Exemple #1
0
 if ($_FILES) {
     require_once libfile('class/upload');
     $upload = new discuz_upload();
     foreach ($_FILES as $key => $file) {
         if (!isset($_G['cache']['profilesetting'][$key])) {
             continue;
         }
         if (!empty($file) && $file['error'] == 0 || !empty($space[$key]) && empty($_G['gp_deletefile'][$key])) {
             $value = '1';
         } else {
             $value = '';
         }
         if (profile_check($key, $value, $space)) {
             $upload->init($file, 'profile');
             $attach = $upload->attach;
             if (!$upload->error()) {
                 $upload->save();
                 if (!$upload->get_image_info($attach['target'])) {
                     @unlink($attach['target']);
                     continue;
                 }
                 $setarr[$key] = '';
                 $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
                 if ($vid && $verifyconfig['available'] && isset($verifyconfig['field'][$key])) {
                     if (isset($verifyinfo['field'][$key])) {
                         @unlink(getglobal('setting/attachdir') . './profile/' . $verifyinfo['field'][$key]);
                         $verifyarr[$key] = $attach['attachment'];
                     }
                     continue;
                 }
                 if (isset($setarr[$key]) && $_G['cache']['profilesetting'][$key]['needverify']) {
function pic_upload($FILES, $type = 'album', $thumb_width = 0, $thumb_height = 0, $thumb_type = 2)
{
    $upload = new discuz_upload();
    $result = array('pic' => '', 'thumb' => 0, 'remote' => 0);
    $upload->init($FILES, $type);
    if ($upload->error()) {
        return array();
    }
    $upload->save();
    if ($upload->error()) {
        return array();
    }
    $result['pic'] = $upload->attach['attachment'];
    if ($thumb_width && $thumb_height) {
        require_once libfile('class/image');
        $image = new image();
        if ($image->Thumb($upload->attach['target'], '', $thumb_width, $thumb_height, $thumb_type)) {
            $result['thumb'] = 1;
        }
    }
    if (getglobal('setting/ftp/on')) {
        if (ftpcmd('upload', $type . '/' . $upload->attach['attachment'])) {
            if ($result['thumb']) {
                ftpcmd('upload', $type . '/' . getimgthumbname($upload->attach['attachment']));
            }
            ftpcmd('close');
            $result['remote'] = 1;
        } else {
            if (getglobal('setting/ftp/mirror')) {
                @unlink($upload->attach['target']);
                @unlink(getimgthumbname($upload->attach['target']));
                return array();
            }
        }
    }
    return $result;
}
    }
    showmessage('diy_operation_invalid', '/');
} elseif ($op == 'import') {
    $tpl = $_POST['tpl'] ? $_POST['tpl'] : $_GET['tpl'];
    tpl_checkperm($tpl);
    if (submitcheck('importsubmit')) {
        $isinner = false;
        $filename = '';
        if ($_POST['importfilename']) {
            $filename = DISCUZ_ROOT . './template/default/portal/diyxml/' . $_POST['importfilename'] . '.xml';
            $isinner = true;
        } else {
            $upload = new discuz_upload();
            $upload->init($_FILES['importfile'], 'temp');
            $attach = $upload->attach;
            if (!$upload->error()) {
                $upload->save();
            }
            if ($upload->error()) {
                showmessage($upload->error(), 'portal.php', array('status' => $upload->error()));
            } else {
                $filename = $attach['target'];
            }
        }
        if ($filename) {
            $arr = import_diy($filename);
            if (!$isinner) {
                @unlink($filename);
            }
            if (!empty($arr)) {
                $search = array('/\\<script/i', '/\\<\\/script\\>/i', "/\r/", "/\n/", '/(\\[script [^>]*?)(src=)(.*?\\[\\/script\\])/');
function pic_save($FILE, $albumid, $title, $iswatermark = true)
{
    global $_G, $space;
    if ($albumid < 0) {
        $albumid = 0;
    }
    $allowpictype = array('jpg', 'jpeg', 'gif', 'png');
    require_once libfile('class/upload');
    $upload = new discuz_upload();
    $upload->init($FILE, 'album');
    if ($upload->error()) {
        return lang('spacecp', 'lack_of_access_to_upload_file_size');
    }
    if (!$upload->attach['isimage']) {
        return lang('spacecp', 'only_allows_upload_file_types');
    }
    if (empty($space)) {
        $_G['member'] = $space = getspace($_G['uid']);
        $_G['username'] = addslashes($space['username']);
    }
    if (!checkperm('allowupload')) {
        return lang('spacecp', 'not_allow_upload');
    }
    if (!ckrealname('album', 1)) {
        return lang('spacecp', 'not_allow_upload');
    }
    if (!ckvideophoto('album', array(), 1)) {
        return lang('spacecp', 'not_allow_upload');
    }
    if (!cknewuser(1)) {
        return lang('spacecp', 'not_allow_upload');
    }
    $maxspacesize = checkperm('maxspacesize');
    $maxspacesize = $maxspacesize * 1024 * 1024;
    if ($maxspacesize) {
        space_merge($space, 'count');
        space_merge($space, 'field_home');
        if ($space['attachsize'] + $upload->attach['size'] > $maxspacesize + $space['addsize']) {
            return lang('spacecp', 'inadequate_capacity_space');
        }
    }
    $showtip = true;
    $albumfriend = 0;
    if ($albumid) {
        $albumid = album_creat_by_id($albumid);
    } else {
        $albumid = 0;
        $showtip = false;
    }
    $upload->save();
    if ($upload->error()) {
        return lang('spacecp', 'mobile_picture_temporary_failure');
    }
    $new_name = $upload->attach['target'];
    require_once libfile('class/image');
    $image = new image();
    $result = $image->Thumb($new_name, '', 140, 140, 1);
    $thumb = empty($result) ? 0 : 1;
    if ($_G['setting']['maxthumbwidth'] && $_G['setting']['maxthumbheight']) {
        if ($_G['setting']['maxthumbwidth'] < 300) {
            $_G['setting']['maxthumbwidth'] = 300;
        }
        if ($_G['setting']['maxthumbheight'] < 300) {
            $_G['setting']['maxthumbheight'] = 300;
        }
        $image->Thumb($new_name, '', $_G['setting']['maxthumbwidth'], $_G['setting']['maxthumbheight'], 1, 1);
    }
    if ($iswatermark) {
        $image->Watermark($new_name);
    }
    $pic_remote = 0;
    $album_picflag = 1;
    if (getglobal('setting/ftp/on')) {
        $ftpresult_thumb = 0;
        $ftpresult = ftpcmd('upload', 'album/' . $upload->attach['attachment']);
        if ($ftpresult) {
            if ($thumb) {
                ftpcmd('upload', 'album/' . $upload->attach['attachment'] . '.thumb.jpg');
            }
            $pic_remote = 1;
            $album_picflag = 2;
        } else {
            if (getglobal('setting/ftp/mirror')) {
                @unlink($upload->attach['target']);
                @unlink($upload->attach['target'] . '.thumb.jpg');
                return lang('spacecp', 'ftp_upload_file_size');
            }
        }
    }
    $title = getstr($title, 200, 1, 1, 1);
    $setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => addslashes($upload->attach['name']), 'postip' => $_G['clientip'], 'title' => $title, 'type' => addslashes($upload->attach['ext']), 'size' => $upload->attach['size'], 'filepath' => $upload->attach['attachment'], 'thumb' => $thumb, 'remote' => $pic_remote);
    $setarr['picid'] = DB::insert('home_pic', $setarr, 1);
    DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$upload->attach['size']} WHERE uid='{$_G['uid']}'");
    include_once libfile('function/stat');
    updatestat('pic');
    return $setarr;
}
 function forum_upload()
 {
     global $_G;
     $_G['uid'] = $this->uid = intval($_G['gp_uid']);
     $swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $this->uid);
     $this->aid = 0;
     $this->simple = !empty($_G['gp_simple']) ? $_G['gp_simple'] : 0;
     if ($_G['gp_hash'] != $swfhash) {
         $this->uploadmsg(10);
     }
     $_G['groupid'] = intval(DB::result_first("SELECT groupid FROM " . DB::table('common_member') . " WHERE uid='" . $this->uid . "'"));
     loadcache('usergroup_' . $_G['groupid']);
     $_G['group'] = $_G['cache']['usergroup_' . $_G['groupid']];
     require_once libfile('class/upload');
     $upload = new discuz_upload();
     $upload->init($_FILES['Filedata'], 'forum');
     $this->attach =& $upload->attach;
     if ($upload->error()) {
         $this->uploadmsg(2);
     }
     $allowupload = !$_G['group']['maxattachnum'] || $_G['group']['maxattachnum'] && $_G['group']['maxattachnum'] > getuserprofile('todayattachs');
     if (!$allowupload) {
         $this->uploadmsg(6);
     }
     if ($_G['group']['attachextensions'] && (!preg_match("/(^|\\s|,)" . preg_quote($upload->attach['ext'], '/') . "(\$|\\s|,)/i", $_G['group']['attachextensions']) || !$upload->attach['ext'])) {
         $this->uploadmsg(1);
     }
     if (empty($upload->attach['size'])) {
         $this->uploadmsg(2);
     }
     if ($_G['group']['maxattachsize'] && $upload->attach['size'] > $_G['group']['maxattachsize']) {
         $this->error_sizelimit = $_G['group']['maxattachsize'];
         $this->uploadmsg(3);
     }
     if ($type = DB::fetch_first("SELECT maxsize FROM " . DB::table('forum_attachtype') . " WHERE extension='" . addslashes($upload->attach['ext']) . "'")) {
         if ($type['maxsize'] == 0) {
             $this->error_sizelimit = 'ban';
             $this->uploadmsg(4);
         } elseif ($upload->attach['size'] > $type['maxsize']) {
             $this->error_sizelimit = $type['maxsize'];
             $this->uploadmsg(5);
         }
     }
     if ($upload->attach['size'] && $_G['group']['maxsizeperday']) {
         $todaysize = getuserprofile('todayattachsize') + $upload->attach['size'];
         if ($todaysize >= $_G['group']['maxsizeperday']) {
             $this->error_sizelimit = 'perday|' . $_G['group']['maxsizeperday'];
             $this->uploadmsg(11);
         }
     }
     updatemembercount($_G['uid'], array('todayattachs' => 1, 'todayattachsize' => $upload->attach['size']));
     $upload->save();
     if ($upload->error() == -103) {
         $this->uploadmsg(8);
     } elseif ($upload->error()) {
         $this->uploadmsg(9);
     }
     $thumb = $remote = $width = 0;
     if ($_G['gp_type'] == 'image' && !$upload->attach['isimage']) {
         $this->uploadmsg(7);
     }
     if ($upload->attach['isimage']) {
         if ($_G['setting']['thumbstatus']) {
             require_once libfile('class/image');
             $image = new image();
             $thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], $_G['setting']['thumbsource']) ? 1 : 0;
             $width = $image->imginfo['width'];
         }
         if ($_G['setting']['thumbsource'] || !$_G['setting']['thumbstatus']) {
             list($width) = @getimagesize($upload->attach['target']);
         }
     }
     if ($_G['gp_type'] != 'image' && $upload->attach['isimage']) {
         $upload->attach['isimage'] = -1;
     }
     $this->aid = $aid = getattachnewaid($this->uid);
     DB::query("INSERT INTO " . DB::table('forum_attachment_unused') . " (aid, dateline, filename, filesize, attachment, isimage, uid, thumb, remote, width)\r\n\t\t\tVALUES ('{$aid}', '{$_G['timestamp']}', '" . $upload->attach['name'] . "', '" . $upload->attach['size'] . "', '" . $upload->attach['attachment'] . "', '" . $upload->attach['isimage'] . "', '" . $this->uid . "', '{$thumb}', '{$remote}', '{$width}')");
     $this->uploadmsg(0);
 }
                if ($_G['gp_ac'] == "upload") {
                    if ($_G['gp_inajax'] != "yes") {
                        $imgexts = "jpg, jpeg, gif, png, bmp";
                        include template("pdnovel/upload");
                    } else {
                        if (!in_array(strrchr(strtolower($_FILES['file']['name']), "."), array(".gif", ".jpg", ".jpeg", ".bmp", ".png"))) {
                            novel_upload_error($upload->error());
                        }
                        if ($version == 'X2.5') {
                            require_once "source/class/discuz/discuz_upload.php";
                        } elseif ($version == 'X2') {
                            require_once "source/class/class_upload.php";
                        }
                        $upload = new discuz_upload();
                        $upload->init($_FILES['file']);
                        $attach = $upload->attach;
                        if (!$upload->error()) {
                            $upload->save();
                        }
                        if ($upload->error()) {
                            novel_upload_error($upload->error());
                        }
                        if ($attach) {
                            echo "data/attachment/temp/" . $attach['attachment'];
                        }
                    }
                }
            }
        }
    }
}
 function on_register()
 {
     global $_G;
     $_GET['username'] = $_GET['' . $this->setting['reginput']['username']];
     $_GET['password'] = $_GET['' . $this->setting['reginput']['password']];
     $_GET['password2'] = $_GET['' . $this->setting['reginput']['password2']];
     $_GET['email'] = $_GET['' . $this->setting['reginput']['email']];
     if ($_G['uid']) {
         $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
         $url_forward = dreferer();
         if (strpos($url_forward, $this->setting['regname']) !== false) {
             $url_forward = 'forum.php';
         }
         showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
     } elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
         if ($_GET['action'] == 'activation' || $_GET['activationauth']) {
             if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
                 showmessage('register_disable_activation');
             }
         } elseif (!$this->setting['regstatus']) {
             if ($this->setting['regconnect']) {
                 dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple');
             }
             showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
         }
     }
     $bbrules =& $this->setting['bbrules'];
     $bbrulesforce =& $this->setting['bbrulesforce'];
     $bbrulestxt =& $this->setting['bbrulestxt'];
     $welcomemsg =& $this->setting['welcomemsg'];
     $welcomemsgtitle =& $this->setting['welcomemsgtitle'];
     $welcomemsgtxt =& $this->setting['welcomemsgtxt'];
     $regname = $this->setting['regname'];
     if ($this->setting['regverify']) {
         if ($this->setting['areaverifywhite']) {
             $location = $whitearea = '';
             $location = trim(convertip($_G['clientip'], "./"));
             if ($location) {
                 $whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
                 $whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
                 $whitearea = '.*' . $whitearea . '.*';
                 $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
                 if (@preg_match($whitearea, $location)) {
                     $this->setting['regverify'] = 0;
                 }
             }
         }
         if ($_G['cache']['ipctrl']['ipverifywhite']) {
             foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
                 if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
                     $this->setting['regverify'] = 0;
                     break;
                 }
             }
         }
     }
     $invitestatus = false;
     if ($this->setting['regstatus'] == 2) {
         if ($this->setting['inviteconfig']['inviteareawhite']) {
             $location = $whitearea = '';
             $location = trim(convertip($_G['clientip'], "./"));
             if ($location) {
                 $whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
                 $whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
                 $whitearea = '.*' . $whitearea . '.*';
                 $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
                 if (@preg_match($whitearea, $location)) {
                     $invitestatus = true;
                 }
             }
         }
         if ($this->setting['inviteconfig']['inviteipwhite']) {
             foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
                 if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
                     $invitestatus = true;
                     break;
                 }
             }
         }
     }
     $groupinfo = array();
     if ($this->setting['regverify']) {
         $groupinfo['groupid'] = 8;
     } else {
         $groupinfo['groupid'] = $this->setting['newusergroupid'];
     }
     $seccodecheck = $this->setting['seccodestatus'] & 1;
     $secqaacheck = $this->setting['secqaa']['status'] & 1;
     $fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
     $username = isset($_GET['username']) ? $_GET['username'] : '';
     $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
     $auth = $_GET['auth'];
     if (!$invitestatus) {
         $invite = getinvite();
     }
     $sendurl = $this->setting['sendregisterurl'] ? true : false;
     if ($sendurl) {
         if (!empty($_GET['hash'])) {
             $_GET['hash'] = preg_replace("/[^\\[A-Za-z0-9_\\]%]/", '', $_GET['hash']);
             $hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey']));
             if (is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) {
                 $sendurl = false;
             }
         }
     }
     if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
         if ($_GET['action'] == 'activation') {
             $auth = explode("\t", authcode($auth, 'DECODE'));
             if (FORMHASH != $auth[1]) {
                 showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
             }
             $username = $auth[0];
             $activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
             $sendurl = false;
         }
         if (!$sendurl) {
             if ($fromuid) {
                 $member = getuserbyuid($fromuid);
                 if (!empty($member)) {
                     $fromuser = dhtmlspecialchars($member['username']);
                 } else {
                     dsetcookie('promotion');
                 }
             }
             if ($_GET['action'] == 'activation') {
                 $auth = dhtmlspecialchars($auth);
             }
             if ($seccodecheck) {
                 $seccode = random(6, 1);
             }
             $username = dhtmlspecialchars($username);
             $htmls = $settings = array();
             foreach ($_G['cache']['fields_register'] as $field) {
                 $fieldid = $field['fieldid'];
                 $html = profile_setting($fieldid, array(), false, false, true);
                 if ($html) {
                     $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
                     $htmls[$fieldid] = $html;
                 }
             }
             $navtitle = $this->setting['reglinkname'];
             if ($this->extrafile && file_exists($this->extrafile)) {
                 require_once $this->extrafile;
             }
         }
         $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
         $dreferer = dreferer();
         include template($this->template);
     } else {
         $activationauth = array();
         if (isset($_GET['activationauth']) && $_GET['activationauth']) {
             $activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE'));
             if ($activationauth[1] != FORMHASH) {
                 showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
             }
             $sendurl = false;
         }
         if (!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) {
             checkemail($_GET['email']);
         }
         if ($sendurl) {
             $hashstr = urlencode(authcode("{$_GET['email']}\t{$_G['timestamp']}", 'ENCODE', $_G['config']['security']['authkey']));
             $registerurl = "{$_G[siteurl]}member.php?mod=" . $this->setting['regname'] . "&amp;hash={$hashstr}&amp;email={$_GET[email]}";
             $email_register_message = lang('email', 'email_register_message', array('bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $registerurl));
             if (!sendmail("{$_GET['email']} <{$_GET['email']}>", lang('email', 'email_register_subject'), $email_register_message)) {
