DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12 Commits
3 Branches
3.8GB
Tree: 271239454f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '271239454f'
${ noResults }
DedeV6/src/member/pm.php

227 lines
8.0KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 会员短消息

  4.  * 

  5.  * @version        $Id: pm.php 1 8:38 2010年7月9日Z tianya $

  6.  * @package        DedeCMS.Member

  7.  * @copyright      Copyright (c) 2007 - 2019, DesDev, Inc.

  8.  * @license        http://help.dedecms.com/usersguide/license.html

  9.  * @link           http://www.dedecms.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckRank(0,0);

  13. $menutype = 'mydede';

  14. $menutype_son = 'pm';

  15. $id = isset($id)? intval($id) : 0;

  16. if($cfg_mb_lit=='Y')

  17. {

  18.     ShowMsg('由于系统开启了精简版会员空间,你不能向其它会员发短信息,不过你可以向他留言!','-1');

  19.     exit();

  20. }

  21. 

  22. #api{{

  23. if(defined('UC_API') && @include_once DEDEROOT.'/uc_client/client.php')

  24. {

  25.     if($data = uc_get_user($cfg_ml->M_LoginID)) uc_pm_location($data[0]);

  26. }

  27. #/aip}}

  28. 

  29. if(!isset($dopost))

  30. {

  31.     $dopost = '';

  32. }

  33. //检查用户是否被禁言

  34. CheckNotAllow();

  35. $state=(empty($state))? "" : $state;

  36. /*--------------------

  37. function __send(){  }

  38. ----------------------*/

  39. if($dopost=='send')

  40. {

  41.     /** 好友记录 **/

  42.     $sql = "SELECT * FROM `#@__member_friends` WHERE  mid='{$cfg_ml->M_ID}' AND ftype!='-1'  ORDER BY addtime DESC LIMIT 20";

  43.     $friends = array();

  44.     $dsql->SetQuery($sql);

  45.     $dsql->Execute();

  46.     while ($row = $dsql->GetArray()) {

  47.         $friends[] = $row;

  48.     }

  49. 

  50.     include_once(dirname(__FILE__).'/templets/pm-send.htm');

  51.     exit();

  52. }

  53. /*-----------------------

  54. function __read(){  }

  55. ----------------------*/

  56. else if($dopost=='read')

  57. {

  58.     $sql = "SELECT * FROM `#@__member_friends` WHERE  mid='{$cfg_ml->M_ID}' AND ftype!='-1'  ORDER BY addtime DESC LIMIT 20";

  59.     $friends = array();

  60.     $dsql->SetQuery($sql);

  61.     $dsql->Execute();

  62.     while ($row = $dsql->GetArray()) {

  63.         $friends[] = $row;

  64.     }

  65.     $id = intval($id);

  66.     $row = $dsql->GetOne("SELECT * FROM `#@__member_pms` WHERE id='$id' AND (fromid='{$cfg_ml->M_ID}' OR toid='{$cfg_ml->M_ID}')");

  67.     if(!is_array($row))

  68.     {

  69.         ShowMsg('对不起,你指定的消息不存在或你没权限查看!','-1');

  70.         exit();

  71.     }

  72.     $dsql->ExecuteNoneQuery("UPDATE `#@__member_pms` SET hasview=1 WHERE id='$id' AND folder='inbox' AND toid='{$cfg_ml->M_ID}'");

  73.     $dsql->ExecuteNoneQuery("UPDATE `#@__member_pms` SET hasview=1 WHERE folder='outbox' AND toid='{$cfg_ml->M_ID}'");

  74.     include_once(dirname(__FILE__).'/templets/pm-read.htm');

  75.     exit();

  76. }

  77. /*-----------------------

  78. function __savesend(){  }

  79. ----------------------*/

  80. else if($dopost=='savesend')

  81. {

  82.     $svali = GetCkVdValue();

  83.     if(preg_match("/5/",$safe_gdopen)){

  84.         if(strtolower($vdcode)!=$svali || $svali=='')

  85.         {

  86.             ResetVdValue();

  87.             ShowMsg('验证码错误!', '-1');

  88.             exit();

  89.         }

  90.         

  91.     }

  92.     $faqkey = isset($faqkey) && is_numeric($faqkey) ? $faqkey : 0;

  93.     if($safe_faq_msg == 1)

  94.     {

  95.         if($safefaqs[$faqkey]['answer'] != $safeanswer || $safeanswer=='')

  96.         {

  97.             ShowMsg('验证问题答案错误', '-1');

  98.             exit();

  99.         }

  100.     }

  101.     if($subject=='')

  102.     {

  103.         ShowMsg("请填写信息标题!","-1");

  104.         exit();

  105.     }

  106.     $msg = CheckUserID($msgtoid,"用户名",false);

  107.     if($msg!='ok')

  108.     {

  109.         ShowMsg($msg,"-1");

  110.         exit();

  111.     }

  112.     $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE userid LIKE '$msgtoid' ");

  113.     if(!is_array($row))

  114.     {

  115.         ShowMsg("你指定的用户不存在,不能发送信息!","-1");

  116.         exit();

  117.     }

  118.     $subject = cn_substrR(HtmlReplace($subject,1),60);

  119.     $message = cn_substrR(HtmlReplace($message,0),1024);

  120.     $sendtime = $writetime = time();

  121. 

  122.     //发给收件人(收件人可管理)

  123.     $inquery1 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  124.       VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','inbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  125. 

  126.     //保留到自己的发件箱(自己可管理)

  127.     $inquery2 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  128.       VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','outbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  129.     $dsql->ExecuteNoneQuery($inquery1);

  130.     $dsql->ExecuteNoneQuery($inquery2);

  131.     ShowMsg("成功发送一条信息!","pm.php?dopost=outbox");

  132.     exit();

  133. }

  134. /*-----------------------

  135. function __del(){  }

  136. ----------------------*/

  137. else if($dopost=='del')

  138. {

  139.     $ids = preg_replace("#[^0-9,]#", "", $ids);

  140.     if($folder=='inbox')

  141.     {

  142.         $boxsql="SELECT * FROM `#@__member_pms` WHERE id IN($ids) AND folder LIKE 'inbox' AND toid='{$cfg_ml->M_ID}'";

  143.         $dsql->SetQuery($boxsql);

  144.         $dsql->Execute();

  145.         $query='';

  146.         while($row = $dsql->GetArray())

  147.         {

  148.             if($row && $row['isadmin']==1)

  149.             {

  150.                 $query = "Update `#@__member_pms` set writetime='0' WHERE id='{$row['id']}' AND folder='inbox' AND toid='{$cfg_ml->M_ID}' AND isadmin='1';";

  151.                 $dsql->ExecuteNoneQuery($query);

  152.             }

  153.             else

  154.             {

  155.                 $query = "DELETE FROM `#@__member_pms` WHERE id in($ids) AND toid='{$cfg_ml->M_ID}' AND folder LIKE 'inbox'";

  156.             }

  157.         }

  158.     }

  159.     else if($folder=='outbox')

  160.     {

  161.         $query = "Delete From `#@__member_pms` WHERE id in($ids) AND fromid='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' ";

  162.     }

  163.     else

  164.     {

  165.         $query = "Delete From `#@__member_pms` WHERE id in($ids) AND fromid='{$cfg_ml->M_ID}' Or toid='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' Or (folder LIKE 'inbox' AND hasview='0')";

  166.     }

  167.     $dsql->ExecuteNoneQuery($query);

  168.     ShowMsg("成功删除指定的消息!","pm.php?folder=".$folder);

  169.     exit();

  170. }

  171. /*-----------------------

  172. function __man(){  }

  173. ----------------------*/

  174. else

  175. {

  176.     if(!isset($folder))

  177.     {

  178.         $folder = 'inbox';

  179.     }

  180.     require_once(DEDEINC."/datalistcp.class.php");

  181.     $wsql = '';

  182.     if($folder=='outbox')

  183.     {

  184.         $wsql = " `fromid`='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' ";

  185.         $tname = "发件箱";

  186.     }

  187.     elseif($folder=='inbox')

  188.     {

  189.         $query = "SELECT * FROM `#@__member_pms` WHERE folder LIKE 'outbox' AND isadmin='1'";

  190.         $dsql->SetQuery($query);

  191.         $dsql->Execute();

  192.         while($row = $dsql->GetArray())

  193.         {

  194.             $row2 = $dsql->GetOne("SELECT * FROM `#@__member_pms` WHERE fromid = '$row[id]' AND toid='{$cfg_ml->M_ID}'");

  195.             if(!is_array($row2))

  196.             {

  197.                 $row3= "INSERT INTO

  198.                 `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  199.                 VALUES ('admin','{$row['id']}','{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','inbox','{$row['subject']}','{$row['sendtime']}','{$row['writetime']}','{$row['hasview']}','{$row['isadmin']}','{$row['message']}')";

  200.                 $dsql->ExecuteNoneQuery($row3);

  201.             }

  202.         }

  203.         if($state=="1"){

  204.             $wsql= " toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=1";

  205.             $tname = "收件箱";

  206.         } else if ($state=="-1")

  207.         {

  208.             $wsql = "toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=0";

  209.             $tname = "收件箱";

  210.         } else {

  211.             $wsql = " toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!=''";

  212.             $tname = "收件箱";

  213.         }

  214.     }

  215.     else

  216.     {

  217.         $wsql = " `fromid` ='{$cfg_ml->M_ID}' AND folder LIKE 'outbox'";

  218.         $tname = "已发信息";

  219.     }

  220.     $query = "SELECT * FROM `#@__member_pms` WHERE $wsql ORDER BY sendtime DESC";

  221.     $dlist = new DataListCP();

  222.     $dlist->pageSize = 20;

  223.     $dlist->SetParameter("dopost",$dopost);

  224.     $dlist->SetTemplate(DEDEMEMBER.'/templets/pm-main.htm');

  225.     $dlist->SetSource($query);

  226.     $dlist->Display();

  227. }