/**
* Add lightbox to videos
*
* @param mixed $content
* @return mixed
*/
public function add_videos_lightbox_selector($content)
{
if (Responsive_Lightbox()->options['settings']['videos'] === true) {
preg_match_all('/<a(.*?)href=(?:\'|")((?:http|https|)(?::\\/\\/|)(?:www.|)((?:youtu\\.be\\/|youtube\\.com(?:\\/embed\\/|\\/v\\/|\\/watch\\?v=|\\/ytscreeningroom\\?v=|\\/feeds\\/api\\/videos\\/|\\/user\\S*[^\\w\\-\\s]|\\S*[^\\w\\-\\s]))([\\w\\-]{11})[a-z0-9;:@#?&%=+\\/\\$_.-]*)|((?:http|https|)(?::\\/\\/|)(?:www.|)(?:vimeo\\.com\\/[0-9]*(?:.+))))(?:\'|")(.*?)>/i', $content, $links);
if (isset($links[0])) {
foreach ($links[0] as $id => $link) {
if (preg_match('/<a.*?(?:rel|data-rel)=(?:\'|")(.*?)(?:\'|").*?>/', $link, $result) === 1) {
if (isset($result[1])) {
$new_rels = array();
$rels = explode(' ', $result[1]);
if (in_array(Responsive_Lightbox()->options['settings']['selector'], $rels, true)) {
foreach ($rels as $no => $rel) {
if ($rel !== Responsive_Lightbox()->options['settings']['selector']) {
$new_rels[] = $rel;
}
}
$content = str_replace($link, preg_replace('/(?:rel|data-rel)=(?:\'|")(.*?)(?:\'|")/', 'data-rel="' . (!empty($new_rel) ? simplode(' ', $new_rels) . ' ' : '') . Responsive_Lightbox()->options['settings']['selector'] . '-video-' . $id . '"', $link), $content);
} else {
$content = str_replace($link, preg_replace('/(?:rel|data-rel)=(?:\'|")(.*?)(?:\'|")/', 'data-rel="' . ($result[1] !== '' ? $result[1] . ' ' : '') . Responsive_Lightbox()->options['settings']['selector'] . '-video-' . $id . '"', $link), $content);
}
}
} else {
// swipebox video fix
if (Responsive_Lightbox()->options['settings']['script'] === 'swipebox' && strpos($links[2][$id], 'vimeo') !== false) {
$links[2][$id] = $links[2][$id] . '?width=' . Responsive_Lightbox()->options['configuration']['swipebox']['video_max_width'];
}
$content = str_replace($link, '<a' . $links[1][$id] . 'href="' . $links[2][$id] . '" data-rel="' . Responsive_Lightbox()->options['settings']['selector'] . '-video-' . $id . '">', $content);
}
}
}
}
return $content;
}
function setFlag($applications, $flag) {
global $_SGLOBAL;
$flag = ($flag == 'disabled') ? -1 : ($flag == 'default' ? 1 : 0);
$appIds = array();
if ($applications && is_array($applications)) {
foreach($applications as $application) {
$this->refreshApplication($application['appId'], $application['appName'], null, null, null, $flag, null);
$appIds[] = $application['appId'];
}
}
if ($flag == -1) {
$sql = sprintf('DELETE FROM %s WHERE icon IN (%s)', tname('feed'), simplode($appIds));
$_SGLOBAL['db']->query($sql);
$sql = sprintf('DELETE FROM %s WHERE appid IN (%s)', tname('userapp'), simplode($appIds));
$_SGLOBAL['db']->query($sql);
$sql = sprintf('DELETE FROM %s WHERE appid IN (%s)', tname('userappfield'), simplode($appIds));
$_SGLOBAL['db']->query($sql);
$sql = sprintf('DELETE FROM %s WHERE appid IN (%s)', tname('myinvite'), simplode($appIds));
$_SGLOBAL['db']->query($sql);
$sql = sprintf('DELETE FROM %s WHERE type IN (%s)', tname('notification'), simplode($appIds));
$_SGLOBAL['db']->query($sql);
}
$result = true;
return new APIResponse($result);
}
function getUpdatedUsers($num)
{
global $_SGLOBAL;
$totalNum = getcount('userlog', '');
$users = array();
if ($totalNum) {
$sql = 'SELECT s.*, sf.*, ul.action, ul.uid
FROM %s ul
LEFT JOIN %s s ON ul.uid = s.uid
LEFT JOIN %s sf ON ul.uid = sf.uid
ORDER BY ul.dateline
LIMIT %d';
$sql = sprintf($sql, tname('userlog'), tname('space'), tname('spacefield'), $num);
$query = $_SGLOBAL['db']->query($sql);
$uIds = array();
while ($space = $_SGLOBAL['db']->fetch_array($query)) {
$user = $this->_space2user($space);
$users[] = $user;
$uIds[] = $space['uid'];
}
if ($uIds) {
$sql = sprintf('DELETE FROM %s WHERE uid IN (%s)', tname('userlog'), simplode($uIds));
$_SGLOBAL['db']->query($sql);
}
}
$result = array('totalNum' => $totalNum, 'users' => $users);
return new APIResponse($result);
}
function deletedoings($ids)
{
global $_SGLOBAL;
$_SGLOBAL['db']->query("DELETE FROM " . tname('doing') . " WHERE doid IN (" . simplode($ids) . ")");
//删除评论
$_SGLOBAL['db']->query("DELETE FROM " . tname('docomment') . " WHERE doid IN (" . simplode($ids) . ")");
//删除feed
$_SGLOBAL['db']->query("DELETE FROM " . tname('feed') . " WHERE id IN (" . simplode($ids) . ") AND idtype='doid'");
return true;
}
function deleteposts($tagid, $pids)
{
global $_SGLOBAL;
//整理
$nums = renum($postnums);
foreach ($nums[0] as $pnum) {
$_SGLOBAL['db']->query("UPDATE " . tname('thread') . " SET replynum=replynum-{$pnum} WHERE tid IN (" . simplode($tids) . ")");
}
//删除
$_SGLOBAL['db']->query("DELETE FROM " . tname('post') . " WHERE pid IN (" . simplode($pids) . ")");
return true;
}
function getUpdatedUsers($num)
{
global $_SGLOBAL;
$totalNum = getcount('userlog', '');
$users = array();
if ($totalNum) {
$sql = sprintf('SELECT uid, action, type FROM %s ORDER BY dateline LIMIT %d', tname('userlog'), $num);
$query = $_SGLOBAL['db']->query($sql);
$deletedUsers = $userLogs = $uIds = array();
$undeletedUserIds = array(0 => array(), 1 => array(), 2 => array());
while ($row = $_SGLOBAL['db']->fetch_array($query)) {
$uIds[] = $row['uid'];
if ($row['action'] == 'delete') {
$deletedUsers[] = array('uId' => $row['uid'], 'action' => $row['action']);
} else {
$undeletedUserIds[$row['type']][] = $row['uid'];
}
$userLogs[$row['uid']] = $row;
}
$updatedUsers2 = $updatedUsers3 = array();
// extra updated
if ($undeletedUserIds[2]) {
$updatedUsers2 = $this->getExtraByUsers($undeletedUserIds[2]);
}
// basic updated + all updated
$uIds3 = array_merge($undeletedUserIds[0], $undeletedUserIds[1]);
$updatedUsers3 = $this->getUsers($uIds3, false, true, true, false);
$updatedUsers = array_merge($updatedUsers2, $updatedUsers3);
foreach ($updatedUsers as $k => $v) {
$updatedUsers[$k]['action'] = $userLogs[$v['uId']]['action'];
switch ($userLogs[$v['uId']]['type']) {
case 2:
$updatedUsers[$k]['updateType'] = 'extra';
break;
case 1:
$updatedUsers[$k]['updateType'] = 'basic';
break;
case 0:
default:
$updatedUsers[$k]['updateType'] = 'all';
}
}
$users = array_merge($updatedUsers, $deletedUsers);
if ($uIds) {
$sql = sprintf('DELETE FROM %s WHERE uid IN (%s)', tname('userlog'), simplode($uIds));
$_SGLOBAL['db']->query($sql);
}
}
$result = array('totalNum' => $totalNum, 'users' => $users);
return new APIResponse($result);
}
function posttag($tagnamestr)
{
global $_SGLOBAL, $lang;
$tagarr = array('existsname' => array(), 'nonename' => array(), 'closename' => array(), 'existsid' => array());
if (empty($tagnamestr)) {
return $tagarr;
}
$tagnamearr = array();
$valuearr = explode(' ', str_replace(',', ' ', shtmlspecialchars($tagnamestr)));
foreach ($valuearr as $value) {
if (count($tagnamearr) > 10) {
break;
}
$value = posttagcheck($value);
if ($value) {
$tagnamearr[md5($value)] = $value;
}
}
if (empty($tagnamearr)) {
return $tagarr;
}
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('tags') . ' WHERE tagname IN (' . simplode($tagnamearr) . ')');
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$tagarr['existsid'][] = $value['tagid'];
$tagarr['existsname'][] = $value['tagname'];
if ($value['close']) {
$tagarr['closename'][] = $value['tagname'];
}
}
if (!empty($tagarr['existsname'])) {
foreach ($tagnamearr as $value) {
if (!in_array($value, $tagarr['existsname'])) {
$tagarr['nonename'][] = $value;
}
}
} else {
$tagarr['nonename'] = $tagnamearr;
}
if (!empty($tagarr['closename'])) {
showmessage($lang['not_allowed_to_belong_to_the_following_tag'] . ':<p>' . implode(',', $tagarr['closename']) . '</p>');
}
return $tagarr;
}
function deleteblogs($blogids)
{
global $_SGLOBAL;
//获取博客信息
$spaces = $blogs = $newblogids = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('blog') . " WHERE blogid IN (" . simplode($blogids) . ")");
$value = $_SGLOBAL['db']->fetch_array($query);
//数据删除
$_SGLOBAL['db']->query("DELETE FROM " . tname('blog') . " WHERE blogid IN (" . simplode($blogids) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('blogfield') . " WHERE blogid IN (" . simplode($blogids) . ")");
//评论
$_SGLOBAL['db']->query("DELETE FROM " . tname('comment') . " WHERE id IN (" . simplode($blogids) . ") AND idtype='blogid'");
//删除举报
$_SGLOBAL['db']->query("DELETE FROM " . tname('report') . " WHERE id IN (" . simplode($blogids) . ") AND idtype='blogid'");
//删除feed
$_SGLOBAL['db']->query("DELETE FROM " . tname('feed') . " WHERE id IN (" . simplode($blogids) . ") AND idtype='blogid'");
//删除脚印
$_SGLOBAL['db']->query("DELETE FROM " . tname('clickuser') . " WHERE id IN (" . simplode($blogids) . ") AND idtype='blogid'");
return true;
}
$sql .= ' AND status IN (2,3,4)';
$theurl .= "&type=join";
}
$query = $_SGLOBAL['db']->query($sql);
$count = $_SGLOBAL['db']->num_rows($query);
if($count) {
$sql .= " ORDER BY eventid DESC LIMIT $start, $perpage";
$query = $_SGLOBAL['db']->query($sql);
$ids = array();
while($value = $_SGLOBAL['db']->fetch_array($query)) {
$ids[] = $value['eventid'];
}
$fromsql = tname('event').' e';
$joinsql = 'LEFT JOIN '.tname('userevent').' ue ON e.eventid = ue.eventid';
$wherearr[] = 'e.eventid IN ('.simplode($ids).')';
$orderby = " e.eventid DESC";
$sql = "SELECT e.*, ue.uid as fuid, ue.username as fusername, ue.status FROM $fromsql $joinsql WHERE ".implode(" AND ", $wherearr);
}
$needquery = false;
} elseif($view == "me") {
$fromsql = tname("userevent")." ue";
$joinsql = "LEFT JOIN ".tname('event')." e ON e.eventid=ue.eventid";
$orderby = "ue.dateline DESC";
if($view=="friend" && $space['feedfriend']) {
$wherearr[] = "ue.uid IN ($space[feedfriend])";
} else {
$wherearr[] = "ue.uid = '$space[uid]'";
}
if($type=="follow") {
function note_apply($sqlarr) {
global $_SGLOBAL;
$fieldsql = $comma = '';
if(is_array($sqlarr)) {
$uids = array();
$valsql = '(';
foreach($sqlarr as $key => $value) {
$uids[] = $value['uid'];
foreach($value as $vkey => $val) {
if($key == 0) {
$fieldsql .= $comma.$vkey;
}
$valsql .= $comma.'\''.$val.'\'';
$comma = ', ';
}
if(count($sqlarr)-1 > $key) {
$valsql .= '), (';
$comma = '';
}
}
$valsql .= ')';
$_SGLOBAL['db']->query('insert into '.tname('notification').' ('.$fieldsql.') values '.$valsql);
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET notenum=notenum+1 WHERE uid IN (".simplode($uids).")");
}
}
$value['message'] = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT message FROM " . tname('comment') . " WHERE cid='{$n_cid}' "), 0);
$value['do'] = $n_do;
$value[$n_do . 'id'] = $n_do_id;
$value['note'] = strip_tags($value['note']);
$value['name'] = empty($value['name']) ? $value['author'] : $value['name'];
$value['isnew'] = $value['new'];
unset($value['new']);
$value['avatar_url'] = avatar($value['authorid'], 'middle', TRUE);
$list[] = $value;
}
//分页
$multi = multi($count, $perpage, $page, "space.php?do={$do}");
}
//更新状态为已看
if ($newids) {
$_SGLOBAL['db']->query("UPDATE " . tname('notification') . " SET new='0' WHERE id IN (" . simplode($newids) . ")");
//更新未读的
$newcount = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('notification') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND new='1'"), 0);
$space['notenum'] = $newcount = intval($newcount);
updatetable('space', array('notenum' => $newcount), array('uid' => $_SGLOBAL['supe_uid']));
}
$newnum = 0;
$space['pmnum'] = $_SGLOBAL['member']['newpm'];
foreach (array('notenum', 'pokenum', 'addfriendnum', 'mtaginvitenum', 'eventinvitenum', 'myinvitenum') as $value) {
$newnum = $newnum + $space[$value];
}
$_SGLOBAL['member']['notenum'] = $space['notenum'];
$_SGLOBAL['member']['allnotenum'] = $newnum;
realname_get();
}
//include_once template("space_notice");
if ($lines) {
$fp = fopen(S_ROOT . './data/log/' . $_GET['file'], 'r');
foreach ($lines as $line) {
list($l, $o, $n) = explode('-', $line);
fseek($fp, $o);
$line = $n ? fread($fp, $n) : '';
$loginfo = parselog($line);
$loginfo['line'] = $l;
$uids[] = $loginfo['uid'];
$list[] = $loginfo;
}
fclose($fp);
}
}
if ($uids) {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('space') . ' WHERE uid IN (' . simplode($uids) . ')');
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value['uid'], $value['username']);
}
realname_get();
}
$multi = multi($count, $perpage, $page, $mpurl);
}
function parselog($line, $detail = false)
{
$loginfo = array();
list($tag, $dateline, $type, $ip, $uid, $link, $extra) = explode("\t", $line);
$uid = intval($uid);
$loginfo = array('ip' => $ip, 'uid' => $uid, 'link' => $link, 'dateline' => $dateline, 'type' => $type);
if ($detail) {
$m1 = $m2 = array();
function realname_get()
{
global $_SGLOBAL, $_SCONFIG, $_SN, $space;
if (empty($_SGLOBAL['_realname_get']) && $_SCONFIG['realname'] && $_SGLOBAL['select_realname']) {
//禁止重复调用
$_SGLOBAL['_realname_get'] = 1;
//已经有的
if ($space && isset($_SGLOBAL['select_realname'][$space['uid']])) {
unset($_SGLOBAL['select_realname'][$space['uid']]);
}
if ($_SGLOBAL['member']['uid'] && isset($_SGLOBAL['select_realname'][$_SGLOBAL['member']['uid']])) {
unset($_SGLOBAL['select_realname'][$_SGLOBAL['member']['uid']]);
}
//获得实名
$uids = empty($_SGLOBAL['select_realname']) ? array() : array_keys($_SGLOBAL['select_realname']);
if ($uids) {
$query = $_SGLOBAL['db']->query("SELECT uid, name, namestatus FROM " . tname('space') . " WHERE uid IN (" . simplode($uids) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['name'] && $value['namestatus']) {
$_SN[$value['uid']] = $value['name'];
}
}
}
}
}
function getrelativeitemids($itemid, $typearr = array(), $num = 10)
{
global $_SGLOBAL;
$tagidarr = array();
$query = $_SGLOBAL['db']->query("SELECT tagid FROM " . tname('spacetags') . " WHERE itemid='{$itemid}' and status='1'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$tagidarr[] = $value['tagid'];
}
if (empty($tagidarr)) {
return '';
}
$sqlplus = '';
if (!empty($typearr)) {
$sqlplus = "AND type IN (" . simplode($typearr) . ") AND status='1'";
}
$itemidarr = array();
$query = $_SGLOBAL['db']->query("SELECT itemid FROM " . tname('spacetags') . " WHERE tagid IN (" . simplode($tagidarr) . ") AND itemid<>'{$itemid}' {$sqlplus} ORDER BY itemid DESC LIMIT 0, {$num}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$itemidarr[] = $value['itemid'];
}
return implode(',', $itemidarr);
}
$wheresql .= " AND catid='{$catid}' ";
}
if (submitcheck('postsubmit')) {
if (!empty($_POST['itemid']) && empty($_SGLOBAL['supe_uid'])) {
showmessage('no_permission');
}
modelpost($cacheinfo, 0);
} elseif (submitcheck('delitemsubmit')) {
$itemarr = array();
$tablename = $do == 'pass' ? $nameid . 'items' : 'modelfolders';
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($tablename) . ' WHERE itemid IN(' . simplode($_POST['item'], ',') . ') AND uid=\'' . $_SGLOBAL['supe_uid'] . '\'');
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$itemarr[] = $value['itemid'];
}
$_SGLOBAL['db']->query('DELETE FROM ' . tname($tablename) . ' WHERE itemid IN(' . simplode($itemarr, ',') . ')');
$_SGLOBAL['db']->query('DELETE FROM ' . tname($tablename) . ' WHERE itemid IN(' . simplode($itemarr, ',') . ')');
showmessage('do_success', 'cp.php?ac=models&op=list&do=' . $do . '&nameid=' . $nameid);
}
if ($itemid) {
if ($do == 'pass') {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($cacheinfo['models']['modelname'] . 'items') . ' LEFT JOIN ' . tname($cacheinfo['models']['modelname'] . 'message') . " USING (itemid) WHERE itemid='{$itemid}'");
if (!($item = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('no_item', 'cp.php?ac=models&op=list&nameid=' . $nameid);
}
$item['subject'] = shtmlspecialchars($item['subject']);
$item['message'] = jsstrip($item['message']);
} else {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('modelfolders') . " WHERE mid='" . $cacheinfo['models']['mid'] . "' AND itemid='{$itemid}'");
if (!($item = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('no_item', 'cp.php?ac=models&op=list&nameid=' . $nameid);
}
function tag_batch($blogid, $tags) {
global $_SGLOBAL;
$tagarr = array();
$tagnames = empty($tags)?array():array_unique(explode(' ', $tags));
if(empty($tagnames)) return $tagarr;
$vtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, tagname, close FROM ".tname('tag')." WHERE tagname IN (".simplode($tagnames).")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$value['tagname'] = addslashes($value['tagname']);
$vkey = md5($value['tagname']);
$vtags[$vkey] = $value;
}
$updatetagids = array();
foreach ($tagnames as $tagname) {
if(!preg_match('/^([\x7f-\xff_-]|\w){3,20}$/', $tagname)) continue;
$vkey = md5($tagname);
if(empty($vtags[$vkey])) {
$setarr = array(
'tagname' => $tagname,
'uid' => $_SGLOBAL['supe_uid'],
'dateline' => $_SGLOBAL['timestamp'],
'blognum' => 1
);
$tagid = inserttable('tag', $setarr, 1);
$tagarr[$tagid] = $tagname;
} else {
if(empty($vtags[$vkey]['close'])) {
$tagid = $vtags[$vkey]['tagid'];
$updatetagids[] = $tagid;
$tagarr[$tagid] = $tagname;
}
}
}
if($updatetagids) $_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum+1 WHERE tagid IN (".simplode($updatetagids).")");
$tagids = array_keys($tagarr);
$inserts = array();
foreach ($tagids as $tagid) {
$inserts[] = "('$tagid','$blogid')";
}
if($inserts) $_SGLOBAL['db']->query("REPLACE INTO ".tname('tagblog')." (tagid,blogid) VALUES ".implode(',', $inserts));
return $tagarr;
}
$Id: admincp_tag.php 12568 2009-07-08 07:38:01Z zhengqingpeng $
*/
if (!defined('IN_UCHOME') || !defined('IN_ADMINCP')) {
exit('Access Denied');
}
// Check Permissions
if (!checkperm('managetag')) {
cpmessage('no_authority_management_operation');
}
if (submitcheck('opsubmit')) {
// Verify permissions for batch operations
$allowmanage = checkperm('managetag');
$managebatch = checkperm('managebatch');
$newids = array();
$opnum = 0;
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('tag') . " WHERE tagid IN (" . simplode($_POST['ids']) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($allowmanage || $value['uid'] == $_SGLOBAL['supe_uid']) {
$newids[] = $value['tagid'];
if (!$managebatch && $value['uid'] != $_SGLOBAL['supe_uid']) {
$opnum++;
}
}
}
if (!$managebatch && $opnum > 1) {
cpmessage('choose_to_delete_the_tag', $_POST['mpurl']);
}
$_POST['ids'] = $newids;
if ($_POST['optype'] == 'delete') {
include_once S_ROOT . './source/function_delete.php';
if (!empty($_POST['ids']) && deletetags($_POST['ids'])) {
function verify_eventmembers($uids, $status)
{
global $_SGLOBAL, $event;
if ($_SGLOBAL['supe_userevent']['status'] < 3) {
showmessage('no_privilege_manage_event_members');
}
$eventid = $_SGLOBAL['supe_userevent']['eventid'];
if ($eventid != $event['eventid']) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid='{$eventid}'");
$event = $_SGLOBAL['db']->fetch_array($query);
}
$status = intval($status);
if ($status < -1 || $status > 3) {
showmessage("bad_userevent_status");
// Please select the correct status of the event Members
}
if ($event['verify'] == 0 && $status == 0) {
showmessage("event_not_set_verify");
}
if ($status == 3 && $_SGLOBAL['supe_uid'] != $event['uid']) {
showmessage("only_creator_can_set_admin");
// Only Founder can set the administrator
}
$newids = $actions = $userevents = array();
$num = 0;
// changing Event Member Number
$query = $_SGLOBAL['db']->query("SELECT ue.*, sf.* FROM " . tname("userevent") . " ue LEFT JOIN " . tname("spacefield") . " sf ON ue.uid=sf.uid WHERE ue.uid IN (" . simplode($uids) . ") AND ue.eventid='{$eventid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['status'] == $status || $event['uid'] == $value['uid'] || $value['status'] == 1) {
// The same status, creator, who does not deal with concerned about
continue;
}
if ($status == 2) {
//Set to ordinary member
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
if ($value['status'] == 0) {
// Join
$actions[$value['uid']] = "set_verify";
$num += $value['fellow'] + 1;
} elseif ($value['status'] == 3) {
// cancel the Organizer status
$actions[$value['uid']] = "unset_admin";
}
} elseif ($status == 3) {
//Set to Organizer
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
$actions[$value['uid']] = "set_admin";
if ($value['status'] == 0) {
$num += $value['fellow'] + 1;
}
} elseif ($status == 0) {
//Set to Pending
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
$actions[$value['uid']] = "unset_verify";
if ($value['status'] >= 2) {
$num -= $value['fellow'] + 1;
}
} elseif ($status == -1) {
//Delete Members
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
$actions[$value['uid']] = "set_delete";
if ($value['status'] >= 2) {
$num -= $value['fellow'] + 1;
}
}
}
if (empty($newids)) {
return array();
}
if ($event['limitnum'] > 0 && $event['membernum'] + $num > $event['limitnum']) {
// Event Number of members is over
showmessage("event_will_full");
}
$note_inserts = $note_ids = $feed_inserts = array();
$feedarr = array('appid' => UC_APPID, 'icon' => 'event', 'uid' => '', 'username' => '', 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('event_join'), 'title_data' => array('title' => $event['title'], "eventid" => $event['eventid'], "uid" => $event['uid'], "username" => $event['username']), 'body_template' => '', 'body_data' => array(), 'body_general' => '', 'image_1' => '', 'image_1_link' => '', 'image_2' => '', 'image_2_link' => '', 'image_3' => '', 'image_3_link' => '', 'image_4' => '', 'image_4_link' => '', 'target_ids' => '', 'friend' => '');
$feedarr = sstripslashes($feedarr);
//Remove escape chars
$feedarr['title_data'] = serialize(sstripslashes($feedarr['title_data']));
//Serialize
$feedarr['body_data'] = serialize(sstripslashes($feedarr['body_data']));
//Serialize
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
//Like hash
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
//Merged hash
$feedarr = saddslashes($feedarr);
//Add slashes
foreach ($newids as $id) {
if ($status > 1 && $userevents[$id]['status'] == 0) {
// Approved to participate in the Event, participate in activities publish to feed
$feedarr['uid'] = $userevents[$id]['uid'];
$feedarr['username'] = $userevents[$id]['username'];
$feed_inserts[] = "('{$feedarr['appid']}', 'event', '{$feedarr['uid']}', '{$feedarr['username']}', '{$feedarr['dateline']}', '0', '{$feedarr['hash_template']}', '{$feedarr['hash_data']}', '{$feedarr['title_template']}', '{$feedarr['title_data']}', '{$feedarr['body_template']}', '{$feedarr['body_data']}', '{$feedarr['body_general']}', '{$feedarr['image_1']}', '{$feedarr['image_1_link']}', '{$feedarr['image_2']}', '{$feedarr['image_2_link']}', '{$feedarr['image_3']}', '{$feedarr['image_3_link']}', '{$feedarr['image_4']}', '{$feedarr['image_4_link']}')";
}
$userevents[$id]['privacy'] = empty($userevents[$id]['privacy']) ? array() : unserialize($userevents[$id]['privacy']);
$filter = empty($userevents[$id]['privacy']['filter_note']) ? array() : array_keys($userevents[$id]['privacy']['filter_note']);
if (cknote_uid(array("type" => "eventmemberstatus", "authorid" => $_SGLOBAL['supe_uid']), $filter)) {
$note_ids[] = $id;
$note_msg = cplang('eventmember_' . $actions[$id], array("space.php?do=event&id=" . $event['eventid'], $event['title']));
$note_inserts[] = "('{$id}', 'eventmemberstatus', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')";
}
}
if ($note_ids) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts));
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")");
}
if ($feed_inserts) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('feed') . " (`appid` ,`icon` ,`uid` ,`username` ,`dateline` ,`friend` ,`hash_template` ,`hash_data` ,`title_template` ,`title_data` ,`body_template` ,`body_data` ,`body_general` ,`image_1` ,`image_1_link` ,`image_2` ,`image_2_link` ,`image_3` ,`image_3_link` ,`image_4` ,`image_4_link`) VALUES " . implode(',', $feed_inserts));
}
if ($status == -1) {
// Delete
$_SGLOBAL['db']->query("DELETE FROM " . tname("userevent") . " WHERE uid IN (" . simplode($newids) . ") AND eventid='{$eventid}'");
} else {
// Set status
$_SGLOBAL['db']->query("UPDATE " . tname("userevent") . " SET status='{$status}' WHERE uid IN (" . simplode($newids) . ") AND eventid='{$eventid}'");
}
// Modify Event Number of members
if ($num != 0) {
$_SGLOBAL['db']->query("UPDATE " . tname("event") . " SET membernum = membernum + ({$num}) WHERE eventid='{$eventid}'");
}
return $newids;
}
}
if (!empty($_SCONFIG['uc_tagrelated']) && $_SCONFIG['uc_status']) {
if (!empty($_SGLOBAL['tagtpl']['limit'])) {
include_once S_ROOT . './uc_client/client.php';
$tag_index = mt_rand(0, $tag_count);
$bwzt['related'] = uc_tag_get($b_tags[$tag_index], $_SGLOBAL['tagtpl']['limit']);
}
} else {
//自身TAG
$tag_bwztids = array();
$query = $_SGLOBAL['db']->query("SELECT DISTINCT bwztid FROM " . tname('tagbwzt') . " WHERE tagid IN (" . simplode($b_tagids) . ") AND bwztid<>'{$bwzt['bwztid']}' ORDER BY bwztid DESC LIMIT 0,10");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$tag_bwztids[] = $value['bwztid'];
}
if ($tag_bwztids) {
$query = $_SGLOBAL['db']->query("SELECT uid,username,subject,bwztid FROM " . tname('bwzt') . " WHERE bwztid IN (" . simplode($tag_bwztids) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value['uid'], $value['username']);
//实名
$value['url'] = "space.php?uid={$value['uid']}&do=bwzt&id={$value['bwztid']}";
$bwzt['related'][UC_APPID]['data'][] = $value;
}
$bwzt['related'][UC_APPID]['type'] = 'UCHOME';
}
}
if (!empty($bwzt['related']) && is_array($bwzt['related'])) {
foreach ($bwzt['related'] as $appid => $values) {
if (!empty($values['data']) && $_SGLOBAL['tagtpl']['data'][$appid]['template']) {
foreach ($values['data'] as $itemkey => $itemvalue) {
if (!empty($itemvalue) && is_array($itemvalue)) {
$searchs = $replaces = array();
$wherearr[] = " gid='{$_GET['group']}'";
}
$sql = $wherearr ? 'AND' . implode(' AND ', $wherearr) : '';
$count = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('friend') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND status='1' {$sql}"), 0);
$fuids = array();
if ($count) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('friend') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND status='1' {$sql} ORDER BY num DESC, dateline DESC LIMIT {$start},{$perpage}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value['fuid'], $value['fusername']);
$list[] = $value;
$fuids[] = $value['fuid'];
}
}
$invitearr = array();
//Already participated in the poll
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('polluser') . " WHERE uid IN (" . simplode($fuids) . ") AND pid='{$pid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$invitearr[$value['uid']] = $value['uid'];
}
// allready invited
foreach ($uidarr as $key => $uid) {
$invitearr[$uid] = $uid;
}
realname_get();
// user groups
$groups = getfriendgroup();
$groupselect = array($_GET['group'] => ' selected');
$multi = multi($count, $perpage, $page, "cp.php?ac=poll&op=invite&pid={$poll['pid']}&group={$_GET['group']}&key={$_GET['key']}");
} elseif ($_GET['op'] == 'edithot') {
// Permissions
if (!checkperm('managepoll')) {
$randuids = sarray_rand($space['friends'], 1);
}
showmessage('do_success', "space.php?uid=" . array_pop($randuids), 0);
} elseif ($op == 'getcfriend') {
$fuids = empty($_GET['fuid']) ? array() : explode(',', $_GET['fuid']);
$newfuids = array();
foreach ($fuids as $value) {
$value = intval($value);
if ($value) {
$newfuids[$value] = $value;
}
}
//共同的好友
$list = array();
if ($newfuids) {
$query = $_SGLOBAL['db']->query("SELECT uid,username,name,namestatus FROM " . tname('space') . " WHERE uid IN (" . simplode($newfuids) . ") LIMIT 0,15");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value['uid'], $value['username'], $value['name'], $value['namestatus']);
$list[] = $value;
}
realname_get();
}
} elseif ($op == 'search') {
@(include_once S_ROOT . './data/data_profilefield.php');
$fields = empty($_SGLOBAL['profilefield']) ? array() : $_SGLOBAL['profilefield'];
if (!empty($_GET['searchsubmit']) || !empty($_GET['searchmode'])) {
$_GET['searchsubmit'] = $_GET['searchmode'] = 1;
//找人
$wherearr = $fromarr = $uidjoin = array();
$fsql = '';
$fromarr['space'] = tname('space') . ' s';
function deleteinfo($ids)
{
global $_SGLOBAL;
include_once S_ROOT . './source/function_delete.php';
$deltype = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('report') . " WHERE rid IN (" . simplode($ids) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$deltype[$value['idtype']][] = $value['id'];
}
$gid = getgroupid($_SGLOBAL['member']['credit'], $_SGLOBAL['member']['groupid']);
//执行相应的删除操作
foreach ($deltype as $key => $value) {
switch ($key) {
case 'blog':
$_SGLOBAL['usergroup'][$gid]['manageblog'] = 1;
deleteblogs($value);
break;
case 'picid':
$_SGLOBAL['usergroup'][$gid]['managealbum'] = 1;
deletepics($value);
break;
case 'album':
$_SGLOBAL['usergroup'][$gid]['managealbum'] = 1;
deletealbums($value);
break;
case 'thread':
$_SGLOBAL['usergroup'][$gid]['managethread'] = 1;
deletethreads(0, $value);
break;
case 'mtag':
$_SGLOBAL['usergroup'][$gid]['managemtag'] = 1;
deletemtag($value);
break;
case 'share':
$_SGLOBAL['usergroup'][$gid]['manageshare'] = 1;
deleteshares($value);
break;
case 'space':
$_SGLOBAL['usergroup'][$gid]['managespace'] = 1;
foreach ($value as $uid) {
deletespace($uid);
}
break;
}
}
}
if (empty($chotnews2[$catid])) {
$chotnews2[$catid] = gethotnews2($param['catids']);
}
if (empty($cnewcomments[$catid])) {
$cnewcomments[$catid] = getnewcommnet($param['catids']);
}
if (empty($cpicnews[$catid])) {
$cpicnews[$catid] = getpicnews($thecat['catid']);
}
if (empty($csubarr[$catid])) {
$csubarr[$catid] = getsubarr($thecat['catid']);
}
$newidarr = array_merge($itemidarr, $newidarr);
}
}
$itemidstr = simplode($newidarr);
if ($_GET['do'] == 'updatecontenthtml') {
//内容页更新
$query = $_SGLOBAL['db']->query("SELECT si.*, sp.* FROM " . tname('spaceitems') . " si, " . tname('spacenews') . " sp WHERE si.itemid = sp.itemid AND si.itemid IN (" . $itemidstr . ") ORDER BY sp.pageorder");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$row[$value['itemid']][] = $value;
}
ksort($row);
foreach ($row as $itemid => $multi_news) {
//如果文章有分页
$newnews = $cnewnews[$multi_news[0]['catid']];
$hotnews = $chotnews[$multi_news[0]['catid']];
$picnews = $cpicnews[$multi_news[0]['catid']];
//静态链接处理
if (!empty($catarr[$multi_news[0]['catid']]['domain'])) {
define('S_HTML_URL', $catarr[$multi_news[0]['catid']]['domain']);
if(empty($cids)) exit();
//邮件内容
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mailqueue')." WHERE cid IN (".simplode($cids).")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$sublist[$value['cid']][] = $value;
}
//更新用户最后发送时间
if($touids) {
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET lastsend='$_SGLOBAL[timestamp]' WHERE uid IN (".simplode($touids).")");
}
//删除邮件
$_SGLOBAL['db']->query("DELETE FROM ".tname('mailcron')." WHERE cid IN (".simplode($cids).")");
$_SGLOBAL['db']->query("DELETE FROM ".tname('mailqueue')." WHERE cid IN (".simplode($cids).")");
//开始发送
include_once(S_ROOT.'./source/function_sendmail.php');
foreach ($list as $cid => $value) {
$mlist = $sublist[$cid];
if($value['email'] && $mlist) {
$subject = getstr($mlist[0]['subject'], 80, 0, 0, 0, 0, -1);
$message = '';
foreach ($mlist as $subvalue) {
if($subvalue['message']) {
$message .= "<br><strong>$subvalue[subject]</strong><br>$subvalue[message]<br>";
} else {
$message .= $subvalue['subject'].'<br>';
}
}
function block_bbsthread($paramarr)
{
global $_SGLOBAL, $_SGET, $_SCONFIG;
dbconnect(1);
@(include_once S_ROOT . './data/system/bbsforums.cache.php');
$fidarr = array();
foreach ($_SGLOBAL['bbsforumarr'] as $value) {
if (!empty($value['allowshare'])) {
$fidarr[] = $value['fid'];
}
}
$fids = simplode($fidarr);
if (empty($paramarr['sql'])) {
//set sql var
$sql = array();
//select
$sql['select'] = 'SELECT t.*';
//from
$sql['from'] = 'FROM ' . tname('threads', 1) . ' t';
if (!empty($paramarr['showdetail'])) {
$sql['select'] .= ', p.message, p.htmlon, p.bbcodeoff, p.smileyoff, p.parseurloff';
$sql['join'] = 'LEFT JOIN ' . tname('posts', 1) . ' p ON p.tid=t.tid AND p.first=1';
}
//where
$wherearr = array();
if (!empty($paramarr['tid'])) {
$paramarr['tid'] = getdotstring($paramarr['tid'], 'int');
if ($paramarr['tid']) {
$wherearr[] = 't.tid IN (' . $paramarr['tid'] . ')';
}
} else {
if (!empty($paramarr['blog'])) {
$wherearr[] = 't.blog = 1';
}
if (!empty($paramarr['fid'])) {
$paramarr['fid'] = getdotstring($paramarr['fid'], 'int');
if ($paramarr['fid']) {
$wherearr[] = 't.fid IN (' . $paramarr['fid'] . ')';
}
}
$wherearr[] = 't.fid IN (' . $fids . ')';
if (!empty($paramarr['typeid'])) {
$paramarr['typeid'] = getdotstring($paramarr['typeid'], 'int');
if ($paramarr['typeid']) {
$wherearr[] = 't.typeid IN (' . $paramarr['typeid'] . ')';
}
}
if (!empty($paramarr['authorid'])) {
$paramarr['authorid'] = getdotstring($paramarr['authorid'], 'int');
if ($paramarr['authorid']) {
$wherearr[] = 't.authorid IN (' . $paramarr['authorid'] . ')';
}
}
if (!empty($paramarr['digest'])) {
$paramarr['digest'] = getdotstring($paramarr['digest'], 'int');
if ($paramarr['digest']) {
$wherearr[] = 't.digest IN (' . $paramarr['digest'] . ')';
}
}
$scopequery = getscopequery('t', 'readperm', $paramarr);
if (!empty($scopequery)) {
$wherearr[] = $scopequery;
}
$scopequery = getscopequery('t', 'price', $paramarr);
if (!empty($scopequery)) {
$wherearr[] = $scopequery;
}
$scopequery = getscopequery('t', 'views', $paramarr);
if (!empty($scopequery)) {
$wherearr[] = $scopequery;
}
$scopequery = getscopequery('t', 'dateline', $paramarr, 1);
if (!empty($scopequery)) {
$wherearr[] = $scopequery;
}
$scopequery = getscopequery('t', 'lastpost', $paramarr, 1);
if (!empty($scopequery)) {
$wherearr[] = $scopequery;
}
$scopequery = getscopequery('t', 'replies', $paramarr);
if (!empty($scopequery)) {
$wherearr[] = $scopequery;
}
$scopequery = getscopequery('t', 'rate', $paramarr);
if (!empty($scopequery)) {
$wherearr[] = $scopequery;
}
if (!empty($paramarr['poll'])) {
if (B_VER == '5') {
$wherearr[] = 't.special = 1';
} elseif (B_VER == '4') {
$wherearr[] = 't.poll = 1';
}
}
if (!empty($paramarr['attachment'])) {
$wherearr[] = 't.attachment > 0';
}
if (!empty($paramarr['closed'])) {
$wherearr[] = 't.closed = 1';
}
$wherearr[] = 't.displayorder >= 0';
if (empty($paramarr['sgid'])) {
if (B_VER == '5') {
$wherearr[] = 't.supe_pushstatus > 0';
//版本5推送
}
}
}
if (!empty($wherearr)) {
$sql['where'] = 'WHERE ' . implode(' AND ', $wherearr);
}
//order
if (!empty($paramarr['order'])) {
$sql['order'] = 'ORDER BY ' . $paramarr['order'];
}
//limit
if (!empty($paramarr['perpage'])) {
$paramarr['perpage'] = intval($paramarr['perpage']);
if (empty($paramarr['perpage'])) {
$paramarr['perpage'] = 20;
}
if (empty($_SGET['page'])) {
$_SGET['page'] = 1;
}
$_SGET['page'] = intval($_SGET['page']);
if ($_SGET['page'] < 1) {
$_SGET['page'] = 1;
}
$start = ($_SGET['page'] - 1) * $paramarr['perpage'];
$sql['limit'] = 'LIMIT ' . $start . ',' . $paramarr['perpage'];
} else {
if (empty($paramarr['limit'])) {
$sql['limit'] = 'LIMIT 0,1';
} else {
$paramarr['limit'] = getdotstring($paramarr['limit'], 'int', true, array(), 1, false);
if ($paramarr['limit']) {
$sql['limit'] = 'LIMIT ' . $paramarr['limit'];
} else {
$sql['limit'] = 'LIMIT 0,1';
}
}
}
//query
$sqlstring = implode(' ', $sql);
//multi
$listcount = 1;
if (!empty($paramarr['perpage'])) {
$listcount = $_SGLOBAL['db_bbs']->result($_SGLOBAL['db_bbs']->query('SELECT COUNT(*) FROM ' . tname('threads', 1) . ' t ' . $sql['where']), 0);
if ($listcount) {
$urlarr = $_SGET;
unset($urlarr['page']);
$theblockarr['multipage'] = multi($listcount, $paramarr['perpage'], $_SGET['page'], $urlarr, 0);
}
}
} else {
$bbsdb = $_SGLOBAL['db_bbs'];
include_once S_ROOT . './function/block_sql.func.php';
list($sqlstring, $listcount) = runsql($paramarr, $bbsdb);
if (!empty($paramarr['perpage'])) {
if ($listcount) {
$urlarr = $_SGET;
unset($urlarr['page']);
$theblockarr['multipage'] = multi($listcount, $paramarr['perpage'], $_SGET['page'], $urlarr, 0);
}
}
}
//查询数据
if ($listcount) {
//预处理
if (empty($paramarr['subjectdot'])) {
$paramarr['subjectdot'] = 0;
}
if (empty($paramarr['messagedot'])) {
$paramarr['messagedot'] = 0;
}
//查询
$query = $_SGLOBAL['db_bbs']->query($sqlstring);
while ($value = $_SGLOBAL['db_bbs']->fetch_array($query)) {
//标题处理
$value['subjectall'] = $value['subject'];
if (!empty($value['subject']) && !empty($paramarr['subjectlen'])) {
$value['subject'] = cutstr($value['subject'], $paramarr['subjectlen'], $paramarr['subjectdot']);
}
//内容处理
if (!empty($value['message']) && !empty($paramarr['messagelen'])) {
$value['message'] = trim(strip_tags(stripbbcode($value['message'])));
$value['message'] = trim(cutstr($value['message'], $paramarr['messagelen'], $paramarr['messagedot']));
}
//链接
if ($_SCONFIG['bbsurltype'] == 'bbs' || !empty($paramarr['bbsurltype']) && $paramarr['bbsurltype'] == 'bbs') {
$value['url'] = B_URL . '/viewthread.php?tid=' . $value['tid'];
} else {
$value['url'] = geturl('action/viewthread/tid/' . $value['tid']);
}
$theblockarr[] = $value;
}
}
return $theblockarr;
}
function deleteevents($eventids)
{
global $_SGLOBAL;
$allowmanage = checkperm('manageevent');
$managebatch = checkperm('managebatch');
$delnum = 0;
$eventarr = $neweventids = $note_ids = $note_inserts = array();
//获取积分
$reward = getreward('delevent', 0);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid IN (" . simplode($eventids) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($allowmanage || $value['uid'] == $_SGLOBAL['supe_uid']) {
$eventarr[] = $value;
if (!$managebatch && $value['uid'] != $_SGLOBAL['supe_uid']) {
$delnum++;
}
}
}
if (empty($eventarr) || !$managebatch && $delnum > 1) {
return array();
}
foreach ($eventarr as $key => $value) {
$neweventids[] = $value['eventid'];
// [to do: 给活动参加者发通知。操作量太大,所以优先级:低]
if ($value['uid'] != $_SGLOBAL['supe_uid']) {
if ($allowmanage) {
//扣除积分
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET credit=credit-{$reward['credit']}, experience=experience-{$reward['experience']} WHERE uid='{$value['uid']}'");
}
$note_ids[] = $value['uid'];
$note_msg = cplang('event_set_delete', array($value['title']));
$note_inserts[] = "('{$value['uid']}', 'event', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')";
}
}
//数据删除
$_SGLOBAL['db']->query("DELETE FROM " . tname('event') . " WHERE eventid IN (" . simplode($neweventids) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('eventpic') . " WHERE eventid IN (" . simplode($neweventids) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('eventinvite') . " WHERE eventid IN (" . simplode($neweventids) . ")");
//活动用户
$_SGLOBAL['db']->query("DELETE FROM " . tname('userevent') . " WHERE eventid IN (" . simplode($neweventids) . ")");
//评论
$_SGLOBAL['db']->query("DELETE FROM " . tname('comment') . " WHERE id IN (" . simplode($neweventids) . ") AND idtype='eventid'");
$_SGLOBAL['db']->query("DELETE FROM " . tname('feed') . " WHERE id IN (" . simplode($neweventids) . ") AND idtype='eventid'");
//删除举报
$_SGLOBAL['db']->query("DELETE FROM " . tname('report') . " WHERE id IN (" . simplode($neweventids) . ") AND idtype='eventid'");
//发送通知
if ($note_inserts) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts));
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")");
}
return $eventarr;
}
$count = $_SGLOBAL['db']->fetch_array($q);
if (!$count['count(*)']) {
if (!isblacklist($res['uid']) && $res[uid] != $_SGLOBAL['supe_uid']) {
$recommendpublic[] = $res;
}
}
}
$reccount = count($recommendpublic);
$allflag = 0;
if ($reccount <= 2) {
$allflag = 1;
}
//ᅧᅦ워ᅳᅬ
$ols = array();
if ($oluids) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('session') . " WHERE uid IN (" . simplode($oluids) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (!$value['magichidden']) {
$ols[$value['uid']] = 1;
} elseif ($visitorlist[$value['uid']]) {
unset($visitorlist[$value['uid']]);
}
}
}
$timerange = $_SGLOBAL['timestamp'] - 25920000;
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('poll') . " WHERE lastvote >= '{$timerange}' ORDER BY voternum DESC LIMIT 3 ");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value['uid'], $value['username']);
//ʵÃ
$hotpoll[] = $value;
}
function pkpost($cacheinfo, $cp = 1)
{
global $_G, $_SGLOBAL, $theurl, $mname, $checkresults;
$itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0;
$hash = '';
$op = 'add';
$mustverify = false;
$resultitems = $resultmessage = $updateitem = array();
$modelsinfoarr = $cacheinfo['models'];
$columnsinfoarr = $cacheinfo['columns'];
$feedcolum = array();
foreach ($columnsinfoarr as $result) {
if ($mname == "groupbuy" && preg_match('/^user_|^ext_/', $result['fieldname'])) {
continue;
}
if ($result['isfixed'] == 1) {
$resultitems[] = $result;
} else {
$resultmessage[] = $result;
}
if ($result['formtype'] == 'linkage') {
if (!empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]];
}
} elseif ($result['formtype'] == 'timestamp') {
if (empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $_G['timestamp'];
} else {
$_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]);
}
}
}
//輸入檢查
$_POST['subject'] = trim(strip_tags($_POST['subject']));
$itemid = $_POST['itemid'];
$checkresults = array();
if (bstrlen($_POST['subject']) < 1 || bstrlen($_POST['subject']) > 80) {
array_push($checkresults, array('subject' => lang('space_suject_length_error')));
}
//數據檢查
checkvalues(array_merge($resultitems, $resultmessage), 1, 1);
//商品價格處理 Start
if ($modelsinfoarr['modelname'] == 'good') {
if ($_POST['minprice'] > 0 && $_POST['maxprice'] > 0 && $_POST['maxprice'] < $_POST['minprice']) {
array_push($checkresults, array('maxprice' => lang('maxprice_must_big_then_minprice')));
}
}
//商品價格處理 End
//修改時檢驗標題圖片是否修改
$defaultmessage = array();
if (!empty($itemid)) {
if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) {
//當file刪除時,或修改時執行刪除操作
$query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\'');
$defaultmessage = DB::fetch($query);
$hash = getmodelhash($modelsinfoarr['mid'], $itemid);
deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage'));
//刪除附件表
updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid));
$ext = fileext($defaultmessage['subjectimage']);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage['subjectimage']);
}
}
//構建數據
$setsqlarr = $setitemsqlarr = array();
$setsqlarr = getsetsqlarr($resultitems);
$itemgrade = DB::result_first("SELECT grade FROM " . tname($mname . "items") . " WHERE itemid = '{$itemid}'");
if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$setsqlarr['subjectimage'] = $_POST['subjectimage_value'];
}
if (empty($_POST['catid']) || $_POST['catid'] < 0) {
array_push($checkresults, array('catid' => lang('cat_not_selected')));
}
$setsqlarr['catid'] = $_POST['catid'];
if ($modelsinfoarr['modelname'] != 'shop') {
//限制必填信息所屬店舖
if (pkperm('isadmin')) {
if (empty($_POST['shopid'])) {
array_push($checkresults, array('shopid' => lang('please_select_shopid')));
}
$setsqlarr['shopid'] = intval($_POST['shopid']);
} else {
$setsqlarr['shopid'] = $_G['myshopid'];
}
} else {
$setsqlarr['letter'] = !empty($_POST['letter']) ? trim($_POST['letter']) : getletter(trim($_POST['subject']));
$setsqlarr['keywords'] = trim(strip_tags($_POST['keywords']));
$setsqlarr['description'] = trim(strip_tags($_POST['description']));
if (!empty($_POST['syncfid'])) {
require_once B_ROOT . './api/bbs_syncpost.php';
if (checkbbsfid($_POST['syncfid'])) {
$setsqlarr['syncfid'] = intval($_POST['syncfid']);
} else {
array_push($checkresults, array('syncfid' => lang('syncfid_noexists')));
}
}
}
$setsqlarr['subject'] = $_POST['subject'];
$setsqlarr['allowreply'] = 1;
if (!empty($checkresults)) {
cpmsg('addobject_error', '', '', '', true, true, $checkresults);
}
if (pkperm('isadmin')) {
$setsqlarr['grade'] = isset($_POST['grade']) ? $_POST['grade'] : 3;
} elseif ($_G['myshopstatus'] == 'verified') {
if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy')) && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$setsqlarr['grade'] = !empty($itemid) ? 5 : 0;
if (!empty($itemid)) {
if (in_array($_POST['grade'], array(2, 3))) {
$setsqlarr['grade'] = $_POST['grade'];
}
}
$mustverify = true;
} else {
if (in_array($_POST['grade'], array(2, 3))) {
$setsqlarr['grade'] = $_POST['grade'];
} else {
$setsqlarr['grade'] = $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] ? 0 : 3;
}
}
} elseif ($_G['myshopstatus'] == 'unverified') {
$setsqlarr['grade'] = 0;
}
$setsqlarr['dateline'] = $_G['timestamp'];
$setsqlarr['uid'] = $_G['uid'];
$setsqlarr['username'] = $_G['username'];
$setsqlarr['lastpost'] = $setsqlarr['dateline'];
// 標題圖片處理 Start
if (!empty($modelsinfoarr['thumbsize'])) {
$modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize']));
$modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0];
$modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1];
}
if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) {
if ($_GET['action'] == 'add') {
$hotline = $_SGLOBAL['panelinfo']['tel'];
$address = $_SGLOBAL['panelinfo']['address'];
} else {
$shopinfo = DB::fetch(DB::query("SELECT tel, address FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'"));
$hotline = $shopinfo['tel'];
$address = $shopinfo['address'];
}
$dealer_name = DB::result_first("SELECT subject FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'");
$createimgarr = array('id' => intval($_POST['imgtplid']), 'mid' => intval($modelsinfoarr['mid']), 'itemid' => intval($itemid), 'coupon_title' => $setsqlarr['subject'], 'dealer_id' => $setsqlarr['uid'], 'dealer_name' => $dealer_name, 'begin_date' => date('Y-m-d', $setsqlarr['validity_start']), 'end_date' => date('Y-m-d', $setsqlarr['validity_end']), 'brief' => trim($_POST['message']), 'exception' => trim($_POST['exception']), 'address' => $address, 'hotline' => $hotline, 'subjectimagewidth' => $modelsinfoarr['subjectimagewidth'], 'subjectimageheight' => $modelsinfoarr['subjectimageheight']);
require_once B_ROOT . './source/adminfunc/tool.func.php';
if ($consumeimgpath = image_text($createimgarr)) {
$setsqlarr['subjectimage'] = $consumeimgpath;
$setsqlarr['imagetype'] = 0;
$setsqlarr['imgtplid'] = intval($_POST['imgtplid']);
}
} else {
$uploadfilearr = $ids = array();
$subjectimageid = '';
$uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => '圖片標題', 'formtype' => 'img')), $modelsinfoarr['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']);
if (!empty($uploadfilearr)) {
$feedsubjectimg = $uploadfilearr;
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
if ($modelsinfoarr['modelname'] == 'consume') {
$setsqlarr['imagetype'] = 1;
}
}
/* --------- 標題圖片處理 End --------------*/
//詞語過濾
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
//發佈時間
$setsqlarr['dateline'] = $_G['timestamp'];
// 商品添加簡介
if ($mname == "good") {
$setsqlarr['intro'] = trim(strip_tags($_POST['intro']));
}
if (empty($itemid)) {
//插入數據
$itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1);
if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy'))) {
itemnumreset($modelsinfoarr['modelname'], $setsqlarr['shopid']);
}
} else {
$_SGLOBAL['itemupdate'] = 1;
//更新
$op = 'update';
unset($setsqlarr['uid']);
unset($setsqlarr['username']);
unset($setsqlarr['lastpost']);
if ($itemgrade == 1 && !pkperm('isadmin')) {
$setsqlarr['grade'] = 0;
} elseif ($itemgrade == 1 && pkperm('isadmin')) {
$setsqlarr['grade'] = 1;
} elseif ($itemgrade == 0 && !pkperm('isadmin')) {
$setsqlarr['grade'] = 0;
} elseif ($itemgrade == 0 && pkperm('isadmin')) {
$setsqlarr['grade'] = 0;
}
if (pkperm('isadmin')) {
//站長可以post任何數據
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid));
//權限限制
} else {
// 店長不允許更改店舖組
unset($setsqlarr['groupid']);
if ($modelsinfoarr['modelname'] == 'shop') {
unset($setsqlarr['validity_start']);
unset($setsqlarr['validity_end']);
if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$updatesqlarr = $setsqlarr;
} else {
//店長提交店舖權限檢查
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $_G['myshopid']));
}
} else {
if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$updatesqlarr = $setsqlarr;
} else {
//店長只能更改管理的店舖的信息
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid, 'shopid' => $_G['myshopid']));
}
}
}
$query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE itemid = \'' . $itemid . '\'');
$defaultmessage = DB::fetch($query);
}
$hash = getmodelhash($modelsinfoarr['mid'], $itemid);
if (!empty($ids)) {
$ids = simplode($ids);
DB::query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$do = 'pass';
if ($op == 'update' && !$_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
if (!empty($resultmessage)) {
foreach ($resultmessage as $value) {
if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) {
if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) {
//當file刪除時,或修改時執行刪除操作
deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname']));
//刪除附件表
updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('itemid' => $itemid));
@unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg');
@unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']] . '.thumb.jpg');
@unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]);
}
}
}
}
}
//內容
$setsqlarr = $uploadfilearr = $ids = array();
$setsqlarr = getsetsqlarr($resultmessage);
$uploadfilearr = $feedcolum = uploadfile($resultmessage, $modelsinfoarr['modelname'], $itemid, 0);
$setsqlarr['message'] = trim($_POST['message']);
$setsqlarr['message'] = saddslashes(html2bbcode(stripslashes($setsqlarr['message'])));
if ($modelsinfoarr['modelname'] == 'consume') {
$setsqlarr['exception'] = trim($_POST['exception']);
}
if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) {
$setsqlarr['address'] = trim($_POST['address']);
$setsqlarr['hotline'] = trim($_POST['hotline']);
}
$setsqlarr['postip'] = $_G['clientip'];
if ($modelsinfoarr['modelname'] == 'shop' && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
$setsqlarr['banner'] = $_POST['banner_value'];
$setsqlarr['windowsimg'] = $_POST['windowsimg_value'];
}
if (!empty($uploadfilearr)) {
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//添加內容
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
if ($op == 'add') {
$setsqlarr['itemid'] = $itemid;
//添加內容
inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr);
} else {
if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] && !pkperm('isadmin')) {
$_SGLOBAL['updatesqlarr'] = array_merge($updatesqlarr, $setsqlarr);
} else {
//更新內容
updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid));
}
}
updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash));
return $itemid;
}
include_once S_ROOT . './source/function_space.php';
$space = space_open($newuid, $username, 0, $email);
//默认好友
$flog = $inserts = $fuids = $pokes = array();
if (!empty($bp['inviter'])) {
$query = $_SGLOBAL['db']->query("SELECT username FROM " . tname('member') . " WHERE uid='{$bp['inviter']}' limit 1");
$inviterusername = $_SGLOBAL['db']->result($query);
$invitee[] = "('{$newuid}','{$bp['inviter']}','{$inviterusername}','1','{$_SGLOBAL['timestamp']}')";
$inviter[] = "('{$bp['inviter']}','{$newuid}','{$username}','1','{$_SGLOBAL['timestamp']}')";
$_SGLOBAL['db']->query("REPLACE INTO " . tname('friend') . " (uid,fuid,fusername,status,dateline) VALUES " . implode(',', $invitee));
$_SGLOBAL['db']->query("REPLACE INTO " . tname('friend') . " (uid,fuid,fusername,status,dateline) VALUES " . implode(',', $inviter));
$flog[] = "('{$bp['inviter']}','{$newuid}','add','{$_SGLOBAL['timestamp']}')";
$_SGLOBAL['db']->query("REPLACE INTO " . tname('friendlog') . " (uid,fuid,action,dateline) VALUES " . implode(',', $flog));
}
if (!empty($_SCONFIG['defaultfusername'])) {
$query = $_SGLOBAL['db']->query("SELECT uid,username FROM " . tname('space') . " WHERE\tusername IN (" . simplode(explode(',', $_SCONFIG['defaultfusername'])) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$value = saddslashes($value);
$fuids[] = $value['uid'];
$inserts[] = "('{$newuid}','{$value['uid']}','{$value['username']}','1','{$_SGLOBAL['timestamp']}')";
$inserts[] = "('{$value['uid']}','{$newuid}','{$username}','1','{$_SGLOBAL['timestamp']}')";
$pokes[] = "('{$newuid}','{$value['uid']}','{$value['username']}','" . addslashes($_SCONFIG['defaultpoke']) . "','{$_SGLOBAL['timestamp']}')";
//添加好友变更记录
$flog[] = "('{$value['uid']}','{$newuid}','add','{$_SGLOBAL['timestamp']}')";
}
if ($inserts) {
$_SGLOBAL['db']->query("REPLACE INTO " . tname('friend') . " (uid,fuid,fusername,status,dateline) VALUES " . implode(',', $inserts));
$_SGLOBAL['db']->query("REPLACE INTO " . tname('poke') . " (uid,fromuid,fromusername,note,dateline) VALUES " . implode(',', $pokes));
$_SGLOBAL['db']->query("REPLACE INTO " . tname('friendlog') . " (uid,fuid,action,dateline) VALUES " . implode(',', $flog));
//添加到附加表
$friendstr = empty($fuids) ? '' : implode(',', $fuids);
/**
* 模型在线投稿提交处理函数
*/
function modelpost($cacheinfo, $cp = 1)
{
global $_SGLOBAL, $theurl, $_SCONFIG;
include_once S_ROOT . './function/upload.func.php';
$_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0;
$itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0;
$hash = '';
$op = 'add';
$resultitems = $resultmessage = array();
$modelsinfoarr = $cacheinfo['models'];
$columnsinfoarr = $cacheinfo['columns'];
//获取等级信息
if ($cacheinfo['models']['modelname'] == 'defect') {
switch ($_POST['grade']) {
case 1:
$_POST['grade'] = '64';
break;
case 2:
$_POST['grade'] = '32';
break;
case 3:
$_POST['grade'] = '16';
break;
case 4:
$_POST['grade'] = '9';
break;
case 5:
$_POST['grade'] = '4';
break;
case 6:
$_POST['grade'] = '1';
break;
case 7:
$_POST['grade'] = '-1';
break;
case 8:
$_POST['grade'] = '-2';
break;
case 9:
$_POST['grade'] = '-3';
break;
}
$gradearr = array('0' => $alang['general_state'], '64' => $alang['check_grade_1'], '32' => $alang['check_grade_2'], '16' => $alang['check_grade_3_1'], '9' => $alang['check_grade_3_2'], '4' => $alang['check_grade_3_3'], '1' => $alang['check_grade_4'], '-1' => $alang['check_grade_5'], '-2' => $alang['check_grade_6'], '-3' => $alang['check_grade_7']);
if (!empty($_SCONFIG['checkgrade'])) {
$newgradearr = explode("\t", $_SCONFIG['checkgrade']);
$gradearr['64'] = $newgradearr[0];
$gradearr['32'] = $newgradearr[1];
$gradearr['16'] = $newgradearr[2];
$gradearr['9'] = $newgradearr[3];
$gradearr['4'] = $newgradearr[4];
$gradearr['1'] = $newgradearr[5];
$gradearr['-1'] = $newgradearr[6];
$gradearr['-2'] = $newgradearr[7];
$gradearr['-3'] = $newgradearr[8];
}
} else {
$gradearr = array('0' => $alang['general_state'], '1' => $alang['check_grade_1'], '2' => $alang['check_grade_2'], '3' => $alang['check_grade_3'], '4' => $alang['check_grade_4'], '5' => $alang['check_grade_5'], '6' => $alang['check_grade_6'], '7' => $alang['check_grade_7']);
if (!empty($_SCONFIG['checkgrade'])) {
$newgradearr = explode("\t", $_SCONFIG['checkgrade']);
for ($i = 0; $i < count($newgradearr); $i++) {
if (!empty($newgradearr[$i])) {
$gradearr[$i + 1] = $newgradearr[$i];
}
}
}
}
if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) {
showmessage('parameter_error');
}
$feedcolum = array();
foreach ($columnsinfoarr as $result) {
if ($result['isfixed'] == 1) {
$resultitems[] = $result;
} else {
$resultmessage[] = $result;
}
if ($result['formtype'] == 'linkage') {
if (!empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]];
}
} elseif ($result['formtype'] == 'timestamp') {
if (empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $_SGLOBAL['timestamp'];
} else {
$_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]);
}
}
}
//更新用户最新更新时间
if (empty($itemid) && $_SGLOBAL['supe_uid']) {
updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid']));
}
//输入检查
$_POST['catid'] = intval($_POST['catid']);
$_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0;
$_POST['subject'] = shtmlspecialchars(trim($_POST['subject']));
//检查输入
if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) {
showmessage('space_suject_length_error');
}
if (empty($_POST['catid'])) {
showmessage('admin_func_catid_error');
}
if (!empty($_FILES['subjectimage']['name'])) {
$fileext = fileext($_FILES['subjectimage']['name']);
if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) {
showmessage('document_types_can_only_upload_pictures');
}
}
//数据检查
checkvalues(array_merge($resultitems, $resultmessage), 0, 1);
//修改时检验标题图片是否修改
$defaultmessage = array();
if (!empty($itemid)) {
if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) {
//当file删除时,或修改时执行删除操作
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\'');
$defaultmessage = $_SGLOBAL['db']->fetch_array($query);
$hash = getmodelhash($_GET['mid'], $itemid);
deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage'));
//删除附件表
updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid));
$ext = fileext($defaultmessage['subjectimage']);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage['subjectimage']);
}
}
//构建数据
$setsqlarr = $setitemsqlarr = array();
$setsqlarr = getsetsqlarr($resultitems);
$setsqlarr['catid'] = $_POST['catid'];
$setsqlarr['subject'] = $_POST['subject'];
$setsqlarr['allowreply'] = $_POST['allowreply'];
$setsqlarr['grade'] = intval($_POST['grade']);
//modify by jyf,没权限的用户不能改审核等级
if ($setsqlarr['grade'] > 0) {
if (!checkperm('manageeditpost')) {
showmessage('no_permission');
}
}
//end
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
$setsqlarr['uid'] = $_SGLOBAL['supe_uid'];
$setsqlarr['username'] = $_SGLOBAL['supe_username'];
$setsqlarr['lastpost'] = $setsqlarr['dateline'];
$modelsinfoarr['subjectimagewidth'] = 400;
$modelsinfoarr['subjectimageheight'] = 300;
if (!empty($modelsinfoarr['thumbsize'])) {
$modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize']));
$modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0];
$modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1];
}
$uploadfilearr = $ids = array();
$subjectimageid = '';
$uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']);
if (!empty($uploadfilearr)) {
$feedsubjectimg = $uploadfilearr;
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//词语过滤
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
//发布时间
if (empty($_POST['dateline'])) {
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
} else {
$setsqlarr['dateline'] = sstrtotime($_POST['dateline']);
if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) {
//不能早于2年
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
}
}
//附件处理-by jyf
if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) {
$setsqlarr['attaches'] = implode(',', $_POST['divupload']);
}
//创新园地新增两个字段-------89184
if ($cacheinfo['models']['modelname'] == 'creative') {
if (empty($_POST['creative_value'])) {
showmessage('请输入创新价值说明');
}
if (empty($_POST['creative_days'])) {
showmessage('本创新所耗的工作量');
}
$setsqlarr['value'] = $_POST['creative_value'];
$setsqlarr['days'] = $_POST['creative_days'];
}
if (!checkperm('allowdirectpost') || checkperm('managemodpost')) {
//不需要审核时入item表
if (empty($itemid)) {
//插入数据
$itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1);
//取消邮件通知 --89184
$email = get_cate_mail($_POST['catid']);
$url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
if ($_POST['modelname'] == 'creative') {
if ($_POST['creative_type'] == '流程建议') {
$email = $email . ',' . get_cate_process_mail($setsqlarr['catid']);
}
}
$emails = explode(',', $email);
if (count($emails) > 0) {
include S_ROOT . './function/sendmail.fun.php';
$url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
if ($cacheinfo['models']['modelname'] == 'creative') {
$msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的创新:<br />' . $url1;
sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的创新《' . $_POST['subject'] . "》", $msg1);
} else {
if ($cacheinfo['models']['modelname'] == 'defect') {
$msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例:<br />' . $url1;
sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例《' . $_POST['subject'] . "》", $msg1);
}
}
}
} else {
//更新
$op = 'update';
unset($setsqlarr['uid']);
unset($setsqlarr['username']);
unset($setsqlarr['lastpost']);
if ($setsqlarr['grade'] > 0) {
$setsqlarr['shenhezhe'] = $_SGLOBAL['supe_username'];
if ($_POST['modelname'] == 'creative') {
if ($_POST['creative_type'] == '主管月度创新') {
if (!check_cate_director($setsqlarr['catid'])) {
showmessage('no_permission');
}
}
}
}
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid));
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\'');
$defaultmessage = $_SGLOBAL['db']->fetch_array($query);
//邮件通知--等级审核
if ($setsqlarr['grade'] > 0) {
$sqlstr = 'SELECT u.*, s.* FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' s LEFT JOIN ' . tname('members') . ' u ON u.uid=s.uid WHERE s.itemid=\'' . $itemid . '\'';
$query = $_SGLOBAL['db']->query($sqlstr);
$value = $_SGLOBAL['db']->fetch_array($query);
$email = $value['email'];
if (!empty($email)) {
include S_ROOT . './function/sendmail.fun.php';
$url = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
$emails = explode(',', $email);
if ($_POST['modelname'] == 'creative') {
$msg = '你的创新已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url;
} else {
$msg = '你的缺陷预防案例已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url;
}
sendmail($emails, $setsqlarr['subject'], $msg);
}
}
}
if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) {
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=1, type=\'' . $modelsinfoarr['modelname'] . '\', itemid=' . $itemid . ', catid=\'' . $_POST['catid'] . '\' WHERE hash=\'' . $_POST['hash'] . '\'');
}
$hash = getmodelhash($_POST['mid'], $itemid);
if (!empty($ids)) {
$ids = simplode($ids);
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$do = 'pass';
} else {
if (!empty($uploadfilearr['subjectimage']['aid'])) {
$subjectimageid = $uploadfilearr['subjectimage']['aid'];
}
$setitemsqlarr = $setsqlarr;
$do = 'me';
}
if ($op == 'update') {
if (!empty($resultmessage)) {
foreach ($resultmessage as $value) {
if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) {
if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) {
//当file删除时,或修改时执行删除操作
deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname']));
//删除附件表
updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid']));
$ext = fileext($defaultmessage[$value['fieldname']]);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]);
}
}
}
}
}
//内容
$setsqlarr = $uploadfilearr = $ids = array();
$setsqlarr = getsetsqlarr($resultmessage);
$uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0);
$setsqlarr['message'] = trim($_POST['message']);
$setsqlarr['postip'] = $_SGLOBAL['onlineip'];
if (!empty($uploadfilearr)) {
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//添加内容
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') {
//不需要审核时入message表
if ($op == 'add') {
$setsqlarr['itemid'] = $itemid;
//添加内容
inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr);
getreward('postinfo');
if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) {
$feed['icon'] = 'comment';
$feed['title_template'] = 'feed_model_title';
$murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
$aurl = A_URL;
if (empty($_SCONFIG['siteurl'])) {
$siteurl = getsiteurl();
$murl = $siteurl . $murl;
$aurl = $siteurl . $aurl;
} else {
$siteurl = S_URL_ALL;
}
$feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>');
$feed['body_template'] = 'feed_model_message';
$feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150));
if (!empty($feedsubjectimg)) {
$feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl);
} else {
foreach ($feedcolum as $feedimgvalue) {
if ($feedimgvalue['filepath']) {
$feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl);
break;
}
}
if (empty($feed['images'])) {
$picurl = getmessagepic(stripslashes($_POST['message']));
if ($picurl && strpos($picurl, '://') === false) {
$picurl = $siteurl . '/' . $picurl;
}
if (!empty($picurl)) {
$feed['images'][] = array('url' => $picurl, 'link' => $murl);
}
}
}
postfeed($feed);
}
} else {
//更新内容
updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid));
}
updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash));
if (checkperm('allowdirectpost') && $op == 'update') {
deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1);
}
if (checkperm('allowdirectpost') && $op == 'update') {
$jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('writing_success_online_please_wait_for_audit', $jpurl);
} else {
$jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('online_contributions_success', $jpurl);
}
} else {
$setsqlarr = array_merge($setitemsqlarr, $setsqlarr);
$setsqlarr['addfeed'] = $_POST['addfeed'];
$setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1);
if (!empty($_POST['itemid'])) {
$itemid = intval($_POST['itemid']);
updatetable('modelfolders', $setsqlarr, array('itemid' => $itemid));
} else {
$itemid = inserttable('modelfolders', $setsqlarr, 1);
}
if (!empty($subjectimageid)) {
$ids[] = $subjectimageid;
}
if (!empty($ids)) {
$ids = simplode($ids);
$hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT);
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('writing_success_online_please_wait_for_audit', $jpurl);
}
}
