function getstr($string, $length, $in_slashes = 0, $out_slashes = 0, $bbcode = 0, $html = 0)
{
global $_G;
$string = trim($string);
$sppos = strpos($string, chr(0) . chr(0) . chr(0));
if ($sppos !== false) {
$string = substr($string, 0, $sppos);
}
if ($in_slashes) {
$string = dstripslashes($string);
}
$string = preg_replace("/\\[hide=?\\d*\\](.*?)\\[\\/hide\\]/is", '', $string);
if ($html < 0) {
$string = preg_replace("/(\\<[^\\<]*\\>|\r|\n|\\s|\\[.+?\\])/is", ' ', $string);
} elseif ($html == 0) {
$string = dhtmlspecialchars($string);
}
if ($length) {
$string = cutstr($string, $length);
}
if ($bbcode) {
require_once DISCUZ_ROOT . './source/class/class_bbcode.php';
$bb =& bbcode::instance();
$string = $bb->bbcode2html($string, $bbcode);
}
if ($out_slashes) {
$string = daddslashes($string);
}
return trim($string);
}
function gpc($pre)
{
$array = array();
$pre = str_replace(" ", '', $pre);
$pre = str_replace("\t", '', $pre);
if (strpos($pre, '|') !== false) {
$pre_array = explode('|', $pre);
}
foreach ($_GET as $key => $g) {
if ($pre_array) {
foreach ($pre_array as $v) {
$substr = '';
$substr = substr($key, 0, strlen($v));
if (strstr($substr, $v)) {
$array[$key] = daddslashes(htmlspecialchars($g));
}
}
} else {
$substr = '';
$substr = substr($key, 0, strlen($pre));
if (strstr($substr, $pre)) {
$array[$key] = daddslashes(htmlspecialchars($g));
}
}
}
return $array;
}
function all($tpl = '')
{
global $_G;
$url = URL . 'a=all';
$sql = make_sql();
$size = $_G[setting][cate_page] ? $_G[setting][cate_page] : 120;
if ($_GET[tag]) {
$tag = trim_html($tag, 1);
$tag = daddslashes($_GET[tag]);
$and .= "AND FIND_IN_SET('" . $tag . "', keywords) ";
$url .= "&tag=" . urlencode_utf8($tag);
$sql['and'] .= $and;
$sql['url'] .= $url;
}
$sql['key'] = 'all_';
$rs = D($sql, array('url' => $url . $sql[url], 'size' => $size));
$title = '';
if ($_GET[tag]) {
$title .= $_GET[tag];
}
$title .= '全部商品';
$this->add($rs);
seo($title);
$this->show($tpl);
}
public function fetch_all_by_search($aid, $authorid, $starttime, $endtime, $idtype, $message, $start = 0, $limit = 0, $type = 1)
{
$idtype = in_array($idtype, array('aid', 'topicid')) ? $idtype : 'aid';
$tablename = $idtype == 'aid' ? 'portal_article_title' : 'portal_topic';
$sql = '';
$sql .= $aid ? ' AND c.' . DB::field('id', $aid) : '';
$sql .= $authorid ? ' AND c.' . DB::field('uid', $authorid) : '';
$sql .= $starttime ? ' AND c.' . DB::field('dateline', $starttime, '>') : '';
$sql .= $endtime ? ' AND c.' . DB::field('dateline', $endtime, '<') : '';
if ($message != '') {
$sqlmessage = '';
$or = '';
$message = daddslashes($message);
$message = explode(',', str_replace(' ', '', $message));
for ($i = 0; $i < count($message); $i++) {
if (preg_match("/\\{(\\d+)\\}/", $message[$i])) {
$message[$i] = preg_replace("/\\\\{(\\d+)\\\\}/", ".{0,\\1}", preg_quote($message[$i], '/'));
$sqlmessage .= " {$or} c.message REGEXP '" . $message[$i] . "'";
} else {
$sqlmessage .= " {$or} c.message LIKE '%" . $message[$i] . "%'";
}
$or = 'OR';
}
if ($sqlmessage) {
$sql .= " AND ({$sqlmessage})";
}
}
if ($type == 2) {
return DB::result_first('SELECT count(*) FROM %t c WHERE 1 %i', array($this->_table, $sql));
} else {
return DB::fetch_all('SELECT c.*, a.title FROM %t c LEFT JOIN %t a ON a.`' . $idtype . '`=c.id WHERE 1 %i ORDER BY c.dateline DESC %i', array($this->_table, $tablename, $sql, DB::limit($start, $limit)));
}
}
function userapp_update()
{
global $_G;
if (!empty($_G['gp_id']) && is_numeric($_G['gp_id'])) {
$applist = array();
$userapp = DB::fetch_first("SELECT appid FROM " . DB::table('home_userapp_plying') . " WHERE uid='{$_G['uid']}'");
if (!empty($userapp['appid'])) {
$applist = explode(',', $userapp['appid']);
if (!empty($applist)) {
$applist = array_diff($applist, array(''));
$key = array_search($_G['gp_id'], $applist);
if ($key !== false) {
unset($applist[$key]);
}
array_unshift($applist, $_G['gp_id']);
while (count($applist) > $this->num) {
array_pop($applist);
}
}
}
if (empty($applist)) {
$applist = array($_G['gp_id']);
}
if (!empty($applist)) {
$appstr = implode(',', $applist);
DB::insert('home_userapp_plying', array('uid' => $_G['uid'], 'appid' => daddslashes($appstr)), false, true);
}
}
}
function searchkey($keyword, $field, $returnsrchtxt = 0)
{
$srchtxt = '';
if ($field && $keyword) {
if (preg_match("(AND|\\+|&|\\s)", $keyword) && !preg_match("(OR|\\|)", $keyword)) {
$andor = ' AND ';
$keywordsrch = '1';
$keyword = preg_replace("/( AND |&| )/is", "+", $keyword);
} else {
$andor = ' OR ';
$keywordsrch = '0';
$keyword = preg_replace("/( OR |\\|)/is", "+", $keyword);
}
$keyword = str_replace('*', '%', addcslashes($keyword, '%_'));
$srchtxt = $returnsrchtxt ? $keyword : '';
foreach (explode('+', $keyword) as $text) {
$text = trim(daddslashes($text));
if ($text) {
$keywordsrch .= $andor;
$keywordsrch .= str_replace('{text}', $text, $field);
}
}
$keyword = " AND ({$keywordsrch})";
}
return $returnsrchtxt ? array($srchtxt, $keyword) : $keyword;
}
public function add()
{
$sid = intval($_GET['sid']);
$sname = daddslashes($_GET['sname']);
if (!isset($_SESSION['username']) || empty($_SESSION['username'])) {
$this->showmessage('请登录后操作!', "index.php?controller=user&method=login");
}
if (!isset($_POST['submit'])) {
VIEW::assign(array('title' => "添加" . $sname . "旅游攻略", 'sid' => $sid));
VIEW::display("addstrategy.html");
} else {
$strategy = daddslashes($_POST['strategy']);
$impression = daddslashes($_POST['impression']);
if (empty($strategy)) {
$this->showmessage("请填写您的旅游攻略!", 'index.php?controller=strategy&method=add&sid=' . $sid . '&sname=' . $sname);
}
$username = $_SESSION['username'];
$data = array('sid' => $sid, 'username' => $username, 'strategy' => $strategy, 'dateline' => time());
if (!empty($impression) && isset($impression)) {
$data['impression'] = $impression;
}
$strategyobj = M('strategy');
$strategyobj->addStrategy($data);
$this->showmessage('添加攻略成功!', 'index.php?controller=strategy&method=detail&sid=' . $sid . "&sname=" . $sname);
}
}
function getstr($string, $length, $in_slashes = 0, $out_slashes = 0, $censor = 0, $bbcode = 0, $html = 0)
{
global $_G;
$string = trim($string);
if ($in_slashes) {
$string = dstripslashes($string);
}
if ($html < 0) {
$string = preg_replace("/(\\<[^\\<]*\\>|\r|\n|\\s|\\[.+?\\])/is", ' ', $string);
} elseif ($html == 0) {
$string = dhtmlspecialchars($string);
}
if ($censor) {
if (!class_exists('discuz_censor')) {
include libfile('class/censor');
}
$censor = discuz_censor::instance();
$censor->check($string);
if ($censor->modbanned() || $censor->modmoderated()) {
showmessage('word_banned');
}
}
if ($length) {
$string = cutstr($string, $length);
}
if ($bbcode) {
require_once DISCUZ_ROOT . './source/class/class_bbcode.php';
$bb =& bbcode::instance();
$string = $bb->bbcode2html($string, $bbcode);
}
if ($out_slashes) {
$string = daddslashes($string);
}
return trim($string);
}
function usesubmit()
{
global $_G;
if (empty($_G['gp_pid'])) {
showmessage(lang('magic/namepost', 'namepost_info_nonexistence'));
}
$_G['tid'] = $_G['gp_ptid'];
$post = getpostinfo($_G['gp_pid'], 'pid', array('p.first', 'p.tid', 'p.fid', 'p.authorid', 'p.dateline', 'p.anonymous'));
$this->_check($post);
$query = DB::query("SELECT username FROM " . DB::table('common_member') . " WHERE uid='{$post['authorid']}'");
$author = daddslashes(DB::result($query, 0), 1);
$thread = getpostinfo($post['tid'], 'tid', array('tid', 'subject', 'author', 'replies', 'lastposter'));
$posttable = getposttablebytid($post['tid']);
if ($post['first']) {
$lastposter = $thread['replies'] > 0 ? $thread['lastposter'] : $author;
DB::query("UPDATE " . DB::table($posttable) . " SET anonymous='0' WHERE tid='{$post['tid']}' AND first='1'");
} else {
$lastposter = $author;
$author = $thread['author'];
DB::query("UPDATE " . DB::table($posttable) . " SET anonymous='0' WHERE pid='{$_G['gp_pid']}'");
}
$forum['lastpost'] = explode("\t", DB::result_first("SELECT lastpost FROM " . DB::table('forum_forum') . " WHERE fid='{$post['fid']}'"));
if ($thread['subject'] == $forum['lastpost'][1] && ($forum['lastpost'][3] == '' && $post['anonymous'])) {
$lastpost = "{$thread['tid']}\t{$thread['subject']}\t{$_G['timestamp']}\t{$lastposter}";
DB::query("UPDATE " . DB::table('forum_forum') . " SET lastpost='{$lastpost}' WHERE fid='{$post['fid']}'", 'UNBUFFERED');
}
DB::query("UPDATE " . DB::table('forum_thread') . " SET author='{$author}', lastposter='{$lastposter}' WHERE tid='{$post['tid']}'");
usemagic($this->magic['magicid'], $this->magic['num']);
updatemagiclog($this->magic['magicid'], '2', '1', '0', 0, 'tid', $_G['gp_tid']);
if ($post['authorid'] != $_G['uid']) {
notification_add($post['authorid'], 'magic', lang('magic/namepost', 'namepost_notification'), array('pid' => $_G['gp_pid'], 'tid' => $_G['gp_tid'], 'subject' => $thread['subject'], 'magicname' => $this->magic['name']));
}
showmessage(lang('magic/namepost', 'namepost_succeed'), dreferer(), array(), array('showdialog' => 1, 'locationtime' => true));
}
public function cronAction()
{
$day = daddslashes(trim($this->reqVar('day', '')));
$time_stamp = time();
if (!empty($day)) {
$time_stamp = strtotime($day);
}
$ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 2);
// 2天注册的用户 android
$this->stat($ctime, 0);
$ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 4);
// 4天注册的用户
$this->stat($ctime, 1);
$ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 8);
// 8天注册的用户
$this->stat($ctime, 2);
$ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 2);
// 2天注册的用户 ios
$this->stat($ctime, 3);
$ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 4);
// 4天注册的用户
$this->stat($ctime, 4);
$ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 8);
// 8天注册的用户
$this->stat($ctime, 5);
}
function usesubmit()
{
global $_G;
$id = intval($_GET['id']);
if (empty($id)) {
showmessage(lang('magic/namepost', 'namepost_info_nonexistence'));
}
$idtype = !empty($_GET['idtype']) ? dhtmlspecialchars($_GET['idtype']) : '';
if (!in_array($idtype, array('pid', 'cid'))) {
showmessage(lang('magic/namepost', 'namepost_use_error'));
}
if ($idtype == 'pid') {
$_G['tid'] = intval($_GET['ptid']);
$post = getpostinfo($id, 'pid', array('p.first', 'p.tid', 'p.fid', 'p.authorid', 'p.dateline', 'p.anonymous'));
$this->_check($post);
$authorid = $post['authorid'];
$author = $post['anonymous'] ? '' : 1;
} elseif ($idtype == 'cid') {
$comment = C::t('home_comment')->fetch($id);
$authorid = $comment['authorid'];
$author = $comment['author'];
}
if ($author) {
showmessage('magicuse_bad_object');
}
$member = getuserbyuid($authorid);
if (!checkmagicperm($this->parameters['targetgroups'], $member['groupid'])) {
showmessage(lang('magic/namepost', 'namepost_info_user_noperm'));
}
$author = daddslashes($member['username']);
usemagic($this->magic['magicid'], $this->magic['num']);
updatemagiclog($this->magic['magicid'], '2', '1', '0', 0, $idtype, $id);
showmessage(lang('magic/namepost', 'magic_namepost_succeed'), 'javascript:;', array('uid' => $authorid, 'username' => $author, 'avatar' => 1), array('alert' => 'right'));
}
public function tjAction()
{
$password = $this->reqVar('passwd', '');
$startDate = daddslashes($this->reqVar('start_date', ''));
$whereStr = '';
if ($password == $this->password && !empty($startDate)) {
$startDateWhere = date("Y-m-d 00:00:00", strtotime($startDate));
$endDateWhere = date("Y-m-d 23:59:59", strtotime($startDate));
$whereStr = " ctime>='{$startDateWhere}' AND ctime<='{$endDateWhere}' AND ad_id='share_random'";
$startTime = time();
$cNum = $uNum = $ssNum = 0;
for ($i = 0; $i < 100; $i++) {
if (strlen($i) == 1) {
$tableStr = '0' . $i;
} else {
$tableStr = $i;
}
$scoreRe = $this->scoreModel->query("SELECT COUNT(*) as c_num, COUNT(DISTINCT uid) as u_num, SUM(score) as ss_num\n FROM z_score_log_{$tableStr}\n WHERE {$whereStr} LIMIT 1");
if ($scoreRe) {
foreach ($scoreRe as $key => $val) {
$cNum = $val['c_num'] + $cNum;
$uNum = $val['u_num'] + $uNum;
$ssNum = $val['ss_num'] + $ssNum;
}
}
}
echo '中奖数:' . $cNum . '--中奖用户数:' . $uNum . '--中奖金额:' . $ssNum / 100;
$runTime = time() - $startTime;
echo "<br/>运行时间为(秒)" . $runTime;
} else {
echo "参数错误!";
}
}
function userlogin($username, $password, $questionid, $answer, $loginfield = 'username')
{
$return = array();
if ($loginfield == 'uid') {
$isuid = 1;
} elseif ($loginfield == 'email') {
$isuid = 2;
} elseif ($loginfield == 'auto') {
$isuid = 3;
} else {
$isuid = 0;
}
if (!function_exists('uc_user_login')) {
loaducenter();
}
if ($isuid == 3) {
if (preg_match('/^[1-9]\\d*$/', $username)) {
$return['ucresult'] = uc_user_login($username, $password, 1, 1, $questionid, $answer);
} elseif (isemail($username)) {
$return['ucresult'] = uc_user_login($username, $password, 2, 1, $questionid, $answer);
}
if ($return['ucresult'][0] <= 0) {
$return['ucresult'] = uc_user_login($username, $password, 0, 1, $questionid, $answer);
}
} else {
$return['ucresult'] = uc_user_login($username, $password, $isuid, 1, $questionid, $answer);
}
$tmp = array();
$duplicate = '';
list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($return['ucresult'], 1);
$return['ucresult'] = $tmp;
if ($duplicate && $return['ucresult']['uid'] > 0) {
if ($olduid = DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'ucresult']['username']) . "'")) {
require_once libfile('function/membermerge');
if ($olduid != $return['ucresult']['uid']) {
membermerge($olduid, $return['ucresult']['uid']);
}
uc_user_merge_remove($return['ucresult']['username']);
} else {
$return['status'] = 0;
return $return;
}
}
if ($return['ucresult']['uid'] <= 0) {
$return['status'] = 0;
return $return;
}
$member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='" . $return['ucresult']['uid'] . "'");
if (!$member) {
$return['status'] = -1;
return $return;
}
$return['member'] = $member;
$return['status'] = 1;
if (addslashes($member['email']) != $return['ucresult']['email']) {
DB::query("UPDATE " . DB::table('common_member') . " SET email='" . $return['ucresult']['email'] . "' WHERE uid='" . $return['ucresult']['uid'] . "'");
}
return $return;
}
function insert_new_reply()
{
global $_G;
$tid = intval($_POST['tid']);
$post = array('tid' => $tid, 'author' => $_G['username'], 'authorid' => $_G['uid'], 'audio' => '', 'message' => $_POST['content'], 'fname' => '', 'first' => 0, 'dateline' => time());
C::t("#smart_video#video")->increase_by_where('smart_video_thread', 'reply', "tid={$tid}");
smart_record(1);
return C::t("#smart_video#video")->insert_new("smart_video_post", daddslashes($post), true);
}
public function raffleAction()
{
$ajax = daddslashes($this->reqVar('ajax', ''));
if ($ajax == 'tid') {
$tid = (int) $this->reqVar('tid', 0);
if ($tid > 0) {
$isThread = $this->siteThreadModel->query("SELECT 'X' FROM zs_forum_post WHERE tid='{$tid}' LIMIT 1");
if ($isThread) {
exit("1");
}
}
exit("0");
} else {
$dosubmit = daddslashes($this->postVar('dosubmit', ''));
$raffleAdd['tid'] = (int) $this->postVar('tid', 0);
$raffleAdd['num'] = (int) $this->postVar('num', 0);
$raffleAdd['is_images'] = (int) $this->postVar('is_images', 0);
$raffleAdd['creater'] = UNAME;
if (!empty($dosubmit)) {
if (empty($raffleAdd['tid'])) {
$this->redirect('请填写帖子ID!', '', 3);
die;
}
if (empty($raffleAdd['num'])) {
$this->redirect('请填写中奖人数!', '', 3);
die;
}
$whereStr = "";
if ($raffleAdd['is_images']) {
$whereStr = " AND attachment>0";
}
$sqlCountStr = "SELECT count(distinct(authorid)) as num FROM zs_forum_post WHERE tid='{$raffleAdd['tid']}' AND first=0 {$whereStr} LIMIT 1";
$fPostCountRe = $this->siteThreadModel->query($sqlCountStr);
if (empty($fPostCountRe[0]['num']) || $fPostCountRe[0]['num'] <= $raffleAdd['num']) {
$this->redirect('中奖人数超出回帖数了!', '', 3);
die;
}
$rid = $this->raffleModel->addRaffle($raffleAdd);
if ($rid > 0) {
$sqlStr = "SELECT pid FROM zs_forum_post WHERE tid='{$raffleAdd['tid']}' AND first=0 {$whereStr} group by authorid LIMIT 5000";
$fPostRe = $this->siteThreadModel->query($sqlStr);
if (!empty($fPostRe[0]['pid'])) {
//抽奖操作
$winnersSet = $raffleAdd;
$winnersSet['rid'] = $rid;
$winnersSet['post'] = $fPostRe;
$this->raffle($winnersSet);
$this->redirect('抽奖成功!', '/admin/thread_raffle/winners/?rid=' . $rid, 3);
die;
}
}
}
$this->getViewer()->needLayout(false);
$this->render('thread_raffle');
}
}
function daddslashes($string)
{
if (!is_array($string)) {
return addslashes($string);
}
foreach ($string as $key => $val) {
$string[$key] = daddslashes($val);
}
return $string;
}
function userlogin()
{
global $db, $tablepre, $_DCACHE, $ucresult, $username, $password, $questionid, $answer, $loginfield;
require_once DISCUZ_ROOT . './uc_client/client.php';
if ($loginfield == 'uid') {
$isuid = 1;
} elseif ($loginfield == 'email') {
$isuid = 2;
} else {
$isuid = 0;
}
$ucresult = uc_user_login($username, $password, $isuid, 1, $questionid, $answer);
list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($ucresult, 1);
$ucresult = $tmp;
if ($duplicate && $ucresult['uid'] > 0) {
if ($olduid = $db->result_first("SELECT uid FROM {$tablepre}members WHERE username='******'username']) . "'")) {
require_once DISCUZ_ROOT . './include/membermerge.func.php';
membermerge($olduid, $ucresult['uid']);
uc_user_merge_remove($ucresult['username']);
} else {
return 0;
}
}
if ($ucresult['uid'] <= 0) {
return 0;
}
$member = $db->fetch_first("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,\r\n\t\tm.email, m.adminid, m.groupid, m.styleid, m.lastvisit, m.lastpost, u.allowinvisible\r\n\t\tFROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING (groupid)\r\n\t\tWHERE m.uid='{$ucresult['uid']}'");
if (!$member) {
return -1;
}
$member['discuz_userss'] = $member['discuz_user'];
$member['discuz_user'] = addslashes($member['discuz_user']);
foreach ($member as $var => $value) {
$GLOBALS[$var] = $value;
}
if (addslashes($member['email']) != $ucresult['email']) {
$db->query("UPDATE {$tablepre}members SET email='{$ucresult['email']}' WHERE uid='{$ucresult['uid']}'");
}
if ($questionid > 0 && empty($member['discuz_secques'])) {
$GLOBALS['discuz_secques'] = random(8);
$db->query("UPDATE {$tablepre}members SET secques='{$GLOBALS['discuz_secques']}' WHERE uid='{$ucresult['uid']}'");
}
$GLOBALS['styleid'] = $member['styleid'] ? $member['styleid'] : $_DCACHE['settings']['styleid'];
$cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : 0);
dsetcookie('cookietime', $cookietime, 31536000);
dsetcookie('auth', authcode("{$member['discuz_pw']}\t{$member['discuz_secques']}\t{$member['discuz_uid']}", 'ENCODE'), $cookietime, 1, true);
dsetcookie('loginuser');
dsetcookie('activationauth');
dsetcookie('pmnum');
$GLOBALS['sessionexists'] = 0;
if ($_DCACHE['settings']['frameon'] && $_DCOOKIE['frameon'] == 'yes') {
$GLOBALS['extrahead'] .= '<script>if(top != self) {parent.leftmenu.location.reload();}</script>';
}
return 1;
}
public function indexAction()
{
$keyword = daddslashes($this->reqVar('keyword', ''));
$startTime = daddslashes($this->reqVar('start_time', ''));
$endTime = daddslashes($this->reqVar('end_time', ''));
$page = (int) $this->reqVar('page', 1);
$pageUrl = "/admin/operate/";
if (!empty($keyword)) {
$opertaeSet['operat'] = $keyword;
$pageUrl .= "?keyword={$keyword}";
}
if (!empty($startTime)) {
$opertaeSet['start_time'] = $startTime;
$pageUrl .= !empty($keyword) ? "&" : "?";
$pageUrl .= "&start_time={$startTime}";
}
if (!empty($endTime)) {
$opertaeSet['end_time'] = $endTime;
if (!empty($keyword) || !empty($startTime)) {
$pageUrl .= "&end_time={$endTime}";
} else {
$pageUrl .= "?end_time={$endTime}";
}
}
$operateList = $this->operateModel->getOpLogList($opertaeSet, $page, 20);
if ($operateList) {
foreach ($operateList as $key => $val) {
$contentStr = '';
$content = json_decode($val['content'], true);
// die();
if (is_array($content)) {
foreach ($content as $ckey => $cval) {
$contentStr .= $ckey . "/" . $cval . ",";
}
$contentStr = trim($contentStr, ",");
$contentSub = cn_substr($contentStr, 20);
$operateList[$key]['content'] = $contentStr;
$operateList[$key]['content_sub'] = $contentSub;
} else {
$operateList[$key]['content'] = $operateList[$key]['content_sub'] = $content;
}
// $operateList[$key]['content_sub'] = $val['content'];
}
}
$operateCount = $this->operateModel->getOpLogCount($opertaeSet);
$operatePages = pages($operateCount, $page, 20, $pageUrl, array());
$this->assign('keyword', $keyword);
$this->assign('startTime', $startTime);
$this->assign('endTime', $endTime);
$this->assign('operateList', $operateList);
$this->assign('operatePages', $operatePages);
$this->assign("page", $page);
$this->getViewer()->needLayout(false);
$this->render('operate_list');
}
function daddslashes($string)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = daddslashes($val);
}
} else {
$string = addslashes($string);
}
return $string;
}
static function filter($str)
{
if (is_array($str)) {
foreach ($str as $key => $val) {
$str[$key] = daddslashes($val, $force);
}
} else {
$str = addslashes($str);
}
return $str;
}
/**
* 获取表结构
*/
public function getCacheAction()
{
$key = daddslashes($this->getVar('key'));
//键名是:数据库名_表名
if (empty($key)) {
return false;
}
$memcache = Leb_Dao_Memcache::getInstance();
$result = $memcache->get($key);
var_dump($result);
}
public function ajaxchannelAction()
{
$channel = daddslashes($this->getVar('channel', ''));
if (!empty($channel)) {
$channelSetRe = $this->channelSetModel->getChannelSet(array("channel" => $channel));
if ($channelSetRe) {
exit("0");
}
}
exit("1");
}
function daddslashes($string, $force = 1)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
unset($string[$key]);
$string[addslashes($key)] = daddslashes($val, $force);
}
} else {
$string = addslashes($string);
}
return $string;
}
public function pak_ppjoyAction()
{
$channel = daddslashes(trim($this->reqVar('channel', '')));
$invite = (int) $this->reqVar('invite', 0);
$c = daddslashes(trim($this->reqVar('c', '')));
$pakRe = $this->pakIos($channel, $invite, $c);
if (1 == $pakRe['status']) {
echo "itms-services://?action=download-manifest&url=" . $pakRe["url"];
} else {
echo "error";
}
}
function daddslashes($string, $force = 0)
{
if (!$GLOBALS["magic_quotes_gpc"] || $force) {
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = daddslashes($val, $force);
}
} else {
$string = addslashes($string);
}
}
return $string;
}
function daddslashes($string, $force = 0, $strip = FALSE)
{
if (!MAGIC_QUOTES_GPC || $force) {
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = daddslashes($val, $force, $strip);
}
} else {
$string = addslashes($strip ? stripslashes($string) : $string);
}
}
return $string;
}
public static function manyoulog($logtype, $uids, $action, $fid = '')
{
global $_G;
if ($_G['setting']['my_app_status'] && $logtype == 'user') {
$action = daddslashes($action);
$values = array();
$uids = is_array($uids) ? $uids : array($uids);
foreach ($uids as $uid) {
$uid = intval($uid);
C::t('common_member_log')->insert(array('uid' => $uid, 'action' => $action, 'dateline' => TIMESTAMP), false, true);
}
}
}
public function insert_by_bid($bid, $data)
{
if ($bid && $data && is_array($data)) {
$data = daddslashes($data);
$str = array();
foreach ($data as $value) {
$str[] = "('{$value['bid']}', '{$value['pic']}', '{$value['picflag']}', '{$value['type']}')";
}
if ($str) {
DB::query('INSERT INTO ' . DB::table($this->_table) . ' (bid, pic, picflag, `type`) VALUES ' . implode(',', $str));
}
}
}
public function fetch_all_search($searchctrl, $useip, $uid, $timestamp, $searchstring, $srchmod = '')
{
if (!$searchctrl || !$timestamp) {
return null;
}
$timestamp = dintval($timestamp);
$uid = dintval($uid);
$srchmod = dintval($srchmod);
$useip = daddslashes($useip);
$searchctrl = dintval($searchctrl);
$searchstring = daddslashes($searchstring);
return DB::fetch_all("SELECT searchid, dateline,\n\t\t\t('" . $searchctrl . "'<>'0' AND " . (empty($uid) ? "useip='{$useip}'" : "uid='{$uid}'") . " AND {$timestamp}-dateline<'" . $searchctrl . "') AS flood,\n\t\t\t(searchstring='{$searchstring}' AND expiration>'{$timestamp}') AS indexvalid\n\t\t\tFROM " . DB::table($this->_table) . "\n\t\t\tWHERE " . ($srchmod ? "srchmod='{$srchmod}' AND " : '') . "('" . $searchctrl . "'<>'0' AND " . (empty($uid) ? "useip='{$useip}'" : "uid='{$uid}'") . " AND {$timestamp}-dateline<" . $searchctrl . ") OR (searchstring='{$searchstring}' AND expiration>'{$timestamp}')\n\t\t\tORDER BY flood");
}
public function delete_by_session($session, $onlinehold, $guestspan)
{
if (!empty($session) && is_array($session)) {
$onlinehold = time() - $onlinehold;
$guestspan = time() - $guestspan;
$session = daddslashes($session);
$condition = " sid='{$session[sid]}' ";
$condition .= " OR lastactivity<{$onlinehold} ";
$condition .= " OR (uid='0' AND ip1='{$session['ip1']}' AND ip2='{$session['ip2']}' AND ip3='{$session['ip3']}' AND ip4='{$session['ip4']}' AND lastactivity>{$guestspan}) ";
$condition .= $session['uid'] ? " OR (uid='{$session['uid']}') " : '';
DB::delete('common_session', $condition);
}
}
