echo $value['viewnum'];
?>
<br>
好友: <?php
echo $value['friendnum'];
?>
<br>
更新: <?php
if ($value['updatetime']) {
echo sgmdate('Y-m-d', $value[updatetime], 1);
}
?>
<br>
创建: <?php
if ($value['dateline']) {
echo sgmdate('Y-m-d', $value[dateline], 1);
}
?>
</td>
<?php
if ($managespace) {
?>
<td><a href="admincp.php?ac=space&op=manage&uid=<?php
echo $value['uid'];
?>
">管理</a><br></td><?php
}
?>
</tr>
<?php
}
function gethotnews2($catids)
{
global $_SGLOBAL, $catarr;
$hotnews2 = array();
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spaceitems') . " WHERE folder =1 AND digest IN (1,2,3) AND catid IN (" . $catids . ") ORDER BY viewnum DESC, dateline DESC LIMIT 0, 10");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$value['subject'] = cutstr($value['subject'], 30, 0);
//标题样式
if (!empty($value['styletitle'])) {
$value['subject'] = '<span style=\'' . mktitlestyle($value['styletitle']) . '\'>' . $value['subject'] . '</span>';
}
$value['url'] = gethtmlurl2($value['catid']) . '/' . sgmdate($value['dateline'], 'Y') . '/' . sgmdate($value['dateline'], 'n') . '/' . $catarr[$value['catid']]['pre_html'] . $value['itemid'] . '.html';
$hotnews2[] = $value;
}
return $hotnews2;
}
function updatestat($type, $primary=0) {
global $_SGLOBAL, $_SCONFIG;
if(empty($_SGLOBAL['supe_uid']) || empty($_SCONFIG['updatestat'])) return false;
$nowdaytime = sgmdate('Ymd', $_SGLOBAL['timestamp']);
if($primary) {
//去重
$setarr = array(
'uid' => $_SGLOBAL['supe_uid'],
'daytime' => '$nowdaytime',
'type' => $type
);
if(getcount('statuser', $setarr)) {
return false;
} else {
inserttable('statuser', $setarr);//插入当天数据
}
}
if(getcount('stat', array('daytime'=>$nowdaytime))) {
$_SGLOBAL['db']->query("UPDATE ".tname('stat')." SET `$type`=`$type`+1 WHERE daytime='$nowdaytime'");
} else {
//删除昨天的防重数据
$_SGLOBAL['db']->query("DELETE FROM ".tname('statuser')." WHERE daytime != '$nowdaytime'");
//插入统计
inserttable('stat', array('daytime'=>$nowdaytime, $type=>'1'));
}
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('topic') . " ORDER BY joinnum DESC LIMIT {$start},{$perpage}");
} elseif ($_GET['view'] == 'me') {
$count = getcount('topicuser', array('uid' => $_SGLOBAL['supe_uid']));
$query = $_SGLOBAL['db']->query("SELECT t.* FROM " . tname('topicuser') . " tu\n\t\t\tLEFT JOIN " . tname('topic') . " t ON t.topicid=tu.topicid\n\t\t\tWHERE tu.uid='{$_SGLOBAL['supe_uid']}'\n\t\t\tORDER BY tu.dateline DESC LIMIT {$start},{$perpage}");
} else {
$_GET['view'] = 'new';
$count = getcount('topic', array());
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('topic') . " ORDER BY lastpost DESC LIMIT {$start},{$perpage}");
}
$actives = array($_GET['view'] => ' class="active"');
if ($count) {
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$value['pic'] = pic_get($value['pic'], $value['thumb'], $value['remote']);
$value['lastpost'] = sgmdate('m-d H:i', $value['lastpost']);
$value['dateline'] = sgmdate('m-d H:i', $value['dateline']);
$value['endtime'] = $value['endtime'] ? sgmdate('m-d H:i', $value['endtime']) : '';
$value['message'] = getstr($value['message'], 200, 0, 0, 0, 0, -1);
realname_set($value['uid'], $value['username']);
$list[] = $value;
}
$multi = multi($count, $perpage, $page, 'space.php?do=topic');
}
realname_get();
$_TPL['css'] = 'event';
include_once template('space_topic_list');
} else {
if (!($topic = topic_get($topicid))) {
showmessage('topic_no_found');
}
if ($topic['uid'] == $_SGLOBAL['supe_uid']) {
$managetopic = 1;
if ($_GET['itemid']) {
$wheresql = ' i.itemid=\'' . $_GET['itemid'] . '\'';
} else {
cpmsg('no_item', 'admin.php?action=list&m=' . $mname);
}
//取得信息
$query = DB::query('SELECT * FROM ' . tname($mname . 'items') . ' i ' . ($mname == 'album' ? '' : 'INNER JOIN ' . tname($mname . 'message') . ' m ON i.itemid=m.itemid') . ' WHERE ' . $wheresql . ' ORDER BY i.itemid DESC LIMIT 1');
$editvalue = DB::fetch($query);
if (empty($editvalue)) {
cpmsg('no_item', 'admin.php?action=list&m=' . $mname);
}
if ($mname == 'good' || $mname == 'groupbuy') {
$relatedarr = array();
$relatedarr = getrelatedinfo($mname, $editvalue['itemid'], $editvalue['shopid']);
}
$editvalue['dateline'] = sgmdate($editvalue['dateline']);
//管理員查看基本信息&& $mname=='shop'
if ($_GET['op'] == 'adminview') {
if (empty($_SGLOBAL['panelinfo'])) {
getpanelinfo($_GET['itemid']);
}
if ($_GET['updatepass'] == 1) {
$updateser = DB::fetch(DB::query("SELECT * FROM " . tname("itemupdates") . " WHERE itemid='{$_GET['itemid']}' and type = '{$mname}'"));
$update = unserialize($updateser['update']);
$update = sstripslashes($update);
$update['groupid'] = $_SGLOBAL['panelinfo']['group']['title'];
$categorylist = getmodelcategory($mname);
$update['attr_catid'] = $update['catid'];
$update['catid'] = $categorylist[$update['catid']]['name'];
$categorylist = getmodelcategory('region');
$update['region'] = $categorylist[$update['region']]['name'];
echo $uid;
?>
">删除头像</a>]
</td></tr>
<tr><th>开通时间</th><td><?php
echo sgmdate('Y-m-d H:i', $member[dateline]);
?>
</td></tr>
<tr><th>更新时间</th><td><?php
if ($member['updatetime']) {
echo sgmdate('Y-m-d H:i', $member[updatetime]);
}
?>
</td></tr>
<tr><th>上次登录</th><td><?php
echo sgmdate('Y-m-d H:i', $member[lastlogin]);
?>
</td></tr>
<tr><th>上次登录IP</th><td><?php
echo $member['ip'];
?>
</td></tr>
<tr><th>好友数</th><td><?php
echo $member['friendnum'];
?>
</td></tr>
<tr><th>查看数</th><td><?php
echo $member['viewnum'];
?>
</td></tr>
<tr><th>批量管理</th>
function blog_post($POST, $olds=array()) {
global $_SGLOBAL, $_SC, $space;
//操作者角色切换
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if(strlen($POST['subject'])<1) $POST['subject'] = sgmdate('Y-m-d');
$POST['friend'] = intval($POST['friend']);
//隐私
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names'])?array():explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM ".tname('space')." WHERE username IN (".simplode($names).")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if(empty($uids)) {
$POST['friend'] = 3;//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;//公开
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1); //语词屏蔽
//内容
if($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
//个人分类
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//分类名
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if(empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname'=>$classname, 'uid'=>$_SGLOBAL['supe_uid']), 'classid');
