function album_creat_by_id($albumid, $catid = 0) { global $_G, $space; preg_match("/^new\\:(.+)\$/i", $albumid, $matchs); if (!empty($matchs[1])) { $albumname = dhtmlspecialchars(trim($matchs[1])); if (empty($albumname)) { $albumname = dgmdate($_G['timestamp'], 'Ymd'); } $albumarr = array('albumname' => $albumname); if ($catid) { $albumarr['catid'] = $catid; } $albumid = album_creat($albumarr); } else { $albumid = intval($albumid); if ($albumid) { $value = C::t('home_album')->fetch_all_by_uid($_G['uid'], false, 0, 0, $albumid); if ($value = $value[0]) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = dgmdate($_G['timestamp'], 'Ymd'); $albumarr = array('albumname' => $albumname); if ($catid) { $albumarr['catid'] = $catid; } $albumid = album_creat($albumarr); } } } return $albumid; }
function album_creat_by_id($albumid) { global $_G, $space; preg_match("/^new\\:(.+)\$/i", $albumid, $matchs); if (!empty($matchs[1])) { $albumname = dhtmlspecialchars(trim($matchs[1])); if (empty($albumname)) { $albumname = dgmdate($_G['timestamp'], 'Ymd'); } $albumid = album_creat(array('albumname' => $albumname)); } else { $albumid = intval($albumid); if ($albumid) { $query = DB::query("SELECT albumname,friend FROM " . DB::table('home_album') . " WHERE albumid='{$albumid}' AND uid='{$_G['uid']}'"); if ($value = DB::fetch($query)) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = dgmdate($_G['timestamp'], 'Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } } } return $albumid; }
/** * 创建相册 * @param integer $uId 用户Id * @param string $name 相册名称 * @param string $privacy 相册限制 * @param string $passwd 查看相册时的密码 * @param string $friends 允许查看相册的好友Id * @return integer 相册Id */ function createAlbum($uId, $name, $privacy, $passwd = null, $friendIds = null) { include_once S_ROOT . './source/function_cp.php'; $privacy = $this->_convertPrivacy($privacy); if ($friendIds && is_array($friendIds)) { $friends = implode(',', $friendIds); } else { $friends = ''; } $fields = array('albumname' => $name, 'friend' => $privacy, 'password' => $passwd, 'target_ids' => $friends); $result = album_creat($fields); return new APIResponse($result); }
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name='', $title='', $delsize=0, $from = false) { global $_SGLOBAL, $space, $_SCONFIG, $_SC; if($albumid<0) $albumid = 0; $setarr = array(); $filepath = getfilepath($fileext, true); $newfilename = $_SC['attachdir'].'./'.$filepath; if($handle = fopen($newfilename, 'wb')) { if(fwrite($handle, $strdata) !== FALSE) { fclose($handle); $size = filesize($newfilename); //检查空间大小 if(empty($space)) { $space = getspace($_SGLOBAL['supe_uid']); $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('space')." WHERE uid='$_SGLOBAL[supe_uid]'"); $space = $_SGLOBAL['db']->fetch_array($query); $_SGLOBAL['supe_username'] = addslashes($space['username']); } $_SGLOBAL['member'] = $space; $maxattachsize = checkperm('maxattachsize');//单位MB if($maxattachsize) {//0为不限制 if($space['attachsize'] + $size - $delsize > $maxattachsize + $space['addsize']) { @unlink($newfilename); return -1; } } //检查是否图片 if(function_exists('getimagesize')) { $tmp_imagesize = @getimagesize($newfilename); list($tmp_width, $tmp_height, $tmp_type) = (array)$tmp_imagesize; $tmp_size = $tmp_width * $tmp_height; if($tmp_size > 16777216 || $tmp_size < 4 || empty($tmp_type) || strpos($tmp_imagesize['mime'], 'flash') > 0) { @unlink($newfilename); return -2; } } //缩略图 include_once(S_ROOT.'./source/function_image.php'); $thumbpath = makethumb($newfilename); $thumb = empty($thumbpath)?0:1; //大头帖不添加水印 if($_SCONFIG['allowwatermark']) { makewatermark($newfilename); } //入库 $filename = addslashes(($name ? $name : substr(strrchr($filepath, '/'), 1))); $title = getstr($title, 200, 1, 1, 1); if($albumid) { preg_match("/^new\:(.+)$/i", $albumid, $matchs); if(!empty($matchs[1])) { $albumname = shtmlspecialchars(trim($matchs[1])); if(empty($albumname)) $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } else { $albumid = intval($albumid); if($albumid) { $query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM ".tname('album')." WHERE albumid='$albumid' AND uid='$_SGLOBAL[supe_uid]'"); if($value = $_SGLOBAL['db']->fetch_array($query)) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } } } } else { $albumid = 0; } $setarr = array( 'albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'filename' => $filename, 'postip' => getonlineip(), 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb ); $setarr['picid'] = inserttable('pic', $setarr, 1); //更新附件大小 //积分 $setsql = ''; if($from) { $reward = getreward($from, 0); if($reward['credit']) { $setsql = ",credit=credit+$reward[credit]"; } if($reward['experience']) { $setsql .= ",experience=experience+$reward[experience]"; } } $_SGLOBAL['db']->query("UPDATE ".tname('space')." SET attachsize=attachsize+'$size', updatetime='$_SGLOBAL[timestamp]' $setsql WHERE uid='$_SGLOBAL[supe_uid]'"); //相册更新 if($albumid) { $file = $filepath.($thumb?'.thumb.jpg':''); $_SGLOBAL['db']->query("UPDATE ".tname('album')." SET picnum=picnum+1, updatetime='$_SGLOBAL[timestamp]', pic='$file', picflag='1' WHERE albumid='$albumid'"); } //最后进行ftp上传,防止垃圾产生 if($_SCONFIG['allowftp']) { include_once(S_ROOT.'./source/function_ftp.php'); if(ftpupload($newfilename, $filepath)) { $setarr['remote'] = 1; updatetable('pic', array('remote'=>$setarr['remote']), array('picid'=>$setarr['picid'])); if($albumid) updatetable('album', array('picflag'=>2), array('albumid'=>$albumid)); } else { return -4; } } //统计 updatestat('pic'); return $setarr; } else { fclose($handle); } } return -3; }
function onPhotoCreateAlbum($uId, $name, $privacy, $passwd = null, $friendIds = null) { require_once libfile('function/spacecp'); $res = $this->getUserSpace($uId); if (!$res) { return new ErrorResponse('1', "User({$uId}) Not Exists"); } $privacy = $this->_convertPrivacy($privacy); if ($friendIds && is_array($friendIds)) { $friends = implode(',', $friendIds); } else { $friends = ''; } $fields = array('albumname' => $name, 'friend' => $privacy, 'password' => $passwd, 'target_ids' => $friends); $result = album_creat($fields); return $result; }
function updateattach($modnewthreads, $tid, $pid, $attachnew, $attachupdate = array(), $uid = 0) { global $_G; $uid = $uid ? $uid : $_G['uid']; $uidadd = $_G['forum']['ismoderator'] ? '' : " AND uid='{$uid}'"; if ($attachnew) { $newaids = array_keys($attachnew); $newattach = $newattachfile = $albumattach = array(); $query = DB::query("SELECT * FROM " . DB::table('forum_attachment_unused') . " WHERE aid IN (" . dimplode($newaids) . "){$uidadd}"); while ($attach = DB::fetch($query)) { $newattach[$attach['aid']] = daddslashes($attach); if ($attach['isimage']) { $newattachfile[$attach['aid']] = $attach['attachment']; } } if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) { require_once libfile('class/image'); $image = new image(); } if (!empty($_G['gp_albumaid'])) { array_unshift($_G['gp_albumaid'], ''); $_G['gp_albumaid'] = array_unique($_G['gp_albumaid']); unset($_G['gp_albumaid'][0]); foreach ($_G['gp_albumaid'] as $aid) { if (isset($newattach[$aid])) { $albumattach[$aid] = $newattach[$aid]; } } } foreach ($attachnew as $aid => $attach) { $update = array(); $update['readperm'] = $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0; $update['price'] = $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0; $update['tid'] = $tid; $update['pid'] = $pid; $update['uid'] = $uid; $update['description'] = cutstr(dhtmlspecialchars($attach['description']), 100); DB::update(getattachtablebytid($tid), $update, "aid='{$aid}'"); if (!$newattach[$aid]) { continue; } $update = array_merge($update, $newattach[$aid]); if (!empty($newattachfile[$aid])) { if ($_G['setting']['thumbstatus'] && $_G['forum']['disablethumb']) { $update['thumb'] = 0; @unlink($_G['setting']['attachdir'] . '/forum/' . getimgthumbname($newattachfile[$aid])); if (!empty($albumattach[$aid])) { $albumattach[$aid]['thumb'] = 0; } } if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) { $image->Watermark($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], '', 'forum'); $update['filesize'] = $image->imginfo['size']; } } if (!empty($_G['gp_albumaid']) && isset($albumattach[$aid])) { $newalbum = 0; if (!$_G['gp_uploadalbum']) { require_once libfile('function/spacecp'); $_G['gp_uploadalbum'] = album_creat(array('albumname' => $_G['gp_newalbum'])); $newalbum = 1; } $picdata = array('albumid' => $_G['gp_uploadalbum'], 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $albumattach[$aid]['dateline'], 'postip' => $_G['clientip'], 'filename' => $albumattach[$aid]['filename'], 'title' => cutstr(dhtmlspecialchars($attach['description']), 100), 'type' => fileext($albumattach[$aid]['attachment']), 'size' => $albumattach[$aid]['filesize'], 'filepath' => $albumattach[$aid]['attachment'], 'thumb' => $albumattach[$aid]['thumb'], 'remote' => $albumattach[$aid]['remote'] + 2); $update['picid'] = DB::insert('home_pic', $picdata, 1); if ($newalbum) { require_once libfile('function/home'); require_once libfile('function/spacecp'); album_update_pic($_G['gp_uploadalbum']); } } DB::insert(getattachtablebytid($tid), $update, false, true); DB::update('forum_attachment', array('tid' => $tid, 'pid' => $pid, 'tableid' => getattachtableid($tid)), "aid='{$aid}'"); DB::delete('forum_attachment_unused', "aid='{$aid}'"); } if (!empty($_G['gp_albumaid'])) { $albumdata = array('picnum' => DB::result_first("SELECT count(*) FROM " . DB::table('home_pic') . " WHERE albumid='{$_G['gp_uploadalbum']}'"), 'updatetime' => $_G['timestamp']); DB::update('home_album', $albumdata, "albumid='{$_G['gp_uploadalbum']}'"); } if ($newattach) { ftpupload($newaids, $uid); } } if (!$modnewthreads && $newattach && $uid == $_G['uid']) { updatecreditbyaction('postattach', $uid, array(), '', count($newattach), 1, $_G['fid']); } if ($attachupdate) { $query = DB::query("SELECT pid, aid, attachment, thumb, remote FROM " . DB::table(getattachtablebytid($tid)) . " WHERE aid IN (" . dimplode(array_keys($attachupdate)) . ")"); while ($attach = DB::fetch($query)) { if (array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) { dunlink($attach); } } $uaids = dimplode($attachupdate); $query = DB::query("SELECT aid, width, filename, filesize, attachment, isimage, thumb, remote FROM " . DB::table('forum_attachment_unused') . " WHERE aid IN ({$uaids}){$uidadd}"); DB::query("DELETE FROM " . DB::table('forum_attachment_unused') . " WHERE aid IN ({$uaids}){$uidadd}"); $attachupdate = array_flip($attachupdate); while ($attach = DB::fetch($query)) { $update = $attach; $update['dateline'] = TIMESTAMP; $update['remote'] = 0; unset($update['aid']); if ($attach['isimage'] && $_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) { $image->Watermark($_G['setting']['attachdir'] . '/forum/' . $attach['attachment'], '', 'forum'); $update['filesize'] = $image->imginfo['size']; } DB::update(getattachtablebytid($tid), $update, "aid='" . $attachupdate[$attach['aid']] . "'"); ftpupload(array($attachupdate[$attach['aid']]), $uid); } } $attachcount = DB::result_first("SELECT COUNT(*) FROM " . DB::table(getattachtablebytid($tid)) . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : '')); $attachment = $attachcount ? DB::result_first("SELECT COUNT(*) FROM " . DB::table(getattachtablebytid($tid)) . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : '') . " AND isimage != 0") ? 2 : 1 : 0; DB::query("UPDATE " . DB::table('forum_thread') . " SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED'); if (!$attachment) { DB::delete('forum_threadimage', "tid='{$tid}'"); } $posttable = getposttablebytid($tid); DB::query("UPDATE " . DB::table($posttable) . " SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED'); $_G['forum_attachexist'] = $attachment; }
function updateattach($modnewthreads, $tid, $pid, $attachnew, $attachupdate = array(), $uid = 0) { global $_G; $thread = C::t('forum_thread')->fetch($tid); $uid = $uid ? $uid : $_G['uid']; if ($attachnew) { $newaids = array_keys($attachnew); $newattach = $newattachfile = $albumattach = array(); foreach (C::t('forum_attachment_unused')->fetch_all($newaids) as $attach) { if ($attach['uid'] != $uid && !$_G['forum']['ismoderator']) { continue; } $attach['uid'] = $uid; $newattach[$attach['aid']] = daddslashes($attach); if ($attach['isimage']) { $newattachfile[$attach['aid']] = $attach['attachment']; } } if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark']) || !$_G['setting']['thumbdisabledmobile']) { require_once libfile('class/image'); $image = new image(); } if (!empty($_GET['albumaid'])) { array_unshift($_GET['albumaid'], ''); $_GET['albumaid'] = array_unique($_GET['albumaid']); unset($_GET['albumaid'][0]); foreach ($_GET['albumaid'] as $aid) { if (isset($newattach[$aid])) { $albumattach[$aid] = $newattach[$aid]; } } } foreach ($attachnew as $aid => $attach) { $update = array(); $update['readperm'] = $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0; $update['price'] = $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0; $update['tid'] = $tid; $update['pid'] = $pid; $update['uid'] = $uid; $update['description'] = censor(cutstr(dhtmlspecialchars($attach['description']), 100)); C::t('forum_attachment_n')->update('tid:' . $tid, $aid, $update); if (!$newattach[$aid]) { continue; } $update = array_merge($update, $newattach[$aid]); if (!empty($newattachfile[$aid])) { if ($_G['setting']['thumbstatus'] && $_G['forum']['disablethumb']) { $update['thumb'] = 0; @unlink($_G['setting']['attachdir'] . '/forum/' . getimgthumbname($newattachfile[$aid])); if (!empty($albumattach[$aid])) { $albumattach[$aid]['thumb'] = 0; } } elseif (!$_G['setting']['thumbdisabledmobile']) { $_daid = sprintf("%09d", $aid); $dir1 = substr($_daid, 0, 3); $dir2 = substr($_daid, 3, 2); $dir3 = substr($_daid, 5, 2); $dw = 320; $dh = 320; $thumbfile = 'image/' . $dir1 . '/' . $dir2 . '/' . $dir3 . '/' . substr($_daid, -2) . '_' . $dw . '_' . $dh . '.jpg'; $image->Thumb($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], $thumbfile, $dw, $dh, 'fixwr'); $dw = 720; $dh = 720; $thumbfile = 'image/' . $dir1 . '/' . $dir2 . '/' . $dir3 . '/' . substr($_daid, -2) . '_' . $dw . '_' . $dh . '.jpg'; $image->Thumb($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], $thumbfile, $dw, $dh, 'fixwr'); } if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) { $image->Watermark($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], '', 'forum'); $update['filesize'] = $image->imginfo['size']; } } if (!empty($_GET['albumaid']) && isset($albumattach[$aid])) { $newalbum = 0; if (!$_GET['uploadalbum']) { require_once libfile('function/spacecp'); $_GET['uploadalbum'] = album_creat(array('albumname' => $_GET['newalbum'])); $newalbum = 1; } $picdata = array('albumid' => $_GET['uploadalbum'], 'uid' => $uid, 'username' => $_G['username'], 'dateline' => $albumattach[$aid]['dateline'], 'postip' => $_G['clientip'], 'filename' => censor($albumattach[$aid]['filename']), 'title' => censor(cutstr(dhtmlspecialchars($attach['description']), 100)), 'type' => fileext($albumattach[$aid]['attachment']), 'size' => $albumattach[$aid]['filesize'], 'filepath' => $albumattach[$aid]['attachment'], 'thumb' => $albumattach[$aid]['thumb'], 'remote' => $albumattach[$aid]['remote'] + 2); $update['picid'] = C::t('home_pic')->insert($picdata, 1); if ($newalbum) { require_once libfile('function/home'); require_once libfile('function/spacecp'); album_update_pic($_GET['uploadalbum']); } } C::t('forum_attachment_n')->insert('tid:' . $tid, $update, false, true); C::t('forum_attachment')->update($aid, array('tid' => $tid, 'pid' => $pid, 'tableid' => getattachtableid($tid))); C::t('forum_attachment_unused')->delete($aid); } if (!empty($_GET['albumaid'])) { $albumdata = array('picnum' => C::t('home_pic')->check_albumpic($_GET['uploadalbum']), 'updatetime' => $_G['timestamp']); C::t('home_album')->update($_GET['uploadalbum'], $albumdata); require_once libfile('function/home'); require_once libfile('function/spacecp'); album_update_pic($_GET['uploadalbum']); } if ($newattach) { ftpupload($newaids, $uid); } } if (!$modnewthreads && $newattach && $uid == $_G['uid']) { updatecreditbyaction('postattach', $uid, array(), '', count($newattach), 1, $_G['fid']); } if ($attachupdate) { $attachs = C::t('forum_attachment_n')->fetch_all_by_id('tid:' . $tid, 'aid', array_keys($attachupdate)); foreach ($attachs as $attach) { if (array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) { dunlink($attach); } } $unusedattachs = C::t('forum_attachment_unused')->fetch_all($attachupdate); $attachupdate = array_flip($attachupdate); $unusedaids = array(); foreach ($unusedattachs as $attach) { if ($attach['uid'] != $uid && !$_G['forum']['ismoderator']) { continue; } $unusedaids[] = $attach['aid']; $update = $attach; $update['dateline'] = TIMESTAMP; $update['remote'] = 0; unset($update['aid']); if ($attach['isimage'] && $_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) { $image->Watermark($_G['setting']['attachdir'] . '/forum/' . $attach['attachment'], '', 'forum'); $update['filesize'] = $image->imginfo['size']; } C::t('forum_attachment_n')->update('tid:' . $tid, $attachupdate[$attach['aid']], $update); @unlink($_G['setting']['attachdir'] . 'image/' . $attach['aid'] . '_100_100.jpg'); C::t('forum_attachment_exif')->delete($attachupdate[$attach['aid']]); C::t('forum_attachment_exif')->update($attach['aid'], array('aid' => $attachupdate[$attach['aid']])); ftpupload(array($attachupdate[$attach['aid']]), $uid); } if ($unusedaids) { C::t('forum_attachment_unused')->delete($unusedaids); } } $attachcount = C::t('forum_attachment_n')->count_by_id('tid:' . $tid, $pid ? 'pid' : 'tid', $pid ? $pid : $tid); $attachment = 0; if ($attachcount) { if (C::t('forum_attachment_n')->count_image_by_id('tid:' . $tid, $pid ? 'pid' : 'tid', $pid ? $pid : $tid)) { $attachment = 2; } else { $attachment = 1; } } else { $attachment = 0; } C::t('forum_thread')->update($tid, array('attachment' => $attachment)); C::t('forum_post')->update('tid:' . $tid, $pid, array('attachment' => $attachment), true); if (!$attachment) { C::t('forum_threadimage')->delete_by_tid($tid); } $_G['forum_attachexist'] = $attachment; }
function blog_post($POST, $olds=array()) { global $_G, $space; $isself = 1; if(!empty($olds['uid']) && $olds['uid'] != $_G['uid']) { $isself = 0; $__G = $_G; $_G['uid'] = $olds['uid']; $_G['username'] = addslashes($olds['username']); } $POST['subject'] = getstr(trim($POST['subject']), 80); $POST['subject'] = censor($POST['subject']); if(strlen($POST['subject'])<1) $POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d'); $POST['friend'] = intval($POST['friend']); $POST['target_ids'] = ''; if($POST['friend'] == 2) { $uids = array(); $names = empty($_POST['target_names'])?array():explode(',', preg_replace("/(\s+)/s", ',', $_POST['target_names'])); if($names) { $uids = C::t('common_member')->fetch_all_uid_by_username($names); } if(empty($uids)) { $POST['friend'] = 3; } else { $POST['target_ids'] = implode(',', $uids); } } elseif($POST['friend'] == 4) { $POST['password'] = trim($POST['password']); if($POST['password'] == '') $POST['friend'] = 0; } if($POST['friend'] !== 2) { $POST['target_ids'] = ''; } if($POST['friend'] !== 4) { $POST['password'] == ''; } $POST['tag'] = dhtmlspecialchars(trim($POST['tag'])); $POST['tag'] = getstr($POST['tag'], 500); $POST['tag'] = censor($POST['tag']); $POST['message'] = checkhtml($POST['message']); if($_G['mobile']) { $POST['message'] = getstr($POST['message'], 0, 0, 0, 1); $POST['message'] = censor($POST['message']); } else { $POST['message'] = getstr($POST['message'], 0, 0, 0, 0, 1); $POST['message'] = censor($POST['message']); $POST['message'] = preg_replace(array( "/\<div\>\<\/div\>/i", "/\<a\s+href\=\"([^\>]+?)\"\>/i" ), array( '', '<a href="\\1" target="_blank">' ), $POST['message']); } $message = $POST['message']; if(censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) { $blog_status = 1; } else { $blog_status = 0; } if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) { if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') { $classname = dhtmlspecialchars(trim(substr($POST['classid'], 4))); $classname = getstr($classname); $classname = censor($classname); if(empty($classname)) { $classid = 0; } else { $classid = C::t('home_class')->fetch_classid_by_uid_classname($_G['uid'], $classname); if(empty($classid)) { $setarr = array( 'classname' => $classname, 'uid' => $_G['uid'], 'dateline' => $_G['timestamp'] ); $classid = C::t('home_class')->insert($setarr, true); } } } else { $classid = intval($POST['classid']); } } else { $classid = $olds['classid']; } if($classid && empty($classname)) { $query = C::t('home_class')->fetch($classid); $classname = ($query['uid'] == $_G['uid']) ? $query['classname'] : ''; if(empty($classname)) $classid = 0; } $blogarr = array( 'subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($POST['noreply'])?0:1, 'catid' => intval($POST['catid']), 'status' => $blog_status, ); $titlepic = ''; $uploads = array(); if(!empty($POST['picids'])) { $picids = array_keys($POST['picids']); $query = C::t('home_pic')->fetch_all_by_uid($_G['uid'], 0, 0, $picids); foreach($query as $value) { if(empty($titlepic) && $value['thumb']) { $titlepic = getimgthumbname($value['filepath']); $blogarr['picflag'] = $value['remote']?2:1; } $picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0); $uploads[md5($picurl)] = $value; } if(empty($titlepic) && $value) { $titlepic = $value['filepath']; $blogarr['picflag'] = $value['remote']?2:1; } } if($uploads) { $albumid = 0; if($POST['savealbumid'] < 0 && !empty($POST['newalbum'])) { $albumname = addslashes(dhtmlspecialchars(trim($POST['newalbum']))); if(empty($albumname)) $albumname = dgmdate($_G['timestamp'],'Ymd'); $albumarr = array('albumname' => $albumname); $albumid = album_creat($albumarr); } else { $albumid = $POST['savealbumid'] < 0 ? 0 : intval($POST['savealbumid']); } if($albumid) { C::t('home_pic')->update_for_uid($_G['uid'], $picids, array('albumid' => $albumid)); album_update_pic($albumid); } preg_match_all("/\s*\<img src=\"(.+?)\".*?\>\s*/is", $message, $mathes); if(!empty($mathes[1])) { foreach ($mathes[1] as $key => $value) { $urlmd5 = md5($value); if(!empty($uploads[$urlmd5])) { unset($uploads[$urlmd5]); } } } foreach ($uploads as $value) { $picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0); $message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>"; } } $ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message); if(empty($ckmessage)) { return false; } if(checkperm('manageblog')) { $blogarr['hot'] = intval($POST['hot']); } if($olds['blogid']) { if($blogarr['catid'] != $olds['catid']) { if($olds['catid']) { C::t('home_blog_category')->update_num_by_catid(-1, $olds['catid'], true, true); } if($blogarr['catid']) { C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']); } } $blogid = $olds['blogid']; C::t('home_blog')->update($blogid, $blogarr); $fuids = array(); $blogarr['uid'] = $olds['uid']; $blogarr['username'] = $olds['username']; } else { if($blogarr['catid']) { C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']); } $blogarr['uid'] = $_G['uid']; $blogarr['username'] = $_G['username']; $blogarr['dateline'] = empty($POST['dateline'])?$_G['timestamp']:$POST['dateline']; $blogid = C::t('home_blog')->insert($blogarr, true); C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp'])); C::t('common_member_field_home')->update($_G['uid'], array('recentnote'=>$POST['subject'])); } $blogarr['blogid'] = $blogid; $class_tag = new tag(); $POST['tag'] = $olds ? $class_tag->update_field($POST['tag'], $blogid, 'blogid') : $class_tag->add_tag($POST['tag'], $blogid, 'blogid'); $fieldarr = array( 'message' => $message, 'postip' => $_G['clientip'], 'target_ids' => $POST['target_ids'], 'tag' => $POST['tag'] ); if(!empty($titlepic)) { $fieldarr['pic'] = $titlepic; } if($olds) { C::t('home_blogfield')->update($blogid, $fieldarr); } else { $fieldarr['blogid'] = $blogid; $fieldarr['uid'] = $blogarr['uid']; C::t('home_blogfield')->insert($fieldarr); } if($isself && !$olds && $blog_status == 0) { updatecreditbyaction('publishblog', 0, array('blogs' => 1)); include_once libfile('function/stat'); updatestat('blog'); } if($olds['blogid'] && $blog_status == 1) { updatecreditbyaction('publishblog', 0, array('blogs' => -1), '', -1); include_once libfile('function/stat'); updatestat('blog'); } if($POST['makefeed'] && $blog_status == 0) { include_once libfile('function/feed'); feed_publish($blogid, 'blogid', $olds?0:1); } if(!empty($__G)) $_G = $__G; if($blog_status == 1) { updatemoderate('blogid', $blogid); manage_addnotify('verifyblog'); } return $blogarr; }
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0) { global $_SGLOBAL, $space, $_SCONFIG, $_SC; $setarr = array(); $filepath = getfilepath($fileext, true); $newfilename = $_SC['attachdir'] . './' . $filepath; if ($handle = fopen($newfilename, 'wb')) { if (fwrite($handle, $strdata) !== FALSE) { fclose($handle); $size = filesize($newfilename); //检查空间大小 if (empty($space)) { $query = $_SGLOBAL['db']->query("SELECT username, credit, groupid, attachsize, addsize FROM " . tname('space') . " WHERE uid='{$_SGLOBAL['supe_uid']}'"); $space = $_SGLOBAL['db']->fetch_array($query); $_SGLOBAL['supe_username'] = addslashes($space['username']); } $_SGLOBAL['member'] = $space; $maxattachsize = intval(checkperm('maxattachsize')); //单位MB if ($maxattachsize) { //0为不限制 if ($space['attachsize'] + $size - $delsize > $maxattachsize + $space['addsize']) { @unlink($newfilename); return -1; } } //检查是否图片 if (function_exists('getimagesize') && !@getimagesize($newfilename)) { @unlink($newfilename); return -2; } //缩略图 include_once S_ROOT . './source/function_image.php'; $thumbpath = makethumb($newfilename); $thumb = empty($thumbpath) ? 0 : 1; //大头帖不添加水印 if ($_SCONFIG['allowwatermark']) { makewatermark($newfilename); } //入库 $filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1)); $title = $title; if ($albumid) { preg_match("/^new\\:(.+)\$/i", $albumid, $matchs); if (!empty($matchs[1])) { $albumname = shtmlspecialchars(trim($matchs[1])); if (empty($albumname)) { $albumname = sgmdate('Ymd'); } $albumid = album_creat(array('albumname' => $albumname)); } else { $albumid = intval($albumid); if ($albumid) { $query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM " . tname('album') . " WHERE albumid='{$albumid}' AND uid='{$_SGLOBAL['supe_uid']}'"); if ($value = $_SGLOBAL['db']->fetch_array($query)) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } } } } else { $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } $setarr = array('albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp'], 'filename' => $filename, 'postip' => getonlineip(), 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb); $setarr['picid'] = inserttable('pic', $setarr, 1); //更新附件大小 //积分 $setsql = ''; if ($pic_credit = creditrule('get', 'pic')) { $setsql = ",credit=credit+{$pic_credit}"; } $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET attachsize=attachsize+'{$size}', updatetime='{$_SGLOBAL['timestamp']}' {$setsql} WHERE uid='{$_SGLOBAL['supe_uid']}'"); //相册更新 if ($albumid) { $file = $filepath . ($thumb ? '.thumb.jpg' : ''); $_SGLOBAL['db']->query("UPDATE " . tname('album') . "\r\n\t\t\t\t\tSET picnum=picnum+1, updatetime='{$_SGLOBAL['timestamp']}', pic='{$file}', picflag='1'\r\n\t\t\t\t\tWHERE albumid='{$albumid}'"); } //最后进行ftp上传,防止垃圾产生 if ($_SCONFIG['allowftp']) { include_once S_ROOT . './source/function_ftp.php'; if (ftpupload($newfilename, $filepath)) { $setarr['remote'] = 1; updatetable('pic', array('remote' => $setarr['remote']), array('picid' => $setarr['picid'])); if ($albumid) { updatetable('album', array('picflag' => 2), array('albumid' => $albumid)); } } } $siteurl = ''; if (empty($setarr['remote'])) { $uri = $_SERVER['REQUEST_URI'] ? $_SERVER['REQUEST_URI'] : ($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']); $siteurl = 'http://' . $_SERVER['HTTP_HOST'] . substr($uri, 0, strexists($uri, '/api') ? strrpos($uri, '/') - 3 : strrpos($uri, '/') + 1); } $setarr['filepathall'] = $siteurl . mkpicurl($setarr, 0); return $setarr; } else { fclose($handle); } } return -3; }
function updateattach($postattachcredits, $tid, $pid, $attachnew, $attachdel, $attachupdate = array(), $uid = 0) { global $_G; $uid = $uid ? $uid : $_G['uid']; $uidadd = $_G['forum']['ismoderator'] ? '' : " AND uid='{$uid}'"; $attachnum = $_G['group']['allowpostattach']; if ($attachnew) { $newaids = array_keys($attachnew); $newattach = $newattachfile = $albumattach = array(); $query = DB::query("SELECT aid, tid, attachment FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($newaids) . "){$uidadd}"); while ($attach = DB::fetch($query)) { if ($_G['group']['maxattachnum']) { if ($attachnum <= 0) { unset($attachnew[$attach['aid']]); continue; } else { $attachnum--; } } if (!$attach['tid']) { $newattach[$attach['aid']] = $attach['aid']; $newattachfile[$attach['aid']] = $attach['attachment']; } } if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) { require_once libfile('class/image'); $image = new image(); } if (!empty($_G['gp_albumaid'])) { array_unshift($_G['gp_albumaid'], ''); $_G['gp_albumaid'] = array_unique($_G['gp_albumaid']); unset($_G['gp_albumaid'][0]); $query = DB::query("SELECT * FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($_G['gp_albumaid']) . ")"); while ($attach = DB::fetch($query)) { $albumattach[$attach['aid']] = $attach; } } foreach ($attachnew as $aid => $attach) { $update = array('readperm' => $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0, 'price' => $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0, 'tid' => $tid, 'pid' => $pid, 'uid' => $uid); if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark']) && !empty($newattachfile[$aid])) { $image->Watermark($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], '', 'forum'); } if (!empty($_G['gp_albumaid']) && isset($albumattach[$aid])) { $newalbum = 0; if (!$_G['gp_uploadalbum']) { require_once libfile('function/spacecp'); $_G['gp_uploadalbum'] = album_creat(array('albumname' => $_G['gp_newalbum'])); $newalbum = 1; } $picdata = array('albumid' => $_G['gp_uploadalbum'], 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $albumattach[$aid]['dateline'], 'postip' => $_G['clientip'], 'filename' => $albumattach[$aid]['filename'], 'title' => $albumattach[$aid]['description'], 'type' => fileext($albumattach[$aid]['attachment']), 'size' => $albumattach[$aid]['filesize'], 'filepath' => $albumattach[$aid]['attachment'], 'thumb' => $albumattach[$aid]['thumb'], 'remote' => $albumattach[$aid]['remote'] + 2); $update['picid'] = DB::insert('home_pic', $picdata, 1); if ($newalbum) { require_once libfile('function/home'); require_once libfile('function/spacecp'); album_update_pic($_G['gp_uploadalbum']); } } DB::query("REPLACE INTO " . DB::table('forum_attachmentfield') . " (aid, tid, pid, uid, description) VALUES ('{$aid}', '{$tid}', '{$pid}', '{$uid}', '" . cutstr(dhtmlspecialchars($attach['description']), 100) . "')"); DB::update('forum_attachment', $update, "aid='{$aid}'{$uidadd}"); } if (!empty($_G['gp_albumaid'])) { $albumdata = array('picnum' => DB::result_first("SELECT count(*) FROM " . DB::table('home_pic') . " WHERE albumid='{$_G['gp_uploadalbum']}'"), 'updatetime' => $_G['timestamp']); DB::update('home_album', $albumdata, "albumid='{$_G['gp_uploadalbum']}'"); } if ($newattach) { ftpupload($newaids, $uid); } } $query = DB::query("SELECT aid, attachment, thumb, remote FROM " . DB::table('forum_attachment') . " WHERE uid='{$uid}'"); $delaids = array(); while ($attach = DB::fetch($query)) { $aids[] = $attach['aid']; if ($attachdel && in_array($attach['aid'], $attachdel)) { $delaids[] = $attach['aid']; unset($newattach[$attach['aid']]); dunlink($attach); } if ($attachupdate && array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) { dunlink($attach); } } if ($newattach && $uid == $_G['uid']) { updatecreditbyaction('postattach', $uid, array(), '', count($newattach)); } if ($attachupdate) { $uaids = dimplode($attachupdate); $query = DB::query("SELECT aid, width, filename, filetype, filesize, attachment, isimage, thumb, remote FROM " . DB::table('forum_attachment') . " WHERE aid IN ({$uaids}){$uidadd}"); DB::query("DELETE FROM " . DB::table('forum_attachment') . " WHERE aid IN ({$uaids}){$uidadd}"); $attachupdate = array_flip($attachupdate); while ($attach = DB::fetch($query)) { $update = $attach; $update['dateline'] = TIMESTAMP; $update['remote'] = 0; unset($update['aid']); DB::update('forum_attachment', $update, "aid='" . $attachupdate[$attach['aid']] . "'{$uidadd}"); if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) { $image->Watermark($_G['setting']['attachdir'] . '/forum/' . $attach['attachment'], '', 'forum'); } ftpupload(array($attachupdate[$attach['aid']]), $uid); } } if ($delaids) { DB::query("DELETE FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($delaids) . ")", 'UNBUFFERED'); DB::query("DELETE FROM " . DB::table('forum_attachmentfield') . " WHERE aid IN (" . dimplode($delaids) . ")", 'UNBUFFERED'); } $attachcount = DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : '')); $attachment = $attachcount ? DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : '') . " AND isimage != 0") ? 2 : 1 : 0; DB::query("UPDATE " . DB::table('forum_thread') . " SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED'); $posttable = getposttablebytid($tid); DB::query("UPDATE " . DB::table($posttable) . " SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED'); $_G['forum_attachexist'] = $attachment; }
function video_save($FILE, $title, $desc, $tovideoid = 0, $albumid) { global $_SGLOBAL, $_SCONFIG, $space, $_SC; //允许上传类型 $allowpictype = array('flv'); //检查 $FILE['size'] = intval($FILE['size']); if (empty($FILE['size']) || empty($FILE['tmp_name']) || !empty($FILE['error'])) { return cplang('lack_of_access_to_upload_file_size'); } //判断后缀 $fileext = fileext($FILE['name']); if (!in_array($fileext, $allowpictype)) { return cplang('only_allows_upload_file_types'); } //获取目录 if (!($filepath = getfilepath($fileext, true))) { return cplang('unable_to_create_upload_directory_server'); } //检查空间大小 if (empty($space)) { $space = getspace($_SGLOBAL['supe_uid']); } //用户组 if (!checkperm('allowupload')) { ckspacelog(); return cplang('inadequate_capacity_space'); } //实名认证 if (!ckrealname('album', 1)) { return cplang('inadequate_capacity_space'); } //视频认证 if (!ckvideophoto('album', array(), 1)) { return cplang('inadequate_capacity_space'); } //新用户见习 if (!cknewuser(1)) { return cplang('inadequate_capacity_space'); } $maxattachsize = checkperm('maxattachsize'); //单位MB if ($maxattachsize) { //0为不限制 if ($space['attachsize'] + $FILE['size'] > $maxattachsize + $space['addsize']) { return cplang('inadequate_capacity_space'); } } if ($albumid < 0) { $albumid = 0; } $showtip = true; $albumfriend = 0; if ($albumid) { preg_match("/^new\\:(.+)\$/i", $albumid, $matchs); if (!empty($matchs[1])) { $albumname = shtmlspecialchars(trim($matchs[1])); if (empty($albumname)) { $albumname = sgmdate('Ymd'); } $albumid = album_creat(array('albumname' => $albumname)); } else { $albumid = intval($albumid); if ($albumid) { $query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM " . tname('album') . " WHERE albumid='{$albumid}' AND uid='{$_SGLOBAL['supe_uid']}'"); if ($value = $_SGLOBAL['db']->fetch_array($query)) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } } } } else { $albumid = 0; $showtip = false; } //本地上传 $new_name = $_SC['attachdir'] . './' . $filepath; $tmp_name = $FILE['tmp_name']; if (@copy($tmp_name, $new_name)) { @unlink($tmp_name); } elseif (function_exists('move_uploaded_file') && @move_uploaded_file($tmp_name, $new_name)) { } elseif (@rename($tmp_name, $new_name)) { } else { return cplang('mobile_picture_temporary_failure'); } //入库 $setarr = array('albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'postip' => getonlineip(), 'filename' => addslashes($FILE['name']), 'title' => $title, 'desc' => $desc, 'size' => $FILE['size'], 'filepath' => $filepath); $setarr['id'] = inserttable('video', $setarr, 1); $setsql = ''; if ($showtip) { $reward = getreward('uploadimage', 0); if ($reward['credit']) { $setsql = ",credit=credit+{$reward['credit']}"; } if ($reward['experience']) { $setsql .= ",experience=experience+{$reward['experience']}"; } } $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET attachsize=attachsize+'{$FILE['size']}', updatetime='{$_SGLOBAL['timestamp']}' {$setsql} WHERE uid='{$_SGLOBAL['supe_uid']}'"); updatestat('video'); return $setarr; }