📄 memcp.php
字号:
<?php
/*
[Discuz!] (C)2001-2006 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$RCSfile: memcp.php,v $
$Revision: 1.7.2.2 $
$Date: 2006/03/23 06:05:28 $
*/
require_once './include/common.inc.php';
$discuz_action = 7;
$avatarextarray = array('gif', 'jpg', 'png');
if(!$discuz_uid) {
showmessage('not_loggedin', NULL, 'HALTED');
}
if(!isset($action)) {
$validating = array();
if($regverify == 2 && $groupid == 8) {
$query = $db->query("SELECT * FROM {$tablepre}validating WHERE uid='$discuz_uid'");
if($validating = $db->fetch_array($query)) {
$validating['moddate'] = $validating['moddate'] ? gmdate("$dateformat $timeformat", $validating['moddate'] + $timeoffset * 3600) : 0;
$validating['adminenc'] = rawurlencode($validating['admin']);
}
}
if($allowavatar || $avatarshowstatus || $allownickname) {
$query = $db->query("SELECT mf.nickname, mf.avatar, mf.avatarwidth, mf.avatarheight, m.avatarshowid, m.gender
FROM {$tablepre}memberfields mf, {$tablepre}members m WHERE m.uid='$discuz_uid' AND mf.uid=m.uid");
$member = $db->fetch_array($query);
} else {
$member = array('nickname' => '', 'avatar' => '', 'avatarshowid' => 0);
}
$avatarshow = $avatarshowstatus ? $avatar = avatarshow($member['avatarshowid'], $member['gender']) : '';
$avatar = $avatarshowstatus != 2 && $member['avatar'] ? "<img src=\"$member[avatar]\" width=\"$member[avatarwidth]\" height=\"$member[avatarheight]\" border=\"0\">" : '';
$buddyonline = $buddyoffline = array();
$query = $db->query("SELECT b.buddyid AS uid, b.description, m.username, s.username AS onlineuser
FROM {$tablepre}buddys b
LEFT JOIN {$tablepre}members m ON m.uid=b.buddyid
LEFT JOIN {$tablepre}sessions s ON s.uid=m.uid AND s.invisible='0'
WHERE b.uid='$discuz_uid'");
while($buddy = $db->fetch_array($query)) {
$buddyuser = array('uid' => $buddy['uid'], 'username' => ($buddy['username'] ? $buddy['username'] : 'User was Deleted'), 'description' => $buddy['description']);
$buddy['onlineuser'] ? $buddyonline[] = $buddyuser : $buddyoffline[] = $buddyuser;
}
$msgexists = 0;
$msglist = array();
$query = $db->query("SELECT * FROM {$tablepre}pms WHERE msgtoid='$discuz_uid' AND folder='inbox' ORDER BY dateline DESC LIMIT 0, 5");
while($message = $db->fetch_array($query)) {
$msgexists = 1;
$message['dateline'] = gmdate("$dateformat $timeformat", $message['dateline'] + $timeoffset * 3600);
$message['subject'] = $message['new'] ? "<b>$message[subject]</b>" : $message['subject'];
$msglist[] = $message;
}
$subsexists = 0;
$subslist = array();
$query = $db->query("SELECT t.tid, t.fid, t.subject, t.replies, t.lastpost, t.lastposter, f.name
FROM {$tablepre}subscriptions s, {$tablepre}threads t, {$tablepre}forums f
WHERE t.tid=s.tid AND t.displayorder>='0' AND f.fid=t.fid AND s.uid='$discuz_uid' ORDER BY t.lastpost DESC LIMIT 5");
while($subs = $db->fetch_array($query)) {
$subsexists = 1;
$subs['lastposterenc'] = rawurlencode($subs['lastposter']);
$subs['lastpost'] = gmdate("$dateformat $timeformat", $subs['lastpost'] + $timeoffset * 3600);
$subslist[] = $subs;
}
include template('memcp_home');
} elseif($action == 'profile') {
require_once DISCUZ_ROOT.'./forumdata/cache/cache_profilefields.php';
$query = $db->query("SELECT * FROM {$tablepre}members m
LEFT JOIN {$tablepre}memberfields mf ON mf.uid=m.uid
WHERE m.uid='$discuz_uid'");
$member = $db->fetch_array($query);
//get secure code checking status (pos. -5)
$seccodecheck = substr(sprintf('%05b', $seccodestatus), -5, 1);
if(!submitcheck('editsubmit', 0, $seccodecheck)) {
$enctype = $allowavatar == 3 ? 'enctype="multipart/form-data"' : '';
$invisiblechecked = $member['invisible'] ? 'checked' : '';
$emailchecked = $member['showemail'] ? 'checked' : '';
$newschecked = $member['newsletter'] ? 'checked' : '';
$gendercheck = array($member['gender'] => 'checked');
$tppchecked = array($member['tpp'] => 'selected="selected"');
$pppchecked = array($member['ppp'] => 'selected="selected"');
$toselect = array(strval((float)$member['timeoffset']) => 'selected="selected"');
$pscheck = array(intval($member['pmsound']) => 'checked');
$styleselect = '';
$query = $db->query("SELECT styleid, name FROM {$tablepre}styles WHERE available='1'");
while($style = $db->fetch_array($query)) {
$styleselect .= "<option value=\"$style[styleid]\" ".
($style['styleid'] == $member['styleid'] ? 'selected="selected"' : NULL).
">$style[name]</option>\n";
}
$bday = explode('-', $member['bday']);
$bday[0] = $bday[0] == '0000' ? '' : $bday[0];
$month = array(intval($bday[1]) => "selected=\"selected\"");
$dayselect = '';
for($num = 1; $num <= 31; $num++) {
$dayselect .= "<option value=\"$num\" ".($bday[2] == $num ? 'selected="selected"' : '').">$num</option>\n";
}
$avatarshow = avatarshow($member['avatarshowid'], $member['gender']);
if(substr(trim($member['avatar']), 0, 14) == 'customavatars/' && !file_exists(DISCUZ_ROOT.'./'.$member['avatar'])) {
$db->query("UPDATE {$tablepre}memberfields SET avatar='', avatarwidth='0', avatarheight='0' WHERE uid='$discuz_uid'");
$member['avatar'] = '';
}
$member['dateformat'] = str_replace('n', 'mm', $member['dateformat']);
$member['dateformat'] = str_replace('j', 'dd', $member['dateformat']);
$member['dateformat'] = str_replace('y', 'yy', $member['dateformat']);
$member['dateformat'] = str_replace('Y', 'yyyy', $member['dateformat']);
$tfcheck = array($member['timeformat'] => 'checked');
$dfcheck = $member['dateformat'] ? array(1 => 'checked') : array(0 => 'checked');
if($seccodecheck) {
$seccode = random(4, 1);
}
include template('memcp_profile');
} else {
require_once DISCUZ_ROOT.'./include/discuzcode.func.php';
include_once DISCUZ_ROOT.'./forumdata/cache/cache_bbcodes.php';
$newpasswdadd = '';
$secquesnew = $questionidnew == -1 ? $discuz_secques : quescrypt($questionidnew, $answernew);
if($newpassword || $secquesnew != $discuz_secques) {
if(md5($oldpassword) != $discuz_pw) {
showmessage('profile_passwd_wrong', NULL, 'HALTED');
}
if($newpassword) {
if($newpassword != addslashes($newpassword)) {
showmessage('profile_passwd_illegal');
} elseif($newpassword != $newpassword2) {
showmessage('profile_passwd_notmatch');
}
$newpasswdadd = ", password='".md5($newpassword)."'";
}
}
if(($adminid == 1 || $adminid == 2 || $adminid == 3) && !$secquesnew && $forcesecques) {
showmessage('profile_admin_security_invalid');
}
$fieldadd = '';
foreach(array_merge($_DCACHE['fields_required'], $_DCACHE['fields_optional']) as $field) {
$field_key = 'field_'.$field['fieldid'];
$field_val = trim(${'field_'.$field['fieldid'].'new'});
if($field['required'] && $field_val == '' && !($field['unchangeable'] && $member[$field_key])) {
showmessage('profile_required_info_invalid');
} elseif($field['selective'] && $field_val != '' && !isset($field['choices'][$field_val])) {
showmessage('undefined_action', NULL, 'HALTED');
} elseif(!$field['unchangeable'] || !$member[$field_key]) {
$fieldadd .= ", $field_key='".dhtmlspecialchars($field_val)."'";
}
}
$censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($censoruser = trim($censoruser)), '/')).')$/i';
if($censoruser && (@preg_match($censorexp, $nicknamenew) || @preg_match($censorexp, $cstatusnew))) {
showmessage('profile_nickname_cstatus_illegal');
}
if(!isemail($emailnew = $passport_status ? $member['email'] : $emailnew)) {
showmessage('profile_email_illegal');
}
if($alipaynew && !isemail($alipaynew)) {
showmessage('profile_alipay_illegal');
}
if($maxsigsize) {
if(strlen($signaturenew) > $maxsigsize) {
showmessage('profile_sig_toolang');
}
} else {
$signaturenew = '';
}
$avataradd = '';
if($allowavatar == 2 || $allowavatar == 3) {
if($allowavatar == 3) {
if(disuploadedfile($_FILES['customavatar']['tmp_name']) && $_FILES['customavatar']['tmp_name'] != 'none' && $_FILES['customavatar']['tmp_name'] && trim($_FILES['customavatar']['name'])) {
$_FILES['customavatar']['name'] = daddslashes($_FILES['customavatar']['name']);
$avatarext = strtolower(fileext($_FILES['customavatar']['name']));
if(!in_array($avatarext, $avatarextarray)) {
showmessage('profile_avatar_invalid');
}
$avatarnew = 'customavatars/'.$discuz_uid.'.'.$avatarext;
$avatartarget = DISCUZ_ROOT.'./'.$avatarnew;
if(!@copy($_FILES['customavatar']['tmp_name'], $avatartarget)) {
@move_uploaded_file($_FILES['customavatar']['tmp_name'], $avatartarget);
}
$avatarimagesize = @getimagesize($avatartarget);
if(!$avatarimagesize || ($maxavatarsize && @filesize($avatartarget) > $maxavatarsize)) {
@unlink($avatartarget);
showmessage($avatarimagesize ? 'profile_avatar_toobig' : 'profile_avatar_invalid');
}
foreach($avatarextarray as $ext) {
if($ext != $avatarext) {
@unlink(DISCUZ_ROOT.'./customavatars/'.$discuz_uid.'.'.$ext);
}
}
}
}
$avatarnew = dhtmlspecialchars(trim($avatarnew));
$avatarext = strtolower(fileext($avatarnew));
if($avatarnew) {
if(!preg_match("/^((customavatars\/\d+\.[a-z]+)|(images\/avatars\/.+?)|(http:\/\/.+?))$/i", $avatarnew)
|| !in_array($avatarext, $avatarextarray)) {
showmessage('profile_avatar_invalid');
}
if($avatarwidthnew == '*' || $avatarheightnew == '*') {
$avatarwidthnew = $avatarheightnew = round(2 * $maxavatarpixel / 3);
if(!@list($avatarwidthnew, $avatarheightnew) = $avatarimagesize ? $avatarimagesize : getimagesize($avatarnew)) {
showmessage('profile_avatar_size_invalid');
}
}
$maxsize = max($avatarwidthnew, $avatarheightnew);
if($maxsize > $maxavatarpixel) {
$avatarwidthnew = $avatarwidthnew * $maxavatarpixel / $maxsize;
$avatarheightnew = $avatarheightnew * $maxavatarpixel / $maxsize;
}
}
$avataradd = ", avatar='$avatarnew', avatarwidth='$avatarwidthnew', avatarheight='$avatarheightnew'";
}
$emailnew = dhtmlspecialchars($emailnew);
$icqnew = preg_match ("/^([0-9]+)$/", $icqnew) && strlen($icqnew) >= 5 && strlen($icqnew) <= 12 ? $icqnew : '';
$qqnew = preg_match ("/^([0-9]+)$/", $qqnew) && strlen($qqnew) >= 5 && strlen($qqnew) <= 12 ? $qqnew : '';
$bdaynew = ($month && $day) ? (empty($year) ? '0000' : $year)."-$month-$day" : '';
$yahoonew = dhtmlspecialchars($yahoonew);
$msnnew = dhtmlspecialchars($msnnew);
$taobaonew = dhtmlspecialchars($taobaonew);
$alipaynew = dhtmlspecialchars($alipaynew);
$bdaynew = dhtmlspecialchars($bdaynew);
$signaturenew = censor($signaturenew);
$sigstatusnew = $signaturenew ? 1 : 0;
$bionew = censor(dhtmlspecialchars($bionew));
$sitenew = dhtmlspecialchars(trim(preg_match("/^https?:\/\/.+/i", $sitenew) ? $sitenew : ($sitenew ? 'http://'.$sitenew : '')));
$tppnew = in_array($tppnew, array(10, 20, 30)) ? $tppnew : 0;
$pppnew = in_array($pppnew, array(5, 10, 15)) ? $pppnew : 0;
if($dateformatnew) {
$dateformatnew = str_replace('mm', 'n', $cdateformatnew);
$dateformatnew = str_replace('dd', 'j', $dateformatnew);
$dateformatnew = str_replace('yyyy', 'Y', $dateformatnew);
$dateformatnew = str_replace('yy', 'y', $dateformatnew);
} else {
$dateformatnew = '';
}
$invisiblenew = $allowinvisible && $invisiblenew ? 1 : 0;
$locationnew = cutstr(censor(dhtmlspecialchars($locationnew)), 30);
$nicknamenew = $allownickname ? cutstr(censor(dhtmlspecialchars($nicknamenew)), 30) : '';
$cstatusadd = $allowcstatus ? ', customstatus=\''.cutstr(censor(dhtmlspecialchars($cstatusnew)), 30).'\'' : '';
$authstradd1 = $authstradd2 = '';
if($regverify == 1 && $adminid == 0 && (($grouptype == 'member' && $adminid == 0) || $groupid == 8)) {
$query = $db->query("SELECT email FROM {$tablepre}members WHERE uid='$discuz_uid'");
if($emailnew != $db->result($query, 0)) {
if(!$doublee) {
$query = $db->query("SELECT uid FROM {$tablepre}members WHERE email='$emailnew' LIMIT 1");
if($db->result($query, 0)) {
showmessage('profile_email_duplicate');
}
}
$idstring = random(6);
$groupid = 8;
require_once DISCUZ_ROOT.'./forumdata/cache/usergroup_8.php';
$authstradd1 = ", groupid='8'";
$authstradd2 = ", authstr='$timestamp\t2\t$idstring'";
sendmail($emailnew, 'email_verify_subject', 'email_verify_message');
}
}
$sightmlnew = addslashes(discuzcode(stripslashes($signaturenew), 1, 0, 0, 0, ($allowsigbbcode ? ($allowcusbbcode ? 2 : 1) : 0), $allowsigimgcode, 0));
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -