function common()
{
global $_G;
list($seccodecheck, $secqaacheck) = seccheck($_GET['type']);
$sechash = random(8);
if ($seccodecheck || $secqaacheck) {
$variable = array('sechash' => $sechash);
if ($seccodecheck) {
$variable['seccode'] = $_G['siteurl'] . 'api/mobile/index.php?module=seccode&sechash=' . $sechash . '&version=' . (empty($_GET['secversion']) ? '1' : $_GET['secversion']);
}
if ($secqaacheck) {
$variable['secqaa'] = make_secqaa();
}
}
mobile_core::result(mobile_core::variable($variable));
}
function common()
{
global $_G;
if (!empty($_GET['force'])) {
$_G['setting']['seccodedata']['rule'][$_GET['type']]['allow'] = 1;
}
list($seccodecheck, $secqaacheck) = seccheck($_GET['type']);
$sechash = random(8);
if ($seccodecheck || $secqaacheck) {
$variable = array('sechash' => $sechash);
if ($seccodecheck) {
$variable['seccode'] = $_G['siteurl'] . 'api/mobile/index.php?module=seccodehtml&sechash=' . $sechash . '&version=4';
}
if ($secqaacheck) {
$variable['secqaa'] = make_secqaa();
}
}
mobile_core::result(mobile_core::variable($variable));
}
function get_menu_foot($brandresult)
{
global $_G;
$bid = $brandresult['bid'];
$tid = $brandresult['tid'];
$perpage = 5;
$page = intval($_G[sr_page]);
$page = max(1, intval($page));
$start = ($page - 1) * $perpage;
$start = max(0, $start);
require_once libfile('function/discuzcode');
$count = C::t('#sanree_brand#forum_post')->count_by_tid_post(0, $tid);
if ($count > 0) {
$postthread = C::t('#sanree_brand#forum_post')->fetch_all_by_tid(0, $tid, true, ' desc', ($page - 1) * $perpage, $perpage, 0, 0);
foreach ($postthread as $key => $val) {
$postthread[$key]['message'] = discuzcode($val['message'], 0, 0, 0, 1);
$postthread[$key]['satisfaction'] = C::t('#sanree_brand#sanree_brand_voterlog')->getstar_by_tid_uid($val['authorid'], $tid) * 20;
$postthread[$key]['dateline'] = dgmdate($val['dateline']);
$postthread[$key]['img'] = avatar($val['authorid'], 'middle', 1);
}
$murl = $_G['item_detail'] == 'item' ? $is_rewrite ? getburl($brandresult) . '?t' . $extra : getburl($brandresult) . $extra : ($is_rewrite ? getdetailurl($brandresult) . '?t' . $extra : getdetailurl($brandresult) . $extra);
$multi = multi($count, $perpage, $page, $murl);
}
$satisfaction = C::t('#sanree_brand#sanree_brand_voterlog')->getstar_by_tid_uid($_G['uid'], $tid) * 20;
$seditor = array('fastpost', array('bold', 'color', 'link', 'quote', 'smilies'));
$selfimg = avatar($_G['uid'], 'middle', 1);
$wx_prefix = $_G['setting']['attachurl'] . 'category/';
$appVer = $_G['setting']['version'];
$dzv = array('X3.2', 'X3.1');
if (in_array($appVer, $dzv)) {
list($seccodecheck) = seccheck('publish');
$dzvflag = true;
$sectpl = '<div class="rfm"><table><tr><th><sec>: </th><td><span id="sec<hash>" onclick="showMenu({\'ctrlid\':\'sec<hash>\',\'pos\':\'*\'})"><sec></span><br /><div id="sec<hash>_menu" class="p_pop p_opt" style="display:none"><sec></div></td></tr></table></div>';
} else {
$seccodecheck = $_G['setting']['seccodestatus'] & 4 && (!$_G['setting']['seccodedata']['minposts'] || getuserprofile('posts') < $_G['setting']['seccodedata']['minposts']);
$secqaacheck = $_G['setting']['secqaa']['status'] & 2 && (!$_G['setting']['secqaa']['minposts'] || getuserprofile('posts') < $_G['setting']['secqaa']['minposts']);
$dzvflag = false;
}
include templateEx($this->_identifier . ':' . $this->_template . '/srfoot');
$GLOBALS['srfoot'] = $srfoot;
}
}
$seodata = array('firstcat' => $cats[0], 'secondcat' => $cats[1], 'curcat' => $cat['catname'], 'subject' => $article['title'], 'user' => $article['username'], 'summary' => $article['summary'], 'page' => intval($_GET['page']));
list($navtitle, $metadescription, $metakeywords) = get_seosetting('article', $seodata);
if (empty($navtitle)) {
$navtitle = helper_seo::get_title_page($article['title'], $_G['page']) . ' - ' . $cat['catname'];
$nobbname = false;
} else {
$nobbname = true;
}
if (empty($metakeywords)) {
$metakeywords = $article['title'];
}
if (empty($metadescription)) {
$metadescription = $article['summary'] ? $article['summary'] : $article['title'];
}
list($seccodecheck, $secqaacheck) = seccheck('publish');
$catid = $article['catid'];
if (!$_G['setting']['relatedlinkstatus']) {
$_G['relatedlinks'] = get_related_link('article');
} else {
$content['content'] = parse_related_link($content['content'], 'article');
}
if (isset($_G['makehtml'])) {
helper_makehtml::portal_article($cat, $article, $page);
}
portal_get_per_next_article($article);
$tpldirectory = '';
$articleprimaltplname = $cat['articleprimaltplname'];
if (strpos($articleprimaltplname, ':') !== false) {
list($tpldirectory, $articleprimaltplname) = explode(':', $articleprimaltplname);
}
$_G['setting']['commentitem'] = $_G['setting']['commentitem'][$thread['special']];
if ($thread['special'] == 0) {
loadcache('forums');
if ($_G['cache']['forums'][$post['fid']]['commentitem']) {
$_G['setting']['commentitem'] = $_G['cache']['forums'][$post['fid']]['commentitem'];
}
}
if ($_G['setting']['commentitem'] && !C::t('forum_postcomment')->count_by_pid($_GET['pid'], $_G['uid'], 1)) {
$commentitem = explode("\n", $_G['setting']['commentitem']);
}
}
if (!$post || !($_G['setting']['commentpostself'] || $post['authorid'] != $_G['uid']) || !($post['first'] && $_G['setting']['commentfirstpost'] && in_array($_G['group']['allowcommentpost'], array(1, 3)) || !$post['first'] && in_array($_G['group']['allowcommentpost'], array(2, 3)))) {
showmessage('postcomment_error');
}
$extra = !empty($_GET['extra']) ? rawurlencode($_GET['extra']) : '';
list($seccodecheck, $secqaacheck) = seccheck('post', 'reply');
include template('forum/comment');
} elseif ($_GET['action'] == 'commentmore') {
if (!$_G['setting']['commentnumber'] || !$_G['inajax']) {
showmessage('postcomment_closed');
}
require_once libfile('function/discuzcode');
$commentlimit = intval($_G['setting']['commentnumber']);
$page = max(1, $_G['page']);
$start_limit = ($page - 1) * $commentlimit;
$comments = array();
foreach (C::t('forum_postcomment')->fetch_all_by_search(null, $_GET['pid'], null, null, null, null, null, $start_limit, $commentlimit) as $comment) {
$comment['avatar'] = avatar($comment['authorid'], 'small');
$comment['dateline'] = dgmdate($comment['dateline'], 'u');
$comment['comment'] = str_replace(array('[b]', '[/b]', '[/color]'), array('<b>', '</b>', '</font>'), preg_replace("/\\[color=([#\\w]+?)\\]/i", "<font color=\"\\1\">", $comment['comment']));
$comments[] = $comment;
$_G['group']['maxprice'] = isset($_G['setting']['extcredits'][$_G['setting']['creditstrans']]) ? $_G['group']['maxprice'] : 0;
$extra = !empty($_GET['extra']) ? rawurlencode($_GET['extra']) : '';
$notifycheck = empty($emailnotify) ? '' : 'checked="checked"';
$stickcheck = empty($sticktopic) ? '' : 'checked="checked"';
$digestcheck = empty($addtodigest) ? '' : 'checked="checked"';
$subject = isset($_GET['subject']) ? dhtmlspecialchars(censor(trim($_GET['subject']))) : '';
$subject = !empty($subject) ? str_replace("\t", ' ', $subject) : $subject;
$message = isset($_GET['message']) ? censor($_GET['message']) : '';
$polloptions = isset($polloptions) ? censor(trim($polloptions)) : '';
$readperm = isset($_GET['readperm']) ? intval($_GET['readperm']) : 0;
$price = isset($_GET['price']) ? intval($_GET['price']) : 0;
if (empty($bbcodeoff) && !$_G['group']['allowhidecode'] && !empty($message) && preg_match("/\\[hide=?\\d*\\].*?\\[\\/hide\\]/is", preg_replace("/(\\[code\\](.+?)\\[\\/code\\])/is", ' ', $message))) {
showmessage('post_hide_nopermission');
}
$urloffcheck = $usesigcheck = $smileyoffcheck = $codeoffcheck = $htmloncheck = $emailcheck = '';
list($seccodecheck, $secqaacheck) = seccheck('post', $_GET['action']);
$_G['group']['allowpostpoll'] = $_G['group']['allowpost'] && $_G['group']['allowpostpoll'] && $_G['forum']['allowpostspecial'] & 1;
$_G['group']['allowposttrade'] = $_G['group']['allowpost'] && $_G['group']['allowposttrade'] && $_G['forum']['allowpostspecial'] & 2;
$_G['group']['allowpostreward'] = $_G['group']['allowpost'] && $_G['group']['allowpostreward'] && $_G['forum']['allowpostspecial'] & 4;
$_G['group']['allowpostactivity'] = $_G['group']['allowpost'] && $_G['group']['allowpostactivity'] && $_G['forum']['allowpostspecial'] & 8;
$_G['group']['allowpostdebate'] = $_G['group']['allowpost'] && $_G['group']['allowpostdebate'] && $_G['forum']['allowpostspecial'] & 16;
$usesigcheck = $_G['uid'] && $_G['group']['maxsigsize'] ? 'checked="checked"' : '';
