$ubinding = array(); $ubindingneedupdatepwd = false; $query = $db->query("SELECT u2.uid as uuid, u1.password as oldpassword, m.password, m.uid,m.username,m.groupid,m.memberid,m.regdate,mb.postnum FROM pw_userbinding u1 LEFT JOIN pw_userbinding u2 ON u1.id=u2.id LEFT JOIN pw_members m ON m.uid=u2.uid LEFT JOIN pw_memberdata mb ON m.uid=mb.uid WHERE u1.uid=" . S::sqlEscape($winduid)); while ($rt = $db->fetch_array($query)) { if (empty($rt['uid'])) { $db->update("DELETE FROM pw_userbinding WHERE uid=" . S::sqlEscape($rt['uuid'], false)); } elseif ($rt['uid'] != $winduid) { $rt['groupid'] == '-1' && ($rt['groupid'] = $rt['memberid']); $rt['regdate'] = get_date($rt['regdate']); $ubinding[] = $rt; } else { $ubindingneedupdatepwd = $rt['password'] == $rt['oldpassword'] ? false : true; } unset($rt['password'], $rt['oldpassword']); } require_once uTemplate::PrintEot('info_binding'); pwOutPut(); } else { if ($_POST['step'] == '2' || $_POST['step'] == '3') { PostCheck(); !$_G['userbinding'] && Showmsg('undefined_action'); S::gp(array('username', 'password', 'question', 'customquest', 'answer')); require_once R_P . 'require/checkpass.php'; if (empty($username) || empty($password)) { Showmsg('login_empty'); } if ($username == $windid) { Showmsg('userbinding_same'); } $password = md5($password); $safecv = $db_ifsafecv ? questcode($question, $customquest, $answer) : '';
} } elseif ($action == 'change') { require_once R_P . 'require/credit.php'; $rt = $db->get_one("SELECT db_value FROM pw_config WHERE db_name='jf_A'"); $jf_A = $rt['db_value'] ? unserialize($rt['db_value']) : array(); if (empty($_POST['step'])) { $creditdb = $credit->get($winduid, 'CUSTOM'); $jf = array(); foreach ($jf_A as $key => $value) { if ($value[2]) { list($j_1, $j_2) = explode('_', $key); $jf[$key] = array($credit->cType[$j_1], $credit->cType[$j_2], $value[0], $value[1]); } } !$jf && Showmsg('jfchange_empty'); require_once uTemplate::PrintEot('userpay'); pwOutPut(); } else { PostCheck(); S::gp(array('type', 'change')); if (!$jf_A[$type] || !$jf_A[$type][2]) { Showmsg('bk_credit_type_error'); } $change = (int) $change; if (!is_numeric($change) || $change <= 0) { Showmsg('bk_credit_fillin_error'); } $change % $jf_A[$type][0] != 0 && Showmsg('change_error'); list($sell, $buy) = explode('_', $type); $credit1 = $change; $credit2 = intval($change / $jf_A[$type][0] * $jf_A[$type][1]);
!function_exists('readover') && exit('Forbidden'); if (!$_POST['step']) { /* modify for authentication */ $isAuthMobile = getstatus($userdb['userstatus'], PW_USERSTATUS_AUTHMOBILE); if ($db_authstate) { if ($isAuthMobile && $userdb['authmobile']) { //将手机号的中间四位隐掉 $authmobile = $userdb['authmobile']; for ($i = 3; $i <= 6; $i++) { $authmobile[$i] = '*'; } } } /* modify for authentication */ $customFieldsString = getCustomFieldsAndDefaultValue('contact'); require_once uTemplate::PrintEot('info_link'); pwOutPut(); } elseif ($_POST['step'] == '2') { PostCheck(); S::slashes($userdb); S::gp(array('prooicq', 'proaliww', 'proicq', 'proyahoo', 'promsn', 'proauthmobile', 'oicq', 'aliww'), 'P'); //联系方式 处理 //$prooicq && !is_numeric($prooicq) && Showmsg('illegal_OICQ'); $proicq && !is_numeric($proicq) && Showmsg('illegal_OICQ'); $oicq && !is_numeric($oicq) && Showmsg('QQ号码只能输入数字'); if ($aliww && strlen($aliww) > 31) { Showmsg('阿里旺旺账号字符不能超过30'); } //update member $pwSQL = array('icq' => $proicq); /* modify for authentication */
$swfhash = GetVerify($winduid); //$upload_param = rawurlencode($db_bbsurl.'/job.php?action=uploadicon&verify='.$swfhash.'&uid='.$winduid.'&'); $save_param = rawurlencode($db_bbsurl . '/job.php?action=uploadicon&step=2&'); $default_pic = rawurlencode("{$db_picpath}/facebg.jpg"); //$icon_encode_url = 'up='.$upload_param.'&saveFace='.$save_param.'&url='.$default_pic.'&PHPSESSID='.$sid.'&'.'imgsize='.$db_imgsize.'&'; $icon_encode_url = 'saveFace=' . $save_param . '&url=' . $default_pic . '&imgsize=' . $db_imgsize . '&'; } else { $icon_encode_url = ''; } if ($icontype == 2) { $httpurl = $iconurl; } if ($icontype != 1) { $iconfile = ''; } require_once uTemplate::PrintEot('info_face'); pwOutPut(); } else { if ($step == '2') { PostCheck(); S::slashes($userdb); S::gp(array('facetype', 'proicon'), 'P'); require_once R_P . 'require/showimg.php'; $user_a = explode('|', $winddb['icon']); $usericon = ''; if ($facetype == 1) { $usericon = setIcon($proicon, $facetype, $user_a); } elseif ($_G['allowportait'] && $facetype == 2) { $httpurl = S::getGP('httpurl', 'P'); if (strncmp($httpurl[0], 'http://', 7) != 0 || strrpos($httpurl[0], '|') !== false) { refreshto("profile.php?action=modify&info_type={$info_type}&facetype={$facetype}", getLangInfo('msg', 'illegal_customimg'), 2, true);
$page = (int) $page; if ($date && isset($forumset['sellprice'][$date])) { } else { (!is_numeric($page) || $page < 1) && ($page = 1); $limit = S::sqlLimit(($page - 1) * 10, 10); $rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_forumsell WHERE uid=" . S::sqlEscape($winduid)); $pages = numofpage($rt['sum'], $page, ceil($rt['sum'] / 10), "profile.php?action=forumsell&fid={$fid}&"); $query = $db->query("SELECT * FROM pw_forumsell WHERE uid=" . S::sqlEscape($winduid) . " ORDER BY overdate DESC {$limit}"); $buydb = array(); while ($rt = $db->fetch_array($query)) { $rt['buydate'] = get_date($rt['buydate']); $rt['overdate'] = get_date($rt['overdate']); $buydb[] = $rt; } } require_once uTemplate::PrintEot('profile_forumsell'); pwOutPut(); } else { PostCheck(); S::gp(array('date', 'buymethod')); $rt = $db->get_one("SELECT MAX(overdate) AS u FROM pw_forumsell WHERE uid=" . S::sqlEscape($winduid) . " AND fid=" . S::sqlEscape($fid)); if ($rt['u'] > $timestamp) { Showmsg('forumsell_already'); } if (!isset($forumset['sellprice'][$date])) { Showmsg('forumsell_date'); } if ($buymethod) { if ($forumset['sellprice'][$date]['rprice'] <= 0) { Showmsg('undefined_action'); }
//$db_union[7] && list($customdata,$custominfo) = Getcustom($userdb['customdata']); $customFieldsString = getCustomFieldsAndDefaultValue('basic'); $sexselect[(int) $userdb['gender']] = 'checked'; //$tradeinfo = unserialize($userdb['tradeinfo']); if ($userdb['timedf']) { $temptimedf = str_replace('.', '_', abs($userdb['timedf'])); $userdb['timedf'] < 0 ? ${'zone_0' . $temptimedf} = 'selected' : (${'zone_' . $temptimedf} = 'selected'); } !$rg_timestart && ($rg_timestart = 1960); !$rg_timeend && ($rg_timeend = 2010); //$getbirthday = explode('-',$userdb['bday']); //$yearslect[(int)$getbirthday[0]] = $monthslect[(int)$getbirthday[1]] = $dayslect[(int)$getbirthday[2]] = 'selected'; if ($userdb['signature'] || $userdb['introduce']) { $SCR = 'post'; } require_once uTemplate::PrintEot('info_base'); pwOutPut(); } elseif ($_POST['step'] == '2') { PostCheck(); S::slashes($userdb); $upmembers = $upmemdata = $upmeminfo = array(); //自我简介长度 strlen($_POST['prointroduce']) > 500 && Showmsg('introduce_limit'); //签名难 $_G['signnum'] && strlen($_POST['prosign']) > $_G['signnum'] && Showmsg('sign_limit'); S::gp(array('prohomepage', 'prohonor', 'prointroduce', 'prosign', 'timedf', 'alipay'), 'P'); S::gp(array('newgroupid', 'showsign', 'proreceivemail'), 'P', 2); //strlen($prointroduce)>500 && Showmsg('introduce_limit'); if ($_G['allowhonor']) { $prohonor = trim(substrs($prohonor, 90)); $upmembers['honor'] = $prohonor;
foreach ($creditset as $key => $value) { foreach ($value as $k => $v) { $forumright[$k][$key] = (int) $v; } } $per['upload'] = $per['down'] = $per['rp'] = $per['post'] = $per['visit'] = 1; $per['name'] = strip_tags($rt['name']); if ($rt['allowvisit'] && strpos($rt['allowvisit'], ',' . $groupid . ',') === false) { $per['visit'] = 0; } if ($rt['allowpost'] && strpos($rt['allowpost'], ',' . $groupid . ',') === false || !$rt['allowpost'] && $_G['allowpost'] == 0) { $per['post'] = 0; } if ($rt['allowrp'] && strpos($rt['allowrp'], ',' . $groupid . ',') === false || !$rt['allowrp'] && $_G['allowpost'] == 0) { $per['rp'] = 0; } if ($rt['allowdownload'] && strpos($rt['allowdownload'], ',' . $groupid . ',') === false) { $per['down'] = 0; } elseif (!$rt['allowdownload'] && $_G['allowpost'] == 0) { $per['down'] = 0; } if ($rt['allowupload'] && strpos($rt['allowupload'], ',' . $groupid . ',') === false) { $per['upload'] = 0; } elseif (!$rt['allowupload'] && $_G['allowpost'] == 0) { $per['upload'] = 0; } unset($forumset, $rt); } } require_once uTemplate::PrintEot('profile_permission'); pwOutPut();
/** * 资料设置页模板 */ function getProfileTemplateByInfotype($infotype) { global $winduid; $customFields = $this->customerField->getFieldsByCategoryName($infotype); $templateString = ''; if ($customFields) { $this->customerFieldData = L::loadClass('CustomerFieldData', 'user'); require_once uTemplate::PrintEot('customerfield_profile'); $template = new customerFieldProfileTemplate(); foreach ($customFields as $value) { $customFieldValue = $this->customerFieldData->getCustomerData($value, $winduid); if ($value['fieldname'] == 'bday' && $customFieldValue == '0000-00-00') { $customFieldValue = date('Y-m-d', $GLOBALS['winddb']['regdate']); } $templateString .= $template->buildHtml($value, $customFieldValue); } } return "<!--{$templateString}-->"; }
} elseif ($check_step == 'certificate') { //证件认证 $step = S::getGP('step'); $authService = L::loadClass('Authentication', 'user'); if (empty($step)) { $certificateTypesHtml = $authService->getCertificateTypeHtml(); } elseif ($step == 2) { S::gp(array('certificate')); L::loadClass('certificateupload', 'upload', false); !$certificate['number'] && Showmsg("请输入证件编号"); //删除原有认证 $certificateInfo = $authService->getCertificateInfoByUid($winduid); $certificateInfo && $authService->deleteCertificateById($certificateInfo['id']); $certificateUploadBehavior = new CertificateUpload($winduid); PwUpload::upload($certificateUploadBehavior); $certificateInfo = $authService->getCertificateInfoByUid($winduid); $data = array('type' => $certificate['type'], 'number' => $certificate['number'], 'createtime' => $timestamp, 'state' => 1); if (!S::isArray($certificateInfo) || !$certificateInfo['attach1'] && !$certificateInfo['attach2']) { /* $data['uid'] = $winduid; $authService->addCertificateInfo($data); */ Showmsg("请上传至少一张证件图片再提交"); } else { $authService->updateCertificateInfo($data, $certificateInfo['id']); } refreshto("profile.php?action=auth", '提交成功,请等待管理员审核'); } } require_once uTemplate::PrintEot('profile_auth'); pwOutPut();
<?php !function_exists('readover') && exit('Forbidden'); S::gp(array('step')); if (empty($step)) { $customFieldsString = getCustomFieldsAndDefaultValue('education'); require_once uTemplate::PrintEot('info_education'); pwOutPut(); } elseif ($step == 2) { //update customerfield data $customfieldService = L::loadClass('CustomerFieldService', 'user'); /* @var $customfieldService PW_CustomerFieldService */ $customfieldService->saveProfileCustomerData('education'); // defend start CloudWind::yunUserDefend('editprofile', $winduid, $windid, $timestamp, 0, 101, '', '', '', array('profile' => 'updateeducation')); // defend end refreshto("profile.php?action=modify&info_type={$info_type}", 'operate_success', 2, true); }
<?php !function_exists('readover') && exit('Forbidden'); if (!$_POST['step']) { $customFieldsString = getCustomFieldsAndDefaultValue('other'); require_once uTemplate::PrintEot('info_other'); pwOutPut(); } else { if ($_POST['step'] == '2') { PostCheck(); //update customerfield data $customfieldService = L::loadClass('CustomerFieldService', 'user'); /* @var $customfieldService PW_CustomerFieldService */ $customfieldService->saveProfileCustomerData('other'); /*S::slashes($userdb); $upmembers = $upmemdata = $upmeminfo = array(); foreach ($customfield as $value) { $fieldvalue = S::escapeChar($_POST[$value['field']]); if ($value['required'] && ($value['editable'] == 1 || strlen($userdb[$value['field']]) == 0) && !$fieldvalue) { Cookie('pro_modify', 'other', 'F', false); Showmsg('field_empty'); } if (strlen($userdb[$value['field']]) == 0 || ($userdb[$value['field']] != $fieldvalue && $value['editable'] == 1)) { if ($value['maxlen'] && strlen($fieldvalue) > $value['maxlen']) { Showmsg('field_lenlimit'); } $upmeminfo[$value['field']] = $fieldvalue; } } //update meminfo if ($upmeminfo) {
$query = $db->query("SELECT o.*,m.icon as face FROM pw_oboard o LEFT JOIN pw_members m ON o.uid=m.uid WHERE o.touid=" . S::sqlEscape($uid) . " ORDER BY o.id DESC {$limit}"); while ($rt = $db->fetch_array($query)) { $rt['postdate'] = get_date($rt['postdate']); list($rt['face']) = showfacedesign($rt['face'], 1, 'm'); if ($rt['groupid'] == 6 && $db_shield && $groupid != 3) { $rt['title'] = appShield('ban_feed'); } elseif (!$wordsfb->equal($rt['ifwordsfb'])) { $rt['title'] = $wordsfb->convert($rt['title'], array('id' => $rt['id'], 'type' => 'comments', 'code' => $rt['ifwordsfb'])); } if (strpos($rt['title'], '[s:') !== false) { $tpc_author = $rt['username']; $rt['title'] = showface($rt['title']); } if (strpos($rt['title'], '[url') !== false) { $rt['title'] = convert($rt['title'], $db_windpost); } $boardids[] = $rt['id']; $boards[] = $rt; } if (!empty($boardids)) { $commentdb = getCommentDb('board', $boardids); } $friendsService = L::loadClass('Friend', 'friend'); /* @var $friendsService PW_Friend */ $ismyfriend = 1; if ($friendsService->isFriend($winduid, $uid) !== true) { $is_friend = 0; } $isSpace = true; require_once uTemplate::PrintEot('space_board'); pwOutPut();
<?php !function_exists('readover') && exit('Forbidden'); if (!$step) { $ifppt = false; if (!$db_pptifopen || $db_ppttype == 'server') { $ifppt = true; } $ifpublic = $userService->getUserStatus($winduid, PW_USERSTATUS_PUBLICMAIL) ? 'checked' : ''; require_once uTemplate::PrintEot('info_safe'); pwOutPut(); } else { if ($step == '2') { PostCheck(); S::slashes($userdb); $upmembers = $upmemdata = $upmeminfo = array(); if ($ifppt) { //* include_once pwCache::getPath(D_P.'data/bbscache/dbreg.php'); extract(pwCache::getData(D_P . 'data/bbscache/dbreg.php', false)); S::gp(array('propwd', 'proemail', 'question'), 'P'); if ($propwd || $userdb['email'] != $proemail) { if ($_POST['oldpwd']) { if (strlen($userdb['password']) == 16) { $_POST['oldpwd'] = substr(md5($_POST['oldpwd']), 8, 16); //支持 16 位 md5截取密码 } else { $_POST['oldpwd'] = md5($_POST['oldpwd']); } } $userdb['password'] != $_POST['oldpwd'] && Showmsg('pwd_confirm_fail'); if ($propwd) {
} refreshto("profile.php?action=toolcenter", 'operate_success'); } } elseif ($job == 'use' || $job == 'ajax') { $toolid = (int) S::getGP('toolid'); if (!$toolid) { $tooldb = array(); $query = $db->query("SELECT * FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid=" . S::sqlEscape($winduid) . "ORDER BY vieworder"); while ($rt = $db->fetch_array($query)) { $rt['descrip'] = substrs($rt['descrip'], 45); $tooldb[] = $rt; } if (!$tooldb) { Showmsg('no_tool'); } require_once uTemplate::PrintEot('profile_toolcenter'); pwOutPut(); } $tooldb = $db->get_one("SELECT u.nums,t.name,t.filename,t.state,t.type,t.conditions FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid=" . S::sqlEscape($winduid) . "AND u.toolid=" . S::sqlEscape($toolid)); !$db_toolifopen && Showmsg('toolcenter_close'); if (!$tooldb || $tooldb['nums'] <= 0) { Showmsg('nothistool'); } if ($tooldb['type'] == 1) { !$tid && Showmsg('illegal_tid'); $condition = unserialize($tooldb['conditions']); $tpcdb = $db->get_one("SELECT fid,subject,authorid,topped,toolfield FROM pw_threads WHERE tid=" . S::sqlEscape($tid)); if (!$tpcdb) { Showmsg('illegal_tid'); } if ($condition['forum'] && strpos($condition['forum'], ",{$tpcdb['fid']},") === false) {
<?php !function_exists('readover') && exit('Forbidden'); S::gp(array('step', 'info_type')); if (!$step) { $memberTagsService = L::loadClass('MemberTagsService', 'user'); $modelList['tags'] = array('num' => 10, 'expire' => 7200); $spaceData = $newSpace->getSpaceData($modelList); $memberTags = $spaceData['tags']; //¸öÈ˱êÇ© $hotTagsNum = $memberTagsService->countHotTagsNum(); $hotTags = $memberTagsService->getTagsByNum(8); require_once uTemplate::PrintEot('info_tags'); pwOutPut(); }
Showmsg('specialgroup_exists'); } $rt = $db->get_one("SELECT gid,grouptitle FROM pw_usergroups WHERE gptype='special' AND gid=" . S::sqlEscape($gid)); if (!$rt) { Showmsg('specialgroup_error'); } $query = $db->query("SELECT gid,rkey,rvalue FROM pw_permission WHERE uid='0' AND fid='0' AND gid=" . S::sqlEscape($gid) . " AND rkey IN ('sellinfo','sellprice','rmbprice','selltype','selllimit','allowbuy')"); while ($permi = $db->fetch_array($query)) { $rt['sright'][$permi['rkey']] = $permi['rvalue']; } if (!$rt['sright']['allowbuy']) { Showmsg('special_allowbuy'); } if (empty($_POST['step'])) { $rt['sright']['selltype'] = $credit->cType[$rt['sright']['selltype']]; require_once uTemplate::PrintEot('profile_buy'); pwOutPut(); } else { PostCheck(); S::gp(array('pwpwd'), 'P'); S::gp(array('days', 'buymethod', 'options'), null, 2); if (!is_numeric($days) || $days <= 0) { Showmsg('illegal_nums'); } if ($days < $rt['sright']['selllimit']) { Showmsg('special_selllimit'); } $userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */ $mb = $userService->get($winduid); if ($gid == $groupid || strpos($mb['groups'], ",{$gid},") !== false) {
} else { $joblists = $jobService->getFinishJobs($winduid); $jobs = $jobService->buildLists($joblists, $action, $winduid, $groupid); } $current[2] = "current"; require_once uTemplate::PrintEot('jobcenter'); pwOutPut(); } elseif ($action == "quit") { if ($step == 2) { list($bool, $message) = $jobService->jobQuitController($winduid, $id); ajaxResponse($message, $bool); } $joblists = $jobService->getQuitJobs($winduid); $jobs = $jobService->buildLists($joblists, $action, $winduid, $groupid); $current[3] = "current"; require_once uTemplate::PrintEot('jobcenter'); pwOutPut(); } elseif ($action == "start") { //获取任务开始链接 list($bool, $message, $link) = $jobService->jobStartController($winduid, $id); if (S::getGP('ajax')) { ajax_footer(); } if (!$bool) { refreshto("jobcenter.php?action=applied", $message); } if ($link == "") { refreshto("jobcenter.php?action=applied", "任务开始"); } else { ObHeader($link); }