<?php // +---------------------------------------------+ // | Copyright 2010 - 2028 WeLive | // | http://www.weentech.com | // | This file may not be redistributed. | // +---------------------------------------------+ define('AJAX', true); include 'includes/welive.Core.php'; $uid = ForceIncomingInt('uid'); $gid = ForceIncomingInt('gid'); $act = ForceIncomingString('act'); $ajax_last = ForceIncomingFloat('ajax_last'); if (!$uid or !$gid) { die('Hacking!'); } elseif (ForceIncomingCookie('weliveG' . COOKIE_KEY) != md5($gid . WEBSITE_KEY . $uid . $_CFG['cKillRobotCode'])) { setcookie('weliveG' . COOKIE_KEY, '', 0, '/'); die('Hacking!'); } $mktime = explode(' ', microtime()); $realtime = $mktime[1]; $minitime = $mktime[0]; $lines = array(); //获取最新信息 $getmsgs = $DB->query("SELECT msg, biu, color FROM " . TABLE_PREFIX . "msg WHERE toid = '{$gid}' AND type = 1 AND fromid ='{$uid}' AND (created + minitime) > {$ajax_last} ORDER BY msgid ASC"); while ($msg = $DB->fetch($getmsgs)) { $lines[] = WeLive(1, html($msg['msg']), 2, $msg['biu'], $msg['color']); } $sql = "SELECT u.userid, u.activated, u.isonline AS uisonline, g.guestid, g.isonline AS gisonline, g.isbanned FROM " . TABLE_PREFIX . "user u\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "guest g ON g.serverid = u.userid AND g.guestid = '{$gid}'\r\n\t\t\tWHERE u.userid = '{$uid}'\r\n\t\t\tAND u.usergroupid <> 1"; $uginfo = $DB->getOne($sql); //验证客服和访客的状态
<?php // +---------------------------------------------+ // | Copyright 2010 - 2028 WeLive | // | http://www.weentech.com | // | This file may not be redistributed. | // +---------------------------------------------+ include 'includes/welive.Core.php'; header_nocache(); $uid = ForceIncomingInt('uid'); //保存数据 if (isset($_POST['submitcomment'])) { $vvckey = ForceIncomingInt('vvckey'); if (ForceIncomingCookie('safecookieC' . $vvckey . COOKIE_KEY) != md5($_CFG['cKillRobotCode'] . $vvckey)) { exit; } setcookie('safecookieC' . $vvckey . COOKIE_KEY, '', 0, '/'); $gname = ForceIncomingString('gname'); $username = ForceIncomingString('username'); $content = ForceIncomingString('content'); $vvc = ForceIncomingString('vvc'); if (strlen($gname) < 1) { $error_u = 1; } if (strlen($content) < 1) { $error_c = 1; } if (strlen($vvc) < 1) { $error_v = 1; } else { if (!CheckVVC($vvckey, $vvc)) {
define('TURL', BASEURL . 'templates/'); define('COPYRIGHT', '© ' . date("Y") . ' <a href="' . APP_URL . '" target="_blank">' . APP_NAME . '</a> ' . base64_decode('5Zyo57q/5a6i5pyN57O757uf ') . '(v' . APP_VERSION . ')'); if (defined('AUTH')) { //客服和管理员只显示中文, 且需要授权 include BASEPATH . 'includes/welive.Support.php'; define('IS_CHINESE', 1); define('SITE_TITLE', $_CFG['cTitle']); @(include BASEPATH . 'languages/Chinese.php'); if (!defined('AJAX')) { //客服的AJAX操作无需授权 include BASEPATH . 'includes/welive.Auth.php'; } } elseif ($_CFG['cActived']) { //客人自动选择语言 include BASEPATH . 'includes/welive.Functions.php'; $sitelang = ForceIncomingCookie('LANG' . COOKIE_KEY); if (!$sitelang) { if ($_CFG['cLang'] == 'Auto') { if (strstr(strtolower($_SERVER['HTTP_ACCEPT_LANGUAGE']), 'zh-cn') or strstr(strtolower($_SERVER['HTTP_ACCEPT_LANGUAGE']), 'zh-tw')) { $sitelang = 'Chinese'; } else { $sitelang = 'English'; } } else { $sitelang = $_CFG['cLang']; } } define('SITE_LANG', $sitelang); define('IS_CHINESE', Iif(SITE_LANG == 'Chinese', 1, 0)); define('SITE_TITLE', Iif(IS_CHINESE, $_CFG['cTitle'], $_CFG['cTitle_en'])); @(include BASEPATH . 'languages/' . SITE_LANG . '.php');
