$threaddb = array();
$query = $db->query("SELECT tid,fid,subject,postdate,lastpost,lastposter,replies,hits,titlefont FROM pw_threads WHERE authorid=" . pwEscape($userdb['uid']) . " {$sql} ORDER BY {$ordertype} DESC {$limit}");
while ($rt = $db->fetch_array($query)) {
$rt['subject'] = substrs($rt['subject'], 45);
$rt['forum'] = strip_tags($forum[$rt['fid']]['name']);
$rt['postdate'] = get_date($rt['postdate'], 'Y-m-d');
$rt['lastpost'] = get_date($rt['lastpost'], 'Y-m-d');
$rt['encode_lastposter'] = rawurlencode($rt['lastposter']);
$threaddb[] = $rt;
}
require_once PrintEot('u');
footer();
} elseif ($action == 'post') {
include_once D_P . 'data/bbscache/forum_cache.php';
require_once R_P . 'require/forum.php';
InitGP(array('ptable', 'page'));
(!is_numeric($page) || $page < 1) && ($page = 1);
$limit = pwLimit(($page - 1) * $db_perpage, $db_perpage);
!isset($ptable) && ($ptable = $db_ptable);
$pw_posts = GetPtable($ptable);
$fidoff = $isU ? array(0) : getFidoff($groupid);
$sqloff = ' AND p.fid NOT IN(' . pwImplode($fidoff) . ')';
$count = $db->get_value("SELECT COUNT(*) AS count FROM {$pw_posts} p WHERE authorid=" . pwEscape($userdb['uid']) . " {$sqloff}");
$nurl = "u.php?action=post&uid={$uid}&";
if ($p_list) {
$p_table = "";
foreach ($p_list as $key => $val) {
$name = $val ? $val : ($key != 0 ? getLangInfo('other', 'posttable') . $key : getLangInfo('other', 'posttable'));
$p_table .= "<tr><td id=\"up_post{$key}\" class=\"fav\"><a href=\"{$nurl}ptable={$key}\">" . $name . "</a></td></tr>";
}
$nurl .= "ptable={$ptable}&";
//$navMenu->cache();
adminmsg('operate_success');
} elseif ($action == 'delete') {
InitGP(array('id'));
empty($db_hackdb[$id]) && adminmsg('hackcenter_del');
unset($db_hackdb[$id]);
$sqlarray = file_exists(R_P . "hack/{$id}/sql.txt") ? FileArray($id) : array();
!empty($sqlarray) && SQLDrop($sqlarray);
setConfig('db_hackdb', $db_hackdb);
$navMenu = L::loadClass('navmenu');
$navMenu->settype('bbs_navinfo');
$navMenu->del('hack_' . $id);
$navMenu->cache();
adminmsg('operate_success');
} elseif ($action == 'add') {
InitGP(array('hackdir', 'hackname', 'hackopen'), 'G');
!empty($db_hackdb[$hackdir]) && adminmsg('hackcenter_sign_exists');
$sqlarray = file_exists(R_P . "hack/{$hackdir}/sql.txt") ? FileArray($hackdir) : array();
!empty($sqlarray) && SQLCreate($sqlarray);
$db_hackdb[$hackdir] = array($hackname, $hackdir, $hackopen);
setConfig('db_hackdb', $db_hackdb);
$navMenu = L::loadClass('navmenu');
$navMenu->settype('bbs_navinfo');
$navMenu->update('hack_' . $hackdir, array('title' => strip_tags($hackname), 'link' => 'hack.php?H_name=' . $hackdir));
if ($hackopen == 0) {
$navMenu->setshow('hack_' . $hackdir, 0);
$navMenu->setupnav('hack_' . $hackdir, 'hack');
} elseif ($hackopen == 1) {
$navMenu->setshow('hack_' . $hackdir, 1);
$navMenu->setupnav('hack_' . $hackdir, 'hack');
} elseif ($hackopen == 2) {
} else {
$userListHtml = getAllUsersHtml($message);
$smsList = $messageServer->getReplies($userId, $message['mid'], $rid);
}
} elseif ($action == 'down') {
InitGP(array('rid', 'redirect'), 'GP');
list($isown, $_url) = wap_redirect_init($redirect);
empty($rid) && wap_msg("非法请求");
if (!($message = $messageServer->getDownInfoByType($userId, $rid, $isown))) {
wap_sms_msg("已经是最后一条");
} else {
$userListHtml = getAllUsersHtml($message);
$smsList = $messageServer->getReplies($userId, $message['mid'], $rid);
}
} elseif ($action == 'post') {
InitGP(array('parentMid', 'atc_content', 'rid'), 'GP');
$_url = "index.php?a=ms_index&action=info&mid={$parentMid}&rid={$rid}&";
if (!$_G['allowmessege']) {
wap_msg('你所在的用户组不能发送消息', $_url);
}
empty($parentMid) && wap_msg('非法操作', $_url);
empty($atc_content) && wap_msg('回复内容不能为空', $_url);
$atc_content = trim(strip_tags($atc_content));
$messageInfo = array('create_uid' => $winduid, 'create_username' => $windid, 'title' => $windid, 'content' => $atc_content);
if (!($message = $messageServer->sendReply($winduid, $rid, $parentMid, $messageInfo))) {
wap_msg('回复失败', $_url);
}
wap_sms_msg('回复成功!');
}
wap_header();
require_once PrintWAP('ms_index');
$uids1[] = $rt['uid'];
}
} else {
$rt['startdate'] && ($rt['date'] = get_date($rt['startdate']));
$bandb[] = $rt;
}
}
if ($ids) {
$db->update("DELETE FROM pw_banuser WHERE id IN(" . pwImplode($ids) . ")");
$uids1 && $db->update("UPDATE pw_members SET groupid='-1' WHERE uid IN(" . pwImplode($uids1) . ")");
$uids2 && $db->update("UPDATE pw_members m LEFT JOIN pw_banuser b ON m.uid=b.uid AND b.fid>0 SET m.userstatus=m.userstatus&(~1) WHERE b.uid is NULL AND m.uid IN(" . pwImplode($uids2) . ")");
}
include PrintEot('viewban');
exit;
} elseif ($_POST['action'] == 'freeban') {
InitGP(array('free'), 'P');
!$free && adminmsg('operate_error');
$ids = pwImplode($free);
$uids1 = $uids2 = array();
$_cache = getDatastore();
$query = $db->query("SELECT * FROM pw_banuser WHERE uid IN ({$ids})");
while ($rt = $db->fetch_array($query)) {
$_cache->delete('UID_' . $rt['uid']);
if ($rt['fid']) {
$uids2[] = $rt['uid'];
} else {
$uids1[] = $rt['uid'];
}
}
$db->update("DELETE FROM pw_banuser WHERE uid IN({$ids})");
$uids1 && $db->update("UPDATE pw_members SET groupid='-1' WHERE uid IN(" . pwImplode($uids1) . ")");
<?php
!defined('P_W') && exit('Forbidden');
define('AJAX', 1);
InitGP(array('tid', 'block_id'));
$tid = (int) $tid;
if (!$tid) {
exit;
}
$thread = $db->get_one("SELECT tid,fid,author,authorid,subject,type,postdate,hits,replies FROM pw_threads WHERE tid=" . pwEscape($tid));
$temp = array();
if ($thread) {
$temp = array();
$temp['url'] = 'read.php?tid=' . $thread['tid'];
$temp['title'] = $thread['subject'];
$temp['image'] = '';
$temp['forumname'] = getForumName($thread['fid']);
$temp['forumurl'] = getForumUrl($thread['fid']);
$temp['descrip'] = getDescripByTid($tid);
// $block = $stopic_service->getBlockById($block_id);
// foreach ($block['config'] as $value) {
// if ($value == 'descrip') {
// $temp[$value] = getDescripByTid($tid);
// } elseif (array_key_exists($value,$thread)) {
// $temp[$value] = $thread[$value];
// } else {
// $temp[$value] = '';
// }
// }
$temp = pwJsonEncode($temp);
echo "success\t" . $temp;
<?php
!function_exists('adminmsg') && exit('Forbidden');
$siteBindInfoService = L::loadClass('WeiboSiteBindInfoService', 'sns/weibotoplatform/service');
/* @var $siteBindInfoService PW_WeiboSiteBindInfoService */
$templatesConfig = array('article' => array('title' => '帖子内容', 'description' => '{title}为帖子标题 ; {content}为帖子内容摘要 ; {url}为帖子地址'), 'diary' => array('title' => '日志内容', 'description' => '{title}为日志标题; {content}为日志内容摘要; {url}为日志地址'), 'group_active' => array('title' => '群组活动', 'description' => '{title}为群组活动标题; {content}为群组活动内容摘要; {url}为群组活动地址'), 'cms' => array('title' => '文章内容', 'description' => '{title}为文章标题; {content}为文章内容摘要; {url}为文章地址'), 'photos' => array('title' => '相册', 'description' => '{photo_count}为照片张数; {url}为相册地址'), 'group_photos' => array('title' => '群组相册', 'description' => '{photo_count}为照片张数; {url}为群组相册地址'));
InitGP(array('step', 'templates'));
if ($step == 'edit' && !empty($templates)) {
$warningMessage = '';
foreach ($templatesConfig as $key => $value) {
if (!isset($templates[$key]) || '' == $templates[$key]) {
$warningMessage = '所有微博模版不能为空';
}
}
if (!$warningMessage) {
$siteBindInfoService->saveWeiboTemplates($templates);
$warningMessage = '恭喜, 设置成功了';
}
}
$templatesSet = $siteBindInfoService->getWeiboTemplates();
include PrintTemplate('custom_weibo_template');
exit;
<?php
!defined('P_W') && exit('Forbidden');
InitGP(array('id'), null, 2);
InitGP(array('record'));
$rt = $db->get_one("SELECT tid,fid FROM pw_pinglog WHERE ifhide=0 AND id=" . S::sqlEscape($id));
if (empty($rt) || !$rt['fid']) {
Showmsg('data_error');
}
L::loadClass('forum', 'forum', false);
$pwforum = new PwForum($rt['fid']);
$isGM = CkInArray($windid, $manager);
if (!$isGM && !pwRights($pwforum->isBM($windid), 'pingcp', $rt['fid'])) {
Showmsg('mawhole_right');
}
//$db->update("UPDATE pw_pinglog SET record=" . S::sqlEscape($record) . " WHERE id=" . S::sqlEscape($id));
pwQuery::update('pw_pinglog', 'id=:id', array($id), array('record' => $record));
echo "success";
# memcache reflesh
if ($db_memcache) {
//* $threads = L::loadClass('Threads', 'forum');
//* $threads->delThreads($rt['tid']);
Perf::gatherInfo('changeThreadWithThreadIds', array('tid' => $rt['tid']));
}
ajax_footer();
<?php
!function_exists('readover') && exit('Forbidden');
/****
@name:加亮道具
@type:帖子类
@effect:可以将自己的帖子标题加亮显示
****/
if ($tooldb['type'] != 1) {
Showmsg('tooluse_type_error');
// 判断道具类型是否设置错误
}
if (!$_POST['step']) {
require_once PrintHack('index');
footer();
} else {
if ($tpcdb['authorid'] != $winduid) {
Showmsg('tool_authorlimit');
}
InitGP(array('title1', 'title2', 'title3', 'title4', 'title5', 'title6'));
$titlefont = "{$title1}~{$title2}~{$title3}~{$title4}~{$title5}~{$title6}~";
$db->update("UPDATE pw_threads SET titlefont=" . pwEscape($titlefont) . ",toolinfo=" . pwEscape($tooldb['name'], false) . "WHERE tid=" . pwEscape($tid));
$db->update("UPDATE pw_usertool SET nums=nums-1 WHERE uid=" . pwEscape($winduid) . "AND toolid=" . pwEscape($toolid));
$logdata = array('type' => 'use', 'nums' => '', 'money' => '', 'descrip' => 'tool_3_descrip', 'uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'time' => $timestamp, 'toolname' => $tooldb['name'], 'subject' => substrs($tpcdb['subject'], 15), 'tid' => $tid);
writetoollog($logdata);
Showmsg('toolmsg_success');
}
!$fid && Showmsg('annouce_fid');
InitGP(array('msgtype', 'toname', 'savetime'), 'P');
!$msgtype && !$toname && Showmsg('forummsg_object');
$msgtype == 1 ? $toname = '' : ($msgtype = 2);
$savetime = $timestamp + (intval($savetime) > 0 ? intval($savetime) : 30) * 86400;
$message = trim(Char_cv($_POST['message']));
!$message && Showmsg('forummsg_content');
$toname = "," . implode(',', $toname) . ",";
$pwSQL = pwSqlSingle(array('fid' => $fid, 'uid' => $winduid, 'username' => $windid, 'toname' => $toname, 'msgtype' => $msgtype, 'posttime' => $timestamp, 'savetime' => $savetime, 'message' => $message));
$db->update("INSERT INTO pw_forummsg SET {$pwSQL}");
refreshto("forumcp.php?action=edit&type=msg&fid={$fid}", 'operate_success');
}
}
} elseif ($action == 'del') {
PostCheck();
InitGP(array('selid', 'type'));
$selids = array();
foreach ($selid as $key => $value) {
is_numeric($value) && ($selids[] = $value);
}
if ($selids) {
$selids = pwImplode($selids);
} else {
Showmsg('id_error');
}
if ($type == 'report') {
$db->update("DELETE FROM pw_report WHERE id IN ({$selids})");
refreshto("forumcp.php?action=edit&type=report&fid={$fid}", 'operate_success');
}
}
function updatecache_fd1()
}
$editset = $checkvar = '';
foreach ($nav_left as $title => $left) {
$checkvar .= ",'chk_{$title}' : true";
$editset .= '<tr class="tr3"><td width="15%"><a style="cursor:pointer" onclick="CheckForm(getObj(\'' . $title . '\'))">' . $left['name'] . '</a></td><td id="' . $title . '"><ul class="list2">';
foreach ($left['items'] as $key => $value) {
$checked = !empty($right) && (int) $right[$key] == 1 ? 'CHECKED' : '';
$editset .= ' <li><input type="checkbox" name="rightdb[' . $key . ']" value="1" ' . $checked . '> ' . $value . '</li>';
}
$editset .= "</ul></td></tr>";
}
$checkvar && ($checkvar = substr($checkvar, 1));
include PrintEot('rightset');
exit;
} else {
InitGP(array('rightdb'), 'P', 2);
!$gid && adminmsg('undefined_action');
if (!empty($rightdb) && is_array($rightdb)) {
$right = array();
foreach ($rightdb as $key => $value) {
list($k1, $k2) = explode('_', $key);
if ($k1 == 'o' || $k1 == 'area' || $k1 == 'app') {
$right[$key] = $value;
} else {
if ($k2) {
$right[$k1][$k2] = $value;
} else {
$right[$key] = $value;
}
}
}
<?php
include "../common.inc.php";
include "function_common.php";
InitGP(array("page", "action", "inbox", "uname", "email", "subject", "message", "did", "delids"));
//初始化变量全局返回
AjaxHead();
//禁止页面缓存
header("Content-type: text/html; charset=" . CHARSET);
if (empty($action)) {
InitGP(array("uid", "isadmin", "email", "subject", "message"));
//初始化变量全局返回
if (!empty($_POST) and !empty($subject)) {
//发送邮件
if (isemail($email) && !empty($message)) {
$emailstr = $message;
include_once INC_PATH . "/sendmail.class.php";
$sendmail = new SendEmail();
$sendmail->sendmailto($subject, $emailstr, $email);
if (!empty($inbox)) {
exit("<script language='javascript'>alert('" . $sendmail->printmsg . "');parent.\$.fn.colorbox.close();</script>");
} else {
showmsg($sendmail->printmsg, PHP_SELF);
//出错!