                 runlog('sendmail', "{$_GET['email']} sendmail failed.");
             }
             showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10));
         }
         $emailstatus = 0;
         if ($this->setting['sendregisterurl'] && !$sendurl) {
             $_GET['email'] = strtolower($hash[0]);
             $this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify'];
             if (!$this->setting['regverify']) {
                 $groupinfo['groupid'] = $this->setting['newusergroupid'];
             }
             $emailstatus = 1;
         }
         if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
             showmessage('not_open_registration_invite');
         }
         if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
             showmessage('register_rules_agree');
         }
         $activation = array();
         if (isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) {
             if ($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) {
                 showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
             }
         }
         if (!$activation) {
             $usernamelen = dstrlen($username);
             if ($usernamelen < 3) {
                 showmessage('profile_username_tooshort');
             } elseif ($usernamelen > 15) {
                 showmessage('profile_username_toolong');
             }
             if (uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) {
                 if ($_G['inajax']) {
                     showmessage('profile_username_duplicate');
                 } else {
                     showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username));
                 }
             }
             if ($this->setting['pwlength']) {
                 if (strlen($_GET['password']) < $this->setting['pwlength']) {
                     showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
                 }
             }
             if ($this->setting['strongpw']) {
                 $strongpw_str = array();
                 if (in_array(1, $this->setting['strongpw']) && !preg_match("/\\d+/", $_GET['password'])) {
                     $strongpw_str[] = lang('member/template', 'strongpw_1');
                 }
                 if (in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
                     $strongpw_str[] = lang('member/template', 'strongpw_2');
                 }
                 if (in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
                     $strongpw_str[] = lang('member/template', 'strongpw_3');
                 }
                 if (in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
                     $strongpw_str[] = lang('member/template', 'strongpw_4');
                 }
                 if ($strongpw_str) {
                     showmessage(lang('member/template', 'password_weak') . implode(',', $strongpw_str));
                 }
             }
             $email = strtolower(trim($_GET['email']));
             if (empty($email) && $_G['setting']['forgeemail']) {
                 $_GET['email'] = $email = strtolower(random(6)) . '@' . $_SERVER['HTTP_HOST'];
             }
             if (empty($this->setting['ignorepassword'])) {
                 if ($_GET['password'] !== $_GET['password2']) {
                     showmessage('profile_passwd_notmatch');
                 }
                 if (!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
                     showmessage('profile_passwd_illegal');
                 }
                 $password = $_GET['password'];
             } else {
                 $password = md5(random(10));
             }
         }
         $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
         if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
             showmessage('profile_username_protect');
         }
         if ($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) {
             showmessage('profile_required_info_invalid');
         }
         if ($_G['cache']['ipctrl']['ipregctrl']) {
             foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
                 if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
                     $ctrlip = $ctrlip . '%';
                     $this->setting['regctrl'] = $this->setting['ipregctrltime'];
                     break;
                 } else {
                     $ctrlip = $_G['clientip'];
                 }
             }
         } else {
             $ctrlip = $_G['clientip'];
         }
         if ($this->setting['regctrl']) {
             if (C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp'] - $this->setting['regctrl'] * 3600)) {
                 showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
             }
         }
         $setregip = null;
         if ($this->setting['regfloodctrl']) {
             $regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp'] - 86400);
             if ($regip) {
                 if ($regip['count'] >= $this->setting['regfloodctrl']) {
                     showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
                 } else {
                     $setregip = 1;
                 }
             } else {
                 $setregip = 2;
             }
         }
         $profile = $verifyarr = array();
         foreach ($_G['cache']['fields_register'] as $field) {
             if (defined('IN_MOBILE')) {
                 break;
             }
             $field_key = $field['fieldid'];
             $field_val = $_GET['' . $field_key];
             if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
                 $field_val = true;
             }
             if (!profile_check($field_key, $field_val)) {
                 $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
                 showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
             }
             if ($field['needverify']) {
                 $verifyarr[$field_key] = $field_val;
             } else {
                 $profile[$field_key] = $field_val;
             }
         }
         if (!$activation) {
             $uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']);
             if ($uid <= 0) {
                 if ($uid == -1) {
                     showmessage('profile_username_illegal');
                 } elseif ($uid == -2) {
                     showmessage('profile_username_protect');
                 } elseif ($uid == -3) {
                     showmessage('profile_username_duplicate');
                 } elseif ($uid == -4) {
                     showmessage('profile_email_illegal');
                 } elseif ($uid == -5) {
                     showmessage('profile_email_domain_illegal');
                 } elseif ($uid == -6) {
                     showmessage('profile_email_duplicate');
                 } else {
                     showmessage('undefined_action');
                 }
             }
         } else {
             list($uid, $username, $email) = $activation;
         }
         $_G['username'] = $username;
         if (getuserbyuid($uid, 1)) {
             if (!$activation) {
                 uc_user_delete($uid);
             }
             showmessage('profile_uid_duplicate', '', array('uid' => $uid));
         }
         $password = md5(random(10));
         $secques = $questionid > 0 ? random(8) : '';
         if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
             $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
         }
         if (isset($_POST['birthyear'])) {
             $profile['zodiac'] = get_zodiac($_POST['birthyear']);
         }
         if ($_FILES) {
             $upload = new discuz_upload();
             foreach ($_FILES as $key => $file) {
                 $field_key = 'field_' . $key;
                 if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
                     $upload->init($file, 'profile');
                     $attach = $upload->attach;
                     if (!$upload->error()) {
                         $upload->save();
                         if (!$upload->get_image_info($attach['target'])) {
                             @unlink($attach['target']);
                             continue;
                         }
                         $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
                         if ($_G['cache']['fields_register'][$field_key]['needverify']) {
                             $verifyarr[$key] = $attach['attachment'];
                         } else {
                             $profile[$key] = $attach['attachment'];
                         }
                     }
                 }
             }
         }
         if ($setregip !== null) {
             if ($setregip == 1) {
                 C::t('common_regip')->update_count_by_ip($_G['clientip']);
             } else {
                 C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
             }
         }
         if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
             $groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
         }
         $init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile' => $profile, 'emailstatus' => $emailstatus);
         C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
         if ($emailstatus) {
             updatecreditbyaction('realemail', $uid);
         }
         if ($verifyarr) {
             $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => serialize($verifyarr), 'dateline' => TIMESTAMP);
             C::t('common_member_verify_info')->insert($setverify);
             C::t('common_member_verify')->insert(array('uid' => $uid));
         }
         require_once libfile('cache/userstats', 'function');
         build_cache_userstats();
         if ($this->extrafile && file_exists($this->extrafile)) {
             require_once $this->extrafile;
         }
         if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
             C::t('common_regip')->delete_by_dateline($_G['timestamp'] - ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) * 3600);
             if ($this->setting['regctrl']) {
                 C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
             }
         }
         $regmessage = dhtmlspecialchars($_GET['regmessage']);
         if ($this->setting['regverify'] == 2) {
             C::t('common_member_validate')->insert(array('uid' => $uid, 'submitdate' => $_G['timestamp'], 'moddate' => 0, 'admin' => '', 'submittimes' => 1, 'status' => 0, 'message' => $regmessage, 'remark' => ''), false, true);
             manage_addnotify('verifyuser');
         }
         setloginstatus(array('uid' => $uid, 'username' => $_G['username'], 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
         include_once libfile('function/stat');
         updatestat('register');
         if ($invite['id']) {
             $result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid);
             if (!$result) {
                 C::t('common_invite')->update($invite['id'], array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2));
                 updatestat('invite');
             } else {
                 $invite = array();
             }
         }
         if ($invite['uid']) {
             if ($this->setting['inviteconfig']['inviteaddcredit']) {
                 updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
             }
             if ($this->setting['inviteconfig']['invitedaddcredit']) {
                 updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
             }
             require_once libfile('function/friend');
             friend_make($invite['uid'], $invite['username'], false);
             notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
             space_merge($invite, 'field_home');
             if (!empty($invite['privacy']['feed']['invite'])) {
                 require_once libfile('function/feed');
                 $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
                 feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
             }
             if ($invite['appid']) {
                 updatestat('appinvite');
             }
         }
         if ($welcomemsg && !empty($welcomemsgtxt)) {
             $welcomemsgtitle = replacesitevar($welcomemsgtitle);
             $welcomemsgtxt = replacesitevar($welcomemsgtxt);
             if ($welcomemsg == 1) {
                 $welcomemsgtxt = nl2br(str_replace(':', '&#58;', $welcomemsgtxt));
                 notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
             } elseif ($welcomemsg == 2) {
                 sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
             } elseif ($welcomemsg == 3) {
                 sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
                 $welcomemsgtxt = nl2br(str_replace(':', '&#58;', $welcomemsgtxt));
                 notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
             }
         }
         if ($fromuid) {
             updatecreditbyaction('promotion_register', $fromuid);
             dsetcookie('promotion', '');
         }
         dsetcookie('loginuser', '');
         dsetcookie('activationauth', '');
         dsetcookie('invite_auth', '');
         $url_forward = dreferer();
         $refreshtime = 3000;
         switch ($this->setting['regverify']) {
             case 1:
                 $idstring = random(6);
                 $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
                 C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr));
                 $verifyurl = "{$_G[siteurl]}member.php?mod=activate&amp;uid={$_G[uid]}&amp;id={$idstring}";
                 $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
                 if (!sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message)) {
                     runlog('sendmail', "{$email} sendmail failed.");
                 }
                 $message = 'register_email_verify';
                 $locationmessage = 'register_email_verify_location';
                 $refreshtime = 10000;
                 break;
             case 2:
                 $message = 'register_manual_verify';
                 $locationmessage = 'register_manual_verify_location';
                 break;
             default:
                 $message = 'register_succeed';
                 $locationmessage = 'register_succeed_location';
                 break;
         }
         $param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
         if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
             $url_forward = 'forum.php';
         }
         $href = str_replace("'", "\\'", $url_forward);
         $extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", ' . $refreshtime . ');' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
         showmessage($message, $url_forward, $param, $extra);
     }
 }
function pic_save($FILE, $albumid, $title, $iswatermark = true, $catid = 0)
{
    global $_G, $space;
    if ($albumid < 0) {
        $albumid = 0;
    }
    $allowpictype = array('jpg', 'jpeg', 'gif', 'png');
    $upload = new discuz_upload();
    $upload->init($FILE, 'album');
    if ($upload->error()) {
        return lang('spacecp', 'lack_of_access_to_upload_file_size');
    }
    if (!$upload->attach['isimage']) {
        return lang('spacecp', 'only_allows_upload_file_types');
    }
    $oldgid = $_G['groupid'];
    if (empty($space)) {
        $_G['member'] = $space = getuserbyuid($_G['uid']);
        $_G['username'] = $space['username'];
        $_G['groupid'] = $space['groupid'];
    }
    $_G['member'] = $space;
    loadcache('usergroup_' . $space['groupid'], $oldgid != $_G['groupid'] ? true : false);
    $_G['group'] = $_G['cache']['usergroup_' . $space['groupid']];
    if (!checkperm('allowupload')) {
        return lang('spacecp', 'not_allow_upload');
    }
    if (!cknewuser(1)) {
        if ($_G['setting']['newbiespan'] && $_G['timestamp'] - $_G['member']['regdate'] < $_G['setting']['newbiespan'] * 60) {
            return lang('message', 'no_privilege_newbiespan', array('newbiespan' => $_G['setting']['newbiespan']));
        }
        if ($_G['setting']['need_avatar'] && empty($_G['member']['avatarstatus'])) {
            return lang('message', 'no_privilege_avatar');
        }
        if ($_G['setting']['need_email'] && empty($_G['member']['emailstatus'])) {
            return lang('message', 'no_privilege_email');
        }
        if ($_G['setting']['need_friendnum']) {
            space_merge($_G['member'], 'count');
            if ($_G['member']['friends'] < $_G['setting']['need_friendnum']) {
                return lang('message', 'no_privilege_friendnum', array('friendnum' => $_G['setting']['need_friendnum']));
            }
        }
    }
    if ($_G['group']['maximagesize'] && $upload->attach['size'] > $_G['group']['maximagesize']) {
        return lang('spacecp', 'files_can_not_exceed_size', array('extend' => $upload->attach['ext'], 'size' => sizecount($_G['group']['maximagesize'])));
    }
    $maxspacesize = checkperm('maxspacesize');
    if ($maxspacesize) {
        space_merge($space, 'count');
        space_merge($space, 'field_home');
        if ($space['attachsize'] + $upload->attach['size'] > $maxspacesize + $space['addsize'] * 1024 * 1024) {
            return lang('spacecp', 'inadequate_capacity_space');
        }
    }
    $showtip = true;
    $albumfriend = 0;
    if ($albumid) {
        $catid = intval($catid);
        $albumid = album_creat_by_id($albumid, $catid);
    } else {
        $albumid = 0;
        $showtip = false;
    }
    $upload->save();
    if ($upload->error()) {
        return lang('spacecp', 'mobile_picture_temporary_failure');
    }
    if (!$upload->attach['imageinfo'] || !in_array($upload->attach['imageinfo']['2'], array(1, 2, 3, 6))) {
        @unlink($upload->attach['target']);
        return lang('spacecp', 'only_allows_upload_file_types');
    }
    $new_name = $upload->attach['target'];
    require_once libfile('class/image');
    $image = new image();
    $result = $image->Thumb($new_name, '', 140, 140, 1);
    $thumb = empty($result) ? 0 : 1;
    if ($_G['setting']['maxthumbwidth'] && $_G['setting']['maxthumbheight']) {
        if ($_G['setting']['maxthumbwidth'] < 300) {
            $_G['setting']['maxthumbwidth'] = 300;
        }
        if ($_G['setting']['maxthumbheight'] < 300) {
            $_G['setting']['maxthumbheight'] = 300;
        }
        $image->Thumb($new_name, '', $_G['setting']['maxthumbwidth'], $_G['setting']['maxthumbheight'], 1, 1);
    }
    if ($iswatermark) {
        $image->Watermark($new_name, '', 'album');
    }
    $pic_remote = 0;
    $album_picflag = 1;
    if (getglobal('setting/ftp/on')) {
        $ftpresult_thumb = 0;
        $ftpresult = ftpcmd('upload', 'album/' . $upload->attach['attachment']);
        if ($ftpresult) {
            @unlink($_G['setting']['attachdir'] . 'album/' . $upload->attach['attachment']);
            if ($thumb) {
                $thumbpath = getimgthumbname($upload->attach['attachment']);
                ftpcmd('upload', 'album/' . $thumbpath);
                @unlink($_G['setting']['attachdir'] . 'album/' . $thumbpath);
            }
            $pic_remote = 1;
            $album_picflag = 2;
        } else {
            if (getglobal('setting/ftp/mirror')) {
                @unlink($upload->attach['target']);
                @unlink(getimgthumbname($upload->attach['target']));
                return lang('spacecp', 'ftp_upload_file_size');
            }
        }
    }
    $title = getstr($title, 200);
    $title = censor($title);
    if (censormod($title) || $_G['group']['allowuploadmod']) {
        $pic_status = 1;
    } else {
        $pic_status = 0;
    }
    $setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => addslashes($upload->attach['name']), 'postip' => $_G['clientip'], 'title' => $title, 'type' => addslashes($upload->attach['ext']), 'size' => $upload->attach['size'], 'filepath' => $upload->attach['attachment'], 'thumb' => $thumb, 'remote' => $pic_remote, 'status' => $pic_status);
    $setarr['picid'] = C::t('home_pic')->insert($setarr, 1);
    C::t('common_member_count')->increase($_G['uid'], array('attachsize' => $upload->attach['size']));
    include_once libfile('function/stat');
    if ($pic_status) {
        updatemoderate('picid', $setarr['picid']);
    }
    updatestat('pic');
    return $setarr;
}
                    fwrite($fp, $content);
                    fclose($fp);
                }
                if (!$upload->get_image_info($attach['target'])) {
                    @unlink($attach['target']);
                    continue;
                }
                $attach['size'] = filesize($attach['target']);
                $attachs[] = daddslashes($attach);
            }
        }
    }
} else {
    $upload->init($_FILES['attach'], 'portal');
    $attach = $upload->attach;
    if (!$upload->error()) {
        $upload->save();
    }
    if ($upload->error()) {
        portal_upload_error($upload->error());
    }
    $attachs[] = $attach;
}
if ($attachs) {
    foreach ($attachs as $attach) {
        if ($attach['isimage'] && empty($_G['setting']['portalarticleimgthumbclosed'])) {
            require_once libfile('class/image');
            $image = new image();
            $thumbimgwidth = $_G['setting']['portalarticleimgthumbwidth'] ? $_G['setting']['portalarticleimgthumbwidth'] : 300;
            $thumbimgheight = $_G['setting']['portalarticleimgthumbheight'] ? $_G['setting']['portalarticleimgthumbheight'] : 300;
            $attach['thumb'] = $image->Thumb($attach['target'], '', $thumbimgwidth, $thumbimgheight, 2);
 function on_register()
 {
     global $_G;
     $_G['gp_username'] = $_G['gp_' . $this->setting['reginput']['username']];
     $_G['gp_password'] = $_G['gp_' . $this->setting['reginput']['password']];
     $_G['gp_password2'] = $_G['gp_' . $this->setting['reginput']['password2']];
     $_G['gp_email'] = $_G['gp_' . $this->setting['reginput']['email']];
     if ($_G['uid']) {
         $ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
         $url_forward = dreferer();
         if (strpos($url_forward, $this->setting['regname']) !== false) {
             $url_forward = 'forum.php';
         }
         showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
     } elseif (!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
         if ($_G['gp_action'] == 'activation' || $this->setting['gp_activationauth']) {
             if (!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
                 showmessage('register_disable_activation');
             }
         } elseif (!$this->setting['regstatus']) {
             showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
         }
     }
     $bbrules =& $this->setting['bbrules'];
     $bbrulesforce =& $this->setting['bbrulesforce'];
     $bbrulestxt =& $this->setting['bbrulestxt'];
     $welcomemsg =& $this->setting['welcomemsg'];
     $welcomemsgtitle =& $this->setting['welcomemsgtitle'];
     $welcomemsgtxt =& $this->setting['welcomemsgtxt'];
     $regname = $this->setting['regname'];
     if ($this->setting['regverify']) {
         if ($this->setting['areaverifywhite']) {
             $location = $whitearea = '';
             $location = trim(convertip($_G['clientip'], "./"));
             if ($location) {
                 $whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
                 $whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
                 $whitearea = '.*' . $whitearea . '.*';
                 $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
                 if (@preg_match($whitearea, $location)) {
                     $this->setting['regverify'] = 0;
                 }
             }
         }
         if ($_G['cache']['ipctrl']['ipverifywhite']) {
             foreach (explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
                 if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
                     $this->setting['regverify'] = 0;
                     break;
                 }
             }
         }
     }
     $invitestatus = false;
     if ($this->setting['regstatus'] == 2) {
         if ($this->setting['inviteconfig']['inviteareawhite']) {
             $location = $whitearea = '';
             $location = trim(convertip($_G['clientip'], "./"));
             if ($location) {
                 $whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
                 $whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
                 $whitearea = '.*' . $whitearea . '.*';
                 $whitearea = '/^(' . str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea) . ')$/i';
                 if (@preg_match($whitearea, $location)) {
                     $invitestatus = true;
                 }
             }
         }
         if ($this->setting['inviteconfig']['inviteipwhite']) {
             foreach (explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
                 if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
                     $invitestatus = true;
                     break;
                 }
             }
         }
     }
     $groupinfo = array();
     if ($this->setting['regverify']) {
         $groupinfo['groupid'] = 8;
     } else {
         $groupinfo['groupid'] = $this->setting['newusergroupid'];
     }
     $seccodecheck = $this->setting['seccodestatus'] & 1;
     $secqaacheck = $this->setting['secqaa']['status'] & 1;
     $fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
     $username = isset($_G['gp_username']) ? $_G['gp_username'] : '';
     $bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
     $auth = $_G['gp_auth'];
     if (!$invitestatus) {
         $invite = getinvite();
     }
     if (!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
         if ($_G['gp_action'] == 'activation') {
             $auth = explode("\t", authcode($auth, 'DECODE'));
             if (FORMHASH != $auth[1]) {
                 showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
             }
             $username = $auth[0];
             $activationauth = authcode("{$auth['0']}\t" . FORMHASH, 'ENCODE');
         }
         if ($fromuid) {
             $query = DB::query("SELECT username FROM " . DB::table('common_member') . " WHERE uid='{$fromuid}'");
             if (DB::num_rows($query)) {
                 $fromuser = dhtmlspecialchars(DB::result($query, 0));
             } else {
                 dsetcookie('promotion');
             }
         }
         $bbrulestxt = nl2br("\n{$bbrulestxt}\n\n");
         if ($_G['gp_action'] == 'activation') {
             $auth = dhtmlspecialchars($auth);
         }
         if ($seccodecheck) {
             $seccode = random(6, 1);
         }
         $username = dhtmlspecialchars($username);
         $htmls = $settings = array();
         foreach ($_G['cache']['fields_register'] as $field) {
             $fieldid = $field['fieldid'];
             $html = profile_setting($fieldid, array(), false, false, true);
             if ($html) {
                 $settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
                 $htmls[$fieldid] = $html;
             }
         }
         $navtitle = $this->setting['reglinkname'];
         if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) {
             require_once libfile('member/' . $this->extrafile, 'module');
         }
         $dreferer = dreferer();
         include template($this->template);
     } else {
         if ($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
             showmessage('not_open_registration_invite');
         }
         if ($bbrules && $bbrulehash != $_POST['agreebbrule']) {
             showmessage('register_rules_agree');
         }
         $activation = array();
         if (isset($_G['gp_activationauth'])) {
             $activationauth = explode("\t", authcode($_G['gp_activationauth'], 'DECODE'));
             if ($activationauth[1] == FORMHASH && !($activation = daddslashes(uc_get_user($activationauth[0]), 1))) {
                 showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
             }
         }
         if (!$activation) {
             $usernamelen = dstrlen($username);
             if ($usernamelen < 3) {
                 showmessage('profile_username_tooshort');
             } elseif ($usernamelen > 15) {
                 showmessage('profile_username_toolong');
             }
             $username = addslashes(trim(dstripslashes($username)));
             if (uc_get_user($username) && !DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'")) {
                 if ($_G['inajax']) {
                     showmessage('profile_username_duplicate');
                 } else {
                     showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => stripslashes($username)));
                 }
             }
             $email = trim($_G['gp_email']);
             if (empty($this->setting['ignorepassword'])) {
                 if ($_G['gp_password'] !== $_G['gp_password2']) {
                     showmessage('profile_passwd_notmatch');
                 }
                 if (!$_G['gp_password'] || $_G['gp_password'] != addslashes($_G['gp_password'])) {
                     showmessage('profile_passwd_illegal');
                 }
                 $password = $_G['gp_password'];
             } else {
                 $password = md5(random(10));
             }
         }
         $censorexp = '/^(' . str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote($this->setting['censoruser'] = trim($this->setting['censoruser']), '/')) . ')$/i';
         if ($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
             showmessage('profile_username_protect');
         }
         if ($this->setting['regverify'] == 2 && !trim($_G['gp_regmessage'])) {
             showmessage('profile_required_info_invalid');
         }
         if ($_G['cache']['ipctrl']['ipregctrl']) {
             foreach (explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
                 if (preg_match("/^(" . preg_quote($ctrlip = trim($ctrlip), '/') . ")/", $_G['clientip'])) {
                     $ctrlip = $ctrlip . '%';
                     $this->setting['regctrl'] = $this->setting['ipregctrltime'];
                     break;
                 } else {
                     $ctrlip = $_G['clientip'];
                 }
             }
         } else {
             $ctrlip = $_G['clientip'];
         }
         if ($this->setting['regctrl']) {
             $query = DB::query("SELECT ip FROM " . DB::table('common_regip') . " WHERE ip LIKE '{$ctrlip}' AND count='-1' AND dateline>{$_G['timestamp']}-'" . $this->setting['regctrl'] . "'*3600 LIMIT 1");
             if (DB::num_rows($query)) {
                 showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
             }
         }
         $regipsql = '';
         if ($this->setting['regfloodctrl']) {
             if ($regattempts = DB::result_first("SELECT count FROM " . DB::table('common_regip') . " WHERE ip='{$_G['clientip']}' AND count>'0' AND dateline>'{$_G['timestamp']}'-86400")) {
                 if ($regattempts >= $this->setting['regfloodctrl']) {
                     showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
                 } else {
                     $regipsql = "UPDATE " . DB::table('common_regip') . " SET count=count+1 WHERE ip='{$_G['clientip']}' AND count>'0'";
                 }
             } else {
                 $regipsql = "INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '1', '{$_G['timestamp']}')";
             }
         }
         $profile = $verifyarr = array();
         foreach ($_G['cache']['fields_register'] as $field) {
             if (defined('IN_MOBILE')) {
                 break;
             }
             $field_key = $field['fieldid'];
             $field_val = $_G['gp_' . $field_key];
             if ($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
                 $field_val = true;
             }
             if (!profile_check($field_key, $field_val)) {
                 $showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
                 showmessage($field['title'] . lang('message', 'profile_illegal'), '', array(), array('showid' => 'chk_' . $showid, 'extrajs' => $field['title'] . lang('message', 'profile_illegal') . ($field['formtype'] == 'text' ? '<script type="text/javascript">' . '$(\'registerform\').' . $field['fieldid'] . '.className = \'px er\';' . '$(\'registerform\').' . $field['fieldid'] . '.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_' . $showid . '\').innerHTML = \'\';}}' . '</script>' : '')));
             }
             if ($field['needverify']) {
                 $verifyarr[$field_key] = $field_val;
             } else {
                 $profile[$field_key] = $field_val;
             }
         }
         if (!$activation) {
             $uid = uc_user_register($username, $password, $email, $questionid, $answer, $_G['clientip']);
             if ($uid <= 0) {
                 if ($uid == -1) {
                     showmessage('profile_username_illegal');
                 } elseif ($uid == -2) {
                     showmessage('profile_username_protect');
                 } elseif ($uid == -3) {
                     showmessage('profile_username_duplicate');
                 } elseif ($uid == -4) {
                     showmessage('profile_email_illegal');
                 } elseif ($uid == -5) {
                     showmessage('profile_email_domain_illegal');
                 } elseif ($uid == -6) {
                     showmessage('profile_email_duplicate');
                 } else {
                     showmessage('undefined_action');
                 }
             }
         } else {
             list($uid, $username, $email) = $activation;
         }
         $_G['username'] = $username;
         if (DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE uid='{$uid}'")) {
             if (!$activation) {
                 uc_user_delete($uid);
             }
             showmessage('profile_uid_duplicate', '', array('uid' => $uid));
         }
         $password = md5(random(10));
         $secques = $questionid > 0 ? random(8) : '';
         if (isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
             $profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
         }
         if (isset($_POST['birthyear'])) {
             $profile['zodiac'] = get_zodiac($_POST['birthyear']);
         }
         if ($_FILES) {
             require_once libfile('class/upload');
             $upload = new discuz_upload();
             foreach ($_FILES as $key => $file) {
                 $field_key = 'field_' . $key;
                 if (!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
                     $upload->init($file, 'profile');
                     $attach = $upload->attach;
                     if (!$upload->error()) {
                         $upload->save();
                         if (!$upload->get_image_info($attach['target'])) {
                             @unlink($attach['target']);
                             continue;
                         }
                         $attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
                         if ($_G['cache']['fields_register'][$field_key]['needverify']) {
                             $verifyarr[$key] = $attach['attachment'];
                         } else {
                             $profile[$key] = $attach['attachment'];
                         }
                     }
                 }
             }
         }
         if ($regipsql) {
             DB::query($regipsql);
         }
         if ($invite && $this->setting['inviteconfig']['invitegroupid']) {
             $groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
         }
         $init_arr = explode(',', $this->setting['initcredits']);
         $userdata = array('uid' => $uid, 'username' => $username, 'password' => $password, 'email' => $email, 'adminid' => 0, 'groupid' => $groupinfo['groupid'], 'regdate' => TIMESTAMP, 'credits' => $init_arr[0], 'timeoffset' => 9999);
         $status_data = array('uid' => $uid, 'regip' => $_G['clientip'], 'lastip' => $_G['clientip'], 'lastvisit' => TIMESTAMP, 'lastactivity' => TIMESTAMP, 'lastpost' => 0, 'lastsendmail' => 0);
         $profile['uid'] = $uid;
         $field_forum['uid'] = $uid;
         $field_home['uid'] = $uid;
         if ($this->extrafile && file_exists(libfile('member/' . $this->extrafile, 'module'))) {
             require_once libfile('member/' . $this->extrafile, 'module');
         }
         DB::insert('common_member', $userdata);
         DB::insert('common_member_status', $status_data);
         DB::insert('common_member_profile', $profile);
         DB::insert('common_member_field_forum', $field_forum);
         DB::insert('common_member_field_home', $field_home);
         if ($verifyarr) {
             $setverify = array('uid' => $uid, 'username' => $username, 'verifytype' => '0', 'field' => daddslashes(serialize($verifyarr)), 'dateline' => TIMESTAMP);
             DB::insert('common_member_verify_info', $setverify);
             DB::insert('common_member_verify', array('uid' => $uid));
         }
         $count_data = array('uid' => $uid, 'extcredits1' => $init_arr[1], 'extcredits2' => $init_arr[2], 'extcredits3' => $init_arr[3], 'extcredits4' => $init_arr[4], 'extcredits5' => $init_arr[5], 'extcredits6' => $init_arr[6], 'extcredits7' => $init_arr[7], 'extcredits8' => $init_arr[8]);
         DB::insert('common_member_count', $count_data);
         DB::insert('common_setting', array('skey' => 'lastmember', 'svalue' => $username), false, true);
         manyoulog('user', $uid, 'add');
         $totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member'));
         $userstats = array('totalmembers' => $totalmembers, 'newsetuser' => stripslashes($username));
         save_syscache('userstats', $userstats);
         if ($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
             DB::query("DELETE FROM " . DB::table('common_regip') . " WHERE dateline<='{$_G['timestamp']}'-" . ($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72) . "*3600", 'UNBUFFERED');
             if ($this->setting['regctrl']) {
                 DB::query("INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\t\t\tVALUES ('{$_G['clientip']}', '-1', '{$_G['timestamp']}')");
             }
         }
         $regmessage = dhtmlspecialchars($_G['gp_regmessage']);
         if ($this->setting['regverify'] == 2) {
             DB::query("REPLACE INTO " . DB::table('common_member_validate') . " (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\t\t\tVALUES ('{$uid}', '{$_G['timestamp']}', '0', '', '1', '0', '{$regmessage}', '')");
             manage_addnotify('verifyuser');
         }
         setloginstatus(array('uid' => $uid, 'username' => dstripslashes($_G['username']), 'password' => $password, 'groupid' => $groupinfo['groupid']), 0);
         include_once libfile('function/stat');
         updatestat('register');
         if ($invite['id']) {
             $result = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_invite') . " WHERE uid='{$invite['uid']}' AND fuid='{$uid}'");
             if (!$result) {
                 DB::update("common_invite", array('fuid' => $uid, 'fusername' => $_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2), array('id' => $invite['id']));
                 updatestat('invite');
             } else {
                 $invite = array();
             }
         }
         if ($invite['uid']) {
             if ($this->setting['inviteconfig']['inviteaddcredit']) {
                 updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
             }
             if ($this->setting['inviteconfig']['invitedaddcredit']) {
                 updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
             }
             require_once libfile('function/friend');
             friend_make($invite['uid'], $invite['username'], false);
             notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid=' . $invite['uid'] . '" target="_blank">' . $invite['username'] . '</a>'), 1);
             space_merge($invite, 'field_home');
             if (!empty($invite['privacy']['feed']['invite'])) {
                 require_once libfile('function/feed');
                 $tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
                 feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
             }
             if ($invite['appid']) {
                 updatestat('appinvite');
             }
         }
         if ($welcomemsg && !empty($welcomemsgtxt)) {
             $welcomemsgtitle = addslashes(replacesitevar($welcomemsgtitle));
             $welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt));
             if ($welcomemsg == 1) {
                 $welcomemsgtxt = nl2br(str_replace(':', '&#58;', $welcomemsgtxt));
                 notification_add($uid, 'system', $welcomemsgtxt, array(), 1);
             } elseif ($welcomemsg == 2) {
                 sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
             } elseif ($welcomemsg == 3) {
                 sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
                 $welcomemsgtxt = nl2br(str_replace(':', '&#58;', $welcomemsgtxt));
                 notification_add($uid, 'system', $welcomemsgtxt, array(), 1);
             }
         }
         if ($fromuid) {
             updatecreditbyaction('promotion_register', $fromuid);
             dsetcookie('promotion', '');
         }
         dsetcookie('loginuser', '');
         dsetcookie('activationauth', '');
         dsetcookie('invite_auth', '');
         loadcache('setting', true);
         $_G['setting']['lastmember'] = stripslashes($username);
         $settingnew = $_G['setting'];
         $settingnew['pluginhooks'] = array();
         save_syscache('setting', $settingnew);
         switch ($this->setting['regverify']) {
             case 1:
                 $idstring = random(6);
                 $authstr = $this->setting['regverify'] == 1 ? "{$_G['timestamp']}\t2\t{$idstring}" : '';
                 DB::query("UPDATE " . DB::table('common_member_field_forum') . " SET authstr='{$authstr}' WHERE uid='{$_G['uid']}'");
                 $verifyurl = "{$_G[siteurl]}member.php?mod=activate&amp;uid={$_G[uid]}&amp;id={$idstring}";
                 $email_verify_message = lang('email', 'email_verify_message', array('username' => $_G['member']['username'], 'bbname' => $this->setting['bbname'], 'siteurl' => $_G['siteurl'], 'url' => $verifyurl));
                 sendmail("{$username} <{$email}>", lang('email', 'email_verify_subject'), $email_verify_message);
                 $message = 'register_email_verify';
                 $locationmessage = 'register_email_verify_location';
                 $url_forward = dreferer();
                 break;
             case 2:
                 $message = 'register_manual_verify';
                 $locationmessage = 'register_manual_verify_location';
                 $url_forward = $_G['setting']['homestatus'] ? 'home.php?mod=space&do=home' : 'home.php?mod=spacecp';
                 break;
             default:
                 $message = 'register_succeed';
                 $locationmessage = 'register_succeed_location';
                 $url_forward = dreferer();
                 break;
         }
         $param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
         if (strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
             $url_forward = 'forum.php';
         }
         $href = str_replace("'", "\\'", $url_forward);
         $extra = array('showid' => 'succeedmessage', 'extrajs' => '<script type="text/javascript">' . 'setTimeout("window.location.href =\'' . $href . '\';", 3000);' . '$(\'succeedmessage_href\').href = \'' . $href . '\';' . '$(\'main_message\').style.display = \'none\';' . '$(\'main_succeed\').style.display = \'\';' . '$(\'succeedlocation\').innerHTML = \'' . lang('message', $locationmessage) . '\';' . '</script>', 'striptags' => false);
         showmessage($message, $url_forward, $param, $extra);
     }
 }
 function sanree_common_upload($bid)
 {
     global $_G, $config;
     $this->uid = $_G['uid'];
     $where = ' AND uid=' . $_G['uid'];
     $maxpiccount = intval($config['maxpiccount']);
     if ($maxpiccount > 0 && $_G['uid'] != 1) {
         $piccount = C::t('#sanree_brand#sanree_brand_attachment')->count_by_where($where);
         if ($piccount > $maxpiccount) {
             $this->uploadmsg(12);
         }
     }
     $swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $this->uid);
     $this->aid = 0;
     $this->simple = 2;
     if ($_GET['hash'] != $swfhash) {
         $this->uploadmsg(10);
     }
     $appVer = $_G['setting']['version'];
     if ($appVer == 'X2') {
         require_once libfile('class/upload');
     }
     $upload = new discuz_upload();
     if (!$config['isbird']) {
         $upload->init($_FILES['Filedata'], 'common');
     } else {
         $file = 'Filedata' . $_G['sr_newbanner'];
         $upload->init($_FILES[$file], 'category');
         $this->newbanner_flag = $_G['sr_newbanner'];
     }
     $this->attach =& $upload->attach;
     if ($upload->error()) {
         $this->uploadmsg(2);
     }
     $allowupload = !$_G['group']['maxattachnum'] || $_G['group']['maxattachnum'] && $_G['group']['maxattachnum'] > getuserprofile('todayattachs');
     if (!$allowupload) {
         $this->uploadmsg(6);
     }
     if ($_G['group']['attachextensions'] && (!preg_match("/(^|\\s|,)" . preg_quote($upload->attach['ext'], '/') . "(\$|\\s|,)/i", $_G['group']['attachextensions']) || !$upload->attach['ext'])) {
         $this->uploadmsg(1);
     }
     if (empty($upload->attach['size'])) {
         $this->uploadmsg(2);
     }
     if ($_G['group']['maxattachsize'] && $upload->attach['size'] > $_G['group']['maxattachsize']) {
         $this->error_sizelimit = $_G['group']['maxattachsize'];
         $this->uploadmsg(3);
     }
     loadcache('attachtype');
     if ($_G['fid'] && isset($_G['cache']['attachtype'][$_G['fid']][$upload->attach['ext']])) {
         $maxsize = $_G['cache']['attachtype'][$_G['fid']][$upload->attach['ext']];
     } elseif (isset($_G['cache']['attachtype'][0][$upload->attach['ext']])) {
         $maxsize = $_G['cache']['attachtype'][0][$upload->attach['ext']];
     }
     if (isset($maxsize)) {
         if (!$maxsize) {
             $this->error_sizelimit = 'ban';
             $this->uploadmsg(4);
         } elseif ($upload->attach['size'] > $maxsize) {
             $this->error_sizelimit = $maxsize;
             $this->uploadmsg(5);
         }
     }
     if ($upload->attach['size'] && $_G['group']['maxsizeperday']) {
         $todaysize = getuserprofile('todayattachsize') + $upload->attach['size'];
         if ($todaysize >= $_G['group']['maxsizeperday']) {
             $this->error_sizelimit = 'perday|' . $_G['group']['maxsizeperday'];
             $this->uploadmsg(11);
         }
     }
     updatemembercount($_G['uid'], array('todayattachs' => 1, 'todayattachsize' => $upload->attach['size']));
     $upload->save();
     if ($upload->error() == -103) {
         $this->uploadmsg(8);
     } elseif ($upload->error()) {
         $this->uploadmsg(9);
     }
     $thumb = $remote = $width = 0;
     if (!$upload->attach['isimage']) {
         $this->uploadmsg(7);
     }
     if ($upload->attach['isimage']) {
         if ($_G['setting']['showexif']) {
             require_once libfile('function/attachment');
             $exif = getattachexif(0, $upload->attach['target']);
         }
         if ($_G['setting']['thumbsource'] || $_G['setting']['thumbstatus']) {
             require_once libfile('class/image');
             $image = new image();
         }
         if ($_G['setting']['thumbsource'] && $_G['setting']['sourcewidth'] && $_G['setting']['sourceheight']) {
             $thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['sourcewidth'], $_G['setting']['sourceheight'], 1, 1) ? 1 : 0;
             $width = $image->imginfo['width'];
             $upload->attach['size'] = $image->imginfo['size'];
         }
         if ($_G['setting']['thumbstatus']) {
             $thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], 0) ? 1 : 0;
             $width = $image->imginfo['width'];
         }
         if ($_G['setting']['thumbsource'] || !$_G['setting']['thumbstatus']) {
             list($width) = @getimagesize($upload->attach['target']);
         }
     }
     $this->aid = $aid = getattachnewaid($this->uid);
     $insert = array('aid' => $aid, 'dateline' => $_G['timestamp'], 'filename' => censor($upload->attach['name']), 'filesize' => $upload->attach['size'], 'attachment' => $upload->attach['attachment'], 'isimage' => $upload->attach['isimage'], 'uid' => $this->uid, 'thumb' => $thumb, 'remote' => $remote, 'width' => $width);
     ///C::t('forum_attachment_unused')->insert($insert);
     C::t('#sanree_brand#sanree_brand_attachment')->insert($insert);
     $result = C::t('#sanree_brand#sanree_brand_businesses')->getusername_by_bidanduid($_G['uid'], $bid);
     if ($result['banner']) {
         @unlink($_G['setting']['attachdir'] . 'common/' . $result['banner']);
     }
     if (!$config['isbird']) {
         $setarr = array();
         $setarr['banner'] = $upload->attach['attachment'];
         C::t('#sanree_brand#sanree_brand_businesses')->update($bid, $setarr);
     } else {
         $newbanner = explode(',', $result['newbanner']);
         $newbanner[$_G['sr_newbanner']] = $upload->attach['attachment'];
         $setarr = array();
         $setarr['newbanner'] = implode(',', $newbanner);
         C::t('#sanree_brand#sanree_brand_businesses')->update($bid, $setarr);
     }
     if ($upload->attach['isimage'] && $_G['setting']['showexif']) {
         ///C::t('forum_attachment_exif')->insert($aid, $exif);
     }
     $this->uploadmsg(0);
 }
 function forum_upload()
 {
     global $_G;
     $this->uid = intval($_G['gp_uid']);
     $swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $this->uid);
     if (!$_FILES['Filedata']['error'] && $_G['gp_hash'] == $swfhash) {
         $this->aid = 0;
         $this->simple = !empty($_G['gp_simple']) ? $_G['gp_simple'] : 0;
         $_G['groupid'] = intval(DB::result_first("SELECT groupid FROM " . DB::table('common_member') . " WHERE uid='" . $this->uid . "'"));
         loadcache('usergroup_' . $_G['groupid']);
         $_G['group'] = $_G['cache']['usergroup_' . $_G['groupid']];
         require_once libfile('class/upload');
         $upload = new discuz_upload();
         $upload->init($_FILES['Filedata'], 'forum');
         $this->attach =& $upload->attach;
         if ($upload->error()) {
             $this->uploadmsg(2);
         }
         $allowupload = !$_G['group']['maxattachnum'] || $_G['group']['maxattachnum'] && $_G['group']['maxattachnum'] > DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE uid='{$_G['uid']}' AND dateline>'{$_G['timestamp']}'-86400");
