misc.php

论坛软件系统亦称电子公告板(BBS)系统

	}

	include template('rate_view');

} elseif($action == 'pay') {

	if(!isset($extcredits[$creditstrans])) {
		showmessage('credits_transaction_disabled');
	} elseif($thread['price'] <= 0 || $thread['special'] <> 0) {
		showmessage('undefined_action', NULL, 'HALTED');
	} elseif(!$discuz_uid) {
		showmessage('group_nopermission', NULL, 'NOPERM');
	}

	if(($balance = ${'extcredits'.$creditstrans} - $thread['price']) < ($minbalance = 0)) {
		showmessage('credits_balance_insufficient');
	}

	$query = $db->query("SELECT COUNT(*) FROM {$tablepre}paymentlog WHERE tid='$tid' AND uid='$discuz_uid'");
	if($db->result($query, 0)) {
		showmessage('credits_buy_thread', 'viewthread.php?tid='.$tid);
	}

	$discuz_action = 81;

	$thread['netprice'] = floor($thread['price'] * (1 - $creditstax));

	if(!submitcheck('paysubmit')) {

		include template('pay');

	} else {

		$updateauthor = true;
		if($maxincperthread > 0) {
			$query = $db->query("SELECT SUM(netamount) FROM {$tablepre}paymentlog WHERE tid='$tid'");
			if(($db->result($query, 0)) > $maxincperthread) {
				$updateauthor = false;
			}
		}

		if($updateauthor) {
			$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans+$thread[netprice] WHERE uid='$thread[authorid]'");
		}

		$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans-$thread[price] WHERE uid='$discuz_uid'");
		$db->query("INSERT INTO {$tablepre}paymentlog (uid, tid, authorid, dateline, amount, netamount)
			VALUES ('$discuz_uid', '$tid', '$thread[authorid]', '$timestamp', '$thread[price]', '$thread[netprice]')");

		showmessage('thread_pay_succeed', "viewthread.php?tid=$tid");

	}

} elseif($action == 'viewpayments') {

	$discuz_action = 82;

	$loglist = array();
	$query = $db->query("SELECT p.*, m.username FROM {$tablepre}paymentlog p
		LEFT JOIN {$tablepre}members m USING (uid)
		WHERE tid='$tid' ORDER BY dateline");
	while($log = $db->fetch_array($query)) {
		$log['dateline'] = gmdate("$dateformat $timeformat", $log['dateline'] + $timeoffset * 3600);
		$loglist[] = $log;
	}

	include template('pay_view');

} elseif($action == 'report') {

	if(!$reportpost) {
		showmessage('thread_report_disabled');
	}

	if(!$discuz_uid) {
		showmessage('not_loggedin', NULL, 'HALTED');
	}

	if(!$thread || !is_numeric($pid)) {
		showmessage('undefined_action', NULL, 'HALTED');
	}

	$discuz_action = 123;

	$floodctrl = $floodctrl * 3;
	if($timestamp - $lastpost < $floodctrl) {
		showmessage('thread_report_flood_ctrl');
	}

	if(!submitcheck('reportsubmit')) {

		include template('reportpost');

	} else {

		$posturl = "{$boardurl}viewthread.php?tid=$tid".($page || $pid ? "&amp;page=$page#pid$pid" : NULL);

		$uids = 0;
		$adminids = '';
		$reportto = array();

		if(is_array($to) && count($to)) {

			if(isset($to[3])) {
				$query = $db->query("SELECT uid FROM {$tablepre}moderators WHERE fid='$fid'");
				while($member = $db->fetch_array($query)) {
					$uids .= ','.$member['uid'];
				}
			}

			if(!$uids || ($reportpost >= 2 && $to[2])) {
				$adminids .= ',2';
			}

			if($reportpost == 3 && $to[1]) {
				$adminids .= ',1';
			}

			if($adminids) {
				$query = $db->query("SELECT uid FROM {$tablepre}members WHERE adminid IN (".substr($adminids, 1).")");
				if(!$db->num_rows($query)) {
					$query = $db->query("SELECT uid FROM {$tablepre}members WHERE adminid='1'");
				}
				while($member = $db->fetch_array($query)) {
					$uids .= ','.$member['uid'];
				}
			}

			$query = $db->query("SELECT uid, ignorepm FROM {$tablepre}memberfields WHERE uid IN ($uids)");
			while($member = $db->fetch_array($query)) {
				if(!preg_match("/(^{ALL}$|(,|^)\s*".preg_quote($discuz_user, '/')."\s*(,|$))/i", $member['ignorepm'])) {
					if(!in_array($member['uid'], $reportto)) {
						$reportto[] = $member['uid'];
					}
				}
			}

			if($reportto) {
				$reason = stripslashes($reason);
				sendpm(implode(',', $reportto), 'reportpost_subject', 'reportpost_message');
			}

			$db->query("UPDATE {$tablepre}members SET lastpost='$timestamp' WHERE uid='$discuz_uid'");

			showmessage('thread_report_succeed', "viewthread.php?tid=$tid");

		} else {

			showmessage('thread_report_invalid');

		}

	}

} elseif($action == 'blog') {

	if(!$discuz_uid || (!$thread['blog'] && (!$allowuseblog || !$forum['allowshare']))) {
		showmessage('group_nopermission', NULL, 'NOPERM');
	}

	if($thread['authorid'] != $discuz_uid) {
		$query = $db->query("SELECT adminid FROM {$tablepre}members WHERE uid='$thread[authorid]'");
		$thread['adminid'] = $db->result($query, 0);
		if(!$forum['ismoderator'] || (in_array($thread['adminid'], array(1, 2, 3)) && $adminid > $thread['adminid'])) {
			showmessage('blog_add_illegal');
		}
	}

	if(!submitcheck('blogsubmit')) {

		include template('blog_addremove');

	} else {

		$blog = $thread['blog'] ? 0 : 1;
		$db->query("UPDATE {$tablepre}threads SET blog='$blog' WHERE tid='$tid'", 'UNBUFFERED');

		if($forum['ismoderator'] && $thread['authorid'] != $discuz_uid && $blog != $thread['blog']) {
			$reason = '';
			require_once DISCUZ_ROOT.'./include/misc.func.php';
			modlog($thread, ($thread['blog'] ? 'RBL' : 'ABL'));
		}

		showmessage('blog_add_succeed', "viewthread.php?tid=$tid");

	}

} elseif($action == 'viewthreadmod' && $tid) {

	$loglist = array();
	$query = $db->query("SELECT * FROM {$tablepre}threadsmod WHERE tid='$tid' ORDER BY dateline DESC");
	while($log = $db->fetch_array($query)) {
		$log['dateline'] = gmdate("$dateformat $timeformat", $log['dateline'] + $timeoffset * 3600);
		$log['expiration'] = !empty($log['expiration']) ? gmdate("$dateformat", $log['expiration'] + $timeoffset * 3600) : '';
		$log['status'] = empty($log['status']) ? 'style="text-decoration: line-through" disabled' : '';
		$loglist[] = $log;
	}

	if(empty($loglist)) {
		showmessage('threadmod_nonexistence');
	} else {
		include_once language('modactions');
	}

	include template('viewthread_mod');

} elseif($action == 'bestanswer' && $tid && $pid && submitcheck('bestanswersubmit')) {

	$forward = 'viewthread.php?tid='.$tid;

	$query = $db->query("SELECT authorid, first FROM {$tablepre}posts WHERE pid='$pid' and tid='$tid'");

	if(!($thread['special'] == 3 && ($post = $db->fetch_array($query)) && ($forum['ismoderator'] || $thread['authorid'] == $discuz_uid) && $post['authorid'] != $thread['authorid'] && $post['first'] == 0 && $discuz_uid != $post['authorid'])){
		showmessage('reward_cant_operate');
	} elseif($post['authorid'] == $thread['authorid']) {
		showmessage('reward_cant_self');
	} elseif($thread['price'] < 0) {
		showmessage('reward_repeat_selection');
	}
	$thread['netprice'] = ceil($price * ( 1 + $creditstax) );
	$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans+$thread[price] WHERE uid='$post[authorid]'");
	$db->query("DELETE FROM {$tablepre}rewardlog WHERE tid='$tid' and answererid='$post[authorid]'");
	$db->query("UPDATE {$tablepre}rewardlog SET answererid='$post[authorid]' WHERE tid='$tid' and authorid='$thread[authorid]'");
	$thread['price'] = '-'.$thread['price'];
	$db->query("UPDATE {$tablepre}threads SET price='$thread[price]' WHERE tid='$tid'");
	$db->query("UPDATE {$tablepre}posts SET dateline=$thread[dateline]+1 WHERE pid='$pid'");

	$thread['dateline'] = gmdate("$dateformat $timeformat", $thread['dateline'] + $timeoffset * 3600);
	if($discuz_uid != $thread['authorid']) {
		sendpm($thread['authorid'], 'reward_question_subject', 'reward_question_message', $discuz_uid, $discuz_user);
	}
	sendpm($post['authorid'], 'reward_bestanswer_subject', 'reward_bestanswer_message', $discuz_uid, $discuz_user);

	showmessage('reward_completion', $forward);

} elseif($action == 'activityapplies') {

	if(!$discuz_uid) {
		showmessage('undefined_action', NULL, 'HALTED');
	}

	if(submitcheck('activitysubmit')) {
		$query = $db->query("SELECT expiration FROM {$tablepre}activities WHERE tid='$tid'");
		$expiration = $db->result($query, 0);
		if($expiration && $expiration < $timestamp - date('Z')) {
			showmessage('activity_stop');
		}

		$query = $db->query("SELECT applyid FROM {$tablepre}activityapplies WHERE tid='$tid' and username='$discuz_user'");
		if($db->num_rows($query)) {
			showmessage('activity_repeat_apply', "viewthread.php?tid=$tid&amp;extra=$extra");
		}
		$payvalue = intval($payvalue);
		$payment = $payment ? $payvalue : -1;
		$message = dhtmlspecialchars($message);

		$db->query("INSERT INTO {$tablepre}activityapplies (tid, username, uid, message, verified, dateline, payment)
			VALUES ('$tid', '$discuz_user', '$discuz_uid', '$message', '0', '$timestamp', '$payment')");

		showmessage('activity_completion', "viewthread.php?tid=$tid&amp;extra=$extra");
	}

} elseif($action == 'activityapplylist') {

	$query = $db->query("SELECT * FROM {$tablepre}activities WHERE tid='$tid'");
	$activity = $db->fetch_array($query);

	if(!submitcheck('applylistsubmit')) {

		$page = empty($page) || !ispage($page) ? 1 : $page;
		$start_limit = ($page - 1) * $tpp;

		$query = $db->query("SELECT fid, name FROM {$tablepre}forums WHERE fid='$forum[fup]'");
		$fup = $db->fetch_array($query);
		$navigation = "&raquo; <a href=\"forumdisplay.php?fid=$fid\">$forum[name]</a> ";
		$query = $db->query("SELECT subject, authorid FROM {$tablepre}threads WHERE tid='$tid'");
		if($thread = $db->fetch_array($query)) {
			$navigation .= " &raquo; <a href=\"viewthread.php?tid=$tid\">$thread[subject]</a> ";
		} else {
			showmessage('thread_nonexistence');
		}

		$isverified = $applied = 0;
		if($discuz_uid) {
			$query = $db->query("SELECT verified FROM {$tablepre}activityapplies WHERE tid='$tid' AND uid='$discuz_uid'");
			if($db->num_rows($query)) {
				$isverified = $db->result($query, 0);
				$applied = 1;
			}
		}

		$sqlverified = $thread['authorid'] == $discuz_uid ? '' : 'AND verified=1';

		$query = $db->query("SELECT COUNT(*) FROM {$tablepre}activityapplies WHERE tid='$tid' $sqlverified");
		$multipage = multi($db->result($query, 0), $tpp, $page, "misc.php?action=activityapplylist&amp;tid=$tid");

		$query = $db->query("SELECT applyid, username, uid, message, verified, dateline, payment FROM {$tablepre}activityapplies WHERE tid='$tid' $sqlverified ORDER BY dateline DESC LIMIT $start_limit, $tpp");
		while($activityapplies = $db->fetch_array($query)) {
			$activityapplies['dateline'] = gmdate("$dateformat $timeformat", $activityapplies['dateline'] + $timeoffset * 3600);
			$applylist[] = $activityapplies;
		}

		$activity['starttimefrom'] = date("$dateformat $timeformat", $activity['starttimefrom'] + $timeoffset * 3600);
		$activity['starttimeto'] = $activity['starttimeto'] ? date("$dateformat $timeformat", $activity['starttimeto'] + $timeoffset * 3600) : 0;
		$activity['expiration'] = $activity['expiration'] ? date("$dateformat $timeformat", $activity['expiration'] + $timeoffset * 3600) : 0;

		$frommisc = $applied = 1;

		$query = $db->query("SELECT COUNT(*) FROM {$tablepre}activityapplies WHERE tid='$tid' AND verified=1");
		$applynumbers = $db->result($query, 0);

		include template('activity_applylist');
	} else {
		$query = $db->query("SELECT subject, authorid FROM {$tablepre}threads WHERE tid='$tid'");
		if($thread = $db->fetch_array($query)) {
			if($thread['authorid'] != $discuz_uid || empty($applyidarray)) {
				showmessage('activity_choice_applicant', "misc.php?action=activityapplylist&amp;tid=$tid");
			} else {
				$applyid = implode('\',\'', $applyidarray);
				$db->query("UPDATE {$tablepre}activityapplies SET verified=1 WHERE applyid IN ('$applyid')", 'UNBUFFERED');

				$query=$db->query("SELECT m.uid FROM {$tablepre}activityapplies a JOIN {$tablepre}members m USING (username) WHERE applyid IN ('$applyid')");
				while($uid = $db->fetch_array($query)) {
					$uidarray[] = $uid['uid'];
				}
				$activity_subject = $thread['subject'];

				sendpm(implode(',', $uidarray), 'activity_apply_subject', 'activity_apply_message', $fromid = '0', $from = 'System Message');

				showmessage('activity_auditing_completion', "misc.php?action=activityapplylist&amp;tid=$tid");
			}
		} else {
			showmessage('thread_nonexistence');
		}
	}

}

?>