本文整理汇总了PHP中flood_control函数的典型用法代码示例。如果您正苦于以下问题:PHP flood_control函数的具体用法?PHP flood_control怎么用?PHP flood_control使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了flood_control函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: send_pm
function send_pm($to, $from, $subject, $message, $smileys = "y")
{
// Pimped
global $settings;
include LOCALE . LOCALESET . "messages.php";
require_once INCLUDES . "sendmail_include.php";
require_once INCLUDES . "flood_include.php";
$msg_settings = dbarray(dbquery("SELECT pm_inbox, pm_email_notify FROM " . DB_MESSAGES_OPTIONS . " WHERE user_id='0'"));
$error = 0;
if ($from === "0" || !flood_control("message_datestamp", DB_MESSAGES, "message_from='" . $from . "'")) {
// Pimped
$result = dbquery("SELECT u.user_id, u.user_name, u.user_email, mo.pm_email_notify, COUNT(message_id) as message_count FROM " . DB_USERS . " u\r\n\t\t\tLEFT JOIN " . DB_MESSAGES_OPTIONS . " mo USING(user_id)\r\n\t\t\tLEFT JOIN " . DB_MESSAGES . " ON message_to=u.user_id AND message_folder='0'\r\n\t\t\tWHERE u.user_id=" . _db($to) . " GROUP BY u.user_id");
if (dbrows($result)) {
$data = dbarray($result);
$result = dbquery("SELECT user_id, user_name FROM " . DB_USERS . " WHERE user_id=" . _db($from));
if ($from === "0" || dbrows($result)) {
// Pimped
if ($from === "0") {
$userdata['user_id'] = "0";
$userdata['user_name'] = "System";
} else {
$userdata = dbarray($result);
}
if ($to != $from) {
if ($msg_settings['pm_inbox'] == "0" || $data['message_count'] + 1 <= $msg_settings['pm_inbox']) {
# Pimped: ->
$search = array("{SITETITLE}", "{SENDER}", "{RECEIVER}");
$replace = array($settings['sitename'], $userdata['user_name'], $data['user_name']);
$message = str_replace($search, $replace, $message);
$subject = str_replace($search, $replace, $subject);
# <-
$result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES(" . _db($data['user_id']) . ", " . _db($userdata['user_id']) . ", " . _db($subject) . ", " . _db($message) . ", " . _db($smileys) . ", '0', '" . time() . "', '0')");
$message_content = str_replace("[SUBJECT]", $subject, $locale['626']);
$message_content = str_replace("[USER]", $userdata['user_name'], $message_content);
$send_email = isset($data['pm_email_notify']) ? $data['pm_email_notify'] : $msg_settings['pm_email_notify'];
if ($send_email == "1") {
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'] . $message_content);
}
} else {
// Inbox is full
$error = 1;
}
} else {
// Reciever and sender are the same user
$error = 2;
}
} else {
// Sender does not exist in DB
$error = 3;
}
} else {
// Reciever does not exist in DB
$error = 4;
}
} else {
// Floodcontrol exceeded
$error = 5;
}
return $error;
}示例2: send_pm
function send_pm($to, $from, $subject, $message, $smileys = "y")
{
global $settings;
include LOCALE . LOCALESET . "messages.php";
require_once INCLUDES . "sendmail_include.php";
require_once INCLUDES . "flood_include.php";
$msg_settings = dbarray(dbquery("SELECT pm_inbox, pm_email_notify FROM " . DB_MESSAGES_OPTIONS . " WHERE user_id='0'"));
$smileys = preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $message) ? "n" : $smileys;
$error = 0;
if (!flood_control("message_datestamp", DB_MESSAGES, "message_from='" . $from . "'")) {
$result = dbquery("SELECT u.user_id, u.user_name, u.user_email, u.user_level, mo.pm_email_notify, COUNT(message_id) as message_count FROM " . DB_USERS . " u\r\n\t\t\tLEFT JOIN " . DB_MESSAGES_OPTIONS . " mo USING(user_id)\r\n\t\t\tLEFT JOIN " . DB_MESSAGES . " ON message_to=u.user_id AND message_folder='0'\r\n\t\t\tWHERE u.user_id='{$to}' GROUP BY u.user_id");
if (dbrows($result)) {
$data = dbarray($result);
$result = dbquery("SELECT user_id, user_name FROM " . DB_USERS . " WHERE user_id='" . $from . "'");
if (dbrows($result)) {
$userdata = dbarray($result);
if ($to != $from) {
if ($data['user_id'] == 1 || $data['user_level'] > 101 || $msg_settings['pm_inbox'] == "0" || $data['message_count'] + 1 <= $msg_settings['pm_inbox']) {
$result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES('" . $data['user_id'] . "','" . $userdata['user_id'] . "','" . $subject . "','" . $message . "','" . $smileys . "','0','" . time() . "','0')");
$send_email = isset($data['pm_email_notify']) ? $data['pm_email_notify'] : $msg_settings['pm_email_notify'];
if ($send_email == "1") {
$message_content = str_replace("[SUBJECT]", $subject, $locale['626']);
$message_content = str_replace("[USER]", $userdata['user_name'], $message_content);
$template_result = dbquery("SELECT template_key, template_active FROM " . DB_EMAIL_TEMPLATES . " WHERE template_key='PM' LIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
sendemail_template("PM", $subject, trimlink($message, 150), $userdata['user_name'], $data['user_name'], "", $data['user_email']);
} else {
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'] . $message_content);
}
} else {
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'] . $message_content);
}
}
} else {
// Inbox is full
$error = 1;
}
} else {
// Reciever and sender are the same user
$error = 2;
}
} else {
// Sender does not exist in DB
$error = 3;
}
} else {
// Reciever does not exist in DB
$error = 4;
}
} else {
// Floodcontrol exceeded
$error = 5;
}
return $error;
}示例3: dbquery
}
$caption = $fdata['forum_cat_name'] . " :: <a href='viewforum.php?forum_id=" . $fdata['forum_id'] . "'>" . $fdata['forum_name'] . "</a>";
if (iMEMBER && isset($_POST['cast_vote']) && (isset($_POST['poll_option']) && isnum($_POST['poll_option']))) {
$result = dbquery("SELECT * FROM " . DB_FORUM_POLL_VOTERS . " WHERE forum_vote_user_id='" . $userdata['user_id'] . "' AND thread_id='" . $_GET['thread_id'] . "'");
if (!dbrows($result)) {
$result = dbquery("UPDATE " . DB_FORUM_POLL_OPTIONS . " SET forum_poll_option_votes=forum_poll_option_votes+1 WHERE thread_id='" . $_GET['thread_id'] . "' AND forum_poll_option_id='" . $_POST['poll_option'] . "'");
$result = dbquery("UPDATE " . DB_FORUM_POLLS . " SET forum_poll_votes=forum_poll_votes+1 WHERE thread_id='" . $_GET['thread_id'] . "'");
$result = dbquery("INSERT INTO " . DB_FORUM_POLL_VOTERS . " (thread_id, forum_vote_user_id, forum_vote_user_ip) VALUES ('" . $_GET['thread_id'] . "', '" . $userdata['user_id'] . "', '" . USER_IP . "')");
}
redirect(FUSION_SELF . "?thread_id=" . $_GET['thread_id']);
}
if (iMEMBER && $can_reply && !$fdata['thread_locked'] && isset($_POST['postquickreply'])) {
$message = stripinput(censorwords($_POST['message']));
if ($message != "") {
require_once INCLUDES . "flood_include.php";
if (!flood_control("post_datestamp", DB_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
$sig = $userdata['user_sig'] ? '1' : '0';
$smileys = isset($_POST['disable_smileys']) || preg_match("#\\[code\\](.*?)\\[/code\\]#si", $message) ? "0" : "1";
$result = dbquery("INSERT INTO " . DB_POSTS . " (forum_id, thread_id, post_message, post_showsig, post_smileys, post_author, post_datestamp, post_ip, post_edituser, post_edittime) VALUES ('" . $fdata['forum_id'] . "', '" . $_GET['thread_id'] . "', '{$message}', '{$sig}', '{$smileys}', '" . $userdata['user_id'] . "', '" . time() . "', '" . USER_IP . "', '0', '0')");
$newpost_id = mysql_insert_id();
$result = dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastuser='" . $userdata['user_id'] . "' WHERE forum_id='" . $fdata['forum_id'] . "'");
$result = dbquery("UPDATE " . DB_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $newpost_id . "', thread_postcount=thread_postcount+1, thread_lastuser='" . $userdata['user_id'] . "' WHERE thread_id='" . $_GET['thread_id'] . "'");
$result = dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $userdata['user_id'] . "'");
redirect("postify.php?post=reply&error=0&forum_id=" . $fdata['forum_id'] . "&thread_id=" . $_GET['thread_id'] . "&post_id={$newpost_id}");
} else {
redirect("viewthread.php?thread_id=" . $_GET['thread_id']);
}
}
}
$rows = dbcount("(thread_id)", DB_POSTS, "thread_id='" . $_GET['thread_id'] . "'");
$last_post = dbarray(dbquery("SELECT post_id FROM " . DB_POSTS . " WHERE thread_id='" . $_GET['thread_id'] . "' ORDER BY post_datestamp DESC LIMIT 1"));示例4: str_replace
}
}
$archive_shout_message = str_replace("\n", " ", $_POST['archive_shout_message']);
$archive_shout_message = preg_replace("/^(.{255}).*\$/", "\$1", $archive_shout_message);
$archive_shout_message = trim(stripinput(censorwords($archive_shout_message)));
if (iMEMBER && (isset($_GET['action']) && $_GET['action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
$comment_updated = false;
if (iADMIN && checkrights("S") || iMEMBER && dbcount("(shout_id)", DB_SHOUTBOX, "shout_id='" . $_GET['shout_id'] . "' AND shout_name='" . $userdata['user_id'] . "' AND shout_hidden='0'")) {
if ($archive_shout_message) {
$result = dbquery("UPDATE " . DB_SHOUTBOX . " SET shout_message='{$archive_shout_message}' WHERE shout_id='" . $_GET['shout_id'] . "'" . (iADMIN ? "" : " AND shout_name='" . $userdata['user_id'] . "'"));
}
}
redirect(FUSION_SELF);
} elseif ($archive_shout_name && $archive_shout_message) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("shout_datestamp", DB_SHOUTBOX, "shout_ip='" . USER_IP . "'")) {
$result = dbquery("INSERT INTO " . DB_SHOUTBOX . " (shout_name, shout_message, shout_datestamp, shout_ip, shout_ip_type, shout_hidden" . (multilang_table("SB") ? ", shout_language)" : ")") . " VALUES ('{$archive_shout_name}', '{$archive_shout_message}', '" . time() . "', '" . USER_IP . "', '" . USER_IP_TYPE . "', '0'" . (multilang_table("SB") ? ", '" . LANGUAGE . "')" : ")"));
}
redirect(FUSION_SELF);
}
}
if (iMEMBER && (isset($_GET['action']) && $_GET['action'] == "edit") && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
$esresult = dbquery("SELECT ts.shout_id, ts.shout_name, ts.shout_message, tu.user_id, tu.user_name\r\n\t\t\tFROM " . DB_SHOUTBOX . " ts\r\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.shout_name=tu.user_id\r\n\t\t\t" . (multilang_table("SB") ? "WHERE shout_language='" . LANGUAGE . "' AND" : "WHERE") . " ts.shout_id='" . $_GET['shout_id'] . "' AND shout_hidden='0'");
if (dbrows($esresult)) {
$esdata = dbarray($esresult);
if (iADMIN && checkrights("S") || iMEMBER && $esdata['shout_name'] == $userdata['user_id'] && isset($esdata['user_name'])) {
if (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
$edit_url = "?action=edit&shout_id=" . $esdata['shout_id'];
} else {
$edit_url = "";
}示例5: render_edit_form
public function render_edit_form()
{
global $locale, $userdata, $forum_settings, $defender;
$thread_data = $this->thread_info['thread'];
if ((!iMOD or !iSUPERADMIN) && $thread_data['thread_locked']) {
redirect(INFUSIONS . 'forum/index.php');
}
if (isset($_GET['post_id']) && isnum($_GET['post_id'])) {
add_to_title($locale['global_201'] . $locale['forum_0503']);
add_breadcrumb(array('link' => '', 'title' => $locale['forum_0503']));
$result = dbquery("SELECT tp.*, tt.thread_subject, tt.thread_poll, tt.thread_author, tt.thread_locked, MIN(tp2.post_id) AS first_post\n\t\t\t\tFROM " . DB_FORUM_POSTS . " tp\n\t\t\t\tINNER JOIN " . DB_FORUM_THREADS . " tt on tp.thread_id=tt.thread_id\n\t\t\t\tINNER JOIN " . DB_FORUM_POSTS . " tp2 on tp.thread_id=tp2.thread_id\n\t\t\t\tWHERE tp.post_id='" . intval($_GET['post_id']) . "' AND tp.thread_id='" . intval($thread_data['thread_id']) . "' AND tp.forum_id='" . intval($thread_data['forum_id']) . "'\n\t\t\t\tGROUP BY tp2.post_id\n\t\t\t\t");
if (dbrows($result) > 0) {
$post_data = dbarray($result);
if ((iMOD or iSUPERADMIN) || $this->getThreadPermission("can_reply") && $post_data['post_author'] == $userdata['user_id']) {
$is_first_post = $post_data['post_id'] == $this->thread_info['post_firstpost'] ? TRUE : FALSE;
// no edit if locked
if ($post_data['post_locked'] && !iMOD) {
redirect(INFUSIONS . "forum/postify.php?post=edit&error=5&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $post_data['post_id']);
}
// no edit if time limit reached
if (!iMOD && ($forum_settings['forum_edit_timelimit'] > 0 && time() - $forum_settings['forum_edit_timelimit'] * 60 > $post_data['post_datestamp'])) {
redirect(INFUSIONS . "forum/postify.php?post=edit&error=6&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $post_data['post_id']);
}
// execute form post actions
if (isset($_POST['post_edit'])) {
require_once INCLUDES . "flood_include.php";
// all data is sanitized here.
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
$post_data = array('forum_id' => $thread_data['forum_id'], 'thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], "thread_subject" => "", 'post_message' => form_sanitizer($_POST['post_message'], '', 'post_message'), 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => $post_data['post_datestamp'], 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => $userdata['user_id'], 'post_edittime' => time(), 'post_editreason' => form_sanitizer($_POST['post_editreason'], '', 'post_editreason'), 'post_hidden' => 0, 'notify_me' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
// require thread_subject if first post
if ($is_first_post == TRUE) {
$post_data['thread_subject'] = form_sanitizer($_POST['thread_subject'], '', 'thread_subject');
}
if ($defender->safe()) {
// Prepare forum merging action
$last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
if ($last_post_author == $post_data['post_author'] && $thread_data['forum_merge']) {
$last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC"));
$post_data['post_id'] = $last_message['post_id'];
$post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
} else {
dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
}
// Delete attachments if there is any
foreach ($_POST as $key => $value) {
if (!strstr($key, "delete_attach")) {
continue;
}
$key = str_replace("delete_attach_", "", $key);
$result = dbquery("SELECT * FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . $post_data['post_id'] . "' AND attach_id='" . (isnum($key) ? $key : 0) . "'");
if (dbrows($result) != 0 && $value) {
$adata = dbarray($result);
unlink(FORUM . "attachments/" . $adata['attach_name']);
dbquery("DELETE FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . $post_data['post_id'] . "' AND attach_id='" . (isnum($key) ? $key : 0) . "'");
}
}
if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && $this->getThreadPermission("can_upload_attach")) {
$upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
if ($upload['error'] == 0) {
foreach ($upload['target_file'] as $arr => $file_name) {
$attachment = array('thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => '0');
dbquery_insert(DB_FORUM_ATTACHMENTS, $attachment, 'save', array('keep_session' => TRUE));
}
}
}
if ($defender->safe()) {
redirect(INFUSIONS . "forum/postify.php?post=edit&error=0&forum_id=" . intval($post_data['forum_id']) . "&thread_id=" . intval($post_data['thread_id']) . "&post_id=" . intval($post_data['post_id']));
}
}
}
}
// template data
$form_action = INFUSIONS . "forum/viewthread.php?action=edit&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $_GET['post_id'];
// get attachment.
$attachments = array();
$attach_rows = 0;
if ($this->getThreadPermission("can_upload_attach") && !empty($this->thread_info['post_items'][$post_data['post_id']]['post_attachments'])) {
// need id
$a_result = dbquery("SELECT * FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . intval($post_data['post_id']) . "' AND thread_id='" . intval($thread_data['thread_id']) . "'");
$attach_rows = dbrows($a_result);
if ($attach_rows > 0) {
while ($a_data = dbarray($a_result)) {
$attachments[] = $a_data;
}
}
}
$info = array('title' => $locale['forum_0507'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'openform' => openform('input_form', 'post', $form_action, array('enctype' => $this->getThreadPermission("can_upload_attach") ? TRUE : FALSE)), 'closeform' => closeform(), 'forum_id_field' => form_hidden('forum_id', '', $post_data['forum_id']), 'thread_id_field' => form_hidden('thread_id', '', $post_data['thread_id']), "forum_field" => "", 'subject_field' => $this->thread_info['post_firstpost'] == $_GET['post_id'] ? form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => TRUE, 'placeholder' => $locale['forum_2001'], "class" => 'm-t-20 m-b-20')) : form_hidden("thread_subject", "", $thread_data['thread_subject']), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => TRUE, 'autosize' => TRUE, 'no_resize' => TRUE, 'preview' => TRUE, 'form_name' => 'input_form', 'bbcode' => TRUE)), 'delete_field' => form_checkbox('delete', $locale['forum_0624'], '', array('class' => 'm-b-0')), 'edit_reason_field' => form_text('post_editreason', $locale['forum_0611'], $post_data['post_editreason'], array('placeholder' => '', 'class' => 'm-t-20 m-b-20')), 'attachment_field' => $this->getThreadPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => INFUSIONS . 'forum/attachments/', 'type' => 'object', 'preview_off' => TRUE, 'multiple' => TRUE, 'max_count' => $attach_rows > 0 ? $forum_settings['forum_attachmax_count'] - $attach_rows : $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'])) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t <div class='m-b-20'>\n<small>" . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", "poll_form" => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0')), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0')) : '', 'sticky_field' => (iMOD || iSUPERADMIN) && $is_first_post ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0')) : '', 'lock_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0')) : '', 'hide_edit_field' => form_checkbox('hide_edit', $locale['forum_0627'], '', array('class' => 'm-b-0')), 'post_locked_field' => iMOD || iSUPERADMIN ? form_checkbox('post_locked', $locale['forum_0628'], $post_data['post_locked'], array('class' => 'm-b-0')) : '', 'notify_field' => '', 'post_buttons' => form_button('post_edit', $locale['forum_0504'], $locale['forum_0504'], array('class' => 'btn-primary')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-l-10')), 'last_posts_reply' => '');
$a_info = '';
if (!empty($attachments)) {
foreach ($attachments as $a_data) {
$a_info .= "<label><input type='checkbox' name='delete_attach_" . $a_data['attach_id'] . "' value='1' /> " . $locale['forum_0625'] . "</label>\n" . "<a href='" . INFUSIONS . "forum/attachments/" . $a_data['attach_name'] . "'>" . $a_data['attach_name'] . "</a> [" . parsebytesize($a_data['attach_size']) . "]\n" . "<br/>\n";
}
$info['attachment_field'] = $a_info . $info['attachment_field'];
}
postform($info);
} else {
redirect(INFUSIONS . 'forum/index.php');
// no access
//.........这里部分代码省略.........
示例6: sendemail
} else {
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'] . $message_content);
}
} else {
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'] . $message_content);
}
}
}
}
} else {
redirect(FUSION_SELF . "?folder=inbox");
}
}
} elseif (isnum($_GET['msg_send'])) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("message_datestamp", DB_MESSAGES, "message_from='" . $userdata['user_id'] . "'")) {
$result = dbquery("SELECT u.user_id, u.user_name, u.user_email, u.user_level, mo.pm_email_notify, s.pm_inbox, COUNT(message_id) as message_count\n\t\t\t\tFROM " . DB_USERS . " u\n\t\t\t\tLEFT JOIN " . DB_MESSAGES_OPTIONS . " mo USING(user_id)\n\t\t\t\tLEFT JOIN " . DB_MESSAGES_OPTIONS . " s ON s.user_id='0'\n\t\t\t\tLEFT JOIN " . DB_MESSAGES . " ON message_to=u.user_id AND message_folder='0'\n\t\t\t\tWHERE u.user_id='" . $_GET['msg_send'] . "' GROUP BY u.user_id");
if (dbrows($result)) {
$data = dbarray($result);
if ($data['user_id'] != $userdata['user_id']) {
if ($data['user_id'] == 1 || $data['user_level'] > 101 || $data['pm_inbox'] == "0" || $data['message_count'] + 1 <= $data['pm_inbox']) {
$result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES('" . $data['user_id'] . "','" . $userdata['user_id'] . "','" . $subject . "','" . $message . "','" . $smileys . "','0','" . time() . "','0')");
$send_email = isset($data['pm_email_notify']) ? $data['pm_email_notify'] : $msg_settings['pm_email_notify'];
if ($send_email == "1") {
$message_content = str_replace("[SUBJECT]", $subject, $locale['626']);
$message_content = str_replace("[USER]", $userdata['user_name'], $message_content);
$template_result = dbquery("SELECT template_key, template_active FROM " . DB_EMAIL_TEMPLATES . " WHERE template_key='PM' LIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
sendemail_template("PM", $subject, trimlink($message, 150), $userdata['user_name'], $data['user_name'], "", $data['user_email']);示例7: showcomments
/**
* @param $comment_type - abbr or short ID
* @param $comment_db - Current Application DB - DB_BLOG for example.
* @param $comment_col - current sql primary key column - 'blog_id' for example
* @param $comment_item_id - current sql primary key value '$_GET['blog_id']' for example
* @param $clink - current page link 'FUSION_SELF' is ok.
*/
function showcomments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
global $settings, $locale, $userdata, $aidlink;
$link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
$link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
$_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0;
$cpp = $settings['comments_per_page'];
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
$result = dbquery("DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
}
redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&c_start=0"));
}
if ($settings['comments_enabled'] == "1") {
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
if (!iMEMBER && $settings['guestpost'] == 1) {
if (!isset($_POST['comment_name'])) {
redirect($link);
}
if (isnum($_POST['comment_name'])) {
$_POST['comment_name'] = '';
}
$_CAPTCHA_IS_VALID = FALSE;
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
redirect($link);
}
}
$comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
$comment_updated = FALSE;
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "' \n\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tAND comment_type='" . $comment_type . "' \n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "' \n\t\t\t\tAND comment_hidden='0'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'update');
if ($comment_data['comment_message']) {
$result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_data['comment_message'] . "'\n \t\t\t\t\t\t\t\t\t WHERE comment_id='" . $_GET['comment_id'] . "' " . (iADMIN ? "" : "AND comment_name='" . $userdata['user_id'] . "'"));
if ($result) {
$comment_updated = TRUE;
}
}
}
if ($comment_updated) {
if ($settings['comments_sorting'] == "ASC") {
$c_operator = "<=";
} else {
$c_operator = ">=";
}
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\n\t\t\t\t\t\t\t\tAND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
}
redirect($clink . "&c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
} else {
if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
redirect(BASEDIR . "index.php");
}
$id = 0;
if ($comment_data['comment_name'] && $comment_data['comment_message']) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'save');
$id = dblastid();
}
}
if ($settings['comments_sorting'] == "ASC") {
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
} else {
$c_start = 0;
}
//if (!$settings['site_seo']) {
redirect($clink . "&c_start=" . $c_start . "#c" . $id);
//}
}
}
$c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
if (!isset($_GET['c_start']) && $c_rows > $cpp) {
$_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
}
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n\t\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\t\tWHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n\t\t\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
if (dbrows($result) > 0) {
$i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
if ($c_rows > $cpp) {
$c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&", "c_start");
}
while ($data = dbarray($result)) {
$c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
$c_arr['c_con'][$i]['edit_dell'] = FALSE;
$c_arr['c_con'][$i]['i'] = $i;
if ($data['user_name']) {
$c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status'], 'strong text-dark');
//.........这里部分代码省略.........
示例8: showcomments
function showcomments($ctype, $cdb, $ccol, $cid, $clink)
{
global $settings, $locale, $userdata, $aidlink;
$link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
$link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
$cpp = $settings['comments_per_page'];
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
$result = dbquery("DELETE FROM " . DB_COMMENTS . "\r\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\r\n\t\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
}
redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&c_start=0"));
}
if ($settings['comments_enabled'] == "1") {
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
if (iMEMBER) {
$comment_name = $userdata['user_id'];
} elseif ($settings['guestposts'] == "1") {
if (!isset($_POST['comment_name'])) {
redirect($link);
}
$comment_name = trim(stripinput($_POST['comment_name']));
$comment_name = preg_replace("(^[+0-9\\s]*)", "", $comment_name);
if (isnum($comment_name)) {
$comment_name = "";
}
$_CAPTCHA_IS_VALID = FALSE;
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
redirect($link);
}
}
$comment_message = trim(stripinput(censorwords($_POST['comment_message'])));
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
$comment_updated = FALSE;
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "'\r\n\t\t\t\t\t\tAND comment_type='" . $ctype . "' AND comment_name='" . $userdata['user_id'] . "'\r\n\t\t\t\t\t\tAND comment_hidden='0'")) {
if ($comment_message) {
$result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_message . "'\r\n\t\t\t\t\t\t\t\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\r\n\t\t\t\t\t\t\t\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
$comment_updated = TRUE;
}
}
if ($comment_updated) {
if ($settings['comments_sorting'] == "ASC") {
$c_operator = "<=";
} else {
$c_operator = ">=";
}
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $_GET['comment_id'] . "'\r\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $cid . "'\r\n\t\t\t\t\t\t\t\tAND comment_type='" . $ctype . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
}
redirect($clink . "&c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
} else {
if (!dbcount("(" . $ccol . ")", $cdb, $ccol . "='" . $cid . "'")) {
redirect(BASEDIR . "index.php");
}
if ($comment_name && $comment_message) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
$result = dbquery("INSERT INTO " . DB_COMMENTS . " (\r\n\t\t\t\t\t\t\t\tcomment_item_id, comment_type, comment_name, comment_message, comment_datestamp,\r\n\t\t\t\t\t\t\t\tcomment_ip, comment_ip_type, comment_hidden\r\n\t\t\t\t\t\t\t) VALUES (\r\n\t\t\t\t\t\t\t\t'" . $cid . "', '" . $ctype . "', '" . $comment_name . "', '" . $comment_message . "', '" . time() . "',\r\n\t\t\t\t\t\t\t\t'" . USER_IP . "', '" . USER_IP_TYPE . "', '0'\r\n\t\t\t\t\t\t\t)");
}
}
if ($settings['comments_sorting'] == "ASC") {
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $cid . "'\r\n\t\t\t\t\t\t\t\t\t\tAND comment_type='" . $ctype . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
} else {
$c_start = 0;
}
redirect($clink . "&c_start=" . $c_start);
}
}
$c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $cid . "'\r\n\t\t\t\t\t\t\tAND comment_type='" . $ctype . "' AND comment_hidden='0'");
if (!isset($_GET['c_start']) && $c_rows > $cpp) {
$_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
}
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\r\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\r\n\t\t\tFROM " . DB_COMMENTS . " tcm\r\n\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\r\n\t\t\tWHERE comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "' AND comment_hidden='0'\r\n\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
if (dbrows($result)) {
$i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
if ($c_rows > $cpp) {
$c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&", "c_start");
}
while ($data = dbarray($result)) {
$c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
$c_arr['c_con'][$i]['edit_dell'] = FALSE;
$c_arr['c_con'][$i]['i'] = $i;
if ($data['user_name']) {
$c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status']);
} else {
$c_arr['c_con'][$i]['comment_name'] = $data['comment_name'];
}
//Add user avatar in comments new feature in v7.02.04
$c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '80px');
$c_arr['c_con'][$i]['comment_datestamp'] = $locale['global_071'] . showdate("longdate", $data['comment_datestamp']);
$c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message'])));
if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
$c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n";
$c_arr['c_con'][$i]['edit_dell'] .= "<a href='" . FUSION_REQUEST . "&c_action=edit&comment_id=" . $data['comment_id'] . "#edit_comment'>";
$c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a> |\n";
//.........这里部分代码省略.........
示例9: showcomments
function showcomments($ctype, $cdb, $ccol, $cid, $clink)
{
global $settings, $locale, $userdata, $aidlink;
$link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
$link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
$result = dbquery("DELETE FROM " . DB_COMMENTS . " WHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : " AND comment_name='" . $userdata['user_id'] . "'"));
}
redirect($clink);
}
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
if (iMEMBER) {
$comment_name = $userdata['user_id'];
} elseif ($settings['guestposts'] == "1") {
$comment_name = trim(stripinput($_POST['comment_name']));
$comment_name = preg_replace("(^[0-9]*)", "", $comment_name);
if (isnum($comment_name)) {
$comment_name = "";
}
include_once INCLUDES . "securimage/securimage.php";
$securimage = new Securimage();
if (!isset($_POST['com_captcha_code']) || $securimage->check($_POST['com_captcha_code']) == false) {
redirect($link);
}
}
$comment_message = trim(stripinput(censorwords($_POST['comment_message'])));
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
$comment_updated = false;
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
if ($comment_message) {
$result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='{$comment_message}' WHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : " AND comment_name='" . $userdata['user_id'] . "'"));
$comment_updated = true;
}
}
if ($comment_updated) {
$c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_id<='" . $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "'") / 10) - 1) * 10;
}
redirect($clink . "&rstart=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
} else {
if (!dbcount("(" . $ccol . ")", $cdb, $ccol . "='" . $cid . "'")) {
redirect(BASEDIR . "index.php");
}
if ($comment_name && $comment_message) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
$result = dbquery("INSERT INTO " . DB_COMMENTS . " (comment_item_id, comment_type, comment_name, comment_message, comment_datestamp, comment_ip) VALUES ('{$cid}', '{$ctype}', '{$comment_name}', '{$comment_message}', '" . time() . "', '" . USER_IP . "')");
}
}
$c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "'") / 10) - 1) * 10;
redirect($clink . "&rstart=" . $c_start);
}
}
opentable($locale['c100']);
echo "<a id='comments' name='comments'></a>";
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='{$cid}' AND comment_type='{$ctype}'");
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$result = dbquery("SELECT tcm.*,user_name FROM " . DB_COMMENTS . " tcm\n\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\tWHERE comment_item_id='{$cid}' AND comment_type='{$ctype}'\n\t\tORDER BY comment_datestamp ASC LIMIT " . $_GET['c_start'] . ",10");
if (dbrows($result)) {
$i = $_GET['c_start'] + 1;
if ($c_rows > 10) {
echo "<div style='text-align:center;margin-bottom:5px;'>" . makecommentnav($_GET['c_start'], 10, $c_rows, 3, $clink . "&") . "</div>\n";
}
while ($data = dbarray($result)) {
echo "<div class='tbl2'>\n";
if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
echo "<div style='float:right' class='comment_actions'><!--comment_actions-->\n<a href='" . FUSION_REQUEST . "&c_action=edit&comment_id=" . $data['comment_id'] . "#edit_comment'>" . $locale['c108'] . "</a> |\n";
echo "<a href='" . FUSION_REQUEST . "&c_action=delete&comment_id=" . $data['comment_id'] . "'>" . $locale['c109'] . "</a>\n</div>\n";
}
echo "<a href='" . FUSION_REQUEST . "#c" . $data['comment_id'] . "' id='c" . $data['comment_id'] . "' name='c" . $data['comment_id'] . "'>#" . $i . "</a> | ";
if ($data['user_name']) {
echo "<span class='comment-name'><a href='" . BASEDIR . "profile.php?lookup=" . $data['comment_name'] . "'>" . $data['user_name'] . "</a></span>\n";
} else {
echo "<span class='comment-name'>" . $data['comment_name'] . "</span>\n";
}
echo "<span class='small'>" . $locale['global_071'] . showdate("longdate", $data['comment_datestamp']) . "</span>\n";
echo "</div>\n<div class='tbl1 comment_message'><!--comment_message-->" . nl2br(parseubb(parsesmileys($data['comment_message']))) . "</div>\n";
$i++;
}
if (iADMIN && checkrights("C")) {
echo "<div align='right' class='tbl2'><a href='" . ADMIN . "comments.php" . $aidlink . "&ctype={$ctype}&cid={$cid}'>" . $locale['c106'] . "</a></div>\n";
}
if ($c_rows > 10) {
echo "<div style='text-align:center;margin-top:5px;'>" . makecommentnav($_GET['c_start'], 10, $c_rows, 3, $clink . "&") . "</div>\n";
}
} else {
echo $locale['c101'] . "\n";
}
closetable();
opentable($locale['c102']);
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
$eresult = dbquery("SELECT tcm.*,user_name FROM " . DB_COMMENTS . " tcm\n\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "'");
if (dbrows($eresult)) {
$edata = dbarray($eresult);
if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
$clink .= "&c_action=edit&comment_id=" . $edata['comment_id'];
$comment_message = $edata['comment_message'];
}
//.........这里部分代码省略.........
