www.gusucode.com > ShopEx481 & PHPWind 整合版码程序 > bbs/pw_ajax.php
<?php
define('AJAX','1');
require_once('global.php');
InitGP(array('action'));
if(!$windid && !in_array($action,array('login','showface','showsmile'))){
Showmsg('not_login');
}
if($action=='leaveword'){
!$_G['leaveword'] && Showmsg('leaveword_right');
if(!$_POST['step']){
InitGP(array('pid'));
$tpc = $db->get_one("SELECT authorid,ptable FROM pw_threads WHERE tid='$tid'");
if($tpc['authorid']!=$winduid){
Showmsg('leaveword_error');
}
$pw_posts = GetPtable($tpc['ptable']);
$rt = $db->get_one("SELECT leaveword FROM $pw_posts WHERE pid='$pid' AND tid='$tid'");
$reason_sel = '';
$reason_a = explode("\n",$db_adminreason);
foreach($reason_a as $k=>$v){
if($v=trim($v)){
$reason_sel .= "<option value=\"$v\">$v</option>";
} else{
$reason_sel .= "<option value=\"\">-------</option>";
}
}
$rt['leaveword'] = str_replace(' ',' ',$rt['leaveword']);
require_once PrintEot('ajax');ajax_footer();
} else{
InitGP(array('pid','atc_content','ifmsg'),'P',1);
$tpc = $db->get_one("SELECT t.authorid,t.ptable,f.forumadmin,f.fupadmin FROM pw_threads t LEFT JOIN pw_forums f USING(fid) WHERE t.tid='$tid'");
if($tpc['authorid']!=$winduid && !CkInArray($windid,$manager) && !admincheck($tpc['forumadmin'],$tpc['fupadmin'],$windid)){
Showmsg('leaveword_error');
}
require_once(R_P.'require/bbscode.php');
$atc_content = str_replace('=','=',$atc_content);
if($db_charset!='utf-8'){
$atc_content = ajax_convert($atc_content,$db_charset);
}
$ptable = $tpc['ptable'];
$content = convert($atc_content,$db_windpost);
$sqladd = $atc_content == $content ? '' : ",ifconvert='2'";
$pw_posts = GetPtable($ptable);
if($ifmsg && !empty($atc_content)){
require_once(R_P.'require/msg.php');
include_once(D_P.'data/bbscache/forum_cache.php');
$atc = $db->get_one("SELECT author,fid,subject,content,postdate FROM $pw_posts WHERE pid='$pid' AND tid='$tid'");
!$atc['subject'] && $atc['subject']=substrs($atc['content'],35);
$msg = array(
$atc['author'],
0,
'leaveword_title',
$timestamp,
'leaveword_content',
'N',
'SYSTEM',
'fid' => $atc['fid'],
'tid' => $tid,
'author' => $windid,
'subject' => $atc['subject'],
'postdate' => get_date($atc['postdate']),
'forum' => strip_tags($forum[$atc['fid']]['name']),
'affect' => '',
'admindate' => get_date($timestamp),
'reason' => $atc_content
);
writenewmsg($msg,1);
}
$db->update("UPDATE $pw_posts SET leaveword='$atc_content' $sqladd WHERE pid='$pid' AND tid='$tid'");
echo "success\t".str_replace(array("\n","\t"),array('<br />',''),stripslashes($content));
ajax_footer();
}
} elseif($action=='favor'){
$rs = $db->get_one("SELECT tids,type FROM pw_favors WHERE uid='$winduid'");
if($rs){
$count = 0;
$tiddb = getfavor($rs['tids']);
foreach($tiddb as $key=>$t){
if(is_array($t))$count+=count($t);
}
if($count>$_G['maxfavor']){
Showmsg('job_favor_full');
}
foreach($tiddb as $key=>$t){
if(in_array($tid,$t)){
Showmsg('job_favor_error');
}
}
InitGP(array('type'));
if($rs['type'] && !isset($type)){
$typeid = explode(',',$rs['type']);
require_once PrintEot('ajax');ajax_footer();
}
$read = $db->get_one("SELECT subject FROM pw_threads WHERE tid='$tid'");
!$read && Showmsg('data_error');
require_once(R_P.'require/posthost.php');
