001.
/**
002.
* 判断提交是否正确
003.
* @param string 提交的按钮名
004.
* @return bool
005.
*/
006.
function
submitcheck(
$var
) {
007.
//如果存在$var的值并且提交方法为post
008.
if
(!
empty
(
$_POST
[
$var
]) &&
$_SERVER
[
'REQUEST_METHOD'
] ==
'POST'
) {
009.
if
((
empty
(
$_SERVER
[
'HTTP_REFERER'
]) || preg_replace(
"/https?:\/\/([^\:\/]+).*/i"
,
"\\1"
,
$_SERVER
[
'HTTP_REFERER'
]) == preg_replace(
"/([^\:]+).*/"
,
"\\1"
,
$_SERVER
[
'HTTP_HOST'
])) &&
$_POST
[
'formhash'
] == formhash()) {
010.
return
true;
011.
}
else
{
012.
showmessage(
'submit_invalid'
);
013.
}
014.
}
else
{
015.
return
false;
016.
}
017.
}
018.
019.
/**
020.
* 添加数据
021.
* @global array $_SGLOBAL
022.
* @param string $tablename 表名
023.
* @param array $insertsqlarr 要插入的数组
024.
* @param int $returnid
025.
* @param bool $replace
026.
* @param int $silent
027.
* @return string
028.
*/
029.
function
inserttable(
$tablename
,
$insertsqlarr
,
$returnid
=0,
$replace
= false,
$silent
=0) {
030.
global
$_SGLOBAL
;
031.
032.
$insertkeysql
=
$insertvaluesql
=
$comma
=
''
;
033.
foreach
(
$insertsqlarr
as
$insert_key
=>
$insert_value
) {
034.
$insertkeysql
.=
$comma
.
'`'
.
$insert_key
.
'`'
;
//插入的键值
035.
$insertvaluesql
.=
$comma
.
'\''
.
$insert_value
.
'\''
;
//插入的值
036.
$comma
=
', '
;
037.
}
038.
$method
=
$replace
?
'REPLACE'
:
'INSERT'
;
039.
$_SGLOBAL
[
'db'
]->query(
$method
.
' INTO '
.tname(
$tablename
).
' ('
.
$insertkeysql
.
') VALUES ('
.
$insertvaluesql
.
')'
,
$silent
?
'SILENT'
:
''
);
040.
if
(
$returnid
&& !
$replace
) {
//如果$returnid为真,则返回插入的uid.
041.
return
$_SGLOBAL
[
'db'
]->insert_id();
042.
}
043.
}
044.
045.
/**
046.
* 编辑信息
047.
* @global array $_SGLOBAL
048.
* @param string $tablename 更新的表名
049.
* @param array $setsqlarr 更新的字段
050.
* @param array $wheresqlarr where
051.
* @param int $silent
052.
*/
053.
function
updatetable(
$tablename
,
$setsqlarr
,
$wheresqlarr
,
$silent
=0) {
054.
global
$_SGLOBAL
;
055.
056.
$setsql
=
$comma
=
''
;
057.
foreach
(
$setsqlarr
as
$set_key
=>
$set_value
) {
058.
if
(
is_array
(
$set_value
)) {
059.
$setsql
.=
$comma
.
'`'
.
$set_key
.
'`'
.
'='
.
$set_value
[0];
060.
}
else
{
061.
$setsql
.=
$comma
.
'`'
.
$set_key
.
'`'
.
'=\''
.
$set_value
.
'\''
;
062.
}
063.
$comma
=
', '
;
064.
}
065.
$where
=
$comma
=
''
;
066.
if
(
empty
(
$wheresqlarr
)) {
067.
$where
=
'1'
;
068.
}
elseif
(
is_array
(
$wheresqlarr
)) {
069.
foreach
(
$wheresqlarr
as
$key
=>
$value
) {
070.
$where
.=
$comma
.
'`'
.
$key
.
'`'
.
'=\''
.
$value
.
'\''
;
071.
$comma
=
' AND '
;
072.
}
073.
}
else
{
074.
$where
=
$wheresqlarr
;
075.
}
076.
$_SGLOBAL
[
'db'
]->query(
'UPDATE '
.tname(
$tablename
).
' SET '
.
$setsql
.
' WHERE '
.
$where
,
$silent
?
'SILENT'
:
''
);
077.
}
078.
079.
/**
080.
* 获取用户空间信息
081.
* @global array $_SGLOBAL
082.
* @global array $_SCONFIG
083.
* @global array $_SN
084.
* @param int or string $key uid或是用户名
085.
* @param string $indextype 通过uid还是用户名开通用户名
086.
* @param int $auto_open 是否自动创建空间
087.
* @return array
088.
*/
089.
function
getspace(
$key
,
$indextype
=
'uid'
,
$auto_open
=0) {
090.
global
$_SGLOBAL
,
$_SCONFIG
,
$_SN
;
091.
092.
$var
=
"space_{$key}_{$indextype}"
;
093.
if
(
empty
(
$_SGLOBAL
[
$var
])) {
094.
$space
=
array
();
095.
$query
=
$_SGLOBAL
[
'db'
]->query(
"SELECT sf.*, s.* FROM "
.tname(
'space'
).
" s LEFT JOIN "
.tname(
'spacefield'
).
" sf ON sf.uid=s.uid WHERE s.{$indextype}='$key'"
);
096.
if
(!
$space
=
$_SGLOBAL
[
'db'
]->fetch_array(
$query
)) {
//如果数据库中不存在传入uid的空间信息
097.
$space
=
array
();
098.
if
(
$indextype
==
'uid'
&&
$auto_open
) {
//如果传入的是uid,并开启自动开通空间功能
099.
//自动开通空间
100.
include_once
(S_ROOT.
'./uc_client/client.php'
);
101.
if
(
$user
= uc_get_user(
$key
, 1)) {
//获取用户的信息
102.
include_once
(S_ROOT.
'./source/function_space.php'
);
103.
$space
= space_open(
$user
[0],
addslashes
(
$user
[1]), 0,
addslashes
(
$user
[2]));
//开通空间
104.
}
105.
}
106.
}
107.
if
(
$space
) {
//如果存在空间
108.
$_SN
[
$space
[
'uid'
]] = (
$_SCONFIG
[
'realname'
] &&
$space
[
'name'
] &&
$space
[
'namestatus'
])?
$space
[
'name'
]:
$space
[
'username'
];
//获取实名或是用户名
109.
$space
[
'self'
] = (
$space
[
'uid'
]==
$_SGLOBAL
[
'supe_uid'
])?1:0;
//是否是自己的空间
110.
111.
//好友缓存
112.
$space
[
'friends'
] =
array
();
113.
if
(
empty
(
$space
[
'friend'
])) {
//如果好友为空
114.
if
(
$space
[
'friendnum'
]>0) {
//如果好友数大于0
115.
$fstr
=
$fmod
=
''
;
116.
//则在好友表中查找uid的好友
117.
$query
=
$_SGLOBAL
[
'db'
]->query(
"SELECT fuid FROM "
.tname(
'friend'
).
" WHERE uid='$space[uid]' AND status='1'"
);
118.
while
(
$value
=
$_SGLOBAL
[
'db'
]->fetch_array(
$query
)) {
119.
$space
[
'friends'
][] =
$value
[
'fuid'
];
120.
$fstr
.=
$fmod
.
$value
[
'fuid'
];
121.
$fmod
=
','
;
122.
}
123.
$space
[
'friend'
] =
$fstr
;
124.
}
125.
}
else
{
126.
$space
[
'friends'
] =
explode
(
','
,
$space
[
'friend'
]);
127.
}
128.
129.
$space
[
'username'
] =
addslashes
(
$space
[
'username'
]);
130.
$space
[
'name'
] =
addslashes
(
$space
[
'name'
]);
131.
$space
[
'privacy'
] =
empty
(
$space
[
'privacy'
])?(
empty
(
$_SCONFIG
[
'privacy'
])?
array
():
$_SCONFIG
[
'privacy'
]):unserialize(
$space
[
'privacy'
]);
132.
133.
//通知数
134.
$space
[
'allnotenum'
] = 0;
135.
foreach
(
array
(
'notenum'
,
'pokenum'
,
'addfriendnum'
,
'mtaginvitenum'
,
'eventinvitenum'
,
'myinvitenum'
)
as
$value
) {
136.
$space
[
'allnotenum'
] =
$space
[
'allnotenum'
] +
$space
[
$value
];
137.
}
138.
if
(
$space
[
'self'
]) {
139.
$_SGLOBAL
[
'member'
] =
$space
;
140.
}
141.
}
142.
$_SGLOBAL
[
$var
] =
$space
;
143.
}
144.
return
$_SGLOBAL
[
$var
];
145.
}
146.
147.
/**
148.
* 通过用户名或真实姓名获取用户的uid
149.
* @param string $name
150.
* @return int
151.
*/
152.
function
getuid(
$name
) {
153.
global
$_SGLOBAL
,
$_SCONFIG
;
154.
155.
$wherearr
[] =
"(username='$name')"
;
156.
if
(
$_SCONFIG
[
'realname'
]) {
//如果设置为实名,则能过实名来获取uid或通过用户名
157.
$wherearr
[] =
"(name='$name' AND namestatus = 1)"
;
158.
}
159.
$uid
= 0;
160.
$query
=
$_SGLOBAL
[
'db'
]->query(
"SELECT uid,username,name,namestatus FROM "
.tname(
'space'
).
" WHERE "
.implode(
' OR '
,
$wherearr
).
" LIMIT 1"
);
161.
if
(
$space
=
$_SGLOBAL
[
'db'
]->fetch_array(
$query
)) {
162.
$uid
=
$space
[
'uid'
];
163.
}
164.
return
$uid
;
165.
}
166.
167.
/**
168.
* 获取当前用户信息
169.
*/
170.
function
getmember() {
171.
global
$_SGLOBAL
,
$space
;
172.
173.
if
(
empty
(
$_SGLOBAL
[
'member'
]) &&
$_SGLOBAL
[
'supe_uid'
]) {
174.
if
(
$space
[
'uid'
] ==
$_SGLOBAL
[
'supe_uid'
]) {
175.
$_SGLOBAL
[
'member'
] =
$space
;
176.
}
else
{
177.
$_SGLOBAL
[
'member'
] = getspace(
$_SGLOBAL
[
'supe_uid'
]);
178.
}
179.
}
180.
}