📄 memcp.php
字号:
<?php
/*
[Discuz!] (C)2001-2007 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$RCSfile: memcp.php,v $
$Revision: 1.96.2.11 $
$Date: 2007/03/22 18:58:17 $
*/
define('NOROBOT', TRUE);
require_once './include/common.inc.php';
$discuz_action = 7;
$avatarextarray = array('gif', 'jpg', 'png');
if(!$discuz_uid) {
showmessage('not_loggedin', NULL, 'HALTED');
}
$exchcredits = array();
$allowexchangein = $allowexchangeout = FALSE;
foreach($extcredits as $id => $credit) {
if(!empty($credit['ratio'])) {
$exchcredits[$id] = $credit;
$credit['allowexchangein'] && $allowexchangein = TRUE;
$credit['allowexchangeout'] && $allowexchangeout = TRUE;
}
}
$exchangestatus = $allowexchangein && $allowexchangeout;
$transferstatus = isset($extcredits[$creditstrans]) && $allowtransfer;
$action = !empty($action) ? $action : '';
$operation = !empty($operation) ? $operation : '';
if($allowavatar || $allownickname) {
$query = $db->query("SELECT mf.nickname, mf.avatar, mf.avatarwidth, mf.avatarheight, m.gender, m.groupid
FROM {$tablepre}memberfields mf, {$tablepre}members m WHERE m.uid='$discuz_uid' AND mf.uid=m.uid");
$member = $db->fetch_array($query);
} else {
$member = array('nickname' => '', 'avatar' => '');
}
$avatar = $member['avatar'] ? "<div class=\"avatar\" style=\"width: ".$member['avatarwidth']."\"><img src=\"$member[avatar]\" width=\"$member[avatarwidth]\" height=\"$member[avatarheight]\" border=\"0\" alt=\"\" /></div>" : '<img class="avatar" src="images/avatars/noavatar.gif" alt="" />';
$maxbiosize = $maxbiosize ? $maxbiosize : 200;
if(!$action) {
$validating = array();
if($regverify == 2 && $groupid == 8) {
$query = $db->query("SELECT * FROM {$tablepre}validating WHERE uid='$discuz_uid'");
if($validating = $db->fetch_array($query)) {
$validating['moddate'] = $validating['moddate'] ? gmdate("$dateformat $timeformat", $validating['moddate'] + $timeoffset * 3600) : 0;
$validating['adminenc'] = rawurlencode($validating['admin']);
}
}
$buddyonline = $buddyoffline = array();
$query = $db->query("SELECT b.buddyid AS uid, b.description, m.username, s.username AS onlineuser
FROM {$tablepre}buddys b
LEFT JOIN {$tablepre}members m ON m.uid=b.buddyid
LEFT JOIN {$tablepre}sessions s ON s.uid=m.uid AND s.invisible='0'
WHERE b.uid='$discuz_uid'");
while($buddy = $db->fetch_array($query)) {
$buddyuser = array('uid' => $buddy['uid'], 'username' => ($buddy['username'] ? $buddy['username'] : 'User was Deleted'), 'description' => $buddy['description']);
$buddy['onlineuser'] ? $buddyonline[] = $buddyuser : $buddyoffline[] = $buddyuser;
}
$msgexists = 0;
$msglist = array();
$query = $db->query("SELECT * FROM {$tablepre}pms WHERE msgtoid='$discuz_uid' AND folder='inbox' AND delstatus!='2' ORDER BY dateline DESC LIMIT 0, 5");
while($message = $db->fetch_array($query)) {
$msgexists = 1;
$message['dateline'] = gmdate("$dateformat $timeformat", $message['dateline'] + $timeoffset * 3600);
$message['subject'] = $message['new'] ? "<b>$message[subject]</b>" : $message['subject'];
$msglist[] = $message;
}
$loglist = array();
$query = $db->query("SELECT * FROM {$tablepre}creditslog WHERE uid='$discuz_uid' ORDER BY dateline DESC LIMIT 5");
while($log = $db->fetch_array($query)) {
$log['fromtoenc'] = rawurlencode($log['fromto']);
$log['dateline'] = gmdate("$dateformat $timeformat", $log['dateline'] + $timeoffset * 3600);
$loglist[] = $log;
}
include template('memcp_home');
} elseif($action == 'profile') {
require_once DISCUZ_ROOT.'./forumdata/cache/cache_profilefields.php';
$query = $db->query("SELECT * FROM {$tablepre}members m
LEFT JOIN {$tablepre}memberfields mf ON mf.uid=m.uid
WHERE m.uid='$discuz_uid'");
$member = $db->fetch_array($query);
//get secure code checking status (pos. -5)
$seccodecheck = substr(sprintf('%05b', $seccodestatus), -5, 1);
if(!submitcheck('editsubmit', 0, $seccodecheck)) {
require_once DISCUZ_ROOT.'./include/editor.func.php';
$enctype = $allowavatar == 3 ? 'enctype="multipart/form-data"' : '';
$invisiblechecked = $member['invisible'] ? 'checked' : '';
$emailchecked = $member['showemail'] ? 'checked' : '';
$newschecked = $member['newsletter'] ? 'checked' : '';
$gendercheck = array($member['gender'] => 'checked');
$tppchecked = array($member['tpp'] => 'selected="selected"');
$pppchecked = array($member['ppp'] => 'selected="selected"');
$toselect = array(strval((float)$member['timeoffset']) => 'selected="selected"');
$pscheck = array(intval($member['pmsound']) => 'checked');
$styleselect = '';
$query = $db->query("SELECT styleid, name FROM {$tablepre}styles WHERE available='1'");
while($style = $db->fetch_array($query)) {
$styleselect .= "<option value=\"$style[styleid]\" ".
($style['styleid'] == $member['styleid'] ? 'selected="selected"' : NULL).
">$style[name]</option>\n";
}
if(substr(trim($member['avatar']), 0, 14) == 'customavatars/' && !file_exists(DISCUZ_ROOT.'./'.$member['avatar'])) {
$db->query("UPDATE {$tablepre}memberfields SET avatar='', avatarwidth='0', avatarheight='0' WHERE uid='$discuz_uid'");
$member['avatar'] = '';
}
$emcheck = array($member['editormode'] => 'selected="selected"');
$customshow = str_pad(base_convert($member['customshow'], 10, 3), 3, 0, STR_PAD_LEFT);
$sschecked = array($customshow{0} => 'selected="selected"');
$sachecked = array($customshow{1} => 'selected="selected"');
$sichecked = array($customshow{2} => 'selected="selected"');
$member['dateformat'] = str_replace('n', 'mm', $member['dateformat']);
$member['dateformat'] = str_replace('j', 'dd', $member['dateformat']);
$member['dateformat'] = str_replace('y', 'yy', $member['dateformat']);
$member['dateformat'] = str_replace('Y', 'yyyy', $member['dateformat']);
$tfcheck = array($member['timeformat'] => 'checked');
$dfcheck = $member['dateformat'] ? array(1 => 'checked') : array(0 => 'checked');
if($seccodecheck) {
$seccode = random(6, 1) + $seccode{0} * 1000000;
}
$member['bio'] = html2bbcode($member['bio']);
$member['signature'] = html2bbcode($member['sightml']);
include template('memcp_profile');
} else {
require_once DISCUZ_ROOT.'./include/discuzcode.func.php';
$newpasswdadd = '';
if(!$passport_status) {
$secquesnew = $questionidnew == -1 ? $discuz_secques : quescrypt($questionidnew, $answernew);
if($newpassword || $secquesnew != $discuz_secques) {
if(md5($oldpassword) != $discuz_pw) {
