📄 job.php
字号:
<?php
require_once('global.php');
if ($action=='delimg'){
!$winduid && Showmsg('undefined_action');
$imgdb=$db->get_one("SELECT icon FROM pw_members WHERE uid='$winduid'");
Add_S($imgdb);
if($imgdb){
$deldb=explode("|",$imgdb['icon']);
if($deldb[1] && !ereg("^http",$deldb[1])&& strpos($deldb[1],'..')===false){
P_unlink("$imgdir/upload/$deldb[1]");
$db->update("UPDATE pw_members SET icon='$deldb[0]' WHERE uid='$winduid'");
} else{
Showmsg('job_delimg_error');
}
}
refreshto("profile.php?action=modify",'operate_success');
}elseif($action=="showping"){
require_once(R_P.'require/msg.php');
require_once(R_P.'require/forum.php');
include_once(D_P.'data/bbscache/forum_cache.php');
if(!is_numeric($pid)){
$atc=$db->get_one("SELECT fid,author,authorid,postdate,subject,tm.ifmark,credit FROM pw_threads t LEFT JOIN pw_tmsgs tm ON tm.tid=t.tid LEFT JOIN pw_memberinfo m ON m.uid='$winddb[uid]' WHERE t.tid='$tid'");
} else{
$atc=$db->get_one("SELECT fid,author,authorid,postdate,subject,ifmark,credit,content FROM pw_posts p LEFT JOIN pw_memberinfo m ON m.uid='$winddb[uid]' WHERE pid='$pid'");
}
Add_S($atc);
$fid=$atc['fid'];
$foruminfo=$db->get_one("SELECT name,f_type,style,password,allowvisit,cms,forumadmin FROM pw_forums WHERE fid='$fid' AND type<>'category'");
if(!$foruminfo){
require_once(R_P.'require/url_error.php');
}
wind_forumcheck($foruminfo);
list($db_moneyname,$db_moneyunit,$db_rvrcname,$db_rvrcunit,$db_creditname,$db_creditunit)=explode("\t",$db_credits);
list($maxcredit,$minper,$maxper,$credittype)=explode("|",$_G['markdb']);
!$minper && $minper=0;
!$maxper && $maxper=0;
if(($windid != $manager && strpos($foruminfo['forumadmin'],','.$windid.',')===false && !$_G['markable']) || !$credittype || ($minper==0 && $maxper==0)){
Showmsg('no_markright');
}
if(!$atc['author']){
require_once(R_P.'require/url_error.php');
}
if ($winduid==$atc['authorid'] && $windid != $manager){
Showmsg('masigle_manager');
}
$creditselect='';
if(strpos($credittype,'rvrc')!==false){
$creditselect='<option value=rvrc>'.$db_rvrcname.'</option>';
}
if(strpos($credittype,'money')!==false){
$creditselect.='<option value=money>'.$db_moneyname.'</option>';
}
if(strpos($credittype,'credit')!==false){
$creditselect.='<option value=credit>'.$db_creditname.'</option>';
}
$cid && $cid!='rvrc' && $cid!='money' && $cid!='credit' && !is_numeric($cid) && Showmsg('credit_error');
if($cid=='rvrc'){
$name=$db_rvrcname;
$unit=$db_rvrcunit;
} elseif($cid=='money'){
$name=$db_moneyname;
$unit=$db_moneyunit;
} elseif($cid=='credit'){
$name=$db_creditname;
$unit=$db_creditunit;
} else{
$name=$unit='';
}
$query=$db->query("SELECT cid,name,unit FROM pw_credits");
while($creditdb=$db->fetch_array($query)){
$key=$creditdb['cid'];
if(strpos($credittype,','.$key.',')!==false){
$creditselect.="<option value='$key'>$creditdb[name]</option>";
}
if($key==$cid){
$name=$creditdb['name'];
$unit=$creditdb['unit'];
}
}
unset($creditdb);
require_once(R_P.'require/header.php');
if ($_POST['step'] != 1){
$reason_sel='';
$reason_a=explode("\n",$db_adminreason);
foreach($reason_a as $k=>$v){
if($v=trim($v)){
$reason_sel .= "<option value=\"$v\">$v</option>";
}else{
$reason_sel .= "<option value=\"\">-------</option>";
}
}
require_once PrintEot('mark');footer();
}
require_once GetLang('masigle');
if(strpos($credittype,$cid)===false){
Showmsg('masigle_credit_right');
}
$addpoint=(int)$addpoint;
if(!is_numeric($addpoint) || $addpoint==0){
Showmsg('member_credit_error');
}
if($addpoint>$maxper || $addpoint<$minper){
Showmsg('masigle_creditlimit');
}
if($maxcredit){
$creditdb=explode("\t",$atc['credit']);
if($creditdb[0]<$tdtime){
$creditdb[0]=$tdtime;
$creditdb[1]=abs($addpoint);
if($creditdb[1]>$maxcredit){
$leavepoint=max(0,$maxcredit-$creditdb[1]);
Showmsg('masigle_point');
}
} else{
if($creditdb[1]+abs($addpoint)>$maxcredit){
$leavepoint=max(0,$maxcredit-$creditdb[1]);
Showmsg('masigle_point');
} else{
$creditdb[0]=$timestamp;
$creditdb[1]+=abs($addpoint);
}
}
$newcreditdb=$creditdb[0]."\t".$creditdb[1];
$rt=$db->get_one("SELECT uid FROM pw_memberinfo WHERE uid='$winduid'");
if($rt['uid']){
$db->update("UPDATE pw_memberinfo SET credit='$newcreditdb' WHERE uid='$winduid'");
} else{
$db->update("INSERT INTO pw_memberinfo(uid,credit) VALUES('$winduid','$newcreditdb')");
}
}
addcredit($atc['authorid'],$cid,$addpoint);
if($db_autoban && $addpoint<0){
require_once(R_P.'require/autoban.php');
autoban($atc['authorid']);
}
$ifmark=$atc['ifmark']? $name.':'.$addpoint.'('.addslashes($windid).")\t".$atc['ifmark'] : $name.':'.$addpoint.'('.addslashes($windid).')';
if(strlen($ifmark)>120){
$ifmark=substr($ifmark,0,120);
$ifmark=substr($ifmark,0,strrpos($ifmark,"\t"));
}
if(!is_numeric($pid)){
$db->update("UPDATE pw_threads SET ifmark=ifmark+'$addpoint' WHERE tid='$tid'");
$db->update("UPDATE pw_tmsgs SET ifmark='$ifmark' WHERE tid='$tid'");
} else{
$db->update("UPDATE pw_posts SET ifmark='$ifmark' WHERE pid='$pid'");
}
$atc_content=Char_cv($atc_content);
!$atc['subject'] && $atc['subject']=substrs($atc['content'],35);
if($ifmsg){
$msg=array(
$atc['author'],
$winduid,
'ping_title',
$timestamp,
'ping_content',
'',
$windid,
'fid' => $atc['fid'],
'tid' => $tid,
'subject' => $atc['subject'],
'postdate' => get_date($atc['postdate']),
'forum' => $forum[$atc['fid']]['name'],
'affect' => "$name:$addpoint",
'admindate' => get_date($timestamp),
'reason' => $atc_content
);
writenewmsg($msg,1);
}
require_once(R_P.'require/writelog.php');
$log = array(
'type' => 'credit',
'username1' => $atc['author'],
'username2' => $windid,
'field1' => $fid,
'field2' => '',
'field3' => '',
'descrip' => 'credit_descrip',
'timestamp' => $timestamp,
'ip' => $onlineip,
'tid' => $tid,
'forum' => $foruminfo['name'],
'subject' => $atc['subject'],
'affect' => "$name:$addpoint",
'reason' => $atc_content
);
writelog($log);
$ifcheck=1;
if($foruminfo['allowhtm']){
if($foruminfo['cms']){
require_once $db_cp.'require/c_buildhtml.php';
BuildTopicHtml($tid,$foruminfo);
} else {
include_once R_P.'require/template.php';
}
refreshto("read.php?tid=$tid&page=$page",'enter_thread');
} else{
refreshto("read.php?tid=$tid&page=$page",'enter_thread');
}
}elseif($action=='report'){
!$gp_allowreport && Showmsg('report_right');
$pid=(int)$pid;
if(!$winduid || !is_numeric($tid) && !is_numeric($pid)){
Showmsg('undefined_action');
}
$rt=$db->get_one("SELECT tid FROM pw_report WHERE uid='$winduid' AND tid='$tid' AND pid='$pid'");
if($rt){
Showmsg('have_report');
}
if(!$step){
require_once(R_P.'require/header.php');
require_once PrintEot('report');footer();
} elseif($step==2){
$reason=Char_cv($reason);
$db->update("INSERT INTO pw_report(tid,pid,uid,type,reason) VALUES('$tid','$pid','$winduid','$type','$reason')");
Showmsg('report_success');
}
}elseif($action=='sign'){
!$winduid && Showmsg('undefined_action');
$db->update("UPDATE pw_memberdata SET lastvisit='$timestamp' WHERE uid='$winduid'");
refreshto("$db_bfn",'operate_success');
}elseif($action=='switch'){
!$winduid && Showmsg('undefined_action');
$cur=$cur==0 ? 1 : 0;
$db->update("UPDATE pw_memberdata SET editor='$cur' WHERE uid='$winduid'");
$jump=str_replace('=','=',$jump);
$jump = base64_decode($jump);
refreshto($jump,'operate_success');
}elseif($previewjob=='preview'){
require_once(R_P.'require/bbscode.php');
require_once(R_P.'require/header.php');
$atc_content=Char_cv($atc_content);
$atc_content=str_replace("\n","<br>",$atc_content);
$preatc=convert($atc_content,$db_windpost);
require_once PrintEot('preview');footer();
} elseif($action=='redirect'){
$aid=(int)$aid;
$rt=$db->get_one("SELECT uid,uploadtime FROM pw_attachs WHERE aid='$aid'");
if($rt){
$urladd='';
if($goto=='next'){
$rt=$db->get_one("SELECT aid FROM pw_attachs WHERE uid='$rt[uid]' AND aid!='$aid' AND type='img' AND aid<='$aid' ORDER BY aid DESC LIMIT 1");
!$rt['aid'] && $urladd='&nonext=1';
}elseif($goto=='pre'){
$rt=$db->get_one("SELECT aid FROM pw_attachs WHERE uid='$rt[uid]' AND aid!='$aid' AND type='img' AND aid>='$aid' ORDER BY aid LIMIT 1");
!$rt['aid'] && $urladd='&nopre=1';
}
$rt['aid'] && $aid=$rt['aid'];
ObHeader("show.php?action=pic&aid=$aid$urladd");
}else{
Showmsg('pic_not_exists');
}
} elseif($rd_previous==1){
if(!is_numeric($tid)){
require_once(R_P.'require/url_error.php');
}
$rs = $db->get_one("SELECT fid,postdate,lastpost FROM pw_threads WHERE tid='$tid'");
if($url){
$lastpost = $rs['postdate'];
$by='postdate';
}else{
$lastpost = $rs['lastpost'];
$by='lastpost';
$url='read.php';
}
$fid=$rs['fid'];
if($goto=="previous"){
$next = $db->get_one("SELECT tid,postdate FROM pw_threads WHERE fid='$fid' AND $by>'$lastpost' ORDER BY $by ASC LIMIT 1");
if($next) {
ObHeader("$url?tid=$next[tid]");
} else {
ObHeader("$url?tid=$tid");
}
} elseif($goto=="next"){
$last = $db->get_one("SELECT tid,postdate FROM pw_threads WHERE fid='$fid' AND $by<'$lastpost' ORDER BY $by DESC LIMIT 1");
if($last) {
ObHeader("$url?tid=$last[tid]");
} else {
ObHeader("$url?tid=$tid");
}
}
} elseif($action=='download'){
if(is_numeric($aid)){
if(is_numeric($pid)){
$table = 'pw_posts';
$where = "pid='$pid'";
$post = $db->get_one("SELECT fid,aid FROM pw_posts WHERE pid='$pid'");
} else{
$table = 'pw_tmsgs';
$where = "tid='$tid'";
$post = $db->get_one("SELECT t.fid,tm.aid FROM pw_threads t LEFT JOIN pw_tmsgs tm USING(tid) WHERE t.tid='$tid'");
}
$attach = unserialize(stripslashes($post['aid']));
$fid = $post['fid'];
$attachurl='';
!$attach[$aid] && Showmsg('job_attach_error');
@extract($attach[$aid]);
if(!$attachurl || strpos($attachurl,'..')!==false){
Showmsg('job_attach_error');
}
} else{
Showmsg('job_attach_error');
}
require_once(R_P.'require/forum.php');
$foruminfo=$db->get_one("SELECT f_type,style,password,allowvisit,forumadmin,allowdownload FROM pw_forums WHERE fid='$fid'");
if(!$foruminfo){
require_once(R_P.'require/url_error.php');
}
wind_forumcheck($foruminfo);
/*
* 获取管理权限
*/
if($groupid=='3' || ($foruminfo['forumadmin'] && strpos($foruminfo['forumadmin'],','.$windid.',')!==false)){
$admincheck=1;
} else{
$admincheck=0;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -