public function editanswer() { $M = getcache('ask', 'commons'); $M = $M[1]; $_username = param::get_cookie('_username'); $_userid = param::get_cookie('_userid'); if ($_POST['dosubmit']) { $askid = intval($_POST['askid']); $pid = intval($_POST['pid']); $a = $this->db->get_one(array('askid' => $askid, 'siteid' => SITEID), 'catid,status'); if ($a['status'] > 4) { showmessage(L('no_edit'), HTTP_REFERER); } $posts_table_name = $this->db2->posts_table($a['catid']); $this->db2->table_name = $posts_table_name; $r = $this->db2->get_one(array('askid' => $askid, 'pid' => $pid, 'siteid' => SITEID)); if ($r['userid'] != $_userid) { showmessage(L('no_edit_other_people_info'), HTTP_REFERER); } if (strlen($_POST['answertext']) > 10000) { showmessage(L('answer_limit_1000'), HTTP_REFERER); } $posts['message'] = $M['use_editor'] ? $_POST['answertext'] : strip_tags($_POST['answertext']); $this->db2->edit($pid, $posts, $_userid); showmessage(L('operation_success'), ask_url($catid, $askid) . "#p" . $pid); } }
public function edit() { $M = getcache('ask', 'commons'); $M = $M[1]; $_username = param::get_cookie('_username'); $_userid = param::get_cookie('_userid'); $CATEGORYS = getcache('category_ask_' . SITEID, 'commons'); $pc_hash = $_SESSION['pc_hash']; $r_m = $this->db_m->get_one(array('userid' => $_userid, 'siteid' => SITEID)); $_point = $r_m['point']; if (isset($_GET['job'])) { $job = $_GET['job']; } if (isset($_GET['id'])) { $id = $_GET['id']; } if (isset($_GET['pid'])) { $pid = $_GET['pid']; } if ($job == 'ask') { if ($_POST['dosubmit']) { if (!$id) { showmessage(L('illegal_parameters'), HTTP_REFERER); } if (!$_userid) { showmessage(L('please_login'), APP_PATH . 'index.php?m=member&c=index&a=login'); } if ($M['publish_code']) { $session_storage = 'session_' . pc_base::load_config('system', 'session_storage'); pc_base::load_sys_class($session_storage); session_start(); $code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : showmessage(L('please_enter_code'), HTTP_REFERER); if ($code != $_SESSION['code']) { showmessage(L('code_error'), HTTP_REFERER); } } $info['catid'] = intval($_POST['info']['catid']); $info['reward'] = intval($_POST['info']['reward']); $info['title'] = htmlspecialchars($_POST['info']['title']); $info['anonymity'] = intval($_POST['info']['anonymity']); if ($info['title'] == '') { showmessage(L('title_no_allow_blank'), HTTP_REFERER); } if (!$info['catid']) { showmessage(L('select_category'), HTTP_REFERER); } if ($info['reward'] > $_point) { showmessage(L('credit_is_poor'), HTTP_REFERER); } $posts['message'] = isset($_POST['message']) && trim($_POST['message']) ? trim($_POST['message']) : showmessage(L('please_enter_content'), HTTP_REFERER); if (strlen($posts['message']) > 1000) { showmessage(L('answer_limit_1000'), HTTP_REFERER); } if ($M['publish_check']) { $info['status'] = $posts['status'] = 1; $forward = "index.php?m=ask&c=index"; } else { $forward = ask_url($info['catid'], $id); $info['status'] = $posts['status'] = 3; if ($info['reward'] >= $M['height_score']) { $info['flag'] = 2; } } if ($this->db->edit($id, $info, $posts, $_userid)) { showmessage(L('operation_success'), $forward); } else { $forward = ask_url($info['catid'], $id); showmessage("操作失败", $forward); } } else { $r = $this->db->get_one("askid={$id}", "*", $this->table_name); if (!$r) { showmessage('提问不存在'); } //检测表 $posts_table_name = $this->db2->posts_table($r['catid']); $this->db2->table_name = $posts_table_name; $r2 = $this->db2->get_one("askid={$id} AND isask=1 AND userid={$_userid}", "*", $this->db_tablepre . $this->table_name); unset($r2['anonymity']); $r = $r2 ? array_merge($r, $r2) : $r; if (!$r) { showmessage('提问不存在'); } extract($r); if ($status > 3) { showmessage(L('no_edit'), HTTP_REFERER); } include template('ask', 'center_edit'); } } else { if ($_POST['dosubmit']) { $r = $this->db->get_one("askid={$id}", "*", $this->table_name); if (!$r) { showmessage('提问不存在'); } if ($r['status'] > 3) { showmessage(L('no_edit'), HTTP_REFERER); } if (!$id) { showmessage(L('illegal_parameters'), HTTP_REFERER); } if (!$_userid) { showmessage(L('please_login'), APP_PATH . 'index.php?m=member&c=index&a=login'); } if ($M['answer_code']) { $session_storage = 'session_' . pc_base::load_config('system', 'session_storage'); pc_base::load_sys_class($session_storage); session_start(); $code = isset($_POST['code']) && trim($_POST['code']) ? strtolower(trim($_POST['code'])) : showmessage(L('please_enter_code'), HTTP_REFERER); if ($code != $_SESSION['code']) { showmessage(L('code_error'), HTTP_REFERER); } } $posts['message'] = isset($_POST['message']) && trim($_POST['message']) ? trim($_POST['message']) : showmessage(L('please_enter_content'), HTTP_REFERER); if (strlen($posts['message']) > 1000) { showmessage(L('answer_limit_1000'), HTTP_REFERER); } //检测表 $posts_table_name = $this->db2->posts_table($r['catid']); $this->db2->table_name = $posts_table_name; $this->db2->update(array('message' => $posts[message]), "pid={$pid} AND userid='{$_userid}' AND siteid=" . SITEID); $forward = "index.php?m=ask&c=center&a=answer"; showmessage(L('operation_success'), $forward); } else { $r = $this->db->get_one("askid={$id}", "*", $this->table_name); if (!$r) { showmessage('提问不存在'); } //检测表 $posts_table_name = $this->db2->posts_table($r['catid']); $this->db2->table_name = $posts_table_name; $r2 = $this->db2->get_one("askid={$id} AND isask=0 AND pid={$pid} AND userid={$_userid}", "*"); if ($r['status'] > 3) { showmessage(L('no_edit'), HTTP_REFERER); } unset($r['status']); unset($r['anonymity']); $r = $r2 ? array_merge($r, $r2) : $r; if (!$r) { showmessage('提问不存在'); } extract($r); include template('ask', 'center_edit'); } } }
public function vote() { $M = getcache('ask', 'commons'); $M = $M[1]; $_username = param::get_cookie('_username'); $_userid = param::get_cookie('_userid'); if (!$_userid) { $forward = isset($_GET['forward']) ? urlencode($_GET['forward']) : urlencode(get_url()); showmessage(L('please_login', '', 'member'), '?m=member&c=index&a=login&forward=' . $forward); } $id = intval($_GET['id']); $a = $this->db->get_one("askid={$id} AND siteid=" . SITEID, 'catid'); //检测表 $posts_table_name = $this->db2->posts_table($a['catid']); $this->db2->table_name = $posts_table_name; $result = $this->db2->select("askid={$id} AND status>2 AND isask=0 AND siteid=" . SITEID, 'pid'); foreach ($result as $r) { $pids[] = $r['pid']; } if ($this->db2->exchange($id, $pids, 1, 1, $_userid)) { showmessage(L('exchange_ask_to_vote'), ask_url($catid, $id)); } else { showmessage(L('submit_failure'), HTTP_REFERER); } }
?> <tr> <td align="center"><input type="checkbox" name="askid[]" value="<?php echo $info['askid']; ?> "></td> <td align="center"><?php echo $info['askid']; ?> </td> <td align="center"><?php echo $CATEGORYS[$info[catid]][catname]; ?> </td> <td><a href="<?php echo ask_url($info['catid'], $info['askid']); ?> " title="<?php echo L('go_website'); ?> " target="_blank"><?php echo $info['title']; ?> </a> <?php if ($info['flag'] == '1') { echo '<img src="' . IMG_PATH . 'icon/small_elite.gif" title="' . L('elite') . '">'; } ?> </td> <td align="center"> <?php