         if (!$allowupload) {
             $this->uploadmsg(9);
         }
         if ($_G['group']['attachextensions'] && (!preg_match("/(^|\\s|,)" . preg_quote($upload->attach['ext'], '/') . "(\$|\\s|,)/i", $_G['group']['attachextensions']) || !$upload->attach['ext'])) {
             $this->uploadmsg(1);
         }
         if (empty($upload->attach['size'])) {
             $this->uploadmsg(2);
         }
         if ($_G['group']['maxattachsize'] && $upload->attach['size'] > $_G['group']['maxattachsize']) {
             $this->uploadmsg(3);
         }
         if ($type = DB::fetch_first("SELECT maxsize FROM " . DB::table('forum_attachtype') . " WHERE extension='" . addslashes($upload->attach['ext']) . "'")) {
             if ($type['maxsize'] == 0) {
                 $this->uploadmsg(4);
             } elseif ($upload->attach['size'] > $type['maxsize']) {
                 $this->uploadmsg(5);
             }
         }
         if ($upload->attach['size'] && $_G['group']['maxsizeperday']) {
             $todaysize = intval(DB::result_first("SELECT SUM(filesize) FROM " . DB::table('forum_attachment') . " WHERE uid='{$_G['uid']}' AND dateline>'{$_G['timestamp']}'-86400"));
             $todaysize += $upload->attach['size'];
             if ($todaysize >= $_G['group']['maxsizeperday']) {
                 $this->uploadmsg(6);
             }
         }
         $upload->save();
         if ($upload->error() == -103) {
             $this->uploadmsg(8);
         } elseif ($upload->error()) {
             $this->uploadmsg(9);
         }
         $thumb = $remote = $width = 0;
         if ($upload->attach['isimage']) {
             require_once libfile('class/image');
             $image = new image();
             $thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], $_G['setting']['thumbsource']) ? 1 : 0;
             $image->Watermark($upload->attach['target']);
             $width = $image->imginfo['width'];
         }
         if (!$this->simple) {
             $upload->attach['name'] = diconv($upload->attach['name'], 'utf-8');
         }
         if ($_G['gp_type'] != 'image' && $upload->attach['isimage']) {
             $upload->attach['isimage'] = -1;
         }
         DB::query("INSERT INTO " . DB::table('forum_attachment') . " (tid, pid, dateline, readperm, price, filename, filetype, filesize, attachment, downloads, isimage, uid, thumb, remote, width)\n\t\t\t\tVALUES ('0', '0', '{$_G['timestamp']}', '0', '0', '" . $upload->attach['name'] . "', '" . $upload->attach['type'] . "', '" . $upload->attach['size'] . "', '" . $upload->attach['attachment'] . "', '0', '" . $upload->attach['isimage'] . "', '" . $this->uid . "', '{$thumb}', '{$remote}', '{$width}')");
         $this->aid = DB::insert_id();
         $this->uploadmsg(0);
     }
 }
 function forum_upload()
 {
     global $_G;
     $_G['uid'] = $this->uid = intval($_GET['uid']);
     $swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $this->uid);
     $this->aid = 0;
     $this->simple = !empty($_GET['simple']) ? $_GET['simple'] : 0;
     if ($_GET['hash'] != $swfhash) {
         $this->uploadmsg(10);
     }
     $upload = new discuz_upload();
     $upload->init($_FILES['Filedata'], 'forum');
     $this->attach =& $upload->attach;
     if ($upload->error()) {
         $this->uploadmsg(2);
     }
     $allowupload = !$_G['group']['maxattachnum'] || $_G['group']['maxattachnum'] && $_G['group']['maxattachnum'] > getuserprofile('todayattachs');
     if (!$allowupload) {
         $this->uploadmsg(6);
     }
     if ($_G['group']['attachextensions'] && (!preg_match("/(^|\\s|,)" . preg_quote($upload->attach['ext'], '/') . "(\$|\\s|,)/i", $_G['group']['attachextensions']) || !$upload->attach['ext'])) {
         $this->uploadmsg(1);
     }
     if (empty($upload->attach['size'])) {
         $this->uploadmsg(2);
     }
     if ($_G['group']['maxattachsize'] && $upload->attach['size'] > $_G['group']['maxattachsize']) {
         $this->error_sizelimit = $_G['group']['maxattachsize'];
         $this->uploadmsg(3);
     }
     loadcache('attachtype');
     if ($_G['fid'] && isset($_G['cache']['attachtype'][$_G['fid']][$upload->attach['ext']])) {
         $maxsize = $_G['cache']['attachtype'][$_G['fid']][$upload->attach['ext']];
     } elseif (isset($_G['cache']['attachtype'][0][$upload->attach['ext']])) {
         $maxsize = $_G['cache']['attachtype'][0][$upload->attach['ext']];
     }
     if (isset($maxsize)) {
         if (!$maxsize) {
             $this->error_sizelimit = 'ban';
             $this->uploadmsg(4);
         } elseif ($upload->attach['size'] > $maxsize) {
             $this->error_sizelimit = $maxsize;
             $this->uploadmsg(5);
         }
     }
     if ($upload->attach['size'] && $_G['group']['maxsizeperday']) {
         $todaysize = getuserprofile('todayattachsize') + $upload->attach['size'];
         if ($todaysize >= $_G['group']['maxsizeperday']) {
             $this->error_sizelimit = 'perday|' . $_G['group']['maxsizeperday'];
             $this->uploadmsg(11);
         }
     }
     updatemembercount($_G['uid'], array('todayattachs' => 1, 'todayattachsize' => $upload->attach['size']));
     $upload->save();
     if ($upload->error() == -103) {
         $this->uploadmsg(8);
     } elseif ($upload->error()) {
         $this->uploadmsg(9);
     }
     $thumb = $remote = $width = 0;
     if ($_GET['type'] == 'image' && !$upload->attach['isimage']) {
         $this->uploadmsg(7);
     }
     if ($upload->attach['isimage']) {
         if ($_G['setting']['showexif']) {
             require_once libfile('function/attachment');
             $exif = getattachexif(0, $upload->attach['target']);
         }
         if ($_G['setting']['thumbsource'] || $_G['setting']['thumbstatus']) {
             require_once libfile('class/image');
             $image = new image();
         }
         if ($_G['setting']['thumbsource'] && $_G['setting']['sourcewidth'] && $_G['setting']['sourceheight']) {
             $thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['sourcewidth'], $_G['setting']['sourceheight'], 1, 1) ? 1 : 0;
             $width = $image->imginfo['width'];
             $upload->attach['size'] = $image->imginfo['size'];
         }
         if ($_G['setting']['thumbstatus']) {
             $thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], 0) ? 1 : 0;
             $width = $image->imginfo['width'];
         }
         if ($_G['setting']['thumbsource'] || !$_G['setting']['thumbstatus']) {
             list($width) = @getimagesize($upload->attach['target']);
         }
     }
     if ($_GET['type'] != 'image' && $upload->attach['isimage']) {
         $upload->attach['isimage'] = -1;
     }
     $this->aid = $aid = getattachnewaid($this->uid);
     $insert = array('aid' => $aid, 'dateline' => $_G['timestamp'], 'filename' => censor($upload->attach['name']), 'filesize' => $upload->attach['size'], 'attachment' => $upload->attach['attachment'], 'isimage' => $upload->attach['isimage'], 'uid' => $this->uid, 'thumb' => $thumb, 'remote' => $remote, 'width' => $width);
     C::t('forum_attachment_unused')->insert($insert);
     if ($upload->attach['isimage'] && $_G['setting']['showexif']) {
         C::t('forum_attachment_exif')->insert($aid, $exif);
     }
     $this->uploadmsg(0);
 }
Exemple #14
0
function mypic_save($FILE, $albumid, $title, $iswatermark = true, $catid = 0)
{
    global $_G;
    if ($albumid < 0) {
        $albumid = 0;
    }
    $swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $_G[uid]);
    if ($_G['sr_hash'] != $swfhash) {
        if (defined('IN_ADMINCP')) {
            cpmsg_error('error 123');
        } else {
            showmessage('error 123');
        }
    }
    $allowpictype = array('jpg', 'jpeg', 'gif', 'png');
    $appVer = $_G['setting']['version'];
    if ($appVer == 'X2') {
        require_once libfile('class/upload');
    }
    $upload = new discuz_upload();
    $upload->init($FILE, 'album');
    if ($upload->error()) {
        if (defined('IN_ADMINCP')) {
            cpmsg_error(lang('spacecp', 'lack_of_access_to_upload_file_size'));
        } else {
            showmessage(lang('spacecp', 'lack_of_access_to_upload_file_size'));
        }
    }
    if (!$upload->attach['isimage']) {
        if (defined('IN_ADMINCP')) {
            cpmsg_error(lang('spacecp', 'only_allows_upload_file_types'));
        } else {
            showmessage(lang('spacecp', 'only_allows_upload_file_types'));
        }
    }
    $upload->save();
    if ($upload->error()) {
        if (defined('IN_ADMINCP')) {
            cpmsg_error(lang('spacecp', 'mobile_picture_temporary_failure'));
        } else {
            showmessage(lang('spacecp', 'mobile_picture_temporary_failure'));
        }
    }
    $setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => addslashes($upload->attach['name']), 'postip' => $_G['clientip'], 'title' => $title, 'type' => addslashes($upload->attach['ext']), 'size' => $upload->attach['size'], 'filepath' => $upload->attach['attachment'], 'thumb' => $thumb, 'remote' => $pic_remote, 'status' => $pic_status);
    return $setarr;
}
Exemple #15
0
    }
}
if (submitcheck('uploadsubmit')) {
    $topicid = intval($_POST['topicid']);
    if ($topicid) {
        $topic = DB::fetch_first("SELECT * FROM " . DB::table('portal_topic') . " WHERE topicid='{$topicid}'");
        if (empty($topic)) {
            topic_upload_error('diy_topic_noexist');
        }
    }
    topic_checkperm($topic);
    require_once libfile('class/upload');
    $upload = new discuz_upload();
    $upload->init($_FILES['attach'], 'portal');
    $attach = $upload->attach;
    if (!$upload->error()) {
        $upload->save();
    }
    if ($upload->error()) {
        topic_upload_error($attach, $upload->error());
    } else {
        if ($attach['isimage']) {
            require_once libfile('class/image');
            $image = new image();
            $attach['thumb'] = $image->Thumb($attach['target'], '', '80', '50');
        }
        if (getglobal('setting/ftp/on')) {
            if (ftpcmd('upload', 'portal/' . $attach['attachment'])) {
                if ($attach['thumb']) {
                    ftpcmd('upload', 'portal/' . $attach['attachment'] . '.thumb.jpg');
                }