function updateattach()
{
global $db, $tablepre, $attachsave, $attachdir, $discuz_uid, $postattachcredits, $tid, $pid, $attachextensions, $attachnew, $attachdel, $allowsetattachperm, $maxprice, $watermarkstatus;
$imageexists = 0;
$attachnew = (array) $attachnew;
$sqladd = $pid > 0 ? "OR pid='{$pid}'" : '';
$query = $db->query("SELECT * FROM {$tablepre}attachments WHERE (uid='{$discuz_uid}' AND tid='0') {$sqladd}");
$attachnum = $db->num_rows($query);
if ($attachnum) {
if ($attachnum -= count($attachdel)) {
checklowerlimit($postattachcredits, $attachnum);
}
$attachcount = 0;
$delaids = array();
while ($attach = $db->fetch_array($query)) {
if (is_array($attachdel) && in_array($attach['aid'], $attachdel)) {
dunlink($attach['attachment'], $attach['thumb']);
$delaids[] = $attach['aid'];
continue;
}
$extension = strtolower(fileext($attach['filename']));
if ($attachextensions && (!preg_match("/(^|\\s|,)" . preg_quote($extension, '/') . "(\$|\\s|,)/i", $attachextensions) || !$extension)) {
continue;
}
$anew = $attachnew[$attach['aid']];
$anew['aid'] = $attach['aid'];
$anew['ext'] = $extension;
$anew['size'] = $attach['filesize'];
if ($attach['pid'] == 0) {
$attach_basename = basename($attach['attachment']);
$attach_src = $attachdir . '/' . $attach['attachment'];
if ($attachsave) {
switch ($attachsave) {
case 1:
$attach_subdir = 'forumid_' . $GLOBALS['fid'];
break;
case 2:
$attach_subdir = 'ext_' . $extension;
break;
case 3:
$attach_subdir = 'month_' . date('ym');
break;
case 4:
$attach_subdir = 'day_' . date('ymd');
break;
}
$attach_descdir = $attachdir . '/' . $attach_subdir;
$anew['attachment'] = $attach_subdir . '/' . $attach_basename;
} else {
$attach_descdir = $attachdir;
$anew['attachment'] = $attach_basename;
}
$anew['thumb'] = $attach['thumb'];
$attach_desc = $attach_descdir . '/' . $attach_basename;
if ($attach['isimage'] && $watermarkstatus) {
require_once DISCUZ_ROOT . './include/image.class.php';
$image = new Image($attach_src, $attach);
if ($image->imagecreatefromfunc && $image->imagefunc) {
$image->Watermark();
$attach = $image->attach;
$attach['filesize'] = $attach['size'];
}
}
if (!is_dir($attach_descdir)) {
@mkdir($attach_descdir, 0777);
@fclose(fopen($attach_descdir . '/index.htm', 'w'));
}
if ($attach['thumb'] == 1) {
if (!@rename($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg') && @copy($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg')) {
@unlink($attach_src . '.thumb.jpg');
}
}
if (!@rename($attach_src, $attach_desc) && @copy($attach_src, $attach_desc)) {
@unlink($attach_src);
}
$anew['remote'] = ftpupload($attach_desc, $anew);
$attachcount++;
}
if ($attach['isimage']) {
$imageexists = 1;
}
$anew['filesize'] = $attach['filesize'];
$anew['perm'] = $allowsetattachperm ? $anew['perm'] : 0;
$anew['description'] = cutstr(dhtmlspecialchars($anew['description']), 100);
$anew['price'] = $maxprice ? intval($anew['price']) <= $maxprice ? intval($anew['price']) : $maxprice : 0;
$sqladd = $attach['pid'] == 0 ? ", tid='{$tid}', pid='{$pid}', attachment='{$anew['attachment']}', remote='{$anew['remote']}'" : '';
$db->query("UPDATE {$tablepre}attachments SET readperm='{$anew['readperm']}', price='{$anew['price']}', filesize='{$anew['filesize']}' {$sqladd} WHERE aid='{$attach['aid']}'");
if ($anew['description']) {
$db->query("REPLACE INTO {$tablepre}attachmentfields (aid, tid, pid, uid, description) VALUES ('{$attach['aid']}', '{$tid}', '{$pid}', '{$attach['uid']}', '{$anew['description']}')");
}
}
if ($delaids) {
$db->query("DELETE FROM {$tablepre}attachments WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED');
$db->query("DELETE FROM {$tablepre}attachmentfields WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED');
}
$attachment = $imageexists ? 2 : 1;
if ($attachcount) {
$db->query("UPDATE {$tablepre}threads SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED');
$db->query("UPDATE {$tablepre}posts SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED');
updatecredits($discuz_uid, $postattachcredits, $attachcount);
}
}
}
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0, $from = false)
{
global $_G, $space;
if ($albumid < 0) {
$albumid = 0;
}
$setarr = array();
require_once libfile('class/upload');
$upload = new discuz_upload();
$filepath = $upload->get_target_dir('album') . $upload->get_target_filename('album') . '.' . $fileext;
$newfilename = $_G['setting']['attachdir'] . './album/' . $filepath;
if ($handle = fopen($newfilename, 'wb')) {
if (fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
if (empty($space)) {
$_G['member'] = $space = getspace($_G['uid']);
$_G['username'] = addslashes($space['username']);
}
$_G['member'] = $space;
$maxspacesize = checkperm('maxspacesize');
$maxspacesize = $maxspacesize * 1024 * 1024;
if ($maxspacesize) {
space_merge($space, 'common_member_count');
space_merge($space, 'common_member_field_home');
if ($space['attachsize'] + $size - $delsize > $maxspacesize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
if (!$upload->get_image_info($newfilename)) {
@unlink($newfilename);
return -2;
}
require_once libfile('class/image');
$image = new image();
$result = $image->Thumb($newfilename, NULL, 140, 140, 1);
$thumb = empty($result) ? 0 : 1;
$image->Watermark($newfilename);
$pic_remote = 0;
$album_picflag = 1;
if (getglobal('setting/ftp/on')) {
$ftpresult_thumb = 0;
$ftpresult = ftpupload('album/' . $filepath);
if ($ftpresult) {
if ($thumb) {
ftpupload('album/' . $filepath . '.thumb.jpg');
}
$pic_remote = 1;
$album_picflag = 2;
} else {
if (getglobal('setting/ftp/mirror')) {
@unlink($newfilename);
@unlink($newfilename . '.thumb.jpg');
return -3;
}
}
}
$filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1));
$title = getstr($title, 200, 1, 1, 1);
if ($albumid) {
$albumid = album_creat_by_id($albumid);
} else {
$albumid = 0;
}
$setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => $filename, 'postip' => $_G['clientip'], 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote);
$setarr['picid'] = DB::insert('home_pic', $setarr, 1);
DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$size} WHERE uid='{$_G['uid']}'");
include_once libfile('function/stat');
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name='', $title='', $delsize=0, $from = false) {
global $_SGLOBAL, $space, $_SCONFIG, $_SC;
if($albumid<0) $albumid = 0;
$setarr = array();
$filepath = getfilepath($fileext, true);
$newfilename = $_SC['attachdir'].'./'.$filepath;
if($handle = fopen($newfilename, 'wb')) {
if(fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
//检查空间大小
if(empty($space)) {
$space = getspace($_SGLOBAL['supe_uid']);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('space')." WHERE uid='$_SGLOBAL[supe_uid]'");
$space = $_SGLOBAL['db']->fetch_array($query);
$_SGLOBAL['supe_username'] = addslashes($space['username']);
}
$_SGLOBAL['member'] = $space;
$maxattachsize = checkperm('maxattachsize');//单位MB
if($maxattachsize) {//0为不限制
if($space['attachsize'] + $size - $delsize > $maxattachsize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
//检查是否图片
if(function_exists('getimagesize')) {
$tmp_imagesize = @getimagesize($newfilename);
list($tmp_width, $tmp_height, $tmp_type) = (array)$tmp_imagesize;
$tmp_size = $tmp_width * $tmp_height;
if($tmp_size > 16777216 || $tmp_size < 4 || empty($tmp_type) || strpos($tmp_imagesize['mime'], 'flash') > 0) {
@unlink($newfilename);
return -2;
}
}
//缩略图
include_once(S_ROOT.'./source/function_image.php');
$thumbpath = makethumb($newfilename);
$thumb = empty($thumbpath)?0:1;
//大头帖不添加水印
if($_SCONFIG['allowwatermark']) {
makewatermark($newfilename);
}
//入库
$filename = addslashes(($name ? $name : substr(strrchr($filepath, '/'), 1)));
$title = getstr($title, 200, 1, 1, 1);
if($albumid) {
preg_match("/^new\:(.+)$/i", $albumid, $matchs);
if(!empty($matchs[1])) {
$albumname = shtmlspecialchars(trim($matchs[1]));
if(empty($albumname)) $albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if($albumid) {
$query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM ".tname('album')." WHERE albumid='$albumid' AND uid='$_SGLOBAL[supe_uid]'");
if($value = $_SGLOBAL['db']->fetch_array($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
} else {
$albumid = 0;
}
$setarr = array(
'albumid' => $albumid,
'uid' => $_SGLOBAL['supe_uid'],
'username' => $_SGLOBAL['supe_username'],
'dateline' => $_SGLOBAL['timestamp'],
'filename' => $filename,
'postip' => getonlineip(),
'title' => $title,
'type' => $fileext,
'size' => $size,
'filepath' => $filepath,
'thumb' => $thumb
);
$setarr['picid'] = inserttable('pic', $setarr, 1);
//更新附件大小
//积分
$setsql = '';
if($from) {
$reward = getreward($from, 0);
if($reward['credit']) {
$setsql = ",credit=credit+$reward[credit]";
}
if($reward['experience']) {
$setsql .= ",experience=experience+$reward[experience]";
}
}
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET attachsize=attachsize+'$size', updatetime='$_SGLOBAL[timestamp]' $setsql WHERE uid='$_SGLOBAL[supe_uid]'");
//相册更新
if($albumid) {
$file = $filepath.($thumb?'.thumb.jpg':'');
$_SGLOBAL['db']->query("UPDATE ".tname('album')."
SET picnum=picnum+1, updatetime='$_SGLOBAL[timestamp]', pic='$file', picflag='1'
WHERE albumid='$albumid'");
}
//最后进行ftp上传,防止垃圾产生
if($_SCONFIG['allowftp']) {
include_once(S_ROOT.'./source/function_ftp.php');
if(ftpupload($newfilename, $filepath)) {
$setarr['remote'] = 1;
updatetable('pic', array('remote'=>$setarr['remote']), array('picid'=>$setarr['picid']));
if($albumid) updatetable('album', array('picflag'=>2), array('albumid'=>$albumid));
} else {
return -4;
}
}
//统计
updatestat('pic');
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
function updateattach($modnewthreads, $tid, $pid, $attachnew, $attachupdate = array(), $uid = 0)
{
global $_G;
$thread = C::t('forum_thread')->fetch($tid);
$uid = $uid ? $uid : $_G['uid'];
if ($attachnew) {
$newaids = array_keys($attachnew);
$newattach = $newattachfile = $albumattach = array();
foreach (C::t('forum_attachment_unused')->fetch_all($newaids) as $attach) {
if ($attach['uid'] != $uid && !$_G['forum']['ismoderator']) {
continue;
}
$attach['uid'] = $uid;
$newattach[$attach['aid']] = daddslashes($attach);
if ($attach['isimage']) {
$newattachfile[$attach['aid']] = $attach['attachment'];
}
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark']) || !$_G['setting']['thumbdisabledmobile']) {
require_once libfile('class/image');
$image = new image();
}
if (!empty($_GET['albumaid'])) {
array_unshift($_GET['albumaid'], '');
$_GET['albumaid'] = array_unique($_GET['albumaid']);
unset($_GET['albumaid'][0]);
foreach ($_GET['albumaid'] as $aid) {
if (isset($newattach[$aid])) {
$albumattach[$aid] = $newattach[$aid];
}
}
}
foreach ($attachnew as $aid => $attach) {
$update = array();
$update['readperm'] = $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0;
$update['price'] = $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0;
$update['tid'] = $tid;
$update['pid'] = $pid;
$update['uid'] = $uid;
$update['description'] = censor(cutstr(dhtmlspecialchars($attach['description']), 100));
C::t('forum_attachment_n')->update('tid:' . $tid, $aid, $update);
if (!$newattach[$aid]) {
continue;
}
$update = array_merge($update, $newattach[$aid]);
if (!empty($newattachfile[$aid])) {
if ($_G['setting']['thumbstatus'] && $_G['forum']['disablethumb']) {
$update['thumb'] = 0;
@unlink($_G['setting']['attachdir'] . '/forum/' . getimgthumbname($newattachfile[$aid]));
if (!empty($albumattach[$aid])) {
$albumattach[$aid]['thumb'] = 0;
}
} elseif (!$_G['setting']['thumbdisabledmobile']) {
$_daid = sprintf("%09d", $aid);
$dir1 = substr($_daid, 0, 3);
$dir2 = substr($_daid, 3, 2);
$dir3 = substr($_daid, 5, 2);
$dw = 320;
$dh = 320;
$thumbfile = 'image/' . $dir1 . '/' . $dir2 . '/' . $dir3 . '/' . substr($_daid, -2) . '_' . $dw . '_' . $dh . '.jpg';
$image->Thumb($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], $thumbfile, $dw, $dh, 'fixwr');
$dw = 720;
$dh = 720;
$thumbfile = 'image/' . $dir1 . '/' . $dir2 . '/' . $dir3 . '/' . substr($_daid, -2) . '_' . $dw . '_' . $dh . '.jpg';
$image->Thumb($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], $thumbfile, $dw, $dh, 'fixwr');
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], '', 'forum');
$update['filesize'] = $image->imginfo['size'];
}
}
if (!empty($_GET['albumaid']) && isset($albumattach[$aid])) {
$newalbum = 0;
if (!$_GET['uploadalbum']) {
require_once libfile('function/spacecp');
$_GET['uploadalbum'] = album_creat(array('albumname' => $_GET['newalbum']));
$newalbum = 1;
}
$picdata = array('albumid' => $_GET['uploadalbum'], 'uid' => $uid, 'username' => $_G['username'], 'dateline' => $albumattach[$aid]['dateline'], 'postip' => $_G['clientip'], 'filename' => censor($albumattach[$aid]['filename']), 'title' => censor(cutstr(dhtmlspecialchars($attach['description']), 100)), 'type' => fileext($albumattach[$aid]['attachment']), 'size' => $albumattach[$aid]['filesize'], 'filepath' => $albumattach[$aid]['attachment'], 'thumb' => $albumattach[$aid]['thumb'], 'remote' => $albumattach[$aid]['remote'] + 2);
$update['picid'] = C::t('home_pic')->insert($picdata, 1);
if ($newalbum) {
require_once libfile('function/home');
require_once libfile('function/spacecp');
album_update_pic($_GET['uploadalbum']);
}
}
C::t('forum_attachment_n')->insert('tid:' . $tid, $update, false, true);
C::t('forum_attachment')->update($aid, array('tid' => $tid, 'pid' => $pid, 'tableid' => getattachtableid($tid)));
C::t('forum_attachment_unused')->delete($aid);
}
if (!empty($_GET['albumaid'])) {
$albumdata = array('picnum' => C::t('home_pic')->check_albumpic($_GET['uploadalbum']), 'updatetime' => $_G['timestamp']);
C::t('home_album')->update($_GET['uploadalbum'], $albumdata);
require_once libfile('function/home');
require_once libfile('function/spacecp');
album_update_pic($_GET['uploadalbum']);
}
if ($newattach) {
ftpupload($newaids, $uid);
}
}
if (!$modnewthreads && $newattach && $uid == $_G['uid']) {
updatecreditbyaction('postattach', $uid, array(), '', count($newattach), 1, $_G['fid']);
}
if ($attachupdate) {
$attachs = C::t('forum_attachment_n')->fetch_all_by_id('tid:' . $tid, 'aid', array_keys($attachupdate));
foreach ($attachs as $attach) {
if (array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) {
dunlink($attach);
}
}
$unusedattachs = C::t('forum_attachment_unused')->fetch_all($attachupdate);
$attachupdate = array_flip($attachupdate);
$unusedaids = array();
foreach ($unusedattachs as $attach) {
if ($attach['uid'] != $uid && !$_G['forum']['ismoderator']) {
continue;
}
$unusedaids[] = $attach['aid'];
$update = $attach;
$update['dateline'] = TIMESTAMP;
$update['remote'] = 0;
unset($update['aid']);
if ($attach['isimage'] && $_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $attach['attachment'], '', 'forum');
$update['filesize'] = $image->imginfo['size'];
}
C::t('forum_attachment_n')->update('tid:' . $tid, $attachupdate[$attach['aid']], $update);
@unlink($_G['setting']['attachdir'] . 'image/' . $attach['aid'] . '_100_100.jpg');
C::t('forum_attachment_exif')->delete($attachupdate[$attach['aid']]);
C::t('forum_attachment_exif')->update($attach['aid'], array('aid' => $attachupdate[$attach['aid']]));
ftpupload(array($attachupdate[$attach['aid']]), $uid);
}
if ($unusedaids) {
C::t('forum_attachment_unused')->delete($unusedaids);
}
}
$attachcount = C::t('forum_attachment_n')->count_by_id('tid:' . $tid, $pid ? 'pid' : 'tid', $pid ? $pid : $tid);
$attachment = 0;
if ($attachcount) {
if (C::t('forum_attachment_n')->count_image_by_id('tid:' . $tid, $pid ? 'pid' : 'tid', $pid ? $pid : $tid)) {
$attachment = 2;
} else {
$attachment = 1;
}
} else {
$attachment = 0;
}
C::t('forum_thread')->update($tid, array('attachment' => $attachment));
C::t('forum_post')->update('tid:' . $tid, $pid, array('attachment' => $attachment), true);
if (!$attachment) {
C::t('forum_threadimage')->delete_by_tid($tid);
}
$_G['forum_attachexist'] = $attachment;
}
function updateattach($modnewthreads, $tid, $pid, $attachnew, $attachupdate = array(), $uid = 0)
{
global $_G;
$uid = $uid ? $uid : $_G['uid'];
$uidadd = $_G['forum']['ismoderator'] ? '' : " AND uid='{$uid}'";
if ($attachnew) {
$newaids = array_keys($attachnew);
$newattach = $newattachfile = $albumattach = array();
$query = DB::query("SELECT * FROM " . DB::table('forum_attachment_unused') . " WHERE aid IN (" . dimplode($newaids) . "){$uidadd}");
while ($attach = DB::fetch($query)) {
$newattach[$attach['aid']] = daddslashes($attach);
if ($attach['isimage']) {
$newattachfile[$attach['aid']] = $attach['attachment'];
}
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
require_once libfile('class/image');
$image = new image();
}
if (!empty($_G['gp_albumaid'])) {
array_unshift($_G['gp_albumaid'], '');
$_G['gp_albumaid'] = array_unique($_G['gp_albumaid']);
unset($_G['gp_albumaid'][0]);
foreach ($_G['gp_albumaid'] as $aid) {
if (isset($newattach[$aid])) {
$albumattach[$aid] = $newattach[$aid];
}
}
}
foreach ($attachnew as $aid => $attach) {
$update = array();
$update['readperm'] = $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0;
$update['price'] = $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0;
$update['tid'] = $tid;
$update['pid'] = $pid;
$update['uid'] = $uid;
$update['description'] = cutstr(dhtmlspecialchars($attach['description']), 100);
DB::update(getattachtablebytid($tid), $update, "aid='{$aid}'");
if (!$newattach[$aid]) {
continue;
}
$update = array_merge($update, $newattach[$aid]);
if (!empty($newattachfile[$aid])) {
if ($_G['setting']['thumbstatus'] && $_G['forum']['disablethumb']) {
$update['thumb'] = 0;
@unlink($_G['setting']['attachdir'] . '/forum/' . getimgthumbname($newattachfile[$aid]));
if (!empty($albumattach[$aid])) {
$albumattach[$aid]['thumb'] = 0;
}
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], '', 'forum');
$update['filesize'] = $image->imginfo['size'];
}
}
if (!empty($_G['gp_albumaid']) && isset($albumattach[$aid])) {
$newalbum = 0;
if (!$_G['gp_uploadalbum']) {
require_once libfile('function/spacecp');
$_G['gp_uploadalbum'] = album_creat(array('albumname' => $_G['gp_newalbum']));
$newalbum = 1;
}
$picdata = array('albumid' => $_G['gp_uploadalbum'], 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $albumattach[$aid]['dateline'], 'postip' => $_G['clientip'], 'filename' => $albumattach[$aid]['filename'], 'title' => cutstr(dhtmlspecialchars($attach['description']), 100), 'type' => fileext($albumattach[$aid]['attachment']), 'size' => $albumattach[$aid]['filesize'], 'filepath' => $albumattach[$aid]['attachment'], 'thumb' => $albumattach[$aid]['thumb'], 'remote' => $albumattach[$aid]['remote'] + 2);
$update['picid'] = DB::insert('home_pic', $picdata, 1);
if ($newalbum) {
require_once libfile('function/home');
require_once libfile('function/spacecp');
album_update_pic($_G['gp_uploadalbum']);
}
}
DB::insert(getattachtablebytid($tid), $update, false, true);
DB::update('forum_attachment', array('tid' => $tid, 'pid' => $pid, 'tableid' => getattachtableid($tid)), "aid='{$aid}'");
DB::delete('forum_attachment_unused', "aid='{$aid}'");
}
if (!empty($_G['gp_albumaid'])) {
$albumdata = array('picnum' => DB::result_first("SELECT count(*) FROM " . DB::table('home_pic') . " WHERE albumid='{$_G['gp_uploadalbum']}'"), 'updatetime' => $_G['timestamp']);
DB::update('home_album', $albumdata, "albumid='{$_G['gp_uploadalbum']}'");
}
if ($newattach) {
ftpupload($newaids, $uid);
}
}
if (!$modnewthreads && $newattach && $uid == $_G['uid']) {
updatecreditbyaction('postattach', $uid, array(), '', count($newattach), 1, $_G['fid']);
}
if ($attachupdate) {
$query = DB::query("SELECT pid, aid, attachment, thumb, remote FROM " . DB::table(getattachtablebytid($tid)) . " WHERE aid IN (" . dimplode(array_keys($attachupdate)) . ")");
while ($attach = DB::fetch($query)) {
if (array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) {
dunlink($attach);
}
}
$uaids = dimplode($attachupdate);
$query = DB::query("SELECT aid, width, filename, filesize, attachment, isimage, thumb, remote FROM " . DB::table('forum_attachment_unused') . " WHERE aid IN ({$uaids}){$uidadd}");
DB::query("DELETE FROM " . DB::table('forum_attachment_unused') . " WHERE aid IN ({$uaids}){$uidadd}");
$attachupdate = array_flip($attachupdate);
while ($attach = DB::fetch($query)) {
$update = $attach;
$update['dateline'] = TIMESTAMP;
$update['remote'] = 0;
unset($update['aid']);
if ($attach['isimage'] && $_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $attach['attachment'], '', 'forum');
$update['filesize'] = $image->imginfo['size'];
}
DB::update(getattachtablebytid($tid), $update, "aid='" . $attachupdate[$attach['aid']] . "'");
ftpupload(array($attachupdate[$attach['aid']]), $uid);
}
}
$attachcount = DB::result_first("SELECT COUNT(*) FROM " . DB::table(getattachtablebytid($tid)) . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : ''));
$attachment = $attachcount ? DB::result_first("SELECT COUNT(*) FROM " . DB::table(getattachtablebytid($tid)) . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : '') . " AND isimage != 0") ? 2 : 1 : 0;
DB::query("UPDATE " . DB::table('forum_thread') . " SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED');
if (!$attachment) {
DB::delete('forum_threadimage', "tid='{$tid}'");
}
$posttable = getposttablebytid($tid);
DB::query("UPDATE " . DB::table($posttable) . " SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED');
$_G['forum_attachexist'] = $attachment;
}
function attach_upload($varname = 'attach')
{
global $db, $tablepre, $extension, $typemaxsize, $allowsetattachperm, $attachperm, $maxprice, $attachprice, $attachdesc, $attachsave, $attachdir, $thumbstatus, $thumbwidth, $thumbheight, $maxattachsize, $maxsizeperday, $attachextensions, $watermarkstatus, $watermarktype, $watermarktrans, $watermarkquality, $watermarktext, $_FILES, $discuz_uid;
$attachments = $attacharray = array();
static $safeext = array('jpg', 'jpeg', 'gif', 'png', 'swf', 'bmp', 'txt', 'zip', 'rar', 'doc', 'mp3');
static $imgext = array('jpg', 'gif', 'png', 'bmp');
if (isset($_FILES[$varname]) && is_array($_FILES[$varname])) {
foreach ($_FILES[$varname] as $key => $var) {
foreach ($var as $id => $val) {
$attachments[$id][$key] = $val;
}
}
}
if (empty($attachments)) {
return FALSE;
}
foreach ($attachments as $key => $attach) {
$attach_saved = false;
$attach['uid'] = $discuz_uid;
if (!disuploadedfile($attach['tmp_name']) || !($attach['tmp_name'] != 'none' && $attach['tmp_name'] && $attach['name'])) {
continue;
}
$filename = daddslashes($attach['name']);
$attach['ext'] = strtolower(fileext($attach['name']));
$extension = in_array($attach['ext'], $safeext) ? $attach['ext'] : 'attach';
if (in_array($attach['ext'], $imgext)) {
$attach['isimage'] = 1;
} else {
$attach['isimage'] = 0;
}
$attach['thumb'] = 0;
$attach['name'] = htmlspecialchars($attach['name'], ENT_QUOTES);
if (strlen($attach['name']) > 90) {
$attach['name'] = 'abbr_' . md5($attach['name']) . '.' . $attach['ext'];
}
if ($attachextensions && (!preg_match("/(^|\\s|,)" . preg_quote($attach['ext'], '/') . "(\$|\\s|,)/i", $attachextensions) || !$attach['ext'])) {
upload_error('post_attachment_ext_notallowed', $attacharray);
}
if (empty($attach['size'])) {
upload_error('post_attachment_size_invalid', $attacharray);
}
if ($maxattachsize && $attach['size'] > $maxattachsize) {
upload_error('post_attachment_toobig', $attacharray);
}
$query = $db->query("SELECT maxsize FROM {$tablepre}attachtypes WHERE extension='" . addslashes($attach['ext']) . "'");
if ($type = $db->fetch_array($query)) {
if ($type['maxsize'] == 0) {
upload_error('post_attachment_ext_notallowed', $attacharray);
} elseif ($attach['size'] > $type['maxsize']) {
require_once DISCUZ_ROOT . './include/attachment.func.php';
$typemaxsize = sizecount($type['maxsize']);
upload_error('post_attachment_type_toobig', $attacharray);
}
}
if ($attach['size'] && $maxsizeperday) {
if (!isset($todaysize)) {
$query = $db->query("SELECT SUM(filesize) FROM {$tablepre}attachments\r\n\t\t\t\t\tWHERE uid='{$GLOBALS['discuz_uid']}' AND dateline>'{$GLOBALS['timestamp']}'-86400");
$todaysize = intval($db->result($query, 0));
}
$todaysize += $attach['size'];
if ($todaysize >= $maxsizeperday) {
upload_error('post_attachment_quota_exceed', $attacharray);
}
}
if ($attachsave) {
switch ($attachsave) {
case 1:
$attach_subdir = 'forumid_' . $GLOBALS['fid'];
break;
case 2:
$attach_subdir = 'ext_' . $extension;
break;
case 3:
$attach_subdir = 'month_' . date('ym');
break;
case 4:
$attach_subdir = 'day_' . date('ymd');
break;
}
$attach_dir = $attachdir . '/' . $attach_subdir;
if (!is_dir($attach_dir)) {
@mkdir($attach_dir, 0777);
@fclose(fopen($attach_dir . '/index.htm', 'w'));
}
$attach['attachment'] = $attach_subdir . '/';
} else {
$attach['attachment'] = '';
}
$attach['attachment'] .= preg_replace("/(php|phtml|php3|php4|jsp|exe|dll|asp|cer|asa|shtml|shtm|aspx|asax|cgi|fcgi|pl)(\\.|\$)/i", "_\\1\\2", date('Ymd') . '_' . substr(md5($filename . microtime()), 12) . random(12) . '.' . $extension);
$target = $attachdir . '/' . $attach['attachment'];
if (@copy($attach['tmp_name'], $target) || function_exists('move_uploaded_file') && @move_uploaded_file($attach['tmp_name'], $target)) {
@unlink($attach['tmp_name']);
$attach_saved = true;
}
if (!$attach_saved && @is_readable($attach['tmp_name'])) {
@($fp = fopen($attach['tmp_name'], 'rb'));
@flock($fp, 2);
@($attachedfile = fread($fp, $attach['size']));
@fclose($fp);
@($fp = fopen($target, 'wb'));
@flock($fp, 2);
if (@fwrite($fp, $attachedfile)) {
@unlink($attach['tmp_name']);
$attach_saved = true;
}
@fclose($fp);
}
if ($attach_saved) {
@chmod($target, 0644);
if (in_array($attach['ext'], array('jpg', 'jpeg', 'gif', 'png', 'swf', 'bmp')) && function_exists('getimagesize') && !@getimagesize($target)) {
@unlink($target);
upload_error('post_attachment_ext_notallowed', $attacharray);
} else {
require_once DISCUZ_ROOT . './include/image.class.php';
$image = new Image($attachedfile, $target, $attach);
if ($image->imagecreatefromfunc && $image->imagefunc) {
$image->Thumb($thumbwidth, $thumbheight);
$image->Watermark();
$attach = $image->attach;
}
$attach['remote'] = ftpupload($target, $attach['attachment'], $attach['thumb']);
$attach['perm'] = $allowsetattachperm ? $attachperm[$key] : 0;
$attach['description'] = cutstr(dhtmlspecialchars($attachdesc[$key]), 100);
$attach['price'] = $maxprice ? intval($attachprice[$key]) <= $maxprice ? intval($attachprice[$key]) : $maxprice : 0;
$attacharray[$key] = $attach;
}
} else {
upload_error('post_attachment_save_error', $attacharray);
}
}
return !empty($attacharray) ? $attacharray : false;
}
function updateattach($postattachcredits, $tid, $pid, $attachnew, $attachdel, $attachupdate = array(), $uid = 0)
{
global $_G;
$uid = $uid ? $uid : $_G['uid'];
$uidadd = $_G['forum']['ismoderator'] ? '' : " AND uid='{$uid}'";
if ($attachnew) {
$newaids = array_keys($attachnew);
$newattach = array();
$query = DB::query("SELECT aid, tid FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($newaids) . "){$uidadd}");
while ($attach = DB::fetch($query)) {
!$attach['tid'] && ($newattach[] = $attach['aid']);
}
foreach ($attachnew as $aid => $attach) {
$update = array('readperm' => $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0, 'price' => $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0, 'tid' => $tid, 'pid' => $pid, 'uid' => $uid);
DB::update('forum_attachment', $update, "aid='{$aid}'{$uidadd}");
DB::query("REPLACE INTO " . DB::table('forum_attachmentfield') . " (aid, tid, pid, uid, description) VALUES ('{$aid}', '{$tid}', '{$pid}', '{$uid}', '" . cutstr(dhtmlspecialchars($attach['description']), 100) . "')");
}
if ($newattach) {
if ($uid == $_G['uid']) {
updatecreditbyaction('postattach', $uid, array(), '', count($newattach));
}
ftpupload($newaids, $uid);
}
}
$query = DB::query("SELECT aid, attachment, thumb FROM " . DB::table('forum_attachment') . " WHERE 1{$uidadd}");
$delaids = array();
while ($attach = DB::fetch($query)) {
$aids[] = $attach['aid'];
if ($attachdel && in_array($attach['aid'], $attachdel)) {
$delaids[] = $attach['aid'];
dunlink($attach);
}
if ($attachupdate && array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) {
dunlink($attach);
}
}
if ($attachupdate) {
$uaids = dimplode($attachupdate);
