www.gusucode.com > ShopEx481 & PHPWind 整合版码程序 > bbs/hack/colony/require/setting.php
<?php
!function_exists('readover') && exit('Forbidden');
if ($job=='member') {
if ($_POST['step']!=2) {
require_once PrintHack('home');
(int)$page < 1 && $page = 1;
$pageid = ($page-1)*$db_perpage;
$count = count($memberdb);
$memberdb = array_slice($memberdb,$pageid,$db_perpage);
$cymembers = array();
foreach ($memberdb as $key => $value) {
if (!$admindb[$winduid] && $value['ifadmin'] == -1) continue;
$cymembers[$key] = $value;
}
unset($memberdb);
if ($count > $db_perpage) {
require_once(R_P.'require/forum.php');
$pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&cyid=$cyid&job=member&$addpage");
}
} else {
$selids = '';
InitGP(array('selid','action'),'P',1);
if (is_array($selid)) {
foreach ($selid as $value) {
if (is_numeric($value) && $value!=$winduid) {
$selids .= ($selids ? ',' : '')."'$value'";
}
}
}
$passdb = array();
$ifadmin = $select = $leftjoin = '';
if ($selids && in_array($action,array('deladmin','pass','del'))) {
if ($action == 'pass') {
$select = ',md.onlineip';
$leftjoin = ' LEFT JOIN pw_memberdata md ON cm.uid=md.uid';
}
$query = $db->query("SELECT cm.uid,cm.username,cm.ifadmin$select FROM pw_cmembers cm$leftjoin WHERE cm.colonyid='$cyid' AND cm.uid IN ($selids)");
while ($rt = $db->fetch_array($query)) {
if ($rt['ifadmin'] != -1 && $action=='deladmin') {
$alldb['admin'] == $rt['username'] && Showmsg('colony_delladminfail');
$ifadmin .= ($ifadmin ? ',' : '')."'$rt[uid]'";
} elseif ($rt['ifadmin'] == -1 && $action=='pass') {
$alldb['intomoney'] > UserCredit($rt['uid'],$cn_moneytype) && Showmsg('colony_passfail');
$passdb[] = $rt;
$ifadmin .= ($ifadmin ? ',' : '')."'$rt[uid]'";
} elseif ($action=='del') {
if ($alldb['admin'] == $rt['username']) {
Showmsg('colony_delfail');
} elseif ($windid != $alldb['admin'] && $rt['ifadmin'] == '1') {
Showmsg('colony_manager');
}
$ifadmin .= ($ifadmin ? ',' : '')."'$rt[uid]'";
}
}
$selids = $ifadmin;
$ifadmin = 0;
}
!$selids && Showmsg('selid_illegal');
$selids = strpos($selids,',')!==false ? "IN ($selids)" : "= $selids";
if ($action=='addamin' || $action=='deladmin') {
$action=='addamin' && $ifadmin = 1;
$db->update("UPDATE pw_cmembers SET ifadmin='$ifadmin' WHERE colonyid='$cyid' AND uid $selids");
Showmsg("colony_$action");
} elseif ($action == 'pass') {
$cn_moneytype == 'currency' && require_once(R_P.'require/tool.php');
$count = count($passdb);
foreach ($passdb as $value) {
if ($cn_moneytype == 'currency') {
list($value['onlineip']) = explode('|',$value['onlineip']);
$logdata = array(
'type' => 'join',
'nums' => 0,
'money' => 0,
'descrip' => 'join_descrip',
'uid' => $value['uid'],
'username' => $value['username'],
'ip' => $value['onlineip'],
'time' => $timestamp,
'currency' => $alldb['intomoney'],
'cname' => $alldb['cname'],
);
writetoollog($logdata);
}
$log = array(
'type' => 'cy_join',
'username1' => Char_cv($value['username']),
'username2' => Char_cv($windid),
'field1' => (int)$alldb['intomoney'],
'field2' => $cyid,
'field3' => Char_cv($alldb['cname']),
'timestamp' => $timestamp,
'ip' => $onlineip,
);
require GetLang('log');
$log['descrip'] = Char_cv($lang['join_descrip']);
$db->update("INSERT INTO pw_forumlog (type,username1,username2,field1,field2,field3,descrip,timestamp,ip) VALUES('$log[type]','$log[username1]','$log[username2]','$log[field1]','$log[field2]','$log[field3]','$log[descrip]','$log[timestamp]','$log[ip]')");
require_once(R_P.'require/msg.php');
$message = array(
$value['username'],
$winduid,
'join_title',
$timestamp,
'join_content',
'',
$windid
);
writenewmsg($message,1);
}
if (in_array($cn_moneytype,array('money','rvrc','credit','currency'))) {
$temprvrc = $cn_moneytype == 'rvrc' ? $alldb['intomoney']*10 : $alldb['intomoney'];
$db->update("UPDATE pw_memberdata SET $cn_moneytype=$cn_moneytype-'$temprvrc' WHERE uid $selids");
} elseif (is_numeric($cn_moneytype) && isset($_CREDITDB[$cn_moneytype])) {
$db->update("UPDATE pw_membercredit SET value=value-'$alldb[intomoney]' WHERE uid $selids AND cid='$cn_moneytype'");
}
$db->update("UPDATE pw_cmembers SET ifadmin=0 WHERE colonyid='$cyid' AND uid $selids");
$db->update("UPDATE pw_colonys SET cmoney=cmoney+'".($alldb['intomoney']*$count)."' WHERE id='$cyid'");
Showmsg('colony_pass');
} elseif ($action == 'del') {
$db->update("DELETE FROM pw_cmembers WHERE colonyid='$cyid' AND uid $selids");
$count = strpos($selids,',')!==false ? $db->affected_rows() : 1;
$db->update("UPDATE pw_colonys SET members=members-'$count' WHERE id='$cyid'");
Showmsg('colony_del');
}
}
} elseif ($job=='seemember') {
$uid = (int)$_GET['uid'];
$uid != $winduid && !$admindb[$winduid] && $groupid!=3 && Showmsg('colony_cnmenber');
@extract($db->get_one("SELECT id,username,realname,gender,tel,email,address,introduce FROM pw_cmembers WHERE colonyid='$cyid' AND uid='$uid'"));
!$id && Showmsg('colony_noseecard');
require_once PrintHack('home');
} elseif ($job=='editmember') {
$rt = $db->get_one("SELECT id,realname,gender,tel,email,address,introduce FROM pw_cmembers WHERE colonyid='$cyid' AND uid='$winduid'");
if ($_POST['step']!=2) {
@extract($rt);
!$id && Showmsg('colony_nocard');
${'gender_'.$gender} = 'selected';
require_once PrintHack('home');
} else {
InitGP(array('realname','tel','email','address','introduce'),'P',1);
$gender = (int)$_POST['gender'];
!$realname && Showmsg('colony_realname');
if ($realname != $rt['realname']) {
$rts = $db->get_one("SELECT id FROM pw_cmembers WHERE realname='$realname' AND colonyid='$cyid'");
$rts['id'] && Showmsg('colony_samerealname');
$updatesql = ",realname='$realname'";
}
$db->update("UPDATE pw_cmembers SET gender='$gender',tel='$tel',email='$email',address='$address',introduce='$introduce'$updatesql WHERE colonyid='$cyid' AND uid='$winduid'");
refreshto("$basename&cyid=$cyid&job=seemember&uid=$winduid",'colony_cardsuccess');
}
} elseif ($job=='boardlist') {
require_once PrintHack('home');
$ifsort=0;
(int)$page < 1 && $page = 1;
$limit = "LIMIT ".($page-1)*$db_perpage.",$db_perpage";
$argudb = array();
$query = $db->query("SELECT tid,author,authorid,lastpost,subject,topped,toppedtime FROM pw_argument WHERE gid='$cyid' AND tpcid='0' ORDER BY topped DESC,lastpost DESC $limit");
while ($rt = $db->fetch_array($query)) {
if($rt[topped]>0 && $rt[toppedtime] && ($timestamp > $rt[toppedtime])){
$db->update("UPDATE pw_argument SET topped='0',toppedtime='0' WHERE tid='$rt[tid]'");
}
$rt[topped] && $ifsort=1;
$rt['lastpost'] = get_date($rt['lastpost']);
$argudb[] = $rt;
}
$db->free_result($query);
@extract($db->get_one("SELECT COUNT(*) AS count FROM pw_argument WHERE gid='$cyid' AND tpcid='0'"));
if ($count > $db_perpage) {
require_once(R_P.'require/forum.php');
$pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&cyid=$cyid&job=boardlist&");
}
} elseif($job=='delboardlist'){
if(!$admindb[$winduid] && $groupid!=3){
Showmsg('colony_delright');
}
$selids = '';
InitGP(array('selid'),'P',1);
if (is_array($selid)) {
foreach ($selid as $value) {
if (is_numeric($value)) {
$selids .= ($selids ? ',' : '')."'$value'";
}
}
}
!$selids && Showmsg('selid_illegal');
$selids = strpos($selids,',')!==false ? "IN ($selids)" : "= $selids";
if($_POST['step'] != 2){
require_once PrintHack('home');
$query = $db->query("SELECT tid,author,authorid,lastpost,subject FROM pw_argument WHERE gid='$cyid' AND tpcid='0' AND tid $selids ORDER BY lastpost DESC");
while($rt = $db->fetch_array($query)){
$rt['lastpost'] = get_date($rt['lastpost']);
$argudb[] = $rt;
}
}else{
$db->update("DELETE FROM pw_argument WHERE tid $selids");
$db->update("DELETE FROM pw_argument WHERE gid='$cyid' AND tpcid $selids");
refreshto("$basename&cyid=$cyid&job=boardlist",'colony_delsuccess');
}
} elseif ($job=='addboard') {
if ($_POST['step']!=2) {
$tid = 0;
$subject = $content = '';
require_once PrintHack('home');
} else {
InitGP(array('subject','content'),'P',1);
$tid <= 0 && !$subject && Showmsg('colony_posterror');
strlen($subject)>50 && Showmsg('colony_subject');
!$content && Showmsg('colony_posterror');
$tid>0 && strlen($content)>255 && $content = substrs($content,255,'N');
require_once(R_P.'require/postfunc.php');
$content = autourl($content);
$db->update("INSERT INTO pw_argument(tpcid,gid,author,authorid,postdate,lastpost,subject,content) VALUES('$tid','$cyid','".addslashes($windid)."','$winduid','$timestamp','$timestamp','$subject','$content')");
if ($tid) {
$db->update("UPDATE pw_argument SET lastpost='$timestamp' WHERE tid='$tid'");
} else {
$tid = $db->insert_id();
}
refreshto("$basename&job=readboard&cyid=$cyid&tid=$tid",'colony_postsuccess');
}
} elseif ($job=='editboard') {
if ($_POST['step']!=2) {
@extract($db->get_one("SELECT subject,content FROM pw_argument WHERE tid='$tid'"));
!$subject && Showmsg('illegal_tid');
require_once PrintHack('home');
} else {
InitGP(array('subject','content'),'P',1);
(!$subject || !$content) && Showmsg('colony_posterror');
strlen($subject)>50 && Showmsg('colony_subject');
strlen($content)>255 && $content = substrs($content,255,'N');
require_once(R_P.'require/postfunc.php');
$content = autourl($content);
$db->update("UPDATE pw_argument SET subject='$subject',content='$content' WHERE tid='$tid'");
refreshto("$basename&job=readboard&cyid=$cyid&tid=$tid",'colony_postsuccess');
}
} elseif ($job=='delboard') {
@extract($db->get_one("SELECT tpcid,gid,authorid FROM pw_argument WHERE tid='$tid'"));
!$authorid && Showmsg('illegal_tid');
if ($cyid != $gid || ($authorid!=$winduid && !$admindb[$winduid] && $groupid!=3)) {
Showmsg('colony_delright');
}
$db->update("DELETE FROM pw_argument WHERE tid='$tid'");
if (!$tpcid) {
$db->update("DELETE FROM pw_argument WHERE gid='$gid' AND tpcid='$tid'");
$refreshto = "$basename&job=boardlist&cyid=$gid";
} else {
$refreshto = "$basename&job=readboard&cyid=$gid&tid=$tpcid";
}
refreshto($refreshto,'colony_delsuccess');
} elseif ($job=='readboard') {
@extract($db->get_one("SELECT a.tpcid,a.gid,a.author,a.authorid,a.postdate,a.lastpost,a.subject,a.content,cm.ifadmin FROM pw_argument a LEFT JOIN pw_cmembers cm ON a.authorid=cm.uid WHERE a.tid='$tid'"));
(!$subject || $cyid != $gid || $tpcid != 0) && Showmsg('illegal_tid');
require_once PrintHack('home');
$adminimg = $ifadmin==1 ? "<img src=\"$imgpath/$stylepath/group/3.gif\" align=\"absmiddle\"> " : "<img src=\"$imgpath/$stylepath/group/6.gif\" align=\"absmiddle\"> ";
require_once(R_P.'require/bbscode.php');
$havereply = $postdate != $lastpost ? true : false;
$postdate = get_date($postdate);
$content = convert(nl2br($content),$db_windpost);
$count = (int)$count;
$readdb = array();
if ($havereply) {
(int)$page < 1 && $page = 1;
@extract($db->get_one("SELECT COUNT(*) AS count FROM pw_argument WHERE gid='$gid' AND tpcid='$tid'"));
if ($count > $db_perpage) {
require_once(R_P.'require/forum.php');
$pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&job=readboard&cyid=$gid&tid=$tid&");
} else {
$page = 1;
}
$start_limit = ($page-1)*$db_perpage;
$query = $db->query("SELECT DISTINCT a.tid,a.tpcid,a.gid,a.author,a.authorid,a.postdate,a.subject,a.content,cm.ifadmin FROM pw_argument a LEFT JOIN pw_cmembers cm ON a.authorid=cm.uid WHERE a.gid='$gid' AND a.tpcid='$tid' AND cm.colonyid='$gid' ORDER BY postdate DESC LIMIT $start_limit,$db_perpage");
while ($rt = $db->fetch_array($query)) {
$start_limit++;
$rt['lou'] = $start_limit;
$rt['postdate'] = get_date($rt['postdate']);
$rt['content'] = convert(nl2br($rt['content']),$db_windpost);
$rt['adminimg'] = $rt['ifadmin']==1 ? "<img src=\"$imgpath/$stylepath/group/3.gif\" align=\"absmiddle\"> " : "<img src=\"$imgpath/$stylepath/group/6.gif\" align=\"absmiddle\"> ";
$readdb[] = $rt;
}
$db->free_result($query);
}
} elseif ($job=='topboard'){
if(!$admindb[$winduid] && $groupid!=3){
Showmsg('colony_topright');
}
$selids = '';
InitGP(array('selid'),'P',1);
if (is_array($selid)) {
foreach ($selid as $value) {
if (is_numeric($value)) {
$selids .= ($selids ? ',' : '')."'$value'";
}
}
}
!$selids && Showmsg('selid_illegal');
$selids = strpos($selids,',')!==false ? "IN ($selids)" : "= $selids";
if($_POST['step'] != 2){
require_once PrintHack('home');
$query = $db->query("SELECT tid,author,authorid,lastpost,subject FROM pw_argument WHERE gid='$cyid' AND tpcid='0' AND tid $selids ORDER BY lastpost DESC");
while($rt = $db->fetch_array($query)){
$rt['lastpost'] = get_date($rt['lastpost']);
$argudb[] = $rt;
}
}else{
InitGP(array('topped','toppedtime'),'P');
$toppedtime = (int)$toppedtime;
$toppedtime && $toppedtime = $timestamp + 86400*$toppedtime;
$db->update("UPDATE pw_argument SET topped='$topped',toppedtime='$toppedtime' WHERE tid $selids");
refreshto("$basename&cyid=$cyid&job=boardlist",'colony_topsuccess');
}
} elseif ($job=='honor') {
require_once PrintHack('home');
$honordb = $honor_order = array();
foreach ($memberdb as $key => $value) {
$honor_order[$key] = (int)$value['honor'];
}
array_multisort($honor_order,SORT_DESC,$memberdb);
$num = 0;
foreach ($memberdb as $key => $value) {
if ($num < 10 && $value['ifadmin']!=-1) {
$num++;
$value['order'] = $num;
$honordb[$key] = $value;
}
}
unset($memberdb);
} elseif ($job=='donate') {
$usermoney = UserCredit($winduid,$cn_moneytype);
if ($_POST['step']!=2) {
require_once PrintHack('home');
} else {
$sendmoney = (int)GetGP('sendmoney','P');
$sendmoney < 1 && Showmsg('colony_donateerror');
$sendmoney > $usermoney && Showmsg('colony_donatefail');
$honor = $sendmoney*1;//荣誉点与金钱的比率
$lockfile = D_P.'data/bbscache/lock_bank.txt';
$fp = fopen($lockfile,'wb+');
flock($fp,LOCK_EX);
if (in_array($cn_moneytype,array('money','rvrc','credit','currency'))) {
$temprvrc = $cn_moneytype == 'rvrc' ? $sendmoney*10 : $sendmoney;
$db->update("UPDATE pw_memberdata SET $cn_moneytype=$cn_moneytype-'$temprvrc' WHERE uid='$winduid'",0);
} elseif (is_numeric($cn_moneytype) && isset($_CREDITDB[$cn_moneytype])) {
$db->update("UPDATE pw_membercredit SET value=value-'$sendmoney' WHERE uid='$winduid' AND cid='$cn_moneytype'",0);
}
$db->update("UPDATE pw_colonys SET cmoney=cmoney+'$sendmoney' WHERE id='$cyid'");
$db->update("UPDATE pw_cmembers SET honor=honor+'$honor' WHERE uid='$winduid' AND colonyid='$cyid'");
fclose($fp);
if ($cn_moneytype == 'currency') {
require_once(R_P.'require/tool.php');
$logdata = array(
'type' => 'donate',
'nums' => 0,
'money' => 0,
'descrip' => 'donate_descrip',
'uid' => $winduid,
'username' => $windid,
'ip' => $onlineip,
'time' => $timestamp,
'currency' => $sendmoney,
'cname' => $alldb['cname']
);
writetoollog($logdata);
}
$log = array(
'type' => 'cy_donate',
'username1' => Char_cv($windid),
'username2' => '',
'field1' => $sendmoney,
'field2' => $cyid,
'field3' => Char_cv($alldb['cname']),
'timestamp' => $timestamp,
'ip' => $onlineip,
'cname' => $alldb['cname']
);
require GetLang('log');
$log['descrip'] = Char_cv($lang['donate_descrip']);
$db->update("INSERT INTO pw_forumlog (type,username1,username2,field1,field2,field3,descrip,timestamp,ip) VALUES('$log[type]','$log[username1]','$log[username2]','$log[field1]','$log[field2]','$log[field3]','$log[descrip]','$log[timestamp]','$log[ip]')");
require_once(R_P.'require/msg.php');
writenewmsg(array($alldb['admin'],$winduid,'donate_title',$timestamp,'donate_content','',$windid),1);
Showmsg('colony_donatesuccess');
}
} elseif ($job=='donatelog') {
require_once PrintHack('home');
(int)$page < 1 && $page = 1;
@extract($db->get_one("SELECT COUNT(*) AS count FROM pw_forumlog WHERE field2='$cyid' AND type='cy_donate'"));
if ($count > $db_perpage) {
require_once(R_P.'require/forum.php');
$pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&job=donatelog&cyid=$cyid&");
} else {
$page = 1;
}
$logdb = array();
$query = $db->query("SELECT username1,descrip,timestamp FROM pw_forumlog WHERE field2='$cyid' AND type='cy_donate' ORDER BY id DESC LIMIT ".($page-1)*$db_perpage.",$db_perpage");
while ($rt = $db->fetch_array($query)) {
$rt['timestamp'] = get_date($rt['timestamp'],"Y-m-d H:i");
$rt['descrip'] = str_replace(array('[b]','[/b]'),array('<b>','</b>'),$rt['descrip']);
$logdb[] = $rt;
}
$db->free_result($query);
}
require_once PrintHack('setting');footer();
?>