function addtext($text1, $len, $textadd = "")
{
$i = 0;
$text2 = "";
if ($len % 2 == 1) {
$len = $len + 1;
}
$len1 = StrLenW($text1);
for ($i = 0; $i < $len1 / $len; $i++) {
$text2 .= get_substr($text1, $I, $len) . $textadd;
$text1 = get_substr($text1, $len, $len1 - $len);
}
return $text2;
}
function setFriTip()
{
$content = trim($_POST["content"]);
$len = StrLenW($content);
if ($len > 20) {
exit(0);
}
$dao = D("FriendTip");
$tip = $dao->where("uid = " . $this->mid)->find();
if ($tip) {
$dao->content = $content;
echo $dao->save();
echo $dao->getLastSql();
} else {
$data["uid"] = $this->mid;
$data["content"] = $content;
echo $dao->add($data);
}
}
function _check($content)
{
if (StrLenW($content) > 100) {
return -10;
}
return 1;
}
if ($action == "install") {
$username = daddslashes(trim($_POST['username']));
$nickname = daddslashes(trim($_POST['nickname']));
$mailadres = daddslashes(trim($_POST['mailadres']));
$password1 = md5(md5($_POST['password1']));
$password2 = md5(md5($_POST['password2']));
$deniedname = array("admin", "attachments", "badge", "images", "include" . "install", "source", "templates");
if (in_array($username, $deniedname)) {
echo "<script>alert('该管理员名不能使用!');history.go(-1);</script>";
exit;
}
if (StrLenW($username) > 20 || StrLenW($username) < 4) {
echo "<script>alert('管理员名长度应该大于4小于20个字符!');history.go(-1);</script>";
exit;
}
if (StrLenW($nickname) > 20 || StrLenW($nickname) < 4) {
echo "<script>alert('管理员昵称长度应该大于4小于20个字符!');history.go(-1);</script>";
exit;
}
$t = explode("@", $mailadres);
if (!$t[1]) {
echo "<script>alert('电子邮件格式不正确!');history.go(-1);</script>";
exit;
}
if ($password1 != $password2) {
echo "<script>alert('两次输入的密码不正确!');history.go(-1);</script>";
exit;
}
if ($password1 == $password2 && $_POST['password1']) {
$web_name3 = "EasyTalk 安装";
include $template->getfile('install.htm');
echo "请填写电子邮件地址!";
exit;
}
$t = explode("@", $mailadres);
if (!$t[1]) {
echo "电子邮件格式不正确!";
exit;
}
$sql = "select user_id from et_users where mailadres='{$mailadres}'";
$query = $db->query($sql);
if ($db->fetch_array($query)) {
echo "此电子邮件已存在,不能使用!";
exit;
}
// 密码
if (StrLenW($pass1) < 6 || StrLenW($pass1) > 32) {
echo "密码长度不能小于6位!";
exit;
}
if ($pass1 != $pass2) {
echo "两次输入的密码不一致!";
exit;
}
echo "check_ok";
exit;
}
if ($act == "reg") {
if ($username && $mailadres && $pass1 == $pass2) {
$t = $db->query("INSERT INTO et_users (user_name,password,mailadres,signupdate) VALUES ('{$username}','" . md5(md5($pass2)) . "','{$mailadres}','{$addtime}')");
$regid = mysql_insert_id();
if ($t == 1 && $regid) {
/**
* replace
* 对数据集进行追加处理
* @param array $data 数据集
* @param array $mention 需要被追加的值
* @access protected
* @return void
*/
protected function replace($data, $mentiondata = null)
{
$result = $data;
$categoryname = $this->getCategory(null);
//获取所有的分类
//TODO 配置信息,截取字数控制
foreach ($result as &$value) {
if (3 == $value['private']) {
// if(Cookie::get($value['id'].'password') == $value['private_data']) {
// $value['private'] = 0;
// } Change
}
$value['content'] = str_replace("&nbsp;", "", h($value['content']));
// $value['category'] = array(
// "name" => $categoryname[$value['category']]['name'],
// "id" => $value['category']); //替换文章类型
//文章截断
$short = $this->config->titleshort == 0 ? 4000 : $this->config->titleshort;
$suffix = StrLenW($value['content']) > $short ? $this->config->suffix : '';
$value['content'] = getBlogShort($value['content'], $short) . $suffix;
//文章标题
$value['title'] = stripslashes($value['title']);
}
return $result;
}
$data = $db->fetch_array($query);
$ptuname = $data['user_name'];
$ptuisclose = $data['isclose'];
$ptuhead = $data['user_head'] ? "{$webaddr}/attachments/head/" . $data['user_head'] : "{$webaddr}/images/noavatar.jpg";
$user = array("user_id" => $uid, "theme_bgcolor" => $data['theme_bgcolor'], "theme_pictype" => $data['theme_pictype'], "theme_text" => $data['theme_text'], "theme_link" => $data['theme_link'], "theme_sidebar" => $data['theme_sidebar'], "theme_sidebox" => $data['theme_sidebox'], "theme_bgurl" => $data['theme_bgurl']);
if ($uid != $my['user_id']) {
$isfriend = isfriend($uid, $my[user_id]);
}
if (!$ptuname) {
echo "<script>alert('很抱歉,没有找到您要访问的用户!');location.href='{$webaddr}/op/photo/u.{$my['user_id']}'</script>";
exit;
}
}
if ($action == "creatalbum") {
$albumname = daddslashes(trim($_POST['albumname']));
if (StrLenW($albumname) > 20 || StrLenW($albumname) < 2) {
echo "<script>alert('相册名称要不能大于20字符或者小于2个字符!');location.href='{$webaddr}/op/photo/u.{$my['user_id']}&act=creatalbum'</script>";
exit;
} else {
$db->query("INSERT INTO et_album (user_id,album_name) VALUES ('{$my['user_id']}','{$albumname}')");
echo "<script>alert('恭喜您,相册 {$albumname} 创建成功,点击确定返回相册主页!');location.href='{$webaddr}/op/photo/u.{$my['user_id']}'</script>";
exit;
}
}
if ($act == "delalbum") {
$alid = $_GET['alid'];
$query = $db->query("select count(*) as count from et_photos where al_id='{$alid}'");
$row = $db->fetch_array($query);
$total = $row['count'];
if ($total != 0) {
echo "很抱歉,此相册不为空,请将相册清空后再删除!";
/**
* replace
* 对数据集进行追加处理
* @param array $data 数据集
* @param array $mention 需要被追加的值
* @access protected
* @return void
*/
protected function replace($data, $mentiondata = null)
{
$result = $data;
$categoryname = $this->getCategory(null);
//获取所有的分类
//如果$mention为空就需要从数据库中取出数据
if (empty($mentiondata)) {
$mention = self::factoryModel('mention');
$mentioncontent = $mention->getUserMention();
}
//TODO 配置信息,截取字数控制
foreach ($result as &$value) {
$value['category'] = array("name" => $categoryname[$value['category']]['name'], "id" => $value['category']);
//替换日志类型
//追加日志中提到的内容
$value['mention'] = !isset($mentiondata) ? $mentioncontent[$value['id']] : $mentiondata[$value['id']];
//日志截断
$short = $this->config->titleshort == 0 ? 4000 : $this->config->titleshort;
if (StrLenW($value['content']) > $short) {
$value['content'] = getBlogShort($value['content'], $short) . $this->config->suffix;
}
}
return $result;
}
exit;
}
}
$sql = "SELECT a.*,u.user_name,u.theme_bgcolor,u.theme_pictype,u.theme_text,u.theme_link,u.theme_sidebar,u.theme_sidebox,u.theme_bgurl FROM et_album as a,et_users as u where u.user_id=a.user_id && a.album_id='{$alid}'";
$query = $db->query($sql);
$data = $db->fetch_array($query);
$album_name = $data['album_name'];
$ptuid = $data['user_id'];
$ptuname = $data['user_name'];
$face_photo = $data['face_photo'] ? "{$webaddr}/attachments/photo/user_{$ptuid}/" . $data['face_photo'] : "{$webaddr}/images/nophoto.jpg";
$photo_num = $data['photo_num'];
$user = array("user_id" => $data['user_id'], "theme_bgcolor" => $data['theme_bgcolor'], "theme_pictype" => $data['theme_pictype'], "theme_text" => $data['theme_text'], "theme_link" => $data['theme_link'], "theme_sidebar" => $data['theme_sidebar'], "theme_sidebox" => $data['theme_sidebox'], "theme_bgurl" => $data['theme_bgurl']);
}
if ($action == "rename") {
$newpttitle = daddslashes(trim($_POST['newpttitle']));
if (StrLenW($newpttitle) > 20 || StrLenW($newpttitle) < 2) {
echo "<script>alert('相片名称要不能大于20字符或者小于2个字符!');location.href='{$webaddr}/op/viewphoto/{$ptid}&act=rename'</script>";
exit;
} else {
$t = $db->query("UPDATE et_photos set pt_title='{$newpttitle}' where pt_id='{$ptid}' && user_id='{$my['user_id']}'");
if ($t == 1) {
echo "<script>alert('恭喜您,修改相片名成功了!');location.href='{$webaddr}/op/viewphoto/{$ptid}'</script>";
exit;
} else {
echo "<script>alert('很抱歉,修改相片名失败,可能因为您没有修改的权限!');location.href='{$webaddr}/op/viewphoto/{$ptid}'</script>";
exit;
}
}
}
if ($act == "remove") {
$sql = "SELECT album_id,album_name,photo_num FROM et_album where user_id='{$my['user_id']}'";
$link = @mysql_connect($server, $db_username, $db_password, 1);
$connnect = $link && @mysql_select_db($db_name, $link) ? 'yes' : 'no';
if ($connnect == "yes" && $server && $db_username && $db_password && $db_name) {
header("location: install.php?step=3");
exit;
} else {
echo "<script>alert('数据库检测未通过,请重新修改 config.inc.php 文件!');location.href='install.php?step=2'</script>";
exit;
}
}
if ($action == "install") {
$username = daddslashes(trim($_POST['username']));
$mailadres = daddslashes(trim($_POST['mailadres']));
$password1 = md5(md5($_POST['password1']));
$password2 = md5(md5($_POST['password2']));
if (StrLenW($username) > 16 || StrLenW($username) < 4) {
echo "<script>alert('用户名长度应该大于4小于16个字符!');location.href='install.php?step=3'</script>";
exit;
}
$t = explode("@", $mailadres);
if (!$t[1]) {
echo "<script>alert('电子邮件格式不正确!');location.href='install.php?step=3'</script>";
exit;
}
if ($password1 != $password2) {
echo "<script>alert('两次输入的密码不正确!');location.href='install.php?step=3'</script>";
exit;
}
if ($password1 == $password2 && $password1 && $password2) {
$web_name3 = "EasyTalk 安装";
include $template->getfile('install.htm');
} else {
echo '{"ret":"您没有选择照片"}';
exit;
}
}
//分享
if ($action == 'share') {
tologin();
$linkdata = array();
$link = htmlspecialchars(trim($_POST['link']));
$describe = clean_html($_POST['describe']);
if (!preg_match("/^http\\:\\/\\/.{4,300}\$/i", $link) || !$link) {
dsetcookie('setok', 'home4');
header("location: {$webaddr}/{$my['user_name']}/profile");
exit;
} elseif (StrLenW($describe) > 100) {
dsetcookie('setok', 'home5');
header("location: {$webaddr}/{$my['user_name']}/profile");
exit;
} else {
// 判断是否视频
$parseLink = parse_url($link);
$suffix = mediasuffix($link);
if (preg_match("/(tudou.com|youku.com|ku6.com)\$/i", strtolower($parseLink['host']), $hosts) && $suffix != "swf") {
$flashvar = getFlash($link, strtolower($hosts[1]));
if (!empty($flashvar)) {
$type = 'video';
$htmls = getVideoHtml($link, strtolower($hosts[1]));
$videotitle = $htmls[0];
$videopic = $htmls[1];
}
function _check($type, $info, $data)
{
if (empty($data)) {
return -3;
}
if (!empty($data['url'])) {
$url = h($data['url']);
if (empty($url) || $url == 'http://') {
return 0;
}
}
if (StrLenW($info) > 100) {
return -10;
}
if (empty($type['typeId'])) {
return -2;
}
return 1;
}
}
if ($birth != $my[birthday] && $birth) {
$para = "birthday = '{$birth}'," . $para;
}
if ($gender != $my[user_gender]) {
$para = "user_gender = '{$gender}'," . $para;
}
if ($info != $my[user_info]) {
$para = "user_info = '{$info}'," . $para;
}
if ($musicaddr != $my[musicaddr]) {
$para = "musicaddr = '{$musicaddr}'," . $para;
}
if ($nickname && $nickname != $my[nickname]) {
$query = $db->query("select user_id from et_users where nickname='{$nickname}'");
if (StrLenW($nickname) <= 20 && StrLenW($nickname) >= 4 && !$db->fetch_array($query)) {
$para = "nickname = '{$nickname}'," . $para;
} else {
dsetcookie('setok', 'setting2');
header("location:{$webaddr}/op/setting");
exit;
}
}
if ($para) {
$para = trim($para);
if (getsubstrutf8($para, 0, 1, false) == ',') {
$para = getsubstrutf8($para, 1, null, false);
}
if (getsubstrutf8($para, -1, 1, false) == ',') {
$para = getsubstrutf8($para, 0, -1, false);
}
}
if (!$mailadres) {
echo "请填写电子邮件地址!";
exit;
}
$t = explode("@", $mailadres);
if (!$t[1]) {
echo "电子邮件格式不正确!";
exit;
}
$query = $db->query("SELECT user_id FROM et_users WHERE mailadres='{$mailadres}'");
if ($db->fetch_array($query)) {
echo "此电子邮件已存在,不能使用!";
exit;
}
if (StrLenW($pass1) < 6 || StrLenW($pass1) > 20) {
echo "密码长度应该大于6个字符小于20个字符!";
exit;
}
if ($pass1 != $pass2) {
echo "两次输入的密码不一致!";
exit;
}
echo "check_ok";
exit;
}
if ($act == "reg") {
if ($username && $nickname && $mailadres && $pass1 == $pass2) {
$nickname = $nickname != '' ? $nickname : $username;
$t = $db->query("INSERT INTO et_users (user_name,nickname,password,mailadres,signupdate) VALUES ('" . strtolower($username) . "','{$nickname}','" . md5(md5($pass2)) . "','{$mailadres}','{$addtime}')");
$regid = mysql_insert_id();
/**
* doUpdate
* 执行更新日志动作
* @access public
* @return void
*/
public function doUpdate()
{
$content = h($_POST['content']);
if (empty($content)) {
$this->error("不是合法访问");
}
if (StrLenW(t($_POST['title'])) > 60) {
$this->error("标题太长,不得大于60个字符");
}
$userName = $this->blog->getOneName($this->mid);
$id = intval($_POST['id']);
//检查更新合法化
if ($this->blog->where('id = ' . $id)->getField('uid') != $this->mid) {
$this->error(L('error_no_role'));
}
$data = $this->__getPost();
$save = $this->blog->doSaveBlog($data, $id);
if ($save) {
$this->redirect("Index/show/id/{$id}/mid/{$this->mid}");
} else {
$this->error("修改失败");
}
}
}
if (!$add_email) {
echo jsalert("请填写电子邮件地址!", "useradmin.php?act=adduser");
exit;
}
$t = explode("@", $add_email);
if (!$t[1]) {
echo jsalert("电子邮件格式不正确!", "useradmin.php?act=adduser");
exit;
}
$query = $db->query("SELECT user_id FROM et_users WHERE mailadres='{$add_email}'");
if ($db->fetch_array($query)) {
echo jsalert("此电子邮件已存在,不能使用!", "useradmin.php?act=adduser");
exit;
}
if (StrLenW($add_pass) < 6 || StrLenW($add_pass) > 20) {
echo jsalert("密码长度应该大于6个字符小于20个字符!", "useradmin.php?act=adduser");
exit;
}
$db->query("INSERT INTO et_users (user_name,nickname,password,mailadres,signupdate,isadmin) VALUES ('{$add_uname}','{$add_nickname}','" . md5(md5($add_pass)) . "','{$add_email}','{$addtime}','{$add_admin}')");
echo jsalert("提示:会员添加成功!", "useradmin.php");
exit;
}
if ($action == "user_edit") {
$edit_id = $_POST["edit_id"];
$edit_pass = $_POST["edit_pass"];
$edit_email = daddslashes(trim($_POST["edit_email"]));
$edit_admin = $_POST["edit_admin"];
$edit_nickname = daddslashes(trim($_POST["edit_nickname"]));
$edit_close = $_POST["edit_close"];
if (!empty($edit_pass)) {
echo "<script>alert('相册名称要不能大于20字符或者小于2个字符!');location.href='{$webaddr}/op/viewalbum/{$alid}'</script>";
exit;
} else {
$t = $db->query("UPDATE et_album set album_name='{$newalbumname}' where album_id='{$alid}' && user_id='{$my['user_id']}'");
if ($t == 1) {
echo "<script>alert('恭喜您,修改相册名成功了!');location.href='{$webaddr}/op/viewalbum/{$alid}'</script>";
exit;
} else {
echo "<script>alert('很抱歉,修改相册名失败,可能因为您没有修改的权限!');location.href='{$webaddr}/op/viewalbum/{$alid}'</script>";
exit;
}
}
}
if ($action == "upload") {
$phototitle = daddslashes(trim($_POST['phototitle']));
if (StrLenW($phototitle) > 20) {
echo "<script>alert('相片名称要不能大于20字符!');location.href='{$webaddr}/op/viewalbum/{$alid}&act=upload'</script>";
exit;
}
if ($_FILES['photo']['name']) {
$refer = $webaddr . "/op/viewalbum/" . $alid;
include ET_ROOT . "/include/uploadpic.func.php";
$ptname = date(YmdHms);
$upname = UploadImage("photo", 1, 130, 130, ET_ROOT . "/attachments/photo/user_" . $my[user_id] . "/", ET_ROOT . "/attachments/photo/user_" . $my[user_id] . "/", $ptname, $ptname . "_thumb");
$phototitle = $phototitle ? $phototitle : "{$ptname}";
$db->query("INSERT INTO et_photos (al_id,user_id,pt_name,pt_title,uploadtime) VALUE ('{$alid}','{$my['user_id']}','{$upname}','{$phototitle}','{$addtime}')");
$upmsg = "[img link={$webaddr}/op/viewphoto/" . mysql_insert_id() . "]" . $webaddr . "/attachments/photo/user_" . $my[user_id] . "/" . $upname . "[/img]我在相册上传了一张照片:<a href=\"{$webaddr}/op/viewphoto/" . mysql_insert_id() . "\">{$phototitle}</a>!";
