function album_creat_by_id($albumid, $catid = 0)
{
global $_G, $space;
preg_match("/^new\\:(.+)\$/i", $albumid, $matchs);
if (!empty($matchs[1])) {
$albumname = dhtmlspecialchars(trim($matchs[1]));
if (empty($albumname)) {
$albumname = dgmdate($_G['timestamp'], 'Ymd');
}
$albumarr = array('albumname' => $albumname);
if ($catid) {
$albumarr['catid'] = $catid;
}
$albumid = album_creat($albumarr);
} else {
$albumid = intval($albumid);
if ($albumid) {
$value = C::t('home_album')->fetch_all_by_uid($_G['uid'], false, 0, 0, $albumid);
if ($value = $value[0]) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = dgmdate($_G['timestamp'], 'Ymd');
$albumarr = array('albumname' => $albumname);
if ($catid) {
$albumarr['catid'] = $catid;
}
$albumid = album_creat($albumarr);
}
}
}
return $albumid;
}
function album_creat_by_id($albumid)
{
global $_G, $space;
preg_match("/^new\\:(.+)\$/i", $albumid, $matchs);
if (!empty($matchs[1])) {
$albumname = dhtmlspecialchars(trim($matchs[1]));
if (empty($albumname)) {
$albumname = dgmdate($_G['timestamp'], 'Ymd');
}
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if ($albumid) {
$query = DB::query("SELECT albumname,friend FROM " . DB::table('home_album') . " WHERE albumid='{$albumid}' AND uid='{$_G['uid']}'");
if ($value = DB::fetch($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = dgmdate($_G['timestamp'], 'Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
return $albumid;
}
/**
* 创建相册
* @param integer $uId 用户Id
* @param string $name 相册名称
* @param string $privacy 相册限制
* @param string $passwd 查看相册时的密码
* @param string $friends 允许查看相册的好友Id
* @return integer 相册Id
*/
function createAlbum($uId, $name, $privacy, $passwd = null, $friendIds = null)
{
include_once S_ROOT . './source/function_cp.php';
$privacy = $this->_convertPrivacy($privacy);
if ($friendIds && is_array($friendIds)) {
$friends = implode(',', $friendIds);
} else {
$friends = '';
}
$fields = array('albumname' => $name, 'friend' => $privacy, 'password' => $passwd, 'target_ids' => $friends);
$result = album_creat($fields);
return new APIResponse($result);
}
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name='', $title='', $delsize=0, $from = false) {
global $_SGLOBAL, $space, $_SCONFIG, $_SC;
if($albumid<0) $albumid = 0;
$setarr = array();
$filepath = getfilepath($fileext, true);
$newfilename = $_SC['attachdir'].'./'.$filepath;
if($handle = fopen($newfilename, 'wb')) {
if(fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
//检查空间大小
if(empty($space)) {
$space = getspace($_SGLOBAL['supe_uid']);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('space')." WHERE uid='$_SGLOBAL[supe_uid]'");
$space = $_SGLOBAL['db']->fetch_array($query);
$_SGLOBAL['supe_username'] = addslashes($space['username']);
}
$_SGLOBAL['member'] = $space;
$maxattachsize = checkperm('maxattachsize');//单位MB
if($maxattachsize) {//0为不限制
if($space['attachsize'] + $size - $delsize > $maxattachsize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
//检查是否图片
if(function_exists('getimagesize')) {
$tmp_imagesize = @getimagesize($newfilename);
list($tmp_width, $tmp_height, $tmp_type) = (array)$tmp_imagesize;
$tmp_size = $tmp_width * $tmp_height;
if($tmp_size > 16777216 || $tmp_size < 4 || empty($tmp_type) || strpos($tmp_imagesize['mime'], 'flash') > 0) {
@unlink($newfilename);
return -2;
}
}
//缩略图
include_once(S_ROOT.'./source/function_image.php');
$thumbpath = makethumb($newfilename);
$thumb = empty($thumbpath)?0:1;
//大头帖不添加水印
if($_SCONFIG['allowwatermark']) {
makewatermark($newfilename);
}
//入库
$filename = addslashes(($name ? $name : substr(strrchr($filepath, '/'), 1)));
$title = getstr($title, 200, 1, 1, 1);
if($albumid) {
preg_match("/^new\:(.+)$/i", $albumid, $matchs);
if(!empty($matchs[1])) {
$albumname = shtmlspecialchars(trim($matchs[1]));
if(empty($albumname)) $albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if($albumid) {
$query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM ".tname('album')." WHERE albumid='$albumid' AND uid='$_SGLOBAL[supe_uid]'");
if($value = $_SGLOBAL['db']->fetch_array($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
} else {
$albumid = 0;
}
$setarr = array(
'albumid' => $albumid,
'uid' => $_SGLOBAL['supe_uid'],
'username' => $_SGLOBAL['supe_username'],
'dateline' => $_SGLOBAL['timestamp'],
'filename' => $filename,
'postip' => getonlineip(),
'title' => $title,
'type' => $fileext,
'size' => $size,
'filepath' => $filepath,
'thumb' => $thumb
);
$setarr['picid'] = inserttable('pic', $setarr, 1);
//更新附件大小
//积分
$setsql = '';
if($from) {
$reward = getreward($from, 0);
if($reward['credit']) {
$setsql = ",credit=credit+$reward[credit]";
}
if($reward['experience']) {
$setsql .= ",experience=experience+$reward[experience]";
}
}
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET attachsize=attachsize+'$size', updatetime='$_SGLOBAL[timestamp]' $setsql WHERE uid='$_SGLOBAL[supe_uid]'");
//相册更新
if($albumid) {
$file = $filepath.($thumb?'.thumb.jpg':'');
$_SGLOBAL['db']->query("UPDATE ".tname('album')."
