Example #1
0
    if ($cr['qaddshowkey']) {
        $showkey = "<tr bgcolor=\"#FFFFFF\">\n      <td width=\"11%\" height=\"25\">验证码</td>\n      <td height=\"25\"><input name=\"key\" type=\"text\" size=\"6\">\n        <img src=\"../ShowKey/?v=info\" name=\"infoKeyImg\" id=\"infoKeyImg\" onclick=\"infoKeyImg.src='../ShowKey/?v=info&t='+Math.random()\" title=\"看不清楚,点击刷新\"></td></tr>";
    }
    //图片
    $imgwidth = 0;
    $imgheight = 0;
    //文件验证码
    $filepass = time();
} else {
    $word = "修改信息";
    $ecmsfirstpost = 0;
    $id = (int) $_GET['id'];
    if (empty($id)) {
        printerror("EmptyQinfoCid", "", 1);
    }
    $cr = DoQCheckAddLevel($classid, $muserid, $musername, $mrnd, 1, 0);
    $mr = $empire->fetch1("select qenter,qmname from {$dbtbpre}enewsmod where mid='{$cr['modid']}'");
    if (empty($mr['qenter'])) {
        printerror("NotOpenCQInfo", "history.go(-1)", 1);
    }
    $r = CheckQdoinfo($classid, $id, $muserid, $cr['tbname'], $cr['adminqinfo'], 1);
    //检测时间
    if ($public_r['qeditinfotime']) {
        if (time() - $r['truetime'] > $public_r['qeditinfotime'] * 60) {
            printerror("QEditInfoOutTime", "history.go(-1)", 1);
        }
    }
    $newstime = $r['newstime'];
    $r['newstime'] = date("Y-m-d H:i:s", $r['newstime']);
    //图片
    $imgwidth = 170;
Example #2
0
function DoQTranFile($add, $file, $file_name, $file_type, $file_size, $userid, $username, $rnd, $ecms = 0)
{
    global $empire, $dbtbpre, $class_r, $public_r, $ecms_config;
    if ($public_r['addnews_ok']) {
        $ecms != 1 ? printerror("NotOpenCQInfo", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotOpenCQInfo', '', '');
    }
    $filepass = (int) $add['filepass'];
    $classid = (int) $add['classid'];
    $infoid = (int) $add['infoid'];
    if (!$file_name || !$filepass || !$classid || !$class_r[$classid][tbname]) {
        $ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', '');
    }
    //信息
    if ($infoid) {
        $index_r = $empire->fetch1("select classid,checked from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_index where id='{$infoid}'");
        if (!$index_r['classid'] || $classid != $index_r['classid']) {
            $ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', '');
        }
        $infotb = ReturnInfoMainTbname($class_r[$classid][tbname], $index_r['checked']);
        $infor = $empire->fetch1("select classid,fstb from " . $infotb . " where id='{$infoid}'");
        if (!$infor['fstb'] || $classid != $infor['classid']) {
            $ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', '');
        }
        $fstb = $infor['fstb'];
    } else {
        $fstb = $public_r['filedeftb'];
    }
    //验证权限
    $userid = (int) $userid;
    $username = RepPostVar($username);
    $rnd = RepPostVar($rnd);
    DoQCheckAddLevel($classid, $userid, $username, $rnd, 0, 0);
    $filetype = GetFiletype($file_name);
    //取得文件类型
    if (CheckSaveTranFiletype($filetype)) {
        $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
    }
    $type = (int) $add['type'];
    $pr = $empire->fetch1("select qaddtran,qaddtransize,qaddtranimgtype,qaddtranfile,qaddtranfilesize,qaddtranfiletype from {$dbtbpre}enewspublic limit 1");
    if ($type == 1) {
        if (!$pr['qaddtran']) {
            $ecms != 1 ? printerror("CloseQTranPic", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranPic', '', '');
        }
        if (!strstr($pr['qaddtranimgtype'], "|" . $filetype . "|")) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
        if ($file_size > $pr['qaddtransize'] * 1024) {
            $ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', '');
        }
        if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
    } elseif ($type == 2) {
        if (!$pr['qaddtranfile']) {
            $ecms != 1 ? printerror("CloseQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranFile', '', '');
        }
        if (!strstr($pr['qaddtranfiletype'], "|" . $filetype . "|")) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
        if ($file_size > $pr['qaddtranfilesize'] * 1024) {
            $ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', '');
        }
        if (!strstr($ecms_config['sets']['tranflashtype'], ',' . $filetype . ',')) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
    } else {
        if (!$pr['qaddtranfile']) {
            $ecms != 1 ? printerror("CloseQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranFile', '', '');
        }
        if (!strstr($pr['qaddtranfiletype'], "|" . $filetype . "|")) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
        if ($file_size > $pr['qaddtranfilesize'] * 1024) {
            $ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', '');
        }
    }
    $r = DoTranFile($file, $file_name, $file_type, $file_size, $classid);
    if (empty($r[tran])) {
        $ecms != 1 ? printerror("TranFail", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TranFail', '', '');
    }
    //写入数据库
    $filetime = time();
    $r[filesize] = (int) $r[filesize];
    $classid = (int) $classid;
    eInsertFileTable($r[filename], $r[filesize], $r[filepath], '[Member]' . $username, $classid, $r[filename], $type, $filepass, $filepass, $public_r[fpath], 0, 0, $fstb);
    //编辑器
    if ($ecms == 1) {
        ECMS_QEditorPrintError(0, $r[url], $r[filename], '', $r[filename], $r[filesize]);
    } else {
        echo "<script>opener.document.add." . $add['field'] . ".value='" . $r['url'] . "';window.close();</script>";
    }
    db_close();
    $empire = null;
    exit;
}