www.gusucode.com > ShopEx481 & PHPWind 整合版码程序 > bbs/hack/medal/index.php
<?php
!function_exists('readover') && exit('Forbidden');
$wind_in='medal';
include_once(D_P.'data/bbscache/md_config.php');
include_once(D_P.'data/bbscache/medaldb.php');
include_once(R_P.'require/showimg.php');
!$md_ifopen && Showmsg('medal_close');
$userdb = $db->get_one("SELECT medals,icon FROM pw_members WHERE uid='$winduid'");
if($userdb['medals']){
$userdb['medals'] = explode(',',$userdb['medals']);
} else{
$userdb['medals'] = '';
}
$userface = showfacedesign($userdb['icon']);
InitGP(array('action'));
if(!$action){
if($userdb['medals']){
$ifunset = 0;
foreach($userdb['medals'] as $key=>$val){
if(!array_key_exists($val,$_MEDALDB)){
unset($userdb['medals'][$key]);
$ifunset = 1;
}
}
if($ifunset){
$newmedals = implode(',',$userdb['medals']);
$db->update("UPDATE pw_members SET medals='$newmedals' WHERE uid='$winduid'");
!$newmedals && updatemedal_list();
}
}
require_once PrintHack('index');footer();
} elseif($action=='list'){
$groupid == 'guest' && Showmsg('not_login');
if(!file_exists(D_P.'data/bbscache/medals_list.php')){
updatemedal_list();
}
$uids = substr(readover(D_P.'data/bbscache/medals_list.php'),12);
if($uids){
InitGP(array('page'));
require_once(R_P.'require/forum.php');
(!is_numeric($page) || $page < 1) && $page = 1;
$limit = "LIMIT ".($page-1)*$db_perpage.",$db_perpage";
$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_members WHERE uid IN($uids)");
$pages = numofpage($rt['sum'],$page,ceil($rt['sum']/$db_perpage),"$basename&action=list&");
$listdb=array();
$query = $db->query("SELECT uid,username,medals FROM pw_members WHERE uid IN($uids) ORDER BY uid $limit");
while($rt = $db->fetch_array($query)){
$medals='';
$md_a = explode(',',$rt['medals']);
foreach($md_a as $key=>$value){
if($value){
if(strpos($md_groups,",$groupid,")!==false){
$medals.="<a href=\"$basename&action=award&type=2&pwuser=$rt[username]&medal=$value\" target=\"_blank\"><img src=\"$hkimg/{$_MEDALDB[$value][picurl]}\" title=\"{$_MEDALDB[$value][name]}\"></a> ";
}else{
$medals.="<img src=\"$hkimg/{$_MEDALDB[$value][picurl]}\" title=\"{$_MEDALDB[$value][name]}\"> ";
}
}
}
$rt['medals'] = $medals;
$listdb[] = $rt;
}
}
require_once PrintHack('index');footer();
} elseif($action=='award'){
if(strpos($md_groups,",$groupid,")===false){
Showmsg('medal_groupright');
}
if(!$_POST['step']){
InitGP(array('type','pwuser','medal'));
if($type==2){
$type_2="checked";
$type_1="";
}else{
$type_1="checked";
$type_2="";
}
require_once PrintHack('index');footer();
} elseif($_POST['step']=="2"){
InitGP(array('pwuser','reason','medal','type','timelimit'),null,'1');
strpos($pwuser,',') && $pwuser = explode(',',$pwuser);
$medal = (int)$medal;
!$medal && Showmsg('medal_nomedal');
$reason = Char_cv($reason);
!$reason && Showmsg('medal_noreason');
$timelimit = (int)$timelimit;
require_once(R_P.'require/msg.php');
if(is_array($pwuser)){
foreach($pwuser as $key=>$val){
if(!$val){
unset($pwuser[$key]);
}else{
$pwuser[$key] = "'".$val."'";
}
}
$pwuser = implode(',',$pwuser);
}else{
$pwuser = "'".$pwuser."'";
}
!$pwuser && Showmsg('username_empty');
$rs = $db->query("SELECT uid,username,medals FROM pw_members WHERE username IN($pwuser)");
$awardusers = array();
while ($rt = $db->fetch_array($rs)){
Add_S($rt);
if($type==1){
if($rt['medals'] && strpos(",$rt[medals],",",$medal,")!==false){
$erroruser = $rt['username'];
Showmsg('medal_alreadyhave');
} elseif($rt['medals']){
$rt['medals']="$rt[medals],$medal";
} else{
$rt['medals']=$medal;
}
}elseif($type==2){
if(!$rt['medals'] || strpos(",$rt[medals],",",$medal,")===false){
$erroruser = $rt['username'];
Showmsg('medal_none');
} else{
$rt['medals']=substr(str_replace(",$medal,",',',",$rt[medals],"),1,-1);
}
}else{
Showmsg('illegal_request');
}
$awardusers[] = $rt;
}
!count($awardusers) && Showmsg('medal_nouser');
$insertlogs = array();
foreach($awardusers as $rt){
if($type==1){
if($md_ifmsg){
$message=array(
$rt['username'],
$winduid,
'metal_add',
$timestamp,
"metal_add_content",
'',
$windid
);
writenewmsg($message,1);
}
}elseif($type==2){
if($md_ifmsg){
$message=array(
$rt['username'],
$winduid,
'metal_cancel',
$timestamp,
"metal_cancel_content",
'',
$windid
);
writenewmsg($message,1);
}
$timelimit=0;
$db->update("UPDATE pw_medalslogs SET state='1' WHERE awardee='$rt[username]' AND level='$medal'");
}else{
Showmsg('illegal_request');
}
$rt['medals']==',' && $rt['medals']='';
$db->update("UPDATE pw_members SET medals='$rt[medals]' WHERE uid='$rt[uid]'");
$insertlogs[] = "('$rt[username]','$windid','$timestamp','$timelimit','$medal','$type','$reason')";
}
if(count($insertlogs)){
$sql = "INSERT INTO pw_medalslogs(awardee,awarder,awardtime,timelimit,level,action,why) VALUES".implode(',',$insertlogs);
$db->update($sql);
}
updatemedal_list();
refreshto("$basename&action=list",'operate_success');
}
} elseif($action=='log'){
$groupid == 'guest' && Showmsg('not_login');
if(!$_GET['job']){
InitGP(array('page'));
require_once(R_P.'require/forum.php');
(!is_numeric($page) || $page < 1) && $page = 1;
$limit = "LIMIT ".($page-1)*$db_perpage.",$db_perpage";
$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_medalslogs WHERE action<>3");
$pages = numofpage($rt['sum'],$page,ceil($rt['sum']/$db_perpage),"$basename&action=log&");
$logdb = array();
$query = $db->query("SELECT * FROM pw_medalslogs WHERE action<>3 ORDER BY id DESC $limit");
while($rt = $db->fetch_array($query)){
$rt['awardtime'] = get_date($rt['awardtime'],'y-m-d h:i');
$logdb[] = $rt;
}
require_once PrintHack('index');footer();
} elseif($_GET['job']=='del'){
$groupid != '3' && Showmsg('medal_dellog');
$id = (int)GetGP('id');
$rt = $db->get_one("SELECT id,state,action,timelimit FROM pw_medalslogs WHERE id='$id'");
if($rt['action']==1 && $rt['state']==0 && $rt['timelimit']>0){
Showmsg('medallog_del_error');
}
$db->update("DELETE FROM pw_medalslogs WHERE id='$id'");
refreshto("$basename&action=log",'operate_success');
}else{
Showmsg('illegal_request');
}
} elseif($action=='apply'){
!$md_ifapply && Showmsg('medal_appclose');
if(strpos($md_appgroups,",$groupid,")===false){
Showmsg('medal_appgroupright');
}
$appcheck = $db->get_one("SELECT id FROM pw_medalslogs WHERE awardee='$windid' AND action=3");
$appcheck && Showmsg('medal_haveapp');
if(!$_POST['step']){
$id = (int)GetGP('id');
require_once PrintHack('index');footer();
} elseif($_POST['step']==2){
InitGP(array('reason','medal','timelimit'));
!$reason && Showmsg('medal_noreason');
$medal = (int)$medal;
!$medal && Showmsg('medal_nomedal');
$reason = Char_cv($reason);
$timelimit = (int)$timelimit;
$userdb['medals'] && in_array($medal,$userdb['medals']) && Showmsg('medal_alreadyhaveself');
$db->update("INSERT INTO pw_medalslogs(awardee,awardtime,timelimit,level,action,why) VALUES('$windid','$timestamp','$timelimit','$medal','3','$reason')");
refreshto($basename,'operate_success');
}else{
Showmsg('illegal_request');
}
} elseif($action=='approve'){
!$md_ifapply && Showmsg('medal_appclose');
if(strpos($md_groups,",$groupid,")===false){
Showmsg('medal_groupright');
}
$job = Char_cv(GetGP('job'));
if(!$job){
InitGP(array('page'));
require_once(R_P.'require/forum.php');
(!is_numeric($page) || $page < 1) && $page = 1;
$limit = "LIMIT ".($page-1)*$db_perpage.",$db_perpage";
$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_medalslogs WHERE action=3");
$pages = numofpage($rt['sum'],$page,ceil($rt['sum']/$db_perpage),"$basename&action=approve&");
$appdb = array();
$query = $db->query("SELECT * FROM pw_medalslogs WHERE action=3 ORDER BY id ASC $limit");
while($rt = $db->fetch_array($query)){
$rt['awardtime'] = get_date($rt['awardtime'],'y-m-d h:i');
$appdb[] = $rt;
}
require_once PrintHack('index');footer();
} elseif($job=='pass'){
$id = GetGP('id');
if(is_array($id)){
foreach($id as $key=>$val){
$val = (int)$val;
if($val){
$id[$key] = $val;
}else{
unset($id[$key]);
}
}
if(count($id)){
$id = implode(',',$id);
}else{
Showmsg('medal_iderror');
}
} else{
$id = (int)$id;
!$id && Showmsg('medal_iderror');
}
require_once(R_P.'require/msg.php');
$rs = $db->query("SELECT l.level,l.why,m.uid,m.username,m.medals FROM pw_medalslogs l LEFT JOIN pw_members m ON l.awardee=m.username WHERE l.id IN($id)");
while ($rt = $db->fetch_array($rs)){
Add_S($rt);
$medal = $rt['level'];
$reason = $rt['why'];
if($rt['medals'] && strpos(",$rt[medals],",",$medal,")!==false){
continue;
} elseif($rt['medals']){
$medals="$rt[medals],$medal";
} else{
$medals=$medal;
}
if($md_ifmsg){
$message=array(
$rt['username'],
$winduid,
'metal_add',
$timestamp,
"metal_add_content",
'',
$windid
);
writenewmsg($message,1);
}
$medals==',' && $medals='';
$db->update("UPDATE pw_members SET medals='$medals' WHERE uid='$rt[uid]'");
}
$db->free_result();
unset($medal,$medals,$reason);
$db->update("UPDATE pw_medalslogs SET awarder='$windid',awardtime='$timestamp',action='1' WHERE id IN($id)");
updatemedal_list();
refreshto("$basename&action=approve",'operate_success');
} elseif($job=='del'){
$id = GetGP('id');
require_once(R_P.'require/msg.php');
if(is_array($id)){
foreach($id as $key=>$val){
$val = (int)$val;
if($val){
$id[$key] = $val;
}else{
unset($id[$key]);
}
}
if(count($id)){
$id = implode(',',$id);
if($md_ifmsg){
$query = $db->query("SELECT awardee,level,why FROM pw_medalslogs WHERE id IN($id)");
while($rt = $db->fetch_array($query)){
$medal = $rt['level'];
$reason = $rt['why'];
$message=array(
$rt['awardee'],
$winduid,
'metal_refuse',
$timestamp,
"metal_refuse_content",
'',
$windid
);
writenewmsg($message,1);
}
}
$db->update("DELETE FROM pw_medalslogs WHERE id IN($id)");
}else{
Showmsg('medal_iderror');
}
} else{
$id = (int)$id;
!$id && Showmsg('medal_iderror');
if($md_ifmsg){
$rt = $db->get_one("SELECT awardee,level,why FROM pw_medalslogs WHERE id='$id'");
!$rt && Showmsg('medal_iderror');
$medal = $rt['level'];
$reason = $rt['why'];
$message=array(
$rt['awardee'],
$winduid,
'metal_refuse',
$timestamp,
"metal_refuse_content",
'',
$windid
);
writenewmsg($message,1);
}
$db->update("DELETE FROM pw_medalslogs WHERE id='$id'");
}
refreshto("$basename&action=approve",'operate_success');
}else{
Showmsg('illegal_request');
}
}else{
Showmsg('illegal_request');
}
function updatemedal_list(){
global $db;
$query = $db->query("SELECT uid,medals FROM pw_members WHERE medals!=''");
$medaldb = '<?php die;?>0';
while($rt=$db->fetch_array($query)){
if(str_replace(',','',$rt['medals'])){
$medaldb .= ','.$rt['uid'];
}
}
writeover(D_P.'data/bbscache/medals_list.php',$medaldb);
}
?>