Esempio n. 1
0
function auth_update($set, $where)
{
    $set = base_protect($set);
    $where = base_protect($where);
    $flag = updatetable('authmap', $set, $where);
    return $flag;
}
Esempio n. 2
0
 function update($uId, $appIds, $appName, $privacy, $allowSideNav, $allowFeed, $allowProfileLink, $version, $displayMethod, $displayOrder = null)
 {
     global $_SGLOBAL;
     switch ($privacy) {
         case 'public':
             $privacy = 0;
             break;
         case 'friends':
             $privacy = 1;
             break;
         case 'me':
             $privacy = 3;
             break;
         case 'none':
             $privacy = 5;
             break;
         default:
             $privacy = 0;
     }
     $where = sprintf('uid = %d AND appid IN (%s)', $uId, simplode($appIds));
     $setarr = array('appname' => $appName, 'privacy' => $privacy, 'allowsidenav' => $allowSideNav, 'allowfeed' => $allowFeed, 'allowprofilelink' => $allowProfileLink);
     if ($displayOrder !== null) {
         $setarr['displayorder'] = $displayOrder;
     }
     updatetable('userapp', $setarr, $where);
     $result = $_SGLOBAL['db']->affected_rows();
     $displayMethod = $displayMethod == 'iframe' ? 1 : 0;
     if (is_array($appIds)) {
         foreach ($appIds as $appId) {
             $this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, null);
         }
     }
     return new APIResponse($result);
 }
Esempio n. 3
0
 function setActionLink($uId, $appId, $actionMarkup)
 {
     global $_SGLOBAL;
     $fields = array('profilelink' => $actionMarkup);
     $where = array('uid' => $uId, 'appid' => $appId);
     updatetable('userappfield', $fields, $where);
     $result = $_SGLOBAL['db']->affected_rows();
     return new APIResponse($result);
 }
Esempio n. 4
0
 function update($appId, $appName, $version, $displayMethod, $displayOrder = null)
 {
     $fields = array('appname' => $appName);
     $where = array('appid' => $appId);
     $result = updatetable('userapp', $fields, $where);
     $displayMethod = $displayMethod == 'iframe' ? 1 : 0;
     $this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, $displayOrder);
     return new APIResponse($result);
 }
Esempio n. 5
0
 /**
  * 编辑指定ID信息
  *
  * @param unknown_type $eid
  * @return unknown
  */
 function edit($eid, $dataarray)
 {
     if (is_array($dataarray) && !empty($eid)) {
         //更新数据库操作
         $wheresqlarr = " " . $this->idname . "='{$eid}'";
         updatetable($this->table, $dataarray, $wheresqlarr);
         return "OK";
     }
     return lang('Array_format_error');
 }
 public function update($appId, $appName, $version, $displayMethod, $displayOrder = null)
 {
     $db_prefix = getDbPrefix();
     global $_SGLOBAL;
     $fields = array('appname' => $appName);
     $where = array('appid' => $appId);
     $result = updatetable('myop_myapp', $fields, $where);
     $result = updatetable('myop_userapp', $fields, $where) || $result;
     $displayMethod = $displayMethod == 'iframe' ? 1 : 0;
     $this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, $displayOrder);
     return new APIResponse($result);
 }
Esempio n. 7
0
	function update($appId, $appName, $version, $displayMethod, $displayOrder = null) {
		global $_SGLOBAL;
		$fields = array('appname' => $appName);
		$where = array('appid'	=> $appId);
		updatetable('myapp', $fields, $where);
		updatetable('userapp', $fields, $where);

		$result = $_SGLOBAL['db']->affected_rows();
		
		$displayMethod = ($displayMethod == 'iframe') ? 1 : 0;
		$this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, $displayOrder);
		return new APIResponse($result);
	}
Esempio n. 8
0
function update_doing($db_uch, $uid, $uname, $msg)
{
    $mtime = explode(' ', microtime());
    $doingarr = array("uid" => $uid, "username" => $uname, "dateline" => $mtime[1], "message" => $msg, "ip" => "IM");
    inserttable($db_uch, "doing", $doingarr, 1);
    updatetable($db_uch, "spacefield", array("note" => $uname), array("uid" => $uid));
    $feedarr = array("appid" => 1, "icon" => "doing", "uid" => $uid, "username" => $uname, "dateline" => $mtime[1], "title_template" => "{actor}:{message}", "body_template" => "", "body_general" => "", "image_1" => "", "image_1_link" => "", "image_2" => "", "image_2_link" => "", "image_3" => "", "image_3_link" => "", "image_4" => "", "image_4_link" => "", "target_ids" => "", "friend" => "");
    $feedarr = sstripslashes($feedarr);
    $feedarr['title_data'] = serialize(sstripslashes(array("message" => $msg)));
    $feedarr['body_data'] = serialize(sstripslashes(array()));
    $feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
    $feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
    $feedarr = sstripslashes($feedarr);
    inserttable($db_uch, "feed", $feedarr);
}
Esempio n. 9
0
 function auth($uId, $picData, $picExt = 'jpg', $isReward = false)
 {
     global $_SGLOBAL;
     $pic = base64_decode($picData);
     if (!$pic || strlen($pic) == strlen($picData)) {
         $errCode = '200';
         $errMessage = 'Error argument';
         return new APIErrorResponse($errCode, $errMessage);
     }
     $secret = md5($_SGLOBAL['timestamp'] . "\t" . $_SGLOBAL['supe_uid']);
     $picDir = S_ROOT . './data/avatar/' . substr($secret, 0, 1);
     if (!is_dir($picDir)) {
         if (!mkdir($picDir, 0777)) {
             $errCode = '300';
             $errMessage = 'Cannot create directory';
             return new APIErrorResponse($errCode, $errMessage);
         }
     }
     $picDir .= '/' . substr($secret, 1, 1);
     if (!is_dir($picDir)) {
         if (!@mkdir($picDir, 0777)) {
             $errCode = '300';
             $errMessage = 'Cannot create directory';
             return new APIErrorResponse($errCode, $errMessage);
         }
     }
     $picPath = $picDir . '/' . $secret . '.' . $picExt;
     $fp = @fopen($picPath, 'wb');
     if ($fp) {
         if (fwrite($fp, $pic) !== FALSE) {
             fclose($fp);
             //The main table
             updatetable('space', array('videostatus' => 1), array('uid' => $uId));
             //Attached table
             $fields = array('videopic' => $secret);
             updatetable('spacefield', $fields, array('uid' => $uId));
             $result = $_SGLOBAL['db']->affected_rows();
             if ($isReward) {
                 // Bonus Points
                 getreward('videophoto', 1, $uId, '', 0);
             }
             return new APIResponse($result);
         }
     }
     $errCode = '300';
     $errMessage = 'Video Auth Error';
     return new APIErrorResponse($errCode, $errMessage);
 }
Esempio n. 10
0
function insertsession($setarr)
{
    global $_SGLOBAL, $_SCONFIG;
    $_SCONFIG['onlinehold'] = intval($_SCONFIG['onlinehold']);
    if ($_SCONFIG['onlinehold'] < 300) {
        $_SCONFIG['onlinehold'] = 300;
    }
    $_SGLOBAL['db']->query("DELETE FROM " . tname('session') . " WHERE uid='{$setarr['uid']}' OR lastactivity<'" . ($_SGLOBAL['timestamp'] - $_SCONFIG['onlinehold']) . "'");
    //添加在线
    $ip = getonlineip(1);
    $setarr['lastactivity'] = $_SGLOBAL['timestamp'];
    $setarr['ip'] = $ip;
    inserttable('session', $setarr, 0, true, 1);
    //更新用户
    updatetable('space', array('lastlogin' => $_SGLOBAL['timestamp'], 'ip' => $ip), array('uid' => $setarr['uid']), 1);
}
Esempio n. 11
0
 function update($appId, $appName, $version, $displayMethod, $displayOrder = null)
 {
     global $_SGLOBAL;
     $result = true;
     $sql = "SELECT appname FROM " . tname('myapp') . " WHERE appid = {$appId}";
     $query = $_SGLOBAL['db']->query($sql);
     $row = $_SGLOBAL['db']->fetch_array($query);
     if ($row['appname'] != $appName) {
         $fields = array('appname' => $appName);
         $where = array('appid' => $appId);
         updatetable('myapp', $fields, $where);
         updatetable('userapp', $fields, $where);
         $result = $_SGLOBAL['db']->affected_rows();
     }
     $displayMethod = $displayMethod == 'iframe' ? 1 : 0;
     $this->refreshApplication($appId, $appName, $version, $displayMethod, null, null, $displayOrder);
     return new APIResponse($result);
 }
Esempio n. 12
0
/**
@param (忘记密码)通过地址栏用户名和新密码登陆
@param return null
*/
function find_pwd()
{
    global $_MooClass, $dbTablePre, $userid, $_MooCookie;
    //	if($userid){
    //		return;
    //	}
    $uid = MooGetGPC('uid', 'string', G);
    $pwd = MooGetGPC('upwd', 'string', G);
    /*	echo md5($uid).'<br>';
    	echo md5($pwd);
    	print_r($_COOKIE);
    	exit;
    */
    if ($_MooCookie['findpwd'] == md5($pwd) && md5($uid) == $_MooCookie['finduser']) {
        $newpwd = md5(base64_decode($pwd));
        //note 修改密码
        //$_MooClass['MooMySQL']->query("update {$dbTablePre}members set password = '******' where uid = '{$uid}'");
        //if(MOOPHP_ALLOW_FASTDB){
        //			MooFastdbUpdate('members','uid',$uid);
        //		}
        MooSetCookie('auth', MooAuthCode("{$uid}\t{$newpwd}", 'ENCODE'), 86400);
        //note 写入session表需要的字段值
        $online_ip = GetIP();
        $lastactive = $GLOBALS['timestamp'];
        //$uid = $user['uid'];
        //note 更新用户的最近登录ip和最近登录时间
        $updatesqlarr = array('lastip' => $online_ip, 'lastvisit' => $lastactive, 'password' => $newpwd);
        $wheresqlarr = array('uid' => $uid);
        updatetable("members_search", $updatesqlarr, $wheresqlarr);
        if (MOOPHP_ALLOW_FASTDB) {
            $val = array();
            $val['lastip'] = $online_ip;
            $val['lastvisit'] = $lastactive;
            $val['password'] = $newpwd;
            MooFastdbUpdate('members_search', 'uid', $uid, $val);
            //!!
        }
        //note 先删除表里面已存在对应用户的session
        //$_MooClass['MooMySQL']->query("DELETE FROM `{$dbTablePre}membersession` WHERE `uid` ='$uid'");
        //$_MooClass['MooMySQL']->query("REPLACE INTO `{$dbTablePre}membersession` SET `username`= '$user[username]',`password`='$user[password]',`ip` = '$online_ip',`lastactive` = '$lastactive',`uid` = '$uid'");
        return 1;
    }
    return 0;
}
Esempio n. 13
0
function wz_checkauth($wxid, $token, $mid, $op_wxid)
{
    global $_SGLOBAL;
    if ($_COOKIE['site_auth']) {
        @(list($password, $token_id) = explode(" ", authcode($_COOKIE['site_auth'], 'DECODE')));
        $_SGLOBAL['supe_token_id'] = intval($token_id);
        if ($password && $_SGLOBAL['supe_token_id']) {
            $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("wz_session") . " WHERE token_id=" . $_SGLOBAL['supe_token_id']);
            if ($session = $_SGLOBAL['db']->fetch_array($query)) {
                if ($session['password'] == $password) {
                    $token_mid = $_SGLOBAL['db']->getone('select mid from ' . tname('wz_token') . ' where id=' . $_SGLOBAL['supe_token_id']);
                    $token_op_wxid = $_SGLOBAL['db']->getone('select op_wxid from ' . tname('wz_token') . ' where id=' . $_SGLOBAL['supe_token_id']);
                    if ($token_mid == $mid && $token_op_wxid == $op_wxid) {
                        updatetable(tname('wz_token'), array('state' => 1), array('wxid' => $session['wxid'], 'mid' => $mid, 'op_wxid' => $op_wxid));
                        $_SGLOBAL['supe_wxid'] = addslashes($session['wxid']);
                        wz_insertsession($session);
                        //更新session
                        return $_SGLOBAL['supe_token_id'];
                    }
                }
            }
        }
    }
    $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("wz_token") . " WHERE wxid='" . $wxid . "' and mid=" . $mid . " and op_wxid=" . $op_wxid . " and state=0");
    if ($wz = $_SGLOBAL['db']->fetch_array($query)) {
        if ($wz['token'] == $token) {
            updatetable(tname('wz_token'), array('state' => 1), array('wxid' => $wxid, 'mid' => $mid, 'op_wxid' => $op_wxid));
            $_SGLOBAL['supe_wxid'] = addslashes($wz['wxid']);
            $session = array('token_id' => $wz['id'], 'wxid' => $_SGLOBAL['supe_wxid'], 'password' => $token);
            wz_insertsession($session);
            //登录
            $cookietime = 3600;
            //3600 * 24 * 15;
            //设置cookie
            ssetcookie('site_auth', authcode($session["password"] . ' ' . $session["token_id"], 'ENCODE'), $cookietime);
            $_SGLOBAL['supe_token_id'] = $session['token_id'];
            return $_SGLOBAL['supe_token_id'];
        }
    }
    obclean();
    ssetcookie('site_auth', '', -86400 * 365);
    return 0;
}
Esempio n. 14
0
function space_friend_stat($start, $perpage)
{
    global $_SGLOBAL;
    $next = false;
    $query = $_SGLOBAL['db']->query("SELECT uid, friend FROM " . tname('spacefield') . " LIMIT {$start},{$perpage}");
    while ($value = $_SGLOBAL['db']->fetch_array($query)) {
        $next = true;
        $fuids = array();
        $subquery = $_SGLOBAL['db']->query("SELECT fuid FROM " . tname('friend') . " WHERE uid='{$value['uid']}' AND status='1'");
        while ($subvalue = $_SGLOBAL['db']->fetch_array($subquery)) {
            $fuids[$subvalue['fuid']] = $subvalue['fuid'];
        }
        $fuidstr = implode(',', $fuids);
        if ($fuidstr != $value['friend']) {
            updatetable('spacefield', array('friend' => $fuidstr), array('uid' => $value['uid']));
        }
    }
    return $next;
}
Esempio n. 15
0
 function refreshApplication($appId, $appName, $version, $displayMethod, $narrow, $flag, $displayOrder)
 {
     global $_SGLOBAL;
     $fields = array();
     if ($appName !== null && strlen($appName) > 1) {
         $fields['appname'] = $appName;
     }
     if ($version !== null) {
         $fields['version'] = $version;
     }
     if ($displayMethod !== null) {
         // todo: remove
         $fields['displaymethod'] = $displayMethod;
     }
     if ($narrow !== null) {
         $fields['narrow'] = $narrow;
     }
     if ($flag !== null) {
         $fields['flag'] = $flag;
     }
     if ($displayOrder !== null) {
         $fields['displayorder'] = $displayOrder;
     }
     $sql = sprintf('SELECT * FROM %s WHERE appid = %d', tname('myapp'), $appId);
     $query = $_SGLOBAL['db']->query($sql);
     if ($application = $_SGLOBAL['db']->fetch_array($query)) {
         $where = sprintf('appid = %d', $appId);
         updatetable('myapp', $fields, $where);
     } else {
         $fields['appid'] = $appId;
         $result = inserttable('myapp', $fields, 1);
     }
     //update cache
     include_once S_ROOT . './source/function_cache.php';
     userapp_cache();
 }
Esempio n. 16
0
function topic_join($topicid, $uid, $username) {
	global $_SGLOBAL;
	
	$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('topicuser')." WHERE uid='$uid' AND topicid='$topicid'");
	if($value = $_SGLOBAL['db']->fetch_array($query)) {
		updatetable('topicuser', array('dateline'=>$_SGLOBAL['timestamp']), array('id'=>$value['id']));
	} else {
		$_SGLOBAL['db']->query("UPDATE ".tname('topic')." SET joinnum=joinnum+1, lastpost='$_SGLOBAL[timestamp]' WHERE topicid='$topicid'");
		$setarr = array(
			'uid' => $uid,
			'topicid' => $topicid,
			'username' => $username,
			'dateline' => $_SGLOBAL['timestamp']
		);
		inserttable('topicuser', $setarr);
	}
}
Esempio n. 17
0
    updatetable('space', $space, array('uid' => $newuid));
    if ($bp['birthday']) {
        $birth_year = intval(substr($bp['birthday'], 0, 4));
        $birth_month = intval(substr($bp['birthday'], 4, 2));
        $birth_day = intval(substr($bp['birthday'], 6, 2));
        $birthday_info = array('birthyear' => $birth_year, 'birthmonth' => $birth_month, 'birthday' => $birth_day);
        updatetable('spacefield', $birthday_info, array('uid' => $newuid));
        $_SGLOBAL['db']->query("INSERT INTO " . tname('spaceinfo') . " (type,subtype,uid,friend) VALUES ('base','birth'," . $newuid . ",1)");
    }
    if ($bp['unit']) {
        $workinfo = array('uid' => $newuid, 'type' => 'work', 'title' => $bp['unit']);
        inserttable('spaceinfo', $workinfo, 1);
    }
    if ($bp['academy'] && $bp['class'] && $bp['startyear']) {
        $eduinfo = array('uid' => $newuid, 'type' => 'edu', 'title' => '北京航空航天大学', 'subtitle' => $bp['academy'] . $bp['startyear'] . '级' . $bp['class'] . '班', 'startyear' => $bp['startyear']);
        $tagname = $bp['startyear'] . '年' . $bp['class'] . '班';
        auto_join($newuid, $tagname, $_SGLOBAL['db']);
        inserttable('spaceinfo', $eduinfo, 1);
    }
    //更新手机验证表记录
    $_SGLOBAL['db']->query("UPDATE " . tname('mobilereg') . " SET status=1 WHERE mobile = '{$mobile}' and verifycode = '{$verifycode}'");
    //设置隐私
    $_SGLOBAL['db']->query("INSERT INTO " . tname('spaceinfo') . " (type,subtype,uid,friend) VALUES ('contact','mobile'," . $newuid . ",1)");
    //更新用户手机绑定字段
    updatetable('spacefield', array('mobile' => $mobile, 'mobiletask' => 1), array('uid' => $newuid));
    //变更记录--用户登录时间
    if ($_SCONFIG['my_status']) {
        inserttable('userlog', array('uid' => $newuid, 'action' => 'add', 'dateline' => $_SGLOBAL['timestamp']), 0, true);
    }
    showmessage('registered', 'space.php?do=home', 1);
}
Esempio n. 18
0
    $ucsynlogin = uc_user_synlogin($setarr['uid']);
    //好友邀请
    if ($invitearr) {
        //成为好友
        include_once S_ROOT . './source/function_cp.php';
        invite_update($invitearr['id'], $setarr['uid'], $setarr['username'], $invitearr['uid'], $invitearr['username'], $app);
    }
    //判断用户是否设置了头像
    $setarr = array();
    $avatar_exists = ckavatar($space['uid']);
    if ($avatar_exists) {
        if (!$space['avatar']) {
            $setarr['avatar'] = 1;
            $setarr['updatetime'] = $_SGLOBAL['timestamp'];
        }
    } else {
        if ($space['avatar']) {
            $setarr['avatar'] = 0;
        }
    }
    if ($setarr) {
        updatetable('space', $setarr, array('uid' => $space['uid']));
    }
    if (empty($_POST['refer'])) {
        $_POST['refer'] = 'space.php?do=home';
    }
    showmessage('login_success', $app ? "userapp.php?id={$app}" : $_POST['refer'], 1, array($ucsynlogin));
}
$membername = empty($_SCOOKIE['loginuser']) ? '' : sstripslashes($_SCOOKIE['loginuser']);
$cookiecheck = ' checked';
include template('do_login');
Esempio n. 19
0
<?php

if (!defined('iBUAA')) {
    exit('Access Denied');
}
//idtype到含有magiccolor字段的表映射
$mapping = array('blogid' => 'blogfield', 'tid' => 'thread');
if (!isset($mapping[$idtype])) {
    showmessage('magicuse_bad_object');
}
magic_check_idtype($id, $idtype);
//彩色灯
if (submitcheck("usesubmit")) {
    //颜色代号
    $tablename = $mapping[$idtype];
    $_POST['color'] = intval($_POST['color']);
    updatetable($tablename, array('magiccolor' => $_POST['color']), array($idtype => $id, 'uid' => $_SGLOBAL['supe_uid']));
    //feed也加上颜色
    $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('feed') . " WHERE id='{$id}' AND idtype='{$idtype}' AND uid='{$_SGLOBAL['supe_uid']}'");
    $feed = $_SGLOBAL['db']->fetch_array($query);
    if ($feed) {
        $feed['body_data'] = unserialize($feed['body_data']);
        $feed['body_data'] = is_array($feed['body_data']) ? $feed['body_data'] : array();
        $feed['body_data']['magic_color'] = $_POST['color'];
        $feed['body_data'] = serialize($feed['body_data']);
        updatetable('feed', array('body_data' => $feed['body_data']), array('feedid' => $feed['feedid']));
    }
    magic_use($mid, array('id' => $id, 'idtype' => $idtype), true);
    showmessage('magicuse_success', $_POST['refer'], 0);
}
Esempio n. 20
0
    $id = intval($_GET['id']);
    $uid = $id ? getcount('blog', array('blogid' => $id), 'uid') : 0;
    showmessage('do_success', "space.php?uid={$uid}&do=blog&id={$id}", 0);
} elseif ($_GET['op'] == 'edithot') {
    //权限
    if (!checkperm('manageblog')) {
        showmessage('no_privilege');
    }
    if (submitcheck('hotsubmit')) {
        $_POST['hot'] = intval($_POST['hot']);
        updatetable('blog', array('hot' => $_POST['hot']), array('blogid' => $blog['blogid']));
        if ($_POST['hot'] > 0) {
            include_once S_ROOT . './source/function_feed.php';
            feed_publish($blog['blogid'], 'blogid');
        } else {
            updatetable('feed', array('hot' => $_POST['hot']), array('id' => $blog['blogid'], 'idtype' => 'blogid'));
        }
        showmessage('do_success', "space.php?uid={$blog['uid']}&do=blog&id={$blog['blogid']}", 0);
    }
} else {
    //添加编辑
    //获取个人分类
    $classarr = $blog['uid'] ? getclassarr($blog['uid']) : getclassarr($_SGLOBAL['supe_uid']);
    //获取相册
    $albums = getalbums($_SGLOBAL['supe_uid']);
    $tags = empty($blog['tag']) ? array() : unserialize($blog['tag']);
    $blog['tag'] = implode(' ', $tags);
    $blog['target_names'] = '';
    $friendarr = array($blog['friend'] => ' selected');
    $passwordstyle = $selectgroupstyle = 'display:none';
    if ($blog['friend'] == 4) {
Esempio n. 21
0
        $f_index = 'USE INDEX(dateline)';
        $actives = array('we' => ' class="active"');
    }
    //类型
    if ($_GET['type']) {
        $sub_actives = array('type_' . $_GET['type'] => ' class="active"');
        $wheresql .= " AND type='{$_GET['type']}'";
    } else {
        $sub_actives = array('type_all' => ' class="active"');
    }
    $list = array();
    $sid = empty($_GET['sid']) ? 0 : intval($_GET['sid']);
    $sharesql = $sid ? "sid='{$sid}' AND" : '';
    $count = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('share') . " WHERE {$sharesql} {$wheresql}"), 0);
    //update statistics
    if (empty($sharesql) && $wheresql == "uid='{$space['uid']}'" && $space['sharenum'] != $count) {
        updatetable('space', array('sharenum' => $count), array('uid' => $space['uid']));
    }
    if ($count) {
        $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('share') . " {$f_index}\r\n\t\t\tWHERE {$sharesql} {$wheresql}\r\n\t\t\tORDER BY dateline DESC\r\n\t\t\tLIMIT {$start},{$perpage}");
        while ($value = $_SGLOBAL['db']->fetch_array($query)) {
            realname_set($value['uid'], $value['username']);
            $value = mkshare($value);
            $list[] = $value;
        }
    }
    // pagination
    $multi = multi($count, $perpage, $page, $theurl . "&type={$_GET['type']}");
    realname_get();
    include_once template("space_share_list");
}
Esempio n. 22
0
function mtag_out($mtag, $uids) {
	global $_SGLOBAL;

	$_SGLOBAL['db']->query("DELETE FROM ".tname('tagspace')." WHERE tagid='$mtag[tagid]' AND uid IN (".simplode($uids).")");
	//更新成员数
	$count = getcount('tagspace', array('tagid'=>$mtag['tagid']));
	if($count > 0) {
		updatetable('mtag', array('membernum'=>$count), array('tagid'=>$mtag['tagid']));
	} else {
		$_SGLOBAL['db']->query("DELETE FROM ".tname('tagspace')." WHERE tagid='$mtag[tagid]'");
		$_SGLOBAL['db']->query("DELETE FROM ".tname('mtag')." WHERE tagid='$mtag[tagid]'");
		$_SGLOBAL['db']->query("DELETE FROM ".tname('thread')." WHERE tagid='$mtag[tagid]'");
		$_SGLOBAL['db']->query("DELETE FROM ".tname('post')." WHERE tagid='$mtag[tagid]'");
		$_SGLOBAL['db']->query("DELETE FROM ".tname('mtaginvite')." WHERE tagid='$mtag[tagid]'");
	
		//删除举报
		$_SGLOBAL['db']->query("DELETE FROM ".tname('report')." WHERE id='$mtag[tagid]' AND idtype='tagid'");
	}
}
Esempio n. 23
0
    }
    $setsqlarr['jobname'] = trim($_POST['jobname']) ? trim($_POST['jobname']) : adminmsg('您没有填写职位名称!', 1);
    $setsqlarr['amount'] = intval($_POST['amount']);
    $setsqlarr['comname'] = trim($_POST['comname']) ? trim($_POST['comname']) : adminmsg('您没有填写单位名称!', 1);
    $setsqlarr['contact'] = trim($_POST['contact']) ? trim($_POST['contact']) : adminmsg('您没有填写联系人!', 1);
    $setsqlarr['tel'] = trim($_POST['tel']) ? trim($_POST['tel']) : adminmsg('您没有填写联系电话!', 1);
    $setsqlarr['district'] = intval($_POST['district']) ? intval($_POST['district']) : adminmsg("您没有选择地区");
    $setsqlarr['sdistrict'] = intval($_POST['sdistrict']) ? intval($_POST['sdistrict']) : adminmsg("您没有选择地区");
    $district_cn = explode("/", trim($_POST['district_cn']));
    $setsqlarr['district_cn'] = $district_cn[0];
    $setsqlarr['sdistrict_cn'] = $district_cn[1];
    $setsqlarr['detailed'] = trim($_POST['detailed']);
    $setsqlarr['refreshtime'] = time();
    $days = intval($_POST['days']);
    if ($days > 0) {
        $time = $_POST['olddeadline'] > time() ? $_POST['olddeadline'] : time();
        $setsqlarr['deadline'] = strtotime("{$days} day", $time);
    }
    require_once QISHI_ROOT_PATH . 'include/splitword.class.php';
    $sp = new SPWord();
    $setsqlarr['key'] = $setsqlarr['jobname'] . $setsqlarr['comname'] . $setsqlarr['address'] . $setsqlarr['detailed'];
    $setsqlarr['key'] = "{$setsqlarr['jobname']} {$setsqlarr['comname']} " . $sp->extracttag($setsqlarr['key']);
    $setsqlarr['key'] = $sp->pad($setsqlarr['key']);
    if (updatetable(table('simple'), $setsqlarr, " id='{$id}' ")) {
        $link[0]['text'] = "返回列表";
        $link[0]['href'] = '?act=list';
        adminmsg("修改成功!", 2, $link);
    } else {
        adminmsg("修改失败!", 0);
    }
}
Esempio n. 24
0
}
if (submitcheck('setsubmit')) {
    include_once S_ROOT . './source/function_cache.php';
    cache_write('convert', "set", $_POST['set']);
    show_msg('数据库保存完成', $turl . '?step=300');
} elseif (submitcheck('opensubmit')) {
    $uid = getcount('member', array('username' => $_POST['username']), 'uid');
    if (!$uid) {
        show_msg('指定的用户名不存在,请谨慎填写管理员用户名', 'convert.php?step=18');
    }
    //写log
    if (@($fp = fopen($lockfile, 'w'))) {
        fwrite($fp, 'UCenter Home');
        fclose($fp);
    }
    updatetable('space', array('groupid' => 1), array('uid' => $uid));
    show_msg('设置管理员成功,数据转换全部完成!<br>
		<font color=blue>请立即删除本转换文件!</font><br>
		<a href="space.php">登录全新的 UCenter Home 吧</a><br>
		登录后,推荐你进行一下操作:<br>
		进入 管理平台 => 统计更新 页面,对各项统计数据进行一下重新统计。');
}
//处理开始
if (empty($_GET['step'])) {
    //开始
    $_GET['step'] = 0;
    show_msg("<span style=\"font-size:14px;\">本程序会将X-Space 3.x/4.x系列转换到 UCenter Home。</span><br><br>\r\n\t\t<strong>数据转换说明,请务必阅读</strong><br>\r\n\t\t由于UCenter Home与SupeSite/X-Space功能的不同,本转换程序,只会进行以下数据信息的转换,其他数据不做转换,请认真了解:<br><br>\r\n\t\t<table width=\"100%\" class=\"datatable\">\r\n\t\t<tr style=\"font-weight:bold;\"><td width=\"100\">X-Space</td><td width=\"100\">UCenter Home</td><td>备注</td></tr>\r\n\t\t<tr><td>用户空间数据</td><td>用户空间数据</td><td>包括空间查看数、创建时间、积分、附件使用大小、居住城市</td></tr>\r\n\t\t<tr><td>日志</td><td>日志</td></td><td>其中,日志中的自定义字段不能转换</td></tr>\r\n\t\t<tr><td>图片主题</td><td>日志</td><td>图片主题中的图片、介绍等构成这篇日志的内容。同时,图片全部转换到用户的默认相册里面</td></tr>\r\n\t\t<tr><td>文件</td><td>日志</td><td>文件的介绍、下载地址等构成这篇日志的内容</td></tr>\r\n\t\t<tr><td>商品</td><td>日志</td><td>商品价格、数量、介绍等构成这篇日志的内容</td></tr>\r\n\t\t<tr><td>视频</td><td>日志</td><td>视频的播放器、视频介绍等构成这篇日志的内容</td></tr>\r\n\t\t<tr><td>书签</td><td>日志</td><td>书签的链接、书签的介绍等沟通这篇日志的内容</td></tr>\r\n\t\t<tr><td>好友</td><td>好友</td><td>好友转换后为申请好友状态,需要对方批准一下</td></tr>\r\n\t\t<tr><td>留言</td><td>留言</td><td>其中,悄悄话变为公开的</td></tr>\r\n\t\t<tr><td>日志分类</td><td>日志分类</td></td><td>&nbsp;</td></tr>\r\n\t\t<tr><td>评论</td><td>评论</td></td><td>&nbsp;</td></tr>\r\n\t\t</table>\r\n\t\t<br>\r\n\t\t<strong>不做转换的数据</strong>:<br>\r\n\t\tSupeSite/X-Space中的广告、公告、系统分类、频道、模型、模块、收藏、友情链接、投票、资讯、采集器、专题、用户风格、脚印等数据不会做转换。\r\n\t\t<br><br>\r\n\t\t\r\n\t\t根据您的站点规模,转换数据可能需要数分钟,甚至几小时的时间<br>在此期间,请关闭X-Space站点,禁止访问,并耐心等候!<br><br>\r\n\t\t<a href=\"{$turl}?step=100\">我已经认真阅读以上规则,开始数据转换操作</a>");
} elseif ($_GET['step'] == 1) {
    $next = false;
    $query = $_SGLOBAL['db']->query("SELECT * FROM {$tpre}userspaces LIMIT {$start},{$perpage}");
    while ($value = $_SGLOBAL['db']->fetch_array($query)) {
Esempio n. 25
0
}
stat_write_static_cache($cache_file_path, $catarr);
function stat_write_static_cache($cache_file_path, $config_arr)
{
    $content = "<?php\r\n";
    $content .= "\$data = " . var_export($config_arr, true) . ";\r\n";
    $content .= "?>";
    file_put_contents($cache_file_path, $content, LOCK_EX);
}
//更新任务时间表
if ($crons['weekday'] >= 0) {
    $weekday = array('Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday');
    $nextrun = strtotime("Next " . $weekday[$crons['weekday']]);
} elseif ($crons['day'] > 0) {
    $nextrun = strtotime('+1 months');
    $nextrun = mktime(0, 0, 0, date("m", $nextrun), $crons['day'], date("Y", $nextrun));
} else {
    $nextrun = time();
}
if ($crons['hour'] >= 0) {
    $nextrun = strtotime('+1 days', $nextrun);
    $nextrun = mktime($crons['hour'], 0, 0, date("m", $nextrun), date("d", $nextrun), date("Y", $nextrun));
}
if (intval($crons['minute']) > 0) {
    $nextrun = strtotime('+1 hours', $nextrun);
    $nextrun = mktime(date("H", $nextrun), $crons['minute'], 0, date("m", $nextrun), date("d", $nextrun), date("Y", $nextrun));
}
$setsqlarr['nextrun'] = $nextrun;
$setsqlarr['lastrun'] = time();
updatetable(table('crons'), $setsqlarr, " cronid ='" . intval($crons['cronid']) . "'");
Esempio n. 26
0
        $_SGLOBAL['space_theme'] = $_SGLOBAL['space_css'] = '';
    }
}
//ᅲ○ᄑ애﾿ᅪ테ᅡᄐ
if (!$space['self'] && $_SGLOBAL['supe_uid']) {
    $query = $_SGLOBAL['db']->query("SELECT dateline FROM " . tname('visitor') . " WHERE uid='{$space['uid']}' AND vuid='{$_SGLOBAL['supe_uid']}'");
    $visitor = $_SGLOBAL['db']->fetch_array($query);
    $is_anonymous = empty($_SCOOKIE['anonymous_visit_' . $_SGLOBAL['supe_uid'] . '_' . $space['uid']]) ? 0 : 1;
    if (empty($visitor['dateline'])) {
        $setarr = array('uid' => $space['uid'], 'vuid' => $_SGLOBAL['supe_uid'], 'vusername' => $is_anonymous ? '' : $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp']);
        inserttable('visitor', $setarr, 0, true);
        show_credit();
        //ᄒᄎ틔ᅤᅤᅢ
    } else {
        if ($_SGLOBAL['timestamp'] - $visitor['dateline'] >= 300) {
            updatetable('visitor', array('dateline' => $_SGLOBAL['timestamp'], 'vusername' => $is_anonymous ? '' : $_SGLOBAL['supe_username']), array('uid' => $space['uid'], 'vuid' => $_SGLOBAL['supe_uid']));
        }
        if ($_SGLOBAL['timestamp'] - $visitor['dateline'] >= 3600) {
            show_credit();
            //1￐겨ᄆᄎ￳ᄒᄎ틔ᅤᅤᅢ
        }
    }
    //ᄑᄆ￀￸애﾿ᅪ
    getreward('visit', 1, 0, $space['uid']);
}
//ᄎ↓ᄚᄉ￀ᄒ￟
$space['magiccredit'] = 0;
if ($_SGLOBAL['magic']['gift'] && $_SGLOBAL['supe_uid']) {
    $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('magicuselog') . " WHERE uid='{$space['uid']}' AND mid='gift' LIMIT 1");
    if ($value = $_SGLOBAL['db']->fetch_array($query)) {
        $data = empty($value['data']) ? array() : unserialize($value['data']);
Esempio n. 27
0
function IHomeServiceVoteComplainOperation($params = NULL)
{
    global $_SGLOBAL;
    if ($params['uid']) {
        if ($params['uid'] <= 0) {
            $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter uid must be a positive integer.");
            return json_encode($errorMsg);
        } else {
            $query = $_SGLOBAL['db']->query("select username,name from " . tname('space') . " where uid = " . $params['uid']);
            if ($row = $_SGLOBAL['db']->fetch_array($query)) {
                if ($row['name']) {
                    $params['uname'] = $row['name'];
                } else {
                    $params['uname'] = $row['username'];
                }
            } else {
                $errorMsg = array("errorNo" => "500", "content" => "the uid is not exist");
                return json_encode($errorMsg);
            }
        }
    } else {
        $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter uid is not exist or is not a positive integer.");
        return json_encode($errorMsg);
    }
    if ($params['complainId']) {
        if ($params['complainId'] <= 0) {
            $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter complainId must be a positive integer.");
            return json_encode($errorMsg);
        } else {
            $query = $_SGLOBAL['db']->query("select uname from " . tname('complain') . " where doid = " . $params['complainId']);
            if ($row = $_SGLOBAL['db']->fetch_array($query)) {
                if (isblacklist($row['uid'])) {
                    $errorMsg = array("errorNo" => "500", "content" => "the user of complain is in blacklist.");
                    return json_encode($errorMsg);
                }
            } else {
                $errorMsg = array("errorNo" => "500", "content" => "the complain id is not exist");
                return json_encode($errorMsg);
            }
        }
    } else {
        $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter complainId is not exist or is not a positive integer.");
        return json_encode($errorMsg);
    }
    if ($params['reply_id']) {
        if ($params['reply_id'] <= 0) {
            $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter reply_id must be a positive integer.");
            return json_encode($errorMsg);
        } else {
            $query = $_SGLOBAL['db']->query("select * from " . tname('complain_op') . " where id = " . $params['reply_id']);
            if (!($row = $_SGLOBAL['db']->fetch_array($query))) {
                $errorMsg = array("errorNo" => "4001", "content" => "the reply_id isn't exist.");
                return json_encode($errorMsg);
            }
        }
    } else {
        $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter reply_id is not exist or is not a positive integer.");
        return json_encode($errorMsg);
    }
    if (!$params['vote']) {
        $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter vote is not exist.");
        return json_encode($errorMsg);
    } else {
        if ($params['vote'] != 'up' & $params['vote'] != 'down') {
            $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter vote is our of range.");
            return json_encode($errorMsg);
        }
    }
    # check over
    $query = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where doid=" . $params['complainId']);
    $complain = $_SGLOBAL['db']->fetch_array($query);
    # checked
    if ($params['vote'] == 'up') {
        $query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']);
        $updown = $_SGLOBAL['db']->fetch_array($query);
        if (!empty($updown)) {
            if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 2) {
                $errorMsg = array("errorNo" => "403", "content" => "updown again");
                return json_encode($errorMsg);
            }
            $_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 1");
            $_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum-1 where id=" . $params['reply_id']);
            $_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum-1,updownnum=updownnum-1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
        } else {
            $downarr = array();
            $downarr['opid'] = $params['reply_id'];
            $downarr['uid'] = $params['uid'];
            $downarr['updown'] = 1;
            $downarr['username'] = $params['uname'];
            $downarr['dateline'] = $_SGLOBAL['timestamp'];
            $_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum+1,updownnum=updownnum+1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id=    " . $params['reply_id'] . ")");
            inserttable("complain_op_updown", $downarr);
            $_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum+1 where id=" . $params['reply_id']);
            $q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1");
            if ($r = $_SGLOBAL['db']->fetch_array($q)) {
                updatetable('complain', array('status' => 2), array('id' => $r['id']));
                $oparr = array();
                $oparr['doid'] = $params['complainId'];
                $oparr['message'] = '';
                $oparr['uid'] = $params['uid'];
                $oparr['username'] = $params['uname'];
                $oparr['optype'] = 6;
                $oparr['dateline'] = $_SGLOBAL['timestamp'];
                $oparr['opvalue'] = 1;
                inserttable("complain_op", $oparr);
            }
        }
    } else {
        if ($params['vote'] == 'down') {
            $query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']);
            $updown = $_SGLOBAL['db']->fetch_array($query);
            if (!empty($updown)) {
                if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 1) {
                    $errorMsg = array("errorNo" => "403", "content" => "updown again");
                    return json_encode($errorMsg);
                }
                $_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 2");
                $_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum-1 where id=" . $params['reply_id']);
                $_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum-1,updownnum=updownnum-1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")");
            } else {
                $downarr = array();
                $downarr['opid'] = $params['reply_id'];
                $downarr['uid'] = $params['uid'];
                $downarr['updown'] = 2;
                $downarr['username'] = $params['uname'];
                $downarr['dateline'] = $_SGLOBAL['timestamp'];
                inserttable("complain_op_updown", $downarr);
                $_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum+1,updownnum=updownnum+1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where  id=" . $params['reply_id'] . ")");
                $_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum+1 where id=" . $params['reply_id']);
                $sql = "select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1";
                $q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1");
                if ($r = $_SGLOBAL['db']->fetch_array($q)) {
                    updatetable('complain', array('status' => 0, 'lastopid' => 0, 'dateline' => $_SGLOBAL['timestamp'], 'times' => 1, 'issendmsg' => 0), array('id' => $r['id']));
                    $note = cplang("complain_down", array("space.php?do=complain_item&doid={$complain['doid']}"));
                    notification_complain_add($complain["atuid"], "complain", $note);
                    $oparr = array();
                    $oparr['doid'] = $params['complainId'];
                    $oparr['message'] = '';
                    $oparr['uid'] = $params['uid'];
                    $oparr['username'] = $params['uname'];
                    $oparr['optype'] = 5;
                    $oparr['dateline'] = $_SGLOBAL['timestamp'];
                    $oparr['opvalue'] = 1;
                    inserttable("complain_op", $oparr);
                }
            }
        }
    }
}
Esempio n. 28
0
	[UCenter Home] (C) 2007-2008 Comsenz Inc.
	$Id: avatar.php 10586 2008-12-10 06:53:47Z liguode $
*/
if (!defined('IN_UCHOME')) {
    exit('Access Denied');
}
//判断用户是否设置了头像
$avatar_exists = trim(ckavatar($space['uid']));
if (strlen($avatar_exists) < 1) {
    showmessage('这个功能要求您的UCenter的Server端的 avatar.php 程序需要进行升级。<br>如果您是本站管理员,请通过下面的地址下载 avatar.php 文件的压缩包,并覆盖您的UCenter根目录中的同名文件即可。<br><a href="http://u.discuz.net/download/avatar.zip">http://u.discuz.net/download/avatar.zip</a>');
}
if ($avatar_exists) {
    //活动完成
    $task['done'] = 1;
    //更新用户头像标识位
    updatetable('space', array('avatar' => 1), array('uid' => $space['uid']));
    //找热门异性有头像的用户
    $wherearr = array();
    $wherearr[] = "s.uid=sf.uid";
    $wherearr[] = "s.avatar='1'";
    if ($space['sex'] == 2) {
        $title = '帅哥';
        $wherearr[] = "sf.sex='1'";
    } else {
        $title = '美女';
        $wherearr[] = "sf.sex='2'";
    }
    $nouids = $space['friend'] ? $space['friend'] . ",{$space['uid']}" : $space['uid'];
    $wherearr[] = "s.uid NOT IN ({$nouids})";
    $query = $_SGLOBAL['db']->query("SELECT s.uid,s.username,s.name,s.namestatus\r\n\t\tFROM " . tname('space') . " s, " . tname('spacefield') . " sf\r\n\t\tWHERE " . implode(' AND ', $wherearr) . "\r\n\t\tORDER BY s.friendnum DESC LIMIT 0,10");
    while ($value = $_SGLOBAL['db']->fetch_array($query)) {
Esempio n. 29
0
function download_update($setarr, $index)
{
    $wherearr = array('index' => (int) $index);
    $setarr = base_protect($setarr);
    return updatetable('download', $setarr, $wherearr) ? $index : false;
}
Esempio n. 30
0
<?php

/*
	[UCenter Home] (C) 2007-2008 Comsenz Inc.
	$Id: function_image.php 7350 2008-05-12 09:36:04Z liguode $
*/
if (!defined('IN_UCHOME')) {
    exit('Access Denied');
}
//检查对象及重复使用
$idtype = 'cid';
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('comment') . " WHERE cid = '{$id}' AND authorid = '{$_SGLOBAL['supe_uid']}'");
$value = $_SGLOBAL['db']->fetch_array($query);
if (empty($value)) {
    showmessage('magicuse_bad_object');
} elseif ($value['magicflicker']) {
    showmessage('magicuse_object_once_limit');
}
//彩虹炫
if (submitcheck("usesubmit")) {
    updatetable('comment', array('magicflicker' => 1), array('cid' => $id, 'authorid' => $_SGLOBAL['supe_uid']));
    magic_use($mid, array('id' => $id, 'idtype' => $idtype), true);
    showmessage('magicuse_success', $_POST['refer']);
}