1<?php 2 3/* 4 [UCenter] (C)2001-2099 Comsenz Inc. 5 This is NOT a freeware, use is subject to license terms 6 7 $Id: pm.php 1160 2013-10-24 08:04:45Z jeffjzhang $ 8*/ 9 10!defined('IN_UC') && exit('Access Denied'); 11 12define('PMINBALCKLIST_ERROR', -6); 13define('PMSENDSELF_ERROR', -8); 14define('PMSENDNONE_ERROR', -9); 15define('PMSENDCHATNUM_ERROR', -10); 16define('PMTHREADNONE_ERROR', -11); 17define('PMPRIVILEGENONE_ERROR', -12); 18define('PMCHATTYPE_ERROR', -13); 19define('PMUIDTYPE_ERROR', -14); 20define('PMDATA_ERROR', -15); 21 22class pmmodel { 23 24 var $db; 25 var $base; 26 function __construct(&$base) { 27 $this->pmmodel($base); 28 } 29 30 function pmmodel(&$base) { 31 $this->base = $base; 32 $this->db = $base->db; 33 } 34 35 function pmintval($pmid) { 36 return @is_numeric($pmid) ? $pmid : 0; 37 } 38 39 function getpmbypmid($uid, $pmid) { 40 if(!$pmid) { 41 return array(); 42 } 43 $arr = array(); 44 $pm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_indexes i LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=i.plid WHERE i.pmid='$pmid'"); 45 if($this->isprivilege($pm['plid'], $uid)) { 46 $pms = $this->db->fetch_all("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($pm['plid'])." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=p.plid WHERE p.pmid='$pm[pmid]'"); 47 $arr = $this->getpostlist($pms); 48 } 49 return $arr; 50 } 51 52 function isprivilege($plid, $uid) { 53 if(!$plid || !$uid) { 54 return true; 55 } 56 $query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$uid'"); 57 if($this->db->fetch_array($query)) { 58 return true; 59 } else { 60 return false; 61 } 62 } 63 64 function getpmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp, $type = 0) { 65 if(!$type) { 66 $pm = $this->getprivatepmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp); 67 } else { 68 $pm = $this->getchatpmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp); 69 } 70 return $this->getpostlist($pm); 71 } 72 73 function getpostlist($list) { 74 if(empty($list)) { 75 return array(); 76 } 77 $authoridarr = $authorarr = array(); 78 foreach($list as $key => $value) { 79 $authoridarr[$value['authorid']] = $value['authorid']; 80 } 81 if($authoridarr) { 82 $this->base->load('user'); 83 $authorarr = $_ENV['user']->id2name($authoridarr); 84 } 85 foreach($list as $key => $value) { 86 if($value['pmtype'] == 1) { 87 $users = explode('_', $value['min_max']); 88 if($value['authorid'] == $users[0]) { 89 $value['touid'] = $users[1]; 90 } else { 91 $value['touid'] = $users[0]; 92 } 93 } else { 94 $value['touid'] = 0; 95 } 96 $value['author'] = $authorarr[$value['authorid']]; 97 98 $value['msgfromid'] = $value['authorid']; 99 $value['msgfrom'] = $value['author']; 100 $value['msgtoid'] = $value['touid']; 101 102 unset($value['min_max']); 103 unset($value['delstatus']); 104 unset($value['lastmessage']); 105 $list[$key] = $value; 106 } 107 return $list; 108 } 109 110 function setpmstatus($uid, $touids, $plids, $status = 0) { 111 if(!$uid) { 112 return false; 113 } 114 if(!$status) { 115 $oldstatus = 1; 116 $newstatus = 0; 117 } else { 118 $oldstatus = 0; 119 $newstatus = 1; 120 } 121 if($touids) { 122 foreach($touids as $key => $value) { 123 if($uid == $value || !$value) { 124 return false; 125 } 126 $relastionship[] = $this->relationship($uid, $value); 127 } 128 $plid = $plidpostarr = array(); 129 $query = $this->db->query("SELECT plid FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max IN (".$this->base->implode($relationship).")"); 130 while($thread = $this->db->fetch_array($query)) { 131 $plidarr[] = $thread['plid']; 132 } 133 if($plidarr) { 134 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew='$newstatus' WHERE plid IN (".