ckstart($start, $perpage);
function get_ad($adid)
{
global $_SGLOBAL;
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('ad4dev') . " WHERE id={$adid}");
$ad = $_SGLOBAL['db']->fetch_array($query);
return $ad;
}
if (submitcheck('adsubmit')) {
$id = $_POST['id'] ? $_POST['id'] : '0';
$title = trim($_POST['title']);
$url = trim($_POST['url']);
$image = '';
$title = getstr($title, 30, 1, 1, 1);
if ($_FILES['image']['tmp_name']) {
$pic = pic_save($_FILES['image'], -1, $title);
if (is_array($pic) && $pic['filepath']) {
$image = $pic['filepath'];
}
}
$adarr = array('title' => $title, 'url' => $url, 'display' => 1, 'modified_on' => date('Y-m-d H:i'));
if ($image) {
$adarr['image'] = $image;
}
if ($id) {
updatetable('ad4dev', $adarr, array('id' => $id));
} else {
$adarr['created_on'] = date('Y-m-d H:i');
$id = inserttable('ad4dev', $adarr, 1);
updatetable('ad4dev', array('seq' => $id), array('id' => $id));
}
$blockdata['currentlayout'] = $currentlayout;
$setarr['spacecss'] = daddslashes($spacecss);
$setarr['blockposition'] = daddslashes(serialize($blockdata));
$setarr['theme'] = $style;
DB::update('common_member_field_home', $setarr, "uid = {$_G['uid']}");
showmessage('do_success', 'home.php?mod=space' . ($_G['adminid'] == 1 && $_G['setting']['allowquickviewprofile'] ? '&view=admin' : ''));
}
if (submitcheck('uploadsubmit')) {
$albumid = $picid = 0;
if (!checkperm('allowupload')) {
echo "<script>";
echo "alert(\"" . lang('spacecp', 'not_allow_upload') . "\")";
echo "</script>";
exit;
}
$uploadfiles = pic_save($_FILES['attach'], $_POST['albumid'], $_POST['pic_title'], false);
if ($uploadfiles && is_array($uploadfiles)) {
$albumid = $uploadfiles['albumid'];
$picid = $uploadfiles['picid'];
$uploadStat = 1;
require_once libfile('function/spacecp');
album_update_pic($albumid);
} else {
$uploadStat = $uploadfiles;
}
$picurl = pic_get($uploadfiles['filepath'], 'album', $uploadfiles['thumb'], $uploadfiles['remote']);
echo "<script>";
if ($uploadStat == 1) {
echo "parent.spaceDiy.getdiy('diy', 'albumid', '{$albumid}');";
echo "parent.spaceDiy.setBgImage('{$picurl}');";
echo "parent.Util.toggleEle('upload');";
$teacher = isset($_POST['teacher']) ? intval($_POST['teacher']) : 0;
$alumnus = isset($_POST['alumnus']) ? intval($_POST['alumnus']) : 0;
//二进制形式
$usertype = $undergraduate . $postgraduate . $teacher . $alumnus;
//转换为十进制形式
$usertype = bindec($usertype);
//以下信息是自动完成
$applypass = 0;
$applyuid = $_SGLOBAL['supe_uid'];
$applytime = time();
$applyip = getonlineip();
$email = $_SGLOBAL['member']['email'];
$name = getstr($name, 30, 1, 1, 1);
//接收图片流:在这之前要验明$name的正身
if ($_FILES['logo']['tmp_name']) {
$pic = pic_save($_FILES['logo'], -1, $name);
if (is_array($pic) && $pic['filepath']) {
$logo = $pic['filepath'];
}
}
if ($category == 3) {
$useapi = substr($_POST['api'], 4);
$iauth_type = $_POST['iauthtype'];
} else {
$useapi = '';
$iauth_type = '';
}
//插入数据库
$applyarr = array('name' => $name, 'iauth_name' => $iauth_name, 'logo' => $logo, 'desc' => $desc, 'url' => $url, 'app_url' => $app_url, 'back_url' => $back_url, 'category' => $category, 'iauth_type' => $iauth_type, 'usertype' => $usertype, 'starttime' => $starttime, 'endtime' => $endtime, 'status' => 'disable', 'type' => $type, 'useapi' => $useapi, 'applypass' => $applypass, 'applyuid' => $applyuid, 'applytime' => $applytime, 'applyip' => $applyip);
//print_r($applyarr);
$id = inserttable('apps', $applyarr, 1);
} elseif (empty($arr2['detail'])) {
showmessage('event_detail_empty');
} elseif ($arr1['endtime'] - $arr1['starttime'] > 60 * 24 * 3600) {
showmessage('event_bad_time_range');
} elseif ($arr1['endtime'] < $arr1['starttime']) {
showmessage('event_bad_endtime');
} elseif ($arr1['deadline'] > $arr1['endtime']) {
showmessage('event_bad_deadline');
} elseif (!$eventid && $arr1['starttime'] < $_SGLOBAL['timestamp']) {
showmessage('event_bad_starttime');
}
// Processing image
$pic = array();
if ($_FILES['poster']['tmp_name']) {
// Saved to the default album
$pic = pic_save($_FILES['poster'], -1, $arr1['title']);
if (is_array($pic) && $pic['filepath']) {
// Upload successful
$arr1['poster'] = $pic['filepath'];
$arr1['thumb'] = $pic['thumb'];
$arr1['remote'] = $pic['remote'];
}
}
//Related Groups
if ($_POST['tagid'] && (!$eventid || $event['uid'] == $_SGLOBAL['supe_uid']) && $_POST['tagid'] != $event['tagid']) {
$_POST['tagid'] = intval($_POST['tagid']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("tagspace") . " WHERE tagid='{$_POST['tagid']}' AND uid='{$_SGLOBAL['supe_uid']}' LIMIT 1");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['grade'] == 9) {
$arr1['tagid'] = $value['tagid'];
}
// showmessage("请上传FLV格式视频文件","plugin.php?pluginid=video&ac=upload");
// }
if (!strstr($image['type'], "image")) {
showmessage("封面请上传图片格式文件", "plugin.php?pluginid=video&ac=upload");
}
if (!$abstract) {
showmessage("请填写视频简介", "plugin.php?pluginid=video&ac=upload");
}
if (!$desc) {
showmessage("请填写视频描述", "plugin.php?pluginid=video&ac=upload");
}
if (!$title) {
showmessage("请填写视频标题", "plugin.php?pluginid=video&ac=upload");
}
$video_detail = video_save($video, $title, $desc, $abstract);
pic_save($image, 0, $title);
$sql = "SELECT * FROM " . tname("pic") . " WHERE title='" . $title . "' order by dateline desc limit 1";
$picid = 0;
$query = $_SGLOBAL['db']->query($sql);
while ($row = $_SGLOBAL['db']->fetch_array($query)) {
$picid = $row['picid'];
}
if ($video_detail && is_array($video_detail)) {
include_once S_ROOT . './source/function_feed.php';
feed_publish($video_detail['id'], 'videoid');
}
$sql = "UPDATE " . tname("video") . " SET picid = " . $picid . " WHERE id = " . $video_detail['id'];
$_SGLOBAL['db']->query($sql);
showmessage("视频已经成功上传", "plugin.php?pluginid=video");
exit;
} elseif ($ac == 'add_view') {
if (strlen($WallDesc) < 20) {
showmessage('至少10个汉字!');
}
if (empty($WallStartTime) || empty($WallEndTime)) {
showmessage('wall_time_illegal');
}
if ($WallStartTime > $WallEndTime & $WallStartTime & $WallEndTime) {
showmessage('wall_time_reverse');
}
if (strtotime(date('Y-m-d')) > $WallEndTime & $WallEndTime) {
