} $u = $album['ownerid']; $username = $album['owner']; } elseif ($a == 'view') { InitGP(array('pid')); $db->update("UPDATE pw_cnphoto SET hits=hits+1 WHERE pid=" . pwEscape($pid)); //$photo = $db->get_one("SELECT p.pid,p.aid,p.pintro,p.path as basepath,p.uploader,p.uptime,p.hits,p.c_num,p.ifthumb,a.aname,a.private, a.ownerid,a.owner,a.photonum,m.groupid FROM pw_cnphoto p LEFT JOIN pw_cnalbum a ON p.aid=a.aid LEFT JOIN pw_members m ON p.uploader=m.username WHERE p.pid=" . pwEscape($pid) . " AND a.atype='0'"); # album photos $nearphoto = array(); $register = array('db_shield' => $db_shield, "groupid" => $groupid, "pwModeImg" => $pwModeImg); require_once R_P . 'lib/showpicture.class.php'; $sp = new PW_ShowPicture($register); list($photo, $nearphoto, $prePid, $nextPid) = $sp->getPictures($pid, $aid); $isown = $photo['ownerid'] == $winduid ? '1' : '0'; empty($photo) && Showmsg('data_error'); if ($photo['ownerid'] != $winduid && $photo['private'] == 1 && !isFriend($photo['ownerid'], $winduid) && $groupid != 3) { Showmsg('mode_o_photos_private'); } $photo['uptime'] = get_date($photo['uptime']); $photo['path'] = getphotourl($photo['basepath']); if ($photo['groupid'] == 6 && $db_shield && $groupid != 3) { $photo['path'] = $pwModeImg . '/banuser.gif'; $photo['pintro'] = appShield('ban_photo_pintro'); } $u = $photo['ownerid']; $username = $photo['owner']; $aid = $photo['aid']; $num = $db->get_value("SELECT COUNT(*) AS sum FROM pw_cnphoto WHERE aid=" . pwEscape($photo['aid']) . ' AND pid<=' . pwEscape($pid)); // $up_photo = $db->get_one("SELECT p.pid,p.path,p.ifthumb,m.groupid FROM pw_cnphoto p LEFT JOIN pw_cnalbum a ON p.aid=a.aid LEFT JOIN pw_members m ON p.uploader=m.username WHERE p.pid<".pwEscape($pid)." AND a.ownerid=".pwEscape($u)." AND p.aid=".pwEscape($aid)." ORDER BY pid DESC"); // if ($up_photo) { // $up_photo['path'] = getphotourl($up_photo['path'],$up_photo['ifthumb']);
if (empty($asearchdb)) { showmsg('topic_search_forum'); } require_once PrintEot('ajax'); ajax_footer(); } elseif ($action == 'pcjoin') { InitGP(array('tid', 'thelast', 'authorid', 'pcid'), 2); if ($thelast != 1) { //$sign = $db->get_value("SELECT sign FROM pw_postcate WHERE pcid=".pwEscape($pcid)); $pcvaluetable = GetPcatetable($pcid); $fieldvalue = $db->get_one("SELECT objecter,limitnum,payway,deposit,price FROM {$pcvaluetable} WHERE tid=" . pwEscape($tid)); $membernum = $db->get_value("SELECT SUM(nums) FROM pw_pcmember WHERE tid=" . pwEscape($tid)); $payway = $fieldvalue['payway']; if (empty($_POST['step'])) { $authorid == $winduid && Showmsg('pcjoin_ownnotjoin'); $isU = $fieldvalue['objecter'] == 2 && isFriend($authorid, $winduid) || $fieldvalue['objecter'] == 1 ? 1 : 0; $fieldvalue['limitnum'] && ($morenum = $fieldvalue['limitnum'] - $membernum); require_once PrintEot('ajax'); ajax_footer(); } elseif ($_POST['step'] == '1') { PostCheck(); InitGP(array('nums', 'phone', 'mobile', 'address', 'zip', 'message', 'extra', 'name')); if (!$mobile || !$name) { Showmsg('pcjoin_mobile_error'); } if ($fieldvalue['limitnum'] && $fieldvalue['limitnum'] - $membernum < $nums) { if ($pcid == 1) { Showmsg('pcjoin_pcid_more'); } elseif ($pcid == 2) { Showmsg('pcjoin_more'); }
