/** * Add lightbox to videos * * @param mixed $content * @return mixed */ public function add_videos_lightbox_selector($content) { if (Responsive_Lightbox()->options['settings']['videos'] === true) { preg_match_all('/<a(.*?)href=(?:\'|")((?:http|https|)(?::\\/\\/|)(?:www.|)((?:youtu\\.be\\/|youtube\\.com(?:\\/embed\\/|\\/v\\/|\\/watch\\?v=|\\/ytscreeningroom\\?v=|\\/feeds\\/api\\/videos\\/|\\/user\\S*[^\\w\\-\\s]|\\S*[^\\w\\-\\s]))([\\w\\-]{11})[a-z0-9;:@#?&%=+\\/\\$_.-]*)|((?:http|https|)(?::\\/\\/|)(?:www.|)(?:vimeo\\.com\\/[0-9]*(?:.+))))(?:\'|")(.*?)>/i', $content, $links); if (isset($links[0])) { foreach ($links[0] as $id => $link) { if (preg_match('/<a.*?(?:rel|data-rel)=(?:\'|")(.*?)(?:\'|").*?>/', $link, $result) === 1) { if (isset($result[1])) { $new_rels = array(); $rels = explode(' ', $result[1]); if (in_array(Responsive_Lightbox()->options['settings']['selector'], $rels, true)) { foreach ($rels as $no => $rel) { if ($rel !== Responsive_Lightbox()->options['settings']['selector']) { $new_rels[] = $rel; } } $content = str_replace($link, preg_replace('/(?:rel|data-rel)=(?:\'|")(.*?)(?:\'|")/', 'data-rel="' . (!empty($new_rel) ? simplode(' ', $new_rels) . ' ' : '') . Responsive_Lightbox()->options['settings']['selector'] . '-video-' . $id . '"', $link), $content); } else { $content = str_replace($link, preg_replace('/(?:rel|data-rel)=(?:\'|")(.*?)(?:\'|")/', 'data-rel="' . ($result[1] !== '' ? $result[1] . ' ' : '') . Responsive_Lightbox()->options['settings']['selector'] . '-video-' . $id . '"', $link), $content); } } } else { // swipebox video fix if (Responsive_Lightbox()->options['settings']['script'] === 'swipebox' && strpos($links[2][$id], 'vimeo') !== false) { $links[2][$id] = $links[2][$id] . '?width=' . Responsive_Lightbox()->options['configuration']['swipebox']['video_max_width']; } $content = str_replace($link, '<a' . $links[1][$id] . 'href="' . $links[2][$id] . '" data-rel="' . Responsive_Lightbox()->options['settings']['selector'] . '-video-' . $id . '">', $content); } } } } return $content; }
function setFlag($applications, $flag) { global $_SGLOBAL; $flag = ($flag == 'disabled') ? -1 : ($flag == 'default' ? 1 : 0); $appIds = array(); if ($applications && is_array($applications)) { foreach($applications as $application) { $this->refreshApplication($application['appId'], $application['appName'], null, null, null, $flag, null); $appIds[] = $application['appId']; } } if ($flag == -1) { $sql = sprintf('DELETE FROM %s WHERE icon IN (%s)', tname('feed'), simplode($appIds)); $_SGLOBAL['db']->query($sql); $sql = sprintf('DELETE FROM %s WHERE appid IN (%s)', tname('userapp'), simplode($appIds)); $_SGLOBAL['db']->query($sql); $sql = sprintf('DELETE FROM %s WHERE appid IN (%s)', tname('userappfield'), simplode($appIds)); $_SGLOBAL['db']->query($sql); $sql = sprintf('DELETE FROM %s WHERE appid IN (%s)', tname('myinvite'), simplode($appIds)); $_SGLOBAL['db']->query($sql); $sql = sprintf('DELETE FROM %s WHERE type IN (%s)', tname('notification'), simplode($appIds)); $_SGLOBAL['db']->query($sql); } $result = true; return new APIResponse($result); }
function getUpdatedUsers($num) { global $_SGLOBAL; $totalNum = getcount('userlog', ''); $users = array(); if ($totalNum) { $sql = 'SELECT s.*, sf.*, ul.action, ul.uid FROM %s ul LEFT JOIN %s s ON ul.uid = s.uid LEFT JOIN %s sf ON ul.uid = sf.uid ORDER BY ul.dateline LIMIT %d'; $sql = sprintf($sql, tname('userlog'), tname('space'), tname('spacefield'), $num); $query = $_SGLOBAL['db']->query($sql); $uIds = array(); while ($space = $_SGLOBAL['db']->fetch_array($query)) { $user = $this->_space2user($space); $users[] = $user; $uIds[] = $space['uid']; } if ($uIds) { $sql = sprintf('DELETE FROM %s WHERE uid IN (%s)', tname('userlog'), simplode($uIds)); $_SGLOBAL['db']->query($sql); } } $result = array('totalNum' => $totalNum, 'users' => $users); return new APIResponse($result); }
function deletedoings($ids) { global $_SGLOBAL; $_SGLOBAL['db']->query("DELETE FROM " . tname('doing') . " WHERE doid IN (" . simplode($ids) . ")"); //删除评论 $_SGLOBAL['db']->query("DELETE FROM " . tname('docomment') . " WHERE doid IN (" . simplode($ids) . ")"); //删除feed $_SGLOBAL['db']->query("DELETE FROM " . tname('feed') . " WHERE id IN (" . simplode($ids) . ") AND idtype='doid'"); return true; }
function deleteposts($tagid, $pids) { global $_SGLOBAL; //整理 $nums = renum($postnums); foreach ($nums[0] as $pnum) { $_SGLOBAL['db']->query("UPDATE " . tname('thread') . " SET replynum=replynum-{$pnum} WHERE tid IN (" . simplode($tids) . ")"); } //删除 $_SGLOBAL['db']->query("DELETE FROM " . tname('post') . " WHERE pid IN (" . simplode($pids) . ")"); return true; }
function getUpdatedUsers($num) { global $_SGLOBAL; $totalNum = getcount('userlog', ''); $users = array(); if ($totalNum) { $sql = sprintf('SELECT uid, action, type FROM %s ORDER BY dateline LIMIT %d', tname('userlog'), $num); $query = $_SGLOBAL['db']->query($sql); $deletedUsers = $userLogs = $uIds = array(); $undeletedUserIds = array(0 => array(), 1 => array(), 2 => array()); while ($row = $_SGLOBAL['db']->fetch_array($query)) { $uIds[] = $row['uid']; if ($row['action'] == 'delete') { $deletedUsers[] = array('uId' => $row['uid'], 'action' => $row['action']); } else { $undeletedUserIds[$row['type']][] = $row['uid']; } $userLogs[$row['uid']] = $row; } $updatedUsers2 = $updatedUsers3 = array(); // extra updated if ($undeletedUserIds[2]) { $updatedUsers2 = $this->getExtraByUsers($undeletedUserIds[2]); } // basic updated + all updated $uIds3 = array_merge($undeletedUserIds[0], $undeletedUserIds[1]); $updatedUsers3 = $this->getUsers($uIds3, false, true, true, false); $updatedUsers = array_merge($updatedUsers2, $updatedUsers3); foreach ($updatedUsers as $k => $v) { $updatedUsers[$k]['action'] = $userLogs[$v['uId']]['action']; switch ($userLogs[$v['uId']]['type']) { case 2: $updatedUsers[$k]['updateType'] = 'extra'; break; case 1: $updatedUsers[$k]['updateType'] = 'basic'; break; case 0: default: $updatedUsers[$k]['updateType'] = 'all'; } } $users = array_merge($updatedUsers, $deletedUsers); if ($uIds) { $sql = sprintf('DELETE FROM %s WHERE uid IN (%s)', tname('userlog'), simplode($uIds)); $_SGLOBAL['db']->query($sql); } } $result = array('totalNum' => $totalNum, 'users' => $users); return new APIResponse($result); }
function posttag($tagnamestr) { global $_SGLOBAL, $lang; $tagarr = array('existsname' => array(), 'nonename' => array(), 'closename' => array(), 'existsid' => array()); if (empty($tagnamestr)) { return $tagarr; } $tagnamearr = array(); $valuearr = explode(' ', str_replace(',', ' ', shtmlspecialchars($tagnamestr))); foreach ($valuearr as $value) { if (count($tagnamearr) > 10) { break; } $value = posttagcheck($value); if ($value) { $tagnamearr[md5($value)] = $value; } } if (empty($tagnamearr)) { return $tagarr; } $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('tags') . ' WHERE tagname IN (' . simplode($tagnamearr) . ')'); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $tagarr['existsid'][] = $value['tagid']; $tagarr['existsname'][] = $value['tagname']; if ($value['close']) { $tagarr['closename'][] = $value['tagname']; } } if (!empty($tagarr['existsname'])) { foreach ($tagnamearr as $value) { if (!in_array($value, $tagarr['existsname'])) { $tagarr['nonename'][] = $value; } } } else { $tagarr['nonename'] = $tagnamearr; } if (!empty($tagarr['closename'])) { showmessage($lang['not_allowed_to_belong_to_the_following_tag'] . ':<p>' . implode(',', $tagarr['closename']) . '</p>'); } return $tagarr; }
function deleteblogs($blogids) { global $_SGLOBAL; //获取博客信息 $spaces = $blogs = $newblogids = array(); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('blog') . " WHERE blogid IN (" . simplode($blogids) . ")"); $value = $_SGLOBAL['db']->fetch_array($query); //数据删除 $_SGLOBAL['db']->query("DELETE FROM " . tname('blog') . " WHERE blogid IN (" . simplode($blogids) . ")"); $_SGLOBAL['db']->query("DELETE FROM " . tname('blogfield') . " WHERE blogid IN (" . simplode($blogids) . ")"); //评论 $_SGLOBAL['db']->query("DELETE FROM " . tname('comment') . " WHERE id IN (" . simplode($blogids) . ") AND idtype='blogid'"); //删除举报 $_SGLOBAL['db']->query("DELETE FROM " . tname('report') . " WHERE id IN (" . simplode($blogids) . ") AND idtype='blogid'"); //删除feed $_SGLOBAL['db']->query("DELETE FROM " . tname('feed') . " WHERE id IN (" . simplode($blogids) . ") AND idtype='blogid'"); //删除脚印 $_SGLOBAL['db']->query("DELETE FROM " . tname('clickuser') . " WHERE id IN (" . simplode($blogids) . ") AND idtype='blogid'"); return true; }
$sql .= ' AND status IN (2,3,4)'; $theurl .= "&type=join"; } $query = $_SGLOBAL['db']->query($sql); $count = $_SGLOBAL['db']->num_rows($query); if($count) { $sql .= " ORDER BY eventid DESC LIMIT $start, $perpage"; $query = $_SGLOBAL['db']->query($sql); $ids = array(); while($value = $_SGLOBAL['db']->fetch_array($query)) { $ids[] = $value['eventid']; } $fromsql = tname('event').' e'; $joinsql = 'LEFT JOIN '.tname('userevent').' ue ON e.eventid = ue.eventid'; $wherearr[] = 'e.eventid IN ('.simplode($ids).')'; $orderby = " e.eventid DESC"; $sql = "SELECT e.*, ue.uid as fuid, ue.username as fusername, ue.status FROM $fromsql $joinsql WHERE ".implode(" AND ", $wherearr); } $needquery = false; } elseif($view == "me") { $fromsql = tname("userevent")." ue"; $joinsql = "LEFT JOIN ".tname('event')." e ON e.eventid=ue.eventid"; $orderby = "ue.dateline DESC"; if($view=="friend" && $space['feedfriend']) { $wherearr[] = "ue.uid IN ($space[feedfriend])"; } else { $wherearr[] = "ue.uid = '$space[uid]'"; } if($type=="follow") {
function note_apply($sqlarr) { global $_SGLOBAL; $fieldsql = $comma = ''; if(is_array($sqlarr)) { $uids = array(); $valsql = '('; foreach($sqlarr as $key => $value) { $uids[] = $value['uid']; foreach($value as $vkey => $val) { if($key == 0) { $fieldsql .= $comma.$vkey; } $valsql .= $comma.'\''.$val.'\''; $comma = ', '; } if(count($sqlarr)-1 > $key) { $valsql .= '), ('; $comma = ''; } } $valsql .= ')'; $_SGLOBAL['db']->query('insert into '.tname('notification').' ('.$fieldsql.') values '.$valsql); $_SGLOBAL['db']->query("UPDATE ".tname('space')." SET notenum=notenum+1 WHERE uid IN (".simplode($uids).")"); } }
$value['message'] = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT message FROM " . tname('comment') . " WHERE cid='{$n_cid}' "), 0); $value['do'] = $n_do; $value[$n_do . 'id'] = $n_do_id; $value['note'] = strip_tags($value['note']); $value['name'] = empty($value['name']) ? $value['author'] : $value['name']; $value['isnew'] = $value['new']; unset($value['new']); $value['avatar_url'] = avatar($value['authorid'], 'middle', TRUE); $list[] = $value; } //分页 $multi = multi($count, $perpage, $page, "space.php?do={$do}"); } //更新状态为已看 if ($newids) { $_SGLOBAL['db']->query("UPDATE " . tname('notification') . " SET new='0' WHERE id IN (" . simplode($newids) . ")"); //更新未读的 $newcount = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('notification') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND new='1'"), 0); $space['notenum'] = $newcount = intval($newcount); updatetable('space', array('notenum' => $newcount), array('uid' => $_SGLOBAL['supe_uid'])); } $newnum = 0; $space['pmnum'] = $_SGLOBAL['member']['newpm']; foreach (array('notenum', 'pokenum', 'addfriendnum', 'mtaginvitenum', 'eventinvitenum', 'myinvitenum') as $value) { $newnum = $newnum + $space[$value]; } $_SGLOBAL['member']['notenum'] = $space['notenum']; $_SGLOBAL['member']['allnotenum'] = $newnum; realname_get(); } //include_once template("space_notice");
if ($lines) { $fp = fopen(S_ROOT . './data/log/' . $_GET['file'], 'r'); foreach ($lines as $line) { list($l, $o, $n) = explode('-', $line); fseek($fp, $o); $line = $n ? fread($fp, $n) : ''; $loginfo = parselog($line); $loginfo['line'] = $l; $uids[] = $loginfo['uid']; $list[] = $loginfo; } fclose($fp); } } if ($uids) { $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('space') . ' WHERE uid IN (' . simplode($uids) . ')'); while ($value = $_SGLOBAL['db']->fetch_array($query)) { realname_set($value['uid'], $value['username']); } realname_get(); } $multi = multi($count, $perpage, $page, $mpurl); } function parselog($line, $detail = false) { $loginfo = array(); list($tag, $dateline, $type, $ip, $uid, $link, $extra) = explode("\t", $line); $uid = intval($uid); $loginfo = array('ip' => $ip, 'uid' => $uid, 'link' => $link, 'dateline' => $dateline, 'type' => $type); if ($detail) { $m1 = $m2 = array();
function realname_get() { global $_SGLOBAL, $_SCONFIG, $_SN, $space; if (empty($_SGLOBAL['_realname_get']) && $_SCONFIG['realname'] && $_SGLOBAL['select_realname']) { //禁止重复调用 $_SGLOBAL['_realname_get'] = 1; //已经有的 if ($space && isset($_SGLOBAL['select_realname'][$space['uid']])) { unset($_SGLOBAL['select_realname'][$space['uid']]); } if ($_SGLOBAL['member']['uid'] && isset($_SGLOBAL['select_realname'][$_SGLOBAL['member']['uid']])) { unset($_SGLOBAL['select_realname'][$_SGLOBAL['member']['uid']]); } //获得实名 $uids = empty($_SGLOBAL['select_realname']) ? array() : array_keys($_SGLOBAL['select_realname']); if ($uids) { $query = $_SGLOBAL['db']->query("SELECT uid, name, namestatus FROM " . tname('space') . " WHERE uid IN (" . simplode($uids) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { if ($value['name'] && $value['namestatus']) { $_SN[$value['uid']] = $value['name']; } } } } }
function getrelativeitemids($itemid, $typearr = array(), $num = 10) { global $_SGLOBAL; $tagidarr = array(); $query = $_SGLOBAL['db']->query("SELECT tagid FROM " . tname('spacetags') . " WHERE itemid='{$itemid}' and status='1'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $tagidarr[] = $value['tagid']; } if (empty($tagidarr)) { return ''; } $sqlplus = ''; if (!empty($typearr)) { $sqlplus = "AND type IN (" . simplode($typearr) . ") AND status='1'"; } $itemidarr = array(); $query = $_SGLOBAL['db']->query("SELECT itemid FROM " . tname('spacetags') . " WHERE tagid IN (" . simplode($tagidarr) . ") AND itemid<>'{$itemid}' {$sqlplus} ORDER BY itemid DESC LIMIT 0, {$num}"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $itemidarr[] = $value['itemid']; } return implode(',', $itemidarr); }
$wheresql .= " AND catid='{$catid}' "; } if (submitcheck('postsubmit')) { if (!empty($_POST['itemid']) && empty($_SGLOBAL['supe_uid'])) { showmessage('no_permission'); } modelpost($cacheinfo, 0); } elseif (submitcheck('delitemsubmit')) { $itemarr = array(); $tablename = $do == 'pass' ? $nameid . 'items' : 'modelfolders'; $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($tablename) . ' WHERE itemid IN(' . simplode($_POST['item'], ',') . ') AND uid=\'' . $_SGLOBAL['supe_uid'] . '\''); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $itemarr[] = $value['itemid']; } $_SGLOBAL['db']->query('DELETE FROM ' . tname($tablename) . ' WHERE itemid IN(' . simplode($itemarr, ',') . ')'); $_SGLOBAL['db']->query('DELETE FROM ' . tname($tablename) . ' WHERE itemid IN(' . simplode($itemarr, ',') . ')'); showmessage('do_success', 'cp.php?ac=models&op=list&do=' . $do . '&nameid=' . $nameid); } if ($itemid) { if ($do == 'pass') { $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($cacheinfo['models']['modelname'] . 'items') . ' LEFT JOIN ' . tname($cacheinfo['models']['modelname'] . 'message') . " USING (itemid) WHERE itemid='{$itemid}'"); if (!($item = $_SGLOBAL['db']->fetch_array($query))) { showmessage('no_item', 'cp.php?ac=models&op=list&nameid=' . $nameid); } $item['subject'] = shtmlspecialchars($item['subject']); $item['message'] = jsstrip($item['message']); } else { $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('modelfolders') . " WHERE mid='" . $cacheinfo['models']['mid'] . "' AND itemid='{$itemid}'"); if (!($item = $_SGLOBAL['db']->fetch_array($query))) { showmessage('no_item', 'cp.php?ac=models&op=list&nameid=' . $nameid); }
function tag_batch($blogid, $tags) { global $_SGLOBAL; $tagarr = array(); $tagnames = empty($tags)?array():array_unique(explode(' ', $tags)); if(empty($tagnames)) return $tagarr; $vtags = array(); $query = $_SGLOBAL['db']->query("SELECT tagid, tagname, close FROM ".tname('tag')." WHERE tagname IN (".simplode($tagnames).")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $value['tagname'] = addslashes($value['tagname']); $vkey = md5($value['tagname']); $vtags[$vkey] = $value; } $updatetagids = array(); foreach ($tagnames as $tagname) { if(!preg_match('/^([\x7f-\xff_-]|\w){3,20}$/', $tagname)) continue; $vkey = md5($tagname); if(empty($vtags[$vkey])) { $setarr = array( 'tagname' => $tagname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp'], 'blognum' => 1 ); $tagid = inserttable('tag', $setarr, 1); $tagarr[$tagid] = $tagname; } else { if(empty($vtags[$vkey]['close'])) { $tagid = $vtags[$vkey]['tagid']; $updatetagids[] = $tagid; $tagarr[$tagid] = $tagname; } } } if($updatetagids) $_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum+1 WHERE tagid IN (".simplode($updatetagids).")"); $tagids = array_keys($tagarr); $inserts = array(); foreach ($tagids as $tagid) { $inserts[] = "('$tagid','$blogid')"; } if($inserts) $_SGLOBAL['db']->query("REPLACE INTO ".tname('tagblog')." (tagid,blogid) VALUES ".implode(',', $inserts)); return $tagarr; }
$Id: admincp_tag.php 12568 2009-07-08 07:38:01Z zhengqingpeng $ */ if (!defined('IN_UCHOME') || !defined('IN_ADMINCP')) { exit('Access Denied'); } // Check Permissions if (!checkperm('managetag')) { cpmessage('no_authority_management_operation'); } if (submitcheck('opsubmit')) { // Verify permissions for batch operations $allowmanage = checkperm('managetag'); $managebatch = checkperm('managebatch'); $newids = array(); $opnum = 0; $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('tag') . " WHERE tagid IN (" . simplode($_POST['ids']) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { if ($allowmanage || $value['uid'] == $_SGLOBAL['supe_uid']) { $newids[] = $value['tagid']; if (!$managebatch && $value['uid'] != $_SGLOBAL['supe_uid']) { $opnum++; } } } if (!$managebatch && $opnum > 1) { cpmessage('choose_to_delete_the_tag', $_POST['mpurl']); } $_POST['ids'] = $newids; if ($_POST['optype'] == 'delete') { include_once S_ROOT . './source/function_delete.php'; if (!empty($_POST['ids']) && deletetags($_POST['ids'])) {
function verify_eventmembers($uids, $status) { global $_SGLOBAL, $event; if ($_SGLOBAL['supe_userevent']['status'] < 3) { showmessage('no_privilege_manage_event_members'); } $eventid = $_SGLOBAL['supe_userevent']['eventid']; if ($eventid != $event['eventid']) { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid='{$eventid}'"); $event = $_SGLOBAL['db']->fetch_array($query); } $status = intval($status); if ($status < -1 || $status > 3) { showmessage("bad_userevent_status"); // Please select the correct status of the event Members } if ($event['verify'] == 0 && $status == 0) { showmessage("event_not_set_verify"); } if ($status == 3 && $_SGLOBAL['supe_uid'] != $event['uid']) { showmessage("only_creator_can_set_admin"); // Only Founder can set the administrator } $newids = $actions = $userevents = array(); $num = 0; // changing Event Member Number $query = $_SGLOBAL['db']->query("SELECT ue.*, sf.* FROM " . tname("userevent") . " ue LEFT JOIN " . tname("spacefield") . " sf ON ue.uid=sf.uid WHERE ue.uid IN (" . simplode($uids) . ") AND ue.eventid='{$eventid}'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { if ($value['status'] == $status || $event['uid'] == $value['uid'] || $value['status'] == 1) { // The same status, creator, who does not deal with concerned about continue; } if ($status == 2) { //Set to ordinary member $newids[] = $value['uid']; $userevents[$value['uid']] = $value; if ($value['status'] == 0) { // Join $actions[$value['uid']] = "set_verify"; $num += $value['fellow'] + 1; } elseif ($value['status'] == 3) { // cancel the Organizer status $actions[$value['uid']] = "unset_admin"; } } elseif ($status == 3) { //Set to Organizer $newids[] = $value['uid']; $userevents[$value['uid']] = $value; $actions[$value['uid']] = "set_admin"; if ($value['status'] == 0) { $num += $value['fellow'] + 1; } } elseif ($status == 0) { //Set to Pending $newids[] = $value['uid']; $userevents[$value['uid']] = $value; $actions[$value['uid']] = "unset_verify"; if ($value['status'] >= 2) { $num -= $value['fellow'] + 1; } } elseif ($status == -1) { //Delete Members $newids[] = $value['uid']; $userevents[$value['uid']] = $value; $actions[$value['uid']] = "set_delete"; if ($value['status'] >= 2) { $num -= $value['fellow'] + 1; } } } if (empty($newids)) { return array(); } if ($event['limitnum'] > 0 && $event['membernum'] + $num > $event['limitnum']) { // Event Number of members is over showmessage("event_will_full"); } $note_inserts = $note_ids = $feed_inserts = array(); $feedarr = array('appid' => UC_APPID, 'icon' => 'event', 'uid' => '', 'username' => '', 'dateline' => $_SGLOBAL['timestamp'], 'title_template' => cplang('event_join'), 'title_data' => array('title' => $event['title'], "eventid" => $event['eventid'], "uid" => $event['uid'], "username" => $event['username']), 'body_template' => '', 'body_data' => array(), 'body_general' => '', 'image_1' => '', 'image_1_link' => '', 'image_2' => '', 'image_2_link' => '', 'image_3' => '', 'image_3_link' => '', 'image_4' => '', 'image_4_link' => '', 'target_ids' => '', 'friend' => ''); $feedarr = sstripslashes($feedarr); //Remove escape chars $feedarr['title_data'] = serialize(sstripslashes($feedarr['title_data'])); //Serialize $feedarr['body_data'] = serialize(sstripslashes($feedarr['body_data'])); //Serialize $feedarr['hash_template'] = md5($feedarr['title_template'] . "\t" . $feedarr['body_template']); //Like hash $feedarr['hash_data'] = md5($feedarr['title_template'] . "\t" . $feedarr['title_data'] . "\t" . $feedarr['body_template'] . "\t" . $feedarr['body_data']); //Merged hash $feedarr = saddslashes($feedarr); //Add slashes foreach ($newids as $id) { if ($status > 1 && $userevents[$id]['status'] == 0) { // Approved to participate in the Event, participate in activities publish to feed $feedarr['uid'] = $userevents[$id]['uid']; $feedarr['username'] = $userevents[$id]['username']; $feed_inserts[] = "('{$feedarr['appid']}', 'event', '{$feedarr['uid']}', '{$feedarr['username']}', '{$feedarr['dateline']}', '0', '{$feedarr['hash_template']}', '{$feedarr['hash_data']}', '{$feedarr['title_template']}', '{$feedarr['title_data']}', '{$feedarr['body_template']}', '{$feedarr['body_data']}', '{$feedarr['body_general']}', '{$feedarr['image_1']}', '{$feedarr['image_1_link']}', '{$feedarr['image_2']}', '{$feedarr['image_2_link']}', '{$feedarr['image_3']}', '{$feedarr['image_3_link']}', '{$feedarr['image_4']}', '{$feedarr['image_4_link']}')"; } $userevents[$id]['privacy'] = empty($userevents[$id]['privacy']) ? array() : unserialize($userevents[$id]['privacy']); $filter = empty($userevents[$id]['privacy']['filter_note']) ? array() : array_keys($userevents[$id]['privacy']['filter_note']); if (cknote_uid(array("type" => "eventmemberstatus", "authorid" => $_SGLOBAL['supe_uid']), $filter)) { $note_ids[] = $id; $note_msg = cplang('eventmember_' . $actions[$id], array("space.php?do=event&id=" . $event['eventid'], $event['title'])); $note_inserts[] = "('{$id}', 'eventmemberstatus', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')"; } } if ($note_ids) { $_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts)); $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")"); } if ($feed_inserts) { $_SGLOBAL['db']->query("INSERT INTO " . tname('feed') . " (`appid` ,`icon` ,`uid` ,`username` ,`dateline` ,`friend` ,`hash_template` ,`hash_data` ,`title_template` ,`title_data` ,`body_template` ,`body_data` ,`body_general` ,`image_1` ,`image_1_link` ,`image_2` ,`image_2_link` ,`image_3` ,`image_3_link` ,`image_4` ,`image_4_link`) VALUES " . implode(',', $feed_inserts)); } if ($status == -1) { // Delete $_SGLOBAL['db']->query("DELETE FROM " . tname("userevent") . " WHERE uid IN (" . simplode($newids) . ") AND eventid='{$eventid}'"); } else { // Set status $_SGLOBAL['db']->query("UPDATE " . tname("userevent") . " SET status='{$status}' WHERE uid IN (" . simplode($newids) . ") AND eventid='{$eventid}'"); } // Modify Event Number of members if ($num != 0) { $_SGLOBAL['db']->query("UPDATE " . tname("event") . " SET membernum = membernum + ({$num}) WHERE eventid='{$eventid}'"); } return $newids; }
} if (!empty($_SCONFIG['uc_tagrelated']) && $_SCONFIG['uc_status']) { if (!empty($_SGLOBAL['tagtpl']['limit'])) { include_once S_ROOT . './uc_client/client.php'; $tag_index = mt_rand(0, $tag_count); $bwzt['related'] = uc_tag_get($b_tags[$tag_index], $_SGLOBAL['tagtpl']['limit']); } } else { //自身TAG $tag_bwztids = array(); $query = $_SGLOBAL['db']->query("SELECT DISTINCT bwztid FROM " . tname('tagbwzt') . " WHERE tagid IN (" . simplode($b_tagids) . ") AND bwztid<>'{$bwzt['bwztid']}' ORDER BY bwztid DESC LIMIT 0,10"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $tag_bwztids[] = $value['bwztid']; } if ($tag_bwztids) { $query = $_SGLOBAL['db']->query("SELECT uid,username,subject,bwztid FROM " . tname('bwzt') . " WHERE bwztid IN (" . simplode($tag_bwztids) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { realname_set($value['uid'], $value['username']); //实名 $value['url'] = "space.php?uid={$value['uid']}&do=bwzt&id={$value['bwztid']}"; $bwzt['related'][UC_APPID]['data'][] = $value; } $bwzt['related'][UC_APPID]['type'] = 'UCHOME'; } } if (!empty($bwzt['related']) && is_array($bwzt['related'])) { foreach ($bwzt['related'] as $appid => $values) { if (!empty($values['data']) && $_SGLOBAL['tagtpl']['data'][$appid]['template']) { foreach ($values['data'] as $itemkey => $itemvalue) { if (!empty($itemvalue) && is_array($itemvalue)) { $searchs = $replaces = array();
$wherearr[] = " gid='{$_GET['group']}'"; } $sql = $wherearr ? 'AND' . implode(' AND ', $wherearr) : ''; $count = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('friend') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND status='1' {$sql}"), 0); $fuids = array(); if ($count) { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('friend') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND status='1' {$sql} ORDER BY num DESC, dateline DESC LIMIT {$start},{$perpage}"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { realname_set($value['fuid'], $value['fusername']); $list[] = $value; $fuids[] = $value['fuid']; } } $invitearr = array(); //Already participated in the poll $query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('polluser') . " WHERE uid IN (" . simplode($fuids) . ") AND pid='{$pid}'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $invitearr[$value['uid']] = $value['uid']; } // allready invited foreach ($uidarr as $key => $uid) { $invitearr[$uid] = $uid; } realname_get(); // user groups $groups = getfriendgroup(); $groupselect = array($_GET['group'] => ' selected'); $multi = multi($count, $perpage, $page, "cp.php?ac=poll&op=invite&pid={$poll['pid']}&group={$_GET['group']}&key={$_GET['key']}"); } elseif ($_GET['op'] == 'edithot') { // Permissions if (!checkperm('managepoll')) {
$randuids = sarray_rand($space['friends'], 1); } showmessage('do_success', "space.php?uid=" . array_pop($randuids), 0); } elseif ($op == 'getcfriend') { $fuids = empty($_GET['fuid']) ? array() : explode(',', $_GET['fuid']); $newfuids = array(); foreach ($fuids as $value) { $value = intval($value); if ($value) { $newfuids[$value] = $value; } } //共同的好友 $list = array(); if ($newfuids) { $query = $_SGLOBAL['db']->query("SELECT uid,username,name,namestatus FROM " . tname('space') . " WHERE uid IN (" . simplode($newfuids) . ") LIMIT 0,15"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { realname_set($value['uid'], $value['username'], $value['name'], $value['namestatus']); $list[] = $value; } realname_get(); } } elseif ($op == 'search') { @(include_once S_ROOT . './data/data_profilefield.php'); $fields = empty($_SGLOBAL['profilefield']) ? array() : $_SGLOBAL['profilefield']; if (!empty($_GET['searchsubmit']) || !empty($_GET['searchmode'])) { $_GET['searchsubmit'] = $_GET['searchmode'] = 1; //找人 $wherearr = $fromarr = $uidjoin = array(); $fsql = ''; $fromarr['space'] = tname('space') . ' s';
function deleteinfo($ids) { global $_SGLOBAL; include_once S_ROOT . './source/function_delete.php'; $deltype = array(); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('report') . " WHERE rid IN (" . simplode($ids) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $deltype[$value['idtype']][] = $value['id']; } $gid = getgroupid($_SGLOBAL['member']['credit'], $_SGLOBAL['member']['groupid']); //执行相应的删除操作 foreach ($deltype as $key => $value) { switch ($key) { case 'blog': $_SGLOBAL['usergroup'][$gid]['manageblog'] = 1; deleteblogs($value); break; case 'picid': $_SGLOBAL['usergroup'][$gid]['managealbum'] = 1; deletepics($value); break; case 'album': $_SGLOBAL['usergroup'][$gid]['managealbum'] = 1; deletealbums($value); break; case 'thread': $_SGLOBAL['usergroup'][$gid]['managethread'] = 1; deletethreads(0, $value); break; case 'mtag': $_SGLOBAL['usergroup'][$gid]['managemtag'] = 1; deletemtag($value); break; case 'share': $_SGLOBAL['usergroup'][$gid]['manageshare'] = 1; deleteshares($value); break; case 'space': $_SGLOBAL['usergroup'][$gid]['managespace'] = 1; foreach ($value as $uid) { deletespace($uid); } break; } } }
if (empty($chotnews2[$catid])) { $chotnews2[$catid] = gethotnews2($param['catids']); } if (empty($cnewcomments[$catid])) { $cnewcomments[$catid] = getnewcommnet($param['catids']); } if (empty($cpicnews[$catid])) { $cpicnews[$catid] = getpicnews($thecat['catid']); } if (empty($csubarr[$catid])) { $csubarr[$catid] = getsubarr($thecat['catid']); } $newidarr = array_merge($itemidarr, $newidarr); } } $itemidstr = simplode($newidarr); if ($_GET['do'] == 'updatecontenthtml') { //内容页更新 $query = $_SGLOBAL['db']->query("SELECT si.*, sp.* FROM " . tname('spaceitems') . " si, " . tname('spacenews') . " sp WHERE si.itemid = sp.itemid AND si.itemid IN (" . $itemidstr . ") ORDER BY sp.pageorder"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $row[$value['itemid']][] = $value; } ksort($row); foreach ($row as $itemid => $multi_news) { //如果文章有分页 $newnews = $cnewnews[$multi_news[0]['catid']]; $hotnews = $chotnews[$multi_news[0]['catid']]; $picnews = $cpicnews[$multi_news[0]['catid']]; //静态链接处理 if (!empty($catarr[$multi_news[0]['catid']]['domain'])) { define('S_HTML_URL', $catarr[$multi_news[0]['catid']]['domain']);
if(empty($cids)) exit(); //邮件内容 $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('mailqueue')." WHERE cid IN (".simplode($cids).")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $sublist[$value['cid']][] = $value; } //更新用户最后发送时间 if($touids) { $_SGLOBAL['db']->query("UPDATE ".tname('space')." SET lastsend='$_SGLOBAL[timestamp]' WHERE uid IN (".simplode($touids).")"); } //删除邮件 $_SGLOBAL['db']->query("DELETE FROM ".tname('mailcron')." WHERE cid IN (".simplode($cids).")"); $_SGLOBAL['db']->query("DELETE FROM ".tname('mailqueue')." WHERE cid IN (".simplode($cids).")"); //开始发送 include_once(S_ROOT.'./source/function_sendmail.php'); foreach ($list as $cid => $value) { $mlist = $sublist[$cid]; if($value['email'] && $mlist) { $subject = getstr($mlist[0]['subject'], 80, 0, 0, 0, 0, -1); $message = ''; foreach ($mlist as $subvalue) { if($subvalue['message']) { $message .= "<br><strong>$subvalue[subject]</strong><br>$subvalue[message]<br>"; } else { $message .= $subvalue['subject'].'<br>'; } }
function block_bbsthread($paramarr) { global $_SGLOBAL, $_SGET, $_SCONFIG; dbconnect(1); @(include_once S_ROOT . './data/system/bbsforums.cache.php'); $fidarr = array(); foreach ($_SGLOBAL['bbsforumarr'] as $value) { if (!empty($value['allowshare'])) { $fidarr[] = $value['fid']; } } $fids = simplode($fidarr); if (empty($paramarr['sql'])) { //set sql var $sql = array(); //select $sql['select'] = 'SELECT t.*'; //from $sql['from'] = 'FROM ' . tname('threads', 1) . ' t'; if (!empty($paramarr['showdetail'])) { $sql['select'] .= ', p.message, p.htmlon, p.bbcodeoff, p.smileyoff, p.parseurloff'; $sql['join'] = 'LEFT JOIN ' . tname('posts', 1) . ' p ON p.tid=t.tid AND p.first=1'; } //where $wherearr = array(); if (!empty($paramarr['tid'])) { $paramarr['tid'] = getdotstring($paramarr['tid'], 'int'); if ($paramarr['tid']) { $wherearr[] = 't.tid IN (' . $paramarr['tid'] . ')'; } } else { if (!empty($paramarr['blog'])) { $wherearr[] = 't.blog = 1'; } if (!empty($paramarr['fid'])) { $paramarr['fid'] = getdotstring($paramarr['fid'], 'int'); if ($paramarr['fid']) { $wherearr[] = 't.fid IN (' . $paramarr['fid'] . ')'; } } $wherearr[] = 't.fid IN (' . $fids . ')'; if (!empty($paramarr['typeid'])) { $paramarr['typeid'] = getdotstring($paramarr['typeid'], 'int'); if ($paramarr['typeid']) { $wherearr[] = 't.typeid IN (' . $paramarr['typeid'] . ')'; } } if (!empty($paramarr['authorid'])) { $paramarr['authorid'] = getdotstring($paramarr['authorid'], 'int'); if ($paramarr['authorid']) { $wherearr[] = 't.authorid IN (' . $paramarr['authorid'] . ')'; } } if (!empty($paramarr['digest'])) { $paramarr['digest'] = getdotstring($paramarr['digest'], 'int'); if ($paramarr['digest']) { $wherearr[] = 't.digest IN (' . $paramarr['digest'] . ')'; } } $scopequery = getscopequery('t', 'readperm', $paramarr); if (!empty($scopequery)) { $wherearr[] = $scopequery; } $scopequery = getscopequery('t', 'price', $paramarr); if (!empty($scopequery)) { $wherearr[] = $scopequery; } $scopequery = getscopequery('t', 'views', $paramarr); if (!empty($scopequery)) { $wherearr[] = $scopequery; } $scopequery = getscopequery('t', 'dateline', $paramarr, 1); if (!empty($scopequery)) { $wherearr[] = $scopequery; } $scopequery = getscopequery('t', 'lastpost', $paramarr, 1); if (!empty($scopequery)) { $wherearr[] = $scopequery; } $scopequery = getscopequery('t', 'replies', $paramarr); if (!empty($scopequery)) { $wherearr[] = $scopequery; } $scopequery = getscopequery('t', 'rate', $paramarr); if (!empty($scopequery)) { $wherearr[] = $scopequery; } if (!empty($paramarr['poll'])) { if (B_VER == '5') { $wherearr[] = 't.special = 1'; } elseif (B_VER == '4') { $wherearr[] = 't.poll = 1'; } } if (!empty($paramarr['attachment'])) { $wherearr[] = 't.attachment > 0'; } if (!empty($paramarr['closed'])) { $wherearr[] = 't.closed = 1'; } $wherearr[] = 't.displayorder >= 0'; if (empty($paramarr['sgid'])) { if (B_VER == '5') { $wherearr[] = 't.supe_pushstatus > 0'; //版本5推送 } } } if (!empty($wherearr)) { $sql['where'] = 'WHERE ' . implode(' AND ', $wherearr); } //order if (!empty($paramarr['order'])) { $sql['order'] = 'ORDER BY ' . $paramarr['order']; } //limit if (!empty($paramarr['perpage'])) { $paramarr['perpage'] = intval($paramarr['perpage']); if (empty($paramarr['perpage'])) { $paramarr['perpage'] = 20; } if (empty($_SGET['page'])) { $_SGET['page'] = 1; } $_SGET['page'] = intval($_SGET['page']); if ($_SGET['page'] < 1) { $_SGET['page'] = 1; } $start = ($_SGET['page'] - 1) * $paramarr['perpage']; $sql['limit'] = 'LIMIT ' . $start . ',' . $paramarr['perpage']; } else { if (empty($paramarr['limit'])) { $sql['limit'] = 'LIMIT 0,1'; } else { $paramarr['limit'] = getdotstring($paramarr['limit'], 'int', true, array(), 1, false); if ($paramarr['limit']) { $sql['limit'] = 'LIMIT ' . $paramarr['limit']; } else { $sql['limit'] = 'LIMIT 0,1'; } } } //query $sqlstring = implode(' ', $sql); //multi $listcount = 1; if (!empty($paramarr['perpage'])) { $listcount = $_SGLOBAL['db_bbs']->result($_SGLOBAL['db_bbs']->query('SELECT COUNT(*) FROM ' . tname('threads', 1) . ' t ' . $sql['where']), 0); if ($listcount) { $urlarr = $_SGET; unset($urlarr['page']); $theblockarr['multipage'] = multi($listcount, $paramarr['perpage'], $_SGET['page'], $urlarr, 0); } } } else { $bbsdb = $_SGLOBAL['db_bbs']; include_once S_ROOT . './function/block_sql.func.php'; list($sqlstring, $listcount) = runsql($paramarr, $bbsdb); if (!empty($paramarr['perpage'])) { if ($listcount) { $urlarr = $_SGET; unset($urlarr['page']); $theblockarr['multipage'] = multi($listcount, $paramarr['perpage'], $_SGET['page'], $urlarr, 0); } } } //查询数据 if ($listcount) { //预处理 if (empty($paramarr['subjectdot'])) { $paramarr['subjectdot'] = 0; } if (empty($paramarr['messagedot'])) { $paramarr['messagedot'] = 0; } //查询 $query = $_SGLOBAL['db_bbs']->query($sqlstring); while ($value = $_SGLOBAL['db_bbs']->fetch_array($query)) { //标题处理 $value['subjectall'] = $value['subject']; if (!empty($value['subject']) && !empty($paramarr['subjectlen'])) { $value['subject'] = cutstr($value['subject'], $paramarr['subjectlen'], $paramarr['subjectdot']); } //内容处理 if (!empty($value['message']) && !empty($paramarr['messagelen'])) { $value['message'] = trim(strip_tags(stripbbcode($value['message']))); $value['message'] = trim(cutstr($value['message'], $paramarr['messagelen'], $paramarr['messagedot'])); } //链接 if ($_SCONFIG['bbsurltype'] == 'bbs' || !empty($paramarr['bbsurltype']) && $paramarr['bbsurltype'] == 'bbs') { $value['url'] = B_URL . '/viewthread.php?tid=' . $value['tid']; } else { $value['url'] = geturl('action/viewthread/tid/' . $value['tid']); } $theblockarr[] = $value; } } return $theblockarr; }
function deleteevents($eventids) { global $_SGLOBAL; $allowmanage = checkperm('manageevent'); $managebatch = checkperm('managebatch'); $delnum = 0; $eventarr = $neweventids = $note_ids = $note_inserts = array(); //获取积分 $reward = getreward('delevent', 0); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid IN (" . simplode($eventids) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { if ($allowmanage || $value['uid'] == $_SGLOBAL['supe_uid']) { $eventarr[] = $value; if (!$managebatch && $value['uid'] != $_SGLOBAL['supe_uid']) { $delnum++; } } } if (empty($eventarr) || !$managebatch && $delnum > 1) { return array(); } foreach ($eventarr as $key => $value) { $neweventids[] = $value['eventid']; // [to do: 给活动参加者发通知。操作量太大,所以优先级:低] if ($value['uid'] != $_SGLOBAL['supe_uid']) { if ($allowmanage) { //扣除积分 $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET credit=credit-{$reward['credit']}, experience=experience-{$reward['experience']} WHERE uid='{$value['uid']}'"); } $note_ids[] = $value['uid']; $note_msg = cplang('event_set_delete', array($value['title'])); $note_inserts[] = "('{$value['uid']}', 'event', '1', '{$_SGLOBAL['supe_uid']}', '{$_SGLOBAL['supe_username']}', '" . addslashes($note_msg) . "', '{$_SGLOBAL['timestamp']}')"; } } //数据删除 $_SGLOBAL['db']->query("DELETE FROM " . tname('event') . " WHERE eventid IN (" . simplode($neweventids) . ")"); $_SGLOBAL['db']->query("DELETE FROM " . tname('eventpic') . " WHERE eventid IN (" . simplode($neweventids) . ")"); $_SGLOBAL['db']->query("DELETE FROM " . tname('eventinvite') . " WHERE eventid IN (" . simplode($neweventids) . ")"); //活动用户 $_SGLOBAL['db']->query("DELETE FROM " . tname('userevent') . " WHERE eventid IN (" . simplode($neweventids) . ")"); //评论 $_SGLOBAL['db']->query("DELETE FROM " . tname('comment') . " WHERE id IN (" . simplode($neweventids) . ") AND idtype='eventid'"); $_SGLOBAL['db']->query("DELETE FROM " . tname('feed') . " WHERE id IN (" . simplode($neweventids) . ") AND idtype='eventid'"); //删除举报 $_SGLOBAL['db']->query("DELETE FROM " . tname('report') . " WHERE id IN (" . simplode($neweventids) . ") AND idtype='eventid'"); //发送通知 if ($note_inserts) { $_SGLOBAL['db']->query("INSERT INTO " . tname('notification') . " (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " . implode(',', $note_inserts)); $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET notenum=notenum+1 WHERE uid IN (" . simplode($note_ids) . ")"); } return $eventarr; }
$count = $_SGLOBAL['db']->fetch_array($q); if (!$count['count(*)']) { if (!isblacklist($res['uid']) && $res[uid] != $_SGLOBAL['supe_uid']) { $recommendpublic[] = $res; } } } $reccount = count($recommendpublic); $allflag = 0; if ($reccount <= 2) { $allflag = 1; } //ᅧᅦ워ᅳᅬ $ols = array(); if ($oluids) { $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('session') . " WHERE uid IN (" . simplode($oluids) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { if (!$value['magichidden']) { $ols[$value['uid']] = 1; } elseif ($visitorlist[$value['uid']]) { unset($visitorlist[$value['uid']]); } } } $timerange = $_SGLOBAL['timestamp'] - 25920000; $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('poll') . " WHERE lastvote >= '{$timerange}' ORDER BY voternum DESC LIMIT 3 "); while ($value = $_SGLOBAL['db']->fetch_array($query)) { realname_set($value['uid'], $value['username']); //ʵÃ $hotpoll[] = $value; }
function pkpost($cacheinfo, $cp = 1) { global $_G, $_SGLOBAL, $theurl, $mname, $checkresults; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $mustverify = false; $resultitems = $resultmessage = $updateitem = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($mname == "groupbuy" && preg_match('/^user_|^ext_/', $result['fieldname'])) { continue; } if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_G['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //輸入檢查 $_POST['subject'] = trim(strip_tags($_POST['subject'])); $itemid = $_POST['itemid']; $checkresults = array(); if (bstrlen($_POST['subject']) < 1 || bstrlen($_POST['subject']) > 80) { array_push($checkresults, array('subject' => lang('space_suject_length_error'))); } //數據檢查 checkvalues(array_merge($resultitems, $resultmessage), 1, 1); //商品價格處理 Start if ($modelsinfoarr['modelname'] == 'good') { if ($_POST['minprice'] > 0 && $_POST['maxprice'] > 0 && $_POST['maxprice'] < $_POST['minprice']) { array_push($checkresults, array('maxprice' => lang('maxprice_must_big_then_minprice'))); } } //商品價格處理 End //修改時檢驗標題圖片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //當file刪除時,或修改時執行刪除操作 $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); $hash = getmodelhash($modelsinfoarr['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //構建數據 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $itemgrade = DB::result_first("SELECT grade FROM " . tname($mname . "items") . " WHERE itemid = '{$itemid}'"); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['subjectimage'] = $_POST['subjectimage_value']; } if (empty($_POST['catid']) || $_POST['catid'] < 0) { array_push($checkresults, array('catid' => lang('cat_not_selected'))); } $setsqlarr['catid'] = $_POST['catid']; if ($modelsinfoarr['modelname'] != 'shop') { //限制必填信息所屬店舖 if (pkperm('isadmin')) { if (empty($_POST['shopid'])) { array_push($checkresults, array('shopid' => lang('please_select_shopid'))); } $setsqlarr['shopid'] = intval($_POST['shopid']); } else { $setsqlarr['shopid'] = $_G['myshopid']; } } else { $setsqlarr['letter'] = !empty($_POST['letter']) ? trim($_POST['letter']) : getletter(trim($_POST['subject'])); $setsqlarr['keywords'] = trim(strip_tags($_POST['keywords'])); $setsqlarr['description'] = trim(strip_tags($_POST['description'])); if (!empty($_POST['syncfid'])) { require_once B_ROOT . './api/bbs_syncpost.php'; if (checkbbsfid($_POST['syncfid'])) { $setsqlarr['syncfid'] = intval($_POST['syncfid']); } else { array_push($checkresults, array('syncfid' => lang('syncfid_noexists'))); } } } $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = 1; if (!empty($checkresults)) { cpmsg('addobject_error', '', '', '', true, true, $checkresults); } if (pkperm('isadmin')) { $setsqlarr['grade'] = isset($_POST['grade']) ? $_POST['grade'] : 3; } elseif ($_G['myshopstatus'] == 'verified') { if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy')) && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['grade'] = !empty($itemid) ? 5 : 0; if (!empty($itemid)) { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } } $mustverify = true; } else { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } else { $setsqlarr['grade'] = $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] ? 0 : 3; } } } elseif ($_G['myshopstatus'] == 'unverified') { $setsqlarr['grade'] = 0; } $setsqlarr['dateline'] = $_G['timestamp']; $setsqlarr['uid'] = $_G['uid']; $setsqlarr['username'] = $_G['username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; // 標題圖片處理 Start if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { if ($_GET['action'] == 'add') { $hotline = $_SGLOBAL['panelinfo']['tel']; $address = $_SGLOBAL['panelinfo']['address']; } else { $shopinfo = DB::fetch(DB::query("SELECT tel, address FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'")); $hotline = $shopinfo['tel']; $address = $shopinfo['address']; } $dealer_name = DB::result_first("SELECT subject FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'"); $createimgarr = array('id' => intval($_POST['imgtplid']), 'mid' => intval($modelsinfoarr['mid']), 'itemid' => intval($itemid), 'coupon_title' => $setsqlarr['subject'], 'dealer_id' => $setsqlarr['uid'], 'dealer_name' => $dealer_name, 'begin_date' => date('Y-m-d', $setsqlarr['validity_start']), 'end_date' => date('Y-m-d', $setsqlarr['validity_end']), 'brief' => trim($_POST['message']), 'exception' => trim($_POST['exception']), 'address' => $address, 'hotline' => $hotline, 'subjectimagewidth' => $modelsinfoarr['subjectimagewidth'], 'subjectimageheight' => $modelsinfoarr['subjectimageheight']); require_once B_ROOT . './source/adminfunc/tool.func.php'; if ($consumeimgpath = image_text($createimgarr)) { $setsqlarr['subjectimage'] = $consumeimgpath; $setsqlarr['imagetype'] = 0; $setsqlarr['imgtplid'] = intval($_POST['imgtplid']); } } else { $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => '圖片標題', 'formtype' => 'img')), $modelsinfoarr['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['imagetype'] = 