public function actionPost() { if (EnvUtil::submitCheck("formhash")) { $return = array("data" => Ibos::lang("Operation succeed", "message"), "IsSuccess" => true); if (empty($_POST["touid"])) { $return["data"] = Ibos::lang("Message receiver cannot be empty"); $return["IsSuccess"] = false; $this->ajaxReturn($return); } if (trim(StringUtil::filterCleanHtml($_POST["content"])) == "") { $return["data"] = Ibos::lang("Message content cannot be empty"); $return["IsSuccess"] = false; $this->ajaxReturn($return); } $_POST["touid"] = implode(",", StringUtil::getUid($_POST["touid"])); if (isset($_POST["type"])) { !in_array($_POST["type"], array(MessageContent::ONE_ON_ONE_CHAT, MessageContent::MULTIPLAYER_CHAT)) && ($_POST["type"] = null); } else { $_POST["type"] = null; } $_POST["content"] = StringUtil::filterDangerTag($_POST["content"]); $res = MessageContent::model()->postMessage($_POST, Yii::app()->user->uid); if ($res) { $this->ajaxReturn($return); } else { $return["IsSuccess"] = false; $return["data"] = MessageContent::model()->getError("message"); $this->ajaxReturn($return); } } }
public function actionIndex() { $shareInfo["sid"] = intval(EnvUtil::getRequest("sid")); $shareInfo["stable"] = StringUtil::filterCleanHtml(EnvUtil::getRequest("stable")); $shareInfo["initHTML"] = StringUtil::filterDangerTag(EnvUtil::getRequest("initHTML")); $shareInfo["curid"] = StringUtil::filterCleanHtml(EnvUtil::getRequest("curid")); $shareInfo["curtable"] = StringUtil::filterCleanHtml(EnvUtil::getRequest("curtable")); $shareInfo["module"] = StringUtil::filterCleanHtml(EnvUtil::getRequest("module")); $shareInfo["isrepost"] = intval(EnvUtil::getRequest("isrepost")); if (empty($shareInfo["stable"]) || empty($shareInfo["sid"])) { echo "类型和资源ID不能为空"; exit; } if (!($oldInfo = Source::getSourceInfo($shareInfo["stable"], $shareInfo["sid"], false, $shareInfo["module"]))) { echo "此信息不可以被转发"; exit; } empty($shareInfo["module"]) && ($shareInfo["module"] = $oldInfo["module"]); if (empty($shareInfo["initHTML"]) && !empty($shareInfo["curid"])) { if ($shareInfo["curid"] != $shareInfo["sid"] && $shareInfo["isrepost"] == 1) { $curInfo = Source::getSourceInfo($shareInfo["curtable"], $shareInfo["curid"], false, "weibo"); $userInfo = $curInfo["source_user_info"]; $shareInfo["initHTML"] = " //@" . $userInfo["realname"] . ":" . $curInfo["source_content"]; $shareInfo["initHTML"] = str_replace(array("\n", "\r"), array("", ""), $shareInfo["initHTML"]); } } $shareInfo["shareHtml"] = !empty($oldInfo["shareHtml"]) ? $oldInfo["shareHtml"] : ""; $data = array("shareInfo" => $shareInfo, "oldInfo" => $oldInfo); $this->renderPartial("index", $data); }
public function actionPostFeed() { if (EnvUtil::submitCheck("formhash")) { $return = array("isSuccess" => true, "data" => ""); $d["content"] = isset($_POST["content"]) ? StringUtil::filterDangerTag($_POST["content"]) : ""; $d["body"] = $_POST["body"]; $d["rowid"] = isset($_POST["rowid"]) ? intval($_POST["rowid"]) : 0; foreach ($_POST as $key => $val) { $_POST[$key] = StringUtil::filterCleanHtml($_POST[$key]); } $uid = Ibos::app()->user->uid; $user = User::model()->fetchByUid($uid); if (isset($_POST["view"])) { $_POST["view"] = $d["view"] = intval($_POST["view"]); if ($_POST["view"] == WbConst::SELFDEPT_VIEW_SCOPE) { $d["deptid"] = $user["deptid"]; } if ($_POST["view"] == WbConst::CUSTOM_VIEW_SCOPE) { $scope = StringUtil::getId($_POST["viewid"], true); if (isset($scope["u"])) { $d["userid"] = implode(",", $scope["u"]); } if (isset($scope["d"])) { $d["deptid"] = implode(",", $scope["d"]); } if (isset($scope["p"])) { $d["positionid"] = implode(",", $scope["p"]); } } } $d["source_url"] = isset($_POST["source_url"]) ? urldecode($_POST["source_url"]) : ""; $d["body"] = preg_replace("/#[\\s]*([^#^\\s][^#]*[^#^\\s])[\\s]*#/is", "#" . trim("\${1}") . "#", $d["body"]); if (isset($_POST["attachid"])) { $d["attach_id"] = trim(StringUtil::filterCleanHtml($_POST["attachid"])); if (!empty($d["attach_id"])) { $d["attach_id"] = explode(",", $d["attach_id"]); array_map("intval", $d["attach_id"]); } } $type = StringUtil::filterCleanHtml($_POST["type"]); $table = isset($_POST["table"]) ? StringUtil::filterCleanHtml($_POST["table"]) : "feed"; $module = isset($_POST["module"]) ? StringUtil::filterCleanHtml($_POST["module"]) : "weibo"; $data = Feed::model()->put(Ibos::app()->user->uid, $module, $type, $d, $d["rowid"], $table); if (!$data) { $return["isSuccess"] = false; $return["data"] = Feed::model()->getError("putFeed"); $this->ajaxReturn($return); } UserUtil::updateCreditByAction("addweibo", Ibos::app()->user->uid); $data["from"] = EnvUtil::getFromClient($data["from"], $data["module"]); $lang = Ibos::getLangSources(); $return["data"] = $this->renderPartial("feedlist", array("list" => array($data), "lang" => $lang), true); $return["feedid"] = $data["feedid"]; FeedTopic::model()->addTopic(html_entity_decode($d["body"], ENT_QUOTES, "UTF-8"), $data["feedid"], $type); $this->ajaxReturn($return); } }
public function sendSms($data) { $s["uid"] = intval($data["uid"]); $s["touid"] = intval($data["touid"]); $s["mobile"] = StringUtil::filterCleanHtml($data["mobile"]); $s["posturl"] = StringUtil::filterCleanHtml($data["posturl"]); $s["node"] = StringUtil::filterCleanHtml($data["node"]); $s["module"] = StringUtil::filterCleanHtml($data["module"]); $s["return"] = StringUtil::filterCleanHtml($data["return"]); $s["content"] = StringUtil::filterDangerTag($data["content"]); $s["ctime"] = time(); return $this->add($s, true); }
public function sendMessage($data) { if (empty($data["uid"])) { return false; } $s["uid"] = intval($data["uid"]); $s["node"] = StringUtil::filterCleanHtml($data["node"]); $s["module"] = StringUtil::filterCleanHtml($data["module"]); $s["isread"] = 0; $s["title"] = StringUtil::filterCleanHtml($data["title"]); $s["body"] = StringUtil::filterDangerTag($data["body"]); $s["ctime"] = time(); $s["url"] = $data["url"]; return $this->add($s, true); }
public function addComment() { $return = array("isSuccess" => false, "data" => Ibos::lang("Post comment fail", "message")); $data = $_POST; foreach ($data as $key => $val) { $data[$key] = StringUtil::filterCleanHtml($data[$key]); } $data["uid"] = Ibos::app()->user->uid; $data["content"] = StringUtil::filterDangerTag($data["content"]); $table = ucfirst($data["table"]); $pk = $table::model()->getTableSchema()->primaryKey; $sourceInfo = $table::model()->fetch(array("condition" => "`{$pk}` = {$data["rowid"]}")); if (!$sourceInfo) { $return["isSuccess"] = false; $return["data"] = Ibos::lang("Comment has been delete", "message.default"); $this->getOwner()->ajaxReturn($return); } $data["cid"] = Comment::model()->addComment($data); if (!empty($data["attachmentid"])) { AttachUtil::updateAttach($data["attachmentid"]); } $data["ctime"] = TIMESTAMP; if ($data["cid"]) { $this->afterAdd($data, $sourceInfo); $return["isSuccess"] = true; $return["data"] = $this->parseComment($data); } $this->getOwner()->ajaxReturn($return); }
