Пример #1
0
 function auth($uId, $picData, $picExt = 'jpg', $isReward = false)
 {
     global $_SGLOBAL;
     $pic = base64_decode($picData);
     if (!$pic || strlen($pic) == strlen($picData)) {
         $errCode = '200';
         $errMessage = 'Error argument';
         return new APIErrorResponse($errCode, $errMessage);
     }
     $secret = md5($_SGLOBAL['timestamp'] . "\t" . $_SGLOBAL['supe_uid']);
     $picDir = S_ROOT . './data/avatar/' . substr($secret, 0, 1);
     if (!is_dir($picDir)) {
         if (!mkdir($picDir, 0777)) {
             $errCode = '300';
             $errMessage = 'Cannot create directory';
             return new APIErrorResponse($errCode, $errMessage);
         }
     }
     $picDir .= '/' . substr($secret, 1, 1);
     if (!is_dir($picDir)) {
         if (!@mkdir($picDir, 0777)) {
             $errCode = '300';
             $errMessage = 'Cannot create directory';
             return new APIErrorResponse($errCode, $errMessage);
         }
     }
     $picPath = $picDir . '/' . $secret . '.' . $picExt;
     $fp = @fopen($picPath, 'wb');
     if ($fp) {
         if (fwrite($fp, $pic) !== FALSE) {
             fclose($fp);
             //The main table
             updatetable('space', array('videostatus' => 1), array('uid' => $uId));
             //Attached table
             $fields = array('videopic' => $secret);
             updatetable('spacefield', $fields, array('uid' => $uId));
             $result = $_SGLOBAL['db']->affected_rows();
             if ($isReward) {
                 // Bonus Points
                 getreward('videophoto', 1, $uId, '', 0);
             }
             return new APIResponse($result);
         }
     }
     $errCode = '300';
     $errMessage = 'Video Auth Error';
     return new APIErrorResponse($errCode, $errMessage);
 }
Пример #2
0
 function add($uId, $appId, $appName, $privacy, $allowSideNav, $allowFeed, $allowProfileLink, $defaultBoxType, $defaultMYML, $defaultProfileLink, $version, $displayMethod, $displayOrder = null)
 {
     global $_SGLOBAL;
     $sql = sprintf('SELECT appid FROM %s WHERE uid = %d AND appid = %d', tname('userapp'), $uId, $appId);
     $query = $_SGLOBAL['db']->query($sql);
     $row = $_SGLOBAL['db']->fetch_array($query);
     if ($row['appid']) {
         $errCode = '170';
         $errMessage = 'Application has been already added';
         return new APIErrorResponse($errCode, $errMessage);
     }
     switch ($privacy) {
         case 'public':
             $privacy = 0;
             break;
         case 'friends':
             $privacy = 1;
             break;
         case 'me':
             $privacy = 3;
             break;
         case 'none':
             $privacy = 5;
             break;
         default:
             $privacy = 0;
     }
     $narrow = $defaultBoxType == 'narrow' ? 1 : 0;
     $setarr = array('uid' => $uId, 'appid' => $appId, 'appname' => $appName, 'privacy' => $privacy, 'allowsidenav' => $allowSideNav, 'allowfeed' => $allowFeed, 'allowprofilelink' => $allowProfileLink, 'narrow' => $narrow);
     if ($displayOrder !== null) {
         $setarr['displayorder'] = $displayOrder;
     }
     inserttable('userapp', $setarr);
     $fields = array('uid' => $uId, 'appid' => $appId, 'profilelink' => $defaultProfileLink, 'myml' => $defaultMYML);
     $result = inserttable('userappfield', $fields, 1);
     $reward = getreward('installapp', 0, $uId, $appId, 0);
     // update  user
     $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$uId}'");
     $displayMethod = $displayMethod == 'iframe' ? 1 : 0;
     $this->refreshApplication($appId, $appName, $version, $displayMethod, $narrow, null, null);
     return new APIResponse($result);
 }
Пример #3
0
    //更新状态
    updatetable('session', array('lastactivity' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid']));
}
$app = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('myapp') . " WHERE appid='{$appid}' LIMIT 1");
if ($app = $_SGLOBAL['db']->fetch_array($query)) {
    if ($app['flag'] < 0) {
        showmessage('no_privilege_myapp');
    }
}
//漫游
$my_appId = $appid;
$my_suffix = base64_decode(urldecode($_GET['my_suffix']));
$my_prefix = getsiteurl();
//奖励积分
getreward('useapp', 1, 0, $appid);
if (!$my_suffix) {
    header('Location: userapp.php?id=' . $my_appId . '&my_suffix=' . urlencode(base64_encode('/')));
    exit;
}
if (preg_match('/^\\//', $my_suffix)) {
    $url = 'http://apps.manyou.com/' . $my_appId . $my_suffix;
} else {
    if ($my_suffix) {
        $url = 'http://apps.manyou.com/' . $my_appId . '/' . $my_suffix;
    } else {
        $url = 'http://apps.manyou.com/' . $my_appId;
    }
}
if (strpos($my_suffix, '?')) {
    $url = $url . '&my_uchId=' . $_SGLOBAL['supe_uid'] . '&my_sId=' . $_SCONFIG['my_siteid'];
Пример #4
0
        inserttable('poke', $setarr, 0, true);
        //更新统计
        if (!$oldpoke) {
            $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET pokenum=pokenum+1 WHERE uid='{$uid}'");
        }
        //更新我的好友关系热度
        addfriendnum($tospace['uid'], $tospace['username']);
        //发送邮件通知
        smail($uid, '', cplang('poke_subject', array($_SN[$space['uid']], getsiteurl() . 'cp.php?ac=poke')), '', 'poke');
        if ($op == 'reply') {
            //删除招呼
            $_SGLOBAL['db']->query("DELETE FROM " . tname('poke') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND fromuid='{$uid}'");
            $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET pokenum=pokenum-1 WHERE uid='{$_SGLOBAL['supe_uid']}' AND pokenum>0");
        }
        //奖励
        getreward('poke', 1, 0, $uid);
        //统计
        updatestat('poke');
        showmessage('poke_success', $_POST['refer'], 1, array($_SN[$tospace['uid']]));
    }
} elseif ($op == 'ignore') {
    $where = empty($uid) ? '' : "AND fromuid='{$uid}'";
    $_SGLOBAL['db']->query("DELETE FROM " . tname('poke') . " WHERE uid='{$_SGLOBAL['supe_uid']}' {$where}");
    //统计更新
    $pokenum = getcount('poke', array('uid' => $space['uid']));
    if ($pokenum != $space['pokenum']) {
        updatetable('space', array('pokenum' => $pokenum), array('uid' => $space['uid']));
    }
    showmessage('has_been_hailed_overlooked');
} else {
    $perpage = 20;
Пример #5
0
        case 'picid':
            $fs['title_template'] = cplang('feed_click_pic');
            $fs['title_data'] = array('touser' => "<a href=\"space.php?uid={$item['uid']}\">{$_SN[$item['uid']]}</a>", 'click' => $click['name']);
            $fs['images'] = array(pic_get($item['filepath'], $item['thumb'], $item['remote']));
            $fs['image_links'] = array("space.php?uid={$item['uid']}&do=album&picid={$item['picid']}");
            $fs['body_general'] = $item['title'];
            $note_type = 'clickpic';
            $q_note = cplang('note_click_pic', array("space.php?uid={$item['uid']}&do=album&picid={$item['picid']}"));
            break;
    }
    //Event Publishing
    if (empty($item['friend']) && ckprivacy('click', 1)) {
        feed_add('click', $fs['title_template'], $fs['title_data'], '', array(), $fs['body_general'], $fs['images'], $fs['image_links']);
    }
    //Reward visitors
    getreward('click', 1, 0, $idtype . $id);
    //Statistics
    updatestat('click');
    //Notice
    notification_add($item['uid'], $note_type, $q_note);
    showmessage('click_success', $_SGLOBAL['refer']);
} elseif ($_GET['op'] == 'show') {
    foreach ($clicks as $key => $value) {
        $value['clicknum'] = $item["click_{$key}"];
        $value['classid'] = mt_rand(1, 4);
        if ($value['clicknum'] > $maxclicknum) {
            $maxclicknum = $value['clicknum'];
        }
        $clicks[$key] = $value;
    }
    $start = intval($_GET['start']);
Пример #6
0
/*
	[UCenter Home] (C) 2007-2008 Comsenz Inc.
	$Id: do_login.php 8543 2008-08-21 05:51:48Z liguode $
*/
if (!defined('IN_UCHOME')) {
    exit('Access Denied');
}
$uid = 0;
$email = '';
$_GET['hash'] = empty($_GET['hash']) ? '' : trim($_GET['hash']);
if ($_GET['hash']) {
    list($uid, $email) = explode("\t", authcode($_GET['hash'], 'DECODE'));
    $uid = intval($uid);
}
if ($uid && isemail($email)) {
    //检查邮箱唯一性
    if ($_SCONFIG['uniqueemail']) {
        if (getcount('spacefield', array('email' => $email, 'emailcheck' => 1))) {
            showmessage('uniqueemail_recheck');
        }
    }
    // Bonus Points
    getreward('realemail', 1, $uid);
    //修改资料
    updatetable('spacefield', array('email' => addslashes($email), 'emailcheck' => '1', 'newemail' => ''), array('uid' => $uid));
    //跳转页面
    showmessage('email_check_sucess', '', 1, array($email));
} else {
    showmessage('email_check_error');
}
Пример #7
0
} else {
    if (!empty($_SGET['op']) && $_SGET['op'] == 'digest') {
        $cid = empty($_SGET['cid']) ? 0 : intval($_SGET['cid']);
        if (empty($cid)) {
            showmessage('not_found', S_URL);
        }
        $itemid = empty($_SGET['itemid']) ? 0 : intval($_SGET['itemid']);
        if (empty($itemid)) {
            showmessage('not_found', S_URL);
        }
        if ($cid && $itemid && $_SGLOBAL['supe_uid']) {
            $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('spacecomments') . ' WHERE cid=\'' . $cid . '\'');
            if ($comment = $_SGLOBAL['db']->fetch_array($query)) {
                if (intval($comment['digest']) == 0) {
                    //积分经验,奖励精华评论者
                    getreward('comment_digest', 1, $comment['authorid']);
                    $msg = addslashes($comment['message']) . "<br/><div class=\"old\">" . $lang['digest'] . "</div>";
                    $_SGLOBAL['db']->query("UPDATE " . tname('spacecomments') . " SET message='" . $msg . "' WHERE cid='" . $cid . "'");
                }
                $_SGLOBAL['db']->query('UPDATE ' . tname('spacecomments') . ' SET digest=1 WHERE cid=\'' . $cid . '\'');
            }
        }
    }
}
$perpage = empty($_SCONFIG['commviewnum']) ? 50 : intval($_SCONFIG['commviewnum']);
//显示条数
$page = empty($_SGET['page']) ? 0 : intval($_SGET['page']);
$order = !empty($_SGET['order']) && in_array($_SGET['order'], array('1', '2', '3', '4')) ? intval($_SGET['order']) : 0;
$page = $page < 1 ? 1 : $page;
$start = ($page - 1) * $perpage;
$itemid = empty($_SGET['itemid']) ? 0 : intval($_SGET['itemid']);
Пример #8
0
/**
 * 模型在线投稿提交处理函数
 */
function modelpost($cacheinfo, $cp = 1)
{
    global $_SGLOBAL, $theurl, $_SCONFIG;
    include_once S_ROOT . './function/upload.func.php';
    $_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0;
    $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0;
    $hash = '';
    $op = 'add';
    $resultitems = $resultmessage = array();
    $modelsinfoarr = $cacheinfo['models'];
    $columnsinfoarr = $cacheinfo['columns'];
    //获取等级信息
    if ($cacheinfo['models']['modelname'] == 'defect') {
        switch ($_POST['grade']) {
            case 1:
                $_POST['grade'] = '64';
                break;
            case 2:
                $_POST['grade'] = '32';
                break;
            case 3:
                $_POST['grade'] = '16';
                break;
            case 4:
                $_POST['grade'] = '9';
                break;
            case 5:
                $_POST['grade'] = '4';
                break;
            case 6:
                $_POST['grade'] = '1';
                break;
            case 7:
                $_POST['grade'] = '-1';
                break;
            case 8:
                $_POST['grade'] = '-2';
                break;
            case 9:
                $_POST['grade'] = '-3';
                break;
        }
        $gradearr = array('0' => $alang['general_state'], '64' => $alang['check_grade_1'], '32' => $alang['check_grade_2'], '16' => $alang['check_grade_3_1'], '9' => $alang['check_grade_3_2'], '4' => $alang['check_grade_3_3'], '1' => $alang['check_grade_4'], '-1' => $alang['check_grade_5'], '-2' => $alang['check_grade_6'], '-3' => $alang['check_grade_7']);
        if (!empty($_SCONFIG['checkgrade'])) {
            $newgradearr = explode("\t", $_SCONFIG['checkgrade']);
            $gradearr['64'] = $newgradearr[0];
            $gradearr['32'] = $newgradearr[1];
            $gradearr['16'] = $newgradearr[2];
            $gradearr['9'] = $newgradearr[3];
            $gradearr['4'] = $newgradearr[4];
            $gradearr['1'] = $newgradearr[5];
            $gradearr['-1'] = $newgradearr[6];
            $gradearr['-2'] = $newgradearr[7];
            $gradearr['-3'] = $newgradearr[8];
        }
    } else {
        $gradearr = array('0' => $alang['general_state'], '1' => $alang['check_grade_1'], '2' => $alang['check_grade_2'], '3' => $alang['check_grade_3'], '4' => $alang['check_grade_4'], '5' => $alang['check_grade_5'], '6' => $alang['check_grade_6'], '7' => $alang['check_grade_7']);
        if (!empty($_SCONFIG['checkgrade'])) {
            $newgradearr = explode("\t", $_SCONFIG['checkgrade']);
            for ($i = 0; $i < count($newgradearr); $i++) {
                if (!empty($newgradearr[$i])) {
                    $gradearr[$i + 1] = $newgradearr[$i];
                }
            }
        }
    }
    if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) {
        showmessage('parameter_error');
    }
    $feedcolum = array();
    foreach ($columnsinfoarr as $result) {
        if ($result['isfixed'] == 1) {
            $resultitems[] = $result;
        } else {
            $resultmessage[] = $result;
        }
        if ($result['formtype'] == 'linkage') {
            if (!empty($_POST[$result['fieldname']])) {
                $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]];
            }
        } elseif ($result['formtype'] == 'timestamp') {
            if (empty($_POST[$result['fieldname']])) {
                $_POST[$result['fieldname']] = $_SGLOBAL['timestamp'];
            } else {
                $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]);
            }
        }
    }
    //更新用户最新更新时间
    if (empty($itemid) && $_SGLOBAL['supe_uid']) {
        updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid']));
    }
    //输入检查
    $_POST['catid'] = intval($_POST['catid']);
    $_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0;
    $_POST['subject'] = shtmlspecialchars(trim($_POST['subject']));
    //检查输入
    if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) {
        showmessage('space_suject_length_error');
    }
    if (empty($_POST['catid'])) {
        showmessage('admin_func_catid_error');
    }
    if (!empty($_FILES['subjectimage']['name'])) {
        $fileext = fileext($_FILES['subjectimage']['name']);
        if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) {
            showmessage('document_types_can_only_upload_pictures');
        }
    }
    //数据检查
    checkvalues(array_merge($resultitems, $resultmessage), 0, 1);
    //修改时检验标题图片是否修改
    $defaultmessage = array();
    if (!empty($itemid)) {
        if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) {
            //当file删除时,或修改时执行删除操作
            $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\'');
            $defaultmessage = $_SGLOBAL['db']->fetch_array($query);
            $hash = getmodelhash($_GET['mid'], $itemid);
            deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage'));
            //删除附件表
            updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid));
            $ext = fileext($defaultmessage['subjectimage']);
            if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
                @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg');
            }
            @unlink(A_DIR . '/' . $defaultmessage['subjectimage']);
        }
    }
    //构建数据
    $setsqlarr = $setitemsqlarr = array();
    $setsqlarr = getsetsqlarr($resultitems);
    $setsqlarr['catid'] = $_POST['catid'];