$this->base->implode($plidarr).") AND uid='$uid' AND isnew='$oldstatus'"); 135 } 136 } 137 if($plids) { 138 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew='$newstatus' WHERE plid IN (".$this->base->implode($plids).") AND uid='$uid' AND isnew='$oldstatus'"); 139 } 140 return true; 141 } 142 143 function set_ignore($uid) { 144 return $this->db->query("DELETE FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'"); 145 } 146 147 function isnewpm($uid) { 148 return $this->db->result_first("SELECT uid FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'"); 149 } 150 151 function lastpm($uid) { 152 $lastpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE m.uid='$uid' ORDER BY m.lastdateline DESC LIMIT 1"); 153 $lastmessage = unserialize($lastpm['lastmessage']); 154 if($lastmessage['lastauthorid']) { 155 $lastpm['lastauthorid'] = $lastmessage['lastauthorid']; 156 $lastpm['lastauthor'] = $lastmessage['lastauthor']; 157 $lastpm['lastsummary'] = $lastmessage['lastsummary']; 158 } else { 159 $lastpm['lastauthorid'] = $lastmessage['firstauthorid']; 160 $lastpm['lastauthor'] = $lastmessage['firstauthor']; 161 $lastpm['lastsummary'] = $lastmessage['firstsummary']; 162 } 163 return $lastpm; 164 } 165 166 function getpmnum($uid, $type = 0, $isnew = 0) { 167 $newsql = ''; 168 $newnum = 0; 169 170 if($isnew) { 171 $newsql = 'AND m.isnew=1'; 172 } 173 if(!$type) { 174 $newnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m WHERE m.uid='$uid' $newsql"); 175 } else { 176 $newnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=m.plid WHERE m.uid='$uid' $newsql AND t.pmtype='$type'"); 177 } 178 return $newnum; 179 } 180 181 function getpmnumbyplid($uid, $plid) { 182 return $this->db->result_first("SELECT pmnum FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$uid'"); 183 } 184 185 function sendpm($fromuid, $fromusername, $touids, $subject, $message, $type = 0) { 186 if(!$fromuid || !$fromusername || !$touids || !$message) { 187 return 0; 188 } 189 $touids = array_unique($touids); 190 $relationship = $existplid = $pm_member_insertsql = array(); 191 $this->base->load('user'); 192 $tmptouidarr = $touids; 193 $blackls = $this->get_blackls($fromuid, $touids); 194 195 foreach($tmptouidarr as $key => $value) { 196 if($fromuid == $value || !$value) { 197 return PMSENDSELF_ERROR; 198 } 199 200 if(in_array('{ALL}', $blackls[$value])) { 201 unset($touids[$key]); 202 continue; 203 } 204 $blackls[$value] = $_ENV['user']->name2id($blackls[$value]); 205 if(!(isset($blackls[$value]) && !in_array($fromuid, $blackls[$value]))) { 206 unset($touids[$key]); 207 } else { 208 $relationship[$value] = $this->relationship($fromuid, $value); 209 } 210 } 211 if(empty($touids)) { 212 return PMSENDNONE_ERROR; 213 } 214 if($type == 1 && count($touids) < 2) { 215 return PMSENDCHATNUM_ERROR; 216 } 217 218 $_CACHE['badwords'] = $this->base->cache('badwords'); 219 if($_CACHE['badwords']['findpattern']) { 220 $subject = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $subject); 221 $message = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $message); 222 } 223 if(!$subject) { 224 $subject = $this->removecode(trim($message), 80); 225 } else { 226 $subject = dhtmlspecialchars($subject); 227 } 228 $lastsummary = $this->removecode(trim(stripslashes($message)), 150); 229 230 if(!$type) { 231 $query = $this->db->query("SELECT plid, min_max FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max IN (".$this->base->implode($relationship).")"); 232 while($thread = $this->db->fetch_array($query)) { 233 $existplid[$thread['min_max']] = $thread['plid']; 234 } 235 $lastmessage = array('lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary); 236 $lastmessage = addslashes(serialize($lastmessage)); 237 foreach($relationship as $key => $value) { 238 if(!isset($existplid[$value])) { 239 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_lists(authorid, pmtype, subject, members, min_max, dateline, lastmessage) VALUES('$fromuid', '1', '$subject', 2, '$value', '".$this->base->time."', '$lastmessage')"); 240 $plid = $this->db->insert_id(); 241 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')"); 242 $pmid = $this->db->insert_id(); 243 $this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)"); 244 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$key', '1', '1', '0', '".$this->base->time."')"); 245 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')"); 246 } else { 247 $plid = $existplid[$value]; 248 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')"); 249 $pmid = $this->db->insert_id(); 250 $this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)"); 251 $result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$key', '1', '1', '0', '".$this->base->time."')", 'SILENT'); 252 if(!$result) { 253 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$key'"); 254 } 255 $result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')", 'SILENT'); 256 if(!$result) { 257 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, pmnum=pmnum+1, lastupdate='".$this->base->time."', lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'"); 258 } 259 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET lastmessage='$lastmessage' WHERE plid='$plid'"); 260 } 261 } 262 } else { 263 $lastmessage = array('firstauthorid' => $fromuid, 'firstauthor' => $fromusername, 'firstsummary' => $lastsummary); 264 $lastmessage = addslashes(serialize($lastmessage)); 265 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_lists(authorid, pmtype, subject, members, min_max, dateline, lastmessage) VALUES('$fromuid', '2', '$subject', '".(count($touids)+1)."', '', '".$this->base->time."', '$lastmessage')"); 266 $plid = $this->db->insert_id(); 267 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')"); 268 $pmid = $this->db->insert_id(); 269 $this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)"); 270 $pm_member_insertsql[] = "('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')"; 271 foreach($touids as $key => $value) { 272 $pm_member_insertsql[] = "('$plid', '$value', '1', '1', '0', '".$this->base->time."')"; 273 } 274 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES ".implode(',', $pm_member_insertsql)); 275 } 276 277 $newpm = array(); 278 foreach($touids as $key => $value) { 279 $newpm[] = "('$value')"; 280 } 281 $this->db->query("REPLACE INTO ".UC_DBTABLEPRE."newpm(uid) VALUES ".implode(',', $newpm)); 282 return $pmid; 283 } 284 285 function replypm($plid, $fromuid, $fromusername, $message) { 286 if(!$plid || !$fromuid || !$fromusername || !$message) { 287 return 0; 288 } 289 290 $threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'"); 291 if(empty($threadpm)) { 292 return PMTHREADNONE_ERROR; 293 } 294 295 if($threadpm['pmtype'] == 1) { 296 $users = explode('_', $threadpm['min_max']); 297 if($users[0] == $fromuid) { 298 $touid = $users[1]; 299 } elseif($users[1] == $fromuid) { 300 $touid = $users[0]; 301 } else { 302 return PMPRIVILEGENONE_ERROR; 303 } 304 305 $blackls = $this->get_blackls($fromuid, $touid); 306 if(in_array('{ALL}', $blackls[$touid])) { 307 return PMINBALCKLIST_ERROR; 308 } 309 $this->base->load('user'); 310 $blackls[$touid] = $_ENV['user']->name2id($blackls[$touid]); 311 if(!(isset($blackls[$touid]) && !in_array($fromuid, $blackls[$touid]))) { 312 return PMINBALCKLIST_ERROR; 313 } 314 } 315 316 $memberuid = array(); 317 $query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'"); 318 while($member = $this->db->fetch_array($query)) { 319 $memberuid[$member['uid']] = "('$member[uid]')"; 320 } 321 if(!isset($memberuid[$fromuid])) { 322 return PMPRIVILEGENONE_ERROR; 323 } 324 325 $_CACHE['badwords'] = $this->base->cache('badwords'); 326 if($_CACHE['badwords']['findpattern']) { 327 $message = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $message); 328 } 329 $lastsummary = $this->removecode(trim(stripslashes($message)), 150); 330 331 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')"); 332 $pmid = $this->db->insert_id(); 333 $this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)"); 334 if($threadpm['pmtype'] == 1) { 335 $lastmessage = array('lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary); 336 $lastmessage = addslashes(serialize($lastmessage)); 337 $result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$touid', '1', '1', '0', '".$this->base->time."')", 'SILENT'); 338 if(!$result) { 339 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$touid'"); 340 } 341 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, pmnum=pmnum+1, lastupdate='".$this->base->time."', lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'"); 342 } else { 343 $lastmessage = unserialize($threadpm['lastmessage']); 344 $lastmessage = array('firstauthorid' => $lastmessage['firstauthorid'], 'firstauthor' => $lastmessage['firstauthor'], 'firstsummary' => $lastmessage['firstsummary'], 'lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary); 345 $lastmessage = addslashes(serialize($lastmessage)); 346 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid'"); 347 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, lastupdate='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'"); 348 } 349 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET lastmessage='$lastmessage' WHERE plid='$plid'"); 350 351 $this->db->query("REPLACE INTO ".UC_DBTABLEPRE."newpm(uid) VALUES ".implode(',', $memberuid).""); 352 353 return $pmid; 354 } 355 356 function appendchatpm($plid, $uid, $touid) { 357 if(!$plid || !$uid || !$touid) { 358 return 0; 359 } 360 $threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'"); 361 if(empty($threadpm)) { 362 return PMTHREADNONE_ERROR; 363 } 364 if($threadpm['pmtype'] != 2) { 365 return PMCHATTYPE_ERROR; 366 } 367 if($threadpm['authorid'] != $uid) { 368 return PMPRIVILEGENONE_ERROR; 369 } 370 371 $blackls = $this->get_blackls($uid, $touid); 372 if(in_array('{ALL}', $blackls[$touid])) { 373 return PMINBALCKLIST_ERROR; 374 } 375 $this->base->load('user'); 376 $blackls[$touid] = $_ENV['user']->name2id($blackls[$touid]); 377 if(!(isset($blackls[$touid]) && !in_array($uid, $blackls[$touid]))) { 378 return PMINBALCKLIST_ERROR; 379 } 380 381 $pmnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." WHERE plid='$plid'"); 382 $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$touid', '1', '$pmnum', '0', '0')", 'SILENT'); 383 $num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'"); 384 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members='$num' WHERE plid='$plid'"); 385 386 return 1; 387 } 388 389 function kickchatpm($plid, $uid, $touid) { 390 if(!$uid || !$touid || !$plid || $uid == $touid) { 391 return 0; 392 } 393 $threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'"); 394 if($threadpm['pmtype'] != 2) { 395 return PMCHATTYPE_ERROR; 396 } 397 if($threadpm['authorid'] != $uid) { 398 return PMPRIVILEGENONE_ERROR; 399 } 400 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$touid'"); 401 $num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'"); 402 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members='$num' WHERE plid='$plid'"); 403 return 1; 404 } 405 406 function quitchatpm($uid, $plids) { 407 if(!$uid || !$plids) { 408 return 0; 409 } 410 $list = array(); 411 $query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE m.plid IN (".$this->base->implode($plids).") AND m.uid='$uid'"); 412 while($threadpm = $this->db->fetch_array($query)) { 413 if($threadpm['pmtype'] != 2) { 414 return PMCHATTYPE_ERROR; 415 } 416 if($threadpm['authorid'] == $uid) { 417 return PMPRIVILEGENONE_ERROR; 418 } 419 $list[] = $threadpm['plid']; 420 } 421 422 if($list) { 423 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid IN (".$this->base->implode($list).") AND uid='$uid'"); 424 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members=members-1 WHERE plid IN (".$this->base->implode($list).")"); 425 } 426 427 return 1; 428 } 429 430 function deletepmbypmid($uid, $pmid) { 431 if(!$uid || !$pmid) { 432 return 0; 433 } 434 $index = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_indexes i LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON i.plid=t.plid WHERE i.pmid='$pmid'"); 435 if($index['pmtype'] != 1) { 436 return PMUIDTYPE_ERROR; 437 } 438 $users = explode('_', $index['min_max']); 439 if(!in_array($uid, $users)) { 440 return PMPRIVILEGENONE_ERROR; 441 } 442 if($index['authorid'] != $uid) { 443 $this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." SET delstatus=2 WHERE pmid='$pmid' AND delstatus=0"); 444 $updatenum = $this->db->affected_rows(); 445 $this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE pmid='$pmid' AND delstatus=1"); 446 $deletenum = $this->db->affected_rows(); 447 } else { 448 $this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." SET delstatus=1 WHERE pmid='$pmid' AND delstatus=0"); 449 $updatenum = $this->db->affected_rows(); 450 $this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE pmid='$pmid' AND delstatus=2"); 451 $deletenum = $this->db->affected_rows(); 452 } 453 454 if(!$this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE plid='$index[plid]'")) { 455 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$index[plid]'"); 456 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$index[plid]'"); 457 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='$index[plid]'"); 458 } else { 459 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET pmnum=pmnum-".($updatenum + $deletenum)." WHERE plid='".$index['plid']."' AND uid='$uid'"); 460 } 461 return 1; 462 } 463 464 function deletepmbypmids($uid, $pmids) { 465 if($pmids) { 466 foreach($pmids as $key => $pmid) { 467 $this->deletepmbypmid($uid, $pmid); 468 } 469 } 470 return 1; 471 } 472 473 474 function deletepmbyplid($uid, $plid, $isuser = 0) { 475 if(!$uid || !$plid) { 476 return 0; 477 } 478 479 if($isuser) { 480 $relationship = $this->relationship($uid, $plid); 481 $sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max='$relationship'"; 482 } else { 483 $sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'"; 484 } 485 486 $query = $this->db->query($sql); 487 if($list = $this->db->fetch_array($query)) { 488 if($list['pmtype'] == 1) { 489 $user = explode('_', $list['min_max']); 490 if(!in_array($uid, $user)) { 491 return PMPRIVILEGENONE_ERROR; 492 } 493 } else { 494 if($uid != $list['authorid']) { 495 return PMPRIVILEGENONE_ERROR; 496 } 497 } 498 } else { 499 return PMTHREADNONE_ERROR; 500 } 501 502 if($list['pmtype'] == 1) { 503 if($uid == $list['authorid']) { 504 $this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]' AND delstatus=2"); 505 $this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." SET delstatus=1 WHERE plid='$list[plid]' AND delstatus=0"); 506 } else { 507 $this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]' AND delstatus=1"); 508 $this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." SET delstatus=2 WHERE plid='$list[plid]' AND delstatus=0"); 509 } 510 $count = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]'"); 511 if(!$count) { 512 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$list[plid]'"); 513 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$list[plid]'"); 514 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='$list[plid]'"); 515 } else { 516 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$list[plid]' AND uid='$uid'"); 517 } 518 } else { 519 $this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]'"); 520 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$list[plid]'"); 521 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$list[plid]'"); 522 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='$list[plid]'"); 523 } 524 return 1; 525 } 526 527 function deletepmbyplids($uid, $plids, $isuser = 0) { 528 if($plids) { 529 foreach($plids as $key => $plid) { 530 $this->deletepmbyplid($uid, $plid, $isuser); 531 } 532 } 533 return 1; 534 } 535 536 537 function getprivatepmbyplid($uid, $plid, $starttime = 0, $endtime = 0, $start = 0, $ppp = 0) { 538 if(!$uid || !$plid) { 539 return 0; 540 } 541 if(!$this->isprivilege($plid, $uid)) { 542 return 0; 543 } 544 $thread = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'"); 545 if($thread['pmtype'] != 1) { 546 return 0; 547 } 548 $pms = $addsql = array(); 549 $addsql[] = "p.plid='$plid'"; 550 if($thread['authorid'] == $uid) { 551 $addsql[] = 'p.delstatus IN (0,2)'; 552 } else { 553 $addsql[] = 'p.delstatus IN (0,1)'; 554 } 555 if($starttime) { 556 $addsql[]= "p.dateline>'$starttime'"; 557 } 558 if($endtime) { 559 $addsql[] = "p.dateline<'$endtime'"; 560 } 561 if($addsql) { 562 $addsql = implode(' AND ', $addsql); 563 } else { 564 $addsql = ''; 565 } 566 if($ppp) { 567 $limitsql = 'LIMIT '.intval($start).', '.intval($ppp); 568 } else { 569 $limitsql = ''; 570 } 571 $pms = $this->db->fetch_all("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON p.plid=t.plid WHERE $addsql ORDER BY p.dateline DESC $limitsql"); 572 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0 WHERE plid='$plid' AND uid='$uid' AND isnew=1"); 573 return array_reverse($pms); 574 } 575 576 function getchatpmbyplid($uid, $plid, $starttime = 0, $endtime = 0, $start = 0, $ppp = 0) { 577 if(!$uid || !$plid) { 578 return 0; 579 } 580 if(!$this->isprivilege($plid, $uid)) { 581 return 0; 582 } 583 $pms = $addsql = array(); 584 $addsql[] = "p.plid='$plid'"; 585 if($starttime) { 586 $addsql[]= "p.dateline>'$starttime'"; 587 } 588 if($endtime) { 589 $addsql[] = "p.dateline<'$endtime'"; 590 } 591 if($addsql) { 592 $addsql = implode(' AND ', $addsql); 593 } else { 594 $addsql = ''; 595 } 596 if($ppp) { 597 $limitsql = 'LIMIT '.intval($start).', '.intval($ppp); 598 } else { 599 $limitsql = ''; 600 } 601 $query = $this->db->query("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON p.plid=t.plid WHERE $addsql ORDER BY p.dateline DESC $limitsql"); 602 while($pm = $this->db->fetch_array($query)) { 603 if($pm['pmtype'] != 2) { 604 return 0; 605 } 606 $pms[] = $pm; 607 } 608 $this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0 WHERE plid='$plid' AND uid='$uid' AND isnew=1"); 609 return array_reverse($pms); 610 } 611 612 function getpmlist($uid, $filter, $start, $ppp = 10) { 613 if(!$uid) { 614 return 0; 615 } 616 $members = $touidarr = $tousernamearr = array(); 617 618 if($filter == 'newpm') { 619 $addsql = 'm.isnew=1 AND '; 620 } else { 621 $addsql = ''; 622 } 623 $query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=m.plid WHERE $addsql m.uid='$uid' ORDER BY m.lastdateline DESC LIMIT $start, $ppp"); 624 while($member = $this->db->fetch_array($query)) { 625 if($member['pmtype'] == 1) { 626 $users = explode('_', $member['min_max']); 627 $member['touid'] = $users[0] == $uid ? $users[1] : $users[0]; 628 } else { 629 $member['touid'] = 0; 630 } 631 $touidarr[$member['touid']] = $member['touid']; 632 $members[] = $member; 633 } 634 635 $this->db->query("DELETE FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'"); 636 637 $array = array(); 638 if($members) { 639 $today = $this->base->time - $this->base->time % 86400; 640 $this->base->load('user'); 641 $tousernamearr = $_ENV['user']->id2name($touidarr); 642 foreach($members as $key => $data) { 643 644 $daterange = 5; 645 $data['founddateline'] = $data['dateline']; 646 $data['dateline'] = $data['lastdateline']; 647 $data['pmid'] = $data['plid']; 648 $lastmessage = unserialize($data['lastmessage']); 649 if($lastmessage['firstauthorid']) { 650 $data['firstauthorid'] = $lastmessage['firstauthorid']; 651 $data['firstauthor'] = $lastmessage['firstauthor']; 652 $data['firstsummary'] = $lastmessage['firstsummary']; 653 } 654 if($lastmessage['lastauthorid']) { 655 $data['lastauthorid'] = $lastmessage['lastauthorid']; 656 $data['lastauthor'] = $lastmessage['lastauthor']; 657 $data['lastsummary'] = $lastmessage['lastsummary']; 658 } 659 $data['msgfromid'] = $lastmessage['lastauthorid']; 660 $data['msgfrom'] = $lastmessage['lastauthor']; 661 $data['message'] = $lastmessage['lastsummary']; 662 663 $data['new'] = $data['isnew']; 664 665 $data['msgtoid'] = $data['touid']; 666 if($data['lastdateline'] >= $today) { 667 $daterange = 1; 668 } elseif($data['lastdateline'] >= $today - 86400) { 669 $daterange = 2; 670 } elseif($data['lastdateline'] >= $today - 172800) { 671 $daterange = 3; 672 } elseif($data['lastdateline'] >= $today - 604800) { 673 $daterange = 4; 674 } 675 $data['daterange'] = $daterange; 676 677 $data['tousername'] = $tousernamearr[$data['touid']]; 678 unset($data['min_max']); 679 $array[] = $data; 680 } 681 } 682 return $array; 683 } 684 685 function getplidbypmid($pmid) { 686 if(!$pmid) { 687 return false; 688 } 689 return $this->db->result_first("SELECT plid FROM ".UC_DBTABLEPRE."pm_indexes WHERE pmid='$pmid'"); 690 } 691 692 function getplidbytouid($uid, $touid) { 693 if(!$uid || !$touid) { 694 return 0; 695 } 696 return $this->db->result_first("SELECT plid FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max='".$this->relationship($uid, $touid)."'"); 697 } 698 699 function getuidbyplid($plid) { 700 if(!$plid) { 701 return array(); 702 } 703 $uidarr = array(); 704 $query = $this->db->query("SELECT uid FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'"); 705 while($uid = $this->db->fetch_array($query)) { 706 $uidarr[$uid['uid']] = $uid['uid']; 707 } 708 return $uidarr; 709 } 710 711 function chatpmmemberlist($uid, $plid) { 712 if(!$uid || !$plid) { 713 return 0; 714 } 715 $uidarr = $this->getuidbyplid($plid); 716 if(empty($uidarr)) { 717 return 0; 718 } 719 if(!isset($uidarr[$uid])) { 720 return 0; 721 } 722 $authorid = $this->db->result_first("SELECT authorid FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'"); 723 return array('author' => $authorid, 'member' => $uidarr); 724 } 725 726 function relationship($fromuid, $touid) { 727 if($fromuid < $touid) { 728 return $fromuid.'_'.$touid; 729 } elseif($fromuid > $touid) { 730 return $touid.'_'.$fromuid; 731 } else { 732 return ''; 733 } 734 } 735 736 function getposttablename($plid) { 737 $id = substr((string)$plid, -1, 1); 738 return 'pm_messages_'.intval($id); 739 } 740 741 function get_blackls($uid, $uids = array()) { 742 if(!$uids) { 743 $blackls = $this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"); 744 } else { 745 $uids = $this->base->implode($uids); 746 $blackls = array(); 747 $query = $this->db->query("SELECT uid, blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid IN ($uids)"); 748 while($data = $this->db->fetch_array($query)) { 749 $blackls[$data['uid']] = explode(',', $data['blacklist']); 750 } 751 } 752 return $blackls; 753 } 754 755 function set_blackls($uid, $blackls) { 756 $this->db->query("UPDATE ".UC_DBTABLEPRE."memberfields SET blacklist='$blackls' WHERE uid='$uid'"); 757 return $this->db->affected_rows(); 758 } 759 760 function update_blackls($uid, $username, $action = 1) { 761 $username = !is_array($username) ? array($username) : $username; 762 if($action == 1) { 763 if(!in_array('{ALL}', $username)) { 764 $usernames = $this->base->implode($username); 765 $query = $this->db->query("SELECT username FROM ".UC_DBTABLEPRE."members WHERE username IN ($usernames)"); 766 $usernames = array(); 767 while($data = $this->db->fetch_array($query)) { 768 $usernames[addslashes($data['username'])] = addslashes($data['username']); 769 } 770 if(!$usernames) { 771 return 0; 772 } 773 $blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'")); 774 if($blackls) { 775 $list = explode(',', $blackls); 776 foreach($list as $k => $v) { 777 if(in_array($v, $usernames)) { 778 unset($usernames[$v]); 779 } 780 } 781 } 782 if(!$usernames) { 783 return 1; 784 } 785 $listnew = implode(',', $usernames); 786 $blackls .= $blackls !== '' ? ','.$listnew : $listnew; 787 } else { 788 $blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'")); 789 $blackls .= ',{ALL}'; 790 } 791 } else { 792 $blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'")); 793 $list = $blackls = explode(',', $blackls); 794 foreach($list as $k => $v) { 795 if(in_array($v, $username)) { 796 unset($blackls[$k]); 797 } 798 } 799 $blackls = implode(',', $blackls); 800 } 801 $this->db->query("UPDATE ".UC_DBTABLEPRE."memberfields SET blacklist='$blackls' WHERE uid='$uid'"); 802 return 1; 803 } 804 805 function removecode($str, $length) { 806 static $uccode = null; 807 if($uccode === null) { 808 require_once UC_ROOT.'lib/uccode.class.php'; 809 $uccode = new uccode(); 810 } 811 $str = $uccode->complie($str); 812 return trim($this->base->cutstr(strip_tags($str), $length)); 813 } 814 815 function ispminterval($uid, $interval = 0) { 816 if(!$uid) { 817 return 0; 818 } 819 $interval = intval($interval); 820 if(!$interval) { 821 return 1; 822 } 823 $lastupdate = $this->db->result_first("SELECT lastupdate FROM ".UC_DBTABLEPRE."pm_members WHERE uid='$uid' ORDER BY lastupdate DESC LIMIT 1"); 824 if(($this->base->time - $lastupdate) > $interval) { 825 return 1; 826 } else { 827 return 0; 828 } 829 } 830 831 function isprivatepmthreadlimit($uid, $maxnum = 0) { 832 if(!$uid) { 833 return 0; 834 } 835 $maxnum = intval($maxnum); 836 if(!$maxnum) { 837 return 1; 838 } 839 $num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE uid='$uid' AND lastupdate>'".($this->base->time-86400)."' AND t.pmtype=1"); 840 if($maxnum - $num < 0) { 841 return 0; 842 } else { 843 return 1; 844 } 845 } 846 847 function ischatpmthreadlimit($uid, $maxnum = 0) { 848 if(!$uid) { 849 return 0; 850 } 851 $maxnum = intval($maxnum); 852 if(!$maxnum) { 853 return 1; 854 } 855 $num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_lists WHERE authorid='$uid' AND dateline>'".($this->base->time-86400)."'"); 856 if($maxnum - $num < 0) { 857 return 0; 858 } else { 859 return 1; 860 } 861 } 862} 863?>