memcp.inc.php
2.96 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: memcp.inc.php 29364 2012-04-09 02:51:41Z monkey $
*/
if(!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if(!$_G['uid']) {
showmessage('not_loggedin', NULL, array(), array('login' => 1));
}
$myrepeatsusergroups = (array)unserialize($_G['cache']['plugin']['myrepeats']['usergroups']);
if(in_array('', $myrepeatsusergroups)) {
$myrepeatsusergroups = array();
}
$singleprem = FALSE;
$permusers = $permuids = array();
if(!in_array($_G['groupid'], $myrepeatsusergroups)) {
$singleprem = TRUE;
}
foreach(C::t('#myrepeats#myrepeats')->fetch_all_by_username($_G['username']) as $user) {
$permuids[] = $user['uid'];
}
$permusers = C::t('common_member')->fetch_all_username_by_uid($permuids);
if(!$permusers && $singleprem) {
showmessage('myrepeats:usergroup_disabled');
}
if($_GET['pluginop'] == 'add' && submitcheck('adduser')) {
if($singleprem && in_array($_GET['usernamenew'], $permusers) || !$singleprem) {
$usernamenew = addslashes(strip_tags($_GET['usernamenew']));
$logindata = addslashes(authcode($_GET['passwordnew']."\t".$_GET['questionidnew']."\t".$_GET['answernew'], 'ENCODE', $_G['config']['security']['authkey']));
if(C::t('#myrepeats#myrepeats')->count_by_uid_username($_G['uid'], $usernamenew)) {
DB::query("UPDATE ".DB::table('myrepeats')." SET logindata='$logindata' WHERE uid='$_G[uid]' AND username='$usernamenew'");
} else {
$_GET['commentnew'] = addslashes($_GET['commentnew']);
DB::query("INSERT INTO ".DB::table('myrepeats')." (uid, username, logindata, comment) VALUES ('$_G[uid]', '$usernamenew', '$logindata', '".strip_tags($_GET['commentnew'])."')");
}
dsetcookie('mrn', '');
dsetcookie('mrd', '');
showmessage('myrepeats:adduser_succeed', 'home.php?mod=spacecp&ac=plugin&id=myrepeats:memcp', array('usernamenew' => stripslashes($usernamenew)));
}
} elseif($_GET['pluginop'] == 'update' && submitcheck('updateuser')) {
if(!empty($_GET['delete'])) {
C::t('#myrepeats#myrepeats')->delete_by_uid_usernames($_G['uid'], $_GET['delete']);
}
$_GET['comment'] = daddslashes($_GET['comment']);
foreach($_GET['comment'] as $user => $v) {
C::t('#myrepeats#myrepeats')->update_comment_by_uid_username($_G['uid'], $user, strip_tags($v));
}
dsetcookie('mrn', '');
dsetcookie('mrd', '');
showmessage('myrepeats:updateuser_succeed', 'home.php?mod=spacecp&ac=plugin&id=myrepeats:memcp');
}
$username = empty($_GET['username']) ? '' : htmlspecialchars($_GET['username']);
$repeatusers = array();
foreach(C::t('#myrepeats#myrepeats')->fetch_all_by_uid($_G['uid']) as $myrepeat) {
$myrepeat['lastswitch'] = $myrepeat['lastswitch'] ? dgmdate($myrepeat['lastswitch']) : '';
$myrepeat['usernameenc'] = rawurlencode($myrepeat['username']);
$myrepeat['comment'] = htmlspecialchars($myrepeat['comment']);
$repeatusers[] = $myrepeat;
}
$_G['basescript'] = 'home';
?>