1; } } /* --------- 標題圖片處理 End --------------*/ //詞語過濾 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //發佈時間 $setsqlarr['dateline'] = $_G['timestamp']; // 商品添加簡介 if ($mname == "good") { $setsqlarr['intro'] = trim(strip_tags($_POST['intro'])); } if (empty($itemid)) { //插入數據 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy'))) { itemnumreset($modelsinfoarr['modelname'], $setsqlarr['shopid']); } } else { $_SGLOBAL['itemupdate'] = 1; //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); if ($itemgrade == 1 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 1 && pkperm('isadmin')) { $setsqlarr['grade'] = 1; } elseif ($itemgrade == 0 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 0 && pkperm('isadmin')) { $setsqlarr['grade'] = 0; } if (pkperm('isadmin')) { //站長可以post任何數據 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); //權限限制 } else { // 店長不允許更改店舖組 unset($setsqlarr['groupid']); if ($modelsinfoarr['modelname'] == 'shop') { unset($setsqlarr['validity_start']); unset($setsqlarr['validity_end']); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長提交店舖權限檢查 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $_G['myshopid'])); } } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長只能更改管理的店舖的信息 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid, 'shopid' => $_G['myshopid'])); } } } $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); } $hash = getmodelhash($modelsinfoarr['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); DB::query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; if ($op == 'update' && !$_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //當file刪除時,或修改時執行刪除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('itemid' => $itemid)); @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']] . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //內容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $modelsinfoarr['modelname'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['message'] = saddslashes(html2bbcode(stripslashes($setsqlarr['message']))); if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['exception'] = trim($_POST['exception']); } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { $setsqlarr['address'] = trim($_POST['address']); $setsqlarr['hotline'] = trim($_POST['hotline']); } $setsqlarr['postip'] = $_G['clientip']; if ($modelsinfoarr['modelname'] == 'shop' && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['banner'] = $_POST['banner_value']; $setsqlarr['windowsimg'] = $_POST['windowsimg_value']; } if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加內容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加內容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] && !pkperm('isadmin')) { $_SGLOBAL['updatesqlarr'] = array_merge($updatesqlarr, $setsqlarr); } else { //更新內容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); return $itemid; }
include_once S_ROOT . './source/function_space.php'; $space = space_open($newuid, $username, 0, $email); //默认好友 $flog = $inserts = $fuids = $pokes = array(); if (!empty($bp['inviter'])) { $query = $_SGLOBAL['db']->query("SELECT username FROM " . tname('member') . " WHERE uid='{$bp['inviter']}' limit 1"); $inviterusername = $_SGLOBAL['db']->result($query); $invitee[] = "('{$newuid}','{$bp['inviter']}','{$inviterusername}','1','{$_SGLOBAL['timestamp']}')"; $inviter[] = "('{$bp['inviter']}','{$newuid}','{$username}','1','{$_SGLOBAL['timestamp']}')"; $_SGLOBAL['db']->query("REPLACE INTO " . tname('friend') . " (uid,fuid,fusername,status,dateline) VALUES " . implode(',', $invitee)); $_SGLOBAL['db']->query("REPLACE INTO " . tname('friend') . " (uid,fuid,fusername,status,dateline) VALUES " . implode(',', $inviter)); $flog[] = "('{$bp['inviter']}','{$newuid}','add','{$_SGLOBAL['timestamp']}')"; $_SGLOBAL['db']->query("REPLACE INTO " . tname('friendlog') . " (uid,fuid,action,dateline) VALUES " . implode(',', $flog)); } if (!empty($_SCONFIG['defaultfusername'])) { $query = $_SGLOBAL['db']->query("SELECT uid,username FROM " . tname('space') . " WHERE\tusername IN (" . simplode(explode(',', $_SCONFIG['defaultfusername'])) . ")"); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $value = saddslashes($value); $fuids[] = $value['uid']; $inserts[] = "('{$newuid}','{$value['uid']}','{$value['username']}','1','{$_SGLOBAL['timestamp']}')"; $inserts[] = "('{$value['uid']}','{$newuid}','{$username}','1','{$_SGLOBAL['timestamp']}')"; $pokes[] = "('{$newuid}','{$value['uid']}','{$value['username']}','" . addslashes($_SCONFIG['defaultpoke']) . "','{$_SGLOBAL['timestamp']}')"; //添加好友变更记录 $flog[] = "('{$value['uid']}','{$newuid}','add','{$_SGLOBAL['timestamp']}')"; } if ($inserts) { $_SGLOBAL['db']->query("REPLACE INTO " . tname('friend') . " (uid,fuid,fusername,status,dateline) VALUES " . implode(',', $inserts)); $_SGLOBAL['db']->query("REPLACE INTO " . tname('poke') . " (uid,fromuid,fromusername,note,dateline) VALUES " . implode(',', $pokes)); $_SGLOBAL['db']->query("REPLACE INTO " . tname('friendlog') . " (uid,fuid,action,dateline) VALUES " . implode(',', $flog)); //添加到附加表 $friendstr = empty($fuids) ? '' : implode(',', $fuids);
/** * 模型在线投稿提交处理函数 */ function modelpost($cacheinfo, $cp = 1) { global $_SGLOBAL, $theurl, $_SCONFIG; include_once S_ROOT . './function/upload.func.php'; $_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $resultitems = $resultmessage = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; //获取等级信息 if ($cacheinfo['models']['modelname'] == 'defect') { switch ($_POST['grade']) { case 1: $_POST['grade'] = '64'; break; case 2: $_POST['grade'] = '32'; break; case 3: $_POST['grade'] = '16'; break; case 4: $_POST['grade'] = '9'; break; case 5: $_POST['grade'] = '4'; break; case 6: $_POST['grade'] = '1'; break; case 7: $_POST['grade'] = '-1'; break; case 8: $_POST['grade'] = '-2'; break; case 9: $_POST['grade'] = '-3'; break; } $gradearr = array('0' => $alang['general_state'], '64' => $alang['check_grade_1'], '32' => $alang['check_grade_2'], '16' => $alang['check_grade_3_1'], '9' => $alang['check_grade_3_2'], '4' => $alang['check_grade_3_3'], '1' => $alang['check_grade_4'], '-1' => $alang['check_grade_5'], '-2' => $alang['check_grade_6'], '-3' => $alang['check_grade_7']); if (!empty($_SCONFIG['checkgrade'])) { $newgradearr = explode("\t", $_SCONFIG['checkgrade']); $gradearr['64'] = $newgradearr[0]; $gradearr['32'] = $newgradearr[1]; $gradearr['16'] = $newgradearr[2]; $gradearr['9'] = $newgradearr[3]; $gradearr['4'] = $newgradearr[4]; $gradearr['1'] = $newgradearr[5]; $gradearr['-1'] = $newgradearr[6]; $gradearr['-2'] = $newgradearr[7]; $gradearr['-3'] = $newgradearr[8]; } } else { $gradearr = array('0' => $alang['general_state'], '1' => $alang['check_grade_1'], '2' => $alang['check_grade_2'], '3' => $alang['check_grade_3'], '4' => $alang['check_grade_4'], '5' => $alang['check_grade_5'], '6' => $alang['check_grade_6'], '7' => $alang['check_grade_7']); if (!empty($_SCONFIG['checkgrade'])) { $newgradearr = explode("\t", $_SCONFIG['checkgrade']); for ($i = 0; $i < count($newgradearr); $i++) { if (!empty($newgradearr[$i])) { $gradearr[$i + 1] = $newgradearr[$i]; } } } } if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) { showmessage('parameter_error'); } $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_SGLOBAL['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //更新用户最新更新时间 if (empty($itemid) && $_SGLOBAL['supe_uid']) { updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid'])); } //输入检查 $_POST['catid'] = intval($_POST['catid']); $_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0; $_POST['subject'] = shtmlspecialchars(trim($_POST['subject'])); //检查输入 if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) { showmessage('space_suject_length_error'); } if (empty($_POST['catid'])) { showmessage('admin_func_catid_error'); } if (!empty($_FILES['subjectimage']['name'])) { $fileext = fileext($_FILES['subjectimage']['name']); if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) { showmessage('document_types_can_only_upload_pictures'); } } //数据检查 checkvalues(array_merge($resultitems, $resultmessage), 0, 1); //修改时检验标题图片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //当file删除时,或修改时执行删除操作 $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); $hash = getmodelhash($_GET['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //构建数据 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $setsqlarr['catid'] = $_POST['catid']; $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = $_POST['allowreply']; $setsqlarr['grade'] = intval($_POST['grade']); //modify by jyf,没权限的用户不能改审核等级 if ($setsqlarr['grade'] > 0) { if (!checkperm('manageeditpost')) { showmessage('no_permission'); } } //end $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; $setsqlarr['uid'] = $_SGLOBAL['supe_uid']; $setsqlarr['username'] = $_SGLOBAL['supe_username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; $modelsinfoarr['subjectimagewidth'] = 400; $modelsinfoarr['subjectimageheight'] = 300; if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //词语过滤 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //发布时间 if (empty($_POST['dateline'])) { $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } else { $setsqlarr['dateline'] = sstrtotime($_POST['dateline']); if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) { //不能早于2年 $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } } //附件处理-by jyf if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) { $setsqlarr['attaches'] = implode(',', $_POST['divupload']); } //创新园地新增两个字段-------89184 if ($cacheinfo['models']['modelname'] == 'creative') { if (empty($_POST['creative_value'])) { showmessage('请输入创新价值说明'); } if (empty($_POST['creative_days'])) { showmessage('本创新所耗的工作量'); } $setsqlarr['value'] = $_POST['creative_value']; $setsqlarr['days'] = $_POST['creative_days']; } if (!checkperm('allowdirectpost') || checkperm('managemodpost')) { //不需要审核时入item表 if (empty($itemid)) { //插入数据 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); //取消邮件通知 --89184 $email = get_cate_mail($_POST['catid']); $url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); if ($_POST['modelname'] == 'creative') { if ($_POST['creative_type'] == '流程建议') { $email = $email . ',' . get_cate_process_mail($setsqlarr['catid']); } } $emails = explode(',', $email); if (count($emails) > 0) { include S_ROOT . './function/sendmail.fun.php'; $url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); if ($cacheinfo['models']['modelname'] == 'creative') { $msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的创新:<br />' . $url1; sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的创新《' . $_POST['subject'] . "》", $msg1); } else { if ($cacheinfo['models']['modelname'] == 'defect') { $msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例:<br />' . $url1; sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例《' . $_POST['subject'] . "》", $msg1); } } } } else { //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); if ($setsqlarr['grade'] > 0) { $setsqlarr['shenhezhe'] = $_SGLOBAL['supe_username']; if ($_POST['modelname'] == 'creative') { if ($_POST['creative_type'] == '主管月度创新') { if (!check_cate_director($setsqlarr['catid'])) { showmessage('no_permission'); } } } } updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); //邮件通知--等级审核 if ($setsqlarr['grade'] > 0) { $sqlstr = 'SELECT u.*, s.* FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' s LEFT JOIN ' . tname('members') . ' u ON u.uid=s.uid WHERE s.itemid=\'' . $itemid . '\''; $query = $_SGLOBAL['db']->query($sqlstr); $value = $_SGLOBAL['db']->fetch_array($query); $email = $value['email']; if (!empty($email)) { include S_ROOT . './function/sendmail.fun.php'; $url = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); $emails = explode(',', $email); if ($_POST['modelname'] == 'creative') { $msg = '你的创新已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url; } else { $msg = '你的缺陷预防案例已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url; } sendmail($emails, $setsqlarr['subject'], $msg); } } } if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) { $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=1, type=\'' . $modelsinfoarr['modelname'] . '\', itemid=' . $itemid . ', catid=\'' . $_POST['catid'] . '\' WHERE hash=\'' . $_POST['hash'] . '\''); } $hash = getmodelhash($_POST['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; } else { if (!empty($uploadfilearr['subjectimage']['aid'])) { $subjectimageid = $uploadfilearr['subjectimage']['aid']; } $setitemsqlarr = $setsqlarr; $do = 'me'; } if ($op == 'update') { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //当file删除时,或修改时执行删除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid'])); $ext = fileext($defaultmessage[$value['fieldname']]); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //内容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['postip'] = $_SGLOBAL['onlineip']; if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加内容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') { //不需要审核时入message表 if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加内容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); getreward('postinfo'); if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) { $feed['icon'] = 'comment'; $feed['title_template'] = 'feed_model_title'; $murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); $aurl = A_URL; if (empty($_SCONFIG['siteurl'])) { $siteurl = getsiteurl(); $murl = $siteurl . $murl; $aurl = $siteurl . $aurl; } else { $siteurl = S_URL_ALL; } $feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>'); $feed['body_template'] = 'feed_model_message'; $feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150)); if (!empty($feedsubjectimg)) { $feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl); } else { foreach ($feedcolum as $feedimgvalue) { if ($feedimgvalue['filepath']) { $feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl); break; } } if (empty($feed['images'])) { $picurl = getmessagepic(stripslashes($_POST['message'])); if ($picurl && strpos($picurl, '://') === false) { $picurl = $siteurl . '/' . $picurl; } if (!empty($picurl)) { $feed['images'][] = array('url' => $picurl, 'link' => $murl); } } } postfeed($feed); } } else { //更新内容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); if (checkperm('allowdirectpost') && $op == 'update') { deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1); } if (checkperm('allowdirectpost') && $op == 'update') { $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } else { $jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('online_contributions_success', $jpurl); } } else { $setsqlarr = array_merge($setitemsqlarr, $setsqlarr); $setsqlarr['addfeed'] = $_POST['addfeed']; $setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1); if (!empty($_POST['itemid'])) { $itemid = intval($_POST['itemid']); updatetable('modelfolders', $setsqlarr, array('itemid' => $itemid)); } else { $itemid = inserttable('modelfolders', $setsqlarr, 1); } if (!empty($subjectimageid)) { $ids[] = $subjectimageid; } if (!empty($ids)) { $ids = simplode($ids); $hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } }