📄 memcp.php
字号:
<?php
/*
[Discuz!] (C)2001-2007 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: memcp.php 10424 2007-08-29 08:44:01Z monkey $
*/
define('NOROBOT', TRUE);
require_once './include/common.inc.php';
$discuz_action = 7;
$avatarextarray = array('gif', 'jpg', 'png');
if(!$discuz_uid) {
showmessage('not_loggedin', NULL, 'HALTED');
}
$action = !empty($action) ? $action : '';
$operation = !empty($operation) ? $operation : '';
$maxbiosize = $maxbiosize ? $maxbiosize : 200;
$maxbiotradesize = $maxbiotradesize ? $maxbiotradesize : 400;
if(!$action) {
if($allowavatar || $allownickname) {
$query = $db->query("SELECT mf.nickname, mf.avatar, mf.avatarwidth, mf.avatarheight, m.gender, m.groupid
FROM {$tablepre}memberfields mf, {$tablepre}members m WHERE m.uid='$discuz_uid' AND mf.uid=m.uid");
$member = $db->fetch_array($query);
} else {
$member = array('nickname' => '', 'avatar' => '');
}
$avatar = $member['avatar'] ? "<div class=\"avatar\" style=\"width: ".$member['avatarwidth']."\"><img src=\"$member[avatar]\" width=\"$member[avatarwidth]\" height=\"$member[avatarheight]\" border=\"0\" alt=\"\" /></div>" : '<img class="avatar" src="images/avatars/noavatar.gif" alt="" />';
$validating = array();
if($regverify == 2 && $groupid == 8) {
$query = $db->query("SELECT * FROM {$tablepre}validating WHERE uid='$discuz_uid'");
if($validating = $db->fetch_array($query)) {
$validating['moddate'] = $validating['moddate'] ? gmdate("$dateformat $timeformat", $validating['moddate'] + $timeoffset * 3600) : 0;
$validating['adminenc'] = rawurlencode($validating['admin']);
}
}
$query = $db->query("SELECT uid, posts, digestposts, oltime, regdate, regip, lastvisit, lastip, lastpost FROM {$tablepre}members WHERE uid='$discuz_uid'");
$member = $db->fetch_array($query);
$member['postperday'] = $timestamp - $member['regdate'] > 86400 ? round(86400 * $member['posts'] / ($timestamp - $member['regdate']), 2) : $member['posts'];
$member['regdate'] = gmdate("$dateformat", $member['regdate'] + $timeoffset * 3600);
$member['lastvisit'] = gmdate("$dateformat $timeformat", $member['lastvisit'] + ($timeoffset * 3600));
$member['lastpost'] = $member['lastpost'] ? gmdate("$dateformat $timeformat", $member['lastpost'] + ($timeoffset * 3600)) : 'x';
require_once DISCUZ_ROOT.'./include/misc.func.php';
$member['regiplocation'] = convertip($member['regip']);
$member['lastiplocation'] = convertip($member['lastip']);
$msgexists = 0;
$msglist = array();
$query = $db->query("SELECT * FROM {$tablepre}pms WHERE msgtoid='$discuz_uid' AND folder='inbox' AND delstatus!='2' ORDER BY dateline DESC LIMIT 0, 5");
while($message = $db->fetch_array($query)) {
$msgexists = 1;
$message['dateline'] = gmdate("$dateformat $timeformat", $message['dateline'] + $timeoffset * 3600);
$message['subject'] = $message['new'] ? "<b>$message[subject]</b>" : $message['subject'];
$msglist[] = $message;
}
$loglist = array();
$query = $db->query("SELECT * FROM {$tablepre}creditslog WHERE uid='$discuz_uid' ORDER BY dateline DESC LIMIT 5");
while($log = $db->fetch_array($query)) {
$log['fromtoenc'] = rawurlencode($log['fromto']);
$log['dateline'] = gmdate("$dateformat $timeformat", $log['dateline'] + $timeoffset * 3600);
$loglist[] = $log;
}
include template('memcp_home');
} elseif($action == 'profile') {
$typeid = empty($typeid) || !in_array($typeid, array(1, 2, 3, 4, 5)) ? 2 : $typeid;
require_once DISCUZ_ROOT.'./forumdata/cache/cache_profilefields.php';
$query = $db->query("SELECT * FROM {$tablepre}members m
LEFT JOIN {$tablepre}memberfields mf ON mf.uid=m.uid
WHERE m.uid='$discuz_uid'");
$member = $db->fetch_array($query);
$seccodecheck = substr(sprintf('%05b', $seccodestatus), -5, 1) && (!$seccodedata['minposts'] || $posts < $seccodedata['minposts']);
$passport_status = $passport_status == 'shopex' && $passport_shopex ? '' : $passport_status;
if(!submitcheck('editsubmit', 0, $seccodecheck)) {
require_once DISCUZ_ROOT.'./include/editor.func.php';
$enctype = $allowavatar == 3 && $typeid == 4 ? 'enctype="multipart/form-data"' : '';
if($typeid == 1) {
if($seccodecheck) {
$seccode = random(6, 1) + $seccode{0} * 1000000;
}
} elseif($typeid == 2) {
$gendercheck = array($member['gender'] => 'checked="checked"');
} elseif($typeid == 4) {
if(substr(trim($member['avatar']), 0, 14) == 'customavatars/' && !file_exists(DISCUZ_ROOT.'./'.$member['avatar'])) {
$db->query("UPDATE {$tablepre}memberfields SET avatar='', avatarwidth='0', avatarheight='0' WHERE uid='$discuz_uid'");
$member['avatar'] = '';
}
$bio = explode("\t\t\t", $member['bio']);
$member['bio'] = html2bbcode($bio[0]);
$member['biotrade'] = html2bbcode($bio[1]);
$member['signature'] = html2bbcode($member['sightml']);
$member['avatarwidth'] = !empty($member['avatarwidth']) ? $member['avatarwidth'] : '*';
$member['avatarheight'] = !empty($member['avatarheight']) ? $member['avatarheight'] : '*';
} elseif($typeid == 5) {
$invisiblechecked = $member['invisible'] ? 'checked="checked"' : '';
$emailchecked = $member['showemail'] ? 'checked="checked"' : '';
$newschecked = $member['newsletter'] ? 'checked="checked"' : '';
$tppchecked = array($member['tpp'] => 'selected="selected"');
$pppchecked = array($member['ppp'] => 'selected="selected"');
$toselect = array(strval((float)$member['timeoffset']) => 'selected="selected"');
$pscheck = array(intval($member['pmsound']) => 'checked="checked"');
$emcheck = array($member['editormode'] => 'selected="selected"');
$tfcheck = array($member['timeformat'] => 'checked="checked"');
$dfcheck = array($member['dateformat'] => 'selected="selected"');
$styleselect = '';
$query = $db->query("SELECT styleid, name FROM {$tablepre}styles WHERE available='1'");
while($style = $db->fetch_array($query)) {
$styleselect .= "<option value=\"$style[styleid]\" ".
($style['styleid'] == $member['styleid'] ? 'selected="selected"' : NULL).
">$style[name]</option>\n";
}
$customshow = str_pad(base_convert($member['customshow'], 10, 3), 3, 0, STR_PAD_LEFT);
$sschecked = array($customshow{0} => 'selected="selected"');
$sachecked = array($customshow{1} => 'selected="selected"');
$sichecked = array($customshow{2} => 'selected="selected"');
$dateformatlist = array();
if(!empty($userdateformat) && ($count = count($userdateformat))) {
for($num =1; $num <= $count; $num ++) {
$dateformatlist[$num] = str_replace(array('n', 'j', 'y', 'Y'), array('mm', 'dd', 'yy', 'yyyy'), $userdateformat[$num-1]);
}
}
}
include template('memcp_profile');
} else {
require_once DISCUZ_ROOT.'./include/discuzcode.func.php';
$membersql = $memberfieldsql = $authstradd1 = $authstradd2 = $newpasswdadd = '';
if($typeid == 1) {
if(!$passport_status) {
$secquesnew = $questionidnew == -1 ? $discuz_secques : quescrypt($questionidnew, $answernew);
if($newpassword || $secquesnew != $discuz_secques) {
if(md5($oldpassword) != $discuz_pw) {
showmessage('profile_passwd_wrong', NULL, 'HALTED');
}
if($newpassword) {
if($newpassword != addslashes($newpassword)) {
showmessage('profile_passwd_illegal');
} elseif($newpassword != $newpassword2) {
showmessage('profile_passwd_notmatch');
}
$newpasswdadd = ", password='".md5($newpassword)."'";
}
}
if(($adminid == 1 || $adminid == 2 || $adminid == 3) && !$secquesnew && $admincp['forcesecques']) {
showmessage('profile_admin_security_invalid');
}
}
if($emailnew != $member['email']) {
if(md5($oldpassword) != $discuz_pw && !$passport_status) {
showmessage('profile_passwd_wrong', NULL, 'HALTED');
} else {
$emailnew = $passport_status ? $member['email'] : $emailnew;
$accessexp = '/('.str_replace("\r\n", '|', preg_quote($accessemail, '/')).')$/i';
$censorexp = '/('.str_replace("\r\n", '|', preg_quote($censoremail, '/')).')$/i';
$invalidemail = $accessemail ? !preg_match($accessexp, $emailnew) : $censoremail && preg_match($censorexp, $emailnew);
if(!isemail($emailnew) || $invalidemail) {
showmessage('profile_email_illegal');
}
}
}
$emailnew = dhtmlspecialchars($emailnew);
if($regverify == 1 && $adminid == 0 && (($grouptype == 'member' && $adminid == 0) || $groupid == 8)) {
$query = $db->query("SELECT email FROM {$tablepre}members WHERE uid='$discuz_uid'");
if($emailnew != $db->result($query, 0)) {
if(!$doublee) {
$query = $db->query("SELECT uid FROM {$tablepre}members WHERE email='$emailnew' LIMIT 1");
if($db->result($query, 0)) {
showmessage('profile_email_duplicate');
}
}
$idstring = random(6);
$groupid = 8;
require_once DISCUZ_ROOT.'./forumdata/cache/usergroup_8.php';
$authstradd1 = ", groupid='8'";
$authstradd2 = "authstr='$timestamp\t2\t$idstring'";
sendmail("$discuz_userss <$emailnew>", 'email_verify_subject', 'email_verify_message');
}
}
$membersql = "secques='$secquesnew', email='$emailnew' $newpasswdadd $authstradd1";
$memberfieldsql = $authstradd2;
} elseif($typeid == 2) {
$censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($censoruser = trim($censoruser)), '/')).')$/i';
if($censoruser && (@preg_match($censorexp, $nicknamenew) || @preg_match($censorexp, $cstatusnew))) {
showmessage('profile_nickname_cstatus_illegal');
}
if($msnnew && !isemail($msnnew)) {
showmessage('profile_alipay_msn');
}
if($alipaynew && !isemail($alipaynew)) {
showmessage('profile_alipay_illegal');
}
$sitenew = dhtmlspecialchars(trim(preg_match("/^https?:\/\/.+/i", $sitenew) ? $sitenew : ($sitenew ? 'http://'.$sitenew : '')));
$icqnew = preg_match ("/^([0-9]+)$/", $icqnew) && strlen($icqnew) >= 5 && strlen($icqnew) <= 12 ? $icqnew : '';
$qqnew = preg_match ("/^([0-9]+)$/", $qqnew) && strlen($qqnew) >= 5 && strlen($qqnew) <= 12 ? $qqnew : '';
$bdaynew = datecheck($bdaynew) ? $bdaynew : '0000-00-00';
$yahoonew = dhtmlspecialchars($yahoonew);
$msnnew = dhtmlspecialchars($msnnew);
$taobaonew = dhtmlspecialchars($taobaonew);
$alipaynew = dhtmlspecialchars($alipaynew);
$nicknamenew = $allownickname ? cutstr(censor(dhtmlspecialchars($nicknamenew)), 30) : '';
$cstatusadd = $allowcstatus ? ', customstatus=\''.cutstr(censor(dhtmlspecialchars($cstatusnew)), 30).'\'' : '';
$gendernew = empty($gendernew) ? 0 : intval($gendernew);
$locationnew = cutstr(censor(dhtmlspecialchars($locationnew)), 30);
$membersql = "gender='$gendernew', bday='$bdaynew'";
$memberfieldsql = "nickname='$nicknamenew', site='$sitenew', location='$locationnew', icq='$icqnew', qq='$qqnew', yahoo='$yahoonew', msn='$msnnew', taobao='$taobaonew', alipay='$alipaynew' $cstatusadd";
} elseif($typeid == 3 && ($_DCACHE['fields_required'] || $_DCACHE['fields_optional'])) {
$fieldadd = array();
foreach(array_merge($_DCACHE['fields_required'], $_DCACHE['fields_optional']) as $field) {
$field_key = 'field_'.$field['fieldid'];
$field_val = trim(${'field_'.$field['fieldid'].'new'});
if($field['required'] && $field_val == '' && !($field['unchangeable'] && $member[$field_key])) {
showmessage('profile_required_info_invalid');
} elseif($field['selective'] && $field_val != '' && !isset($field['choices'][$field_val])) {
showmessage('undefined_action', NULL, 'HALTED');
} elseif(!$field['unchangeable'] || !$member[$field_key]) {
$fieldadd[] = "$field_key='".dhtmlspecialchars($field_val)."'";
}
}
$memberfieldsql = implode(', ', $fieldadd);
} elseif($typeid == 4) {
if($maxsigsize) {
if(strlen($signaturenew) > $maxsigsize) {
showmessage('profile_sig_toolong');
}
} else {
$signaturenew = '';
}
$avataradd = $avatar = '';
$avatarimagesize = array();
if($allowavatar == 3 && disuploadedfile($_FILES['customavatar']['tmp_name']) && $_FILES['customavatar']['tmp_name'] != 'none' && $_FILES['customavatar']['tmp_name'] && trim($_FILES['customavatar']['name'])) {
$_FILES['customavatar']['name'] = daddslashes($_FILES['customavatar']['name']);
$avatarext = strtolower(fileext($_FILES['customavatar']['name']));
if(is_array($avatarextarray) && !in_array($avatarext, $avatarextarray)) {
showmessage('profile_avatar_invalid');
}
$avatar = 'customavatars/'.$discuz_uid.'.'.$avatarext;
$avatartarget = DISCUZ_ROOT.'./'.$avatar;
if(!@copy($_FILES['customavatar']['tmp_name'], $avatartarget)) {
@move_uploaded_file($_FILES['customavatar']['tmp_name'], $avatartarget);
}
$avatarimagesize = @getimagesize($avatartarget);
if(!$avatarimagesize || ($maxavatarsize && @filesize($avatartarget) > $maxavatarsize)) {
@unlink($avatartarget);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -