function GetPropertiesFromDataSet($DataSet)
{
$this->ClippingID = ForceInt(@$DataSet["ClippingID"], 0);
$this->UserID = ForceInt(@$DataSet["UserID"], 0);
$this->Label = ForceString(@$DataSet["Label"], "");
$this->Contents = ForceString(@$DataSet["Contents"], "");
}
function RemoveRole($RemoveRoleID, $ReplacementRoleID)
{
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddSelect('UserID', 'u');
$s->AddJoin('Role', 'r', 'RoleID', 'u', 'RoleID', 'inner join');
$s->AddWhere('u', 'RoleID', '', $RemoveRoleID, '=');
$s->AddWhere('r', 'Unauthenticated', '', '0', '=');
$OldRoleUsers = $this->Context->Database->Select($s, $this->Name, 'RemoveRole', 'An error occurred while attempting to remove the role.');
if ($this->Context->Database->RowCount($OldRoleUsers) > 0) {
$um = $this->Context->ObjectFactory->NewContextObject($this->Context, 'UserManager');
// Reset the role for all of the affected users
$urh = $this->Context->ObjectFactory->NewObject($this->Context, 'UserRoleHistory');
$urh->RoleID = $ReplacementRoleID;
$urh->AdminUserID = $this->Context->Session->UserID;
$urh->Notes = "The user's previous role has been made obselete.";
while ($row = $this->Context->Database->GetRow($OldRoleUsers)) {
$urh->UserID = ForceInt($row['UserID'], 0);
$um->AssignRole($urh);
}
}
$s->Clear();
$s->SetMainTable('Role', 'r');
$s->AddFieldNameValue('Active', '0');
$s->AddWhere('r', 'RoleID', '', $RemoveRoleID, '=');
$this->Context->Database->Update($s, $this->Name, 'RemoveRole', 'An error occurred while attempting to remove the role.');
return 1;
}
function AddString($String, $Position = '0', $ForcePosition = '0')
{
$this->CallDelegate('AddString');
$Position = ForceInt($Position, 0);
$StringKey = count($this->Strings);
$this->Strings[] = $String;
$this->AddItemToCollection($this->PanelElements, array('Type' => 'String', 'Key' => $StringKey), $Position, $ForcePosition);
}
function GetPropertiesFromDataSet($DataSet)
{
$this->CategoryID = ForceInt(@$DataSet['CategoryID'], 0);
$this->Name = ForceString(@$DataSet['Name'], '');
$this->Description = ForceString(@$DataSet['Description'], '');
$this->DiscussionCount = ForceInt(@$DataSet['DiscussionCount'], 0);
$this->Blocked = ForceBool(@$DataSet['Blocked'], 0);
$this->RoleBlocked = ForceBool(@$DataSet['RoleBlocked'], 0);
}
function Start(&$Context, $UserID = "0")
{
if (!session_id()) {
session_start();
}
$UserID = ForceInt($UserID, 0);
if ($UserID > 0) {
$this->UserID = $UserID;
$this->SetVariable("UserID", $UserID);
} else {
$this->UserID = $this->GetVariable("UserID", "int");
}
$um = false;
// If the session vars are not defined, attempt to revalidate the session from cookies
if ($this->UserID == 0) {
// NOTE: the session object is not yet valid in the context object
$um = $Context->ObjectFactory->NewContextObject($Context, "UserManager");
$this->UserID = $um->ValidateCookieCredentials();
$this->SetVariable("UserID", $this->UserID);
}
// Now retrieve user information
if ($this->UserID > 0) {
if (!$um) {
$um = $Context->ObjectFactory->NewContextObject($Context, "UserManager");
}
$this->User = $um->GetSessionDataById($this->UserID);
$GrpTmp = $this->User->UserMainGroup;
foreach (array_keys($this->User->UserGroups) as $GrpID) {
$GrpTmp[$GrpID] = $this->User->UserGroups[$GrpID];
}
$this->SetVariable("UserGroups", @$GrpTmp);
$this->SetVariable("Settings", $this->User->Settings);
// If the session data retrieval failed for some reason, dump the user
if (!$this->User) {
$this->User = $Context->ObjectFactory->NewContextObject($Context, "User");
$this->User->Clear();
$this->UserID = 0;
}
} else {
$FauxContext = 0;
$this->User = $Context->ObjectFactory->NewObject($FauxContext, "User");
$this->User->Clear();
}
/*/ Handle Work-Safe Mode Switches
$HtmlOn = ForceIncomingString("h", "1");
if ($HtmlOn != "" && $this->UserID > 0) {
if (!$um) {
$um = $Context->ObjectFactory->NewContextObject($Context, "UserManager", $Context);
}
if (ForceBool($HtmlOn, 0)) {
$um->ShowHtml($this->UserID);
} else {
$um->HideHtml($this->UserID);
}
}*/
}
function AddControl($Event, $Control, $Position = "0")
{
$Position = ForceInt($Position, -1);
