topicadmin.php

极限网络智能办公系统 Office Automation V3.0官方100％源代码.

<?php

/*
	[Discuz!] (C)2001-2007 Comsenz Inc.
	This is NOT a freeware, use is subject to license terms

	$RCSfile: topicadmin.php,v $
	$Revision: 1.91.2.6 $
	$Date: 2007/03/21 15:52:05 $
*/

define('CURSCRIPT', 'topicadmin');
define('NOROBOT', TRUE);

require_once './include/common.inc.php';
require_once DISCUZ_ROOT.'./include/post.func.php';
require_once DISCUZ_ROOT.'./include/misc.func.php';

$discuz_action = 201;
$modpostsnum = $iscircleadmin = 0;
$resultarray = $thread = array();

if($gid = intval($gid)) {
        if($supe['circlestatus'] && $discuz_uid && $action == 'moderate' && $operation == 'delete' && supe_submitcheck()) {
                supe_dbconnect();
        	$query = $supe['db']->query("SELECT COUNT(*) FROM {$supe[tablepre]}groups WHERE gid='$gid' AND uid='$discuz_uid' AND flag=1");
                $iscircleadmin = $db->result($query, 0);
        }
}

if(!$discuz_uid || !($forum['ismoderator'] || $iscircleadmin)) {
	showmessage('admin_nopermission', NULL, 'HALTED');
}

if($forum['type'] == 'forum') {
	$navigation = "&raquo; <a href=\"forumdisplay.php?fid=$fid\">$forum[name]</a>";
	$navtitle = strip_tags($forum['name']);
} else {
	$query = $db->query("SELECT fid, name FROM {$tablepre}forums WHERE fid='$forum[fup]'");
	$fup = $db->fetch_array($query);
	$navigation = "&raquo; <a href=\"forumdisplay.php?fid=$fup[fid]\">$fup[name]</a> &raquo; <a href=\"forumdisplay.php?fid=$fid\">$forum[name]</a> ";
	$navtitle = strip_tags($fup['name']).' - '.strip_tags($forum['name']);
}

if(!empty($tid)) {

	$query = $db->query("SELECT * FROM {$tablepre}threads WHERE tid='$tid' AND fid='$fid' AND displayorder>='0'");
	if(!$thread = $db->fetch_array($query)) {
		showmessage('thread_nonexistence');
	}

	$navigation .= " &raquo; <a href=\"viewthread.php?tid=$tid\">$thread[subject]</a> ";
	$navtitle .= ' - '.$thread['subject'].' - ';

	if($thread['special'] && in_array($action, array('copy', 'split', 'merge'))) {
		showmessage('special_noaction');
	}
}
// Reason P.M. Preprocess Start
$reasonpmcheck = $reasonpm == 2 || $reasonpm == 3 ? 'checked disabled' : '';
if(($reasonpm == 2 || $reasonpm == 3) || !empty($sendreasonpm)) {
	$forumname = strip_tags($forum['name']);
	$sendreasonpm = 1;
} else {
	$sendreasonpm = 0;
}
// End

$postcredits = $forum['postcredits'] ? $forum['postcredits'] : $creditspolicy['post'];
$replycredits = $forum['replycredits'] ? $forum['replycredits'] : $creditspolicy['reply'];
$digestcredits = $forum['digestcredits'] ? $forum['digestcredits'] : $creditspolicy['digest'];
$postattachcredits = $forum['postattachcredits'] ? $forum['postattachcredits'] : $creditspolicy['postattach'];


if(in_array($action, array('moderate', 'delete', 'move', 'highlight', 'type', 'close', 'stick', 'digest', 'supe_push', 'bump'))) {

	require_once DISCUZ_ROOT.'./include/moderation.inc.php';

} elseif($action == 'delpost') {

	if(!($deletepids = implodeids($delete))) {
		showmessage('admin_delpost_invalid');
	} elseif(!$allowdelpost || !$tid) {
		showmessage('admin_nopermission', NULL, 'HALTED');
	}  else {
		$query = $db->query("SELECT pid FROM {$tablepre}posts WHERE pid IN ($deletepids) AND first='1'");
		if($db->num_rows($query)) {
			dheader("Location: {$boardurl}topicadmin.php?action=delete&amp;tid=$thread[tid]");
		}
	}

	if(!submitcheck('delpostsubmit')) {

		$deleteid = '';
		foreach($delete as $id) {
			$deleteid .= '<input type="hidden" name="delete[]" value="'.$id.'">';
		}

		include template('topicadmin_delpost');

	} else {

		checkreasonpm();

		$pids = 0;
		$posts = $uidarray = $puidarray = $auidarray = array();
		$losslessdel = $losslessdel > 0 ? $timestamp - $losslessdel * 86400 : 0;
		$query = $db->query("SELECT pid, authorid, dateline, message FROM {$tablepre}posts WHERE pid IN ($deletepids) AND tid='$tid'");
		while($post = $db->fetch_array($query)) {
			$posts[] = $post;
			$pids .= ','.$post['pid'];
			$comma = ',';
			if($post['dateline'] < $losslessdel) {
				$uidarray[] = $post['authorid'];
			} else {
				$puidarray[] = $post['authorid'];
			}
			$modpostsnum ++;
		}

		if($uidarray) {
			updatepostcredits('-', $uidarray, array());
		}
		if($puidarray) {
			updatepostcredits('-', $puidarray, $replycredits);
		}
		$query = $db->query("SELECT uid, attachment, thumb, remote FROM {$tablepre}attachments WHERE pid IN ($pids)");
		while($attach = $db->fetch_array($query)) {
			if(in_array($attach['uid'], $puidarray)) {
				$auidarray[$attach['uid']] = !empty($auidarray[$attach['uid']]) ? $auidarray[$attach['uid']] + 1 : 1;
			}
			dunlink($attach['attachment'], $attach['thumb'], $attach['remote']);
		}
		if($auidarray) {
			updateattachcredits('-', $auidarray, $postattachcredits);
		}

		$logs = array();
		$query = $db->query("SELECT r.extcredits, r.score, p.authorid, p.author FROM {$tablepre}ratelog r LEFT JOIN {$tablepre}posts p ON r.pid=p.pid WHERE r.pid IN ($pids)");
		while($author = $db->fetch_array($query)) {
			if($author['score'] > 0) {
				$db->query("UPDATE {$tablepre}members SET extcredits{$author[extcredits]}=extcredits{$author[extcredits]}-($author[score]) WHERE uid = $author[authorid]");
				$author[score] = $extcredits[$id]['title'].' '.-$author[score].' '.$extcredits[$id]['unit'];
				$logs[] = dhtmlspecialchars("$timestamp\t$discuz_userss\t$adminid\t$author[author]\t$author[extcredits]\t$author[score]\t$thread[tid]\t$thread[subject]\t$delpostsubmit");
			}
		}
		if(!empty($logs)) {
			writelog('ratelog', $logs);
			unset($logs);
		}

		$db->query("DELETE FROM {$tablepre}ratelog WHERE pid IN ($pids)");
		$db->query("DELETE FROM {$tablepre}myposts WHERE pid IN ($pids)");
		$db->query("DELETE FROM {$tablepre}attachments WHERE pid IN ($pids)");
		$db->query("DELETE FROM {$tablepre}posts WHERE pid IN ($pids)");

		updatethreadcount($tid, 1);
		updateforumcount($fid);

		$forum['threadcaches'] && deletethreadcaches($thread['tid']);

		$modaction = 'DLP';

		$resultarray = array(
		'redirect'	=> "viewthread.php?tid=$tid&amp;page=$page",
		'reasonpm'	=> ($sendreasonpm ? array('data' => $posts, 'var' => 'post', 'item' => 'reason_delete_post') : array()),
		'modtids'	=> 0,
		'modlog'	=> $thread
		);

	}

} elseif($action == 'refund' && $allowrefund && $thread['price'] > 0) {

	if(!isset($extcredits[$creditstrans])) {
		showmessage('credits_transaction_disabled');
	}

	if($thread['special'] != 0) {
		showmessage('special_refundment_invalid');
	}

	if(!submitcheck('refundsubmit')) {

		$query = $db->query("SELECT COUNT(*) AS payers, SUM(netamount) AS netincome FROM {$tablepre}paymentlog WHERE tid='$tid'");
		$payment = $db->fetch_array($query);

		include template('topicadmin_refund');

	} else {

		$modaction = 'RFD';
		$modpostsnum ++;

		checkreasonpm();

		$totalamount = 0;
		$amountarray = array();

		$logarray = array();
		$query = $db->query("SELECT * FROM {$tablepre}paymentlog WHERE tid='$tid'");
		while($log = $db->fetch_array($query)) {
			$totalamount += $log['amount'];
			$amountarray[$log['amount']][] = $log['uid'];
		}

		$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans-$totalamount WHERE uid='$thread[authorid]'");
		$db->query("UPDATE {$tablepre}threads SET price='-1', moderated='1' WHERE tid='$thread[tid]'");

		foreach($amountarray as $amount => $uidarray) {
			$db->query("UPDATE {$tablepre}members SET extcredits$creditstrans=extcredits$creditstrans+$amount WHERE uid IN (".implode(',', $uidarray).")");
		}

		$db->query("UPDATE {$tablepre}paymentlog SET amount='0', netamount='0' WHERE tid='$tid'");

		$resultarray = array(
		'redirect'	=> "viewthread.php?tid=$tid",
		'reasonpm'	=> ($sendreasonpm ? array('data' => array($thread), 'var' => 'thread', 'item' => 'reason_moderate') : array()),
		'modtids'	=> $thread['tid'],
		'modlog'	=> $thread
		);

	}

} elseif($action == 'repair') {

	$query = $db->query("SELECT COUNT(*) FROM {$tablepre}posts WHERE tid='$tid' AND invisible='0'");
	$replies = $db->result($query, 0) - 1;

	$query = $db->query("SELECT a.aid FROM {$tablepre}posts p, {$tablepre}attachments a WHERE a.tid='$tid' AND a.pid=p.pid AND p.invisible='0' LIMIT 1");
	$attachment = $db->num_rows($query) ? 1 : 0;

	$query  = $db->query("SELECT pid, subject, rate FROM {$tablepre}posts WHERE tid='$tid' AND invisible='0' ORDER BY dateline LIMIT 1");
	$firstpost = $db->fetch_array($query);
	$firstpost['subject'] = addslashes(cutstr($firstpost['subject'], 79));
	@$firstpost['rate'] = $firstpost['rate'] / abs($firstpost['rate']);

	$query  = $db->query("SELECT author, dateline FROM {$tablepre}posts WHERE tid='$tid' AND invisible='0' ORDER BY dateline DESC LIMIT 1");
	$lastpost = $db->fetch_array($query);

	$db->query("UPDATE {$tablepre}threads SET subject='$firstpost[subject]', replies='$replies', lastpost='$lastpost[dateline]', lastposter='".addslashes($lastpost['author'])."', rate='$firstpost[rate]', attachment='$attachment' WHERE tid='$tid'", 'UNBUFFERED');
	$db->query("UPDATE {$tablepre}posts SET first='1', subject='$firstpost[subject]' WHERE pid='$firstpost[pid]'", 'UNBUFFERED');
	$db->query("UPDATE {$tablepre}posts SET first='0' WHERE tid='$tid' AND pid<>'$firstpost[pid]'", 'UNBUFFERED');
	showmessage('admin_succeed', "viewthread.php?tid=$tid");

} elseif($action == 'getip' && $allowviewip) {

	$query = $db->query("SELECT m.adminid, p.useip FROM {$tablepre}posts p
				LEFT JOIN {$tablepre}members m ON m.uid=p.authorid
				WHERE pid='$pid' AND tid='$tid'");
	if(!$member = $db->fetch_array($query)) {
		showmessage('thread_nonexistence', NULL, 'HALTED');