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_SGLOBAL['supe_uid'],
'dateline' => $_SGLOBAL['timestamp']
);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
//是否是自己的
$classname = getcount('class', array('classid'=>$classid, 'uid'=>$_SGLOBAL['supe_uid']), 'classname');
if(empty($classname)) $classid = 0;
}
//主表
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
'password' => $POST['password'],
'noreply' => empty($_POST['noreply'])?0:1
);
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if(!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('pic')." WHERE picid IN (".simplode($picids).") AND uid='$_SGLOBAL[supe_uid]'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if(empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'].'.thumb.jpg';
$blogarr['picflag'] = $value['remote']?2:1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if(empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote']?2:1;
}
}
//插入文章
if($uploads) {
preg_match_all("/\<img\s.*?\_uchome\_localimg\_([0-9]+).+?src\=\"(.+?)\"/i", $message, $mathes);
if(!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if(!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_$value";
$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
unset($uploads[$value]);
}
}
if($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//未插入文章
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
}
}
//没有填写任何东西
$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
if(empty($ckmessage)) {
return false;
}
//添加slashes
$message = addslashes($message);
//从内容中读取图片
if(empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
//热度
if(checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if($olds['blogid']) {
//更新
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid'=>$blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
//参与热闹
$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline'])?$_SGLOBAL['timestamp']:$POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//附表
$fieldarr = array(
'message' => $message,
'postip' => getonlineip(),
'target_ids' => $POST['target_ids']
);
//TAG
$oldtagstr = addslashes(empty($olds['tag'])?'':implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if($POST['tag'] != $oldtagstr) {
if(!empty($olds['tag'])) {
//先把以前的给清理掉
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM ".tname('tagblog')." WHERE blogid='$blogid'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if($oldtags) {
$_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum-1 WHERE tagid IN (".simplode($oldtags).")");
$_SGLOBAL['db']->query("DELETE FROM ".tname('tagblog')." WHERE blogid='$blogid'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//更新附表中的tag
$fieldarr['tag'] = empty($tagarr)?'':addslashes(serialize($tagarr));
}
if($olds) {
//更新
updatetable('blogfield', $fieldarr, array('blogid'=>$blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//空间更新
if($isself) {
if($olds) {
//空间更新
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET updatetime='$_SGLOBAL[timestamp]' WHERE uid='$_SGLOBAL[supe_uid]'");
} else {
if(empty($space['blognum'])) {
$space['blognum'] = getcount('blog', array('uid'=>$space['uid']));
$blognumsql = "blognum=".$space['blognum'];
} else {
$blognumsql = 'blognum=blognum+1';
}
//积分
$reward = getreward('publishblog', 0);
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET {$blognumsql}, lastpost='$_SGLOBAL[timestamp]', updatetime='$_SGLOBAL[timestamp]', credit=credit+$reward[credit], experience=experience+$reward[experience] WHERE uid='$_SGLOBAL[supe_uid]'");
//统计
updatestat('blog');
}
}
//产生feed
if($POST['makefeed']) {
include_once(S_ROOT.'./source/function_feed.php');
feed_publish($blogid, 'blogid', $olds?0:1);
}
//热闹
if(empty($olds) && $blogarr['topicid']) {
topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}
//角色切换
if(!empty($__SGLOBAL)) $_SGLOBAL = $__SGLOBAL;
return $blogarr;
}
echo label(array('type' => 'table-start', 'class' => 'listtable'));
echo '<tr">';
echo '<th>' . $alang['cron_name'] . '</th>';
echo '<th>' . $alang['cron_type'] . '</th>';
echo '<th>' . $alang['cron_available'] . '</th>';
echo '<th>' . $alang['cron_lastrun'] . '</th>';
echo '<th>' . $alang['cron_nextrun'] . '</th>';
echo '<th>' . $alang['space_op'] . '</th>';
echo '</tr>';
foreach ($listarr as $listvalue) {
if (!discuz_exists() && ($listvalue['filename'] == 'updatebbsforums.php' || $listvalue['filename'] == 'updatebbscache.php')) {
continue;
}
empty($class) ? $class = ' class="darkrow"' : ($class = '');
$listvalue['lastrun'] = sgmdate($listvalue['lastrun'], '', 0);
$listvalue['nextrun'] = sgmdate($listvalue['nextrun'], '', 0);
if (!$listvalue['available']) {
$trbgcolor = '#CCCCCC';
$listvalue['nextrun'] = '-';
}
echo '<tr' . $class . ' align="center">';
echo '<td align="left"><b>' . $listvalue['name'] . '</b></td>';
echo '<td>' . $alang['cron_type_' . $listvalue['type']] . '</td>';
echo '<td>' . $alang['cron_available_' . $listvalue['available']] . '</td>';
echo '<td>' . $listvalue['lastrun'] . '</td>';
echo '<td>' . $listvalue['nextrun'] . '</td>';
echo '<td align="left"><a href="' . $newurl . '&op=run&cronid=' . $listvalue['cronid'] . '">' . $alang['cron_run'] . '</a> | <a href="' . $newurl . '&op=edit&cronid=' . $listvalue['cronid'] . '">' . $alang['space_edit'] . '</a>';
if ($listvalue['type'] == 'user') {
echo ' | <a href="' . $newurl . '&op=delete&cronid=' . $listvalue['cronid'] . '">' . $alang['space_delete'] . '</a>';
}
echo '</td>';
function getattachdir()
{
global $_SCONFIG, $_SGLOBAL;
switch ($_SCONFIG['attachmentdirtype']) {
case 'year':
$dirpatharr[] = sgmdate($_SGLOBAL['timestamp'], 'Y');
break;
case 'month':
$dirpatharr[] = sgmdate($_SGLOBAL['timestamp'], 'Y');
$dirpatharr[] = sgmdate($_SGLOBAL['timestamp'], 'm');
break;
case 'day':
$dirpatharr[] = sgmdate($_SGLOBAL['timestamp'], 'Y');
$dirpatharr[] = sgmdate($_SGLOBAL['timestamp'], 'm');
$dirpatharr[] = sgmdate($_SGLOBAL['timestamp'], 'd');
break;
case 'md5':
$md5string = md5($_SGLOBAL['supe_uid'] . '-' . $_SGLOBAL['timestamp'] . '-' . $_SGLOBAL['_num']);
$dirpatharr[] = substr($md5string, 0, 1);
$dirpatharr[] = substr($md5string, 1, 1);
break;
default:
break;
}
$dirs = A_DIR;
$subarr = array();
foreach ($dirpatharr as $value) {
$dirs .= '/' . $value;
if (smkdir($dirs)) {
$subarr[] = $value;
} else {
break;
}
}
return implode('/', $subarr);
}
function feed_publish($id, $idtype, $add = 0)
{
global $_SGLOBAL;
$setarr = array();
switch ($idtype) {
case 'blogid':
$query = $_SGLOBAL['db']->query("SELECT b.*, bf.* FROM " . tname('blog') . " b\r\n\t\t\t\tLEFT JOIN " . tname('blogfield') . " bf ON bf.blogid=b.blogid\r\n\t\t\t\tWHERE b.blogid='{$id}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['friend'] != 3) {
//
$setarr['icon'] = 'blog';
$setarr['id'] = $value['blogid'];
$setarr['idtype'] = $idtype;
$setarr['uid'] = $value['uid'];
$setarr['username'] = $value['username'];
$setarr['dateline'] = $value['dateline'];
$setarr['target_ids'] = $value['target_ids'];
$setarr['friend'] = $value['friend'];
$setarr['hot'] = $value['hot'];
//ϸ
$url = "space.php?uid={$value['uid']}&do=blog&id={$value['blogid']}";
if ($value['friend'] == 4) {
//
$setarr['title_template'] = cplang('feed_blog_password');
$setarr['title_data'] = array('subject' => "<a href=\"{$url}\">{$value['subject']}</a>");
} else {
//˽
if ($value['pic']) {
$setarr['image_1'] = pic_cover_get($value['pic'], $value['picflag']);
$setarr['image_1_link'] = $url;
}
$setarr['title_template'] = cplang('feed_blog');
$setarr['body_template'] = '<b>{subject}</b><br>{summary}';
$setarr['body_data'] = array('subject' => "<a href=\"{$url}\">{$value['subject']}</a>", 'summary' => getstr($value['message'], 150, 1, 1, 0, 0, -1));
}
}
}
break;
case 'albumid':
$key = 1;
if ($id > 0) {
$query = $_SGLOBAL['db']->query("SELECT p.*, a.username, a.albumname, a.picnum, a.friend, a.target_ids FROM " . tname('pic') . " p\r\n\t\t\t\t\tLEFT JOIN " . tname('album') . " a ON a.albumid=p.albumid\r\n\t\t\t\t\tWHERE p.albumid='{$id}' ORDER BY dateline DESC LIMIT 0,4");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['friend'] <= 2) {
if (empty($setarr['icon'])) {
//
$setarr['icon'] = 'album';
$setarr['id'] = $value['albumid'];
$setarr['idtype'] = $idtype;
$setarr['uid'] = $value['uid'];
$setarr['username'] = $value['username'];
$setarr['dateline'] = $value['dateline'];
$setarr['target_ids'] = $value['target_ids'];
$setarr['friend'] = $value['friend'];
//ϸ
$setarr['title_template'] = '{actor} ' . cplang('upload_album');
$setarr['body_template'] = '<b>{album}</b><br>' . cplang('the_total_picture', array('{picnum}'));
$setarr['body_data'] = array('album' => "<a href=\"space.php?uid={$value['uid']}&do=album&id={$value['albumid']}\">{$value['albumname']}</a>", 'picnum' => $value['picnum']);
}
$setarr['image_' . $key] = pic_get($value['filepath'], $value['thumb'], $value['remote']);
$setarr['image_' . $key . '_link'] = "space.php?uid={$value['uid']}&do=album&picid={$value['picid']}";
$key++;
} else {
break;
}
}
} else {
//Ĭ album
$picnum = $_SGLOBAL['db']->result($_SGLOBAL['db']->query("SELECT COUNT(*) FROM " . tname('pic') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND albumid='0'"), 0);
if ($picnum >= 1) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE uid='{$_SGLOBAL['supe_uid']}' AND albumid='0' ORDER BY dateline DESC LIMIT 0,4");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($setarr['icon'])) {
//
$setarr['icon'] = 'album';
$setarr['uid'] = $value['uid'];
$setarr['username'] = $_SGLOBAL['supe_username'];
$setarr['dateline'] = $value['dateline'];
//ϸ
$setarr['title_template'] = '{actor} ' . cplang('upload_album');
$setarr['body_template'] = '<b>{album}</b><br>' . cplang('the_total_picture', array('{picnum}'));
$setarr['body_data'] = array('album' => "<a href=\"space.php?uid={$value['uid']}&do=album&id=-1\">" . cplang('default_albumname') . "</a>", 'picnum' => $picnum);
}
$setarr['image_' . $key] = pic_get($value['filepath'], $value['thumb'], $value['remote']);
$setarr['image_' . $key . '_link'] = "space.php?uid={$value['uid']}&do=album&picid={$value['picid']}";
$key++;
}
}
}
break;
case 'picid':
$plussql = $id > 0 ? "p.picid='{$id}'" : "p.uid='{$_SGLOBAL['supe_uid']}' ORDER BY dateline DESC LIMIT 1";
$query = $_SGLOBAL['db']->query("SELECT p.*, a.friend, a.target_ids, s.username FROM " . tname('pic') . " p\r\n\t\t\t\tLEFT JOIN " . tname('space') . " s ON s.uid=p.uid\r\n\t\t\t\tLEFT JOIN " . tname('album') . " a ON a.albumid=p.albumid WHERE {$plussql}");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($value['friend'])) {
// privacy
//
$setarr['icon'] = 'album';
$setarr['id'] = $value['picid'];
$setarr['idtype'] = $idtype;
$setarr['uid'] = $value['uid'];
$setarr['username'] = $value['username'];
$setarr['dateline'] = $value['dateline'];
$setarr['target_ids'] = $value['target_ids'];
$setarr['friend'] = $value['friend'];
$setarr['hot'] = $value['hot'];
//ϸ
$url = "space.php?uid={$value['uid']}&do=album&picid={$value['picid']}";
$setarr['image_1'] = pic_get($value['filepath'], $value['thumb'], $value['remote']);
$setarr['image_1_link'] = $url;
$setarr['title_template'] = '{actor} ' . cplang('upload_a_new_picture');
$setarr['body_template'] = '{title}';
$setarr['body_data'] = array('title' => $value['title']);
}
}
break;
case 'tid':
$query = $_SGLOBAL['db']->query("SELECT t.*, p.* FROM " . tname('thread') . " t\r\n\t\t\t\tLEFT JOIN " . tname('post') . " p ON p.tid=t.tid AND p.isthread='1'\r\n\t\t\t\tWHERE t.tid='{$id}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
//
$setarr['icon'] = 'thread';
$setarr['id'] = $value['tid'];
$setarr['idtype'] = $idtype;
$setarr['uid'] = $value['uid'];
$setarr['username'] = $value['username'];
$setarr['dateline'] = $value['dateline'];
$setarr['hot'] = $value['hot'];
//ϸ
$url = "space.php?uid={$value['uid']}&do=thread&id={$value['tid']}";
if ($value['eventid']) {
// event
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("event") . " WHERE eventid='{$value['eventid']}'");
$event = $_SGLOBAL['db']->fetch_array($query);
$setarr['title_template'] = cplang('feed_eventthread');
$setarr['body_template'] = '<b>{subject}</b><br>' . cplang('event') . ': {event}<br>{summary}';
$setarr['body_data'] = array('subject' => "<a href=\"{$url}&eventid={$value['eventid']}\">{$value['subject']}</a>", 'event' => "<a href=\"space.php?do=event&id={$value['eventid']}\">{$event['title']}</a>", 'summary' => getstr($value['message'], 150, 1, 1, 0, 0, -1));
} else {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname("mtag") . " WHERE tagid='{$value['tagid']}'");
$mtag = $_SGLOBAL['db']->fetch_array($query);
$setarr['title_template'] = cplang('feed_thread');
$setarr['body_template'] = '<b>{subject}</b><br>' . cplang('mtag') . ': {mtag}<br>{summary}';
$setarr['body_data'] = array('subject' => "<a href=\"{$url}\">{$value['subject']}</a>", 'mtag' => "<a href=\"space.php?do=mtag&tagid={$value['tagid']}\">{$mtag['tagname']}</a>", 'summary' => getstr($value['message'], 150, 1, 1, 0, 0, -1));
}
}
break;
case 'pid':
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('poll') . " WHERE pid='{$id}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
//
$setarr['icon'] = 'poll';
$setarr['id'] = $value['pid'];
$setarr['idtype'] = $idtype;
$setarr['uid'] = $value['uid'];
$setarr['username'] = $value['username'];
$setarr['dateline'] = $value['dateline'];
$setarr['hot'] = $value['hot'];
//ϸ
$url = "space.php?uid={$value['uid']}&do=poll&pid={$value['pid']}";
$setarr['title_template'] = cplang('feed_poll');
$setarr['body_template'] = '<a href="{url}"><strong>{subject}</strong></a>{option}';
$optionstr = '';
$opquery = $_SGLOBAL['db']->query("SELECT * FROM " . tname("polloption") . " WHERE pid='{$value['pid']}' LIMIT 0,2");
while ($opt = $_SGLOBAL['db']->fetch_array($opquery)) {
$optionstr .= '<br><input type="' . ($value['maxchoice'] > 1 ? 'checkbox' : 'radio') . '" disabled name="poll_' . $opt['oid'] . '"/>' . $opt['option'];
}
$setarr['body_data'] = array('url' => $url, 'subject' => $value['subject'], 'option' => $optionstr);
$setarr['body_general'] = $value['percredit'] ? cplang('reward_info', array($value['percredit'])) : '';
}
break;
case 'eventid':
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('event') . " WHERE eventid='{$id}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
//
$setarr['icon'] = 'event';
$setarr['id'] = $value['eventid'];
$setarr['idtype'] = $idtype;
$setarr['uid'] = $value['uid'];
$setarr['username'] = $value['username'];
$setarr['dateline'] = $value['dateline'];
$setarr['hot'] = $value['hot'];
//ϸ
$url = "space.php?do=event&id={$value['eventid']}";
$setarr['title_template'] = cplang('event_add');
$setarr['body_template'] = cplang('event_feed_info');
$setarr['body_data'] = array('title' => "<a href=\"{$url}\">{$value['title']}</a>", 'country' => $value['country'], 'province' => $value['province'], 'city' => $value['city'], 'location' => $value['location'], 'starttime' => sgmdate('m-d H:i', $value['starttime']), 'endtime' => sgmdate('m-d H:i', $value['endtime']));
//
if ($value['poster']) {
$setarr['image_1'] = pic_get($value['poster'], $value['thumb'], $value['remote']);
$setarr['image_1_link'] = $url;
}
}
break;
case 'sid':
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('share') . " WHERE sid='{$id}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
//
$setarr['icon'] = 'share';
$setarr['id'] = $value['sid'];
$setarr['idtype'] = $idtype;
$setarr['uid'] = $value['uid'];
$setarr['username'] = $value['username'];
$setarr['dateline'] = $value['dateline'];
$setarr['hot'] = $value['hot'];
//ϸ
$url = "space.php?uid={$value['uid']}&do=share&id={$value['sid']}";
$setarr['title_template'] = '{actor} ' . $value['title_template'];
$setarr['body_template'] = $value['body_template'];
$setarr['body_data'] = $value['body_data'];
$setarr['body_general'] = $value['body_general'];
$setarr['image_1'] = $value['image'];
$setarr['image_1_link'] = $value['image_link'];
}
break;
}
if ($setarr['icon']) {
$setarr['appid'] = UC_APPID;
//ݴ
$setarr['title_data'] = serialize($setarr['title_data']);
// groups ת
if ($idtype != 'sid') {
$setarr['body_data'] = serialize($setarr['body_data']);
// groups ת
}
$setarr['hash_template'] = md5($setarr['title_template'] . "\t" . $setarr['body_template']);
//ϲhash
$setarr['hash_data'] = md5($setarr['title_template'] . "\t" . $setarr['title_data'] . "\t" . $setarr['body_template'] . "\t" . $setarr['body_data']);
//ϲhash
$setarr = saddslashes($setarr);
$feedid = 0;
if (!$add && $setarr['id']) {
$query = $_SGLOBAL['db']->query("SELECT feedid FROM " . tname('feed') . " WHERE id='{$id}' AND idtype='{$idtype}'");
$feedid = $_SGLOBAL['db']->result($query, 0);
}
if ($feedid) {
updatetable('feed', $setarr, array('feedid' => $feedid));
} else {
inserttable('feed', $setarr);
}
}
}
<th width="5%">' . $alang['block_select'] . '</th>
<th>' . $alang['spaceblog_subject'] . '</th>
<th width="15%">' . $alang['robot_robot_author'] . '</th>
<th width="15%">' . $alang['space_order_dateline'] . '</th>
</tr>';
foreach ($listarr as $value) {
$url = geturl('action/viewnews/itemid/' . $value['itemid']);
$postip = '';
if (!empty($value['postip'])) {
$postip = '<br>' . $value['postip'];
}
echo '<tr>
<td><input class="checkbox" type="checkbox" name="item[]" value="' . $value['itemid'] . '" checked></td>
<td><a href="' . $url . '" target="_blank">' . $value['subject'] . '</a></td>
<td><a href="' . geturl('uid/' . $value['uid']) . '" target="_blank">' . $value['username'] . '</a>' . $postip . '</td>
<td>' . sgmdate($value['dateline'], 'Y-n-d\\<\\b\\r\\>H:i:s') . '</td>
</tr>';
}
echo '</table>';
if (!empty($multipage)) {
echo $multipage;
}
}
print <<<END
\t<input type="hidden" name="itemids" value="{$itemids}">
\t<div class="buttons">
\t<input type="submit" name="dosubmit" value="{$alang['submitted_operation']}" class="submit">
\t<input type="reset" name="doreset" value="{$alang['common_reset']}">
\t</div>
\t</form>
END;
\t\t\t<table cellspacing="0" cellpadding="0" width="100%" class="listtable">
\t\t\t\t<tr>
\t\t\t\t<th width="5%">{$alang['database_export_del']}</th>
\t\t\t\t<th width="20%">{$alang['database_export_filename']}</th>
\t\t\t\t<th width="5%">{$alang['database_export_version']}</th>
\t\t\t\t<th width="20%">{$alang['database_export_dateline']}</th>
\t\t\t\t<th width="10%">{$alang['database_export_type']}</th>
\t\t\t\t<th width="8%">{$alang['database_export_filesize']}</th>
\t\t\t\t<th width="5%">{$alang['database_export_method']}</th>
\t\t\t\t<th width="5%">{$alang['database_expot_volume']}</th>
\t\t\t\t<th width="5%">{$alang['database_export_op']}</th>
\t\t\t\t</tr>
END;
$exportinfo = '';
foreach ($exportlog as $info) {
$info['dateline'] = is_int($info['dateline']) ? sgmdate($info['dateline']) : $alang['database_date_unknown'];
$info['size'] = formatsize($info['size']);
$info['volume'] = $info['method'] == 'multivol' ? $info['volume'] : '';
$info['method'] = $info['type'] != 'zip' ? $info['method'] == 'multivol' ? $alang['database_multivol'] : $alang['database_shell'] : '';
