public static function scan($param)
{
list($data) = $param;
self::_init();
global $_G;
if (!$_G['wechat']['setting']['wsq_allow']) {
return;
}
$authcode = C::t('#wechat#mobile_wechat_authcode')->fetch_by_code($data['key']);
if (!$authcode || $authcode['status']) {
// echo WeChatServer::getXml4Txt(lang('plugin/wechat', 'wechat_response_text_codeerror'));
} else {
if ($authcode['uid']) {
$member = getuserbyuid($authcode['uid'], 1);
if ($member['adminid'] == 0 && !$_G['wechat']['setting']['wechat_confirmtype']) {
C::t('#wechat#mobile_wechat_authcode')->update($authcode['sid'], array('uid' => $member['uid'], 'status' => 1));
$authcode['sid'] = '';
}
} else {
$wechatuser = C::t('#wechat#common_member_wechat')->fetch_by_openid($data['from']);
if ($wechatuser) {
$member = getuserbyuid($wechatuser['uid'], 1);
if ($member['adminid'] == 0 && !$_G['wechat']['setting']['wechat_confirmtype']) {
C::t('#wechat#mobile_wechat_authcode')->update($authcode['sid'], array('uid' => $member['uid'], 'status' => 1));
$authcode['sid'] = '';
}
} elseif ($_G['wechat']['setting']['wechat_allowregister'] && $_G['wechat']['setting']['wechat_allowfastregister'] && $_G['wechat']['setting']['wechat_mtype'] == 2) {
require_once DISCUZ_ROOT . './source/plugin/wechat/wechat.class.php';
require_once libfile('function/member');
$uid = WeChat::register(WeChat::getnewname($data['from']), 1);
if ($uid) {
WeChatHook::bindOpenId($uid, $data['from'], 1);
C::t('#wechat#mobile_wechat_authcode')->update($authcode['sid'], array('uid' => $uid, 'status' => 1));
}
wsq::report('register');
$authcode['sid'] = '';
}
}
wsq::report('scanqr');
self::_show('scan', $data['from'] . "\t" . $authcode['sid']);
}
}
function user_login($uid)
{
$member = getuserbyuid($uid);
$cookietime = 1296000;
require_once libfile('function/member');
setloginstatus($member, $cookietime);
}
function poll_upload()
{
global $_G;
$this->uid = intval($_G['gp_uid']);
$swfhash = md5(substr(md5($_G['config']['security']['authkey']), 8) . $this->uid);
if (!$_FILES['Filedata']['error'] && $_G['gp_hash'] == $swfhash && $this->uid) {
$this->aid = 0;
$this->simple = 0;
$this->user = getuserbyuid($this->uid);
if (empty($this->user['adminid'])) {
$this->uploadmsg(9);
}
$_G['uid'] = $this->uid;
$this->pollid = !empty($_G['gp_pollid']) ? intval($_G['gp_pollid']) : 0;
if ($this->pollid <= 0 || !intval(DB::result_first("SELECT contenttype FROM " . DB::table('poll_item') . " WHERE itemid='{$this->pollid}'"))) {
$this->uploadmsg(9);
}
$attach = upload_images($_FILES['Filedata'], 'poll', 176, 176);
$caption = dhtmlspecialchars(trim($attach['name']));
$caption = substr($caption, 0, -(strlen(fileext($caption)) + 1));
$data = array('itemid' => $this->pollid, 'caption' => $caption, 'displayorder' => 0, 'imageurl' => $attach['attachment'], 'aid' => $attach['aid']);
DB::insert('poll_choice', $data);
$this->aid = $this->pollid;
$this->uploadmsg(0);
}
}
function getinvite()
{
global $_G;
$result = array();
$cookies = empty($_G['cookie']['invite_auth']) ? array() : explode(',', $_G['cookie']['invite_auth']);
$cookiecount = count($cookies);
if ($cookiecount == 2) {
$id = intval($cookies[0]);
$code = $cookies[1];
$query = DB::query("SELECT * FROM " . DB::table('common_invite') . " WHERE id='{$id}'");
if ($invite = DB::fetch($query)) {
if ($invite['code'] == $code && empty($invite['fuid']) && (empty($invite['endtime']) || $_G['timestamp'] < $invite['endtime'])) {
$result['uid'] = $invite['uid'];
$result['id'] = $invite['id'];
$result['appid'] = $invite['appid'];
}
}
} elseif ($cookiecount == 3) {
$uid = intval($cookies[0]);
$code = $cookies[1];
$appid = intval($cookies[2]);
$invite_code = space_key($uid, $appid);
if ($code == $invite_code) {
$result['uid'] = $uid;
$result['appid'] = $appid;
}
}
if ($result['uid']) {
$member = getuserbyuid($result['uid']);
$result['username'] = $member['username'];
} else {
dsetcookie('invite_auth', '', -86400 * 365);
}
return $result;
}
private function _login($res, $username, $password, $mobile, $code, $isValidation)
{
global $_G;
$username = rawurldecode($username);
$password = rawurldecode($password);
if ($username == MOBCENT_HACKER_USER && $password == MOBCENT_HACKER_PASSWORD) {
$token = isset($_GET['accessToken']) ? $_GET['accessToken'] : '';
$secret = isset($_GET['accessSecret']) ? $_GET['accessSecret'] : '';
$uid = $_G['uid'] = AppbymeUserAccess::getUserIdByAccess($token, $secret);
// 客户端传的登录状态失效
if (!$uid) {
return $this->makeErrorInfo($res, 'mobcent_login_status');
}
$result['member'] = getuserbyuid($uid);
$_G['username'] = $result['member']['username'];
// 把登录信息写入cookie中,并且更新登录的状态
UserUtils::updateCookie($result['member'], $uid);
// 需要整理token和secret再返回给客户端
$userInfo = array('token' => $token, 'secret' => $secret);
} else {
$username = WebUtils::t($username);
$logInfo = UserUtils::login($username, $password);
if ($logInfo['errcode']) {
UserUtils::delUserAccessByUsername($username);
return $this->makeErrorInfo($res, $logInfo['message']);
}
if ($isValidation == 1) {
// 是否开启了登录手机验证
$isLoginValidation = WebUtils::getDzPluginAppbymeAppConfig('mobcent_login_validation');
if ($isLoginValidation) {
$userMobileBind = AppbymeSendsms::getBindInfoByUid($_G['uid']);
if (!$userMobileBind) {
// 当前登录的用户没有绑定手机号码
if ($mobile == '' && $code == '') {
$res['isValidation'] = 1;
return $this->makeErrorInfo($res, '', array('noError' => 0, 'alert' => 0));
}
$checkInfo = UserUtils::checkMobileCode($res, $mobile, $code);
if ($checkInfo['rs'] == 0) {
return $this->makeErrorInfo($res, $checkInfo['errcode']);
}
$updataArr = array('uid' => $_G['uid']);
AppbymeSendsms::updateMobile($mobile, $updataArr);
}
}
}
$userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password);
}
$userAvatar = UserUtils::getUserAvatar($_G['uid']);
$res['isValidation'] = 0;
$res['token'] = (string) $userInfo['token'];
$res['secret'] = (string) $userInfo['secret'];
$res['uid'] = (int) $_G['uid'];
$res['avatar'] = (string) $userAvatar;
$res['userName'] = (string) $_G['username'];
return $res;
}
public static function synlogin($get, $post)
{
global $_G;
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
$cookietime = 31536000;
$user_id = intval($get['user_id']);
if ($member = getuserbyuid($user_id)) {
self::dsetcookie('auth', self::authcode("{$member['password']}\t{$member['user_id']}", 'ENCODE'), $cookietime);
}
}
public function update_groupid_by_uid($uid)
{
$user = getuserbyuid($uid);
if ($user['groupid'] == 1) {
return;
}
if (DB::result_first("select COUNT(*) from %t where uid=%d", array($this->_table, $uid))) {
$groupid = 2;
} else {
$groupid = 9;
}
return C::t('user')->update($uid, array('groupid' => $groupid));
}
public function onUsersGetFormHash($uId, $userAgent)
{
global $_G;
$uId = intval($uId);
if (!$uId) {
return false;
}
$member = getuserbyuid($uId, 1);
$_G['username'] = $member['username'];
$_G['uid'] = $member['uid'];
$_G['authkey'] = md5($_G['config']['security']['authkey'] . $userAgent);
return formhash();
}
public function fetch_perm_by_uid($uid, $cid)
{
$user = getuserbyuid($uid);
if ($user['adminid'] == 1) {
return 3;
}
if (DB::result_first("select COUNT(*) from %t where cid=%d and uid=%d", array($this->_table, $cid, $uid))) {
return DB::result_first("select `perm` from %t where cid=%d and uid=%d", array($this->_table, $cid, $uid));
} else {
return 0;
}
return DB::result_first("select perm from %t where cid=%d and uid=%d", array($this->_table, $cid, $uid));
}
private function _inviteActiv($res, $accessToken, $accessSecret, $device, $activityId)
{
// 获取邀请注册活动的配置
$config = ActivityUtils::getInviteConfig($activityId);
if (empty($config) || !$config['is_run']) {
return $this->makeErrorInfo($res, 'mobcent_activity_invalid');
}
$res['body']['sponsor'] = (string) $config['sponsor'];
