function guestBookPost($intSpamFiler, $intIsSecret) { global $DMC, $DBPrefix, $arrSideModule; $parent = 0; $_POST['isSecret'] = !empty($_POST['isSecret']) ? $_POST['isSecret'] : 0; $author = !empty($_POST['username']) ? $_POST['username'] : $_SESSION['username']; $replypassword = !empty($_POST['replypassword']) ? md5($_POST['replypassword']) : ""; if (!empty($_POST['homepage'])) { if (strpos(";" . $_POST['homepage'], "http://") < 1) { $homepage = "http://" . $_POST['homepage']; } else { $homepage = $_POST['homepage']; } } else { $homepage = ""; } $email = !empty($_POST['email']) ? $_POST['email'] : ""; $_POST['bookface'] = !empty($_POST['bookface']) ? $_POST['bookface'] : "face1"; $sql = "insert into " . $DBPrefix . "guestbook(author,password,homepage,email,ip,content,postTime,isSecret,parent,face,isSpam) values('{$author}','{$replypassword}','" . encode($homepage) . "','" . encode($email) . "','" . getip() . "','" . encode($_POST['message']) . "','" . time() . "','" . max(intval($intIsSecret), intval($_POST['isSecret'])) . "','{$parent}','" . substr(encode($_POST['bookface']), 4) . "','" . $intSpamFiler . "')"; //echo $sql; $DMC->query($sql); //更新cache settings_recount("guestbook"); settings_recache(); recentGbooks_recache(); logs_sidebar_recache($arrSideModule); //保存时间 $_SESSION['replytime'] = time(); }
if (file_exists(F2BLOG_ROOT . "./cache/html/{$mark_id}.php")) { @unlink(F2BLOG_ROOT . "./cache/html/{$mark_id}.php"); } if (file_exists(F2BLOG_ROOT . "./cache/html/{$mark_id}_index.php")) { @unlink(F2BLOG_ROOT . "./cache/html/{$mark_id}_index.php"); } } $sql = "delete from " . $DBPrefix . "logs where {$stritem}"; $DMC->query($sql); //删除关联的评论和引用 $stritem1 = str_replace("id=", "logId=", $stritem); $sql = "delete from " . $DBPrefix . "comments where {$stritem1}"; $DMC->query($sql); $sql = "delete from " . $DBPrefix . "trackbacks where {$stritem1}"; $DMC->query($sql); settings_recount("logs"); //更新Cache hottags_recache(); categories_recache(); settings_recache(); recentLogs_recache(); recentComments_recache(); archives_recache(); calendar_recache(); attachments_recache(); logsTitle_recache(); logs_sidebar_recache($arrSideModule); } } //引用传送 if ($action == "sendtb") {
} //写进数据库 $fileName = $attdesc == "" ? $fileName : encode($attdesc) . "." . $fileType; $rsexits = getFieldValue($DBPrefix . "attachments", "attTitle='" . $fileName . "' and fileType='" . $updateStyle . "' and fileSize='" . $fileSize . "' and logId='0'", "name"); if ($rsexits == "") { $sql = "INSERT INTO " . $DBPrefix . "attachments(name,attTitle,fileType,fileSize,fileWidth,fileHeight,postTime,logId) VALUES ('{$value}','{$fileName}','{$updateStyle}','{$fileSize}','{$fileWidth}','{$fileHeight}','" . time() . "',0)"; $DMC->query($sql); } else { print_message($strDataExists); } do_filter("f2_attach", $basefile); if (!empty($thumbfile)) { do_filter("f2_attach", $thumbfile); //縮略圖 } settings_recount("attachments"); settings_recache(); $action = ""; } } } if ($action == "delete" || $action == "deleteall") { $stritem = ""; $fileListNew = $_POST['fileList']; for ($i = 0; $i < count($fileListNew); $i++) { $arrname = explode("|", $fileListNew[$i]); $name = $arrname[0]; //刪除文件 if ($action == "deleteall" && strpos($name, "://") < 1) { $curName = "../attachments/" . $name; if (file_exists($curName)) {
} } } if ($_POST['operation'] == "delete" and $stritem != "") { $sql = "delete from " . $DBPrefix . "trackbacks where {$stritem}"; $DMC->query($sql); } if ($_POST['operation'] == "hidden" and $stritem != "") { $sql = "update " . $DBPrefix . "trackbacks set isApp='0' where {$stritem}"; $DMC->query($sql); } if ($_POST['operation'] == "show" and $stritem != "") { $sql = "update " . $DBPrefix . "trackbacks set isApp='1' where {$stritem}"; $DMC->query($sql); } settings_recount("trackbacks"); settings_recache(); $action = ""; } if ($action == "all") { $seekname = ""; } $seek_url = "{$PHP_SELF}?order={$order}"; //查找用链接 $order_url = "{$PHP_SELF}?seekname={$seekname}"; //排序栏用的链接 $page_url = "{$PHP_SELF}?seekname={$seekname}&order={$order}"; //页面导航链接 $edit_url = "{$PHP_SELF}?seekname={$seekname}&order={$order}&page={$page}"; //编辑或新增链接 $showmode_url = "{$PHP_SELF}?order={$order}&page={$page}";
} } $DMC->query("select homepage from {$DBPrefix}comments limit 0,1", "T"); if ($DMC->error()) { //更改表结构(2007-02-01) $DMC->query("ALTER TABLE `{$DBPrefix}setting` CHANGE `settValue` `settValue` text NOT NULL"); $DMC->query("ALTER TABLE `{$DBPrefix}comments` ADD `homepage` varchar(100) NOT NULL default ''"); $DMC->query("ALTER TABLE `{$DBPrefix}comments` ADD `email` varchar(100) NOT NULL default ''"); $DMC->query("ALTER TABLE `{$DBPrefix}comments` ADD `face` varchar(30) NOT NULL default ''"); } //清除属性(2007-02-01) if ($DMC->fetchArray($DMC->query("select * from " . $DBPrefix . "setting where settName='disTop'"))) { $DMC->query("delete from {$DBPrefix}setting where settName='disTop' or settName='calendarmonth'"); } //重新生成Cache settings_recount(); settings_recache(); $settingInfo['stype'] = $settingInfo['rewrite'] > 0 ? ".html" : ""; modules_recache(); header("Location: db_restore.php?update=ok&msg=" . urlencode($ActionMessage)); exit; } } if ($action == "delete") { list($filename, $filecount) = explode("|", $_POST['restorefile']); //有分卷 if ($filecount > 1) { for ($i = 1; $i <= $filecount; $i++) { $delname = str_replace(".sql", "_v" . $i . ".sql", $filename); if (file_exists($data_path . "/" . $delname)) { @unlink($data_path . "/" . $delname);
} //检测用户名 if ($check_info == 1) { $userexits = getFieldValue($DBPrefix . "members", "username='******'addusername']}' or nickname='{$_POST['addusername']}'", "username"); $check_info = $userexits != "" ? 0 : 1; } if ($check_info == 0) { $ActionMessage = $nickrsexits != "" ? "{$strCurUserExists}" : "{$strRegisterInvaild}"; } else { $sql = "INSERT INTO " . $DBPrefix . "members(username,password,email,isHiddenEmail,homePage,lastVisitTime,lastVisitIP,regIp,hashKey,role,nickname) VALUES ('{$_POST['addusername']}',md5('" . $_POST['addpassword'] . "'),'{$_POST['email']}','{$_POST['isHiddenEmail']}','{$_POST['homePage']}','" . time() . "','" . getip() . "','" . getip() . "','','member','{$_POST['nickname']}')"; $DMC->query($sql); $ActionMessage2 = "{$strRegSucc}"; } } members_recache(); settings_recount("members"); settings_recache(); } } if (!empty($_SESSION['username']) && $_SESSION['username'] != "") { $dataInfo = $DMC->fetchArray($DMC->query("select nickname,email,isHiddenEmail,homePage from {$DBPrefix}members where username='******'username']}'")); $nickname = $dataInfo['nickname']; $email = $dataInfo['email']; $isHiddenEmail = $dataInfo['isHiddenEmail']; $homePage = $dataInfo['homePage']; } ?> <!--内容--> <div id="Tbody"> <br /><br />
$_POST['isSecret'] = $_POST['isSecret'] ? $_POST['isSecret'] : 0; $author = $_POST['username'] ? $_POST['username'] : $_SESSION['username']; $replypassword = $_POST['replypassword'] ? md5($_POST['replypassword']) : ""; $_POST['bookface'] = !empty($_POST['bookface']) ? $_POST['bookface'] : "face1"; if (!empty($_POST['homepage'])) { if (strpos(";" . $_POST['homepage'], "http://") < 1) { $_POST['homepage'] = "http://" . $_POST['homepage']; } } else { $_POST['homepage'] = ""; } $sql = "insert into " . $DBPrefix . "guestbook(author,password,homepage,email,ip,content,postTime,isSecret,parent,face) values('{$author}','{$replypassword}','" . encode($_POST['homepage']) . "','" . encode($_POST['email']) . "','" . getip() . "','" . encode($_POST['message']) . "','" . time() . "','" . encode($_POST['isSecret']) . "','{$parent}','" . substr(encode($_POST['bookface']), 4) . "')"; //echo $sql; $DMC->query($sql); //更新cache settings_recount("guestbook"); settings_recache(); recentGbooks_recache(); logs_sidebar_recache($arrSideModule); //保存时间 $_SESSION['replytime'] = time(); //清空内容 $_POST['message'] = ""; //echo "<script language=\"javascript\">window.location.href='$gourl';</script>"; //echo "<script language=\"javascript\">window.reload</script>"; header("location:" . str_replace("&", "&", $gourl) . "{$settingInfo['stype']}"); } } //允许回复 if ($allow_reply) { ?>
function guestBookPost($intSpamFiler, $intIsSecret) { global $DMC, $DBPrefix, $arrSideModule, $settingInfo; $_POST['isSecret'] = isset($_POST['isSecret']) ? $_POST['isSecret'] : 0; $author = isset($_POST['username']) ? $_POST['username'] : $_SESSION['username']; $replypassword = isset($_POST['replypassword']) ? md5($_POST['replypassword']) : ""; //$_POST['homepage']=(isset($_POST['homepage']))?$_POST['homepage']:""; if (!empty($_POST['homepage'])) { if (strpos(";" . $_POST['homepage'], "http://") < 1) { $_POST['homepage'] = "http://" . $_POST['homepage']; } } else { $_POST['homepage'] = ""; } $_POST['email'] = isset($_POST['email']) ? $_POST['email'] : ""; $_POST['bookface'] = !empty($_POST['bookface']) ? $_POST['bookface'] : "face1"; if ($_GET['load'] == "read") { //评论 $sql = "insert into " . $DBPrefix . "comments(author,password,logId,homepage,email,face,ip,content,postTime,isSecret,parent) values('{$author}','{$replypassword}','" . $id . "','" . encode($_POST['homepage']) . "','" . encode($_POST['email']) . "','" . substr(encode($_POST['bookface']), 4) . "','" . getip() . "','" . encode($_POST['message']) . "','" . time() . "','" . max(intval($intIsSecret), intval($_POST['isSecret'])) . "','{$postid}')"; } else { $sql = "insert into " . $DBPrefix . "guestbook(author,password,homepage,email,ip,content,postTime,isSecret,parent,face) values('{$author}','{$replypassword}','" . encode($_POST['homepage']) . "','" . encode($_POST['email']) . "','" . getip() . "','" . encode($_POST['message']) . "','" . time() . "','" . max(intval($intIsSecret), intval($_POST['isSecret'])) . "','{$postid}','" . substr(encode($_POST['bookface']), 4) . "')"; } //echo $sql; $DMC->query($sql); //保存时间 $_SESSION['replytime'] = time(); //更新cache if ($_GET['load'] == "read") { //评论 //更新LOGS评论数量 settings_recount("comments"); settings_recache(); $DMC->query("UPDATE " . $DBPrefix . "logs SET commNums=commNums+1 WHERE id='{$id}'"); //更新cache recentComments_recache(); logs_sidebar_recache($arrSideModule); } else { settings_recount("guestbook"); settings_recache(); recentGbooks_recache(); logs_sidebar_recache($arrSideModule); } //不使用Ajax技术 if (strpos(";{$settingInfo['ajaxstatus']};", "G") < 1) { $load = $_GET['load']; $page = $_GET['page']; echo "<script language=javascript> \n"; if ($_GET['load'] == "read") { if ($settingInfo['rewrite'] == 0) { $gourl = "index.php?load={$load}&id={$id}&page={$page}"; } if ($settingInfo['rewrite'] == 1) { $gourl = "rewrite.php/{$load}-{$id}-{$page}"; } if ($settingInfo['rewrite'] == 2) { $gourl = "{$load}-{$id}-{$page}"; } echo " opener.location.href='{$gourl}{$settingInfo['stype']}';\n"; echo " opener.reload;\n"; } else { if ($settingInfo['rewrite'] == 0) { $gourl = "index.php?load={$load}&page={$page}"; } if ($settingInfo['rewrite'] == 1) { $gourl = "rewrite.php/{$load}-{$page}"; } if ($settingInfo['rewrite'] == 2) { $gourl = "{$load}-{$page}"; } echo " opener.location.href='{$gourl}{$settingInfo['stype']}';\n"; echo " opener.reload;\n"; } echo " window.close();\n"; echo "</script> \n"; exit; } }
function guestBookPost($id, $intSpamFiler, $intIsSecret, $settingInfo, $gourl) { global $DMC, $DBPrefix, $arrSideModule; $parent = 0; $_POST['isSecret'] = $_POST['isSecret'] ? $_POST['isSecret'] : 0; $author = $_POST['username'] ? $_POST['username'] : $_SESSION['username']; $replypassword = $_POST['replypassword'] ? md5($_POST['replypassword']) : ""; $_POST['bookface'] = !empty($_POST['bookface']) ? $_POST['bookface'] : "face1"; if (isset($_POST['homepage'])) { if (strpos(";" . $_POST['homepage'], "http://") < 1) { $_POST['homepage'] = "http://" . $_POST['homepage']; } } else { $_POST['homepage'] = ""; } $_POST['email'] = !empty($_POST['email']) ? $_POST['email'] : ""; $sql = "insert into " . $DBPrefix . "comments(author,password,logId,homepage,email,face,ip,content,postTime,isSecret,parent) values('{$author}','{$replypassword}','" . $id . "','" . encode($_POST['homepage']) . "','" . encode($_POST['email']) . "','" . substr(encode($_POST['bookface']), 4) . "','" . getip() . "','" . encode($_POST['message']) . "','" . time() . "','" . max(intval($intIsSecret), intval($_POST['isSecret'])) . "','{$parent}')"; //echo $sql; $DMC->query($sql); //更新LOGS评论数量 settings_recount("comments"); settings_recache(); $DMC->query("UPDATE " . $DBPrefix . "logs SET commNums=commNums+1 WHERE id='{$id}'"); //更新cache recentComments_recache(); logs_sidebar_recache($arrSideModule); //保存时间 $_SESSION['replytime'] = time(); //清空内容 $_POST['message'] = ""; header("location:" . str_replace("&", "&", $gourl) . "{$settingInfo['stype']}"); exit; }
} if ($stritem != "") { $stritem .= " or id='{$itemlist[$i]}'"; $strlogsitem .= " or cateId='{$itemlist[$i]}'"; } else { $stritem .= "id='{$itemlist[$i]}'"; $strlogsitem .= "cateId='{$itemlist[$i]}'"; } } //删除类别与日志 if ($_POST['operation'] == "delete" and $stritem != "") { $sql = "delete from " . $DBPrefix . "categories where {$stritem}"; $DMC->query($sql); $sql = "delete from " . $DBPrefix . "logs where {$strlogsitem}"; $DMC->query($sql); settings_recount("categories"); settings_recache(); } //隐藏 if ($_POST['operation'] == "ishidden" and $stritem != "") { $sql = "update " . $DBPrefix . "categories set isHidden='1' where {$stritem}"; $DMC->query($sql); } //显示 if ($_POST['operation'] == "isshow" and $stritem != "") { $sql = "update " . $DBPrefix . "categories set isHidden='0' where {$stritem}"; $DMC->query($sql); } //移动类别 if ($_POST['operation'] == "move" and $stritem != "") { $sql = "update " . $DBPrefix . "categories set parent='" . $_POST['parent'] . "' where {$stritem}";
function blogger_deletePost($values) { global $settingInfo, $DMC, $DBPrefix, $arrSideModule; global $strArrayMonth, $strArrayDay, $strYear, $strMonth, $arrWeek, $strDayLogs, $strCalendar; global $strModifyInfo, $strLogout, $strLoginSubmit, $strUserRegister; global $strSearchErr, $strKeyword, $strSearchTitle, $strSearchContent, $strSearchTitleContent, $strFind; $userdetail = check_user_pw($values['username'], $values['password']); $records = $DMC->fetchArray($DMC->query("SELECT * FROM `{$DBPrefix}logs` WHERE `id`='{$values['postid']}'")); if ($records['id'] == '') { xml_error("Entry does not exist."); } else { $DMC->query("DELETE FROM `{$DBPrefix}logs` WHERE `id`='{$values['postid']}'"); //更新Cache settings_recount("logs"); settings_recache(); categories_recount(); categories_recache(); recentLogs_recache(); archives_recache(); calendar_recache(); logsTitle_recache(); logs_sidebar_recache($arrSideModule); $xml_logContent = make_xml_piece("boolean", '1'); $body_xml = xml_generate($xml_logContent); //writetofile ("text2.xml", $body_xml); //For debug use send_response($body_xml); } }
//其它操作行为:编辑、删除等 if ($action == "operation") { $stritem = ""; $itemlist = $_POST['itemlist']; for ($i = 0; $i < count($itemlist); $i++) { if ($stritem != "") { $stritem .= " or id='{$itemlist[$i]}'"; } else { $stritem .= "id='{$itemlist[$i]}'"; } } if ($_POST['operation'] == "delete" and $stritem != "") { $sql = "delete from " . $DBPrefix . "tags where {$stritem}"; $DMC->query($sql); } settings_recount("tags"); settings_recache(); //更新Cache hottags_recache(); logs_sidebar_recache($arrSideModule); } if ($action == "all") { $seekname = ""; } $seek_url = "{$PHP_SELF}?order={$order}"; //查找用链接 $order_url = "{$PHP_SELF}?seekname={$seekname}"; //排序栏用的链接 $page_url = "{$PHP_SELF}?seekname={$seekname}&order={$order}"; //页面导航链接 $edit_url = "{$PHP_SELF}?seekname={$seekname}&order={$order}&page={$page}";
function guestBookPost($intSpamFiler, $intIsSecret) { global $DMC, $DBPrefix, $arrSideModule; $parent = 0; $_POST['isSecret'] = $_POST['isSecret'] ? $_POST['isSecret'] : 0; $author = $_POST['username'] ? $_POST['username'] : $_SESSION['username']; $replypassword = $_POST['replypassword'] ? md5($_POST['replypassword']) : ""; $_POST['bookface'] = !empty($_POST['bookface']) ? $_POST['bookface'] : "face1"; if (!empty($_POST['homepage'])) { if (strpos(";" . $_POST['homepage'], "http://") < 1) { $_POST['homepage'] = "http://" . $_POST['homepage']; } } else { $_POST['homepage'] = ""; } $sql = "insert into " . $DBPrefix . "guestbook(author,password,homepage,email,ip,content,postTime,isSecret,parent,face,isSpam) values('{$author}','{$replypassword}','" . encode($_POST['homepage']) . "','" . encode($_POST['email']) . "','" . getip() . "','" . encode($_POST['message']) . "','" . time() . "','" . max(intval($intIsSecret), intval($_POST['isSecret'])) . "','{$parent}','" . substr(encode($_POST['bookface']), 4) . "','" . $intSpamFiler . "')"; //echo $sql; $DMC->query($sql); //更新cache settings_recount("guestbook"); settings_recache(); recentGbooks_recache(); logs_sidebar_recache($arrSideModule); //保存时间 $_SESSION['replytime'] = time(); //清空内容 $_POST['message'] = ""; //echo "<script language=\"javascript\">window.location.href='$gourl';</script>"; //echo "<script language=\"javascript\">window.reload</script>"; header("location:" . str_replace("&", "&", $gourl) . "{$settingInfo['stype']}"); exit; }
} } } if ($check_info) { $parent = 0; $_POST['isSecret'] = $_POST['isSecret'] ? $_POST['isSecret'] : 0; $author = $_POST['username'] ? $_POST['username'] : $_SESSION['username']; $replypassword = $_POST['replypassword'] ? md5($_POST['replypassword']) : ""; $_POST['bookface'] = !empty($_POST['bookface']) ? $_POST['bookface'] : "face1"; $_POST['homepage'] = !empty($_POST['homepage']) ? $_POST['homepage'] : ""; $_POST['email'] = !empty($_POST['email']) ? $_POST['email'] : ""; $sql = "insert into " . $DBPrefix . "comments(author,password,logId,homepage,email,face,ip,content,postTime,isSecret,parent) values('{$author}','{$replypassword}','" . $id . "','" . encode($_POST['homepage']) . "','" . encode($_POST['email']) . "','" . substr(encode($_POST['bookface']), 4) . "','" . getip() . "','" . encode($_POST['message']) . "','" . time() . "','" . encode($_POST['isSecret']) . "','{$parent}')"; //echo $sql; $DMC->query($sql); //更新LOGS评论数量 settings_recount("comments"); settings_recache(); $DMC->query("UPDATE " . $DBPrefix . "logs SET commNums=commNums+1 WHERE id='{$id}'"); //更新cache recentComments_recache(); logs_sidebar_recache($arrSideModule); //保存时间 $_SESSION['replytime'] = time(); //清空内容 $_POST['message'] = ""; header("location:" . str_replace("&", "&", $gourl) . "{$settingInfo['stype']}"); //echo "<script language=\"javascript\">window.location.href='$gourl';</script>"; //echo "<script language=\"javascript\">window.reload</script>"; } } //评论