if ($Position >= 0) {
$this->InsertControlAt($this->Controls[$Event], $Control, $Position);
} else {
$this->Controls[$Event][] = $Control;
}
}
function ForceIntFrom($VariableName, $DefaultValue = 0)
{
if (isset($_GET[$VariableName])) {
return ForceInt($_GET[$VariableName], $DefaultValue);
} elseif (isset($_POST[$VariableName])) {
return ForceInt($_POST[$VariableName], $DefaultValue);
} else {
return $DefaultValue;
}
}
function GetPropertiesFromDataSet($DataSet, $ParseKeywords = '0')
{
$ParseKeywords = ForceBool($ParseKeywords, 0);
$this->SearchID = ForceInt(@$DataSet['SearchID'], 0);
$this->Label = ForceString(@$DataSet['Label'], '');
$this->Type = $this->DefineType(ForceString(@$DataSet['Type'], ''));
$this->Keywords = urldecode(ForceString(@$DataSet['Keywords'], ''));
if ($ParseKeywords) {
$this->ParseKeywords($this->Type, $this->Keywords);
}
}
function GetSearchList($RecordsToRetrieve = '0', $UserID)
{
$RecordsToRetrieve = ForceInt($RecordsToRetrieve, 0);
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s = $this->GetSearchBuilder();
$s->AddWhere('us', 'UserID', '', $UserID, '=');
if ($RecordsToRetrieve > 0) {
$s->AddLimit(0, $RecordsToRetrieve);
}
return $this->Context->Database->Select($s, $this->Name, 'GetSearchList', 'An error occurred while retrieving saved searches.');
}
function AddControl($Event, &$Control, $Position = '0')
{
$Position = ForceInt($Position, -1);
if ($Position >= 0) {
// Create the key/array if it doesn't exist yet
if (!array_key_exists($Event, $this->Controls)) {
$this->Controls[$Event] = array();
}
$this->InsertControlAt($this->Controls[$Event], $Control, $Position);
} else {
$this->Controls[$Event][] =& $Control;
}
}
function GetPropertiesFromDataSet($DataSet)
{
$this->UserID = ForceInt(@$DataSet['UserID'], 0);
$this->Username = ForceString(@$DataSet['Username'], '');
$this->FullName = ForceString(@$DataSet['FullName'], '');
$this->RoleID = ForceInt(@$DataSet['RoleID'], 0);
$this->Role = ForceString(@$DataSet['Role'], '');
$this->RoleDescription = ForceString(@$DataSet['RoleDescription'], '');
$this->RoleIcon = ForceString(@$DataSet['RoleIcon'], '');
$this->AdminUserID = ForceInt(@$DataSet['AdminUserID'], 0);
$this->AdminUsername = ForceString(@$DataSet['AdminUsername'], '');
$this->AdminFullName = ForceString(@$DataSet['AdminFullName'], '');
$this->Notes = ForceString(@$DataSet['Notes'], '');
$this->Date = UnixTimestamp(@$DataSet['Date']);
}
function GetPropertiesFromDataSet($DataSet, &$Context)
{
$this->Title = FormatHtmlStringInline(ForceString($DataSet["Name"], ""));
$this->Link = PrependString("http://", AppendFolder(agDOMAIN, "comments.php?DiscussionID=" . ForceInt($DataSet["DiscussionID"], 0)));
$this->Id = $this->Link;
$this->Published = FixDate(@$DataSet["DateCreated"]);
$this->Updated = FixDate(@$DataSet["DateLastActive"]);
$this->AuthorName = FormatHtmlStringInline(ForceString($DataSet["AuthUsername"], ""));
$this->AuthorUrl = PrependString("http://", AppendFolder(agDOMAIN, "account.php?u=" . ForceInt($DataSet["AuthUserID"], 0)));
$this->Content = $this->RemoveHtml(ForceString(@$DataSet["Body"], ""));
$this->Summary = SliceString($this->Content, 200);
$this->Summary = str_replace("\r\n", " ", $this->Content);
$this->Content = str_replace("\r\n", "<br />", $this->Content);
if (agUSE_CATEGORIES) {
$this->Category = FormatStringForDisplay(ForceString($DataSet["Category"], ""), true);
$this->CategoryLink = "http://" . AppendFolder(agDOMAIN, "?CategoryID=" . ForceInt($DataSet["CategoryID"], 0));
}
}
function MultiFileUpload_AttachmentForm(&$AttachmentManager)
{
$AttachmentForm =& $AttachmentManager->DelegateParameters['AttachmentForm'];
$AttachmentForm = '
<ul><li><label for="Attachments"><span onclick="showMultiFileUpload(); return false;" style="cursor: pointer;" id="AttachmentsLabel">[+] ' . $AttachmentManager->Context->GetDefinition("Attachments") . '</span></label>
' . $AttachmentManager->GetAttachmentsList($AttachmentManager->CommentID) . '
<div id="MultiFileUpload" style="display: none;">
<div id="AttachmentsList"></div>
<input id="AttachmentFile" type="file" name="file" class="AttachmentInput" />
</div>
</li></ul>
<script type="text/javascript" language="javascript">
function showMultiFileUpload()
{
var txtAttachments = "' . $AttachmentManager->Context->GetDefinition("Attachments") . '";
var objAttachmentsLabel = document.getElementById("AttachmentsLabel");
var objMultiFileUpload = document.getElementById("MultiFileUpload");
if (objAttachmentsLabel.innerHTML == "[-] " + txtAttachments)
{
objAttachmentsLabel.innerHTML = "[+] " + txtAttachments;
objMultiFileUpload.style.display = "none";
}
else
{
objAttachmentsLabel.innerHTML = "[-] " + txtAttachments;
objMultiFileUpload.style.display = "block";
}
}
var f = document.getElementById(\'' . $AttachmentManager->FormName . '\');
f.encoding = \'multipart/form-data\';
';
if (ForceInt($AttachmentManager->Context->Configuration['MULTI_FILE_UPLOADS'], 0) > 1) {
$AttachmentForm .= '
var multi_selector = new MultiSelector(document.getElementById("AttachmentsList"), ' . $AttachmentManager->Context->Configuration['MULTI_FILE_UPLOADS'] . ');
multi_selector.addElement(document.getElementById("AttachmentFile"));
';
}
$AttachmentForm .= '
</script>
';
}
function GetPropertiesFromDataSet($DataSet)
{
$this->RoleID = ForceInt(@$DataSet['RoleID'], 0);
$this->RoleName = ForceString(@$DataSet['Name'], '');
$this->Icon = ForceString(@$DataSet['Icon'], '');
$this->Description = ForceString(@$DataSet['Description'], '');
$this->PERMISSION_SIGN_IN = ForceBool(@$DataSet['PERMISSION_SIGN_IN'], 0);
$this->PERMISSION_HTML_ALLOWED = ForceBool(@$DataSet['PERMISSION_HTML_ALLOWED'], 0);
$this->PERMISSION_RECEIVE_APPLICATION_NOTIFICATION = ForceBool(@$DataSet['PERMISSION_RECEIVE_APPLICATION_NOTIFICATION'], 0);
$this->Unauthenticated = ForceBool(@$DataSet['Unauthenticated'], 0);
$TempPermissions = '';
$TempPermissions = ForceString(@$DataSet['Permissions'], '');
$TempPermissions = UnserializeAssociativeArray($TempPermissions);
$this->Permissions['PERMISSION_SIGN_IN'] = $this->PERMISSION_SIGN_IN;
$this->Permissions['PERMISSION_HTML_ALLOWED'] = $this->PERMISSION_HTML_ALLOWED;
$this->Permissions['PERMISSION_RECEIVE_APPLICATION_NOTIFICATION'] = $this->PERMISSION_RECEIVE_APPLICATION_NOTIFICATION;
while (list($TempKey, $TempValue) = each($TempPermissions)) {
$this->Permissions[$TempKey] = $TempValue;
}
unset($TempPermissions);
}
function HighlightTrimmedString($Haystack, $Needles, $TrimLength = '')
{
$Highlight = '<span class="Highlight">\\1</span>';
$Pattern = '#(?!<.*?)(%s)(?![^<>]*?>)#i';
$TrimLength = ForceInt($TrimLength, 0);
if ($TrimLength > 0) {
$Haystack = SliceString($Haystack, $TrimLength);
}
$WordsToHighlight = count($Needles);
if ($WordsToHighlight > 0) {
$i = 0;
for ($i = 0; $i < $WordsToHighlight; $i++) {
if (strlen($Needles[$i]) > 2) {
$CurrentWord = preg_quote($Needles[$i]);
$Regex = sprintf($Pattern, $CurrentWord);
$Haystack = preg_replace($Regex, $Highlight, $Haystack);
}
}
}
return $Haystack;
}
public function updatemyphrases()
{
$myid = $this->admin['aid'];
$page = ForceIntFrom('p', 1);
//页码
if (IsPost('updatemyphrases')) {
$pids = $_POST['pids'];
$sorts = $_POST['sorts'];
$activateds = $_POST['activateds'];
$msgs = $_POST['msgs'];
$msg_ens = $_POST['msg_ens'];
for ($i = 0; $i < count($pids); $i++) {
$pid = ForceInt($pids[$i]);
APP::$DB->exe("UPDATE " . TABLE_PREFIX . "phrase SET sort = '" . ForceInt($sorts[$i]) . "',\r\n\t\t\t\t\tactivated = '" . ForceInt($activateds[$i]) . "',\r\n\t\t\t\t\tmsg = '" . ForceString($msgs[$i]) . "',\r\n\t\t\t\t\tmsg_en = '" . ForceString($msg_ens[$i]) . "'\t\t\t\t\t\r\n\t\t\t\t\tWHERE pid = '{$pid}' AND aid='{$myid}'");
}
} else {
$deletepids = $_POST['deletepids'];
for ($i = 0; $i < count($deletepids); $i++) {
$pid = ForceInt($deletepids[$i]);
APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "phrase WHERE pid = '{$pid}' AND aid='{$myid}'");
}
}
Success('myphrases?p=' . $page);
}
function Start(&$Context, $Authenticator, $UserID = '0')
{
$UserManager = false;
// If the UserID is not explicitly defined (ie. by some vanilla-based login module),
// retrieve the authenticated UserID from the Authenticator module.
$this->UserID = ForceInt($UserID, 0);
if ($this->UserID == 0) {
$this->UserID = $Authenticator->GetIdentity();
}
// Now retrieve user information
if ($this->UserID > 0) {
$UserManager = $Context->ObjectFactory->NewContextObject($Context, 'UserManager');
$this->User = $UserManager->GetSessionDataById($this->UserID);
// If the session data retrieval failed for some reason, dump the user
if (!$this->User) {
$this->User = $Context->ObjectFactory->NewContextObject($Context, 'User');
$this->User->Clear();
$this->UserID = 0;
}
} else {
$this->User = $Context->ObjectFactory->NewContextObject($Context, 'User');
$this->User->Clear();
}
}
function ValidateWhisperUsername(&$Comment)
{
if ($Comment->WhisperUsername != "") {
$Name = FormatStringForDatabaseInput($Comment->WhisperUsername);
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
$s->SetMainTable("User", "u");
$s->AddSelect("UserID", "u");
$s->AddWhere("Name", $Name, "=");
$Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "ValidateWhisperUsername", "An error occurred while attempting to validate the username entered as the whisper recipient.");
while ($Row = $this->Context->Database->GetRow($Result)) {
$Comment->WhisperUserID = ForceInt($Row["UserID"], 0);
}
if ($Comment->WhisperUserID == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrWhisperInvalid"));
}
}
return $this->Context->WarningCollector->Iif();
}
function RetrieveConfigurationPropertiesFromXml($Path)
{
$FauxContext = "0";
if ($this->ConfigFile == "") {
$this->ErrorManager->AddError($FauxContext, $this->Name, "RetrieveConfigurationPropertiesFromXml", "You must supply a path to the configuration file");
}
// Retrieve config file contents
$File = new File();
$File->Name = $this->ConfigFile;
$File->Path = $Path;
$FileManager = new FileManager();
$FileManager->ErrorManager =& $this->ErrorManager;
$File = $FileManager->Get($File);
// If there were errors retrieving the config file and we're in the CWD, report an error
if ($this->ErrorManager->ErrorCount > 0 && $Path == $this->CurrentWorkingDirectory) {
$this->ErrorManager->Clear();
$this->ErrorManager->AddError($FauxContext, $this->Name, "RetrieveConfigurationPropertiesFromXml", "The root configuration file could not be found/read (_config.xml).");
// If failed to retrieve the file from a non-root directory,
// just accept the root file
} elseif ($this->ErrorManager->ErrorCount > 0) {
$this->ErrorManager->Clear();
// If no errors occurred, continue to retrieve new configuration settings
} else {
// Create an XML Parser to retrieve configuration settings
$XMan = new XmlManager();
$XMan->ErrorManager =& $this->ErrorManager;
$MyConfig = $XMan->ParseNode($File->Body);
if ($MyConfig && $this->ErrorManager->ErrorCount == 0) {
$this->StyleUrl = $XMan->GetNodeValueByName($MyConfig, "StyleUrl");
$this->PageTitle = $XMan->GetNodeValueByName($MyConfig, "PageTitle");
$this->PageIntroduction = $XMan->GetNodeValueByName($MyConfig, "PageIntroduction");
$this->PageIntroduction = str_replace("[", "<", $this->PageIntroduction);
$this->PageIntroduction = str_replace("]", ">", $this->PageIntroduction);
$this->PageIntroduction = str_replace("\n", "<br />", $this->PageIntroduction);
$this->DisplayHiddenFiles = $XMan->GetNodeValueByName($MyConfig, "DisplayHiddenFiles");
$this->BrowseSubFolders = $XMan->GetNodeValueByName($MyConfig, "BrowseSubFolders");
$this->SortBy = $XMan->GetNodeValueByName($MyConfig, "SortBy");
$this->SortDirection = $XMan->GetNodeValueByName($MyConfig, "SortDirection");
$this->DateFormat = $XMan->GetNodeValueByName($MyConfig, "DateFormat");
$this->UsePageIntroductionInSubFolders = ForceBool($XMan->GetNodeValueByName($MyConfig, "UsePageIntroductionInSubFolders"), false);
$this->PluginHeight = ForceInt($XMan->GetNodeValueByName($MyConfig, "PluginHeight"), $this->PluginHeight);
$this->PluginWidth = ForceInt($XMan->GetNodeValueByName($MyConfig, "PluginWidth"), $this->PluginWidth);
$this->FilesPerPage = ForceIncomingInt("fpp", ForceInt($XMan->GetNodeValueByName($MyConfig, "FilesPerPage"), $this->FilesPerPage));
$this->MaxFilesPerPage = ForceInt($XMan->GetNodeValueByName($MyConfig, "MaxFilesPerPage"), $this->MaxFilesPerPage);
$this->FitImagesToPage = ForceBool($XMan->GetNodeValueByName($MyConfig, "FitImagesToPage"), $this->FitImagesToPage);
$this->UseThumbnails = ForceBool($XMan->GetNodeValueByName($MyConfig, "UseThumbnails"), $this->UseThumbnails);
$this->HideFiles = explode(",", $XMan->GetNodeValueByName($MyConfig, "HideFiles"));
for ($i = 0; $i < count($this->HideFiles); $i++) {
$this->FullyQualifiedHideFiles[] = $this->CurrentBrowsingDirectory . "/" . $this->HideFiles[$i];
}
}
}
return $this->ErrorManager->Iif();
}
function GetIdentity()
{
if (!session_id()) {
session_start();
}
$UserID = ForceInt(@$_SESSION[$this->Context->Configuration['SESSION_USER_IDENTIFIER']], 0);
if ($UserID == 0) {
// UserID wasn't found in the session, so attempt to retrieve it from the cookies
// Retrieve cookie values
$EncryptedUserID = ForceIncomingCookieString($this->Context->Configuration['COOKIE_USER_KEY'], '');
$VerificationKey = ForceIncomingCookieString($this->Context->Configuration['COOKIE_VERIFICATION_KEY'], '');
if ($EncryptedUserID != '' && $VerificationKey != '') {
// Compare against db values
// Sadly, because this class is meant to be an interface for distributed objects, I can't use any of the error checking in the Lussumo Framework
$Query = "select UserID\n\t\t\t\t\tfrom LUM_User\n\t\t\t\t\twhere VerificationKey = '" . FormatStringForDatabaseInput($VerificationKey) . "'";
$Result = $this->Context->Database->Execute($Query, 'Authenticator', 'GetIdentity', 'An error occurred while attempting to validate your remember me credentials');
if ($Result) {
$UserID = 0;
while ($rows = $this->Context->Database->GetRow($Result)) {
if ($EncryptedUserID == md5($rows['UserID'])) {
$UserID = ForceInt($rows['UserID'], 0);
$EncryptedUserID = $rows['EncryptedUserID'];
break;
}
}
if ($UserID > 0) {
// 1. Set a new verification key
$VerificationKey = DefineVerificationKey();
// 2. Update the user's information
$this->UpdateLastVisit($UserID, $VerificationKey);
// 3. Set the 'remember me' cookies
$this->SetCookieCredentials($EncryptedUserID, $VerificationKey);
// 4. Log the user's IP address
$this->LogIp($UserID);
}
}
}
}
// If it has now been found, set up the session.
$this->AssignSessionUserID($UserID);
return $UserID;
}
public function index()
{
$NumPerPage = 10;
$page = ForceIntFrom('p', 1);
$search = ForceStringFrom('s');
$groupid = ForceStringFrom('g');
if (IsGet('s')) {
$search = urldecode($search);
}
$start = $NumPerPage * ($page - 1);
SubMenu('记录列表', array(array('记录列表', 'messages', 1)));
TableHeader('搜索及快速删除');
TableRow('<center><form method="post" action="' . BURL('messages') . '" name="searchmessages" style="display:inline-block;*display:inline;"><label>关键字:</label> <input type="text" name="s" size="18"> <label>分类:</label> <select name="g"><option value="0">全部</option><option value="1" ' . Iif($groupid == '1', 'SELECTED') . ' class=red>客人的发言</option><option value="2" ' . Iif($groupid == '2', 'SELECTED') . '>客服的发言</option></select> <input type="submit" value="搜索记录" class="cancel"></form>
<form method="post" action="' . BURL('messages/fastdelete') . '" name="fastdelete" style="display:inline-block;margin-left:80px;*display:inline;"><label>快速删除记录:</label> <select name="days"><option value="0">请选择 ...</option><option value="360">12个月前的对话记录</option><option value="180"> 6 个月前的对话记录</option><option value="90"> 3 个月前的对话记录</option><option value="30"> 1 个月前的对话记录</option></select> <input type="submit" value="快速删除" class="save" onclick="var _me=$(this);showDialog(\'确定删除所选记录吗?\', \'确认操作\', function(){_me.closest(\'form\').submit();});return false;"></form></center>');
TableFooter();
if ($search) {
if (preg_match("/^[1-9][0-9]*\$/", $search)) {
$s = ForceInt($search);
$searchsql = " WHERE mid = '{$s}' OR fromid = '{$s}' OR toid = '{$s}' ";
//按ID搜索
$title = "搜索ID号为: <span class=note>{$s}</span> 的记录";
} else {
$searchsql = " WHERE (fromname LIKE '%{$search}%' OR toname LIKE '%{$search}%' OR msg LIKE '%{$search}%') ";
$title = "搜索: <span class=note>{$search}</span> 的记录列表";
}
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " AND type = " . Iif($groupid == 1, 0, 1) . " ";
$title = "在 <span class=note>" . Iif($groupid == 1, '客人的发言', '客服的发言') . "</span> 中, " . $title;
}
}
} else {
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " WHERE type = " . Iif($groupid == 1, 0, 1) . " ";
$title = "全部 <span class=note>" . Iif($groupid == 1, '客人的发言', '客服的发言') . "</span> 列表";
}
} else {
$searchsql = '';
$title = '全部记录列表';
}
}
$getmessages = APP::$DB->query("SELECT * FROM " . TABLE_PREFIX . "msg " . $searchsql . " ORDER BY mid DESC LIMIT {$start},{$NumPerPage}");
$maxrows = APP::$DB->getOne("SELECT COUNT(mid) AS value FROM " . TABLE_PREFIX . "msg " . $searchsql);
echo '<form method="post" action="' . BURL('messages/updatemessages') . '" name="messagesform">
<input type="hidden" name="p" value="' . $page . '">';
TableHeader($title . '(' . $maxrows['value'] . '个)');
TableRow(array('ID', '发送人', '对话内容', '接收人', '记录时间', '<input type="checkbox" id="checkAll" for="deletemids[]"> <label for="checkAll">删除</label>'), 'tr0');
if ($maxrows['value'] < 1) {
TableRow('<center><BR><font class=redb>未搜索到任何记录!</font><BR><BR></center>');
} else {
while ($msg = APP::$DB->fetch($getmessages)) {
TableRow(array($msg['mid'], "<a title=\"编辑\" href=\"" . Iif($msg['type'], BURL('users/edit?aid=' . $msg['fromid']), BURL('guests/edit?gid=' . $msg['fromid'])) . "\">{$msg['fromname']}</a>", getSmile($msg['msg']), "<a title=\"编辑\" href=\"" . Iif($msg['type'], BURL('guests/edit?gid=' . $msg['toid']), BURL('users/edit?aid=' . $msg['toid'])) . "\">{$msg['toname']}</a>", DisplayDate($msg['time'], '', 1), '<input type="checkbox" name="deletemids[]" value="' . $msg['mid'] . '">'));
}
$totalpages = ceil($maxrows['value'] / $NumPerPage);
if ($totalpages > 1) {
TableRow(GetPageList(BURL('messages'), $totalpages, $page, 10, 's', urlencode($search), 'g', $groupid));
}
}
TableFooter();
PrintSubmit('删除记录', '', 1, '确定删除所选记录吗?');
}
$DB->exe("UPDATE " . TABLE_PREFIX . "usergroup SET displayorder = '" . ForceInt($displayorders[$i]) . "',\r\n\t\tgroupname = '" . Iif($groupname, $groupname, '未命名') . "',\r\n\t\tgroupename = '" . Iif($groupename, $groupename, 'No name') . "',\r\n\t\tactivated = '" . ForceInt($activateds[$i]) . "',\r\n\t\tdescription = '" . ForceString($descriptions[$i]) . "',\r\n\t\tdescriptionen = '" . ForceString($descriptionens[$i]) . "'\r\n\t\tWHERE usergroupid = '" . ForceInt($usergroupids[$i]) . "'");
}
if (!storeCache()) {
//更新小面板在线客服缓存文件
$errortitle = '更新客服缓存错误';
$errors = '客服群组信息已保存到数据库, 但更新在线客服缓存文件失败, 前台客服小面板状态无法更新! 请检查cache/目录是否存在或可写?';
$action = 'default';
} else {
GotoPage('admin.groups.php', 1);
}
}
//########### DELETE GROUPS ###########
if ($action == 'deletegroups') {
$deleteusergroupids = $_POST['deleteusergroupids'];
for ($i = 0; $i < count($deleteusergroupids); $i++) {
$DB->exe("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid <>1 AND usergroupid = '" . ForceInt($deleteusergroupids[$i]) . "'");
}
GotoPage('admin.groups.php', 1);
}
//########### CREATE GROUP ###########
if ($action == 'creatgroup') {
$groupname = ForceIncomingString('groupname');
$groupename = ForceIncomingString('groupename');
$description = ForceIncomingString('description');
$descriptionen = ForceIncomingString('descriptionen');
if ($groupname == '') {
$errors[] = "群组名称不能为空!";
}
if ($groupename == '') {
$errors[] = "群组英文名称不能为空!";
}
function ValidateWhisperUsername(&$Comment)
{
if ($Comment->WhisperUsername != '') {
$Name = FormatStringForDatabaseInput($Comment->WhisperUsername);
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddSelect('UserID', 'u');
$s->AddWhere('u', 'Name', '', $Name, '=');
$Result = $this->Context->Database->Select($s, $this->Name, 'ValidateWhisperUsername', 'An error occurred while attempting to validate the username entered as the whisper recipient.');
while ($Row = $this->Context->Database->GetRow($Result)) {
$Comment->WhisperUserID = ForceInt($Row['UserID'], 0);
}
if ($Comment->WhisperUserID == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrWhisperInvalid'));
}
}
return $this->Context->WarningCollector->Iif();
}
function GetInactiveUsers($DaysOfMembership = "0")
{
$MembershipDate = SubtractDaysFromTimeStamp(mktime(), $DaysOfMembership);
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
$s->SetMainTable("User", "u");
$s->AddSelect("UserID", "u");
$s->AddWhere("CountComments", "0", "=", "and", "", 0, 1);
$s->AddWhere("CountComments", "0", "=", "or");
$s->EndWhereGroup();
$s->AddWhere("CountDiscussions", "0", "=", "and", "", 0, 1);
$s->AddWhere("CountDiscussions", "0", "=", "or");
$s->EndWhereGroup();
if ($DaysOfMembership > 0) {
$s->AddWhere("DateFirstVisit", MysqlDateTime($MembershipDate), "<");
}
$Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "Constructor", "An error occurred while attempting to retrieve inactive user statistics.");
$this->InactiveUsers = 0;
$aInactiveUsers = array();
while ($Row = $this->Context->Database->GetRow($Result)) {
$aInactiveUsers[] = ForceInt($Row["UserID"], 0);
}
if (count($aInactiveUsers) > 0) {
// Now (of these users), remove ones that have whispered
$s->Clear();
$s->SetMainTable("DiscussionUserWhisperFrom", "wf");
$s->AddSelect("WhisperFromUserID", "wf");
$s->AddWhere("WhisperFromUserID", "(" . implode(",", $aInactiveUsers) . ")", "in", "and", "", 0);
$Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "Constructor", "An error occurred while attempting to retrieve inactive user statistics.");
$CurrentWhisperUserID = 0;
while ($Row = $this->Context->Database->GetRow($Result)) {
$CurrentWhisperUserID = ForceInt($Row["WhisperFromUserID"], 0);
$Key = array_search($CurrentWhisperUserID, $aInactiveUsers);
if ($Key !== false) {
array_splice($aInactiveUsers, $Key, 1);
}
}
}
if (count($aInactiveUsers) > 0) {
// Now (of these users), remove ones that have received whispers
$s->Clear();
$s->SetMainTable("DiscussionUserWhisperTo", "wt");
$s->AddSelect("WhisperToUserID", "wt");
$s->AddWhere("WhisperToUserID", "(" . implode(",", $aInactiveUsers) . ")", "in", "and", "", 0);
$Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "Constructor", "An error occurred while attempting to retrieve inactive user statistics.");
$CurrentWhisperUserID = 0;
while ($Row = $this->Context->Database->GetRow($Result)) {
$CurrentWhisperUserID = ForceInt($Row["WhisperToUserID"], 0);
$Key = array_search($CurrentWhisperUserID, $aInactiveUsers);
if ($Key !== false) {
array_splice($aInactiveUsers, $Key, 1);
}
}
}
return $aInactiveUsers;
}
<?php
// +---------------------------------------------+
// | Copyright 2010 - 2028 WeLive |
// | http://www.weentech.com |
// | This file may not be redistributed. |
// +---------------------------------------------+
define('AUTH', true);
define('AJAX', true);
include 'includes/welive.Core.php';
$uid = ForceIncomingInt('uid');
$gid = ForceIncomingInt('gid', 0);
$act = ForceIncomingString('act');
$ajax_last = ForceIncomingFloat('ajax_last');
$lastlogin = ForceInt(ForceIncomingCookie('last' . COOKIE_KEY));
if (!$uid) {
die('Hacking!');
} elseif (ForceIncomingCookie('weliveU' . COOKIE_KEY) != md5(WEBSITE_KEY . $uid . $_CFG['cKillRobotCode'])) {
setcookie('weliveU' . COOKIE_KEY, '', 0, '/');
die('Hacking!');
}
$mktime = explode(' ', microtime());
$realtime = $mktime[1];
$minitime = $mktime[0];
$lastlogin = Iif($lastlogin, $lastlogin - 3600, $realtime - 3600 * 12);
$guests = '';
$msgs = '';
$getguests = $DB->query("SELECT guestid, guestip, browser, lang, isonline, isbanned, fromurl FROM " . TABLE_PREFIX . "guest WHERE serverid = '{$uid}' AND created > {$lastlogin} ORDER BY created ASC");
while ($guest = $DB->fetch($getguests)) {
$guests .= $guest['guestid'] . '|||' . $guest['guestip'] . '|||' . $guest['browser'] . '|||' . $guest['lang'] . '|||' . $guest['isonline'] . '|||' . $guest['isbanned'] . '|||' . $guest['fromurl'] . '^^^';
}
$Context->WarningCollector->Add("An error occurred while adding LUM_Role.UnAuthenticated. MySQL reported the following error: <code>" . mysql_error($Connection) . '</code>');
}
}
}
// 1c. Retrieve current permissions, serialize, and resave as long as the MasterAdmin column was present
if (in_array('MasterAdmin', $RoleColumns)) {
// Get an updated version of the columns in the database (Because some were changed above)
$RoleColumns = GetColumns($Connection, $DatabaseTables['Role']);
$SelectSQL = "select " . implode(',', $RoleColumns) . " from " . $DatabaseTables['Role'];
$RoleData = @mysql_query($SelectSQL, $Connection);
if (!$RoleData) {
$Context->WarningCollector->Add("An error occurred while retrieving existing role data. MySQL reported the following error: <code>" . mysql_error($Connection) . "</code>");
} else {
$Permissions = array();
while ($Row = mysql_fetch_array($RoleData)) {
$RoleID = ForceInt($Row['RoleID'], 0);
$Permissions['PERMISSION_ADD_COMMENTS'] = ForceBool(@$Row['CanPostComment'], 0);
$Permissions['PERMISSION_START_DISCUSSION'] = ForceBool(@$Row['CanPostDiscussion'], 0);
// Discussion Moderator Permissions
$Permissions['PERMISSION_SINK_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0);
$Permissions['PERMISSION_STICK_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0);
$Permissions['PERMISSION_HIDE_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0);
$Permissions['PERMISSION_CLOSE_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0);
$Permissions['PERMISSION_EDIT_DISCUSSIONS'] = ForceBool(@$Row['AdminCategories'], 0);
$Permissions['PERMISSION_VIEW_HIDDEN_DISCUSSIONS'] = ForceBool(@$Row['ShowAllWhispers'], 0);
$Permissions['PERMISSION_EDIT_COMMENTS'] = ForceBool(@$Row['AdminCategories'], 0);
$Permissions['PERMISSION_HIDE_COMMENTS'] = ForceBool(@$Row['AdminCategories'], 0);
$Permissions['PERMISSION_VIEW_HIDDEN_COMMENTS'] = ForceBool(@$Row['ShowAllWhispers'], 0);
$Permissions['PERMISSION_ADD_COMMENTS_TO_CLOSED_DISCUSSION'] = ForceBool(@$Row['AdminCategories'], 0);
$Permissions['PERMISSION_ADD_CATEGORIES'] = ForceBool(@$Row['AdminCategories'], 0);
$Permissions['PERMISSION_EDIT_CATEGORIES'] = ForceBool(@$Row['AdminCategories'], 0);
// +---------------------------------------------+
define('AUTH', true);
include 'includes/welive.Core.php';
include BASEPATH . 'includes/welive.Admin.php';
if ($userinfo['usergroupid'] != 1) {
exit;
}
$action = ForceIncomingString('action', 'default');
PrintHeader($userinfo['username'], 'messages');
//########### DELETE COMMENTS ###########
if ($action == 'deletecomments') {
$deletecommentids = $_POST['deletecommentids'];
$page = ForceIncomingInt('p');
$uid = ForceIncomingInt('u');
for ($i = 0; $i < count($deletecommentids); $i++) {
$DB->query("DELETE FROM " . TABLE_PREFIX . "msg WHERE msgid = '" . ForceInt($deletecommentids[$i]) . "'");
}
GotoPage('admin.messages.php' . Iif($page, '?p=' . $page . Iif($uid, '&u=' . $uid), Iif($uid, '?u=' . $uid)), 1);
}
//########### FAST DELETE COMMENTS ###########
if ($action == 'fastdelete') {
$days = ForceIncomingInt('days');
$uid = ForceIncomingInt('u');
$realtime = time();
$searchsql = Iif($uid, " WHERE fromid ='{$uid}' ", "");
$searchsql .= Iif($searchsql, Iif($days, " AND created < " . $realtime - 3600 * 24 * $days), Iif($days, " WHERE created < " . $realtime - 3600 * 24 * $days));
$DB->query("DELETE FROM " . TABLE_PREFIX . "msg " . $searchsql);
GotoPage('admin.messages.php' . Iif($uid, '?u=' . $uid), 1);
}
//########### PRINT DEFAULT ###########
if ($action == 'default') {
function RewindDataSet(&$DataSet, $Position = '0')
{
$Position = ForceInt($Position, 0);
sqlite_seek($DataSet, $Position);
}
/**
* Validate user's Verification
*
* Return user's id
*
* @param int $UserID
* @param string $VerificationKey
* @return unknown
*/
function ValidateVerificationKey($UserID, $VerificationKey)
{
$UserID = ForceInt($UserID, 0);
$VerificationKey = FormatStringForDatabaseInput($VerificationKey);
if ($UserID && $VerificationKey) {
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddSelect('UserID', 'u');
$s->AddWhere('u', 'UserID', '', $UserID, '=');
$s->AddWhere('u', 'VerificationKey', '', $VerificationKey, '=');
$Result = $this->Context->Database->Select($s, $this->Name, 'VerifyVerificationKey', 'An error occurred while attempting to validate your remember me credentials');
if ($Result) {
$UserID = 0;
while ($rows = $this->Context->Database->GetRow($Result)) {
$UserID = ForceInt($rows['UserID'], 0);
}
return $UserID;
}
}
return 0;
}
function CommentLinks_LocateComment(&$Head)
{
$Context =& $Head->Context;
$cm = $Context->ObjectFactory->NewContextObject($Context, 'CommentManager');
$c = $Context->ObjectFactory->NewContextObject($Context, 'Comment');
$c = $cm->GetCommentByID(ForceIncomingInt('CommentID', 0), $Context->Session->UserID);
// Insufficient permissions & not logged in, go to the sign-in form
if (!$Context->Session->UserID && $c) {
if ($c->WhisperUserID || $c->DiscussionWhisperUserID) {
CommentLinks_GoSignIn($Context);
}
}
if ($c && $Context->WarningCollector->Iif()) {
// A lot of overhead--might be better to just build my own query, but this is easier
$dm = $Context->ObjectFactory->NewContextObject($Context, 'DiscussionManager');
$d = $Context->ObjectFactory->NewContextObject($Context, 'Discussion');
$d = $dm->GetDiscussionByID($c->DiscussionID);
if ($d && $d->Active || $Context->Session->User->Permission('PERMISSION_VIEW_HIDDEN_DISCUSSIONS') && $Context->Session->User->Preference('ShowDeletedDiscussions')) {
// Figure out which page the comment is on. A binary search would be more efficient for huge threads
$PageCount = CalculateNumberOfPages($cm->GetCommentCount($c->DiscussionID), $Context->Configuration['COMMENTS_PER_PAGE']);
$CurrentPage = 0;
$FoundComment = 0;
while ($CurrentPage <= $PageCount && !$FoundComment) {
$CommentData = $cm->GetCommentList($Context->Configuration['COMMENTS_PER_PAGE'], ++$CurrentPage, $c->DiscussionID);
$RowPosition = 0;
while ($Row = $Context->Database->GetRow($CommentData)) {
$RowPosition++;
if (ForceInt($Row['CommentID'], 0) == $c->CommentID) {
$FoundComment = 1;
break;
}
}
}
if (!$FoundComment) {
$Context->WarningCollector->Add($Context->GetDefinition('ErrCommentNotFound'));
}
} else {
// Discussion is either missing or deleted. If deleted, say it can't be found.
if (!$d->Active) {
$Context->WarningCollector->Add($Context->GetDefinition('ErrCommentNotFound'));
}
}
// If all is well, 302 to the comment's location
if ($Context->WarningCollector->Iif()) {
$Suffix = $Context->Configuration['URL_BUILDING_METHOD'] == 'mod_rewrite' ? cleanupstring($d->Name) . '/' : '';
$Anchor = CommentLinks_YELLOWFADE ? '#Comment_' . $c->CommentID : '#Item_' . $RowPosition;
$Url = GetUrl($Context->Configuration, 'comments.php', '', 'DiscussionID', $d->DiscussionID, $CurrentPage, $Anchor, $Suffix);
header('Location: ' . str_replace('&', '&', $Url));
$Context->unload();
exit(0);
}
} else {
//Comment probably belongs to a private category
if (!$Context->Session->UserID && $c) {
CommentLinks_GoSignIn($Context);
}
}
}