$res['body']['startTime'] = (string) $config['start_time'] . '000';
$res['body']['stopTime'] = (string) $config['stop_time'] . '000';
$res['body']['firstReward'] = (int) $config['first_reward'];
$res['body']['inviteReward'] = (int) $config['invite_reward'];
$res['body']['isShowCheck'] = 0;
$res['body']['exchangeNum'] = '';
$res['body']['activityRule'] = (string) $config['activity_rule'];
$res['body']['shareAppUrl'] = (string) $config['share_appurl'];
if ($accessToken !== '' && $accessSecret !== '') {
$uid = AppbymeUserAccess::getUserIdByAccess($accessToken, $accessSecret);
if ($uid) {
// 当前登录用户参加活动信息|appbyme_activity_invite_user
$exchangeInfo = AppbymeActivityInviteUser::getExchangeInfo($uid);
if ($exchangeInfo) {
$checkInvite = ActivityUtils::checkInvite($config, $uid, $device);
if ($checkInvite['rs']) {
$res['body']['isShowCheck'] = 1;
}
$res['body']['exchangeNum'] = $exchangeInfo['exchange_num'];
} else {
$checkInvite = ActivityUtils::checkInvite($config, $uid, $device);
$userInfo = getuserbyuid($uid);
$username = $userInfo['username'];
$rewardSum = $config['first_reward'];
$availableReward = $config['first_reward'];
$exchangeNum = $this->getUniqueNum($uid);
$joining = 0;
if (empty($checkInvite['rs'])) {
$joining = 1;
}
$insertUser = array('uid' => $uid, 'activity_id' => $activityId, 'username' => $username, 'reward_sum' => $rewardSum, 'available_reward' => $availableReward, 'exchange_num' => $exchangeNum, 'device' => $device, 'joining' => $joining);
if (AppbymeActivityInviteUser::insertUser($insertUser)) {
if ($checkInvite['rs']) {
$res['body']['isShowCheck'] = 1;
}
$res['body']['exchangeNum'] = (string) $exchangeNum;
}
}
}
}
return $res;
}
public static function sendpm($toid, $subject, $message, $fromid = '', $replypmid = 0, $isusername = 0, $type = 0)
{
global $_G;
if ($fromid === '') {
$fromid = $_G['uid'];
}
$author = '';
if ($fromid) {
if ($fromid == $_G['uid']) {
$sendpmmaxnum = $_G['group']['allowsendpmmaxnum'];
$author = $_G['username'];
} else {
$user = getuserbyuid($fromid);
$author = $user['username'];
loadcache('usergroup_' . $user['groupid']);
$sendpmmaxnum = $_G['cache']['usergroup_' . $user['groupid']]['allowsendpmmaxnum'];
}
$currentnum = C::t('common_member_action_log')->count_day_hours(getuseraction('pmid'), $fromid);
if ($sendpmmaxnum && $currentnum >= $sendpmmaxnum) {
return -16;
}
}
loaducenter();
$return = uc_pm_send($fromid, $toid, addslashes($subject), addslashes($message), 1, $replypmid, $isusername, $type);
if ($return > 0 && $fromid) {
if ($_G['setting']['cloud_status']) {
$msgService = Cloud::loadClass('Cloud_Service_Client_Message');
if (is_numeric($toid)) {
$tospace = getuserbyuid($toid);
if ($tospace['conisbind']) {
$msgService->add($toid, $fromid, $author, $_G['timestamp']);
}
} else {
$senduids = array();
foreach (C::t('common_member')->fetch_all_by_username(explode(',', $toid)) as $touser) {
if ($touser['conisbind']) {
$senduids[$touser['uid']] = $touser['uid'];
}
}
if ($senduids) {
$msgService->add($senduids, $fromid, $author, $_G['timestamp']);
}
}
}
foreach (explode(',', $fromid) as $v) {
useractionlog($fromid, 'pmid');
}
}
return $return;
}
function connect_login($connect_member)
{
global $_G;
if (!($member = getuserbyuid($connect_member['uid'], 1))) {
return false;
} else {
if (isset($member['_inarchive'])) {
C::t('common_member_archive')->move_to_master($member['uid']);
}
}
require_once libfile('function/member');
$cookietime = 1296000;
setloginstatus($member, $cookietime);
dsetcookie('connect_login', 1, $cookietime);
dsetcookie('connect_is_bind', '1', 31536000);
dsetcookie('connect_uin', $connect_member['conopenid'], 31536000);
return true;
}
public function setAdministror($uid, $adminid)
{
$user = getuserbyuid($uid);
if ($user['adminid'] == $adminid) {
return true;
}
if (self::checkfounder($user)) {
//创始人不允许修改
return true;
}
$arr = array();
if ($adminid > 0) {
parent::update($uid, array('adminid' => 1, 'groupid' => 1));
} else {
$groupid = 9;
if (C::t('organization_admin')->fetch_orgids_by_uid($uid)) {
$groupid = 2;
}
parent::update($uid, array('adminid' => 0, 'groupid' => $groupid));
}
}
public static function notification_add($touid, $type, $note, $notevars = array(), $category = 0, $langfolder)
{
global $_G;
if (!($tospace = getuserbyuid($touid))) {
return false;
}
$notestring = lang('notification', $note, $notevars, '', $langfolder);
$notestring_wx = lang('notification', $note . '_wx', $notevars, '', $langfolder);
$redirect = lang('notification', $note . '_redirecturl', $notevars, '', $langfolder);
$title = lang('notification', $note . '_title', $notevars, '', $langfolder);
$oldnote = array();
//if($notevars['from_id'] && $notevars['from_idtype']) {
$oldnote = C::t('notification')->fetch_by_fromid_uid_type($notevars['from_id'], $notevars['from_idtype'], $touid, $type);
//}
if (empty($oldnote['from_num'])) {
$oldnote['from_num'] = 0;
}
$notevars['from_num'] = $notevars['from_num'] ? $notevars['from_num'] : 1;
$setarr = array('uid' => $touid, 'type' => $type, 'new' => 1, 'wx_new' => 1, 'wx_note' => $notestring_wx, 'redirecturl' => $redirect, 'title' => $title, 'authorid' => $_G['uid'], 'author' => $_G['username'], 'note' => $notestring, 'dateline' => $_G['timestamp'], 'from_id' => $notevars['from_id'], 'from_idtype' => $notevars['from_idtype'], 'from_num' => $oldnote['from_num'] + $notevars['from_num'], 'category' => $category);
if ($category == 1) {
$setarr['authorid'] = 0;
$setarr['author'] = '';
}
if ($oldnote['id']) {
$setarr['id'] = $oldnote['id'];
C::t('notification')->update($oldnote['id'], $setarr);
} else {
$oldnote['new'] = 0;
$setarr['id'] = C::t('notification')->insert($setarr, true);
}
//self::wx_notification($setarr);
//$banType = array('task');
if (empty($oldnote['new'])) {
C::t('user')->increase($touid, array('newprompt' => 1));
/*require_once libfile('function/mail');
$mail_subject = lang('notification', 'mail_to_user');
sendmail_touser($touid, $mail_subject, $notestring, $type);*/
}
}
private function _login($res, $username, $password)
{
global $_G;
$username = rawurldecode($username);
$password = rawurldecode($password);
if ($username == MOBCENT_HACKER_USER && $password == MOBCENT_HACKER_PASSWORD) {
$token = isset($_GET['accessToken']) ? $_GET['accessToken'] : '';
$secret = isset($_GET['accessSecret']) ? $_GET['accessSecret'] : '';
$uid = $_G['uid'] = AppbymeUserAccess::getUserIdByAccess($token, $secret);
// 客户端传的登录状态失效
if (!$uid) {
return $this->makeErrorInfo($res, 'mobcent_login_status');
}
$result['member'] = getuserbyuid($uid);
$_G['username'] = $result['member']['username'];
// 把登录信息写入cookie中,并且更新登录的状态
UserUtils::updateCookie($result['member'], $uid);
// 需要整理token和secret再返回给客户端
$userInfo = array('token' => $token, 'secret' => $secret);
} else {
$username = WebUtils::t($username);
$logInfo = UserUtils::login($username, $password);
if ($logInfo['errcode']) {
UserUtils::delUserAccessByUsername($username);
return $this->makeErrorInfo($res, $logInfo['message']);
}
$userInfo = AppbymeUserAccess::loginProcess($_G['uid'], $password);
}
$userAvatar = UserUtils::getUserAvatar($_G['uid']);
$res['token'] = (string) $userInfo['token'];
$res['secret'] = (string) $userInfo['secret'];
$res['uid'] = (int) $_G['uid'];
$res['avatar'] = (string) $userAvatar;
$res['userName'] = (string) $_G['username'];
return $res;
}
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if (!isset($_G['setting']['extcredits'][$_G['setting']['creditstransextra'][1]])) {
showmessage('credits_transaction_disabled');
}
$extcredit = 'extcredits' . $_G['setting']['creditstransextra'][1];
$payment = C::t('common_credit_log')->count_stc_by_relatedid($_G['tid'], $_G['setting']['creditstransextra'][1]);
$thread['payers'] = $payment['payers'];
$thread['netprice'] = !$_G['setting']['maxincperthread'] || $_G['setting']['maxincperthread'] && $payment['income'] < $_G['setting']['maxincperthread'] ? floor($thread['price'] * (1 - $_G['setting']['creditstax'])) : 0;
$thread['creditstax'] = sprintf('%1.2f', $_G['setting']['creditstax'] * 100) . '%';
$thread['endtime'] = $_G['setting']['maxchargespan'] ? dgmdate($_G['forum_thread']['dateline'] + $_G['setting']['maxchargespan'] * 3600, 'u') : 0;
$thread['price'] = $_G['forum_thread']['price'];
$firstpost = C::t('forum_post')->fetch_threadpost_by_tid_invisible($_G['tid']);
if ($firstpost) {
$member = getuserbyuid($firstpost['authorid']);
$firstpost['groupid'] = $member['groupid'];
}
$pid = $firstpost['pid'];
$freemessage = array();
$freemessage[$pid]['message'] = '';
if (preg_match_all("/\\[free\\](.+?)\\[\\/free\\]/is", $firstpost['message'], $matches)) {
foreach ($matches[1] as $match) {
$freemessage[$pid]['message'] .= discuzcode($match, $firstpost['smileyoff'], $firstpost['bbcodeoff'], sprintf('%00b', $firstpost['htmlon']), $_G['forum']['allowsmilies'], $_G['forum']['allowbbcode'] ? -$firstpost['groupid'] : 0, $_G['forum']['allowimgcode'], $_G['forum']['allowhtml'], $_G['forum']['jammer'] && $post['authorid'] != $_G['uid'] ? 1 : 0, 0, $post['authorid'], $_G['forum']['allowmediacode'], $pid) . '<br />';
}
}
$attachtags = array();
if ($_G['group']['allowgetattach'] || $_G['group']['allowgetimage']) {
if (preg_match_all("/\\[attach\\](\\d+)\\[\\/attach\\]/i", $freemessage[$pid]['message'], $matchaids)) {
$attachtags[$pid] = $matchaids[1];
}
showmessage('信息不存在或已删除', dreferer());
}
include libfile('function/news');
//根据信息发布权限判断用户是否有查看权限
$perm = getPermByUid($_G['uid']);
if (!getViewPerm($news)) {
showmessage('您没有查看此信息的权限,请联系管理员', dreferer());
}
//获取分类名称
if ($news['catid']) {
$news['catname'] = DB::result_first("select name from %t where catid=%d", array('news_cat', $news['catid']));
}
if ($news['opuid'] && ($opuser = getuserbyuid($news['opuid']))) {
$news['opauthor'] = $opuser['username'];
}
if ($news['moduid'] && ($moduser = getuserbyuid($news['moduid']))) {
$news['modusername'] = $moduser['username'];
}
$navtitle = $news['subject'];
$navlast = getstr($news['subject'], 15);
$refer = empty($_GET['refer']) ? dreferer() : $_GET['refer'];
//获取信息的发布范围
$sel = array();
$sel_org = array();
$sel_user = array();
if ($news['orgids']) {
$orgids = explode(',', $news['orgids']);
$sel_org = C::t('organization')->fetch_all($orgids);
foreach ($sel_org as $value) {
$sel[] = $value['orgid'];
}
$pid = intval($_GET['pid']);
$thread = C::t('forum_thread')->fetch($tid);
$post = C::t('forum_post')->fetch($thread['posttableid'], $pid);
include template('forum/ajax_followpost');
} elseif ($_GET['action'] == 'quickclear') {
$uid = intval($_GET['uid']);
if ($_G['adminid'] != 1) {
showmessage('quickclear_noperm');
}
include_once libfile('function/misc');
include_once libfile('function/member');
if (!submitcheck('qclearsubmit')) {
$crimenum_avatar = crime('getcount', $uid, 'crime_avatar');
$crimenum_sightml = crime('getcount', $uid, 'crime_sightml');
$crimenum_customstatus = crime('getcount', $uid, 'crime_customstatus');
$crimeauthor = getuserbyuid($uid);
$crimeauthor = $crimeauthor['username'];
include template('forum/ajax');
} else {
if (empty($_GET['operations'])) {
showmessage('quickclear_need_operation');
}
$reason = checkreasonpm();
$allowop = array('avatar', 'sightml', 'customstatus');
$cleartype = array();
if (in_array('avatar', $_GET['operations'])) {
C::t('common_member')->update($uid, array('avatarstatus' => 0));
loaducenter();
uc_user_deleteavatar($uid);
$cleartype[] = lang('forum/misc', 'avatar');
crime('recordaction', $uid, 'crime_avatar', lang('forum/misc', 'crime_reason', array('reason' => $reason)));
function sendmail_touser($touid, $subject, $message, $mailtype = '')
{
global $_G;
if (empty($_G['setting']['sendmailday'])) {
return false;
}
require_once libfile('function/home');
$tospace = getuserbyuid($touid);
if (empty($tospace['email'])) {
return false;
}
space_merge($tospace, 'field_home');
space_merge($tospace, 'status');
$acceptemail = $tospace['acceptemail'];
if (!empty($acceptemail[$mailtype]) && $_G['timestamp'] - $tospace['lastvisit'] > $_G['setting']['sendmailday'] * 86400) {
if (empty($tospace['lastsendmail'])) {
$tospace['lastsendmail'] = $_G['timestamp'];
}
$sendtime = $tospace['lastsendmail'] + $acceptemail['frequency'];
$value = C::t('common_mailcron')->fetch_all_by_touid($touid, 0, 1);
$value = $value[0];
if ($value) {
$cid = $value['cid'];
if ($value['sendtime'] < $sendtime) {
$sendtime = $value['sendtime'];
}
C::t('common_mailcron')->update($cid, array('email' => $tospace['email'], 'sendtime' => $sendtime));
} else {
$cid = C::t('common_mailcron')->insert(array('touid' => $touid, 'email' => $tospace['email'], 'sendtime' => $sendtime), true);
}
$message = preg_replace("/href\\=\"(?!(http|https)\\:\\/\\/)(.+?)\"/i", 'href="' . $_G['siteurl'] . '\\1"', $message);
$setarr = array('cid' => $cid, 'subject' => $subject, 'message' => $message, 'dateline' => $_G['timestamp']);
C::t('common_mailqueue')->insert($setarr);
return true;
}
return false;
}
$acs = array('space', 'doing', 'upload', 'comment', 'blog', 'album', 'relatekw', 'common', 'class', 'swfupload', 'poke', 'friend', 'eccredit', 'favorite', 'follow', 'avatar', 'profile', 'theme', 'feed', 'privacy', 'pm', 'share', 'invite', 'sendmail', 'credit', 'usergroup', 'domain', 'click', 'magic', 'top', 'videophoto', 'index', 'plugin', 'search', 'promotion');
$_GET['ac'] = $ac = empty($_GET['ac']) || !in_array($_GET['ac'], $acs) ? 'profile' : $_GET['ac'];
$op = empty($_GET['op']) ? '' : $_GET['op'];
if (!in_array($ac, array('doing', 'upload', 'blog', 'album'))) {
$_G['mnid'] = 'mn_common';
}
if ($ac != 'comment' || !$_G['group']['allowcomment']) {
if (empty($_G['uid'])) {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
dsetcookie('_refer', rawurlencode($_SERVER['REQUEST_URI']));
} else {
dsetcookie('_refer', rawurlencode('home.php?mod=spacecp&ac=' . $ac));
}
showmessage('to_login', '', array(), array('showmsg' => true, 'login' => 1));
}
$space = getuserbyuid($_G['uid']);
if (empty($space)) {
showmessage('space_does_not_exist');
}
space_merge($space, 'field_home');
if (($space['status'] == -1 || in_array($space['groupid'], array(4, 5, 6))) && $ac != 'usergroup') {
showmessage('space_has_been_locked');
}
}
$actives = array($ac => ' class="a"');
list($seccodecheck, $secqaacheck) = seccheck('publish');
$navtitle = lang('core', 'title_setup');
if (lang('core', 'title_memcp_' . $ac)) {
$navtitle = lang('core', 'title_memcp_' . $ac);
}
$_G['disabledwidthauto'] = 0;
$appid = empty($_GET['id']) ? '' : intval($_GET['id']);
if ($appid) {
$mod = 'app';
}
$discuz->cachelist = $cachelist;
$discuz->init();
if (empty($_G['uid']) && $mod == 'app') {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
dsetcookie('_refer', rawurlencode($_SERVER['REQUEST_URI']));
} else {
dsetcookie('_refer', rawurlencode('userapp.php?mod=app&id=' . $appid));
}
showmessage('to_login', null, array(), array('showmsg' => true, 'login' => 1));
}
if (empty($_G['setting']['my_app_status'])) {
showmessage('no_privilege_my_app_status', '', array(), array('return' => true));
}
if ($mod == 'app' && !checkperm('allowmyop')) {
showmessage('no_privilege_myop', '', array(), array('return' => true));
}
$space = $_G['uid'] ? getuserbyuid($_G['uid']) : array();
define('CURMODULE', 'userapp');
runhooks();
getuserapp();
$navtitle = str_replace('{bbname}', $_G['setting']['bbname'], $_G['setting']['seotitle']['userapp']);
if (!$navtitle) {
$navtitle = $_G['setting']['navs'][5]['navname'];
} else {
$nobbname = true;
}
require_once libfile('userapp/' . $mod, 'module');
*/