$import = $info['type'] == 'zip' ? "<td align=center><a href='{$theurl}&op=importstart&do=zip&datafile={$info['filename']}'>[{$alang['database_import_unzip']}]</td>" : "<td align='center'><a href='{$theurl}&op=importstart&do=import&datafile={$info['filename']}'" . ($info['version'] != S_VER ? " onclick=\"return confirm('{$alang['database_import_confirm']}');\"" : '') . ">[{$alang['database_import_import']}]</a></td>";
$exportinfo .= '<tr><td align="center"><input type="checkbox" name="delexport[]" value="' . $info['filename'] . '"></td><td><a href=' . $dataurl . '/' . $info['filename'] . '>' . basename($info['filename']) . '</a><td align="center">' . S_VER . '</td><td>' . $info['dateline'] . '</td><td align="center">' . $alang['database_export_' . $info['type']] . '</td><td align="center">' . $info['size'] . '</td><td align="center">' . $info['method'] . '</td><td align="center">' . $info['volume'] . '</td>' . $import;
}
print <<<END
\t{$exportinfo}
\t<table cellspacing="0" cellpadding="0" width="100%" class="btmtable">
\t<tr><th><input type="checkbox" name="chkall" onclick="checkall(this.form, 'delexport')">{$alang['space_select_all']}</th></tr>
\t</table>
\t</table>
\t<div class="buttons">
\t\t<input type="submit" name="listsubmit" value="{$alang['common_submit']}" class="submit">
\t</div>
if ($offset < 0) {
$offset = 0;
}
$sql = "SELECT * from " . tname('weixin_question') . " as q inner join " . tname('weixin_member') . " as m on q.uid=m.uid " . $querystr . " order by q.addtime desc limit " . $offset . "," . $pagesize;
$list = $_SGLOBAL['db']->getall($sql);
foreach ($list as $k => $v) {
$list[$k]['headimg'] = $_SC['img_url'] . '/weixin_headimg/' . $v['fakeid'] . '.png';
$list[$k]['weixin_name'] = $_SGLOBAL['db']->getone('select weixin_name from ' . tname('open_member_weixin') . ' where id=' . $v['op_wxid']);
$list[$k]['replylist'] = $_SGLOBAL['db']->getall('select * from ' . tname('weixin_reply') . ' as r left join ' . tname('member') . ' as m on r.uid=m.uid where r.question_id=' . $v['id']);
foreach ($list[$k]['replylist'] as $key => $value) {
if ($list[$k]['replylist'][$key]['uid'] == 0) {
$list[$k]['replylist'][$key]['fullname'] = $list[$k]['weixin_name'];
}
$list[$k]['replylist'][$key]['addtime'] = sgmdate("Y-m-d H:i:s", $list[$k]['replylist'][$key]['addtime']);
}
$list[$k]['addtime'] = sgmdate("Y-m-d H:i:s", $list[$k]['addtime']);
}
$arr = array("pagesize" => $pagesize, "page" => $page, "pagenum" => $pagenum, "total" => $total, "offset" => $offset, "err" => 0);
if ($total > 0) {
$count = 1;
foreach ($list as $k => $v) {
$list[$k]['count'] = $count + $offset;
$arr['list'][] = $list[$k];
$count++;
}
}
echo json_encode($arr);
exit;
break;
default:
$wxid = getstr($_GET['wxid']);
<?php
include_once './common.php';
$msgid = intval($_GET['id']) ? intval($_GET['id']) : 0;
if (!$msgid) {
exit;
}
$query = $_SGLOBAL['db']->query('select * from ' . tname('open_member_weixin_autoreply_info') . ' where id=' . $msgid);
$msg = $_SGLOBAL['db']->fetch_array($query);
if (!$msg) {
exit;
}
$msg['content'] = htmlspecialchars_decode($msg['content']);
$msg['addtime'] = sgmdate("Y-m-d", $msg['addtime']);
$msg['url'] = $_SC['site_host'] . '/appmsg/?id=' . $msg['id'];
$smarty->assign('msg', $msg);
$smarty->display('index.dwt');
function blog_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC, $space;
//�����߽�ɫ�л�
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//����
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//��˽
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//�ض�����
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//���Լ��ɼ�
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//����
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//����
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//�������
//����
if ($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
//���˷���
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//������
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if (empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid');
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
//�Ƿ����Լ���
$classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname');
if (empty($classname)) {
$classid = 0;
}
}
//����
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
//����ͼƬ
$titlepic = '';
//��ȡ�ϴ���ͼƬ
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
}
//��������
if ($uploads) {
preg_match_all("/\\<img\\s.*?\\_uchome\\_localimg\\_([0-9]+).+?src\\=\"(.+?)\"/i", $message, $mathes);
if (!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if (!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_{$value}";
$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
unset($uploads[$value]);
}
}
if ($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//�������
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>";
}
}
//û����д�κζ���
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
//���slashes
$message = addslashes($message);
//�������ж�ȡͼƬ
if (empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
//�ȶ�
if (checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
//����
if ($_POST['attachid'] && $_POST['attachpath'] && $_POST['attachname'] && $_POST['attachsize']) {
$blogarr['attachid'] = $_POST['attachid'];
$blogarr['attachpath'] = $_POST['attachpath'];
$blogarr['attachname'] = $_POST['attachname'];
$blogarr['attachsize'] = $_POST['attachsize'];
}
if ($olds['blogid']) {
//����
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid' => $blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
//��������
$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//����
$fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']);
//TAG
$oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if ($POST['tag'] != $oldtagstr) {
if (!empty($olds['tag'])) {
//�Ȱ���ǰ�ĸ������
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if ($oldtags) {
$_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET blognum=blognum-1 WHERE tagid IN (" . simplode($oldtags) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//���¸����е�tag
$fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr));
}
if ($olds) {
//����
updatetable('blogfield', $fieldarr, array('blogid' => $blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//�ռ����
if ($isself) {
if ($olds) {
//�ռ����
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'");
} else {
if (empty($space['blognum'])) {
$space['blognum'] = getcount('blog', array('uid' => $space['uid']));