}
} else {
if (!empty($inbox)) {
exit("<script language='javascript'>alert('email格式错误');location.reload();</script>");
} else {
showmsg("email格式错误", PHP_SELF);
//出错!
$htm_tr = '';
foreach ($groupdb as $key => $value) {
if ($key == '1' || $key == '2') {
continue;
}
$checked = strpos($postcate['viewright'], ',' . $key . ',') !== false ? 'checked' : '';
$htm_tr = '';
$num++;
$num % 5 == 0 ? $htm_tr = '</tr><tr>' : '';
$viewrighthtml .= "<td><input class='input' type='checkbox' name='viewright[]' value='" . $key . "' " . $checked . ">" . $value['grouptitle'] . "</td>" . $htm_tr;
}
$viewrighthtml .= "</tr></table>";
include PrintEot('postcate');
exit;
} else {
InitGP(array('viewright', 'adminright'));
$viewrights = ',' . implode(',', $viewright) . ',';
$adminrights = ',' . implode(',', $adminright) . ',';
$db->update("UPDATE pw_postcate" . " SET " . pwSqlSingle(array('viewright' => $viewrights, 'adminright' => $adminrights)) . " WHERE pcid=" . pwEscape($pcid));
updatecache_postcate();
adminmsg('operate_success', $basename . "&action=rightset&pcid={$pcid}");
}
}
function getFieldSqlByType($type)
{
if (in_array($type, array('number', 'calendar'))) {
$sql = "INT(10) UNSIGNED NOT NULL default '0'";
} elseif (in_array($type, array('radio', 'select'))) {
$sql = "TINYINT(3) UNSIGNED NOT NULL default '0'";
} elseif ($type == 'textarea') {
$sql = "TEXT NOT NULL";
<?php
!defined('M_P') && exit('Forbidden');
InitGP(array('pushid'), '', 2);
$pushdata = $invokeService->getPushDataById($pushid);
$invokeService->deletePushData($pushid);
$invokeService->updateCacheDataPiece($pushdata['invokepieceid'], $pushdata['fid'], $pushdata['loopid']);
echo "success";
ajax_footer();
<?php
!function_exists('adminmsg') && exit('Forbidden');
$basename = "{$admin_file}?adminjob=unituser";
require_once R_P . 'require/credit.php';
if (!$action) {
require_once PrintEot('unituser');
} elseif ($_POST['action'] == "unit") {
InitGP(array('uids', 'newuid'), 'P');
if (!$uids) {
adminmsg('unituser_username_empty');
}
if (!$newuid) {
adminmsg('unituser_newname_empty');
}
$touser = $db->get_one("SELECT username FROM pw_members WHERE uid=" . pwEscape($newuid));
Add_S($touser);
if (!$touser['username']) {
adminmsg('unituser_newname_error');
}
$oldinfo = array();
$uids = explode(',', $uids);
foreach ($uids as $key => $val) {
if (is_numeric($val)) {
if ($val == $newuid) {
adminmsg('unituser_samename');
}
$rt = $db->get_one("SELECT m.uid,m.username,md.postnum,md.digests,md.rvrc,md.money,md.credit,md.currency,mi.deposit,mi.ddeposit FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid LEFT JOIN pw_memberinfo mi ON m.uid=mi.uid WHERE m.uid=" . pwEscape($val));
if (!$rt['uid']) {
adminmsg('unituser_username_error');
} else {
updatecache_f();
$basename = "{$admin_file}?adminjob=setforum&action=edit&fid={$fid}";
adminmsg('operate_success');
}
} elseif ($action == 'changename') {
$fid = (int) GetGP('fid');
InitGP(array('fname'), 'P', 0);
$fname = str_replace('<iframe', '<iframe', $fname);
$fname = str_replace(array('<iframe', '"', "'"), array("<iframe", "", ""), $fname);
$db->update("UPDATE pw_forums SET name=" . pwEscape($fname) . " WHERE fid=" . pwEscape($fid));
updatecache_f();
$msg = getLangInfo('cpmsg', 'operate_success');
echo $msg;
ajax_footer();
} elseif ($action == 'delttype') {
InitGP(array('type', 'id'));
$id_array = array();
if ($type == 'top') {
$query = $db->query("SELECT id FROM pw_topictype WHERE upid=" . pwEscape($id));
while ($rt = $db->fetch_array($query)) {
$id_array[] = $rt['id'];
}
}
$id_array = array_merge($id_array, array($id));
if (!empty($id_array)) {
$db->update("DELETE FROM pw_topictype WHERE id IN (" . pwImplode($id_array) . ")");
updatecache_f();
$ids = implode("\t", $id_array);
echo "success\t" . $ids;
} else {
echo 'fail';
<?php
!function_exists('adminmsg') && exit('Forbidden');
$basename = "{$admin_file}?adminjob=safecheck";
if (!$action) {
$dirlist = '';
$fp = opendir('./');
while ($filename = readdir($fp)) {
if ($filename != '.' && $filename != '..' && is_dir($filename)) {
$dirlist .= "<option value=\"{$filename}\">/{$filename}</option>";
}
}
include PrintEot('safecheck');
exit;
} elseif ($action == 'search') {
InitGP(array('dir', 'keyword'));
if (!$dir || !$keyword) {
adminmsg('safecheck_operate_error');
}
$check = $dirlist = array();
foreach ($dir as $key => $value) {
$ifsub = $value == '.' ? 0 : 1;
checkfile($keyword, $value . '/', $ifsub);
}
if (empty($check)) {
adminmsg('all_file_ok');
}
foreach ($check as $file => $value) {
$dir = dirname($file);
$filename = basename($file);
$filemtime = get_date(pwFilemtime($file));
<?php
include "../common.inc.php";
include "function_common.php";
InitGP(array("page", "action", "state", "value", "payid", "ids", "did", "delids"));
//初始化变量全局返回
$Table = new TableClass("favorite", "fid");
AjaxHead();
//禁止页面缓存
if (empty($action)) {
InitGP(array("state", "orderby", "orderway", "keywords"));
//初始化变量全局返回
if (!empty($state)) {
$wherestr[] = "state='{$state}'";
}
if (!empty($keywords)) {
$wherestr[] = " CONCAT(uname,' ',goodsname,' ',goodsseller) like '%{$keywords}%' ";
}
if (!empty($wherestr)) {
$wheresql = implode(' AND ', $wherestr);
}
//条件汇总
$orderway = $orderway == "desc" ? "desc" : "asc";
if (!empty($orderby)) {
$orderstr = "{$orderby} {$orderway}";
}
//获取当前页码
$total = $Table->getcount($wheresql);
//总信息数
$pagesize = 15;
//一页显示信息数
<?php
//我的劵
InitGP(array("action", "type", "oid", "page"));
//初始化变量全局返回
include_once INC_PATH . "/guestbook.class.php";
$Table = new GuestBookClass();
AjaxHead();
if (empty($action)) {
$uname = $_USERS['uname'];
$wherestr[] = "G.uname='{$uname}'";
if (!empty($wherestr)) {
$wheresql = implode(' AND ', $wherestr);
}
//条件汇总
//获取当前页码
$total = $Table->getcount("uname='{$uname}'");
//总信息数
$pagesize = 5;
//一页显示信息数
$page = isset($page) ? max(1, intval($page)) : 1;
//处理页码变量
$offset = ($page - 1) * $pagesize;
//偏移量
$dataarray = $Table->getdata("{$offset},{$pagesize}", $wheresql);
//获取团购数据
}
//print_r($dataarray);
include template('member_guestbooklist');
//包含输出指定模板
}
}
if ($subdb1) {
foreach ($subdb1 as $value) {
$forum_L[] = $value;
}
}
if ($subdb2) {
foreach ($subdb2 as $value) {
$forum_L[] = $value;
}
}
$ajaxurl = EncodeUrl($basename);
} elseif ($action == 'editforum') {
InitGP(array('fidcommend'), 'P', 0);
InitGP(array('order'), 'P', 2);
$pwSQL = $forumDB = $fids = array();
$query = $db->query("SELECT fid,vieworder FROM pw_searchforum");
while ($rt = $db->fetch_array($query)) {
$forumDB[$rt['fid']]['fid'] = $rt['fid'];
$forumDB[$rt['fid']]['vieworder'] = (int) $rt['vieworder'];
$fids[] = $rt['fid'];
}
foreach ($fidcommend as $key => $value) {
//用于add|update
$vieworder = (int) $order[$key];
if (!S::inArray($key, $fids)) {
$addSQL[$key]['fid'] = $key;
$addSQL[$key]['vieworder'] = $vieworder;
} else {
if ($vieworder !== $forumDB[$key]['vieworder']) {
Showmsg('找不到专题数据,请您重试', $basename . "&job=stman");
}
$styles = $stopic_service->getStyles();
$bg_list = $stopic_service->getPicturesAndDefaultBGs($stopic_data['category_id']);
$bg_total = ceil(count($bg_list) / $bg_perpage);
include stopic_use_layout('admin');
} elseif ("edit" == $jobact) {
InitGP(array("stopic_id"), null, 2);
if ($stopic_id <= 0) {
Showmsg('参数错误,请您重试', "javascript:history.back();");
}
$stopic_data = $stopic_service->getSTopicInfoById($stopic_id);
if (null == $stopic_data) {
Showmsg('找不到专题数据,请您重试', "javascript:history.back();");
}
InitGP(array("stopic_title", "banner_url", "nav_set", "layout_set", "is_new_bg", "bg_id", "seo_keyword", "seo_desc"));
$title = trim($stopic_title);
if ("" == $title) {
Showmsg("对不起,请填写标题", "javascript:history.back();");
}
if ($is_new_bg) {
$bg_id = 0;
}
if ($is_new_bg && count($_FILES) && $_FILES["background"]["name"] && $_FILES["background"]["size"]) {
$new_bg_id = $stopic_service->uploadPicture($_FILES, $stopic_data['category_id'], $admin_name);
!$new_bg_id && Showmsg("对不起,背景图片增加失败", $stopic_admin_url);
$bg_id = $new_bg_id;
}
$stopic_service->updateSTopicById($stopic_id, array("title" => $title, "banner_url" => $banner_url, "nav_config" => stopic_filter_navconfig($nav_set), "layout_config" => $layout_set, "bg_id" => $bg_id, "seo_keyword" => $seo_keyword, "seo_desc" => $seo_desc));
ObHeader($basename . '&job=editstopic&stopic_id=' . $stopic_id);
} else {
<?php
!function_exists('adminmsg') && exit('Forbidden');
$basename = "{$admin_file}?adminjob=userpay";
if (!$_POST['action']) {
include_once D_P . 'data/bbscache/ol_config.php';
!$ol_paypalcode && ($ol_paypalcode = RandString('40'));
ifcheck($ol_onlinepay, 'onlinepay');
include PrintEot('userpay');
exit;
} else {
InitGP(array('userpay'), 'P');
!$userpay['ol_paypalcode'] && ($userpay['ol_paypalcode'] = RandString('40'));
foreach ($userpay as $key => $value) {
setConfig($key, $value);
}
updatecache_ol();
adminmsg('operate_success');
}
function RandString($len)
{
$rand = '1234567890qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM';
mt_srand((double) microtime() * 1000000);
for ($i = 0; $i < $len; $i++) {
$code .= $rand[mt_rand(0, strlen($rand))];
}
return $code;
}
!$pwpost->isGM && !pwRights($pwpost->isBM, 'deltpcs') && Showmsg('undefined_action');
$atcdb = $db->get_one('SELECT authorid,subject FROM pw_threads WHERE tid=' . pwEscape($tid) . ' AND fid=' . pwEscape($fid));
empty($atcdb) && Showmsg('illegal_tid');
if ($winduid != $atcdb['authorid'] && $groupid != 3 && $groupid != 4) {
$authordb = $db->get_one('SELECT groupid FROM pw_members WHERE uid=' . pwEscape($atcdb['authorid']));
if ($authordb['groupid'] == 3 || $authordb['groupid'] == 4) {
Showmsg('modify_admin');
}
}
if (empty($_POST['step'])) {
$atcdb['subject'] = str_replace(array("<", ">", "\t"), array('<', '>', ''), $atcdb['subject']);
echo "success\t" . $atcdb['subject'];
ajax_footer();
} else {
PostCheck();
InitGP(array('atc_content'), 'P');
!$atc_content && Showmsg('content_empty');
if (!$atc_content || strlen($atc_content) > $db_titlemax) {
Showmsg('postfunc_subject_limit');
}
$wordsfb = L::loadClass('FilterUtil');
if (($banword = $wordsfb->comprise($atc_content)) !== false) {
Showmsg('title_wordsfb');
}
$db->update('UPDATE pw_threads SET subject=' . pwEscape($atc_content) . ' WHERE tid=' . pwEscape($tid));
//临时修改,待改进
$threads = L::loadClass('Threads');
$threads->delThreads($tid);
$rt = $db->get_one('SELECT titlefont FROM pw_threads WHERE tid=' . pwEscape($tid));
if ($rt['titlefont']) {
$detail = explode("~", $rt['titlefont']);
<?php
include "../common.inc.php";
include "function_common.php";
InitGP(array("page", "action", "state", "value", "payid", "ids", "did", "delids"));
//初始化变量全局返回
$Table = new TableClass("admin", "adminid");
AjaxHead();
//禁止页面缓存
if (empty($action)) {
InitGP(array("type", "raction", "orderby", "orderway", "keywords"));
//初始化变量全局返回
if (!empty($type)) {
$wherestr[] = "type='{$type}'";
}
if (!empty($wherestr)) {
$wheresql = implode(' AND ', $wherestr);
}
//条件汇总
$orderway = $orderway == "desc" ? "desc" : "asc";
if (!empty($orderby)) {
$orderstr = "{$orderby} {$orderway}";
}
//获取当前页码
$total = $Table->getcount($wheresql);
//总信息数
$pagesize = 20;
//一页显示信息数
$page = isset($page) ? max(1, intval($page)) : 1;
//处理页码变量
$offset = ($page - 1) * $pagesize;
$id = $arr[$uid]['id'];
} elseif (isset($arr[$winduid]) && isset($arr[$uid])) {
if ($arr[$uid]['id'] == $arr[$winduid]['id']) {
Showmsg('userbinding_has');
} else {
$db->update("UPDATE pw_userbinding SET id=" . pwEscape($arr[$winduid]['id']) . ' WHERE id=' . pwEscape($arr[$uid]['id']));
$id = $arr[$winduid]['id'];
}
} else {
Showmsg('undefined_action');
}
$db->update("UPDATE pw_userbinding u LEFT JOIN pw_members m ON u.uid=m.uid SET m.userstatus=m.userstatus|(1<<11) WHERE u.id=" . pwEscape($id));
refreshto("profile.php?action=modify&info_type=binding", 'operate_success', 2, true);
} elseif ($_POST['step'] == '4') {
PostCheck();
InitGP(array('selid'));
if ($selid && is_array($selid)) {
$arr = array();
$query = $db->query("SELECT u2.uid FROM pw_userbinding u1 LEFT JOIN pw_userbinding u2 ON u1.id=u2.id WHERE u1.uid=" . pwEscape($winduid));
while ($rt = $db->fetch_array($query)) {
$arr[] = $rt['uid'];
}
if ($delarr = array_intersect($arr, $selid)) {
$db->update("DELETE FROM pw_userbinding WHERE uid IN(" . pwImplode($delarr) . ')');
$tmp = $delarr + array($winduid);
if (count(array_unique($tmp)) == count($arr)) {
$delarr = $tmp;
}
$db->update("UPDATE pw_members SET userstatus=userstatus&~(1<<11) WHERE uid IN (" . pwImplode($delarr) . ')');
}
}
InitGP(array('aid'));
$aid = (int) $aid;
empty($aid) && Showmsg('data_error');
require_once PrintEot('m_ajax');
ajax_footer();
} elseif ($a == 'createajax') {
define('AJAX', 1);
define('F_M', true);
banUser();
InitGP(array('job'));
require_once PrintEot('m_ajax');
ajax_footer();
} elseif ($a == 'getallowflash') {
define('AJAX', 1);
define('F_M', true);
InitGP(array('aid'));
$aid = (int) $aid;
if ($aid) {
$photonums = $db->get_value("SELECT photonum FROM pw_cnalbum WHERE atype='0' AND aid=" . pwEscape($aid));
$o_maxphotonum && $photonums >= $o_maxphotonum && Showmsg('colony_photofull');
if ($o_maxphotonum) {
$allowmutinum = $o_maxphotonum - $photonums;
} else {
$allowmutinum = 'infinite';
}
}
echo "ok\t{$allowmutinum}";
ajax_footer();
}
//require_once(M_P.'require/header.php');
if ($space == 1 && defined('F_M')) {
!$winduid && Showmsg('not_login');
@(include_once R_P . 'require/showimg.php');
@(include_once R_P . 'require/credit.php');
@(include_once R_P . 'lib/datanalyse.class.php');
@(include_once A_P . 'hot/lang/lang_o_hot.php');
@(include_once A_P . 'hot/lib/index.class.php');
if (!trim($o_hot_groups, ',') || strpos($o_hot_groups, ',' . $winddb[groupid] . ',') !== false || $winddb['groupid'] == -1 && strpos($o_hot_groups, ',' . $winddb['memberid'] . ',') !== false) {
$popedom = true;
} else {
$popedom = false;
}
!$o_hot_open && Showmsg('hot_close');
!$popedom && Showmsg('hot_popedom');
$datanalyse = new Datanalyse();
$hotDB = new HotDB($datanalyse);
InitGP(array('action', 'sub', 'fTime', 'fType'), 'GP');
$tabs = $hotDB->getTabs();
if (empty($action) || $action == "center") {
@(include_once R_P . 'lib/datanalysecache.class.php');
$datacache = new DatanalyseCache();
$disModules = $hotDB->getAllDisplayModules();
$md5key = md5(serialize($disModules));
$result = array();
if ($datacache->ifUpdateCache($md5key)) {
$parents = (array) $disModules['parent'];
$num = 1;
foreach ($parents as $key => $value) {
$rTop = array('tag' => $value['tag'], 'title' => $value['type_name']);
if ($disModules[$value['id']]) {
foreach ($disModules[$value['id']] as $k => $v) {
