PickCandy/web-discuz
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

First commit

Browse Source
This commit is contained in:
UnknownMp
2025-06-18 10:24:27 +08:00
commit ebc39cd5dd
3873 changed files with 412712 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

709
uc_client/client.php Normal file
View File

@@ -0,0 +1,709 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: client.php 1179 2014-11-03 07:11:25Z hypowang $
*/
if(!defined('UC_API')) {
exit('Access denied');
}
error_reporting(0);
define('IN_UC', TRUE);
define('UC_ROOT', substr(__FILE__, 0, -10));
require UC_ROOT.'./release/release.php';
define('UC_DATADIR', UC_ROOT.'./data/');
define('UC_DATAURL', UC_API.'/data');
define('UC_API_FUNC', ((defined('UC_CONNECT') && UC_CONNECT == 'mysql') || UC_STANDALONE) ? 'uc_api_mysql' : 'uc_api_post');
$uc_controls = array();
function uc_addslashes($string, $force = 0, $strip = FALSE) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = uc_addslashes($val, $force, $strip);
}
} else {
$string = addslashes($strip ? stripslashes($string) : $string);
}
return $string;
}
if(!function_exists('daddslashes')) {
function daddslashes($string, $force = 0) {
return uc_addslashes($string, $force);
}
}
if(!function_exists('dhtmlspecialchars')) {
function dhtmlspecialchars($string, $flags = null) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = dhtmlspecialchars($val, $flags);
}
} else {
if($flags === null) {
$string = str_replace(array('&', '"', '<', '>'), array('&amp;', '&quot;', '&lt;', '&gt;'), $string);
if(strpos($string, '&amp;#') !== false) {
$string = preg_replace('/&amp;((#(\d{3,5}|x[a-fA-F0-9]{4}));)/', '&\\1', $string);
}
} else {
if(PHP_VERSION < '5.4.0') {
$string = htmlspecialchars($string, $flags);
} else {
if(strtolower(CHARSET) == 'utf-8') {
$charset = 'UTF-8';
} else {
$charset = 'ISO-8859-1';
}
$string = htmlspecialchars($string, $flags, $charset);
}
}
}
return $string;
}
}
if(!function_exists('fsocketopen')) {
function fsocketopen($hostname, $port = 80, &$errno = null, &$errstr = null, $timeout = 15) {
$fp = '';
if(function_exists('fsockopen')) {
$fp = @fsockopen($hostname, $port, $errno, $errstr, $timeout);
} elseif(function_exists('pfsockopen')) {
$fp = @pfsockopen($hostname, $port, $errno, $errstr, $timeout);
} elseif(function_exists('stream_socket_client')) {
$fp = @stream_socket_client($hostname.':'.$port, $errno, $errstr, $timeout);
}
return $fp;
}
}
function uc_api_post($module, $action, $arg = array()) {
$s = $sep = '';
foreach($arg as $k => $v) {
$k = urlencode($k);
if(is_array($v)) {
$s2 = $sep2 = '';
foreach($v as $k2 => $v2) {
$k2 = urlencode($k2);
$s2 .= "$sep2{$k}[$k2]=".urlencode($v2);
$sep2 = '&';
}
$s .= $sep.$s2;
} else {
$s .= "$sep$k=".urlencode($v);
}
$sep = '&';
}
$postdata = uc_api_requestdata($module, $action, $s);
return uc_fopen2(UC_API.'/index.php', 500000, $postdata, '', TRUE, UC_IP, 20);
}
function uc_api_requestdata($module, $action, $arg='', $extra='') {
$input = uc_api_input($arg, $module, $action);
$post = "m=$module&a=$action&inajax=2&release=".UC_CLIENT_RELEASE."&input=$input&appid=".UC_APPID.$extra;
return $post;
}
function uc_api_url($module, $action, $arg='', $extra='') {
$url = UC_API.'/index.php?'.uc_api_requestdata($module, $action, $arg, $extra);
return $url;
}
function uc_api_input($data, $module, $action) {
$data = $data."&m=$module&a=$action&appid=".UC_APPID;
$s = urlencode(uc_authcode($data.'&agent='.md5($_SERVER['HTTP_USER_AGENT'])."&time=".time(), 'ENCODE', UC_KEY));
return $s;
}
function uc_api_mysql($model, $action, $args=array()) {
global $uc_controls;
if(empty($uc_controls[$model])) {
include_once UC_ROOT.'./lib/dbi.class.php';
include_once UC_ROOT.'./model/base.php';
include_once UC_ROOT."./control/$model.php";
$modelname = $model.'control';
$uc_controls[$model] = new $modelname();
}
if($action[0] != '_') {
$args = uc_addslashes($args, 1, TRUE);
$action = 'on'.$action;
$uc_controls[$model]->input = $args;
return $uc_controls[$model]->$action($args);
} else {
return '';
}
}
function uc_serialize($arr, $htmlon = 0) {
include_once UC_ROOT.'./lib/xml.class.php';
return xml_serialize($arr, $htmlon);
}
function uc_unserialize($s) {
include_once UC_ROOT.'./lib/xml.class.php';
return xml_unserialize($s);
}
function uc_authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) {
$ckey_length = 4;
$key = md5($key ? $key : UC_KEY);
$keya = md5(substr($key, 0, 16));
$keyb = md5(substr($key, 16, 16));
$keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : '';
$cryptkey = $keya.md5($keya.$keyc);
$key_length = strlen($cryptkey);
$string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string;
$string_length = strlen($string);
$result = '';
$box = range(0, 255);
$rndkey = array();
for($i = 0; $i <= 255; $i++) {
$rndkey[$i] = ord($cryptkey[$i % $key_length]);
}
for($j = $i = 0; $i < 256; $i++) {
$j = ($j + $box[$i] + $rndkey[$i]) % 256;
$tmp = $box[$i];
$box[$i] = $box[$j];
$box[$j] = $tmp;
}
for($a = $j = $i = 0; $i < $string_length; $i++) {
$a = ($a + 1) % 256;
$j = ($j + $box[$a]) % 256;
$tmp = $box[$a];
$box[$a] = $box[$j];
$box[$j] = $tmp;
$result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
}
if($operation == 'DECODE') {
if(((int)substr($result, 0, 10) == 0 || (int)substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) === substr(md5(substr($result, 26).$keyb), 0, 16)) {
return substr($result, 26);
} else {
return '';
}
} else {
return $keyc.str_replace('=', '', base64_encode($result));
}
}
function uc_fopen2($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $ip = '', $timeout = 15, $block = TRUE, $encodetype = 'URLENCODE', $allowcurl = TRUE) {
$__times__ = isset($_GET['__times__']) ? intval($_GET['__times__']) + 1 : 1;
if($__times__ > 2) {
return '';
}
$url .= (strpos($url, '?') === FALSE ? '?' : '&')."__times__=$__times__";
return uc_fopen($url, $limit, $post, $cookie, $bysocket, $ip, $timeout, $block, $encodetype, $allowcurl);
}
function uc_fopen($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $ip = '', $timeout = 15, $block = TRUE, $encodetype = 'URLENCODE', $allowcurl = TRUE) {
$return = '';
$matches = parse_url($url);
$scheme = strtolower($matches['scheme']);
$host = $matches['host'];
$path = !empty($matches['path']) ? $matches['path'].(!empty($matches['query']) ? '?'.$matches['query'] : '') : '/';
$port = !empty($matches['port']) ? $matches['port'] : ($scheme == 'https' ? 443 : 80);
if(function_exists('curl_init') && function_exists('curl_exec') && $allowcurl) {
$ch = curl_init();
$ip && curl_setopt($ch, CURLOPT_HTTPHEADER, array("Host: ".$host));
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
if(!empty($ip) && filter_var($ip, FILTER_VALIDATE_IP) && !filter_var($host, FILTER_VALIDATE_IP) && version_compare(PHP_VERSION, '5.5.0', 'ge')) {
curl_setopt($ch, CURLOPT_RESOLVE, array("$host:$port:$ip"));
curl_setopt($ch, CURLOPT_URL, $scheme.'://'.$host.':'.$port.$path);
} else {
curl_setopt($ch, CURLOPT_URL, $scheme.'://'.($ip ? $ip : $host).':'.$port.$path);
}
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
if($post) {
curl_setopt($ch, CURLOPT_POST, 1);
if($encodetype == 'URLENCODE') {
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
} else {
parse_str($post, $postarray);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postarray);
}
}
if($cookie) {
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
}
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$data = curl_exec($ch);
$status = curl_getinfo($ch);
$errno = curl_errno($ch);
curl_close($ch);
if($errno || $status['http_code'] != 200) {
return;
} else {
return !$limit ? $data : substr($data, 0, $limit);
}
}
if($post) {
$out = "POST $path HTTP/1.0\r\n";
$header = "Accept: */*\r\n";
$header .= "Accept-Language: zh-cn\r\n";
if($allowcurl) {
$encodetype = 'URLENCODE';
}
$boundary = $encodetype == 'URLENCODE' ? '' : '; boundary='.trim(substr(trim($post), 2, strpos(trim($post), "\n") - 2));
$header .= $encodetype == 'URLENCODE' ? "Content-Type: application/x-www-form-urlencoded\r\n" : "Content-Type: multipart/form-data$boundary\r\n";
$header .= "User-Agent: {$_SERVER['HTTP_USER_AGENT']}\r\n";
$header .= "Host: $host:$port\r\n";
$header .= 'Content-Length: '.strlen($post)."\r\n";
$header .= "Connection: Close\r\n";
$header .= "Cache-Control: no-cache\r\n";
$header .= "Cookie: $cookie\r\n\r\n";
$out .= $header.$post;
} else {
$out = "GET $path HTTP/1.0\r\n";
$header = "Accept: */*\r\n";
$header .= "Accept-Language: zh-cn\r\n";
$header .= "User-Agent: {$_SERVER['HTTP_USER_AGENT']}\r\n";
$header .= "Host: $host:$port\r\n";
$header .= "Connection: Close\r\n";
$header .= "Cookie: $cookie\r\n\r\n";
$out .= $header;
}
$fpflag = 0;
$context = array();
if($scheme == 'https') {
$context['ssl'] = array(
'verify_peer' => false,
'verify_peer_name' => false,
'peer_name' => $host
);
if(version_compare(PHP_VERSION, '5.6.0', '<')) {
$context['ssl']['SNI_enabled'] = true;
$context['ssl']['SNI_server_name'] = $host;
}
}
if(ini_get('allow_url_fopen')) {
$context['http'] = array(
'method' => $post ? 'POST' : 'GET',
'header' => $header,
'timeout' => $timeout
);
if($post) {
$context['http']['content'] = $post;
}
$context = stream_context_create($context);
$fp = @fopen($scheme.'://'.($ip ? $ip : $host).':'.$port.$path, 'b', false, $context);
$fpflag = 1;
} elseif(function_exists('stream_socket_client')) {
$context = stream_context_create($context);
$fp = @stream_socket_client(($scheme == 'https' ? 'ssl://' : '').($ip ? $ip : $host).':'.$port, $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, $context);
} else {
$fp = @fsocketopen(($scheme == 'https' ? 'ssl://' : '').($scheme == 'https' ? $host : ($ip ? $ip : $host)), $port, $errno, $errstr, $timeout);
}
if(!$fp) {
return '';
} else {
stream_set_blocking($fp, $block);
stream_set_timeout($fp, $timeout);
if(!$fpflag) {
@fwrite($fp, $out);
}
$status = stream_get_meta_data($fp);
if(!$status['timed_out']) {
while (!feof($fp) && !$fpflag) {
if(($header = @fgets($fp)) && ($header == "\r\n" || $header == "\n")) {
break;
}
}
$stop = false;
while(!feof($fp) && !$stop) {
$data = fread($fp, ($limit == 0 || $limit > 8192 ? 8192 : $limit));
$return .= $data;
if($limit) {
$limit -= strlen($data);
$stop = $limit <= 0;
}
}
}
@fclose($fp);
return $return;
}
}
function uc_app_ls() {
$return = call_user_func(UC_API_FUNC, 'app', 'ls', array());
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_feed_add($icon, $uid, $username, $title_template='', $title_data='', $body_template='', $body_data='', $body_general='', $target_ids='', $images = array()) {
return call_user_func(UC_API_FUNC, 'feed', 'add',
array( 'icon'=>$icon,
'appid'=>UC_APPID,
'uid'=>$uid,
'username'=>$username,
'title_template'=>$title_template,
'title_data'=>$title_data,
'body_template'=>$body_template,
'body_data'=>$body_data,
'body_general'=>$body_general,
'target_ids'=>$target_ids,
'image_1'=>$images[0]['url'],
'image_1_link'=>$images[0]['link'],
'image_2'=>$images[1]['url'],
'image_2_link'=>$images[1]['link'],
'image_3'=>$images[2]['url'],
'image_3_link'=>$images[2]['link'],
'image_4'=>$images[3]['url'],
'image_4_link'=>$images[3]['link']
)
);
}
function uc_feed_get($limit = 100, $delete = TRUE) {
$return = call_user_func(UC_API_FUNC, 'feed', 'get', array('limit'=>$limit, 'delete'=>$delete));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_friend_add($uid, $friendid, $comment='') {
return call_user_func(UC_API_FUNC, 'friend', 'add', array('uid'=>$uid, 'friendid'=>$friendid, 'comment'=>$comment));
}
function uc_friend_delete($uid, $friendids) {
return call_user_func(UC_API_FUNC, 'friend', 'delete', array('uid'=>$uid, 'friendids'=>$friendids));
}
function uc_friend_totalnum($uid, $direction = 0) {
return call_user_func(UC_API_FUNC, 'friend', 'totalnum', array('uid'=>$uid, 'direction'=>$direction));
}
function uc_friend_ls($uid, $page = 1, $pagesize = 10, $totalnum = 10, $direction = 0) {
$return = call_user_func(UC_API_FUNC, 'friend', 'ls', array('uid'=>$uid, 'page'=>$page, 'pagesize'=>$pagesize, 'totalnum'=>$totalnum, 'direction'=>$direction));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_user_register($username, $password, $email, $questionid = '', $answer = '', $regip = '') {
return call_user_func(UC_API_FUNC, 'user', 'register', array('username'=>$username, 'password'=>$password, 'email'=>$email, 'questionid'=>$questionid, 'answer'=>$answer, 'regip' => $regip));
}
function uc_user_login($username, $password, $isuid = 0, $checkques = 0, $questionid = '', $answer = '', $ip = '', $nolog = 0) {
$isuid = intval($isuid);
$return = call_user_func(UC_API_FUNC, 'user', 'login', array('username'=>$username, 'password'=>$password, 'isuid'=>$isuid, 'checkques'=>$checkques, 'questionid'=>$questionid, 'answer'=>$answer, 'ip' => $ip, 'nolog' => $nolog));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_user_synlogin($uid) {
if(UC_STANDALONE) {
return '';
}
$uid = intval($uid);
if(@include UC_ROOT.'./data/cache/apps.php') {
if(count($_CACHE['apps']) > 1) {
$return = uc_api_post('user', 'synlogin', array('uid'=>$uid));
} else {
$return = '';
}
}
return $return;
}
function uc_user_synlogout() {
if(UC_STANDALONE) {
return '';
}
if(@include UC_ROOT.'./data/cache/apps.php') {
if(count($_CACHE['apps']) > 1) {
$return = uc_api_post('user', 'synlogout', array());
} else {
$return = '';
}
}
return $return;
}
function uc_user_edit($username, $oldpw, $newpw, $email, $ignoreoldpw = 0, $questionid = '', $answer = '', $secmobicc = '', $secmobile = '') {
return call_user_func(UC_API_FUNC, 'user', 'edit', array('username'=>$username, 'oldpw'=>$oldpw, 'newpw'=>$newpw, 'email'=>$email, 'ignoreoldpw'=>$ignoreoldpw, 'questionid'=>$questionid, 'answer'=>$answer, 'secmobicc'=>$secmobicc, 'secmobile'=>$secmobile));
}
function uc_user_delete($uid) {
return call_user_func(UC_API_FUNC, 'user', 'delete', array('uid'=>$uid, 'action'=>'delete'));
}
function uc_user_deleteavatar($uid) {
if(UC_STANDALONE) {
@include_once UC_ROOT.'./extend_client.php';
uc_note_handler::loadavatarpath();
uc_api_mysql('user', 'deleteavatar', array('uid'=>$uid));
} else {
uc_api_post('user', 'deleteavatar', array('uid'=>$uid));
}
}
function uc_user_checkname($username) {
return call_user_func(UC_API_FUNC, 'user', 'check_username', array('username'=>$username));
}
function uc_user_checkemail($email) {
return call_user_func(UC_API_FUNC, 'user', 'check_email', array('email'=>$email));
}
function uc_user_checksecmobile($secmobicc, $secmobile) {
return call_user_func(UC_API_FUNC, 'user', 'check_secmobile', array('secmobicc'=>$secmobicc, 'secmobile'=>$secmobile));
}
function uc_user_addprotected($username, $admin='') {
return call_user_func(UC_API_FUNC, 'user', 'addprotected', array('username'=>$username, 'admin'=>$admin));
}
function uc_user_deleteprotected($username) {
return call_user_func(UC_API_FUNC, 'user', 'deleteprotected', array('username'=>$username));
}
function uc_user_getprotected() {
$return = call_user_func(UC_API_FUNC, 'user', 'getprotected', array('1'=>1));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_get_user($username, $isuid=0) {
$return = call_user_func(UC_API_FUNC, 'user', 'get_user', array('username'=>$username, 'isuid'=>$isuid));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_user_chgusername($uid, $newusername) {
return call_user_func(UC_API_FUNC, 'user', 'chgusername', array('uid'=>$uid, 'newusername'=>$newusername));
}
function uc_user_merge($oldusername, $newusername, $uid, $password, $email) {
return call_user_func(UC_API_FUNC, 'user', 'merge', array('oldusername'=>$oldusername, 'newusername'=>$newusername, 'uid'=>$uid, 'password'=>$password, 'email'=>$email));
}
function uc_user_merge_remove($username) {
return call_user_func(UC_API_FUNC, 'user', 'merge_remove', array('username'=>$username));
}
function uc_user_getcredit($appid, $uid, $credit) {
return uc_api_post('user', 'getcredit', array('appid'=>$appid, 'uid'=>$uid, 'credit'=>$credit));
}
function uc_user_logincheck($username, $ip) {
return call_user_func(UC_API_FUNC, 'user', 'logincheck', array('username' => $username, 'ip' => $ip));
}
function uc_pm_location($uid, $newpm = 0) {
$apiurl = uc_api_url('pm_client', 'ls', "uid=$uid&frontend=1", ($newpm ? '&folder=newbox' : ''));
@header("Expires: 0");
@header("Cache-Control: private, post-check=0, pre-check=0, max-age=0", FALSE);
@header("Pragma: no-cache");
@header("location: $apiurl");
}
function uc_pm_checknew($uid, $more = 0) {
$return = call_user_func(UC_API_FUNC, 'pm', 'check_newpm', array('uid'=>$uid, 'more'=>$more));
return (!$more || UC_CONNECT == 'mysql') ? $return : uc_unserialize($return);
}
function uc_pm_send($fromuid, $msgto, $subject, $message, $instantly = 1, $replypmid = 0, $isusername = 0, $type = 0) {
if($instantly) {
$replypmid = @is_numeric($replypmid) ? $replypmid : 0;
return call_user_func(UC_API_FUNC, 'pm', 'sendpm', array('fromuid'=>$fromuid, 'msgto'=>$msgto, 'subject'=>$subject, 'message'=>$message, 'replypmid'=>$replypmid, 'isusername'=>$isusername, 'type' => $type));
} else {
$fromuid = intval($fromuid);
$subject = rawurlencode($subject);
$msgto = rawurlencode($msgto);
$message = rawurlencode($message);
$replypmid = @is_numeric($replypmid) ? $replypmid : 0;
$replyadd = $replypmid ? "&pmid=$replypmid&do=reply" : '';
$apiurl = uc_api_url('pm_client', 'send', "uid=$fromuid", "&msgto=$msgto&subject=$subject&message=$message$replyadd");
@header("Expires: 0");
@header("Cache-Control: private, post-check=0, pre-check=0, max-age=0", FALSE);
@header("Pragma: no-cache");
@header("location: ".$apiurl);
}
}
function uc_pm_delete($uid, $folder, $pmids) {
return call_user_func(UC_API_FUNC, 'pm', 'delete', array('uid'=>$uid, 'pmids'=>$pmids));
}
function uc_pm_deleteuser($uid, $touids) {
return call_user_func(UC_API_FUNC, 'pm', 'deleteuser', array('uid'=>$uid, 'touids'=>$touids));
}
function uc_pm_deletechat($uid, $plids, $type = 0) {
return call_user_func(UC_API_FUNC, 'pm', 'deletechat', array('uid'=>$uid, 'plids'=>$plids, 'type'=>$type));
}
function uc_pm_readstatus($uid, $uids, $plids = array(), $status = 0) {
return call_user_func(UC_API_FUNC, 'pm', 'readstatus', array('uid'=>$uid, 'uids'=>$uids, 'plids'=>$plids, 'status'=>$status));
}
function uc_pm_list($uid, $page = 1, $pagesize = 10, $folder = 'inbox', $filter = 'newpm', $msglen = 0) {
$uid = intval($uid);
$page = intval($page);
$pagesize = intval($pagesize);
$return = call_user_func(UC_API_FUNC, 'pm', 'ls', array('uid'=>$uid, 'page'=>$page, 'pagesize'=>$pagesize, 'filter'=>$filter, 'msglen'=>$msglen));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_pm_ignore($uid) {
$uid = intval($uid);
return call_user_func(UC_API_FUNC, 'pm', 'ignore', array('uid'=>$uid));
}
function uc_pm_view($uid, $pmid = 0, $touid = 0, $daterange = 1, $page = 0, $pagesize = 10, $type = 0, $isplid = 0) {
$uid = intval($uid);
$touid = intval($touid);
$page = intval($page);
$pagesize = intval($pagesize);
$pmid = @is_numeric($pmid) ? $pmid : 0;
$return = call_user_func(UC_API_FUNC, 'pm', 'view', array('uid'=>$uid, 'pmid'=>$pmid, 'touid'=>$touid, 'daterange'=>$daterange, 'page' => $page, 'pagesize' => $pagesize, 'type'=>$type, 'isplid'=>$isplid));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_pm_view_num($uid, $touid, $isplid) {
$uid = intval($uid);
$touid = intval($touid);
$isplid = intval($isplid);
return call_user_func(UC_API_FUNC, 'pm', 'viewnum', array('uid' => $uid, 'touid' => $touid, 'isplid' => $isplid));
}
function uc_pm_viewnode($uid, $type, $pmid) {
$uid = intval($uid);
$type = intval($type);
$pmid = @is_numeric($pmid) ? $pmid : 0;
$return = call_user_func(UC_API_FUNC, 'pm', 'viewnode', array('uid'=>$uid, 'type'=>$type, 'pmid'=>$pmid));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_pm_chatpmmemberlist($uid, $plid = 0) {
$uid = intval($uid);
$plid = intval($plid);
$return = call_user_func(UC_API_FUNC, 'pm', 'chatpmmemberlist', array('uid'=>$uid, 'plid'=>$plid));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_pm_kickchatpm($plid, $uid, $touid) {
$uid = intval($uid);
$plid = intval($plid);
$touid = intval($touid);
return call_user_func(UC_API_FUNC, 'pm', 'kickchatpm', array('uid'=>$uid, 'plid'=>$plid, 'touid'=>$touid));
}
function uc_pm_appendchatpm($plid, $uid, $touid) {
$uid = intval($uid);
$plid = intval($plid);
$touid = intval($touid);
return call_user_func(UC_API_FUNC, 'pm', 'appendchatpm', array('uid'=>$uid, 'plid'=>$plid, 'touid'=>$touid));
}
function uc_pm_blackls_get($uid) {
$uid = intval($uid);
return call_user_func(UC_API_FUNC, 'pm', 'blackls_get', array('uid'=>$uid));
}
function uc_pm_blackls_set($uid, $blackls) {
$uid = intval($uid);
return call_user_func(UC_API_FUNC, 'pm', 'blackls_set', array('uid'=>$uid, 'blackls'=>$blackls));
}
function uc_pm_blackls_add($uid, $username) {
$uid = intval($uid);
return call_user_func(UC_API_FUNC, 'pm', 'blackls_add', array('uid'=>$uid, 'username'=>$username));
}
function uc_pm_blackls_delete($uid, $username) {
$uid = intval($uid);
return call_user_func(UC_API_FUNC, 'pm', 'blackls_delete', array('uid'=>$uid, 'username'=>$username));
}
function uc_domain_ls() {
$return = call_user_func(UC_API_FUNC, 'domain', 'ls', array('1'=>1));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_credit_exchange_request($uid, $from, $to, $toappid, $amount) {
$uid = intval($uid);
$from = intval($from);
$toappid = intval($toappid);
$to = intval($to);
$amount = intval($amount);
return uc_api_post('credit', 'request', array('uid'=>$uid, 'from'=>$from, 'to'=>$to, 'toappid'=>$toappid, 'amount'=>$amount));
}
function uc_tag_get($tagname, $nums = 0) {
$return = call_user_func(UC_API_FUNC, 'tag', 'gettag', array('tagname'=>$tagname, 'nums'=>$nums));
return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);
}
function uc_avatar($uid, $type = 'virtual', $returnhtml = 1) {
$uid = intval($uid);
$uc_input = uc_api_input("uid=$uid&frontend=1", "user", "rectavatar");
$avatarpath = UC_STANDALONE ? UC_AVTAPI : UC_API;
$uc_avatarflash = UC_API.'/images/camera.swf?inajax=1&appid='.UC_APPID.'&input='.$uc_input.'&agent='.md5($_SERVER['HTTP_USER_AGENT']).'&ucapi='.urlencode(UC_API).'&avatartype='.$type.'&uploadSize=2048';
$uc_avatarhtml5 = UC_API.'/index.php?m=user&a=camera&width=450&height=253&appid='.UC_APPID.'&input='.$uc_input.'&agent='.md5($_SERVER['HTTP_USER_AGENT']).'&ucapi='.urlencode(UC_API).'&avatartype='.$type.'&uploadSize=2048';
$uc_avatarstl = $avatarpath.'/index.php?m=user&inajax=1&a=rectavatar&appid='.UC_APPID.'&input='.$uc_input.'&agent='.md5($_SERVER['HTTP_USER_AGENT']).'&avatartype='.$type.'&base64=yes';
if($returnhtml) {
$flash = '<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="450" height="253" id="mycamera" align="middle"><param name="allowScriptAccess" value="always" /><param name="scale" value="exactfit" /><param name="wmode" value="transparent" /><param name="quality" value="high" /><param name="bgcolor" value="#ffffff" /><param name="movie" value="'.$uc_avatarflash.'" /><param name="menu" value="false" /><embed src="'.$uc_avatarflash.'" quality="high" bgcolor="#ffffff" width="450" height="253" name="mycamera" align="middle" allowScriptAccess="always" allowFullScreen="false" scale="exactfit" wmode="transparent" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" /></object>';
$html5 = '<iframe src="' . $uc_avatarhtml5 . '" width="450" marginwidth="0" height="253" marginheight="0" scrolling="no" frameborder="0" id="mycamera" name="mycamera" align="middle"></iframe>';
return '<script type="text/javascript">document.write(document.createElement("Canvas").getContext ? \'' . $html5 . '\' : \'' . $flash . '\');</script>';
} else {
return array(
'width', '450',
'height', '253',
'scale', 'exactfit',
'src', $uc_avatarflash,
'html5_src', $uc_avatarhtml5,
'stl_src', $uc_avatarstl,
'id', 'mycamera',
'name', 'mycamera',
'quality','high',
'bgcolor','#ffffff',
'menu', 'false',
'swLiveConnect', 'true',
'allowScriptAccess', 'always'
);
}
}
function uc_rectavatar($uid) {
return uc_api_mysql('user', 'rectavatar', array('uid' => $uid));
}
function uc_mail_queue($uids, $emails, $subject, $message, $frommail = '', $charset = 'gbk', $htmlon = FALSE, $level = 1) {
return call_user_func(UC_API_FUNC, 'mail', 'add', array('uids' => $uids, 'emails' => $emails, 'subject' => $subject, 'message' => $message, 'frommail' => $frommail, 'charset' => $charset, 'htmlon' => $htmlon, 'level' => $level));
}
function uc_check_avatar($uid, $size = 'middle', $type = 'virtual') {
if(UC_STANDALONE && @include UC_ROOT.'./extend_client.php') {
$uc_chk = new uc_note_handler();
$res = $uc_chk->checkavatar(array('uid' => $uid, 'size' => $size, 'type' => $type), array());
} else {
$url = UC_API."/avatar.php?uid=$uid&size=$size&type=$type&check_file_exists=1";
$res = uc_fopen2($url, 500000, '', '', TRUE, UC_IP, 20);
}
if($res == 1) {
return 1;
} else {
return 0;
}
}
function uc_check_version() {
$return = uc_api_post('version', 'check', array());
$data = uc_unserialize($return);
return is_array($data) ? $data : $return;
}
?>

0
uc_client/client/control/index.htm Normal file
View File

0
uc_client/client/index.htm Normal file
View File

44
uc_client/control/app.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: app.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class appcontrol extends base {
function __construct() {
$this->appcontrol();
}
function appcontrol() {
parent::__construct();
$this->load('app');
}
function onls() {
$this->init_input();
$applist = $_ENV['app']->get_apps('appid, type, name, url, tagtemplates, viewprourl, synlogin');
$applist2 = array();
foreach($applist as $key => $app) {
$app['tagtemplates'] = $this->unserialize($app['tagtemplates']);
$applist2[$app['appid']] = $app;
}
return $applist2;
}
function onadd() {
}
function onucinfo() {
}
function _format_notedata($notedata) {
}
}
?>

29
uc_client/control/cache.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: cache.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class cachecontrol extends base {
function __construct() {
$this->cachecontrol();
}
function cachecontrol() {
parent::__construct();
}
function onupdate($arr) {
$this->load("cache");
$_ENV['cache']->updatedata();
}
}
?>

29
uc_client/control/domain.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: domain.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class domaincontrol extends base {
function __construct() {
$this->domaincontrol();
}
function domaincontrol() {
parent::__construct();
$this->init_input();
$this->load('domain');
}
function onls() {
return $_ENV['domain']->get_list(1, 9999, 9999);
}
}
?>

105
uc_client/control/feed.php Normal file
View File

@@ -0,0 +1,105 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: feed.php 1139 2012-05-08 09:02:11Z liulanbo $
*/
!defined('IN_UC') && exit('Access Denied');
class feedcontrol extends base {
function __construct() {
$this->feedcontrol();
}
function feedcontrol() {
parent::__construct();
$this->init_input();
}
function onadd() {
$this->load('misc');
$appid = intval($this->input('appid'));
$icon = $this->input('icon');
$uid = intval($this->input('uid'));
$username = $this->input('username');
$body_data = $_ENV['misc']->array2string($this->input('body_data'));
$title_data = $_ENV['misc']->array2string($this->input('title_data'));
$title_template = $this->_parsetemplate($this->input('title_template'));
$body_template = $this->_parsetemplate($this->input('body_template'));
$body_general = $this->input('body_general');
$target_ids = $this->input('target_ids');
$image_1 = $this->input('image_1');
$image_1_link = $this->input('image_1_link');
$image_2 = $this->input('image_2');
$image_2_link = $this->input('image_2_link');
$image_3 = $this->input('image_3');
$image_3_link = $this->input('image_3_link');
$image_4 = $this->input('image_4');
$image_4_link = $this->input('image_4_link');
$hash_template = md5($title_template.$body_template);
$hash_data = md5($title_template.$title_data.$body_template.$body_data);
$dateline = $this->time;
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."feeds SET appid='$appid', icon='$icon', uid='$uid', username='$username',
title_template='$title_template', title_data='$title_data', body_template='$body_template', body_data='$body_data', body_general='$body_general',
image_1='$image_1', image_1_link='$image_1_link', image_2='$image_2', image_2_link='$image_2_link',
image_3='$image_3', image_3_link='$image_3_link', image_4='$image_4', image_4_link='$image_4_link',
hash_template='$hash_template', hash_data='$hash_data', target_ids='$target_ids', dateline='$dateline'");
return $this->db->insert_id();
}
function ondelete() {
$start = $this->input('start');
$limit = $this->input('limit');
$end = $start + $limit;
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."feeds WHERE feedid>'$start' AND feedid<'$end'");
}
function onget() {
$this->load('misc');
$limit = intval($this->input('limit'));
$delete = $this->input('delete');
$feedlist = $this->db->fetch_all("SELECT * FROM ".UC_DBTABLEPRE."feeds ORDER BY feedid DESC LIMIT $limit");
if($feedlist) {
$maxfeedid = $feedlist[0]['feedid'];
foreach($feedlist as $key => $feed) {
$feed['body_data'] = $_ENV['misc']->string2array($feed['body_data']);
$feed['title_data'] = $_ENV['misc']->string2array($feed['title_data']);
$feedlist[$key] = $feed;
}
}
if(!empty($feedlist)) {
if(!isset($delete) || $delete) {
$this->_delete(0, $maxfeedid);
}
}
return $feedlist;
}
function _delete($start, $end) {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."feeds WHERE feedid>='$start' AND feedid<='$end'");
}
function _parsetemplate($template) {
$template = str_replace(array("\r", "\n"), '', $template);
$template = str_replace(array('<br>', '<br />', '<BR>', '<BR />'), "\n", $template);
$template = str_replace(array('<b>', '<B>'), '[B]', $template);
$template = str_replace(array('<i>', '<I>'), '[I]', $template);
$template = str_replace(array('<u>', '<U>'), '[U]', $template);
$template = str_replace(array('</b>', '</B>'), '[/B]', $template);
$template = str_replace(array('</i>', '</I>'), '[/I]', $template);
$template = str_replace(array('</u>', '</U>'), '[/U]', $template);
$template = dhtmlspecialchars($template);
$template = nl2br($template);
$template = str_replace(array('[B]', '[I]', '[U]', '[/B]', '[/I]', '[/U]'), array('<b>', '<i>', '<u>', '</b>', '</i>', '</u>'), $template);
return $template;
}
}
?>

59
uc_client/control/friend.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: friend.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class friendcontrol extends base {
function __construct() {
$this->friendcontrol();
}
function friendcontrol() {
parent::__construct();
$this->init_input();
$this->load('friend');
}
function ondelete() {
$uid = intval($this->input('uid'));
$friendids = $this->input('friendids');
$id = $_ENV['friend']->delete($uid, $friendids);
return $id;
}
function onadd() {
$uid = intval($this->input('uid'));
$friendid = $this->input('friendid');
$comment = $this->input('comment');
$id = $_ENV['friend']->add($uid, $friendid, $comment);
return $id;
}
function ontotalnum() {
$uid = intval($this->input('uid'));
$direction = intval($this->input('direction'));
$totalnum = $_ENV['friend']->get_totalnum_by_uid($uid, $direction);
return $totalnum;
}
function onls() {
$uid = intval($this->input('uid'));
$page = intval($this->input('page'));
$pagesize = intval($this->input('pagesize'));
$totalnum = intval($this->input('totalnum'));
$direction = intval($this->input('direction'));
$pagesize = $pagesize ? $pagesize : UC_PPP;
$totalnum = $totalnum ? $totalnum : $_ENV['friend']->get_totalnum_by_uid($uid);
$data = $_ENV['friend']->get_list($uid, $page, $pagesize, $totalnum, $direction);
return $data;
}
}
?>

1
uc_client/control/index.htm Normal file
View File

@@ -0,0 +1 @@

41
uc_client/control/mail.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: mail.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class mailcontrol extends base {
function __construct() {
$this->mailcontrol();
}
function mailcontrol() {
parent::__construct();
$this->init_input();
}
function onadd() {
$this->load('mail');
$mail = array();
$mail['appid'] = UC_APPID;
$mail['uids'] = explode(',', $this->input('uids'));
$mail['emails'] = explode(',', $this->input('emails'));
$mail['subject'] = $this->input('subject');
$mail['message'] = $this->input('message');
$mail['charset'] = $this->input('charset');
$mail['htmlon'] = intval($this->input('htmlon'));
$mail['level'] = abs(intval($this->input('level')));
$mail['frommail'] = $this->input('frommail');
$mail['dateline'] = $this->time;
return $_ENV['mail']->add($mail);
}
}
?>

365
uc_client/control/pm.php Normal file
View File

@@ -0,0 +1,365 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: pm.php 1067 2011-03-08 10:06:51Z svn_project_zhangjie $
*/
!defined('IN_UC') && exit('Access Denied');
define('PRIVATEPMTHREADLIMIT_ERROR', -1);
define('PMFLOODCTRL_ERROR', -2);
define('PMMSGTONOTFRIEND', -3);
define('PMSENDREGDAYS', -4);
define('CHATPMTHREADLIMIT_ERROR', -5);
define('CHATPMMEMBERLIMIT_ERROR', -7);
class pmcontrol extends base {
function __construct() {
$this->pmcontrol();
}
function pmcontrol() {
parent::__construct();
$this->load('user');
$this->load('pm');
}
function oncheck_newpm() {
$this->init_input();
$uid = intval($this->input('uid'));
$more = intval($this->input('more'));
if(!$_ENV['pm']->isnewpm($uid) && !$more) {
return 0;
}
$newprvpm = $_ENV['pm']->getpmnum($uid, 1, 1);
$newchatpm = $_ENV['pm']->getpmnum($uid, 2, 1);
$newpm = $newprvpm + $newchatpm;
if($more == 0) {
return $newpm;
} elseif($more == 1) {
return array('newpm' => $newpm, 'newprivatepm' => $newprvpm);
} elseif($more == 2 || $more == 3) {
if($more == 2) {
return array('newpm' => $newpm, 'newprivatepm' => $newprvpm, 'newchatpm' => $newchatpm);
} else {
$lastpm = $_ENV['pm']->lastpm($uid);
require_once UC_ROOT.'lib/uccode.class.php';
$this->uccode = new uccode();
$lastpm['lastsummary'] = $this->uccode->complie($lastpm['lastsummary']);
return array('newpm' => $newpm, 'newprivatepm' => $newprvpm, 'newchatpm' => $newchatpm, 'lastdate' => $lastpm['lastdateline'], 'lastmsgfromid' => $lastpm['lastauthorid'], 'lastmsgfrom' => $lastpm['lastauthorusername'], 'lastmsg' => $lastpm['lastsummary']);
}
} elseif($more == 4) {
return array('newpm' => $newpm, 'newprivatepm' => $newprvpm, 'newchatpm' => $newchatpm);
} else {
return 0;
}
}
function onsendpm() {
$this->init_input();
$fromuid = $this->input('fromuid');
$msgto = $this->input('msgto');
$subject = $this->input('subject');
$message = $this->input('message');
$replypmid = $this->input('replypmid');
$isusername = $this->input('isusername');
$type = $this->input('type');
if(!$fromuid) {
return 0;
}
$user = $_ENV['user']->get_user_by_uid($fromuid);
$user = daddslashes($user, 1);
if(!$user) {
return 0;
}
$this->user['uid'] = $user['uid'];
$this->user['username'] = $user['username'];
if($replypmid) {
$isusername = 0;
$plid = $_ENV['pm']->getplidbypmid($replypmid);
$msgto = $_ENV['pm']->getuidbyplid($plid);
unset($msgto[$this->user['uid']]);
} else {
if(!empty($msgto)) {
$msgto = array_unique(explode(',', $msgto));
}
}
if($isusername) {
$msgto = $_ENV['user']->name2id($msgto);
}
$countmsgto = count($msgto);
if($this->settings['pmsendregdays']) {
if($user['regdate'] > $this->time - $this->settings['pmsendregdays'] * 86400) {
return PMSENDREGDAYS;
}
}
if($this->settings['chatpmmemberlimit']) {
if($type == 1 && ($countmsgto > ($this->settings['chatpmmemberlimit'] - 1))) {
return CHATPMMEMBERLIMIT_ERROR;
}
}
if($this->settings['pmfloodctrl']) {
if(!$_ENV['pm']->ispminterval($this->user['uid'], $this->settings['pmfloodctrl'])) {
return PMFLOODCTRL_ERROR;
}
}
if($this->settings['privatepmthreadlimit']) {
if(!$_ENV['pm']->isprivatepmthreadlimit($this->user['uid'], $this->settings['privatepmthreadlimit'])) {
return PRIVATEPMTHREADLIMIT_ERROR;
}
}
if($this->settings['chatpmthreadlimit']) {
if(!$_ENV['pm']->ischatpmthreadlimit($this->user['uid'], $this->settings['chatpmthreadlimit'])) {
return CHATPMTHREADLIMIT_ERROR;
}
}
$lastpmid = 0;
if($replypmid) {
$lastpmid = $_ENV['pm']->replypm($plid, $this->user['uid'], $this->user['username'], $message);
} else {
$lastpmid = $_ENV['pm']->sendpm($this->user['uid'], $this->user['username'], $msgto, $subject, $message, $type);
}
return $lastpmid;
}
function ondelete() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$pmids = $this->input('pmids');
if(empty($pmids)) {
return 0;
}
if(is_array($pmids)) {
$this->apps = $this->cache('apps');
if($this->apps[$this->app['appid']]['type'] == 'UCHOME') {
$id = $_ENV['pm']->deletepmbyplids($this->user['uid'], $this->input('pmids'));
} else {
$id = $_ENV['pm']->deletepmbypmids($this->user['uid'], $this->input('pmids'));
}
} else {
$id = $_ENV['pm']->deletepmbypmid($this->user['uid'], $this->input('pmids'));
}
return $id;
}
function ondeletechat() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$plids = $this->input('plids');
$type = intval($this->input('type'));
if($type == 1) {
return $_ENV['pm']->deletepmbyplids($this->user['uid'], $plids);
} else {
return $_ENV['pm']->quitchatpm($this->user['uid'], $plids);
}
}
function ondeleteuser() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$id = $_ENV['pm']->deletepmbyplids($this->user['uid'], $this->input('touids'), 1);
return $id;
}
function onreadstatus() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$_ENV['pm']->setpmstatus($this->user['uid'], $this->input('uids'), $this->input('plids'), $this->input('status'));
}
function onignore() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
return $_ENV['pm']->set_ignore($this->user['uid']);
}
function onls() {
$this->init_input();
$pagesize = $this->input('pagesize');
$filter = $this->input('filter');
$page = $this->input('page');
$msglen = $this->input('msglen');
$this->user['uid'] = intval($this->input('uid'));
$filter = $filter ? (in_array($filter, array('newpm', 'privatepm')) ? $filter : '') : '';
if($filter == 'newpm') {
$type = 0;
$new = 1;
} elseif($filter == 'privatepm') {
$type = 0;
$new = 0;
} else {
return array();
}
$pmnum = $_ENV['pm']->getpmnum($this->user['uid'], $type, $new);
$start = $this->page_get_start($page, $pagesize, $pmnum);
if($pagesize > 0) {
$pms = $_ENV['pm']->getpmlist($this->user['uid'], $filter, $start, $pagesize);
if(is_array($pms) && !empty($pms)) {
foreach($pms as $key => $pm) {
if($msglen) {
$pms[$key]['lastsummary'] = $_ENV['pm']->removecode($pms[$key]['lastsummary'], $msglen);
} else {
unset($pms[$key]['lastsummary']);
}
}
}
$result['data'] = $pms;
}
$result['count'] = $pmnum;
return $result;
}
function onview() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$pmid = $this->input('pmid');
$touid = $this->input('touid');
$daterange = $this->input('daterange');
$page = $this->input('page');
$pagesize = $this->input('pagesize');
$isplid = $this->input('isplid');
$type = $this->input('type');
$daterange = empty($daterange) ? 1 : $daterange;
$today = $this->time - ($this->time + $this->settings['timeoffset']) % 86400;
if($daterange == 1) {
$starttime = $today;
} elseif($daterange == 2) {
$starttime = $today - 86400;
} elseif($daterange == 3) {
$starttime = $today - 172800;
} elseif($daterange == 4) {
$starttime = $today - 604800;
} elseif($daterange == 5) {
$starttime = 0;
}
$endtime = $this->time;
if(!$isplid) {
$plid = $_ENV['pm']->getplidbytouid($this->user['uid'], $touid);
} else {
$plid = $touid;
}
if($page) {
$pmnum = $_ENV['pm']->getpmnumbyplid($this->user['uid'], $plid);
$start = $this->page_get_start($page, $pagesize, $pmnum);
$ppp = $pagesize;
} else {
$pmnum = 0;
$start = 0;
$ppp = 0;
}
if($pmid) {
$pms = $_ENV['pm']->getpmbypmid($this->user['uid'], $pmid);
} else {
$pms = $_ENV['pm']->getpmbyplid($this->user['uid'], $plid, $starttime, $endtime, $start, $ppp, $type);
}
require_once UC_ROOT.'lib/uccode.class.php';
$this->uccode = new uccode();
if($pms) {
foreach($pms as $key => $pm) {
$pms[$key]['message'] = $this->uccode->complie($pms[$key]['message']);
}
}
return $pms;
}
function onviewnum() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$touid = $this->input('touid');
$isplid = $this->input('isplid');
if(!$isplid) {
$plid = $_ENV['pm']->getplidbytouid($this->user['uid'], $touid);
} else {
$plid = $touid;
}
$pmnum = $_ENV['pm']->getpmnumbyplid($this->user['uid'], $plid);
return $pmnum;
}
function onviewnode() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$type = $this->input('type');
$pmid = $this->input('pmid');
$type = 0;
$pms = $_ENV['pm']->getpmbypmid($this->user['uid'], $pmid);
require_once UC_ROOT.'lib/uccode.class.php';
$this->uccode = new uccode();
if($pms) {
foreach($pms as $key => $pm) {
$pms[$key]['message'] = $this->uccode->complie($pms[$key]['message']);
}
}
$pms = $pms[0];
return $pms;
}
function onchatpmmemberlist() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$plid = intval($this->input('plid'));
return $_ENV['pm']->chatpmmemberlist($this->user['uid'], $plid);
}
function onkickchatpm() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$plid = intval($this->input('plid'));
$touid = intval($this->input('touid'));
return $_ENV['pm']->kickchatpm($plid, $this->user['uid'], $touid);
}
function onappendchatpm() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$plid = intval($this->input('plid'));
$touid = intval($this->input('touid'));
return $_ENV['pm']->appendchatpm($plid, $this->user['uid'], $touid);
}
function onblackls_get() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
return $_ENV['pm']->get_blackls($this->user['uid']);
}
function onblackls_set() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$blackls = $this->input('blackls');
return $_ENV['pm']->set_blackls($this->user['uid'], $blackls);
}
function onblackls_add() {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$username = $this->input('username');
return $_ENV['pm']->update_blackls($this->user['uid'], $username, 1);
}
function onblackls_delete($arr) {
$this->init_input();
$this->user['uid'] = intval($this->input('uid'));
$username = $this->input('username');
return $_ENV['pm']->update_blackls($this->user['uid'], $username, 2);
}
}
?>

85
uc_client/control/tag.php Normal file
View File

@@ -0,0 +1,85 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: tag.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class tagcontrol extends base {
function __construct() {
$this->tagcontrol();
}
function tagcontrol() {
parent::__construct();
$this->init_input();
$this->load('tag');
$this->load('misc');
}
function ongettag() {
$appid = $this->input('appid');
$tagname = $this->input('tagname');
$nums = $this->input('nums');
if(empty($tagname)) {
return NULL;
}
$return = $apparray = $appadd = array();
if($nums && is_array($nums)) {
foreach($nums as $k => $num) {
$apparray[$k] = $k;
}
}
$data = $_ENV['tag']->get_tag_by_name($tagname);
if($data) {
$apparraynew = array();
foreach($data as $tagdata) {
$row = $r = array();
$tmp = explode("\t", $tagdata['data']);
$type = $tmp[0];
array_shift($tmp);
foreach($tmp as $tmp1) {
$tmp1 != '' && $r[] = $_ENV['misc']->string2array($tmp1);
}
if(in_array($tagdata['appid'], $apparray)) {
if($tagdata['expiration'] > 0 && $this->time - $tagdata['expiration'] > 3600) {
$appadd[] = $tagdata['appid'];
$_ENV['tag']->formatcache($tagdata['appid'], $tagname);
} else {
$apparraynew[] = $tagdata['appid'];
}
$datakey = array();
$count = 0;
foreach($r as $data) {
$return[$tagdata['appid']]['data'][] = $data;
$return[$tagdata['appid']]['type'] = $type;
$count++;
if($count >= $nums[$tagdata['appid']]) {
break;
}
}
}
}
$apparray = array_diff($apparray, $apparraynew);
} else {
foreach($apparray as $appid) {
$_ENV['tag']->formatcache($appid, $tagname);
}
}
if($apparray) {
$this->load('note');
$_ENV['note']->add('gettag', "id=$tagname", '', $appadd, -1);
}
return $return;
}
}
?>

424
uc_client/control/user.php Normal file
View File

@@ -0,0 +1,424 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: user.php 1174 2014-11-03 04:38:12Z hypowang $
*/
!defined('IN_UC') && exit('Access Denied');
define('UC_USER_CHECK_USERNAME_FAILED', -1);
define('UC_USER_USERNAME_BADWORD', -2);
define('UC_USER_USERNAME_EXISTS', -3);
define('UC_USER_EMAIL_FORMAT_ILLEGAL', -4);
define('UC_USER_EMAIL_ACCESS_ILLEGAL', -5);
define('UC_USER_EMAIL_EXISTS', -6);
define('UC_USER_USERNAME_CHANGE_FAILED', -7);
define('UC_USER_SECMOBILE_EXISTS', -9);
class usercontrol extends base {
function __construct() {
$this->usercontrol();
}
function usercontrol() {
parent::__construct();
$this->load('user');
$this->app = $this->cache['apps'][UC_APPID];
}
function onsynlogin() {
$this->init_input();
$uid = $this->input('uid');
if($this->app['synlogin']) {
if($this->user = $_ENV['user']->get_user_by_uid($uid)) {
$synstr = '';
foreach($this->cache['apps'] as $appid => $app) {
if($app['synlogin'] && $app['appid'] != $this->app['appid']) {
$synstr .= '<script type="text/javascript" src="'.$app['url'].'/api/uc.php?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogin&username='.$this->user['username'].'&uid='.$this->user['uid'].'&password='.$this->user['password']."&time=".$this->time, 'ENCODE', $app['authkey'])).'"></script>';
}
}
return $synstr;
}
}
return '';
}
function onsynlogout() {
$this->init_input();
if($this->app['synlogin']) {
$synstr = '';
foreach($this->cache['apps'] as $appid => $app) {
if($app['synlogin'] && $app['appid'] != $this->app['appid']) {
$synstr .= '<script type="text/javascript" src="'.$app['url'].'/api/uc.php?time='.$this->time.'&code='.urlencode($this->authcode('action=synlogout&time='.$this->time, 'ENCODE', $app['authkey'])).'"></script>';
}
}
return $synstr;
}
return '';
}
function onregister() {
$this->init_input();
$username = $this->input('username');
$password = $this->input('password');
$email = $this->input('email');
$questionid = $this->input('questionid');
$answer = $this->input('answer');
$regip = $this->input('regip');
$secmobicc = $this->input('secmobicc');
$secmobile = $this->input('secmobile');
if(($status = $this->_check_username($username)) < 0) {
return $status;
}
if(($status = $this->_check_email($email)) < 0) {
return $status;
}
if(($status = $this->_check_secmobile($secmobicc, $secmobile)) > 0) {
return UC_USER_SECMOBILE_EXISTS;
}
$uid = $_ENV['user']->add_user($username, $password, $email, 0, $questionid, $answer, $regip, $secmobicc, $secmobile);
return $uid;
}
function onedit() {
$this->init_input();
$username = $this->input('username');
$oldpw = $this->input('oldpw');
$newpw = $this->input('newpw');
$email = $this->input('email');
$ignoreoldpw = $this->input('ignoreoldpw');
$questionid = $this->input('questionid');
$answer = $this->input('answer');
$secmobicc = $this->input('secmobicc');
$secmobile = $this->input('secmobile');
if(!$ignoreoldpw && $email && ($status = $this->_check_email($email, $username)) < 0) {
return $status;
}
if(($status = $this->_check_secmobile($secmobicc, $secmobile, $username)) > 0) {
return UC_USER_SECMOBILE_EXISTS;
}
$status = $_ENV['user']->edit_user($username, $oldpw, $newpw, $email, $ignoreoldpw, $questionid, $answer, $secmobicc, $secmobile);
if($newpw && $status > 0) {
$this->load('note');
$_ENV['note']->add('updatepw', 'username='.urlencode($username).'&password=');
$_ENV['note']->send();
}
if($status > 0) {
$tmp = $_ENV['user']->get_user_by_username($username);
$_ENV['user']->user_log($tmp['uid'], 'edituser', 'uid='.$tmp['uid'].'&email='.urlencode($email).'&secmobicc='.urlencode($secmobicc).'&secmobile='.urlencode($secmobile));
}
return $status;
}
function onlogin() {
$this->init_input();
$isuid = $this->input('isuid');
$username = $this->input('username');
$password = $this->input('password');
$checkques = $this->input('checkques');
$questionid = $this->input('questionid');
$answer = $this->input('answer');
$ip = $this->input('ip');
$nolog = $this->input('nolog');
$check_times = $this->settings['login_failedtime'] > 0 ? $this->settings['login_failedtime'] : ($this->settings['login_failedtime'] < 0 ? 0 : 5);
if($ip && $check_times && !$loginperm = $_ENV['user']->can_do_login($username, $ip)) {
$status = -4;
return array($status, '', $password, '', 0);
}
if($isuid == 1) {
$user = $_ENV['user']->get_user_by_uid($username);
} elseif($isuid == 2) {
$user = $_ENV['user']->get_user_by_email($username);
} elseif($isuid == 4) {
list($secmobicc, $secmobile) = explode('-', $username);
$user = $_ENV['user']->get_user_by_secmobile($secmobicc, $secmobile);
} else {
$user = $_ENV['user']->get_user_by_username($username);
}
if(empty($user)) {
$status = -1;
} elseif(!$_ENV['user']->verify_password($password, $user['password'], $user['salt'])) {
$status = -2;
} elseif($checkques && $user['secques'] != $_ENV['user']->quescrypt($questionid, $answer)) {
$status = -3;
} else {
$_ENV['user']->upgrade_password($username, $password, $user['password'], $user['salt']);
$status = $user['uid'];
}
if(!$nolog && $ip && $check_times && $status <= 0) {
$_ENV['user']->loginfailed($username, $ip);
}
$merge = $status != -1 && !$isuid && $_ENV['user']->check_mergeuser($username) ? 1 : 0;
return array($status, $user['username'], $password, $user['email'], $merge);
}
function onlogincheck() {
$this->init_input();
$username = $this->input('username');
$ip = $this->input('ip');
return $_ENV['user']->can_do_login($username, $ip);
}
function oncheck_email() {
$this->init_input();
$email = $this->input('email');
return $this->_check_email($email);
}
function oncheck_secmobile() {
$this->init_input();
$secmobicc = $this->input('secmobicc');
$secmobile = $this->input('secmobile');
return $this->_check_secmobile($secmobicc, $secmobile);
}
function oncheck_username() {
$this->init_input();
$username = $this->input('username');
if(($status = $this->_check_username($username)) < 0) {
return $status;
} else {
return 1;
}
}
function onget_user() {
$this->init_input();
$username = $this->input('username');
if(!$this->input('isuid')) {
$status = $_ENV['user']->get_user_by_username($username);
} else {
$status = $_ENV['user']->get_user_by_uid($username);
}
if($status) {
return array($status['uid'],$status['username'],$status['email']);
} else {
return 0;
}
}
function onchgusername() {
$this->init_input();
$uid = $this->input('uid');
$newusername = $this->input('newusername');
if(($status = $this->_check_username($newusername)) < 0) {
return $status;
}
$user = $_ENV['user']->get_user_by_uid($uid);
$oldusername = $user['username'];
if($_ENV['user']->chgusername($uid, $newusername)) {
$_ENV['user']->user_log($uid, 'renameuser', 'uid='.$uid.'&oldusername='.urlencode($oldusername).'&newusername='.urlencode($newusername));
$this->load('note');
$_ENV['note']->add('renameuser', 'uid='.$uid.'&oldusername='.urlencode($oldusername).'&newusername='.urlencode($newusername));
$_ENV['note']->send();
return 1;
}
return UC_USER_USERNAME_CHANGE_FAILED;
}
function ongetprotected() {
$this->init_input();
$protectedmembers = $this->db->fetch_all("SELECT uid,username FROM ".UC_DBTABLEPRE."protectedmembers GROUP BY username");
return $protectedmembers;
}
function ondelete() {
$this->init_input();
$uid = $this->input('uid');
return $_ENV['user']->delete_user($uid);
}
function ondeleteavatar() {
$this->init_input();
$uid = $this->input('uid');
$_ENV['user']->delete_useravatar($uid);
}
function onaddprotected() {
$this->init_input();
$username = $this->input('username');
$admin = $this->input('admin');
$appid = $this->app['appid'];
$usernames = (array)$username;
foreach($usernames as $username) {
$user = $_ENV['user']->get_user_by_username($username);
$uid = $user['uid'];
$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."protectedmembers SET uid='$uid', username='$username', appid='$appid', dateline='{$this->time}', admin='$admin'", 'SILENT');
}
return $this->db->errno() ? -1 : 1;
}
function ondeleteprotected() {
$this->init_input();
$username = $this->input('username');
$appid = $this->app['appid'];
$usernames = (array)$username;
foreach($usernames as $username) {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."protectedmembers WHERE username='$username' AND appid='$appid'");
}
return $this->db->errno() ? -1 : 1;
}
function onmerge() {
$this->init_input();
$oldusername = $this->input('oldusername');
$newusername = $this->input('newusername');
$uid = $this->input('uid');
$password = $this->input('password');
$email = $this->input('email');
if(($status = $this->_check_username($newusername)) < 0) {
return $status;
}
$uid = $_ENV['user']->add_user($newusername, $password, $email, $uid);
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."mergemembers WHERE appid='".$this->app['appid']."' AND username='$oldusername'");
return $uid;
}
function onmerge_remove() {
$this->init_input();
$username = $this->input('username');
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."mergemembers WHERE appid='".$this->app['appid']."' AND username='$username'");
return NULL;
}
function _check_username($username) {
$username = addslashes(trim(stripslashes($username)));
if(!$_ENV['user']->check_username($username)) {
return UC_USER_CHECK_USERNAME_FAILED;
} elseif(!$_ENV['user']->check_usernamecensor($username)) {
return UC_USER_USERNAME_BADWORD;
} elseif($_ENV['user']->check_usernameexists($username)) {
return UC_USER_USERNAME_EXISTS;
}
return 1;
}
function _check_email($email, $username = '') {
if(empty($this->settings)) {
$this->settings = $this->cache('settings');
}
if(!$_ENV['user']->check_emailformat($email)) {
return UC_USER_EMAIL_FORMAT_ILLEGAL;
} elseif(!$_ENV['user']->check_emailaccess($email)) {
return UC_USER_EMAIL_ACCESS_ILLEGAL;
} elseif(!$this->settings['doublee'] && $_ENV['user']->check_emailexists($email, $username)) {
return UC_USER_EMAIL_EXISTS;
} else {
return 1;
}
}
function _check_secmobile($secmobicc, $secmobile, $username = '') {
return $_ENV['user']->check_secmobileexists($secmobicc, $secmobile, $username);
}
function onuploadavatar() {
}
function onrectavatar() {
@header("Expires: 0");
@header("Cache-Control: private, post-check=0, pre-check=0, max-age=0", FALSE);
@header("Pragma: no-cache");
if(getgpc('base64', 'G')){
header("Content-type: text/html; charset=utf-8");
}else{
header("Content-type: application/xml; charset=utf-8");
}
$this->init_input(getgpc('agent'));
$uid = $this->input('uid');
if(empty($uid)) {
return '<root><message type="error" value="-1" /></root>';
}
$home = $this->get_home($uid);
if(!defined('UC_UPAVTDIR')) {
define('UC_UPAVTDIR', UC_DATADIR.'./avatar/');
}
if(!is_dir(UC_UPAVTDIR.$home)) {
$this->set_home($uid, UC_UPAVTDIR);
}
$avatartype = getgpc('avatartype', 'G') == 'real' ? 'real' : 'virtual';
$bigavatarfile = UC_UPAVTDIR.$this->get_avatar($uid, 'big', $avatartype);
$middleavatarfile = UC_UPAVTDIR.$this->get_avatar($uid, 'middle', $avatartype);
$smallavatarfile = UC_UPAVTDIR.$this->get_avatar($uid, 'small', $avatartype);
$bigavatar = $this->flashdata_decode(getgpc('avatar1', 'P'));
$middleavatar = $this->flashdata_decode(getgpc('avatar2', 'P'));
$smallavatar = $this->flashdata_decode(getgpc('avatar3', 'P'));
if(!$bigavatar || !$middleavatar || !$smallavatar) {
return '<root><message type="error" value="-2" /></root>';
}
$success = 1;
$fp = @fopen($bigavatarfile, 'wb');
@fwrite($fp, $bigavatar);
@fclose($fp);
$fp = @fopen($middleavatarfile, 'wb');
@fwrite($fp, $middleavatar);
@fclose($fp);
$fp = @fopen($smallavatarfile, 'wb');
@fwrite($fp, $smallavatar);
@fclose($fp);
$biginfo = @getimagesize($bigavatarfile);
$middleinfo = @getimagesize($middleavatarfile);
$smallinfo = @getimagesize($smallavatarfile);
if(!$biginfo || !$middleinfo || !$smallinfo || $biginfo[2] == 4 || $middleinfo[2] == 4 || $smallinfo[2] == 4
|| $biginfo[0] > 200 || $biginfo[1] > 250 || $middleinfo[0] > 120 || $middleinfo[1] > 120 || $smallinfo[0] > 48 || $smallinfo[1] > 48) {
file_exists($bigavatarfile) && unlink($bigavatarfile);
file_exists($middleavatarfile) && unlink($middleavatarfile);
file_exists($smallavatarfile) && unlink($smallavatarfile);
$success = 0;
}
if(getgpc('base64', 'G')){
if($success) {
return "<script>window.parent.postMessage('success','*');</script>";
} else {
return "<script>window.parent.postMessage('failure','*');</script>";
}
}else{
$filetype = '.jpg';
@unlink(UC_DATADIR.'./tmp/upload'.$uid.$filetype);
if($success) {
return '<?xml version="1.0" ?><root><face success="1"/></root>';
} else {
return '<?xml version="1.0" ?><root><face success="0"/></root>';
}
}
}
function flashdata_decode($s) {
$r = '';
if(getgpc('base64', 'G')){
$r = base64_decode($s);
}else{
$l = strlen($s);
for($i=0; $i<$l; $i=$i+2) {
$k1 = ord($s[$i]) - 48;
$k1 -= $k1 > 9 ? 7 : 0;
$k2 = ord($s[$i+1]) - 48;
$k2 -= $k2 > 9 ? 7 : 0;
$r .= chr($k1 << 4 | $k2);
}
}
return $r;
}
}
?>

22
uc_client/data/cache/apps.php vendored Normal file
View File

@@ -0,0 +1,22 @@
<?php
$_CACHE['apps'] = array (
1 =>
array (
'appid' => '1',
'type' => 'DISCUZX',
'name' => 'Discuz! Board',
'url' => 'http://localhost:8080/discuz',
'ip' => '',
'viewprourl' => '',
'apifilename' => 'uc.php',
'charset' => 'utf-8',
'dbcharset' => 'utf8mb4',
'synlogin' => '1',
'recvnote' => '1',
'extra' => '',
'tagtemplates' => '',
'allowips' => '',
),
);
?>

0
uc_client/data/cache/index.htm vendored Normal file
View File

35
uc_client/data/cache/settings.php vendored Normal file
View File

@@ -0,0 +1,35 @@
<?php
$_CACHE['settings'] = array (
'accessemail' => '',
'addappbyurl' => '0',
'censoremail' => '',
'censorusername' => '',
'chatpmmemberlimit' => '35',
'chatpmthreadlimit' => '30',
'dateformat' => 'y-n-j',
'doublee' => '0',
'insecureoperation' => '0',
'login_failedtime' => '5',
'mailauth' => '1',
'mailauth_password' => 'password',
'mailauth_username' => 'username@21cn.com',
'maildefault' => 'username@21cn.com',
'maildelimiter' => '0',
'mailfrom' => 'UCenter <username@21cn.com>',
'mailport' => '25',
'mailsend' => '1',
'mailserver' => 'smtp.21cn.com',
'mailsilent' => '1',
'mailtimeout' => '30',
'mailusername' => '1',
'nextnotetime' => '0',
'pmcenter' => '1',
'pmfloodctrl' => '15',
'pmsendregdays' => '0',
'privatepmthreadlimit' => '25',
'sendpmseccode' => '1',
'timeoffset' => '28800',
'version' => '1.7.0',
);
?>

0
uc_client/data/index.htm Normal file
View File

141
uc_client/extend_client.php Normal file
View File

@@ -0,0 +1,141 @@
<?php
/*
[NOTICE]
This file is NOT part of UCenter!
Developers should make their own extensions to handle UCenter notifications.
*/
(defined('IN_UC') || defined('IN_API')) or exit('Access denied');
if(!defined('API_RETURN_SUCCEED')) {
define('API_RETURN_SUCCEED', '1');
define('API_RETURN_FAILED', '-1');
define('API_RETURN_FORBIDDEN', '-2');
}
class uc_note_handler {
public static function deleteuser($get, $post) {
global $_G;
$uids = str_replace("'", '', stripslashes($get['ids']));
$ids = array();
$ids = array_keys(C::t('common_member')->fetch_all($uids));
require_once DISCUZ_ROOT.'./source/function/function_delete.php';
$ids && deletemember($ids);
return API_RETURN_SUCCEED;
}
public static function renameuser($get, $post) {
global $_G;
$len = strlen($get['newusername']);
if($len > 22 || $len < 3 || preg_match("/\s+|^c:\\con\\con|[%,\*\"\s\<\>\&\(\)']/is", $get['newusername'])) {
return API_RETURN_FAILED;
}
$tables = array(
'common_block' => array('id' => 'uid', 'name' => 'username'),
'common_invite' => array('id' => 'fuid', 'name' => 'fusername'),
'common_member_verify_info' => array('id' => 'uid', 'name' => 'username'),
'common_mytask' => array('id' => 'uid', 'name' => 'username'),
'common_report' => array('id' => 'uid', 'name' => 'username'),
'forum_thread' => array('id' => 'authorid', 'name' => 'author'),
'forum_activityapply' => array('id' => 'uid', 'name' => 'username'),
'forum_groupuser' => array('id' => 'uid', 'name' => 'username'),
'forum_pollvoter' => array('id' => 'uid', 'name' => 'username'),
'forum_post' => array('id' => 'authorid', 'name' => 'author'),
'forum_postcomment' => array('id' => 'authorid', 'name' => 'author'),
'forum_ratelog' => array('id' => 'uid', 'name' => 'username'),
'home_album' => array('id' => 'uid', 'name' => 'username'),
'home_blog' => array('id' => 'uid', 'name' => 'username'),
'home_clickuser' => array('id' => 'uid', 'name' => 'username'),
'home_docomment' => array('id' => 'uid', 'name' => 'username'),
'home_doing' => array('id' => 'uid', 'name' => 'username'),
'home_feed' => array('id' => 'uid', 'name' => 'username'),
'home_friend' => array('id' => 'fuid', 'name' => 'fusername'),
'home_friend_request' => array('id' => 'fuid', 'name' => 'fusername'),
'home_notification' => array('id' => 'authorid', 'name' => 'author'),
'home_pic' => array('id' => 'uid', 'name' => 'username'),
'home_poke' => array('id' => 'fromuid', 'name' => 'fromusername'),
'home_share' => array('id' => 'uid', 'name' => 'username'),
'home_show' => array('id' => 'uid', 'name' => 'username'),
'home_specialuser' => array('id' => 'uid', 'name' => 'username'),
'home_visitor' => array('id' => 'vuid', 'name' => 'vusername'),
'portal_article_title' => array('id' => 'uid', 'name' => 'username'),
'portal_comment' => array('id' => 'uid', 'name' => 'username'),
'portal_topic' => array('id' => 'uid', 'name' => 'username'),
'portal_topic_pic' => array('id' => 'uid', 'name' => 'username'),
);
if(!C::t('common_member')->update($get['uid'], array('username' => $get['newusername'])) && isset($_G['setting']['membersplit'])){
C::t('common_member_archive')->update($get['uid'], array('username' => $get['newusername']));
}
loadcache("posttableids");
if($_G['cache']['posttableids']) {
$posttableids = is_array($_G['cache']['posttableids']) ? $_G['cache']['posttableids'] : array(0);
foreach($posttableids AS $tableid) {
$tables[getposttable($tableid)] = array('id' => 'authorid', 'name' => 'author');
}
}
foreach($tables as $table => $conf) {
DB::query("UPDATE ".DB::table($table)." SET `{$conf['name']}`='{$get['newusername']}' WHERE `{$conf['id']}`='{$get['uid']}'");
}
return API_RETURN_SUCCEED;
}
public static function updatepw($get, $post) {
global $_G;
$username = $get['username'];
$newpw = md5(time().rand(100000, 999999));
$uid = 0;
if(($uid = C::t('common_member')->fetch_uid_by_username($username))) {
$ext = '';
} elseif(($uid = C::t('common_member_archive')->fetch_uid_by_username($username))) {
$ext = '_archive';
}
if($uid) {
C::t('common_member'.$ext)->update($uid, array('password' => $newpw));
}
return API_RETURN_SUCCEED;
}
public static function checkavatar($get, $post) {
global $_G;
$uid = $get['uid'];
$size = $get['size'];
$type = $get['type'];
$size = in_array($size, array('big', 'middle', 'small')) ? $size : 'middle';
$uid = abs(intval($uid));
$uid = sprintf("%09d", $uid);
$dir1 = substr($uid, 0, 3);
$dir2 = substr($uid, 3, 2);
$dir3 = substr($uid, 5, 2);
$typeadd = $type == 'real' ? '_real' : '';
if(!UC_AVTPATH) {
$avtpath = './data/avatar/';
} else {
$avtpath = str_replace('..', '', UC_AVTPATH);
}
$avatarfile = realpath(DISCUZ_ROOT.$avtpath).'/'.$dir1.'/'.$dir2.'/'.$dir3.'/'.substr($uid, -2).$typeadd."_avatar_$size.jpg";
if(file_exists($avatarfile)) {
return API_RETURN_SUCCEED;
} else {
return API_RETURN_FAILED;
}
}
public static function loadavatarpath() {
global $_G;
if(!defined('UC_DELAVTDIR')) {
define('UC_DELAVTDIR', DISCUZ_ROOT.$_G['setting']['avatarpath'].'/');
}
}
}

1
uc_client/index.htm Normal file
View File

@@ -0,0 +1 @@

235
uc_client/lib/dbi.class.php Normal file
View File

@@ -0,0 +1,235 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: db.class.php 922 2009-02-19 01:30:22Z zhaoxiongfei $
*/
class ucclient_db {
var $querynum = 0;
var $link;
var $histories;
var $stmtcache = array();
var $dbhost;
var $dbuser;
var $dbpw;
var $dbcharset;
var $pconnect;
var $tablepre;
var $time;
var $goneaway = 5;
function connect($dbhost, $dbuser, $dbpw, $dbname = '', $dbcharset = '', $pconnect = 0, $tablepre='', $time = 0) {
if (intval($pconnect) === 1) $dbhost = 'p:' . $dbhost;
$this->dbhost = $dbhost;
$this->dbuser = $dbuser;
$this->dbpw = $dbpw;
$this->dbname = $dbname;
$this->dbcharset = $dbcharset;
$this->pconnect = $pconnect;
$this->tablepre = $tablepre;
$this->time = $time;
mysqli_report(MYSQLI_REPORT_OFF);
if(!$this->link = new mysqli($dbhost, $dbuser, $dbpw, $dbname)) {
$this->halt('Can not connect to MySQL server');
}
$this->link->options(MYSQLI_OPT_LOCAL_INFILE, false);
if($dbcharset) {
$this->link->set_charset($dbcharset);
}
$this->link->query("SET sql_mode=''");
$this->link->query("SET character_set_client=binary");
}
function fetch_array($query, $result_type = MYSQLI_ASSOC) {
return $query ? $query->fetch_array($result_type) : null;
}
function result_first($sql) {
$query = $this->query($sql);
return $this->result($query, 0);
}
function fetch_first($sql) {
$query = $this->query($sql);
return $this->fetch_array($query);
}
function fetch_all($sql, $id = '') {
$arr = array();
$query = $this->query($sql);
while($data = $this->fetch_array($query)) {
$id ? $arr[$data[$id]] = $data : $arr[] = $data;
}
return $arr;
}
function result_first_stmt($sql, $key = array(), $value = array()) {
$query = $this->query_stmt($sql, $key, $value);
return $this->result($query, 0);
}
function fetch_first_stmt($sql, $key = array(), $value = array()) {
$query = $this->query_stmt($sql, $key, $value);
return $this->fetch_array($query);
}
function fetch_all_stmt($sql, $key = array(), $value = array(), $id = '') {
$arr = array();
$query = $this->query_stmt($sql, $key, $value);
while($data = $this->fetch_array($query)) {
$id ? $arr[$data[$id]] = $data : $arr[] = $data;
}
return $arr;
}
function cache_gc() {
$this->query("DELETE FROM {$this->tablepre}sqlcaches WHERE expiry<$this->time");
}
function query($sql, $type = '', $cachetime = FALSE) {
$resultmode = $type == 'UNBUFFERED' ? MYSQLI_USE_RESULT : MYSQLI_STORE_RESULT;
if(!($query = $this->link->query($sql, $resultmode)) && $type != 'SILENT') {
$this->halt('MySQL Query Error', $sql);
}
$this->querynum++;
$this->histories[] = $sql;
return $query;
}
function query_stmt($sql, $key = array(), $value = array(), $type = '', $saveprep = FALSE, $cachetime = FALSE) {
$parse = $this->parse_query($sql, $key, $value);
if($saveprep && array_key_exists(hash("sha256", $parse[0]), $this->stmtcache)) {
$stmt = & $this->stmtcache[hash("sha256", $parse[0])];
} else {
$stmt = $this->link->prepare($parse[0]);
$saveprep && $this->stmtcache[hash("sha256", $parse[0])] = & $stmt;
}
if(!empty($key)) {
$stmt->bind_param(...$parse[1]);
}
if(!($query = $stmt->execute()) && $type != 'SILENT') {
$this->halt('MySQL Query Error', $parse[0]);
}
$this->querynum++;
$this->histories[] = $parse[0];
return strncasecmp("SELECT", $sql, 6) ? $query : $stmt->get_result();
}
function affected_rows() {
return $this->link->affected_rows;
}
function error() {
return $this->link->error;
}
function errno() {
return $this->link->errno;
}
function result($query, $row) {
if(!$query || $query->num_rows == 0) {
return null;
}
$query->data_seek($row);
$assocs = $query->fetch_row();
return $assocs[0];
}
function num_rows($query) {
$query = $query ? $query->num_rows : 0;
return $query;
}
function num_fields($query) {
return $query ? $query->field_count : 0;
}
function free_result($query) {
return $query ? $query->free() : false;
}
function insert_id() {
return ($id = $this->link->insert_id) >= 0 ? $id : $this->result($this->query("SELECT last_insert_id()"), 0);
}
function fetch_row($query) {
$query = $query ? $query->fetch_row() : null;
return $query;
}
function fetch_fields($query) {
return $query ? $query->fetch_field() : null;
}
function version() {
return $this->link->server_info;
}
function escape_string($str) {
return $this->link->escape_string($str);
}
function close() {
return $this->link->close();
}
function parse_query($sql, $key = array(), $value = array()) {
$list = '';
$array = array();
if(strpos($sql, '?')) {
foreach ($key as $k => $v) {
if(in_array($v, array('i', 'd', 's', 'b'))) {
$list .= $v;
$array = array_merge($array, (array)$value[$k]);
}
}
} else {
preg_match_all("/:([A-Za-z0-9]*?)( |$)/", $sql, $matches);
foreach ($matches[1] as $match) {
if(in_array($key[$match], array('i', 'd', 's', 'b'))) {
$list .= $key[$match];
$array = array_merge($array, (array)$value[$match]);
$sql = str_replace(":".$match, "?", $sql);
}
}
}
return array($sql, array_merge((array)$list, $array));
}
function halt($message = '', $sql = '') {
$error = $this->error();
$errorno = $this->errno();
if($errorno == 2006 && $this->goneaway-- > 0) {
$this->connect($this->dbhost, $this->dbuser, $this->dbpw, $this->dbname, $this->dbcharset, $this->pconnect, $this->tablepre, $this->time);
$this->query($sql);
} else {
$s = '';
if($message) {
$s = "<b>UCenter info:</b> $message<br />";
}
if($sql) {
$s .= '<b>SQL:</b>'.htmlspecialchars($sql).'<br />';
}
$s .= '<b>Error:</b>'.$error.'<br />';
$s .= '<b>Errno:</b>'.$errorno.'<br />';
$s = str_replace(UC_DBTABLEPRE, '[Table]', $s);
exit($s);
}
}
}
?>

1
uc_client/lib/index.htm Normal file
View File

@@ -0,0 +1 @@

146
uc_client/lib/sendmail.inc.php Normal file
View File

@@ -0,0 +1,146 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: sendmail.inc.php 1124 2011-12-06 11:03:23Z svn_project_zhangjie $
*/
!defined('IN_UC') && exit('Access Denied');
if($mail_setting['mailsilent']) {
error_reporting(0);
}
$maildelimiter = $mail_setting['maildelimiter'] == 1 ? "\r\n" : ($mail_setting['maildelimiter'] == 2 ? "\r" : "\n");
$mailusername = isset($mail_setting['mailusername']) ? $mail_setting['mailusername'] : 1;
$appname = $this->base->cache['apps'][$mail['appid']]['name'];
$mail['subject'] = '=?'.$mail['charset'].'?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', '['.$appname.'] '.$mail['subject']))).'?=';
$mail['message'] = chunk_split(base64_encode(str_replace("\r\n.", " \r\n..", str_replace("\n", "\r\n", str_replace("\r", "\n", str_replace("\r\n", "\n", str_replace("\n\r", "\r", $mail['message'])))))));
$email_from = $mail['frommail'] == '' ? '=?'.$mail['charset'].'?B?'.base64_encode($appname)."?= <{$mail_setting['maildefault']}>" : (preg_match('/^(.+?) \<(.+?)\>$/',$email_from, $from) ? '=?'.$mail['charset'].'?B?'.base64_encode($from[1])."?= <$from[2]>" : $mail['frommail']);
foreach(explode(',', $mail['email_to']) as $touser) {
$tousers[] = preg_match('/^(.+?) \<(.+?)\>$/',$touser, $to) ? ($mailusername ? '=?'.$mail['charset'].'?B?'.base64_encode($to[1])."?= <$to[2]>" : $to[2]) : $touser;
}
$tousers = is_array($tousers) ? $tousers : array($tousers);
$mail['email_to'] = implode(',', $tousers);
$headers = "From: $email_from{$maildelimiter}X-Priority: 3{$maildelimiter}X-Mailer: Discuz! $version{$maildelimiter}MIME-Version: 1.0{$maildelimiter}Content-type: text/".($mail['htmlon'] ? 'html' : 'plain')."; charset={$mail['charset']}{$maildelimiter}Content-Transfer-Encoding: base64{$maildelimiter}";
$mail_setting['mailport'] = $mail_setting['mailport'] ? $mail_setting['mailport'] : 25;
$mail_setting['mailtimeout'] = isset($mail_setting['mailtimeout']) && strlen($mail_setting['mailtimeout']) ? intval($mail_setting['mailtimeout']) : 30;
if($mail_setting['mailsend'] == 1 && function_exists('mail')) {
return @mail($mail['email_to'], $mail['subject'], $mail['message'], $headers);
} elseif($mail_setting['mailsend'] == 2) {
if(!$fp = fsocketopen($mail_setting['mailserver'], $mail_setting['mailport'], $errno, $errstr, $mail_setting['mailtimeout'])) {
return false;
}
stream_set_blocking($fp, true);
stream_set_timeout($fp, $mail_setting['mailtimeout']);
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != '220') {
return false;
}
fputs($fp, ($mail_setting['mailauth'] ? 'EHLO' : 'HELO')." discuz\r\n");
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != 220 && substr($lastmessage, 0, 3) != 250) {
return false;
}
while(1) {
if(substr($lastmessage, 3, 1) != '-' || empty($lastmessage)) {
break;
}
$lastmessage = fgets($fp, 512);
}
if($mail_setting['mailauth']) {
fputs($fp, "AUTH LOGIN\r\n");
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != 334) {
return false;
}
fputs($fp, base64_encode($mail_setting['mailauth_username'])."\r\n");
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != 334) {
return false;
}
fputs($fp, base64_encode($mail_setting['mailauth_password'])."\r\n");
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != 235) {
return false;
}
$email_from = $mail_setting['mailfrom'];
}
fputs($fp, "MAIL FROM: <".preg_replace("/.*\<(.+?)\>.*/", "\\1", $email_from).">\r\n");
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != 250) {
fputs($fp, "MAIL FROM: <".preg_replace("/.*\<(.+?)\>.*/", "\\1", $email_from).">\r\n");
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != 250) {
return false;
}
}
$email_tos = array();
foreach(explode(',', $mail['email_to']) as $touser) {
$touser = trim($touser);
if($touser) {
fputs($fp, "RCPT TO: <".preg_replace("/.*\<(.+?)\>.*/", "\\1", $touser).">\r\n");
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != 250) {
fputs($fp, "RCPT TO: <".preg_replace("/.*\<(.+?)\>.*/", "\\1", $touser).">\r\n");
$lastmessage = fgets($fp, 512);
return false;
}
}
}
fputs($fp, "DATA\r\n");
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != 354) {
return false;
}
$headers .= 'Message-ID: <'.gmdate('YmdHs').'.'.substr(md5($mail['message'].microtime()), 0, 6).rand(100000, 999999).'@'.$_SERVER['HTTP_HOST'].">{$maildelimiter}";
fputs($fp, "Date: ".gmdate('r')."\r\n");
fputs($fp, "To: ".$mail['email_to']."\r\n");
fputs($fp, "Subject: ".$mail['subject']."\r\n");
fputs($fp, $headers."\r\n");
fputs($fp, "\r\n\r\n");
fputs($fp, "{$mail['message']}\r\n.\r\n");
$lastmessage = fgets($fp, 512);
if(substr($lastmessage, 0, 3) != 250) {
return false;
}
fputs($fp, "QUIT\r\n");
return true;
} elseif($mail_setting['mailsend'] == 3) {
ini_set('SMTP', $mail_setting['mailserver']);
ini_set('smtp_port', $mail_setting['mailport']);
ini_set('sendmail_from', $email_from);
return @mail($mail['email_to'], $mail['subject'], $mail['message'], $headers);
}
?>

148
uc_client/lib/uccode.class.php Normal file
View File

@@ -0,0 +1,148 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: uccode.class.php 1166 2014-11-03 01:49:32Z hypowang $
*/
class uccode {
var $uccodes;
function __construct() {
$this->uccode();
}
function uccode() {
$this->uccode = array(
'pcodecount' => -1,
'codecount' => 0,
'codehtml' => array()
);
}
function codedisp($code) {
$this->uccode['pcodecount']++;
$code = str_replace('\\"', '"', preg_replace("/^[\n\r]*(.+?)[\n\r]*$/is", "\\1", $code));
$this->uccode['codehtml'][$this->uccode['pcodecount']] = $this->tpl_codedisp($code);
$this->uccode['codecount']++;
return "[\tUCENTER_CODE_".$this->uccode['pcodecount']."\t]";
}
function complie($message) {
$message = dhtmlspecialchars($message);
if(strpos($message, '[/code]') !== FALSE) {
$message = preg_replace_callback("/\s*\[code\](.+?)\[\/code\]\s*/is", array($this, 'complie_callback_codedisp_1'), $message);
}
if(strpos($message, '[/url]') !== FALSE) {
$message = preg_replace_callback("/\[url(=((https?|ftp|gopher|news|telnet|rtsp|mms|callto|bctp|ed2k|thunder|synacast){1}:\/\/|www\.)([^\[\"']+?))?\](.+?)\[\/url\]/is", array($this, 'complie_callback_parseurl_15'), $message);
}
if(strpos($message, '[/email]') !== FALSE) {
$message = preg_replace_callback("/\[email(=([A-Za-z0-9\-_.+]+)@([A-Za-z0-9\-_]+[.][A-Za-z0-9\-_.]+))?\](.+?)\[\/email\]/is", array($this, 'complie_callback_parseemail_14'), $message);
}
$message = str_replace(array(
'[/color]', '[/size]', '[/font]', '[/align]', '[b]', '[/b]',
'[i]', '[/i]', '[u]', '[/u]', '[list]', '[list=1]', '[list=a]',
'[list=A]', '[*]', '[/list]', '[indent]', '[/indent]', '[/float]'
), array(
'</font>', '</font>', '</font>', '</p>', '<strong>', '</strong>', '<i>',
'</i>', '<u>', '</u>', '<ul>', '<ul type="1">', '<ul type="a">',
'<ul type="A">', '<li>', '</ul>', '<blockquote>', '</blockquote>', '</span>'
), preg_replace(array(
"/\[color=([#\w]+?)\]/i",
"/\[size=(\d+?)\]/i",
"/\[size=(\d+(\.\d+)?(px|pt|in|cm|mm|pc|em|ex|%)+?)\]/i",
"/\[font=([^\[\<]+?)\]/i",
"/\[align=(left|center|right)\]/i",
"/\[float=(left|right)\]/i"
), array(
"<font color=\"\\1\">",
"<font size=\"\\1\">",
"<font style=\"font-size: \\1\">",
"<font face=\"\\1 \">",
"<p align=\"\\1\">",
"<span style=\"float: \\1;\">"
), $message));
if(strpos($message, '[/quote]') !== FALSE) {
$message = preg_replace("/\s*\[quote\][\n\r]*(.+?)[\n\r]*\[\/quote\]\s*/is", $this->tpl_quote(), $message);
}
if(strpos($message, '[/img]') !== FALSE) {
$message = preg_replace_callback("/\[img\]\s*([^\[\<\r\n]+?)\s*\[\/img\]/is", array($this, 'complie_callback_bbcodeurl_1'), $message);
$message = preg_replace_callback("/\[img=(\d{1,4})[x|\,](\d{1,4})\]\s*([^\[\<\r\n]+?)\s*\[\/img\]/is", array($this, 'complie_callback_bbcodeurl_312'), $message);
}
for($i = 0; $i <= $this->uccode['pcodecount']; $i++) {
$message = str_replace("[\tUCENTER_CODE_$i\t]", $this->uccode['codehtml'][$i], $message);
}
return nl2br(str_replace(array("\t", ' ', ' '), array('&nbsp; &nbsp; &nbsp; &nbsp; ', '&nbsp; &nbsp;', '&nbsp;&nbsp;'), $message));
}
function complie_callback_codedisp_1($matches) {
return $this->codedisp($matches[1]);
}
function complie_callback_parseurl_15($matches) {
return $this->parseurl($matches[1], $matches[5]);
}
function complie_callback_parseemail_14($matches) {
return $this->parseemail($matches[1], $matches[4]);
}
function complie_callback_bbcodeurl_1($matches) {
return $this->bbcodeurl($matches[1], '<img src="%s" border="0" alt="" />');
}
function complie_callback_bbcodeurl_312($matches) {
return $this->bbcodeurl($matches[3], '<img width="'.$matches[1].'" height="'.$matches[2].'" src="%s" border="0" alt="" />');
}
function parseurl($url, $text) {
if(!$url && preg_match("/((https?|ftp|gopher|news|telnet|rtsp|mms|callto|bctp|ed2k|thunder|synacast){1}:\/\/|www\.)[^\[\"']+/i", trim($text), $matches)) {
$url = $matches[0];
$length = 65;
if(strlen($url) > $length) {
$text = substr($url, 0, intval($length * 0.5)).' ... '.substr($url, - intval($length * 0.3));
}
return '<a href="'.(substr(strtolower($url), 0, 4) == 'www.' ? 'http://'.$url : $url).'" target="_blank">'.$text.'</a>';
} else {
$url = substr($url, 1);
if(substr(strtolower($url), 0, 4) == 'www.') {
$url = 'http://'.$url;
}
return '<a href="'.$url.'" target="_blank">'.$text.'</a>';
}
}
function parseemail($email, $text) {
$text = str_replace('\"', '"', $text);
if(!$email && preg_match("/\s*([A-Za-z0-9\-_.+]+)@([A-Za-z0-9\-_]+[.][A-Za-z0-9\-_.]+)\s*/i", $text, $matches)) {
$email = trim($matches[0]);
return '<a href="mailto:'.$email.'">'.$email.'</a>';
} else {
return '<a href="mailto:'.substr($email, 1).'">'.$text.'</a>';
}
}
function bbcodeurl($url, $tags) {
if(!preg_match("/<.+?>/s", $url)) {
if(!in_array(strtolower(substr($url, 0, 6)), array('http:/', 'https:', 'ftp://', 'rtsp:/', 'mms://'))) {
$url = 'http://'.$url;
}
return str_replace(array('submit', 'logging.php'), array('', ''), sprintf($tags, $url, addslashes($url)));
} else {
return '&nbsp;'.$url;
}
}
function tpl_codedisp($code) {
return '<div class="blockcode"><code id="code'.$this->uccodes['codecount'].'">'.$code.'</code></div>';
}
function tpl_quote() {
return '<div class="quote"><blockquote>\\1</blockquote></div>';
}
}
?>

88
uc_client/lib/ucip.class.php Normal file
View File

@@ -0,0 +1,88 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: ucip.class.php 803 2019-12-19 12:00:00Z community $
*/
class ucip {
function __construct() {
}
public static function validate_ip($ip) {
return filter_var($ip, FILTER_VALIDATE_IP) !== false;
}
public static function check_ip($requestIp, $ips)
{
if (!self::validate_ip($requestIp)) {
return false;
}
if (!\is_array($ips)) {
$ips = [$ips];
}
$method = substr_count($requestIp, ':') > 1 ? 'check_ip6' : 'check_ip4';
foreach ($ips as $ip) {
if (self::$method($requestIp, $ip)) {
return true;
}
}
return false;
}
public static function check_ip6($requestIp, $ip)
{
if (false !== strpos($ip, '/')) {
list($address, $netmask) = explode('/', $ip, 2);
if ('0' === $netmask) {
return (bool) unpack('n*', @inet_pton($address));
}
if ($netmask < 1 || $netmask > 128) {
return false;
}
} else {
$address = $ip;
$netmask = 128;
}
$bytesAddr = unpack('n*', @inet_pton($address));
$bytesTest = unpack('n*', @inet_pton($requestIp));
if (!$bytesAddr || !$bytesTest) {
return false;
}
for ($i = 1, $ceil = ceil($netmask / 16); $i <= $ceil; ++$i) {
$left = $netmask - 16 * ($i - 1);
$left = ($left <= 16) ? $left : 16;
$mask = ~(0xffff >> $left) & 0xffff;
if (($bytesAddr[$i] & $mask) != ($bytesTest[$i] & $mask)) {
return false;
}
}
return true;
}
public static function check_ip4($requestIp, $ip)
{
if (false !== strpos($ip, '/')) {
list($address, $netmask) = explode('/', $ip, 2);
if ('0' === $netmask) {
return false;
}
if ($netmask < 0 || $netmask > 32) {
return false;
}
} else {
$address = $ip;
$netmask = 32;
}
if (false === ip2long($address)) {
return false;
}
return 0 === substr_compare(sprintf('%032b', ip2long($requestIp)), sprintf('%032b', ip2long($address)), 0, $netmask);
}
}
?>

35
uc_client/lib/ucip_getter_dnslist.class.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: ucip_getter_dnslist.class.php 969 2019-12-19 12:00:00Z community $
*/
class ucip_getter_dnslist {
public static function get($s) {
if (empty($s['header']) || empty($s['list'])) {
return $_SERVER['REMOTE_ADDR'];
}
$ip = $_SERVER['REMOTE_ADDR'];
$rdns = gethostbyaddr($ip);
foreach($s['list'] as $host) {
if (preg_match('/'.$host.'$/i', $rdns)) {
if ($s['header'] != 'HTTP_X_FORWARDED_FOR') {
$ip = ucip::validate_ip($_SERVER[$s['header']]) ? $_SERVER[$s['header']] : $ip;
} else {
if (strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ",") > 0) {
$exp = explode(",", $_SERVER['HTTP_X_FORWARDED_FOR']);
$ip = ucip::validate_ip(trim($exp[0])) ? $exp[0] : $ip;
} else {
$ip = ucip::validate_ip($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $ip;
}
}
}
}
return $ip;
}
}

30
uc_client/lib/ucip_getter_header.class.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: ucip_getter_header.class.php 809 2019-12-19 12:00:00Z community $
*/
class ucip_getter_header {
public static function get($s) {
if (empty($s['header'])) {
return $_SERVER['REMOTE_ADDR'];
}
$ip = $_SERVER['REMOTE_ADDR'];
if ($s['header'] != 'HTTP_X_FORWARDED_FOR') {
$ip = ucip::validate_ip($_SERVER[$s['header']]) ? $_SERVER[$s['header']] : $ip;
} else {
if (strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ",") > 0) {
$exp = explode(",", $_SERVER['HTTP_X_FORWARDED_FOR']);
$ip = ucip::validate_ip(trim($exp[0])) ? $exp[0] : $ip;
} else {
$ip = ucip::validate_ip($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $ip;
}
}
return $ip;
}
}

35
uc_client/lib/ucip_getter_iplist.class.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: ucip_getter_iplist.class.php 959 2019-12-19 12:00:00Z community $
*/
class ucip_getter_iplist {
public static function get($s) {
if (empty($s['header']) || empty($s['list'])) {
return $_SERVER['REMOTE_ADDR'];
}
$ip = $_SERVER['REMOTE_ADDR'];
$rdns = gethostbyaddr($ip);
foreach($s['list'] as $host) {
if (ucip::check_ip($ip, $host)) {
if ($s['header'] != 'HTTP_X_FORWARDED_FOR') {
$ip = ucip::validate_ip($_SERVER[$s['header']]) ? $_SERVER[$s['header']] : $ip;
} else {
if (strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ",") > 0) {
$exp = explode(",", $_SERVER['HTTP_X_FORWARDED_FOR']);
$ip = ucip::validate_ip(trim($exp[0])) ? $exp[0] : $ip;
} else {
$ip = ucip::validate_ip($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $ip;
}
}
}
}
return $ip;
}
}

105
uc_client/lib/xml.class.php Normal file
View File

@@ -0,0 +1,105 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: xml.class.php 1059 2011-03-01 07:25:09Z monkey $
*/
function xml_unserialize(&$xml, $isnormal = FALSE) {
$xml_parser = new XML($isnormal);
$data = $xml_parser->parse($xml);
$xml_parser->destruct();
return $data;
}
function xml_serialize($arr, $htmlon = FALSE, $isnormal = FALSE, $level = 1) {
$s = $level == 1 ? "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\r\n<root>\r\n" : '';
$space = str_repeat("\t", $level);
foreach($arr as $k => $v) {
if(!is_array($v)) {
$s .= $space."<item id=\"$k\">".($htmlon ? '<![CDATA[' : '').$v.($htmlon ? ']]>' : '')."</item>\r\n";
} else {
$s .= $space."<item id=\"$k\">\r\n".xml_serialize($v, $htmlon, $isnormal, $level + 1).$space."</item>\r\n";
}
}
$s = preg_replace("/([\x01-\x08\x0b-\x0c\x0e-\x1f])+/", ' ', $s);
return $level == 1 ? $s."</root>" : $s;
}
class XML {
var $parser;
var $document;
var $stack;
var $data;
var $last_opened_tag;
var $isnormal;
var $attrs = array();
var $failed = FALSE;
function __construct($isnormal) {
$this->XML($isnormal);
}
function XML($isnormal) {
$this->isnormal = $isnormal;
$this->parser = xml_parser_create('ISO-8859-1');
xml_parser_set_option($this->parser, XML_OPTION_CASE_FOLDING, false);
xml_set_object($this->parser, $this);
xml_set_element_handler($this->parser, 'open','close');
xml_set_character_data_handler($this->parser, 'data');
}
function destruct() {
xml_parser_free($this->parser);
}
function parse(&$data) {
$this->document = array();
$this->stack = array();
return xml_parse($this->parser, $data, true) && !$this->failed ? $this->document : '';
}
function open($parser, $tag, $attributes) {
$this->data = '';
$this->failed = FALSE;
if(!$this->isnormal) {
if(isset($attributes['id']) && !(isset($this->document[$attributes['id']]) && is_string($this->document[$attributes['id']]))) {
$this->document = &$this->document[$attributes['id']];
} else {
$this->failed = TRUE;
}
} else {
if(!isset($this->document[$tag]) || !is_string($this->document[$tag])) {
$this->document = &$this->document[$tag];
} else {
$this->failed = TRUE;
}
}
$this->stack[] = &$this->document;
$this->last_opened_tag = $tag;
$this->attrs = $attributes;
}
function data($parser, $data) {
if($this->last_opened_tag != NULL) {
$this->data .= $data;
}
}
function close($parser, $tag) {
if($this->last_opened_tag == $tag) {
$this->document = $this->data;
$this->last_opened_tag = NULL;
}
array_pop($this->stack);
if($this->stack) {
$this->document = &$this->stack[count($this->stack)-1];
}
}
}
?>

36
uc_client/model/app.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: app.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class appmodel {
var $db;
var $base;
function __construct(&$base) {
$this->appmodel($base);
}
function appmodel(&$base) {
$this->base = $base;
$this->db = $base->db;
}
function get_apps($col = '*', $where = '') {
$arr = $this->db->fetch_all("SELECT $col FROM ".UC_DBTABLEPRE."applications".($where ? ' WHERE '.$where : ''), 'appid');
foreach($arr as $k => $v) {
isset($v['extra']) && !empty($v['extra']) && $v['extra'] = unserialize($v['extra']);
unset($v['authkey']);
$arr[$k] = $v;
}
return $arr;
}
}
?>

295
uc_client/model/base.php Normal file
View File

@@ -0,0 +1,295 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: base.php 1167 2014-11-03 03:06:21Z hypowang $
*/
!defined('IN_UC') && exit('Access Denied');
if(!function_exists('getgpc')) {
function getgpc($k, $var='G') {
switch($var) {
case 'G': $var = &$_GET; break;
case 'P': $var = &$_POST; break;
case 'C': $var = &$_COOKIE; break;
case 'R': $var = &$_REQUEST; break;
}
return isset($var[$k]) ? $var[$k] : NULL;
}
}
class base {
var $sid;
var $time;
var $onlineip;
var $db;
var $key;
var $settings;
var $cache;
var $_CACHE;
var $app;
var $user = array();
var $input = array();
function __construct() {
$this->base();
}
function base() {
require_once UC_ROOT.'./model/var.php';
base_var::bind($this);
if(empty($this->time)) {
$this->init_var();
$this->init_db();
$this->init_cache();
$this->init_note();
$this->init_mail();
}
}
function init_var() {
$this->time = time();
$this->onlineip = $_SERVER['REMOTE_ADDR'];
if (!defined('UC_ONLYREMOTEADDR') || (defined('UC_ONLYREMOTEADDR') && !constant('UC_ONLYREMOTEADDR'))) {
require_once UC_ROOT.'./lib/ucip.class.php';
if(defined('UC_IPGETTER') && !empty(constant('UC_IPGETTER'))) {
$s = defined('UC_IPGETTER_'.strtoupper(constant('UC_IPGETTER'))) ? (is_string(constant('UC_IPGETTER_'.strtoupper(constant('UC_IPGETTER')))) ? unserialize(constant('UC_IPGETTER_'.strtoupper(constant('UC_IPGETTER')))) : constant('UC_IPGETTER_'.strtoupper(constant('UC_IPGETTER')))) : array();
$c = 'ucip_getter_'.strtolower(constant('UC_IPGETTER'));
require_once UC_ROOT.'./lib/'.$c.'.class.php';
$r = $c::get($s);
$this->onlineip = ucip::validate_ip($r) ? $r : $this->onlineip;
} else if (isset($_SERVER['HTTP_CLIENT_IP']) && ucip::validate_ip($_SERVER['HTTP_CLIENT_IP'])) {
$this->onlineip = $_SERVER['HTTP_CLIENT_IP'];
} elseif(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
if (strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ",") > 0) {
$exp = explode(",", $_SERVER['HTTP_X_FORWARDED_FOR']);
$this->onlineip = ucip::validate_ip(trim($exp[0])) ? $exp[0] : $this->onlineip;
} else {
$this->onlineip = ucip::validate_ip($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $this->onlineip;
}
}
}
$this->app['appid'] = UC_APPID;
}
function init_input($getagent = '') {
}
function init_db() {
require_once UC_ROOT.'lib/dbi.class.php';
$this->db = new ucclient_db();
$this->db->connect(UC_DBHOST, UC_DBUSER, UC_DBPW, '', UC_DBCHARSET, UC_DBCONNECT, UC_DBTABLEPRE);
}
function load($model, $base = NULL, $release = '') {
$base = $base ? $base : $this;
if(empty($_ENV[$model])) {
require_once UC_ROOT."./model/$model.php";
$modelname = $model.'model';
$_ENV[$model] = new $modelname($base);
}
return $_ENV[$model];
}
function date($time, $type = 3) {
if(!$this->settings) {
$this->settings = $this->cache('settings');
}
$format[] = $type & 2 ? (!empty($this->settings['dateformat']) ? $this->settings['dateformat'] : 'Y-n-j') : '';
$format[] = $type & 1 ? (!empty($this->settings['timeformat']) ? $this->settings['timeformat'] : 'H:i') : '';
return gmdate(implode(' ', $format), $time + $this->settings['timeoffset']);
}
function page_get_start($page, $ppp, $totalnum) {
$totalpage = ceil($totalnum / $ppp);
$page = max(1, min($totalpage,intval($page)));
return ($page - 1) * $ppp;
}
function implode($arr) {
return "'".implode("','", (array)$arr)."'";
}
function set_home($uid, $dir = '.') {
$uid = sprintf("%09d", $uid);
$dir1 = substr($uid, 0, 3);
$dir2 = substr($uid, 3, 2);
$dir3 = substr($uid, 5, 2);
!is_dir($dir.'/'.$dir1) && mkdir($dir.'/'.$dir1, 0777) && @touch($dir.'/'.$dir1.'/index.htm');
!is_dir($dir.'/'.$dir1.'/'.$dir2) && mkdir($dir.'/'.$dir1.'/'.$dir2, 0777) && @touch($dir.'/'.$dir1.'/'.$dir2.'/index.htm');
!is_dir($dir.'/'.$dir1.'/'.$dir2.'/'.$dir3) && mkdir($dir.'/'.$dir1.'/'.$dir2.'/'.$dir3, 0777) && @touch($dir.'/'.$dir1.'/'.$dir2.'/'.$dir3.'/index.htm');
}
function get_home($uid) {
$uid = sprintf("%09d", $uid);
$dir1 = substr($uid, 0, 3);
$dir2 = substr($uid, 3, 2);
$dir3 = substr($uid, 5, 2);
return $dir1.'/'.$dir2.'/'.$dir3;
}
function get_avatar($uid, $size = 'big', $type = '') {
$size = in_array($size, array('big', 'middle', 'small')) ? $size : 'big';
$uid = abs(intval($uid));
$uid = sprintf("%09d", $uid);
$dir1 = substr($uid, 0, 3);
$dir2 = substr($uid, 3, 2);
$dir3 = substr($uid, 5, 2);
$typeadd = $type == 'real' ? '_real' : '';
return $dir1.'/'.$dir2.'/'.$dir3.'/'.substr($uid, -2).$typeadd."_avatar_$size.jpg";
}
function &cache($cachefile) {
if(!isset($this->_CACHE[$cachefile])) {
$cachepath = UC_DATADIR.'./cache/'.$cachefile.'.php';
if(!file_exists($cachepath)) {
$this->load('cache');
$_ENV['cache']->updatedata($cachefile);
} else {
include_once $cachepath;
$this->_CACHE[$cachefile] = $_CACHE[$cachefile];
}
}
return $this->_CACHE[$cachefile];
}
function get_setting($k = array(), $decode = FALSE) {
$return = array();
$sqladd = $k ? "WHERE k IN (".$this->implode($k).")" : '';
$settings = $this->db->fetch_all("SELECT * FROM ".UC_DBTABLEPRE."settings $sqladd");
if(is_array($settings)) {
foreach($settings as $arr) {
$return[$arr['k']] = $decode ? unserialize($arr['v']) : $arr['v'];
}
}
return $return;
}
function init_cache() {
$this->settings = $this->cache('settings');
$this->cache['apps'] = $this->cache('apps');
if(PHP_VERSION > '5.1') {
$timeoffset = intval($this->settings['timeoffset'] / 3600);
@date_default_timezone_set('Etc/GMT'.($timeoffset > 0 ? '-' : '+').(abs($timeoffset)));
}
}
function cutstr($string, $length, $dot = ' ...') {
if(strlen($string) <= $length) {
return $string;
}
$string = str_replace(array('&amp;', '&quot;', '&lt;', '&gt;'), array('&', '"', '<', '>'), $string);
$strcut = '';
if(strtolower(UC_CHARSET) == 'utf-8') {
$n = $tn = $noc = 0;
while($n < strlen($string)) {
$t = ord($string[$n]);
if($t == 9 || $t == 10 || (32 <= $t && $t <= 126)) {
$tn = 1; $n++; $noc++;
} elseif(194 <= $t && $t <= 223) {
$tn = 2; $n += 2; $noc += 2;
} elseif(224 <= $t && $t < 239) {
$tn = 3; $n += 3; $noc += 2;
} elseif(240 <= $t && $t <= 247) {
$tn = 4; $n += 4; $noc += 2;
} elseif(248 <= $t && $t <= 251) {
$tn = 5; $n += 5; $noc += 2;
} elseif($t == 252 || $t == 253) {
$tn = 6; $n += 6; $noc += 2;
} else {
$n++;
}
if($noc >= $length) {
break;
}
}
if($noc > $length) {
$n -= $tn;
}
$strcut = substr($string, 0, $n);
} else {
for($i = 0; $i < $length; $i++) {
$strcut .= ord($string[$i]) > 127 ? $string[$i].$string[++$i] : $string[$i];
}
}
$strcut = str_replace(array('&', '"', '<', '>'), array('&amp;', '&quot;', '&lt;', '&gt;'), $strcut);
return $strcut.$dot;
}
function init_note() {
if($this->note_exists()) {
$this->load('note');
$_ENV['note']->send();
}
}
function note_exists() {
if(!is_numeric(constant("UC_APPID"))) {
return NULL;
}
$noteexists = $this->db->result_first("SELECT value FROM ".UC_DBTABLEPRE."vars WHERE name='noteexists".UC_APPID."'");
if(empty($noteexists)) {
return FALSE;
} else {
return TRUE;
}
}
function init_mail() {
if($this->mail_exists() && !getgpc('inajax')) {
$this->load('mail');
$_ENV['mail']->send();
}
}
function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) {
return uc_authcode($string, $operation, $key, $expiry);
}
function unserialize($s) {
return uc_unserialize($s);
}
function input($k) {
return isset($this->input[$k]) ? (is_array($this->input[$k]) ? $this->input[$k] : trim($this->input[$k])) : NULL;
}
function mail_exists() {
$mailexists = $this->db->result_first("SELECT value FROM ".UC_DBTABLEPRE."vars WHERE name='mailexists'");
if(empty($mailexists)) {
return FALSE;
} else {
return TRUE;
}
}
function dstripslashes($string) {
if(is_array($string)) {
foreach($string as $key => $val) {
$string[$key] = $this->dstripslashes($val);
}
} else {
$string = stripslashes($string);
}
return $string;
}
}
?>

93
uc_client/model/cache.php Normal file
View File

@@ -0,0 +1,93 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: cache.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class cachemodel {
var $db;
var $base;
var $map;
function __construct(&$base) {
$this->cachemodel($base);
}
function cachemodel(&$base) {
$this->base = $base;
$this->db = $base->db;
$this->map = array(
'settings' => array('settings'),
'badwords' => array('badwords'),
'apps' => array('apps'),
);
}
function updatedata($cachefile = '') {
if($cachefile) {
foreach((array)$this->map[$cachefile] as $modules) {
$s = "<?php\r\n";
foreach((array)$modules as $m) {
$method = "_get_$m";
$s .= '$_CACHE[\''.$m.'\'] = '.var_export($this->$method(), TRUE).";\r\n";
}
$s .= "\r\n?>";
file_put_contents(UC_DATADIR."./cache/$cachefile.php", $s, LOCK_EX);
}
} else {
foreach((array)$this->map as $file => $modules) {
$s = "<?php\r\n";
foreach($modules as $m) {
$method = "_get_$m";
$s .= '$_CACHE[\''.$m.'\'] = '.var_export($this->$method(), TRUE).";\r\n";
}
$s .= "\r\n?>";
file_put_contents(UC_DATADIR."./cache/$file.php", $s, LOCK_EX);
}
}
}
function updatetpl() {
}
function _get_badwords() {
$data = $this->db->fetch_all("SELECT * FROM ".UC_DBTABLEPRE."badwords");
$return = array();
if(is_array($data)) {
foreach($data as $k => $v) {
$return['findpattern'][$k] = $v['findpattern'];
$return['replace'][$k] = $v['replacement'];
}
}
return $return;
}
function _get_apps() {
$this->base->load('app');
$apps = $_ENV['app']->get_apps();
$apps2 = array();
if(is_array($apps)) {
foreach($apps as $v) {
if(!empty($v['extra'])) {
$v['extra'] = is_array($v['extra']) ? $v['extra'] : unserialize($v['extra']);
}
$apps2[$v['appid']] = $v;
}
}
return $apps2;
}
function _get_settings() {
return $this->base->get_setting();
}
}
?>

56
uc_client/model/domain.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: domain.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class domainmodel {
var $db;
var $base;
function __construct(&$base) {
$this->domainmodel($base);
}
function domainmodel(&$base) {
$this->base = $base;
$this->db = $base->db;
}
function add_domain($domain, $ip) {
if($domain) {
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."domains SET domain='$domain', ip='$ip'");
}
return $this->db->insert_id();
}
function get_total_num() {
$data = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."domains");
return $data;
}
function get_list($page, $ppp, $totalnum) {
$start = $this->base->page_get_start($page, $ppp, $totalnum);
$data = $this->db->fetch_all("SELECT * FROM ".UC_DBTABLEPRE."domains LIMIT $start, $ppp");
return $data;
}
function delete_domain($arr) {
$domainids = $this->base->implode($arr);
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."domains WHERE id IN ($domainids)");
return $this->db->affected_rows();
}
function update_domain($domain, $ip, $id) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."domains SET domain='$domain', ip='$ip' WHERE id='$id'");
return $this->db->affected_rows();
}
}
?>

107
uc_client/model/friend.php Normal file
View File

@@ -0,0 +1,107 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: friend.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class friendmodel {
var $db;
var $base;
function __construct(&$base) {
$this->friendmodel($base);
}
function friendmodel(&$base) {
$this->base = $base;
$this->db = $base->db;
}
function add($uid, $friendid, $comment='') {
$direction = $this->db->result_first("SELECT direction FROM ".UC_DBTABLEPRE."friends WHERE uid='$friendid' AND friendid='$uid' LIMIT 1");
if($direction == 1) {
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."friends SET uid='$uid', friendid='$friendid', comment='$comment', direction='3'", 'SILENT');
$this->db->query("UPDATE ".UC_DBTABLEPRE."friends SET direction='3' WHERE uid='$friendid' AND friendid='$uid'");
return 1;
} elseif($direction == 2) {
return 1;
} elseif($direction == 3) {
return -1;
} else {
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."friends SET uid='$uid', friendid='$friendid', comment='$comment', direction='1'", 'SILENT');
return $this->db->insert_id();
}
}
function delete($uid, $friendids) {
$friendids = $this->base->implode($friendids);
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."friends WHERE uid='$uid' AND friendid IN ($friendids)");
$affectedrows = $this->db->affected_rows();
if($affectedrows > 0) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."friends SET direction=1 WHERE uid IN ($friendids) AND friendid='$uid' AND direction='3'");
}
return $affectedrows;
}
function get_totalnum_by_uid($uid, $direction = 0) {
$sqladd = '';
if($direction == 0) {
$sqladd = "uid='$uid'";
} elseif($direction == 1) {
$sqladd = "uid='$uid' AND direction='1'";
} elseif($direction == 2) {
$sqladd = "friendid='$uid' AND direction='1'";
} elseif($direction == 3) {
$sqladd = "uid='$uid' AND direction='3'";
}
$totalnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."friends WHERE $sqladd");
return $totalnum;
}
function get_list($uid, $page, $pagesize, $totalnum, $direction = 0) {
$start = $this->base->page_get_start($page, $pagesize, $totalnum);
$sqladd = '';
if($direction == 0) {
$sqladd = "f.uid='$uid'";
} elseif($direction == 1) {
$sqladd = "f.uid='$uid' AND f.direction='1'";
} elseif($direction == 2) {
$sqladd = "f.friendid='$uid' AND f.direction='1'";
} elseif($direction == 3) {
$sqladd = "f.uid='$uid' AND f.direction='3'";
}
if($sqladd) {
$data = $this->db->fetch_all("SELECT f.*, m.username FROM ".UC_DBTABLEPRE."friends f LEFT JOIN ".UC_DBTABLEPRE."members m ON f.friendid=m.uid WHERE $sqladd LIMIT $start, $pagesize");
return $data;
} else {
return array();
}
}
function is_friend($uid, $friendids, $direction = 0) {
$friendid_str = implode("', '", $friendids);
$sqladd = '';
if($direction == 0) {
$sqladd = "uid='$uid'";
} elseif($direction == 1) {
$sqladd = "uid='$uid' AND friendid IN ('$friendid_str') AND direction='1'";
} elseif($direction == 2) {
$sqladd = "friendid='$uid' AND uid IN ('$friendid_str') AND direction='1'";
} elseif($direction == 3) {
$sqladd = "uid='$uid' AND friendid IN ('$friendid_str') AND direction='3'";
}
if($this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."friends WHERE $sqladd") == count($friendids)) {
return true;
} else {
return false;
}
}
}
?>

1
uc_client/model/index.htm Normal file
View File

@@ -0,0 +1 @@

150
uc_client/model/mail.php Normal file
View File

@@ -0,0 +1,150 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: mail.php 1139 2012-05-08 09:02:11Z liulanbo $
*/
!defined('IN_UC') && exit('Access Denied');
define('UC_MAIL_REPEAT', 5);
class mailmodel {
var $db;
var $base;
var $apps;
function __construct(&$base) {
$this->mailmodel($base);
}
function mailmodel(&$base) {
$this->base = $base;
$this->db = $base->db;
$this->apps = &$this->base->cache['apps'];
}
function get_total_num() {
$data = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."mailqueue");
return $data;
}
function get_list($page, $ppp, $totalnum) {
$start = $this->base->page_get_start($page, $ppp, $totalnum);
$data = $this->db->fetch_all("SELECT m.*, u.username, u.email FROM ".UC_DBTABLEPRE."mailqueue m LEFT JOIN ".UC_DBTABLEPRE."members u ON m.touid=u.uid ORDER BY dateline DESC LIMIT $start, $ppp");
foreach((array)$data as $k => $v) {
$data[$k]['subject'] = dhtmlspecialchars($v['subject']);
$data[$k]['tomail'] = empty($v['tomail']) ? $v['email'] : $v['tomail'];
$data[$k]['dateline'] = $v['dateline'] ? $this->base->date($data[$k]['dateline']) : '';
$data[$k]['appname'] = $this->base->cache['apps'][$v['appid']]['name'];
}
return $data;
}
function delete_mail($ids) {
$ids = $this->base->implode($ids);
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."mailqueue WHERE mailid IN ($ids)");
return $this->db->affected_rows();
}
function add($mail) {
if($mail['level']) {
$sql = "INSERT INTO ".UC_DBTABLEPRE."mailqueue (touid, tomail, subject, message, frommail, charset, htmlon, level, dateline, failures, appid) VALUES ";
$values_arr = array();
foreach($mail['uids'] as $uid) {
if(empty($uid)) continue;
$uid = intval($uid);
$values_arr[] = "('$uid', '', '{$mail['subject']}', '{$mail['message']}', '{$mail['frommail']}', '{$mail['charset']}', '{$mail['htmlon']}', '{$mail['level']}', '{$mail['dateline']}', '0', '{$mail['appid']}')";
}
foreach($mail['emails'] as $email) {
if(empty($email)) continue;
$values_arr[] = "('', '$email', '{$mail['subject']}', '{$mail['message']}', '{$mail['frommail']}', '{$mail['charset']}', '{$mail['htmlon']}', '{$mail['level']}', '{$mail['dateline']}', '0', '{$mail['appid']}')";
}
$sql .= implode(',', $values_arr);
$this->db->query($sql);
$insert_id = $this->db->insert_id();
$insert_id && $this->db->query("REPLACE INTO ".UC_DBTABLEPRE."vars SET name='mailexists', value='1'");
return $insert_id;
} else {
$mail['email_to'] = array();
$uids = 0;
foreach($mail['uids'] as $uid) {
if(empty($uid)) continue;
$uids .= ','.intval($uid);
}
$users = $this->db->fetch_all("SELECT uid, username, email FROM ".UC_DBTABLEPRE."members WHERE uid IN ($uids)");
foreach($users as $v) {
$mail['email_to'][] = $v['username'].'<'.$v['email'].'>';
}
foreach($mail['emails'] as $email) {
if(empty($email)) continue;
$mail['email_to'][] = $email;
}
$mail['message'] = str_replace('\"', '"', $mail['message']);
$mail['email_to'] = implode(',', $mail['email_to']);
return $this->send_one_mail($mail);
}
}
function send() {
register_shutdown_function(array($this, '_send'));
}
function _send() {
$mail = $this->_get_mail();
if(empty($mail)) {
$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."vars SET name='mailexists', value='0'");
return NULL;
} else {
$mail['email_to'] = $mail['tomail'] ? $mail['tomail'] : $mail['username'].'<'.$mail['email'].'>';
if($this->send_one_mail($mail)) {
$this->_delete_one_mail($mail['mailid']);
return true;
} else {
$this->_update_failures($mail['mailid']);
return false;
}
}
}
function send_by_id($mailid) {
if ($this->send_one_mail($this->_get_mail_by_id($mailid))) {
$this->_delete_one_mail($mailid);
return true;
}
}
function send_one_mail($mail) {
if(empty($mail)) return;
$mail['email_to'] = $mail['email_to'] ? $mail['email_to'] : $mail['username'].'<'.$mail['email'].'>';
$mail_setting = $this->base->settings;
return include UC_ROOT.'lib/sendmail.inc.php';
}
function _get_mail() {
$data = $this->db->fetch_first("SELECT m.*, u.username, u.email FROM ".UC_DBTABLEPRE."mailqueue m LEFT JOIN ".UC_DBTABLEPRE."members u ON m.touid=u.uid WHERE failures<'".UC_MAIL_REPEAT."' ORDER BY level DESC, mailid ASC LIMIT 1");
return $data;
}
function _get_mail_by_id($mailid) {
$data = $this->db->fetch_first("SELECT m.*, u.username, u.email FROM ".UC_DBTABLEPRE."mailqueue m LEFT JOIN ".UC_DBTABLEPRE."members u ON m.touid=u.uid WHERE mailid='$mailid'");
return $data;
}
function _delete_one_mail($mailid) {
$mailid = intval($mailid);
return $this->db->query("DELETE FROM ".UC_DBTABLEPRE."mailqueue WHERE mailid='$mailid'");
}
function _update_failures($mailid) {
$mailid = intval($mailid);
return $this->db->query("UPDATE ".UC_DBTABLEPRE."mailqueue SET failures=failures+1 WHERE mailid='$mailid'");
}
}
?>

221
uc_client/model/misc.php Normal file
View File

@@ -0,0 +1,221 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: misc.php 1127 2011-12-14 04:24:58Z svn_project_zhangjie $
*/
!defined('IN_UC') && exit('Access Denied');
define('UC_ARRAY_SEP_1', 'UC_ARRAY_SEP_1');
define('UC_ARRAY_SEP_2', 'UC_ARRAY_SEP_2');
class miscmodel {
var $db;
var $base;
function __construct(&$base) {
$this->miscmodel($base);
}
function miscmodel(&$base) {
$this->base = $base;
$this->db = $base->db;
}
function get_apps($col = '*', $where = '') {
$arr = $this->db->fetch_all("SELECT $col FROM ".UC_DBTABLEPRE."applications".($where ? ' WHERE '.$where : ''));
return $arr;
}
function delete_apps($appids) {
}
function update_app($appid, $name, $url, $authkey, $charset, $dbcharset) {
}
function alter_app_table($appid, $operation = 'ADD') {
}
function get_host_by_url($url) {
}
function check_url($url) {
}
function check_ip($ip) {
}
function test_api($url, $ip = '') {
}
function dfopen2($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $ip = '', $timeout = 15, $block = TRUE, $encodetype = 'URLENCODE', $allowcurl = TRUE) {
$__times__ = isset($_GET['__times__']) ? intval($_GET['__times__']) + 1 : 1;
if($__times__ > 2) {
return '';
}
$url .= (strpos($url, '?') === FALSE ? '?' : '&')."__times__=$__times__";
return $this->dfopen($url, $limit, $post, $cookie, $bysocket, $ip, $timeout, $block, $encodetype, $allowcurl);
}
function dfopen($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $ip = '', $timeout = 15, $block = TRUE, $encodetype = 'URLENCODE', $allowcurl = TRUE) {
$return = '';
$matches = parse_url($url);
$scheme = strtolower($matches['scheme']);
$host = $matches['host'];
$path = !empty($matches['path']) ? $matches['path'].(!empty($matches['query']) ? '?'.$matches['query'] : '') : '/';
$port = !empty($matches['port']) ? $matches['port'] : ($scheme == 'https' ? 443 : 80);
if(function_exists('curl_init') && function_exists('curl_exec') && $allowcurl) {
$ch = curl_init();
$ip && curl_setopt($ch, CURLOPT_HTTPHEADER, array("Host: ".$host));
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
if(!empty($ip) && filter_var($ip, FILTER_VALIDATE_IP) && !filter_var($host, FILTER_VALIDATE_IP) && version_compare(PHP_VERSION, '5.5.0', 'ge')) {
curl_setopt($ch, CURLOPT_RESOLVE, array("$host:$port:$ip"));
curl_setopt($ch, CURLOPT_URL, $scheme.'://'.$host.':'.$port.$path);
} else {
curl_setopt($ch, CURLOPT_URL, $scheme.'://'.($ip ? $ip : $host).':'.$port.$path);
}
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
if($post) {
curl_setopt($ch, CURLOPT_POST, 1);
if($encodetype == 'URLENCODE') {
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
} else {
parse_str($post, $postarray);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postarray);
}
}
if($cookie) {
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
}
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$data = curl_exec($ch);
$status = curl_getinfo($ch);
$errno = curl_errno($ch);
curl_close($ch);
if($errno || $status['http_code'] != 200) {
return;
} else {
return !$limit ? $data : substr($data, 0, $limit);
}
}
if($post) {
$out = "POST $path HTTP/1.0\r\n";
$header = "Accept: */*\r\n";
$header .= "Accept-Language: zh-cn\r\n";
if($allowcurl) {
$encodetype = 'URLENCODE';
}
$boundary = $encodetype == 'URLENCODE' ? '' : '; boundary='.trim(substr(trim($post), 2, strpos(trim($post), "\n") - 2));
$header .= $encodetype == 'URLENCODE' ? "Content-Type: application/x-www-form-urlencoded\r\n" : "Content-Type: multipart/form-data$boundary\r\n";
$header .= "User-Agent: {$_SERVER['HTTP_USER_AGENT']}\r\n";
$header .= "Host: $host:$port\r\n";
$header .= 'Content-Length: '.strlen($post)."\r\n";
$header .= "Connection: Close\r\n";
$header .= "Cache-Control: no-cache\r\n";
$header .= "Cookie: $cookie\r\n\r\n";
$out .= $header.$post;
} else {
$out = "GET $path HTTP/1.0\r\n";
$header = "Accept: */*\r\n";
$header .= "Accept-Language: zh-cn\r\n";
$header .= "User-Agent: {$_SERVER['HTTP_USER_AGENT']}\r\n";
$header .= "Host: $host:$port\r\n";
$header .= "Connection: Close\r\n";
$header .= "Cookie: $cookie\r\n\r\n";
$out .= $header;
}
$fpflag = 0;
$context = array();
if($scheme == 'https') {
$context['ssl'] = array(
'verify_peer' => false,
'verify_peer_name' => false,
'peer_name' => $host
);
if(version_compare(PHP_VERSION, '5.6.0', '<')) {
$context['ssl']['SNI_enabled'] = true;
$context['ssl']['SNI_server_name'] = $host;
}
}
if(ini_get('allow_url_fopen')) {
$context['http'] = array(
'method' => $post ? 'POST' : 'GET',
'header' => $header,
'timeout' => $timeout
);
if($post) {
$context['http']['content'] = $post;
}
$context = stream_context_create($context);
$fp = @fopen($scheme.'://'.($ip ? $ip : $host).':'.$port.$path, 'b', false, $context);
$fpflag = 1;
} elseif(function_exists('stream_socket_client')) {
$context = stream_context_create($context);
$fp = @stream_socket_client(($scheme == 'https' ? 'ssl://' : '').($ip ? $ip : $host).':'.$port, $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, $context);
} else {
$fp = @fsocketopen(($scheme == 'https' ? 'ssl://' : '').($scheme == 'https' ? $host : ($ip ? $ip : $host)), $port, $errno, $errstr, $timeout);
}
if(!$fp) {
return '';
} else {
stream_set_blocking($fp, $block);
stream_set_timeout($fp, $timeout);
if(!$fpflag) {
@fwrite($fp, $out);
}
$status = stream_get_meta_data($fp);
if(!$status['timed_out']) {
while (!feof($fp) && !$fpflag) {
if(($header = @fgets($fp)) && ($header == "\r\n" || $header == "\n")) {
break;
}
}
$stop = false;
while(!feof($fp) && !$stop) {
$data = fread($fp, ($limit == 0 || $limit > 8192 ? 8192 : $limit));
$return .= $data;
if($limit) {
$limit -= strlen($data);
$stop = $limit <= 0;
}
}
}
@fclose($fp);
return $return;
}
}
function array2string($arr) {
$s = $sep = '';
if($arr && is_array($arr)) {
foreach($arr as $k => $v) {
$s .= $sep.addslashes($k).UC_ARRAY_SEP_1.$v;
$sep = UC_ARRAY_SEP_2;
}
}
return $s;
}
function string2array($s) {
$arr = explode(UC_ARRAY_SEP_2, $s);
$arr2 = array();
foreach($arr as $k => $v) {
list($key, $val) = explode(UC_ARRAY_SEP_1, $v);
$arr2[$key] = $val;
}
return $arr2;
}
}
?>

199
uc_client/model/note.php Normal file
View File

@@ -0,0 +1,199 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: note.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
define('UC_NOTE_REPEAT', 5);
define('UC_NOTE_TIMEOUT', 15);
define('UC_NOTE_GC', 10000);
define('API_RETURN_FAILED', '-1');
class notemodel {
var $db;
var $base;
var $apps;
var $operations = array();
var $notetype = 'HTTP';
function __construct(&$base) {
$this->notemodel($base);
}
function notemodel(&$base) {
$this->base = $base;
$this->db = $base->db;
$this->apps = $this->base->cache('apps');
$this->operations = array(
'test'=>array('', 'action=test'),
'deleteuser'=>array('', 'action=deleteuser'),
'renameuser'=>array('', 'action=renameuser'),
'deletefriend'=>array('', 'action=deletefriend'),
'gettag'=>array('', 'action=gettag', 'tag', 'updatedata'),
'getcreditsettings'=>array('', 'action=getcreditsettings'),
'getcredit'=>array('', 'action=getcredit'),
'updatecreditsettings'=>array('', 'action=updatecreditsettings'),
'updateclient'=>array('', 'action=updateclient'),
'updatepw'=>array('', 'action=updatepw'),
'updatebadwords'=>array('', 'action=updatebadwords'),
'updatehosts'=>array('', 'action=updatehosts'),
'updateapps'=>array('', 'action=updateapps'),
'updatecredit'=>array('', 'action=updatecredit'),
);
}
function get_total_num($all = TRUE) {
}
function get_list($page, $ppp, $totalnum, $all = TRUE) {
}
function delete_note($ids) {
}
function add($operation, $getdata='', $postdata='', $appids=array(), $pri = 0) {
$extra = $varextra = '';
$appadd = $varadd = array();
foreach((array)$this->apps as $appid => $app) {
$appid = $app['appid'];
if($appid == intval($appid)) {
if($appids && !in_array($appid, $appids)) {
$appadd[] = 'app'.$appid."='1'";
} else {
$varadd[] = "('noteexists{$appid}', '1')";
}
}
}
if($appadd) {
$extra = implode(',', $appadd);
$extra = $extra ? ', '.$extra : '';
}
if($varadd) {
$varextra = implode(', ', $varadd);
$varextra = $varextra ? ', '.$varextra : '';
}
$getdata = addslashes($getdata);
$postdata = addslashes($postdata);
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."notelist SET getdata='$getdata', operation='$operation', pri='$pri', postdata='$postdata'$extra");
$insert_id = $this->db->insert_id();
$insert_id && $this->db->query("REPLACE INTO ".UC_DBTABLEPRE."vars (name, value) VALUES ('noteexists', '1')$varextra");
return $insert_id;
}
function send() {
register_shutdown_function(array($this, '_send'));
}
function _send() {
if(!is_numeric(constant("UC_APPID"))) {
return NULL;
}
$note = $this->_get_note();
if(empty($note)) {
$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."vars SET name='noteexists".UC_APPID."', value='0'");
return NULL;
}
$this->sendone(UC_APPID, 0, $note);
$this->_gc();
}
function sendone($appid, $noteid = 0, $note = '') {
require_once UC_ROOT.'./lib/xml.class.php';
$return = FALSE;
$app = $this->apps[$appid];
if($noteid) {
$note = $this->_get_note_by_id($noteid);
}
$this->base->load('misc');
$apifilename = isset($app['apifilename']) && $app['apifilename'] ? $app['apifilename'] : 'uc.php';
if(((defined('UC_STANDALONE') && !empty(constant('UC_STANDALONE'))) || (defined('IN_DISCUZ') && in_array($note['operation'], array('deleteuser', 'renameuser', 'updatepw')))) && @include UC_ROOT.'./extend_client.php') {
$uc_note = new uc_note_handler();
$method = $note['operation'];
if(is_string($method) && !empty($method)) {
parse_str($note['getdata'], $note['getdata']);
$note['postdata'] = xml_unserialize($note['postdata']);
$response = $uc_note->$method($note['getdata'], $note['postdata']);
}
unset($uc_note);
} else {
$url = $this->get_url_code($note['operation'], $note['getdata'], $appid);
$note['postdata'] = str_replace(array("\n", "\r"), '', $note['postdata']);
$response = trim($_ENV['misc']->dfopen2($url, 0, $note['postdata'], '', 1, $app['ip'], UC_NOTE_TIMEOUT, TRUE));
}
$returnsucceed = $response != '' && ($response == 1 || is_array(xml_unserialize($response)));
$closedsqladd = $this->_close_note($note, $this->apps, $returnsucceed, $appid) ? ",closed='1'" : '';
if($returnsucceed) {
if($this->operations[$note['operation']][2]) {
$this->base->load($this->operations[$note['operation']][2]);
$func = $this->operations[$note['operation']][3];
$_ENV[$this->operations[$note['operation']][2]]->$func($appid, $response);
}
$this->db->query("UPDATE ".UC_DBTABLEPRE."notelist SET app$appid='1', totalnum=totalnum+1, succeednum=succeednum+1, dateline='{$this->base->time}' $closedsqladd WHERE noteid='{$note['noteid']}'", 'SILENT');
$return = TRUE;
} else {
$this->db->query("UPDATE ".UC_DBTABLEPRE."notelist SET app$appid = app$appid-'1', totalnum=totalnum+1, dateline='{$this->base->time}' $closedsqladd WHERE noteid='{$note['noteid']}'", 'SILENT');
$return = FALSE;
}
return $return;
}
function _get_note() {
if(!is_numeric(constant("UC_APPID"))) {
return NULL;
}
$app_field = 'app'.UC_APPID;
$data = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."notelist WHERE closed='0' AND $app_field<'1' AND $app_field>'-".UC_NOTE_REPEAT."' LIMIT 1");
return $data;
}
function _gc() {
rand(0, UC_NOTE_GC) == 0 && $this->db->query("DELETE FROM ".UC_DBTABLEPRE."notelist WHERE closed='1'");
}
function _close_note($note, $apps, $returnsucceed, $appid) {
$note['app'.$appid] = $returnsucceed ? 1 : $note['app'.$appid] - 1;
$appcount = count($apps);
foreach($apps as $key => $app) {
$appstatus = $note['app'.$app['appid']];
if(!$app['recvnote'] || $appstatus == 1 || $appstatus <= -UC_NOTE_REPEAT) {
$appcount--;
}
}
if($appcount < 1) {
return TRUE;
}
}
function _get_note_by_id($noteid) {
$data = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."notelist WHERE noteid='$noteid'");
return $data;
}
function get_url_code($operation, $getdata, $appid) {
$app = $this->apps[$appid];
$authkey = UC_KEY;
$url = $app['url'];
$apifilename = isset($app['apifilename']) && $app['apifilename'] ? $app['apifilename'] : 'uc.php';
$action = $this->operations[$operation][1];
$code = urlencode($this->base->authcode("$action&".($getdata ? "$getdata&" : '')."time=".$this->base->time, 'ENCODE', $authkey));
return $url."/api/$apifilename?code=$code";
}
}
?>

868
uc_client/model/pm.php Normal file
View File

@@ -0,0 +1,868 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: pm.php 1160 2013-10-24 08:04:45Z jeffjzhang $
*/
!defined('IN_UC') && exit('Access Denied');
define('PMINBALCKLIST_ERROR', -6);
define('PMSENDSELF_ERROR', -8);
define('PMSENDNONE_ERROR', -9);
define('PMSENDCHATNUM_ERROR', -10);
define('PMTHREADNONE_ERROR', -11);
define('PMPRIVILEGENONE_ERROR', -12);
define('PMCHATTYPE_ERROR', -13);
define('PMUIDTYPE_ERROR', -14);
define('PMDATA_ERROR', -15);
class pmmodel {
var $db;
var $base;
function __construct(&$base) {
$this->pmmodel($base);
}
function pmmodel(&$base) {
$this->base = $base;
$this->db = $base->db;
}
function pmintval($pmid) {
return @is_numeric($pmid) ? $pmid : 0;
}
function getpmbypmid($uid, $pmid) {
if(!$pmid) {
return array();
}
$arr = array();
$pm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_indexes i LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=i.plid WHERE i.pmid='$pmid'");
if($this->isprivilege($pm['plid'], $uid)) {
$pms = $this->db->fetch_all("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($pm['plid'])." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=p.plid WHERE p.pmid='{$pm['pmid']}'");
$arr = $this->getpostlist($pms);
}
return $arr;
}
function isprivilege($plid, $uid) {
if(!$plid || !$uid) {
return true;
}
$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$uid'");
if($this->db->fetch_array($query)) {
return true;
} else {
return false;
}
}
function getpmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp, $type = 0) {
if(!$type) {
$pm = $this->getprivatepmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp);
} else {
$pm = $this->getchatpmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp);
}
return $this->getpostlist($pm);
}
function getpostlist($list) {
if(empty($list)) {
return array();
}
$authoridarr = $authorarr = array();
foreach($list as $key => $value) {
$authoridarr[$value['authorid']] = $value['authorid'];
}
if($authoridarr) {
$this->base->load('user');
$authorarr = $_ENV['user']->id2name($authoridarr);
}
foreach($list as $key => $value) {
if($value['pmtype'] == 1) {
$users = explode('_', $value['min_max']);
if($value['authorid'] == $users[0]) {
$value['touid'] = $users[1];
} else {
$value['touid'] = $users[0];
}
} else {
$value['touid'] = 0;
}
$value['author'] = $authorarr[$value['authorid']];
$value['msgfromid'] = $value['authorid'];
$value['msgfrom'] = $value['author'];
$value['msgtoid'] = $value['touid'];
unset($value['min_max']);
unset($value['delstatus']);
unset($value['lastmessage']);
$list[$key] = $value;
}
return $list;
}
function setpmstatus($uid, $touids, $plids, $status = 0) {
if(!$uid) {
return false;
}
if(!$status) {
$oldstatus = 1;
$newstatus = 0;
} else {
$oldstatus = 0;
$newstatus = 1;
}
if($touids) {
foreach($touids as $key => $value) {
if($uid == $value || !$value || !preg_match("/^[0-9]+$/", $value)) {
return false;
}
$relastionship[] = $this->relationship($uid, $value);
}
$plid = $plidpostarr = array();
$query = $this->db->query("SELECT plid FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max IN (".$this->base->implode($relationship).")");
while($thread = $this->db->fetch_array($query)) {
$plidarr[] = $thread['plid'];
}
if($plidarr) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew='$newstatus' WHERE plid IN (".$this->base->implode($plidarr).") AND uid='$uid' AND isnew='$oldstatus'");
}
}
if($plids) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew='$newstatus' WHERE plid IN (".$this->base->implode($plids).") AND uid='$uid' AND isnew='$oldstatus'");
}
return true;
}
function set_ignore($uid) {
return $this->db->query("DELETE FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'");
}
function isnewpm($uid) {
return $this->db->result_first("SELECT uid FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'");
}
function lastpm($uid) {
$lastpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE m.uid='$uid' ORDER BY m.lastdateline DESC LIMIT 1");
$lastmessage = unserialize($lastpm['lastmessage']);
if($lastmessage['lastauthorid']) {
$lastpm['lastauthorid'] = $lastmessage['lastauthorid'];
$lastpm['lastauthor'] = $lastmessage['lastauthor'];
$lastpm['lastsummary'] = $lastmessage['lastsummary'];
} else {
$lastpm['lastauthorid'] = $lastmessage['firstauthorid'];
$lastpm['lastauthor'] = $lastmessage['firstauthor'];
$lastpm['lastsummary'] = $lastmessage['firstsummary'];
}
return $lastpm;
}
function getpmnum($uid, $type = 0, $isnew = 0) {
$newsql = '';
$newnum = 0;
if($isnew) {
$newsql = 'AND m.isnew=1';
}
if(!$type) {
$newnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m WHERE m.uid='$uid' $newsql");
} else {
$newnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=m.plid WHERE m.uid='$uid' $newsql AND t.pmtype='$type'");
}
return $newnum;
}
function getpmnumbyplid($uid, $plid) {
return $this->db->result_first("SELECT pmnum FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$uid'");
}
function sendpm($fromuid, $fromusername, $touids, $subject, $message, $type = 0) {
if(!$fromuid || !$fromusername || !$touids || !$message) {
return 0;
}
$touids = array_unique($touids);
$relationship = $existplid = $pm_member_insertsql = array();
$this->base->load('user');
$tmptouidarr = $touids;
$blackls = $this->get_blackls($fromuid, $touids);
foreach($tmptouidarr as $key => $value) {
if($fromuid == $value || !$value) {
return PMSENDSELF_ERROR;
}
if(in_array('{ALL}', $blackls[$value])) {
unset($touids[$key]);
continue;
}
$blackls[$value] = $_ENV['user']->name2id($blackls[$value]);
if(!(isset($blackls[$value]) && !in_array($fromuid, $blackls[$value]))) {
unset($touids[$key]);
} else {
$relationship[$value] = $this->relationship($fromuid, $value);
}
}
if(empty($touids)) {
return PMSENDNONE_ERROR;
}
if($type == 1 && count($touids) < 2) {
return PMSENDCHATNUM_ERROR;
}
$_CACHE['badwords'] = $this->base->cache('badwords');
if($_CACHE['badwords']['findpattern']) {
$subject = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $subject);
$message = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $message);
}
if(!$subject) {
$subject = $this->removecode(trim($message), 80);
} else {
$subject = dhtmlspecialchars($subject);
}
$lastsummary = addslashes($this->removecode(trim(stripslashes($message)), 150));
$subject = addslashes($subject);
if(!$type) {
$query = $this->db->query("SELECT plid, min_max FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max IN (".$this->base->implode($relationship).")");
while($thread = $this->db->fetch_array($query)) {
$existplid[$thread['min_max']] = $thread['plid'];
}
$lastmessage = array('lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary);
$lastmessage = addslashes(serialize($lastmessage));
foreach($relationship as $key => $value) {
if(!isset($existplid[$value])) {
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_lists(authorid, pmtype, subject, members, min_max, dateline, lastmessage) VALUES('$fromuid', '1', '$subject', 2, '$value', '".$this->base->time."', '$lastmessage')");
$plid = $this->db->insert_id();
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
$pmid = $this->db->insert_id();
$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$key', '1', '1', '0', '".$this->base->time."')");
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')");
} else {
$plid = $existplid[$value];
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
$pmid = $this->db->insert_id();
$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
$result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$key', '1', '1', '0', '".$this->base->time."')", 'SILENT');
if(!$result) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$key'");
}
$result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')", 'SILENT');
if(!$result) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, pmnum=pmnum+1, lastupdate='".$this->base->time."', lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'");
}
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET lastmessage='$lastmessage' WHERE plid='$plid'");
}
}
} else {
$lastmessage = array('firstauthorid' => $fromuid, 'firstauthor' => $fromusername, 'firstsummary' => $lastsummary);
$lastmessage = addslashes(serialize($lastmessage));
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_lists(authorid, pmtype, subject, members, min_max, dateline, lastmessage) VALUES('$fromuid', '2', '$subject', '".(count($touids)+1)."', '', '".$this->base->time."', '$lastmessage')");
$plid = $this->db->insert_id();
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
$pmid = $this->db->insert_id();
$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
$pm_member_insertsql[] = "('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')";
foreach($touids as $key => $value) {
$pm_member_insertsql[] = "('$plid', '$value', '1', '1', '0', '".$this->base->time."')";
}
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES ".implode(',', $pm_member_insertsql));
}
$newpm = array();
foreach($touids as $key => $value) {
$newpm[] = "('$value')";
}
$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."newpm(uid) VALUES ".implode(',', $newpm));
return $pmid;
}
function replypm($plid, $fromuid, $fromusername, $message) {
if(!$plid || !$fromuid || !$fromusername || !$message) {
return 0;
}
$threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
if(empty($threadpm)) {
return PMTHREADNONE_ERROR;
}
if($threadpm['pmtype'] == 1) {
$users = explode('_', $threadpm['min_max']);
if($users[0] == $fromuid) {
$touid = $users[1];
} elseif($users[1] == $fromuid) {
$touid = $users[0];
} else {
return PMPRIVILEGENONE_ERROR;
}
$blackls = $this->get_blackls($fromuid, $touid);
if(in_array('{ALL}', $blackls[$touid])) {
return PMINBALCKLIST_ERROR;
}
$this->base->load('user');
$blackls[$touid] = $_ENV['user']->name2id($blackls[$touid]);
if(!(isset($blackls[$touid]) && !in_array($fromuid, $blackls[$touid]))) {
return PMINBALCKLIST_ERROR;
}
}
$memberuid = array();
$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
while($member = $this->db->fetch_array($query)) {
$memberuid[$member['uid']] = "('{$member['uid']}')";
}
if(!isset($memberuid[$fromuid])) {
return PMPRIVILEGENONE_ERROR;
}
$_CACHE['badwords'] = $this->base->cache('badwords');
if($_CACHE['badwords']['findpattern']) {
$message = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $message);
}
$lastsummary = addslashes($this->removecode(trim(stripslashes($message)), 150));
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
$pmid = $this->db->insert_id();
$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
if($threadpm['pmtype'] == 1) {
$lastmessage = array('lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary);
$lastmessage = addslashes(serialize($lastmessage));
$result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$touid', '1', '1', '0', '".$this->base->time."')", 'SILENT');
if(!$result) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$touid'");
}
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, pmnum=pmnum+1, lastupdate='".$this->base->time."', lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'");
} else {
$lastmessage = unserialize($threadpm['lastmessage']);
$lastmessage = array('firstauthorid' => $lastmessage['firstauthorid'], 'firstauthor' => $lastmessage['firstauthor'], 'firstsummary' => $lastmessage['firstsummary'], 'lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary);
$lastmessage = addslashes(serialize($lastmessage));
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid'");
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, lastupdate='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'");
}
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET lastmessage='$lastmessage' WHERE plid='$plid'");
$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."newpm(uid) VALUES ".implode(',', $memberuid)."");
return $pmid;
}
function appendchatpm($plid, $uid, $touid) {
if(!$plid || !$uid || !$touid) {
return 0;
}
$threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
if(empty($threadpm)) {
return PMTHREADNONE_ERROR;
}
if($threadpm['pmtype'] != 2) {
return PMCHATTYPE_ERROR;
}
if($threadpm['authorid'] != $uid) {
return PMPRIVILEGENONE_ERROR;
}
$blackls = $this->get_blackls($uid, $touid);
if(in_array('{ALL}', $blackls[$touid])) {
return PMINBALCKLIST_ERROR;
}
$this->base->load('user');
$blackls[$touid] = $_ENV['user']->name2id($blackls[$touid]);
if(!(isset($blackls[$touid]) && !in_array($uid, $blackls[$touid]))) {
return PMINBALCKLIST_ERROR;
}
$pmnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." WHERE plid='$plid'");
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$touid', '1', '$pmnum', '0', '0')", 'SILENT');
$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members='$num' WHERE plid='$plid'");
return 1;
}
function kickchatpm($plid, $uid, $touid) {
if(!$uid || !$touid || !$plid || $uid == $touid) {
return 0;
}
$threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
if($threadpm['pmtype'] != 2) {
return PMCHATTYPE_ERROR;
}
if($threadpm['authorid'] != $uid) {
return PMPRIVILEGENONE_ERROR;
}
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$touid'");
$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members='$num' WHERE plid='$plid'");
return 1;
}
function quitchatpm($uid, $plids) {
if(!$uid || !$plids) {
return 0;
}
$list = array();
$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE m.plid IN (".$this->base->implode($plids).") AND m.uid='$uid'");
while($threadpm = $this->db->fetch_array($query)) {
if($threadpm['pmtype'] != 2) {
return PMCHATTYPE_ERROR;
}
if($threadpm['authorid'] == $uid) {
return PMPRIVILEGENONE_ERROR;
}
$list[] = $threadpm['plid'];
}
if($list) {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid IN (".$this->base->implode($list).") AND uid='$uid'");
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members=members-1 WHERE plid IN (".$this->base->implode($list).")");
}
return 1;
}
function deletepmbypmid($uid, $pmid) {
if(!$uid || !$pmid) {
return 0;
}
$index = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_indexes i LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON i.plid=t.plid WHERE i.pmid='$pmid'");
if($index['pmtype'] != 1) {
return PMUIDTYPE_ERROR;
}
$users = explode('_', $index['min_max']);
if(!in_array($uid, $users)) {
return PMPRIVILEGENONE_ERROR;
}
if($index['authorid'] != $uid) {
$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." SET delstatus=2 WHERE pmid='$pmid' AND delstatus=0");
$updatenum = $this->db->affected_rows();
$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE pmid='$pmid' AND delstatus=1");
$deletenum = $this->db->affected_rows();
} else {
$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." SET delstatus=1 WHERE pmid='$pmid' AND delstatus=0");
$updatenum = $this->db->affected_rows();
$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE pmid='$pmid' AND delstatus=2");
$deletenum = $this->db->affected_rows();
}
if(!$this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE plid='{$index['plid']}'")) {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='{$index['plid']}'");
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='{$index['plid']}'");
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='{$index['plid']}'");
} else {
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET pmnum=pmnum-".($updatenum + $deletenum)." WHERE plid='".$index['plid']."' AND uid='$uid'");
}
return 1;
}
function deletepmbypmids($uid, $pmids) {
if($pmids) {
foreach($pmids as $key => $pmid) {
$this->deletepmbypmid($uid, $pmid);
}
}
return 1;
}
function deletepmbyplid($uid, $plid, $isuser = 0) {
if(!$uid || !$plid) {
return 0;
}
if($isuser) {
$relationship = $this->relationship($uid, $plid);
$sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max='$relationship'";
} else {
$sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'";
}
$query = $this->db->query($sql);
if($list = $this->db->fetch_array($query)) {
if($list['pmtype'] == 1) {
$user = explode('_', $list['min_max']);
if(!in_array($uid, $user)) {
return PMPRIVILEGENONE_ERROR;
}
} else {
if($uid != $list['authorid']) {
return PMPRIVILEGENONE_ERROR;
}
}
} else {
return PMTHREADNONE_ERROR;
}
if($list['pmtype'] == 1) {
if($uid == $list['authorid']) {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='{$list['plid']}' AND delstatus=2");
$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." SET delstatus=1 WHERE plid='{$list['plid']}' AND delstatus=0");
} else {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='{$list['plid']}' AND delstatus=1");
$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." SET delstatus=2 WHERE plid='{$list['plid']}' AND delstatus=0");
}
$count = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='{$list['plid']}'");
if(!$count) {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='{$list['plid']}'");
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='{$list['plid']}'");
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='{$list['plid']}'");
} else {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='{$list['plid']}' AND uid='$uid'");
}
} else {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='{$list['plid']}'");
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='{$list['plid']}'");
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='{$list['plid']}'");
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='{$list['plid']}'");
}
return 1;
}
function deletepmbyplids($uid, $plids, $isuser = 0) {
if($plids) {
foreach($plids as $key => $plid) {
$this->deletepmbyplid($uid, $plid, $isuser);
}
}
return 1;
}
function getprivatepmbyplid($uid, $plid, $starttime = 0, $endtime = 0, $start = 0, $ppp = 0) {
if(!$uid || !$plid) {
return 0;
}
if(!$this->isprivilege($plid, $uid)) {
return 0;
}
$thread = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
if($thread['pmtype'] != 1) {
return 0;
}
$pms = $addsql = array();
$addsql[] = "p.plid='$plid'";
if($thread['authorid'] == $uid) {
$addsql[] = 'p.delstatus IN (0,2)';
} else {
$addsql[] = 'p.delstatus IN (0,1)';
}
if($starttime) {
$addsql[]= "p.dateline>'$starttime'";
}
if($endtime) {
$addsql[] = "p.dateline<'$endtime'";
}
if($addsql) {
$addsql = implode(' AND ', $addsql);
} else {
$addsql = '';
}
if($ppp) {
$limitsql = 'LIMIT '.intval($start).', '.intval($ppp);
} else {
$limitsql = '';
}
$pms = $this->db->fetch_all("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON p.plid=t.plid WHERE $addsql ORDER BY p.dateline DESC $limitsql");
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0 WHERE plid='$plid' AND uid='$uid' AND isnew=1");
return array_reverse($pms);
}
function getchatpmbyplid($uid, $plid, $starttime = 0, $endtime = 0, $start = 0, $ppp = 0) {
if(!$uid || !$plid) {
return 0;
}
if(!$this->isprivilege($plid, $uid)) {
return 0;
}
$pms = $addsql = array();
$addsql[] = "p.plid='$plid'";
if($starttime) {
$addsql[]= "p.dateline>'$starttime'";
}
if($endtime) {
$addsql[] = "p.dateline<'$endtime'";
}
if($addsql) {
$addsql = implode(' AND ', $addsql);
} else {
$addsql = '';
}
if($ppp) {
$limitsql = 'LIMIT '.intval($start).', '.intval($ppp);
} else {
$limitsql = '';
}
$query = $this->db->query("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON p.plid=t.plid WHERE $addsql ORDER BY p.dateline DESC $limitsql");
while($pm = $this->db->fetch_array($query)) {
if($pm['pmtype'] != 2) {
return 0;
}
$pms[] = $pm;
}
$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0 WHERE plid='$plid' AND uid='$uid' AND isnew=1");
return array_reverse($pms);
}
function getpmlist($uid, $filter, $start, $ppp = 10) {
if(!$uid) {
return 0;
}
$members = $touidarr = $tousernamearr = array();
if($filter == 'newpm') {
$addsql = 'm.isnew=1 AND ';
} else {
$addsql = '';
}
$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=m.plid WHERE $addsql m.uid='$uid' ORDER BY m.lastdateline DESC LIMIT $start, $ppp");
while($member = $this->db->fetch_array($query)) {
if($member['pmtype'] == 1) {
$users = explode('_', $member['min_max']);
$member['touid'] = $users[0] == $uid ? $users[1] : $users[0];
} else {
$member['touid'] = 0;
}
$touidarr[$member['touid']] = $member['touid'];
$members[] = $member;
}
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'");
$array = array();
if($members) {
$today = $this->base->time - $this->base->time % 86400;
$this->base->load('user');
$tousernamearr = $_ENV['user']->id2name($touidarr);
foreach($members as $key => $data) {
$daterange = 5;
$data['founddateline'] = $data['dateline'];
$data['dateline'] = $data['lastdateline'];
$data['pmid'] = $data['plid'];
$lastmessage = unserialize($data['lastmessage']);
if($lastmessage['firstauthorid']) {
$data['firstauthorid'] = $lastmessage['firstauthorid'];
$data['firstauthor'] = $lastmessage['firstauthor'];
$data['firstsummary'] = $lastmessage['firstsummary'];
}
if($lastmessage['lastauthorid']) {
$data['lastauthorid'] = $lastmessage['lastauthorid'];
$data['lastauthor'] = $lastmessage['lastauthor'];
$data['lastsummary'] = $lastmessage['lastsummary'];
}
$data['msgfromid'] = $lastmessage['lastauthorid'];
$data['msgfrom'] = $lastmessage['lastauthor'];
$data['message'] = $lastmessage['lastsummary'];
$data['new'] = $data['isnew'];
$data['msgtoid'] = $data['touid'];
if($data['lastdateline'] >= $today) {
$daterange = 1;
} elseif($data['lastdateline'] >= $today - 86400) {
$daterange = 2;
} elseif($data['lastdateline'] >= $today - 172800) {
$daterange = 3;
} elseif($data['lastdateline'] >= $today - 604800) {
$daterange = 4;
}
$data['daterange'] = $daterange;
$data['tousername'] = $tousernamearr[$data['touid']];
unset($data['min_max']);
$array[] = $data;
}
}
return $array;
}
function getplidbypmid($pmid) {
if(!$pmid) {
return false;
}
return $this->db->result_first("SELECT plid FROM ".UC_DBTABLEPRE."pm_indexes WHERE pmid='$pmid'");
}
function getplidbytouid($uid, $touid) {
if(!$uid || !$touid) {
return 0;
}
return $this->db->result_first("SELECT plid FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max='".$this->relationship($uid, $touid)."'");
}
function getuidbyplid($plid) {
if(!$plid) {
return array();
}
$uidarr = array();
$query = $this->db->query("SELECT uid FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
while($uid = $this->db->fetch_array($query)) {
$uidarr[$uid['uid']] = $uid['uid'];
}
return $uidarr;
}
function chatpmmemberlist($uid, $plid) {
if(!$uid || !$plid) {
return 0;
}
$uidarr = $this->getuidbyplid($plid);
if(empty($uidarr)) {
return 0;
}
if(!isset($uidarr[$uid])) {
return 0;
}
$authorid = $this->db->result_first("SELECT authorid FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
return array('author' => $authorid, 'member' => $uidarr);
}
function relationship($fromuid, $touid) {
if($fromuid < $touid) {
return $fromuid.'_'.$touid;
} elseif($fromuid > $touid) {
return $touid.'_'.$fromuid;
} else {
return '';
}
}
function getposttablename($plid) {
$id = substr((string)$plid, -1, 1);
return 'pm_messages_'.intval($id);
}
function get_blackls($uid, $uids = array()) {
if(!$uids) {
$blackls = $this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'");
} else {
$blackls = array();
$uids = is_array($uids) ? $uids : array($uids);
foreach($uids as $uid) {
$blackls[$uid] = array();
}
$uids = $this->base->implode($uids);
$query = $this->db->query("SELECT uid, blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid IN ($uids)");
while($data = $this->db->fetch_array($query)) {
$blackls[$data['uid']] = explode(',', $data['blacklist']);
}
}
return $blackls;
}
function set_blackls($uid, $blackls) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."memberfields SET blacklist='$blackls' WHERE uid='$uid'");
return $this->db->affected_rows();
}
function update_blackls($uid, $username, $action = 1) {
$username = !is_array($username) ? array($username) : $username;
if($action == 1) {
if(!in_array('{ALL}', $username)) {
$usernames = $this->base->implode($username);
$query = $this->db->query("SELECT username FROM ".UC_DBTABLEPRE."members WHERE username IN ($usernames)");
$usernames = array();
while($data = $this->db->fetch_array($query)) {
$usernames[addslashes($data['username'])] = addslashes($data['username']);
}
if(!$usernames) {
return 0;
}
$blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"));
if($blackls) {
$list = explode(',', $blackls);
foreach($list as $k => $v) {
if(in_array($v, $usernames)) {
unset($usernames[$v]);
}
}
}
if(!$usernames) {
return 1;
}
$listnew = implode(',', $usernames);
$blackls .= $blackls !== '' ? ','.$listnew : $listnew;
} else {
$blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"));
$blackls .= ',{ALL}';
}
} else {
$blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"));
$list = $blackls = explode(',', $blackls);
foreach($list as $k => $v) {
if(in_array($v, $username)) {
unset($blackls[$k]);
}
}
$blackls = implode(',', $blackls);
}
$this->db->query("UPDATE ".UC_DBTABLEPRE."memberfields SET blacklist='$blackls' WHERE uid='$uid'");
return 1;
}
function removecode($str, $length) {
static $uccode = null;
if($uccode === null) {
require_once UC_ROOT.'lib/uccode.class.php';
$uccode = new uccode();
}
$str = $uccode->complie($str);
return trim($this->base->cutstr(strip_tags($str), $length));
}
function ispminterval($uid, $interval = 0) {
if(!$uid) {
return 0;
}
$interval = intval($interval);
if(!$interval) {
return 1;
}
$lastupdate = $this->db->result_first("SELECT lastupdate FROM ".UC_DBTABLEPRE."pm_members WHERE uid='$uid' ORDER BY lastupdate DESC LIMIT 1");
if(($this->base->time - $lastupdate) > $interval) {
return 1;
} else {
return 0;
}
}
function isprivatepmthreadlimit($uid, $maxnum = 0) {
if(!$uid) {
return 0;
}
$maxnum = intval($maxnum);
if(!$maxnum) {
return 1;
}
$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE uid='$uid' AND lastupdate>'".($this->base->time-86400)."' AND t.pmtype=1");
if($maxnum - $num < 0) {
return 0;
} else {
return 1;
}
}
function ischatpmthreadlimit($uid, $maxnum = 0) {
if(!$uid) {
return 0;
}
$maxnum = intval($maxnum);
if(!$maxnum) {
return 1;
}
$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_lists WHERE authorid='$uid' AND dateline>'".($this->base->time-86400)."'");
if($maxnum - $num < 0) {
return 0;
} else {
return 1;
}
}
}
?>

71
uc_client/model/tag.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: tag.php 1059 2011-03-01 07:25:09Z monkey $
*/
!defined('IN_UC') && exit('Access Denied');
class tagmodel {
var $db;
var $base;
function __construct(&$base) {
$this->tagmodel($base);
}
function tagmodel(&$base) {
$this->base = $base;
$this->db = $base->db;
}
function get_tag_by_name($tagname) {
$arr = $this->db->fetch_all("SELECT * FROM ".UC_DBTABLEPRE."tags WHERE tagname='$tagname'");
return $arr;
}
function get_template($appid) {
$result = $this->db->result_first("SELECT tagtemplates FROM ".UC_DBTABLEPRE."applications WHERE appid='$appid'");
return $result;
}
function updatedata($appid, $data) {
$appid = intval($appid);
include_once UC_ROOT.'lib/xml.class.php';
$data = xml_unserialize($data);
$this->base->load('app');
$data[0] = addslashes($data[0]);
$datanew = array();
if(is_array($data[1])) {
foreach($data[1] as $r) {
$datanew[] = $_ENV['misc']->array2string($r);
}
}
$tmp = $_ENV['app']->get_apps('type', "appid='$appid'");
$datanew = addslashes($tmp[0]['type']."\t".implode("\t", $datanew));
if(!empty($data[0])) {
$return = $this->db->result_first("SELECT count(*) FROM ".UC_DBTABLEPRE."tags WHERE tagname='$data[0]' AND appid='$appid'");
if($return) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."tags SET data='$datanew', expiration='".$this->base->time."' WHERE tagname='$data[0]' AND appid='$appid'");
} else {
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."tags (tagname, appid, data, expiration) VALUES ('$data[0]', '$appid', '$datanew', '".$this->base->time."')");
}
}
}
function formatcache($appid, $tagname) {
$return = $this->db->result_first("SELECT count(*) FROM ".UC_DBTABLEPRE."tags WHERE tagname='$tagname' AND appid='$appid'");
if($return) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."tags SET expiration='0' WHERE tagname='$tagname' AND appid='$appid'");
} else {
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."tags (tagname, appid, expiration) VALUES ('$tagname', '$appid', '0')");
}
}
}
?>

388
uc_client/model/user.php Normal file
View File

@@ -0,0 +1,388 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: user.php 1179 2014-11-03 07:11:25Z hypowang $
*/
!defined('IN_UC') && exit('Access Denied');
class usermodel {
var $db;
var $base;
function __construct(&$base) {
$this->usermodel($base);
}
function usermodel(&$base) {
$this->base = $base;
$this->db = $base->db;
}
function get_user_by_uid($uid) {
$arr = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."members WHERE uid='$uid'");
return $arr;
}
function get_user_by_username($username) {
$arr = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."members WHERE username='$username'");
return $arr;
}
function get_user_by_email($email) {
$arr = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."members WHERE email='$email'");
return $arr;
}
function get_user_by_secmobile($secmobicc, $secmobile) {
return $this->db->fetch_first_stmt("SELECT * FROM ".UC_DBTABLEPRE."members WHERE secmobicc=? AND secmobile=?", array('d', 'd'), array($secmobicc, $secmobile));
}
function check_username($username) {
$charset = strtolower(UC_CHARSET);
if ($charset === 'utf-8') {
$guestexp = '\xE3\x80\x80|\xE6\xB8\xB8\xE5\xAE\xA2|\xE9\x81\x8A\xE5\xAE\xA2';
} elseif ($charset === 'gbk') {
$guestexp = '\xA1\xA1|\xD3\xCE\xBF\xCD';
} elseif ($charset === 'big5') {
$guestexp = '\xA1\x40|\xB9\x43\xAB\xC8';
} else {
return FALSE;
}
$guestexp .= '|^Guest';
$len = $this->dstrlen($username);
if($len > 15 || $len < 3 || preg_match("/\s+|^c:\\con\\con|[%,\*\"\s\<\>\&\(\)']|$guestexp/is", $username)) {
return FALSE;
} else {
return TRUE;
}
}
function dstrlen($str) {
if(strtolower(UC_CHARSET) != 'utf-8') {
return strlen($str);
}
$count = 0;
for($i = 0; $i < strlen($str); $i++){
$value = ord($str[$i]);
if($value > 127) {
$count++;
if($value >= 192 && $value <= 223) $i++;
elseif($value >= 224 && $value <= 239) $i = $i + 2;
elseif($value >= 240 && $value <= 247) $i = $i + 3;
}
$count++;
}
return $count;
}
function check_mergeuser($username) {
$data = $this->db->result_first("SELECT count(*) FROM ".UC_DBTABLEPRE."mergemembers WHERE appid='".$this->base->app['appid']."' AND username='$username'");
return $data;
}
function check_usernamecensor($username) {
$_CACHE['badwords'] = $this->base->cache('badwords');
$censorusername = $this->base->get_setting('censorusername');
$censorusername = $censorusername['censorusername'];
$censorexp = '/^('.str_replace(array('\\*', "\r\n", ' '), array('.*', '|', ''), preg_quote(($censorusername = trim($censorusername)), '/')).')$/i';
$usernamereplaced = isset($_CACHE['badwords']['findpattern']) && !empty($_CACHE['badwords']['findpattern']) ? @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $username) : $username;
if(($usernamereplaced != $username) || ($censorusername && preg_match($censorexp, $username))) {
return FALSE;
} else {
return TRUE;
}
}
function check_usernameexists($username) {
$data = $this->db->result_first("SELECT username FROM ".UC_DBTABLEPRE."members WHERE username='$username'");
return $data;
}
function check_emailformat($email) {
return strlen($email) > 6 && strlen($email) <= 255 && preg_match("/^([A-Za-z0-9\-_.+]+)@([A-Za-z0-9\-]+[.][A-Za-z0-9\-.]+)$/", $email);
}
function check_emailaccess($email) {
$setting = $this->base->get_setting(array('accessemail', 'censoremail'));
$accessemail = $setting['accessemail'];
$censoremail = $setting['censoremail'];
$accessexp = '/('.str_replace("\r\n", '|', preg_quote(trim($accessemail), '/')).')$/i';
$censorexp = '/('.str_replace("\r\n", '|', preg_quote(trim($censoremail), '/')).')$/i';
if($accessemail || $censoremail) {
if(($accessemail && !preg_match($accessexp, $email)) || ($censoremail && preg_match($censorexp, $email))) {
return FALSE;
} else {
return TRUE;
}
} else {
return TRUE;
}
}
function check_emailexists($email, $username = '') {
$sqladd = $username !== '' ? "AND username<>'$username'" : '';
$email = $this->db->result_first("SELECT email FROM ".UC_DBTABLEPRE."members WHERE email='$email' $sqladd");
return $email;
}
function check_secmobileexists($secmobicc, $secmobile, $username = '') {
$sqladd = $username !== '' ? "AND username<>'$username'" : '';
$secmobicc == 0 && $secmobicc = '';
$secmobile == 0 && $secmobile = '';
$secmobile = $this->db->result_first("SELECT secmobile FROM ".UC_DBTABLEPRE."members WHERE secmobicc='$secmobicc' AND secmobile='$secmobile' $sqladd");
return $secmobile;
}
function check_login($username, $password, &$user) {
$user = $this->get_user_by_username($username);
if(empty($user['username'])) {
return -1;
} elseif(!$this->verify_password($password, $user['password'], $user['salt'])) {
return -2;
}
$this->upgrade_password($username, $password, $user['password'], $user['salt']);
return $user['uid'];
}
function add_user($username, $password, $email, $uid = 0, $questionid = '', $answer = '', $regip = '', $secmobicc = '', $secmobile = '') {
$regip = empty($regip) ? $this->base->onlineip : $regip;
$salt = '';
$password = $this->generate_password($password);
$sqladd = $uid ? "uid='".intval($uid)."'," : '';
$sqladd .= $questionid > 0 ? " secques='".$this->quescrypt($questionid, $answer)."'," : " secques='',";
$sqladd .= $secmobicc ? "secmobicc='".$secmobicc."'," : '';
$sqladd .= $secmobile ? "secmobile='".$secmobile."'," : '';
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."members SET $sqladd username='$username', password='$password', email='$email', regip='$regip', regdate='".$this->base->time."', salt='$salt'");
$uid = $this->db->insert_id();
$this->db->query("INSERT INTO ".UC_DBTABLEPRE."memberfields SET uid='$uid'");
return $uid;
}
function edit_user($username, $oldpw, $newpw, $email, $ignoreoldpw = 0, $questionid = '', $answer = '', $secmobicc = '', $secmobile = '') {
$data = $this->db->fetch_first("SELECT username, uid, password, salt FROM ".UC_DBTABLEPRE."members WHERE username='$username'");
if($ignoreoldpw) {
$isprotected = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."protectedmembers WHERE uid = '{$data['uid']}'");
if($isprotected) {
return -8;
}
}
if(!$ignoreoldpw && !$this->verify_password($oldpw, $data['password'], $data['salt'])) {
return -1;
}
$sqladd = $newpw ? "password='".$this->generate_password($newpw)."', salt=''" : '';
$sqladd .= $email ? ($sqladd ? ',' : '')." email='$email'" : '';
$sqladd .= $secmobicc !== '' ? ($sqladd ? ',' : '').(!empty($secmobicc) ? " secmobicc='$secmobicc'" : " secmobicc=''") : '';
$sqladd .= $secmobile !== '' ? ($sqladd ? ',' : '').(!empty($secmobile) ? " secmobile='$secmobile'" : " secmobile=''") : '';
if($questionid !== '') {
if($questionid > 0) {
$sqladd .= ($sqladd ? ',' : '')." secques='".$this->quescrypt($questionid, $answer)."'";
} else {
$sqladd .= ($sqladd ? ',' : '')." secques=''";
}
}
if($sqladd || $emailadd) {
$this->db->query("UPDATE ".UC_DBTABLEPRE."members SET $sqladd WHERE username='$username'");
return $this->db->affected_rows();
} else {
return -7;
}
}
function delete_user($uidsarr) {
$uidsarr = (array)$uidsarr;
if(!$uidsarr) {
return 0;
}
$uids = $this->base->implode($uidsarr);
$arr = $this->db->fetch_all("SELECT uid FROM ".UC_DBTABLEPRE."protectedmembers WHERE uid IN ($uids)");
$puids = array();
foreach((array)$arr as $member) {
$puids[] = $member['uid'];
}
$uids = $this->base->implode(array_diff($uidsarr, $puids));
if($uids) {
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."members WHERE uid IN($uids)");
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."memberfields WHERE uid IN($uids)");
uc_user_deleteavatar($uidsarr);
$this->base->load('note');
$_ENV['note']->add('deleteuser', "ids=$uids");
return $this->db->affected_rows();
} else {
return 0;
}
}
function delete_useravatar($uidsarr) {
if(!defined('UC_DELAVTDIR')) {
define('UC_DELAVTDIR', UC_DATADIR.'./avatar/');
}
$uidsarr = (array)$uidsarr;
foreach((array)$uidsarr as $uid) {
file_exists($avatar_file = UC_DELAVTDIR.$this->base->get_avatar($uid, 'big', 'real')) && unlink($avatar_file);
file_exists($avatar_file = UC_DELAVTDIR.$this->base->get_avatar($uid, 'middle', 'real')) && unlink($avatar_file);
file_exists($avatar_file = UC_DELAVTDIR.$this->base->get_avatar($uid, 'small', 'real')) && unlink($avatar_file);
file_exists($avatar_file = UC_DELAVTDIR.$this->base->get_avatar($uid, 'big')) && unlink($avatar_file);
file_exists($avatar_file = UC_DELAVTDIR.$this->base->get_avatar($uid, 'middle')) && unlink($avatar_file);
file_exists($avatar_file = UC_DELAVTDIR.$this->base->get_avatar($uid, 'small')) && unlink($avatar_file);
}
}
function chgusername($uid, $newusername) {
return $this->db->query_stmt("UPDATE ".UC_DBTABLEPRE."members SET username=? WHERE uid=?", array('s', 'i'), array($newusername, $uid));
}
function get_total_num($sqladd = '') {
$data = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."members $sqladd");
return $data;
}
function get_list($page, $ppp, $totalnum, $sqladd) {
$start = $this->base->page_get_start($page, $ppp, $totalnum);
$data = $this->db->fetch_all("SELECT * FROM ".UC_DBTABLEPRE."members $sqladd LIMIT $start, $ppp");
return $data;
}
function name2id($usernamesarr) {
$usernamesarr = uc_addslashes($usernamesarr, 1, TRUE);
$usernames = $this->base->implode($usernamesarr);
$query = $this->db->query("SELECT uid FROM ".UC_DBTABLEPRE."members WHERE username IN($usernames)");
$arr = array();
while($user = $this->db->fetch_array($query)) {
$arr[] = $user['uid'];
}
return $arr;
}
function id2name($uidarr) {
$arr = array();
$query = $this->db->query("SELECT uid, username FROM ".UC_DBTABLEPRE."members WHERE uid IN (".$this->base->implode($uidarr).")");
while($user = $this->db->fetch_array($query)) {
$arr[$user['uid']] = $user['username'];
}
return $arr;
}
function quescrypt($questionid, $answer) {
return $questionid > 0 && $answer != '' ? substr(md5($answer.md5($questionid)), 16, 8) : '';
}
function can_do_login($username, $ip = '') {
$check_times = $this->base->settings['login_failedtime'] > 0 ? $this->base->settings['login_failedtime'] : ($this->base->settings['login_failedtime'] < 0 ? 0 : 5);
if($check_times == 0) {
return -1;
}
$username = substr(md5($username), 8, 15);
$expire = 15 * 60;
if(!$ip) {
$ip = $this->base->onlineip;
}
$ip_check = $user_check = array();
$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."failedlogins WHERE ip='".$ip."' OR ip='$username'");
while($row = $this->db->fetch_array($query)) {
if($row['ip'] === $username) {
$user_check = $row;
} elseif($row['ip'] === $ip) {
$ip_check = $row;
}
}
if(empty($ip_check) || ($this->base->time - $ip_check['lastupdate'] > $expire)) {
$ip_check = array();
$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."failedlogins (ip, count, lastupdate) VALUES ('{$ip}', '0', '{$this->base->time}')");
}
if(empty($user_check) || ($this->base->time - $user_check['lastupdate'] > $expire)) {
$user_check = array();
$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."failedlogins (ip, count, lastupdate) VALUES ('{$username}', '0', '{$this->base->time}')");
}
if ($ip_check || $user_check) {
$time_left = min(($check_times - $ip_check['count']), ($check_times - $user_check['count']));
return $time_left;
}
$this->db->query("DELETE FROM ".UC_DBTABLEPRE."failedlogins WHERE lastupdate<".($this->base->time - ($expire + 1)), 'UNBUFFERED');
return $check_times;
}
function loginfailed($username, $ip = '') {
$username = substr(md5($username), 8, 15);
if(!$ip) {
$ip = $this->base->onlineip;
}
$this->db->query("UPDATE ".UC_DBTABLEPRE."failedlogins SET count=count+1, lastupdate='".$this->base->time."' WHERE ip='".$ip."' OR ip='$username'");
}
function user_log($uid, $action, $extra = '') {
$uid = intval($uid);
$action = addslashes($action);
$extra = addslashes($extra);
$this->db->query_stmt("INSERT INTO ".UC_DBTABLEPRE."memberlogs SET uid=?, action=?, extra=?", array('i', 's', 's'), array($uid, $action, $extra));
}
function get_passwordalgo() {
$algo = $this->base->settings['passwordalgo'];
if(empty($algo)) {
return constant('PASSWORD_BCRYPT');
} else {
return constant($algo) === null ? constant('PASSWORD_BCRYPT') : constant($algo);
}
}
function get_passwordoptions() {
$options = $this->base->settings['passwordoptions'];
if(empty($options)) {
return array();
} else {
$result = json_decode($options, true);
return is_array($result) ? $result : array();
}
}
function generate_password($password) {
$algo = $this->get_passwordalgo();
$options = $this->get_passwordoptions();
$hash = password_hash($password, $algo, $options);
return ($hash === false || $hash === null || !password_verify($password, $hash)) ? password_hash($password, PASSWORD_BCRYPT) : $hash;
}
function verify_password($password, $hash, $salt = '') {
if(empty($salt)) {
return password_verify($password, $hash);
} else if(strlen($salt) == 6) {
return hash_equals($hash, md5(md5($password).$salt));
} else if(strlen($salt) > 6 && strlen($salt) < 20 && file_exists(UC_ROOT . "lib/uc_password_$salt.class.php")) {
$classname = "uc_password_$salt";
include(UC_ROOT . "lib/uc_password_$salt.class.php");
return $classname::verify_password($password, $hash);
}
return false;
}
function upgrade_password($username, $password, $hash, $salt = '') {
$algo = $this->get_passwordalgo();
$options = $this->get_passwordoptions();
if (!empty($salt) || password_needs_rehash($hash, $algo, $options)) {
$password_new = $this->generate_password($password);
$sqladd = "password = '$password_new', salt = ''";
return $this->db->query("UPDATE ".UC_DBTABLEPRE."members SET $sqladd WHERE username='$username'");
}
return true;
}
}

37
uc_client/model/var.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
/*
[UCenter] (C)2001-2099 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$Id: base.php 1167 2014-11-03 03:06:21Z hypowang $
*/
!defined('IN_UC') && exit('Access Denied');
class base_var {
private static $instance;
var $time;
var $onlineip;
var $db;
var $settings = array();
var $cache = array();
var $_CACHE = array();
var $app = array();
public static function bind(&$class) {
if(empty(self::$instance)) {
self::$instance = new base_var();
}
$class->time =& self::$instance->time;
$class->onlineip =& self::$instance->onlineip;
$class->db =& self::$instance->db;
$class->settings =& self::$instance->settings;
$class->cache =& self::$instance->cache;
$class->_CACHE =& self::$instance->_CACHE;
$class->app =& self::$instance->app;
}
}
?>

0
uc_client/release/index.htm Normal file
View File

6
uc_client/release/release.php Normal file
View File

@@ -0,0 +1,6 @@
<?php
if(!defined('UC_CLIENT_VERSION')) {
define('UC_CLIENT_VERSION', '1.7.0');
define('UC_CLIENT_RELEASE', '20250205');
}