if ($r['pubid'] < 0) { $ztr['ztid'] = $r['classid']; $titleurl = sys_ReturnBqZtname($ztr); $title = "<a href='{$titleurl}' target='_blank'>" . $class_zr[$r['classid']]['ztname'] . "</a>"; $pagefunr = eReturnRewritePlUrl($r['classid'], 0, 'dozt', 0, 0, 1); $plurl = $pagefunr['pageurl']; } else { if ($class_r[$r[classid]][tbname]) { $index_r = $empire->fetch1("select checked from {$dbtbpre}ecms_" . $class_r[$r[classid]][tbname] . "_index where id='{$r['id']}' limit 1"); //返回表 $infotb = ReturnInfoMainTbname($class_r[$r[classid]][tbname], $index_r['checked']); $infor = $empire->fetch1("select isurl,titleurl,classid,id,title from " . $infotb . " where id='{$r['id']}' limit 1"); $titleurl = sys_ReturnBqTitleLink($infor); $title = "<a href='{$titleurl}' target='_blank'>" . stripSlashes($infor[title]) . "</a>"; } $pagefunr = eReturnRewritePlUrl($r['classid'], $r['id'], 'doinfo', 0, 0, 1); $plurl = $pagefunr['pageurl']; } ?> <tr bgcolor="#FFFFFF" onmouseout="this.style.backgroundColor='#ffffff'" onmouseover="this.style.backgroundColor='#C3EFFF'" id=pl<?php echo $r[plid]; ?> > <td height="25" valign="top"> <div align="center"> <input name="plid[]" type="checkbox" id="plid" value="<?php echo $r[plid]; ?> "<?php echo $checked; ?> >
$num = $empire->gettotal($totalquery); } else { //需审核 if ($class_r[$classid][checkpl]) { $totalquery = "select count(*) as total from {$dbtbpre}enewspl_" . $n_r['restb'] . " where pubid='{$pubid}' and checked=0"; $num = $empire->gettotal($totalquery); } else { $num = $n_r['plnum']; } } //排序 $addorder = 'plid desc'; $myorder = (int) $_GET['myorder']; if ($myorder == 1) { $addorder = 'plid'; $search .= '&myorder=' . $myorder; } $query .= " order by " . $addorder . " limit {$offset},{$line}"; $sql = $empire->query($query); //伪静态 $pagefunr = eReturnRewritePlUrl($classid, $id, $rewritedoaction, $myorder, $rewritetempid, 0); $pagefunr['repagenum'] = 0; //分页 if ($pagefunr['rewrite'] == 1) { $listpage = InfoUsePage($num, $line, $page_line, $start, $page, $search, $pagefunr); } else { $listpage = page1($num, $line, $page_line, $start, $page, $search); } @(require ECMS_PATH . DASHBOARD . '/data/filecache/template/pl' . $tempid . '.php'); db_close(); $empire = null;
function AddPl($username, $password, $nomember, $key, $saytext, $id, $classid, $repid, $add) { global $empire, $dbtbpre, $public_r, $class_r, $level_r; //验证本时间允许操作 eCheckTimeCloseDo('pl'); //验证IP eCheckAccessDoIp('pl'); $id = (int) $id; $repid = (int) $repid; $classid = (int) $classid; //验证码 $keyvname = 'checkplkey'; if ($public_r['plkey_ok']) { ecmsCheckShowKey($keyvname, $key, 1); } $username = RepPostVar($username); $password = RepPostVar($password); $muserid = (int) getcvar('mluserid'); $musername = RepPostVar(getcvar('mlusername')); $mgroupid = (int) getcvar('mlgroupid'); if ($muserid) { $cklgr = qCheckLoginAuthstr(); if ($cklgr['islogin']) { $username = $musername; } else { $muserid = 0; } } else { if (empty($nomember)) { if (!$username || !$password) { printerror("FailPassword", "history.go(-1)", 1); } $ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password,checked,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1"); if (empty($ur['userid'])) { printerror("FailPassword", "history.go(-1)", 1); } if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) { printerror("FailPassword", "history.go(-1)", 1); } if ($ur['checked'] == 0) { printerror("NotCheckedUser", '', 1); } $muserid = $ur['userid']; $mgroupid = $ur['groupid']; } else { $muserid = 0; } } if ($public_r['plgroupid']) { if (!$muserid) { printerror("GuestNotToPl", "history.go(-1)", 1); } if ($level_r[$mgroupid][level] < $level_r[$public_r['plgroupid']][level]) { printerror("NotLevelToPl", "history.go(-1)", 1); } } //专题 $doaction = $add['doaction']; if ($doaction == 'dozt') { if (!trim($saytext) || !$classid) { printerror("EmptyPl", "history.go(-1)", 1); } //是否关闭评论 $r = $empire->fetch1("select ztid,closepl,checkpl,restb from {$dbtbpre}enewszt where ztid='{$classid}'"); if (!$r['ztid']) { printerror("ErrorUrl", "history.go(-1)", 1); } if ($r['closepl']) { printerror("CloseClassPl", "history.go(-1)", 1); } //审核 if ($r['checkpl']) { $checked = 1; } else { $checked = 0; } $restb = $r['restb']; $pubid = '-' . $classid; $id = 0; $pagefunr = eReturnRewritePlUrl($classid, $id, 'dozt', 0, 0, 1); $returl = $pagefunr['pageurl']; } else { if (!trim($saytext) || !$id || !$classid) { printerror("EmptyPl", "history.go(-1)", 1); } //表存在 if (empty($class_r[$classid][tbname])) { printerror("ErrorUrl", "history.go(-1)", 1); } //是否关闭评论 $r = $empire->fetch1("select classid,stb,restb from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' limit 1"); if (!$r['classid'] || $r['classid'] != $classid) { printerror("ErrorUrl", "history.go(-1)", 1); } if ($class_r[$r[classid]][openpl]) { printerror("CloseClassPl", "history.go(-1)", 1); } //单信息关闭评论 $pubid = ReturnInfoPubid($classid, $id); $finfor = $empire->fetch1("select closepl from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_data_" . $r['stb'] . " where id='{$id}' limit 1"); if ($finfor['closepl']) { printerror("CloseInfoPl", "history.go(-1)", 1); } //审核 if ($class_r[$classid][checkpl]) { $checked = 1; } else { $checked = 0; } $restb = $r['restb']; $pagefunr = eReturnRewritePlUrl($classid, $id, 'doinfo', 0, 0, 1); $returl = $pagefunr['pageurl']; } //设置参数 $plsetr = $empire->fetch1("select pltime,plsize,plincludesize,plclosewords,plmustf,plf,plmaxfloor,plquotetemp from {$dbtbpre}enewspl_set limit 1"); if (strlen($saytext) > $plsetr['plsize']) { $GLOBALS['setplsize'] = $plsetr['plsize']; printerror("PlSizeTobig", "history.go(-1)", 1); } $time = time(); $saytime = $time; $pltime = getcvar('lastpltime'); if ($pltime) { if ($time - $pltime < $plsetr['pltime']) { $GLOBALS['setpltime'] = $plsetr['pltime']; printerror("PlOutTime", "history.go(-1)", 1); } } $sayip = egetip(); $eipport = egetipport(); $username = str_replace("\r\n", "", $username); $username = RepPostStr($username); $saytext = nl2br(RepFieldtextNbsp(RepPostStr($saytext))); if ($repid) { $saytext = RepPlTextQuote($repid, $saytext, $plsetr, $restb); CkPlQuoteFloor($plsetr['plmaxfloor'], $saytext); //验证楼层 } //过滤字符 $saytext = ReplacePlWord($plsetr['plclosewords'], $saytext); if ($level_r[$mgroupid]['plchecked']) { $checked = 0; } $ret_r = ReturnPlAddF($add, $plsetr, 0); //主表 $sql = $empire->query("insert into {$dbtbpre}enewspl_" . $restb . "(pubid,username,sayip,saytime,id,classid,checked,zcnum,fdnum,userid,isgood,saytext,eipport" . $ret_r['fields'] . ") values('{$pubid}','" . $username . "','{$sayip}','{$saytime}','{$id}','{$classid}','{$checked}',0,0,'{$muserid}',0,'" . addslashes($saytext) . "','{$eipport}'" . $ret_r['values'] . ");"); $plid = $empire->lastid(); if ($doaction != 'dozt') { //信息表加1 $usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set plnum=plnum+1 where id='{$id}' limit 1"); } //更新新评论数 DoUpdateAddDataNum('pl', $restb, 1); //设置最后发表时间 $set1 = esetcookie("lastpltime", time(), time() + 3600 * 24); ecmsEmptyShowKey($keyvname); //清空验证码 if ($sql) { $reurl = DoingReturnUrl($returl, $_POST['ecmsfrom']); printerror("AddPlSuccess", $reurl, 1); } else { printerror("DbError", "history.go(-1)", 1); } }