<?php
!function_exists('html') && exit('ERR');
$rsdb = $db->get_one("SELECT * FROM {$pre}article WHERE aid='{$id}'");
if (!$id) {
showerr("数据不存在");
}
if ($step == 2) {
$rs = $db->get_one("SELECT * FROM `{$pre}report` WHERE `ip`='{$onlineip}'");
if (!$web_admin && $timestamp - $rs[posttime] < 30) {
showerr("请30秒后再举报信息");
}
if (!$Type) {
showerr("请选择一个类型");
} elseif (strlen($myname) > 30) {
showerr("你的称呼不能大于30个字符");
}
$Title = "来自“{$webdb[webname]}”的邮件,你朋友“{$myname}”给你推荐了一篇精彩文章!!";
$rs[email] = $email;
$content = filtrate($content);
$Type = filtrate($Type);
$Content = str_replace("\n", "<br>", $Content);
$db->query("INSERT INTO `{$pre}report` ( `aid` , `type` , `uid` , `name` , `content` , `posttime` , `ip` ) VALUES ('{$id}','{$Type}','{$lfjuid}','{$myname}','{$content}','{$timestamp}','{$onlineip}')");
refreshto("{$webdb['www_url']}/", "谢谢你,举报本条信息!", 5);
}
require ROOT_PATH . "inc/head.php";
require html("report");
require ROOT_PATH . "inc/foot.php";
<?php
if (!function_exists('html')) {
die('F');
}
require_once dirname(__FILE__) . "/googlemap.inc.php";
explain_url($city_id);
$title = filtrate($title);
$cityname || ($cityname = '北京');
eregi("^[a-z0-9 ]+\$", $cityname) || ($cityname = '中国' . $cityname);
//中文城市名要加上中国二字
print <<<EOT
<!DOCTYPE html>
<html dir="LTR">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>谷歌地图位置显示 {$titleDB['title']}</title>
<link href="{$webdb['www_url']}/images/default/googlemap.css" rel="stylesheet" type="text/css" />
<SCRIPT LANGUAGE="JavaScript">
<!--
if('{$showDomain}'=='1'){
\tif('{$webdb['cookieDomain']}'!='')document.domain = '{$webdb['cookieDomain']}';
}else{
\twindow.onerror=function (){
\t\turl = '{$WEBURL}';
\t\turl +=url.indexOf('?')>0?'&':'?';
\t\tif('{$webdb['cookieDomain']}'!='')window.location.href=url+'showDomain=1';
\t\treturn true;
\t};
showerr("你的空间不足,上传失败,<A HREF='?uid={$lfjuid}'>点击查看你的空间容量信息</A>");
}
$array[updateTable] = 1;
//统计用户上传的文件占用空间大小
$filename = upfile(is_array($postfile) ? $_FILES[postfile][tmp_name] : $postfile, $array);
$icon = "icon/{$lfjuid}" . strtolower(strrchr($filename, "."));
@unlink(ROOT_PATH . "{$webdb['updir']}/{$icon}");
rename(ROOT_PATH . "{$webdb['updir']}/icon/{$filename}", ROOT_PATH . "{$webdb['updir']}/{$icon}");
$icon_array = getimagesize(ROOT_PATH . "{$webdb['updir']}/{$icon}");
if ($icon_array[0] > 150 || $icon_array[1] > 150) {
$icon_url = "{$webdb['www_url']}/{$webdb['updir']}/{$icon}";
}
}
if ($icon) {
$filetype = strtolower(strrchr($icon, "."));
$icon = filtrate($icon);
if ($filetype != '.gif' && $filetype != '.jpg') {
showerr("头像只能是.gif或.jpg格式");
}
}
//过滤不健康的字
$truename = replace_bad_word($truename);
$introduce = replace_bad_word($introduce);
$address = replace_bad_word($address);
if ($cityid) {
@extract($db->get_one("SELECT fup AS provinceid FROM {$pre}area WHERE fid='{$cityid}'"));
}
