登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 3 Fork 2

mojie126 / HDCN-PT

代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
staffbox.php 9.89 KB
一键复制 编辑 原始数据 按行查看 历史
mojie126 提交于 2015-01-16 20:19 . 邀请邮件函数统一化
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251
<?php

require "include/bittorrent.php";

dbconn();

require_once(get_langfile_path());

loggedinorreturn();

if (get_user_class() < $staffmem_class)

	permissiondenied();



$action = $_GET["action"];



///////////////////////////

//        SHOW PM'S        //

/////////////////////////



if (!$action) {

	stdhead($lang_staffbox['head_staff_pm']);

	$url = $_SERVER[PHP_SELF] . "?";

	$count = get_row_count("staffmessages");

	$perpage = 20;

	list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $url);

	print ("<h1 align=center>" . $lang_staffbox['text_staff_pm'] . "</h1>");

	if ($count == 0) {

		stdmsg($lang_staffbox['std_sorry'], $lang_staffbox['std_no_messages_yet']);

	} else {

		begin_main_frame();

		print("<form method=post action=\"?action=takecontactanswered\">");

		print("<table width=950px border=1 cellspacing=0 cellpadding=5 align=center>\n");

		print("<tr>

			<td class=colhead align=left>" . $lang_staffbox['col_subject'] . "</td>

			<td class=colhead align=center>" . $lang_staffbox['col_sender'] . "</td>

			<td class=colhead align=center><nobr>" . $lang_staffbox['col_added'] . "</nobr></td>

			<td class=colhead align=center>" . $lang_staffbox['col_answered'] . "</td>

			<td class=colhead align=center><nobr>" . $lang_staffbox['col_action'] . "</nobr></td>

		</tr>");



		$res = sql_query("SELECT staffmessages.id, staffmessages.added, staffmessages.subject, staffmessages.answered, staffmessages.answeredby, staffmessages.sender, staffmessages.answer FROM staffmessages ORDER BY id desc $limit");



		while ($arr = mysql_fetch_assoc($res)) {

			if ($arr[answered]) {

				$answered = "<nobr><font color=green>" . $lang_staffbox['text_yes'] . "</font> - " . get_username($arr['answeredby']) . "</nobr>";

			} else

				$answered = "<font color=red>" . $lang_staffbox['text_no'] . "</font>";



			$pmid = $arr["id"];

			if ($arr['sender'] == '0') {

				$itissender = '系统';

				if (!$arr[answered])

					$action2 = "&action2=deal&id=$pmid";

			}

			else {

				$itissender = get_username($arr['sender']);

				$action2 = '';

			}

			print("<tr><td width=100% class=rowfollow align=left><a href=staffbox.php?action=viewpm&pmid=$pmid$action2>" . $arr[subject] . "</td><td class=rowfollow align=center>" . $itissender . "</td><td class=rowfollow align=center><nobr>" . gettime($arr[added], true, false) . "</nobr></td><td class=rowfollow align=center>$answered</td><td class=rowfollow align=center><input type=\"checkbox\" name=\"setanswered[]\" value=\"" . $arr[id] . "\" /></td></tr>\n");

		}

		print("<tr><td class=rowfollow align=right colspan=5><input class=\"btn\" type=\"button\" value=\"全选\" onclick=\"this.value = check(form, '全选', '全不选')\"><input type=\"submit\" name=\"setdealt\" value=\"" . $lang_staffbox['submit_set_answered'] . "\" /><input type=\"submit\" name=\"delete\" value=\"" . $lang_staffbox['submit_delete'] . "\" /></td></tr>");

		print("</table>\n");

		print("</form>");

		echo $pagerbottom;

		end_main_frame();

	}

	stdfoot();

}



//////////////////////////

//        VIEW PM'S        //

//////////////////////////



if ($action == "viewpm") {

	if (get_user_class() < $staffmem_class)

		permissiondenied();



	$pmid = 0 + $_GET["pmid"];



	$ress4 = sql_query("SELECT * FROM staffmessages WHERE id=" . sqlesc($pmid));

	$arr4 = mysql_fetch_assoc($ress4);



	$answeredby = get_username($arr4["answeredby"]);



	if (is_valid_id($arr4["sender"])) {

		$sender = get_username($arr4["sender"]);

	} else

		$sender = $lang_staffbox['text_system'];



	$subject = htmlspecialchars($arr4["subject"]);

	if ($arr4["answered"] == 1) {

		$colspan = "3";

		$width = "33";

	} else {

		$colspan = "2";

		$width = "50";

	}

	if ($arr4['goto'] == '1') {

		preg_match("/url=([^\[\s]+?)\]/", $arr4['msg'], $matches);

		echo $matches[1];

		sql_query("UPDATE staffmessages SET goto=0 WHERE id =" . sqlesc($pmid)) or sqlerr(__FILE__, __LINE__);

		header("Location: " . $matches[1]);

	}

	stdhead($lang_staffbox['head_view_staff_pm']);

	print("<h1 align=\"center\"><a class=\"faqlink\" href=\"staffbox.php\">" . $lang_staffbox['text_staff_pm'] . "</a>-->" . $subject . "</h1>");

	print("<table width=\"737\" border=\"0\" cellpadding=\"4\" cellspacing=\"0\">");

	print("<tr><td width=\"" . $width . "%\" class=\"colhead\" align=\"left\">" . $lang_staffbox['col_from'] . "</td>");

	if ($arr4["answered"] == 1)

		print("<td width=\"34%\" class=\"colhead\" align=\"left\">" . $lang_staffbox['col_answered_by'] . "</td>");

	print("<td width=\"" . $width . "%\" class=\"colhead\" align=\"left\">" . $lang_staffbox['col_date'] . "</td></tr>");

	print("<tr><td class=\"rowfollow\" align=\"left\">" . $sender . "</td>");

	if ($arr4["answered"] == 1)

		print("<td class=\"rowfollow\" align=\"left\">" . $answeredby . "</td>");

	print("<td class=\"rowfollow\" align=\"left\">" . gettime($arr4["added"]) . "</td></tr>");

	print("<tr><td colspan=\"" . $colspan . "\" align=\"left\">" . format_comment($arr4["msg"]) . "</td></tr>");

	if ($arr4["answered"] == 1 && $arr4["answer"]) {

		print("<tr><td colspan=\"" . $colspan . "\" align=\"left\">" . format_comment($arr4["answer"]) . "</td></tr>");

	}

	print("<tr><td colspan=\"" . $colspan . "\" align=\"right\">");

	print("<font color=white>");

	if ($arr4["answered"] == 0)

		print("[ <a href=\"staffbox.php?action=answermessage&receiver=" . $arr4['sender'] . "&answeringto=" . $arr4['id'] . "\">" . $lang_staffbox['text_reply'] . "</a> ] [ <a href=\"staffbox.php?action=setanswered&id=" . $arr4['id'] . "\">" . $lang_staffbox['text_mark_answered'] . "</a> ] ");

	print("[ <a href=\"staffbox.php?action=deletestaffmessage&id=" . $arr4["id"] . "\">" . $lang_staffbox['text_delete'] . "</a> ]");

	print("</font>");

	print("</td></tr>");

	print("</table>");

	stdfoot();

}

//////////////////////////

//        ANSWER MESSAGE        //

//////////////////////////



if ($action == "answermessage") {

	if (get_user_class() < $staffmem_class)

		permissiondenied();



	$answeringto = $_GET["answeringto"];

	$receiver = 0 + $_GET["receiver"];



	int_check($receiver, true);



	$res = sql_query("SELECT * FROM users WHERE id=$receiver") or die(mysql_error());

	$user = mysql_fetch_assoc($res);



	if (!$user)

		stderr($lang_staffbox['std_error'], $lang_staffbox['std_no_user_id']);



	$res2 = sql_query("SELECT * FROM staffmessages WHERE id=$answeringto") or die(mysql_error());

	$staffmsg = mysql_fetch_assoc($res2);

	stdhead($lang_staffbox['head_answer_to_staff_pm']);

	begin_main_frame();

	?>

	<form method="post" id="compose" name="message" action="?action=takeanswer">

		<?php if ($_GET["returnto"] || $_SERVER["HTTP_REFERER"]) { ?>

			<input type=hidden name=returnto value="<?php echo htmlspecialchars($_GET["returnto"]) ? htmlspecialchars($_GET["returnto"]) : htmlspecialchars($_SERVER["HTTP_REFERER"]) ?>">

		<?php } ?>

		<input type=hidden name=receiver value=<?php echo $receiver ?>>

		<input type=hidden name=answeringto value=<?php echo $answeringto ?>>

		<?php

		$title = $lang_staffbox['text_answering_to'] . "<a href=\"staffbox.php?action=viewpm&pmid=" . $staffmsg['id'] . "\">" . $staffmsg['subject'] . "</a>" . $lang_staffbox['text_sent_by'] . get_username($staffmsg['sender']);

		begin_compose($title, "reply", "", false);

		end_compose();

		print("</form>");

		end_main_frame();

		stdfoot();

	}



	//////////////////////////

	//        TAKE ANSWER        //

	//////////////////////////

	if ($action == "takeanswer") {

		if ($_SERVER["REQUEST_METHOD"] != "POST")

			die();



		if (get_user_class() < $staffmem_class)

			permissiondenied();



		$receiver = 0 + $_POST["receiver"];

		$answeringto = $_POST["answeringto"];



		int_check($receiver, true);



		$userid = $CURUSER["id"];



		$msg = trim($_POST["body"]);



		$message = sqlesc($msg);



		$added = "'" . date("Y-m-d H:i:s") . "'";



		if (!$msg)

			stderr($lang_staffbox['std_error'], $lang_staffbox['std_body_is_empty']);



		sql_query("INSERT INTO messages (sender, receiver, added, msg) VALUES($userid, $receiver, $added, $message)") or sqlerr(__FILE__, __LINE__);



		sql_query("UPDATE staffmessages SET answer=$message, answered='1', answeredby='$userid' WHERE id=$answeringto") or sqlerr(__FILE__, __LINE__);

		$Cache->delete_value('staff_new_message_count');

		header("Location: staffbox.php?action=viewpm&pmid=$answeringto");

		die;

	}

	//////////////////////////

	// DELETE STAFF MESSAGE        //

	//////////////////////////



	if ($action == "deletestaffmessage") {



		$id = 0 + $_GET["id"];



		if (!is_numeric($id) || $id < 1 || floor($id) != $id)

			die;



		if (get_user_class() < $staffmem_class)

			permissiondenied();



		sql_query("DELETE FROM staffmessages WHERE id=" . sqlesc($id)) or die();

		$Cache->delete_value('staff_message_count');

		$Cache->delete_value('staff_new_message_count');

		header("Location: " . get_protocol_prefix() . "$BASEURL/staffbox.php");

	}



	//////////////////////////

	// MARK AS ANSWERED        //

	//////////////////////////



	if ($action == "setanswered" || $_GET['action2'] == 'deal') {



		if (get_user_class() < $staffmem_class)

			permissiondenied();



		$id = 0 + $_GET["id"];



		sql_query("UPDATE staffmessages SET answered=1, answeredby = $CURUSER[id] WHERE id = $id") or sqlerr();

		$Cache->delete_value('staff_new_message_count');

		header("Refresh: 0; url=staffbox.php?action=viewpm&pmid=$id");

	}



	//////////////////////////

	// MARK AS ANSWERED #2        //

	//////////////////////////



	if ($action == "takecontactanswered") {

		if (get_user_class() < $staffmem_class)

			permissiondenied();



		if ($_POST['setdealt']) {

			$res = sql_query("SELECT id FROM staffmessages WHERE answered=0 AND id IN (" . implode(", ", $_POST[setanswered]) . ")");

			while ($arr = mysql_fetch_assoc($res))

				sql_query("UPDATE staffmessages SET answered=1, answeredby = $CURUSER[id] WHERE id = $arr[id]") or sqlerr();

		} elseif ($_POST['delete']) {

			$res = sql_query("SELECT id FROM staffmessages WHERE id IN (" . implode(", ", $_POST[setanswered]) . ")");

			while ($arr = mysql_fetch_assoc($res))

				sql_query("DELETE FROM staffmessages WHERE id = $arr[id]") or sqlerr();

		}

		$Cache->delete_value('staff_new_message_count');

		header("Refresh: 0; url=staffbox.php");

	}
PHP
1
https://gitee.com/mojie126/HDCN-PT.git
git@gitee.com:mojie126/HDCN-PT.git
mojie126
HDCN-PT
HDCN-PT
master
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部