$note_message = 'share_album'; $note_values = array('url' => "home.php?mod=space&uid={$album['uid']}&do=album&id={$album['albumid']}", 'albumname' => $album['albumname'], 'from_id' => $id, 'from_idtype' => 'albumid'); break; case 'pic': $feed_hash_data = "picid{$id}"; $query = DB::query("SELECT album.username, album.albumid, album.albumname, album.friend, pf.*, pic.*\r\n\t\t\t\tFROM " . DB::table('home_pic') . " pic\r\n\t\t\t\tLEFT JOIN " . DB::table('home_picfield') . " pf ON pf.picid=pic.picid\r\n\t\t\t\tLEFT JOIN " . DB::table('home_album') . " album ON album.albumid=pic.albumid\r\n\t\t\t\tWHERE pic.picid='{$id}'"); if (!($pic = DB::fetch($query))) { showmessage('image_does_not_exist'); } if (in_array($pic['status'], array(1, 2))) { showmessage('moderate_pic_not_share'); } if ($pic['friend']) { showmessage('image_can_not_share'); } if (isblacklist($pic['uid'])) { showmessage('is_blacklist'); } if (empty($pic['albumid'])) { $pic['albumid'] = 0; } if (empty($pic['albumname'])) { $pic['albumname'] = lang('spacecp', 'default_albumname'); } $arr['itemid'] = $id; $arr['fromuid'] = $pic['uid']; $arr['title_template'] = lang('spacecp', 'share_image'); $arr['body_template'] = lang('spacecp', 'album') . ': <b>{albumname}</b><br>{username}<br>{title}'; $arr['body_data'] = array('albumname' => "<a href=\"home.php?mod=space&uid={$pic['uid']}&do=album&id={$pic['albumid']}\">{$pic['albumname']}</a>", 'username' => "<a href=\"home.php?mod=space&uid={$pic['uid']}\">" . $pic['username'] . "</a>", 'title' => getstr($pic['title'], 100, 0, 1, 0, -1)); $arr['image'] = pic_get($pic['filepath'], 'album', $pic['thumb'], $pic['remote']); $arr['image_link'] = "home.php?mod=space&uid={$pic['uid']}&do=album&picid={$pic['picid']}";
break; } $query = $_SGLOBAL['db']->query($sql); if (!($item = $_SGLOBAL['db']->fetch_array($query))) { showmessage('click_item_error'); } $hash = md5($item['uid'] . "\t" . $item['dateline']); if ($_GET['op'] == 'add') { if (!checkperm('allowclick') || $_GET['hash'] != $hash) { showmessage('no_privilege'); } if ($item['uid'] == $_SGLOBAL['supe_uid']) { showmessage('click_no_self'); } //Blacklist if (isblacklist($item['uid'])) { showmessage('is_blacklist'); } //Check for click $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('clickuser') . " WHERE uid='{$space['uid']}' AND id='{$id}' AND idtype='{$idtype}'"); if ($value = $_SGLOBAL['db']->fetch_array($query)) { showmessage('click_have'); } //Involved in $setarr = array('uid' => $space['uid'], 'username' => $_SGLOBAL['supe_username'], 'id' => $id, 'idtype' => $idtype, 'clickid' => $clickid, 'dateline' => $_SGLOBAL['timestamp']); inserttable('clickuser', $setarr); //Increase click number $_SGLOBAL['db']->query("UPDATE {$tablename} SET click_{$clickid}=click_{$clickid}+1 WHERE {$idtype}='{$id}'"); //Update Hot hot_update($idtype, $id, $item['hotuser']); //Real name
include_once S_ROOT . './data/data_eventclass.php'; $arr['image'] = $_SGLOBAL['eventclass'][$event['classid']]['poster']; } $arr['image_link'] = "space.php?do=event&id={$event['eventid']}"; $hotarr = array('eventid', $event['eventid'], $event['hotuser']); break; case 'poll': $query = $_SGLOBAL['db']->query("SELECT p.*,pf.* FROM " . tname('poll') . " p\r\n\t\t\t\tLEFT JOIN " . tname('pollfield') . " pf ON pf.pid=p.pid\r\n\t\t\t\tWHERE p.pid='{$id}'"); if (!($poll = $_SGLOBAL['db']->fetch_array($query))) { showmessage('poll_does_not_exist'); } if ($poll['uid'] == $space['uid']) { showmessage('share_not_self'); } //Blacklist if (isblacklist($poll['uid'])) { showmessage('is_blacklist'); } // real name realname_set($poll['uid'], $poll['username']); realname_get(); $arr['title_template'] = cplang('share_poll', array($poll['percredit'] ? cplang('reward') : '')); $arr['body_template'] = '<b>{subject}</b><br>{user}<br>{option}'; $optionstr = ''; $poll['option'] = unserialize($poll['option']); foreach ($poll['option'] as $key => $val) { $optionstr .= '<input type="' . ($poll['multiple'] ? 'checkbox' : 'radio') . '" disabled name="poll_' . $key . '"/>' . $val . '<br/>'; } $arr['body_data'] = array('user' => "<a href=\"space.php?uid={$poll['uid']}\">" . $_SN[$poll['uid']] . "</a>", 'subject' => "<a href=\"space.php?uid={$poll['uid']}&do=poll&pid={$poll['pid']}\">{$poll['subject']}</a>", 'option' => $optionstr); // notice $note_uid = $poll['uid'];
$multi = multi($count, $perpage, $page, $theurl); } elseif ($op == 'acceptinvite') { //Accept the invitation if (!$eventid) { showmessage("event_does_not_exist"); // Event does not exist or has been deleted } $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("eventinvite") . " WHERE eventid='{$eventid}' AND touid='{$_SGLOBAL['supe_uid']}' LIMIT 1"); $eventinvite = $_SGLOBAL['db']->fetch_array($query); if (!$eventinvite) { showmessage('eventinvite_does_not_exist'); //You do not have the event invitation } $_SGLOBAL['db']->query("DELETE FROM " . tname("eventinvite") . " WHERE eventid='{$eventid}' AND touid='{$_SGLOBAL['supe_uid']}'"); $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET eventinvitenum=eventinvitenum-1 WHERE uid = '{$_SGLOBAL['supe_uid']}' AND eventinvitenum>0"); if (isblacklist($event['uid'])) { showmessage('is_blacklist'); //Blacklist } if ($_SGLOBAL['timestamp'] > $event['endtime']) { showmessage('event_is_over'); // Event is over } if ($_SGLOBAL['timestamp'] > $event['deadline']) { showmessage("event_meet_deadline"); // Activities have been Deadline } if ($event['limitnum'] > 0 && $event['membernum'] >= $event['limitnum']) { showmessage('event_already_full'); //Event Number of members is full }
function IHomeServiceVoteComplainOperation($params = NULL) { global $_SGLOBAL; if ($params['uid']) { if ($params['uid'] <= 0) { $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter uid must be a positive integer."); return json_encode($errorMsg); } else { $query = $_SGLOBAL['db']->query("select username,name from " . tname('space') . " where uid = " . $params['uid']); if ($row = $_SGLOBAL['db']->fetch_array($query)) { if ($row['name']) { $params['uname'] = $row['name']; } else { $params['uname'] = $row['username']; } } else { $errorMsg = array("errorNo" => "500", "content" => "the uid is not exist"); return json_encode($errorMsg); } } } else { $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter uid is not exist or is not a positive integer."); return json_encode($errorMsg); } if ($params['complainId']) { if ($params['complainId'] <= 0) { $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter complainId must be a positive integer."); return json_encode($errorMsg); } else { $query = $_SGLOBAL['db']->query("select uname from " . tname('complain') . " where doid = " . $params['complainId']); if ($row = $_SGLOBAL['db']->fetch_array($query)) { if (isblacklist($row['uid'])) { $errorMsg = array("errorNo" => "500", "content" => "the user of complain is in blacklist."); return json_encode($errorMsg); } } else { $errorMsg = array("errorNo" => "500", "content" => "the complain id is not exist"); return json_encode($errorMsg); } } } else { $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter complainId is not exist or is not a positive integer."); return json_encode($errorMsg); } if ($params['reply_id']) { if ($params['reply_id'] <= 0) { $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter reply_id must be a positive integer."); return json_encode($errorMsg); } else { $query = $_SGLOBAL['db']->query("select * from " . tname('complain_op') . " where id = " . $params['reply_id']); if (!($row = $_SGLOBAL['db']->fetch_array($query))) { $errorMsg = array("errorNo" => "4001", "content" => "the reply_id isn't exist."); return json_encode($errorMsg); } } } else { $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter reply_id is not exist or is not a positive integer."); return json_encode($errorMsg); } if (!$params['vote']) { $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter.the parameter vote is not exist."); return json_encode($errorMsg); } else { if ($params['vote'] != 'up' & $params['vote'] != 'down') { $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct.the parameter vote is our of range."); return json_encode($errorMsg); } } # check over $query = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where doid=" . $params['complainId']); $complain = $_SGLOBAL['db']->fetch_array($query); # checked if ($params['vote'] == 'up') { $query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']); $updown = $_SGLOBAL['db']->fetch_array($query); if (!empty($updown)) { if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 2) { $errorMsg = array("errorNo" => "403", "content" => "updown again"); return json_encode($errorMsg); } $_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 1"); $_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum-1 where id=" . $params['reply_id']); $_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum-1,updownnum=updownnum-1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")"); } else { $downarr = array(); $downarr['opid'] = $params['reply_id']; $downarr['uid'] = $params['uid']; $downarr['updown'] = 1; $downarr['username'] = $params['uname']; $downarr['dateline'] = $_SGLOBAL['timestamp']; $_SGLOBAL['db']->query("update " . tname('complain_dep') . " set upnum=upnum+1,updownnum=updownnum+1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id= " . $params['reply_id'] . ")"); inserttable("complain_op_updown", $downarr); $_SGLOBAL['db']->query("update " . tname('complain_op') . " set upnum=upnum+1 where id=" . $params['reply_id']); $q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1"); if ($r = $_SGLOBAL['db']->fetch_array($q)) { updatetable('complain', array('status' => 2), array('id' => $r['id'])); $oparr = array(); $oparr['doid'] = $params['complainId']; $oparr['message'] = ''; $oparr['uid'] = $params['uid']; $oparr['username'] = $params['uname']; $oparr['optype'] = 6; $oparr['dateline'] = $_SGLOBAL['timestamp']; $oparr['opvalue'] = 1; inserttable("complain_op", $oparr); } } } else { if ($params['vote'] == 'down') { $query = $_SGLOBAL['db']->query("select * from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid']); $updown = $_SGLOBAL['db']->fetch_array($query); if (!empty($updown)) { if ($updown['uid'] == $complain['uid'] || $updown['updown'] == 1) { $errorMsg = array("errorNo" => "403", "content" => "updown again"); return json_encode($errorMsg); } $_SGLOBAL['db']->query("delete from " . tname("complain_op_updown") . " where opid = " . $params['reply_id'] . " and uid = " . $params['uid'] . " and updown = 2"); $_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum-1 where id=" . $params['reply_id']); $_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum-1,updownnum=updownnum-1,score=score+1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")"); } else { $downarr = array(); $downarr['opid'] = $params['reply_id']; $downarr['uid'] = $params['uid']; $downarr['updown'] = 2; $downarr['username'] = $params['uname']; $downarr['dateline'] = $_SGLOBAL['timestamp']; inserttable("complain_op_updown", $downarr); $_SGLOBAL['db']->query("update " . tname('complain_dep') . " set downnum=downnum+1,updownnum=updownnum+1,score=score-1 where uid in (select uid from " . tname("complain_op") . " where id=" . $params['reply_id'] . ")"); $_SGLOBAL['db']->query("update " . tname('complain_op') . " set downnum=downnum+1 where id=" . $params['reply_id']); $sql = "select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1"; $q = $_SGLOBAL['db']->query("select * from " . tname('complain') . " where uid=" . $params['uid'] . " and doid=" . $params['complainId'] . " and lastopid=" . $params['reply_id'] . " and status=1"); if ($r = $_SGLOBAL['db']->fetch_array($q)) { updatetable('complain', array('status' => 0, 'lastopid' => 0, 'dateline' => $_SGLOBAL['timestamp'], 'times' => 1, 'issendmsg' => 0), array('id' => $r['id'])); $note = cplang("complain_down", array("space.php?do=complain_item&doid={$complain['doid']}")); notification_complain_add($complain["atuid"], "complain", $note); $oparr = array(); $oparr['doid'] = $params['complainId']; $oparr['message'] = ''; $oparr['uid'] = $params['uid']; $oparr['username'] = $params['uname']; $oparr['optype'] = 5; $oparr['dateline'] = $_SGLOBAL['timestamp']; $oparr['opvalue'] = 1; inserttable("complain_op", $oparr); } } } } }
function notification_add($uid, $type, $note, $returnid = 0, $system = 0) { global $_SGLOBAL; //获取对方的筛选条件 $tospace = getspace($uid); if (isblacklist($uid)) { return; } //更新我的好友关系热度 if ($_SGLOBAL['supe_uid']) { addfriendnum($tospace['uid'], $tospace['username']); } $authorid = $system ? 0 : $_SGLOBAL['supe_uid']; $setarr = array('uid' => $uid, 'type' => $type, 'new' => 1, 'authorid' => $authorid, 'author' => $_SGLOBAL['supe_username'], 'note' => addslashes(sstripslashes($note)), 'dateline' => $_SGLOBAL['timestamp']); $filter = empty($tospace['privacy']['filter_note']) ? array() : array_keys($tospace['privacy']['filter_note']); if (cknote_uid($setarr, $filter)) { //更新用户通知 $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid='{$uid}'"); if ($returnid) { return inserttable('notification', $setarr, $returnid); } else { inserttable('notification', $setarr); } } }
function add_comment($message, $id, $idtype, $cid = 0) { global $_G, $bbcode; $allowcomment = false; switch ($idtype) { case 'uid': $allowcomment = helper_access::check_module('wall'); break; case 'picid': $allowcomment = helper_access::check_module('album'); break; case 'blogid': $allowcomment = helper_access::check_module('blog'); break; case 'sid': $allowcomment = helper_access::check_module('share'); break; } if (!$allowcomment) { showmessage('quickclear_noperm'); } $summay = getstr($message, 150, 0, 0, 0, -1); $comment = array(); if ($cid) { $comment = C::t('home_comment')->fetch_by_id_idtype($id, $idtype, $cid); if ($comment && $comment['authorid'] != $_G['uid']) { $comment['message'] = preg_replace("/\\<div class=\"quote\"\\>\\<blockquote\\>.*?\\<\\/blockquote\\>\\<\\/div\\>/is", '', $comment['message']); $comment['message'] = $bbcode->html2bbcode($comment['message']); $message = "<div class=\"quote\"><blockquote><b>" . $comment['author'] . "</b>: " . getstr($comment['message'], 150, 0, 0, 2, 1) . '</blockquote></div>' . $message; if ($comment['idtype'] == 'uid') { $id = $comment['authorid']; } } else { $comment = array(); } } $hotarr = array(); $stattype = ''; $tospace = $pic = $blog = $album = $share = $poll = array(); switch ($idtype) { case 'uid': $tospace = getuserbyuid($id); $stattype = 'wall'; break; case 'picid': $pic = C::t('home_pic')->fetch($id); if (empty($pic)) { showmessage('view_images_do_not_exist'); } $picfield = C::t('home_picfield')->fetch($id); $pic['hotuser'] = $picfield['hotuser']; $tospace = getuserbyuid($pic['uid']); $album = array(); if ($pic['albumid']) { $query = C::t('home_album')->fetch($pic['albumid']); if (!$query['albumid']) { C::t('home_pic')->update_for_albumid($albumid, array('albumid' => 0)); } } if (!ckfriend($album['uid'], $album['friend'], $album['target_ids'])) { showmessage('no_privilege_ckfriend_pic'); } elseif (!$tospace['self'] && $album['friend'] == 4) { $cookiename = "view_pwd_album_{$album['albumid']}"; $cookievalue = empty($_G['cookie'][$cookiename]) ? '' : $_G['cookie'][$cookiename]; if ($cookievalue != md5(md5($album['password']))) { showmessage('no_privilege_ckpassword_pic'); } } $hotarr = array('picid', $pic['picid'], $pic['hotuser']); $stattype = 'piccomment'; break; case 'blogid': $blog = array_merge(C::t('home_blog')->fetch($id), C::t('home_blogfield')->fetch_targetids_by_blogid($id)); if (empty($blog)) { showmessage('view_to_info_did_not_exist'); } $tospace = getuserbyuid($blog['uid']); if (!ckfriend($blog['uid'], $blog['friend'], $blog['target_ids'])) { showmessage('no_privilege_ckfriend_blog'); } elseif (!$tospace['self'] && $blog['friend'] == 4) { $cookiename = "view_pwd_blog_{$blog['blogid']}"; $cookievalue = empty($_G['cookie'][$cookiename]) ? '' : $_G['cookie'][$cookiename]; if ($cookievalue != md5(md5($blog['password']))) { showmessage('no_privilege_ckpassword_blog'); } } if (!empty($blog['noreply'])) { showmessage('do_not_accept_comments'); } if ($blog['target_ids']) { $blog['target_ids'] .= ",{$blog['uid']}"; } $hotarr = array('blogid', $blog['blogid'], $blog['hotuser']); $stattype = 'blogcomment'; break; case 'sid': $share = C::t('home_share')->fetch($id); if (empty($share)) { showmessage('sharing_does_not_exist'); } $tospace = getuserbyuid($share['uid']); $hotarr = array('sid', $share['sid'], $share['hotuser']); $stattype = 'sharecomment'; break; default: showmessage('non_normal_operation'); break; } if (empty($tospace)) { showmessage('space_does_not_exist', '', array(), array('return' => true)); } if (isblacklist($tospace['uid'])) { showmessage('is_blacklist'); } if ($hotarr && $tospace['uid'] != $_G['uid']) { hot_update($hotarr[0], $hotarr[1], $hotarr[2]); } $fs = array(); $fs['icon'] = 'comment'; $fs['target_ids'] = ''; $fs['friend'] = ''; $fs['body_template'] = ''; $fs['body_data'] = array(); $fs['body_general'] = ''; $fs['images'] = array(); $fs['image_links'] = array(); switch ($idtype) { case 'uid': $fs['icon'] = 'wall'; $fs['title_template'] = 'feed_comment_space'; $fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">{$tospace['username']}</a>"); break; case 'picid': $fs['title_template'] = 'feed_comment_image'; $fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">" . $tospace['username'] . "</a>"); $fs['body_template'] = '{pic_title}'; $fs['body_data'] = array('pic_title' => $pic['title']); $fs['body_general'] = $summay; $fs['images'] = array(pic_get($pic['filepath'], 'album', $pic['thumb'], $pic['remote'])); $fs['image_links'] = array("home.php?mod=space&uid={$tospace['uid']}&do=album&picid={$pic['picid']}"); $fs['target_ids'] = $album['target_ids']; $fs['friend'] = $album['friend']; break; case 'blogid': C::t('home_blog')->increase($id, 0, array('replynum' => 1)); $fs['title_template'] = 'feed_comment_blog'; $fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">" . $tospace['username'] . "</a>", 'blog' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}&do=blog&id={$id}\">{$blog['subject']}</a>"); $fs['target_ids'] = $blog['target_ids']; $fs['friend'] = $blog['friend']; break; case 'sid': $fs['title_template'] = 'feed_comment_share'; $fs['title_data'] = array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">" . $tospace['username'] . "</a>", 'share' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}&do=share&id={$id}\">" . str_replace(lang('spacecp', 'share_action'), '', $share['title_template']) . "</a>"); break; } $message = censor($message); if (censormod($message)) { $comment_status = 1; } else { $comment_status = 0; } $setarr = array('uid' => $tospace['uid'], 'id' => $id, 'idtype' => $idtype, 'authorid' => $_G['uid'], 'author' => $_G['username'], 'dateline' => $_G['timestamp'], 'message' => $message, 'ip' => $_G['clientip'], 'port' => $_G['remoteport'], 'status' => $comment_status); $cid = C::t('home_comment')->insert($setarr, true); $action = 'comment'; $becomment = 'getcomment'; $note = $q_note = ''; $note_values = $q_values = array(); switch ($idtype) { case 'uid': $n_url = "home.php?mod=space&uid={$tospace['uid']}&do=wall&cid={$cid}"; $note_type = 'wall'; $note = 'wall'; $note_values = array('url' => $n_url); $q_note = 'wall_reply'; $q_values = array('url' => $n_url); if ($comment) { $msg = 'note_wall_reply_success'; $magvalues = array('username' => $tospace['username']); $becomment = ''; } else { $msg = 'do_success'; $magvalues = array(); $becomment = 'getguestbook'; } $action = 'guestbook'; break; case 'picid': $n_url = "home.php?mod=space&uid={$tospace['uid']}&do=album&picid={$id}&cid={$cid}"; $note_type = 'comment'; $note = 'pic_comment'; $note_values = array('url' => $n_url); $q_note = 'pic_comment_reply'; $q_values = array('url' => $n_url); $msg = 'do_success'; $magvalues = array(); break; case 'blogid': $n_url = "home.php?mod=space&uid={$tospace['uid']}&do=blog&id={$id}&cid={$cid}"; $note_type = 'comment'; $note = 'blog_comment'; $note_values = array('url' => $n_url, 'subject' => $blog['subject']); $q_note = 'blog_comment_reply'; $q_values = array('url' => $n_url); $msg = 'do_success'; $magvalues = array(); break; case 'sid': $n_url = "home.php?mod=space&uid={$tospace['uid']}&do=share&id={$id}&cid={$cid}"; $note_type = 'comment'; $note = 'share_comment'; $note_values = array('url' => $n_url); $q_note = 'share_comment_reply'; $q_values = array('url' => $n_url); $msg = 'do_success'; $magvalues = array(); break; } if (empty($comment)) { if ($tospace['uid'] != $_G['uid']) { if (ckprivacy('comment', 'feed')) { require_once libfile('function/feed'); $fs['title_data']['hash_data'] = "{$idtype}{$id}"; feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general'], $fs['images'], $fs['image_links'], $fs['target_ids'], $fs['friend']); } $note_values['from_id'] = $id; $note_values['from_idtype'] = $idtype; $note_values['url'] .= "&goto=new#comment_{$cid}_li"; notification_add($tospace['uid'], $note_type, $note, $note_values); } } elseif ($comment['authorid'] != $_G['uid']) { notification_add($comment['authorid'], $note_type, $q_note, $q_values); } if ($comment_status == 1) { updatemoderate($idtype . '_cid', $cid); manage_addnotify('verifycommontes'); } if ($stattype) { include_once libfile('function/stat'); updatestat($stattype); } if ($tospace['uid'] != $_G['uid']) { $needle = $id; if ($idtype != 'uid') { $needle = $idtype . $id; } else { $needle = $tospace['uid']; } updatecreditbyaction($action, 0, array(), $needle); if ($becomment) { if ($idtype == 'uid') { $needle = $_G['uid']; } updatecreditbyaction($becomment, $tospace['uid'], array(), $needle); } } C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp']), 'UNBUFFERED'); $magvalues['cid'] = $cid; return array('cid' => $cid, 'msg' => $msg, 'magvalues' => $magvalues); }
} //检测用户 if ($uid == $_SGLOBAL['supe_uid']) { showmessage('friend_self_error'); } if ($space['friends'] && in_array($uid, $space['friends'])) { showmessage('you_have_friends'); } //实名认证 ckrealname('friend'); $tospace = getspace($uid); if (empty($tospace)) { showmessage('space_does_not_exist'); } //黑名单 if (isblacklist($tospace['uid'])) { showmessage('is_blacklist'); } //用户组 $groups = getfriendgroup(); //检测现在状态 $status = getfriendstatus($_SGLOBAL['supe_uid'], $uid); if ($status == 1) { showmessage('you_have_friends'); } else { //检查数目 $maxfriendnum = checkperm('maxfriendnum'); if ($maxfriendnum && $space['friendnum'] >= $maxfriendnum + $space['addfriend']) { if ($_SGLOBAL['magic']['friendnum']) { showmessage('enough_of_the_number_of_friends_with_magic'); } else {
include_once 'do_mobileverify.php'; //$userid = 96; //$username = '******'; $Body = trim($_POST['message']); //$Body ='This is a message.'; //$type = 'doing'; //$id = 484; $type = trim($_POST['type']); $id = intval($_POST['typeid']); $FromDevice = trim($_POST['fromdevice']); //am 修改 start //检查类别 switch ($type) { case 'space': $tospace = getspace($id); if ($id == $space['uid'] || empty($tospace) || isblacklist($tospace['uid'])) { $arrs = array('flag' => 'fail'); $result = json_encode($arrs); $result = preg_replace("#\\\\u([0-9a-f]{4})#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result); echo $result; exit; } $arr['title_template'] = cplang('share_space'); $arr['body_template'] = '<b>{username}</b><br>{reside}<br>{spacenote}'; $arr['body_data'] = array('username' => "<a href=\"space.php?uid={$id}\">" . $_SN[$tospace['uid']] . "</a>", 'reside' => $tospace['resideprovince'] . $tospace['residecity'], 'spacenote' => $tospace['spacenote']); $arr['image'] = ckavatar($id) ? avatar($id, 'middle', true) : UC_API . '/images/noavatar_middle.gif'; $arr['image_link'] = "space.php?uid={$id}"; //通知 $note_uid = $id; $note_message = cplang('note_share_space'); break;
private function _pmSend($res, $data) { global $_G; $touid = (int) $data['toUid']; $pmid = (int) $data['pmid']; $_GET['topmuid'] = $touid; $_POST['message'] = $this->_transMessage($data['msg']); $_POST['subject'] = ''; $users = array(); $type = 0; $waittime = interval_check('post'); if ($waittime > 0) { // showmessage('message_can_not_send_2', '', array(), array('return' => true)); return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_2')); } if (($checkMessage = mobcent_cknewuser()) != '') { return $this->makeErrorInfo($res, WebUtils::emptyHtml($checkMessage)); } if (!checkperm('allowsendpm')) { // showmessage('no_privilege_sendpm', '', array(), array('return' => true)); return $this->makeErrorInfo($res, 'no_privilege_sendpm'); } if ($touid) { if (isblacklist($touid)) { // showmessage('is_blacklist', '', array(), array('return' => true)); return $this->makeErrorInfo($res, lang('message', 'is_blacklist')); } } // !($_G['group']['exempt'] & 1) && checklowerlimit('sendpm', 0, $coef); $message = (!empty($_POST['messageappend']) ? $_POST['messageappend'] . "\n" : '') . trim($_POST['message']); if (empty($message)) { // showmessage('unable_to_send_air_news', '', array(), array('return' => true)); return $this->makeErrorInfo($res, lang('message', 'unable_to_send_air_news')); } // $message = censor($message); loadcache(array('smilies', 'smileytypes')); foreach ($_G['cache']['smilies']['replacearray'] as $key => $smiley) { $_G['cache']['smilies']['replacearray'][$key] = '[img]' . $_G['siteurl'] . 'static/image/smiley/' . $_G['cache']['smileytypes'][$_G['cache']['smilies']['typearray'][$key]]['directory'] . '/' . $smiley . '[/img]'; } $message = preg_replace($_G['cache']['smilies']['searcharray'], $_G['cache']['smilies']['replacearray'], $message); $subject = ''; if ($type == 1) { $subject = dhtmlspecialchars(trim($_POST['subject'])); } include_once libfile('function/friend'); $return = 0; if ($touid || $pmid) { if ($touid) { if ($value = getuserbyuid($touid)) { $value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2); if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && friend_check($touid)) { $return = sendpm($touid, $subject, $message, '', 0, 0, $type); } else { // showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true)); return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_onlyfriend')); } } else { // showmessage('message_bad_touid', '', array(), array('return' => true)); return $this->makeErrorInfo($res, lang('message', 'message_bad_touid')); } } else { $topmuid = intval($_GET['topmuid']); $return = sendpm($topmuid, $subject, $message, '', $pmid, 0); } } elseif ($users) { $newusers = $uidsarr = $membersarr = array(); if ($users) { $membersarr = C::t('common_member')->fetch_all_by_username($users); foreach ($membersarr as $aUsername => $aUser) { $uidsarr[] = $aUser['uid']; } } if (empty($membersarr)) { showmessage('message_bad_touser', '', array(), array('return' => true)); } if (isset($membersarr[$_G['uid']])) { showmessage('message_can_not_send_to_self', '', array(), array('return' => true)); } friend_check($uidsarr); foreach ($membersarr as $key => $value) { $value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2); if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && $_G['home_friend_' . $value['uid'] . '_' . $_G['uid']]) { $newusers[$value['uid']] = $value['username']; unset($users[array_search($value['username'], $users)]); } } if (empty($newusers)) { showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true)); } foreach ($newusers as $key => $value) { if (isblacklist($key)) { showmessage('is_blacklist', '', array(), array('return' => true)); } } $coef = count($newusers); $return = sendpm(implode(',', $newusers), $subject, $message, '', 0, 1, $type); } else { // showmessage('message_can_not_send_9', '', array(), array('return' => true)); return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_9')); } if ($return > 0) { include_once libfile('function/stat'); updatestat('sendpm', 0, $coef); C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP)); !($_G['group']['exempt'] & 1) && updatecreditbyaction('sendpm', 0, array(), '', $coef); if (!empty($newusers)) { if ($type == 1) { $returnurl = 'home.php?mod=space&do=pm&filter=privatepm'; } else { $returnurl = 'home.php?mod=space&do=pm'; } showmessage(count($users) ? 'message_send_result' : 'do_success', $returnurl, array('users' => implode(',', $users), 'succeed' => count($newusers))); } else { if (!defined('IN_MOBILE')) { // showmessage('do_success', 'home.php?mod=space&do=pm&subop=view&touid='.$touid, array('pmid' => $return), $_G['inajax'] ? array('msgtype' => 3, 'showmsg' => false) : array()); } else { // showmessage('do_success', 'home.php?mod=space&do=pm&subop=view'.(intval($_POST['touid']) ? '&touid='.intval($_POST['touid']) : ( intval($_POST['plid']) ? '&plid='.intval($_POST['plid']).'&daterange=1&type=1' : '' ))); } $res = $this->makeErrorInfo($res, 'do_success', array('noError' => 1, 'alert' => 0)); $msgInfo = uc_pm_viewnode($_G['uid'], $type, $return); $res['body']['plid'] = (int) $msgInfo['plid']; $res['body']['pmid'] = (int) $msgInfo['pmid']; $res['body']['sendTime'] = $msgInfo['dateline'] . '000'; // ios push UserUtils::pushIOSMessage($touid, 'pm', $_G['username'] . WebUtils::t(' 对 您 说: ') . $message); } } else { if (in_array($return, range(-16, -1))) { // showmessage('message_can_not_send_'.abs($return)); return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_' . abs($return))); } else { // showmessage('message_can_not_send', '', array(), array('return' => true)); return $this->makeErrorInfo($res, lang('message', 'message_can_not_send')); } } return $res; }
private function _adminUser($act, $uid) { global $_G; $errorMsg = ''; require_once libfile('function/spacecp'); require_once libfile('function/home'); require_once libfile('function/friend'); if (friend_request_check($uid) && $act == 'add') { $act = 'add2'; } if ($act == 'add' || $act == 'add2') { if ($uid == $_G['uid']) { $list = $this->makeErrorInfo($res, 'friend_self_error'); $this->_exitWithHtmlAlert($list['errcode']); } if (friend_check($uid)) { $list = $this->makeErrorInfo($res, 'you_have_friends'); $this->_exitWithHtmlAlert($list['errcode']); } $tospace = getuserbyuid($uid); if (empty($tospace)) { $list = $this->makeErrorInfo($res, 'space_does_not_exist'); $this->_exitWithHtmlAlert($list['errcode']); } if (isblacklist($tospace['uid'])) { $list = $this->makeErrorInfo($res, 'is_blacklist'); $this->_exitWithHtmlAlert($list['errcode']); } space_merge($space, 'count'); space_merge($space, 'field_home'); $maxfriendnum = checkperm('maxfriendnum'); if ($maxfriendnum && $space['friends'] >= $maxfriendnum + $space['addfriend']) { if ($_G['magic']['friendnum']) { $list = $this->makeErrorInfo($res, 'enough_of_the_number_of_friends_with_magic'); $this->_exitWithHtmlAlert($list['errcode']); } else { $list = $this->makeErrorInfo($res, 'enough_of_the_number_of_friends'); $this->_exitWithHtmlAlert($list['errcode']); } } if ($act == 'add') { if (!checkperm('allowfriend')) { $list = $this->makeErrorInfo($res, 'no_privilege_addfriend'); $this->_exitWithHtmlAlert($list['errcode']); } if (C::t('home_friend_request')->count_by_uid_fuid($uid, $_G['uid'])) { $list = $this->makeErrorInfo($res, 'waiting_for_the_other_test'); $this->_exitWithHtmlAlert($list['errcode']); } } } require_once libfile('function/friend'); require_once libfile('function/spacecp'); if (!empty($_POST)) { switch ($act) { case 'add': $note = $_GET['note']; if (!friend_request_check($uid)) { $_POST['gid'] = $gid; $_POST['note'] = censor(htmlspecialchars(cutstr($note, strtolower(CHARSET) == 'utf-8' ? 30 : 20, ''))); friend_add($uid, $_POST['gid'], $_POST['note']); $note = array('uid' => $_G['uid'], 'url' => 'home.php?mod=spacecp&ac=friend&op=add&uid=' . $_G['uid'] . '&from=notice', 'from_id' => $_G['uid'], 'from_idtype' => 'friendrequest', 'note' => !empty($_POST['note']) ? lang('spacecp', 'friend_request_note', array('note' => $_POST['note'])) : ''); notification_add($uid, 'friend', 'friend_request', $note); // ios push UserUtils::pushIOSMessage($uid, 'friend', $_G['username'] . WebUtils::t(' 请求加您为好友') . $note['note']); require_once libfile('function/mail'); $values = array('username' => $tospace['username'], 'url' => getsiteurl() . 'home.php?mod=spacecp&ac=friend&op=request'); sendmail_touser($uid, lang('spacecp', 'friend_subject', $values), '', 'friend_add'); $list = $this->makeErrorInfo($res, 'request_has_been_sent'); $this->_exitWithHtmlAlert($list['errcode']); } $this->_exitWithHtmlAlert($res['errcode']); case 'add2': global $_G; require_once libfile('function/home'); $_POST['gid'] = intval($gid); friend_add($uid, $uid); if (ckprivacy('friend', 'feed')) { require_once libfile('function/feed'); feed_add('friend', 'feed_friend_title', array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">{$tospace['username']}</a>")); } notification_add($uid, 'friend', 'friend_add'); // showmessage('friends_add', dreferer(), array('username' => $tospace['username'], 'uid'=>$uid, 'from' => $_GET['from']), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true)); $list = $this->makeErrorInfo($res, 'friends_add', array('{username}' => $tospace['username'])); $this->_exitWithHtmlAlert($list['errcode']); break; case 'ignore': global $_G; require_once libfile('function/friend'); friend_delete($uid); $params['noError'] = 1; $list = $this->makeErrorInfo($res, 'do_success', $params); $this->_exitWithHtmlAlert($list['errcode']); break; case 'shield': global $_G, $space; // $type = empty($_GET['type'])?'':preg_replace("/[^0-9a-zA-Z\_\-\.]/", '', $_GET['type']); // if(submitcheck('ignoresubmit')) { $authorid = empty($_POST['authorid']) ? 0 : intval($_POST['authorid']); $type = 'friend'; if ($type) { $type_uid = $type . '|' . $authorid; if (empty($space['privacy']['filter_note']) || !is_array($space['privacy']['filter_note'])) { $space['privacy']['filter_note'] = array(); } $space['privacy']['filter_note'][$type_uid] = $type_uid; privacy_update(); } $this->_exitWithHtmlAlert('do_success'); // showmessage('do_success', dreferer(), array(), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true)); // } $formid = random(8); break; default: $errorMsg = '错误的动作参数'; break; } } else { if ($act == 'add') { require_once libfile('function/friend'); $groups = $this->_getFriendGroupList(); $tospace = getuserbyuid($uid); } elseif ($act == 'add2') { require_once libfile('function/friend'); $groups = $this->_getFriendGroupList(); $tospace = $this->_getFriendUserByUid($uid); } } $this->getController()->renderPartial('userAdmin', array('formUrl' => WebUtils::createUrl_oldVersion('user/useradminview', array('uid' => $uid, 'act' => $act, 'type' => $type)), 'errorMsg' => $errorMsg, 'action' => $act, '_G' => $_G, 'groups' => $groups, 'tospace' => $tospace)); }
$arr['title_template'] = cplang('share_image'); $arr['body_template'] = cplang('album') . ': <b>{albumname}</b><br>{username}<br>{title}'; $arr['body_data'] = array('albumname' => "<a href=\"space.php?uid={$pic['uid']}&do=album&id={$pic['albumid']}\">{$pic['albumname']}</a>", 'username' => "<a href=\"space.php?uid={$pic['uid']}\">" . $_SN[$pic['uid']] . "</a>", 'title' => getstr($pic['title'], 100, 0, 1, 0, 0, -1)); $arr['image'] = mkpicurl($pic); $arr['image_link'] = "space.php?uid={$pic['uid']}&do=album&picid={$pic['picid']}"; //通知 $note_uid = $pic['uid']; $note_message = cplang('note_share_pic', array("space.php?uid={$pic['uid']}&do=album&picid={$pic['picid']}", $pic['albumname'])); break; case 'thread': $query = $_SGLOBAL['db']->query("SELECT t.*, p.message FROM " . tname('thread') . " t\r\n\t\t\t\tLEFT JOIN " . tname('post') . " p ON p.tid=t.tid AND p.isthread='1'\r\n\t\t\t\tWHERE t.tid='{$id}'"); if (!($thread = $_SGLOBAL['db']->fetch_array($query))) { showmessage('topics_does_not_exist'); } //黑名单 if (isblacklist($thread['uid'])) { showmessage('is_blacklist'); } include_once S_ROOT . './data/data_profield.php'; $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('mtag') . " WHERE tagid='{$thread['tagid']}'"); $mtag = $_SGLOBAL['db']->fetch_array($query); $mtag['title'] = $_SGLOBAL['profield'][$mtag['fieldid']]['title']; //实名 realname_set($thread['uid'], $thread['username']); realname_get(); $arr['title_template'] = cplang('share_thread'); $arr['body_template'] = '<b>{subject}</b><br>{username}<br>' . cplang('mtag') . ': {mtag} ({field})<br>{message}'; $arr['body_data'] = array('subject' => "<a href=\"space.php?uid={$thread['uid']}&do=thread&id={$thread['tid']}\">{$thread['subject']}</a>", 'username' => "<a href=\"space.php?uid={$thread['uid']}\">" . $_SN[$thread['uid']] . "</a>", 'mtag' => "<a href=\"space.php?do=mtag&tagid={$mtag['tagid']}\">{$mtag['tagname']}</a>", 'field' => "<a href=\"space.php?do=mtag&id={$mtag['fieldid']}\">{$mtag['title']}</a>", 'message' => getstr($thread['message'], 150, 0, 1, 0, 0, -1)); $arr['image'] = ''; $arr['image_link'] = ''; //通知
include_once S_ROOT . './source/function_delete.php'; if (deleteblogs(array($blogid))) { showmessage('do_success', "space.php?uid={$blog['uid']}&do=blog&view=me"); } else { showmessage('failed_to_delete_operation'); } } } elseif ($_GET['op'] == 'trace') { if (!checkperm('allowtrace')) { showmessage('no_privilege'); } if ($blog['uid'] == $_SGLOBAL['supe_uid']) { showmessage('trace_no_self'); } //黑名单 if (isblacklist($blog['uid'])) { showmessage('is_blacklist'); } //检查是否留过脚印 $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('trace') . " WHERE blogid='{$blog['blogid']}' AND uid='{$_SGLOBAL['supe_uid']}'"); if ($value = $_SGLOBAL['db']->fetch_array($query)) { showmessage('trace_have'); } else { $setarr = array('blogid' => $blog['blogid'], 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp']); inserttable('trace', $setarr, 0, true); //更新日志脚印数 $_SGLOBAL['db']->query("UPDATE " . tname('blog') . " SET tracenum=tracenum+1 WHERE blogid='{$blog['blogid']}'"); //发送通知 notification_add($blog['uid'], 'blogtrace', cplang('note_blog_trace', array("space.php?uid={$blog['uid']}&do=blog&id={$blog['blogid']}", $blog['subject']))); //feed if (ckprivacy('trace', 1)) {
private function _userFriendSetting($res, $uid, $gid, $note) { global $_G; require_once libfile('function/friend'); require_once libfile('function/spacecp'); require_once libfile('function/home'); if (!checkperm('allowfriend')) { return $this->makeErrorInfo($res, 'no_privilege_addfriend'); } if ($uid == $_G['uid']) { return $this->makeErrorInfo($res, 'friend_self_error'); } if (friend_check($uid)) { return $this->makeErrorInfo($res, 'you_have_friends'); } $tospace = getuserbyuid($uid); if (empty($tospace)) { return $this->makeErrorInfo($res, 'space_does_not_exist'); } if (isblacklist($tospace['uid'])) { return $this->makeErrorInfo($res, 'is_blacklist'); } // $res['body']['gidInfo'] = $this->_getFriendGroupList(); space_merge($space, 'count'); space_merge($space, 'field_home'); $maxfriendnum = checkperm('maxfriendnum'); if ($maxfriendnum && $space['friends'] >= $maxfriendnum + $space['addfriend']) { if ($_G['magic']['friendnum']) { return $this->makeErrorInfo($res, 'enough_of_the_number_of_friends_with_magic'); } else { return $this->makeErrorInfo($res, 'enough_of_the_number_of_friends'); } } if (friend_request_check($uid)) { // if(submitcheck('add2submit')) { $_POST['gid'] = intval($gid); friend_add($uid, $uid); if (ckprivacy('friend', 'feed')) { require_once libfile('function/feed'); feed_add('friend', 'feed_friend_title', array('touser' => "<a href=\"home.php?mod=space&uid={$tospace['uid']}\">{$tospace['username']}</a>")); } notification_add($uid, 'friend', 'friend_add'); // showmessage('friends_add', dreferer(), array('username' => $tospace['username'], 'uid'=>$uid, 'from' => $_GET['from']), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true)); return $this->makeErrorInfo($res, 'friends_add', array('{username}' => $tospace['username'])); // } // $op = 'add2'; // $groupselect = empty($space['privacy']['groupname']) ? array(1 => ' checked') : array(); // $navtitle = lang('core', 'title_friend_add'); // include template('home/spacecp_friend'); // exit(); } else { if (C::t('home_friend_request')->count_by_uid_fuid($uid, $_G['uid'])) { return $this->makeErrorInfo($res, 'waiting_for_the_other_test'); } $_POST['gid'] = $gid; $_POST['note'] = censor(htmlspecialchars(cutstr($note, strtolower(CHARSET) == 'utf-8' ? 30 : 20, ''))); friend_add($uid, $_POST['gid'], $_POST['note']); $note = array('uid' => $_G['uid'], 'url' => 'home.php?mod=spacecp&ac=friend&op=add&uid=' . $_G['uid'] . '&from=notice', 'from_id' => $_G['uid'], 'from_idtype' => 'friendrequest', 'note' => !empty($_POST['note']) ? lang('spacecp', 'friend_request_note', array('note' => $_POST['note'])) : ''); notification_add($uid, 'friend', 'friend_request', $note); require_once libfile('function/mail'); $values = array('username' => $tospace['username'], 'url' => getsiteurl() . 'home.php?mod=spacecp&ac=friend&op=request'); sendmail_touser($uid, lang('spacecp', 'friend_subject', $values), '', 'friend_add'); return $this->makeErrorInfo($res, 'request_has_been_sent'); } return $res; }
$arr['body_data'] = array('user' => "<a href=\"space.php?uid={$poll['uid']}\">" . $_SN[$poll['uid']] . "</a>", 'subject' => "<a href=\"space.php?uid={$poll['uid']}&do=poll&pid={$poll['pid']}\">{$poll['subject']}</a>", 'option' => $optionstr); //通知 $note_uid = $poll['uid']; $note_message = cplang('note_share_poll', array("space.php?uid={$poll['uid']}&do=poll&pid={$poll['pid']}", $poll['subject'])); $hotarr = array('pid', $poll['pid'], $poll['hotuser']); break; case 'job': $query = $_SGLOBAL['db']->query("SELECT j.*,jc.description FROM " . tname('job') . " j left join " . tname('job_content_3') . " jc on j.id=jc.jobid where j.id={$id}"); if (!($job = $_SGLOBAL['db']->fetch_array($query))) { showmessage('job_does_not_exist'); } if ($job['uid'] == $space['uid']) { showmessage('share_not_self'); } //黑名单 if (isblacklist($job['uid'])) { showmessage('is_blacklist'); } //实名 realname_set($job['uid']); realname_get(); $arr['title_template'] = cplang('share_job'); $arr['body_template'] = '<b>{subject}</b><br>{username}<br>{message}'; $arr['body_data'] = array('userby' => $_SN[$job['uid']], 'userby_id' => $_job['uid'], 'subject' => "<a href=\"job.php?do=nei&m=view&id={$job['id']}\">{$job['title']}</a>", 'username' => "<a href=\"space.php?uid={$job['uid']}\">" . $_SN[$job['uid']] . "</a>", 'message' => getstr($job['description'], 150, 0, 1, 0, 0, -1)); //通知 $note_uid = $job['uid']; $note_message = cplang('note_share_blog', array("job.php?do=nei&m=view&id={$job['id']}", $job['title'])); break; default: //获得feed $topic = array();
showmessage('should_write_that'); } $updo = array(); if ($id) { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('docomment') . " WHERE id='{$id}'"); $updo = $_SGLOBAL['db']->fetch_array($query); } if (empty($updo) && $doid) { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('doing') . " WHERE doid='{$doid}'"); $updo = $_SGLOBAL['db']->fetch_array($query); } if (empty($updo)) { showmessage('docomment_error'); } else { //黑名单 if (isblacklist($updo['uid'])) { showmessage('is_blacklist'); } } $updo['id'] = intval($updo['id']); $updo['grade'] = intval($updo['grade']); $setarr = array('doid' => $updo['doid'], 'upid' => $updo['id'], 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message, 'ip' => getonlineip(), 'grade' => $updo['grade'] + 1); //最多层级 if ($updo['grade'] >= 3) { $setarr['upid'] = $updo['upid']; //更母一个级别 } $newid = inserttable('docomment', $setarr, 1); //更新回复数 $_SGLOBAL['db']->query("UPDATE " . tname('doing') . " SET replynum=replynum+1 WHERE doid='{$updo['doid']}'"); //通知
} } } $message = getstr($message, 0, 1, 1, 1, 2); if (strlen($message) < 2) { showmessage('content_is_not_less_than_four_characters'); } //摘要 $summay = getstr($message, 150, 1, 1); //引用回复 $pid = empty($_POST['pid']) ? 0 : intval($_POST['pid']); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('post') . " WHERE pid='{$pid}' AND tid='{$tid}' AND isthread='0'"); $post = $_SGLOBAL['db']->fetch_array($query); if ($post) { //黑名单 if (isblacklist($post['uid'])) { showmessage('is_blacklist'); } //实名 realname_set($post['uid'], $post['username']); realname_get(); $post['message'] = preg_replace("/\\<div class=\"quote\"\\>\\<span class=\"q\"\\>.*?\\<\\/span\\>\\<\\/div\\>/is", '', $post['message']); //移除编辑记录 $post['message'] = preg_replace("/<ins class=\"modify\".+?<\\/ins>/is", '', $post['message']); $post['message'] = html2bbcode($post['message']); //显示用 $message = addslashes("<div class=\"quote\"><span class=\"q\"><b>" . $_SN[$post['uid']] . "</b>: " . getstr($post['message'], 150, 0, 0, 0, 2, 1) . '</span></div>') . $message; } $anonymous = empty($_POST['anonymous']) ? 0 : intval($_POST['anonymous']); $setarr = array('tagid' => intval($thread['tagid']), 'anonymous' => $anonymous, 'tid' => $tid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'ip' => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message); $pid = inserttable('post', $setarr, 1);
$me = '%,' . $_SGLOBAL['supe_uid'] . ',%'; $query = $_SGLOBAL['db']->query("SELECT uid, name FROM " . tname("autorecpub") . " WHERE exclude not like '" . $me . "' and recTo like '" . $me . "'"); while ($res = $_SGLOBAL['db']->fetch_array($query)) { if (!isblacklist($res['uid']) && $res[uid] != $_SGLOBAL['supe_uid']) { $recommendpublic[] = $res; } } $query = $_SGLOBAL['db']->query("SELECT a.uid as uid, b.name as name FROM " . tname("rec_public") . " as a left join " . tname("space") . " as b on a.uid=b.uid order by id desc limit 6"); while ($res = $_SGLOBAL['db']->fetch_array($query)) { if (in_array($res, $recommendpublic)) { continue; } $q = $_SGLOBAL['db']->query("SELECT count(*) FROM " . tname("space") . " where uid=" . $res['uid'] . " and (aud like '" . $me . "' or aud like '" . $_SGLOBAL['supe_uid'] . ",%' or aud like '%," . $_SGLOBAL['supe_uid'] . "' or aud like '" . $_SGLOBAL['supe_uid'] . "')"); $count = $_SGLOBAL['db']->fetch_array($q); if (!$count['count(*)']) { if (!isblacklist($res['uid']) && $res[uid] != $_SGLOBAL['supe_uid']) { $recommendpublic[] = $res; } } } $reccount = count($recommendpublic); $allflag = 0; if ($reccount <= 2) { $allflag = 1; } //ᅧᅦ워ᅳᅬ $ols = array(); if ($oluids) { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('session') . " WHERE uid IN (" . simplode($oluids) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { if (!$value['magichidden']) {
showmessage('do_success', $_POST['refer'], 0); } else { showmessage('this_message_could_not_be_deleted'); } } } elseif ($_GET['op'] == 'send') { //判断是否发布太快 $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } //新用户见习 cknewuser(); //黑名单 if ($touid) { if (isblacklist($touid)) { showmessage('is_blacklist'); } } if (submitcheck('pmsubmit')) { //发送消息 $username = empty($_POST['username']) ? '' : $_POST['username']; $message = trim($_POST['message']); if (empty($message)) { showmessage('unable_to_send_air_news'); } $subject = ''; $return = 0; if ($touid) { //直接给一个用户发PM $return = uc_pm_send($_SGLOBAL['supe_uid'], $touid, $subject, $message, 1, $pmid, 0);
$newusers = array(); $users = daddslashes(explode(',', dstripslashes($username))); if ($users) { $query = DB::query('SELECT uid, username FROM ' . DB::table('common_member') . " WHERE username IN (" . dimplode($users) . ')'); while ($value = DB::fetch($query)) { $newusers[$value['uid']] = $value['username']; } } if (empty($newusers)) { showmessage('message_bad_touser', dreferer()); } if (isset($newusers[$_G['uid']])) { showmessage('message_can_not_send_to_self', dreferer()); } foreach ($newusers as $key => $value) { if (isblacklist($key)) { showmessage('is_blacklist', dreferer()); } } $return = uc_pm_send($_G['uid'], implode(',', $newusers), $subject, $message, 1, $pmid, 1); } if ($return > 0) { DB::query("UPDATE " . DB::table('common_member_status') . " SET lastpost='{$_G['timestamp']}' WHERE uid='{$_G['uid']}'"); updatecreditbyaction('sendpm'); showmessage('do_success', "home.php?mod=space&do=pm&filter=privatepm", array(), array('msgtype' => $_G['gp_inajax'] ? 3 : 1, 'showmsg' => true)); } else { if (in_array($return, array(-1, -2, -3, -4))) { showmessage('message_can_not_send' . abs($return)); } else { showmessage('message_can_not_send'); }
function checkcomment($id, $idtype) { global $_SGLOBAL; global $tospace, $pic, $blog, $album, $share; switch ($idtype) { case 'uid': //检索空间 $tospace = getspace($id); break; case 'picid': //检索图片 $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid='{$id}' LIMIT 1"); $pic = $_SGLOBAL['db']->fetch_array($query); //图片不存在 if (empty($pic)) { showmessage('view_images_do_not_exist'); } //检索空间 $tospace = getspace($pic['uid']); //获取相册 $album = array(); if ($pic['albumid']) { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('album') . " WHERE albumid='{$pic['albumid']}'"); if (!($album = $_SGLOBAL['db']->fetch_array($query))) { updatetable('pic', array('albumid' => 0), array('albumid' => $pic['albumid'])); //相册丢失 } else { if ($album['target_ids']) { $album['target_ids'] .= ",{$album['uid']}"; } } } break; case 'blogid': //读取日志 $query = $_SGLOBAL['db']->query("SELECT b.*, bf.target_ids\r\n\t\t\t\tFROM " . tname('blog') . " b\r\n\t\t\t\tLEFT JOIN " . tname('blogfield') . " bf ON bf.blogid=b.blogid\r\n\t\t\t\tWHERE b.blogid='{$id}'"); $blog = $_SGLOBAL['db']->fetch_array($query); //日志不存在 if (empty($blog)) { showmessage('view_to_info_did_not_exist'); } //是否允许评论 if (!empty($blog['noreply'])) { showmessage('do_not_accept_comments'); } if ($blog['target_ids']) { $blog['target_ids'] .= ",{$blog['uid']}"; } //检索空间 $tospace = getspace($blog['uid']); break; case 'sid': //读取日志 $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('share') . " WHERE sid='{$id}'"); $share = $_SGLOBAL['db']->fetch_array($query); //日志不存在 if (empty($share)) { showmessage('sharing_does_not_exist'); } //检索空间 $tospace = getspace($share['uid']); break; default: showmessage('non_normal_operation'); break; } if (empty($tospace)) { showmessage('space_does_not_exist'); } //黑名单 if (isblacklist($tospace['uid'])) { showmessage('is_blacklist'); } }