function blog_post($POST, $olds=array()) {
global $_G, $space;
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_G['uid']) {
$isself = 0;
$__G = $_G;
$_G['uid'] = $olds['uid'];
$_G['username'] = addslashes($olds['username']);
}
$POST['subject'] = getstr(trim($POST['subject']), 80);
$POST['subject'] = censor($POST['subject']);
if(strlen($POST['subject'])<1) $POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d');
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
$uids = array();
$names = empty($_POST['target_names'])?array():explode(',', preg_replace("/(\s+)/s", ',', $_POST['target_names']));
if($names) {
$uids = C::t('common_member')->fetch_all_uid_by_username($names);
}
if(empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500);
$POST['tag'] = censor($POST['tag']);
$POST['message'] = checkhtml($POST['message']);
if($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
if(censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) {
$blog_status = 1;
} else {
$blog_status = 0;
}
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname);
$classname = censor($classname);
if(empty($classname)) {
$classid = 0;
} else {
$classid = C::t('home_class')->fetch_classid_by_uid_classname($_G['uid'], $classname);
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_G['uid'],
'dateline' => $_G['timestamp']
);
$classid = C::t('home_class')->insert($setarr, true);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
$query = C::t('home_class')->fetch($classid);
$classname = ($query['uid'] == $_G['uid']) ? $query['classname'] : '';
if(empty($classname)) $classid = 0;
}
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
'password' => $POST['password'],
'noreply' => empty($POST['noreply'])?0:1,
'catid' => intval($POST['catid']),
'status' => $blog_status,
);
$titlepic = '';
$uploads = array();
if(!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = C::t('home_pic')->fetch_all_by_uid($_G['uid'], 0, 0, $picids);
foreach($query as $value) {
if(empty($titlepic) && $value['thumb']) {
$titlepic = getimgthumbname($value['filepath']);
$blogarr['picflag'] = $value['remote']?2:1;
}
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$uploads[md5($picurl)] = $value;
}
if(empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote']?2:1;
}
}
if($uploads) {
$albumid = 0;
if($POST['savealbumid'] < 0 && !empty($POST['newalbum'])) {
$albumname = addslashes(dhtmlspecialchars(trim($POST['newalbum'])));
if(empty($albumname)) $albumname = dgmdate($_G['timestamp'],'Ymd');
$albumarr = array('albumname' => $albumname);
$albumid = album_creat($albumarr);
} else {
$albumid = $POST['savealbumid'] < 0 ? 0 : intval($POST['savealbumid']);
}
if($albumid) {
C::t('home_pic')->update_for_uid($_G['uid'], $picids, array('albumid' => $albumid));
album_update_pic($albumid);
}
preg_match_all("/\s*\<img src=\"(.+?)\".*?\>\s*/is", $message, $mathes);
if(!empty($mathes[1])) {
foreach ($mathes[1] as $key => $value) {
$urlmd5 = md5($value);
if(!empty($uploads[$urlmd5])) {
unset($uploads[$urlmd5]);
}
}
}
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
}
}
$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
if(empty($ckmessage)) {
return false;
}
if(checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if($olds['blogid']) {
if($blogarr['catid'] != $olds['catid']) {
if($olds['catid']) {
C::t('home_blog_category')->update_num_by_catid(-1, $olds['catid'], true, true);
}
if($blogarr['catid']) {
C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']);
}
}
$blogid = $olds['blogid'];
C::t('home_blog')->update($blogid, $blogarr);
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
if($blogarr['catid']) {
C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']);
}
$blogarr['uid'] = $_G['uid'];
$blogarr['username'] = $_G['username'];
$blogarr['dateline'] = empty($POST['dateline'])?$_G['timestamp']:$POST['dateline'];
$blogid = C::t('home_blog')->insert($blogarr, true);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp']));
C::t('common_member_field_home')->update($_G['uid'], array('recentnote'=>$POST['subject']));
}
$blogarr['blogid'] = $blogid;
$class_tag = new tag();
$POST['tag'] = $olds ? $class_tag->update_field($POST['tag'], $blogid, 'blogid') : $class_tag->add_tag($POST['tag'], $blogid, 'blogid');
$fieldarr = array(
'message' => $message,
'postip' => $_G['clientip'],
'target_ids' => $POST['target_ids'],
'tag' => $POST['tag']
);
if(!empty($titlepic)) {
$fieldarr['pic'] = $titlepic;
}
if($olds) {
C::t('home_blogfield')->update($blogid, $fieldarr);
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
C::t('home_blogfield')->insert($fieldarr);
}
if($isself && !$olds && $blog_status == 0) {
updatecreditbyaction('publishblog', 0, array('blogs' => 1));
include_once libfile('function/stat');
updatestat('blog');
}
if($olds['blogid'] && $blog_status == 1) {
updatecreditbyaction('publishblog', 0, array('blogs' => -1), '', -1);
include_once libfile('function/stat');
updatestat('blog');
}
if($POST['makefeed'] && $blog_status == 0) {
include_once libfile('function/feed');
feed_publish($blogid, 'blogid', $olds?0:1);
}
if(!empty($__G)) $_G = $__G;
if($blog_status == 1) {
updatemoderate('blogid', $blogid);
manage_addnotify('verifyblog');
}
return $blogarr;
}
function addportalarticlecomment($id, $message, $idtype = 'aid')
{
global $_G;
$id = intval($id);
if (empty($id)) {
return 'comment_comment_noexist';
}
$message = getstr($message, $_G['group']['allowcommentarticle'], 0, 0, 1, 0);
if (strlen($message) < 2) {
return 'content_is_too_short';
}
$idtype = in_array($idtype, array('aid', 'topicid')) ? $idtype : 'aid';
$tablename = $idtype == 'aid' ? 'portal_article_title' : 'portal_topic';
$data = C::t($tablename)->fetch($id);
if (empty($data)) {
return 'comment_comment_noexist';
}
if ($data['allowcomment'] != 1) {
return 'comment_comment_notallowed';
}
$message = censor($message);
if (censormod($message)) {
$comment_status = 1;
} else {
$comment_status = 0;
}
$setarr = array('uid' => $_G['uid'], 'username' => $_G['username'], 'id' => $id, 'idtype' => $idtype, 'postip' => $_G['clientip'], 'dateline' => $_G['timestamp'], 'status' => $comment_status, 'message' => $message);
$pcid = C::t('portal_comment')->insert($setarr, true);
if ($comment_status == 1) {
updatemoderate($idtype . '_cid', $pcid);
$notifykey = $idtype == 'aid' ? 'verifyacommont' : 'verifytopiccommont';
manage_addnotify($notifykey);
}
$tablename = $idtype == 'aid' ? 'portal_article_count' : 'portal_topic';
C::t($tablename)->increase($id, array('commentnum' => 1));
C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp']), 'UNBUFFERED');
if ($data['uid'] != $_G['uid']) {
updatecreditbyaction('portalcomment', 0, array(), $idtype . $id);
}
return 'do_success';
}
function threadmodstatus($string)
{
global $_G;
$postmodperiods = periodscheck('postmodperiods', 0);
if ($postmodperiods) {
$modnewthreads = $modnewreplies = 1;
} else {
$censormod = censormod($string);
$modnewthreads = (!$_G['group']['allowdirectpost'] || $_G['group']['allowdirectpost'] == 1) && $_G['forum']['modnewposts'] || $censormod ? 1 : 0;
$modnewreplies = (!$_G['group']['allowdirectpost'] || $_G['group']['allowdirectpost'] == 2) && $_G['forum']['modnewposts'] == 2 || $censormod ? 1 : 0;
if ($_G['forum']['status'] == 3) {
$modnewthreads = !$_G['group']['allowgroupdirectpost'] || $_G['group']['allowgroupdirectpost'] == 1 || $censormod ? 1 : 0;
$modnewreplies = !$_G['group']['allowgroupdirectpost'] || $_G['group']['allowgroupdirectpost'] == 2 || $censormod ? 1 : 0;
}
}
$_G['group']['allowposturl'] = $_G['forum']['status'] != 3 ? $_G['group']['allowposturl'] : $_G['group']['allowgroupposturl'];
if ($_G['group']['allowposturl'] == 1) {
if (!$postmodperiods) {
$censormod = censormod($string);
}
if ($censormod) {
$modnewthreads = $modnewreplies = 1;
}
}
return array($modnewthreads, $modnewreplies);
}
}
cknewuser();
$waittime = interval_check('post');
if ($waittime > 0) {
showmessage('operating_too_fast', '', array('waittime' => $waittime));
}
$message = getstr($_POST['message'], 200, 0, 0, 1);
$message = preg_replace("/\\<br.*?\\>/i", ' ', $message);
if (strlen($message) < 1) {
showmessage('should_write_that');
}
$message = censor($message, NULL, TRUE);
if (is_array($message) && $message['message']) {
showmessage('do_success', dreferer(), array('message' => $message['message']));
}
if (censormod($message) || $_G['group']['allowdoingmod']) {
$doing_status = 1;
} else {
$doing_status = 0;
}
$setarr = array('uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'message' => $message, 'ip' => $_G['clientip'], 'port' => $_G['remoteport'], 'status' => $doing_status);
$newdoid = C::t('home_doing')->insert($setarr, 1);
$setarr = array('recentnote' => $message, 'spacenote' => $message);
$credit = $experience = 0;
$extrasql = array('doings' => 1);
updatecreditbyaction('doing', 0, $extrasql);
C::t('common_member_field_home')->update($_G['uid'], $setarr);
if ($_POST['to_signhtml'] && $_G['group']['maxsigsize']) {
if ($_G['group']['maxsigsize'] < 200) {
$signhtml = getstr($_POST['message'], $_G['group']['maxsigsize'], 0, 0, 1);
$signhtml = preg_replace("/\\<br.*?\\>/i", ' ', $signhtml);
function addportalarticlecomment($id, $message, $idtype = 'aid')
{
global $_G;
$id = intval($id);
if (empty($id)) {
return 'comment_comment_noexist';
}
$message = getstr($message, $_G['group']['allowcommentarticle'], 1, 1, 1, 0);
if (strlen($message) < 2) {
return 'content_is_too_short';
}
$idtype = in_array($idtype, array('aid', 'topicid')) ? $idtype : 'aid';
$tablename = $idtype == 'aid' ? 'portal_article_title' : 'portal_topic';
$data = DB::fetch_first("SELECT uid,allowcomment FROM " . DB::table($tablename) . " WHERE {$idtype}='{$id}'");
if (empty($data)) {
return 'comment_comment_noexist';
}
if ($data['allowcomment'] != 1) {
return 'comment_comment_notallowed';
}
$message = censor($message);
if (censormod($message)) {
$comment_status = 1;
} else {
$comment_status = 0;
}
$setarr = array('uid' => $_G['uid'], 'username' => $_G['username'], 'id' => $id, 'idtype' => $idtype, 'postip' => $_G['onlineip'], 'dateline' => $_G['timestamp'], 'status' => $comment_status, 'message' => $message);
$pcid = DB::insert('portal_comment', $setarr, true);
if ($comment_status == 1) {
updatemoderate($idtype . '_cid', $pcid);
$notifykey = $idtype == 'aid' ? 'verifyacommont' : 'verifytopiccommont';
manage_addnotify($notifykey);
}
$tablename = $idtype == 'aid' ? 'portal_article_count' : 'portal_topic';
DB::query("UPDATE " . DB::table($tablename) . " SET commentnum=commentnum+1 WHERE {$idtype}='{$id}'");
DB::update('common_member_status', array('lastpost' => $_G['timestamp']), array('uid' => $_G['uid']));
if ($data['uid'] != $_G['uid']) {
updatecreditbyaction('portalcomment', 0, array(), $idtype . $id);
}
return 'do_success';
}
C::t('portal_category')->update($setarr['catid'], array('lastpublish' => TIMESTAMP));
C::t('portal_article_count')->insert(array('aid' => $aid, 'catid' => $setarr['catid'], 'viewnum' => 1));
} else {
if ($htmlname && $article['htmlname'] !== $htmlname) {
$setarr['htmlname'] = $htmlname;
$oldarticlename = $article['htmldir'] . $article['htmlname'];
unlink($oldarticlename . '.' . $_G['setting']['makehtml']['extendname']);
for ($i = 1; $i < $article['contents']; $i++) {
unlink($oldarticlename . $i . '.' . $_G['setting']['makehtml']['extendname']);
}
}
C::t('portal_article_title')->update($aid, $setarr);
}
$content = getstr($_POST['content'], 0, 0, 0, 0, 1);
$content = censor($content);
if (censormod($content) || $_G['group']['allowpostarticlemod']) {
$article_status = 1;
} else {
$article_status = 0;
}
$regexp = '/(\\<strong\\>##########NextPage(\\[title=(.*?)\\])?##########\\<\\/strong\\>)+/is';
preg_match_all($regexp, $content, $arr);
$pagetitle = !empty($arr[3]) ? $arr[3] : array();
$pagetitle = array_map('trim', $pagetitle);
array_unshift($pagetitle, $_POST['pagetitle']);
$contents = preg_split($regexp, $content);
$cpostcount = count($contents);
$dbcontents = C::t('portal_article_content')->fetch_all($aid);
$pagecount = $cdbcount = count($dbcontents);
if ($cdbcount > $cpostcount) {
$cdelete = array();
/**
*
* 在 DISCUZ_ROOT/source/function_spacecp.php 基础上做了改动
*
* @author HanPengyu
* @copyright 2012-2014 Appbyme
*/
function mobcent_pic_save($FILE, $albumid, $title, $iswatermark = true, $catid = 0)
{
global $_G, $space;
if ($albumid < 0) {
$albumid = 0;
}
$allowpictype = array('jpg', 'jpeg', 'gif', 'png');
$upload = new discuz_upload();
$upload->init($FILE, 'album');
if ($upload->error()) {
return lang('spacecp', 'lack_of_access_to_upload_file_size');
}
if (!$upload->attach['isimage']) {
return lang('spacecp', 'only_allows_upload_file_types');
}
$oldgid = $_G['groupid'];
if (empty($space)) {
$_G['member'] = $space = getuserbyuid($_G['uid']);
$_G['username'] = $space['username'];
$_G['groupid'] = $space['groupid'];
}
$_G['member'] = $space;
loadcache('usergroup_' . $space['groupid'], $oldgid != $_G['groupid'] ? true : false);
$_G['group'] = $_G['cache']['usergroup_' . $space['groupid']];
if (!checkperm('allowupload')) {
return lang('spacecp', 'not_allow_upload');
}
if (!cknewuser(1)) {
if ($_G['setting']['newbiespan'] && $_G['timestamp'] - $_G['member']['regdate'] < $_G['setting']['newbiespan'] * 60) {
return lang('message', 'no_privilege_newbiespan', array('newbiespan' => $_G['setting']['newbiespan']));
}
if ($_G['setting']['need_avatar'] && empty($_G['member']['avatarstatus'])) {
return lang('message', 'no_privilege_avatar');
}
if ($_G['setting']['need_email'] && empty($_G['member']['emailstatus'])) {
return lang('message', 'no_privilege_email');
}
if ($_G['setting']['need_friendnum']) {
space_merge($_G['member'], 'count');
if ($_G['member']['friends'] < $_G['setting']['need_friendnum']) {
return lang('message', 'no_privilege_friendnum', array('friendnum' => $_G['setting']['need_friendnum']));
}
}
}
if ($_G['group']['maximagesize'] && $upload->attach['size'] > $_G['group']['maximagesize']) {
return lang('spacecp', 'files_can_not_exceed_size', array('extend' => $upload->attach['ext'], 'size' => sizecount($_G['group']['maximagesize'])));
}
$maxspacesize = checkperm('maxspacesize');
if ($maxspacesize) {
space_merge($space, 'count');
space_merge($space, 'field_home');
if ($space['attachsize'] + $upload->attach['size'] > $maxspacesize + $space['addsize'] * 1024 * 1024) {
return lang('spacecp', 'inadequate_capacity_space');
}
}
$showtip = true;
$albumfriend = 0;
if ($albumid) {
$catid = intval($catid);
$albumid = album_creat_by_id($albumid, $catid);
} else {
$albumid = 0;
$showtip = false;
}
$upload->save();
if ($upload->error()) {
return lang('spacecp', 'mobile_picture_temporary_failure');
}
if (!$upload->attach['imageinfo'] || !in_array($upload->attach['imageinfo']['2'], array(1, 2, 3, 6))) {
@unlink($upload->attach['target']);
return lang('spacecp', 'only_allows_upload_file_types');
}
$new_name = $upload->attach['target'];
require_once libfile('class/image');
$image = new image();
$result = $image->Thumb($new_name, '', 140, 140, 1);
$thumb = empty($result) ? 0 : 1;
if ($_G['setting']['maxthumbwidth'] && $_G['setting']['maxthumbheight']) {
if ($_G['setting']['maxthumbwidth'] < 300) {
$_G['setting']['maxthumbwidth'] = 300;
}
if ($_G['setting']['maxthumbheight'] < 300) {
$_G['setting']['maxthumbheight'] = 300;
}
$image->Thumb($new_name, '', $_G['setting']['maxthumbwidth'], $_G['setting']['maxthumbheight'], 1, 1);
}
// 支持客户端上传相册水印 Author:HanPengyu Data:2014/12/04
Yii::import('application.components.discuz.source.class.class_image', true);
$image = new Mobcent_Image();
$image->makeWatermark($new_name, '', 'album');
// if ($iswatermark) {
// $image->Watermark($new_name, '', 'album');
// }
$pic_remote = 0;
$album_picflag = 1;
if (getglobal('setting/ftp/on')) {
$ftpresult_thumb = 0;
$ftpresult = ftpcmd('upload', 'album/' . $upload->attach['attachment']);
if ($ftpresult) {
@unlink($_G['setting']['attachdir'] . 'album/' . $upload->attach['attachment']);
if ($thumb) {
$thumbpath = getimgthumbname($upload->attach['attachment']);
ftpcmd('upload', 'album/' . $thumbpath);
@unlink($_G['setting']['attachdir'] . 'album/' . $thumbpath);
}
$pic_remote = 1;
$album_picflag = 2;
} else {
if (getglobal('setting/ftp/mirror')) {
@unlink($upload->attach['target']);
@unlink(getimgthumbname($upload->attach['target']));
return lang('spacecp', 'ftp_upload_file_size');
}
}
}
$title = getstr($title, 200);
$title = censor($title);
if (censormod($title) || $_G['group']['allowuploadmod']) {
$pic_status = 1;
} else {
$pic_status = 0;
}
$setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => addslashes($upload->attach['name']), 'postip' => $_G['clientip'], 'title' => $title, 'type' => addslashes($upload->attach['ext']), 'size' => $upload->attach['size'], 'filepath' => $upload->attach['attachment'], 'thumb' => $thumb, 'remote' => $pic_remote, 'status' => $pic_status);
$setarr['picid'] = C::t('home_pic')->insert($setarr, 1);
C::t('common_member_count')->increase($_G['uid'], array('attachsize' => $upload->attach['size']));
include_once libfile('function/stat');
if ($pic_status) {
updatemoderate('picid', $setarr['picid']);
}
updatestat('pic');
return $setarr;
}
$group_recommend = unserialize($_G['setting']['group_recommend']);
if ($group_recommend[$_G['fid']]) {
$group_recommend[$_G['fid']]['icon'] = get_groupimg($iconnew);
DB::query("UPDATE " . DB::table('common_setting') . " SET svalue = '" . serialize($group_recommend) . "' WHERE skey = 'group_recommend' LIMIT 1");
include libfile('function/cache');