示例10: showcomments_avatar
function showcomments_avatar($ctype, $cdb, $ccol, $cid, $clink, $seo_root_link = "", $a = "-", $seo_catid = "", $b = "-page-", $rowstart = "", $c = "-", $seo_subject = "")
{
// Pimped
global $settings, $locale, $userdata, $aidlink;
if (URL_REWRITE && $seo_root_link != "") {
$seo_link = $seo_root_link . $a . $seo_catid . $c . clean_subject_urlrewrite($seo_subject) . ".html";
}
// Pimped
$link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
$link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if ((iMODERATOR || iADMIN) && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . (int) $_GET['comment_id'] . "' AND comment_name='" . (int) $userdata['user_id'] . "'")) {
$result = dbquery("DELETE FROM " . DB_COMMENTS . " WHERE comment_id='" . (int) $_GET['comment_id'] . "'" . (iMODERATOR || iADMIN ? "" : " AND comment_name='" . (int) $userdata['user_id'] . "'"));
}
redirect($clink);
}
if ($settings['comments_enabled'] == "1") {
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
if (iMEMBER) {
$comment_name = $userdata['user_id'];
} elseif ($settings['guestposts'] == "1") {
$comment_name = trim(stripinput($_POST['comment_name']));
$comment_name = preg_replace("(^[0-9]*)", "", $comment_name);
if (isnum($comment_name)) {
$comment_name = "";
}
include_once INCLUDES . "securimage/securimage.php";
$securimage = new Securimage();
if (!isset($_POST['com_captcha_code']) || $securimage->check($_POST['com_captcha_code']) == false) {
redirect($link);
}
}
$comment_message = trim(stripinput(censorwords($_POST['comment_message'])));
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
$comment_updated = false;
if ((iMODERATOR || iADMIN) && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . (int) $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "' AND comment_name='" . (int) $userdata['user_id'] . "' AND comment_hidden='0'")) {
if ($comment_message) {
$result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message=" . _db($comment_message) . " WHERE comment_id='" . (int) $_GET['comment_id'] . "'" . (iMODERATOR || iADMIN ? "" : " AND comment_name='" . (int) $userdata['user_id'] . "'"));
$comment_updated = true;
}
}
if ($comment_updated) {
$c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_id<='" . (int) $_GET['comment_id'] . "' AND comment_item_id=" . _db($cid) . " AND comment_type=" . _db($ctype) . "") / 10) - 1) * 10;
}
redirect($clink . "&c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
} else {
if (!dbcount("(" . $ccol . ")", $cdb, $ccol . "='" . $cid . "'")) {
redirect(BASEDIR . "index.php");
}
if ($comment_name && $comment_message) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
$result = dbquery("INSERT INTO " . DB_COMMENTS . " (comment_item_id, comment_type, comment_name, comment_message, comment_datestamp, comment_ip, comment_hidden) VALUES (" . _db($cid) . ", " . _db($ctype) . ", " . _db($comment_name) . ", " . _db($comment_message) . ", '" . time() . "', '" . USER_IP . "', '0')");
}
}
$c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . (int) $cid . "' AND comment_type=" . _db($ctype) . "") / 10) - 1) * 10;
redirect($clink . "&c_start=" . $c_start);
}
}
opentable($locale['c100']);
echo "<a id='comments' name='comments'></a>";
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id=" . _db($cid) . " AND comment_type=" . _db($ctype) . " AND comment_hidden='0'");
if (!isset($_GET['c_start']) && $c_rows > 10) {
$_GET['c_start'] = (ceil($c_rows / 10) - 1) * 10;
}
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_datestamp, tcm.comment_message,\r\n\t\t\ttcu.user_name, tcu.user_avatar, tcu.user_id, tcu.user_level, tcu.user_status\r\n\t\t\tFROM " . DB_COMMENTS . " tcm\r\n\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\r\n\t\t\tWHERE comment_item_id=" . _db($cid) . " AND comment_type=" . _db($ctype) . " AND comment_hidden='0'\r\n\t\t\tORDER BY comment_datestamp ASC LIMIT " . (int) $_GET['c_start'] . ",10");
if (dbrows($result)) {
$i = $_GET['c_start'] + 1;
if ($c_rows > 10) {
echo "<div style='text-align:center;margin-bottom:5px;'>" . makecommentnav($_GET['c_start'], 10, $c_rows, 3, $clink . "&", $seo_root_link, $a, $seo_catid, $b, $rowstart, "-cstart-", $c, $seo_subject) . "</div>\n";
}
echo "<table cellpadding='0' cellspacing='1' width='100%' class='tbl-border'>\n";
while ($data = dbarray($result)) {
echo "<tr><td class='tbl2' width='10%' align='center'>\n";
if ($data['user_name']) {
echo "<span class='comment-name'>" . profile_link($data['comment_name'], $data['user_name'], $data['user_status']) . "</span>\n";
} else {
echo "<span class='comment-name'>" . $data['comment_name'] . "</span>\n";
}
echo "</td>\n";
echo "<td class='tbl2'>\n<span class='small'>" . $locale['global_071'] . showdate("longdate", $data['comment_datestamp']) . "</span>\n";
echo "<div style='float:right' class='comment_actions'>";
if ((iMODERATOR || iADMIN) && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
echo "<!--comment_actions-->\n<a href='" . FUSION_SELF . "?" . FUSION_QUERY . "&c_action=edit&comment_id=" . $data['comment_id'] . "#edit_comment'>" . $locale['c108'] . "</a> |\n";
echo "<a href='" . FUSION_SELF . "?" . FUSION_QUERY . "&c_action=delete&comment_id=" . $data['comment_id'] . "'>" . $locale['c109'] . "</a> |\n";
}
echo "<a href='" . FUSION_REQUEST . "#c" . $data['comment_id'] . "' id='c" . $data['comment_id'] . "' name='c" . $data['comment_id'] . "'>#" . $i . "</a></div>\n";
echo "</td>\n";
echo "</tr>\n<tr>\n";
$avatar = $data['user_avatar'] != "" && file_exists(IMAGES_AVA . $data['user_avatar']) ? IMAGES_AVA . $data['user_avatar'] : IMAGES_AVA . "noavatar.jpg";
echo "<td class='tbl1' width='15%'>\n";
echo "<div style='text-align:center;'><img src='" . $avatar . "' width='50' height='50' alt='' /></div><br />\n";
if ($settings['warning_system_comments'] && $data['user_name']) {
$points = show_warning_points($data['user_id']);
echo "<div class='commentswarnings'>";
echo "<span class='small'><a style='cursor:help;' onclick=\"warning_info();\">" . $locale['WARN200'] . "</a></span> ";
echo warning_profile_link("1", $data['user_id'], $points);
//.........这里部分代码省略.........
示例11: set_newThreadInfo
/**
* New thread
*/
public function set_newThreadInfo()
{
$userdata = fusion_get_userdata();
$locale = fusion_get_locale("", FORUM_LOCALE);
$locale += fusion_get_locale("", FORUM_TAGS_LOCALE);
$forum_settings = ForumServer::get_forum_settings();
// @todo: Reduce lines and optimize further
if (iMEMBER) {
// New thread directly to a specified forum
if (!empty($_GET['forum_id']) && ForumServer::verify_forum($_GET['forum_id'])) {
add_to_title($locale['forum_0000']);
add_to_meta("description", $locale['forum_0000']);
add_breadcrumb(array("link" => FORUM . "index.php", "title" => $locale['forum_0000']));
add_to_title($locale['global_201'] . $locale['forum_0057']);
$forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n\t\t\t\tFROM " . DB_FORUMS . " f\n\t\t\t\tLEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n\t\t\t\tWHERE f.forum_id='" . intval($_GET['forum_id']) . "'\n\t\t\t\tAND " . groupaccess('f.forum_access') . "\n\t\t\t\t"));
if ($forum_data['forum_type'] == 1) {
redirect(INFUSIONS . "forum/index.php");
}
// Use the new permission settings
self::setPermission($forum_data);
$forum_data['lock_edit'] = $forum_settings['forum_edit_lock'];
if (self::getPermission("can_post") && self::getPermission("can_access")) {
add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $forum_data['forum_id'] . '&parent_id=' . $forum_data['forum_cat'], 'title' => $forum_data['forum_name']));
add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $forum_data['forum_id'] . '&parent_id=' . $forum_data['forum_cat'], 'title' => $locale['forum_0057']));
/**
* Generate a poll form
*/
$poll_form = "";
if (self::getPermission("can_create_poll")) {
// initial data to push downwards
$pollData = array('thread_id' => 0, 'forum_poll_title' => !empty($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
// counter of lengths
$option_data[1] = "";
$option_data[2] = "";
// Do a validation if checked add_poll
if (isset($_POST['add_poll'])) {
$pollData = array('thread_id' => 0, 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => count($option_data), 'forum_poll_votes' => 0);
// calculate poll lengths
if (!empty($_POST['poll_options']) && is_array($_POST['poll_options'])) {
foreach ($_POST['poll_options'] as $i => $value) {
$option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
}
}
}
if (isset($_POST['add_poll_option']) && isset($_POST['poll_options'])) {
// reindex the whole array with blank values.
foreach ($_POST['poll_options'] as $i => $value) {
$option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
}
if (\defender::safe()) {
$option_data = array_values(array_filter($option_data));
array_unshift($option_data, NULL);
unset($option_data[0]);
$pollData['forum_poll_length'] = count($option_data);
}
array_push($option_data, '');
}
$poll_field = '';
$poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $pollData['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
for ($i = 1; $i <= count($option_data); $i++) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => TRUE, 'required' => $i <= 2 ? TRUE : FALSE));
}
$poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
$poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
$poll_field['poll_field'] .= "</div>\n";
$info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_0630'], 'field' => $poll_field);
ob_start();
echo form_checkbox("add_poll", $locale['forum_0366'], isset($_POST['add_poll']) ? TRUE : FALSE, array('reverse_label' => TRUE));
echo "<div id='poll_form' class='poll-form' style='display:none;'>\n";
echo "<div class='well clearfix'>\n";
echo "<!--pre_form-->\n";
echo $info['field']['poll_field'];
echo "</div>\n";
echo "</div>\n";
$poll_form = ob_get_contents();
ob_end_clean();
}
$thread_data = array('forum_id' => $forum_data['forum_id'], 'thread_id' => 0, 'thread_subject' => isset($_POST['thread_subject']) ? form_sanitizer($_POST['thread_subject'], '', 'thread_subject') : '', 'thread_tags' => isset($_POST['thread_tags']) ? form_sanitizer($_POST['thread_tags'], '', 'thread_tags') : '', 'thread_author' => $userdata['user_id'], 'thread_views' => 0, 'thread_lastpost' => time(), 'thread_lastpostid' => 0, 'thread_lastuser' => $userdata['user_id'], 'thread_postcount' => 1, 'thread_poll' => 0, 'thread_sticky' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_locked' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_hidden' => 0);
$post_data = array('forum_id' => $forum_data['forum_id'], 'forum_cat' => $forum_data['forum_cat'], 'thread_id' => 0, 'post_id' => 0, 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => !isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 0 : 1, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => isset($_POST['notify_me']) ? 1 : 0, 'post_locked' => 0);
// Execute post new thread
if (isset($_POST['post_newthread']) && \defender::safe()) {
require_once INCLUDES . "flood_include.php";
// all data is sanitized here.
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
if (\defender::safe()) {
// create a new thread.
dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
$post_data['thread_id'] = dblastid();
$pollData['thread_id'] = dblastid();
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
$post_data['post_id'] = dblastid();
// Attach files if permitted
if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && self::getPermission("can_upload_attach")) {
$upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
if ($upload['error'] == 0) {
foreach ($upload['target_file'] as $arr => $file_name) {
//.........这里部分代码省略.........
示例12: send_pm
public static function send_pm($to, $from, $subject, $message, $smileys = 'y', $to_group = FALSE, $save_sent = TRUE)
{
include LOCALE . LOCALESET . "messages.php";
require_once INCLUDES . "sendmail_include.php";
require_once INCLUDES . "flood_include.php";
$strict = FALSE;
$locale = array();
$group_name = getgroupname($to);
$to = isnum($to) || !empty($group_name) ? $to : 0;
$from = isnum($from) ? $from : 0;
$smileys = preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $message) ? "n" : $smileys;
if (!$to_group) {
// send to user
$pmStatus = self::get_pm_settings($to);
$myStatus = self::get_pm_settings($from);
if (!flood_control("message_datestamp", DB_MESSAGES, "message_from='" . intval($from) . "'")) {
// find receipient
$result = dbquery("SELECT u.user_id, u.user_name, u.user_email, u.user_level,\n\t\t\t\tCOUNT(m.message_id) 'message_count'\n\t\t\t\tFROM " . DB_USERS . " u\n\t\t\t\tLEFT JOIN " . DB_MESSAGES . " m ON m.message_user=u.user_id and message_folder='0'\n\t\t\t\tWHERE u.user_id='" . intval($to) . "' GROUP BY u.user_id\n\t\t\t\t");
if (dbrows($result) > 0) {
$data = dbarray($result);
$result2 = dbquery("SELECT user_id, user_name FROM " . DB_USERS . " WHERE user_id='" . intval($from) . "'");
if (dbrows($result2) > 0) {
$userdata = dbarray($result2);
if ($to != $from) {
if ($data['user_id'] == 1 || $data['user_level'] < USER_LEVEL_MEMBER || !$pmStatus['user_inbox'] || $data['message_count'] + 1 <= $pmStatus['user_inbox']) {
$inputData = array("message_id" => 0, "message_to" => $to, "message_user" => $to, "message_from" => $from, "message_subject" => $subject, "message_message" => $message, "message_smileys" => $smileys, "message_read" => 0, "message_datestamp" => time(), "message_folder" => 0);
dbquery_insert(DB_MESSAGES, $inputData, "save");
// this will flood the inbox when message is sent to group. -- fixed
if ($myStatus['user_pm_save_sent'] == '2' && $save_sent == TRUE) {
// user_outbox.