SET picnum=picnum+1, updatetime='$_SGLOBAL[timestamp]', pic='$file', picflag='1'
WHERE albumid='$albumid'");
}
//最后进行ftp上传,防止垃圾产生
if($_SCONFIG['allowftp']) {
include_once(S_ROOT.'./source/function_ftp.php');
if(ftpupload($newfilename, $filepath)) {
$setarr['remote'] = 1;
updatetable('pic', array('remote'=>$setarr['remote']), array('picid'=>$setarr['picid']));
if($albumid) updatetable('album', array('picflag'=>2), array('albumid'=>$albumid));
} else {
return -4;
}
}
//统计
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
function onPhotoCreateAlbum($uId, $name, $privacy, $passwd = null, $friendIds = null)
{
require_once libfile('function/spacecp');
$res = $this->getUserSpace($uId);
if (!$res) {
return new ErrorResponse('1', "User({$uId}) Not Exists");
}
$privacy = $this->_convertPrivacy($privacy);
if ($friendIds && is_array($friendIds)) {
$friends = implode(',', $friendIds);
} else {
$friends = '';
}
$fields = array('albumname' => $name, 'friend' => $privacy, 'password' => $passwd, 'target_ids' => $friends);
$result = album_creat($fields);
return $result;
}
function updateattach($modnewthreads, $tid, $pid, $attachnew, $attachupdate = array(), $uid = 0)
{
global $_G;
$uid = $uid ? $uid : $_G['uid'];
$uidadd = $_G['forum']['ismoderator'] ? '' : " AND uid='{$uid}'";
if ($attachnew) {
$newaids = array_keys($attachnew);
$newattach = $newattachfile = $albumattach = array();
$query = DB::query("SELECT * FROM " . DB::table('forum_attachment_unused') . " WHERE aid IN (" . dimplode($newaids) . "){$uidadd}");
while ($attach = DB::fetch($query)) {
$newattach[$attach['aid']] = daddslashes($attach);
if ($attach['isimage']) {
$newattachfile[$attach['aid']] = $attach['attachment'];
}
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
require_once libfile('class/image');
$image = new image();
}
if (!empty($_G['gp_albumaid'])) {
array_unshift($_G['gp_albumaid'], '');
$_G['gp_albumaid'] = array_unique($_G['gp_albumaid']);
unset($_G['gp_albumaid'][0]);
foreach ($_G['gp_albumaid'] as $aid) {
if (isset($newattach[$aid])) {
$albumattach[$aid] = $newattach[$aid];
}
}
}
foreach ($attachnew as $aid => $attach) {
$update = array();
$update['readperm'] = $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0;
$update['price'] = $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0;
$update['tid'] = $tid;
$update['pid'] = $pid;
$update['uid'] = $uid;
$update['description'] = cutstr(dhtmlspecialchars($attach['description']), 100);
DB::update(getattachtablebytid($tid), $update, "aid='{$aid}'");
if (!$newattach[$aid]) {
continue;
}
$update = array_merge($update, $newattach[$aid]);
if (!empty($newattachfile[$aid])) {
if ($_G['setting']['thumbstatus'] && $_G['forum']['disablethumb']) {
$update['thumb'] = 0;
@unlink($_G['setting']['attachdir'] . '/forum/' . getimgthumbname($newattachfile[$aid]));
if (!empty($albumattach[$aid])) {
$albumattach[$aid]['thumb'] = 0;
}
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], '', 'forum');
$update['filesize'] = $image->imginfo['size'];
}
}
if (!empty($_G['gp_albumaid']) && isset($albumattach[$aid])) {
$newalbum = 0;
if (!$_G['gp_uploadalbum']) {
require_once libfile('function/spacecp');
$_G['gp_uploadalbum'] = album_creat(array('albumname' => $_G['gp_newalbum']));
$newalbum = 1;
}
$picdata = array('albumid' => $_G['gp_uploadalbum'], 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $albumattach[$aid]['dateline'], 'postip' => $_G['clientip'], 'filename' => $albumattach[$aid]['filename'], 'title' => cutstr(dhtmlspecialchars($attach['description']), 100), 'type' => fileext($albumattach[$aid]['attachment']), 'size' => $albumattach[$aid]['filesize'], 'filepath' => $albumattach[$aid]['attachment'], 'thumb' => $albumattach[$aid]['thumb'], 'remote' => $albumattach[$aid]['remote'] + 2);
$update['picid'] = DB::insert('home_pic', $picdata, 1);
if ($newalbum) {
require_once libfile('function/home');
require_once libfile('function/spacecp');
album_update_pic($_G['gp_uploadalbum']);
}
}
DB::insert(getattachtablebytid($tid), $update, false, true);
DB::update('forum_attachment', array('tid' => $tid, 'pid' => $pid, 'tableid' => getattachtableid($tid)), "aid='{$aid}'");
DB::delete('forum_attachment_unused', "aid='{$aid}'");
}
if (!empty($_G['gp_albumaid'])) {
$albumdata = array('picnum' => DB::result_first("SELECT count(*) FROM " . DB::table('home_pic') . " WHERE albumid='{$_G['gp_uploadalbum']}'"), 'updatetime' => $_G['timestamp']);
DB::update('home_album', $albumdata, "albumid='{$_G['gp_uploadalbum']}'");
}
if ($newattach) {
ftpupload($newaids, $uid);
}
}
if (!$modnewthreads && $newattach && $uid == $_G['uid']) {
updatecreditbyaction('postattach', $uid, array(), '', count($newattach), 1, $_G['fid']);
}
if ($attachupdate) {
$query = DB::query("SELECT pid, aid, attachment, thumb, remote FROM " . DB::table(getattachtablebytid($tid)) . " WHERE aid IN (" . dimplode(array_keys($attachupdate)) . ")");
while ($attach = DB::fetch($query)) {
if (array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) {
dunlink($attach);
}
}
$uaids = dimplode($attachupdate);
$query = DB::query("SELECT aid, width, filename, filesize, attachment, isimage, thumb, remote FROM " . DB::table('forum_attachment_unused') . " WHERE aid IN ({$uaids}){$uidadd}");
DB::query("DELETE FROM " . DB::table('forum_attachment_unused') . " WHERE aid IN ({$uaids}){$uidadd}");
$attachupdate = array_flip($attachupdate);
while ($attach = DB::fetch($query)) {
$update = $attach;
$update['dateline'] = TIMESTAMP;
$update['remote'] = 0;
unset($update['aid']);
if ($attach['isimage'] && $_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $attach['attachment'], '', 'forum');
$update['filesize'] = $image->imginfo['size'];
}
DB::update(getattachtablebytid($tid), $update, "aid='" . $attachupdate[$attach['aid']] . "'");
ftpupload(array($attachupdate[$attach['aid']]), $uid);
}
}
$attachcount = DB::result_first("SELECT COUNT(*) FROM " . DB::table(getattachtablebytid($tid)) . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : ''));
$attachment = $attachcount ? DB::result_first("SELECT COUNT(*) FROM " . DB::table(getattachtablebytid($tid)) . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : '') . " AND isimage != 0") ? 2 : 1 : 0;
DB::query("UPDATE " . DB::table('forum_thread') . " SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED');
if (!$attachment) {
DB::delete('forum_threadimage', "tid='{$tid}'");
}
$posttable = getposttablebytid($tid);
DB::query("UPDATE " . DB::table($posttable) . " SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED');
$_G['forum_attachexist'] = $attachment;
}
function updateattach($modnewthreads, $tid, $pid, $attachnew, $attachupdate = array(), $uid = 0)
{
global $_G;
$thread = C::t('forum_thread')->fetch($tid);
$uid = $uid ? $uid : $_G['uid'];
if ($attachnew) {
$newaids = array_keys($attachnew);
$newattach = $newattachfile = $albumattach = array();
foreach (C::t('forum_attachment_unused')->fetch_all($newaids) as $attach) {
if ($attach['uid'] != $uid && !$_G['forum']['ismoderator']) {
continue;
}
$attach['uid'] = $uid;
$newattach[$attach['aid']] = daddslashes($attach);
if ($attach['isimage']) {
$newattachfile[$attach['aid']] = $attach['attachment'];
}
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark']) || !$_G['setting']['thumbdisabledmobile']) {
require_once libfile('class/image');
$image = new image();
}
if (!empty($_GET['albumaid'])) {
array_unshift($_GET['albumaid'], '');
$_GET['albumaid'] = array_unique($_GET['albumaid']);
unset($_GET['albumaid'][0]);
foreach ($_GET['albumaid'] as $aid) {
if (isset($newattach[$aid])) {
$albumattach[$aid] = $newattach[$aid];
}
}
}
foreach ($attachnew as $aid => $attach) {
$update = array();
$update['readperm'] = $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0;
$update['price'] = $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0;
$update['tid'] = $tid;
$update['pid'] = $pid;
$update['uid'] = $uid;
$update['description'] = censor(cutstr(dhtmlspecialchars($attach['description']), 100));
C::t('forum_attachment_n')->update('tid:' . $tid, $aid, $update);
if (!$newattach[$aid]) {
continue;
}
$update = array_merge($update, $newattach[$aid]);
if (!empty($newattachfile[$aid])) {
if ($_G['setting']['thumbstatus'] && $_G['forum']['disablethumb']) {
$update['thumb'] = 0;
@unlink($_G['setting']['attachdir'] . '/forum/' . getimgthumbname($newattachfile[$aid]));
if (!empty($albumattach[$aid])) {
$albumattach[$aid]['thumb'] = 0;
}
} elseif (!$_G['setting']['thumbdisabledmobile']) {
$_daid = sprintf("%09d", $aid);
$dir1 = substr($_daid, 0, 3);
$dir2 = substr($_daid, 3, 2);
$dir3 = substr($_daid, 5, 2);
$dw = 320;
$dh = 320;
$thumbfile = 'image/' . $dir1 . '/' . $dir2 . '/' . $dir3 . '/' . substr($_daid, -2) . '_' . $dw . '_' . $dh . '.jpg';
$image->Thumb($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], $thumbfile, $dw, $dh, 'fixwr');
$dw = 720;
$dh = 720;
$thumbfile = 'image/' . $dir1 . '/' . $dir2 . '/' . $dir3 . '/' . substr($_daid, -2) . '_' . $dw . '_' . $dh . '.jpg';
$image->Thumb($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], $thumbfile, $dw, $dh, 'fixwr');
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], '', 'forum');
$update['filesize'] = $image->imginfo['size'];
}
}
if (!empty($_GET['albumaid']) && isset($albumattach[$aid])) {
$newalbum = 0;
if (!$_GET['uploadalbum']) {
require_once libfile('function/spacecp');
$_GET['uploadalbum'] = album_creat(array('albumname' => $_GET['newalbum']));
$newalbum = 1;
}
$picdata = array('albumid' => $_GET['uploadalbum'], 'uid' => $uid, 'username' => $_G['username'], 'dateline' => $albumattach[$aid]['dateline'], 'postip' => $_G['clientip'], 'filename' => censor($albumattach[$aid]['filename']), 'title' => censor(cutstr(dhtmlspecialchars($attach['description']), 100)), 'type' => fileext($albumattach[$aid]['attachment']), 'size' => $albumattach[$aid]['filesize'], 'filepath' => $albumattach[$aid]['attachment'], 'thumb' => $albumattach[$aid]['thumb'], 'remote' => $albumattach[$aid]['remote'] + 2);
$update['picid'] = C::t('home_pic')->insert($picdata, 1);
if ($newalbum) {
require_once libfile('function/home');
require_once libfile('function/spacecp');
album_update_pic($_GET['uploadalbum']);
}
}
C::t('forum_attachment_n')->insert('tid:' . $tid, $update, false, true);
C::t('forum_attachment')->update($aid, array('tid' => $tid, 'pid' => $pid, 'tableid' => getattachtableid($tid)));
C::t('forum_attachment_unused')->delete($aid);
}
if (!empty($_GET['albumaid'])) {
$albumdata = array('picnum' => C::t('home_pic')->check_albumpic($_GET['uploadalbum']), 'updatetime' => $_G['timestamp']);
C::t('home_album')->update($_GET['uploadalbum'], $albumdata);
require_once libfile('function/home');
require_once libfile('function/spacecp');
album_update_pic($_GET['uploadalbum']);
}
if ($newattach) {
ftpupload($newaids, $uid);
}
}
if (!$modnewthreads && $newattach && $uid == $_G['uid']) {
updatecreditbyaction('postattach', $uid, array(), '', count($newattach), 1, $_G['fid']);
}
if ($attachupdate) {
$attachs = C::t('forum_attachment_n')->fetch_all_by_id('tid:' . $tid, 'aid', array_keys($attachupdate));
foreach ($attachs as $attach) {
if (array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) {
dunlink($attach);
}
}
$unusedattachs = C::t('forum_attachment_unused')->fetch_all($attachupdate);
$attachupdate = array_flip($attachupdate);
$unusedaids = array();
foreach ($unusedattachs as $attach) {
if ($attach['uid'] != $uid && !$_G['forum']['ismoderator']) {
continue;
}
$unusedaids[] = $attach['aid'];
$update = $attach;
$update['dateline'] = TIMESTAMP;
$update['remote'] = 0;
unset($update['aid']);
if ($attach['isimage'] && $_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $attach['attachment'], '', 'forum');
$update['filesize'] = $image->imginfo['size'];
}
C::t('forum_attachment_n')->update('tid:' . $tid, $attachupdate[$attach['aid']], $update);
@unlink($_G['setting']['attachdir'] . 'image/' . $attach['aid'] . '_100_100.jpg');
C::t('forum_attachment_exif')->delete($attachupdate[$attach['aid']]);
C::t('forum_attachment_exif')->update($attach['aid'], array('aid' => $attachupdate[$attach['aid']]));
ftpupload(array($attachupdate[$attach['aid']]), $uid);
}
if ($unusedaids) {
C::t('forum_attachment_unused')->delete($unusedaids);
}
}
$attachcount = C::t('forum_attachment_n')->count_by_id('tid:' . $tid, $pid ? 'pid' : 'tid', $pid ? $pid : $tid);
$attachment = 0;
if ($attachcount) {
if (C::t('forum_attachment_n')->count_image_by_id('tid:' . $tid, $pid ? 'pid' : 'tid', $pid ? $pid : $tid)) {
$attachment = 2;
} else {
$attachment = 1;
}
} else {
$attachment = 0;
}
C::t('forum_thread')->update($tid, array('attachment' => $attachment));
C::t('forum_post')->update('tid:' . $tid, $pid, array('attachment' => $attachment), true);
if (!$attachment) {
C::t('forum_threadimage')->delete_by_tid($tid);
}
$_G['forum_attachexist'] = $attachment;
}
function blog_post($POST, $olds=array()) {
global $_G, $space;
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_G['uid']) {
$isself = 0;
$__G = $_G;
$_G['uid'] = $olds['uid'];
$_G['username'] = addslashes($olds['username']);
}
$POST['subject'] = getstr(trim($POST['subject']), 80);
$POST['subject'] = censor($POST['subject']);
if(strlen($POST['subject'])<1) $POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d');
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
$uids = array();
$names = empty($_POST['target_names'])?array():explode(',', preg_replace("/(\s+)/s", ',', $_POST['target_names']));
if($names) {
$uids = C::t('common_member')->fetch_all_uid_by_username($names);
}
if(empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500);
$POST['tag'] = censor($POST['tag']);
$POST['message'] = checkhtml($POST['message']);
if($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
if(censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) {
$blog_status = 1;
} else {
$blog_status = 0;
}
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname);
$classname = censor($classname);
if(empty($classname)) {
$classid = 0;
} else {
$classid = C::t('home_class')->fetch_classid_by_uid_classname($_G['uid'], $classname);
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_G['uid'],
'dateline' => $_G['timestamp']
);
$classid = C::t('home_class')->insert($setarr, true);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
$query = C::t('home_class')->fetch($classid);
$classname = ($query['uid'] == $_G['uid']) ? $query['classname'] : '';
if(empty($classname)) $classid = 0;
}
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
'password' => $POST['password'],
'noreply' => empty($POST['noreply'])?0:1,
'catid' => intval($POST['catid']),
'status' => $blog_status,
);
$titlepic = '';
$uploads = array();
if(!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = C::t('home_pic')->fetch_all_by_uid($_G['uid'], 0, 0, $picids);
foreach($query as $value) {
if(empty($titlepic) && $value['thumb']) {
$titlepic = getimgthumbname($value['filepath']);
$blogarr['picflag'] = $value['remote']?2:1;
}
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$uploads[md5($picurl)] = $value;
}
if(empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote']?2:1;
}
}
if($uploads) {
$albumid = 0;
if($POST['savealbumid'] < 0 && !empty($POST['newalbum'])) {
$albumname = addslashes(dhtmlspecialchars(trim($POST['newalbum'])));
if(empty($albumname)) $albumname = dgmdate($_G['timestamp'],'Ymd');
$albumarr = array('albumname' => $albumname);
$albumid = album_creat($albumarr);
} else {
$albumid = $POST['savealbumid'] < 0 ? 0 : intval($POST['savealbumid']);
}
if($albumid) {
C::t('home_pic')->update_for_uid($_G['uid'], $picids, array('albumid' => $albumid));
album_update_pic($albumid);
}
preg_match_all("/\s*\<img src=\"(.+?)\".*?\>\s*/is", $message, $mathes);
if(!empty($mathes[1])) {
foreach ($mathes[1] as $key => $value) {
$urlmd5 = md5($value);
if(!empty($uploads[$urlmd5])) {
unset($uploads[$urlmd5]);
}
}
}
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
}
}
$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
if(empty($ckmessage)) {
return false;
}
if(checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if($olds['blogid']) {
if($blogarr['catid'] != $olds['catid']) {
if($olds['catid']) {
C::t('home_blog_category')->update_num_by_catid(-1, $olds['catid'], true, true);
}
if($blogarr['catid']) {
C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']);
}
}
$blogid = $olds['blogid'];
C::t('home_blog')->update($blogid, $blogarr);
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
if($blogarr['catid']) {
C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']);
}
$blogarr['uid'] = $_G['uid'];
$blogarr['username'] = $_G['username'];
$blogarr['dateline'] = empty($POST['dateline'])?$_G['timestamp']:$POST['dateline'];
$blogid = C::t('home_blog')->insert($blogarr, true);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp']));
C::t('common_member_field_home')->update($_G['uid'], array('recentnote'=>$POST['subject']));
}
$blogarr['blogid'] = $blogid;
$class_tag = new tag();
$POST['tag'] = $olds ? $class_tag->update_field($POST['tag'], $blogid, 'blogid') : $class_tag->add_tag($POST['tag'], $blogid, 'blogid');
$fieldarr = array(
'message' => $message,
'postip' => $_G['clientip'],
'target_ids' => $POST['target_ids'],
'tag' => $POST['tag']
);
if(!empty($titlepic)) {
$fieldarr['pic'] = $titlepic;
}
if($olds) {
C::t('home_blogfield')->update($blogid, $fieldarr);
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
C::t('home_blogfield')->insert($fieldarr);
}
if($isself && !$olds && $blog_status == 0) {
updatecreditbyaction('publishblog', 0, array('blogs' => 1));
include_once libfile('function/stat');
updatestat('blog');
}
if($olds['blogid'] && $blog_status == 1) {
updatecreditbyaction('publishblog', 0, array('blogs' => -1), '', -1);
include_once libfile('function/stat');
updatestat('blog');
}
if($POST['makefeed'] && $blog_status == 0) {
include_once libfile('function/feed');
feed_publish($blogid, 'blogid', $olds?0:1);
}
if(!empty($__G)) $_G = $__G;
if($blog_status == 1) {
updatemoderate('blogid', $blogid);
manage_addnotify('verifyblog');
}
return $blogarr;
}
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0)
{
global $_SGLOBAL, $space, $_SCONFIG, $_SC;
$setarr = array();
$filepath = getfilepath($fileext, true);
$newfilename = $_SC['attachdir'] . './' . $filepath;
if ($handle = fopen($newfilename, 'wb')) {
if (fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
//检查空间大小
if (empty($space)) {
$query = $_SGLOBAL['db']->query("SELECT username, credit, groupid, attachsize, addsize FROM " . tname('space') . " WHERE uid='{$_SGLOBAL['supe_uid']}'");
$space = $_SGLOBAL['db']->fetch_array($query);
$_SGLOBAL['supe_username'] = addslashes($space['username']);
}
$_SGLOBAL['member'] = $space;
$maxattachsize = intval(checkperm('maxattachsize'));
//单位MB
if ($maxattachsize) {
//0为不限制
if ($space['attachsize'] + $size - $delsize > $maxattachsize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
//检查是否图片
if (function_exists('getimagesize') && !@getimagesize($newfilename)) {
@unlink($newfilename);
return -2;
}
//缩略图
include_once S_ROOT . './source/function_image.php';
$thumbpath = makethumb($newfilename);
$thumb = empty($thumbpath) ? 0 : 1;
//大头帖不添加水印
if ($_SCONFIG['allowwatermark']) {
makewatermark($newfilename);
}
//入库
$filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1));
$title = $title;
if ($albumid) {
preg_match("/^new\\:(.+)\$/i", $albumid, $matchs);
if (!empty($matchs[1])) {
$albumname = shtmlspecialchars(trim($matchs[1]));
if (empty($albumname)) {
$albumname = sgmdate('Ymd');
}
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if ($albumid) {
$query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM " . tname('album') . " WHERE albumid='{$albumid}' AND uid='{$_SGLOBAL['supe_uid']}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
$setarr = array('albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp'], 'filename' => $filename, 'postip' => getonlineip(), 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb);
$setarr['picid'] = inserttable('pic', $setarr, 1);
//更新附件大小
//积分
$setsql = '';
if ($pic_credit = creditrule('get', 'pic')) {
$setsql = ",credit=credit+{$pic_credit}";
}
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET attachsize=attachsize+'{$size}', updatetime='{$_SGLOBAL['timestamp']}' {$setsql} WHERE uid='{$_SGLOBAL['supe_uid']}'");
//相册更新
if ($albumid) {
$file = $filepath . ($thumb ? '.thumb.jpg' : '');
$_SGLOBAL['db']->query("UPDATE " . tname('album') . "\r\n\t\t\t\t\tSET picnum=picnum+1, updatetime='{$_SGLOBAL['timestamp']}', pic='{$file}', picflag='1'\r\n\t\t\t\t\tWHERE albumid='{$albumid}'");
}
//最后进行ftp上传,防止垃圾产生
if ($_SCONFIG['allowftp']) {
include_once S_ROOT . './source/function_ftp.php';
if (ftpupload($newfilename, $filepath)) {
$setarr['remote'] = 1;
updatetable('pic', array('remote' => $setarr['remote']), array('picid' => $setarr['picid']));
if ($albumid) {
updatetable('album', array('picflag' => 2), array('albumid' => $albumid));
}
}
}
$siteurl = '';
if (empty($setarr['remote'])) {
$uri = $_SERVER['REQUEST_URI'] ? $_SERVER['REQUEST_URI'] : ($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']);
