function paymsg($url, $msg, $notify = 'success')
{
if (empty($_POST)) {
refreshto($url, $msg);
}
exit($notify);
}
function olpay_end($numcode)
{
global $db, $pre, $webdb, $banktype, $pay_code, $lfjuid;
$pay_code = str_replace('QIBO', '=', $pay_code);
//这个符号“=”容易出问题
if (!$pay_code) {
showerr("数据有误!!");
}
list($type, $atc_moeny, $atc_numcode, $mid, $shopmoney) = explode("\t", mymd5($pay_code, 'DE'));
if ($atc_numcode != intval($numcode)) {
showerr("数据被修改过!!");
}
//主要是针对支付宝不能单纯一位数字的问题,inc/olpay/alipay.php,文件中做了修改
$numcode = str_replace("code", "", $numcode);
//万能表单订单
if ($type == 'form') {
$rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `formid`='{$mid}'");
//商城订单
} elseif ($type == 'module') {
$rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `moduleid`='{$mid}'");
$db->query("UPDATE {$pre}shoporderuser SET ifpay='1' WHERE id='{$atc_numcode}'");
//奖励积分
if ($shopmoney) {
add_user($lfjuid, $shopmoney, '购买商品得分');
}
}
if (!$rt) {
showerr('系统中没有您的订单,无法完成支付!');
}
if ($rt['ifpay'] == 1) {
showerr('该订单已经支付成功!');
}
$db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'");
refreshto("{$webdb['www_url']}/", "恭喜你支付成功", 60);
}
function olpay_end($numcode)
{
global $db, $pre, $webdb, $banktype;
$rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `paytype`=1");
if (!$rt) {
showerr('系统中没有您的充值订单,无法完成充值!');
}
if ($rt['ifpay'] == 1) {
showerr('该订单已经充值成功!');
}
$db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'");
$num = $rt[money] * $webdb[alipay_scale];
add_user($rt[uid], $num, '在线充值');
refreshto("{$webdb['www_url']}/", "恭喜你充值成功", 10);
}
$postSpecial->updateData($tid);
}
if ($postTopic) {
//分类主题
$postTopic->initData();
$postTopic->insertData($tid, $fid);
}
if ($postCate) {
//团购活动
$postCate->initData();
$postCate->insertData($tid, $fid);
}
if ($postdata->getIfcheck()) {
if ($postdata->filter->filter_weight == 3) {
$pinfo = 'enter_words';
$banword = implode(',', $postdata->filter->filter_word);
} else {
$pinfo = 'enter_thread';
}
} else {
if ($postdata->filter->filter_weight == 2) {
$banword = implode(',', $postdata->filter->filter_word);
$pinfo = 'post_word_check';
} elseif ($postdata->linkCheckStrategy) {
$pinfo = 'post_link_check';
} else {
$pinfo = 'post_check';
}
}
refreshto("read.php?tid={$tid}&page={$page}&toread=1#{$pid}", $pinfo);
}
}
$pwd = md5($pwd);
}
require_once R_P . 'require/bbscode.php';
$wordsfb = L::loadClass('FilterUtil');
if (($banword = $wordsfb->comprise($aname)) !== false) {
Showmsg('title_wordsfb');
}
if (($banword = $wordsfb->comprise($aintro)) !== false) {
Showmsg('content_wordsfb');
}
if ($private == 3 && !$pwd && $rt['albumpwd']) {
$pwd = $rt['albumpwd'];
}
$db->update("UPDATE pw_cnalbum SET " . pwSqlSingle(array('aname' => $aname, 'aintro' => $aintro, 'private' => $private, 'albumpwd' => $pwd)) . ' WHERE aid=' . pwEscape($aid));
refreshto("{$basename}a=own", 'operate_success');
}
} elseif ($a == 'viewalbum') {
define('AJAX', 1);
define('F_M', true);
InitGP(array('aid'));
$aid = (int) $aid;
empty($aid) && Showmsg('data_error');
require_once PrintEot('m_ajax');
ajax_footer();
} elseif ($a == 'createajax') {
define('AJAX', 1);
define('F_M', true);
banUser();
InitGP(array('job'));
require_once PrintEot('m_ajax');
Showmsg('undefined_action');
}
$needcur = $days * $rt['sright']['sellprice'];
$cur = $credit->get($winduid, $rt['sright']['selltype']);
if ($cur === false) {
Showmsg('numerics_checkfailed');
}
if ($cur < $needcur) {
Showmsg('noenough_currency');
}
$credit->addLog('main_buygroup', array($rt['sright']['selltype'] => -$needcur), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'gptitle' => $rt['grouptitle'], 'days' => $days));
if (!$credit->set($winduid, $rt['sright']['selltype'], -$needcur)) {
Showmsg('numerics_checkfailed');
}
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
if ($options == 1) {
if ($winddb['groupid'] == '-1') {
$userService->update($winduid, array('groupid' => $gid));
} else {
$groups = $mb['groups'] ? $mb['groups'] . $winddb['groupid'] . ',' : ",{$winddb['groupid']},";
$userService->update($winduid, array('groupid' => $gid, 'groups' => $groups));
}
} else {
$groups = $mb['groups'] ? $mb['groups'] . $gid . ',' : ",{$gid},";
$userService->update($winduid, array('groups' => $groups));
}
$db->pw_update("SELECT uid FROM pw_extragroups WHERE uid=" . S::sqlEscape($winduid) . " AND gid=" . S::sqlEscape($gid), "UPDATE pw_extragroups SET " . S::sqlSingle(array('togid' => $winddb['groupid'], 'startdate' => $timestamp, 'days' => $days)) . " WHERE uid=" . S::sqlEscape($winduid) . "AND gid=" . S::sqlEscape($gid), "INSERT INTO pw_extragroups SET " . S::sqlSingle(array('uid' => $winduid, 'togid' => $winddb['groupid'], 'gid' => $gid, 'startdate' => $timestamp, 'days' => $days)));
refreshto("profile.php?action=buy", 'group_buy_success');
}
}
while ($rs = $db->fetch_array($query)) {
$Module_db->showfield($module_DB[2]['field'], $rs, 'list');
$rs[username] || ($rs[username] = $rs[ip]);
$rs[posttime] = date("Y-m-d H:i:s", $rs[posttime]);
$rs[del] = " <A HREF='?action=delete_apply&id={$rs['apply_id']}'>踢除</A>";
$listdb[] = $rs;
}
$showpage = getpage('', '', "?job={$job}", $rows, $totalNum);
require ROOT_PATH . "member/head.php";
require Memberpath . "template/list_job_member.htm";
require ROOT_PATH . "member/foot.php";
} elseif ($action == 'delete_apply') {
//踢除某职位下的其中一个应聘者
$r = $db->get_one("SELECT * FROM `{$_pre}apply` WHERE id='{$id}'");
$rs = $db->get_one("SELECT * FROM `{$_pre}content` WHERE cid='{$r['cid']}'");
if ($rs[uid] != $lfjuid) {
showerr("非法踢除!");
}
$db->query("DELETE FROM {$_pre}apply WHERE id='{$id}'");
refreshto($FROMURL, '踢除成功', 1);
} elseif ($action == "del") {
//删除某职位
$rs = $db->get_one("SELECT * FROM `{$_pre}content` WHERE id='{$id}' AND uid={$lfjuid}");
if (!$rs) {
showerr("非法删除!");
}
$db->query("DELETE FROM `{$_pre}content` WHERE `id` = '{$id}'");
$db->query("DELETE FROM `{$_pre}content_1` WHERE `id` = '{$id}'");
$db->query("DELETE FROM `{$_pre}apply` WHERE `cid` = '{$id}'");
refreshto($FROMURL, '删除成功', 1);
}
$min = ($page - 1) * $rows;
$query = $db->query("SELECT * FROM {$_pre}comments WHERE uid='{$lfjuid}' ORDER BY cid DESC LIMIT {$min},{$rows}");
while ($rs = $db->fetch_array($query)) {
$rs[content] = preg_replace("/<([^<]+)>/is", "", $rs[content]);
$rs[title] = get_word($rs[content], 70);
if (!$rs[username]) {
$detail = explode(".", $rs[ip]);
$rs[username] = "{$detail['0']}.{$detail['1']}.{$detail['2']}.*";
}
$rss = $db->get_one("SELECT city_id FROM {$_pre}db WHERE id='{$rs['id']}'");
$rs[url] = get_info_url($rs[id], $rs[fid], $rss[city_id]);
$rs[posttime] = date("Y-m-d H:i", $rs[posttime]);
$listdb[] = $rs;
}
require ROOT_PATH . "member/head.php";
require dirname(__FILE__) . "/" . "template/comment/mylist.htm";
require ROOT_PATH . "member/foot.php";
} elseif ($action == "del") {
if (!$ciddb) {
showerr("请选择一个");
}
foreach ($ciddb as $key => $value) {
$rs = $db->get_one("SELECT * FROM {$_pre}comments WHERE cid='{$value}'");
if ($rs[uid] = $lfjuid || ($rs[cuid] = $lfjuid)) {
$db->query("DELETE FROM {$_pre}comments WHERE cid='{$value}'");
$_erp = $Fid_db[tableid][$rs[fid]];
$db->query("UPDATE {$_pre}content{$_erp} SET comments=comments-1 WHERE id='{$rs['id']}'");
}
}
refreshto("{$FROMURL}", "删除成功", 1);
}
$mids = array();
foreach ($weibos as $key => $weibo) {
$mids[] = $weibo['mid'];
}
$weiboService->deleteWeibos($mids);
}
countPosts('-1');
$credit->runsql();
sendMawholeMessages($msgdb);
if ($db_ifpwcache ^ 1) {
$db->update("DELETE FROM pw_elements WHERE type !='usersort' AND id IN(" . S::sqlImplode($selids) . ')');
}
//* P_unlink(D_P.'data/bbscache/c_cache.php');
pwCache::deleteData(D_P . 'data/bbscache/c_cache.php');
if (!defined('AJAX')) {
refreshto("apps.php?q=group&a=thread&cyid={$cyid}", 'deltopic_success');
} else {
Showmsg('deltopic_success_ajax');
}
}
}
function checkForHeadTopic($toptype, $fid, $selForums)
{
require_once R_P . 'require/updateforum.php';
list($catedbs, $top_1, $top_2, $top_3) = getForumListForHeadTopic($fid);
$topAll = '';
if ($toptype == 0) {
return true;
}
if ($toptype == 1) {
$topAll = ',' . implode(',', array_keys((array) $top_1)) . ',';
}
} elseif ($action == 'del') {
PostCheck();
InitGP(array('selid', 'type'));
$selids = array();
foreach ($selid as $key => $value) {
is_numeric($value) && ($selids[] = $value);
}
if ($selids) {
$selids = pwImplode($selids);
} else {
Showmsg('id_error');
}
if ($type == 'report') {
$db->update("DELETE FROM pw_report WHERE id IN ({$selids})");
refreshto("forumcp.php?action=edit&type=report&fid={$fid}", 'operate_success');
}
}
function updatecache_fd1()
{
global $db;
$db->update("UPDATE pw_forums SET childid='0',fupadmin=''");
$query = $db->query("SELECT fid,forumadmin FROM pw_forums WHERE type='category' ORDER BY vieworder");
while ($cate = $db->fetch_array($query)) {
Add_S($cate);
$query2 = $db->query("SELECT fid,forumadmin FROM pw_forums WHERE type='forum' AND fup=" . pwEscape($cate['fid']));
if ($db->num_rows($query2)) {
$havechild[] = $cate['fid'];
while ($forum = $db->fetch_array($query2)) {
Add_S($forum);
$fupadmin = trim($cate['forumadmin']);
}
$tmpKeyArray = array_diff(array_keys($tucoolAttachs), (array) $contentAids);
$tmpArray = array();
foreach ((array) $tmpKeyArray as $v) {
$tmpArray[$v] = $tucoolAttachs[$v];
}
$contentAttachs = array();
if (S::isArray($haveAids)) {
foreach ($tucoolAttachs as $k => $v) {
if (S::inArray($k, $haveAids)) {
$contentAttachs[$k] = $tucoolAttachs[$k];
}
}
}
$tucoolAttachs = array_merge($contentAttachs, (array) $tmpArray);
!$tucoolAttachs && refreshto("read.php?tid={$tid}&ds=1", '您暂无权限查看此帖的图片!');
// 编辑图片信息权限
$editAttachRight = $admincheck || $read['authorid'] == $winduid ? 1 : 0;
// 回复数
if ($openIndex) {
#高楼帖子索引
$replyCount = 1 + $db->get_value("SELECT max(floor) FROM pw_postsfloor WHERE tid =" . S::sqlEscape($tid));
} else {
$replyCount = $read['replies'] + 1;
}
//帖子浏览记录
$readlog = str_replace(",{$tid},", ',', GetCookie('readlog'));
$readlog .= ($readlog ? '' : ',') . $tid . ',';
$readlogCount = substr_count($readlog, ',');
$readlogCount > 11 && ($readlog = preg_replace("/[\\d]+\\,/i", '', $readlog, $readlogCount - 11));
Cookie('readlog', $readlog);
refreshto($jumpUrl, $msg);
} else {
Showmsg('修改文章失败');
}
}
} elseif ($action == 'deletepage') {
S::gp(array('id', 'page'));
$articleModule = $articleService->getArticleModule($id);
if (!checkEditPurview($windid, $articleModule->columnId) && $articleModule->user != $windid) {
Showmsg('你没有权限编辑本栏目的文章');
}
$articleModule->deletePage($page);
$articleModule->showError();
$result = $articleService->updateArticle($articleModule);
if ($result) {
refreshto("{$basename}q=post&action=edit&id={$id}&page=1", 'operate_success', 2);
} else {
Showmsg('删除分页失败');
}
}
require cmsTemplate::printEot('post');
footer();
function initFileTypeInfo($db_uploadfiletype)
{
$uploadfiletype = $db_uploadfiletype ? unserialize($db_uploadfiletype) : array();
$attachAllow = pwJsonEncode($uploadfiletype);
$imageAllow = pwJsonEncode(getAllowKeysFromArray($uploadfiletype, array('jpg', 'jpeg', 'gif', 'png', 'bmp')));
return array($attachAllow, $imageAllow);
}
function initAttach($attachs)
{
function pingfenMsg($msg_info)
{
global $baseUrl, $action, $tid;
$msg_info = getLangInfo('msg', $msg_info);
refreshto($baseUrl . 'action=' . $action . '&selid=' . $tid . '&', $msg_info, 3);
}
Showmsg('bk_credit_type_error');
}
$change = (int) $change;
if (!is_numeric($change) || $change <= 0) {
Showmsg('bk_credit_fillin_error');
}
$change % $jf_A[$type][0] != 0 && Showmsg('change_error');
list($sell, $buy) = explode('_', $type);
$credit1 = $change;
$credit2 = intval($change / $jf_A[$type][0] * $jf_A[$type][1]);
/*
$db->query("LOCK TABLES pw_memberdata WRITE,pw_membercredit WRITE");
$lockfile = D_P.'data/bbscache/lock_profile.txt';
$fp = fopen($lockfile,'wb+');
flock($fp,LOCK_EX);
*/
if (procLock('credit_change', $winduid)) {
if ($credit1 > $credit->get($winduid, $sell)) {
procUnLock('credit_change', $winduid);
Showmsg('bk_credit_change_error');
}
$credit->addLog('main_changereduce', array($sell => -$credit1), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'tocname' => $credit->cType[$buy]));
$credit->addLog('main_changeadd', array($buy => $credit2), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'fromcname' => $credit->cType[$sell]));
$credit->sets($winduid, array($sell => -$credit1, $buy => $credit2));
procUnLock('credit_change', $winduid);
//fclose($fp);
//$db->query("UNLOCK TABLES");
}
refreshto('userpay.php?action=change', 'bank_creditsuccess', 1, true);
}
}
//XXX 作为demo,临时存放在session中,网站应该用自己安全的存储系统来存储这些信息
//$_SESSION["token"] = $result["oauth_token"];
//$_SESSION["secret"] = $result["oauth_token_secret"];
//$_SESSION["openid"] = $result["openid"];
set_cookie('token_secret', mymd5($result["oauth_token"] . "\t" . $result["oauth_token_secret"] . "\t" . $result["openid"]), 3600);
if ($rs = $db->get_one("SELECT * FROM {$pre}memberdata WHERE `qq_api`='{$result['openid']}'")) {
$userDB->login($rs[username], '', 3600, true);
$fromurl = get_cookie('qq_fromurl');
if ($fromurl && !eregi("login\\.php", $fromurl) && !eregi("reg\\.php", $fromurl)) {
$jumpto = $fromurl;
} else {
$jumpto = "{$webdb['www_url']}/";
}
refreshto("{$jumpto}", "QQ方式登录成功{$uc_login_code}", 1);
} else {
refreshto("qq_bind.php", "QQ登录成功,请进行帐号绑定设置", 10);
}
//第三方处理用户绑定逻辑
//将openid与第三方的帐号做关联
//bind_to_openid();
} else {
//登录前
set_cookie('qq_fromurl', $FROMURL);
redirect_to_login($webdb[QQ_appid], $webdb[QQ_appkey], "{$webdb['www_url']}/do/qq_login.php");
}
/**
* @brief get a access token
* rfc1738 urlencode
* @param $appid
* @param $appkey
* @param $request_token
<?php
!defined('P_W') && exit('Forbidden');
S::gp(array('tid'));
$robbuildService = L::loadClass('RobBuild', 'forum');
$robbuild = $robbuildService->getByTid($tid);
(!S::inArray($windid, $manager) && $robbuild['authorid'] != $winduid || $robbuild['status']) && Showmsg('undefined_action');
$robbuildService->update(array('status' => 2), $tid);
refreshto("read.php?tid={$tid}", 'operate_success');
<?php
if (!function_exists('html')) {
die('F');
}
if (!$lfjuid) {
showerr('请先登录');
}
$_erp = $Fid_db[tableid][$fid];
$rs = $db->get_one("SELECT * FROM {$_pre}content{$_erp} WHERE id='{$id}'");
if ($rs[uid] != $lfjuid && !$web_admin) {
showerr('你没权限');
}
$list = $timestamp + 3600 * 24 * $webdb[Info_TopDay];
if (!$web_admin) {
$lfjdb[money] = intval(get_money($lfjuid));
if ($lfjdb[money] < $webdb[Info_TopMoney]) {
showerr("你的积分不足:{$webdb['Info_TopMoney']},不能选择置顶");
}
add_user($lfjuid, -intval($webdb[Info_TopMoney]), '置顶扣分');
}
$db->query("UPDATE {$_pre}content{$_erp} SET list='{$list}' WHERE id='{$id}'");
refreshto("{$FROMURL}", "置顶成功", 1);
<?php
!function_exists('html') && exit('ERR');
if (!$lfjuid) {
showerr("请先登录!");
}
if (!$web_admin) {
$rs = $db->get_one("SELECT C.uid FROM `{$pre}vote_element` V LEFT JOIN `{$pre}vote_topic` C ON V.cid=C.cid WHERE V.id='{$id}'");
if ($rs[uid] != $lfjuid || !$lfjuid) {
showerr("你没权限!");
}
}
$db->query("DELETE FROM `{$pre}vote_element` WHERE id='{$id}'");
refreshto($FROMURL, "删除成功", 1);
}
if ($db->get_value("SELECT COUNT(*) as sum FROM pw_cnalbum WHERE atype=1 AND ownerid=" . S::sqlEscape($cyid)) > 0) {
Showmsg('colony_del_photo');
}
if ($colony['cnimg']) {
require_once R_P . 'require/functions.php';
pwDelatt("cn_img/{$colony['cnimg']}", $db_ifftp);
pwFtpClose($ftp);
}
$query = $db->query("SELECT uid FROM pw_cmembers WHERE colonyid=" . S::sqlEscape($cyid) . " AND ifadmin != '-1'");
while ($rt = $db->fetch_array($query)) {
$cMembers[] = $rt['uid'];
}
updateUserAppNum($cMembers, 'group', 'minus');
$db->update("DELETE FROM pw_cmembers WHERE colonyid=" . S::sqlEscape($cyid));
//* $db->update("DELETE FROM pw_colonys WHERE id=" . S::sqlEscape($cyid));
pwQuery::delete('pw_colonys', 'id=:id', array($cyid));
$db->update("UPDATE pw_cnclass SET cnsum=cnsum-1 WHERE fid=" . S::sqlEscape($colony['classid']) . " AND cnsum>0");
$db->update("DELETE FROM pw_argument WHERE cyid=" . S::sqlEscape($cyid));
refreshto("apps.php?q=groups", '解散群组成功!');
}
} else {
Showmsg('undefined_action');
}
function threadSetCheckOwnerPassword($ownerId, $inputPassword)
{
$userService = L::loadClass('UserService', 'user');
/* @var $userService PW_UserService */
$userData = $userService->get($ownerId);
return md5($inputPassword) == $userData['password'];
}
if ($selid && is_array($selid)) {
$arr = array();
$query = $db->query("SELECT u2.uid FROM pw_userbinding u1 LEFT JOIN pw_userbinding u2 ON u1.id=u2.id WHERE u1.uid=" . pwEscape($winduid));
while ($rt = $db->fetch_array($query)) {
$arr[] = $rt['uid'];
}
if ($delarr = array_intersect($arr, $selid)) {
$db->update("DELETE FROM pw_userbinding WHERE uid IN(" . pwImplode($delarr) . ')');
$tmp = $delarr + array($winduid);
if (count(array_unique($tmp)) == count($arr)) {
$delarr = $tmp;
}
$db->update("UPDATE pw_members SET userstatus=userstatus&~(1<<11) WHERE uid IN (" . pwImplode($delarr) . ')');
}
}
refreshto("profile.php?action=modify&info_type=binding", 'operate_success', 2, true);
}
function Getcustom($data, $unserialize = true, $strips = null)
{
global $db_union;
$customdata = array();
if (!$data || ($unserialize ? !is_array($data = unserialize($data)) : !is_array($data))) {
$data = array();
} elseif (!is_array($custominfo = unserialize($db_union[7]))) {
$custominfo = array();
}
if (!empty($data) && !empty($custominfo)) {
foreach ($data as $key => $value) {
if (!empty($strips)) {
$customdata[stripslashes(Char_cv($key))] = stripslashes(Char_cv($value));
} elseif ($custominfo[$key] && $value) {
$db->insert_file('', $readfiles);
//导入数据库
//如果数据表区分符不是qb_的话,serialize字符的长度会有所变化,因此要纠正
if (strpos($readfiles, "{$pre}label") && strlen($pre) != 3) {
$query = $db->query("SELECT * FROM {$pre}label WHERE typesystem=1 ");
while ($rs = $db->fetch_array($query)) {
$rs[code] = preg_replace("/s:([\\d]+):\"(.*?)\";/e", "strlen_lable('\\1','\\2')", $rs[code]);
$rs[code] = addslashes($rs[code]);
$db->query("UPDATE {$pre}label SET code='{$rs['code']}' WHERE lid='{$rs['lid']}' ");
}
}
//有的模块可能要执行一些动作
@(include ROOT_PATH . "{$file}/install/install.inc.php");
}
make_module_cache();
refreshto("index.php?lfj=group&job=admin_gr&gid=3", "安装成功!下一步要设置权限", 60);
} elseif ($action == 'make') {
if ($db->get_one("SELECT * FROM {$pre}module WHERE pre='{$postdb['pre']}'")) {
showmsg("此系统已存在了,请不要重复创建");
}
if (!$postdb[pre]) {
showmsg("关键字/数据表前缀不能为空");
}
if (!$postdb['dirname']) {
showmsg("系统存放目录不能为空");
}
if (!is_dir(ROOT_PATH . $postdb['dirname'])) {
showmsg("目录不存在");
}
if ($postdb[admindir] && !is_dir(ROOT_PATH . $postdb['dirname'] . "/{$postdb['admindir']}")) {
showmsg("后台目录不存在");
updateUserAppNum($winduid, 'share');
$memberShare = array('reply' => "memberShareThread", 'topic' => "memberShareThread", 'diary' => "memberShareDiary", 'album' => "memberShareAlbum", 'user' => "memberShareUser", 'group' => "memberShareGroup", 'photo' => "memberSharePic", 'web' => "memberShareLink", 'video' => "memberShareVideo", 'music' => "memberShareMusic");
$threadShare = array('topic' => "threadShare", 'diary' => "diaryShare", 'photo' => "picShare");
$threadFav = array('diary' => "diaryFav", 'photo' => "picFav");
if (isset($memberShare[$type])) {
updateDatanalyse($winduid, $memberShare[$type], 1);
}
if (isset($threadShare[$type_tmp]) && $ifhidden != 1) {
updateDatanalyse($id, $threadShare[$type_tmp], 1);
} elseif (isset($threadFav[$type])) {
updateDatanalyse($id, $threadFav[$type], 1);
}
if (defined('AJAX')) {
Showmsg('operate_success');
} else {
refreshto("{$baseUrl}q=share&a={$a}", 'operate_success');
}
function getVideo($link, $host)
{
$matches = array();
switch ($host) {
case 'youku.com':
preg_match("/sid\\/(\\w+)\\//", $link, $matches);
break;
case 'youtube.com':
preg_match("/v\\=([\\w\\-]+)/", $link, $matches);
break;
case 'sina.com.cn':
preg_match("/\\/(\\d+)-(\\d+)\\.html/", $link, $matches);
break;
case 'sohu.com':
Showmsg('unenough_currency');
} else {
procUnLock('tool_buy', $winduid);
Showmsg('unenough_money');
}
}
$credit->addLog('hack_toolbuy', array($toolinfo['creditype'] => -$price), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'nums' => $nums, 'toolname' => $toolinfo['name']));
$credit->set($winduid, $toolinfo['creditype'], -$price);
$db->update("UPDATE pw_tools SET stock=stock-" . S::sqlEscape($nums) . " WHERE id=" . S::sqlEscape($id));
$db->pw_update("SELECT uid FROM pw_usertool WHERE uid=" . S::sqlEscape($winduid) . " AND toolid=" . S::sqlEscape($id), "UPDATE pw_usertool SET nums=nums+" . S::sqlEscape($nums) . " WHERE uid=" . S::sqlEscape($winduid) . " AND toolid=" . S::sqlEscape($id), "INSERT INTO pw_usertool SET " . S::sqlSingle(array('nums' => $nums, 'uid' => $winduid, 'toolid' => $id, 'sellstatus' => $sell_status)));
require_once R_P . 'require/tool.php';
$logdata = array('type' => 'buy', 'nums' => $nums, 'money' => $price, 'descrip' => 'buy_descrip', 'uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'time' => $timestamp, 'toolname' => $toolinfo['name'], 'from' => '');
writetoollog($logdata);
procUnLock('tool_buy', $winduid);
}
refreshto("profile.php?action=toolcenter", 'operate_success');
}
} elseif ($job == 'use' || $job == 'ajax') {
$toolid = (int) S::getGP('toolid');
if (!$toolid) {
$tooldb = array();
$query = $db->query("SELECT * FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid=" . S::sqlEscape($winduid) . "ORDER BY vieworder");
while ($rt = $db->fetch_array($query)) {
$rt['descrip'] = substrs($rt['descrip'], 45);
$tooldb[] = $rt;
}
if (!$tooldb) {
Showmsg('no_tool');
}
require_once uTemplate::PrintEot('profile_toolcenter');
pwOutPut();
/*
if ($privacy && is_array($privacy)) {
$pwSQL = array();
foreach ($privacy as $key => $value) {
if (in_array($key, $spaceModel)) {
$pwSQL[] = array(
'uid' => $winduid,
'type' => 'space',
'key' => $key,
'value' => $value
);
}
}
$pwSQL && $db->update("replace INTO pw_privacy (uid, ptype, pkey, value) values " . S::sqlMulti($pwSQL));
}
if ($domain != $space['domain'] && $db->get_value("SELECT COUNT(*) AS sum FROM pw_space WHERE domain=" . S::sqlEscape($domain))) {
Showmsg('该域名已被使用!');
}
*/
$pwSQL = array('name' => $name, 'descript' => $descript, 'domain' => $domain, 'spacestyle' => $spacestyle, 'spacetype' => $spacetype, 'skin' => $spaceskin, 'modelset' => serialize($modelset));
$layout && ($pwSQL['layout'] = serialize($layout));
set_time_limit(0);
require_once R_P . 'u/lib/spacebannerupload.class.php';
$upload = new spaceBannerUpload($winduid);
PwUpload::upload($upload);
if ($img = $upload->getImgUrl()) {
$pwSQL['banner'] = $img;
}
$newSpace->updateInfo($pwSQL);
refreshto('u.php?a=set', 'operate_success');
}
$admincheck = 0;
}
if ($groupid != 'guest' && ($admincheck || $attach['uid'] == $winduid)) {
pwDelatt($attach['attachurl'], $db_ifftp);
pwFtpClose($ftp);
$pw_attachs->delete($aid);
$ifupload = getattachtype($tid);
$ifaid = $ifupload === false ? 0 : 1;
if ($pid) {
$pw_posts = GetPtable('N', $tid);
//$db->update("UPDATE $pw_posts SET aid=" . S::sqlEscape($ifaid, false) . "WHERE tid=" . S::sqlEscape($tid, false) . "AND pid=" . S::sqlEscape($pid, false));
pwQuery::update($pw_posts, 'tid=:tid AND pid=:pid', array($tid, $pid), array('aid' => $ifaid));
} else {
$pw_tmsgs = GetTtable($tid);
//* $db->update("UPDATE $pw_tmsgs SET aid=" . S::sqlEscape($ifaid, false) . " WHERE tid=" . S::sqlEscape($tid, false));
pwQuery::update($pw_tmsgs, 'tid=:tid', array($tid), array('aid' => $ifaid));
}
$ifupload = (int) $ifupload;
//$db->update('UPDATE pw_threads SET ifupload=' . S::sqlEscape($ifupload) . ' WHERE tid=' . S::sqlEscape($tid));
pwQuery::update('pw_threads', 'tid=:tid', array($tid), array('ifupload' => $ifupload));
if ($foruminfo['allowhtm'] && $page == 1) {
$StaticPage = L::loadClass('StaticPage');
$StaticPage->update($tid);
empty($j_p) && ($j_p = "read.php?tid={$tid}&ds=1");
refreshto($j_p, 'operate_success');
} else {
refreshto("read.php?tid={$tid}&ds=1&page={$page}", 'operate_success');
}
} else {
Showmsg('job_attach_right');
}
<?php
require dirname(__FILE__) . "/global.php";
if (!$lfjid) {
showerr('请先登录!');
} elseif ($uid == $lfjuid) {
showerr('你不能收录自己!');
}
if ($db->get_one("SELECT * FROM {$_pre}collection WHERE memberuid='{$uid}' AND companyuid='{$lfjuid}'")) {
showerr('你已经收录过了!');
}
$db->query("INSERT INTO {$_pre}collection SET memberuid='{$uid}',companyuid='{$lfjuid}',posttime='{$timestamp}'");
refreshto($FROMURL, '收录成功', 3);
<?php
require dirname(__FILE__) . "/global.php";
if (!$lfjid) {
showerr('请先登录!');
}
if ($job == 'post') {
$rsdb = $db->get_one("SELECT * FROM {$_pre}content WHERE id='{$id}'");
if (!$rsdb) {
showerr('职位不存在!');
}
if ($db->get_one("SELECT * FROM {$_pre}apply WHERE cid='{$id}' AND uid='{$lfjuid}'")) {
showerr('你已经申请过该职位了!');
}
@extract($db->get_one("SELECT id AS join_id FROM {$_pre}person WHERE uid='{$lfjuid}'"));
$db->query("INSERT INTO {$_pre}apply SET cid='{$id}',uid='{$lfjuid}',join_id='{$join_id}',posttime='{$timestamp}'");
refreshto("./", '申请成功', 1);
}
mod_sort_sons("{$pre}area", 0);
//更新sons
/*更新导航缓存*/
cache_area();
refreshto($FROMURL, "删除成功");
} elseif ($action == "editlist") {
foreach ($order as $key => $value) {
$db->query("UPDATE {$pre}area SET list='{$value}' WHERE fid='{$key}' ");
}
mod_sort_class("{$pre}area", 0, 0);
//更新class
mod_sort_sons("{$pre}area", 0);
//更新sons
/*更新导航缓存*/
cache_area();
refreshto("{$FROMURL}", "修改成功", 1);
}
/**
*更新缓存
**/
function cache_area()
{
global $db, $pre;
$show = "<?php\r\n";
$query = $db->query("SELECT fid,fup,name FROM {$pre}area LIMIT 500");
while ($rs = $db->fetch_array($query)) {
$rs[name] = addslashes($rs[name]);
$show .= "\$area_db[{$rs[fup]}][{$rs[fid]}]='{$rs['name']}';\n\t\t\$area_db[name][{$rs[fid]}]='{$rs['name']}';\n\t\t";
}
write_file(ROOT_PATH . "data/all_area.php", $show);
}
$isAtcEmail = (int) $atc_email;
$isAtcNewrp = (int) $atc_newrp;
$userService = L::loadClass('UserService', 'user');
$userService->setUserStatus($winduid, PW_USERSTATUS_REPLYEMAIL, $isAtcEmail);
$userService->setUserStatus($winduid, PW_USERSTATUS_REPLYSITEEMAIL, $isAtcNewrp);
$j_p = "read.php?tid={$tid}&ds=1";
if ($db_htmifopen) {
$j_p = urlRewrite($j_p);
}
if (empty($j_p) || $pwforum->foruminfo['cms']) {
$j_p = "read.php?tid={$tid}&ds=1";
}
$pinfo = defined('AJAX') ? "success\t" . $j_p : "";
if (!$iscontinue) {
if ($postdata->getIfcheck()) {
if ($prompts = $pwpost->getprompt()) {
isset($prompts['allowhide']) && ($pinfo = getLangInfo('refreshto', "post_limit_hide"));
isset($prompts['allowsell']) && ($pinfo = getLangInfo('refreshto', "post_limit_sell"));
isset($prompts['allowencode']) && ($pinfo = getLangInfo('refreshto', "post_limit_encode"));
}
}
}
//defend start
CloudWind::YunPostDefend($winduid, $windid, $groupid, $tid, $atc_title, $atc_content, 'thread', array('fid' => $fid, 'tid' => $tid, 'forumname' => $pwforum->foruminfo['name']));
//defend end
//job sign
//require_once(R_P.'require/functions.php');
//initJob($winduid,"doPost",array('fid'=>$fid));
pwHook::runHook('after_post');
refreshto($j_p, $pinfo);
}
$f_hash = $share['link'];
} else {
$type = $share['type'] = 'web';
}
$collectionDate = array('type' => $type, 'uid' => $winduid, 'username' => $windid, 'content' => serialize($share), 'postdate' => $timestamp);
if ($collectionService->insert($collectionDate)) {
refreshto("{$basename}&", 'operate_success');
} else {
Showmsg('data_error');
}
} elseif ($a == 'dels') {
PostCheck();
S::gp(array('idarray'), 'P', 1);
$ids = $collectionService->checkCollectionIds($idarray, $winduid);
$collectionService->delete($ids);
refreshto("{$basename}type={$type}&", 'operate_success');
} elseif ($a == 'remove') {
S::gp(array('ftype', 'idarray'));
!$idarray && Showmsg('undefined_action');
$return = $collectionService->remove($idarray, $ftype);
if ($return === true) {
echo "success\t";
ajax_footer();
}
} elseif ($a == 'recommend') {
define('AJAX', 1);
define('F_M', true);
if (empty($_POST['step'])) {
S::gp(array('id'), null, 2);
$friend = getFriends($winduid);
if ($friend) {
