/**
* 保存新回复
* @param: NULL
* @return: NULL
* @access: public
*/
public function run()
{
//取得主题的id
$topic_id = $this->getParameterFromPOST('id');
//验证帖子的是否存在
if (!TopicUtil::isExists($this->db, $topic_id)) {
$this->AlertAndBack(TOPIC_IS_NOT_EXISTS);
return;
}
//验证帖子的状态
$status = TopicUtil::getTopicStatus($this->db, $topic_id);
//注意状态为3,则为帖子被锁定,不能回复了。
if ($status == 2) {
$this->AlertAndBack(TOPIC_HAD_BE_CLOSED);
return;
} else {
if ($status == 3) {
$this->AlertAndBack(TOPIC_HAD_BE_LOCK);
return;
}
}
//取得版块的id
$bbs_id = TopicUtil::getLayoutId($this->db, $topic_id);
if (!$bbs_id) {
$this->forward('index.php');
}
//验证论坛是否存在
if (!LayoutUtil::isExists($this->db, $bbs_id)) {
//论坛不存在,则转向首页
$this->forward('index.php');
}
//更新用户在本版的信息
LayoutUtil::updateOnlineUser($this->db, $bbs_id);
$bbs_status = LayoutUtil::getLayoutStatus($this->db, $bbs_id);
if ($bbs_status == 1 && !isset($_SESSION['user'])) {
$this->AlertAndForward(SNT_NEED_LOGIN, 'index.php?module=user&action=showlogin');
return;
} else {
if ($bbs_status == 2) {
$this->AlertAndForward(SNT_LAYOUT_WAS_CLOSED, 'index.php');
return;
} else {
if ($bbs_status == 3) {
//等于三不允许发帖
$this->AlertAndBack(SNT_NOW_ALLOW_NEW_TOPIC);
return;
} else {
if (LayoutUtil::isClosedByParent($this->db, $bbs_id)) {
$this->AlertAndForward(SNT_LAYOUT_WAS_CLOSED, 'index.php');
return;
}
}
}
}
//取得各种参数
//帖子的表情
$express = $this->getParameterFromPost('express');
//上传的帖子标题
$title = $this->getParameterFromPost('title');
//上传的内容
$content = $this->getParameterFromPost('content');
//记录在Session里
$_SESSION['temp_title'] = $title;
$_SESSION['temp_content'] = $content;
$_SESSION['temp_express'] = $express;
//看文件是否有文件上传
if ($_FILES['attach']['tmp_name']) {
//用户有上传文件
if ($_FILES['attach']['type'] != 'image/gif' && $_FILES['attach']['type'] != 'image/jpeg' && $_FILES['attach']['type'] != 'image/jpg' && $_FILES['attach']['type'] != 'image/pjpeg' && $_FILES['attach']['type'] != 'image/png') {
$this->AlertandBack(ST_PHONE_FILE_LIMIT);
}
//判断上传的文件大小是否合乎要求
if ($_FILES['attach']['size'] > 1048576) {
$this->AlertAndBack(ST_PHONE_FILE_SIZE_LIMIT);
return;
}
}
//回复标题可以为空
//如果标题为空,则自动生成一个标题
if (!$title || strlen($title) <= 0) {
$sql = 'select title from bbs_subject where id=?';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
$rows = $res->FetchRow();
$title = "Re:" . $rows['title'];
}
/*
if ( strlen($title) > 143 ) {
$this->AlertAndBack(ST_TITLE_TOO_LONG);
return;
}*/
if (!$content || strlen($content) <= 0) {
$this->AlertAndBack(ST_CONTENT_IS_EMPTY);
return;
}
//插入新回复
$ip_temp = getIp();
$ip = $ip_temp['ip'];
$user_name = $_SESSION['user']['name'];
$now = time();
$sql = 'insert into bbs_reply ( layout_id, title, author, content, post_ip, ' . 'post_date, express, subject_id ) values (?, ?, ?, ?, ?, ?, ?, ?) ';
$sth = $this->{'db'}->Prepare($sql);
$this->{'db'}->Execute($sth, array($bbs_id, $title, $user_name, $content, $ip, $now, $express, $topic_id));
if ($this->{'db'}->ErrorNo()) {
$this->AlertAndBack($this->{'db'}->ErrorMsg());
return;
}
//得到最后的id
$insert_id = $this->{'db'}->Insert_id();
if ($_FILES['attach']['tmp_name']) {
//取得文件的大小
list($image_width, $image_height, $image_type, $image_attr) = getimagesize($_FILES['attach']['tmp_name']);
//判断文件的类型
switch ($image_type) {
case 1:
$image_left_type = '.gif';
break;
case 2:
$image_left_type = '.jpg';
break;
case 3:
$image_left_type = '.png';
break;
}
//存储的文件名
$file_name = ROOT_PATH . 'upload/attach/reply/' . $insert_id . $image_left_type;
if (!move_uploaded_file($_FILES['attach']['tmp_name'], $file_name)) {
$sql = 'delete from bbs_reply where id=?';
$sth = $this->{'db'}->Prepare($sql);
$this->{'db'}->Execute($sth, array($insert_id));
$this->AlertAndBack(ST_UPLOAD_ERROR);
return;
} else {
$sql = 'insert into bbs_reply_attach (reply_id, file_type) ' . ' values (?, ?)';
$sth = $this->{'db'}->Prepare($sql);
$this->{'db'}->Execute($sth, array($insert_id, $image_left_type));
}
}
unset($_SESSION['temp_title']);
unset($_SESSION['temp_content']);
unset($_SESSION['temp_express']);
//发送短信,通知各个用户有回复了你的帖子
//发送邮件,通知各个用户有回复了你的帖子
$mail_user = array();
$message_user = array();
$sql = 'select a.author, b.user_email, b.id from bbs_subject a join ' . ' base_user_info b on a.author = b.user_name ' . ' join user_setting c on b.id=c.user_id where a.id=? and c.user_whether_receive_email=1';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
$rows = $res->FetchRow();
if ($rows['id']) {
$mail_user[] = $rows['user_email'];
}
$sql = 'select distinct a.author, b.user_email, b.id from bbs_reply a join base_user_info b ' . ' on a.author = b.user_name join user_setting c on b.id=c.user_id ' . ' where a.subject_id=? and c.user_whether_receive_email=1';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
while ($rows = $res->FetchRow()) {
if ($rows['id']) {
$mail_user[] = $rows['user_email'];
}
}
$mail_user = array_unique($mail_user);
//计算发送短信的用户数组
$sql = 'select a.author, b.id from bbs_subject a join ' . ' base_user_info b on a.author = b.user_name ' . ' join user_setting c on b.id=c.user_id where a.id=? and c.receive_system_message=1';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
$rows = $res->FetchRow();
if ($rows['id']) {
$message_user[] = $rows['id'];
}
$sql = 'select distinct a.author, b.id from bbs_reply a join base_user_info b ' . ' on a.author = b.user_name join user_setting c on b.id=c.user_id ' . ' where a.subject_id=? and c.receive_system_message=1';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
while ($rows = $res->FetchRow()) {
if ($rows['id']) {
$message_user[] = $rows['id'];
}
}
$message_user = array_unique($message_user);
//开始发送邮件
$to_address = implode(',', $mail_user);
$mail_content = ST_MAIL_CONTENT . "\n\n";
$mail_content .= ROOT_URL . 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . "\n\n";
$headers = "To:" . $to_address . "\r\n";
$headers .= "From:" . WEBSITE_EMAIL . "\r\n";
//发送邮件:
@mail($to_address, ST_MAIL_SUBJECT, $mail_content, $headers);
//发送短消息
//发件人
$sender = '0';
$message_content = ST_MESSAGE_CONTENT . "\n";
$now = getNoFormateCurrentDate();
$message_content .= "[url=" . 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . "][color=red]" . ST_CLICK_HERE . "[/color]" . "[/url]";
$sql = 'insert into message_inbox ( user_id, send_user_id, title, receive_time, content ) ' . ' values ( ?, ?, ?, ?, ?) ';
$sth = $this->db->Prepare($sql);
foreach ($message_user as $user) {
$this->db->Execute($sth, array($user, $sender, ST_MAIL_SUBJECT, $now, $message_content));
}
$now = time();
//更新主题的最后更新时间
$update_sql = 'update bbs_subject set last_access_date=?,reply_number=reply_number+1 where id=?';
$sth = $this->db->Prepare($update_sql);
$this->db->Execute($sth, array($now, $topic_id));
//求这个回帖的位置所在的位置
$sort_number = TopicUtil::getSortNumber($this->db, $topic_id, $insert_id);
$page = ceil($sort_number / $this->pre_page);
//这里还有很多的工作需要做
$this->TipsAndForward(ST_SAVE_REPLY_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . '&page=' . $page . '#topic' . $sort_number);
}
/**
* user's access log
* @param: $module access module
* @param: $actoin access action
* @return: NULL
* @access; private
*/
private function recordUserAction($module = 'bbs', $action = 'default')
{
$ip = getenv('REMOTE_ADDR');
if (!$ip) {
$ip = 'not get';
}
$username = $_SESSION['user']['name'];
if (!$username) {
$username = $ip;
}
$now = time();
$db = DB::getConnection();
if (!$db) {
header("Content-type:text/html;charset=UTF-8");
die("Can't not connection the database");
}
// update online user status
// after 45 minitues, if user have not any action, we must
// beleive this guys had gnone aways.