    $setsqlarr['subject'] = $_POST['subject'];
    $setsqlarr['allowreply'] = $_POST['allowreply'];
    $setsqlarr['grade'] = intval($_POST['grade']);
    //modify by jyf,没权限的用户不能改审核等级
    if ($setsqlarr['grade'] > 0) {
        if (!checkperm('manageeditpost')) {
            showmessage('no_permission');
        }
    }
    //end
    $setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
    $setsqlarr['uid'] = $_SGLOBAL['supe_uid'];
    $setsqlarr['username'] = $_SGLOBAL['supe_username'];
    $setsqlarr['lastpost'] = $setsqlarr['dateline'];
    $modelsinfoarr['subjectimagewidth'] = 400;
    $modelsinfoarr['subjectimageheight'] = 300;
    if (!empty($modelsinfoarr['thumbsize'])) {
        $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize']));
        $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0];
        $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1];
    }
    $uploadfilearr = $ids = array();
    $subjectimageid = '';
    $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']);
    if (!empty($uploadfilearr)) {
        $feedsubjectimg = $uploadfilearr;
        foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
            if (empty($tmpvalue['error'])) {
                $setsqlarr[$tmpkey] = $tmpvalue['filepath'];
            }
            if (!empty($tmpvalue['aid'])) {
                $ids[] = $tmpvalue['aid'];
            }
        }
    }
    //词语过滤
    if (!empty($modelsinfoarr['allowfilter'])) {
        $setsqlarr = scensor($setsqlarr, 1);
    }
    //发布时间
    if (empty($_POST['dateline'])) {
        $setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
    } else {
        $setsqlarr['dateline'] = sstrtotime($_POST['dateline']);
        if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) {
            //不能早于2年
            $setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
        }
    }
    //附件处理-by jyf
    if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) {
        $setsqlarr['attaches'] = implode(',', $_POST['divupload']);
    }
    //创新园地新增两个字段-------89184
    if ($cacheinfo['models']['modelname'] == 'creative') {
        if (empty($_POST['creative_value'])) {
            showmessage('请输入创新价值说明');
        }
        if (empty($_POST['creative_days'])) {
            showmessage('本创新所耗的工作量');
        }
        $setsqlarr['value'] = $_POST['creative_value'];
        $setsqlarr['days'] = $_POST['creative_days'];
    }
    if (!checkperm('allowdirectpost') || checkperm('managemodpost')) {
        //不需要审核时入item表
        if (empty($itemid)) {
            //插入数据
            $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1);
            //取消邮件通知                    --89184
            $email = get_cate_mail($_POST['catid']);
            $url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
            if ($_POST['modelname'] == 'creative') {
                if ($_POST['creative_type'] == '流程建议') {
                    $email = $email . ',' . get_cate_process_mail($setsqlarr['catid']);
                }
            }
            $emails = explode(',', $email);
            if (count($emails) > 0) {
                include S_ROOT . './function/sendmail.fun.php';
                $url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
                if ($cacheinfo['models']['modelname'] == 'creative') {
                    $msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的创新:<br />' . $url1;
                    sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的创新《' . $_POST['subject'] . "》", $msg1);
                } else {
                    if ($cacheinfo['models']['modelname'] == 'defect') {
                        $msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例:<br />' . $url1;
                        sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例《' . $_POST['subject'] . "》", $msg1);
                    }
                }
            }
        } else {
            //更新
            $op = 'update';
            unset($setsqlarr['uid']);
            unset($setsqlarr['username']);
            unset($setsqlarr['lastpost']);
            if ($setsqlarr['grade'] > 0) {
                $setsqlarr['shenhezhe'] = $_SGLOBAL['supe_username'];
                if ($_POST['modelname'] == 'creative') {
                    if ($_POST['creative_type'] == '主管月度创新') {
                        if (!check_cate_director($setsqlarr['catid'])) {
                            showmessage('no_permission');
                        }
                    }
                }
            }
            updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid));
            $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\'');
            $defaultmessage = $_SGLOBAL['db']->fetch_array($query);
            //邮件通知--等级审核
            if ($setsqlarr['grade'] > 0) {
                $sqlstr = 'SELECT u.*, s.* FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' s LEFT JOIN ' . tname('members') . ' u ON u.uid=s.uid WHERE s.itemid=\'' . $itemid . '\'';
                $query = $_SGLOBAL['db']->query($sqlstr);
                $value = $_SGLOBAL['db']->fetch_array($query);
                $email = $value['email'];
                if (!empty($email)) {
                    include S_ROOT . './function/sendmail.fun.php';
                    $url = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
                    $emails = explode(',', $email);
                    if ($_POST['modelname'] == 'creative') {
                        $msg = '你的创新已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url;
                    } else {
                        $msg = '你的缺陷预防案例已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url;
                    }
                    sendmail($emails, $setsqlarr['subject'], $msg);
                }
            }
        }
        if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) {
            $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=1, type=\'' . $modelsinfoarr['modelname'] . '\', itemid=' . $itemid . ', catid=\'' . $_POST['catid'] . '\' WHERE hash=\'' . $_POST['hash'] . '\'');
        }
        $hash = getmodelhash($_POST['mid'], $itemid);
        if (!empty($ids)) {
            $ids = simplode($ids);
            $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
        }
        $do = 'pass';
    } else {
        if (!empty($uploadfilearr['subjectimage']['aid'])) {
            $subjectimageid = $uploadfilearr['subjectimage']['aid'];
        }
        $setitemsqlarr = $setsqlarr;
        $do = 'me';
    }
    if ($op == 'update') {
        if (!empty($resultmessage)) {
            foreach ($resultmessage as $value) {
                if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) {
                    if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) {
                        //当file删除时,或修改时执行删除操作
                        deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname']));
                        //删除附件表
                        updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid']));
                        $ext = fileext($defaultmessage[$value['fieldname']]);
                        if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
                            @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg');
                        }
                        @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]);
                    }
                }
            }
        }
    }
    //内容
    $setsqlarr = $uploadfilearr = $ids = array();
    $setsqlarr = getsetsqlarr($resultmessage);
    $uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0);
    $setsqlarr['message'] = trim($_POST['message']);
    $setsqlarr['postip'] = $_SGLOBAL['onlineip'];
    if (!empty($uploadfilearr)) {
        foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
            if (empty($tmpvalue['error'])) {
                $setsqlarr[$tmpkey] = $tmpvalue['filepath'];
            }
            if (!empty($tmpvalue['aid'])) {
                $ids[] = $tmpvalue['aid'];
            }
        }
    }
    //添加内容
    if (!empty($modelsinfoarr['allowfilter'])) {
        $setsqlarr = scensor($setsqlarr, 1);
    }
    if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') {
        //不需要审核时入message表
        if ($op == 'add') {
            $setsqlarr['itemid'] = $itemid;
            //添加内容
            inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr);
            getreward('postinfo');
            if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) {
                $feed['icon'] = 'comment';
                $feed['title_template'] = 'feed_model_title';
                $murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
                $aurl = A_URL;
                if (empty($_SCONFIG['siteurl'])) {
                    $siteurl = getsiteurl();
                    $murl = $siteurl . $murl;
                    $aurl = $siteurl . $aurl;
                } else {
                    $siteurl = S_URL_ALL;
                }
                $feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>');
                $feed['body_template'] = 'feed_model_message';
                $feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150));
                if (!empty($feedsubjectimg)) {
                    $feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl);
                } else {
                    foreach ($feedcolum as $feedimgvalue) {
                        if ($feedimgvalue['filepath']) {
                            $feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl);
                            break;
                        }
                    }
                    if (empty($feed['images'])) {
                        $picurl = getmessagepic(stripslashes($_POST['message']));
                        if ($picurl && strpos($picurl, '://') === false) {
                            $picurl = $siteurl . '/' . $picurl;
                        }
                        if (!empty($picurl)) {
                            $feed['images'][] = array('url' => $picurl, 'link' => $murl);
                        }
                    }
                }
                postfeed($feed);
            }
        } else {
            //更新内容
            updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid));
        }
        updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash));
        if (checkperm('allowdirectpost') && $op == 'update') {
            deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1);
        }
        if (checkperm('allowdirectpost') && $op == 'update') {
            $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
            showmessage('writing_success_online_please_wait_for_audit', $jpurl);
        } else {
            $jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
            showmessage('online_contributions_success', $jpurl);
        }
    } else {
        $setsqlarr = array_merge($setitemsqlarr, $setsqlarr);
        $setsqlarr['addfeed'] = $_POST['addfeed'];
        $setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1);
        if (!empty($_POST['itemid'])) {
            $itemid = intval($_POST['itemid']);
            updatetable('modelfolders', $setsqlarr, array('itemid' => $itemid));
        } else {
            $itemid = inserttable('modelfolders', $setsqlarr, 1);
        }
        if (!empty($subjectimageid)) {
            $ids[] = $subjectimageid;
        }
        if (!empty($ids)) {
            $ids = simplode($ids);
            $hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT);
            $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
        }
        $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
        showmessage('writing_success_online_please_wait_for_audit', $jpurl);
    }
}
Пример #9
0
function cksearch($theurl)
{
    global $_SGLOBAL, $_SCONFIG, $space;
    $theurl = stripslashes($theurl) . "&page=" . $_GET['page'];
    if ($searchinterval = checkperm('searchinterval')) {
        $waittime = $searchinterval - ($_SGLOBAL['timestamp'] - $space['lastsearch']);
        if ($waittime > 0) {
            showmessage('search_short_interval', '', 1, array($waittime, $theurl));
        }
    }
    if (!checkperm('searchignore')) {
        $reward = getreward('search', 0);
        if ($reward['credit'] || $reward['experience']) {
            if (empty($_GET['confirm'])) {
                $theurl .= '&confirm=yes';
                showmessage('points_deducted_yes_or_no', '', 1, array($reward['credit'], $reward['experience'], $theurl));
            } else {
                if ($space['credit'] < $reward['credit'] || $space['experience'] < $reward['experience']) {
                    showmessage('points_search_error');
                } else {
                    //扣分
                    $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET lastsearch='{$_SGLOBAL['timestamp']}', credit=credit-{$reward['credit']}, experience=experience-{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
                }
            }
        }
    }
}
Пример #10
0
    }
    $pollnum = 0;
    foreach ($votekeys as $votekey) {
        if (isset($options[$votekey]['num'])) {
            $options[$votekey]['num']++;
            $pollnum++;
        } else {
            showmessage('no_votekey');
        }
    }
    $options = addslashes(serialize($options));
    $voters[] = $ip;
    $voters = addslashes(serialize($voters));
    $_SGLOBAL['db']->query('UPDATE ' . tname('polls') . ' SET pollnum=pollnum+' . $pollnum . ', updatetime=' . $_SGLOBAL['timestamp'] . ', options=\'' . $options . '\', voters=\'' . $voters . '\' WHERE pollid=\'' . $pollid . '\'');
    //积分 和 经验
    getreward('postvote');
    showmessage('do_success', geturl('action/poll/pollid/' . $pollid));
}
$poll['options'] = unserialize($poll['options']);
if (empty($poll['voters'])) {
    $poll['voters'] = array();
} else {
    $poll['voters'] = unserialize($poll['voters']);
}
//投票人数
$poll['votersnum'] = count($poll['voters']);
$poll['dateline'] = sgmdate($poll['dateline'], 'Y-m-d H:i:s');
$poll['updatetime'] = sgmdate($poll['updatetime'], 'Y-m-d H:i:s');
foreach ($poll['options'] as $key => $options) {
    $options['percent'] = @sprintf("%01.2f", $options['num'] * 100 / $poll['pollnum']);
    $poll['options'][$key] = $options;
Пример #11
0
    $psetarr = array('tagid' => $tagid, 'tid' => $tid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'ip' => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'message' => $msg, 'isthread' => 1);
    //添加
    inserttable('post', $psetarr);
    //更新群组统计
    $_SGLOBAL['db']->query("UPDATE " . tname("mtag") . " SET threadnum=threadnum+1 WHERE tagid='{$tagid}'");
    //统计
    updatestat('thread');
    //更新用户统计
    if (empty($space['threadnum'])) {
        $space['threadnum'] = getcount('thread', array('uid' => $space['uid']));
        $threadnumsql = "threadnum=" . $space['threadnum'];
    } else {
        $threadnumsql = 'threadnum=threadnum+1';
    }
    //积分
    $reward = getreward('publishthread', 0);
    $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$threadnumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
    $returnarr = array("tagid" => $tagid, "tid" => $tid);
    echo json_encode($returnarr);
    return;
}
if ($_GET['sync'] == 'false') {
    if ($_POST['remember'] == "true") {
        $_SGLOBAL['db']->query("UPDATE " . tname("space") . " SET overseas_tip='never' WHERE uid='" . $_SGLOBAL['supe_uid'] . "'");
        $_SGLOBAL['db']->query("UPDATE " . tname("spaceforeign") . " SET sync='no'  WHERE uid='" . $_SGLOBAL['supe_uid'] . "'");
    }
    return;
}
include template('cp_doing');
//ɸѡ
function ckicon_uid($feed)
Пример #12
0
<?php

/*
	[UCenter Home] (C) 2007-2008 Comsenz Inc.
	$Id: cp_invite.php 12971 2009-07-31 07:04:02Z liguode $
*/
if (!defined('IN_UCHOME')) {
    exit('Access Denied');
}
$siteurl = getsiteurl();
$maxcount = 50;
//最多好友邀请
$reward = getreward('invitecode', 0);
$appid = empty($_GET['app']) ? 0 : intval($_GET['app']);
$inviteapp = $invite_code = '';
if (empty($reward['credit']) || $appid) {
    $reward['credit'] = 0;
    $invite_code = space_key($space, $appid);
}
$siteurl = getsiteurl();
$spaceurl = $siteurl . 'space.php?uid=' . $_SGLOBAL['supe_uid'];
$mailvar = array("<a href=\"{$spaceurl}\">" . avatar($space['uid'], 'middle') . "</a><br>" . $_SN[$space['uid']], $_SN[$space['uid']], $_SCONFIG['sitename'], '', '', $spaceurl, '');
//取出相应的应用
$appinfo = array();
if ($appid) {
    $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('myapp') . " WHERE appid='{$appid}'");
    $appinfo = $_SGLOBAL['db']->fetch_array($query);
    if ($appinfo) {
        $inviteapp = "&amp;app={$appid}";
        $mailvar[6] = $appinfo['appname'];
    } else {
Пример #13
0
     //不能小于4个字符
     showmessage('realname_too_short');
 }
 if ($setarr['name'] != $space['name'] || $setarr['namestatus']) {
     //第一次填写实名
     if ($_SCONFIG['realname'] && empty($space['name']) && $setarr['name'] != $space['name'] && $setarr['namestatus']) {
         $reward = getreward('realname', 0);
         if ($reward['credit']) {
             $setarr['credit'] = $space['credit'] + $reward['credit'];
         }
         if ($reward['experience']) {
             $setarr['experience'] = $space['experience'] + $reward['experience'];
         }
     } elseif ($_SCONFIG['realname'] && $space['namestatus'] && !checkperm('managename')) {
         //扣减积分
         $reward = getreward('editrealname', 0);
         //积分
         if ($space['name'] && $setarr['name'] != $space['name'] && ($reward['credit'] || $reward['experience'])) {
             //验证经验值
             if ($space['experience'] >= $reward['experience']) {
                 $setarr['experience'] = $space['experience'] - $reward['experience'];
             } else {
                 showmessage('experience_inadequate', '', 1, array($space['experience'], $reward['experience']));
             }
             if ($space['credit'] >= $reward['credit']) {
                 $setarr['credit'] = $space['credit'] - $reward['credit'];
             } else {
                 showmessage('integral_inadequate', '', 1, array($space['credit'], $reward['credit']));
             }
         }
     }
Пример #14
0
	$Id: batch.download.php 13342 2009-09-16 05:43:20Z zhaofei $
*/
include_once './common.php';
$aid = empty($_GET['aid']) ? 0 : intval($_GET['aid']);
if (empty($aid)) {
    exit('Access Denied');
}
$query = $_SGLOBAL['db']->query('SELECT a.*, i.* FROM ' . tname('attachments') . ' a LEFT JOIN ' . tname('spaceitems') . ' i ON i.itemid=a.itemid WHERE a.aid=\'' . $aid . '\'');
if ($item = $_SGLOBAL['db']->fetch_array($query)) {
    //权限
    $channel = $item['type'];
    if (!checkperm('allowgetattach')) {
        showmessage('no_permission');
    }
    //积分、经验
    if (!getreward('download')) {
        showmessage('credit_not_enough');
    }
} else {
    showmessage('not_found');
}
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET downloads=downloads+1 WHERE aid=\'' . $aid . '\'');
$filename = A_DIR . '/' . $item['filepath'];
if (is_readable($filename)) {
    if (!empty($item['isimage'])) {
        echo '<img src="' . A_URL . '/' . $item['filepath'] . '" />';
    } else {
        header('Cache-control: max-age=31536000');
        header('Expires: ' . gmdate('D, d M Y H:i:s', $_SGLOBAL['timestamp'] + 31536000) . ' GMT');
        header('Content-Encoding: none');
        $item['filename'] = strtolower($_SCONFIG['charset']) == 'utf-8' && strexists($_SERVER['HTTP_USER_AGENT'], 'MSIE') ? urlencode($item['filename']) : $item['filename'];
Пример #15
0
     $message = addslashes("<div class=\"quote\"><span class=\"q\"><b>" . $_SN[$post['uid']] . "</b>: " . getstr($post['message'], 150, 0, 0, 0, 2, 1) . '</span></div>') . $message;
 }
 $anonymous = empty($_POST['anonymous']) ? 0 : intval($_POST['anonymous']);
 $setarr = array('tagid' => intval($thread['tagid']), 'anonymous' => $anonymous, 'tid' => $tid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'ip' => getonlineip(), 'dateline' => $_SGLOBAL['timestamp'], 'message' => $message);
 $pid = inserttable('post', $setarr, 1);
 //邮件通知
 smail($thread['uid'], '', cplang('mtag_reply', array($_SN[$space['uid']], shtmlspecialchars(getsiteurl() . "space.php?uid={$thread['uid']}&do=thread&id={$thread['tid']}"))), '', 'mtag_reply');
 //更新统计数据
 $last_author_name = $anonymous ? 'null' : $_SGLOBAL[supe_username];
 $_SGLOBAL['db']->query("UPDATE " . tname('thread') . "\r\n\t\tSET replynum=replynum+1, lastpost='{$_SGLOBAL['timestamp']}', lastauthor='{$last_author_name}', lastauthorid='{$_SGLOBAL['supe_uid']}'\r\n\t\tWHERE tid='{$tid}'");
 //更新群组统计
 $_SGLOBAL['db']->query("UPDATE " . tname("mtag") . " SET postnum=postnum+1 WHERE tagid='{$thread['tagid']}'");
 //普通回复
 if (empty($post) && $thread['uid'] != $_SGLOBAL['supe_uid']) {
     //积分
     getreward('replythread', 1, 0, $thread['tid']);
     realname_set($thread['uid'], $thread['username']);
     realname_get();
     if (empty($mtag['viewperm'])) {
         $fs = array();
         $fs['icon'] = 'post';
         $fs['body_template'] = '';
         $fs['body_data'] = array();
         $fs['body_general'] = '';
         $fs['title_template'] = cplang('feed_thread_reply');
         $fs['title_data'] = array('touser' => "<a href=\"space.php?uid={$thread['uid']}\">" . $_SN[$thread['uid']] . "</a>", 'thread' => "<a href=\"space.php?uid={$thread['uid']}&do=thread&id={$thread['tid']}\">{$thread['subject']}</a>");
         if (ckprivacy('post', 1)) {
             feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general']);
         }
     }
     //通知
Пример #16
0
function verifyevents($eventids, $grade)
{
    global $_SGLOBAL;
    $allowmanage = checkperm('manageevent');
    $managebatch = checkperm('managebatch');
    $opnum = 0;
    $eventarr = array();
    $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid IN (" . simplode($eventids) . ")");
    while ($value = $_SGLOBAL['db']->fetch_array($query)) {
        if ($allowmanage && !$managebatch) {
            $opnum++;
        }
    }
    if (!$allowmanage || !$managebatch && $opnum > 1) {
        return array();
    }
    $grade = intval($grade);
    if (!in_array($grade, array(-2, -1, 1, 2))) {
        cpmessage('bad_event_grade');
        // 错误的活动状态
    }
    $newids = $events = $actions = array();
    $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('event') . " WHERE eventid IN (" . simplode($eventids) . ")");
    while ($value = $_SGLOBAL['db']->fetch_array($query)) {
        if ($grade == $value['grade']) {
            continue;
        }
        $newids[] = $value['eventid'];
        $events[$value['eventid']] = $value;
        if ($grade == -1) {
            $actions[$value['eventid']] = "unverify";
            //未通过审核
        } elseif ($grade == 1) {
            if ($value['grade'] == -2) {
                $actions[$value['eventid']] = "open";
                // 开启
            } elseif ($value['grade'] < 1) {
                $actions[$value['eventid']] = "verify";
                // 通过审核
            } elseif ($value['grade'] == 2) {
                $actions[$value['eventid']] = "unrecommend";
                // 取消推荐
            }
        } elseif ($grade == 2) {
            //推荐奖励积分
            getreward('recommendevent', 1, $value['uid'], '', 0);
            $actions[$value['eventid']] = "recommend";
            //推荐
        } elseif ($grade == -2) {
            $actions[$value['eventid']] = "close";
            //关闭
        }
    }
    if (empty($newids)) {
        return array();
    }
    @(include_once S_ROOT . './data/data_eventclass.php');
    $noteids = $note_inserts = array();
    $feed_inserts = array();
    foreach ($newids as $id) {
        $event = $events[$id];
        if ($grade >= 1 && $events[$id]['grade'] < 1 && $events[$id]['grade'] >= -1) {
            // feed:发布活动
            $poster = "";
            if (empty($event['poster'])) {
                $poster = $_SGLOBAL['eventclass'][$event['classid']]['poster'];
            } else {
                $poster = pic_get($event['poster'], $event['thumb'], $event['remote']);
            }
            $feedarr = array('appid' => UC_APPID, 'icon' => 'event', 'uid' => $event['uid'], 'username' => $event['username'], 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('event_add'), 'title_data' => array('eventid' => $id, 'title' => $event['title']), 'body_template' => cplang('event_feed_info'), 'body_data' => array("eventid" => $id, "title" => $event['title'], "username" => $event['username'], 'starttime' => sgmdate('m-d H:i', $event['starttime']), 'endtime' => sgmdate('m-d H:i', $event['endtime']), 'province' => $event['province'], 'city' => $event['city'], 'location' => $event['location']), 'body_general' => '', 'image_1' => $poster, 'image_1_link' => 'space.php?do=event&id=' . $id, 'image_2' => '', 'image_2_link' => '', 'image_3' => '', 'image_3_link' => '', 'image_4' => '', 'image_4_link' => '', 'target_ids' => '', 'friend' => '');
            $feedarr = sstripslashes($feedarr);
            //去掉转义
            $feedarr['title_data'] = serialize(sstripslashes($feedarr['title_data']));
            //数组转化
            $feedarr['body_data'] = serialize(sstripslashes($feedarr['body_data']));
            //数组转化
            $feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
            //喜好hash
            $feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
            //合并hash
            $feedarr = saddslashes($feedarr);
            //增加转义
            $feed_inserts[] = "('{$feedarr['appid']}', 'event', '{$feedarr['uid']}', '{$feedarr['username']}', '{$feedarr['dateline']}', '0', '{$feedarr['hash_template']}', '{$feedarr['hash_data']}', '{$feedarr['title_template']}', '{$feedarr['title_data']}', '{$feedarr['body_template']}', '{$feedarr['body_data']}', '{$feedarr['body_general']}', '{$feedarr['image_1']}', '{$feedarr['image_1_link']}', '{$feedarr['image_2']}', '{$feedarr['image_2_link']}', '{$feedarr['image_3']}', '{$feedarr['image_3_link']}', '{$feedarr['image_4']}', '{$feedarr['image_4_link']}', '', '{$id}', 'eventid')";
        }
        if ($event['uid'] != $_SGLOBAL['supe_uid']) {
            // 自己的不发送通知
            $noteids[] = $event[uid];
            $note_msg = cplang('event_set_' . $actions[$id], array("space.php?do=event&id=" . $event['eventid'], $event['title']));
            $note_inserts[] = "('{$event['uid']}', 'system', '1', '0', '', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')";
        }
    }
    unset($events);
    //修改状态
    if ($grade == 2) {
        // 需要同时修改推荐时间
        $_SGLOBAL['db']->query("UPDATE " . tname("event") . " SET grade='{$grade}', recommendtime='{$_SGLOBAL['timestamp']}' WHERE eventid IN (" . simplode($newids) . ")");
    } else {
        $_SGLOBAL['db']->query("UPDATE " . tname("event") . " SET grade='{$grade}' WHERE eventid IN (" . simplode($newids) . ")");
    }
    //通知
    if ($note_inserts) {
        $_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts));
        $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($noteids) . ")");
    }
    //Feed
    if ($feed_inserts) {
        $_SGLOBAL['db']->query("INSERT INTO " . tname('feed') . " (`appid` ,`icon` ,`uid` ,`username` ,`dateline` ,`friend` ,`hash_template` ,`hash_data` ,`title_template` ,`title_data` ,`body_template` ,`body_data` ,`body_general` ,`image_1` ,`image_1_link` ,`image_2` ,`image_2_link` ,`image_3` ,`image_3_link` ,`image_4` ,`image_4_link` ,`target_ids` ,`id` ,`idtype`) VALUES " . implode(',', $feed_inserts));
    }
    return $newids;
}
Пример #17
0
        $newdoid = inserttable('doing', $arr, 1);
        //事件feed
        $feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $userid, 'username' => $username, 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $Message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid');
        $feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
        //喜好hash
        $feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
        //合并hash
        inserttable('feed', $feedarr, 1);
        updatestat('doing');
        //更新空间note
        $setarr = array('note' => $Message);
        if (!empty($_POST['spacenote'])) {
            $reward = getreward('updatemood', 0);
            $setarr['spacenote'] = $Message;
        } else {
            $reward = getreward('doing', 0);
        }
        updatetable('spacefield', $setarr, array('uid' => $userid));
        $setarr = array('updatetime' => "updatetime='{$_SGLOBAL['timestamp']}'", 'lastpost' => "lastpost='{$_SGLOBAL['timestamp']}'");
        $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET " . implode(',', $setarr) . " WHERE uid='{$userid}'");
        //返回flag
        if ($newdoid) {
            $arrs = array('flag' => 'success');
        } else {
            $arrs = array('flag' => 'fail');
        }
    }
}
$result = json_encode($arrs);
$result = preg_replace("#\\\\u([0-9a-f]+)#ie", "iconv('UCS-2BE', 'UTF-8', pack('H4', '\\1'))", $result);
echo $result;
Пример #18
0
     //Statistics
     updatestat('share');
     // share notice
     if ($note_uid && $note_uid != $_SGLOBAL['supe_uid']) {
         notification_add($note_uid, 'sharenotice', $note_message);
     }
     // update  user Statistics
     if (empty($space['sharenum'])) {
         $space['sharenum'] = getcount('share', array('uid' => $space['uid']));
         $sharenumsql = "sharenum=" . $space['sharenum'];
     } else {
         $sharenumsql = 'sharenum=sharenum+1';
     }
     // points
     $needle = $id ? $type . $id : '';
     $reward = getreward('createshare', 0, 0, $needle);
     $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$sharenumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
     //̬
     if (ckprivacy('share', 1)) {
         include_once S_ROOT . './source/function_feed.php';
         feed_publish($sid, 'sid', 1);
     }
     if ($_POST['topicid']) {
         topic_join($_POST['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
         $url = 'space.php?do=topic&topicid=' . $_POST['topicid'] . '&view=share';
     } else {
         $url = $_POST['refer'];
     }
     showmessage('do_success', $url, 0);
 }
 //ʾ
Пример #19
0
function deleteevents($eventids)
{
    global $_SGLOBAL;
    $allowmanage = checkperm('manageevent');
    $managebatch = checkperm('managebatch');
    $delnum = 0;
    $eventarr = $neweventids = $note_ids = $note_inserts = array();
    //获取积分
    $reward = getreward('delevent', 0);
    $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid IN (" . simplode($eventids) . ")");
    while ($value = $_SGLOBAL['db']->fetch_array($query)) {
        if ($allowmanage || $value['uid'] == $_SGLOBAL['supe_uid']) {
            $eventarr[] = $value;
            if (!$managebatch && $value['uid'] != $_SGLOBAL['supe_uid']) {
                $delnum++;
            }
        }
    }
    if (empty($eventarr) || !$managebatch && $delnum > 1) {
        return array();
    }
    foreach ($eventarr as $key => $value) {
        $neweventids[] = $value['eventid'];
        // [to do: 给活动参加者发通知。操作量太大,所以优先级:低]
        if ($value['uid'] != $_SGLOBAL['supe_uid']) {
            if ($allowmanage) {
                //扣除积分
                $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET credit=credit-{$reward['credit']}, experience=experience-{$reward['experience']} WHERE uid='{$value['uid']}'");
            }
            $note_ids[] = $value['uid'];
            $note_msg = cplang('event_set_delete', array($value['title']));
            $note_inserts[] = "('{$value['uid']}', 'event', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')";
        }
    }
    //数据删除
    $_SGLOBAL['db']->query("DELETE FROM " . tname('event') . " WHERE eventid IN (" . simplode($neweventids) . ")");
    $_SGLOBAL['db']->query("DELETE FROM " . tname('eventpic') . " WHERE eventid IN (" . simplode($neweventids) . ")");
    $_SGLOBAL['db']->query("DELETE FROM " . tname('eventinvite') . " WHERE eventid IN (" . simplode($neweventids) . ")");
    //活动用户
    $_SGLOBAL['db']->query("DELETE FROM " . tname('userevent') . " WHERE eventid IN (" . simplode($neweventids) . ")");
    //评论
    $_SGLOBAL['db']->query("DELETE FROM " . tname('comment') . " WHERE id IN (" . simplode($neweventids) . ") AND idtype='eventid'");
    $_SGLOBAL['db']->query("DELETE FROM " . tname('feed') . " WHERE id IN (" . simplode($neweventids) . ") AND idtype='eventid'");
    //删除举报
    $_SGLOBAL['db']->query("DELETE FROM " . tname('report') . " WHERE id IN (" . simplode($neweventids) . ") AND idtype='eventid'");
    //发送通知
    if ($note_inserts) {
        $_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts));
        $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")");
    }
    return $eventarr;
}
Пример #20
0
                $value['privacy'] = empty($value['privacy']) ? array() : unserialize($value['privacy']);
                $filter = empty($value['privacy']['filter_note']) ? array() : array_keys($value['privacy']['filter_note']);
                if (cknote_uid(array("type" => "eventmember", "authorid" => $_SGLOBAL['supe_uid']), $filter)) {
                    $note_ids[] = $value['uid'];
                    $note_inserts[] = "('{$value['uid']}', 'eventmember', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')";
                }
            }
            if ($note_inserts) {
                $_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts));
                $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")");
            }
            //E-mail notice
            smail($event['uid'], '', $note_msg, 'event');
        }
        // Bonus Points
        getreward('joinevent', 1, 0, $eventid);
        //Statistics
        updatestat('eventjoin');
        //Process Event Invites
        if ($eventinvite) {
            $_SGLOBAL['db']->query("DELETE FROM " . tname("eventinvite") . " WHERE eventid='{$eventid}' AND touid='{$_SGLOBAL['supe_uid']}'");
            $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET eventinvitenum=eventinvitenum-1 WHERE uid = '{$_SGLOBAL['supe_uid']}' AND eventinvitenum>0");
        }
        showmessage("do_success", "space.php?do=event&id={$eventid}", 0);
        // Join the event successfully
    }
} elseif ($op == "quit") {
    // Quit Event
    if (!$eventid) {
        showmessage("event_does_not_exist");
        // Event does not exist or has been deleted
Пример #21
0
function blog_post($POST, $olds=array()) {
	global $_SGLOBAL, $_SC, $space;
	
	//操作者角色切换
	$isself = 1;
	if(!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
		$isself = 0;
		$__SGLOBAL = $_SGLOBAL;
		$_SGLOBAL['supe_uid'] = $olds['uid'];
		$_SGLOBAL['supe_username'] = addslashes($olds['username']);
	}

	//标题
	$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
	if(strlen($POST['subject'])<1) $POST['subject'] = sgmdate('Y-m-d');
	$POST['friend'] = intval($POST['friend']);
	
	//隐私
	$POST['target_ids'] = '';
	if($POST['friend'] == 2) {
		//特定好友
		$uids = array();
		$names = empty($_POST['target_names'])?array():explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
		if($names) {
			$query = $_SGLOBAL['db']->query("SELECT uid FROM ".tname('space')." WHERE username IN (".simplode($names).")");
			while ($value = $_SGLOBAL['db']->fetch_array($query)) {
				$uids[] = $value['uid'];
			}
		}
		if(empty($uids)) {
			$POST['friend'] = 3;//仅自己可见
		} else {
			$POST['target_ids'] = implode(',', $uids);
		}
	} elseif($POST['friend'] == 4) {
		//加密
		$POST['password'] = trim($POST['password']);
		if($POST['password'] == '') $POST['friend'] = 0;//公开
	}
	if($POST['friend'] !== 2) {
		$POST['target_ids'] = '';
	}
	if($POST['friend'] !== 4) {
		$POST['password'] == '';
	}

	$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
	$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);	//语词屏蔽

	//内容
	if($_SGLOBAL['mobile']) {
		$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
	} else {
		$POST['message'] = checkhtml($POST['message']);
		$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
		$POST['message'] = preg_replace(array(
				"/\<div\>\<\/div\>/i",
				"/\<a\s+href\=\"([^\>]+?)\"\>/i"
			), array(
				'',
				'<a href="\\1" target="_blank">'
			), $POST['message']);
	}
	$message = $POST['message'];

	//个人分类
	if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
		if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
			//分类名
			$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
			$classname = getstr($classname, 0, 1, 1, 1);
			if(empty($classname)) {
				$classid = 0;
			} else {
				$classid = getcount('class', array('classname'=>$classname, 'uid'=>$_SGLOBAL['supe_uid']), 'classid');
				if(empty($classid)) {
					$setarr = array(
						'classname' => $classname,
						'uid' => $_SGLOBAL['supe_uid'],
						'dateline' => $_SGLOBAL['timestamp']
					);
					$classid = inserttable('class', $setarr, 1);
				}
			}
		} else {
			$classid = intval($POST['classid']);

		}
	} else {
		$classid = $olds['classid'];
	}
	if($classid && empty($classname)) {
		//是否是自己的
		$classname = getcount('class', array('classid'=>$classid, 'uid'=>$_SGLOBAL['supe_uid']), 'classname');
		if(empty($classname)) $classid = 0;
	}
	
	//主表
	$blogarr = array(
		'subject' => $POST['subject'],
		'classid' => $classid,
		'friend' => $POST['friend'],
		'password' => $POST['password'],
		'noreply' => empty($_POST['noreply'])?0:1
	);

	//标题图片
	$titlepic = '';
	
	//获取上传的图片
	$uploads = array();
	if(!empty($POST['picids'])) {
		$picids = array_keys($POST['picids']);
		$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('pic')." WHERE picid IN (".simplode($picids).") AND uid='$_SGLOBAL[supe_uid]'");
		while ($value = $_SGLOBAL['db']->fetch_array($query)) {
			if(empty($titlepic) && $value['thumb']) {
				$titlepic = $value['filepath'].'.thumb.jpg';
				$blogarr['picflag'] = $value['remote']?2:1;
			}
			$uploads[$POST['picids'][$value['picid']]] = $value;
		}
		if(empty($titlepic) && $value) {
			$titlepic = $value['filepath'];
			$blogarr['picflag'] = $value['remote']?2:1;
		}
	}
	
	//插入文章
	if($uploads) {
		preg_match_all("/\<img\s.*?\_uchome\_localimg\_([0-9]+).+?src\=\"(.+?)\"/i", $message, $mathes);
		if(!empty($mathes[1])) {
			$searchs = $idsearchs = array();
			$replaces = array();
			foreach ($mathes[1] as $key => $value) {
				if(!empty($mathes[2][$key]) && !empty($uploads[$value])) {
					$searchs[] = $mathes[2][$key];
					$idsearchs[] = "_uchome_localimg_$value";
					$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
					unset($uploads[$value]);
				}
			}
			if($searchs) {
				$message = str_replace($searchs, $replaces, $message);
				$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
			}
		}
		//未插入文章
		foreach ($uploads as $value) {
			$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
			$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
		}
	}
	
	//没有填写任何东西
	$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\&nbsp\;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
	if(empty($ckmessage)) {
		return false;
	}
	
	//添加slashes
	$message = addslashes($message);
	
	//从内容中读取图片
	if(empty($titlepic)) {
		$titlepic = getmessagepic($message);
		$blogarr['picflag'] = 0;
	}
	$blogarr['pic'] = $titlepic;
	
	//热度
	if(checkperm('manageblog')) {
		$blogarr['hot'] = intval($POST['hot']);
	}
	
	if($olds['blogid']) {
		//更新
		$blogid = $olds['blogid'];
		updatetable('blog', $blogarr, array('blogid'=>$blogid));
		
		$fuids = array();
		
		$blogarr['uid'] = $olds['uid'];
		$blogarr['username'] = $olds['username'];
	} else {
		//参与热闹
		$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');

		$blogarr['uid'] = $_SGLOBAL['supe_uid'];
		$blogarr['username'] = $_SGLOBAL['supe_username'];
		$blogarr['dateline'] = empty($POST['dateline'])?$_SGLOBAL['timestamp']:$POST['dateline'];
		$blogid = inserttable('blog', $blogarr, 1);
	}
	
	$blogarr['blogid'] = $blogid;
	
	//附表	
	$fieldarr = array(
		'message' => $message,
		'postip' => getonlineip(),
		'target_ids' => $POST['target_ids']
	);
	
	//TAG
	$oldtagstr = addslashes(empty($olds['tag'])?'':implode(' ', unserialize($olds['tag'])));
	

	$tagarr = array();
	if($POST['tag'] != $oldtagstr) {
		if(!empty($olds['tag'])) {
			//先把以前的给清理掉
			$oldtags = array();
			$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM ".tname('tagblog')." WHERE blogid='$blogid'");
			while ($value = $_SGLOBAL['db']->fetch_array($query)) {
				$oldtags[] = $value['tagid'];
			}
			if($oldtags) {
				$_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum-1 WHERE tagid IN (".simplode($oldtags).")");
				$_SGLOBAL['db']->query("DELETE FROM ".tname('tagblog')." WHERE blogid='$blogid'");
			}
		}
		$tagarr = tag_batch($blogid, $POST['tag']);
		//更新附表中的tag
		$fieldarr['tag'] = empty($tagarr)?'':addslashes(serialize($tagarr));
	}

	if($olds) {
		//更新
		updatetable('blogfield', $fieldarr, array('blogid'=>$blogid));
	} else {
		$fieldarr['blogid'] = $blogid;
		$fieldarr['uid'] = $blogarr['uid'];
		inserttable('blogfield', $fieldarr);
	}

	//空间更新
	if($isself) {
		if($olds) {
			//空间更新
			$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET updatetime='$_SGLOBAL[timestamp]' WHERE uid='$_SGLOBAL[supe_uid]'");
		} else {
			if(empty($space['blognum'])) {
				$space['blognum'] = getcount('blog', array('uid'=>$space['uid']));
				$blognumsql = "blognum=".$space['blognum'];
			} else {
				$blognumsql = 'blognum=blognum+1';
			}
			//积分
			$reward = getreward('publishblog', 0);
			$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET {$blognumsql}, lastpost='$_SGLOBAL[timestamp]', updatetime='$_SGLOBAL[timestamp]', credit=credit+$reward[credit], experience=experience+$reward[experience] WHERE uid='$_SGLOBAL[supe_uid]'");
			
			//统计
			updatestat('blog');
		}
	}
	
	//产生feed
	if($POST['makefeed']) {
		include_once(S_ROOT.'./source/function_feed.php');
		feed_publish($blogid, 'blogid', $olds?0:1);
	}
	
	//热闹
	if(empty($olds) && $blogarr['topicid']) {
		topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
	}

	//角色切换
	if(!empty($__SGLOBAL)) $_SGLOBAL = $__SGLOBAL;

	return $blogarr;
}
Пример #22
0
    if (empty($visitor['dateline'])) {
        $setarr = array('uid' => $space['uid'], 'vuid' => $_SGLOBAL['supe_uid'], 'vusername' => $is_anonymous ? '' : $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp']);
        inserttable('visitor', $setarr, 0, true);
        show_credit();
        //ᄒᄎ틔ᅤᅤᅢ
    } else {
        if ($_SGLOBAL['timestamp'] - $visitor['dateline'] >= 300) {
            updatetable('visitor', array('dateline' => $_SGLOBAL['timestamp'], 'vusername' => $is_anonymous ? '' : $_SGLOBAL['supe_username']), array('uid' => $space['uid'], 'vuid' => $_SGLOBAL['supe_uid']));
        }
        if ($_SGLOBAL['timestamp'] - $visitor['dateline'] >= 3600) {
            show_credit();
            //1￐겨ᄆᄎ￳ᄒᄎ틔ᅤᅤᅢ
        }
    }
    //ᄑᄆ￀￸애﾿ᅪ
    getreward('visit', 1, 0, $space['uid']);
}
//ᄎ↓ᄚᄉ￀ᄒ￟
$space['magiccredit'] = 0;
if ($_SGLOBAL['magic']['gift'] && $_SGLOBAL['supe_uid']) {
    $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('magicuselog') . " WHERE uid='{$space['uid']}' AND mid='gift' LIMIT 1");
    if ($value = $_SGLOBAL['db']->fetch_array($query)) {
        $data = empty($value['data']) ? array() : unserialize($value['data']);
        if ($data['left'] <= 0) {
            $_SGLOBAL['db']->query('DELETE FROM ' . tname('magicuselog') . " WHERE uid = '{$space['uid']}' AND mid = 'gift'");
        }
        if (!$data['receiver'] || !in_array($_SGLOBAL['supe_uid'], $data['receiver'])) {
            $space['magiccredit'] = $data['left'] >= $data['chunk'] ? $data['chunk'] : $data['left'];
        }
    }
}
Пример #23
0
            $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('spaceitems') . ' i, ' . tname('spacenews') . ' t WHERE ' . $wheresql . ' LIMIT ' . $start . ',' . $perpage);
            while ($item = $_SGLOBAL['db']->fetch_array($query)) {
                $item['url'] = geturl('action/viewnews/itemid/' . $item['itemid']);
                $iarr[] = $item;
            }
            $multipage = multi($listcount, $perpage, $page, S_URL . '/batch.search.php?' . $urlplus);
        } else {
            showmessage('not_find_relevant_data');
        }
    }
}
if ($iarr) {
    //更新搜索时间
    $_SGLOBAL['db']->query('UPDATE ' . tname('members') . ' SET lastsearchtime=\'' . $_SGLOBAL['timestamp'] . '\' WHERE uid=\'' . $_SGLOBAL['supe_uid'] . '\'');
    //积分、经验
    if (!getreward('seach')) {
        showmessage('credit_not_enough');
    }
}
//搜索界面显示
$title = $blang['search'] . ' - ' . $_SCONFIG['sitename'];
//频道
$channels = getchannels();
include_once template('site_search');
function checkkey($str, $ischeck = 0)
{
    $str = stripsearchkey(postget($str));
    if ($ischeck) {
        if (empty($str)) {
            showmessage('keyword_import_inquiry');
        } elseif (strlen($str) < 2) {
Пример #24
0
function IHomeServiceCreateComplain($params = NULL)
{
    global $_SGLOBAL;
    if ($params['uid']) {
        if ($params['uid'] <= 0) {
            $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct. the id must be a positive interger.");
            return json_encode($errorMsg);
        } else {
            $sql = "select name,username from " . tname('space') . " where uid = " . $params['uid'];
            $query = $_SGLOBAL['db']->query($sql);
            if ($row = $_SGLOBAL['db']->fetch_array($query)) {
                if ($row['name']) {
                    $params['uname'] = $row['name'];
                } else {
                    $params['uname'] = $row['username'];
                }
            } else {
                $errorMsg = array("errorNo" => "500", "content" => "the uid is not exist");
                return json_encode($errorMsg);
            }
        }
    } else {
        $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter uid.the uid is not exist or the uid is not a positive interger.");
        return json_encode($errorMsg);
    }
    // 忽略department_id_list
    if (!$params['content']) {
        $errorMsg = array("errorNo" => "4001", "content" => "lack the neccessary parameter message.the message is not exist or the message is empty.");
        return json_encode($errorMsg);
    }
    if ($params['device'] && !in_array($params['device'], array('web', 'wechat', 'mobile'))) {
        $errorMsg = array("errorNo" => "4002", "content" => "the format of parameter is not correct. the parameter device is out of range.");
        return json_encode($errorMsg);
    }
    $UserIds = array();
    $mood = 0;
    $params['status'] = 'init';
    $params['reply_count'] = 0;
    $params['timestamp'] = time();
    $params['department_list'] = array();
    $params['operation_list'] = array();
    $params['reply_list'] = array();
    preg_match("/\\[em\\:(\\d+)\\:\\]/s", $params['content'], $ms);
    $mood = empty($ms[1]) ? 0 : intval($ms[1]);
    $message = rawurldecode(getstr($params['content'], 1000, 1, 1, 1, 2));
    preg_match_all("/[@](.*)[(]([\\d]+)[)]\\s*/U", $message, $matches, PREG_SET_ORDER);
    # 加上链接
    foreach ($matches as $value) {
        $TmpString = $value[0];
        $TmpName = $value[1];
        $UserId = $value[2];
        $result = $_SGLOBAL['db']->query("select uid,username,name from " . tname('space') . " where uid={$UserId}");
        if ($rs = $_SGLOBAL['db']->fetch_array($result)) {
            $realname = $rs['name'];
            if (empty($realname)) {
                $realname = $rs['username'];
            }
            $params['department_list'][intval($UserId)] = $realname;
            $ValidValue = getAtName($TmpString, $TmpName, $realname);
            $ValidValue = trim($ValidValue);
            $at_friend = "space.php?uid=" . $UserId;
            if ($ValidValue != false) {
                $message = str_replace($ValidValue, "<a href={$at_friend}>@" . $realname . "</a> ", $message);
                if (!in_array($UserId, $UserIds)) {
                    $UserIds[] = $UserId;
                }
            }
        }
    }
    $message = preg_replace("/\\[em:(\\d+):]/is", "<img src=\"image/face/\\1.gif\" class=\"face\">", $message);
    $message = preg_replace("/\\<br.*?\\>/is", ' ', $message);
    $params['content'] = $message;
    $setarr = array('uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'from' => $params['uid'], 'message' => $message, 'mood' => $mood, 'ip' => getonlineip(), 'fromdevice' => 'web');
    if ($params['device']) {
        $setarr['fromdevice'] = $params['device'];
    }
    if ($params['ip']) {
        $setarr['ip'] = $params['ip'];
    }
    $newdoid = inserttable('doing', $setarr, 1);
    @(include_once S_ROOT . './data/data_creditrule.php');
    $isComplain = TRUE;
    /*if($isComplain && ($_SGLOBAL['member']['credit'] < $_SGLOBAL['creditrule']['complain']['credit'])){ # 如果积分不够
          $isComplain = FALSE;
          $note = cplang('note_complain_credit_failed', array("space.php?do=doing&doid=$newdoid"));
          notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note);
          $complain_msg = 'note_complain_credit_failed';
      }*/
    # 这部分可能会出错
    foreach ($UserIds as $UserId) {
        if ($isComplain) {
            $UserDept = isDepartment($UserId, 1);
            if ($UserDept) {
                $nowtime = time();
                $complain = array('doid' => $newdoid, 'uid' => $params['uid'], 'uname' => $params['uname'], 'atdepartment' => $UserDept['department'], 'atdeptuid' => $UserId, 'from' => $params['uid'], 'atuid' => $UserId, 'atuname' => $UserDept['department'], 'isreply' => 0, 'addtime' => $nowtime, 'dateline' => $nowtime, 'expire' => 0, 'times' => 1, 'issendmsg' => 0, 'message' => $message, 'datatime' => date("Ymd", $nowtime));
                inserttable('complain', $complain, 0);
                $note = cplang('note_complain_buchu', array("space.php?do=complain_item&doid={$newdoid}", date('Y-m-d H:i', $nowtime + 3600 * 24)));
                notification_complain_add($UserId, 'complain', $note);
                $complainOK = TRUE;
            } else {
                $note = cplang('note_doing_at', array("space.php?do=doing&doid={$newdoid}"));
                notification_add($UserId, 'atyou', $note);
            }
        }
    }
    if ($complainOK) {
        $note = cplang('note_complain_user_success', array("space.php?do=complain_item&doid={$newdoid}"));
        notification_complain_add($params['uid'], 'complain', $note);
        $complain_msg = 'note_complain_user_success';
        getreward('complain', 1, $params['uid']);
    }
    if (!$complainOK && $isComplain) {
        if ($UserId == '0000') {
            //系统管理员 虽然并没有什么用
            $note = cplang("您好,您的诉求已发送成功。谢谢您对ihome社区的大力支持!", array("space.php?do=doing&doid={$newdoid}"));
            notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note);
        } else {
            $note = cplang('note_complain_user_failed', array("space.php?do=doing&doid={$newdoid}"));
            notification_complain_add($_SGLOBAL['supe_uid'], 'complain', $note);
            $complain_msg = 'note_complain_user_failed';
        }
    }
    $feedarr = array('appid' => UC_APPID, 'icon' => 'doing', 'uid' => $params['uid'], 'username' => $params['uname'], 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('feed_doing_title'), 'title_data' => saddslashes(serialize(sstripslashes(array('message' => $message)))), 'body_template' => '', 'body_data' => '', 'id' => $newdoid, 'idtype' => 'doid', 'fromdevice' => 'web', 'ip' => getonlineip());
    if ($params['device']) {
        $feedarr['fromdevice'] = $params['device'];
    }
    if ($params['ip']) {
        $feedarr['ip'] = $params['ip'];
    }
    $feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']);
    //ϲºÃhash
    $feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']);
    //ºÏ²¢hash
    $feedid = inserttable('feed', $feedarr, 1);
    updatestat('doing');
    $setarr = array('note' => $message);
    $reward = getreward('doing', 0);
    updatetable('spacefield', $setarr, array('uid' => $params['uid']));
    return json_encode($params);
}
Пример #25
0
 //Determine whether operating too fast
 if ($poll['credit'] && $poll['percredit'] && $poll['uid'] != $_SGLOBAL['supe_uid']) {
     if ($poll['credit'] <= $poll['percredit']) {
         $poll['percredit'] = $poll['credit'];
         $sql = ',percredit=0';
     }
     $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET credit=credit+{$poll['percredit']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
 } else {
     $poll['percredit'] = 0;
 }
 $_SGLOBAL['db']->query("UPDATE " . tname('poll') . " SET voternum=voternum+1, lastvote='{$_SGLOBAL['timestamp']}', credit=credit-{$poll['percredit']} {$sql} WHERE pid='{$pid}'");
 // real name
 realname_get();
 if ($poll['uid'] != $_SGLOBAL['supe_uid']) {
     //Reward points
     getreward('joinpoll', 1, 0, $pid);
 }
 // hot value
 if ($poll['uid'] != $_SGLOBAL['supe_uid']) {
     hot_update('pid', $poll['pid'], $poll['hotuser']);
 }
 //Statistics
 updatestat('pollvote');
 // event feed
 if (!isset($_POST['anonymous']) && $_SGLOBAL['supe_uid'] != $poll['uid'] && ckprivacy('joinpoll', 1)) {
     $fs = array();
     $fs['icon'] = 'poll';
     $fs['images'] = $fs['image_links'] = array();
     $fs['title_template'] = cplang('take_part_in_the_voting');
     $fs['title_data'] = array('touser' => "<a href=\"space.php?uid={$poll['uid']}\">" . $_SN[$poll['uid']] . "</a>", 'url' => "space.php?uid={$poll['uid']}&do=poll&pid={$pid}", 'subject' => $poll['subject'], 'reward' => $poll['percredit'] ? cplang('reward') : '');
     $fs['body_template'] = '';
Пример #26
0
 //积分
 if ($tospace['uid'] != $_SGLOBAL['supe_uid']) {
     $needle = $id;
     if ($_POST['idtype'] != 'uid') {
         $needle = $_POST['idtype'] . $id;
     } else {
         $needle = $tospace['uid'];
     }
     //奖励评论发起者
     getreward($action, 1, 0, $needle);
     //奖励被评论者
     if ($becomment) {
         if ($_POST['idtype'] == 'uid') {
             $needle = $_SGLOBAL['supe_uid'];
         }
         getreward($becomment, 1, $tospace['uid'], $needle, 0);
     }
 }
 if ($bwzt) {
     $query = $_SGLOBAL['db']->query("SELECT distinct authorid FROM " . tname('comment') . " WHERE id='{$bwzt['bwztid']}' AND idtype='bwztid' ORDER BY dateline ");
     $uidarr = array();
     while ($value = $_SGLOBAL['db']->fetch_array($query)) {
         if ($value['authorid'] != $space['uid']) {
             $uidarr[] = strval($value['authorid']);
         }
     }
     if (!in_array($tospace['uid'], $uidarr)) {
         $uidarr[] = strval($tospace['uid']);
     }
     $tospace['name'] = empty($tospace['name']) ? $tospace['username'] : $tospace['name'];
     $space['name'] = empty($space['name']) ? $space['username'] : $space['name'];
Пример #27
0
function invite_update($inviteid, $uid, $username, $m_uid, $m_username, $appid=0) {
	global $_SGLOBAL, $_SN;

	if($uid && $uid != $m_uid) {
		$friendstatus = getfriendstatus($uid, $m_uid);
		if($friendstatus < 1) {
			
			friend_update($uid, $username, $m_uid, $m_username, 'invite');
			
			//查找邀请记录
			$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('invite')." WHERE uid='$m_uid' AND fuid='$uid'");
			if($oldinvite = $_SGLOBAL['db']->fetch_array($query)) {
				//已经邀请过
				return false;
			}
			
			//奖励积分
			getreward('invitefriend', 1, $m_uid, '', 0);

			//feed
			$_SGLOBAL['supe_uid'] = $m_uid;
			$_SGLOBAL['supe_username'] = $m_username;

			//实名
			realname_set($uid, $username);
			realname_get();

			if(ckprivacy('invite', 1)) {
				$title_template = cplang('feed_invite');
				$tite_data = array('username'=>'<a href="space.php?uid='.$uid.'">'.stripslashes($_SN[$uid]).'</a>');
				feed_add('friend', $title_template, $tite_data);
			}

			//通知
			$_SGLOBAL['supe_uid'] = $uid;
			$_SGLOBAL['supe_username'] = $username;
			notification_add($m_uid, 'friend', cplang('note_invite'));

			//更新邀请
			$setarr = array('fuid'=>$uid, 'fusername'=>$username, 'appid'=>$appid);
			if($inviteid) {
				updatetable('invite', $setarr, array('id'=>$inviteid));
			} else {
				$setarr['uid'] = $m_uid;
				inserttable('invite', $setarr, 0, true);//插入邀请记录
			}
		}
	}
}
Пример #28
0
if (!defined('IN_UCHOME')) {
    exit('Access Denied');
}
$op = $_REQUEST['op'] ? trim($_REQUEST['op']) : '';
if ($_SGLOBAL['supe_uid']) {
    capi_showmessage_by_data('do_success', 0);
}
//没有登录表单
$_SGLOBAL['nologinform'] = 1;
//好友邀请
$uid = empty($_REQUEST['uid']) ? 0 : intval($_REQUEST['uid']);
$code = empty($_REQUEST['code']) ? '' : $_REQUEST['code'];
$app = empty($_REQUEST['app']) ? '' : intval($_REQUEST['app']);
$invite = empty($_REQUEST['invite']) ? '' : $_REQUEST['invite'];
$invitearr = array();
$invitepay = getreward('invitecode', 0);
$pay = $app ? 0 : $invitepay['credit'];
if ($uid && $code && !$pay) {
    $m_space = getspace($uid);
    if ($code == space_key($m_space, $app)) {
        //验证通过
        $invitearr['uid'] = $uid;
        $invitearr['username'] = $m_space['username'];
    }
    $url_plus = "uid={$uid}&app={$app}&code={$code}";
} elseif ($uid && $invite) {
    include_once S_ROOT . './source/function_cp.php';
    $invitearr = invite_get($uid, $invite);
    $url_plus = "uid={$uid}&invite={$invite}";
}
$jumpurl = $app ? "userapp.php?id={$app}&my_extra=invitedby_bi_{$uid}_{$code}&my_suffix=Lw%3D%3D" : 'space.php?do=home';
Пример #29
0
                capi_showmessage_by_data('do_success', 0, array('avatar_url' => avatar($space['uid'], 'middle', TRUE)));
            }
        }
    }
    capi_showmessage_by_data('non_normal_operation');
}
//头像
include_once S_ROOT . './uc_client/client.php';
$uc_avatar = capi_uc_avatar($_SGLOBAL['supe_uid'], empty($_SCONFIG['avatarreal']) ? 'virtual' : 'real');
//判断用户是否设置了头像
$setarr = array();
$avatar_exists = ckavatar($space['uid']);
if ($avatar_exists) {
    if (!$space['avatar']) {
        //奖励积分
        $reward = getreward('setavatar', 0);
        if ($reward['credit']) {
            $setarr['credit'] = "credit=credit+{$reward['credit']}";
        }
        if ($reward['experience']) {
            $setarr['experience'] = "experience=experience+{$reward['experience']}";
        }
        $setarr['avatar'] = 'avatar=1';
        $setarr['updatetime'] = "updatetime={$_SGLOBAL['timestamp']}";
    }
} else {
    if ($space['avatar']) {
        $setarr['avatar'] = 'avatar=0';
    }
}
if ($setarr) {
Пример #30
0
function blog_post($POST, $olds = array())
{
    global $_SGLOBAL, $_SC, $space;
    //�����߽�ɫ�л�
    $isself = 1;
    if (!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
        $isself = 0;
        $__SGLOBAL = $_SGLOBAL;
        $_SGLOBAL['supe_uid'] = $olds['uid'];
        $_SGLOBAL['supe_username'] = addslashes($olds['username']);
    }
    //����
    $POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
    if (strlen($POST['subject']) < 1) {
        $POST['subject'] = sgmdate('Y-m-d');
    }
    $POST['friend'] = intval($POST['friend']);
    //��˽
    $POST['target_ids'] = '';
    if ($POST['friend'] == 2) {
        //�ض�����
        $uids = array();
        $names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
        if ($names) {
            $query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
            while ($value = $_SGLOBAL['db']->fetch_array($query)) {
                $uids[] = $value['uid'];
            }
        }
        if (empty($uids)) {
            $POST['friend'] = 3;
            //���Լ��ɼ�
        } else {
            $POST['target_ids'] = implode(',', $uids);
        }
    } elseif ($POST['friend'] == 4) {
        //����
        $POST['password'] = trim($POST['password']);
        if ($POST['password'] == '') {
            $POST['friend'] = 0;
        }
        //����
    }
    if ($POST['friend'] !== 2) {
        $POST['target_ids'] = '';
    }
    if ($POST['friend'] !== 4) {
        $POST['password'] == '';
    }
    $POST['tag'] = shtmlspecialchars(trim($POST['tag']));
    $POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
    //�������
    //����
    if ($_SGLOBAL['mobile']) {
        $POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
    } else {
        $POST['message'] = checkhtml($POST['message']);
        $POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
        $POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
    }
    $message = $POST['message'];
    //���˷���
    if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
        if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
            //������
            $classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
            $classname = getstr($classname, 0, 1, 1, 1);
            if (empty($classname)) {
                $classid = 0;
            } else {
                $classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid');
                if (empty($classid)) {
                    $setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
                    $classid = inserttable('class', $setarr, 1);
                }
            }
        } else {
            $classid = intval($POST['classid']);
        }
    } else {
        $classid = $olds['classid'];
    }
    if ($classid && empty($classname)) {
        //�Ƿ����Լ���
        $classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname');
        if (empty($classname)) {
            $classid = 0;
        }
    }
    //����
    $blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
    //����ͼƬ
    $titlepic = '';
    //��ȡ�ϴ���ͼƬ
    $uploads = array();
    if (!empty($POST['picids'])) {
        $picids = array_keys($POST['picids']);
        $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
        while ($value = $_SGLOBAL['db']->fetch_array($query)) {
            if (empty($titlepic) && $value['thumb']) {
                $titlepic = $value['filepath'] . '.thumb.jpg';
                $blogarr['picflag'] = $value['remote'] ? 2 : 1;
            }
            $uploads[$POST['picids'][$value['picid']]] = $value;
        }
        if (empty($titlepic) && $value) {
            $titlepic = $value['filepath'];
            $blogarr['picflag'] = $value['remote'] ? 2 : 1;
        }
    }
    //��������
    if ($uploads) {
        preg_match_all("/\\<img\\s.*?\\_uchome\\_localimg\\_([0-9]+).+?src\\=\"(.+?)\"/i", $message, $mathes);
        if (!empty($mathes[1])) {
            $searchs = $idsearchs = array();
            $replaces = array();
            foreach ($mathes[1] as $key => $value) {
                if (!empty($mathes[2][$key]) && !empty($uploads[$value])) {
                    $searchs[] = $mathes[2][$key];
                    $idsearchs[] = "_uchome_localimg_{$value}";
                    $replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
                    unset($uploads[$value]);
                }
            }
            if ($searchs) {
                $message = str_replace($searchs, $replaces, $message);
                $message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
            }
        }
        //�������
        foreach ($uploads as $value) {
            $picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
            $message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>";
        }
    }
    //û����д�κζ���
    $ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\&nbsp\\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
    if (empty($ckmessage)) {
        return false;
    }
    //���slashes
    $message = addslashes($message);
    //�������ж�ȡͼƬ
    if (empty($titlepic)) {
        $titlepic = getmessagepic($message);
        $blogarr['picflag'] = 0;
    }
    $blogarr['pic'] = $titlepic;
    //�ȶ�
    if (checkperm('manageblog')) {
        $blogarr['hot'] = intval($POST['hot']);
    }
    //����
    if ($_POST['attachid'] && $_POST['attachpath'] && $_POST['attachname'] && $_POST['attachsize']) {
        $blogarr['attachid'] = $_POST['attachid'];
        $blogarr['attachpath'] = $_POST['attachpath'];
        $blogarr['attachname'] = $_POST['attachname'];
        $blogarr['attachsize'] = $_POST['attachsize'];
    }
    if ($olds['blogid']) {
        //����
        $blogid = $olds['blogid'];
        updatetable('blog', $blogarr, array('blogid' => $blogid));
        $fuids = array();
        $blogarr['uid'] = $olds['uid'];
        $blogarr['username'] = $olds['username'];
    } else {
        //��������
        $blogarr['topicid'] = topic_check($POST['topicid'], 'blog');
        $blogarr['uid'] = $_SGLOBAL['supe_uid'];
        $blogarr['username'] = $_SGLOBAL['supe_username'];
        $blogarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline'];
        $blogid = inserttable('blog', $blogarr, 1);
    }
    $blogarr['blogid'] = $blogid;
    //����
    $fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']);
    //TAG
    $oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag'])));
    $tagarr = array();
    if ($POST['tag'] != $oldtagstr) {
        if (!empty($olds['tag'])) {
            //�Ȱ���ǰ�ĸ������
            $oldtags = array();
            $query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
            while ($value = $_SGLOBAL['db']->fetch_array($query)) {
                $oldtags[] = $value['tagid'];
            }
            if ($oldtags) {
                $_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET blognum=blognum-1 WHERE tagid IN (" . simplode($oldtags) . ")");
                $_SGLOBAL['db']->query("DELETE FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
            }
        }
        $tagarr = tag_batch($blogid, $POST['tag']);
        //���¸����е�tag
        $fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr));
    }
    if ($olds) {
        //����
        updatetable('blogfield', $fieldarr, array('blogid' => $blogid));
    } else {
        $fieldarr['blogid'] = $blogid;
        $fieldarr['uid'] = $blogarr['uid'];
        inserttable('blogfield', $fieldarr);
    }
    //�ռ����
    if ($isself) {
        if ($olds) {
            //�ռ����
            $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'");
        } else {
            if (empty($space['blognum'])) {
                $space['blognum'] = getcount('blog', array('uid' => $space['uid']));
                $blognumsql = "blognum=" . $space['blognum'];
            } else {
                $blognumsql = 'blognum=blognum+1';
            }
            //���
            $reward = getreward('publishblog', 0);
            $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$blognumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
            //ͳ��
            updatestat('blog');
        }
    }
    //����feed
    if ($POST['makefeed']) {
        include_once S_ROOT . './source/function_feed.php';
        feed_publish($blogid, 'blogid', $olds ? 0 : 1);
    }
    //����
    if (empty($olds) && $blogarr['topicid']) {
        topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
    }
    //��ɫ�л�
    if (!empty($__SGLOBAL)) {
        $_SGLOBAL = $__SGLOBAL;
    }
    return $blogarr;
}