function dosave() { $author = dhtmlspecialchars($_POST['author']); $email = dhtmlspecialchars($_POST['email']); $url = dhtmlspecialchars($_POST['url']); $content = dhtmlspecialchars($_POST['content']); empty($author) && exit('昵称不能为空!'); empty($content) && exit('留言内容不能为空!'); WordFilter($author) && exit('昵称包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($url) && exit('您的网址包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($content) && exit('留言内容包含被系统屏蔽的字符,请返回重新填写。'); !preg_match("/^([\\w\\.-]+)@([a-zA-Z0-9-]+)(\\.[a-zA-Z\\.]+)\$/i", $email) && exit('邮箱格式错误!'); strpos($url, 'http://') === false && ($url = 'http://' . $url); iCMS_DB::query("INSERT INTO `#iCMS@__plugins_message` (`author`,`email`,`url`,`content`,`reply`,`addtime`,`ip`,`status`) VALUES ('{$author}','{$email}','{$url}','{$content}','','" . time() . "','" . getip() . "','0')"); exit('1'); }
function dosave() { include_once iPATH . 'include/tag.class.php'; $id = $_POST['id']; $mid = $_POST['mid']; $FArray = model::field($mid); $model = model::data($mid); $content = array(); if ($_POST['content']) { foreach ($_POST['content'] as $field => $value) { if (model::isDefField($field)) { switch ($field) { case "userid": $value = intval($value); break; case "fid": $value = $fid = intval($value); empty($value) && javascript::alert('请选择所属栏目'); break; case "orderNum": $value = _int($value); break; case "top": $value = _int($value); break; case "title": $value = dhtmlspecialchars($value); empty($value) && javascript::alert('标题不能为空!'); break; case "editor": $value = dhtmlspecialchars($value); break; case "tags": $value = iTAG::split(dhtmlspecialchars($value), true); break; case "type": $value = intval($value); break; case "vlink": $value = implode(',', $value); break; case "postype": $value = empty($value) ? intval($value) : "1"; break; case "pubdate": $value = _strtotime($value); break; case "clink": $value = dhtmlspecialchars($value); if ($value) { $clinklen = strlen($value); for ($i = 0; $i < $clinklen; $i++) { !preg_match("/[a-zA-Z0-9_\\-~" . preg_quote($this->iCMS->config['CLsplit'], '/') . "]/", $value[$i]) && javascript::alert('自定链接只能由英文字母、数字或_-~组成(不支持中文)'); } } break; } } elseif ($F = $FArray[$field]) { switch ($F['type']) { case "number": $value = intval($value); break; case "calendar": $value = _strtotime($value); break; case in_array($F['type'], array('text', 'textarea', 'radio', 'select', 'email', 'url', 'image', 'upload')): $value = dhtmlspecialchars($value); break; case in_array($F['type'], array('checkbox', 'multiple')): $value = implode(',', $value); break; case 'editor': $this->iCMS->config['autoformat'] && ($value = autoformat($value)); break; default: $value = dhtmlspecialchars($value); } } WordFilter($value) && javascript::alert($field . '字段包含被系统屏蔽的字符,请返回重新填写。'); $content[$field] = $value; $PF[] = $field; } } if (empty($content['clink'])) { include iPATH . 'include/cn.class.php'; $content['clink'] = CN::pinyin($content['title'], $this->iCMS->config['CLsplit']); } $table = model::tbn($_POST['table']); $MF = explode(',', $model['field']); $diff = array_diff_values($PF, $MF); if ($diff['-']) { foreach ($diff['-'] as $field) { $content[$field] = ''; } } //缺少的字段 填认空值 $SELFURL = __SELF__ . (empty($_POST['REFERER']) ? '?mo=content&do=manage' : $_POST['REFERER']); $forum = new forum(); if (empty($id)) { empty($content['userid']) && ($content['userid'] = member::$uId); $content['hits'] = $content['good'] = $content['bad'] = $content['comments'] = 0; $content['status'] = "1"; $checkCL = iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__{$table}` where `clink` ='" . $content['clink'] . "'"); if ($this->iCMS->config['repeatitle']) { iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__{$table}` where `title` = '{$title}'") && alert('该标题内容已经存在!请检查是否重复'); $checkCL && javascript::alert('该自定链接已经存在!请另选一个'); } else { $checkCL && ($clink .= $this->iCMS->config['CLsplit'] . random(6, 1)); } iCMS_DB::insert($table, $content); $id = iCMS_DB::$insert_id; model::upload($table, $id, $title); iTAG::add($content['tags'], $content['userid'], $id, $forum->rootid($fid), $mid); $vlink = empty($content['vlink']) ? $fid : $content['vlink'] . ',' . $fid; vlinkDiff($vlink, '', $id, $mid); if (!strstr($forum->forum[$fid]['contentRule'], '{PHP}') && !$forum->forum[$fid]['url'] && $forum->forum[$fid]['mode'] == "1" && $content['status']) { include iPATH . 'include/iHtml.class.php'; iHtml::content($id, $mid, $table); iHtml::forum($fid, 1, 0, 1); } iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count+1 WHERE `fid` ='{$fid}' LIMIT 1 "); // $moreaction=array( // array("text"=>"编辑该内容","url"=>__SELF__."?do=content&operation=add&table=".$table."&mid=".$mid."&id=".$id), // array("text"=>"继续添加内容","url"=>__SELF__."?do=content&operation=add&table=".$table."&mid=".$mid."&cid=".$cid), // array("text"=>"查看该内容","url"=>$iCMS->iurl('content',array('mId'=>$mid,'id'=>$id,'link'=>$clink,'pubdate'=>$pubdate,'cid'=>$cid,'dir'=>$catalog->catalog[$cid]['dir'],'domain'=>$catalog->catalog[$cid]['domain'],'htmlext'=>$catalog->catalog[$cid]['htmlext']))->href,"o"=>'target="_blank"'), // array("text"=>"查看网站首页","url"=>"../index.php","o"=>'target="_blank"') // ); javascript::dialog("添加完成!", 'url:' . __SELF__ . "?mo=content&do=manage&table=" . $table . "&mid=" . $mid); } else { $checkCL = iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__{$table}` where `clink` ='{$clink}' AND `id` !='{$id}'"); if ($this->iCMS->config['repeatitle']) { $checkCL && alert('该自定链接已经存在!请另选一个'); } else { $checkCL && ($clink .= $this->iCMS->config['CLsplit'] . random(6, 1)); } $art = iCMS_DB::getRow("SELECT `fid`,`tags`,`vlink` FROM `#iCMS@__{$table}` where `id` ='{$id}'"); iTAG::diff($content['tags'], member::$uId, $art->tags, $id, $forum->rootid($fid)); iCMS_DB::update($table, $content, array('id' => $id)); model::upload($table, $id, $title); $vlink = empty($content['vlink']) ? $fid : $content['vlink'] . ',' . $fid; vlinkDiff($vlink, $art->vlink, $id); if (!strstr($forum->forum[$fid]['contentRule'], '{PHP}') && !$forum->forum[$fid]['url'] && $forum->forum[$fid]['mode'] == "1" && $status) { include iPATH . 'include/iHtml.class.php'; iHtml::content($id, $mid, $table); iHtml::forum($fid, 1, 0, 1); } if ($art->fid != $fid) { iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count-1 WHERE `fid` ='{$art->fid}' LIMIT 1 "); iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count+1 WHERE `fid` ='{$fid}' LIMIT 1 "); } javascript::dialog('编辑完成!<br />3秒后返回项目列表', 'url:' . $SELFURL); } }
$related = ''; $remote = false; $dellink = false; $autopic = false; $postype = "0"; $body = str_replace(array("\n", "\r", "\t"), "", $_POST['content']); empty($title) && alert('标题不能为空!'); empty($cid) && alert('请选择所属栏目'); empty($body) && empty($url) && alert('文章内容不能为空!'); WordFilter($title) && alert('标题包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($pic) && alert('缩略图包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($source) && alert('出处包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($author) && alert('作者包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($description) && alert('摘要包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($keywords) && alert('关键字包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($body) && alert('文章内容包含被系统屏蔽的字符,请返回重新填写。'); if ($iCMS->config['autodesc'] == "1" && !empty($iCMS->config['descLen']) && empty($description) && empty($url)) { $description = csubstr(HtmToText($body), $iCMS->config['descLen']); } // $remote && remote($body); // (!$remote&&$autopic) && remote($body,true); empty($customlink) && ($customlink = pinyin($title, $iCMS->config['CLsplit'])); $catalog = new catalog(); $isexamine = $catalog->catalog[$cid]['isexamine']; $visible = $isexamine ? '0' : '1'; if (empty($aid)) { empty($userid) && ($userid = $member->uId); $hits = $digg = $comments = 0; $iCMS->db->getValue("SELECT `id` FROM `#iCMS@__article` where `title` = '{$title}'") && alert('该标题的文章已经存在!请检查是否重复'); $iCMS->db->insert('article', compact('cid', 'title', 'stitle', 'customlink', 'url', 'source', 'author', 'editor', 'userid', 'postype', 'keywords', 'tags', 'description', 'related', 'pic', 'pubdate', 'hits', 'digg', 'comments', 'type', 'vlink', 'top', 'visible')); $aid = $iCMS->db->insert_id;
// $contents = preg_replace("/(<a[ \t\r\n]{1,}href=[\"']{0,}http:\/\/[^\/]([^>]*)>)|(<\/a>)/isU","",stripslashes($_POST['commentext'])); // $contents = addslashes(dhtmlspecialchars($contents)); $contents = dhtmlspecialchars($_POST['commentext']); $title = dhtmlspecialchars($_POST['title']); $username = dhtmlspecialchars($_POST['username']); $indexId = (int) $_POST['indexId']; $sortId = (int) $_POST['sortId']; $mId = (int) $_POST['mId']; $quote = (int) $_POST['quote']; $reply = (int) $_POST['reply']; $floor = (int) $_POST['floor']; $anonymous = (int) $_POST['anonymous']; empty($contents) && javascript::json(0, 'comment:empty', $frame); WordFilter($username) && javascript::json(0, 'filter:username', $frame); WordFilter($contents) && javascript::json(0, 'filter:content', $frame); WordFilter($title) && javascript::json(0, 'filter:title', $frame); empty($mId) && ($mId = 0); empty($iCMS->config['anonymousname']) && ($iCMS->config['anonymousname'] = $iCMS->language('guest')); $uid = '0'; $auth = get_cookie('user'); require_once iPATH . "usercp/user.class.php"; // require_once iPATH.'usercp/usercp.lang.php'; if ($auth) { list($a, $p) = explode('#=iCMS!=#', authcode($auth, 'DECODE')); User::checkuser($a, $p); $uid = User::$uId; $username = $anonymous && $iCMS->config['anonymous'] ? $iCMS->config['anonymousname'] : User::$nickname; } else { $iCMS->config['anonymous'] ? $username = $iCMS->config['anonymousname'] : javascript::json(0, 'login:no', $frame); } $status = $iCMS->config['isexamine'] ? '0' : '1';
function doSave() { // print_r($_POST); // exit; set_time_limit(0); $aid = (int) $_POST['aid']; $fid = (int) $_POST['fid']; $userid = (int) $_POST['userid']; $type = (int) $_POST['type']; $orderNum = (int) $_POST['orderNum']; $title = dhtmlspecialchars($_POST['title']); $subtitle = dhtmlspecialchars($_POST['subtitle']); $stitle = dhtmlspecialchars($_POST['stitle']); $pic = dhtmlspecialchars($_POST['pic']); $source = dhtmlspecialchars($_POST['source']); $author = dhtmlspecialchars($_POST['author']); $editor = dhtmlspecialchars($_POST['editor']); $description = dhtmlspecialchars($_POST['description']); $keywords = dhtmlspecialchars($_POST['keywords']); $tags = dhtmlspecialchars($_POST['tags']); $clink = dhtmlspecialchars($_POST['clink']); $url = dhtmlspecialchars($_POST['url']); $tpl = dhtmlspecialchars($_POST['template']); $top = _int($_POST['top']); $vlink = empty($_POST['vlink']) ? "" : implode(',', $_POST['vlink']); $related = empty($_POST['related']) ? "" : implode(',', $_POST['related']); $pubdate = _strtotime($_POST['pubdate']); $remote = isset($_POST['remote']) ? true : false; $dellink = isset($_POST['dellink']) ? true : false; $this->autopic = isset($_POST['autopic']) ? true : false; $status = isset($_POST['draft']) ? "0" : "1"; $postype = $_POST['postype'] ? $_POST['postype'] : "1"; $body = implode('<!--iCMS.PageBreak-->', $_POST['body']); $body = str_replace(array("\n", "\r", "\t", '<p> </p><p> </p>', '<p> </p><p> </p>', '<p> </p><p> </p>'), "", $body); $body = preg_replace(array('/<script.+?<\\/script>/is', '/<form.+?<\\/form>/is', '/<div\\s+style=\\\\"page-break-after:.*?<\\/div>/is'), array('', '', '<!--iCMS.PageBreak-->'), $body); //$body = strip_tags($body,'<div><br><p><img><a><embed><span><b><strong><u><em>'); empty($title) && javascript::alert('标题不能为空!'); empty($fid) && javascript::alert('请选择所属栏目'); empty($body) && empty($url) && javascript::alert('文章内容不能为空!'); WordFilter($title) && javascript::alert('标题包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($body) && javascript::alert('文章内容包含被系统屏蔽的字符,请返回重新填写。'); if ($clink) { for ($i = 0; $i < strlen($clink); $i++) { !preg_match("/[a-zA-Z0-9_\\-~" . preg_quote($this->iCMS->config['CLsplit'], '/') . "]/", $clink[$i]) && javascript::alert('自定链接只能由英文字母、数字或_-~组成(不支持中文)'); } } isset($_POST['keywordToTag']) && empty($tags) && ($tags = $keywords); $tags = implode(',', (array) tag_split($tags)); if ($this->iCMS->config['autodesc'] == "1" && !empty($this->iCMS->config['descLen']) && empty($description) && empty($url)) { $description = csubstr(HtmToText($body), $this->iCMS->config['descLen']); } $remote && FS::remotepic($body, $title); !$remote && $this->autopic && FS::remotepic($body, $title, true); if (empty($clink)) { include iPATH . 'include/cn.class.php'; $clink = CN::pinyin($title, $this->iCMS->config['CLsplit']); } $isPic = empty($pic) ? 0 : 1; $dellink && ($body = preg_replace("/<a[^>].*?>(.*?)<\\/a>/si", "\\1", $body)); $SELFURL = __SELF__ . (empty($_POST['REFERER']) ? '?mo=article&do=manage' : $_POST['REFERER']); $forum = new forum(); if (empty($aid)) { empty($userid) && ($userid = Admin::$uId); $hits = $good = $bad = $comments = 0; $checkCL = iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__article` where `clink` ='{$clink}'"); if ($this->iCMS->config['repeatitle']) { iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__article` where `title` = '{$title}'") && javascript::alert('该标题的文章已经存在!请检查是否重复'); $checkCL && javascript::alert('该自定链接已经存在!请另选一个'); } else { $checkCL && ($clink .= $this->iCMS->config['CLsplit'] . random(6, 1)); } iCMS_DB::insert('article', compact('fid', 'title', 'stitle', 'clink', 'orderNum', 'url', 'source', 'author', 'editor', 'userid', 'postype', 'keywords', 'tags', 'description', 'related', 'isPic', 'pic', 'pubdate', 'hits', 'good', 'bad', 'comments', 'type', 'vlink', 'top', 'status')); $aid = iCMS_DB::$insert_id; if (empty($url)) { // $body = addslashes($body); iCMS_DB::insert('article_data', compact('aid', 'subtitle', 'tpl', 'body')); $this->insert_db_remote($body, $aid); //$iCMS->setCache('system/search',$res,0); } addtags($tags, $aid, $forum->rootid($fid)); $vlink = empty($vlink) ? $fid : $vlink . ',' . $fid; vlinkDiff($vlink, '', $aid); if (!strstr($forum->forum[$fid]['contentRule'], '{PHP}') && !$forum->forum[$fid]['url'] && $forum->forum[$fid]['mode'] == "1" && $status) { include iPATH . 'include/iHtml.class.php'; iHtml::Article($aid); iHtml::forum($fid, 1, 0, 1); } iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count+1 WHERE `fid` ='{$fid}' LIMIT 1 "); $moreaction = array(array("text" => "查看该文章", "url" => $this->iCMS->iurl('show', array(array('id' => $aid, 'link' => $clink, 'url' => $url, 'fid' => $fid, 'pubdate' => $pubdate), $forum->forum[$fid]))->href, "o" => 'target="_blank"'), array("text" => "编辑该文章", "url" => __SELF__ . "?mo=article&do=add&id=" . $aid), array("text" => "继续添加文章", "url" => __SELF__ . "?mo=article&do=add&fid=" . $fid), array("text" => "返回文章列表", "url" => $SELFURL), array("text" => "查看网站首页", "url" => "../index.php", "o" => 'target="_blank"')); javascript::dialog('文章添加完成!<br />10秒后返回文章列表', 'url:' . $SELFURL, $moreaction, 10); } else { $checkCL = iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__article` where `clink` ='{$clink}' AND `id` !='{$aid}'"); if ($this->iCMS->config['repeatitle']) { $checkCL && javascript::alert('该自定链接已经存在!请另选一个'); } else { $checkCL && ($clink .= $this->iCMS->config['CLsplit'] . random(6, 1)); } $art = iCMS_DB::getRow("SELECT `fid`,`tags`,`vlink` FROM `#iCMS@__article` where `id` ='{$aid}'"); TagsDiff($tags, $art->tags, $aid, $forum->rootid($fid)); iCMS_DB::update('article', compact('fid', 'title', 'stitle', 'orderNum', 'clink', 'url', 'source', 'author', 'editor', 'userid', 'postype', 'keywords', 'tags', 'description', 'related', 'isPic', 'pic', 'pubdate', 'type', 'vlink', 'top', 'status'), array('id' => $aid)); $vlink = empty($vlink) ? $fid : $vlink . ',' . $fid; vlinkDiff($vlink, $art->vlink, $aid); if (empty($url)) { // $body = addslashes($body); if (iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__article_data` where `aid` ='{$aid}'")) { iCMS_DB::update('article_data', compact('tpl', 'subtitle', 'body'), compact('aid')); } else { iCMS_DB::insert('article_data', compact('aid', 'subtitle', 'tpl', 'body')); } $this->insert_db_remote($body, $aid); } if (!strstr($forum->forum[$fid]['contentRule'], '{PHP}') && !$forum->forum[$fid]['url'] && $forum->forum[$fid]['mode'] == "1" && $status) { include iPATH . 'include/iHtml.class.php'; iHtml::Article($aid); iHtml::forum($fid, 1, 0, 1); } if ($art->fid != $fid) { iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count-1 WHERE `fid` ='{$art->fid}' LIMIT 1 "); iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count+1 WHERE `fid` ='{$fid}' LIMIT 1 "); } javascript::dialog('文章编辑完成!<br />3秒后返回文章列表', 'url:' . $SELFURL); } }
$value = _strtotime($value); break; case in_array($info['type'], array('text', 'textarea', 'radio', 'select', 'email', 'url', 'image', 'upload')): $value = dhtmlspecialchars($value); break; case in_array($info['type'], array('checkbox', 'multiple')): $value = implode(',', $value); break; case 'editor': $value = $value; break; default: $value = dhtmlspecialchars($value); } } WordFilter($value) && alert($field . '字段包含被系统屏蔽的字符,请返回重新填写。'); $varArray[$field] = $value; $PF[] = $field; } } empty($varArray['customlink']) && ($varArray['customlink'] = pinyin($varArray['title'], $iCMS->config['CLsplit'])); // $remote = isset($_POST['remote']) ?true:false; // $dellink = isset($_POST['dellink']) ?true:false; // $autopic = isset($_POST['autopic']) ?true:false; // $visible = isset($_POST['draft'])?"0":"1"; // $remote && remote($body); // (!$remote&&$autopic) && remote($body,true); // $col = $iCMS->db->getCol("describe `#iCMS@__$__TABLE__`"); $__TABLE__ = $table . '_content'; $MF = explode(',', $model['field']); $diff = array_diff_values($PF, $MF);
function doSave() { include_once iPATH . 'include/tag.class.php'; // print_r($_POST); // exit; set_time_limit(0); $aid = (int) $_POST['aid']; $fid = (int) $_POST['fid']; $title = dhtmlspecialchars($_POST['title']); $source = dhtmlspecialchars($_POST['source']); $author = dhtmlspecialchars($_POST['author']); $description = dhtmlspecialchars($_POST['description']); $keywords = dhtmlspecialchars($_POST['keywords']); $tags = dhtmlspecialchars($_POST['tags']); $pic = dhtmlspecialchars($_POST['pic']); $metadata = dhtmlspecialchars($_POST['metadata']); $metadata = $metadata ? addslashes(serialize($metadata)) : ''; $userid = member::$uId; $pubdate = _strtotime(); $type = 0; $orderNum = 0; $subtitle = ''; $stitle = ''; $editor = ''; $clink = ''; $url = ''; $tpl = ''; $top = 0; $vlink = ""; $related = ""; $postype = 0; $body = str_replace(array("\n", "\r", "\t"), "", $_POST['body']); empty($title) && javascript::alert('标题不能为空!'); empty($fid) && javascript::alert('请选择所属栏目'); empty($body) && javascript::alert('文章内容不能为空!'); WordFilter($title) && javascript::alert('标题包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($source) && javascript::alert('出处包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($author) && javascript::alert('作者包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($description) && javascript::alert('摘要包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($keywords) && javascript::alert('关键字包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($tags) && javascript::alert('标签包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($metadata) && javascript::alert('自定义内容包含被系统屏蔽的字符,请返回重新填写。'); WordFilter($body) && javascript::alert('文章内容包含被系统屏蔽的字符,请返回重新填写。'); if ($this->iCMS->config['AutoPage']) { if ($this->iCMS->config['AutoPageLen'] && !preg_match('/<div\\s+style=\\\\"page-break-after:.*?<\\/div>/is', $body)) { $html = autoformat($body, false); AutoPageBreak::page($html, $this->iCMS->config['AutoPageLen']); $body = implode('<!--iCMS.PageBreak-->', AutoPageBreak::$Rs); AutoPageBreak::$Rs = ''; unset($html); $this->iCMS->config['autoformat'] = false; } } $body = preg_replace(array('/<script.+?<\\/script>/is', '/<form.+?<\\/form>/is', '/<div\\s+style=\\\\"page-break-after:.*?<\\/div>/is'), array('', '', '<!--iCMS.PageBreak-->'), $body); $this->iCMS->config['autoformat'] && ($body = autoformat($body)); if ($this->iCMS->config['autodesc'] == "1" && !empty($this->iCMS->config['descLen']) && empty($description)) { $_body = preg_replace(array('/<p[^>]*>/is', '/<[\\/\\!]*?[^<>]*?>/is', "/\n+/", "/ +/", "/^\n/"), array("\n\n", '', "\n", '', ''), $this->iCMS->config['autoformat'] ? $body : autoformat($body)); $description = csubstr($_body, $this->iCMS->config['descLen']); } $tags = iTAG::split($tags, true); include iPATH . 'include/cn.class.php'; $clink = CN::pinyin($title, $this->iCMS->config['CLsplit']); $isPic = empty($pic) ? 0 : 1; $SELFURL = __SELF__ . (empty($_POST['REFERER']) ? '?mo=article&do=manage' : $_POST['REFERER']); $forum = new forum(); $status = $forum->forum[$fid]['isexamine'] ? '0' : '1'; //审核投稿 if (empty($aid)) { $hits = $good = $bad = $comments = 0; iCMS_DB::insert('article', compact('fid', 'title', 'stitle', 'clink', 'orderNum', 'url', 'source', 'author', 'editor', 'userid', 'postype', 'keywords', 'tags', 'description', 'related', 'metadata', 'isPic', 'pic', 'pubdate', 'hits', 'good', 'bad', 'comments', 'type', 'vlink', 'top', 'status')); $aid = iCMS_DB::$insert_id; iCMS_DB::insert('article_data', compact('aid', 'subtitle', 'tpl', 'body')); if ($_FILES['picfile']) { require_once iPATH . 'include/upload.class.php'; $F = iUpload::FILES("picfile", $aid, $title); iCMS_DB::query("UPDATE `#iCMS@__article` SET `isPic`='1',`pic` = '" . $F["FilePath"] . "' WHERE `id` = '{$aid}'"); } //$this->insert_db_remote($body,$aid); iTAG::add($tags, $userid, $aid, $forum->rootid($fid)); vlinkDiff($fid, '', $aid); if (!strstr($forum->forum[$fid]['contentRule'], '{PHP}') && !$forum->forum[$fid]['url'] && $forum->forum[$fid]['mode'] == "1" && $status) { include iPATH . 'include/iHtml.class.php'; iHtml::Article($aid); iHtml::forum($fid, 1, 0, 1); } if ($status) { iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count+1 WHERE `fid` ='{$fid}' LIMIT 1 "); $moreaction = array(array("text" => "查看该文章", "url" => $this->iCMS->iurl('show', array(array('id' => $aid, 'link' => $clink, 'url' => $url, 'fid' => $fid, 'pubdate' => $pubdate), $forum->forum[$fid]))->href, "o" => 'target="_blank"'), array("text" => "编辑该文章", "url" => __SELF__ . "?mo=article&do=add&id=" . $aid), array("text" => "继续添加文章", "url" => __SELF__ . "?mo=article&do=add&fid=" . $fid), array("text" => "返回文章列表", "url" => $SELFURL), array("text" => "查看网站首页", "url" => "../index.php", "o" => 'target="_blank"')); javascript::dialog('文章发布成功!<br />10秒后返回文章列表', 'url:' . $SELFURL, $moreaction, 10); } else { javascript::dialog('您的投稿文章发布成功!<br />该版块文章需要经过管理员审核才能显示!<br />请耐心等待,我们会尽快审核您的稿件!', 'url:' . $SELFURL, 'ok', 10); } } else { $art = iCMS_DB::getRow("SELECT `fid`,`tags`,`vlink` FROM `#iCMS@__article` where `id` ='{$aid}'"); iTAG::diff($tags, $art->tags, member::$uId, $aid, $forum->rootid($fid)); iCMS_DB::update('article', compact('fid', 'title', 'stitle', 'orderNum', 'clink', 'url', 'source', 'author', 'editor', 'userid', 'postype', 'keywords', 'tags', 'description', 'related', 'metadata', 'isPic', 'pic', 'pubdate', 'type', 'vlink', 'top', 'status'), array('id' => $aid)); vlinkDiff($fid, $art->vlink, $aid); iCMS_DB::update('article_data', compact('tpl', 'subtitle', 'body'), compact('aid')); if ($_FILES['picfile']) { require_once iPATH . 'include/upload.class.php'; $F = iUpload::FILES("picfile", $aid, $title); iCMS_DB::query("UPDATE `#iCMS@__article` SET `isPic`='1',`pic` = '" . $F["FilePath"] . "' WHERE `id` = '{$aid}'"); } //$this->insert_db_remote($body,$aid); if (!strstr($forum->forum[$fid]['contentRule'], '{PHP}') && !$forum->forum[$fid]['url'] && $forum->forum[$fid]['mode'] == "1" && $status) { include iPATH . 'include/iHtml.class.php'; iHtml::Article($aid); iHtml::forum($fid, 1, 0, 1); } if ($status) { if ($art->fid != $fid) { iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count-1 WHERE `fid` ='{$art->fid}' LIMIT 1 "); iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count+1 WHERE `fid` ='{$fid}' LIMIT 1 "); } javascript::dialog('文章编辑完成!<br />3秒后返回文章列表', 'url:' . $SELFURL); } else { javascript::dialog('您的文章编辑完成!<br />该版块文章需要经过管理员审核才能显示!<br />请耐心等待,我们会尽快审核您的稿件!', 'url:' . $SELFURL, 'ok', 10); } } }
<?php require_once "global.php"; require_once iPATH . "include/function/template.php"; $do = $_GET['do']; if (empty($do)) { $iCMS->iPrint("iSYSTEM", "register"); } elseif ($do == 'post') { if ($_POST['action'] == 'save') { ckseccode($_POST['seccode']) && msgJson('seccode', 'error:seccode'); $username = dhtmlspecialchars($_POST['username']); WordFilter($username) && msgJson('username', 'filter:username'); cstrlen($username) < 3 && msgJson('username', 'register:usernameShort'); cstrlen($username) > 12 && msgJson('username', 'register:usernameLong'); $iCMS->db->getValue("SELECT uid FROM `#iCMS@__members` where `username`='{$username}'") && msgJson('username', 'register:usernameusr'); $password = md5(trim($_POST['password'])); $pwdrepeat = md5(trim($_POST['pwdrepeat'])); $password != $pwdrepeat && msgJson('pwdrepeat', 'register:different'); $_POST['email'] && !eregi("^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$", $_POST['email']) && msgJson('email', 'register:emailerror'); $email = $_POST['email']; $gender = intval($_POST['gender']); $nickname = dhtmlspecialchars($_POST['nickname']); // cstrlen($info['nickname'])>12 && msgJson(0,'register:nicknamelong'); $_POST['icq'] && ($info['icq'] = intval($_POST['icq'])); $_POST['home'] && ($info['home'] = dhtmlspecialchars(stripslashes($_POST['home']))); $_POST['year'] && ($info['year'] = intval($_POST['year'])); $_POST['month'] && ($info['month'] = intval($_POST['month'])); $_POST['day'] && ($info['day'] = intval($_POST['day'])); $_POST['from'] && ($info['from'] = dhtmlspecialchars(stripslashes($_POST['from']))); $_POST['signature'] && ($info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature']))); $info = empty($info) ? '' : addslashes(serialize($info));
* @package iCMS V3.1 * @copyright 2007-2009, iDreamSoft * @license http://www.idreamsoft.cn iDreamSoft * @author coolmoo <*****@*****.**> */ require_once "global.php"; header('Content-Type: text/html; charset=utf-8'); $do = $_GET['do']; if (empty($do)) { require_once iPATH . "include/function/template.php"; $iCMS->message(); } elseif ($do == 'post') { if ($_POST['action'] == 'save') { $state = 0; ckseccode($_POST['seccode']) && msgJson(0, 'error:seccode'); $user = array(); $user["name"] = dhtmlspecialchars($_POST['name']); $user["m"] = intval($_POST['m']); $user["email"] = dhtmlspecialchars($_POST['mail']); $user["homepage"] = $_POST['homepage'] == 'http://' ? '' : dhtmlspecialchars($_POST['homepage']); $secret = $_POST['secret']; $messagetext = $_POST['messagetext']; WordFilter($user["name"]) && msgJson(0, 'filter:username'); WordFilter($messagetext) && msgJson(0, 'filter:content'); !eregi("^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$", $user["email"]) && msgJson(0, 'error:email'); empty($messagetext) && msgJson(0, 'message:empty'); $userdate = serialize($user); empty($secret) && ($secret = 'off'); $iCMS->db->query("INSERT INTO `#iCMS@__message`(`user`,`text`,`reply`,`secret`,`addtime`,`ip`)VALUES ('{$userdate}','{$messagetext}','','{$secret}','" . time() . "','" . getip() . "')") && msgJson(1, 'message:finish'); } }
break; case 'logout': set_cookie("user", '', -31536000); set_cookie("seccode", '', -31536000); set_cookie("username", '', -31536000); break; default: require_once iPATH . 'include/UI.class.php'; $action = $_POST['action']; //$forward= $_POST['forward']; if ($action == 'register') { ckseccode($_POST['seccode']) && javascript::json('seccode', 'error:seccode'); $username = dhtmlspecialchars($_POST['username']); $email = dhtmlspecialchars($_POST['email']); !preg_match("/^([\\w\\.-]+)@([a-zA-Z0-9-]+)(\\.[a-zA-Z\\.]+)\$/i", $email) && javascript::json('email', 'register:emailerror'); WordFilter($username) && javascript::json('username', 'filter:username'); iCMS_DB::getValue("SELECT uid FROM `#iCMS@__members` where `username`='{$username}'") && javascript::json('username', 'register:usernameusr'); $password = md5(trim($_POST['password'])); $pwdrepeat = md5(trim($_POST['pwdrepeat'])); $password != $pwdrepeat && javascript::json('pwdrepeat', 'register:different'); $gender = intval($_POST['gender']); $nickname = dhtmlspecialchars($_POST['nickname']); cstrlen($nickname) > 12 && javascript::json(0, 'register:nicknamelong'); $info = array(); $_POST['icq'] && ($info['icq'] = intval($_POST['icq'])); $_POST['home'] && ($info['home'] = dhtmlspecialchars(stripslashes($_POST['home']))); $_POST['year'] && ($info['year'] = intval($_POST['year'])); $_POST['month'] && ($info['month'] = intval($_POST['month'])); $_POST['day'] && ($info['day'] = intval($_POST['day'])); $_POST['from'] && ($info['from'] = dhtmlspecialchars(stripslashes($_POST['from']))); $_POST['signature'] && ($info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature'])));
ckseccode($_POST['seccode']) && msgJson(0, 'error:seccode', $frame); $username = dhtmlspecialchars($_POST['username']); $password = trim($_POST['password']); $iseditor = (int) $_POST['iseditor']; // //去除链接 $commentext = preg_replace("/(<a[ \t\r\n]{1,}href=[\"']{0,}http:\\/\\/[^\\/]([^>]*)>)|(<\\/a>)/isU", "", stripslashes($_POST['commentext'])); $commentext = str_replace(array('<p> </p>', '<p style="margin: 9px 3px; color: #000000; line-height: 20px; text-align: left"> </p>'), '', $commentext); $commentext = $iseditor ? addslashes(sechtml($commentext)) : addslashes(dhtmlspecialchars($commentext)); $title = dhtmlspecialchars($_POST['title']); $aid = (int) $_POST['aid']; $sortid = (int) $_POST['sortid']; $mid = (int) $_POST['mid']; $quote = (int) $_POST['quote']; WordFilter($username) && msgJson(0, 'filter:username', $frame); WordFilter($commentext) && msgJson(0, 'filter:content', $frame); WordFilter($title) && msgJson(0, 'filter:title', $frame); empty($mid) && ($mid = 0); if ($iCMS->config['anonymous'] && empty($password)) { $uid = '0'; } else { if (empty($username) || empty($password)) { empty($username) && msgJson(0, 'comment:emptyusername', $frame); empty($password) && msgJson(0, 'comment:emptypassword', $frame); } require_once iPATH . "usercp/user.class.php"; require_once iPATH . 'usercp/usercp.lang.php'; $member = new User(); $cl = $member->__CL__($username, md5($password)); if ($cl == 'login') { msgJson(0, 'comment:error', $frame); } elseif ($cl == 'success') {