function sign_modify($uid, $signature) { $uid = max(0, (int) $uid); if ($uid < 1) { return jerror('【UID不能为空】请先登录或者注册一个帐号'); } $user = jsg_member_info($uid); if (!$user) { return jerror('请指定一个正确的UID'); } if (jdisallow($uid)) { return jerror('您无权修改此用户签名'); } $signature = jhtmlspecialchars(cutstr(trim(strip_tags($signature)), 32)); $f_rets = filter($signature); if ($f_rets && $f_rets['error']) { return jerror($f_rets['msg']); } if ($signature != $user['signature']) { $sys_config = jconf::get(); if ($sys_config['sign_verify'] && $signature) { $count = DB::result_first("select count(*) from " . TABLE_PREFIX . "members_verify where uid = '{$uid}'"); if ($count) { DB::query("update " . TABLE_PREFIX . "members_verify set signature = '{$signature}' , is_sign = 1 where uid = '{$uid}'"); } else { DB::query("insert into " . TABLE_PREFIX . "members_verify (uid,nickname,signature,is_sign) values ('{$uid}','{$user['nickname']}','{$signature}',1)"); } if ($sys_config['notice_to_admin']) { $pm_post = array('message' => $user['nickname'] . " 修改了签名进入审核,<a href='admin.php?mod=verify&code=fs_verify' target='_blank'>点击</a>进入审核。", 'to_user' => str_replace('|', ',', $sys_config['notice_to_admin'])); $admin_info = jsg_member_info(1); jlogic('pm')->pmSend($pm_post, $admin_info['uid'], $admin_info['username'], $admin_info['nickname']); } return jerror('个性签名修改成功,管理员审核中'); } else { $sets = array('signature' => $signature, 'signtime' => TIMESTAMP); DB::update('members', $sets, " `uid`='{$uid}' "); } } return $signature; }
function pmSend($post, $suid = MEMBER_ID, $susername = MEMBER_NAME, $snickname = MEMBER_NICKNAME) { if (jaccess('pm', 'send', $suid) == false) { return 6; } $to_user_list = array(); $f_rets = filter($post['message']); if ($f_rets) { if ($f_rets['error']) { return $f_rets['msg']; } } $post['subject'] = jhtmlspecialchars(trim($post['subject'])); $p_to_user = $post['to_user']; if (empty($p_to_user)) { return 2; } $this->_process_content($post['message']); if ($post['message'] == '') { return 1; } $p_to_user = (array) $p_to_user; $nks = array(); foreach ($p_to_user as $tmps) { $tmps = (string) $tmps; if (false !== strpos($tmps, ',')) { $_tmps = explode(',', $tmps); foreach ($_tmps as $_tmp) { $nk = addslashes($_tmp); $nks[$nk] = $nk; } } else { $nk = addslashes($tmps); $nks[$nk] = $nk; } } $sql = "\r\n\t\tSELECT\r\n\t\t\t`uid`,`username`,`nickname`,`notice_pm`,`email`,`email_checked`,`newpm`,`at_new`,`event_new`,`fans_new`,`vote_new`,`qun_new`,`dig_new`,`channel_new`,`company_new`,`comment_new`,`user_notice_time`,`lastactivity`\r\n\t\tFROM\r\n\t\t\t" . TABLE_PREFIX . 'members' . "\r\n\t\tWHERE `nickname` IN (" . jimplode($nks) . ") ORDER BY `uid` limit 100"; $query = $this->DatabaseHandler->Query($sql); $to_uids = array(); while ($row = $query->GetRow()) { if ($suid == MEMBER_ID) { if (is_blacklist($suid, $row['uid'])) { return '你在' . $row['nickname'] . '的黑名单中,不被允许发私信'; } } $rets = jsg_role_check_allow('sendpm', $row['uid'], $suid); if ($rets && $rets['error']) { return $rets['error']; } else { $to_user_list[$row['uid']] = $row; $to_uids[$row['uid']] = $row['uid']; } } ios_push_msg($to_uids, '你有新消息:1条私信'); if ($to_user_list == false) { return 3; } $time = time(); foreach ($to_user_list as $to_user_id => $to_user_name) { $data = array("msgfrom" => $susername, "msgnickname" => $snickname, "msgfromid" => $suid, "msgto" => $to_user_name['username'], "tonickname" => $to_user_name['nickname'], "msgtoid" => $to_user_id, 'imageids' => $post['imageids'], 'attachids' => $post['attachids'], "subject" => $post['subject'], "message" => $post['message'], "new" => '1', "dateline" => $time); if ($post["save_to_outbox"]) { $data['folder'] = "outbox"; $msg = "消息已经保存草稿箱"; } $uids = ''; if ($suid > $to_user_id) { $uids = $to_user_id . "," . $suid; } else { $uids = $suid . "," . $to_user_id; } $plid = 0; if (!$msg) { $lastmessage = addslashes(serialize($data)); $plid = DB::result_first("select plid from " . TABLE_PREFIX . "pms_index where uids = '{$uids}'"); if ($plid == 0) { DB::query("insert into " . TABLE_PREFIX . "pms_index (uids) values('{$uids}')"); $plid = $this->DatabaseHandler->Insert_ID(); if (0 != $plid) { DB::query("insert into " . TABLE_PREFIX . "pms_list (plid,uid,pmnum,dateline,lastmessage) values('{$plid}','" . $suid . "',1,'{$time}','{$lastmessage}')"); if ($suid != $to_user_id) { DB::query("insert into " . TABLE_PREFIX . "pms_list (plid,uid,pmnum,dateline,lastmessage,is_new) values('{$plid}','{$to_user_id}',1,'{$time}','{$lastmessage}',1)"); } } } else { DB::query("update " . TABLE_PREFIX . "pms_list set pmnum = pmnum + 1,dateline = '{$time}',lastmessage = '{$lastmessage}',is_new = 1 where plid = '{$plid}' and uid = '{$to_user_id}' "); if ($suid != $to_user_id) { DB::query("update " . TABLE_PREFIX . "pms_list set pmnum = pmnum + 1,dateline = '{$time}',lastmessage = '{$lastmessage}',is_new = 0 where plid = '{$plid}' and uid = '{$suid}' "); } } } $data['plid'] = $plid; DB::insert('pms', $data); } #标记音乐和附件,使清缓存的时候不会把附件删除 if ($data['imageids']) { DB::query("update `" . TABLE_PREFIX . "topic_image` set `tid` = -1 where `id` in ({$data['imageids']})"); } if ($data['attachids']) { DB::query("update `" . TABLE_PREFIX . "topic_attach` set `tid` = -1 where `id` in ({$data['attachids']})"); } $num = $post["save_to_outbox"] ? 0 : 1; if ($num > 0) { $_tmps = array_keys($to_user_list); $to_user_id_list = array(); foreach ($_tmps as $_tmp) { $_tmp = (int) $_tmp; if ($_tmp > 0) { $to_user_id_list[$_tmp] = $_tmp; } } $this->UpdateNewMsgCount($num, $to_user_id_list); foreach ($to_user_list as $user_notice) { if ($GLOBALS['_J']['config']['sendmailday'] > 0) { jtable('mailqueue')->add($user_notice, 'notice_pm'); } if ($GLOBALS['_J']['config']['imjiqiren_enable'] && imjiqiren_init()) { imjiqiren_send_message($user_notice, 'm', $GLOBALS['_J']['config']); } if ($GLOBALS['_J']['config']['sms_enable'] && sms_init()) { sms_send_message($user_notice, 'm', $GLOBALS['_J']['config']); } } if ($GLOBALS['_J']['config']['extcredits_enable'] && $suid > 0) { update_credits_by_action('pm', $suid, count($to_user_list)); } } if (!$post['is_pm_to_admin_notice']) { $this->to_admin_notice($to_uids); } return 0; }
echo $GLOBALS['_J']['config']['meta_description']; ?> " /> <?php } else { ?> <meta name="Keywords" content=" <?php echo jhtmlspecialchars($this->MetaKeywords); ?> ,<?php echo $GLOBALS['_J']['config']['site_name']; echo $GLOBALS['_J']['config']['meta_keywords']; ?> " /> <meta name="Description" content=" <?php echo jhtmlspecialchars($this->MetaDescription); ?> ,<?php echo $GLOBALS['_J']['config']['site_notice']; echo $GLOBALS['_J']['config']['meta_description']; ?> " /> <?php } ?> <link rel="shortcut icon" href="favicon.ico" > <!-- <link href="<?php echo $GLOBALS['_J']['config']['site_url']; ?> /static/min/?g=css&c=<?php echo $GLOBALS['_J']['charset']; ?> &v=<?php
function _content_strip($c) { if (false !== strpos($c, ':/' . '/')) { $st = $GLOBALS['_J']['config']['site_domain']; $bh = substr_count($st, '.') > 1 ? substr($st, strpos($st, '.') + 1) : $st; if (false !== strpos($c, $bh)) { $p = '~<iframe.+?src\\s*\\=\\s*[\\\\]*[\'\\"](https?\\:\\/\\/(?:[\\w]+\\.)*(?:' . preg_quote($bh, '~') . ')[^\'\\"]+?)[\\\\]*[\'\\"].*?>.*?<\\/iframe>~is'; preg_match_all($p, $c, $rs); if ($rs) { $s = $r = array(); foreach ($rs[0] as $k => $v) { $s[$k] = $v; $this->replaces['replace'][] = jstripslashes(preg_replace(array('~ width\\s*\\=\\s*[\\\\]*[\'\\"]\\d+[\\\\]*[\'\\"]~i'), array(' width="460"'), $v)); $r[$k] = '[:[__KEEP_IFRAME_CONTENT_' . mt_rand() . '__]:]'; $this->replaces['search'][] = $r[$k]; } if ($s && $r) { $c = str_replace($s, $r, $c); } } } } $c = trim($c); $c = jhtmlspecialchars($c); $c = str_replace('&', '&', $c); return $c; }
private function _init_config() { $config = jconf::get(); define('CHARSET', $config['charset']); @header('Content-Type: text/html; charset=' . CHARSET); @header('P3P: CP="CAO PSA OUR"'); if ($config['install_lock_time'] < 1) { if (!is_file(ROOT_PATH . 'data/install.lock') && is_file(ROOT_PATH . 'install.php')) { die("<meta http-equiv='refresh' content=\"1; URL='./install.php'\">\r\n\t\t\t\t\t<a href='./install.php'>Please click here for the installation of the system ... </a>"); } } if (!isset($config['charset'])) { exit('config get invalid'); } require ROOT_PATH . 'setting/constants.php'; $config['sys_version'] = sys_version(); $config['sys_published'] = SYS_PUBLISHED; if (!$config['wap_url']) { $config['wap_url'] = $config['site_url'] . "/wap"; } if (!$config['mobile_url']) { $config['mobile_url'] = $config['site_url'] . "/mobile"; } if ($config['extra_domains']) { $http_host = getenv('HTTP_HOST') ? getenv('HTTP_HOST') : $_SERVER['HTTP_HOST']; if ($config['site_domain'] != $http_host && in_array($http_host, $config['extra_domains'])) { $site_url = rtrim(jhtmlspecialchars('http' . (443 == $_SERVER['SERVER_PORT'] ? 's' : '') . ':/' . '/' . $http_host . preg_replace("/\\/+/", '/', str_replace("\\", '/', dirname($_SERVER['PHP_SELF'])) . "/")), '/'); if (true === IN_JISHIGOU_WAP || true === IN_JISHIGOU_MOBILE) { $site_url = str_replace(array('/wap', '/mobile'), '', $site_url); } $config['wap_url'] = str_replace($config['site_url'], $site_url, $config['wap_url']); $config['mobile_url'] = str_replace($config['site_url'], $site_url, $config['mobile_url']); $config['site_url'] = $site_url; $config['site_domain'] = $http_host; } } if (!$config['topic_cut_length']) { $config['topic_cut_length'] = 140; if (!isset($config['topic_input_length'])) { $config['topic_input_length'] = 140; } } $config['topic_input_length'] = (int) $config['topic_input_length']; Obj::register('config', $config); $load_configs = array('robot' => 'robot_enable', 'ad' => 'ad_enable', 'credits' => 'extcredits_enable'); foreach ($load_configs as $k => $v) { if ($config[$v]) { $config[$k] = jconf::get($k); } } $load_configs = array('modules', 'table', 'changeword'); foreach ($load_configs as $k) { $config[$k] = jconf::get($k); } $config['changeword']['n_weibo'] || ($config['changeword']['n_weibo'] = '微博'); $config['changeword']['p_weibo'] || ($config['changeword']['p_weibo'] = '微博'); $config['changeword']['weiqun'] || ($config['changeword']['weiqun'] = '微群'); $config['changeword']['dig'] || ($config['changeword']['dig'] = '赞'); $config['changeword']['username'] || ($config['changeword']['username'] = '******'); $config['changeword']['account'] || ($config['changeword']['account'] = '帐号昵称'); $config['seccode_comment'] || ($config['seccode_comment'] = 0); $config['seccode_forward'] || ($config['seccode_forward'] = 0); $config['in_publish_notice_js'] = $this->_php_js_arr($config['in_publish_notice'], 0); $config['in_publish_notice_str'] = $this->_php_js_arr($config['in_publish_notice'], 1); $config['on_publish_notice_str'] = $this->_php_js_arr($config['on_publish_notice'], 1); $this->var['charset'] = strtolower($config['charset']); $this->var['db_charset'] = $config['db_charset'] = str_replace('-', '', $this->var['charset']); $this->var['site_name'] = $config['site_name']; $this->var['site_url'] = $config['site_url']; $this->var['wap_url'] = $config['wap_url']; $this->var['mobile_url'] = $config['mobile_url']; $this->var['config'] =& $config; }
function get_photo_list($param) { $sql_where = ''; $uid = max(0, (int) $param['uid']); $cache_key = "{$uid}-get_photo_list-" . md5(serialize($param)); if (false === ($info = cache_db('get', $cache_key))) { if ($uid > 0) { $uids = get_buddyids($uid, $GLOBALS['_J']['config']['topic_myhome_time_limit']); if ($uids) { $sql_where = " AND t.uid in(" . jimplode($uids) . ") "; } else { return array(); } } $total_photo = (int) $param['count']; if ($total_photo < 1) { if ($param['vip']) { $total_photo = DB::result_first("select count(1) as `total` from " . DB::table('topic_image') . " t left join " . DB::table('members') . " m on m.uid=t.uid where t.tid>0 and m.validate='1'" . $sql_where); } else { $total_photo = DB::result_first("SELECT COUNT(*) FROM " . DB::table('topic_image') . " AS t WHERE t.tid > 0 " . $sql_where); } } $info = false; $limit_sql = ''; $photo_i = 0; $topic_list = array(); $user_lists = array(); if ($total_photo > 0) { if ($param['perpage']) { $page_arr = page($total_photo, $param['perpage'], $param['page_url'], array('return' => 'array')); $limit_sql = $page_arr['limit']; } else { if ($param['limit']) { $limit_sql = ' LIMIT ' . $param['limit']; } elseif ($param['count']) { $limit_sql = ' LIMIT ' . $param['count']; } } if ($param['vip']) { $query = DB::query("SELECT t.id,t.tid,t.uid,t.name,t.width,t.height,t.dateline,tr.content,tr.content2,tr.forwards,tr.replys,tr.digcounts\r\n\t\t\t\t\t\t\t\t\tFROM " . DB::table('topic_image') . " AS t\r\n\t\t\t\t\t\t\t\t\tLEFT JOIN " . DB::table('topic') . " AS tr\r\n\t\t\t\t\t\t\t\t\tON t.tid = tr.tid\r\n\t\t\t\t\t\t\t\t\tleft join " . DB::table('members') . " as m\r\n\t\t\t\t\t\t\t\t\ton m.uid=t.uid\r\n\t\t\t\t\t\t\t\t\tWHERE t.tid > 0 and m.validate='1' " . $sql_where . "\r\n\t\t\t\t\t\t\t\t\tORDER BY t.id DESC\r\n\t\t\t\t\t\t\t\t\t{$limit_sql} "); } else { $query = DB::query("SELECT t.id,t.tid,t.uid,t.name,t.width,t.height,t.dateline,tr.content,tr.content2,tr.forwards,tr.replys,tr.digcounts\r\n\t\t\t\t\t\t\t\t\tFROM " . DB::table('topic_image') . " AS t\r\n\t\t\t\t\t\t\t\t\tLEFT JOIN " . DB::table('topic') . " AS tr\r\n\t\t\t\t\t\t\t\t\tON t.tid = tr.tid\r\n\t\t\t\t\t\t\t\t\tWHERE t.tid > 0 " . $sql_where . "\r\n\t\t\t\t\t\t\t\t\tORDER BY t.id DESC\r\n\t\t\t\t\t\t\t\t\t{$limit_sql} "); } while ($value = DB::fetch($query)) { $value['content'] .= $value['content2']; $value['content'] = jhtmlspecialchars(strip_tags($value['content'])); if (!is_file(topic_image($value['id'], 'photo', 1))) { $image_file = RELATIVE_ROOT_PATH . 'images/topic/' . face_path($value['id']) . $value['id'] . "_o.jpg"; $image_file_photo = RELATIVE_ROOT_PATH . 'images/topic/' . face_path($value['id']) . $value['id'] . "_p.jpg"; if ($value['width'] > 280) { $p_width = 280; $p_height = round($value['height'] * 280 / $value['width']); $result = makethumb($image_file, $image_file_photo, $p_width, $p_height); } if ($value['width'] <= 280 || !$result && !is_file($image_file_photo)) { @copy($image_file, $image_file_photo); } } $value['photo'] = topic_image($value['id'], 'photo', 0); $value['height'] = $value['width'] > 280 ? round($value['height'] * 280 / $value['width']) : $value['height']; $value['width'] = $value['width'] > 280 ? 280 : $value['width']; $value['dateline'] = my_date_format2($value['dateline']); if (false != strpos($value['content'], '</U>')) { $value['content'] = preg_replace('#\\<U(.*?)\\>(.*?)\\</U\\>#', '<a href="\\2" target="_blank">Click Here</a>', $value['content']); } if (false !== strpos($value['content'], 'http:/' . '/')) { $value['content'] = preg_replace('~(http:/' . '/[a-z0-9-\\.\\?\\=&;_@/%#]+?)\\s+~i', '<a href="\\1" target="_blank">Click Here</a> ', $value['content']); $value['content'] = preg_replace("|\\s*http:/" . "/[a-z0-9-\\.\\?\\=&;_@/%#]*\$|sim", "", $value['content']); } $topic_list[] = $value; } if ($topic_list) { $topic_list_count = count($topic_list); $topic_list = $this->TopicLogic->MakeAll($topic_list, 0); $info = array('list' => $topic_list, 'count' => $param['count'] ? $topic_list_count : $total_photo, 'page' => $page_arr); } } cache_db('set', $cache_key, $info, $uid > 0 ? 3600 : 600); } if ($info['count'] > 0 && $info['list']) { if ($GLOBALS['_J']['config']['is_topic_user_follow'] && !$GLOBALS['_J']['disable_user_follow']) { $info['list'] = buddy_follow_html($info['list'], 'uid', 'follow_html2'); } $pi = 0; $list = array(); foreach ($info['list'] as $v) { $list[$pi++ % 3][] = $v; } $info['list'] = $list; } return $info; }
function _output_code($row, $ret_row = 0) { $row['width'] = $row['width'] ? $row['width'] : '100%'; $row['height'] = $row['height'] ? $row['height'] : '1000px'; $row['output_code'] = '<div id="jishigou_div">内容正在加载中,请稍候……</div><script type="text/javascript" src="' . get_full_url($this->Config['site_url'], "index.php?mod=output&code=url_js&id={$row['id']}&hash={$row['hash']}&per_page_num={$row['per_page_num']}&content_default=" . urlencode($row['content_default'])) . '&width=' . urlencode($row['width']) . '&height=' . urlencode($row['height']) . '" charset="' . $this->Config['charset'] . '"></script>'; $row['output_code'] = jhtmlspecialchars($row['output_code']); if ($ret_row) { return $row; } else { return $row['output_code']; } }
function DoAddReward() { $id = (int) get_param('id'); $data = array('tid' => get_param('tid'), 'content' => get_param('content1'), 'event_image' => get_param('event_image'), 'prize_name' => get_param('prize_name'), 'prize' => get_param('prize'), 'prize_num' => get_param('prize_num'), 'prize_image' => get_param('prize_image'), 'rules' => get_param('rules')); $title = get_param('title'); if (!trim($title)) { $this->Messager("标题必须要有哦...", -1); } $data['title'] = trim($title); $fromt = get_param('fromt'); if (!trim($fromt)) { $this->Messager("开始时间必须要有哦...", -1); } $data['fromt'] = strtotime($fromt); $tot = get_param('tot'); if (!trim($tot)) { $this->Messager("结束时间必须要有哦...", -1); } $data['tot'] = strtotime($tot); if ($data['fromt'] >= $data['tot']) { $this->Messager("开始时间必须早于结束时间哦...", -1); } $data['prize_name'] = array_filter($data['prize_name']); if (!$data['prize_name']) { $this->Messager("此次转发没有奖励吗?", -1); } $data['prize_image'] = array_filter($data['prize_image']); if (!$data['prize_image']) { $this->Messager("奖品没有图片吗?", -1); } $data['prize'] = array_filter($data['prize']); if (!$data['prize']) { $this->Messager("奖品名字还没有填写!", -1); } $data['topic'] = jhtmlspecialchars(get_param('topic')); if (!$id) { if (!$data['topic']) { $this->Messager('需要用户转发你哪条微博?', -1); } } $rid = jlogic('reward')->add($data, $id); if (is_string($rid)) { $this->Messager($rid, -1); } else { $msg = $id ? '有奖转发修改成功' : '有奖转发发布成功'; $this->Messager($msg, "index.php?mod=reward&code=detail&id={$rid}"); } }
function UrlIframe() { $hash = ''; $info = array(); $hash_verify = 0; $id = (int) $this->_input('id', 0, 0); $per_page_num = (int) $this->_input('per_page_num', 0, 0); $content_default = jhtmlspecialchars(strip_tags(get_safe_code($this->_input('content_default', 0, '')))); if ($id > 0) { $info = DB::fetch_first("select * from " . DB::table('output') . " where `id`='{$id}'"); if ($info) { $hash = trim($this->_input('hash', 0, '')); if ($info['hash'] == $hash) { $hash_verify = 1; } } } if (!$hash_verify) { if (true === DEBUG && get_param('debug')) { } else { exit('id or hash is invalid'); } } if ($info['per_page_num'] > 0) { $info['per_page_num'] = $per_page_num > 0 && $per_page_num <= 200 ? $per_page_num : $info['per_page_num']; } $info['per_page_num'] = max(0, (int) $info['per_page_num']); $info['content_default'] = $content_default ? $content_default : $info['content_default']; $url_info = array(); $item = jget('item', 'txt'); if (!in_array($item, $this->allow_item)) { $item = 'url'; } $item_id = (int) $this->_input('item_id', 0, 0); if ('url' == $item) { if ($item_id < 1) { $url = $this->_input('url', 1); $title = $this->_input('title', 1); $url_info = jlogic('url')->info($url, $title); } else { $url_info = jlogic('url')->get_info_by_id($item_id); $url = $url_info['url']; $title = $url_info['title']; } if (!$url_info) { exit('url is invalid'); } $item_id = $url_info['id']; } if ($item_id < 1) { exit('item_id is invalid'); } if ($info['lock_host']) { $host_verify = 0; $lock_hosts = explode("\n", $info['lock_host']); foreach ($lock_hosts as $v) { $v = trim($v); if (false !== strpos($url, $v)) { $host_verify = 1; break; } } if (!$host_verify) { exit('host is invalid'); } } $page_url = "index.php?mod=output&code=url_iframe&id={$id}&hash={$hash}&item={$item}&item_id={$item_id}&per_page_num={$per_page_num}&content_default=" . urlencode($content_default); $total_record = 0; $topic_list = $page_arr = $parent_list = array(); if ($info['per_page_num'] > 0) { $param = array('perpage' => $info['per_page_num'], 'page_url' => $page_url, 'page_extra' => ' target="_self" ', 'where' => " item='{$item}' AND item_id='{$item_id}' "); $get_datas = jlogic('topic_list')->get_data($param); if (!empty($get_datas)) { $total_record = $get_datas['count']; $topic_list = $get_datas['list']; $page_arr = $get_datas['page']; if ($topic_list) { $parent_list = jlogic('topic')->GetParentTopic($topic_list); } } } $url_encode = urlencode($url); $this->Title = $title; rewriteDisable(); $tpl_file = 'output/output_url_iframe'; if ($info['tpl_enable'] && $info['tpl_file']) { $tpl_file = $info['tpl_file']; } include template($tpl_file); }
function getChannelTopTopic() { $ttopic = array(); $sql = "SELECT r.tid,t.content,t.content2 FROM " . DB::table('topic_recommend') . " AS r LEFT JOIN " . DB::table('topic') . " AS t ON r.tid = t.tid WHERE r.item = 'channel' AND r.recd = 4 AND (r.expiration>" . time() . " OR r.expiration=0) ORDER BY r.dateline DESC LIMIT 1"; $query = DB::query($sql); while ($rs = DB::fetch($query)) { $ttopic = $rs; } if ($ttopic) { $ttopic['content'] .= $ttopic['content2']; unset($ttopic['content2']); $ttopic['content'] = jhtmlspecialchars(strip_tags($ttopic['content'])); if (false !== strpos($ttopic['content'], 'http:/' . '/')) { $ttopic['content'] = preg_replace('~(http:/' . '/[a-z0-9-\\.\\?\\=&;_@/%#]+?)\\s+~i', '<a href="\\1" target="_blank">Click Here</a> ', $ttopic['content']); $ttopic['content'] = preg_replace("|\\s*http:/" . "/[a-z0-9-\\.\\?\\=&;_@/%#]*\$|sim", "", $ttopic['content']); } } return $ttopic; }
function str_safe($str) { $str = trim(strip_tags($str)); if ($str) { return jhtmlspecialchars(trim(str_replace(array('>', '<', '<', '>', '"', "'", '%3C', '%3E', '%22', '%27', '%3c', '%3e'), '', $str))); } return ''; }
function create($data) { global $_J; $category = $this->Getonecategory($data['catid']); if (MEMBER_ID > 0 && $category && (empty($category['purview']) || in_array($_J['member']['role_id'], explode(',', $category['purview'])) || in_array(MEMBER_ID, explode(',', $category['manageid'])))) { $check = $category['verify'] && !in_array(MEMBER_ID, explode(',', $category['manageid'])) && !in_array($_J['member']['role_id'], explode(',', $category['filter'])) ? 0 : 1; $cmsdata = array('title' => jhtmlspecialchars($data['title']), 'content' => jhtmlspecialchars($data['content']), 'catid' => $data['catid'], 'imageid' => $data['imageid'], 'attachid' => $data['attachid'], 'likecatid' => $category['likecatid'], 'likemanageid' => $category['manageid'], 'dateline' => time(), 'uid' => MEMBER_ID, 'username' => MEMBER_NICKNAME, 'check' => $check); $aid = DB::insert('cms_article', $cmsdata, true); if ($data['imageid']) { DB::query("UPDATE " . DB::table('topic_image') . " SET item='cms',itemid={$aid} WHERE id IN(" . $data['imageid'] . ")"); } if ($data['attachid']) { DB::query("UPDATE " . DB::table('topic_attach') . " SET item='cms',itemid={$aid} WHERE id IN(" . $data['attachid'] . ")"); } if ($check > 0) { $this->update_cat_count($data['catid'], 1, true); } $topicdata = array('content' => cut_str($data['content'], 140, ''), 'imageid' => $data['imageid'], 'attachid' => $data['attachid'], 'item' => 'cms', 'item_id' => $aid); jlogic('topic')->Add($topicdata); return $check ? $aid : 0; } else { return -1; } }