$cdata = dbarray(dbquery("SELECT COUNT(message_id) AS outbox_count, MIN(message_id) AS last_message FROM\n\t\t\t\t\t\t\t\t\t" . DB_MESSAGES . " WHERE message_to='" . $userdata['user_id'] . "' AND message_user='" . $userdata['user_id'] . "' AND message_folder='1' GROUP BY message_to"));
// check my outbox limit and if surpass, remove oldest message
if ($myStatus['user_outbox'] != "0" && $cdata['outbox_count'] + 1 > $myStatus['user_outbox']) {
dbquery("DELETE FROM " . DB_MESSAGES . " WHERE message_id='" . $cdata['last_message'] . "' AND message_to='" . $userdata['user_id'] . "'");
}
$inputData['message_user'] = $userdata['user_id'];
$inputData['message_folder'] = 1;
$inputData['message_from'] = $to;
$inputData['message_to'] = $userdata['user_id'];
dbquery_insert(DB_MESSAGES, $inputData, "save");
}
$send_email = $pmStatus['user_pm_email_notify'];
if ($send_email == "2") {
$message_content = str_replace("[SUBJECT]", $subject, $locale['626']);
$message_content = str_replace("[USER]", $userdata['user_name'], $message_content);
$template_result = dbquery("SELECT template_key, template_active FROM " . DB_EMAIL_TEMPLATES . " WHERE template_key='PM' LIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
sendemail_template("PM", $subject, trimlink($message, 150), $userdata['user_name'], $data['user_name'], "", $data['user_email']);
} else {
sendemail($data['user_name'], $data['user_email'], fusion_get_settings("siteusername"), fusion_get_settings("siteemail"), $locale['625'], $data['user_name'] . $message_content);
}
} else {
sendemail($data['user_name'], $data['user_email'], fusion_get_settings("siteusername"), fusion_get_settings("siteemail"), $locale['625'], $data['user_name'] . $message_content);
}
}
} else {
// Inbox is full
if ($strict) {
die("User inbox is full. Try delete it or upgrade it to 102 or 103 status");
}
\defender::stop();
addNotice("danger", $locale['628']);
}
}
} else {
// Sender does not exist in DB
if ($strict) {
die("Sender User ID does not exist in DB. Sequence Aborted.");
}
\defender::stop();
addNotice("danger", $locale['482']);
}
} else {
\defender::stop();
if ($strict) {
die("Message Recepient User ID is invalid");
}
addNotice("danger", $locale['482']);
}
} else {
if ($strict) {
die("You are flooding, send_pm halted");
}
\defender::stop();
addNotice("danger", sprintf($locale['487'], fusion_get_settings("flood_interval")));
}
} else {
$result = NULL;
if ($to <= -101 && $to >= -103) {
// -101, -102, -103 only
$result = dbquery("SELECT user_id from " . DB_USERS . " WHERE user_level <='" . intval($to) . "' AND user_status='0'");
} else {
// ## --- deprecate -- WHERE user_groups REGEXP('^\\\.{$to}$|\\\.{$to}\\\.|\\\.{$to}$') #
$result = dbquery("SELECT user_id FROM " . DB_USERS . " WHERE " . in_group("user_groups", $to) . " AND user_status='0'");
}
if (dbrows($result) > 0) {
while ($data = dbarray($result)) {
self::send_pm($data['user_id'], $from, $subject, $message, $smileys, FALSE, FALSE);
//.........这里部分代码省略.........
示例13: handle_quick_reply
/**
* Handle post of Quick Reply Form
*/
private function handle_quick_reply()
{
$forum_settings = $this->get_forum_settings();
$locale = fusion_get_locale();
$userdata = fusion_get_userdata();
if (isset($_POST['post_quick_reply'])) {
if ($this->getThreadPermission("can_reply") && \defender::safe()) {
$this->thread_data = $this->thread_info['thread'];
require_once INCLUDES . "flood_include.php";
if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
// have notice
$post_data = array('post_id' => 0, 'forum_id' => $this->thread_data['forum_id'], 'thread_id' => $this->thread_data['thread_id'], 'post_message' => form_sanitizer($_POST['post_message'], '', 'post_message'), 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
if (\defender::safe()) {
// post message is invalid or whatever is invalid
$update_forum_lastpost = FALSE;
// Prepare forum merging action
$last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $this->thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
if ($last_post_author['post_author'] == $post_data['post_author'] && $this->thread_data['forum_merge']) {
$last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $this->thread_data['thread_id'] . "' ORDER BY post_id DESC"));
$post_data['post_id'] = $last_message['post_id'];
$post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id'));
} else {
$update_forum_lastpost = TRUE;
dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id'));
$post_data['post_id'] = dblastid();
dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
}
// Update stats in forum and threads
if ($update_forum_lastpost) {
// find all parents and update them
$list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $this->thread_data['forum_id']);
if (!empty($list_of_forums)) {
foreach ($list_of_forums as $fid) {
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='" . $post_data['post_author'] . "' WHERE forum_id='" . $fid . "'");
}
}
// update current forum
dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='" . $post_data['post_author'] . "' WHERE forum_id='" . $this->thread_data['forum_id'] . "'");
// update current thread
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_postcount=thread_postcount+1, thread_lastuser='" . $post_data['post_author'] . "' WHERE thread_id='" . $this->thread_data['thread_id'] . "'");
}
// set notify
if ($forum_settings['thread_notify'] == TRUE && isset($_POST['notify_me']) && $this->thread_data['thread_id']) {
if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $this->thread_data['thread_id'] . "' AND notify_user='" . $post_data['post_author'] . "'")) {
dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $this->thread_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', '1')");
}
}
}
redirect(INFUSIONS . "forum/postify.php?post=reply&error=0&forum_id=" . intval($post_data['forum_id']) . "&thread_id=" . intval($post_data['thread_id']) . "&post_id=" . intval($post_data['post_id']));
}
}
}
}示例14: showcomments
function showcomments($ctype, $cdb, $ccol, $cid, $clink, $ingroup)
{
global $settings, $locale, $userdata, $aidlink;
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
$eresult = dbquery("SELECT tcm.*,user_name FROM " . DB_COMMENTS . " tcm\n\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "'");
if (dbrows($eresult)) {
$edata = dbarray($eresult);
if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
$clink .= "&c_action=edit&comment_id=" . $edata['comment_id'];
$comment_message = $edata['comment_message'];
}
} else {
$comment_message = "";
}
} else {
$comment_message = "";
}
if (iMEMBER && $ingroup) {
add_to_head("<script type='text/javascript'>window.onload=setTimeout(\"hideall()\", 250);\n\t\tfunction hideall(){\n\t\t\tdocument.getElementById('bbcode').style.display='none';\n\t\t}\n\t\tfunction showhide(msg_id) {\n\t\t document.getElementById(msg_id).style.display = document.getElementById(msg_id).style.display == 'none' ? 'block' : 'none';\n\t\t}</script>\n");
require_once INCLUDES . "bbcode_include.php";
echo "<a id='edit_comment' name='edit_comment'></a>\n";
echo "<form name='inputform' method='post' action='" . $clink . "'>\n";
echo "<div align='center'>\n";
echo "<textarea name='comment_message' rows='2' class='textbox' style='width:90%'>" . $comment_message . "</textarea><br />\n";
echo "<input type='submit' name='post_comment' value='" . $locale['uc283'] . "' class='button' /> :: <a onClick='showhide(\"bbcode\")'>" . $locale['uc285'] . "</a>\n";
echo "<div id='bbcode'><br />" . display_bbcodes("360px", "comment_message") . "</div>\n";
echo "</div>\n</form>\n";
} else {
echo "<div align='center'>" . $locale['uc289'] . "</div>\n";
}
echo "</td>\n</tr>\n";
echo "<tr>\n<td class='tbl1' style='padding:6px;'>\n";
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
$result = dbquery("DELETE FROM " . DB_COMMENTS . " WHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : " AND comment_name='" . $userdata['user_id'] . "'"));
}
redirect($clink);
}
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
if (iMEMBER) {
$comment_name = $userdata['user_id'];
} elseif ($settings['guestposts'] == "1") {
$comment_name = trim(stripinput($_POST['comment_name']));
$comment_name = preg_replace("(^[0-9]*)", "", $comment_name);
if (isnum($comment_name)) {
$comment_name = "";
}
}
$comment_message = trim(stripinput(censorwords($_POST['comment_message'])));
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
$comment_updated = false;
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
if ($comment_message) {
$result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='{$comment_message}' WHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : " AND comment_name='" . $userdata['user_id'] . "'"));
$comment_updated = true;
}
}
if ($comment_updated) {
$c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_id<='" . $_GET['comment_id'] . "' AND comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "'") / 10) - 1) * 10;
}
redirect($clink . "&rstart=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
} else {
if (!dbcount("(" . $ccol . ")", $cdb, $ccol . "='" . $cid . "'")) {
redirect(BASEDIR . "index.php");
}
if ($comment_name && $comment_message) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
$result = dbquery("INSERT INTO " . DB_COMMENTS . " (comment_item_id, comment_type, comment_name, comment_message, comment_datestamp, comment_ip) VALUES ('{$cid}', '{$ctype}', '{$comment_name}', '{$comment_message}', '" . time() . "', '" . USER_IP . "')");
}
}
$c_start = (ceil(dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $cid . "' AND comment_type='" . $ctype . "'") / 10) - 1) * 10;
redirect($clink . "&rstart=" . $c_start);
}
}
echo "<a id='comments' name='comments'></a>";
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='{$cid}' AND comment_type='{$ctype}'");
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$result = dbquery("SELECT tcm.*,tcu.* FROM " . DB_COMMENTS . " tcm\n\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\tWHERE comment_item_id='{$cid}' AND comment_type='{$ctype}'\n\t\tORDER BY comment_datestamp DESC LIMIT " . $_GET['c_start'] . ",10");
if (dbrows($result)) {
$i = $_GET['c_start'] + 1;
if ($c_rows > 10) {
echo "<div style='text-align:center;margin-bottom:5px;'>" . makecommentnav($_GET['c_start'], 10, $c_rows, 3, $clink . "&") . "</div>\n";
}
echo "<table width='100%' cellspacing='1' cellpadding='0'>\n";
while ($data = dbarray($result)) {
echo "<tr><td class='tbl2' rowspan='2' width='1'>\n";
if ($data['user_avatar']) {
list($width, $height) = getimagesize(IMAGES . "avatars/" . $data['user_avatar']);
$new_width = 70;
$new_height = $height * ($new_width / $height);
echo "<img src='" . IMAGES . "avatars/" . $data['user_avatar'] . "' alt='' style='width:" . $new_width . "px;height:" . $new_height . "px'>\n";
} else {
echo "<img src='" . IMAGES . "noav.gif' alt='' style='width:70px;height:70px'>\n";
}
echo "</td>\n<td class='tbl2' style='height:30px;'>";
if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
echo "<div style='float:right'>\n<a href='" . FUSION_REQUEST . "&c_action=edit&comment_id=" . $data['comment_id'] . "#edit_comment'>" . $locale['c108'] . "</a> |\n";
//.........这里部分代码省略.........
示例15: showComments
/**
* Display Comments
* @param $comment_type
* @param $comment_db
* @param $comment_col
* @param $comment_item_id
* @param $clink
*/
public function showComments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
global $aidlink;
$locale = fusion_get_locale();
$locale += fusion_get_locale('', LOCALE . LOCALESET . "user_fields.php");
$cpp = $this->settings['comments_per_page'];
$comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => '', 'comment_message' => '', 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
/** Delete */
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $this->userdata['user_id'] . "'")) {
$result = dbquery("\n DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $this->userdata['user_id'] . "'"));
}
redirect($clink . ($this->settings['comments_sorting'] == "ASC" ? "" : "&c_start=0"));
}
if ($this->settings['comments_enabled'] == "1") {
$this->c_arr['c_info']['comments_count'] = format_word(0, $this->locale['fmt_comment']);
// Handle Comment Posts
if ((iMEMBER || $this->settings['guestposts']) && isset($_POST['post_comment'])) {
if (!iMEMBER && $this->settings['guestposts']) {
// Process Captchas
$_CAPTCHA_IS_VALID = FALSE;
include INCLUDES . "captchas/" . $this->settings['captcha'] . "/captcha_check.php";
if (!isset($_POST['captcha_code']) && $_CAPTCHA_IS_VALID == FALSE) {
\defender::stop();
addNotice("danger", $locale['u194']);
}
}
$comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $this->userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => form_sanitizer($_POST['comment_cat'], 0, 'comment_cat'), 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
// Update comment
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "'\n AND comment_item_id='" . $comment_item_id . "'\n AND comment_type='" . $comment_type . "'\n AND comment_name='" . $this->userdata['user_id'] . "'\n AND comment_hidden='0'") && \defender::safe()) {
$c_name_query = "SELECT comment_name FROM " . DB_COMMENTS . " WHERE comment_id='" . $comment_data['comment_id'] . "'";
$comment_data['comment_name'] = dbresult(dbquery($c_name_query), 0);
dbquery_insert(DB_COMMENTS, $comment_data, 'update');
if ($this->settings['comments_sorting'] == "ASC") {
$c_operator = "<=";
} else {
$c_operator = ">=";
}
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n AND comment_item_id='" . $comment_item_id . "'\n AND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
addNotice("success", $locale['global_027']);
redirect(self::format_clink($clink) . "&c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
}
} else {
// Save New comment
if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
redirect(BASEDIR . "index.php");
}
if (\defender::safe()) {
$c_start = 0;
$id = 0;
if ($comment_data['comment_name'] && $comment_data['comment_message']) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'save');
$id = dblastid();
if ($this->settings['comments_sorting'] == "ASC") {
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
}
}
redirect(self::format_clink($clink) . "&c_start=" . $c_start . "#c" . $id);
}
}
}
}
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
if (!isset($_GET['c_start']) && $c_rows > $cpp) {
$_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
}
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$comment_query = "\n SELECT tcm.*, tcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n FROM " . DB_COMMENTS . " tcm\n LEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n WHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n ORDER BY comment_datestamp " . $this->settings['comments_sorting'] . ", comment_cat DESC";
$query = dbquery($comment_query);
if (dbrows($query) > 0) {
$i = $this->settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
if ($c_rows > $cpp) {
$this->c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&", "c_start");
}
if (iADMIN && checkrights("C")) {
$this->c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
$this->c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&ctype=" . $comment_type . "&comment_item_id=" . $comment_item_id . "'>" . $this->locale['c106'] . "</a>";
}
while ($row = dbarray($query)) {
$actions = array("edit_dell" => "", "edit_link" => "", "delete_link" => "");
if (iADMIN && checkrights("C") || iMEMBER && $row['comment_name'] == $this->userdata['user_id'] && isset($row['user_name'])) {
$edit_link = clean_request('c_action=edit&comment_id=' . $row['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
$delete_link = clean_request('c_action=delete&comment_id=' . $row['comment_id'], array('c_action', 'comment_id'), false);
$comment_actions = "<!---comment_actions--><div class='btn-group'>\n <a class='btn btn-xs btn-default' href='{$edit_link}'>" . $this->locale['c108'] . "</a>\n <a class='btn btn-xs btn-default' href='{$delete_link}' onclick=\"return confirm('" . $this->locale['c110'] . "');\"><i class='fa fa-trash'></i>" . $this->locale['c109'] . "</a>\n </div><!---//comment_actions-->\n ";
$actions = array("edit_link" => array('link' => $edit_link, 'name' => $this->locale['c108']), "delete_link" => array('link' => $delete_link, 'name' => $this->locale['c109']), "edit_dell" => $comment_actions);
//.........这里部分代码省略.........