<?php // +---------------------------------------------+ // | Copyright 2010 - 2028 WeLive | // | http://www.weentech.com | // | This file may not be redistributed. | // +---------------------------------------------+ include 'includes/welive.Core.php'; header_nocache(); $uid = ForceIncomingInt('uid'); $vvckey = ForceIncomingString('vvckey'); $code = authcode(base64_decode($_GET['code']), 'DECODE', $vvckey); $fromurl = base64_decode(ForceIncomingString('url', 'unknown')); $gid = ForceInt(ForceIncomingCookie('weliveGID' . COOKIE_KEY)); if (!$uid or !$code or !$vvckey) { $error = $lang['er_verify']; } elseif ($code !== COOKIE_KEY . $uid) { $error = $lang['er_verify']; } elseif (IsBannedIP(GetIP())) { $error = $lang['er_bannedip']; } else { $sql = "SELECT u.* FROM " . TABLE_PREFIX . "user u\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroup ug ON ug.usergroupid = u.usergroupid\r\n\t\t\t\tWHERE u.userid = '{$uid}'\r\n\t\t\t\tAND u.activated = 1\r\n\t\t\t\tAND u.usergroupid <> 1\r\n\t\t\t\tAND ug.activated = 1"; $user = $DB->getOne($sql); if (!$user['userid'] or $code !== COOKIE_KEY . $user['userid']) { $error = $lang['er_verify']; } elseif (!$user['isonline']) { $error = $lang['er_uoffline']; } else { $transfer_uid = checkbusy($uid); //这里判断是否需要转接到其他客服 if ($transfer_uid) {
$sessionid = ForceIncomingCookie(COOKIE_NAME); if ($sessionid and IsPass($sessionid)) { $user = $DB->getOne("SELECT u.userid, u.usergroupid FROM " . TABLE_PREFIX . "session s \r\n\t\tLEFT JOIN " . TABLE_PREFIX . "user u ON u.userid = s.userid\r\n\t\tWHERE sessionid = '{$sessionid}'"); $DB->exe("UPDATE " . TABLE_PREFIX . "user SET isonline = 0 WHERE userid = '{$user['userid']}' "); $DB->exe("DELETE FROM " . TABLE_PREFIX . "session WHERE sessionid = '{$sessionid}' "); $DB->exe("DELETE FROM " . TABLE_PREFIX . "vvc WHERE date < " . ($realtime - 3600 * 8)); $DB->exe("DELETE FROM " . TABLE_PREFIX . "session WHERE created < " . ($realtime - 3600 * 48)); if ($user['usergroupid'] != 1) { refreshCache($user['userid'], 'isonline', '0'); //仅客服退出时更新缓存 } } setcookie(COOKIE_NAME, "", 0, "/"); LogIn(); } else { $sessionid = ForceIncomingCookie(COOKIE_NAME); if ($sessionid and IsPass($sessionid)) { $sql = "SELECT u.*, (select COUNT(*) FROM " . TABLE_PREFIX . "comment WHERE touserid = s.userid) AS comments FROM " . TABLE_PREFIX . "session s\r\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user u ON u.userid = s.userid\r\n\t\t\t\t\tWHERE s.sessionid = '{$sessionid}'\r\n\t\t\t\t\tAND s.ipaddress = '" . GetIP() . "'\r\n\t\t\t\t\tAND u.activated = 1"; $userinfo = $DB->getOne($sql); if (!$userinfo or !$userinfo['userid']) { unset($userinfo); setcookie(COOKIE_NAME, "", 0, "/"); LogIn(); } } else { LogIn(); } } } unset($userid, $loginusername, $loginpassword, $sessionid); // ####################################################################