function paymsg($url, $msg, $notify = 'success') { if (empty($_POST)) { refreshto($url, $msg); } exit($notify); }
function olpay_end($numcode) { global $db, $pre, $webdb, $banktype, $pay_code, $lfjuid; $pay_code = str_replace('QIBO', '=', $pay_code); //这个符号“=”容易出问题 if (!$pay_code) { showerr("数据有误!!"); } list($type, $atc_moeny, $atc_numcode, $mid, $shopmoney) = explode("\t", mymd5($pay_code, 'DE')); if ($atc_numcode != intval($numcode)) { showerr("数据被修改过!!"); } //主要是针对支付宝不能单纯一位数字的问题,inc/olpay/alipay.php,文件中做了修改 $numcode = str_replace("code", "", $numcode); //万能表单订单 if ($type == 'form') { $rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `formid`='{$mid}'"); //商城订单 } elseif ($type == 'module') { $rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `moduleid`='{$mid}'"); $db->query("UPDATE {$pre}shoporderuser SET ifpay='1' WHERE id='{$atc_numcode}'"); //奖励积分 if ($shopmoney) { add_user($lfjuid, $shopmoney, '购买商品得分'); } } if (!$rt) { showerr('系统中没有您的订单,无法完成支付!'); } if ($rt['ifpay'] == 1) { showerr('该订单已经支付成功!'); } $db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'"); refreshto("{$webdb['www_url']}/", "恭喜你支付成功", 60); }
function olpay_end($numcode) { global $db, $pre, $webdb, $banktype; $rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `paytype`=1"); if (!$rt) { showerr('系统中没有您的充值订单,无法完成充值!'); } if ($rt['ifpay'] == 1) { showerr('该订单已经充值成功!'); } $db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'"); $num = $rt[money] * $webdb[alipay_scale]; add_user($rt[uid], $num, '在线充值'); refreshto("{$webdb['www_url']}/", "恭喜你充值成功", 10); }
$postSpecial->updateData($tid); } if ($postTopic) { //分类主题 $postTopic->initData(); $postTopic->insertData($tid, $fid); } if ($postCate) { //团购活动 $postCate->initData(); $postCate->insertData($tid, $fid); } if ($postdata->getIfcheck()) { if ($postdata->filter->filter_weight == 3) { $pinfo = 'enter_words'; $banword = implode(',', $postdata->filter->filter_word); } else { $pinfo = 'enter_thread'; } } else { if ($postdata->filter->filter_weight == 2) { $banword = implode(',', $postdata->filter->filter_word); $pinfo = 'post_word_check'; } elseif ($postdata->linkCheckStrategy) { $pinfo = 'post_link_check'; } else { $pinfo = 'post_check'; } } refreshto("read.php?tid={$tid}&page={$page}&toread=1#{$pid}", $pinfo); }
} $pwd = md5($pwd); } require_once R_P . 'require/bbscode.php'; $wordsfb = L::loadClass('FilterUtil'); if (($banword = $wordsfb->comprise($aname)) !== false) { Showmsg('title_wordsfb'); } if (($banword = $wordsfb->comprise($aintro)) !== false) { Showmsg('content_wordsfb'); } if ($private == 3 && !$pwd && $rt['albumpwd']) { $pwd = $rt['albumpwd']; } $db->update("UPDATE pw_cnalbum SET " . pwSqlSingle(array('aname' => $aname, 'aintro' => $aintro, 'private' => $private, 'albumpwd' => $pwd)) . ' WHERE aid=' . pwEscape($aid)); refreshto("{$basename}a=own", 'operate_success'); } } elseif ($a == 'viewalbum') { define('AJAX', 1); define('F_M', true); InitGP(array('aid')); $aid = (int) $aid; empty($aid) && Showmsg('data_error'); require_once PrintEot('m_ajax'); ajax_footer(); } elseif ($a == 'createajax') { define('AJAX', 1); define('F_M', true); banUser(); InitGP(array('job')); require_once PrintEot('m_ajax');