showmessage('profile_passwd_wrong', NULL, 'HALTED');
}
if($newpassword) {
if($newpassword != addslashes($newpassword)) {
showmessage('profile_passwd_illegal');
} elseif($newpassword != $newpassword2) {
showmessage('profile_passwd_notmatch');
}
$newpasswdadd = ", password='".md5($newpassword)."'";
}
}
if(($adminid == 1 || $adminid == 2 || $adminid == 3) && !$secquesnew && $admincp['forcesecques']) {
showmessage('profile_admin_security_invalid');
}
}
$fieldadd = '';
foreach(array_merge($_DCACHE['fields_required'], $_DCACHE['fields_optional']) as $field) {
$field_key = 'field_'.$field['fieldid'];
$field_val = trim(${'field_'.$field['fieldid'].'new'});
if($field['required'] && $field_val == '' && !($field['unchangeable'] && $member[$field_key])) {
showmessage('profile_required_info_invalid');
} elseif($field['selective'] && $field_val != '' && !isset($field['choices'][$field_val])) {
showmessage('undefined_action', NULL, 'HALTED');
} elseif(!$field['unchangeable'] || !$member[$field_key]) {
$fieldadd .= ", $field_key='".dhtmlspecialchars($field_val)."'";
}
}
$censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($censoruser = trim($censoruser)), '/')).')$/i';
if($censoruser && (@preg_match($censorexp, $nicknamenew) || @preg_match($censorexp, $cstatusnew))) {
showmessage('profile_nickname_cstatus_illegal');
}
if($emailnew != $member['email']) {
if(md5($oldpassword) != $discuz_pw && !$passport_status) {
showmessage('profile_passwd_wrong', NULL, 'HALTED');
} else {
$emailnew = $passport_status ? $member['email'] : $emailnew;
$accessexp = '/('.str_replace("\r\n", '|', preg_quote($accessemail, '/')).')$/i';
$censorexp = '/('.str_replace("\r\n", '|', preg_quote($censoremail, '/')).')$/i';
$invalidemail = $accessemail ? !preg_match($accessexp, $emailnew) : $censoremail && preg_match($censorexp, $emailnew);
if(!isemail($emailnew) || $invalidemail) {
showmessage('profile_email_illegal');
}
}
}
if($msnnew && !isemail($msnnew)) {
showmessage('profile_alipay_msn');
}
if($alipaynew && !isemail($alipaynew)) {
showmessage('profile_alipay_illegal');
}
if($maxsigsize) {
if(strlen($signaturenew) > $maxsigsize) {
showmessage('profile_sig_toolong');
}
} else {
$signaturenew = '';
}
$avataradd = $avatar = '';
$avatarimagesize = array();
if($allowavatar == 3 && disuploadedfile($_FILES['customavatar']['tmp_name']) && $_FILES['customavatar']['tmp_name'] != 'none' && $_FILES['customavatar']['tmp_name'] && trim($_FILES['customavatar']['name'])) {
$_FILES['customavatar']['name'] = daddslashes($_FILES['customavatar']['name']);
$avatarext = strtolower(fileext($_FILES['customavatar']['name']));
if(is_array($avatarextarray) && !in_array($avatarext, $avatarextarray)) {
showmessage('profile_avatar_invalid');
}
$avatar = 'customavatars/'.$discuz_uid.'.'.$avatarext;
$avatartarget = DISCUZ_ROOT.'./'.$avatar;
if(!@copy($_FILES['customavatar']['tmp_name'], $avatartarget)) {
@move_uploaded_file($_FILES['customavatar']['tmp_name'], $avatartarget);
}
$avatarimagesize = @getimagesize($avatartarget);
if(!$avatarimagesize || ($maxavatarsize && @filesize($avatartarget) > $maxavatarsize)) {
@unlink($avatartarget);
