PageRenderTime 42ms CodeModel.GetById 15ms RepoModel.GetById 1ms app.codeStats 0ms

/source/admincp/admincp_members.php

https://github.com/kuaileshike/upload
PHP | 3279 lines | 2895 code | 378 blank | 6 comment | 734 complexity | fee933808c1b42223764b019fbcb0622 MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  *      [Discuz!] (C)2001-2099 Comsenz Inc.
    5. 

  5.  *      This is NOT a freeware, use is subject to license terms
    6. 

  6.  *
    7. 

  7.  *      $Id: admincp_members.php 31986 2012-10-30 05:18:16Z chenmengshu $
    8. 

  8.  */
    9. 

  9. 

  10. if(!defined('IN_DISCUZ') || !defined('IN_ADMINCP')) {
    11. 

  11. 	exit('Access Denied');
    12. 

  12. }
    13. 

  13. 

  14. @set_time_limit(600);
    15. 

  15. if($operation != 'export') {
    16. 

  16. 	cpheader();
    17. 

  17. }
    18. 

  18. 

  19. require_once libfile('function/delete');
    20. 

  20. 

  21. $_G['setting']['memberperpage'] = 20;
    22. 

  22. $page = max(1, $_G['page']);
    23. 

  23. $start_limit = ($page - 1) * $_G['setting']['memberperpage'];
    24. 

  24. $search_condition = array_merge($_GET, $_POST);
    25. 

  25. 

  26. if(!is_array($search_condition['groupid']) && $search_condition['groupid']) {
    27. 

  27. 	$search_condition['groupid'][0] = $search_condition['groupid'];
    28. 

  28. }
    29. 

  29. foreach($search_condition as $k => $v) {
    30. 

  30. 	if(in_array($k, array('action', 'operation', 'formhash', 'confirmed', 'submit', 'page', 'deletestart', 'allnum', 'includeuc','includepost','current','pertask','lastprocess','deleteitem')) || $v === '') {
    31. 

  31. 		unset($search_condition[$k]);
    32. 

  32. 	}
    33. 

  33. }
    34. 

  34. $search_condition = searchcondition($search_condition);
    35. 

  35. $tmpsearch_condition = $search_condition;
    36. 

  36. unset($tmpsearch_condition['tablename']);
    37. 

  37. $member = array();
    38. 

  38. $tableext = '';
    39. 

  39. if(in_array($operation, array('ban', 'edit', 'group', 'credit', 'medal', 'access'), true)) {
    40. 

  40. 	if(empty($_GET['uid']) && empty($_GET['username'])) {
    41. 

  41. 		cpmsg('members_nonexistence', 'action=members&operation='.$operation.(!empty($_GET['highlight']) ? "&highlight={$_GET['highlight']}" : ''), 'form', array(), '<input type="text" name="username" value="" class="txt" />');
    42. 

  42. 	}
    43. 

  43. 	$member = !empty($_GET['uid']) ? C::t('common_member')->fetch($_GET['uid'], false, 1) : C::t('common_member')->fetch_by_username($_GET['username'], 1);
    44. 

  44. 	if(!$member) {
    45. 

  45. 		cpmsg('members_edit_nonexistence', '', 'error');
    46. 

  46. 	}
    47. 

  47. 	$tableext = isset($member['_inarchive']) ? '_archive' : '';
    48. 

  48. }
    49. 

  49. 

  50. if($operation == 'search') {
    51. 

  51. 

  52. 	if(!submitcheck('submit', 1)) {
    53. 

  53. 

  54. 		shownav('user', 'nav_members');
    55. 

  55. 		showsubmenu('nav_members', array(
    56. 

  56. 			array('search', 'members&operation=search', 1),
    57. 

  57. 			array('clean', 'members&operation=clean', 0),
    58. 

  58. 			array('nav_repeat', 'members&operation=repeat', 0),
    59. 

  59. 		));
    60. 

  60. 		showtips('members_admin_tips');
    61. 

  61. 		if(!empty($_GET['vid']) && ($_GET['vid'] > 0 && $_GET['vid'] < 8)) {
    62. 

  62. 			$_GET['verify'] = array('verify'.intval($_GET['vid']));
    63. 

  63. 		}
    64. 

  64. 		showsearchform('search');
    65. 

  65. 		if($_GET['more']) {
    66. 

  66. 			print <<<EOF
    67. 

  67. 		<script type="text/javascript">
    68. 

  68. 			$('btn_more').click();
    69. 

  69. 		</script>
    70. 

  70. 

  71. EOF;
    72. 

  72. 		}
    73. 

  73. 	} else {
    74. 

  74. 

  75. 		$membernum = countmembers($search_condition, $urladd);
    76. 

  76. 

  77. 		$members = '';
    78. 

  78. 		if($membernum > 0) {
    79. 

  79. 			$multipage = multi($membernum, $_G['setting']['memberperpage'], $page, ADMINSCRIPT."?action=members&operation=search&submit=yes".$urladd);
    80. 

  80. 

  81. 			$usergroups = array();
    82. 

  82. 			foreach(C::t('common_usergroup')->range() as $group) {
    83. 

  83. 				switch($group['type']) {
    84. 

  84. 					case 'system': $group['grouptitle'] = '<b>'.$group['grouptitle'].'</b>'; break;
    85. 

  85. 					case 'special': $group['grouptitle'] = '<i>'.$group['grouptitle'].'</i>'; break;
    86. 

  86. 				}
    87. 

  87. 				$usergroups[$group['groupid']] = $group;
    88. 

  88. 			}
    89. 

  89. 

  90. 			$uids = searchmembers($search_condition, $_G['setting']['memberperpage'], $start_limit);
    91. 

  91. 			if($uids) {
    92. 

  92. 				$allmember = C::t('common_member')->fetch_all($uids);
    93. 

  93. 				$allcount = C::t('common_member_count')->fetch_all($uids);
    94. 

  94. 				foreach($allmember as $uid=>$member) {
    95. 

  95. 					$member = array_merge($member, (array)$allcount[$uid]);
    96. 

  96. 					$memberextcredits = array();
    97. 

  97. 					if($_G['setting']['extcredits']) {
    98. 

  98. 						foreach($_G['setting']['extcredits'] as $id => $credit) {
    99. 

  99. 							$memberextcredits[] = $_G['setting']['extcredits'][$id]['title'].': '.$member['extcredits'.$id].' ';
    100. 

  100. 						}
    101. 

  101. 					}
    102. 

  102. 					$lockshow = $member['status'] == '-1' ? '<em class="lightnum">['.cplang('lock').']</em>' : '';
    103. 

  103. 					$members .= showtablerow('', array('class="td25"', '', 'title="'.implode("\n", $memberextcredits).'"'), array(
    104. 

  104. 						"<input type=\"checkbox\" name=\"uidarray[]\" value=\"$member[uid]\"".($member['adminid'] == 1 ? 'disabled' : '')." class=\"checkbox\">",
    105. 

  105. 						($_G['setting']['connect']['allow'] && $member['conisbind'] ? '<img class="vmiddle" src="static/image/common/connect_qq.gif" /> ' : '')."<a href=\"home.php?mod=space&uid=$member[uid]\" target=\"_blank\">$member[username]</a>",
    106. 

  106. 						$member['credits'],
    107. 

  107. 						$member['posts'],
    108. 

  108. 						$usergroups[$member['adminid']]['grouptitle'],
    109. 

  109. 						$usergroups[$member['groupid']]['grouptitle'].$lockshow,
    110. 

  110. 						"<a href=\"".ADMINSCRIPT."?action=members&operation=group&uid=$member[uid]\" class=\"act\">$lang[usergroup]</a><a href=\"".ADMINSCRIPT."?action=members&operation=access&uid=$member[uid]\" class=\"act\">$lang[members_access]</a>".
    111. 

  111. 						($_G['setting']['extcredits'] ? "<a href=\"".ADMINSCRIPT."?action=members&operation=credit&uid=$member[uid]\" class=\"act\">$lang[credits]</a>" : "<span disabled>$lang[edit]</span>").
    112. 

  112. 						"<a href=\"".ADMINSCRIPT."?action=members&operation=medal&uid=$member[uid]\" class=\"act\">$lang[medals]</a>".
    113. 

  113. 						"<a href=\"".ADMINSCRIPT."?action=members&operation=repeat&uid=$member[uid]\" class=\"act\">$lang[members_repeat]</a>".
    114. 

  114. 						"<a href=\"".ADMINSCRIPT."?action=members&operation=edit&uid=$member[uid]\" class=\"act\">$lang[detail]</a>".
    115. 

  115. 						"<a href=\"".ADMINSCRIPT."?action=members&operation=ban&uid=$member[uid]\" class=\"act\">$lang[members_ban]</a>"
    116. 

  116. 					), TRUE);
    117. 

  117. 				}
    118. 

  118. 			}
    119. 

  119. 		}
    120. 

  120. 

  121. 		shownav('user', 'nav_members');
    122. 

  122. 		showsubmenu('nav_members');
    123. 

  123. 		showtips('members_export_tips');
    124. 

  124. 		foreach($search_condition as $k => $v) {
    125. 

  125. 			if($k == 'username') {
    126. 

  126. 				$v = explode(',', $v);
    127. 

  127. 				$tmpv = array();
    128. 

  128. 				foreach($v as $subvalue) {
    129. 

  129. 					$tmpv[] = rawurlencode($subvalue);
    130. 

  130. 				}
    131. 

  131. 				$v = implode(',', $tmpv);
    132. 

  132. 			}
    133. 

  133. 			if(is_array($v)) {
    134. 

  134. 				foreach($v as $value ) {
    135. 

  135. 					$condition_str .= '&'.$k.'[]='.$value;
    136. 

  136. 				}
    137. 

  137. 			} else {
    138. 

  138. 				$condition_str .= '&'.$k.'='.$v;
    139. 

  139. 			}
    140. 

  140. 		}
    141. 

  141. 		showformheader("members&operation=clean".$condition_str);
    142. 

  142. 		showtableheader(cplang('members_search_result', array('membernum' => $membernum)).'<a href="'.ADMINSCRIPT.'?action=members&operation=search" class="act lightlink normal">'.cplang('research').'</a>&nbsp;&nbsp;&nbsp;<a href='.ADMINSCRIPT.'?action=members&operation=export'.$condition_str.'>'.$lang['members_search_export'].'</a>');
    143. 

  143. 

  144. 		if($membernum) {
    145. 

  145. 			showsubtitle(array('', 'username', 'credits', 'posts', 'admingroup', 'usergroup', ''));
    146. 

  146. 			echo $members;
    147. 

  147. 			$condition_str = str_replace('&tablename=master', '', $condition_str);
    148. 

  148. 			showsubmit('deletesubmit', cplang('delete'), ($tmpsearch_condition ? '<input type="checkbox" name="chkall" onclick="checkAll(\'prefix\', this.form, \'uidarray\');if(this.checked){$(\'deleteallinput\').style.display=\'\';}else{$(\'deleteall\').checked = false;$(\'deleteallinput\').style.display=\'none\';}" class="checkbox">'.cplang('select_all') : ''), ' &nbsp;&nbsp;&nbsp;<span id="deleteallinput" style="display:none"><input id="deleteall" type="checkbox" name="deleteall" class="checkbox">'.cplang('members_search_deleteall', array('membernum' => $membernum)).'</span>', $multipage);
    149. 

  149. 		}
    150. 

  150. 		showtablefooter();
    151. 

  151. 		showformfooter();
    152. 

  152. 

  153. 	}
    154. 

  154. 

  155. } elseif($operation == 'export') {
    156. 

  156. 	$uids = searchmembers($search_condition, 10000);
    157. 

  157. 	$detail = '';
    158. 

  158. 	if($uids && is_array($uids)) {
    159. 

  159. 

  160. 		$allprofile = C::t('common_member_profile')->fetch_all($uids);
    161. 

  161. 		$allusername = C::t('common_member')->fetch_all_username_by_uid($uids);
    162. 

  162. 		foreach($allprofile as $uid=>$profile) {
    163. 

  163. 			unset($profile['uid']);
    164. 

  164. 			$profile = array_merge(array('uid'=>$uid, 'username'=>$allusername[$uid]),$profile);
    165. 

  165. 			foreach($profile as $key => $value) {
    166. 

  166. 				$value = preg_replace('/\s+/', ' ', $value);
    167. 

  167. 				if($key == 'gender') $value = lang('space', 'gender_'.$value);
    168. 

  168. 				$detail .= strlen($value) > 11 && is_numeric($value) ? '['.$value.'],' : $value.',';
    169. 

  169. 			}
    170. 

  170. 			$detail = $detail."\n";
    171. 

  171. 		}
    172. 

  172. 	}
    173. 

  173. 	$title = array('realname' => '', 'gender' => '', 'birthyear' => '', 'birthmonth' => '', 'birthday' => '', 'constellation' => '',
    174. 

  174. 		'zodiac' => '', 'telephone' => '', 'mobile' => '', 'idcardtype' => '', 'idcard' => '', 'address' => '', 'zipcode' => '','nationality' => '',
    175. 

  175. 		'birthprovince' => '', 'birthcity' => '', 'birthdist' => '', 'birthcommunity' => '', 'resideprovince' => '', 'residecity' => '', 'residedist' => '',
    176. 

  176. 		'residecommunity' => '', 'residesuite' => '', 'graduateschool' => '', 'education' => '', 'company' => '', 'occupation' => '',
    177. 

  177. 		'position' => '', 'revenue' => '', 'affectivestatus' => '', 'lookingfor' => '', 'bloodtype' => '', 'height' => '', 'weight' => '',
    178. 

  178. 		'alipay' => '', 'icq' => '', 'qq' => '', 'yahoo' => '', 'msn' => '', 'taobao' => '', 'site' => '', 'bio' => '', 'interest' => '',
    179. 

  179. 		'field1' => '', 'field2' => '', 'field3' => '', 'field4' => '', 'field5' => '', 'field6' => '', 'field7' => '', 'field8' => '');
    180. 

  180. 	foreach(C::t('common_member_profile_setting')->range() as $value) {
    181. 

  181. 		if(isset($title[$value['fieldid']])) {
    182. 

  182. 			$title[$value['fieldid']] = $value['title'];
    183. 

  183. 		}
    184. 

  184. 	}
    185. 

  185. 	foreach($title as $k => $v) {
    186. 

  186. 		$subject .= ($v ? $v : $k).",";
    187. 

  187. 	}
    188. 

  188. 	$detail = "UID,".$lang['username'].",".$subject."\n".$detail;
    189. 

  189. 	$filename = date('Ymd', TIMESTAMP).'.csv';
    190. 

  190. 

  191. 	ob_end_clean();
    192. 

  192. 	header('Content-Encoding: none');
    193. 

  193. 	header('Content-Type: application/octet-stream');
    194. 

  194. 	header('Content-Disposition: attachment; filename='.$filename);
    195. 

  195. 	header('Pragma: no-cache');
    196. 

  196. 	header('Expires: 0');
    197. 

  197. 	if($_G['charset'] != 'gbk') {
    198. 

  198. 		$detail = diconv($detail, $_G['charset'], 'GBK');
    199. 

  199. 	}
    200. 

  200. 	echo $detail;
    201. 

  201. 	exit();
    202. 

  202. 

  203. } elseif($operation == 'repeat') {
    204. 

  204. 

  205. 	if(empty($_GET['uid']) && empty($_GET['username']) && empty($_GET['ip'])) {
    206. 

  206. 

  207. 		shownav('user', 'nav_members');
    208. 

  208. 		showsubmenu('nav_members', array(
    209. 

  209. 			array('search', 'members&operation=search', 0),
    210. 

  210. 			array('clean', 'members&operation=clean', 0),
    211. 

  211. 			array('nav_repeat', 'members&operation=repeat', 1),
    212. 

  212. 		));
    213. 

  213. 

  214. 		showformheader("members&operation=repeat");
    215. 

  215. 		showtableheader();
    216. 

  216. 		showsetting('members_search_repeatuser', 'username', '', 'text');
    217. 

  217. 		showsetting('members_search_uid', 'uid', '', 'text');
    218. 

  218. 		showsetting('members_search_repeatip', 'ip', $_GET['inputip'], 'text');
    219. 

  219. 		showsubmit('submit', 'submit');
    220. 

  220. 		showtablefooter();
    221. 

  221. 		showformfooter();
    222. 

  222. 

  223. 	} else {
    224. 

  224. 

  225. 		$ips = array();
    226. 

  226. 		$urladd = '';
    227. 

  227. 		if(!empty($_GET['username'])) {
    228. 

  228. 			$uid = C::t('common_member')->fetch_uid_by_username($_GET['username']);
    229. 

  229. 			$searchmember = $uid ? C::t('common_member_status')->fetch($uid) : '';
    230. 

  230. 			$searchmember['username'] = $_GET['username'];
    231. 

  231. 			$urladd .= '&username='.$_GET['username'];
    232. 

  232. 		} elseif(!empty($_GET['uid'])) {
    233. 

  233. 			$searchmember = C::t('common_member_status')->fetch($_GET['uid']);
    234. 

  234. 			$themember = C::t('common_member')->fetch($_GET['uid']);
    235. 

  235. 			$searchmember['username'] = $themember['username'];
    236. 

  236. 			$urladd .= '&uid='.$_GET['uid'];
    237. 

  237. 			unset($_GET['uid']);
    238. 

  238. 		} elseif(!empty($_GET['ip'])) {
    239. 

  239. 			$regip = $lastip = $_GET['ip'];
    240. 

  240. 			$ips[] = $_GET['ip'];
    241. 

  241. 			$search_condition['lastip'] = $_GET['ip'];
    242. 

  242. 			$urladd .= '&ip='.$_GET['ip'];
    243. 

  243. 		}
    244. 

  244. 

  245. 		if($searchmember) {
    246. 

  246. 			$ips = array();
    247. 

  247. 			foreach(array('regip', 'lastip') as $iptype) {
    248. 

  248. 				if($searchmember[$iptype] != '' && $searchmember[$iptype] != 'hidden') {
    249. 

  249. 					$ips[] = $searchmember[$iptype];
    250. 

  250. 				}
    251. 

  251. 			}
    252. 

  252. 			$ips = !empty($ips) ? array_unique($ips) : array('unknown');
    253. 

  253. 		}
    254. 

  254. 		$searchmember['username'] .= ' (IP '.dhtmlspecialchars($ids).')';
    255. 

  255. 		$membernum = !empty($ips) ? C::t('common_member_status')->count_by_ip($ips) : C::t('common_member_status')->count();
    256. 

  256. 

  257. 		$members = '';
    258. 

  258. 		if($membernum) {
    259. 

  259. 			$usergroups = array();
    260. 

  260. 			foreach(C::t('common_usergroup')->range() as $group) {
    261. 

  261. 				switch($group['type']) {
    262. 

  262. 					case 'system': $group['grouptitle'] = '<b>'.$group['grouptitle'].'</b>'; break;
    263. 

  263. 					case 'special': $group['grouptitle'] = '<i>'.$group['grouptitle'].'</i>'; break;
    264. 

  264. 				}
    265. 

  265. 				$usergroups[$group['groupid']] = $group;
    266. 

  266. 			}
    267. 

  267. 

  268. 			$uids = searchmembers($search_condition, $_G['setting']['memberperpage'], $start_limit);
    269. 

  269. 			$conditions = 'm.uid IN ('.dimplode($uids).')';
    270. 

  270. 			$_G['setting']['memberperpage'] = 100;
    271. 

  271. 			$start_limit = ($page - 1) * $_G['setting']['memberperpage'];
    272. 

  272. 			$multipage = multi($membernum, $_G['setting']['memberperpage'], $page, ADMINSCRIPT."?action=members&operation=repeat&submit=yes".$urladd);
    273. 

  273. 			$allstatus = !empty($ips) ? C::t('common_member_status')->fetch_all_by_ip($ips, $start_limit, $_G['setting']['memberperpage'])
    274. 

  274. 					: C::t('common_member_status')->range($start_limit, $_G['setting']['memberperpage']);
    275. 

  275. 			$allcount = C::t('common_member_count')->fetch_all(array_keys($allstatus));
    276. 

  276. 			$allmember = C::t('common_member')->fetch_all(array_keys($allstatus));
    277. 

  277. 			foreach($allstatus as $uid => $member) {
    278. 

  278. 				$member = array_merge($member, (array)$allcount[$uid], (array)$allmember[$uid]);
    279. 

  279. 				$memberextcredits = array();
    280. 

  280. 				foreach($_G['setting']['extcredits'] as $id => $credit) {
    281. 

  281. 					$memberextcredits[] = $_G['setting']['extcredits'][$id]['title'].': '.$member['extcredits'.$id];
    282. 

  282. 				}
    283. 

  283. 				$members .= showtablerow('', array('class="td25"', '', 'title="'.implode("\n", $memberextcredits).'"'), array(
    284. 

  284. 					"<input type=\"checkbox\" name=\"uidarray[]\" value=\"$member[uid]\"".($member['adminid'] == 1 ? 'disabled' : '')." class=\"checkbox\">",
    285. 

  285. 					"<a href=\"home.php?mod=space&uid=$member[uid]\" target=\"_blank\">$member[username]</a>",
    286. 

  286. 					$member['credits'],
    287. 

  287. 					$member['posts'],
    288. 

  288. 					$usergroups[$member['adminid']]['grouptitle'],
    289. 

  289. 					$usergroups[$member['groupid']]['grouptitle'],
    290. 

  290. 					"<a href=\"".ADMINSCRIPT."?action=members&operation=group&uid=$member[uid]\" class=\"act\">$lang[usergroup]</a><a href=\"".ADMINSCRIPT."?action=members&operation=access&uid=$member[uid]\" class=\"act\">$lang[members_access]</a>".
    291. 

  291. 					($_G['setting']['extcredits'] ? "<a href=\"".ADMINSCRIPT."?action=members&operation=credit&uid=$member[uid]\" class=\"act\">$lang[credits]</a>" : "<span disabled>$lang[edit]</span>").
    292. 

  292. 					"<a href=\"".ADMINSCRIPT."?action=members&operation=medal&uid=$member[uid]\" class=\"act\">$lang[medals]</a>".
    293. 

  293. 					"<a href=\"".ADMINSCRIPT."?action=members&operation=repeat&uid=$member[uid]\" class=\"act\">$lang[members_repeat]</a>".
    294. 

  294. 					"<a href=\"".ADMINSCRIPT."?action=members&operation=edit&uid=$member[uid]\" class=\"act\">$lang[detail]</a>"
    295. 

  295. 				), TRUE);
    296. 

  296. 			}
    297. 

  297. 		}
    298. 

  298. 

  299. 		shownav('user', 'nav_repeat');
    300. 

  300. 		showsubmenu($lang['nav_repeat'].' - '.$searchmember['username']);
    301. 

  301. 		showformheader("members&operation=clean");
    302. 

  302. 		$searchadd = '';
    303. 

  303. 		if(is_array($ips)) {
    304. 

  304. 			foreach($ips as $ip) {
    305. 

  305. 				$searchadd .= '<a href="'.ADMINSCRIPT.'?action=members&operation=repeat&inputip='.rawurlencode($ip).'" class="act lightlink normal">'.cplang('search').'IP '.dhtmlspecialchars($ip).'</a>';
    306. 

  306. 			}
    307. 

  307. 		}
    308. 

  308. 		showtableheader(cplang('members_search_result', array('membernum' => $membernum)).'<a href="'.ADMINSCRIPT.'?action=members&operation=repeat" class="act lightlink normal">'.cplang('research').'</a>'.$searchadd);
    309. 

  309. 		showsubtitle(array('', 'username', 'credits', 'posts', 'admingroup', 'usergroup', ''));
    310. 

  310. 		echo $members;
    311. 

  311. 		showtablerow('', array('class="td25"', 'class="lineheight" colspan="7"'), array('', cplang('members_admin_comment')));
    312. 

  312. 		showsubmit('submit', 'submit', '<input type="checkbox" name="chkall" onclick="checkAll(\'prefix\', this.form, \'uidarray\')" class="checkbox">'.cplang('del'), '', $multipage);
    313. 

  313. 		showtablefooter();
    314. 

  314. 		showformfooter();
    315. 

  315. 

  316. 	}
    317. 

  317. 

  318. } elseif($operation == 'clean') {
    319. 

  319. 

  320. 	if(!submitcheck('submit', 1) && !submitcheck('deletesubmit', 1)) {
    321. 

  321. 

  322. 		shownav('user', 'nav_members');
    323. 

  323. 		showsubmenu('nav_members', array(
    324. 

  324. 			array('search', 'members&operation=search', 0),
    325. 

  325. 			array('clean', 'members&operation=clean', 1),
    326. 

  326. 			array('nav_repeat', 'members&operation=repeat', 0),
    327. 

  327. 		));
    328. 

  328. 

  329. 		showsearchform('clean');
    330. 

  330. 

  331. 	} else {
    332. 

  332. 

  333. 		if((!$tmpsearch_condition && empty($_GET['uidarray'])) || (submitcheck('deletesubmit', 1) && empty($_GET['uidarray']))) {
    334. 

  334. 			cpmsg('members_no_find_deluser', '', 'error');
    335. 

  335. 		}
    336. 

  336. 		if(!empty($_GET['deleteall'])) {
    337. 

  337. 			unset($search_condition['uidarray']);
    338. 

  338. 			$_GET['uidarray'] = '';
    339. 

  339. 		}
    340. 

  340. 		$uids = 0;
    341. 

  341. 		$extra = '';
    342. 

  342. 		$delmemberlimit = 300;
    343. 

  343. 		$deletestart = intval($_GET['deletestart']);
    344. 

  344. 

  345. 		if(!empty($_GET['uidarray'])) {
    346. 

  346. 			$uids = array();
    347. 

  347. 			$allmember = C::t('common_member')->fetch_all($_GET['uidarray']);
    348. 

  348. 			$count = count($allmember);
    349. 

  349. 			$membernum = 0;
    350. 

  350. 			foreach($allmember as $uid => $member) {
    351. 

  351. 				if($member['adminid'] !== 1 && $member['groupid'] !== 1) {
    352. 

  352. 					if($count < 2000 || !empty($_GET['uidarray'])) {
    353. 

  353. 						$extra .= '<input type="hidden" name="uidarray[]" value="'.$member['uid'].'" />';
    354. 

  354. 					}
    355. 

  355. 					$uids[] = $member['uid'];
    356. 

  356. 					$membernum ++;
    357. 

  357. 				}
    358. 

  358. 			}
    359. 

  359. 		} elseif($tmpsearch_condition) {
    360. 

  360. 			$membernum = countmembers($search_condition, $urladd);
    361. 

  361. 			$uids = searchmembers($search_condition, $delmemberlimit, 0);
    362. 

  362. 		}
    363. 

  363. 		$allnum = intval($_GET['allnum']);
    364. 

  364. 		$conditions = $uids ? 'm.uid IN ('.dimplode($uids).')' : '0';
    365. 

  365. 

  366. 		if((empty($membernum) || empty($uids))) {
    367. 

  367. 			if($deletestart) {
    368. 

  368. 				cpmsg('members_delete_succeed', '', 'succeed', array('numdeleted' => $allnum));
    369. 

  369. 			}
    370. 

  370. 			cpmsg('members_no_find_deluser', '', 'error');
    371. 

  371. 		}
    372. 

  372. 		if(!$_GET['confirmed']) {
    373. 

  373. 

  374. 			cpmsg('members_delete_confirm', "action=members&operation=clean&submit=yes&confirmed=yes".$urladd, 'form', array('membernum' => $membernum), $extra.'<br /><label><input type="checkbox" name="includepost" value="1" class="checkbox" />'.$lang['members_delete_all'].'</label>'.($isfounder ? '&nbsp;<label><input type="checkbox" name="includeuc" value="1" class="checkbox" />'.$lang['members_delete_ucdata'].'</label>' : ''), '');
    375. 

  375. 

  376. 		} else {
    377. 

  377. 

  378. 			if(empty($_GET['includepost'])) {
    379. 

  379. 

  380. 				require_once libfile('function/delete');
    381. 

  381. 				$numdeleted = deletemember($uids, 0);
    382. 

  382. 

  383. 				if($isfounder && !empty($_GET['includeuc'])) {
    384. 

  384. 					loaducenter();
    385. 

  385. 					uc_user_delete($uids);
    386. 

  386. 					$_GET['includeuc'] = 1;
    387. 

  387. 				} else {
    388. 

  388. 					$_GET['includeuc'] = 0;
    389. 

  389. 				}
    390. 

  390. 				if($_GET['uidarray']) {
    391. 

  391. 					cpmsg('members_delete_succeed', '', 'succeed', array('numdeleted' => $numdeleted));
    392. 

  392. 				} else {
    393. 

  393. 					$allnum += $membernum < $delmemberlimit ? $membernum : $delmemberlimit;
    394. 

  394. 					$nextlink = "action=members&operation=clean&confirmed=yes&submit=yes".(!empty($_GET['includeuc']) ? '&includeuc=yes' : '')."&allnum=$allnum&deletestart=".($deletestart+$delmemberlimit).$urladd;
    395. 

  395. 					cpmsg(cplang('members_delete_user_processing_next', array('deletestart' => $deletestart, 'nextdeletestart' => $deletestart+$delmemberlimit)), $nextlink, 'loadingform', array());
    396. 

  396. 				}
    397. 

  397. 

  398. 			} else {
    399. 

  399. 

  400. 				if(empty($uids)) {
    401. 

  401. 					cpmsg('members_no_find_deluser', '', 'error');
    402. 

  402. 				}
    403. 

  403. 				$numdeleted = $numdeleted ? $numdeleted : count($uids);
    404. 

  404. 				$pertask = 1000;
    405. 

  405. 				$current = $_GET['current'] ? intval($_GET['current']) : 0;
    406. 

  406. 				$deleteitem = $_GET['deleteitem'] ? trim($_GET['deleteitem']) : 'post';
    407. 

  407. 				$nextdeleteitem = $deleteitem;
    408. 

  408. 

  409. 				$next = $current + $pertask;
    410. 

  410. 

  411. 				if($deleteitem == 'post') {
    412. 

  412. 					$threads = $fids = $threadsarray = array();
    413. 

  413. 					foreach(C::t('forum_thread')->fetch_all_by_authorid($uids, $pertask) as $thread) {
    414. 

  414. 						$threads[$thread['fid']][] = $thread['tid'];
    415. 

  415. 					}
    416. 

  416. 

  417. 					if($threads) {
    418. 

  418. 						require_once libfile('function/post');
    419. 

  419. 						foreach($threads as $fid => $tids) {
    420. 

  420. 							deletethread($tids);
    421. 

  421. 						}
    422. 

  422. 						if($_G['setting']['globalstick']) {
    423. 

  423. 							require_once libfile('function/cache');
    424. 

  424. 							updatecache('globalstick');
    425. 

  425. 						}
    426. 

  426. 					} else {
    427. 

  427. 						$next = 0;
    428. 

  428. 						$nextdeleteitem = 'blog';
    429. 

  429. 					}
    430. 

  430. 				}
    431. 

  431. 

  432. 				if($deleteitem == 'blog') {
    433. 

  433. 					$blogs = array();
    434. 

  434. 					$query = C::t('home_blog')->fetch_blogid_by_uid($uids, 0, $pertask);
    435. 

  435. 					foreach($query as $blog) {
    436. 

  436. 						$blogs[] = $blog['blogid'];
    437. 

  437. 					}
    438. 

  438. 

  439. 					if($blogs) {
    440. 

  440. 						deleteblogs($blogs);
    441. 

  441. 					} else {
    442. 

  442. 						$next = 0;
    443. 

  443. 						$nextdeleteitem = 'pic';
    444. 

  444. 					}
    445. 

  445. 				}
    446. 

  446. 

  447. 				if($deleteitem == 'pic') {
    448. 

  448. 					$pics = array();
    449. 

  449. 					$query = C::t('home_pic')->fetch_all_by_uid($uids, 0, $pertask);
    450. 

  450. 					foreach($query as $pic) {
    451. 

  451. 						$pics[] = $pic['picid'];
    452. 

  452. 					}
    453. 

  453. 

  454. 					if($pics) {
    455. 

  455. 						deletepics($pics);
    456. 

  456. 					} else {
    457. 

  457. 						$next = 0;
    458. 

  458. 						$nextdeleteitem = 'doing';
    459. 

  459. 					}
    460. 

  460. 				}
    461. 

  461. 

  462. 				if($deleteitem == 'doing') {
    463. 

  463. 					$doings = array();
    464. 

  464. 					$query = C::t('home_doing')->fetch_all_by_uid_doid($uids, '', '', 0, $pertask);
    465. 

  465. 					foreach ($query as $doings) {
    466. 

  466. 						$doings[] = $doing['doid'];
    467. 

  467. 					}
    468. 

  468. 

  469. 					if($doings) {
    470. 

  470. 						deletedoings($doings);
    471. 

  471. 					} else {
    472. 

  472. 						$next = 0;
    473. 

  473. 						$nextdeleteitem = 'share';
    474. 

  474. 					}
    475. 

  475. 				}
    476. 

  476. 

  477. 				if($deleteitem == 'share') {
    478. 

  478. 					$shares = array();
    479. 

  479. 					foreach(C::t('home_share')->fetch_all_by_uid($uids, $pertask) as $share) {
    480. 

  480. 						$shares[] = $share['sid'];
    481. 

  481. 					}
    482. 

  482. 

  483. 					if($shares) {
    484. 

  484. 						deleteshares($shares);
    485. 

  485. 					} else {
    486. 

  486. 						$next = 0;
    487. 

  487. 						$nextdeleteitem = 'feed';
    488. 

  488. 					}
    489. 

  489. 				}
    490. 

  490. 

  491. 				if($deleteitem == 'feed') {
    492. 

  492. 					C::t('home_follow_feed')->delete_by_uid($uids);
    493. 

  493. 					$nextdeleteitem = 'comment';
    494. 

  494. 				}
    495. 

  495. 

  496. 				if($deleteitem == 'comment') {
    497. 

  497. 					$comments = array();
    498. 

  498. 					$query = C::t('home_comment')->fetch_all_by_uid($uids, 0, $pertask);
    499. 

  499. 					foreach($query as $comment) {
    500. 

  500. 						$comments[] = $comment['cid'];
    501. 

  501. 					}
    502. 

  502. 

  503. 					if($comments) {
    504. 

  504. 						deletecomments($comments);
    505. 

  505. 					} else {
    506. 

  506. 						$next = 0;
    507. 

  507. 						$nextdeleteitem = 'allitem';
    508. 

  508. 					}
    509. 

  509. 				}
    510. 

  510. 

  511. 				if($deleteitem == 'allitem') {
    512. 

  512. 					require_once libfile('function/delete');
    513. 

  513. 					$numdeleted = deletemember($uids);
    514. 

  514. 

  515. 					if($isfounder && !empty($_GET['includeuc'])) {
    516. 

  516. 						loaducenter();
    517. 

  517. 						uc_user_delete($uids);
    518. 

  518. 					}
    519. 

  519. 					if(!empty($_GET['uidarray'])) {
    520. 

  520. 						cpmsg('members_delete_succeed', '', 'succeed', array('numdeleted' => $numdeleted));
    521. 

  521. 					} else {
    522. 

  522. 						$allnum += $membernum < $delmemberlimit ? $membernum : $delmemberlimit;
    523. 

  523. 						$nextlink = "action=members&operation=clean&confirmed=yes&submit=yes&includepost=yes".(!empty($_GET['includeuc']) ? '&includeuc=yes' : '')."&allnum=$allnum&deletestart=".($deletestart+$delmemberlimit).$urladd;
    524. 

  524. 						cpmsg(cplang('members_delete_user_processing_next', array('deletestart' => $deletestart, 'nextdeletestart' => $deletestart+$delmemberlimit)), $nextlink, 'loadingform', array());
    525. 

  525. 					}
    526. 

  526. 				}
    527. 

  527. 				$nextlink = "action=members&operation=clean&confirmed=yes&submit=yes&includepost=yes".(!empty($_GET['includeuc']) ? '&includeuc=yes' : '')."&current=$next&pertask=$pertask&lastprocess=$processed&allnum=$allnum&deletestart=$deletestart".$urladd;
    528. 

  528. 				if(empty($_GET['uidarray'])) {
    529. 

  529. 					$deladdmsg = cplang('members_delete_user_processing', array('deletestart' => $deletestart, 'nextdeletestart' => $deletestart+$delmemberlimit)).'<br>';
    530. 

  530. 				} else {
    531. 

  531. 					$deladdmsg = '';
    532. 

  532. 				}
    533. 

  533. 				if($nextdeleteitem != $deleteitem) {
    534. 

  534. 					$nextlink .= "&deleteitem=$nextdeleteitem";
    535. 

  535. 					cpmsg(cplang('members_delete_processing_next', array('deladdmsg' => $deladdmsg, 'item' => cplang('members_delete_'.$deleteitem), 'nextitem' => cplang('members_delete_'.$nextdeleteitem))), $nextlink, 'loadingform', array(), $extra);
    536. 

  536. 				} else {
    537. 

  537. 					$nextlink .= "&deleteitem=$deleteitem";
    538. 

  538. 					cpmsg(cplang('members_delete_processing', array('deladdmsg' => $deladdmsg, 'item' => cplang('members_delete_'.$deleteitem), 'current' => $current, 'next' => $next)), $nextlink, 'loadingform', array(), $extra);
    539. 

  539. 				}
    540. 

  540. 			}
    541. 

  541. 		}
    542. 

  542. 	}
    543. 

  543. 

  544. } elseif($operation == 'newsletter') {
    545. 

  545. 

  546. 	if(!submitcheck('newslettersubmit', 1)) {
    547. 

  547. 		loadcache('newsletter_detail');
    548. 

  548.         $newletter_detail = get_newsletter('newsletter_detail');
    549. 

  549. 		$newletter_detail = dunserialize($newletter_detail);
    550. 

  550. 		if($newletter_detail && $newletter_detail['uid'] == $_G['uid']) {
    551. 

  551. 			if($_GET['goon'] == 'yes') {
    552. 

  552. 				cpmsg("$lang[members_newsletter_send]: ".cplang('members_newsletter_processing', array('current' => $newletter_detail['current'], 'next' => $newletter_detail['next'], 'search_condition' => $newletter_detail['search_condition'])), $newletter_detail['action'], 'loadingform');
    553. 

  553. 			} elseif($_GET['goon'] == 'no') {
    554. 

  554. 				del_newsletter('newsletter_detail');
    555. 

  555. 			} else {
    556. 

  556. 				cpmsg('members_edit_continue', '', '', '', '<input type="button" class="btn" value="'.$lang[ok].'" onclick="location.href=\''.ADMINSCRIPT.'?action=members&operation=newsletter&goon=yes\'">&nbsp;&nbsp;<input type="button" class="btn" value="'.$lang[cancel].'" onclick="location.href=\''.ADMINSCRIPT.'?action=members&operation=newsletter&goon=no\';">');
    557. 

  557. 				exit;
    558. 

  558. 			}
    559. 

  559. 		}
    560. 

  560. 		if($_GET['do'] == 'mobile') {
    561. 

  561. 			shownav('user', 'nav_members_newsletter_mobile');
    562. 

  562. 			showsubmenusteps('nav_members_newsletter_mobile', array(
    563. 

  563. 				array('nav_members_select', !$_GET['submit']),
    564. 

  564. 				array('nav_members_notify', $_GET['submit']),
    565. 

  565. 			));
    566. 

  566. 			showtips('members_newsletter_mobile_tips');
    567. 

  567. 		} else {
    568. 

  568. 			shownav('user', 'nav_members_newsletter');
    569. 

  569. 			showsubmenusteps('nav_members_newsletter', array(
    570. 

  570. 				array('nav_members_select', !$_GET['submit']),
    571. 

  571. 				array('nav_members_notify', $_GET['submit']),
    572. 

  572. 			), array(), array(array('members_grouppmlist', 'members&operation=grouppmlist', 0)));
    573. 

  573. 		}
    574. 

  574. 		showsearchform('newsletter');
    575. 

  575. 

  576. 		if(submitcheck('submit', 1)) {
    577. 

  577. 			$dostr = '';
    578. 

  578. 			if($_GET['do'] == 'mobile') {
    579. 

  579. 				$search_condition['token_noempty'] = 'token';
    580. 

  580. 				$dostr = '&do=mobile';
    581. 

  581. 			}
    582. 

  582. 			$membernum = countmembers($search_condition, $urladd);
    583. 

  583. 

  584. 			showtagheader('div', 'newsletter', TRUE);
    585. 

  585. 			showformheader('members&operation=newsletter'.$urladd.$dostr);
    586. 

  586. 			showhiddenfields(array('notifymember' => 1));
    587. 

  587. 			echo '<table class="tb tb1">';
    588. 

  588. 

  589. 			if(!$membernum) {
    590. 

  590. 				showtablerow('', 'class="lineheight"', $lang['members_search_nonexistence']);
    591. 

  591. 			} else {
    592. 

  592. 				showtablerow('class="first"', array('class="th11"'), array(
    593. 

  593. 					cplang('members_newsletter_members'),
    594. 

  594. 					cplang('members_search_result', array('membernum' => $membernum))."<a href=\"###\" onclick=\"$('searchmembers').style.display='';$('newsletter').style.display='none';$('step1').className='current';$('step2').className='';\" class=\"act\">$lang[research]</a>"
    595. 

  595. 				));
    596. 

  596. 				showtablefooter();
    597. 

  597. 

  598. 				shownewsletter();
    599. 

  599. 

  600. 				$search_condition = serialize($search_condition);
    601. 

  601. 				showsubmit('newslettersubmit', 'submit', 'td', '<input type="hidden" name="conditions" value=\''.$search_condition.'\' />');
    602. 

  602. 

  603. 			}
    604. 

  604. 

  605. 			showtablefooter();
    606. 

  606. 			showformfooter();
    607. 

  607. 			showtagfooter('div');
    608. 

  608. 

  609. 		}
    610. 

  610. 

  611. 	} else {
    612. 

  612. 

  613. 		$search_condition = dunserialize($_POST['conditions']);
    614. 

  614. 		$membernum = countmembers($search_condition, $urladd);
    615. 

  615. 		notifymembers('newsletter', 'newsletter');
    616. 

  616. 

  617. 	}
    618. 

  618. 

  619. } elseif($operation == 'grouppmlist') {
    620. 

  620. 

  621. 	if(!empty($_GET['delete']) && ($isfounder || C::t('common_grouppm')->count_by_id_authorid($_GET['delete'], $_G['uid']))) {
    622. 

  622. 		if(!empty($_GET['confirm'])) {
    623. 

  623. 			C::t('common_grouppm')->delete($_GET['delete']);
    624. 

  624. 			C::t('common_member_grouppm')->delete_by_gpmid($_GET['delete']);
    625. 

  625. 		} else {
    626. 

  626. 			cpmsg('members_grouppm_delete_confirm', 'action=members&operation=grouppmlist&delete='.intval($_GET['delete']).'&confirm=yes', 'form');
    627. 

  627. 		}
    628. 

  628. 	}
    629. 

  629. 	shownav('user', 'nav_members_newsletter');
    630. 

  630. 	showsubmenu('nav_members_newsletter', array(
    631. 

  631. 		array('members_grouppmlist_newsletter', 'members&operation=newsletter', 0),
    632. 

  632. 		array('members_grouppmlist', 'members&operation=grouppmlist', 1)
    633. 

  633. 	));
    634. 

  634. 	if($do) {
    635. 

  635. 		$unreads = C::t('common_member_grouppm')->count_by_gpmid($do, 0);
    636. 

  636. 	}
    637. 

  637. 

  638. 	showtableheader();
    639. 

  639. 	$id = empty($do) ? 0 : $do;
    640. 

  640. 	$authorid = $isfounder ? 0 : $_G['uid'];
    641. 

  641. 	$grouppms = C::t('common_grouppm')->fetch_all_by_id_authorid($id, $authorid);
    642. 

  642. 	if(!empty($grouppms)) {
    643. 

  643. 		$users = C::t('common_member')->fetch_all(C::t('common_grouppm')->get_uids());
    644. 

  644. 		foreach($grouppms as $grouppm) {
    645. 

  645. 			showtablerow('', array('valign="top" class="td25"', 'valign="top"'), array(
    646. 

  646. 			    '<a href="home.php?mod=space&uid='.$grouppm['authorid'].'" target="_blank">'.avatar($grouppm['authorid'], 'small').'</a>',
    647. 

  647. 			    '<a href="home.php?mod=space&uid='.$grouppm['authorid'].'" target="_blank"><b>'.$users[$grouppm['authorid']]['username'].'</b></a> ('.dgmdate($grouppm['dateline']).'):<br />'.
    648. 

  648. 			    $grouppm['message'].'<br /><br />'.
    649. 

  649. 			    (!$do ?
    650. 

  650. 				'<a href="'.ADMINSCRIPT.'?action=members&operation=grouppmlist&do='.$grouppm['id'].'">'.cplang('members_grouppmlist_view', array('number' => $grouppm['numbers'])).'</a>' :
    651. 

  651. 				'<a href="'.ADMINSCRIPT.'?action=members&operation=grouppmlist&do='.$grouppm['id'].'">'.cplang('members_grouppmlist_view_all').'</a>('.$grouppm['numbers'].') &nbsp; '.
    652. 

  652. 				'<a href="'.ADMINSCRIPT.'?action=members&operation=grouppmlist&do='.$grouppm['id'].'&filter=unread">'.cplang('members_grouppmlist_view_unread').'</a>('.$unreads.') &nbsp; '.
    653. 

  653. 				'<a href="'.ADMINSCRIPT.'?action=members&operation=grouppmlist&do='.$grouppm['id'].'&filter=read">'.cplang('members_grouppmlist_view_read').'</a>('.($grouppm['numbers'] - $unreads).')'),
    654. 

  654. 				'<a href="'.ADMINSCRIPT.'?action=members&operation=grouppmlist&delete='.$grouppm['id'].'">'.cplang('delete').'</a>'
    655. 

  655. 			));
    656. 

  656. 		}
    657. 

  657. 	} else {
    658. 

  658. 		showtablerow('', '', cplang('members_newsletter_empty'));
    659. 

  659. 	}
    660. 

  660. 	showtablefooter();
    661. 

  661. 	if($do) {
    662. 

  662. 		$_GET['filter'] = in_array($_GET['filter'], array('read', 'unread')) ? $_GET['filter'] : '';
    663. 

  663. 		$filteradd = $_GET['filter'] ? '&filter='.$_GET['filter'] : '';
    664. 

  664. 		$ppp = 100;
    665. 

  665. 		$start_limit = ($page - 1) * $ppp;
    666. 

  666. 		if($_GET['filter'] != 'unread') {
    667. 

  667. 			$count = C::t('common_member_grouppm')->count_by_gpmid($do, 1);
    668. 

  668. 		} else {
    669. 

  669. 			$count = $unreads;
    670. 

  670. 		}
    671. 

  671. 		$multipage = multi($count, $ppp, $page, ADMINSCRIPT."?action=members&operation=grouppmlist&do=$do".$filteradd);
    672. 

  672. 		$alldata = C::t('common_member_grouppm')->fetch_all_by_gpmid($gpmid, $_GET['filter'] == 'read' ? 1 : 0, $start_limit, $ppp);
    673. 

  673. 		$allmember = $gpmuser ? C::t('common_member')->fetch_all_username_by_uid(array_keys($gpmuser)) : array();
    674. 

  674. 		foreach($alldata as $uid => $gpmuser) {
    675. 

  675. 			echo '<div style="margin-bottom:5px;float:left;width:24%"><b><a href="home.php?mod=space&uid='.$uid.'" target="_blank">'.$allmember[$uid].'</a></b><br />&nbsp;';
    676. 

  676. 			if($gpmuser['status'] == 0) {
    677. 

  677. 				echo '<span class="lightfont">'.cplang('members_grouppmlist_status_0').'</span>';
    678. 

  678. 			} else {
    679. 

  679. 				echo dgmdate($gpmuser['dateline'], 'u').' '.cplang('members_grouppmlist_status_1');
    680. 

  680. 				if($gpmuser['status'] == -1) {
    681. 

  681. 					echo ', <span class="error">'.cplang('members_grouppmlist_status_-1').'</span>';
    682. 

  682. 				}
    683. 

  683. 			}
    684. 

  684. 			echo '</div>';
    685. 

  685. 		}
    686. 

  686. 		echo $multipage;
    687. 

  687. 	}
    688. 

  688. 

  689. } elseif($operation == 'reward') {
    690. 

  690. 

  691. 	if(!submitcheck('rewardsubmit', 1)) {
    692. 

  692. 

  693. 		shownav('user', 'nav_members_reward');
    694. 

  694. 		showsubmenusteps('nav_members_reward', array(
    695. 

  695. 			array('nav_members_select', !$_GET['submit']),
    696. 

  696. 			array('nav_members_reward', $_GET['submit']),
    697. 

  697. 		));
    698. 

  698. 

  699. 		showsearchform('reward');
    700. 

  700. 

  701. 		if(submitcheck('submit', 1)) {
    702. 

  702. 

  703. 			$membernum = countmembers($search_condition, $urladd);
    704. 

  704. 			showtagheader('div', 'reward', TRUE);
    705. 

  705. 			showformheader('members&operation=reward'.$urladd);
    706. 

  706. 			echo '<table class="tb tb1">';
    707. 

  707. 

  708. 			if(!$membernum) {
    709. 

  709. 				showtablerow('', 'class="lineheight"', $lang['members_search_nonexistence']);
    710. 

  710. 				showtablefooter();
    711. 

  711. 			} else {
    712. 

  712. 

  713. 				$creditscols = array('credits_title');
    714. 

  714. 				$creditsvalue = $resetcredits = array();
    715. 

  715. 				$js_extcreditids = '';
    716. 

  716. 				for($i=1; $i<=8; $i++) {
    717. 

  717. 					$js_extcreditids .= (isset($_G['setting']['extcredits'][$i]) ? ($js_extcreditids ? ',' : '').$i : '');
    718. 

  718. 					$creditscols[] = isset($_G['setting']['extcredits'][$i]) ? $_G['setting']['extcredits'][$i]['title'] : 'extcredits'.$i;
    719. 

  719. 					$creditsvalue[] = isset($_G['setting']['extcredits'][$i]) ? '<input type="text" class="txt" size="3" id="addextcredits['.$i.']" name="addextcredits['.$i.']" value="0"> '.$_G['setting']['extcredits']['$i']['unit'] : '<input type="text" class="txt" size="3" value="N/A" disabled>';
    720. 

  720. 					$resetcredits[] = isset($_G['setting']['extcredits'][$i]) ? '<input type="checkbox" id="resetextcredits['.$i.']" name="resetextcredits['.$i.']" value="1" class="radio" disabled> '.$_G['setting']['extcredits']['$i']['unit'] : '<input type="checkbox" disabled  class="radio">';
    721. 

  721. 				}
    722. 

  722. 				$creditsvalue = array_merge(array('<input type="radio" name="updatecredittype" id="updatecredittype0" value="0" class="radio" onclick="var extcredits = new Array('.$js_extcreditids.'); for(k in extcredits) {$(\'resetextcredits[\'+extcredits[k]+\']\').disabled = true; $(\'addextcredits[\'+extcredits[k]+\']\').disabled = false;}" checked="checked" /><label for="updatecredittype0">'.$lang['members_reward_value'].'</label>'), $creditsvalue);
    723. 

  723. 				$resetcredits = array_merge(array('<input type="radio" name="updatecredittype" id="updatecredittype1" value="1" class="radio" onclick="var extcredits = new Array('.$js_extcreditids.'); for(k in extcredits) {$(\'addextcredits[\'+extcredits[k]+\']\').disabled = true; $(\'resetextcredits[\'+extcredits[k]+\']\').disabled = false;}" /><label for="updatecredittype1">'.$lang['members_reward_clean'].'</label>'), $resetcredits);
    724. 

  724. 

  725. 				showtablerow('class="first"', array('class="th11"'), array(
    726. 

  726. 					cplang('members_reward_members'),
    727. 

  727. 					cplang('members_search_result', array('membernum' => $membernum))."<a href=\"###\" onclick=\"$('searchmembers').style.display='';$('reward').style.display='none';$('step1').className='current';$('step2').className='';\" class=\"act\">$lang[research]</a>"
    728. 

  728. 				));
    729. 

  729. 

  730. 				echo '<tr><td class="th12">'.cplang('nav_members_reward').'</td><td>';
    731. 

  731. 				showtableheader('', 'noborder');
    732. 

  732. 				showsubtitle($creditscols);
    733. 

  733. 				showtablerow('', array('class="td23"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"'), $creditsvalue);
    734. 

  734. 				showtablerow('', array('class="td23"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"'), $resetcredits);
    735. 

  735. 				showtablefooter();
    736. 

  736. 				showtablefooter();
    737. 

  737. 

  738. 				showtagheader('div', 'messagebody');
    739. 

  739. 				shownewsletter();
    740. 

  740. 				showtagfooter('div');
    741. 

  741. 				showsubmit('rewardsubmit', 'submit', 'td', '<input class="checkbox" type="checkbox" name="notifymember" value="1" onclick="$(\'messagebody\').style.display = this.checked ? \'\' : \'none\'" id="credits_notify" /><label for="credits_notify">'.cplang('members_reward_notify').'</label>');
    742. 

  742. 

  743. 			}
    744. 

  744. 

  745. 			showtablefooter();
    746. 

  746. 			showformfooter();
    747. 

  747. 			showtagfooter('div');
    748. 

  748. 

  749. 		}
    750. 

  750. 

  751. 	} else {
    752. 

  752. 		if(!empty($_POST['conditions'])) $search_condition = dunserialize($_POST['conditions']);
    753. 

  753. 		$membernum = countmembers($search_condition, $urladd);
    754. 

  754. 		notifymembers('reward', 'creditsnotify');
    755. 

  755. 

  756. 	}
    757. 

  757. 

  758. } elseif($operation == 'confermedal') {
    759. 

  759. 

  760. 	$medals = '';
    761. 

  761. 	foreach(C::t('forum_medal')->fetch_all_data(1) as $medal) {
    762. 

  762. 		$medals .= showtablerow('', array('class="td25"', 'class="td23"'), array(
    763. 

  763. 			"<input class=\"checkbox\" type=\"checkbox\" name=\"medals[$medal[medalid]]\" value=\"1\" />",
    764. 

  764. 			"<img src=\"static/image/common/$medal[image]\" />",
    765. 

  765. 			$medal['name']
    766. 

  766. 		), TRUE);
    767. 

  767. 	}
    768. 

  768. 

  769. 	if(!$medals) {
    770. 

  770. 		cpmsg('members_edit_medals_nonexistence', 'action=medals', 'error');
    771. 

  771. 	}
    772. 

  772. 

  773. 	if(!submitcheck('confermedalsubmit', 1)) {
    774. 

  774. 

  775. 		shownav('extended', 'nav_medals', 'nav_members_confermedal');
    776. 

  776. 		showsubmenusteps('nav_members_confermedal', array(
    777. 

  777. 			array('nav_members_select', !$_GET['submit']),
    778. 

  778. 			array('nav_members_confermedal', $_GET['submit']),
    779. 

  779. 		), array(
    780. 

  780. 			array('admin', 'medals', 0),
    781. 

  781. 			array('nav_medals_confer', 'members&operation=confermedal', 1),
    782. 

  782. 			array('nav_medals_mod', 'medals&operation=mod', 0)
    783. 

  783. 		));
    784. 

  784. 

  785. 		showsearchform('confermedal');
    786. 

  786. 

  787. 		if(submitcheck('submit', 1)) {
    788. 

  788. 

  789. 			$membernum = countmembers($search_condition, $urladd);
    790. 

  790. 

  791. 			showtagheader('div', 'confermedal', TRUE);
    792. 

  792. 			showformheader('members&operation=confermedal'.$urladd);
    793. 

  793. 			echo '<table class="tb tb1">';
    794. 

  794. 

  795. 			if(!$membernum) {
    796. 

  796. 				showtablerow('', 'class="lineheight"', $lang['members_search_nonexistence']);
    797. 

  797. 				showtablefooter();
    798. 

  798. 			} else {
    799. 

  799. 

  800. 				showtablerow('class="first"', array('class="th11"'), array(
    801. 

  801. 					cplang('members_confermedal_members'),
    802. 

  802. 					cplang('members_search_result', array('membernum' => $membernum))."<a href=\"###\" onclick=\"$('searchmembers').style.display='';$('confermedal').style.display='none';$('step1').className='current';$('step2').className='';\" class=\"act\">$lang[research]</a>"
    803. 

  803. 				));
    804. 

  804. 

  805. 				echo '<tr><td class="th12">'.cplang('members_confermedal').'</td><td>';
    806. 

  806. 				showtableheader('', 'noborder');
    807. 

  807. 				showsubtitle(array('medals_grant', 'medals_image', 'name'));
    808. 

  808. 				echo $medals;
    809. 

  809. 				showtablefooter();
    810. 

  810. 				showtablefooter();
    811. 

  811. 

  812. 				showtagheader('div', 'messagebody');
    813. 

  813. 				shownewsletter();
    814. 

  814. 				showtagfooter('div');
    815. 

  815. 				showsubmit('confermedalsubmit', 'submit', 'td', '<input class="checkbox" type="checkbox" name="notifymember" value="1" onclick="$(\'messagebody\').style.display = this.checked ? \'\' : \'none\'" id="grant_notify"/><label for="grant_notify">'.cplang('medals_grant_notify').'</label>');
    816. 

  816. 

  817. 			}
    818. 

  818. 

  819. 			showtablefooter();
    820. 

  820. 			showformfooter();
    821. 

  821. 			showtagfooter('div');
    822. 

  822. 

  823. 		}
    824. 

  824. 

  825. 	} else {
    826. 

  826. 		if(!empty($_POST['conditions'])) $search_condition = dunserialize($_POST['conditions']);
    827. 

  827. 		$membernum = countmembers($search_condition, $urladd);
    828. 

  828. 		notifymembers('confermedal', 'medalletter');
    829. 

  829. 

  830. 	}
    831. 

  831. } elseif($operation == 'confermagic') {
    832. 

  832. 

  833. 	$magics = '';
    834. 

  834. 	foreach(C::t('common_magic')->fetch_all_data(1) as $magic) {
    835. 

  835. 		$magics .= showtablerow('', array('class="td25"', 'class="td23"', 'class="td25"', ''), array(
    836. 

  836. 			"<input class=\"checkbox\" type=\"checkbox\" name=\"magic[]\" value=\"$magic[magicid]\" />",
    837. 

  837. 			"<img src=\"static/image/magic/$magic[identifier].gif\" />",
    838. 

  838. 			$magic['name'],
    839. 

  839. 			'<input class="txt" type="text" name="magicnum['.$magic['magicid'].']" value="1" size="3">'
    840. 

  840. 		), TRUE);
    841. 

  841. 	}
    842. 

  842. 

  843. 	if(!$magics) {
    844. 

  844. 		cpmsg('members_edit_magics_nonexistence', 'action=magics', 'error');
    845. 

  845. 	}
    846. 

  846. 

  847. 	if(!submitcheck('confermagicsubmit', 1)) {
    848. 

  848. 

  849. 		shownav('extended', 'nav_magics', 'nav_members_confermagic');
    850. 

  850. 		showsubmenusteps('nav_members_confermagic', array(
    851. 

  851. 			array('nav_members_select', !$_GET['submit']),
    852. 

  852. 			array('nav_members_confermagic', $_GET['submit']),
    853. 

  853. 		), array(
    854. 

  854. 			array('admin', 'magics&operation=admin', 0),
    855. 

  855. 			array('nav_magics_confer', 'members&operation=confermagic', 1)
    856. 

  856. 		));
    857. 

  857. 

  858. 		showsearchform('confermagic');
    859. 

  859. 

  860. 		if(submitcheck('submit', 1)) {
    861. 

  861. 

  862. 			$membernum = countmembers($search_condition, $urladd);
    863. 

  863. 

  864. 			showtagheader('div', 'confermedal', TRUE);
    865. 

  865. 			showformheader('members&operation=confermagic'.$urladd);
    866. 

  866. 			echo '<table class="tb tb1">';
    867. 

  867. 

  868. 			if(!$membernum) {
    869. 

  869. 				showtablerow('', 'class="lineheight"', $lang['members_search_nonexistence']);
    870. 

  870. 				showtablefooter();
    871. 

  871. 			} else {
    872. 

  872. 

  873. 				showtablerow('class="first"', array('class="th11"'), array(
    874. 

  874. 					cplang('members_confermagic_members'),
    875. 

  875. 					cplang('members_search_result', array('membernum' => $membernum))."<a href=\"###\" onclick=\"$('searchmembers').style.display='';$('confermedal').style.display='none';$('step1').className='current';$('step2').className='';\" class=\"act\">$lang[research]</a>"
    876. 

  876. 				));
    877. 

  877. 

  878. 				echo '<tr><td class="th12">'.cplang('members_confermagic').'</td><td>';
    879. 

  879. 				showtableheader('', 'noborder');
    880. 

  880. 				showsubtitle(array('nav_magics_confer', 'nav_magics_image', 'nav_magics_name', 'nav_magics_num'));
    881. 

  881. 				echo $magics;
    882. 

  882. 				showtablefooter();
    883. 

  883. 				showtablefooter();
    884. 

  884. 

  885. 				showtagheader('div', 'messagebody');
    886. 

  886. 				shownewsletter();
    887. 

  887. 				showtagfooter('div');
    888. 

  888. 				showsubmit('confermagicsubmit', 'submit', 'td', '<input class="checkbox" type="checkbox" name="notifymember" value="1" onclick="$(\'messagebody\').style.display = this.checked ? \'\' : \'none\'" id="grant_notify"/><label for="grant_notify">'.cplang('magics_grant_notify').'</label>');
    889. 

  889. 

  890. 			}
    891. 

  891. 

  892. 			showtablefooter();
    893. 

  893. 			showformfooter();
    894. 

  894. 			showtagfooter('div');
    895. 

  895. 

  896. 		}
    897. 

  897. 

  898. 	} else {
    899. 

  899. 		if(!empty($_POST['conditions'])) $search_condition = dunserialize($_POST['conditions']);
    900. 

  900. 		$membernum = countmembers($search_condition, $urladd);
    901. 

  901. 		notifymembers('confermagic', 'magicletter');
    902. 

  902. 	}
    903. 

  903. } elseif($operation == 'add') {
    904. 

  904. 

  905. 	if(!submitcheck('addsubmit', 1)) {
    906. 

  906. 

  907. 		$groupselect = array();
    908. 

  908. 		$query = C::t('common_usergroup')->fetch_all_by_not_groupid(array(5, 6, 7));
    909. 

  909. 		foreach($query as $group) {
    910. 

  910. 			$group['type'] = $group['type'] == 'special' && $group['radminid'] ? 'specialadmin' : $group['type'];
    911. 

  911. 			if($group['type'] == 'member' && $group['creditshigher'] == 0) {
    912. 

  912. 				$groupselect[$group['type']] .= "<option value=\"$group[groupid]\" selected>$group[grouptitle]</option>\n";
    913. 

  913. 			} else {
    914. 

  914. 				$groupselect[$group['type']] .= "<option value=\"$group[groupid]\">$group[grouptitle]</option>\n";
    915. 

  915. 			}
    916. 

  916. 		}
    917. 

  917. 		$groupselect = '<optgroup label="'.$lang['usergroups_member'].'">'.$groupselect['member'].'</optgroup>'.
    918. 

  918. 			($groupselect['special'] ? '<optgroup label="'.$lang['usergroups_special'].'">'.$groupselect['special'].'</optgroup>' : '').
    919. 

  919. 			($groupselect['specialadmin'] ? '<optgroup label="'.$lang['usergroups_specialadmin'].'">'.$groupselect['specialadmin'].'</optgroup>' : '').
    920. 

  920. 			'<optgroup label="'.$lang['usergroups_system'].'">'.$groupselect['system'].'</optgroup>';
    921. 

  921. 		shownav('user', 'nav_members_add');
    922. 

  922. 		showsubmenu('members_add');
    923. 

  923. 		showformheader('members&operation=add');
    924. 

  924. 		showtableheader();
    925. 

  925. 		showsetting('username', 'newusername', '', 'text');
    926. 

  926. 		showsetting('password', 'newpassword', '', 'text');
    927. 

  927. 		showsetting('email', 'newemail', '', 'text');
    928. 

  928. 		showsetting('usergroup', '', '', '<select name="newgroupid">'.$groupselect.'</select>');
    929. 

  929. 		showsetting('members_add_email_notify', 'emailnotify', '', 'radio');
    930. 

  930. 		showsubmit('addsubmit');
    931. 

  931. 		showtablefooter();
    932. 

  932. 		showformfooter();
    933. 

  933. 

  934. 	} else {
    935. 

  935. 

  936. 		$newusername = trim($_GET['newusername']);
    937. 

  937. 		$newpassword = trim($_GET['newpassword']);
    938. 

  938. 		$newemail = strtolower(trim($_GET['newemail']));
    939. 

  939. 

  940. 		if(!$newusername || !isset($_GET['confirmed']) && !$newpassword || !isset($_GET['confirmed']) && !$newemail) {
    941. 

  941. 			cpmsg('members_add_invalid', '', 'error');
    942. 

  942. 		}
    943. 

  943. 

  944. 		if(C::t('common_member')->fetch_uid_by_username($newusername) || C::t('common_member_archive')->fetch_uid_by_username($newusername)) {
    945. 

  945. 			cpmsg('members_add_username_duplicate', '', 'error');
    946. 

  946. 		}
    947. 

  947. 

  948. 		loaducenter();
    949. 

  949. 

  950. 		$uid = uc_user_register(addslashes($newusername), $newpassword, $newemail);
    951. 

  951. 		if($uid <= 0) {
    952. 

  952. 			if($uid == -1) {
    953. 

  953. 				cpmsg('members_add_illegal', '', 'error');
    954. 

  954. 			} elseif($uid == -2) {
    955. 

  955. 				cpmsg('members_username_protect', '', 'error');
    956. 

  956. 			} elseif($uid == -3) {
    957. 

  957. 				if(empty($_GET['confirmed'])) {
    958. 

  958. 					cpmsg('members_add_username_activation', 'action=members&operation=add&addsubmit=yes&newgroupid='.$_GET['newgroupid'].'&newusername='.rawurlencode($newusername), 'form');
    959. 

  959. 				} else {
    960. 

  960. 					list($uid,, $newemail) = uc_get_user(addslashes($newusername));
    961. 

  961. 				}
    962. 

  962. 			} elseif($uid == -4) {
    963. 

  963. 				cpmsg('members_email_illegal', '', 'error');
    964. 

  964. 			} elseif($uid == -5) {
    965. 

  965. 				cpmsg('members_email_domain_illegal', '', 'error');
    966. 

  966. 			} elseif($uid == -6) {
    967. 

  967. 				cpmsg('members_email_duplicate', '', 'error');
    968. 

  968. 			}
    969. 

  969. 		}
    970. 

  970. 

  971. 		$group = C::t('common_usergroup')->fetch($_GET['newgroupid']);
    972. 

  972. 		$newadminid = in_array($group['radminid'], array(1, 2, 3)) ? $group['radminid'] : ($group['type'] == 'special' ? -1 : 0);
    973. 

  973. 		if($group['radminid'] == 1) {
    974. 

  974. 			cpmsg('members_add_admin_none', '', 'error');
    975. 

  975. 		}
    976. 

  976. 		if(in_array($group['groupid'], array(5, 6, 7))) {
    977. 

  977. 			cpmsg('members_add_ban_all_none', '', 'error');
    978. 

  978. 		}
    979. 

  979. 

  980. 		$profile = $verifyarr = array();
    981. 

  981. 		loadcache('fields_register');
    982. 

  982. 		$init_arr = explode(',', $_G['setting']['initcredits']);
    983. 

  983. 		$password = md5(random(10));
    984. 

  984. 		C::t('common_member')->insert($uid, $newusername, $password, $newemail, 'Manual Acting', $_GET['newgroupid'], $init_arr, $newadminid);
    985. 

  985. 		if($_GET['emailnotify']) {
    986. 

  986. 			if(!function_exists('sendmail')) {
    987. 

  987. 				include libfile('function/mail');
    988. 

  988. 			}
    989. 

  989. 			$add_member_subject = lang('email', 'add_member_subject');
    990. 

  990. 			$add_member_message = lang('email', 'add_member_message', array(
    991. 

  991. 				'newusername' => $newusername,
    992. 

  992. 				'bbname' => $_G['setting']['bbname'],
    993. 

  993. 				'adminusername' => $_G['member']['username'],
    994. 

  994. 				'siteurl' => $_G['siteurl'],
    995. 

  995. 				'newpassword' => $newpassword,
    996. 

  996. 			));
    997. 

  997. 			if(!sendmail("$newusername <$newemail>", $add_member_subject, $add_member_message)) {
    998. 

  998. 				runlog('sendmail', "$newemail sendmail failed.");
    999. 

  999. 			}
    1000. 

  1000. 		}
    1001. 

  1001. 

  1002. 		updatecache('setting');
    1003. 

  1003. 		cpmsg('members_add_succeed', '', 'succeed', array('username' => $newusername, 'uid' => $uid));
    1004. 

  1004. 

  1005. 	}
    1006. 

  1006. 

  1007. } elseif($operation == 'group') {
    1008. 

  1008. 	$membermf = C::t('common_member_field_forum'.$tableext)->fetch($_GET['uid']);
    1009. 

  1009. 	$membergroup = C::t('common_usergroup')->fetch($member['groupid']);
    1010. 

  1010. 	$member = array_merge($member, (array)$membermf, $membergroup);
    1011. 

  1011. 

  1012. 	if(!submitcheck('editsubmit')) {
    1013. 

  1013. 

  1014. 		$checkadminid = array(($member['adminid'] >= 0 ? $member['adminid'] : 0) => 'checked');
    1015. 

  1015. 

  1016. 		$member['groupterms'] = dunserialize($member['groupterms']);
    1017. 

  1017. 

  1018. 		if($member['groupterms']['main']) {
    1019. 

  1019. 			$expirydate = dgmdate($member['groupterms']['main']['time'], 'Y-n-j');
    1020. 

  1020. 			$expirydays = ceil(($member['groupterms']['main']['time'] - TIMESTAMP) / 86400);
    1021. 

  1021. 			$selecteaid = array($member['groupterms']['main']['adminid'] => 'selected');
    1022. 

  1022. 			$selectegid = array($member['groupterms']['main']['groupid'] => 'selected');
    1023. 

  1023. 		} else {
    1024. 

  1024. 			$expirydate = $expirydays = '';
    1025. 

  1025. 			$selecteaid = array($member['adminid'] => 'selected');
    1026. 

  1026. 			$selectegid = array(($member['type'] == 'member' ? 0 : $member['groupid']) => 'selected');
    1027. 

  1027. 		}
    1028. 

  1028. 

  1029. 		$extgroups = $expgroups = '';
    1030. 

  1030. 		$radmingids = 0;
    1031. 

  1031. 		$extgrouparray = explode("\t", $member['extgroupids']);
    1032. 

  1032. 		$groups = array('system' => '', 'special' => '', 'member' => '');
    1033. 

  1033. 		$group = array('groupid' => 0, 'radminid' => 0, 'type' => '', 'grouptitle' => $lang['usergroups_system_0'], 'creditshigher' => 0, 'creditslower' => '0');
    1034. 

  1034. 		$query = array_merge(array($group), (array)C::t('common_usergroup')->fetch_all_not(array(6, 7)));
    1035. 

  1035. 		foreach($query as $group) {
    1036. 

  1036. 			if($group['groupid'] && !in_array($group['groupid'], array(4, 5, 6, 7, 8)) && ($group['type'] == 'system' || $group['type'] == 'special')) {
    1037. 

  1037. 				$extgroups .= showtablerow('', array('class="td27"', 'style="width:70%"'), array(
    1038. 

  1038. 					'<input class="checkbox" type="checkbox" name="extgroupidsnew[]" value="'.$group['groupid'].'" '.(in_array($group['groupid'], $extgrouparray) ? 'checked' : '').' id="extgid_'.$group['groupid'].'" /><label for="extgid_'.$group['groupid'].'"> '.$group['grouptitle'].'</label>',
    1039. 

  1039. 					'<input type="text" class="txt" size="9" name="extgroupexpirynew['.$group['groupid'].']" value="'.(in_array($group['groupid'], $extgrouparray) && !empty($member['groupterms']['ext'][$group['groupid']]) ? dgmdate($member['groupterms']['ext'][$group['groupid']], 'Y-n-j') : '').'" onclick="showcalendar(event, this)" />'
    1040. 

  1040. 				), TRUE);
    1041. 

  1041. 			}
    1042. 

  1042. 			if($group['groupid'] && $group['type'] == 'member' && !($member['credits'] >= $group['creditshigher'] && $member['credits'] < $group['creditslower']) && $member['groupid'] != $group['groupid']) {
    1043. 

  1043. 				continue;
    1044. 

  1044. 			}
    1045. 

  1045. 

  1046. 			$expgroups .= '<option name="expgroupidnew" value="'.$group['groupid'].'" '.$selectegid[$group['groupid']].'>'.$group['grouptitle'].'</option>';
    1047. 

  1047. 

  1048. 			if($group['groupid'] != 0) {
    1049. 

  1049. 				$group['type'] = $group['type'] == 'special' && $group['radminid'] ? 'specialadmin' : $group['type'];
    1050. 

  1050. 				$groups[$group['type']] .= '<option value="'.$group['groupid'].'"'.($member['groupid'] == $group['groupid'] ? 'selected="selected"' : '').' gtype="'.$group['type'].'">'.$group['grouptitle'].'</option>';
    1051. 

  1051. 				if($group['type'] == 'special' && !$group['radminid']) {
    1052. 

  1052. 					$radmingids .= ','.$group['groupid'];
    1053. 

  1053. 				}
    1054. 

  1054. 			}
    1055. 

  1055. 

  1056. 		}
    1057. 

  1057. 

  1058. 		if(!$groups['member']) {
    1059. 

  1059. 			$group = C::t('common_usergroup')->fetch_new_groupid(true);
    1060. 

  1060. 			$groups['member'] = '<option value="'.$group['groupid'].'" gtype="member">'.$group['grouptitle'].'</option>';
    1061. 

  1061. 		}
    1062. 

  1062. 

  1063. 		shownav('user', 'members_group');
    1064. 

  1064. 		showsubmenu('members_group_member', array(), '', array('username' => $member['username']));
    1065. 

  1065. 		echo '<script src="static/js/calendar.js" type="text/javascript"></script>';
    1066. 

  1066. 		showformheader("members&operation=group&uid=$member[uid]");
    1067. 

  1067. 		showtableheader('usergroup', 'nobottom');
    1068. 

  1068. 		showsetting('members_group_group', '', '', '<select name="groupidnew" onchange="if(in_array(this.value, ['.$radmingids.'])) {$(\'relatedadminid\').style.display = \'\';$(\'adminidnew\').name=\'adminidnew[\' + this.value + \']\';} else {$(\'relatedadminid\').style.display = \'none\';$(\'adminidnew\').name=\'adminidnew[0]\';}"><optgroup label="'.$lang['usergroups_system'].'">'.$groups['system'].'<optgroup label="'.$lang['usergroups_special'].'">'.$groups['special'].'<optgroup label="'.$lang['usergroups_specialadmin'].'">'.$groups['specialadmin'].'<optgroup label="'.$lang['usergroups_member'].'">'.$groups['member'].'</select>');
    1069. 

  1069. 		showtagheader('tbody', 'relatedadminid', $member['type'] == 'special' && !$member['radminid'], 'sub');
    1070. 

  1070. 		showsetting('members_group_related_adminid', '', '', '<select id="adminidnew" name="adminidnew['.$member['groupid'].']"><option value="0"'.($member['adminid'] == 0 ? ' selected' : '').'>'.$lang['none'].'</option><option value="3"'.($member['adminid'] == 3 ? ' selected' : '').'>'.$lang['usergroups_system_3'].'</option><option value="2"'.($member['adminid'] == 2 ? ' selected' : '').'>'.$lang['usergroups_system_2'].'</option><option value="1"'.($member['adminid'] == 1 ? ' selected' : '').'>'.$lang['usergroups_system_1'].'</option></select>');
    1071. 

  1071. 		showtagfooter('tbody');
    1072. 

  1072. 		showsetting('members_group_validity', 'expirydatenew', $expirydate, 'calendar');
    1073. 

  1073. 		showsetting('members_group_orig_adminid', '', '', '<select name="expgroupidnew">'.$expgroups.'</select>');
    1074. 

  1074. 		showsetting('members_group_orig_groupid', '', '', '<select name="expadminidnew"><option value="0" '.$selecteaid[0].'>'.$lang['usergroups_system_0'].'</option><option value="1" '.$selecteaid[1].'>'.$lang['usergroups_system_1'].'</option><option value="2" '.$selecteaid[2].'>'.$lang['usergroups_system_2'].'</option><option value="3" '.$selecteaid[3].'>'.$lang['usergroups_system_3'].'</option></select>');
    1075. 

  1075. 		showtablefooter();
    1076. 

  1076. 

  1077. 		showtableheader('members_group_extended', 'noborder fixpadding');
    1078. 

  1078. 		showsubtitle(array('usergroup', 'validity'));
    1079. 

  1079. 		echo $extgroups;
    1080. 

  1080. 		showtablerow('', 'colspan="2"', cplang('members_group_extended_comment'));
    1081. 

  1081. 		showtablefooter();
    1082. 

  1082. 

  1083. 		showtableheader('members_edit_reason', 'notop');
    1084. 

  1084. 		showsetting('members_group_ban_reason', 'reason', '', 'textarea');
    1085. 

  1085. 		showsubmit('editsubmit');
    1086. 

  1086. 		showtablefooter();
    1087. 

  1087. 

  1088. 		showformfooter();
    1089. 

  1089. 

  1090. 	} else {
    1091. 

  1091. 

  1092. 		$group = C::t('common_usergroup')->fetch($_GET['groupidnew']);
    1093. 

  1093. 		if(!$group) {
    1094. 

  1094. 			cpmsg('undefined_action', '', 'error');
    1095. 

  1095. 		}
    1096. 

  1096. 

  1097. 		if(strlen(is_array($_GET['extgroupidsnew']) ? implode("\t", $_GET['extgroupidsnew']) : '') > 30) {
    1098. 

  1098. 			cpmsg('members_edit_groups_toomany', '', 'error');
    1099. 

  1099. 		}
    1100. 

  1100. 

  1101. 		if($member['groupid'] != $_GET['groupidnew'] && isfounder($member)) {
    1102. 

  1102. 			cpmsg('members_edit_groups_isfounder', '', 'error');
    1103. 

  1103. 		}
    1104. 

  1104. 

  1105. 		$_GET['adminidnew'] = $_GET['adminidnew'][$_GET['groupidnew']];
    1106. 

  1106. 		switch($group['type']) {
    1107. 

  1107. 			case 'member':
    1108. 

  1108. 				$_GET['groupidnew'] = in_array($_GET['adminidnew'], array(1, 2, 3)) ? $_GET['adminidnew'] : $_GET['groupidnew'];
    1109. 

  1109. 				break;
    1110. 

  1110. 			case 'special':
    1111. 

  1111. 				if($group['radminid']) {
    1112. 

  1112. 					$_GET['adminidnew'] = $group['radminid'];
    1113. 

  1113. 				} elseif(!in_array($_GET['adminidnew'], array(1, 2, 3))) {
    1114. 

  1114. 					$_GET['adminidnew'] = -1;
    1115. 

  1115. 				}
    1116. 

  1116. 				break;
    1117. 

  1117. 			case 'system':
    1118. 

  1118. 				$_GET['adminidnew'] = in_array($_GET['groupidnew'], array(1, 2, 3)) ? $_GET['groupidnew'] : -1;
    1119. 

  1119. 				break;
    1120. 

  1120. 		}
    1121. 

  1121. 

  1122. 		$groupterms = array();
    1123. 

  1123. 

  1124. 		if($_GET['expirydatenew']) {
    1125. 

  1125. 

  1126. 			$maingroupexpirynew = strtotime($_GET['expirydatenew']);
    1127. 

  1127. 

  1128. 			$group = C::t('common_usergroup')->fetch($_GET['expgroupidnew']);
    1129. 

  1129. 			if(!$group) {
    1130. 

  1130. 				$_GET['expgroupidnew'] = in_array($_GET['expadminidnew'], array(1, 2, 3)) ? $_GET['expadminidnew'] : $_GET['expgroupidnew'];
    1131. 

  1131. 			} else {
    1132. 

  1132. 				switch($group['type']) {
    1133. 

  1133. 					case 'special':
    1134. 

  1134. 						if($group['radminid']) {
    1135. 

  1135. 							$_GET['expadminidnew'] = $group['radminid'];
    1136. 

  1136. 						} elseif(!in_array($_GET['expadminidnew'], array(1, 2, 3))) {
    1137. 

  1137. 							$_GET['expadminidnew'] = -1;
    1138. 

  1138. 						}
    1139. 

  1139. 						break;
    1140. 

  1140. 					case 'system':
    1141. 

  1141. 						$_GET['expadminidnew'] = in_array($_GET['expgroupidnew'], array(1, 2, 3)) ? $_GET['expgroupidnew'] : -1;
    1142. 

  1142. 						break;
    1143. 

  1143. 				}
    1144. 

  1144. 			}
    1145. 

  1145. 

  1146. 			if($_GET['expgroupidnew'] == $_GET['groupidnew']) {
    1147. 

  1147. 				cpmsg('members_edit_groups_illegal', '', 'error');
    1148. 

  1148. 			} elseif($maingroupexpirynew > TIMESTAMP) {
    1149. 

  1149. 				if($_GET['expgroupidnew'] || $_GET['expadminidnew']) {
    1150. 

  1150. 					$groupterms['main'] = array('time' => $maingroupexpirynew, 'adminid' => $_GET['expadminidnew'], 'groupid' => $_GET['expgroupidnew']);
    1151. 

  1151. 				} else {
    1152. 

  1152. 					$groupterms['main'] = array('time' => $maingroupexpirynew);
    1153. 

  1153. 				}
    1154. 

  1154. 				$groupterms['ext'][$_GET['groupidnew']] = $maingroupexpirynew;
    1155. 

  1155. 			}
    1156. 

  1156. 

  1157. 		}
    1158. 

  1158. 

  1159. 		if(is_array($_GET['extgroupexpirynew'])) {
    1160. 

  1160. 			foreach($_GET['extgroupexpirynew'] as $extgroupid => $expiry) {
    1161. 

  1161. 				if(is_array($_GET['extgroupidsnew']) && in_array($extgroupid, $_GET['extgroupidsnew']) && !isset($groupterms['ext'][$extgroupid]) && $expiry && ($expiry = strtotime($expiry)) > TIMESTAMP) {
    1162. 

  1162. 					$groupterms['ext'][$extgroupid] = $expiry;
    1163. 

  1163. 				}
    1164. 

  1164. 			}
    1165. 

  1165. 		}
    1166. 

  1166. 

  1167. 		$grouptermsnew = serialize($groupterms);
    1168. 

  1168. 		$groupexpirynew = groupexpiry($groupterms);
    1169. 

  1169. 		$extgroupidsnew = $_GET['extgroupidsnew'] && is_array($_GET['extgroupidsnew']) ? implode("\t", $_GET['extgroupidsnew']) : '';
    1170. 

  1170. 

  1171. 		C::t('common_member'.$tableext)->update($member['uid'], array('groupid'=>$_GET['groupidnew'], 'adminid'=>$_GET['adminidnew'], 'extgroupids'=>$extgroupidsnew, 'groupexpiry'=>$groupexpirynew));
    1172. 

  1172. 		if(C::t('common_member_field_forum'.$tableext)->fetch($member['uid'])) {
    1173. 

  1173. 			C::t('common_member_field_forum'.$tableext)->update($member['uid'], array('groupterms' => $grouptermsnew));
    1174. 

  1174. 		} else {
    1175. 

  1175. 			C::t('common_member_field_forum'.$tableext)->insert(array('uid' => $member['uid'], 'groupterms' => $grouptermsnew));
    1176. 

  1176. 		}
    1177. 

  1177. 

  1178. 		if($_GET['groupidnew'] != $member['groupid'] && (in_array($_GET['groupidnew'], array(4, 5)) || in_array($member['groupid'], array(4, 5)))) {
    1179. 

  1179. 			$my_opt = in_array($_GET['groupidnew'], array(4, 5)) ? 'banuser' : 'unbanuser';
    1180. 

  1180. 			$log_handler = Cloud::loadClass('Cloud_Service_SearchHelper');
    1181. 

  1181. 			$log_handler->myThreadLog($my_opt, array('uid' => $member['uid']));
    1182. 

  1182. 			banlog($member['username'], $member['groupid'], $_GET['groupidnew'], $groupexpirynew, $_GET['reason']);
    1183. 

  1183. 		}
    1184. 

  1184. 

  1185. 		cpmsg('members_edit_groups_succeed', "action=members&operation=group&uid=$member[uid]", 'succeed');
    1186. 

  1186. 

  1187. 	}
    1188. 

  1188. 

  1189. } elseif($operation == 'credit' && $_G['setting']['extcredits']) {
    1190. 

  1190. 

  1191. 	if($tableext) {
    1192. 

  1192. 		cpmsg('members_edit_credits_failure', '', 'error');
    1193. 

  1193. 	}
    1194. 

  1194. 	$membercount = C::t('common_member_count'.$tableext)->fetch($member['uid']);
    1195. 

  1195. 	$membergroup = C::t('common_usergroup')->fetch($member['groupid']);
    1196. 

  1196. 	$member = array_merge($member, $membercount, $membergroup);
    1197. 

  1197. 

  1198. 	if(!submitcheck('creditsubmit')) {
    1199. 

  1199. 

  1200. 		eval("\$membercredit = @round({$_G[setting][creditsformula]});");
    1201. 

  1201. 

  1202. 		if(($jscreditsformula = C::t('common_setting')->fetch('creditsformula'))) {
    1203. 

  1203. 			$jscreditsformula = str_replace(array('digestposts', 'posts', 'threads'), array($member['digestposts'], $member['posts'],$member['threads']), $jscreditsformula);
    1204. 

  1204. 		}
    1205. 

  1205. 

  1206. 		$creditscols = array('members_credit_ranges', 'credits');
    1207. 

  1207. 		$creditsvalue = array($member['type'] == 'member' ? "$member[creditshigher]~$member[creditslower]" : 'N/A', '<input type="text" class="txt" name="jscredits" id="jscredits" value="'.$membercredit.'" size="6" disabled style="padding:0;width:6em;border:none; background-color:transparent">');
    1208. 

  1208. 		for($i = 1; $i <= 8; $i++) {
    1209. 

  1209. 			$jscreditsformula = str_replace('extcredits'.$i, "extcredits[$i]", $jscreditsformula);
    1210. 

  1210. 			$creditscols[] = isset($_G['setting']['extcredits'][$i]) ? $_G['setting']['extcredits'][$i]['title'] : 'extcredits'.$i;
    1211. 

  1211. 			$creditsvalue[] = isset($_G['setting']['extcredits'][$i]) ? '<input type="text" class="txt" size="3" name="extcreditsnew['.$i.']" id="extcreditsnew['.$i.']" value="'.$member['extcredits'.$i].'" onkeyup="membercredits()"> '.$_G['setting']['extcredits']['$i']['unit'] : '<input type="text" class="txt" size="3" value="N/A" disabled>';
    1212. 

  1212. 		}
    1213. 

  1213. 

  1214. 		echo <<<EOT
    1215. 

  1215. <script language="JavaScript">
    1216. 

  1216. 	var extcredits = new Array();
    1217. 

  1217. 	function membercredits() {
    1218. 

  1218. 		var credits = 0;
    1219. 

  1219. 		for(var i = 1; i <= 8; i++) {
    1220. 

  1220. 			e = $('extcreditsnew['+i+']');
    1221. 

  1221. 			if(e && parseInt(e.value)) {
    1222. 

  1222. 				extcredits[i] = parseInt(e.value);
    1223. 

  1223. 			} else {
    1224. 

  1224. 				extcredits[i] = 0;
    1225. 

  1225. 			}
    1226. 

  1226. 		}
    1227. 

  1227. 		$('jscredits').value = Math.round($jscreditsformula);
    1228. 

  1228. 	}
    1229. 

  1229. </script>
    1230. 

  1230. EOT;
    1231. 

  1231. 		shownav('user', 'members_credit');
    1232. 

  1232. 		showsubmenu('members_credit');
    1233. 

  1233. 		showtips('members_credit_tips');
    1234. 

  1234. 		showformheader("members&operation=credit&uid={$_GET['uid']}");
    1235. 

  1235. 		showtableheader('<em class="right"><a href="'.ADMINSCRIPT.'?action=logs&operation=credit&srch_uid='.$_GET['uid'].'&frame=yes" target="_blank">'.cplang('members_credit_logs').'</a></em>'.cplang('members_credit').' - '.$member['username'].'('.$member['grouptitle'].')', 'nobottom');
    1236. 

  1236. 		showsubtitle($creditscols);
    1237. 

  1237. 		showtablerow('', array('', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"', 'class="td28"'), $creditsvalue);
    1238. 

  1238. 		showtablefooter();
    1239. 

  1239. 		showtableheader('', 'notop');
    1240. 

  1240. 		showtitle('members_edit_reason');
    1241. 

  1241. 		showsetting('members_credit_reason', 'reason', '', 'textarea');
    1242. 

  1242. 		showsubmit('creditsubmit');
    1243. 

  1243. 		showtablefooter();
    1244. 

  1244. 		showformfooter();
    1245. 

  1245. 

  1246. 	} else {
    1247. 

  1247. 

  1248. 		$diffarray = array();
    1249. 

  1249. 		$sql = $comma = '';
    1250. 

  1250. 		if(is_array($_GET['extcreditsnew'])) {
    1251. 

  1251. 			foreach($_GET['extcreditsnew'] as $id => $value) {
    1252. 

  1252. 				if($member['extcredits'.$id] != ($value = intval($value))) {
    1253. 

  1253. 					$diffarray[$id] = $value - $member['extcredits'.$id];
    1254. 

  1254. 					$sql .= $comma."extcredits$id='$value'";
    1255. 

  1255. 					$comma = ', ';
    1256. 

  1256. 				}
    1257. 

  1257. 			}
    1258. 

  1258. 		}
    1259. 

  1259. 

  1260. 		if($diffarray) {
    1261. 

  1261. 			foreach($diffarray as $id => $diff) {
    1262. 

  1262. 				$logs[] = dhtmlspecialchars("$_G[timestamp]\t{$_G[member][username]}\t$_G[adminid]\t$member[username]\t$id\t$diff\t0\t\t{$_GET['reason']}");
    1263. 

  1263. 			}
    1264. 

  1264. 			updatemembercount($_GET['uid'], $diffarray);
    1265. 

  1265. 			writelog('ratelog', $logs);
    1266. 

  1266. 		}
    1267. 

  1267. 

  1268. 		cpmsg('members_edit_credits_succeed', "action=members&operation=credit&uid={$_GET['uid']}", 'succeed');
    1269. 

  1269. 

  1270. 	}
    1271. 

  1271. 

  1272. } elseif($operation == 'medal') {
    1273. 

  1273. 

  1274. 	$membermf = C::t('common_member_field_forum'.$tableext)->fetch($_GET['uid']);
    1275. 

  1275. 	$member = array_merge($member, $membermf);
    1276. 

  1276. 

  1277. 	if(!submitcheck('medalsubmit')) {
    1278. 

  1278. 

  1279. 		$medals = '';
    1280. 

  1280. 		$membermedals = array();
    1281. 

  1281. 		loadcache('medals');
    1282. 

  1282. 		foreach (explode("\t", $member['medals']) as $key => $membermedal) {
    1283. 

  1283. 			list($medalid, $medalexpiration) = explode("|", $membermedal);
    1284. 

  1284. 			if(isset($_G['cache']['medals'][$medalid]) && (!$medalexpiration || $medalexpiration > TIMESTAMP)) {
    1285. 

  1285. 				$membermedals[$key] = $medalid;
    1286. 

  1286. 			} else {
    1287. 

  1287. 				unset($membermedals[$key]);
    1288. 

  1288. 			}
    1289. 

  1289. 		}
    1290. 

  1290. 

  1291. 		foreach(C::t('forum_medal')->fetch_all_data(1) as $medal) {
    1292. 

  1292. 			$medals .= showtablerow('', array('class="td25"', 'class="td23"'), array(
    1293. 

  1293. 				"<input class=\"checkbox\" type=\"checkbox\" name=\"medals[$medal[medalid]]\" value=\"1\" ".(in_array($medal['medalid'], $membermedals) ? 'checked' : '')." />",
    1294. 

  1294. 				"<img src=\"static/image/common/$medal[image]\" />",
    1295. 

  1295. 				$medal['name']
    1296. 

  1296. 

  1297. 			), TRUE);
    1298. 

  1298. 		}
    1299. 

  1299. 

  1300. 		if(!$medals) {
    1301. 

  1301. 			cpmsg('members_edit_medals_nonexistence', '', 'error');
    1302. 

  1302. 		}
    1303. 

  1303. 

  1304. 		shownav('user', 'nav_members_confermedal');
    1305. 

  1305. 		showsubmenu('nav_members_confermedal');
    1306. 

  1306. 		showformheader("members&operation=medal&uid={$_GET['uid']}");
    1307. 

  1307. 		showtableheader("$lang[members_confermedal_to] <a href='home.php?mod=space&uid={$_GET['uid']}' target='_blank'>$member[username]</a>", 'fixpadding');
    1308. 

  1308. 		showsubtitle(array('medals_grant', 'medals_image', 'name'));
    1309. 

  1309. 		echo $medals;
    1310. 

  1310. 		showsubmit('medalsubmit');
    1311. 

  1311. 		showtablefooter();
    1312. 

  1312. 		showformfooter();
    1313. 

  1313. 

  1314. 	} else {
    1315. 

  1315. 

  1316. 		$medalsdel = $medalsadd = $medalsnew = $origmedalsarray = $medalsarray = array();
    1317. 

  1317. 		if(is_array($_GET['medals'])) {
    1318. 

  1318. 			foreach($_GET['medals'] as $medalid => $newgranted) {
    1319. 

  1319. 				if($newgranted) {
    1320. 

  1320. 					$medalsarray[] = $medalid;
    1321. 

  1321. 				}
    1322. 

  1322. 			}
    1323. 

  1323. 		}
    1324. 

  1324. 		loadcache('medals');
    1325. 

  1325. 		foreach($member['medals'] = explode("\t", $member['medals']) as $key => $modmedalid) {
    1326. 

  1326. 			list($medalid, $medalexpiration) = explode("|", $modmedalid);
    1327. 

  1327. 			if(isset($_G['cache']['medals'][$medalid]) && (!$medalexpiration || $medalexpiration > TIMESTAMP)) {
    1328. 

  1328. 				$origmedalsarray[] = $medalid;
    1329. 

  1329. 			}
    1330. 

  1330. 		}
    1331. 

  1331. 		foreach(array_unique(array_merge($origmedalsarray, $medalsarray)) as $medalid) {
    1332. 

  1332. 			if($medalid) {
    1333. 

  1333. 				$orig = in_array($medalid, $origmedalsarray);
    1334. 

  1334. 				$new = in_array($medalid, $medalsarray);
    1335. 

  1335. 				if($orig != $new) {
    1336. 

  1336. 					if($orig && !$new) {
    1337. 

  1337. 						$medalsdel[] = $medalid;
    1338. 

  1338. 					} elseif(!$orig && $new) {
    1339. 

  1339. 						$medalsadd[] = $medalid;
    1340. 

  1340. 					}
    1341. 

  1341. 				}
    1342. 

  1342. 			}
    1343. 

  1343. 		}
    1344. 

  1344. 		if(!empty($medalsarray)) {
    1345. 

  1345. 			foreach(C::t('forum_medal')->fetch_all_by_id($medalsarray) as $modmedal) {
    1346. 

  1346. 				if(empty($modmedal['expiration'])) {
    1347. 

  1347. 					$medalsnew[] = $modmedal[medalid];
    1348. 

  1348. 					$medalstatus = 0;
    1349. 

  1349. 				} else {
    1350. 

  1350. 					$modmedal['expiration'] = TIMESTAMP + $modmedal['expiration'] * 86400;
    1351. 

  1351. 					$medalsnew[] = $modmedal[medalid].'|'.$modmedal['expiration'];
    1352. 

  1352. 					$medalstatus = 1;
    1353. 

  1353. 				}
    1354. 

  1354. 				if(in_array($modmedal['medalid'], $medalsadd)) {
    1355. 

  1355. 					$data = array(
    1356. 

  1356. 						'uid' => $_GET['uid'],
    1357. 

  1357. 						'medalid' => $modmedal['medalid'],
    1358. 

  1358. 						'type' => 0,
    1359. 

  1359. 						'dateline' => $_G['timestamp'],
    1360. 

  1360. 						'expiration' => $modmedal['expiration'],
    1361. 

  1361. 						'status' => $medalstatus,
    1362. 

  1362. 					);
    1363. 

  1363. 					C::t('forum_medallog')->insert($data);
    1364. 

  1364. 					C::t('common_member_medal')->insert(array('uid' => $_GET['uid'], 'medalid' => $modmedal['medalid']), 0, 1);
    1365. 

  1365. 				}
    1366. 

  1366. 			}
    1367. 

  1367. 		}
    1368. 

  1368. 		if(!empty($medalsdel)) {
    1369. 

  1369. 			C::t('forum_medallog')->update_type_by_uid_medalid(4, $_GET['uid'], $medalsdel);
    1370. 

  1370. 			C::t('common_member_medal')->delete_by_uid_medalid($_GET['uid'], $medalsdel);
    1371. 

  1371. 		}
    1372. 

  1372. 		$medalsnew = implode("\t", $medalsnew);
    1373. 

  1373. 

  1374. 		C::t('common_member_field_forum'.$tableext)->update($_GET['uid'], array('medals' => $medalsnew));
    1375. 

  1375. 

  1376. 		cpmsg('members_edit_medals_succeed', "action=members&operation=medal&uid={$_GET['uid']}", 'succeed');
    1377. 

  1377. 

  1378. 	}
    1379. 

  1379. 

  1380. } elseif($operation == 'ban') {
    1381. 

  1381. 

  1382. 	$membermf = C::t('common_member_field_forum'.$tableext)->fetch($_GET['uid']);
    1383. 

  1383. 	$membergroup = C::t('common_usergroup')->fetch($member['groupid']);
    1384. 

  1384. 	$membergroupfield = C::t('common_usergroup_field')->fetch($member['groupid']);
    1385. 

  1385. 	$member = array_merge($member, $membermf, $membergroup, $membergroupfield);
    1386. 

  1386. 

  1387. 	if(($member['type'] == 'system' && in_array($member['groupid'], array(1, 2, 3, 6, 7, 8))) || $member['type'] == 'special') {
    1388. 

  1388. 		cpmsg('members_edit_illegal', '', 'error', array('grouptitle' => $member['grouptitle'], 'uid' => $member['uid']));
    1389. 

  1389. 	}
    1390. 

  1390. 

  1391. 	if($member['allowadmincp']) {
    1392. 

  1392. 		cpmsg('members_edit_illegal_portal', '', 'error',array('uid' => $member['uid']));
    1393. 

  1393. 	}
    1394. 

  1394. 

  1395. 	$member['groupterms'] = dunserialize($member['groupterms']);
    1396. 

  1396. 	$member['banexpiry'] = !empty($member['groupterms']['main']['time']) && ($member['groupid'] == 4 || $member['groupid'] == 5) ? dgmdate($member['groupterms']['main']['time'], 'Y-n-j') : '';
    1397. 

  1397. 

  1398. 	if(!submitcheck('bansubmit')) {
    1399. 

  1399. 

  1400. 		echo '<script src="static/js/calendar.js" type="text/javascript"></script>';
    1401. 

  1401. 		shownav('user', 'members_ban_user');
    1402. 

  1402. 		showsubmenu($lang['members_ban_user'].($member['username'] ? ' - '.$member['username'] : ''));
    1403. 

  1403. 		showtips('members_ban_tips');
    1404. 

  1404. 		showformheader('members&operation=ban');
    1405. 

  1405. 		showtableheader();
    1406. 

  1406. 		showsetting('members_ban_username', 'username', $member['username'], 'text', null, null, '<input type="button" id="crimebtn" class="btn" style="margin-top:-1px;display:none;" onclick="getcrimerecord();" value="'.$lang['crime_checkrecord'].'" />', 'onkeyup="showcrimebtn(this);" id="banusername"');
    1407. 

  1407. 		if($member) {
    1408. 

  1408. 

  1409. 			showtagheader('tbody', 'member_status', 1);
    1410. 

  1410. 			showtablerow('', 'class="td27" colspan="2"', cplang('members_edit_current_status').'<span class="normal">: '.($member['groupid'] == 4 ? $lang['members_ban_post'] : ($member['groupid'] == 5 ? $lang['members_ban_visit'] : ($member['status'] == -1 ? $lang['members_ban_status'] : $lang['members_ban_none']))).'</span>');
    1411. 

  1411. 

  1412. 			include_once libfile('function/member');
    1413. 

  1413. 			$clist = crime('getactionlist', $member['uid']);
    1414. 

  1414. 

  1415. 			if($clist) {
    1416. 

  1416. 				echo '<tr><td class="td27" colspan="2">'.$lang[members_ban_crime_record].':</td></tr>';
    1417. 

  1417. 				echo '<tr><td colspan="2" style="padding:0 !important;border-top:none;"><table style="width:100%;">';
    1418. 

  1418. 				showtablerow('class="partition"', array('width="15%"', 'width="10%"', 'width="20%"', '', 'width="15%"'), array($lang['crime_user'], $lang['crime_action'], $lang['crime_dateline'], $lang['crime_reason'], $lang['crime_operator']));
    1419. 

  1419. 				foreach($clist as $crime) {
    1420. 

  1420. 					showtablerow('', '', array('<a href="home.php?mod=space&uid='.$member['uid'].'">'.$member['username'], $lang[$crime['action']], date('Y-m-d H:i:s', $crime['dateline']), $crime['reason'], '<a href="home.php?mod=space&uid='.$crime['operatorid'].'" target="_blank">'.$crime['operator'].'</a>'));
    1421. 

  1421. 				}
    1422. 

  1422. 				echo '</table></td></tr>';
    1423. 

  1423. 			}
    1424. 

  1424. 			showtagfooter('tbody');
    1425. 

  1425. 		}
    1426. 

  1426. 		showsetting('members_ban_type', array('bannew', array(
    1427. 

  1427. 			array('', $lang['members_ban_none'], array('validity' => 'none')),
    1428. 

  1428. 			array('post', $lang['members_ban_post'], array('validity' => '')),
    1429. 

  1429. 			array('visit', $lang['members_ban_visit'], array('validity' => '')),
    1430. 

  1430. 			array('status', $lang['members_ban_status'], array('validity' => 'none'))
    1431. 

  1431. 		)), '', 'mradio');
    1432. 

  1432. 		showtagheader('tbody', 'validity', false, 'sub');
    1433. 

  1433. 		showsetting('members_ban_validity', '', '', selectday('banexpirynew', array(0, 1, 3, 5, 7, 14, 30, 60, 90, 180, 365)));
    1434. 

  1434. 		showtagfooter('tbody');
    1435. 

  1435. 		print <<<EOF
    1436. 

  1436. 			<tr>
    1437. 

  1437. 				<td class="td27" colspan="2">$lang[members_ban_clear_content]:</td>
    1438. 

  1438. 			</tr>
    1439. 

  1439. 			<tr>
    1440. 

  1440. 				<td colspan="2">
    1441. 

  1441. 					<ul class="dblist" onmouseover="altStyle(this);">
    1442. 

  1442. 						<li style="width: 100%;"><input type="checkbox" name="chkall" onclick="checkAll('prefix', this.form, 'clear')" class="checkbox">&nbsp;$lang[select_all]</li>
    1443. 

  1443. 						<li style="width: 8%;"><input type="checkbox" value="post" name="clear[post]" class="checkbox">&nbsp;$lang[members_ban_delpost]</li>
    1444. 

  1444. 						<li style="width: 8%;"><input type="checkbox" value="follow" name="clear[follow]" class="checkbox">&nbsp;$lang[members_ban_delfollow]</li>
    1445. 

  1445. 						<li style="width: 8%;"><input type="checkbox" value="postcomment" name="clear[postcomment]" class="checkbox">&nbsp;$lang[members_ban_postcomment]</li>
    1446. 

  1446. 						<li style="width: 8%;"><input type="checkbox" value="doing" name="clear[doing]" class="checkbox">&nbsp;$lang[members_ban_deldoing]</li>
    1447. 

  1447. 						<li style="width: 8%;"><input type="checkbox" value="blog" name="clear[blog]" class="checkbox">&nbsp;$lang[members_ban_delblog]</li>
    1448. 

  1448. 						<li style="width: 8%;"><input type="checkbox" value="album" name="clear[album]" class="checkbox">&nbsp;$lang[members_ban_delalbum]</li>
    1449. 

  1449. 						<li style="width: 8%;"><input type="checkbox" value="share" name="clear[share]" class="checkbox">&nbsp;$lang[members_ban_delshare]</li>
    1450. 

  1450. 						<li style="width: 8%;"><input type="checkbox" value="avatar" name="clear[avatar]" class="checkbox">&nbsp;$lang[members_ban_delavatar]</li>
    1451. 

  1451. 						<li style="width: 8%;"><input type="checkbox" value="comment" name="clear[comment]" class="checkbox">&nbsp;$lang[members_ban_delcomment]</li>
    1452. 

  1452. 					</ul>
    1453. 

  1453. 				</td>
    1454. 

  1454. 			</tr>
    1455. 

  1455. EOF;
    1456. 

  1456. 

  1457. 		showsetting('members_ban_reason', 'reason', '', 'textarea');
    1458. 

  1458. 		showsubmit('bansubmit');
    1459. 

  1459. 		showtablefooter();
    1460. 

  1460. 		showformfooter();
    1461. 

  1461. 		$basescript = ADMINSCRIPT;
    1462. 

  1462. 		print <<<EOF
    1463. 

  1463. 			<script type="text/javascript">
    1464. 

  1464. 				var oldbanusername = '$member[username]';
    1465. 

  1465. 				function showcrimebtn(obj) {
    1466. 

  1466. 					if(oldbanusername == obj.value) {
    1467. 

  1467. 						return;
    1468. 

  1468. 					}
    1469. 

  1469. 					oldbanusername = obj.value;
    1470. 

  1470. 					$('crimebtn').style.display = '';
    1471. 

  1471. 					if($('member_status')) {
    1472. 

  1472. 						$('member_status').style.display = 'none';
    1473. 

  1473. 					}
    1474. 

  1474. 				}
    1475. 

  1475. 				function getcrimerecord() {
    1476. 

  1476. 					if($('banusername').value) {
    1477. 

  1477. 						window.location.href = '$basescript?action=members&operation=ban&username=' + $('banusername').value;
    1478. 

  1478. 					}
    1479. 

  1479. 				}
    1480. 

  1480. 			</script>
    1481. 

  1481. EOF;
    1482. 

  1482. 

  1483. 	} else {
    1484. 

  1484. 

  1485. 		if(empty($member)) {
    1486. 

  1486. 			cpmsg('members_edit_nonexistence');
    1487. 

  1487. 		}
    1488. 

  1488. 

  1489. 		$setarr = array();
    1490. 

  1490. 		$reason = trim($_GET['reason']);
    1491. 

  1491. 		if(!$reason && ($_G['group']['reasonpm'] == 1 || $_G['group']['reasonpm'] == 3)) {
    1492. 

  1492. 			cpmsg('members_edit_reason_invalid', '', 'error');
    1493. 

  1493. 		}
    1494. 

  1494. 		$my_data = array();
    1495. 

  1495. 		$mylogtype = '';
    1496. 

  1496. 		if(in_array($_GET['bannew'], array('post', 'visit', 'status'))) {
    1497. 

  1497. 			$my_data = array('uid' => $member['uid']);
    1498. 

  1498. 			if($_GET['delpost']) {
    1499. 

  1499. 				$my_data['otherid'] = 1;
    1500. 

  1500. 			}
    1501. 

  1501. 			$mylogtype = 'banuser';
    1502. 

  1502. 		} elseif($member['groupid'] == 4 || $member['groupid'] == 5 || $member['status'] == '-1') {
    1503. 

  1503. 			$my_data = array('uid' => $member['uid']);
    1504. 

  1504. 			$mylogtype = 'unbanuser';
    1505. 

  1505. 		}
    1506. 

  1506. 		if($_GET['bannew'] == 'post' || $_GET['bannew'] == 'visit') {
    1507. 

  1507. 			$groupidnew = $_GET['bannew'] == 'post' ? 4 : 5;
    1508. 

  1508. 			$_GET['banexpirynew'] = !empty($_GET['banexpirynew']) ? TIMESTAMP + $_GET['banexpirynew'] * 86400 : 0;
    1509. 

  1509. 			$_GET['banexpirynew'] = $_GET['banexpirynew'] > TIMESTAMP ? $_GET['banexpirynew'] : 0;
    1510. 

  1510. 			if($_GET['banexpirynew']) {
    1511. 

  1511. 				$member['groupterms']['main'] = array('time' => $_GET['banexpirynew'], 'adminid' => $member['adminid'], 'groupid' => $member['groupid']);
    1512. 

  1512. 				$member['groupterms']['ext'][$groupidnew] = $_GET['banexpirynew'];
    1513. 

  1513. 				$setarr['groupexpiry'] = groupexpiry($member['groupterms']);
    1514. 

  1514. 			} else {
    1515. 

  1515. 				$setarr['groupexpiry'] = 0;
    1516. 

  1516. 			}
    1517. 

  1517. 			$adminidnew = -1;
    1518. 

  1518. 			$my_data['expiry'] = groupexpiry($member['groupterms']);
    1519. 

  1519. 			$postcomment_cache_pid = array();
    1520. 

  1520. 			foreach(C::t('forum_postcomment')->fetch_all_by_authorid($member['uid']) as $postcomment) {
    1521. 

  1521. 				$postcomment_cache_pid[$postcomment['pid']] = $postcomment['pid'];
    1522. 

  1522. 			}
    1523. 

  1523. 			C::t('forum_postcomment')->delete_by_authorid($member['uid'], false, true);
    1524. 

  1524. 			if($postcomment_cache_pid) {
    1525. 

  1525. 				C::t('forum_postcache')->delete($postcomment_cache_pid);
    1526. 

  1526. 			}
    1527. 

  1527. 		} elseif($member['groupid'] == 4 || $member['groupid'] == 5) {
    1528. 

  1528. 			if(!empty($member['groupterms']['main']['groupid'])) {
    1529. 

  1529. 				$groupidnew = $member['groupterms']['main']['groupid'];
    1530. 

  1530. 				$adminidnew = $member['groupterms']['main']['adminid'];
    1531. 

  1531. 				unset($member['groupterms']['main']);
    1532. 

  1532. 				unset($member['groupterms']['ext'][$member['groupid']]);
    1533. 

  1533. 				$setarr['groupexpiry'] = groupexpiry($member['groupterms']);
    1534. 

  1534. 			}
    1535. 

  1535. 			$groupnew = C::t('common_usergroup')->fetch_by_credits($member['credits']);
    1536. 

  1536. 			$groupidnew = $groupnew['groupid'];
    1537. 

  1537. 			$adminidnew = 0;
    1538. 

  1538. 		} else {
    1539. 

  1539. 			$update = false;
    1540. 

  1540. 			$groupidnew = $member['groupid'];
    1541. 

  1541. 			$adminidnew = $member['adminid'];
    1542. 

  1542. 			if(in_array('avatar', $_GET['clear'])) {
    1543. 

  1543. 				$setarr['avatarstatus'] = 0;
    1544. 

  1544. 				loaducenter();
    1545. 

  1545. 				uc_user_deleteavatar($member['uid']);
    1546. 

  1546. 			}
    1547. 

  1547. 		}
    1548. 

  1548. 		if(!empty($my_data) && !empty($mylogtype)) {
    1549. 

  1549. 			$log_handler = Cloud::loadClass('Cloud_Service_SearchHelper');
    1550. 

  1550. 			$log_handler->myThreadLog($mylogtype, $my_data);
    1551. 

  1551. 		}
    1552. 

  1552. 

  1553. 

  1554. 		$setarr['adminid'] = $adminidnew;
    1555. 

  1555. 		$setarr['groupid'] = $groupidnew;
    1556. 

  1556. 		$setarr['status'] = $_GET['bannew'] == 'status' ? -1 : 0;
    1557. 

  1557. 		C::t('common_member'.$tableext)->update($member['uid'], $setarr);
    1558. 

  1558. 

  1559. 		if($_G['group']['allowbanuser'] && (DB::affected_rows())) {
    1560. 

  1560. 			banlog($member['username'], $member['groupid'], $groupidnew, $_GET['banexpirynew'], $reason, $_GET['bannew'] == 'status' ? -1 : 0);
    1561. 

  1561. 		}
    1562. 

  1562. 

  1563. 		C::t('common_member_field_forum'.$tableext)->update($member['uid'],array('groupterms' => ($member['groupterms'] ? serialize($member['groupterms']) : '')));
    1564. 

  1564. 

  1565. 		$crimeaction = $noticekey = '';
    1566. 

  1566. 		include_once libfile('function/member');
    1567. 

  1567. 		if($_GET['bannew'] == 'post') {
    1568. 

  1568. 			$crimeaction = 'crime_banspeak';
    1569. 

  1569. 			$noticekey = 'member_ban_speak';
    1570. 

  1570. 			$from_idtype = 'banspeak';
    1571. 

  1571. 		} elseif($_GET['bannew'] == 'visit') {
    1572. 

  1572. 			$crimeaction = 'crime_banvisit';
    1573. 

  1573. 			$noticekey = 'member_ban_visit';
    1574. 

  1574. 			$from_idtype = 'banvisit';
    1575. 

  1575. 		} elseif($_GET['bannew'] == 'status') {
    1576. 

  1576. 			$crimeaction = 'crime_banstatus';
    1577. 

  1577. 			$noticekey = 'member_ban_status';
    1578. 

  1578. 			$from_idtype = 'banstatus';
    1579. 

  1579. 		}
    1580. 

  1580. 		if($crimeaction) {
    1581. 

  1581. 			crime('recordaction', $member['uid'], $crimeaction, lang('forum/misc', 'crime_reason', array('reason' => $reason)));
    1582. 

  1582. 		}
    1583. 

  1583. 		if($noticekey) {
    1584. 

  1584. 			$notearr = array(
    1585. 

  1585. 				'user' => "<a href=\"home.php?mod=space&uid=$_G[uid]\">$_G[username]</a>",
    1586. 

  1586. 				'day' => intval($_POST['banexpirynew']),
    1587. 

  1587. 				'reason' => $reason,
    1588. 

  1588. 				'from_id' => 0,
    1589. 

  1589. 				'from_idtype' => $from_idtype
    1590. 

  1590. 			);
    1591. 

  1591. 			notification_add($member['uid'], 'system', $noticekey, $notearr, 1);
    1592. 

  1592. 		}
    1593. 

  1593. 

  1594. 		if($_G['adminid'] == 1 && !empty($_GET['clear']) && is_array($_GET['clear'])) {
    1595. 

  1595. 			require_once libfile('function/delete');
    1596. 

  1596. 			$membercount = array();
    1597. 

  1597. 			if(in_array('post', $_GET['clear'])) {
    1598. 

  1598. 				if($member['uid']) {
    1599. 

  1599. 					require_once libfile('function/post');
    1600. 

  1600. 

  1601. 					$tidsdelete = array();
    1602. 

  1602. 					loadcache('posttableids');
    1603. 

  1603. 					$posttables = empty($_G['cache']['posttableids']) ? array(0) : $_G['cache']['posttableids'];
    1604. 

  1604. 					foreach($posttables as $posttableid) {
    1605. 

  1605. 						$pidsthread = $pidsdelete = array();
    1606. 

  1606. 						$postlist = C::t('forum_post')->fetch_all_by_authorid($posttableid, $member['uid'], false);
    1607. 

  1607. 						if($postlist) {
    1608. 

  1608. 							foreach($postlist as $post) {
    1609. 

  1609. 								$prune['forums'][] = $post['fid'];
    1610. 

  1610. 								$prune['thread'][$post['tid']]++;
    1611. 

  1611. 								if($post['first']) {
    1612. 

  1612. 									$tidsdelete[] = $post['tid'];
    1613. 

  1613. 								}
    1614. 

  1614. 								$pidsdelete[] = $post['pid'];
    1615. 

  1615. 								$pidsthread[$post['pid']] = $post['tid'];
    1616. 

  1616. 							}
    1617. 

  1617. 							foreach($pidsdelete as $key=>$pid) {
    1618. 

  1618. 								if(in_array($pidsthread[$pid], $tidsdelete)) {
    1619. 

  1619. 									unset($pidsdelete[$key]);
    1620. 

  1620. 									unset($prune['thread'][$pidsthread[$pid]]);
    1621. 

  1621. 									updatemodlog($pidsthread[$pid], 'DEL');
    1622. 

  1622. 								} else {
    1623. 

  1623. 									updatemodlog($pidsthread[$pid], 'DLP');
    1624. 

  1624. 								}
    1625. 

  1625. 							}
    1626. 

  1626. 						}
    1627. 

  1627. 						deletepost($pidsdelete, 'pid', false, $posttableid, true);
    1628. 

  1628. 					}
    1629. 

  1629. 					unset($postlist);
    1630. 

  1630. 					if($tidsdelete) {
    1631. 

  1631. 						deletethread($tidsdelete, true, true, true);
    1632. 

  1632. 					}
    1633. 

  1633. 					if(!empty($prune)) {
    1634. 

  1634. 						foreach($prune['thread'] as $tid => $decrease) {
    1635. 

  1635. 							updatethreadcount($tid);
    1636. 

  1636. 						}
    1637. 

  1637. 						foreach(array_unique($prune['forums']) as $fid) {
    1638. 

  1638. 						}
    1639. 

  1639. 					}
    1640. 

  1640. 

  1641. 					if($_G['setting']['globalstick']) {
    1642. 

  1642. 						updatecache('globalstick');
    1643. 

  1643. 					}
    1644. 

  1644. 				}
    1645. 

  1645. 				$membercount['posts'] = 0;
    1646. 

  1646. 				$membercount['threads'] = 0;
    1647. 

  1647. 			}
    1648. 

  1648. 			if(in_array('follow', $_GET['clear'])) {
    1649. 

  1649. 				C::t('home_follow_feed')->delete_by_uid($member['uid']);
    1650. 

  1650. 				$membercount['feeds'] = 0;
    1651. 

  1651. 			}
    1652. 

  1652. 			if(in_array('blog', $_GET['clear'])) {
    1653. 

  1653. 				$blogids = array();
    1654. 

  1654. 				$query = C::t('home_blog')->fetch_blogid_by_uid($member['uid']);
    1655. 

  1655. 				foreach($query as $value) {
    1656. 

  1656. 					$blogids[] = $value['blogid'];
    1657. 

  1657. 				}
    1658. 

  1658. 				if(!empty($blogids)) {
    1659. 

  1659. 					C::t('common_moderate')->delete($blogids, 'blogid');
    1660. 

  1660. 				}
    1661. 

  1661. 				C::t('home_blog')->delete_by_uid($member['uid']);
    1662. 

  1662. 				C::t('home_blogfield')->delete_by_uid($member['uid']);
    1663. 

  1663. 				C::t('home_feed')->delete_by_uid_idtype($member['uid'], 'blogid');
    1664. 

  1664. 

  1665. 				$membercount['blogs'] = 0;
    1666. 

  1666. 			}
    1667. 

  1667. 			if(in_array('album', $_GET['clear'])) {
    1668. 

  1668. 				C::t('home_album')->delete_by_uid($member['uid']);
    1669. 

  1669. 				$picids = array();
    1670. 

  1670. 				$query = C::t('home_pic')->fetch_all_by_uid($member['uid']);
    1671. 

  1671. 				foreach($query as $value) {
    1672. 

  1672. 					$picids[] = $value['picid'];
    1673. 

  1673. 					deletepicfiles($value);
    1674. 

  1674. 				}
    1675. 

  1675. 				if(!empty($picids)) {
    1676. 

  1676. 					C::t('common_moderate')->delete($picids, 'picid');
    1677. 

  1677. 				}
    1678. 

  1678. 				C::t('home_pic')->delete_by_uid($member['uid']);
    1679. 

  1679. 				C::t('home_feed')->delete_by_uid_idtype($member['uid'], 'albumid');
    1680. 

  1680. 

  1681. 				$membercount['albums'] = 0;
    1682. 

  1682. 			}
    1683. 

  1683. 			if(in_array('share', $_GET['clear'])) {
    1684. 

  1684. 				$shareids = array();
    1685. 

  1685. 				foreach(C::t('home_share')->fetch_all_by_uid($member['uid']) as $value) {
    1686. 

  1686. 					$shareids[] = $value['sid'];
    1687. 

  1687. 				}
    1688. 

  1688. 				if(!empty($shareids)) {
    1689. 

  1689. 					C::t('common_moderate')->delete($shareids, 'sid');
    1690. 

  1690. 				}
    1691. 

  1691. 				C::t('home_share')->delete_by_uid($member['uid']);
    1692. 

  1692. 				C::t('home_feed')->delete_by_uid_idtype($member['uid'], 'sid');
    1693. 

  1693. 

  1694. 				$membercount['sharings'] = 0;
    1695. 

  1695. 			}
    1696. 

  1696. 

  1697. 			if(in_array('doing', $_GET['clear'])) {
    1698. 

  1698. 				$doids = array();
    1699. 

  1699. 				$query = C::t('home_doing')->fetch_all_by_uid_doid(array($member['uid']));
    1700. 

  1700. 				foreach ($query as $value) {
    1701. 

  1701. 					$doids[$value['doid']] = $value['doid'];
    1702. 

  1702. 				}
    1703. 

  1703. 				if(!empty($doids)) {
    1704. 

  1704. 					C::t('common_moderate')->delete($doids, 'doid');
    1705. 

  1705. 				}
    1706. 

  1706. 				C::t('home_doing')->delete_by_uid($member['uid']);
    1707. 

  1707. 				C::t('common_member_field_home')->update($member['uid'], array('recentnote' => '', 'spacenote' => ''));
    1708. 

  1708. 

  1709. 				C::t('home_docomment')->delete_by_doid_uid(($doids ? $doids : null), $member['uid']);
    1710. 

  1710. 				C::t('home_feed')->delete_by_uid_idtype($member['uid'], 'doid');
    1711. 

  1711. 

  1712. 				$membercount['doings'] = 0;
    1713. 

  1713. 			}
    1714. 

  1714. 			if(in_array('comment', $_GET['clear'])) {
    1715. 

  1715. 				$delcids = array();
    1716. 

  1716. 				$query = C::t('home_comment')->fetch_all_by_uid($member['uid'], 0, 1);
    1717. 

  1717. 				foreach($query as $value) {
    1718. 

  1718. 					$key = $value['idtype'].'_cid';
    1719. 

  1719. 					$delcids[$key] = $value['cid'];
    1720. 

  1720. 				}
    1721. 

  1721. 				if(!empty($delcids)) {
    1722. 

  1722. 					foreach($delcids as $key => $ids) {
    1723. 

  1723. 						C::t('common_moderate')->delete($ids, $key);
    1724. 

  1724. 					}
    1725. 

  1725. 				}
    1726. 

  1726. 				C::t('home_comment')->delete_by_uid($member['uid']);
    1727. 

  1727. 			}
    1728. 

  1728. 			if(in_array('postcomment', $_GET['clear'])) {
    1729. 

  1729. 				$postcomment_cache_pid = array();
    1730. 

  1730. 				foreach(C::t('forum_postcomment')->fetch_all_by_authorid($member['uid']) as $postcomment) {
    1731. 

  1731. 					$postcomment_cache_pid[$postcomment['pid']] = $postcomment['pid'];
    1732. 

  1732. 				}
    1733. 

  1733. 				C::t('forum_postcomment')->delete_by_authorid($member['uid']);
    1734. 

  1734. 				if($postcomment_cache_pid) {
    1735. 

  1735. 					C::t('forum_postcache')->delete($postcomment_cache_pid);
    1736. 

  1736. 				}
    1737. 

  1737. 			}
    1738. 

  1738. 

  1739. 			if($membercount) {
    1740. 

  1740. 				DB::update('common_member_count'.$tableext, $membercount, "uid='$member[uid]'");
    1741. 

  1741. 			}
    1742. 

  1742. 

  1743. 		}
    1744. 

  1744. 

  1745. 		cpmsg('members_edit_succeed', 'action=members&operation=ban&uid='.$member['uid'], 'succeed');
    1746. 

  1746. 

  1747. 	}
    1748. 

  1748. 

  1749. } elseif($operation == 'access') {
    1750. 

  1750. 

  1751. 	require_once libfile('function/forumlist');
    1752. 

  1752. 	$forumlist = '<SELECT name="addfid">'.forumselect(FALSE, 0, 0, TRUE).'</select>';
    1753. 

  1753. 

  1754. 	loadcache('forums');
    1755. 

  1755. 

  1756. 	if(!submitcheck('accesssubmit')) {
    1757. 

  1757. 

  1758. 		shownav('user', 'members_access_edit');
    1759. 

  1759. 		showsubmenu('members_access_edit');
    1760. 

  1760. 		showtips('members_access_tips');
    1761. 

  1761. 		showtableheader(cplang('members_access_now').' - '.$member['username'], 'nobottom fixpadding');
    1762. 

  1762. 		showsubtitle(array('forum', 'members_access_view', 'members_access_post', 'members_access_reply', 'members_access_getattach', 'members_access_getimage', 'members_access_postattach', 'members_access_postimage', 'members_access_adminuser', 'members_access_dateline'));
    1763. 

  1763. 

  1764. 

  1765. 		$accessmasks = C::t('forum_access')->fetch_all_by_uid($_GET['uid']);
    1766. 

  1766. 		$adminuser = C::t('common_member'.$tableext)->fetch($_GET['uid']);
    1767. 

  1767. 		foreach ($accessmasks as $id => $access) {
    1768. 

  1768. 			$access['dateline'] = $access['dateline'] ? dgmdate($access['dateline']) : '';
    1769. 

  1769. 			$forum = $_G['cache']['forums'][$id];
    1770. 

  1770. 			showtablerow('', '', array(
    1771. 

  1771. 					($forum['type'] == 'forum' ? '' : '|-----')."&nbsp;<a href=\"".ADMINSCRIPT."?action=forums&operation=edit&fid=$forum[fid]&anchor=perm\">$forum[name]</a>",
    1772. 

  1772. 					accessimg($access['allowview']),
    1773. 

  1773. 					accessimg($access['allowpost']),
    1774. 

  1774. 					accessimg($access['allowreply']),
    1775. 

  1775. 					accessimg($access['allowgetattach']),
    1776. 

  1776. 					accessimg($access['allowgetimage']),
    1777. 

  1777. 					accessimg($access['allowpostattach']),
    1778. 

  1778. 					accessimg($access['allowpostimage']),
    1779. 

  1779. 					$adminuser['username'],
    1780. 

  1780. 					$access['dateline'],
    1781. 

  1781. 			));
    1782. 

  1782. 		}
    1783. 

  1783. 

  1784. 		if(empty($accessmasks)) {
    1785. 

  1785. 			showtablerow('', '', array(
    1786. 

  1786. 					'-',
    1787. 

  1787. 					'-',
    1788. 

  1788. 					'-',
    1789. 

  1789. 					'-',
    1790. 

  1790. 					'-',
    1791. 

  1791. 					'-',
    1792. 

  1792. 					'-',
    1793. 

  1793. 					'-',
    1794. 

  1794. 					'-',
    1795. 

  1795. 					'-',
    1796. 

  1796. 			));
    1797. 

  1797. 		}
    1798. 

  1798. 

  1799. 		showtablefooter();
    1800. 

  1800. 		showformheader("members&operation=access&uid={$_GET['uid']}");
    1801. 

  1801. 		showtableheader(cplang('members_access_add'), 'notop fixpadding');
    1802. 

  1802. 		showsetting('members_access_add_forum', '', '', $forumlist);
    1803. 

  1803. 		foreach(array('view', 'post', 'reply', 'getattach', 'getimage', 'postattach', 'postimage') as $perm) {
    1804. 

  1804. 			showsetting('members_access_add_'.$perm, array('allow'.$perm.'new', array(
    1805. 

  1805. 				array(0, cplang('default')),
    1806. 

  1806. 				array(1, cplang('members_access_allowed')),
    1807. 

  1807. 				array(-1, cplang('members_access_disallowed')),
    1808. 

  1808. 			), TRUE), 0, 'mradio');
    1809. 

  1809. 		}
    1810. 

  1810. 		showsubmit('accesssubmit', 'submit');
    1811. 

  1811. 		showtablefooter();
    1812. 

  1812. 		showformfooter();
    1813. 

  1813. 

  1814. 	} else {
    1815. 

  1815. 

  1816. 		$addfid = intval($_GET['addfid']);
    1817. 

  1817. 		if($addfid && $_G['cache']['forums'][$addfid]) {
    1818. 

  1818. 			$allowviewnew = !$_GET['allowviewnew'] ? 0 : ($_GET['allowviewnew'] > 0 ? 1 : -1);
    1819. 

  1819. 			$allowpostnew = !$_GET['allowpostnew'] ? 0 : ($_GET['allowpostnew'] > 0 ? 1 : -1);
    1820. 

  1820. 			$allowreplynew = !$_GET['allowreplynew'] ? 0 : ($_GET['allowreplynew'] > 0 ? 1 : -1);
    1821. 

  1821. 			$allowgetattachnew = !$_GET['allowgetattachnew'] ? 0 : ($_GET['allowgetattachnew'] > 0 ? 1 : -1);
    1822. 

  1822. 			$allowgetimagenew = !$_GET['allowgetimagenew'] ? 0 : ($_GET['allowgetimagenew'] > 0 ? 1 : -1);
    1823. 

  1823. 			$allowpostattachnew = !$_GET['allowpostattachnew'] ? 0 : ($_GET['allowpostattachnew'] > 0 ? 1 : -1);
    1824. 

  1824. 			$allowpostimagenew = !$_GET['allowpostimagenew'] ? 0 : ($_GET['allowpostimagenew'] > 0 ? 1 : -1);
    1825. 

  1825. 

  1826. 			if($allowviewnew == -1) {
    1827. 

  1827. 				$allowpostnew = $allowreplynew = $allowgetattachnew = $allowgetimagenew = $allowpostattachnew = $allowpostimagenew = -1;
    1828. 

  1828. 			} elseif($allowpostnew == 1 || $allowreplynew == 1 || $allowgetattachnew == 1 || $allowgetimagenew == 1 || $allowpostattachnew == 1 || $allowpostimagenew == 1) {
    1829. 

  1829. 				$allowviewnew = 1;
    1830. 

  1830. 			}
    1831. 

  1831. 

  1832. 			if(!$allowviewnew && !$allowpostnew && !$allowreplynew && !$allowgetattachnew && !$allowgetimagenew && !$allowpostattachnew && !$allowpostimagenew) {
    1833. 

  1833. 				C::t('forum_access')->delete_by_fid($addfid, $_GET['uid']);
    1834. 

  1834. 				if(!C::t('forum_access')->count_by_uid($_GET['uid'])) {
    1835. 

  1835. 					C::t('common_member'.$tableext)->update($_GET['uid'], array('accessmasks'=>0));
    1836. 

  1836. 				}
    1837. 

  1837. 			} else {
    1838. 

  1838. 				$data = array('uid' => $_GET['uid'], 'fid' => $addfid, 'allowview' => $allowviewnew, 'allowpost' => $allowpostnew, 'allowreply' => $allowreplynew, 'allowgetattach' => $allowgetattachnew, 'allowgetimage' => $allowgetimagenew, 'allowpostattach' => $allowpostattachnew, 'allowpostimage' => $allowpostimagenew, 'adminuser' => $_G['uid'], 'dateline' => $_G['timestamp']);
    1839. 

  1839. 				C::t('forum_access')->insert($data, 0, 1);
    1840. 

  1840. 				C::t('common_member'.$tableext)->update($_GET['uid'], array('accessmasks'=>1));
    1841. 

  1841. 			}
    1842. 

  1842. 			updatecache('forums');
    1843. 

  1843. 

  1844. 		}
    1845. 

  1845. 		cpmsg('members_access_succeed', 'action=members&operation=access&uid='.$_GET['uid'], 'succeed');
    1846. 

  1846. 

  1847. 	}
    1848. 

  1848. 

  1849. } elseif($operation == 'edit') {
    1850. 

  1850. 

  1851. 	$uid = $member['uid'];
    1852. 

  1852. 	if(!empty($_G['setting']['connect']['allow']) && $do == 'bindlog') {
    1853. 

  1853. 		$member = array_merge($member, C::t('#qqconnect#common_member_connect')->fetch($uid));
    1854. 

  1854. 		showsubmenu("$lang[members_edit] - $member[username]", array(
    1855. 

  1855. 			array('connect_member_info', 'members&operation=edit&uid='.$uid,  0),
    1856. 

  1856. 			array('connect_member_bindlog', 'members&operation=edit&do=bindlog&uid='.$uid,  1),
    1857. 

  1857. 		));
    1858. 

  1858. 		if($member['conopenid']) {
    1859. 

  1859. 			showtableheader();
    1860. 

  1860. 			showtitle('connect_member_bindlog_uin');
    1861. 

  1861. 			showsubtitle(array('connect_member_bindlog_username', 'connect_member_bindlog_date', 'connect_member_bindlog_type'));
    1862. 

  1862. 			$bindlogs = $bindloguids = $usernames = array();
    1863. 

  1863. 			foreach(C::t('#qqconnect#connect_memberbindlog')->fetch_all_by_openids($member['conopenid']) as $bindlog) {
    1864. 

  1864. 				$bindlogs[$bindlog['dateline']] = $bindlog;
    1865. 

  1865. 				$bindloguids[] = $bindlog['uid'];
    1866. 

  1866. 			}
    1867. 

  1867. 			$usernames = C::t('common_member')->fetch_all_username_by_uid($bindloguids);
    1868. 

  1868. 			foreach($bindlogs as $k => $v) {
    1869. 

  1869. 				showtablerow('', array(), array(
    1870. 

  1870. 					$usernames[$v['uid']],
    1871. 

  1871. 					dgmdate($k),
    1872. 

  1872. 					cplang('connect_member_bindlog_type_'.$v['type']),
    1873. 

  1873. 				));
    1874. 

  1874. 			}
    1875. 

  1875. 			showtablefooter();
    1876. 

  1876. 		}
    1877. 

  1877. 

  1878. 		showtableheader();
    1879. 

  1879. 		showtitle('connect_member_bindlog_uid');
    1880. 

  1880. 		showsubtitle(array('connect_member_bindlog_date', 'connect_member_bindlog_type'));
    1881. 

  1881. 		foreach(C::t('#qqconnect#connect_memberbindlog')->fetch_all_by_uids($member['uid']) as $bindlog) {
    1882. 

  1882. 			showtablerow('', array(), array(
    1883. 

  1883. 				dgmdate($bindlog['dateline']),
    1884. 

  1884. 				cplang('connect_member_bindlog_type_'.$bindlog['type']),
    1885. 

  1885. 			));
    1886. 

  1886. 		}
    1887. 

  1887. 		showtablefooter();
    1888. 

  1888. 		exit;
    1889. 

  1889. 	}
    1890. 

  1890. 	$member = array_merge($member, C::t('common_member_field_forum'.$tableext)->fetch($uid),
    1891. 

  1891. 			C::t('common_member_field_home'.$tableext)->fetch($uid),
    1892. 

  1892. 			C::t('common_member_count'.$tableext)->fetch($uid),
    1893. 

  1893. 			C::t('common_member_status'.$tableext)->fetch($uid),
    1894. 

  1894. 			C::t('common_member_profile'.$tableext)->fetch($uid),
    1895. 

  1895. 			C::t('common_usergroup')->fetch($member['groupid']),
    1896. 

  1896. 			C::t('common_usergroup_field')->fetch($member['groupid']));
    1897. 

  1897. 	if(!empty($_G['setting']['connect']['allow'])) {
    1898. 

  1898. 		$member = array_merge($member, C::t('#qqconnect#common_member_connect')->fetch($uid));
    1899. 

  1899. 		$uin = C::t('common_uin_black')->fetch_by_uid($uid);
    1900. 

  1900. 		$member = array_merge($member, array('uinblack'=>$uin['uin']));
    1901. 

  1901. 	}
    1902. 

  1902. 	loadcache(array('profilesetting'));
    1903. 

  1903. 	$fields = array();
    1904. 

  1904. 	foreach($_G['cache']['profilesetting'] as $fieldid=>$field) {
    1905. 

  1905. 		if($field['available']) {
    1906. 

  1906. 			$_G['cache']['profilesetting'][$fieldid]['unchangeable'] = 0;
    1907. 

  1907. 			$fields[$fieldid] = $field['title'];
    1908. 

  1908. 		}
    1909. 

  1909. 	}
    1910. 

  1910. 

  1911. 	if(!submitcheck('editsubmit')) {
    1912. 

  1912. 

  1913. 		require_once libfile('function/editor');
    1914. 

  1914. 

  1915. 		$styleselect = "<select name=\"styleidnew\">\n<option value=\"\">$lang[use_default]</option>";
    1916. 

  1916. 		foreach(C::t('common_style')->fetch_all_data() as $style) {
    1917. 

  1917. 			$styleselect .= "<option value=\"$style[styleid]\" ".($style['styleid'] == $member['styleid'] ? 'selected="selected"' : '').">$style[name]</option>\n";
    1918. 

  1918. 		}
    1919. 

  1919. 		$styleselect .= '</select>';
    1920. 

  1920. 

  1921. 		$tfcheck = array($member['timeformat'] => 'checked');
    1922. 

  1922. 		$gendercheck = array($member['gender'] => 'checked');
    1923. 

  1923. 		$pscheck = array($member['pmsound'] => 'checked');
    1924. 

  1924. 

  1925. 		$member['regdate'] = dgmdate($member['regdate'], 'Y-n-j h:i A');
    1926. 

  1926. 		$member['lastvisit'] = dgmdate($member['lastvisit'], 'Y-n-j h:i A');
    1927. 

  1927. 

  1928. 		$member['bio'] = html2bbcode($member['bio']);
    1929. 

  1929. 		$member['signature'] = html2bbcode($member['sightml']);
    1930. 

  1930. 

  1931. 		shownav('user', 'members_edit');
    1932. 

  1932. 		showsubmenu("$lang[members_edit] - $member[username]", array(
    1933. 

  1933. 			array('connect_member_info', 'members&operation=edit&uid='.$uid,  1),
    1934. 

  1934. 			!empty($_G['setting']['connect']['allow']) ? array('connect_member_bindlog', 'members&operation=edit&do=bindlog&uid='.$uid,  0) : array(),
    1935. 

  1935. 		));
    1936. 

  1936. 		showformheader("members&operation=edit&uid=$uid", 'enctype');
    1937. 

  1937. 		showtableheader();
    1938. 

  1938. 		$status = array($member['status'] => ' checked');
    1939. 

  1939. 		showsetting('members_edit_username', '', '', ($_G['setting']['connect']['allow'] && $member['conisbind'] ? ' <img class="vmiddle" src="static/image/common/connect_qq.gif" />' : '').' '.$member['username']);
    1940. 

  1940. 		showsetting('members_edit_avatar', '', '', ' <img src="'.avatar($uid, 'middle', true, false, true).'?random='.random(2).'" onerror="this.onerror=null;this.src=\''.$_G['setting']['ucenterurl'].'/images/noavatar_middle.gif\'" /><br /><br /><input name="clearavatar" class="checkbox" type="checkbox" value="1" /> '.$lang['members_edit_avatar_clear']);
    1941. 

  1941. 		$hrefext = "&detail=1&users=$member[username]&searchsubmit=1&perpage=50&fromumanage=1";
    1942. 

  1942. 		showsetting('members_edit_statistics', '', '', "<a href=\"".ADMINSCRIPT."?action=prune$hrefext\" class=\"act\">$lang[posts]($member[posts])</a>".
    1943. 

  1943. 				"<a href=\"".ADMINSCRIPT."?action=doing$hrefext\" class=\"act\">$lang[doings]($member[doings])</a>".
    1944. 

  1944. 				"<a href=\"".ADMINSCRIPT."?action=blog$hrefext\" class=\"act\">$lang[blogs]($member[blogs])</a>".
    1945. 

  1945. 				"<a href=\"".ADMINSCRIPT."?action=album$hrefext\" class=\"act\">$lang[albums]($member[albums])</a>".
    1946. 

  1946. 				"<a href=\"".ADMINSCRIPT."?action=share$hrefext\" class=\"act\">$lang[shares]($member[sharings])</a> <br>&nbsp;$lang[setting_styles_viewthread_userinfo_oltime]: $member[oltime]$lang[hourtime]");
    1947. 

  1947. 		showsetting('members_edit_password', 'passwordnew', '', 'text');
    1948. 

  1948. 		if(!empty($_G['setting']['connect']['allow']) && (!empty($member['conopenid']) || !empty($member['uinblack']))) {
    1949. 

  1949. 			if($member['conisbind'] && !$member['conisregister']) {
    1950. 

  1950. 				showsetting('members_edit_unbind', 'connectunbind', 0, 'radio');
    1951. 

  1951. 			}
    1952. 

  1952. 			showsetting('members_edit_uinblack', 'uinblack', $member['uinblack'], 'radio', '', 0, cplang('members_edit_uinblack_comment').($member['conisregister'] ? cplang('members_edit_uinblack_notice') : ''));
    1953. 

  1953. 		}
    1954. 

  1954. 		showsetting('members_edit_clearquestion', 'clearquestion', 0, 'radio');
    1955. 

  1955. 		showsetting('members_edit_status', 'statusnew', $member['status'], 'radio');
    1956. 

  1956. 		showsetting('members_edit_email', 'emailnew', $member['email'], 'text');
    1957. 

  1957. 		showsetting('members_edit_email_emailstatus', 'emailstatusnew', $member['emailstatus'], 'radio');
    1958. 

  1958. 		showsetting('members_edit_posts', 'postsnew', $member['posts'], 'text');
    1959. 

  1959. 		showsetting('members_edit_digestposts', 'digestpostsnew', $member['digestposts'], 'text');
    1960. 

  1960. 		showsetting('members_edit_regip', 'regipnew', $member['regip'], 'text');
    1961. 

  1961. 		showsetting('members_edit_regdate', 'regdatenew', $member['regdate'], 'text');
    1962. 

  1962. 		showsetting('members_edit_lastvisit', 'lastvisitnew', $member['lastvisit'], 'text');
    1963. 

  1963. 		showsetting('members_edit_lastip', 'lastipnew', $member['lastip'], 'text');
    1964. 

  1964. 		showsetting('members_edit_addsize', 'addsizenew', $member['addsize'], 'text');
    1965. 

  1965. 		showsetting('members_edit_addfriend', 'addfriendnew', $member['addfriend'], 'text');
    1966. 

  1966. 

  1967. 		showsetting('members_edit_timeoffset', 'timeoffsetnew', $member['timeoffset'], 'text');
    1968. 

  1968. 		showsetting('members_edit_invisible', 'invisiblenew', $member['invisible'], 'radio');
    1969. 

  1969. 

  1970. 		showtitle('members_edit_option');
    1971. 

  1971. 		showsetting('members_edit_cstatus', 'cstatusnew', $member['customstatus'], 'text');
    1972. 

  1972. 		showsetting('members_edit_signature', 'signaturenew', $member['signature'], 'textarea');
    1973. 

  1973. 

  1974. 		if($fields) {
    1975. 

  1975. 			showtitle('members_profile');
    1976. 

  1976. 			include_once libfile('function/profile');
    1977. 

  1977. 			foreach($fields as $fieldid=>$fieldtitle) {
    1978. 

  1978. 				$html = profile_setting($fieldid, $member);
    1979. 

  1979. 				if($html) {
    1980. 

  1980. 					showsetting($fieldtitle, '', '', $html);
    1981. 

  1981. 				}
    1982. 

  1982. 			}
    1983. 

  1983. 		}
    1984. 

  1984. 

  1985. 		showsubmit('editsubmit');
    1986. 

  1986. 		showtablefooter();
    1987. 

  1987. 		showformfooter();
    1988. 

  1988. 

  1989. 	} else {
    1990. 

  1990. 

  1991. 		loaducenter();
    1992. 

  1992. 		require_once libfile('function/discuzcode');
    1993. 

  1993. 

  1994. 		$questionid = $_GET['clearquestion'] ? 0 : '';
    1995. 

  1995. 		$ucresult = uc_user_edit(addslashes($member['username']), $_GET['passwordnew'], $_GET['passwordnew'], addslashes(strtolower(trim($_GET['emailnew']))), 1, $questionid);
    1996. 

  1996. 		if($ucresult < 0) {
    1997. 

  1997. 			if($ucresult == -4) {
    1998. 

  1998. 				cpmsg('members_email_illegal', '', 'error');
    1999. 

  1999. 			} elseif($ucresult == -5) {
    2000. 

  2000. 				cpmsg('members_email_domain_illegal', '', 'error');
    2001. 

  2001. 			} elseif($ucresult == -6) {
    2002. 

  2002. 				cpmsg('members_email_duplicate', '', 'error');
    2003. 

  2003. 			}
    2004. 

  2004. 		}
    2005. 

  2005. 

  2006. 		if($_GET['clearavatar']) {
    2007. 

  2007. 			C::t('common_member'.$tableext)->update($_GET['uid'], array('avatarstatus'=>0));
    2008. 

  2008. 			uc_user_deleteavatar($uid);
    2009. 

  2009. 		}
    2010. 

  2010. 

  2011. 		$creditsnew = intval($creditsnew);
    2012. 

  2012. 

  2013. 		$regdatenew = strtotime($_GET['regdatenew']);
    2014. 

  2014. 		$lastvisitnew = strtotime($_GET['lastvisitnew']);
    2015. 

  2015. 

  2016. 		$secquesadd = $_GET['clearquestion'] ? ", secques=''" : '';
    2017. 

  2017. 

  2018. 		$signaturenew = censor($_GET['signaturenew']);
    2019. 

  2019. 		$sigstatusnew = $signaturenew ? 1 : 0;
    2020. 

  2020. 		$sightmlnew = discuzcode($signaturenew, 1, 0, 0, 0, ($member['allowsigbbcode'] ? ($member['allowcusbbcode'] ? 2 : 1) : 0), $member['allowsigimgcode'], 0);
    2021. 

  2021. 

  2022. 		$oltimenew = round($_GET['totalnew'] / 60);
    2023. 

  2023. 

  2024. 		$fieldadd = '';
    2025. 

  2025. 		$fieldarr = array();
    2026. 

  2026. 		include_once libfile('function/profile');
    2027. 

  2027. 		foreach($_POST as $field_key=>$field_val) {
    2028. 

  2028. 			if(isset($fields[$field_key]) && (profile_check($field_key, $field_val) || $_G['adminid'] == 1)) {
    2029. 

  2029. 				$fieldarr[$field_key] = $field_val;
    2030. 

  2030. 			}
    2031. 

  2031. 		}
    2032. 

  2032. 		if($_GET['deletefile'] && is_array($_GET['deletefile'])) {
    2033. 

  2033. 			foreach($_GET['deletefile'] as $key => $value) {
    2034. 

  2034. 				if(isset($fields[$key])) {
    2035. 

  2035. 					@unlink(getglobal('setting/attachdir').'./profile/'.$member[$key]);
    2036. 

  2036. 					$fieldarr[$key] = '';
    2037. 

  2037. 				}
    2038. 

  2038. 			}
    2039. 

  2039. 

  2040. 		}
    2041. 

  2041. 		if($_FILES) {
    2042. 

  2042. 			$upload = new discuz_upload();
    2043. 

  2043. 

  2044. 			foreach($_FILES as $key => $file) {
    2045. 

  2045. 				if(isset($fields[$key])) {
    2046. 

  2046. 					$upload->init($file, 'profile');
    2047. 

  2047. 					$attach = $upload->attach;
    2048. 

  2048. 

  2049. 					if(!$upload->error()) {
    2050. 

  2050. 						$upload->save();
    2051. 

  2051. 

  2052. 						if(!$upload->get_image_info($attach['target'])) {
    2053. 

  2053. 							@unlink($attach['target']);
    2054. 

  2054. 							continue;
    2055. 

  2055. 						}
    2056. 

  2056. 						$attach['attachment'] = dhtmlspecialchars(trim($attach['attachment']));
    2057. 

  2057. 						@unlink(getglobal('setting/attachdir').'./profile/'.$member[$key]);
    2058. 

  2058. 						$fieldarr[$key] = $attach['attachment'];
    2059. 

  2059. 					}
    2060. 

  2060. 				}
    2061. 

  2061. 			}
    2062. 

  2062. 		}
    2063. 

  2063. 

  2064. 		$memberupdate = array();
    2065. 

  2065. 		if($ucresult >= 0) {
    2066. 

  2066. 			$memberupdate['email'] = strtolower(trim($_GET['emailnew']));
    2067. 

  2067. 		}
    2068. 

  2068. 		if($ucresult >= 0 && !empty($_GET['passwordnew'])) {
    2069. 

  2069. 			$memberupdate['password'] = md5(random(10));
    2070. 

  2070. 		}
    2071. 

  2071. 		$addsize = intval($_GET['addsizenew']);
    2072. 

  2072. 		$addfriend = intval($_GET['addfriendnew']);
    2073. 

  2073. 		$status = intval($_GET['statusnew']) ? -1 : 0;
    2074. 

  2074. 		$emailstatusnew = intval($_GET['emailstatusnew']);
    2075. 

  2075. 		if(!empty($_G['setting']['connect']['allow'])) {
    2076. 

  2076. 			if($member['uinblack'] && empty($_GET['uinblack'])) {
    2077. 

  2077. 				C::t('common_uin_black')->delete($member['uinblack']);
    2078. 

  2078. 				updatecache('connect_blacklist');
    2079. 

  2079. 			} elseif(!$member['uinblack'] && !empty($_GET['uinblack'])) {
    2080. 

  2080. 				connectunbind($member);
    2081. 

  2081. 				C::t('common_uin_black')->insert(array('uin' => $member['conopenid'], 'uid' => $uid, 'dateline' => TIMESTAMP), false, true);
    2082. 

  2082. 				updatecache('connect_blacklist');
    2083. 

  2083. 			}
    2084. 

  2084. 			if($member['conisbind'] && !$member['conisregister'] && !empty($_GET['connectunbind'])) {
    2085. 

  2085. 				connectunbind($member);
    2086. 

  2086. 			}
    2087. 

  2087. 		}
    2088. 

  2088. 		$memberupdate = array_merge($memberupdate, array('regdate'=>$regdatenew, 'emailstatus'=>$emailstatusnew, 'status'=>$status, 'timeoffset'=>$_GET['timeoffsetnew']));
    2089. 

  2089. 		C::t('common_member'.$tableext)->update($uid, $memberupdate);
    2090. 

  2090. 		C::t('common_member_field_home'.$tableext)->update($uid, array('addsize' => $addsize, 'addfriend' => $addfriend));
    2091. 

  2091. 		C::t('common_member_count'.$tableext)->update($uid, array('posts' => $_GET['postsnew'], 'digestposts' => $_GET['digestpostsnew']));
    2092. 

  2092. 		C::t('common_member_status'.$tableext)->update($uid, array('regip' => $_GET['regipnew'], 'lastvisit' => $lastvisitnew, 'lastip' => $_GET['lastipnew'], 'invisible' => $_GET['invisiblenew']));
    2093. 

  2093. 		C::t('common_member_field_forum'.$tableext)->update($uid, array('customstatus' => $_GET['cstatusnew'], 'sightml' => $sightmlnew));
    2094. 

  2094. 		if(!empty($fieldarr)) {
    2095. 

  2095. 			C::t('common_member_profile'.$tableext)->update($uid, $fieldarr);
    2096. 

  2096. 		}
    2097. 

  2097. 

  2098. 

  2099. 		manyoulog('user', $uid, 'update');
    2100. 

  2100. 		cpmsg('members_edit_succeed', 'action=members&operation=edit&uid='.$uid, 'succeed');
    2101. 

  2101. 

  2102. 	}
    2103. 

  2103. 

  2104. } elseif($operation == 'ipban') {
    2105. 

  2105. 

  2106. 	if(!submitcheck('ipbansubmit')) {
    2107. 

  2107. 

  2108. 		require_once libfile('function/misc');
    2109. 

  2109. 

  2110. 		$iptoban = explode('.', getgpc('ip'));
    2111. 

  2111. 

  2112. 		$ipbanned = '';
    2113. 

  2113. 		foreach(C::t('common_banned')->fetch_all_order_dateline() as $banned) {
    2114. 

  2114. 			for($i = 1; $i <= 4; $i++) {
    2115. 

  2115. 				if($banned["ip$i"] == -1) {
    2116. 

  2116. 					$banned["ip$i"] = '*';
    2117. 

  2117. 				}
    2118. 

  2118. 			}
    2119. 

  2119. 			$disabled = $_G['adminid'] != 1 && $banned['admin'] != $_G['member']['username'] ? 'disabled' : '';
    2120. 

  2120. 			$banned['dateline'] = dgmdate($banned['dateline'], 'Y-m-d');
    2121. 

  2121. 			$banned['expiration'] = dgmdate($banned['expiration'], 'Y-m-d');
    2122. 

  2122. 			$theip = "$banned[ip1].$banned[ip2].$banned[ip3].$banned[ip4]";
    2123. 

  2123. 			$ipbanned .= showtablerow('', array('class="td25"'), array(
    2124. 

  2124. 				"<input class=\"checkbox\" type=\"checkbox\" name=\"delete[$banned[id]]\" value=\"$banned[id]\" $disabled />",
    2125. 

  2125. 				$theip,
    2126. 

  2126. 				convertip($theip, "./"),
    2127. 

  2127. 				$banned[admin],
    2128. 

  2128. 				$banned[dateline],
    2129. 

  2129. 				"<input type=\"text\" class=\"txt\" size=\"10\" name=\"expirationnew[$banned[id]]\" value=\"$banned[expiration]\" $disabled />"
    2130. 

  2130. 			), TRUE);
    2131. 

  2131. 		}
    2132. 

  2132. 		shownav('user', 'nav_members_ipban');
    2133. 

  2133. 		showsubmenu('nav_members_ipban');
    2134. 

  2134. 		showtips('members_ipban_tips');
    2135. 

  2135. 		showformheader('members&operation=ipban');
    2136. 

  2136. 		showtableheader();
    2137. 

  2137. 		showsubtitle(array('', 'ip', 'members_ipban_location', 'operator', 'start_time', 'end_time'));
    2138. 

  2138. 		echo $ipbanned;
    2139. 

  2139. 		showtablerow('', array('', 'class="td28" colspan="3"', 'class="td28" colspan="2"'), array(
    2140. 

  2140. 			$lang['add_new'],
    2141. 

  2141. 			'<input type="text" class="txt" name="ip1new" value="'.$iptoban[0].'" size="3" maxlength="3">.<input type="text" class="txt" name="ip2new" value="'.$iptoban[1].'" size="3" maxlength="3">.<input type="text" class="txt" name="ip3new" value="'.$iptoban[2].'" size="3" maxlength="3">.<input type="text" class="txt" name="ip4new" value="'.$iptoban[3].'" size="3" maxlength="3">',
    2142. 

  2142. 			$lang['validity'].': <input type="text" class="txt" name="validitynew" value="30" size="3"> '.$lang['days']
    2143. 

  2143. 		));
    2144. 

  2144. 		showsubmit('ipbansubmit', 'submit', 'del');
    2145. 

  2145. 		showtablefooter();
    2146. 

  2146. 		showformfooter();
    2147. 

  2147. 

  2148. 	} else {
    2149. 

  2149. 

  2150. 		if(!empty($_GET['delete'])) {
    2151. 

  2151. 			C::t('common_banned')->delete_by_id($_GET['delete'], $_G['adminid'], $_G['username']);
    2152. 

  2152. 		}
    2153. 

  2153. 

  2154. 		if($_GET['ip1new'] != '' && $_GET['ip2new'] != '' && $_GET['ip3new'] != '' && $_GET['ip4new'] != '') {
    2155. 

  2155. 			$own = 0;
    2156. 

  2156. 			$ip = explode('.', $_G['clientip']);
    2157. 

  2157. 			for($i = 1; $i <= 4; $i++) {
    2158. 

  2158. 				if(!is_numeric($_GET['ip'.$i.'new']) || $_GET['ip'.$i.'new'] < 0) {
    2159. 

  2159. 					if($_G['adminid'] != 1) {
    2160. 

  2160. 						cpmsg('members_ipban_nopermission', '', 'error');
    2161. 

  2161. 					}
    2162. 

  2162. 					$_GET['ip'.$i.'new'] = -1;
    2163. 

  2163. 					$own++;
    2164. 

  2164. 				} elseif($_GET['ip'.$i.'new'] == $ip[$i - 1]) {
    2165. 

  2165. 					$own++;
    2166. 

  2166. 				}
    2167. 

  2167. 				$_GET['ip'.$i.'new'] = intval($_GET['ip'.$i.'new']);
    2168. 

  2168. 			}
    2169. 

  2169. 

  2170. 			if($own == 4) {
    2171. 

  2171. 				cpmsg('members_ipban_illegal', '', 'error');
    2172. 

  2172. 			}
    2173. 

  2173. 

  2174. 			foreach(C::t('common_banned')->fetch_all_order_dateline() as $banned) {
    2175. 

  2175. 				$exists = 0;
    2176. 

  2176. 				for($i = 1; $i <= 4; $i++) {
    2177. 

  2177. 					if($banned["ip$i"] == -1) {
    2178. 

  2178. 						$exists++;
    2179. 

  2179. 					} elseif($banned["ip$i"] == ${"ip".$i."new"}) {
    2180. 

  2180. 						$exists++;
    2181. 

  2181. 					}
    2182. 

  2182. 				}
    2183. 

  2183. 				if($exists == 4) {
    2184. 

  2184. 					cpmsg('members_ipban_invalid', '', 'error');
    2185. 

  2185. 				}
    2186. 

  2186. 			}
    2187. 

  2187. 

  2188. 			$expiration = TIMESTAMP + $_GET['validitynew'] * 86400;
    2189. 

  2189. 

  2190. 			C::app()->session->update_by_ipban($_GET['ip1new'], $_GET['ip2new'], $_GET['ip3new'], $_GET['ip4new']);
    2191. 

  2191. 			$data = array(
    2192. 

  2192. 				'ip1' => $_GET['ip1new'],
    2193. 

  2193. 				'ip2' => $_GET['ip2new'],
    2194. 

  2194. 				'ip3' => $_GET['ip3new'],
    2195. 

  2195. 				'ip4' => $_GET['ip4new'],
    2196. 

  2196. 				'admin' => $_G['username'],
    2197. 

  2197. 				'dateline' => $_G['timestamp'],
    2198. 

  2198. 				'expiration' => $expiration,
    2199. 

  2199. 			);
    2200. 

  2200. 			C::t('common_banned')->insert($data);
    2201. 

  2201. 		}
    2202. 

  2202. 

  2203. 		if(is_array($_GET['expirationnew'])) {
    2204. 

  2204. 			foreach($_GET['expirationnew'] as $id => $expiration) {
    2205. 

  2205. 				C::t('common_banned')->update_expiration_by_id($id, strtotime($expiration), $_G['adminid'], $_G['username']);
    2206. 

  2206. 			}
    2207. 

  2207. 		}
    2208. 

  2208. 

  2209. 		updatecache('ipbanned');
    2210. 

  2210. 		cpmsg('members_ipban_succeed', 'action=members&operation=ipban', 'succeed');
    2211. 

  2211. 

  2212. 	}
    2213. 

  2213. 

  2214. } elseif($operation == 'profile') {
    2215. 

  2215. 

  2216. 	$fieldid = $_GET['fieldid'] ? $_GET['fieldid'] : '';
    2217. 

  2217. 	shownav('user', 'nav_members_profile');
    2218. 

  2218. 	if($fieldid) {
    2219. 

  2219. 		$_G['setting']['privacy'] = !empty($_G['setting']['privacy']) ? $_G['setting']['privacy'] : array();
    2220. 

  2220. 		$_G['setting']['privacy'] = is_array($_G['setting']['privacy']) ? $_G['setting']['privacy'] : dunserialize($_G['setting']['privacy']);
    2221. 

  2221. 

  2222. 		$field = C::t('common_member_profile_setting')->fetch($fieldid);
    2223. 

  2223. 		$fixedfields1 = array('uid', 'constellation', 'zodiac');
    2224. 

  2224. 		$fixedfields2 = array('gender', 'birthday', 'birthcity', 'residecity');
    2225. 

  2225. 		$field['isfixed1'] = in_array($fieldid, $fixedfields1);
    2226. 

  2226. 		$field['isfixed2'] = $field['isfixed1'] || in_array($fieldid, $fixedfields2);
    2227. 

  2227. 		$field['customable'] = preg_match('/^field[1-8]$/i', $fieldid);
    2228. 

  2228. 		$profilegroup = C::t('common_setting')->fetch('profilegroup', true);
    2229. 

  2229. 		$profilevalidate = array();
    2230. 

  2230. 		include libfile('spacecp/profilevalidate', 'include');
    2231. 

  2231. 		$field['validate'] = $field['validate'] ? $field['validate'] : ($profilevalidate[$fieldid] ? $profilevalidate[$fieldid] : '');
    2232. 

  2232. 		if(!submitcheck('editsubmit')) {
    2233. 

  2233. 			showsubmenu($lang['members_profile'].'-'.$field['title'], array(
    2234. 

  2234. 				array('members_profile_list', 'members&operation=profile', 0),
    2235. 

  2235. 				array($lang['edit'], 'members&operation=profile&fieldid='.$_GET['fieldid'], 1)
    2236. 

  2236. 			));
    2237. 

  2237. 			showformheader('members&operation=profile&fieldid='.$fieldid);
    2238. 

  2238. 			showtableheader();
    2239. 

  2239. 			if($field['customable']) {
    2240. 

  2240. 				showsetting('members_profile_edit_name', 'title', $field['title'], 'text');
    2241. 

  2241. 				showsetting('members_profile_edit_desc', 'description', $field['description'], 'text');
    2242. 

  2242. 			} else {
    2243. 

  2243. 				showsetting('members_profile_edit_name', '', '', ' '.$field['title']);
    2244. 

  2244. 				showsetting('members_profile_edit_desc', '', '', ' '.$field['description']);
    2245. 

  2245. 			}
    2246. 

  2246. 			if(!$field['isfixed2']) {
    2247. 

  2247. 				if($field['fieldid'] == 'realname') {
    2248. 

  2248. 					showsetting('members_profile_edit_form_type', array('formtype', array(
    2249. 

  2249. 						array('text', $lang['members_profile_edit_text'], array('valuenumber' => '', 'fieldchoices' => 'none', 'fieldvalidate'=>''))
    2250. 

  2250. 					)), $field['formtype'], 'mradio');
    2251. 

  2251. 				} else {
    2252. 

  2252. 					showsetting('members_profile_edit_form_type', array('formtype', array(
    2253. 

  2253. 							array('text', $lang['members_profile_edit_text'], array('valuenumber' => '', 'fieldchoices' => 'none', 'fieldvalidate'=>'')),
    2254. 

  2254. 							array('textarea', $lang['members_profile_edit_textarea'], array('valuenumber' => '', 'fieldchoices' => 'none', 'fieldvalidate'=>'')),
    2255. 

  2255. 							array('radio', $lang['members_profile_edit_radio'], array('valuenumber' => 'none', 'fieldchoices' => '', 'fieldvalidate'=>'none')),
    2256. 

  2256. 							array('checkbox', $lang['members_profile_edit_checkbox'], array('valuenumber' => '', 'fieldchoices' => '', 'fieldvalidate'=>'none')),
    2257. 

  2257. 							array('select', $lang['members_profile_edit_select'], array('valuenumber' => 'none', 'fieldchoices' => '', 'fieldvalidate'=>'none')),
    2258. 

  2258. 							array('list', $lang['members_profile_edit_list'], array('valuenumber' => '', 'fieldchoices' => '')),
    2259. 

  2259. 							array('file', $lang['members_profile_edit_file'], array('valuenumber' => '', 'fieldchoices' => 'none', 'fieldvalidate'=>'none'))
    2260. 

  2260. 						)), $field['formtype'], 'mradio');
    2261. 

  2261. 				}
    2262. 

  2262. 				showtagheader('tbody', 'valuenumber', !in_array($field['formtype'], array('radio', 'select')), 'sub');
    2263. 

  2263. 				showsetting('members_profile_edit_value_number', 'size', $field['size'], 'text');
    2264. 

  2264. 				showtagfooter('tbody');
    2265. 

  2265. 

  2266. 				showtagheader('tbody', 'fieldchoices', !in_array($field['formtype'], array('file','text', 'textarea')), 'sub');
    2267. 

  2267. 				showsetting('members_profile_edit_choices', 'choices', $field['choices'], 'textarea');
    2268. 

  2268. 				showtagfooter('tbody');
    2269. 

  2269. 

  2270. 				showtagheader('tbody', 'fieldvalidate', in_array($field['formtype'], array('text', 'textarea')), 'sub');
    2271. 

  2271. 				showsetting('members_profile_edit_validate', 'validate', $field['validate'], 'text');
    2272. 

  2272. 				showtagfooter('tbody');
    2273. 

  2273. 			}
    2274. 

  2274. 			if(!$field['isfixed1']) {
    2275. 

  2275. 				showsetting('members_profile_edit_available', 'available', $field['available'], 'radio');
    2276. 

  2276. 				showsetting('members_profile_edit_unchangeable', 'unchangeable', $field['unchangeable'], 'radio');
    2277. 

  2277. 				showsetting('members_profile_edit_needverify', 'needverify', $field['needverify'], 'radio');
    2278. 

  2278. 				showsetting('members_profile_edit_required', 'required', $field['required'], 'radio');
    2279. 

  2279. 			}
    2280. 

  2280. 			showsetting('members_profile_edit_invisible', 'invisible', $field['invisible'], 'radio');
    2281. 

  2281. 			$privacyselect = array(
    2282. 

  2282. 				array('0', cplang('members_profile_edit_privacy_public')),
    2283. 

  2283. 				array('1', cplang('members_profile_edit_privacy_friend')),
    2284. 

  2284. 				array('3', cplang('members_profile_edit_privacy_secret'))
    2285. 

  2285. 			);
    2286. 

  2286. 			showsetting('members_profile_edit_default_privacy', array('privacy', $privacyselect), $_G['setting']['privacy']['profile'][$fieldid], 'select');
    2287. 

  2287. 			showsetting('members_profile_edit_showincard', 'showincard', $field['showincard'], 'radio');
    2288. 

  2288. 			showsetting('members_profile_edit_showinregister', 'showinregister', $field['showinregister'], 'radio');
    2289. 

  2289. 			showsetting('members_profile_edit_allowsearch', 'allowsearch', $field['allowsearch'], 'radio');
    2290. 

  2290. 			if(!empty($profilegroup)) {
    2291. 

  2291. 				$groupstr = '';
    2292. 

  2292. 				foreach($profilegroup as $key => $value) {
    2293. 

  2293. 					if($value['available']) {
    2294. 

  2294. 						if(in_array($fieldid, $value['field'])) {
    2295. 

  2295. 							$checked = ' checked="checked" ';
    2296. 

  2296. 							$class = ' class="checked" ';
    2297. 

  2297. 						} else {
    2298. 

  2298. 							$class = $checked = '';
    2299. 

  2299. 						}
    2300. 

  2300. 						$groupstr .= "<li $class style=\"float: left; width: 10%;\"><input type=\"checkbox\" value=\"$key\" name=\"profilegroup[$key]\" class=\"checkbox\" $checked>&nbsp;$value[title]</li>";
    2301. 

  2301. 					}
    2302. 

  2302. 				}
    2303. 

  2303. 				if(!empty($groupstr)) {
    2304. 

  2304. 					print <<<EOF
    2305. 

  2305. 						<tr>
    2306. 

  2306. 							<td class="td27" colspan="2">$lang[setting_profile_group]:</td>
    2307. 

  2307. 						</tr>
    2308. 

  2308. 						<tr>
    2309. 

  2309. 							<td colspan="2">
    2310. 

  2310. 								<ul class="dblist" onmouseover="altStyle(this);">
    2311. 

  2311. 									<li style="width: 100%;"><input type="checkbox" name="chkall" onclick="checkAll('prefix', this.form, 'profilegroup')" class="checkbox">&nbsp;$lang[select_all]</li>
    2312. 

  2312. 									$groupstr
    2313. 

  2313. 								</ul>
    2314. 

  2314. 							</td>
    2315. 

  2315. 						</tr>
    2316. 

  2316. EOF;
    2317. 

  2317. 				}
    2318. 

  2318. 			}
    2319. 

  2319. 

  2320. 			showsetting('members_profile_edit_display_order', 'displayorder', $field['displayorder'], 'text');
    2321. 

  2321. 			showsubmit('editsubmit');
    2322. 

  2322. 			showtablefooter();
    2323. 

  2323. 			showformfooter();
    2324. 

  2324. 

  2325. 		} else {
    2326. 

  2326. 

  2327. 			$setarr = array(
    2328. 

  2328. 				'invisible' => intval($_POST['invisible']),
    2329. 

  2329. 				'showincard' => intval($_POST['showincard']),
    2330. 

  2330. 				'showinregister' => intval($_POST['showinregister']),
    2331. 

  2331. 				'allowsearch' => intval($_POST['allowsearch']),
    2332. 

  2332. 				'displayorder' => intval($_POST['displayorder'])
    2333. 

  2333. 			);
    2334. 

  2334. 			if($field['customable']) {
    2335. 

  2335. 				$_POST['title'] = dhtmlspecialchars(trim($_POST['title']));
    2336. 

  2336. 				if(empty($_POST['title'])) {
    2337. 

  2337. 					cpmsg('members_profile_edit_title_empty_error', 'action=members&operation=profile&fieldid='.$fieldid, 'error');
    2338. 

  2338. 				}
    2339. 

  2339. 				$setarr['title'] = $_POST['title'];
    2340. 

  2340. 				$setarr['description'] = dhtmlspecialchars(trim($_POST['description']));
    2341. 

  2341. 			}
    2342. 

  2342. 			if(!$field['isfixed1']) {
    2343. 

  2343. 				$setarr['required'] = intval($_POST['required']);
    2344. 

  2344. 				$setarr['available'] = intval($_POST['available']);
    2345. 

  2345. 				$setarr['unchangeable'] = intval($_POST['unchangeable']);
    2346. 

  2346. 				$setarr['needverify'] = intval($_POST['needverify']);
    2347. 

  2347. 			}
    2348. 

  2348. 			if(!$field['isfixed2']) {
    2349. 

  2349. 				$setarr['formtype'] = $fieldid == 'realname' ? 'text' : strtolower(trim($_POST['formtype']));
    2350. 

  2350. 				$setarr['size'] = intval($_POST['size']);
    2351. 

  2351. 				if($_POST['choices']) {
    2352. 

  2352. 					$_POST['choices'] = trim($_POST['choices']);
    2353. 

  2353. 					$ops = explode("\n", $_POST['choices']);
    2354. 

  2354. 					$parts = array();
    2355. 

  2355. 					foreach ($ops as $op) {
    2356. 

  2356. 						$parts[] = dhtmlspecialchars(trim($op));
    2357. 

  2357. 					}
    2358. 

  2358. 					$_POST['choices'] = implode("\n", $parts);
    2359. 

  2359. 				}
    2360. 

  2360. 				$setarr['choices'] = $_POST['choices'];
    2361. 

  2361. 				if($_POST['validate'] && $_POST['validate'] != $profilevalidate[$fieldid]) {
    2362. 

  2362. 					$setarr['validate'] = $_POST['validate'];
    2363. 

  2363. 				} elseif(empty($_POST['validate'])) {
    2364. 

  2364. 					$setarr['validate'] = '';
    2365. 

  2365. 				}
    2366. 

  2366. 			}
    2367. 

  2367. 			C::t('common_member_profile_setting')->update($fieldid, $setarr);
    2368. 

  2368. 			if($_GET['fieldid'] == 'birthday') {
    2369. 

  2369. 				C::t('common_member_profile_setting')->update('birthmonth', $setarr);
    2370. 

  2370. 				C::t('common_member_profile_setting')->update('birthyear', $setarr);
    2371. 

  2371. 			} elseif($_GET['fieldid'] == 'birthcity') {
    2372. 

  2372. 				C::t('common_member_profile_setting')->update('birthprovince', $setarr);
    2373. 

  2373. 				$setarr['required'] = 0;
    2374. 

  2374. 				C::t('common_member_profile_setting')->update('birthdist', $setarr);
    2375. 

  2375. 				C::t('common_member_profile_setting')->update('birthcommunity', $setarr);
    2376. 

  2376. 			} elseif($_GET['fieldid'] == 'residecity') {
    2377. 

  2377. 				C::t('common_member_profile_setting')->update('resideprovince', $setarr);
    2378. 

  2378. 				$setarr['required'] = 0;
    2379. 

  2379. 				C::t('common_member_profile_setting')->update('residedist', $setarr);
    2380. 

  2380. 				C::t('common_member_profile_setting')->update('residecommunity', $setarr);
    2381. 

  2381. 			} elseif($_GET['fieldid'] == 'idcard') {
    2382. 

  2382. 				C::t('common_member_profile_setting')->update('idcardtype', $setarr);
    2383. 

  2383. 			}
    2384. 

  2384. 

  2385. 			foreach($profilegroup as $type => $pgroup) {
    2386. 

  2386. 				if(is_array($_GET['profilegroup']) && in_array($type, $_GET['profilegroup'])) {
    2387. 

  2387. 					$profilegroup[$type]['field'][$fieldid] = $fieldid;
    2388. 

  2388. 				} else {
    2389. 

  2389. 					unset($profilegroup[$type]['field'][$fieldid]);
    2390. 

  2390. 				}
    2391. 

  2391. 			}
    2392. 

  2392. 			C::t('common_setting')->update('profilegroup', $profilegroup);
    2393. 

  2393. 			require_once libfile('function/cache');
    2394. 

  2394. 			if(!isset($_G['setting']['privacy']['profile']) || $_G['setting']['privacy']['profile'][$fieldid] != $_POST['privacy']) {
    2395. 

  2395. 				$_G['setting']['privacy']['profile'][$fieldid] = $_POST['privacy'];
    2396. 

  2396. 				C::t('common_setting')->update('privacy', $_G['setting']['privacy']);
    2397. 

  2397. 			}
    2398. 

  2398. 			updatecache(array('profilesetting','fields_required', 'fields_optional', 'fields_register', 'setting'));
    2399. 

  2399. 			include_once libfile('function/block');
    2400. 

  2400. 			loadcache('profilesetting', true);
    2401. 

  2401. 			blockclass_cache();
    2402. 

  2402. 			cpmsg('members_profile_edit_succeed', 'action=members&operation=profile', 'succeed');
    2403. 

  2403. 		}
    2404. 

  2404. 	} else {
    2405. 

  2405. 

  2406. 		$list = array();
    2407. 

  2407. 		foreach(C::t('common_member_profile_setting')->range() as $fieldid => $value) {
    2408. 

  2408. 			$list[$fieldid] = array(
    2409. 

  2409. 				'title'=>$value['title'],
    2410. 

  2410. 				'displayorder'=>$value['displayorder'],
    2411. 

  2411. 				'available'=>$value['available'],
    2412. 

  2412. 				'invisible'=>$value['invisible'],
    2413. 

  2413. 				'showincard'=>$value['showincard'],
    2414. 

  2414. 				'showinregister'=>$value['showinregister']);
    2415. 

  2415. 		}
    2416. 

  2416. 

  2417. 		unset($list['birthyear']);
    2418. 

  2418. 		unset($list['birthmonth']);
    2419. 

  2419. 		unset($list['birthprovince']);
    2420. 

  2420. 		unset($list['birthdist']);
    2421. 

  2421. 		unset($list['birthcommunity']);
    2422. 

  2422. 		unset($list['resideprovince']);
    2423. 

  2423. 		unset($list['residedist']);
    2424. 

  2424. 		unset($list['residecommunity']);
    2425. 

  2425. 		unset($list['idcardtype']);
    2426. 

  2426. 

  2427. 		if(!submitcheck('ordersubmit')) {
    2428. 

  2428. 			$_GET['anchor'] = in_array($_GET['action'], array('members', 'setting')) ? $_GET['action'] : 'members';
    2429. 

  2429. 			$current = array($_GET['anchor'] => 1);
    2430. 

  2430. 			$profilenav = array(
    2431. 

  2431. 					array('members_profile_list', 'members&operation=profile', $current['members']),
    2432. 

  2432. 					array('members_profile_group', 'setting&operation=profile', $current['setting'])
    2433. 

  2433. 				);
    2434. 

  2434. 			showsubmenu($lang['members_profile'], $profilenav);
    2435. 

  2435. 			showtips('members_profile_tips');
    2436. 

  2436. 			showformheader('members&operation=profile');
    2437. 

  2437. 			showtableheader('', '', 'id="profiletable_header"');
    2438. 

  2438. 			$tdstyle = array('class="td22"', 'class="td28" width="100"', 'class="td28" width="100"', 'class="td28" width="100"', 'class="td28" width="100"', 'class="td28"', 'class="td28"');
    2439. 

  2439. 			showsubtitle(array('members_profile_edit_name', 'members_profile_edit_display_order', 'members_profile_edit_available', 'members_profile_edit_profile_view', 'members_profile_edit_card_view', 'members_profile_edit_reg_view', ''), 'header tbm', $tdstyle);
    2440. 

  2440. 			showtablefooter();
    2441. 

  2441. 			echo '<script type="text/javascript">floatbottom(\'profiletable_header\');</script>';
    2442. 

  2442. 			showtableheader('members_profile', 'nobottom', 'id="porfiletable"');
    2443. 

  2443. 			showsubtitle(array('members_profile_edit_name', 'members_profile_edit_display_order', 'members_profile_edit_available', 'members_profile_edit_profile_view', 'members_profile_edit_card_view', 'members_profile_edit_reg_view', ''), 'header', $tdstyle);
    2444. 

  2444. 			foreach($list as $fieldid => $value) {
    2445. 

  2445. 				$value['available'] = '<input type="checkbox" class="checkbox" name="available['.$fieldid.']" '.($value['available'] ? 'checked="checked" ' : '').'value="1">';
    2446. 

  2446. 				$value['invisible'] = '<input type="checkbox" class="checkbox" name="invisible['.$fieldid.']" '.(!$value['invisible'] ? 'checked="checked" ' : '').'value="1">';
    2447. 

  2447. 				$value['showincard'] = '<input type="checkbox" class="checkbox" name="showincard['.$fieldid.']" '.($value['showincard'] ? 'checked="checked" ' : '').'value="1">';
    2448. 

  2448. 				$value['showinregister'] = '<input type="checkbox" class="checkbox" name="showinregister['.$fieldid.']" '.($value['showinregister'] ? 'checked="checked" ' : '').'value="1">';
    2449. 

  2449. 				$value['displayorder'] = '<input type="text" name="displayorder['.$fieldid.']" value="'.$value['displayorder'].'" size="5">';
    2450. 

  2450. 				$value['edit'] = '<a href="'.ADMINSCRIPT.'?action=members&operation=profile&fieldid='.$fieldid.'" title="" class="act">'.$lang[edit].'</a>';
    2451. 

  2451. 				showtablerow('', array(), $value);
    2452. 

  2452. 			}
    2453. 

  2453. 			showsubmit('ordersubmit');
    2454. 

  2454. 			showtablefooter();
    2455. 

  2455. 			showformfooter();
    2456. 

  2456. 		} else {
    2457. 

  2457. 			foreach($_GET['displayorder'] as $fieldid => $value) {
    2458. 

  2458. 				$setarr = array(
    2459. 

  2459. 					'displayorder' => intval($value),
    2460. 

  2460. 					'invisible' => intval($_GET['invisible'][$fieldid]) ? 0 : 1,
    2461. 

  2461. 					'available' => intval($_GET['available'][$fieldid]),
    2462. 

  2462. 					'showincard' => intval($_GET['showincard'][$fieldid]),
    2463. 

  2463. 					'showinregister' => intval($_GET['showinregister'][$fieldid]),
    2464. 

  2464. 				);
    2465. 

  2465. 				C::t('common_member_profile_setting')->update($fieldid, $setarr);
    2466. 

  2466. 

  2467. 				if($fieldid == 'birthday') {
    2468. 

  2468. 					C::t('common_member_profile_setting')->update('birthmonth', $setarr);
    2469. 

  2469. 					C::t('common_member_profile_setting')->update('birthyear', $setarr);
    2470. 

  2470. 				} elseif($fieldid == 'birthcity') {
    2471. 

  2471. 					C::t('common_member_profile_setting')->update('birthprovince', $setarr);
    2472. 

  2472. 					$setarr['required'] = 0;
    2473. 

  2473. 					C::t('common_member_profile_setting')->update('birthdist', $setarr);
    2474. 

  2474. 					C::t('common_member_profile_setting')->update('birthcommunity', $setarr);
    2475. 

  2475. 				} elseif($fieldid == 'residecity') {
    2476. 

  2476. 					C::t('common_member_profile_setting')->update('resideprovince', $setarr);
    2477. 

  2477. 					$setarr['required'] = 0;
    2478. 

  2478. 					C::t('common_member_profile_setting')->update('residedist', $setarr);
    2479. 

  2479. 					C::t('common_member_profile_setting')->update('residecommunity', $setarr);
    2480. 

  2480. 				} elseif($fieldid == 'idcard') {
    2481. 

  2481. 					C::t('common_member_profile_setting')->update('idcardtype', $setarr);
    2482. 

  2482. 				}
    2483. 

  2483. 

  2484. 			}
    2485. 

  2485. 			require_once libfile('function/cache');
    2486. 

  2486. 			updatecache(array('profilesetting', 'fields_required', 'fields_optional', 'fields_register', 'setting'));
    2487. 

  2487. 			include_once libfile('function/block');
    2488. 

  2488. 			loadcache('profilesetting', true);
    2489. 

  2489. 			blockclass_cache();
    2490. 

  2490. 			cpmsg('members_profile_edit_succeed', 'action=members&operation=profile', 'succeed');
    2491. 

  2491. 		}
    2492. 

  2492. 	}
    2493. 

  2493. 

  2494. } elseif($operation == 'stat') {
    2495. 

  2495. 

  2496. 	if($_GET['do'] == 'stepstat' && $_GET['t'] > 0 && $_GET['i'] > 0) {
    2497. 

  2497. 		$t = intval($_GET['t']);
    2498. 

  2498. 		$i = intval($_GET['i']);
    2499. 

  2499. 		$o = $i - 1;
    2500. 

  2500. 		$value = C::t('common_member_stat_field')->fetch_all_by_fieldid($_GET['fieldid'], $o, 1);
    2501. 

  2501. 		if($value) {
    2502. 

  2502. 			$optionid = intval($value[0]['optionid']);
    2503. 

  2503. 			$fieldvalue = $value[0]['fieldvalue'];
    2504. 

  2504. 		} else {
    2505. 

  2505. 			$optionid = 0;
    2506. 

  2506. 			$fieldvalue = '';
    2507. 

  2507. 		}
    2508. 

  2508. 		$cnt = ($_GET['fieldid'] === 'groupid') ? C::t('common_member')->count_by_groupid($fieldvalue) : C::t('common_member_profile')->count_by_field($_GET['fieldid'], $fieldvalue);
    2509. 

  2509. 		C::t('common_member_stat_field')->update($optionid, array('users'=>$cnt, 'updatetime'=>TIMESTAMP));
    2510. 

  2510. 		if($i < $t) {
    2511. 

  2511. 			cpmsg('members_stat_do_stepstat', 'action=members&operation=stat&fieldid='.$_GET['fieldid'].'&do=stepstat&t='.$t.'&i='.($i+1), '', array('t'=>$t, 'i'=>$i));
    2512. 

  2512. 		} else {
    2513. 

  2513. 			cpmsg('members_stat_update_data_succeed', 'action=members&operation=stat&fieldid='.$_GET['fieldid'], 'succeed');
    2514. 

  2514. 		}
    2515. 

  2515. 	}
    2516. 

  2516. 

  2517. 	$options = array('groupid'=>cplang('usergroup'));
    2518. 

  2518. 	$fieldids = array('gender', 'birthyear', 'birthmonth', 'constellation', 'zodiac','birthprovince', 'resideprovince');
    2519. 

  2519. 	loadcache('profilesetting');
    2520. 

  2520. 	foreach($_G['cache']['profilesetting'] as $fieldid=>$value) {
    2521. 

  2521. 		if($value['formtype']=='select'||$value['formtype']=='radio'||in_array($fieldid,$fieldids)) {
    2522. 

  2522. 			$options[$fieldid] = $value['title'];
    2523. 

  2523. 		}
    2524. 

  2524. 	}
    2525. 

  2525. 

  2526. 	if(!empty($_GET['fieldid']) && !isset($options[$_GET['fieldid']])) {
    2527. 

  2527. 		cpmsg('members_stat_bad_fieldid', 'action=members&operation=stat', 'error');
    2528. 

  2528. 	}
    2529. 

  2529. 

  2530. 	if(!empty($_GET['fieldid']) && $_GET['fieldid'] == 'groupid') {
    2531. 

  2531. 		$usergroups = array();
    2532. 

  2532. 		foreach(C::t('common_usergroup')->range() as $value) {
    2533. 

  2533. 			$usergroups[$value['groupid']] = $value['grouptitle'];
    2534. 

  2534. 		}
    2535. 

  2535. 	}
    2536. 

  2536. 

  2537. 	if(!submitcheck('statsubmit')) {
    2538. 

  2538. 

  2539. 		shownav('user', 'nav_members_stat');
    2540. 

  2540. 		showsubmenu('nav_members_stat');
    2541. 

  2541. 		showtips('members_stat_tips');
    2542. 

  2542. 

  2543. 		showformheader('members&operation=stat&fieldid='.$_GET['fieldid']);
    2544. 

  2544. 		showtableheader('members_stat_options');
    2545. 

  2545. 		$option_html = '<ul>';
    2546. 

  2546. 		foreach($options as $key=>$value) {
    2547. 

  2547. 			$extra_style = $_GET['fieldid'] == $key ? ' font-weight: 900;' : '';
    2548. 

  2548. 			$option_html .= ""
    2549. 

  2549. 				."<li style=\"float: left; width: 160px;$extra_style\">"
    2550. 

  2550. 				. "<a href=\"".ADMINSCRIPT."?action=members&operation=stat&fieldid=$key\">$value</a>"
    2551. 

  2551. 				. "</li>";
    2552. 

  2552. 		}
    2553. 

  2553. 		$option_html .= '</ul><br style="clear: both;" />';
    2554. 

  2554. 		showtablerow('', array('colspan="5"'), array($option_html));
    2555. 

  2555. 

  2556. 		if($_GET['fieldid']) {
    2557. 

  2557. 

  2558. 			$list = array();
    2559. 

  2559. 			$total = 0;
    2560. 

  2560. 			foreach(($list = C::t('common_member_stat_field')->fetch_all_by_fieldid($_GET['fieldid'])) as $value) {
    2561. 

  2561. 				$total += $value['users'];
    2562. 

  2562. 			}
    2563. 

  2563. 			for($i=0, $L=count($list); $i<$L; $i++) {
    2564. 

  2564. 				if($total) {
    2565. 

  2565. 					$list[$i]['percent'] = intval(10000 * $list[$i]['users'] / $total) / 100;
    2566. 

  2566. 				} else {
    2567. 

  2567. 					$list[$i]['percent'] = 0;
    2568. 

  2568. 				}
    2569. 

  2569. 				$list[$i]['width'] = $list[$i]['percent'] ? intval($list[$i]['percent'] * 2) : 1;
    2570. 

  2570. 			}
    2571. 

  2571. 			showtablerow('', array('colspan="4"'), array(cplang('members_stat_current_field').$options[$_GET['fieldid']].'; '.cplang('members_stat_members').$total));
    2572. 

  2572. 

  2573. 			showtablerow('', array('width="200"', '', 'width="160"', 'width="160"'),array(
    2574. 

  2574. 					cplang('members_stat_option'),
    2575. 

  2575. 					cplang('members_stat_view'),
    2576. 

  2576. 					cplang('members_stat_option_members'),
    2577. 

  2577. 					cplang('members_stat_updatetime')
    2578. 

  2578. 				));
    2579. 

  2579. 			foreach($list as $value) {
    2580. 

  2580. 				if($_GET['fieldid']=='groupid') {
    2581. 

  2581. 					$value['fieldvalue'] = $usergroups[$value['fieldvalue']];
    2582. 

  2582. 				} elseif($_GET['fieldid']=='gender') {
    2583. 

  2583. 					$value['fieldvalue'] = lang('space', 'gender_'.$value['fieldvalue']);
    2584. 

  2584. 				} elseif(empty($value['fieldvalue'])) {
    2585. 

  2585. 					$value['fieldvalue'] = cplang('members_stat_null_fieldvalue');
    2586. 

  2586. 				}
    2587. 

  2587. 				showtablerow('', array('width="200"', '', 'width="160"', 'width="160"'),array(
    2588. 

  2588. 					$value['fieldvalue'],
    2589. 

  2589. 					'<div style="background-color: yellow; width: 200px; height: 20px;"><div style="background-color: red; height: 20px; width: '.$value['width'].'px;"></div></div>',
    2590. 

  2590. 					$value['users'].' ('.$value['percent'].'%)',
    2591. 

  2591. 					!empty($value['updatetime']) ? dgmdate($value['updatetime'], 'u') : 'N/A'
    2592. 

  2592. 				));
    2593. 

  2593. 			}
    2594. 

  2594. 

  2595. 			showtablefooter();
    2596. 

  2596. 			$optype_html = '<input type="radio" class="radio" name="optype" id="optype_option" value="option" /><label for="optype_option">'.cplang('members_stat_update_option').'</label>&nbsp;&nbsp;'
    2597. 

  2597. 					.'<input type="radio" class="radio" name="optype" id="optype_data" value="data" /><label for="optype_data">'.cplang('members_stat_update_data').'</label>';
    2598. 

  2598. 			showsubmit('statsubmit', 'submit', $optype_html);
    2599. 

  2599. 			showformfooter();
    2600. 

  2600. 

  2601. 		} else {
    2602. 

  2602. 			showtablefooter();
    2603. 

  2603. 			showformfooter();
    2604. 

  2604. 		}
    2605. 

  2605. 

  2606. 	} else {
    2607. 

  2607. 

  2608. 		if($_POST['optype'] == 'option') {
    2609. 

  2609. 

  2610. 			$options = $inserts = $hits = $deletes = array();
    2611. 

  2611. 			foreach(C::t('common_member_stat_field')->fetch_all_by_fieldid($_GET['fieldid']) as $value) {
    2612. 

  2612. 				$options[$value['optionid']] = $value['fieldvalue'];
    2613. 

  2613. 				$hits[$value['optionid']] = false;
    2614. 

  2614. 			}
    2615. 

  2615. 

  2616. 			$alldata = $_GET['fieldid'] === 'groupid' ? C::t('common_member')->fetch_all_groupid() : C::t('common_member_profile')->fetch_all_field_value($_GET['fieldid']);
    2617. 

  2617. 			foreach($alldata as $value) {
    2618. 

  2618. 				$fieldvalue = $value[$_GET[fieldid]];
    2619. 

  2619. 				$optionid = array_search($fieldvalue, $options);
    2620. 

  2620. 				if($optionid) {
    2621. 

  2621. 					$hits[$optionid] = true;
    2622. 

  2622. 				} else {
    2623. 

  2623. 					$inserts[] = array('fieldid'=>$_GET['fieldid'], 'fieldvalue'=>$fieldvalue);
    2624. 

  2624. 				}
    2625. 

  2625. 			}
    2626. 

  2626. 			foreach ($hits as $key=>$value) {
    2627. 

  2627. 				if($value == false) {
    2628. 

  2628. 					$deletes[] = $key;
    2629. 

  2629. 				}
    2630. 

  2630. 			}
    2631. 

  2631. 			if($deletes) {
    2632. 

  2632. 				C::t('common_member_stat_field')->delete($deletes);
    2633. 

  2633. 

  2634. 			}
    2635. 

  2635. 			if($inserts) {
    2636. 

  2636. 				C::t('common_member_stat_field')->insert_batch($inserts);
    2637. 

  2637. 			}
    2638. 

  2638. 

  2639. 			cpmsg('members_stat_update_option_succeed', 'action=members&operation=stat&fieldid='.$_GET['fieldid'], 'succeed');
    2640. 

  2640. 

  2641. 		} elseif($_POST['optype'] == 'data') {
    2642. 

  2642. 

  2643. 			if(($t = C::t('common_member_stat_field')->count_by_fieldid($_GET['fieldid'])) > 0) {
    2644. 

  2644. 				cpmsg('members_stat_do_stepstat_prepared', 'action=members&operation=stat&fieldid='.$_GET['fieldid'].'&do=stepstat&t='.$t.'&i=1', '', array('t'=>$t));
    2645. 

  2645. 			} else {
    2646. 

  2646. 				cpmsg('members_stat_update_data_succeed', 'action=members&operation=stat&fieldid='.$_GET['fieldid'], 'succeed');
    2647. 

  2647. 			}
    2648. 

  2648. 

  2649. 		} else {
    2650. 

  2650. 			cpmsg('members_stat_null_operation', 'action=members&operation=stat', 'error');
    2651. 

  2651. 		}
    2652. 

  2652. 	}
    2653. 

  2653. }
    2654. 

  2654. 

  2655. function showsearchform($operation = '') {
    2656. 

  2656. 	global $_G, $lang;
    2657. 

  2657. 

  2658. 	$groupselect = array();
    2659. 

  2659. 	$usergroupid = isset($_GET['usergroupid']) && is_array($_GET['usergroupid']) ? $_GET['usergroupid'] : array();
    2660. 

  2660. 	$medals = isset($_GET['medalid']) && is_array($_GET['medalid']) ? $_GET['medalid'] : array();
    2661. 

  2661. 	$tagid = isset($_GET['tagid']) && is_array($_GET['tagid']) ? $_GET['tagid'] : array();
    2662. 

  2662. 	$query = C::t('common_usergroup')->fetch_all_not(array(6, 7), true);
    2663. 

  2663. 	foreach($query as $group) {
    2664. 

  2664. 		$group['type'] = $group['type'] == 'special' && $group['radminid'] ? 'specialadmin' : $group['type'];
    2665. 

  2665. 		$groupselect[$group['type']] .= "<option value=\"$group[groupid]\" ".(in_array($group['groupid'], $usergroupid) ? 'selected' : '').">$group[grouptitle]</option>\n";
    2666. 

  2666. 	}
    2667. 

  2667. 	$groupselect = '<optgroup label="'.$lang['usergroups_member'].'">'.$groupselect['member'].'</optgroup>'.
    2668. 

  2668. 		($groupselect['special'] ? '<optgroup label="'.$lang['usergroups_special'].'">'.$groupselect['special'].'</optgroup>' : '').
    2669. 

  2669. 		($groupselect['specialadmin'] ? '<optgroup label="'.$lang['usergroups_specialadmin'].'">'.$groupselect['specialadmin'].'</optgroup>' : '').
    2670. 

  2670. 		'<optgroup label="'.$lang['usergroups_system'].'">'.$groupselect['system'].'</optgroup>';
    2671. 

  2671. 	$medalselect = $usertagselect = '';
    2672. 

  2672. 	foreach(C::t('forum_medal')->fetch_all_data(1) as $medal) {
    2673. 

  2673. 		$medalselect .= "<option value=\"$medal[medalid]\" ".(in_array($medal['medalid'], $medals) ? 'selected' : '').">$medal[name]</option>\n";
    2674. 

  2674. 	}
    2675. 

  2675. 	$query = C::t('common_tag')->fetch_all_by_status(3);
    2676. 

  2676. 	foreach($query as $row) {
    2677. 

  2677. 		$usertagselect .= "<option value=\"$row[tagid]\" ".(in_array($row['tagid'], $tagid) ? 'selected' : '').">$row[tagname]</option>\n";
    2678. 

  2678. 	}
    2679. 

  2679. 

  2680. 	showtagheader('div', 'searchmembers', !$_GET['submit']);
    2681. 

  2681. 	echo '<script src="static/js/calendar.js" type="text/javascript"></script>';
    2682. 

  2682. 	echo '<style type="text/css">#residedistrictbox select, #birthdistrictbox select{width: auto;}</style>';
    2683. 

  2683. 	$formurl = "members&operation=$operation".($_GET['do'] == 'mobile' ? '&do=mobile' : '');
    2684. 

  2684. 	showformheader($formurl, "onSubmit=\"if($('updatecredittype1') && $('updatecredittype1').checked && !window.confirm('$lang[members_reward_clean_alarm]')){return false;} else {return true;}\"");
    2685. 

  2685. 	showtableheader();
    2686. 

  2686. 	if(isset($_G['setting']['membersplit'])) {
    2687. 

  2687. 		showsetting('members_search_table', '', '', '<select name="tablename" ><option value="master">'.$lang['members_search_table_master'].'</option><option value="archive">'.$lang['members_search_table_archive'].'</option></select>');
    2688. 

  2688. 	}
    2689. 

  2689. 	showsetting('members_search_user', 'username', $_GET['username'], 'text');
    2690. 

  2690. 	showsetting('members_search_uid', 'uid', $_GET['uid'], 'text');
    2691. 

  2691. 	showsetting('members_search_group', '', '', '<select name="groupid[]" multiple="multiple" size="10">'.$groupselect.'</select>');
    2692. 

  2692. 	showtablefooter();
    2693. 

  2693. 

  2694. 	showtableheader();
    2695. 

  2695. 	showtagheader('tbody', 'advanceoption');
    2696. 

  2696. 	$_G['showsetting_multirow'] = 1;
    2697. 

  2697. 	if(empty($medalselect)) {
    2698. 

  2698. 		$medalselect = '<option value="">'.cplang('members_search_nonemedal').'</option>';
    2699. 

  2699. 	}
    2700. 

  2700. 	if(empty($usertagselect)) {
    2701. 

  2701. 		$usertagselect = '<option value="">'.cplang('members_search_noneusertags').'</option>';
    2702. 

  2702. 	}
    2703. 

  2703. 	showsetting('members_search_medal', '', '', '<select name="medalid[]" multiple="multiple" size="10">'.$medalselect.'</select>');
    2704. 

  2704. 	showsetting('members_search_usertag', '', '', '<select name="tagid[]" multiple="multiple" size="10">'.$usertagselect.'</select>');
    2705. 

  2705. 	if(!empty($_G['setting']['connect']['allow'])) {
    2706. 

  2706. 		showsetting('members_search_conisbind', array('conisbind', array(
    2707. 

  2707. 			array(1, $lang['yes']),
    2708. 

  2708. 			array(0, $lang['no']),
    2709. 

  2709. 		), 1), $_GET['conisbind'], 'mradio');
    2710. 

  2710. 		showsetting('members_search_uinblacklist', array('uin_low', array(
    2711. 

  2711. 			array(1, $lang['yes']),
    2712. 

  2712. 			array(0, $lang['no']),
    2713. 

  2713. 		), 1), $_GET['uin_low'], 'mradio');
    2714. 

  2714. 	}
    2715. 

  2715. 	showsetting('members_search_online', array('sid_noempty', array(
    2716. 

  2716. 		array(1, $lang['yes']),
    2717. 

  2717. 		array(0, $lang['no']),
    2718. 

  2718. 	), 1), $_GET['online'], 'mradio');
    2719. 

  2719. 	showsetting('members_search_lockstatus', array('status', array(
    2720. 

  2720. 		array(-1, $lang['yes']),
    2721. 

  2721. 		array(0, $lang['no']),
    2722. 

  2722. 	), 1), $_GET['status'], 'mradio');
    2723. 

  2723. 	showsetting('members_search_emailstatus', array('emailstatus', array(
    2724. 

  2724. 		array(1, $lang['yes']),
    2725. 

  2725. 		array(0, $lang['no']),
    2726. 

  2726. 	), 1), $_GET['emailstatus'], 'mradio');
    2727. 

  2727. 	showsetting('members_search_avatarstatus', array('avatarstatus', array(
    2728. 

  2728. 		array(1, $lang['yes']),
    2729. 

  2729. 		array(0, $lang['no']),
    2730. 

  2730. 	), 1), $_GET['avatarstatus'], 'mradio');
    2731. 

  2731. 	showsetting('members_search_email', 'email', $_GET['email'], 'text');
    2732. 

  2732. 	showsetting("$lang[credits] $lang[members_search_between]", array("credits_low", "credits_high"), array($_GET['credits_low'], $_GET['credtis_high']), 'range');
    2733. 

  2733. 

  2734. 	if(!empty($_G['setting']['extcredits'])) {
    2735. 

  2735. 		foreach($_G['setting']['extcredits'] as $id => $credit) {
    2736. 

  2736. 			showsetting("$credit[title] $lang[members_search_between]", array("extcredits$id"."_low", "extcredits$id"."_high"), array($_GET['extcredits'.$id.'_low'], $_GET['extcredits'.$id.'_high']), 'range');
    2737. 

  2737. 		}
    2738. 

  2738. 	}
    2739. 

  2739. 

  2740. 	showsetting('members_search_friendsrange', array('friends_low', 'friends_high'), array($_GET['friends_low'], $_GET['friends_high']), 'range');
    2741. 

  2741. 	showsetting('members_search_postsrange', array('posts_low', 'posts_high'), array($_GET['posts_low'], $_GET['posts_high']), 'range');
    2742. 

  2742. 	showsetting('members_search_regip', 'regip', $_GET['regip'], 'text');
    2743. 

  2743. 	showsetting('members_search_lastip', 'lastip', $_GET['lastip'], 'text');
    2744. 

  2744. 	showsetting('members_search_oltimerange', array('oltime_low', 'oltime_high'), array($_GET['oltime_low'], $_GET['oltime_high']), 'range');
    2745. 

  2745. 	showsetting('members_search_regdaterange', array('regdate_after', 'regdate_before'), array($_GET['regdate_after'], $_GET['regdate_before']), 'daterange');
    2746. 

  2746. 	showsetting('members_search_lastvisitrange', array('lastvisit_after', 'lastvisit_before'), array($_GET['lastvisit_after'], $_GET['lastvisit_before']), 'daterange');
    2747. 

  2747. 	showsetting('members_search_lastpostrange', array('lastpost_after', 'lastpost_before'), array($_GET['lastpost_after'], $_GET['lastpost_before']), 'daterange');
    2748. 

  2748. 	showsetting('members_search_group_fid', 'fid', $_GET['fid'], 'text');
    2749. 

  2749. 	if($_G['setting']['verify']) {
    2750. 

  2750. 		$verifydata = array();
    2751. 

  2751. 		foreach($_G['setting']['verify'] as $key => $value) {
    2752. 

  2752. 			if($value['available']) {
    2753. 

  2753. 				$verifydata[] = array('verify'.$key, $value['title']);
    2754. 

  2754. 			}
    2755. 

  2755. 		}
    2756. 

  2756. 		if(!empty($verifydata)) {
    2757. 

  2757. 			showsetting('members_search_verify', array('verify', $verifydata), $_GET['verify'], 'mcheckbox');
    2758. 

  2758. 		}
    2759. 

  2759. 	}
    2760. 

  2760. 	$yearselect = $monthselect = $dayselect = "<option value=\"\">".cplang('nolimit')."</option>\n";
    2761. 

  2761. 	$yy=dgmdate(TIMESTAMP, 'Y');
    2762. 

  2762. 	for($y=$yy; $y>=$yy-100; $y--) {
    2763. 

  2763. 		$y = sprintf("%04d", $y);
    2764. 

  2764. 		$yearselect .= "<option value=\"$y\" ".($_GET['birthyear'] == $y ? 'selected' : '').">$y</option>\n";
    2765. 

  2765. 	}
    2766. 

  2766. 	for($m=1; $m<=12; $m++) {
    2767. 

  2767. 		$m = sprintf("%02d", $m);
    2768. 

  2768. 		$monthselect .= "<option value=\"$m\" ".($_GET['birthmonth'] == $m ? 'selected' : '').">$m</option>\n";
    2769. 

  2769. 	}
    2770. 

  2770. 	for($d=1; $d<=31; $d++) {
    2771. 

  2771. 		$d = sprintf("%02d", $d);
    2772. 

  2772. 		$dayselect .= "<option value=\"$d\" ".($_GET['birthday'] == $d ? 'selected' : '').">$d</option>\n";
    2773. 

  2773. 	}
    2774. 

  2774. 	showsetting('members_search_birthday', '', '', '<select class="txt" name="birthyear" style="width:75px; margin-right:0">'.$yearselect.'</select> '.$lang['year'].' <select class="txt" name="birthmonth" style="width:75px; margin-right:0">'.$monthselect.'</select> '.$lang['month'].' <select class="txt" name="birthday" style="width:75px; margin-right:0">'.$dayselect.'</select> '.$lang['day']);
    2775. 

  2775. 

  2776. 	loadcache('profilesetting');
    2777. 

  2777. 	unset($_G['cache']['profilesetting']['uid']);
    2778. 

  2778. 	unset($_G['cache']['profilesetting']['birthyear']);
    2779. 

  2779. 	unset($_G['cache']['profilesetting']['birthmonth']);
    2780. 

  2780. 	unset($_G['cache']['profilesetting']['birthday']);
    2781. 

  2781. 	require_once libfile('function/profile');
    2782. 

  2782. 	foreach($_G['cache']['profilesetting'] as $fieldid=>$value) {
    2783. 

  2783. 		if(!$value['available'] || in_array($fieldid, array('birthprovince', 'birthdist', 'birthcommunity', 'resideprovince', 'residedist', 'residecommunity'))) {
    2784. 

  2784. 			continue;
    2785. 

  2785. 		}
    2786. 

  2786. 		if($fieldid == 'gender') {
    2787. 

  2787. 			$select = "<option value=\"\">".cplang('nolimit')."</option>\n";
    2788. 

  2788. 			$select .= "<option value=\"0\">".cplang('members_edit_gender_secret')."</option>\n";
    2789. 

  2789. 			$select .= "<option value=\"1\">".cplang('members_edit_gender_male')."</option>\n";
    2790. 

  2790. 			$select .= "<option value=\"2\">".cplang('members_edit_gender_female')."</option>\n";
    2791. 

  2791. 			showsetting($value['title'], '', '', '<select class="txt" name="gender">'.$select.'</select>');
    2792. 

  2792. 		} elseif($fieldid == 'birthcity') {
    2793. 

  2793. 			$elems = array('birthprovince', 'birthcity', 'birthdist', 'birthcommunity');
    2794. 

  2794. 			showsetting($value['title'], '', '', '<div id="birthdistrictbox">'.showdistrict(array(0,0,0,0), $elems, 'birthdistrictbox', 1, 'birth').'</div>');
    2795. 

  2795. 		} elseif($fieldid == 'residecity') {
    2796. 

  2796. 			$elems = array('resideprovince', 'residecity', 'residedist', 'residecommunity');
    2797. 

  2797. 			showsetting($value['title'], '', '', '<div id="residedistrictbox">'.showdistrict(array(0,0,0,0), $elems, 'residedistrictbox', 1, 'reside').'</div>');
    2798. 

  2798. 		} elseif($fieldid == 'constellation') {
    2799. 

  2799. 			$select = "<option value=\"\">".cplang('nolimit')."</option>\n";
    2800. 

  2800. 			for($i=1; $i<=12; $i++) {
    2801. 

  2801. 				$name = lang('space', 'constellation_'.$i);
    2802. 

  2802. 				$select .= "<option value=\"$name\">$name</option>\n";
    2803. 

  2803. 			}
    2804. 

  2804. 			showsetting($value['title'], '', '', '<select class="txt" name="constellation">'.$select.'</select>');
    2805. 

  2805. 		} elseif($fieldid == 'zodiac') {
    2806. 

  2806. 			$select = "<option value=\"\">".cplang('nolimit')."</option>\n";
    2807. 

  2807. 			for($i=1; $i<=12; $i++) {
    2808. 

  2808. 				$option = lang('space', 'zodiac_'.$i);
    2809. 

  2809. 				$select .= "<option value=\"$option\">$option</option>\n";
    2810. 

  2810. 			}
    2811. 

  2811. 			showsetting($value['title'], '', '', '<select class="txt" name="zodiac">'.$select.'</select>');
    2812. 

  2812. 		} elseif($value['formtype'] == 'select' || $value['formtype'] == 'list') {
    2813. 

  2813. 			$select = "<option value=\"\">".cplang('nolimit')."</option>\n";
    2814. 

  2814. 			$value['choices'] = explode("\n",$value['choices']);
    2815. 

  2815. 			foreach($value['choices'] as $option) {
    2816. 

  2816. 				$option = trim($option);
    2817. 

  2817. 				$select .= "<option value=\"$option\">$option</option>\n";
    2818. 

  2818. 			}
    2819. 

  2819. 			showsetting($value['title'], '', '', '<select class="txt" name="'.$fieldid.'">'.$select.'</select>');
    2820. 

  2820. 		} else {
    2821. 

  2821. 			showsetting($value['title'], '', '', '<input class="txt" name="'.$fieldid.'" />');
    2822. 

  2822. 		}
    2823. 

  2823. 	}
    2824. 

  2824. 	showtagfooter('tbody');
    2825. 

  2825. 	$_G['showsetting_multirow'] = 0;
    2826. 

  2826. 	showsubmit('submit', $operation == 'clean' ? 'members_delete' : 'search', '', 'more_options');
    2827. 

  2827. 	showtablefooter();
    2828. 

  2828. 	showformfooter();
    2829. 

  2829. 	showtagfooter('div');
    2830. 

  2830. }
    2831. 

  2831. 

  2832. function searchcondition($condition) {
    2833. 

  2833. 	include_once libfile('class/membersearch');
    2834. 

  2834. 	$ms = new membersearch();
    2835. 

  2835. 	return $ms->filtercondition($condition);
    2836. 

  2836. }
    2837. 

  2837. 

  2838. function searchmembers($condition, $limit=2000, $start=0) {
    2839. 

  2839. 	include_once libfile('class/membersearch');
    2840. 

  2840. 	$ms = new membersearch();
    2841. 

  2841. 	return $ms->search($condition, $limit, $start);
    2842. 

  2842. }
    2843. 

  2843. 

  2844. function countmembers($condition, &$urladd) {
    2845. 

  2845. 

  2846. 	$urladd = '';
    2847. 

  2847. 	foreach($condition as $k => $v) {
    2848. 

  2848. 		if(in_array($k, array('formhash', 'submit', 'page')) || $v === '') {
    2849. 

  2849. 			continue;
    2850. 

  2850. 		}
    2851. 

  2851. 		if(is_array($v)) {
    2852. 

  2852. 			foreach($v as $vk => $vv) {
    2853. 

  2853. 				if($vv === '') {
    2854. 

  2854. 					continue;
    2855. 

  2855. 				}
    2856. 

  2856. 				$urladd .= '&'.$k.'['.$vk.']='.rawurlencode($vv);
    2857. 

  2857. 			}
    2858. 

  2858. 		} else {
    2859. 

  2859. 			$urladd .= '&'.$k.'='.rawurlencode($v);
    2860. 

  2860. 		}
    2861. 

  2861. 	}
    2862. 

  2862. 	include_once libfile('class/membersearch');
    2863. 

  2863. 	$ms = new membersearch();
    2864. 

  2864. 	return $ms->getcount($condition);
    2865. 

  2865. }
    2866. 

  2866. 

  2867. function shownewsletter() {
    2868. 

  2868. 	global $lang;
    2869. 

  2869. 

  2870. 	showtableheader();
    2871. 

  2871. 	showsetting('members_newsletter_subject', 'subject', '', 'text');
    2872. 

  2872. 	showsetting('members_newsletter_message', 'message', '', 'textarea');
    2873. 

  2873. 	if($_GET['do'] == 'mobile') {
    2874. 

  2874. 		showsetting('members_newsletter_system', 'system', 0, 'radio');
    2875. 

  2875. 		showhiddenfields(array('notifymembers' => 'mobile'));
    2876. 

  2876. 	} else {
    2877. 

  2877. 		showsetting('members_newsletter_method', array('notifymembers', array(
    2878. 

  2878. 			    array('email', $lang['email'], array('pmextra' => 'none', 'posttype' => '')),
    2879. 

  2879. 			    array('notice', $lang['notice'], array('pmextra' => 'none', 'posttype' => '')),
    2880. 

  2880. 			    array('pm', $lang['grouppm'], array('pmextra' => '', 'posttype' => 'none'))
    2881. 

  2881. 			)), 'pm', 'mradio');
    2882. 

  2882. 		showtagheader('tbody', 'posttype', '', 'sub');
    2883. 

  2883. 		showsetting('members_newsletter_posttype', array('posttype', array(
    2884. 

  2884. 				array(0, cplang('members_newsletter_posttype_text')),
    2885. 

  2885. 				array(1, cplang('members_newsletter_posttype_html')),
    2886. 

  2886. 			), TRUE), '0', 'mradio');
    2887. 

  2887. 		showtagfooter('tbody');
    2888. 

  2888. 		showtagheader('tbody', 'pmextra', true, 'sub');
    2889. 

  2889. 		showsetting('members_newsletter_system', 'system', 0, 'radio');
    2890. 

  2890. 		showtagfooter('tbody');
    2891. 

  2891. 	}
    2892. 

  2892. 	showsetting('members_newsletter_num', 'pertask', 100, 'text');
    2893. 

  2893. 	showtablefooter();
    2894. 

  2894. 

  2895. }
    2896. 

  2896. 

  2897. function notifymembers($operation, $variable) {
    2898. 

  2898. 	global $_G, $lang, $urladd, $conditions, $search_condition;
    2899. 

  2899. 

  2900. 	if(!empty($_GET['current'])) {
    2901. 

  2901. 

  2902. 		$subject = $message = '';
    2903. 

  2903. 		if($settings = C::t('common_setting')->fetch($variable, true)) {
    2904. 

  2904. 			$subject = $settings['subject'];
    2905. 

  2905. 			$message = $settings['message'];
    2906. 

  2906. 		}
    2907. 

  2907. 

  2908. 		$setarr = array();
    2909. 

  2909. 		foreach($_G['setting']['extcredits'] as $id => $value) {
    2910. 

  2910. 			if(isset($_GET['extcredits'.$id])) {
    2911. 

  2911. 				if($_GET['updatecredittype'] == 0) {
    2912. 

  2912. 					$setarr['extcredits'.$id] = $_GET['extcredits'.$id];
    2913. 

  2913. 				} else {
    2914. 

  2914. 					$setarr[] = 'extcredits'.$id;
    2915. 

  2915. 				}
    2916. 

  2916. 			}
    2917. 

  2917. 		}
    2918. 

  2918. 

  2919. 	} else {
    2920. 

  2920. 

  2921. 		$current = 0;
    2922. 

  2922. 		$subject = $_GET['subject'];
    2923. 

  2923. 		$message = $_GET['message'];
    2924. 

  2924. 		$subject = trim($subject);
    2925. 

  2925. 		$message = trim(str_replace("\t", ' ', $message));
    2926. 

  2926. 		$addmsg = '';
    2927. 

  2927. 		if(($_GET['notifymembers'] && $_GET['notifymember']) && !($subject && $message)) {
    2928. 

  2928. 			cpmsg('members_newsletter_sm_invalid', '', 'error');
    2929. 

  2929. 		}
    2930. 

  2930. 

  2931. 		if($operation == 'reward') {
    2932. 

  2932. 

  2933. 			$serarr = array();
    2934. 

  2934. 			if($_GET['updatecredittype'] == 0) {
    2935. 

  2935. 				if(is_array($_GET['addextcredits']) && !empty($_GET['addextcredits'])) {
    2936. 

  2936. 					foreach($_GET['addextcredits'] as $key => $value) {
    2937. 

  2937. 						$value = intval($value);
    2938. 

  2938. 						if(isset($_G['setting']['extcredits'][$key]) && !empty($value)) {
    2939. 

  2939. 							$setarr['extcredits'.$key] = $value;
    2940. 

  2940. 							$addmsg .= $_G['setting']['extcredits'][$key]['title'].": ".($value > 0 ? '<em class="xi1">+' : '<em class="xg1">')."$value</em> ".$_G['setting']['extcredits'][$key]['unit'].' &nbsp; ';
    2941. 

  2941. 						}
    2942. 

  2942. 					}
    2943. 

  2943. 				}
    2944. 

  2944. 			} else {
    2945. 

  2945. 				if(is_array($_GET['resetextcredits']) && !empty($_GET['resetextcredits'])) {
    2946. 

  2946. 					foreach($_GET['resetextcredits'] as $key => $value) {
    2947. 

  2947. 						$value = intval($value);
    2948. 

  2948. 						if(isset($_G['setting']['extcredits'][$key]) && !empty($value)) {
    2949. 

  2949. 							$setarr[] = 'extcredits'.$key;
    2950. 

  2950. 							$addmsg .= $_G['setting']['extcredits'][$key]['title'].': <em class="xg1">'.cplang('members_reward_clean').'</em> &nbsp; ';
    2951. 

  2951. 						}
    2952. 

  2952. 					}
    2953. 

  2953. 				}
    2954. 

  2954. 			}
    2955. 

  2955. 			if($addmsg) {
    2956. 

  2956. 				$addmsg  = ' &nbsp; <br /><br /><b>'.cplang('members_reward_affect').':</b><br \>'.$addmsg;
    2957. 

  2957. 			}
    2958. 

  2958. 

  2959. 			if(!empty($setarr)) {
    2960. 

  2960. 				$limit = 2000;
    2961. 

  2961. 				set_time_limit(0);
    2962. 

  2962. 				while(true) {
    2963. 

  2963. 					$uids = searchmembers($search_condition, $limit, $i*$limit);
    2964. 

  2964. 					$allcount = C::t('common_member_count')->fetch_all($uids);
    2965. 

  2965. 					$insertmember = array_diff($uids, array_keys($allcount));
    2966. 

  2966. 					foreach($insertmember as $uid) {
    2967. 

  2967. 						C::t('common_member_count')->insert(array('uid' => $uid));
    2968. 

  2968. 					}
    2969. 

  2969. 					if($_GET['updatecredittype'] == 0) {
    2970. 

  2970. 						C::t('common_member_count')->increase($uids, $setarr);
    2971. 

  2971. 					} else {
    2972. 

  2972. 						C::t('common_member_count')->clear_extcredits($uids, $setarr);
    2973. 

  2973. 					}
    2974. 

  2974. 					if(count($uids) < $limit) break;
    2975. 

  2975. 				}
    2976. 

  2976. 			} else {
    2977. 

  2977. 				cpmsg('members_reward_invalid', '', 'error');
    2978. 

  2978. 			}
    2979. 

  2979. 

  2980. 			if(!$_GET['notifymembers']) {
    2981. 

  2981. 				cpmsg('members_reward_succeed', '', 'succeed');
    2982. 

  2982. 			}
    2983. 

  2983. 

  2984. 		} elseif ($operation == 'confermedal') {
    2985. 

  2985. 

  2986. 			$medals = $_GET['medals'];
    2987. 

  2987. 			if(!empty($medals)) {
    2988. 

  2988. 				$medalids = array();
    2989. 

  2989. 				foreach($medals as $key => $medalid) {
    2990. 

  2990. 					$medalids[] = $key;
    2991. 

  2991. 				}
    2992. 

  2992. 

  2993. 				$medalsnew = $comma = '';
    2994. 

  2994. 				$medalsnewarray = $medalidarray = array();
    2995. 

  2995. 				foreach(C::t('forum_medal')->fetch_all_by_id($medalids) as $medal) {
    2996. 

  2996. 					$medal['status'] = empty($medal['expiration']) ? 0 : 1;
    2997. 

  2997. 					$medal['expiration'] = empty($medal['expiration'])? 0 : TIMESTAMP + $medal['expiration'] * 86400;
    2998. 

  2998. 					$medal['medal'] = $medal['medalid'].(empty($medal['expiration']) ? '' : '|'.$medal['expiration']);
    2999. 

  2999. 					$medalsnew .= $comma.$medal['medal'];
    3000. 

  3000. 					$medalsnewarray[] = $medal;
    3001. 

  3001. 					$medalidarray[] = $medal['medalid'];
    3002. 

  3002. 					$comma = "\t";
    3003. 

  3003. 				}
    3004. 

  3004. 

  3005. 				$uids = searchmembers($search_condition);
    3006. 

  3006. 				if($uids) {
    3007. 

  3007. 					foreach(C::t('common_member_field_forum')->fetch_all($uids) as $uid => $medalnew) {
    3008. 

  3008. 						$usermedal = array();
    3009. 

  3009. 						$addmedalnew = '';
    3010. 

  3010. 						if(empty($medalnew['medals'])) {
    3011. 

  3011. 							$addmedalnew = $medalsnew;
    3012. 

  3012. 						} else {
    3013. 

  3013. 							foreach($medalidarray as $medalid) {
    3014. 

  3014. 								$usermedal_arr = explode("\t", $medalnew['medals']);
    3015. 

  3015. 								foreach($usermedal_arr AS $key => $medalval) {
    3016. 

  3016. 									list($usermedalid,) = explode("|", $medalval);
    3017. 

  3017. 									$usermedal[] = $usermedalid;
    3018. 

  3018. 								}
    3019. 

  3019. 								if(!in_array($medalid, $usermedal)){
    3020. 

  3020. 									$addmedalnew .= $medalid."\t";
    3021. 

  3021. 								}
    3022. 

  3022. 							}
    3023. 

  3023. 							$addmedalnew .= $medalnew['medals'];
    3024. 

  3024. 						}
    3025. 

  3025. 						C::t('common_member_field_forum')->update($medalnew['uid'], array('medals' => $addmedalnew), true);
    3026. 

  3026. 						foreach($medalsnewarray as $medalnewarray) {
    3027. 

  3027. 							$data = array(
    3028. 

  3028. 								'uid' => $medalnew['uid'],
    3029. 

  3029. 								'medalid' => $medalnewarray['medalid'],
    3030. 

  3030. 								'type' => 0,
    3031. 

  3031. 								'dateline' => $_G['timestamp'],
    3032. 

  3032. 								'expiration' => $medalnewarray['expiration'],
    3033. 

  3033. 								'status' => $medalnewarray['status'],
    3034. 

  3034. 							);
    3035. 

  3035. 							C::t('forum_medallog')->insert($data);
    3036. 

  3036. 							C::t('common_member_medal')->insert(array('uid' => $medalnew['uid'], 'medalid' => $medalnewarray['medalid']), 0, 1);
    3037. 

  3037. 						}
    3038. 

  3038. 					}
    3039. 

  3039. 				}
    3040. 

  3040. 			}
    3041. 

  3041. 

  3042. 			if(!$_GET['notifymember']) {
    3043. 

  3043. 				cpmsg('members_confermedal_succeed', '', 'succeed');
    3044. 

  3044. 			}
    3045. 

  3045. 		} elseif ($operation == 'confermagic') {
    3046. 

  3046. 			$magics = $_GET['magic'];
    3047. 

  3047. 			$magicnum = $_GET['magicnum'];
    3048. 

  3048. 			if($magics) {
    3049. 

  3049. 				require_once libfile('function/magic');
    3050. 

  3050. 				$limit = 200;
    3051. 

  3051. 				set_time_limit(0);
    3052. 

  3052. 				for($i=0; $i > -1; $i++) {
    3053. 

  3053. 					$uids = searchmembers($search_condition, $limit, $i*$limit);
    3054. 

  3054. 

  3055. 					foreach($magics as $magicid) {
    3056. 

  3056. 						$uparray = $insarray = array();
    3057. 

  3057. 						if(empty($magicnum[$magicid])) {
    3058. 

  3058. 							continue;
    3059. 

  3059. 						}
    3060. 

  3060. 						$query = C::t('common_member_magic')->fetch_all($uids ? $uids : -1, $magicid);
    3061. 

  3061. 						foreach($query as $row) {
    3062. 

  3062. 							$uparray[] = $row['uid'];
    3063. 

  3063. 						}
    3064. 

  3064. 						if($uparray) {
    3065. 

  3065. 							C::t('common_member_magic')->increase($uparray, $magicid, array('num' => $magicnum[$magicid]));
    3066. 

  3066. 						}
    3067. 

  3067. 						$insarray = array_diff($uids, $uparray);
    3068. 

  3068. 						if($insarray) {
    3069. 

  3069. 							$sqls = array();
    3070. 

  3070. 							foreach($insarray as $uid) {
    3071. 

  3071. 								C::t('common_member_magic')->insert(array(
    3072. 

  3072. 									'uid' => $uid,
    3073. 

  3073. 									'magicid' => $magicid,
    3074. 

  3074. 									'num' => $magicnum[$magicid]
    3075. 

  3075. 								));
    3076. 

  3076. 							}
    3077. 

  3077. 						}
    3078. 

  3078. 						foreach($uids as $uid) {
    3079. 

  3079. 							updatemagiclog($magicid, '3', $magicnum[$magicid], '', $uid);
    3080. 

  3080. 						}
    3081. 

  3081. 					}
    3082. 

  3082. 					if(count($uids) < $limit) break;
    3083. 

  3083. 				}
    3084. 

  3084. 			}
    3085. 

  3085. 		}
    3086. 

  3086. 

  3087. 		C::t('common_setting')->update($variable, array('subject' => $subject, 'message' => $message));
    3088. 

  3088. 	}
    3089. 

  3089. 

  3090. 	$pertask = intval($_GET['pertask']);
    3091. 

  3091. 	$current = $_GET['current'] ? intval($_GET['current']) : 0;
    3092. 

  3092. 	$continue = FALSE;
    3093. 

  3093. 

  3094. 	if(!function_exists('sendmail')) {
    3095. 

  3095. 		include libfile('function/mail');
    3096. 

  3096. 	}
    3097. 

  3097. 	if($_GET['notifymember'] && in_array($_GET['notifymembers'], array('pm', 'notice', 'email', 'mobile'))) {
    3098. 

  3098. 		$uids = searchmembers($search_condition, $pertask, $current);
    3099. 

  3099. 

  3100. 		require_once libfile('function/discuzcode');
    3101. 

  3101. 		$message = in_array($_GET['notifymembers'], array('email','notice')) && $_GET['posttype'] ? discuzcode($message, 1, 0, 1, '', '' ,'' ,1) : discuzcode($message, 1, 0);
    3102. 

  3102. 		$pmuids = array();
    3103. 

  3103. 		if($_GET['notifymembers'] == 'pm') {
    3104. 

  3104. 			$membernum = countmembers($search_condition, $urladd);
    3105. 

  3105. 			$gpmid = $_GET['gpmid'];
    3106. 

  3106. 			if(!$gpmid) {
    3107. 

  3107. 				$pmdata = array(
    3108. 

  3108. 						'authorid' => $_G['uid'],
    3109. 

  3109. 						'author' => !$_GET['system'] ? $_G['member']['username'] : '',
    3110. 

  3110. 						'dateline' => TIMESTAMP,
    3111. 

  3111. 						'message' => ($subject ? '<b>'.$subject.'</b><br /> &nbsp; ' : '').$message.$addmsg,
    3112. 

  3112. 						'numbers' => $membernum
    3113. 

  3113. 					);
    3114. 

  3114. 				$gpmid = C::t('common_grouppm')->insert($pmdata, true);
    3115. 

  3115. 			}
    3116. 

  3116. 			$urladd .= '&gpmid='.$gpmid;
    3117. 

  3117. 		}
    3118. 

  3118. 		$members = C::t('common_member')->fetch_all($uids);
    3119. 

  3119. 		if($_GET['notifymembers'] == 'mobile') {
    3120. 

  3120. 			$toUids = array_keys($members);
    3121. 

  3121. 			if($_G['setting']['cloud_status'] && !empty($toUids)) {
    3122. 

  3122. 				try {
    3123. 

  3123. 					$noticeService = Cloud::loadClass('Service_Client_Notification');
    3124. 

  3124. 					$fromType = $_GET['system'] ? 1 : 2;
    3125. 

  3125. 					$noticeService->addSiteMasterUserNotify($toUids, $subject, $message, $_G['uid'], $_G['username'], $fromType, TIMESTAMP);
    3126. 

  3126. 				} catch (Cloud_Service_Client_RestfulException $e) {
    3127. 

  3127. 					cpmsg('['.$e->getCode().']'.$e->getMessage(), '', 'error');
    3128. 

  3128. 				}
    3129. 

  3129. 

  3130. 			}
    3131. 

  3131. 		} else {
    3132. 

  3132. 			foreach($members as $member) {
    3133. 

  3133. 				if($_GET['notifymembers'] == 'pm') {
    3134. 

  3134. 					C::t('common_member_grouppm')->insert(array(
    3135. 

  3135. 						'uid' => $member['uid'],
    3136. 

  3136. 						'gpmid' => $gpmid,
    3137. 

  3137. 						'status' => 0
    3138. 

  3138. 					), false, true);
    3139. 

  3139. 					$newpm = setstatus(2, 1, $member['newpm']);
    3140. 

  3140. 					C::t('common_member')->update($member['uid'], array('newpm'=>$newpm));
    3141. 

  3141. 				} elseif($_GET['notifymembers'] == 'notice') {
    3142. 

  3142. 					notification_add($member['uid'], 'system', 'system_notice', array('subject' => $subject, 'message' => $message.$addmsg, 'from_id' => 0, 'from_idtype' => 'sendnotice'), 1);
    3143. 

  3143. 				} elseif($_GET['notifymembers'] == 'email') {
    3144. 

  3144. 					if(!sendmail("$member[username] <$member[email]>", $subject, $message.$addmsg)) {
    3145. 

  3145. 						runlog('sendmail', "$member[email] sendmail failed.");
    3146. 

  3146. 					}
    3147. 

  3147. 				}
    3148. 

  3148. 

  3149. 				$log = array();
    3150. 

  3150. 				if($_GET['updatecredittype'] == 0) {
    3151. 

  3151. 					foreach($setarr as $key => $val) {
    3152. 

  3152. 						if(empty($val)) continue;
    3153. 

  3153. 						$val = intval($val);
    3154. 

  3154. 						$id = intval($key);
    3155. 

  3155. 						$id = !$id && substr($key, 0, -1) == 'extcredits' ? intval(substr($key, -1, 1)) : $id;
    3156. 

  3156. 						if(0 < $id && $id < 9) {
    3157. 

  3157. 								$log['extcredits'.$id] = $val;
    3158. 

  3158. 						}
    3159. 

  3159. 					}
    3160. 

  3160. 					$logtype = 'RPR';
    3161. 

  3161. 				} else {
    3162. 

  3162. 					foreach($setarr as $val) {
    3163. 

  3163. 						if(empty($val)) continue;
    3164. 

  3164. 						$id = intval($val);
    3165. 

  3165. 						$id = !$id && substr($val, 0, -1) == 'extcredits' ? intval(substr($val, -1, 1)) : $id;
    3166. 

  3166. 						if(0 < $id && $id < 9) {
    3167. 

  3167. 							$log['extcredits'.$id] = '-1';
    3168. 

  3168. 						}
    3169. 

  3169. 					}
    3170. 

  3170. 					$logtype = 'RPZ';
    3171. 

  3171. 				}
    3172. 

  3172. 				include_once libfile('function/credit');
    3173. 

  3173. 				credit_log($member['uid'], $logtype, $member['uid'], $log);
    3174. 

  3174. 

  3175. 				$continue = TRUE;
    3176. 

  3176. 			}
    3177. 

  3177. 		}
    3178. 

  3178. 	}
    3179. 

  3179. 

  3180. 	$newsletter_detail = array();
    3181. 

  3181. 	if($continue) {
    3182. 

  3182. 		$next = $current + $pertask;
    3183. 

  3183. 		$newsletter_detail = array(
    3184. 

  3184. 			'uid' => $_G['uid'],
    3185. 

  3185. 			'current' => $current,
    3186. 

  3186. 			'next' => $next,
    3187. 

  3187. 			'search_condition' => serialize($search_condition),
    3188. 

  3188. 			'action' => "action=members&operation=$operation&{$operation}submit=yes&current=$next&pertask=$pertask&system={$_GET['system']}&posttype={$_GET['posttype']}&notifymember={$_GET['notifymember']}&notifymembers=".rawurlencode($_GET['notifymembers']).$urladd
    3189. 

  3189. 		);
    3190. 

  3190. 		save_newsletter('newsletter_detail', $newsletter_detail);
    3191. 

  3191. 

  3192. 		$logaddurl = '';
    3193. 

  3193. 		foreach($setarr as $k => $v) {
    3194. 

  3194. 			if($_GET['updatecredittype'] == 0) {
    3195. 

  3195. 				$logaddurl .= '&'.$k.'='.$v;
    3196. 

  3196. 			} else {
    3197. 

  3197. 				$logaddurl .= '&'.$v.'=-1';
    3198. 

  3198. 			}
    3199. 

  3199. 		}
    3200. 

  3200. 		$logaddurl .= '&updatecredittype='.$_GET['updatecredittype'];
    3201. 

  3201. 

  3202. 		cpmsg("$lang[members_newsletter_send]: ".cplang('members_newsletter_processing', array('current' => $current, 'next' => $next, 'search_condition' => serialize($search_condition))), "action=members&operation=$operation&{$operation}submit=yes&current=$next&pertask=$pertask&system={$_GET['system']}&posttype={$_GET['posttype']}&notifymember={$_GET['notifymember']}&notifymembers=".rawurlencode($_GET['notifymembers']).$urladd.$logaddurl, 'loadingform');
    3203. 

  3203. 	} else {
    3204. 

  3204. 		del_newsletter('newsletter_detail');
    3205. 

  3205. 

  3206. 		if($operation == 'reward' && $_GET['notifymembers'] == 'pm') {
    3207. 

  3207. 			$message = '';
    3208. 

  3208. 		} else {
    3209. 

  3209. 			$message = '_notify';
    3210. 

  3210. 		}
    3211. 

  3211. 		cpmsg('members'.($operation ? '_'.$operation : '').$message.'_succeed', '', 'succeed');
    3212. 

  3212. 	}
    3213. 

  3213. 

  3214. }
    3215. 

  3215. 

  3216. function banlog($username, $origgroupid, $newgroupid, $expiration, $reason, $status = 0) {
    3217. 

  3217. 	global $_G, $_POST;
    3218. 

  3218. 	$cloud_apps = dunserialize($_G['setting']['cloud_apps']);
    3219. 

  3219. 	if (isset($_POST['bannew']) && $_POST['formhash'] && $cloud_apps['security']['status'] == 'normal') {
    3220. 

  3220. 		$securityService = Cloud::loadClass('Service_Security');
    3221. 

  3221. 		if ($_POST['bannew']) {
    3222. 

  3222. 			$securityService->logBannedMember($username, $reason);
    3223. 

  3223. 		} else {
    3224. 

  3224. 			$securityService->updateMemberRecover($username);
    3225. 

  3225. 		}
    3226. 

  3226.     }
    3227. 

  3227. 	writelog('banlog', dhtmlspecialchars("$_G[timestamp]\t{$_G[member][username]}\t$_G[groupid]\t$_G[clientip]\t$username\t$origgroupid\t$newgroupid\t$expiration\t$reason\t$status"));
    3228. 

  3228. }
    3229. 

  3229. 

  3230. function selectday($varname, $dayarray) {
    3231. 

  3231. 	global $lang;
    3232. 

  3232. 	$selectday = '<select name="'.$varname.'">';
    3233. 

  3233. 	if($dayarray && is_array($dayarray)) {
    3234. 

  3234. 		foreach($dayarray as $day) {
    3235. 

  3235. 			$langday = $day.'_day';
    3236. 

  3236. 			$daydate = $day ? '('.dgmdate(TIMESTAMP + $day * 86400).')' : '';
    3237. 

  3237. 			$selectday .= '<option value='.$day.'>'.$lang[$langday].'&nbsp;'.$daydate.'</option>';
    3238. 

  3238. 		}
    3239. 

  3239. 	}
    3240. 

  3240. 	$selectday .= '</select>';
    3241. 

  3241. 

  3242. 	return $selectday;
    3243. 

  3243. }
    3244. 

  3244. 

  3245. function accessimg($access) {
    3246. 

  3246. 	return $access == -1 ? '<img src="static/image/common/access_disallow.gif" />' :
    3247. 

  3247. 		($access == 1 ? '<img src="static/image/common/access_allow.gif" />' : '<img src="static/image/common/access_normal.gif" />');
    3248. 

  3248. }
    3249. 

  3249. 

  3250. function connectunbind($member) {
    3251. 

  3251. 	global $_G;
    3252. 

  3252. 	if(!$member['conopenid']) {
    3253. 

  3253. 		return;
    3254. 

  3254. 	}
    3255. 

  3255. 	$_G['member'] = array_merge($_G['member'], $member);
    3256. 

  3256. 	$connectService = Cloud::loadClass('Service_Connect');
    3257. 

  3257. 	$connectService->connectUserUnbind();
    3258. 

  3258. 

  3259. 	C::t('#qqconnect#connect_memberbindlog')->insert(array('uid' => $member['uid'], 'uin' => $member['conopenid'], 'type' => '2', 'dateline' => $_G['timestamp']));
    3260. 

  3260. 	C::t('common_member')->update($member['uid'], array('conisbind'=>0));
    3261. 

  3261. 	C::t('#qqconnect#common_member_connect')->delete($member['uid']);
    3262. 

  3262. }
    3263. 

  3263. 

  3264. function save_newsletter($cachename, $data) {
    3265. 

  3265. 	C::t('common_cache')->insert(array('cachekey' => $cachename, 'cachevalue' => serialize($data), 'dateline' => TIMESTAMP), false, true);
    3266. 

  3266. }
    3267. 

  3267. 

  3268. function del_newsletter($cachename) {
    3269. 

  3269. 	C::t('common_cache')->delete($cachename);
    3270. 

  3270. }
    3271. 

  3271. 

  3272. function get_newsletter($cachename) {
    3273. 

  3273. 	foreach(C::t('common_cache')->fetch_all($cachename) as $result) {
    3274. 

  3274. 		$data = $result['cachevalue'];
    3275. 

  3275. 	}
    3276. 

  3276. 	return $data;
    3277. 

  3277. }
    3278. 

  3278. 

  3279. ?>
    3280.