/**
* 获取微语列表
*
* @param int $page
* @param int $spot 0:前台 1:后台
* @return array
*/
function getTwitters($page = 1, $spot = 0)
{
$perpage_num = $spot == 1 ? Option::get('admin_perpage_num') : Option::get('index_twnum');
$start_limit = !empty($page) ? ($page - 1) * $perpage_num : 0;
$author = ROLE == ROLE_ADMIN || ROLE == ROLE_VISITOR || $spot == 0 ? '' : 'and author=' . UID;
$limit = "LIMIT {$start_limit}, " . $perpage_num;
$sql = "SELECT * FROM " . DB_PREFIX . "twitter WHERE 1=1 {$author} ORDER BY id DESC {$limit}";
$res = $this->db->query($sql);
$tws = array();
while ($row = $this->db->fetch_array($res)) {
$row['id'] = $row['id'];
$row['t'] = emoFormat($row['content']);
$row['date'] = smartDate($row['date']);
$row['replynum'] = $row['replynum'];
$tws[] = $row;
}
return $tws;
}
/**
* 获取回复
*
* @param int $tid
* @param string $hide
* @param int $page
* @return array
*/
function getReplys($tid, $hide = null)
{
$andQuery = '1=1';
$andQuery .= $tid ? " and tid={$tid}" : '';
$andQuery .= $hide ? " and hide='{$hide}'" : '';
$sql = "SELECT * FROM " . DB_PREFIX . "reply where {$andQuery} ORDER BY id";
$ret = $this->db->query($sql);
$replys = array();
while ($row = $this->db->fetch_array($ret)) {
$row['name'] = htmlspecialchars($row['name']);
$row['content'] = htmlClean($row['content']);
$row['date'] = smartDate($row['date']);
//$row['id'];
//$row['hide'];
//$row['tid'];
//$row['ip'];
$replys[] = $row;
}
return $replys;
}
<div class=line></div>
<form method="post" action="data.php?action=dell_all_bak" name="form_bak" id="form_bak">
<table width="100%" id="adm_bakdata_list" class="item_list">
<thead>
<tr>
<th width="683" colspan="2"><b>备份文件</b></th>
<th width="226"><b>备份时间</b></th>
<th width="149"><b>文件大小</b></th>
<th width="87"></th>
</tr>
</head>
<tbody>
<?php
if ($bakfiles) {
foreach ($bakfiles as $value) {
$modtime = smartDate(filemtime($value), 'Y-m-d H:i:s');
$size = changeFileSize(filesize($value));
$bakname = substr(strrchr($value, '/'), 1);
?>
<tr>
<td width="22"><input type="checkbox" value="<?php
echo $value;
?>
" name="bak[]" class="ids" /></td>
<td width="661"><a href="../content/backup/<?php
echo $bakname;
?>
"><?php
echo $bakname;
?>
</a></td>
function plugin_setting_view()
{
$DB = MySql::getInstance();
?>
<div class="containertitle2">
<a class="navi<?php
echo isset($_GET['advance']) ? 1 : 3;
?>
" href="./plugin.php?plugin=anti_spam_comment">基本设置</a>
<a class="navi<?php
echo isset($_GET['advance']) ? 2 : 4;
?>
" href="./plugin.php?plugin=anti_spam_comment&advance=true">高级选项</a>
<?php
if (isset($_GET['setting'])) {
?>
<span class="actived">插件设置完成</span><?php
}
if (isset($_GET['error'])) {
?>
<span class="actived">插件设置失败</span><?php
}
?>
</div>
<?php
if (isset($_GET['advance'])) {
$act = isset($_GET['act']) ? trim($_GET['act']) : '';
if ($act) {
global $CACHE;
switch ($act) {
case 'shieldname':
$id = isset($_GET['id']) ? intval($_GET['id']) : '';
//$DB->query("UPDATE ".DB_PREFIX."comment SET poster='该昵称已屏蔽' WHERE cid={$id}");
$DB->query("UPDATE " . DB_PREFIX . "comment SET comment='该评论已屏蔽',poster='该昵称已屏蔽' WHERE cid={$id}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
case 'delurl':
$id = isset($_GET['id']) ? intval($_GET['id']) : '';
$DB->query("UPDATE " . DB_PREFIX . "comment SET url='' WHERE cid={$id}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
case 'admin_all_coms':
$operate = isset($_POST['operate']) ? $_POST['operate'] : '';
$comments = isset($_POST['com']) ? array_map('intval', $_POST['com']) : array();
$commentsId = '(' . implode(',', $comments) . ')';
switch ($operate) {
case 'shieldname':
$DB->query("UPDATE " . DB_PREFIX . "comment SET comment='该评论已屏蔽',poster='该昵称已屏蔽' WHERE cid IN{$commentsId}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
case 'delurl':
$DB->query("UPDATE " . DB_PREFIX . "comment SET url='' WHERE cid IN{$commentsId}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
}
break;
case 'save':
$comname = isset($_POST['comname']) ? addslashes(trim($_POST['comname'])) : '';
$comment = isset($_POST['comment']) ? addslashes(trim($_POST['comment'])) : '';
