function parseRequest()
{
global $_SITE_CONFIG;
$request = $_GET ? $_GET : $_POST;
$module = $request['module'];
$method = $request['method'];
$log = $request;
$log['paramsArray'] = $this->myAddslashes(unserialize($request['params']));
doLog($log, empty($_POST) ? '$_GET: ' : '$_POST: ');
$errCode = 0;
$errMessage = '';
if ($_SITE_CONFIG['site_close']) {
$errCode = 2;
$errMessage = 'Site Closed';
} elseif (!$_SITE_CONFIG['my_status']) {
$errCode = 2;
$errMessage = 'Manyou Service Disabled';
} elseif (!$_SITE_CONFIG['site_key']) {
$errCode = 11;
$errMessage = 'Client SiteKey NOT Exists';
} elseif (!$_SITE_CONFIG['my_site_key']) {
$errCode = 12;
$errMessage = 'My SiteKey NOT Exists';
} elseif (empty($module) || empty($method)) {
$errCode = '3';
$errMessage = 'Invalid Method: ' . $moudle . '.' . $method;
}
if (get_magic_quotes_gpc()) {
$request['params'] = sstripslashes($request['params']);
}
$mySign = $module . '|' . $method . '|' . $request['params'] . '|' . $_SITE_CONFIG['my_site_key'];
$mySign = md5($mySign);
if ($mySign != $request['sign']) {
$errCode = '10';
$errMessage = 'Error Sign';
}
if ($errCode) {
return new APIErrorResponse($errCode, $errMessage);
}
$params = unserialize($request['params']);
$params = $this->myAddslashes($params);
if ($module == 'Batch' && $method == 'run') {
$response = array();
foreach ($params as $param) {
$response[] = $this->callback($param['module'], $param['method'], $param['params']);
}
return new APIResponse($response, 'Batch');
}
return $this->callback($module, $method, $params);
}
//输入检查
$_POST['catid'] = intval($_POST['catid']);
$_POST['customfieldid'] = intval($_POST['customfieldid']);
$_POST['picid'] = empty($_POST['picid']) ? 0 : intval($_POST['picid']);
//图文资讯标志
//检查输入
$_POST['subject'] = shtmlspecialchars(trim($_POST['subject']));
//标题支持html
if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) {
showmessage('space_suject_length_error');
}
if (empty($_POST['catid'])) {
showmessage('admin_func_catid_error');
}
//自定义信息
$setcustomfieldtext = empty($_POST['customfieldtext'][$_POST['customfieldid']]) ? serialize(array()) : addslashes(serialize(shtmlspecialchars(sstripslashes($_POST['customfieldtext'][$_POST['customfieldid']]))));
//TAG处理
if (empty($_POST['tagname'])) {
$_POST['tagname'] = '';
}
$tagarr = posttag($_POST['tagname']);
//构建数据
$setsqlarr = array('catid' => $_POST['catid'], 'subject' => scensor($_POST['subject'], 1), 'hash' => $_POST['hash'], 'picid' => $_POST['picid']);
$_SGET['folder'] = checkperm('allowdirectpost') ? 1 : (isset($_SGET['folder']) && intval($_SGET['folder']) == 0 ? 0 : 1);
//标题样式
empty($_POST['strong']) ? $_POST['strong'] = '' : ($_POST['strong'] = 1);
empty($_POST['reply_notify']) ? $_POST['reply_notify'] = 0 : ($_POST['reply_notify'] = intval($_POST['reply_notify']));
empty($_POST['allowedit']) ? $_POST['allowedit'] = 0 : ($_POST['allowedit'] = intval($_POST['allowedit']));
empty($_POST['pollid']) ? $_POST['pollid'] = 0 : ($_POST['pollid'] = intval($_POST['pollid']));
empty($_POST['underline']) ? $_POST['underline'] = '' : ($_POST['underline'] = 1);
empty($_POST['em']) ? $_POST['em'] = '' : ($_POST['em'] = 1);
function IHomeServiceCreateComplain($params = NULL)
{
global $_SGLOBAL;
if ($params['uid']) {
if ($params['uid'] <= 0) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct. the id must be a positive interger.");
return json_encode($errorMsg);
} else {
$sql = "select name,username from " . tname('space') . " where uid = " . $params['uid'];
$query = $_SGLOBAL['db']->query($sql);
if ($row = $_SGLOBAL['db']->fetch_array($query)) {
if ($row['name']) {
$params['uname'] = $row['name'];
} else {
$params['uname'] = $row['username'];
}
} else {
$errorMsg = array("errorNo" => "500", "content" => "the uid is not exist");
return json_encode($errorMsg);
}
}
} else {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter uid.the uid is not exist or the uid is not a positive interger.");
return json_encode($errorMsg);
}
// 忽略department_id_list
if (!$params['content']) {
$errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter message.the message is not exist or the message is empty.");
return json_encode($errorMsg);
}
if ($params['device'] && !in_array($params['device'], array('web', 'wechat', 'mobile'))) {
$errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct. the parameter device is out of range.");
return json_encode($errorMsg);
}
$UserIds = array();
$mood = 0;
$params['status'] = 'init';
$params['reply_count'] = 0;
$params['timestamp'] = time();
$params['department_list'] = array();
$params['operation_list'] = array();
$params['reply_list'] = array();
preg_match("/\\[em\\:(\\d+)\\:\\]/s", $params['content'], $ms);
$mood = empty($ms[1]) ? 0 : intval($ms[1]);
$message = rawurldecode(getstr($params['content'], 1000, 1, 1, 1, 2));
preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s*/U", $message, $matches, PREG_SET_ORDER);
# 加上链接
foreach ($matches as $value) {
$TmpString = $value[0];
$TmpName = $value[1];
$UserId = $value[2];
$result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}");
if ($rs = $_SGLOBAL['db']->fetch_array($result)) {
$realname = $rs['name'];
if (empty($realname)) {
$realname = $rs['username'];
}
$params['department_list'][intval($UserId)] = $realname;
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
if ($ValidValue != false) {
$message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $message);
if (!in_array($UserId, $UserIds)) {
$UserIds[] = $UserId;
}
}
}
}
$message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $message);
$message = preg_replace("/\\<br.*?\\>/is", ' ', $message);
$params['content'] = $message;
$setarr = array('uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'from' => $params['uid'], 'message' => $message, 'mood' => $mood, 'ip' => getonlineip(), 'fromdevice' => 'web');
if ($params['device']) {
$setarr['fromdevice'] = $params['device'];
}
if ($params['ip']) {
$setarr['ip'] = $params['ip'];
}
$newdoid = inserttable('doing', $setarr, 1);
@(include_once S_ROOT . './data/data_creditrule.php');
$isComplain = TRUE;
/*if($isComplain && ($_SGLOBAL['member']['credit'] < $_SGLOBAL['creditrule']['complain']['credit'])){ # 如果积分不够
$isComplain = FALSE;
$note = cplang('note_complain_credit_failed', array("space.php?do=doing&doid=$newdoid"));
notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note);
$complain_msg = 'note_complain_credit_failed';
}*/
# 这部分可能会出错
foreach ($UserIds as $UserId) {
if ($isComplain) {
$UserDept = isDepartment($UserId, 1);
if ($UserDept) {
$nowtime = time();
$complain = array('doid' => $newdoid, 'uid' => $params['uid'], 'uname' => $params['uname'], 'atdepartment' => $UserDept['department'], 'atdeptuid' => $UserId, 'from' => $params['uid'], 'atuid' => $UserId, 'atuname' => $UserDept['department'], 'isreply' => 0, 'addtime' => $nowtime, 'dateline' => $nowtime, 'expire' => 0, 'times' => 1, 'issendmsg' => 0, 'message' => $message, 'datatime' => date("Ymd", $nowtime));
inserttable('complain', $complain, 0);
$note = cplang('note_complain_buchu', array("space.php?do=complain_item&doid={$newdoid}", date('Y-m-d H:i', $nowtime + 3600 * 24)));
notification_complain_add($UserId, 'complain', $note);
$complainOK = TRUE;
} else {
$note = cplang('note_doing_at', array("space.php?do=doing&doid={$newdoid}"));
notification_add($UserId, 'atyou', $note);
}
}
}
if ($complainOK) {
$note = cplang('note_complain_user_success', array("space.php?do=complain_item&doid={$newdoid}"));
notification_complain_add($params['uid'], 'complain', $note);
$complain_msg = 'note_complain_user_success';
getreward('complain', 1, $params['uid']);
}
if (!$complainOK && $isComplain) {
if ($UserId == '0000') {
//系统管理员 虽然并没有什么用
$note = cplang("您好,您的诉求已发送成功。谢谢您对ihome社区的大力支持!", array("space.php?do=doing&doid={$newdoid}"));
notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note);
} else {
$note = cplang('note_complain_user_failed', array("space.php?do=doing&doid={$newdoid}"));
notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note);
$complain_msg = 'note_complain_user_failed';
}
}
$feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid', 'fromdevice' => 'web', 'ip' => getonlineip());
if ($params['device']) {
$feedarr['fromdevice'] = $params['device'];
}
if ($params['ip']) {
$feedarr['ip'] = $params['ip'];
}
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
//ϲºÃhash
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
//ºÏ²¢hash
$feedid = inserttable('feed', $feedarr, 1);
updatestat('doing');
$setarr = array('note' => $message);
$reward = getreward('doing', 0);
updatetable('spacefield', $setarr, array('uid' => $params['uid']));
return json_encode($params);
}
function notification_add($uid, $type, $note, $returnid=0) {
global $_SGLOBAL;
//获取对方的筛选条件
$tospace = getspace($uid);
//更新我的好友关系热度
if($_SGLOBAL['supe_uid']) {
addfriendnum($tospace['uid'], $tospace['username']);
}
$setarr = array(
'uid' => $uid,
'type' => $type,
'new' => 1,
'authorid' => $_SGLOBAL['supe_uid'],
'author' => $_SGLOBAL['supe_username'],
'note' => addslashes(sstripslashes($note)),
'dateline' => $_SGLOBAL['timestamp']
);
$filter = empty($tospace['privacy']['filter_note'])?array():array_keys($tospace['privacy']['filter_note']);
if(cknote_uid($setarr, $filter)) {
//更新用户通知
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET notenum=notenum+1 WHERE uid='$uid'");
if($returnid) {
return inserttable('notification', $setarr, $returnid);
} else {
inserttable('notification', $setarr);
}
}
}
//链接数据库
dbconnect();
} else {
error_reporting(0);
set_magic_quotes_runtime(0);
defined('MAGIC_QUOTES_GPC') || define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
include_once S_ROOT . './config.php';
include_once S_ROOT . './data/data_config.php';
include_once S_ROOT . './source/function_common.php';
//链接数据库
dbconnect();
$get = $post = array();
$code = @$_GET['code'];
parse_str(authcode($code, 'DECODE', UC_KEY), $get);
if (MAGIC_QUOTES_GPC) {
$get = sstripslashes($get);
}
if ($_SGLOBAL['timestamp'] - $get['time'] > 3600) {
exit('Authracation has expiried');
}
if (empty($get)) {
exit('Invalid Request');
}
include_once S_ROOT . './uc_client/lib/xml.class.php';
$post = xml_unserialize(file_get_contents('php://input'));
if (in_array($get['action'], array('test', 'deleteuser', 'renameuser', 'gettag', 'synlogin', 'synlogout', 'updatepw', 'updatebadwords', 'updatehosts', 'updateapps', 'updateclient', 'updatecredit', 'getcredit', 'getcreditsettings', 'updatecreditsettings', 'addfeed'))) {
$uc_note = new uc_note();
echo $uc_note->{$get}['action']($get, $post);
exit;
} else {
exit(API_RETURN_FAILED);
$replaces[] = $itemvalue[$key];
}
$bwzt['related'][$appid]['data'][$itemkey]['html'] = stripslashes(str_replace($searchs, $replaces, $_SGLOBAL['tagtpl']['data'][$appid]['template']));
} else {
unset($bwzt['related'][$appid]['data'][$itemkey]);
}
}
} else {
$bwzt['related'][$appid]['data'] = '';
}
if (empty($bwzt['related'][$appid]['data'])) {
unset($bwzt['related'][$appid]);
}
}
}
updatetable('bwztfield', array('related' => addslashes(serialize(sstripslashes($bwzt['related']))), 'relatedtime' => $_SGLOBAL['timestamp']), array('bwztid' => $bwzt['bwztid']));
//更新
} else {
$bwzt['related'] = empty($bwzt['related']) ? array() : unserialize($bwzt['related']);
}
//作者的其他最新日志
$otherlist = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('bwzt') . " WHERE uid='{$space['uid']}' ORDER BY dateline DESC LIMIT 0,6");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['bwztid'] != $bwzt['bwztid'] && empty($value['friend'])) {
$otherlist[] = $value;
}
}
//最新的日志
$newlist = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('bwzt') . " WHERE hot>=3 ORDER BY dateline DESC LIMIT 0,6");
$rs = $_SGLOBAL['db']->fetch_array($result);
$realname = $rs['name'];
//调用检查函数将@后的内容进行验证,为UID对应的姓名相同则返回@与姓名,不相同则继续判断下一个@,没有找到匹配的最终将返回false
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
}
//替换表情
$Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message);
$Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message);
//print_r($Message);
$arr = array("username" => getstr($username, 15, 1, 1, 1), "message" => $Message, "uid" => intval($userid), "replynum" => 0, "mood" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip());
$newdoid = inserttable('doing', $arr, 1);
//事件feed
$feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $userid, 'username' => $username, 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid');
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
//喜好hash
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
//合并hash
inserttable('feed', $feedarr, 1);
updatestat('doing');
//更新空间note
$setarr = array('note' => $Message);
if (!empty($_POST['spacenote'])) {
$reward = getreward('updatemood', 0);
$setarr['spacenote'] = $Message;
} else {
$reward = getreward('doing', 0);
}
updatetable('spacefield', $setarr, array('uid' => $userid));
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('tagspace') . " WHERE tagid='{$tagid}' AND grade > 8 LIMIT 0 , 5");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$notearr[] = array('uid' => $value['uid'], 'type' => 'mtag', 'new' => 1, 'authorid' => $_SGLOBAL['supe_uid'], 'author' => $_SGLOBAL['supe_username'], 'note' => addslashes(sstripslashes($message)), 'dateline' => $_SGLOBAL['timestamp']);
}
if (!$notearr) {
$groups = array();
@(include_once S_ROOT . './data/data_usergroup.php');
foreach ($_SGLOBAL['usergroup'] as $gid => $value) {
if ($value['managemtag']) {
$groups[] = $gid;
}
}
if ($groups) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE groupid IN (" . simplode($groups) . ") LIMIT 0 , 5");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$notearr[] = array('uid' => $value['uid'], 'type' => 'mtag', 'new' => 1, 'authorid' => $_SGLOBAL['supe_uid'], 'author' => $_SGLOBAL['supe_username'], 'note' => addslashes(sstripslashes($message)), 'dateline' => $_SGLOBAL['timestamp']);
}
}
}
note_apply($notearr);
showmessage('do_success');
}
} else {
//创建新群组
if (!checkperm('allowmtag')) {
showmessage('no_privilege');
}
//实名认证
ckrealname('share');
//新用户见习
cknewuser();
if ($listcount) {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('ads') . $wheresql . ' ORDER BY displayorder LIMIT ' . $start . ',' . $perpage);
while ($ad = $_SGLOBAL['db']->fetch_array($query)) {
$listvalue[] = $ad;
}
$multipage = multi($listcount, $perpage, $page, $theurl);
}
$viewclass = ' class="active"';
} elseif ($_GET['op'] == 'edit') {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('ads') . " WHERE adid='{$_POST['adid']}'");
$thevalue = $_SGLOBAL['db']->fetch_array($query);
if ($thevalue['style'] != 'pageoutindex' && $thevalue['style'] != 'all') {
$pageout_style = 'none';
}
$parameters = empty($thevalue['parameters']) ? array() : unserialize($thevalue['parameters']);
$parameters = sstripslashes($parameters);
$isupdate = '<input type="hidden" name="update" value="1"><input type="hidden" name="adid" value="' . $thevalue['adid'] . '">';
} elseif ($_GET['op'] == 'add') {
if ($system == '0') {
$addsystemclass = ' class="active"';
} else {
$adduserclass = ' class="active"';
}
$thevalue = array('adid' => '', 'title' => '', 'adtype' => '', 'parameters' => '', 'pagetype' => '', 'type' => '', 'style' => '');
} elseif ($_GET['op'] == 'code') {
if (empty($_POST['adid'])) {
showmessage('ad_no_ads');
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('ads') . " WHERE adid='{$_POST['adid']}' AND system = 1");
if ($thevalue = $_SGLOBAL['db']->fetch_array($query)) {
$parameters = unserialize($thevalue['parameters']);
case 'text':
$adcodes['textcontent'] = getstr($_POST['adcode']['textcontent'], 0, 1, 1);
$adcodes['texturl'] = $_POST['adcode']['texturl'];
$adcodes['textsize'] = floatval($_POST['adcode']['textsize']);
$size = empty($adcodes['textsize']) ? '' : 'style="font-size:' . $adcodes['textsize'] . 'px;"';
$html = '<span style="padding:0.8em"><a href="' . stripslashes($_POST['adcode']['texturl']) . '" target="_blank" ' . $size . '>' . $adcodes['textcontent'] . '</a></span>';
break;
default:
break;
}
if (empty($adcodes)) {
cpmessage('please_check_whether_the_option_complete_required');
} else {
$adcodes['type'] = $_POST['adcode']['type'];
}
$setarr = array('title' => $_POST['title'], 'pagetype' => $_POST['pagetype'], 'adcode' => addslashes(serialize(sstripslashes($adcodes))), 'system' => $_POST['system'], 'available' => empty($_POST['system']) ? 1 : intval($_POST['available']));
if (empty($adid)) {
$adid = inserttable('ad', $setarr, 1);
} else {
updatetable('ad', $setarr, array('adid' => $adid));
}
//写入模板
$tpl = S_ROOT . './data/adtpl/' . $adid . '.htm';
swritefile($tpl, $html);
//缓存更新
include_once S_ROOT . './source/function_cache.php';
ad_cache();
cpmessage('do_success', 'admincp.php?ac=ad');
} elseif (submitcheck('delsubmit')) {
include_once S_ROOT . './source/function_delete.php';
if (!empty($_POST['adids']) && deleteads($_POST['adids'])) {
function privacy_update()
{
global $_SGLOBAL, $space;
updatetable('spacefield', array('privacy' => addslashes(serialize(sstripslashes($space['privacy'])))), array('uid' => $_SGLOBAL['supe_uid']));
}
$html = '<span style="padding:0.8em"><a href="'.stripslashes($_POST['adcode']['texturl']).'" target="_blank" '.$size.'>'.$adcodes['textcontent'].'</a></span>';
break;
default:
break;
}
if(empty($adcodes)) {
cpmessage('please_check_whether_the_option_complete_required');
} else {
$adcodes['type'] = $_POST['adcode']['type'];
}
$setarr = array(
'title' => $_POST['title'],
'pagetype' => $_POST['pagetype'],
'adcode' => addslashes(serialize(sstripslashes($adcodes))),
'system' => $_POST['system'],
'available' => empty($_POST['system'])?1:intval($_POST['available'])
);
if(empty($adid)) {
$adid = inserttable('ad', $setarr, 1);
} else {
updatetable('ad', $setarr, array('adid' => $adid));
}
//写入模板
$tpl = S_ROOT.'./data/adtpl/'.$adid.'.htm';
swritefile($tpl, $html);
//缓存更新
$WallRecFlag = intval($_GET['flag']);
if ($WallRecId > 0) {
$WallRecFlag = $WallRecFlag ? 0 : 1;
if ($WallRecFlag) {
updatetable('wallfield', array('pass' => $WallRecFlag, 'display' => 0, 'checktime' => $_SGLOBAL['timestamp']), array('id' => $WallRecId));
// 更新审批状态
} else {
updatetable('wallfield', array('pass' => $WallRecFlag, 'display' => 0, 'checktime' => 0), array('id' => $WallRecId));
// 更新审批状态
}
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('wallfield') . " where id=" . $WallRecId);
$value = $_SGLOBAL['db']->fetch_array($query);
$message = "<a href=\"plugin.php?pluginid=wall&ac=track&wallid=" . $WallId . "\">#" . $WallTitle . "#</a> " . $value['message'];
if ($WallRecFlag && $value['feedid'] == 0) {
$feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $value['uid'], 'username' => $value['username'], 'dateline' => $value['timeline'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $message)))), 'body_template' => '', 'body_data' => '', 'id' => $value['id'], 'idtype' => 'wallid');
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
$FeedId = inserttable('feed', $feedarr, 1);
if ($FeedId) {
updatetable('wallfield', array('feedid' => $FeedId), array('id' => $WallRecId));
}
} elseif ($WallRecFlag == 0 && $value['feedid']) {
$_SGLOBAL['db']->query("DELETE FROM " . tname("feed") . " WHERE feedid =" . $value['feedid']);
updatetable('wallfield', array('feedid' => 0), array('id' => $WallRecId));
}
cpmessage("do_success", "admincp.php?ac=wallcontentmanage", 1);
} elseif ($op == 'delete') {
$WallRecId = intval($_GET['id']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('wallfield') . " where id=" . $WallRecId);
$value = $_SGLOBAL['db']->fetch_array($query);
function verify_eventmembers($uids, $status)
{
global $_SGLOBAL, $event;
if ($_SGLOBAL['supe_userevent']['status'] < 3) {
showmessage('no_privilege_manage_event_members');
}
$eventid = $_SGLOBAL['supe_userevent']['eventid'];
if ($eventid != $event['eventid']) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid='{$eventid}'");
$event = $_SGLOBAL['db']->fetch_array($query);
}
$status = intval($status);
if ($status < -1 || $status > 3) {
showmessage("bad_userevent_status");
// 请选择正确的活动成员状态
}
if ($event['verify'] == 0 && $status == 0) {
showmessage("event_not_set_verify");
}
if ($status == 3 && $_SGLOBAL['supe_uid'] != $event['uid']) {
showmessage("only_creator_can_set_admin");
// 只有创建者可以设管理员
}
$newids = $actions = $userevents = array();
$num = 0;
// 活动人数变化
$query = $_SGLOBAL['db']->query("SELECT ue.*, sf.* FROM " . tname("userevent") . " ue LEFT JOIN " . tname("spacefield") . " sf ON ue.uid=sf.uid WHERE ue.uid IN (" . simplode($uids) . ") AND ue.eventid='{$eventid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['status'] == $status || $event['uid'] == $value['uid'] || $value['status'] == 1) {
// 相同 status 者,创建者,关注者 不处理
continue;
}
if ($status == 2) {
//设为普通成员
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
if ($value['status'] == 0) {
// 加入
$actions[$value['uid']] = "set_verify";
$num += $value['fellow'] + 1;
} elseif ($value['status'] == 3) {
// 取消组织者身份
$actions[$value['uid']] = "unset_admin";
}
} elseif ($status == 3) {
//设为组织者
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
$actions[$value['uid']] = "set_admin";
if ($value['status'] == 0) {
$num += $value['fellow'] + 1;
}
} elseif ($status == 0) {
//设为待审核
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
$actions[$value['uid']] = "unset_verify";
if ($value['status'] >= 2) {
$num -= $value['fellow'] + 1;
}
} elseif ($status == -1) {
//删除成员
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
$actions[$value['uid']] = "set_delete";
if ($value['status'] >= 2) {
$num -= $value['fellow'] + 1;
}
}
}
if (empty($newids)) {
return array();
}
if ($event['limitnum'] > 0 && $event['membernum'] + $num > $event['limitnum']) {
// 活动人数超了
showmessage("event_will_full");
}
$note_inserts = $note_ids = $feed_inserts = array();
$feedarr = array('appid' => UC_APPID, 'icon' => 'event', 'uid' => '', 'username' => '', 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('event_join'), 'title_data' => array('title' => $event['title'], "eventid" => $event['eventid'], "uid" => $event['uid'], "username" => $event['username']), 'body_template' => '', 'body_data' => array(), 'body_general' => '', 'image_1' => '', 'image_1_link' => '', 'image_2' => '', 'image_2_link' => '', 'image_3' => '', 'image_3_link' => '', 'image_4' => '', 'image_4_link' => '', 'target_ids' => '', 'friend' => '');
$feedarr = sstripslashes($feedarr);
//去掉转义
$feedarr['title_data'] = serialize(sstripslashes($feedarr['title_data']));
//数组转化
$feedarr['body_data'] = serialize(sstripslashes($feedarr['body_data']));
//数组转化
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
//喜好hash
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
//合并hash
$feedarr = saddslashes($feedarr);
//增加转义
foreach ($newids as $id) {
if ($status > 1 && $userevents[$id]['status'] == 0) {
// 通过审核参加了活动,发布参加活动feed
$feedarr['uid'] = $userevents[$id]['uid'];
$feedarr['username'] = $userevents[$id]['username'];
$feed_inserts[] = "('{$feedarr['appid']}', 'event', '{$feedarr['uid']}', '{$feedarr['username']}', '{$feedarr['dateline']}', '0', '{$feedarr['hash_template']}', '{$feedarr['hash_data']}', '{$feedarr['title_template']}', '{$feedarr['title_data']}', '{$feedarr['body_template']}', '{$feedarr['body_data']}', '{$feedarr['body_general']}', '{$feedarr['image_1']}', '{$feedarr['image_1_link']}', '{$feedarr['image_2']}', '{$feedarr['image_2_link']}', '{$feedarr['image_3']}', '{$feedarr['image_3_link']}', '{$feedarr['image_4']}', '{$feedarr['image_4_link']}')";
}
$userevents[$id]['privacy'] = empty($userevents[$id]['privacy']) ? array() : unserialize($userevents[$id]['privacy']);
$filter = empty($userevents[$id]['privacy']['filter_note']) ? array() : array_keys($userevents[$id]['privacy']['filter_note']);
if (cknote_uid(array("type" => "eventmemberstatus", "authorid" => $_SGLOBAL['supe_uid']), $filter)) {
$note_ids[] = $id;
$note_msg = cplang('eventmember_' . $actions[$id], array("space.php?do=event&id=" . $event['eventid'], $event['title']));
$note_inserts[] = "('{$id}', 'eventmemberstatus', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')";
}
}
if ($note_ids) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts));
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")");
}
if ($feed_inserts) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('feed') . " (`appid` ,`icon` ,`uid` ,`username` ,`dateline` ,`friend` ,`hash_template` ,`hash_data` ,`title_template` ,`title_data` ,`body_template` ,`body_data` ,`body_general` ,`image_1` ,`image_1_link` ,`image_2` ,`image_2_link` ,`image_3` ,`image_3_link` ,`image_4` ,`image_4_link`) VALUES " . implode(',', $feed_inserts));
}
if ($status == -1) {
// 删除
$_SGLOBAL['db']->query("DELETE FROM " . tname("userevent") . " WHERE uid IN (" . simplode($newids) . ") AND eventid='{$eventid}'");
} else {
// 设置状态
$_SGLOBAL['db']->query("UPDATE " . tname("userevent") . " SET status='{$status}' WHERE uid IN (" . simplode($newids) . ") AND eventid='{$eventid}'");
}
// 修改活动人数
if ($num != 0) {
$_SGLOBAL['db']->query("UPDATE " . tname("event") . " SET membernum = membernum + ({$num}) WHERE eventid='{$eventid}'");
}
return $newids;
}
function getstr($string, $length, $in_slashes = 0, $out_slashes = 0, $html = 0, $charset = "utf-8")
{
$string = trim($string);
if ($in_slashes) {
//传入的字符有slashes
$string = sstripslashes($string);
}
if ($html < 0) {
//去掉html标签
$string = preg_replace("/(\\<[^\\<]*\\>|\r|\n|\\s|\\[.+?\\])/is", ' ', $string);
$string = shtmlspecialchars($string);
} elseif ($html == 0) {
//转换html标签
$string = shtmlspecialchars($string);
}
if ($length && strlen($string) > $length) {
//截断字符
$wordscut = '';
if (strtolower($charset) == 'utf-8') {
//utf8编码
$n = 0;
$tn = 0;
$noc = 0;
while ($n < strlen($string)) {
$t = ord($string[$n]);
if ($t == 9 || $t == 10 || 32 <= $t && $t <= 126) {
$tn = 1;
$n++;
$noc++;
} elseif (194 <= $t && $t <= 223) {
$tn = 2;
$n += 2;
$noc += 2;
} elseif (224 <= $t && $t < 239) {
$tn = 3;
$n += 3;
$noc += 2;
} elseif (240 <= $t && $t <= 247) {
$tn = 4;
$n += 4;
$noc += 2;
} elseif (248 <= $t && $t <= 251) {
$tn = 5;
$n += 5;
$noc += 2;
} elseif ($t == 252 || $t == 253) {
$tn = 6;
$n += 6;
$noc += 2;
} else {
$n++;
}
if ($noc >= $length) {
break;
}
}
if ($noc > $length) {
$n -= $tn;
}
$wordscut = substr($string, 0, $n);
} else {
for ($i = 0; $i < $length - 1; $i++) {
if (ord($string[$i]) > 127) {
$wordscut .= $string[$i] . $string[$i + 1];
$i++;
} else {
$wordscut .= $string[$i];
}
}
}
$string = $wordscut;
}
if ($out_slashes) {
//$string = saddslashes($string);
}
return trim($string);
}
function verify_eventmembers($uids, $status)
{
global $_SGLOBAL, $event;
if ($_SGLOBAL['supe_userevent']['status'] < 3) {
showmessage('no_privilege_manage_event_members');
}
$eventid = $_SGLOBAL['supe_userevent']['eventid'];
if ($eventid != $event['eventid']) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid='{$eventid}'");
$event = $_SGLOBAL['db']->fetch_array($query);
}
$status = intval($status);
if ($status < -1 || $status > 3) {
showmessage("bad_userevent_status");
// Please select the correct status of the event Members
}
if ($event['verify'] == 0 && $status == 0) {
showmessage("event_not_set_verify");
}
if ($status == 3 && $_SGLOBAL['supe_uid'] != $event['uid']) {
showmessage("only_creator_can_set_admin");
// Only Founder can set the administrator
}
$newids = $actions = $userevents = array();
$num = 0;
// changing Event Member Number
$query = $_SGLOBAL['db']->query("SELECT ue.*, sf.* FROM " . tname("userevent") . " ue LEFT JOIN " . tname("spacefield") . " sf ON ue.uid=sf.uid WHERE ue.uid IN (" . simplode($uids) . ") AND ue.eventid='{$eventid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['status'] == $status || $event['uid'] == $value['uid'] || $value['status'] == 1) {
// The same status, creator, who does not deal with concerned about
continue;
}
if ($status == 2) {
//Set to ordinary member
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
if ($value['status'] == 0) {
// Join
$actions[$value['uid']] = "set_verify";
$num += $value['fellow'] + 1;
} elseif ($value['status'] == 3) {
// cancel the Organizer status
$actions[$value['uid']] = "unset_admin";
}
} elseif ($status == 3) {
//Set to Organizer
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
$actions[$value['uid']] = "set_admin";
if ($value['status'] == 0) {
$num += $value['fellow'] + 1;
}
} elseif ($status == 0) {
//Set to Pending
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
$actions[$value['uid']] = "unset_verify";
if ($value['status'] >= 2) {
$num -= $value['fellow'] + 1;
}
} elseif ($status == -1) {
//Delete Members
$newids[] = $value['uid'];
$userevents[$value['uid']] = $value;
$actions[$value['uid']] = "set_delete";
if ($value['status'] >= 2) {
$num -= $value['fellow'] + 1;
}
}
}
if (empty($newids)) {
return array();
}
if ($event['limitnum'] > 0 && $event['membernum'] + $num > $event['limitnum']) {
// Event Number of members is over
showmessage("event_will_full");
}
$note_inserts = $note_ids = $feed_inserts = array();
$feedarr = array('appid' => UC_APPID, 'icon' => 'event', 'uid' => '', 'username' => '', 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('event_join'), 'title_data' => array('title' => $event['title'], "eventid" => $event['eventid'], "uid" => $event['uid'], "username" => $event['username']), 'body_template' => '', 'body_data' => array(), 'body_general' => '', 'image_1' => '', 'image_1_link' => '', 'image_2' => '', 'image_2_link' => '', 'image_3' => '', 'image_3_link' => '', 'image_4' => '', 'image_4_link' => '', 'target_ids' => '', 'friend' => '');
$feedarr = sstripslashes($feedarr);
//Remove escape chars
$feedarr['title_data'] = serialize(sstripslashes($feedarr['title_data']));
//Serialize
$feedarr['body_data'] = serialize(sstripslashes($feedarr['body_data']));
//Serialize
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
//Like hash
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
//Merged hash
$feedarr = saddslashes($feedarr);
//Add slashes
foreach ($newids as $id) {
if ($status > 1 && $userevents[$id]['status'] == 0) {
// Approved to participate in the Event, participate in activities publish to feed
$feedarr['uid'] = $userevents[$id]['uid'];
$feedarr['username'] = $userevents[$id]['username'];
$feed_inserts[] = "('{$feedarr['appid']}', 'event', '{$feedarr['uid']}', '{$feedarr['username']}', '{$feedarr['dateline']}', '0', '{$feedarr['hash_template']}', '{$feedarr['hash_data']}', '{$feedarr['title_template']}', '{$feedarr['title_data']}', '{$feedarr['body_template']}', '{$feedarr['body_data']}', '{$feedarr['body_general']}', '{$feedarr['image_1']}', '{$feedarr['image_1_link']}', '{$feedarr['image_2']}', '{$feedarr['image_2_link']}', '{$feedarr['image_3']}', '{$feedarr['image_3_link']}', '{$feedarr['image_4']}', '{$feedarr['image_4_link']}')";
}
$userevents[$id]['privacy'] = empty($userevents[$id]['privacy']) ? array() : unserialize($userevents[$id]['privacy']);
$filter = empty($userevents[$id]['privacy']['filter_note']) ? array() : array_keys($userevents[$id]['privacy']['filter_note']);
if (cknote_uid(array("type" => "eventmemberstatus", "authorid" => $_SGLOBAL['supe_uid']), $filter)) {
$note_ids[] = $id;
$note_msg = cplang('eventmember_' . $actions[$id], array("space.php?do=event&id=" . $event['eventid'], $event['title']));
$note_inserts[] = "('{$id}', 'eventmemberstatus', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')";
}
}
if ($note_ids) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts));
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")");
}
if ($feed_inserts) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('feed') . " (`appid` ,`icon` ,`uid` ,`username` ,`dateline` ,`friend` ,`hash_template` ,`hash_data` ,`title_template` ,`title_data` ,`body_template` ,`body_data` ,`body_general` ,`image_1` ,`image_1_link` ,`image_2` ,`image_2_link` ,`image_3` ,`image_3_link` ,`image_4` ,`image_4_link`) VALUES " . implode(',', $feed_inserts));
}
if ($status == -1) {
// Delete
$_SGLOBAL['db']->query("DELETE FROM " . tname("userevent") . " WHERE uid IN (" . simplode($newids) . ") AND eventid='{$eventid}'");
} else {
// Set status
$_SGLOBAL['db']->query("UPDATE " . tname("userevent") . " SET status='{$status}' WHERE uid IN (" . simplode($newids) . ") AND eventid='{$eventid}'");
}
// Modify Event Number of members
if ($num != 0) {
$_SGLOBAL['db']->query("UPDATE " . tname("event") . " SET membernum = membernum + ({$num}) WHERE eventid='{$eventid}'");
}
return $newids;
}
}
$order = !empty($_GET['order']) ? strtolower(trim($_GET['order'])) : 'dateline';
$sc = !empty($_GET['sc']) ? strtoupper(trim($_GET['sc'])) : 'DESC';
if(!in_array($order, array('dateline', 'updatetime', 'viewnum', 'friendnum', 'credit'))) $order = 'dateline';
if(!in_array($sc, array('DESC', 'ASC'))) $sc = 'DESC';
if($wherearr) $sql = 'WHERE '.implode(' AND ', $wherearr);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('space')." $sql ORDER BY $order $sc LIMIT $start,$limit");
while($value = $_SGLOBAL['db']->fetch_array($query)) {
$value['dateline'] = sgmdate('m-d H:i', $value['dateline']);
$value['updatetime'] = sgmdate('m-d H:i', $value['updatetime']);
$value['userlink'] = $siteurl.'space.php?uid='.$value['uid'];
$value['photo'] = ckavatar($value['uid']) ? avatar($value['uid'], 'small',true) : UC_API.'/images/noavatar_small.gif';
$value = sstripslashes($value);
$spacelist[] = $value;
}
echo serialize($spacelist);
function getscopequery($var, $tarr, $isdate=0, $pre='') {
global $_SGLOBAL;
$wheresql = '';
if(!empty($pre)) $pre = $pre.'.';
if($tarr) {
if($isdate) {
$tarr = intval($tarr);
if($tarr) $wheresql = $pre.$var.">='".($_SGLOBAL['timestamp']-$tarr)."'";
$multipage = multi($listcount, $perpage, $_SGET['page'], $theurl . $urlplus);
}
$rtarr['listcount'] = $listcount;
$rtarr['multipage'] = $multipage;
$rtarr['listarr'] = $listarr;
$viewclass = ' class="active"';
}
} elseif ($_GET['op'] == 'edit' || $_GET['op'] == 'view') {
$itemid = intval($_GET['itemid']);
$sqlplus = '';
if (!empty($itemid)) {
$wheresqlstr = getwheresql($wheresqlarr);
if (!empty($_GET['folder']) && $_GET['op'] == 'view') {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('modelfolders') . ' WHERE itemid=\'' . $itemid . '\' AND mid=\'' . $resultmodels['mid'] . '\' AND ' . $wheresqlstr);
$thevalue = $_SGLOBAL['db']->fetch_array($query);
$thevalue = sstripslashes(unserialize($thevalue['message']));
} else {
if ($wheresqlstr != 1) {
$wheresqlstr = 'i.' . $wheresqlstr;
}
$query = $_SGLOBAL['db']->query('SELECT ii.*, i.* FROM ' . tname($resultmodels['modelname'] . 'message') . ' ii ' . 'LEFT JOIN ' . tname($resultmodels['modelname'] . 'items') . ' i ON i.itemid=ii.itemid ' . 'WHERE ii.itemid=\'' . $itemid . '\' AND ' . $wheresqlstr);
$thevalue = $_SGLOBAL['db']->fetch_array($query);
}
if (empty($thevalue)) {
showmessage('no_item_or_no_prem', S_URL . '/' . $theurl);
}
$tmpmessage = $thevalue['message'];
if (!empty($thevalue)) {
foreach ($thevalue as $tmpkey => $tmpvalue) {
if (!empty($cacheinfo['columns'][$tmpkey]['isbbcode'])) {
$thevalue[$tmpkey] = modeldiscuzcode($tmpvalue, 'de');
*/
if (!defined('IN_UCHOME')) {
exit('Access Denied');
}
//从uc获取feed
include_once S_ROOT . './uc_client/client.php';
if ($results = uc_feed_get(10)) {
//每次取10个
$cols = array('uid', 'username', 'appid', 'icon', 'dateline', 'hash_template', 'hash_data', 'title_template', 'title_data', 'body_template', 'body_data', 'body_general', 'image_1', 'image_1_link', 'image_2', 'image_2_link', 'image_3', 'image_3_link', 'image_4', 'image_4_link', 'target_ids');
$inserts = array();
foreach ($results as $value) {
if (empty($value['uid']) || empty($value['username'])) {
continue;
}
$vs = array();
foreach ($cols as $key) {
if (is_array($value[$key])) {
//数组处理
$value[$key] = addslashes(serialize(sstripslashes($value[$key])));
} else {
$value[$key] = addslashes(sstripslashes($value[$key]));
}
$vs[] = '\'' . $value[$key] . '\'';
}
$inserts[] = '(' . implode(',', $vs) . ')';
}
//入库
if ($inserts) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('feed') . " (`" . implode('`,`', $cols) . "`) VALUES " . implode(',', $inserts));
}
}
}
$start = ($page - 1) * $perpage;
if (empty($_SCONFIG['networkpage'])) {
$start = 0;
}
//类型
if ($_GET['type']) {
$sub_actives = array('type_' . $_GET['type'] => ' class="active"');
$wheresql = "type='{$_GET['type']}'";
} else {
$wheresql = '1';
$sub_actives = array('type_all' => ' class="active"');
}
//检查开始数
ckstart($start, $perpage);
//处理查询
$list = array();
$count = empty($_SCONFIG['networkpage']) ? 1 : $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('share')), 0);
if ($count) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('share') . " USE INDEX (dateline) WHERE {$wheresql} ORDER BY dateline DESC LIMIT {$start},{$perpage}");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value['uid'], $value['username']);
$value = mkshare($value);
$list[] = $value;
}
}
//分页
$multi = empty($_SCONFIG['networkpage']) ? 'networkpage' : multi($count, $perpage, $page, $theurl . "&type={$_GET['type']}");
realname_get();
$_GET = shtmlspecialchars(sstripslashes($_GET));
function sstripslashes($string)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = sstripslashes($val);
}
} else {
$string = stripslashes($string);
}
return $string;
}
function verifyevents($eventids, $grade)
{
global $_SGLOBAL;
$allowmanage = checkperm('manageevent');
$managebatch = checkperm('managebatch');
$opnum = 0;
$eventarr = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid IN (" . simplode($eventids) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($allowmanage && !$managebatch) {
$opnum++;
}
}
if (!$allowmanage || !$managebatch && $opnum > 1) {
return array();
}
$grade = intval($grade);
if (!in_array($grade, array(-2, -1, 1, 2))) {
cpmessage('bad_event_grade');
// 错误的活动状态
}
$newids = $events = $actions = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('event') . " WHERE eventid IN (" . simplode($eventids) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($grade == $value['grade']) {
continue;
}
$newids[] = $value['eventid'];
$events[$value['eventid']] = $value;
if ($grade == -1) {
$actions[$value['eventid']] = "unverify";
//未通过审核
} elseif ($grade == 1) {
if ($value['grade'] == -2) {
$actions[$value['eventid']] = "open";
// 开启
} elseif ($value['grade'] < 1) {
$actions[$value['eventid']] = "verify";
// 通过审核
} elseif ($value['grade'] == 2) {
$actions[$value['eventid']] = "unrecommend";
// 取消推荐
}
} elseif ($grade == 2) {
//推荐奖励积分
getreward('recommendevent', 1, $value['uid'], '', 0);
$actions[$value['eventid']] = "recommend";
//推荐
} elseif ($grade == -2) {
$actions[$value['eventid']] = "close";
//关闭
}
}
if (empty($newids)) {
return array();
}
@(include_once S_ROOT . './data/data_eventclass.php');
$noteids = $note_inserts = array();
$feed_inserts = array();
foreach ($newids as $id) {
$event = $events[$id];
if ($grade >= 1 && $events[$id]['grade'] < 1 && $events[$id]['grade'] >= -1) {
// feed:发布活动
$poster = "";
if (empty($event['poster'])) {
$poster = $_SGLOBAL['eventclass'][$event['classid']]['poster'];
} else {
$poster = pic_get($event['poster'], $event['thumb'], $event['remote']);
}
$feedarr = array('appid' => UC_APPID, 'icon' => 'event', 'uid' => $event['uid'], 'username' => $event['username'], 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('event_add'), 'title_data' => array('eventid' => $id, 'title' => $event['title']), 'body_template' => cplang('event_feed_info'), 'body_data' => array("eventid" => $id, "title" => $event['title'], "username" => $event['username'], 'starttime' => sgmdate('m-d H:i', $event['starttime']), 'endtime' => sgmdate('m-d H:i', $event['endtime']), 'province' => $event['province'], 'city' => $event['city'], 'location' => $event['location']), 'body_general' => '', 'image_1' => $poster, 'image_1_link' => 'space.php?do=event&id=' . $id, 'image_2' => '', 'image_2_link' => '', 'image_3' => '', 'image_3_link' => '', 'image_4' => '', 'image_4_link' => '', 'target_ids' => '', 'friend' => '');
$feedarr = sstripslashes($feedarr);
//去掉转义
$feedarr['title_data'] = serialize(sstripslashes($feedarr['title_data']));
//数组转化
$feedarr['body_data'] = serialize(sstripslashes($feedarr['body_data']));
//数组转化
$feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
//喜好hash
$feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
//合并hash
$feedarr = saddslashes($feedarr);
//增加转义
$feed_inserts[] = "('{$feedarr['appid']}', 'event', '{$feedarr['uid']}', '{$feedarr['username']}', '{$feedarr['dateline']}', '0', '{$feedarr['hash_template']}', '{$feedarr['hash_data']}', '{$feedarr['title_template']}', '{$feedarr['title_data']}', '{$feedarr['body_template']}', '{$feedarr['body_data']}', '{$feedarr['body_general']}', '{$feedarr['image_1']}', '{$feedarr['image_1_link']}', '{$feedarr['image_2']}', '{$feedarr['image_2_link']}', '{$feedarr['image_3']}', '{$feedarr['image_3_link']}', '{$feedarr['image_4']}', '{$feedarr['image_4_link']}', '', '{$id}', 'eventid')";
}
if ($event['uid'] != $_SGLOBAL['supe_uid']) {
// 自己的不发送通知
$noteids[] = $event[uid];
$note_msg = cplang('event_set_' . $actions[$id], array("space.php?do=event&id=" . $event['eventid'], $event['title']));
$note_inserts[] = "('{$event['uid']}', 'system', '1', '0', '', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')";
}
}
unset($events);
//修改状态
if ($grade == 2) {
// 需要同时修改推荐时间
$_SGLOBAL['db']->query("UPDATE " . tname("event") . " SET grade='{$grade}', recommendtime='{$_SGLOBAL['timestamp']}' WHERE eventid IN (" . simplode($newids) . ")");
} else {
$_SGLOBAL['db']->query("UPDATE " . tname("event") . " SET grade='{$grade}' WHERE eventid IN (" . simplode($newids) . ")");
}
//通知
if ($note_inserts) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts));
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($noteids) . ")");
}
//Feed
if ($feed_inserts) {
$_SGLOBAL['db']->query("INSERT INTO " . tname('feed') . " (`appid` ,`icon` ,`uid` ,`username` ,`dateline` ,`friend` ,`hash_template` ,`hash_data` ,`title_template` ,`title_data` ,`body_template` ,`body_data` ,`body_general` ,`image_1` ,`image_1_link` ,`image_2` ,`image_2_link` ,`image_3` ,`image_3_link` ,`image_4` ,`image_4_link` ,`target_ids` ,`id` ,`idtype`) VALUES " . implode(',', $feed_inserts));
}
return $newids;
}
cpmsg('no_item', 'admin.php?action=list&m=' . $mname);
}
if ($mname == 'good' || $mname == 'groupbuy') {
$relatedarr = array();
$relatedarr = getrelatedinfo($mname, $editvalue['itemid'], $editvalue['shopid']);
}
$editvalue['dateline'] = sgmdate($editvalue['dateline']);
//管理員查看基本信息&& $mname=='shop'
if ($_GET['op'] == 'adminview') {
if (empty($_SGLOBAL['panelinfo'])) {
getpanelinfo($_GET['itemid']);
}
if ($_GET['updatepass'] == 1) {
$updateser = DB::fetch(DB::query("SELECT * FROM " . tname("itemupdates") . " WHERE itemid='{$_GET['itemid']}' and type = '{$mname}'"));
$update = unserialize($updateser['update']);
$update = sstripslashes($update);
$update['groupid'] = $_SGLOBAL['panelinfo']['group']['title'];
$categorylist = getmodelcategory($mname);
$update['attr_catid'] = $update['catid'];
$update['catid'] = $categorylist[$update['catid']]['name'];
$categorylist = getmodelcategory('region');
$update['region'] = $categorylist[$update['region']]['name'];
if (!empty($update['subjectimage'])) {
$update['subjectimage'] = B_URL . '/' . getattachurl($update['subjectimage']);
}
if (!empty($update['banner'])) {
$update['banner'] = B_URL . '/' . getattachurl($update['banner']);
}
if (!empty($update['windowsimg'])) {
$update['windowsimg'] = B_URL . '/' . getattachurl($update['windowsimg']);
}
//以下摘取addnews部分代码,私下觉得@功能不完整!
preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s/U", $Message, $Matches, PREG_SET_ORDER);
foreach ($Matches as $value) {
$TmpString = $value[0];
$TmpName = $value[1];
$UserId = $value[2];
$result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}");
$rs = $_SGLOBAL['db']->fetch_array($result);
$realname = $rs['name'];
$ValidValue = getAtName($TmpString, $TmpName, $realname);
$ValidValue = trim($ValidValue);
$at_friend = "space.php?uid=" . $UserId;
$Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message);
}
$Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message);
$Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message);
chdir("../../");
include_once 'source/function_cp.php';
$MobileFile = pic_save($File, $_POST['albumid'], $Message, $_POST['topicid']);
if ($MobileFile && is_array($MobileFile)) {
$arr = array("username" => getstr($username, 30, 1, 1, 1), "message" => $Message, "uid" => intval($userid), "replynum" => 0, "mood" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip(), 'fromdevice' => $FromDevice, 'image_1' => pic_get($MobileFile['filepath'], $MobileFile['thumb'], $MobileFile['remote']), 'image_1_link' => "space.php?uid={$MobileFile['uid']}&do=album&picid={$MobileFile['picid']}");
$newdoid = inserttable('doing', $arr, 1);
$Feedarray = array('appid' => 'UC_APPID', 'icon' => 'doing', 'id' => $newdoid, 'idtype' => 'doid', 'uid' => $MobileFile['uid'], 'username' => $MobileFile['username'], 'dateline' => $MobileFile['dateline'], 'fromdevice' => $FromDevice, 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'image_1' => pic_get($MobileFile['filepath'], $MobileFile['thumb'], $MobileFile['remote']), 'image_1_link' => "space.php?uid={$MobileFile['uid']}&do=album&picid={$MobileFile['picid']}");
$Feedarray['hash_template'] = md5($Feedarray['title_template'] . "\t" . $Feedarray['body_template']);
$Feedarray['hash_data'] = md5($Feedarray['title_template'] . "\t" . $Feedarray['title_data'] . "\t" . $Feedarray['body_template'] . "\t" . $Feedarray['body_data']);
$Feedid = inserttable('feed', $Feedarray, 1);
updatestat('doing');
$Result = array('flag' => 'success');
} else {
$Result = array('flag' => 'fail_file&msg');
}
if(!$notearr) {
$groups = array();
$query = $_SGLOBAL['db']->query("SELECT gid FROM ".tname('usergroup')." WHERE managemtag='1'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$groups[] = $value['gid'];
}
if($groups) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM ".tname('space')." WHERE groupid IN (".simplode($groups).") LIMIT 0 , 5");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$notearr[] = array(
'uid' => $value['uid'],
'type' => 'mtag',
'new' => 1,
'authorid' => $_SGLOBAL['supe_uid'],
'author' => $_SGLOBAL['supe_username'],
'note' => addslashes(sstripslashes($message)),
'dateline' => $_SGLOBAL['timestamp']
);
}
}
}
note_apply($notearr);
showmessage('do_success');
}
} else {
//创建新群组
if(!checkperm('allowmtag')) {
ckspacelog();
showmessage('no_privilege');
}
<?php
/*
[UCenter Home] (C) 2007-2008 Comsenz Inc.
$Id: admincp_network.php 10761 2008-12-18 06:55:26Z liguode $
*/
if (!defined('IN_UCHOME') || !defined('IN_ADMINCP')) {
exit('Access Denied');
}
if (!checkperm('managenetwork')) {
cpmessage('no_authority_management_operation');
}
//取得单个数据
$thevalue = array();
$network = data_get('network');
$network = empty($network) ? array() : unserialize(sstripslashes($network));
$module = trim($_GET['module']) ? trim($_GET['module']) : '';
if (submitcheck('thevaluesubmit')) {
$key = key($_POST['network']);
$networkcache = array();
$wherearr = $sql = array();
if (empty($_POST['network'][$key]['usedefault'])) {
$_POST['network'][$key]['start'] = intval($_POST['network'][$key]['start']);
$_POST['network'][$key]['limit'] = intval($_POST['network'][$key]['limit']) ? intval($_POST['network'][$key]['limit']) : 1;
$groupids = isset($_POST['network'][$key]['groupid']) ? getdotstring($_POST['network'][$key]['groupid'], 'int') : '';
switch ($key) {
case 'space':
$uids = getdotstring($_POST['network'][$key]['uid'], 'int');
if ($uids) {
$wherearr[] = 'uid IN (' . $uids . ')';
}
if ($avatar_exists) {
if (!$space['avatar']) {
//奖励积分
$reward = getreward('setavatar', 0);
$credit = $reward['credit'];
$experience = $reward['experience'];
if ($credit) {
$setarr['credit'] = "credit=credit+{$credit}";
}
if ($experience) {
$setarr['experience'] = "experience=experience+{$experience}";
}
$setarr['avatar'] = 'avatar=1';
$setarr['updatetime'] = "updatetime={$_SGLOBAL['timestamp']}";
}
} else {
if ($space['avatar']) {
$setarr['avatar'] = 'avatar=0';
}
}
if ($setarr) {
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET " . implode(',', $setarr) . " WHERE uid='{$space['uid']}'");
}
if (empty($_POST['refer'])) {
$_POST['refer'] = 'space.php?do=home';
}
realname_get();
showmessage('login_success', $app ? "userapp.php?id={$app}" : $_POST['refer'], 0, array($ucsynlogin));
$membername = empty($_SCOOKIE['loginuser']) ? '' : sstripslashes($_SCOOKIE['loginuser']);
$cookiecheck = ' checked';
include template('do_login');
} else {
$authorarr[0] = $tmpauthorrule;
}
}
if (preg_match("/\\[author\\]/", $_POST['authorrule'])) {
$infoarr = array('code' => $authorarr[0], 'url' => $newurlarr[0], 'rule' => $_POST['authorrule'], 'source' => $messagemsgtext);
printruledebug($infoarr);
} else {
showprogress($alang['robot_debug_authorrule_1'], 1);
showprogress(shtmlspecialchars($authorarr[0]));
}
//$authorarr[0] 识别出来的作者
}
//发布者UID
if ($_POST['debugprocess'] == 'uidrule') {
$_POST['uidrule'] = !empty($_POST['uidrule']) ? sstripslashes(trim($_POST['uidrule'])) : '';
if (empty($_POST['uidrule'])) {
showprogress($alang['robot_debug_uidrule_0'], 1);
exit;
}
$uidarr = array();
$tmpuidrule = explode('|', $_POST['uidrule']);
$tmpuidrule = strim($tmpuidrule);
if (is_array($tmpuidrule)) {
foreach ($tmpuidrule as $tmpkey => $tmpvalue) {
if (empty($tmpvalue)) {
unset($tmpuidrule[$tmpkey]);
}
}
$tmprand = 0;
$tmprand = rand(0, count($tmpuidrule) - 1);
function newMediaObject($uid, $username, $password, $mediaobject = array())
{
global $_SGLOBAL, $space;
$fileext = fileext($mediaobject['name']);
if (!in_array($fileext, array('jpg', 'gif', 'png'))) {
$this->sendFault(500, 'You should choose image file to upload.');
}
$this->authUser($username, $password);
include_once S_ROOT . './source/function_cp.php';
$struct = array();
if ($stream_save = stream_save(sstripslashes($mediaobject['bits']), '0', $fileext)) {
$struct['url'] = pic_get($stream_save['filepath'], $stream_save['thumb'], $stream_save['remote'], 0);
} else {
$this->sendFault(500, 'Sorry, your image could not be uploaded. Something wrong happened.');
}
if (!preg_match("/^(http\\:\\/\\/|\\/)/i", $struct['url'])) {
$struct['url'] = $this->siteUrl . $struct['url'];
}
return $struct;
}
//µÚÒ»´Î
$doingnum = getcount('doing', array('uid' => $space['uid']));
$setarr['doingnum'] = "doingnum='{$doingnum}'";
} else {
$setarr['doingnum'] = "doingnum=doingnum+1";
}
}
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET " . implode(',', $setarr) . " WHERE uid='{$_SGLOBAL['supe_uid']}'");
$title_template = cplang(cplang('feed_doing_title'));
$title_data = saddslashes(serialize(sstripslashes(array('message' => $message))));
$body_template = $body_data = '';
if ($complainOK) {
$title_template = cplang(cplang('feed_complain'));
$title_data = '';
$body_template = '{message}';
$body_data = saddslashes(serialize(sstripslashes(array('message' => $message))));
}
//ʼþfeed
if ($add_doing) {
$ip = getonlineip();
$ip_detail = getIpDetails();
$lon = $ip_detail['latitude'];
$lat = $ip_detail['longitude'];
$pos = "http://lbs.juhe.cn/api/getaddressbylngb?lngx=" . $lat . "&lngy=" . $lon;
$opts = array('http' => array('method' => 'GET', 'time' => 1));
$context = stream_context_create($opts);
$res = file_get_contents($pos, false, $context);
$res = json_decode($res, 1);
$address = $res['row']['result']['formatted_address'];
if ($picid && $filepath) {
$feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => $title_template, 'title_data' => $title_data, 'body_template' => $body_template, 'body_data' => $body_data, 'id' => $newdoid, 'idtype' => 'doid', 'fromdevice' => 'web', 'image_1' => pic_get($filepath, 1, 0), 'image_1_link' => "space.php?uid={$_SGLOBAL['supe_uid']}&do=album&picid={$picid}", 'ip' => $ip, 'address' => $address);
