setting.php

PHPWind7_RC_UTF8 开源php论坛很不错的

<?php
!function_exists('readover') && exit('Forbidden');

if ($job == 'member') {

	if ($_POST['step'] != 2) {

		require_once PrintHack('home');
		(int)$page < 1 && $page = 1;
		$pageid = ($page-1)*$db_perpage;
		$count = count($memberdb);
		$memberdb = array_slice($memberdb,$pageid,$db_perpage);
		$cymembers = array();
		foreach ($memberdb as $key => $value) {
			if (!$admindb[$winduid] && $value['ifadmin'] == -1) continue;
			$cymembers[$key] = $value;
		}
		unset($memberdb);
		if ($count > $db_perpage) {
			require_once(R_P.'require/forum.php');
			$pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&cyid=$cyid&job=member&$addpage");
		}

	} else {

		$selids = array();
		$ifadmin = '';
		InitGP(array('selid','action'),'P');
		if (is_array($selid)) {
			foreach ($selid as $value) {
				if (is_numeric($value) && $value!=$winduid) {
					$selids[] = $value;
				}
			}
			$selids && $selids = pwImplode($selids);
		}
		$passdb = array();
		if ($selids && in_array($action,array('deladmin','pass','del'))) {
			$query = $db->query("SELECT cm.uid,cm.username,cm.ifadmin FROM pw_cmembers cm WHERE cm.colonyid=".pwEscape($cyid)."AND cm.uid IN($selids)");
			while ($rt = $db->fetch_array($query)) {
				if ($rt['ifadmin'] != -1 && $action == 'deladmin') {
					$alldb['admin'] == $rt['username'] && Showmsg('colony_delladminfail');
					$ifadmin .= ($ifadmin ? ',' : '')."'$rt[uid]'";
				} elseif ($rt['ifadmin'] == -1 && $action == 'pass') {
					$alldb['intomoney'] > $credit->get($rt['uid'],$cn_moneytype) && Showmsg('colony_passfail');
					$passdb[] = $rt;
					$ifadmin .= ($ifadmin ? ',' : '')."'$rt[uid]'";
				} elseif ($action == 'del') {
					if ($alldb['admin'] == $rt['username']) {
						Showmsg('colony_delfail');
					} elseif ($windid != $alldb['admin'] && $rt['ifadmin'] == '1') {
						Showmsg('colony_manager');
					}
					$ifadmin .= ($ifadmin ? ',' : '')."'$rt[uid]'";
				}
			}
			$selids = $ifadmin;
			$ifadmin = 0;
		}
		!$selids && Showmsg('selid_illegal');

		if ($action == 'addamin' || $action == 'deladmin') {

			$action == 'addamin' && $ifadmin = 1;
			$db->update("UPDATE pw_cmembers SET ifadmin=".pwEscape($ifadmin,false)."WHERE colonyid=".pwEscape($cyid)."AND uid IN($selids)");
			Showmsg("colony_$action");

		} elseif ($action == 'pass') {

			$count = count($passdb);
			$u_a = array();
			foreach ($passdb as $key => $value) {
				$u_a[] = $value['uid'];
				$credit->addLog('hack_cyjoin',array($cn_moneytype => -$alldb['intomoney']),array(
					'uid'		=> $value['uid'],
					'username'	=> $value['username'],
					'ip'		=> $onlineip,
					'operator'	=> $windid,
					'cnname'	=> $alldb['cname']
				));
				$log = array(
					'type'      => 'cy_join',
					'username1' => Char_cv($value['username']),
					'username2' => Char_cv($windid),
					'field1'    => (int)$alldb['intomoney'],
					'field2'    => $cyid,
					'field3'    => Char_cv($alldb['cname']),
					'timestamp' => $timestamp,
					'ip'        => $onlineip,
					'descrip'   => 'join_descrip',
				);
				require_once(R_P.'require/writelog.php');
				writeforumlog($log);
				require_once(R_P.'require/msg.php');
				$message = array(
					'toUser'	=> $value['username'],
					'fromUid'	=> $winduid,
					'fromUser'	=> $windid,
					'subject'	=> 'join_title',
					'content'	=> 'join_content',
					'other'		=> array(
						'cn_name'	=> $cn_name,
						'allcname'	=> Char_cv($alldb['cname']),
						'cyid'		=> $cyid
					)
				);
				pwSendMsg($message);
				pwAddFeed($value['uid'], 'colony', array('lang' => 'colony_pass', 'colonyid' => $cyid, 'cname' => $alldb['cname']));
			}
			$credit->setus($u_a,array($cn_moneytype => -$alldb['intomoney']));

			$db->update("UPDATE pw_cmembers SET ifadmin=0 WHERE colonyid=".pwEscape($cyid)."AND uid IN($selids)");
			$db->update("UPDATE pw_colonys SET cmoney=cmoney+".pwEscape($alldb['intomoney']*$count)."WHERE id=".pwEscape($cyid));
			Showmsg('colony_pass');

		} elseif ($action == 'del') {

			$db->update("DELETE FROM pw_cmembers WHERE colonyid=".pwEscape($cyid)."AND uid IN($selids)");
			$count = $db->affected_rows();
			$db->update("UPDATE pw_colonys SET members=members-".pwEscape($count,false)."WHERE id=".pwEscape($cyid));
			Showmsg('colony_del');
		}
	}
} elseif ($job == 'seemember') {

	$uid = (int)$_GET['uid'];
	$uid != $winduid && !$admindb[$winduid] && $groupid!=3 && Showmsg('colony_cnmenber');
	@extract($db->get_one("SELECT id,username,realname,gender,tel,email,address,introduce FROM pw_cmembers WHERE colonyid=".pwEscape($cyid)."AND uid=".pwEscape($uid)));
	!$id && Showmsg('colony_noseecard');
	require_once PrintHack('home');

} elseif ($job == 'editmember') {

	$rt = $db->get_one("SELECT id,realname,gender,tel,email,address,introduce FROM pw_cmembers WHERE colonyid=".pwEscape($cyid)."AND uid=".pwEscape($winduid));
	if ($_POST['step'] != 2) {
		@extract($rt);
		!$id && Showmsg('colony_nocard');
		${'gender_'.$gender} = 'selected';
		require_once PrintHack('home');
	} else {
		InitGP(array('realname','tel','email','address','introduce'),'P');
		$gender = (int)$_POST['gender'];
		!$realname && Showmsg('colony_realname');
		if ($realname != $rt['realname']) {
			$rts = $db->get_one("SELECT id FROM pw_cmembers WHERE realname=".pwEscape($realname)."AND colonyid=".pwEscape($cyid));
			$rts['id'] && Showmsg('colony_samerealname');
			$updatesql = ",realname=".pwEscape($realname);
		}
		$db->update("UPDATE pw_cmembers"
			. " SET " . pwSqlSingle(array(
					'gender'	=> $gender,
					'tel'		=> $tel,
					'email'		=> $email,
					'address'	=> $address,
					'introduce'	=> $introduce
				)) . $updatesql
			. " WHERE colonyid=".pwEscape($cyid)
				. " AND uid=".pwEscape($winduid)
		);
		refreshto("$basename&cyid=$cyid&job=seemember&uid=$winduid",'colony_cardsuccess');
	}
} elseif ($job == 'boardlist') {

	require_once PrintHack('home');
	$ifsort=0;
	(int)$page < 1 && $page = 1;
	$limit = pwLimit(($page-1)*$db_perpage,$db_perpage);
	$argudb = array();
	$query  = $db->query("SELECT tid,author,authorid,lastpost,subject,topped,toppedtime FROM pw_argument WHERE gid=".pwEscape($cyid)."AND tpcid='0' ORDER BY topped DESC,lastpost DESC $limit");
	while ($rt = $db->fetch_array($query)) {
		if ($rt['topped']>0 && $rt['toppedtime'] && ($timestamp > $rt['toppedtime'])) {
			$db->update("UPDATE pw_argument SET topped='0',toppedtime='0' WHERE tid=".pwEscape($rt['tid']));
		}
		$rt['topped'] && $ifsort=1;
		$rt['lastpost'] = get_date($rt['lastpost']);
		$argudb[] = $rt;
	}
	$db->free_result($query);
	@extract($db->get_one("SELECT COUNT(*) AS count FROM pw_argument WHERE gid=".pwEscape($cyid)."AND tpcid='0'"));
	if ($count > $db_perpage) {
		require_once(R_P.'require/forum.php');
		$pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&cyid=$cyid&job=boardlist&");
	}
} elseif ($job == 'delboardlist') {

	if (!$admindb[$winduid] && $groupid != 3) {
		Showmsg('colony_delright');
	}
	$selids = '';
	InitGP(array('selid'),'P');
	if (is_array($selid)) {
		foreach ($selid as $value) {
			if (is_numeric($value)) {
				$selids[] = $value;
			}
		}
		$selids = pwImplode($selids);
	}
	!$selids && Showmsg('selid_illegal');
	$selids = strpos($selids,',')!==false ? "IN ($selids)" : "= $selids";
	if ($_POST['step'] != 2) {
		require_once PrintHack('home');
		$query = $db->query("SELECT tid,author,authorid,lastpost,subject FROM pw_argument WHERE gid=".pwEscape($cyid)."AND tpcid='0' AND tid $selids ORDER BY lastpost DESC");
		while ($rt = $db->fetch_array($query)) {
			$rt['lastpost'] = get_date($rt['lastpost']);
			$argudb[] = $rt;
		}
	} else {
		$db->update("DELETE FROM pw_argument WHERE tid $selids");
		$db->update("DELETE FROM pw_argument WHERE gid=".pwEscape($cyid)."AND tpcid $selids");
		refreshto("$basename&cyid=$cyid&job=boardlist",'colony_delsuccess');
	}
} elseif ($job == 'addboard') {

	if ($_POST['step'] != 2) {
		$tid = 0;
		$subject = $content = '';
		require_once PrintHack('home');
	} else {
		InitGP(array('subject','content'),'P');
		$tid <= 0 && !$subject && Showmsg('colony_posterror');
		strlen($subject)>50 && Showmsg('colony_subject');
		!$content && Showmsg('colony_posterror');
		$tid>0 && strlen($content)>255 && $content = substrs($content,255,'N');
		require_once(R_P.'require/postfunc.php');
		$content = autourl($content);