$commail = isset($_POST['commail']) ? addslashes(trim($_POST['commail'])) : '';
$comurl = isset($_POST['comurl']) ? addslashes(trim($_POST['comurl'])) : '';
if ($comurl && strncasecmp($comurl, 'http://', 7)) {
$comurl = 'http://' . $comurl;
}
$cid = isset($_POST['cid']) ? intval($_POST['cid']) : '';
$DB->query("UPDATE " . DB_PREFIX . "comment SET poster='{$comname}',comment='{$comment}',mail='{$commail}',url='{$comurl}' WHERE cid={$cid}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
case 'edit':
$Comment_Model = new Comment_Model();
$cid = isset($_GET['cid']) ? intval($_GET['cid']) : '';
extract($Comment_Model->getOneComment($cid));
?>
<form action="./plugin.php?plugin=anti_spam_comment&advance=true&act=save" method="post">
<div>
<li>昵称</li>
<li><input size="40" value="<?php
echo $poster;
?>
" name="comname" /></li>
<li>邮箱</li>
<li><input size="40" value="<?php
echo $mail;
?>
" name="commail" /></li>
<li>地址</li>
<li><input size="40" value="<?php
echo $url;
?>
" name="comurl" /></li>
<li>内容</li>
<li><textarea name="comment" rows="3" cols="45"><?php
echo $comment;
?>
</textarea></li>
<li>
<input type="hidden" value="<?php
echo $cid;
?>
" name="cid" />
<input type="submit" value="保 存" class="submit" />
<input type="button" value="取 消" class="submit" onclick="javascript: window.history.back();" /></li>
</div>
</form>
<?php
break;
}
} else {
$blogid = isset($_GET['gid']) ? intval($_GET['gid']) : null;
$hide = isset($_GET['hide']) ? addslashes($_GET['hide']) : '';
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$ip = isset($_GET['ip']) ? addslashes($_GET['ip']) : '';
$poster = isset($_GET['poster']) ? addslashes($_GET['poster']) : '';
$addUrl_1 = $addUrl_2 = $addUrl_3 = $addUrl_4 = '';
if ($blogid) {
$addUrl_1 = "gid={$blogid}&";
$blogid = "AND a.gid={$blogid}";
}
if ($hide) {
$addUrl_2 = "hide={$hide}&";
$hide = "AND a.hide='{$hide}'";
}
if ($ip) {
$addUrl_3 = "ip={$ip}&";
$ip = "AND a.ip='{$ip}'";
}
if ($poster) {
$addUrl_4 = "poster={$poster}&";
$poster = "AND a.poster='{$poster}'";
}
$addUrl = $addUrl_1 . $addUrl_2 . $addUrl_3 . $addUrl_4;
$perpage_num = Option::get('admin_perpage_num');
if ($page) {
$startId = ($page - 1) * $perpage_num;
$limit = " LIMIT {$startId}, " . $perpage_num;
}
$sql = "SELECT a.cid,a.hide,a.date,a.comment,a.gid,a.poster,a.ip,a.mail,a.url,b.title FROM " . DB_PREFIX . "comment as a, " . DB_PREFIX . "blog as b where 1=1 {$blogid} {$hide} {$ip} {$poster} AND a.gid=b.gid ORDER BY a.cid DESC";
$query = $DB->query($sql);
$cmnum = $DB->num_rows($query);
$query = $DB->query($sql . $limit);
$pageurl = pagination($cmnum, $perpage_num, $page, "./plugin.php?plugin=anti_spam_comment&advance=true&{$addUrl}page=");
$sql = "SELECT a.cid,a.hide,a.date,a.comment,a.gid,a.poster,a.ip,a.mail,a.url,b.title FROM " . DB_PREFIX . "comment as a, " . DB_PREFIX . "blog as b where 1=1 {$blogid} AND a.hide='y' {$ip} AND a.gid=b.gid ORDER BY a.cid DESC";
$hideCommNum = $DB->num_rows($DB->query($sql));
if ($hideCommNum > 0) {
$hide_ = $hide_y = $hide_n = '';
$a = "hide_{$hide}";
${$a} = "class=\"filter\"";
?>
<div class="filters">
<span <?php
echo $hide_;
?>
><a href="./plugin.php?plugin=anti_spam_comment&advance=true&<?php
echo $addUrl_1 . $addUrl_3;
?>
">全部</a></span>
<span <?php
echo $hide_y;
?>
><a href="./plugin.php?plugin=anti_spam_comment&advance=true&hide=y&<?php
echo $addUrl_1 . $addUrl_3;
?>
">待审
<?php
$hidecmnum = ROLE == 'admin' ? $sta_cache['hidecomnum'] : $sta_cache[UID]['hidecommentnum'];
if ($hidecmnum > 0) {
echo '(' . $hidecmnum . ')';
}
?>
</a></span>
<span <?php
echo $hide_n;
?>
><a href="./plugin.php?plugin=anti_spam_comment&advance=true&hide=n&<?php
echo $addUrl_1 . $addUrl_3;
?>
">已审</a></span>
</div>
<?php
} elseif ($addUrl) {
?>
<div class="filters">
<span><a href="./plugin.php?plugin=anti_spam_comment&advance=true">全部</a></span>
</div>
<?php
}
?>
<form action="./plugin.php?plugin=anti_spam_comment&advance=true&act=admin_all_coms" method="post" name="form_com" id="form_com">
<table width="100%" id="adm_comment_list" class="item_list">
<thead>
<tr>
<th width="19"><input onclick="CheckAll(this.form)" type="checkbox" value="on" name="chkall" /></th>
<th width="350"><b>内容</b></th>
<th width="300"><b>评论者</b></th>
<th width="250"><b>所属日志</b></th>
</tr>
</thead>
<tbody>
<?php
while ($res = $DB->fetch_array($query)) {
$ishide = $res['hide'] == 'y' ? '<font color="red">[待审]</font>' : '';
$mail = !empty($res['mail']) ? "({$res['mail']})" : '';
$ip = !empty($res['ip']) ? "<br />IP:<a href=\"./plugin.php?plugin=anti_spam_comment&advance=true&ip={$res['ip']}\">{$res['ip']}</a>" : '';
$url = !empty($res['url']) ? "({$res['url']})" : '';
$res['content'] = str_replace('<br>', ' ', $res['comment']);
$sub_content = subString($res['content'], 0, 50);
$res['title'] = subString($res['title'], 0, 42);
?>
<tr>
<td><input type="checkbox" value="<?php
echo $res['cid'];
?>
" name="com[]" class="ids" /></td>
<td><a href="./plugin.php?plugin=anti_spam_comment&advance=true&act=edit&cid=<?php
echo $res['cid'];
?>
"><?php
echo htmlspecialchars($sub_content);
?>
</a> <?php
echo $ishide;
?>
<br /><?php
echo smartDate($res['date']);
?>
<span style="display:none; margin-left:8px;">
<a href="javascript: asc_confirm(<?php
echo $res['cid'];
?>
, 'name');">屏蔽内容</a>
<a href="javascript: asc_confirm(<?php
echo $res['cid'];
?>
, 'url');">删除地址</a>
</span>
</td>
<td><a href="./plugin.php?plugin=anti_spam_comment&advance=true&poster=<?php
echo urlencode($res['poster']);
?>
"><?php
echo htmlspecialchars($res['poster']);
?>
</a> <?php
echo $url;
?>
<?php
echo $ip;
?>
<?php
echo $mail;
?>
</td>
<td><a href="./plugin.php?plugin=anti_spam_comment&advance=true&gid=<?php
echo $res['gid'];
?>
"><?php
echo $res['title'];
?>
</a></td>
</tr>
<?php
}
?>
</tbody>
</table>
<div class="list_footer">
选中项:
<a href="javascript:asc_commentact('shieldname');">屏蔽内容</a>
<a href="javascript:asc_commentact('delurl');">删除地址</a>
<input name="operate" id="operate" res="" type="hidden" />
</div>
<div class="page"><?php
echo $pageurl;
?>
(有<?php
echo $cmnum;
?>
条评论)</div>
</form>
<script>
$(document).ready(function(){
$("#adm_comment_list tbody tr:odd").addClass("tralt_b");
$("#adm_comment_list tbody tr")
.mouseover(function(){$(this).addClass("trover");$(this).find("span").show();})
.mouseout(function(){$(this).removeClass("trover");$(this).find("span").hide();})
});
setTimeout(hideActived,2600);
function asc_commentact(act){
if (getChecked('ids') == false) {
alert('请选择要操作的评论');
return;
}
if(act == 'shieldname' && !confirm('你确定要屏蔽所选评论的内容吗?')){return;}
if(act == 'delurl' && !confirm('你确定要删除所选评论的评论人地址吗?')){return;}
$("#operate").val(act);
$("#form_com").submit();
}
function asc_confirm (id, property) {
switch (property){
case 'name':
var urlreturn="./plugin.php?plugin=anti_spam_comment&advance=true&act=shieldname&id="+id;
var msg = "你确定要屏蔽该评论内容?";break;
case 'url':
var urlreturn="./plugin.php?plugin=anti_spam_comment&advance=true&act=delurl&id="+id;
var msg = "你确定要删除该评论人地址吗?";break;
}
if(confirm(msg)){window.location = urlreturn;}else {return;}
}
</script>
<?php
}
} else {
$data = asc_read();
extract($data);
$blacklist = implode("\n", $blacklist);
$url_keywords = implode("\n", $url_keywords);
$ex1 = $ex2 = '';
$vari = array(array('英文字母abc…ABC…<font color="red">*</font>:', 'asc_letter'), array('数字0-9:', 'asc_digit'), array('英文字符(包括英文字母、数字和其它英文符号)<font color="red">*</font>:', 'asc_char'), array('星号*:', 'asc_star'));
if ($auto_blacklist == 1) {
$ex1 = 'checked="checked"';
}
if ($need_chinese == 1) {
$ex2 = 'checked="checked"';
}
?>
<form action="plugin.php?plugin=anti_spam_comment&action=setting" method="post">
<table cellspacing="8" cellpadding="4" width="95%" align="center" border="0">
<tbody>
<tr nowrap="nowrap">
<td width="33%" align="right">评论时间间隔(秒):</td>
<td width="67%"><input size="10" name="time_limit" type="text" value="<?php
echo $time_limit;
?>
" /></td>
</tr>
<tr nowrap="nowrap">
<td width="33%" align="right">必须包含汉字:</td>
<td width="67%"><input size="10" name="need_chinese" type="checkbox" value="1" <?php
echo $ex2;
?>
/></td>
</tr>
<tr nowrap="nowrap">
<td align="right" valign="top">IP黑名单:<br/><br/>
可封IP段,填入IP开头地址,如162.204
</td>
<td><textarea name="blacklist" cols="" rows="4" style="width:300px;height:70px;"><?php
echo $blacklist;
?>
</textarea></td>
</tr>
<tr nowrap="nowrap">
<td align="right">将频繁尝试发表评论的IP加入黑名单</td>
<td><input name="auto_blacklist" type="checkbox" value="1" <?php
echo $ex1;
?>
/></td>
</tr>
<tr nowrap="nowrap">
<td align="right">每分钟允许尝试评论次数:</td>
<td><input size="10" name="max_attempt" type="text" value="<?php
echo $max_attempt;
?>
" />(开启自动黑名单有效)</td>
</tr>
<tr nowrap="nowrap">
<td align="right" valign="top">屏蔽词汇(以 | 分割):<br />
可以使用通配符*或者系统<a href="#var">内置变量</a>
</td>
<td><textarea name="keywords" cols="" rows="4" style="width:300px;height:70px;"><?php
echo $keywords;
?>
</textarea></td>
</tr>
<tr nowrap="nowrap">
<td align="right" valign="top">屏蔽昵称(以 | 分割):<br />
可以使用通配符*或者系统<a href="#var">内置变量</a>
</td>
<td><textarea name="name_keywords" cols="" rows="4" style="width:300px;height:70px;"><?php
echo $name_keywords;
?>
</textarea></td>
</tr>
<tr nowrap="nowrap">
<td align="right" valign="top">屏蔽地址(每行一条):<br/>
可以使用通配符*或者系统<a href="#var">内置变量</a>
</td>
<td><textarea name="url_keywords" cols="" rows="4" style="width:300px;height:70px;"><?php
echo $url_keywords;
?>
</textarea></td>
</tr>
<tr>
<td align="center" colspan="2"><input type="submit" value="保存设置" class="button" /></td>
</tr>
</tbody>
</table>
</form>
<b><a name="var"></a>内置变量</b>
<table cellspacing="8" cellpadding="4" width="95%" align="center" border="0">
<tbody>
<?php
foreach ($vari as $value) {
?>
<tr nowrap="nowrap">
<td width="40%" align="right"><?php
echo $value[0];
?>
</td>
<td width="60%"><b><?php
echo $value[1];
?>
</b></td>
</tr>
<?php
}
?>
<tr>
<td align="center" colspan="2"><font color="red">*注</font>:该项仅当评论全文符合时过滤评论(例如关键字填入asc_letter时,仅过滤纯英文评论)</td>
</tr>
</tbody>
</table>
<?php
}
?>
<script>
$("#anti_spam_comment").addClass('sidebarsubmenu1');
</script>
<?php
}
function widget_twitter($title)
{
global $CACHE;
$newtws_cache = $CACHE->readCache('newtw');
$istwitter = Option::get('istwitter');
?>
<li>
<h3><span><?php
echo $title;
?>
</span></h3>
<ul id="twitter">
<?php
foreach ($newtws_cache as $value) {
?>
<?php
$img = empty($value['img']) ? "" : '<a title="查看图片" class="t_img" href="' . BLOG_URL . str_replace('thum-', '', $value['img']) . '" target="_blank"> </a>';
?>
<li><?php
echo $value['t'];
echo $img;
?>
<p><?php
echo smartDate($value['date']);
?>
</p></li>
<?php
}
?>
<?php
if ($istwitter == 'y') {
?>
<p><a href="<?php
echo BLOG_URL . 't/';
?>
">更多»</a></p>
<?php
}
?>
</ul>
</li>
<?php
}
/**
* 获取评论
*
* @param int $spot 0:前台 1:后台 2: 手机
* @param int $blogId
* @param string $hide
* @param int $page
* @return array
*/
function getComments($spot = 0, $blogId = null, $hide = null, $page = null)
{
$andQuery = '1=1';
$andQuery .= $blogId ? " and a.gid={$blogId}" : '';
$andQuery .= $hide ? " and a.hide='{$hide}'" : '';
$condition = '';
if ($page && $spot == 1) {
$perpage_num = Option::get('admin_perpage_num');
if ($page > PHP_INT_MAX) {
$page = PHP_INT_MAX;
}
$startId = ($page - 1) * $perpage_num;
$condition = "LIMIT {$startId}, " . $perpage_num;
}
if ($spot == 0 || $spot == 2) {
$sql = "SELECT * FROM " . DB_PREFIX . "comment as a where {$andQuery} ORDER BY a.date ASC {$condition}";
} else {
$andQuery .= ROLE != ROLE_ADMIN ? ' and b.author=' . UID : '';
$sql = "SELECT *,a.hide,a.date FROM " . DB_PREFIX . "comment as a, " . DB_PREFIX . "blog as b where {$andQuery} and a.gid=b.gid ORDER BY a.date DESC {$condition}";
}
$ret = $this->db->query($sql);
$comments = array();
while ($row = $this->db->fetch_array($ret)) {
$row['poster'] = htmlspecialchars($row['poster']);
$row['mail'] = htmlspecialchars($row['mail']);
$row['url'] = htmlspecialchars($row['url']);
$row['content'] = htmlClean($row['comment']);
$row['date'] = smartDate($row['date']);
$row['children'] = array();
if ($spot == 0) {
$row['level'] = isset($comments[$row['pid']]) ? $comments[$row['pid']]['level'] + 1 : 0;
}
//$row['hide'];
//$row['title'];
//$row['gid'];
$comments[$row['cid']] = $row;
}
if ($spot == 0) {
$commentStacks = array();
$commentPageUrl = '';
foreach ($comments as $cid => $comment) {
$pid = $comment['pid'];
if ($pid == 0) {
$commentStacks[] = $cid;
}
if ($pid != 0 && isset($comments[$pid])) {
if ($comments[$cid]['level'] > 4) {
$comments[$cid]['pid'] = $pid = $comments[$pid]['pid'];
}
$comments[$pid]['children'][] = $cid;
}
}
if (Option::get('comment_order') == 'newer') {
$comments = array_reverse($comments, true);
$commentStacks = array_reverse($commentStacks);
}
if (Option::get('comment_paging') == 'y') {
$pageurl = Url::log($blogId);
if (Option::get('isurlrewrite') == 0 && strpos($pageurl, '=') !== false) {
$pageurl .= '&comment-page=';
} else {
$pageurl .= '/comment-page-';
}
$commentPageUrl = pagination(count($commentStacks), Option::get('comment_pnum'), $page, $pageurl, '#comments');
$commentStacks = array_slice($commentStacks, ($page - 1) * Option::get('comment_pnum'), Option::get('comment_pnum'));
}
$comments = compact('comments', 'commentStacks', 'commentPageUrl');
} elseif ($spot == 2) {
$commentStacks = array_keys($comments);
$commentPageUrl = '';
if (Option::get('comment_order') == 'newer') {
$comments = array_reverse($comments, true);
$commentStacks = array_reverse($commentStacks);
}
if (Option::get('comment_paging') == 'y') {
$pageurl = './?post=' . $blogId . '&comment-page=';
$commentPageUrl = pagination(count($commentStacks), Option::get('comment_pnum'), $page, $pageurl);
$commentStacks = array_slice($commentStacks, ($page - 1) * Option::get('comment_pnum'), Option::get('comment_pnum'));
}
$comments = compact('comments', 'commentStacks', 'commentPageUrl');
}
return $comments;
}
function draw_UpgradeAccount($admin)
{
global $adm_pass;
global $adm_login;
global $addrlink;
global $pro_mysql_admin_table;
global $pro_mysql_client_table;
global $pro_mysql_product_table;
global $pro_mysql_companies_table;
global $pro_mysql_pending_renewal_table;
global $secpayconf_currency_letters;
if (!isset($secpayconf_currency_letters)) {
get_secpay_conf();
}
$out = "";
$nowrap = 'style="white-space:nowrap"';
$frm_start = "<form action=\"" . $_SERVER["PHP_SELF"] . "\">\n<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n<input type=\"hidden\" name=\"addrlink\" value=\"{$addrlink}\">\n<input type=\"hidden\" name=\"action\" value=\"upgrade_myaccount\">\n";
$client = $admin["client"];
$out .= "<b><u>" . _("Upgrade my account:") . "</u></b><br>";
if ($admin["info"]["prod_id"] != 0) {
$out .= "<i><u>" . _("Past account refundal") . "</u></i><br>";
$out .= _("Your last command expire on the: ") . $admin["info"]["expire"] . ".<br>";
$out .= _("Today is the: ") . date("Y-m-d") . "<br>";
$today = mktime(0, 0, 0, date("m"), date("d"), date("Y"));
$ar = explode("-", $admin["info"]["expire"]);
$expire = mktime(0, 0, 0, $ar[1], 0, $ar[0]);
$remaining_seconds = $expire - $today;
$days_remaining = $remaining_seconds / (60 * 60 * 24);
$days_outstanding = 0;
// don't give credit if there are negative days remaining
if ($days_remaining < 0) {
$days_outstanding = $days_remaining;
$days_remaining = 0;
}
$q = "SELECT * FROM {$pro_mysql_product_table} WHERE id='" . $admin["info"]["prod_id"] . "';";
$r = mysql_query($q) or die("Cannot querry: \"{$q}\" !!!" . mysql_error() . " line " . __LINE__ . " in file " . __FILE__);
$prod = mysql_fetch_array($r);
$ar = explode("-", $prod["period"]);
$prod_period = mktime(0, 0, 0, $ar[1] + 1, 1, 1970 + $ar[0]);
$prod_days = $prod_period / (60 * 60 * 24);
$price_per_days = $prod["price_dollar"] / $prod_days;
$refundal = floor($days_remaining * $price_per_days);
$owing = floor($days_outstanding * $price_per_days);
$out .= _("Your past account was: ") . $prod["price_dollar"] . " " . $secpayconf_currency_letters . " " . _("for") . " " . smartDate($prod["period"]) . "<br>";
$out .= _("Refund") . " (" . $days_remaining . _(" days) for upgrading will be: ") . "{$refundal} " . $secpayconf_currency_letters . "<br><br>";
$out .= _("You have") . " (" . $days_outstanding . _(" days), with ") . "{$owing}" . " " . $secpayconf_currency_letters . _(" remaining to be paid") . "<br>";
} else {
$out .= _("You currently don't have a validated account. Please contact customer support.");
return $out;
}
$out .= "<i><u>" . _("Step 1: choose your upgrade") . "</u></i><br>";
if (!isset($_REQUEST["prod_id"]) || $_REQUEST["prod_id"] == "") {
$out .= _("Your current account is ") . smartByte($admin["info"]["quota"] * 1024 * 1024) . _(" disk storage and ") . smartByte($admin["info"]["bandwidth_per_month_mb"] * 1024 * 1024) . _(" of data transfer each month.") . "<br><br>" . _("To what capacity would you like to upgrade to?") . "<br>";
$q = "SELECT * FROM {$pro_mysql_product_table} WHERE (quota_disk > '" . $admin["info"]["quota"] . "' OR bandwidth > '" . $admin["info"]["bandwidth_per_month_mb"] . "' or max_domain>" . $admin["info"]["max_domain"] . ") and heb_type='shared';";
$r = mysql_query($q) or die("Cannot query \"{$q}\" !" . mysql_error());
$n = mysql_num_rows($r);
$out .= "{$frm_start}";
$out .= "<table border=\"1\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\" height=\"1\">";
$out .= "<tr><td></td><td>" . _("Product") . "</td><td>" . _("Storage") . "</td><td>" . _("Bandwidth/month") . "</td>\n\t\t\t<td>" . _("Max. Domains") . "</td><td>" . _("Price") . "</td><td>" . _("Period") . "</td></tr>";
if ($n > 0) {
for ($i = 0; $i < $n; $i++) {
$ro = mysql_fetch_array($r);
if ($i % 2) {
$color = " bgcolor=\"#000000\" ";
$fnt1 = "<font color=\"#FFFFFF\"> ";
$fnt2 = "</font>";
} else {
$color = "";
$fnt1 = "";
$fnt2 = "";
}
$out .= '<tr><td>' . $fnt1 . '<input type="radio" name="prod_id" value="' . $ro["id"] . '">' . $fnt2 . '</td>';
$out .= "<td {$color} {$nowrap} >{$fnt1}" . $ro["name"] . $fnt2 . '</td>';
$out .= "<td {$color} {$nowrap} >{$fnt1}" . smartByte($ro["quota_disk"] * 1024 * 1024) . $fnt2 . '</td>';
$out .= "<td {$color} {$nowrap} >{$fnt1}" . smartByte($ro["bandwidth"] * 1024 * 1024) . $fnt2 . '</td>';
$out .= "<td {$color} {$nowrap} >{$fnt1}" . $ro["max_domain"] . $fnt2 . '</td>';
$out .= "<td {$color} {$nowrap} >{$fnt1}" . $ro["price_dollar"] . $fnt2 . '</td>';
$out .= "<td {$color} {$nowrap} >{$fnt1}" . smartDate($ro["period"]) . $fnt2 . '</td></tr>';
}
$out .= '</table><center><input type="submit" value="' . _("Calculate price") . '"></center></form>';
} else {
$out .= '</table><center>' . _("There is no product with greater capacity available, please contact Support service.") . '</center></form>';
}
return $out;
}
$q = "SELECT * FROM {$pro_mysql_product_table} WHERE id='" . $_REQUEST["prod_id"] . "';";
$r = mysql_query($q) or die("Cannot query \"{$q}\" !" . mysql_error());
$n = mysql_num_rows($r);
if ($n != 1) {
die("Product not found !!!");
}
$ro = mysql_fetch_array($r);
$q = "SELECT * FROM {$pro_mysql_client_table} WHERE id='" . $admin["info"]["id_client"] . "';";
$r = mysql_query($q) or die("Cannot query \"{$q}\" !" . mysql_error());
$n = mysql_num_rows($r);
if ($n != 1) {
die("Client not found !!!");
}
$rocli = mysql_fetch_array($r);
$frm_start .= '<input type="hidden" name="prod_id" value="' . $ro["id"] . '">';
$out .= _("You have selected") . ": " . $ro["name"];
$out .= " (" . _("Storage") . ": " . smartByte($ro["quota_disk"] * 1024 * 1024);
$out .= ", " . _("Transfer") . ": " . smartByte($ro["bandwidth"] * 1024 * 1024) . '), ';
$out .= ", " . _("Max. Domains") . ": " . $ro["max_domain"] . '), ';
$out .= '$' . $ro["price_dollar"] . ' ' . _("each") . ' ' . smartDate($ro["period"]);
$out .= "<br><br><i><u>" . _("Step 2: proceed to upgrade") . "</u></i><br>";
$remaining = $admin["client"]["dollar"];
$ze_price = $ro["price_dollar"];
$heber_price = $ze_price - $refundal;
if (isset($_REQUEST["inner_action"]) && $_REQUEST["inner_action"] == "return_from_paypal_upgrade_account") {
$ze_refund = isPayIDValidated(addslashes($_REQUEST["pay_id"]));
if ($ze_refund == 0) {
$out .= "<font color=\"red\">" . _("The transaction failed, please try again!") . "</font>";
} else {
$out .= "<font color=\"green\">" . _("Funds added to your account!") . "</font><br>";
$q = "UPDATE {$pro_mysql_client_table} SET dollar = dollar+" . $ze_refund . " WHERE id='" . $admin["info"]["id_client"] . "';";
$r = mysql_query($q) or die("Cannot querry {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error());
$admin["client"]["dollar"] += $ze_refund;
$remaining += $ze_refund;
}
}
$out .= _("Remaining on your account") . ": " . $remaining . "{$secpayconf_currency_letters}<br>\n" . _("New account price") . ": " . $ze_price . "{$secpayconf_currency_letters}<br>\n" . _("Past account refundal") . ": " . $refundal . "{$secpayconf_currency_letters}<br>\n" . _("Total price") . ": " . $heber_price . "{$secpayconf_currency_letters}<br>";
if ($heber_price > $remaining) {
$to_pay = $heber_price - $remaining;
$payid = createCreditCardPaiementID($to_pay, $admin["info"]["id_client"], "Account upgrade: " . $ro["name"], "no");
$return_url = $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}" . "&addrlink={$addrlink}&action=upgrade_myaccount&prod_id=9&inner_action=return_from_paypal_upgrade_account&payid={$payid}";
$service_location = $conf_this_server_country_code;
$company_invoicing_id = findInvoicingCompany($conf_this_server_country_code, $rocli["country"]);
$q = "SELECT * FROM {$pro_mysql_companies_table} WHERE id='{$company_invoicing_id}';";
$r = mysql_query($q) or die("Cannot query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
if ($n != 1) {
$form = "Cannot find company invoicing line " . __LINE__ . " file " . __FILE__;
break;
}
$company_invoicing = mysql_fetch_array($r);
// If VAT is set, use it.
if ($company_invoicing["vat_rate"] == 0 || $company_invoicing["vat_number"] == "") {
$vat_rate = 0;
$use_vat = "no";
} else {
// Both companies are in europe, in different countries, and customer as a VAT number,
// then there is no VAT and the customer shall pay the VAT in it's own country
// These are the VAT rules in the European Union...
if ($client["is_company"] == "yes" && $client["vat_num"] != "" && isset($cc_europe[$client["country"]]) && isset($cc_europe[$company_invoicing["country"]]) && $client["country"] != $company_invoicing["country"]) {
$vat_rate = 0;
$use_vat = "no";
} else {
$use_vat = "yes";
$vat_rate = $company_invoicing["vat_rate"];
}
}
// Save the values in SQL and process the paynow buttons
$q = "INSERT INTO {$pro_mysql_pending_renewal_table} (id,adm_login,renew_date,renew_time,product_id,renew_id,heb_type,country_code)\n\t\tVALUES ('','" . $_REQUEST["adm_login"] . "',now(),now(),'" . $ro["id"] . "','" . $rocli["id"] . "','shared-upgrade','{$country}');";
$r = mysql_query($q) or die("Cannot querry {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error());
$renew_id = mysql_insert_id();
$payid = createCreditCardPaiementID($heber_price, $renew_id, "Account upgrade: " . $ro["name"] . " (login: "******"adm_login"] . ")", "no", $prod_id, $vat_rate);
$q = "UPDATE {$pro_mysql_pending_renewal_table} SET pay_id='{$payid}' WHERE id='{$renew_id}';";
$r = mysql_query($q) or die("Cannot querry {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error());
$payButton = paynowButton($payid, $heber_price, "Account upgrade: " . $ro["name"], $return_url, $vat_rate);
$out .= "<br>" . _("You currently don't have enough funds on your account. You will be redirected to our payment system. Please click on the button below to pay.") . "<br><br>" . $payButton;
return $out;
}
$after_upgrade_remaining = $remaining - $heber_price;
$out .= _("After upgrade, you will have") . ": " . $after_upgrade_remaining . " " . $secpayconf_currency_letters . "<br><br>";
// Check for confirmation
if (isset($_REQUEST["toreg_confirm_register"]) && $_REQUEST["toreg_confirm_register"] != "yes") {
$out .= _("You have enough funds on your account to proceed account upgrade. Press the confirm button and your order will be proceeded.") . "<br><br>\n{$frm_start}\n<input type=\"hidden\" name=\"toreg_confirm_register\" value=\"yes\">\n<input type=\"submit\" value=\"" . _("Proceed to account upgrade") . "\">\n</form>";
return $out;
}
return $out;
}
foreach ($user_cache as $val) {
if (isset($val['name']) && $val['name'] == $rname) {
exit('err4');
}
}
$date = time();
$name = subString(ROLE == ROLE_VISITOR ? $rname : addslashes($user_cache[UID]['name']), 0, 16);
$rdata = array('tid' => $tid, 'content' => $r, 'name' => $name, 'date' => $date, 'hide' => ROLE == ROLE_VISITOR ? Option::get('ischkreply') : 'n');
$Twitter_Model = new Twitter_Model();
$Reply_Model = new Reply_Model();
$rid = $Reply_Model->addReply($rdata);
if ($rid === false) {
exit('err5');
}
doAction('reply_twitter', $r, $name, $date, $tid);
if (Option::get('ischkreply') == 'n' || ROLE != ROLE_VISITOR) {
$Twitter_Model->updateReplyNum($tid, '+1');
} else {
exit('succ1');
}
$CACHE->updateCache('sta');
$_SESSION['code'] = null;
$date = smartDate($date);
$r = htmlClean(stripslashes($r));
$response = "\n <li>\n <span class=\"name\">" . stripslashes(htmlspecialchars($name)) . "</span> {$r}<span class=\"time\">{$date}</span>\n <em><a href=\"javascript:re({$tid}, '@{$name}:');\">回复</a></em>\n </li>";
echo $response;
}
// 回复验证码
if ($action == 'ckcode') {
require_once EMLOG_ROOT . '/include/lib/checkcode.php';
}
function widget_twitter($title)
{
global $CACHE;
$newtws_cache = $CACHE->readCache('newtw');
$istwitter = Option::get('istwitter');
?>
<div class="widget">
<h3 class="widget-title"><?php
echo $title;
?>
</h3>
<ul class="sidebar-comments">
<?php
foreach ($newtws_cache as $value) {
?>
<?php
$img = empty($value['img']) ? "" : '<a title="查看图片" class="t_img" href="' . BLOG_URL . str_replace('thum-', '', $value['img']) . '" target="_blank"> </a>';
?>
<li><?php
echo $value['t'];
echo $img;
?>
<p><?php
echo smartDate($value['date']);
?>
</p></li>
<?php
}
?>
</ul>
</div>
<?php
}
function DownloadMe_LogAction($Log)
{
session_start();
$_SESSION['DownloadMe'] = 1;
$DownData = DownloadMe_Ret();
global $DownloadMe_Cache_Inc;
$Gid = "Log_" . (empty($DownloadMe_Cache_Inc['mov']) ? $Log['logid'] : $Log);
$Data = $DownData[$Gid];
$Show = false;
if (!empty($Data)) {
$ExpWrap = explode('[list]', $DownloadMe_Cache_Inc['wrap']);
echo $ExpWrap[0];
foreach ($Data as $V) {
$File = $DownData['File'][$V];
$Down = unserialize($File['download']);
if ($Down['hide'] === true) {
continue;
}
$Search = array("Url" => "[url]", "Path" => "[path]", "Name" => "[name]", "NameSub" => "[nameSub]", "Size" => "[size]", "Stat" => "[tong]", "Time" => "[time]");
$Replace = array("Url" => BLOG_URL . '?downloadMe=' . $V, "Path" => BLOG_URL . str_replace('../', '', $File['filepath']), "Name" => $File['filename'], "NameSub" => subString($File['filename'], 0, 25), "Size" => $File['filesize'] <= 0 ? "未知大小" : changeFileSize($File['filesize']), "Stat" => $Down['statis'] ? $Down['statis'] : 0, "Time" => smartDate($File['addtime']));
echo str_replace($Search, $Replace, $DownloadMe_Cache_Inc['file']);
$Show = true;
}
if ($Show === false) {
echo '没有附件..';
}
echo $ExpWrap[1];
}
}
function widget_twitter($title)
{
global $CACHE;
$newtws_cache = $CACHE->readCache('newtw');
$istwitter = Option::get('istwitter');
?>
<li>
<h3><span><?php
echo $title;
?>
</span></h3>
<ul id="twitter">
<?php
foreach ($newtws_cache as $value) {
?>
<?php
$img = empty($value['img']) ? "" : '<img src="' . BLOG_URL . str_replace('thum-', '', $value['img']) . '" width="100%" height="auto" alt="微语图片" />';
?>
<li>
<p><?php
echo $value['t'];
?>
</p>
<?php
echo $img;
?>
<time><?php
echo smartDate($value['date']);
?>
</time>
</li>
<?php
}
?>
<?php
if ($istwitter == 'y') {
?>
<p><a href="<?php
echo BLOG_URL . 't/';
?>
" title="更多内容">更多»</a></p>
<?php
}
?>
</ul>
</li>
<?php
}
echo BLOG_URL . 't/';
?>
">更多»</a>
</span>
<?php
}
?>
</h5>
<ul class="collection" id="twitter">
<?php
foreach ($newtws_cache as $value) {
?>
<?php
$img = empty($value['img']) ? "" : '<a title="查看图片" class="t_img" href="' . BLOG_URL . str_replace('thum-', '', $value['img']) . '" target="_blank"> </a>';
?>
<li class="collection-item">
<span class="light twitter-title"><?php
echo $value['t'];
echo $img;
?>
</span>
<time class="light teal-text text-lighted-1"><?php
echo smartDate($value['date']);
?>
</time class="light">
</li>
<?php
}
?>
</ul>