showmessage($avatarimagesize ? 'profile_avatar_toobig' : 'profile_avatar_invalid');
}
} elseif(($allowavatar == 2 || $allowavatar == 3) && $urlavatar) {
if(!preg_match("/^(http:\/\/.+?)|(images\/avatars\/.+?)|(customavatars\/.+?)$/i", $urlavatar)) {
showmessage('profile_avatar_invalid');
}
if(preg_match("/^(images\/avatars\/.+?)|(customavatars\/.+?)$/i", $urlavatar) || (ini_get('allow_url_fopen') && (substr(PHP_OS, 0, 3) != 'WIN' || PHP_VERSION >= 5))){
$avatarimagesize = @getimagesize($urlavatar);
}
$avatar = $urlavatar;
} elseif(($allowavatar == 1 || $allowavatar == 2 || $allowavatar == 3) && $urlavatar) {
if(!preg_match("/^(images\/avatars\/.+?)$/i", $urlavatar)) {
showmessage('profile_avatar_invalid');
}
$avatarimagesize = @getimagesize($urlavatar);
$avatar = $urlavatar;
}
if($avatar) {
if(!in_array(strtolower(fileext($avatar)), array('gif', 'jpg', 'png'))) {
showmessage('profile_avatar_invalid');
}
$avatar = dhtmlspecialchars(trim($avatar));
if($avatarwidthnew == '*' || $avatarheightnew == '*' || $avatarwidthnew == '' || $avatarheightnew == '') {
$avatarwidthnew = $avatarheightnew = ($maxavatarpixel ? round($maxavatarpixel * 0.6) : 80);
@list($avatarwidthnew, $avatarheightnew) = $avatarimagesize ? $avatarimagesize : array($avatarwidthnew, $avatarheightnew);
}
$maxsize = max($avatarwidthnew, $avatarheightnew);
if($maxsize > $maxavatarpixel) {
$avatarwidthnew = $avatarwidthnew * $maxavatarpixel / $maxsize;
$avatarheightnew = $avatarheightnew * $maxavatarpixel / $maxsize;
}
$avataradd = ", avatar='$avatar', avatarwidth='$avatarwidthnew', avatarheight='$avatarheightnew'";
} else {
$avataradd = ", avatar='', avatarwidth='', avatarheight=''";
}
$emailnew = dhtmlspecialchars($emailnew);
$icqnew = preg_match ("/^([0-9]+)$/", $icqnew) && strlen($icqnew) >= 5 && strlen($icqnew) <= 12 ? $icqnew : '';
$qqnew = preg_match ("/^([0-9]+)$/", $qqnew) && strlen($qqnew) >= 5 && strlen($qqnew) <= 12 ? $qqnew : '';
$bdaynew = datecheck($bdaynew) ? $bdaynew : '0000-00-00';
$yahoonew = dhtmlspecialchars($yahoonew);
$msnnew = dhtmlspecialchars($msnnew);
$taobaonew = dhtmlspecialchars($taobaonew);
$alipaynew = dhtmlspecialchars($alipaynew);
$signaturenew = censor($signaturenew);
$sigstatusnew = $signaturenew ? 1 : 0;
$bionew = censor(dhtmlspecialchars($bionew));
$sitenew = dhtmlspecialchars(trim(preg_match("/^https?:\/\/.+/i", $sitenew) ? $sitenew : ($sitenew ? 'http://'.$sitenew : '')));
$tppnew = in_array($tppnew, array(10, 20, 30)) ? $tppnew : 0;
$pppnew = in_array($pppnew, array(5, 10, 15)) ? $pppnew : 0;
$editormodenew = in_array($editormodenew, array(0, 1, 2)) ? $editormodenew : 2;
$ssnew = in_array($ssnew, array(0, 1)) ? $ssnew : 2;
$sanew = in_array($sanew, array(0, 1)) ? $sanew : 2;
$sinew = in_array($sinew, array(0, 1)) ? $sinew : 2;
$customshownew = base_convert($ssnew.$sanew.$sinew, 3, 10);
if($dateformatnew) {
$dateformatnew = str_replace('mm', 'n', $cdateformatnew);
$dateformatnew = str_replace('dd', 'j', $dateformatnew);
$dateformatnew = str_replace('yyyy', 'Y', $dateformatnew);
$dateformatnew = str_replace('yy', 'y', $dateformatnew);
} else {
$dateformatnew = '';
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -