$_SCONFIG['maxreward'] = $_SCONFIG['maxreward'] < 2 ? 10 : $_SCONFIG['maxreward']; if ($pid) { $query = $_SGLOBAL['db']->query("SELECT pf.*, p.* FROM " . tname('poll') . " p \n\t\tLEFT JOIN " . tname('pollfield') . " pf ON pf.pid=p.pid \n\t\tWHERE p.pid='{$pid}'"); $poll = $_SGLOBAL['db']->fetch_array($query); realname_set($poll['uid'], $poll['username']); } //Check permission if (empty($poll)) { if (!checkperm('allowpoll')) { ckspacelog(); showmessage('no_authority_to_add_poll'); } // Real-name authentication ckrealname('poll'); // Video Authentication ckvideophoto('poll'); //New User cknewuser(); //Determine whether published too fast $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } } else { if (!in_array($op, array('vote', 'get', 'invite')) && $_SGLOBAL['supe_uid'] != $poll['uid'] && !checkperm('managepoll')) { showmessage('no_authority_operation_of_the_poll'); } } include_once S_ROOT . './source/function_bbcode.php'; if (submitcheck('pollsubmit')) { $_POST['topicid'] = topic_check($_POST['topicid'], 'poll');
} if (empty($_SCONFIG['my_status'])) { showmessage('no_privilege_my_status'); } if ($appid == '1036584') { //视频认证 } else { //验证是否有权限玩应用 if (!checkperm('allowmyop')) { showmessage('no_privilege'); } //实名认证 include_once S_ROOT . './source/function_cp.php'; ckrealname('userapp'); //视频认证 ckvideophoto('userapp'); //更新状态 updatetable('session', array('lastactivity' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid'])); } $app = array(); $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('myapp') . " WHERE appid='{$appid}' LIMIT 1"); if ($app = $_SGLOBAL['db']->fetch_array($query)) { if ($app['flag'] < 0) { showmessage('no_privilege_myapp'); } } //漫游 $my_appId = $appid; $my_suffix = base64_decode(urldecode($_GET['my_suffix'])); $my_prefix = getsiteurl(); //奖励积分
include_once S_ROOT . './source/function_feed.php'; feed_publish($sid, 'sid'); } else { updatetable('feed', array('hot' => $_POST['hot']), array('id' => $sid, 'idtype' => 'sid')); } showmessage('do_success', $_POST['refer'], 0); } } else { if (!checkperm('allowshare')) { ckspacelog(); showmessage('no_privilege'); } // Real-name authentication ckrealname('share'); // Video Authentication ckvideophoto('share'); //New User cknewuser(); $type = empty($_GET['type']) ? '' : $_GET['type']; $id = empty($_GET['id']) ? 0 : intval($_GET['id']); $note_uid = 0; $note_message = ''; $hotarr = array(); $arr = array(); switch ($type) { case 'space': if ($id == $space['uid']) { showmessage('share_space_not_self'); } $tospace = getspace($id); if (empty($tospace)) {
} elseif ($op == 'edit') { // edit or Create a new activity if ($eventid) { // Check permissions if (!$allowmanage) { showmessage("no_privilege_edit_event"); } } else { //Check user group Permissions for add events if (!checkperm("allowevent")) { showmessage('no_privilege_add_event'); } // Real-name authentication ckrealname('event'); // Video Authentication ckvideophoto('event'); //New user probationary cknewuser(); // Default entry new event [to do: Owner can set the Event default entry, priority: low] $event = array(); $event['eventid'] = ''; $event['starttime'] = ceil($_SGLOBAL['timestamp'] / 3600) * 3600 + 7200; // Event Start Time: Two hours after $event['endtime'] = $event['starttime'] + 14400; // Event Finish Time: four hours after the start time $event['deadline'] = $event['starttime']; // Deadline: Start time $event['allowinvite'] = 1; // Is allowed to Invite Friends $event['allowpost'] = 1; // Whether to allow the posting
$op = empty($_GET['op']) ? '' : $_GET['op']; $blog = array(); if ($blogid) { $query = $_SGLOBAL['db']->query("SELECT bf.*, b.* FROM " . tname('blog') . " b \n\t\tLEFT JOIN " . tname('blogfield') . " bf ON bf.blogid=b.blogid \n\t\tWHERE b.blogid='{$blogid}'"); $blog = $_SGLOBAL['db']->fetch_array($query); } //权限检查 if (empty($blog)) { if (!checkperm('allowblog')) { ckspacelog(); showmessage('no_authority_to_add_log'); } //实名认证 ckrealname('blog'); //视频认证 ckvideophoto('blog'); //新用户见习 cknewuser(); //判断是否发布太快 $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } //接收外部标题 $blog['subject'] = empty($_GET['subject']) ? '' : getstr($_GET['subject'], 80, 1, 0); $blog['message'] = empty($_GET['message']) ? '' : getstr($_GET['message'], 5000, 1, 0); } else { if ($_SGLOBAL['supe_uid'] != $blog['uid'] && !checkperm('manageblog')) { showmessage('no_authority_operation_of_the_log'); } }
function video_save($FILE, $title, $desc, $tovideoid = 0, $albumid) { global $_SGLOBAL, $_SCONFIG, $space, $_SC; //允许上传类型 $allowpictype = array('flv'); //检查 $FILE['size'] = intval($FILE['size']); if (empty($FILE['size']) || empty($FILE['tmp_name']) || !empty($FILE['error'])) { return cplang('lack_of_access_to_upload_file_size'); } //判断后缀 $fileext = fileext($FILE['name']); if (!in_array($fileext, $allowpictype)) { return cplang('only_allows_upload_file_types'); } //获取目录 if (!($filepath = getfilepath($fileext, true))) { return cplang('unable_to_create_upload_directory_server'); } //检查空间大小 if (empty($space)) { $space = getspace($_SGLOBAL['supe_uid']); } //用户组 if (!checkperm('allowupload')) { ckspacelog(); return cplang('inadequate_capacity_space'); } //实名认证 if (!ckrealname('album', 1)) { return cplang('inadequate_capacity_space'); } //视频认证 if (!ckvideophoto('album', array(), 1)) { return cplang('inadequate_capacity_space'); } //新用户见习 if (!cknewuser(1)) { return cplang('inadequate_capacity_space'); } $maxattachsize = checkperm('maxattachsize'); //单位MB if ($maxattachsize) { //0为不限制 if ($space['attachsize'] + $FILE['size'] > $maxattachsize + $space['addsize']) { return cplang('inadequate_capacity_space'); } } if ($albumid < 0) { $albumid = 0; } $showtip = true; $albumfriend = 0; if ($albumid) { preg_match("/^new\\:(.+)\$/i", $albumid, $matchs); if (!empty($matchs[1])) { $albumname = shtmlspecialchars(trim($matchs[1])); if (empty($albumname)) { $albumname = sgmdate('Ymd'); } $albumid = album_creat(array('albumname' => $albumname)); } else { $albumid = intval($albumid); if ($albumid) { $query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM " . tname('album') . " WHERE albumid='{$albumid}' AND uid='{$_SGLOBAL['supe_uid']}'"); if ($value = $_SGLOBAL['db']->fetch_array($query)) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } } } } else { $albumid = 0; $showtip = false; } //本地上传 $new_name = $_SC['attachdir'] . './' . $filepath; $tmp_name = $FILE['tmp_name']; if (@copy($tmp_name, $new_name)) { @unlink($tmp_name); } elseif (function_exists('move_uploaded_file') && @move_uploaded_file($tmp_name, $new_name)) { } elseif (@rename($tmp_name, $new_name)) { } else { return cplang('mobile_picture_temporary_failure'); } //入库 $setarr = array('albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'postip' => getonlineip(), 'filename' => addslashes($FILE['name']), 'title' => $title, 'desc' => $desc, 'size' => $FILE['size'], 'filepath' => $filepath); $setarr['id'] = inserttable('video', $setarr, 1); $setsql = ''; if ($showtip) { $reward = getreward('uploadimage', 0); if ($reward['credit']) { $setsql = ",credit=credit+{$reward['credit']}"; } if ($reward['experience']) { $setsql .= ",experience=experience+{$reward['experience']}"; } } $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET attachsize=attachsize+'{$FILE['size']}', updatetime='{$_SGLOBAL['timestamp']}' {$setsql} WHERE uid='{$_SGLOBAL['supe_uid']}'"); updatestat('video'); return $setarr; }
topic_join($_POST['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']); $url = "space.php?do=topic&topicid={$_POST['topicid']}&view=pic"; } else { $url = "space.php?uid={$_SGLOBAL['supe_uid']}&do=album&id=" . (empty($_POST['opalbumid']) ? -1 : $_POST['opalbumid']); } capi_showmessage_by_data('upload_images_completed', $url, 0); } } else { if (!checkperm('allowupload')) { ckspacelog(); capi_showmessage_by_data('no_privilege'); } //实名认证 ckrealname('album'); //视频认证 ckvideophoto('album'); //新用户见习 cknewuser(); $siteurl = getsiteurl(); //获取相册 $albums = getalbums($_SGLOBAL['supe_uid']); //激活 $actives = $_GET['op'] == 'flash' || $_GET['op'] == 'cam' ? array($_GET['op'] => ' class="active"') : array('js' => ' class="active"'); //空间大小 $maxattachsize = checkperm('maxattachsize'); if (!empty($maxattachsize)) { $maxattachsize = $maxattachsize + $space['addsize']; //额外空间 $haveattachsize = formatsize($maxattachsize - $space['attachsize']); } else { $haveattachsize = 0;
note_apply($notearr); showmessage('do_success'); } } else { //创建新群组 if(!checkperm('allowmtag')) { ckspacelog(); showmessage('no_privilege'); } //实名认证 ckrealname('thread'); //视频认证 ckvideophoto('thread'); //新用户见习 cknewuser(); //提交 if(submitcheck('textsubmit')) { //自由输入 $_POST['tagname'] = $tagname = getstr($_POST['tagname'], 40, 1, 1, 1); $_POST['fieldid'] = $fieldid = intval($_POST['fieldid']); $profield = $_SGLOBAL['profield'][$fieldid]; if(empty($profield) || $profield['formtype'] != 'text') { showmessage('mtag_fieldid_does_not_exist'); }
if (!defined('IN_DISCUZ')) { exit('Access Denied'); } if ($_GET['op'] == 'delete') { $favid = intval($_GET['favid']); $thevalue = DB::fetch_first('SELECT * FROM ' . DB::table('home_favorite') . " WHERE favid='{$favid}'"); if (empty($thevalue) || $thevalue['uid'] != $_G['uid']) { showmessage('favorite_does_not_exist'); } if (submitcheck('deletesubmit')) { DB::query('DELETE FROM ' . DB::table('home_favorite') . " WHERE favid='{$favid}'"); showmessage('do_success', 'home.php?mod=space&do=favorite&view=me&type=' . $_GET['type'] . '&quickforward=1', array('favid' => $favid), array('showdialog' => 1, 'showmsg' => true, 'closetime' => 1)); } } else { ckrealname('favorite'); ckvideophoto('favorite'); cknewuser(); $type = empty($_GET['type']) ? '' : $_GET['type']; $id = empty($_GET['id']) ? 0 : intval($_GET['id']); $spaceuid = empty($_GET['spaceuid']) ? 0 : intval($_GET['spaceuid']); $idtype = $title = $icon = ''; switch ($type) { case 'thread': $idtype = 'tid'; $title = DB::result_first('SELECT subject FROM ' . DB::table('forum_thread') . " WHERE tid='{$id}'"); $icon = '<img src="static/image/feed/thread.gif" alt="thread" class="vm" /> '; break; case 'forum': $idtype = 'fid'; $title = DB::result_first('SELECT `name` FROM ' . DB::table('forum_forum') . " WHERE fid='{$id}' AND status !='3'"); $icon = '<img src="static/image/feed/discuz.gif" alt="forum" class="vm" /> ';
<?php /** * [Discuz!] (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: space_videophoto.php 6752 2010-03-25 08:47:54Z cnteacher $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } if (empty($_G['setting']['videophoto'])) { showmessage('no_open_videophoto'); } require_once libfile('function/spacecp'); ckvideophoto('viewphoto', $space); $videophoto = getvideophoto($space['videophoto']); include_once template("home/space_videophoto");
$tospace = getspace($share['uid']); $hotarr = array('sid', $share['sid'], $share['hotuser']); $stattype = 'sharecomment'; break; default: showmessage('non_normal_operation'); break; } if (empty($tospace)) { showmessage('space_does_not_exist', '', array(), array('return' => true)); } if ($tospace['videophotostatus']) { if ($idtype == 'uid') { ckvideophoto('wall', $tospace); } else { ckvideophoto('comment', $tospace); } } if (isblacklist($tospace['uid'])) { showmessage('is_blacklist'); } if ($hotarr && $tospace['uid'] != $_G['uid']) { hot_update($hotarr[0], $hotarr[1], $hotarr[2]); } $fs = array(); $fs['icon'] = 'comment'; $fs['target_ids'] = ''; $fs['friend'] = ''; $fs['body_template'] = ''; $fs['body_data'] = array(); $fs['body_general'] = '';
* This is NOT a freeware, use is subject to license terms * * $Id: spacecp_doing.php 19863 2011-01-21 02:26:13Z zhengqingpeng $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } $doid = empty($_GET['doid']) ? 0 : intval($_GET['doid']); $id = empty($_GET['id']) ? 0 : intval($_GET['id']); if (submitcheck('addsubmit')) { $add_doing = 1; if (!checkperm('allowdoing')) { showmessage('no_privilege'); } ckrealname('doing'); ckvideophoto('doing'); cknewuser(); $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', array('waittime' => $waittime)); } $message = getstr($_POST['message'], 200, 1, 1, 1); $message = preg_replace("/\\<br.*?\\>/i", ' ', $message); if (strlen($message) < 1) { showmessage('should_write_that'); } $message = censor($message, NULL, TRUE); if (is_array($message) && $message['message']) { showmessage('do_success', dreferer(), array('message' => $message['message'])); } if (censormod($message) || $_G['group']['allowdoingmod']) {
/** * [Discuz!] (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: space_profile.php 10974 2010-05-19 02:24:31Z xupeng $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } require_once libfile('function/spacecp'); space_merge($space, 'count'); space_merge($space, 'field_home'); space_merge($space, 'field_forum'); space_merge($space, 'profile'); space_merge($space, 'status'); if ($space['videophoto'] && ckvideophoto('viewphoto', $space, 1)) { $space['videophoto'] = getvideophoto($space['videophoto']); } else { $space['videophoto'] = ''; } $space['admingroup'] = $_G['cache']['usergroups'][$space['adminid']]; $space['admingroup']['icon'] = g_icon($space['adminid'], 1); $space['group'] = $_G['cache']['usergroups'][$space['groupid']]; $space['group']['icon'] = g_icon($space['groupid'], 1); if ($space['extgroupids']) { $newgroup = array(); $e_ids = explode(',', $space['extgroupids']); foreach ($e_ids as $e_id) { $newgroup[] = $_G['usergroups'][$e_id]['grouptitle']; } $space['extgroupids'] = implode(',', $newgroup);
} if ($space['medals']) { loadcache('medals'); foreach ($space['medals'] = explode("\t", $space['medals']) as $key => $medalid) { list($medalid, $medalexpiration) = explode("|", $medalid); if (isset($_G['cache']['medals'][$medalid]) && (!$medalexpiration || $medalexpiration > TIMESTAMP)) { $space['medals'][$key] = $_G['cache']['medals'][$medalid]; $space['medals'][$key]['medalid'] = $medalid; } else { unset($space['medals'][$key]); } } } $upgradecredit = $space['uid'] && $space['group']['type'] == 'member' && $space['group']['creditslower'] != 9999999 ? $space['group']['creditslower'] - $space['credits'] : false; $allowupdatedoing = $space['uid'] == $_G['uid'] && checkperm('allowdoing'); dsetcookie('home_diymode', 1); $navtitle = lang('space', 'sb_profile', array('who' => $space['username'])); $metakeywords = lang('space', 'sb_profile', array('who' => $space['username'])); $metadescription = lang('space', 'sb_profile', array('who' => $space['username'])); $showvideophoto = true; if ($space['videophotostatus'] > 0 && $_G['uid'] != $space['uid'] && !ckvideophoto($space, 1)) { $showvideophoto = false; } if (!$_G['privacy']) { if (!$_G['inajax']) { include_once template("home/space_profile"); } else { $_G['gp_do'] = 'card'; include_once template("home/space_card"); } }
showmessage('not_to_their_own_greeted'); } if ($op == 'send' || $op == 'reply') { if (!checkperm('allowpoke')) { showmessage('no_privilege'); } ckrealname('poke'); cknewuser(); $tospace = array(); if ($uid) { $tospace = getspace($uid); } elseif ($_POST['username']) { $tospace = DB::fetch_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'username']}' LIMIT 1"); } if ($tospace['videophotostatus']) { ckvideophoto('poke', $tospace); } if ($tospace && isblacklist($tospace['uid'])) { showmessage('is_blacklist'); } if (submitcheck('pokesubmit')) { if (empty($tospace)) { showmessage('space_does_not_exist'); } $oldpoke = getcount('home_poke', array('uid' => $uid, 'fromuid' => $_G['uid'])); $notetext = getstr($_POST['note'], 150, 1, 1); $notetext = censor($notetext); $setarr = array('pokeuid' => $uid + $_G['uid'], 'uid' => $uid, 'fromuid' => $_G['uid'], 'note' => $notetext, 'dateline' => $_G['timestamp'], 'iconid' => intval($_POST['iconid'])); DB::insert('home_pokearchive', $setarr); $setarr = array('uid' => $uid, 'fromuid' => $_G['uid'], 'fromusername' => $_G['username'], 'note' => getstr($_POST['note'], 150, 1, 1), 'dateline' => $_G['timestamp'], 'iconid' => intval($_POST['iconid'])); DB::insert('home_poke', $setarr, 0, true);
$maxfriendnum = checkperm('maxfriendnum'); if ($maxfriendnum && $space['friendnum'] >= $maxfriendnum + $space['addfriend']) { if ($_SGLOBAL['magic']['friendnum']) { showmessage('enough_of_the_number_of_friends_with_magic'); } else { showmessage('enough_of_the_number_of_friends'); } } //对方是否把自己加为了好友 $fstatus = getfriendstatus($uid, $_SGLOBAL['supe_uid']); if ($fstatus == -1) { //对方没有加好友,我加别人 if ($status == -1) { //视频认证 if ($tospace['videostatus']) { ckvideophoto('friend', $tospace); } //添加单向好友 if (submitcheck('addsubmit')) { $setarr = array('uid' => $_SGLOBAL['supe_uid'], 'fuid' => $uid, 'fusername' => addslashes($tospace['username']), 'gid' => intval($_POST['gid']), 'note' => getstr($_POST['note'], 50, 1, 1), 'dateline' => $_SGLOBAL['timestamp']); inserttable('friend', $setarr); //发送邮件通知 smail($uid, '', cplang('friend_subject', array($_SN[$space['uid']], getsiteurl() . 'cp.php?ac=friend&op=request')), '', 'friend_add'); //增加对方好友申请数 $_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET addfriendnum=addfriendnum+1 WHERE uid='{$uid}'"); showmessage('request_has_been_sent'); } else { include_once template('cp_friend'); exit; } } else {
<?php /** * [Discuz!] (C)2001-2099 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: space_videophoto.php 22572 2011-05-12 09:35:18Z zhengqingpeng $ */ if (!defined('IN_DISCUZ')) { exit('Access Denied'); } if (empty($_G['setting']['verify'][7]['available'])) { showmessage('no_open_videophoto'); } require_once libfile('function/spacecp'); ckvideophoto($space); $videophoto = getvideophoto($space['videophoto']); include_once template("home/space_videophoto");
function pic_save($FILE, $albumid, $title, $iswatermark = true) { global $_G, $space; if ($albumid < 0) { $albumid = 0; } $allowpictype = array('jpg', 'jpeg', 'gif', 'png'); require_once libfile('class/upload'); $upload = new discuz_upload(); $upload->init($FILE, 'album'); if ($upload->error()) { return lang('spacecp', 'lack_of_access_to_upload_file_size'); } if (!$upload->attach['isimage']) { return lang('spacecp', 'only_allows_upload_file_types'); } if (empty($space)) { $_G['member'] = $space = getspace($_G['uid']); $_G['username'] = addslashes($space['username']); } if (!checkperm('allowupload')) { return lang('spacecp', 'not_allow_upload'); } if (!ckrealname('album', 1)) { return lang('spacecp', 'not_allow_upload'); } if (!ckvideophoto('album', array(), 1)) { return lang('spacecp', 'not_allow_upload'); } if (!cknewuser(1)) { return lang('spacecp', 'not_allow_upload'); } $maxspacesize = checkperm('maxspacesize'); $maxspacesize = $maxspacesize * 1024 * 1024; if ($maxspacesize) { space_merge($space, 'count'); space_merge($space, 'field_home'); if ($space['attachsize'] + $upload->attach['size'] > $maxspacesize + $space['addsize']) { return lang('spacecp', 'inadequate_capacity_space'); } } $showtip = true; $albumfriend = 0; if ($albumid) { $albumid = album_creat_by_id($albumid); } else { $albumid = 0; $showtip = false; } $upload->save(); if ($upload->error()) { return lang('spacecp', 'mobile_picture_temporary_failure'); } $new_name = $upload->attach['target']; require_once libfile('class/image'); $image = new image(); $result = $image->Thumb($new_name, '', 140, 140, 1); $thumb = empty($result) ? 0 : 1; if ($_G['setting']['maxthumbwidth'] && $_G['setting']['maxthumbheight']) { if ($_G['setting']['maxthumbwidth'] < 300) { $_G['setting']['maxthumbwidth'] = 300; } if ($_G['setting']['maxthumbheight'] < 300) { $_G['setting']['maxthumbheight'] = 300; } $image->Thumb($new_name, '', $_G['setting']['maxthumbwidth'], $_G['setting']['maxthumbheight'], 1, 1); } if ($iswatermark) { $image->Watermark($new_name); } $pic_remote = 0; $album_picflag = 1; if (getglobal('setting/ftp/on')) { $ftpresult_thumb = 0; $ftpresult = ftpcmd('upload', 'album/' . $upload->attach['attachment']); if ($ftpresult) { if ($thumb) { ftpcmd('upload', 'album/' . $upload->attach['attachment'] . '.thumb.jpg'); } $pic_remote = 1; $album_picflag = 2; } else { if (getglobal('setting/ftp/mirror')) { @unlink($upload->attach['target']); @unlink($upload->attach['target'] . '.thumb.jpg'); return lang('spacecp', 'ftp_upload_file_size'); } } } $title = getstr($title, 200, 1, 1, 1); $setarr = array('albumid' => $albumid, 'uid' => $_G['uid'], 'username' => $_G['username'], 'dateline' => $_G['timestamp'], 'filename' => addslashes($upload->attach['name']), 'postip' => $_G['clientip'], 'title' => $title, 'type' => addslashes($upload->attach['ext']), 'size' => $upload->attach['size'], 'filepath' => $upload->attach['attachment'], 'thumb' => $thumb, 'remote' => $pic_remote); $setarr['picid'] = DB::insert('home_pic', $setarr, 1); DB::query("UPDATE " . DB::table('common_member_count') . " SET attachsize=attachsize+{$upload->attach['size']} WHERE uid='{$_G['uid']}'"); include_once libfile('function/stat'); updatestat('pic'); return $setarr; }
$waittime = interval_check('post'); if ($waittime > 0) { //showmessage('operating_too_fast', '', 1, array($waittime)); echo "fast_error"; exit; } } else { if (!checkperm('allowdoing')) { $add_doing = 0; } //ʵÃû if (!ckrealname('doing', 1)) { $add_doing = 0; } //ÊÓƵ if (!ckvideophoto('doing', array(), 1)) { $add_doing = 0; } //ÐÂÓû§ if (!cknewuser(1)) { $add_doing = 0; } $waittime = interval_check('post'); if ($waittime > 0) { $add_doing = 0; } } //»ñÈ¡ÐÄÇé $mood = 0; preg_match("/\\[em\\:(\\d+)\\:\\]/s", $_POST['message'], $ms); $mood = empty($ms[1]) ? 0 : intval($ms[1]);
function pic_save($FILE, $albumid, $title, $topicid=0) { global $_SGLOBAL, $_SCONFIG, $space, $_SC; if($albumid<0) $albumid = 0; //允许上传类型 $allowpictype = array('jpg','jpeg','gif','png'); //检查 $FILE['size'] = intval($FILE['size']); if(empty($FILE['size']) || empty($FILE['tmp_name']) || !empty($FILE['error'])) { return cplang('lack_of_access_to_upload_file_size'); } //判断后缀 $fileext = fileext($FILE['name']); if(!in_array($fileext, $allowpictype)) { return cplang('only_allows_upload_file_types'); } //获取目录 if(!$filepath = getfilepath($fileext, true)) { return cplang('unable_to_create_upload_directory_server'); } //检查空间大小 if(empty($space)) { $space = getspace($_SGLOBAL['supe_uid']); } //用户组 if(!checkperm('allowupload')) { ckspacelog(); return cplang('inadequate_capacity_space'); } //实名认证 if(!ckrealname('album', 1)) { return cplang('inadequate_capacity_space'); } //视频认证 if(!ckvideophoto('album', array(), 1)) { return cplang('inadequate_capacity_space'); } //新用户见习 if(!cknewuser(1)) { return cplang('inadequate_capacity_space'); } $maxattachsize = checkperm('maxattachsize');//单位MB if($maxattachsize) {//0为不限制 if($space['attachsize'] + $FILE['size'] > $maxattachsize + $space['addsize']) { return cplang('inadequate_capacity_space'); } } //相册选择 $showtip = true; $albumfriend = 0; if($albumid) { preg_match("/^new\:(.+)$/i", $albumid, $matchs); if(!empty($matchs[1])) { $albumname = shtmlspecialchars(trim($matchs[1])); if(empty($albumname)) $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } else { $albumid = intval($albumid); if($albumid) { $query = $_SGLOBAL['db']->query("SELECT albumname,friend FROM ".tname('album')." WHERE albumid='$albumid' AND uid='$_SGLOBAL[supe_uid]'"); if($value = $_SGLOBAL['db']->fetch_array($query)) { $albumname = addslashes($value['albumname']); $albumfriend = $value['friend']; } else { $albumname = sgmdate('Ymd'); $albumid = album_creat(array('albumname' => $albumname)); } } } } else { $albumid = 0; $showtip = false; } //本地上传 $new_name = $_SC['attachdir'].'./'.$filepath; $tmp_name = $FILE['tmp_name']; if(@copy($tmp_name, $new_name)) { @unlink($tmp_name); } elseif((function_exists('move_uploaded_file') && @move_uploaded_file($tmp_name, $new_name))) { } elseif(@rename($tmp_name, $new_name)) { } else { return cplang('mobile_picture_temporary_failure'); } //检查是否图片 if(function_exists('getimagesize')) { $tmp_imagesize = @getimagesize($new_name); list($tmp_width, $tmp_height, $tmp_type) = (array)$tmp_imagesize; $tmp_size = $tmp_width * $tmp_height; if($tmp_size > 16777216 || $tmp_size < 4 || empty($tmp_type) || strpos($tmp_imagesize['mime'], 'flash') > 0) { @unlink($new_name); return cplang('only_allows_upload_file_types'); } } //缩略图 include_once(S_ROOT.'./source/function_image.php'); $thumbpath = makethumb($new_name); $thumb = empty($thumbpath)?0:1; //是否压缩 //获取上传后图片大小 if(@$newfilesize = filesize($new_name)) { $FILE['size'] = $newfilesize; } //水印 if($_SCONFIG['allowwatermark']) { makewatermark($new_name); } //进行ftp上传 if($_SCONFIG['allowftp']) { include_once(S_ROOT.'./source/function_ftp.php'); if(ftpupload($new_name, $filepath)) { $pic_remote = 1; $album_picflag = 2; } else { @unlink($new_name); @unlink($new_name.'.thumb.jpg'); runlog('ftp', 'Ftp Upload '.$new_name.' failed.'); return cplang('ftp_upload_file_size'); } } else { $pic_remote = 0; $album_picflag = 1; } //入库 $title = getstr($title, 200, 1, 1, 1); //入库 $setarr = array( 'albumid' => $albumid, 'uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'dateline' => $_SGLOBAL['timestamp'], 'filename' => addslashes($FILE['name']), 'postip' => getonlineip(), 'title' => $title, 'type' => addslashes($FILE['type']), 'size' => $FILE['size'], 'filepath' => $filepath, 'thumb' => $thumb, 'remote' => $pic_remote, 'topicid' => $topicid ); $setarr['picid'] = inserttable('pic', $setarr, 1); //更新附件大小 //积分 $setsql = ''; if($showtip) { $reward = getreward('uploadimage', 0); if($reward['credit']) { $setsql = ",credit=credit+$reward[credit]"; } if($reward['experience']) { $setsql .= ",experience=experience+$reward[experience]"; } } $_SGLOBAL['db']->query("UPDATE ".tname('space')." SET attachsize=attachsize+'$FILE[size]', updatetime='$_SGLOBAL[timestamp]' $setsql WHERE uid='$_SGLOBAL[supe_uid]'"); //相册更新 if($albumid) { $file = $filepath.($thumb?'.thumb.jpg':''); $_SGLOBAL['db']->query("UPDATE ".tname('album')." SET picnum=picnum+1, updatetime='$_SGLOBAL[timestamp]', pic='$file', picflag='$album_picflag' WHERE albumid='$albumid'"); } //统计 updatestat('pic'); return $setarr; }
$op = empty($_GET['op']) ? '' : $_GET['op']; $bwzt = array(); if ($bwztid) { $query = $_SGLOBAL['db']->query("SELECT bf.*, b.* FROM " . tname('bwzt') . " b \n\t\tLEFT JOIN " . tname('bwztfield') . " bf ON bf.bwztid=b.bwztid \n\t\tWHERE b.bwztid='{$bwztid}'"); $bwzt = $_SGLOBAL['db']->fetch_array($query); } //权限检查 if (empty($bwzt)) { if (!checkperm('allowbwzt')) { ckspacelog(); showmessage('no_authority_to_add_log'); } //实名认证 ckrealname('bwzt'); //视频认证 ckvideophoto('bwzt'); //新用户见习 cknewuser(); //判断是否发布太快 $waittime = interval_check('post'); if ($waittime > 0) { showmessage('operating_too_fast', '', 1, array($waittime)); } //接收外部标题 $bwzt['subject'] = empty($_GET['subject']) ? '' : getstr($_GET['subject'], 80, 1, 0); $bwzt['message'] = empty($_GET['message']) ? '' : getstr($_GET['message'], 5000, 1, 0); } else { if ($_SGLOBAL['supe_uid'] != $bwzt['uid'] && !checkperm('managebwzt')) { showmessage('no_authority_operation_of_the_log'); } }