public function wx_sendMsg($data) { if (!getglobal('setting/CorpID') || !getglobal('setting/CorpSecret')) { return false; } $user = C::t('user')->fetch($data['uid']); if (!$user['wechat_userid'] || $user['wechat_status'] != 1) { C::t('notification')->update($data['id'], array('wx_new' => $data['wx_new'] + 1)); return false; } $agentid = 0; if ($data['from_idtype'] == 'app' && $data['from_id'] && ($wxapp = C::t('wx_app')->fetch($data['from_id']))) { if ($wxapp['agentid'] && $wxapp['status'] < 1) { $agentid = $wxapp['agentid']; } } $wx = new qyWechat(array('appid' => getglobal('setting/CorpID'), 'appsecret' => getglobal('setting/CorpSecret'))); $msg = array("touser" => "dzz-" . $data['uid'], "safe" => 0, "agentid" => $agentid, "msgtype" => "news", "news" => array("articles" => array(array("title" => $data['title'], "description" => getstr($data['wx_note'], 0, 0, 0, 0, -1), "url" => $wx->getOauthRedirect(getglobal('siteurl') . 'index.php?mod=system&op=wxredirect&url=' . dzzencode($data['redirecturl'])))))); if ($ret = $wx->sendMessage($msg)) { C::t('notification')->update($data['id'], array('wx_new' => 0)); return true; } else { C::t('notification')->update($data['id'], array('wx_new' => $data['wx_new'] + 1)); $message = 'wx_notification:errCode:' . $wx->errCode . ';errMsg:' . $wx->errMsg; runlog('wxlog', $message); return false; } }
function wz_record($get) { global $_SGLOBAL, $_SC; reset($get); foreach ($get as $k => $v) { if ($k == 'wxid') { $wxid = getstr($get[$k]); } if ($k == 'token') { $token = getstr($get[$k]); } if ($k == 'mid') { $mid = intval($get[$k]) ? intval($get[$k]) : 0; } if ($k == 'wxid' || $k == 'token' || $k == 'mid') { unset($get[$k]); continue; } else { $get[$k] = getstr($get[$k]); } $get[$k] = getstr($get[$k]); } $query = json_encode($get); $arr = array('token_id' => $_SGLOBAL['supe_token_id'], 'query' => $query, 'ip' => getonlineip(), 'user_agent' => $_SERVER["HTTP_USER_AGENT"], 'wxid' => $wxid, 'token' => $token, 'mid' => $mid, 'addtime' => $_SGLOBAL['timestamp']); $record_id = inserttable(tname('wz_record'), $arr, 1); return $record_id; }
public function checkhtml($html) { preg_match_all("/\\<([^\\<]+)\\>/is", $html, $ms); $searchs[] = '<'; $replaces[] = '<'; $searchs[] = '>'; $replaces[] = '>'; if ($ms[1]) { $allowtags = 'img|a|font|div|table|tbody|caption|tr|td|th|br|p|b|strong|i|u|em|span|ol|ul|li|blockquote|pre'; $ms[1] = array_unique($ms[1]); foreach ($ms[1] as $value) { $searchs[] = "<" . $value . ">"; $value = str_replace('&', '_uch_tmp_str_', $value); $value = dhtmlspecialchars($value); $value = str_replace('_uch_tmp_str_', '&', $value); $value = str_replace(array('\\', '/*'), array('.', '/.'), $value); $skipkeys = array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload', 'javascript:;', 'javascript', 'script', 'eval', 'behaviour', 'expression'); $skipstr = implode('|', $skipkeys); $value = preg_replace(array("/({$skipstr})/i"), '.', $value); if (!preg_match("/^[\\/|\\s]?({$allowtags})(\\s+|\$)/is", $value)) { $value = ''; } $replaces[] = empty($value) ? '' : "<" . str_replace('"', '"', $value) . ">"; } } $html = str_replace($searchs, $replaces, $html); return getstr($html, 0, 0, 0, 0, 1); }
function getstr($items, $str, $parent) { foreach ($items as $k => $it) { if (is_array($it)) { if (stripos($it['name'], $str) !== false) { return array($parent . '-' . ($k + 1), $it['name']); } else { $val = getstr($it['items'], $str, $parent . '-' . ($k + 1)); if (count($val) > 0) { return $val; } } } } return array(); }
/** * 设置回复图文 * @param array $newsData * 数组结构: * array( * "0"=>array( * 'Title'=>'msg title', * 'Description'=>'summary text', * 'PicUrl'=>'http://www.domain.com/1.jpg', * 'Url'=>'http://www.domain.com/1.html' * ), * "1"=>.... * ) */ function getLatestData($wx, $uid, $limit = 10) { $param = array('news'); $sql = "status<2"; $orderby = "ORDER BY dateline DESC"; //阅读范围查询语句 $sql .= " and ("; $sql_gid = array("orgids=''"); $orgarr = getDepartmentByUid($uid); //获取当前用户所在的部门数组 foreach ($orgarr as $value) { foreach ($value as $value1) { $sql_gid[] = "FIND_IN_SET(%d,orgids)"; $param[] = $value1['orgid']; } } $sql .= "(" . implode(' OR ', $sql_gid) . ") and ( uids='' OR FIND_IN_SET(%d,uids)))"; $param[] = $uid; $data = array(); $limit = intval($limit); if (!$limit) { $limit = 10; } foreach (DB::fetch_all("select * from %t where {$sql} {$orderby} limit {$limit} ", $param) as $value) { $temp = array(); $temp['Title'] = $value['subject']; $url = getglobal('siteurl') . 'index.php?mod=news&op=view&newid=' . $value['newid']; if ($value['type'] == 0) { //文本模式 $temp['Description'] = getstr($value['content'], 300, 0, 0, 0, -1); $temp['Url'] = getOauthRedirect($url); } elseif ($value['type'] == 1) { //图片模式 $temp['Description'] = ''; $temp['Url'] = getOauthRedirect($url); if ($pic = DB::fetch_first("select aid from %t where newid=%d limit 1", array('news_pic', $value['newid']))) { $temp['PicUrl'] = getglobal('siteurl') . 'index.php?mod=io&op=thumbnail&original=1&path=' . dzzencode('attach::' . $pic['aid']); } } else { //链接模式 $temp['Url'] = $value['url']; $temp['Description'] = ''; } $data[] = $temp; } return $data; }
protected function get_keyword($keyword) { global $wx; if (!$keyword) { return false; } $msg = getstr(trim($keyword)); $msg = $this->SBC_DBC($msg, 1); $result = $this->keyword_autoback($msg); if ($result) { return $result; } if ($wx->message['msgid']) { $member_num = $this->ck_member_wx($msg); } return $this->msg_autoback(); }
function Header() { parent::Header(); $this->setStyle('small'); $this->x = $this->left; $this->y = $this->top - $this->getLineHeight() - 0.5; $user = getvar('UserName'); $time = date('d/m/Y'); $edit = getstr('EditBy'); $date = getstr('Updated'); $input = "Nhaäp bôûi [{$edit}] ngaøy {$date}"; $print = "In bôûi [{$user}] ngaøy {$time}"; $print = $edit ? "{$input}. {$print}" : $print; $html = "\n\t<table width={$this->width}><tr>\n\t\t<td nowrap>Coâng ty TNHH Quoác Daân - Chi nhaùnh TPHCM</td>\n\t\t<td align=right nowrap>{$print}</td>\n\t</tr></table>\n\t"; $this->htmltable($html, 0); $this->hr(); $this->y = $this->top; }
public function mod_by_newid($newids, $pass, $modreason) { //审核处理 $pass = $pass ? 1 : 2; $newids = (array) $newids; $ret = DB::query("update %t SET status=%d , modreason=%s,moduid=%d,modtime=%d where newid IN(%n)", array($this->_table, $pass, $modreason, getglobal('uid'), TIMESTAMP, $newids)); //发送通知用户审核情况 if ($ret) { $ruids = array(); foreach (DB::fetch_all("select authorid from %t where newid IN(%n)", array($this->_table, $newids)) as $value) { $ruids[$value['authorid']] = $value['authorid']; } if ($ruids) { //通知发布者审核情况 $appid = C::t('app_market')->fetch_appid_by_mod('{dzzscript}?mod=news', 1); foreach ($ruids as $uid) { if ($uid != getglobal('uid')) { //发送通知 $notevars = array('from_id' => $appid, 'from_idtype' => 'app', 'url' => DZZSCRIPT . '?mod=news&status=' . $pass, 'author' => getglobal('username'), 'authorid' => getglobal('uid'), 'dataline' => dgmdate(TIMESTAMP), 'modreason' => getstr($modreason, 45)); $action = 'news_moderator_' . $pass; $type = 'news_moderator_' . $uid; dzz_notification::notification_add($uid, $type, $action, $notevars, 0, 'dzz/news'); } } } if ($pass == 1) { $appid = C::t('app_market')->fetch_appid_by_mod('{dzzscript}?mod=news', 0); foreach ($newids as $newid) { $arr = parent::fetch($newid); $uids = getUidsByOrgid($arr['orgids'], $arr['uids']); foreach ($uids as $uid) { if ($uid != getglobal('uid')) { //发送通知 $notevars = array('from_id' => $appid, 'from_idtype' => 'app', 'url' => DZZSCRIPT . '?mod=news&op=view&newid=' . $newid, 'author' => getglobal('username'), 'authorid' => getglobal('uid'), 'subject' => $arr['subject'], 'dataline' => dgmdate(TIMESTAMP)); $action = 'news_publish'; $type = 'news_publish_' . $uid; dzz_notification::notification_add($uid, $type, $action, $notevars, 0, 'dzz/news'); } } } } } return $ret; }
function pick_seo_replace($info, $bbs = 1) { if (!$info) { return; } include_once libfile('function/home'); $set = pick_common_get(); $key_arr = array('push_title_header', 'push_title_footer', 'push_content_header', 'push_content_body', 'push_content_footer', 'push_reply_header', 'push_reply_body', 'push_reply_footer'); foreach ($key_arr as $v) { ${$v} = format_wrap($set[$v]); } $info_key = array('title', 'content', 'reply'); $hide = $bbs == 1 ? 0 : 1; foreach ($info_key as $v) { if (!$info[$v]) { continue; } if ($v != 'title') { //添加随机隐藏内容 $rand_arr_key = 'push_' . $v . '_body'; if (${$rand_arr_key}) { $rand_arr = implode('*_*', ${$rand_arr_key}); $info[$v] = preg_replace("/\r\n|\n|\r/e", "pick_jammer('', '{$rand_arr}', {$bbs})", $info[$v]); $info[$v] = preg_replace("/<\\/p>|<\\/P>/e", "pick_jammer('</p>', '{$rand_arr}', {$bbs})", $info[$v]); } } $header_arr = 'push_' . $v . '_header'; $header_arr = ${$header_arr}; $header = $header_arr[array_rand($header_arr)]; $footer_arr = 'push_' . $v . '_footer'; $footer_arr = ${$footer_arr}; $footer = $footer_arr[array_rand($footer_arr)]; $info[$v] = $header . $info[$v]; $info[$v] .= $footer; if ($v == 'title') { $info[$v] = getstr(trim($info[$v]), 80, 1, 1); } } return $info; }
protected function kefu_reg($msg) { global $_SGLOBAL, $wx, $_SC; $op_wxid = $wx->weixin['op_wxid']; $op_uid = $wx->weixin['op_uid']; $create_time = $wx->message['time']; $wxid = $wx->message['from']; list($mobile, $weixin_code) = explode('@', $msg, 2); $mobile = getstr($mobile); $weixin_code = getstr($weixin_code); $kefu = $_SGLOBAL['db']->fetch_array($_SGLOBAL['db']->query('select * from ' . tname('open_member_user') . ' where op_uid="' . $op_uid . '" and state=1 and mobile="' . $mobile . '" and weixin_code="' . $weixin_code . '"')); if (!$kefu) { $uid = 0; } elseif ($kefu['weixin_state'] == 1) { $uid = -1; } else { $uid = $kefu['uid']; } if ($uid > 0) { $query = $_SGLOBAL['db']->query('select uid,fakeid,province,nickname from ' . tname('weixin_member') . ' where op_wxid=' . $op_wxid . ' and wxid="' . $wxid . '"'); $member = $_SGLOBAL['db']->fetch_array($query); if (!$member) { $ro = new WX_Remote_Opera(); $query = $_SGLOBAL['db']->query("select * from " . tname('open_member_weixin') . " where id='" . $op_wxid . "'"); if ($op_wx = $_SGLOBAL['db']->fetch_array($query)) { $ro->init($op_wx['username'], $op_wx['password']); } $msglist = $ro->getmsglist(); foreach ($msglist as $k => $v) { if ($v['date_time'] == $create_time) { updatetable(tname('open_member_user'), array('weixin_state' => 1, 'weixin_fakeid' => $v['fakeid']), array('uid' => $uid, 'op_uid' => $op_uid)); break; } } } else { updatetable(tname('open_member_user'), array('weixin_state' => 1, 'weixin_fakeid' => $member['fakeid']), array('uid' => $uid, 'op_uid' => $op_uid)); } } return $uid; }
public function callback_by_comment($comment, $action = 'add', $ats = array()) { $fid = $comment['id']; $class = C::t('#corpus#corpus_class')->fetch($fid); $replyaction = ''; $rpost = array(); if ($comment['rcid'] > 0) { $rpost = C::t('comment')->fetch($comment['rcid']); $replyaction = '_reply'; } elseif ($comment['pcid'] > 0) { $rpost = C::t('comment')->fetch($comment['pcid']); $replyaction = '_reply'; } //产生事件 $event = array('uid' => $comment['authorid'], 'username' => $comment['author'], 'body_template' => 'corpus_commit_doc_' . $action . $replyaction, 'body_data' => serialize(array('author' => $rpost['author'], 'cid' => $class['cid'], 'fid' => $fid, 'fname' => $class['fname'], 'comment' => $comment['message'])), 'dateline' => TIMESTAMP, 'bz' => 'corpus_' . $class['cid']); C::t('#corpus#corpus_event')->insert($event); $appid = C::t('app_market')->fetch_appid_by_mod('{dzzscript}?mod=corpus', 1); if ($action == 'add' && $ats) { //如果评论中@用户时,给用户发送通知 foreach ($ats as $uid) { //发送通知 if ($uid != getglobal('uid')) { //发送通知 $notevars = array('from_id' => $appid, 'from_idtype' => 'app', 'url' => DZZSCRIPT . '?mod=corpus&op=list&cid=' . $class['cid'] . '&fid=' . $class['fid'], 'author' => getglobal('username'), 'authorid' => getglobal('uid'), 'dataline' => dgmdate(TIMESTAMP), 'fname' => getstr($class['fname'], 30), 'comment' => $comment['message']); dzz_notification::notification_add($uid, 'corpus_comment_at_' . $class[$cid], 'corpus_comment_at', $notevars, 0, 'dzz/corpus'); } } } if ($action == 'add') { if ($comment['pcid'] == 0) { //发送通知,通知文档的作者; if ($class['uid'] != getglobal('uid')) { //发送通知 $notevars = array('from_id' => $appid, 'from_idtype' => 'app', 'url' => DZZSCRIPT . '?mod=corpus&op=list&cid=' . $class['cid'] . '&fid=' . $class['fid'], 'author' => getglobal('username'), 'authorid' => getglobal('uid'), 'dataline' => dgmdate(TIMESTAMP), 'fname' => getstr($class['fname'], 30), 'comment' => $comment['message']); dzz_notification::notification_add($class['uid'], 'corpus_comment_mydoc_' . $class[$cid], 'corpus_comment_mydoc', $notevars, 0, 'dzz/corpus'); } } else { //通知原评论人 if ($rpost['uid'] != getglobal('uid')) { //发送通知 $notevars = array('from_id' => $appid, 'from_idtype' => 'app', 'url' => DZZSCRIPT . '?mod=corpus&op=list&cid=' . $class['cid'] . '&fid=' . $class['fid'], 'author' => getglobal('username'), 'authorid' => getglobal('uid'), 'dataline' => dgmdate(TIMESTAMP), 'fname' => getstr($class['fname'], 30), 'comment' => $comment['message']); dzz_notification::notification_add($rpost['authorid'], 'corpus_comment_reply_' . $class[$cid], 'corpus_comment_reply', $notevars, 0, 'dzz/corpus'); } } } }
