memcp.php

xm2sv1.0寻梦二手网 v1.0,一个经过我调试的PHP原代码,有机会大家多交流哈

<?php

/*
	[DISCUZ!] memcp.php - member's control panel
	This is NOT a freeware, use is subject to license terms

	Version: 2.0.0
	Author: Crossday (info@discuz.net)
	Copyright: Crossday Studio (www.crossday.com)
	Last Modified: 2002/12/6 17:00
*/

require './include/common.php';

$discuz_action = 7;

if(!$discuz_user || !$discuz_pw) {
	showmessage('not_loggedin');
}

if(!isset($action)) {

	$query = $db->query("SELECT avatar FROM $table_members WHERE username='$discuz_user'");
	$avatar = $db->result($query, 0);

	$buddyonline = $buddyoffline = array();
	$query = $db->query("SELECT b.*, s.username AS onlineuser FROM $table_buddys b LEFT JOIN $table_sessions s ON s.username=b.buddyname WHERE b.username='$discuz_user'");
	while($buddy = $db->fetch_array($query)) {
		$buddyuser = array('buddy' => $buddy['buddyname'], 'buddyenc' => rawurlencode($buddy['buddyname']));
		if($buddy['onlineuser']) {
			$buddyonline[] = $buddyuser;
		} else {
			$buddyoffline[] = $buddyuser;
		}
	}

	$avatar = $avatar ? image($avatar) : "&nbsp;";

	$msgexists = 0;
	$msglist = array();
	$query = $db->query("SELECT * FROM $table_pm WHERE msgto='$discuz_user' AND folder='inbox' ORDER BY dateline DESC LIMIT 0, 5");
	while($message = $db->fetch_array($query)) {
		$msgexists = 1;
		$message['dateline'] = gmdate("$dateformat $timeformat", $message['dateline'] + $timeoffset * 3600);
		$message['subject'] = $message['new'] ? "<b>$message[subject]</b>" : $message['subject'];

		$msglist[] = $message;
	}

	$subsexists = 0;
	$subslist = array();
	$query = $db->query("SELECT t.*, f.name FROM $table_subscriptions s, $table_threads t, $table_forums f WHERE t.tid=s.tid AND f.fid=t.fid AND s.username='$discuz_user' ORDER BY t.lastpost DESC LIMIT 0, 5");
	while($subs = $db->fetch_array($query)) {
		$subsexists = 1;
		$subs['lastposterenc'] = rawurlencode($subs['lastposter']);
		$subs['lastpost'] = gmdate("$dateformat $timeformat", $subs['lastpost'] + $timeoffset * 3600);

		$subslist[] = $subs;
	}

	include template('memcp_home');

} elseif($action == 'profile') {

	if(!$editsubmit) {

		$query = $db->query("SELECT * FROM $table_members WHERE username='$discuz_user'");
		$member = $db->fetch_array($query);

		$emailchecked = $member['showemail'] ? 'checked="checked"' : NULL;
		$newschecked = $member['newsletter'] ? 'checked="checked"' : NULL;
		$tppchecked = array($member['tpp'] => 'selected="selected"');
		$pppchecked = array($member['ppp'] => 'selected="selected"');
		
		$currtime = gmdate($timeformat);

		if($member['gender'] == 1) {
			$checkmale = 'checked';
		} elseif($member[gender] == 2) {
			$checkfemale = 'checked';
		} else {
			$checkunknown = 'checked';
		}

		$styleselect = '';
		$query = $db->query("SELECT styleid, name FROM $table_styles WHERE available='1'");
		while($style = $db->fetch_array($query)) {
			$styleselect .= "<option value=\"$style[styleid]\" ".
				($style['styleid'] == $member['styleid'] ? 'selected="selected"' : NULL).
				">$style[name]</option>\n";
		}

		$bday = explode('-', $member['bday']);
		$bday[0] = $bday[0] == '0000' ? '' : $bday[0];
		$month = array(intval($bday[1]) => "selected=\"selected\"");

		for($num = 1; $num <= 31; $num++) {
			$dayselect .= "<option value=\"$num\" ".
				($bday[2] == $num ? 'selected="selected"' : NULL).
				">$num</option>\n";
		}

		$member['dateformat'] = str_replace('n', 'mm', $member['dateformat']);
		$member['dateformat'] = str_replace('j', 'dd', $member['dateformat']);
		$member['dateformat'] = str_replace('y', 'yy', $member['dateformat']);
		$member['dateformat'] = str_replace('Y', 'yyyy', $member['dateformat']);
		$member['timeformat'] == 'H:i' ? $check24 = 'checked="checked"' : $check12 = 'checked="checked"';

		$imgcodeis = $allowsigimgcode ? 'On' : 'Off';
		$bbcodeis = $allowsigbbcode ? 'On' : 'Off';

		include template('memcp_profile');

	} else {

		if($newpassword) {
			if(md5($oldpassword) != $discuz_pw) {
				showmessage('profile_passwd_wrong');
			} elseif(ereg('"', $newpassword) || ereg("'", $newpassword)) {
				showmessage('profile_passwd_illegal');
			}
			$newpassword = md5($newpassword);
			$newpasswdadd = ", password='$newpassword'";
		} else {
			$newpassword = $discuz_pw;
			$newpasswdadd = "";
		}

		if($maxsigsize && strlen($signew) > $maxsigsize) {
			showmessage('profile_sig_toolang');
		}
		if($allowavatar == 2 && $avatarnew) {
			if($maxavatarsize) {
				if(strstr($avatarnew, ',')) {
					$avatarinfo = explode(',', $avatarnew);
					if(trim($avatarinfo[1]) > $maxavatarsize || trim($avatarinfo[2]) > $maxavatarsize) {
						showmessage('profile_avatar_toobig');
					}
				} elseif($image_size = @getimagesize($avatarnew)) {
					if($image_size[0] > $maxavatarsize || $image_size[1] > $maxavatarsize) {
						showmessage('profile_avatar_toobig');
					}
				}
			}
			$avatarnew = dhtmlspecialchars($avatarnew);
			$avataradd = ", avatar='$avatarnew'";
		} else {
			$avataradd = ', avatar=\'\'';
		}

		$locationnew = dhtmlspecialchars($locationnew);
		$icqnew = dhtmlspecialchars($icqnew);
		$yahoonew = dhtmlspecialchars($yahoonew);
		$oicqnew = dhtmlspecialchars($oicqnew);
		$emailnew = dhtmlspecialchars($emailnew);
		$sitenew = dhtmlspecialchars($sitenew);
		$bionew = dhtmlspecialchars($bionew);
		$bdaynew = dhtmlspecialchars($bdaynew);
		$cstatusnew = $allowcstatus ? dhtmlspecialchars($cstatusnew) : '';
		$timeformatnew = $timeformatnew == '12' ? 'h:i A' : 'H:i';

		$bdaynew = ($month && $day && $year) ? "$year-$month-$day" : '';

		$dateformatnew = str_replace('mm', 'n', $dateformatnew);
		$dateformatnew = str_replace('dd', 'j', $dateformatnew);
		$dateformatnew = str_replace('yyyy', 'Y', $dateformatnew);
		$dateformatnew = str_replace('yy', 'y', $dateformatnew);

		if($regverify == 1) {
			$query = $db->query("SELECT email FROM $table_members WHERE username='$discuz_user'");
			if($emailnew != $db->result($query, 0)) {
				if(!$doublee) {
					$query = $db->query("SELECT COUNT(*) FROM $table_members WHERE email='$emailnew'");
					if($db->result($query, 0)) {
						showmessage('profile_email_duplicate');
					}
				}					
				$newpassword = random(8);
				$newpasswdadd = ", password='".md5($newpassword)."'";
				sendmail($emailnew, 'email_verify_subject', 'email_verify_content');
			}
		}

		$db->query("UPDATE $table_members SET gender='$gendernew', email='$emailnew', site='$sitenew', oicq='$oicqnew',
			location='$locationnew', bio='$bionew', signature='$signew', showemail='$showemailnew', timeoffset='$timeoffsetnew',
			icq='$icqnew', yahoo='$yahoonew', styleid='$styleidnew', bday='$bdaynew', tpp='$tppnew', ppp='$pppnew',
			customstatus='$cstatusnew', newsletter='$newsletternew', timeformat='$timeformatnew', msn='$msnnew',
			dateformat='$dateformatnew', pwdrecover='', pwdrcvtime='' $avataradd $newpasswdadd WHERE username='$discuz_user'");

		$discuz_pw = $newpassword;
		$styleid = $styleidnew;

		if($regverify == 1 && $emailnew != $email) {
			showmessage('profile_email_identify');
		} else {
			showmessage('profile_succeed', 'memcp.php');
		}
	}

} elseif($action == 'favorites') {