addErrorMessage($message, '', 'error');
}
}
$faqClass = new faq();
if (check_login_bool() && $item['user_id'] == $_SESSION['user']['user_id'] && isset($_GET['del']) && is_numeric($_GET['del'])) {
$faqClass->delete($_GET['del'], $itemID);
refresh('/' . $languageURL . 'items/faq/' . $itemID . '/', $langArray['complete_delete_faq'], 'complete');
}
#加载FAQ
$faq = $faqClass->getAll($itemID);
abr('faq', $faq);
#标签标记作品
require_once ROOT_PATH . '/apps/items/controllers/bookmark.php';
#是否免费文件
if ($item['free_file'] == 'true') {
abr('freeFileMessage', langMessageReplace($langArray['free_file_info'], array('URL' => '/' . $languageURL . 'users/downloads/' . $item['id'])));
}
#加载其它作品
$otherItems = $itemsClass->getAll(0, 6, " `status` = 'active' AND `id` <> '" . intval($itemID) . "' AND `user_id` = '" . intval($item['user_id']) . "' ", "RAND()");
abr('otherItems', $otherItems);
if (!is_array($otherItems)) {
abr('otherItemsCount', 0);
} else {
abr('otherItemsCount', count($otherItems));
}
#加载属性
require_once ROOT_PATH . '/apps/attributes/models/attributes.class.php';
$attributesClass = new attributes();
$attributes = $attributesClass->getAll(0, 0, $itemsClass->attributesWhere);
abr('attributes', $attributes);
$attributeCategories = $attributesClass->getAllCategories(0, 0, $itemsClass->attributeCategoriesWhere);
header("Content-Transfer-Encoding: binary");
header('Expires: 0');
// @ob_clean();
@flush();
if ($ordersClass->row['extended'] == 'true') {
$licence = $langArray['one_extended_licence'];
} else {
$licence = $langArray['one_regular_licence'];
}
$usersClass = new users();
$user = $usersClass->get($item['user_id']);
# 作者后4位
$auth = substr($user['username'], -4);
#买家后4位
$buy = substr($_SESSION['user']['username'], -4);
echo langMessageReplace($langArray['licence_text'], array('licence_type' => '共享许可', 'DOMAIN' => $config['domain'], 'LICENCE' => $licence, 'USERNAME' => $user['username'], 'nickname' => $_SESSION['user']['username'], 'ITEMNAME' => $item['name'], 'ITEMID' => $item['id'], 'LANGUAGEURL' => $languageURL, 'ORDERID' => $auth . '-' . $buy . '-' . $ordersClass->row['id']));
die;
} else {
refresh('/' . $languageURL . 'download/', $langArray['error_certificate'], 'error');
}
}
if ($ordersClass->isBuyed($item['id']) || $item['free_file'] == 'true') {
if (file_exists(DATA_SERVER_PATH . '/uploads/items/' . $item['id'] . '/' . $item['main_file'])) {
$fileInfo = pathinfo(DATA_SERVER_PATH . '/uploads/items/' . $item['id'] . '/' . $item['main_file']);
$mimeTypes = array('zip' => 'application/zip');
if (isset($mimeTypes[$fileInfo['extension']])) {
header('Content-Type: ' . $mimeTypes[$fileInfo['extension']]);
} else {
header('Content-Type: application/octet-stream');
}
header('Content-Disposition: attachment; filename="' . $item['main_file_name'] . '"');
public function sendEmail()
{
global $mysql, $langArray, $user, $config;
if (!isset($_POST['message']) || trim($_POST['message']) == '') {
return $langArray['error_not_set_message'];
}
