001./**
002. * 判断提交是否正确
003. * @param string 提交的按钮名
004. * @return bool
005. */
006.function submitcheck($var) {
007. //如果存在$var的值并且提交方法为post
008. if(!empty($_POST[$var]) && $_SERVER['REQUEST_METHOD'] == 'POST') {
009. if((empty($_SERVER['HTTP_REFERER']) || preg_replace("/https?:\/\/([^\:\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\:]+).*/", "\\1", $_SERVER['HTTP_HOST'])) && $_POST['formhash'] == formhash()) {
010. return true;
011. } else {
012. showmessage('submit_invalid');
013. }
014. } else {
015. return false;
016. }
017.}
018.
019./**
020. * 添加数据
021. * @global array $_SGLOBAL
022. * @param string $tablename 表名
023. * @param array $insertsqlarr 要插入的数组
024. * @param int $returnid
025. * @param bool $replace
026. * @param int $silent
027. * @return string
028. */
029.function inserttable($tablename, $insertsqlarr, $returnid=0, $replace = false, $silent=0) {
030. global $_SGLOBAL;
031.
032. $insertkeysql = $insertvaluesql = $comma = '';
033. foreach ($insertsqlarr as $insert_key => $insert_value) {
034. $insertkeysql .= $comma.'`'.$insert_key.'`'; //插入的键值
035. $insertvaluesql .= $comma.'\''.$insert_value.'\''; //插入的值
036. $comma = ', ';
037. }
038. $method = $replace?'REPLACE':'INSERT';
039. $_SGLOBAL['db']->query($method.' INTO '.tname($tablename).' ('.$insertkeysql.') VALUES ('.$insertvaluesql.')', $silent?'SILENT':'');
040. if($returnid && !$replace) { //如果$returnid为真,则返回插入的uid.
041. return $_SGLOBAL['db']->insert_id();
042. }
043.}
044.
045./**
046. * 编辑信息
047. * @global array $_SGLOBAL
048. * @param string $tablename 更新的表名
049. * @param array $setsqlarr 更新的字段
050. * @param array $wheresqlarr where
051. * @param int $silent
052. */
053.function updatetable($tablename, $setsqlarr, $wheresqlarr, $silent=0) {
054. global $_SGLOBAL;
055.
056. $setsql = $comma = '';
057. foreach ($setsqlarr as $set_key => $set_value) {
058. if(is_array($set_value)) {
059. $setsql .= $comma.'`'.$set_key.'`'.'='.$set_value[0];
060. } else {
061. $setsql .= $comma.'`'.$set_key.'`'.'=\''.$set_value.'\'';
062. }
063. $comma = ', ';
064. }
065. $where = $comma = '';
066. if(empty($wheresqlarr)) {
067. $where = '1';
068. } elseif(is_array($wheresqlarr)) {
069. foreach ($wheresqlarr as $key => $value) {
070. $where .= $comma.'`'.$key.'`'.'=\''.$value.'\'';
071. $comma = ' AND ';
072. }
073. } else {
074. $where = $wheresqlarr;
075. }
076. $_SGLOBAL['db']->query('UPDATE '.tname($tablename).' SET '.$setsql.' WHERE '.$where, $silent?'SILENT':'');
077.}
078.
079./**
080. * 获取用户空间信息
081. * @global array $_SGLOBAL
082. * @global array $_SCONFIG
083. * @global array $_SN
084. * @param int or string $key uid或是用户名
085. * @param string $indextype 通过uid还是用户名开通用户名
086. * @param int $auto_open 是否自动创建空间
087. * @return array
088. */
089.function getspace($key, $indextype='uid', $auto_open=0) {
090. global $_SGLOBAL, $_SCONFIG, $_SN;
091.
092. $var = "space_{$key}_{$indextype}";
093. if(empty($_SGLOBAL[$var])) {
094. $space = array();
095. $query = $_SGLOBAL['db']->query("SELECT sf.*, s.* FROM ".tname('space')." s LEFT JOIN ".tname('spacefield')." sf ON sf.uid=s.uid WHERE s.{$indextype}='$key'");
096. if(!$space = $_SGLOBAL['db']->fetch_array($query)) { //如果数据库中不存在传入uid的空间信息
097. $space = array();
098. if($indextype=='uid' && $auto_open) { //如果传入的是uid,并开启自动开通空间功能
099. //自动开通空间
100. include_once(S_ROOT.'./uc_client/client.php');
101. if($user = uc_get_user($key, 1)) {//获取用户的信息
102. include_once(S_ROOT.'./source/function_space.php');
103. $space = space_open($user[0], addslashes($user[1]), 0, addslashes($user[2]));//开通空间
104. }
105. }
106. }
107. if($space) { //如果存在空间
108. $_SN[$space['uid']] = ($_SCONFIG['realname'] && $space['name'] && $space['namestatus'])?$space['name']:$space['username']; //获取实名或是用户名
109. $space['self'] = ($space['uid']==$_SGLOBAL['supe_uid'])?1:0; //是否是自己的空间
110.
111. //好友缓存
112. $space['friends'] = array();
113. if(empty($space['friend'])) { //如果好友为空
114. if($space['friendnum']>0) {//如果好友数大于0
115. $fstr = $fmod = '';
116. //则在好友表中查找uid的好友
117. $query = $_SGLOBAL['db']->query("SELECT fuid FROM ".tname('friend')." WHERE uid='$space[uid]' AND status='1'");
118. while ($value = $_SGLOBAL['db']->fetch_array($query)) {
119. $space['friends'][] = $value['fuid'];
120. $fstr .= $fmod.$value['fuid'];
121. $fmod = ',';
122. }
123. $space['friend'] = $fstr;
124. }
125. } else {
126. $space['friends'] = explode(',', $space['friend']);
127. }
128.
129. $space['username'] = addslashes($space['username']);
130. $space['name'] = addslashes($space['name']);
131. $space['privacy'] = empty($space['privacy'])?(empty($_SCONFIG['privacy'])?array():$_SCONFIG['privacy']):unserialize($space['privacy']);
132.
133. //通知数
134. $space['allnotenum'] = 0;
135. foreach (array('notenum','pokenum','addfriendnum','mtaginvitenum','eventinvitenum','myinvitenum') as $value) {
136. $space['allnotenum'] = $space['allnotenum'] + $space[$value];
137. }
138. if($space['self']) {
139. $_SGLOBAL['member'] = $space;
140. }
141. }
142. $_SGLOBAL[$var] = $space;
143. }
144. return $_SGLOBAL[$var];
145.}
146.
147./**
148. * 通过用户名或真实姓名获取用户的uid
149. * @param string $name
150. * @return int
151. */
152.function getuid($name) {
153. global $_SGLOBAL, $_SCONFIG;
154.
155. $wherearr[] = "(username='$name')";
156. if($_SCONFIG['realname']) {//如果设置为实名,则能过实名来获取uid或通过用户名
157. $wherearr[] = "(name='$name' AND namestatus = 1)";
158. }
159. $uid = 0;
160. $query = $_SGLOBAL['db']->query("SELECT uid,username,name,namestatus FROM ".tname('space')." WHERE ".implode(' OR ', $wherearr)." LIMIT 1");
161. if($space = $_SGLOBAL['db']->fetch_array($query)) {
162. $uid = $space['uid'];
163. }
164. return $uid;
165.}
166.
167./**
168. * 获取当前用户信息
169. */
170.function getmember() {
171. global $_SGLOBAL, $space;
172.
173. if(empty($_SGLOBAL['member']) && $_SGLOBAL['supe_uid']) {
174. if($space['uid'] == $_SGLOBAL['supe_uid']) {
175. $_SGLOBAL['member'] = $space;
176. } else {
177. $_SGLOBAL['member'] = getspace($_SGLOBAL['supe_uid']);
178. }
179. }
180.}
浙公网安备 33010602011771号
