members.inc.php

Discuz! 论坛软件系统 Discuz_TC_UTF8.rar

<?php

/*
	[DISCUZ!] admin/members.inc.php - config of members and usergroups
	This is NOT a freeware, use is subject to license terms

	Version: 4.0.0
	Web: http://www.comsenz.com
	Copyright: 2001-2005 Comsenz Technology Ltd.
	Last Modified: 2005-4-5 11:19
*/

if(!defined('IN_DISCUZ') || !isset($PHP_SELF) || !preg_match("/[\/\\\\]admincp\.php$/", $PHP_SELF)) {
        exit('Access Denied');
}

cpheader();

if($action == 'memberadd') {

	if(!submitcheck('addsubmit')) {

		updatecache('settings');

?>
<br><form method="post" action="admincp.php?action=memberadd">
<input type="hidden" name="formhash" value="<?=FORMHASH?>">
<table cellspacing="<?=INNERBORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="80%" align="center" class="tableborder">

<tr><td class="header" colspan="2"><?=$lang['members_add']?></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_add_uid_range']?></td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="uidlowerlimit" size="5"> - <input type="text" name="uidupperlimit" size="5"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['username']?>:</td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="newusername"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['password']?>:</td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="newpassword"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['email']?>:</td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="newemail"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_add_email_notify']?></td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="checkbox" name="emailnotify" value="yes" checked></td></tr>

</table><br>
<center><input type="submit" name="addsubmit" value="<?=$lang['submit']?>"></center>
</form>
<?

	} else {

		$newusername = trim($newusername);
		$newpassword = trim($newpassword);
		$newemail = trim($newemail);

		if(!$newusername || !$newpassword || !$newemail) {
			cpmsg('members_add_invalid');
		}

		$query = $db->query("SELECT uid FROM {$tablepre}members WHERE username='$newusername'");
		if($db->num_rows($query)) {
			cpmsg('members_add_username_duplicate');
		}

		$uid = 0;
		$uidadd1 = $uidadd2 = '';
		if($uidupperlimit != '' && $uidlowerlimit != '') {
			$lastuid = 0;
			$query = $db->query("SELECT * FROM {$tablepre}members WHERE uid BETWEEN '$uidlowerlimit' AND '$uidupperlimit' ORDER BY uid");
			while($member = $db->fetch_array($query)) {
				if($lastuid && $member['uid'] - $lastuid > 1) {
					$uid = $lastuid + 1;
					break;
				}
				$lastuid = $member['uid'];
			}
			if($uid) {
				$uidadd1 = 'uid, ';
				$uidadd2 = $uid.', ';
			} else {
				cpmsg('members_add_uid_invalid');
			}
		}

		$query = $db->query("SELECT groupid FROM {$tablepre}usergroups WHERE type='member' AND creditshigher='0'");
		$newgroupid = $db->result($query, 0);

		$db->query("INSERT INTO {$tablepre}members ($uidadd1 username, password, secques, gender, adminid, groupid, regip, regdate, lastvisit, lastactivity, posts, credits, email, bday, sigstatus, tpp, ppp, styleid, dateformat, timeformat, showemail, newsletter, invisible, timeoffset)
			VALUES ($uidadd2 '$newusername', '".md5($newpassword)."', '', '0', '0', '$newgroupid', 'Manual Acting', '$timestamp', '$timestamp', '$timestamp', '0', '0', '$newemail', '0000-00-00', '0', '0', '0', '0', '{$_DCACHE[settings][dateformat]}', '{$_DCACHE[settings][timeformat]}', '1', '1', '0', '{$_DCACHE[settings][timeoffset]}')");
		$uid = $db->insert_id();

		$db->query("REPLACE INTO {$tablepre}memberfields (uid) VALUES ('$uid')");

		if($emailnotify == 'yes') {
			sendmail($newemail, 'add_member_subject', 'add_member_message');
		}

		updatecache('settings');
		cpmsg('members_add_succeed');
	}

} elseif($action == 'members') {

	if(!submitcheck('searchsubmit', 1) && !submitcheck('deletesubmit') && !submitcheck('editsubmit')) {

		$adminselect = $groupselect = $extgroupselect = '';
		$query = $db->query("SELECT groupid, grouptitle FROM {$tablepre}usergroups WHERE groupid NOT IN ('6', '7') ORDER BY (creditshigher<>'0' || creditslower<>'0'), creditslower");
		while($group = $db->fetch_array($query)) {
			$select = "<option value=\"$group[groupid]\">$group[grouptitle]</option>\n";
			$group['groupid'] <= 3 ? $adminselect .= $select : $groupselect .= $select;
			$extgroupselect .= $select;
		}

		$searchcredits = '';
		foreach($extcredits as $id => $credit) {
			$searchcredits .= "<tr><td class=\"altbg1\">$credit[title] $lang[members_search_lower]:</td>\n".
				"<td align=\"right\" class=\"altbg2\"><input type=\"text\" name=\"lower[extcredits$id]\" size=\"40\"></td></tr>\n".
				"<tr><td class=\"altbg1\">$credit[title] $lang[members_search_higher]:</td>\n".
				"<td align=\"right\" class=\"altbg2\"><input type=\"text\" name=\"higher[extcredits$id]\" size=\"40\"></td></tr>\n";
		}

?>
<br><form method="post" action="admincp.php?action=members">
<input type="hidden" name="formhash" value="<?=FORMHASH?>">
<table cellspacing="<?=INNERBORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="80%" align="center" class="tableborder">

<tr><td class="header" colspan="2"><?=$lang['members_search']?></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['admingroup']?>:</td>
<td align="right" bgcolor="<?=ALTBG2?>">
<select name="admingroupid">
<option value=""><?=$lang['members_search_all_groups']?></option>
<?=$adminselect?>
</select></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_search_group']?></td>
<td align="right" bgcolor="<?=ALTBG2?>">
<select name="usergroupid">
<option value=""><?=$lang['members_search_all_groups']?></option>
<?=$groupselect?>
</select></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_search_extgroup']?></td>
<td align="right" bgcolor="<?=ALTBG2?>">
<select name="extusergroupid">
<option value=""><?=$lang['members_search_all_groups']?></option>
<?=$extgroupselect?>
</select></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_search_user']?></td>
<td align="right" bgcolor="<?=ALTBG2?>">
<?=$lang['case_insensitive']?> <input type="checkbox" name="cins" value="1">
<br><input type="text" name="username" size="40"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_search_email']?></td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="srchemail" size="40"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_search_regdatebefore']?></td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="regdatebefore" size="40"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_search_regdateafter']?></td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="regdateafter" size="40"></td></tr>

<tr><td class="altbg1"><?=$lang['credits']?> <?=$lang['members_search_lower']?>:</td>
<td align="right" class="altbg2"><input type="text" name="lower[credits]" size="40"></td></tr>

<tr><td class="altbg1"><?=$lang['credits']?> <?=$lang['members_search_higher']?>:</td>
<td align="right" class="altbg2"><input type="text" name="higher[credits]" size="40"></td></tr>

<?=$searchcredits?>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_postslower']?>:</td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="postslower" size="40"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_postshigher']?>:</td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="postshigher" size="40"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_search_awaydays']?></td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="awaydays" size="40"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_search_regip']?></td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="regip" size="40"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>"><?=$lang['members_search_lastip']?></td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="lastip" size="40"></td></tr>

</table><br><center>
<input type="submit" name="searchsubmit" value="<?=$lang['members_search']?>"> &nbsp; 
<input type="submit" name="deletesubmit" value="<?=$lang['members_delete']?>"></center></form>
<?

	} elseif(submitcheck('searchsubmit', 1) || submitcheck('deletesubmit')) {

		$memberperpage = 100;

		$page = !ispage($page) ? 1 : $page;
		$start_limit = ($page - 1) * $memberperpage;

		$conditions = '1';
		$conditions .= $username != '' ? " AND ".($cins ? '' : 'BINARY')." username LIKE '".str_replace('*', '%', $username)."'" : '';
		$conditions .= $srchemail != '' ? " AND email LIKE '".str_replace('*', '%', $srchemail)."'" : '';
		$conditions .= $admingroupid != '' ? " AND adminid='$admingroupid'" : '';
		$conditions .= $usergroupid != '' ? " AND groupid='$usergroupid'" : '';
		$conditions .= $extusergroupid != '' ? " AND extgroupids REGEXP '(^|\t)$extusergroupid(\t|\$)'" : '';

		$conditions .= $regdatebefore != '' ? " AND regdate<'".strtotime($regdatebefore)."'" : '';
		$conditions .= $regdateafter != '' ? " AND regdate>'".strtotime($regdateafter)."'" : '';
   
		if(is_array($higher)) {
			foreach($higher as $credit => $value) {
				if($value != '') {
					$conditions .= " AND $credit>'$value'";
				}
			}
		}
		if(is_array($higher)) {
			foreach($lower as $credit => $value) {
				if($value != '') {
					$conditions .= " AND $credit<'$value'";
				}
			}
		}

		$conditions .= $postshigher != '' ? " AND posts>'$postshigher'" : '';
		$conditions .= $postslower != '' ? " AND posts<'$postslower'" : '';

		$conditions .= $awaydays != '' ? " AND lastactivity<'".($timestamp - $awaydays * 86400)."'" : '';
		$conditions .= $regip != '' ? " AND regip LIKE '$regip%'" : '';
		$conditions .= $lastip != '' ? " AND lastip LIKE '$lastip%'" : '';

		if(!$conditions && !submitcheck('deletesubmit')) {
			cpmsg('members_search_invalid');
		}

		$query = $db->query("SELECT COUNT(*) FROM {$tablepre}members WHERE $conditions");
		$membernum = $db->result($query, 0);

		if(submitcheck('searchsubmit', 1)) {

			$urladd = '';
			foreach(array('lower', 'higher') as $key) {
				if(is_array($$key)) {
					foreach($$key as $column => $value) {
						$urladd .= '&'.$key.'['.$column.']='.rawurlencode($value);
					}
				}
			}

			$multipage = multi($membernum, $memberperpage, $page, "admincp.php?action=members$urladd&searchsubmit=yes&cins=$cins&username=$username&srchemail=$srchemail&admingroupid=$admingroupid&usergroupid=$usergroupid&extusergroupid=$extusergroupid&regdatebefore=$regdatebefore&regdateafter=$regdateafter&creditshigher=$creditshigher&creditslower=$creditslower&postshigher=$postshigher&postslower=$postslower&awaydays=$awaydays&regip=$regip&lastip=$lastip");

			$usergroups = array();
			$query = $db->query("SELECT groupid, type, grouptitle FROM {$tablepre}usergroups");
			while($group = $db->fetch_array($query)) {
				switch($group['type']) {
					case 'system': $group['grouptitle'] = '<b>'.$group['grouptitle'].'</b>'; break;