function getstr($string, $length, $in_slashes = 0, $out_slashes = 0, $bbcode = 0, $html = 0)
{
global $_G;
$string = trim($string);
$sppos = strpos($string, chr(0) . chr(0) . chr(0));
if ($sppos !== false) {
$string = substr($string, 0, $sppos);
}
if ($in_slashes) {
$string = dstripslashes($string);
}
$string = preg_replace("/\\[hide=?\\d*\\](.*?)\\[\\/hide\\]/is", '', $string);
if ($html < 0) {
$string = preg_replace("/(\\<[^\\<]*\\>|\r|\n|\\s|\\[.+?\\])/is", ' ', $string);
} elseif ($html == 0) {
$string = dhtmlspecialchars($string);
}
if ($length) {
$string = cutstr($string, $length);
}
if ($bbcode) {
require_once DISCUZ_ROOT . './source/class/class_bbcode.php';
$bb =& bbcode::instance();
$string = $bb->bbcode2html($string, $bbcode);
}
if ($out_slashes) {
$string = daddslashes($string);
}
return trim($string);
}
function feed_add($icon, $title_template = '', $title_data = array(), $body_template = '', $body_data = array(), $body_general = '', $images = array(), $image_links = array(), $target_ids = '', $friend = '', $appid = '', $returnid = 0, $id = 0, $idtype = '', $uid = 0, $username = '')
{
global $_G;
$title_template = $title_template ? lang('feed', $title_template) : '';
$body_template = $body_template ? lang('feed', $body_template) : '';
$body_general = $body_general ? lang('feed', $body_general) : '';
if (empty($uid) || empty($username)) {
$uid = $username = '';
}
$feedarr = array('appid' => $appid, 'icon' => $icon, 'uid' => $uid ? intval($uid) : $_G['uid'], 'username' => $username ? $username : $_G['username'], 'dateline' => $_G['timestamp'], 'title_template' => $title_template, 'body_template' => $body_template, 'body_general' => $body_general, 'image_1' => empty($images[0]) ? '' : $images[0], 'image_1_link' => empty($image_links[0]) ? '' : $image_links[0], 'image_2' => empty($images[1]) ? '' : $images[1], 'image_2_link' => empty($image_links[1]) ? '' : $image_links[1], 'image_3' => empty($images[2]) ? '' : $images[2], 'image_3_link' => empty($image_links[2]) ? '' : $image_links[2], 'image_4' => empty($images[3]) ? '' : $images[3], 'image_4_link' => empty($image_links[3]) ? '' : $image_links[3], 'target_ids' => $target_ids, 'friend' => $friend, 'id' => $id, 'idtype' => $idtype);
$feedarr = dstripslashes($feedarr);
$feedarr['title_data'] = serialize(dstripslashes($title_data));
$feedarr['body_data'] = serialize(dstripslashes($body_data));
$feedarr['hash_data'] = empty($title_data['hash_data']) ? '' : $title_data['hash_data'];
$feedarr = daddslashes($feedarr);
if (is_numeric($icon)) {
$feed_table = 'home_feed_app';
unset($feedarr['id'], $feedarr['idtype']);
} else {
if ($feedarr['hash_data']) {
$query = DB::query("SELECT feedid FROM " . DB::table('home_feed') . " WHERE uid='{$feedarr['uid']}' AND hash_data='{$feedarr['hash_data']}' LIMIT 0,1");
if ($oldfeed = DB::fetch($query)) {
return 0;
}
}
$feed_table = 'home_feed';
}
if ($returnid) {
return DB::insert($feed_table, $feedarr, $returnid);
} else {
DB::insert($feed_table, $feedarr);
return 1;
}
}
function init_input()
{
if (MAGIC_QUOTES_GPC) {
$_GET = dstripslashes($_GET);
$_POST = dstripslashes($_POST);
$_COOKIE = dstripslashes($_COOKIE);
}
}
function url_implode($gets)
{
$arr = array();
foreach ($gets as $key => $value) {
if ($value) {
$arr[] = $key . '=' . urlencode(dstripslashes($value));
}
}
return implode('&', $arr);
}
function dstripslashes($string)
{
if (!is_array($string)) {
return stripslashes($string);
}
foreach ($string as $key => $val) {
$string[$key] = dstripslashes($val);
}
return $string;
}
function set()
{
global $_CONFIG;
$func_num_args=func_num_args();
$func_args=func_get_args();
$value=array_pop($func_args);
$value = dstripslashes($value);
$type=array_shift($func_args);
$remark = '/'.'*********************************************
*[tttuangou] (C)2005 - 2010 Cenwor Inc.
*
* tttuangou '.$type.'配置
*
* @author www.tttuangou.net
*
* @time '.date('Y-m-d H:i').'
*********************************************'.'/
';
$file=ConfigHandler::file($type);
if($type===null)
{
$data="<?php \r\n {$remark} \r\n \$config=".var_export($value,true)."; \r\n ?>";
}
else
{
if(($config=$_CONFIG[$type])===null)
{
$config=array();
@include($file);
$config=$config[$type];
}
foreach($func_args as $arg)
{
$path_str.="['$arg']";
}
eval($value===null?'unset($config'.$path_str.');':'$config'.$path_str.'=$value;');
$data="<?php \r\n {$remark} \r\n\$config['$type']=".var_export($config,true).";\r\n?>";
}
@$fp=fopen($file,'wb');
if(!$fp)
{
zlog('error')->found('denied.io', $file);
die($file."文件无法写入,请检查是否有可写权限。");
}
$len=fwrite($fp, $data);
fclose($fp);
if($len)$_CONFIG[$type]=$config;
return $len;
}
function dstripslashes($string)
{
if (empty($string)) {
return $string;
}
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = dstripslashes($val);
}
} else {
$string = stripslashes($string);
}
return $string;
}
function daddslashes($string, $force = 0)
{
if (!$GLOBALS['magic_quotes_gpc'] || $force) {
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = daddslashes($val, $force);
}
} else {
//如果魔术引用开启或$force为0
//下面是一个三元操作符,如果$strip为true则执行stripslashes去掉反斜线字符,再执行addslashes
//$strip为true的,也就是先去掉反斜线字符再进行转义的为$_GET,$_POST,$_COOKIE和$_REQUEST $_REQUEST数组包含了前三个数组的值
//这里为什么要将$string先去掉反斜线再进行转义呢,因为有的时候$string有可能有两个反斜线,stripslashes是将多余的反斜线过滤掉
$string = addslashes($strip ? dstripslashes($string) : $string);
}
}
return $string;
}
function dsu_amucallme_output($a)
{
global $_G;
if ($_G['uid'] && in_array($_G['fid'], $this->fids)) {
$turl = "forum.php?mod=redirect&goto=findpost&ptid={$a['values']['tid']}&pid={$a['values']['pid']}";
$url = $_G["siteurl"] . $turl;
$msg = $this->message;
$reply = $_G["siteurl"] . "forum.php?mod=post&action=reply&tid={$a['values']['tid']}&repquote={$a['values']['pid']}";
if (!$msg) {
if (!function_exists('discuzcode')) {
include libfile('function/discuzcode');
}
$msg = ' ' . cutstr(strip_tags(discuzcode($_G['gp_message'], 1, 0)), 40, '...');
}
$sendmsg = lang('plugin/dsu_amucallme', 'sendmsg', array('username' => $_G['username'], 'url' => $url, 'reply' => $reply, 'message' => $msg));
$cmcost = array();
if (file_exists('./data/plugindata/dsu_amucallme.data.php')) {
require_once DISCUZ_ROOT . './data/plugindata/dsu_amucallme.data.php';
$data_f2a = dstripslashes($data_f2a);
$cmcost = $data_f2a[$_G['groupid']];
$cmcost['cost'] = $cmcost['cost'] * '-1';
}
$max = 0;
if ($cmcost['extcredits'] && $cmcost['cost']) {
$max = intval($_G['member']["extcredits{$cmcost['extcredits']}"] / $cmcost['cost']);
} else {
$max = 100;
}
if ($a['values']['tid'] && $a['values']['pid'] && $max) {
foreach ($this->usernames as $key => $val) {
if ($val && $_G['uid'] != $val && $max) {
updatemembercount($_G['uid'], array("extcredits{$cmcost['extcredits']}" => $cmcost['cost']), true, '', 0);
notification_add($val, $_G['uid'], $sendmsg, '', 0);
$max--;
}
}
foreach ($this->gusernames as $key => $val) {
if ($val && $_G['uid'] != $val && $max) {
updatemembercount($_G['uid'], array("extcredits{$cmcost['extcredits']}" => $cmcost['cost']), true, '', 0);
notification_add($val, $_G['uid'], $sendmsg, '', 0);
$max--;
}
}
}
}
}
function run_timing($a)
{
global $_G;
$timestamp = TIMESTAMP;
$processname = 'TIMING_CRON_CHECK';
$check = DB::result(DB::query("SELECT COUNT(*) FROM " . DB::table('strayer_timing') . " WHERE public_dateline<='{$timestamp}' "), 0);
if ($check) {
discuz_process::unlock($processname);
}
if (discuz_process::islocked($processname, 600)) {
return false;
}
if (!$check) {
return FALSE;
}
@set_time_limit(1000);
@ignore_user_abort(TRUE);
//防止发生异常,先预订一个1小时的总时间,假如发布文章需要2小时才完成。还未到2小时,又被触发了,这样会造成文章的重复发布
save_syscache('pick_timing', TIMESTAMP + 60 * 60 * 1);
$optype_arr = array(1 => 'move_portal', 2 => 'move_forums', 3 => 'move_blog');
$query = DB::query("SELECT * FROM " . DB::table('strayer_timing') . " WHERE public_dateline<='{$timestamp}' ORDER by public_dateline");
$timing_aid_arr = $tid_arr = $args = array();
while ($rs = DB::fetch($query)) {
$timing_aid_arr[] = dstripslashes($rs);
$tid_arr[] = $rs['id'];
}
if (!$timing_aid_arr) {
return;
}
pload('F:article,F:pick');
article_timing_delete($tid_arr);
//不管有没有发布成功,先清理掉定时发布表里面的数据,防止文章又被重复检测到
foreach ($timing_aid_arr as $k => $rs) {
$args = unserialize($rs['public_info']);
$args['aid'] = array($rs['data_id']);
$args['pid'] = $rs['pid'];
$args['timing'] = 1;
$args['cron_run'] = 1;
$args['public_time'][$rs['data_id']] = $rs['public_dateline'];
article_import($optype_arr[$rs['public_type']], $args);
}
save_syscache('pick_timing', TIMESTAMP + 600);
//成功运行,时间按正常设置
discuz_process::unlock($processname);
return true;
}
function on_login()
{
global $_G;
empty($mrefreshtime) && ($mrefreshtime = 2000);
if ($_G['uid']) {
$ucsynlogin = uc_user_synlogin($_G['uid']);
$param = array('username' => $_G['member']['username'], 'ucsynlogin' => $ucsynlogin, 'uid' => $_G['member']['uid']);
showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => 1));
}
if (!($_G['member_loginperm'] = logincheck())) {
showmessage('login_strike');
}
if (!submitcheck('loginsubmit', 1)) {
$_G['referer'] = dreferer();
$cookietimecheck = !empty($_G['cookie']['cookietime']) ? 'checked="checked"' : '';
$username = !empty($_G['cookie']['loginuser']) ? htmlspecialchars($_G['cookie']['loginuser']) : '';
include template('member/login');
} else {
$_G['uid'] = $_G['member']['uid'] = 0;
$_G['username'] = $_G['member']['username'] = $_G['member']['password'] = '';
$result = userlogin($_G['gp_username'], $_G['gp_password'], null, null, 'auto');
if ($result['status'] > 0) {
setloginstatus($result['member'], $_G['gp_cookietime'] ? 2592000 : 0);
$ucsynlogin = uc_user_synlogin($_G['uid']);
$message = 1;
$param = array('username' => $_G['member']['username'], 'ucsynlogin' => $ucsynlogin, 'uid' => $_G['uid']);
showmessage('login_succeed', dreferer(), $param, array('showdialog' => 1, 'locationtime' => 1));
} else {
$password = preg_replace("/^(.{" . round(strlen($_G['gp_password']) / 4) . "})(.+?)(.{" . round(strlen($_G['gp_password']) / 6) . "})\$/s", "\\1***\\3", $_G['gp_password']);
$errorlog = dhtmlspecialchars(TIMESTAMP . "\t" . ($result['ucresult']['username'] ? $result['ucresult']['username'] : dstripslashes($_G['gp_username'])) . "\t" . $password . "\t" . "Ques #" . intval($_G['gp_questionid']) . "\t" . $_G['clientip']);
writelog('illegallog', $errorlog);
loginfailed($_G['member_loginperm']);
$fmsg = $result['ucresult']['uid'] == '-3' ? empty($_G['gp_questionid']) || $answer == '' ? 'login_question_empty' : 'login_question_invalid' : 'login_invalid';
showmessage($fmsg, '', array('loginperm' => $_G['member_loginperm']));
}
}
}
$totalmembers = DB::result_first("SELECT COUNT(*) FROM " . DB::table('common_member'));
$userstats = array('totalmembers' => $totalmembers, 'newsetuser' => $username);
save_syscache('userstats', $userstats);
if ($_G['setting']['regctrl'] || $_G['setting']['regfloodctrl']) {
DB::query("DELETE FROM " . DB::table('common_regip') . " WHERE dateline<='{$_G['timestamp']}'-" . ($_G['setting']['regctrl'] > 72 ? $_G['setting']['regctrl'] : 72) . "*3600", 'UNBUFFERED');
if ($_G['setting']['regctrl']) {
DB::query("INSERT INTO " . DB::table('common_regip') . " (ip, count, dateline)\r\n\t\t\t\tVALUES ('{$_G['clientip']}', '-1', '{$_G['timestamp']}')");
}
}
$regmessage = dhtmlspecialchars($_G['gp_regmessage']);
if ($_G['setting']['regverify'] == 2) {
DB::query("REPLACE INTO " . DB::table('common_member_validate') . " (uid, submitdate, moddate, admin, submittimes, status, message, remark)\r\n\t\t\tVALUES ('{$uid}', '{$_G['timestamp']}', '0', '', '1', '0', '{$regmessage}', '')");
}
$_G['uid'] = $uid;
$_G['username'] = $username;
$_G['member']['username'] = dstripslashes($_G['username']);
$_G['member']['password'] = $password;
$_G['groupid'] = $groupinfo['groupid'];
include_once libfile('function/stat');
updatestat('register');
$_CORE =& discuz_core::instance();
$_CORE->session->set('uid', $uid);
$_CORE->session->set('username', $username);
dsetcookie('auth', authcode("{$_G['member']['password']}\t{$_G['uid']}", 'ENCODE'), 2592000, 1, true);
if ($invite['id']) {
DB::update("common_invite", array('fuid' => $uid, 'fusername' => $username, 'regdateline' => $_G['timestamp'], 'status' => 2), array('id' => $invite['id']));
updatestat('invite');
}
if ($invite['uid']) {
if ($_G['setting']['inviteconfig']['inviteaddcredit']) {
updatemembercount($uid, array($_G['setting']['inviteconfig']['inviterewardcredit'] => $_G['setting']['inviteconfig']['inviteaddcredit']));
$tradelog['lastupdate'] = dgmdate($tradelog['lastupdate'], 'u');
$tradelog['statusview'] = trade_getstatus($tradelog['status']);
$messagelist = array();
if ($tradelog['offline']) {
$offlinenext = trade_offline($tradelog, 1, $trade_message);
$message = explode("\t\t\t", dstripslashes($tradelog['message']));
foreach ($message as $row) {
$row = explode("\t", $row);
$row[2] = dgmdate($row[2], 'u');
$row[0] && ($messagelist[] = $row);
}
} else {
$loginurl = trade_getorderurl($tradelog['tradeno']);
}
$tradelog['buyer'] = dstripslashes($tradelog['buyer']);
$tradelog['seller'] = dstripslashes($tradelog['seller']);
$trade = DB::fetch_first("SELECT * FROM " . DB::table('forum_trade') . " WHERE tid='{$tradelog['tid']}' AND pid='{$tradelog['pid']}'");
include template('forum/trade_view');
} else {
if (empty($_G['gp_pid'])) {
$posttable = getposttablebytid($_G['tid']);
$pid = DB::result_first("SELECT pid FROM " . DB::table($posttable) . " WHERE tid='{$_G['tid']}' AND first='1' LIMIT 1");
} else {
$pid = $_G['gp_pid'];
}
if (DB::result_first("SELECT closed FROM " . DB::table('forum_thread') . " WHERE tid='{$_G['tid']}'")) {
showmessage('trade_closed', 'forum.php?mod=viewthread&tid=' . $_G['tid'] . '&page=' . $page);
}
$trade = DB::fetch_first("SELECT * FROM " . DB::table('forum_trade') . " WHERE tid='{$_G['tid']}' AND pid='{$pid}'");
if (empty($trade)) {
showmessage('undefined_action', NULL);
} else {
$type = DB::result_first("SELECT type FROM " . DB::table('advertisement') . " WHERE advid='{$advid}'");
}
if ($advnew['style'] == 'image' || $advnew['style'] == 'flash') {
if ($_FILES['advnew' . $advnew['style']]) {
require_once libfile('class/upload');
$upload = new discuz_upload();
if ($upload->init($_FILES['advnew' . $advnew['style']], 'common') && $upload->save()) {
$advnew[$advnew['style']]['url'] = $_G['setting']['attachurl'] . 'common/' . $upload->attach['attachment'];
}
} else {
$advnew[$advnew['style']]['url'] = $_G['gp_advnew' . $advnew['style']];
}
}
foreach ($advnew[$advnew['style']] as $key => $val) {
$advnew[$advnew['style']][$key] = dstripslashes($val);
}
$advnew['displayorder'] = isset($advnew['displayorder']) ? implode("\t", $advnew['displayorder']) : '';
$advnew['code'] = encodeadvcode($advnew);
$extra = $type != 'custom' ? '' : '&customid=' . $parameters['extra']['customid'];
$advnew['parameters'] = addslashes(serialize(array_merge(is_array($parameters) ? $parameters : array(), array('style' => $advnew['style']), $advnew['style'] == 'code' ? array() : $advnew[$advnew['style']], array('html' => $advnew['code']), array('displayorder' => $advnew['displayorder']))));
$advnew['code'] = addslashes($advnew['code']);
$query = DB::query("UPDATE " . DB::table('advertisement') . " SET title='{$advnew['title']}', targets='{$advnew['targets']}', parameters='{$advnew['parameters']}', code='{$advnew['code']}', starttime='{$advnew['starttime']}', endtime='{$advnew['endtime']}' WHERE advid='{$advid}'");
updatecache('advs');
updatecache('setting');
if ($operation == 'edit') {
cpmsg('adv_succeed', $_G['gp_referer'], 'succeed');
} else {
cpmsg('adv_succeed', 'action=adv&operation=edit&advid=' . $advid . $extra, 'succeed');
}
}
<?php
/*
* @copyright Leyun internet Technology(Shanghai)Co.,Ltd
* @license http://www.dzzoffice.com/licenses/license.txt
* @package DzzOffice
* @link http://www.dzzoffice.com
* @author zyx(zyx@dzz.cc)
*/
if (!defined('IN_DZZ')) {
exit('Access Denied');
}
define('MP3_DIR', 'dzz/player/mp3/');
$do = $_GET['do'];
if ($do == 'saveplaylist') {
$paylist = trim($_POST['data']);
DB::insert('user_playlist', array('uid' => $_G['uid'], 'playlist' => $paylist, 'updatetime' => $_G['timestamp']), 1, 1);
exit;
} elseif ($do == 'getplaylist') {
if (!($playarr = dstripslashes(unserialize(stripslashes(DB::result_first("select playlist from " . DB::table('user_playlist') . " where uid='{$_G[uid]}'")))))) {
$playarr = array();
}
$return = array('playlist' => $playarr, 'isadmin' => 1);
echo json_encode($return);
exit;
} else {
//exit('dddd==='.template('player:mp3/index'));
$icoid = trim($_GET['icoid']);
include template('jplayer');
//exit('dfdfd');
}
function rules_get_article($content, $rules_info)
{
$url = $_GET['url'];
$rules_info = pstripslashes($rules_info);
$rules_info['title_filter_rules'] = dstripslashes(unserialize($rules_info['title_filter_rules']));
$rules_info['content_filter_rules'] = dstripslashes(unserialize($rules_info['content_filter_rules']));
require_once libfile('function/home');
//先取标题
if ($rules_info['theme_get_type'] == 3) {
//智能识别
$data = get_single_article($content);
} else {
if ($rules_info['theme_get_type'] == 1) {
//dom获取
$data = dom_single_article($content, array('title' => $rules_info['theme_rules']));
} else {
if ($rules_info['theme_get_type'] == 2) {
//字符串
$re = pregmessage($content, '<title>[title]</title>', 'title', -1);
$data['other']['old_title'] = $re[0];
$re = pregmessage($content, $rules_info['theme_rules'], 'title', -1);
$data['title'] = $re[0];
}
}
}
if (!trim($data['title'])) {
return $data;
}
//如果标题都取不到,不必浪费时间获取内容
$data['content'] = rules_get_contents($content, $rules_info);
if ($rules_info['content_page_rules'] && $data['content']) {
//分页文章
$content_page_arr = get_content_page($url, $content, $rules_info);
if ($content_page_arr) {
$args = array('oldurl' => array(), 'content_arr' => array(), 'content_page_arr' => $content_page_arr, 'page_hash' => array(), 'rules' => $rules_info, 'url' => $url);
$data['content_arr'] = page_get_content($content, $args);
foreach ((array) $data['content_arr'] as $k => $v) {
$content_arr[] = $v['content'];
}
$data['content'] = implode('', $content_arr);
}
}
$data['title'] = unhtmlentities(strip_tags($data['title'], ' '));
$data['content'] = unhtmlentities($data['content']);
$data['title'] = getstr(trim($data['title']), 80, 1, 1, 0, 1);
$data['content'] = getstr($data['content'], 0, 1, 1, 0, 1);
//print_r($data);
//处理文章标题和内容,包括替换和过滤
$format_args_title = array('is_fiter' => $rules_info['is_fiter_title'], 'show_type' => 'title', 'test' => 2, 'result_data' => $data['title'], 'replace_rules' => $rules_info['title_replace_rules'], 'filter_data' => $rules_info['title_filter_rules']);
$data['title'] = filter_article($format_args_title);
$data['content'] = dstripslashes($data['content']);
$format_args_content = array('is_fiter' => $rules_info['is_fiter_content'], 'show_type' => 'title', 'test' => 2, 'filter_html' => dunserialize($rules_info['content_filter_html']), 'result_data' => $data['content'], 'replace_rules' => $rules_info['content_replace_rules'], 'filter_data' => $rules_info['content_filter_rules']);
$data['content'] = filter_article($format_args_content);
//$data['content'] = dz_attach_format($url, $data['content']);
$format_arr = format_article_imgurl($url, $data['content']);
$data['content'] = $format_arr['message'];
//$data['content'] = media_htmlbbcode($data['content'], $url);
unset($data['other']);
return $data;
}
$specialextra = '';
}
}
$thread['freecharge'] = $_G['setting']['maxchargespan'] && TIMESTAMP - $thread['dateline'] >= $_G['setting']['maxchargespan'] * 3600 ? 1 : 0;
$freechargehours = !$thread['freecharge'] ? $_G['setting']['maxchargespan'] - intval((TIMESTAMP - $thread['dateline']) / 3600) : 0;
if ($thread['special'] == 1 && ($_G['group']['alloweditpoll'] || $thread['authorid'] == $_G['uid'])) {
$query = DB::query("SELECT polloptionid, displayorder, polloption, multiple, visible, maxchoices, expiration, overt FROM " . DB::table('forum_polloption') . " AS polloptions LEFT JOIN " . DB::table('forum_poll') . " AS polls ON polloptions.tid=polls.tid WHERE polls.tid ='{$_G['tid']}' ORDER BY displayorder");
while ($temppoll = DB::fetch($query)) {
$poll['multiple'] = $temppoll['multiple'];
$poll['visible'] = $temppoll['visible'];
$poll['maxchoices'] = $temppoll['maxchoices'];
$poll['expiration'] = $temppoll['expiration'];
$poll['overt'] = $temppoll['overt'];
$poll['polloptionid'][] = $temppoll['polloptionid'];
$poll['displayorder'][] = $temppoll['displayorder'];
$poll['polloption'][] = dstripslashes($temppoll['polloption']);
}
} elseif ($thread['special'] == 3) {
$rewardprice = $thread['price'];
} elseif ($thread['special'] == 4) {
$activitytypelist = $_G['setting']['activitytype'] ? explode("\n", trim($_G['setting']['activitytype'])) : '';
$activity = DB::fetch_first("SELECT * FROM " . DB::table('forum_activity') . " WHERE tid='{$_G['tid']}'");
$activity['starttimefrom'] = dgmdate($activity['starttimefrom'], 'Y-m-d H:i');
$activity['starttimeto'] = $activity['starttimeto'] ? dgmdate($activity['starttimeto'], 'Y-m-d H:i') : '';
$activity['expiration'] = $activity['expiration'] ? dgmdate($activity['expiration'], 'Y-m-d H:i') : '';
$activity['ufield'] = $activity['ufield'] ? unserialize($activity['ufield']) : array();
if ($activity['ufield']['extfield']) {
$activity['ufield']['extfield'] = implode("\n", $activity['ufield']['extfield']);
}
} elseif ($thread['special'] == 5) {
$debate['endtime'] = $debate['endtime'] ? dgmdate($debate['endtime'], 'Y-m-d H:i') : '';
if ($this_time != 0) {
if (dsucheckformulacredits($thisvars['ptgs'])) {
$amu_formula = str_replace("leiji", $addup, $thisvars['ptgs']);
$amu_formula = str_replace("lianxu", $cons, $amu_formula);
@eval("\$pt = {$amu_formula};");
$pt = empty($thisvars['ptmax']) ? intval($pt) : intval(min($pt, $thisvars['ptmax']));
$amu_formula_n = str_replace("leiji", $addup + 1, $thisvars['ptgs']);
$amu_formula_n = str_replace("lianxu", $cons + 1, $amu_formula_n);
@eval("\$pt_n = {$amu_formula_n};");
$pt_n = empty($thisvars['ptmax']) ? intval($pt_n) : intval(min($pt_n, $thisvars['ptmax']));
} else {
$pt = $pt_n = 1;
}
// 获取特殊奖励配置情况
$tsarr = C::t('#dsu_amupper#plugin_dsuamupperc')->fetch_all_by_g_id();
$data_f2a = dstripslashes($tsarr);
$next_old = '';
if ($tsarr && $thisvars['ms'] == 3) {
// 有特殊奖励(不循环)
foreach ($data_f2a as $id => $result) {
if (($_G['groupid'] == $result['usergid'] || $result['usergid'] <= '0') && $cons == $result['days']) {
$teshu[$id] = $result;
$tsmsg[] = array('title' => $_G['setting']['extcredits'][$result['extcredits']]['title'], 'reward' => $result['reward']);
}
}
}
// 有特殊奖励(循环)
if ($tsarr && $thisvars['ms'] == 4) {
foreach ($data_f2a as $id => $result) {
$yushu = $cons % $result['days'];
if (($_G['groupid'] == $result['usergid'] || $result['usergid'] <= '0') && $yushu == 0 && $cons > 0) {
function _init_input()
{
if (isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_COOKIE['GLOBALS']) || isset($_FILES['GLOBALS'])) {
system_error('request_tainting');
}
// source bug!!!
// if(!MAGIC_QUOTES_GPC) {
// $_GET = daddslashes($_GET);
// $_POST = daddslashes($_POST);
// $_COOKIE = daddslashes($_COOKIE);
// $_FILES = daddslashes($_FILES);
// }
if (MAGIC_QUOTES_GPC) {
$_GET = dstripslashes($_GET);
$_POST = dstripslashes($_POST);
$_COOKIE = dstripslashes($_COOKIE);
}
$prelength = strlen($this->config['cookie']['cookiepre']);
foreach ($_COOKIE as $key => $val) {
if (substr($key, 0, $prelength) == $this->config['cookie']['cookiepre']) {
$this->var['cookie'][substr($key, $prelength)] = $val;
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST)) {
$_GET = array_merge($_GET, $_POST);
}
if (isset($_GET['diy'])) {
$_GET['diy'] = empty($_GET['diy']) ? '' : $_GET['diy'];
}
foreach ($_GET as $k => $v) {
$this->var['gp_' . $k] = $v;
}
if (isset($this->var['gp_page'])) {
$this->var['gp_page'] = rawurlencode($this->var['gp_page']);
}
$this->var['mod'] = empty($this->var['gp_mod']) ? '' : htmlspecialchars($this->var['gp_mod']);
$this->var['inajax'] = empty($this->var['gp_inajax']) ? 0 : (empty($this->var['config']['output']['ajaxvalidate']) ? 1 : ($_SERVER['REQUEST_METHOD'] == 'GET' && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || $_SERVER['REQUEST_METHOD'] == 'POST' ? 1 : 0));
$this->var['page'] = empty($this->var['gp_page']) ? 1 : max(1, intval($this->var['gp_page']));
$this->var['sid'] = $this->var['cookie']['sid'] = isset($this->var['cookie']['sid']) ? htmlspecialchars($this->var['cookie']['sid']) : '';
$this->var['gp_handlekey'] = !empty($this->var['gp_handlekey']) && preg_match('/^\\w+$/', $this->var['gp_handlekey']) ? $this->var['gp_handlekey'] : '';
if (empty($this->var['cookie']['saltkey'])) {
$this->var['cookie']['saltkey'] = random(8);
dsetcookie('saltkey', $this->var['cookie']['saltkey'], 86400 * 30, 1, 1);
}
$this->var['authkey'] = md5($this->var['config']['security']['authkey'] . $this->var['cookie']['saltkey']);
}
cloudaddons_validator($dir . '.plugin');
$importtxt = @implode('', file($importfile));
$pluginarray = getimportdata('Discuz! Plugin');
if (!ispluginkey($pluginarray['plugin']['identifier']) || $pluginarray['plugin']['identifier'] != $plugin['identifier']) {
cpmsg('plugins_edit_identifier_invalid', '', 'error');
}
if (is_array($pluginarray['vars'])) {
foreach ($pluginarray['vars'] as $config) {
if (!ispluginkey($config['variable'])) {
cpmsg('plugins_upgrade_var_invalid', '', 'error');
}
}
}
if (!empty($pluginarray['checkfile']) && preg_match('/^[\\w\\.]+$/', $pluginarray['checkfile'])) {
if (!empty($pluginarray['language'])) {
$installlang[$pluginarray['plugin']['identifier']] = dstripslashes($pluginarray['language']['installlang']);
}
$filename = DISCUZ_ROOT . './source/plugin/' . $plugin['directory'] . $pluginarray['checkfile'];
if (file_exists($filename)) {
loadcache('pluginlanguage_install');
$installlang = $_G['cache']['pluginlanguage_install'][$plugin['identifier']];
@(include $filename);
}
}
pluginupgrade($pluginarray, $installtype);
if (!empty($plugin['directory']) && !empty($pluginarray['upgradefile']) && preg_match('/^[\\w\\.]+$/', $pluginarray['upgradefile'])) {
dheader('location: ' . ADMINSCRIPT . '?action=plugins&operation=pluginupgrade&dir=' . $dir . '&installtype=' . $modules['extra']['installtype'] . '&fromversion=' . $plugin['version']);
}
$toversion = $pluginarray['plugin']['version'];
cpmsg('plugins_upgrade_succeed', "action=plugins", 'succeed', array('toversion' => $toversion));
}
function block_import($data)
{
global $_G;
if (!is_array($data['block'])) {
return;
}
$data = daddslashes($data);
$stylemapping = array();
if ($data['style']) {
$hashes = $styles = array();
foreach ($data['style'] as $value) {
$hashes[] = $value['hash'];
$styles[$value['hash']] = $value['styleid'];
}
if (!empty($hashes)) {
$query = DB::query('SELECT styleid, hash FROM ' . DB::table('common_block_style') . " WHERE hash IN (" . dimplode($hashes) . ')');
while ($value = DB::fetch($query)) {
$id = $styles[$value['hash']];
$stylemapping[$id] = intval($value['styleid']);
unset($styles[$value['hash']]);
}
}
foreach ($styles as $id) {
$style = $data['style'][$id];
$style['styleid'] = '';
if (is_array($style['template'])) {
$style['template'] = dstripslashes($style['template']);
$style['template'] = addslashes(serialize($style['template']));
}
if (is_array($style['fields'])) {
$style['fields'] = dstripslashes($style['fields']);
$style['fields'] = addslashes(serialize($style['fields']));
}
$newid = DB::insert('common_block_style', $style, true);
$stylemapping[$id] = $newid;
}
}
$blockmapping = array();
foreach ($data['block'] as $block) {
$oid = $block['bid'];
if (!empty($block['styleid'])) {
$block['styleid'] = intval($stylemapping[$block['styleid']]);
}
$block['bid'] = '';
$block['uid'] = $_G['uid'];
$block['username'] = $_G['username'];
$block['dateline'] = 0;
$block['notinherited'] = 0;
if (is_array($block['param'])) {
$block['param'] = dstripslashes($block['param']);
$block['param'] = addslashes(serialize($block['param']));
}
if (is_array($block['blockstyle'])) {
$block['blockstyle'] = dstripslashes($block['blockstyle']);
$block['blockstyle'] = addslashes(serialize($block['blockstyle']));
}
$newid = DB::insert('common_block', $block, true);
$blockmapping[$oid] = $newid;
}
include_once libfile('function/cache');
updatecache('blockclass');
return $blockmapping;
}
function tdtag($attributes)
{
$value = array('colspan' => 1, 'rowspan' => 1, 'width' => '');
preg_match_all("/(colspan|rowspan|width)=([\"|\\']?)(\\d{1,4}%?)(\\2)/is", dstripslashes($attributes), $matches);
if (is_array($matches[1])) {
foreach ($matches[1] as $key => $attribute) {
$value[strtolower($attribute)] = $matches[3][$key];
}
}
@extract($value);
return $width == '' ? $colspan == 1 && $rowspan == 1 ? '[td]' : "[td={$colspan},{$rowspan}]" : "[td={$colspan},{$rowspan},{$width}]";
}
$modules = unserialize($plugin['modules']);
if ($modules['system'] > 0) {
if ($pluginarray['plugin']['version'] != $plugin['version']) {
pluginupgrade($pluginarray, '');
if ($pluginarray['upgradefile']) {
$plugindir = DISCUZ_ROOT . './source/plugin/' . $pluginarray['plugin']['directory'];
if (file_exists($plugindir . '/' . $pluginarray['upgradefile'])) {
@(include_once $plugindir . '/' . $pluginarray['upgradefile']);
}
}
}
if ($modules['system'] != 2) {
$modules['system'] = 2;
$modules = serialize($modules);
C::t('common_plugin')->update($plugin['pluginid'], array('modules' => $modules));
}
continue;
}
C::t('common_plugin')->delete_by_identifier($pluginid);
}
$pluginarray['plugin']['modules'] = unserialize(dstripslashes($pluginarray['plugin']['modules']));
$pluginarray['plugin']['modules']['system'] = 2;
$pluginarray['plugin']['modules'] = serialize($pluginarray['plugin']['modules']);
plugininstall($pluginarray, '', in_array($pluginid, $opens));
if ($pluginarray['installfile']) {
$plugindir = DISCUZ_ROOT . './source/plugin/' . $pluginarray['plugin']['directory'];
if (file_exists($plugindir . '/' . $pluginarray['installfile'])) {
@(include_once $plugindir . '/' . $pluginarray['installfile']);
}
}
}
cpmsg('members_email_domain_illegal', '', 'error');
} elseif ($ucresult == -6) {
cpmsg('members_email_duplicate', '', 'error');
}
}
if ($_G['gp_clearavatar']) {
DB::query("UPDATE " . DB::table('common_member') . " SET avatarstatus='0' WHERE uid='{$_G['gp_uid']}'");
uc_user_deleteavatar($member['muid']);
}
$creditsnew = intval($creditsnew);
$regdatenew = strtotime($_G['gp_regdatenew']);
$lastvisitnew = strtotime($_G['gp_lastvisitnew']);
$secquesadd = $_G['gp_clearquestion'] ? ", secques=''" : '';
$signaturenew = censor($_G['gp_signaturenew']);
$sigstatusnew = $signaturenew ? 1 : 0;
$sightmlnew = addslashes(discuzcode(dstripslashes($signaturenew), 1, 0, 0, 0, $member['allowsigbbcode'] ? $member['allowcusbbcode'] ? 2 : 1 : 0, $member['allowsigimgcode'], 0));
$oltimenew = round($_G['gp_totalnew'] / 60);
$fieldadd = '';
$fieldarr = array();
include_once libfile('function/profile');
foreach ($_POST as $field_key => $field_val) {
if (isset($fields[$field_key]) && (profile_check($field_key, $field_val) || $_G['adminid'] == 1)) {
$fieldarr[$field_key] = "{$field_key}='" . $field_val . "'";
}
}
if ($_G['gp_deletefile'] && is_array($_G['gp_deletefile'])) {
foreach ($_G['gp_deletefile'] as $key => $value) {
if (isset($fields[$key])) {
@unlink(getglobal('setting/attachdir') . './profile/' . $member[$key]);
$fieldarr[$key] = "{$key}=''";
}
}
if (empty($blockdata['parameters']['music']['config'])) {
$blockdata['parameters']['music']['config'] = array('showmod' => 'default', 'autorun' => 'true', 'shuffle' => 'true', 'crontabcolor' => '#D2FF8C', 'buttoncolor' => '#1F43FF', 'fontcolor' => '#1F43FF');
}
$setarr['blockposition'] = daddslashes(serialize($blockdata));
DB::update('common_member_field_home', $setarr, "uid = {$space['uid']}");
showmessage('do_success', 'home.php?mod=spacecp&ac=index&op=getblock&blockname=' . $blockname, array('blockname' => $blockname));
}
if (submitcheck('diysubmit')) {
$blockdata = array();
checksecurity($_POST['spacecss']);
$spacecss = dstripslashes($_POST['spacecss']);
$spacecss = preg_replace("/(\\<|\\>)/is", '', $spacecss);
$currentlayout = getstr($_POST['currentlayout'], 5, 1, 1);
$style = empty($_POST['style']) ? '' : preg_replace("/[^0-9a-z]/i", '', $_POST['style']);
$layoutdata = dstripslashes(getgpc('layoutdata', 'P'));
require_once libfile('class/xml');
$layoutdata = xml2array($layoutdata);
if (empty($layoutdata)) {
showmessage('space_data_format_invalid');
}
$layoutdata = $layoutdata['diypage'];
if ($style && $style != 'uchomedefault') {
$cssfile = DISCUZ_ROOT . './static/space/' . $style . '/style.css';
if (!file_exists($cssfile)) {
showmessage('theme_does_not_exist');
}
}
space_merge($space, 'field_home');
$blockdata = unserialize($space['blockposition']);
$blockdata['block'] = $layoutdata;
function checksmilies($message, $smileyoff)
{
global $_G;
if ($smileyoff) {
return 1;
} else {
if (!empty($_G['cache']['smileycodes']) && is_array($_G['cache']['smileycodes'])) {
$message = dstripslashes($message);
foreach ($_G['cache']['smileycodes'] as $id => $code) {
if (strpos($message, $code) !== FALSE) {
return 0;
}
}
}
return -1;
}
}
if (empty($message)) {
showmessage('unable_to_send_air_news');
}
$message = censor($message);
loadcache(array('smilies', 'smileytypes'));
foreach ($_G['cache']['smilies']['replacearray'] as $key => $smiley) {
$_G['cache']['smilies']['replacearray'][$key] = '[img]' . $_G['siteurl'] . 'static/image/smiley/' . $_G['cache']['smileytypes'][$_G['cache']['smilies']['typearray'][$key]]['directory'] . '/' . $smiley . '[/img]';
}
$message = preg_replace($_G['cache']['smilies']['searcharray'], $_G['cache']['smilies']['replacearray'], $message);
$subject = '';
$return = 0;
if ($touid) {
$return = uc_pm_send($_G['uid'], $touid, $subject, $message, 1, $pmid, 0);
} elseif ($username) {
$newusers = array();
$users = daddslashes(explode(',', dstripslashes($username)));
if ($users) {
$query = DB::query('SELECT uid, username FROM ' . DB::table('common_member') . " WHERE username IN (" . dimplode($users) . ')');
while ($value = DB::fetch($query)) {
$newusers[$value['uid']] = $value['username'];
}
}
if (empty($newusers)) {
showmessage('message_bad_touser', dreferer());
}
if (isset($newusers[$_G['uid']])) {
showmessage('message_can_not_send_to_self', dreferer());
}
foreach ($newusers as $key => $value) {
if (isblacklist($key)) {
showmessage('is_blacklist', dreferer());
DB::query("INSERT INTO " . DB::table('dsu_paulsign') . " (uid,time) VALUES ('{$_G['uid']}',{$_G['timestamp']})");
}
DB::query("UPDATE " . DB::table('dsu_paulsign') . " SET days=days+1,mdays=mdays+1,time='{$_G['timestamp']}',qdxq='{$_G['gp_qdxq']}',todaysay='{$todaysay}',reward=reward+{$credit},lastreward='{$credit}' WHERE uid='{$_G['uid']}'");
updatemembercount($_G['uid'], array($var['nrcredit'] => $credit));
$another_vip = '';
if (@(include_once DISCUZ_ROOT . './source/plugin/dsu_kkvip/extend/sign.api.php')) {
$rewarddays = intval($rewarddays);
$growupnum = intval($growupnum);
if ($rewarddays || $growupnum) {
$another_vip = lang('plugin/dsu_paulsign', 'another_vip', array('rewarddays' => $rewarddays, 'growupnum' => $growupnum));
}
}
if ($var['sync_say'] && $_G['gp_qdmode'] == '1') {
$setarr = array('uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'message' => $todaysay . $lang['fromsign'], 'ip' => $_G['clientip'], 'status' => 0);
$doid = DB::insert('home_doing', $setarr, 1);
$setarr2 = array('appid' => '', 'icon' => 'doing', 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'title_template' => lang('feed', 'feed_doing_title'), 'title_data' => daddslashes(serialize(dstripslashes(array('message' => $todaysay . $lang['fromsign'])))), 'body_template' => '', 'body_data' => '', 'id' => $doid, 'idtype' => 'doid');
DB::insert('home_feed', $setarr2, 1);
}
if ($var['sync_sign'] && $_G['group']['maxsigsize']) {
$signhtml = cutstr(strip_tags($todaysay . $lang['fromsign']), $_G['group']['maxsigsize']);
DB::update('common_member_field_forum', array('sightml' => $signhtml), "uid='{$_G['uid']}'");
}
if ($num >= 0 && $num <= 9) {
switch ($num) {
case 0:
list($exacr, $exacz) = explode("|", $var['jlmain1']);
break;
case 1:
list($exacr, $exacz) = explode("|", $var['jlmain2']);
break;
case 2:
$pages = pages($items, $page, $pagesize);
$lists = array();
$result = $db->query("SELECT * FROM {$DT_PRE}member_check WHERE {$condition} ORDER BY addtime DESC LIMIT {$offset},{$pagesize}");
while ($r = $db->fetch_array($result)) {
$r['addtime'] = timetodate($r['addtime'], 6);
$lists[] = $r;
}
include tpl('validate_member', $module);
break;
case 'show':
check_name($username) or msg();
$t = $db->get_one("SELECT * FROM {$DT_PRE}member_check WHERE username='******'");
$t or msg('记录不存在');
$U = userinfo($username);
$U or msg('会员不存在');
$E = dstripslashes(unserialize($t['content']));
$userid = $U['userid'];
$content_table = content_table(4, $userid, is_file(DT_CACHE . '/4.part'), $DT_PRE . 'company_data');
$t = $db->get_one("SELECT * FROM {$content_table} WHERE userid={$userid}");
$U['content'] = $t['content'];
if (isset($E['regunit']) && !isset($E['capital'])) {
$E['capital'] = $U['capital'];
}
if ($submit) {
$sql1 = $sql2 = $sql3 = '';
if (in_array('thumb', $pass) && isset($E['thumb'])) {
if ($U['thumb']) {
delete_upload($U['thumb'], $userid);
}
$sql2 .= ",thumb='" . addslashes($E['thumb']) . "'";
}
if (!submitcheck('confsubmit')) {
shownav('extended', 'misc_focus');
showsubmenu('misc_focus', array(array('config', 'misc&operation=focus&do=config', 1), array('admin', 'misc&operation=focus', 0), array('add', 'misc&operation=focus&do=add', 0)));
showformheader('misc&operation=focus&do=config');
showtableheader('config', 'fixpadding');
showsetting('misc_focus_area_title', 'focus_title', empty($focus['title']) ? cplang('misc_focus') : $focus['title'], 'text');
showsetting('misc_focus_area_cookie', 'focus_cookie', empty($focus['cookie']) ? 0 : $focus['cookie'], 'text');
showsubmit('confsubmit', 'submit');
showtablefooter();
showformfooter();
} else {
$focus['title'] = trim($_G['gp_focus_title']);
$focus['title'] = empty($focus['title']) ? cplang('misc_focus') : $focus['title'];
$focus['cookie'] = trim(intval($_G['gp_focus_cookie']));
$focus['cookie'] = empty($focus['cookie']) ? 0 : $focus['cookie'];
DB::insert('common_setting', array('skey' => 'focus', 'svalue' => addslashes(serialize(dstripslashes($focus)))), false, true);
updatecache(array('setting', 'focus'));
cpmsg('focus_conf_succeed', 'action=misc&operation=focus&do=config', 'succeed');
}
}
} elseif ($operation == 'checkstat') {
if ($statid && $statkey) {
$q = "statid={$statid}&statkey={$statkey}";
$q = rawurlencode(base64_encode($q));
$url = 'http://stat.discuz.com/stat_ins.php?action=checkstat&q=' . $q;
$key = dfsockopen($url);
$newstatdisable = $key == $statkey ? 0 : 1;
if ($newstatdisable != $statdisable) {
DB::query("REPLACE " . DB::table('common_setting') . " SET skey='statdisable', svalue='{$newstatdisable}'");
require_once libfile('function/cache');
updatecache('setting');