$query = DB::query("SELECT aid, width, filename, filetype, filesize, attachment, isimage, thumb, remote FROM " . DB::table('forum_attachment') . " WHERE aid IN ({$uaids}){$uidadd}");
DB::query("DELETE FROM " . DB::table('forum_attachment') . " WHERE aid IN ({$uaids}){$uidadd}");
$attachupdate = array_flip($attachupdate);
while ($attach = DB::fetch($query)) {
$update = $attach;
$update['dateline'] = TIMESTAMP;
unset($update['aid']);
DB::update('forum_attachment', $update, "aid='" . $attachupdate[$attach['aid']] . "'{$uidadd}");
}
}
if ($delaids) {
DB::query("DELETE FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($delaids) . ")", 'UNBUFFERED');
DB::query("DELETE FROM " . DB::table('forum_attachmentfield') . " WHERE aid IN (" . dimplode($delaids) . ")", 'UNBUFFERED');
}
$attachcount = DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : ''));
$attachment = $attachcount ? DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : '') . " AND isimage != 0") ? 2 : 1 : 0;
DB::query("UPDATE " . DB::table('forum_thread') . " SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED');
$posttable = getposttablebytid($tid);
DB::query("UPDATE " . DB::table($posttable) . " SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED');
$_G['forum_attachexist'] = $attachment;
}
function stream_save($strdata, $albumid = 0, $fileext = 'jpg', $name = '', $title = '', $delsize = 0)
{
global $_SGLOBAL, $space, $_SCONFIG, $_SC;
$setarr = array();
$filepath = getfilepath($fileext, true);
$newfilename = $_SC['attachdir'] . './' . $filepath;
if ($handle = fopen($newfilename, 'wb')) {
if (fwrite($handle, $strdata) !== FALSE) {
fclose($handle);
$size = filesize($newfilename);
//检查空间大小
if (empty($space)) {
$query = $_SGLOBAL['db']->query("SELECT username, credit, groupid, attachsize, addsize FROM " . tname('space') . " WHERE uid='{$_SGLOBAL['supe_uid']}'");
$space = $_SGLOBAL['db']->fetch_array($query);
$_SGLOBAL['supe_username'] = addslashes($space['username']);
}
$_SGLOBAL['member'] = $space;
$maxattachsize = intval(checkperm('maxattachsize'));
//单位MB
if ($maxattachsize) {
//0为不限制
if ($space['attachsize'] + $size - $delsize > $maxattachsize + $space['addsize']) {
@unlink($newfilename);
return -1;
}
}
//检查是否图片
if (function_exists('getimagesize') && !@getimagesize($newfilename)) {
@unlink($newfilename);
return -2;
}
//缩略图
include_once S_ROOT . './source/function_image.php';
$thumbpath = makethumb($newfilename);
$thumb = empty($thumbpath) ? 0 : 1;
//大头帖不添加水印
if ($_SCONFIG['allowwatermark']) {
makewatermark($newfilename);
}
//入库
$filename = addslashes($name ? $name : substr(strrchr($filepath, '/'), 1));
$title = $title;
if ($albumid) {
preg_match("/^new\\:(.+)\$/i", $albumid, $matchs);
if (!empty($matchs[1])) {
$albumname = shtmlspecialchars(trim($matchs[1]));
if (empty($albumname)) {
$albumname = sgmdate('Ymd');
}
$albumid = album_creat(array('albumname' => $albumname));
} else {
$albumid = intval($albumid);
if ($albumid) {
$query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM " . tname('album') . " WHERE albumid='{$albumid}' AND uid='{$_SGLOBAL['supe_uid']}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
$albumname = addslashes($value['albumname']);
$albumfriend = $value['friend'];
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
}
}
} else {
$albumname = sgmdate('Ymd');
$albumid = album_creat(array('albumname' => $albumname));
}
$setarr = array('albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp'], 'filename' => $filename, 'postip' => getonlineip(), 'title' => $title, 'type' => $fileext, 'size' => $size, 'filepath' => $filepath, 'thumb' => $thumb);
$setarr['picid'] = inserttable('pic', $setarr, 1);
//更新附件大小
//积分
$setsql = '';
if ($pic_credit = creditrule('get', 'pic')) {
$setsql = ",credit=credit+{$pic_credit}";
}
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET attachsize=attachsize+'{$size}', updatetime='{$_SGLOBAL['timestamp']}' {$setsql} WHERE uid='{$_SGLOBAL['supe_uid']}'");
//相册更新
if ($albumid) {
$file = $filepath . ($thumb ? '.thumb.jpg' : '');
$_SGLOBAL['db']->query("UPDATE " . tname('album') . "\r\n\t\t\t\t\tSET picnum=picnum+1, updatetime='{$_SGLOBAL['timestamp']}', pic='{$file}', picflag='1'\r\n\t\t\t\t\tWHERE albumid='{$albumid}'");
}
//最后进行ftp上传,防止垃圾产生
if ($_SCONFIG['allowftp']) {
include_once S_ROOT . './source/function_ftp.php';
if (ftpupload($newfilename, $filepath)) {
$setarr['remote'] = 1;
updatetable('pic', array('remote' => $setarr['remote']), array('picid' => $setarr['picid']));
if ($albumid) {
updatetable('album', array('picflag' => 2), array('albumid' => $albumid));
}
}
}
$siteurl = '';
if (empty($setarr['remote'])) {
$uri = $_SERVER['REQUEST_URI'] ? $_SERVER['REQUEST_URI'] : ($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']);
$siteurl = 'http://' . $_SERVER['HTTP_HOST'] . substr($uri, 0, strexists($uri, '/api') ? strrpos($uri, '/') - 3 : strrpos($uri, '/') + 1);
}
$setarr['filepathall'] = $siteurl . mkpicurl($setarr, 0);
return $setarr;
} else {
fclose($handle);
}
}
return -3;
}
require "mysqlinit.php";
require "getLists.php";
init();
validateSession("../admin/autos.php");
$larray = array("id", "Marke", "Modell", "Farbe", "Plätze", "Türen", "Kraftstoff", "Verbrauch", "Schaltung", "PS", "km", "Flughafen", "Vermieter", "Preis");
$valarray = array();
for ($i = 0; $i < 14; $i++) {
$valarray[$i] = $_GET[$i];
}
$id = $_GET['0'];
if (isset($_POST['submit'])) {
if ($id == "") {
$id = $_POST["0"];
}
if ($_FILES["autopic"]["tmp_name"] != "") {
ftpupload($_FILES["autopic"]["tmp_name"], AUTO_DIR, getHotelBild($_POST['0']));
}
$farbe = str_replace("#", "", $_POST["3"]);
$abfrage = "UPDATE Auto SET\n\t\t\t\tid='" . $_POST["0"] . "',\n\t\t\t\tmarke='" . $_POST["1"] . "',\n\t\t\t\tmodell='" . $_POST["2"] . "',\n\t\t\t\tfarbe='" . $farbe . "',\n\t\t\t\tplatzzahl='" . $_POST["4"] . "',\n\t\t\t\ttüren='" . $_POST["5"] . "',\n\t\t\t\tkraftstoff='" . $_POST["6"] . "',\n\t\t\t\tverbrauch='" . $_POST["7"] . "',\n\t\t\t\tschaltung='" . $_POST["8"] . "',\n\t\t\t\tps='" . $_POST["9"] . "',\n\t\t\t\tkm='" . $_POST["10"] . "',\n\t\t\t\tflughafen_id='" . getFlughafenIDByOrt($_POST["11"]) . "',\n\t\t\t\tvermieter_id='" . $_POST["12"] . "',\n\t\t\t\tpreis='" . $_POST["13"] . "'\n\t\t\t\tWHERE id='" . $id . "'";
// echo $abfrage;
mysql_query($abfrage);
header('Location: ../admin/autos.php');
}
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="../css/dialog.css">
<meta http-equiv="Content-type" content="text/html; charset=utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1" />
<style>
validateSession("../admin/hotels.php");
for ($i = 0; $i < 8; $i++) {
if ($i == 6) {
$valarray[$i] = getLandNameByISO($_GET["6"]);
} else {
$valarray[$i] = $_GET[$i];
}
}
$id = $_GET['0'];
if (isset($_POST['submit'])) {
if ($id == "") {
$id = $_POST["0"];
}
// echo $_FILES["hotelpic"]["tmp_name"];
if ($_FILES["hotelpic"]["tmp_name"] != "") {
ftpupload($_FILES["hotelpic"]["tmp_name"], HOTEL_DIR, getHotelBild($_POST['1']));
}
$nearAirport = getNearestAirport($_POST["5"], getLandISOByName($_POST["6"]));
$abfrage = "UPDATE Hotel SET\n\t\t\t\tid='{$id}', \n\t\t\t\tname='" . $_POST["1"] . "',\n\t\t\t\tsterne='" . $_POST["2"] . "',\n\t\t\t\tzimmerzahl='" . $_POST["3"] . "',\n\t\t\t\tstrasse='" . $_POST["4"] . "',\n\t\t\t\tort='" . $_POST["5"] . "',\n\t\t\t\tland='" . getLandISOByName($_POST["6"]) . "',\n\t\t\t\thomepage='" . $_POST["7"] . "',\n\t\t\t\tnaherFlughafen='" . $nearAirport[0] . "'\n\t\t\t\tWHERE id='" . $id . "'";
// echo var_dump($nearAirport);
// echo $abfrage;
mysql_query($abfrage);
header('Location: ../admin/hotels.php');
}
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="../css/dialog.css">
<meta http-equiv="Content-type" content="text/html; charset=utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1" />
function updateswfattach()
{
global $db, $tablepre, $attachsave, $attachdir, $discuz_uid, $postattachcredits, $tid, $pid, $swfattachnew, $swfattachdel, $allowsetattachperm, $maxprice, $updateswfattach, $watermarkstatus;
$imageexists = 0;
$swfattachnew = (array) $swfattachnew;
$query = $db->query("SELECT * FROM {$tablepre}attachments WHERE tid='0' AND pid='0' AND uid='{$discuz_uid}'");
if ($db->num_rows($query) && $updateswfattach) {
$swfattachcount = 0;
$delaids = array();
while ($swfattach = $db->fetch_array($query)) {
if (in_array($swfattach['aid'], $swfattachdel)) {
dunlink($swfattach['attachment'], $swfattach['thumb']);
$delaids[] = $swfattach['aid'];
continue;
}
$extension = strtolower(fileext($swfattach['filename']));
$attach_basename = basename($swfattach['attachment']);
$attach_src = $attachdir . '/' . $swfattach['attachment'];
if ($attachsave) {
switch ($attachsave) {
case 1:
$attach_subdir = 'forumid_' . $GLOBALS['fid'];
break;
case 2:
$attach_subdir = 'ext_' . $extension;
break;
case 3:
$attach_subdir = 'month_' . date('ym');
break;
case 4:
$attach_subdir = 'day_' . date('ymd');
break;
}
$attach_descdir = $attachdir . '/' . $attach_subdir;
$swfattachnew[$swfattach['aid']]['attachment'] = $attach_subdir . '/' . $attach_basename;
} else {
$attach_descdir = $attachdir;
$swfattachnew[$swfattach['aid']]['attachment'] = $attach_basename;
}
$swfattachnew[$swfattach['aid']]['thumb'] = $swfattach['thumb'];
$attach_desc = $attach_descdir . '/' . $attach_basename;
if ($swfattach['isimage'] && $watermarkstatus) {
require_once DISCUZ_ROOT . './include/image.class.php';
$image = new Image($attach_src, $swfattach);
if ($image->imagecreatefromfunc && $image->imagefunc) {
$image->Watermark();
$swfattach = $image->attach;
}
}
if (!is_dir($attach_descdir)) {
@mkdir($attach_descdir, 0777);
@fclose(fopen($attach_descdir . '/index.htm', 'w'));
}
if ($swfattach['thumb'] == 1) {
if (!@rename($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg') && @copy($attach_src . '.thumb.jpg', $attach_desc . '.thumb.jpg')) {
@unlink($attach_src . '.thumb.jpg');
}
}
if (!@rename($attach_src, $attach_desc) && @copy($attach_src, $attach_desc)) {
@unlink($attach_src);
}
if ($swfattach['isimage']) {
$imageexists = 1;
}
$attachnew = $swfattachnew[$swfattach['aid']];
$attachnew['remote'] = ftpupload($attach_desc, $attachnew);
$attachnew['perm'] = $allowsetattachperm ? $attachnew['perm'] : 0;
$attachnew['description'] = cutstr(dhtmlspecialchars($attachnew['description']), 100);
$attachnew['price'] = $maxprice ? intval($attachnew['price']) <= $maxprice ? intval($attachnew['price']) : $maxprice : 0;
$db->query("UPDATE {$tablepre}attachments SET tid='{$tid}', pid='{$pid}', attachment='{$attachnew['attachment']}', description='{$attachnew['description']}', readperm='{$attachnew['readperm']}', price='{$attachnew['price']}', remote='{$attachnew['remote']}' WHERE aid='{$swfattach['aid']}'");
$swfattachcount++;
}
if ($delaids) {
$db->query("DELETE FROM {$tablepre}attachments WHERE aid IN (" . implodeids($delaids) . ")", 'UNBUFFERED');
}
$attachment = $imageexists ? 2 : 1;
if ($swfattachcount) {
$db->query("UPDATE {$tablepre}threads SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED');
$db->query("UPDATE {$tablepre}posts SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED');
updatecredits($discuz_uid, $postattachcredits, $swfattachcount);
}
}
}
function updateattach($postattachcredits, $tid, $pid, $attachnew, $attachdel, $attachupdate = array(), $uid = 0)
{
global $_G;
$uid = $uid ? $uid : $_G['uid'];
$uidadd = $_G['forum']['ismoderator'] ? '' : " AND uid='{$uid}'";
$attachnum = $_G['group']['allowpostattach'];
if ($attachnew) {
$newaids = array_keys($attachnew);
$newattach = $newattachfile = $albumattach = array();
$query = DB::query("SELECT aid, tid, attachment FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($newaids) . "){$uidadd}");
while ($attach = DB::fetch($query)) {
if ($_G['group']['maxattachnum']) {
if ($attachnum <= 0) {
unset($attachnew[$attach['aid']]);
continue;
} else {
$attachnum--;
}
}
if (!$attach['tid']) {
$newattach[$attach['aid']] = $attach['aid'];
$newattachfile[$attach['aid']] = $attach['attachment'];
}
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
require_once libfile('class/image');
$image = new image();
}
if (!empty($_G['gp_albumaid'])) {
array_unshift($_G['gp_albumaid'], '');
$_G['gp_albumaid'] = array_unique($_G['gp_albumaid']);
unset($_G['gp_albumaid'][0]);
$query = DB::query("SELECT * FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($_G['gp_albumaid']) . ")");
while ($attach = DB::fetch($query)) {
$albumattach[$attach['aid']] = $attach;
}
}
foreach ($attachnew as $aid => $attach) {
$update = array('readperm' => $_G['group']['allowsetattachperm'] ? $attach['readperm'] : 0, 'price' => $_G['group']['maxprice'] ? intval($attach['price']) <= $_G['group']['maxprice'] ? intval($attach['price']) : $_G['group']['maxprice'] : 0, 'tid' => $tid, 'pid' => $pid, 'uid' => $uid);
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark']) && !empty($newattachfile[$aid])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $newattachfile[$aid], '', 'forum');
}
if (!empty($_G['gp_albumaid']) && isset($albumattach[$aid])) {
$newalbum = 0;
if (!$_G['gp_uploadalbum']) {
require_once libfile('function/spacecp');
$_G['gp_uploadalbum'] = album_creat(array('albumname' => $_G['gp_newalbum']));
$newalbum = 1;
}
$picdata = array('albumid' => $_G['gp_uploadalbum'], 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $albumattach[$aid]['dateline'], 'postip' => $_G['clientip'], 'filename' => $albumattach[$aid]['filename'], 'title' => $albumattach[$aid]['description'], 'type' => fileext($albumattach[$aid]['attachment']), 'size' => $albumattach[$aid]['filesize'], 'filepath' => $albumattach[$aid]['attachment'], 'thumb' => $albumattach[$aid]['thumb'], 'remote' => $albumattach[$aid]['remote'] + 2);
$update['picid'] = DB::insert('home_pic', $picdata, 1);
if ($newalbum) {
require_once libfile('function/home');
require_once libfile('function/spacecp');
album_update_pic($_G['gp_uploadalbum']);
}
}
DB::query("REPLACE INTO " . DB::table('forum_attachmentfield') . " (aid, tid, pid, uid, description) VALUES ('{$aid}', '{$tid}', '{$pid}', '{$uid}', '" . cutstr(dhtmlspecialchars($attach['description']), 100) . "')");
DB::update('forum_attachment', $update, "aid='{$aid}'{$uidadd}");
}
if (!empty($_G['gp_albumaid'])) {
$albumdata = array('picnum' => DB::result_first("SELECT count(*) FROM " . DB::table('home_pic') . " WHERE albumid='{$_G['gp_uploadalbum']}'"), 'updatetime' => $_G['timestamp']);
DB::update('home_album', $albumdata, "albumid='{$_G['gp_uploadalbum']}'");
}
if ($newattach) {
ftpupload($newaids, $uid);
}
}
$query = DB::query("SELECT aid, attachment, thumb, remote FROM " . DB::table('forum_attachment') . " WHERE uid='{$uid}'");
$delaids = array();
while ($attach = DB::fetch($query)) {
$aids[] = $attach['aid'];
if ($attachdel && in_array($attach['aid'], $attachdel)) {
$delaids[] = $attach['aid'];
unset($newattach[$attach['aid']]);
dunlink($attach);
}
if ($attachupdate && array_key_exists($attach['aid'], $attachupdate) && $attachupdate[$attach['aid']]) {
dunlink($attach);
}
}
if ($newattach && $uid == $_G['uid']) {
updatecreditbyaction('postattach', $uid, array(), '', count($newattach));
}
if ($attachupdate) {
$uaids = dimplode($attachupdate);
$query = DB::query("SELECT aid, width, filename, filetype, filesize, attachment, isimage, thumb, remote FROM " . DB::table('forum_attachment') . " WHERE aid IN ({$uaids}){$uidadd}");
DB::query("DELETE FROM " . DB::table('forum_attachment') . " WHERE aid IN ({$uaids}){$uidadd}");
$attachupdate = array_flip($attachupdate);
while ($attach = DB::fetch($query)) {
$update = $attach;
$update['dateline'] = TIMESTAMP;
$update['remote'] = 0;
unset($update['aid']);
DB::update('forum_attachment', $update, "aid='" . $attachupdate[$attach['aid']] . "'{$uidadd}");
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark'])) {
$image->Watermark($_G['setting']['attachdir'] . '/forum/' . $attach['attachment'], '', 'forum');
}
ftpupload(array($attachupdate[$attach['aid']]), $uid);
}
}
if ($delaids) {
DB::query("DELETE FROM " . DB::table('forum_attachment') . " WHERE aid IN (" . dimplode($delaids) . ")", 'UNBUFFERED');
DB::query("DELETE FROM " . DB::table('forum_attachmentfield') . " WHERE aid IN (" . dimplode($delaids) . ")", 'UNBUFFERED');
}
$attachcount = DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : ''));
$attachment = $attachcount ? DB::result_first("SELECT count(*) FROM " . DB::table('forum_attachment') . " WHERE tid='{$tid}'" . ($pid > 0 ? " AND pid='{$pid}'" : '') . " AND isimage != 0") ? 2 : 1 : 0;
DB::query("UPDATE " . DB::table('forum_thread') . " SET attachment='{$attachment}' WHERE tid='{$tid}'", 'UNBUFFERED');
$posttable = getposttablebytid($tid);
DB::query("UPDATE " . DB::table($posttable) . " SET attachment='{$attachment}' WHERE pid='{$pid}'", 'UNBUFFERED');
$_G['forum_attachexist'] = $attachment;
}
function forum_downremotefile($arr, $old_arr)
{
global $_G;
$evo_img_no = $_G['cache']['evn_milu_pick']['evo_img_no'];
$config = get_pick_set();
$get_file_ext_arr = $config['get_file_ext'] ? explode('|', $config['get_file_ext']) : array();
$arr['is_download_file'] = $arr['is_download_file'] ? $arr['is_download_file'] : $arr['p_arr']['is_download_file'];
$arr['message'] = dstripslashes($arr['content']);
//print_r($arr);
//$arr['message'] = str_replace(array("\r", "\n"), array($_GET['wysiwyg'] ? '<br />' : '', "\\n"), $arr['message']);
preg_match_all("/\\[img\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]|\\[img=\\d{1,4}[x|\\,]\\d{1,4}\\]\\s*([^\\[\\<\r\n]+?)\\s*\\[\\/img\\]/is", $arr['message'], $image1, PREG_SET_ORDER);
//preg_match_all("/\<img.+src=('|\"|)?(.*)(\\1)([\s].*)?\>/ismUe", $arr['message'], $image2, PREG_SET_ORDER);
preg_match_all("/\\<img.+src=('|\"|)?(.*)(\\1)(.*)?\\>/isU", $arr['message'], $image2, PREG_SET_ORDER);
$temp = $aids = $existentimg = $attach_arr = array();
if (is_array($image1) && !empty($image1)) {
foreach ($image1 as $value) {
$v = trim(!empty($value[1]) ? $value[1] : $value[2]);
$no_remote = 0;
if (!filter_something($v, $evo_img_no)) {
//存在
$no_remote = 1;
}
if ($no_remote == 0) {
$temp[] = array('0' => $value[0], '1' => $v);
}
}
}
if (is_array($image2) && !empty($image2)) {
foreach ($image2 as $v) {
$no_remote = 0;
$v[2] = trim(strip_tags($v[2]));
if (!filter_something($v[2], $evo_img_no)) {
//存在
$no_remote = 1;
}
if ($no_remote == 0) {
$temp[] = array('0' => $v[0], '1' => $v[2]);
}
}
}
if ($arr['is_download_file'] == 1) {
$attach_arr = get_attach_data($arr['page_url'], $arr['message']);
}
$attach_arr = $attach_arr ? $attach_arr : array();
$temp = $temp ? $temp : array();
$temp = array_merge($temp, $attach_arr);
//if(VIP) $arr['message'] = post($arr['message'], array('cookie' => $arr['cookie'], 'page_url' => $arr['page_url'], 'cid' => $arr['cid']));
$del_a = 0;
if ($arr['content_filter_html'][0] == 0 && $arr['content_filter_html']) {
$del_a = 1;
}
//print_r($arr['message']);exit();
require_once libfile('class/image');
if (is_array($temp) && !empty($temp)) {
if (file_exists(libfile('class/upload'))) {
require_once libfile('class/upload');
} else {
require_once libfile('discuz/upload', 'class');
}
$upload = new discuz_upload();
$attachaids = array();
$threadimage_flag = 0;
$content_md5_arr = array();
foreach ($temp as $key => $value) {
$snoopy_args['cookie'] = $arr['cookie'];
