ckstart($start, $perpage); function get_ad($adid) { global $_SGLOBAL; $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('ad4dev') . " WHERE id={$adid}"); $ad = $_SGLOBAL['db']->fetch_array($query); return $ad; } if (submitcheck('adsubmit')) { $id = $_POST['id'] ? $_POST['id'] : '0'; $title = trim($_POST['title']); $url = trim($_POST['url']); $image = ''; $title = getstr($title, 30, 1, 1, 1); if ($_FILES['image']['tmp_name']) { $pic = pic_save($_FILES['image'], -1, $title); if (is_array($pic) && $pic['filepath']) { $image = $pic['filepath']; } } $adarr = array('title' => $title, 'url' => $url, 'display' => 1, 'modified_on' => date('Y-m-d H:i')); if ($image) { $adarr['image'] = $image; } if ($id) { updatetable('ad4dev', $adarr, array('id' => $id)); } else { $adarr['created_on'] = date('Y-m-d H:i'); $id = inserttable('ad4dev', $adarr, 1); updatetable('ad4dev', array('seq' => $id), array('id' => $id)); }
$blockdata['currentlayout'] = $currentlayout; $setarr['spacecss'] = daddslashes($spacecss); $setarr['blockposition'] = daddslashes(serialize($blockdata)); $setarr['theme'] = $style; DB::update('common_member_field_home', $setarr, "uid = {$_G['uid']}"); showmessage('do_success', 'home.php?mod=space' . ($_G['adminid'] == 1 && $_G['setting']['allowquickviewprofile'] ? '&view=admin' : '')); } if (submitcheck('uploadsubmit')) { $albumid = $picid = 0; if (!checkperm('allowupload')) { echo "<script>"; echo "alert(\"" . lang('spacecp', 'not_allow_upload') . "\")"; echo "</script>"; exit; } $uploadfiles = pic_save($_FILES['attach'], $_POST['albumid'], $_POST['pic_title'], false); if ($uploadfiles && is_array($uploadfiles)) { $albumid = $uploadfiles['albumid']; $picid = $uploadfiles['picid']; $uploadStat = 1; require_once libfile('function/spacecp'); album_update_pic($albumid); } else { $uploadStat = $uploadfiles; } $picurl = pic_get($uploadfiles['filepath'], 'album', $uploadfiles['thumb'], $uploadfiles['remote']); echo "<script>"; if ($uploadStat == 1) { echo "parent.spaceDiy.getdiy('diy', 'albumid', '{$albumid}');"; echo "parent.spaceDiy.setBgImage('{$picurl}');"; echo "parent.Util.toggleEle('upload');";
$teacher = isset($_POST['teacher']) ? intval($_POST['teacher']) : 0; $alumnus = isset($_POST['alumnus']) ? intval($_POST['alumnus']) : 0; //二进制形式 $usertype = $undergraduate . $postgraduate . $teacher . $alumnus; //转换为十进制形式 $usertype = bindec($usertype); //以下信息是自动完成 $applypass = 0; $applyuid = $_SGLOBAL['supe_uid']; $applytime = time(); $applyip = getonlineip(); $email = $_SGLOBAL['member']['email']; $name = getstr($name, 30, 1, 1, 1); //接收图片流:在这之前要验明$name的正身 if ($_FILES['logo']['tmp_name']) { $pic = pic_save($_FILES['logo'], -1, $name); if (is_array($pic) && $pic['filepath']) { $logo = $pic['filepath']; } } if ($category == 3) { $useapi = substr($_POST['api'], 4); $iauth_type = $_POST['iauthtype']; } else { $useapi = ''; $iauth_type = ''; } //插入数据库 $applyarr = array('name' => $name, 'iauth_name' => $iauth_name, 'logo' => $logo, 'desc' => $desc, 'url' => $url, 'app_url' => $app_url, 'back_url' => $back_url, 'category' => $category, 'iauth_type' => $iauth_type, 'usertype' => $usertype, 'starttime' => $starttime, 'endtime' => $endtime, 'status' => 'disable', 'type' => $type, 'useapi' => $useapi, 'applypass' => $applypass, 'applyuid' => $applyuid, 'applytime' => $applytime, 'applyip' => $applyip); //print_r($applyarr); $id = inserttable('apps', $applyarr, 1);
} elseif (empty($arr2['detail'])) { showmessage('event_detail_empty'); } elseif ($arr1['endtime'] - $arr1['starttime'] > 60 * 24 * 3600) { showmessage('event_bad_time_range'); } elseif ($arr1['endtime'] < $arr1['starttime']) { showmessage('event_bad_endtime'); } elseif ($arr1['deadline'] > $arr1['endtime']) { showmessage('event_bad_deadline'); } elseif (!$eventid && $arr1['starttime'] < $_SGLOBAL['timestamp']) { showmessage('event_bad_starttime'); } // Processing image $pic = array(); if ($_FILES['poster']['tmp_name']) { // Saved to the default album $pic = pic_save($_FILES['poster'], -1, $arr1['title']); if (is_array($pic) && $pic['filepath']) { // Upload successful $arr1['poster'] = $pic['filepath']; $arr1['thumb'] = $pic['thumb']; $arr1['remote'] = $pic['remote']; } } //Related Groups if ($_POST['tagid'] && (!$eventid || $event['uid'] == $_SGLOBAL['supe_uid']) && $_POST['tagid'] != $event['tagid']) { $_POST['tagid'] = intval($_POST['tagid']); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("tagspace") . " WHERE tagid='{$_POST['tagid']}' AND uid='{$_SGLOBAL['supe_uid']}' LIMIT 1"); if ($value = $_SGLOBAL['db']->fetch_array($query)) { if ($value['grade'] == 9) { $arr1['tagid'] = $value['tagid']; }
// showmessage("请上传FLV格式视频文件","plugin.php?pluginid=video&ac=upload"); // } if (!strstr($image['type'], "image")) { showmessage("封面请上传图片格式文件", "plugin.php?pluginid=video&ac=upload"); } if (!$abstract) { showmessage("请填写视频简介", "plugin.php?pluginid=video&ac=upload"); } if (!$desc) { showmessage("请填写视频描述", "plugin.php?pluginid=video&ac=upload"); } if (!$title) { showmessage("请填写视频标题", "plugin.php?pluginid=video&ac=upload"); } $video_detail = video_save($video, $title, $desc, $abstract); pic_save($image, 0, $title); $sql = "SELECT * FROM " . tname("pic") . " WHERE title='" . $title . "' order by dateline desc limit 1"; $picid = 0; $query = $_SGLOBAL['db']->query($sql); while ($row = $_SGLOBAL['db']->fetch_array($query)) { $picid = $row['picid']; } if ($video_detail && is_array($video_detail)) { include_once S_ROOT . './source/function_feed.php'; feed_publish($video_detail['id'], 'videoid'); } $sql = "UPDATE " . tname("video") . " SET picid = " . $picid . " WHERE id = " . $video_detail['id']; $_SGLOBAL['db']->query($sql); showmessage("视频已经成功上传", "plugin.php?pluginid=video"); exit; } elseif ($ac == 'add_view') {
if (strlen($WallDesc) < 20) { showmessage('至少10个汉字!'); } if (empty($WallStartTime) || empty($WallEndTime)) { showmessage('wall_time_illegal'); } if ($WallStartTime > $WallEndTime & $WallStartTime & $WallEndTime) { showmessage('wall_time_reverse'); } if (strtotime(date('Y-m-d')) > $WallEndTime & $WallEndTime) { showmessage('wall_endtime_early'); } if (empty($WallUid)) { showmessage('wall_uid_illegal'); } $arr = array("wallname" => $WallTitle, "content" => $WallDesc, "uid" => intval($WallUid), "starttime" => intval($WallStartTime), "endtime" => intval($WallEndTime), "pass" => '0', "timeline" => time(), "live" => $WallLive); $pic = array(); if ($_FILES['poster']['tmp_name']) { $pic = pic_save($_FILES['poster'], -1, $arr['wallname']); if (is_array($pic) && $pic['filepath']) { $arr['picture'] = $pic['filepath']; } } $wallid = inserttable('wall', $arr, 1); if ($wallid) { showmessage('申请成功,谢谢您的申请使用!', "{$theurl}", 2); } else { showmessage('do_failed'); } } include template('plugin/wall/template/wall_apply');
$bigimg = pic_get($attach['attachment'], 'forum', 0, $attach['remote']); echo "{\"aid\":{$attach['attachid']}, \"smallimg\":\"{$smallimg}\", \"bigimg\":\"{$bigimg}\", \"errorcode\":{$errorcode}}"; exit; } else { echo "{\"aid\":0, \"errorcode\":{$errorcode}}"; } } elseif ($_GET['operation'] == 'album') { $showerror = true; if (helper_access::check_module('album')) { require_once libfile('function/spacecp'); if ($_FILES["Filedata"]['error']) { $file = lang('spacecp', 'file_is_too_big'); } else { require_once libfile('function/home'); $_FILES["Filedata"]['name'] = addslashes(diconv(urldecode($_FILES["Filedata"]['name']), 'UTF-8')); $file = pic_save($_FILES["Filedata"], 0, '', true, 0); if (!empty($file) && is_array($file)) { $url = pic_get($file['filepath'], 'album', $file['thumb'], $file['remote']); $bigimg = pic_get($file['filepath'], 'album', 0, $file['remote']); echo "{\"picid\":\"{$file['picid']}\", \"url\":\"{$url}\", \"bigimg\":\"{$bigimg}\"}"; $showerror = false; } } } if ($showerror) { echo "{\"picid\":\"0\", \"url\":\"0\", \"bigimg\":\"0\"}"; } } elseif ($_GET['operation'] == 'yuexiamen') { $aid = intval($_POST['aid']); $msg = ''; $errorcode = 0;
} elseif (capi_submitcheck('uploadsubmit2')) { //上传图片 $albumid = $picid = 0; if (!checkperm('allowupload')) { if ($_SGLOBAL['mobile']) { capi_showmessage_by_data(cplang('not_allow_upload')); } else { echo "<script>"; echo "alert(\"" . cplang('not_allow_upload') . "\")"; echo "</script>"; exit; } } //上传 $_REQUEST['topicid'] = topic_check($_REQUEST['topicid'], 'pic'); $uploadfiles = pic_save($_FILES['attach'], $_REQUEST['albumid'], $_REQUEST['pic_title'], $_REQUEST['topicid']); if ($uploadfiles && is_array($uploadfiles)) { $albumid = $uploadfiles['albumid']; $picid = $uploadfiles['picid']; $uploadStat = 1; if ($eventid) { $arr = array("eventid" => $eventid, "picid" => $picid, "uid" => $_SGLOBAL['supe_uid'], "username" => $_SGLOBAL['supe_username'], "dateline" => $_SGLOBAL['timestamp']); inserttable("eventpic", $arr); } } else { $uploadStat = $uploadfiles; } if ($_SGLOBAL['mobile']) { if ($picid) { $uploadfiles['pic'] = pic_get($uploadfiles['filepath'], $uploadfiles['thumb'], $uploadfiles['remote']); capi_showmessage_by_data('do_success', 0, array("pic" => $uploadfiles));
//以下摘取addnews部分代码,私下觉得@功能不完整! preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s/U", $Message, $Matches, PREG_SET_ORDER); foreach ($Matches as $value) { $TmpString = $value[0]; $TmpName = $value[1]; $UserId = $value[2]; $result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}"); $rs = $_SGLOBAL['db']->fetch_array($result); $realname = $rs['name']; $ValidValue = getAtName($TmpString, $TmpName, $realname); $ValidValue = trim($ValidValue); $at_friend = "space.php?uid=" . $UserId; $Message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $Message); } $Message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $Message); $Message = preg_replace("/\\<br.*?\\>/is", ' ', $Message); chdir("../../"); include_once 'source/function_cp.php'; $MobileFile = pic_save($File, $_POST['albumid'], $Message, $_POST['topicid']); if ($MobileFile && is_array($MobileFile)) { $arr = array("username" => getstr($username, 30, 1, 1, 1), "message" => $Message, "uid" => intval($userid), "replynum" => 0, "mood" => 0, 'dateline' => $_SGLOBAL['timestamp'], 'ip' => getonlineip(), 'fromdevice' => $FromDevice, 'image_1' => pic_get($MobileFile['filepath'], $MobileFile['thumb'], $MobileFile['remote']), 'image_1_link' => "space.php?uid={$MobileFile['uid']}&do=album&picid={$MobileFile['picid']}"); $newdoid = inserttable('doing', $arr, 1); $Feedarray = array('appid' => 'UC_APPID', 'icon' => 'doing', 'id' => $newdoid, 'idtype' => 'doid', 'uid' => $MobileFile['uid'], 'username' => $MobileFile['username'], 'dateline' => $MobileFile['dateline'], 'fromdevice' => $FromDevice, 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'image_1' => pic_get($MobileFile['filepath'], $MobileFile['thumb'], $MobileFile['remote']), 'image_1_link' => "space.php?uid={$MobileFile['uid']}&do=album&picid={$MobileFile['picid']}"); $Feedarray['hash_template'] = md5($Feedarray['title_template'] . "\t" . $Feedarray['body_template']); $Feedarray['hash_data'] = md5($Feedarray['title_template'] . "\t" . $Feedarray['title_data'] . "\t" . $Feedarray['body_template'] . "\t" . $Feedarray['body_data']); $Feedid = inserttable('feed', $Feedarray, 1); updatestat('doing'); $Result = array('flag' => 'success'); } else { $Result = array('flag' => 'fail_file&msg'); }
} else { if ($_GET['op'] != 'join') { if ($_SGLOBAL['supe_uid'] != $topic['uid'] && !checkperm('managetopic')) { showmessage('no_privilege'); } } $topic['pic'] = pic_get($topic['pic'], $topic['thumb'], $topic['remote'], 1); } //添加编辑操作 if (submitcheck('topicsubmit')) { $setarr = array('subject' => getstr($_POST['subject'], 80, 1, 1, 1), 'message' => getstr($_POST['message'], 0, 1, 1, 1), 'jointype' => empty($_POST['jointype']) ? '' : implode(',', $_POST['jointype']), 'joingid' => empty($_POST['joingid']) ? '' : implode(',', $_POST['joingid']), 'endtime' => $_POST['endtime'] ? sstrtotime($_POST['endtime']) : 0); if (strlen($setarr['subject']) < 4) { showmessage('topic_subject_error'); } //封面 if ($_FILES['pic']['size'] && ($filearr = pic_save($_FILES['pic'], -1))) { $setarr['pic'] = $filearr['filepath']; $setarr['thumb'] = $filearr['thumb']; $setarr['remote'] = $filearr['remote']; } if (empty($topicid)) { $setarr['uid'] = $_SGLOBAL['supe_uid']; $setarr['username'] = $_SGLOBAL['supe_username']; $setarr['dateline'] = $setarr['lastpost'] = $_SGLOBAL['timestamp']; $topicid = inserttable('topic', $setarr, 1); } else { updatetable('topic', $setarr, array('topicid' => $topicid)); } showmessage('do_success', "space.php?do=topic&topicid={$topicid}", 0); } if ($_GET['op'] == 'delete') {
break; case -8: $uploadfiles = cplang('has_not_more_doodle'); break; default: $uploadfiles = cplang('mobile_picture_temporary_failure'); break; } } } elseif ($_FILES && $_POST) { if ($_FILES["Filedata"]['error']) { $uploadfiles = cplang('file_is_too_big'); } else { $_FILES["Filedata"]['name'] = addslashes(siconv(urldecode($_FILES["Filedata"]['name']), $_SC['charset'], "UTF-8")); $_POST['albumid'] = addslashes(siconv(urldecode($_POST['albumid']), $_SC['charset'], "UTF-8")); $uploadfiles = pic_save($_FILES["Filedata"], $_POST['albumid'], addslashes(siconv(urldecode($_POST['title']), $_SC['charset'], "UTF-8"))); } $proid = $_POST['proid']; $uploadResponse = true; $albumid = 0; if ($uploadfiles && is_array($uploadfiles)) { $status = "success"; $albumid = $uploadfiles['albumid']; } else { $status = "failure"; } } $newalbumname = sgmdate('Ymd'); include template("do_swfupload"); $outxml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"; $outxml .= siconv(ob_get_contents(), 'UTF-8');
case -8: $uploadfiles = lang('spacecp', 'has_not_more_doodle'); break; default: $uploadfiles = lang('spacecp', 'mobile_picture_temporary_failure'); break; } } } elseif ($_FILES && $_POST) { if ($_FILES["Filedata"]['error']) { $uploadfiles = lang('spacecp', 'file_is_too_big'); } else { $_FILES["Filedata"]['name'] = addslashes(diconv(urldecode($_FILES["Filedata"]['name']), 'UTF-8')); $_POST['albumid'] = addslashes(diconv(urldecode($_POST['albumid']), 'UTF-8')); $catid = $_POST['catid'] ? intval($_POST['catid']) : 0; $uploadfiles = pic_save($_FILES["Filedata"], $_POST['albumid'], addslashes(diconv(urldecode($_POST['title']), 'UTF-8')), true, $catid); } $proid = $_POST['proid']; $uploadResponse = true; $albumid = 0; if ($uploadfiles && is_array($uploadfiles)) { $status = "success"; $albumid = $uploadfiles['albumid']; } else { $status = "failure"; } } $newalbumname = dgmdate($_G['timestamp'], 'Ymd'); include template("home/misc_swfupload"); $outxml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"; $outxml .= diconv(ob_get_contents(), $_G['charset'], 'UTF-8');
<?php /* [iBUAA] (C)2012-2111 BUAANIC . Create By Ancon Last Modfile By Ancon Last Time : 2012-12-5 19:58:01 */ include_once 'do_mobileverify.php'; //include_once('../../common.php'); //$mobilefile = $_GET['file']?$_GET['file']:0; //$filetype = $_GET['type']?$_GET['type']:0; //if ($filetype == 'pic') { // if ($mobilefile == 'upload') { include_once S_ROOT . './source/function_cp.php'; $mobile_file = pic_save($_FILES['mobilefile'], $_POST['albumid'], $_POST['pic_title'], $_POST['topicid']); echo $userid; echo $username; echo $sessionid; echo $_POST['albumid']; echo $_POST['pic_title']; print_r($_FILES['mobilefile']); echo "<br />"; echo $_SGLOBAL[supe_uid]; /* exit(aaa); if ($mobile_file && is_array($mobile_file)) { $arr = array( 'name'=>$mobile_file['filename'], 'pic'=>$mobile_file['filepath'], 'size'=>$mobile_file['size']