//记录访问计数器
$sql = 'select count(*) as num from online_user where session_id=?';
$sth = $db->prepare($sql);
$res = $db->Execute($sth, array(session_id()));
$rows = $res->FetchRow();
if (!$rows['num']) {
//如果没有记录则我们需要记录该用户的反问计数器
$count = $rows['num'];
$sql = 'update total_count set total_count=total_count + 1 where id=1';
$db->execute($sql);
//记录当天的访问数
$sql = 'select count(*) as num from web_count where count_date=?';
$date_array = getdate();
$now_date = $date_array['year'] . '-' . $date_array['mon'] . '-' . $date_array['mday'];
$sth = $db->prepare($sql);
$res = $db->Execute($sth, array($now_date));
$rows = $res->FetchRow();
if (!$rows['num']) {
$sql = 'insert into web_count (count_date, access_number ) values (?, ? ) ';
$sth = $db->prepare($sql);
$db->execute($sth, array($now_date, 1));
} else {
$sql = 'update web_count set access_number = access_number + 1 where ' . ' count_date=? ';
$sth = $db->prepare($sql);
$db->execute($sth, array($now_date));
}
}
$session_id = session_id();
$sql = 'select count(*) as num from online_user where lower(user_name)=?';
$stmt = $db->prepare($sql);
$res = $db->Execute($stmt, array(isset($_SESSION['user']) ? strtolower($_SESSION['user']['name']) : strtolower($session_id)));
$rows = $res->FetchRow();
if ($rows['num']) {
$update_sql = 'update online_user set access_time=? where session_id=?';
$update_stmt = $db->prepare($update_sql);
$db->Execute($update_stmt, array(time(), $session_id));
} else {
$user_name = $session_id;
if (isset($_SESSION['user'])) {
$user_name = $_SESSION['user']['name'];
}
$ip = getenv('REMOTE_ADDR');
$insert_sql = 'insert into online_user (user_name, user_ip, connect_time,
access_time, session_id) values (?, ?, ?, ?, ? )';
$insert_stmt = $db->prepare($insert_sql);
$db->Execute($insert_sql, array($user_name, $ip, time(), time(), $session_id));
}
// recored these user for logout
$now = time();
$sql = 'select user_name from online_user where access_time + 2700 < ? ';
$sth = $db->Prepare($sql);
$res = $db->Execute($sth, array($now));
while ($rows = $res->FetchRow()) {
$user_id = UserUtil::getUserId($db, $rows['user_name']);
$temp_sql = 'select count(*) as num from user_last_time_logout where user_id=?';
$temp_sth = $db->Prepare($temp_sql);
$temp_res = $db->Execute($temp_sth, array($user_id));
$temp_rows = $temp_res->FetchRow();
if ($temp_rows['num']) {
$update_sql = 'update user_last_time_logout set last_time=? where user_id=?';
$update_sth = $db->Prepare($update_sql);
$db->Execute($update_sth, array($now, $user_id));
} else {
$insert_sql = 'insert into user_last_time_logout (user_id, ' . ' last_time) values (?, ?)';
$insert_sth = $db->Prepare($insert_sql);
$db->Execute($insert_sth, array($user_id, $now));
}
}
// delte all user that had gnone away.
$sql = 'delete from online_user where access_time + 2700 < ? ';
$stmt = $db->prepare($sql);
$db->Execute($stmt, array($now));
//记录最大同时在线的人数
$sql = 'select count(*) as num from online_user ';
$res = $db->Execute($sql);
$rows = $res->FetchRow();
$online_user_number = $rows['num'];
//看看目前最大的用户同时在线数
$sql = 'select online from max_online_user where id=1';
$res = $db->Execute($sql);
$rows = $res->FetchRow();
if (!$rows['online']) {
$sql = 'insert into max_online_user (id, online, online_date ) values (?, ?, ?)';
$sth = $db->prepare($sql);
$db->Execute($sth, array(1, $online_user_number, getNoFormateCurrentDate()));
} else {
if ($rows['online'] < $online_user_number) {
$sql = 'update max_online_user set online=?, online_date=? where id=?';
$sth = $db->prepare($sql);
$db->Execute($sth, array($online_user_number, getNoFormateCurrentDate(), 1));
}
}
return;
}
/**
* 保存编辑后的帖子
* @param: NULL
* @return: NULL
* @access: public
*/
public function run()
{
//收集变量
$topic = $this->getParameterFromPOST('topic');
$id = $this->getParameterFromPOST('id');
$title = $this->getParameterFromPOST('title');
$content = $this->getParameterFromPOST('content');
$express = $this->getParameterFromPOST('express');
$delattach = $this->getParameterFromPOST('delattach');
if (!$title || strlen($title) <= 0) {
$this->AlertAndBack(SE_TITLE_IS_EMPTY);
return;
}
/*
if ( strlen($title) > 140 ) {
$this->AlertAndBack(SE_TITLE_TOO_LONG);
return;
}*/
if (!$content || strlen($content) <= 0) {
$this->AlertAndBack(SE_CONTENT_IS_EMPTY);
return;
}
//做出基本的判断/*{{{*/
if (!$id) {
$this->AlertandBack(SE_NO_TOPIC_ID);
return;
}
//找出这个帖子所在的版块的id, 作者。
$layout_id = 0;
$author = '';
if ($topic) {
//如果是主题
$sql = 'select layout_id, author from bbs_subject where id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->execute($sth, array($id));
$rows = $res->FetchRow();
$layout_id = $rows['layout_id'];
$author = $rows['author'];
} else {
$sql = 'select layout_id, author from bbs_reply where id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->execute($sth, array($id));
$rows = $res->FetchRow();
$layout_id = $rows['layout_id'];
$author = $rows['author'];
}
if (!$layout_id) {
//保存的帖子根本不存在。
$this->AlertAndBlack(SE_TOPIC_IS_NOT_EXISTS);
return;
}
//判断用户是否可以编辑
if ($topic) {
//如果等于1,则为主题
//如果存在,则判断用户是否有权利修改
$sql = 'select author, layout_id from bbs_subject where id=?';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($id));
$rows = $res->FetchRow();
$user_name = $rows['author'];
$bbs_id = $rows['layout_id'];
$user_can_be_edit = 0;
if (strtolower($_SESSION['user']['name']) == strtolower($user_name)) {
$user_can_be_edit = 1;
} else {
if (strtolower($_SESSION['user']['name']) != strtolower($user_name)) {
//判断用户是否是这个版块的版主。
$dep = UserUtil::getUserDep($db, $_SESSION['user']['name']);
if ($dep == 1 || $dep == 2) {
$user_can_be_edit = 1;
} else {
if ($dep == 3) {
$user_can_be_edit = UserUtil::isThisLayoutAdmin($db, $id, $_SESSION['user']['name']);
}
}
}
}
if (!$user_can_be_edit) {
$this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
return;
}
} else {
//$topic 为其他值,那么就是回帖,而不是主题
$sql = 'select author, subject_id, layout_id from bbs_reply where id=?';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($id));
$rows = $res->FetchRow();
if (!$rows['author']) {
$this->AlertAndBack(SE_TOPIC_ID_IS_NOT_EXISTS);
return;
}
//如果存在,
//则判断用户是否有权限
$user_name = $rows['author'];
$subject_id = $rows['subject_id'];
$bbs_id = $rows['layout_id'];
$user_can_be_edit = 0;
if (strtolower($_SESSION['user']['name']) == strtolower($user_name)) {
$user_can_be_edit = 1;
} else {
if (strtolower($_SESSION['user']['name']) != strtolower($user_name)) {
//判断用户是否是这个版块的版主。
$dep = UserUtil::getUserDep($db, $_SESSION['user']['name']);
if ($dep == 1 || $dep == 2) {
$user_can_be_edit = 1;
} else {
if ($dep == 3) {
$user_can_be_edit = UserUtil::isThisLayoutAdmin($db, $subject_id, $_SESSION['user']['name']);
}
}
}
}
if (!$user_can_be_edit) {
$this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
return;
}
}
/*}}}*/
//判断做完了,则可以开始进行更新了。
//求现在的时间
$now = getNoFormateCurrentDate();
if ($topic) {
$user_name = $_SESSION['user']['name'];
$sql = 'update bbs_subject set title=?, content=?, express=?, is_edit=1, ' . ' edit_user=?, edit_time=? where id=?';
$sth = $this->db->prepare($sql);
$this->db->execute($sth, array($title, $content, $express, $user_name, $now, $id));
if ($this->db->ErrorNo()) {
$this->AlertAndBack($this->db->ErrorMsg());
return;
}
if ($delattach) {
//删除这个附件
$sql = 'select file_type from bbs_subject_attach where subject_id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->execute($sth, array($id));
$rows = $res->FetchRow();
$file_type = $rows['file_type'];
$del_sql = 'delete from bbs_subject_attach where subject_id=?';
$sth = $this->db->prepare($del_sql);
$this->db->execute($sth, array($id));
//删除文件。
$filename = ROOT_PATH . 'upload/attach/' . $id . $file_type;
unlink($filename);
}
} else {
$user_name = $_SESSION['user']['name'];
$sql = 'update bbs_reply set title=?, content=?, express=?, is_edit=1, ' . ' edit_user=?, edit_time=? where id=?';
$sth = $this->db->prepare($sql);
$this->db->execute($sth, array($title, $content, $express, $user_name, $now, $id));
if ($this->db->ErrorNo()) {
$this->AlertAndBack($this->db->ErrorMsg());
return;
}
if ($delattach) {
//删除这个附件
$sql = 'select file_type from bbs_reply_attach where reply_id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->execute($sth, array($id));
$rows = $res->FetchRow();
$file_type = $rows['file_type'];
$del_sql = 'delete from bbs_reply_attach where reply_id=?';
$sth = $this->db->prepare($del_sql);
$this->db->execute($sth, array($id));
//删除文件。
$filename = ROOT_PATH . 'upload/attach/reply/' . $id . $file_type;
unlink($filename);
}
}
//编辑成功后,返回当时的页面
if ($topic) {
//如果是主页
//则返回第一页
$this->TipsAndForward(SE_SAVE_EDIT_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $id);
return;
} else {
//不是主题
//则是回复
//求这个回帖的位置所在的位置
$sql = 'select subject_id from bbs_reply where id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->Execute($sth, array($id));
$rows = $res->FetchRow();
$sort_number = TopicUtil::getSortNumber($this->db, $rows['subject_id'], $id);
$page = ceil($sort_number / 10);
//这里还有很多的工作需要做
$this->TipsAndForward(SE_SAVE_EDIT_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $rows['subject_id'] . '&page=' . $page . '#topic' . $sort_number);
}
}
/**
* 保存用户发送的短消息
* @param: NULL
* @return: NULL
* @access: public
*/
public function run()
{
//求得用户的id
$user_id = UserUtil::getUserId($this->db, $_SESSION['user']['name']);
//收集变量,并对每个变量进行一定的判断
//接收用户
$receive_user = $this->getParameterFromPOST('username');
if (!$receive_user) {
$this->AlertAndBack(RECEIVE_USER_IS_NULL);
return;
}
//短消息标题
$title = $this->getParameterFromPOST('title');
if (!$title) {
$this->AlertAndBack(TITLE_IS_NULL);
return;
}
if (strlen($title) > 150) {
$this->AlertAndBack(TITLE_LENGTH_IS_TO_LONGER);
return;
}
//短消息的内容
$content = $this->getParameterFromPOST('content');
if (!$content) {
$this->AlertAndBack(CONTENT_IS_NULL);
return;
}
$user_array = preg_split('/,/', $receive_user);
$faild_array = array();
foreach ($user_array as $user_item) {
$sql = 'select count(*) as num from base_user_info where user_name=?';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array(strtolower($user_item)));
$rows = $res->FetchRow();
if ($rows['num']) {
$receive_user_id = UserUtil::getUserId($this->db, $user_item);
$now_time = getNoFormateCurrentDate();
//开始发送短消息
$sql = 'insert into message_inbox (user_id, send_user_id, title, receive_time, ' . 'content) values (?, ?, ?, ?, ?)';
$sth = $this->db->Prepare($sql);
$this->db->Execute($sth, array($receive_user_id, $user_id, $title, $now_time, $content));
//开始向用户自己的发件箱插入一条记录。
$sql = 'insert into message_outbox ( user_id, receive_user_id, title, send_time, ' . ' content ) values ( ?, ?, ?, ?, ?)';
$sth = $this->db->Prepare($sql);
$this->db->Execute($sth, array($user_id, $receive_user_id, $title, $now_time, $content));
} else {
$faild_array[] = $user_item;
}
}
//接收回转的URL
$back_url = $this->getParameterFromPOST('backurl');
$user_failed_string = '';
$show_message = SE_SEND_SUCCESS;
if (!empty($faild_array)) {
$user_failed_string = implode(',', $faild_array);
$show_message .= "<br><br>" . HAVE_THOSE_FAILED . ":<br>" . $user_failed_string . "<br>";
}
if (!$back_url) {
$this->TipsAndForward($show_message, 'index.php?module=message&action=send');
} else {
$back_url = base64_decode($back_url);
$this->TipsAndForward($show_message, $back_url);
}
return;
}
/**
* 显示用户发送短信的界面
*/
public function run()
{
$id = $this->getParameterFromPOST('id');
$type = $this->getParameterFromPOST('type');
if ($type != 'topic') {
$type = 'topic';
}
//
//拿到userid
$user_id = UserUtil::getUserId($this->db, $_SESSION['user']['name']);
$favor_dir = $this->getParameterFromPOST('favor_dir');
$add_new_favor_dir = $this->getParameterFromPOST('add_new_favor_dir');
if ($add_new_favor_dir) {
//我们将添加一个收藏目录
$sql = 'insert into favor_dir ( user_id, dir_name ) values (?, ?)';
$stmt = $this->db->prepare($sql);
$this->db->Execute($stmt, array($user_id, $add_new_favor_dir));
$favor_dir = $this->db->Insert_ID();
} else {
//检查用户选择的收藏目录ID
$sql = 'select count(*) as num from favor_dir where user_id=? and id=?';
$stmt = $this->db->Prepare($sql);
$res = $this->db->Execute($stmt, array($user_id, $favor_dir));
$rows = $res->FetchRow();
if (!$rows['num']) {
$this->AlertAndBack(SF_FAVOR_DIR_NOT_BE_CHOICE);
return;
}
}
//检查用户传入的topic是否存在
$sql = 'select count(*) as num from bbs_subject where id=?';
$stmt = $this->db->prepare($sql);
$res = $this->db->Execute($stmt, array($id));
$rows = $res->FetchRow();
if (!$rows['num']) {
$this->AlertAndForward(SF_TOPIC_IS_NOT_EXISTS);
return;
}
$back_url = $this->getParameterFromPOST('backurl');
//检查是否已经添加了该收藏到指定的目录中了
$sql = 'select count(*) as num from favor where user_id=? and dir_id=? and ' . ' type=? and favor_id=? ';
$stmt = $this->db->prepare($sql);
$res = $this->db->execute($stmt, array($user_id, $favor_dir, $type, $id));
$rows = $res->FetchRow();
if ($rows['num']) {
$this->AlertAndForward(SF_FAVOR_HAD_BEEN_ADD, base64_decode($back_url));
return;
}
//加入收藏
$sql = 'insert into favor (user_id, dir_id, type, favor_id, add_date ) ' . ' values (?, ?, ?, ?, ?) ';
$stmt = $this->db->prepare($sql);
$this->db->Execute($stmt, array($user_id, $favor_dir, $type, $id, getNoFormateCurrentDate()));
if ($this->db->ErrorNo()) {
$this->AlertAndForward($this->db->ErrorMsg());
return;
} else {
$this->TipsAndForward(SF_ADD_SUCCESS, base64_decode($back_url));
return;
}
}
/**
* 处理用户的注册请求
* @param: NULL
* @return: NULL
* @access; public
*/
public function run()
{
/**
* 现判断用户是否已经登录,
* 如果已经登录,则不能再次注册
*/
if (isset($_SESSION['user'])) {
$this->AlertAndForward(RE_USER_HAD_LOGIN);
return;
}
/**
* 收集变量
*/
$username = $this->getParameterFromPost('username');
//用户名
$useremail = $this->getParameterFromPost('useremail');
//用户邮件
$userpass = $this->getParameterFromPost('userpass');
//用户密码
$userpasscheck = $this->getParameterFromPost('userpasscheck');
//校验密码
$check_code = strtolower($this->getParameterFromPost('checkcode'));
//注册校验密码
$userhead = $this->getParameterFromPost('persionimage');
//用户选择的头像
$public_email = $this->getParameterFromPost('public_email');
//是否公开用户的邮件
if ($public_email != 1) {
$public_email = 0;
}
$username = strtolower($username);
//校验用户名
if (!$username || strlen($username) <= 0) {
/*{{{*/
$this->AlertAndForward(RE_USER_NAME_NOT_EMPTY, 'index.php?module=user&action=register');
return;
}
if (strlen($username) > 30) {
$this->AlertAndForward(RE_USER_NAME_TOO_LONG, 'index.php?module=user&action=register');
return;
}
/*}}}*/
//注意保留用户名
if (strtolower($username) == 'system') {
/*{{{*/
$this->AlertAndForward(RE_USER_NAME_IS_KEEP, 'index.php?module=user&action=register');
return;
}
/*}}}*/
//验证用户名是否已经存在
$db = $this->getDB();
/*{{{*/
$sql = 'select count(*) as num from base_user_info where lower(user_name)=';
$sql .= $db->qstr(strtolower($username), get_magic_quotes_gpc());
$res = $db->Execute($sql);
$rows = $res->FetchRow();
$num = $rows['num'];
if ($num) {
$this->AlertAndForward(RE_USER_NAME_EXISTS, 'index.php?module=user&action=register');
return;
}
/*}}}*/
//校验用户的邮件的合法性
if (!$useremail || strlen($useremail) <= 0) {
/*{{{*/
$this->AlertAndForward(RE_USER_EMAIL_NOT_EMPTY, 'index.php?module=user&action=register');
return;
}
/*}}}*/
//校验用户邮件格式的合法性
if (!preg_match("/^([a-zA-Z0-9_-])+@([a-zA-Z0-9_-])+(\\.[a-zA-Z0-9_-])+/i", $useremail)) {
/*{{{*/
$this->AlertAndForward(RE_USER_EMAIL_FORMAT_ERROR, 'index.php?module=user&action=register');
return;
}
/*}}}*/
//验证用户邮件是否存在
$sql = 'select count(*) as num from base_user_info where lower(user_email)=';
/*{{{*/
$sql .= $db->qstr(strtolower($useremail), get_magic_quotes_gpc());
$res = $db->Execute($sql);
$rows = $res->FetchRow();
$num = $rows['num'];
if ($num) {
$this->AlertAndForward(RE_USER_EMAIL_EXISTS, 'index.php?module=user&action=register');
return;
}
/*}}}*/
//校验密码和验证密码
if (strlen($userpass) <= 0 || strlen($userpasscheck) <= 0) {
/*{{{*/
$this->AlertAndForward(RE_USER_PASS_NOT_EMPTY, 'index.php?module=user&action=register');
return;
}
if ($userpass != $userpasscheck) {
$this->AlertAndForward(RE_PASS_NOT_CHECK, 'index.php?module=user&action=register');
return;
}
/*}}}*/
//校验用户的头像
if (!$userhead) {
/*{{{*/
$userhead = 1;
}
if (!$userhead) {
$userhead = 1;
}
if ($userhead > 37) {
$userhead = 37;
}
/*}}}*/
//从session得到已经存储的校验密码
$register_check_code = strtolower($_SESSION['register_check_code']);
//校验如果是验证码不对,则提示。
if ($check_code != $register_check_code) {
/*{{{*/
$this->AlertAndForward(RE_CHECK_CODE_NOT_VALIDATE, 'index.php?module=user&action=register');
return;
}
/*}}}*/
//注册性别
$register_gender = $this->getParameterFromPost('register_gender');
if ($register_gender != 'keep' && $register_gender != 'male' && $register_gender != 'female') {
$register_gender = 'keep';
}
//来自哪里
$user_hometown = $this->getParameterFromPost('user_hometown');
if (empty($user_hometown)) {
$user_hometown = '';
}
//生日
$birthday_year = $this->getParameterFromPost('birthday_year');
$birthday_month = $this->getParameterFromPost('birthday_month');
$birthday_day = $this->getParameterFromPost('birthday_day');
//检查日期的合法性
$check_time = mktime(0, 0, 0, $birthday_month, $birthday_day, $birthday_year);
if (!$check_time || $check_time == -1) {
$this->AlertAndForward(RE_CHECK_BIRTHDAY_NOT_VALIDATE, 'index.php?module=user&action=register');
return;
}
$birthday_date = $birthday_year . '-' . $birthday_month . '-' . $birthday_day;
//个人网站
$user_website = $this->getParameterFromPost('user_website');
if (empty($user_website)) {
$user_website = '';
}
//默认语言
//目前只支持一种语言。所以写死在这儿了
$user_lang = $this->getParameterFromPost('user_lang');
if ($user_lang != 'zh') {
$user_lang = 'zh';
}
//界面风格
$user_theme = $this->getParameterFromPost('user_theme');
if ($user_theme != 'new' || $user_theme != 'newll') {
$user_theme = 'new';
}
//是否接收新邮件
//
$receive_system_email = $this->getParameterFromPost('receive_system_email');
if ($receive_system_email != 1 || $receive_system_email != 0) {
$receive_system_email = 1;
}
//是否接收系统消息
$receive_system_message = $this->getParameterFromPost('receive_system_message');
if ($receive_system_message != 1 || $receive_system_message != 0) {
$receive_system_message = 1;
}
//个性化签名
$user_sign = $this->getParameterFromPost('user_sign');
if (empty($user_sign)) {
$user_sign = '';
}
if (!get_magic_quotes_gpc()) {
}
//通过所有的验证,开始进行真正的注册动作
//查询新用户默认所属于的组
/*
$sql = 'select user_grp from new_user_group';
$res = $db->SelectLimit($sql, 1, 0);
$rows = $res->FetchRow();
$user_grp = $rows['user_grp'];
*/
if (!$user_grp) {
$user_grp = 4;
}
$sql = 'insert into base_user_info (
user_name,
user_password,
user_email,
user_header,
public_user_email,
group_dep,
register_date,
user_gender,
user_hometown,
user_birthday,
user_website,
user_sign
) values
(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,?) ';
$now = getNoFormateCurrentDate();
$stmt = $db->prepare($sql);
//插入数据库
$db->Execute($stmt, array($username, md5($userpass), $useremail, $userhead, $public_email, $user_grp, $now, $register_gender, $user_hometown, $birthday_date, $user_website, $user_sign));
if ($db->ErrorNo()) {
$this->AlertAndForward($db->ErrorMsg(), 'index.php?module=user&action=register');
return;
}
$temp_user_id = $db->Insert_ID();
$sql = 'insert into user_setting (user_lang, user_theme, user_whether_receive_email, ' . 'receive_system_message, user_id ) values (?, ?, ?, ?, ? ) ';
$sth = $db->Prepare($sql);
$db->Execute($sth, array($user_lang, $user_theme, $receive_system_email, $receive_system_message, $temp_user_id));
unset($_SESSION['register_check_code']);
//注册成功
$this->TipsAndForward(RE_REGISTER_SUCCESS, 'index.php?module=user&action=showlogin');
return;
}