/** * 获取个人空间左侧栏信息 */ function getAppleftinfo($u, $type = false) { global $db, $db_plist, $winduid, $db_upgrade, $credit; $userdb = array(); $userdb = $db->get_one("SELECT m.uid,m.username,m.email,m.groupid,m.icon,md.rvrc,md.money,md.credit,md.currency,md.digests,md.postnum,md.lastpost,md.onlinetime,ud.diarynum,ud.photonum,ud.owritenum,ud.groupnum,ud.sharenum,ud.diary_lastpost,ud.photo_lastpost,ud.owrite_lastpost,ud.group_lastpost,ud.share_lastpost FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid LEFT JOIN pw_ouserdata ud ON m.uid=ud.uid WHERE m.uid=" . pwEscape($u)); $ismyfriend = isFriend($winduid, $u); $friendcheck = getstatus($userdb['userstatus'], 3, 3); // $usericon = showfacedesign($userdb['icon'],true); list($usericon) = showfacedesign($userdb['icon'], 1, 'm'); $usercredit = array('postnum' => $userdb['postnum'], 'digests' => $userdb['digests'], 'rvrc' => $userdb['rvrc'], 'money' => $userdb['money'], 'credit' => $userdb['credit'], 'currency' => $userdb['currency'], 'onlinetime' => $userdb['onlinetime']); foreach ($credit->get($userdb['uid'], 'CUSTOM') as $key => $value) { $usercredit[$key] = $value; } $totalcredit = CalculateCredit($usercredit, unserialize($db_upgrade)); $userdb['rvrc'] /= 10; $app_with_count = array('topic', 'diary', 'photo', 'owrite', 'group', 'share'); foreach ($app_with_count as $key => $value) { $postnum = $posttime = ''; $appcount[$value] = getPostnumByType($value, $userdb, true); } $p_list = $db_plist && count($db_plist) > 1 ? $db_plist : array(); return array($userdb, $ismyfriend, $friendcheck, $usericon, $usercredit, $totalcredit, $appcount, $p_list); }
} else { InitGP('ftid', '', 2); if (isset($_GET['ftid'])) { $ftype = (int) GetGP('ftid'); } $username = $windid; $query = $db->query("SELECT * FROM pw_friendtype WHERE uid=" . pwEscape($winduid) . " ORDER BY ftid"); $friendtype = array(); while ($rt = $db->fetch_array($query)) { $friendtype[$rt['ftid']] = $rt; } $count = $winddb['f_num']; list($pages, $limit) = pwLimitPages($count, $page, "{$thisbase}"); } $friends = getFriends($u, $start, $db_perpage, $ftype, 1); if ($friends) { foreach ($friends as $key => $value) { $value['isfriend'] = isFriend($winduid, $value['uid']); $friends[$key] = $value; } } } require_once M_P . 'require/header.php'; if ($space == 1) { require_once R_P . 'require/credit.php'; list($userdb, $ismyfriend, $friendcheck, $usericon, $usercredit, $totalcredit, $appcount, $p_list) = getAppleftinfo($u); require_once PrintEot('user_friend'); } else { require_once PrintEot('m_friend'); } footer();
} else { Showmsg('undefined_action'); } } elseif ($a == 'postboard') { require_once R_P . 'require/postfunc.php'; banUser(); InitGP(array('uid', 'title'), 'P'); $title = str_replace('=', '=', $title); $uid = (int) $uid; if (!$uid) { Showmsg('undefined_action'); } if ($uid == $winduid) { Showmsg('mode_o_board_self'); } if (!isFriend($uid, $winduid)) { Showmsg('mode_o_board_not_friend'); } if (strlen($title) > 3 && strlen($title) > 200) { Showmsg('mode_o_board_too_lang'); } $tousername = $db->get_value("SELECT username FROM pw_members WHERE uid=" . pwEscape($uid)); if (!$tousername) { Showmsg('undefined_action'); } require_once R_P . 'require/bbscode.php'; $wordsfb = L::loadClass('FilterUtil'); if (($banword = $wordsfb->comprise($title, false)) !== false) { Showmsg('title_wordsfb'); } $data = array('uid' => $winduid, 'username' => $windid, 'touid' => $uid, 'title' => $title, 'postdate' => $timestamp, 'ifwordsfb' => $wordsfb->ifwordsfb(stripslashes($title)));
function getUserPostswithComments($userId) { $isFriend = isFriend($userId); if ($isFriend || $userId == $_SESSION["user_id"]) { $res = conn()->query("SELECT posts.*, users.username, users.profile_pic, users.gender\n FROM posts INNER JOIN users ON (users.id = posts.user_id)\n HAVING user_id ='{$userId}'\n ORDER BY posts.created_at DESC\n "); } else { $res = conn()->query("SELECT posts.*, users.username, users.profile_pic, users.gender\n FROM posts INNER JOIN users ON (users.id = posts.user_id)\n HAVING user_id ='{$userId}' AND is_private=b'0'\n ORDER BY posts.created_at DESC\n "); } $posts = convertToArray($res); foreach ($posts as $ind => $post) { $posts[$ind]['comments'] = getPostComments($post['id']); $posts[$ind]['liked'] = isLiked($_SESSION["user_id"], $post['id']); $posts[$ind]['likes'] = getPostLikes($post['id']); if (!$posts[$ind]['profile_pic']) { if ($posts[$ind]['gender'] == 'male') { $posts[$ind]['profile_pic'] = 'assets/uploaded_images/default/male.jpg'; } else { $posts[$ind]['profile_pic'] = 'assets/uploaded_images/default/female.jpg'; } } foreach ($posts[$ind]['comments'] as $ind2 => $comment) { if (!$posts[$ind]['comments'][$ind2]['profile_pic']) { if ($posts[$ind]['comments'][$ind2]['gender'] == 'male') { $posts[$ind]['comments'][$ind2]['profile_pic'] = 'assets/uploaded_images/default/male.jpg'; } else { $posts[$ind]['comments'][$ind2]['profile_pic'] = 'assets/uploaded_images/default/female.jpg'; } } } } return $posts; }
$sqladd = 'm.uid=' . pwEscape($u); } $spaceurl = $basename . "space=1&u={$u}&"; include_once D_P . 'data/bbscache/level.php'; require_once R_P . 'require/showimg.php'; $userdb = $db->get_one("SELECT m.uid,m.username,m.email,m.groupid,m.memberid,m.icon,m.gender,m.regdate,m.introduce,m.oicq,m.msn,m.yahoo,m.site,m.location,m.honor,m.bday,m.medals,m.userstatus,md.thisvisit,md.onlinetime,md.postnum,md.digests,md.rvrc,md.money,md.credit,md.currency,md.lastvisit,md.lastpost,md.todaypost,md.onlineip,md.f_num,ud.index_privacy,ud.profile_privacy,ud.info_privacy,ud.credit_privacy,ud.owrite_privacy,ud.msgboard_privacy,ud.visits,ud.tovisits,ud.tovisit,ud.whovisit,ud.diarynum,ud.photonum,ud.owritenum,ud.groupnum,ud.sharenum,ud.diary_lastpost,ud.photo_lastpost,ud.owrite_lastpost,ud.group_lastpost,ud.share_lastpost FROM pw_members m LEFT JOIN pw_memberdata md ON m.uid=md.uid LEFT JOIN pw_ouserdata ud ON m.uid=ud.uid WHERE " . $sqladd); if (empty($userdb)) { $errorname = ''; Showmsg('user_not_exists'); } $u = $userdb['uid']; list($isU, $privacy) = pwUserPrivacy($u, $userdb); if ($groupid == 3 || $isU == 2 || $isU != 2 && $privacy['index']) { $SpaceShow = 1; } $ismyfriend = isFriend($winduid, $u); $friendcheck = getstatus($userdb['userstatus'], 3, 3); $userdb['honor'] = substrs($userdb['honor'], 90); //$usericon = showfacedesign($userdb['icon'],true); list($usericon, , , , , , , $imglen) = showfacedesign($userdb['icon'], 1, 'm'); $onlinetime = isset($userdb['onlinetime']) ? $userdb['onlinetime'] : 0; if ($userdb['onlinetime']) { $userdb['onlinetime'] = floor($userdb['onlinetime'] / 3600); } else { $userdb['onlinetime'] = 0; } $systitle = $userdb['groupid'] == '-1' ? '' : $ltitle[$userdb['groupid']]; $memtitle = $ltitle[$userdb['memberid']]; $usercredit = array('postnum' => $userdb['postnum'], 'digests' => $userdb['digests'], 'rvrc' => $userdb['rvrc'], 'money' => $userdb['money'], 'credit' => $userdb['credit'], 'currency' => $userdb['currency'], 'onlinetime' => $onlinetime); foreach ($credit->get($userdb['uid'], 'CUSTOM') as $key => $value) { $usercredit[$key] = $value;
$posts = getPostsOnUserWall($user); $first = TRUE; $lastNewId = ""; foreach ($posts as $post) { if ($post->messageType == 'NEW') { $lastNewId = $post->Id; if (!$first) { echo "</div>"; } else { $first = FALSE; } echo "<div class=\"wallPost\">"; } $class = $post->messageType == 'REPLY' ? "reply" : "comment"; echo "<p id=\"{$class}\"><b>{$post->sender}: </b>{$post->message}</p>"; if ($class == 'comment' && (isFriend($_SESSION['username'], $uname) || $_SESSION['username'] == $uname)) { echo "<form method=\"post\" action=\"" . htmlspecialchars($_SERVER['PHP_SELF']) . "?uname={$uname}\">"; echo '<textarea name="newReply" rows="2" cols="30">Add reply?</textarea>'; echo "<input type=\"submit\" value=\"Reply\" />"; echo "<input type=\"hidden\" name=\"addReplyFlag\" value=\"true\"/>"; echo "<input type=\"hidden\" name=\"commentId\" value=\"{$lastNewId}\"/>"; echo "</form>"; } } ?> </div> </div> <!-- End Wall blueprint -->
function isFriend($uid) { static $array = array(); if (!isset($array[$uid])) { $array[$uid] = isFriend($this->uid, $uid); } return $array[$uid]; }
if ($defaultValue['maxparticipant']) { $theMoreNum = $defaultValue['maxparticipant'] - $orderMemberNums; //剩余报名人数 $theMoreNum == 0 && Showmsg('act_signup_is_full'); //报名人数已满 } if (empty($_POST['step'])) { $memberdb = $db->get_one("SELECT nickname,mobile FROM pw_activitymembers WHERE tid=" . S::sqlEscape($tid) . "AND uid=" . S::sqlEscape($winduid) . " AND fupid=0 AND isadditional=0 ORDER BY signuptime DESC"); $signupType = array(); //报名人数类型 foreach ($feesdb as $key => $value) { $signupType[$key] = $value['condition']; } $fieldService = L::loadClass('ActivityField', 'activity'); $userlimitIfable = $fieldService->getFieldByModelIdAndName($actmid, 'userlimit'); $isU = !$userlimitIfable || $defaultValue['userlimit'] == 2 && isFriend($authorid, $winduid) || $defaultValue['userlimit'] == 1 ? 1 : 0; //报名限制 require_once PrintEot('ajax'); ajax_footer(); } elseif ($_POST['step'] == '2') { PostCheck(); S::gp(array('signup', 'telephone', 'mobile', 'address', 'message', 'ifanonymous', 'nickname')); $totalsignupnums = 0; $totalcash = 0; $newsignup = array(); foreach ($signup as $key => $value) { $value = (int) $value; $totalcash += $feesdb[$key]['money'] * $value; //总费用 $totalsignupnums += $value; //总人数
function isVisible($cookbook_id) { $visibility = getVisibility($cookbook_id); if ($visibility == 'PRIVATE') { return isset($_SESSION["loggedin"]) and isOwner($cookbook_id); } else { if ($visibility == 'PUBLIC') { return true; } else { if ($visibility == 'REGISTERED') { return isset($_SESSION["loggedin"]) and $_SESSION["loggedin"]; } else { if ($visibility == 'FRIENDLY') { return isset($_SESSION["loggedin"]) and (isOwner($cookbook_id) or isFriend($cookbook_id)); } } } } }
<form method="post" id="form-friend"> <input type="hidden" name="my_id" value="<?php echo $_SESSION["user_id"]; ?> "> <input type="hidden" name="friend_id" value="<?php echo $id; ?> "> <?php if ($_SESSION["user"] !== $email && !isFriend($_SESSION["user_id"], $id)) { ?> <input id="addFriend" class="accountLink" type="submit" name="addFriend" value="Add Friend"> <?php } elseif ($_SESSION["user"] !== $email && isFriend($_SESSION["user_id"], $id)) { ?> <input id="removeFriend" class="accountLink" type="submit" name="removeFriend" value="Remove Friend"> <?php } ?> </form> <hr> <ul id="info"> <li> Lives in: <?php echo $city . ", " . $country; ?> </li>