} //实名认证 ckrealname('thread'); //视频认证 ckvideophoto('thread'); //新用户见习 cknewuser(); //提交 if(submitcheck('textsubmit')) { //自由输入 $_POST['tagname'] = $tagname = getstr($_POST['tagname'], 40, 1, 1, 1); $_POST['fieldid'] = $fieldid = intval($_POST['fieldid']); $profield = $_SGLOBAL['profield'][$fieldid]; if(empty($profield) || $profield['formtype'] != 'text') { showmessage('mtag_fieldid_does_not_exist'); } if(strlen($tagname) < 2) { showmessage('mtag_tagname_error'); } if(!empty($_POST['joinmode'])) { //二次确认 $mtag = mtag_join('tagname', stripslashes($tagname), $fieldid); if(empty($mtag)) { showmessage('mtag_join_error');
function IHomeServiceCreateComplainReply($params = NULL) { global $_SGLOBAL; $cpid = 0; # complain 表中的 id $relay_times = 0; if ($params['uid']) { if ($params['uid'] <= 0) { $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter uid must be a positive integer."); return json_encode($errorMsg); } else { $query = $_SGLOBAL['db']->query("select name,username from " . tname('space') . " where uid = " . $params['uid']); if ($row = $_SGLOBAL['db']->fetch_array($query)) { if ($row['name']) { $params['uname'] = $row['name']; } else { $params['uname'] = $row['username']; } } else { $errorMsg = array("errorNo" => "500", "content" => "the uid is not exist"); return json_encode($errorMsg); } } } else { $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter uid is not exist or is not a positive integer."); return json_encode($errorMsg); } $complain = array(); if ($params['complainId']) { if ($params['complainId'] <= 0) { $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter complainId must be a positive integer."); return json_encode($errorMsg); } else { $query = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where doid = " . $params['complainId']); if ($complain = $_SGLOBAL['db']->fetch_array($query)) { if (isblacklist($complain['uid'])) { $errorMsg = array("errorNo" => "500", "content" => "the user of complain is in blacklist."); return json_encode($errorMsg); } } else { $errorMsg = array("errorNo" => "500", "content" => "the complain id is not exist"); return json_encode($errorMsg); } } } else { $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter complainId is not exist or is not a positive integer."); return json_encode($errorMsg); } if (!$params['message']) { $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter message."); return json_encode($errorMsg); } $params['timestamp'] = time(); $doid = $params['complainId']; $message = getstr($params['message'], 480, 1, 1, 1); preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s*/U", $params['message'], $matches, PREG_SET_ORDER); preg_match_all("/回复[@](.*)[(]([\\d]+)[)]\\s*/U", $params['message'], $reply_matches, PREG_SET_ORDER); if ($reply_matches) { $exclude_relay = 1; } # 如果带有回复字眼,则默认不为relay $newid = 0; $addtype = 0; $query = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where doid=" . $params['complainId'] . ' and atuid=' . $params['uid']); if ($row = $_SGLOBAL['db']->fetch_array($query)) { $complain = $row; $addtype = 2; $cpid = $complain['id']; $relay_times = $complain['relay_times']; } $isrelay = 0; if ($addtype && $matches && !$exclude_relay) { $isrelay = 1; } if ($isrelay && $relay_times >= 3) { $errorMsg = array("errorNo" => "500", "content" => "relay times reach the ceiling'."); return json_encode($errorMsg); } $UserIds = array(); $relay_depid = 0; foreach ($matches as $value) { $TmpString = $value[0]; $TmpName = $value[1]; $UserId = $value[2]; $result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid=" . $UserId); if ($rs = $_SGLOBAL['db']->fetch_array($result)) { $realname = $rs['name']; if (empty($realname)) { $realname = $rs['username']; } $ValidValue = getAtName($TmpString, $TmpName, $realname); $ValidValue = trim($ValidValue); $at_friend = "space.php?uid=" . $UserId; if ($ValidValue != false) { $message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $message); if (!in_array($UserId, $UserIds)) { $UserIds[] = $UserId; } } } if ($isrelay) { $q = $_SGLOBAL['db']->query("select * from " . tname('powerlevel') . " where dept_uid = " . $UserId); if ($r = $_SGLOBAL['db']->fetch_array($q)) { $relay_depid = $UserId; } } } $message = preg_replace("/\\[am:(\\d+):]/is", "<img src=\"image/face_new/face_1/\\1.gif\" class=\"face\">", $message); $message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $message); $message = preg_replace("/\\[bm:(\\d+):]/is", "<img src=\"image/face_new/face_2/\\1.gif\" class=\"face\">", $message); $message = preg_replace("/\\<br.*?\\>/is", ' ', $message); $params['message'] = $message; if (strlen($message) < 1) { $errorMsg = array("errorNo" => "4002", "content" => "the parameter message is too short'."); return json_encode($errorMsg); } if (!$addtype) { if ($UserIds) { $temp = implode(',', $UserIds); $_SGLOBAL['db']->query("UPDATE " . tname('complain') . " SET locked=0 WHERE doid= " . $params['complainId'] . " AND uid=" . $params['uid'] . " AND locked AND atuid in ({$temp})"); } $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('doing') . " WHERE doid=" . $params['complainId']); $updo = $_SGLOBAL['db']->fetch_array($query); $updo['id'] = intval($updo['id']); $updo['grade'] = intval($updo['grade']); $setarr = array('doid' => $updo['doid'], 'upid' => $updo['id'], 'uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message, 'ip' => getonlineip(), 'grade' => $updo['grade'] + 1); if ($params['ip']) { $setarr['ip'] = $params['ip']; } else { $params['ip'] = $setarr['ip']; } if ($updo['grade'] >= 3) { $setarr['upid'] = $updo['upid']; } $newid = inserttable('docomment', $setarr, 1); $params['id'] = $newid; $params['operation'] = 0; $_SGLOBAL['db']->query("UPDATE " . tname('doing') . " SET replynum=replynum+1 WHERE doid='{$updo['doid']}'"); $note = cplang('note_complain_reply', array("space.php?do=complain_item&doid={$setarr['doid']}")); notification_add($userId, 'complain', $note); if (empty($UserIds)) { // not @ $query = $_SGLOBAL['db']->query("SELECT * FROM ihome_complain where doid=" . $updo[doid]); $value = $_SGLOBAL['db']->fetch_array($query); if ($value['from'] == $params['uid']) { //发起方 notification_add($value['atuid'], 'complain', $note); } else { notification_add($value['from'], 'complain', $note); } } unset($params['complainId']); return json_encode($params); } $optype = 2; if ($isrelay) { $optype = 3; $addtype = 0; } $oparr = array('doid' => $params['complainId'], 'message' => $params['message'], 'uid' => $params['uid'], 'username' => $params['uname'], 'optype' => $optype, 'dateline' => time(), 'opvalue' => $relay_depid, 'finish' => $addtype == 2 ? 1 : 0); $params['operation'] = $opid = inserttable('complain_op', $oparr, true); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('doing') . " WHERE doid=" . $params['complainId']); $updo = $_SGLOBAL['db']->fetch_array($query); $updo['id'] = intval($updo['id']); $updo['grade'] = intval($updo['grade']); $setarr = array('doid' => $updo['doid'], 'upid' => $updo['id'], 'uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message, 'ip' => getonlineip(), 'grade' => $updo['grade'] + 1, 'complainBorn' => 1, 'complainopid' => $opid); if ($params['ip']) { $setarr['ip'] = $params['ip']; } else { $params['ip'] = $setarr['ip']; } if ($updo['grade'] >= 3) { $setarr['upid'] = $updo['upid']; } $params['id'] = $newid = inserttable('docomment', $setarr, 1); $_SGLOBAL['db']->query("UPDATE " . tname('doing') . " SET replynum=replynum+1 WHERE doid='{$updo['doid']}'"); if ($optype == 3) { $query = $_SGLOBAL['db']->query("select * from " . tname("space") . " where uid = {$relay_depid}"); $relay_dep = $_SGLOBAL['db']->fetch_array($query); if (empty($relay_dep)) { $errorMsg = array("errorNo" => 500, "content" => "the at user is not exist "); return json_encode($errorMsg); } updatetable('complain', array("status" => 3, 'lastopid' => $opid), array('id' => $cpid)); #status = 3 relayed $query = $_SGLOBAL['db']->query("select * from " . tname("complain") . " where doid= " . $params['complainId'] . " and atuid={$relay_depid} and status != 3"); $already = $_SGLOBAL['db']->fetch_array($query); if (!$already) { if ($complain['relayed_by']) { $relayed_by = $complain['relayed_by'] . $params['uid'] . ','; } else { $relayed_by = ',' . $params['uid'] . ','; } $newComplain = $complain; unset($newComplain['id']); $newComplain['atdeptuid'] = $relay_depid; $newComplain['atuid'] = $relay_depid; $newComplain['atuname'] = $relay_dep['name']; $newComplain['atdepartment'] = $relay_dep['name']; $newComplain['dateline'] = $_SGLOBAL['timestamp']; $newComplain['times'] = 1; $newComplain['issendmsg'] = 0; $newComplain['relay_times'] = $complain['relay_times'] + 1; $newComplain['relayed_by'] = $relayed_by; $newComplainId = inserttable('complain', $newComplain, 1); if ($complain['lastopid'] == 0) { $result = $_SGLOBAL['db']->query("select * from " . tname('complain_dep') . " where uid = " . $params['uid']); $dep = $_SGLOBAL['db']->fetch_array($result); if (empty($dep)) { $arr = array(); $arr['uid'] = $params['uid']; $arr['username'] = $params['uname']; $arr['upnum'] = 0; $arr['downnum'] = 0; $arr['allreplynum'] = 1; $arr['allreplysecs'] = $_SGLOBAL['timestamp'] - $complain['dateline']; $arr['score'] = 0; $arr['aversecs'] = 0; $arr['lastupdate'] = 0; inserttable('complain_dep', $arr); } else { $arr['allreplynum'] = $dep['allreplynum'] + 1; $arr['allreplysecs'] = $dep['allreplysecs'] + $_SGLOBAL['timestamp'] - $complain['dateline']; updatetable("complain_dep", $arr, array('uid' => $params['uid'])); } } $note = cplang('complain_relay', array($complain['atuname'], "space.php?do=complain_item&doid={$complain['doid']}")); notification_complain_add($relay_depid, 'complain', $note); } inserttable('complain_resp', array('uid' => $params['uid'], 'doid' => $doid, 'opid' => $opid, 'replysecs' => $_SGLOBAL['timestamp'] - $complain['dateline'], 'dateline' => $_SGLOBAL['timestamp'])); } else { if ($optype == 2) { if ($addtype == 2) { updatetable('complain', array('status' => 1, 'lastopid' => $opid, 'replytime' => $_SGLOBAL['timestamp'], 'dateline' => $_SGLOBAL['timestamp']), array('id' => $cpid)); } else { updatetable('complain', array('locked' => 1, 'replytime' => $_SGLOBAL['timestamp'], 'dateline' => $_SGLOBAL['timestamp']), array('id' => $cpid)); } if ($complain['lastopid'] == 0) { $result = $_SGLOBAL['db']->query("select * from " . tname('complain_dep') . " where uid =" . $params['uid']); $dep = $_SGLOBAL['db']->fetch_array($result); if (empty($dep)) { $arr = array(); $arr['uid'] = $params['uid']; $arr['username'] = $params['uname']; $arr['upnum'] = 0; $arr['downnum'] = 0; $arr['allreplynum'] = 1; $arr['allreplysecs'] = $_SGLOBAL['timestamp'] - $complain['dateline']; $arr['score'] = 0; $arr['aversecs'] = 0; $arr['lastupdate'] = 0; inserttable('complain_dep', $arr); } else { $arr['allreplynum'] = $dep['allreplynum'] + 1; $arr['allreplysecs'] = $dep['allreplysecs'] + $_SGLOBAL['timestamp'] - $complain['dateline']; updatetable("complain_dep", $arr, array('uid' => $params['uid'])); } } inserttable('complain_resp', array('uid' => $params['uid'], 'doid' => $doid, 'opid' => $opid, 'replysecs' => $_SGLOBAL['timestamp'] - $complain['dateline'], 'dateline' => $_SGLOBAL['timestamp'])); $note = cplang('note_doingcomplain_reply', array("space.php?do=complain_item&doid={$complain['doid']}")); notification_complain_add($complain['uid'], 'complain', $note, $params['uid'], $params['uname']); } } unset($params['complainId']); return json_encode($params); }
} $blockdata['parameters']['music']['mp3list'] = $mp3list; } if (empty($blockdata['parameters']['music']['config'])) { $blockdata['parameters']['music']['config'] = array('showmod' => 'default', 'autorun' => 'true', 'shuffle' => 'true', 'crontabcolor' => '#D2FF8C', 'buttoncolor' => '#1F43FF', 'fontcolor' => '#1F43FF'); } $setarr['blockposition'] = daddslashes(serialize($blockdata)); DB::update('common_member_field_home', $setarr, "uid = {$space['uid']}"); showmessage('do_success', 'home.php?mod=spacecp&ac=index&op=getblock&blockname=' . $blockname, array('blockname' => $blockname)); } if (submitcheck('diysubmit')) { $blockdata = array(); checksecurity($_POST['spacecss']); $spacecss = dstripslashes($_POST['spacecss']); $spacecss = preg_replace("/(\\<|\\>)/is", '', $spacecss); $currentlayout = getstr($_POST['currentlayout'], 5, 1, 1); $style = empty($_POST['style']) ? '' : preg_replace("/[^0-9a-z]/i", '', $_POST['style']); $layoutdata = dstripslashes(getgpc('layoutdata', 'P')); require_once libfile('class/xml'); $layoutdata = xml2array($layoutdata); if (empty($layoutdata)) { showmessage('space_data_format_invalid'); } $layoutdata = $layoutdata['diypage']; if ($style && $style != 'uchomedefault') { $cssfile = DISCUZ_ROOT . './static/space/' . $style . '/style.css'; if (!file_exists($cssfile)) { showmessage('theme_does_not_exist'); } } space_merge($space, 'field_home');
