function upload($file)
{
global $_G;
$url = 'http://taobaoshangcheng.uz.taobao.com/upload.php?new=1';
$_G[upload_index] = intval($_G[upload_index]) + 1;
$file_path = '@' . realpath($file) . '';
$data = array('token' => random(10), 'file' => $file_path);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_REFERER, $_G[siteurl]);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-FORWARDED-FOR:110.75.74.69', 'CLIENT-IP:110.75.74.69'));
//IP
$rs = curl_exec($ch);
curl_close($ch);
if (strpos($rs, 'img_url') !== false) {
$rs = json_decode($rs, 1);
return $this->check($rs);
} else {
if (strpos($rs, "淘宝系统缓冲") !== false && $_G[upload_index] < 5) {
return $this->upload($file);
} else {
$rs = trim_html($rs, 1);
L('上传图片到淘宝服务器失败' . $rs);
return false;
}
}
return $file;
}
function post()
{
global $_G;
$type = trim_html($_GET['type'], 1);
$type_arr = array('message', 'feedback');
if (!$type || !in_array($type, $type_arr)) {
$type = 'message';
}
$arr = array();
$arr['type'] = $type;
$arr['content'] = trim_html($_GET['content'], 1);
$arr['name'] = trim_html($_GET['name'], 1);
$arr['contact'] = trim_html($_GET['contact'], 1);
$arr['company_name'] = trim_html($_GET['company_name'], 1);
$arr['url'] = trim_html($_GET['url'], 1);
$arr['check'] = 0;
$arr['dateline'] = TIMESTAMP;
if ($_G['uid'] > 0 && !$arr['name']) {
$arr['name'] = $_G['username'];
}
if ($arr['email'] && !is_email($arr['email'])) {
msg('邮箱格式不正确');
}
$count = getcount('message', "content = '" . $arr['content'] . "'");
if ($count > 0) {
msg('您的信息我们已收到,感谢提交');
}
DB::insert('message', $arr);
msg('提交成功', 'success');
}
function _list()
{
global $_G;
$id = intval($_GET['id']);
$and = '';
$url = URL . "m=article&a=list";
if ($id > 0) {
foreach ($_G[setting][article_tag] as $k => $v) {
if ($k == $id) {
$tag = $v;
}
}
if (!$tag) {
showmessage('未找到分类');
return false;
}
$and .= " AND tag = " . $id;
$url .= "&id=" . $id;
}
$rs = D(array('and' => $and . ' AND `hide` = 0 ', 'table' => 'article', 'order' => '`sort` DESC,`id` DESC'), array('size' => 10, 'url' => $url));
foreach ($rs[goods] as $k => $v) {
$rs[goods][$k][message] = trim_html($v[message], 1);
}
$this->add(array('tag' => $tag));
$this->add($rs);
seo('文章列表' . ' - ' . $_G['setting'][title]);
$this->show();
}
function post()
{
global $_G;
if ($_GET['onsubmit'] && check()) {
$arr = array();
$arr['title'] = trim_html($_GET['title'], 1);
$arr['fid'] = intval($_GET['fid']);
$value = $_GET['postdb'];
$arr['value'] = serialize($value);
$url = '';
if ($_GET['id']) {
$id = intval($_GET['id']);
DB::update(__CLASS__, $arr, "id=" . $id);
$url = '&id=' . $id;
$msg = '修改';
} else {
$msg = '添加';
$arr['dateline'] = TIMESTAMP;
$arr['count'] = 0;
$arr['updatetime'] = 0;
$arr['count'] = 0;
DB::insert(__CLASS__, $arr, true);
}
cpmsg($msg . '成功', 'success', 'm=' . __CLASS__ . '&a=' . __FUNCTION__ . $url);
} elseif ($_GET['id']) {
$id = intval($_GET['id']);
$rs = DB::fetch_first("SELECT * FROM " . DB::table('fetch') . " WHERE id = " . $id);
$fetch = dunserialize($rs['value']);
$fetch = array_merge($fetch, $rs);
//dump($fetch);
}
$cates = (include libfile('config/taobao_cate'));
$this->add(array('cates' => $cates, 'fetch' => $fetch));
$this->show();
}
function shop_list()
{
global $_G, $assign;
$shop_list = array();
foreach ($assign[goods] as $k => $v) {
$nick = $v['nick'];
if (!$nick) {
continue;
}
$and = "nick='{$nick}'" . ' AND hide = 0 AND `check`=1 ';
//$and_time .= " AND start_time < ".TIMESTAMP;
//$and_time .= " AND ( end_time = 0 or end_time > ".TIMESTAMP.")";
//$and .= ' AND `check` = 1 AND `hide`=0 AND num>0 ' .$and_time;
$count = getcount('goods', $and);
$arr = $v;
$arr[desc] = cutstr(trim_html($v[desc], 1), 150);
$arr[goods] = D(array('and' => $and, 'limit' => 4, 'all' => true));
$arr['count'] = $count;
$shop_list[] = $arr;
}
return array('shop_list' => $shop_list);
}
public function testMixChainAndStandaloneFunctions()
{
Form::unregister('text');
$actual = Form::open('/page.html')->text('test', 'Test');
$actual .= Form::submit('', 'Save');
$actual .= Form::close();
$expected = '<form action="/page.html" method="post" class="" id="" ><input type="text" name="test" id="test" value="Test" class="text" /><input type="submit" name="" id="" value="Save" class="submit" /></form>';
$this->assertEquals(trim_html($expected), trim_html($actual));
}
function taobao_login()
{
global $_G;
if (!$_G[setting][taobao_appkey] || !$_G[setting][taobao_appsecret]) {
msg('抱歉,系统未开启淘宝登录组件', 'error', 'm=member&a=login');
}
$callbak_url = $_G[siteurl] . "/index.phpm=member&a=taobao_login";
if (isset($_GET["state"]) && !empty($_GET["state"])) {
if ($_GET[error]) {
$msg = trim_html(urldecode_utf8($_GET[error_description], 1));
msg('登录失败,错误信息:' . $msg, 'error', 'm=member&a=login');
}
if ($_GET["state"] != $_SESSION["tb_state"]) {
msg('请求非法或超时!', 'error', 'member&a=login');
}
$code = trim($_GET["code"]);
$postfields = array('grant_type' => "authorization_code", 'client_id' => $_G[setting][taobao_appkey], 'client_secret' => $_G[setting][taobao_appsecret], 'code' => $code, 'redirect_uri' => $callbak_url);
$url = 'https://oauth.taobao.com/token';
$info = json_decode(fetch($url, $postfields), 1);
if (!$info[taobao_user_nick] || !$info[taobao_user_id]) {
msg('获取用户名称或用户ID或失败', 'error', 'm=member&a=login');
}
$member = array('username' => urldecode_utf8($info[taobao_user_nick]), 'address' => '', 'content' => $info[taobao_user_id], 'picurl' => '', 'groupid' => 22, 'login_name' => 'taobao', 'login_id' => $info[taobao_user_id]);
$this->login_callback($member);
} else {
$state = TIMESTAMP;
$_SESSION["tb_state"] = $state;
$url = "https://oauth.taobao.com/authorize";
$params = array("response_type" => "code", "client_id" => $_G[setting][taobao_appkey], "redirect_uri" => $callbak_url, "state" => $state);
foreach ($params as $key => $val) {
$get[] = $key . "=" . urlencode($val);
}
$ret_url = $url . "?" . join("&", $get);
header("location:" . $ret_url);
}
}
function post()
{
global $_G;
if ($_GET['onsubmit']) {
//dump($_GET,1);
$article = get_filed(__CLASS__, $_GET['postdb'], $_GET['id']);
$article['hide'] = intval($article['hide']);
$article['sort'] = intval($article['sort']);
$article['cate'] = intval($article['cate']);
$article['views'] = intval($article['views']);
if ($_FILES[file]) {
$src = upload();
if ($src) {
$article[picurl] = $src;
}
}
if (!$article['keywords'] && $_G[setting][auto_keywords] == 1) {
$article['keywords'] = get_keywords($article['title']);
}
if (!$article[description]) {
$article[description] = cutstr(trim_html($article[message], 1), 250, '');
}
$url = '';
if ($_GET['id']) {
$id = intval($_GET['id']);
DB::update(__CLASS__, $article, "id=" . $id);
$url = '&id=' . $id;
$msg = '修改';
api_post(array('a' => 'update', 'table' => 'article', 'data' => $article, 'pre_key' => 'id', 'id' => $id));
} else {
$msg = '发布';
$article['dateline'] = TIMESTAMP;
$r = DB::insert(__CLASS__, $article, true);
if ($r > 0) {
api_post(array('a' => 'insert', 'table' => 'article', 'data' => $article, 'id' => $r));
}
}
cpmsg($msg . '成功', 'success');
return false;
} elseif ($_GET['id']) {
$id = intval($_GET['id']);
$article = DB::fetch_first("SELECT * FROM " . DB::table("article") . " WHERE id = " . $id);
$article = dstripcslashes($article);
} else {
if (!$_GET[cate]) {
$cate = $_G[__CLASS__ . '_cate'];
$this->add(array('cate' => $cate));
$this->show('common_admin/select_post');
return;
} else {
$article = get_filed(__CLASS__);
}
}
$this->add(array('article' => $article));
$this->show();
}
function get_client_ip()
{
$ip = $_SERVER['REMOTE_ADDR'];
if (isset($_SERVER['HTTP_CLIENT_IP']) && preg_match('/^([0-9]{1,3}\\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match_all('#\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}#s', $_SERVER['HTTP_X_FORWARDED_FOR'], $matches)) {
foreach ($matches[0] as $xip) {
if (!preg_match('#^(10|172\\.16|192\\.168)\\.#', $xip)) {
$ip = $xip;
break;
}
}
}
$ip = trim_html($ip, 1);
return $ip;
}
function post()
{
global $_G;
if (!is_login()) {
return false;
}
if (!$_G[uid]) {
msg('未登录无法进行操作');
}
if ($_G[member][groupid] == 3) {
msg('抱歉,您当前是禁止用户,无法使用');
} else {
if ($_G[member][check] == 0) {
msg('抱歉,您当前账号未审核无法使用');
}
}
if ($_G[setting][say_status] != 1) {
msg('系统已关闭评论功能');
}
if ($_SESSION['comment'] && $_SESSION['comment']['time'] > 0) {
$last_comment_time = $_SESSION['comment']['time'] > 0 ? TIMESTAMP - intval($_SESSION['comment']['time']) : 0;
if ($last_comment_time < 5) {
msg('发言太快,请休息一下吧');
}
}
$type = trim($_GET[type]);
$id = intval($_GET[id]);
if (!$id) {
msg('抱歉,您要提交的id不能为空');
}
if (!$type) {
msg('抱歉,评论类型不能为空');
}
if (!preg_match("/^[a-z_]+\$/", $type)) {
msg('评论类型格式不正确');
}
if (!array_key_exists($type, $_G[setting][comment_types])) {
msg('当前模块不允许评论或留言');
}
$content = trim($_GET[content]);
if (!$content) {
msg('您要评论的内容不能为空');
}
$content = safe_filter($content);
$comment_day = $_G[setting][comment_day] > 0 ? $_G[setting][comment_day] : 30;
//天限制
$today = dmktime(dgmdate(TIMESTAMP, 'd'));
$count_day = getcount('comment', " uid=" . $_G[uid] . " AND type = '" . $type . "' AND dateline>" . $today);
if ($count_day > $comment_day) {
msg('您今日发布的评论已超过' . $comment_day . '条,待明日再评论吧.');
}
$comment_month_mod = $_G[setting][comment_month_mod] > 0 ? $_G[setting][comment_month_mod] : 300;
//月限制
$day30 = dmktime(dgmdate(TIMESTAMP - 86400 * 30, 'd'));
$count = getcount('comment', " uid=" . $_G[uid] . " AND type = '" . $type . "' AND dateline>" . $day30);
if ($count_day > $comment_month_mod) {
msg('您本月发布的 ' . $_G[setting][comment_types][$type] . ' 评论已超过' . $comment_month_mod . '条,待下月再来吧.');
}
$comment_month_sum = $_G[setting][comment_month_sum] > 0 ? $_G[setting][comment_month_sum] : 1000;
//不限制分类,月限制
$day30 = dmktime(dgmdate(TIMESTAMP - 86400 * 30, 'd'));
$count = getcount('comment', " uid=" . $_G[uid] . " AND dateline>" . $day30);
if ($count_day > $comment_month_sum) {
msg('您本月发布的总评论已超过' . $comment_month_sum . '条,待下月再来吧.');
}
//检查回复的主题id是否存在
$idname = $type == 'goods' ? 'aid' : 'id';
$count_len = getcount($type, $idname . '=' . $id);
if (!$count_len) {
msg('回复的主题不存在');
}
if ($_G['setting']['comment_filter'] != 1) {
$content = trim($content);
// $html_arr = array('<p><img><a><b><strong><h1><h2><h3><h4><h5><h6><span><em><i><div><table><tr><td><th>');
//$html_arr = array('<p><img>');
$content = strip_tags($content);
$content = str_replace(array('"', "'"), '', $content);
$content = trim_html($content, 1);
}
$content = daddslashes($content);
if ($_SESSION['comment'] && $_SESSION['comment']['time'] > 0) {
$last_content = $_SESSION['comment']['content'];
if ($last_content && $content == $last_content) {
msg('请勿发布同样的内容');
}
}
$arr = array();
$arr['uid'] = $_G[uid];
$arr['username'] = $_G[username];
$arr['dateline'] = TIMESTAMP;
$arr['ip'] = $_G[clientip];
$arr['type_id'] = $id;
$arr['type'] = $type;
$arr['content'] = $content;
if ($_GET['num_iid']) {
$arr['num_iid'] = trim_html($_GET['num_iid']);
}
if ($_GET[is_reply] && $_GET[reply_id] > 0) {
$arr['is_reply'] = 1;
$arr['reply_id'] = intval($_GET[reply_id]);
} else {
$arr['is_reply'] = 0;
$arr['reply_id'] = 0;
}
$arr['picurl'] = '';
$arr['check'] = intval($_G[setting][comment_check]);
$jf = intval($_G[setting][comment_jf]);
$arr['jf'] = $jf;
$insert_id = DB::insert('comment', $arr, 1);
if (!$insert_id) {
msg('评论失败');
}
$msg = '评论成功';
if ($jf > 0) {
$msg .= ',恭喜您获得' . $jf . '积分';
insert_sign(array('desc' => $msg, 'type' => 'comment', 'org_jf' => $_G[member][jf], 'jf' => $jf, 'aid' => $insert_id));
update_member(array('jf' => $_G[member][jf] + $jf), $_G[uid]);
}
$_SESSION['comment']['time'] = TIMESTAMP;
$_SESSION['comment']['content'] = $arr['content'];
$fd = table($type);
if (isset($fd['comment_count'])) {
$where = '';
if (isset($fd['id'])) {
$where = 'id=' . $id;
} else {
if (isset($fd['aid'])) {
$where = 'aid=' . $id;
}
}
$count = getcount(__CLASS__, " AND type = '{$type}' AND type_id = " . $id . " AND `check` =1 ");
if ($where) {
$r = DB::update($type, array('comment_count' => $count), $where);
}
}
/*$data = array('user_pic'=>$_G[member][picurl],'id'=>$insert_id,'username'=>$_G[username],
'dateline'=>TIMESTAMP,'content'=>$arr[content]); */
if ($arr[check] == 0) {
$msg .= ' 需待审核后才能显示';
}
if ($_G['inajax'] == 1) {
json(array('status' => 'success', 'msg' => $msg, 'data' => $data));
} else {
msg($msg, 'success');
}
}
function post()
{
global $_G;
if ($_GET['onsubmit']) {
$img = get_filed(__CLASS__, $_GET['postdb'], $_GET['id']);
$img['hide'] = intval($img['hide']);
$img['sort'] = intval($img['sort']);
$img['like'] = intval($img['like']);
$img['hate'] = intval($img['hate']);
if ($_FILES[file]) {
$src = upload();
if ($src) {
$img[picurl] = $src;
}
}
if (!$img['keywords'] && $_G[setting][auto_keywords] == 1) {
$img['keywords'] = get_keywords($img['title']);
}
if (preg_match("/^[0-9\\.]+\$/is", $img[description])) {
$img[description] = '';
}
if (!$img[description]) {
$tmp = preg_replace("/###\\{(.*?)\\}###/is", '', $img[message]);
$img[description] = trim(cutstr(trim_html($tmp), 250, ''));
}
if (!$img[picurl] && preg_match("/<img.*?src=\"http:(.*?)\"/is", $img[message], $img_arr)) {
if ($img_arr[1]) {
$img[picurl] = "http:" . $img_arr[1];
}
}
$url = '';
if ($_GET['id']) {
$id = intval($_GET['id']);
DB::update(__CLASS__, $img, "id=" . $id);
$url = '&id=' . $id;
$msg = '修改';
} else {
$msg = '发布';
$img['dateline'] = TIMESTAMP;
if (!$img[description]) {
$img[description] = cutstr(trim_html($img[message]), 250, '');
}
$r = DB::insert(__CLASS__, $img, true);
}
cpmsg($msg . '成功', 'success', 'm=' . __CLASS__ . '&a=' . __FUNCTION__ . $url);
return false;
} elseif ($_GET['id']) {
$id = intval($_GET['id']);
$img = DB::fetch_first("SELECT * FROM " . DB::table("img") . " WHERE id = " . $id);
$img = dstripcslashes($img);
} else {
$img = get_filed(__CLASS__);
}
$this->add(array('img' => $img));
$this->show();
}
function main()
{
global $_G;
if ($_GET['onsubmit'] && check()) {
foreach ($_GET[ids] as $k => $v) {
$id = intval($v);
if ($_GET[del][$k] == 0) {
continue;
}
if ($_GET['_del_all'] == 1 && $_GET['del'][$k]) {
delete_member($id);
}
}
cpmsg('操作成功', 'success', 'm=' . __CLASS__ . '&a=' . __FUNCTION__);
return false;
}
$size = 30;
$start = ($_G['page'] - 1) * $size;
$url = '';
$and = '';
if ($_GET[groupid] > 0) {
$groupid = intval($_GET[groupid]);
$and .= " AND groupid = " . $groupid;
$url .= "&groupid=" . $groupid;
}
if ($_GET[uid] > 0) {
$uid = intval($_GET[uid]);
$and .= " AND uid = " . $uid;
$url .= "&uid=" . $uid;
}
if ($_GET[phone]) {
$phone = trim_html($_GET[phone], 1);
$and .= " AND phone = " . $phone;
$url .= "&phone=" . $phone;
}
if ($_GET[jf_min] > 0) {
$jf_min = intval($_GET[jf_min]);
$and .= " AND jf >= " . $jf_min;
$url .= "&jf_min=" . $jf_min;
}
if ($_GET[jf_max] > 0) {
$jf_max = intval($_GET[jf_max]);
$and .= " AND jf <= " . $jf_max;
$url .= "&jf_max=" . $jf_max;
}
if (isset($_GET[check])) {
$check = intval($_GET[check]);
$and .= " AND `check` = " . $check;
$url .= "&check=" . $check;
}
if ($_GET[wangwang]) {
$wangwang = $_GET[wangwang];
$and .= " AND `wangwang` = " . $wangwang;
$url .= "&wangwang=" . $wangwang;
}
if ($_GET[qq]) {
$qq = intval($_GET[qq]);
$and .= " AND `qq` = " . $qq;
$url .= "&qq=" . $qq;
}
if ($_GET[email]) {
$email = trim($_GET[email]);
$and .= " AND `email` = '{$email}'";
$url .= "&email=" . $email;
}
if ($_GET[phone]) {
$phone = trim($_GET[phone]);
$and .= " AND `phone` = '{$phone}'";
$url .= "&phone=" . $phone;
}
if ($_GET[alipay]) {
$alipay = trim($_GET[alipay]);
$and .= " AND `alipay` = '{$alipay}'";
$url .= "&alipay=" . $alipay;
}
if ($_GET[order_number]) {
$order_number = trim($_GET[order_number]);
$and .= " AND `order_number` = '{$order_number}'";
$url .= "&order_number=" . $order_number;
}
if ($_GET[t_user_name]) {
$t_user_name = trim($_GET[t_user_name]);
$t_uid = DB::result_first("SELECT uid FROM " . DB::table('member') . " WHERE username = '******'");
if ($t_uid > 0) {
$and .= " AND `t_uid` = " . $t_uid;
$url .= "&t_uid=" . $t_uid;
}
}
if ($_GET[t_uid]) {
$t_uid = intval($_GET[t_uid]);
$and .= " AND `t_uid` = " . $t_uid;
$url .= "&t_uid=" . $t_uid;
}
if ($_GET['username']) {
$username = trim_html(trim($_GET[username]));
//$and .= " AND (username = '******' or `nick` = '$username' )";
$and .= " AND ( `username` LIKE '%" . $username . "%' )";
$url .= "&username="******"SELECT * FROM ".DB::table(__CLASS__)." where 1 $and ORDER BY uid DESC LIMIT $start,$size");
$member_list = D($sql, array('size' => 40, 'url' => $sql[url]));
//$count = getcount(__CLASS__,$and);
//$showpage = multi($count,$size,$_G[page],URL."m=member&a=main".$url);
if (!isset($_GET[order])) {
$sql['order'] = ' uid DESC ';
}
foreach ($member_list[goods] as $k => $v) {
$member_list[goods][$k][regdate] = dgmdate($v[regdate], 'u');
$member_list[goods][$k][login_time] = dgmdate($v[login_time], 'u');
if (array_key_exists('sign', table('member'))) {
$member_list[$k][sign] = getcount('sign', "uid = " . $v[uid] . " AND type = 'sign'");
} else {
$member_list[$k][sign] = 0;
}
}
$this->add($member_list);
$this->show('member/main');
}
function rss()
{
global $_G;
$goods = DB::fetch_all("SELECT title,aid,dateline FROM " . DB::table('goods') . " WHERE `check`=1 AND hide = 0 ORDER BY aid DESC LIMIT 100");
$rs = '<?xml version="1.0" ?>
<rss version="2.0" xmlns:blogChannel="http://backend.userland.com/blogChannelModule">
<channel>
<title>' . $_G[setting][title] . '</title>
<link>' . $_G[siteurl] . '</link>
<description>' . trim_html($_G[setting][seo_description], 1) . '</description>
<language>zh-cn</language>
<copyright>' . trim_html($_G[setting][copyright], 1) . '</copyright>
<lastBuildDate>' . gmstrftime(TIMESTAMP) . '</lastBuildDate>
<generator>优淘TAE系统' . TTAE_VERSION . ' by d_cms@qq.com</generator>
<managingEditor>' . $_G[setting][admin_email] . '</managingEditor>
<webMaster>85914984@qq.com</webMaster>
<ttl>40</ttl>';
foreach ($goods as $k => $v) {
$rs .= '
<item>
<title>' . $v[title] . '</title>
<category>' . $_G[all_channel][$v[fid]][name] . '</category>
<description>' . trim_html($v[description] . $v[ly], 1) . '</description>
<pubDate>' . gmstrftime('%a,%d %b %Y %H:%M:%S', $v[dateline]) . ' GMT</pubDate>
<guid>' . $_G[siteurl] . URL . 'aid=' . $v[aid] . '</guid>
<link>' . $_G[siteurl] . URL . 'aid=' . $v[aid] . '</link>
</item>';
}
$rs .= '
</channel>
</rss>';
header('Content-Type: text/xml; charset=' . CHARSET);
echo $rs;
}
public function testHTML()
{
$actual = Formbuilder\Form::html('This is only a test.');
$expected = 'This is only a test.';
$this->assertEquals(trim_html($expected), trim_html($actual));
$actual = Formbuilder\Form::html('Hello [+somebody+]', array('somebody' => 'World', 'ignore' => 'Me'));
$expected = 'Hello World';
$this->assertEquals(trim_html($expected), trim_html($actual));
}
function post_img()
{
global $_G, $app;
if (!$_GET['data']) {
$this->json(array('msg' => '要同步的数据不能为空', 'code' => 2));
return false;
}
$data = $_GET['data'];
$arr = json_decode($data, true);
if (!is_array($arr) || !$arr) {
$arr = json_decode(urldecode_utf8($data), true);
}
if (!is_array($arr) || !$arr) {
$this->json(array('msg' => '要同步的数据解析失败', 'code' => 3));
return false;
}
$filed = table('img');
$img = get_filed('img', $arr);
$img['hide'] = intval($img['hide']);
$img['sort'] = intval($img['sort']);
$img['hate'] = intval($img['hate']);
$img['like'] = intval($img['like']);
if ($arr['desc']) {
$img[description] = $arr['desc'];
}
$img[message] = trim($img[message]);
$img['dateline'] = TIMESTAMP;
foreach ($img as $k1 => $v1) {
if (!array_key_exists($k1, $filed)) {
unset($img[$k1]);
}
if (is_string($v1)) {
$img[$k1] = str_replace(array('¥', '¥'), array('', ''), $v1);
}
}
if (preg_match("/^[0-9\\.]+\$/is", $img[description])) {
$img[description] = '';
}
if (!$img[description]) {
if (strpos($img[message], '###{') !== false) {
$img[description] = preg_replace("/###\\{(.*?)\\}###/is", '', $img[message]);
$img[description] = cutstr(trim_html($img[description], 1), 250, '');
}
}
$count = getcount('img', "title='" . $img[title] . "'");
if ($count > 0) {
$this->json(array('status' => 'error', 'id' => 0, 'msg' => '当前看图购已发布过'));
return false;
}
if (!$img[title]) {
$this->json(array('status' => 'error', 'id' => 0, 'msg' => '标题不能为空'));
return false;
}
$id = DB::insert('img', $img, true);
if ($id > 0) {
$this->json(array('status' => 'success', 'id' => $id));
return false;
} else {
if (defined('ERROR') && ERROR === true) {
if (DB::error()) {
$msg = 'DB Error : ' . DB::error();
} else {
$msg = urlencode_utf8($_G['error_msg']);
}
$this->json(array('status' => 'error', 'id' => $return_id, 'msg' => $msg));
return false;
} else {
$this->json(array('status' => 'error', 'id' => $id, 'msg' => '未成功,数据库未报错'));
return false;
}
}
}
function say_post()
{
global $_G;
if ($_G[member][groupid] == 3) {
msg('抱歉,您当前是禁止用户,无法使用');
} else {
if ($_G[member][check] == 0) {
msg('抱歉,您当前账号未审核无法使用');
}
}
if (!$_G[setting][say_status]) {
msg('抱歉,系统已关闭发布讨论功能', 'error');
}
$goods = '';
$url = 'm=home&a=say_post';
if ($_GET[onsubmit] && check()) {
if ($_G[setting][say_block]) {
$list = explode(',', $_G[setting][say_block]);
if (in_array($_G[username], $list)) {
msg('抱歉,您当前账号已被加入黑名单,无法发布讨论');
}
}
if ($_GET[id]) {
$arr = array();
} else {
$arr = get_filed('say');
}
$arr[title] = safe_filter($_GET['postdb'][title]);
$arr[picurl] = trim($_GET['postdb'][picurl]);
$arr[keywords] = safe_filter($_GET['postdb'][keywords]);
$arr[message] = safe_filter($_GET['postdb'][message]);
if (!$arr[title]) {
msg('标题不能为空');
}
if (!$arr[message]) {
msg('讨论内容不能为空');
}
$arr[post] = 1;
$arr[check] = intval($_G[setting][say_check]);
$arr[cate] = intval($_GET['postdb'][cate]);
$arr[description] = cutstr(trim_html($arr[message], 1), 250, '');
if ($_FILES[file]) {
$pic = upload();
if ($pic) {
$arr[picurl] = $pic;
}
}
/*if(!$arr[picurl] && preg_match("/<img.*?src=\"(.*?)\"/is",$arr[message],$say_arr)){
if($say_arr[1])$arr[picurl] = $say_arr[1];
}*/
//$arr = daddslashes($arr);
if ($_GET['id']) {
$id = intval($_GET['id']);
$goods = D(array('table' => 'say', 'and' => ' AND id = ' . $id));
if ($goods[uid] != $_G[uid]) {
msg('抱歉,您无权编辑非自己发布的信息', 'error', 'm=home&a=say_list');
}
$id = intval($_GET['id']);
$url .= "&id=" . $id;
DB::update('say', $arr, "id=" . $id);
$msg = '修改成功';
} else {
$arr['dateline'] = TIMESTAMP;
$arr[uid] = $_G[uid];
$arr[username] = $_G[username];
$id = DB::insert('say', $arr, 1);
$msg = '发布成功';
$jf = intval($_G[setting][style_jf]);
if ($_G[setting][say_post_jf] > 0) {
$jf = intval($_G[setting][say_post_jf]);
insert_sign(array('desc' => '发布讨论主题-id-' . $id, 'type' => 'say', 'org_jf' => $_G[member][jf], 'jf' => $jf, 'aid' => 0));
update_member(array('jf' => $_G[member][jf] + $jf), $_G[uid]);
}
}
if (!$id) {
msg('抱歉,发布失败,请联系在线客服');
}
if ($arr[check] == 0) {
$msg .= ',您所发布的信息需等审核后才能查看';
}
msg($msg, 'success', $url);
} else {
if ($_GET[id]) {
$id = intval($_GET[id]);
$goods = D(array('table' => 'say', 'and' => ' AND id = ' . $id));
if (!$goods[id]) {
msg('抱歉,未找到要编辑的讨论主题信息', 'error', 'm=home&a=say_list');
}
if ($goods[uid] != $_G[uid]) {
msg('抱歉,您无权编辑非自己发布的信息', 'error', 'm=home&a=say_list');
}
if ($goods[check] == 1) {
msg('已审核的信息无法再次编辑', 'error', 'm=home&a=say_list');
}
}
}
$this->add(array('goods' => $goods));
seo('发布讨论');
$this->show();
}
public function gift($dp)
{
global $_G;
if (!$dp[content]) {
$dp['content'] = $dp['title'];
} else {
$dp['content'] = trim_html($dp[content], 1);
}
$dp['org_dateline'] = $dp['dateline'];
$dp['dateline'] = dgmdate($dp['dateline'], 'u');
$dp['duixiang_name'] = $_G[setting][duixiang][$dp[duixiang]]['name'];
$dp['changhe_name'] = $_G[setting][changhe][$dp[changhe]]['name'];
$dp['gexing_name'] = $_G[setting][gexing][$dp[gexing]]['name'];
$dp['leimu_name'] = $_G[setting][leimu][$dp[leimu]]['name'];
$cate = $dp['cate'];
if ($_G[gift_cate][$cate]) {
$dp['cate_name'] = $_G[gift_cate][$cate]['name'];
} else {
//最多遍利两级
foreach ($_G[gift_cate] as $k => $v) {
if ($v['id'] == $cate) {
$dp['cate_name'] = $v['name'];
break;
} else {
foreach ($v['sub'] as $k1 => $v1) {
if ($v1['id'] == $cate) {
$dp['cate_name'] = $v1['name'];
break;
}
}
}
}
}
$dp['tags'] = make_tags($dp[keywords], '/index.php?m=gift&a=list&tag=');
$dp[images] = explode(',', $dp[images]);
$dp[id_url] = $dp[url] = '/index.php?m=gift&id=' . $dp[id];
$check_text = array('待审核', '已通过', '未通过');
$dp[check_text] = $check_text[$dp[check]];
$today = dmktime(dgmdate(TIMESTAMP, 'd'));
if ($dp[dateline] > $today) {
$dp['new'] = 1;
} else {
$dp['new'] = 0;
}
$min = 0;
if ($dp[goods]) {
$dp[goods] = stripcslashes($dp[goods]);
$dp[goods] = unserialize($dp[goods]);
if (is_array($dp[goods]) && $dp[goods]) {
foreach ($dp[goods] as $k => $v) {
if ($v['num_iid']) {
// $url = "http://item.taobao.com/item.htm?id=".$v[num_iid];
$url = '/index.php?a=go_pay&num_iid=' . $v[num_iid];
$v[url] = $url;
}
if ($v[content]) {
$v[content] = trim_html($v[content], 1);
}
//if($dp[images] && $v[picurl] && !in_array($v[picurl],$dp[images])) $v[images][] = $v[picurl];
//if(!$v['price'])$v['price']=$v['yh_price'];
$v['like'] = intval($v['like']);
$dp[goods][$k] = $v;
}
//最多只能添加10条
$dp[goods] = array_splice($dp[goods], 0, 10);
} else {
$dp[goods] = array();
}
} else {
$dp[goods] = array();
}
$dp['price'] = $dp[goods][0]['price'];
return $dp;
}
function post()
{
global $_G;
$goods_id = '';
if ($_GET['onsubmit'] && check()) {
$shop = get_filed(__CLASS__, $_GET['postdb'], $_GET[id]);
if ($_FILES[file]) {
$src = upload();
if ($src) {
$shop[picurl] = $src;
}
}
if ($_FILES['pic_path']['tmp_name']) {
$src = upload($_FILES['pic_path']);
if ($src) {
$shop[pic_path] = $src;
}
}
$url = '';
if ($_GET['id']) {
$id = intval($_GET['id']);
top('shop', 'insert', $shop, $id);
$url = '&id=' . $id;
$msg = '修改';
} else {
$msg = '添加';
$top = top('shop', 'insert', $shop);
}
cpmsg($msg . '成功', 'success', 'm=' . __CLASS__ . '&a=' . __FUNCTION__ . $url);
return false;
} elseif ($_GET[get_submit] && $_GET['goods_id']) {
$goods_id = get_goods_id($_GET['goods_id']);
if (!$goods_id) {
cpmsg('抓取失败,商品ID或链接不存在或填写错误', 'error', 'm=' . __CLASS__ . '&a=' . __FUNCTION__);
return false;
}
$goods = top('goods', 'get_goods', $goods_id);
if ($goods === false) {
cpmsg('当前商品未成功获取,可能是商品未上线,请更换当前店铺中的其它一款商品再重试,或是请手动添加');
return false;
}
$query = top('shop', 'get_shop', $goods['sid']);
$query[nick] = $goods[nick];
if ($query === false) {
cpmsg('抱歉,获取失败,请检查用户名是否正确');
return false;
}
foreach ($query as $k => $v) {
$shop[$k] = trim_html($v, 1);
}
$shop = get_filed(__CLASS__, $shop);
} elseif ($_GET['id']) {
$id = intval($_GET['id']);
$shop = DB::fetch_first("SELECT * FROM " . DB::table('shop') . " WHERE id = {$id} ");
$shop['start_time'] = dgmdate($shop['start_time'], 'dt');
$shop['end_time'] = dgmdate($shop['end_time'], 'dt');
} else {
$shop = get_filed(__CLASS__);
}
$this->add(array('shop' => $shop, 'goods_id' => $goods_id));
$this->show();
}
/* Normal Messages */
echo "Compacting normal messages...<br>\n";
flush();
$tbl =& $DBHOST_TBL_PREFIX;
$base = $magic_file_id = 10000001;
$base -= 1;
$pc = round(q_singleval('SELECT count(*) FROM ' . $tbl . 'msg WHERE file_id<' . $magic_file_id) / 10);
$i = 0;
$stm = time();
if ($pc) {
db_lock($tbl . 'msg m WRITE, ' . $tbl . 'thread t WRITE, ' . $tbl . 'forum f WRITE, ' . $tbl . 'msg WRITE');
$c = q('SELECT m.id, m.foff, m.length, m.file_id, f.message_threshold FROM ' . $tbl . 'msg m INNER JOIN ' . $tbl . 'thread t ON m.thread_id=t.id INNER JOIN ' . $tbl . 'forum f ON t.forum_id=f.id WHERE m.file_id<' . $magic_file_id);
while ($r = db_rowarr($c)) {
if ($r[4] && $r[2] > $r[4]) {
$m1 = $magic_file_id = write_body_c($body = read_msg_body($r[1], $r[2], $r[3]), $magic_file_id, $len, $off);
$magic_file_id = write_body_c(trim_html($body, $r[4]), $magic_file_id, $len2, $off2);
q('UPDATE ' . $tbl . 'msg SET foff=' . $off . ', length=' . $len . ', file_id=' . $m1 . ', file_id_preview=' . $magic_file_id . ', offset_preview=' . $off2 . ', length_preview=' . $len2 . ' WHERE id=' . $r[0]);
} else {
$magic_file_id = write_body_c(read_msg_body($r[1], $r[2], $r[3]), $magic_file_id, $len, $off);
q('UPDATE ' . $tbl . 'msg SET foff=' . $off . ', length=' . $len . ', file_id=' . $magic_file_id . ' WHERE id=' . $r[0]);
}
if ($i && !($i % $pc)) {
eta_calc($stm, $i, $pc);
}
$i++;
}
unset($c);
un_register_fps();
if (isset($GLOBALS['__FUD_TMP_F__'])) {
foreach ($GLOBALS['__FUD_TMP_F__'] as $f) {
fclose($f[0]);
function sync($id, $frm_id, $message_threshold, $perm)
{
if (!db_locked()) {
db_lock('phpgw_fud_poll_opt WRITE, phpgw_fud_forum WRITE, phpgw_fud_msg WRITE, phpgw_fud_thread WRITE, phpgw_fud_thread_view WRITE');
$ll = 1;
}
$file_id = write_body($this->body, $length, $offset);
/* determine if preview needs building */
if ($message_threshold && $message_threshold < strlen($this->body)) {
$thres_body = trim_html($this->body, $message_threshold);
$file_id_preview = write_body($thres_body, $length_preview, $offset_preview);
} else {
$file_id_preview = $offset_preview = $length_preview = 0;
}
poll_cache_rebuild($this->poll_id, $poll_cache);
$poll_cache = $poll_cache ? @serialize($poll_cache) : null;
q("UPDATE phpgw_fud_msg SET\n\t\t\tfile_id=" . $file_id . ",\n\t\t\tfoff=" . (int) $offset . ",\n\t\t\tlength=" . (int) $length . ",\n\t\t\tmlist_msg_id=" . strnull(addslashes($this->mlist_msg_id)) . ",\n\t\t\tfile_id_preview=" . $file_id_preview . ",\n\t\t\toffset_preview=" . $offset_preview . ",\n\t\t\tlength_preview=" . $length_preview . ",\n\t\t\tupdated_by=" . $id . ",\n\t\t\tmsg_opt=" . $this->msg_opt . ",\n\t\t\tattach_cnt=" . (int) $this->attach_cnt . ",\n\t\t\tpoll_id=" . (int) $this->poll_id . ",\n\t\t\tupdate_stamp=" . __request_timestamp__ . ",\n\t\t\ticon=" . strnull(addslashes($this->icon)) . " ,\n\t\t\tpoll_cache=" . strnull(addslashes($poll_cache)) . ",\n\t\t\tsubject=" . strnull(addslashes($this->subject)) . "\n\t\tWHERE id=" . $this->id);
/* determine wether or not we should deal with locked & sticky stuff
* current approach may seem a little redundant, but for (most) users who
* do not have access to locking & sticky this eliminated a query.
*/
$th_data = db_saq('SELECT orderexpiry, thread_opt, root_msg_id FROM phpgw_fud_thread WHERE id=' . $this->thread_id);
$locked = (int) isset($_POST['thr_locked']);
if (isset($_POST['thr_ordertype'], $_POST['thr_orderexpiry']) || ($th_data[1] ^ $locked) & 1) {
$thread_opt = (int) $th_data[1];
$orderexpiry = isset($_POST['thr_orderexpiry']) ? (int) $_POST['thr_orderexpiry'] : 0;
/* confirm that user has ability to change lock status of the thread */
if ($perm & 4096) {
if ($locked && !($thread_opt & $locked)) {
$thread_opt |= 1;
} else {
if (!$locked && $thread_opt & 1) {
$thread_opt &= ~1;
}
}
}
/* confirm that user has ability to change sticky status of the thread */
if ($th_data[2] == $this->id && isset($_POST['thr_ordertype'], $_POST['thr_orderexpiry']) && $perm & 64) {
if (!$_POST['thr_ordertype'] && $thread_opt > 1) {
$orderexpiry = 0;
$thread_opt &= ~6;
} else {
if ($thread_opt < 2 && (int) $_POST['thr_ordertype']) {
$thread_opt |= $_POST['thr_ordertype'];
} else {
if (!($thread_opt & (int) $_POST['thr_ordertype'])) {
$thread_opt = $_POST['thr_ordertype'] | $thread_opt & 1;
}
}
}
}
/* Determine if any work needs to be done */
if ($thread_opt != $th_data[1] || $orderexpiry != $th_data[0]) {
q("UPDATE phpgw_fud_thread SET thread_opt=" . $thread_opt . ", orderexpiry=" . $orderexpiry . " WHERE id=" . $this->thread_id);
/* Avoid rebuilding the forum view whenever possible, since it's a rather slow process
* Only rebuild if expiry time has changed or message gained/lost sticky status
*/
$diff = $thread_opt ^ $th_data[1];
if ($diff > 1 && !($diff & 6) || $orderexpiry != $th_data[0]) {
rebuild_forum_view($frm_id);
}
}
}
if (isset($ll)) {
db_unlock();
}
if ($GLOBALS['FUD_OPT_1'] & 16777216) {
delete_msg_index($this->id);
index_text(preg_match('!^Re: !i', $this->subject) ? '' : $this->subject, $this->body, $this->id);
}
}
static function _init_tpl()
{
global $_G;
if (defined('IN_ADMIN')) {
$tpldir = "admin";
} else {
if ($_G[mobile] && $_G[setting][mobile_status]) {
$tpldir = $_G['setting']['mobile_tpl'] ? trim($_G['setting']['mobile_tpl']) : 'mobile';
} else {
//定义系统当前模板
$tpldir = trim($_G['setting']['template']);
$set_tpl = C('template');
if ($set_tpl && is_dir(ROOT_PATH . 'view/' . $set_tpl)) {
$tpldir = trim_html($set_tpl, 1);
} elseif ($_GET['tpl']) {
$tpl = trim_html($_GET['tpl'], 1);
if (is_dir(ROOT_PATH . 'view/' . $tpl)) {
$tpldir = $tpl;
C('template', $tpl);
}
}
}
}
define('TPLNAME', $tpldir);
define('TPLDIR', ROOT_PATH . 'view/' . TPLNAME);
define('JSDIR', '/assets/' . TPLNAME . '/js');
define('CSSDIR', '/assets/' . TPLNAME . '/css');
define('IMGDIR', '/assets/' . TPLNAME . '/images');
}
function insert($arr, $update = false)
{
global $_G;
if (!$arr || !$arr['num_iid']) {
return false;
}
$num_iid = trim($arr['num_iid']);
$res = DB::fetch_first("SELECT aid FROM " . DB::table('goods') . " WHERE num_iid='{$num_iid}'");
if ($res[aid] > 0) {
if ($update) {
return $this->update($arr, $res['aid']);
} else {
return false;
}
}
if ($arr['images'] && is_array($arr['images'])) {
$arr['images'] = array_filter($arr['images']);
$arr['images'] = implode(',', $arr['images']);
} elseif (!$arr['images']) {
$arr['images'] = '';
}
$arr['sid'] = intval($arr['sid']);
$arr['fid'] = intval($arr['fid']);
$arr['flag'] = intval($arr['flag']);
$arr['sort'] = intval($arr['sort']);
$arr['num'] = intval($arr['num']);
$arr['baoyou'] = intval($arr['baoyou']);
$arr['views'] = intval($arr['views']);
$arr['hide'] = intval($arr['hide']);
$arr['post'] = intval($arr['post']);
$arr['cate'] = intval($arr['cate']);
$arr['check'] = intval($arr['check']);
$arr['shop_type'] = intval($arr['shop_type']);
$arr['sum'] = intval($arr['sum']);
$arr['bili'] = $arr['bili'] ? $arr['bili'] : '';
$arr['apply_user'] = $arr['apply_user'] ? trim($arr['apply_user']) : '';
$arr['apply_phone'] = $arr['apply_phone'] ? trim($arr['apply_phone']) : '';
$arr['apply_wangwang'] = $arr['apply_wangwang'] ? trim($arr['apply_wangwang']) : '';
$arr['keywords'] = $arr['keywords'] ? trim($arr['keywords']) : '';
$arr['description'] = $arr['description'] ? trim($arr['description']) : '';
$arr['apply_qq'] = $arr['apply_qq'] ? trim($arr['apply_qq']) : '';
if ($arr['ly']) {
$arr['ly'] = trim($arr['ly']);
$arr['ly'] = strip_tags($arr['ly']);
}
$arr['return_msg'] = $arr['return_msg'] ? trim($arr['return_msg']) : '';
$arr['num_iid'] = $arr['num_iid'] ? trim($arr['num_iid']) : '';
$arr['title'] = $arr['title'] ? trim($arr['title']) : '';
$arr['nick'] = $arr['nick'] ? trim($arr['nick']) : '';
$arr['picurl'] = $arr['picurl'] ? trim($arr['picurl']) : $arr['images'][0];
$arr['url'] = 'http://item.taobao.com/item.htm?id=' . $arr['num_iid'];
$arr['price'] = $arr['price'] ? sprintf("%.1f", $arr['price']) : 0;
$arr['city'] = $arr['city'] ? trim($arr['city']) : '';
$arr['state'] = $arr['state'] ? trim($arr['state']) : '';
$arr['message'] = $arr['message'] ? trim($arr['message']) : '';
$arr['username'] = $_G['username'] ? trim($_G['username']) : '外星人';
$arr['uid'] = $_G['uid'] ? intval($_G['uid']) : 0;
$arr['yh_price'] = $arr['yh_price'] ? sprintf("%.1f", $arr['yh_price']) : $arr['price'];
$arr['start_time'] = dmktime($arr['start_time']);
$arr['end_time'] = dmktime($arr['end_time']);
$arr['dateline'] = $arr['dateline'] > 0 ? $arr['dateline'] : TIMESTAMP;
$arr['posttime'] = $arr['posttime'] > 0 ? $arr['posttime'] : TIMESTAMP;
$arr['like'] = intval($arr[like]);
$arr['open_iid'] = $arr['open_iid'] ? trim($arr['open_iid']) : '';
$arr['title'] = trim_html($arr['title'], 1);
$arr['title'] = cutstr($arr['title'], 250, '');
$arr['ly'] = cutstr($arr['ly'], 250, '');
$arr['return_msg'] = cutstr($arr['return_msg'], 250, '');
unset($arr['zk']);
if (!$arr['keywords'] && $_G[setting][auto_keywords] == 1) {
$arr['keywords'] = get_keywords($arr['title']);
}
try {
$id = DB::insert('goods', $arr, 1);
} catch (PDOException $e) {
L('商品ID重复', 'error');
return false;
}
if ($id > 0) {
$arr['aid'] = $id;
api_post(array('a' => 'insert', 'table' => 'goods', 'data' => $arr));
}
return $id;
}
function share_callback()
{
global $_G;
//if($_G['inajax'] !=1) json('Eroor');
if (!is_login()) {
return false;
}
if ($_G[member][groupid] == 3) {
msg('抱歉,您当前是禁止用户,无法使用', 'error');
return false;
} else {
if ($_G[member][check] == 0) {
msg('抱歉,您当前账号未审核无法使用', 'error');
return false;
}
}
if (!$_GET['type']) {
msg('分享类型不存在');
return;
}
$type = trim_html($_GET['type'], 1);
if (!array_key_exists($type, $_G['setting']['share_type_callback'])) {
msg('未定义的类型,无法分享', 'error');
}
$id = intval($_GET[id]);
if (!$id) {
msg('抱歉,要分享的id不存在', 'error');
return false;
}
$name = $_G['setting']['share_type_callback'][$type];
$desc = '分享内容到 ' . $name . ' id=' . $id;
//$count = getcount('sign'," uid = ".$_G[uid]." AND `desc`='".$desc."' AND type = '".$type."'");
$count = 0;
$is_add = false;
if ($count == 0) {
$is_add = true;
} else {
$today = dmktime(dgmdate(TIMESTAMP, 'd'));
$count_day = getcount('sign', " uid = " . $_G[uid] . " AND type = '" . $type . "' AND dateline >=" . $today);
if ($count_day > $_G[setting][share_goods_num]) {
$is_add = false;
}
}
if ($is_add) {
$jf = $_G[setting][share_goods];
$add_jf = $_G['member']['jf'] + $jf;
$sid = insert_sign(array('desc' => $desc, 'type' => 'share', 'org_jf' => $add_jf, 'jf' => $jf));
if ($sid) {
update_member(array('jf' => $_G[member][jf] + $jf), $_G[uid]);
}
}
json(array('msg' => '分享成功', 'status' => 'success'));
}
