// // $next_photo = $db->get_one("SELECT p.pid,p.path,p.ifthumb,m.groupid FROM pw_cnphoto p LEFT JOIN pw_cnalbum a ON p.aid=a.aid LEFT JOIN pw_members m ON p.uploader=m.username WHERE p.pid>".pwEscape($pid)." AND a.ownerid=".pwEscape($u)." AND p.aid=".pwEscape($aid)." ORDER BY pid"); // if ($next_photo) { // $next_photo['path'] = getphotourl($next_photo['path'],$next_photo['ifthumb']); // if ($next_photo['groupid'] == 6 && $db_shield && $groupid != 3) { // $next_photo['path'] = $pwModeImg.'/banuser.gif'; // } // $nearphoto[] = $next_photo; // } else { // $nearphoto[] = array('pid'=>'end','path'=>'images/apps/pend.jpg'); // } $page = (int) GetGP('page'); $page < 1 && ($page = 1); $url = $basename . 'a=view&pid=' . $pid . '&'; require_once R_P . 'require/bbscode.php'; list($commentdb, $subcommentdb, $pages) = getCommentDbByTypeid('photo', $pid, $page, $url); $comment_type = 'photo'; $comment_typeid = $pid; } elseif ($a == 'next') { define('AJAX', 1); InitGP(array('pid', 'aid'), null, 2); if ($aid) { $next_photo = $db->get_one("SELECT c.pid,c.path,c.ifthumb,m.groupid FROM pw_cnphoto c LEFT JOIN pw_members m ON c.uploader=m.username WHERE c.pid>" . pwEscape($pid) . " AND c.aid=" . pwEscape($aid) . " ORDER BY c.pid"); if ($next_photo) { $next_photo['path'] = getphotourl($next_photo['path'], $next_photo['ifthumb']); if ($next_photo['groupid'] == 6 && $db_shield && $groupid != 3) { $next_photo['path'] = $pwModeImg . '/banuser.gif'; } unset($next_photo['ifthumb']); $pid = pwJsonEncode($next_photo); echo "ok\t{$pid}";
if ($friendsService->isFriend($winduid, $uid) !== true) { $is_friend = 0; } $diaryService = L::loadClass('Diary', 'diary'); /* @var $diaryService PW_Diary */ $diaryPrivacy = $uid != $winduid && !$is_friend ? array(0) : ($uid != $winduid ? array(0, 1) : array()); //TODO 筛选权限 list($diaryNums, $diaryType, $defaultTypeNum, $privacyNum) = $diaryService->getDiaryTypeMode($uid, $diaryPrivacy); //TODO 日志分类 start $diaryTemp = $diaryService->get($did); !$diaryTemp && Showmsg('日志不存在'); $diaryTemp['uid'] != $winduid && $diaryTemp['privacy'] == 2 && Showmsg('该日志对方设置了隐私,没有权限查看.'); $winduid != $uid && $diaryTemp['privacy'] == 1 && !$is_friend && Showmsg('diary_friend_right'); $diary = $diaryService->getDiaryDbView($diaryTemp); $url = 'apps.php?q=diary&a=detail&uid=' . $uid . '&did=' . $did . '&'; list($commentdb, $subcommentdb, $pages) = getCommentDbByTypeid('diary', $did, $page, $url); $comment_type = 'diary'; $comment_typeid = $did; $siteName = getSiteName('o'); $uSeo = USeo::getInstance(); $uSeo->set($diary['subject'] . ' - ' . $space['name'] . ' - ' . $siteName, '日志', $diary['subject'] . ',' . $siteName); $weiboPriv = false; if ($uid == $winduid) { $ouserdataPrivacy = $newSpace->getPrivacy(); !$ouserdataPrivacy['index'] && !$ouserdataPrivacy['diary'] && !$diary['privacy'] && ($weiboPriv = true); } else { !$diary['privacy'] && ($weiboPriv = true); } $diaryNextName = getNextOrPreDiaryName($did, $uid, 'next'); $diaryPreName = getNextOrPreDiaryName($did, $uid, 'pre'); } elseif ($a == 'copydiary') {
list($photo, $nearphoto, $prePid, $nextPid) = $sp->getGroupsPictures($pid, $aid); empty($photo) && Showmsg('data_error'); if ($photo['private'] && !$ifadmin && (!$colony['ifcyer'] || $colony['ifadmin'] == '-1')) { Showmsg('colony_cnmenber'); } $db->update("UPDATE pw_cnphoto SET hits=hits+1 WHERE pid=" . S::sqlEscape($pid)); $aid = $photo['aid']; $photo['uptime'] = get_date($photo['uptime']); $photo['path'] = getphotourl($photo['basepath']); if ($photo['groupid'] == 6 && $db_shield && $groupid != 3) { $photo['path'] = $pwModeImg . '/banuser.gif'; $photo['pintro'] = appShield('ban_photo_pintro'); } $num = $db->get_value("SELECT COUNT(*) AS sum FROM pw_cnphoto WHERE aid=" . S::sqlEscape($photo['aid']) . ' AND pid>=' . S::sqlEscape($pid)); $page = empty($page) ? 1 : $page; list($commentdb, $subcommentdb, $pages) = getCommentDbByTypeid('groupphoto', $pid, $page, "thread.php?cyid={$cyid}&showtype=galbum&a=view&pid={$pid}&"); $comment_type = 'groupphoto'; $comment_typeid = $pid; // require_once(R_P.'require/header.php'); require_once PrintEot('thread_galbum'); footer(); } elseif ($a == 'upload') { if (!$ifadmin && !$colony['ifFullMember']) { Showmsg('colony_cnmenber'); } banUser(); S::gp(array('aid', 'job')); $tmpUrlAdd .= '&a=upload' . ($job ? '&job=' . $job : '') . '&aid=' . $aid; if (empty($_POST['step'])) { $extra_url = $options = ''; $count = $db->get_value("SELECT COUNT(*) AS count FROM pw_cnalbum WHERE atype='1' AND ownerid=" . S::sqlEscape($cyid));
!$ouserPrivacy['index'] && Showmsg('该朋友的空间设置了查看权限'); !$ouserPrivacy['diary'] && Showmsg('该朋友的日志设置了查看权限'); $diaryService = L::loadClass('Diary', 'diary'); /* @var $diaryService PW_Diary */ $diaryTemp = $diaryService->get($did); $diaryTemp['uid'] != $fuid && Showmsg('日志不存在'); $diaryTemp['privacy'] == 2 && Showmsg("日志不存在"); $diary = $diaryService->getDiaryDbView($diaryTemp); $friendsService = L::loadClass('Friend', 'friend'); /* @var $friendsService PW_Friend */ if ($friendsService->isFriend($winduid, $fuid) !== true) { Showmsg('好友不存在'); } $diaryPrivacy = array(0, 1); list($diaryNums, $diaryType, $defaultTypeNum, $privacyNum) = $diaryService->getDiaryTypeMode($fuid, $diaryPrivacy); list($commentdb, $subcommentdb, $pages) = getCommentDbByTypeid('diary', $did, $page, "{$basename}a={$a}&fuid={$fuid}&did={$did}&"); $comment_type = 'diary'; $comment_typeid = $did; $myOuserData = array(); $ouserdataService = L::loadClass('Ouserdata', 'sns'); /* @var $ouserdataService PW_Ouserdata */ $myOuserData = $ouserdataService->get($fuid); $weiboPriv = false; if (!$myOuserData['index_privacy'] && !$myOuserData['diary_privacy'] && !$diary['privacy']) { $weiboPriv = true; } $friendDiaryNextName = getNextOrPreDiaryName($did, $fuid, 'next'); $friendDiaryPreName = getNextOrPreDiaryName($did, $fuid, 'pre'); } elseif ($a == 'write') { //权限设置 /**
$metaDescription = $colonySeo->getPageMetadescrip($active['introduction']); $metaKeywords = $colonySeo->getPageMetakeyword($active['title'], $colony['cname']); $active['content'] = str_replace("\n", '<br />', $active['content']); require_once R_P . 'require/bbscode.php'; $active['content'] = convert($active['content'], $db_windpost); if ($attachs = $newActive->getAttById($id)) { extract(L::style()); $attachShow = new attachShow($isGM || $pwSystem['delattach'], '', 0, 'active'); $attachShow->setData($attachs); $active += $attachShow->parseAttachs('tpc', $active['content'], $winduid == $active['uid']); } $newActive->updateHits($id); list($newactivedb) = $newActive->searchList(array('cid' => $cyid), 3, 0, 'id', 'DESC'); $hotactivedb = $newActive->getHotActive(3); $relateactivedb = $newActive->getRelateActive($id, 3); list($commentdb, $subcommentdb, $pages, $count) = getCommentDbByTypeid('active', $id, $page, "{$basename}a={$a}&job={$job}&cyid={$cyid}&id={$id}&"); $comment_type = 'active'; $comment_typeid = $id; list($isheader, $isfooter, $tplname, $isleft) = array(false, true, "m_group", true); } elseif ($job == 'quit') { define('AJAX', 1); S::gp(array('id')); require_once A_P . 'groups/lib/active.class.php'; $newActive = new PW_Active(); if (!($active = $newActive->getActiveById($id)) || $active['cid'] != $cyid) { Showmsg('data_error'); } if (empty($_POST['step'])) { require_once PrintEot('m_ajax'); ajax_footer(); } else {
Showmsg('colony_cnmenber'); } $webPageTitle = $colonySeo->getPageTitle($photo['aname'], $colony['cname']); $metaDescription = $colonySeo->getPageMetadescrip($photo['aintro']); $metaKeywords = $colonySeo->getPageMetakeyword($photo['aname'], $colony['cname']); $db->update("UPDATE pw_cnphoto SET hits=hits+1 WHERE pid=" . S::sqlEscape($pid)); $aid = $photo['aid']; $photo['uptime'] = get_date($photo['uptime']); $photo['path'] = getphotourl($photo['basepath']); if ($photo['groupid'] == 6 && $db_shield && $groupid != 3) { $photo['path'] = $pwModeImg . '/banuser.gif'; $photo['pintro'] = appShield('ban_photo_pintro'); } $num = $db->get_value("SELECT COUNT(*) AS sum FROM pw_cnphoto WHERE aid=" . S::sqlEscape($photo['aid']) . ' AND pid>=' . S::sqlEscape($pid)); $page = empty($page) ? 1 : $page; list($commentdb, $subcommentdb, $pages) = getCommentDbByTypeid('groupphoto', $pid, $page, "apps.php?q=galbum&a=view&cyid={$cyid}&pid={$pid}&"); $comment_type = 'groupphoto'; $comment_typeid = $pid; list($isheader, $isfooter, $tplname, $isleft) = array(false, true, "m_galbum", true); } elseif ($a == 'editphoto') { define('AJAX', '1'); banUser(); S::gp(array('pid'), null, 2); $photo = $db->get_one("SELECT p.aid,p.pintro,p.uploader,a.ownerid,p.path,a.lastphoto FROM pw_cnphoto p LEFT JOIN pw_cnalbum a ON p.aid=a.aid WHERE pid=" . S::sqlEscape($pid)); if (empty($photo)) { Showmsg('data_error'); } if (!$ifadmin && $photo['uploader'] != $windid) { Showmsg('colony_cnmenber'); } if (empty($_POST['step'])) {