$siteurl = 'http://' . $_SERVER['HTTP_HOST'] . substr($uri, 0, strexists($uri, '/api') ? strrpos($uri, '/') - 3 : strrpos($uri, '/') + 1);
}
$setarr['filepathall'] = $siteurl . mkpicurl($setarr, 0);
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
function updateattach($postattachcredits, $tid, $pid, $attachnew, $attachdel, $attachupdate = array(), $uid = 0)
{
global $_G;
$uid = $uid ? $uid : $_G['uid'];
$uidadd = $_G['forum']['ismoderator'] ? '' : " AND uid='{$uid}'";
$attachnum = $_G['group']['allowpostattach'];
if ($attachnew) {
$newaids = array_keys($attachnew);
$newattach = $newattachfile = $albumattach = array();
$query = DB::query("SELECT aid, tid, attachment FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($newaids) . "){$uidadd}");
while ($attach = DB::fetch($query)) {
if ($_G['group']['maxattachnum']) {
if ($attachnum <= 0) {
unset($attachnew[$attach['aid']]);
continue;
} else {
$attachnum--;
}
}
if (!$attach['tid']) {
$newattach[$attach['aid']] = $attach['aid'];
$newattachfile[$attach['aid']] = $attach['attachment'];
}
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
require_once libfile('class/image');
$image = new image();
}
if (!empty($_G['gp_albumaid'])) {
array_unshift($_G['gp_albumaid'], '');
$_G['gp_albumaid'] = array_unique($_G['gp_albumaid']);
unset($_G['gp_albumaid'][0]);
$query = DB::query("SELECT * FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($_G['gp_albumaid']) . ")");
while ($attach = DB::fetch($query)) {
$albumattach[$attach['aid']] = $attach;
}
}
foreach ($attachnew as $aid => $attach) {
$update = array('readperm' => $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0, 'price' => $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0, 'tid' => $tid, 'pid' => $pid, 'uid' => $uid);
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark']) && !empty($newattachfile[$aid])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], '', 'forum');
}
if (!empty($_G['gp_albumaid']) && isset($albumattach[$aid])) {
$newalbum = 0;
if (!$_G['gp_uploadalbum']) {
require_once libfile('function/spacecp');
$_G['gp_uploadalbum'] = album_creat(array('albumname' => $_G['gp_newalbum']));
$newalbum = 1;
}
$picdata = array('albumid' => $_G['gp_uploadalbum'], 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $albumattach[$aid]['dateline'], 'postip' => $_G['clientip'], 'filename' => $albumattach[$aid]['filename'], 'title' => $albumattach[$aid]['description'], 'type' => fileext($albumattach[$aid]['attachment']), 'size' => $albumattach[$aid]['filesize'], 'filepath' => $albumattach[$aid]['attachment'], 'thumb' => $albumattach[$aid]['thumb'], 'remote' => $albumattach[$aid]['remote'] + 2);
$update['picid'] = DB::insert('home_pic', $picdata, 1);
if ($newalbum) {
require_once libfile('function/home');
require_once libfile('function/spacecp');
album_update_pic($_G['gp_uploadalbum']);
}
}
DB::query("REPLACE INTO " . DB::table('forum_attachmentfield') . " (aid, tid, pid, uid, description) VALUES ('{$aid}', '{$tid}', '{$pid}', '{$uid}', '" . cutstr(dhtmlspecialchars($attach['description']), 100) . "')");
DB::update('forum_attachment', $update, "aid='{$aid}'{$uidadd}");
}
if (!empty($_G['gp_albumaid'])) {
$albumdata = array('picnum' => DB::result_first("SELECT count(*) FROM " . DB::table('home_pic') . " WHERE albumid='{$_G['gp_uploadalbum']}'"), 'updatetime' => $_G['timestamp']);
DB::update('home_album', $albumdata, "albumid='{$_G['gp_uploadalbum']}'");
}
if ($newattach) {
ftpupload($newaids, $uid);
}
}
$query = DB::query("SELECT aid, attachment, thumb, remote FROM " . DB::table('forum_attachment') . " WHERE uid='{$uid}'");
$delaids = array();
while ($attach = DB::fetch($query)) {
$aids[] = $attach['aid'];
if ($attachdel && in_array($attach['aid'], $attachdel)) {
$delaids[] = $attach['aid'];
unset($newattach[$attach['aid']]);
dunlink($attach);
}
if ($attachupdate && array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) {
dunlink($attach);
}
}
if ($newattach && $uid == $_G['uid']) {
updatecreditbyaction('postattach', $uid, array(), '', count($newattach));
}
if ($attachupdate) {
$uaids = dimplode($attachupdate);
$query = DB::query("SELECT aid, width, filename, filetype, filesize, attachment, isimage, thumb, remote FROM " . DB::table('forum_attachment') . " WHERE aid IN ({$uaids}){$uidadd}");
DB::query("DELETE FROM " . DB::table('forum_attachment') . " WHERE aid IN ({$uaids}){$uidadd}");
$attachupdate = array_flip($attachupdate);
while ($attach = DB::fetch($query)) {
$update = $attach;
$update['dateline'] = TIMESTAMP;
$update['remote'] = 0;
unset($update['aid']);
DB::update('forum_attachment', $update, "aid='" . $attachupdate[$attach['aid']] . "'{$uidadd}");
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $attach['attachment'], '', 'forum');
}
ftpupload(array($attachupdate[$attach['aid']]), $uid);
}
}
if ($delaids) {
DB::query("DELETE FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($delaids) . ")", 'UNBUFFERED');
DB::query("DELETE FROM " . DB::table('forum_attachmentfield') . " WHERE aid IN (" . dimplode($delaids) . ")", 'UNBUFFERED');
}
$attachcount = DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : ''));
$attachment = $attachcount ? DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : '') . " AND isimage != 0") ? 2 : 1 : 0;
DB::query("UPDATE " . DB::table('forum_thread') . " SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED');
$posttable = getposttablebytid($tid);
DB::query("UPDATE " . DB::table($posttable) . " SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED');
$_G['forum_attachexist'] = $attachment;
}
function video_save($FILE, $title, $desc, $tovideoid = 0, $albumid)
{
global $_SGLOBAL, $_SCONFIG, $space, $_SC;
//允许上传类型
$allowpictype = array('flv');
//检查
$FILE['size'] = intval($FILE['size']);
if (empty($FILE['size']) || empty($FILE['tmp_name']) || !empty($FILE['error'])) {
return cplang('lack_of_access_to_upload_file_size');
}
//判断后缀
$fileext = fileext($FILE['name']);
if (!in_array($fileext, $allowpictype)) {
return cplang('only_allows_upload_file_types');
}
//获取目录
if (!($filepath = getfilepath($fileext, true))) {
return cplang('unable_to_create_upload_directory_server');
}
//检查空间大小
if (empty($space)) {
$space = getspace($_SGLOBAL['supe_uid']);
}
//用户组
if (!checkperm('allowupload')) {
ckspacelog();
return cplang('inadequate_capacity_space');
}
//实名认证
if (!ckrealname('album', 1)) {
return cplang('inadequate_capacity_space');
}
//视频认证
if (!ckvideophoto('album', array(), 1)) {
return cplang('inadequate_capacity_space');
}
//新用户见习
if (!cknewuser(1)) {
return cplang('inadequate_capacity_space');
}
$maxattachsize = checkperm('maxattachsize');
//单位MB
if ($maxattachsize) {
//0为不限制
if ($space['attachsize'] + $FILE['size'] > $maxattachsize + $space['addsize']) {
return cplang('inadequate_capacity_space');
}
}
if ($albumid < 0) {
$albumid = 0;
}
$showtip = true;
$albumfriend = 0;
if ($albumid) {
preg_match("/^new\\:(.+)\$/i", $albumid, $matchs);
if (!empty($matchs[1])) {
$albumname = shtmlspecialchars(trim($matchs[1]));
if (empty($albumname)) {
$albumname = sgmdate('Ymd');
}
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if ($albumid) {
$query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM " . tname('album') . " WHERE albumid='{$albumid}' AND uid='{$_SGLOBAL['supe_uid']}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
} else {
$albumid = 0;
$showtip = false;
}
//本地上传
$new_name = $_SC['attachdir'] . './' . $filepath;
$tmp_name = $FILE['tmp_name'];
if (@copy($tmp_name, $new_name)) {
@unlink($tmp_name);
} elseif (function_exists('move_uploaded_file') && @move_uploaded_file($tmp_name, $new_name)) {
} elseif (@rename($tmp_name, $new_name)) {
} else {
return cplang('mobile_picture_temporary_failure');
}
//入库
$setarr = array('albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'postip' => getonlineip(), 'filename' => addslashes($FILE['name']), 'title' => $title, 'desc' => $desc, 'size' => $FILE['size'], 'filepath' => $filepath);
$setarr['id'] = inserttable('video', $setarr, 1);
$setsql = '';
if ($showtip) {
$reward = getreward('uploadimage', 0);
if ($reward['credit']) {
$setsql = ",credit=credit+{$reward['credit']}";
}
if ($reward['experience']) {
$setsql .= ",experience=experience+{$reward['experience']}";
}
}
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET attachsize=attachsize+'{$FILE['size']}', updatetime='{$_SGLOBAL['timestamp']}' {$setsql} WHERE uid='{$_SGLOBAL['supe_uid']}'");
updatestat('video');
return $setarr;
}
