memcp.php
来自「论坛软件系统亦称电子公告板(BBS)系统」· PHP 代码 · 共 828 行 · 第 1/3 页
PHP
828 行
<?php
/*
[Discuz!] (C)2001-2006 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$RCSfile: memcp.php,v $
$Revision: 1.50.2.1 $
$Date: 2006/09/01 06:15:00 $
*/
require_once './include/common.inc.php';
$discuz_action = 7;
$avatarextarray = array('gif', 'jpg', 'png');
if(!$discuz_uid) {
showmessage('not_loggedin', NULL, 'HALTED');
}
$exchcredits = array();
foreach($extcredits as $id => $credit) {
if($credit['ratio']) {
$exchcredits[$id] = $credit;
}
}
$exchangestatus = count($exchcredits) >= 2 ? 1 : 0;
$transferstatus = isset($extcredits[$creditstrans]) && $allowtransfer;
if($allowavatar || $avatarshowstatus || $allownickname) {
$query = $db->query("SELECT mf.nickname, mf.avatar, mf.avatarwidth, mf.avatarheight, m.avatarshowid, m.gender, m.groupid
FROM {$tablepre}memberfields mf, {$tablepre}members m WHERE m.uid='$discuz_uid' AND mf.uid=m.uid");
$member = $db->fetch_array($query);
} else {
$member = array('nickname' => '', 'avatar' => '', 'avatarshowid' => 0);
}
$avatar = $avatarshowstatus != 2 && $member['avatar'] ? "<div class=\"avatar\" style=\"width: ".$member['avatarwidth']."\"><img src=\"$member[avatar]\" width=\"$member[avatarwidth]\" height=\"$member[avatarheight]\" border=\"0\" alt=\"\" /></div>" : '<img class="avatar" src="images/avatars/noavatar.gif" alt="" />';
$avatar = $avatarshowstatus == 1 && $member['avatarshowid'] || $avatarshowstatus == 2 ? $avatar = avatarshow($member['avatarshowid'], $member['gender']) : $avatar;
if(!isset($action)) {
$validating = array();
if($regverify == 2 && $groupid == 8) {
$query = $db->query("SELECT * FROM {$tablepre}validating WHERE uid='$discuz_uid'");
if($validating = $db->fetch_array($query)) {
$validating['moddate'] = $validating['moddate'] ? gmdate("$dateformat $timeformat", $validating['moddate'] + $timeoffset * 3600) : 0;
$validating['adminenc'] = rawurlencode($validating['admin']);
}
}
$buddyonline = $buddyoffline = array();
$query = $db->query("SELECT b.buddyid AS uid, b.description, m.username, s.username AS onlineuser
FROM {$tablepre}buddys b
LEFT JOIN {$tablepre}members m ON m.uid=b.buddyid
LEFT JOIN {$tablepre}sessions s ON s.uid=m.uid AND s.invisible='0'
WHERE b.uid='$discuz_uid'");
while($buddy = $db->fetch_array($query)) {
$buddyuser = array('uid' => $buddy['uid'], 'username' => ($buddy['username'] ? $buddy['username'] : 'User was Deleted'), 'description' => $buddy['description']);
$buddy['onlineuser'] ? $buddyonline[] = $buddyuser : $buddyoffline[] = $buddyuser;
}
$msgexists = 0;
$msglist = array();
$query = $db->query("SELECT * FROM {$tablepre}pms WHERE msgtoid='$discuz_uid' AND folder='inbox' ORDER BY dateline DESC LIMIT 0, 5");
while($message = $db->fetch_array($query)) {
$msgexists = 1;
$message['dateline'] = gmdate("$dateformat $timeformat", $message['dateline'] + $timeoffset * 3600);
$message['subject'] = $message['new'] ? "<b>$message[subject]</b>" : $message['subject'];
$msglist[] = $message;
}
$subsexists = 0;
$subslist = array();
$query = $db->query("SELECT t.tid, t.fid, t.subject, t.replies, t.lastpost, t.lastposter, f.name
FROM {$tablepre}subscriptions s, {$tablepre}threads t, {$tablepre}forums f
WHERE t.tid=s.tid AND t.displayorder>='0' AND f.fid=t.fid AND s.uid='$discuz_uid' ORDER BY t.lastpost DESC LIMIT 5");
while($subs = $db->fetch_array($query)) {
$subsexists = 1;
$subs['lastposterenc'] = rawurlencode($subs['lastposter']);
$subs['lastpost'] = gmdate("$dateformat $timeformat", $subs['lastpost'] + $timeoffset * 3600);
$subslist[] = $subs;
}
include template('memcp_home');
} elseif($action == 'profile') {
require_once DISCUZ_ROOT.'./forumdata/cache/cache_profilefields.php';
$query = $db->query("SELECT * FROM {$tablepre}members m
LEFT JOIN {$tablepre}memberfields mf ON mf.uid=m.uid
WHERE m.uid='$discuz_uid'");
$member = $db->fetch_array($query);
//get secure code checking status (pos. -5)
$seccodecheck = substr(sprintf('%05b', $seccodestatus), -5, 1);
if(!submitcheck('editsubmit', 0, $seccodecheck)) {
$enctype = $allowavatar == 3 ? 'enctype="multipart/form-data"' : '';
$invisiblechecked = $member['invisible'] ? 'checked' : '';
$emailchecked = $member['showemail'] ? 'checked' : '';
$newschecked = $member['newsletter'] ? 'checked' : '';
$gendercheck = array($member['gender'] => 'checked');
$tppchecked = array($member['tpp'] => 'selected="selected"');
$pppchecked = array($member['ppp'] => 'selected="selected"');
$toselect = array(strval((float)$member['timeoffset']) => 'selected="selected"');
$pscheck = array(intval($member['pmsound']) => 'checked');
$styleselect = '';
$query = $db->query("SELECT styleid, name FROM {$tablepre}styles WHERE available='1'");
while($style = $db->fetch_array($query)) {
$styleselect .= "<option value=\"$style[styleid]\" ".
($style['styleid'] == $member['styleid'] ? 'selected="selected"' : NULL).
">$style[name]</option>\n";
}
$dayselect = '';
for($num = 1; $num <= 31; $num++) {
$dayselect .= "<option value=\"$num\" ".($bday[2] == $num ? 'selected="selected"' : '').">$num</option>\n";
}
$avatarshow = avatarshow($member['avatarshowid'], $member['gender']);
if(substr(trim($member['avatar']), 0, 14) == 'customavatars/' && !file_exists(DISCUZ_ROOT.'./'.$member['avatar'])) {
$db->query("UPDATE {$tablepre}memberfields SET avatar='', avatarwidth='0', avatarheight='0' WHERE uid='$discuz_uid'");
$member['avatar'] = '';
}
$emcheck = array($member['editormode'] => 'selected="selected"');
$customshow = str_pad(base_convert($member['customshow'], 10, 3), 3, 0, STR_PAD_LEFT);
$sschecked = array($customshow{0} => 'selected="selected"');
$sachecked = array($customshow{1} => 'selected="selected"');
$sichecked = array($customshow{2} => 'selected="selected"');
$member['dateformat'] = str_replace('n', 'mm', $member['dateformat']);
$member['dateformat'] = str_replace('j', 'dd', $member['dateformat']);
$member['dateformat'] = str_replace('y', 'yy', $member['dateformat']);
$member['dateformat'] = str_replace('Y', 'yyyy', $member['dateformat']);
$tfcheck = array($member['timeformat'] => 'checked');
$dfcheck = $member['dateformat'] ? array(1 => 'checked') : array(0 => 'checked');
if($seccodecheck) {
$seccode = random(4, 1);
}
include template('memcp_profile');
} else {
require_once DISCUZ_ROOT.'./include/discuzcode.func.php';
include_once DISCUZ_ROOT.'./forumdata/cache/cache_bbcodes.php';
if(!$passport_status) {
$newpasswdadd = '';
$secquesnew = $questionidnew == -1 ? $discuz_secques : quescrypt($questionidnew, $answernew);
if($newpassword || $secquesnew != $discuz_secques) {
if(md5($oldpassword) != $discuz_pw) {
showmessage('profile_passwd_wrong', NULL, 'HALTED');
}
if($newpassword) {
if($newpassword != addslashes($newpassword)) {
showmessage('profile_passwd_illegal');
} elseif($newpassword != $newpassword2) {
showmessage('profile_passwd_notmatch');
}
$newpasswdadd = ", password='".md5($newpassword)."'";
}
}
if(($adminid == 1 || $adminid == 2 || $adminid == 3) && !$secquesnew && $forcesecques) {
showmessage('profile_admin_security_invalid');
}
}
$fieldadd = '';
foreach(array_merge($_DCACHE['fields_required'], $_DCACHE['fields_optional']) as $field) {
$field_key = 'field_'.$field['fieldid'];
$field_val = trim(${'field_'.$field['fieldid'].'new'});
if($field['required'] && $field_val == '' && !($field['unchangeable'] && $member[$field_key])) {
showmessage('profile_required_info_invalid');
} elseif($field['selective'] && $field_val != '' && !isset($field['choices'][$field_val])) {
showmessage('undefined_action', NULL, 'HALTED');
} elseif(!$field['unchangeable'] || !$member[$field_key]) {
$fieldadd .= ", $field_key='".dhtmlspecialchars($field_val)."'";
}
}
$censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($censoruser = trim($censoruser)), '/')).')$/i';
if($censoruser && (@preg_match($censorexp, $nicknamenew) || @preg_match($censorexp, $cstatusnew))) {
showmessage('profile_nickname_cstatus_illegal');
}
if($emailnew != $member['email']) {
if(md5($oldpassword) != $discuz_pw && !$passport_status) {
showmessage('profile_passwd_wrong', NULL, 'HALTED');
} else {
$emailnew = $passport_status ? $member['email'] : $emailnew;
$accessexp = '/('.str_replace("\r\n", '|', preg_quote($accessemail, '/')).')$/i';
$censorexp = '/('.str_replace("\r\n", '|', preg_quote($censoremail, '/')).')$/i';
$invalidemail = $accessemail ? !preg_match($accessexp, $emailnew) : $censoremail && preg_match($censorexp, $emailnew);
if(!isemail($emailnew) || $invalidemail) {
showmessage('profile_email_illegal');
}
}
}
if($alipaynew && !isemail($alipaynew)) {
showmessage('profile_alipay_illegal');
}
if($maxsigsize) {
if(strlen($signaturenew) > $maxsigsize) {
showmessage('profile_sig_toolong');
}
} else {
$signaturenew = '';
}
$avataradd = $avatar = '';
$avatarimagesize = array();
if($allowavatar == 3 && disuploadedfile($_FILES['customavatar']['tmp_name']) && $_FILES['customavatar']['tmp_name'] != 'none' && $_FILES['customavatar']['tmp_name'] && trim($_FILES['customavatar']['name'])) {
$_FILES['customavatar']['name'] = daddslashes($_FILES['customavatar']['name']);
$avatarext = strtolower(fileext($_FILES['customavatar']['name']));
if(is_array($avatarextarray) && !in_array($avatarext, $avatarextarray)) {
showmessage('profile_avatar_invalid');
}
$avatar = 'customavatars/'.$discuz_uid.'.'.$avatarext;
$avatartarget = DISCUZ_ROOT.'./'.$avatar;
if(!@copy($_FILES['customavatar']['tmp_name'], $avatartarget)) {
@move_uploaded_file($_FILES['customavatar']['tmp_name'], $avatartarget);
}
$avatarimagesize = @getimagesize($avatartarget);
if(!$avatarimagesize || ($maxavatarsize && @filesize($avatartarget) > $maxavatarsize)) {
@unlink($avatartarget);
showmessage($avatarimagesize ? 'profile_avatar_toobig' : 'profile_avatar_invalid');
}
foreach($avatarextarray as $ext) {
if($ext != $avatarext) {
@unlink(DISCUZ_ROOT.'./customavatars/'.$discuz_uid.'.'.$ext);
}
}
} elseif(($allowavatar == 2 || $allowavatar == 3) && $urlavatar) {
if(!preg_match("/^(http:\/\/.+?)|(images\/avatars\/.+?)|(customavatars\/.+?)$/i", $urlavatar)) {
showmessage('profile_avatar_invalid');
}
$avatarimagesize = @getimagesize($urlavatar);
$avatar = $urlavatar;
} elseif(($allowavatar == 1 || $allowavatar == 2 || $allowavatar == 3) && $systemavatar) {
if(!preg_match("/^(images\/avatars\/.+?)$/i", $systemavatar)) {
showmessage('profile_avatar_invalid');
}
$avatarimagesize = @getimagesize($systemavatar);
$avatar = $systemavatar;
}
if($avatar) {
if(!in_array(strtolower(fileext($avatar)), array('gif', 'jpg', 'png'))) {
showmessage('profile_avatar_invalid');
}
$avatar = dhtmlspecialchars(trim($avatar));
if($avatarwidthnew == '*' || $avatarheightnew == '*' || $avatarwidthnew == '' || $avatarheightnew == '') {
$avatarwidthnew = $avatarheightnew = ($maxavatarpixel ? round($maxavatarpixel * 0.6) : 80);
@list($avatarwidthnew, $avatarheightnew) = $avatarimagesize ? $avatarimagesize : array($avatarwidthnew, $avatarheightnew);
}
$maxsize = max($avatarwidthnew, $avatarheightnew);
if($maxsize > $maxavatarpixel) {
$avatarwidthnew = $avatarwidthnew * $maxavatarpixel / $maxsize;
$avatarheightnew = $avatarheightnew * $maxavatarpixel / $maxsize;
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?