function update($nkey, $array) { $array['nkey'] || ($array['nkey'] = $nkey); $array['type'] || ($array['type'] = $this->type); $array = $this->_checkData($array); $this->db->pw_update("SELECT nid FROM pw_nav WHERE type=" . pwEscape($this->type, false) . "AND nkey=" . pwEscape($nkey, false), "UPDATE pw_nav SET" . pwSqlSingle($array, false) . " WHERE type=" . pwEscape($this->type, false) . "AND nkey=" . pwEscape($nkey, false), "INSERT INTO pw_nav SET" . pwSqlSingle($array, false)); }
function execute(&$postdata) { global $timestamp, $db_ptable, $onlineip; $this->setPostData($postdata); $pwSQL = pwSqlSingle(array('fid' => $this->data['fid'], 'icon' => $this->data['icon'], 'author' => $this->data['author'], 'authorid' => $this->data['authorid'], 'subject' => $this->data['title'], 'ifcheck' => $this->data['ifcheck'], 'type' => $this->data['w_type'], 'postdate' => $timestamp, 'lastpost' => $timestamp, 'lastposter' => $this->data['lastposter'], 'hits' => 1, 'replies' => 0, 'topped' => $this->data['topped'], 'digest' => $this->data['digest'], 'special ' => $this->data['special'], 'state' => 0, 'ifupload' => $this->data['ifupload'], 'ifmail' => $this->data['ifmail'], 'anonymous' => $this->data['anonymous'], 'ptable' => $db_ptable, 'ifmagic' => $this->data['ifmagic'], 'ifhide' => $this->data['hideatt'], 'tpcstatus' => $this->data['tpcstatus'], 'modelid' => $this->data['modelid'])); $this->db->update("INSERT INTO pw_threads SET {$pwSQL}"); $this->tid = $this->db->insert_id(); # memcache refresh $threadList = L::loadClass("threadlist"); $threadList->updateThreadIdsByForumId($this->data['fid'], $this->tid); $pw_tmsgs = GetTtable($this->tid); if (is_object($postdata->tag)) { $postdata->tag->insert($this->tid); $this->data['tags'] .= "\t" . $postdata->tag->relate($this->data['title'], $this->data['content']); } if (is_object($this->att) && ($aids = $this->att->getAids())) { $this->att->pw_attachs->updateById($aids, array('tid' => $this->tid)); } $ipTable = L::loadClass('IPTable'); $pwSQL = pwSqlSingle(array('tid' => $this->tid, 'aid' => $this->data['aid'], 'userip' => $onlineip, 'ifsign' => $this->data['ifsign'], 'buy' => '', 'ipfrom' => $ipTable->getIpFrom($onlineip), 'tags' => $this->data['tags'], 'ifconvert' => $this->data['convert'], 'ifwordsfb' => $this->data['ifwordsfb'], 'content' => $this->data['content'], 'magic' => $this->data['magic'])); $this->db->update("INSERT INTO {$pw_tmsgs} SET {$pwSQL}"); if ($this->data['digest']) { $this->db->update("UPDATE pw_memberdata SET digests=digests+1 WHERE uid=" . pwEscape($this->data['authorid'])); $this->post->user['digests']++; } $this->post->updateUserInfo($this->type, $this->creditSet(), $this->data['content']); $this->afterpost(); }
function insert($data) { $data['extra'] = $data['extra'] ? serialize($data['extra']) : ''; $this->_db->update("INSERT INTO pw_weibo_content SET " . pwSqlSingle($data)); $mid = $this->_db->insert_id(); return $mid; }
function updataById($tplid, $array) { $array = $this->_checkData($array); if (!$array) { return null; } $this->_db->update("UPDATE " . $this->_tableName . " SET " . pwSqlSingle($array, false) . " WHERE tplid=" . pwEscape($tplid)); }
function update($uploaddb) { global $db_charset, $timestamp; foreach ($uploaddb as $key => $value) { $value['name'] = pwConvert($value['name'], $db_charset, 'utf-8'); $this->db->update("INSERT INTO pw_attachs SET " . pwSqlSingle(array('fid' => 0, 'uid' => $this->uid, 'tid' => 0, 'pid' => 0, 'hits' => 0, 'name' => $value['name'], 'type' => $value['type'], 'size' => $value['size'], 'attachurl' => $value['fileuploadurl'], 'uploadtime' => $timestamp, 'ifthumb' => $value['ifthumb']))); } }
function writetoollog($log) { global $db, $db_bbsurl; $log['type'] = getLangInfo('toollog', $log['type']); $log['filename'] = Char_cv($log['filename']); $log['username'] = Char_cv($log['username']); $log['descrip'] = Char_cv(getLangInfo('toollog', $log['descrip'], $log)); $db->update("INSERT INTO pw_toollog SET " . pwSqlSingle(array('type' => $log['type'], 'filename' => $log['filename'], 'nums' => $log['nums'], 'money' => $log['money'], 'descrip' => $log['descrip'], 'uid' => $log['uid'], 'touid' => $log['touid'], 'username' => $log['username'], 'ip' => $log['ip'], 'time' => $log['time']))); }
function insertData($array) { $array = $this->_checkData($array); if (!$array || !$array['invokepieceid'] || !$array['fid'] || !$array['loopid']) { return null; } $this->_db->update("REPLACE INTO " . $this->_tableName . " SET " . pwSqlSingle($array, false)); return $this->_db->insert_id(); }
function insertData($array) { $array = $this->_checkData($array); if (!$array || !$array['scr'] || !$array['mode'] || !$array['config']) { return null; } $this->_db->update("REPLACE INTO " . $this->_tableName . " SET " . pwSqlSingle($array, false)); return $this->_db->insert_id(); }
function add($uid, $appid, $appname, $allowfeed, $descrip) { global $timestamp; $this->db->query_unbuffered("REPLACE INTO " . UC_DBTABLEPRE . "userapp SET " . pwSqlSingle(array('uid' => $uid, 'appid' => $appid, 'appname' => $appname, 'allowfeed' => $allowfeed))); if ($allowfeed) { $descrip = Char_cv($descrip); $this->db->query_unbuffered("INSERT INTO " . UC_DBTABLEPRE . "feed SET " . pwSqlSingle(array('uid' => $uid, 'type' => 'app', 'descrip' => $descrip, 'timestamp' => $timestamp), false)); } return new ApiResponse(true); }
function writeforumlog($log) { $log['username1'] = Char_cv($log['username1']); $log['username2'] = Char_cv($log['username2']); $log['field1'] = Char_cv($log['field1']); $log['field2'] = Char_cv($log['field2']); $log['field3'] = Char_cv($log['field3']); $log['descrip'] = Char_cv(getLangInfo('log', $log['descrip'], $log)); $GLOBALS['db']->update("INSERT INTO pw_forumlog SET " . pwSqlSingle(array('type' => $log['type'], 'username1' => $log['username1'], 'username2' => $log['username2'], 'field1' => $log['field1'], 'field2' => $log['field2'], 'field3' => $log['field3'], 'descrip' => $log['descrip'], 'timestamp' => $log['timestamp'], 'ip' => $log['ip']), false)); }
function publishTemplatizedAction($uid, $descrip, $appid) { //插入动态信息 global $timestamp; $rt = $this->db->get_one("SELECT allowfeed FROM pw_userapp WHERE uid=" . pwEscape($uid) . " AND appid=" . pwEscape($appid)); if ($rt['allowfeed']) { $descrip = Char_cv($descrip); $this->db->update("INSERT INTO pw_feed SET " . pwSqlSingle(array('uid' => $uid, 'type' => 'app', 'descrip' => $descrip, 'timestamp' => $timestamp), false)); return new ApiResponse(true); } return new ApiResponse(false); }
/** * 更新指定KEY的缓存数据 * * @param string $key 缓存KEY * @param string $value * @param int $expire * @return bool */ function set($key, $value, $expire = 180) { if ($expire > 0) { $expire = $this->now + $expire; $v = $this->_serialize($value); $vhash = md5($v); $tmpvhash = $this->cache->get_value("SELECT vhash FROM " . $this->table . " WHERE skey=" . pwEscape($key, false)); if ($vhash != $tmpvhash) { $dcache = array('skey' => $key, 'expire' => $expire, 'vhash' => $vhash, 'value' => $v); $this->cache->update("REPLACE INTO " . $this->table . " SET " . pwSqlSingle($dcache, false)); } else { $this->cache->update("UPDATE " . $this->table . " SET expire=" . pwEscape($expire, false) . "WHERE skey=" . pwEscape($key, false)); } } $this->_expire(); }
function update($uploaddb) { foreach ($uploaddb as $key => $value) { if ($value['attname'] == 'postcate' && ($value['id'] == '13' || $value['id'] == '27')) { $fieldname = 'pcattach'; } else { $fieldname = 'field' . $value['id']; } $this->attachs[$fieldname] = $value['fileuploadurl']; if ($value['attname'] == 'topic') { $tablename = GetTopcitable($this->pcid); } elseif ($value['attname'] == 'postcate') { $tablename = GetPcatetable($this->pcid); } if ($this->attachs) { $this->db->update("UPDATE {$tablename} SET " . pwSqlSingle($this->attachs) . " WHERE tid=" . pwEscape($this->tid)); } } }
function syncredit($arr) { if (is_array($arr)) { foreach ($arr as $uid => $setv) { $sql = ''; foreach ($setv as $cid => $value) { if (is_numeric($cid)) { $value = intval($value); $this->db->pw_update("SELECT uid FROM pw_membercredit WHERE uid=" . pwEscape($uid) . ' AND cid=' . pwEscape($cid), "UPDATE pw_membercredit SET value=" . pwEscape($value) . ' WHERE uid=' . pwEscape($uid) . ' AND cid=' . pwEscape($cid), "INSERT INTO pw_membercredit SET " . pwSqlSingle(array('uid' => $uid, 'cid' => $cid, 'value' => $value))); } elseif (in_array($cid, array('money', 'rvrc', 'credit', 'currency'))) { $cid == 'rvrc' && ($value *= 10); $sql .= ",{$cid}=" . pwEscape(intval($value)); } } if ($sql) { $this->db->update("UPDATE pw_memberdata SET " . ltrim($sql, ',') . " WHERE uid=" . pwEscape($uid), 0); } } } return new ApiResponse(1); }
function autoban($uid) { global $db, $db_banby, $db_banmax, $db_bantype, $db_banlimit, $timestamp; $rt = $db->get_one('SELECT m.groupid,m.memberid,md.postnum,md.rvrc,md.money FROM pw_members m LEFT JOIN pw_memberdata md ON md.uid=m.uid WHERE m.uid=' . pwEscape($uid)); if ($rt['groupid'] == '-1' || $rt['groupid'] == '6') { switch ($db_banby) { case 1: $banby = $rt['postnum']; break; case 2: $banby = $rt['rvrc'] / 10; break; case 3: $banby = $rt['money']; break; default: $banby = $rt['postnum']; } if ($rt['groupid'] == '-1') { if ($banby < $db_banmax) { $db->update("UPDATE pw_members SET groupid='6' WHERE uid=" . pwEscape($uid)); $pwSQL = pwSqlSingle(array('uid' => $uid, 'fid' => 0, 'type' => $db_bantype, 'startdate' => $timestamp, 'days' => $db_banlimit, 'admin' => 'autoban', 'reason' => '')); $db->update("REPLACE INTO pw_banuser SET {$pwSQL}"); } } elseif ($banby >= $db_banmax) { $bandb = $db->get_one("SELECT id FROM pw_banuser WHERE uid=" . pwEscape($uid) . " AND fid='0'"); if (!$bandb) { $db->update("UPDATE pw_members SET groupid='-1' WHERE uid=" . pwEscape($uid)); } elseif ($bandb['type'] == 1 && $timestamp - $bandb['startdate'] > $bandb['days'] * 86400) { $db->update("UPDATE pw_members SET groupid='-1' WHERE uid=" . pwEscape($uid)); $db->update("DELETE FROM pw_banuser WHERE id=" . pwEscape($bandb['id'])); } } $_cache = getDatastore(); $_cache->delete('UID_' . $uid); } }
/** * 发送社区短消息或系统通知 * * @param array $msg 信息格式如下: * $msg = array( * 'toUser' => 'admin', //接收者用户名,可为数组群发:array('admin','abc') * 'toUid' => 1, //接收者uid,可为数组群发:array(1,2),当与 toUser 同时存在时,自然失效 * 'fromUid' => 2, //发送者UID,与fromUser同时存在才有效 (可选,默认为'0') * 'fromUser' => 'pwtest',//发送者用户名,与fromUid同时存在才有效(可选,默认为'SYSTEM') * 'subject' => 'Test', //消息标题 * 'content' => '~KO~', //消息内容 * 'other' => array() //其他信息变量 * ); * @return boolean 返回消息发送是否完成 */ function pwSendMsg($msg) { global $db, $timestamp; if (!$msg['toUser'] && !$msg['toUid'] || !$msg['subject'] || !$msg['content']) { return false; } $toType = 'username'; if (empty($msg['toUser'])) { $msg['toUser'] = $msg['toUid']; $toType = 'uid'; } $msg['subject'] = getLangInfo('writemsg', $msg['subject'], $msg); $msg['content'] = getLangInfo('writemsg', $msg['content'], $msg); if (!$msg['fromUid'] || !$msg['fromUser']) { $msg['fromUid'] = 0; $msg['fromUser'] = '******'; } if (is_array($msg['toUser'])) { //group send message $msgdb = array(); $query = $db->query("SELECT uid FROM pw_members WHERE {$toType} IN (" . pwImplode($msg['toUser'], false) . ')'); while ($rt = $db->fetch_array($query)) { $msgdb[] = array($rt['uid'], $msg['fromUid'], $msg['fromUser'], 'rebox', 1, $timestamp, $msg['subject'], $msg['content']); } $msgdb && send_msgc($msgdb, false); } else { $rt = $db->get_one("SELECT uid FROM pw_members WHERE {$toType}=" . pwEscape($msg['toUser'], false)); if (empty($rt)) { return false; } $db->update('INSERT INTO pw_msg SET ' . pwSqlSingle(array('touid' => $rt['uid'], 'fromuid' => $msg['fromUid'], 'username' => $msg['fromUser'], 'type' => 'rebox', 'ifnew' => 1, 'mdate' => $timestamp), false)); $mid = $db->insert_id(); $db->update('REPLACE INTO pw_msgc SET ' . pwSqlSingle(array('mid' => $mid, 'title' => $msg['subject'], 'content' => $msg['content']), false)); $db->update("UPDATE pw_members SET newpm=newpm+1 WHERE uid=" . pwEscape($rt['uid'], false)); } return true; }
Showmsg('password_confirm'); } $pwd = md5($pwd); } require_once R_P . 'require/bbscode.php'; $wordsfb = L::loadClass('FilterUtil'); if (($banword = $wordsfb->comprise($aname)) !== false) { Showmsg('title_wordsfb'); } if (($banword = $wordsfb->comprise($aintro)) !== false) { Showmsg('content_wordsfb'); } if ($private == 3 && !$pwd && $rt['albumpwd']) { $pwd = $rt['albumpwd']; } $db->update("UPDATE pw_cnalbum SET " . pwSqlSingle(array('aname' => $aname, 'aintro' => $aintro, 'private' => $private, 'albumpwd' => $pwd)) . ' WHERE aid=' . pwEscape($aid)); refreshto("{$basename}a=own", 'operate_success'); } } elseif ($a == 'viewalbum') { define('AJAX', 1); define('F_M', true); InitGP(array('aid')); $aid = (int) $aid; empty($aid) && Showmsg('data_error'); require_once PrintEot('m_ajax'); ajax_footer(); } elseif ($a == 'createajax') { define('AJAX', 1); define('F_M', true); banUser(); InitGP(array('job'));
/** * 用户app统计更新 * @param (int|array) $uids 需要更新的用户uid * @param string $action recount:重新统计,add:指定用户应用数加1,minus:指定用户应用数减1 */ function updateUserAppNum($uids, $type, $action = 'add', $num = 0) { global $db, $timestamp; if (empty($uids)) { return false; } !is_array($uids) && ($uids = array($uids)); !in_array($type, array('diary', 'photo', 'owrite', 'group', 'share')) && Showmsg('app_type_worong'); $keyname = $type . 'num'; $num = intval($num); if ($action == 'recount') { if ($type == 'diary') { $query = $db->query("SELECT uid,COUNT(*) as count FROM pw_diary WHERE uid IN (" . pwImplode($uids) . ") GROUP BY uid"); } elseif ($type == 'photo') { $query = $db->query("SELECT ca.ownerid as uid,COUNT(*) as count FROM pw_cnphoto cn LEFT JOIN pw_cnalbum ca ON cn.aid=ca.aid WHERE ca.atype='0' AND ca.ownerid IN (" . pwImplode($uids) . ") GROUP BY ca.ownerid"); } elseif ($type == 'owrite') { $query = $db->query("SELECT uid,COUNT(*) as count FROM pw_owritedata WHERE uid IN (" . pwImplode($uids) . ") GROUP BY uid"); } elseif ($type == 'group') { $query = $db->query("SELECT uid,COUNT(*) as count FROM pw_cmembers WHERE uid IN (" . pwImplode($uids) . ") AND ifadmin!= '-1' GROUP BY uid"); } elseif ($type == 'share') { $query = $db->query("SELECT uid, COUNT(*) as count FROM pw_share WHERE uid IN (" . pwImplode($uids) . ") GROUP BY uid"); } while ($rt = $db->fetch_array($query)) { $uid = $rt['uid']; $count = $rt['count']; $db->pw_update("SELECT * FROM pw_ouserdata WHERE uid=" . pwEscape($uid), "UPDATE pw_ouserdata SET " . pwSqlSingle(array($keyname => $count)) . " WHERE uid=" . pwEscape($uid), "INSERT INTO pw_ouserdata SET " . pwSqlSingle(array('uid' => $uid, $keyname => $count))); } } elseif ($action == 'add') { $lastpost_keyname = $type . '_lastpost'; $num = $num < 1 ? 1 : $num; $query = $db->query("SELECT uid FROM pw_members WHERE uid IN (" . pwImplode($uids) . ")"); while ($rt = $db->fetch_array($query)) { $uid = $rt['uid']; $db->pw_update("SELECT * FROM pw_ouserdata WHERE uid=" . pwEscape($uid), "UPDATE pw_ouserdata SET {$keyname} = {$keyname} + {$num},{$lastpost_keyname} = '{$timestamp}' WHERE uid=" . pwEscape($uid), "INSERT INTO pw_ouserdata SET " . pwSqlSingle(array('uid' => $uid, $keyname => $num, $lastpost_keyname => $timestamp))); } } elseif ($action == 'minus') { $num < 1 && ($num = 1); $db->update("UPDATE pw_ouserdata SET {$keyname}={$keyname}-" . pwEscape($num) . " WHERE uid IN(" . pwImplode($uids) . ") AND {$keyname}>=" . pwEscape($num)); $db->update("UPDATE pw_ouserdata SET {$keyname}=0 WHERE uid IN(" . pwImplode($uids) . ") AND {$keyname}<" . pwEscape($num)); /* $query = $db->query("SELECT uid FROM pw_members WHERE uid IN (".pwImplode($uids).")"); while ($rt = $db->fetch_array($query)) { $uid = $rt['uid']; $keyvalue = $db->get_value("SELECT $keyname FROM pw_ouserdata WHERE uid=".pwEscape($uid)); if ($keyvalue < $num) { $db->update("UPDATE pw_ouserdata SET $keyname = '0' WHERE uid=".pwEscape($uid)); } else { $db->update("UPDATE pw_ouserdata SET $keyname = $keyname - $num WHERE uid=".pwEscape($uid)); } } */ } }
} else { if ($vieworder !== $forumDB[$key]['vieworder']) { $updateArr[$key]['vieworder'] = $vieworder; } } } foreach ($order as $key => $value) { //用于delect if (S::inArray($key, $fids)) { !$fidcommend[$key] && ($delSQL[$key] = $key); } } $addSQL && $db->update("REPLACE INTO pw_searchforum (fid,vieworder) VALUES " . pwSqlMulti($addSQL)); if ($updateArr) { foreach ($updateArr as $key => $value) { $value && $db->update("UPDATE pw_searchforum SET " . pwSqlSingle($value) . " WHERE fid=" . pwEscape($key, false)); } } $delSQL && $db->update("DELETE FROM pw_searchforum WHERE fid IN(" . pwImplode($delSQL) . ")"); //if ($addSQL || $updateArr || $delSQL) { updatecache_search(); //} adminmsg('operate_success', "{$basename}&action=forum"); } elseif ($action == 'statistic') { s::gp(array('keyword', 'createtime_s', 'createtime_e')); $createtime_s = $createtime_s ? $createtime_s : get_date($timestamp - 7 * 24 * 3600, 'Y-m-d'); $createtime_e = $createtime_e ? $createtime_e : get_date($timestamp, 'Y-m-d'); $addsql = ''; if ($keyword) { $keyword = trim($keyword); $keywordarray = explode(",", $keyword);
$othersql = $otherfids = array(); $update_f = ''; if (is_array($otherfid)) { $otherfids = pwImplode($otherfid); } if (is_array($otherforum)) { foreach ($otherforum as $key => $value) { if ($key === 'forumsetdb') { $update_f = 1; continue; } $othersql[$key] = ${$key}; } } if ($othersql && $otherfids) { $db->update("UPDATE pw_forums SET" . pwSqlSingle($othersql) . "WHERE fid IN({$otherfids})"); } if ($otherfids && $update_f) { include D_P . 'data/bbscache/forum_cache.php'; foreach ($otherfid as $key => $selfid) { if (!$selfid || !is_numeric($selfid) || $selfid == $fid || $forum[$selfid]['type'] == 'category') { continue; } $rt = $db->get_one("SELECT fid,forumset FROM pw_forumsextra WHERE fid=" . pwEscape($selfid)); if ($rt['fid']) { $newforumset = unserialize($rt['forumset']); foreach ($forumsetdb as $key => $value) { if ($otherforum['forumsetdb'][$key]) { $newforumset[$key] = $value; } elseif (!isset($newforumset[$key])) { $newforumset[$key] = 0;
function updateThreadTrade($upmeminfo, $userId) { global $db; $pwSQL = pwSqlSingle($upmeminfo); $db->pw_update("SELECT uid FROM pw_memberinfo WHERE uid=" . pwEscape($userId), "UPDATE pw_memberinfo SET {$pwSQL} WHERE uid=" . pwEscape($userId), "INSERT INTO pw_memberinfo SET uid=" . pwEscape($userId) . ',' . $pwSQL); }
/** * 例子: * updateByTid($tids,$data); * updateByTid($tids,$pid,$data); */ function updateByTid($tids, $p1, $p2 = null) { if (empty($tids)) { return false; } if (is_null($p2)) { $data = $p1; $pid = null; } else { $data = $p2; $pid = $p1; } if (empty($data)) { return false; } $data = $this->_checkData($data); if (is_array($tids)) { $this->_db->update("UPDATE pw_attachs SET " . pwSqlSingle($data) . ' WHERE tid IN(' . $this->_getImplodeString($tids) . ')' . (!is_null($pid) ? " AND pid=" . intval($pid) : "")); } else { $this->_db->update("UPDATE pw_attachs SET " . pwSqlSingle($data) . ' WHERE tid=' . intval($tids) . (!is_null($pid) ? " AND pid=" . intval($pid) : "")); } return true; }
} elseif ($type == 'addmsg') { if (empty($_POST['step'])) { $adminname = explode(',', trim($forums['forumadmin'], ',')); require_once PrintEot('forumcp'); footer(); } else { PostCheck(); !$fid && Showmsg('annouce_fid'); InitGP(array('msgtype', 'toname', 'savetime'), 'P'); !$msgtype && !$toname && Showmsg('forummsg_object'); $msgtype == 1 ? $toname = '' : ($msgtype = 2); $savetime = $timestamp + (intval($savetime) > 0 ? intval($savetime) : 30) * 86400; $message = trim(Char_cv($_POST['message'])); !$message && Showmsg('forummsg_content'); $toname = "," . implode(',', $toname) . ","; $pwSQL = pwSqlSingle(array('fid' => $fid, 'uid' => $winduid, 'username' => $windid, 'toname' => $toname, 'msgtype' => $msgtype, 'posttime' => $timestamp, 'savetime' => $savetime, 'message' => $message)); $db->update("INSERT INTO pw_forummsg SET {$pwSQL}"); refreshto("forumcp.php?action=edit&type=msg&fid={$fid}", 'operate_success'); } } } elseif ($action == 'del') { PostCheck(); InitGP(array('selid', 'type')); $selids = array(); foreach ($selid as $key => $value) { is_numeric($value) && ($selids[] = $value); } if ($selids) { $selids = pwImplode($selids); } else { Showmsg('id_error');
if ($k2) { $right[$k1][$k2] = $value; } else { $right[$key] = $value; } } } $rightdb = addslashes(serialize($right)); } else { adminmsg('rightset_empty', $basename . '&action=edit&gid=' . $gid); } $ckid = $db->get_value('SELECT gid FROM pw_adminset WHERE gid=' . pwEscape($gid)); if ($ckid) { $db->update('UPDATE pw_adminset SET value=' . pwEscape($rightdb) . ' WHERE gid=' . pwEscape($gid)); } else { $db->update('INSERT INTO pw_adminset SET ' . pwSqlSingle(array('gid' => $gid, 'value' => $rightdb))); } $db->update("REPLACE INTO pw_permission SET uid='0',fid='0',gid=" . pwEscape($gid) . ",rkey='allowadmincp',type='system',rvalue='1'"); updatecache_g($gid); adminmsg('operate_success'); } } elseif ($action == 'delete') { if ($_POST['step'] != 2) { $inputmsg = '<input name="step" type="hidden" value="2" /><input name="action" type="hidden" value="delete" /><input name="gid" type="hidden" value="' . $gid . '" />'; pwConfirm('rightset_delgroup', $inputmsg); } else { !$gid && adminmsg('rightset_setgroup'); $db->update("REPLACE INTO pw_permission SET uid='0',fid='0',gid=" . pwEscape($gid) . ",rkey='allowadmincp',type='system',rvalue='0'"); updatecache_g($gid); adminmsg('operate_success'); }
continue; } $checked = strpos($postcate['viewright'], ',' . $key . ',') !== false ? 'checked' : ''; $htm_tr = ''; $num++; $num % 5 == 0 ? $htm_tr = '</tr><tr>' : ''; $viewrighthtml .= "<td><input class='input' type='checkbox' name='viewright[]' value='" . $key . "' " . $checked . ">" . $value['grouptitle'] . "</td>" . $htm_tr; } $viewrighthtml .= "</tr></table>"; include PrintEot('postcate'); exit; } else { InitGP(array('viewright', 'adminright')); $viewrights = ',' . implode(',', $viewright) . ','; $adminrights = ',' . implode(',', $adminright) . ','; $db->update("UPDATE pw_postcate" . " SET " . pwSqlSingle(array('viewright' => $viewrights, 'adminright' => $adminrights)) . " WHERE pcid=" . pwEscape($pcid)); updatecache_postcate(); adminmsg('operate_success', $basename . "&action=rightset&pcid={$pcid}"); } } function getFieldSqlByType($type) { if (in_array($type, array('number', 'calendar'))) { $sql = "INT(10) UNSIGNED NOT NULL default '0'"; } elseif (in_array($type, array('radio', 'select'))) { $sql = "TINYINT(3) UNSIGNED NOT NULL default '0'"; } elseif ($type == 'textarea') { $sql = "TEXT NOT NULL"; } else { $sql = "VARCHAR(255) NOT NULL"; }
} } $postnum = $digests = $rvrc = $money = $credits = $currency = $deposit = $ddeposit = 0; foreach ($oldinfo as $key => $value) { $postnum += $value['postnum']; $digests += $value['digests']; $rvrc += $value['rvrc']; $money += $value['money']; $credits += $value['credit']; $currency += $value['currency']; $deposit += $value['deposit']; $ddeposit += $value['ddeposit']; $creditdb = $credit->get($value['uid'], 'CUSTOM'); foreach ($creditdb as $k => $val) { $db->pw_update("SELECT uid FROM pw_membercredit WHERE uid=" . pwEscape($newuid) . "AND cid=" . pwEscape($k), "UPDATE pw_membercredit SET value=value+" . pwEscape($val[1]) . "WHERE uid=" . pwEscape($newuid) . "AND cid=" . pwEscape($k), "INSERT INTO pw_membercredit SET" . pwSqlSingle(array('uid' => $newuid, 'cid' => $k, 'value' => $val[1]))); } $db->update("UPDATE pw_threads SET " . pwSqlSingle(array('author' => $touser['username'], 'authorid' => $newuid)) . "WHERE authorid=" . pwEscape($value['uid'])); foreach ($ptable_a as $val) { $db->update("UPDATE {$val} SET " . pwSqlSingle(array('author' => $touser['username'], 'authorid' => $newuid)) . "WHERE authorid=" . pwEscape($value['uid'])); } $db->update("UPDATE pw_attachs SET uid=" . pwEscape($newuid) . "WHERE uid=" . pwEscape($value['uid'])); $db->update("DELETE FROM pw_members WHERE uid=" . pwEscape($value['uid'])); $db->update("DELETE FROM pw_memberdata WHERE uid=" . pwEscape($value['uid'])); $db->update("DELETE FROM pw_memberinfo WHERE uid=" . pwEscape($value['uid'])); $db->update("DELETE FROM pw_msg WHERE type='rebox' AND touid=" . pwEscape($value['uid']) . "OR type='sebox' AND fromuid=" . pwEscape($value['uid'])); $db->update("DELETE FROM pw_msglog WHERE uid='{$value['uid']}'"); } $db->update("UPDATE pw_memberdata SET postnum=postnum+" . pwEscape($postnum) . ',digests=digests+' . pwEscape($digests) . ',rvrc=rvrc+' . pwEscape($rvrc) . ',money=money+' . pwEscape($money) . ',credit=credit+' . pwEscape($credits) . ',currency=currency+' . pwEscape($currency) . 'WHERE uid=' . pwEscape($newuid)); $db->update("UPDATE pw_memberinfo SET deposit=deposit+" . pwEscape($deposit) . ',ddeposit=ddeposit+' . pwEscape($ddeposit) . 'WHERE uid=' . pwEscape($newuid)); adminmsg('operate_success'); }
!$rt['creditype'] && ($rt['creditype'] = 'currency'); $tooldb[] = $rt; } include PrintHack('admin'); exit; } elseif ($action == 'edit') { InitGP(array('uid', 'id')); (!is_numeric($uid) || !is_numeric($id)) && adminmsg('numerics_checkfailed'); if (empty($_POST['step'])) { $rt = $db->get_one("SELECT u.*,t.name,t.stock,t.price,m.username FROM pw_usertool u LEFT JOIN pw_members m USING(uid) LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid=" . pwEscape($uid) . "AND u.toolid=" . pwEscape($id)); !$rt['creditype'] && ($rt['creditype'] = 'currency'); include PrintHack('admin'); exit; } else { InitGP(array('nums', 'sellnums', 'sellprice')); $db->update("UPDATE pw_usertool SET " . pwSqlSingle(array('nums' => $nums, 'sellnums' => $sellnums, 'sellprice' => $sellprice)) . " WHERE uid=" . pwEscape($uid) . " AND toolid=" . pwEscape($id)); adminmsg('operate_success'); } } elseif ($action == 'del') { InitGP(array('uid', 'id')); (!is_numeric($uid) || !is_numeric($id)) && adminmsg('numerics_checkfailed'); $db->update("DELETE FROM pw_usertool WHERE uid=" . pwEscape($uid) . "AND toolid=" . pwEscape($id)); adminmsg('operate_success'); } } elseif ($job == 'tradelog') { $basename = "{$admin_file}?adminjob=hack&hackset=toolcenter&job=tradelog"; InitGP(array('username', 'page')); if ($action == 'search' && $username) { $rt = $db->get_one("SELECT uid FROM pw_members WHERE username="******"AND u.uid='{$rt['uid']}'"; } else {
function updatecommend($fid, $forumset) { global $db, $timestamp; $forumset['commendnum'] < 1 && ($forumset['commendnum'] = 10); $commend = array(); $commendlist = ''; if ($forumset['commendlist']) { $commendlist = pwImplode(explode(',', $forumset['commendlist'])); $query = $db->query("SELECT tid,authorid,author,subject FROM pw_threads WHERE tid IN({$commendlist}) AND fid=" . pwEscape($fid)); while ($rt = $db->fetch_array($query)) { if ($forumset['commendlength'] && strlen($rt['subject']) > $forumset['commendlength']) { $rt['subject'] = substrs($rt['subject'], $forumset['commendlength']); } $commend[] = $rt; } } $count = count($commend); if ($forumset['autocommend'] && $count < $forumset['commendnum']) { $limit = pwLimit($forumset['commendnum'] - $count); switch ($forumset['autocommend']) { case '1': $orderby = 'postdate'; break; case '2': $orderby = 'lastpost'; break; case '3': $orderby = 'hits'; break; case '4': $orderby = 'replies'; break; default: $orderby = 'digest'; break; } $sql = $forumset['commendlist'] ? " AND tid NOT IN({$commendlist})" : ''; $query = $db->query("SELECT tid,authorid,author,subject FROM pw_threads WHERE fid=" . pwEscape($fid) . " AND topped='0' {$sql} ORDER BY {$orderby} DESC {$limit}"); while ($rt = $db->fetch_array($query)) { if ($forumset['commendlength'] && strlen($rt['subject']) > $forumset['commendlength']) { $rt['subject'] = substrs($rt['subject'], $forumset['commendlength']); } $commend[] = $rt; } } $forumset['ifcommend'] = $timestamp; $forumsetdb = addslashes(serialize($forumset)); $commend = $commend ? addslashes(serialize($commend)) : ''; $db->update("UPDATE pw_forumsextra" . " SET " . pwSqlSingle(array('forumset' => $forumsetdb, 'commend' => $commend)) . ' WHERE fid=' . pwEscape($fid)); require_once R_P . 'admin/cache.php'; updatecache_forums($fid); }
$lastpost = $rt['postdate']; $lastposter = $rt['author']; } else { $lt = $db->get_one("SELECT postdate,author FROM {$pw_posts} WHERE tid=" . pwEscape($tid) . "ORDER BY postdate DESC LIMIT 1"); $lastpost = $lt['postdate']; $lastposter = $lt['author']; } $count -= 2; $db->update("DELETE FROM {$pw_posts} WHERE pid=" . pwEscape($rt['pid'])); $pwSQL = $rt['subject'] ? array('subject' => $rt['subject']) : array(); $pwSQL += array('icon' => $rt['icon'], 'author' => $rt['author'], 'authorid' => $rt['authorid'], 'postdate' => $rt['postdate'], 'lastpost' => $lastpost, 'lastposter' => $lastposter, 'replies' => $count); $db->update("UPDATE pw_threads SET " . pwSqlSingle($pwSQL, false) . " WHERE tid=" . pwEscape($tid)); # memcache reflesh $threadList = L::loadClass("threadlist"); $threadList->updateThreadIdsByForumId($fid, $tid); $db->update("UPDATE {$pw_tmsgs} SET " . pwSqlSingle(array('aid' => $rt['aid'], 'userip' => $rt['userip'], 'ifsign' => $rt['ifsign'], 'ipfrom' => $rt['ipfrom'], 'alterinfo' => $rt['alterinfo'], 'ifconvert' => $rt['ifconvert'], 'content' => $rt['content']), false) . " WHERE tid=" . pwEscape($tid)); } $msg_delrvrc = abs($creditset['Delete']['rvrc']); $msg_delmoney = abs($creditset['Delete']['money']); $credit->addLog('topic_Delete', $creditset['Delete'], array('uid' => $authorid, 'username' => $author, 'ip' => $onlineip, 'fname' => strip_tags($forum[$fid]['name']), 'operator' => $windid)); $credit->sets($authorid, $creditset['Delete'], false); if ($thread_tpcstatus && getstatus($thread_tpcstatus, 1)) { $db->update("DELETE FROM pw_argument WHERE tid=" . pwEscape($tid)); } } else { $deltype = 'delrp'; $deltitle = $subject ? substrs($subject, 28) : substrs($content, 28); $db->update("DELETE FROM {$pw_posts} WHERE pid=" . pwEscape($pid)); $db->update("UPDATE pw_threads SET replies=replies-1 WHERE tid=" . pwEscape($tid)); $msg_delrvrc = abs($creditset['Deleterp']['rvrc']); $msg_delmoney = abs($creditset['Deleterp']['money']);
<?php !defined('PW_UPLOAD') && exit('Forbidden'); $pcfield = array('1' => array('fieldid' => '1', 'name' => '类别', 'fieldname' => 'pctype', 'pcid' => '1', 'vieworder' => '1', 'type' => 'radio', 'rules' => array('0' => '1=婚庆类', '1' => '2=房产类', '2' => '3=汽车类', '3' => '4=家电类', '4' => '5=家装类', '5' => '6=生产原料', '6' => '7=食品类', '7' => '8=其他'), 'ifable' => '1', 'ifsearch' => '1', 'ifasearch' => '1', 'threadshow' => '1', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '2' => array('fieldid' => '2', 'name' => '发起时间', 'fieldname' => 'begintime', 'pcid' => '1', 'vieworder' => '2', 'type' => 'calendar', 'rules' => '', 'ifable' => '1', 'ifsearch' => '1', 'ifasearch' => '1', 'threadshow' => '0', 'ifmust' => '1', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '3' => array('fieldid' => '3', 'name' => '截止时间', 'fieldname' => 'endtime', 'pcid' => '1', 'vieworder' => '3', 'type' => 'calendar', 'rules' => '', 'ifable' => '1', 'ifsearch' => '1', 'ifasearch' => '1', 'threadshow' => '1', 'ifmust' => '1', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '4' => array('fieldid' => '4', 'name' => '人数限制', 'fieldname' => 'limitnum', 'pcid' => '1', 'vieworder' => '4', 'type' => 'number', 'rules' => array('minnum' => '1', 'maxnum' => '100'), 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '1', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => '人(不限制,请留空)'), '5' => array('fieldid' => '5', 'name' => '报名限制', 'fieldname' => 'objecter', 'pcid' => '1', 'vieworder' => '5', 'type' => 'radio', 'rules' => array('0' => '1=所有用户', '1' => '2=仅好友'), 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '1', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '6' => array('fieldid' => '6', 'name' => '价格', 'fieldname' => 'price', 'pcid' => '1', 'vieworder' => '6', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '7' => array('fieldid' => '7', 'name' => '押金', 'fieldname' => 'deposit', 'pcid' => '1', 'vieworder' => '7', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => '(留空则无需支付押金)'), '8' => array('fieldid' => '8', 'name' => '支付方式', 'fieldname' => 'payway', 'pcid' => '1', 'vieworder' => '8', 'type' => 'radio', 'rules' => array('0' => '1=支付宝支付', '1' => '2=现金支付'), 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '1', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '9' => array('fieldid' => '9', 'name' => '联系人', 'fieldname' => 'contacter', 'pcid' => '1', 'vieworder' => '9', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '1', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '1', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '10' => array('fieldid' => '10', 'name' => '电话', 'fieldname' => 'tel', 'pcid' => '1', 'vieworder' => '10', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '4', 'descrip' => ''), '11' => array('fieldid' => '11', 'name' => '-', 'fieldname' => 'phone', 'pcid' => '1', 'vieworder' => '10', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '14', 'descrip' => '例如:0571-12345678'), '12' => array('fieldid' => '12', 'name' => '手机', 'fieldname' => 'mobile', 'pcid' => '1', 'vieworder' => '11', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '1', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '13' => array('fieldid' => '13', 'name' => '图片上传', 'fieldname' => 'pcattach', 'pcid' => '1', 'vieworder' => '13', 'type' => 'upload', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '14' => array('fieldid' => '14', 'name' => '类别', 'fieldname' => 'pctype', 'pcid' => '2', 'vieworder' => '1', 'type' => 'radio', 'rules' => array('0' => '1=出游', '1' => '2=聚餐 ', '2' => '3=舞会', '3' => '4=户外', '4' => '5=烧烤', '5' => '6=其他'), 'ifable' => '1', 'ifsearch' => '1', 'ifasearch' => '1', 'threadshow' => '1', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '15' => array('fieldid' => '15', 'name' => '发起时间', 'fieldname' => 'begintime', 'pcid' => '2', 'vieworder' => '2', 'type' => 'calendar', 'rules' => '', 'ifable' => '1', 'ifsearch' => '1', 'ifasearch' => '1', 'threadshow' => '0', 'ifmust' => '1', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '16' => array('fieldid' => '16', 'name' => '过期时间', 'fieldname' => 'endtime', 'pcid' => '2', 'vieworder' => '3', 'type' => 'calendar', 'rules' => '', 'ifable' => '1', 'ifsearch' => '1', 'ifasearch' => '1', 'threadshow' => '1', 'ifmust' => '1', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '17' => array('fieldid' => '17', 'name' => '活动地点', 'fieldname' => 'address', 'pcid' => '2', 'vieworder' => '4', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '1', 'threadshow' => '1', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '18' => array('fieldid' => '18', 'name' => '人数限制', 'fieldname' => 'limitnum', 'pcid' => '2', 'vieworder' => '5', 'type' => 'number', 'rules' => array('minnum' => '1', 'maxnum' => '100'), 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => '人(不限制,请留空)'), '19' => array('fieldid' => '19', 'name' => '报名限制', 'fieldname' => 'objecter', 'pcid' => '2', 'vieworder' => '6', 'type' => 'radio', 'rules' => array('0' => '1=所有用户', '1' => '2=仅好友'), 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '1', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '20' => array('fieldid' => '20', 'name' => '性别限制', 'fieldname' => 'gender', 'pcid' => '2', 'vieworder' => '7', 'type' => 'radio', 'rules' => array('0' => '1=全部', '1' => '2=仅男生', '2' => '3=仅女生'), 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '1', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '21' => array('fieldid' => '21', 'name' => '活动经费', 'fieldname' => 'price', 'pcid' => '2', 'vieworder' => '8', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => '元/人'), '22' => array('fieldid' => '22', 'name' => '支付方式', 'fieldname' => 'payway', 'pcid' => '2', 'vieworder' => '9', 'type' => 'radio', 'rules' => array('0' => '1=支付宝支付', '1' => '2=现金支付'), 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '1', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '23' => array('fieldid' => '23', 'name' => '联系人', 'fieldname' => 'contacter', 'pcid' => '2', 'vieworder' => '10', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '1', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '24' => array('fieldid' => '24', 'name' => '电话', 'fieldname' => 'tel', 'pcid' => '2', 'vieworder' => '11', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '4', 'descrip' => ''), '25' => array('fieldid' => '25', 'name' => '-', 'fieldname' => 'phone', 'pcid' => '2', 'vieworder' => '11', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '14', 'descrip' => '例如:0571-123456778'), '26' => array('fieldid' => '26', 'name' => '手机', 'fieldname' => 'mobile', 'pcid' => '2', 'vieworder' => '12', 'type' => 'text', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '1', 'ifdel' => '1', 'textsize' => '0', 'descrip' => ''), '27' => array('fieldid' => '27', 'name' => '图片上传', 'fieldname' => 'pcattach', 'pcid' => '2', 'vieworder' => '13', 'type' => 'upload', 'rules' => '', 'ifable' => '1', 'ifsearch' => '0', 'ifasearch' => '0', 'threadshow' => '0', 'ifmust' => '0', 'ifdel' => '1', 'textsize' => '0', 'descrip' => '')); foreach ($pcfield as $key => $value) { is_array($value['rules']) && ($value['rules'] = serialize($value['rules'])); $db->update("REPLACE INTO pw_pcfield SET " . pwSqlSingle(array('fieldid' => $value['fieldid'], 'name' => $value['name'], 'fieldname' => $value['fieldname'], 'pcid' => $value['pcid'], 'vieworder' => $value['vieworder'], 'type' => $value['type'], 'rules' => $value['rules'], 'ifable' => $value['ifable'], 'ifsearch' => $value['ifsearch'], 'ifasearch' => $value['ifasearch'], 'threadshow' => $value['threadshow'], 'ifmust' => $value['ifmust'], 'ifdel' => $value['ifdel'], 'textsize' => $value['textsize'], 'descrip' => $value['descrip']))); }