$snoop_obj = get_snoopy_obj($snoopy_args);
$imageurl = $value[1];
$hash = md5($imageurl);
if (strlen($imageurl)) {
$imagereplace['oldimageurl'][] = $value[0];
if (!isset($existentimg[$hash])) {
$existentimg[$hash] = $imageurl;
$attach['ext'] = $upload->fileext($imageurl);
if ($upload->is_image_ext($attach['ext']) == 1 && $arr['is_download_img'] != 1) {
$imagereplace['newimageurl'][] = $value[0];
continue;
}
if (!$upload->is_image_ext($attach['ext'])) {
$ext = 'no_get';
}
if (preg_match('/^(http:\\/\\/|\\.)/i', $imageurl)) {
if ($imageurl && snoop_obj) {
$content_re = get_img_content($imageurl, $snoop_obj, $ext);
}
if (is_array($content_re)) {
$content = $content_re['content'];
$file_name = $attach['name'] = $content_re['file_name'] ? $content_re['file_name'] : ($value[2] ? _striptext($value[2]) : time() . '.' . $content_re['file_ext']);
$attach['ext'] = $content_re['file_ext'] ? $content_re['file_ext'] : trim($upload->fileext($file_name));
$file_name = $attach['name'] = $file_name;
} else {
$content = $content_re;
}
if (in_array(md5($content), $content_md5_arr)) {
$imagereplace['newimageurl'][] = '';
continue;
}
$content_md5_arr[] = md5($content);
} elseif (preg_match('/^(' . preg_quote(getglobal('setting/attachurl'), '/') . ')/i', $imageurl)) {
$imagereplace['newimageurl'][] = $value[0];
}
if (empty($content)) {
if ($value[4] == 1) {
if ($del_a == 1) {
$imagereplace['newimageurl'][] = $value[2];
} else {
unset($imagereplace['oldimageurl'][$key]);
}
} else {
$imagereplace['newimageurl'][] = '';
}
continue;
}
if (!$attach['name']) {
$patharr = explode('/', $imageurl);
$attach['name'] = trim($patharr[count($patharr) - 1]);
}
$patharr = explode('/', $imageurl);
if (!$attach['name']) {
$attach['name'] = trim($patharr[count($patharr) - 1]);
}
$attach['thumb'] = '';
$attach['ext'] = trim($attach['ext']);
//不加这个有些还真不行
$attach['isimage'] = $upload->is_image_ext($attach['ext']);
if ($attach['isimage'] == 1 && $arr['is_download_img'] != 1) {
$imagereplace['newimageurl'][] = $value[0];
continue;
}
$attach['extension'] = $upload->get_target_extension($attach['ext']);
$attach['attachdir'] = $upload->get_target_dir('forum');
$attach['attachment'] = $attach['attachdir'] . $upload->get_target_filename('forum') . '.' . $attach['extension'];
$attach['target'] = getglobal('setting/attachdir') . './forum/' . $attach['attachment'];
if (!in_array($attach['ext'], $get_file_ext_arr) && $get_file_ext_arr && $attach['isimage'] == 0) {
if ($value[4] == 1) {
if ($del_a == 1) {
$imagereplace['newimageurl'][] = $value[2];
} else {
unset($imagereplace['oldimageurl'][$key]);
}
} else {
$imagereplace['newimageurl'][] = '';
}
continue;
}
if (!@($fp = fopen($attach['target'], 'wb'))) {
continue;
} else {
flock($fp, 2);
fwrite($fp, $content);
fclose($fp);
}
if (!$upload->get_image_info($attach['target']) && $attach['isimage'] == 1) {
@unlink($attach['target']);
continue;
}
$attach['size'] = filesize($attach['target']);
$upload->attach = $attach;
$thumb = $width = 0;
if ($upload->attach['isimage']) {
if ($_G['setting']['thumbstatus']) {
$image = new image();
$thumb = $image->Thumb($upload->attach['target'], '', $_G['setting']['thumbwidth'], $_G['setting']['thumbheight'], $_G['setting']['thumbstatus'], $_G['setting']['thumbsource']) ? 1 : 0;
$width = $image->imginfo['width'];
}
if ($_G['setting']['thumbsource'] || !$_G['setting']['thumbstatus']) {
list($width) = @getimagesize($upload->attach['target']);
}
if ($_G['setting']['watermarkstatus'] && empty($_G['forum']['disablewatermark']) && $arr['is_water_img'] == 1) {
$image = new image();
$image->Watermark($attach['target'], '', 'forum');
}
}
$desc = $value[3];
$arr['public_time'] = $arr['public_time'] ? $arr['public_time'] : $arr['dateline'];
$arr['public_time'] = $arr['public_time'] ? $arr['public_time'] : $_G['timestamp'];
$remote = 0;
$setarr = array('uid' => $arr['uid'], 'tid' => $arr['tid'], 'pid' => $arr['pid'], 'filename' => daddslashes($upload->attach['name']), 'attachment' => $upload->attach['attachment'], 'filesize' => $upload->attach['size'], 'thumb' => $thumb, 'remote' => $remote, 'picid' => $picid, 'isimage' => $attach['isimage'], 'description' => $desc, 'readperm' => 0, 'price' => 0, 'width' => $width, 'dateline' => $arr['public_time']);
$setimg_arr = array('tid' => $arr['tid'], 'attachment' => $upload->attach['attachment'], 'remote' => $remote);
$set_att = array('downloads' => rand(1, 15), 'tableid' => getattachtableid($arr['tid']), 'uid' => $arr['uid'], 'pid' => $arr['pid'], 'tid' => $arr['tid']);
if ($threadimage_flag == 0 && !$arr['is_post'] && $attach['isimage'] == 1) {
DB::insert('forum_threadimage', $setimg_arr, true);
$threadimage_flag = 1;
}
$setarr['aid'] = $newaids[] = DB::insert('forum_attachment', $set_att, true);
$at[] = $setarr['aid'];
$attachnew_arr[$setarr['aid']] = array('description' => $setarr['description']);
DB::insert(getattachtablebytid($arr['tid']), $setarr, true);
$attachaids[$hash] = $imagereplace['newimageurl'][] = '[attach]' . $setarr['aid'] . '[/attach]';
} else {
$imagereplace['newimageurl'][] = $attachaids[$hash];
}
}
}
if ($_G['setting']['ftp']['on'] == 1) {
require_once libfile('function/post');
ftpupload($newaids, $arr['uid']);
}
if (count($at) > 0) {
$arr['attachment'] = 2;
}
$arr['message'] = str_replace($imagereplace['oldimageurl'], $imagereplace['newimageurl'], $arr['message']);
if ($del_a == 1) {
$arr['message'] = clear_html_script($arr['message'], array(0));
}
forum_article_content($arr);
}
}
}
}
//Logout
if (isset($_POST['logout'])) {
//echo "do logout";
session_destroy();
header('Location: index.php');
}
//Flugzeug eintragen
if (isset($_POST["submit"])) {
$airline = strtolower($_POST["airline"]);
//Airline-Bild hochladen, wenn noch nicht vorhanden
$ab2 = "SELECT * FROM Flugzeug WHERE fluggesellschaft LIKE '{$airline}'";
$numairlines = mysql_num_rows(mysql_query($ab2));
if ($numairlines == 0) {
ftpupload($_FILES["airlinepic"]["tmp_name"], AIRLINE_DIR, $airline . ".png");
}
$abfrage = "INSERT INTO Flugzeug VALUES (\n\t'" . $_POST["flugzeugname"] . "',\n\t'" . $_POST["vollName"] . "',\n\t'" . $_POST["first"] . "',\n\t'" . $_POST["business"] . "',\n\t'" . $_POST["eco"] . "',\n\t'" . $_POST["ecoplus"] . "',\n\t'" . $airline . "');";
mysql_query($abfrage);
//header("Location: #close");
}
function getData($name)
{
if (isset($_POST[$name])) {
echo $_POST[$name];
}
}
?>
<html lang="de">
<head>
<title>SWP</title>