user.php

软件类别： PHP源码 / 文章管理 软件语言： 简体中文 授权方式： 商业版 文件大小： 308K

    eval("\$email_msg = \"".$original_msg."\";");

    if (@mail($user[email],$email_subject,$email_msg,"来自: \"$sitename Mailer\" <$webmasteremail>")) {
      echo "成功<br />\n";
    } else {
      echo "失败<br />\n";
    }
  }

  echo "    </td>\n  </tr>\n";
  echotabledescription("发送完成, 邮件 $num_sent email(s) 全部发送.");
  echotablefooter();
  echohtmlfooter();

break;

case "user_emailactivate":

  if ($user = query_first("SELECT userid,username,email FROM news_user WHERE userid = '$id'")) {

    if ($temp_arr = query_first("SELECT id FROM news_activation WHERE (userid = $user[userid]) AND (type = 1)")) {
      query("DELETE FROM news_activation WHERE id = $temp_arr[id]");
    } else {
      adminerror("已经激活","会员你已经激活你的信箱帐户.");
    }

    mt_srand(time());
    $activateid = mt_rand(0,999999);

    query("INSERT INTO news_activation VALUES (NULL,'$id','".time()."','$activateid','1')");

    $user[username] = stripslashes($user[username]);

    eval("\$email_msg .= \"".returnpagebit("register_email_activation_msg")."\";");
    eval("\$email_subject .= \"".returnpagebit("register_email_activation_subject")."\";");

    if (@mail($user[email],$email_subject,$email_msg,"来自: $sitename Mailer <$webmasteremail>")) {
      echoadminredirect("admin.php?action=user");
      exit;
    } else {
      adminerror("邮件没有发送","邮件发送失败,请再试一次");
    }

  } else {
    adminerror("无效ID","你指定了一个无效id.");
  }

break;

case "user_pm":

  $staff_arr = array();
  $user_arr = array();
  $staff_count = array();
  $user_count = array();

  $getdata = query("SELECT COUNT(news_pm.id) AS count,news_pm.touserid,news_staff.id FROM news_pm LEFT JOIN news_staff ON news_staff.userid = news_pm.touserid WHERE (folder = 1) GROUP BY (news_pm.touserid) ORDER BY count DESC");

  while ($data_arr = fetch_array($getdata)) {
    if ($data_arr[id]) {
      $staff_arr[$data_arr[touserid]] += $data_arr[count];
    } else {
      $user_arr[$data_arr[touserid]] += $data_arr[count];
    }
  }

  if ($pmcountsent) {
    $getdata = query("SELECT COUNT(news_pm.id) AS count,news_pm.fromuserid,news_staff.id FROM news_pm LEFT JOIN news_staff ON news_staff.userid = news_pm.fromuserid WHERE (folder = 2) GROUP BY (news_pm.fromuserid) ORDER BY count DESC");

    while ($data_arr = fetch_array($getdata)) {
      if ($data_arr[id]) {
        $staff_arr[$data_arr[fromuserid]] += $data_arr[count];
      } else {
        $user_arr[$data_arr[fromuserid]] += $data_arr[count];
      }
    }
  }

  echohtmlheader();
  echotableheader("私人短消息系统",1);
  echotabledescription("这页你将看到会员使用的私人短消息系统.",1);

  $tablerows = returnminitablerow("<b>短消息编号</b>","<b>会员编号</b>","<b>选项</b>");

  echotabledescription("<b>管理员</b>: (".iif($pmlimitstaff,$pmlimitstaff."短消息限制","不限制").")",1);

  if ($staff_arr) {
    foreach ($staff_arr AS $key => $val) {
      $staff_count[$val][total] ++;
      $staff_count[$val][ids] .= iif(isset($staff_count[$val][ids]),",$key",$key);
    }
    foreach ($staff_count AS $key => $val) {
      $tablerows .= returnminitablerow($key,$val[total],returnlinkcode("显示所有管理员","admin.php?action=user_pmlist&id=$val[ids]"));
    }
    echotabledescription("\n".returnminitable($tablerows,0,100)."    ",1);
  } else {
    echotabledescription("没有来自管理员的短消息.",1);
  }

  echotabledescription("<b>会员</b>: (".iif($pmlimituser,$pmlimituser." 短消息限制","不限制").")",1);

  if ($user_arr) {
    unset($tablerows);
    foreach ($user_arr AS $key => $val) {
      $user_count[$val][total] ++;
      $user_count[$val][ids] .= iif(isset($user_count[$val][ids]),",$key",$key);
    }
    foreach ($user_count AS $key => $val) {
      $tablerows .= returnminitablerow($key,$val[total],returnlinkcode("显示所有会员","admin.php?action=user_pmlist&id=$val[ids]"));
    }
    echotabledescription("\n".returnminitable($tablerows,0,100)."    ",1);
  } else {
    echotabledescription("没有来自会员的短消息.",1);
  }

  echotablefooter();
  echohtmlfooter();

break;

case "user_pmlist":

  if (isset($id)) {  // This will stip any non-numerical values out
    $id = explode(",",$id);
    foreach ($id AS $val) {
      $ids[] = intval($val);
    }
    $id = join(",",$ids);
  } else {
    $id = 0;
  }

  $pmcount = query_first("SELECT COUNT(news_pm.id) AS count,news_staff.id FROM news_pm LEFT JOIN news_staff ON news_staff.userid = news_pm.touserid WHERE ((news_pm.touserid = ".substr($id,0,1).") AND (news_pm.folder = 1))".iif($pmcountsent," OR ((news_pm.fromuserid = ".substr($id,0,1).") AND (news_pm.folder = 2))","")." GROUP BY (news_pm.touserid)");

  $getdata = query("SELECT userid,username FROM news_user WHERE userid IN ($id) ORDER BY username");

  echohtmlheader();
  echotableheader(iif($pmcount[id],"管理员","会员")." With $pmcount[count] 私人短消息",1);
  echotabledescription("这将显示所有的 ".iif($pmcount[id],"管理员","会员")." with $pmcount[count] 私人短信息 (请注意, 如果你时常发送短消息并不加限制,那么他们将保存在这).",1);

  $tablerows = returnminitablerow("<b>姓名</b>","<b>选项</b>");

  while ($data_arr = fetch_array($getdata)) {
    $tablerows .= returnminitablerow(htmlspecialchars($data_arr[username]),returnlinkcode("编辑用户","admin.php?action=user_edit&id=$data_arr[userid]")." |".returnlinkcode("用户信箱","admin.php?action=user_email&id=$data_arr[userid]")." |".returnlinkcode("显示所有短信息","admin.php?action=user_pmuserlist&id=$data_arr[userid]")." |".returnlinkcode("删除所有短信息","admin.php?action=user_pm_delete&id=$data_arr[userid]&all=1")." |".returnlinkcode("发送新的短消息","user.php?action=pm_new&touserid=$data_arr[userid]"));
  }

  echotabledescription("\n".returnminitable($tablerows,0,100)."    ",1);
  echotablefooter();
  echohtmlfooter();

break;

case "user_pmuserlist":

  verifyid("news_user",$id,"userid");

  $user = query_first("SELECT userid,username FROM news_user WHERE userid = $id");

  echohtmlheader();
  echotableheader("显示私人短信",1);
  echotabledescription("下面显示用户的所有私人短信 ".htmlspecialchars($user[username]).", 编辑或删除私人短信点击下面的连接.",1);
  echotabledescription(returnlinkcode("编辑通讯录","admin.php?action=user_edit&id=$user[userid]")." |".returnlinkcode("删除所有私人短信","admin.php?action=user_pm_delete&id=$id&all=1")." |".returnlinkcode("发送私人短信","user.php?action=pm_new&touserid=$id",1));
  echotablefooter();

  echotableheader("收件箱 ".htmlspecialchars($user[username]),1);

  $getdata = query("SELECT news_pm.id,news_pm.subject,news_pm.fromuserid,news_user.username AS fromusername,news_pm.senddate FROM news_pm LEFT JOIN news_user ON news_user.userid = news_pm.fromuserid WHERE (news_pm.touserid = $id) AND (folder = 1)");

  $header = returnminitablerow("<b>标题t</b>","<b>来自</b>","<b>发送人</b>","<b>选项</b>");
  unset($tablerows);

  while ($data_arr = fetch_array($getdata)) {
    $tablerows .= returnminitablerow($data_arr[subject],returnlinkcode(htmlspecialchars($data_arr[fromusername]),"admin.php?action=user_edit&id=$data_arr[fromuserid]"),date($pmdate,$data_arr[senddate]-$timeoffset),returnlinkcode("编辑","admin.php?action=user_pm_edit&id=$data_arr[id]")." |".returnlinkcode("删除","admin.php?action=user_pm_delete&id=$data_arr[id]"));
  }

  if ($tablerows) {
    echotabledescription("\n".returnminitable($header.$tablerows,0,100)."    ",1);
  } else {
    echotabledescription("清空",1);
  }

  echotablefooter();

  echotableheader("发件箱 ".htmlspecialchars($user[username]),1);

  $getdata = query("SELECT news_pm.id,news_pm.subject,news_pm.touserid,news_user.username AS tousername,news_pm.senddate FROM news_pm LEFT JOIN news_user ON news_user.userid = news_pm.touserid WHERE (news_pm.fromuserid = $id) AND (folder = 2)");

  $header = returnminitablerow("<b>标题</b>","<b>发送到</b>","<b>发送者</b>","<b>选项</b>");
  unset($tablerows);

  while ($data_arr = fetch_array($getdata)) {
    $tablerows .= returnminitablerow($data_arr[subject],returnlinkcode(htmlspecialchars($data_arr[tousername]),"admin.php?action=user_edit&id=$data_arr[touserid]"),date($pmdate,$data_arr[senddate]-$timeoffset),returnlinkcode("编辑","admin.php?action=user_pm_edit&id=$data_arr[id]")." |".returnlinkcode("删除","admin.php?action=user_pm_delete&id=$data_arr[id]"));
  }

  if ($tablerows) {
    echotabledescription("\n".returnminitable($header.$tablerows,0,100)."    ",1);
  } else {
    echotabledescription("清空",1);
  }
  echotablefooter();
  echohtmlfooter();

break;

case "user_pm_edit":

  verifyid("news_pm",$id);

  $data_arr = query_first("SELECT
    news_pm.subject,
    news_pm.message,
    news_pm.senddate,
    news_pm.readdate,
    news_pm.touserid,
    news_pm.fromuserid,
    news_user.username AS tousername,
    news_pm.showsig
    FROM news_pm
    LEFT JOIN news_user ON news_user.userid = news_pm.touserid
    WHERE id = $id");

  $fromuserinfo = query_first("SELECT username FROM news_user WHERE userid = $data_arr[fromuserid]");
  $data_arr[fromusername] = $fromuserinfo[username];

  echohtmlheader("qhtmlcode");
  echoformheader("user_pm_update","编辑私人短信");
  updatehiddenvar("id",$id);
  echotablerow("来自:",returnlinkcode(htmlspecialchars($data_arr[fromusername]),"admin.php?action=user_edit&id=$data_arr[fromuserid]"));
  echotablerow("发送到:",returnlinkcode(htmlspecialchars($data_arr[tousername]),"admin.php?action=user_edit&id=$data_arr[touserid]"));
  echotablerow("发送时间:",date($pmdate,$data_arr[senddate]-$timeoffset));
  echotablerow("阅读时间:",iif($data_arr[readdate],date($pmdate,$data_arr[readdate]-$timeoffset),"Unread"));
  echoinputcode("标题:","subject",$data_arr[subject]);
  echoqhtmlhelp();
  echotextareacode("消息:","content",$data_arr[message],10,75);
  echoyesnocode("显示签名:","showsig",$data_arr[showsig]);
  echoyesnocode("自动解析URL's:","parseurl",$pmallowqhtmlcode);
  echoformfooter();
  echohtmlfooter();

break;

case "user_pm_update":

  if (($subject == "") | ($content == "")) {
    adminerror("空白栏目","所有栏目必须填写, 只有一个 <span class=\"red\">(可选)</span> 可以留空");
  }

  verifyid("news_pm",$id);

  query("UPDATE news_pm SET subject = '$subject' , message = '".iif($parseurl,autoparseurl($content),$content)."' , showsig = '$showsig' WHERE id = $id");

  writeallpages();
  echoadminredirect("admin.php?action=user_pm");
  exit;

break;

case "user_pm_delete":

  if ($all) {
    verifyid("news_user",$id,"userid");
  } else {
    verifyid("news_pm",$id);
  }
  echodeleteconfirm("私人短信","user_pm_kill",$id,iif($all," 这将删除这个成员的所有私人短信.",""),"&all=".iif($all,1,0));

break;

case "user_pm_kill":

  if ($all) {
    verifyid("news_user",$id,"userid");
  } else {
    verifyid("news_pm",$id);
    $user = query_first("SELECT fromuserid FROM news_pm WHERE id = $id");
  }

  query("DELETE FROM news_pm WHERE ".iif($all,"((touserid = $id) AND (folder = 1)) OR ((fromuserid = $id) AND (folder = 2))","id = $id"));

  writeallpages();
  if ($all) {
    echoadminredirect("admin.php?action=user_edit&id=$id");
  } else {
    echoadminredirect("admin.php?action=user_pmuserlist&id=$user[fromuserid]");
  }

  exit;

break;

default:
  adminerror("无效连接","你跳转到一个无效的连接");
}

/*======================================================================*\
|| ####################################################################
|| # VirtuaNews is not free software
|| # Downloaded: [WDYL-WTN]
|| # File: admin/user.php
|| ####################################################################
\*======================================================================*/

?>