$fTime = $fType = '';
$postdata->setConvert($atc_convert, $atc_autourl);
$postdata->setAnonymous($atc_anonymous);
$postdata->setHideatt($atc_hideatt);
$postdata->setIconid($atc_iconid);
$postdata->setIfsign($atc_usesign, $atc_html);
$postdata->setHide($atc_hide);
$postdata->setEnhide($atc_requireenhide, $atc_rvrc, $atc_enhidetype);
$postdata->setSell($atc_requiresell, $atc_money, $atc_credittype);
if ($special && file_exists(R_P . "lib/special/post_{$special}.class.php")) {
require_once R_P . "lib/special/post_{$special}.class.php";
$postSpecial = new postSpecial($pwpost);
$postSpecial->modifyData($tid);
}
if ($postmodify->hasAtt()) {
InitGP(array('keep', 'oldatt_special', 'oldatt_needrvrc'), 'P', 2);
InitGP(array('oldatt_ctype', 'oldatt_desc'), 'P');
$postmodify->initAttachs($keep, $oldatt_special, $oldatt_needrvrc, $oldatt_ctype, $oldatt_desc);
}
require_once R_P . 'lib/upload/attupload.class.php';
if (PwUpload::getUploadNum() || $flashatt) {
$postdata->att = new AttUpload($winduid, $flashatt);
$postdata->att->check();
$postdata->att->transfer();
$postdata->att->setReplaceAtt($postmodify->replacedb);
PwUpload::upload($postdata->att);
}
$postmodify->execute($postdata);
if ($postSpecial) {
$postSpecial->updateData($tid);
}
if ($postTopic) {
require_once R_P . 'require/bbscode.php';
$topicdb['content'] = strip_tags(convert($topicdb['content'], $db_windpost));
$topicdb['content'] = substrs($topicdb['content'], 100, 'N');
$attimages = array();
$query = $db->query("SELECT attachurl,ifthumb FROM pw_attachs WHERE tid=" . pwEscape($topicdb['tid'], false) . " AND pid=0 AND type='img' LIMIT 4");
while ($rt = $db->fetch_array($query)) {
$a_url = geturl($rt['attachurl'], 'show', $rt['ifthumb']);
if ($a_url != 'nopic') {
$attimages[$rt['attachurl']] = is_array($a_url) ? $a_url[0] : $a_url;
}
}
$attimages = serialize($attimages);
$share['topic']['abstract'] = $topicdb['content'];
$share['topic']['imgs'] = $attimages;
} elseif ($type == 'reply') {
InitGP(array('tid'));
$pw_posts = GetPtable('N', $tid);
$replydb = $db->get_one("SELECT p.pid,p.tid,p.subject as psubject,p.author,p.authorid,p.postdate,p.content,t.subject as tsubject FROM {$pw_posts} p LEFT JOIN pw_threads t ON p.tid=t.tid WHERE p.pid=" . pwEscape($id));
empty($replydb) && Showmsg('data_error');
$link = $db_bbsurl . '/job.php?action=topost&tid=' . $tid . '&pid=' . $id;
$type = 'topic';
$share['topic']['subject'] = $replydb['psubject'] ? $replydb['psubject'] : 'Re:' . $replydb['tsubject'];
require_once R_P . 'require/bbscode.php';
$replydb['content'] = strip_tags(convert($replydb['content'], $db_windpost));
$replydb['content'] = substrs($replydb['content'], 100, 'N');
$attimages = array();
$query = $db->query("SELECT attachurl FROM pw_attachs WHERE uid=" . pwEscape($replydb['authorid'], false) . " AND pid=" . pwEscape($id, false) . " AND type='img' LIMIT 5");
while ($rt = $db->fetch_array($query)) {
$a_url = geturl($rt['attachurl'], 'show');
if ($a_url != 'nopic') {
$attimages[$rt['attachurl']] = is_array($a_url) ? $a_url[0] : $a_url;
<?php
!defined('P_W') && exit('Forbidden');
InitGP(array('keyword'));
require_once R_P . "lib/adminsearch.class.php";
$searchpurview = new AdminSearch($keyword);
$result = $searchpurview->search();
include PrintEot('search');
exit;
<?php
!defined('P_W') && exit('Forbidden');
define('AJAX', 1);
InitGP(array('category', 'title'));
$title = trim($title);
$category = intval($category);
$new_stopic_id = $stopic_service->addSTopic(array("title" => $title, "category_id" => $category));
echo $new_stopic_id ? "success\t" . $new_stopic_id : 'error';
ajax_footer();