function callback($module, $method, $params)
{
global $_SITE_CONFIG;
if (isset($params['uId'])) {
$space = getspace($params['uId']);
if ($this->_needCheckUserId($module, $method)) {
if (!$space['uid']) {
$errCode = 1;
$errMessage = "User({$params['uId']}) Not Exists";
return new APIErrorResponse($errCode, $errMessage);
}
}
}
$_SITE_CONFIG['uid'] = $space['uid'];
$_SITE_CONFIG['uname'] = $space['uname'];
@(include_once API_ROOT . '/class/' . $module . '.class.php');
if (!class_exists($module)) {
$errCode = 3;
$errMessage = "Class({$module}) Not Exists";
return new APIErrorResponse($errCode, $errMessage);
}
$class = new $module();
$response = @call_user_func_array(array(&$class, $method), $params);
return $response;
}
function eycp_register_to_ucenter($openid, $login, $email, $nickname)
{
/////////////////////////////////////
//好友邀请数据预处理
include_once S_ROOT . './source/function_cp.php';
$uid = empty($_GET['uid']) ? 0 : intval($_GET['uid']);
$code = empty($_GET['code']) ? '' : $_GET['code'];
$app = empty($_GET['app']) ? '' : intval($_GET['app']);
$invite = empty($_GET['invite']) ? '' : $_GET['invite'];
$invitearr = array();
$reward = getreward('invitecode', 0);
$pay = $app ? 0 : $reward['credit'];
if ($uid && $code && !$pay) {
//邀请玩应用home就不给奖励了?
$m_space = getspace($uid);
//$_SN在此被赋值
// echo var_dump($_SN)."--_SN在getspace这个函数中赋值了...<br>";
// echo var_dump($_SESSION['SN'])."--_SESSION['SN']<br>";
// echo var_dump($m_space['uid'])."--m_space['uid']<br>";
// echo var_dump($app)."--app<br>";
// echo var_dump($code)."--code<br>";
// echo var_dump($_SCONFIG['sitekey']).'--sitekey<br>';
// echo space_key($m_space, $app)."--space_key<br>";
if ($code == space_key($m_space, $app)) {
//验证通过
$invitearr['uid'] = $uid;
$invitearr['username'] = $m_space['username'];
}
$url_plus = "uid={$uid}&app={$app}&code={$code}";
// echo var_dump($uid)."--uid<br>";
// echo var_dump($m_space['username'])."--m_space['username']<br>";
// echo var_dump($invitearr)."--_invitearr1<br>";
// echo var_dump($url_plus)."--url_plus1<br>";
} elseif ($uid && $invite) {
include_once S_ROOT . './source/function_cp.php';
$invitearr = invite_get($uid, $invite);
$url_plus = "uid={$uid}&invite={$invite}";
// echo var_dump($invitearr)."--_invitearr2<br>";
}
$jumpurl = $app ? "userapp.php?id={$app}&my_extra=invitedby_bi_{$uid}_{$code}&my_suffix=Lw%3D%3D" : 'space.php?do=home';
//好友邀请数据预处理结束
/////////////////////////////////////
/////////////////////////////////////
//注册到ucenter
// 不采用uhome及ucenter自己的登录机制,所以随机填个它的密码
$password = md5("{$newuid}|{$_SGLOBAL['timestamp']}");
//本地密码随机生成
//用ucenter api注册新用户
include S_ROOT . './uc_client/client.php';
$newuid = uc_user_register($login, $password, $email);
// echo var_dump($newuid)."--newuid<br/>";
// breakpoint();
if ($newuid <= 0) {
if ($newuid == -1) {
showmessage('user_name_is_not_legitimate');
} elseif ($newuid == -2) {
showmessage('include_not_registered_words');
} elseif ($newuid == -3) {
// showmessage('user_name_already_exists');
// 如果已经在ucenter存在先通过discuz注册的用户,则为他开通uchome
//同步获取用户源
if (!($passport = get_passport_by_login($login))) {
showmessage('login_failure_please_re_login', 'OpenID.call.php');
}
// echo var_dump($passport)."--passport<br/>";
$setarr = array('uid' => $passport['uid'], 'username' => addslashes($passport['username']), 'password' => md5("{$passport['uid']}|{$_SGLOBAL['timestamp']}"));
// echo var_dump($setarr)."--setarr<br/>";
// echo var_dump($email)."--email<br/>";
ey_regiter_user_to_uchome($setarr, $openid, $login, $email, $nickname, $invitearr, $url_plus, $app, $jumpurl);
} elseif ($newuid == -4) {
showmessage('email_format_is_wrong');
} elseif ($newuid == -5) {
showmessage('email_not_registered');
} elseif ($newuid == -6) {
showmessage('email_has_been_registered');
} else {
showmessage('register_error');
}
} else {
$setarr = array('uid' => $newuid, 'username' => $login, 'password' => md5("{$newuid}|{$_SGLOBAL['timestamp']}"));
ey_regiter_user_to_uchome($setarr, $openid, $login, $email, $nickname, $invitearr, $url_plus, $app, $jumpurl);
}
}
if ($ms[1] != 'cp' || $ms[2] != 'sendmail') {
$refer = '';
}
}
if (empty($refer)) {
$refer = 'space.php?do=home';
}
//好友邀请
$uid = empty($_GET['uid']) ? 0 : intval($_GET['uid']);
$code = empty($_GET['code']) ? '' : $_GET['code'];
$app = empty($_GET['app']) ? '' : intval($_GET['app']);
$invite = empty($_GET['invite']) ? '' : $_GET['invite'];
$invitearr = array();
$reward = getreward('invitecode', 0);
if ($uid && $code && !$reward['credit']) {
$m_space = getspace($uid);
if ($code == space_key($m_space, $app)) {
//验证通过
$invitearr['uid'] = $uid;
$invitearr['username'] = $m_space['username'];
}
$url_plus = "uid={$uid}&app={$app}&code={$code}";
} elseif ($uid && $invite) {
include_once S_ROOT . './source/function_cp.php';
$invitearr = invite_get($uid, $invite);
$url_plus = "uid={$uid}&invite={$invite}";
}
if ($_SCONFIG['seccode_login']) {
include_once S_ROOT . './source/function_cp.php';
if (!ckseccode($_POST['seccode'])) {
$_SGLOBAL['input_seccode'] = 1;
function getUserSpace($uId)
{
global $_G;
$space = getspace($uId);
if (!$space['uid']) {
return false;
}
$_G['uid'] = $space['uid'];
$_G['username'] = $space['username'];
return true;
}
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false)
{
global $_G, $space;
if ($albumid < 0) {
$albumid = 0;
}
$setarr = array();
require_once libfile('class/upload');
$upload = new discuz_upload();
$filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext;
$newfilename = $_G['setting']['attachdir'] . './album/' . $filepath;
if ($handle = fopen($newfilename, 'wb')) {
if (fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
if (empty($space)) {
$_G['member'] = $space = getspace($_G['uid']);
$_G['username'] = addslashes($space['username']);
}
$_G['member'] = $space;
$maxspacesize = checkperm('maxspacesize');
$maxspacesize = $maxspacesize * 1024 * 1024;
if ($maxspacesize) {
space_merge($space, 'common_member_count');
space_merge($space, 'common_member_field_home');
if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
if (!$upload->get_image_info($newfilename)) {
@unlink($newfilename);
return -2;
}
require_once libfile('class/image');
$image = new image();
$result = $image->Thumb($newfilename, NULL, 140, 140, 1);
$thumb = empty($result) ? 0 : 1;
$image->Watermark($newfilename);
$pic_remote = 0;
$album_picflag = 1;
if (getglobal('setting/ftp/on')) {
$ftpresult_thumb = 0;
$ftpresult = ftpupload('album/' . $filepath);
if ($ftpresult) {
if ($thumb) {
ftpupload('album/' . $filepath . '.thumb.jpg');
}
$pic_remote = 1;
$album_picflag = 2;
} else {
if (getglobal('setting/ftp/mirror')) {
@unlink($newfilename);
@unlink($newfilename . '.thumb.jpg');
return -3;
}
}
}
$filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1));
$title = getstr($title, 200, 1, 1, 1);
if ($albumid) {
$albumid = album_creat_by_id($albumid);
} else {
$albumid = 0;
}
$setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote);
$setarr['picid'] = DB::insert('home_pic', $setarr, 1);
DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$size} WHERE uid='{$_G['uid']}'");
include_once libfile('function/stat');
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
function getmember()
{
global $_SGLOBAL, $space;
if (empty($_SGLOBAL['member']) && $_SGLOBAL['supe_uid']) {
if ($space['uid'] == $_SGLOBAL['supe_uid']) {
$_SGLOBAL['member'] = $space;
} else {
$_SGLOBAL['member'] = getspace($_SGLOBAL['supe_uid']);
}
}
}
if ($invitearr['email'] == $email) {
updatetable('spacefield', array('emailcheck' => 1), array('uid' => $newuid));
}
//统计更新
include_once S_ROOT . './source/function_cp.php';
if ($app) {
updatestat('appinvite');
} else {
updatestat('invite');
}
}
//变更记录
if ($_SCONFIG['my_status']) {
inserttable('userlog', array('uid' => $newuid, 'action' => 'add', 'dateline' => $_SGLOBAL['timestamp']), 0, true);
}
capi_showmessage_by_data('registered', 0, array("space" => getspace($space["uid"]), "m_auth" => rawurlencode($auth)));
}
}
