📄 profile.php
字号:
$S_key=array("\\",'&',' ',"'",'"','/','*',',','<','>',"\r","\t","\n",'#');
foreach($S_key as $value){
if (strpos($propwd,$value)!==false){
Showmsg('illegal_password');
}
}
$userdb['password']=$propwd;
$userdb['password']=str_replace("\t","",$userdb['password']);
$userdb['password']=str_replace("\r","",$userdb['password']);
$userdb['password']=str_replace("\n","",$userdb['password']);
$userdb['password']=md5($userdb['password']);
}
$userdb['publicmail'] =(int)$propublicemail;
$userdb['receivemail']=(int)$proreceivemail;
if (!ereg("^[-a-zA-Z0-9_\.]+\@([0-9A-Za-z][0-9A-Za-z-]+\.)+[A-Za-z]{2,5}$",$userdb['email'])) {
Showmsg('illegal_email');
}
if ($payemail && !ereg("^[-a-zA-Z0-9_\.]+\@([0-9A-Za-z][0-9A-Za-z-]+\.)+[A-Za-z]{2,5}$",$payemail)) {
Showmsg('illegal_email');
}
if (!ereg("^[0-9]{0,}$",$userdb['oicq'])){
Showmsg('illegal_OICQ');
}
if (!ereg("^[0-9]{0,}$",$userdb['icq'])){
Showmsg('illegal_OICQ');
}
if (strlen($userdb['signature'])>$gp_signnum && $gp_signnum!=0){
Showmsg('sign_limit');
}
if (strlen($userdb['introduce'])>500){
Showmsg('introduce_limit');
}
if (@include_once(D_P."data/bbscache/wordsfb.php")){
if($wordsfb){
foreach($wordsfb as $key => $value){
$key = str_replace('/','\/',$key);
if(preg_match("/$key/i",$userdb['signature'])){
$banword = $key;
Showmsg('post_wordsfb');
}
if(preg_match("/$key/i",$userdb['introduce'])){
$banword = $key;
Showmsg('post_wordsfb');
}
}
}
}
if (!empty($proyear)||!empty($promonth)||!empty($proday)){
$userdb['bday']=$proyear."-".$promonth."-".$proday;
}
$userdb['site'] = Char_cv($userdb['site']);
$userdb['introduce']= Char_cv($userdb['introduce']);
$userdb['signature']= Char_cv($userdb['signature']);
$userdb['location'] = Char_cv($userdb['location']);
$tpskin = Char_cv($tpskin);
$date_f = Char_cv($date_f);
$timedf = Char_cv($timedf);
$lxsign=convert($userdb['signature'],$db_windpic,2);
if ($lxsign==$userdb['signature']){
$userdb['signchange']=1;
} else{
$userdb['signchange']=2;
}
if ($gp_allowhonor) {
$prohonor=Char_cv($prohonor);
} else{
$prohonor=$userdb['honor'];
}
$prohonor=substrs($prohonor,30);
$iconarray=explode('|',$userdb['icon']);
if ($iconarray[1] && ereg("^[0-9]{1,9}",$iconarray[1])){
$haveupload=1;
} else{
$haveupload=0;
}
unset($source);
$upload=$_FILES['upload'];
if (is_array($upload)){
$upload_name=$upload['name'];
$upload_size=$upload['size'];
$upload=$upload['tmp_name'];
}
if ($upload && $upload!='none'){
$attach_ext = strtolower(substr(strrchr($upload_name,'.'),1));
if (!if_uploaded_file($upload)){
Showmsg('pro_loadimg_error');
} elseif (!in_array($attach_ext, array('gif','jpg','bmp'))) {
Showmsg('illegal_loadimg');
}
if ($haveupload==1){
Showmsg('pro_loadimg_fail');
}
!$db_upload && Showmsg('pro_loadimg_close');
$gp_upload==0 && Showmsg('pro_loadimg_right');
if ($upload_size>$db_imgsize){
Showmsg('pro_loadimg_limit');
}
$source=$imgdir.'/upload/'.(int)$winduid.'.'.$attach_ext;
$proownportait[0]=$winduid.'.'.$attach_ext;
if(!postupload($upload,$source)){
Showmsg('pro_loadimg_error');
}
if (function_exists('getimagesize') && !(list($proownportait[1],$proownportait[2])=getimagesize($source))){
P_unlink($source);
Showmsg('pro_loadimg_error');
}
if ($proownportait[1]>$db_imgwidth || $proownportait[2]>$db_imglen){
P_unlink($source);
Showmsg('pro_loadimg_sizelimit');
}
$proownportait[1]=$proownportait[2]='';
}elseif ($gp_allowportait && $proownportait[0]){
if ($haveupload==1){
Showmsg('pro_custom_fail');
}
$proownportait[0]=Char_cv($proownportait[0]);
if (!ereg("^http",$proownportait[0]) || strrpos($proownportait[0],'|')!==false){
Showmsg('illegal_customimg');
}
if (!ereg("^[0-9]{2,3}$",$proownportait[1]) || !ereg("^[0-9]{2,3}$",$proownportait[2]) || $proownportait[1]>185 || $proownportait[2]>200){
Showmsg('illegal_customimg');
}
}elseif ($haveupload==1){
$proownportait[0]=$iconarray[1];
$proownportait[1]=$proownportait[2]='';
}else{
$proownportait[0]=$proownportait[1]=$proownportait[2]='';
}
if ($proicon && (strlen($proicon)>20 || !ereg("^[0-9A-Za-z]{1,}\.[A-Za-z]{2,5}$",$proicon))){
Showmsg('undefined_action');
}
$userdb['icon']=str_replace('|','',Char_cv($proicon)).'|'.$proownportait[0].'|'.(int)$proownportait[1].'|'.(int)$proownportait[2];
strlen($userdb['icon'])>100 && Showmsg('illegal_customimg');
if (GetCookie('skinco') && $tpskin!=GetCookie('skinco')){
Cookie('skinco','',0);
}
$payemail=(int)$pay."\t$payemail";
$showsign = $showsign ? 1 : 0;
if ($userdb['showsign']==1 && $showsign==0){
$db->update("UPDATE pw_memberdata SET starttime='0' WHERE uid='$winduid'");
} elseif ($userdb['showsign']==0 && $showsign==1){
if($userdb['currency'] < $db_signmoney){
Showmsg('noenough_currency');
}
$db->update("UPDATE pw_memberdata SET starttime='$tdtime',currency=currency-'$db_signmoney' WHERE uid='$winduid'");
require_once(R_P.'require/tool.php');
$logdata=array(
'type' => 'sign',
'nums' => 0,
'money' => 0,
'descrip' => 'sign_descrip',
'uid' => $winduid,
'username' => $windid,
'ip' => $onlineip,
'time' => $timestamp,
'currency' => $db_signmoney
);
writetoollog($logdata);
}
$db->update("UPDATE pw_members SET password ='$userdb[password]',email='$userdb[email]' $groups,honor='$prohonor',publicmail='$userdb[publicmail]',icon='$userdb[icon]',gender='$userdb[gender]',signature='$userdb[signature]',introduce='$userdb[introduce]',oicq='$userdb[oicq]',icq='$userdb[icq]',yahoo='$userdb[yahoo]',msn='$userdb[msn]',site='$userdb[site]',location='$userdb[location]',bday='$userdb[bday]',style='$tpskin',datefm='$date_f',timedf='$timedf',t_num='$t_num',p_num='$p_num',receivemail='$userdb[receivemail]',signchange='$userdb[signchange]',showsign='$showsign',payemail='$payemail' WHERE uid='$winduid'");
refreshto("profile.php?action=show&uid=$winddb[uid]",'operate_success');
}
}elseif($action=='permission'){
$per = array();
$per['hide'] = $gp_allowhide ? 1 : 0;
$per['read'] = $gp_allowread ? 1 : 0;
$per['search'] = $gp_allowsearch ? 1 : 0;
$per['member'] = $gp_allowmember ? 1 : 0;
$per['profile'] = $gp_allowprofile ? 1 : 0;
$per['show'] = $_G['show'] ? 1 : 0;
$per['report'] = $gp_allowreport ? 1 : 0;
$per['upload'] = $gp_upload ? 1 : 0;
$per['portait'] = $gp_allowportait ? 1 : 0;
$per['honor'] = $gp_allowhonor ? 1 : 0;
$per['post'] = $gp_allowpost ? 1 : 0;
$per['rp'] = $gp_allowrp ? 1 : 0;
$per['newvote'] = $gp_allownewvote ? 1 : 0;
$per['vote'] = $gp_allowvote ? 1 : 0;
$per['vwvt'] = $_G['viewvote'] ? 1 : 0;
$per['html'] = $gp_htmlcode ? 1 : 0;
$per['hidden'] = $gp_allowhidden ? 1 : 0;
$per['encode'] = $gp_allowencode ? 1 : 0;
$per['sell'] = $gp_allowsell ? 1 : 0;
$per['mark'] = $_G['markable'] ? 1 : 0;
$per['attach'] = $gp_allowupload ? 1 : 0;
$per['down'] = $gp_allowdownload ? 1 : 0;
!$_G['uploadmaxsize'] && $_G['uploadmaxsize'] = ceil($db_uploadmaxsize/1024);
!$_G['uploadtype'] && !$_G['uploadtype'] = $db_uploadfiletype;
require_once(PrintEot('profile'));footer();
}elseif($action=='forumright'){
if(!$fid){
Showmsg('data_error');
}
require_once(R_P.'require/forum.php');
include_once(D_P."data/bbscache/creditdb.php");
list($db_moneyname,,$db_rvrcname,,,)=explode("\t",$db_credits);
$rt=$db->get_one("SELECT f.name,f.allowvisit,f.allowpost,f.allowrp,f.allowdownload,f.allowupload,fe.creditset FROM pw_forums f LEFT JOIN pw_forumsextra fe USING(fid) WHERE f.fid='$fid'");
$creditset = get_creditset($rt['creditset'],$db_creditset);
foreach($creditset as $key=>$val){
if(is_numeric($key)){
$creditset[$key]['name'] = $_CREDITDB[$key][0];
}else{
switch($key){
case 'rvrc' : $creditset[$key]['name'] = $db_rvrcname;break;
case 'money' : $creditset[$key]['name'] = $db_moneyname;break;
case 'credit' : $creditset[$key]['name'] = $db_creditname;break;
}
}
if($key=='rvrc'){
foreach($val as $k=>$v){
if($k != 'Reply' && $k != 'Deleterp'){
$creditset[$key][$k] /= 10;
}
}
}
}
if($rt['allowvisit'] && strpos($rt['allowvisit'],",$groupid,")===false){
$per['visit'] = 0;
}else{
$per['visit'] = 1;
}
if($rt['allowpost'] && strpos($rt['allowpost'],",$groupid,")===false){
$per['post'] = 0;
}elseif(!$rt['allowpost'] && $gp_allowpost==0){
$per['post'] = 0;
}else{
$per['post'] = 1;
}
if($rt['allowrp'] && strpos($rt['allowrp'],",$groupid,")===false){
$per['rp'] = 0;
}elseif(!$rt['allowrp'] && $gp_allowpost==0){
$per['rp'] = 0;
}else{
$per['rp'] = 1;
}
if($rt['allowdownload'] && strpos($rt['allowdownload'],",$groupid,")===false){
$per['down'] = 0;
}elseif(!$rt['allowdownload'] && $gp_allowpost==0){
$per['down'] = 0;
}else{
$per['down'] = 1;
}
if($rt['allowupload'] && strpos($rt['allowupload'],",$groupid,")===false){
$per['upload'] = 0;
}elseif(!$rt['allowupload'] && $gp_allowpost==0){
$per['upload'] = 0;
}else{
$per['upload'] = 1;
}
require_once(PrintEot('profile'));footer();
}elseif($action=='log'){
if(!$_G['atclog']){
Showmsg('no_atclog_right');
}
require_once GetLang('log');
require_once('require/bbscode.php');
require_once(R_P.'require/forum.php');
include_once(D_P.'data/bbscache/forum_cache.php');
$sqladd = "WHERE username1='".addslashes($windid)."'";
if ($type && $logtype[$type]){
$sqladd .= " AND type='$type'";
}
$type_sel[$type]='selected';
$db_perpage = 30;
(!is_numeric($page) || $page < 1) && $page = 1;
$limit = "LIMIT ".($page-1)*$db_perpage.",$db_perpage";
$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_adminlog $sqladd");
$pages = numofpage($rt['sum'],$page,ceil($rt['sum']/$db_perpage),"profile.php?action=log&type=$type&");
$query = $db->query("SELECT * FROM pw_adminlog $sqladd ORDER BY id DESC $limit");
while($rt = $db->fetch_array($query)){
$rt['date'] = get_date($rt['timestamp']);
$rt['descrip']=str_replace("\n","<br>",$rt['descrip']);
$rt['descrip']=convert($rt['descrip'],array());
$logdb[] = $rt;
}
require_once(PrintEot('profile'));footer();
}elseif($action=='favor'){
if($groupid=='guest'){
Showmsg('not_login');
}
if(!$job){
include_once(D_P.'data/bbscache/forum_cache.php');
require_once(R_P.'require/forum.php');
$favordb=array();
$favor=$db->get_one("SELECT tids FROM pw_favors WHERE uid='$winddb[uid]'");
if($favor['tids']){
$query=$db->query("SELECT t.fid,t.tid,t.subject,t.postdate,t.author,t.authorid,t.replies,t.hits FROM pw_threads t WHERE t.tid IN($favor[tids]) ORDER BY t.postdate DESC");
while($rt=$db->fetch_array($query)){
$newtids.=$rt['tid'].',';
$rt['subject'] = substrs($rt['subject'],50);
$rt['postdate']=get_date($rt['postdate']);
$rt['forum']=$forum[$rt['fid']]['name'];
$favordb[]=$rt;
}
$newtids=substr($newtids,0,-1);
$newtids==$favor['tids'] || $db->update("UPDATE pw_favors SET tids='$newtids' WHERE uid='$winddb[uid]'");
}
require_once PrintEot('profile');footer();
} elseif($job=='add'){
if(empty($tid)||!is_numeric($tid)){
Showmsg('illegal_tid');
}
$rs=$db->get_one("SELECT tids FROM pw_favors WHERE uid='$winddb[uid]'");
if($rs){
$tids=$rs['tids'];
$tid_db=explode(",",$tids);
if(count($tid_db)>$_G['maxfavor']){
Showmsg('job_favor_full');
}
$olddb=','.$tids.',';
if(strpos($olddb,','.$tid.',')!==false){
Showmsg('job_favor_error');
}
$tids.=','.$tid;
$db->update("UPDATE pw_favors SET tids='$tids' WHERE uid='$winddb[uid]'");
}else{
$db->update("INSERT INTO pw_favors(uid,tids) VALUES('$winddb[uid]','$tid')");
}
refreshto("profile.php?action=favor",'operate_success');
} elseif($job=='clear'){
$rs=$db->get_one("SELECT tids FROM pw_favors WHERE uid='$winddb[uid]'");
if($rs){
$tids=$rs['tids'];
$tid_db=explode(",",$tids);
$t_count=count($tid_db);
for($i=0;$i<$t_count;$i++){
if(@in_array($tid_db[$i],$delid)){
unset($tid_db[$i]);
}
}
$new_tids=implode(",",$tid_db);
if($new_tids!=$tids){
if($new_tids){
$db->update("UPDATE pw_favors SET tids='$new_tids' WHERE uid='$winddb[uid]'");
}else{
$db->update("DELETE FROM pw_favors WHERE uid='$winddb[uid]'");
}
refreshto("profile.php?action=favor",'operate_success');
}else{
Showmsg('job_favor_del');
}
}else{
Showmsg('job_favor_del');
}
}
}
?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -