members.inc.php

极限网络智能办公系统 Office Automation V3.0官方100％源代码.

				cpmsg('members_edit_groups_illegal');
			} elseif($maingroupexpirynew > $timestamp) {
				if($expgroupidnew || $expadminidnew) {
					$groupterms['main'] = array('time' => $maingroupexpirynew, 'adminid' => $expadminidnew, 'groupid' => $expgroupidnew);
				} else {
					$groupterms['main'] = array('time' => $maingroupexpirynew);
				}
				$groupterms['ext'][$groupidnew] = $maingroupexpirynew;
			}

		}

		if(is_array($extgroupexpirynew)) {
			foreach($extgroupexpirynew as $extgroupid => $expiry) {
				if(is_array($extgroupidsnew) && in_array($extgroupid, $extgroupidsnew) && !isset($groupterms['ext'][$extgroupid]) && $expiry && ($expiry = strtotime($expiry) - date('Z') + $timeoffset * 3600) > $timestamp) {
					$groupterms['ext'][$extgroupid] = $expiry;
				}
			}
		}

		$grouptermsnew = addslashes(serialize($groupterms));
		$groupexpirynew = groupexpiry($groupterms);
		$extgroupidsnew = $extgroupidsnew && is_array($extgroupidsnew) ? implode("\t", $extgroupidsnew) : '';

		$db->query("UPDATE {$tablepre}members SET groupid='$groupidnew', adminid='$adminidnew', extgroupids='$extgroupidsnew', groupexpiry='$groupexpirynew' WHERE uid='$member[uid]'");
		$db->query("UPDATE {$tablepre}memberfields SET groupterms='$grouptermsnew' WHERE uid='$member[uid]'");

		if($groupidnew != $member['groupid'] && (in_array($groupidnew, array(4, 5)) || in_array($member['groupid'], array(4, 5)))) {
			banlog($member['username'], $member['groupid'], $groupidnew, $groupexpirynew, $reason);
		}

		cpmsg('members_edit_groups_succeed', "admincp.php?action=editgroups&uid=$member[uid]");

	}

} elseif($action == 'editcredits' && $uid && $extcredits) {

	$query = $db->query("SELECT m.username, m.groupid, m.adminid, m.credits, m.extcredits1, m.extcredits2, m.extcredits3, m.extcredits4,
		m.extcredits5, m.extcredits6, m.extcredits7, m.extcredits8, digestposts, posts, pageviews, oltime, u.grouptitle,
		u.type, u.creditslower, u.creditshigher FROM {$tablepre}members m
		LEFT JOIN {$tablepre}usergroups u ON u.groupid=m.groupid
		WHERE uid='$uid'");
	if(!$member = $db->fetch_array($query)) {
		cpmsg('members_edit_nonexistence');
	} elseif(!$isfounder && ($member['adminid'] == 1 || $member['groupid'] == 1)) {
		cpmsg('members_super_edit_admin_allow');
	}

	if(!submitcheck('creditsubmit')) {

		eval("\$membercredit = @round($creditsformula);");

		$query = $db->query("SELECT value FROM {$tablepre}settings WHERE variable='creditsformula'");
		if($jscreditsformula = $db->result($query, 0)) {
			$jscreditsformula = str_replace(array('digestposts', 'posts', 'pageviews', 'oltime'), array($member['digestposts'], $member['posts'],$member['pageviews'],$member['oltime']), $jscreditsformula);
		}

		$creditscols = $creditsvalue = '';
		for($i = 1; $i <= 8; $i++) {
			$jscreditsformula = str_replace('extcredits'.$i, "extcredits[$i]", $jscreditsformula);
			$creditscols .= '<td width="9%">'.(isset($extcredits[$i]) ? $extcredits[$i]['title'] : 'extcredits'.$i).'</td>';
			$creditsvalue .= '<td class="altbg'.(($i + 1) % 2 + 1).'">'.(isset($extcredits[$i]) ? '<input type="text" size="3" name="extcreditsnew['.$i.']" id="extcreditsnew['.$i.']" value="'.$member['extcredits'.$i].'" onkeyup="membercredits()"> '.$extcredits['$i']['unit'] : '<input type="text" size="3" value="N/A" disabled>').'</td>';
		}

		$creditsrangs = $member['type'] == 'member' ? "$member[creditshigher]~$member[creditslower]" : 'N/A';

		shownav('members_edit_credits');
		showtips('credits_tips');

?>
<form name="input" method="post" action="admincp.php?action=editcredits&uid=<?=$uid?>">
<input type="hidden" name="formhash" value="<?=FORMHASH?>">
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="tableborder">
<tr class="header"><td colspan="10"><?=$lang['members_edit_credits']?> - <?=$member['username']?>(<?=$member['grouptitle']?>)</td></tr>
<tr class="category" align="center"><td width="14%"><?=$lang['members_edit_credits_ranges']?></td><td width="14%"><?=$lang['credits']?></td><?=$creditscols?></tr>
<tr align="center"><td class="altbg1"><?=$creditsrangs?></td><td class="altbg2"><input type="text" name="jscredits" id="jscredits" value="<?=$membercredit?>" size="3" disabled></td><?=$creditsvalue?></tr>
</table><br>
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="tableborder">
<tr class="header"><td colspan="2"><?=$lang['members_edit_reason']?></td></tr>
<tr><td class="altbg1" width="60%"><b><?=$lang['members_edit_credits_reason']?></b><br><span class="smalltxt"><?=$lang['members_edit_credits_reason_comment']?></span></td>
<td class="altbg2" width="40%"><textarea name="reason" rows="5" cols="30" style="width: 90%"></textarea></td></tr>
</table><br><center>
<script language="JavaScript">
var extcredits = new Array();
function membercredits() {
	var credits = 0;
	for(var i = 1; i <= 8; i++) {
		e = $('extcreditsnew['+i+']');
		if(e && parseInt(e.value)) {
			extcredits[i] = parseInt(e.value);
		} else {
			extcredits[i] = 0;
		}
	}
	$('jscredits').value = Math.round(<?=$jscreditsformula?>);
}
</script>
<input class="button" type="submit" name="creditsubmit" value="<?=$lang['submit']?>">
</center></form>
<?

	} else {

		$diffarray = array();
		$sql = $comma = '';
		if(is_array($extcreditsnew)) {
			foreach($extcreditsnew as $id => $value) {
				if($member['extcredits'.$id] != ($value = intval($value))) {
					$diffarray[$id] = $value - $member['extcredits'.$id];
					$sql .= $comma."extcredits$id='$value'";
					$comma = ', ';
				}
			}
		}

		if($diffarray) {
			if(empty($reason)) {
				cpmsg('members_edit_reason_invalid');
			}

			foreach($diffarray as $id => $diff) {
				$logs[] = dhtmlspecialchars("$timestamp\t$discuz_userss\t$adminid\t$member[username]\t$id\t$diff\t0\t\t$reason");
			}
			$db->query("UPDATE {$tablepre}members SET $sql WHERE uid='$uid'");
			writelog('ratelog', $logs);
		}

		cpmsg('members_edit_credits_succeed', "admincp.php?action=editcredits&uid=$uid");

	}

} elseif($action == 'editmedals' && $uid) {

	$query = $db->query("SELECT m.uid, m.username, mf.medals
		FROM {$tablepre}memberfields mf, {$tablepre}members m
		WHERE mf.uid='$uid' AND m.uid=mf.uid");

	if(!$member = $db->fetch_array($query)) {
		cpmsg('members_edit_nonexistence');
	}

	if(!submitcheck('medalsubmit')) {

		$medals = '';
		$membermedals = explode("\t", $member['medals']);
		$query = $db->query("SELECT * FROM {$tablepre}medals WHERE available='1'");
		while($medal = $db->fetch_array($query)) {
			$medals .= "<tr align=\"center\">\n".
				"<td class=\"altbg1\"><img src=\"images/common/$medal[image]\"></td>\n".
				"<td class=\"altbg2\">$medal[name]</td>\n".
				"<td class=\"altbg1\"><input class=\"checkbox\" type=\"checkbox\" name=\"medals[$medal[medalid]]\" value=\"1\" ".(in_array($medal['medalid'], $membermedals) ? 'checked' : '')."></td></td>\n";
		}

		if(!$medals) {
			cpmsg('members_edit_medals_nonexistence');
		}

		shownav('medals_edit');

?>
<form method="post" action="admincp.php?action=editmedals&uid=<?=$uid?>">
<input type="hidden" name="formhash" value="<?=FORMHASH?>">
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="tableborder">
<tr class="header"><td colspan="3"><?=$lang['medals_edit']?> - <?=$member['username']?></td></tr>
<tr class="category" align="center"><td><?=$lang['medals_image']?></td><td><?=$lang['name']?></td><td><?=$lang['medals_grant']?></td></tr>
<?=$medals?>
</table><br>
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="tableborder">
<tr class="header"><td colspan="2"><?=$lang['members_edit_reason']?></td></tr>
<tr><td class="altbg1" width="60%"><b><?=$lang['members_edit_medals_reason']?></b><br><span class="smalltxt"><?=$lang['members_edit_medals_reason_comment']?></span></td>
<td class="altbg2" width="40%"><textarea name="reason" rows="5" cols="30"></textarea></td></tr>
</table><br><center>
<input class="button" type="submit" name="medalsubmit" value="<?=$lang['submit']?>">
</center></form>
<?

	} else {

		$medalsarray = array();
		if(is_array($medals)) {
			foreach($medals as $medalid => $newgranted) {
				if($newgranted) {
					$medalsarray[] = intval($medalid);
				}
			}
		}

		$medalsnew = implode("\t", $medalsarray);
		$reason = preg_replace("/(\r\n|\r|\n)/", '<br />', dhtmlspecialchars(trim($reason)));

		if($member['medals'] != $medalsnew) {
			if(empty($reason)) {
				cpmsg('members_edit_reason_invalid');
			} else {
				$db->query("UPDATE {$tablepre}memberfields SET medals='$medalsnew' WHERE uid='$uid'");
			}
		}

		$origmedalsarray = explode("\t", $member['medals']);
		$logs = array();
		foreach(array_unique(array_merge($origmedalsarray, $medalsarray)) as $medalid) {
			if($medalid) {
				$orig = in_array($medalid, $origmedalsarray);
				$new = in_array($medalid, $medalsarray);
				if($orig != $new) {
					if($orig && !$new) {
						$medalaction = 'revoke';
					} elseif(!$orig && $new) {
						$medalaction = 'grant';
					}
					$logs[] = dhtmlspecialchars("$timestamp\t$discuz_userss\t$onlineip\t$member[username]\t$medalid\t$medalaction\t$reason");
				}
			}
		}

		writelog('medalslog', $logs);

		cpmsg('members_edit_medals_succeed', "admincp.php?action=editmedals&uid=$uid");

	}

} elseif($action == 'banmember') {

	if(!$allowbanuser) {
		cpmsg('action_noaccess');
	}

	$member = $currentstatus = array();
	if(!empty($username) || !empty($uid)) {
		$query = $db->query("SELECT m.*, mf.*, u.type AS grouptype, u.allowsigbbcode, u.allowsigimgcode FROM {$tablepre}members m
			LEFT JOIN {$tablepre}memberfields mf ON mf.uid=m.uid
			LEFT JOIN {$tablepre}usergroups u ON u.groupid=m.groupid
			WHERE ".($uid ? "m.uid='$uid'" : "m.username='$username'"));

		if(!$member = $db->fetch_array($query)) {
			cpmsg('members_edit_nonexistence');
		} elseif(($member['grouptype'] == 'system' && in_array($member['groupid'], array(1, 2, 3, 6, 7, 8))) || $member['grouptype'] == 'special') {
			cpmsg('members_edit_illegal');
		}

		$member['groupterms'] = unserialize($member['groupterms']);
		$member['banexpiry'] = !empty($member['groupterms']['main']['time']) && ($member['groupid'] == 4 || $member['groupid'] == 5) ? gmdate('Y-n-j', $member['groupterms']['main']['time'] + $timeoffset * 3600) : '';
		if($member['groupid'] == 4) {
			$check['post'] = 'checked';
			$currentstatus['post'] = ' ('.$lang['members_edit_current_status'].')';
		} elseif($member['groupid'] == 5) {
			$check['visit'] = 'checked';
			$currentstatus['visit']  = ' ('.$lang['members_edit_current_status'].')';
		} else {
			$check['none'] = 'checked';
			$currentstatus['none']  = ' ('.$lang['members_edit_current_status'].')';
		}
	}

	if(!submitcheck('bansubmit')) {

		echo '<script src="include/javascript/calendar.js" type="text/javascript"></script>';
		shownav('members_edit_ban_user');
		echo '<form method="post" action="admincp.php?action=banmember&uid=&formhash='.FORMHASH.'">';
		showtype($lang['members_edit_ban_user'].($member['username'] ? ' -'.$member['username'] : ''), 'top');
		showsetting('members_edit_us