showmessage('wall_endtime_early');
}
if (empty($WallUid)) {
showmessage('wall_uid_illegal');
}
$arr = array("wallname" => $WallTitle, "content" => $WallDesc, "uid" => intval($WallUid), "starttime" => intval($WallStartTime), "endtime" => intval($WallEndTime), "pass" => '0', "timeline" => time(), "live" => $WallLive);
$pic = array();
if ($_FILES['poster']['tmp_name']) {
$pic = pic_save($_FILES['poster'], -1, $arr['wallname']);
if (is_array($pic) && $pic['filepath']) {
$arr['picture'] = $pic['filepath'];
}
}
$wallid = inserttable('wall', $arr, 1);
if ($wallid) {
showmessage('申请成功,谢谢您的申请使用!', "{$theurl}", 2);
} else {
showmessage('do_failed');
}
}
include template('plugin/wall/template/wall_apply');
$bigimg = pic_get($attach['attachment'], 'forum', 0, $attach['remote']);
echo "{\"aid\":{$attach['attachid']}, \"smallimg\":\"{$smallimg}\", \"bigimg\":\"{$bigimg}\", \"errorcode\":{$errorcode}}";
exit;
} else {
echo "{\"aid\":0, \"errorcode\":{$errorcode}}";
}
} elseif ($_GET['operation'] == 'album') {
$showerror = true;
if (helper_access::check_module('album')) {
require_once libfile('function/spacecp');
if ($_FILES["Filedata"]['error']) {
$file = lang('spacecp', 'file_is_too_big');
} else {
require_once libfile('function/home');
$_FILES["Filedata"]['name'] = addslashes(diconv(urldecode($_FILES["Filedata"]['name']), 'UTF-8'));
$file = pic_save($_FILES["Filedata"], 0, '', true, 0);
if (!empty($file) && is_array($file)) {
$url = pic_get($file['filepath'], 'album', $file['thumb'], $file['remote']);
$bigimg = pic_get($file['filepath'], 'album', 0, $file['remote']);
echo "{\"picid\":\"{$file['picid']}\", \"url\":\"{$url}\", \"bigimg\":\"{$bigimg}\"}";
$showerror = false;
}
}
}
if ($showerror) {
echo "{\"picid\":\"0\", \"url\":\"0\", \"bigimg\":\"0\"}";
}
} elseif ($_GET['operation'] == 'yuexiamen') {
$aid = intval($_POST['aid']);
$msg = '';
$errorcode = 0;
} elseif (capi_submitcheck('uploadsubmit2')) {
//上传图片
$albumid = $picid = 0;
if (!checkperm('allowupload')) {
if ($_SGLOBAL['mobile']) {
capi_showmessage_by_data(cplang('not_allow_upload'));
} else {
echo "<script>";
echo "alert(\"" . cplang('not_allow_upload') . "\")";
echo "</script>";
exit;
}
}
//上传
$_REQUEST['topicid'] = topic_check($_REQUEST['topicid'], 'pic');
$uploadfiles = pic_save($_FILES['attach'], $_REQUEST['albumid'], $_REQUEST['pic_title'], $_REQUEST['topicid']);
if ($uploadfiles && is_array($uploadfiles)) {
$albumid = $uploadfiles['albumid'];
$picid = $uploadfiles['picid'];
$uploadStat = 1;
if ($eventid) {
$arr = array("eventid" => $eventid, "picid" => $picid, "uid" => $_SGLOBAL['supe_uid'], "username" => $_SGLOBAL['supe_username'], "dateline" => $_SGLOBAL['timestamp']);
inserttable("eventpic", $arr);
}
} else {
$uploadStat = $uploadfiles;
}
if ($_SGLOBAL['mobile']) {
if ($picid) {
$uploadfiles['pic'] = pic_get($uploadfiles['filepath'], $uploadfiles['thumb'], $uploadfiles['remote']);
capi_showmessage_by_data('do_success', 0, array("pic" => $uploadfiles));
//以下摘取addnews部分代码,私下觉得@功能不完整!
preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s/U", $Message, $Matches, PREG_SET_ORDER);
foreach ($Matches as $value) {
$TmpString = $value[0];
$TmpName = $value[1];
$UserId = $value[2];
$result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}");
$rs = $_SGLOBAL['db']->fetch_array($result);
$realname = $rs['name'];
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
}
$Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message);
$Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message);
chdir("../../");
include_once 'source/function_cp.php';
$MobileFile = pic_save($File, $_POST['albumid'], $Message, $_POST['topicid']);
if ($MobileFile && is_array($MobileFile)) {
$arr = array("username" => getstr($username, 30, 1, 1, 1), "message" => $Message, "uid" => intval($userid), "replynum" => 0, "mood" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip(), 'fromdevice' => $FromDevice, 'image_1' => pic_get($MobileFile['filepath'], $MobileFile['thumb'], $MobileFile['remote']), 'image_1_link' => "space.php?uid={$MobileFile['uid']}&do=album&picid={$MobileFile['picid']}");
$newdoid = inserttable('doing', $arr, 1);
$Feedarray = array('appid' => 'UC_APPID', 'icon' => 'doing', 'id' => $newdoid, 'idtype' => 'doid', 'uid' => $MobileFile['uid'], 'username' => $MobileFile['username'], 'dateline' => $MobileFile['dateline'], 'fromdevice' => $FromDevice, 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'image_1' => pic_get($MobileFile['filepath'], $MobileFile['thumb'], $MobileFile['remote']), 'image_1_link' => "space.php?uid={$MobileFile['uid']}&do=album&picid={$MobileFile['picid']}");
$Feedarray['hash_template'] = md5($Feedarray['title_template'] . "\t" . $Feedarray['body_template']);
$Feedarray['hash_data'] = md5($Feedarray['title_template'] . "\t" . $Feedarray['title_data'] . "\t" . $Feedarray['body_template'] . "\t" . $Feedarray['body_data']);
$Feedid = inserttable('feed', $Feedarray, 1);
updatestat('doing');
$Result = array('flag' => 'success');
} else {
$Result = array('flag' => 'fail_file&msg');
}
} else {
if ($_GET['op'] != 'join') {
if ($_SGLOBAL['supe_uid'] != $topic['uid'] && !checkperm('managetopic')) {
showmessage('no_privilege');
}
}
$topic['pic'] = pic_get($topic['pic'], $topic['thumb'], $topic['remote'], 1);
}
//添加编辑操作
if (submitcheck('topicsubmit')) {
$setarr = array('subject' => getstr($_POST['subject'], 80, 1, 1, 1), 'message' => getstr($_POST['message'], 0, 1, 1, 1), 'jointype' => empty($_POST['jointype']) ? '' : implode(',', $_POST['jointype']), 'joingid' => empty($_POST['joingid']) ? '' : implode(',', $_POST['joingid']), 'endtime' => $_POST['endtime'] ? sstrtotime($_POST['endtime']) : 0);
if (strlen($setarr['subject']) < 4) {
showmessage('topic_subject_error');
}
//封面
if ($_FILES['pic']['size'] && ($filearr = pic_save($_FILES['pic'], -1))) {
$setarr['pic'] = $filearr['filepath'];
$setarr['thumb'] = $filearr['thumb'];
$setarr['remote'] = $filearr['remote'];
}
if (empty($topicid)) {
$setarr['uid'] = $_SGLOBAL['supe_uid'];
$setarr['username'] = $_SGLOBAL['supe_username'];
$setarr['dateline'] = $setarr['lastpost'] = $_SGLOBAL['timestamp'];
$topicid = inserttable('topic', $setarr, 1);
} else {
updatetable('topic', $setarr, array('topicid' => $topicid));
}
showmessage('do_success', "space.php?do=topic&topicid={$topicid}", 0);
}
if ($_GET['op'] == 'delete') {
break;
case -8:
$uploadfiles = cplang('has_not_more_doodle');
break;
default:
$uploadfiles = cplang('mobile_picture_temporary_failure');
break;
}
}
} elseif ($_FILES && $_POST) {
if ($_FILES["Filedata"]['error']) {
$uploadfiles = cplang('file_is_too_big');
} else {
$_FILES["Filedata"]['name'] = addslashes(siconv(urldecode($_FILES["Filedata"]['name']), $_SC['charset'], "UTF-8"));
$_POST['albumid'] = addslashes(siconv(urldecode($_POST['albumid']), $_SC['charset'], "UTF-8"));
$uploadfiles = pic_save($_FILES["Filedata"], $_POST['albumid'], addslashes(siconv(urldecode($_POST['title']), $_SC['charset'], "UTF-8")));
}
$proid = $_POST['proid'];
$uploadResponse = true;
$albumid = 0;
if ($uploadfiles && is_array($uploadfiles)) {
$status = "success";
$albumid = $uploadfiles['albumid'];
} else {
$status = "failure";
}
}
$newalbumname = sgmdate('Ymd');
include template("do_swfupload");
$outxml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$outxml .= siconv(ob_get_contents(), 'UTF-8');
case -8:
$uploadfiles = lang('spacecp', 'has_not_more_doodle');
break;
default:
$uploadfiles = lang('spacecp', 'mobile_picture_temporary_failure');
break;
}
}
} elseif ($_FILES && $_POST) {
if ($_FILES["Filedata"]['error']) {
$uploadfiles = lang('spacecp', 'file_is_too_big');
} else {
$_FILES["Filedata"]['name'] = addslashes(diconv(urldecode($_FILES["Filedata"]['name']), 'UTF-8'));
$_POST['albumid'] = addslashes(diconv(urldecode($_POST['albumid']), 'UTF-8'));
$catid = $_POST['catid'] ? intval($_POST['catid']) : 0;
$uploadfiles = pic_save($_FILES["Filedata"], $_POST['albumid'], addslashes(diconv(urldecode($_POST['title']), 'UTF-8')), true, $catid);
}
$proid = $_POST['proid'];
$uploadResponse = true;
$albumid = 0;
if ($uploadfiles && is_array($uploadfiles)) {
$status = "success";
$albumid = $uploadfiles['albumid'];
} else {
$status = "failure";
}
}
$newalbumname = dgmdate($_G['timestamp'], 'Ymd');
include template("home/misc_swfupload");
$outxml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$outxml .= diconv(ob_get_contents(), $_G['charset'], 'UTF-8');
<?php
/* [iBUAA] (C)2012-2111 BUAANIC .
Create By Ancon
Last Modfile By Ancon
Last Time : 2012-12-5 19:58:01
*/
include_once 'do_mobileverify.php';
//include_once('../../common.php');
//$mobilefile = $_GET['file']?$_GET['file']:0;
//$filetype = $_GET['type']?$_GET['type']:0;
//if ($filetype == 'pic') {
// if ($mobilefile == 'upload') {
include_once S_ROOT . './source/function_cp.php';
$mobile_file = pic_save($_FILES['mobilefile'], $_POST['albumid'], $_POST['pic_title'], $_POST['topicid']);
echo $userid;
echo $username;
echo $sessionid;
echo $_POST['albumid'];
echo $_POST['pic_title'];
print_r($_FILES['mobilefile']);
echo "<br />";
echo $_SGLOBAL[supe_uid];
/* exit(aaa);
if ($mobile_file && is_array($mobile_file)) {
$arr = array(
'name'=>$mobile_file['filename'],
'pic'=>$mobile_file['filepath'],
'size'=>$mobile_file['size']
