members.inc.php

极限网络智能办公系统 Office Automation V3.0官方100％源代码.

<?php

/*
	[Discuz!] (C)2001-2007 Comsenz Inc.
	This is NOT a freeware, use is subject to license terms

	$RCSfile: members.inc.php,v $
	$Revision: 1.138.2.9 $
	$Date: 2007/03/21 15:52:02 $
*/

if(!defined('IN_DISCUZ') || !defined('IN_ADMINCP')) {
        exit('Access Denied');
}

@set_time_limit(600);

cpheader();

if($action == 'memberadd') {

	if(!submitcheck('addsubmit')) {

		$defaultgroupid = $defaultgrouptitle = $groupselect = '';
		$query = $db->query("SELECT groupid, grouptitle, creditshigher FROM {$tablepre}usergroups WHERE type='member' AND creditshigher='0' OR (groupid NOT IN ('5', '6', '7', '$defaultgroupid') AND radminid<>'1' AND type<>'member') ORDER BY type DESC, (creditshigher<>'0' || creditslower<>'0'), creditslower");
		while($group = $db->fetch_array($query)) {
			if($group['type'] == 'member' && $group['creditshigher'] == 0) {
				$defaultgroupid = $data['groupid'];
				$defaultgrouptitle = $data['grouptitle'];
			}
			$groupselect .= "<option value=\"$group[groupid]\">$group[grouptitle]</option>\n";
		}

		updatecache('settings');
		shownav('menu_members_add');

?>
<form method="post" action="admincp.php?action=memberadd">
<input type="hidden" name="formhash" value="<?=FORMHASH?>">
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="tableborder">
<tr class="header"><td colspan="2"><?=$lang['members_add']?></td></tr>

<tr><td class="altbg1" width="50%"><?=$lang['members_add_uid_range']?></td>
<td align="right" class="altbg2"><input type="text" name="uidlowerlimit" size="5"> - <input type="text" name="uidupperlimit" size="5"></td></tr>

<tr><td class="altbg1"><?=$lang['username']?>:</td>
<td align="right" class="altbg2"><input type="text" name="newusername"></td></tr>

<tr><td class="altbg1"><?=$lang['password']?>:</td>
<td align="right" class="altbg2"><input type="text" name="newpassword"></td></tr>

<tr><td class="altbg1"><?=$lang['email']?>:</td>
<td align="right" class="altbg2"><input type="text" name="newemail"></td></tr>

<tr><td class="altbg1"><?=$lang['usergroup']?>:</td>
<td align="right" class="altbg2"><select name="newgroupid">
<option value="<?=$defaultgroupid?>" selected><?=$defaultgrouptitle?></option>
<?=$groupselect?></select></td></tr>

<tr><td class="altbg1"><?=$lang['members_add_email_notify']?></td>
<td align="right" class="altbg2"><input class="checkbox" type="checkbox" name="emailnotify" value="yes" checked></td></tr>

</table><br>
<center><input class="button" type="submit" name="addsubmit" value="<?=$lang['submit']?>"></center>
</form>
<?

	} else {

		$newusername = trim($newusername);
		$newpassword = trim($newpassword);
		$newemail = trim($newemail);

		if(strlen($newusername) < 3) {
			cpmsg('members_add_tooshort');
		}

		if(strlen($newusername) > 15) {
			cpmsg('members_add_toolong');
		}

		$guestexp = '\xA1\xA1|\xAC\xA3|^Guest|^\xD3\xCE\xBF\xCD|\xB9\x43\xAB\xC8';
		$censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($censoruser = trim($censoruser)), '/')).')$/i';
		if(preg_match("/^\s*$|^c:\\con\\con$|[%,\*\"\s\t\<\>\&]|$guestexp/is", $newusername) || ($censoruser && @preg_match($censorexp, $newusername))) {
			cpmsg('members_add_illegal');
		}

		if(!$newusername || !$newpassword || !$newemail) {
			cpmsg('members_add_invalid');
		}

		$query = $db->query("SELECT uid FROM {$tablepre}members WHERE username='$newusername'");
		if($db->num_rows($query)) {
			cpmsg('members_add_username_duplicate');
		}

		$uid = 0;
		$uidadd1 = $uidadd2 = '';
		if($uidupperlimit != '' && $uidlowerlimit != '') {
			$lastuid = 0;
			$query = $db->query("SELECT * FROM {$tablepre}members WHERE uid BETWEEN '$uidlowerlimit' AND '$uidupperlimit' ORDER BY uid");
			while($member = $db->fetch_array($query)) {
				if($lastuid && $member['uid'] - $lastuid > 1) {
					$uid = $lastuid + 1;
					break;
				}
				$lastuid = $member['uid'];
			}
			if($uid) {
				$uidadd1 = 'uid, ';
				$uidadd2 = $uid.', ';
			} else {
				cpmsg('members_add_uid_invalid');
			}
		}

		$query = $db->query("SELECT groupid, radminid, type FROM {$tablepre}usergroups WHERE groupid='$newgroupid'");
		$group = $db->fetch_array($query);
		$newadminid = $group['type'] == 'special' ? -1 : (in_array($group['radminid'], array(1, 2, 3)) ? $group['radminid'] : 0);
		if($group['radminid'] == 1) {
			cpmsg('members_add_admin_none');
		}
		if(in_array($group['groupid'], array(5, 6, 7))) {
			cpmsg('members_add_ban_all_none');
		}

		$db->query("INSERT INTO {$tablepre}members ($uidadd1 username, password, secques, gender, adminid, groupid, regip, regdate, lastvisit, lastactivity, posts, credits, email, bday, sigstatus, tpp, ppp, styleid, dateformat, timeformat, showemail, newsletter, invisible, timeoffset)
			VALUES ($uidadd2 '$newusername', '".md5($newpassword)."', '', '0', '$newadminid', '$newgroupid', 'Manual Acting', '$timestamp', '$timestamp', '$timestamp', '0', '0', '$newemail', '0000-00-00', '0', '0', '0', '0', '{$_DCACHE[settings][dateformat]}', '{$_DCACHE[settings][timeformat]}', '1', '1', '0', '{$_DCACHE[settings][timeoffset]}')");
		$uid = $db->insert_id();

		$db->query("REPLACE INTO {$tablepre}memberfields (uid) VALUES ('$uid')");

		if($emailnotify == 'yes') {
			sendmail("$newusername <$newemail>", 'add_member_subject', 'add_member_message');
		}

		updatecache('settings');
		$newusername = stripslashes($newusername);
		cpmsg('members_add_succeed');
	}

} elseif($action == 'members') {
	switch($submitname) {
		case 'newslettersubmit': shownav('menu_members_newsletter'); $adminnavtitle = $lang['menu_members_newsletter']; break;
		case 'creditsubmit': shownav('menu_members_credits'); $adminnavtitle = $lang['menu_members_credits']; break;
		case 'deletesubmit': shownav('menu_members_delete'); $adminnavtitle = $lang['menu_members_delete']; break;
		default : shownav('menu_members_edit'); $adminnavtitle = $lang['menu_members_edit']; break;
	}

	if(!submitcheck('searchsubmit', 1) && !submitcheck('deletesubmit', 1) && !submitcheck('sendsubmit', 1) && !submitcheck('editsubmit') && !submitcheck('updatecreditsubmit',1)) {
		$adminselect = $groupselect = $extgroupselect = '';
		$admingroupid = isset($admingroupid) && is_array($admingroupid) ? $admingroupid : array();
		$usergroupid = isset($usergroupid) && is_array($usergroupid) ? $usergroupid : array();
		$extusergroupid = isset($extusergroupid) && is_array($extusergroupid) ? $extusergroupid : array();

		$query = $db->query("SELECT groupid, grouptitle FROM {$tablepre}usergroups WHERE groupid NOT IN ('6', '7') ORDER BY (creditshigher<>'0' || creditslower<>'0'), creditslower");
		while($group = $db->fetch_array($query)) {
			if($group['groupid'] <= 3) {
				$adminselect .= "<option value=\"$group[groupid]\" ".(in_array($group['groupid'], $admingroupid) ? 'selected' : '').">$group[grouptitle]</option>\n";
			} else {
				$groupselect .= "<option value=\"$group[groupid]\" ".(in_array($group['groupid'], $usergroupid) ? 'selected' : '').">$group[grouptitle]</option>\n";
			}
			$extgroupselect .= "<option value=\"$group[groupid]\" ".(in_array($group['groupid'], $extusergroupid) ? 'selected' : '').">$group[grouptitle]</option>\n";
		}

		$monthselect = $dayselect = '';

		for($m=1; $m<=12; $m++) {
			$m = sprintf("%02d", $m);
			$monthselect .= "<option value=\"$m\" ".($birthmonth == $m ? 'selected' : '').">$m</option>\n";
		}

		for($d=1; $d<=31; $d++) {
			$d = sprintf("%02d", $d);
			$dayselect .= "<option value=\"$d\" ".($birthday == $d ? 'selected' : '').">$d</option>\n";
		}

		$searchcredits = '';
		if(!empty($extcredits)) {
			foreach($extcredits as $id => $credit) {
				$searchcredits .= "<tr><td class=\"altbg1\">$credit[title] $lang[members_search_lower]:</td>\n".
					"<td align=\"right\" class=\"altbg2\"><input type=\"text\" name=\"lower[extcredits$id]\" value=\"".dhtmlspecialchars($lower['extcredits'.$id])."\" size=\"40\"></td></tr>\n".
					"<tr><td class=\"altbg1\">$credit[title] $lang[members_search_higher]:</td>\n".
					"<td align=\"right\" class=\"altbg2\"><input type=\"text\" name=\"higher[extcredits$id]\" value=\"".dhtmlspecialchars($higher['extcredits'.$id])."\" size=\"40\"></td></tr>\n";
			}
		}

?>
<form method="post" action="admincp.php?action=members&submitname=<?=$submitname?>" onSubmit="if($('updatecredittype1') && $('updatecredittype1').checked && !window.confirm('<?=$lang['members_credits_clean_alarm']?>')){return false;} else {return true;}">
<input type="hidden" name="formhash" value="<?=FORMHASH?>">

<table width="100%" border="0" cellpadding="0" cellspacing="0" class="tableborder">
<tr class="header"><td colspan="2"><?=$adminnavtitle?> - <?=$lang['members_search']?></td></tr>

<tr><td class="altbg1" width="60%"><?=$lang['members_search_user']?></td>
<td align="right" class="altbg2" width="40%">
<?=$lang['case_insensitive']?> <input type="checkbox" name="cins" value="1" class="checkbox">
<br><input type="text" name="username" size="40" value="<?=dhtmlspecialchars($username)?>"></td></tr>

<tr><td class="altbg1" valign="top"><?=$lang['members_search_group']?><br><?=$lang['members_search_comment']?></td>
<td align="right" class="altbg2">
<select name="usergroupid[]" size="5" multiple="multiple" style="width: 65%">
<option value="all"<?php echo in_array('all', $usergroupid) ? ' selected' : '';?>><?=$lang['unlimited']?></option>
<?=$groupselect?>
</select></td></tr>

<tr><td class="altbg1">&nbsp;</td>
<td align="right" class="altbg2" style="text-align: right;"><input class="checkbox" type="checkbox" value="1" onclick="$('advanceoption').style.display = $('advanceoption').style.display == 'none' ? '' : 'none'; this.value = this.value == 1 ? 0 : 1; this.checked = this.value == 1 ? false : true"><?=$lang['more_options']?> &nbsp; </td></tr>

<tbody id="advanceoption" style="display: none">
<tr><td class="altbg1" valign="top"><?=$lang['admingroup']?>:<br><?=$lang['members_search_comment']?></td>
<td align="right" class="altbg2">
<select name="admingroupid[]" size="4" multiple="multiple" style="width: 65%">
<option value="all"<?php echo in_array('all', $admingroupid) ? ' selected' : '';?>><?=$lang['unlimited']?></option>
<?=$adminselect?>
</select></td></tr>

<tr><td class="altbg1" valign="top"><?=$lang['members_search_extgroup']?><br><?=$lang['members_search_comment']?></td>
<td align="right" class="altbg2">
<select name="extusergroupid[]" size="5" multiple="multiple" style="width: 65%">
<option value="all"<?php echo in_array('all', $extusergroupid) ? ' selected' : '';?>><?=$lang['unlimited']?></option>
<?=$extgroupselect?>
</select>
</td></tr>

<tr><td class="altbg1"><?=$lang['members_search_email']?></td>
<td align="right" class="altbg2"><input type="text" name="srchemail" size="40" value="<?=dhtmlspecialchars($srchemail)?>"></td></tr>

<tr><td class="altbg1"><?=$lang['credits']?> <?=$lang['members_search_lower']?>:</td>
<td align="right" class="altbg2"><input type="text" name="lower[credits]" size="40" value="<?=dhtmlspecialchars($lower[credits])?>"></td></tr>

<tr><td class="altbg1"><?=$lang['credits']?> <?=$lang['members_search_higher']?>:</td>
<td align="right" class="altbg2"><input type="text" name="higher[credits]" size="40" value="<?=dhtmlspecialchars($higher[credits])?>"></td></tr>

<?=$searchcredits?>

<tr><td class="altbg1"><?=$lang['members_postslower']?>:</td>
<td align="right" class="altbg2"><input type="text" name="postslower" value="<?=dhtmlspecialchars($postslower)?>" size="40"></td></tr>

<tr><td class="altbg1"><?=$lang['members_postshigher']?>:</td>
<td align="right" class="altbg2"><input type="text" name="postshigher" size="40" value="<?=dhtmlspecialchars($postshigher)?>"></td></tr>

<tr><td class="altbg1"><?=$lang['members_search_regip']?></td>
<td align="right" class="altbg2"><input type="text" name="regip" size="40" value="<?=dhtmlspecialchars($regip)?>"></td></tr>

<tr><td class="altbg1"><?=$lang['members_search_lastip']?></td>
<td align="right" class="altbg2"><input type="text" name="lastip" size="40" value="<?=dhtmlspecialchars($lastip)?>"></td></tr>

<tr><td class="altbg1"><?=$lang['members_search_regdatebefore']?></td>
<td align="right" class="altbg2"><input type="text" name="regdatebefore" size="40" value="<?=dhtmlspecialchars($regdatebefore)?>"></td></tr>

<tr><td class="altbg1"><?=$lang['members_search_regdateafter']?></td>
<td align="right" class="altbg2"><input type="text" name="regdateafter" size="40" value="<?=dhtmlspecialchars($regdateafter)?>"></td></tr>

<tr><td class="altbg1"><?=$lang['members_search_lastvisitbefore']?></td>
<td align="right" class="altbg2"><input type="text" name="lastvisitbefore" size="40" value="<?=dhtmlspecialchars($lastvisitbefore)?>"></td></tr>
<tr><td class="altbg1"><?=$lang['members_search_lastvisitafter']?></td>
<td align="right" class="altbg2"><input type="text" name="lastvisitafter" size="40" value="<?=dhtmlspecialchars($lastvisitafter)?>"></td></tr>

<tr><td class="altbg1"><?=$lang['members_search_lastpostbefore']?></td>
<td align="right" class="altbg2"><input type="text" name="lastpostbefore" size="40" value="<?=dhtmlspecialchars($lastpostbefore)?>"></td></tr>
<tr><td class="altbg1"><?=$lang['members_search_lastpostafter']?></td>
<td align="right" class="altbg2"><input type="text" name="lastpostafter" size="40" value="<?=dhtmlspecialchars($lastpostafter)?>"></td></tr>