Beispiel #1
0
 /**
  * 关闭这个主题
  * @param:  NULL
  * @return: NULL
  * @access: public
  */
 public function run()
 {
     //取回用户需要关闭的帖子id
     $id = $this->getParameterFromGET('id');
     if (!$id) {
         $this->AlertAndBack(CT_ID_IS_EMPTY);
         return;
     }
     //验证主题是否存在
     if (!TopicUtil::isExists($this->db, $id)) {
         $this->AlertAndBack(CT_ID_IS_NOT_EXISTS);
         return;
     }
     //验证用户的身份
     $sql = 'select id, group_dep from base_user_info where lower(user_name) =?';
     $sth = $this->db->prepare($sql);
     $res = $this->db->Execute($sth, array(strtolower($_SESSION['user']['name'])));
     $rows = $res->FetchRow();
     $user_id = $rows['id'];
     $user_group = $rows['group_dep'];
     if ($user_group != 1 && $user_group != 2 && $user_group != 3) {
         //用户就没有权限关闭主题
         $this->AlertAndBack(CT_USER_HAVE_NO_PRIVILEGES);
         return;
     }
     if ($user_group == 3) {
         //如果用户是版主
         //则查看用户是否是本版的版主
         //或者是其父版版主
         $layout_id = TopicUtil::getLayoutId($this->db, $id);
         $temp_array = array();
         LayoutUtil::getParentId($this->db, $layout_id, $temp_array);
         array_push($temp_array, $layout_id);
         $sql = 'select count(*) as num from bbs_layout_manager where user_id=? and ' . ' layout_id in (' . implode(',', $temp_array) . ')';
         $sth = $this->db->prepare($sql);
         $res = $this->db->Execute($sth, array($user_id));
         $rows = $res->FetchRow();
         if (!$rows['num']) {
             $this->AlertAndBack(CT_USER_HAVE_NO_PRIVILEGES);
             return;
         }
     }
     //其他的情况中用户是可以关闭这个主题的。
     //用户是这个版块的版主
     //用户是超级版主
     //用户是系统管理员
     $sql = 'update bbs_subject set subject_status=2 where id=?';
     $sth = $this->db->prepare($sql);
     $this->db->Execute($sth, array($id));
     if ($this->db->ErrorNo()) {
         $this->AlertAndBack($this->db->ErrorMsg());
         return;
     }
     $this->TipsAndForward(TAF_CLOSE_TOPIC_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $id);
     return;
 }
Beispiel #2
0
 /**
  * 关闭这个主题
  * @param:  NULL
  * @return: NULL
  * @access: public
  */
 public function run()
 {
     //取回用户需要删除的帖子id
     $id = $this->getParameterFromGET('id');
     if (!$id) {
         $this->AlertAndBack(ST_ID_IS_EMPTY);
         return;
     }
     //验证主题是否存在
     if (!TopicUtil::isExists($this->db, $id)) {
         $this->AlertAndBack(ST_ID_IS_NOT_EXISTS);
         return;
     }
     //验证用户的身份
     $sql = 'select id, group_dep from base_user_info where lower(user_name) =?';
     $sth = $this->db->prepare($sql);
     $res = $this->db->Execute($sth, array(strtolower($_SESSION['user']['name'])));
     $rows = $res->FetchRow();
     $user_id = $rows['id'];
     $user_group = $rows['group_dep'];
     if ($user_group != 1 && $user_group != 2 && $user_group != 3) {
         //用户就没有权限打开主题
         $this->AlertAndBack(ST_USER_HAVE_NO_PRIVILEGES);
         return;
     }
     if ($user_group == 3) {
         //如果用户是版主
         //则查看用户是否是本版的版主
         $layout_id = TopicUtil::getLayoutId($this->db, $id);
         $temp_array = array();
         LayoutUtil::getParentId($this->db, $layout_id, $temp_array);
         array_push($temp_array, $layout_id);
         $sql = 'select count(*) as num from bbs_layout_manager where user_id=? and ' . ' layout_id in (' . implode(',', $temp_array) . ')';
         $sth = $this->db->prepare($sql);
         $res = $this->db->Execute($sth, array($user_id));
         $rows = $res->FetchRow();
         if (!$rows['num']) {
             $this->AlertAndBack(ST_USER_HAVE_NO_PRIVILEGES);
             return;
         }
     }
     //其他的情况中用户是可以关闭这个主题的。
     //用户是这个版块的版主
     //用户是超级版主
     //用户是系统管理员
     $smarty = $this->getSmarty();
     $smarty->assign('clone_title', ST_DELETE_TOPIC);
     $smarty->assign('id', $id);
     $smarty->display('deltopic.tmpl');
 }
Beispiel #3
0
 /**
  * 关闭这个主题
  * @param:  NULL
  * @return: NULL
  * @access: public
  */
 public function run()
 {
     //取回用户需要设置帖子id
     $id = $this->getParameterFromGET('id');
     if (!$id) {
         $this->AlertAndBack(SB_ID_IS_EMPTY);
         return;
     }
     //验证主题是否存在
     if (!TopicUtil::isExists($this->db, $id)) {
         $this->AlertAndBack(SB_ID_IS_NOT_EXISTS);
         return;
     }
     //验证用户的身份
     $sql = 'select id, group_dep from base_user_info where lower(user_name) =?';
     $sth = $this->db->prepare($sql);
     $res = $this->db->Execute($sth, array(strtolower($_SESSION['user']['name'])));
     $rows = $res->FetchRow();
     $user_id = $rows['id'];
     $user_group = $rows['group_dep'];
     if ($user_group != 1 && $user_group != 2 && $user_group != 3) {
         //用户就没有权限设置主题
         $this->AlertAndBack(SB_USER_HAVE_NO_PRIVILEGES);
         return;
     }
     if ($user_group == 3) {
         //如果用户是版主
         //则查看用户是否是本版的版主
         $layout_id = TopicUtil::getLayoutId($this->db, $id);
         $sql = 'select count(*) as num from bbs_layout_manager where user_id=? and ' . ' layout_id=?';
         $sth = $this->db->prepare($sql);
         $res = $this->db->Execute($sth, array($user_id, $layout_id));
         $rows = $res->FetchRow();
         if (!$rows['num']) {
             $this->AlertAndBack(SB_USER_HAVE_NO_PRIVILEGES);
             return;
         }
     }
     //其他的情况中用户是可以关闭这个主题的。
     //用户是这个版块的版主
     //用户是超级版主
     //用户是系统管理员
     $sql = 'update bbs_subject set is_best=1 where id=?';
     $sth = $this->db->Prepare($sql);
     $this->db->Execute($sth, array($id));
     //成功后,则转向
     $this->TipsAndForward(SB_SET_SUCCESS_LABEL, 'index.php?module=bbs&action=viewtopic&id=' . $id);
 }
Beispiel #4
0
 /**
  * 保存新回复
  * @param:  NULL
  * @return: NULL
  * @access: public
  */
 public function run()
 {
     //取得主题的id
     $topic_id = $this->getParameterFromPOST('id');
     //验证帖子的是否存在
     if (!TopicUtil::isExists($this->db, $topic_id)) {
         $this->AlertAndBack(TOPIC_IS_NOT_EXISTS);
         return;
     }
     //验证帖子的状态
     $status = TopicUtil::getTopicStatus($this->db, $topic_id);
     //注意状态为3,则为帖子被锁定,不能回复了。
     if ($status == 2) {
         $this->AlertAndBack(TOPIC_HAD_BE_CLOSED);
         return;
     } else {
         if ($status == 3) {
             $this->AlertAndBack(TOPIC_HAD_BE_LOCK);
             return;
         }
     }
     //取得版块的id
     $bbs_id = TopicUtil::getLayoutId($this->db, $topic_id);
     if (!$bbs_id) {
         $this->forward('index.php');
     }
     //验证论坛是否存在
     if (!LayoutUtil::isExists($this->db, $bbs_id)) {
         //论坛不存在,则转向首页
         $this->forward('index.php');
     }
     //更新用户在本版的信息
     LayoutUtil::updateOnlineUser($this->db, $bbs_id);
     $bbs_status = LayoutUtil::getLayoutStatus($this->db, $bbs_id);
     if ($bbs_status == 1 && !isset($_SESSION['user'])) {
         $this->AlertAndForward(SNT_NEED_LOGIN, 'index.php?module=user&action=showlogin');
         return;
     } else {
         if ($bbs_status == 2) {
             $this->AlertAndForward(SNT_LAYOUT_WAS_CLOSED, 'index.php');
             return;
         } else {
             if ($bbs_status == 3) {
                 //等于三不允许发帖
                 $this->AlertAndBack(SNT_NOW_ALLOW_NEW_TOPIC);
                 return;
             } else {
                 if (LayoutUtil::isClosedByParent($this->db, $bbs_id)) {
                     $this->AlertAndForward(SNT_LAYOUT_WAS_CLOSED, 'index.php');
                     return;
                 }
             }
         }
     }
     //取得各种参数
     //帖子的表情
     $express = $this->getParameterFromPost('express');
     //上传的帖子标题
     $title = $this->getParameterFromPost('title');
     //上传的内容
     $content = $this->getParameterFromPost('content');
     //记录在Session里
     $_SESSION['temp_title'] = $title;
     $_SESSION['temp_content'] = $content;
     $_SESSION['temp_express'] = $express;
     //看文件是否有文件上传
     if ($_FILES['attach']['tmp_name']) {
         //用户有上传文件
         if ($_FILES['attach']['type'] != 'image/gif' && $_FILES['attach']['type'] != 'image/jpeg' && $_FILES['attach']['type'] != 'image/jpg' && $_FILES['attach']['type'] != 'image/pjpeg' && $_FILES['attach']['type'] != 'image/png') {
             $this->AlertandBack(ST_PHONE_FILE_LIMIT);
         }
         //判断上传的文件大小是否合乎要求
         if ($_FILES['attach']['size'] > 1048576) {
             $this->AlertAndBack(ST_PHONE_FILE_SIZE_LIMIT);
             return;
         }
     }
     //回复标题可以为空
     //如果标题为空,则自动生成一个标题
     if (!$title || strlen($title) <= 0) {
         $sql = 'select title from bbs_subject where id=?';
         $sth = $this->db->Prepare($sql);
         $res = $this->db->Execute($sth, array($topic_id));
         $rows = $res->FetchRow();
         $title = "Re:" . $rows['title'];
     }
     /*
           if ( strlen($title) > 143 ) {
              $this->AlertAndBack(ST_TITLE_TOO_LONG);
              return;
           }*/
     if (!$content || strlen($content) <= 0) {
         $this->AlertAndBack(ST_CONTENT_IS_EMPTY);
         return;
     }
     //插入新回复
     $ip_temp = getIp();
     $ip = $ip_temp['ip'];
     $user_name = $_SESSION['user']['name'];
     $now = time();
     $sql = 'insert into  bbs_reply ( layout_id, title, author, content, post_ip, ' . 'post_date, express, subject_id ) values (?, ?, ?, ?, ?, ?, ?, ?) ';
     $sth = $this->{'db'}->Prepare($sql);
     $this->{'db'}->Execute($sth, array($bbs_id, $title, $user_name, $content, $ip, $now, $express, $topic_id));
     if ($this->{'db'}->ErrorNo()) {
         $this->AlertAndBack($this->{'db'}->ErrorMsg());
         return;
     }
     //得到最后的id
     $insert_id = $this->{'db'}->Insert_id();
     if ($_FILES['attach']['tmp_name']) {
         //取得文件的大小
         list($image_width, $image_height, $image_type, $image_attr) = getimagesize($_FILES['attach']['tmp_name']);
         //判断文件的类型
         switch ($image_type) {
             case 1:
                 $image_left_type = '.gif';
                 break;
             case 2:
                 $image_left_type = '.jpg';
                 break;
             case 3:
                 $image_left_type = '.png';
                 break;
         }
         //存储的文件名
         $file_name = ROOT_PATH . 'upload/attach/reply/' . $insert_id . $image_left_type;
         if (!move_uploaded_file($_FILES['attach']['tmp_name'], $file_name)) {
             $sql = 'delete from bbs_reply where id=?';
             $sth = $this->{'db'}->Prepare($sql);
             $this->{'db'}->Execute($sth, array($insert_id));
             $this->AlertAndBack(ST_UPLOAD_ERROR);
             return;
         } else {
             $sql = 'insert into bbs_reply_attach (reply_id, file_type) ' . ' values (?, ?)';
             $sth = $this->{'db'}->Prepare($sql);
             $this->{'db'}->Execute($sth, array($insert_id, $image_left_type));
         }
     }
     unset($_SESSION['temp_title']);
     unset($_SESSION['temp_content']);
     unset($_SESSION['temp_express']);
     //发送短信,通知各个用户有回复了你的帖子
     //发送邮件,通知各个用户有回复了你的帖子
     $mail_user = array();
     $message_user = array();
     $sql = 'select a.author, b.user_email, b.id from bbs_subject a join ' . ' base_user_info b on a.author = b.user_name ' . ' join user_setting c on b.id=c.user_id where a.id=? and	c.user_whether_receive_email=1';
     $sth = $this->db->Prepare($sql);
     $res = $this->db->Execute($sth, array($topic_id));
     $rows = $res->FetchRow();
     if ($rows['id']) {
         $mail_user[] = $rows['user_email'];
     }
     $sql = 'select distinct a.author, b.user_email, b.id from bbs_reply a join base_user_info b ' . ' on a.author = b.user_name join user_setting c on b.id=c.user_id ' . ' where a.subject_id=? and c.user_whether_receive_email=1';
     $sth = $this->db->Prepare($sql);
     $res = $this->db->Execute($sth, array($topic_id));
     while ($rows = $res->FetchRow()) {
         if ($rows['id']) {
             $mail_user[] = $rows['user_email'];
         }
     }
     $mail_user = array_unique($mail_user);
     //计算发送短信的用户数组
     $sql = 'select a.author, b.id from bbs_subject a join ' . ' base_user_info b on a.author = b.user_name ' . ' join user_setting c on b.id=c.user_id where a.id=? and	c.receive_system_message=1';
     $sth = $this->db->Prepare($sql);
     $res = $this->db->Execute($sth, array($topic_id));
     $rows = $res->FetchRow();
     if ($rows['id']) {
         $message_user[] = $rows['id'];
     }
     $sql = 'select distinct a.author,  b.id from bbs_reply a join base_user_info b ' . ' on a.author = b.user_name join user_setting c on b.id=c.user_id ' . ' where a.subject_id=? and c.receive_system_message=1';
     $sth = $this->db->Prepare($sql);
     $res = $this->db->Execute($sth, array($topic_id));
     while ($rows = $res->FetchRow()) {
         if ($rows['id']) {
             $message_user[] = $rows['id'];
         }
     }
     $message_user = array_unique($message_user);
     //开始发送邮件
     $to_address = implode(',', $mail_user);
     $mail_content = ST_MAIL_CONTENT . "\n\n";
     $mail_content .= ROOT_URL . 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . "\n\n";
     $headers = "To:" . $to_address . "\r\n";
     $headers .= "From:" . WEBSITE_EMAIL . "\r\n";
     //发送邮件:
     @mail($to_address, ST_MAIL_SUBJECT, $mail_content, $headers);
     //发送短消息
     //发件人
     $sender = '0';
     $message_content = ST_MESSAGE_CONTENT . "\n";
     $now = getNoFormateCurrentDate();
     $message_content .= "[url=" . 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . "][color=red]" . ST_CLICK_HERE . "[/color]" . "[/url]";
     $sql = 'insert into message_inbox ( user_id, send_user_id, title, receive_time, content ) ' . ' values ( ?, ?, ?, ?, ?) ';
     $sth = $this->db->Prepare($sql);
     foreach ($message_user as $user) {
         $this->db->Execute($sth, array($user, $sender, ST_MAIL_SUBJECT, $now, $message_content));
     }
     $now = time();
     //更新主题的最后更新时间
     $update_sql = 'update bbs_subject set last_access_date=?,reply_number=reply_number+1  where id=?';
     $sth = $this->db->Prepare($update_sql);
     $this->db->Execute($sth, array($now, $topic_id));
     //求这个回帖的位置所在的位置
     $sort_number = TopicUtil::getSortNumber($this->db, $topic_id, $insert_id);
     $page = ceil($sort_number / $this->pre_page);
     //这里还有很多的工作需要做
     $this->TipsAndForward(ST_SAVE_REPLY_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . '&page=' . $page . '#topic' . $sort_number);
 }
Beispiel #5
0
 /**
  * 取得查询后的帖子的情况
  * @param:  &$id Database Connection
  * @param:  $id 论坛板块的id
  * @return; array
  * @acess:  public
  * @static
  */
 public static function &getCacheSubjectInfo(&$db, $pre_page, $offset_page, $q)
 {
     /*{{{*/
     $sql = 'select id, title, author, subject_status, express, is_best, click_number, reply_number,' . ' last_access_date from bbs_subject ' . $q . ' order by last_access_date desc';
     $info_array = array();
     $res = $db->CacheSelectLimit(1800, $sql, $pre_page, $offset_page);
     $now_user_id = UserUtil::getUserId($db, $_SESSION['user']['name']);
     while ($rows = $res->FetchRow()) {
         $user_id = UserUtil::getUserId($db, $rows['author']);
         //看状态。
         //==0, 开放
         //==1, 需要验证
         //==2, 帖子被关闭
         //如果被关闭,则不需看是否有新帖
         $status_image = 'no_topic.gif';
         if ($rows['subject_status'] == 2) {
             $status_image = 'topic_lock.gif';
         } else {
             if (!isset($_SESSION['user'])) {
                 $status_iamge = 'no_topic.gif';
             } else {
                 if (TopicUtil::haveNewReply($db, $rows['id'], $now_user_id)) {
                     $status_image = 'new_topic.gif';
                 } else {
                     $status_image = 'no_topic.gif';
                 }
             }
         }
         $last_user_name = '';
         $last_user_id = '';
         $total_page = 0;
         $find_number = 0;
         if ($rows['reply_number'] > 0) {
             $temp_sql = 'select author from bbs_reply where subject_id=? order by id desc ';
             $temp_res = $db->SelectLimit($temp_sql, 1, 0, array($rows['id']));
             $temp_rows = $temp_res->FetchRow();
             $last_user_name = $temp_rows['author'];
             $last_user_id = UserUtil::getUserId($db, $last_user_name);
             $temp_sql = 'select count(*) as num from bbs_reply where subject_id=?';
             $temp_sth = $db->Prepare($temp_sql);
             $temp_res = $db->Execute($temp_sth, array($rows['id']));
             $temp_rows = $temp_res->FetchRow();
             $total_number = $temp_rows['num'];
             $total_page = ceil(($total_number + 1) / 10);
             if ($total_page > 10) {
                 $find_number = ($total_number + 1) % 10;
             } else {
                 $find_number = $total_number + 1;
             }
         }
         $temp_sql = 'select count(*) as num from bbs_subject_attach where subject_id=?';
         $temp_sth = $db->Prepare($temp_sql);
         $temp_res = $db->Execute($temp_sth, array($rows['id']));
         $temp_rows = $temp_res->FetchRow();
         $is_have_attach = $temp_rows['num'];
         $title = "";
         if ($rows['is_best']) {
             $title .= "&nbsp;<font color=red>[" . LU_IS_BEST . "]</font>";
         }
         $title .= $rows['title'];
         $info_array[] = array('image' => $status_image, 'id' => $rows['id'], 'title' => $title, 'have_new_reply' => $status_image == 'new_topic.gif' ? 1 : 0, 'userid' => $user_id, 'username' => $rows['author'], 'clicks_number' => $rows['click_number'], 'reply_number' => $rows['reply_number'], 'last_time' => set_locale_time($rows['last_access_date']), 'last_username' => $last_user_name, 'last_userid' => $last_user_id, 'last_page' => $total_page, 'last_number' => $find_number, 'have_attach' => $is_have_attach, 'express' => $rows['express']);
     }
     return $info_array;
 }
Beispiel #6
0
 /**
  * 关闭这个主题
  * @param:  NULL
  * @return: NULL
  * @access: public
  */
 public function run()
 {
     //取回用户需要设置帖子id
     $id = $this->getParameterFromGET('id');
     if (!$id) {
         $this->AlertAndBack(CR_ID_IS_EMPTY);
         return;
     }
     //验证主题是否存在
     if (!TopicUtil::replyIsExists($this->db, $id)) {
         $this->AlertAndBack(CR_ID_IS_NOT_EXISTS);
         return;
     }
     //验证用户的身份
     $sql = 'select id, group_dep from base_user_info where lower(user_name) =?';
     $sth = $this->db->prepare($sql);
     $res = $this->db->Execute($sth, array(strtolower($_SESSION['user']['name'])));
     $rows = $res->FetchRow();
     $user_id = $rows['id'];
     $user_group = $rows['group_dep'];
     if ($user_group != 1 && $user_group != 2 && $user_group != 3) {
         //用户没有权限锁定回复
         $this->AlertAndBack(CR_USER_HAVE_NO_PRIVILEGES);
         return;
     }
     if ($user_group == 3) {
         //如果用户是版主
         //则查看用户是否是本版的版主
         $layout_id = TopicUtil::getLayoutFromReplyId($this->db, $id);
         $temp_array = array();
         LayoutUtil::getParentId($this->db, $layout_id, $temp_array);
         array_push($temp_array, $layout_id);
         $sql = 'select count(*) as num from bbs_layout_manager where user_id=? and ' . ' layout_id in (' . implode(',', $temp_array) . ')';
         $sth = $this->db->prepare($sql);
         $res = $this->db->Execute($sth, array($user_id));
         $rows = $res->FetchRow();
         if (!$rows['num']) {
             $this->AlertAndBack(CR_USER_HAVE_NO_PRIVILEGES);
             return;
         }
     }
     //其他的情况中用户是可以解锁这个回复的
     //用户是这个版块的版主
     //用户是超级版主
     //用户是系统管理员
     $sql = 'update bbs_reply set reply_status=1 where id=?';
     $sth = $this->db->Prepare($sql);
     $this->db->Execute($sth, array($id));
     //成功后,则转向
     //求这个回帖的位置所在的位置
     $sql = 'select subject_id from bbs_reply where id=?';
     $sth = $this->db->Prepare($sql);
     $res = $this->db->Execute($sth, array($id));
     $rows = $res->FetchRow();
     $topic_id = $rows['subject_id'];
     $sort_number = TopicUtil::getSortNumber($this->db, $topic_id, $id);
     $page = ceil($sort_number / 10);
     //这里还有很多的工作需要做
     $this->forward('index.php?module=bbs&action=viewtopic&id=' . $topic_id . '&page=' . $page . '#topic' . $sort_number);
 }
Beispiel #7
0
 /**
  * 查看帖子
  * @param:  NULL
  * @return: NULL
  * @access: public
  */
 public function run()
 {
     //取得帖子的id
     $topic_id = $this->getParameterFromGET('id');
     $topic_id = (int) $topic_id;
     if (!$topic_id || $topic_id < 1) {
         $this->AlertAndBack(VT_TOPIC_ID_IS_NOT_VALID);
         return;
     }
     //验证帖子的id是否存在
     if (!TopicUtil::isExists($this->db, $topic_id)) {
         $this->AlertAndBack(VT_TOPIC_ID_IS_NOT_EXISTS);
         return;
     }
     //查询帖子的版块id
     $layout_id = TopicUtil::getLayoutId($this->db, $topic_id);
     //验证论坛的版块
     if (!LayoutUtil::isExists($this->db, $layout_id)) {
         $this->AlertAndBack(VT_LAYOUT_IS_NOT_EXISTS);
         return;
     }
     //得出论坛版块的状态
     $layout_status = LayoutUtil::getLayoutStatus($this->db, $layout_id);
     //状态为0则为全部开放
     //状态为1则为需要验证
     //状态为2则为关闭
     //如果为2
     if ($layout_status == 2) {
         $this->AlertAndBack(VT_LAYOUT_IS_CLOSED);
         return;
     } else {
         if ($layout_status == 1) {
             if (!$_SESSION['user']['name']) {
                 $this->AlertAndBack(VT_LAYOUT_NEED_AUTHOR);
                 return;
             }
         }
     }
     //取得帖子的状态
     $topic_status = TopicUtil::getTopicStatus($this->db, $topic_id);
     /**
      * 为0, 则开放
      * 为1, 则需要认证
      * 为2,则关闭
      */
     if ($topic_status == 1) {
         if (!$_SESSION['user']['name']) {
             $this->AlertAndBack(VT_TOPIC_NEED_AUTHOR);
             return;
         }
     }
     //增加帖子的浏览次数
     TopicUtil::updateViewNumber($this->db, $topic_id);
     //取得Smarty的对象
     $smarty = $this->getSmarty();
     //先删除已经不存在的用户
     LayoutUtil::delNotExistsUser($this->db);
     //取得站点的公告,并显示在页面上
     $is_have_post = false;
     $post_str = '';
     if (PostUtil::haveNotExpirePost($this->getDB())) {
         $is_have_post = true;
         $post_array = PostUtil::getPost($this->getDB(), 3);
         foreach ($post_array as $post_rows) {
             $post_str .= '<a href=\'index.php?module=post&action=view&id=' . $post_rows['id'] . '\' title=\'' . $post_rows['title'] . '\'>' . utf8_substr($post_rows['title'], 0, 35) . '</a>' . '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
         }
     }
     $smarty->assign('have_system_post', $is_have_post);
     $smarty->assign('post_str', $post_str);
     //求帖子的访问的导航菜单
     $nav_array = LayoutUtil::getParentLayoutInfo($this->db, $layout_id);
     //导航栏
     $smarty->assign('nav_array', $nav_array);
     //求帖子的标题
     $title = TopicUtil::getTitle($this->db, $topic_id);
     $smarty->assign('topic_title', $title);
     $smarty->assign('clone_title', ' -> ' . $title);
     //取得页面
     $page = $this->getParameterFromGET('page');
     if (!$page || $page <= 0) {
         $page = 1;
     }
     //求总的页面
     $total_page = TopicUtil::getTotalPage($this->db, $topic_id, $this->pre_page);
     if ($page > $total_page && $total_page > 0) {
         $page = $total_page;
     }
     //帖子的id和版块的id
     $smarty->assign('topic_id', $topic_id);
     $smarty->assign('bbs_id', $layout_id);
     //页面
     $smarty->assign('now_page', $page);
     $smarty->assign('total_page', $total_page);
     $begin_page = 1;
     $end_page = $total_page;
     if ($page <= 10 && $total_page >= 10) {
         $end_page = 10;
     } else {
         if ($page > 10) {
             if ($page % 10 == 0) {
                 //向前翻
                 $end_page = $page;
                 $begin_page = $end_page - 9;
             } else {
                 if ($page % 10 == 1) {
                     //向后翻
                     //确定开始的页数
                     $begin_page = $page;
                     if ($begin_page > $total_page) {
                         $begin_page = $page - 9;
                     }
                     if ($begin_page + 9 > $total_page) {
                         $end_page = $total_page;
                     } else {
                         $end_page = $begin_page + 9;
                     }
                 } else {
                     $num = $page % 10;
                     $pre_num = floor($page / 10);
                     $begin_page = $pre_num * 10 + 1;
                     $end_page = $begin_page + 9;
                 }
             }
         }
     }
     if ($end_page > $total_page) {
         $end_page = $total_page;
     }
     $nav_page_array = array();
     for ($i = $begin_page; $i <= $end_page; $i++) {
         array_push($nav_page_array, $i);
     }
     //帖子导航栏
     $smarty->assign('nav_page', $nav_page_array);
     $offset_page = ($page - 1) * $this->pre_page;
     $topic_array = TopicUtil::getTopicInfo($this->db, $topic_id, $this->pre_page, $offset_page);
     $smarty->assign('topic', $topic_array);
     //取得当前用户的身份
     $user_name = $_SESSION['user']['name'];
     $user_id = UserUtil::getUserId($this->db, $user_name);
     if (strlen($user_name)) {
         //验证用户的身份
         $sql = 'select group_dep from base_user_info where lower(user_name) =?';
         $sth = $this->db->prepare($sql);
         $res = $this->db->Execute($sth, array(strtolower($user_name)));
         $rows = $res->FetchRow();
         $user_group = $rows['group_dep'];
         if ($user_group == 1 || $user_group == 2) {
             $smarty->assign('can_be_close', 1);
         } else {
             if ($user_group == 3) {
                 $layout_id = TopicUtil::getLayoutId($this->db, $topic_id);
                 $sql = 'select count(*) as num from bbs_layout_manager where user_id=? and ' . ' layout_id=?';
                 $sth = $this->db->prepare($sql);
                 $res = $this->db->Execute($sth, array($user_id, $layout_id));
                 $rows = $res->FetchRow();
                 if (!$rows['num']) {
                     $smarty->assign('can_be_close', 0);
                 } else {
                     $smarty->assign('can_be_close', 1);
                 }
             }
         }
     } else {
         $smarty->assign('can_be_close', 0);
     }
     //加密一个返回的url
     $backurl = 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . '&page=' . $page;
     $backurl = base64_encode($backurl);
     $smarty->assign('backurl', $backurl);
     $smarty->display('viewtopic.tmpl');
 }
Beispiel #8
0
 /**
  * 运行本类
  */
 public function run()
 {
     /*{{{*/
     $id = $this->getParameterFromGET('id');
     $is_topic = $this->getParameterFromGET('topic');
     $bbs_id = 0;
     //判断$id是否存在。
     if ($is_topic == 1) {
         //如果等于1,则为主题
         if (!TopicUtil::isExists($this->db, $id)) {
             $this->AlertAndBack(SE_TOPIC_ID_IS_NOT_EXISTS);
             return;
         } else {
             //如果存在,则判断用户是否有权利修改
             $sql = 'select author, layout_id from bbs_subject where id=?';
             $sth = $this->db->Prepare($sql);
             $res = $this->db->Execute($sth, array($id));
             $rows = $res->FetchRow();
             $user_name = $rows['author'];
             $bbs_id = $rows['layout_id'];
             $user_can_be_edit = 0;
             if (strtolower($_SESSION['user']['name']) == strtolower($user_name)) {
                 $user_can_be_edit = 1;
             } else {
                 if (strtolower($_SESSION['user']['name']) != strtolower($user_name)) {
                     //判断用户是否是这个版块的版主。
                     $dep = UserUtil::getUserDep($this->db, $_SESSION['user']['name']);
                     if ($dep == 1 || $dep == 2) {
                         $user_can_be_edit = 1;
                     } else {
                         if ($dep == 3) {
                             $user_can_be_edit = UserUtil::isThisLayoutAdmin($this->db, $id, $bbs_id, $_SESSION['user']['name']);
                         }
                     }
                 }
             }
             if (!$user_can_be_edit) {
                 $this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
                 return;
             }
         }
     } else {
         //$topic 为其他值,那么就是回帖,而不是主题
         $sql = 'select author, subject_id, layout_id from bbs_reply where id=?';
         $sth = $this->db->Prepare($sql);
         $res = $this->db->Execute($sth, array($id));
         $rows = $res->FetchRow();
         if (!$rows['author']) {
             $this->AlertAndBack(SE_TOPIC_ID_IS_NOT_EXISTS);
             return;
         }
         //如果存在,
         //则判断用户是否有权限
         $user_name = $rows['author'];
         $subject_id = $rows['subject_id'];
         $bbs_id = $rows['layout_id'];
         $user_can_be_edit = 0;
         if (strtolower($_SESSION['user']['name']) == strtolower($user_name)) {
             $user_can_be_edit = 1;
         } else {
             if (strtolower($_SESSION['user']['name']) != strtolower($user_name)) {
                 //判断用户是否是这个版块的版主。
                 $dep = UserUtil::getUserDep($this->db, $_SESSION['user']['name']);
                 if ($dep == 1 || $dep == 2) {
                     $user_can_be_edit = 1;
                 } else {
                     if ($dep == 3) {
                         $user_can_be_edit = UserUtil::isThisLayoutAdmin($this->db, $subject_id, $bbs_id, $_SESSION['user']['name']);
                     }
                 }
             }
         }
         if (!$user_can_be_edit) {
             $this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
             return;
         }
     }
     $smarty = $this->getSmarty();
     if ($is_topic) {
         $smarty->assign('clone_title', SE_EDIT_TOPIC);
     } else {
         $smarty->assign('clone_title', SE_EDIT_REPLY);
     }
     //更新用户在本版的信息
     LayoutUtil::updateOnlineUser($this->db, $bbs_id);
     //返回论坛上面的导行栏。
     $nav_array = LayoutUtil::getParentLayoutInfo($this->db, $bbs_id);
     //导航栏
     $smarty->assign('nav_array', $nav_array);
     //先删除已经不存在的用户
     LayoutUtil::delNotExistsUser($this->db);
     //用户有权限了。
     //则可以开始显示用户帖子的内容
     $smarty->assign('id_edit', 1);
     $smarty->assign('is_topic', $is_topic);
     $smarty->assign('is_edit', 1);
     $smarty->assign('bbsid', $id);
     if ($is_topic == 1) {
         //如果$is_topic 等于1, 则为主题
         $sql = 'select title, content, express from bbs_subject where id=?';
         $sth = $this->db->Prepare($sql);
         $res = $this->db->Execute($sql, array($id));
         $rows = $res->FetchRow();
         $smarty->assign('temp_title', $rows['title']);
         $fck = new FCKeditor("content");
         $fck->BasePath = FCKEDITOR_BASEPATH;
         if (get_magic_quotes_gpc()) {
             $fck->Value = stripslashes($rows['content']);
         } else {
             $fck->Value = $rows['content'];
         }
         $smarty->assign('fck', $fck);
         $smarty->assign('temp_express', $rows['express']);
         //查询是否有附件
         $sql = 'select subject_id, file_type from bbs_subject_attach where subject_id=?';
         $sth = $this->db->Prepare($sql);
         $res = $this->db->Execute($sth, array($id));
         $rows = $res->FetchRow();
         if ($rows['subject_id']) {
             $filename = ROOT_URL . 'upload/attach/' . $rows['subject_id'] . $rows['file_type'];
             $smarty->assign('image_name', $filename);
         }
     } else {
         $sql = 'select title, content, express from bbs_reply where id=?';
         $sth = $this->db->Prepare($sql);
         $res = $this->db->Execute($sql, array($id));
         $rows = $res->FetchRow();
         $smarty->assign('temp_title', $rows['title']);
         $fck = new FCKeditor("content");
         $fck->BasePath = FCKEDITOR_BASEPATH;
         //         $fck->Value = $rows['content'];
         if (get_magic_quotes_gpc()) {
             $fck->Value = stripslashes($rows['content']);
         } else {
             $fck->Value = $rows['content'];
         }
         $smarty->assign('fck', $fck);
         $smarty->assign('temp_express', $rows['express']);
         //查询是否有附件
         $sql = 'select reply_id, file_type from  bbs_reply_attach where reply_id=?';
         $sth = $this->db->Prepare($sql);
         $res = $this->db->Execute($sth, array($id));
         $rows = $res->FetchRow();
         if ($rows['reply_id']) {
             $filename = ROOT_URL . 'upload/attach/reply/' . $rows['reply_id'] . $rows['file_type'];
             $smarty->assign('image_name', $filename);
         }
     }
     $smarty->display('topic.tmpl');
     return;
 }
Beispiel #9
0
 /**
  * 保存编辑后的帖子
  * @param:  NULL
  * @return: NULL
  * @access: public
  */
 public function run()
 {
     //收集变量
     $topic = $this->getParameterFromPOST('topic');
     $id = $this->getParameterFromPOST('id');
     $title = $this->getParameterFromPOST('title');
     $content = $this->getParameterFromPOST('content');
     $express = $this->getParameterFromPOST('express');
     $delattach = $this->getParameterFromPOST('delattach');
     if (!$title || strlen($title) <= 0) {
         $this->AlertAndBack(SE_TITLE_IS_EMPTY);
         return;
     }
     /*
           if ( strlen($title) > 140 ) {
              $this->AlertAndBack(SE_TITLE_TOO_LONG);
              return;
           }*/
     if (!$content || strlen($content) <= 0) {
         $this->AlertAndBack(SE_CONTENT_IS_EMPTY);
         return;
     }
     //做出基本的判断/*{{{*/
     if (!$id) {
         $this->AlertandBack(SE_NO_TOPIC_ID);
         return;
     }
     //找出这个帖子所在的版块的id, 作者。
     $layout_id = 0;
     $author = '';
     if ($topic) {
         //如果是主题
         $sql = 'select layout_id, author from bbs_subject where id=?';
         $sth = $this->db->prepare($sql);
         $res = $this->db->execute($sth, array($id));
         $rows = $res->FetchRow();
         $layout_id = $rows['layout_id'];
         $author = $rows['author'];
     } else {
         $sql = 'select layout_id, author from bbs_reply where id=?';
         $sth = $this->db->prepare($sql);
         $res = $this->db->execute($sth, array($id));
         $rows = $res->FetchRow();
         $layout_id = $rows['layout_id'];
         $author = $rows['author'];
     }
     if (!$layout_id) {
         //保存的帖子根本不存在。
         $this->AlertAndBlack(SE_TOPIC_IS_NOT_EXISTS);
         return;
     }
     //判断用户是否可以编辑
     if ($topic) {
         //如果等于1,则为主题
         //如果存在,则判断用户是否有权利修改
         $sql = 'select author, layout_id from bbs_subject where id=?';
         $sth = $this->db->Prepare($sql);
         $res = $this->db->Execute($sth, array($id));
         $rows = $res->FetchRow();
         $user_name = $rows['author'];
         $bbs_id = $rows['layout_id'];
         $user_can_be_edit = 0;
         if (strtolower($_SESSION['user']['name']) == strtolower($user_name)) {
             $user_can_be_edit = 1;
         } else {
             if (strtolower($_SESSION['user']['name']) != strtolower($user_name)) {
                 //判断用户是否是这个版块的版主。
                 $dep = UserUtil::getUserDep($db, $_SESSION['user']['name']);
                 if ($dep == 1 || $dep == 2) {
                     $user_can_be_edit = 1;
                 } else {
                     if ($dep == 3) {
                         $user_can_be_edit = UserUtil::isThisLayoutAdmin($db, $id, $_SESSION['user']['name']);
                     }
                 }
             }
         }
         if (!$user_can_be_edit) {
             $this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
             return;
         }
     } else {
         //$topic 为其他值,那么就是回帖,而不是主题
         $sql = 'select author, subject_id, layout_id from bbs_reply where id=?';
         $sth = $this->db->Prepare($sql);
         $res = $this->db->Execute($sth, array($id));
         $rows = $res->FetchRow();
         if (!$rows['author']) {
             $this->AlertAndBack(SE_TOPIC_ID_IS_NOT_EXISTS);
             return;
         }
         //如果存在,
         //则判断用户是否有权限
         $user_name = $rows['author'];
         $subject_id = $rows['subject_id'];
         $bbs_id = $rows['layout_id'];
         $user_can_be_edit = 0;
         if (strtolower($_SESSION['user']['name']) == strtolower($user_name)) {
             $user_can_be_edit = 1;
         } else {
             if (strtolower($_SESSION['user']['name']) != strtolower($user_name)) {
                 //判断用户是否是这个版块的版主。
                 $dep = UserUtil::getUserDep($db, $_SESSION['user']['name']);
                 if ($dep == 1 || $dep == 2) {
                     $user_can_be_edit = 1;
                 } else {
                     if ($dep == 3) {
                         $user_can_be_edit = UserUtil::isThisLayoutAdmin($db, $subject_id, $_SESSION['user']['name']);
                     }
                 }
             }
         }
         if (!$user_can_be_edit) {
             $this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
             return;
         }
     }
     /*}}}*/
     //判断做完了,则可以开始进行更新了。
     //求现在的时间
     $now = getNoFormateCurrentDate();
     if ($topic) {
         $user_name = $_SESSION['user']['name'];
         $sql = 'update bbs_subject set title=?, content=?, express=?, is_edit=1, ' . ' edit_user=?, edit_time=? where id=?';
         $sth = $this->db->prepare($sql);
         $this->db->execute($sth, array($title, $content, $express, $user_name, $now, $id));
         if ($this->db->ErrorNo()) {
             $this->AlertAndBack($this->db->ErrorMsg());
             return;
         }
         if ($delattach) {
             //删除这个附件
             $sql = 'select file_type from bbs_subject_attach where subject_id=?';
             $sth = $this->db->prepare($sql);
             $res = $this->db->execute($sth, array($id));
             $rows = $res->FetchRow();
             $file_type = $rows['file_type'];
             $del_sql = 'delete from bbs_subject_attach where subject_id=?';
             $sth = $this->db->prepare($del_sql);
             $this->db->execute($sth, array($id));
             //删除文件。
             $filename = ROOT_PATH . 'upload/attach/' . $id . $file_type;
             unlink($filename);
         }
     } else {
         $user_name = $_SESSION['user']['name'];
         $sql = 'update bbs_reply set title=?, content=?, express=?, is_edit=1, ' . ' edit_user=?, edit_time=? where id=?';
         $sth = $this->db->prepare($sql);
         $this->db->execute($sth, array($title, $content, $express, $user_name, $now, $id));
         if ($this->db->ErrorNo()) {
             $this->AlertAndBack($this->db->ErrorMsg());
             return;
         }
         if ($delattach) {
             //删除这个附件
             $sql = 'select file_type from bbs_reply_attach where reply_id=?';
             $sth = $this->db->prepare($sql);
             $res = $this->db->execute($sth, array($id));
             $rows = $res->FetchRow();
             $file_type = $rows['file_type'];
             $del_sql = 'delete from bbs_reply_attach where reply_id=?';
             $sth = $this->db->prepare($del_sql);
             $this->db->execute($sth, array($id));
             //删除文件。
             $filename = ROOT_PATH . 'upload/attach/reply/' . $id . $file_type;
             unlink($filename);
         }
     }
     //编辑成功后,返回当时的页面
     if ($topic) {
         //如果是主页
         //则返回第一页
         $this->TipsAndForward(SE_SAVE_EDIT_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $id);
         return;
     } else {
         //不是主题
         //则是回复
         //求这个回帖的位置所在的位置
         $sql = 'select subject_id from bbs_reply where id=?';
         $sth = $this->db->prepare($sql);
         $res = $this->db->Execute($sth, array($id));
         $rows = $res->FetchRow();
         $sort_number = TopicUtil::getSortNumber($this->db, $rows['subject_id'], $id);
         $page = ceil($sort_number / 10);
         //这里还有很多的工作需要做
         $this->TipsAndForward(SE_SAVE_EDIT_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $rows['subject_id'] . '&page=' . $page . '#topic' . $sort_number);
     }
 }
Beispiel #10
0
 /**
  * 运行本类
  * @param:  NULL
  * @return: NULL
  * @access: public
  */
 public function run()
 {
     /*{{{*/
     $smarty = $this->getSmarty();
     $smarty->assign('clone_title', CREATE_NEW_REPLY);
     //取得主题的id
     $topic_id = $this->getParameterFromGET('id');
     //验证帖子的是否存在
     if (!TopicUtil::isExists($this->db, $topic_id)) {
         $this->AlertAndBack(TOPIC_IS_NOT_EXISTS);
         return;
     }
     //验证帖子的状态
     $status = TopicUtil::getTopicStatus($this->db, $topic_id);
     //注意状态为3,则为帖子被锁定,不能回复了。
     if ($status == 2) {
         $this->AlertAndBack(TOPIC_HAD_BE_CLOSED);
         return;
     } else {
         if ($status == 3) {
             $this->AlertAndBack(TOPIC_HAD_BE_LOCK);
             return;
         }
     }
     //取得该帖子所在的版块
     $layout_id = TopicUtil::getLayoutId($this->db, $topic_id);
     if (!LayoutUtil::isExists($this->db, $layout_id)) {
         //论坛不存在,则转向首页
         $this->forward('index.php');
     }
     //更新用户在本版的信息
     LayoutUtil::updateOnlineUser($this->db, $layout_id);
     $bbs_status = LayoutUtil::getLayoutStatus($this->db, $layout_id);
     if ($bbs_status == 1 && !isset($_SESSION['user'])) {
         $this->AlertAndForward(SRY_NEED_LOGIN, 'index.php?module=user&action=showlogin');
         return;
     } else {
         if ($bbs_status == 2) {
             $this->AlertAndForward(SRY_LAYOUT_WAS_CLOSED, 'index.php');
             return;
         } else {
             if ($bbs_status == 3) {
                 //等于三不允许发帖
                 $this->AlertAndBack(SRY_NOW_ALLOW_NEW_TOPIC);
                 return;
             } else {
                 if (LayoutUtil::isClosedByParent($this->db, $bbs_id)) {
                     $this->AlertAndForward(SRY_LAYOUT_WAS_CLOSED, 'index.php');
                     return;
                 }
             }
         }
     }
     //返回论坛上面的导行栏。
     $nav_array = LayoutUtil::getParentLayoutInfo($this->db, $layout_id);
     //导航栏
     $smarty->assign('nav_array', $nav_array);
     //先删除已经不存在的用户
     LayoutUtil::delNotExistsUser($this->db);
     //从Session里读出数据
     $temp_title = $_SESSION['temp_title'];
     if (strlen($temp_title) <= 0) {
         $smarty->assign('temp_title', $temp_title);
     }
     //看看是否是引用
     $quote = $this->getParameterFromGET('quote');
     $reply_id = $this->getParameterFromGET('replyid');
     $temp_content = $_SESSION['temp_content'];
     $fck = new FCKeditor("content");
     $fck->BasePath = FCKEDITOR_BASEPATH;
     if ($temp_content) {
         if (get_magic_quotes_gpc()) {
             $fck->Value = stripslashes($temp_content);
         } else {
             $fck->Value = $temp_content;
         }
     } else {
         if ($quote == 1) {
             if ($reply_id == 0) {
                 $sql = 'select content from bbs_subject where id=?';
                 $sth = $this->db->Prepare($sql);
                 $res = $this->db->Execute($sth, array($topic_id));
                 $rows = $res->FetchRow();
                 if (get_magic_quotes_gpc()) {
                     $temp_content1 = stripslashes($rows['content']);
                 } else {
                     $temp_content1 = $rows['content'];
                 }
                 $fck->Value = '[quote]' . $temp_content1 . '[/quote]';
             } else {
                 $sql = 'select content from bbs_reply where id=?';
                 $sth = $this->db->Prepare($sql);
                 $res = $this->db->Execute($sth, array($reply_id));
                 $rows = $res->FetchRow();
                 if (get_magic_quotes_gpc()) {
                     $temp_content1 = stripslashes($rows['content']);
                 } else {
                     $temp_content1 = $rows['content'];
                 }
                 $fck->Value = '[quote]' . $temp_content1 . '[/quote]';
             }
         }
     }
     $smarty->assign('fck', $fck);
     $temp_express = $_SESSION['temp_express'];
     $smarty->assign('temp_express', $temp_express);
     $smarty->assign('is_new_topic', 0);
     $smarty->assign('is_new_reply', 1);
     $smarty->assign('bbsid', $topic_id);
     $smarty->display('topic.tmpl');
 }