DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
150 Commits
3 Branches
110MB
Tree: d911e48805
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd911e48805'
${ noResults }
DedeV6/src/member/pm.php

217 lines
7.7KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 会员短消息

  4.  * 

  5.  * @version        $Id: pm.php 1 8:38 2010年7月9日Z tianya $

  6.  * @package        DedeCMS.Member

  7.  * @copyright      Copyright (c) 2007 - 2020, DesDev, Inc.

  8.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  9.  * @license        http://help.dedecms.com/usersguide/license.html

  10.  * @link           http://www.dedecms.com

  11.  */

  12. require_once(dirname(__FILE__)."/config.php");

  13. CheckRank(0,0);

  14. $menutype = 'mydede';

  15. $menutype_son = 'pm';

  16. $id = isset($id)? intval($id) : 0;

  17. if($cfg_mb_lit=='Y')

  18. {

  19.     ShowMsg('由于系统开启了精简版会员空间,你不能向其它会员发短信息,不过你可以向他留言!','-1');

  20.     exit();

  21. }

  22. 

  23. if(!isset($dopost))

  24. {

  25.     $dopost = '';

  26. }

  27. //检查用户是否被禁言

  28. CheckNotAllow();

  29. $state=(empty($state))? 0 : intval($state);

  30. 

  31. if($dopost=='read')

  32. {

  33.     $sql = "SELECT * FROM `#@__member_friends` WHERE  mid='{$cfg_ml->M_ID}' AND ftype!='-1' ORDER BY addtime DESC LIMIT 20";

  34.     $friends = array();

  35.     $dsql->SetQuery($sql);

  36.     $dsql->Execute();

  37.     while ($row = $dsql->GetArray()) {

  38.         $friends[] = $row;

  39.     }

  40.     $id = intval($id);

  41.     $row = $dsql->GetOne("SELECT * FROM `#@__member_pms` WHERE id='$id' AND (fromid='{$cfg_ml->M_ID}' OR toid='{$cfg_ml->M_ID}')");

  42.     if(!is_array($row))

  43.     {

  44.         $result = array(

  45.             "code" => -1,

  46.             "data" => null,

  47.             "msg" => "对不起,你指定的消息不存在或你没权限查看",

  48.         );

  49.         echo json_encode($result);

  50.         exit();

  51.     }

  52.     $dsql->ExecuteNoneQuery("UPDATE `#@__member_pms` SET hasview=1 WHERE id='$id' AND folder='inbox' AND toid='{$cfg_ml->M_ID}'");

  53.     $dsql->ExecuteNoneQuery("UPDATE `#@__member_pms` SET hasview=1 WHERE folder='outbox' AND toid='{$cfg_ml->M_ID}'");

  54.     $result = array(

  55.         "code" => 200,

  56.         "data" => array(

  57.             "subject" => $row['subject'],

  58.             "message" => $row['message'],

  59.             "sendtime" => MyDate("Y-m-d H:i", $row['sendtime']),

  60.         ),

  61.         "msg" => "",

  62.     );

  63.     echo json_encode($result);

  64.     exit();

  65. }

  66. /*-----------------------

  67. function __savesend(){  }

  68. ----------------------*/

  69. else if($dopost=='savesend')

  70. {

  71.     $svali = GetCkVdValue();

  72.     if(preg_match("/5/",$safe_gdopen)){

  73.         if(strtolower($vdcode)!=$svali || $svali=='')

  74.         {

  75.             ResetVdValue();

  76.             ShowMsg('验证码错误!', '-1');

  77.             exit();

  78.         }

  79.         

  80.     }

  81.     $faqkey = isset($faqkey) && is_numeric($faqkey) ? $faqkey : 0;

  82.     if($safe_faq_msg == 1)

  83.     {

  84.         if($safefaqs[$faqkey]['answer'] != $safeanswer || $safeanswer=='')

  85.         {

  86.             ShowMsg('验证问题答案错误', '-1');

  87.             exit();

  88.         }

  89.     }

  90.     if($subject=='')

  91.     {

  92.         ShowMsg("请填写信息标题!","-1");

  93.         exit();

  94.     }

  95.     $msg = CheckUserID($msgtoid,"用户名",false);

  96.     if($msg!='ok')

  97.     {

  98.         ShowMsg($msg,"-1");

  99.         exit();

  100.     }

  101.     $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE userid LIKE '$msgtoid' ");

  102.     if(!is_array($row))

  103.     {

  104.         ShowMsg("你指定的用户不存在,不能发送信息!","-1");

  105.         exit();

  106.     }

  107.     $subject = cn_substrR(HtmlReplace($subject,1),60);

  108.     $message = cn_substrR(HtmlReplace($message,0),1024);

  109.     $sendtime = $writetime = time();

  110. 

  111.     //发给收件人(收件人可管理)

  112.     $inquery1 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  113.       VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','inbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  114. 

  115.     //保留到自己的发件箱(自己可管理)

  116.     $inquery2 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  117.       VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','outbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  118.     $dsql->ExecuteNoneQuery($inquery1);

  119.     $dsql->ExecuteNoneQuery($inquery2);

  120.     ShowMsg("成功发送一条信息!","pm.php?dopost=outbox");

  121.     exit();

  122. }

  123. /*-----------------------

  124. function __del(){  }

  125. ----------------------*/

  126. else if($dopost=='del')

  127. {

  128.     $ids = preg_replace("#[^0-9,]#", "", $ids);

  129.     if($folder=='inbox')

  130.     {

  131.         $boxsql="SELECT * FROM `#@__member_pms` WHERE id IN($ids) AND folder LIKE 'inbox' AND toid='{$cfg_ml->M_ID}'";

  132.         $dsql->SetQuery($boxsql);

  133.         $dsql->Execute();

  134.         $query='';

  135.         while($row = $dsql->GetArray())

  136.         {

  137.             if($row && $row['isadmin']==1)

  138.             {

  139.                 $query = "Update `#@__member_pms` set writetime='0' WHERE id='{$row['id']}' AND folder='inbox' AND toid='{$cfg_ml->M_ID}' AND isadmin='1';";

  140.                 $dsql->ExecuteNoneQuery($query);

  141.             }

  142.             else

  143.             {

  144.                 $query = "DELETE FROM `#@__member_pms` WHERE id in($ids) AND toid='{$cfg_ml->M_ID}' AND folder LIKE 'inbox'";

  145.             }

  146.         }

  147.     }

  148.     else if($folder=='outbox')

  149.     {

  150.         $query = "Delete From `#@__member_pms` WHERE id in($ids) AND fromid='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' ";

  151.     }

  152.     else

  153.     {

  154.         $query = "Delete From `#@__member_pms` WHERE id in($ids) AND fromid='{$cfg_ml->M_ID}' Or toid='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' Or (folder LIKE 'inbox' AND hasview='0')";

  155.     }

  156.     $dsql->ExecuteNoneQuery($query);

  157.     ShowMsg("成功删除指定的消息!","pm.php?folder=".$folder);

  158.     exit();

  159. }

  160. /*-----------------------

  161. function __man(){  }

  162. ----------------------*/

  163. else

  164. {

  165.     if(!isset($folder))

  166.     {

  167.         $folder = 'inbox';

  168.     }

  169.     require_once(DEDEINC."/datalistcp.class.php");

  170.     $wsql = '';

  171.     if($folder=='outbox')

  172.     {

  173.         $wsql = " `fromid`='{$cfg_ml->M_ID}' AND folder LIKE 'outbox' ";

  174.         $tname = "发件箱";

  175.     }

  176.     elseif($folder=='inbox')

  177.     {

  178.         $query = "SELECT * FROM `#@__member_pms` WHERE folder LIKE 'outbox' AND isadmin='1'";

  179.         $dsql->SetQuery($query);

  180.         $dsql->Execute();

  181.         while($row = $dsql->GetArray())

  182.         {

  183.             $row2 = $dsql->GetOne("SELECT * FROM `#@__member_pms` WHERE fromid = '$row[id]' AND toid='{$cfg_ml->M_ID}'");

  184.             if(!is_array($row2))

  185.             {

  186.                 $row3= "INSERT INTO

  187.                 `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  188.                 VALUES ('admin','{$row['id']}','{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','inbox','{$row['subject']}','{$row['sendtime']}','{$row['writetime']}','{$row['hasview']}','{$row['isadmin']}','{$row['message']}')";

  189.                 $dsql->ExecuteNoneQuery($row3);

  190.             }

  191.         }

  192.         if($state===1){

  193.             $wsql= " toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=1";

  194.             $tname = "收件箱";

  195.         } else if ($state===-1)

  196.         {

  197.             $wsql = "toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!='' and hasview=0";

  198.             $tname = "收件箱";

  199.         } else {

  200.             $wsql = " toid='{$cfg_ml->M_ID}' AND folder='inbox' AND writetime!=''";

  201.             $tname = "收件箱";

  202.         }

  203.     }

  204.     else

  205.     {

  206.         $wsql = " `fromid` ='{$cfg_ml->M_ID}' AND folder LIKE 'outbox'";

  207.         $tname = "已发信息";

  208.     }

  209. 

  210.     $query = "SELECT * FROM `#@__member_pms` WHERE $wsql ORDER BY sendtime DESC";

  211.     $dlist = new DataListCP();

  212.     $dlist->pageSize = 20;

  213.     $dlist->SetParameter("dopost",$dopost);

  214.     $dlist->SetTemplate(DEDEMEMBER.'/templets/pm-main.htm');

  215.     $dlist->SetSource($query);

  216.     $dlist->Display();

  217. }