$db->query("INSERT INTO et_content (user_id,content_body,posttime) VALUE ('{$my['user_id']}','{$upmsg}','{$addtime}')");
$db->query("UPDATE et_users SET photo_num=photo_num+'1' where user_id='{$my['user_id']}'");
echo "<script>alert('照片上传成功了!');location.href='{$webaddr}/op/viewalbum/{$alid}'</script>";
exit;
function explodetopic($content)
{
global $db;
$topic = preg_replace("/(.*?)#([^#].*?)#(.*?)/i", "\$2|", $content);
$tem = explode("|", $topic);
$length = count($tem);
if ($length > 1) {
for ($i = 0; $i < $length - 1; $i++) {
if ($tem[$i]) {
if (StrLenW($topic) > 20) {
$tem[$i] = getsubstrutf8($tem[$i], 0, 20, false);
}
if (getcount('et_topic', array('topicname' => $tem[$i])) == 0) {
$db->query("INSERT INTO et_topic (topicname,topictimes) VALUES ('{$tem[$i]}','1')");
} else {
$db->query("UPDATE et_topic SET topictimes=topictimes+1 WHERE topicname='{$tem[$i]}'");
}
}
}
}
}
/**
* replace
* 对数据集进行追加处理
* @param array $data 数据集
* @param array $mention 需要被追加的值
* @access protected
* @return void
*/
protected function replace($data, $mentiondata = null)
{
$result = $data;
$categoryname = $this->getCategory(null);
//获取所有的分类
//如果$mention为空就需要从数据库中取出数据
if (empty($mentiondata)) {
$mention = self::factoryModel('mention');
$mentioncontent = $mention->getUserMention();
}
//TODO 配置信息,截取字数控制
foreach ($result as &$value) {
if (3 == $value['private']) {
// if(Cookie::get($value['id'].'password') == $value['private_data']) {
// $value['private'] = 0;
// } Change
}
$value['content'] = str_replace("&nbsp;", "", h($value['content']));
// $value['category'] = array(
// "name" => $categoryname[$value['category']]['name'],
// "id" => $value['category']); //替换任务类型
//追加任务中提到的内容
$value['mention'] = !isset($mentiondata) ? $mentioncontent[$value['id']] : $mentiondata[$value['id']];
//任务截断
$short = $this->config->titleshort == 0 ? 4000 : $this->config->titleshort;
$suffix = StrLenW($value['content']) > $short ? $this->config->suffix : '';
//$value['content'] = getTaskShort( $value['content'], $short ) . $suffix;
//任务标题
$value['title'] = stripslashes($value['title']);
}
return $result;
}
echo "success";
exit;
} else {
echo "·ÖÏíɾ³ýʧ°Ü£¬¿ÉÄÜÍøÂç´íÎó»òÕßÄúûÓÐɾ³ýµÄȨÏÞ£¡";
exit;
}
}
//·ÖÏí
if ($action == "share") {
$linkdata = array();
$link = htmlspecialchars(trim($_POST['link']));
$describe = clean_html($_POST['describe']);
if (!preg_match("/^http\\:\\/\\/.{4,300}\$/i", $link) || !$link) {
header("Location: {$webaddr}/op/share&tip=31");
exit;
} elseif (StrLenW($describe) > 250) {
header("Location: {$webaddr}/op/share&tip=32");
exit;
} else {
// ÅжÏÊÇ·ñÊÓƵ
$parseLink = parse_url($link);
if (preg_match("/(youku.com|youtube.com|5show.com|ku6.com|sohu.com|mofile.com|sina.com.cn)\$/i", $parseLink['host'], $hosts) && !preg_match("/\\.swf\$/i", $link)) {
$flashvar = getFlash($link, $hosts[1]);
if (!empty($flashvar)) {
$type = 'video';
$linkdata['flashvar'] = $flashvar;
$linkdata['host'] = $hosts[1];
}
} else {
if (preg_match("/\\.(mp3|wma)\$/i", $link)) {
$linkdata['musicvar'] = $link;
