Java tutorial
package com.tmwsoft.sns.web.action; import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.PrintWriter; import java.io.StringReader; import java.io.UnsupportedEncodingException; import java.net.URLEncoder; import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Arrays; import java.util.Calendar; import java.util.Comparator; import java.util.Enumeration; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.LinkedHashMap; import java.util.LinkedHashSet; import java.util.List; import java.util.Map; import java.util.Map.Entry; import java.util.Set; import java.util.TimeZone; import java.util.regex.Matcher; import java.util.regex.Pattern; import javax.servlet.RequestDispatcher; import javax.servlet.ServletInputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.fileupload.FileItem; import org.apache.commons.fileupload.FileUploadBase.SizeLimitExceededException; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.lang.StringUtils; import org.apache.lucene.analysis.Analyzer; import org.apache.lucene.analysis.TokenStream; import org.apache.lucene.analysis.tokenattributes.TermAttribute; import org.apache.lucene.document.Document; import org.apache.lucene.document.Field; import org.apache.lucene.index.IndexWriter; import org.apache.lucene.search.IndexSearcher; import org.apache.lucene.search.Query; import org.apache.lucene.search.TopDocs; import org.apache.lucene.store.Directory; import org.apache.lucene.store.RAMDirectory; import org.apache.struts.action.ActionForm; import org.apache.struts.action.ActionForward; import org.apache.struts.action.ActionMapping; import org.wltea.analyzer.lucene.IKAnalyzer; import org.wltea.analyzer.lucene.IKQueryParser; import org.wltea.analyzer.lucene.IKSimilarity; import com.tmwsoft.util.Freemarker; import com.tmwsoft.util.Tools; import com.tmwsoft.sns.service.AdminDeleteService; import com.tmwsoft.sns.service.PollService; import com.tmwsoft.sns.service.TreeService; import com.tmwsoft.sns.util.BBCode; import com.tmwsoft.sns.util.Common; import com.tmwsoft.sns.util.CookieHelper; import com.tmwsoft.sns.util.FileHelper; import com.tmwsoft.sns.util.FileUploadUtil; import com.tmwsoft.sns.util.MobileSms; import com.tmwsoft.sns.util.Serializer; import com.tmwsoft.sns.util.SysConstants; import com.tmwsoft.sns.vo.MessageVO; import com.tmwsoft.sns.web.servlet.AddFriendHttpServletRequestWrapper; import com.tmwsoft.sns.web.servlet.PostHandler; public class MainAction extends BaseAction { private static final String[] acs = { "space", "doing", "upload", "comment", "blog", "album", "relatekw", "common", "class", "thread", "mtag", "poke", "friend", "avatar", "profile", "theme", "import", "feed", "privacy", "pm", "share", "invite", "sendmail", "userapp", "task", "credit", "password", "domain", "event", "poll", "topic", "click", "magic", "top", "videophoto", "gift", "joinAgent" }; private final int text_max_size = 65535; @SuppressWarnings("unchecked") @Override public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> sCookie = (Map<String, Object>) request.getAttribute("sCookie"); String ac = request.getParameter("ac"); if (ac == null || ac.length() == 0 || !Common.in_array(acs, ac)) { ac = "profile"; } int supeUID = (Integer) sGlobal.get("supe_uid"); if (supeUID == 0) { String charset = SysConstants.SNS_CHARSET; if (request.getMethod().equals("GET")) { CookieHelper.setCookie(request, response, "_refer", URLEncoder.encode((String) request.getAttribute("requestURI"), charset)); } else { CookieHelper.setCookie(request, response, "_refer", URLEncoder.encode("main.action?ac=" + ac, charset)); } return showMessage(request, response, "to_login", "operate.action?ac=" + sConfig.get("login_action")); } Map<String, Object> space = Common.getSpace(request, sGlobal, sConfig, supeUID); if (space == null || space.size() == 0) { return showMessage(request, response, "space_does_not_exist"); } // ?ac? if (spacePage.contains(ac)) { if (!"space".equals(sCookie.get("currentsite"))) { CookieHelper.setCookie(request, response, "currentsite", "space"); sCookie.put("currentsite", "space");// ?? } } if ("space".equals(sCookie.get("currentsite"))) { space.put("star", Common.getStar(sConfig, space.get("experience") == null ? 0 : (Integer) space.get("experience"))); space.put("domainurl", Common.spaceDomain(request, space, sConfig)); // ?? Common.initSpaceCss(request, space, sGlobal); } if (spaceHome.contains(ac)) { // ?????? request.setAttribute("spaceLocation", "home"); } if (!ac.equals("common") && !ac.equals("pm")) { String message = Common.checkClose(request, response, supeUID); if (message != null) { return showMessage(request, response, message); } if ((Integer) space.get("flag") == -1) { return showMessage(request, response, "space_has_been_locked"); } if (Common.checkPerm(request, response, "banvisit")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "you_do_not_have_permission_to_visit"); } if (ac.equals("userapp") && !Common.checkPerm(request, response, "allowmyop")) { return showMessage(request, response, "no_privilege"); } } Map actives = new HashMap(); actives.put(ac, " class=active"); request.setAttribute("actives", actives); request.setAttribute("space", space); return invokeMethod(this, "cp_" + ac, request, response); } public ActionForward cp_album(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int albumid = Common.intval(request.getParameter("albumid")); int picid = Common.intval(request.getParameter("picid")); int supe_uid = (Integer) sGlobal.get("supe_uid"); String op = request.getParameter("op"); if ("edit".equals(op)) { if (albumid < 1) { return showMessage(request, response, "photos_do_not_support_the_default_settings", "main.action?ac=album&op=editpic", 0); } List<Map<String, Object>> albums = dataBaseService .executeQuery("SELECT * FROM sns_album WHERE albumid='" + albumid + "'"); if (Common.empty(albums)) { return showMessage(request, response, "no_privilege"); } Map<String, Object> album = albums.get(0); if ((Integer) album.get("uid") != supe_uid && !Common.checkPerm(request, response, "managealbum")) { return showMessage(request, response, "no_privilege"); } try { if (submitCheck(request, "editsubmit")) { String albumname = Common.getStr(request.getParameter("albumname"), 50, true, true, true, 0, 0, request, response); if (Common.empty(albumname)) { return showMessage(request, response, "album_name_errors"); } int friend = Common.intval(request.getParameter("friend")); String target_ids = ""; String password = request.getParameter("password"); if (friend == 2) { List<String> uids = null; String target_names = request.getParameter("target_names"); String[] names = Common.empty(target_names) ? null : target_names.trim().replaceAll(Common.getMessage(request, "cp_tab_space"), " ") .split(" "); if (!Common.empty(names)) { uids = dataBaseService.executeQuery( "SELECT uid FROM sns_space WHERE username IN (" + Common.sImplode(names) + ")", 1); } if (Common.empty(uids)) { friend = 3; } else { target_ids = Common.implode(uids, ","); } } else if (friend == 4) { password = Common.trim(password); if (password.equals("")) { friend = 0; } } if (friend != 2) { target_ids = ""; } if (friend != 4) { password = ""; } Map<String, Object> setData = new HashMap<String, Object>(); setData.put("albumname", albumname); setData.put("friend", friend); setData.put("password", password); setData.put("target_ids", target_ids); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("albumid", albumid); dataBaseService.updateTable("sns_album", setData, whereData); return showMessage(request, response, "do_success", "main.action?ac=album&op=edit&albumid=" + albumid); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } album.put("target_names", ""); int friend = (Integer) album.get("friend"); request.setAttribute("friend_" + friend, " selected"); String passwordstyle = "display:none", selectgroupstyle = "display:none"; if (friend == 4) { passwordstyle = ""; } else if (friend == 2) { selectgroupstyle = ""; String target_ids = (String) album.get("target_ids"); if (!Common.empty(target_ids)) { List<String> names = dataBaseService .executeQuery("SELECT username FROM sns_space WHERE uid IN (" + target_ids + ")", 1); album.put("target_names", Common.implode(names, " ")); } } request.setAttribute("albumid", albumid); request.setAttribute("album", album); request.setAttribute("passwordstyle", passwordstyle); request.setAttribute("selectgroupstyle", selectgroupstyle); request.setAttribute("groups", Common.getFriendGroup(request)); } else if ("delete".equals(op)) { List<Map<String, Object>> albumsList = mainService.getAlbums(supe_uid); if (Common.empty(albumsList)) { return showMessage(request, response, "no_privilege"); } Map<Integer, Map<String, Object>> albums = new LinkedHashMap<Integer, Map<String, Object>>(); for (Map<String, Object> value : albumsList) { albums.put((Integer) value.get("albumid"), value); } try { if (submitCheck(request, "deletesubmit")) { int moveto = Common.intval(request.getParameter("moveto")); if (moveto < 0) { if (!adminDeleteService.deleteAlbums(request, response, supe_uid, new Integer[] { albumid })) { return showMessage(request, response, "no_privilege"); } } else { if (moveto != 0 && Common.empty(albums.get(moveto))) { moveto = 0; } Map<String, Object> setData = new HashMap<String, Object>(); Map<String, Object> whereData = new HashMap<String, Object>(); if (moveto > 0) { Map<String, Object> album = albums.get(albumid); setData.put("albumid", moveto); whereData.put("albumid", albumid); dataBaseService.updateTable("sns_pic", setData, whereData); dataBaseService.executeUpdate( "UPDATE sns_album SET picnum=picnum+" + album.get("picnum") + ", updatetime='" + sGlobal.get("timestamp") + "' WHERE albumid='" + moveto + "'"); } else { setData.put("albumid", 0); whereData.put("albumid", albumid); dataBaseService.updateTable("sns_pic", setData, whereData); } dataBaseService.execute("DELETE FROM sns_album WHERE albumid='" + albumid + "'"); } return showMessage(request, response, "do_success", "zone.action?do=album&view=me"); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("albumid", albumid); request.setAttribute("albums", albums); } else if ("editpic".equals(op)) { boolean managealbum = Common.checkPerm(request, response, "managealbum"); List<Map<String, Object>> query; Map<String, Object> album = null; if (albumid > 0) { query = dataBaseService.executeQuery("SELECT * FROM sns_album WHERE albumid='" + albumid + "'"); album = query.size() > 0 ? query.get(0) : null; if (Common.empty(album)) { return showMessage(request, response, "no_privilege"); } if ((Integer) album.get("uid") != supe_uid && !managealbum) { return showMessage(request, response, "no_privilege"); } } try { if (submitCheck(request, "editpicsubmit")) { String subop = request.getParameter("subop"); if ("delete".equals(subop)) { Map<String, String> deleteids = new HashMap<String, String>(); Map<String, String> title_RequestParameter = (Map<String, String>) getParameters(request, "title"); Map<String, String> ids = (Map<String, String>) getParameters(request, "ids"); String title; String picidTemp; String value; for (Entry<String, String> entry : title_RequestParameter.entrySet()) { picidTemp = entry.getKey(); value = entry.getValue(); if (Common.empty(ids.get(picidTemp))) { title = Common.getStr(value, 150, true, true, true, 0, 0, request, response); Map<String, Object> wherearr = new HashMap<String, Object>(); wherearr.put("picid", picidTemp); if (!managealbum) wherearr.put("uid", supe_uid); Map<String, Object> setData = new HashMap<String, Object>(); setData.put("title", title); dataBaseService.updateTable("sns_pic", setData, wherearr); } else { deleteids.put(picidTemp, picidTemp); } } if (!Common.empty(deleteids)) { adminDeleteService.deletePics(request, response, supe_uid, deleteids); } } else if ("update".equals(subop)) { Map<String, String> title_RequestParameter = (Map<String, String>) getParameters(request, "title"); String title; String value; String picidTemp; for (Entry<String, String> entry : title_RequestParameter.entrySet()) { picidTemp = entry.getKey(); value = entry.getValue(); try { title = Common.getStr(value, 150, true, true, true, 0, 0, request, response); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } Map<String, Object> wherearr = new HashMap<String, Object>(); wherearr.put("picid", picidTemp); if (!managealbum) wherearr.put("uid", supe_uid); Map<String, Object> setData = new HashMap<String, Object>(); setData.put("title", title); dataBaseService.updateTable("sns_pic", setData, wherearr); } } else if ("move".equals(subop)) { Map<String, String> title_RequestParameter = (Map<String, String>) getParameters(request, "title"); String title; String value; String picidTemp; for (Entry<String, String> entry : title_RequestParameter.entrySet()) { value = entry.getValue(); title = Common.getStr(value, 150, true, true, true, 0, 0, request, response); picidTemp = entry.getKey(); Map<String, Object> wherearr = new HashMap<String, Object>(); wherearr.put("picid", picidTemp); if (!managealbum) wherearr.put("uid", supe_uid); Map<String, Object> setData = new HashMap<String, Object>(); setData.put("title", title); dataBaseService.updateTable("sns_pic", setData, wherearr); } Map<String, String> ids = (Map<String, String>) getParameters(request, "ids"); if (!Common.empty(ids)) { String plussql = managealbum ? "" : "AND uid=" + supe_uid; int newalbumid = Common.intval(request.getParameter("newalbumid")); if (newalbumid != 0) { query = dataBaseService.executeQuery("SELECT albumid FROM sns_album WHERE albumid='" + newalbumid + "' " + plussql); album = query.size() > 0 ? query.get(0) : null; if (Common.empty(album)) { newalbumid = 0; } } int updatecount = dataBaseService.executeUpdate("UPDATE sns_pic SET albumid='" + newalbumid + "' WHERE picid IN (" + Common.sImplode(ids) + ") " + plussql); if (updatecount != 0) { if (albumid > 0) { dataBaseService.executeUpdate("UPDATE sns_album SET picnum=picnum-" + updatecount + " WHERE albumid='" + albumid + "' " + plussql); album_update_pic(sGlobal, space, albumid); } if (newalbumid != 0) { dataBaseService.executeUpdate("UPDATE sns_album SET picnum=picnum+" + updatecount + " WHERE albumid='" + newalbumid + "' " + plussql); album_update_pic(sGlobal, space, newalbumid); } } } } String refer = request.getParameter("refer"); String page = request.getParameter("page"); page = page == null ? "" : page; String url = Common.empty(refer) ? "main.action?ac=album&op=editpic&albumid=" + albumid + "&page=" + page : refer; return showMessage(request, response, "do_success", url, 0); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } int perpage = 10; int page = Common.intval(request.getParameter("page")); if (page < 1) page = 1; int start = (page - 1) * perpage; int maxpage = (Integer) sConfig.get("maxpage"); String result = Common.ckStart(start, perpage, maxpage); if (result != null) { return showMessage(request, response, result); } String picsql = picid != 0 ? "picid='" + picid + "' AND " : ""; String wheresql; int count; if (albumid > 0) { wheresql = "albumid='" + albumid + "'"; count = (Integer) album.get("picnum"); } else { wheresql = "albumid='0' AND uid='" + supe_uid + "'"; query = dataBaseService .executeQuery("SELECT COUNT(*) AS cont FROM sns_pic WHERE " + picsql + " " + wheresql); count = query.size() > 0 ? (Integer) query.get(0).get("cont") : 0; } List<Map<String, Object>> list = null; if (count != 0) { if (page > 1 && start >= count) { page--; start = (page - 1) * perpage; } query = dataBaseService.executeQuery("SELECT * FROM sns_pic WHERE " + picsql + " " + wheresql + " ORDER BY dateline DESC LIMIT " + start + "," + perpage); for (Map<String, Object> value : query) { value.put("title", BBCode.html2bbcode((String) value.get("title"))); value.put("pic", Common.pic_get(sConfig, (String) value.get("filepath"), (Integer) value.get("thumb"), (Integer) value.get("remote"), true)); value.put("bigpic", Common.pic_get(sConfig, (String) value.get("filepath"), (Integer) value.get("thumb"), (Integer) value.get("remote"), false)); } list = query; } String multi = Common.multi(request, count, perpage, page, maxpage, "main.action?ac=album&op=editpic&albumid=" + albumid, "", ""); List<Map<String, Object>> albumlist = mainService.getAlbums(supe_uid); request.setAttribute("albumid", albumid); request.setAttribute("album", album); request.setAttribute("list", list); request.setAttribute("albumlist", albumlist); request.setAttribute("page", page); request.setAttribute("multi", multi); } else if ("setpic".equals(op)) { String uidsql = Common.checkPerm(request, response, "managealbum") ? "" : "AND uid='" + supe_uid + "'"; List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_pic WHERE picid='" + picid + "' " + uidsql); Map<String, Object> pic = query.size() > 0 ? query.get(0) : null; if (!Common.empty(pic)) { if ((Integer) pic.get("albumid") != 0) { pic.put("picflag", (Integer) pic.get("remote") != 0 ? 2 : 1); pic.put("filepath", pic.get("filepath") + ((Integer) pic.get("thumb") != 0 ? ".thumb.jpg" : "")); Map<String, Object> setData = new HashMap<String, Object>(); setData.put("pic", pic.get("filepath")); setData.put("picflag", pic.get("picflag")); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("albumid", pic.get("albumid")); dataBaseService.updateTable("sns_album", setData, whereData); } } return showMessage(request, response, "do_success"); } else if ("edittitle".equals(op)) { String uidsql = Common.checkPerm(request, response, "managealbum") ? "" : "AND uid='" + supe_uid + "'"; List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_pic WHERE picid='" + picid + "' " + uidsql); Map<String, Object> pic = query.size() > 0 ? query.get(0) : null; request.setAttribute("pic", pic); } else if ("edithot".equals(op)) { if (!Common.checkPerm(request, response, "managealbum")) { return showMessage(request, response, "no_privilege"); } List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_pic WHERE picid='" + picid + "'"); Map<String, Object> pic = query.size() > 0 ? query.get(0) : null; if (Common.empty(pic)) { return showMessage(request, response, "no_privilege"); } try { if (submitCheck(request, "hotsubmit")) { int hot = Common.intval(request.getParameter("hot")); Map<String, Object> setData = new HashMap<String, Object>(); setData.put("hot", hot); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("picid", picid); dataBaseService.updateTable("sns_pic", setData, whereData); if (hot > 0) { feedService.feedPublish(request, response, picid, "picid", false); } else { whereData.clear(); whereData.put("id", picid); whereData.put("idtype", "picid"); dataBaseService.updateTable("sns_feed", setData, whereData); } return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("picid", picid); request.setAttribute("pic", pic); } request.setAttribute("op", op); return include(request, response, sConfig, sGlobal, "cp_album.jsp"); } private void album_update_pic(Map<String, Object> sGlobal, Map<String, Object> space, int albumid) { Map<String, Object> pic = new HashMap<String, Object>(); pic.put("filepath", ""); pic.put("picflag", 0); int supe_uid = (Integer) sGlobal.get("supe_uid"); List<Map<String, Object>> query = dataBaseService.executeQuery("SELECT * FROM sns_pic WHERE albumid='" + albumid + "' AND uid='" + supe_uid + "' ORDER BY dateline DESC LIMIT 1"); int tempI; for (Map<String, Object> value : query) { tempI = (Integer) value.get("remote"); pic.put("picflag", tempI != 0 ? 2 : 1); tempI = (Integer) value.get("thumb"); pic.put("filepath", (String) value.get("filepath") + (tempI != 0 ? ".thumb.jpg" : "")); } Map<String, Object> setData = new HashMap<String, Object>(); setData.put("pic", pic.get("filepath")); setData.put("picflag", pic.get("picflag")); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("albumid", albumid); whereData.put("uid", supe_uid); dataBaseService.updateTable("sns_album", setData, whereData); } private Object getParameters(HttpServletRequest request, String prefix) { return getParameters(request, prefix, false); } private Object getParameters(HttpServletRequest request, String prefix, boolean isCheckBox) { Map<String, String[]> primalParameters = request.getParameterMap(); if (primalParameters == null) { return null; } Map<String, Object> result = new HashMap<String, Object>(); String key; String[] value; String prefix_ = null; if (prefix != null) { prefix_ = prefix + "["; } for (Entry<String, String[]> primalPE : primalParameters.entrySet()) { key = primalPE.getKey(); if (prefix == null || key.startsWith(prefix_)) { value = primalPE.getValue(); if (!getParametersSetResultMap(result, key, value, isCheckBox)) { return null; } } } if (prefix != null) { return result.get(prefix); } return result; } private String disposeParameter(String parameterName) { if (parameterName.endsWith("[]")) { return parameterName.substring(0, parameterName.length() - 2); } else { return parameterName; } } private boolean getParametersSetResultMap(Map<String, Object> result, String key, String[] value, boolean isCheckBox) { key = disposeParameter(key); return getParametersParseKey(new StringBuilder(key), result, value, isCheckBox); } private boolean getParametersParseKey(StringBuilder operatingKey, Map<String, Object> supMap, String[] value, boolean isCheckBox) { int tempI = operatingKey.indexOf("["); int tempII = operatingKey.indexOf("]"); if (tempI < 0) { putValue(supMap, operatingKey.toString(), value, isCheckBox); return true; } else if (tempII < tempI) { return false; } String subKey = operatingKey.substring(0, tempI); Map<String, Object> subMap = (Map<String, Object>) supMap.get(subKey); if (subMap == null) { subMap = new HashMap<String, Object>(); supMap.put(subKey, subMap); } operatingKey.deleteCharAt(tempII); operatingKey.delete(0, tempI + 1); return getParametersParseKey(operatingKey, subMap, value, isCheckBox); } private void putValue(Map<String, Object> targetMap, String key, String[] value, boolean isCheckBox) { if (isCheckBox || value == null || value.length == 0) { targetMap.put(key, value); } else { targetMap.put(key, value[0]); } } public ActionForward cp_avatar(HttpServletRequest request, HttpServletResponse response) { try { String a = request.getParameter("a"); if (!Common.empty(a)) { String result = Common.checkInput(request); if (result == null) { if ("uploadAvatar".equals(a)) { result = uploadAvatar(); } else if ("rectAvatar".equals(a)) { result = rectAvatar(); } } PrintWriter out = response.getWriter(); out.write(result); out.flush(); return null; } else if (submitCheck(request, "avatarsubmit")) { return showMessage(request, response, "do_success", "main.action?ac=avatar", 0); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int supe_uid = (Integer) sGlobal.get("supe_uid"); Object avatarFlash = Common.avatar(request, supe_uid, Common.empty(sConfig.get("avatarreal")) ? "virtual" : "real", true); request.setAttribute("avatarFlash", avatarFlash); List<String> sets = new ArrayList<String>(); boolean avatarExists = mainService.ckavatar(sGlobal, sConfig, supe_uid); int avatar = (Integer) space.get("avatar"); int timestamp = (Integer) sGlobal.get("timestamp"); if (avatarExists) { if (avatar == 0) { Map<String, Integer> reward = Common.getReward("setavatar", false, 0, "", true, request, response); int credit = reward.get("credit"); int experience = reward.get("experience"); if (credit != 0) { sets.add("credit=credit+" + credit); } if (experience != 0) { sets.add("experience=experience+" + experience); } sets.add("avatar=1"); sets.add("updatetime=" + timestamp); } } else { if (avatar == 1) { sets.add("avatar=0"); } } if (sets.size() > 0) { dataBaseService.executeUpdate( "UPDATE sns_space SET " + Common.implode(sets, ",") + " WHERE uid='" + supe_uid + "'"); if ((Integer) sConfig.get("my_status") == 1) { Map<String, Object> insertData = new HashMap<String, Object>(); insertData.put("uid", supe_uid); insertData.put("action", "update"); insertData.put("dateline", timestamp); dataBaseService.insertTable("sns_userlog", insertData, false, true); } } return include(request, response, sConfig, sGlobal, "cp_avatar.jsp"); } private String uploadAvatar() { return null; } private String rectAvatar() { boolean success = true; if (success) { return "<?xml version=\"1.0\" ?><root><face success=\"1\"/></root>"; } else { return "<?xml version=\"1.0\" ?><root><face success=\"0\"/></root>"; } } private String decodeFlashData(byte[] s) { StringBuffer r = new StringBuffer(); return r.toString(); } public ActionForward cp_blog(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int blogId = Common.intval(request.getParameter("blogid")); String op = Common.empty(request.getParameter("op")) ? "" : request.getParameter("op"); Map<String, Object> blog = new HashMap<String, Object>(); if (!Common.empty(blogId)) { List<Map<String, Object>> blogs = dataBaseService.executeQuery( "SELECT bf.*,b.* FROM sns_blog b LEFT JOIN sns_blogfield bf ON bf.blogid=b.blogid WHERE b.blogid='" + blogId + "'"); if (blogs.size() != 0) { blog = blogs.get(0); } } if (blog.size() == 0) { if (!Common.checkPerm(request, response, "allowblog")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_authority_to_add_log"); } if (!mainService.checkRealName(request, "blog")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "blog")) { return showMessage(request, response, "no_privilege_videophoto"); } switch (mainService.checkNewUser(request, response)) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } int waitTime = Common.checkInterval(request, response, "post"); if (waitTime > 0) { return showMessage(request, response, "operating_too_fast", "", 1, String.valueOf(waitTime)); } try { String subject = request.getParameter("subject"); String message = request.getParameter("message"); if (!Common.empty(subject)) { blog.put("subject", Common.getStr(subject, 80, true, false, false, 0, 0, request, response)); } if (!Common.empty(message)) { blog.put("message", Common.getStr(message, 5000, true, false, false, 0, 0, request, response)); } } catch (Exception e) { e.printStackTrace(); } } else { // ??blog?? if (!"dorecommend".equals(op)) { if (!sGlobal.get("supe_uid").equals(blog.get("uid")) && !Common.checkPerm(request, response, "manageblog")) { return showMessage(request, response, "no_authority_operation_of_the_log"); } } } try { // ??? if (submitCheck(request, "blogsubmit")) { if (blog.get("blogid") == null) { blog = new HashMap<String, Object>(); } else { if (!Common.checkPerm(request, response, "allowblog")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_authority_to_add_log"); } } if (Common.checkPerm(request, response, "seccode") && !mainService.checkSeccode(request, response, sGlobal, sConfig, request.getParameter("seccode"))) { return showMessage(request, response, "incorrect_code"); } // ????, boolean allowverifyblog = Common.checkAllowVerifyBlog((Integer) sGlobal.get("supe_uid")); if (allowverifyblog) { blog.put("verify", "Y"); } Map<String, Object> newBlog = blogService.blogPost(request, response, blog); if (newBlog == null) { return showMessage(request, response, "that_should_at_least_write_things"); } else if (Common.empty(blog) && !Common.empty(newBlog.get("topicid"))) { return showMessage(request, response, "do_success", "zone.action?do=topic&topicid=" + newBlog.get("topicid") + "&view=blog", 0); } else { if (allowverifyblog) { return showMessage(request, response, "blog_allowverifyblog_y"); } else { return showMessage(request, response, "do_success", "zone.action?uid=" + newBlog.get("uid") + "&do=blog&id=" + newBlog.get("blogid"), 0); } } } if (op.equals("delete")) { if (submitCheck(request, "deletesubmit")) { if (blogService.deleteBlogs(request, response, blogId) != null) { return showMessage(request, response, "do_success", "zone.action?uid=" + blog.get("uid") + "&do=blog&view=me"); } else { return showMessage(request, response, "failed_to_delete_operation"); } } } else if (op.equals("goto")) { int id = Common.intval(request.getParameter("id")); Map<String, Object> whereArr = new HashMap<String, Object>(); whereArr.put("blogid", id); int uid = id != 0 ? Common.intval(Common.getCount("sns_blog", whereArr, "uid")) : 0; return showMessage(request, response, "do_success", "zone.action?uid=" + uid + "&do=blog&id=" + id, 0); } else if (op.equals("edithot")) { if (!Common.checkPerm(request, response, "manageblog")) { return showMessage(request, response, "no_privilege"); } if (submitCheck(request, "hotsubmit")) { int hot = Common.intval(request.getParameter("hot")); Map<String, Object> setData = new HashMap<String, Object>(); Map<String, Object> whereData = new HashMap<String, Object>(); setData.put("hot", hot); whereData.put("blogid", blog.get("blogid")); dataBaseService.updateTable("sns_blog", setData, whereData); if (hot > 0) { feedService.feedPublish(request, response, (Integer) blog.get("blogid"), "blogid", false); } else { whereData = new HashMap<String, Object>(); whereData.put("id", blog.get("blogid")); whereData.put("idtype", "blogid"); dataBaseService.updateTable("sns_feed", setData, whereData); } return showMessage(request, response, "do_success", "zone.action?uid=" + blog.get("uid") + "&do=blog&id=" + blog.get("blogid"), 0); } } else if (op.equals("dorecommend")) { if (submitCheck(request, "submit")) { Integer uid = (Integer) (((Map) sGlobal.get("session")).get("uid")); int result_id = dataBaseService .insert("insert into sns_blog_recommend ( blogid, uid, dateline ) values (" + blog.get("blogid") + " , " + uid + ", " + sGlobal.get("timestamp") + ")"); if (result_id == 0) { try { PrintWriter out = response.getWriter(); out.write("??"); out.flush(); } catch (IOException e) { e.printStackTrace(); } return null; } else { return showMessage(request, response, "do_success", "zone.action?uid=" + blog.get("uid") + "&do=blog&id=" + blog.get("blogid"), 0); } } } else if (op.equals("doadminrecommend")) { if (!Common.checkPerm(request, response, "manageblog")) { return showMessage(request, response, "no_privilege"); } if (submitCheck(request, "submit")) { StringBuffer sql = new StringBuffer(); sql.append("update sns_blog") .append(" set recommend='Y' where blogid='" + blog.get("blogid") + "'"); dataBaseService.executeUpdate(sql.toString()); return showMessage(request, response, "do_success", "zone.action?uid=" + blog.get("uid") + "&do=blog&id=" + blog.get("blogid"), 0); } } else if (op.equals("undorecommend")) { if (!Common.checkPerm(request, response, "manageblog")) { return showMessage(request, response, "no_privilege"); } if (submitCheck(request, "submit")) { StringBuffer sql = new StringBuffer(); sql.append("update sns_blog") .append(" set recommend='N' where blogid='" + blog.get("blogid") + "'"); dataBaseService.executeUpdate(sql.toString()); return showMessage(request, response, "do_success", "zone.action?uid=" + blog.get("uid") + "&do=blog&id=" + blog.get("blogid"), 0); } } else { Integer class_uid = !Common.empty(blog.get("uid")) ? (Integer) blog.get("uid") : (Integer) sGlobal.get("supe_uid"); Map<Integer, Object> classArr = mainService.getClassArr(class_uid); List<Map<String, Object>> albums = mainService.getAlbums((Integer) sGlobal.get("supe_uid")); Map tags = Common.empty(blog.get("tag")) ? new HashMap() : Serializer.unserialize((String) blog.get("tag"), true); blog.put("tag", Common.implode(tags, " ")); List<Map<String, Object>> hotBlogs = dataBaseService .executeQuery("SELECT * FROM sns_tag ORDER BY blognum DESC LIMIT 0,10"); blog.put("hot_blogs", hotBlogs); blog.put("target_names", ""); String passwordStyle = "display:none"; String selectGroupStyle = "display:none"; if (blog.get("friend") != null && (Integer) blog.get("friend") == 4) { passwordStyle = ""; } else if (blog.get("friend") != null && (Integer) blog.get("friend") == 2) { selectGroupStyle = ""; if (!Common.empty(blog.get("target_ids"))) { List<String> names = dataBaseService.executeQuery( "SELECT username FROM sns_space WHERE uid IN (" + blog.get("target_ids") + ")", 1); blog.put("target_names", Common.implode(names, " ")); } } String message = blog.get("message") == null ? "" : ((String) blog.get("message")).replace("&", "&amp;"); blog.put("message", Common.sHtmlSpecialChars(message)); int allowHtml = (Integer) Common.checkPerm(request, response, sGlobal, "allowhtml"); int topicId = Common.intval(request.getParameter("topicid")); if (topicId != 0) { Map<String, Object> topic = Common.getTopic(request, topicId); if (topic != null) { Map<String, String> actives = new HashMap<String, String>(); actives.put("blog", " class='active'"); request.setAttribute("topic", topic); request.setAttribute("topicid", topicId); } } Map<String, String> menuActives = new HashMap<String, String>(); menuActives.put("space", " class='active'"); boolean blogPrivacy = Common.ckPrivacy(sGlobal, sConfig, space, "blog", 1); // ? request.setAttribute("classarr", classArr); request.setAttribute("allowhtml", allowHtml); request.setAttribute("groups", Common.getFriendGroup(request)); request.setAttribute("friend", blog.get("friend")); request.setAttribute("selectgroupstyle", selectGroupStyle); request.setAttribute("passwordstyle", passwordStyle); request.setAttribute("blogprivacy", blogPrivacy); request.setAttribute("albums", albums); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("blogid", blogId); request.setAttribute("blog", blog); return include(request, response, sConfig, sGlobal, "cp_blog.jsp"); } public ActionForward cp_class(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); int classId = Common.empty(request.getParameter("classid")) ? 0 : Common.intval(request.getParameter("classid")); String op = request.getParameter("op"); Map classMap = null; if (classId != 0) { List<Map<String, Object>> query = dataBaseService.executeQuery("SELECT * FROM sns_class WHERE classid='" + classId + "' AND uid='" + sGlobal.get("supe_uid") + "'"); if (query.isEmpty() == false) { classMap = query.get(0); } } if (classMap == null || classMap.isEmpty()) { return showMessage(request, response, "did_not_specify_the_type_of_operation"); } try { if ("edit".equals(op)) { if (submitCheck(request, "editsubmit")) { String className = Common.getStr(request.getParameter("classname"), 40, true, true, true, 0, 0, request, response); if (className.length() < 1) { return showMessage(request, response, "enter_the_correct_class_name"); } Map set = new HashMap(); set.put("classname", className); Map where = new HashMap(); where.put("classid", classId); dataBaseService.updateTable("sns_class", set, where); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } } else if ("delete".equals(op)) { if (submitCheck(request, "deletesubmit")) { Map set = new HashMap(); set.put("classid", 0); Map where = new HashMap(); where.put("classid", classId); dataBaseService.updateTable("sns_blog", set, where); dataBaseService.executeUpdate("DELETE FROM sns_class WHERE classid='" + classId + "'"); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("classmap", classMap); request.setAttribute("classid", classId); request.setAttribute("tpl_titles", new String[] { "" }); return include(request, response, sConfig, sGlobal, "cp_class.jsp"); } public ActionForward cp_click(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); int supe_uid = (Integer) sGlobal.get("supe_uid"); String tempS = request.getParameter("clickid"); int clickid = Common.empty(tempS) ? 0 : Common.intval(tempS); tempS = request.getParameter("idtype"); String idtype = Common.empty(tempS) ? "" : tempS.trim(); tempS = request.getParameter("id"); int id = Common.empty(tempS) ? 0 : Common.intval(tempS); Map<String, Map<Integer, Map<String, Object>>> globalTask = Common.getCacheDate(request, response, "cache/cache_click.jsp", "globalClick"); Map<Integer, Map<String, Object>> tempMap = globalTask.get(idtype); Map<Integer, Map<String, Object>> clicks = Common.empty(tempMap) ? new LinkedHashMap<Integer, Map<String, Object>>() : tempMap; Map<String, Object> click = clicks.get(clickid); if (Common.empty(click)) { return showMessage(request, response, "click_error"); } String sql; String tablename; if ("picid".equals(idtype)) { sql = "SELECT p.*, s.username, a.friend, pf.hotuser FROM sns_pic p LEFT JOIN sns_picfield pf ON pf.picid=p.picid LEFT JOIN sns_album a ON a.albumid=p.albumid LEFT JOIN sns_space s ON s.uid=p.uid WHERE p.picid='" + id + "'"; tablename = " sns_pic"; } else if ("tid".equals(idtype)) { sql = "SELECT t.*, p.hotuser FROM sns_thread t LEFT JOIN sns_post p ON p.tid='$id' AND p.isthread='1' WHERE t.tid='" + id + "'"; tablename = " sns_thread"; } else { idtype = "blogid"; sql = "SELECT b.*, bf.hotuser FROM sns_blog b LEFT JOIN sns_blogfield bf ON bf.blogid=b.blogid WHERE b.blogid='" + id + "'"; tablename = " sns_blog"; } List<Map<String, Object>> query = dataBaseService.executeQuery(sql); Map<String, Object> item = query.size() > 0 ? query.get(0) : null; if (Common.empty(item)) { return showMessage(request, response, "click_item_error"); } int itemUid = (Integer) item.get("uid"); String hash = Common.md5(itemUid + "\t" + item.get("dateline")); String op = request.getParameter("op"); if ("add".equals(op)) { if (!Common.checkPerm(request, response, "allowclick") || !hash.equals(request.getParameter("hash"))) { return showMessage(request, response, "no_privilege"); } if (itemUid == supe_uid) { return showMessage(request, response, "click_no_self"); } if (mainService.isBlackList(itemUid, supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } query = dataBaseService.executeQuery("SELECT * FROM sns_clickuser WHERE uid='" + space.get("uid") + "' AND id='" + id + "' AND idtype='" + idtype + "'"); if (query.size() > 0) { return showMessage(request, response, "click_have"); } int timestamp = (Integer) sGlobal.get("timestamp"); Map<String, Object> setarr = new HashMap<String, Object>(); setarr.put("uid", space.get("uid")); setarr.put("username", sGlobal.get("supe_username")); setarr.put("id", id); setarr.put("idtype", idtype); setarr.put("clickid", clickid); setarr.put("dateline", timestamp); dataBaseService.insertTable("sns_clickuser", setarr, false, false); dataBaseService.executeUpdate("UPDATE " + tablename + " SET click_" + clickid + "=click_" + clickid + "+1 WHERE " + idtype + "='" + id + "'"); mainService.updateHot(request, response, idtype, id, (String) item.get("hotuser")); Map<String, Object> fs = new HashMap<String, Object>(); String q_note; String note_type; if ("blogid".equals(idtype)) { fs.put("title_template", Common.getMessage(request, "cp_feed_click_blog")); Map<String, String> tempM = new HashMap<String, String>(); tempM.put("touser", "<a href=\"zone.action?uid=" + itemUid + "\">" + sNames.get(itemUid) + "</a>"); tempM.put("subject", "<a href=\"zone.action?uid=" + itemUid + "&do=blog&id=" + item.get("blogid") + "\">" + item.get("subject") + "</a>"); tempM.put("click", (String) click.get("name")); fs.put("title_data", tempM); fs.put("body_general", ""); note_type = "clickblog"; q_note = Common.getMessage(request, "cp_note_click_blog", "zone.action?uid=" + itemUid + "&do=blog&id=" + item.get("blogid"), item.get("subject")); } else if ("tid".equals(idtype)) { fs.put("title_template", Common.getMessage(request, "cp_feed_click_thread")); Map<String, String> tempM = new HashMap<String, String>(); tempM.put("touser", "<a href=\"zone.action?uid=" + itemUid + "\">" + sNames.get(itemUid) + "</a>"); tempM.put("subject", "<a href=\"zone.action?uid=" + itemUid + "&do=thread&id=" + item.get("tid") + "\">" + item.get("subject") + "</a>"); tempM.put("click", (String) click.get("name")); fs.put("title_data", tempM); fs.put("body_general", ""); note_type = "clickthread"; q_note = Common.getMessage(request, "cp_note_click_thread", "zone.action?uid=" + itemUid + "&do=thread&id=" + item.get("tid"), item.get("subject")); } else { fs.put("title_template", Common.getMessage(request, "cp_feed_click_pic")); Map<String, String> tempM = new HashMap<String, String>(); tempM.put("touser", "<a href=\"zone.action?uid=" + itemUid + "\">" + sNames.get(itemUid) + "</a>"); tempM.put("click", (String) click.get("name")); fs.put("title_data", tempM); fs.put("images", new String[] { Common.pic_get(sConfig, (String) item.get("filepath"), (Integer) item.get("thumb"), (Integer) item.get("remote"), true) }); fs.put("image_links", new String[] { "zone.action?uid=" + itemUid + "&do=album&picid=" + item.get("picid") }); fs.put("body_general", item.get("title")); note_type = "clickpic"; q_note = Common.getMessage(request, "cp_note_click_pic", "zone.action?uid=" + itemUid + "&do=album&picid=" + item.get("picid")); } if (Common.empty(item.get("friend")) && Common.ckPrivacy(sGlobal, sConfig, space, "click", 1)) { mainService.addFeed(sGlobal, "click", (String) fs.get("title_template"), (Map) fs.get("title_data"), "", new HashMap(), (String) fs.get("body_general"), (String[]) fs.get("images"), (String[]) fs.get("image_links"), "", 0, 0, id, idtype, false); } Common.getReward("click", true, 0, idtype + id, true, request, response); mainService.updateStat(request, "click", false); mainService.addNotification(request, sGlobal, sConfig, itemUid, note_type, q_note, false); return showMessage(request, response, "click_success", (String) sGlobal.get("refer")); } else if ("show".equals(op)) { Map<String, Object> value_; int key; Integer clicknum; int maxclicknum = 0; for (Entry<Integer, Map<String, Object>> key_value : clicks.entrySet()) { key = key_value.getKey(); value_ = key_value.getValue(); if (value_ == null) { value_ = new HashMap<String, Object>(); clicks.put(key, value_); } clicknum = (Integer) item.get("click_" + key); clicknum = clicknum == null ? 0 : clicknum; value_.put("clicknum", clicknum); value_.put("classid", Common.rand(1, 4)); if (clicknum > maxclicknum) { maxclicknum = clicknum; } } request.setAttribute("maxclicknum", maxclicknum); tempS = request.getParameter("start"); int start = Common.intval(tempS); if (start < 0) start = 0; int perpage = 18; int count = 0; query = dataBaseService.executeQuery("SELECT * FROM sns_clickuser WHERE id='" + id + "' AND idtype='" + idtype + "' " + "ORDER BY dateline DESC LIMIT " + start + "," + perpage); for (Map<String, Object> value : query) { value.put("clickname", clicks.get(value.get("clickid")).get("name")); count++; } request.setAttribute("clickuserlist", query); String click_multi; try { click_multi = Common.smulti(sGlobal, start, perpage, count, "main.action?ac=click&op=show&clickid=" + clickid + "&idtype=" + idtype + "&id=" + id, "click_div"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } request.setAttribute("click_multi", click_multi); } request.setAttribute("clicks", clicks); request.setAttribute("hash", hash); request.setAttribute("idtype", idtype); request.setAttribute("id", id); request.setAttribute("op", op); request.setAttribute("navtitle", "? - "); return include(request, response, sConfig, sGlobal, "cp_click.jsp"); } public ActionForward cp_comment(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); try { Map toSpace = null, pic = null, blog = null, album = null, share = null, event = null, poll = null; int cid = Common.empty(request.getParameter("cid")) ? 0 : Common.intval(request.getParameter("cid")); int supeUid = (Integer) sGlobal.get("supe_uid"); if (submitCheck(request, "commentsubmit")) { if (!Common.checkPerm(request, response, "allowcomment")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (!mainService.checkRealName(request, "comment")) { return showMessage(request, response, "no_privilege_realname"); } switch (mainService.checkNewUser(request, response)) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } int waitTime = Common.checkInterval(request, response, "post"); if (waitTime > 0) { return showMessage(request, response, "operating_too_fast", "", 1, String.valueOf(waitTime)); } String idType = request.getParameter("idtype"); String message = Common.getStr(request.getParameter("message"), 0, true, true, true, 2, 0, request, response); if (message.length() < 2) { return showMessage(request, response, "content_is_too_short"); } String summay = Common.getStr(message, 150, true, true, false, 0, -1, request, response); int id = Common.intval(request.getParameter("id")); int authorId = 0; Map<Integer, String> sn = (Map<Integer, String>) request.getAttribute("sNames"); Map comment = null; Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); if (cid != 0) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_comment WHERE cid='" + cid + "' AND id='" + id + "' AND idtype='" + idType + "'"); comment = query.size() == 0 ? new HashMap() : query.get(0); authorId = (Integer) comment.get("authorid"); if (comment.size() != 0 && authorId != supeUid) { if ("".equals(comment.get("author"))) { sn.put(authorId, Common.getMessage(request, "hidden_username")); } comment.put("message", comment.get("message").toString() .replaceAll("(?is)<div class=\"quote\"><span class=\"q\">.*?</span></div>", "")); comment.put("message", BBCode.html2bbcode((String) comment.get("message"))); message = Common .addSlashes( "<div class=\"quote\"><span class=\"q\"><b>" + sn.get(authorId) + "</b>: " + Common.getStr((String) comment.get("message"), 150, false, false, false, 2, 1, request, response) + "</span></div>") + message; if ("uid".equals(comment.get("idtype"))) { id = authorId; } } } List hotarr = new ArrayList(); String statType = ""; if ("uid".equals(idType)) { toSpace = Common.getSpace(request, sGlobal, sConfig, id); statType = "wall"; } else if ("picid".equals(idType)) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT p.*, pf.hotuser FROM sns_pic p LEFT JOIN sns_picfield pf ON pf.picid=p.picid WHERE p.picid='" + id + "'"); pic = query.size() == 0 ? new HashMap() : query.get(0); if (pic.size() == 0) { return showMessage(request, response, "view_images_do_not_exist"); } toSpace = Common.getSpace(request, sGlobal, sConfig, pic.get("uid")); album = new HashMap(); if (!Common.empty(pic.get("albumid"))) { query = dataBaseService .executeQuery("SELECT * FROM sns_album WHERE albumid='" + pic.get("albumid") + "'"); if (query.size() == 0) { Map set = new HashMap(); set.put("albumid", 0); Map where = new HashMap(); where.put("albumid", pic.get("albumid")); dataBaseService.updateTable("sns_pic", set, where); } else { album = query.get(0); } } if (Common.empty(album)) { album.put("friend", 0); } int friend = (Integer) album.get("friend"); if (!Common.ckFriend(sGlobal, space, Common.intval(String.valueOf(album.get("uid"))), friend, (String) album.get("target_ids"))) { return showMessage(request, response, "no_privilege"); } else if (Common.empty(toSpace.get("self")) && friend == 4) { Map<String, Object> sCookie = (Map<String, Object>) request.getAttribute("sCookie"); String cookieName = "view_pwd_album_" + album.get("albumid"); String cookieValue = Common.empty(sCookie.get("cookiename")) ? "" : (String) sCookie.get("cookiename"); if (!cookieValue.equals(Common.md5(Common.md5((String) album.get("password"))))) { return showMessage(request, response, "no_privilege"); } } hotarr.add("picid"); hotarr.add(pic.get("picid")); hotarr.add(pic.get("hotuser")); statType = "piccomment"; } else if ("blogid".equals(idType)) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT b.*, bf.target_ids, bf.hotuser FROM sns_blog b LEFT JOIN sns_blogfield bf ON bf.blogid=b.blogid WHERE b.blogid='" + id + "'"); blog = query.size() == 0 ? new HashMap() : query.get(0); if (blog.size() == 0) { return showMessage(request, response, "view_to_info_did_not_exist"); } toSpace = Common.getSpace(request, sGlobal, sConfig, blog.get("uid")); if (!Common.ckFriend(sGlobal, space, (Integer) blog.get("uid"), (Integer) blog.get("friend"), (String) blog.get("target_ids"))) { return showMessage(request, response, "no_privilege"); } else if (Common.empty(toSpace.get("self")) && (Integer) blog.get("friend") == 4) { Map<String, Object> sCookie = (Map<String, Object>) request.getAttribute("sCookie"); String cookieName = "view_pwd_blog_" + blog.get("blogid"); String cookieValue = Common.empty(sCookie.get("cookiename")) ? "" : (String) sCookie.get("cookiename"); if (!cookieValue.equals(Common.md5(Common.md5((String) blog.get("password"))))) { return showMessage(request, response, "no_privilege"); } } if (!Common.empty(blog.get("noreply"))) { return showMessage(request, response, "do_not_accept_comments"); } if (!Common.empty(blog.get("target_ids"))) { blog.put("target_ids", blog.get("target_ids") + "," + blog.get("uid")); } hotarr.add("blogid"); hotarr.add(blog.get("blogid")); hotarr.add(blog.get("hotuser")); statType = "blogcomment"; } else if ("sid".equals(idType)) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_share WHERE sid='" + id + "'"); share = query.size() == 0 ? new HashMap() : query.get(0); if (share.size() == 0) { return showMessage(request, response, "sharing_does_not_exist"); } toSpace = Common.getSpace(request, sGlobal, sConfig, share.get("uid")); hotarr.add("sid"); hotarr.add(share.get("sid")); hotarr.add(share.get("hotuser")); statType = "sharecomment"; } else if ("pid".equals(idType)) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT p.*, pf.hotuser FROM sns_poll p LEFT JOIN sns_pollfield pf ON pf.pid=p.pid WHERE p.pid='" + id + "'"); poll = query.size() == 0 ? new HashMap() : query.get(0); if (poll.size() == 0) { return showMessage(request, response, "voting_does_not_exist"); } toSpace = Common.getSpace(request, sGlobal, sConfig, poll.get("uid")); if (!Common.empty(poll.get("noreply"))) { if (Common.empty(toSpace.get("self")) && !Common.in_array((String[]) toSpace.get("friends"), sGlobal.get("supe_uid"))) { return showMessage(request, response, "the_vote_only_allows_friends_to_comment"); } } hotarr.add("pid"); hotarr.add(poll.get("pid")); hotarr.add(poll.get("hotuser")); statType = "pollcomment"; } else if ("eventid".equals(idType)) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT e.*, ef.* FROM sns_event e LEFT JOIN sns_eventfield ef ON e.eventid=ef.eventid WHERE e.eventid='" + id + "'"); event = query.size() == 0 ? new HashMap() : query.get(0); if (event.size() == 0) { return showMessage(request, response, "event_does_not_exist"); } if ((Integer) event.get("grade") < -1) { return showMessage(request, response, "event_is_closed"); } else if ((Integer) event.get("grade") <= 0) { return showMessage(request, response, "event_under_verify"); } if (Common.empty(event.get("allowpost"))) { query = dataBaseService.executeQuery("SELECT * FROM sns_userevent WHERE eventid='" + id + "' AND uid='" + sGlobal.get("supe_uid") + "' LIMIT 1"); Map value = query.size() == 0 ? null : query.get(0); if (value == null || value.size() == 0 || (Integer) value.get("status") < 2) { return showMessage(request, response, "event_only_allows_members_to_comment"); } } toSpace = Common.getSpace(request, sGlobal, sConfig, event.get("uid")); hotarr.add("eventid"); hotarr.add(event.get("eventid")); hotarr.add(event.get("hotuser")); statType = "eventcomment"; } else { return showMessage(request, response, "non_normal_operation"); } if (Common.empty(toSpace)) { return showMessage(request, response, "space_does_not_exist"); } if ((Integer) toSpace.get("videostatus") == 1) { if ("uid".equals(idType) && !mainService.checkVideoPhoto(request, response, "wall", toSpace)) { return showMessage(request, response, "no_privilege_videophoto"); } else if (!mainService.checkVideoPhoto(request, response, "comment")) { return showMessage(request, response, "no_privilege_videophoto"); } } int toSpaceUid = (Integer) toSpace.get("uid"); if (mainService.isBlackList(toSpaceUid, supeUid) != 0) { return showMessage(request, response, "is_blacklist"); } if (hotarr.size() != 0 && toSpaceUid != supeUid) { mainService.updateHot(request, response, (String) hotarr.get(0), (Integer) hotarr.get(1), (String) hotarr.get(2)); } Map fs = new HashMap(); fs.put("icon", "comment"); fs.put("target_ids", ""); fs.put("friend", 0); if ("uid".equals(idType)) { Map titleData = new HashMap(); titleData.put("touser", "<a href=\"zone.action?uid=" + toSpaceUid + "\">" + sn.get(toSpaceUid) + "</a>"); fs.put("icon", "wall"); fs.put("title_template", Common.getMessage(request, "cp_feed_comment_space")); fs.put("title_data", titleData); fs.put("body_template", ""); fs.put("body_data", null); fs.put("body_general", ""); fs.put("images", null); fs.put("image_links", null); } else if ("picid".equals(idType)) { Map titleData = new HashMap(); titleData.put("touser", "<a href=\"zone.action?uid=" + toSpaceUid + "\">" + sn.get(toSpaceUid) + "</a>"); Map bodyData = new HashMap(); bodyData.put("pic_title", pic.get("title")); String[] images = { Common.pic_get(sConfig, (String) pic.get("filepath"), (Integer) pic.get("thumb"), (Integer) pic.get("remote"), true) }; String[] imageLinks = { "zone.action?uid=" + toSpaceUid + "&do=album&picid=" + pic.get("picid") }; fs.put("title_template", Common.getMessage(request, "cp_feed_comment_image")); fs.put("title_data", titleData); fs.put("body_template", "{pic_title}"); fs.put("body_data", bodyData); fs.put("body_general", summay); fs.put("images", images); fs.put("image_links", imageLinks); fs.put("target_ids", album.get("target_ids")); fs.put("friend", album.get("friend")); } else if ("blogid".equals(idType)) { dataBaseService .executeUpdate("UPDATE sns_blog SET replynum=replynum+1 WHERE blogid='" + id + "'"); Map titleData = new HashMap(); titleData.put("touser", "<a href=\"zone.action?uid=" + toSpaceUid + "\">" + sn.get(toSpaceUid) + "</a>"); titleData.put("blog", "<a href=\"zone.action?uid=" + toSpaceUid + "&do=blog&id=" + id + "\">" + blog.get("subject") + "</a>"); fs.put("title_template", Common.getMessage(request, "cp_feed_comment_blog")); fs.put("title_data", titleData); fs.put("body_template", ""); fs.put("body_data", null); fs.put("body_general", ""); fs.put("target_ids", blog.get("target_ids")); fs.put("friend", blog.get("friend")); } else if ("sid".equals(idType)) { Map titleData = new HashMap(); titleData.put("touser", "<a href=\"zone.action?uid=" + toSpaceUid + "\">" + sn.get(toSpaceUid) + "</a>"); titleData.put("share", "<a href=\"zone.action?uid=" + toSpaceUid + "&do=share&id=" + id + "\">" + ((String) share.get("title_template")) .replace(Common.getMessage(request, "cp_share_action"), "") + "</a>"); fs.put("title_template", Common.getMessage(request, "cp_feed_comment_share")); fs.put("title_data", titleData); fs.put("body_template", ""); fs.put("body_data", null); fs.put("body_general", ""); } else if ("eventid".equals(idType)) { Map titleData = new HashMap(); titleData.put("touser", "<a href=\"zone.action?uid=" + toSpaceUid + "\">" + sn.get(toSpaceUid) + "</a>"); titleData.put("event", "<a href=\"zone.action?do=event&id=" + event.get("eventid") + "\">" + event.get("title") + "</a>"); fs.put("title_template", Common.getMessage(request, "cp_feed_comment_event")); fs.put("title_data", titleData); fs.put("body_template", ""); fs.put("body_data", null); fs.put("body_general", ""); } else if ("pid".equals(idType)) { dataBaseService.executeUpdate("UPDATE sns_poll SET replynum=replynum+1 WHERE pid='" + id + "'"); Map titleData = new HashMap(); titleData.put("touser", "<a href=\"zone.action?uid=" + toSpaceUid + "\">" + sn.get(toSpaceUid) + "</a>"); titleData.put("poll", "<a href=\"zone.action?uid=" + toSpaceUid + "&do=poll&pid=" + id + "\">" + poll.get("subject") + "</a>"); fs.put("title_template", Common.getMessage(request, "cp_feed_comment_poll")); fs.put("title_data", titleData); fs.put("body_template", ""); fs.put("body_data", null); fs.put("body_general", ""); fs.put("friend", 0); } Map setarr = new HashMap(); setarr.put("uid", toSpaceUid); setarr.put("id", id); setarr.put("idtype", request.getParameter("idtype")); setarr.put("authorid", sGlobal.get("supe_uid")); setarr.put("author", sGlobal.get("supe_username")); setarr.put("dateline", sGlobal.get("timestamp")); setarr.put("message", Common.cutstr(message, text_max_size, "")); setarr.put("ip", Common.getOnlineIP(request)); cid = dataBaseService.insertTable("sns_comment", setarr, true, false); String action = "comment"; String becomment = "getcomment"; String msg = null; String magValues = null; String noteType = null; String note = null; String msgType = null; String nUrl = null; String qMsgType = null; String qNote = null; if ("uid".equals(idType)) { nUrl = "zone.action?uid=" + toSpaceUid + "&do=wall&cid=" + cid; noteType = "wall"; note = Common.getMessage(request, "cp_note_wall", nUrl); qNote = Common.getMessage(request, "cp_note_wall_reply", nUrl); if (comment != null && comment.isEmpty() == false) { msg = "note_wall_reply_success"; magValues = (String) sn.get(toSpaceUid); becomment = ""; } else { msg = "do_success"; magValues = null; becomment = "getguestbook"; } msgType = "cp_comment_friend"; qMsgType = "cp_comment_friend_reply"; action = "guestbook"; } else if ("picid".equals(idType)) { nUrl = "zone.action?uid=" + toSpaceUid + "&do=album&picid=" + id + "&cid=" + cid; noteType = "piccomment"; note = Common.getMessage(request, "cp_note_pic_comment", nUrl); qNote = Common.getMessage(request, "cp_note_pic_comment_reply", nUrl); msg = "do_success"; magValues = null; msgType = "cp_photo_comment"; qMsgType = "cp_photo_comment_reply"; } else if ("blogid".equals(idType)) { nUrl = "zone.action?uid=" + toSpaceUid + "&do=blog&id=" + id + "&cid=" + cid; noteType = "blogcomment"; note = Common.getMessage(request, "cp_note_blog_comment", new String[] { nUrl, (String) blog.get("subject") }); qNote = Common.getMessage(request, "cp_note_blog_comment_reply", nUrl); msg = "do_success"; magValues = null; msgType = "cp_blog_comment"; qMsgType = "cp_blog_comment_reply"; } else if ("sid".equals(idType)) { nUrl = "zone.action?uid=" + toSpaceUid + "&do=share&id=" + id + "&cid=" + cid; noteType = "sharecomment"; note = Common.getMessage(request, "cp_note_share_comment", nUrl); qNote = Common.getMessage(request, "cp_note_share_comment_reply", nUrl); msg = "do_success"; magValues = null; msgType = "cp_share_comment"; qMsgType = "cp_share_comment_reply"; } else if ("pid".equals(idType)) { nUrl = "zone.action?uid=" + toSpaceUid + "&do=poll&pid=" + id + "&cid=" + cid; noteType = "pollcomment"; note = Common.getMessage(request, "cp_note_poll_comment", new String[] { nUrl, (String) poll.get("subject") }); qNote = Common.getMessage(request, "cp_note_poll_comment_reply", nUrl); msg = "do_success"; magValues = null; msgType = "cp_poll_comment"; qMsgType = "cp_poll_comment_reply"; } else if ("eventid".equals(idType)) { nUrl = "zone.action?do=event&id=" + id + "&view=comment&cid=" + cid; noteType = "eventcomment"; note = Common.getMessage(request, "cp_note_event_comment", nUrl); qNote = Common.getMessage(request, "cp_note_event_comment_reply", nUrl); msg = "do_success"; magValues = null; msgType = "cp_event_comment"; qMsgType = "cp_event_comment_reply"; } if (comment == null || comment.isEmpty()) { if (toSpaceUid != supeUid) { if (Common.ckPrivacy(sGlobal, sConfig, space, "comment", 1)) { mainService.addFeed(sGlobal, (String) fs.get("icon"), (String) fs.get("title_template"), (Map) fs.get("title_data"), (String) fs.get("body_template"), (Map) fs.get("body_data"), (String) fs.get("body_general"), (String[]) fs.get("images"), (String[]) fs.get("image_links"), (String) fs.get("target_ids"), (Integer) fs.get("friend"), 0, id, idType, false); } mainService.addNotification(request, sGlobal, sConfig, toSpaceUid, noteType, note, false); if ("uid".equals(idType) && (Integer) toSpace.get("updatetime") == (Integer) toSpace.get("dataline")) { } String[] args = new String[] { (String) sn.get(space.get("uid")), (String) Common.sHtmlSpecialChars(Common.getSiteUrl(request) + nUrl) }; mainService.sendMail(request, response, toSpaceUid, "", Common.getMessage(request, msgType, args), "", msgType); } } else if (authorId != supeUid) { String[] args = new String[] { (String) sn.get(space.get("uid")), (String) Common.sHtmlSpecialChars(Common.getSiteUrl(request) + nUrl) }; mainService.sendMail(request, response, authorId, "", Common.getMessage(request, qMsgType, args), "", qMsgType); mainService.addNotification(request, sGlobal, sConfig, authorId, noteType, qNote == null ? "" : qNote, false); } if (!Common.empty(statType)) { mainService.updateStat(request, statType, false); } if (toSpaceUid != supeUid) { String needle = String.valueOf(id); if ("uid".equals(idType) == false) { needle = idType + id; } else { needle = String.valueOf(toSpaceUid); } Common.getReward(action, true, 0, needle, true, request, response); if (!Common.empty(becomment)) { if ("uid".equals(idType)) { needle = String.valueOf(supeUid); } Common.getReward(becomment, true, toSpaceUid, needle, false, request, response); } } return showMessage(request, response, msg, request.getParameter("refer"), 0, magValues); } String op = request.getParameter("op"); if ("edit".equals(op)) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT * FROM sns_comment WHERE cid='" + cid + "' AND authorid='" + supeUid + "'"); Map comment = query.size() == 0 ? null : query.get(0); if (comment == null) { return showMessage(request, response, "no_privilege"); } if (submitCheck(request, "editsubmit")) { String message = Common.getStr(request.getParameter("message"), 0, true, true, true, 2, 0, request, response); if (message.length() < 2) { return showMessage(request, response, "content_is_too_short"); } Map set = new HashMap(); set.put("message", message); Map where = new HashMap(); where.put("cid", comment.get("cid")); dataBaseService.updateTable("sns_comment", set, where); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } comment.put("message", BBCode.html2bbcode((String) comment.get("message"))); request.setAttribute("comment", comment); } else if ("delete".equals(op)) { if (submitCheck(request, "deletesubmit")) { AdminDeleteService ads = new AdminDeleteService(); if (ads.deleteComments(request, response, supeUid, cid)) { return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } else { return showMessage(request, response, "no_privilege"); } } } else if ("reply".equals(op)) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_comment WHERE cid='" + cid + "'"); Map comment = query.size() == 0 ? null : query.get(0); if (comment == null) { return showMessage(request, response, "comments_do_not_exist"); } request.setAttribute("comment", comment); } else { return showMessage(request, response, "no_privilege"); } request.setAttribute("cid", cid); } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("navtitle", "? - "); return include(request, response, sConfig, sGlobal, "cp_comment.jsp"); } public ActionForward cp_common(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); String op = Common.trim(request.getParameter("op")); if ("logout".equals(op)) { if (sGlobal.get("uhash").equals(request.getParameter("uhash"))) { int supe_uid = (Integer) sGlobal.get("supe_uid"); if (supe_uid > 0) { dataBaseService.executeUpdate("DELETE FROM sns_session WHERE uid=" + supe_uid); dataBaseService.executeUpdate("DELETE FROM sns_adminsession WHERE uid=" + supe_uid); } CookieHelper.clearCookie(request, response); CookieHelper.removeCookie(request, response, "_refer"); // session HttpSession session = request.getSession(); if (session.getAttribute("third") != null) { session.invalidate(); } } int allowRewrite = (Integer) sConfig.get("allowrewrite"); String indexPath = allowRewrite == 0 ? "portal.action" : "portal.html"; return showMessage(request, response, "security_exit", indexPath, 1, ""); } else if ("seccode".equals(op)) { if (mainService.checkSeccode(request, response, sGlobal, sConfig, request.getParameter("code"))) { return showMessage(request, response, "succeed"); } else { return showMessage(request, response, "incorrect_code"); } } else if ("report".equals(op)) { String idType = Common.trim(request.getParameter("idtype")); int id = Common.intval(request.getParameter("id")); String[] idTypes = { "picid", "blogid", "albumid", "tagid", "tid", "sid", "uid", "pid", "eventid", "comment", "post" }; if (!Common.in_array(idTypes, idType)) { return showMessage(request, response, "report_error"); } Map space = (Map) request.getAttribute("space"); List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_report WHERE id='" + id + "' AND idtype='" + idType + "'"); Map uidArr = null; Map<String, Object> report = null; if (query.size() > 0) { report = query.get(0); uidArr = Serializer.unserialize((String) report.get("uids"), false); if (!Common.empty(uidArr.get(space.get("uid")))) { return showMessage(request, response, "repeat_report"); } } else { uidArr = new HashMap(); report = new HashMap<String, Object>(); } try { if (submitCheck(request, "reportsubmit")) { String reason = Common.getStr(request.getParameter("reason"), 150, true, true, false, 0, 0, request, response); reason = "<li><strong><a href=\"zone.action?uid=" + space.get("uid") + "\" target=\"_blank\">" + sGlobal.get("supe_username") + "</a>:</strong> " + reason + " (" + Common.sgmdate(request, "MM-dd HH:mm", (Integer) sGlobal.get("timestamp")) + ")</li>"; uidArr.put(space.get("uid"), space.get("username")); String uids = Common.addSlashes(Serializer.serialize(uidArr)); if (Common.empty(report)) { Map<String, Object> setarr = new HashMap<String, Object>(); setarr.put("id", id < 0 ? 0 : id); setarr.put("idtype", idType); setarr.put("num", 1); setarr.put("new", 1); setarr.put("reason", reason); setarr.put("uids", uids); setarr.put("dateline", sGlobal.get("timestamp")); dataBaseService.insertTable("sns_report", setarr, false, false); } else { reason = Common.addSlashes((String) report.get("reason")) + reason; dataBaseService.executeUpdate("UPDATE sns_report SET num=num+1, reason='" + reason + "', dateline='" + sGlobal.get("timestamp") + "', uids='" + uids + "' WHERE rid='" + report.get("rid") + "'"); } return showMessage(request, response, "report_success"); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } Integer num = (Integer) report.get("num"); if (num != null && num < 1) { return showMessage(request, response, "the_normal_information"); } String reason = Common.getData("reason"); if (reason != null) { String[] reasonArr = reason.replaceAll("(\\s*(\r\n|\n\r|\n|\r)\\s*)", "\r\n").trim().split("\r\n"); if (Common.isArray(reasonArr) && reasonArr.length == 1 && Common.empty(reasonArr[0])) { reasonArr = null; } request.setAttribute("reason", reasonArr); } request.setAttribute("idType", idType); request.setAttribute("id", id); } else if ("ignore".equals(op)) { String type = Common.trim(request.getParameter("type")).replaceAll("[^0-9a-zA-Z\\_\\-\\.]", ""); try { if (submitCheck(request, "ignoresubmit")) { int authorId = Common.intval(request.getParameter("authorid")); if (!Common.empty(type)) { Map space = (Map) request.getAttribute("space"); Map privacy = (Map) space.get("privacy"); String typeUid = type + "|" + authorId; if (Common.empty(privacy.get("filter_note")) || !Common.isArray(privacy.get("filter_note"))) { privacy.put("filter_note", new HashMap()); } Map filterNote = (Map) privacy.get("filter_note"); filterNote.put(typeUid, typeUid); mainService.privacyUpdate(privacy, (Integer) sGlobal.get("supe_uid")); } return showMessage(request, response, "do_success", request.getParameter("refer")); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } String formId = Common.getRandStr(8, false); request.setAttribute("formid", formId); request.setAttribute("type", type); } else if ("getuserapp".equals(op)) { ArrayList myUserApp = new ArrayList(); if (Common.empty(request.getParameter("subop"))) { Iterator it = ((Map) sGlobal.get("my_userapp")).keySet().iterator(); Map userApp = (Map) sGlobal.get("userapp"); while (it.hasNext()) { Map value = (Map) it.next(); if (!Common.empty(value.get("allowsidenav")) && userApp.containsKey(value.get("appid"))) { myUserApp.add(value); } } } else { myUserApp = (ArrayList) sGlobal.get("my_menu"); } request.setAttribute("my_userapp", myUserApp); } else if ("closefeedbox".equals(op)) { CookieHelper.setCookie(request, response, "closefeedbox", "1"); } else if ("changetpl".equals(op)) { String dir = Common.trim(request.getParameter("name")).replace(".", ""); if (!Common.empty(dir)) { File file = new File(SysConstants.snsRoot + "/template/" + dir + "/style.css"); if (file.exists()) { CookieHelper.setCookie(request, response, "mytemplate", dir, 365 * 24 * 3600); } } return showMessage(request, response, "do_success", "zone.action?do=home", 0); } return include(request, response, sConfig, sGlobal, "cp_common.jsp"); } public ActionForward cp_credit(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int perPage = 20; int page = Common.intval(request.getParameter("page")); if (page < 1) { page = 1; } int start = (page - 1) * perPage; int maxPage = (Integer) sConfig.get("maxpage"); String result = Common.ckStart(start, perPage, maxPage); if (result != null) { return showMessage(request, response, result); } String op = request.getParameter("op"); if (Common.empty(op)) { op = "base"; } if (op.equals("base")) { String maxAttachSizeStr = null; int maxAttachSize = (Integer) Common.checkPerm(request, response, sGlobal, "maxattachsize"); int percent = 0; if (maxAttachSize == 0) { maxAttachSizeStr = "-"; } else { maxAttachSize = maxAttachSize + (Integer) space.get("addsize"); percent = (int) (((Integer) space.get("attachsize")) / (float) maxAttachSize * 100); maxAttachSizeStr = Common.formatSize(maxAttachSize).replaceFirst("\\.\\d*", ""); } space.put("attachsize", Common.formatSize((Integer) space.get("attachsize"))); space.put("grouptitle", Common.checkPerm(request, response, sGlobal, "grouptitle")); String theUrl = "main.action?ac=credit&perpage=" + perPage; String t_creditlog = " sns_creditlog"; Object spaceUid = space.get("uid"); int count = dataBaseService .findRows("SELECT count(*) FROM " + t_creditlog + " WHERE uid='" + spaceUid + "'"); if (count > 0) { String t_creditrule = " sns_creditrule"; List<Map<String, Object>> list = dataBaseService.executeQuery("SELECT r.rulename, c.* FROM " + t_creditlog + " c LEFT JOIN " + t_creditrule + " r ON r.rid=c.rid WHERE c.uid='" + spaceUid + "' ORDER BY dateline DESC LIMIT " + start + "," + perPage); String format = "MM-dd HH:mm"; for (Map<String, Object> value : list) { value.put("dateline", Common.sgmdate(request, format, (Integer) value.get("dateline"))); } String multi = Common.multi(request, count, perPage, page, maxPage, theUrl, null, null); request.setAttribute("list", list); request.setAttribute("multi", multi); } int groupId = (Integer) space.get("groupid"); String star = Common.getStar(sConfig, (Integer) space.get("experience")); String color = Common.getColor(request, response, groupId); String icon = Common.getIcon(request, response, groupId); String format = "yyyy-MM-dd"; String dateline = Common.sgmdate(request, format, (Integer) space.get("dateline"), true); String lastLogin = Common.sgmdate(request, format, (Integer) space.get("lastlogin"), true); String updateTime = Common.sgmdate(request, format, (Integer) space.get("updatetime"), true); request.setAttribute("star", star); request.setAttribute("color", color); request.setAttribute("icon", icon); request.setAttribute("maxattachsize", maxAttachSizeStr); request.setAttribute("percent", percent); request.setAttribute("dateline", dateline); request.setAttribute("lastlogin", lastLogin); request.setAttribute("updatetime", updateTime); } else if (op.equals("exchange")) { return showMessage(request, response, "integral_convertible_unopened"); } else if (op.equals("rule")) { List wherearr = new ArrayList(); String theUrl = "main.action?ac=credit&op=rule&perpage=" + perPage; Map perPages = new HashMap(); perPages.put(String.valueOf(perPage), " selected"); String rid = request.getParameter("rid"); if (rid != null && rid.trim().length() != 0) { wherearr.add("rid='" + Common.intval(rid) + "'"); } String rewardType = request.getParameter("rewardtype"); if (rewardType != null) { int rewardTypeInt = Common.intval(rewardType); wherearr.add("rewardtype='" + rewardTypeInt + "'"); theUrl += "&rewardtype=" + rewardTypeInt; } String whereSql = ""; if (wherearr.isEmpty() == false) { whereSql = " WHERE " + Common.implode(wherearr, " AND "); } String[] cycleTypes = { "", "?", "", "", "??" }; List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_creditrule " + whereSql + " ORDER BY rid DESC"); ArrayList list = new ArrayList(); ArrayList list2 = new ArrayList(); for (Map<String, Object> value : query) { if ((Integer) value.get("rewardtype") == 1) { value.put("cycletype", cycleTypes[(Integer) value.get("cycletype")]); list.add(value); } else { list2.add(value); } } request.setAttribute("list", list); request.setAttribute("list2", list2); } else if (op.equals("usergroup")) { space.put("grouptitle", Common.checkPerm(request, response, sGlobal, "grouptitle")); ArrayList groups = new ArrayList(); ArrayList sGroups = new ArrayList(); boolean highest = true; int lower = 0; List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_usergroup ORDER BY explower DESC"); for (Map<String, Object> value : query) { int gid = (Integer) value.get("gid"); value.put("color", Common.getColor(request, response, gid)); value.put("icon", Common.getIcon(request, response, gid)); if (Common.empty(value.get("system"))) { if (highest) { value.put("exphigher", 999999999); highest = false; } else { value.put("exphigher", lower - 1); } lower = (Integer) value.get("explower"); groups.add(value); } else { sGroups.add(value); } } request.setAttribute("groups", groups); request.setAttribute("s_groups", sGroups); } request.setAttribute("cat_actives_" + op, " class=\"active\""); return include(request, response, sConfig, sGlobal, "cp_credit.jsp"); } public ActionForward cp_doing(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int doId = Common.intval(request.getParameter("doid")); int id = Common.intval(request.getParameter("id")); String refer = request.getParameter("refer"); if (Common.empty(refer)) { refer = "zone.action?do=doing&view=me"; } try { if (submitCheck(request, "addsubmit")) { int addDoing = 1; String spaceNote = request.getParameter("spacenote"); if (Common.empty(spaceNote)) { if (!Common.checkPerm(request, response, "allowdoing")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (!mainService.checkRealName(request, "doing")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "doing")) { return showMessage(request, response, "no_privilege_videophoto"); } switch (mainService.checkNewUser(request, response)) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } if (Common.checkPerm(request, response, "seccode") && !mainService.checkSeccode(request, response, sGlobal, sConfig, request.getParameter("seccode"))) { return showMessage(request, response, "incorrect_code"); } int waitTime = Common.checkInterval(request, response, "post"); if (waitTime > 0) { return showMessage(request, response, "operating_too_fast", "", 1, waitTime); } } else { if (!Common.checkPerm(request, response, "allowdoing")) { addDoing = 0; } if (!mainService.checkRealName(request, "doing")) { addDoing = 0; } if (!mainService.checkVideoPhoto(request, response, "doing")) { addDoing = 0; } if (!(mainService.checkNewUser(request, response) == 1)) { addDoing = 0; } int waitTime = Common.checkInterval(request, response, "post"); if (waitTime > 0) { addDoing = 0; } } String message = Common.trim(request.getParameter("message")); Matcher m = Pattern.compile("(?s)\\[em\\:(\\d+)\\:\\]").matcher(message); int mood = m.find() ? Common.intval(m.group(1)) : 0; // message = Common.getStr(message, 200, true, true, true, 0, 0, // request, response); Map<String, Object> results = Common.getStrWithWordshield(message, 200, true, true, 0, 0, request, response); message = (String) results.get("STR"); message = message.replaceAll("(?is)\\[em:(\\d+):]", "<img src=\"image/face/$1.gif\" class=\"face\">"); message = message.replaceAll("(?is)\\<br.*?\\>", " "); if (message.length() < 1) { return showMessage(request, response, "should_write_that"); } Map setmap = new HashMap(); int newDoId = 0; if (addDoing != 0) { setmap.put("uid", sGlobal.get("supe_uid")); setmap.put("username", sGlobal.get("supe_username")); setmap.put("dateline", sGlobal.get("timestamp")); setmap.put("message", message); setmap.put("mood", mood); setmap.put("ip", Common.getOnlineIP(request)); newDoId = dataBaseService.insertTable("sns_doing", setmap, true, false); // ???? Common.doWithWordshieldProcess("doing", newDoId, "", (Integer) (Common.getMember(request).get("uid")), results, dataBaseService); } setmap = new HashMap(); setmap.put("note", message); Map reward = null; if (!Common.empty(spaceNote)) { reward = Common.getReward("updatemood", false, 0, "", true, request, response); setmap.put("spacenote", message); } else { reward = Common.getReward("doing", false, 0, "", true, request, response); } Map where = new HashMap(); where.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_spacefield", setmap, where); int credit = 0; int experience = 0; if (!Common.empty(reward.get("credit"))) { credit = (Integer) reward.get("credit"); } if (!Common.empty(reward.get("experience"))) { experience = (Integer) reward.get("experience"); } setmap = new HashMap(); setmap.put("mood", "mood='" + mood + "'"); setmap.put("updatetime", "updatetime='" + sGlobal.get("timestamp") + "'"); setmap.put("credit", "credit=credit+" + credit); setmap.put("experience", "experience=experience+" + experience); setmap.put("lastpost", "lastpost='" + sGlobal.get("timestamp") + "'"); if (addDoing != 0) { if (Common.empty(space.get("doingnum"))) { where = new HashMap(); where.put("uid", space.get("uid")); int doingNum = Common.intval(Common.getCount("sns_doing", where, null)); setmap.put("doingnum", "doingnum='" + doingNum + "'"); } else { setmap.put("doingnum", "doingnum=doingnum+1"); } } dataBaseService.executeUpdate("UPDATE sns_space SET " + Common.implode(setmap, ",") + " WHERE uid='" + sGlobal.get("supe_uid") + "'"); if (addDoing != 0 && Common.ckPrivacy(sGlobal, sConfig, space, "doing", 1)) { Map messagemap = new HashMap(); messagemap.put("message", message); Map feedmap = new HashMap(); feedmap.put("appid", SysConstants.snsConfig.get("SNS_APPID")); feedmap.put("icon", "doing"); feedmap.put("uid", sGlobal.get("supe_uid")); feedmap.put("username", sGlobal.get("supe_username")); feedmap.put("dateline", sGlobal.get("timestamp")); feedmap.put("title_template", Common.getMessage(request, "cp_feed_doing_title")); feedmap.put("title_data", Common.sAddSlashes(Serializer.serialize(Common.sStripSlashes(messagemap)))); feedmap.put("body_template", ""); feedmap.put("body_data", ""); feedmap.put("body_general", ""); feedmap.put("target_ids", ""); feedmap.put("id", newDoId); feedmap.put("idtype", "doid"); feedmap.put("hash_template", Common.md5(feedmap.get("title_template") + "\t" + feedmap.get("body_template"))); feedmap.put("hash_data", Common.md5(feedmap.get("title_template") + "\t" + feedmap.get("title_data") + "\t" + feedmap.get("body_template") + "\t" + feedmap.get("body_data"))); dataBaseService.insertTable("sns_feed", feedmap, false, false); } mainService.updateStat(request, "doing", false); return showMessage(request, response, "do_success", refer, 0); } else if (submitCheck(request, "commentsubmit")) { if (!Common.checkPerm(request, response, "allowdoing")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (!mainService.checkRealName(request, "doing")) { return showMessage(request, response, "no_privilege_realname"); } switch (mainService.checkNewUser(request, response)) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } int waitTime = Common.checkInterval(request, response, "post"); if (waitTime > 0) { return showMessage(request, response, "operating_too_fast", "", 1, String.valueOf(waitTime)); } // String message = // Common.getStr(request.getParameter("message"), 200, true, // true, true, 0, 0, request, response); Map<String, Object> results = Common.getStrWithWordshield(request.getParameter("message"), 200, true, true, 0, 0, request, response); String message = (String) results.get("STR"); message = message.replaceAll("(?is)\\[em:(\\d+):]", "<img src=\"image/face/$1.gif\" class=\"face\">"); message = message.replaceAll("(?is)\\<br.*?\\>", " "); if (message.length() < 1) { return showMessage(request, response, "should_write_that"); } Map updo = null; if (id != 0) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_docomment WHERE id='" + id + "'"); if (query.size() != 0) { updo = query.get(0); } } if (Common.empty(updo) && doId != 0) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_doing WHERE doid='" + doId + "'"); if (query.size() != 0) { updo = query.get(0); } } if (Common.empty(updo)) { return showMessage(request, response, "docomment_error"); } else { if (mainService.isBlackList((Integer) updo.get("uid"), (Integer) sGlobal.get("supe_uid")) != 0) { return showMessage(request, response, "is_blacklist"); } } Integer grade = (Integer) updo.get("grade"); Integer tmpId = (Integer) updo.get("id"); updo.put("grade", grade != null ? grade : 0); updo.put("id", tmpId != null ? tmpId : 0); Map setmap = new HashMap(); setmap.put("doid", updo.get("doid")); setmap.put("upid", updo.get("id")); setmap.put("uid", sGlobal.get("supe_uid")); setmap.put("username", sGlobal.get("supe_username")); setmap.put("dateline", sGlobal.get("timestamp")); setmap.put("message", message); setmap.put("ip", Common.getOnlineIP(request)); setmap.put("grade", (Integer) updo.get("grade") + 1); if ((Integer) updo.get("grade") >= 3) { setmap.put("upid", updo.get("upid")); } int newId = dataBaseService.insertTable("sns_docomment", setmap, true, false); // ???? Common.doWithWordshieldProcess("docomment", newId, "", (Integer) (Common.getMember(request).get("uid")), results, dataBaseService); dataBaseService.executeUpdate( "UPDATE sns_doing SET replynum=replynum+1 WHERE doid='" + updo.get("doid") + "'"); if ((Integer) updo.get("uid") != (Integer) sGlobal.get("supe_uid")) { String note = Common.getMessage(request, "cp_note_doing_reply", "zone.action?do=doing&doid=" + updo.get("doid") + "&highlight=" + newId); mainService.addNotification(request, sGlobal, sConfig, (Integer) updo.get("uid"), "doing", note, false); Common.getReward("comment", true, 0, "doing" + updo.get("doid"), true, request, response); } mainService.updateStat(request, "docomment", false); return showMessage(request, response, "do_success", refer, 0); } String op = request.getParameter("op"); if ("delete".equals(op)) { if (submitCheck(request, "deletesubmit")) { if (id != 0) { boolean allowManage = Common.checkPerm(request, response, "managedoing"); List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT dc.*, d.uid as duid FROM " + " sns_docomment dc, sns_doing d WHERE dc.id='" + id + "' AND dc.doid=d.doid"); if (query.size() != 0) { Map<String, Object> value = query.get(0); if (allowManage || (Integer) value.get("uid") == (Integer) sGlobal.get("supe_uid") || (Integer) value.get("duid") == (Integer) sGlobal.get("supe_uid")) { Map set = new HashMap(); set.put("uid", 0); set.put("username", ""); set.put("message", ""); Map where = new HashMap(); where.put("id", id); dataBaseService.updateTable("sns_docomment", set, where); if ((Integer) value.get("uid") != (Integer) sGlobal.get("supe_uid") && (Integer) value.get("duid") != (Integer) sGlobal.get("supe_uid")) { Common.getReward("delcomment", true, (Integer) value.get("uid"), "", true, request, response); } } } } else { adminDeleteService.deleteDoings(request, response, (Integer) sGlobal.get("supe_uid"), doId); } return showMessage(request, response, "do_success", refer, 0); } } else if ("getcomment".equals(op)) { TreeService tree = new TreeService(); List list = new ArrayList(); int highLight = 0; int count = 0; if (Common.empty(request.getParameter("close"))) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT * FROM sns_docomment WHERE doid='" + doId + "' ORDER BY dateline"); for (Map<String, Object> value : query) { tree.setNode((Integer) value.get("id"), value.get("upid"), value); count++; value.put("authorid", space.get("uid")); if (!Common.empty(value.get("authorid"))) { highLight = (Integer) value.get("id"); } } } if (count != 0) { List values = tree.getChilds(0); int spaceUid = (Integer) space.get("uid"); for (Object vid : values) { Map one = tree.getValue(vid); one.put("layer", tree.getLayer(vid, 0) * 2); one.put("style", "padding-left:" + one.get("layer") + "em;"); if ((Integer) one.get("id") == highLight && (Integer) one.get("uid") == spaceUid) { one.put("style", one.get("style") + "color:red;font-weight:bold;"); } list.add(one); } } request.setAttribute("list", list); request.setAttribute("reques", request); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("doid", doId); request.setAttribute("id", id); return include(request, response, sConfig, sGlobal, "cp_doing.jsp"); } public ActionForward cp_domain(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Object result = Common.checkPerm(request, response, sGlobal, "domainlength"); int domainLength = result != null ? (Integer) result : 0; Map reward = null; if (!Common.empty(sConfig.get("allowdomain")) && !Common.empty(sConfig.get("domainroot")) && domainLength != 0) { reward = Common.getReward("modifydomain", false, 0, "", true, request, response); } else { return showMessage(request, response, "no_privilege"); } Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int rewardCredit = (Integer) reward.get("credit"); int rewardExperience = (Integer) reward.get("experience"); try { if (submitCheck(request, "domainsubmit")) { Map setarr = new HashMap(); String domain = request.getParameter("domain").trim().toLowerCase(); String spaceDomain = (String) space.get("domain"); if (domain.equals(spaceDomain) == false) { if (!Common.empty(spaceDomain) && (rewardCredit != 0 || rewardExperience != 0)) { int spaceCredit = (Integer) space.get("credit"); int spaceExperience = (Integer) space.get("experience"); if (spaceExperience >= rewardExperience) { setarr.put("experience", spaceExperience - rewardExperience); } else { String[] args = new String[] { String.valueOf(spaceExperience), String.valueOf(rewardExperience) }; return showMessage(request, response, "experience_inadequate", "", 1, args); } if (spaceCredit >= rewardCredit) { setarr.put("credit", spaceCredit - rewardCredit); } else { String[] args = new String[] { String.valueOf(spaceCredit), String.valueOf(rewardCredit) }; return showMessage(request, response, "integral_inadequate", "", 1, args); } } if (domainLength == 0 || domain.length() == 0) { setarr.put("domain", ""); } else { int domainLen = domain.length(); if (domainLen < domainLength) { return showMessage(request, response, "domain_length_error", "", 1, String.valueOf(domainLength)); } if (domainLen > 30) { return showMessage(request, response, "two_domain_length_not_more_than_30_characters"); } if (domain.matches("^[a-z][a-z0-9]*$") == false) { return showMessage(request, response, "only_two_names_from_english_composition_and_figures"); } if (Common.isHoldDomain(sConfig, domain)) { return showMessage(request, response, "domain_be_retained"); } Map where = new HashMap(); where.put("domain", domain); int count = Common.intval(Common.getCount("sns_space", where, null)); if (count > 0) { return showMessage(request, response, "two_domain_have_been_occupied"); } setarr.put("domain", domain); } } if (setarr.isEmpty() == false) { Map where = new HashMap(); where.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_space", setarr, where); } return showMessage(request, response, "do_success", "main.action?ac=domain"); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } Map actives = new HashMap(); actives.put(request.getParameter("ac"), " class=\"active\""); request.setAttribute("domainlength", domainLength); request.setAttribute("actives", actives); request.setAttribute("reward", reward); return include(request, response, sConfig, sGlobal, "cp_domain.jsp"); } public ActionForward cp_event(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); int supe_uid = (Integer) sGlobal.get("supe_uid"); String supe_username = (String) sGlobal.get("supe_username"); int timestamp = (Integer) sGlobal.get("timestamp"); int eventid = 0; String tempS = request.getParameter("id"); if (tempS != null) { eventid = Common.intval(tempS); } tempS = request.getParameter("op"); String op = Common.empty(tempS) ? "edit" : tempS; Map<String, String> menus = new HashMap<String, String>(); menus.put(op, " class='active'"); boolean allowmanage = false; List<Map<String, Object>> query; Map<String, Object> event = null; if (eventid != 0) { query = dataBaseService.executeQuery("SELECT e.*, ef.* FROM sns_event e LEFT JOIN " + " sns_eventfield ef ON e.eventid=ef.eventid WHERE e.eventid='" + eventid + "'"); event = query.size() > 0 ? query.get(0) : null; if (event == null) { return showMessage(request, response, "event_does_not_exist"); } int eventGrade = (Integer) event.get("grade"); int eventUid = (Integer) event.get("uid"); if ((eventGrade == -1 || eventGrade == 0) && eventUid != supe_uid && !Common.checkPerm(request, response, "manageevent")) { return showMessage(request, response, "event_under_verify"); } query = dataBaseService.executeQuery( "SELECT * FROM sns_userevent WHERE eventid='" + eventid + "' AND uid='" + supe_uid + "'"); Map<String, Object> value = query.size() > 0 ? query.get(0) : new HashMap<String, Object>(); sGlobal.put("supe_userevent", value); Integer status = (Integer) value.get("status"); if ((status != null && status >= 3) || Common.checkPerm(request, response, "manageevent")) { allowmanage = true; } } Map<Integer, Map<String, Object>> globalEventClass = Common.getCacheDate(request, response, "cache/cache_eventclass.jsp", "globalEventClass"); if (Common.empty(globalEventClass)) { try { cacheService.eventclass_cache(); } catch (IOException e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } globalEventClass = Common.getCacheDate(request, response, "cache/cache_eventclass.jsp", "globalEventClass"); } FileUploadUtil upload; try { upload = getParsedFileUploadUtil(request); if (submitCheckForMulti(request, upload, "eventsubmit")) { if (Common.checkPerm(request, response, "seccode") && !mainService.checkSeccode(request, response, sGlobal, sConfig, upload.getParameter("seccode"))) { return showMessage(request, response, "incorrect_code"); } Map<String, Object> arr1 = new HashMap<String, Object>(); String arr1Title; try { arr1Title = Common.getStr(upload.getParameter("title"), 80, true, true, true, 0, 0, request, response); } catch (Exception exception) { return showMessage(request, response, exception.getMessage()); } arr1.put("title", arr1Title); arr1.put("classid", Common.intval(upload.getParameter("classid"))); try { arr1.put("province", Common.getStr(upload.getParameter("province"), 20, true, true, false, 0, 0, request, response)); } catch (Exception exception) { return showMessage(request, response, exception.getMessage()); } try { arr1.put("city", Common.getStr(upload.getParameter("city"), 20, true, true, false, 0, 0, request, response)); } catch (Exception exception) { return showMessage(request, response, exception.getMessage()); } try { arr1.put("location", Common.getStr(upload.getParameter("location"), 80, true, true, true, 0, 0, request, response)); } catch (Exception exception) { return showMessage(request, response, exception.getMessage()); } String timeoffset = Common.getTimeOffset(sGlobal, sConfig); int arr1Starttime = Common.strToTime(upload.getParameter("starttime"), timeoffset, "yyyy-MM-dd HH:mm"); arr1.put("starttime", arr1Starttime); int arr1Endtime = Common.strToTime(upload.getParameter("endtime"), timeoffset, "yyyy-MM-dd HH:mm"); arr1.put("endtime", arr1Endtime); int arr1Deadline = Common.strToTime(upload.getParameter("deadline"), timeoffset, "yyyy-MM-dd HH:mm"); arr1.put("deadline", arr1Deadline); arr1.put("public", Common.intval(upload.getParameter("public"))); Map<String, Object> arr2 = new HashMap<String, Object>(); try { arr2.put("detail", Common.getStr(upload.getParameter("detail"), 0, true, true, true, 0, 1, request, response)); } catch (Exception exception) { return showMessage(request, response, exception.getMessage()); } arr2.put("limitnum", Common.intval(upload.getParameter("limitnum"))); arr2.put("verify", Common.intval(upload.getParameter("verify"))); arr2.put("allowpost", Common.intval(upload.getParameter("allowpost"))); arr2.put("allowpic", Common.intval(upload.getParameter("allowpic"))); arr2.put("allowfellow", Common.intval(upload.getParameter("allowfellow"))); arr2.put("allowinvite", Common.intval(upload.getParameter("allowinvite"))); try { arr2.put("template", Common.getStr(upload.getParameter("template"), 255, true, true, true, 0, 0, request, response)); } catch (Exception exception) { return showMessage(request, response, exception.getMessage()); } if (Common.empty(arr1.get("title"))) { return showMessage(request, response, "event_title_empty"); } else if (Common.empty(arr1.get("classid"))) { return showMessage(request, response, "event_classid_empty"); // } else if (Common.empty(arr1.get("city"))) { // return showMessage(request, response, // "event_city_empty"); } else if (Common.empty(arr2.get("detail"))) { return showMessage(request, response, "event_detail_empty"); } else if (arr1Endtime - arr1Starttime > 60 * 24 * 3600) { return showMessage(request, response, "event_bad_time_range"); } else if (arr1Endtime < arr1Starttime) { return showMessage(request, response, "event_bad_endtime"); } else if (arr1Deadline > arr1Endtime) { return showMessage(request, response, "event_bad_deadline"); } else if (eventid == 0 && arr1Starttime < timestamp) { return showMessage(request, response, "event_bad_starttime"); } Map<String, Object> pic = null; if (upload.isMultipart()) { FileItem fileItem = upload.getFileItem("poster"); Object picob = mainService.savePic(request, response, fileItem, "-1", arr1Title, 0); if (Common.isArray(picob)) { pic = (Map<String, Object>) picob; if (!Common.empty(pic.get("filepath"))) { arr1.put("poster", pic.get("filepath")); arr1.put("thumb", pic.get("thumb")); arr1.put("remote", pic.get("remote")); } } } String tagidString = upload.getParameter("tagid"); int tagid = 0; if (!Common.empty(tagidString) && (eventid == 0 || ((Integer) event.get("uid") == supe_uid) && !tagidString.equals(String.valueOf(event.get("tagid"))))) { tagid = Common.intval(tagidString); query = dataBaseService.executeQuery("SELECT * FROM sns_tagspace WHERE tagid='" + tagid + "' AND uid='" + supe_uid + "' LIMIT 1"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; if (value != null) { if ((Integer) value.get("grade") == 9) { arr1.put("tagid", value.get("tagid")); } } } if (eventid != 0) { if (allowmanage) { if ((Integer) event.get("grade") == -1 && (Integer) event.get("uid") == supe_uid) { arr1.put("grade", 0); } Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("eventid", eventid); dataBaseService.updateTable("sns_event", arr1, whereData); dataBaseService.updateTable("sns_eventfield", arr2, whereData); tempS = upload.getParameter("sharepic"); if (!Common.empty(tempS) && pic != null && !Common.empty(pic.get("picid"))) { Map<String, Object> arr = new HashMap<String, Object>(); arr.put("eventid", eventid); arr.put("picid", pic.get("picid")); arr.put("uid", supe_uid); arr.put("username", supe_username); arr.put("dateline", timestamp); dataBaseService.insertTable("sns_eventpic", arr, false, false); } return showMessage(request, response, "do_success", "zone.action?do=event&id=" + eventid, 0); } else { return showMessage(request, response, "no_privilege_edit_event"); } } else { if (!mainService.checkRealName(request, "event")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "event")) { return showMessage(request, response, "no_privilege_videophoto"); } switch (mainService.checkNewUser(request, response)) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } int topicid = mainService.checkTopic(request, Common.intval(upload.getParameter("topicid")), "event"); arr1.put("topicid", topicid); arr1.put("uid", supe_uid); arr1.put("username", supe_username); arr1.put("dateline", timestamp); arr1.put("updatetime", timestamp); arr1.put("membernum", 1); arr1.put("grade", !Common.empty(Common.checkPerm(request, response, sGlobal, "verifyevent")) ? 0 : 1); eventid = dataBaseService.insertTable("sns_event", arr1, true, false); if (eventid == 0) { return showMessage(request, response, "event_create_failed"); } arr2.put("eventid", eventid); arr2.put("hotuser", ""); dataBaseService.insertTable("sns_eventfield", arr2, false, false); tempS = upload.getParameter("sharepic"); if (!Common.empty(tempS) && pic != null && !Common.empty(pic.get("picid"))) { Map<String, Object> arr = new HashMap<String, Object>(); arr.put("eventid", eventid); arr.put("picid", pic.get("picid")); arr.put("uid", supe_uid); arr.put("username", supe_username); arr.put("dateline", timestamp); dataBaseService.insertTable("sns_eventpic", arr, false, false); } Map<String, Object> arr3 = new HashMap<String, Object>(); arr3.put("eventid", eventid); arr3.put("uid", supe_uid); arr3.put("username", supe_username); arr3.put("status", 4); arr3.put("fellow", 0); tempS = (String) arr1.get("template"); tempS = tempS == null ? "" : tempS; arr3.put("template", tempS); arr3.put("dateline", timestamp); dataBaseService.insertTable("sns_userevent", arr3, false, false); if ((Integer) arr1.get("grade") > 0) { tempS = upload.getParameter("makefeed"); if (!Common.empty(tempS)) { feedService.feedPublish(request, response, eventid, "eventid", true); } } mainService.updateStat(request, "event", false); String eventnumsql; if (Common.empty(space.get("eventnum"))) { Map<String, Object> whereArr = new HashMap<String, Object>(); whereArr.put("uid", space.get("uid")); space.put("eventnum", Common.getCount("sns_event", whereArr, null)); eventnumsql = "eventnum=" + space.get("eventnum"); } else { eventnumsql = "eventnum=eventnum+1"; } Map<String, Integer> reward = Common.getReward("createevent", false, 0, "", true, request, response); dataBaseService.executeUpdate("UPDATE sns_space SET " + eventnumsql + ", lastpost='" + timestamp + "', updatetime='" + timestamp + "', credit=credit+" + reward.get("credit") + ", experience=experience+" + reward.get("experience") + " WHERE uid='" + supe_uid + "'"); String url; if (topicid != 0) { mainService.topicJoin(request, topicid, supe_uid, supe_username); url = "zone.action?do=topic&topicid=" + topicid + "&view=event"; } else { url = "zone.action?do=event&id=" + eventid; } return showMessage(request, response, "do_success", url, 0); } } if ("invite".equals(op)) { Map<String, Object> supeUserEvent = (Map<String, Object>) sGlobal.get("supe_userevent"); if (((event == null || Common.empty(event.get("allowinvite"))) && (supeUserEvent == null || (Integer) supeUserEvent.get("status") < 3)) || (supeUserEvent == null || (Integer) supeUserEvent.get("status") < 2)) { return showMessage(request, response, "no_privilege_do_eventinvite"); } if (submitCheck(request, "invitesubmit")) { Map<String, Object> arr = new LinkedHashMap<String, Object>(); arr.put("uid", supe_uid); arr.put("username", supe_username); arr.put("eventid", eventid); arr.put("dateline", timestamp); List<String> inserts = new ArrayList<String>(); List<Integer> touids = new ArrayList<Integer>(); String[] ids = request.getParameterValues("ids[]"); if (ids != null) { try { StringBuilder builder = new StringBuilder(); int touid; for (int i = 0; i < ids.length; i++) { touid = Common.intval(ids[i]); arr.put("touid", touid); arr.put("tousername", Common.getStr(request.getParameterValues("names[]")[i], 15, true, true, false, 0, 0, request, response)); builder.append("("); builder.append(Common.sImplode(arr)); builder.append(")"); inserts.add(builder.toString()); touids.add(touid); builder.delete(0, builder.length()); } } catch (Exception exception) { return showMessage(request, response, exception.getMessage()); } } if (!Common.empty(inserts)) { dataBaseService.execute( "INSERT INTO sns_eventinvite (uid, username, eventid, dateline, touid, tousername) VALUES " + Common.implode(inserts, ",")); dataBaseService .executeUpdate("UPDATE sns_space SET eventinvitenum=eventinvitenum+1 WHERE uid IN (" + Common.sImplode(touids) + ")"); } tempS = request.getParameter("group"); int getGroup = !Common.empty(tempS) ? Common.intval(tempS) : -1; tempS = request.getParameter("page"); int getPage = Common.empty(tempS) ? 0 : Common.intval(tempS); return showMessage(request, response, "do_success", "main.action?ac=event&op=invite&id=" + eventid + "&group=" + getGroup + "&page=" + getPage, 2); } int perpage = 21; tempS = request.getParameter("page"); int page = Common.empty(tempS) ? 0 : Common.intval(tempS); if (page < 1) page = 1; int start = (page - 1) * perpage; int maxPage = (Integer) sConfig.get("maxpage"); if ((tempS = Common.ckStart(start, perpage, maxPage)) != null) { return showMessage(request, response, tempS); } List<String> wherearr = new ArrayList<String>(); String key = Common.stripSearchKey(request.getParameter("key")); if (!Common.empty(key)) { wherearr.add(" fusername LIKE '%" + key + "%' "); } tempS = request.getParameter("group"); int group = !Common.empty(tempS) ? Common.intval(tempS) : -1; if (group >= 0) { wherearr.add(" gid='" + group + "'"); } String sql = wherearr.size() > 0 ? "AND" + Common.implode(wherearr, " AND ") : ""; query = dataBaseService.executeQuery("SELECT COUNT(*) AS cont FROM sns_friend WHERE uid='" + supe_uid + "' AND status='1' " + sql); int count = query.size() > 0 ? (Integer) (query.get(0).get("cont")) : 0; List<Integer> fuids = new ArrayList<Integer>(); List<Map<String, Object>> list = null; if (count != 0) { query = dataBaseService .executeQuery("SELECT * FROM sns_friend WHERE uid='" + supe_uid + "' AND status='1' " + sql + " ORDER BY num DESC, dateline DESC LIMIT " + start + "," + perpage); int fuid; for (Map<String, Object> value : query) { fuid = (Integer) value.get("fuid"); fuids.add(fuid); } list = query; } Map<Integer, Integer> joins = new HashMap<Integer, Integer>(); if (fuids.size() > 0) { query = dataBaseService.executeQuery("SELECT uid FROM sns_userevent WHERE eventid='" + eventid + "' AND uid IN (" + Common.sImplode(fuids) + ") AND status > 1"); int vuid; for (Map<String, Object> value : query) { vuid = (Integer) value.get("uid"); joins.put(vuid, vuid); } query = dataBaseService.executeQuery("SELECT touid FROM sns_eventinvite WHERE eventid='" + eventid + "' AND touid IN (" + Common.sImplode(fuids) + ")"); for (Map<String, Object> value : query) { vuid = (Integer) value.get("touid"); joins.put(vuid, vuid); } } Map<Integer, String> groups = Common.getFriendGroup(request); Map<Integer, String> groupselect = new HashMap<Integer, String>(); groupselect.put(group, " selected"); String multi = Common.multi(request, count, perpage, page, maxPage, "main.action?ac=event&op=invite&id=" + eventid + "&group=" + group + "&key=" + key, null, null); request.setAttribute("group", group); request.setAttribute("page", page); request.setAttribute("list", list); request.setAttribute("joins", joins); request.setAttribute("multi", multi); request.setAttribute("groups", groups); } else if ("members".equals(op)) { Map<String, Object> supeUserEvent = (Map<String, Object>) sGlobal.get("supe_userevent"); if (supeUserEvent == null || (Integer) supeUserEvent.get("status") < 3) { return showMessage(request, response, "no_privilege_manage_event_members"); } if (submitCheck(request, "memberssubmit")) { String[] ids = request.getParameterValues("ids[]"); boolean rz; if (!Common.empty(ids)) { Object object = verify_eventmembers(request, sGlobal, event, ids, request.getParameter("newstatus")); if (object instanceof MessageVO) { return showMessage(request, response, (MessageVO) object); } rz = !Common.empty(object); } else { rz = false; } String status = request.getParameter("status"); status = status == null ? "" : status; if (rz) { return showMessage(request, response, "do_success", "main.action?ac=event&op=members&id=" + eventid + "&status=" + status, 2); } else { return showMessage(request, response, "choose_right_eventmember", "main.action?ac=event&op=members&id=" + eventid + "&status=" + status, 5); } } int perpage = 24; tempS = request.getParameter("start"); int start = Common.empty(tempS) ? 0 : Common.intval(tempS); int count = 0; String wheresql; String key = request.getParameter("key"); String status = request.getParameter("status"); if (!Common.empty(key)) { key = Common.stripSearchKey(key); wheresql = " AND username LIKE '%" + key + "%' "; } else { status = Common.intval(status) + ""; wheresql = " AND status='" + status + "'"; } int maxPage = (Integer) sConfig.get("maxpage"); if ((tempS = Common.ckStart(start, perpage, maxPage)) != null) { return showMessage(request, response, tempS); } query = dataBaseService.executeQuery("SELECT * FROM sns_userevent WHERE eventid='" + eventid + "' " + wheresql + " LIMIT " + start + "," + perpage); for (Map<String, Object> value : query) { tempS = (String) value.get("template"); if (tempS != null) { value.put("template", Common.nl2br(Common.htmlSpecialChars(tempS))); } else { value.put("template", ""); } count++; } List<Map<String, Object>> list = query; if (!Common.empty(key)) { if (list.size() > 0) { status = String.valueOf(list.get(0).get("status")); } else { status = ""; } } String multi; try { multi = Common.smulti(sGlobal, start, perpage, count, "main.action?ac=event&op=members&id=" + eventid + "&status=" + status + "&key=" + key, null); } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("status", status); request.setAttribute("list", list); request.setAttribute("multi", multi); } else if ("member".equals(op)) { Map<String, Object> supeUserEvent = (Map<String, Object>) sGlobal.get("supe_userevent"); if (supeUserEvent == null || (Integer) supeUserEvent.get("status") < 3) { return showMessage(request, response, "no_privilege_manage_event_members"); } try { if (submitCheck(request, "membersubmit")) { String statusString = request.getParameter("status"); int status = Common.intval(statusString); boolean rz; String uid = request.getParameter("uid"); if (!Common.empty(uid)) { Object object = verify_eventmembers(request, sGlobal, event, new String[] { uid }, statusString); if (object instanceof MessageVO) { return showMessage(request, response, (MessageVO) object); } rz = !Common.empty(object); } else { rz = false; } if (rz) { String refer = request.getParameter("refer"); refer = Common.empty(refer) ? "zone.action?do=event&id=" + eventid + "&view=member&status=" + status : refer; return showMessage(request, response, "do_success", refer, 0); } else { return showMessage(request, response, "choose_right_eventmember"); } } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } int uid = Common.intval(request.getParameter("uid")); query = dataBaseService.executeQuery( "SELECT * FROM sns_userevent WHERE uid='" + uid + "' AND eventid='" + eventid + "'"); Map<String, Object> userevent = query.size() > 0 ? query.get(0) : null; if (Common.empty(userevent)) { return showMessage(request, response, "choose_right_eventmember"); } try { tempS = Common.nl2br(Common.getStr((String) userevent.get("template"), 255, true, false, true, 0, 0, request, response)); } catch (Exception e) { return showMessage(request, response, e.getMessage()); } userevent.put("template", tempS); request.setAttribute("uid", uid); request.setAttribute("userevent", userevent); } else if ("pic".equals(op)) { if (!allowmanage) { return showMessage(request, response, "no_privilege_manage_event_pic"); } if (submitCheck(request, "deletepicsubmit")) { String[] ids = request.getParameterValues("ids[]"); if (!Common.empty(ids)) { dataBaseService.execute("DELETE FROM sns_eventpic WHERE eventid='" + eventid + "' AND picid IN (" + Common.sImplode(ids) + ")"); dataBaseService.executeUpdate( "UPDATE sns_event SET picnum = (SELECT COUNT(*) FROM sns_eventpic WHERE eventid='" + eventid + "') WHERE eventid = '" + eventid + "'"); return showMessage(request, response, "do_success", "main.action?ac=event&op=pic&id=" + eventid, 0); } else { return showMessage(request, response, "choose_event_pic"); } } int perpage = 16; tempS = request.getParameter("page"); int page = Common.empty(tempS) ? 1 : Common.intval(tempS); if (page < 1) page = 1; int start = (page - 1) * perpage; int maxPage = (Integer) sConfig.get("maxpage"); if ((tempS = Common.ckStart(start, perpage, maxPage)) != null) { return showMessage(request, response, tempS); } String theurl = "main.action?ac=event&id=" + eventid + "&op=pic"; List<Map<String, Object>> photolist = null; int count = 0; query = dataBaseService.executeQuery( "SELECT COUNT(*) AS cont FROM sns_eventpic WHERE eventid = '" + eventid + "'"); if (query.size() > 0) { count = (Integer) query.get(0).get("cont"); } if (count != 0) { query = dataBaseService.executeQuery("SELECT pic.* FROM sns_eventpic ep LEFT JOIN " + " sns_pic pic ON ep.picid=pic.picid WHERE ep.eventid='" + eventid + "' ORDER BY ep.picid DESC LIMIT " + start + ", " + perpage); for (Map<String, Object> value : query) { value.put("pic", Common.pic_get(sConfig, (String) value.get("filepath"), (Integer) value.get("thumb"), (Integer) value.get("remote"), true)); } photolist = query; } String multi = Common.multi(request, count, perpage, page, maxPage, theurl, null, null); int photolistSize = photolist == null ? 0 : photolist.size(); request.setAttribute("photolistSize", photolistSize); request.setAttribute("photolist", photolist); request.setAttribute("multi", multi); } else if ("thread".equals(op)) { if (!allowmanage) { return showMessage(request, response, "no_privilege_manage_event_thread"); } if (Common.empty(event.get("tagid"))) { return showMessage(request, response, "event_has_not_mtag"); } try { if (submitCheck(request, "delthreadsubmit")) { String[] ids = request.getParameterValues("ids[]"); if (!Common.empty(ids)) { dataBaseService.execute("DELETE FROM sns_thread WHERE eventid='" + eventid + "' AND tid IN (" + Common.sImplode(ids) + ")"); dataBaseService.executeUpdate( "UPDATE sns_event SET threadnum = (SELECT COUNT(*) FROM sns_thread WHERE eventid='" + eventid + "') WHERE eventid = '" + eventid + "'"); return showMessage(request, response, "do_success", "main.action?ac=event&id=" + eventid + "&op=thread", 0); } else { return showMessage(request, response, "choose_event_thread"); } } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } int perpage = 20; tempS = request.getParameter("page"); int page = Common.empty(tempS) ? 1 : Common.intval(tempS); if (page < 1) page = 1; int start = (page - 1) * perpage; int maxPage = (Integer) sConfig.get("maxpage"); if ((tempS = Common.ckStart(start, perpage, maxPage)) != null) { return showMessage(request, response, tempS); } List<Map<String, Object>> threadlist = null; int count = 0; query = dataBaseService .executeQuery("SELECT COUNT(*) AS cont FROM sns_thread WHERE eventid = '" + eventid + "'"); if (query.size() > 0) { count = (Integer) query.get(0).get("cont"); } if (count != 0) { query = dataBaseService.executeQuery("SELECT * FROM sns_thread WHERE eventid='" + eventid + "' ORDER BY lastpost DESC LIMIT " + start + ", " + perpage); threadlist = query; } String multi = Common.multi(request, count, perpage, page, maxPage, "main.action?ac=event&id=" + eventid + "&op=thread", null, null); request.setAttribute("threadlist", threadlist); } else if ("join".equals(op)) { boolean popupmenu_box; if (mainService.isBlackList((Integer) event.get("uid"), supe_uid) != 0) { popupmenu_box = true; return showMessage(request, response, "is_blacklist"); } if (Common.empty(sGlobal.get("supe_userevent"))) { popupmenu_box = true; if (timestamp > (Integer) event.get("endtime")) { return showMessage(request, response, "event_is_over"); } if (timestamp > (Integer) event.get("deadline")) { return showMessage(request, response, "event_meet_deadline"); } if ((Integer) event.get("limitnum") > 0 && (Integer) event.get("membernum") >= (Integer) event.get("limitnum")) { return showMessage(request, response, "event_already_full"); } if ((Integer) event.get("public") < 2) { query = dataBaseService.executeQuery("SELECT * FROM sns_eventinvite WHERE eventid = '" + event.get("eventid") + "' AND touid = '" + supe_uid + "' LIMIT 1"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; if (Common.empty(value)) { return showMessage(request, response, "event_join_limit"); } } } if (submitCheck(request, "joinsubmit")) { Map<String, Object> supe_userevent = (Map<String, Object>) sGlobal.get("supe_userevent"); boolean supe_usereventNotEmpty = !Common.empty(supe_userevent); Integer supe_usereventStatus = supe_usereventNotEmpty ? (Integer) supe_userevent.get("status") : null; if (supe_usereventStatus != null && supe_usereventStatus == 0) { Map<String, Object> arr = new HashMap<String, Object>(); tempS = request.getParameter("fellow"); if (tempS != null) { arr.put("fellow", Common.intval(tempS)); } tempS = request.getParameter("template"); if (!Common.empty(tempS)) { try { tempS = Common.getStr(tempS, 255, true, true, true, 0, 0, request, response); } catch (Exception e) { return showMessage(request, response, e.getMessage()); } arr.put("template", tempS); } if (!Common.empty(arr)) { Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("eventid", eventid); whereData.put("uid", supe_uid); dataBaseService.updateTable("sns_userevent", arr, whereData); } return showMessage(request, response, "do_success", "zone.action?do=event&id=" + eventid, 2); } if (supe_usereventStatus != null && supe_usereventStatus > 1) { Map<String, Object> arr = new HashMap<String, Object>(); int num = 0; tempS = request.getParameter("fellow"); if (tempS != null) { int fellow = Common.intval(tempS); arr.put("fellow", fellow); Integer supe_usereventFellow = (Integer) supe_userevent.get("fellow"); supe_usereventFellow = supe_usereventFellow == null ? 0 : supe_usereventFellow; num = fellow - supe_usereventFellow; int eventLimitnum = (Integer) event.get("limitnum"); if (eventLimitnum > 0 && num + (Integer) event.get("membernum") > eventLimitnum) { return showMessage(request, response, "event_already_full"); } } tempS = request.getParameter("template"); if (!Common.empty(tempS)) { arr.put("template", tempS); } if (!Common.empty(arr)) { Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("eventid", eventid); whereData.put("uid", supe_uid); dataBaseService.updateTable("sns_userevent", arr, whereData); } if (num != 0) { dataBaseService.executeUpdate("UPDATE sns_event SET membernum = membernum + " + num + " WHERE eventid=" + eventid); } return showMessage(request, response, "do_success", "zone.action?do=event&id=" + eventid, 0); } int arrStatus = 2; Map<String, Object> arr = new HashMap<String, Object>(); arr.put("eventid", eventid); arr.put("uid", supe_uid); arr.put("username", supe_username); arr.put("template", event.get("template")); arr.put("fellow", 0); arr.put("dateline", timestamp); int num = 1; String numsql; tempS = request.getParameter("fellow"); if (!Common.empty(tempS)) { int fellow = Common.intval(tempS); arr.put("fellow", fellow); num += fellow; } tempS = request.getParameter("template"); if (!Common.empty(tempS)) { try { tempS = Common.getStr(tempS, 255, true, true, true, 0, 0, request, response); } catch (Exception e) { return showMessage(request, response, e.getMessage()); } arr.put("template", tempS); } int eventLimitnum = (Integer) event.get("limitnum"); if (eventLimitnum > 0 && num + (Integer) event.get("membernum") > eventLimitnum) { return showMessage(request, response, "event_will_full"); } numsql = " membernum = membernum + " + num + " "; query = dataBaseService.executeQuery("SELECT * FROM sns_eventinvite WHERE eventid='" + eventid + "' AND touid='" + supe_uid + "'"); Map<String, Object> eventinvite = query.size() > 0 ? query.get(0) : null; if (!Common.empty(event.get("verify")) && Common.empty(eventinvite)) { arrStatus = 0; } arr.put("status", arrStatus); if (supe_usereventStatus != null && supe_usereventStatus == 1) { Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("uid", supe_uid); whereData.put("eventid", eventid); dataBaseService.updateTable("sns_userevent", arr, whereData); numsql += ",follownum = follownum - 1 "; } else { dataBaseService.insertTable("sns_userevent", arr, false, false); } int eventUid = (Integer) event.get("uid"); if (arrStatus == 2) { dataBaseService .execute("UPDATE sns_event SET " + numsql + " WHERE eventid = '" + eventid + "'"); if (Common.ckPrivacy(sGlobal, sConfig, space, "join", 0)) { Map<String, Object> title_data = new HashMap<String, Object>(); title_data.put("title", event.get("title")); title_data.put("eventid", event.get("eventid")); title_data.put("uid", eventUid); title_data.put("username", sNames.get(eventUid)); mainService.addFeed(sGlobal, "event", Common.getMessage(request, "cp_event_join"), title_data, "", null, "", null, null, "", 0, 0, 0, "", false); } } else if (arrStatus == 0) { if (supe_usereventStatus != null && supe_usereventStatus == 1) { dataBaseService.executeUpdate( "UPDATE sns_event SET follownum = follownum - 1 WHERE eventid = '" + eventid + "'"); } List<Integer> note_ids = new ArrayList<Integer>(); List<String> note_inserts = new ArrayList<String>(); int eventEventid = (Integer) event.get("eventid"); String note_msg = Common.getMessage(request, "cp_event_join_verify", "zone.action?do=event&id=" + eventEventid, event.get("title"), "main.action?ac=event&id=" + eventEventid + "&op=members&status=0&key=" + supe_username); query = dataBaseService.executeQuery( "SELECT ue.*, sf.* FROM sns_userevent ue LEFT JOIN sns_spacefield sf ON ue.uid=sf.uid WHERE ue.eventid='" + eventid + "' AND ue.status >= 3"); Map<String, Object> privacyM; Set<String> filter; Map<String, Object> filter_noteM; Map<String, Object> note = new HashMap<String, Object>(); note.put("type", "eventmember"); note.put("authorid", supe_uid); StringBuilder builder = new StringBuilder(); int valueUid; for (Map<String, Object> value : query) { tempS = (String) value.get("privacy"); privacyM = Common.empty(tempS) ? new HashMap<String, Object>() : (Map<String, Object>) Serializer.unserialize(tempS); value.put("privacy", privacyM); filter_noteM = (Map<String, Object>) privacyM.get("filter_note"); filter = Common.empty(filter_noteM) ? new HashSet<String>() : filter_noteM.keySet(); if (mainService.checkNoteUid(note, filter)) { valueUid = (Integer) value.get("uid"); note_ids.add(valueUid); builder.append("('"); builder.append(valueUid); builder.append("', 'eventmember', '1', '"); builder.append(supe_uid); builder.append("', '"); builder.append(supe_username); builder.append("', '"); builder.append(Common.addSlashes(note_msg)); builder.append("', '"); builder.append(timestamp); builder.append("')"); note_inserts.add(builder.toString()); builder.delete(0, builder.length()); } } if (!Common.empty(note_inserts)) { dataBaseService.execute( "INSERT INTO sns_notification (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " + Common.implode(note_inserts, ",")); dataBaseService.executeUpdate("UPDATE sns_space SET notenum=notenum+1 WHERE uid IN (" + Common.sImplode(note_ids) + ")"); } try { mainService.sendMail(request, response, eventUid, "", Common.getMessage(request, "event_application"), note_msg, "event"); } catch (Exception e) { return showMessage(request, response, e.getMessage()); } } Common.getReward("joinevent", true, 0, eventid + "", true, request, response); mainService.updateStat(request, "eventjoin", false); if (!Common.empty(eventinvite)) { dataBaseService.execute("DELETE FROM sns_eventinvite WHERE eventid='" + eventid + "' AND touid='" + supe_uid + "'"); dataBaseService .executeUpdate("UPDATE sns_space SET eventinvitenum=eventinvitenum-1 WHERE uid = '" + supe_uid + "' AND eventinvitenum>0"); } return showMessage(request, response, "do_success", "zone.action?do=event&id=" + eventid, 0); } } else if ("quit".equals(op)) { if (eventid == 0) { return showMessage(request, response, "event_does_not_exist"); } if (submitCheck(request, "quitsubmit")) { String tourl = "zone.action?do=event&id=" + eventid; int uid = supe_uid; Map<String, Object> userevent = (Map<String, Object>) sGlobal.get("supe_userevent"); if (!Common.empty(userevent) && (Integer) event.get("uid") != uid) { dataBaseService.execute( "DELETE FROM sns_userevent WHERE eventid='" + eventid + "' AND uid='" + uid + "'"); if ((Integer) userevent.get("status") >= 2) { int num = 1 + (Integer) userevent.get("fellow"); dataBaseService.executeUpdate("UPDATE sns_event SET membernum = membernum - " + num + " WHERE eventid='" + eventid + "'"); } return showMessage(request, response, "do_success", tourl, 0); } else { return showMessage(request, response, "cannot_quit_event", tourl, 2); } } } else if ("follow".equals(op)) { if (eventid == 0) { return showMessage(request, response, "event_does_not_exist"); } Map<String, Object> supe_userevent = (Map<String, Object>) sGlobal.get("supe_userevent"); boolean popupmenu_box = false; if (!Common.empty(supe_userevent)) { popupmenu_box = true; if ((Integer) supe_userevent.get("status") <= 1) { return showMessage(request, response, "event_has_followed"); } else { return showMessage(request, response, "event_has_joint"); } } if (submitCheck(request, "followsubmit")) { Map<String, Object> arr = new HashMap<String, Object>(); arr.put("eventid", eventid); arr.put("uid", supe_uid); arr.put("username", supe_username); arr.put("status", 1); arr.put("fellow", 0); arr.put("template", event.get("template")); dataBaseService.insertTable("sns_userevent", arr, false, false); dataBaseService.executeUpdate( "UPDATE sns_event SET follownum = follownum + 1 WHERE eventid='" + eventid + "'"); return showMessage(request, response, "do_success", "zone.action?do=event&id=" + eventid, 0); } } else if ("cancelfollow".equals(op)) { if (eventid == 0) { return showMessage(request, response, "event_does_not_exist"); } if (submitCheck(request, "cancelfollowsubmit")) { Map<String, Object> supe_userevent = (Map<String, Object>) sGlobal.get("supe_userevent"); if (!Common.empty(supe_userevent) && (Integer) supe_userevent.get("status") == 1) { dataBaseService.execute("DELETE FROM sns_userevent WHERE uid='" + supe_uid + "' AND eventid='" + eventid + "'"); dataBaseService.executeUpdate( "UPDATE sns_event SET follownum = follownum - 1 WHERE eventid='" + eventid + "'"); } return showMessage(request, response, "do_success", "zone.action?do=event&id=" + eventid, 0); } } else if ("eventinvite".equals(op)) { if (!Common.empty(request.getParameter("r"))) { tempS = request.getParameter("page"); String tourl = "main.action?ac=event&op=eventinvite" + (tempS != null ? "&page=" + Common.intval(tempS) : ""); if (eventid != 0) { dataBaseService.execute("DELETE FROM sns_eventinvite WHERE eventid = '" + eventid + "' AND touid = '" + supe_uid + "'"); dataBaseService .executeUpdate("UPDATE sns_space SET eventinvitenum=eventinvitenum-1 WHERE uid = '" + supe_uid + "' AND eventinvitenum>0"); } else { dataBaseService.execute("DELETE FROM sns_eventinvite WHERE touid = '" + supe_uid + "'"); dataBaseService.executeUpdate( "UPDATE sns_space SET eventinvitenum=0 WHERE uid = '" + supe_uid + "'"); } return showMessage(request, response, "do_success", tourl, 0); } int perpage = 20; tempS = request.getParameter("page"); int page = Common.empty(tempS) ? 1 : Common.intval(tempS); if (page < 1) page = 1; int start = (page - 1) * perpage; int maxPage = (Integer) sConfig.get("maxpage"); if ((tempS = Common.ckStart(start, perpage, maxPage)) != null) { return showMessage(request, response, tempS); } String theurl = "main.action?ac=event&op=eventinvite"; Map<String, Object> whereArr = new HashMap<String, Object>(); whereArr.put("touid", supe_uid); int count = Common.intval(Common.getCount("sns_eventinvite", whereArr, null)); if (count != (Integer) space.get("eventinvitenum")) { Map<String, Object> setData = new HashMap<String, Object>(); setData.put("eventinvitenum", count); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("uid", space.get("uid")); dataBaseService.updateTable("sns_space", setData, whereData); } List<Map<String, Object>> eventinvites = null; if (count > 0) { query = dataBaseService.executeQuery( "SELECT ei.*, e.*, ei.dateline as invitetime FROM sns_eventinvite ei LEFT JOIN sns_event e ON ei.eventid=e.eventid WHERE ei.touid='" + supe_uid + "' limit " + start + ", " + perpage); for (Map<String, Object> value : query) { if (!Common.empty(value.get("poster"))) { value.put("pic", Common.pic_get(sConfig, (String) value.get("poster"), (Integer) value.get("thumb"), (Integer) value.get("remote"), true)); } else { value.put("pic", globalEventClass.get(value.get("classid")).get("poster")); } } eventinvites = query; } String multi = Common.multi(request, count, perpage, page, maxPage, theurl, null, null); request.setAttribute("eventinvites", eventinvites); request.setAttribute("multi", multi); } else if ("acceptinvite".equals(op)) { if (eventid == 0) { return showMessage(request, response, "event_does_not_exist"); } query = dataBaseService.executeQuery("SELECT * FROM sns_eventinvite WHERE eventid='" + eventid + "' AND touid='" + supe_uid + "' LIMIT 1"); Map<String, Object> eventinvite = query.size() > 0 ? query.get(0) : null; if (Common.empty(eventinvite)) { return showMessage(request, response, "eventinvite_does_not_exist"); } dataBaseService.execute( "DELETE FROM sns_eventinvite WHERE eventid='" + eventid + "' AND touid='" + supe_uid + "'"); dataBaseService.executeUpdate("UPDATE sns_space SET eventinvitenum=eventinvitenum-1 WHERE uid = '" + supe_uid + "' AND eventinvitenum>0"); if (mainService.isBlackList((Integer) event.get("uid"), supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } if (timestamp > (Integer) event.get("endtime")) { return showMessage(request, response, "event_is_over"); } if (timestamp > (Integer) event.get("deadline")) { return showMessage(request, response, "event_meet_deadline"); } int eventLimitnum = (Integer) event.get("limitnum"); int eventMembernum = (Integer) event.get("membernum"); if (eventLimitnum > 0 && eventMembernum >= eventLimitnum) { return showMessage(request, response, "event_already_full"); } String numsql = "membernum = membernum + 1"; Map<String, Object> supe_userevent = (Map<String, Object>) sGlobal.get("supe_userevent"); if (Common.empty(supe_userevent)) { Map<String, Object> arr = new HashMap<String, Object>(); arr.put("eventid", eventid); arr.put("uid", supe_uid); arr.put("username", supe_username); arr.put("status", 2); arr.put("template", event.get("template")); arr.put("fellow", 0); arr.put("dateline", timestamp); dataBaseService.insertTable("sns_userevent", arr, false, false); dataBaseService .executeUpdate("UPDATE sns_event SET " + numsql + " WHERE eventid = '" + eventid + "'"); if (Common.ckPrivacy(sGlobal, sConfig, space, "join", 0)) { int eventUid = (Integer) event.get("uid"); Map<String, Object> title_data = new HashMap<String, Object>(); title_data.put("title", event.get("title")); title_data.put("eventid", event.get("eventid")); title_data.put("uid", eventUid); title_data.put("username", sNames.get(eventUid)); mainService.addFeed(sGlobal, "event", Common.getMessage(request, "cp_event_join"), title_data, "", null, "", null, null, "", 0, 0, 0, "", false); } } else if ((Integer) supe_userevent.get("status") < 2) { Map<String, Object> arr = new HashMap<String, Object>(); arr.put("status", 2); if ((Integer) supe_userevent.get("status") == 1) { numsql += ",follownum = follownum - 1 "; } if (eventLimitnum > 0 && eventMembernum + (Integer) supe_userevent.get("fellow") > eventLimitnum) { arr.put("fellow", 0); } Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("uid", supe_uid); whereData.put("eventid", eventid); dataBaseService.updateTable("sns_userevent", arr, whereData); dataBaseService .executeUpdate("UPDATE sns_event SET " + numsql + " WHERE eventid = '" + eventid + "'"); if (Common.ckPrivacy(sGlobal, sConfig, space, "join", 0)) { int eventUid = (Integer) event.get("uid"); Map<String, Object> title_data = new HashMap<String, Object>(); title_data.put("title", event.get("title")); title_data.put("eventid", event.get("eventid")); title_data.put("uid", eventUid); title_data.put("username", event.get("username")); mainService.addFeed(sGlobal, "event", Common.getMessage(request, "cp_event_join"), title_data, "", null, "", null, null, "", 0, 0, 0, "", false); } } return showMessage(request, response, Common.getMessage(request, "cp_event_accept_success", "zone.action?do=event&id=" + event.get("eventid"))); } else if ("delete".equals(op)) { if (eventid == 0) { return showMessage(request, response, "event_does_not_exist"); } if (!allowmanage) { return showMessage(request, response, "no_privilege"); } if (submitCheck(request, "deletesubmit")) { adminDeleteService.deleteEvents(request, response, sGlobal, new Integer[] { eventid }); return showMessage(request, response, "do_success", "zone.action?do=event", 2); } } else if ("print".equals(op)) { if (eventid == 0) { return showMessage(request, response, "event_does_not_exist"); } if (submitCheck(request, "printsubmit")) { List<Map<String, Object>> members; List uid; if (!Common.empty(request.getParameter("admin"))) { query = dataBaseService.executeQuery("SELECT * FROM sns_userevent WHERE eventid='" + eventid + "' AND status > 1 ORDER BY status DESC, dateline ASC"); } else { query = dataBaseService.executeQuery("SELECT * FROM sns_userevent WHERE eventid='" + eventid + "' AND status = 2 ORDER BY dateline ASC"); } for (Map<String, Object> value : query) { value.put("template", Common.nl2br(Common.htmlSpecialChars((String) value.get("template")))); } members = query; request.setAttribute("event", event); request.setAttribute("members", members); return include(request, response, sConfig, sGlobal, "cp_event_sheet.jsp"); } } else if ("close".equals(op)) { if (eventid == 0) { return showMessage(request, response, "event_does_not_exist"); } if (!allowmanage) { return showMessage(request, response, "no_privilege"); } if ((Integer) event.get("grade") < 1 || (Integer) event.get("endtime") > timestamp) { return showMessage(request, response, "event_can_not_be_closed"); } if (submitCheck(request, "closesubmit")) { Map<String, Object> setData = new HashMap<String, Object>(); setData.put("grade", -2); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("eventid", eventid); dataBaseService.updateTable("sns_event", setData, whereData); return showMessage(request, response, "do_success", "zone.action?do=event&id=" + eventid, 0); } } else if ("open".equals(op)) { if (eventid == 0) { return showMessage(request, response, "event_does_not_exist"); } if (!allowmanage) { return showMessage(request, response, "no_privilege"); } if ((Integer) event.get("grade") != -2 || (Integer) event.get("endtime") > timestamp) { return showMessage(request, response, "event_can_not_be_opened"); } if (submitCheck(request, "opensubmit")) { Map<String, Object> setData = new HashMap<String, Object>(); setData.put("grade", 1); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("eventid", eventid); dataBaseService.updateTable("sns_event", setData, whereData); return showMessage(request, response, "do_success", "zone.action?do=event&id=" + eventid, 0); } } else if ("calendar".equals(op)) { List<String> match = null; String monthGet = request.getParameter("month"); String dateGet = request.getParameter("date"); if (Common.empty(monthGet)) { match = Common.pregMatch(dateGet, "^(\\d{4}-\\d{1,2})"); if (!Common.empty(match)) { monthGet = match.get(1); } } if (monthGet != null) { match = Common.pregMatch(monthGet, "^(\\d{4})-(\\d{1,2})$"); } int year; int month; if (!Common.empty(match)) { year = Common.intval(match.get(1)); month = Common.intval(match.get(2)); } else { year = Common.intval(Common.sgmdate(request, "yyyy", timestamp)); month = Common.intval(Common.sgmdate(request, "MM", timestamp)); } String nextmonth; String premonth; if (month == 12) { nextmonth = (year + 1) + "-1"; premonth = year + "-11"; } else if (month == 1) { nextmonth = year + "-2"; premonth = (year - 1) + "-12"; } else { nextmonth = year + "-" + (month + 1); premonth = year + "-" + (month - 1); } Calendar calendar = Calendar.getInstance(); calendar.setTimeZone(TimeZone.getTimeZone("GMT")); calendar.set(Calendar.SECOND, 0); calendar.set(Calendar.MINUTE, 0); calendar.set(Calendar.HOUR_OF_DAY, 0); calendar.set(Calendar.MONTH, month - 1); calendar.set(Calendar.DAY_OF_MONTH, 1); calendar.set(Calendar.YEAR, year); int daystart = (int) (calendar.getTimeInMillis() / 1000); int week = calendar.get(Calendar.DAY_OF_WEEK) - 1; int dayscount = calendar.getActualMaximum(Calendar.DAY_OF_MONTH); calendar.add(Calendar.MONTH, 1); int dayend = (int) (calendar.getTimeInMillis() / 1000); Map<Integer, Map<String, Object>> days = new LinkedHashMap<Integer, Map<String, Object>>(); Map<String, Object> subM; for (int i = 1; i <= dayscount; i++) { subM = new HashMap<String, Object>(); subM.put("count", 0); subM.put("events", new ArrayList<Map<String, Object>>()); subM.put("class", ""); days.put(i, subM); } query = dataBaseService.executeQuery("SELECT * FROM sns_event WHERE starttime < " + dayend + " AND endtime > " + daystart + " ORDER BY eventid DESC LIMIT 100"); int tempInt; int start; int end; List<Map<String, Object>> subList; for (Map<String, Object> value : query) { if ((Integer) value.get("public") < 1 || (tempInt = (Integer) value.get("grade")) == 0 || tempInt == -1) { continue; } tempInt = (Integer) value.get("starttime"); if (tempInt < daystart) { start = 1; } else { calendar.setTimeInMillis(tempInt * 1000L); start = calendar.get(Calendar.DAY_OF_MONTH); } tempInt = (Integer) value.get("endtime"); if (tempInt > dayend) { end = dayscount; } else { calendar.setTimeInMillis(tempInt * 1000L); end = calendar.get(Calendar.DAY_OF_MONTH); } for (int i = start; i <= end; i++) { subM = days.get(i); tempInt = (Integer) subM.get("count"); if (tempInt < 10) { subList = (List<Map<String, Object>>) subM.get("events"); subList.add(value); subM.put("count", tempInt + 1); subM.put("class", " on_link"); } } } int d = 0; if (month == Common.intval(Common.sgmdate(request, "MM", timestamp)) && year == Common.intval(Common.sgmdate(request, "yyyy", timestamp))) { d = Common.intval(Common.sgmdate(request, "dd", timestamp)); subM = days.get(d); subM.put("class", "on_today"); } if (!Common.empty(dateGet)) { int t = Common.strToTime(dateGet, Common.getTimeOffset(sGlobal, sConfig)); if (month == Common.intval(Common.sgmdate(request, "MM", t)) && year == Common.intval(Common.sgmdate(request, "yyyy", t))) { d = Common.intval(Common.sgmdate(request, "dd", t)); subM = days.get(d); subM.put("class", "on_select"); } } String url = request.getParameter("url"); url = !Common.empty(url) ? url.replaceAll("date=[\\d\\-]+", "") : "zone.action?do=event"; request.setAttribute("premonth", premonth); request.setAttribute("nextmonth", nextmonth); request.setAttribute("year", year); request.setAttribute("month", month); request.setAttribute("week", week); request.setAttribute("days", days); request.setAttribute("url", url); } else if ("edithot".equals(op)) { if (!Common.checkPerm(request, response, "manageevent")) { return showMessage(request, response, "no_privilege"); } if (submitCheck(request, "hotsubmit")) { int hot = Common.intval(request.getParameter("hot")); Map<String, Object> setData = new HashMap<String, Object>(); setData.put("hot", hot); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("eventid", eventid); dataBaseService.updateTable("sns_event", setData, whereData); if (hot > 0) { feedService.feedPublish(request, response, eventid, "eventid", false); } else { whereData.clear(); whereData.put("id", eventid); whereData.put("idtype", eventid); dataBaseService.updateTable("sns_feed", setData, whereData); } return showMessage(request, response, "do_success", "zone.action?uid=" + event.get("uid") + "&do=event&id=" + eventid, 0); } } else if ("edit".equals(op)) { if (eventid != 0) { if (!allowmanage) { return showMessage(request, response, "no_privilege_edit_event"); } } else { if (!Common.checkPerm(request, response, "allowevent")) { return showMessage(request, response, "no_privilege_add_event"); } if (!mainService.checkRealName(request, "event")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "event")) { return showMessage(request, response, "no_privilege_videophoto"); } switch (mainService.checkNewUser(request, response)) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } event = new HashMap<String, Object>(); event.put("eventid", ""); int starttime = (int) (Math.ceil(timestamp / 3600D) * 3600 + 7200); event.put("starttime", starttime); event.put("endtime", starttime + 14400); event.put("deadline", starttime); event.put("allowinvite", 1); event.put("allowpost", 1); event.put("allowpic", 1); event.put("allowfellow", 0); event.put("verify", 0); event.put("public", 2); event.put("limitnum", 0); event.put("province", space.get("resideprovince")); event.put("city", space.get("residecity")); Map<String, Object> topic = null; int topicid = Common.intval(request.getParameter("topicid")); if (topicid != 0) { topic = Common.getTopic(request, topicid); } Map<String, String> actives = null; if (!Common.empty(topic)) { actives = new HashMap<String, String>(); actives.put("event", " class=\"active\""); } request.setAttribute("topicid", topicid); request.setAttribute("topic", topic); } List<Map<String, Object>> mtags = null; Integer eventUid = (Integer) event.get("uid"); if (eventid == 0 || (eventUid != null && eventUid.intValue() == supe_uid)) { query = dataBaseService.executeQuery("SELECT mtag.* FROM sns_tagspace st LEFT JOIN " + " sns_mtag mtag ON st.tagid=mtag.tagid WHERE st.uid='" + supe_uid + "' AND st.grade=9"); mtags = query; } int tagid = Common.intval(request.getParameter("tagid")); if (tagid != 0 && Common.empty(event.get("tagid"))) { event.put("tagid", tagid); } Map<String, Object> subM; Object tempOb; for (Entry<Integer, Map<String, Object>> entry : globalEventClass.entrySet()) { subM = entry.getValue(); tempOb = subM.get("template"); if (tempOb != null) { subM.put("template", String.valueOf(tempOb).replace("\r\n", "<br>").replace("\r", "<br>") .replace("\n", "<br>")); } } request.setAttribute("globalEventClass", globalEventClass); request.setAttribute("mtags", mtags); request.setAttribute("ckPrivacy", Common.ckPrivacy(sGlobal, sConfig, space, "event", 1)); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("op", op); request.setAttribute("eventid", eventid); request.setAttribute("allowmanage", allowmanage); request.setAttribute("event", event); request.setAttribute("menus", menus); return include(request, response, sConfig, sGlobal, "cp_event.jsp"); } private Object verify_eventmembers(HttpServletRequest request, Map<String, Object> sGlobal, Map<String, Object> event, String[] uids, String statusString) { int supe_uid = (Integer) sGlobal.get("supe_uid"); int timestamp = (Integer) sGlobal.get("timestamp"); String supe_username = (String) sGlobal.get("supe_username"); Map<String, Object> supeUserEvent = (Map<String, Object>) sGlobal.get("supe_userevent"); if (supeUserEvent == null || (Integer) supeUserEvent.get("status") < 3) { return new MessageVO("no_privilege_manage_event_members"); } int eventid = (Integer) supeUserEvent.get("eventid"); List<Map<String, Object>> query; if (event == null || eventid != (Integer) event.get("eventid")) { query = dataBaseService.executeQuery("SELECT * FROM sns_event WHERE eventid='" + eventid + "'"); try { event = query.get(0); } catch (IndexOutOfBoundsException exception) { return new MessageVO(exception.getMessage()); } } int status = Common.intval(statusString); if (status < -1 || status > 3) { return new MessageVO("bad_userevent_status"); } if ((Integer) event.get("verify") == 0 && status == 0) { return new MessageVO("event_not_set_verify"); } int eventUid = (Integer) event.get("uid"); if (status == 3 && supe_uid != eventUid) { return new MessageVO("only_creator_can_set_admin"); } List<Integer> newids = new ArrayList<Integer>(); Map<Integer, Map<String, Object>> userevents = new HashMap<Integer, Map<String, Object>>(); Map<Integer, String> actions = new HashMap<Integer, String>(); int num = 0; query = dataBaseService.executeQuery( "SELECT ue.*, sf.* FROM sns_userevent ue LEFT JOIN sns_spacefield sf ON ue.uid=sf.uid WHERE ue.uid IN (" + Common.sImplode(uids) + ") AND ue.eventid='" + eventid + "'"); int valueStatus; int valueUid; for (Map<String, Object> value : query) { valueStatus = (Integer) value.get("status"); valueUid = (Integer) value.get("uid"); if (valueStatus == status || eventUid == valueUid || valueStatus == 1) { continue; } if (status == 2 || status == 3 || status == 0 || status == -1) { newids.add(valueUid); userevents.put(valueUid, value); if (status == 2) { if (valueStatus == 0) { actions.put(valueUid, "set_verify"); num += ((Integer) value.get("fellow") + 1); } else if (valueStatus == 3) { actions.put(valueUid, "unset_admin"); } } else if (status == 3) { actions.put(valueUid, "set_admin"); if (valueStatus == 0) { num += ((Integer) value.get("fellow") + 1); } } else if (status == 0) { actions.put(valueUid, "unset_verify"); if (valueStatus >= 2) { num -= ((Integer) value.get("fellow") + 1); } } else if (status == -1) { actions.put(valueUid, "set_delete"); if (valueStatus >= 2) { num -= ((Integer) value.get("fellow") + 1); } } } } if (Common.empty(newids)) return newids; int eventLimitnum = (Integer) event.get("limitnum"); if (eventLimitnum > 0 && (Integer) event.get("membernum") + num > eventLimitnum) { return new MessageVO("event_will_full"); } List<String> note_inserts = new ArrayList<String>(); List<String> feed_inserts = new ArrayList<String>(); List<Integer> note_ids = new ArrayList<Integer>(); Map<String, Object> subMap = new HashMap<String, Object>(); subMap.put("title", event.get("title")); subMap.put("eventid", event.get("eventid")); subMap.put("uid", event.get("uid")); subMap.put("username", event.get("username")); Map<String, Object> feedarr = new HashMap<String, Object>(); feedarr.put("appid", SysConstants.snsConfig.get("SNS_APPID")); feedarr.put("icon", "event"); feedarr.put("uid", ""); feedarr.put("username", ""); feedarr.put("dateline", timestamp); feedarr.put("title_template", Common.getMessage(request, "cp_event_join")); feedarr.put("title_data", subMap); feedarr.put("body_template", ""); feedarr.put("body_data", new HashMap()); feedarr.put("body_general", ""); feedarr.put("image_1", ""); feedarr.put("image_1_link", ""); feedarr.put("image_2", ""); feedarr.put("image_2_link", ""); feedarr.put("image_3", ""); feedarr.put("image_3_link", ""); feedarr.put("image_4", ""); feedarr.put("image_4_link", ""); feedarr.put("target_ids", ""); feedarr.put("friend", "friend"); feedarr = (Map<String, Object>) Common.sStripSlashes(feedarr); feedarr.put("title_data", Serializer.serialize(Common.sStripSlashes(feedarr.get("title_data")))); feedarr.put("body_data", Serializer.serialize(Common.sStripSlashes(feedarr.get("body_data")))); feedarr.put("hash_template", Common.md5(feedarr.get("title_template") + "\t" + feedarr.get("body_template"))); feedarr.put("hash_data", Common.md5(feedarr.get("title_template") + "\t" + feedarr.get("title_data") + "\t" + feedarr.get("body_template") + "\t" + feedarr.get("body_data"))); feedarr = (Map<String, Object>) Common.sAddSlashes(feedarr); Map<String, Object> mapInUserevents; StringBuilder builder = new StringBuilder(); for (int id : newids) { mapInUserevents = userevents.get(id); if (status > 1 && (Integer) mapInUserevents.get("status") == 0) { feedarr.put("uid", mapInUserevents.get("uid")); feedarr.put("username", mapInUserevents.get("username")); builder.append("('"); builder.append(feedarr.get("appid")); builder.append("', 'event', '"); builder.append(feedarr.get("uid")); builder.append("', '"); builder.append(feedarr.get("username")); builder.append("', '"); builder.append(feedarr.get("dateline")); builder.append("', '0', '"); builder.append(feedarr.get("hash_template")); builder.append("', '"); builder.append(feedarr.get("hash_data")); builder.append("', '"); builder.append(feedarr.get("title_template")); builder.append("', '"); builder.append(feedarr.get("title_data")); builder.append("', '"); builder.append(feedarr.get("body_template")); builder.append("', '"); builder.append(feedarr.get("body_data")); builder.append("', '"); builder.append(feedarr.get("body_general")); builder.append("', '"); builder.append(feedarr.get("image_1")); builder.append("', '"); builder.append(feedarr.get("image_1_link")); builder.append("', '"); builder.append(feedarr.get("image_2")); builder.append("', '"); builder.append(feedarr.get("image_2_link")); builder.append("', '"); builder.append(feedarr.get("image_3")); builder.append("', '"); builder.append(feedarr.get("image_3_link")); builder.append("', '"); builder.append(feedarr.get("image_4")); builder.append("', '"); builder.append(feedarr.get("image_4_link")); builder.append("')"); feed_inserts.add(builder.toString()); builder.delete(0, builder.length()); } mapInUserevents.put("privacy", Common.empty(mapInUserevents.get("privacy")) ? new HashMap<String, Object>() : Serializer.unserialize((String) mapInUserevents.get("privacy"))); Map<String, Object> tempM = (Map<String, Object>) ((Map<String, Object>) mapInUserevents.get("privacy")) .get("filter_note"); Set<String> filter = Common.empty(tempM) ? new HashSet<String>() : tempM.keySet(); if (tempM == null) { tempM = new HashMap<String, Object>(); } else { tempM.clear(); } tempM.put("type", "eventmemberstatus"); tempM.put("authorid", supe_uid); if (mainService.checkNoteUid(tempM, filter)) { note_ids.add(id); String actionsValue = actions.get(id); actionsValue = actionsValue == null ? "" : actionsValue; String note_msg = Common.getMessage(request, "cp_eventmember_" + actionsValue, "zone.action?do=event&id=" + event.get("eventid"), event.get("title")); builder.append("('"); builder.append(id); builder.append("', 'eventmemberstatus', '1', '"); builder.append(supe_uid); builder.append("', '"); builder.append(supe_username); builder.append("', '"); builder.append(Common.addSlashes(note_msg)); builder.append("', '"); builder.append(timestamp); builder.append("')"); note_inserts.add(builder.toString()); builder.delete(0, builder.length()); } } if (!Common.empty(note_ids)) { dataBaseService.execute( "INSERT INTO sns_notification (`uid`, `type`, `new`, `authorid`, `author`, `note`, `dateline`) VALUES " + Common.implode(note_inserts, ",")); dataBaseService.executeUpdate( "UPDATE sns_space SET notenum=notenum+1 WHERE uid IN (" + Common.sImplode(note_ids) + ")"); } if (!Common.empty(feed_inserts)) { dataBaseService.execute( "INSERT INTO sns_feed (`appid` ,`icon` ,`uid` ,`username` ,`dateline` ,`friend` ,`hash_template` ,`hash_data` ,`title_template` ,`title_data` ,`body_template` ,`body_data` ,`body_general` ,`image_1` ,`image_1_link` ,`image_2` ,`image_2_link` ,`image_3` ,`image_3_link` ,`image_4` ,`image_4_link`) VALUES " + Common.implode(feed_inserts, ",")); } if (status == -1) { dataBaseService.execute("DELETE FROM sns_userevent WHERE uid IN (" + Common.sImplode(newids) + ") AND eventid='" + eventid + "'"); } else { dataBaseService.executeUpdate("UPDATE sns_userevent SET status='" + status + "' WHERE uid IN (" + Common.sImplode(newids) + ") AND eventid='" + eventid + "'"); } if (num != 0) { dataBaseService.executeUpdate( "UPDATE sns_event SET membernum = membernum + " + num + " WHERE eventid='" + eventid + "'"); } return newids; } public ActionForward cp_feed(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int feedId = Common.intval(request.getParameter("feedid")); int page = Common.intval(request.getParameter("page")); if (page < 1) { page = 1; } Map feed = null; if (feedId != 0) { List<Map<String, Object>> feedList = dataBaseService .executeQuery("SELECT * FROM sns_feed WHERE feedid='" + feedId + "'"); if (feedList.size() == 0) { return showMessage(request, response, "feed_no_found"); } else { feed = feedList.get(0); } } try { Map<String, String[]> params = request.getParameterMap(); if (submitCheck(request, "commentsubmit")) { if (Common.empty(feed.get("id")) || Common.empty(feed.get("idtype"))) { return showMessage(request, response, "non_normal_operation"); } if ("doid".equals(feed.get("idtype"))) { params.put("id", new String[] { request.getParameter("cid") }); params.put("doid", new String[] { String.valueOf(feed.get("id")) }); return cp_doing(request, response); } else { params.put("id", new String[] { String.valueOf(feed.get("id")) }); params.put("idtype", new String[] { String.valueOf(feed.get("idtype")) }); return cp_comment(request, response); } } String op = request.getParameter("op"); if ("delete".equals(op)) { if (submitCheck(request, "feedsubmit")) { if (adminDeleteService.deleteFeeds(request, response, (Integer) sGlobal.get("supe_uid"), feedId)) { return showMessage(request, response, "do_success", request.getParameter("refer")); } else { return showMessage(request, response, "no_privilege"); } } } else if ("ignore".equals(op)) { String icon = Common.empty(request.getParameter("icon")) ? "" : request.getParameter("icon").replaceAll("[^0-9a-zA-Z\\_\\-\\.]", ""); if (submitCheck(request, "feedignoresubmit")) { int uid = Common.empty(request.getParameter("uid")) ? 0 : Common.intval(request.getParameter("uid")); if (icon.length() != 0) { String iconUid = icon + "|" + uid; Map privacyMap = (Map) space.get("privacy"); if (Common.empty(privacyMap.get("filter_icon")) || !Common.isArray(privacyMap.get("filter_icon"))) { privacyMap.put("filter_icon", new HashMap()); } Map filterIconMap = (Map) privacyMap.get("filter_icon"); filterIconMap.put(iconUid, iconUid); mainService.privacyUpdate(privacyMap, (Integer) sGlobal.get("supe_uid")); } return showMessage(request, response, "do_success", request.getParameter("refer")); } } else if ("get".equals(op)) { int cpMode = 1; int start = Common.intval(request.getParameter("start")); if (start < 1) { start = (Integer) sConfig.get("feedmaxnum") < 50 ? 50 : (Integer) sConfig.get("feedmaxnum"); start = start + 1; } Map tpl = new HashMap(); tpl.put("getmore", 1); params.put("start", new String[] { String.valueOf(start) }); request.setAttribute("TPL", tpl); ZoneAction sa = new ZoneAction(); return sa.space_feed(request, response); } else if ("getcomment".equals(op)) { if (Common.empty(feed.get("id")) || Common.empty(feed.get("idtype"))) { return showMessage(request, response, "non_normal_operation"); } feedId = (Integer) feed.get("feedid"); String multi = ""; if ("doid".equals(feed.get("idtype"))) { params.put("doid", new String[] { String.valueOf(feed.get("id")) }); return cp_doing(request, response); } else { int perPage = 5; int start = (page - 1) * perPage; int maxPage = (Integer) sConfig.get("maxpage"); String message = Common.ckStart(start, perPage, maxPage); if (message != null) { return showMessage(request, response, message); } Map where = new HashMap(); where.put("id", feed.get("id")); where.put("idtype", feed.get("idtype")); String count = Common.getCount("sns_comment", where, null); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); if (!Common.empty(count)) { List<Map<String, Object>> list = dataBaseService .executeQuery("SELECT * FROM sns_comment WHERE id='" + feed.get("id") + "' AND idtype='" + feed.get("idtype") + "' ORDER BY dateline LIMIT " + start + "," + perPage); multi = Common.multi(request, Common.intval(count), perPage, page, maxPage, "main.action?ac=feed&op=getcomment&feedid=" + feedId, "feedcomment_" + feedId, ""); request.setAttribute("multi", multi); request.setAttribute("list", list); } } } else if ("menu".equals(op)) { boolean allowManage = Common.checkPerm(request, response, "managefeed"); if (Common.empty(feed.get("uid"))) { return showMessage(request, response, "non_normal_operation"); } request.setAttribute("feed", feed); request.setAttribute("managefeed", allowManage); } else { String url = "zone.action?uid=" + feed.get("uid"); String idType = (String) feed.get("idtype"); if ("doid".equals(idType)) { url += "&do=doing&id=" + feed.get("id"); } else if ("blogid".equals(idType)) { url += "&do=blog&id=" + feed.get("id"); } else if ("picid".equals(idType)) { url += "&do=album&picid=" + feed.get("id"); } else if ("albumid".equals(idType)) { url += "&do=album&id=" + feed.get("id"); } else if ("tid".equals(idType)) { url += "&do=thread&id=" + feed.get("id"); } else if ("sid".equals(idType)) { url += "&do=share&id=" + feed.get("id"); } else if ("pid".equals(idType)) { url += "&do=poll&id=" + feed.get("id"); } else if ("eventid".equals(idType)) { url += "&do=event&id=" + feed.get("id"); } return showMessage(request, response, "do_success", url, 0); } } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } request.setAttribute("feedid", feedId); return include(request, response, sConfig, sGlobal, "cp_feed.jsp"); } public ActionForward cp_friend(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); String op = request.getParameter("op"); int uid = Common.intval(request.getParameter("uid")); space.put("key", Common.spaceKey(space, sConfig, 0)); Map<String, String> actives = new HashMap<String, String>(); actives.put(op, " class=\"active\""); request.setAttribute("actives", actives); try { if ("add".equals(op)) { if (!Common.checkPerm(request, response, "allowfriend")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (uid == (Integer) sGlobal.get("supe_uid")) { return showMessage(request, response, "friend_self_error"); } if (Common.in_array((String[]) space.get("friends"), uid)) { return showMessage(request, response, "you_have_friends"); } if (!mainService.checkRealName(request, "friend")) { return showMessage(request, response, "no_privilege_realname"); } Map<String, Object> toSpace = Common.getSpace(request, sGlobal, sConfig, uid); if (Common.empty(toSpace)) { return showMessage(request, response, "space_does_not_exist"); } if (mainService.isBlackList((Integer) toSpace.get("uid"), (Integer) sGlobal.get("supe_uid")) != 0) { return showMessage(request, response, "is_blacklist"); } Map<Integer, String> groups = Common.getFriendGroup(request); int status = Common.getFriendStatus((Integer) sGlobal.get("supe_uid"), uid); if (status == 1) { return showMessage(request, response, "you_have_friends"); } else { int maxFriendNum = (Integer) Common.checkPerm(request, response, sGlobal, "maxfriendnum"); if (maxFriendNum != 0 && (Integer) space.get("friendnum") >= maxFriendNum + (Integer) space.get("addfriend")) { Map globalMagic = Common.getCacheDate(request, response, "cache/cache_magic.jsp", "globalMagic"); if (!Common.empty(globalMagic.get("friendnum"))) { return showMessage(request, response, "enough_of_the_number_of_friends_with_magic"); } else { return showMessage(request, response, "enough_of_the_number_of_friends"); } } int fStatus = Common.getFriendStatus(uid, (Integer) sGlobal.get("supe_uid")); int fu_requestfriendauditing = 0; try { fu_requestfriendauditing = ((Integer) ((Map) ((Map) toSpace.get("privacy")).get("view")) .get("requestfriendauditing")).intValue(); if (fu_requestfriendauditing == 1) { fStatus = 0; Map<String, String> parames = new HashMap<String, String>(); parames.put("op", "add"); parames.put("add2submit", "true"); parames.put("gid", "0"); parames.put("uid", uid + ""); request = new AddFriendHttpServletRequestWrapper(request, parames); } } catch (Exception ex) { ; } if (fStatus == -1) { if (status == -1) { if (!Common.empty(toSpace.get("videostatus"))) { if (!mainService.checkVideoPhoto(request, response, "friend", toSpace)) { return showMessage(request, response, "no_privilege_videophoto"); } } if (submitCheck(request, "addsubmit")) { Map<String, Object> serArr = new HashMap<String, Object>(); serArr.put("uid", sGlobal.get("supe_uid")); serArr.put("fuid", uid); serArr.put("fusername", Common.addSlashes((String) toSpace.get("username"))); serArr.put("gid", Common.intval(request.getParameter("gid"))); serArr.put("note", Common.getStr(request.getParameter("note"), 50, true, true, false, 0, 0, request, response)); serArr.put("dateline", sGlobal.get("timestamp")); dataBaseService.insertTable("sns_friend", serArr, false, false); mainService.sendMail(request, response, uid, "", Common.getMessage(request, "cp_friend_subject", new String[] { sNames.get(space.get("uid")), Common.getSiteUrl(request) + "main.action?ac=friend&op=request" }), "", "friend_add"); dataBaseService.executeUpdate( "UPDATE sns_space SET addfriendnum=addfriendnum+1 WHERE uid='" + uid + "'"); return showMessage(request, response, "request_has_been_sent"); } else { request.setAttribute("op", op); request.setAttribute("tospace", toSpace); request.setAttribute("groups", groups); return include(request, response, sConfig, sGlobal, "cp_friend.jsp"); } } else { return showMessage(request, response, "waiting_for_the_other_test"); } } else { boolean result = false; if (fu_requestfriendauditing == 0) { result = submitCheck(request, "add2submit"); } else { result = true; } if (result) { int gid = Common.intval(request.getParameter("gid")); if (fu_requestfriendauditing == 0) { mainService.updateFriend(request, sGlobal, sConfig, (Integer) space.get("uid"), (String) space.get("username"), (Integer) toSpace.get("uid"), (String) toSpace.get("username"), "add", gid); } else { mainService.updateFriend(request, sGlobal, sConfig, (Integer) space.get("uid"), (String) space.get("username"), (Integer) toSpace.get("uid"), (String) toSpace.get("username"), "invite", gid); } if (Common.ckPrivacy(sGlobal, sConfig, space, "friend", 1)) { Map<String, String> fs = new HashMap<String, String>(); fs.put("icon", "friend"); fs.put("title_template", Common.getMessage(request, "cp_feed_friend_title")); fs.put("body_template", ""); fs.put("body_general", ""); Map titleData = new HashMap(); titleData.put("touser", "<a href=\"zone.action?uid=" + toSpace.get("uid") + "\">" + sNames.get(toSpace.get("uid")) + "</a>"); mainService.addFeed(sGlobal, fs.get("icon"), fs.get("title_template"), titleData, fs.get("body_template"), null, fs.get("body_general"), null, null, "", 0, 0, 0, "", false); } dataBaseService .executeUpdate("UPDATE sns_space SET addfriendnum=addfriendnum-1 WHERE uid='" + space.get("uid") + "' AND addfriendnum>0"); mainService.addNotification(request, sGlobal, sConfig, uid, "friend", Common.getMessage(request, "cp_note_friend_add"), false); return showMessage(request, response, "friends_add", request.getParameter("refer"), 1, new String[] { sNames.get(toSpace.get("uid")) }); } else { op = "add2"; request.setAttribute("op", op); request.setAttribute("tospace", toSpace); request.setAttribute("groups", groups); return include(request, response, sConfig, sGlobal, "cp_friend.jsp"); } } } } else if ("ignore".equals(op)) { if (uid > 0) { if (submitCheck(request, "friendsubmit")) { int fStatus = Common.getFriendStatus(uid, (Integer) space.get("uid")); if (fStatus == 1) { mainService.updateFriend(request, sGlobal, sConfig, (Integer) sGlobal.get("supe_uid"), (String) sGlobal.get("supe_username"), uid, "", "ignore", 0); } else if (fStatus == 0) { mainService.ignoreRequest(space, sConfig, uid); } return showMessage(request, response, "do_success", "main.action?ac=friend&op=request", 0); } } else if (space.get("key").toString().equals(request.getParameter("key"))) { List<Map<String, Object>> fUids = dataBaseService .executeQuery("SELECT uid FROM sns_friend WHERE fuid='" + space.get("uid") + "' AND status='0' LIMIT 0,1"); if (fUids.size() > 0) { Map<String, Object> value = fUids.get(0); uid = (Integer) value.get("uid"); Map whereArr = new HashMap(); whereArr.put("uid", uid); String userName = Common.getCount("sns_space", whereArr, "username"); mainService.ignoreRequest(space, sConfig, uid); return showMessage(request, response, "friend_ignore_next", "main.action?ac=friend&op=ignore&confirm=1&key=" + space.get("key"), 1, userName); } else { return showMessage(request, response, "do_success", "main.action?ac=friend&op=request", 0); } } else { return showMessage(request, response, "specified_user_is_not_your_friend"); } } else if ("addconfirm".equals(op)) { if (space.get("key").toString().equals(request.getParameter("key"))) { int maxFriendNum = (Integer) Common.checkPerm(request, response, sGlobal, "maxfriendnum"); if (maxFriendNum != 0 && (Integer) space.get("friendnum") >= maxFriendNum + (Integer) space.get("addfriend")) { Map globalMagic = Common.getCacheDate(request, response, "cache/cache_magic.jsp", "globalMagic"); if (!Common.empty(globalMagic.get("friendnum"))) { return showMessage(request, response, "enough_of_the_number_of_friends_with_magic"); } else { return showMessage(request, response, "enough_of_the_number_of_friends"); } } List<Map<String, Object>> uids = dataBaseService .executeQuery("SELECT uid FROM sns_friend WHERE fuid='" + space.get("uid") + "' AND status='0' LIMIT 0,1"); if (uids.size() > 0) { Map<String, Object> value = uids.get(0); uid = (Integer) value.get("uid"); Map whereArr = new HashMap(); whereArr.put("uid", uid); String userName = Common.getCount("sns_space", whereArr, "username"); mainService.updateFriend(request, sGlobal, sConfig, (Integer) space.get("uid"), (String) space.get("username"), uid, userName, "add", 0); dataBaseService.executeUpdate("UPDATE sns_space SET addfriendnum=addfriendnum-1 WHERE uid='" + space.get("uid") + "' AND addfriendnum>0"); return showMessage(request, response, "friend_addconfirm_next", "main.action?ac=friend&op=addconfirm&key=" + space.get("key"), 1, userName); } } return showMessage(request, response, "do_success", "main.action?ac=friend&op=request", 0); } else if ("syn".equals(op)) { return null; } else if ("find".equals(op)) { int maxNum = 18; List noUids = new ArrayList(); if (space.get("friends") != null) { CollectionUtils.addAll(noUids, (String[]) space.get("friends")); } noUids.add(space.get("uid").toString()); List<Map<String, Object>> nearList = new ArrayList<Map<String, Object>>(maxNum); int i = 0; String myIp = Common.getOnlineIP(request, true); List<Map<String, Object>> sessionList = dataBaseService .executeQuery("SELECT * FROM sns_session WHERE ip='" + myIp + "' LIMIT 0,200"); for (Map<String, Object> value : sessionList) { if (!noUids.contains(value.get("uid").toString())) { nearList.add(value); i++; if (i >= maxNum) { break; } } } request.setAttribute("nearList", nearList); i = 0; if (!Common.empty(space.get("feedfriend"))) { Map friendList = new HashMap(maxNum); List<Map<String, Object>> friends = dataBaseService .executeQuery("SELECT fuid AS uid, fusername AS username FROM " + " sns_friend WHERE uid IN (" + space.get("feedfriend") + ") LIMIT 0,200"); for (Map<String, Object> value : friends) { if (!noUids.contains(value.get("uid").toString()) && !Common.empty(value.get("username"))) { friendList.put(value.get("uid"), value); i++; if (i >= maxNum) { break; } } } request.setAttribute("friendList", friendList); } i = 0; List<Map<String, Object>> onLineList = new ArrayList<Map<String, Object>>(maxNum); List<Map<String, Object>> onLines = dataBaseService .executeQuery("SELECT * FROM sns_session LIMIT 0,200"); for (Map<String, Object> value : onLines) { if (!noUids.contains(value.get("uid").toString())) { onLineList.add(value); i++; if (i >= maxNum) { break; } } } request.setAttribute("onLineList", onLineList); } else if ("changegroup".equals(op)) { if (submitCheck(request, "changegroupsubmit")) { dataBaseService.executeUpdate( "UPDATE sns_friend SET gid='" + Common.intval(request.getParameter("group")) + "' WHERE uid='" + sGlobal.get("supe_uid") + "' AND fuid='" + uid + "'"); mainService.friendCache(request, sGlobal, sConfig, (Integer) sGlobal.get("supe_uid")); return showMessage(request, response, "do_success", (String) sGlobal.get("refer")); } List<Map<String, Object>> friends = dataBaseService .executeQuery("SELECT * FROM sns_friend WHERE uid='" + sGlobal.get("supe_uid") + "' AND fuid='" + uid + "'"); if (friends.isEmpty()) { return showMessage(request, response, "specified_user_is_not_your_friend"); } Map<String, Object> friend = friends.get(0); Map groupSelect = new HashMap(); groupSelect.put(friend.get("gid"), " checked"); Map<Integer, String> groups = Common.getFriendGroup(request); request.setAttribute("groups", groups); request.setAttribute("groupSelect", groupSelect); } else if ("changenum".equals(op)) { if (submitCheck(request, "changenumsubmit")) { dataBaseService.executeUpdate( "UPDATE sns_friend SET num='" + Common.intval(request.getParameter("num")) + "' WHERE uid='" + sGlobal.get("supe_uid") + "' AND fuid='" + uid + "'"); mainService.friendCache(request, sGlobal, sConfig, (Integer) sGlobal.get("supe_uid")); return showMessage(request, response, "do_success", (String) sGlobal.get("refer"), 0); } List<Map<String, Object>> friends = dataBaseService .executeQuery("SELECT * FROM sns_friend WHERE uid='" + sGlobal.get("supe_uid") + "' AND fuid='" + uid + "'"); if (friends.isEmpty()) { return showMessage(request, response, "specified_user_is_not_your_friend"); } request.setAttribute("friend", friends.get(0)); } else if ("group".equals(op)) { if (submitCheck(request, "groupsubmin")) { String[] fUids = request.getParameterValues("fuids"); if (Common.empty(fUids)) { return showMessage(request, response, "please_correct_choice_groups_friend"); } int groupId = Common.intval(request.getParameter("group")); dataBaseService.executeUpdate( "UPDATE sns_friend SET gid='" + groupId + "' WHERE uid='" + sGlobal.get("supe_uid") + "' AND fuid IN (" + Common.sImplode(fUids) + ") AND status='1'"); mainService.friendCache(request, sGlobal, sConfig, (Integer) sGlobal.get("supe_uid")); return showMessage(request, response, "do_success", (String) sGlobal.get("refer")); } int perPage = 50; int page = Common.intval(request.getParameter("page")); if (page < 1) { page = 1; } int start = (page - 1) * perPage; if (!Common.empty(space.get("friendnum"))) { Map<Integer, String> groups = Common.getFriendGroup(request); String theURL = "main.action?ac=friend&op=group"; int group = request.getParameter("group") == null ? -1 : Common.intval(request.getParameter("group")); String whereSQL = ""; if (group > -1) { whereSQL = "AND main.gid='" + group + "'"; theURL += "&group=" + group; } int count = dataBaseService.findRows("SELECT COUNT(*) FROM sns_friend main WHERE main.uid='" + space.get("uid") + "' AND main.status='1' " + whereSQL); List<Map<String, Object>> list = dataBaseService.executeQuery( "SELECT main.fuid AS uid,main.fusername AS username, main.gid, main.num FROM sns_friend main WHERE main.uid='" + space.get("uid") + "' AND main.status='1' " + whereSQL + " ORDER BY main.dateline DESC LIMIT " + start + "," + perPage); for (Map<String, Object> value : list) { value.put("group", groups.get(value.get("gid"))); } request.setAttribute("list", list); request.setAttribute("multi", Common.multi(request, count, perPage, page, (Integer) sConfig.get("maxpage"), theURL, null, null)); } Map<Integer, String> groups = Common.getFriendGroup(request); request.setAttribute("groups", groups); actives.put("group", " class=\"active\""); } else if ("request".equals(op)) { if (submitCheck(request, "requestsubmin")) { return showMessage(request, response, "do_success", (String) sGlobal.get("refer")); } int maxFriendnum = (Integer) Common.checkPerm(request, response, sGlobal, "maxfriendnum"); if (maxFriendnum > 0) { maxFriendnum = maxFriendnum + (Integer) space.get("addfriend"); } int perPage = 20; int page = Common.intval(request.getParameter("page")); if (page < 1) { page = 1; } int start = (page - 1) * perPage; String[] friend1 = (String[]) space.get("friends"); Map whereArr = new HashMap(); whereArr.put("fuid", space.get("uid")); whereArr.put("status", 0); int count = Common.intval(Common.getCount("sns_friend", whereArr, null)); if (count > 0) { List<Map<String, Object>> list = dataBaseService .executeQuery("SELECT f.dateline,f.note,f.fuid, s.*, sf.friend FROM " + " sns_friend f LEFT JOIN sns_space s ON s.uid=f.uid LEFT JOIN sns_spacefield sf ON sf.uid=f.uid WHERE f.fuid='" + space.get("uid") + "' AND f.status='0' ORDER BY f.dateline DESC LIMIT " + start + "," + perPage); for (Map<String, Object> value : list) { String[] cFriend = {}; String[] friend2 = Common.empty(value.get("friend")) ? null : value.get("friend").toString().split(","); if (friend1 != null && friend2 != null) { cFriend = getArrayIntersect(friend1, friend2); } value.put("cfriend", Common.implode(cFriend, ",")); value.put("cfcount", cFriend.length); } request.setAttribute("list", list); } if (count != (Integer) space.get("addfriendnum")) { dataBaseService.executeUpdate("UPDATE sns_space SET addfriendnum='" + count + "' WHERE uid='" + space.get("uid") + "'"); } request.setAttribute("multi", Common.multi(request, count, perPage, page, (Integer) sConfig.get("maxpage"), "main.action?ac=friend&op=request", null, null)); request.setAttribute("maxfriendnum", maxFriendnum); } else if ("groupname".equals(op)) { Map<Integer, String> groups = Common.getFriendGroup(request); int group = Common.intval(request.getParameter("group")); if (groups.get(group) == null) { return showMessage(request, response, "change_friend_groupname_error"); } if (submitCheck(request, "groupnamesubmit")) { Map<String, Object> privacy = (Map<String, Object>) space.get("privacy"); Map<Integer, String> groupList = null; if (privacy != null) { groupList = (Map<Integer, String>) privacy.get("groupname"); } groupList = groupList == null ? new HashMap<Integer, String>() : groupList; String groupName = Common.getStr(request.getParameter("groupname"), 20, true, true, false, 0, 0, request, response); groupList.put(group, groupName); if (privacy != null) { privacy.put("groupname", groupList); space.put("privacy", privacy); } mainService.privacyUpdate(privacy, (Integer) sGlobal.get("supe_uid")); return showMessage(request, response, "do_success", request.getParameter("refer")); } request.setAttribute("group", group); request.setAttribute("groups", groups); } else if ("groupignore".equals(op)) { Map<Integer, String> groups = Common.getFriendGroup(request); int group = Common.intval(request.getParameter("group")); if (groups.get(group) == null) { return showMessage(request, response, "change_friend_groupname_error"); } if (submitCheck(request, "groupignoresubmit")) { Map<String, Object> privacy = (Map<String, Object>) space.get("privacy"); Map<Integer, Integer> filterGid = null; if (privacy != null) { filterGid = (Map<Integer, Integer>) privacy.get("filter_gid"); } filterGid = filterGid == null ? new HashMap<Integer, Integer>() : filterGid; if (filterGid.get(group) != null) { filterGid.remove(group); } else { filterGid.put(group, group); } if (privacy != null) { privacy.put("filter_gid", filterGid); space.put("privacy", privacy); } mainService.privacyUpdate(privacy, (Integer) sGlobal.get("supe_uid")); mainService.friendCache(request, sGlobal, sConfig, (Integer) sGlobal.get("supe_uid")); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } request.setAttribute("group", group); } else if ("blacklist".equals(op)) { if ("delete".equals(request.getParameter("subop"))) { dataBaseService.executeUpdate("DELETE FROM sns_blacklist WHERE uid='" + space.get("uid") + "' AND buid='" + uid + "'"); return showMessage(request, response, "do_success", "zone.action?do=friend&view=blacklist&start=" + request.getParameter("start"), 0); } if (submitCheck(request, "blacklistsubmit")) { String userName = Common.trim(request.getParameter("username")); List<Map<String, Object>> spaceList = dataBaseService .executeQuery("SELECT * FROM sns_space WHERE username='" + userName + "'"); if (spaceList.isEmpty()) { return showMessage(request, response, "space_does_not_exist"); } Map<String, Object> toSpace = spaceList.get(0); if (toSpace.get("uid").equals(space.get("uid"))) { return showMessage(request, response, "unable_to_manage_self"); } if (Common.in_array((String[]) space.get("friends"), toSpace.get("uid"))) { mainService.updateFriend(request, sGlobal, sConfig, (Integer) sGlobal.get("supe_uid"), (String) sGlobal.get("supe_username"), (Integer) toSpace.get("uid"), "", "ignore", 0); } Map insertData = new HashMap(); insertData.put("uid", space.get("uid")); insertData.put("buid", toSpace.get("uid")); insertData.put("dateline", sGlobal.get("timestamp")); dataBaseService.insertTable("sns_blacklist", insertData, false, true); return showMessage(request, response, "do_success", "zone.action?do=friend&view=blacklist&start=" + request.getParameter("start"), 0); } } else if ("rand".equals(op)) { Object[] randUids = null; if ((Integer) space.get("friendnum") < 5) { List<Map<String, Object>> sessionList = dataBaseService .executeQuery("SELECT uid FROM sns_session LIMIT 0,100"); List onlineList = new ArrayList(sessionList.size()); for (Map<String, Object> value : sessionList) { if (!value.get("uid").equals(space.get("uid"))) { onlineList.add(value.get("uid")); } } randUids = (Object[]) Common .sarrayRand(arrayMerge(onlineList.toArray(), (String[]) space.get("friends")), 1); } else { randUids = (Object[]) Common.sarrayRand(space.get("friends"), 1); } return showMessage(request, response, "do_success", "zone.action?uid=" + (randUids == null ? "" : randUids[randUids.length - 1]), 0); } else if ("getcfriend".equals(op)) { String[] fuids = Common.empty(request.getParameter("fuid")) ? null : request.getParameter("fuid").split(","); Map<Integer, Integer> newfUids = new HashMap<Integer, Integer>(fuids == null ? 0 : fuids.length); if (fuids != null) { for (String value : fuids) { int fuid = Common.intval(value); if (fuid != 0) { newfUids.put(fuid, fuid); } } } if (!newfUids.isEmpty()) { List<Map<String, Object>> list = dataBaseService .executeQuery("SELECT uid,username,name,namestatus FROM sns_space WHERE uid IN (" + Common.sImplode(newfUids) + ") LIMIT 0,15"); request.setAttribute("list", list); } } else if ("search".equals(op)) { Map<Integer, Map<String, Object>> fields = Common.getCacheDate(request, response, "cache/cache_profilefield.jsp", "globalProfilefield"); if (!Common.empty(request.getParameter("searchsubmit")) || !Common.empty(request.getParameter("searchmode"))) { Map<String, String[]> paramMap = request.getParameterMap(); paramMap.put("searchsubmit", new String[] { 1 + "" }); paramMap.put("searchmode", new String[] { 1 + "" }); List<String> whereArr = new ArrayList<String>(); Map<String, String> fromArr = new HashMap<String, String>(); String fSQL = ""; fromArr.put("space", " sns_space s"); String searchKey = request.getParameter("searchkey"); if (!Common.empty(Common.stripSearchKey(searchKey))) { whereArr.add("(s.name='" + searchKey + "' OR s.username='" + searchKey + "')"); } else { for (String value : new String[] { "uid", "username", "name", "videostatus", "avatar" }) { if (!Common.empty(request.getParameter(value))) { whereArr.add("s." + value + "='" + request.getParameter(value) + "'"); } } } String spaceField = null; for (String value : new String[] { "sex", "qq", "msn", "birthyear", "birthmonth", "birthday", "blood", "marry", "birthprovince", "birthcity", "resideprovince", "residecity" }) { if (!Common.empty(request.getParameter(value))) { fromArr.put("spacefield", " sns_spacefield sf"); spaceField = "sf.uid=s.uid"; whereArr.add("sf." + value + "='" + request.getParameter(value) + "'"); fSQL += ", sf." + value; } } int startAge, endAge; endAge = startAge = 0; if (!Common.empty(request.getParameter("endage"))) { startAge = Integer.valueOf(Common.sgmdate(request, "yyyy", 0)) - Common.intval(request.getParameter("endage")); } if (!Common.empty(request.getParameter("startage"))) { endAge = Integer.valueOf(Common.sgmdate(request, "yyyy", 0)) - Common.intval(request.getParameter("startage")); } if (startAge != 0 || endAge != 0) { fromArr.put("spacefield", " sns_spacefield sf"); spaceField = "sf.uid=s.uid"; } if (startAge != 0 && endAge != 0 && endAge > startAge) { whereArr.add("(sf.birthyear>=" + startAge + " AND sf.birthyear<=" + endAge + ")"); } else if (startAge != 0 && endAge == 0) { whereArr.add("sf.birthyear>=" + startAge); } else if (startAge == 0 && endAge != 0) { whereArr.add("sf.birthyear<=" + endAge); } boolean haveField = false; for (Entry<Integer, Map<String, Object>> e : fields.entrySet()) { if (!Common.empty(e.getValue().get("allowsearch"))) { String field = Common.stripSearchKey(request.getParameter("field_" + e.getKey())); if (!Common.empty(field)) { haveField = true; whereArr.add("sf.field_" + e.getKey() + " LIKE '%" + field + "%'"); } } } if (haveField) { fromArr.put("spacefield", " sns_spacefield sf"); spaceField = "sf.uid=s.uid"; } String type = request.getParameter("type"); String spaceInfo = null; if ("edu".equals(type) || "work".equals(type)) { for (String value : new String[] { "type", "title", "subtitle", "startyear" }) { if (!Common.empty(request.getParameter(value))) { fromArr.put("spaceinfo", " sns_spaceinfo si"); spaceInfo = "si.uid=s.uid"; whereArr.add("si." + value + "='" + request.getParameter(value) + "'"); } } } if (!whereArr.isEmpty()) { List<Map<String, Object>> searchList = dataBaseService .executeQuery("SELECT s.* " + fSQL + " FROM " + Common.implode(fromArr, ",") + " WHERE " + Common.implode(whereArr, " AND ") + (spaceField == null ? "" : " AND " + spaceField) + (spaceInfo == null ? "" : " AND " + spaceInfo) + " LIMIT 0,500"); Set<Map<String, Object>> list = new LinkedHashSet<Map<String, Object>>(searchList.size()); for (Map<String, Object> value : searchList) { value.put("isfriend", (value.get("uid").equals(space.get("uid")) || (Common.in_array((String[]) space.get("friends"), value.get("uid")))) ? true : false); value.put("gColor", Common.getColor(request, response, (Integer) value.get("groupid"))); value.put("gIcon", Common.getIcon(request, response, (Integer) value.get("groupid"))); list.add(value); } request.setAttribute("list", list); } } else { StringBuffer yearHTML = new StringBuffer(); int nowy = Integer.valueOf(Common.sgmdate(request, "yyyy", 0)); for (int i = 0; i < 50; i++) { int they = nowy - i; yearHTML.append("<option value=\"" + they + "\">" + they + "</option>"); } request.setAttribute("yearhtml", yearHTML); Map sexArr = new HashMap(); sexArr.put(space.get("sex").toString(), " checked"); request.setAttribute("sexarr", sexArr); String all = request.getParameter("all"); StringBuffer birthYearHTML = new StringBuffer(); for (int i = 0; i < 100; i++) { int they = nowy - i; String selectStr = ""; if (Common.empty(all)) { selectStr = they == (Integer) space.get("birthyear") ? " selected" : ""; } birthYearHTML .append("<option value=\"" + they + "\"" + selectStr + ">" + they + "</option>"); } request.setAttribute("birthyearhtml", birthYearHTML.toString()); String birthMonthHTML = ""; for (int i = 1; i < 13; i++) { String selectStr = ""; if (Common.empty(all)) { selectStr = i == (Integer) space.get("birthmonth") ? " selected" : ""; } birthMonthHTML += "<option value=\"" + i + "\"" + selectStr + ">" + i + "</option>"; } request.setAttribute("birthmonthhtml", birthMonthHTML.toString()); StringBuffer birthdayHTML = new StringBuffer(); for (int i = 1; i < 29; i++) { String selectStr = ""; if (Common.empty(all)) { selectStr = i == (Integer) space.get("birthday") ? " selected" : ""; } birthdayHTML.append("<option value=\"" + i + "\"" + selectStr + ">" + i + "</option>"); } request.setAttribute("birthdayhtml", birthdayHTML.toString()); String bloodHTML = ""; for (String value : new String[] { "A", "B", "O", "AB" }) { String selectStr = ""; if (Common.empty(all)) { selectStr = value.equals(space.get("blood")) ? " selected" : ""; } bloodHTML += "<option value=\"" + value + "\"" + selectStr + ">" + value + "</option>"; } request.setAttribute("bloodhtml", bloodHTML.toString()); Map marryArr = new HashMap(); marryArr.put(space.get("marry").toString(), " selected"); request.setAttribute("marryarr", marryArr); List<Integer> removeKeys = new ArrayList<Integer>(fields.size()); for (Entry<Integer, Map<String, Object>> e : fields.entrySet()) { Map<String, Object> fValue = e.getValue(); if (!Common.empty(fValue.get("allowsearch"))) { if ("text".equals(fValue.get("formtype"))) { fValue.put("html", "<input type=\"text\" name=\"field_" + e.getKey() + "\" value=\"\" class=\"t_input\">"); } else { StringBuffer HTML = new StringBuffer(); HTML.append("<select name=\"field_" + e.getKey() + "\"><option value=\"\">---</option>"); String[] optionArr = fValue.get("choice").toString().split("\n"); for (String ov : optionArr) { ov = ov.trim(); if (!"".equals(ov)) { HTML.append("<option value=\"" + ov + "\">" + ov + "</option>"); } } HTML.append("</select>"); fValue.put("html", HTML.toString()); } } else { removeKeys.add(e.getKey()); } } for (Integer removeKey : removeKeys) { fields.remove(removeKey); } request.setAttribute("fields", fields); } } } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } request.setAttribute("op", op); request.setAttribute("uid", uid); return include(request, response, sConfig, sGlobal, "cp_friend.jsp"); } public ActionForward cp_invite(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); String siteURL = Common.getSiteUrl(request); int maxCount = 50; Map<String, Integer> reward = Common.getReward("invitecode", false, 0, "", true, request, response); int appId = Common.intval(request.getParameter("app")); String inviteApp, inviteCode = ""; inviteApp = ""; if (Common.empty(reward.get("credit")) || appId != 0) { reward.put("credit", 0); inviteCode = Common.spaceKey(space, sConfig, appId); } String spaceURL = siteURL + "zone.action?uid=" + sGlobal.get("supe_uid"); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); String sizeType = "middle"; String attachUrl = SysConstants.snsConfig.get("attachUrl"); String avatar = "<img src=\"" + siteURL + Common.avatar((Integer) space.get("uid"), sizeType, true, sGlobal, sConfig) + "\" onerror=\"this.onerror=null;this.src=\'" + siteURL + attachUrl + "/avatar/not_avatar_" + sizeType + ".png\'\">"; String[] mailArgs = { "<a href=\"" + spaceURL + "\">" + avatar + "</a><br>" + sNames.get(space.get("uid")), sNames.get(space.get("uid")), (String) sConfig.get("sitename"), "", "", spaceURL, "" }; Map<String, Object> appInfo = null; if (appId != 0) { List<Map<String, Object>> appList = dataBaseService .executeQuery("SELECT * FROM sns_myapp WHERE appid='" + appId + "'"); if (!appList.isEmpty()) { appInfo = appList.get(0); inviteApp = "&app=" + appId; mailArgs[6] = (String) appInfo.get("appname"); } else { appId = 0; } } try { if (submitCheck(request, "emailinvite")) { if (!Common.empty(sConfig.get("closeinvite"))) { return showMessage(request, response, "close_invite"); } Object[] mails = Common.uniqueArray(Common.trim(request.getParameter("email")).split(",")); int inviteNum = 0; List<String> failingMail = new ArrayList<String>(mails.length); for (Object mail : mails) { String value = mail.toString().trim(); if (Common.empty(value) || !Common.isEmail(value)) { failingMail.add(value); continue; } if (reward.get("credit") != 0) { int credit = reward.get("credit") * (inviteNum + 1); if (credit > (Integer) space.get("credit")) { failingMail.add(value); continue; } String code = Common.getRandStr(6, false).toLowerCase(); Map<String, Object> setArr = new HashMap<String, Object>(); setArr.put("uid", sGlobal.get("supe_uid")); setArr.put("code", code); setArr.put("email", Common.sAddSlashes(value)); setArr.put("type", 1); int id = dataBaseService.insertTable("sns_invite", setArr, true, false); if (id != 0) { mailArgs[4] = siteURL + "extend.action?action=invite&" + id + code + inviteApp; createMail(request, response, sConfig, sNames, space, value, mailArgs, appInfo); inviteNum++; } else { failingMail.add(value); } } else { mailArgs[4] = siteURL + "extend.action?action=invite&u=" + space.get("uid") + "&c=" + inviteCode + inviteApp; if (appId != 0) { mailArgs[6] = (String) appInfo.get("appname"); } createMail(request, response, sConfig, sNames, space, value, mailArgs, appInfo); } } if (reward.get("credit") != 0 && inviteNum != 0) { int credit = reward.get("credit") * inviteNum; dataBaseService.executeUpdate("UPDATE sns_space SET credit=credit-" + credit + " WHERE uid='" + sGlobal.get("supe_uid") + "'"); } if (!failingMail.isEmpty()) { return showMessage(request, response, "send_result_2", null, 1, Common.implode(failingMail, "<br>")); } else { return showMessage(request, response, "send_result_1"); } } String op = request.getParameter("op"); if ("resend".equals(op)) { int id = Common.intval(request.getParameter("id")); if (submitCheck(request, "resendsubmit")) { if (id == 0) { return showMessage(request, response, "send_result_3"); } List<Map<String, Object>> inviteList = dataBaseService .executeQuery("SELECT * FROM sns_invite WHERE id='" + id + "' AND uid='" + sGlobal.get("supe_uid") + "' ORDER BY id DESC"); if (!inviteList.isEmpty()) { Map<String, Object> invite = inviteList.get(0); String inviteURL = null; if (reward.get("credit") != 0) { inviteURL = siteURL + "extend.action?action=invite&" + invite.get("id") + invite.get("code"); } else { inviteURL = siteURL + "extend.action?action=invite&u=" + space.get("uid") + "&c=" + inviteCode; } mailArgs[4] = inviteURL; createMail(request, response, sConfig, sNames, space, (String) invite.get("email"), mailArgs, appInfo); return showMessage(request, response, "send_result_1", request.getParameter("refer")); } else { return showMessage(request, response, "send_result_3"); } } request.setAttribute("id", id); } else if ("delete".equals(op)) { int id = Common.intval(request.getParameter("id")); if (id == 0) { return showMessage(request, response, "there_is_no_record_of_invitation_specified"); } List<Map<String, Object>> inviteList = dataBaseService.executeQuery( "SELECT * FROM sns_invite WHERE id='" + id + "' AND uid='" + sGlobal.get("supe_uid") + "'"); if (!inviteList.isEmpty()) { if (submitCheck(request, "deletesubmit")) { dataBaseService.executeUpdate("DELETE FROM sns_invite WHERE id='" + id + "'"); return showMessage(request, response, "do_success", request.getParameter("refer")); } } else { return showMessage(request, response, "there_is_no_record_of_invitation_specified"); } request.setAttribute("id", id); } else { List list = new ArrayList(); List<Map<String, Object>> fList = new ArrayList<Map<String, Object>>(); int count = 0; List<Map<String, Object>> inviteList = dataBaseService.executeQuery( "SELECT * FROM sns_invite WHERE uid='" + sGlobal.get("supe_uid") + "' ORDER BY id DESC"); int credit = reward.get("credit"); String inviteURL = null; List<Map<String, Object>> mailList = new ArrayList<Map<String, Object>>(); for (Map<String, Object> value : inviteList) { if (!Common.empty(value.get("fuid"))) { fList.add(value); } else { if (credit != 0) { inviteURL = siteURL + "extend.action?action=invite&" + value.get("id") + value.get("code"); } else { inviteURL = siteURL + "extend.action?action=invite&u=" + space.get("uid") + "&c=" + inviteCode + inviteApp; } if (!Common.empty(value.get("type"))) { Map<String, Object> tempMap = new HashMap<String, Object>(); tempMap.put("email", value.get("email")); tempMap.put("url", inviteURL); tempMap.put("id", value.get("id")); mailList.add(tempMap); } else { list.add(inviteURL); count++; } } } request.setAttribute("maillist", mailList); request.setAttribute("flist", fList); if (inviteURL != null) { mailArgs[4] = inviteURL; } else if (credit != 0) { mailArgs[4] = siteURL + "extend.action?action=invite&{xxxxxx}"; } else { mailArgs[4] = siteURL + "extend.action?action=invite&u=" + space.get("uid") + "&c=" + inviteCode + inviteApp; } if (credit != 0) { request.setAttribute("list_str", list.isEmpty() ? null : Common.implode(list, "\n")); int maxcount_my = maxCount - count; int maxInviteNum = credit == 0 ? maxcount_my : new Float(Float.valueOf((Integer) space.get("credit")) / credit).intValue(); if (maxInviteNum > maxcount_my) { maxInviteNum = maxcount_my; } if (maxInviteNum < 0) { maxInviteNum = 0; } request.setAttribute("maxinvitenum", maxInviteNum); if (submitCheck(request, "invitesubmit")) { if (!Common.empty(sConfig.get("closeinvite"))) { return showMessage(request, response, "close_invite"); } int inviteNum = Common.intval(request.getParameter("invitenum")); if (inviteNum > maxInviteNum) { inviteNum = maxInviteNum; } int decreaseCredit = credit * inviteNum; if (inviteNum == 0 || (credit != 0 && decreaseCredit > (Integer) space.get("credit"))) { return showMessage(request, response, "invite_error"); } List<String> codes = new ArrayList<String>(inviteNum); for (int i = 0; i < inviteNum; i++) { codes.add("(" + sGlobal.get("supe_uid") + ", '" + Common.getRandStr(6, false).toLowerCase() + "')"); } if (!codes.isEmpty()) { dataBaseService.executeUpdate( "INSERT INTO sns_invite (uid, code) VALUES " + Common.implode(codes, ",")); if (decreaseCredit != 0) { dataBaseService.executeUpdate("UPDATE sns_space SET credit=credit-" + decreaseCredit + " WHERE uid='" + sGlobal.get("supe_uid") + "'"); } } return showMessage(request, response, "do_success", "main.action?ac=invite", 0); } } request.setAttribute("uri", request.getContextPath() + "/"); request.setAttribute("appid", appId); if (appId != 0) { request.setAttribute("appinfo", appInfo); } request.setAttribute("credit", credit); request.setAttribute("mailvar", mailArgs); } } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } return include(request, response, sConfig, sGlobal, "cp_invite.jsp"); } public ActionForward cp_magic(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); String op = request.getParameter("op"); op = Common.empty(op) ? "view" : op; String mid = Common.trim(request.getParameter("mid")); int supe_uid = (Integer) sGlobal.get("supe_uid"); int timestamp = (Integer) sGlobal.get("timestamp"); Map<String, Object> space = Common.getSpace(request, sGlobal, sConfig, supe_uid); if (!Common.checkPerm(request, response, "allowmagic")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "magic_groupid_not_allowed"); } Map<String, Object> magic = null; if (!mid.equals("")) { Object result = propsService.magic_get(mid); if (result instanceof MessageVO) { return showMessage(request, response, (MessageVO) result); } magic = (Map<String, Object>) result; } boolean sc_buysubmit = false; boolean sc_presentsubmit = false; try { sc_buysubmit = submitCheck(request, "buysubmit"); if (!sc_buysubmit) { sc_presentsubmit = submitCheck(request, "presentsubmit"); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } if (sc_buysubmit) { if (mid.equals("")) { return showMessage(request, response, "unknown_magic"); } Object result = propsService.magic_buy_get(request, response, magic, sGlobal, space); if (result instanceof MessageVO) { return showMessage(request, response, (MessageVO) result); } Map<String, Object> datas = (Map<String, Object>) result; Map<String, Object> magicstore = (Map<String, Object>) datas.get("magicstore"); Map<String, Object> coupon = (Map<String, Object>) datas.get("coupon"); result = propsService.magic_buy_post(request, response, sGlobal, space, magic, magicstore, coupon); if (result instanceof MessageVO) { return showMessage(request, response, (MessageVO) result); } int charge = (Integer) result; if ((Integer) magic.get("experience") != 0) { String buynumS = request.getParameter("buynum"); int buynum = buynumS != null ? Common.intval(buynumS.trim()) : 0; return showMessage(request, response, "magicbuy_success_with_experence", request.getParameter("refer"), 0, charge + "", ((Integer) magic.get("experience") * buynum) + ""); } else { return showMessage(request, response, "magicbuy_success", request.getParameter("refer"), 0, charge + ""); } } else if (sc_presentsubmit) { if (mid.equals("")) { return showMessage(request, response, "unknown_magic"); } if (mid.equals("license")) { return showMessage(request, response, "magic_can_not_be_presented"); } String fusername = request.getParameter("fusername"); fusername = fusername == null ? fusername : fusername.trim(); if (Common.empty(fusername)) { return showMessage(request, response, "bad_friend_username_given"); } try { fusername = Common.getStr(fusername, 15, false, false, false, 0, 0, request, response); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT * FROM sns_friend WHERE uid = '" + supe_uid + "' AND fusername='" + fusername + "'"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; if (value == null) { return showMessage(request, response, "bad_friend_username_given"); } int fuid = (Integer) value.get("fuid"); Map<String, Map<String, Object>> usermagics = new HashMap<String, Map<String, Object>>(); query = dataBaseService.executeQuery("SELECT * FROM sns_usermagic WHERE uid='" + supe_uid + "' AND mid IN('license', '" + mid + "')"); for (Map<String, Object> value_ : query) { usermagics.put((String) value_.get("mid"), value_); } Map<String, Object> tempMap = usermagics.get("license"); if (tempMap == null || (Integer) tempMap.get("count") == 0) { return showMessage(request, response, "has_no_more_present_magic"); } tempMap = usermagics.get(mid); if (tempMap == null || (Integer) tempMap.get("count") == 0) { return showMessage(request, response, "has_no_more_magic", null, 0, (String) magic.get("name"), "a_buy_" + mid, "main.action?ac=magic&op=buy&mid=" + mid); } dataBaseService.execute("UPDATE sns_usermagic SET count = count - 1 WHERE uid = '" + supe_uid + "' AND mid IN ('license', '" + mid + "')"); query = dataBaseService .executeQuery("SELECT * FROM sns_usermagic WHERE uid='" + fuid + "' AND mid='" + mid + "'"); value = query.size() > 0 ? query.get(0) : null; int count = value != null ? (Integer) value.get("count") + 1 : 1; Map<String, Object> insertData = new HashMap<String, Object>(); insertData.put("uid", fuid); insertData.put("username", fusername); insertData.put("mid", mid); insertData.put("count", count); dataBaseService.insertTable("sns_usermagic", insertData, false, true); insertData.clear(); insertData.put("uid", fuid); insertData.put("username", fusername); insertData.put("mid", mid); insertData.put("count", 1); insertData.put("type", 2); insertData.put("fromid", supe_uid); insertData.put("credit", 0); insertData.put("dateline", timestamp); dataBaseService.insertTable("sns_magicinlog", insertData, false, false); String note = Common.getMessage(request, "cp_magic_present_note", (String) magic.get("name"), "main.action?ac=magic&view=me&mid=" + mid); note = note == null ? "magic_present_note" : note; mainService.addNotification(request, sGlobal, sConfig, fuid, "magic", note, false); return showMessage(request, response, "magicpresent_success", request.getParameter("refer"), 0, fusername); } if ("buy".equals(op)) { Object result = propsService.magic_buy_get(request, response, magic, sGlobal, space); if (result instanceof MessageVO) { return showMessage(request, response, (MessageVO) result); } Map<String, Object> datas = (Map<String, Object>) result; Map<String, Object> magicstore = (Map<String, Object>) datas.get("magicstore"); Map<String, Object> coupon = (Map<String, Object>) datas.get("coupon"); request.setAttribute("mid", mid); request.setAttribute("magicstore", magicstore); request.setAttribute("coupon", coupon); request.setAttribute("discount", datas.get("discount")); request.setAttribute("charge", datas.get("charge")); String ac = request.getParameter("ac"); request.setAttribute("ac", ac != null ? ac.trim() : ""); request.setAttribute("magic", magic); } else if ("present".equals(op)) { if (mid.equals("license")) { return showMessage(request, response, "magic_can_not_be_presented"); } Map<String, Map<String, Object>> usermagics = new HashMap<String, Map<String, Object>>(); List<Map<String, Object>> query = dataBaseService.executeQuery("SELECT * FROM sns_usermagic WHERE uid='" + supe_uid + "' AND mid IN('license', '" + mid + "')"); for (Map<String, Object> value : query) { usermagics.put((String) value.get("mid"), value); } Map<String, Object> tempMap = usermagics.get("license"); if (tempMap == null || (Integer) tempMap.get("count") == 0) { return showMessage(request, response, "has_no_more_present_magic"); } tempMap = usermagics.get(mid); if (tempMap == null || (Integer) tempMap.get("count") == 0) { return showMessage(request, response, "has_no_more_magic", null, 0, (String) magic.get("name"), "a_buy_" + mid, "main.action?ac=magic&op=buy&mid=" + mid); } request.setAttribute("mid", mid); request.setAttribute("magic", magic); } else if ("showusage".equals(op)) { if (mid.equals("")) { return showMessage(request, response, "unknown_magic"); } request.setAttribute("mid", mid); } else if ("receive".equals(op)) { String uidS = request.getParameter("uid"); int uid = uidS != null ? Common.intval(uidS.trim()) : 0; List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_magicuselog WHERE uid='" + uid + "' AND mid='gift' LIMIT 1"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; String value_data; if (value != null && (value_data = (String) value.get("data")) != null && !value_data.equals("")) { Map<String, Object> data = Serializer.unserialize(value_data, false); if ((Integer) data.get("left") <= 0) { return showMessage(request, response, "magic_gift_already_given_out"); } Map<Integer, Integer> receiver = (Map<Integer, Integer>) data.get("receiver"); if (receiver == null) { receiver = new HashMap<Integer, Integer>(); data.put("receiver", receiver); } int receiverIndex = 0; for (Entry<Integer, Integer> entry : receiver.entrySet()) { if (entry.getValue() == supe_uid) { return showMessage(request, response, "magic_had_got_gift"); } receiverIndex = Math.max(receiverIndex, entry.getKey()); } int data_left = (Integer) data.get("left"); int data_chunk = (Integer) data.get("chunk"); int credit = Math.min(data_chunk, data_left); receiver.put(++receiverIndex, supe_uid); data_left = data_left - credit; data.put("left", data_left); if (data_left > 0) { Map<String, Object> setData = new HashMap<String, Object>(); setData.put("data", Serializer.serialize(data)); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("logid", value.get("logid")); dataBaseService.updateTable("sns_magicuselog", setData, whereData); } else { dataBaseService .execute("DELETE FROM sns_magicuselog WHERE logid = '" + value.get("logid") + "'"); } dataBaseService.execute( "UPDATE sns_space SET credit = credit + '" + credit + "' WHERE uid='" + supe_uid + "'"); return showMessage(request, response, "magic_got_gift", null, 0, credit + ""); } else { return showMessage(request, response, "magic_has_no_gift"); } } else if ("appear".equals(op)) { Map<String, Object> session_member = (Map<String, Object>) sGlobal.get("session"); if (session_member == null || (Integer) session_member.get("magichidden") == 0) { return showMessage(request, response, "magic_not_hidden_yet"); } boolean scb = false; try { scb = submitCheck(request, "appearsubmit"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } if (scb) { Map<String, Object> setData = new HashMap<String, Object>(); Map<String, Object> whereData = new HashMap<String, Object>(); setData.put("magichidden", "0"); whereData.put("uid", supe_uid); dataBaseService.updateTable("sns_session", setData, whereData); setData.clear(); setData.put("expire", timestamp); whereData.put("mid", "invisible"); dataBaseService.updateTable("sns_magicuselog", setData, whereData); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } } else if ("retrieve".equals(op)) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_magicuselog WHERE uid = '" + supe_uid + "' AND mid = 'gift'"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; int leftcredit = 0; String dataS = null; if (value == null) { return showMessage(request, response, "not_set_gift"); } else if ((dataS = (String) value.get("data")) != null && !dataS.equals("")) { Map<String, Object> data = Serializer.unserialize(dataS, false); leftcredit = (Integer) data.get("left"); } boolean scb = false; try { scb = submitCheck(request, "retrievesubmit"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } if (scb) { dataBaseService .execute("DELETE FROM sns_magicuselog WHERE uid = '" + supe_uid + "' AND mid = 'gift'"); dataBaseService.execute( "UPDATE sns_space SET credit = credit + " + leftcredit + " WHERE uid = '" + supe_uid + "'"); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } request.setAttribute("leftcredit", leftcredit); } else if ("cancelsuperstar".equals(op)) { mid = "superstar"; List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_spacefield WHERE uid = '" + supe_uid + "'"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; Integer magicstar; if (value == null || (magicstar = (Integer) value.get("magicstar")) == null || magicstar == 0) { return showMessage(request, response, "not_superstar_yet"); } boolean scb = false; try { scb = submitCheck(request, "cancelsubmit"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } if (scb) { Map<String, Object> setData = new HashMap<String, Object>(); Map<String, Object> whereData = new HashMap<String, Object>(); setData.put("magicstar", 0); whereData.put("uid", supe_uid); dataBaseService.updateTable("sns_spacefield", setData, whereData); setData.clear(); setData.put("expire", timestamp); whereData.put("mid", "superstar"); dataBaseService.updateTable("sns_magicuselog", setData, whereData); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } } else if ("cancelflicker".equals(op)) { mid = "flicker"; String idtype = "cid"; String idS = request.getParameter("id"); int id = idS != null ? Common.intval(idS.trim()) : 0; List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT * FROM sns_comment WHERE cid = '" + id + "' AND authorid = '" + supe_uid + "'"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; Integer magicflicker; if (value == null || (magicflicker = (Integer) value.get("magicflicker")) == null || magicflicker == 0) { return showMessage(request, response, "no_flicker_yet"); } boolean scb = false; try { scb = submitCheck(request, "cancelsubmit"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } if (scb) { Map<String, Object> setData = new HashMap<String, Object>(); setData.put("magicflicker", 0); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("cid", id); whereData.put("authorid", supe_uid); dataBaseService.updateTable("sns_comment", setData, whereData); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } request.setAttribute("id", id); request.setAttribute("idtype", idtype); request.setAttribute("mid", mid); } else if ("cancelcolor".equals(op)) { mid = "color"; String idS = request.getParameter("id"); int id = idS != null ? Common.intval(idS.trim()) : 0; String idtype = request.getParameter("idtype"); if (idtype == null) { return showMessage(request, response, "access error : 00001"); } idtype = idtype.trim(); Map<String, String> mapping = new HashMap<String, String>(); mapping.put("blogid", "sns_blogfield"); mapping.put("tid", "sns_thread"); String tablename = mapping.get(idtype); if (Common.empty(tablename)) { return showMessage(request, response, "no_color_yet"); } List<Map<String, Object>> query = dataBaseService.executeQuery("SELECT * FROM " + tablename + " WHERE " + idtype + " = '" + id + "' AND uid = '" + supe_uid + "'"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; Integer magiccolor; if (value == null || (magiccolor = (Integer) value.get("magiccolor")) == null || magiccolor == 0) { return showMessage(request, response, "no_color_yet"); } boolean scb = false; try { scb = submitCheck(request, "cancelsubmit"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } if (scb) { Map<String, Object> setData = new HashMap<String, Object>(); setData.put("magiccolor", 0); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put(idtype, id); dataBaseService.updateTable(tablename, setData, whereData); query = dataBaseService.executeQuery( "SELECT * FROM sns_feed WHERE id = '" + id + "' AND idtype = '" + idtype + "'"); Map<String, Object> feed = query.size() > 0 ? query.get(0) : null; if (feed != null) { String body_data = (String) feed.get("body_data"); Map body_data_subMap = Serializer.unserialize(body_data, false); body_data_subMap.remove("magic_color"); body_data = Serializer.serialize(body_data_subMap); setData.clear(); whereData.clear(); setData.put("body_data", body_data); whereData.put("feedid", feed.get("feedid")); dataBaseService.updateTable("sns_feed", setData, whereData); } return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } request.setAttribute("id", id); request.setAttribute("idtype", idtype); request.setAttribute("mid", mid); } else if ("cancelframe".equals(op)) { mid = "frame"; String idtype = "picid"; String idS = request.getParameter("id"); int id = idS != null ? Common.intval(idS.trim()) : 0; List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_pic WHERE picid = '" + id + "' AND uid = '" + supe_uid + "'"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; Integer magicframe; if (value == null || (magicframe = (Integer) value.get("magicframe")) == null || magicframe == 0) { return showMessage(request, response, "no_frame_yet"); } boolean scb = false; try { scb = submitCheck(request, "cancelsubmit"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } if (scb) { Map<String, Object> setData = new HashMap<String, Object>(); setData.put("magicframe", 0); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("picid", id); dataBaseService.updateTable("sns_pic", setData, whereData); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } request.setAttribute("id", id); request.setAttribute("idtype", idtype); request.setAttribute("mid", mid); } else if ("cancelbgimage".equals(op)) { mid = "bgimage"; String idtype = "blogid"; String idS = request.getParameter("id"); int id = idS != null ? Common.intval(idS.trim()) : 0; List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT * FROM sns_blogfield WHERE blogid = '" + id + "' AND uid = '" + supe_uid + "'"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; Integer magicpaper; if (value == null || (magicpaper = (Integer) value.get("magicpaper")) == null || magicpaper == 0) { return showMessage(request, response, "no_bgimage_yet"); } boolean scb = false; try { scb = submitCheck(request, "cancelsubmit"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } if (scb) { Map<String, Object> setData = new HashMap<String, Object>(); setData.put("magicpaper", 0); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("blogid", id); dataBaseService.updateTable("sns_blogfield", setData, whereData); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } request.setAttribute("id", id); request.setAttribute("idtype", idtype); request.setAttribute("mid", mid); } else { String view = request.getParameter("view"); if (view != null) { view = view.trim(); } if ("me".equals(view)) { Map<String, String> types = new HashMap<String, String>(); types.put("list", " class=\"active\""); request.setAttribute("types", types); Map<String, Map<String, Object>> list = null; StringBuilder ids = new StringBuilder(); Map<String, Map<String, Object>> magics = new HashMap<String, Map<String, Object>>(); List<Map<String, Object>> query = null; if (!mid.equals("")) { magics.put(mid, magic); ids.append("'"); ids.append(mid); ids.append("'"); } else { query = dataBaseService.executeQuery("SELECT * FROM sns_magic WHERE close = '0'"); String tempS; Pattern pattern = Pattern.compile(","); boolean existMid = false; for (Map<String, Object> value : query) { tempS = (String) value.get("forbiddengid"); if (tempS != null) { value.put("forbiddengid", pattern.split(tempS)); } else { value.put("forbiddengid", new String[0]); } tempS = (String) value.get("mid"); magics.put(tempS, value); if (existMid) { ids.append(","); } else { existMid = true; } ids.append("'"); ids.append(tempS); ids.append("'"); } } query = dataBaseService.executeQuery("SELECT * FROM sns_usermagic WHERE uid='" + supe_uid + "' AND mid IN (" + ids.toString() + ") AND count > 0"); if (query.size() > 0) { list = new LinkedHashMap<String, Map<String, Object>>(); for (Map<String, Object> value : query) { list.put((String) value.get("mid"), value); } } request.setAttribute("list", list); request.setAttribute("magics", magics); request.setAttribute("mid", mid); } else if ("log".equals(view)) { String type = request.getParameter("type"); type = type != null && ((type = type.trim()).equals("in") || type.equals("out") || type.equals("present")) ? type : "in"; request.setAttribute("gType", type); Map<String, String> types = new HashMap<String, String>(); types.put(type, " class=\"active\""); request.setAttribute("types", types); int perpage = 20; String pageGet = request.getParameter("page"); int page = Common.empty(pageGet) ? 0 : Common.intval(pageGet); if (page < 1) page = 1; int start = (page - 1) * perpage; int maxPage = (Integer) sConfig.get("maxpage"); String result = Common.ckStart(start, perpage, maxPage); if (result != null) { return showMessage(request, response, result); } List<Map<String, Object>> list = null; List<Map<String, Object>> query = null; int count = 0; if ("in".equals(type)) { List<Integer> uids = null; query = dataBaseService.executeQuery( "SELECT COUNT(*) AS cont FROM sns_magicinlog WHERE uid = '" + supe_uid + "'"); count = query.size() > 0 ? (Integer) query.get(0).get("cont") : 0; if (count != 0) { query = dataBaseService.executeQuery("SELECT * FROM sns_magicinlog WHERE uid = '" + supe_uid + "' ORDER BY dateline DESC LIMIT " + start + ", " + perpage); list = query.size() > 0 ? query : null; uids = new ArrayList<Integer>(); for (Map<String, Object> value : query) { value.put("dateline", Common.sgmdate(request, "MM-dd HH:mm", (Integer) value.get("dateline"), true)); if ((Integer) value.get("type") == 2) { uids.add((Integer) value.get("fromid")); } } } if (uids != null && uids.size() > 0) { query = dataBaseService.executeQuery( "SELECT * FROM sns_member WHERE uid IN (" + Common.sImplode(uids) + ")"); } } else if ("present".equals(type)) { query = dataBaseService.executeQuery( "SELECT COUNT(*) AS cont FROM sns_magicinlog WHERE type = 2 AND fromid = '" + supe_uid + "'"); count = query.size() > 0 ? (Integer) query.get(0).get("cont") : 0; if (count != 0) { query = dataBaseService .executeQuery("SELECT * FROM sns_magicinlog WHERE type = 2 AND fromid = '" + supe_uid + "' ORDER BY dateline DESC LIMIT " + start + ", " + perpage); list = query.size() > 0 ? query : null; for (Map<String, Object> value : query) { value.put("dateline", Common.sgmdate(request, "MM-dd HH:mm", (Integer) value.get("dateline"), true)); } } } else { query = dataBaseService.executeQuery( "SELECT COUNT(*) AS cont FROM sns_magicuselog WHERE uid = '" + supe_uid + "'"); count = query.size() > 0 ? (Integer) query.get(0).get("cont") : 0; if (count != 0) { query = dataBaseService.executeQuery("SELECT * FROM sns_magicuselog WHERE uid = '" + supe_uid + "' ORDER BY dateline DESC LIMIT " + start + ", " + perpage); list = query.size() > 0 ? query : null; for (Map<String, Object> value : query) { value.put("dateline", Common.sgmdate(request, "MM-dd HH:mm", (Integer) value.get("dateline"), true)); value.put("data", Serializer.unserialize((String) value.get("data"), false)); value.put("expire", Common.sgmdate(request, "MM-dd HH:mm", (Integer) value.get("expire"), false)); } } } String theurl = "main.action?ac=magic&view=log&type=" + type; String multi = Common.multi(request, count, perpage, page, maxPage, theurl, "", ""); request.setAttribute("multi", multi); request.setAttribute("list", list); } else { view = "store"; String order = request.getParameter("order"); if (order != null) { order = order.trim(); } order = "hot".equals(order) ? order : "default"; Map<String, String> orders = new HashMap<String, String>(); orders.put(order, " class=\"active\""); request.setAttribute("orders", orders); List<Map<String, Object>> query; Map<String, Map<String, Object>> magics = new HashMap<String, Map<String, Object>>(); List<String> ids = null; Map<String, Map<String, Object>> list = new LinkedHashMap<String, Map<String, Object>>(); String[] blacklist = { "coupon" }; if (!mid.equals("")) { magics.put(mid, magic); ids = new ArrayList<String>(1); ids.add(mid); } else { String orderby = order.equals("hot") ? "" : " ORDER BY displayorder"; query = dataBaseService.executeQuery("SELECT * FROM sns_magic" + orderby); String tempS; Pattern pattern = Pattern.compile(","); ids = new ArrayList<String>(query.size()); for (Map<String, Object> value : query) { if ((Integer) value.get("close") == 1 || Common.in_array(blacklist, value.get("mid"))) { continue; } tempS = (String) value.get("forbiddengid"); if (tempS != null) { value.put("forbiddengid", pattern.split(tempS)); } else { value.put("forbiddengid", new String[0]); } tempS = (String) value.get("mid"); magics.put(tempS, value); ids.add(tempS); } } if (Common.empty(magics)) { return showMessage(request, response, "magic_store_is_closed"); } String orderby = order.equals("hot") ? " ORDER BY sellcount DESC" : ""; query = dataBaseService.executeQuery( "SELECT * FROM sns_magicstore WHERE mid IN (" + Common.sImplode(ids) + ")" + orderby); String[] oldids = new String[query.size()]; int ti = 0; int providecount; String ts; for (Map<String, Object> value : query) { ts = (String) value.get("mid"); list.put(ts, value); oldids[ti++] = ts; providecount = (Integer) magics.get(ts).get("providecount"); if ((Integer) value.get("storage") < providecount && (Integer) value.get("lastprovide") + (Integer) magics.get(ts).get("provideperoid") < timestamp) { dataBaseService.execute("UPDATE sns_magicstore SET storage = '" + providecount + "', lastprovide = '" + timestamp + "' WHERE mid = '" + ts + "'"); list.get(ts).put("storage", providecount); } } List<String> newids = new ArrayList<String>(); for (String id : ids) { if (!Common.in_array(oldids, id)) { newids.add(id); } } int newidsSize = newids.size(); if (newidsSize > 0) { String[] inserts = new String[newidsSize]; ti = 0; StringBuilder builder = new StringBuilder(); Map<String, Object> listValue; for (String id : newids) { builder.delete(0, builder.length()); builder.append("('"); builder.append(id); builder.append("', '"); builder.append(magics.get(id).get("providecount")); builder.append("', '"); builder.append(timestamp); builder.append("')"); inserts[ti++] = builder.toString(); listValue = new HashMap<String, Object>(); listValue.put("mid", id); listValue.put("storage", magics.get(id).get("providecount")); listValue.put("lastprovide", timestamp); list.put(id, listValue); } dataBaseService.execute("INSERT INTO sns_magicstore (mid, storage, lastprovide) VALUES " + Common.implode(inserts, ",")); } if (order.equals("default")) { Map<String, Map<String, Object>> tempMap = new LinkedHashMap<String, Map<String, Object>>(); for (String id : ids) { tempMap.put(id, list.get(id)); } list = tempMap; } request.setAttribute("space", space); request.setAttribute("blacklist", blacklist); request.setAttribute("magics", magics); request.setAttribute("mid", mid); request.setAttribute("list", list); } Map<String, String> actives = new HashMap<String, String>(); actives.put(view, " class=\"active\""); request.setAttribute("actives", actives); } request.setAttribute("op", op); return include(request, response, sConfig, sGlobal, "cp_magic.jsp"); } public ActionForward cp_mtag(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<Object, Map<String, Object>> profields = new HashMap<Object, Map<String, Object>>(); List<Map<String, Object>> profieldList = dataBaseService .executeQuery("SELECT * FROM sns_profield ORDER BY displayorder"); if (profieldList.size() > 0) { Map<Object, Object> textList = new LinkedHashMap<Object, Object>(); List<Map<String, Object>> choiceList = new ArrayList<Map<String, Object>>(); for (Map<String, Object> profield : profieldList) { if ("text".equals(profield.get("formtype"))) { textList.put(profield.get("fieldid"), profield.get("title")); } else { String[] choice = ((String) profield.get("choice")).split("\n"); int size = choice.length; for (int i = 0; i < size; i++) { choice[i] = choice[i].trim(); } profield.put("choice", choice); choiceList.add(profield); } profields.put(profield.get("fieldid"), profield); } request.setAttribute("textList", textList); request.setAttribute("choiceList", choiceList); } int supe_uid = (Integer) sGlobal.get("supe_uid"); String supe_username = (String) sGlobal.get("supe_username"); int timestamp = (Integer) sGlobal.get("timestamp"); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); String op = request.getParameter("op"); String subop = request.getParameter("subop"); if ("manage".equals(op)) { if (Common.empty(subop)) { subop = "base"; } boolean managemtag = false; int tagId = Common.intval(request.getParameter("tagid")); try { Map<String, Object> mtag = Common.getMtag(request, response, supe_uid, tagId); int grade = (Integer) mtag.get("grade"); if (submitCheck(request, "invitesubmit") || "invite".equals(subop)) { if (Common.empty(mtag.get("allowinvite"))) { return showMessage(request, response, "no_privilege"); } } else { if (grade < 8) { return showMessage(request, response, "no_privilege"); } } if (submitCheck(request, "basesubmit")) { Map<String, Object> setData = new HashMap<String, Object>(); if (grade == 9) { Map<String, Object> field = profields.get(mtag.get("fieldid")); setData.put("joinperm", Common.empty(field.get("manualmember")) ? 0 : Common.intval(request.getParameter("joinperm"))); setData.put("viewperm", Common.intval(request.getParameter("viewperm"))); setData.put("threadperm", Common.intval(request.getParameter("threadperm"))); setData.put("postperm", Common.intval(request.getParameter("postperm"))); setData.put("closeapply", Common.intval(request.getParameter("closeapply"))); } setData.put("pic", mainService.getPicUrlt(request.getParameter("pic"), 150)); setData.put("announcement", Common.getStr(request.getParameter("announcement"), 5000, true, true, true, 1, 0, request, response)); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("tagid", tagId); dataBaseService.updateTable("sns_mtag", setData, whereData); return showMessage(request, response, "do_success", "main.action?ac=mtag&op=manage&tagid=" + tagId + "&subop=" + subop); } else if (submitCheck(request, "memberssubmit")) { int newGrade = Common.intval(request.getParameter("newGrade")); String[] ids = request.getParameterValues("ids"); String result = mtag_manageMember(request, response, sGlobal, mtag, ids, newGrade); if (result != null) { return showMessage(request, response, result); } return showMessage(request, response, "do_success", "main.action?ac=mtag&op=manage&tagid=" + tagId + "&subop=" + subop + "&grade=" + request.getParameter("grade")); } else if (submitCheck(request, "invitesubmit")) { String[] ids = request.getParameterValues("ids"); if (ids != null) { List<String> haves = null; List<String> uids = dataBaseService.executeQuery("SELECT uid FROM sns_tagspace WHERE tagid=" + tagId + " AND uid IN (" + Common.sImplode(ids) + ")", 1); if (uids.size() > 0) { haves = new ArrayList<String>(); for (String uid : uids) { haves.add(uid); } } List<String> nones = new ArrayList<String>(); for (String id : ids) { if (!Common.in_array(haves, id)) { nones.add(id); } } if (nones.size() > 0) { List<Map<String, Object>> friends = dataBaseService .executeQuery("SELECT * FROM sns_friend WHERE uid='" + supe_uid + "' AND fuid IN (" + Common.sImplode(nones) + ") AND status='1'"); if (friends.size() > 0) { List<Object> toUids = new ArrayList<Object>(); List<String> inserts = new ArrayList<String>(); for (Map<String, Object> friend : friends) { toUids.add(friend.get("fuid")); inserts.add("('" + friend.get("fuid") + "', " + tagId + ", " + supe_uid + ", '" + supe_username + "', " + timestamp + ")"); } if (toUids.size() > 0) { dataBaseService.executeUpdate( "UPDATE sns_space SET mtaginvitenum=mtaginvitenum+1 WHERE uid IN (" + Common.sImplode(toUids) + ")"); dataBaseService.executeUpdate( "REPLACE INTO sns_mtaginvite (uid,tagid,fromuid,fromusername,dateline) VALUES " + Common.implode(inserts, ",")); } } } } return showMessage(request, response, "do_success", "main.action?ac=mtag&op=manage&tagid=" + tagId + "&subop=invite&page=" + request.getParameter("page") + "&group=" + request.getParameter("group") + "&start=" + request.getParameter("start")); } else if (submitCheck(request, "membersubmit")) { int newGrade = Common.intval(request.getParameter("newGrade")); String result = mtag_manageMember(request, response, sGlobal, mtag, request.getParameterValues("uid"), newGrade); if (result != null) { return showMessage(request, response, result); } return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } if ("member".equals(subop)) { int uid = Common.intval(request.getParameter("uid")); List<String> grades = dataBaseService .executeQuery("SELECT grade FROM sns_tagspace WHERE tagid='" + request.getParameter("tagid") + "' AND uid='" + uid + "' LIMIT 1", 1); if (grades.size() > 0) { String gradeSelect = "grade" + grades.get(0); request.setAttribute(gradeSelect.replace("-", "_"), " selected"); } } else if ("members".equals(subop)) { int perPage = 24; int start = Common.intval(request.getParameter("start")); int maxPage = (Integer) sConfig.get("maxpage"); String result = Common.ckStart(start, perPage, maxPage); if (result != null) { return showMessage(request, response, result); } request.setAttribute("start", start); String key = Common.stripSearchKey(request.getParameter("key")); String whereSQL = Common.empty(key) ? "" : " AND username LIKE '%" + key + "%' "; int inputGrade = Common.intval(request.getParameter("grade")); List<Map<String, Object>> tagSpaces = dataBaseService .executeQuery("SELECT * FROM sns_tagspace WHERE tagid=" + tagId + " AND grade=" + inputGrade + " " + whereSQL + " LIMIT " + start + "," + perPage); int count = tagSpaces.size(); request.setAttribute("tagSpaces", tagSpaces); request.setAttribute("multi", Common.smulti(sGlobal, start, perPage, count, "main.action?ac=mtag&op=manage&tagid=" + tagId + "&subop=members&grade=" + inputGrade + "&key=" + key, null)); request.setAttribute("tagId", tagId); request.setAttribute("grade", inputGrade); } else if ("invite".equals(subop)) { int perPage = 10; int page = Common.intval(request.getParameter("page")); if (page < 1) { page = 1; } request.setAttribute("page", page); int start = (page - 1) * perPage; int maxPage = (Integer) sConfig.get("maxpage"); String result = Common.ckStart(start, perPage, maxPage); if (result != null) { return showMessage(request, response, result); } String key = Common.stripSearchKey(request.getParameter("key")); String whereSQL = Common.empty(key) ? "" : " AND fusername LIKE '%" + key + "%'"; String group = request.getParameter("group"); int gid = group == null ? -1 : Common.intval(group); if (gid >= 0) { whereSQL += " AND gid='" + gid + "'"; } request.setAttribute("gid", gid); int count = dataBaseService.findRows("SELECT COUNT(*) FROM sns_friend WHERE uid='" + supe_uid + "' AND status='1' " + whereSQL); if (count > 0) { List<Map<String, Object>> friends = dataBaseService.executeQuery( "SELECT * FROM sns_friend WHERE uid='" + supe_uid + "' AND status='1' " + whereSQL + " ORDER BY num DESC, dateline DESC LIMIT " + start + "," + perPage); if (friends.size() > 0) { List<Integer> fuids = new ArrayList<Integer>(); for (Map<String, Object> friend : friends) { int fuid = (Integer) friend.get("fuid"); fuids.add(fuid); } request.setAttribute("friends", friends); Map<Integer, Integer> joins = new HashMap<Integer, Integer>(); String uids = Common.sImplode(fuids); List<Map<String, Object>> tagSpaces = dataBaseService .executeQuery("SELECT uid FROM sns_tagspace WHERE tagid='" + tagId + "' AND uid IN (" + uids + ")"); for (Map<String, Object> tagSpace : tagSpaces) { int uid = (Integer) tagSpace.get("uid"); joins.put(uid, uid); } List<Map<String, Object>> mtagInvites = dataBaseService .executeQuery("SELECT uid FROM sns_mtaginvite WHERE tagid='" + tagId + "' AND uid IN (" + uids + ")"); for (Map<String, Object> mtagInvite : mtagInvites) { int uid = (Integer) mtagInvite.get("uid"); joins.put(uid, uid); } request.setAttribute("joins", joins); } String multi = Common.multi(request, count, perPage, page, maxPage, "main.action?ac=mtag&op=manage&tagid=" + tagId + "&subop=invite&group=" + group + "&key=" + key, null, null); request.setAttribute("multi", multi); } request.setAttribute("groups", Common.getFriendGroup(request)); } else { Map<String, Object> field = profields.get(mtag.get("fieldid")); request.setAttribute("field", field); mtag.put("announcement", BBCode.html2bbcode((String) mtag.get("announcement"))); request.setAttribute("joinPerm_" + mtag.get("joinperm"), " selected"); request.setAttribute("viewPerm_" + mtag.get("viewperm"), " selected"); request.setAttribute("threadPerm_" + mtag.get("threadperm"), " selected"); request.setAttribute("postPerm_" + mtag.get("postperm"), " selected"); request.setAttribute("closeApply_" + mtag.get("closeapply"), " checked"); } request.setAttribute("active_" + subop, " class=\"active\""); request.setAttribute("mtag", mtag); } catch (Exception e) { return showMessage(request, response, e.getMessage()); } } else if ("join".equals(op)) { int tagId = Common.intval(request.getParameter("tagid")); try { if (submitCheck(request, "joinsubmit")) { Object result = mtag_join(request, profields, "tagid", String.valueOf(tagId), 0); if (Common.empty(result)) { return showMessage(request, response, "mtag_join_error"); } else { if (result instanceof MessageVO) { return showMessage(request, response, (MessageVO) result); } Map<String, Object> mtag = (Map<String, Object>) result; return showMessage(request, response, "join_success", "zone.action?uid=" + supe_uid + "&do=mtag&tagid=" + mtag.get("tagid"), 0); } } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("tagId", tagId); } else if ("out".equals(op)) { int tagId = Common.intval(request.getParameter("tagid")); try { if (submitCheck(request, "outsubmit")) { if (tagId > 0) { Map<String, Object> mtag = Common.getMtag(request, response, supe_uid, tagId); if (!Common.empty(mtag)) { if (((Integer) mtag.get("joinperm") > 0 || (Integer) mtag.get("viewperm") > 0) && (Integer) mtag.get("grade") == 9) { int count = dataBaseService .findRows("SELECT COUNT(*) FROM sns_tagspace WHERE tagid='" + tagId + "' AND grade='9'"); if (count < 2) { return showMessage(request, response, "failure_to_withdraw_from_group"); } } if ((Integer) mtag.get("grade") != -9) { mtag_out(tagId, supe_uid); } } } return showMessage(request, response, "do_success", "zone.action?do=mtag"); } } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } request.setAttribute("tagId", tagId); } else if ("mtaginvite".equals(op)) { List<Map<String, Object>> invites = dataBaseService.executeQuery( "SELECT mtag.*, i.* FROM sns_mtaginvite i LEFT JOIN sns_mtag mtag ON mtag.tagid=i.tagid WHERE i.uid='" + supe_uid + "' ORDER BY i.dateline DESC"); int count = invites.size(); if (count > 0) { for (Map<String, Object> invite : invites) { invite.put("title", profields.get(invite.get("fieldid")).get("title")); if (Common.empty(invite.get("pic"))) { invite.put("pic", "image/nologo.jpg"); } invite.put("dateline", Common.sgmdate(request, "yyyy-MM-dd HH:mm", (Integer) invite.get("dateline"), true)); } request.setAttribute("invites", invites); } if (count != (Integer) space.get("mtaginvitenum")) { dataBaseService.executeUpdate( "UPDATE sns_space SET mtaginvitenum=" + count + " WHERE uid='" + space.get("uid") + "'"); } } else if ("inviteconfirm".equals(op)) { int tagId = Common.intval(request.getParameter("tagid")); if (tagId > 0 && !Common.empty(request.getParameter("r"))) { int count = dataBaseService.findRows( "SELECT COUNT(*) FROM sns_tagspace WHERE tagid=" + tagId + " AND uid=" + supe_uid); if (count == 0) { List<Map<String, Object>> invites = dataBaseService.executeQuery( "SELECT * FROM sns_mtaginvite WHERE tagid=" + tagId + " AND uid=" + supe_uid); if (invites.size() > 0) { Map<String, Object> invite = invites.get(0); Map<String, Object> mtag = null; try { mtag = Common.getMtag(request, response, supe_uid, tagId); } catch (Exception e) { return showMessage(request, response, e.getMessage()); } int fieldId = (Integer) mtag.get("fieldid"); Map<String, Object> field = (Map<String, Object>) mtag.get("field"); int maxInputNum = 0; String formType = (String) field.get("formtype"); if ("text".equals(formType) || "multi".equals(formType)) { maxInputNum = (Integer) field.get("inputnum"); } else if ("select".equals(formType)) { maxInputNum = 1; } if (maxInputNum > 0) { int myInputNum = dataBaseService.findRows("SELECT COUNT(*) FROM sns_tagspace ts, " + " sns_mtag mtag WHERE ts.tagid=mtag.tagid AND ts.uid=" + supe_uid + " AND mtag.fieldid=" + fieldId); if (myInputNum >= maxInputNum) { return showMessage(request, response, "mtag_join_field_error", null, 1, new String[] { (String) field.get("title"), String.valueOf(maxInputNum) }); } } Map<String, Object> insertData = new HashMap<String, Object>(); insertData.put("tagid", tagId); insertData.put("uid", supe_uid); insertData.put("username", supe_username); dataBaseService .executeUpdate("UPDATE sns_mtag SET membernum=membernum+1 WHERE tagid=" + tagId); dataBaseService.insertTable("sns_tagspace", insertData, false, true); if (Common.ckPrivacy(sGlobal, sConfig, space, "mtag", 1)) { Map<String, String> title_data = new HashMap<String, String>(); title_data.put("mtag", "<a href=\"zone.action?do=mtag&tagid=" + tagId + "\">" + mtag.get("tagname") + "</a>"); title_data.put("field", "<a href=\"zone.action?do=mtag&id=" + mtag.get("fieldid") + "\">" + mtag.get("title") + "</a>"); title_data.put("fromusername", "<a href=\"zone.action?uid=" + invite.get("fromuid") + "\">" + sNames.get(invite.get("fromuid")) + "</a>"); mainService.addFeed(sGlobal, "mtag", Common.getMessage(request, "cp_feed_mtag_join_invite"), title_data, "", null, "", null, null, "", 0, 0, 0, "", false); } dataBaseService.executeUpdate( "DELETE FROM sns_mtaginvite WHERE tagid=" + tagId + " AND uid=" + supe_uid); int mtagInviteNum = (Integer) space.get("mtaginvitenum"); if (mtagInviteNum > 0) { dataBaseService.executeUpdate("UPDATE sns_space SET mtaginvitenum=" + (mtagInviteNum - 1) + " WHERE uid='" + space.get("uid") + "'"); } return showMessage(request, response, "invite_mtag_ok", null, 1, new String[] { String.valueOf(tagId) }); } } } if (tagId > 0) { dataBaseService .executeUpdate("DELETE FROM sns_mtaginvite WHERE tagid=" + tagId + " AND uid=" + supe_uid); int mtagInviteNum = (Integer) space.get("mtaginvitenum"); if (mtagInviteNum > 0) { dataBaseService.executeUpdate("UPDATE sns_space SET mtaginvitenum=" + (mtagInviteNum - 1) + " WHERE uid='" + space.get("uid") + "'"); } return showMessage(request, response, "invite_mtag_cancel"); } else if (tagId == 0) { dataBaseService.executeUpdate("DELETE FROM sns_mtaginvite WHERE uid=" + supe_uid); dataBaseService .executeUpdate("UPDATE sns_space SET mtaginvitenum=0 WHERE uid='" + space.get("uid") + "'"); return showMessage(request, response, "do_success", "main.action?ac=mtag&op=mtaginvite", 0); } return showMessage(request, response, "invite_mtag_cancel", "main.action?ac=mtag&op=mtaginvite", 0); } else if ("apply".equals(op)) { int tagId = Common.intval(request.getParameter("tagid")); try { if (tagId > 0 && submitCheck(request, "pmsubmit")) { String message = request.getParameter("message"); if (Common.empty(message)) { return showMessage(request, response, "fill_out_the_grounds_for_the_application"); } Map<String, Object> mtag = Common.getMtag(request, response, supe_uid, tagId); String mtagUrl = "main.action?ac=mtag&tagid=" + tagId + "&op=manage&subop=members&key=" + supe_username; message = Common.getStr(message, 0, true, true, true, 0, 0, request, response); message = Common .addSlashes(Common.stripSlashes(Common.getMessage(request, "cp_apply_mtag_manager", new String[] { mtagUrl, (String) mtag.get("tagname"), message }))); List<String> uids = dataBaseService.executeQuery( "SELECT uid FROM sns_tagspace WHERE tagid=" + tagId + " AND grade > 8 LIMIT 0 , 5", 1); if (uids.isEmpty()) { List<String> gids = dataBaseService .executeQuery("SELECT gid FROM sns_usergroup WHERE managemtag='1'", 1); if (gids.size() > 0) { uids = dataBaseService.executeQuery("SELECT uid FROM sns_space WHERE groupid IN (" + Common.sImplode(gids) + ") LIMIT 0 , 5", 1); } } if (!uids.isEmpty()) { List<String> notes = new ArrayList<String>(); for (String uid : uids) { notes.add("(" + uid + ", 'mtag', 1, " + supe_uid + ", '" + supe_username + "', '" + message + "', " + timestamp + ")"); } dataBaseService.executeUpdate( "INSERT INTO sns_notification (uid, type, new, authorid, author, note, dateline) values " + Common.implode(notes, ",")); dataBaseService.executeUpdate("UPDATE sns_space SET notenum=notenum+1 WHERE uid IN (" + Common.sImplode(uids) + ")"); } return showMessage(request, response, "do_success"); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("tagId", tagId); } else { if (!Common.checkPerm(request, response, "allowmtag")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } mainService.checkRealName(request, "thread"); mainService.checkVideoPhoto(request, response, "thread"); mainService.checkNewUser(request, response); try { if (submitCheck(request, "textsubmit")) { String tagName = Common.getStr(request.getParameter("tagname"), 40, true, true, true, 0, 0, request, response); int fieldId = Common.intval(request.getParameter("fieldid")); Map<String, Object> profield = profields.get(fieldId); if (Common.empty(profield) || !"text".equals(profield.get("formtype"))) { return showMessage(request, response, "mtag_fieldid_does_not_exist"); } if (Common.strlen(tagName) < 2) { return showMessage(request, response, "mtag_tagname_error"); } if (Common.empty(request.getParameter("joinmode"))) { String newTagName = Common.stripSlashes(tagName); List<Map<String, Object>> mtags = dataBaseService .executeQuery("SELECT * FROM sns_mtag WHERE tagname='" + tagName + "' AND fieldid='" + fieldId + "'"); if (mtags.size() == 0) { String key = Common.stripSearchKey(tagName); List<Map<String, Object>> likemtags = dataBaseService .executeQuery("SELECT * FROM sns_mtag WHERE tagname LIKE '%" + key + "%' ORDER BY membernum DESC LIMIT 0,20"); request.setAttribute("likemtags", likemtags); } else { Map<String, Object> findmtag = mtags.get(0); if (Common.empty(findmtag.get("pid"))) { findmtag.put("pic", "image/nologo.jpg"); } request.setAttribute("findmtag", findmtag); } request.setAttribute("fieldId", fieldId); request.setAttribute("newTagName", newTagName); request.setAttribute("profield", profield); request.setAttribute("op", "confirm"); request.setAttribute("subop", subop); return include(request, response, sConfig, sGlobal, "cp_mtag.jsp"); } else { Object result = mtag_join(request, profields, "tagname", Common.stripSlashes(tagName), fieldId); if (Common.empty(result)) { return showMessage(request, response, "mtag_join_error"); } else { if (result instanceof MessageVO) { return showMessage(request, response, (MessageVO) result); } Map<String, Object> mtag = (Map<String, Object>) result; return showMessage(request, response, "join_success", "zone.action?uid=" + supe_uid + "&do=mtag&tagid=" + mtag.get("tagid"), 0); } } } else if (submitCheck(request, "choicesubmit")) { List<Map<String, Object>> mtags = new ArrayList<Map<String, Object>>(); Map<String, String[]> params = request.getParameterMap(); Set<String> keys = params.keySet(); for (String key : keys) { if (key.startsWith("tagname_")) { int fieldId = Common.intval(key.substring(8)); Map<String, Object> profield = profields.get(fieldId); String formType = (String) profield.get("formtype"); if ("multi".equals(formType) || "select".equals(formType)) { String[] values = params.get(key); if (values != null && values.length > 0) { for (String value : values) { value = Common.stripSlashes(value); if (Common.in_array(profield.get("choice"), value)) { Object result = mtag_join(request, profields, "tagname", value, fieldId); if (!Common.empty(result)) { if (result instanceof MessageVO) { return showMessage(request, response, (MessageVO) result); } mtags.add((Map<String, Object>) result); } } } } } else { continue; } } } if (mtags.isEmpty()) { return showMessage(request, response, "do_success", "main.action?ac=mtag"); } else { request.setAttribute("op", "multiresult"); request.setAttribute("subop", subop); request.setAttribute("mtags", mtags); return include(request, response, sConfig, sGlobal, "cp_mtag.jsp"); } } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } List<Map<String, Object>> mtags = dataBaseService.executeQuery( "SELECT mtag.tagname, mtag.fieldid FROM sns_tagspace main LEFT JOIN sns_mtag mtag ON mtag.tagid=main.tagid WHERE main.uid=" + supe_uid); if (mtags.size() > 0) { Map<Object, List<Object>> exist_mtags = new HashMap<Object, List<Object>>(); for (Map<String, Object> mtag : mtags) { Object fieldId = mtag.get("fieldid"); List<Object> tagNames = exist_mtags.get(fieldId); if (tagNames == null) { tagNames = new ArrayList<Object>(); } tagNames.add(mtag.get("tagname")); exist_mtags.put(fieldId, tagNames); } request.setAttribute("exist_mtags", exist_mtags); } } request.setAttribute("op", op); request.setAttribute("subop", subop); return include(request, response, sConfig, sGlobal, "cp_mtag.jsp"); } private Object mtag_join(HttpServletRequest request, Map<Object, Map<String, Object>> profields, String type, String key, int fieldId) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); Map<String, Object> mtag = new HashMap<String, Object>(); key = Common.addSlashes(key); int haveJoin = 0; String whereSQL = null; if ("tagid".equals(type)) { whereSQL = "main.tagid='" + key + "'"; } else { if (Common.strlen(key) < 2) { return new MessageVO("mtag_tagname_error"); } whereSQL = "main.tagname='" + key + "' AND main.fieldid='" + fieldId + "'"; } int tagId = 0; List<Map<String, Object>> mtags = dataBaseService .executeQuery("SELECT * FROM sns_mtag main WHERE " + whereSQL + " LIMIT 1"); if (mtags.size() > 0) { mtag = mtags.get(0); tagId = (Integer) mtag.get("tagid"); fieldId = (Integer) mtag.get("fieldid"); haveJoin = dataBaseService.findRows("SELECT COUNT(*) FROM sns_tagspace WHERE tagid = " + mtag.get("tagid") + " AND uid = " + sGlobal.get("supe_uid")); } else if ("tagid".equals(type)) { return mtag; } else { mtag.put("tagname", key); mtag.put("fieldid", fieldId); mtag.put("membernum", 0); mtag.put("threadnum", 0); mtag.put("postnum", 0); mtag.put("close", 0); mtag.put("announcement", ""); mtag.put("pic", ""); mtag.put("closeapply", 0); mtag.put("joinperm", 0); mtag.put("viewperm", 0); mtag.put("threadperm", 0); mtag.put("postperm", 0); mtag.put("recommend", 0); mtag.put("moderator", ""); tagId = dataBaseService.insertTable("sns_mtag", mtag, true, false); mtag.put("tagid", tagId); } Map<String, Object> field = profields.get(fieldId); mtag.put("title", field.get("title")); if (haveJoin > 0) { return mtag; } int maxInputNum = 0; String formType = (String) field.get("formtype"); if ("text".equals(formType) || "multi".equals(formType)) { maxInputNum = (Integer) field.get("inputnum"); } else if ("select".equals(formType)) { maxInputNum = 1; } if (maxInputNum > 0) { int myInputNum = dataBaseService.findRows( "SELECT COUNT(*) FROM sns_tagspace ts, sns_mtag mtag WHERE ts.tagid=mtag.tagid AND ts.uid='" + sGlobal.get("supe_uid") + "' AND mtag.fieldid='" + fieldId + "'"); if (myInputNum >= maxInputNum) { MessageVO messageVO = new MessageVO("mtag_join_field_error"); messageVO.setArgs(field.get("title"), maxInputNum); return messageVO; } } Map<String, Object> insertData = new HashMap<String, Object>(); insertData.put("tagid", tagId); insertData.put("uid", sGlobal.get("supe_uid")); insertData.put("username", sGlobal.get("supe_username")); int joinPerm = (Integer) mtag.get("joinperm"); int grade = 0; if (joinPerm == 2) { return null; } else if (joinPerm == 1) { grade = -2; } else { int modCount = dataBaseService .findRows("SELECT COUNT(*) FROM sns_tagspace WHERE tagid='" + tagId + "' AND grade>=8"); if (modCount > 0) { grade = 0; } else if ((Integer) field.get("manualmoderator") == 0) { grade = 9; } if (Common.ckPrivacy(sGlobal, sConfig, space, "mtag", 1)) { Map<String, String> title_data = new HashMap<String, String>(); title_data.put("mtag", "<a href=\"zone.action?do=mtag&tagid=" + tagId + "\">" + mtag.get("tagname") + "</a>"); title_data.put("field", "<a href=\"zone.action?do=mtag&id=" + mtag.get("fieldid") + "\">" + mtag.get("title") + "</a>"); mainService.addFeed(sGlobal, "mtag", Common.getMessage(request, "cp_feed_mtag_join"), title_data, "", null, "", null, null, "", 0, 0, 0, "", false); } } insertData.put("grade", grade); mtag.put("grade", grade); dataBaseService.executeUpdate("UPDATE sns_mtag SET membernum=membernum+1 WHERE tagid='" + tagId + "'"); dataBaseService.insertTable("sns_tagspace", insertData, false, true); mtag.put("membernum", (Integer) mtag.get("membernum") + 1); return mtag; } private void mtag_out(int tagId, Object uids) { dataBaseService.executeUpdate( "DELETE FROM sns_tagspace WHERE tagid=" + tagId + " AND uid IN (" + Common.sImplode(uids) + ")"); int count = dataBaseService.findRows("SELECT COUNT(*) FROM sns_tagspace WHERE tagid=" + tagId); if (count > 0) { dataBaseService.executeUpdate("UPDATE sns_mtag SET membernum=" + count + " WHERE tagid=" + tagId); } else { dataBaseService.executeUpdate("DELETE FROM sns_tagspace WHERE tagid=" + tagId); dataBaseService.executeUpdate("DELETE FROM sns_mtag WHERE tagid=" + tagId); dataBaseService.executeUpdate("DELETE FROM sns_thread WHERE tagid=" + tagId); dataBaseService.executeUpdate("DELETE FROM sns_post WHERE tagid=" + tagId); dataBaseService.executeUpdate("DELETE FROM sns_mtaginvite WHERE tagid=" + tagId); dataBaseService.executeUpdate("DELETE FROM sns_report WHERE id=" + tagId + " AND idtype='tagid'"); } } private String mtag_manageMember(HttpServletRequest request, HttpServletResponse response, Map<String, Object> sGlobal, Map<String, Object> mtag, String[] uids, int newGrade) { if (Common.empty(uids)) { return null; } boolean managemtag = Common.checkPerm(request, response, "managemtag"); int grade = (Integer) mtag.get("grade"); int tagId = (Integer) mtag.get("tagid"); if (grade < 9 && newGrade >= 8 && !managemtag) { return "no_privilege"; } int supe_uid = (Integer) sGlobal.get("supe_uid"); List<Integer> newUids = new ArrayList<Integer>(); List<Map<String, Object>> tagSpaces = dataBaseService.executeQuery( "SELECT * FROM sns_tagspace WHERE tagid=" + tagId + " AND uid IN (" + Common.sImplode(uids) + ")"); for (Map<String, Object> tagSpace : tagSpaces) { int uid = (Integer) tagSpace.get("uid"); if ((Integer) tagSpace.get("grade") < 8 || (grade == 9 && uid != supe_uid) || managemtag) { newUids.add(uid); } } if (Common.empty(newUids)) { return "mtag_managemember_no_privilege"; } String note_msg = Common.addSlashes(Common.getMessage(request, "cp_note_members_grade_" + newGrade, mtag.get("tagid").toString(), (String) mtag.get("tagname"))); List<Integer> n_uids = new ArrayList<Integer>(); List<String> notes = new ArrayList<String>(); int timestamp = (Integer) sGlobal.get("timestamp"); for (int uid : newUids) { if (uid != supe_uid) { n_uids.add(uid); notes.add("(" + uid + ", 'mtag', 1, " + supe_uid + ", '" + sGlobal.get("supe_username") + "', '" + note_msg + "', " + timestamp + ")"); } } if (n_uids.size() > 0) { dataBaseService.executeUpdate( "INSERT INTO sns_notification (uid, type, new, authorid, author, note, dateline) VALUES " + Common.implode(notes, ",")); dataBaseService.executeUpdate( "UPDATE sns_space SET notenum=notenum+1 WHERE uid IN (" + Common.sImplode(n_uids) + ")"); } if (newGrade == -9) { mtag_out(tagId, newUids); } else { dataBaseService.executeUpdate("UPDATE sns_tagspace SET grade='" + newGrade + "' WHERE tagid=" + tagId + " AND uid IN (" + Common.sImplode(newUids) + ")"); } return null; } public ActionForward cp_password(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); try { if (submitCheck(request, "pwdsubmit")) { String oldPassword = request.getParameter("password"); String newPassword1 = request.getParameter("newpasswd1"); String newPassword2 = request.getParameter("newpasswd2"); if (newPassword1.equals(newPassword2) == false) { return showMessage(request, response, "password_inconsistency"); } if (newPassword1.equals(Common.addSlashes(newPassword1)) == false || newPassword1.trim().equals("")) { return showMessage(request, response, "profile_passwd_illegal"); } String userName = (String) sGlobal.get("supe_username"); List<Map<String, Object>> members = dataBaseService .executeQuery("SELECT * FROM sns_member WHERE username = '" + userName + "'"); if (members.isEmpty()) { return showMessage(request, response, "to_login", "operate.action?ac=" + sConfig.get("login_action")); } Map<String, Object> member = members.get(0); oldPassword = Common.md5(Common.md5(oldPassword) + member.get("salt")); if (oldPassword.equals(member.get("password")) == false) { return showMessage(request, response, "old_password_invalid"); } newPassword1 = Common.md5(Common.md5(newPassword1) + member.get("salt")); dataBaseService.executeUpdate( "UPDATE sns_member SET password='" + newPassword1 + "' WHERE username='" + userName + "'"); CookieHelper.clearCookie(request, response); return showMessage(request, response, "getpasswd_succeed", "operate.action?ac=" + sConfig.get("login_action")); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } return include(request, response, sConfig, sGlobal, "cp_password.jsp"); } public ActionForward cp_pm(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int pmid = Common.intval(request.getParameter("pmid")); int uid = Common.intval(request.getParameter("uid")); int toUid = 0; if (uid > 0) { if (uid == (Integer) sGlobal.get("supe_uid")) { return showMessage(request, response, "not_to_their_own_greeted_send"); } toUid = uid; } else { toUid = Common.intval(request.getParameter("touid")); } String op = request.getParameter("op"); if ("checknewpm".equals(op)) { if (!Common.empty(sGlobal.get("supe_uid"))) { int newpm = dataBaseService .findRows("SELECT COUNT(*) FROM sns_newpm WHERE uid='" + sGlobal.get("supe_uid") + "'"); if (newpm > 0) { newpm = dataBaseService.findRows( "SELECT COUNT(*) FROM sns_pms WHERE (related='0' AND msgfromid>'0' OR msgfromid='0') AND msgtoid='" + sGlobal.get("supe_uid") + "' AND folder='inbox' AND new='1'"); } Map<String, Object> member = (Map<String, Object>) sGlobal.get("member"); if (member != null) { if ((Integer) member.get("newpm") != newpm) { dataBaseService.executeUpdate("UPDATE sns_space SET newpm='" + newpm + "' AND uid='" + sGlobal.get("supe_uid") + "'"); } } } CookieHelper.setCookie(request, response, "checkpm", "1", 30); return null; } else if ("delete".equals(op)) { String folder = "inbox".equals(request.getParameter("folder")) ? "inbox" : "outbox"; try { if (submitCheck(request, "deletesubmit")) { int affectedRows = dataBaseService.executeUpdate("DELETE FROM sns_pms WHERE msgtoid='" + sGlobal.get("supe_uid") + "' AND pmid='" + pmid + "'"); if (affectedRows > 0) { return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } else { return showMessage(request, response, "this_message_could_not_be_deleted"); } } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("folder", folder); } else if ("send".equals(op)) { int waitTime = Common.checkInterval(request, response, "post"); if (waitTime > 0) { return showMessage(request, response, "operating_too_fast", null, 1, new String[] { waitTime + "" }); } int result = mainService.checkNewUser(request, response); switch (result) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } if (toUid > 0) { if (mainService.isBlackList(toUid, (Integer) sGlobal.get("supe_uid")) != 0) { return showMessage(request, response, "is_blacklist"); } } Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); try { if (submitCheck(request, "pmsubmit")) { String userName = request.getParameter("username"); String message = Common.trim(request.getParameter("message")); if (Common.empty(message)) { return showMessage(request, response, "unable_to_send_air_news"); } String subject = ""; int returnPmId = 0; if (toUid > 0) { returnPmId = pmService.jcSendPm(request, response, (Integer) sGlobal.get("supe_uid"), toUid + "", subject, message, pmid, false, false); if (returnPmId > 0) { mainService.sendMail(request, response, toUid, "", Common.getMessage(request, "cp_friend_pm", new String[] { sNames.get(space.get("uid")), Common.getSiteUrl(request) + "zone.action?do=pm" }), "", "friend_pm"); PostHandler.getInstance().send(toUid, "new"); } } else if (!Common.empty(userName)) { List<String> newUsers = new ArrayList<String>(); String[] users = userName.split(","); for (String value : users) { value = value.trim(); if (!Common.empty(value)) { newUsers.add(value); } } if (newUsers.size() > 0) { returnPmId = pmService.jcSendPm(request, response, (Integer) sGlobal.get("supe_uid"), Common.implode(newUsers, ","), subject, message, pmid, true, false); } toUid = 0; if (returnPmId > 0) { List<Map<String, Object>> spaceList = dataBaseService.executeQuery( "SELECT uid FROM sns_space WHERE username IN (" + Common.sImplode(users) + ')'); for (Map<String, Object> value : spaceList) { if (toUid == 0) { toUid = (Integer) value.get("uid"); } mainService.sendMail(request, response, (Integer) value.get("uid"), "", Common.getMessage(request, "cp_friend_pm", new String[] { sNames.get(space.get("uid")), Common.getSiteUrl(request) + "zone.action?do=pm" }), "", "friend_pm"); } PostHandler.getInstance().send(toUid, "new"); } } if (returnPmId > 0) { dataBaseService.executeUpdate("UPDATE sns_space SET lastpost='" + sGlobal.get("timestamp") + "' WHERE uid='" + sGlobal.get("supe_uid") + "'"); return showMessage(request, response, "do_success", "zone.action?do=pm&filter=privatepm"); } else { if (Common.in_array(new Integer[] { -1, -2, -3, -4 }, returnPmId)) { return showMessage(request, response, "message_can_not_send" + Math.abs(returnPmId)); } else { return showMessage(request, response, "message_can_not_send"); } } } } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } } else if ("ignore".equals(op)) { try { if (submitCheck(request, "ignoresubmit")) { dataBaseService.executeUpdate("UPDATE sns_member SET blacklist='" + request.getParameter("ignorelist") + "' WHERE uid='" + sGlobal.get("supe_uid") + "'"); return showMessage(request, response, "do_success", "zone.action?do=pm&view=ignore"); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } } else { int result = mainService.checkNewUser(request, response); switch (result) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } if (!Common.checkPerm(request, response, "allowpm")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (!Common.empty(space.get("friendnum"))) { List<Map<String, Object>> friends = dataBaseService .executeQuery("SELECT fuid AS uid, fusername AS username FROM sns_friend WHERE uid=" + sGlobal.get("supe_uid") + " AND status='1' ORDER BY num DESC, dateline DESC LIMIT 0,100"); List fNamee = new ArrayList(friends.size()); for (Map<String, Object> value : friends) { value.put("username", Common.sAddSlashes(value.get("username"))); fNamee.add(value.get("username")); } request.setAttribute("friendstr", Common.implode(fNamee, ",")); request.setAttribute("friends", friends); } } request.setAttribute("touid", toUid); request.setAttribute("pmid", pmid); return include(request, response, sConfig, sGlobal, "cp_pm.jsp"); } public ActionForward cp_poke(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); int uid = Common.intval(request.getParameter("uid")); if (uid == (Integer) sGlobal.get("supe_uid")) { return showMessage(request, response, "not_to_their_own_greeted"); } String op = request.getParameter("op"); if ("send".equals(op) || "reply".equals(op)) { if (!Common.checkPerm(request, response, "allowpoke")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (!mainService.checkRealName(request, "poke")) { return showMessage(request, response, "no_privilege_realname"); } int result = mainService.checkNewUser(request, response); switch (result) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } Map<String, Object> toSpace = null; String userName = request.getParameter("username"); if (uid > 0) { toSpace = Common.getSpace(request, sGlobal, sConfig, uid); } else if (!Common.empty(userName)) { toSpace = Common.getSpace(request, sGlobal, sConfig, userName, "username", false); } if (toSpace != null && !Common.empty(toSpace.get("videostatus"))) { if (!mainService.checkVideoPhoto(request, response, "poke", toSpace)) { return showMessage(request, response, "no_privilege_videophoto"); } } if (toSpace != null && mainService.isBlackList((Integer) toSpace.get("uid"), (Integer) sGlobal.get("supe_uid")) != 0) { return showMessage(request, response, "is_blacklist"); } try { if (submitCheck(request, "pokesubmit")) { if (toSpace == null) { return showMessage(request, response, "space_does_not_exist"); } uid = (Integer) toSpace.get("uid"); if (uid == (Integer) sGlobal.get("supe_uid")) { return showMessage(request, response, "not_to_their_own_greeted"); } int oldPoke = dataBaseService.findRows("SELECT COUNT(*) FROM sns_poke WHERE uid='" + uid + "' AND fromuid='" + sGlobal.get("supe_uid") + "' LIMIT 1"); Map<String, Object> setArr = new HashMap<String, Object>(); setArr.put("uid", uid); setArr.put("fromuid", sGlobal.get("supe_uid")); setArr.put("fromusername", sGlobal.get("supe_username")); setArr.put("note", Common.getStr(request.getParameter("note"), 50, true, true, false, 0, 0, request, response)); setArr.put("dateline", sGlobal.get("timestamp")); setArr.put("iconid", Common.intval(request.getParameter("iconid"))); dataBaseService.insertTable("sns_poke", setArr, false, true); if (oldPoke == 0) { dataBaseService .executeUpdate("UPDATE sns_space SET pokenum=pokenum+1 WHERE uid='" + uid + "'"); } mainService.addFriendNum(sGlobal, (Integer) toSpace.get("uid"), (String) toSpace.get("username")); mainService.sendMail( request, response, uid, "", Common .getMessage(request, "cp_poke_subject", new String[] { sNames.get(space.get("uid")), Common.getSiteUrl(request) + "main.action?ac=poke" }), "", "poke"); if ("reply".equals(op)) { dataBaseService.executeUpdate("DELETE FROM sns_poke WHERE uid='" + sGlobal.get("supe_uid") + "' AND fromuid='" + uid + "'"); dataBaseService.executeUpdate("UPDATE sns_space SET pokenum=pokenum-1 WHERE uid='" + sGlobal.get("supe_uid") + "' AND pokenum>0"); } Common.getReward("poke", true, 0, uid + "", true, request, response); mainService.updateStat(sGlobal, sConfig, "poke", false); return showMessage(request, response, "poke_success", request.getParameter("refer"), 1, sNames.get(toSpace.get("uid"))); } } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } request.setAttribute("tospace", toSpace); } else if ("ignore".equals(op)) { String where = uid == 0 ? "" : "AND fromuid='" + uid + "'"; dataBaseService .executeUpdate("DELETE FROM sns_poke WHERE uid='" + sGlobal.get("supe_uid") + "' " + where); int pokeNum = dataBaseService .findRows("SELECT COUNT(*) FROM sns_poke WHERE uid='" + space.get("uid") + "' LIMIT 1"); if (pokeNum != (Integer) space.get("pokenum")) { dataBaseService.executeUpdate( "UPDATE sns_space SET pokenum='" + pokeNum + "' AND uid='" + space.get("uid") + "'"); } return showMessage(request, response, "has_been_hailed_overlooked"); } else { int perPage = 20; int page = Common.intval(request.getParameter("page")); if (page < 1) page = 1; int start = (page - 1) * perPage; int maxPage = (Integer) sConfig.get("maxpage"); String tempS = Common.ckStart(start, perPage, maxPage); if (tempS != null) { return showMessage(request, response, tempS); } int count = dataBaseService .findRows("SELECT COUNT(*) FROM sns_poke WHERE uid='" + space.get("uid") + "'"); if (count > 0) { List<Map<String, Object>> list = dataBaseService.executeQuery("SELECT * FROM sns_poke WHERE uid='" + space.get("uid") + "' ORDER BY dateline DESC LIMIT " + start + "," + perPage); for (Map<String, Object> value : list) { value.put("uid", value.get("fromuid")); value.put("username", value.get("fromusername")); value.put("isfriend", (value.get("uid") == space.get("uid") || (Common.in_array((String[]) space.get("friends"), value.get("uid")))) ? true : false); } request.setAttribute("list", list); } request.setAttribute("multi", Common.multi(request, count, perPage, page, maxPage, "main.action?ac=poke", null, null)); if (count != (Integer) space.get("pokenum")) { dataBaseService.executeUpdate( "UPDATE sns_space SET pokenum='" + count + "' WHERE uid='" + space.get("uid") + "'"); } } Map<Integer, String> icons = new LinkedHashMap<Integer, String>(); icons.put(0, "?"); icons.put(1, "<img src=\"image/poke/cyx.gif\" /> "); icons.put(2, "<img src=\"image/poke/wgs.gif\" /> ?"); icons.put(3, "<img src=\"image/poke/wx.gif\" /> "); icons.put(4, "<img src=\"image/poke/jy.gif\" /> "); icons.put(5, "<img src=\"image/poke/pmy.gif\" /> "); icons.put(6, "<img src=\"image/poke/yb.gif\" /> "); icons.put(7, "<img src=\"image/poke/fw.gif\" /> ?"); icons.put(8, "<img src=\"image/poke/nyy.gif\" /> "); icons.put(9, "<img src=\"image/poke/gyq.gif\" /> "); icons.put(10, "<img src=\"image/poke/dyx.gif\" /> "); icons.put(11, "<img src=\"image/poke/yw.gif\" /> ??"); icons.put(12, "<img src=\"image/poke/ppjb.gif\" /> ??"); icons.put(13, "<img src=\"image/poke/yyk.gif\" /> ?"); request.setAttribute("icons", icons); request.setAttribute("op", op); return include(request, response, sConfig, sGlobal, "cp_poke.jsp"); } public ActionForward cp_poll(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); int pid = Common.intval(request.getParameter("pid")); String op = request.getParameter("op"); Map<String, Object> poll = null; sConfig.put("maxreward", (Integer) sConfig.get("maxreward") < 2 ? 10 : sConfig.get("maxreward")); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); if (pid != 0) { List<Map<String, Object>> pollList = dataBaseService.executeQuery( "SELECT pf.*, p.* FROM sns_poll p LEFT JOIN sns_pollfield pf ON pf.pid=p.pid WHERE p.pid='" + pid + "'"); if (!pollList.isEmpty()) { poll = pollList.get(0); } } if (poll == null) { if (!Common.checkPerm(request, response, "allowpoll")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_authority_to_add_poll"); } if (!mainService.checkRealName(request, "poll")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "poll")) { return showMessage(request, response, "no_privilege_videophoto"); } int result = mainService.checkNewUser(request, response); switch (result) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } int waittTime = Common.checkInterval(request, response, "post"); if (waittTime > 0) { return showMessage(request, response, "operating_too_fast", null, 1, waittTime); } } else { if (!Common.in_array(new String[] { "vote", "get", "invite" }, op) && !sGlobal.get("supe_uid").equals(poll.get("uid")) && !Common.checkPerm(request, response, "managepoll")) { return showMessage(request, response, "no_authority_operation_of_the_poll"); } } Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); try { if (submitCheck(request, "pollsubmit")) { int topicId = Common.intval(request.getParameter("topicid")); topicId = mainService.checkTopic(request, topicId, "poll"); if (Common.checkPerm(request, response, "seccode") && !mainService.checkSeccode(request, response, sGlobal, sConfig, request.getParameter("seccode"))) { return showMessage(request, response, "incorrect_code"); } int maxOption = 20; String subject = Common.getStr(request.getParameter("subject"), 80, true, true, true, 0, 0, request, response); if (Common.strlen(subject) < 2) { return showMessage(request, response, "title_not_too_little"); } String[] optionTemp = request.getParameterValues("option"); Object[] options = null; if (optionTemp != null) { options = Common.uniqueArray(optionTemp); } List<String> newOption = new ArrayList<String>(maxOption); List<String> preView = new ArrayList<String>(); if (options != null) { for (Object obj : options) { // ?, ??html??[img]xxxxx[/img] // String option = // Common.getStr(Common.trim(obj.toString()), 80, true, // true, true, 0, 0, request, response); Map<String, Object> result = PollService.processOptionContent(obj.toString(), request, response); String option = (String) result.get("STR"); if (Common.strlen(option) > 0 && newOption.size() < maxOption) { newOption.add(option); if (preView.size() < 2) { option = option.replace("onerror=\"this.src=''image/404.gif'';\"", "onerror=\"this.src='image/404.gif';\""); preView.add(option); } } } } maxOption = newOption.size(); if (maxOption < 2) { return showMessage(request, response, "add_at_least_two_further_options"); } int credit = Math.abs(Common.intval(request.getParameter("credit"))); int perCredit = Math.abs(Common.intval(request.getParameter("percredit"))); if (credit > (Integer) space.get("credit")) { return showMessage(request, response, "the_total_reward_should_not_overrun", null, 1, space.get("credit").toString()); } else if (credit < perCredit) { return showMessage(request, response, "wrong_total_reward"); } else if (credit != 0 || perCredit != 0) { if (credit == 0) { return showMessage(request, response, "the_total_reward_should_not_be_empty"); } else if (perCredit == 0) { return showMessage(request, response, "average_reward_should_not_be_empty"); } } if (perCredit != 0 && perCredit > (Integer) sConfig.get("maxreward")) { return showMessage(request, response, "average_reward_can_not_exceed", null, 1, sConfig.get("maxreward").toString()); } String message = Common.getStr(request.getParameter("message"), 0, true, true, true, 2, 0, request, response); int maxChoice = Common.intval(request.getParameter("maxchoice")); maxChoice = maxChoice < maxOption ? maxChoice : maxOption; int expiration = 0; if (!Common.empty(request.getParameter("expiration"))) { expiration = Common.strToTime(Common.trim(request.getParameter("expiration")) + " 23:59:59", Common.getTimeOffset(sGlobal, sConfig), "yyyy-MM-dd HH:mm:ss"); if (expiration <= (Integer) sGlobal.get("timestamp")) { return showMessage(request, response, "time_expired_error"); } } Map<String, Object> insertData = new HashMap<String, Object>(); insertData.put("uid", sGlobal.get("supe_uid")); insertData.put("username", sGlobal.get("supe_username")); insertData.put("subject", subject); insertData.put("multiple", maxChoice > 1 ? 1 : 0); insertData.put("maxchoice", maxChoice); insertData.put("sex", Common.intval(request.getParameter("sex"))); insertData.put("noreply", Common.intval(request.getParameter("noreply"))); insertData.put("credit", credit < 0 ? 0 : credit); insertData.put("percredit", perCredit < 0 ? 0 : perCredit); insertData.put("expiration", expiration); insertData.put("dateline", sGlobal.get("timestamp")); insertData.put("topicid", topicId); pid = dataBaseService.insertTable("sns_poll", insertData, true, false); insertData = new HashMap<String, Object>(); insertData.put("summary", ""); insertData.put("invite", ""); insertData.put("hotuser", ""); insertData.put("pid", pid); insertData.put("message", message); insertData.put("option", Common.sAddSlashes(Serializer.serialize(preView))); dataBaseService.insertTable("sns_pollfield", insertData, false, false); List<String> optionArr = new ArrayList<String>(newOption.size()); for (String value : newOption) { optionArr.add("('" + pid + "', '" + value + "')"); } dataBaseService.executeUpdate( "INSERT INTO sns_polloption (`pid`, `option`) VALUES " + Common.implode(optionArr, ",")); mainService.updateStat(sGlobal, sConfig, "poll", false); String pollNumSQL = null; if (Common.empty(space.get("pollnum"))) { Map whereArr = new HashMap(); whereArr.put("uid", space.get("uid")); space.put("pollnum", Common.getCount("sns_poll", whereArr, null)); pollNumSQL = "pollnum=" + space.get("pollnum"); } else { pollNumSQL = "pollnum=pollnum+1"; } Map<String, Integer> reward = Common.getReward("createpoll", false, 0, "", true, request, response); int updateCredit = reward.get("credit"); if (credit > 0) { updateCredit = updateCredit - credit; } dataBaseService.execute("UPDATE sns_space SET " + pollNumSQL + ", lastpost='" + sGlobal.get("timestamp") + "', updatetime='" + sGlobal.get("timestamp") + "', credit=credit+" + updateCredit + ", experience=experience+" + reward.get("experience") + " WHERE uid='" + sGlobal.get("supe_uid") + "'"); if (!Common.empty(request.getParameter("makefeed"))) { feedService.feedPublish(request, response, pid, "pid", true); } String URL = null; if (topicId != 0) { mainService.topicJoin(request, topicId, (Integer) sGlobal.get("supe_uid"), (String) sGlobal.get("supe_username")); URL = "zone.action?do=topic&topicid=" + topicId + "&view=poll"; } else { URL = "zone.action?uid=" + space.get("uid") + "&do=poll&pid=" + pid; } return showMessage(request, response, "do_success", URL, 0); } if ("addopt".equals(op)) { int count = dataBaseService .findRows("SELECT COUNT(*) FROM sns_polloption p WHERE pid='" + pid + "'"); if (count >= 20) { return showMessage(request, response, "option_exceeds_the_maximum_number_of", request.getParameter("refer")); } if (submitCheck(request, "addopt")) { // ?, ??html??[img]xxxxx[/img] // String newOption = // Common.getStr(request.getParameter("newoption"), 80, // true, true, true, 0, 0, request, response); Map<String, Object> result = PollService.processOptionContent(request.getParameter("newoption"), request, response); String newOption = (String) result.get("STR"); if (Common.strlen(newOption) < 1) { return showMessage(request, response, "added_option_should_not_be_empty"); } Map<String, Object> insertData = new HashMap<String, Object>(); insertData.put("pid", pid); insertData.put("option", newOption); dataBaseService.insertTable("sns_polloption", insertData, false, false); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } } else if ("delete".equals(op)) { if (submitCheck(request, "deletesubmit")) { if (adminDeleteService.deletePolls(request, response, (Integer) sGlobal.get("supe_uid"), pid)) { return showMessage(request, response, "do_success", "zone.action?uid=" + poll.get("uid") + "&do=poll&view=me"); } else { return showMessage(request, response, "failed_to_delete_operation"); } } } else if ("modify".equals(op)) { if (submitCheck(request, "modifysubmit")) { int expiration = 0; if (!Common.empty(request.getParameter("expiration"))) { expiration = Common.strToTime(Common.trim(request.getParameter("expiration")) + " 23:59:59", Common.getTimeOffset(sGlobal, sConfig), "yyyy-MM-dd HH:mm:ss"); if (expiration <= (Integer) sGlobal.get("timestamp")) { return showMessage(request, response, "time_expired_error", request.getParameter("refer")); } } Map setData = new HashMap(); setData.put("expiration", expiration); Map whereData = new HashMap(); whereData.put("pid", pid); dataBaseService.updateTable("sns_poll", setData, whereData); return showMessage(request, response, "do_success", "zone.action?uid=" + space.get("uid") + "&do=poll&pid=" + pid, 0); } request.setAttribute("poll", poll); } else if ("summary".equals(op)) { if (submitCheck(request, "summarysubmit")) { String summary = Common.getStr(request.getParameter("summary"), 0, true, true, true, 2, 0, request, response); Map setData = new HashMap(); setData.put("summary", summary); Map whereData = new HashMap(); whereData.put("pid", pid); dataBaseService.updateTable("sns_pollfield", setData, whereData); return showMessage(request, response, "do_success", "zone.action?uid=" + space.get("uid") + "&do=poll&pid=" + pid, 0); } poll = poll == null ? new HashMap<String, Object>() : poll; poll.put("summary", BBCode.html2bbcode(poll.get("summary").toString().replace("<br/>", "\n"))); request.setAttribute("poll", poll); } else if ("vote".equals(op)) { if (submitCheck(request, "votesubmit")) { if (Common.empty(poll)) { return showMessage(request, response, "voting_does_not_exist"); } if (!Common.empty(poll.get("sex")) && !poll.get("sex").equals(space.get("sex"))) { return showMessage(request, response, "no_privilege"); } int count = dataBaseService.findRows("SELECT COUNT(*) FROM sns_polluser WHERE uid='" + sGlobal.get("supe_uid") + "' AND pid='" + pid + "'"); if (count > 0) { return showMessage(request, response, "already_voted"); } String[] option = request.getParameterValues("option"); List<Integer> optionArr = new ArrayList<Integer>(option == null ? 0 : option.length); if (option != null) { for (String val : option) { optionArr.add(Common.intval(val)); if (optionArr.size() >= (Integer) poll.get("maxchoice")) { break; } } } List<Map<String, Object>> pollOptions = dataBaseService .executeQuery("SELECT `option` FROM sns_polloption WHERE oid IN ('" + Common.implode(optionArr, "','") + "') AND pid='" + pid + "'"); List<String> list = new ArrayList<String>(pollOptions.size()); for (Map<String, Object> value : pollOptions) { list.add(Common.sAddSlashes(value.get("option")).toString()); } if (list.isEmpty()) { return showMessage(request, response, "please_select_items_to_vote"); } dataBaseService.executeUpdate("UPDATE sns_polloption SET votenum=votenum+1 WHERE oid IN ('" + Common.implode(optionArr, "','") + "') AND pid='" + pid + "'"); Map<String, Object> insertData = new HashMap<String, Object>(); insertData.put("uid", sGlobal.get("supe_uid")); insertData.put("username", !Common.empty(request.getParameter("anonymous")) ? "" : sGlobal.get("supe_username")); insertData.put("pid", pid); insertData.put("option", Common.sAddSlashes( '"' + Common.implode(list, Common.getMessage(request, "cp_poll_separator")) + '"')); insertData.put("dateline", sGlobal.get("timestamp")); dataBaseService.insertTable("sns_polluser", insertData, false, false); String SQL = ""; if ((Integer) poll.get("credit") > 0 && (Integer) poll.get("percredit") > 0 && !poll.get("uid").equals(sGlobal.get("supe_uid"))) { if ((Integer) poll.get("credit") <= (Integer) poll.get("percredit")) { poll.put("percredit", poll.get("credit")); SQL = ",percredit=0"; } dataBaseService.executeUpdate("UPDATE sns_space SET credit=credit+" + poll.get("percredit") + " WHERE uid='" + sGlobal.get("supe_uid") + "'"); } else { poll.put("percredit", 0); } dataBaseService.executeUpdate("UPDATE sns_poll SET voternum=voternum+1, lastvote='" + sGlobal.get("timestamp") + "', credit=credit-" + poll.get("percredit") + " " + SQL + " WHERE pid='" + pid + "'"); if (!poll.get("uid").equals(sGlobal.get("supe_uid"))) { Common.getReward("joinpoll", true, 0, pid + "", true, request, response); } if (!poll.get("uid").equals(sGlobal.get("supe_uid"))) { mainService.updateHot(request, response, "pid", (Integer) poll.get("pid"), (String) poll.get("hotuser")); } mainService.updateStat(sGlobal, sConfig, "pollvote", false); if (request.getParameter("anonymous") == null && !sGlobal.get("supe_uid").equals(poll.get("uid")) && Common.ckPrivacy(sGlobal, sConfig, space, "joinpoll", 1)) { String title_template = Common.getMessage(request, "cp_take_part_in_the_voting"); Map title_data = new HashMap(); title_data.put("touser", "<a href=\"zone.action?uid=" + poll.get("uid") + "\">" + sNames.get(poll.get("uid")) + "</a>"); title_data.put("url", "zone.action?uid=" + poll.get("uid") + "&do=poll&pid=" + pid); title_data.put("subject", poll.get("subject")); title_data.put("reward", (Integer) poll.get("percredit") > 0 ? Common.getMessage(request, "cp_reward") : ""); mainService.addFeed(sGlobal, "poll", title_template, title_data, "", null, "", null, null, "", 0, 0, 0, "", false); } return showMessage(request, response, "do_success", "zone.action?uid=" + poll.get("uid") + "&do=poll&pid=" + pid + ((Integer) poll.get("percredit") > 0 ? "&reward=" + poll.get("percredit") : ""), 0); } } else if ("endreward".equals(op)) { if (submitCheck(request, "endrewardsubmit")) { Map setData = new HashMap(); setData.put("credit", 0); setData.put("percredit", 0); Map whereData = new HashMap(); whereData.put("pid", pid); dataBaseService.updateTable("sns_poll", setData, whereData); dataBaseService.executeUpdate("UPDATE sns_space SET credit=credit+" + poll.get("credit") + " WHERE uid='" + poll.get("uid") + "'"); return showMessage(request, response, "do_success", "zone.action?uid=" + poll.get("uid") + "&do=poll&pid=" + pid, 0); } } else if ("addreward".equals(op)) { if (submitCheck(request, "addrewardsubmit")) { int credit = Common.intval(request.getParameter("addcredit")); int perCredit = Common.intval(request.getParameter("addpercredit")); if (credit == 0 && perCredit == 0) { return showMessage(request, response, "fill_in_at_least_an_additional_value"); } else if (credit > (Integer) space.get("credit")) { return showMessage(request, response, "the_total_reward_should_not_overrun", null, 1, space.get("credit").toString()); } else if ((credit + (Integer) poll.get("credit")) < (perCredit + (Integer) poll.get("percredit"))) { return showMessage(request, response, "wrong_total_reward"); } if (perCredit != 0 && (perCredit + (Integer) poll.get("percredit")) > (Integer) sConfig.get("maxreward")) { return showMessage(request, response, "average_reward_can_not_exceed", null, 1, sConfig.get("maxreward").toString()); } if (credit > 0) { dataBaseService.executeUpdate("UPDATE sns_space SET credit=credit-" + credit + " WHERE uid='" + sGlobal.get("supe_uid") + "'"); } dataBaseService.execute("UPDATE sns_poll SET credit=credit+" + credit + ",percredit=percredit+" + perCredit + " WHERE pid='" + pid + "'"); return showMessage(request, response, "do_success", "zone.action?uid=" + poll.get("uid") + "&do=poll&pid=" + pid, 0); } int maxReward = (Integer) sConfig.get("maxreward") - (Integer) poll.get("percredit"); request.setAttribute("maxreward", maxReward); request.setAttribute("poll", poll); } else if ("get".equals(op)) { int perPage = 20; int page = Common.intval(request.getParameter("page")); if (page < 1) { page = 1; } int start = (page - 1) * perPage; int maxPage = (Integer) sConfig.get("maxpage"); String str = Common.ckStart(start, perPage, maxPage); if (str != null) { return showMessage(request, response, str); } String filtrate = Common.trim(request.getParameter("filtrate")); filtrate = Common.empty(filtrate) ? "new" : filtrate; Map<String, String[]> paramMap = request.getParameterMap(); paramMap.put("filtrate", new String[] { filtrate }); List<String> whereArr = new ArrayList<String>(); if ("we".equals(filtrate)) { if (Common.empty(space.get("feedfriend"))) { space.put("feedfriend", 0); } whereArr.add("uid IN (" + space.get("feedfriend") + ")"); } whereArr.add("pid='" + pid + "'"); String whereSQL = " WHERE " + Common.implode(whereArr, " AND "); int count = dataBaseService.findRows("SELECT COUNT(*) FROM sns_polluser " + whereSQL); if (count > 0) { List<Map<String, Object>> voteResult = dataBaseService .executeQuery("SELECT * FROM sns_polluser " + whereSQL + " ORDER BY dateline DESC LIMIT " + start + "," + perPage); request.setAttribute("voteresult", voteResult); request.setAttribute("multi", Common.multi(request, count, perPage, page, maxPage, "main.action?ac=poll&op=get&pid=" + pid + "&filtrate=" + filtrate, "showvoter", null)); } } else if ("invite".equals(op)) { String[] uidArr = poll.get("invite").toString().split(","); Map<String, Integer> newUid = new HashMap<String, Integer>(); for (int i = 0; i < uidArr.length; i++) { newUid.put(uidArr[i], i); } if (submitCheck(request, "invitesubmit")) { String[] ids = request.getParameterValues("ids"); if (ids != null) { Map newIds = new HashMap(); for (int i = 0; i < ids.length; i++) { String uid = ids[i]; if (newUid.get(uid) == null) { newIds.put(i, Common.intval(uid)); } } List<Map<String, Object>> spaceList = dataBaseService.executeQuery( "SELECT uid FROM sns_space WHERE uid IN (" + Common.sImplode(newIds) + ")"); newIds = new HashMap(); for (Map<String, Object> value : spaceList) { newIds.put(value.get("uid"), value.get("uid")); } List<Map<String, Object>> pollUserList = dataBaseService .executeQuery("SELECT uid FROM sns_polluser WHERE uid IN (" + Common.sImplode(newIds) + ") AND pid='" + pid + "'"); for (Map<String, Object> value : pollUserList) { newIds.remove(value.get("uid")); } String[] newInvite = arrayMerge(uidArr, newIds.values().toArray()); if (newInvite.length > 0) { dataBaseService.executeUpdate("UPDATE sns_pollfield SET invite='" + Common.implode(newInvite, ",") + "' WHERE pid='" + pid + "'"); } String note = Common.getMessage(request, "cp_note_poll_invite", new String[] { "zone.action?uid=" + poll.get("uid") + "&do=poll&pid=" + poll.get("pid"), poll.get("subject").toString(), (Integer) poll.get("percredit") > 0 ? Common.getMessage(request, "cp_reward") : "" }); for (Object uid : newIds.values()) { if (!Common.empty(uid) && !uid.equals(sGlobal.get("supe_uid"))) { mainService.addNotification(request, sGlobal, sConfig, (Integer) uid, "pollinvite", note, false); } } } return showMessage(request, response, "do_success", "zone.action?uid=" + poll.get("uid") + "&do=poll&pid=" + pid); } int perPage = 20; int page = Common.intval(request.getParameter("page")); if (page < 1) { page = 1; } int start = (page - 1) * perPage; int maxPage = (Integer) sConfig.get("maxpage"); String str = Common.ckStart(start, perPage, maxPage); if (str != null) { return showMessage(request, response, str); } List<String> whereArr = new ArrayList<String>(); String key = Common.stripSearchKey(request.getParameter("key")); if (!Common.empty(key)) { whereArr.add(" fusername LIKE '%" + key + "%' "); } int group = request.getParameter("group") != null ? Common.intval(request.getParameter("group")) : -1; Map<String, String[]> paramMap = request.getParameterMap(); paramMap.put("group", new String[] { group + "" }); if (group >= 0) { whereArr.add(" gid='" + group + "'"); } String SQL = !whereArr.isEmpty() ? "AND" + Common.implode(whereArr, " AND ") : ""; int count = dataBaseService.findRows("SELECT COUNT(*) FROM sns_friend WHERE uid='" + sGlobal.get("supe_uid") + "' AND status='1' " + SQL); List<Object> fUids = new ArrayList<Object>(); if (count > 0) { List<Map<String, Object>> list = dataBaseService.executeQuery( "SELECT * FROM sns_friend WHERE uid='" + sGlobal.get("supe_uid") + "' AND status='1' " + SQL + " ORDER BY num DESC, dateline DESC LIMIT " + start + "," + perPage); for (Map<String, Object> value : list) { fUids.add(value.get("fuid")); } request.setAttribute("list", list); } Map inviteArr = new HashMap(); List<Map<String, Object>> pollUserList = dataBaseService .executeQuery("SELECT uid FROM sns_polluser WHERE uid IN (" + Common.sImplode(fUids) + ") AND pid='" + pid + "'"); for (Map<String, Object> value : pollUserList) { inviteArr.put(value.get("uid"), value.get("uid")); } for (String strUid : uidArr) { int uid = Common.intval(strUid); inviteArr.put(uid, uid); } request.setAttribute("groups", Common.getFriendGroup(request)); Map groupSelect = new HashMap(); groupSelect.put(group + "", " selected"); request.setAttribute("multi", Common.multi(request, count, perPage, page, maxPage, "main.action?ac=poll&op=invite&pid=" + poll.get("pid") + "&group=" + group + "&key=" + key, null, null)); request.setAttribute("poll", poll); request.setAttribute("invitearr", inviteArr); } else if ("edithot".equals(op)) { if (!Common.checkPerm(request, response, "managepoll")) { return showMessage(request, response, "no_privilege"); } if (submitCheck(request, "hotsubmit")) { int hot = Common.intval(request.getParameter("hot")); Map setData = new HashMap(); setData.put("hot", hot); Map whereData = new HashMap(); whereData.put("pid", pid); dataBaseService.updateTable("sns_poll", setData, whereData); if (hot > 0) { feedService.feedPublish(request, response, hot, "hot", false); } else { whereData = new HashMap(); whereData.put("id", pid); whereData.put("idtype", "pid"); dataBaseService.updateTable("sns_feed", setData, whereData); } return showMessage(request, response, "do_success", "zone.action?uid=" + poll.get("uid") + "&do=poll&pid=" + pid, 0); } request.setAttribute("poll", poll); } else { int topicId = Common.intval(request.getParameter("topicid")); Map topic = null; if (topicId > 0) { topic = Common.getTopic(request, topicId); request.setAttribute("topic", topic); } if (topic != null) { Map actives = new HashMap(); actives.put("poll", " class=\"active\""); request.setAttribute("actives", actives); } request.setAttribute("topicid", topicId); Integer[] option = new Integer[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20 }; request.setAttribute("option", option); request.setAttribute("ckPrivacyBypoll", Common.ckPrivacy(sGlobal, sConfig, space, "poll", 1)); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("pid", pid); request.setAttribute("op", op); return include(request, response, sConfig, sGlobal, "cp_poll.jsp"); } public ActionForward cp_privacy(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); try { if (submitCheck(request, "privacysubmit")) { Map view = new HashMap(); Map feed = new HashMap(); Map privacy = (Map) space.get("privacy"); privacy.put("view", view); privacy.put("feed", feed); Pattern pattern = Pattern.compile(".*\\[(.*)\\]$"); Enumeration parameterNames = request.getParameterNames(); while (parameterNames.hasMoreElements()) { String name = (String) parameterNames.nextElement(); String key = pattern.matcher(name).replaceAll("$1"); String val = request.getParameter(name); if (name.startsWith("privacy[view]")) { view.put(key, Common.intval(val)); } else if (name.startsWith("privacy[feed]")) { feed.put(key, 1); } } mainService.privacyUpdate(privacy, (Integer) sGlobal.get("supe_uid")); if (!Common.empty(sConfig.get("my_status"))) { Map insertmap = new HashMap(); insertmap.put("uid", (Integer) sGlobal.get("supe_uid")); insertmap.put("action", "update"); insertmap.put("dateline", sGlobal.get("timestamp")); dataBaseService.insertTable("sns_userlog", insertmap, false, true); } return showMessage(request, response, "do_success", "main.action?ac=privacy"); } else if (submitCheck(request, "privacy2submit")) { Map filterIcon = new HashMap(); Map filterGid = new HashMap(); Map filterNote = new HashMap(); Map privacy = (Map) space.get("privacy"); privacy.put("filter_icon", filterIcon); privacy.put("filter_gid", filterGid); privacy.put("filter_note", filterNote); Pattern pattern = Pattern.compile(".*\\[(.*)\\]$"); Enumeration parameterNames = request.getParameterNames(); while (parameterNames.hasMoreElements()) { String name = (String) parameterNames.nextElement(); String key = pattern.matcher(name).replaceAll("$1"); String val = request.getParameter(name); if (name.startsWith("privacy[filter_icon]")) { filterIcon.put(key, 1); } else if (name.startsWith("privacy[filter_gid]")) { filterGid.put(Integer.valueOf(key), Common.intval(val)); } else if (name.startsWith("privacy[filter_note]")) { filterNote.put(key, 1); } } mainService.privacyUpdate(privacy, (Integer) sGlobal.get("supe_uid")); mainService.friendCache(request, sGlobal, sConfig, (Integer) sGlobal.get("supe_uid")); return showMessage(request, response, "do_success", "main.action?ac=privacy&op=view"); } String op = request.getParameter("op"); if ("view".equals(op)) { Map<Integer, String> groups = Common.getFriendGroup(request); Map<String, String> icons = new HashMap<String, String>(); Map<String, String> uids = new HashMap<String, String>(); Map<String, String> types = new HashMap<String, String>(); Map<String, String> appids = new HashMap<String, String>(); Map<String, Object> users = new HashMap<String, Object>(); Map<String, Object> iconnames = new HashMap<String, Object>(); Map<String, Object> privacy = (Map<String, Object>) space.get("privacy"); Map filterIcon = (Map) privacy.get("filter_icon"); Map filterNote = (Map) privacy.get("filter_note"); if (!Common.empty(filterIcon)) { Set<String> keys = filterIcon.keySet(); for (String key : keys) { String[] arr = key.split("\\|"); icons.put(key, arr[0]); uids.put(key, arr[1]); if (Common.isNumeric(arr[0])) { appids.put(key, arr[0]); } } } if (!Common.empty(filterNote)) { Set<String> keys = filterNote.keySet(); for (String key : keys) { String[] arr = key.split("\\|"); types.put(key, arr[0]); uids.put(key, arr[1]); if (Common.isNumeric(arr[0])) { appids.put(key, arr[0]); } } } if (uids.size() > 0) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT uid, username FROM sns_space WHERE uid IN (" + Common.sImplode(uids) + ")"); for (Map<String, Object> value : query) { users.put(String.valueOf(value.get("uid")), value.get("username")); } } if (appids.size() > 0) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT appid, appname FROM sns_myapp WHERE appid IN (" + Common.sImplode(appids) + ")"); for (Map<String, Object> value : query) { iconnames.put(String.valueOf(value.get("appid")), value.get("appname")); } } iconnames.put("activity", ""); iconnames.put("album", ""); iconnames.put("blog", ""); iconnames.put("comment", ""); iconnames.put("blogcomment", ""); iconnames.put("clickblog", "?"); iconnames.put("clickpic", "?"); iconnames.put("clickthread", "??"); iconnames.put("piccomment", ""); iconnames.put("sharecomment", ""); iconnames.put("debate", "?"); iconnames.put("forum", "?"); iconnames.put("doing", ""); iconnames.put("friend", "?"); iconnames.put("goods", "?"); iconnames.put("mood", ""); iconnames.put("mtag", ""); iconnames.put("event", ""); iconnames.put("eventcomment", ""); iconnames.put("eventmember", "??"); iconnames.put("eventmemberstatus", "?"); iconnames.put("home", ""); iconnames.put("poll", "?"); iconnames.put("post", "?"); iconnames.put("profile", ""); iconnames.put("reward", "??"); iconnames.put("share", ""); iconnames.put("sharenotice", ""); iconnames.put("show", ""); iconnames.put("task", ""); iconnames.put("thread", "?"); iconnames.put("post", "??"); iconnames.put("video", ""); iconnames.put("wall", ""); iconnames.put("credit", "?"); iconnames.put("poll", ""); iconnames.put("pollcomment", ""); iconnames.put("pollinvite", ""); request.setAttribute("groups", groups); request.setAttribute("uids", uids); request.setAttribute("icons", icons); request.setAttribute("users", users); request.setAttribute("types", types); request.setAttribute("iconnames", iconnames); request.setAttribute("cat_active_view", " class=\"active\""); } else if ("getgroup".equals(op)) { int gid = Common.intval(request.getParameter("gid")); List<String> users = dataBaseService.executeQuery("SELECT fusername FROM sns_friend WHERE uid='" + sGlobal.get("supe_uid") + "' AND status='1' AND gid='" + gid + "'", 1); String ustr = Common.empty(users) ? "" : (String) Common.sHtmlSpecialChars(Common.implode(users, " ")); return showMessage(request, response, ustr); } else { Map<String, Object> privacy = (Map<String, Object>) space.get("privacy"); Map view = (Map) privacy.get("view"); Map feed = (Map) privacy.get("feed"); Map viewShow = new HashMap(); Map feedShow = new HashMap(); for (Iterator it = view.keySet().iterator(); it.hasNext();) { String key = (String) it.next(); viewShow.put(key + "_" + view.get(key), " selected"); } for (Iterator it = feed.keySet().iterator(); it.hasNext();) { feedShow.put(it.next(), " checked"); } request.setAttribute("view", viewShow); request.setAttribute("feed", feedShow); request.setAttribute("cat_active_base", " class=\"active\""); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } return include(request, response, sConfig, sGlobal, "cp_privacy.jsp"); } public ActionForward cp_profile(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); String[] ops = { "base", "contact", "edu", "work", "info" }; String op = request.getParameter("op"); if (!Common.in_array(ops, op)) { op = "base"; } Integer uid = (Integer) space.get("uid"); String tname = " sns_spaceinfo"; try { if (op.equals("base")) { if (submitCheck(request, "profilesubmit") || submitCheck(request, "nextsubmit")) { Map<String, Object> setData = new HashMap<String, Object>(); setData.put("birthyear", Common.intval(request.getParameter("birthyear"))); setData.put("birthmonth", Common.intval(request.getParameter("birthmonth"))); setData.put("birthday", Common.intval(request.getParameter("birthday"))); setData.put("blood", Common.getStr(request.getParameter("blood"), 5, true, true, false, 0, 0, request, response)); setData.put("marry", Common.intval(request.getParameter("marry"))); setData.put("birthprovince", Common.getStr(request.getParameter("birthprovince"), 20, true, true, false, 0, 0, request, response)); setData.put("birthcity", Common.getStr(request.getParameter("birthcity"), 20, true, true, false, 0, 0, request, response)); setData.put("resideprovince", Common.getStr(request.getParameter("resideprovince"), 20, true, true, false, 0, 0, request, response)); setData.put("residecity", Common.getStr(request.getParameter("residecity"), 20, true, true, false, 0, 0, request, response)); int sex = Common.intval(request.getParameter("sex")); if (!Common.empty(sex) && Common.empty(space.get("sex"))) { setData.put("sex", sex); } File profileCache = new File(SysConstants.snsRoot + "/data/cache/cache_profilefield.jsp"); if (!profileCache.exists()) { cacheService.profilefield_cache(); } Map<Integer, Map> profileFields = Common.getCacheDate(request, response, "cache/cache_profilefield.jsp", "globalProfilefield"); Set<Entry<Integer, Map>> entrys = profileFields.entrySet(); for (Entry<Integer, Map> entry : entrys) { int key = entry.getKey(); Map value = entry.getValue(); if ("select".equals(value.get("formtype"))) { value.put("maxsize", 255); } setData.put("field_" + key, Common.getStr(request.getParameter("field_" + key), (Integer) value.get("maxsize"), true, true, false, 0, 0, request, response)); if (!Common.empty(value.get("required")) && Common.empty(setData.get("field_" + key))) { return showMessage(request, response, "field_required", null, 1, value.get("title")); } } Map whereData = new HashMap(); whereData.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_spacefield", setData, whereData); List<String> inserts = new ArrayList<String>(); Pattern p = Pattern.compile("friend\\[(.*)\\]"); for (Enumeration<String> e = request.getParameterNames(); e.hasMoreElements();) { String paramName = e.nextElement(); if (paramName.startsWith("friend[")) { String key = p.matcher(paramName).replaceAll("$1"); int value = Common.intval(request.getParameter(paramName)); inserts.add("('base','" + key + "','" + uid + "','','" + value + "')"); } } if (inserts.size() > 0) { dataBaseService .executeUpdate("DELETE FROM " + tname + " WHERE uid='" + uid + "' AND type='base'"); dataBaseService.executeUpdate("INSERT INTO " + tname + " (type,subtype,uid,title,friend) VALUES " + Common.implode(inserts, ",")); } setData = new HashMap(); setData.put("name", Common.getStr(request.getParameter("name"), 10, true, true, true, 0, 0, request, response)); setData.put("nickname", Common.getStr(request.getParameter("nickname"), 10, true, true, true, 0, 0, request, response)); setData.put("namestatus", Common.empty(sConfig.get("namecheck")) ? 1 : 0); boolean manageName = Common.checkPerm(request, response, "managename"); if (manageName) { setData.put("namestatus", 1); } int length = Common.strlen((String) setData.get("name")); if (length > 0 && length < 4) { return showMessage(request, response, "realname_too_short"); } String username = (String) space.get("username"); String newNickname = (String) setData.get("nickname"); String oldNickname = (String) space.get("nickname"); String newName = (String) setData.get("name"); String oldName = (String) space.get("name"); Integer namestatus = (Integer) setData.get("namestatus"); boolean autoCheck = namestatus == 1 ? true : false; Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); if (!newName.equals(oldName) || autoCheck) { // ?? boolean realNameCheck = !Common.empty(sConfig.get("realname")) ? true : false; if (realNameCheck && Common.empty(oldName) && !newName.equals(oldName) && autoCheck) { Map reward = Common.getReward("realname", false, 0, "", true, request, response); int credit = (Integer) reward.get("credit"); int experience = (Integer) reward.get("experience"); if (credit != 0) { setData.put("credit", (Integer) space.get("credit") + credit); } if (experience != 0) { setData.put("experience", (Integer) space.get("experience") + experience); } } else if (realNameCheck && !Common.empty(space.get("namestatus")) && !manageName) { Map reward = Common.getReward("editrealname", false, 0, "", true, request, response); int credit = (Integer) reward.get("credit"); int experience = (Integer) reward.get("experience"); if (!Common.empty(oldName) && !newName.equals(oldName) && (credit != 0 || experience != 0)) { int spaceExperience = (Integer) space.get("experience"); if (spaceExperience >= experience) { setData.put("experience", spaceExperience - experience); } else { String[] args = { String.valueOf(spaceExperience), String.valueOf(experience) }; return showMessage(request, response, "experience_inadequate", null, 1, args); } int spaceCredit = (Integer) space.get("credit"); if (spaceCredit >= credit) { setData.put("credit", spaceCredit - credit); } else { String[] args = { String.valueOf(spaceCredit), String.valueOf(credit) }; return showMessage(request, response, "integral_inadequate", null, 1, args); } } } whereData = new HashMap(); whereData.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_space", setData, whereData); Common.realname_set(sNames, uid, username, newNickname, newName, namestatus);// ?????? } else if (!newNickname.equals(oldNickname)) { // ? setData.remove("name"); setData.remove("namestatus"); whereData = new HashMap(); whereData.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_space", setData, whereData); Common.realname_set(sNames, uid, username, newNickname, newName, namestatus); } if (!Common.empty(sConfig.get("my_status"))) { Map insertData = new HashMap(); insertData.put("uid", sGlobal.get("supe_uid")); insertData.put("action", "update"); insertData.put("dateline", sGlobal.get("timestamp")); insertData.put("type", 0); dataBaseService.insertTable("sns_userlog", insertData, false, true); } if (Common.ckPrivacy(sGlobal, sConfig, space, "profile", 1)) { mainService.addFeed(sGlobal, "profile", Common.getMessage(request, "cp_feed_profile_update_base"), null, "", null, "", null, null, "", 0, 0, 0, "", false); } String url = null; if (submitCheck(request, "nextsubmit")) { url = "main.action?ac=profile&op=contact"; } else { url = "main.action?ac=profile&op=base"; } return showMessage(request, response, "update_on_successful_individuals", url); } Map sexmap = new HashMap(); sexmap.put(String.valueOf(space.get("sex")), " checked"); StringBuffer birthYearHtml = new StringBuffer(); int nowYear = Common.intval(Common.sgmdate(request, "yyyy", (Integer) sGlobal.get("timestamp"))); for (int i = 0; i < 100; i++) { int they = nowYear - i; String selected = they == (Integer) space.get("birthyear") ? "selected" : ""; birthYearHtml.append("<option value=\"" + they + "\" " + selected + ">" + they + "</option>"); } StringBuffer birthMonthHtml = new StringBuffer(); for (int i = 1; i < 13; i++) { String selected = i == (Integer) space.get("birthmonth") ? "selected" : ""; birthMonthHtml.append("<option value=\"" + i + "\" " + selected + ">" + i + "</option>"); } StringBuffer birthDayHtml = new StringBuffer(); for (int i = 1; i < 32; i++) { String selected = i == (Integer) space.get("birthday") ? "selected" : ""; birthDayHtml.append("<option value=\"" + i + "\" " + selected + ">" + i + "</option>"); } StringBuffer bloodHtml = new StringBuffer(); String[] blood = { "A", "B", "O", "AB" }; for (String value : blood) { String selected = value.equals(space.get("blood")) ? "selected" : ""; bloodHtml.append("<option value=\"" + value + "\" " + selected + ">" + value + "</option>"); } Map marriagemap = new HashMap(); marriagemap.put(String.valueOf(space.get("marry")), " selected"); List profileFields = new ArrayList(); List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_profilefield ORDER BY displayorder"); for (Map field : query) { int fieldId = (Integer) field.get("fieldid"); if ("text".equals(field.get("formtype"))) { field.put("formhtml", "<input type=\"text\" name=\"field_" + fieldId + "\" value=\"" + space.get("field_" + fieldId) + "\" class=\"t_input\">"); } else { StringBuffer formHtml = new StringBuffer(); formHtml.append("<select name=\"field_" + fieldId + "\">"); if (Common.empty(field.get("required"))) { formHtml.append("<option value=\"\"></option>"); } String[] options = ((String) field.get("choice")).split("\n"); for (String option : options) { option = option.trim(); if (option.length() != 0) { String selected = option.equals(space.get("field_" + fieldId)) ? "selected" : ""; formHtml.append("<option value=\"" + option + "\" " + selected + ">" + option + "</option>"); } } formHtml.append("</select>"); field.put("formhtml", formHtml.toString()); } profileFields.add(field); } Map friendmap = new HashMap(); List<Map<String, Object>> infoList = dataBaseService.executeQuery( "SELECT * FROM " + tname + " WHERE uid='" + space.get("uid") + "' AND type='base'"); for (Map info : infoList) { Map value = new HashMap(); value.put(String.valueOf(info.get("friend")), " selected"); friendmap.put(info.get("subtype"), value); } request.setAttribute("username", Common.stripSlashes((String) space.get("username"))); request.setAttribute("name", Common.stripSlashes((String) space.get("name"))); request.setAttribute("nickname", Common.stripSlashes((String) space.get("nickname"))); request.setAttribute("namechange", Common.empty(sConfig.get("namechange")) ? 0 : request.getParameter("namechange")); request.setAttribute("sexmap", sexmap); request.setAttribute("marriagemap", marriagemap); request.setAttribute("friendmap", friendmap); request.setAttribute("birthyearhtml", birthYearHtml.toString()); request.setAttribute("birthmonthhtml", birthMonthHtml.toString()); request.setAttribute("birthdayhtml", birthDayHtml.toString()); request.setAttribute("bloodhtml", bloodHtml.toString()); request.setAttribute("profilefields", profileFields); } else if (op.equals("contact")) { if ("1".equals(request.getParameter("resend"))) { String toEmail = !Common.empty(space.get("newemail")) ? (String) space.get("newemail") : (String) space.get("email"); mainService.sendEmailCheck(request, response, (Integer) space.get("uid"), toEmail); return showMessage(request, response, "do_success", "main.action?ac=profile&op=contact"); } // ??? if (submitCheck(request, "getmobilevalidatecode")) { String mobile = (String) request.getParameter("mobile"); if (Common.empty(mobile)) { return showMessage(request, response, "?"); } String validatecode = Common.createSeccode(); request.getSession().setAttribute("validatemobile", mobile); request.getSession().setAttribute("validatecode", validatecode); // ?? String smsContent = "" + (Common.empty(space.get("name")) ? space.get("username") : space.get("name")) + "??" + validatecode + ""; long sendresult = MobileSms.sendNote(smsContent, mobile); if (sendresult != -1) { return showMessage(request, response, "????"); } else { return showMessage(request, response, "??????"); } } if (submitCheck(request, "profilesubmit") || submitCheck(request, "nextsubmit")) { Map setmap = new HashMap(); setmap.put("mobile", Common.getStr(request.getParameter("mobile"), 40, true, true, false, 0, 0, request, response)); setmap.put("qq", Common.getStr(request.getParameter("qq"), 20, true, true, false, 0, 0, request, response)); setmap.put("msn", Common.getStr(request.getParameter("msn"), 80, true, true, false, 0, 0, request, response)); // ? Integer mobilestatus = (Integer) space.get("mobilestatus"); String mobile = (String) request.getParameter("mobile"); String mobilevalidatecode = (String) request.getParameter("mobilevalidatecode"); if (mobilestatus == 0 && !Common.empty(mobile) && !Common.empty(mobilevalidatecode)) { String validatemobile = (String) request.getSession().getAttribute("validatemobile"); String validatecode = (String) request.getSession().getAttribute("validatecode"); if (mobile.equals(validatemobile) && mobilevalidatecode.equalsIgnoreCase(validatecode)) { // mobilestatus1? String sql = "UPDATE sns_space SET mobilestatus = '1' WHERE uid='" + uid + "'"; dataBaseService.executeUpdate(sql); } else { return showMessage(request, response, "?????"); } } String newEmail = request.getParameter("email"); String oldEmail = (String) space.get("email"); if (newEmail != null && Common.isEmail(newEmail) && !newEmail.equals(oldEmail)) { if (!Common.empty(sConfig.get("uniqueemail"))) { Map where = new HashMap(); where.put("email", newEmail); where.put("emailcheck", 1); if (!Common.empty(Common.getCount("sns_spacefield", where, null))) { return showMessage(request, response, "uniqueemail_check"); } } String password = request.getParameter("password"); List<Map<String, Object>> members = dataBaseService.executeQuery( "SELECT * FROM sns_member WHERE uid = '" + sGlobal.get("supe_uid") + "'"); if (members.size() != 0) { Map<String, Object> member = members.get(0); password = Common.md5(Common.md5(password) + member.get("salt")); if (!password.equals(member.get("password"))) { return showMessage(request, response, "password_is_not_passed"); } } else { return showMessage(request, response, "password_is_not_passed"); } if (newEmail == null || newEmail.length() == 0) { setmap.put("email", ""); setmap.put("emailcheck", 0); } else if (!newEmail.equals(oldEmail)) { if (!Common.empty(space.get("emailcheck"))) { setmap.put("newemail", newEmail); } else { setmap.put("email", newEmail); } mainService.sendEmailCheck(request, response, (Integer) space.get("uid"), newEmail); } } Map wheremap = new HashMap(); wheremap.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_spacefield", setmap, wheremap); List inserts = new ArrayList(); Pattern p = Pattern.compile("friend\\[(.*)\\]"); for (Enumeration e = request.getParameterNames(); e.hasMoreElements();) { String paramName = (String) e.nextElement(); if (paramName.startsWith("friend[")) { String key = p.matcher(paramName).replaceAll("$1"); int value = Common.intval(request.getParameter(paramName)); inserts.add("('contact','" + key + "','" + space.get("uid") + "','','" + value + "')"); } } if (inserts.size() != 0) { dataBaseService.executeUpdate("DELETE FROM " + tname + " WHERE uid='" + space.get("uid") + "' AND type='contact'"); dataBaseService.executeUpdate("INSERT INTO " + tname + " (type,subtype,uid,title,friend) VALUES " + Common.implode(inserts, ",")); } if (!Common.empty(sConfig.get("my_status"))) { Map insertmap = new HashMap(); insertmap.put("uid", sGlobal.get("supe_uid")); insertmap.put("action", "update"); insertmap.put("dateline", sGlobal.get("timestamp")); insertmap.put("type", 2); dataBaseService.insertTable("sns_userlog", insertmap, false, true); } if (Common.ckPrivacy(sGlobal, sConfig, space, "profile", 1)) { mainService.addFeed(sGlobal, "profile", Common.getMessage(request, "cp_feed_profile_update_contact"), null, "", null, "", null, null, "", 0, 0, 0, "", false); } if (submitCheck(request, "nextsubmit")) { return showMessage(request, response, "update_on_successful_individuals", "main.action?ac=profile&op=edu"); } else { return showMessage(request, response, "update_on_successful_individuals", "main.action?ac=profile&op=contact"); } } Map friendmap = new HashMap(); List<Map<String, Object>> infoList = dataBaseService.executeQuery( "SELECT * FROM " + tname + " WHERE uid='" + space.get("uid") + "' AND type='contact'"); for (Map info : infoList) { Map value = new HashMap(); value.put(String.valueOf(info.get("friend")), " selected"); friendmap.put(info.get("subtype"), value); } request.setAttribute("friendmap", friendmap); } else if (op.equals("edu")) { if ("delete".equals(request.getParameter("subop"))) { int infoId = Common.intval(request.getParameter("infoid")); if (infoId != 0) { dataBaseService.executeUpdate("DELETE FROM " + tname + " WHERE infoid='" + infoId + "' AND uid='" + uid + "' AND type='edu'"); } } if (submitCheck(request, "profilesubmit") || submitCheck(request, "nextsubmit")) { List inserts = new ArrayList(); String[] title = request.getParameterValues("title[]"); String[] subTitle = request.getParameterValues("subtitle[]"); String[] startYear = request.getParameterValues("startyear[]"); String[] friend = request.getParameterValues("friend[]"); int groupCount = title.length; for (int i = 0; i < groupCount; i++) { title[i] = Common.getStr(title[i], 100, true, true, false, 0, 0, request, response); if (title[i].length() != 0) { subTitle[i] = Common.getStr(subTitle[i], 20, true, true, false, 0, 0, request, response); startYear[i] = String.valueOf(Common.intval(startYear[i])); friend[i] = String.valueOf(Common.intval(friend[i])); inserts.add("('" + uid + "','edu','" + title[i] + "','" + subTitle[i] + "','" + startYear[i] + "','" + friend[i] + "')"); } } if (inserts.size() != 0) { dataBaseService.executeUpdate( "INSERT INTO " + tname + " (uid,type,title,subtitle,startyear,friend) VALUES " + Common.implode(inserts, ",")); } if (!Common.empty(sConfig.get("my_status"))) { Map insertmap = new HashMap(); insertmap.put("uid", sGlobal.get("supe_uid")); insertmap.put("action", "update"); insertmap.put("dateline", sGlobal.get("timestamp")); insertmap.put("type", 2); dataBaseService.insertTable("sns_userlog", insertmap, false, true); } if (Common.ckPrivacy(sGlobal, sConfig, space, "profile", 1)) { mainService.addFeed(sGlobal, "profile", Common.getMessage(request, "cp_feed_profile_update_edu"), null, "", null, "", null, null, "", 0, 0, 0, "", false); } if (submitCheck(request, "nextsubmit")) { return showMessage(request, response, "update_on_successful_individuals", "main.action?ac=profile&op=work"); } else { return showMessage(request, response, "update_on_successful_individuals", "main.action?ac=profile&op=edu"); } } List<Map<String, Object>> list = dataBaseService.executeQuery( "SELECT * FROM " + tname + " WHERE uid='" + uid + "' AND type='edu' ORDER BY startyear"); for (Map<String, Object> value : list) { value.put("title_s", Common.urlEncode((String) value.get("title"))); value.put("friend", String.valueOf(value.get("friend"))); } request.setAttribute("list", list); } else if (op.equals("work")) { if ("delete".equals(request.getParameter("subop"))) { int infoId = Common.intval(request.getParameter("infoid")); if (infoId != 0) { dataBaseService.executeUpdate("DELETE FROM " + tname + " WHERE infoid='" + infoId + "' AND uid='" + uid + "' AND type='work'"); } } if (submitCheck(request, "profilesubmit") || submitCheck(request, "nextsubmit")) { List inserts = new ArrayList(); String[] title = request.getParameterValues("title[]"); String[] subTitle = request.getParameterValues("subtitle[]"); String[] startYear = request.getParameterValues("startyear[]"); String[] startMonth = request.getParameterValues("startmonth[]"); String[] endYear = request.getParameterValues("endyear[]"); String[] endMonth = request.getParameterValues("endmonth[]"); String[] friend = request.getParameterValues("friend[]"); int groupCount = title.length; for (int i = 0; i < groupCount; i++) { title[i] = Common.getStr(title[i], 100, true, true, false, 0, 0, request, response); if (title[i].length() != 0) { subTitle[i] = Common.getStr(subTitle[i], 20, true, true, false, 0, 0, request, response); startYear[i] = String.valueOf(Common.intval(startYear[i])); startMonth[i] = String.valueOf(Common.intval(startMonth[i])); endYear[i] = String.valueOf(Common.intval(endYear[i])); endMonth[i] = endYear[i].equals("0") == false ? String.valueOf(Common.intval(endMonth[i])) : "0"; friend[i] = String.valueOf(Common.intval(friend[i])); inserts.add("('" + uid + "','work','" + title[i] + "','" + subTitle[i] + "','" + startYear[i] + "','" + startMonth[i] + "','" + endYear[i] + "','" + endMonth[i] + "','" + friend[i] + "')"); } } if (inserts.size() != 0) { dataBaseService.executeUpdate("INSERT INTO " + tname + " (uid,type,title,subtitle,startyear,startmonth,endyear,endmonth,friend) VALUES " + Common.implode(inserts, ",")); } if (!Common.empty(sConfig.get("my_status"))) { Map insertmap = new HashMap(); insertmap.put("uid", sGlobal.get("supe_uid")); insertmap.put("action", "update"); insertmap.put("dateline", sGlobal.get("timestamp")); insertmap.put("type", 2); dataBaseService.insertTable("sns_userlog", insertmap, false, true); } if (Common.ckPrivacy(sGlobal, sConfig, space, "profile", 1)) { mainService.addFeed(sGlobal, "profile", Common.getMessage(request, "cp_feed_profile_update_work"), null, "", null, "", null, null, "", 0, 0, 0, "", false); } if (submitCheck(request, "nextsubmit")) { return showMessage(request, response, "update_on_successful_individuals", "main.action?ac=profile&op=info"); } else { return showMessage(request, response, "update_on_successful_individuals", "main.action?ac=profile&op=work"); } } List<Map<String, Object>> list = dataBaseService .executeQuery("SELECT * FROM " + tname + " WHERE uid='" + uid + "' AND type='work' ORDER BY startyear,startmonth,endyear,endmonth"); for (Map<String, Object> value : list) { value.put("title_s", Common.urlEncode((String) value.get("title"))); value.put("friend", String.valueOf(value.get("friend"))); } request.setAttribute("list", list); } else if (op.equals("info")) { if (submitCheck(request, "profilesubmit")) { Pattern p = Pattern.compile("info\\[(.+)\\]"); List inserts = new ArrayList(); for (Enumeration e = request.getParameterNames(); e.hasMoreElements();) { String elementName = (String) e.nextElement(); if (elementName.startsWith("info[")) { String key = p.matcher(elementName).replaceAll("$1"); String value = Common.getStr(request.getParameter(elementName), 500, true, true, false, 0, 0, request, response); String friend = request.getParameter("info_friend[" + key + "]"); inserts.add("('" + uid + "','info','" + key + "','" + value + "','" + friend + "')"); } } if (inserts.isEmpty() == false) { dataBaseService .executeUpdate("DELETE FROM " + tname + " WHERE uid='" + uid + "' AND type='info'"); dataBaseService.executeUpdate("INSERT INTO " + tname + " (uid,type,subtype,title,friend) VALUES " + Common.implode(inserts, ",")); } if (!Common.empty(sConfig.get("my_status"))) { Map insert = new HashMap(); insert.put("uid", sGlobal.get("supe_uid")); insert.put("action", "update"); insert.put("dateline", sGlobal.get("timestamp")); insert.put("type", 2); dataBaseService.insertTable("sns_userlog", insert, false, true); } if (Common.ckPrivacy(sGlobal, sConfig, space, "profile", 1)) { mainService.addFeed(sGlobal, "profile", Common.getMessage(request, "cp_feed_profile_update_info"), null, "", null, "", null, null, "", 0, 0, 0, "", false); } return showMessage(request, response, "update_on_successful_individuals", "main.action?ac=profile&op=info"); } Map infoarr = new LinkedHashMap(); infoarr.put("trainwith", ""); infoarr.put("interest", ""); infoarr.put("book", "?"); infoarr.put("movie", ""); infoarr.put("tv", ""); infoarr.put("music", "?"); infoarr.put("game", "?"); infoarr.put("sport", "?"); infoarr.put("idol", "??"); infoarr.put("motto", "?"); infoarr.put("wish", ""); infoarr.put("intro", ""); Map list = new HashMap(); Map friends = new HashMap(); List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM " + tname + " WHERE uid='" + uid + "' AND type='info'"); for (Map<String, Object> value : query) { list.put(value.get("subtype"), value); Map map = new HashMap(); map.put(String.valueOf(value.get("friend")), " selected"); friends.put(value.get("subtype"), map); } request.setAttribute("list", list); request.setAttribute("friends", friends); request.setAttribute("infoarr", infoarr); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } if (op.equals("edu") || op.equals("work")) { StringBuffer yearHtml = new StringBuffer(); int nowYear = Common.intval(Common.sgmdate(request, "yyyy", (Integer) sGlobal.get("timestamp"))); for (int i = 0; i < 50; i++) { int they = nowYear - i; yearHtml.append("<option value=\"" + they + "\">" + they + "</option>"); } StringBuffer monthHtml = new StringBuffer(); for (int i = 1; i < 13; i++) { monthHtml.append("<option value=\"" + i + "\">" + i + "</option>"); } request.setAttribute("yearhtml", yearHtml); request.setAttribute("monthhtml", monthHtml); } String theUrl = "main.action?ac=profile&op=" + op; Map farr = new HashMap(); farr.put("0", ""); farr.put("1", "?"); farr.put("3", ""); request.setAttribute("cat_actives_" + op, " class=\"active\""); request.setAttribute("farr", farr); request.setAttribute("theurl", theUrl); request.setAttribute("op", op); return include(request, response, sConfig, sGlobal, "cp_profile.jsp"); } public ActionForward cp_relatekw(HttpServletRequest request, HttpServletResponse response) throws UnsupportedEncodingException { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); if (Common.empty(sConfig.get("headercharset"))) { Map<String, String> snsConf = SysConstants.snsConfig; response.setContentType("text/html; charset=" + snsConf.get("charset")); } sGlobal.put("inajax", 1); String subjectEncode = Common.stripTags(Common.urlDecode(request.getParameter("subjectenc"), "UTF-8")); try { List<String> keywords = getKeyWord(subjectEncode); String result = Common.implode(keywords, " "); return showMessage(request, response, result.trim()); } catch (Exception e) { return showMessage(request, response, " "); } } public ActionForward cp_sendmail(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); if (Common.empty(sConfig.get("sendmailday"))) { return showMessage(request, response, "no_privilege"); } try { if (submitCheck(request, "setsendemailsubmit")) { Map<String, String> sendMail = new HashMap<String, String>(); Map<String, String[]> sendMails = request.getParameterMap(); Set<String> keys = sendMails.keySet(); String var = null, value = null; for (String key : keys) { if (key.startsWith("sendmail_")) { var = key.substring(key.indexOf("_") + 1); value = sendMails.get(key)[0].trim(); sendMail.put(var, value); } } Map<String, Object> setData = new HashMap<String, Object>(); setData.put("sendmail", Common.addSlashes(Serializer.serialize(sendMail))); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("uid", space.get("uid")); dataBaseService.updateTable("sns_spacefield", setData, whereData); return showMessage(request, response, "do_success", "main.action?ac=sendmail"); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } if (Common.empty(space.get("email"))) { return showMessage(request, response, "email_input"); } Map<String, String> sendMail = Serializer.unserialize((String) space.get("sendmail"), false); if (Common.empty(sendMail)) { request.setAttribute("checked", " checked"); request.setAttribute("selected", " selected"); } else { Map<String, String> pitchOn = new HashMap<String, String>(); Set<String> keys = sendMail.keySet(); for (String key : keys) { String value = sendMail.get(key); if ("frequency".equals(key)) { pitchOn.put("frequency_" + value, " selected"); } else { pitchOn.put(key, "0".equals(value) ? "" : " checked"); } } request.setAttribute("pitchOn", pitchOn); } return include(request, response, sConfig, sGlobal, "cp_sendmail.jsp"); } public ActionForward cp_share(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); String tempS = request.getParameter("sid"); int sid = Common.intval(tempS); String op = request.getParameter("op"); int supe_uid = (Integer) sGlobal.get("supe_uid"); if ("delete".equals(op)) { boolean sc = false; try { sc = submitCheck(request, "deletesubmit"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } String type = request.getParameter("type"); if (sc) { adminDeleteService.deleteShares(request, response, supe_uid, new Integer[] { sid }); return showMessage(request, response, "do_success", "view".equals(type) ? "zone.action?do=share" : request.getParameter("refer"), 0); } request.setAttribute("sid", sid); request.setAttribute("type", type); } else if ("edithot".equals(op)) { if (!Common.checkPerm(request, response, "manageshare")) { return showMessage(request, response, "no_privilege"); } List<Map<String, Object>> query; Map<String, Object> share = null; if (sid != 0) { query = dataBaseService.executeQuery("SELECT * FROM sns_share WHERE sid='" + sid + "'"); share = query.size() > 0 ? query.get(0) : null; if (Common.empty(share)) { return showMessage(request, response, "no_privilege"); } } try { if (submitCheck(request, "hotsubmit")) { tempS = request.getParameter("hot"); int hot = Common.intval(tempS); Map<String, Object> setData = new HashMap<String, Object>(); setData.put("hot", hot); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("sid", sid); dataBaseService.updateTable("sns_share", setData, whereData); if (hot > 0) { feedService.feedPublish(request, response, sid, "sid", false); } else { whereData.clear(); whereData.put("id", sid); whereData.put("idtype", "sid"); dataBaseService.updateTable("sns_feed", setData, whereData); } return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("sid", sid); request.setAttribute("share", share); } else { if (!Common.checkPerm(request, response, "allowshare")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (!mainService.checkRealName(request, "share")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "share")) { return showMessage(request, response, "no_privilege_videophoto"); } int result = mainService.checkNewUser(request, response); switch (result) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } tempS = request.getParameter("type"); String type = Common.empty(tempS) ? "" : tempS; tempS = request.getParameter("id"); int id = Common.empty(tempS) ? 0 : Common.intval(tempS); int note_uid = 0; String note_message = ""; Object[] hotarr; Map<String, Object> arr = new HashMap<String, Object>(); if ("space".equals(type)) { if (id == (Integer) space.get("uid")) { return showMessage(request, response, "share_space_not_self"); } Map<String, Object> tospace = Common.getSpace(request, sGlobal, sConfig, id); if (Common.empty(tospace)) { return showMessage(request, response, "space_does_not_exist"); } if (mainService.isBlackList((Integer) tospace.get("uid"), supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } arr.put("title_template", Common.getMessage(request, "cp_share_space")); arr.put("body_template", "<b>{username}</b><br>{reside}<br>{spacenote}"); Map<String, String> body_data = new HashMap<String, String>(); body_data.put("username", "<a href=\"zone.action?uid=" + id + "\">" + sNames.get((Integer) tospace.get("uid")) + "</a>"); body_data.put("reside", (String) tospace.get("resideprovince") + (String) tospace.get("residecity")); body_data.put("spacenote", (String) tospace.get("spacenote")); arr.put("body_data", body_data); body_data = null; String attachUrl = SysConstants.snsConfig.get("attachUrl"); arr.put("image", mainService.ckavatar(sGlobal, sConfig, id) ? Common.avatar(id, "middle", true, sGlobal, sConfig) : attachUrl + "/avatar/not_avatar_middle.png"); arr.put("image_link", "zone.action?uid=" + id); note_uid = id; note_message = Common.getMessage(request, "cp_note_share_space"); } else if ("blog".equals(type)) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT b.*,bf.message,bf.hotuser FROM sns_blog b LEFT JOIN sns_blogfield bf ON bf.blogid=b.blogid WHERE b.blogid='" + id + "'"); Map<String, Object> blog = query.size() > 0 ? query.get(0) : null; if (Common.empty(blog)) { return showMessage(request, response, "blog_does_not_exist"); } int blogUid = (Integer) blog.get("uid"); if (blogUid == (Integer) space.get("uid")) { return showMessage(request, response, "share_not_self"); } if ((Integer) blog.get("friend") != 0) { return showMessage(request, response, "logs_can_not_share"); } if (mainService.isBlackList(blogUid, supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } int blogid = (Integer) blog.get("blogid"); arr.put("title_template", Common.getMessage(request, "cp_share_blog")); arr.put("body_template", "<b>{subject}</b><br>{username}<br>{message}"); Map<String, String> body_data = new HashMap<String, String>(); body_data.put("subject", "<a href=\"zone.action?uid=" + blogUid + "&do=blog&id=" + blogid + "\">" + blog.get("subject") + "</a>"); body_data.put("username", "<a href=\"zone.action?uid=" + blogUid + "\">" + sNames.get(blogUid) + "</a>"); try { tempS = Common.getStr((String) blog.get("message"), 150, false, true, false, 0, -1, request, response); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } body_data.put("message", tempS); arr.put("body_data", body_data); if (!Common.empty(blog.get("pic"))) { arr.put("image", Common.pic_cover_get(sConfig, (String) blog.get("pic"), (Integer) blog.get("picflag"))); arr.put("image_link", "zone.action?uid=" + blogUid + "&do=blog&id=" + blogid); } note_uid = blogUid; note_message = Common.getMessage(request, "cp_note_share_blog", "zone.action?uid=" + blogUid + "&do=blog&id=" + blogid, (String) blog.get("subject")); hotarr = new Object[] { "blogid", blogid, blog.get("hotuser") }; } else if ("album".equals(type)) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_album WHERE albumid='" + id + "'"); Map<String, Object> album = query.size() > 0 ? query.get(0) : null; if (Common.empty(album)) { return showMessage(request, response, "album_does_not_exist"); } int albumUid = (Integer) album.get("uid"); if (albumUid == (Integer) space.get("uid")) { return showMessage(request, response, "share_not_self"); } if ((Integer) album.get("friend") != 0) { return showMessage(request, response, "album_can_not_share"); } if (mainService.isBlackList(albumUid, supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } arr.put("title_template", Common.getMessage(request, "cp_share_album")); arr.put("body_template", "<b>{albumname}</b><br>{username}"); Map<String, String> body_data = new HashMap<String, String>(); body_data.put("albumname", "<a href=\"zone.action?uid=" + albumUid + "&do=album&id=" + album.get("albumid") + "\">" + album.get("albumname") + "</a>"); body_data.put("username", "<a href=\"zone.action?uid=" + albumUid + "\">" + sNames.get(albumUid) + "</a>"); arr.put("body_data", body_data); arr.put("image", Common.pic_cover_get(sConfig, (String) album.get("pic"), (Integer) album.get("picflag"))); arr.put("image_link", "zone.action?uid=" + albumUid + "&do=album&id=" + album.get("albumid")); note_uid = albumUid; note_message = Common.getMessage(request, "cp_note_share_album", "zone.action?uid=" + albumUid + "&do=album&id=" + album.get("albumid"), (String) album.get("albumname")); } else if ("pic".equals(type)) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT album.albumid, album.albumname, album.friend, pic.*, pf.* FROM " + " sns_pic pic LEFT JOIN sns_picfield pf ON pf.picid=pic.picid LEFT JOIN sns_album album ON album.albumid=pic.albumid " + "WHERE pic.picid='" + id + "'"); Map<String, Object> pic = query.size() > 0 ? query.get(0) : null; if (Common.empty(pic)) { return showMessage(request, response, "image_does_not_exist"); } int picUid = (Integer) pic.get("uid"); if (picUid == (Integer) space.get("uid")) { return showMessage(request, response, "share_not_self"); } if ((Integer) pic.get("friend") != 0) { return showMessage(request, response, "image_can_not_share"); } if (mainService.isBlackList(picUid, supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } if (Common.empty(pic.get("albumid"))) pic.put("albumid", 0); if (Common.empty(pic.get("albumname"))) pic.put("albumname", Common.getMessage(request, "cp_default_albumname")); int picid = (Integer) pic.get("picid"); arr.put("title_template", Common.getMessage(request, "cp_share_image")); arr.put("body_template", Common.getMessage(request, "cp_album") + ": <b>{albumname}</b><br>{username}<br>{title}"); Map<String, String> body_data = new HashMap<String, String>(); body_data.put("albumname", "<a href=\"zone.action?uid=" + picUid + "&do=album&id=" + pic.get("albumid") + "\">" + pic.get("albumname") + "</a>"); body_data.put("username", "<a href=\"zone.action?uid=" + picUid + "\">" + sNames.get(picUid) + "</a>"); try { tempS = Common.getStr((String) pic.get("title"), 100, false, true, false, 0, -1, request, response); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } body_data.put("title", tempS); arr.put("body_data", body_data); arr.put("image", Common.pic_get(sConfig, (String) pic.get("filepath"), (Integer) pic.get("thumb"), (Integer) pic.get("remote"), true)); arr.put("image_link", "zone.action?uid=" + picUid + "&do=album&picid=" + picid); note_uid = picUid; note_message = Common.getMessage(request, "cp_note_share_pic", "zone.action?uid=" + picUid + "&do=album&picid=" + picid, (String) pic.get("albumname")); hotarr = new Object[] { "picid", picid, pic.get("hotuser") }; } else if ("thread".equals(type)) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT t.*, p.message, p.hotuser FROM sns_thread t LEFT JOIN sns_post p ON p.tid=t.tid AND p.isthread='1' WHERE t.tid='" + id + "'"); Map<String, Object> thread = query.size() > 0 ? query.get(0) : null; if (Common.empty(thread)) { return showMessage(request, response, "topics_does_not_exist"); } int threadUid = (Integer) thread.get("uid"); if (threadUid == (Integer) space.get("uid")) { return showMessage(request, response, "share_not_self"); } if (mainService.isBlackList(threadUid, supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } Map globalProfield = Common.getCacheDate(request, response, "cache/cache_profield.jsp", "globalProfield"); query = dataBaseService .executeQuery("SELECT * FROM sns_mtag WHERE tagid='" + thread.get("tagid") + "'"); Map<String, Object> mtag = query.size() > 0 ? query.get(0) : new HashMap<String, Object>(); if (globalProfield == null) { tempS = ""; } else { Map tempM = (Map) globalProfield.get(mtag.get("fieldid")); if (tempM == null) { tempS = ""; } else { tempS = (String) tempM.get("title"); } } mtag.put("title", tempS); int threadTid = (Integer) thread.get("tid"); arr.put("title_template", Common.getMessage(request, "cp_share_thread")); arr.put("body_template", "<b>{subject}</b><br>{username}<br>" + Common.getMessage(request, "cp_mtag") + ": {mtag} ({field})<br>{message}"); Map<String, String> body_data = new HashMap<String, String>(); body_data.put("subject", "<a href=\"zone.action?uid=" + threadUid + "&do=thread&id=" + threadTid + "\">" + thread.get("subject") + "</a>"); body_data.put("username", "<a href=\"zone.action?uid=" + threadUid + "\">" + sNames.get(threadUid) + "</a>"); body_data.put("mtag", "<a href=\"zone.action?do=mtag&tagid=" + mtag.get("tagid") + "\">" + mtag.get("tagname") + "</a>"); body_data.put("field", "<a href=\"zone.action?do=mtag&id=" + mtag.get("fieldid") + "\">" + mtag.get("title") + "</a>"); try { tempS = Common.getStr((String) thread.get("message"), 150, false, true, false, 0, -1, request, response); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } body_data.put("message", tempS); arr.put("body_data", body_data); arr.put("image", ""); arr.put("image_link", ""); note_uid = threadUid; note_message = Common.getMessage(request, "cp_note_share_thread", "zone.action?uid=" + threadUid + "&do=thread&id=" + threadTid, (String) thread.get("subject")); hotarr = new Object[] { "picid", threadTid, thread.get("hotuser") }; } else if ("mtag".equals(type)) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_mtag WHERE tagid='" + id + "'"); Map<String, Object> mtag = query.size() > 0 ? query.get(0) : null; if (Common.empty(mtag)) { return showMessage(request, response, "designated_election_it_does_not_exist"); } Map globalProfield = Common.getCacheDate(request, response, "cache/cache_profield.jsp", "globalProfield"); if (globalProfield == null) { tempS = ""; } else { Map tempM = (Map) globalProfield.get(mtag.get("fieldid")); if (tempM == null) { tempS = ""; } else { tempS = (String) tempM.get("title"); } } mtag.put("title", tempS); arr.put("title_template", Common.getMessage(request, "cp_share_mtag")); arr.put("body_template", "<b>{mtag}</b><br>{field}<br>" + Common.getMessage(request, "cp_share_mtag_membernum")); Map<String, String> body_data = new HashMap<String, String>(); body_data.put("mtag", "<a href=\"zone.action?do=mtag&tagid=" + mtag.get("tagid") + "\">" + mtag.get("tagname") + "</a>"); body_data.put("field", "<a href=\"zone.action?do=mtag&id=" + mtag.get("fieldid") + "\">" + mtag.get("title") + "</a>"); body_data.put("membernum", mtag.get("membernum").toString()); arr.put("body_data", body_data); arr.put("image", mtag.get("pic")); arr.put("image_link", "zone.action?do=mtag&tagid=" + mtag.get("tagid")); } else if ("tag".equals(type)) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_tag WHERE tagid='" + id + "'"); Map<String, Object> tag = query.size() > 0 ? query.get(0) : null; if (Common.empty(tag)) { return showMessage(request, response, "tag_does_not_exist"); } arr.put("title_template", Common.getMessage(request, "cp_share_tag")); arr.put("body_template", "<b>{tagname}</b><br>" + Common.getMessage(request, "cp_share_tag_blognum")); Map<String, String> body_data = new HashMap<String, String>(); body_data.put("tagname", "<a href=\"zone.action?do=tag&id=" + tag.get("tagid") + "\">" + tag.get("tagname") + "</a>"); body_data.put("blognum", tag.get("blognum").toString()); arr.put("body_data", body_data); arr.put("image", ""); arr.put("image_link", ""); } else if ("event".equals(type)) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT e.*, ef.hotuser FROM sns_event e LEFT JOIN sns_eventfield ef ON ef.eventid=e.eventid WHERE e.eventid='" + id + "'"); Map<String, Object> event = query.size() > 0 ? query.get(0) : null; if (Common.empty(event)) { return showMessage(request, response, "event_does_not_exist"); } int eventUid = (Integer) event.get("uid"); if (eventUid == (Integer) space.get("uid")) { return showMessage(request, response, "share_not_self"); } if (mainService.isBlackList(eventUid, supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } arr.put("title_template", Common.getMessage(request, "cp_share_event")); arr.put("body_template", "<b>{eventname}</b><br>" + Common.getMessage(request, "cp_event_time") + ": {eventtime}<br>" + Common.getMessage(request, "cp_event_location") + ": {eventlocation}<br>" + Common.getMessage(request, "cp_event_creator") + ": {eventcreator}"); Map<String, String> body_data = new HashMap<String, String>(); body_data.put("eventname", "<a href=\"zone.action?do=event&id=" + event.get("eventid") + "\">" + event.get("title") + "</a>"); body_data.put("eventtime", Common.sgmdate(request, "MM-dd HH:mm", (Integer) event.get("starttime")) + " - " + Common.sgmdate(request, "MM-dd HH:mm", (Integer) event.get("endtime"))); body_data.put("eventlocation", event.get("province") + " " + event.get("city") + " " + event.get("location")); body_data.put("eventcreator", (String) event.get("username")); arr.put("body_data", body_data); if (Common.empty(event.get("poster"))) { Map globalEventClass = Common.getCacheDate(request, response, "cache/cache_eventclass.jsp", "globalEventClass"); if (globalEventClass == null) { tempS = ""; } else { Map tempM = (Map) globalEventClass.get(event.get("classid")); if (tempM == null) { tempS = ""; } else { tempS = (String) tempM.get("poster"); } } } else { tempS = SysConstants.snsConfig.get("attachUrl") + event.get("poster"); } arr.put("image", tempS); arr.put("image_link", "zone.action?do=event&id=" + event.get("eventid")); hotarr = new Object[] { "eventid", event.get("eventid"), event.get("hotuser") }; } else if ("poll".equals(type)) { List<Map<String, Object>> query = dataBaseService.executeQuery( "SELECT p.*,pf.* FROM sns_poll p LEFT JOIN sns_pollfield pf ON pf.pid=p.pid WHERE p.pid='" + id + "'"); Map<String, Object> poll = query.size() > 0 ? query.get(0) : null; if (Common.empty(poll)) { return showMessage(request, response, "poll_does_not_exist"); } int pollUid = (Integer) poll.get("uid"); if (pollUid == (Integer) space.get("uid")) { return showMessage(request, response, "share_not_self"); } if (mainService.isBlackList(pollUid, supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } if (Common.empty(poll.get("albumid"))) poll.put("albumid", 0); if (Common.empty(poll.get("albumname"))) poll.put("albumname", Common.getMessage(request, "default_albumname")); int pid = (Integer) poll.get("pid"); arr.put("title_template", Common.getMessage(request, "cp_share_poll", !Common.empty(poll.get("percredit")) ? Common.getMessage(request, "cp_reward") : "")); arr.put("body_template", "<b>{subject}</b><br>{user}<br>{option}"); StringBuilder optionstr = new StringBuilder(); List<String> subList = Serializer.unserialize((String) poll.get("option")); poll.put("option", subList); String val; for (int key = 0; key < subList.size(); key++) { val = subList.get(key); optionstr.append("<input type=\""); if (!Common.empty(poll.get("multiple"))) { optionstr.append("checkbox"); } else { optionstr.append("radio"); } optionstr.append("\" disabled name=\"poll_"); optionstr.append(key); optionstr.append("\"/>"); optionstr.append(val); optionstr.append("<br/>"); } Map<String, String> body_data = new HashMap<String, String>(); body_data.put("user", "<a href=\"zone.action?uid=" + pollUid + "\">" + sNames.get(pollUid) + "</a>"); body_data.put("subject", "<a href=\"zone.action?uid=" + pollUid + "&do=poll&pid=" + pid + "\">" + poll.get("subject") + "</a>"); body_data.put("option", optionstr.toString()); arr.put("body_data", body_data); note_uid = pollUid; note_message = Common.getMessage(request, "cp_note_share_poll", "zone.action?uid=" + pollUid + "&do=poll&pid=" + pid, (String) poll.get("subject")); hotarr = new Object[] { "pid", pid, poll.get("hotuser") }; } else { Map<String, Object> topic = null; tempS = request.getParameter("topicid"); int topicid = Common.intval(tempS); if (topicid != 0) { topic = Common.getTopic(request, topicid); } if (!Common.empty(topic)) { Map<String, String> actives = new HashMap<String, String>(); actives.put("share", " class=\"active\""); } sGlobal.put("refer", "zone.action?do=share&view=me"); type = "link"; op = "link"; request.setAttribute("topic", topic); request.setAttribute("topicid", topicid); } try { if (submitCheck(request, "sharesubmit")) { int topicid = Common.intval(request.getParameter("topicid")); topicid = mainService.checkTopic(request, topicid, "share"); if ("link".equals(type) && Common.checkPerm(request, response, "seccode") && !mainService .checkSeccode(request, response, sGlobal, sConfig, request.getParameter("seccode"))) { return showMessage(request, response, "incorrect_code"); } String refer = request.getParameter("refer"); if (Common.empty(refer)) { refer = "zone.action?do=share&view=me"; } if ("link".equals(type)) { String link = request.getParameter("link"); link = link != null ? link : ""; link = (String) Common.sHtmlSpecialChars(link.trim()); if (!Common.empty(link)) { if (!link.matches("(?i)^(http|ftp|https|mms)://.{4,300}$")) { link = ""; } } if (Common.empty(link)) { return showMessage(request, response, "url_incorrect_format"); } arr.put("title_template", Common.getMessage(request, "cp_share_link")); arr.put("body_template", "{link}"); String link_text; try { link_text = Common.sub_url(link, 50); } catch (UnsupportedEncodingException e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } String title = request.getParameter("title"); if (!Common.empty(title)) { title = (String) Common.sHtmlSpecialChars(title.trim()); title = Common.getStr(title, 40, true, true, true, 1, 0, request, response); link_text = title; } Map<String, String> body_data = new HashMap<String, String>(); body_data.put("link", "<a href=\"" + link + "\" target=\"_blank\">" + link_text + "</a>"); body_data.put("data", link); body_data.put("title", title);// body_datajson? arr.put("body_data", body_data); Map parseLink = mainService.parseUrl(link); boolean matcheTag = true; // ? String videoUrlRegex = "(?i)(youku.com|tudou.com|wlkst.com)"; Pattern pattern = Pattern.compile(videoUrlRegex); Matcher matcher = pattern.matcher((String) parseLink.get("host")); if (matcher.find() && matcheTag) { matcheTag = false; String hosts_1 = matcher.group(1); String flashvar = getflash(link, hosts_1, request); if (!Common.empty(flashvar)) { arr.put("title_template", Common.getMessage(request, "cp_share_video")); type = "video"; body_data.put("flashvar", flashvar); body_data.put("host", hosts_1); // String flashImg = getFlashImg(link, hosts_1, request); if (!Common.empty(flashImg)) { body_data.put("flashimg", flashImg); } } } // ??? pattern = Pattern.compile("(?i)\\.(mp3|wma)$"); matcher = pattern.matcher(link); if (matcher.find() && matcheTag) { matcheTag = false; arr.put("title_template", Common.getMessage(request, "cp_share_music")); body_data.put("musicvar", link); type = "music"; } // flash?? pattern = Pattern.compile("(?i)\\.swf$"); matcher = pattern.matcher(link); if (matcher.find() && matcheTag) { matcheTag = false; arr.put("title_template", Common.getMessage(request, "cp_share_flash")); body_data.put("flashaddr", link); type = "flash"; } } try { arr.put("body_general", Common.getStr(request.getParameter("general"), 150, true, true, true, 1, 0, request, response)); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } arr.put("type", type); arr.put("uid", supe_uid); arr.put("username", sGlobal.get("supe_username")); arr.put("dateline", sGlobal.get("timestamp")); arr.put("topicid", topicid); arr.put("body_data", Serializer.serialize(arr.get("body_data"))); Map<String, Object> setarr = (Map<String, Object>) Common.sAddSlashes(arr); if (setarr.get("hotuser") == null) { setarr.put("hotuser", ""); } if (setarr.get("title_template") == null) { setarr.put("title_template", ""); } sid = dataBaseService.insertTable("sns_share", setarr, true, false); mainService.updateStat(request, "share", false); if (note_uid != 0 && note_uid != supe_uid) { mainService.addNotification(request, sGlobal, sConfig, note_uid, "sharenotice", note_message, false); } String sharenumsql; if (Common.empty(space.get("sharenum"))) { Map<String, Object> whereArr = new HashMap<String, Object>(); whereArr.put("uid", space.get("uid")); tempS = Common.getCount("sns_share", whereArr, null); space.put("sharenum", tempS); sharenumsql = "sharenum=" + tempS; } else { sharenumsql = "sharenum=sharenum+1"; } String needle = id != 0 ? type + id : ""; Map<String, Integer> reward = Common.getReward("createshare", false, 0, needle, true, request, response); int timestamp = (Integer) sGlobal.get("timestamp"); Integer credit = reward.get("credit"); if (credit == null) { credit = 0; reward.put("credit", credit); } Integer experience = reward.get("experience"); if (experience == null) { experience = 0; reward.put("experience", experience); } dataBaseService.executeUpdate("UPDATE sns_space SET " + sharenumsql + ", lastpost='" + timestamp + "', updatetime='" + timestamp + "', credit=credit+" + credit + ", experience=experience+" + experience + " WHERE uid='" + supe_uid + "'"); if (Common.ckPrivacy(sGlobal, sConfig, space, "share", 1)) { feedService.feedPublish(request, response, sid, "sid", true); } String url; if (topicid != 0) { mainService.topicJoin(request, topicid, supe_uid, (String) sGlobal.get("supe_username")); url = "zone.action?do=topic&topicid=" + topicid + "&view=share"; } else { url = refer; } return showMessage(request, response, "do_success", url, 0); } } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } arr.put("body_data", Serializer.serialize(arr.get("body_data"))); Common.mkShare(arr); request.setAttribute("id", id); request.setAttribute("type", type); request.setAttribute("share", arr); } request.setAttribute("op", op); return include(request, response, sConfig, sGlobal, "cp_share.jsp"); } /** * ?flash? * @param link ? * @param host ?? * @return flash? */ private String getflash(String link, String host, HttpServletRequest request) { // ????? if ("youku.com".equals(host)) { // ?http://v.youku.com/v_show/id_XNDI0ODk1NjYw.html?XNDI0ODk1NjYw String regex = "id\\_(\\w+)[=.]"; return getMatcherString(regex, link); } else if ("tudou.com".equals(host)) { // ? // http://www.tudou.com/listplay/Na_x9E4q_8E/8fjCSdnX-ic.html?resourceId=0_06_05_99?Na_x9E4q_8E // http://www.tudou.com/programs/view/qhefFr0BHG8/?resourceId=0_06_05_99?qhefFr0BHG8 // http://www.tudou.com/albumplay/zqIBk2YzRlE/ntjgkeXlh-s.html?resourceId=0_06_05_99?zqIBk2YzRlE String regex = "/listplay/(.*?)/"; String flashvar = getMatcherString(regex, link); if (!Common.empty(flashvar)) { return "l/" + flashvar; } regex = "/view/(.*?)/"; flashvar = getMatcherString(regex, link); if (!Common.empty(flashvar)) { return "v/" + flashvar; } regex = "/albumplay/(.*?)/"; flashvar = getMatcherString(regex, link); if (!Common.empty(flashvar)) { return "a/" + flashvar; } } else if ("wlkst.com".equals(host)) { String content = getImgHtml(link, request); String regex = "(?i)\"FlashVars\"\\s+value=\"(.*?)\""; return getMatcherString(regex, content); } return null; } /** * * @param link ? * @param host ?? * @param request * @return ? */ private String getFlashImg(String link, String host, HttpServletRequest request) { String content = getImgHtml(link, request); if (content == null) { return null; } String regex = null; String imgUrl = null; // ????? if ("youku.com".equals(host)) { regex = "(?i)id=\"s_msn2\".*?screenshot=(.*?)\".?target="; imgUrl = getMatcherString(regex, content); } else if ("tudou.com".equals(host)) { regex = "(?i),pic:\"(.*?)\""; imgUrl = getMatcherString(regex, content); if (imgUrl == null) { regex = "(?i),pic\\s*=\\s*\'(.*?)\'"; imgUrl = getMatcherString(regex, content); } } else if ("wlkst.com".equals(host)) { regex = "(?i)\'videoImgUrl\'\\s+value=\'(.*?)\'"; imgUrl = getMatcherString(regex, content); } return imgUrl; } private String getImgHtml(String link, HttpServletRequest request) { String content = null; int timeout = 10000; HttpClient httpClient = null; GetMethod getMethod = null; try { httpClient = new HttpClient(); getMethod = new GetMethod(link); httpClient.getHttpConnectionManager().getParams().setConnectionTimeout(timeout); getMethod.setRequestHeader("Accept", "*/*"); getMethod.setRequestHeader("Accept-Language", "zh-cn"); getMethod.setRequestHeader("User-Agent", request.getHeader("User-Agent")); getMethod.setRequestHeader("Connection", "Close"); getMethod.setRequestHeader("Cookie", ""); httpClient.executeMethod(getMethod); content = getMethod.getResponseBodyAsString(); } catch (Exception e) { } finally { if (getMethod != null) { getMethod.releaseConnection(); getMethod = null; } if (httpClient != null) { httpClient.getHttpConnectionManager().closeIdleConnections(0); httpClient = null; } } return content; } private String getMatcherString(String regex, String input) { Pattern pattern = Pattern.compile(regex); Matcher matcher = pattern.matcher(input); if (matcher.find()) { return matcher.group(1); } return null; } public ActionForward cp_space(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); return include(request, response, sConfig, sGlobal, "cp_space.jsp"); } public ActionForward cp_task(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); int timestamp = (Integer) sGlobal.get("timestamp"); int supe_uid = (Integer) sGlobal.get("supe_uid"); Map<String, Object> space = Common.getSpace(request, sGlobal, sConfig, supe_uid); Map<Integer, Map<String, Object>> globalTask = Common.getCacheDate(request, response, "cache/cache_task.jsp", "globalTask"); String taskidS = request.getParameter("taskid"); taskidS = taskidS != null ? taskidS.trim() : ""; int taskid = Common.empty(taskidS) ? 0 : Common.intval(taskidS); String view = request.getParameter("view"); view = view != null ? view.trim() : ""; Map<String, String> actives = new HashMap<String, String>(); if (taskid != 0) { List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_task WHERE taskid='" + taskid + "'"); Map<String, Object> task = query.size() > 0 ? query.get(0) : null; if (task == null || (Integer) task.get("starttime") > timestamp) { return showMessage(request, response, "task_unavailable"); } else { String tempImage = (String) task.get("image"); tempImage = tempImage == null || Common.empty((tempImage = tempImage.trim())) ? "image/task.gif" : tempImage; task.put("image", tempImage); } if ("member".equals(view)) { int perpage = 20; String tempS = request.getParameter("page"); int page = Common.empty(tempS) ? 1 : Common.intval(tempS); page = Math.max(page, 1); int start = (page - 1) * perpage; List<Map<String, Object>> list = null; int maxPage = (Integer) sConfig.get("maxpage"); tempS = Common.ckStart(start, perpage, maxPage); if (tempS != null) { return showMessage(request, response, tempS); } String theurl = "main.action?ac=task&taskid=" + taskid + "&view=" + view; query = dataBaseService .executeQuery("SELECT COUNT(*) AS cont FROM sns_usertask main WHERE main.taskid='" + taskid + "' AND main.isignore='0'"); int count = query.size() > 0 ? (Integer) query.get(0).get("cont") : 0; if (count != 0) { tempS = "SELECT s.*, sf.sex, main.dateline FROM sns_usertask main LEFT JOIN sns_space s ON s.uid=main.uid LEFT JOIN sns_spacefield sf ON sf.uid=s.uid WHERE main.taskid='" + taskid + "' AND main.isignore='0' ORDER BY main.dateline DESC LIMIT " + start + "," + perpage; query = dataBaseService.executeQuery(tempS); int valueUid; int spaceUid = (Integer) space.get("uid"); String[] friends = (String[]) space.get("friends"); boolean tempB = friends != null && friends.length > 0; Integer namestatus; for (Map<String, Object> value : query) { namestatus = (namestatus = (Integer) value.get("namestatus")) == null ? 0 : namestatus; valueUid = (Integer) value.get("uid"); value.put("isfriend", valueUid == spaceUid || (tempB && Common.in_array(friends, valueUid))); value.put("gColor", Common.getColor(request, response, (Integer) value.get("groupid"))); value.put("gIcon", Common.getIcon(request, response, (Integer) value.get("groupid"))); } list = query; } String multi = Common.multi(request, count, perpage, page, maxPage, theurl, null, null); request.setAttribute("multi", multi); request.setAttribute("list", list); } else { boolean done = false; query = dataBaseService.executeQuery( "SELECT * FROM sns_usertask WHERE uid='" + supe_uid + "' AND taskid='" + taskid + "'"); Map<String, Object> usertask = query.size() > 0 ? query.get(0) : null; if (!Common.empty(usertask)) { Integer maxnum = (Integer) task.get("maxnum"); if (maxnum != null && maxnum != 0 && maxnum <= (Integer) task.get("num")) { task.put("done", 1); done = true; } else { int allownext = 0; int lasttime = (Integer) usertask.get("dateline"); String nexttype = (String) task.get("nexttype"); if ("day".equals(nexttype)) { if (!Common.sgmdate(request, "yyyyMMdd", timestamp) .equals(Common.sgmdate(request, "yyyyMMdd", lasttime))) { allownext = 1; } } else if ("hour".equals(nexttype)) { if (!Common.sgmdate(request, "yyyyMMddHH", timestamp) .equals(Common.sgmdate(request, "yyyyMMddHH", lasttime))) { allownext = 1; } } else if ((Integer) task.get("nexttime") != 0) { if (timestamp - lasttime >= (Integer) task.get("nexttime")) { allownext = 1; } } if (allownext != 0) { task.put("done", 0); } else { task.put("done", 1); done = true; } } task.put("dateline", usertask.get("dateline")); task.put("ignore", done ? usertask.get("isignore") : 0); } String op = request.getParameter("op"); op = op != null ? op.trim() : ""; if (done && (Integer) task.get("ignore") != 0 && "redo".equals(op)) { dataBaseService.execute( "DELETE FROM sns_usertask WHERE uid='" + supe_uid + "' AND taskid='" + taskid + "'"); return showMessage(request, response, "do_success", "main.action?ac=task&taskid=" + taskid, 0); } sGlobal.put("task_maxnum", 0); sGlobal.put("task_available", 0); if (!done) { Integer maxnumInteger = (Integer) task.get("maxnum"); int maxnum = maxnumInteger != null ? maxnumInteger : 0; task.put("maxnum", maxnum); if (maxnum != 0 && maxnum <= (Integer) task.get("num")) { task.put("done", 1); sGlobal.put("task_maxnum", 1); done = true; } else if (Common.empty(task.get("available"))) { task.put("done", 1); sGlobal.put("task_available", 1); done = true; } if (done && !Common.empty(globalTask.get((Integer) task.get("taskid")))) { try { cacheService.task_cache(); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } } } if (!done) { task.put("result", ""); task.put("guide", ""); Map<String, Object> setarr = new HashMap<String, Object>(); setarr.put("uid", supe_uid); setarr.put("username", sGlobal.get("supe_username")); setarr.put("taskid", task.get("taskid")); setarr.put("dateline", timestamp); setarr.put("credit", task.get("credit")); if ("ignore".equals(op)) { setarr.put("isignore", 1); dataBaseService.insertTable("sns_usertask", setarr, false, true); return showMessage(request, response, "do_success", "main.action?ac=task&taskid=" + taskid, 0); } ActionForward actionForward = executeTask(request, response, task, space); if (actionForward != null) { return actionForward; } Integer doneItg = (Integer) task.get("done"); if (doneItg != null && doneItg != 0) { task.put("dateline", timestamp); dataBaseService.insertTable("sns_usertask", setarr, false, true); dataBaseService .execute("UPDATE sns_task SET num=num+1 WHERE taskid='" + task.get("taskid") + "'"); int tempI = (Integer) task.get("credit"); if (tempI != 0) { dataBaseService.execute("UPDATE sns_space SET credit=credit+" + tempI + " WHERE uid='" + supe_uid + "'"); space.put("credit", (Integer) space.get("credit") + tempI); } if (Common.ckPrivacy(sGlobal, sConfig, space, "task", 1)) { Map<String, Object> fs = new HashMap<String, Object>(); Map<String, Object> subMap = new HashMap<String, Object>(); subMap.put("task", "<a href=\"main.action?ac=task&taskid=" + task.get("taskid") + "\">" + task.get("name") + "</a>"); subMap.put("credit", tempI); fs.put("title_template", tempI != 0 ? Common.getMessage(request, "cp_feed_task_credit") : Common.getMessage(request, "cp_feed_task")); fs.put("title_data", subMap); mainService.addFeed(sGlobal, "task", (String) fs.get("title_template"), (Map<String, Object>) fs.get("title_data"), "", null, "", null, null, "", 0, 0, 0, "", false); } tempI = (Integer) task.get("maxnum"); if (tempI != 0 && tempI <= ((Integer) task.get("num")) + 1) { try { cacheService.task_cache(); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } } } } else { ActionForward actionForward = executeTask(request, response, task, space); if (actionForward != null) { return actionForward; } } query = dataBaseService.executeQuery("SELECT * FROM sns_usertask WHERE taskid='" + taskid + "' AND isignore='0' ORDER BY dateline DESC LIMIT 0,15"); request.setAttribute("taskspacelist", query); } request.setAttribute("task", task); actives.put("do", " class=\"active\""); } else { int done_per = 0, todo_num = 0, all_num = 0; Map<Integer, Map<String, Object>> usertasks = new HashMap<Integer, Map<String, Object>>(); Map<Integer, Integer> taskids = new HashMap<Integer, Integer>(); List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT * FROM sns_usertask WHERE uid='" + supe_uid + "'"); Integer taskid_temp; for (Map<String, Object> value : query) { taskid_temp = (Integer) value.get("taskid"); usertasks.put(taskid_temp, value); taskids.put(taskid_temp, taskid_temp); } List<Map<String, Object>> tasklist = null; if ("done".equals(view)) { if (taskids.size() > 0) { query = dataBaseService.executeQuery("SELECT * FROM sns_task WHERE taskid IN (" + Common.sImplode(taskids) + ") ORDER BY displayorder"); if (query.size() > 0) { String tempS; Map<String, Object> tempM; for (Map<String, Object> value : query) { tempS = (String) value.get("image"); if (Common.empty(tempS)) { value.put("image", "image/task.gif"); } value.put("done", 1); taskid_temp = (Integer) value.get("taskid"); tempM = usertasks.get(taskid_temp); value.put("ignore", tempM == null ? 0 : tempM.get("isignore")); } tasklist = query; } } } else { query = dataBaseService .executeQuery("SELECT * FROM sns_task WHERE available='1' ORDER BY displayorder"); int allownext = 0; int lasttime = 0; String nexttype; Integer nexttime; Map<String, Object> tempM; for (Map<String, Object> value : query) { if ((Common.empty(value.get("maxnum")) || (Integer) value.get("maxnum") > (Integer) value.get("num")) && (Common.empty(value.get("starttime")) || (Integer) value.get("starttime") <= timestamp) && (Common.empty(value.get("endtime")) || (Integer) value.get("endtime") >= timestamp)) { lasttime = 0; allownext = 0; taskid_temp = (Integer) value.get("taskid"); all_num++; tempM = usertasks.get(taskid_temp); if (tempM != null) { lasttime = (Integer) tempM.get("dateline"); } nexttype = (String) value.get("nexttype"); nexttime = (Integer) value.get("nexttime"); if (Common.empty(lasttime)) { allownext = 1; } else if ("day".equals(nexttype)) { if (!Common.sgmdate(request, "yyyyMMdd", timestamp) .equals(Common.sgmdate(request, "yyyyMMdd", lasttime))) { allownext = 1; } } else if ("hour".equals(nexttype)) { if (!Common.sgmdate(request, "yyyyMMddHH", timestamp) .equals(Common.sgmdate(request, "yyyyMMddHH", lasttime))) { allownext = 1; } } else if (nexttime != null && nexttime != 0) { if (timestamp - lasttime >= nexttime) { allownext = 1; } } if (allownext != 0) { todo_num++; if (Common.empty(value.get("image"))) { value.put("value", "image/task.gif"); } value.put("done", 0); if (tasklist == null) { tasklist = new ArrayList<Map<String, Object>>(); } tasklist.add(value); } } } done_per = Common.empty(all_num) ? 100 : (all_num - todo_num) * 100 / all_num; } query = dataBaseService.executeQuery( "SELECT * FROM sns_usertask WHERE isignore='0' ORDER BY dateline DESC LIMIT 0,20"); int tempUid; String taskname; Map<String, Object> tempM; Map<Integer, Map<String, Object>> taskspacelist = new LinkedHashMap<Integer, Map<String, Object>>(); for (Map<String, Object> value : query) { tempUid = (Integer) value.get("uid"); tempM = globalTask.get((Integer) value.get("taskid")); taskname = tempM != null ? (String) tempM.get("name") : null; if (taskname != null && !taskname.equals("")) { value.put("taskname", taskname); taskspacelist.put(tempUid, value); } } if ("done".equals(view)) { actives.put("done", " class=\"active\""); } else { actives.put("task", " class=\"active\""); } request.setAttribute("done_per", done_per); request.setAttribute("tasklist", tasklist); request.setAttribute("taskspacelist", taskspacelist); } request.setAttribute("actives", actives); request.setAttribute("view", view); return include(request, response, sConfig, sGlobal, "cp_task.jsp"); } public ActionForward cp_theme(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); String op = Common.trim(request.getParameter("op")); try { if (submitCheck(request, "csssubmit")) { // ?? String css = Common.trim(request.getParameter("css")); String result = checkSecurity(css); if (result != null) { return showMessage(request, response, result); } // ???? boolean allowCss = Common.checkPerm(request, response, "allowcss"); css = allowCss ? Common.getStr(css, 5000, true, true, false, 0, 0, request, response) : ""; int nocss = Common.empty(request.getParameter("nocss")) ? 0 : 1; int enablecss = Common.empty(request.getParameter("enablecss")) ? 0 : 1; Map<String, Object> setData = new HashMap<String, Object>(); setData.put("css", css); setData.put("nocss", nocss);// ? setData.put("enablecss", enablecss);// 0? 1?? Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_spacefield", setData, whereData); return showMessage(request, response, "do_success", "main.action?ac=theme&op=diy&view=ok", 0); } else if (submitCheck(request, "csstemplatesubmit")) { // ??????? // ???? String csstemplate = ""; Object csstemplateparam = Common.getParameters(request, "usertheme"); if (csstemplateparam instanceof Map || csstemplateparam instanceof List) { if (csstemplateparam instanceof Map) { // ???freemarker?? Map<String, Object> params = (Map<String, Object>) csstemplateparam; Map<String, Object> inputs = new HashMap<String, Object>(); for (String key : params.keySet()) { Object value = params.get(key); if (value == null) { inputs.put(key, null); continue; } if (value instanceof String) { String v = (String) value; v = v.trim(); if (v.equals("")) { inputs.put(key, null); } else if (Tools.isNumeric(v)) { Integer i = Integer.valueOf(v); inputs.put(key, i); } else { inputs.put(key, v); } } else { inputs.put(key, null); } } // ??????? Freemarker formater = Freemarker.getInstance(SysConstants.snsRoot); if (formater != null) { csstemplate = formater.format("/theme/themeTemplate.css", inputs); } } csstemplateparam = Common.sStripSlashes(csstemplateparam); csstemplateparam = Serializer.serialize(csstemplateparam); } csstemplateparam = Common.addSlashes((String) csstemplateparam); String result = checkSecurity(csstemplate); if (result != null) { return showMessage(request, response, result); } csstemplate = Common.getStr(csstemplate, 5000, true, true, false, 0, 0, request, response); Object enablecss = request.getParameter("enablecss"); Map<String, Object> setData = new HashMap<String, Object>(); setData.put("csstemplateparam", csstemplateparam); setData.put("csstemplate", csstemplate);// ???freemarker??? setData.put("enablecss", enablecss);// 0? 1?????? Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_spacefield", setData, whereData); return showMessage(request, response, "do_success", "main.action?ac=theme&op=template&view=ok", 0); } else if (submitCheck(request, "timeoffsetsubmit")) { // ? Map<String, Object> setData = new HashMap<String, Object>(); setData.put("timeoffset", request.getParameter("timeoffset")); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_spacefield", setData, whereData); return showMessage(request, response, "do_success", "main.action?ac=theme"); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } // ?? String dir = Common.trim(request.getParameter("dir")); if (!Common.empty(dir)) { dir = dir.replaceAll("(?i)[^(0-9a-z)]", ""); File cssFile = new File(SysConstants.snsRoot + "theme/" + dir + "/style.css"); if (!cssFile.exists()) { return showMessage(request, response, "theme_does_not_exist"); } } if ("use".equals(op)) { // ?? Map<String, Object> setData = new HashMap<String, Object>(); setData.put("theme", dir); setData.put("enablecss", "0");// ?? Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("uid", sGlobal.get("supe_uid")); dataBaseService.updateTable("sns_spacefield", setData, whereData); return showMessage(request, response, "do_success", "zone.action", 0); } else if ("template".equals(op)) { // ????? List<Map<String, Object>> query = dataBaseService .executeQuery("SELECT csstemplateparam, enablecss FROM sns_spacefield WHERE uid='" + sGlobal.get("supe_uid") + "'"); Map<String, Object> csstemplateMap = null; if (query.size() > 0) { Map<String, Object> value = query.get(0); String csstemplateparam = (String) value.get("csstemplateparam"); csstemplateMap = Serializer.unserialize(csstemplateparam, false); } request.setAttribute("usertheme", csstemplateMap); request.setAttribute("lastSaveTime", Common.sgmdate(request, "HH:mm:ss", (Integer) sGlobal.get("timestamp"))); } else if ("diy".equals(op)) { // ?? String view = request.getParameter("view"); if (view != null) { request.setAttribute("lastSaveTime", Common.sgmdate(request, "HH:mm:ss", (Integer) sGlobal.get("timestamp"))); } boolean allowCss = Common.checkPerm(request, response, "allowcss"); request.setAttribute("allowCss", allowCss); } else { // ?? List<Map<String, String>> themes = new ArrayList<Map<String, String>>(); // ?? Map<String, String> defaultTheme = new HashMap<String, String>(); defaultTheme.put("dir", "default"); defaultTheme.put("name", Common.getMessage(request, "cp_the_default_style")); themes.add(defaultTheme); // ? Map<String, String> templateTheme = new HashMap<String, String>(); templateTheme.put("dir", "snstemplate"); templateTheme.put("name", Common.getMessage(request, "cp_the_template_style")); templateTheme.put("pic", "image/theme_template.jpg"); themes.add(templateTheme); // ? Map<String, String> diyTheme = new HashMap<String, String>(); diyTheme.put("dir", "snsdiy"); diyTheme.put("name", Common.getMessage(request, "cp_the_diy_style")); diyTheme.put("pic", "image/theme_diy.jpg"); themes.add(diyTheme); // ??? File[] themeDirs = Common.readDir(SysConstants.snsRoot + "theme"); if (themeDirs != null) { for (File file : themeDirs) { String dirName = file.getName(); // ??????? if ("default".equals(dirName)) { continue; } String nowDir = SysConstants.snsRoot + "theme/" + dirName; if (new File(nowDir + "/style.css").exists() && new File(nowDir + "/preview.jpg").exists()) { Map<String, String> theme = new HashMap<String, String>(); theme.put("dir", dirName); theme.put("name", getCssName(dirName)); themes.add(theme); } } } request.setAttribute("themes", themes); request.setAttribute("currentTime", Common.sgmdate(request, "yyyy-MM-dd HH:mm", (Integer) sGlobal.get("timestamp"))); request.setAttribute("timeZoneIDs", Common.getTimeZoneIDs()); } return include(request, response, sConfig, sGlobal, "cp_theme.jsp"); } public ActionForward cp_joinAgent(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); return include(request, response, sConfig, sGlobal, "cp_joinAgent.jsp"); } private String getCssName(String dirName) { String css = FileHelper.readFile(SysConstants.snsRoot + "theme/" + dirName + "/style.css"); String name = null; if (Common.empty(css)) { name = "No name"; } else { List<String> mathes = Common.pregMatch(css, "(?i)\\[name\\](.+?)\\[\\/name\\]"); if (mathes.size() == 2) { name = (String) Common.sHtmlSpecialChars(mathes.get(1)); } } return name; } private String checkSecurity(String str) { str = str.replaceAll("(?is)\\/\\*[\\n\\r]*(.+?)[\n\r]*\\*\\/", ""); str = str.replaceAll("(?i)[^a-z0-9]+", ""); if (Common.matches(str, "(?i)(expression|implode|javascript)")) { return "css_contains_elements_of_insecurity"; } return null; } public ActionForward cp_thread(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int eventId = Common.intval(request.getParameter("eventid")); Map<String, Object> event = null; Map<String, Object> userEvent = null; if (eventId != 0) { List<Map<String, Object>> eventList = dataBaseService .executeQuery("SELECT e.* FROM sns_event e WHERE e.eventid='" + eventId + "'"); if (eventList.isEmpty()) { return showMessage(request, response, "event_does_not_exist"); } else { event = eventList.get(0); } if ((Integer) event.get("grade") == -2) { return showMessage(request, response, "event_is_closed"); } else if ((Integer) event.get("grade") < 1) { return showMessage(request, response, "event_under_verify"); } List<Map<String, Object>> userEventList = dataBaseService .executeQuery("SELECT * FROM sns_userevent WHERE uid = '" + sGlobal.get("supe_uid") + "' AND eventid = '" + eventId + "'"); if (!userEventList.isEmpty()) { userEvent = userEventList.get(0); } if (userEvent == null || (Integer) userEvent.get("status") < 2) { return showMessage(request, response, "event_only_allows_member_thread"); } } try { if (submitCheck(request, "threadsubmit")) { int tid = Common.intval(request.getParameter("tid")); int tagId = Common.intval(request.getParameter("tagid")); if (eventId != 0 && (Integer) event.get("tagid") != tagId) { return showMessage(request, response, "event_mtag_not_match"); } if (!Common.checkPerm(request, response, "allowthread")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (tid == 0) { if (Common.checkPerm(request, response, "seccode") && !mainService.checkSeccode(request, response, sGlobal, sConfig, request.getParameter("seccode"))) { return showMessage(request, response, "incorrect_code"); } if (!mainService.checkRealName(request, "thread")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "thread")) { return showMessage(request, response, "no_privilege_videophoto"); } int result = mainService.checkNewUser(request, response); switch (result) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } Map<String, Object> mtag = checkMtagSpace(request, response, event, userEvent, tagId); if (mtag == null) { return null; } if (Common.empty(mtag.get("allowthread"))) { return showMessage(request, response, "no_privilege"); } int waitTime = Common.checkInterval(request, response, "post"); if (waitTime > 0) { return showMessage(request, response, "operating_too_fast", null, 1, String.valueOf(waitTime)); } } else { List<Map<String, Object>> threadList = dataBaseService .executeQuery("SELECT * FROM sns_thread WHERE tid='" + tid + "'"); if (threadList.isEmpty()) { return showMessage(request, response, "no_privilege"); } Map<String, Object> thread = threadList.get(0); tagId = (Integer) thread.get("tagid"); Map<String, Object> mtag = checkMtagSpace(request, response, event, userEvent, tagId); if (mtag == null) { return null; } if ((Integer) mtag.get("grade") < 8 && !thread.get("uid").equals(sGlobal.get("supe_uid")) && (userEvent == null || (Integer) userEvent.get("status") < 3)) { return showMessage(request, response, "no_privilege"); } } String subject = Common.getStr(request.getParameter("subject"), 80, true, true, true, 0, 0, request, response); if (Common.strlen(subject) < 2) { return showMessage(request, response, "title_not_too_little"); } String message = blogService.checkHtml(request, response, Common.trim(request.getParameter("message"))); message = Common.getStr(message, 0, true, false, true, 0, 1, request, response); message = message.replaceAll("(?i)<div></div>", ""); String titlePic = null; List<Integer> picIds = new ArrayList<Integer>(); Map<Integer, String> picIdForm = new HashMap<Integer, String>(); for (Enumeration paramNames = request.getParameterNames(); paramNames.hasMoreElements();) { String key = (String) paramNames.nextElement(); if (key.startsWith("picids[")) { int picId = Integer.parseInt(key.replaceAll("picids\\[(\\d+)\\]", "$1")); picIdForm.put(picId, request.getParameter(key)); picIds.add(picId); } } Map uploads = new LinkedHashMap(); if (!picIds.isEmpty()) { List<Map<String, Object>> picList = dataBaseService .executeQuery("SELECT * FROM sns_pic WHERE picid IN (" + Common.sImplode(picIds) + ") AND uid='" + sGlobal.get("supe_uid") + "'"); Map<String, Object> tempValue = null; for (Map<String, Object> value : picList) { tempValue = value; if (Common.empty(titlePic) && !Common.empty(value.get("thumb"))) { titlePic = Common.pic_get(sConfig, (String) value.get("filepath"), (Integer) value.get("thumb"), (Integer) value.get("remote"), true); } uploads.put(picIdForm.get(value.get("picid")), value); } if (Common.empty(titlePic) && tempValue != null) { titlePic = Common.pic_get(sConfig, (String) tempValue.get("filepath"), (Integer) tempValue.get("thumb"), (Integer) tempValue.get("remote"), true); } } if (uploads.size() > 0) { String regex1 = "(?i)<img.*src=\'(.+?)\'.*?_sns_localimg_([0-9]+).+?src=\"(.+?)\""; String regex2 = "(?i)<img\\s.*?_sns_localimg_([0-9]+).+?src=\'(.+?)\'.+?src=\"(.+?)\""; if (Common.matches(message, regex1)) { message = message.replaceAll(regex1, "<IMG id=_sns_localimg_$2 src=\"$1\""); } else if (Common.matches(message, regex2)) { message = message.replaceAll(regex2, "<IMG id=_sns_localimg_$1 src=\"$2\""); } else { Matcher m = Pattern.compile("(?i)\\[local\\](\\d+)\\[\\/local\\]").matcher(message); while (m.find()) { String id = m.group(1); if (uploads.get(id) != null) { message = message.replace("[local]" + id + "[/local]", "<IMG id=_sns_localimg_" + id + " src=\"img_" + id + "\">"); } } } Matcher m = Pattern.compile("(?i)<img\\s.*?_sns_localimg_([0-9]+).+?src=\"(.+?)\"") .matcher(message); List<String> matches1 = new ArrayList<String>(); List<String> matches2 = new ArrayList<String>(); while (m.find()) { matches1.add(m.group(1)); matches2.add(m.group(2)); } int matchesLen = matches1.size(); if (matchesLen != 0) { for (int i = 0; i < matchesLen; i++) { String index = matches1.get(i); Map value = (Map) uploads.get(index); if (!Common.empty(value)) { String search = matches2.get(i); String idSearch = "_sns_localimg_" + index; String replace = Common.pic_get(sConfig, (String) value.get("filepath"), (Integer) value.get("thumb"), (Integer) value.get("remote"), false); message = message.replace(matches2.get(i), replace); message = message.replace(idSearch, "snslocalimg[]"); uploads.remove(index); } } } for (Iterator it = uploads.keySet().iterator(); it.hasNext();) { String key = (String) it.next(); Map value = (Map) uploads.get(key); String picUrl = Common.pic_get(sConfig, (String) value.get("filepath"), (Integer) value.get("thumb"), (Integer) value.get("remote"), false); message += "<div class=\"sns-message-pic\"><img src=\"" + picUrl + "\"><p>" + value.get("title") + "</p></div>"; } } String checkMessage = message.replaceAll("(?is)(<div>|</div>|\\s)+", ""); if (Common.strlen(message) < 2) { return showMessage(request, response, "content_is_not_less_than_four_characters"); } message = Common.addSlashes(message); if (tid == 0) { int topicId = Common.intval(request.getParameter("topicid")); topicId = mainService.checkTopic(request, topicId, "thread"); if (Common.empty(titlePic)) { titlePic = blogService.getMessagePic(message); } Map<String, Object> threadSetArr = new HashMap<String, Object>(); threadSetArr.put("tagid", tagId); threadSetArr.put("uid", sGlobal.get("supe_uid")); threadSetArr.put("username", sGlobal.get("supe_username")); threadSetArr.put("dateline", sGlobal.get("timestamp")); threadSetArr.put("subject", subject); threadSetArr.put("lastpost", sGlobal.get("timestamp")); threadSetArr.put("lastauthor", sGlobal.get("supe_username")); threadSetArr.put("lastauthorid", sGlobal.get("supe_uid")); threadSetArr.put("topicid", topicId); if (eventId != 0) { threadSetArr.put("eventid", eventId); } tid = dataBaseService.insertTable("sns_thread", threadSetArr, true, false); if (eventId != 0) { dataBaseService.executeUpdate("UPDATE sns_event SET threadnum=threadnum+1, updatetime='" + sGlobal.get("timestamp") + "' WHERE eventid='" + eventId + "'"); } Map<String, Object> postSetArr = new HashMap<String, Object>(); postSetArr.put("tagid", tagId); postSetArr.put("tid", tid); postSetArr.put("uid", sGlobal.get("supe_uid")); postSetArr.put("username", sGlobal.get("supe_username")); postSetArr.put("ip", Common.getOnlineIP(request)); postSetArr.put("dateline", sGlobal.get("timestamp")); postSetArr.put("message", message); postSetArr.put("isthread", 1); postSetArr.put("hotuser", ""); postSetArr.put("pic", titlePic); dataBaseService.insertTable("sns_post", postSetArr, false, false); dataBaseService .executeUpdate("UPDATE sns_mtag SET threadnum=threadnum+1 WHERE tagid='" + tagId + "'"); mainService.updateStat(sGlobal, sConfig, "thread", false); String threadNumSQL = null; if (Common.empty(space.get("threadnum"))) { Map whereArr = new HashMap(); whereArr.put("uid", space.get("uid")); space.put("threadnum", Integer.valueOf(Common.getCount("sns_thread", whereArr, null))); threadNumSQL = "threadnum=" + space.get("threadnum"); } else { threadNumSQL = "threadnum=threadnum+1"; } Map<String, Integer> reward = Common.getReward("publishthread", false, 0, "", true, request, response); dataBaseService.executeUpdate("UPDATE sns_space SET " + threadNumSQL + ", lastpost='" + sGlobal.get("timestamp") + "', updatetime='" + sGlobal.get("timestamp") + "', credit=credit+" + reward.get("credit") + ", experience=experience+" + reward.get("experience") + " WHERE uid='" + sGlobal.get("supe_uid") + "'"); } else { Map threadSetData = new HashMap(); threadSetData.put("tagid", tagId); threadSetData.put("subject", subject); Map whereData = new HashMap(); whereData.put("tid", tid); dataBaseService.updateTable("sns_thread", threadSetData, whereData); Map postSetData = new HashMap(); postSetData.put("tagid", tagId); postSetData.put("ip", Common.getOnlineIP(request)); postSetData.put("message", message); postSetData.put("pic", titlePic); if (Common.checkPerm(request, response, "edittrail")) { message = message + Common.sAddSlashes(Common.getMessage(request, "cp_thread_edit_trail", new String[] { sGlobal.get("supe_username").toString(), Common.sgmdate(request, "yyyy-MM-dd HH:mm:ss", 0) })); postSetData.put("message", message); } whereData = new HashMap(); whereData.put("tid", tid); whereData.put("isthread", 1); dataBaseService.updateTable("sns_post", postSetData, whereData); } if (!Common.empty(request.getParameter("makefeed"))) { feedService.feedPublish(request, response, tid, "tid", tid == 0 ? true : false); } int topicId = Common.intval(request.getParameter("topicid")); String toURL = null; if (topicId != 0) { mainService.topicJoin(request, topicId, (Integer) sGlobal.get("supe_uid"), (String) sGlobal.get("supe_username")); toURL = "zone.action?do=topic&topicid=" + topicId + "&view=thread"; } else { toURL = "zone.action?uid=" + sGlobal.get("supe_uid") + "&do=thread&id=" + tid; if (eventId != 0) { toURL += "&eventid=" + eventId; } } return showMessage(request, response, "do_success", toURL, 0); } else if (submitCheck(request, "postsubmit")) { if (!Common.checkPerm(request, response, "allowpost")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (!mainService.checkRealName(request, "post")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "post")) { return showMessage(request, response, "no_privilege_videophoto"); } int result = mainService.checkNewUser(request, response); switch (result) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } int waitTime = Common.checkInterval(request, response, "post"); if (waitTime > 0) { return showMessage(request, response, "operating_too_fast", null, 1, String.valueOf(waitTime)); } int tid = Common.intval(request.getParameter("tid")); Map<String, Object> thread = null; if (tid != 0) { List<Map<String, Object>> threadList = dataBaseService.executeQuery( "SELECT t.*, p.* FROM sns_thread t LEFT JOIN sns_post p ON p.tid=t.tid AND p.isthread=1 WHERE t.tid='" + tid + "'"); if (!threadList.isEmpty()) { thread = threadList.get(0); } } if (thread == null) { return showMessage(request, response, "the_discussion_topic_does_not_exist"); } if (mainService.isBlackList((Integer) thread.get("uid"), (Integer) sGlobal.get("supe_uid")) != 0) { return showMessage(request, response, "is_blacklist"); } Map<String, Object> mtag = checkMtagSpace(request, response, event, userEvent, (Integer) thread.get("tagid")); if (mtag == null) { return null; } if (Common.empty(mtag.get("allowpost"))) { return showMessage(request, response, "no_privilege"); } String message = request.getParameter("message"); String[] pics = request.getParameterValues("pics"); if (pics != null) { for (String pic : pics) { String picURL = mainService.getPicUrlt(pic); if (!Common.empty(picURL)) { message += "\n[img]" + picURL + "[/img]"; } } } message = Common.getStr(message, 0, true, true, true, 2, 0, request, response); if (Common.strlen(message) < 2) { return showMessage(request, response, "content_is_not_less_than_four_characters"); } String summay = Common.getStr(message, 150, true, true, false, 0, 0, request, response); int pid = Common.intval(request.getParameter("pid")); List<Map<String, Object>> postList = dataBaseService.executeQuery( "SELECT * FROM sns_post WHERE pid='" + pid + "' AND tid='" + tid + "' AND isthread='0'"); Map<String, Object> post = null; Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); if (!postList.isEmpty()) { post = postList.get(0); if (mainService.isBlackList((Integer) post.get("uid"), (Integer) sGlobal.get("supe_uid")) != 0) { return showMessage(request, response, "is_blacklist"); } String postMessage = post.get("message").toString(); postMessage = postMessage .replaceAll("(?is)<div class=\"quote\"><span class=\"q\">.*?</span></div>", ""); postMessage = postMessage.replaceAll("(?is)<ins class=\"modify\".+?</ins>", ""); postMessage = BBCode.html2bbcode(postMessage); message = Common.addSlashes( "<div class=\"quote\"><span class=\"q\"><b>" + sNames.get(post.get("uid")) + "</b>: " + Common.getStr(postMessage, 150, false, false, false, 2, 1, request, response) + "</span></div>") + message; post.put("message", postMessage); } Map setArr = new HashMap(); setArr.put("tagid", (Integer) thread.get("tagid")); setArr.put("tid", tid); setArr.put("uid", sGlobal.get("supe_uid")); setArr.put("username", sGlobal.get("supe_username")); setArr.put("ip", Common.getOnlineIP(request)); setArr.put("dateline", sGlobal.get("timestamp")); setArr.put("message", message); setArr.put("hotuser", ""); pid = dataBaseService.insertTable("sns_post", setArr, true, false); String subject = Common .getMessage(request, "cp_mtag_reply", new String[] { sNames.get(space.get("uid")), Common.sHtmlSpecialChars(Common.getSiteUrl(request) + "zone.action?uid=" + thread.get("uid") + "&do=thread&id=" + thread.get("tid")) .toString() }); mainService.sendMail(request, response, (Integer) thread.get("uid"), "", subject, "", "mtag_reply"); dataBaseService.executeUpdate("UPDATE sns_thread SET replynum=replynum+1, lastpost='" + sGlobal.get("timestamp") + "', lastauthor='" + sGlobal.get("supe_username") + "', lastauthorid='" + sGlobal.get("supe_uid") + "' WHERE tid='" + tid + "'"); dataBaseService.executeUpdate( "UPDATE sns_mtag SET postnum=postnum+1 WHERE tagid='" + thread.get("tagid") + "'"); if (Common.empty(post) && !thread.get("uid").equals(sGlobal.get("supe_uid"))) { Common.getReward("replythread", true, 0, thread.get("tid").toString(), true, request, response); if (Common.empty(mtag.get("viewperm"))) { if (Common.ckPrivacy(sGlobal, sConfig, space, "post", 1)) { String title_template = Common.getMessage(request, "cp_feed_thread_reply"); Map title_data = new HashMap(); title_data.put("touser", "<a href=\"zone.action?uid=" + thread.get("uid") + "\">" + sNames.get(thread.get("uid")) + "</a>"); title_data.put("thread", "<a href=\"zone.action?uid=" + thread.get("uid") + "&do=thread&id=" + thread.get("tid") + "\">" + thread.get("subject") + "</a>"); mainService.addFeed(sGlobal, "post", title_template, title_data, "", null, "", null, null, "", 0, 0, 0, "", false); } } String note = Common.getMessage(request, "cp_note_thread_reply") + " <a href=\"zone.action?uid=" + thread.get("uid") + "&do=thread&id=" + thread.get("tid") + "&pid=" + pid + "\" target=\"_blank\">" + thread.get("subject") + "</a>"; mainService.addNotification(request, sGlobal, sConfig, (Integer) thread.get("uid"), "post", note, false); } else if (!Common.empty(post)) { String note = Common.getMessage(request, "cp_note_post_reply", new String[] { "zone.action?uid=" + thread.get("uid") + "&do=thread&id=" + thread.get("tid"), thread.get("subject").toString(), "zone.action?uid=" + thread.get("uid") + "&do=thread&id=" + thread.get("tid") + "&pid=" + pid }); mainService.addNotification(request, sGlobal, sConfig, (Integer) post.get("uid"), "post", note, false); } if (!thread.get("uid").equals(sGlobal.get("supe_uid"))) { mainService.updateHot(request, response, "tid", (Integer) thread.get("tid"), (String) thread.get("hotuser")); } mainService.updateStat(sGlobal, sConfig, "post", false); return showMessage(request, response, "do_success", "zone.action?uid=" + sGlobal.get("supe_uid") + "&do=thread&id=" + tid + "&pid=" + pid, 0); } else if (submitCheck(request, "posteditsubmit")) { int pid = Common.intval(request.getParameter("pid")); List<Map<String, Object>> postList = dataBaseService .executeQuery("SELECT * FROM sns_post WHERE pid='" + pid + "'"); Map<String, Object> post = null; if (postList.isEmpty()) { return showMessage(request, response, "no_privilege"); } else { post = postList.get(0); } int tagId = (Integer) post.get("tagid"); Map<String, Object> mtag = checkMtagSpace(request, response, event, userEvent, tagId); if (mtag == null) { return null; } if ((Integer) mtag.get("grade") < 8 && !post.get("uid").equals(sGlobal.get("supe_uid")) && (userEvent == null || (Integer) userEvent.get("status") < 3)) { return showMessage(request, response, "no_privilege"); } String message = request.getParameter("message"); String[] pics = request.getParameterValues("pics"); if (pics != null) { for (String pic : pics) { String picURL = mainService.getPicUrlt(pic); if (!Common.empty(picURL)) { message += "\n[img]" + picURL + "[/img]"; } } } message = Common.getStr(message, 0, true, true, true, 2, 0, request, response); if (Common.strlen(message) < 2) { return showMessage(request, response, "content_is_too_short"); } if (Common.checkPerm(request, response, "edittrail") || (!Common.empty(post.get("uid")) && !post.get("uid").equals(space.get("uid")))) { Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); String[] args = new String[] { sNames.get(sGlobal.get("supe_uid")), Common.sgmdate(request, "yyyy-MM-dd HH:mm:ss", 0) }; message = message + Common.sAddSlashes(Common.getMessage(request, "cp_thread_edit_trail", args)); } Map setData = new HashMap(); setData.put("message", message); Map whereData = new HashMap(); whereData.put("pid", pid); dataBaseService.updateTable("sns_post", setData, whereData); return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } int pid = Common.intval(request.getParameter("pid")); int tid = Common.intval(request.getParameter("tid")); int tagId = Common.intval(request.getParameter("tagid")); Map<String, Object> thread = null; Map<String, Object> post = null; String op = request.getParameter("op"); if ("edit".equals(op)) { List<Map<String, Object>> postList = dataBaseService .executeQuery("SELECT * FROM sns_post WHERE pid='" + pid + "'"); if (postList.isEmpty()) { return showMessage(request, response, "no_privilege"); } else { post = postList.get(0); } post.put("message", post.get("message").toString().replaceAll("(?is)<ins class=\"modify\".+?</ins>", "")); tagId = (Integer) post.get("tagid"); Map<String, Object> mtag = checkMtagSpace(request, response, event, userEvent, tagId); if (mtag == null) { return null; } if ((Integer) mtag.get("grade") < 8 && !post.get("uid").equals(sGlobal.get("supe_uid")) && (userEvent == null || (Integer) userEvent.get("status") < 3)) { return showMessage(request, response, "no_privilege"); } if (!Common.empty(post.get("isthread"))) { List<Map<String, Object>> threadList = dataBaseService .executeQuery("SELECT * FROM sns_thread WHERE tid='" + post.get("tid") + "'"); thread = threadList.get(0); } String message = post.get("message").toString(); if (thread != null) { message = message.replace("&", "&amp;"); message = (String) Common.sHtmlSpecialChars(message); op = null; Map<String, String[]> paramMap = request.getParameterMap(); paramMap.put("op", null); request.setAttribute("albums", mainService.getAlbums((Integer) sGlobal.get("supe_uid"))); if (!Common.empty(post.get("pic"))) { message += "<div><img src=\"" + post.get("pic") + "\"></div>"; } String tidstr = thread.get("tid") == null ? "0" : thread.get("tid") + ""; tid = Integer.parseInt(tidstr); request.setAttribute("tid", tid); } else { message = BBCode.html2bbcode(message); } post.put("message", message); request.setAttribute("mtag", mtag); request.setAttribute("post", post); } else if ("delete".equals(op)) { if (submitCheck(request, "postdeletesubmit")) { List<Map<String, Object>> delPosts = adminDeleteService.deletePosts(request, response, (Integer) sGlobal.get("supe_uid"), tagId, pid); if (Common.empty(delPosts)) { return showMessage(request, response, "no_privilege"); } else { post = delPosts.get(0); String URL = null; if (!Common.empty(post.get("isthread"))) { URL = "zone.action?uid=" + post.get("uid") + "&do=mtag&tagid=" + post.get("tagid") + "&view=list"; } else { URL = request.getParameter("refer"); } return showMessage(request, response, "do_success", URL, 0); } } } else if ("reply".equals(op)) { if (eventId != 0) { if (userEvent == null || (Integer) userEvent.get("status") < 2) { return showMessage(request, response, "event_only_allows_member_thread"); } } List<Map<String, Object>> postList = dataBaseService .executeQuery("SELECT * FROM sns_post WHERE pid='" + pid + "'"); if (postList.isEmpty()) { return showMessage(request, response, "posting_does_not_exist"); } else { post = postList.get(0); } request.setAttribute("post", post); } else if ("digest".equals(op)) { operateService.digestThreads(request, response, (Integer) sGlobal.get("supe_uid"), tagId, request.getParameter("cancel") == null ? 1 : 0, tid); return showMessage(request, response, "do_success"); } else if ("top".equals(op)) { operateService.topThreads(request, response, (Integer) sGlobal.get("supe_uid"), tagId, request.getParameter("cancel") == null ? 1 : 0, tid); return showMessage(request, response, "do_success"); } else if ("edithot".equals(op)) { if (!Common.checkPerm(request, response, "managethread")) { return showMessage(request, response, "no_privilege"); } List<Map<String, Object>> threadList = dataBaseService .executeQuery("SELECT * FROM sns_thread WHERE tid='" + tid + "'"); if (threadList.isEmpty()) { return showMessage(request, response, "no_privilege"); } else { thread = threadList.get(0); } if (submitCheck(request, "hotsubmit")) { int hot = Common.intval(request.getParameter("hot")); Map setData = new HashMap(); setData.put("hot", hot); Map whereData = new HashMap(); whereData.put("tid", tid); dataBaseService.updateTable("sns_thread", setData, whereData); if (hot > 0) { feedService.feedPublish(request, response, tid, "tid", false); } else { setData = new HashMap(); setData.put("hot", hot); whereData = new HashMap(); whereData.put("id", tid); whereData.put("idtype", "tid"); dataBaseService.updateTable("sns_feed", setData, whereData); } return showMessage(request, response, "do_success", "zone.action?uid=" + thread.get("uid") + "&do=thread&id=" + tid, 0); } } else { if (!Common.checkPerm(request, response, "allowthread")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (!mainService.checkRealName(request, "thread")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "thread")) { return showMessage(request, response, "no_privilege_videophoto"); } int result = mainService.checkNewUser(request, response); switch (result) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } Map<String, Object> mtag = null; if (tagId != 0) { mtag = checkMtagSpace(request, response, event, userEvent, tagId); if (mtag == null) { return null; } if (Common.empty(mtag.get("allowthread"))) { return showMessage(request, response, "no_privilege"); } } request.setAttribute("albums", mainService.getAlbums((Integer) sGlobal.get("supe_uid"))); if (mtag == null) { Map<Object, Map<String, Object>> profield = Common.getCacheDate(request, response, "cache/cache_profield.jsp", "globalProfield"); tagId = 0; Map<Object, Map<Object, Map<String, Object>>> mtagList = new LinkedHashMap<Object, Map<Object, Map<String, Object>>>(); List<Map<String, Object>> tempList = dataBaseService.executeQuery( "SELECT main.*,field.tagname,field.membernum,field.fieldid,field.close FROM sns_tagspace main LEFT JOIN sns_mtag field ON field.tagid=main.tagid WHERE main.uid='" + sGlobal.get("supe_uid") + "' AND main.grade>=0"); boolean haveMtag = false; for (Map<String, Object> value : tempList) { haveMtag = true; if (Common.empty(value.get("close")) && (Integer) value.get("membernum") >= (Integer) profield.get(value.get("fieldid")) .get("mtagminnum")) { Map<Object, Map<String, Object>> tempMap = mtagList.get(value.get("fieldid")); if (tempMap == null) { tempMap = new LinkedHashMap<Object, Map<String, Object>>(); } tempMap.put(value.get("tagid"), value); mtagList.put(value.get("fieldid"), tempMap); } } if (mtagList.isEmpty()) { if (haveMtag) { return showMessage(request, response, "no_mtag_allow_thread"); } else { return showMessage(request, response, "settings_of_your_mtag"); } } request.setAttribute("mtagList", mtagList); } int topicId = Common.intval(request.getParameter("topicid")); Map<String, String[]> paramMap = request.getParameterMap(); paramMap.put("op", new String[] { topicId + "" }); Map<String, Object> topic = null; if (topicId != 0) { request.setAttribute("topic", Common.getTopic(request, topicId)); } request.setAttribute("topicid", topicId); if (!Common.empty(topic)) { Map actives = new HashMap(); actives.put("thread", " class=\"active\""); request.setAttribute("actives", actives); } if (eventId != 0) { request.setAttribute("event", event); } request.setAttribute("mtag", mtag); } request.setAttribute("ckprivacy", Common.ckPrivacy(sGlobal, sConfig, space, "thread", 1)); request.setAttribute("tid", tid); request.setAttribute("pid", pid); request.setAttribute("tagid", tagId); request.setAttribute("eventid", eventId); request.setAttribute("thread", thread); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } return include(request, response, sConfig, sGlobal, "cp_thread.jsp"); } public ActionForward cp_top(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); try { if (submitCheck(request, "friendsubmit")) { int showCredit = Common.intval(request.getParameter("stakecredit")); if (showCredit > (Integer) space.get("credit")) { showCredit = (Integer) space.get("credit"); } if (showCredit < 1) { return showMessage(request, response, "showcredit_error"); } String fUserName = Common.trim(request.getParameter("fusername")); Map whereArr = new HashMap(); whereArr.put("uid", space.get("uid")); whereArr.put("fusername", fUserName); whereArr.put("status", 1); String fUid = Common.getCount("sns_friend", whereArr, "fuid"); if (Common.empty(fUserName) || Common.empty(fUid) || fUid.equals(space.get("uid").toString())) { return showMessage(request, response, "showcredit_fuid_error"); } whereArr = new HashMap(); whereArr.put("uid", fUid); int count = Common.intval(Common.getCount("sns_show", whereArr, null)); if (count != 0) { dataBaseService.executeUpdate( "UPDATE sns_show SET credit=credit+" + showCredit + " WHERE uid='" + fUid + "'"); } else { Map insertData = new HashMap(); insertData.put("uid", fUid); insertData.put("username", fUserName); insertData.put("credit", showCredit); dataBaseService.insertTable("sns_show", insertData, false, true); } dataBaseService.executeUpdate("UPDATE sns_space SET credit=credit-" + showCredit + " WHERE uid='" + space.get("uid") + "'"); mainService.addNotification(request, sGlobal, sConfig, Integer.valueOf(fUid), "credit", Common.getMessage(request, "cp_note_showcredit", String.valueOf(showCredit)), false); Map<Integer, String> sNames = (Map<Integer, String>) request.getAttribute("sNames"); if (Common.ckPrivacy(sGlobal, sConfig, space, "show", 1)) { Map title_data = new HashMap(); title_data.put("fusername", "<a href=\"zone.action?uid=" + fUid + "\">" + sNames.get(Integer.valueOf(fUid)) + "</a>"); title_data.put("credit", showCredit); mainService.addFeed(sGlobal, "show", Common.getMessage(request, "cp_feed_showcredit"), title_data, "", null, "", null, null, "", 0, 0, 0, "", false); } return showMessage(request, response, "showcredit_friend_do_success", "zone.action?do=top"); } else if (submitCheck(request, "showsubmit")) { int showCredit = Common.intval(request.getParameter("showcredit")); if (showCredit > (Integer) space.get("credit")) { showCredit = (Integer) space.get("credit"); } if (showCredit < 1) { return showMessage(request, response, "showcredit_error"); } String note = Common.getStr(request.getParameter("note"), 100, true, true, true, 0, 0, request, response); Map whereArr = new HashMap(); whereArr.put("uid", sGlobal.get("supe_uid")); int count = Common.intval(Common.getCount("sns_show", whereArr, null)); if (count != 0) { String noteSQL = !Common.empty(note) ? ", note='" + note + "'" : ""; dataBaseService.executeUpdate("UPDATE sns_show SET credit=credit+" + showCredit + noteSQL + " WHERE uid='" + sGlobal.get("supe_uid") + "'"); } else { Map insertData = new HashMap(); insertData.put("uid", sGlobal.get("supe_uid")); insertData.put("username", sGlobal.get("supe_username")); insertData.put("note", note); insertData.put("credit", showCredit); dataBaseService.insertTable("sns_show", insertData, false, true); } dataBaseService.executeUpdate("UPDATE sns_space SET credit=credit-" + showCredit + " WHERE uid='" + space.get("uid") + "'"); if (Common.ckPrivacy(sGlobal, sConfig, space, "show", 1)) { Map title_data = new HashMap(); title_data.put("credit", showCredit); mainService.addFeed(sGlobal, "show", Common.getMessage(request, "cp_feed_showcredit_self"), title_data, "", null, note, null, null, "", 0, 0, 0, "", false); } return showMessage(request, response, "showcredit_do_success", "zone.action?do=top"); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } return showMessage(request, response, "do_success", "zone.action?do=top", 0); } public ActionForward cp_topic(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); int supe_uid = (Integer) sGlobal.get("supe_uid"); int timestamp = (Integer) sGlobal.get("timestamp"); String tempS = request.getParameter("topicid"); int topicid = Common.empty(tempS) ? 0 : Common.intval(tempS); tempS = request.getParameter("id"); int id = Common.empty(tempS) ? 0 : Common.intval(tempS); tempS = request.getParameter("idtype"); String idtype = Common.empty(tempS) ? "" : tempS.trim(); tempS = request.getParameter("op"); String op = Common.empty(tempS) ? "" : tempS; List<Map<String, Object>> query; Map<String, Object> topic = null; if (topicid != 0) { query = dataBaseService.executeQuery("SELECT * FROM sns_topic WHERE topicid='" + topicid + "'"); topic = query.size() > 0 ? query.get(0) : null; } if (Common.empty(topic)) { if (!"join".equals(op)) { if (!Common.checkPerm(request, response, "allowtopic")) { Common.ckSpaceLog(request); return showMessage(request, response, "no_privilege"); } } topicid = 0; } else { if (!"join".equals(op)) { if (supe_uid != (Integer) topic.get("uid") && !Common.checkPerm(request, response, "managetopic")) { return showMessage(request, response, "no_privilege"); } } topic.put("pic", Common.pic_get(sConfig, (String) topic.get("pic"), (Integer) topic.get("thumb"), (Integer) topic.get("remote"), true)); } boolean sc; FileUploadUtil upload = getParsedFileUploadUtil(request); try { sc = submitCheckForMulti(request, upload, "topicsubmit"); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } if (sc) { Map<String, Object> setarr = new HashMap<String, Object>(); String subject; String message; try { subject = Common.getStr(upload.getParameter("subject"), 80, true, true, false, 0, 0, request, response); message = Common.getStr(upload.getParameter("message"), 0, true, true, false, 0, 0, request, response); } catch (Exception e) { return showMessage(request, response, e.getMessage()); } setarr.put("subject", subject); setarr.put("message", message); String[] tempSA = upload.getParameterValues("jointype[]"); setarr.put("jointype", Common.empty(tempSA) ? "" : Common.implode(tempSA, ",")); tempSA = upload.getParameterValues("joingid[]"); setarr.put("joingid", Common.empty(tempSA) ? "" : Common.implode(tempSA, ",")); tempS = upload.getParameter("endtime"); setarr.put("endtime", Common.empty(tempS) ? 0 : Common.strToTime(tempS, Common.getTimeOffset(sGlobal, sConfig), "yyyy-MM-dd HH:mm")); if (Common.strlen(subject) < 4) { return showMessage(request, response, "topic_subject_error"); } FileItem fileItem = upload.getFileItem("pic"); if (fileItem != null && fileItem.getSize() > 0) { Object ob = mainService.savePic(request, response, fileItem, "-1", "", 0); if (!Common.empty(ob) && Common.isArray(ob)) { Map<String, Object> filearr = (Map<String, Object>) ob; setarr.put("pic", filearr.get("filepath")); setarr.put("thumb", filearr.get("thumb")); setarr.put("remote", filearr.get("remote")); } } if (Common.empty(topicid)) { setarr.put("uid", supe_uid); setarr.put("username", sGlobal.get("supe_username")); setarr.put("dateline", timestamp); setarr.put("lastpost", timestamp); topicid = dataBaseService.insertTable("sns_topic", setarr, true, false); } else { Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put("topicid", topicid); dataBaseService.updateTable("sns_topic", setarr, whereData); } return showMessage(request, response, "do_success", "zone.action?do=topic&topicid=" + topicid, 0); } if ("delete".equals(op)) { try { if (submitCheck(request, "deletesubmit")) { if (adminDeleteService.deletetopics(request, response, sGlobal, topicid)) { return showMessage(request, response, "do_success", "zone.action?do=topic"); } else { return showMessage(request, response, "failed_to_delete_operation"); } } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("topicid", topicid); } else if ("join".equals(op)) { String tablename = mainService.getTablebyIdType(idtype); Map<String, Object> item = null; if (!Common.empty(tablename) && id != 0) { if (tablename.equals("pic")) { query = dataBaseService.executeQuery( "SELECT s.username, p.* FROM sns_pic p LEFT JOIN sns_space s ON s.uid=p.uid WHERE p.picid='" + id + "'"); } else { query = dataBaseService .executeQuery("SELECT * FROM " + tablename + " WHERE " + idtype + "='" + id + "'"); } item = query.size() > 0 ? query.get(0) : null; } if (Common.empty(item)) { return showMessage(request, response, "no_privilege"); } int uid = (Integer) item.get("uid"); if (supe_uid != uid && !Common.checkPerm(request, response, "managetopic") && !Common.checkPerm(request, response, tablename.replace("sns_", "manage"))) { return showMessage(request, response, "no_privilege"); } Map<Integer, Map<String, Object>> tlist = new LinkedHashMap<Integer, Map<String, Object>>(); query = dataBaseService.executeQuery("SELECT * FROM sns_topic ORDER BY lastpost DESC LIMIT 0,50"); String[] jointype; String[] joingid; Integer endtime; for (Map<String, Object> value : query) { tempS = (String) value.get("jointype"); if (!Common.empty(tempS)) { jointype = tempS.split(","); } else { jointype = null; } if (!Common.empty(jointype) && !Common.in_array(jointype, tablename)) { continue; } if (supe_uid == uid) { tempS = (String) value.get("joingid"); if (!Common.empty(tempS)) { joingid = tempS.split(","); } else { joingid = null; } if (!Common.empty(joingid) && !Common.in_array(joingid, space.get("groupid"))) { continue; } } endtime = (Integer) value.get("endtime"); if (endtime != 0 && timestamp > endtime) { continue; } tlist.put((Integer) value.get("topicid"), value); } if (Common.empty(tlist)) { return showMessage(request, response, "topic_list_none"); } try { if (submitCheck(request, "joinsubmit")) { int newtopicid = Common.intval(request.getParameter("newtopicid")); if (Common.empty(tlist.get(newtopicid))) { newtopicid = 0; } Map<String, Object> setData = new HashMap<String, Object>(); setData.put("topicid", newtopicid); Map<String, Object> whereData = new HashMap<String, Object>(); whereData.put(idtype, id); dataBaseService.updateTable(tablename, setData, whereData); if (newtopicid != 0) { mainService.topicJoin(request, newtopicid, uid, Common.addSlashes((String) item.get("username"))); } else { query = dataBaseService.executeQuery("SELECT * FROM sns_topicuser WHERE uid='" + uid + "' AND topicid='" + item.get("topicid") + "'"); Map<String, Object> value = query.size() > 0 ? query.get(0) : null; if (!Common.empty(value)) { dataBaseService.execute("DELETE FROM sns_topicuser WHERE id='" + value.get("id") + "'"); dataBaseService.executeUpdate("UPDATE sns_topic SET joinnum=joinnum-1 WHERE topicid='" + item.get("topicid") + "' AND joinnum>0"); } } return showMessage(request, response, "do_success", request.getParameter("refer"), 0); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("id", id); request.setAttribute("idtype", idtype); request.setAttribute("tlist", tlist); } else if ("ignore".equals(op)) { request.setAttribute("topicid", topicid); request.setAttribute("id", id); request.setAttribute("idtype", idtype); } else { if (topic == null) { topic = new HashMap<String, Object>(); } Map<String, String> jointypes = new HashMap<String, String>(); tempS = (String) topic.get("jointype"); String[] tempSA = null; if (tempS != null) { tempSA = tempS.split(","); } topic.put("jointype", tempSA); if (tempSA != null) { for (String value : tempSA) { jointypes.put(value, " checked"); } } Map<String, String> joingids = new HashMap<String, String>(); tempS = (String) topic.get("joingid"); tempSA = null; if (tempS != null) { tempSA = tempS.split(","); } topic.put("joingid", tempSA); if (tempSA != null) { for (String value : tempSA) { joingids.put(value, " checked"); } } Object endtimeO = topic.get("endtime"); if (!Common.empty(endtimeO)) { topic.put("endtime", Common.sgmdate(request, "yyyy-MM-dd HH:mm", (Integer) endtimeO)); } else { topic.put("endtime", ""); } Map<Integer, Map<String, Map<String, Object>>> usergroups = new LinkedHashMap<Integer, Map<String, Map<String, Object>>>(); usergroups.put(-1, new LinkedHashMap<String, Map<String, Object>>()); usergroups.put(1, new LinkedHashMap<String, Map<String, Object>>()); usergroups.put(0, new LinkedHashMap<String, Map<String, Object>>()); query = dataBaseService.executeQuery("SELECT * FROM sns_usergroup"); Map<String, Map<String, Object>> tempM; for (Map<String, Object> value : query) { tempM = usergroups.get((Integer) value.get("system")); if (tempM != null) { tempM.put(String.valueOf(value.get("gid")), value); } } request.setAttribute("topicid", topicid); request.setAttribute("topic", topic); request.setAttribute("jointypes", jointypes); request.setAttribute("joingids", joingids); request.setAttribute("usergroups", usergroups); } request.setAttribute("op", op); return include(request, response, sConfig, sGlobal, "cp_topic.jsp"); } public ActionForward cp_gift(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); if (!Common.checkPerm(request, response, "allowgift")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "gift_no_authority_to_send"); } if (!mainService.checkRealName(request, "gift")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "gift")) { return showMessage(request, response, "no_privilege_videophoto"); } switch (mainService.checkNewUser(request, response)) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } try { if (submitCheck(request, "giftsubmit")) { int waitTime = Common.checkInterval(request, response, "post"); if (waitTime > 0) { return showMessage(request, response, "operating_too_fast", "", 1, String.valueOf(waitTime)); } if (Common.checkPerm(request, response, "seccode") && !mainService.checkSeccode(request, response, sGlobal, sConfig, request.getParameter("seccode"))) { return showMessage(request, response, "incorrect_code"); } String giftid = request.getParameter("giftid"); String username = request.getParameter("username"); if (giftid == null) { return showMessage(request, response, "gift_no_selected"); } if (username == null) { return showMessage(request, response, "gift_no_selected_receiver"); } List<Map<String, Object>> giftList = dataBaseService .executeQuery("SELECT price, typeid FROM sns_gift WHERE giftid='" + giftid + "'"); if (giftList.size() == 0) { return showMessage(request, response, "gift_not_exist"); } List<Map<String, Object>> receiverList = dataBaseService .executeQuery("SELECT uid,name,username FROM sns_space WHERE username IN (" + Common.sImplode(username.split(",")) + ")"); int recSize = receiverList.size(); if (recSize == 0) { return showMessage(request, response, "gift_user_do_not_exist"); } int supe_uid = (Integer) sGlobal.get("supe_uid"); if (recSize == 1) { int toUid = (Integer) receiverList.get(0).get("uid"); if (toUid == supe_uid) { return showMessage(request, response, "not_to_their_own_gift_send"); } if (mainService.isBlackList(toUid, supe_uid) != 0) { return showMessage(request, response, "is_blacklist"); } } else { Iterator<Map<String, Object>> i = receiverList.iterator(); while (i.hasNext()) { Map<String, Object> receiver = i.next(); if ((Integer) receiver.get("uid") == supe_uid || mainService.isBlackList((Integer) receiver.get("uid"), supe_uid) != 0) { i.remove(); receiverList.remove(receiver); } } recSize = receiverList.size(); } String giftType = (String) giftList.get(0).get("typeid"); int giftPrice = (Integer) giftList.get(0).get("price"); if (giftType.equals("advGift")) { int advgiftcount = (Integer) ((Map) sGlobal.get("member")).get("advgiftcount"); if (advgiftcount == 0) { return showMessage(request, response, "gift_can_not_send_adv"); } dataBaseService.executeUpdate("UPDATE sns_space SET advgiftcount=advgiftcount-1 WHERE uid='" + sGlobal.get("supe_uid") + "'"); } else if (giftPrice > 0) { } Integer[] receiverIds = new Integer[recSize]; String[] receivers = new String[recSize]; List<String> insDatasReceived = new ArrayList<String>(); List<String> insDatasSent = new ArrayList<String>(); String sender = (String) ((Map) sGlobal.get("member")).get("name"); if (Common.empty(sender)) { sender = (String) sGlobal.get("supe_username"); } for (int i = 0; i < recSize; i++) { Map<String, Object> user = receiverList.get(i); receiverIds[i] = (Integer) user.get("uid"); if (Common.empty(user.get("name"))) { receivers[i] = String.valueOf(user.get("username")); } else { receivers[i] = String.valueOf(user.get("name")); } String insDataReceived = "('" + sGlobal.get("supe_uid") + "', '" + sender + "','" + receiverIds[i] + "', '" + receivers[i] + "', '" + giftid + "', '" + Common.intval(request.getParameter("quiet")) + "','" + Common.intval(request.getParameter("anonymous")) + "', '1' "; String insDataSent = "('" + sGlobal.get("supe_uid") + "', '" + sender + "','" + receiverIds[i] + "', '" + receivers[i] + "', '" + giftid + "', '" + Common.intval(request.getParameter("quiet")) + "','" + Common.intval(request.getParameter("anonymous")) + "' "; if (request.getParameter("timed") != null) { SimpleDateFormat sdf = new SimpleDateFormat("MMddHHmm"); insDataReceived += ",'1','1','" + sdf.parse(request.getParameter("month") + request.getParameter("day") + request.getParameter("hour") + request.getParameter("minute")) + "')"; insDataSent += ",'1','" + sdf.parse(request.getParameter("month") + request.getParameter("day") + request.getParameter("hour") + request.getParameter("minute")) + "')"; } else { insDataReceived += ",'0','0','" + sGlobal.get("timestamp") + "')"; insDataSent += ",'0','" + sGlobal.get("timestamp") + "')"; } insDatasReceived.add(insDataReceived); insDatasSent.add(insDataSent); } if (insDatasReceived.size() > 0) { dataBaseService.executeUpdate( "INSERT INTO sns_giftreceived (senderid,sender,receiverid,receiver,giftid,quiet,anonymous,status,timed,fee,receipttime) VALUES " + Common.implode(insDatasReceived, ",")); dataBaseService.executeUpdate( "INSERT INTO sns_giftsent (senderid,sender,receiverid,receiver,giftid,quiet,anonymous,timed,sendtime) VALUES " + Common.implode(insDatasSent, ",")); dataBaseService.executeUpdate("UPDATE sns_space SET giftnum=giftnum+1 WHERE uid IN (" + Common.sImplode(receiverIds) + ")"); } boolean isAnonymous = Common.intval(request.getParameter("anonymous")) == 0 ? false : true; for (int i = 0; i < receiverIds.length; i++) { String message = request.getParameter("message"); Matcher m = Pattern.compile("(?s)\\[em\\:(\\d+)\\:\\]").matcher(message); int mood = m.find() ? Common.intval(m.group(1)) : 0; message = Common.getStr(message, 200, true, true, true, 0, 0, request, response); message = message.replaceAll("(?is)\\[em:(\\d+):]", "<img src=\"image/face/$1.gif\" class=\"face\">"); message = message.replaceAll("(?is)\\<br.*?\\>", " "); String[] params = { "zone.action?do=gift&view=got", message }; String messageKey = isAnonymous ? "gift_note_event_gift_anonymous" : "gift_note_event_gift"; String note = Common.getMessage(request, messageKey, params); mainService.addGiftNotification(request, sGlobal, sConfig, receiverIds[i], "gift", note, false, isAnonymous); } return showMessage(request, response, "gift_sent_success", "zone.action?do=gift&view=sent", 2, Common.implode(receivers, ",")); } else if (submitCheck(request, "settingsubmit")) { int showlink = Common.intval(request.getParameter("showlink")); dataBaseService.executeUpdate("UPDATE sns_space SET showgiftlink='" + showlink + "' WHERE uid='" + sGlobal.get("supe_uid") + "'"); return showMessage(request, response, "do_success", "zone.action?do=gift&view=setting", 2); } else if (submitCheck(request, "deletesubmit")) { String id = request.getParameter("id"); String delType = request.getParameter("deltype"); if (id != null) { if ("sent".equals(delType)) { dataBaseService.executeUpdate("DELETE FROM sns_giftsent WHERE gsid='" + id + "'"); } else { dataBaseService.executeUpdate("DELETE FROM sns_giftreceived WHERE grid='" + id + "'"); dataBaseService.executeUpdate("UPDATE sns_space SET giftnum=giftnum-1 WHERE uid ='" + sGlobal.get("supe_uid") + "'"); } } return showMessage(request, response, "do_success", "zone.action?do=gift&view=" + delType, 2); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } String giftType = request.getParameter("type"); if (giftType == null) { giftType = "defGift"; } if (!Common.empty(space.get("friendnum"))) { List<Map<String, Object>> friends = dataBaseService.executeQuery( "SELECT fuid AS uid, fusername AS username FROM sns_friend WHERE uid=" + sGlobal.get("supe_uid") + " AND status='1' ORDER BY num DESC, dateline DESC LIMIT 0, 100"); List fNamee = new ArrayList(friends.size()); for (Map<String, Object> value : friends) { value.put("username", Common.sAddSlashes(value.get("username"))); fNamee.add(value.get("username")); } request.setAttribute("friendstr", Common.implode(fNamee, ",")); request.setAttribute("friends", friends); } List<Map<String, Object>> categories = dataBaseService .executeQuery("SELECT * FROM sns_gifttype WHERE fee=0 AND typeid<>'feeGift' ORDER BY `order` ASC"); request.setAttribute("categories", categories); request.setAttribute("firstcate", giftType); request.setAttribute("defreceiver", request.getParameter("defreceiver")); return include(request, response, sConfig, sGlobal, "/cp_gift.jsp"); } private boolean submitCheckForMulti(HttpServletRequest request, FileUploadUtil upload, String var) throws Exception { if ("POST".equals(request.getMethod()) && !Common.empty(upload.getParameter(var))) { String referer = request.getHeader("Referer"); if (Common.empty(referer) || referer.replaceAll("https?://([^:/]+).*", "$1") .equals(request.getHeader("Host").replaceAll("([^:]+).*", "$1")) && formHash(request).equals(upload.getParameter("formhash"))) { return true; } else { throw new Exception("submit_invalid"); } } return false; } private FileUploadUtil getParsedFileUploadUtil(HttpServletRequest request) { FileUploadUtil upload = new FileUploadUtil(new File(SysConstants.snsRoot + "/temp"), 4096); try { upload.parse(request, SysConstants.SNS_CHARSET); } catch (Exception e) { e.printStackTrace(); } return upload; } public ActionForward cp_upload(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); PrintWriter out = null; FileUploadUtil upload = new FileUploadUtil(new File(SysConstants.snsRoot + "/temp"), 4096); try { out = response.getWriter(); upload.parse(request, SysConstants.SNS_CHARSET); } catch (Exception e) { if (e instanceof SizeLimitExceededException) { out.print("<script>"); out.print("parent.uploadStat = '" + Common.getMessage(request, "cp_upload_size_too_big", SysConstants.snsConfig.get("upload_max_filesize")) + "';"); out.print("parent.upload();"); out.print("</script>"); out.flush(); out.close(); return null; } } int albumID = Common.empty(upload.getParameter("albumid")) ? 0 : Common.intval(upload.getParameter("albumid")); String eventid = upload.getParameter("eventid"); eventid = eventid == null ? request.getParameter("eventid") : eventid; int eventID = Common.empty(eventid) ? 0 : Common.intval(eventid); Map<String, Object> event = null; if (eventID != 0) { String sql = "SELECT e.*,ef.* FROM sns_event e LEFT JOIN sns_eventfield ef ON e.eventid=ef.eventid WHERE e.eventid='" + eventID + "'"; List<Map<String, Object>> eventList = dataBaseService.executeQuery(sql); if (eventList.size() == 0) { return showMessage(request, response, "event_does_not_exist"); } event = eventList.get(0); int grade = (Integer) event.get("grade"); if (grade == -2) { return showMessage(request, response, "event_is_closed"); } else if (grade < 1) { return showMessage(request, response, "event_under_verify"); } sql = "SELECT * FROM sns_userevent WHERE uid='" + sGlobal.get("supe_uid") + "' AND eventid='" + eventID + "'"; List<Map<String, Object>> userEventList = dataBaseService.executeQuery(sql); Map<String, Object> userEvent = userEventList.size() > 0 ? userEventList.get(0) : null; if (userEvent != null) { int allowPic = (Integer) event.get("allowpic"); int eventStatus = (Integer) userEvent.get("status"); if (allowPic == 0 && eventStatus < 3) { return showMessage(request, response, "event_only_allows_admins_to_upload"); } if (allowPic != 0 && eventStatus < 2) { return showMessage(request, response, "event_only_allows_members_to_upload"); } } } try { if (submitCheck(request, upload.getParameter("albumsubmit"), upload.getParameter("formhash"))) { if ("creatalbum".equals(upload.getParameter("albumop"))) { String albumName = upload.getParameter("albumname"); if (albumName == null || albumName.length() == 0) { albumName = Common.gmdate("yyyyMMdd", (Integer) sGlobal.get("timestamp"), (String) sConfig.get("timeoffset")); } else { albumName = Common.getStr(albumName, 50, true, true, false, 0, 0, request, response); } int friend = Common.intval(upload.getParameter("friend")); String targetIDs = ""; String password = ""; if (friend == 2) { List friendUIDs = new ArrayList(); String[] names = null; String friendNames = upload.getParameter("target_names"); if (friendNames != null && friendNames.length() != 0) { friendNames = friendNames.replaceAll(Common.getMessage(request, "cp_tab_space"), " "); names = friendNames.split(" "); } if (names != null) { List<Map<String, Object>> values = dataBaseService.executeQuery( "SELECT uid FROM sns_space WHERE username IN (" + Common.sImplode(names) + ")"); for (Map<String, Object> value : values) { friendUIDs.add(value.get("uid")); } } if (friendUIDs.size() == 0) { friend = 3; } else { targetIDs = Common.implode(friendUIDs, ","); } } else if (friend == 4) { password = upload.getParameter("password"); if (password == null || password.trim().length() == 0) { friend = 0; } } Map setarr = new HashMap(); setarr.put("albumname", albumName); setarr.put("uid", sGlobal.get("supe_uid")); setarr.put("username", sGlobal.get("supe_username")); setarr.put("dateline", sGlobal.get("timestamp")); setarr.put("updatetime", sGlobal.get("timestamp")); setarr.put("friend", friend); setarr.put("password", password); setarr.put("target_ids", targetIDs); albumID = dataBaseService.insertTable("sns_album", setarr, true, false); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); String albumNumSQL = null; if (Common.empty(space.get("albumnum"))) { Map wherearr = new HashMap(); wherearr.put("uid", space.get("uid")); space.put("albumnum", Common.getCount("sns_album", wherearr, null)); albumNumSQL = "albumnum=" + space.get("albumnum"); } else { albumNumSQL = "albumnum=albumnum+1"; } dataBaseService.executeUpdate("UPDATE sns_space SET " + albumNumSQL + ",updatetime='" + sGlobal.get("timestamp") + "' WHERE uid='" + sGlobal.get("supe_uid") + "'"); } int topicID = Common.intval(upload.getParameter("topicid")); topicID = mainService.checkTopic(request, topicID, "pic"); if (Common.empty(sGlobal.get("mobile"))) { out = response.getWriter(); out.print("<script>"); out.print("parent.no_insert = 1;"); out.print("parent.albumid = " + albumID + ";"); out.print("parent.topicid = " + topicID + ";"); out.print("parent.start_upload();"); out.print("</script>"); out.flush(); out.close(); return null; } else { return showMessage(request, response, "do_success", "main.action?ac=upload"); } } else if (submitCheck(request, upload.getParameter("uploadsubmit"), upload.getParameter("formhash"))) { if (!Common.checkPerm(request, response, "allowupload")) { if (Common.empty(sGlobal.get("mobile"))) { out = response.getWriter(); out.print("<script>"); out.print("alert(\"" + Common.getMessage(request, "cp_not_allow_upload") + "\");"); out.print("</script>"); return null; } else { return showMessage(request, response, Common.getMessage(request, "cp_not_allow_upload")); } } int picID = 0; int topicID = Common.intval(upload.getParameter("topicid")); topicID = mainService.checkTopic(request, topicID, "pic"); String title = upload.getParameter("pic_title"); Object uploadFiles = mainService.savePic(request, response, upload.getFileItem("attach"), upload.getParameter("albumid"), title, topicID); String uploadStat = "1"; boolean tempB = !Common.empty(uploadFiles); boolean tempBB = Common.isArray(uploadFiles); if (tempB && tempBB) { Map<String, Object> map = (Map<String, Object>) uploadFiles; albumID = (Integer) map.get("albumid"); picID = (Integer) map.get("picid"); if (eventID != 0) { Map<String, Object> arr = new HashMap<String, Object>(); arr.put("eventid", eventID); arr.put("picid", picID); arr.put("uid", sGlobal.get("supe_uid")); arr.put("username", sGlobal.get("supe_username")); arr.put("dateline", sGlobal.get("timestamp")); try { dataBaseService.insertTable("sns_eventpic", arr, false, false); } catch (Exception exception) { exception.printStackTrace(); } } } else { uploadStat = (String) uploadFiles; } if (!Common.empty(sGlobal.get("mobile"))) { if (picID != 0) { return showMessage(request, response, "do_success", "zone.action?do=album&picid=" + picID); } else { return showMessage(request, response, uploadStat, "main.action?ac=upload"); } } else { if (uploadFiles instanceof Map && StringUtils.equals("Y", (String) (((Map) uploadFiles)).get("verify"))) { out = response.getWriter(); out.print("<script>"); out.print("parent.uploadStat = '2';"); out.print("parent.uploadMessage = '" + Common.getMessage(request, "blog_allallowverifypicupload_y") + "';"); out.print("parent.upload();"); out.print("</script>"); out.flush(); out.close(); return null; } else { out = response.getWriter(); out.print("<script>"); out.print("parent.albumid = " + albumID + ";"); out.print("parent.topicid = " + topicID + ";"); out.print("parent.uploadStat = '" + uploadStat + "';"); out.print("parent.picid = " + picID + ";"); out.print("parent.upload();"); out.print("</script>"); out.flush(); out.close(); } } return null; } else if (submitCheck(request, upload.getParameter("viewAlbumid"), upload.getParameter("formhash"))) { if (eventID != 0) { int dateline = (Integer) sGlobal.get("timestamp") - 600; List<Map<String, Object>> values = dataBaseService.executeQuery( "SELECT pic.* FROM sns_eventpic ep LEFT JOIN sns_pic pic ON ep.picid=pic.picid WHERE ep.uid='" + sGlobal.get("supe_uid") + "' AND ep.eventid='" + eventID + "' AND ep.dateline > " + dateline + " ORDER BY ep.dateline DESC LIMIT 4"); String[] imgs = new String[values.size()]; String[] imglinks = new String[values.size()]; Map<String, Object> value = null; for (int i = 0; i < values.size(); i++) { value = values.get(i); imgs[i] = Common.pic_get(sConfig, (String) value.get("filepath"), (Integer) value.get("thumb"), (Integer) value.get("remote"), true); imglinks[i] = "zone.action?do=event&eventid=" + eventID + "&view=pic&picid=" + value.get("picid"); } int picNum = 0; if (imgs.length > 0) { picNum = dataBaseService .findRows("SELECT COUNT(*) FROM sns_eventpic WHERE eventid='" + eventID + "'"); Map bodyData = new HashMap(); bodyData.put("eventid", eventID); bodyData.put("title", event.get("title")); bodyData.put("picnum", picNum); mainService.addFeed(sGlobal, "event", Common.getMessage(request, "cp_event_feed_share_pic_title"), null, Common.getMessage(request, "cp_event_feed_share_pic_info"), bodyData, "", imgs, imglinks, "", 0, 0, 0, "", false); } dataBaseService.executeUpdate("UPDATE sns_event SET picnum='" + picNum + "',updatetime='" + sGlobal.get("timestamp") + "' WHERE eventid='" + eventID + "'"); return showMessage(request, response, "do_success", "zone.action?do=event&view=pic&id=" + eventID, 0); } else { Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); if (Common.ckPrivacy(sGlobal, sConfig, space, "upload", 1)) { feedService.feedPublish(request, response, Common.intval(request.getParameter("opalbumid")), "albumid", false); } String url; int topicID = Common.intval(request.getParameter("topicid")); if (topicID != 0) { mainService.topicJoin(request, topicID, (Integer) sGlobal.get("supe_uid"), (String) sGlobal.get("supe_username")); url = "zone.action?do=topic&topicid=" + topicID + "&view=pic"; } else { url = "zone.action?uid=" + sGlobal.get("supe_uid") + "&do=album&id=" + (Common.empty(request.getParameter("opalbumid")) ? -1 : request.getParameter("opalbumid")); } return showMessage(request, response, "upload_images_completed", url, 0); } } else { Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); if (!Common.checkPerm(request, response, "allowupload")) { MessageVO msgVO = Common.ckSpaceLog(request); if (msgVO != null) { return showMessage(request, response, msgVO); } return showMessage(request, response, "no_privilege"); } if (!mainService.checkRealName(request, "album")) { return showMessage(request, response, "no_privilege_realname"); } if (!mainService.checkVideoPhoto(request, response, "album")) { return showMessage(request, response, "no_privilege_videophoto"); } int result = mainService.checkNewUser(request, response); switch (result) { case 1: break; case 2: return showMessage(request, response, "no_privilege_newusertime", "", 1, String.valueOf(sConfig.get("newusertime"))); case 3: return showMessage(request, response, "no_privilege_avatar"); case 4: return showMessage(request, response, "no_privilege_friendnum", "", 1, String.valueOf(sConfig.get("need_friendnum"))); case 5: return showMessage(request, response, "no_privilege_email"); } String siteURL = Common.getSiteUrl(request); List<Map<String, Object>> albums = mainService.getAlbums((Integer) sGlobal.get("supe_uid")); String haveAttachSize = null; int maxAttachSize = (Integer) Common.checkPerm(request, response, sGlobal, "maxattachsize"); if (maxAttachSize != 0) { maxAttachSize += (Integer) space.get("addsize"); haveAttachSize = Common.formatSize(maxAttachSize - (Integer) space.get("attachsize")); } else { haveAttachSize = "0"; } Map<String, String> actives; String activeKey = upload.getParameter("op"); if ("flash".equals(activeKey) || "cam".equals(activeKey)) { actives = new HashMap<String, String>(); actives.put(activeKey, " class=\"active\""); } else { actives = new HashMap<String, String>(); actives.put("js", " class=\"active\""); } int topicID = Common.intval(upload.getParameter("topicid")); Map<String, Object> topic = topicID == 0 ? new HashMap<String, Object>() : Common.getTopic(request, topicID); if (topic.size() != 0) { actives = new HashMap<String, String>(); actives.put("upload", " class=\"active\""); request.setAttribute("perm", Common.checkPerm(request, response, "managetopic")); } request.setAttribute("siteurl", siteURL); request.setAttribute("albums", albums); request.setAttribute("haveattachsize", haveAttachSize); request.setAttribute("groups", Common.getFriendGroup(request)); request.setAttribute("topic", topic); request.setAttribute("topicid", topicID); request.setAttribute("actives", actives); } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } request.setAttribute("event", event); request.setAttribute("eventid", eventID); request.setAttribute("albumid", albumID); request.setAttribute("formhash", formHash(request)); return include(request, response, sConfig, sGlobal, "cp_upload.jsp"); } public ActionForward cp_userapp(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); return include(request, response, sConfig, sGlobal, "cp_userapp.jsp"); } public ActionForward cp_videophoto(HttpServletRequest request, HttpServletResponse response) { Map<String, Object> sGlobal = (Map<String, Object>) request.getAttribute("sGlobal"); Map<String, Object> sConfig = (Map<String, Object>) request.getAttribute("sConfig"); Map<String, Object> space = (Map<String, Object>) request.getAttribute("space"); if (Common.empty(sConfig.get("videophoto"))) { return showMessage(request, response, "no_open_videophoto"); } String videoPic = (String) space.get("videopic"); int videoStatus = (Integer) space.get("videostatus"); String oldVideoPhoto = null; if (!Common.empty(videoPic)) { oldVideoPhoto = mainService.getVideoPicDir(videoPic); request.setAttribute("videophoto", mainService.getVideoPicUrl(videoPic)); } try { if (submitCheck(request, "uploadsubmit")) { ServletInputStream sis = null; FileOutputStream fos = null; PrintWriter out = null; try { response.setHeader("Expires", "0"); response.setHeader("Cache-Control", "no-store, private, post-check=0, pre-check=0, max-age=0"); response.setHeader("Pragma", "no-cache"); response.setContentType("text/html"); out = response.getWriter(); if (!Common.empty(videoStatus) && Common.empty(sConfig.get("videophotochange"))) { out.write("-1"); return null; } if (videoStatus == 0 && !Common.empty(videoPic)) { out.write("-2"); return null; } int uid = (Integer) sGlobal.get("supe_uid"); int timestamp = (Integer) sGlobal.get("timestamp"); String newFileName = Common.md5(String.valueOf(timestamp).substring(0, 7) + uid); String snsRoot = SysConstants.snsRoot + "/"; String attachDir = SysConstants.snsConfig.get("attachDir"); File file = new File(snsRoot + attachDir + "video/" + newFileName.substring(0, 1) + "/" + newFileName.substring(1, 2)); if (!file.exists() && !file.isDirectory() && !file.mkdirs()) { out.write("Can not write to the attachment/video folder!"); return null; } if (oldVideoPhoto != null) { file = new File(snsRoot + oldVideoPhoto); if (file.exists()) file.delete(); } sis = request.getInputStream(); fos = new FileOutputStream(snsRoot + mainService.getVideoPicDir(newFileName)); byte[] buffer = new byte[256]; int count = 0; while ((count = sis.read(buffer)) > 0) { fos.write(buffer, 0, count); } boolean videoPhotoCheck = Common.empty(sConfig.get("videophotocheck")); videoStatus = videoPhotoCheck ? 1 : 0; dataBaseService.executeUpdate( "UPDATE sns_spacefield SET videopic='" + newFileName + "' WHERE uid='" + uid + "'"); dataBaseService.executeUpdate( "UPDATE sns_space SET videostatus='" + videoStatus + "' WHERE uid='" + uid + "'"); List<String> sets = new ArrayList<String>(); Map<String, Integer> reward = Common.getReward("videophoto", false, 0, "", true, request, response); int credit = reward.get("credit"); int experience = reward.get("experience"); if (credit != 0) { sets.add("credit=credit+" + credit); } if (experience != 0) { sets.add("experience=experience+" + experience); } sets.add("updatetime=" + timestamp); if (sets.size() > 0) { dataBaseService.executeUpdate( "UPDATE sns_space SET " + Common.implode(sets, ",") + " WHERE uid='" + uid + "'"); } if (videoPhotoCheck) { out.write("2"); } else { out.write("1"); } return null; } catch (Exception e) { out.write("??"); return null; } finally { try { if (fos != null) { fos.flush(); fos.close(); fos = null; } if (sis != null) { sis.close(); sis = null; } if (out != null) { out.flush(); out.close(); out = null; } } catch (Exception e) { } } } } catch (Exception e) { return showMessage(request, response, e.getMessage()); } String op = request.getParameter("op"); if ("check".equals(op)) { if ((videoStatus > 0 && Common.empty(sConfig.get("videophotochange"))) || (videoStatus == 0 && !Common.empty(videoPic))) { request.getParameterMap().remove("op"); } else { String flashSrc = "image/videophoto.swf?post_url=" + Common.urlEncode(Common.getSiteUrl(request) + "main.action") + "&agrs=" + Common.urlEncode("ac=videophoto&uid=" + sGlobal.get("supe_uid") + "&uploadsubmit=true&formhash=" + formHash(request)); String videoFlash = "<object classid=\"clsid:d27cdb6e-ae6d-11cf-96b8-444553540000\" codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0\" width=\"560\" height=\"390\" id=\"videoCheck\" align=\"middle\">" + "<param name=\"allowScriptAccess\" value=\"always\" />" + "<param name=\"scale\" value=\"exactfit\" />" + "<param name=\"wmode\" value=\"transparent\" />" + "<param name=\"quality\" value=\"high\" />" + "<param name=\"bgcolor\" value=\"#ffffff\" />" + "<param name=\"movie\" value=\"" + flashSrc + "\" />" + "<param name=\"menu\" value=\"false\" />" + "<embed src=\"" + flashSrc + "\" quality=\"high\" bgcolor=\"#ffffff\" width=\"560\" height=\"390\" name=\"videoCheck\" align=\"middle\" allowScriptAccess=\"always\" allowFullScreen=\"false\" scale=\"exactfit\" wmode=\"transparent\" type=\"application/x-shockwave-flash\" pluginspage=\"http://www.macromedia.com/go/getflashplayer\" />" + "</object>"; request.setAttribute("videoFlash", videoFlash); } } return include(request, response, sConfig, sGlobal, "cp_videophoto.jsp"); } private ActionForward executeTask(HttpServletRequest request, HttpServletResponse response, Map<String, Object> task, Map<String, Object> space) { request.setAttribute("task", task); request.setAttribute("space", space); request.setAttribute("mainService", mainService); request.setAttribute("dataBaseService", dataBaseService); RequestDispatcher dispatcher = request .getRequestDispatcher("/source/task/" + ((String) task.get("filename"))); try { dispatcher.include(request, response); } catch (Exception e) { e.printStackTrace(); return showMessage(request, response, e.getMessage()); } return null; } private String[] getArrayIntersect(String[] s1, String[] s2) { String[] result = {}; if (s1 == null || s2 == null || s1.length == 0 || s2.length == 0) { return result; } List<String> list = new ArrayList<String>(s1.length > s2.length ? s1.length : s2.length); for (String str1 : s1) { for (String str2 : s2) { if (str1.equals(str2)) { list.add(str1); } } } return list.toArray(result); } private String[] arrayMerge(Object[] obj1, Object[] obj2) { String[] result = {}; Set<String> set = new HashSet<String>(obj1.length + obj2.length); for (Object o1 : obj1) { set.add(o1.toString()); } for (Object o2 : obj2) { set.add(o2.toString()); } return set.toArray(result); } private void createMail(HttpServletRequest request, HttpServletResponse response, Map<String, Object> sConfig, Map<Integer, String> sNames, Map<String, Object> space, String mail, String[] mailArgs, Map appInfo) { try { mailArgs[3] = Common.getStr(request.getParameter("saymsg"), 500, false, false, false, 0, 0, request, response); String subject = null; if (appInfo != null) { subject = Common.getMessage(request, "cp_app_invite_subject", new String[] { sNames.get(space.get("uid")), (String) sConfig.get("sitename"), (String) appInfo.get("appname") }); } else { subject = Common.getMessage(request, "cp_invite_subject", new String[] { sNames.get(space.get("uid")), (String) sConfig.get("sitename") }); } String message = Common.getMessage(request, (appInfo != null ? "cp_app_invite_massage" : "cp_invite_massage"), mailArgs); mainService.sendMail(request, response, 0, mail, subject, message, ""); } catch (Exception e) { e.printStackTrace(); } } private Map<String, Object> checkMtagSpace(HttpServletRequest request, HttpServletResponse response, Map<String, Object> event, Map<String, Object> userEvent, int tagId) { Map<String, Object> mtag = null; int supe_uid = (Integer) ((Map) request.getAttribute("sGlobal")).get("supe_uid"); if (!Common.empty(event)) { if (Common.empty(userEvent) || (Integer) userEvent.get("status") < 2) { showMessage(request, response, "event_only_allows_member_thread"); return null; } if ((Integer) event.get("tagid") != tagId) { showMessage(request, response, "event_mtag_not_match"); return null; } try { mtag = Common.getMtag(request, response, supe_uid, tagId); } catch (Exception e) { showMessage(request, response, e.getMessage()); return null; } if (!Common.empty(mtag.get("close"))) { showMessage(request, response, "mtag_close"); return null; } return mtag; } if (tagId != 0) { try { mtag = Common.getMtag(request, response, supe_uid, tagId); } catch (Exception e) { showMessage(request, response, e.getMessage()); return null; } if (mtag != null) { if (!Common.empty(mtag.get("close"))) { showMessage(request, response, "mtag_close"); return null; } if (Common.empty(mtag.get("allowview"))) { showMessage(request, response, "mtag_not_allow_to_do"); return null; } Map<String, Object> field = (Map<String, Object>) mtag.get("field"); if (!Common.empty(field.get("mtagminnum")) && (Integer) mtag.get("membernum") < (Integer) field.get("mtagminnum")) { showMessage(request, response, "mtag_minnum_erro", null, 1, field.get("mtagminnum").toString()); return null; } } } if (Common.empty(mtag)) { showMessage(request, response, "first_select_a_mtag"); return null; } return mtag; } private List<String> getKeyWord(String text) throws IOException { List<String> keywords = new ArrayList<String>(); if (!Common.empty(text)) { Map<String, Integer> words = new HashMap<String, Integer>(); Analyzer analyzer = new IKAnalyzer(true); StringReader reader = new StringReader(text); TokenStream tokenStream = analyzer.tokenStream("*", reader); TermAttribute termAtt = (TermAttribute) tokenStream.getAttribute(TermAttribute.class); while (tokenStream.incrementToken()) { String word = termAtt.term(); if (word.length() > 1 && Common.strlen(word) > 2) { Integer count = words.get(word); if (count == null) { count = 0; } words.put(word, count + 1); } } if (words.size() > 0) { Directory dir = null; IndexSearcher searcher = null; try { String fieldName = "text"; dir = new RAMDirectory(); IndexWriter writer = new IndexWriter(dir, analyzer, true, IndexWriter.MaxFieldLength.LIMITED); Document doc = new Document(); doc.add(new Field(fieldName, text, Field.Store.YES, Field.Index.ANALYZED)); writer.addDocument(doc); writer.close(); searcher = new IndexSearcher(dir); searcher.setSimilarity(new IKSimilarity()); Set<String> keys = words.keySet(); Map<String, Float> temps = new HashMap<String, Float>(); for (String key : keys) { int count = words.get(key); Query query = IKQueryParser.parse(fieldName, key); TopDocs topDocs = searcher.search(query, 1); if (topDocs.totalHits > 0) { temps.put(key, topDocs.getMaxScore() * count); } } Entry<String, Float>[] keywordEntry = getSortedHashtableByValue(temps); for (Entry<String, Float> entry : keywordEntry) { if (keywords.size() < 5) { keywords.add(entry.getKey()); } } } catch (Exception e) { e.printStackTrace(); } finally { try { searcher.close(); } catch (IOException e) { e.printStackTrace(); } try { dir.close(); } catch (IOException e) { e.printStackTrace(); } } } } return keywords; } @SuppressWarnings("unchecked") private Entry<String, Float>[] getSortedHashtableByValue(Map<String, Float> h) { Set<Entry<String, Float>> set = h.entrySet(); Entry<String, Float>[] entries = set.toArray(new Entry[set.size()]); Arrays.sort(entries, new Comparator() { public int compare(Object arg0, Object arg1) { Entry entry1 = (Entry) arg0; Entry entry2 = (Entry) arg1; Float value1 = (Float) entry1.getValue(); Float value2 = (Float) entry2.getValue(); int size = value2.compareTo(value1); if (size == 0) { String key1 = (String) entry1.getKey(); String key2 = (String) entry2.getKey(); return key1.compareTo(key2); } return size; } }); return entries; } }