Showmsg('undefined_action'); } $needcur = $days * $rt['sright']['sellprice']; $cur = $credit->get($winduid, $rt['sright']['selltype']); if ($cur === false) { Showmsg('numerics_checkfailed'); } if ($cur < $needcur) { Showmsg('noenough_currency'); } $credit->addLog('main_buygroup', array($rt['sright']['selltype'] => -$needcur), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'gptitle' => $rt['grouptitle'], 'days' => $days)); if (!$credit->set($winduid, $rt['sright']['selltype'], -$needcur)) { Showmsg('numerics_checkfailed'); } $userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */ if ($options == 1) { if ($winddb['groupid'] == '-1') { $userService->update($winduid, array('groupid' => $gid)); } else { $groups = $mb['groups'] ? $mb['groups'] . $winddb['groupid'] . ',' : ",{$winddb['groupid']},"; $userService->update($winduid, array('groupid' => $gid, 'groups' => $groups)); } } else { $groups = $mb['groups'] ? $mb['groups'] . $gid . ',' : ",{$gid},"; $userService->update($winduid, array('groups' => $groups)); } $db->pw_update("SELECT uid FROM pw_extragroups WHERE uid=" . S::sqlEscape($winduid) . " AND gid=" . S::sqlEscape($gid), "UPDATE pw_extragroups SET " . S::sqlSingle(array('togid' => $winddb['groupid'], 'startdate' => $timestamp, 'days' => $days)) . " WHERE uid=" . S::sqlEscape($winduid) . "AND gid=" . S::sqlEscape($gid), "INSERT INTO pw_extragroups SET " . S::sqlSingle(array('uid' => $winduid, 'togid' => $winddb['groupid'], 'gid' => $gid, 'startdate' => $timestamp, 'days' => $days))); refreshto("profile.php?action=buy", 'group_buy_success'); } }
while ($rs = $db->fetch_array($query)) { $Module_db->showfield($module_DB[2]['field'], $rs, 'list'); $rs[username] || ($rs[username] = $rs[ip]); $rs[posttime] = date("Y-m-d H:i:s", $rs[posttime]); $rs[del] = " <A HREF='?action=delete_apply&id={$rs['apply_id']}'>踢除</A>"; $listdb[] = $rs; } $showpage = getpage('', '', "?job={$job}", $rows, $totalNum); require ROOT_PATH . "member/head.php"; require Memberpath . "template/list_job_member.htm"; require ROOT_PATH . "member/foot.php"; } elseif ($action == 'delete_apply') { //踢除某职位下的其中一个应聘者 $r = $db->get_one("SELECT * FROM `{$_pre}apply` WHERE id='{$id}'"); $rs = $db->get_one("SELECT * FROM `{$_pre}content` WHERE cid='{$r['cid']}'"); if ($rs[uid] != $lfjuid) { showerr("非法踢除!"); } $db->query("DELETE FROM {$_pre}apply WHERE id='{$id}'"); refreshto($FROMURL, '踢除成功', 1); } elseif ($action == "del") { //删除某职位 $rs = $db->get_one("SELECT * FROM `{$_pre}content` WHERE id='{$id}' AND uid={$lfjuid}"); if (!$rs) { showerr("非法删除!"); } $db->query("DELETE FROM `{$_pre}content` WHERE `id` = '{$id}'"); $db->query("DELETE FROM `{$_pre}content_1` WHERE `id` = '{$id}'"); $db->query("DELETE FROM `{$_pre}apply` WHERE `cid` = '{$id}'"); refreshto($FROMURL, '删除成功', 1); }
$min = ($page - 1) * $rows; $query = $db->query("SELECT * FROM {$_pre}comments WHERE uid='{$lfjuid}' ORDER BY cid DESC LIMIT {$min},{$rows}"); while ($rs = $db->fetch_array($query)) { $rs[content] = preg_replace("/<([^<]+)>/is", "", $rs[content]); $rs[title] = get_word($rs[content], 70); if (!$rs[username]) { $detail = explode(".", $rs[ip]); $rs[username] = "{$detail['0']}.{$detail['1']}.{$detail['2']}.*"; } $rss = $db->get_one("SELECT city_id FROM {$_pre}db WHERE id='{$rs['id']}'"); $rs[url] = get_info_url($rs[id], $rs[fid], $rss[city_id]); $rs[posttime] = date("Y-m-d H:i", $rs[posttime]); $listdb[] = $rs; } require ROOT_PATH . "member/head.php"; require dirname(__FILE__) . "/" . "template/comment/mylist.htm"; require ROOT_PATH . "member/foot.php"; } elseif ($action == "del") { if (!$ciddb) { showerr("请选择一个"); } foreach ($ciddb as $key => $value) { $rs = $db->get_one("SELECT * FROM {$_pre}comments WHERE cid='{$value}'"); if ($rs[uid] = $lfjuid || ($rs[cuid] = $lfjuid)) { $db->query("DELETE FROM {$_pre}comments WHERE cid='{$value}'"); $_erp = $Fid_db[tableid][$rs[fid]]; $db->query("UPDATE {$_pre}content{$_erp} SET comments=comments-1 WHERE id='{$rs['id']}'"); } } refreshto("{$FROMURL}", "删除成功", 1); }
$mids = array(); foreach ($weibos as $key => $weibo) { $mids[] = $weibo['mid']; } $weiboService->deleteWeibos($mids); } countPosts('-1'); $credit->runsql(); sendMawholeMessages($msgdb); if ($db_ifpwcache ^ 1) { $db->update("DELETE FROM pw_elements WHERE type !='usersort' AND id IN(" . S::sqlImplode($selids) . ')'); } //* P_unlink(D_P.'data/bbscache/c_cache.php'); pwCache::deleteData(D_P . 'data/bbscache/c_cache.php'); if (!defined('AJAX')) { refreshto("apps.php?q=group&a=thread&cyid={$cyid}", 'deltopic_success'); } else { Showmsg('deltopic_success_ajax'); } } } function checkForHeadTopic($toptype, $fid, $selForums) { require_once R_P . 'require/updateforum.php'; list($catedbs, $top_1, $top_2, $top_3) = getForumListForHeadTopic($fid); $topAll = ''; if ($toptype == 0) { return true; } if ($toptype == 1) { $topAll = ',' . implode(',', array_keys((array) $top_1)) . ',';
} } elseif ($action == 'del') { PostCheck(); InitGP(array('selid', 'type')); $selids = array(); foreach ($selid as $key => $value) { is_numeric($value) && ($selids[] = $value); } if ($selids) { $selids = pwImplode($selids); } else { Showmsg('id_error'); } if ($type == 'report') { $db->update("DELETE FROM pw_report WHERE id IN ({$selids})"); refreshto("forumcp.php?action=edit&type=report&fid={$fid}", 'operate_success'); } } function updatecache_fd1() { global $db; $db->update("UPDATE pw_forums SET childid='0',fupadmin=''"); $query = $db->query("SELECT fid,forumadmin FROM pw_forums WHERE type='category' ORDER BY vieworder"); while ($cate = $db->fetch_array($query)) { Add_S($cate); $query2 = $db->query("SELECT fid,forumadmin FROM pw_forums WHERE type='forum' AND fup=" . pwEscape($cate['fid'])); if ($db->num_rows($query2)) { $havechild[] = $cate['fid']; while ($forum = $db->fetch_array($query2)) { Add_S($forum); $fupadmin = trim($cate['forumadmin']);
} $tmpKeyArray = array_diff(array_keys($tucoolAttachs), (array) $contentAids); $tmpArray = array(); foreach ((array) $tmpKeyArray as $v) { $tmpArray[$v] = $tucoolAttachs[$v]; } $contentAttachs = array(); if (S::isArray($haveAids)) { foreach ($tucoolAttachs as $k => $v) { if (S::inArray($k, $haveAids)) { $contentAttachs[$k] = $tucoolAttachs[$k]; } } } $tucoolAttachs = array_merge($contentAttachs, (array) $tmpArray); !$tucoolAttachs && refreshto("read.php?tid={$tid}&ds=1", '您暂无权限查看此帖的图片!'); // 编辑图片信息权限 $editAttachRight = $admincheck || $read['authorid'] == $winduid ? 1 : 0; // 回复数 if ($openIndex) { #高楼帖子索引 $replyCount = 1 + $db->get_value("SELECT max(floor) FROM pw_postsfloor WHERE tid =" . S::sqlEscape($tid)); } else { $replyCount = $read['replies'] + 1; } //帖子浏览记录 $readlog = str_replace(",{$tid},", ',', GetCookie('readlog')); $readlog .= ($readlog ? '' : ',') . $tid . ','; $readlogCount = substr_count($readlog, ','); $readlogCount > 11 && ($readlog = preg_replace("/[\\d]+\\,/i", '', $readlog, $readlogCount - 11)); Cookie('readlog', $readlog);
refreshto($jumpUrl, $msg); } else { Showmsg('修改文章失败'); } } } elseif ($action == 'deletepage') { S::gp(array('id', 'page')); $articleModule = $articleService->getArticleModule($id); if (!checkEditPurview($windid, $articleModule->columnId) && $articleModule->user != $windid) { Showmsg('你没有权限编辑本栏目的文章'); } $articleModule->deletePage($page); $articleModule->showError(); $result = $articleService->updateArticle($articleModule); if ($result) { refreshto("{$basename}q=post&action=edit&id={$id}&page=1", 'operate_success', 2); } else { Showmsg('删除分页失败'); } } require cmsTemplate::printEot('post'); footer(); function initFileTypeInfo($db_uploadfiletype) { $uploadfiletype = $db_uploadfiletype ? unserialize($db_uploadfiletype) : array(); $attachAllow = pwJsonEncode($uploadfiletype); $imageAllow = pwJsonEncode(getAllowKeysFromArray($uploadfiletype, array('jpg', 'jpeg', 'gif', 'png', 'bmp'))); return array($attachAllow, $imageAllow); } function initAttach($attachs) {
function pingfenMsg($msg_info) { global $baseUrl, $action, $tid; $msg_info = getLangInfo('msg', $msg_info); refreshto($baseUrl . 'action=' . $action . '&selid=' . $tid . '&', $msg_info, 3); }
Showmsg('bk_credit_type_error'); } $change = (int) $change; if (!is_numeric($change) || $change <= 0) { Showmsg('bk_credit_fillin_error'); } $change % $jf_A[$type][0] != 0 && Showmsg('change_error'); list($sell, $buy) = explode('_', $type); $credit1 = $change; $credit2 = intval($change / $jf_A[$type][0] * $jf_A[$type][1]); /* $db->query("LOCK TABLES pw_memberdata WRITE,pw_membercredit WRITE"); $lockfile = D_P.'data/bbscache/lock_profile.txt'; $fp = fopen($lockfile,'wb+'); flock($fp,LOCK_EX); */ if (procLock('credit_change', $winduid)) { if ($credit1 > $credit->get($winduid, $sell)) { procUnLock('credit_change', $winduid); Showmsg('bk_credit_change_error'); } $credit->addLog('main_changereduce', array($sell => -$credit1), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'tocname' => $credit->cType[$buy])); $credit->addLog('main_changeadd', array($buy => $credit2), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'fromcname' => $credit->cType[$sell])); $credit->sets($winduid, array($sell => -$credit1, $buy => $credit2)); procUnLock('credit_change', $winduid); //fclose($fp); //$db->query("UNLOCK TABLES"); } refreshto('userpay.php?action=change', 'bank_creditsuccess', 1, true); } }
//XXX 作为demo,临时存放在session中,网站应该用自己安全的存储系统来存储这些信息 //$_SESSION["token"] = $result["oauth_token"]; //$_SESSION["secret"] = $result["oauth_token_secret"]; //$_SESSION["openid"] = $result["openid"]; set_cookie('token_secret', mymd5($result["oauth_token"] . "\t" . $result["oauth_token_secret"] . "\t" . $result["openid"]), 3600); if ($rs = $db->get_one("SELECT * FROM {$pre}memberdata WHERE `qq_api`='{$result['openid']}'")) { $userDB->login($rs[username], '', 3600, true); $fromurl = get_cookie('qq_fromurl'); if ($fromurl && !eregi("login\\.php", $fromurl) && !eregi("reg\\.php", $fromurl)) { $jumpto = $fromurl; } else { $jumpto = "{$webdb['www_url']}/"; } refreshto("{$jumpto}", "QQ方式登录成功{$uc_login_code}", 1); } else { refreshto("qq_bind.php", "QQ登录成功,请进行帐号绑定设置", 10); } //第三方处理用户绑定逻辑 //将openid与第三方的帐号做关联 //bind_to_openid(); } else { //登录前 set_cookie('qq_fromurl', $FROMURL); redirect_to_login($webdb[QQ_appid], $webdb[QQ_appkey], "{$webdb['www_url']}/do/qq_login.php"); } /** * @brief get a access token * rfc1738 urlencode * @param $appid * @param $appkey * @param $request_token
<?php !defined('P_W') && exit('Forbidden'); S::gp(array('tid')); $robbuildService = L::loadClass('RobBuild', 'forum'); $robbuild = $robbuildService->getByTid($tid); (!S::inArray($windid, $manager) && $robbuild['authorid'] != $winduid || $robbuild['status']) && Showmsg('undefined_action'); $robbuildService->update(array('status' => 2), $tid); refreshto("read.php?tid={$tid}", 'operate_success');
<?php if (!function_exists('html')) { die('F'); } if (!$lfjuid) { showerr('请先登录'); } $_erp = $Fid_db[tableid][$fid]; $rs = $db->get_one("SELECT * FROM {$_pre}content{$_erp} WHERE id='{$id}'"); if ($rs[uid] != $lfjuid && !$web_admin) { showerr('你没权限'); } $list = $timestamp + 3600 * 24 * $webdb[Info_TopDay]; if (!$web_admin) { $lfjdb[money] = intval(get_money($lfjuid)); if ($lfjdb[money] < $webdb[Info_TopMoney]) { showerr("你的积分不足:{$webdb['Info_TopMoney']},不能选择置顶"); } add_user($lfjuid, -intval($webdb[Info_TopMoney]), '置顶扣分'); } $db->query("UPDATE {$_pre}content{$_erp} SET list='{$list}' WHERE id='{$id}'"); refreshto("{$FROMURL}", "置顶成功", 1);
<?php !function_exists('html') && exit('ERR'); if (!$lfjuid) { showerr("请先登录!"); } if (!$web_admin) { $rs = $db->get_one("SELECT C.uid FROM `{$pre}vote_element` V LEFT JOIN `{$pre}vote_topic` C ON V.cid=C.cid WHERE V.id='{$id}'"); if ($rs[uid] != $lfjuid || !$lfjuid) { showerr("你没权限!"); } } $db->query("DELETE FROM `{$pre}vote_element` WHERE id='{$id}'"); refreshto($FROMURL, "删除成功", 1);
} if ($db->get_value("SELECT COUNT(*) as sum FROM pw_cnalbum WHERE atype=1 AND ownerid=" . S::sqlEscape($cyid)) > 0) { Showmsg('colony_del_photo'); } if ($colony['cnimg']) { require_once R_P . 'require/functions.php'; pwDelatt("cn_img/{$colony['cnimg']}", $db_ifftp); pwFtpClose($ftp); } $query = $db->query("SELECT uid FROM pw_cmembers WHERE colonyid=" . S::sqlEscape($cyid) . " AND ifadmin != '-1'"); while ($rt = $db->fetch_array($query)) { $cMembers[] = $rt['uid']; } updateUserAppNum($cMembers, 'group', 'minus'); $db->update("DELETE FROM pw_cmembers WHERE colonyid=" . S::sqlEscape($cyid)); //* $db->update("DELETE FROM pw_colonys WHERE id=" . S::sqlEscape($cyid)); pwQuery::delete('pw_colonys', 'id=:id', array($cyid)); $db->update("UPDATE pw_cnclass SET cnsum=cnsum-1 WHERE fid=" . S::sqlEscape($colony['classid']) . " AND cnsum>0"); $db->update("DELETE FROM pw_argument WHERE cyid=" . S::sqlEscape($cyid)); refreshto("apps.php?q=groups", '解散群组成功!'); } } else { Showmsg('undefined_action'); } function threadSetCheckOwnerPassword($ownerId, $inputPassword) { $userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */ $userData = $userService->get($ownerId); return md5($inputPassword) == $userData['password']; }
if ($selid && is_array($selid)) { $arr = array(); $query = $db->query("SELECT u2.uid FROM pw_userbinding u1 LEFT JOIN pw_userbinding u2 ON u1.id=u2.id WHERE u1.uid=" . pwEscape($winduid)); while ($rt = $db->fetch_array($query)) { $arr[] = $rt['uid']; } if ($delarr = array_intersect($arr, $selid)) { $db->update("DELETE FROM pw_userbinding WHERE uid IN(" . pwImplode($delarr) . ')'); $tmp = $delarr + array($winduid); if (count(array_unique($tmp)) == count($arr)) { $delarr = $tmp; } $db->update("UPDATE pw_members SET userstatus=userstatus&~(1<<11) WHERE uid IN (" . pwImplode($delarr) . ')'); } } refreshto("profile.php?action=modify&info_type=binding", 'operate_success', 2, true); } function Getcustom($data, $unserialize = true, $strips = null) { global $db_union; $customdata = array(); if (!$data || ($unserialize ? !is_array($data = unserialize($data)) : !is_array($data))) { $data = array(); } elseif (!is_array($custominfo = unserialize($db_union[7]))) { $custominfo = array(); } if (!empty($data) && !empty($custominfo)) { foreach ($data as $key => $value) { if (!empty($strips)) { $customdata[stripslashes(Char_cv($key))] = stripslashes(Char_cv($value)); } elseif ($custominfo[$key] && $value) {
$db->insert_file('', $readfiles); //导入数据库 //如果数据表区分符不是qb_的话,serialize字符的长度会有所变化,因此要纠正 if (strpos($readfiles, "{$pre}label") && strlen($pre) != 3) { $query = $db->query("SELECT * FROM {$pre}label WHERE typesystem=1 "); while ($rs = $db->fetch_array($query)) { $rs[code] = preg_replace("/s:([\\d]+):\"(.*?)\";/e", "strlen_lable('\\1','\\2')", $rs[code]); $rs[code] = addslashes($rs[code]); $db->query("UPDATE {$pre}label SET code='{$rs['code']}' WHERE lid='{$rs['lid']}' "); } } //有的模块可能要执行一些动作 @(include ROOT_PATH . "{$file}/install/install.inc.php"); } make_module_cache(); refreshto("index.php?lfj=group&job=admin_gr&gid=3", "安装成功!下一步要设置权限", 60); } elseif ($action == 'make') { if ($db->get_one("SELECT * FROM {$pre}module WHERE pre='{$postdb['pre']}'")) { showmsg("此系统已存在了,请不要重复创建"); } if (!$postdb[pre]) { showmsg("关键字/数据表前缀不能为空"); } if (!$postdb['dirname']) { showmsg("系统存放目录不能为空"); } if (!is_dir(ROOT_PATH . $postdb['dirname'])) { showmsg("目录不存在"); } if ($postdb[admindir] && !is_dir(ROOT_PATH . $postdb['dirname'] . "/{$postdb['admindir']}")) { showmsg("后台目录不存在");
updateUserAppNum($winduid, 'share'); $memberShare = array('reply' => "memberShareThread", 'topic' => "memberShareThread", 'diary' => "memberShareDiary", 'album' => "memberShareAlbum", 'user' => "memberShareUser", 'group' => "memberShareGroup", 'photo' => "memberSharePic", 'web' => "memberShareLink", 'video' => "memberShareVideo", 'music' => "memberShareMusic"); $threadShare = array('topic' => "threadShare", 'diary' => "diaryShare", 'photo' => "picShare"); $threadFav = array('diary' => "diaryFav", 'photo' => "picFav"); if (isset($memberShare[$type])) { updateDatanalyse($winduid, $memberShare[$type], 1); } if (isset($threadShare[$type_tmp]) && $ifhidden != 1) { updateDatanalyse($id, $threadShare[$type_tmp], 1); } elseif (isset($threadFav[$type])) { updateDatanalyse($id, $threadFav[$type], 1); } if (defined('AJAX')) { Showmsg('operate_success'); } else { refreshto("{$baseUrl}q=share&a={$a}", 'operate_success'); } function getVideo($link, $host) { $matches = array(); switch ($host) { case 'youku.com': preg_match("/sid\\/(\\w+)\\//", $link, $matches); break; case 'youtube.com': preg_match("/v\\=([\\w\\-]+)/", $link, $matches); break; case 'sina.com.cn': preg_match("/\\/(\\d+)-(\\d+)\\.html/", $link, $matches); break; case 'sohu.com':
Showmsg('unenough_currency'); } else { procUnLock('tool_buy', $winduid); Showmsg('unenough_money'); } } $credit->addLog('hack_toolbuy', array($toolinfo['creditype'] => -$price), array('uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'nums' => $nums, 'toolname' => $toolinfo['name'])); $credit->set($winduid, $toolinfo['creditype'], -$price); $db->update("UPDATE pw_tools SET stock=stock-" . S::sqlEscape($nums) . " WHERE id=" . S::sqlEscape($id)); $db->pw_update("SELECT uid FROM pw_usertool WHERE uid=" . S::sqlEscape($winduid) . " AND toolid=" . S::sqlEscape($id), "UPDATE pw_usertool SET nums=nums+" . S::sqlEscape($nums) . " WHERE uid=" . S::sqlEscape($winduid) . " AND toolid=" . S::sqlEscape($id), "INSERT INTO pw_usertool SET " . S::sqlSingle(array('nums' => $nums, 'uid' => $winduid, 'toolid' => $id, 'sellstatus' => $sell_status))); require_once R_P . 'require/tool.php'; $logdata = array('type' => 'buy', 'nums' => $nums, 'money' => $price, 'descrip' => 'buy_descrip', 'uid' => $winduid, 'username' => $windid, 'ip' => $onlineip, 'time' => $timestamp, 'toolname' => $toolinfo['name'], 'from' => ''); writetoollog($logdata); procUnLock('tool_buy', $winduid); } refreshto("profile.php?action=toolcenter", 'operate_success'); } } elseif ($job == 'use' || $job == 'ajax') { $toolid = (int) S::getGP('toolid'); if (!$toolid) { $tooldb = array(); $query = $db->query("SELECT * FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid=" . S::sqlEscape($winduid) . "ORDER BY vieworder"); while ($rt = $db->fetch_array($query)) { $rt['descrip'] = substrs($rt['descrip'], 45); $tooldb[] = $rt; } if (!$tooldb) { Showmsg('no_tool'); } require_once uTemplate::PrintEot('profile_toolcenter'); pwOutPut();
/* if ($privacy && is_array($privacy)) { $pwSQL = array(); foreach ($privacy as $key => $value) { if (in_array($key, $spaceModel)) { $pwSQL[] = array( 'uid' => $winduid, 'type' => 'space', 'key' => $key, 'value' => $value ); } } $pwSQL && $db->update("replace INTO pw_privacy (uid, ptype, pkey, value) values " . S::sqlMulti($pwSQL)); } if ($domain != $space['domain'] && $db->get_value("SELECT COUNT(*) AS sum FROM pw_space WHERE domain=" . S::sqlEscape($domain))) { Showmsg('该域名已被使用!'); } */ $pwSQL = array('name' => $name, 'descript' => $descript, 'domain' => $domain, 'spacestyle' => $spacestyle, 'spacetype' => $spacetype, 'skin' => $spaceskin, 'modelset' => serialize($modelset)); $layout && ($pwSQL['layout'] = serialize($layout)); set_time_limit(0); require_once R_P . 'u/lib/spacebannerupload.class.php'; $upload = new spaceBannerUpload($winduid); PwUpload::upload($upload); if ($img = $upload->getImgUrl()) { $pwSQL['banner'] = $img; } $newSpace->updateInfo($pwSQL); refreshto('u.php?a=set', 'operate_success'); }
$admincheck = 0; } if ($groupid != 'guest' && ($admincheck || $attach['uid'] == $winduid)) { pwDelatt($attach['attachurl'], $db_ifftp); pwFtpClose($ftp); $pw_attachs->delete($aid); $ifupload = getattachtype($tid); $ifaid = $ifupload === false ? 0 : 1; if ($pid) { $pw_posts = GetPtable('N', $tid); //$db->update("UPDATE $pw_posts SET aid=" . S::sqlEscape($ifaid, false) . "WHERE tid=" . S::sqlEscape($tid, false) . "AND pid=" . S::sqlEscape($pid, false)); pwQuery::update($pw_posts, 'tid=:tid AND pid=:pid', array($tid, $pid), array('aid' => $ifaid)); } else { $pw_tmsgs = GetTtable($tid); //* $db->update("UPDATE $pw_tmsgs SET aid=" . S::sqlEscape($ifaid, false) . " WHERE tid=" . S::sqlEscape($tid, false)); pwQuery::update($pw_tmsgs, 'tid=:tid', array($tid), array('aid' => $ifaid)); } $ifupload = (int) $ifupload; //$db->update('UPDATE pw_threads SET ifupload=' . S::sqlEscape($ifupload) . ' WHERE tid=' . S::sqlEscape($tid)); pwQuery::update('pw_threads', 'tid=:tid', array($tid), array('ifupload' => $ifupload)); if ($foruminfo['allowhtm'] && $page == 1) { $StaticPage = L::loadClass('StaticPage'); $StaticPage->update($tid); empty($j_p) && ($j_p = "read.php?tid={$tid}&ds=1"); refreshto($j_p, 'operate_success'); } else { refreshto("read.php?tid={$tid}&ds=1&page={$page}", 'operate_success'); } } else { Showmsg('job_attach_right'); }
<?php require dirname(__FILE__) . "/global.php"; if (!$lfjid) { showerr('请先登录!'); } elseif ($uid == $lfjuid) { showerr('你不能收录自己!'); } if ($db->get_one("SELECT * FROM {$_pre}collection WHERE memberuid='{$uid}' AND companyuid='{$lfjuid}'")) { showerr('你已经收录过了!'); } $db->query("INSERT INTO {$_pre}collection SET memberuid='{$uid}',companyuid='{$lfjuid}',posttime='{$timestamp}'"); refreshto($FROMURL, '收录成功', 3);
<?php require dirname(__FILE__) . "/global.php"; if (!$lfjid) { showerr('请先登录!'); } if ($job == 'post') { $rsdb = $db->get_one("SELECT * FROM {$_pre}content WHERE id='{$id}'"); if (!$rsdb) { showerr('职位不存在!'); } if ($db->get_one("SELECT * FROM {$_pre}apply WHERE cid='{$id}' AND uid='{$lfjuid}'")) { showerr('你已经申请过该职位了!'); } @extract($db->get_one("SELECT id AS join_id FROM {$_pre}person WHERE uid='{$lfjuid}'")); $db->query("INSERT INTO {$_pre}apply SET cid='{$id}',uid='{$lfjuid}',join_id='{$join_id}',posttime='{$timestamp}'"); refreshto("./", '申请成功', 1); }
mod_sort_sons("{$pre}area", 0); //更新sons /*更新导航缓存*/ cache_area(); refreshto($FROMURL, "删除成功"); } elseif ($action == "editlist") { foreach ($order as $key => $value) { $db->query("UPDATE {$pre}area SET list='{$value}' WHERE fid='{$key}' "); } mod_sort_class("{$pre}area", 0, 0); //更新class mod_sort_sons("{$pre}area", 0); //更新sons /*更新导航缓存*/ cache_area(); refreshto("{$FROMURL}", "修改成功", 1); } /** *更新缓存 **/ function cache_area() { global $db, $pre; $show = "<?php\r\n"; $query = $db->query("SELECT fid,fup,name FROM {$pre}area LIMIT 500"); while ($rs = $db->fetch_array($query)) { $rs[name] = addslashes($rs[name]); $show .= "\$area_db[{$rs[fup]}][{$rs[fid]}]='{$rs['name']}';\n\t\t\$area_db[name][{$rs[fid]}]='{$rs['name']}';\n\t\t"; } write_file(ROOT_PATH . "data/all_area.php", $show); }
$isAtcEmail = (int) $atc_email; $isAtcNewrp = (int) $atc_newrp; $userService = L::loadClass('UserService', 'user'); $userService->setUserStatus($winduid, PW_USERSTATUS_REPLYEMAIL, $isAtcEmail); $userService->setUserStatus($winduid, PW_USERSTATUS_REPLYSITEEMAIL, $isAtcNewrp); $j_p = "read.php?tid={$tid}&ds=1"; if ($db_htmifopen) { $j_p = urlRewrite($j_p); } if (empty($j_p) || $pwforum->foruminfo['cms']) { $j_p = "read.php?tid={$tid}&ds=1"; } $pinfo = defined('AJAX') ? "success\t" . $j_p : ""; if (!$iscontinue) { if ($postdata->getIfcheck()) { if ($prompts = $pwpost->getprompt()) { isset($prompts['allowhide']) && ($pinfo = getLangInfo('refreshto', "post_limit_hide")); isset($prompts['allowsell']) && ($pinfo = getLangInfo('refreshto', "post_limit_sell")); isset($prompts['allowencode']) && ($pinfo = getLangInfo('refreshto', "post_limit_encode")); } } } //defend start CloudWind::YunPostDefend($winduid, $windid, $groupid, $tid, $atc_title, $atc_content, 'thread', array('fid' => $fid, 'tid' => $tid, 'forumname' => $pwforum->foruminfo['name'])); //defend end //job sign //require_once(R_P.'require/functions.php'); //initJob($winduid,"doPost",array('fid'=>$fid)); pwHook::runHook('after_post'); refreshto($j_p, $pinfo); }
$f_hash = $share['link']; } else { $type = $share['type'] = 'web'; } $collectionDate = array('type' => $type, 'uid' => $winduid, 'username' => $windid, 'content' => serialize($share), 'postdate' => $timestamp); if ($collectionService->insert($collectionDate)) { refreshto("{$basename}&", 'operate_success'); } else { Showmsg('data_error'); } } elseif ($a == 'dels') { PostCheck(); S::gp(array('idarray'), 'P', 1); $ids = $collectionService->checkCollectionIds($idarray, $winduid); $collectionService->delete($ids); refreshto("{$basename}type={$type}&", 'operate_success'); } elseif ($a == 'remove') { S::gp(array('ftype', 'idarray')); !$idarray && Showmsg('undefined_action'); $return = $collectionService->remove($idarray, $ftype); if ($return === true) { echo "success\t"; ajax_footer(); } } elseif ($a == 'recommend') { define('AJAX', 1); define('F_M', true); if (empty($_POST['step'])) { S::gp(array('id'), null, 2); $friend = getFriends($winduid); if ($friend) {