//验证用户 $lur = is_login(); $logininid = $lur['userid']; $loginin = $lur['username']; $loginrnd = $lur['rnd']; $loginlevel = $lur['groupid']; $loginadminstyleid = $lur['adminstyleid']; //验证权限 CheckLevel($logininid, $loginin, $classid, "file"); //基目录 $basepath = "../../../d/file"; $filepath = $_GET['filepath']; if (strstr($filepath, "..")) { $filepath = ""; } $filepath = eReturnCPath($filepath, ''); $openpath = $basepath . "/" . $filepath; if (!file_exists($openpath)) { $openpath = $basepath; } $hand = @opendir($openpath); db_close(); $empire = null; ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>管理附件</title> <link href="../adminstyle/<?php echo $loginadminstyleid;
function EditM($add, $cname, $cchange, $schange, $center, $cqenter, $menter, $listand, $ltempf, $ptempf, $canadd, $canedit, $listorder, $userid, $username) { global $empire, $dbtbpre; $tid = (int) $add['tid']; $tbname = RepPostVar($add['tbname']); $add[mid] = (int) $add[mid]; if (empty($add[mname]) || empty($add[mid]) || !$tid || !$tbname) { printerror("EmptyM", "history.go(-1)"); } $listfile = eReturnCPath(str_replace('.', '', $add[listfile]), ''); //验证权限 CheckLevel($userid, $username, $classid, "m"); //组合采集项 $cj = TogMCj($cname, $cchange); //组合搜索项 $searchvar = TogMSearch($cname, $schange); //组合必填项 $mustqenterf = TogMustf($cname, $menter); //组合结合项 $listandf = TogMustf($cname, $listand); //组合排序项 $orderf = TogMustf($cname, $listorder); //组合投稿项 $qenter = TogMqenter($cname, $cqenter); //组合可增加项 $canaddf = TogMustf($cname, $canadd); //组合可修改项 $caneditf = TogMustf($cname, $canedit); //组合录入项 $er = TogMEnter($cname, $center, $ltempf, $ptempf, $tid); $enter = $er[0]; //录入项 $listtempvar = $er[1]; //列表模板项 $tempvar = $er[2]; //内容模板项 //自动生成表单 if ($add[mtype]) { $add[mtemp] = ReturnMtemp($cname, $center); } if ($add[qmtype]) { $add[qmtemp] = ReturnQmtemp($cname, $cqenter); } $setandf = (int) $add['setandf']; $add[definfovoteid] = (int) $add[definfovoteid]; $showmod = (int) $add['showmod']; $usemod = (int) $add['usemod']; $myorder = (int) $add['myorder']; $add[printtempid] = (int) $add[printtempid]; $sql = $empire->query("update {$dbtbpre}enewsmod set mname='{$add['mname']}',mtemp='" . addslashes($add[mtemp]) . "',mzs='{$add['mzs']}',cj='{$cj}',enter='{$enter}',tempvar='{$tempvar}',searchvar='{$searchvar}',qenter='{$qenter}',mustqenterf='{$mustqenterf}',qmtemp='" . addslashes($add[qmtemp]) . "',listandf='" . addslashes($listandf) . "',setandf={$setandf},listtempvar='{$listtempvar}',qmname='{$add['qmname']}',canaddf='{$canaddf}',caneditf='{$caneditf}',definfovoteid={$add['definfovoteid']},showmod='{$showmod}',usemod='{$usemod}',myorder='{$myorder}',orderf='{$orderf}',listfile='{$listfile}',printtempid='{$add['printtempid']}' where mid='{$add['mid']}'"); //更新表单 ChangeMForm($add[mid], $tid, $add[mtemp]); ChangeQmForm($add[mid], $tid, $add[qmtemp]); //采集文件 ChangeMCj($add[mid], $tid, $cj); GetConfig(1); //更新缓存 if ($sql) { //操作日志 insert_dolog("mid=" . $add[mid] . "<br>m=" . $add[mname]); printerror("EditMSuccess", "db/ListM.php?tid={$tid}&tbname={$tbname}"); } else { printerror("DbError", "history.go(-1)"); } }