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
define('NOROBOT', TRUE);
$discuz_action = 141;
if (submitcheck('lostpwsubmit')) {
loaducenter();
$_GET['email'] = strtolower(trim($_GET['email']));
if ($_GET['username']) {
list($tmp['uid'], , $tmp['email']) = uc_get_user(addslashes($_GET['username']));
$tmp['email'] = strtolower(trim($tmp['email']));
if ($_GET['email'] != $tmp['email']) {
showmessage('getpasswd_account_notmatch');
}
$member = getuserbyuid($tmp['uid'], 1);
} else {
$emailcount = C::t('common_member')->count_by_email($_GET['email'], 1);
if (!$emailcount) {
showmessage('lostpasswd_email_not_exist');
}
if ($emailcount > 1) {
showmessage('lostpasswd_many_users_use_email');
}
$member = C::t('common_member')->fetch_by_email($_GET['email'], 1);
list($tmp['uid'], , $tmp['email']) = uc_get_user(addslashes($member['username']));
$tmp['email'] = strtolower(trim($tmp['email']));
}
if (!$member) {
showmessage('getpasswd_account_notmatch');
} elseif ($member['adminid'] == 1 || $member['adminid'] == 2) {
showmessage('collection_permission_deny');
}
if (!submitcheck('formhash')) {
include template('forum/collection_recommend');
} else {
if (!$_GET['threadurl']) {
showmessage('collection_recommend_url', '', array(), array('alert' => 'error', 'closetime' => true, 'showdialog' => 1));
}
$touid =& $_G['collection']['uid'];
$coef = 1;
if ($touid) {
$subject = $message = lang('message', 'collection_recommend_message', array('fromuser' => $_G['username'], 'collectioname' => $_G['collection']['name'], 'url' => $_GET['threadurl']));
if (C::t('home_blacklist')->count_by_uid_buid($touid, $_G['uid'])) {
showmessage('is_blacklist', '', array(), array('return' => true));
}
if ($value = getuserbyuid($touid)) {
require_once libfile('function/friend');
$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && friend_check($touid)) {
$return = sendpm($touid, $subject, $message, '', 0, 0);
} else {
showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
}
} else {
showmessage('message_bad_touid', '', array(), array('return' => true));
}
} else {
$return = sendpm(0, $subject, $message, '', $pmid, 0);
}
if ($return > 0) {
include_once libfile('function/stat');
$thaquote = array();
}
if ($thaquote['tid'] != $_G['tid']) {
showmessage('reply_quotepost_error', NULL);
}
if (getstatus($thread['status'], 2) && $thaquote['authorid'] != $_G['uid'] && $_G['uid'] != $thread['authorid'] && $thaquote['first'] != 1 && !$_G['forum']['ismoderator']) {
showmessage('reply_quotepost_error', NULL);
}
if (!($thread['price'] && !$thread['special'] && $thaquote['first'])) {
$quotefid = $thaquote['fid'];
$message = $thaquote['message'];
if (strpos($message, '[/password]') !== FALSE) {
$message = '';
}
if ($_G['setting']['bannedmessages'] && $thaquote['authorid']) {
$author = getuserbyuid($thaquote['authorid']);
if (!$author['groupid'] || $author['groupid'] == 4 || $author['groupid'] == 5) {
$message = $language['post_banned'];
} elseif ($thaquote['status'] & 1) {
$message = $language['post_single_banned'];
}
}
$time = dgmdate($thaquote['dateline']);
$message = messagecutstr($message, 100);
$message = implode("\n", array_slice(explode("\n", $message), 0, 3));
$thaquote['useip'] = substr($thaquote['useip'], 0, strrpos($thaquote['useip'], '.')) . '.x';
if ($thaquote['author'] && $thaquote['anonymous']) {
$thaquote['author'] = lang('forum/misc', 'anonymoususer');
} elseif (!$thaquote['author']) {
$thaquote['author'] = lang('forum/misc', 'guestuser') . ' ' . $thaquote['useip'];
} else {
showmessage('targetpost_donotbelongto_thisthread');
}
if ($_G['setting']['bannedmessages']) {
$postmember = getuserbyuid($post['authorid']);
$post['groupid'] = $postmember['groupid'];
}
foreach ($loglist as $k => $log) {
$logcount[$log['extcredits']] += $log['score'];
$log['dateline'] = dgmdate($log['dateline'], 'u');
$log['score'] = $log['score'] > 0 ? '+' . $log['score'] : $log['score'];
