1<?php
2
3/*
4	[UCenter] (C)2001-2099 Comsenz Inc.
5	This is NOT a freeware, use is subject to license terms
6
7	$Id: pm.php 1160 2013-10-24 08:04:45Z jeffjzhang $
8*/
9
10!defined('IN_UC') && exit('Access Denied');
11
12define('PMINBALCKLIST_ERROR', -6);
13define('PMSENDSELF_ERROR', -8);
14define('PMSENDNONE_ERROR', -9);
15define('PMSENDCHATNUM_ERROR', -10);
16define('PMTHREADNONE_ERROR', -11);
17define('PMPRIVILEGENONE_ERROR', -12);
18define('PMCHATTYPE_ERROR', -13);
19define('PMUIDTYPE_ERROR', -14);
20define('PMDATA_ERROR', -15);
21
22class pmmodel {
23
24	var $db;
25	var $base;
26	function __construct(&$base) {
27		$this->pmmodel($base);
28	}
29
30	function pmmodel(&$base) {
31		$this->base = $base;
32		$this->db = $base->db;
33	}
34
35	function pmintval($pmid) {
36		return @is_numeric($pmid) ? $pmid : 0;
37	}
38
39	function getpmbypmid($uid, $pmid) {
40		if(!$pmid) {
41			return array();
42		}
43		$arr = array();
44		$pm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_indexes i LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=i.plid WHERE i.pmid='$pmid'");
45		if($this->isprivilege($pm['plid'], $uid)) {
46			$pms = $this->db->fetch_all("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($pm['plid'])." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=p.plid WHERE p.pmid='$pm[pmid]'");
47			$arr = $this->getpostlist($pms);
48		}
49		return $arr;
50	}
51
52	function isprivilege($plid, $uid) {
53		if(!$plid || !$uid) {
54			return true;
55		}
56		$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$uid'");
57		if($this->db->fetch_array($query)) {
58			return true;
59		} else {
60			return false;
61		}
62	}
63
64	function getpmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp, $type = 0) {
65		if(!$type) {
66			$pm = $this->getprivatepmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp);
67		} else {
68			$pm = $this->getchatpmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp);
69		}
70		return $this->getpostlist($pm);
71	}
72
73	function getpostlist($list) {
74		if(empty($list)) {
75			return array();
76		}
77		$authoridarr = $authorarr = array();
78		foreach($list as $key => $value) {
79			$authoridarr[$value['authorid']] = $value['authorid'];
80		}
81		if($authoridarr) {
82			$this->base->load('user');
83			$authorarr = $_ENV['user']->id2name($authoridarr);
84		}
85		foreach($list as $key => $value) {
86			if($value['pmtype'] == 1) {
87				$users = explode('_', $value['min_max']);
88				if($value['authorid'] == $users[0]) {
89					$value['touid'] = $users[1];
90				} else {
91					$value['touid'] = $users[0];
92				}
93			} else {
94				$value['touid'] = 0;
95			}
96			$value['author'] = $authorarr[$value['authorid']];
97
98			$value['msgfromid'] = $value['authorid'];
99			$value['msgfrom'] = $value['author'];
100			$value['msgtoid'] = $value['touid'];
101
102			unset($value['min_max']);
103			unset($value['delstatus']);
104			unset($value['lastmessage']);
105			$list[$key] = $value;
106		}
107		return $list;
108	}
109
110	function setpmstatus($uid, $touids, $plids, $status = 0) {
111		if(!$uid) {
112			return false;
113		}
114		if(!$status) {
115			$oldstatus = 1;
116			$newstatus = 0;
117		} else {
118			$oldstatus = 0;
119			$newstatus = 1;
120		}
121		if($touids) {
122			foreach($touids as $key => $value) {
123				if($uid == $value || !$value) {
124					return false;
125				}
126				$relastionship[] = $this->relationship($uid, $value);
127			}
128			$plid = $plidpostarr = array();
129			$query = $this->db->query("SELECT plid FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max IN (".$this->base->implode($relationship).")");
130			while($thread = $this->db->fetch_array($query)) {
131				$plidarr[] = $thread['plid'];
132			}
133			if($plidarr) {
134				$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew='$newstatus' WHERE plid IN (".$this->base->implode($plidarr).") AND uid='$uid' AND isnew='$oldstatus'");
135			}
136		}
137		if($plids) {
138			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew='$newstatus' WHERE plid IN (".$this->base->implode($plids).") AND uid='$uid' AND isnew='$oldstatus'");
139		}
140		return true;
141	}
142
143	function set_ignore($uid) {
144		return $this->db->query("DELETE FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'");
145	}
146
147	function isnewpm($uid) {
148		return $this->db->result_first("SELECT uid FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'");
149	}
150
151	function lastpm($uid) {
152		$lastpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE m.uid='$uid' ORDER BY m.lastdateline DESC LIMIT 1");
153		$lastmessage = unserialize($lastpm['lastmessage']);
154		if($lastmessage['lastauthorid']) {
155			$lastpm['lastauthorid'] = $lastmessage['lastauthorid'];
156			$lastpm['lastauthor'] = $lastmessage['lastauthor'];
157			$lastpm['lastsummary'] = $lastmessage['lastsummary'];
158		} else {
159			$lastpm['lastauthorid'] = $lastmessage['firstauthorid'];
160			$lastpm['lastauthor'] = $lastmessage['firstauthor'];
161			$lastpm['lastsummary'] = $lastmessage['firstsummary'];
162		}
163		return $lastpm;
164	}
165
166	function getpmnum($uid, $type = 0, $isnew = 0) {
167		$newsql = '';
168		$newnum = 0;
169
170		if($isnew) {
171			$newsql = 'AND m.isnew=1';
172		}
173		if(!$type) {
174			$newnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m WHERE m.uid='$uid' $newsql");
175		} else {
176			$newnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=m.plid WHERE m.uid='$uid' $newsql AND t.pmtype='$type'");
177		}
178		return $newnum;
179	}
180
181	function getpmnumbyplid($uid, $plid) {
182		return $this->db->result_first("SELECT pmnum FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$uid'");
183	}
184
185	function sendpm($fromuid, $fromusername, $touids, $subject, $message, $type = 0) {
186		if(!$fromuid || !$fromusername || !$touids || !$message) {
187			return 0;
188		}
189		$touids = array_unique($touids);
190		$relationship = $existplid = $pm_member_insertsql = array();
191		$this->base->load('user');
192		$tmptouidarr = $touids;
193		$blackls = $this->get_blackls($fromuid, $touids);
194
195		foreach($tmptouidarr as $key => $value) {
196			if($fromuid == $value || !$value) {
197				return PMSENDSELF_ERROR;
198			}
199
200			if(in_array('{ALL}', $blackls[$value])) {
201				unset($touids[$key]);
202				continue;
203			}
204			$blackls[$value] = $_ENV['user']->name2id($blackls[$value]);
205			if(!(isset($blackls[$value]) && !in_array($fromuid, $blackls[$value]))) {
206				unset($touids[$key]);
207			} else {
208				$relationship[$value] = $this->relationship($fromuid, $value);
209			}
210		}
211		if(empty($touids)) {
212			return PMSENDNONE_ERROR;
213		}
214		if($type == 1 && count($touids) < 2) {
215			return PMSENDCHATNUM_ERROR;
216		}
217
218		$_CACHE['badwords'] = $this->base->cache('badwords');
219		if($_CACHE['badwords']['findpattern']) {
220			$subject = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $subject);
221			$message = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $message);
222		}
223		if(!$subject) {
224			$subject = $this->removecode(trim($message), 80);
225		} else {
226			$subject = dhtmlspecialchars($subject);
227		}
228		$lastsummary = $this->removecode(trim(stripslashes($message)), 150);
229
230		if(!$type) {
231			$query = $this->db->query("SELECT plid, min_max FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max IN (".$this->base->implode($relationship).")");
232			while($thread = $this->db->fetch_array($query)) {
233				$existplid[$thread['min_max']] = $thread['plid'];
234			}
235			$lastmessage = array('lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary);
236			$lastmessage = addslashes(serialize($lastmessage));
237			foreach($relationship as $key => $value) {
238				if(!isset($existplid[$value])) {
239					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_lists(authorid, pmtype, subject, members, min_max, dateline, lastmessage) VALUES('$fromuid', '1', '$subject', 2, '$value', '".$this->base->time."', '$lastmessage')");
240					$plid = $this->db->insert_id();
241					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
242					$pmid = $this->db->insert_id();
243					$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
244					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$key', '1', '1', '0', '".$this->base->time."')");
245					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')");
246				} else {
247					$plid = $existplid[$value];
248					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
249					$pmid = $this->db->insert_id();
250					$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
251					$result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$key', '1', '1', '0', '".$this->base->time."')", 'SILENT');
252					if(!$result) {
253						$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$key'");
254					}
255					$result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')", 'SILENT');
256					if(!$result) {
257						$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, pmnum=pmnum+1, lastupdate='".$this->base->time."', lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'");
258					}
259					$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET lastmessage='$lastmessage' WHERE plid='$plid'");
260				}
261			}
262		} else {
263			$lastmessage = array('firstauthorid' => $fromuid, 'firstauthor' => $fromusername, 'firstsummary' => $lastsummary);
264			$lastmessage = addslashes(serialize($lastmessage));
265			$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_lists(authorid, pmtype, subject, members, min_max, dateline, lastmessage) VALUES('$fromuid', '2', '$subject', '".(count($touids)+1)."', '', '".$this->base->time."', '$lastmessage')");
266			$plid = $this->db->insert_id();
267			$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
268			$pmid = $this->db->insert_id();
269			$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
270			$pm_member_insertsql[] = "('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')";
271			foreach($touids as $key => $value) {
272				$pm_member_insertsql[] = "('$plid', '$value', '1', '1', '0', '".$this->base->time."')";
273			}
274			$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES ".implode(',', $pm_member_insertsql));
275		}
276
277		$newpm = array();
278		foreach($touids as $key => $value) {
279			$newpm[] = "('$value')";
280		}
281		$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."newpm(uid) VALUES ".implode(',', $newpm));
282		return $pmid;
283	}
284
285	function replypm($plid, $fromuid, $fromusername, $message) {
286		if(!$plid || !$fromuid || !$fromusername || !$message) {
287			return 0;
288		}
289
290		$threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
291		if(empty($threadpm)) {
292			return PMTHREADNONE_ERROR;
293		}
294
295		if($threadpm['pmtype'] == 1) {
296			$users = explode('_', $threadpm['min_max']);
297			if($users[0] == $fromuid) {
298				$touid = $users[1];
299			} elseif($users[1] == $fromuid) {
300				$touid = $users[0];
301			} else {
302				return PMPRIVILEGENONE_ERROR;
303			}
304
305			$blackls = $this->get_blackls($fromuid, $touid);
306			if(in_array('{ALL}', $blackls[$touid])) {
307				return PMINBALCKLIST_ERROR;
308			}
309			$this->base->load('user');
310			$blackls[$touid] = $_ENV['user']->name2id($blackls[$touid]);
311			if(!(isset($blackls[$touid]) && !in_array($fromuid, $blackls[$touid]))) {
312				return PMINBALCKLIST_ERROR;
313			}
314		}
315
316		$memberuid = array();
317		$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
318		while($member = $this->db->fetch_array($query)) {
319			$memberuid[$member['uid']] = "('$member[uid]')";
320		}
321		if(!isset($memberuid[$fromuid])) {
322			return PMPRIVILEGENONE_ERROR;
323		}
324
325		$_CACHE['badwords'] = $this->base->cache('badwords');
326		if($_CACHE['badwords']['findpattern']) {
327			$message = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $message);
328		}
329		$lastsummary = $this->removecode(trim(stripslashes($message)), 150);
330
331		$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
332		$pmid = $this->db->insert_id();
333		$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
334		if($threadpm['pmtype'] == 1) {
335			$lastmessage = array('lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary);
336			$lastmessage = addslashes(serialize($lastmessage));
337			$result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$touid', '1', '1', '0', '".$this->base->time."')", 'SILENT');
338			if(!$result) {
339				$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$touid'");
340			}
341			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, pmnum=pmnum+1, lastupdate='".$this->base->time."', lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'");
342		} else {
343			$lastmessage = unserialize($threadpm['lastmessage']);
344			$lastmessage = array('firstauthorid' => $lastmessage['firstauthorid'], 'firstauthor' => $lastmessage['firstauthor'], 'firstsummary' => $lastmessage['firstsummary'], 'lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary);
345			$lastmessage = addslashes(serialize($lastmessage));
346			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid'");
347			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, lastupdate='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'");
348		}
349		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET lastmessage='$lastmessage' WHERE plid='$plid'");
350
351		$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."newpm(uid) VALUES ".implode(',', $memberuid)."");
352
353		return $pmid;
354	}
355
356	function appendchatpm($plid, $uid, $touid) {
357		if(!$plid || !$uid || !$touid) {
358			return 0;
359		}
360		$threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
361		if(empty($threadpm)) {
362			return PMTHREADNONE_ERROR;
363		}
364		if($threadpm['pmtype'] != 2) {
365			return PMCHATTYPE_ERROR;
366		}
367		if($threadpm['authorid'] != $uid) {
368			return PMPRIVILEGENONE_ERROR;
369		}
370
371		$blackls = $this->get_blackls($uid, $touid);
372		if(in_array('{ALL}', $blackls[$touid])) {
373			return PMINBALCKLIST_ERROR;
374		}
375		$this->base->load('user');
376		$blackls[$touid] = $_ENV['user']->name2id($blackls[$touid]);
377		if(!(isset($blackls[$touid]) && !in_array($uid, $blackls[$touid]))) {
378			return PMINBALCKLIST_ERROR;
379		}
380
381		$pmnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." WHERE plid='$plid'");
382		$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$touid', '1', '$pmnum', '0', '0')", 'SILENT');
383		$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
384		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members='$num' WHERE plid='$plid'");
385
386		return 1;
387	}
388
389	function kickchatpm($plid, $uid, $touid) {
390		if(!$uid || !$touid || !$plid || $uid == $touid) {
391			return 0;
392		}
393		$threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
394		if($threadpm['pmtype'] != 2) {
395			return PMCHATTYPE_ERROR;
396		}
397		if($threadpm['authorid'] != $uid) {
398			return PMPRIVILEGENONE_ERROR;
399		}
400		$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$touid'");
401		$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
402		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members='$num' WHERE plid='$plid'");
403		return 1;
404	}
405
406	function quitchatpm($uid, $plids) {
407		if(!$uid || !$plids) {
408			return 0;
409		}
410		$list = array();
411		$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE m.plid IN (".$this->base->implode($plids).") AND m.uid='$uid'");
412		while($threadpm = $this->db->fetch_array($query)) {
413			if($threadpm['pmtype'] != 2) {
414				return PMCHATTYPE_ERROR;
415			}
416			if($threadpm['authorid'] == $uid) {
417				return PMPRIVILEGENONE_ERROR;
418			}
419			$list[] = $threadpm['plid'];
420		}
421
422		if($list) {
423			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid IN (".$this->base->implode($list).") AND uid='$uid'");
424			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members=members-1 WHERE plid IN (".$this->base->implode($list).")");
425		}
426
427		return 1;
428	}
429
430	function deletepmbypmid($uid, $pmid) {
431		if(!$uid || !$pmid) {
432			return 0;
433		}
434		$index = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_indexes i LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON i.plid=t.plid WHERE i.pmid='$pmid'");
435		if($index['pmtype'] != 1) {
436			return PMUIDTYPE_ERROR;
437		}
438		$users = explode('_', $index['min_max']);
439		if(!in_array($uid, $users)) {
440			return PMPRIVILEGENONE_ERROR;
441		}
442		if($index['authorid'] != $uid) {
443			$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." SET delstatus=2 WHERE pmid='$pmid' AND delstatus=0");
444			$updatenum = $this->db->affected_rows();
445			$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE pmid='$pmid' AND delstatus=1");
446			$deletenum = $this->db->affected_rows();
447		} else {
448			$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." SET delstatus=1 WHERE pmid='$pmid' AND delstatus=0");
449			$updatenum = $this->db->affected_rows();
450			$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE pmid='$pmid' AND delstatus=2");
451			$deletenum = $this->db->affected_rows();
452		}
453
454		if(!$this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE plid='$index[plid]'")) {
455			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$index[plid]'");
456			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$index[plid]'");
457			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='$index[plid]'");
458		} else {
459			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET pmnum=pmnum-".($updatenum + $deletenum)." WHERE plid='".$index['plid']."' AND uid='$uid'");
460		}
461		return 1;
462	}
463
464	function deletepmbypmids($uid, $pmids) {
465		if($pmids) {
466			foreach($pmids as $key => $pmid) {
467				$this->deletepmbypmid($uid, $pmid);
468			}
469		}
470		return 1;
471	}
472
473
474	function deletepmbyplid($uid, $plid, $isuser = 0) {
475		if(!$uid || !$plid) {
476			return 0;
477		}
478
479		if($isuser) {
480			$relationship = $this->relationship($uid, $plid);
481			$sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max='$relationship'";
482		} else {
483			$sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'";
484		}
485
486		$query = $this->db->query($sql);
487		if($list = $this->db->fetch_array($query)) {
488			if($list['pmtype'] == 1) {
489				$user = explode('_', $list['min_max']);
490				if(!in_array($uid, $user)) {
491					return PMPRIVILEGENONE_ERROR;
492				}
493			} else {
494				if($uid != $list['authorid']) {
495					return PMPRIVILEGENONE_ERROR;
496				}
497			}
498		} else {
499			return PMTHREADNONE_ERROR;
500		}
501
502		if($list['pmtype'] == 1) {
503			if($uid == $list['authorid']) {
504				$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]' AND delstatus=2");
505				$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." SET delstatus=1 WHERE plid='$list[plid]' AND delstatus=0");
506			} else {
507				$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]' AND delstatus=1");
508				$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." SET delstatus=2 WHERE plid='$list[plid]' AND delstatus=0");
509			}
510			$count = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]'");
511			if(!$count) {
512				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$list[plid]'");
513				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$list[plid]'");
514				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='$list[plid]'");
515			} else {
516				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$list[plid]' AND uid='$uid'");
517			}
518		} else {
519			$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]'");
520			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$list[plid]'");
521			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$list[plid]'");
522			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='$list[plid]'");
523		}
524		return 1;
525	}
526
527	function deletepmbyplids($uid, $plids, $isuser = 0) {
528		if($plids) {
529			foreach($plids as $key => $plid) {
530				$this->deletepmbyplid($uid, $plid, $isuser);
531			}
532		}
533		return 1;
534	}
535
536
537	function getprivatepmbyplid($uid, $plid, $starttime = 0, $endtime = 0, $start = 0, $ppp = 0) {
538		if(!$uid || !$plid) {
539			return 0;
540		}
541		if(!$this->isprivilege($plid, $uid)) {
542			return 0;
543		}
544		$thread = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
545		if($thread['pmtype'] != 1) {
546			return 0;
547		}
548		$pms = $addsql = array();
549		$addsql[] = "p.plid='$plid'";
550		if($thread['authorid'] == $uid) {
551			$addsql[] = 'p.delstatus IN (0,2)';
552		} else {
553			$addsql[] = 'p.delstatus IN (0,1)';
554		}
555		if($starttime) {
556			$addsql[]= "p.dateline>'$starttime'";
557		}
558		if($endtime) {
559			$addsql[] = "p.dateline<'$endtime'";
560		}
561		if($addsql) {
562			$addsql = implode(' AND ', $addsql);
563		} else {
564			$addsql = '';
565		}
566		if($ppp) {
567			$limitsql = 'LIMIT '.intval($start).', '.intval($ppp);
568		} else {
569			$limitsql = '';
570		}
571		$pms = $this->db->fetch_all("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON p.plid=t.plid WHERE $addsql ORDER BY p.dateline DESC $limitsql");
572		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0 WHERE plid='$plid' AND uid='$uid' AND isnew=1");
573		return array_reverse($pms);
574	}
575
576	function getchatpmbyplid($uid, $plid, $starttime = 0, $endtime = 0, $start = 0, $ppp = 0) {
577		if(!$uid || !$plid) {
578			return 0;
579		}
580		if(!$this->isprivilege($plid, $uid)) {
581			return 0;
582		}
583		$pms = $addsql = array();
584		$addsql[] = "p.plid='$plid'";
585		if($starttime) {
586			$addsql[]= "p.dateline>'$starttime'";
587		}
588		if($endtime) {
589			$addsql[] = "p.dateline<'$endtime'";
590		}
591		if($addsql) {
592			$addsql = implode(' AND ', $addsql);
593		} else {
594			$addsql = '';
595		}
596		if($ppp) {
597			$limitsql = 'LIMIT '.intval($start).', '.intval($ppp);
598		} else {
599			$limitsql = '';
600		}
601		$query = $this->db->query("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON p.plid=t.plid WHERE $addsql ORDER BY p.dateline DESC $limitsql");
602		while($pm = $this->db->fetch_array($query)) {
603			if($pm['pmtype'] != 2) {
604				return 0;
605			}
606			$pms[] = $pm;
607		}
608		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0 WHERE plid='$plid' AND uid='$uid' AND isnew=1");
609		return array_reverse($pms);
610	}
611
612	function getpmlist($uid, $filter, $start, $ppp = 10) {
613		if(!$uid) {
614			return 0;
615		}
616		$members = $touidarr = $tousernamearr = array();
617
618		if($filter == 'newpm') {
619			$addsql = 'm.isnew=1 AND ';
620		} else {
621			$addsql = '';
622		}
623		$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=m.plid WHERE $addsql m.uid='$uid' ORDER BY m.lastdateline DESC LIMIT $start, $ppp");
624		while($member = $this->db->fetch_array($query)) {
625			if($member['pmtype'] == 1) {
626				$users = explode('_', $member['min_max']);
627				$member['touid'] = $users[0] == $uid ? $users[1] : $users[0];
628			} else {
629				$member['touid'] = 0;
630			}
631			$touidarr[$member['touid']] = $member['touid'];
632			$members[] = $member;
633		}
634
635		$this->db->query("DELETE FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'");
636
637		$array = array();
638		if($members) {
639			$today = $this->base->time - $this->base->time % 86400;
640			$this->base->load('user');
641			$tousernamearr = $_ENV['user']->id2name($touidarr);
642			foreach($members as $key => $data) {
643
644				$daterange = 5;
645				$data['founddateline'] = $data['dateline'];
646				$data['dateline'] = $data['lastdateline'];
647				$data['pmid'] = $data['plid'];
648				$lastmessage = unserialize($data['lastmessage']);
649				if($lastmessage['firstauthorid']) {
650					$data['firstauthorid'] = $lastmessage['firstauthorid'];
651					$data['firstauthor'] = $lastmessage['firstauthor'];
652					$data['firstsummary'] = $lastmessage['firstsummary'];
653				}
654				if($lastmessage['lastauthorid']) {
655					$data['lastauthorid'] = $lastmessage['lastauthorid'];
656					$data['lastauthor'] = $lastmessage['lastauthor'];
657					$data['lastsummary'] = $lastmessage['lastsummary'];
658				}
659				$data['msgfromid'] = $lastmessage['lastauthorid'];
660				$data['msgfrom'] = $lastmessage['lastauthor'];
661				$data['message'] = $lastmessage['lastsummary'];
662
663				$data['new'] = $data['isnew'];
664
665				$data['msgtoid'] = $data['touid'];
666				if($data['lastdateline'] >= $today) {
667					$daterange = 1;
668				} elseif($data['lastdateline'] >= $today - 86400) {
669					$daterange = 2;
670				} elseif($data['lastdateline'] >= $today - 172800) {
671					$daterange = 3;
672				} elseif($data['lastdateline'] >= $today - 604800) {
673					$daterange = 4;
674				}
675				$data['daterange'] = $daterange;
676
677				$data['tousername'] = $tousernamearr[$data['touid']];
678				unset($data['min_max']);
679				$array[] = $data;
680			}
681		}
682		return $array;
683	}
684
685	function getplidbypmid($pmid) {
686		if(!$pmid) {
687			return false;
688		}
689		return $this->db->result_first("SELECT plid FROM ".UC_DBTABLEPRE."pm_indexes WHERE pmid='$pmid'");
690	}
691
692	function getplidbytouid($uid, $touid) {
693		if(!$uid || !$touid) {
694			return 0;
695		}
696		return $this->db->result_first("SELECT plid FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max='".$this->relationship($uid, $touid)."'");
697	}
698
699	function getuidbyplid($plid) {
700		if(!$plid) {
701			return array();
702		}
703		$uidarr = array();
704		$query = $this->db->query("SELECT uid FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
705		while($uid = $this->db->fetch_array($query)) {
706			$uidarr[$uid['uid']] = $uid['uid'];
707		}
708		return $uidarr;
709	}
710
711	function chatpmmemberlist($uid, $plid) {
712		if(!$uid || !$plid) {
713			return 0;
714		}
715		$uidarr = $this->getuidbyplid($plid);
716		if(empty($uidarr)) {
717			return 0;
718		}
719		if(!isset($uidarr[$uid])) {
720			return 0;
721		}
722		$authorid = $this->db->result_first("SELECT authorid FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
723		return array('author' => $authorid, 'member' => $uidarr);
724	}
725
726	function relationship($fromuid, $touid) {
727		if($fromuid < $touid) {
728			return $fromuid.'_'.$touid;
729		} elseif($fromuid > $touid) {
730			return $touid.'_'.$fromuid;
731		} else {
732			return '';
733		}
734	}
735
736	function getposttablename($plid) {
737		$id = substr((string)$plid, -1, 1);
738		return 'pm_messages_'.intval($id);
739	}
740
741	function get_blackls($uid, $uids = array()) {
742		if(!$uids) {
743			$blackls = $this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'");
744		} else {
745			$uids = $this->base->implode($uids);
746			$blackls = array();
747			$query = $this->db->query("SELECT uid, blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid IN ($uids)");
748			while($data = $this->db->fetch_array($query)) {
749				$blackls[$data['uid']] = explode(',', $data['blacklist']);
750			}
751		}
752		return $blackls;
753	}
754
755	function set_blackls($uid, $blackls) {
756		$this->db->query("UPDATE ".UC_DBTABLEPRE."memberfields SET blacklist='$blackls' WHERE uid='$uid'");
757		return $this->db->affected_rows();
758	}
759
760	function update_blackls($uid, $username, $action = 1) {
761		$username = !is_array($username) ? array($username) : $username;
762		if($action == 1) {
763			if(!in_array('{ALL}', $username)) {
764				$usernames = $this->base->implode($username);
765				$query = $this->db->query("SELECT username FROM ".UC_DBTABLEPRE."members WHERE username IN ($usernames)");
766				$usernames = array();
767				while($data = $this->db->fetch_array($query)) {
768					$usernames[addslashes($data['username'])] = addslashes($data['username']);
769				}
770				if(!$usernames) {
771					return 0;
772				}
773				$blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"));
774				if($blackls) {
775					$list = explode(',', $blackls);
776					foreach($list as $k => $v) {
777						if(in_array($v, $usernames)) {
778							unset($usernames[$v]);
779						}
780					}
781				}
782				if(!$usernames) {
783					return 1;
784				}
785				$listnew = implode(',', $usernames);
786				$blackls .= $blackls !== '' ? ','.$listnew : $listnew;
787			} else {
788				$blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"));
789				$blackls .= ',{ALL}';
790			}
791		} else {
792			$blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"));
793			$list = $blackls = explode(',', $blackls);
794			foreach($list as $k => $v) {
795				if(in_array($v, $username)) {
796					unset($blackls[$k]);
797				}
798			}
799			$blackls = implode(',', $blackls);
800		}
801		$this->db->query("UPDATE ".UC_DBTABLEPRE."memberfields SET blacklist='$blackls' WHERE uid='$uid'");
802		return 1;
803	}
804
805	function removecode($str, $length) {
806		static $uccode = null;
807		if($uccode === null) {
808			require_once UC_ROOT.'lib/uccode.class.php';
809			$uccode = new uccode();
810		}
811		$str = $uccode->complie($str);
812		return trim($this->base->cutstr(strip_tags($str), $length));
813	}
814
815	function ispminterval($uid, $interval = 0) {
816		if(!$uid) {
817			return 0;
818		}
819		$interval = intval($interval);
820		if(!$interval) {
821			return 1;
822		}
823		$lastupdate = $this->db->result_first("SELECT lastupdate FROM ".UC_DBTABLEPRE."pm_members WHERE uid='$uid' ORDER BY lastupdate DESC LIMIT 1");
824		if(($this->base->time - $lastupdate) > $interval) {
825			return 1;
826		} else {
827			return 0;
828		}
829	}
830
831	function isprivatepmthreadlimit($uid, $maxnum = 0) {
832		if(!$uid) {
833			return 0;
834		}
835		$maxnum = intval($maxnum);
836		if(!$maxnum) {
837			return 1;
838		}
839		$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE uid='$uid' AND lastupdate>'".($this->base->time-86400)."' AND t.pmtype=1");
840		if($maxnum - $num < 0) {
841			return 0;
842		} else {
843			return 1;
844		}
845	}
846
847	function ischatpmthreadlimit($uid, $maxnum = 0) {
848		if(!$uid) {
849			return 0;
850		}
851		$maxnum = intval($maxnum);
852		if(!$maxnum) {
853			return 1;
854		}
855		$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_lists WHERE authorid='$uid' AND dateline>'".($this->base->time-86400)."'");
856		if($maxnum - $num < 0) {
857			return 0;
858		} else {
859			return 1;
860		}
861	}
862}
863?>