$mysql->query("\n\t\t\tINSERT INTO `users_emails` (\n\t\t\t\t`from_id`,\n\t\t\t\t`from_email`,\n\t\t\t\t`to_id`,\n\t\t\t\t`message`,\n\t\t\t\t`datetime`\n\t\t\t)\n\t\t\tVALUES (\n\t\t\t\t'" . intval($_SESSION['user']['user_id']) . "',\n\t\t\t\t'" . sql_quote($_SESSION['user']['email']) . "',\n\t\t\t\t'" . intval($user['user_id']) . "',\n\t\t\t\t'" . sql_quote($_POST['message']) . "',\n\t\t\t\tNOW()\n\t\t\t)\n\t\t");
#发送邮件
require_once ENGINE_PATH . '/classes/email.class.php';
$emailClass = new email();
$emailClass->fromEmail = 'no-reply@' . $config['domain'];
$emailClass->subject = '[' . $config['domain'] . '] ' . $langArray['email_profile_subject'];
$emailClass->message = langMessageReplace($langArray['email_profile_text'], array('USERNAME' => $_SESSION['user']['username'], 'EMAIL' => $_SESSION['user']['email'], 'MESSAGE' => $_POST['message']));
$emailClass->to($user['email']);
$emailClass->send();
unset($emailClass);
return true;
}
<?php
// +----------------------------------------------------------------------
// | Demila [ Beautiful Digital Content Trading System ]
// +----------------------------------------------------------------------
// | Copyright (c) 2015 http://demila.org All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Email author@demila.org
// +----------------------------------------------------------------------
_setView(__FILE__);
$bulletinID = get_id(2);
$bulletinClass = new bulletin();
$bulletin = $bulletinClass->get($bulletinID);
if (!is_array($bulletin)) {
refresh('/' . $languageURL);
}
abr('bulletin', $bulletin);
$template = $bulletinClass->getTemplate();
abr('bulletin', langMessageReplace($template, array('DOMAIN' => $config['domain'], 'BULLETINID' => $bulletinID, 'EMAIL' => 'noemail', 'CONTENT' => $bulletin['text'])));
_setTitle($langArray['statement_setTitle']);
if (!check_login_bool()) {
$_SESSION['temp']['golink'] = '/' . $languageURL . 'statement/';
refresh('/' . $languageURL . 'sign_in/');
}
if (!isset($_GET['month'])) {
$_GET['month'] = date('m');
}
if (!isset($_GET['year'])) {
$_GET['year'] = date('Y');
}
if (!checkdate($_GET['month'], 1, $_GET['year'])) {
$_GET['month'] = date('m');
$_GET['year'] = date('Y');
}
abr('download_csv_info', langMessageReplace($langArray['download_csv_info'], array('URL' => '/' . $languageURL . 'users/statement/?month=' . $_GET['month'] . '&$year=' . $_GET['year'] . '&export')));
$registrationDate = explode(' ', $_SESSION['user']['register_datetime']);
$registrationDate = explode('-', $registrationDate[0]);
abr('registrationDate', $registrationDate);
$today['month'] = date('m');
$today['year'] = date('Y') + 1;
abr('today', $today);
$nav['prev']['month'] = date('m', mktime(0, 0, 0, $_GET['month'] - 1, 1, $_GET['year']));
$nav['prev']['year'] = date('Y', mktime(0, 0, 0, $_GET['month'] - 1, 1, $_GET['year']));
$nav['next']['month'] = date('m', mktime(0, 0, 0, $_GET['month'] + 1, 1, $_GET['year']));
$nav['next']['year'] = date('Y', mktime(0, 0, 0, $_GET['month'] + 1, 1, $_GET['year']));
if ($nav['prev']['month'] < $registrationDate[1] && $nav['prev']['year'] <= $registrationDate[0]) {
$nav['prev']['show'] = 'false';
} else {
$nav['prev']['show'] = 'true';
}
public function unapproveDeleteUpdate($id)
{
global $mysql, $item, $data, $langArray, $config, $meta;
if (!isset($_POST['comment_to_user']) || trim($_POST['comment_to_user']) == '') {
return $langArray['error_set_comment_to_user'];
}
$setQuery = '';
//获取当前作品历史数据
$mysql->query("\n\t\t\tSELECT *\n\t\t\tFROM `temp_items`\n\t\t\tWHERE `item_id` = '" . intval($item['id']) . "'\n\t\t\tLIMIT 1\n\t\t");
$temp_item_data = $mysql->fetch_array();
//回滚作品
$mysql->query("\n\t\t\tUPDATE `items`\n\t\t\tSET \n\t\t\t`status` = 'active'\n\t\t\tWHERE `id` = '" . intval($item['id']) . "'\n\t\t\tLIMIT 1\n\t\t");
//检测预览文件状态
if (!empty($temp_item_data['theme_preview'])) {
//删除新增预览图
$this->del_preview($item['id'], true);
//回滚原预览文件
$preview_arr = json_decode($temp_item_data['theme_preview'], 1);
foreach ($preview_arr as $value) {
$this->save_theme_preview($item['id'], $value, 1);
}
}
$this->deleteUpdate($item['id']);
////判断有无客服管理模块
// require_once ROOT_PATH.'/apps/app_extends/models/app_extends.class.php';
//
// $app_extends=new app_extends();
// if($app_extends->is_service()){
// //获取用户信息
// require_once ROOT_PATH.'/apps/users/models/users.class.php';
// $user = new users();
// $user_info = $user->getuserinfoById($item['user_id']);
// //通过用户id获取关联客服
// require_once ROOT_PATH.'/apps/service/models/service.class.php';
// $service = new service();
// $theservice = $service->getserviceByuserid($item['user_id']);
// $item_url = $config['domain'].'/'.$languageURL.'items/'.$item['id'];
// #给用户发邮件
// require_once ENGINE_PATH.'/classes/email.class.php';
// $emailClass = new email();
//
// $emailClass->fromEmail = 'no-reply@'.$config['domain'];
// $emailClass->contentType = 'text/html';
// $emailClass->subject = '你的作品['.$item['name'].']更新被拒绝';
// $emailClass->message = 'Hi!['.$user_info['username'].']:<br />
// 很抱歉你的作品['.$item['name'].']更新因以下原因被拒绝:<br />
// ['.$_POST['comment_to_user'].']<br />
// 不要失望好么?小编其实也很难过!<br />
// 一定要再接再厉,小编为你加油!<br />
// Fighting!<br />
// <br />
// 专属小编:['.$theservice['user_name'].']<br />
// ['.$meta['meta_title'].']<br />
// ['.date('Y-m-d H:i:s',time()).']<br />';
// require_once ROOT_PATH.'/apps/system/models/system.class.php';
// $system = new system();
// $smtp = $system ->is_smtp();
// $smtpconf=$system->getAllKeyValue();
// if($smtp){
// $emailClass->email_sock($smtpconf["smtp_host"],$smtpconf["smtp_port"],0,'error',10,1,$smtpconf["smtp_user"],$smtpconf["smtp_pass"],$smtpconf["smtp_from"]);
// $emailClass->send_mail_sock($emailClass->subject,$emailClass->message,$user_info['email'],$smtpconf["smtp_from_name"]) ;
// unset($emailClass);
// }else{
// $emailClass->to($user_info['email']);
// $emailClass->send();
// unset($emailClass);
// }
// }else{
#给用户发邮件
require_once ENGINE_PATH . '/classes/email.class.php';
$emailClass = new email();
$emailClass->fromEmail = 'no-reply@' . $config['domain'];
$emailClass->subject = '[' . $config['domain'] . '] ' . $langArray['email_unapprove_delete_item_update_subject'];
$emailClass->message = langMessageReplace($langArray['email_unapprove_delete_item_update_text'], array('THEMENAME' => $item['name'], 'COMMENT' => $_POST['comment_to_user']));
require_once ROOT_PATH . '/apps/system/models/system.class.php';
$system = new system();
$smtp = $system->is_smtp();
$smtpconf = $system->getAllKeyValue();
if ($smtp) {
$emailClass->email_sock($smtpconf["smtp_host"], $smtpconf["smtp_port"], 0, 'error', 10, 1, $smtpconf["smtp_user"], $smtpconf["smtp_pass"], $smtpconf["smtp_from"]);
$emailClass->send_mail_sock($emailClass->subject, $emailClass->message, $user_info['email'], $smtpconf["smtp_from_name"]);
unset($emailClass);
} else {
$emailClass->to($item['user']['email']);
$emailClass->send();
unset($emailClass);
}
// }
return true;
}
public function add($replyTo = 0)
{
global $mysql, $item, $languageURL, $langArray;
if (!isset($_POST['comment']) || trim($_POST['comment']) == '') {
return false;
}
if (!isset($_POST['reply_notification'])) {
$_POST['reply_notification'] = 'false';
} else {
$_POST['reply_notification'] = 'true';
}
$mysql->query("\n\t\t\tINSERT INTO `items_comments` (\n\t\t\t\t`owner_id`,\n\t\t\t\t`item_id`,\n\t\t\t\t`item_name`,\n\t\t\t\t`user_id`,\n\t\t\t\t`comment`,\n\t\t\t\t`datetime`,\n\t\t\t\t`notify`,\n\t\t\t\t`reply_to`\t\t\t\t\n\t\t\t)\n\t\t\tVALUES (\n\t\t\t\t'" . intval($item['user_id']) . "',\n\t\t\t\t'" . intval($item['id']) . "',\n\t\t\t\t'" . sql_quote($item['name']) . "',\n\t\t\t\t'" . intval($_SESSION['user']['user_id']) . "',\n\t\t\t\t'" . sql_quote($_POST['comment']) . "',\n\t\t\t\tNOW(),\n\t\t\t\t'" . sql_quote($_POST['reply_notification']) . "',\n\t\t\t\t'" . intval($replyTo) . "'\n\t\t\t)\n\t\t");
if ($replyTo != 0) {
$comment = $this->get($replyTo);
if ($comment['notify'] == 'true') {
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
$user = $usersClass->get($comment['user_id']);
$emailClass = new email();
$emailClass->to($user['email']);
$emailClass->fromEmail = 'no-reply@' . DOMAIN;
$emailClass->contentType = 'text/html';
$emailClass->subject = "[" . DOMAIN . "] " . $langArray['email_new_reply_subject'];
$emailClass->message = langMessageReplace($langArray['email_new_reply_text'], array('THEMENAME' => $item['name'], 'URL' => 'http://' . DOMAIN . '/' . $languageURL . 'items/comments/' . $item['id']));
$emailClass->send();
unset($emailClass);
}
} else {
#评论
$mysql->query("\n\t\t\t\tUPDATE `items`\n\t\t\t\tSET `comments` = `comments` + 1\n\t\t\t\tWHERE `id` = '" . intval($item['id']) . "'\n\t\t\t\tLIMIT 1\n\t\t\t");
}
return true;
}
public function add()
{
global $mysql, $langArray, $config;
if (!isset($_POST['name']) || trim($_POST['name']) == '') {
$error['name'] = $langArray['error_fill_this_field'];
}
if (!isset($_POST['text']) || trim($_POST['text']) == '') {
$error['text'] = $langArray['error_fill_this_field'];
}
if (!isset($_POST['send_to']) || trim($_POST['send_to']) == '') {
$error['send_to'] = $langArray['error_fill_this_field'];
}
if (isset($_POST['send_to']) && $_POST['send_to'] == 'city' && (!isset($_POST['city_id']) || !is_numeric($_POST['city_id']))) {
$error['city'] = $langArray['error_fill_this_field'];
}
if (isset($_POST['send_to']) && $_POST['send_to'] == 'group' && (!isset($_POST['bgroup_id']) || !is_numeric($_POST['bgroup_id']))) {
$error['group'] = $langArray['error_fill_this_field'];
}
if (isset($error)) {
return $error;
}
$sendID = 0;
if ($_POST['send_to'] == 'city') {
$sendID = $_POST['city_id'];
} elseif ($_POST['send_to'] == 'group') {
$sendID = $_POST['bgroup_id'];
}
$mysql->query("\n\t\t\tINSERT INTO `bulletin` (\n\t\t\t\t`name`,\n\t\t\t\t`text`,\n\t\t\t\t`datetime`,\n\t\t\t\t`send_to`,\n\t\t\t\t`send_id`\n\t\t\t)\n\t\t\tVALUES (\n\t\t\t\t'" . sql_quote($_POST['name']) . "',\n\t\t\t\t'" . sql_quote($_POST['text']) . "',\n\t\t\t\tNOW(),\n\t\t\t\t'" . sql_quote($_POST['send_to']) . "',\n\t\t\t\t'" . intval($sendID) . "'\n\t\t\t)\n\t\t", __FUNCTION__);
$bulletinID = $mysql->insert_id();
#加载订阅列表
if ($_POST['send_to'] == 'city') {
$mysql->query("\n\t\t\t\tSELECT *\n\t\t\t\tFROM `users`\n\t\t\t\tWHERE `city_id` = '" . intval($_POST['city_id']) . "' AND `bulletin_subscribe` = 'true'\n\t\t\t");
if ($mysql->num_rows() > 0) {
while ($d = $mysql->fetch_array()) {
$emails[] = $d['email'];
}
}
}
#加载分组
if ($_POST['send_to'] == 'group') {
$mysql->query("\n\t\t\t\tSELECT u.*\n\t\t\t\tFROM `bulletin_users` AS bg\t\t\t\t\n\t\t\t\tJOIN `users` AS u\n\t\t\t\tON u.`user_id` = bg.`user_id` AND u.`bulletin_subscribe` = 'true'\n\t\t\t\tWHERE bg.`bulletingroup_id` = '" . intval($_POST['bgroup_id']) . "'\n\t\t\t");
if ($mysql->num_rows() > 0) {
while ($d = $mysql->fetch_array()) {
$emails[] = $d['email'];
}
}
}
#加载全部
if ($_POST['send_to'] == 'active') {
$mysql->query("\n\t\t\t\tSELECT *\n\t\t\t\tFROM `users`\n\t\t\t\tWHERE `bulletin_subscribe` = 'true'\n\t\t\t");
if ($mysql->num_rows() > 0) {
while ($d = $mysql->fetch_array()) {
$emails[] = $d['email'];
}
}
}
#加载全部
if ($_POST['send_to'] == 'admins') {
$mysql->query("\n\t\t\t\tSELECT *\n\t\t\t\tFROM `admins`\n\t\t\t\tWHERE `bulletin_subscribe` = 'true'\n\t\t\t");
if ($mysql->num_rows() > 0) {
while ($d = $mysql->fetch_array()) {
$emails[] = $d['email'];
}
}
}
#加载全部
if ($_POST['send_to'] == 'site') {
$mysql->query("\n\t\t\t\tSELECT *\n\t\t\t\tFROM `bulletin_emails`\n\t\t\t\tWHERE `bulletin_subscribe` = 'true'\n\t\t\t");
if ($mysql->num_rows() > 0) {
while ($d = $mysql->fetch_array()) {
$emails[] = $d['email'];
}
}
}
#获取模板
$mysql->query("\n\t\t\tSELECT *\n\t\t\tFROM `bulletin_template`\n\t\t\tORDER BY `id` DESC\n\t\t\tLIMIT 1\n\t\t");
if ($mysql->num_rows() > 0) {
$template = $mysql->fetch_array();
$template = $template['template'];
} else {
$template = '{$CONTENT}';
}
if (isset($emails)) {
require_once $config['system_core'] . 'classes/email.class.php';
foreach ($emails as $email) {
$mail = new email();
$mail->fromEmail = 'no-reply@' . $config['domain'];
$mail->to($email);
$mail->subject = '[' . $config['domain'] . '] ' . $_POST['name'];
$mail->contentType = 'text/html';
$mail->message = langMessageReplace($template, array('DOMAIN' => $config['domain'], 'BULLETINID' => $bulletinID, 'EMAIL' => $email, 'CONTENT' => $_POST['text']));
require_once ROOT_PATH . '/apps/system/models/system.class.php';
$system = new system();
$smtp = $system->is_smtp();
$smtpconf = $system->getAllKeyValue();
if ($smtp) {
$mail->email_sock($smtpconf["smtp_host"], $smtpconf["smtp_port"], 0, 'error', 10, 1, $smtpconf["smtp_user"], $smtpconf["smtp_pass"], $smtpconf["smtp_from"]);
$mail->send_mail_sock($mail->subject, $mail->message, $email, $smtpconf["smtp_from_name"]);
unset($emailClass);
} else {
$mail->send();
}
unset($mail);
}
}
return true;
}
$data["msg"] = $langArray['update_none'];
}
}
}
} else {
if (substr(sprintf('%o', fileperms($_SERVER['DOCUMENT_ROOT'])), -4) != '0777') {
$data["msg"] = $langArray['update_server'];
} else {
require_once ROOT_PATH . '/classes/Http.class.php';
$http = new Http();
$url = $langArray['index'] . '/getversion';
$version = $http->curlGet($url);
$version = strstr($version, '[{');
$version = json_decode($version, 1);
$version = $version[0]["content"];
$link = langMessageReplace($langArray['update_add'], array('version' => $version));
if (file_exists("update.zip")) {
unlink('update.zip');
}
$state = getFile($link, $config['root_path'], 'update.zip', 0);
if ($state) {
$data["msg"] = $langArray['update_none'];
require_once $config['root_path'] . '/core/classes/pclzip.lib.php';
$zip = new PclZip($config['root_path'] . '/update.zip');
$zip->extract();
if ($zip->extract() == 0) {
$data["msg"] = $langArray['update_none'];
} else {
unlink('update.zip');
if (file_exists("updatedb.php")) {
require_once 'updatedb.php';
$quizClass = new quiz();
$answersClass = new answers();
$questions = $quizClass->getAll(0, 0, '', 'RAND()');
abr('questions', $questions);
$answers = $answersClass->getAll(0, 0, '', true);
abr('answers', $answers);
if ($_SESSION['user']['quiz'] != 'false') {
refresh('/' . $languageURL . 'author_dashboard/');
}
#检查测验
if (isset($_POST['submit'])) {
$rightAnswers = 0;
if (isset($_POST['answers']) && is_array($_POST['answers'])) {
foreach ($_POST['answers'] as $question => $answer) {
if (isset($answers[$question][$answer]) && $answers[$question][$answer]['right'] == 'true') {
$rightAnswers++;
}
}
}
if ($rightAnswers > 0 && count($questions) == $rightAnswers) {
$_SESSION['user']['quiz'] = 'true';
require_once ROOT_PATH . '/apps/users/models/users.class.php';
$usersClass = new users();
$usersClass->updateQuiz($_SESSION['user']['user_id'], 'true');
refresh('/' . $languageURL . 'users/dashboard/', $langArray['complete_score_quiz'], 'complete');
} else {
addErrorMessage(langMessageReplace($langArray['error_quiz'], array('RIGHT' => $rightAnswers, 'TOTAL' => count($questions))), '', 'error');
}
}
#面包屑
abr('breadcrumb', '<a href="/' . $languageURL . '" title="">' . $langArray['home'] . '</a> \\ <a href="/' . $languageURL . 'quiz/" title="">' . $langArray['quiz'] . '</a>');