/**
* 关闭这个主题
* @param: NULL
* @return: NULL
* @access: public
*/
public function run()
{
//取回用户需要设置帖子id
$id = $this->getParameterFromGET('id');
if (!$id) {
$this->AlertAndBack(CR_ID_IS_EMPTY);
return;
}
//验证主题是否存在
if (!TopicUtil::replyIsExists($this->db, $id)) {
$this->AlertAndBack(CR_ID_IS_NOT_EXISTS);
return;
}
//验证用户的身份
$sql = 'select id, group_dep from base_user_info where lower(user_name) =?';
$sth = $this->db->prepare($sql);
$res = $this->db->Execute($sth, array(strtolower($_SESSION['user']['name'])));
$rows = $res->FetchRow();
$user_id = $rows['id'];
$user_group = $rows['group_dep'];
if ($user_group != 1 && $user_group != 2 && $user_group != 3) {
//用户没有权限锁定回复
$this->AlertAndBack(CR_USER_HAVE_NO_PRIVILEGES);
return;
}
if ($user_group == 3) {
//如果用户是版主
//则查看用户是否是本版的版主
$layout_id = TopicUtil::getLayoutFromReplyId($this->db, $id);
$temp_array = array();
LayoutUtil::getParentId($this->db, $layout_id, $temp_array);
array_push($temp_array, $layout_id);
$sql = 'select count(*) as num from bbs_layout_manager where user_id=? and ' . ' layout_id in (' . implode(',', $temp_array) . ')';
$sth = $this->db->prepare($sql);
$res = $this->db->Execute($sth, array($user_id));
$rows = $res->FetchRow();
if (!$rows['num']) {
$this->AlertAndBack(CR_USER_HAVE_NO_PRIVILEGES);
return;
}
}
//其他的情况中用户是可以解锁这个回复的
//用户是这个版块的版主
//用户是超级版主
//用户是系统管理员
$sql = 'update bbs_reply set reply_status=1 where id=?';
$sth = $this->db->Prepare($sql);
$this->db->Execute($sth, array($id));
//成功后,则转向
//求这个回帖的位置所在的位置
$sql = 'select subject_id from bbs_reply where id=?';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($id));
$rows = $res->FetchRow();
$topic_id = $rows['subject_id'];
$sort_number = TopicUtil::getSortNumber($this->db, $topic_id, $id);
$page = ceil($sort_number / 10);
//这里还有很多的工作需要做
$this->forward('index.php?module=bbs&action=viewtopic&id=' . $topic_id . '&page=' . $page . '#topic' . $sort_number);
}
/**
* 保存新回复
* @param: NULL
* @return: NULL
* @access: public
*/
public function run()
{
//取得主题的id
$topic_id = $this->getParameterFromPOST('id');
//验证帖子的是否存在
if (!TopicUtil::isExists($this->db, $topic_id)) {
$this->AlertAndBack(TOPIC_IS_NOT_EXISTS);
return;
}
//验证帖子的状态
$status = TopicUtil::getTopicStatus($this->db, $topic_id);
//注意状态为3,则为帖子被锁定,不能回复了。
if ($status == 2) {
$this->AlertAndBack(TOPIC_HAD_BE_CLOSED);
return;
} else {
if ($status == 3) {
$this->AlertAndBack(TOPIC_HAD_BE_LOCK);
return;
}
}
//取得版块的id
$bbs_id = TopicUtil::getLayoutId($this->db, $topic_id);
if (!$bbs_id) {
$this->forward('index.php');
}
//验证论坛是否存在
if (!LayoutUtil::isExists($this->db, $bbs_id)) {
//论坛不存在,则转向首页
$this->forward('index.php');
}
//更新用户在本版的信息
LayoutUtil::updateOnlineUser($this->db, $bbs_id);
$bbs_status = LayoutUtil::getLayoutStatus($this->db, $bbs_id);
if ($bbs_status == 1 && !isset($_SESSION['user'])) {
$this->AlertAndForward(SNT_NEED_LOGIN, 'index.php?module=user&action=showlogin');
return;
} else {
if ($bbs_status == 2) {
$this->AlertAndForward(SNT_LAYOUT_WAS_CLOSED, 'index.php');
return;
} else {
if ($bbs_status == 3) {
//等于三不允许发帖
$this->AlertAndBack(SNT_NOW_ALLOW_NEW_TOPIC);
return;
} else {
if (LayoutUtil::isClosedByParent($this->db, $bbs_id)) {
$this->AlertAndForward(SNT_LAYOUT_WAS_CLOSED, 'index.php');
return;
}
}
}
}
//取得各种参数
//帖子的表情
$express = $this->getParameterFromPost('express');
//上传的帖子标题
$title = $this->getParameterFromPost('title');
//上传的内容
$content = $this->getParameterFromPost('content');
//记录在Session里
$_SESSION['temp_title'] = $title;
$_SESSION['temp_content'] = $content;
$_SESSION['temp_express'] = $express;
//看文件是否有文件上传
if ($_FILES['attach']['tmp_name']) {
//用户有上传文件
if ($_FILES['attach']['type'] != 'image/gif' && $_FILES['attach']['type'] != 'image/jpeg' && $_FILES['attach']['type'] != 'image/jpg' && $_FILES['attach']['type'] != 'image/pjpeg' && $_FILES['attach']['type'] != 'image/png') {
$this->AlertandBack(ST_PHONE_FILE_LIMIT);
}
//判断上传的文件大小是否合乎要求
if ($_FILES['attach']['size'] > 1048576) {
$this->AlertAndBack(ST_PHONE_FILE_SIZE_LIMIT);
return;
}
}
//回复标题可以为空
//如果标题为空,则自动生成一个标题
if (!$title || strlen($title) <= 0) {
$sql = 'select title from bbs_subject where id=?';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
$rows = $res->FetchRow();
$title = "Re:" . $rows['title'];
}
/*
if ( strlen($title) > 143 ) {
$this->AlertAndBack(ST_TITLE_TOO_LONG);
return;
}*/
if (!$content || strlen($content) <= 0) {
$this->AlertAndBack(ST_CONTENT_IS_EMPTY);
return;
}
//插入新回复
$ip_temp = getIp();
$ip = $ip_temp['ip'];
$user_name = $_SESSION['user']['name'];
$now = time();
$sql = 'insert into bbs_reply ( layout_id, title, author, content, post_ip, ' . 'post_date, express, subject_id ) values (?, ?, ?, ?, ?, ?, ?, ?) ';
$sth = $this->{'db'}->Prepare($sql);
$this->{'db'}->Execute($sth, array($bbs_id, $title, $user_name, $content, $ip, $now, $express, $topic_id));
if ($this->{'db'}->ErrorNo()) {
$this->AlertAndBack($this->{'db'}->ErrorMsg());
return;
}
//得到最后的id
$insert_id = $this->{'db'}->Insert_id();
if ($_FILES['attach']['tmp_name']) {
//取得文件的大小
list($image_width, $image_height, $image_type, $image_attr) = getimagesize($_FILES['attach']['tmp_name']);
//判断文件的类型
switch ($image_type) {
case 1:
$image_left_type = '.gif';
break;
case 2:
$image_left_type = '.jpg';
break;
case 3:
$image_left_type = '.png';
break;
}
//存储的文件名
$file_name = ROOT_PATH . 'upload/attach/reply/' . $insert_id . $image_left_type;
if (!move_uploaded_file($_FILES['attach']['tmp_name'], $file_name)) {
$sql = 'delete from bbs_reply where id=?';
$sth = $this->{'db'}->Prepare($sql);
$this->{'db'}->Execute($sth, array($insert_id));
$this->AlertAndBack(ST_UPLOAD_ERROR);
return;
} else {
$sql = 'insert into bbs_reply_attach (reply_id, file_type) ' . ' values (?, ?)';
$sth = $this->{'db'}->Prepare($sql);
$this->{'db'}->Execute($sth, array($insert_id, $image_left_type));
}
}
unset($_SESSION['temp_title']);
unset($_SESSION['temp_content']);
unset($_SESSION['temp_express']);
//发送短信,通知各个用户有回复了你的帖子
//发送邮件,通知各个用户有回复了你的帖子
$mail_user = array();
$message_user = array();
$sql = 'select a.author, b.user_email, b.id from bbs_subject a join ' . ' base_user_info b on a.author = b.user_name ' . ' join user_setting c on b.id=c.user_id where a.id=? and c.user_whether_receive_email=1';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
$rows = $res->FetchRow();
if ($rows['id']) {
$mail_user[] = $rows['user_email'];
}
$sql = 'select distinct a.author, b.user_email, b.id from bbs_reply a join base_user_info b ' . ' on a.author = b.user_name join user_setting c on b.id=c.user_id ' . ' where a.subject_id=? and c.user_whether_receive_email=1';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
while ($rows = $res->FetchRow()) {
if ($rows['id']) {
$mail_user[] = $rows['user_email'];
}
}
$mail_user = array_unique($mail_user);
//计算发送短信的用户数组
$sql = 'select a.author, b.id from bbs_subject a join ' . ' base_user_info b on a.author = b.user_name ' . ' join user_setting c on b.id=c.user_id where a.id=? and c.receive_system_message=1';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
$rows = $res->FetchRow();
if ($rows['id']) {
$message_user[] = $rows['id'];
}
$sql = 'select distinct a.author, b.id from bbs_reply a join base_user_info b ' . ' on a.author = b.user_name join user_setting c on b.id=c.user_id ' . ' where a.subject_id=? and c.receive_system_message=1';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($topic_id));
while ($rows = $res->FetchRow()) {
if ($rows['id']) {
$message_user[] = $rows['id'];
}
}
$message_user = array_unique($message_user);
//开始发送邮件
$to_address = implode(',', $mail_user);
$mail_content = ST_MAIL_CONTENT . "\n\n";
$mail_content .= ROOT_URL . 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . "\n\n";
$headers = "To:" . $to_address . "\r\n";
$headers .= "From:" . WEBSITE_EMAIL . "\r\n";
//发送邮件:
@mail($to_address, ST_MAIL_SUBJECT, $mail_content, $headers);
//发送短消息
//发件人
$sender = '0';
$message_content = ST_MESSAGE_CONTENT . "\n";
$now = getNoFormateCurrentDate();
$message_content .= "[url=" . 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . "][color=red]" . ST_CLICK_HERE . "[/color]" . "[/url]";
$sql = 'insert into message_inbox ( user_id, send_user_id, title, receive_time, content ) ' . ' values ( ?, ?, ?, ?, ?) ';
$sth = $this->db->Prepare($sql);
foreach ($message_user as $user) {
$this->db->Execute($sth, array($user, $sender, ST_MAIL_SUBJECT, $now, $message_content));
}
$now = time();
//更新主题的最后更新时间
$update_sql = 'update bbs_subject set last_access_date=?,reply_number=reply_number+1 where id=?';
$sth = $this->db->Prepare($update_sql);
$this->db->Execute($sth, array($now, $topic_id));
//求这个回帖的位置所在的位置
$sort_number = TopicUtil::getSortNumber($this->db, $topic_id, $insert_id);
$page = ceil($sort_number / $this->pre_page);
//这里还有很多的工作需要做
$this->TipsAndForward(ST_SAVE_REPLY_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $topic_id . '&page=' . $page . '#topic' . $sort_number);
}
/**
* 保存编辑后的帖子
* @param: NULL
* @return: NULL
* @access: public
*/
public function run()
{
//收集变量
$topic = $this->getParameterFromPOST('topic');
$id = $this->getParameterFromPOST('id');
$title = $this->getParameterFromPOST('title');
$content = $this->getParameterFromPOST('content');
$express = $this->getParameterFromPOST('express');
$delattach = $this->getParameterFromPOST('delattach');
if (!$title || strlen($title) <= 0) {
$this->AlertAndBack(SE_TITLE_IS_EMPTY);
return;
}
/*
if ( strlen($title) > 140 ) {
$this->AlertAndBack(SE_TITLE_TOO_LONG);
return;
}*/
if (!$content || strlen($content) <= 0) {
$this->AlertAndBack(SE_CONTENT_IS_EMPTY);
return;
}
//做出基本的判断/*{{{*/
if (!$id) {
$this->AlertandBack(SE_NO_TOPIC_ID);
return;
}
//找出这个帖子所在的版块的id, 作者。
$layout_id = 0;
$author = '';
if ($topic) {
//如果是主题
$sql = 'select layout_id, author from bbs_subject where id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->execute($sth, array($id));
$rows = $res->FetchRow();
$layout_id = $rows['layout_id'];
$author = $rows['author'];
} else {
$sql = 'select layout_id, author from bbs_reply where id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->execute($sth, array($id));
$rows = $res->FetchRow();
$layout_id = $rows['layout_id'];
$author = $rows['author'];
}
if (!$layout_id) {
//保存的帖子根本不存在。
$this->AlertAndBlack(SE_TOPIC_IS_NOT_EXISTS);
return;
}
//判断用户是否可以编辑
if ($topic) {
//如果等于1,则为主题
//如果存在,则判断用户是否有权利修改
$sql = 'select author, layout_id from bbs_subject where id=?';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($id));
$rows = $res->FetchRow();
$user_name = $rows['author'];
$bbs_id = $rows['layout_id'];
$user_can_be_edit = 0;
if (strtolower($_SESSION['user']['name']) == strtolower($user_name)) {
$user_can_be_edit = 1;
} else {
if (strtolower($_SESSION['user']['name']) != strtolower($user_name)) {
//判断用户是否是这个版块的版主。
$dep = UserUtil::getUserDep($db, $_SESSION['user']['name']);
if ($dep == 1 || $dep == 2) {
$user_can_be_edit = 1;
} else {
if ($dep == 3) {
$user_can_be_edit = UserUtil::isThisLayoutAdmin($db, $id, $_SESSION['user']['name']);
}
}
}
}
if (!$user_can_be_edit) {
$this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
return;
}
} else {
//$topic 为其他值,那么就是回帖,而不是主题
$sql = 'select author, subject_id, layout_id from bbs_reply where id=?';
$sth = $this->db->Prepare($sql);
$res = $this->db->Execute($sth, array($id));
$rows = $res->FetchRow();
if (!$rows['author']) {
$this->AlertAndBack(SE_TOPIC_ID_IS_NOT_EXISTS);
return;
}
//如果存在,
//则判断用户是否有权限
$user_name = $rows['author'];
$subject_id = $rows['subject_id'];
$bbs_id = $rows['layout_id'];
$user_can_be_edit = 0;
if (strtolower($_SESSION['user']['name']) == strtolower($user_name)) {
$user_can_be_edit = 1;
} else {
if (strtolower($_SESSION['user']['name']) != strtolower($user_name)) {
//判断用户是否是这个版块的版主。
$dep = UserUtil::getUserDep($db, $_SESSION['user']['name']);
if ($dep == 1 || $dep == 2) {
$user_can_be_edit = 1;
} else {
if ($dep == 3) {
$user_can_be_edit = UserUtil::isThisLayoutAdmin($db, $subject_id, $_SESSION['user']['name']);
}
}
}
}
if (!$user_can_be_edit) {
$this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
return;
}
}
/*}}}*/
//判断做完了,则可以开始进行更新了。
//求现在的时间
$now = getNoFormateCurrentDate();
if ($topic) {
$user_name = $_SESSION['user']['name'];
$sql = 'update bbs_subject set title=?, content=?, express=?, is_edit=1, ' . ' edit_user=?, edit_time=? where id=?';
$sth = $this->db->prepare($sql);
$this->db->execute($sth, array($title, $content, $express, $user_name, $now, $id));
if ($this->db->ErrorNo()) {
$this->AlertAndBack($this->db->ErrorMsg());
return;
}
if ($delattach) {
//删除这个附件
$sql = 'select file_type from bbs_subject_attach where subject_id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->execute($sth, array($id));
$rows = $res->FetchRow();
$file_type = $rows['file_type'];
$del_sql = 'delete from bbs_subject_attach where subject_id=?';
$sth = $this->db->prepare($del_sql);
$this->db->execute($sth, array($id));
//删除文件。
$filename = ROOT_PATH . 'upload/attach/' . $id . $file_type;
unlink($filename);
}
} else {
$user_name = $_SESSION['user']['name'];
$sql = 'update bbs_reply set title=?, content=?, express=?, is_edit=1, ' . ' edit_user=?, edit_time=? where id=?';
$sth = $this->db->prepare($sql);
$this->db->execute($sth, array($title, $content, $express, $user_name, $now, $id));
if ($this->db->ErrorNo()) {
$this->AlertAndBack($this->db->ErrorMsg());
return;
}
if ($delattach) {
//删除这个附件
$sql = 'select file_type from bbs_reply_attach where reply_id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->execute($sth, array($id));
$rows = $res->FetchRow();
$file_type = $rows['file_type'];
$del_sql = 'delete from bbs_reply_attach where reply_id=?';
$sth = $this->db->prepare($del_sql);
$this->db->execute($sth, array($id));
//删除文件。
$filename = ROOT_PATH . 'upload/attach/reply/' . $id . $file_type;
unlink($filename);
}
}
//编辑成功后,返回当时的页面
if ($topic) {
//如果是主页
//则返回第一页
$this->TipsAndForward(SE_SAVE_EDIT_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $id);
return;
} else {
//不是主题
//则是回复
//求这个回帖的位置所在的位置
$sql = 'select subject_id from bbs_reply where id=?';
$sth = $this->db->prepare($sql);
$res = $this->db->Execute($sth, array($id));
$rows = $res->FetchRow();
$sort_number = TopicUtil::getSortNumber($this->db, $rows['subject_id'], $id);
$page = ceil($sort_number / 10);
//这里还有很多的工作需要做
$this->TipsAndForward(SE_SAVE_EDIT_SUCCESS, 'index.php?module=bbs&action=viewtopic&id=' . $rows['subject_id'] . '&page=' . $page . '#topic' . $sort_number);
}
}