updatecache('setting');
}
}
if ($bannernew && empty($deletebanner)) {
$iconsql .= ", banner='{$bannernew}'";
} elseif ($deletebanner) {
$iconsql .= ", banner=''";
@unlink($_G['forum']['banner']);
}
$_G['gp_descriptionnew'] = nl2br(dhtmlspecialchars(censor(trim($_G['gp_descriptionnew']))));
$censormod = censormod($_G['gp_descriptionnew']);
if ($censormod) {
showmessage('group_description_failed');
}
$_G['gp_jointypenew'] = intval($_G['gp_jointypenew']);
if ($_G['gp_jointypenew'] == '-1' && $_G['uid'] != $_G['forum']['founderuid']) {
showmessage('group_close_only_founder');
}
$_G['gp_gviewpermnew'] = intval($_G['gp_gviewpermnew']);
DB::query("UPDATE " . DB::table('forum_forumfield') . " SET description='{$_G['gp_descriptionnew']}', jointype='{$_G['gp_jointypenew']}', gviewperm='{$_G['gp_gviewpermnew']}'{$iconsql} WHERE fid='{$_G['fid']}'");
showmessage('group_setup_succeed', $url);
} else {
$firstgid = $_G['cache']['grouptype']['second'][$_G['forum']['fup']]['fup'];
$groupselect = get_groupselect($firstgid, $_G['forum']['fup']);
$gviewpermselect = $jointypeselect = array('', '', '');
$_G['forum']['descriptionnew'] = str_replace("<br />", '', $_G['forum']['description']);
showmessage('content_is_too_short', '', array(), array('return' => true));
}
include_once libfile('class/bbcode');
$bbcode =& bbcode::instance();
require_once libfile('function/comment');
$cidarr = add_comment($message, $currentid, $currenttype, 0);
if ($cidarr['cid']) {
$magvalues['cid'] = $cidarr['cid'];
$magvalues['id'] = $currentid;
}
}
$magvalues['type'] = $commentcable[$type];
}
$arr['body_general'] = getstr($_POST['general'], 150, 1, 1, 1);
$arr['body_general'] = censor($arr['body_general']);
if (censormod($arr['body_general']) || $_G['group']['allowsharemod']) {
$arr['status'] = 1;
} else {
$arr['status'] = 0;
}
$arr['type'] = $type;
$arr['uid'] = $_G['uid'];
$arr['username'] = $_G['username'];
$arr['dateline'] = $_G['timestamp'];
if ($arr['status'] == 0 && ckprivacy('share', 'feed')) {
require_once libfile('function/feed');
feed_add('share', '{actor} ' . $arr['title_template'], array('hash_data' => $feed_hash_data), $arr['body_template'], $arr['body_data'], $arr['body_general'], array($arr['image']), array($arr['image_link']));
}
$arr['body_data'] = serialize($arr['body_data']);
$setarr = daddslashes($arr);
$sid = DB::insert('home_share', $setarr, 1);
function add_comment($message, $id, $idtype, $cid = 0)
{
global $_G, $bbcode;
$allowcomment = false;
switch ($idtype) {
case 'uid':
$allowcomment = helper_access::check_module('wall');
break;
case 'picid':
$allowcomment = helper_access::check_module('album');
break;
case 'blogid':
$allowcomment = helper_access::check_module('blog');
break;
case 'sid':
$allowcomment = helper_access::check_module('share');
break;
}
if (!$allowcomment) {
showmessage('quickclear_noperm');
}
$summay = getstr($message, 150, 0, 0, 0, -1);
$comment = array();
if ($cid) {
$comment = C::t('home_comment')->fetch_by_id_idtype($id, $idtype, $cid);
if ($comment && $comment['authorid'] != $_G['uid']) {
$comment['message'] = preg_replace("/\\<div class=\"quote\"\\>\\<blockquote\\>.*?\\<\\/blockquote\\>\\<\\/div\\>/is", '', $comment['message']);
$comment['message'] = $bbcode->html2bbcode($comment['message']);
$message = "<div class=\"quote\"><blockquote><b>" . $comment['author'] . "</b>: " . getstr($comment['message'], 150, 0, 0, 2, 1) . '</blockquote></div>' . $message;
if ($comment['idtype'] == 'uid') {
$id = $comment['authorid'];
}
} else {
$comment = array();
}
}
$hotarr = array();
$stattype = '';
$tospace = $pic = $blog = $album = $share = $poll = array();
switch ($idtype) {
case 'uid':
$tospace = getuserbyuid($id);
$stattype = 'wall';
break;
case 'picid':
$pic = C::t('home_pic')->fetch($id);
if (empty($pic)) {
showmessage('view_images_do_not_exist');
}
$picfield = C::t('home_picfield')->fetch($id);
$pic['hotuser'] = $picfield['hotuser'];
$tospace = getuserbyuid($pic['uid']);
$album = array();
if ($pic['albumid']) {
$query = C::t('home_album')->fetch($pic['albumid']);
if (!$query['albumid']) {
C::t('home_pic')->update_for_albumid($albumid, array('albumid' => 0));
}
}
if (!ckfriend($album['uid'], $album['friend'], $album['target_ids'])) {
showmessage('no_privilege_ckfriend_pic');
} elseif (!$tospace['self'] && $album['friend'] == 4) {
$cookiename = "view_pwd_album_{$album['albumid']}";
$cookievalue = empty($_G['cookie'][$cookiename]) ? '' : $_G['cookie'][$cookiename];
if ($cookievalue != md5(md5($album['password']))) {
showmessage('no_privilege_ckpassword_pic');
}
}
$hotarr = array('picid', $pic['picid'], $pic['hotuser']);
$stattype = 'piccomment';
break;
case 'blogid':
$blog = array_merge(C::t('home_blog')->fetch($id), C::t('home_blogfield')->fetch_targetids_by_blogid($id));
if (empty($blog)) {
showmessage('view_to_info_did_not_exist');
}
$tospace = getuserbyuid($blog['uid']);
if (!ckfriend($blog['uid'], $blog['friend'], $blog['target_ids'])) {
showmessage('no_privilege_ckfriend_blog');
} elseif (!$tospace['self'] && $blog['friend'] == 4) {
$cookiename = "view_pwd_blog_{$blog['blogid']}";
$cookievalue = empty($_G['cookie'][$cookiename]) ? '' : $_G['cookie'][$cookiename];
if ($cookievalue != md5(md5($blog['password']))) {
showmessage('no_privilege_ckpassword_blog');
}
}
if (!empty($blog['noreply'])) {
showmessage('do_not_accept_comments');
}
if ($blog['target_ids']) {
$blog['target_ids'] .= ",{$blog['uid']}";
}
$hotarr = array('blogid', $blog['blogid'], $blog['hotuser']);
$stattype = 'blogcomment';
break;
case 'sid':
$share = C::t('home_share')->fetch($id);
if (empty($share)) {
showmessage('sharing_does_not_exist');
}
$tospace = getuserbyuid($share['uid']);
$hotarr = array('sid', $share['sid'], $share['hotuser']);
$stattype = 'sharecomment';
break;
default:
showmessage('non_normal_operation');
break;
}
if (empty($tospace)) {
showmessage('space_does_not_exist', '', array(), array('return' => true));
}
if (isblacklist($tospace['uid'])) {
showmessage('is_blacklist');
}
if ($hotarr && $tospace['uid'] != $_G['uid']) {
hot_update($hotarr[0], $hotarr[1], $hotarr[2]);
}
$fs = array();
$fs['icon'] = 'comment';
$fs['target_ids'] = '';
$fs['friend'] = '';
$fs['body_template'] = '';
$fs['body_data'] = array();
$fs['body_general'] = '';
$fs['images'] = array();
$fs['image_links'] = array();
switch ($idtype) {
case 'uid':
$fs['icon'] = 'wall';
$fs['title_template'] = 'feed_comment_space';
$fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">{$tospace['username']}</a>");
break;
case 'picid':
$fs['title_template'] = 'feed_comment_image';
$fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">" . $tospace['username'] . "</a>");
$fs['body_template'] = '{pic_title}';
$fs['body_data'] = array('pic_title' => $pic['title']);
$fs['body_general'] = $summay;
$fs['images'] = array(pic_get($pic['filepath'], 'album', $pic['thumb'], $pic['remote']));
$fs['image_links'] = array("home.php?mod=space&uid={$tospace['uid']}&do=album&picid={$pic['picid']}");
$fs['target_ids'] = $album['target_ids'];
$fs['friend'] = $album['friend'];
break;
case 'blogid':
C::t('home_blog')->increase($id, 0, array('replynum' => 1));
$fs['title_template'] = 'feed_comment_blog';
$fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">" . $tospace['username'] . "</a>", 'blog' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}&do=blog&id={$id}\">{$blog['subject']}</a>");
$fs['target_ids'] = $blog['target_ids'];
$fs['friend'] = $blog['friend'];
break;
case 'sid':
$fs['title_template'] = 'feed_comment_share';
$fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">" . $tospace['username'] . "</a>", 'share' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}&do=share&id={$id}\">" . str_replace(lang('spacecp', 'share_action'), '', $share['title_template']) . "</a>");
break;
}
$message = censor($message);
if (censormod($message)) {
$comment_status = 1;
} else {
$comment_status = 0;
}
$setarr = array('uid' => $tospace['uid'], 'id' => $id, 'idtype' => $idtype, 'authorid' => $_G['uid'], 'author' => $_G['username'], 'dateline' => $_G['timestamp'], 'message' => $message, 'ip' => $_G['clientip'], 'port' => $_G['remoteport'], 'status' => $comment_status);
$cid = C::t('home_comment')->insert($setarr, true);
$action = 'comment';
$becomment = 'getcomment';
$note = $q_note = '';
$note_values = $q_values = array();
switch ($idtype) {
case 'uid':
$n_url = "home.php?mod=space&uid={$tospace['uid']}&do=wall&cid={$cid}";
$note_type = 'wall';
$note = 'wall';
$note_values = array('url' => $n_url);
$q_note = 'wall_reply';
$q_values = array('url' => $n_url);
if ($comment) {
$msg = 'note_wall_reply_success';
$magvalues = array('username' => $tospace['username']);
$becomment = '';
} else {
$msg = 'do_success';
$magvalues = array();
$becomment = 'getguestbook';
}
$action = 'guestbook';
break;
case 'picid':
$n_url = "home.php?mod=space&uid={$tospace['uid']}&do=album&picid={$id}&cid={$cid}";
$note_type = 'comment';
$note = 'pic_comment';
$note_values = array('url' => $n_url);
$q_note = 'pic_comment_reply';
$q_values = array('url' => $n_url);
$msg = 'do_success';
$magvalues = array();
break;
case 'blogid':
$n_url = "home.php?mod=space&uid={$tospace['uid']}&do=blog&id={$id}&cid={$cid}";
$note_type = 'comment';
$note = 'blog_comment';
$note_values = array('url' => $n_url, 'subject' => $blog['subject']);
$q_note = 'blog_comment_reply';
$q_values = array('url' => $n_url);
$msg = 'do_success';
$magvalues = array();
break;
case 'sid':
$n_url = "home.php?mod=space&uid={$tospace['uid']}&do=share&id={$id}&cid={$cid}";
$note_type = 'comment';
$note = 'share_comment';
$note_values = array('url' => $n_url);
$q_note = 'share_comment_reply';
$q_values = array('url' => $n_url);
$msg = 'do_success';
$magvalues = array();
break;
}
if (empty($comment)) {
if ($tospace['uid'] != $_G['uid']) {
if (ckprivacy('comment', 'feed')) {
require_once libfile('function/feed');
$fs['title_data']['hash_data'] = "{$idtype}{$id}";
feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general'], $fs['images'], $fs['image_links'], $fs['target_ids'], $fs['friend']);
}
$note_values['from_id'] = $id;
$note_values['from_idtype'] = $idtype;
$note_values['url'] .= "&goto=new#comment_{$cid}_li";
notification_add($tospace['uid'], $note_type, $note, $note_values);
}
} elseif ($comment['authorid'] != $_G['uid']) {
notification_add($comment['authorid'], $note_type, $q_note, $q_values);
}
if ($comment_status == 1) {
updatemoderate($idtype . '_cid', $cid);
manage_addnotify('verifycommontes');
}
if ($stattype) {
include_once libfile('function/stat');
updatestat($stattype);
}
if ($tospace['uid'] != $_G['uid']) {
$needle = $id;
if ($idtype != 'uid') {
$needle = $idtype . $id;
} else {
$needle = $tospace['uid'];
}
updatecreditbyaction($action, 0, array(), $needle);
if ($becomment) {
if ($idtype == 'uid') {
$needle = $_G['uid'];
}
updatecreditbyaction($becomment, $tospace['uid'], array(), $needle);
}
}
C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp']), 'UNBUFFERED');
$magvalues['cid'] = $cid;
return array('cid' => $cid, 'msg' => $msg, 'magvalues' => $magvalues);
}
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false)
{
global $_G, $space;
if ($albumid < 0) {
$albumid = 0;
}
$allowPicType = array('jpg', 'jpeg', 'gif', 'png');
if (!in_array($fileext, $allowPicType)) {
return -3;
}
$setarr = array();
$upload = new discuz_upload();
$filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext;
$newfilename = $_G['setting']['attachdir'] . './album/' . $filepath;
if ($handle = fopen($newfilename, 'wb')) {
if (fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
if (empty($space)) {
$_G['member'] = $space = getuserbyuid($_G['uid']);
$_G['username'] = $space['username'];
}
$_G['member'] = $space;
loadcache('usergroup_' . $space['groupid']);
$_G['group'] = $_G['cache']['usergroup_' . $space['groupid']];
$maxspacesize = checkperm('maxspacesize');
if ($maxspacesize) {
space_merge($space, 'count');
space_merge($space, 'field_home');
if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize'] * 1024 * 1024) {
@unlink($newfilename);
return -1;
}
}
if (!$upload->get_image_info($newfilename)) {
@unlink($newfilename);
return -2;
}
require_once libfile('class/image');
$image = new image();
$result = $image->Thumb($newfilename, NULL, 140, 140, 1);
$thumb = empty($result) ? 0 : 1;
$image->Watermark($newfilename);
$pic_remote = 0;
$album_picflag = 1;
if (getglobal('setting/ftp/on')) {
$ftpresult_thumb = 0;
$ftpresult = ftpcmd('upload', 'album/' . $filepath);
if ($ftpresult) {
@unlink($_G['setting']['attachdir'] . 'album/' . $filepath);
if ($thumb) {
$thumbpath = getimgthumbname($filepath);
ftpcmd('upload', 'album/' . $thumbpath);
@unlink($_G['setting']['attachdir'] . 'album/' . $thumbpath);
}
$pic_remote = 1;
$album_picflag = 2;
} else {
if (getglobal('setting/ftp/mirror')) {
@unlink($newfilename);
@unlink(getimgthumbname($newfilename));
return -3;
}
}
}
$filename = $name ? $name : substr(strrchr($filepath, '/'), 1);
$title = getstr($title, 200);
$title = censor($title);
if (censormod($title) || $_G['group']['allowuploadmod']) {
$pic_status = 1;
} else {
$pic_status = 0;
}
if ($albumid) {
$albumid = album_creat_by_id($albumid);
} else {
$albumid = 0;
}
$setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote, 'status' => $pic_status);
$setarr['picid'] = C::t('home_pic')->insert($setarr, 1);
C::t('common_member_count')->increase($_G['uid'], array('attachsize' => $size));
include_once libfile('function/stat');
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
function blog_post($POST, $olds = array())
{
global $_G, $space;
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_G['uid']) {
$isself = 0;
$__G = $_G;
$_G['uid'] = $olds['uid'];
$_G['username'] = addslashes($olds['username']);
}
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1);
$POST['subject'] = censor($POST['subject']);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(',', preg_replace("/(\\s+)/s", ',', $_POST['target_names']));
if ($names) {
$query = DB::query("SELECT uid FROM " . DB::table('common_member') . " WHERE username IN (" . dimplode($names) . ")");
while ($value = DB::fetch($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1);
$POST['tag'] = censor($POST['tag']);
if ($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 0, 1);
$POST['message'] = censor($POST['message']);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
if (censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) {
$blog_status = 1;
} else {
$blog_status = 0;
}
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1);
$classname = censor($classname);
if (empty($classname)) {
$classid = 0;
} else {
$classid = DB::result(DB::query("SELECT classid FROM " . DB::table('home_class') . " WHERE uid='{$_G['uid']}' AND classname='{$classname}'"));
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_G['uid'], 'dateline' => $_G['timestamp']);
$classid = DB::insert('home_class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
$classname = DB::result(DB::query("SELECT classname FROM " . DB::table('home_class') . " WHERE classid='{$classid}' AND uid='{$_G['uid']}'"));
if (empty($classname)) {
$classid = 0;
}
}
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($POST['noreply']) ? 0 : 1, 'catid' => intval($POST['catid']), 'status' => $blog_status);
$titlepic = '';
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = DB::query("SELECT * FROM " . DB::table('home_pic') . " WHERE picid IN (" . dimplode($picids) . ") AND uid='{$_G['uid']}'");
while ($value = DB::fetch($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
}
if ($uploads) {
preg_match_all("/\\[imgid\\=(\\d+)\\]/i", $message, $mathes);
if (!empty($mathes[1])) {
$searchs = $replaces = array();
foreach ($mathes[1] as $key => $value) {
if (!empty($uploads[$value])) {
$picurl = pic_get($uploads[$value]['filepath'], 'album', $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
$searchs[] = "[imgid={$value}]";
$replaces[] = "<img src=\"{$picurl}\">";
unset($uploads[$value]);
}
}
if ($searchs) {
$message = str_replace($searchs, $replaces, $message);
}
}
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>";
}
}
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
$message = addslashes($message);
if (empty($titlepic) && empty($olds)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
if (checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if ($olds['blogid']) {
if ($blogarr['catid'] != $olds['catid']) {
if ($olds['catid']) {
DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num-1 WHERE catid='{$olds['catid']}' AND num>0");
}
if ($blogarr['catid']) {
DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num+1 WHERE catid='{$blogarr['catid']}'");
}
}
$blogid = $olds['blogid'];
DB::update('home_blog', $blogarr, array('blogid' => $blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
if ($blogarr['catid']) {
DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num+1 WHERE catid='{$blogarr['catid']}'");
}
$blogarr['uid'] = $_G['uid'];
$blogarr['username'] = $_G['username'];
$blogarr['dateline'] = empty($POST['dateline']) ? $_G['timestamp'] : $POST['dateline'];
$blogid = DB::insert('home_blog', $blogarr, 1);
DB::update('common_member_status', array('lastpost' => $_G['timestamp']), array('uid' => $_G['uid']));
DB::update('common_member_field_home', array('recentnote' => $POST['subject']), array('uid' => $_G['uid']));
}
$blogarr['blogid'] = $blogid;
$fieldarr = array('message' => $message, 'postip' => $_G['clientip'], 'target_ids' => $POST['target_ids'], 'tag' => $POST['tag']);
if (!empty($titlepic)) {
$fieldarr['pic'] = $titlepic;
}
if ($olds) {
DB::update('home_blogfield', $fieldarr, array('blogid' => $blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
DB::insert('home_blogfield', $fieldarr);
}
if ($isself && !$olds && $blog_status == 0) {
updatecreditbyaction('publishblog', 0, array('blogs' => 1));
include_once libfile('function/stat');
updatestat('blog');
}
if ($POST['makefeed'] && $blog_status == 0) {
include_once libfile('function/feed');
feed_publish($blogid, 'blogid', $olds ? 0 : 1);
}
if (!empty($__G)) {
$_G = $__G;
}
return $blogarr;
}
$startorder = $pageorder - 1;
$pageorder = DB::result(DB::query("SELECT pageorder FROM " . DB::table('portal_article_content') . " WHERE aid='{$aid}' ORDER BY pageorder LIMIT {$startorder}, 1"), 0);
if ($article_content && $article_content['pageorder'] == $pageorder) {
$content_count = $content_count - 1;
}
if ($content_count > 0) {
DB::query('UPDATE ' . DB::table('portal_article_content') . " SET pageorder = pageorder+{$content_count} WHERE aid='{$aid}' AND pageorder>='{$pageorder}'");
}
} else {
$pageorder = DB::result(DB::query("SELECT MAX(pageorder) FROM " . DB::table('portal_article_content') . " WHERE aid='{$aid}'"), 0);
$pageorder = $pageorder + 1;
}
if ($article_content) {
$setarr = array('content' => trim($contents[0]), 'pageorder' => $pageorder, 'dateline' => $_G['timestamp']);
DB::update('portal_article_content', $setarr, array('cid' => $cid));
if (censormod($contents[0])) {
DB::update('portal_article_title', array('status' => 1), array('aid' => $aid));
}
unset($contents[0]);
}
if ($contents) {
$inserts = array();
foreach ($contents as $key => $value) {
$value = trim($value);
$inserts[] = "('{$aid}', '{$value}', '" . ($pageorder + $key) . "', '{$_G['timestamp']}', '{$id}', '{$idtype}')";
}
DB::query("INSERT INTO " . DB::table('portal_article_content') . "\r\n\t\t\t(aid, content, pageorder, dateline, id, idtype)\r\n\t\t\tVALUES " . implode(',', $inserts));
DB::query('UPDATE ' . DB::table('portal_article_title') . " SET status = '{$article_status}', contents = contents+" . count($inserts) . " WHERE aid='{$aid}'");
}
$newaids = array();
$_POST['attach_ids'] = explode(',', $_POST['attach_ids']);
if (censormod($title)) {
$pic_status = 1;
} else {
$pic_status = 0;
}
$wherearr = array('picid' => $picid);
if (!$managealbum) {
$wherearr['uid'] = $_G['uid'];
}
DB::update('home_pic', array('title' => $title, 'status' => $pic_status), $wherearr);
}
} elseif ($_GET['subop'] == 'move') {
foreach ($_POST['title'] as $picid => $value) {
$title = getstr($value, 150, 1, 1);
$title = censor($title);
if (censormod($title)) {
$pic_status = 1;
} else {
$pic_status = 0;
}
$wherearr = array('picid' => $picid);
if (!$managealbum) {
$wherearr['uid'] = $_G['uid'];
}
DB::update('home_pic', array('title' => $title, 'status' => $pic_status), $wherearr);
}
if ($_POST['ids']) {
$plussql = $managealbum ? '' : "AND uid='{$_G['uid']}'";
$_POST['newalbumid'] = intval($_POST['newalbumid']);
if ($_POST['newalbumid']) {
$query = DB::query("SELECT albumid FROM " . DB::table('home_album') . " WHERE albumid='{$_POST['newalbumid']}' {$plussql}");
}
if ($album['uid'] != $_G['uid'] && !$managealbum) {
showmessage('no_privilege_pic_edit', 'home.php?mod=space&uid=' . $_G['uid'] . '&do=album&view=me', array(), array('return' => true));
}
} else {
$album['uid'] = $_G['uid'];
}
if (submitcheck('editpicsubmit')) {
$return = true;
foreach ($_POST['title'] as $picid => $value) {
if ($value == $_GET['oldtitle'][$picid]) {
continue;
}
$title = getstr($value, 150);
$title = censor($title);
if (censormod($title) || $_G['group']['allowuploadmod']) {
$pic_status = 1;
manage_addnotify('verifypic');
} else {
$pic_status = 0;
}
$wherearr = array('picid' => $picid);
if (!$managealbum) {
$wherearr['uid'] = $_G['uid'];
}
C::t('home_pic')->update($picid, array('title' => $title, 'status' => $pic_status));
}
if ($_GET['subop'] == 'delete') {
if ($_POST['ids']) {
require_once libfile('function/delete');
deletepics($_POST['ids']);
if ($group_recommend[$_G['fid']]) {
$group_recommend[$_G['fid']]['icon'] = get_groupimg($iconnew);
C::t('common_setting')->update('group_recommend', $group_recommend);
include libfile('function/cache');
updatecache('setting');
}
}
if ($bannernew && empty($deletebanner)) {
$setarr['banner'] = $bannernew;
} elseif ($deletebanner) {
$setarr['banner'] = '';
@unlink($_G['forum']['banner']);
}
require_once libfile('function/discuzcode');
$_GET['descriptionnew'] = discuzcode(censor(trim($_GET['descriptionnew'])), 0, 0, 0, 0, 1, 1, 0, 0, 1);
$censormod = censormod($_GET['descriptionnew']);
if ($censormod) {
showmessage('group_description_failed');
}
$_GET['jointypenew'] = intval($_GET['jointypenew']);
if ($_GET['jointypenew'] == '-1' && $_G['uid'] != $_G['forum']['founderuid']) {
showmessage('group_close_only_founder');
}
$_GET['gviewpermnew'] = intval($_GET['gviewpermnew']);
$setarr['description'] = $_GET['descriptionnew'];
$setarr['jointype'] = $_GET['jointypenew'];
$setarr['gviewperm'] = $_GET['gviewpermnew'];
C::t('forum_forumfield')->update($_G['fid'], $setarr);
showmessage('group_setup_succeed', $url);
} else {
$firstgid = $_G['cache']['grouptype']['second'][$_G['forum']['fup']]['fup'];
if (!$var['sayclose']) {
if ($_G['gp_qdmode'] == '1') {
$todaysay = dhtmlspecialchars($_G['gp_todaysay']);
if ($todaysay == '') {
sign_msg($lang['ts_nots']);
}
if (strlen($todaysay) > 100) {
sign_msg($lang['ts_ovts']);
}
if (strlen($todaysay) < 6) {
sign_msg($lang['ts_syts']);
}
if (!preg_match("/[^A-Za-z0-9.,]/", $todaysay)) {
sign_msg($lang['ts_saywater']);
}
$illegaltest = censormod($todaysay);
if ($illegaltest) {
sign_msg($lang['ts_illegaltext']);
}
} elseif ($_G['gp_qdmode'] == '2') {
switch ($_G['gp_fastreply']) {
case 1:
$todaysay = "{$var['fastreply1']}";
break;
case 2:
$todaysay = "{$var['fastreply2']}";
break;
case 3:
$todaysay = "{$var['fastreply3']}";
break;
case 4:
if (!$novel) {
showmessage("undefined_action", NULL);
} else {
if ($novel['posterid'] == $_G['uid']) {
showmessage("thread_rate_member_invalid", NULL);
}
}
DB::query("INSERT INTO " . DB::table("pdnovel_rate") . (" (novelid, uid, username, credits, dateline) VALUES (" . $novelid . ", {$_G['uid']}, '{$_G['username']}', {$credits}, {$_G['timestamp']})"), "UNBUFFERED");
DB::query("UPDATE LOW_PRIORITY " . DB::table("pdnovel_view") . (" SET rate=rate+" . $credits . " WHERE novelid={$novelid}"), "UNBUFFERED");
updatemembercount($_G['uid'], array($_G['setting']['creditstransextra'][1] => 0 - $credits), 1, "BAC", $novelid);
updatemembercount($novel['posterid'], array($_G['setting']['creditstransextra'][1] => $credits), 1, "BAC", $novelid);
if ($_POST['message']) {
$message = getstr($_POST['message'], 600, 1, 1, 1, 0);
$message = "<font color=red>" . $message . "</font>";
$message = censor($message);
if (censormod($message)) {
$comment_status = 1;
} else {
$comment_status = 0;
}
$setarr = array("uid" => $_G['uid'], "username" => $_G['username'], "novelid" => $novelid, "postip" => $_G['onlineip'], "dateline" => $_G['timestamp'], "status" => $comment_status, "message" => $message);
DB::insert("pdnovel_comment", $setarr);
DB::query("UPDATE " . DB::table("pdnovel_view") . (" SET comments=comments+1 WHERE novelid=" . $novelid));
DB::update("common_member_status", array("lastpost" => $_G['timestamp']), array("uid" => $_G['uid']));
}
showmessage("do_success", "pdnovel.php?mod=view&novelid=" . $novelid);
}
} else {
if ($_G['gp_ac'] == "star") {
$novelid = $_G['gp_novelid'];
$novel = DB::fetch_first("SELECT * FROM " . DB::table("pdnovel_view") . (" WHERE novelid=" . $novelid . " AND display=0 LIMIT 1"));
$stickcheck = empty($sticktopic) ? '' : 'checked="checked"';
$digestcheck = empty($addtodigest) ? '' : 'checked="checked"';
$subject = isset($_G['gp_subject']) ? dhtmlspecialchars(censor(trim($_G['gp_subject']))) : '';
$subject = !empty($subject) ? str_replace("\t", ' ', $subject) : $subject;
$message = isset($_G['gp_message']) ? censor($_G['gp_message']) : '';
$polloptions = isset($polloptions) ? censor(trim($polloptions)) : '';
$readperm = isset($_G['gp_readperm']) ? intval($_G['gp_readperm']) : 0;
$price = isset($_G['gp_price']) ? intval($_G['gp_price']) : 0;
$_G['setting']['tagstatus'] = $_G['setting']['tagstatus'] && $_G['forum']['allowtag'] ? $_G['setting']['tagstatus'] == 2 ? 2 : $_G['forum']['allowtag'] : 0;
if (empty($bbcodeoff) && !$_G['group']['allowhidecode'] && !empty($message) && preg_match("/\\[hide=?\\d*\\].+?\\[\\/hide\\]/is", preg_replace("/(\\[code\\](.+?)\\[\\/code\\])/is", ' ', $message))) {
showmessage('post_hide_nopermission');
}
if (periodscheck('postmodperiods', 0)) {
$modnewthreads = $modnewreplies = 1;
} else {
$censormod = censormod($subject . "\t" . $message);
$modnewthreads = (!$_G['group']['allowdirectpost'] || $_G['group']['allowdirectpost'] == 1) && $_G['forum']['modnewposts'] || $censormod ? 1 : 0;
$modnewreplies = (!$_G['group']['allowdirectpost'] || $_G['group']['allowdirectpost'] == 2) && $_G['forum']['modnewposts'] == 2 || $censormod ? 1 : 0;
}
if ($_G['group']['allowposturl'] < 3 && $message) {
$urllist = get_url_list($message);
if (is_array($urllist[1])) {
foreach ($urllist[1] as $key => $val) {
if (!($val = trim($val))) {
continue;
}
if (!iswhitelist($val)) {
if ($_G['group']['allowposturl'] == 0) {
showmessage('post_url_nopermission');
} elseif ($_G['group']['allowposturl'] == 1) {
$modnewthreads = $modnewreplies = 1;
function srcreategroup($lastdata)
{
global $_G;
$parentid = intval($lastdata['parentid']);
$fup = intval($lastdata['fup']);
$name = censor(dhtmlspecialchars(cutstr(trim($lastdata['name']), 255, '')));
$censormod = censormod($name);
if (empty($name)) {
return;
} elseif ($censormod) {
return;
} elseif (empty($parentid) && empty($fup)) {
return;
}
if (empty($_G['cache']['grouptype']['first'][$parentid]) && empty($_G['cache']['grouptype']['second'][$fup]) || $_G['cache']['grouptype']['first'][$parentid]['secondlist'] && !in_array($_G['cache']['grouptype']['second'][$fup]['fid'], $_G['cache']['grouptype']['first'][$parentid]['secondlist'])) {
///return;
}
if (empty($fup)) {
$fup = $parentid;
}
if (C::t('#sanree_brand#forum_forum')->fetch_fid_by_name($name)) {
return;
}
require_once libfile('function/discuzcode');
$descriptionnew = discuzcode(dhtmlspecialchars(censor(trim($lastdata['descriptionnew']))), 0, 0, 0, 0, 1, 1, 0, 0, 1);
$censormod = censormod($descriptionnew);
if ($censormod) {
return;
}
if (empty($_G['setting']['groupmod']) || $_G['adminid'] == 1) {
$levelinfo = C::t('#sanree_brand#forum_grouplevel')->fetch_by_credits();
$levelid = $levelinfo['levelid'];
} else {
$levelid = -1;
}
$newfid = C::t('#sanree_brand#forum_forum')->insert_group($fup, 'sub', $name, '3', $levelid);
if ($newfid) {
$jointype = intval($lastdata['jointype']);
$gviewperm = intval($lastdata['gviewperm']);
$fieldarray = array('fid' => $newfid, 'description' => $descriptionnew, 'jointype' => $jointype, 'gviewperm' => $gviewperm, 'dateline' => TIMESTAMP, 'founderuid' => $lastdata['uid'], 'foundername' => $lastdata['username'], 'membernum' => 1);
C::t('#sanree_brand#forum_forumfield')->insert($fieldarray);
C::t('#sanree_brand#forum_forumfield')->update_groupnum($fup, 1);
C::t('#sanree_brand#forum_groupuser')->insert($newfid, $lastdata['uid'], $lastdata['username'], 1, TIMESTAMP);
require_once libfile('function/cache');
updatecache('grouptype');
}
C::t('#sanree_brand#sanree_brand_businesses')->update($lastdata['bid'], array('syngrouptid' => $newfid));
include_once libfile('function/stat');
updatestat('group');
if ($levelid == -1) {
return true;
}
return true;
}