$ordertypecheck = !empty($thread['tid']) && getstatus($thread['status'], 4) ? 'checked="checked"' : '';
$imgcontentcheck = !empty($thread['tid']) && getstatus($thread['status'], 15) ? 'checked="checked"' : '';
$specialextra = !empty($_GET['specialextra']) ? $_GET['specialextra'] : '';
$_G['forum']['threadplugin'] = dunserialize($_G['forum']['threadplugin']);
if ($specialextra && $_G['group']['allowpost'] && $_G['setting']['threadplugins'] && (!array_key_exists($specialextra, $_G['setting']['threadplugins']) || !@in_array($specialextra, is_array($_G['forum']['threadplugin']) ? $_G['forum']['threadplugin'] : dunserialize($_G['forum']['threadplugin'])) || !@in_array($specialextra, $_G['group']['allowthreadplugin']))) {
$specialextra = '';
}
if ($special == 3 && !isset($_G['setting']['extcredits'][$_G['setting']['creditstrans']])) {
showmessage('reward_credits_closed');
if ($activityuser) {
$query = C::t('home_feed')->fetch_all_by_uid_dateline($activityuser);
foreach ($query as $feed) {
if ($feed['friend'] == 0) {
$groupfeedlist[] = mkfeed($feed);
}
}
}
}
if ($_G['forum']['livetid']) {
include_once libfile('function/post');
$livethread = C::t('forum_thread')->fetch($_G['forum']['livetid']);
$livepost = C::t('forum_post')->fetch_threadpost_by_tid_invisible($_G['forum']['livetid']);
$livemessage = messagecutstr($livepost['message'], 200);
$liveallowpostreply = $groupuser['uid'] && $groupuser['level'] ? true : false;
list($seccodecheck, $secqaacheck) = seccheck('post', 'newthread');
}
} else {
$newuserlist = $activityuserlist = array();
$newuserlist = array_slice($groupcache['newuserlist']['data'], 0, 4);
foreach ($newuserlist as $user) {
$newuserlist[$user['uid']] = $user;
$newuserlist[$user['uid']]['online'] = !empty($onlinemember['list']) && is_array($onlinemember['list']) && !empty($onlinemember['list'][$user['uid']]) ? 1 : 0;
}
}
write_groupviewed($_G['fid']);
include template('diy:group/group:' . $_G['fid']);
} elseif ($action == 'memberlist') {
$oparray = array('card', 'address', 'alluser');
$op = getgpc('op') && in_array($_GET['op'], $oparray) ? $_GET['op'] : 'alluser';
$page = intval(getgpc('page')) ? intval($_GET['page']) : 1;
function on_register() {
global $_G;
$_GET['username'] = $_GET[''.$this->setting['reginput']['username']];
$_GET['password'] = $_GET[''.$this->setting['reginput']['password']];
$_GET['password2'] = $_GET[''.$this->setting['reginput']['password2']];
$_GET['email'] = $_GET[''.$this->setting['reginput']['email']];
if($_G['uid']) {
$ucsynlogin = $this->setting['allowsynlogin'] ? uc_user_synlogin($_G['uid']) : '';
$url_forward = dreferer();
if(strpos($url_forward, $this->setting['regname']) !== false) {
$url_forward = 'forum.php';
}
showmessage('login_succeed', $url_forward ? $url_forward : './', array('username' => $_G['member']['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']), array('extrajs' => $ucsynlogin));
} elseif(!$this->setting['regclosed'] && (!$this->setting['regstatus'] || !$this->setting['ucactivation'])) {
if($_GET['action'] == 'activation' || $_GET['activationauth']) {
if(!$this->setting['ucactivation'] && !$this->setting['closedallowactivation']) {
showmessage('register_disable_activation');
}
} elseif(!$this->setting['regstatus']) {
if($this->setting['regconnect']) {
dheader('location:connect.php?mod=login&op=init&referer=forum.php&statfrom=login_simple');
}
showmessage(!$this->setting['regclosemessage'] ? 'register_disable' : str_replace(array("\r", "\n"), '', $this->setting['regclosemessage']));
}
}
$bbrules = & $this->setting['bbrules'];
$bbrulesforce = & $this->setting['bbrulesforce'];
$bbrulestxt = & $this->setting['bbrulestxt'];
$welcomemsg = & $this->setting['welcomemsg'];
$welcomemsgtitle = & $this->setting['welcomemsgtitle'];
$welcomemsgtxt = & $this->setting['welcomemsgtxt'];
$regname = $this->setting['regname'];
if($this->setting['regverify']) {
if($this->setting['areaverifywhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if($location) {
$whitearea = preg_quote(trim($this->setting['areaverifywhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*'.$whitearea.'.*';
$whitearea = '/^('.str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea).')$/i';
if(@preg_match($whitearea, $location)) {
$this->setting['regverify'] = 0;
}
}
}
if($_G['cache']['ipctrl']['ipverifywhite']) {
foreach(explode("\n", $_G['cache']['ipctrl']['ipverifywhite']) as $ctrlip) {
if(preg_match("/^(".preg_quote(($ctrlip = trim($ctrlip)), '/').")/", $_G['clientip'])) {
$this->setting['regverify'] = 0;
break;
}
}
}
}
$invitestatus = false;
if($this->setting['regstatus'] == 2) {
if($this->setting['inviteconfig']['inviteareawhite']) {
$location = $whitearea = '';
$location = trim(convertip($_G['clientip'], "./"));
if($location) {
$whitearea = preg_quote(trim($this->setting['inviteconfig']['inviteareawhite']), '/');
$whitearea = str_replace(array("\\*"), array('.*'), $whitearea);
$whitearea = '.*'.$whitearea.'.*';
$whitearea = '/^('.str_replace(array("\r\n", ' '), array('.*|.*', ''), $whitearea).')$/i';
if(@preg_match($whitearea, $location)) {
$invitestatus = true;
}
}
}
if($this->setting['inviteconfig']['inviteipwhite']) {
foreach(explode("\n", $this->setting['inviteconfig']['inviteipwhite']) as $ctrlip) {
if(preg_match("/^(".preg_quote(($ctrlip = trim($ctrlip)), '/').")/", $_G['clientip'])) {
$invitestatus = true;
break;
}
}
}
}
$groupinfo = array();
if($this->setting['regverify']) {
$groupinfo['groupid'] = 8;
} else {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
list($seccodecheck, $secqaacheck) = seccheck('register');
$fromuid = !empty($_G['cookie']['promotion']) && $this->setting['creditspolicy']['promotion_register'] ? intval($_G['cookie']['promotion']) : 0;
$username = isset($_GET['username']) ? $_GET['username'] : '';
$bbrulehash = $bbrules ? substr(md5(FORMHASH), 0, 8) : '';
$auth = $_GET['auth'];
if(!$invitestatus) {
$invite = getinvite();
}
$sendurl = $this->setting['sendregisterurl'] ? true : false;
if($sendurl) {
if(!empty($_GET['hash'])) {
$_GET['hash'] = preg_replace("/[^\[A-Za-z0-9_\]%\s+-\/=]/", '', $_GET['hash']);
$hash = explode("\t", authcode($_GET['hash'], 'DECODE', $_G['config']['security']['authkey']));
if(is_array($hash) && isemail($hash[0]) && TIMESTAMP - $hash[1] < 259200) {
$sendurl = false;
}
}
}
if(!submitcheck('regsubmit', 0, $seccodecheck, $secqaacheck)) {
if($_GET['action'] == 'activation') {
$auth = explode("\t", authcode($auth, 'DECODE'));
if(FORMHASH != $auth[1]) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$username = $auth[0];
$activationauth = authcode("$auth[0]\t".FORMHASH, 'ENCODE');
$sendurl = false;
}
if(!$sendurl) {
if($fromuid) {
$member = getuserbyuid($fromuid);
if(!empty($member)) {
$fromuser = dhtmlspecialchars($member['username']);
} else {
dsetcookie('promotion');
}
}
if($_GET['action'] == 'activation') {
$auth = dhtmlspecialchars($auth);
}
if($seccodecheck) {
$seccode = random(6, 1);
}
$username = dhtmlspecialchars($username);
$htmls = $settings = array();
foreach($_G['cache']['fields_register'] as $field) {
$fieldid = $field['fieldid'];
$html = profile_setting($fieldid, array(), false, false, true);
if($html) {
$settings[$fieldid] = $_G['cache']['profilesetting'][$fieldid];
$htmls[$fieldid] = $html;
}
}
$navtitle = $this->setting['reglinkname'];
if($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
}
$bbrulestxt = nl2br("\n$bbrulestxt\n\n");
$dreferer = dreferer();
include template($this->template);
} else {
$activationauth = array();
if(isset($_GET['activationauth']) && $_GET['activationauth']) {
$activationauth = explode("\t", authcode($_GET['activationauth'], 'DECODE'));
if($activationauth[1] != FORMHASH) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
$sendurl = false;
}
if(!$activationauth && ($sendurl || !$_G['setting']['forgeemail'])) {
checkemail($_GET['email']);
}
if($sendurl) {
$hashstr = urlencode(authcode("$_GET[email]\t$_G[timestamp]", 'ENCODE', $_G['config']['security']['authkey']));
$registerurl = "{$_G[siteurl]}member.php?mod=".$this->setting['regname']."&hash={$hashstr}&email={$_GET[email]}";
$email_register_message = lang('email', 'email_register_message', array(
'bbname' => $this->setting['bbname'],
'siteurl' => $_G['siteurl'],
'url' => $registerurl
));
if(!sendmail("$_GET[email] <$_GET[email]>", lang('email', 'email_register_subject'), $email_register_message)) {
runlog('sendmail', "$_GET[email] sendmail failed.");
}
showmessage('register_email_send_succeed', dreferer(), array('bbname' => $this->setting['bbname']), array('showdialog' => false, 'msgtype' => 3, 'closetime' => 10));
}
$emailstatus = 0;
if($this->setting['sendregisterurl'] && !$sendurl) {
$_GET['email'] = strtolower($hash[0]);
$this->setting['regverify'] = $this->setting['regverify'] == 1 ? 0 : $this->setting['regverify'];
if(!$this->setting['regverify']) {
$groupinfo['groupid'] = $this->setting['newusergroupid'];
}
$emailstatus = 1;
}
if($this->setting['regstatus'] == 2 && empty($invite) && !$invitestatus) {
showmessage('not_open_registration_invite');
}
if($bbrules && $bbrulehash != $_POST['agreebbrule']) {
showmessage('register_rules_agree');
}
$activation = array();
if(isset($_GET['activationauth']) && $activationauth && is_array($activationauth)) {
if($activationauth[1] == FORMHASH && !($activation = uc_get_user($activationauth[0]))) {
showmessage('register_activation_invalid', 'member.php?mod=logging&action=login');
}
}
if(!$activation) {
$usernamelen = dstrlen($username);
if($usernamelen < 3) {
showmessage('profile_username_tooshort');
} elseif($usernamelen > 15) {
showmessage('profile_username_toolong');
}
if(uc_get_user(addslashes($username)) && !C::t('common_member')->fetch_uid_by_username($username) && !C::t('common_member_archive')->fetch_uid_by_username($username)) {
if($_G['inajax']) {
showmessage('profile_username_duplicate');
} else {
showmessage('register_activation_message', 'member.php?mod=logging&action=login', array('username' => $username));
}
}
if($this->setting['pwlength']) {
if(strlen($_GET['password']) < $this->setting['pwlength']) {
showmessage('profile_password_tooshort', '', array('pwlength' => $this->setting['pwlength']));
}
}
if($this->setting['strongpw']) {
$strongpw_str = array();
if(in_array(1, $this->setting['strongpw']) && !preg_match("/\d+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_1');
}
if(in_array(2, $this->setting['strongpw']) && !preg_match("/[a-z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_2');
}
if(in_array(3, $this->setting['strongpw']) && !preg_match("/[A-Z]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_3');
}
if(in_array(4, $this->setting['strongpw']) && !preg_match("/[^a-zA-z0-9]+/", $_GET['password'])) {
$strongpw_str[] = lang('member/template', 'strongpw_4');
}
if($strongpw_str) {
showmessage(lang('member/template', 'password_weak').implode(',', $strongpw_str));
}
}
$email = strtolower(trim($_GET['email']));
if(empty($email) && $_G['setting']['forgeemail']) {
$_GET['email'] = $email = strtolower(random(6)).'@'.$_SERVER['HTTP_HOST'];
}
if(empty($this->setting['ignorepassword'])) {
if($_GET['password'] !== $_GET['password2']) {
showmessage('profile_passwd_notmatch');
}
if(!$_GET['password'] || $_GET['password'] != addslashes($_GET['password'])) {
showmessage('profile_passwd_illegal');
}
$password = $_GET['password'];
} else {
$password = md5(random(10));
}
}
$censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($this->setting['censoruser'] = trim($this->setting['censoruser'])), '/')).')$/i';
if($this->setting['censoruser'] && @preg_match($censorexp, $username)) {
showmessage('profile_username_protect');
}
if($this->setting['regverify'] == 2 && !trim($_GET['regmessage'])) {
showmessage('profile_required_info_invalid');
}
if($_G['cache']['ipctrl']['ipregctrl']) {
foreach(explode("\n", $_G['cache']['ipctrl']['ipregctrl']) as $ctrlip) {
if(preg_match("/^(".preg_quote(($ctrlip = trim($ctrlip)), '/').")/", $_G['clientip'])) {
$ctrlip = $ctrlip.'%';
$this->setting['regctrl'] = $this->setting['ipregctrltime'];
break;
} else {
$ctrlip = $_G['clientip'];
}
}
} else {
$ctrlip = $_G['clientip'];
}
if($this->setting['regctrl']) {
if(C::t('common_regip')->count_by_ip_dateline($ctrlip, $_G['timestamp']-$this->setting['regctrl']*3600)) {
showmessage('register_ctrl', NULL, array('regctrl' => $this->setting['regctrl']));
}
}
$setregip = null;
if($this->setting['regfloodctrl']) {
$regip = C::t('common_regip')->fetch_by_ip_dateline($_G['clientip'], $_G['timestamp']-86400);
if($regip) {
if($regip['count'] >= $this->setting['regfloodctrl']) {
showmessage('register_flood_ctrl', NULL, array('regfloodctrl' => $this->setting['regfloodctrl']));
} else {
$setregip = 1;
}
} else {
$setregip = 2;
}
}
$profile = $verifyarr = array();
foreach($_G['cache']['fields_register'] as $field) {
if(defined('IN_MOBILE')) {
break;
}
$field_key = $field['fieldid'];
$field_val = $_GET[''.$field_key];
if($field['formtype'] == 'file' && !empty($_FILES[$field_key]) && $_FILES[$field_key]['error'] == 0) {
$field_val = true;
}
if(!profile_check($field_key, $field_val)) {
$showid = !in_array($field['fieldid'], array('birthyear', 'birthmonth')) ? $field['fieldid'] : 'birthday';
showmessage($field['title'].lang('message', 'profile_illegal'), '', array(), array(
'showid' => 'chk_'.$showid,
'extrajs' => $field['title'].lang('message', 'profile_illegal').($field['formtype'] == 'text' ? '<script type="text/javascript">'.
'$(\'registerform\').'.$field['fieldid'].'.className = \'px er\';'.
'$(\'registerform\').'.$field['fieldid'].'.onblur = function () { if(this.value != \'\') {this.className = \'px\';$(\'chk_'.$showid.'\').innerHTML = \'\';}}'.
'</script>' : '')
));
}
if($field['needverify']) {
$verifyarr[$field_key] = $field_val;
} else {
$profile[$field_key] = $field_val;
}
}
if(!$activation) {
$uid = uc_user_register(addslashes($username), $password, $email, $questionid, $answer, $_G['clientip']);
if($uid <= 0) {
if($uid == -1) {
showmessage('profile_username_illegal');
} elseif($uid == -2) {
showmessage('profile_username_protect');
} elseif($uid == -3) {
showmessage('profile_username_duplicate');
} elseif($uid == -4) {
showmessage('profile_email_illegal');
} elseif($uid == -5) {
showmessage('profile_email_domain_illegal');
} elseif($uid == -6) {
showmessage('profile_email_duplicate');
} else {
showmessage('undefined_action');
}
}
} else {
list($uid, $username, $email) = $activation;
}
$_G['username'] = $username;
if(getuserbyuid($uid, 1)) {
if(!$activation) {
uc_user_delete($uid);
}
showmessage('profile_uid_duplicate', '', array('uid' => $uid));
}
$password = md5(random(10));
$secques = $questionid > 0 ? random(8) : '';
if(isset($_POST['birthmonth']) && isset($_POST['birthday'])) {
$profile['constellation'] = get_constellation($_POST['birthmonth'], $_POST['birthday']);
}
if(isset($_POST['birthyear'])) {
$profile['zodiac'] = get_zodiac($_POST['birthyear']);
}
if($_FILES) {
$upload = new discuz_upload();
foreach($_FILES as $key => $file) {
$field_key = 'field_'.$key;
if(!empty($_G['cache']['fields_register'][$field_key]) && $_G['cache']['fields_register'][$field_key]['formtype'] == 'file') {
$upload->init($file, 'profile');
$attach = $upload->attach;
if(!$upload->error()) {
$upload->save();
if(!$upload->get_image_info($attach['target'])) {
@unlink($attach['target']);
continue;
}
$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
if($_G['cache']['fields_register'][$field_key]['needverify']) {
$verifyarr[$key] = $attach['attachment'];
} else {
$profile[$key] = $attach['attachment'];
}
}
}
}
}
if($setregip !== null) {
if($setregip == 1) {
C::t('common_regip')->update_count_by_ip($_G['clientip']);
} else {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => 1, 'dateline' => $_G['timestamp']));
}
}
if($invite && $this->setting['inviteconfig']['invitegroupid']) {
$groupinfo['groupid'] = $this->setting['inviteconfig']['invitegroupid'];
}
$init_arr = array('credits' => explode(',', $this->setting['initcredits']), 'profile'=>$profile, 'emailstatus' => $emailstatus);
C::t('common_member')->insert($uid, $username, $password, $email, $_G['clientip'], $groupinfo['groupid'], $init_arr);
if($emailstatus) {
updatecreditbyaction('realemail', $uid);
}
if($verifyarr) {
$setverify = array(
'uid' => $uid,
'username' => $username,
'verifytype' => '0',
'field' => serialize($verifyarr),
'dateline' => TIMESTAMP,
);
C::t('common_member_verify_info')->insert($setverify);
C::t('common_member_verify')->insert(array('uid' => $uid));
}
require_once libfile('cache/userstats', 'function');
build_cache_userstats();
if($this->extrafile && file_exists($this->extrafile)) {
require_once $this->extrafile;
}
if($this->setting['regctrl'] || $this->setting['regfloodctrl']) {
C::t('common_regip')->delete_by_dateline($_G['timestamp']-($this->setting['regctrl'] > 72 ? $this->setting['regctrl'] : 72)*3600);
if($this->setting['regctrl']) {
C::t('common_regip')->insert(array('ip' => $_G['clientip'], 'count' => -1, 'dateline' => $_G['timestamp']));
}
}
$regmessage = dhtmlspecialchars($_GET['regmessage']);
if($this->setting['regverify'] == 2) {
C::t('common_member_validate')->insert(array(
'uid' => $uid,
'submitdate' => $_G['timestamp'],
'moddate' => 0,
'admin' => '',
'submittimes' => 1,
'status' => 0,
'message' => $regmessage,
'remark' => '',
), false, true);
manage_addnotify('verifyuser');
}
setloginstatus(array(
'uid' => $uid,
'username' => $_G['username'],
'password' => $password,
'groupid' => $groupinfo['groupid'],
), 0);
include_once libfile('function/stat');
updatestat('register');
if($invite['id']) {
$result = C::t('common_invite')->count_by_uid_fuid($invite['uid'], $uid);
if(!$result) {
C::t('common_invite')->update($invite['id'], array('fuid'=>$uid, 'fusername'=>$_G['username'], 'regdateline' => $_G['timestamp'], 'status' => 2));
updatestat('invite');
} else {
$invite = array();
}
}
if($invite['uid']) {
if($this->setting['inviteconfig']['inviteaddcredit']) {
updatemembercount($uid, array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['inviteaddcredit']));
}
if($this->setting['inviteconfig']['invitedaddcredit']) {
updatemembercount($invite['uid'], array($this->setting['inviteconfig']['inviterewardcredit'] => $this->setting['inviteconfig']['invitedaddcredit']));
}
require_once libfile('function/friend');
friend_make($invite['uid'], $invite['username'], false);
notification_add($invite['uid'], 'friend', 'invite_friend', array('actor' => '<a href="home.php?mod=space&uid='.$invite['uid'].'" target="_blank">'.$invite['username'].'</a>'), 1);
space_merge($invite, 'field_home');
if(!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid='.$_G['uid'].'">'.$_G['username'].'</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if($invite['appid']) {
updatestat('appinvite');
}
}
if($welcomemsg && !empty($welcomemsgtxt)) {
$welcomemsgtitle = replacesitevar($welcomemsgtitle);
$welcomemsgtxt = replacesitevar($welcomemsgtxt);
if($welcomemsg == 1) {
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
} elseif($welcomemsg == 2) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
} elseif($welcomemsg == 3) {
sendmail_cron($email, $welcomemsgtitle, $welcomemsgtxt);
$welcomemsgtxt = nl2br(str_replace(':', ':', $welcomemsgtxt));
notification_add($uid, 'system', $welcomemsgtxt, array('from_id' => 0, 'from_idtype' => 'welcomemsg'), 1);
}
}
if($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
dsetcookie('loginuser', '');
dsetcookie('activationauth', '');
dsetcookie('invite_auth', '');
$url_forward = dreferer();
$refreshtime = 3000;
switch($this->setting['regverify']) {
case 1:
$idstring = random(6);
$authstr = $this->setting['regverify'] == 1 ? "$_G[timestamp]\t2\t$idstring" : '';
C::t('common_member_field_forum')->update($_G['uid'], array('authstr' => $authstr));
$verifyurl = "{$_G[siteurl]}member.php?mod=activate&uid={$_G[uid]}&id=$idstring";
$email_verify_message = lang('email', 'email_verify_message', array(
'username' => $_G['member']['username'],
'bbname' => $this->setting['bbname'],
'siteurl' => $_G['siteurl'],
'url' => $verifyurl
));
if(!sendmail("$username <$email>", lang('email', 'email_verify_subject'), $email_verify_message)) {
runlog('sendmail', "$email sendmail failed.");
}
$message = 'register_email_verify';
$locationmessage = 'register_email_verify_location';
$refreshtime = 10000;
break;
case 2:
$message = 'register_manual_verify';
$locationmessage = 'register_manual_verify_location';
break;
default:
$message = 'register_succeed';
$locationmessage = 'register_succeed_location';
break;
}
$param = array('bbname' => $this->setting['bbname'], 'username' => $_G['username'], 'usergroup' => $_G['group']['grouptitle'], 'uid' => $_G['uid']);
if(strpos($url_forward, $this->setting['regname']) !== false || strpos($url_forward, 'buyinvitecode') !== false) {
$url_forward = 'forum.php';
}
$href = str_replace("'", "\'", $url_forward);
$extra = array(
'showid' => 'succeedmessage',
'extrajs' => '<script type="text/javascript">'.
'setTimeout("window.location.href =\''.$href.'\';", '.$refreshtime.');'.
'$(\'succeedmessage_href\').href = \''.$href.'\';'.
'$(\'main_message\').style.display = \'none\';'.
'$(\'main_succeed\').style.display = \'\';'.
'$(\'succeedlocation\').innerHTML = \''.lang('message', $locationmessage).'\';'.
'</script>',
'striptags' => false,
);
showmessage($message, $url_forward, $param, $extra);
}
}
}
$otherinfo = getotherinfo($aids, $pids, $tids, $taskids, $uids);
}
$navtitle = lang('core', 'title_credit');
$creditsformulaexp = str_replace('*', 'X', $_G['setting']['creditsformulaexp']);
} elseif ($_GET['op'] == 'buy') {
if ((!$_G['setting']['ec_ratio'] || !$_G['setting']['ec_tenpay_opentrans_chnid'] && !$_G['setting']['ec_tenpay_bargainor'] && !$_G['setting']['ec_account']) && !$_G['setting']['card']['open']) {
showmessage('action_closed', NULL);
}
if (submitcheck('addfundssubmit')) {
if (!isset($_GET['bank_type'])) {
showmessage('memcp_credits_addfunds_msg_notype', '', array(), array('showdialog' => 1, 'showmsg' => true, 'closetime' => true));
}
$apitype = is_numeric($_GET['bank_type']) ? 'tenpay' : $_GET['bank_type'];
if ($apitype == 'card') {
list($seccodecheck) = seccheck('card');
if ($seccodecheck) {
if (!check_seccode($_GET['seccodeverify'], $_GET['seccodehash'])) {
showmessage('submit_seccode_invalid', '', array(), array('showdialog' => 1, 'showmsg' => true, 'closetime' => true));
}
}
if (!$_POST['cardid']) {
showmessage('memcp_credits_card_msg_cardid_incorrect', '', array(), array('showdialog' => 1, 'showmsg' => true, 'closetime' => true));
}
if (!($card = C::t('common_card')->fetch($_POST['cardid']))) {
showmessage('memcp_credits_card_msg_card_unfined', '', array(), array('showdialog' => 1, 'showmsg' => true, 'closetime' => true, 'extrajs' => '<script type="text/javascript">updateseccode("' . $_GET['sechash'] . '");</script>'));
} else {
if ($card['status'] == 2) {
showmessage('memcp_credits_card_msg_used', '', array(), array('showdialog' => 1, 'showmsg' => true, 'closetime' => true));
}
if ($card['cleardateline'] < TIMESTAMP) {
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
$defaultop = '';
$profilegroup = C::t('common_setting')->fetch('profilegroup', true);
foreach ($profilegroup as $key => $value) {
if ($value['available']) {
$defaultop = $key;
break;
}
}
$operation = in_array($_GET['op'], array('base', 'contact', 'edu', 'work', 'info', 'password', 'verify')) ? trim($_GET['op']) : $defaultop;
$space = getuserbyuid($_G['uid']);
space_merge($space, 'field_home');
space_merge($space, 'profile');
list($seccodecheck, $secqaacheck) = seccheck('password');
@(include_once DISCUZ_ROOT . './data/cache/cache_domain.php');
$spacedomain = isset($rootdomain['home']) && $rootdomain['home'] ? $rootdomain['home'] : array();
$_GET['id'] = $_GET['id'] ? preg_replace("/[^A-Za-z0-9_:]/", '', $_GET['id']) : '';
if ($operation != 'password') {
include_once libfile('function/profile');
loadcache('profilesetting');
if (empty($_G['cache']['profilesetting'])) {
require_once libfile('function/cache');
updatecache('profilesetting');
loadcache('profilesetting');
}
}
$allowcstatus = !empty($_G['group']['allowcstatus']) ? true : false;
$verify = C::t('common_member_verify')->fetch($_G['uid']);
$validate = array();
<?php
require '../includes/config.php';
$phonenr = $_GET['phone'];
//Check if phone number exists in db
if (seccheck($numbers, $phonenr) != true) {
echo 'What are you doing? ';
echo 'Shutting down...';
exit;
}
$results = DB::query("SELECT * FROM messages WHERE sentto=%i", $phonenr);
if ($results != null) {
foreach ($results as $row) {
?>
<li class="message">
<strong>Sent from: <?php
echo $row['sentfrom'];
?>
</strong>
<em><?php
echo $row['time'];
?>
</em>
<p><?php
echo $row['message'];
?>
</p>
</li>
<?php
