DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
126 Commits
3 Branches
110MB
Tree: 1d4f01c069
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1d4f01c069'
${ noResults }
DedeV6/src/member/pm.php

221 lines
7.9KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 会员短消息

  4.  * 

  5.  * @version        $Id: pm.php 1 8:38 2010年7月9日Z tianya $

  6.  * @package        DedeCMS.Member

  7.  * @copyright      Copyright (c) 2007 - 2020, DesDev, Inc.

  8.  * @license        http://help.dedecms.com/usersguide/license.html

  9.  * @link           http://www.dedecms.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckRank(0,0);

  13. $menutype = 'mydede';

  14. $menutype_son = 'pm';

  15. $id = isset($id)? intval($id) : 0;

  16. if($cfg_mb_lit=='Y')

  17. {

  18.     ShowMsg('由于系统开启了精简版会员空间,你不能向其它会员发短信息,不过你可以向他留言!','-1');

  19.     exit();

  20. }

  21. 

  22. if(!isset($dopost))

  23. {

  24.     $dopost = '';

  25. }

  26. //检查用户是否被禁言

  27. CheckNotAllow();

  28. $state=(empty($state))? 0 : intval($state);

  29. /*--------------------

  30. function __send(){  }

  31. ----------------------*/

  32. if($dopost=='send')

  33. {

  34.     /** 好友记录 **/

  35.     $sql = "SELECT * FROM `#@__member_friends` WHERE  mid='{$cfg_ml->M_ID}' AND ftype!='-1'  ORDER BY addtime DESC LIMIT 20";

  36.     $friends = array();

  37.     $dsql->SetQuery($sql);

  38.     $dsql->Execute();

  39.     while ($row = $dsql->GetArray()) {

  40.         $friends[] = $row;

  41.     }

  42. 

  43.     include_once(dirname(__FILE__).'/templets/pm-send.htm');

  44.     exit();

  45. }

  46. /*-----------------------

  47. function __read(){  }

  48. ----------------------*/

  49. else if($dopost=='read')

  50. {

  51.     $sql = "SELECT * FROM `#@__member_friends` WHERE  mid='{$cfg_ml->M_ID}' AND ftype!='-1'  ORDER BY addtime DESC LIMIT 20";

  52.     $friends = array();

  53.     $dsql->SetQuery($sql);

  54.     $dsql->Execute();

  55.     while ($row = $dsql->GetArray()) {

  56.         $friends[] = $row;

  57.     }

  58.     $id = intval($id);

  59.     $row = $dsql->GetOne("SELECT * FROM `#@__member_pms` WHERE id='$id' AND (fromid='{$cfg_ml->M_ID}' OR toid='{$cfg_ml->M_ID}')");

  60.     if(!is_array($row))

  61.     {

  62.         ShowMsg('对不起,你指定的消息不存在或你没权限查看!','-1');

  63.         exit();

  64.     }

  65.     $dsql->ExecuteNoneQuery("UPDATE `#@__member_pms` SET hasview=1 WHERE id='$id' AND folder='inbox' AND toid='{$cfg_ml->M_ID}'");

  66.     $dsql->ExecuteNoneQuery("UPDATE `#@__member_pms` SET hasview=1 WHERE folder='outbox' AND toid='{$cfg_ml->M_ID}'");

  67.     include_once(dirname(__FILE__).'/templets/pm-read.htm');

  68.     exit();

  69. }

  70. /*-----------------------

  71. function __savesend(){  }

  72. ----------------------*/

  73. else if($dopost=='savesend')

  74. {

  75.     $svali = GetCkVdValue();

  76.     if(preg_match("/5/",$safe_gdopen)){

  77.         if(strtolower($vdcode)!=$svali || $svali=='')

  78.         {

  79.             ResetVdValue();

  80.             ShowMsg('验证码错误!', '-1');

  81.             exit();

  82.         }

  83.         

  84.     }

  85.     $faqkey = isset($faqkey) && is_numeric($faqkey) ? $faqkey : 0;

  86.     if($safe_faq_msg == 1)

  87.     {

  88.         if($safefaqs[$faqkey]['answer'] != $safeanswer || $safeanswer=='')

  89.         {

  90.             ShowMsg('验证问题答案错误', '-1');

  91.             exit();

  92.         }

  93.     }

  94.     if($subject=='')

  95.     {

  96.         ShowMsg("请填写信息标题!","-1");

  97.         exit();

  98.     }

  99.     $msg = CheckUserID($msgtoid,"用户名",false);

  100.     if($msg!='ok')

  101.     {

  102.         ShowMsg($msg,"-1");

  103.         exit();

  104.     }

  105.     $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE userid LIKE '$msgtoid' ");

  106.     if(!is_array($row))

  107.     {

  108.         ShowMsg("你指定的用户不存在,不能发送信息!","-1");

  109.         exit();

  110.     }

  111.     $subject = cn_substrR(HtmlReplace($subject,1),60);

  112.     $message = cn_substrR(HtmlReplace($message,0),1024);

  113.     $sendtime = $writetime = time();

  114. 

  115.     //发给收件人(收件人可管理)

  116.     $inquery1 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  117.       VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','inbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  118. 

  119.     //保留到自己的发件箱(自己可管理)

  120.     $inquery2 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  121.       VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','outbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  122.     $dsql->ExecuteNoneQuery($inquery1);

  123.     $dsql->ExecuteNoneQuery($inquery2);

  124.     ShowMsg("成功发送一条信息!","pm.php?dopost=outbox");

  125.     exit();

  126. }

  127. /*-----------------------

  128. function __del(){  }

  129. ----------------------*/

  130. else if($dopost=='del')

  131. {

  132.     $ids = preg_replace("#[^0-9,]#", "", $ids);

  133.     if($folder=='inbox')

  134.     {

  135.         $boxsql="SELECT * FROM `#@__member_pms` WHERE id IN($ids) AND folder LIKE 'inbox' AND toid='{$cfg_ml->M_ID}'";

  136.         $dsql->SetQuery($boxsql);

  137.         $dsql->Execute();

  138.         $query='';

  139.         while($row = $dsql->GetArray())

  140.         {

  141.             if($row && $row['isadmin']==1)

  142.             {

  143.                 $query = "Update `#@__member_pms` set writetime='0' WHERE id='{$row['id']}' AND folder='inbox' AND toid='{$cfg_ml->M_ID}' AND isadmin='1';";

  144.                 $dsql->ExecuteNoneQuery($query);

  145.             }

  146.             else

  147.             {

  148.                 $query = "DELETE FROM `#@__member_pms` WHERE id in($ids) AND toid='{$cfg_ml->M_ID}' AND folder LIKE 'inbox'";

  149.             }

  150.         }

  151.     }

  152.     else if($folder=='outbox')

  153.     {

  154.         $query = "Delete From `#@__member_pms` WHERE id in($ids) AND fromid='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' ";

  155.     }

  156.     else

  157.     {

  158.         $query = "Delete From `#@__member_pms` WHERE id in($ids) AND fromid='{$cfg_ml->M_ID}' Or toid='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' Or (folder LIKE 'inbox' AND hasview='0')";

  159.     }

  160.     $dsql->ExecuteNoneQuery($query);

  161.     ShowMsg("成功删除指定的消息!","pm.php?folder=".$folder);

  162.     exit();

  163. }

  164. /*-----------------------

  165. function __man(){  }

  166. ----------------------*/

  167. else

  168. {

  169.     if(!isset($folder))

  170.     {

  171.         $folder = 'inbox';

  172.     }

  173.     require_once(DEDEINC."/datalistcp.class.php");

  174.     $wsql = '';

  175.     if($folder=='outbox')

  176.     {

  177.         $wsql = " `fromid`='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' ";

  178.         $tname = "发件箱";

  179.     }

  180.     elseif($folder=='inbox')

  181.     {

  182.         $query = "SELECT * FROM `#@__member_pms` WHERE folder LIKE 'outbox' AND isadmin='1'";

  183.         $dsql->SetQuery($query);

  184.         $dsql->Execute();

  185.         while($row = $dsql->GetArray())

  186.         {

  187.             $row2 = $dsql->GetOne("SELECT * FROM `#@__member_pms` WHERE fromid = '$row[id]' AND toid='{$cfg_ml->M_ID}'");

  188.             if(!is_array($row2))

  189.             {

  190.                 $row3= "INSERT INTO

  191.                 `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  192.                 VALUES ('admin','{$row['id']}','{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','inbox','{$row['subject']}','{$row['sendtime']}','{$row['writetime']}','{$row['hasview']}','{$row['isadmin']}','{$row['message']}')";

  193.                 $dsql->ExecuteNoneQuery($row3);

  194.             }

  195.         }

  196.         if($state===1){

  197.             $wsql= " toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=1";

  198.             $tname = "收件箱";

  199.         } else if ($state===-1)

  200.         {

  201.             $wsql = "toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=0";

  202.             $tname = "收件箱";

  203.         } else {

  204.             $wsql = " toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!=''";

  205.             $tname = "收件箱";

  206.         }

  207.     }

  208.     else

  209.     {

  210.         $wsql = " `fromid` ='{$cfg_ml->M_ID}' AND folder LIKE 'outbox'";

  211.         $tname = "已发信息";

  212.     }

  213. 

  214.     $query = "SELECT * FROM `#@__member_pms` WHERE $wsql ORDER BY sendtime DESC";

  215.     $dlist = new DataListCP();

  216.     $dlist->pageSize = 20;

  217.     $dlist->SetParameter("dopost",$dopost);

  218.     $dlist->SetTemplate(DEDEMEMBER.'/templets/pm-main.htm');

  219.     $dlist->SetSource($query);

  220.     $dlist->Display();

  221. }