# $db->update("DELETE FROM pw_threads WHERE tid IN ($selids)"); # ThreadManager $threadManager = L::loadClass("threadmanager"); $threadManager->deleteByThreadIds($fid, $selids); P_unlink(D_P . 'data/bbscache/c_cache.php'); adminmsg('operate_success', "{$basename}&action=postcate&pcid={$pcid}"); } elseif ($action == 'editpostcate') { if (empty($_POST['step'])) { extract($db->get_one("SELECT pcid,name,ifable,vieworder FROM pw_postcate WHERE pcid=" . pwEscape($pcid))); ifcheck($ifable, 'ifable'); include PrintEot('postcate'); exit; } elseif ($_POST['step'] == 2) { InitGP(array('name')); InitGP(array('ifable', 'vieworder'), 'P', 2); $name = trim(ieconvert($name)); if (!$name || strlen($name) > 14) { adminmsg('topic_name'); } $db->update("UPDATE pw_postcate" . " SET " . pwSqlSingle(array('name' => $name, 'ifable' => $ifable, 'vieworder' => $vieworder)) . " WHERE pcid=" . pwEscape($pcid)); updatecache_postcate(); adminmsg('operate_success', $basename); } } elseif ($action == 'postcatelist') { InitGP(array('selid', 'vieworder')); !is_array($selid) && ($selid = array()); $updatedb = array(); foreach ($selid as $key => $value) { if (is_numeric($key)) { $key = (int) $key; $updatedb[] = $key;
function ieconvert($msg) { if (is_array($msg)) { foreach ($msg as $key => $value) { $msg[$key] = ieconvert($value); } } else { $msg = str_replace(array("\t", "\r", ' '), array('', '', ' '), $msg); } return $msg; }
$config['creditlog'] = is_array($creditlog) ? $creditlog : array(); unset($creditpay, $creditset, $creditlog); } if ($admintype == 'reg' || $settingdb['reg']) { if (!pwWritable(D_P . 'data/bbscache/dbreg.php') && !chmod(D_P . 'data/bbscache/dbreg.php', 0777)) { adminmsg('dbreg_777'); } InitGP(array('reg'), 'P', 0); InitGP(array('namelen', 'pwdlen', 'regcredit'), 'P', 2); $reg['email'] = trim($reg['email'], ','); $reg['banemail'] = trim($reg['banemail'], ','); $reg['banname'] = trim($reg['banname'], ','); $reg['allowsameip'] = trim($reg['allowsameip'], ','); $reg['rgpermit'] = nl2br(ieconvert($reg['rgpermit'])); $reg['welcomemsg'] = ieconvert($reg['welcomemsg']); $reg['whyregclose'] = ieconvert($reg['whyregclose']); if (abs($reg['timeend'] - $reg['timestart']) > 150) { adminmsg('reg_timelimit'); } if ($namelen['max'] < 1 || $namelen['max'] > 15) { $namelen['max'] = 15; } if ($namelen['min'] < 1 || $namelen['min'] > $namelen['max']) { adminmsg('reg_username_limit'); } if ($pwdlen['min'] < 1 || $pwdlen['max'] && $pwdlen['min'] > $pwdlen['max']) { adminmsg('reg_password_limit'); } $reg['pwdlen'] = $pwdlen['min'] . "\t" . $pwdlen['max']; $reg['namelen'] = $namelen['min'] . "\t" . $namelen['max']; $reg['regcredit'] = is_array($regcredit) ? $regcredit : array();
if ($image_type[$k] == 0) { $v = trim($v); if ('' != $v) { $block_data[] = array('image' => $v, 'url' => trim($url[$k]), 'title' => trim($title[$k]), 'descrip' => trim($descrip[$k])); } } else { $imgUrl = stopicUploadImg($k); if ($imgUrl == false) { continue; } $block_data[] = array('image' => $imgUrl, 'url' => trim($url[$k]), 'title' => trim($title[$k]), 'descrip' => trim($descrip[$k])); } } } } elseif ('html' == $block_type) { $html = ieconvert($_POST['html']); if (is_array($html)) { foreach ($html as $k => $v) { $v = trim($v); if ('' != $v) { $block_data[] = array('html' => $v); } } } } elseif ('picPlyr' == $block_type) { S::gp(array('url', 'image', 'title', 'image_upload', 'image_type')); L::loadClass('stopicupload', 'upload', false); if (is_array($image)) { foreach ($image as $k => $v) { if ($image_type[$k] == 0) { $v = trim($v);
$ckdisplay = Displayfid(); $startdate && ($startdate = get_date($startdate, 'Y-m-d H:i')); $enddate && ($enddate = get_date($enddate, 'Y-m-d H:i')); $vieworder = (int) $vieworder; include PrintEot('notice'); exit; } else { $successurl = $basename; $basename .= "&action=edit&aid={$aid}"; $fid = (int) $_POST['fid']; !$fid && adminmsg('annouce_fid'); !Checkright($fids, $fid) && adminmsg('annouce_right'); $basename .= "&fid={$fid}"; $atc_title = trim(ieconvert($_POST['atc_title'])); !$atc_title && adminmsg('annouce_title'); $atc_content = trim(ieconvert($_POST['atc_content'])); $url = trim(S::escapeChar(str_replace(array('"', "'", '\\'), '', $_POST['url']))); !$atc_content && !$url && adminmsg('annouce_content'); $startdate = $_POST['startdate'] ? PwStrtoTime($_POST['startdate']) : $timestamp; $enddate = $_POST['enddate'] ? PwStrtoTime($_POST['enddate']) : ''; $enddate && $enddate <= $startdate && adminmsg('annouce_time'); // !Datecheck($fid,$startdate,$enddate,$aid) && adminmsg('annouce_date'); S::gp(array('ifopen', 'vieworder'), 'P', 2); /** $db->update("UPDATE pw_announce" . " SET " . S::sqlSingle(array( 'fid' => $fid, 'ifopen' => $ifopen, 'vieworder' => $vieworder, 'startdate' => $startdate, 'enddate' => $enddate, 'url' => $url, 'subject' => $atc_title, 'content' => $atc_content ))