private function addMessageList($data, $fromUid) { if (!$data["content"] || !is_array($data["users"]) || !$fromUid) { return false; } $list["fromuid"] = $fromUid; $list["title"] = isset($data["title"]) ? StringUtil::filterCleanHtml($data["title"]) : StringUtil::filterCleanHtml(StringUtil::cutStr($data["content"], 20)); $list["usernum"] = count($data["users"]); $list["type"] = is_numeric($data["type"]) ? $data["type"] : (2 == $list["usernum"] ? 1 : 2); $list["minmax"] = $this->getUidMinMax($data["users"]); $list["mtime"] = $data["mtime"]; $list["lastmessage"] = serialize(array("fromuid" => $fromUid, "content" => StringUtil::filterDangerTag($data["content"]))); $listRec = MessageList::model()->findByAttributes(array("type" => $list["type"], "minmax" => $list["minmax"])); $listId = !empty($listRec) ? $listRec["listid"] : null; if ($list["type"] == 1 && $listId) { $_list["usernum"] = $list["usernum"]; $_list["lastmessage"] = $list["lastmessage"]; $saved = MessageList::model()->updateAll($_list, "`type` = :type AND `minmax` = :minmax AND `listid`=:listid", array(":type" => $list["type"], ":minmax" => $list["minmax"], ":listid" => $listId)); if (!$saved) { $listId = false; } } else { $listId = MessageList::model()->add($list, true); } return $listId; }
public function actionAddComment() { $return = array("isSuccess" => false); $data = $_GET; foreach ($data as $key => $val) { $data[$key] = StringUtil::filterCleanHtml($data[$key]); } $data["uid"] = Ibos::app()->user->uid; $data["content"] = StringUtil::filterDangerTag($data["content"]); $table = ucfirst($data["table"]); $pk = $table::model()->getTableSchema()->primaryKey; $sourceInfo = $table::model()->fetch(array("condition" => "`{$pk}` = {$data["rowid"]}")); if (!$sourceInfo) { $return["isSuccess"] = false; $this->ajaxReturn($return, "JSONP"); } $data["cid"] = Comment::model()->addComment($data); $data["ctime"] = TIMESTAMP; if ($data["cid"]) { $return["isSuccess"] = true; } $this->ajaxReturn($return, "JSONP"); }
private function addUser() { if (Ibos::app()->request->isAjaxRequest) { $fields = array("username", "password", "realname", "mobile", "deptid", "positionid", "email"); if (empty($_POST["username"]) || empty($_POST["password"])) { $this->ajaxReturn(array("isSuccess" => false, "msg" => Ibos::lang("Username or password not empty"))); } foreach ($fields as $field) { if (isset($_POST[$field]) && !empty($_POST[$field])) { $_POST[$field] = StringUtil::filterDangerTag($_POST[$field]); } } $salt = StringUtil::random(6); $userData = array("salt" => $salt, "username" => $_POST["username"], "password" => !empty($_POST["password"]) ? md5(md5($_POST["password"]) . $salt) : "", "realname" => $_POST["realname"], "mobile" => $_POST["mobile"], "createtime" => TIMESTAMP, "deptid" => intval($_POST["deptid"]), "positionid" => intval($_POST["positionid"]), "email" => $_POST["email"]); $newId = User::model()->add($userData, true); if ($newId) { UserCount::model()->add(array("uid" => $newId)); $ip = Ibos::app()->setting->get("clientip"); UserStatus::model()->add(array("uid" => $newId, "regip" => $ip, "lastip" => $ip)); UserProfile::model()->add(array("uid" => $newId)); $newUser = User::model()->fetchByPk($newId); $users = UserUtil::loadUser(); $users[$newId] = UserUtil::wrapUserInfo($newUser); User::model()->makeCache($users); OrgUtil::update(); $res["isSuccess"] = true; } else { $res["isSuccess"] = false; $res["msg"] = Ibos::lang("Add user failed"); } $this->ajaxReturn($res); } }