PostHost("http://push.phpwind.com/push.php?type=collect&url=".rawurlencode("$db_bbsurl/read.php?tid=$tid")."&tocharset=$db_charset&title=".rawurlencode($read['subject'])."&bbsname=".rawurlencode($db_bbsname),"");
$type = (int)$type;
$tiddb[$type][] = $tid;
$newtids = makefavor($tiddb);
$db->update("UPDATE pw_favors SET tids='$newtids' WHERE uid='$winddb[uid]'");
} else{
$db->update("INSERT INTO pw_favors(uid,tids) VALUES('$winddb[uid]','$tid')");
}
Showmsg('job_favor_success');
} elseif($action=='tag'){
$cachetime = @filemtime(D_P."data/bbscache/tagdb.php");
if(!file_exists(D_P."data/bbscache/tagdb.php") || $timestamp-$cachetime>3600){
$tagnum=max($db_tagindex,200);
$tagdb = array();
$query = $db->query("SELECT * FROM pw_tags WHERE ifhot='0' ORDER BY num DESC LIMIT $tagnum");
while($rs = $db->fetch_array($query)){
$tagdb[$rs['tagname']] = $rs['num'];
}
writeover(D_P."data/bbscache/tagdb.php","<?php\r\n\$tagdb=".pw_var_export($tagdb).";\r\n?>");
} else{
include_once(D_P."data/bbscache/tagdb.php");
}
foreach($tagdb as $key=>$num){
echo $key.','.$num."\t";
}
ajax_footer();
} elseif($action=='relatetag'){
InitGP(array('tagname'));
$rs = $db->get_one("SELECT tagid,num FROM pw_tags WHERE tagname='$tagname'");
if(!$rs || $rs['num']<1){
Showmsg('tag_limit');
}
$query = $db->query("SELECT tg.tid,t.subject FROM pw_tagdata tg LEFT JOIN pw_threads t USING(tid) WHERE tg.tagid='$rs[tagid]' LIMIT 5");
$readdb = array();
while($rt = $db->fetch_array($query)){
$rt['subject'] = substrs($rt['subject'],65);
$readdb[] = $rt;
}
require_once PrintEot('ajax');ajax_footer();
} elseif($action=='deldownfile'){
InitGP(array('aid','pid','page'));
(!$tid || !is_numeric($aid)) && Showmsg('job_attach_error');
if(is_numeric($pid)){
$table = $pw_posts = GetPtable('N',$tid);
$where = "pid='$pid'";
$post = $db->get_one("SELECT fid,tid,aid AS oldaid,authorid FROM $pw_posts WHERE pid='$pid'");
} else{
$table = $pw_tmsgs = GetTtable($tid);
$where = "tid='$tid'";
$post = $db->get_one("SELECT t.tid,t.fid,t.authorid,t.ptable,tm.aid AS oldaid FROM pw_threads t LEFT JOIN $pw_tmsgs tm USING(tid) WHERE t.tid='$tid'");
$pw_posts = GetPtable($post['ptable']);
}
$tid = $post['tid'];
$fid = $post['fid'];
$attach = unserialize(stripslashes($post['oldaid']));
$attachurl='';
!$attach[$aid] && Showmsg('job_attach_error');
@extract($attach[$aid]);
if(!$attachurl || strpos($attachurl,'..')!==false){
Showmsg('job_attach_error');
}
require_once(R_P.'require/forum.php');
require_once(R_P.'require/updateforum.php');
$foruminfo=$db->get_one("SELECT name,f_type,style,password,allowvisit,forumadmin,fupadmin,allowhtm,cms FROM pw_forums WHERE fid='$fid'");
!$foruminfo && Showmsg('data_error');
wind_forumcheck($foruminfo);
/*
* 获取管理权限
*/
if(CkInArray($windid,$manager) || admincheck($foruminfo['forumadmin'],$foruminfo['fupadmin'],$windid)){
$admincheck=1;
} elseif($SYSTEM['delattach']){
if(!$SYSTEM['rightwhere'] || strpos(",".$SYSTEM['rightwhere'].",",",".$fid.",")!==false){
$admincheck=1;
} else{
$admincheck=0;
}
} else{
$admincheck=0;
}
if($groupid!='guest' && ($admincheck || $post['authorid']==$winduid)){
$a_url=geturl($attachurl);
if($a_url[1]=='Local'){
P_unlink("$attachdir/$attachurl");
$ifthumb && P_unlink("$attachdir/thumb/$attachurl");
} elseif($db_ifftp && $a_url[1]=='Ftp'){
require_once(R_P.'require/ftp.php');
$ftp = new FTP($ftp_server,$ftp_port,$ftp_user,$ftp_pass,$ftp_dir);
$ftp->delete($attachurl);
$ifthumb && $ftp->delete("thumb/$attachurl");
$ftp->close();
unset($ftp);
}
$attach=unserialize(stripslashes($post['oldaid']));
unset($attach[$aid]);
if($attach){
$attach=addslashes(serialize($attach));
} else{
$attach='';
}
$db->update("UPDATE $table SET aid='$attach' WHERE $where");
$db->update("DELETE FROM pw_attachs WHERE aid='$aid'");
$ifupload=getattachtype($tid);
$db->update("UPDATE pw_threads SET ifupload='$ifupload' WHERE tid='$tid'");
if($foruminfo['allowhtm'] && $page==1){
require_once(R_P.'require/template.php');
}
echo 'success';ajax_footer();
} else{
Showmsg('job_attach_right');
}
} elseif($action=='draft'){
!$_G['maxgraft'] && Showmsg('draft_right');
if(!$_POST['step']){
$db_showperpage = 5;
$page = (int)GetGP('page');
(!is_numeric($page) || $page<1) && $page = 1;
$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_draft WHERE uid='$winduid'");
$maxpage = ceil($rt['sum']/$db_showperpage);
$maxpage && $page > $maxpage && $page = $maxpage;
$limit = "LIMIT ".($page-1)*$db_showperpage.",$db_showperpage";
$query = $db->query("SELECT * FROM pw_draft WHERE uid='$winduid' $limit");
if($db->num_rows($query)==0){
Showmsg('draft_error');
}
$drdb = array();
while($rt = $db->fetch_array($query)){
$drdb[] = $rt;
}
require_once PrintEot('ajax');ajax_footer();
} elseif($_POST['step']==2){
InitGP(array('atc_content'),'P',1);
!$atc_content && Showmsg('content_empty');
$atc_content = str_replace('%26','&',$atc_content);
if($db_charset!='utf-8'){
$atc_content = ajax_convert($atc_content,$db_charset);
}
$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_draft WHERE uid='$winduid'");
if($rt['sum']>=$_G['maxgraft']){
Showmsg('draft_full');
}
$db->update("INSERT INTO pw_draft(uid,content) VALUES('$winduid','$atc_content')");
Showmsg('save_success');
} elseif($_POST['step']==3){
InitGP(array('atc_content','did'),'P',1);
!$atc_content && Showmsg('content_empty');
if($db_charset!='utf-8'){
$atc_content = ajax_convert($atc_content,$db_charset);
}
$db->update("UPDATE pw_draft SET content='$atc_content' WHERE uid='$winduid' AND did='$did'");
Showmsg('update_success');
} else{
InitGP(array('did'));
$db->update("DELETE FROM pw_draft WHERE uid='$winduid' AND did='$did'");
Showmsg('delete_success');
}
} elseif($action=='login'){
if(file_exists(D_P."data/style/$skin.php") && strpos($skin,'..')===false){
@include Pcv(D_P."data/style/$skin.php");
} elseif(file_exists(D_P."data/style/$db_defaultstyle.php") && strpos($db_defaultstyle,'..')===false){
@include Pcv(D_P."data/style/$db_defaultstyle.php");
} else{
@include(D_P."data/style/wind.php");
}
$groupid!='guest' && Showmsg('login_have');
list(,$loginq) = explode("\t",$db_qcheck);
($db_gdcheck & 2) && GdConfirm($_POST['gdcode']);
require_once(R_P.'require/showimg.php');
require_once(R_P.'require/checkpass.php');
include_once(D_P.'data/bbscache/dbreg.php');
include_once(D_P.'data/bbscache/level.php');
InitGP(array('pwuser','pwpwd','question','customquest','answer','cktime','hideid','jumpurl','lgt'),'P');
if($db_charset!='utf-8'){
$pwuser = ajax_convert($pwuser,$db_charset);
$pwpwd = ajax_convert($pwpwd,$db_charset);
$customquest= ajax_convert($customquest,$db_charset);
$answer = ajax_convert($answer,$db_charset);
$_POST['qanswer'] && $_POST['qanswer'] = ajax_convert($_POST['qanswer'],$db_charset);
}
$loginq && Qcheck($_POST['qanswer'],$_POST['qkey']);
if($pwuser && $pwpwd){
$md5_pwpwd=md5($pwpwd);
$safecv=$db_ifsafecv ? questcode($question,$customquest,$answer) : '';
list($winduid,$groupid,$pwpwd) = checkpass($pwuser,$md5_pwpwd,$safecv,$lgt);
} else{
Showmsg('login_empty');
}
if(file_exists(D_P."data/groupdb/group_$groupid.php")){
require_once Pcv(D_P."data/groupdb/group_$groupid.php");
} else{
require_once(D_P."data/groupdb/group_1.php");
}
$windpwd = $pwpwd;
$cktime != 0 && $cktime += $timestamp;
Cookie("winduser",StrCode($winduid."\t".$windpwd."\t".$safecv),$cktime);
Cookie('lastvisit','',0);
if($db_autoban){
require_once(R_P.'require/autoban.php');
autoban($winduid);
}
($gp_allowhide && $hideid) ? Cookie('hideid',"1",$cktime) : Loginipwrite($winduid);
list($db_moneyname,$db_moneyunit,$db_rvrcname,$db_rvrcunit,$db_creditname,$db_creditunit)=explode("\t",$db_credits);
$winddb = $db->get_one("SELECT * FROM pw_members m LEFT JOIN pw_memberdata md USING(uid) WHERE m.uid='$winduid'");
list($faceurl) = showfacedesign($winddb['icon'],1);
$lastlodate = get_date($winddb['lastvisit'],'Y-m-d');
$userrvrc = (int)($winddb['rvrc']/10);
$level = $ltitle[$groupid];
$loginouturl = PwEncodeUrl("login.php?action=quit");
require_once PrintEot('ajax');ajax_footer();
} elseif($action=='msg'){
$gp_allowmessege == 0 && Showmsg('msg_group_right');
if($gp_postpertime || $_G['maxsendmsg']){
$rp = $db->get_one("SELECT COUNT(*) AS tdmsg,MAX(mdate) AS lastwrite FROM pw_msg WHERE fromuid='$winduid' AND mdate>'$tdtime'");
if($gp_postpertime && $timestamp - $rp['lastwrite'] <= $gp_postpertime){
Showmsg('msg_limit');
} elseif($_G['maxsendmsg'] && $rp['tdmsg']>=$_G['maxsendmsg']){
Showmsg('msg_num_limit');
}
}
list(,,,$msgq) = explode("\t",$db_qcheck);
if(!$_POST['step']){
InitGP(array('touid'));
$reinfo = $db->get_one("SELECT username FROM pw_members WHERE uid='$touid'");
require_once PrintEot('ajax');ajax_footer();
} else{
($db_gdcheck & 8) && GdConfirm($_POST['gdcode']);
InitGP(array('msg_title','atc_content','pwuser'),'P');
$msg_title = Char_cv(trim($msg_title));
$atc_content = Char_cv(trim($atc_content));
if(!$atc_content || !$msg_title || !$pwuser){
Showmsg('msg_empty');
} elseif(strlen($msg_title)>75 || strlen($atc_content)>1500){
Showmsg('msg_subject_limit');
}
if($db_charset!='utf-8'){
$pwuser = ajax_convert($pwuser,$db_charset);
$msg_title = ajax_convert($msg_title,$db_charset);
$atc_content = ajax_convert($atc_content,$db_charset);
$_POST['qanswer'] && $_POST['qanswer'] = ajax_convert($_POST['qanswer'],$db_charset);
}
if(@include(D_P."data/bbscache/wordsfb.php")){
foreach($wordsfb as $key => $value){
$banword = (string) stripslashes($key);
if(strpos($msg_title,$banword)!==false){
Showmsg('title_wordsfb');
} elseif(strpos($atc_content,$banword)!==false){
Showmsg('content_wordsfb');
}
}
foreach($replace as $key => $value){
$banword = (string) stripslashes($key);
if(strpos($msg_title,$banword)!==false){
Showmsg('post_wordsfb');
}
}
}
$msgq && Qcheck($_POST['qanswer'],$_POST['qkey']);
$rt = $db->get_one("SELECT uid,banpm,msggroups FROM pw_members WHERE username='$pwuser'");
if(!$rt){
$errorname = Char_cv($pwuser);
Showmsg('user_not_exists');
}
if($rt['msggroups'] && strpos($rt['msggroups'],",$groupid,")!==false || strpos(",$rt[banpm],",",$windid,")!==false){
$errorname = Char_cv($pwuser);
Showmsg('msg_refuse');
}
require_once(R_P.'require/msg.php');
$msg = array(
$pwuser,
$winduid,
$msg_title,
$timestamp,
$atc_content,
'N',
$windid
);
writenewmsg($msg);
Showmsg('send_success');
}
} elseif($action=='usetool'){
$tooldb = array();
$i = $j = 0;
$query = $db->query("SELECT t.id,t.name,t.filename,t.descrip,u.nums FROM pw_tools t LEFT JOIN pw_usertool u ON t.id=u.toolid AND u.uid='$winduid' WHERE t.state='1' AND t.type='1' ORDER BY vieworder");
while($rt = $db->fetch_array($query)){
$rt['nums']=(int)$rt['nums'];
$tooldb[$i][$j] = $rt;
$j++;
if($j>1){
$i++;$j=0;
}
}
require_once PrintEot('ajax');ajax_footer();
} elseif($action=='usertool'){
//道具帖子类
$uid = (int)GetGP('uid');
!$uid && Showmsg('undefined_action');
$i = $j = 0;
$query = $db->query("SELECT t.id,t.name,t.filename,t.descrip,u.nums FROM pw_tools t LEFT JOIN pw_usertool u ON t.id=u.toolid AND u.uid='$winduid' WHERE state='1' AND type='2' ORDER BY vieworder");
while($rt = $db->fetch_array($query)){
$rt['nums']=(int)$rt['nums'];
$tooldb[$i][$j] = $rt;
$j++;
if($j>1){
$i++;$j=0;
}
}
require_once PrintEot('ajax');ajax_footer();
} elseif($action=='dig'){
!$_G['dig'] && Showmsg("dig_right");
$read = $db->get_one("SELECT t.author,t.subject,t.dig,f.forumset FROM pw_threads t LEFT JOIN pw_forumsextra f USING(fid) WHERE tid='$tid'");
!$read && Showmsg('data_error');
$forumset = unserialize($read['forumset']);
!$forumset['dig'] && Showmsg('forum_dig_allow');
$rt = $db->get_one("SELECT uid,digtid FROM pw_memberinfo WHERE uid='$winduid'");
Add_S($rt);
if(strpos(",$rt[digtid],",",$tid,")===false){
$read['dig']++;
$db->update("UPDATE pw_threads SET dig=dig+1 WHERE tid='$tid'");
if($rt){
strlen($rt['digtid'])>2000 && $rt['digtid'] = '';
$rt['digtid'] .= ($rt['digtid'] ? ',' : '').$tid;
$db->update("UPDATE pw_memberinfo SET digtid='$rt[digtid]' WHERE uid='$winduid'");
} else{
$db->update("INSERT INTO pw_memberinfo (uid,digtid) VALUES('$winduid','$tid')");
}
require_once(R_P.'require/posthost.php');
PostHost("http://push.phpwind.com/push.php?type=dig&url=".rawurlencode("$db_bbsurl/read.php?tid=$tid")."&tocharset=$db_charset&title=".rawurlencode($read['subject'])."&bbsname=".rawurlencode($db_bbsname),"");
Showmsg('dig_success');
} else{
Showmsg("dig_limit");
}
} elseif($action=='extend'){
InitGP(array('type'));
if($type=='pwcode'){
$code = array();
$query = $db->query("SELECT * FROM pw_windcode");
while($rt = $db->fetch_array($query)){
$rt['descrip'] = str_replace("\n","|",$rt['descrip']);
$code[] = $rt;
}
} else{
@include_once(D_P.'data/bbscache/setform.php');
$id = (int)GetGP('id');
$setform = array();
if(isset($setformdb[$id])){
$setform = $setformdb[$id];
}
}
require_once PrintEot('ajax');ajax_footer();
} elseif($action=='sharelink'){
!$db_ifselfshare && Showmsg("sharelink_colse");
if(!$_POST['step']){
require_once PrintEot('ajax');ajax_footer();
} else{
InitGP(array('linkname','linkurl','linkdescrip','linklogo'),'P',1);
(!$linkname || !$linkurl) && Showmsg('sharelink_link_empty');
!$linkdescrip && $linkdescrip = '';
!$linklogo && $linklogo = '';
$linkurl = strtolower($linkurl);
substr($linkurl,0,7)!="http://" && Showmsg('sharelink_link_error');
$rs=$db->get_one("SELECT sid FROM pw_sharelinks WHERE username='$windid'");
$rs && Showmsg('sharelink_apply_limit');
if($db_charset!='utf-8'){
$linkname = ajax_convert($linkname,$db_charset);
$linkdescrip = ajax_convert($linkdescrip,$db_charset);
}
$db->update("INSERT INTO pw_sharelinks(name,url,descrip,logo,ifcheck,username) VALUES('$linkname','$linkurl','$linkdescrip','$linklogo','0','$windid')");
Showmsg("sharelink_success");
}
} elseif($action=='showface'){
InitGP(array('page'));
(!is_numeric($page) || $page < 1) && $page=1;
$pre_page = $page-1;
$next_page = $page+1;
$db_perpage = 20;
$img = @opendir("$imgdir/face");
$imagearray = @readdir($img);
$imgselect = "<span onClick=\"showimage('$imgpath','none.gif')\" class=\"fl face\"><img src='$imgpath/face/none.gif' width=\"50\" height=\"50\"></span>";
$num = 0;
while ($imagearray = @readdir($img)) {
if ($imagearray != "." && $imagearray != ".." && $imagearray != "" && $imagearray != "none.gif" && eregi("\.(gif|jpg|png|bmp)$",$imagearray)) {
++$num;
if ($num > ($page-1)*$db_perpage && $num < $page*$db_perpage) {
$imgselect .= "<span onClick=\"showimage('$imgpath','$imagearray')\" class=\"fl face\"><img src='$imgpath/face/$imagearray' width=\"50\" height=\"50\"></span>";
}
}
}
@closedir($img);
require_once PrintEot('ajax');ajax_footer();
} elseif($action=='newrp'){
if($db_replysitemail && $winddb['newrp']){
include_once(D_P.'data/bbscache/forum_cache.php');
$rt=$db->get_one("SELECT replyinfo FROM pw_memberinfo WHERE uid='$winduid'");
$rt['replyinfo']=substr($rt['replyinfo'],1,-1);
$replydb=array();
$query=$db->query("SELECT tid,fid,subject,postdate,lastpost FROM pw_threads WHERE tid IN($rt[replyinfo]) LIMIT 20");
if($db->num_rows($query)==0){
Showmsg('newrp_error');
}
while($rt=$db->fetch_array($query)){
$rt['subject']=substrs($rt['subject'],55);
$rt['fname']=$forum[$rt['fid']]['name'];
$rt['lastpost']=get_date($rt['lastpost'],'Y-m-d');
$replydb[]=$rt;
}
require_once PrintEot('ajax');ajax_footer();
} else{
Showmsg('newrp_error');
}
} elseif($action=='delnewrp'){
!$tid && Showmsg('data_error');
$rt = $db->get_one("SELECT replyinfo FROM pw_memberinfo WHERE uid='$winduid'");
$rt['replyinfo'] = str_replace(",$tid,",',',$rt['replyinfo']);
$rt['replyinfo'] == ',' && $rt['replyinfo'] = '';
$db->update("UPDATE pw_memberinfo SET replyinfo='$rt[replyinfo]' WHERE uid='$winduid'");
$db->update("UPDATE pw_threads SET ifmail='0' WHERE tid='$tid'");
if($winddb['newrp'] && !$rt['replyinfo']){
$db->update("UPDATE pw_members SET newrp='0' WHERE uid='$winduid'");
}
Showmsg('operate_success');
} elseif($action=='addfriend'){
$touid = (int)GetGP('touid');
if($touid==$winduid){
Showmsg('friend_selferror');
}
$rt = $db->get_one("SELECT uid,username FROM pw_members WHERE uid='$touid'");
if(!$rt){
$errorname = $touid;
Showmsg('user_not_exists');
}
$rs = $db->get_one("SELECT uid FROM pw_friends WHERE uid='$winduid' AND friendid='$rt[uid]'");
if($rs){
Showmsg('friend_already_exists');
}
$db->update("INSERT INTO pw_friends(uid,friendid,joindate) VALUES('$winduid','$rt[uid]','$timestamp')");
Showmsg('friend_update_success');
} elseif($action == 'showsmile'){
InitGP(array('subjectid','page','type'));
$u = "http://dm.phpwind.net/misc";
$subjectid = (int)$subjectid;
(!is_numeric($page) || $page<1) && $page = 1;
$s = '300.xml';
if($type == 'general'){
$s = $subjectid ? $subjectid.'_'.$page.'.xml' : '300.xml';
} elseif($type == 'magic'){
$s = $subjectid ? $subjectid.'_'.$page.'.xml' : '200.xml';
}
$cachefile = D_P."data/bbscache/myshow_{$s}";
if(!file_exists($cachefile) || $timestamp - @filemtime($cachefile) > 43200){
$data = '';
if($subjectid){
$url = "$u/list/$s?$timestamp";
} else{
$url = "$u/menu/$s?$timestamp";
}
require_once(R_P.'require/posthost.php');
$data = PostHost($url);
if($data && strpos($data,'<?xml')!==false){
writeover($cachefile,$data);
}
writeover($cachefile,$data);
}
header("Content-Type: text/xml; charset=UTF-8");
$data = readover($cachefile);
echo $data;
exit;
} elseif($action == 'honor'){
!$gp_allowhonor && Showmsg('undefined_action');
if(!$_POST['step']){
require_once PrintEot('ajax');ajax_footer();
} else{
InitGP(array('content'),'P',1);
if($db_charset!='utf-8'){
$content = ajax_convert($content,$db_charset);
}
$content = str_replace("\n",'',$content);
strlen($content)>100 && $content = substrs($content,100);
$db->update("UPDATE pw_members SET honor='$content' WHERE uid='$winduid'");
echo "success\t".stripslashes($content);ajax_footer();
}
} elseif($action == 'readlog'){
$readlog = explode(',',GetCookie('readlog'));
@krsort($readlog);
$tids = '';
$i = 0;
foreach($readlog as $key=>$value){
if(is_numeric($value)){
$tids .= ($tids ? ',' : '').$value;
if(++$i>9) break;
}
}
Cookie('readlog',",$tids,");
!$tids && Showmsg('data_error');
include_once(D_P.'data/bbscache/forum_cache.php');
$readb = array();
$query = $db->query("SELECT t.tid,t.fid,t.subject,t.author,t.authorid,t.anonymous,f.f_type,f.password,f.allowvisit FROM pw_threads t LEFT JOIN pw_forums f USING(fid) WHERE t.tid IN($tids)");
while($rt = $db->fetch_array($query)){
if(empty($rt['password']) && $rt['f_type']<>'hidden' && (empty($rt['allowvisit']) || allowcheck($rt['allowvisit'],$groupid,$winddb['groups']))){
if ($rt['anonymous'] && !in_array($groupid,array('3','4')) && $rt['authorid']<>$winduid) {
$rt['author'] = $db_anonymousname;
$rt['authorid'] = 0;
}
$readb[] = $rt;
}
}
require_once PrintEot('ajax');ajax_footer();
} elseif($action == 'threadlog'){
$threadlog = explode(',',GetCookie('threadlog'));
@krsort($threadlog);
$fids = ',';
$i = 0;
foreach($threadlog as $key=>$value){
if(is_numeric($value)){
$fids .= $value.',';
if(++$i>9) break;
}
}
Cookie('threadlog',$fids);
include_once(D_P.'data/bbscache/forum_cache.php');
$threaddb = array();
foreach($forum as $key=>$value){
if(in_array($key,$threadlog)){
$threaddb[$key] = $value['name'];
}
}
require_once PrintEot('ajax');ajax_footer();
}
function getfavor($tids){
$tids=explode('|',$tids);
$tiddb=array();
foreach($tids as $key=>$t){
if($t){
$v=explode(',',$t);
foreach($v as $k=>$v1){
$tiddb[$key][$v1]=$v1;
}
}
}
return $tiddb;
}
function makefavor($tiddb){
$newtids=$ex='';
$k=0;
ksort($tiddb);
foreach($tiddb as $key=>$val){
$new_tids='';
rsort($val);
if($key!=$k){
$s=$key-$k;
for($i=0;$i<$s;$i++){
$newtids .='|';
}
}
foreach($val as $k=>$v){
is_numeric($v) && $new_tids .= $new_tids ? ','.$v : $v;
}
$newtids .= $ex.$new_tids;
$k=$key+1;
$ex='|';
}
return $newtids;
}
?>