memcp.php

极限网络智能办公系统 Office Automation V3.0官方100％源代码.

		}

		$invisiblenew = $allowinvisible && $invisiblenew ? 1 : 0;
		$locationnew = cutstr(censor(dhtmlspecialchars($locationnew)), 30);
		$nicknamenew = $allownickname ? cutstr(censor(dhtmlspecialchars($nicknamenew)), 30) : '';

		$cstatusadd = $allowcstatus ? ', customstatus=\''.cutstr(censor(dhtmlspecialchars($cstatusnew)), 30).'\'' : '';

		$authstradd1 = $authstradd2 = '';
		if($regverify == 1 && $adminid == 0 && (($grouptype == 'member' && $adminid == 0) || $groupid == 8)) {
			$query = $db->query("SELECT email FROM {$tablepre}members WHERE uid='$discuz_uid'");
			if($emailnew != $db->result($query, 0)) {
				if(!$doublee) {
					$query = $db->query("SELECT uid FROM {$tablepre}members WHERE email='$emailnew' LIMIT 1");
					if($db->result($query, 0)) {
						showmessage('profile_email_duplicate');
					}
				}

				$idstring = random(6);
				$groupid = 8;

				require_once DISCUZ_ROOT.'./forumdata/cache/usergroup_8.php';

				$authstradd1 = ", groupid='8'";
				$authstradd2 = ", authstr='$timestamp\t2\t$idstring'";
				sendmail("$discuz_userss <$emailnew>", 'email_verify_subject', 'email_verify_message');
			}
		}

		$sightmlnew = addslashes(discuzcode(stripslashes($signaturenew), 1, 0, 0, 0, ($allowsigbbcode ? ($allowcusbbcode ? 2 : 1) : 0), $allowsigimgcode, 0, 0, 1));
		$biohtmlnew = addslashes(discuzcode(stripslashes($bionew), 1, 0, 0, 0, ($allowbiobbcode ? ($allowcusbbcode ? 2 : 1) : 0), $allowbioimgcode, 0, 0, 1));
		$showemailnew = empty($showemailnew) ? 0 : 1;
		$gendernew = empty($gendernew) ? 0 : intval($gendernew);

		$db->query("UPDATE {$tablepre}members SET secques='$secquesnew', gender='$gendernew', email='$emailnew', styleid='$styleidnew', bday='$bdaynew',
			showemail='$showemailnew', timeoffset='$timeoffsetnew', tpp='$tppnew', ppp='$pppnew', editormode='$editormodenew', customshow='$customshownew', newsletter='$newsletternew', invisible='$invisiblenew',
			timeformat='$timeformatnew', dateformat='$dateformatnew', pmsound='$pmsoundnew', styleid='$styleidnew', sigstatus='$sigstatusnew' $newpasswdadd $authstradd1
			WHERE uid='$discuz_uid'");

		$query = $db->query("SELECT uid FROM {$tablepre}memberfields WHERE uid='$discuz_uid'");
		if(!$db->num_rows($query)) {
			$db->query("REPLACE INTO {$tablepre}memberfields (uid) VALUES ('$discuz_uid')");
		}

		$db->query("UPDATE {$tablepre}memberfields SET nickname='$nicknamenew', site='$sitenew', location='$locationnew', bio='$biohtmlnew', sightml='$sightmlnew',
			icq='$icqnew', qq='$qqnew', yahoo='$yahoonew', msn='$msnnew', taobao='$taobaonew', alipay='$alipaynew' $avataradd $cstatusadd $fieldadd $authstradd2 WHERE uid='$discuz_uid'");

		$styleid = empty($styleidnew) ? $styleid : $styleidnew;

		if(!empty($authstradd1) && !empty($authstradd2)) {
			showmessage('profile_email_verify');
		} else {
			showmessage('profile_succeed', 'memcp.php');
		}
	}

} elseif($action == 'credits') {

	$taxpercent = sprintf('%1.2f', $creditstax * 100).'%';

	if($operation == 'transfer' && $transferstatus) {

		if(!submitcheck('creditssubmit')) {

			include template('memcp_credits');

		} else {

			$amount = intval($amount);

			if(md5($password) != $discuz_pw) {
				showmessage('credits_password_invalid');
			} elseif($amount <= 0) {
				showmessage('credits_transaction_amount_invalid');
			} elseif(${'extcredits'.$creditstrans} - $amount < ($minbalance = $transfermincredits)) {
				showmessage('credits_balance_insufficient');
			} elseif(!($netamount = floor($amount * (1 - $creditstax)))) {
				showmessage('credits_net_amount_iszero');
			}

			$query = $db->query("SELECT uid, username FROM {$tablepre}members WHERE username='$to'");
			if(!$member = $db->fetch_array($query)) {
				showmessage('credits_transfer_send_nonexistence');
			} elseif($member['uid'] == $discuz_uid) {
				showmessage('credits_transfer_self');
			}

			$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans-'$amount' WHERE uid='$discuz_uid'");
			$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans+'$netamount' WHERE uid='$member[uid]'");
			$db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation)
				VALUES ('$discuz_uid', '".addslashes($member['username'])."', '$creditstrans', '$creditstrans', '$amount', '0', '$timestamp', 'TFR'),
				('$member[uid]', '$discuz_user', '$creditstrans', '$creditstrans', '0', '$netamount', '$timestamp', 'RCV')");

			if(!empty($transfermessage)) {
				$transfermessage = stripslashes($transfermessage);
				$transfertime = gmdate($GLOBALS['_DCACHE']['settings']['dateformat'].' '.$GLOBALS['_DCACHE']['settings']['timeformat'], $timestamp + $timeoffset * 3600);
				sendpm($member['uid'], 'transfer_subject', 'transfer_message');
			}

			showmessage('credits_transaction_succeed', 'memcp.php?action=credits&amp;operation=creditslog');

		}

	} elseif($operation == 'exchange' && $exchangestatus) {

		if(!submitcheck('creditssubmit')) {

			$extcredits_exchange = array();

			if(!empty($extcredits)) {
				foreach($extcredits as $key => $value) {
					if($value['allowexchangein'] || $value['allowexchangeout']) {
						$extcredits_exchange['extcredits'.$key] = array('title' => $value['title'], 'unit' => $value['unit']);
					}
				}
			}

			include template('memcp_credits');

		} elseif($extcredits[$fromcredits]['ratio'] && $extcredits[$tocredits]['ratio']) {

			$amount = intval($amount);

			if(md5($password) != $discuz_pw) {
				showmessage('credits_password_invalid');
			} elseif($fromcredits == $tocredits) {
				showmessage('credits_exchange_invalid');
			} elseif($amount <= 0) {
				showmessage('credits_transaction_amount_invalid');
			} elseif(${'extcredits'.$fromcredits} - $amount < ($minbalance = $exchangemincredits)) {
				showmessage('credits_balance_insufficient');
			} elseif(!($netamount = floor($amount * $extcredits[$fromcredits]['ratio'] * (1 - $creditstax) / $extcredits[$tocredits]['ratio']))) {
				showmessage('credits_net_amount_iszero');
			}
			if(!$extcredits[$fromcredits]['allowexchangeout']) {
				showmessage('extcredits_disallowexchangeout');
			}
			if(!$extcredits[$tocredits]['allowexchangein']) {
				showmessage('extcredits_disallowexchangein');
			}

			$db->query("UPDATE {$tablepre}members SET extcredits$fromcredits=extcredits$fromcredits-'$amount', extcredits$tocredits=extcredits$tocredits+'$netamount' WHERE uid='$discuz_uid'");
			$db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation)
				VALUES ('$discuz_uid', '$discuz_user', '$fromcredits', '$tocredits', '$amount', '$netamount', '$timestamp', 'EXC')");

			showmessage('credits_transaction_succeed', 'memcp.php?action=credits&amp;operation=creditslog');

		}

	} elseif($operation == 'addfunds' && $ec_ratio) {

		if(!submitcheck('creditssubmit')) {

			include template('memcp_credits');

		} else {

			include language('misc');
			$amount = intval($amount);
			if(!$amount || ($ec_mincredits && $amount < $ec_mincredits) || ($ec_maxcredits && $amount > $ec_maxcredits)) {
				showmessage('credits_addfunds_amount_invalid');
			}

			$query = $db->query("SELECT COUNT(*) FROM {$tablepre}orders WHERE uid='$discuz_uid' AND submitdate>='$timestamp'-180 LIMIT 1");
			if($db->result($query, 0)) {
				showmessage('credits_addfunds_ctrl');
			}

			if($ec_maxcreditspermonth) {
				$query = $db->query("SELECT SUM(amount) FROM {$tablepre}orders WHERE uid='$discuz_uid' AND submitdate>='$timestamp'-2592000 AND status IN (2, 3)");
				if(($db->result($query, 0)) + $amount > $ec_maxcreditspermonth) {
					showmessage('credits_addfunds_toomuch');
				}
			}

			$price = ceil($amount / $ec_ratio * 100) / 100;
			$orderid = gmdate('YmdHis', $timestamp + $_DCACHE['settings']['timeoffset'] * 3600).random(18);

			$query = $db->query("SELECT orderid FROM {$tablepre}orders WHERE orderid='$orderid'");
			if($db->num_rows($query)) {
				showmessage('credits_addfunds_order_invalid');
			}

			$db->query("INSERT INTO {$tablepre}orders (orderid, status, uid, amount, price, submitdate)
				VALUES ('$orderid', '1', '$discuz_uid', '$amount', '$price', '$timestamp')");

			$ec_securitycode = authcode($ec_securitycode, 'DECODE', $authkey);
			$args = array(
				'subject' 		=> $bbname.' - '.$discuz_userss.' - '.$language['credit_payment'].'('.$boardurl.')',
				'body' 			=> $language['credit_forum_payment'].' '.$extcredits[$creditstrans]['title'].' '.intval($price * $ec_ratio).' '.$extcredits[$creditstrans]['unit'].' ('.$onlineip.')',
				'service' 		=> 'create_digital_goods_trade_p',
				'partner' 		=> $ec_id,
				'notify_url' 		=> $boardurl.'api/alipaynotify.php',
				'_input_charset' 	=> $charset,
				'out_trade_no' 		=> $orderid,
				'price' 		=> $price,
				'quantity' 		=> 1,
				'seller_email' 		=> $ec_account,
			);
			ksort($args);
			$urlstr = $sign = '';
			foreach($args as $key=>$val) {
				if($val != '') $sign .= '&'.$key.'='.$val;
				$urlstr .= $key.'='.rawurlencode($val).'&';
			}
			$sign = substr($sign, 1);
			$sign = md5($sign.$ec_securitycode);
			showmessage('credits_addfunds_succeed', 'https://www.alipay.com/cooperate/gateway.do?'.$urlstr.'sign='.$sign.'&sign_type=MD5');

		}

	} elseif($operation == 'paymentlog') {

		$page = max(1, intval($page));
		$start_limit = ($page - 1) * $tpp;

		$query = $db->query("SELECT COUNT(*) FROM {$tablepre}paymentlog WHERE uid='$discuz_uid'");
		$multipage = multi($db->result($query, 0), $tpp, $page, "memcp.php?action=credits&amp;operation=paymentlog");

		$loglist = array();
		$query = $db->query("SELECT p.*, f.fid, f.name, t.subject, t.author, t.dateline AS tdateline FROM {$tablepre}paymentlog p
			LEFT JOIN {$tablepre}threads t ON t.tid=p.tid
			LEFT JOIN {$tablepre}forums f ON f.fid=t.fid
			WHERE p.uid='$discuz_uid' ORDER BY p.dateline DESC
			LIMIT $start_limit, $tpp");
		while($log = $db->fetch_array($query)) {
			$log['authorenc'] = rawurlencode($log['authorenc']);
			$log['dateline'] = gmdate("$dateformat $timeformat", $log['dateline'] + $timeoffset * 3600);
			$log['tdateline'] = gmdate("$dateformat $timeformat", $log['tdateline'] + $timeoffset * 3600);
			$loglist[] = $log;
		}

		include template('memcp_credits');

	} elseif($operation == 'incomelog') {

		$page = max(1, intval($page));
		$start_limit = ($page - 1) * $tpp;

		$query = $db->query("SELECT COUNT(*) FROM {$tablepre}paymentlog WHERE authorid='$discuz_uid'");
		$multipage = multi($db->result($query, 0), $tpp, $page, "memcp.php?action=credits&amp;operation=incomelog");

		$loglist = array();
		$query = $db->query("SELECT p.*, m.username, f.fid, f.name, t.subject, t.dateline AS tdateline FROM {$tablepre}paymentlog p
			LEFT JOIN {$tablepre}threads t ON t.tid=p.tid
			LEFT JOIN {$tablepre}forums f ON f.fid=t.fid
			LEFT JOIN {$tablepre}members m ON m.uid=p.uid
			WHERE p.authorid='$discuz_uid' ORDER BY p.dateline DESC
			LIMIT $start_limit, $tpp");
		while($log = $db->fetch_array($query)) {
			$log['dateline'] = gmdate("$dateformat $timeformat", $log['dateline'] + $timeoffset * 3600);
			$log['tdateline'] = gmdate("$dateformat $timeformat", $log['tdateline'] + $timeoffset * 3600);
			$loglist[] = $log;
		}

		include template('memcp_credits');

	} elseif($operation == 'rewardpaylog') {

		$page = max(1, intval($page));
		$start_limit = ($page - 1) * $tpp;

		$query = $db->query("SELECT COUNT(*) FROM {$tablepre}rewardlog WHERE authorid='$discuz_uid'");
		$multipage = multi($db->result($query, 0), $tpp, $page, "memcp.php?action=credits&amp;operation=incomelog");

		$loglist = array();
		$query = $db->query("SELECT
			r.*, m.uid, m.username
			, f.fid, f.name, t.subject, t.price
			FROM
			{$tablepre}rewardlog r
			LEFT JOIN {$tablepre}threads t ON t.tid=r.tid
			LEFT JOIN {$tablepre}forums f ON f.fid=t.fid
			LEFT JOIN {$tablepre}members m ON m.uid=r.answererid
			WHERE r.authorid='$discuz_uid' ORDER BY r.dateline DESC
			LIMIT $start_limit, $tpp");
		while($log = $db->fetch_array($query)) {
			$log['dateline'] = gmdate("$dateformat $timeformat", $log['dateline'] + $timeoffset * 3600);
			$log['price'] = abs($log['price']);
			$loglist[] = $log;
		}

		include template('memcp_credits');

	} elseif($operation == 'rewardincomelog') {

		$page = max(1, intval($page));
		$start_limit = ($page - 1) * $tpp;

		$query = $db->query("SELECT COUNT(*) FROM {$tablepre}rewardlog WHERE answererid='$discuz_uid'");
		$multipage = multi($db->result($query, 0), $tpp, $page, "memcp.php?action=credits&amp;operation=incomelog");

		$loglist = array();
		$query = $db->query("SELECT r.*, m.uid, m.username, f.fid, f.name, t.subject, t.price FROM {$tablepre}rewardlog r
			LEFT JOIN {$tablepre}threads t ON t.tid=r.tid
			LEFT JOIN {$tablepre}forums f ON f.fid=t.fid
			LEFT JOIN {$tablepre}members m ON m.uid=r.authorid
			WHERE r.answererid='$discuz_uid' and r.authorid>0 ORDER BY r.dateline DESC
			LIMIT $start_limit, $tpp");
		while($log = $db->fetch_array($query)) {
			$log['dateline'] = gmdate("$dateformat $timeformat", $log['dateline'] + $timeoffset * 3600);
			$log['price'] = abs($log['price']);
			$loglist[] = $log;
		}

		include template('memcp_credits');

	} else {

		$operation = 'creditslog';

		$page = max(1, intval($page));
		$start_limit = ($page - 1) * $tpp;