DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
144 Commits
3 Branches
110MB
Tree: 20ee31ed0f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '20ee31ed0f'
${ noResults }
DedeV6/src/member/pm.php

216 lines
7.7KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 会员短消息

  4.  * 

  5.  * @version        $Id: pm.php 1 8:38 2010年7月9日Z tianya $

  6.  * @package        DedeCMS.Member

  7.  * @copyright      Copyright (c) 2007 - 2020, DesDev, Inc.

  8.  * @license        http://help.dedecms.com/usersguide/license.html

  9.  * @link           http://www.dedecms.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckRank(0,0);

  13. $menutype = 'mydede';

  14. $menutype_son = 'pm';

  15. $id = isset($id)? intval($id) : 0;

  16. if($cfg_mb_lit=='Y')

  17. {

  18.     ShowMsg('由于系统开启了精简版会员空间,你不能向其它会员发短信息,不过你可以向他留言!','-1');

  19.     exit();

  20. }

  21. 

  22. if(!isset($dopost))

  23. {

  24.     $dopost = '';

  25. }

  26. //检查用户是否被禁言

  27. CheckNotAllow();

  28. $state=(empty($state))? 0 : intval($state);

  29. 

  30. if($dopost=='read')

  31. {

  32.     $sql = "SELECT * FROM `#@__member_friends` WHERE  mid='{$cfg_ml->M_ID}' AND ftype!='-1' ORDER BY addtime DESC LIMIT 20";

  33.     $friends = array();

  34.     $dsql->SetQuery($sql);

  35.     $dsql->Execute();

  36.     while ($row = $dsql->GetArray()) {

  37.         $friends[] = $row;

  38.     }

  39.     $id = intval($id);

  40.     $row = $dsql->GetOne("SELECT * FROM `#@__member_pms` WHERE id='$id' AND (fromid='{$cfg_ml->M_ID}' OR toid='{$cfg_ml->M_ID}')");

  41.     if(!is_array($row))

  42.     {

  43.         $result = array(

  44.             "code" => -1,

  45.             "data" => null,

  46.             "msg" => "对不起,你指定的消息不存在或你没权限查看",

  47.         );

  48.         echo json_encode($result);

  49.         exit();

  50.     }

  51.     $dsql->ExecuteNoneQuery("UPDATE `#@__member_pms` SET hasview=1 WHERE id='$id' AND folder='inbox' AND toid='{$cfg_ml->M_ID}'");

  52.     $dsql->ExecuteNoneQuery("UPDATE `#@__member_pms` SET hasview=1 WHERE folder='outbox' AND toid='{$cfg_ml->M_ID}'");

  53.     $result = array(

  54.         "code" => 200,

  55.         "data" => array(

  56.             "subject" => $row['subject'],

  57.             "message" => $row['message'],

  58.             "sendtime" => MyDate("Y-m-d H:i", $row['sendtime']),

  59.         ),

  60.         "msg" => "",

  61.     );

  62.     echo json_encode($result);

  63.     exit();

  64. }

  65. /*-----------------------

  66. function __savesend(){  }

  67. ----------------------*/

  68. else if($dopost=='savesend')

  69. {

  70.     $svali = GetCkVdValue();

  71.     if(preg_match("/5/",$safe_gdopen)){

  72.         if(strtolower($vdcode)!=$svali || $svali=='')

  73.         {

  74.             ResetVdValue();

  75.             ShowMsg('验证码错误!', '-1');

  76.             exit();

  77.         }

  78.         

  79.     }

  80.     $faqkey = isset($faqkey) && is_numeric($faqkey) ? $faqkey : 0;

  81.     if($safe_faq_msg == 1)

  82.     {

  83.         if($safefaqs[$faqkey]['answer'] != $safeanswer || $safeanswer=='')

  84.         {

  85.             ShowMsg('验证问题答案错误', '-1');

  86.             exit();

  87.         }

  88.     }

  89.     if($subject=='')

  90.     {

  91.         ShowMsg("请填写信息标题!","-1");

  92.         exit();

  93.     }

  94.     $msg = CheckUserID($msgtoid,"用户名",false);

  95.     if($msg!='ok')

  96.     {

  97.         ShowMsg($msg,"-1");

  98.         exit();

  99.     }

  100.     $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE userid LIKE '$msgtoid' ");

  101.     if(!is_array($row))

  102.     {

  103.         ShowMsg("你指定的用户不存在,不能发送信息!","-1");

  104.         exit();

  105.     }

  106.     $subject = cn_substrR(HtmlReplace($subject,1),60);

  107.     $message = cn_substrR(HtmlReplace($message,0),1024);

  108.     $sendtime = $writetime = time();

  109. 

  110.     //发给收件人(收件人可管理)

  111.     $inquery1 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  112.       VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','inbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  113. 

  114.     //保留到自己的发件箱(自己可管理)

  115.     $inquery2 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  116.       VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','outbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  117.     $dsql->ExecuteNoneQuery($inquery1);

  118.     $dsql->ExecuteNoneQuery($inquery2);

  119.     ShowMsg("成功发送一条信息!","pm.php?dopost=outbox");

  120.     exit();

  121. }

  122. /*-----------------------

  123. function __del(){  }

  124. ----------------------*/

  125. else if($dopost=='del')

  126. {

  127.     $ids = preg_replace("#[^0-9,]#", "", $ids);

  128.     if($folder=='inbox')

  129.     {

  130.         $boxsql="SELECT * FROM `#@__member_pms` WHERE id IN($ids) AND folder LIKE 'inbox' AND toid='{$cfg_ml->M_ID}'";

  131.         $dsql->SetQuery($boxsql);

  132.         $dsql->Execute();

  133.         $query='';

  134.         while($row = $dsql->GetArray())

  135.         {

  136.             if($row && $row['isadmin']==1)

  137.             {

  138.                 $query = "Update `#@__member_pms` set writetime='0' WHERE id='{$row['id']}' AND folder='inbox' AND toid='{$cfg_ml->M_ID}' AND isadmin='1';";

  139.                 $dsql->ExecuteNoneQuery($query);

  140.             }

  141.             else

  142.             {

  143.                 $query = "DELETE FROM `#@__member_pms` WHERE id in($ids) AND toid='{$cfg_ml->M_ID}' AND folder LIKE 'inbox'";

  144.             }

  145.         }

  146.     }

  147.     else if($folder=='outbox')

  148.     {

  149.         $query = "Delete From `#@__member_pms` WHERE id in($ids) AND fromid='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' ";

  150.     }

  151.     else

  152.     {

  153.         $query = "Delete From `#@__member_pms` WHERE id in($ids) AND fromid='{$cfg_ml->M_ID}' Or toid='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' Or (folder LIKE 'inbox' AND hasview='0')";

  154.     }

  155.     $dsql->ExecuteNoneQuery($query);

  156.     ShowMsg("成功删除指定的消息!","pm.php?folder=".$folder);

  157.     exit();

  158. }

  159. /*-----------------------

  160. function __man(){  }

  161. ----------------------*/

  162. else

  163. {

  164.     if(!isset($folder))

  165.     {

  166.         $folder = 'inbox';

  167.     }

  168.     require_once(DEDEINC."/datalistcp.class.php");

  169.     $wsql = '';

  170.     if($folder=='outbox')

  171.     {

  172.         $wsql = " `fromid`='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' ";

  173.         $tname = "发件箱";

  174.     }

  175.     elseif($folder=='inbox')

  176.     {

  177.         $query = "SELECT * FROM `#@__member_pms` WHERE folder LIKE 'outbox' AND isadmin='1'";

  178.         $dsql->SetQuery($query);

  179.         $dsql->Execute();

  180.         while($row = $dsql->GetArray())

  181.         {

  182.             $row2 = $dsql->GetOne("SELECT * FROM `#@__member_pms` WHERE fromid = '$row[id]' AND toid='{$cfg_ml->M_ID}'");

  183.             if(!is_array($row2))

  184.             {

  185.                 $row3= "INSERT INTO

  186.                 `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  187.                 VALUES ('admin','{$row['id']}','{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','inbox','{$row['subject']}','{$row['sendtime']}','{$row['writetime']}','{$row['hasview']}','{$row['isadmin']}','{$row['message']}')";

  188.                 $dsql->ExecuteNoneQuery($row3);

  189.             }

  190.         }

  191.         if($state===1){

  192.             $wsql= " toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=1";

  193.             $tname = "收件箱";

  194.         } else if ($state===-1)

  195.         {

  196.             $wsql = "toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=0";

  197.             $tname = "收件箱";

  198.         } else {

  199.             $wsql = " toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!=''";

  200.             $tname = "收件箱";

  201.         }

  202.     }

  203.     else

  204.     {

  205.         $wsql = " `fromid` ='{$cfg_ml->M_ID}' AND folder LIKE 'outbox'";

  206.         $tname = "已发信息";

  207.     }

  208. 

  209.     $query = "SELECT * FROM `#@__member_pms` WHERE $wsql ORDER BY sendtime DESC";

  210.     $dlist = new DataListCP();

  211.     $dlist->pageSize = 20;

  212.     $dlist->SetParameter("dopost",$dopost);

  213.     $dlist->SetTemplate(DEDEMEMBER.'/templets/pm-main.htm');

  214.     $dlist->SetSource($query);

  215.     $dlist->Display();

  216. }