$blognumsql = "blognum=" . $space['blognum'];
} else {
$blognumsql = 'blognum=blognum+1';
}
//���
$reward = getreward('publishblog', 0);
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$blognumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
//ͳ��
updatestat('blog');
}
}
//����feed
if ($POST['makefeed']) {
include_once S_ROOT . './source/function_feed.php';
feed_publish($blogid, 'blogid', $olds ? 0 : 1);
}
//����
if (empty($olds) && $blogarr['topicid']) {
topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}
//��ɫ�л�
if (!empty($__SGLOBAL)) {
$_SGLOBAL = $__SGLOBAL;
}
return $blogarr;
}
function exportfile($array, $filename)
{
global $_SGLOBAL, $_SCONFIG;
global $_SERVER;
$array['version'] = strip_tags(S_VER);
$time = sgmdate($_SGLOBAL['timestamp']);
$exporttext = "# SupeSite Dump\r\n" . "# Version: SupeSite " . S_VER . "\r\n" . "# Time: {$time}\r\n" . "# From: {$_SCONFIG['sitename']} (" . S_URL . ")\r\n" . "#\r\n" . "# This file was BASE64 encoded\r\n" . "#\r\n" . "# SupeSite: http://www.supesite.com\r\n" . "# Please visit our website for latest news about SupeSite\r\n" . "# --------------------------------------------------------\r\n\r\n\r\n" . wordwrap(base64_encode(serialize($array)), 50, "\r\n", 1);
obclean();
header('Content-Encoding: none');
header('Content-Type: ' . (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') ? 'application/octetstream' : 'application/octet-stream'));
header('Content-Disposition: attachment; filename="' . $filename . '.txt"');
header('Content-Length: ' . strlen($exporttext));
header('Pragma: no-cache');
header('Expires: 0');
echo $exporttext;
exit;
}
write('<loc>' . $filevalue . '</loc>');
write('<lastmod>' . sgmdate($_SGLOBAL['timestamp'], 'Y-m-d') . '</lastmod>');
write('</sitemap>');
}
}
fclose($fp);
if (!empty($urlarr)) {
foreach ($urlarr as $n => $itemurlarr) {
$sitemapfile = $sitemap_path . $value['mapname'] . '_' . $n . '.xml';
if ($fp = @fopen($sitemapfile, 'w+')) {
write('<?xml version="1.0" encoding="utf-8"?>');
write('<urlset xmlns="http://www.google.com/schemas/sitemap/0.84">');
foreach ($itemurlarr as $url) {
write('<url>');
write('<loc>' . $url . '</loc>');
write('<lastmod>' . sgmdate($_SGLOBAL['timestamp'], 'Y-m-d') . '</lastmod>');
write('<changefreq>' . $value['changefreq'] . '</changefreq>');
write('</url>');
}
}
write('</urlset>');
fclose($fp);
}
}
}
$lastfileid = count($sitemapdata['file']);
$mapdata = addslashes(serialize($sitemapdata));
$_SGLOBAL['db']->query("UPDATE " . tname('sitemaplogs') . " SET lastitemid='{$value['lastitemid']}', dateline='{$_SGLOBAL['timestamp']}', mapdata='{$mapdata}', lastfileid='{$lastfileid}' WHERE slogid='{$value['slogid']}'");
if ($value['lastitemid'] < $countnum) {
showmessage($alang['sitemap_start_create'] . $value['lastitemid'] . '->' . ($value['lastitemid'] + $value['mapnum']) . $alang['sitemap_start_create_1'], $theurl . '&op=update&start=1&slogid=' . $value['slogid']);
} else {
}
echo $htmlarr['js'];
echo label(array('type' => 'form-start', 'name' => 'listform', 'action' => $theurl));
echo label(array('type' => 'table-start', 'class' => 'listtable'));
echo '<tr>';
echo '<th width="50">' . $alang['space_select'] . '</th>';
echo '<th>' . $alang['tag_tagname'] . '/' . $alang['tag_relativetags'] . '</th>';
echo '<th width="80">' . $alang['tag_creat_dateline'] . '</th>';
echo '<th width="80">' . $alang['tag_username'] . '</th>';
echo '<th width="70">' . $alang['tag_spacenewsnum'] . '</th>';
echo '<th width="50">' . $alang['tag_close'] . '</th>';
echo '<th width="50">' . $alang['tag_op'] . '</th>';
echo '</tr>';
foreach ($listarr as $listvalue) {
empty($class) ? $class = ' class="darkrow"' : ($class = '');
$listvalue['dateline'] = sgmdate($listvalue['dateline'], $_SGLOBAL['member']['dateformat']);
if ($listvalue['close']) {
$listvalue['tagname'] = '<a href="' . geturl('action/tag/tagid/' . $listvalue['tagid']) . '" target="_blank">' . $listvalue['tagname'] . '</a>';
} else {
$listvalue['tagname'] = '<a href="' . geturl('action/tag/tagid/' . $listvalue['tagid']) . '" target="_blank"><b>' . $listvalue['tagname'] . '</b></a>';
}
echo '<tr' . $class . '>';
echo '<td><input name="item[]" type="checkbox" value="' . $listvalue['tagid'] . '" /></td>';
echo '<td>' . $listvalue['tagname'] . '<p class="relativetags">' . $listvalue['relativetags'] . '</p></td>';
echo '<td>' . $listvalue['dateline'] . '</td>';
echo '<td>' . $listvalue['username'] . '</td>';
echo '<td>' . $listvalue['spacenewsnum'] . '</td>';
echo '<td>' . $alang['tag_close_' . $listvalue['close']] . '</td>';
echo '<td><a href="' . $theurl . '&op=edit&tagid=' . $listvalue['tagid'] . '">' . $alang['space_edit'] . '</a></td>';
echo '</tr>';
}
$tables = arraykeys2(fetchtablelist($tablepre), 'Name');
} elseif ($type == 'custom') {
if (isset($_POST['setup'])) {
//POST submit backup
$tables = empty($_POST['customtables']) ? array() : $_POST['customtables'];
data_set('custombackup', $tables);
} else {
//Jump backup automatically
$tables = data_get('custombackup');
$tables = unserialize($tables);
}
}
if (empty($tables) || !is_array($tables)) {
cpmessage('backup_table_wrong');
}
$time = sgmdate('Y-m-d H:i:s', $_SGLOBAL['timestamp']);
$idstring = '# Identify: ' . base64_encode("{$_SGLOBAL['timestamp']}," . X_VER . ",{$type},{$method},{$volume}") . "\n";
$dumpcharset = $sqlcharset ? $sqlcharset : str_replace('-', '', $_SC['charset']);
$setnames = $sqlcharset && $_SGLOBAL['db']->version() > '4.1' && (!$sqlcompat || $sqlcompat == 'MYSQL41') ? "SET NAMES '{$dumpcharset}';\n\n" : '';
if ($_SGLOBAL['db']->version() > '4.1') {
if ($sqlcharset) {
$_SGLOBAL['db']->query("SET NAMES '{$sqlcharset}'");
}
if ($sqlcompat == 'MYSQL40') {
$_SGLOBAL['db']->query("SET SQL_MODE='MYSQL40'");
} elseif ($sqlcompat == 'MYSQL41') {
$_SGLOBAL['db']->query("SET SQL_MODE=' '");
}
}
$backupfile = S_ROOT . './data/' . $backupdir . '/' . $filename;
if ($usezip) {
$output .= '<th>' . $tmpvalue['fieldcomment'] . '</th>' . "\n";
$output .= '<td>' . "\n";
$htmlarr[$tmpkey]['content'] = '';
if (!empty($tmpvalue['isflash'])) {
$htmlarr[$tmpkey]['content'] .= '<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="400" height="300">';
$htmlarr[$tmpkey]['content'] .= '<param name="movie" value="' . $tmpvalue['filepath'] . '" />';
$htmlarr[$tmpkey]['content'] .= '<param name="quality" value="high" />';
$htmlarr[$tmpkey]['content'] .= '<embed src="' . $tmpvalue['filepath'] . '" type="application/x-shockwave-flash" pluginspage=" http://www.macromedia.com/go/getflashplayer" width="400" height="300"/>';
$htmlarr[$tmpkey]['content'] .= '</object>';
} elseif (!empty($tmpvalue['isfile'])) {
$htmlarr[$tmpkey]['content'] .= '<a href="' . $siteurl . '/batch.modeldownload.php?hash=' . $tmpvalue['filepath'] . '">' . $alang['download_title'] . '</a>';
} elseif (!empty($tmpvalue['isimage'])) {
$htmlarr[$tmpkey]['content'] .= '<a href="' . $tmpvalue['filepath'] . '" target="_blank"><img src="' . $tmpvalue['filepath'] . '"></a>';
} else {
if ($tmpvalue['formtype'] == 'timestamp') {
$tmpvalue['value'] = sgmdate($tmpvalue['value']);
}
$htmlarr[$tmpkey]['content'] .= !is_array($tmpvalue['value']) ? $tmpvalue['value'] : implode(', ', $tmpvalue['value']);
}
$output .= '</td>' . "\n";
$output .= '</tr>' . "\n";
}
}
}
$output .= '</table>';
} elseif ($op == 'list') {
$tablename = $do == 'pass' ? $nameid . 'items' : 'modelfolders';
$uidsql = "uid='{$_SGLOBAL['supe_uid']}'";
if ($do != 'pass') {
$uidsql .= ' AND mid=\'' . $cacheinfo['models']['mid'] . '\' AND folder=\'1\'';
}
function ckspacelog()
{
global $_SGLOBAL;
if (empty($_SGLOBAL['supe_uid'])) {
return false;
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('spacelog') . " WHERE uid='{$_SGLOBAL['supe_uid']}'");
if ($value = $_SGLOBAL['db']->fetch_array($query)) {
if ($value['expiration'] && $value['expiration'] <= $_SGLOBAL['timestamp']) {
//到期
$_SGLOBAL['db']->query("DELETE FROM " . tname('spacelog') . " WHERE uid='{$_SGLOBAL['supe_uid']}'");
}
$expiration = sgmdate('Y-m-d H:i', $value['expiration']);
showmessage('no_authority_expiration' . ($value['expiration'] ? '_date' : ''), '', 1, array($expiration));
}
}
$options[$votekey]['num']++;
$pollnum++;
} else {
showmessage('no_votekey');
}
}
$options = addslashes(serialize($options));
$voters[] = $ip;
$voters = addslashes(serialize($voters));
$_SGLOBAL['db']->query('UPDATE ' . tname('polls') . ' SET pollnum=pollnum+' . $pollnum . ', updatetime=' . $_SGLOBAL['timestamp'] . ', options=\'' . $options . '\', voters=\'' . $voters . '\' WHERE pollid=\'' . $pollid . '\'');
//积分 和 经验
getreward('postvote');
showmessage('do_success', geturl('action/poll/pollid/' . $pollid));
}
$poll['options'] = unserialize($poll['options']);
if (empty($poll['voters'])) {
$poll['voters'] = array();
} else {
$poll['voters'] = unserialize($poll['voters']);
}
//投票人数
$poll['votersnum'] = count($poll['voters']);
$poll['dateline'] = sgmdate($poll['dateline'], 'Y-m-d H:i:s');
$poll['updatetime'] = sgmdate($poll['updatetime'], 'Y-m-d H:i:s');
foreach ($poll['options'] as $key => $options) {
$options['percent'] = @sprintf("%01.2f", $options['num'] * 100 / $poll['pollnum']);
$poll['options'][$key] = $options;
}
$poll['votecount'] = count($poll['voters']);
$title = $lang['poll'];
include template('site_poll');
$listcount = $_SGLOBAL['db']->result($query, 0);
$multipage = '';
if ($listcount) {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('announcements') . ' WHERE starttime <= \'' . $_SGLOBAL['timestamp'] . '\' AND (endtime >= \'' . $_SGLOBAL['timestamp'] . '\' OR endtime = 0) ORDER BY displayorder DESC, starttime DESC LIMIT ' . $start . ',' . $perpage);
while ($item = $_SGLOBAL['db']->fetch_array($query)) {
$item['starttime'] = $item['starttime'] ? sgmdate($item['starttime']) : '-';
$item['endtime'] = $item['endtime'] ? sgmdate($item['endtime']) : '-';
$item['url'] = geturl('action/announcement/id/' . $item['id']);
$listvalue[] = $item;
}
$urlarr = array('action' => 'announcement');
$multipage = multi($listcount, $perpage, $page, $urlarr, 0);
}
} else {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('announcements') . ' WHERE id=\'' . $id . '\'');
if ($announce = $_SGLOBAL['db']->fetch_array($query)) {
$announce['starttime'] = $announce['starttime'] ? sgmdate($announce['starttime']) : '-';
$announce['endtime'] = $announce['endtime'] ? sgmdate($announce['endtime']) : '-';
if (empty($announce['announcementsurl'])) {
$announce['url'] = geturl('action/announcement/id/' . $id);
} else {
sheader($announce['announcementsurl']);
}
$listvalue[] = $announce;
$multipage = '<div class="anno_more"><a href="' . geturl('action/announcement') . '">MORE</a></div>';
} else {
showmessage('not_found');
}
}
$title = $lang['announcement'];
include template('site_announcement');
break;
case 'event':
$query = $_SGLOBAL['db']->query("SELECT e.*, ef.hotuser\r\n\t\t \tFROM " . tname("event") . " e\r\n\t\t \tLEFT JOIN " . tname('eventfield') . " ef\r\n\t\t \tON ef.eventid=e.eventid\r\n\t\t \tWHERE e.eventid='{$id}'");
if (!($event = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('event_does_not_exist');
}
if ($event['uid'] == $space['uid']) {
showmessage('share_not_self');
}
//Blacklist
if (isblacklist($event['uid'])) {
showmessage('is_blacklist');
}
$arr['title_template'] = cplang('share_event');
$arr['body_template'] = '<b>{eventname}</b><br>' . cplang("event_time") . ": {eventtime}<br>" . cplang("event_location") . ": {eventlocation}<br>" . cplang("event_creator") . ": {eventcreator}";
$arr['body_data'] = array('eventname' => "<a href=\"space.php?do=event&id={$event['eventid']}\">{$event['title']}</a>", 'eventtime' => sgmdate('m-d H:i', $event['starttime']) . " - " . sgmdate("m-d H:i", $event['endtime']), 'eventlocation' => "{$event['country']} {$event['province']} {$event['city']} {$event['location']}", 'eventcreator' => $event['username']);
$arr['image'] = $_SC['attachurl'] . $event['poster'];
if (empty($event['poster'])) {
include_once S_ROOT . './data/data_eventclass.php';
$arr['image'] = $_SGLOBAL['eventclass'][$event['classid']]['poster'];
}
$arr['image_link'] = "space.php?do=event&id={$event['eventid']}";
$hotarr = array('eventid', $event['eventid'], $event['hotuser']);
break;
case 'poll':
$query = $_SGLOBAL['db']->query("SELECT p.*,pf.* FROM " . tname('poll') . " p\r\n\t\t\t\tLEFT JOIN " . tname('pollfield') . " pf ON pf.pid=p.pid\r\n\t\t\t\tWHERE p.pid='{$id}'");
if (!($poll = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('poll_does_not_exist');
}
if ($poll['uid'] == $space['uid']) {
showmessage('share_not_self');
$list[$value['uid']] = $value;
}
}
realname_get();
} else {
$yearhtml = '';
$nowy = sgmdate('Y');
for ($i = 0; $i < 50; $i++) {
$they = $nowy - $i;
$yearhtml .= "<option value=\"{$they}\">{$they}</option>";
}
//性别
$sexarr = array($space['sex'] => ' checked');
//生日:年
$birthyeayhtml = '';
$nowy = sgmdate('Y');
for ($i = 0; $i < 100; $i++) {
$they = $nowy - $i;
if (empty($_GET['all'])) {
$selectstr = $they == $space['birthyear'] ? ' selected' : '';
}
$birthyeayhtml .= "<option value=\"{$they}\"{$selectstr}>{$they}</option>";
}
//生日:月
$birthmonthhtml = '';
for ($i = 1; $i < 13; $i++) {
if (empty($_GET['all'])) {
$selectstr = $i == $space['birthmonth'] ? ' selected' : '';
}
$birthmonthhtml .= "<option value=\"{$i}\"{$selectstr}>{$i}</option>";
}
//Only up to 10 activities per day
$days[$i]['events'][] = $value;
$days[$i]['count'] += 1;
$days[$i]['class'] = " on_link";
}
}
}
unset($events);
if ($month == intval(sgmdate("m")) && $year == intval(sgmdate("Y"))) {
$d = intval(sgmdate("j"));
$days[$d]['class'] = "on_today";
}
if ($_GET['date']) {
$t = sstrtotime($_GET['date']);
if ($month == intval(sgmdate("m", $t)) && $year == intval(sgmdate("Y", $t))) {
$d = intval(sgmdate("j", $t));
$days[$d]['class'] = "on_select";
}
}
//URL
$url = $_GET['url'] ? preg_replace("/date=[\\d\\-]+/", '', $_GET['url']) : "space.php?do=event";
} elseif ($_GET['op'] == 'edithot') {
// Permissions
if (!checkperm('manageevent')) {
showmessage('no_privilege');
}
if (submitcheck('hotsubmit')) {
$_POST['hot'] = intval($_POST['hot']);
updatetable('event', array('hot' => $_POST['hot']), array('eventid' => $eventid));
if ($_POST['hot'] > 0) {
include_once S_ROOT . './source/function_feed.php';
$walllist[] = $value;
}
}
$mywalllist = array();
if ($_SGLOBAL['mygroupid'] == 3 || ckprivacy('wall')) {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('comment') . " WHERE authorid='{$space['uid']}' AND idtype='uid' ORDER BY dateline DESC LIMIT 0,12");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
realname_set($value['authorid'], $value['author']);
$value['message'] = strlen($value['message']) > 500 ? getstr($value['message'], 500, 0, 0, 0, 0, -1) . ' ...' : $value['message'];
$mywalllist[] = $value;
}
}
//ᅧᅦ워ᅳᅬ
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('session') . " WHERE uid = '{$space['uid']}'");
$value = $_SGLOBAL['db']->fetch_array($query);
$isonline = empty($value) || $value['magichidden'] ? 0 : sgmdate('H:i:s', $value['lastactivity'], 1);
//ᄋᄌ
$theme = empty($_GET['theme']) ? '' : preg_replace("/[^0-9a-z]/i", '', $_GET['theme']);
if ($theme == 'uchomedefault') {
$_SGLOBAL['space_theme'] = $_SGLOBAL['space_css'] = '';
} elseif ($theme) {
$cssfile = S_ROOT . './theme/' . $theme . '/style.css';
if (file_exists($cssfile)) {
$_SGLOBAL['space_theme'] = $theme;
$_SGLOBAL['space_css'] = '';
}
} else {
if (!$space['self'] && $_SGLOBAL['member']['nocss']) {
$_SGLOBAL['space_theme'] = $_SGLOBAL['space_css'] = '';
}
}
if(isset($_GET['namestatus'])) {
$wherearr[] = "namestatus='".(empty($_GET['namestatus']) ? 0 : intval($_GET['namestatus']))."'";
}
$order = !empty($_GET['order']) ? strtolower(trim($_GET['order'])) : 'dateline';
$sc = !empty($_GET['sc']) ? strtoupper(trim($_GET['sc'])) : 'DESC';
if(!in_array($order, array('dateline', 'updatetime', 'viewnum', 'friendnum', 'credit'))) $order = 'dateline';
if(!in_array($sc, array('DESC', 'ASC'))) $sc = 'DESC';
if($wherearr) $sql = 'WHERE '.implode(' AND ', $wherearr);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('space')." $sql ORDER BY $order $sc LIMIT $start,$limit");
while($value = $_SGLOBAL['db']->fetch_array($query)) {
$value['dateline'] = sgmdate('m-d H:i', $value['dateline']);
$value['updatetime'] = sgmdate('m-d H:i', $value['updatetime']);
$value['userlink'] = $siteurl.'space.php?uid='.$value['uid'];
$value['photo'] = ckavatar($value['uid']) ? avatar($value['uid'], 'small',true) : UC_API.'/images/noavatar_small.gif';
$value = sstripslashes($value);
$spacelist[] = $value;
}
echo serialize($spacelist);
function getscopequery($var, $tarr, $isdate=0, $pre='') {
global $_SGLOBAL;
$wheresql = '';
if(!empty($pre)) $pre = $pre.'.';
if($tarr) {
function getRecentPosts($type, $username, $password, $num = 50)
{
$this->authUser($username, $password);
$struct = array();
$uid = $this->member['uid'];
$num = intval($num);
if ($num < 1) {
$num = 1;
}
$query = $this->db->query("SELECT bf.message, b.blogid, b.subject, b.dateline FROM " . tname('blog') . " b LEFT JOIN " . tname('blogfield') . " bf ON bf.blogid=b.blogid WHERE b.uid ='{$uid}' ORDER BY b.dateline DESC LIMIT 0,{$num}");
while ($item = $this->db->fetch_array($query)) {
$item['dateline'] = sgmdate('Ymd\\TH:i:s', $item['dateline']);
$struct[] = array('postid' => $item['blogid'], 'userid' => $uid, 'dateCreated' => $item['dateline'], 'title' => $item['subject'], 'categories' => array($item['classname']), 'description' => $item['message'], 'content' => $item['message']);
}
return $struct;
}
cpmessage('do_success', 'admincp.php?ac=task');
}
if ($_GET['op'] == 'edit') {
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('task') . " WHERE taskid='{$taskid}'");
if ($thevalue = $_SGLOBAL['db']->fetch_array($query)) {
$thevalue['starttime'] = $thevalue['starttime'] ? sgmdate('Y-m-d H:i:s', $thevalue['starttime']) : '';
$thevalue['endtime'] = $thevalue['endtime'] ? sgmdate('Y-m-d H:i:s', $thevalue['endtime']) : '';
}
} elseif ($_GET['op'] == 'add') {
$thevalue = array('taskid' => 0, 'available' => 1, 'nexttime' => 0, 'credit' => 0);
} elseif ($_GET['op'] == 'delete') {
$_SGLOBAL['db']->query("DELETE FROM " . tname('task') . " WHERE taskid='{$taskid}'");
$_SGLOBAL['db']->query("DELETE FROM " . tname('usertask') . " WHERE taskid='{$taskid}'");
// Update Cache
include_once S_ROOT . './source/function_cache.php';
task_cache();
cpmessage('do_success', 'admincp.php?ac=task');
} else {
// list
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('task') . " ORDER BY displayorder");
while ($task = $_SGLOBAL['db']->fetch_array($query)) {
$task['starttime'] = $task['starttime'] ? sgmdate("Y-m-d H:i:s", $task['starttime']) : 'N/A';
$task['endtime'] = $task['endtime'] ? sgmdate("Y-m-d H:i:s", $task['endtime']) : 'N/A';
$task['image'] = empty($task['image']) ? 'image/task.gif' : $task['image'];
$list[] = $task;
}
$actives = array('view' => ' class="active"');
}
$nexttypearr = array($thevalue['nexttype'] => ' selected');
$nextimestyle = $thevalue['nexttype'] == 'time' ? '' : 'none';
$availables = array($thevalue['available'] => ' checked');