$register_rule = data_get('registerrule');
//include template('do_register');
} elseif ($op == "checkusername") {
$username = trim($_REQUEST['username']);
if (empty($username)) {
capi_showmessage_by_data('user_name_is_not_legitimate');
}
@(include_once S_ROOT . './uc_client/client.php');
$ucresult = uc_user_checkname($username);
if ($ucresult == -1) {
capi_showmessage_by_data('user_name_is_not_legitimate');
} elseif ($ucresult == -2) {
capi_showmessage_by_data('include_not_registered_words');
if (!checkperm('allowshare')) {
showmessage('no_privilege_share');
}
cknewuser();
$type = empty($_GET['type']) ? '' : $_GET['type'];
$id = empty($_GET['id']) ? 0 : intval($_GET['id']);
$note_uid = 0;
$note_message = '';
$note_values = array();
$hotarr = array();
$arr = array();
$feed_hash_data = '';
switch ($type) {
case 'space':
$feed_hash_data = "uid{$id}";
$tospace = getspace($id);
if (empty($tospace)) {
showmessage('space_does_not_exist');
}
if (isblacklist($tospace['uid'])) {
showmessage('is_blacklist');
}
$arr['itemid'] = $id;
$arr['fromuid'] = $id;
$arr['title_template'] = lang('spacecp', 'share_space');
$arr['body_template'] = '<b>{username}</b><br>{reside}<br>{spacenote}';
$arr['body_data'] = array('username' => "<a href=\"home.php?mod=space&uid={$id}\">" . $tospace['username'] . "</a>", 'reside' => $tospace['resideprovince'] . $tospace['residecity'], 'spacenote' => $tospace['spacenote']);
loaducenter();
$isavatar = uc_check_avatar($id);
$arr['image'] = $isavatar ? avatar($id, 'middle', true) : UC_API . '/images/noavatar_middle.gif';
$arr['image_link'] = "home.php?mod=space&uid={$id}";
$query = DB::query("SELECT * FROM " . DB::table('home_share') . " WHERE sid='{$id}'");
$share = DB::fetch($query);
if (empty($share)) {
showmessage('sharing_does_not_exist');
}
$tospace = getspace($share['uid']);
$hotarr = array('sid', $share['sid'], $share['hotuser']);
$stattype = 'sharecomment';
break;
case 'pid':
$query = DB::query("SELECT p.*, pf.hotuser\n\t\t\t\tFROM " . DB::table('home_poll') . " p\n\t\t\t\tLEFT JOIN " . DB::table('home_pollfield') . " pf ON pf.pid=p.pid\n\t\t\t\tWHERE p.pid='{$id}'");
$poll = DB::fetch($query);
if (empty($poll)) {
showmessage('voting_does_not_exist');
}
$tospace = getspace($poll['uid']);
if ($poll['noreply']) {
if (!$tospace['self'] && !in_array($_G['uid'], $tospace['friends'])) {
showmessage('the_vote_only_allows_friends_to_comment');
}
}
$hotarr = array('pid', $poll['pid'], $poll['hotuser']);
$stattype = 'pollcomment';
break;
default:
showmessage('non_normal_operation');
break;
}
if (empty($tospace)) {
showmessage('space_does_not_exist');
}
$invitepay = getreward('invitecode', 0);
if ($uid && $code) {
$m_space = getspace($uid);
if ($code == space_key($m_space, $app)) {
//Ñé֤ͨ¹ý
$invitearr['uid'] = $uid;
$invitearr['username'] = $m_space['username'];
}
$url_plus = "uid={$uid}&app={$app}&code={$code}";
} elseif ($uid && $invite) {
include_once S_ROOT . './source/function_cp.php';
$invitearr = invite_get($uid, $invite);
$url_plus = "uid={$uid}&invite={$invite}";
}
$jumpurl = $app ? "userapp.php?id={$app}&my_extra=invitedby_bi_{$uid}_{$code}&my_suffix=Lw%3D%3D" : 'space.php';
$space = getspace($_GET['uid']);
$arr_classfriend = array();
$usertype = '';
$sub = '';
if (empty($op)) {
if ($_SCONFIG['closeregister']) {
if ($_SCONFIG['closeinvite']) {
showmessage('not_open_registration');
} elseif (empty($invitearr)) {
showmessage('not_open_registration_invite');
}
}
checkclose();
if (submitcheck("registersubmit")) {
//ÒѾע²áÓû§
if ($_SGLOBAL['supe_uid']) {
@(include_once S_ROOT . './data/data_click.php');
$clicks = empty($_SGLOBAL['click']['tid']) ? array() : $_SGLOBAL['click']['tid'];
//分页
$page = empty($_GET['page']) ? 1 : intval($_GET['page']);
if ($page < 1) {
$page = 1;
}
$id = empty($_GET['id']) ? 0 : intval($_GET['id']);
if ($id) {
//话题
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('thread') . " WHERE tid='{$id}' LIMIT 1");
if (!($thread = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('topic_does_not_exist');
}
//验证空间是否被锁定
$space = getspace($thread['uid']);
if ($space['flag'] == -1) {
showmessage('space_has_been_locked');
}
realname_set($thread['uid'], $thread['username']);
//群组信息
$tagid = $thread['tagid'];
if ($eventid && $event['tagid'] != $tagid) {
showmessage('event_mtag_not_match');
}
if (!$eventid && $thread['eventid']) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid='{$thread['eventid']}' LIMIT 1");
$event = $_SGLOBAL['db']->fetch_array($query);
if (empty($event)) {
updatetable('thread', array("eventid" => 0), array("eventid" => $thread['eventid']));
}
realname_set($value['uid'], $value['username']);
if (empty($value['upid'])) {
$value['upid'] = "do";
}
$tree->setNode($value['id'], $value['upid'], $value);
}
$values = $tree->getChilds("do");
foreach ($values as $key => $id) {
$one = $tree->getValue($id);
$one['layer'] = $tree->getLayer($id) * 2;
$clist[] = $one;
}
}
realname_get();
} elseif ($op == 'getmood') {
$space = empty($_SGLOBAL['supe_uid']) ? array() : getspace($_SGLOBAL['supe_uid']);
if ($space['spacenote']) {
$space['spacenote'] = getstr($space['spacenote'], 50);
}
} elseif ($op == 'deluserapp') {
if (empty($_SGLOBAL['supe_uid'])) {
showmessage('no_privilege');
}
$hash = trim($_GET['hash']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('myinvite') . " WHERE hash='{$hash}' AND touid='{$_SGLOBAL['supe_uid']}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
$_SGLOBAL['db']->query("DELETE FROM " . tname('myinvite') . " WHERE hash='{$hash}' AND touid='{$_SGLOBAL['supe_uid']}'");
showmessage('do_success');
} else {
showmessage('no_privilege');
}
while ($row = $_SGLOBAL['db']->fetch_array($query)) {
if (!strcmp($row['uid'], $_GET['uid'])) {
$space = getspace($_GET['uid']);
if (empty($space)) {
showmessage('space_does_not_exist');
}
include template("invite");
return;
}
}
} else {
if (empty($_GET['type']) && !empty($_GET['u'])) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('emailinvite') . " where uid='" . $_GET['u'] . "'");
while ($row = $_SGLOBAL['db']->fetch_array($query)) {
if (!strcmp($row['uid'], $_GET['u'])) {
$space = getspace($_GET['u']);
if (empty($space)) {
showmessage('space_does_not_exist');
}
include template("invite");
return;
}
}
}
}
if (!empty($_GET['type']) && !strcmp($_GET['type'], 'mobile')) {
$var = $_POST['var'];
$mobile = $_POST['mobile'];
$flag = false;
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('mobileinvite') . " WHERE uid=" . $_GET['uid'] . " and mobile=" . $mobile . " and var=" . $var);
while ($row = $_SGLOBAL['db']->fetch_array($query)) {
} else {
if (!checkperm('allowshare')) {
showmessage('no_privilege');
}
//实名认证
ckrealname('share');
//新用户见习
cknewuser();
$type = empty($_GET['type']) ? '' : $_GET['type'];
$id = empty($_GET['id']) ? 0 : intval($_GET['id']);
$note_uid = 0;
$note_message = '';
$arr = array();
switch ($type) {
case 'space':
$cspace = getspace($id);
if (empty($cspace)) {
showmessage('space_does_not_exist');
}
//黑名单
if (isblacklist($cspace['uid'])) {
showmessage('is_blacklist');
}
$arr['title_template'] = cplang('share_space');
$arr['body_template'] = '<b>{username}</b><br>{reside}<br>{spacenote}';
$arr['body_data'] = array('username' => "<a href=\"space.php?uid={$id}\">" . $_SN[$cspace['uid']] . "</a>", 'reside' => $cspace['resideprovince'] . $cspace['residecity'], 'spacenote' => $cspace['spacenote']);
$arr['image'] = avatar($id, 'middle');
$arr['image_link'] = "space.php?uid={$id}";
//通知
$note_uid = $id;
$note_message = cplang('note_share_space');
$rw_count = count($rws);
for ($rw_i = 1; $rw_i < $rw_count; $rw_i = $rw_i + 2) {
$_GET[$rws[$rw_i]] = empty($rws[$rw_i + 1]) ? '' : $rws[$rw_i + 1];
}
}
unset($_GET['rewrite']);
}
//允许的方法
$acs = array('space', 'doing', 'blog', 'album', 'mtag', 'thread', 'share');
$ac = empty($_GET['ac']) || !in_array($_GET['ac'], $acs) ? 'index' : $_GET['ac'];
$theurl = "network.php?ac={$ac}";
//是否公开
if (empty($_SCONFIG['networkpublic'])) {
checklogin();
}
$space = $_SGLOBAL['supe_uid'] ? getspace($_SGLOBAL['supe_uid']) : array();
//数据处理
include_once S_ROOT . "./source/network_{$ac}.php";
//菜单激活
$menuactives = array('network' => ' class="active"');
//应用列表
@(include_once S_ROOT . './uc_client/data/cache/apps.php');
//模板调用
$actives = array($ac => ' class="active"');
include_once template("network_{$ac}");
//判断搜索积分
function cksearchcredit($ac)
{
global $space, $gets;
//搜索积分
$paycredit = creditrule('pay', 'search');
if ($count) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('doing') . " {$f_index}\r\n\t\tWHERE {$wheresql}\r\n\t\tORDER BY dateline DESC\r\n\t\tLIMIT {$start},{$perpage}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value['uid'], $value['username']);
$doids[] = $value['doid'];
$list[] = $value;
}
}
//单条处理
if ($doid) {
$dovalue = empty($list) ? array() : $list[0];
if ($dovalue) {
if ($dovalue['uid'] == $_SGLOBAL['supe_uid']) {
$actives = array('me' => ' class="active"');
} else {
$space = getspace($dovalue['uid']);
//对方的空间
$actives = array('all' => ' class="active"');
}
}
}
//回复
if ($doids) {
$values = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('docomment') . " WHERE doid IN (" . simplode($doids) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$values[$value['dateline']] = $value;
}
//排序
ksort($values);
include_once S_ROOT . './source/class_tree.php';
include_once 'do_mobileverify.php';
include_once 'function_mobileapi.php';
//$userid=trim($_POST["sess_userid"]);
$perpage = empty($_POST['count']) ? 15 : intval($_POST['count']);
//$perpage = 20;
//$userid=3;
$page = empty($_POST['page']) ? 0 : intval($_POST['page']);
$time = empty($_POST['dateline']) ? 0 : intval(trim($_POST['dateline']));
//$time = 0;
//$page=3;
if ($page < 1) {
$page = 1;
}
$start = ($page - 1) * $perpage;
$result = array();
$space = getspace($userid, 'uid');
//$DBstarttime = time();
if ($space[feedfriend]) {
$wheresql = "uid IN (0,{$space['feedfriend']},{$space['uid']}) and dateline>{$time}";
} else {
$wheresql = "1";
}
$wheresql .= " and (body_template not like '%{eventname}%' and body_template not like '%{option}%') and icon in ('doing','blog','arrangement','thread','share','album')";
chdir(dirname(dirname(dirname(__FILE__))));
// go the ihome dir.
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('feed') . " USE INDEX(dateline) WHERE " . $wheresql . " ORDER BY dateline DESC LIMIT " . $start . "," . $perpage);
//$DBendtime = time();
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value[uid], $value[username]);
// start by an, modified by xuxing. 2013-3-27.
//deal with the image size, if the picture is from ihome-self, get the thumb pic, if from foreign site, resize it.
}
if ($op == 'send' || $op == 'reply') {
if (!checkperm('allowpoke')) {
ckspacelog();
showmessage('no_privilege');
}
//实名认证
ckrealname('poke');
//新用户见习
cknewuser();
$tospace = array();
//获取对象
if ($uid) {
$tospace = getspace($uid);
} elseif ($_POST['username']) {
$tospace = getspace($_POST['username'], 'username');
}
//视频认证
if ($tospace['videostatus']) {
ckvideophoto('poke', $tospace);
}
//黑名单
if ($tospace && isblacklist($tospace['uid'])) {
showmessage('is_blacklist');
}
//打招呼
if (submitcheck('pokesubmit')) {
if (empty($tospace)) {
showmessage('space_does_not_exist');
}
$oldpoke = getcount('poke', array('uid' => $uid, 'fromuid' => $_SGLOBAL['supe_uid']));
$inserts[] = "('{$value['fuid']}', '{$mtag['tagid']}', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '{$_SGLOBAL['timestamp']}')";
}
}
}
if ($inserts) {
$_SGLOBAL['db']->query("REPLACE INTO " . tname('mtaginvite') . " (uid,tagid,fromuid,fromusername,dateline) VALUES " . implode(',', $inserts));
}
showmessage('do_success', "cp.php?ac=mtag&op=manage&tagid={$tagid}&subop=invite&page={$_GET['page']}&group={$_GET['group']}&start={$_GET['start']}");
} elseif (submitcheck('membersubmit')) {
//人员管理
mtag_managemember($mtag, array($_GET['uid']), $_POST['grade']);
showmessage('do_success', $_POST['refer'], 0);
}
//编辑用户
if ($_GET['subop'] == 'member') {
$tagspace = getspace(intval($_GET['uid']));
$grades = array($tagspace['grade'] => ' selected');
} elseif ($_GET['subop'] == 'members') {
//分页
$perpage = 24;
$start = empty($_GET['start']) ? 0 : intval($_GET['start']);
$list = array();
$count = 0;
//检索
$wheresql = '';
$_GET['key'] = stripsearchkey($_GET['key']);
if ($_GET['key']) {
$wheresql = " AND username LIKE '%{$_GET['key']}%' ";
}
//检查开始数
ckstart($start, $perpage);
$get = empty($_SERVER['QUERY_STRING']) ? '' : $_SERVER['QUERY_STRING'];
if ($_GET['app']) {
$reward['credit'] = '';
}
if ($_GET['u'] && empty($reward['credit'])) {
//Free invitation
$invite['uid'] = $_GET['u'];
$theurl = "invite.php?u={$_GET['u']}&app={$_GET['app']}&c={$_GET['c']}";
$url_plus = "uid={$invite['uid']}&app={$_GET['app']}&code={$_GET['c']}";
} else {
$invite = getinvite($get);
$theurl = "invite.php?{$get}";
$url_plus = "uid={$invite['uid']}&invite={$invite['code']}";
}
//Get Invited member
$space = getspace($invite['uid']);
if (empty($space)) {
showmessage('space_does_not_exist');
}
//Check the invite code
if ($_GET['u'] && empty($reward['credit'])) {
if ($_GET['c'] != space_key($space, $_GET['app'])) {
showmessage('invite_code_error');
}
}
//Check for self-invite
if ($space['self']) {
showmessage('should_not_invite_your_own');
}
$space['isfriend'] = 0;
if ($_SGLOBAL['supe_uid'] && $space['friends'] && in_array($_SGLOBAL['supe_uid'], $space['friends'])) {
$appid = empty($_G['gp_id']) ? '' : intval($_G['gp_id']);
if ($appid) {
$mod = 'app';
}
$discuz->cachelist = $cachelist;
$discuz->init();
if (empty($_G['uid']) && $mod != 'index') {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
dsetcookie('_refer', rawurlencode($_SERVER['REQUEST_URI']));
} else {
dsetcookie('_refer', rawurlencode('userapp.php'));
}
showmessage('to_login', null, array(), array('showmsg' => true, 'login' => 1));
}
if (empty($_G['setting']['my_app_status'])) {
showmessage('no_privilege_my_app_status', '', array(), array('return' => true));
}
if ($mod != 'index' && !checkperm('allowmyop')) {
showmessage('no_privilege', '', array(), array('return' => true));
}
$space = $_G['uid'] ? getspace($_G['uid']) : array();
define('CURMODULE', 'userapp');
runhooks();
getuserapp();
$navtitle = str_replace('{bbname}', $_G['setting']['bbname'], $_G['setting']['seotitle']['userapp']);
if (!$navtitle) {
$navtitle = $_G['setting']['navs'][5]['navname'];
} else {
$nobbname = true;
}
require_once libfile('userapp/' . $mod, 'module');
if (!empty($blog['noreply'])) {
showmessage('do_not_accept_comments');
}
if ($blog['target_ids']) {
$blog['target_ids'] .= ",{$blog['uid']}";
}
$hotarr = array('blogid', $blog['blogid'], $blog['hotuser']);
$stattype = 'blogcomment';
break;
case 'sid':
$query = DB::query("SELECT * FROM " . DB::table('home_share') . " WHERE sid='{$id}'");
$share = DB::fetch($query);
if (empty($share)) {
showmessage('sharing_does_not_exist');
}
$tospace = getspace($share['uid']);
$hotarr = array('sid', $share['sid'], $share['hotuser']);
$stattype = 'sharecomment';
break;
default:
showmessage('non_normal_operation');
break;
}
if (empty($tospace)) {
showmessage('space_does_not_exist', '', array(), array('return' => true));
}
if ($tospace['videophotostatus']) {
if ($idtype == 'uid') {
ckvideophoto('wall', $tospace);
} else {
ckvideophoto('comment', $tospace);
$actives = array($op => ' class="active"');
if ($op == 'add') {
if (!checkperm('allowfriend')) {
ckspacelog();
showmessage('no_privilege');
}
//检测用户
if ($uid == $_SGLOBAL['supe_uid']) {
showmessage('friend_self_error');
}
if ($space['friends'] && in_array($uid, $space['friends'])) {
showmessage('you_have_friends');
}
//实名认证
ckrealname('friend');
$tospace = getspace($uid);
if (empty($tospace)) {
showmessage('space_does_not_exist');
}
//黑名单
if (isblacklist($tospace['uid'])) {
showmessage('is_blacklist');
}
//用户组
$groups = getfriendgroup();
//检测现在状态
$status = getfriendstatus($_SGLOBAL['supe_uid'], $uid);
if ($status == 1) {
showmessage('you_have_friends');
} else {
//检查数目
function callback($module, $method, $params) {
global $_SGLOBAL;
if (isset($params['uId'])) {
$space = getspace($params['uId']);
if ($this->_needCheckUserId($module, $method)) {
if (!$space['uid']) {
$errCode = 1;
$errMessage = "User($params[uId]) Not Exists";
return new APIErrorResponse($errCode, $errMessage);
}
}
}
$_SGLOBAL['supe_uid'] = $space['uid'];
$_SGLOBAL['supe_username'] = $space['username'];
@include_once S_ROOT . './api/class/' . $module . '.php';
if (!class_exists($module)) {
$errCode = 3;
$errMessage = "Class($module) Not Exists";
return new APIErrorResponse($errCode, $errMessage);
}
$class = new $module();
$response = @call_user_func_array(array(&$class, $method), $params);
return $response;
}
include_once './common.php';
include_once S_ROOT . './source/function_admincp.php';
//是否关闭站点
checkclose();
//需要登录
if (empty($_SGLOBAL['supe_uid'])) {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
ssetcookie('_refer', rawurlencode($_SERVER['REQUEST_URI']));
} else {
ssetcookie('_refer', rawurlencode('admincp.php?ac=' . $_GET['ac']));
}
// showmessage('to_login', 'do.php?ac='.$_SCONFIG['login_action']); //原始版
showmessage('to_login', 'OpenID.call.php');
//OpenID登陆
}
$space = getspace($_SGLOBAL['supe_uid']);
if (empty($space)) {
showmessage('space_does_not_exist');
}
if (checkperm('banvisit')) {
ckspacelog();
showmessage('you_do_not_have_permission_to_visit');
}
$isfounder = ckfounder($_SGLOBAL['supe_uid']);
$acs = array(array('index', 'config', 'privacy', 'ip', 'spam', 'hotuser', 'defaultuser', 'usergroup', 'credit', 'magic', 'magiclog', 'profield', 'ad', 'userapp'), array('tag', 'mtag', 'event', 'report', 'space'), array('cache', 'network', 'profilefield', 'eventclass', 'click', 'task', 'censor', 'stat', 'block', 'cron', 'app', 'log'), array('feed', 'blog', 'album', 'pic', 'comment', 'thread', 'post', 'doing', 'share', 'poll'));
if (!empty($_SC['allowedittpl']) && $isfounder) {
$acs[2][] = 'template';
}
if ($isfounder) {
$acs[2][] = 'backup';
}
function sendmail_touser($touid, $subject, $message, $mailtype = '')
{
global $_G;
if (empty($_G['setting']['sendmailday'])) {
return false;
}
require_once libfile('function/home');
$tospace = getspace($touid);
if (empty($tospace['email'])) {
return false;
}
space_merge($tospace, 'field_home');
space_merge($tospace, 'status');
$acceptemail = $tospace['acceptemail'];
if (!empty($acceptemail[$mailtype]) && $_G['timestamp'] - $tospace['lastvisit'] > $_G['setting']['sendmailday'] * 86400) {
if (empty($tospace['lastsendmail'])) {
$tospace['lastsendmail'] = $_G['timestamp'];
}
$sendtime = $tospace['lastsendmail'] + $acceptemail['frequency'];
$query = DB::query("SELECT * FROM " . DB::table('common_mailcron') . " WHERE touid='{$touid}' LIMIT 1");
if ($value = DB::fetch($query)) {
$cid = $value['cid'];
if ($value['sendtime'] < $sendtime) {
$sendtime = $value['sendtime'];
}
DB::update('common_mailcron', array('email' => addslashes($tospace['email']), 'sendtime' => $sendtime), array('cid' => $cid));
} else {
$cid = DB::insert('common_mailcron', array('touid' => $touid, 'email' => addslashes($tospace['email']), 'sendtime' => $sendtime), 1);
}
$message = preg_replace("/href\\=\"(?!http\\:\\/\\/)(.+?)\"/i", 'href="' . $_G['siteurl'] . '\\1"', $message);
$setarr = array('cid' => $cid, 'subject' => addslashes($subject), 'message' => addslashes($message), 'dateline' => $_G['timestamp']);
DB::insert('common_mailqueue', $setarr);
return true;
}
return false;
}
function smail($touid, $email, $subject, $message='', $mailtype='') {
global $_SGLOBAL, $_SCONFIG;
$cid = 0;
if($touid && $_SCONFIG['sendmailday']) {
//获得空间
$tospace = getspace($touid);
if(empty($tospace)) return false;
$sendmail = empty($tospace['sendmail'])?array():unserialize($tospace['sendmail']);
if($tospace['emailcheck'] && $tospace['email'] && $_SGLOBAL['timestamp'] - $tospace['lastlogin'] > $_SCONFIG['sendmailday']*86400 && (empty($sendmail) || !empty($sendmail[$mailtype]))) {
//获得下次发送时间
if(empty($tospace['lastsend'])) {
$tospace['lastsend'] = $_SGLOBAL['timestamp'];
}
if(!isset($sendmail['frequency'])) $sendmail['frequency'] = 604800;//1周
$sendtime = $tospace['lastsend'] + $sendmail['frequency'];
//检查是否存在当前用户队列
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mailcron')." WHERE touid='$touid' LIMIT 1");
if($value = $_SGLOBAL['db']->fetch_array($query)) {
$cid = $value['cid'];
if($value['sendtime'] < $sendtime) $sendtime = $value['sendtime'];
updatetable('mailcron', array('email'=>addslashes($tospace['email']), 'sendtime'=>$sendtime), array('cid'=>$cid));
} else {
$cid = inserttable('mailcron', array('touid'=>$touid, 'email'=>addslashes($tospace['email']), 'sendtime'=>$sendtime), 1);
}
}
} elseif($email) {
//直接插入邮件
$email = getstr($email, 80, 1, 1);
//检查是否存在当前队列
$cid = 0;
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mailcron')." WHERE email='$email' LIMIT 1");
if($value = $_SGLOBAL['db']->fetch_array($query)) {
$cid = $value['cid'];
} else {
$cid = inserttable('mailcron', array('email'=>$email), 1);
}
}
if($cid) {
//插入邮件内容队列
$setarr = array(
'cid' => $cid,
'subject' => addslashes(stripslashes($subject)),
'message' => addslashes(stripslashes($message)),
'dateline' => $_SGLOBAL['timestamp']
);
inserttable('mailqueue', $setarr);
}
}
<?php
if (!defined('IN_UCHOME')) {
exit('Access Denied');
}
$friends = array();
//Get all your friends usernames
$query = $_SGLOBAL['db']->query("SELECT fusername\r\n FROM " . tname('friend') . "\r\n WHERE uid={$_SGLOBAL['supe_uid']}\r\n AND status='1'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$value['fusername'] = saddslashes($value['fusername']);
$friends[] = $value['fusername'];
}
$friendstr = implode(',', $friends);
//For rebate of information
$touid = (int) $_GET['uid'];
if (!empty($touid)) {
$toInfo = @getspace($touid);
if (!empty($toInfo['username'])) {
$fusername = $toInfo['username'];
}
}
$giftlist = getGiftList();
// (gift type)
include_once template('gift/view/index');
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
$result = DB::fetch_first("SELECT * FROM " . DB::table('common_setting') . " WHERE skey='profilegroup'");
$defaultop = '';
if (!empty($result['svalue'])) {
$profilegroup = unserialize($result['svalue']);
foreach ($profilegroup as $key => $value) {
if ($value['available']) {
$defaultop = $key;
break;
}
}
}
$operation = in_array($_GET['op'], array('base', 'contact', 'edu', 'work', 'info', 'password', 'verify')) ? trim($_GET['op']) : $defaultop;
$space = getspace($_G['uid']);
space_merge($space, 'field_home');
space_merge($space, 'profile');
$seccodecheck = $_G['setting']['seccodestatus'] & 8;
$secqaacheck = $_G['setting']['secqaa']['status'] & 4;
$_G['group']['seccode'] = 1;
@(include_once DISCUZ_ROOT . './data/cache/cache_domain.php');
$spacedomain = isset($rootdomain['home']) && $rootdomain['home'] ? $rootdomain['home'] : array();
if ($operation != 'password') {
include_once libfile('function/profile');
loadcache('profilesetting');
if (empty($_G['cache']['profilesetting'])) {
require_once libfile('function/cache');
updatecache('profilesetting');
loadcache('profilesetting');
}
returnflag($arrs);
} elseif ($event['grade'] <= 0) {
$arrs = array('flag' => 'event_under_verify');
//活动未通过审核
returnflag($arrs);
}
if (!$event['allowpost']) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("userevent") . " WHERE eventid='{$id}' AND uid='{$_SGLOBAL['supe_uid']}' LIMIT 1");
$value = $_SGLOBAL['db']->fetch_array($query);
if (empty($value) || $value['status'] < 2) {
$arrs = array('flag' => 'no_privilege');
returnflag($arrs);
}
}
//检索空间
$tospace = getspace($event['uid']);
$hotarr = array('eventid', $event['eventid'], $event['hotuser']);
$stattype = 'eventcomment';
//统计
break;
default:
$arrs = array('flag' => 'failed');
returnflag($arrs);
break;
}
//黑名单
if (isblacklist($tospace['uid'])) {
$arrs = array('flag' => 'is_blacklist');
returnflag($arrs);
}
if ($idtype == 'doid') {