$log['reason'] = dhtmlspecialchars($log['reason']);
$loglist[$k] = $log;
}
include template('forum/rate_view');
} elseif ($_GET['action'] == 'viewwarning' && $_GET['uid']) {
$warnuser = getuserbyuid($_GET['uid']);
$warnuser = $warnuser['username'];
if (!$warnuser) {
showmessage('member_no_found');
}
$warnings = array();
$warnings = C::t('forum_warning')->fetch_all_by_authorid($_GET['uid']);
if (!$warnings) {
showmessage('thread_warning_nonexistence');
}
foreach ($warnings as $key => $warning) {
$warning['dateline'] = dgmdate($warning['dateline'], 'u');
$warning['reason'] = dhtmlspecialchars($warning['reason']);
$warnings[$key] = $warning;
}
$warnnum = count($warnings);
public function getUserInfo($uid)
{
$uid = empty($uid) ? 0 : (int) $uid;
return getuserbyuid($uid, 1);
}
function _check($thread)
{
if (!checkmagicperm($this->parameters['forum'], $thread['fid'])) {
showmessage(lang('magic/sofa', 'sofa_info_noperm'));
}
$member = getuserbyuid($thread['authorid']);
if (!checkmagicperm($this->parameters['targetgroups'], $member['groupid'])) {
showmessage(lang('magic/sofa', 'sofa_info_user_noperm'));
}
}
function get_post_by_tid_pid($tid, $pid)
{
static $postlist = array();
if (empty($postlist[$pid])) {
$postlist[$pid] = C::t('forum_post')->fetch('tid:' . $tid, $pid, false);
if ($postlist[$pid] && $postlist[$pid]['tid'] == $tid) {
$user = getuserbyuid($postlist[$pid]['authorid']);
$postlist[$pid]['adminid'] = $user['adminid'];
} else {
$postlist[$pid] = array();
}
}
return $postlist[$pid];
}
function getspace($uid)
{
return getuserbyuid($uid);
}
<?php
!defined('IN_DISCUZ') && exit('Access Denied');
!defined('IN_ADMINCP') && exit('Access Denied');
$setting = $_G['cache']['plugin']['k_gaiming'];
if (!submitcheck('submit')) {
$count = $start = 0;
$perpage = 20;
$page = max(1, intval($_GET['page']));
$start = ($page - 1) * $perpage;
$count = DB::result_first("SELECT count(*) FROM " . DB::table("plugin_k_gaiming_log"));
$query = DB::query("SELECT * FROM " . DB::table("plugin_k_gaiming_log") . " ORDER BY dateline DESC LIMIT " . $start . "," . $perpage);
$logs = '';
while ($log = DB::fetch($query)) {
$log['dateline'] = dgmdate($log['dateline'], 'u');
$log['username'] = getuserbyuid($log['uid']);
$logs .= showtablerow('', array('class="td25"', 'class="td29"', 'class="td28"', 'class="td29"'), array("<input class=\"checkbox\" type=\"checkbox\" name=\"delete[]\" value=\"" . $log['lid'] . "\">", "<a href=\"home.php?mod=space&uid=" . $log['uid'] . "\" target=\"_blank\">" . $log['username']['username'] . "</a> (UID: " . $log['uid'] . ")", "<font color=\"#2366A8\">" . $log['username']['username'] . "</font> " . lang('plugin/k_gaiming', 'logcp_1') . " <font color=\"#2366A8\">" . $log['dateline'] . "</font> " . lang('plugin/k_gaiming', 'logcp_2') . " <font color=\"#2366A8\">" . $log['oldname'] . "</font> " . lang('plugin/k_gaiming', 'logcp_3') . " <font color=\"#2366A8\">" . $log['newname'] . "</font>", $log['creditnum'] . " " . $_G['setting']['extcredits'][$log['creditunit']]['unit'] . $_G['setting']['extcredits'][$log['creditunit']]['title'], $log['dateline']), TRUE);
}
$multi = multi($count, $perpage, $page, ADMINSCRIPT . "?action=plugins&operation=config&do=" . $pluginid . "&identifier=k_gaiming&pmod=logcp");
showformheader("plugins&operation=config&identifier=k_gaiming&pmod=logcp&page=" . $page, "enctype");
showtableheader('');
showsubtitle(array('', lang('plugin/k_gaiming', 'logcp_6'), lang('plugin/k_gaiming', 'logcp_5'), lang('plugin/k_gaiming', 'logcp_4'), lang('plugin/k_gaiming', 'logcp_7')));
echo $logs;
showsubmit('submit', lang('plugin/k_gaiming', 'submit'), 'del', '', $multi);
showtablefooter();
showformfooter();
} else {
if (is_array($_GET['delete'])) {
$ids = dimplode($_GET['delete']);
DB::query("DELETE FROM " . DB::table('plugin_k_gaiming_log') . " WHERE lid IN ({$ids})");
}