function DoCropImage($add, $userid, $username) { global $empire, $dbtbpre, $public_r, $class_r, $ecms_config, $efileftp_fr, $efileftp_dr; //参数处理 $pic_x = (int) $add['pic_x']; $pic_y = (int) $add['pic_y']; $pic_w = (int) $add['pic_w']; $pic_h = (int) $add['pic_h']; $doing = (int) $add['doing']; $fileid = (int) $add['fileid']; $filepass = (int) $add['filepass']; $classid = (int) $add['classid']; $infoid = (int) $add['infoid']; $modtype = (int) $add['modtype']; $fstb = 0; if (empty($modtype)) { $fstb = GetInfoTranFstb($classid, $infoid, 0); } //取得文件地址 if (empty($fileid)) { printerror('NotCropImage', 'history.go(-1)'); } $filer = $empire->fetch1("select fileid,path,filename,classid,fpath,no from " . eReturnFileTable($modtype, $fstb) . " where fileid='{$fileid}'"); if (empty($filer['fileid'])) { printerror('NotCropImage', 'history.go(-1)'); } $path = $filer['path'] ? $filer['path'] . '/' : $filer['path']; $fspath = ReturnFileSavePath($filer['classid'], $filer['fpath']); $big_image_name = eReturnEcmsMainPortPath() . $fspath['filepath'] . $path . $filer['filename']; //moreport if (!file_exists($big_image_name)) { printerror('NotCropImage', 'history.go(-1)'); } $filetype = GetFiletype($filer['filename']); //取得文件类型 if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) { printerror('CropImageFiletypeFail', 'history.go(-1)'); } //目标图片 $new_datepath = FormatFilePath($filer['classid'], '', 0); $new_path = $new_datepath ? $new_datepath . '/' : $new_datepath; $new_insertfile = ReturnDoTranFilename($filer['filename'], 0); $new_fspath = ReturnFileSavePath($filer['classid']); $new_savepath = eReturnEcmsMainPortPath() . $new_fspath['filepath'] . $new_path; //moreport $new_name = $new_savepath . $new_insertfile; //处理图片 $returnr['file'] = ''; $returnr['filetype'] = ''; if ($temp_img_type = @getimagesize($big_image_name)) { preg_match('/\\/([a-z]+)$/i', $temp_img_type[mime], $tpn); $img_type = $tpn[1]; } else { preg_match('/\\.([a-z]+)$/i', $big_image_name, $tpn); $img_type = $tpn[1]; } $all_type = array("jpg" => array("create" => "ImageCreateFromjpeg", "output" => "imagejpeg", "exn" => ".jpg"), "gif" => array("create" => "ImageCreateFromGIF", "output" => "imagegif", "exn" => ".gif"), "jpeg" => array("create" => "ImageCreateFromjpeg", "output" => "imagejpeg", "exn" => ".jpg"), "png" => array("create" => "imagecreatefrompng", "output" => "imagepng", "exn" => ".png"), "wbmp" => array("create" => "imagecreatefromwbmp", "output" => "image2wbmp", "exn" => ".wbmp")); $func_create = $all_type[$img_type]['create']; if (empty($func_create) or !function_exists($func_create)) { printerror('CropImageFiletypeFail', 'history.go(-1)'); } //输出 $func_output = $all_type[$img_type]['output']; $func_exname = $all_type[$img_type]['exn']; if (($func_exname == '.gif' || $func_exname == '.png' || $func_exname == '.wbmp') && !function_exists($func_output)) { $func_output = 'imagejpeg'; $func_exname = '.jpg'; } $big_image = $func_create($big_image_name); $big_width = imagesx($big_image); $big_height = imagesy($big_image); if (!$big_width || !$big_height || $big_width < 10 || $big_height < 10) { printerror('CropImageFilesizeFail', 'history.go(-1)'); } if (function_exists("imagecopyresampled")) { $temp_image = imagecreatetruecolor($pic_w, $pic_h); imagecopyresampled($temp_image, $big_image, 0, 0, $pic_x, $pic_y, $pic_w, $pic_h, $pic_w, $pic_h); } else { $temp_image = imagecreate($pic_w, $pic_h); imagecopyresized($temp_image, $big_image, 0, 0, $pic_x, $pic_y, $pic_w, $pic_h, $pic_w, $pic_h); } $func_output($temp_image, $new_name . $func_exname); ImageDestroy($big_image); ImageDestroy($temp_image); $insert_file = $new_name . $func_exname; $insert_filename = $new_insertfile . $func_exname; if (file_exists($insert_file)) { if (!$doing) { $empire->query("delete from " . eReturnFileTable($modtype, $fstb) . " where fileid='{$fileid}'"); DelFiletext($big_image_name); //FileServer if ($public_r['openfileserver']) { $efileftp_dr[] = $big_image_name; } } //写入数据库 $no = '[CropImg]' . $filer['no']; $filesize = filesize($insert_file); $filesize = (int) $filesize; $classid = (int) $classid; $type = 1; eInsertFileTable($insert_filename, $filesize, $new_datepath, $username, $classid, $no, $type, $filepass, $filepass, $public_r[fpath], 0, $modtype, $fstb); //FileServer if ($public_r['openfileserver']) { $efileftp_fr[] = $insert_file; } } echo "<script>opener.ReloadChangeFilePage();window.close();</script>"; db_close(); exit; }
function AddFeedback($add) { global $empire, $dbtbpre, $level_r, $public_r; CheckCanPostUrl(); //验证来源 if ($add['bid']) { $bid = (int) $add['bid']; } else { $bid = (int) getcvar('feedbackbid'); } if (empty($bid)) { printerror("EmptyFeedbackname", "history.go(-1)", 1); } //验证码 $keyvname = 'checkfeedbackkey'; if ($public_r['fbkey_ok']) { ecmsCheckShowKey($keyvname, $add['key'], 1); } //版面是否存在 $br = $empire->fetch1("select bid,enter,mustenter,filef,groupid,checkboxf from {$dbtbpre}enewsfeedbackclass where bid='{$bid}';"); if (empty($br['bid'])) { printerror("EmptyFeedback", "history.go(-1)", 1); } //权限 if ($br['groupid']) { $user = islogin(); if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) { printerror("HaveNotEnLevel", "history.go(-1)", 1); } } $pr = $empire->fetch1("select feedbacktfile,feedbackfilesize,feedbackfiletype from {$dbtbpre}enewspublic limit 1"); //必填项 $mustr = explode(",", $br['mustenter']); $count = count($mustr); for ($i = 1; $i < $count - 1; $i++) { $mf = $mustr[$i]; if (strstr($br['filef'], "," . $mf . ",")) { if (!$pr['feedbacktfile']) { printerror("NotOpenFBFile", "", 1); } if (!$_FILES[$mf]['name']) { printerror("EmptyFeedbackname", "", 1); } } else { $chmustval = ReturnFBCheckboxAddF($add[$mf], $mf, $br['checkboxf']); if (!trim($chmustval)) { printerror("EmptyFeedbackname", "", 1); } } } $saytime = date("Y-m-d H:i:s"); //字段处理 $dh = ""; $tranf = ""; $record = "<!--record-->"; $field = "<!--field--->"; $er = explode($record, $br['enter']); $count = count($er); for ($i = 0; $i < $count - 1; $i++) { $er1 = explode($field, $er[$i]); $f = $er1[1]; //附件 $add[$f] = str_replace('[!#@-', 'ecms', $add[$f]); if (strstr($br['filef'], "," . $f . ",")) { if ($_FILES[$f]['name']) { if (!$pr['feedbacktfile']) { printerror("NotOpenFBFile", "", 1); } $filetype = GetFiletype($_FILES[$f]['name']); //取得文件类型 if (CheckSaveTranFiletype($filetype)) { printerror("NotQTranFiletype", "", 1); } if (!strstr($pr['feedbackfiletype'], "|" . $filetype . "|")) { printerror("NotQTranFiletype", "", 1); } if ($_FILES[$f]['size'] > $pr['feedbackfilesize'] * 1024) { printerror("TooBigQTranFile", "", 1); } $tranf .= $dh . $f; $dh = ","; $fval = "[!#@-" . $f . "-@!]"; } else { $fval = ""; } } else { $add[$f] = ReturnFBCheckboxAddF($add[$f], $f, $br['checkboxf']); $fval = $add[$f]; } $addf .= ",`" . $f . "`"; $addval .= ",'" . addslashes(RepPostStr($fval)) . "'"; } $type = 0; $classid = 0; $filename = ''; $filepath = ''; $userid = (int) getcvar('mluserid'); $username = RepPostVar(getcvar('mlusername')); $filepass = ReturnTranFilepass(); //上传附件 if ($tranf) { $dh = ""; $tranr = explode(",", $tranf); $count = count($tranr); for ($i = 0; $i < $count; $i++) { $tf = $tranr[$i]; $tfr = DoTranFile($_FILES[$tf]['tmp_name'], $_FILES[$tf]['name'], $_FILES[$tf]['type'], $_FILES[$tf]['size'], $classid); if ($tfr['tran']) { $filepath = $tfr[filepath]; //写入数据库 $filetime = $saytime; $filesize = (int) $_FILES[$tf]['size']; eInsertFileTable($tfr[filename], $filesize, $tfr[filepath], '[Member]' . $username, $classid, '[FB]' . addslashes(RepPostStr($add[title])), $type, $filepass, $filepass, $public_r[fpath], 0, 4, 0); $repfval = ($tfr[filepath] ? $tfr[filepath] . '/' : '') . $tfr[filename]; $filename .= $dh . $tfr[filename]; $dh = ","; } else { $repfval = ""; } $addval = str_replace("[!#@-" . $tf . "-@!]", $repfval, $addval); } } $ip = egetip(); $eipport = egetipport(); $sql = $empire->query("insert into {$dbtbpre}enewsfeedback(bid,saytime,ip,filepath,filename,userid,username,haveread,eipport" . $addf . ") values('{$bid}','{$saytime}','{$ip}','{$filepath}','{$filename}','{$userid}','{$username}',0,'{$eipport}'" . $addval . ");"); $fid = $empire->lastid(); //更新附件 UpdateTheFileOther(4, $fid, $filepass, 'other'); ecmsEmptyShowKey($keyvname); //清空验证码 if ($sql) { $reurl = DoingReturnUrl("../tool/feedback/?bid={$bid}", $add['ecmsfrom']); printerror("AddFeedbackSuccess", $reurl, 1); } else { printerror("DbError", "history.go(-1)", 1); } }
$filepass = (int) $filepass; if ($action == "catchimage") { for ($i = 0; $i < count($file_r['list']); $i++) { if ($file_r['list'][$i]['state'] == "SUCCESS") { $title = RepPostStr(trim($file_r['list'][$i]['title'])); $filesize = RepPostStr(trim($file_r['list'][$i]['size'])); $original = RepPostStr(trim($file_r['list'][$i]['original'])); eInsertFileTable($title, $filesize, $filepath, $username, $classid, $original, $type, $filepass, $filepass, $public_r[fpath], 0, 0, 0); } } } else { if ($file_r['state'] == "SUCCESS") { $title = RepPostStr(trim($file_r[title])); $filesize = RepPostStr(trim($file_r[size])); $original = RepPostStr(trim($file_r[original])); eInsertFileTable($title, $filesize, $filepath, $username, $classid, $original, $type, $filepass, $filepass, $public_r[fpath], 0, 0, 0); } } // 反馈附件入库 //eInsertFileTable($tfr[filename],$filesize,$filepath,'[Member]'.$username,$classid,'[FB]'.addslashes(RepPostStr($add[title])),$type,$filepass,$filepass,$public_r[fpath],0,4,0); } /* 输出结果 */ if (isset($_GET["callback"])) { if (preg_match("/^[\\w_]+\$/", $_GET["callback"])) { echo htmlspecialchars($_GET["callback"]) . '(' . $result . ')'; } else { echo json_encode(array('state' => 'callback参数不合法')); } } else { echo $result; }
function TranFile($file, $file_name, $file_type, $file_size, $tranurl, $no, $classid, $type, $post, $userid, $username) { global $empire, $public_r, $loginrnd, $dbtbpre, $ecms_config; if (!$no) { $no = $file_name; } $tranfrom = (int) $post['tranfrom']; $classid = (int) $classid; $modtype = (int) $post['modtype']; $infoid = (int) $post['infoid']; $fstb = 0; if (empty($modtype)) { $fstb = GetInfoTranFstb($classid, $infoid, 0); } //是否为空 if (!$file_name) { if (empty($tranurl) || $tranurl == "http://") { $tranfrom == 0 ? printerror("EmptyHttp", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'EmptyHttp', '', ''); } $filetype = GetFiletype($tranurl); //取得文件类型 $file_size = 0; } else { $filetype = GetFiletype($file_name); //取得文件类型 } //如果是.php文件 if (CheckSaveTranFiletype($filetype)) { $tranfrom == 0 ? printerror("TranPHP", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranPHP', '', ''); } $type_r = explode("|" . $filetype . "|", $public_r['filetype']); if (count($type_r) < 2) { $tranfrom == 0 ? printerror("TranFiletypeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFiletypeFail', '', ''); } if ($file_size > $public_r['filesize'] * 1024) { $tranfrom == 0 ? printerror("TranFilesizeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFilesizeFail', '', ''); } if ($type == 1) { if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) { $tranfrom == 0 ? printerror("NotTranImg", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranImg', '', ''); } } elseif ($type == 2) { if (!strstr($ecms_config['sets']['tranflashtype'], ',' . $filetype . ',')) { $tranfrom == 0 ? printerror("NotTranFlash", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranFlash', '', ''); } } elseif ($type == 3) { } else { } //远程保存 if (empty($file_name)) { $r = DoTranUrl($tranurl, $classid); if (empty($r[tran])) { $tranfrom == 0 ? printerror("TranHttpFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranHttpFail', '', ''); } } else { $r = DoTranFile($file, $file_name, $file_type, $file_size, $classid); if (empty($r[tran])) { $tranfrom == 0 ? printerror("TranFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFail', '', ''); } } if (!$no) { $no = $r[filename]; } //写入数据库 $r[filesize] = (int) $r[filesize]; $classid = (int) $classid; $post[filepass] = (int) $post[filepass]; $type = (int) $type; $sql = eInsertFileTable($r[filename], $r[filesize], $r[filepath], $username, $classid, $no, $type, $post[filepass], $post[filepass], $public_r[fpath], 0, $modtype, $fstb); $fileid = $empire->lastid(); //导入gd.php文件 if ($type == 1 && ($post['getsmall'] || $post['getmark'])) { @(include ECMS_PATH . DASHBOARD . "/class/gd.php"); } //缩略图 if ($type == 1 && $post['getsmall']) { GetMySmallImg($classid, $no, $r[insertfile], $r[filepath], $r[yname], $post[width], $post[height], $r[name], $post['filepass'], $post['filepass'], $userid, $username, $modtype, $fstb); } //水印 if ($type == 1 && $post['getmark']) { GetMyMarkImg($r['yname']); } if ($sql) { if ($tranfrom == 1) { //$imgstr=EditorSetTranPic($r[url],$r[url],$post); ECMS_EditorPrintError(0, $r[url], $r[filename], '', $no, $r[filesize]); db_close(); exit; } echo "<script>parent.location.reload();</script>"; db_close(); exit; } else { $tranfrom == 0 ? printerror("InTranRecordFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'InTranRecordFail', '', ''); } }
function CjNewsIn_all($classid, $checked, $uptime, $start, $userid, $username) { global $class_r, $empire, $public_r, $dbtbpre, $fun_r, $emod_r; $checked = (int) $checked; $classid = (int) $classid; $start = (int) $start; if (empty($classid)) { printerror("ErrorUrl", "history.go(-1)"); } //操作权限 CheckLevel($userid, $username, $classid, "cj"); $cr = $empire->fetch1("select * from {$dbtbpre}enewsinfoclass where classid='{$classid}'"); //副表 $cra = $empire->fetch1("select * from {$dbtbpre}ecms_infoclass_" . $cr[tbname] . " where classid='{$classid}'"); //组合两数组 $cr = TogTwoArray($cr, $cra); //导入gd处理文件 if ($cr['mark'] || $cr['getfirstspic']) { @(include_once "gd.php"); } if (empty($cr[insertnum])) { $cr[insertnum] = 10; } $mid = $class_r[$cr[newsclassid]][modid]; $savetxtf = $emod_r[$mid]['savetxtf']; $stb = $emod_r[$mid]['deftb']; //取得采集字段 $record = "<!--record-->"; $field = "<!--field--->"; $mr = $empire->fetch1("select cj from {$dbtbpre}enewsmod where mid='" . $class_r[$cr[newsclassid]][modid] . "'"); $cjr = explode($record, $mr[cj]); $ccount = count($cjr); $sql = $empire->query("select * from {$dbtbpre}ecms_infotmp_" . $cr[tbname] . " where classid='{$classid}' and checked=0 and id>{$start} order by id limit " . $cr[insertnum]); $todaytime = time(); $filetime = $todaytime; $b = 0; while ($r = $empire->fetch($sql)) { $b = 1; $newstart = $r[id]; $ivalue = ''; $ifield = ''; $dataivalue = ''; $dataifield = ''; $titlepicnoval = 0; for ($j = 0; $j < $ccount - 1; $j++) { $cjr1 = explode($field, $cjr[$j]); $dofield = $cjr1[1]; $var = "zz_" . $dofield; $var1 = "z_" . $dofield; $var2 = "qz_" . $dofield; $var3 = "save_" . $dofield; $value = $r[$dofield]; //自身链接 if ($dofield == "empireselfurl") { $value = $r['oldurl']; } //内容 if ($dofield == "newstext") { if ($cr[copyimg] || $cr[copyflash]) { $GLOBALS['cjnewsurl'] = $r[oldurl]; $value = addslashes(CopyImg(stripSlashes($value), $cr[copyimg], $cr[copyflash], $cr[newsclassid], $cr[imgurl], $username, 0, $r['id'], $cr['mark'], $public_r['filedeftb'])); } //替换关键字和字符 $value = DoReplaceKeyAndWord($value, 1, $cr[newsclassid]); } //简介 if ($dofield == "smalltext") { if (empty($value)) { $value = SubSmalltextVal($r[newstext], $cr[smalltextlen]); } else { $value = DoClearSmalltextVal($value); } } //图片集 if ($dofield == "morepic") { if ($cr[$var3] == " checked") { $msavepic = 1; $r['filepass'] = $r['id']; $value = LoadInSaveMorepicFile($value, $msavepic, $cr[newsclassid], 0, $r, 0, $public_r['filedeftb']); } } //时间 if ($dofield == "newstime") { continue; } //图片标题 if ($dofield == "titlepic" && $cr[zz_titlepicl]) { $cr[$var] = $cr[zz_titlepicl]; $cr[$var1] = $cr[z_titlepicl]; $cr[$var2] = $cr[qz_titlepicl]; $cr[$var3] = $cr[save_titlepicl]; } if ($dofield == "titlepic" && empty($value)) { $titlepicnoval = 1; } //是否远程保存 if ($value && !$cr[$var1] && $cr[$var3] == " checked" && $dofield != "morepic") { $tranr = DoTranUrl($value, $cr[newsclassid]); if ($tranr[tran]) { $tranr[filesize] = (int) $tranr[filesize]; $tranr[type] = (int) $tranr[type]; $r[id] = (int) $r[id]; //记录数据库 eInsertFileTable($tranr[filename], $tranr[filesize], $tranr[filepath], $username, $cr[newsclassid], '[URL]' . $tranr[filename], $tranr[type], 0, $r[id], $public_r[fpath], 0, 0, $public_r['filedeftb']); $value = $tranr[url]; } } //存放文本 if ($savetxtf == $dofield) { //建立目录 $thetxtfile = GetFileMd5(); $truevalue = MkDirTxtFile(date("Y/md"), $thetxtfile); //写放文件 EditTxtFieldText($truevalue, $value); $value = $truevalue; } $value = addslashes($value); if (strstr($emod_r[$mid]['tbdataf'], ',' . $dofield . ',')) { $dataifield .= "," . $dofield; $dataivalue .= ",'" . $value . "'"; } else { $ifield .= "," . $dofield; $ivalue .= ",'" . $value . "'"; } } $r[keyboard] = addslashes($r[keyboard]); //时间 if ($uptime) { $r[newstime] = $todaytime; $r[truetime] = $todaytime; } else { if ($r[newstime] == "0000-00-00 00:00:00") { $r[newstime] = $todaytime; } else { $r[newstime] = to_time($r[newstime]); } } //查看目录是否存在,不存在则建立 $newspath = FormatPath($cr[newsclassid], "", 0); //强制签发 if ($class_r[$cr[newsclassid]][wfid]) { $checked = 0; $isqf = 1; } else { $checked = $checked; $isqf = 0; } //变量处理 $newstempid = 0; $ispic = $r[titlepic] ? 1 : 0; //返回关键字 $keyid = GetKeyid($r[keyboard], $cr[newsclassid], 0, $class_r[$cr[newsclassid]][link_num]); //索引表 $havehtml = 0; $indexsql = $empire->query("insert into {$dbtbpre}ecms_" . $class_r[$cr[newsclassid]][tbname] . "_index(classid,checked,newstime,truetime,lastdotime,havehtml) values('{$cr['newsclassid']}','{$checked}','{$r['newstime']}','{$r['truetime']}','{$r['truetime']}','{$havehtml}');"); $id = $empire->lastid(); $infotbr = ReturnInfoTbname($class_r[$cr[newsclassid]][tbname], $checked, $stb); //主表 $isurl = $r['titleurl'] ? 1 : 0; $isql = $empire->query("insert into " . $infotbr['tbname'] . "(id,classid,ttid,onclick,plnum,totaldown,newspath,filename,userid,username,firsttitle,isgood,ispic,istop,isqf,ismember,isurl,truetime,lastdotime,havehtml,groupid,userfen,titlefont,titleurl,stb,fstb,restb,keyboard,newstime" . $ifield . ") values('{$id}','{$cr['newsclassid']}',0,0,0,0,'{$newspath}','{$filename}','{$r['userid']}','{$r['username']}',0,0,'{$ispic}',0,'{$isqf}',0,'{$isurl}','{$r['truetime']}','{$r['truetime']}','{$havehtml}',0,0,'{$r['titlefont']}','{$r['titleurl']}','{$stb}','{$public_r['filedeftb']}','{$public_r['pldeftb']}','{$r['keyboard']}','{$r['newstime']}'" . $ivalue . ");"); //副表 $fisql = $empire->query("insert into " . $infotbr['datatbname'] . "(id,classid,keyid,dokey,newstempid,closepl,haveaddfen,infotags" . $dataifield . ") values('{$id}','{$cr['newsclassid']}','{$keyid}',1,'{$newstempid}',0,0,''" . $dataivalue . ");"); //更新栏目信息数 AddClassInfos($cr['newsclassid'], '+1', '+1', $checked); //更新新信息数 DoUpdateAddDataNum('info', $class_r[$cr['newsclassid']]['tid'], 1); //签发 if ($isqf == 1) { InfoInsertToWorkflow($id, $cr[newsclassid], $class_r[$cr[newsclassid]][wfid], $userid, $username); } //更新附件 UpdateTheFile($id, $r['id'], $cr[newsclassid], $public_r['filedeftb']); //取第一张图片为标题图片 $addtitlepic = ""; if ($cr['getfirstpic'] && $titlepicnoval) { $firsttitlepic = GetFpicToTpic($cr[newsclassid], $id, $cr['getfirstpic'], $cr['getfirstspic'], $cr['getfirstspicw'], $cr['getfirstspich'], $public_r['filedeftb']); if ($firsttitlepic) { $addtitlepic = ",titlepic='" . addslashes($firsttitlepic) . "',ispic=1"; } } //文件命名 $filename = ReturnInfoFilename($cr[newsclassid], $id, $r[filenameqz]); //信息地址 $updateinfourl = ''; if (!$isurl) { $infourl = GotoGetTitleUrl($cr['newsclassid'], $id, $newspath, $filename, 0, $isurl, ''); $updateinfourl = ",titleurl='{$infourl}'"; } $usql = $empire->query("update " . $infotbr['tbname'] . " set filename='{$filename}'" . $updateinfourl . $addtitlepic . " where id='{$id}'"); } $fm = ehtmlspecialchars($_GET['fm']); //全部入库完毕 if (empty($b)) { //取得忧化字段 for ($ci = 0; $ci < $ccount - 1; $ci++) { $cir = explode($field, $cjr[$ci]); $cifield = $cir[1]; if ($cifield == "title") { continue; } $updatefield .= "," . $cifield . "=''"; } //状态原记录 if ($cr['delloadinfo']) { $del = $empire->query("delete from {$dbtbpre}ecms_infotmp_" . $cr[tbname] . " where classid='{$classid}'"); } else { $del = $empire->query("update {$dbtbpre}ecms_infotmp_" . $cr[tbname] . " set checked=1,keyboard=''" . $updatefield . " where classid='{$classid}'"); } if ($fm) { echo "<link rel=\"stylesheet\" href=\"../data/images/css.css\" type=\"text/css\"><body topmargin=0><font color=red>" . $cr[classname] . " " . $fun_r['CjLoadInInfosSuccess'] . "</font>, <input type=button name=button value='" . $fun_r['OnlickLoadInCj'] . "' onclick=\"window.open('CheckCj.php?classid={$classid}&from=" . ehtmlspecialchars($_GET[from]) . hReturnEcmsHashStrHref2(0) . "');\"></body>"; exit; } else { printerror("CjLoadDbSuccess", "CheckCj.php?classid={$classid}&from=" . ehtmlspecialchars($_GET[from]) . hReturnEcmsHashStrHref2(0)); } } echo "<b>{$cr['classname']}</b> " . $fun_r['OneCjLoadDbSuccess'] . "(ID:<font color=red><b>" . $newstart . "</b></font>)<script>self.location.href='ecmscj.php?enews=CjNewsIn_all&checked={$checked}&uptime={$uptime}&classid={$classid}&start={$newstart}&fm={$fm}&from=" . ehtmlspecialchars($_GET[from]) . hReturnEcmsHashStrHref(0) . "';</script>"; exit; }
function DoQTranFile($add, $file, $file_name, $file_type, $file_size, $userid, $username, $rnd, $ecms = 0) { global $empire, $dbtbpre, $class_r, $public_r, $ecms_config; if ($public_r['addnews_ok']) { $ecms != 1 ? printerror("NotOpenCQInfo", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotOpenCQInfo', '', ''); } $filepass = (int) $add['filepass']; $classid = (int) $add['classid']; $infoid = (int) $add['infoid']; if (!$file_name || !$filepass || !$classid || !$class_r[$classid][tbname]) { $ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', ''); } //信息 if ($infoid) { $index_r = $empire->fetch1("select classid,checked from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_index where id='{$infoid}'"); if (!$index_r['classid'] || $classid != $index_r['classid']) { $ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', ''); } $infotb = ReturnInfoMainTbname($class_r[$classid][tbname], $index_r['checked']); $infor = $empire->fetch1("select classid,fstb from " . $infotb . " where id='{$infoid}'"); if (!$infor['fstb'] || $classid != $infor['classid']) { $ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', ''); } $fstb = $infor['fstb']; } else { $fstb = $public_r['filedeftb']; } //验证权限 $userid = (int) $userid; $username = RepPostVar($username); $rnd = RepPostVar($rnd); DoQCheckAddLevel($classid, $userid, $username, $rnd, 0, 0); $filetype = GetFiletype($file_name); //取得文件类型 if (CheckSaveTranFiletype($filetype)) { $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', ''); } $type = (int) $add['type']; $pr = $empire->fetch1("select qaddtran,qaddtransize,qaddtranimgtype,qaddtranfile,qaddtranfilesize,qaddtranfiletype from {$dbtbpre}enewspublic limit 1"); if ($type == 1) { if (!$pr['qaddtran']) { $ecms != 1 ? printerror("CloseQTranPic", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranPic', '', ''); } if (!strstr($pr['qaddtranimgtype'], "|" . $filetype . "|")) { $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', ''); } if ($file_size > $pr['qaddtransize'] * 1024) { $ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', ''); } if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) { $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', ''); } } elseif ($type == 2) { if (!$pr['qaddtranfile']) { $ecms != 1 ? printerror("CloseQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranFile', '', ''); } if (!strstr($pr['qaddtranfiletype'], "|" . $filetype . "|")) { $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', ''); } if ($file_size > $pr['qaddtranfilesize'] * 1024) { $ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', ''); } if (!strstr($ecms_config['sets']['tranflashtype'], ',' . $filetype . ',')) { $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', ''); } } else { if (!$pr['qaddtranfile']) { $ecms != 1 ? printerror("CloseQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranFile', '', ''); } if (!strstr($pr['qaddtranfiletype'], "|" . $filetype . "|")) { $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', ''); } if ($file_size > $pr['qaddtranfilesize'] * 1024) { $ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', ''); } } $r = DoTranFile($file, $file_name, $file_type, $file_size, $classid); if (empty($r[tran])) { $ecms != 1 ? printerror("TranFail", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TranFail', '', ''); } //写入数据库 $filetime = time(); $r[filesize] = (int) $r[filesize]; $classid = (int) $classid; eInsertFileTable($r[filename], $r[filesize], $r[filepath], '[Member]' . $username, $classid, $r[filename], $type, $filepass, $filepass, $public_r[fpath], 0, 0, $fstb); //编辑器 if ($ecms == 1) { ECMS_QEditorPrintError(0, $r[url], $r[filename], '', $r[filename], $r[filesize]); } else { echo "<script>opener.document.add." . $add['field'] . ".value='" . $r['url'] . "';window.close();</script>"; } db_close(); $empire = null; exit; }
function ReturnDoMemberF($fid, $add, $mr, $ecms = 0, $username = '', $admin = 0) { global $empire, $dbtbpre, $ecms_config, $public_r; $pr = $empire->fetch1("select openmembertranimg,memberimgsize,memberimgtype,openmembertranfile,memberfilesize,memberfiletype from {$dbtbpre}enewspublic limit 1"); $formr = $empire->fetch1("select fid,enter,mustenter,filef,imgf,canaddf,caneditf,checkboxf from {$dbtbpre}enewsmemberform where fid='{$fid}'"); //检测必填字段 $mustr = explode(",", $formr['mustenter']); $mustcount = count($mustr); for ($i = 1; $i < $mustcount - 1; $i++) { $mf = $mustr[$i]; if (strstr($formr['filef'], "," . $mf . ",") || strstr($formr['imgf'], "," . $mf . ",")) { $mfilef = $mf . "file"; //上传文件 if ($_FILES[$mfilef]['name']) { if (strstr($formr['imgf'], "," . $mf . ",")) { if (!$pr['openmembertranimg']) { printerror("CloseQTranPic", "", 1); } } else { if (!$pr['openmembertranfile']) { printerror("CloseQTranFile", "", 1); } } } elseif (!trim($add[$mf]) && !$mr[$mf]) { printerror("EmptyQMustF", "", 1); } } else { $chmustval = ReturnMCheckboxAddF($add[$mf], $mf, $formr['checkboxf']); if (!trim($chmustval)) { printerror("EmptyQMustF", "", 1); } } } //字段处理 $dh = ""; $tranf = ""; $record = "<!--record-->"; $field = "<!--field--->"; $fr = explode($record, $formr['enter']); $count = count($fr); for ($i = 0; $i < $count - 1; $i++) { $fr1 = explode($field, $fr[$i]); $f = $fr1[1]; if ($admin == 0 && ($ecms == 0 && !strstr($formr['canaddf'], ',' . $f . ',') || $ecms == 1 && !strstr($formr['caneditf'], ',' . $f . ','))) { continue; } //附件 $add[$f] = str_replace('[!#@-', 'ecms', $add[$f]); if (strstr($formr['filef'], "," . $f . ",") || strstr($formr['imgf'], "," . $f . ",")) { //上传附件 $filetf = $f . "file"; if ($_FILES[$filetf]['name']) { $filetype = GetFiletype($_FILES[$filetf]['name']); //取得文件类型 if (CheckSaveTranFiletype($filetype)) { printerror("NotQTranFiletype", "", 1); } if (strstr($formr['imgf'], "," . $f . ",")) { if (!$pr['openmembertranimg']) { printerror("CloseQTranPic", "", 1); } if (!strstr($pr['memberimgtype'], "|" . $filetype . "|")) { printerror("NotQTranFiletype", "", 1); } if ($_FILES[$filetf]['size'] > $pr['memberimgsize'] * 1024) { printerror("TooBigQTranFile", "", 1); } if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) { printerror("NotQTranFiletype", "", 1); } } else { if (!$pr['openmembertranfile']) { printerror("CloseQTranFile", "", 1); } if (!strstr($pr['memberfiletype'], "|" . $filetype . "|")) { printerror("NotQTranFiletype", "", 1); } if ($_FILES[$filetf]['size'] > $pr['memberfilesize'] * 1024) { printerror("TooBigQTranFile", "", 1); } } $tranf .= $dh . $f; $dh = ","; $fval = "[!#@-" . $f . "-@!]"; } else { if ($public_r['modmemberedittran'] == 1) { $fval = $add[$f]; if ($ecms == 1 && $mr[$f] && !trim($fval)) { $fval = $mr[$f]; } } else { $fval = ''; if ($ecms == 1) { $fval = $mr[$f]; } } } } else { $add[$f] = ReturnMCheckboxAddF($add[$f], $f, $formr['checkboxf']); $fval = $add[$f]; } $fval = DoMemberFValue($fval); $fval = RepPostStr2($fval); $fval = addslashes($fval); if ($ecms == 0) { $ret_r[0] .= ",`" . $f . "`"; $ret_r[1] .= ",'" . $fval . "'"; } else { $ret_r[0] .= ",`" . $f . "`='" . $fval . "'"; } } //上传附件 if ($tranf) { $infoid = 0; $filepass = 0; $classid = 0; $filepass = (int) $mr['add_filepass']; $tranr = explode(",", $tranf); $count = count($tranr); for ($i = 0; $i < $count; $i++) { $tf = $tranr[$i]; $tffile = $tf . "file"; $tfr = DoTranFile($_FILES[$tffile]['tmp_name'], $_FILES[$tffile]['name'], $_FILES[$tffile]['type'], $_FILES[$tffile]['size'], $classid); if ($tfr['tran']) { if (strstr($formr['imgf'], "," . $tf . ",")) { $type = 1; } else { $type = 0; } //写入数据库 $filesize = (int) $_FILES[$tffile]['size']; eInsertFileTable($tfr[filename], $filesize, $tfr[filepath], '[EditInfo]' . $username, $classid, 'Member[' . $tf . ']', $type, $filepass, $filepass, $public_r[fpath], 0, 6, 0); //删除旧文件 if ($ecms == 1 && $mr[$tf]) { DelYMemberTranFile($mr[$tf], $tf, $username); } $repfval = $tfr['url']; } else { $repfval = $mr[$tf]; } if ($ecms == 0) { $ret_r[1] = str_replace("[!#@-" . $tf . "-@!]", $repfval, $ret_r[1]); } else { $ret_r[0] = str_replace("[!#@-" . $tf . "-@!]", $repfval, $ret_r[0]); } } } return $ret_r; }
function SaveMorepicFile($varname, $msavepic, $i, $picurl, $picname, $classid, $id, $add, $modtype = 0, $fstb = 1) { global $public_r, $empire, $loginin, $dbtbpre, $ecms_config; if ($varname == "mbigpfile") { $addname = "[b]"; } $type = 1; $r[url] = $picurl; //上传 if ($_FILES[$varname]['name'][$i]) { //取得文件类型 $filetype = GetFiletype($_FILES[$varname]['name'][$i]); //允许上传类型 if (CheckSaveTranFiletype($filetype)) { return $r; } if (!strstr($public_r['filetype'], "|" . $filetype . "|")) { return $r; } //图片文件 if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) { return $r; } //文件大小 if ($_FILES[$varname]['size'][$i] > $public_r['filesize'] * 1024) { return $r; } //上传 $r = DoTranFile($_FILES[$varname]['tmp_name'][$i], $_FILES[$varname]['name'][$i], $_FILES[$varname]['type'][$i], $_FILES[$varname]['size'][$i], $classid); //------------------------写入数据库 $r[filesize] = (int) $r[filesize]; $classid = (int) $classid; if (empty($picname)) { $picname = $r[filename]; } else { $picname = $addname . $picname; } $picname = RepPostStr($picname); $id = (int) $id; $cjid = 0; if (!$id) { $cjid = (int) $add['filepass']; } eInsertFileTable($r[filename], $r[filesize], $r[filepath], $loginin, $classid, $picname, $type, $id, $cjid, $public_r[fpath], 0, 0, $fstb); return $r; } else { if (empty($msavepic)) { return $r; } if (empty($picurl)) { return $r; } //----------------取得文件类型 $filetype = GetFiletype($picurl); //允许上传类型 if (CheckSaveTranFiletype($filetype)) { return $r; } if (!strstr($public_r['filetype'], "|" . $filetype . "|")) { return $r; } //图片文件 if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) { return $r; } //保存 $r = DoTranUrl($picurl, $classid); if ($r['tran']) { //记录数据库 //变量处理 $r[filesize] = (int) $r[filesize]; $classid = (int) $classid; $r[type] = (int) $r[type]; if (empty($picname)) { $picname = $r[filename]; } else { $picname = $addname . $picname; } $picname = RepPostStr($picname); $id = (int) $id; $cjid = 0; if (!$id) { $cjid = (int) $add['filepass']; } eInsertFileTable($r[filename], $r[filesize], $r[filepath], $loginin, $classid, $picname, $type, $id, $cjid, $public_r[fpath], 0, 0, $fstb); return $r; } return $r; } }
function TranMoreFile($file, $file_name, $file_type, $file_size, $no, $type, $userid, $username) { global $empire, $public_r, $dbtbpre; $count = count($file_name); if (empty($count)) { printerror("MustChangeTranOneFile", "history.go(-1)"); } //操作权限 CheckLevel($userid, $username, $classid, "file"); $type = (int) $type; for ($i = 0; $i < $count; $i++) { if (empty($file_name[$i])) { continue; } //取得文件类型 $filetype = GetFiletype($file_name[$i]); //如果是.php文件 if (CheckSaveTranFiletype($filetype)) { continue; } $type_r = explode("|" . $filetype . "|", $public_r['filetype']); if (count($type_r) < 2) { continue; } if ($file_size[$i] > $public_r['filesize'] * 1024) { continue; } //上传 $r = DoTranFile($file[$i], $file_name[$i], $file_type[$i], $file_size[$i], $classid); //写入数据库 $r[filesize] = (int) $r[filesize]; $classid = (int) $classid; if (empty($no[$i])) { $no[$i] = $file_name[$i]; } eInsertFileTable($r[filename], $r[filesize], $r[filepath], $username, $classid, $no[$i], $type, 0, 0, $public_r[fpath], 0, 5, 0); } insert_dolog(""); //操作日志 printerror("TranMoreFileSuccess", "file/TranMoreFile.php" . hReturnEcmsHashStrHref2(1)); }