;
}
$waittime = interval_check('post');
if ($waittime > 0) {
$add_doing = 0;
}
}
//»ñÈ¡ÐÄÇé
$mood = 0;
preg_match("/\\[em\\:(\\d+)\\:\\]/s", $_POST['message'], $ms);
$mood = empty($ms[1]) ? 0 : intval($ms[1]);
function pic_save($FILE, $albumid, $title, $topicid=0) {
global $_SGLOBAL, $_SCONFIG, $space, $_SC;
if($albumid<0) $albumid = 0;
//允许上传类型
$allowpictype = array('jpg','jpeg','gif','png');
//检查
$FILE['size'] = intval($FILE['size']);
if(empty($FILE['size']) || empty($FILE['tmp_name']) || !empty($FILE['error'])) {
return cplang('lack_of_access_to_upload_file_size');
}
//判断后缀
$fileext = fileext($FILE['name']);
if(!in_array($fileext, $allowpictype)) {
return cplang('only_allows_upload_file_types');
}
//获取目录
if(!$filepath = getfilepath($fileext, true)) {
return cplang('unable_to_create_upload_directory_server');
}
//检查空间大小
if(empty($space)) {
$space = getspace($_SGLOBAL['supe_uid']);
}
//用户组
if(!checkperm('allowupload')) {
ckspacelog();
return cplang('inadequate_capacity_space');
}
//实名认证
if(!ckrealname('album', 1)) {
return cplang('inadequate_capacity_space');
}
//视频认证
if(!ckvideophoto('album', array(), 1)) {
return cplang('inadequate_capacity_space');
}
//新用户见习
if(!cknewuser(1)) {
return cplang('inadequate_capacity_space');
}
$maxattachsize = checkperm('maxattachsize');//单位MB
if($maxattachsize) {//0为不限制
if($space['attachsize'] + $FILE['size'] > $maxattachsize + $space['addsize']) {
return cplang('inadequate_capacity_space');
}
}
//相册选择
$showtip = true;
$albumfriend = 0;
if($albumid) {
preg_match("/^new\:(.+)$/i", $albumid, $matchs);
if(!empty($matchs[1])) {
$albumname = shtmlspecialchars(trim($matchs[1]));
if(empty($albumname)) $albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if($albumid) {
$query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM ".tname('album')." WHERE albumid='$albumid' AND uid='$_SGLOBAL[supe_uid]'");
if($value = $_SGLOBAL['db']->fetch_array($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
} else {
$albumid = 0;
$showtip = false;
}
//本地上传
$new_name = $_SC['attachdir'].'./'.$filepath;
$tmp_name = $FILE['tmp_name'];
if(@copy($tmp_name, $new_name)) {
@unlink($tmp_name);
} elseif((function_exists('move_uploaded_file') && @move_uploaded_file($tmp_name, $new_name))) {
} elseif(@rename($tmp_name, $new_name)) {
} else {
return cplang('mobile_picture_temporary_failure');
}
//检查是否图片
if(function_exists('getimagesize')) {
$tmp_imagesize = @getimagesize($new_name);
list($tmp_width, $tmp_height, $tmp_type) = (array)$tmp_imagesize;
$tmp_size = $tmp_width * $tmp_height;
if($tmp_size > 16777216 || $tmp_size < 4 || empty($tmp_type) || strpos($tmp_imagesize['mime'], 'flash') > 0) {
@unlink($new_name);
return cplang('only_allows_upload_file_types');
}
}
//缩略图
include_once(S_ROOT.'./source/function_image.php');
$thumbpath = makethumb($new_name);
$thumb = empty($thumbpath)?0:1;
//是否压缩
//获取上传后图片大小
if(@$newfilesize = filesize($new_name)) {
$FILE['size'] = $newfilesize;
}
//水印
if($_SCONFIG['allowwatermark']) {
makewatermark($new_name);
}
//进行ftp上传
if($_SCONFIG['allowftp']) {
include_once(S_ROOT.'./source/function_ftp.php');
if(ftpupload($new_name, $filepath)) {
$pic_remote = 1;
$album_picflag = 2;
} else {
@unlink($new_name);
@unlink($new_name.'.thumb.jpg');
runlog('ftp', 'Ftp Upload '.$new_name.' failed.');
return cplang('ftp_upload_file_size');
}
} else {
$pic_remote = 0;
$album_picflag = 1;
}
//入库
$title = getstr($title, 200, 1, 1, 1);
//入库
$setarr = array(
'albumid' => $albumid,
'uid' => $_SGLOBAL['supe_uid'],
'username' => $_SGLOBAL['supe_username'],
'dateline' => $_SGLOBAL['timestamp'],
'filename' => addslashes($FILE['name']),
'postip' => getonlineip(),
'title' => $title,
'type' => addslashes($FILE['type']),
'size' => $FILE['size'],
'filepath' => $filepath,
'thumb' => $thumb,
'remote' => $pic_remote,
'topicid' => $topicid
);
$setarr['picid'] = inserttable('pic', $setarr, 1);
//更新附件大小
//积分
$setsql = '';
if($showtip) {
$reward = getreward('uploadimage', 0);
if($reward['credit']) {
$setsql = ",credit=credit+$reward[credit]";
}
if($reward['experience']) {
$setsql .= ",experience=experience+$reward[experience]";
}
}
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET attachsize=attachsize+'$FILE[size]', updatetime='$_SGLOBAL[timestamp]' $setsql WHERE uid='$_SGLOBAL[supe_uid]'");
//相册更新
if($albumid) {
$file = $filepath.($thumb?'.thumb.jpg':'');
$_SGLOBAL['db']->query("UPDATE ".tname('album')."
SET picnum=picnum+1, updatetime='$_SGLOBAL[timestamp]', pic='$file', picflag='$album_picflag'
WHERE albumid='$albumid'");
}
//统计
updatestat('pic');
return $setarr;
}
$op = empty($_GET['op']) ? '' : $_GET['op'];
$bwzt = array();
if ($bwztid) {
$query = $_SGLOBAL['db']->query("SELECT bf.*, b.* FROM " . tname('bwzt') . " b \n\t\tLEFT JOIN " . tname('bwztfield') . " bf ON bf.bwztid=b.bwztid \n\t\tWHERE b.bwztid='{$bwztid}'");
$bwzt = $_SGLOBAL['db']->fetch_array($query);
}
//权限检查
if (empty($bwzt)) {
if (!checkperm('allowbwzt')) {
ckspacelog();
showmessage('no_authority_to_add_log');
}
//实名认证
ckrealname('bwzt');
//视频认证
ckvideophoto('bwzt');
//新用户见习
cknewuser();
//判断是否发布太快
$waittime = interval_check('post');
if ($waittime > 0) {
showmessage('operating_too_fast', '', 1, array($waittime));
}
//接收外部标题
$bwzt['subject'] = empty($_GET['subject']) ? '' : getstr($_GET['subject'], 80, 1, 0);
$bwzt['message'] = empty($_GET['message']) ? '' : getstr($_GET['message'], 5000, 1, 0);
} else {
if ($_SGLOBAL['supe_uid'] != $bwzt['uid'] && !checkperm('managebwzt')) {
showmessage('no_authority_operation_of_the_log');
}
}