function smail($touid, $email, $subject, $message='', $mailtype='') { global $_SGLOBAL, $_SCONFIG; $cid = 0; if($touid && $_SCONFIG['sendmailday']) { //获得空间 $tospace = getspace($touid); if(empty($tospace)) return false; $sendmail = empty($tospace['sendmail'])?array():unserialize($tospace['sendmail']); if($tospace['emailcheck'] && $tospace['email'] && $_SGLOBAL['timestamp'] - $tospace['lastlogin'] > $_SCONFIG['sendmailday']*86400 && (empty($sendmail) || !empty($sendmail[$mailtype]))) { //获得下次发送时间 if(empty($tospace['lastsend'])) { $tospace['lastsend'] = $_SGLOBAL['timestamp']; } if(!isset($sendmail['frequency'])) $sendmail['frequency'] = 604800;//1周 $sendtime = $tospace['lastsend'] + $sendmail['frequency']; //检查是否存在当前用户队列 $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mailcron')." WHERE touid='$touid' LIMIT 1"); if($value = $_SGLOBAL['db']->fetch_array($query)) { $cid = $value['cid']; if($value['sendtime'] < $sendtime) $sendtime = $value['sendtime']; updatetable('mailcron', array('email'=>addslashes($tospace['email']), 'sendtime'=>$sendtime), array('cid'=>$cid)); } else { $cid = inserttable('mailcron', array('touid'=>$touid, 'email'=>addslashes($tospace['email']), 'sendtime'=>$sendtime), 1); } } } elseif($email) { //直接插入邮件 $email = getstr($email, 80, 1, 1); //检查是否存在当前队列 $cid = 0; $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mailcron')." WHERE email='$email' LIMIT 1"); if($value = $_SGLOBAL['db']->fetch_array($query)) { $cid = $value['cid']; } else { $cid = inserttable('mailcron', array('email'=>$email), 1); } } if($cid) { //插入邮件内容队列 $setarr = array( 'cid' => $cid, 'subject' => addslashes(stripslashes($subject)), 'message' => addslashes(stripslashes($message)), 'dateline' => $_SGLOBAL['timestamp'] ); inserttable('mailqueue', $setarr); } }
if (empty($realname)) { $realname = $rs['username']; } //调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false $ValidValue = getAtName($TmpString, $TmpName, $realname); $ValidValue = trim($ValidValue); $at_friend = "space.php?uid=" . $UserId; if ($ValidValue != false) { $Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message); $UserIds[] = $UserId; } } } //Add by Add by am 2013-12-07 end $arr = array("topicid" => 0, "uid" => intval($userid), "username" => getstr($username, 15, 1, 1, 1), "subject" => getstr($Subject, 80, 1, 1, 1), "classid" => 0, "viewnum" => 0, "replynum" => 0, "hot" => 0, "picflag" => 0, "noreply" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'friend' => 1, 'click_1' => 0, 'click_2' => 0, 'click_3' => 0, 'click_4' => 0, 'click_5' => 0, 'fromdevice' => $FromDevice); $blogid = inserttable('blog', $arr, 1); $arr1 = array("blogid" => intval($blogid), "uid" => intval($userid), "message" => getstr($Message, 5000, 1, 1, 1), "postip" => getonlineip(), "relatedtime" => 0, "magiccolor" => 0, "magicpaper" => 0, "magiccall" => 0); $blogfield = inserttable('blogfield', $arr1, 1); include_once S_ROOT . './source/function_feed.php'; feed_publish($blogid, 'blogid', 0, $FromDevice); if ($blogid) { $arrs = array('flag' => 'success'); } else { $arrs = array('flag' => 'fail'); } } } $result = json_encode($arrs); $result = preg_replace("#\\\\u([0-9a-f]+)#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result); echo $result; exit;
function portalcp_get_summary($message) { $message = preg_replace(array("/\\[attach\\].*?\\[\\/attach\\]/", "/\\&[a-z]+\\;/i", "/\\<script.*?\\<\\/script\\>/"), '', $message); $message = preg_replace("/\\[.*?\\]/", '', $message); $message = getstr(strip_tags($message), 200); return $message; }
$walllist = array(); if ($_SGLOBAL['mygroupid'] == 3 || ckprivacy('wall')) { $query_sql = "SELECT * FROM " . tname('comment') . " WHERE ((id={$space['uid']} AND secret='on' AND authorid={$_SGLOBAL['supe_uid']}) OR (id={$space['uid']} AND secret='on' AND id={$_SGLOBAL['supe_uid']}) OR (id={$space['uid']} AND secret!='on') AND idtype='uid') ORDER BY dateline DESC LIMIT 0,5"; $query = $_SGLOBAL['db']->query($query_sql); while ($value = $_SGLOBAL['db']->fetch_array($query)) { realname_set($value['authorid'], $value['author']); $value['message'] = strlen($value['message']) > 500 ? getstr($value['message'], 500, 0, 0, 0, 0, -1) . ' ...' : $value['message']; $walllist[] = $value; } } $mywalllist = array(); if ($_SGLOBAL['mygroupid'] == 3 || ckprivacy('wall')) { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('comment') . " WHERE authorid='{$space['uid']}' AND idtype='uid' ORDER BY dateline DESC LIMIT 0,12"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { realname_set($value['authorid'], $value['author']); $value['message'] = strlen($value['message']) > 500 ? getstr($value['message'], 500, 0, 0, 0, 0, -1) . ' ...' : $value['message']; $mywalllist[] = $value; } } //ᅧᅦ워ᅳᅬ $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('session') . " WHERE uid = '{$space['uid']}'"); $value = $_SGLOBAL['db']->fetch_array($query); $isonline = empty($value) || $value['magichidden'] ? 0 : sgmdate('H:i:s', $value['lastactivity'], 1); //ᄋᄌ $theme = empty($_GET['theme']) ? '' : preg_replace("/[^0-9a-z]/i", '', $_GET['theme']); if ($theme == 'uchomedefault') { $_SGLOBAL['space_theme'] = $_SGLOBAL['space_css'] = ''; } elseif ($theme) { $cssfile = S_ROOT . './theme/' . $theme . '/style.css'; if (file_exists($cssfile)) { $_SGLOBAL['space_theme'] = $theme;
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false) { global $_G, $space; if ($albumid < 0) { $albumid = 0; } $setarr = array(); require_once libfile('class/upload'); $upload = new discuz_upload(); $filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext; $newfilename = $_G['setting']['attachdir'] . './album/' . $filepath; if ($handle = fopen($newfilename, 'wb')) { if (fwrite($handle, $strdata) !== FALSE) { fclose($handle); $size = filesize($newfilename); if (empty($space)) { $_G['member'] = $space = getspace($_G['uid']); $_G['username'] = addslashes($space['username']); } $_G['member'] = $space; $maxspacesize = checkperm('maxspacesize'); $maxspacesize = $maxspacesize * 1024 * 1024; if ($maxspacesize) { space_merge($space, 'common_member_count'); space_merge($space, 'common_member_field_home'); if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize']) { @unlink($newfilename); return -1; } } if (!$upload->get_image_info($newfilename)) { @unlink($newfilename); return -2; } require_once libfile('class/image'); $image = new image(); $result = $image->Thumb($newfilename, NULL, 140, 140, 1); $thumb = empty($result) ? 0 : 1; $image->Watermark($newfilename); $pic_remote = 0; $album_picflag = 1; if (getglobal('setting/ftp/on')) { $ftpresult_thumb = 0; $ftpresult = ftpupload('album/' . $filepath); if ($ftpresult) { if ($thumb) { ftpupload('album/' . $filepath . '.thumb.jpg'); } $pic_remote = 1; $album_picflag = 2; } else { if (getglobal('setting/ftp/mirror')) { @unlink($newfilename); @unlink($newfilename . '.thumb.jpg'); return -3; } } } $filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1)); $title = getstr($title, 200, 1, 1, 1); if ($albumid) { $albumid = album_creat_by_id($albumid); } else { $albumid = 0; } $setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote); $setarr['picid'] = DB::insert('home_pic', $setarr, 1); DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$size} WHERE uid='{$_G['uid']}'"); include_once libfile('function/stat'); updatestat('pic'); return $setarr; } else { fclose($handle); } } return -3; }
} //统计更新 if ($count != $space['addfriendnum']) { updatetable('space', array('addfriendnum' => $count), array('uid' => $space['uid'])); } //分页 $multi = multi($count, $perpage, $page, "cp.php?ac=friend&op=request"); realname_get(); } elseif ($op == 'groupname') { $groups = getfriendgroup(); $group = intval($_GET['group']); if (!isset($groups[$group])) { showmessage('change_friend_groupname_error'); } if (submitcheck('groupnamesubmit')) { $space['privacy']['groupname'][$group] = getstr($_POST['groupname'], 20, 1, 1); privacy_update(); showmessage('do_success', $_POST['refer']); } } elseif ($op == 'groupignore') { $groups = getfriendgroup(); $group = intval($_GET['group']); if (!isset($groups[$group])) { showmessage('change_friend_groupname_error'); } if (submitcheck('groupignoresubmit')) { if (isset($space['privacy']['filter_gid'][$group])) { unset($space['privacy']['filter_gid'][$group]); } else { $space['privacy']['filter_gid'][$group] = $group; }
showmessage('no_authority_to_add_log'); } //实名认证 ckrealname('blog'); //视频认证 ckvideophoto('blog'); //新用户见习 cknewuser(); //判断是否发布太快 $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } //接收外部标题 $blog['subject'] = empty($_GET['subject']) ? '' : getstr($_GET['subject'], 80, 1, 0); $blog['message'] = empty($_GET['message']) ? '' : getstr($_GET['message'], 5000, 1, 0); } else { if ($_SGLOBAL['supe_uid'] != $blog['uid'] && !checkperm('manageblog')) { showmessage('no_authority_operation_of_the_log'); } } //添加编辑操作 if (submitcheck('blogsubmit')) { if (empty($blog['blogid'])) { $blog = array(); } else { if (!checkperm('allowblog')) { ckspacelog(); showmessage('no_authority_to_add_log'); } }
function rules_get_article($content, $rules_info) { $url = $_GET['url']; $rules_info = pstripslashes($rules_info); $rules_info['title_filter_rules'] = dstripslashes(unserialize($rules_info['title_filter_rules'])); $rules_info['content_filter_rules'] = dstripslashes(unserialize($rules_info['content_filter_rules'])); require_once libfile('function/home'); //先取标题 if ($rules_info['theme_get_type'] == 3) { //智能识别 $data = get_single_article($content); } else { if ($rules_info['theme_get_type'] == 1) { //dom获取 $data = dom_single_article($content, array('title' => $rules_info['theme_rules'])); } else { if ($rules_info['theme_get_type'] == 2) { //字符串 $re = pregmessage($content, '<title>[title]</title>', 'title', -1); $data['other']['old_title'] = $re[0]; $re = pregmessage($content, $rules_info['theme_rules'], 'title', -1); $data['title'] = $re[0]; } } } if (!trim($data['title'])) { return $data; } //如果标题都取不到,不必浪费时间获取内容 $data['content'] = rules_get_contents($content, $rules_info); if ($rules_info['content_page_rules'] && $data['content']) { //分页文章 $content_page_arr = get_content_page($url, $content, $rules_info); if ($content_page_arr) { $args = array('oldurl' => array(), 'content_arr' => array(), 'content_page_arr' => $content_page_arr, 'page_hash' => array(), 'rules' => $rules_info, 'url' => $url); $data['content_arr'] = page_get_content($content, $args); foreach ((array) $data['content_arr'] as $k => $v) { $content_arr[] = $v['content']; } $data['content'] = implode('', $content_arr); } } $data['title'] = unhtmlentities(strip_tags($data['title'], ' ')); $data['content'] = unhtmlentities($data['content']); $data['title'] = getstr(trim($data['title']), 80, 1, 1, 0, 1); $data['content'] = getstr($data['content'], 0, 1, 1, 0, 1); //print_r($data); //处理文章标题和内容,包括替换和过滤 $format_args_title = array('is_fiter' => $rules_info['is_fiter_title'], 'show_type' => 'title', 'test' => 2, 'result_data' => $data['title'], 'replace_rules' => $rules_info['title_replace_rules'], 'filter_data' => $rules_info['title_filter_rules']); $data['title'] = filter_article($format_args_title); $data['content'] = dstripslashes($data['content']); $format_args_content = array('is_fiter' => $rules_info['is_fiter_content'], 'show_type' => 'title', 'test' => 2, 'filter_html' => dunserialize($rules_info['content_filter_html']), 'result_data' => $data['content'], 'replace_rules' => $rules_info['content_replace_rules'], 'filter_data' => $rules_info['content_filter_rules']); $data['content'] = filter_article($format_args_content); //$data['content'] = dz_attach_format($url, $data['content']); $format_arr = format_article_imgurl($url, $data['content']); $data['content'] = $format_arr['message']; //$data['content'] = media_htmlbbcode($data['content'], $url); unset($data['other']); return $data; }
//活动时间 if($_GET['date']){ $daystart = sstrtotime($_GET['date']); $dayend = $daystart + 86400; $wherearr[] = "e.starttime <= '$dayend' AND e.endtime >= '$daystart'"; $theurl .= "&date=$_GET[date]"; } //活动城市 if($_GET['province']) { $_GET['province'] = getstr($_GET['province'], 20, 1, 1); $wherearr[] = "e.province = '$_GET[province]'"; $theurl .= "&province=$_GET[province]"; } if($_GET['city']) { $_GET['city'] = getstr($_GET['city'], 20, 1, 1); $wherearr[] = "e.city = '$_GET[city]'"; $theurl .= "&city=$_GET[city]"; } $submenus = array($type=>' class="active"'); //搜索 if($searchkey = stripsearchkey($_GET['searchkey'])) { $wherearr = $submenus = array(); $wherearr[] = "e.title LIKE '%$searchkey%'"; $theurl .= "&searchkey=$_GET[searchkey]"; cksearch($theurl); } $eventlist = $fevents = array();
function usesubmit() { global $_G; $num = !empty($this->parameters['num']) ? intval($this->parameters['num']) : 10; $friends = $uids = $fids = array(); $query = C::t('home_friend')->fetch_all_by_uid($_G['uid'], 0, 500); foreach ($query as $value) { $value['username'] = $value['fusername']; $value['uid'] = $value['fuid']; $uids[] = intval($value['fuid']); $friends[$value['fuid']] = $value; } $count = count($uids); if (!$count) { showmessage('magicuse_has_no_valid_friend'); } elseif ($count == 1) { $fids = array($uids[0]); } else { $keys = array_rand($uids, min($num, $count)); $fids = array(); foreach ($keys as $key) { $fids[] = $uids[$key]; } } $users = array(); foreach ($fids as $uid) { $value = $friends[$uid]; $value['avatar'] = str_replace("'", "\\'", avatar($value['uid'], 'small')); $users[$uid] = $value; } $inserts = array(); if ($_POST['visitway'] == 'poke') { $note = ''; $icon = intval($_POST['visitpoke']); foreach ($fids as $fid) { $insertdata = array('uid' => $fid, 'fromuid' => $_G['uid'], 'fromusername' => $_G['username'], 'note' => $note, 'dateline' => $_G['timestamp'], 'iconid' => $icon); C::t('home_poke')->insert($insertdata, false, true); } $repokeids = array(); foreach (C::t('home_poke')->fetch_all_by_uid_fromuid($fids, $_G['uid']) as $value) { $repokeids[] = $value['uid']; } $ids = array_diff($fids, $repokeids); if ($ids) { require_once libfile('function/spacecp'); $pokemsg = makepokeaction($icon); $pokenote = array('fromurl' => 'home.php?mod=space&uid=' . $_G['uid'], 'fromusername' => $_G['username'], 'fromuid' => $_G['uid'], 'from_id' => $_G['uid'], 'from_idtype' => 'pokequery', 'pokemsg' => $pokemsg); foreach ($ids as $puid) { notification_add($puid, 'poke', 'poke_request', $pokenote); } } } elseif ($_POST['visitway'] == 'comment') { $message = getstr($_POST['visitmsg'], 255); $ip = $_G['clientip']; $note_inserts = array(); foreach ($fids as $fid) { $actor = "<a href=\"home.php?mod=space&uid={$_G['uid']}\">{$_G['username']}</a>"; $inserts[] = array('uid' => $fid, 'id' => $fid, 'idtype' => uid, 'authorid' => $_G['uid'], 'author' => $_G['username'], 'ip' => $ip, 'dateline' => $_G['timestamp'], 'message' => $message); $note = lang('spacecp', 'magic_note_wall', array('actor' => $actor, 'url' => "home.php?mod=space&uid={$fid}&do=wall")); $note_inserts[] = array('uid' => $fid, 'type' => 'comment', 'new' => 1, 'authorid' => $_G['uid'], 'author' => $_G['username'], 'note' => $note, 'dateline' => $_G['timestamp']); } foreach ($inserts as $insert) { C::t('home_comment')->insert($insert); } foreach ($note_inserts as $note_insert) { C::t('home_notification')->insert($note_insert); } C::t('common_member')->increase($fids, array('newprompt' => 1)); } else { foreach ($fids as $fid) { C::t('home_visitor')->insert(array('uid' => $fid, 'vuid' => $_G['uid'], 'vusername' => $_G['username'], 'dateline' => $_G['timestamp']), false, true); } } usemagic($this->magic['magicid'], $this->magic['num']); updatemagiclog($this->magic['magicid'], '2', '1', '0', '0', 'uid', $_G['uid']); $op = 'show'; include template('home/magic_visit'); }
<?php /* addsharereply.php评论某个分享 Add by am@ihome.2012-10-17 10:34 */ include_once '../iauth_verify_forward.php'; $userid = intval(iauth_verify()); include_once '../../../common.php'; include_once S_ROOT . './uc_client/client.php'; @(include_once S_ROOT . './data/data_profield.php'); //$userid =96; //$username = '******'; $Message = empty($_POST['message']) ? '' : getstr($_POST['message']); $ShareId = empty($_POST['shareid']) ? 0 : intval($_POST['shareid']); $arr = array("id" => intval($ShareId), "uid" => intval($userid), "idtype" => 'sid', "message" => getstr($Message, 5000, 1, 1, 1), "authorid" => intval($userid), "author" => getstr($username, 15, 1, 1, 1), "ip" => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'magicflicker' => 0); $shareid = inserttable('comment', $arr, 1); if ($shareid) { $arrs = array('flag' => 'success'); } else { $arrs = array('flag' => 'fail'); } $result = json_encode($arrs); $result = preg_replace("#\\\\u([0-9a-f]{4})#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result); echo $result; exit;
<?php /* do_editblog.php修改日志 Add by xuxing@ihome.2013-04-04 18:34 */ include_once '../iauth_verify_forward.php'; $userid = intval(iauth_verify()); include_once '../../../common.php'; include_once S_ROOT . './uc_client/client.php'; include_once S_ROOT . './data/data_profield.php'; $Subject = getstr($_POST['subject']); $Message = substr($_POST['message'], 0, 20000); $BlogId = intval($_POST['blogid']); //$userid = 96 ; //$username = '******'; if ($BlogId) { $query = $_SGLOBAL['db']->query("select blogid from " . tname('blog') . " where blogid={$BlogId} and uid={$userid}"); if ($value = $_SGLOBAL['db']->fetch_array($query)) { updatetable('blog', array('subject' => getstr($Subject, 80, 1, 1, 1)), array('blogid' => $BlogId)); updatetable('blogfield', array('message' => $Message), array('blogid' => $BlogId)); $arrs = array('flag' => 'success', 'blogid' => $BlogId); } } else { $arrs = array('flag' => 'fail'); } $result = json_encode($arrs); $result = preg_replace("#\\\\u([0-9a-f]+)#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result); echo $result; exit;
$cid = empty($_GET['cid']) ? 0 : intval($_GET['cid']); $csql = $cid ? "cid='{$cid}' AND" : ''; $count = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('comment') . " WHERE {$csql} id='{$id}' AND idtype='sid'"), 0); if ($count) { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('comment') . " WHERE {$csql} id='{$id}' AND idtype='sid' ORDER BY dateline LIMIT {$start},{$perpage}"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { realname_set($value['authorid'], $value['author']); $list[] = $value; } } // pagination $multi = multi($count, $perpage, $page, "space.php?uid={$share['uid']}&do=share&id={$id}", '', 'comment_ul'); //相关 hot value $topic = topic_get($share['topicid']); realname_get(); $tpl_title = getstr($share['title_template'], 0, 0, 0, 0, 0, -1); include_once template("space_share_view"); } else { if (empty($_GET['view']) && $space['friendnum'] < $_SCONFIG['showallfriendnum']) { $_GET['view'] = 'all'; //默认显示 } $perpage = 20; //Check start number $start = ($page - 1) * $perpage; ckstart($start, $perpage); //处理查询 $f_index = ''; if ($_GET['view'] == 'all') { //大家的 $wheresql = "1";
$multi = multi($count, $perpage, $page, ADMINSCRIPT . "?action={$action}&operation={$operation}"); } } elseif ($operation == 'class') { $ids = $_GET['ids']; $deletes = $_GET['del']; foreach ($ids as $id) { if (!in_array($id, $deletes)) { $setarr = array('classname' => getstr($_GET['classname'][$id], 80, 0, 0, 0, -1), 'disp' => intval($_GET['disp'][$id])); DB::update('wallpaper_class', $setarr, "classid='{$id}'"); } } foreach ($_GET['newclassname'] as $key => $value) { if (empty($value)) { continue; } $setarr = array('classname' => getstr($value, 80, 0, 0, 0, -1), 'disp' => intval($_GET['newdisp'][$key]), 'type' => $_GET['type']); DB::insert('wallpaper_class', $setarr); } if ($deletes) { DB::update('wallpaper', array('classid' => 0), "classid IN (" . dimplode($deletes) . ")"); DB::delete('wallpaper_class', "classid IN (" . dimplode($deletes) . ")"); } showmessage('分类保存成功!', BASESCRIPT . '?mod=thame&operation=' . $_GET['type'] . '&do=class'); } else { $thames = array(); $folder = array(); $query = DB::query("SELECT * FROM " . DB::table('thame') . " where 1 ORDER BY dateline DESC"); while ($value = DB::fetch($query)) { if (!$value['thumb']) { $value['thumb'] = 'dzz/styles/thame/' . $value['folder'] . "/thumb.jpg"; }
$realname = $rs['name']; if (empty($realname)) { $realname = $rs['username']; } //调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false $ValidValue = getAtName($TmpString, $TmpName, $realname); $ValidValue = trim($ValidValue); $at_friend = "space.php?uid=" . $UserId; if ($ValidValue != false) { $Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message); $UserIds[] = $UserId; } } } //Add by Add by am 2013-12-07 end $arr = array('tid' => intval($Commentid), "tagid" => intval($TagId), "uid" => intval($userid), "username" => getstr($username, 15, 1, 1, 1), "message" => getstr($Message, 5000, 1, 1, 1), "ip" => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], "isthread" => 0); $pid = inserttable('post', $arr, 1); //更新统计数据 $_SGLOBAL['db']->query("UPDATE " . tname('thread') . "\r\n\tSET replynum=replynum+1, lastpost='{$_SGLOBAL['timestamp']}', lastauthor='{$username}', lastauthorid='{$userid}'\r\n\tWHERE tid='{$Commentid}'"); //通知 $note = cplang('note_thread_reply') . " <a href=\"space.php?uid={$userid}&do=thread&id={$Commentid}&pid={$pid}\" target=\"_blank\">{$thread['subject']}</a>"; notification_add($userid, 'post', $note); //统计 updatestat('post'); if ($pid) { $arrs = array('flag' => 'success'); } else { $arrs = array('flag' => 'fail'); } } }
function feed_publish($id, $idtype, $add = 0) { global $_G; $setarr = array(); switch ($idtype) { case 'blogid': $query = DB::query("SELECT b.*, bf.* FROM " . DB::table('home_blog') . " b\r\n\t\t\t\tLEFT JOIN " . DB::table('home_blogfield') . " bf ON bf.blogid=b.blogid\r\n\t\t\t\tWHERE b.blogid='{$id}'"); if ($value = DB::fetch($query)) { if ($value['friend'] != 3) { $setarr['icon'] = 'blog'; $setarr['id'] = $value['blogid']; $setarr['idtype'] = $idtype; $setarr['uid'] = $value['uid']; $setarr['username'] = $value['username']; $setarr['dateline'] = $value['dateline']; $setarr['target_ids'] = $value['target_ids']; $setarr['friend'] = $value['friend']; $setarr['hot'] = $value['hot']; $status = $value['status']; $url = "home.php?mod=space&uid={$value['uid']}&do=blog&id={$value['blogid']}"; if ($value['friend'] == 4) { $setarr['title_template'] = 'feed_blog_password'; $setarr['title_data'] = array('subject' => "<a href=\"{$url}\">{$value['subject']}</a>"); } else { if ($value['pic']) { $setarr['image_1'] = pic_cover_get($value['pic'], $value['picflag']); $setarr['image_1_link'] = $url; } $setarr['title_template'] = 'feed_blog_title'; $setarr['body_template'] = 'feed_blog_body'; $value['message'] = preg_replace("/&[a-z]+\\;/i", '', $value['message']); $setarr['body_data'] = array('subject' => "<a href=\"{$url}\">{$value['subject']}</a>", 'summary' => getstr($value['message'], 150, 1, 1, 0, -1)); } } } break; case 'albumid': $key = 1; if ($id > 0) { $query = DB::query("SELECT a.username, a.albumname, a.picnum, a.friend, a.target_ids, p.* FROM " . DB::table('home_pic') . " p\r\n\t\t\t\t\tLEFT JOIN " . DB::table('home_album') . " a ON a.albumid=p.albumid\r\n\t\t\t\t\tWHERE p.albumid='{$id}' ORDER BY dateline DESC LIMIT 0,4"); while ($value = DB::fetch($query)) { if ($value['friend'] <= 2) { if (empty($setarr['icon'])) { $setarr['icon'] = 'album'; $setarr['id'] = $value['albumid']; $setarr['idtype'] = $idtype; $setarr['uid'] = $value['uid']; $setarr['username'] = $value['username']; $setarr['dateline'] = $value['dateline']; $setarr['target_ids'] = $value['target_ids']; $setarr['friend'] = $value['friend']; $status = $value['status']; $setarr['title_template'] = 'feed_album_title'; $setarr['body_template'] = 'feed_album_body'; $setarr['body_data'] = array('album' => "<a href=\"home.php?mod=space&uid={$value['uid']}&do=album&id={$value['albumid']}\">{$value['albumname']}</a>", 'picnum' => $value['picnum']); } $setarr['image_' . $key] = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote']); $setarr['image_' . $key . '_link'] = "home.php?mod=space&uid={$value['uid']}&do=album&picid={$value['picid']}"; $key++; } else { break; } } } break; case 'picid': $plussql = $id > 0 ? "p.picid='{$id}'" : "p.uid='{$_G['uid']}' ORDER BY dateline DESC LIMIT 1"; $query = DB::query("SELECT p.*, a.friend, a.target_ids FROM " . DB::table('home_pic') . " p\r\n\t\t\t\tLEFT JOIN " . DB::table('home_album') . " a ON a.albumid=p.albumid WHERE {$plussql}"); if ($value = DB::fetch($query)) { if (empty($value['friend'])) { $setarr['icon'] = 'album'; $setarr['id'] = $value['picid']; $setarr['idtype'] = $idtype; $setarr['uid'] = $value['uid']; $setarr['username'] = $value['username']; $setarr['dateline'] = $value['dateline']; $setarr['target_ids'] = $value['target_ids']; $setarr['friend'] = $value['friend']; $setarr['hot'] = $value['hot']; $status = $value['status']; $url = "home.php?mod=space&uid={$value['uid']}&do=album&picid={$value['picid']}"; $setarr['image_1'] = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote']); $setarr['image_1_link'] = $url; $setarr['title_template'] = 'feed_pic_title'; $setarr['body_template'] = 'feed_pic_body'; $setarr['body_data'] = array('title' => $value['title']); } } break; } if ($setarr['icon']) { $setarr['title_template'] = $setarr['title_template'] ? lang('feed', $setarr['title_template']) : ''; $setarr['body_template'] = $setarr['body_template'] ? lang('feed', $setarr['body_template']) : ''; $setarr['body_general'] = $setarr['body_general'] ? lang('feed', $setarr['body_general']) : ''; $setarr['title_data']['hash_data'] = "{$idtype}{$id}"; $setarr['title_data'] = serialize($setarr['title_data']); $setarr['body_data'] = serialize($setarr['body_data']); $setarr = daddslashes($setarr); $feedid = 0; if (!$add && $setarr['id']) { $query = DB::query("SELECT feedid FROM " . DB::table('home_feed') . " WHERE id='{$id}' AND idtype='{$idtype}'"); $feedid = DB::result($query, 0); } if ($status == 0) { if ($feedid) { DB::update('home_feed', $setarr, array('feedid' => $feedid)); } else { DB::insert('home_feed', $setarr); } } } }