$array = array("uid" => $lfjuid, "username" => $lfjid, "email" => $email, "password" => $password, "icon" => $icon, "sex" => $sex, "bday" => $bday, "introduce" => $introduce, "oicq" => $oicq, "msn" => $msn, "homepage" => $homepage, "address" => $address, "postalcode" => $postalcode, "mobphone" => $mobphone, "telephone" => $telephone, "idcard" => $idcard, "truename" => $truename, "provinceid" => $provinceid, "cityid" => $cityid);
if ($lfjdb[email_yz] && $lfjdb[email] != $email) {
if (!$webdb[EditYzEmail]) {
showerr("你不可以再修改邮箱,因为已经审核过了.");
}
$yz = 1;
if (!$web_admin) {
if ($webdb[Info_PostCommentType] == 2) {
die('管理员设置不可以发表评论');
} elseif ($webdb[Info_PostCommentType] == 1 && !$lfjuid) {
die('管理员设置游客不可以发表评论');
}
if ($webdb[Info_PassCommentType] == 2) {
$yz = 0;
} elseif ($webdb[Info_PassCommentType] == 1 && !$lfjuid) {
$yz = 0;
}
}
$username = filtrate($username);
$content = filtrate($content);
$content = str_replace("@@br@@", "<br>", $content);
//过滤不健康的字
$username = replace_bad_word($username);
$content = replace_bad_word($content);
//处理有人恶意用他人帐号做署名的
if ($username) {
$rs = $db->get_one(" SELECT {$TB['uid']} AS uid FROM {$TB['table']} WHERE {$TB['username']}='{$username}' ");
if ($rs[uid] != $lfjuid) {
$username = "******";
}
}
$rss = $db->get_one(" SELECT * FROM {$_pre}content WHERE id='{$id}' ");
if (!$rss) {
die("原数据不存在");
}
require dirname(__FILE__) . "/" . "foot.php";
} elseif ($action == 'add' && $Apower[membermenu_list]) {
if ($gid == 2) {
showmsg("不能是游客组");
}
if (!$postdb[name]) {
showmsg("名称不能为空");
}
if ($fid && !$postdb['linkurl']) {
showmsg("链接地址不能为空");
}
if (!$addsort && !$fid) {
showmsg("请选择一个分类");
}
$postdb[name] = filtrate($postdb[name]);
$postdb[linkurl] = filtrate($postdb[linkurl]);
$db->query("INSERT INTO `{$pre}admin_menu` (`fid`, `name`, `linkurl`, `color`, `target`, `groupid`, `list`) VALUES ('{$fid}', '{$postdb['name']}', '{$postdb['linkurl']}', '{$postdb['color']}', '{$postdb['target']}','-{$gid}', '{$postdb['list']}')");
jump("添加成功", "?lfj={$lfj}&job=list&gid={$gid}", 1);
} elseif ($action == 'delete' && $Apower[membermenu_list]) {
$rs = $db->get_one("SELECT * FROM {$pre}admin_menu WHERE fid='{$id}'");
if ($rs) {
showmsg("请先删除子菜单或者把子菜单移走.才能删除此菜单");
}
$db->query("DELETE FROM `{$pre}admin_menu` WHERE id='{$id}'");
jump("删除成功", "?lfj={$lfj}&job=list&gid={$gid}", 1);
} elseif ($action == "editlist" && $Apower[membermenu_list]) {
foreach ($order as $key => $value) {
$db->query("UPDATE {$pre}admin_menu SET list='{$value}' WHERE id='{$key}'");
}
jump("修改成功", "?lfj={$lfj}&job=list&gid={$gid}", 1);
} elseif ($job == "sysmenu" && $Apower[membermenu_list]) {
header("location:{$detail['showurl']}");
exit;
}
}
}
/**
*文章检查
**/
check_article($rsdb);
//统计点击次数
$db->query("UPDATE {$pre}article{$erp} SET hits=hits+1,lastview='{$timestamp}' WHERE aid='{$aid}'");
//SEO
$titleDB[title] = filtrate(strip_tags("{$rsdb['title']} - {$fidDB['name']} - {$webdb['webname']}"));
$titleDB[keywords] = filtrate($rsdb[keywords]);
$rsdb[description] || ($rsdb[description] = get_word(preg_replace("/(<([^<]+)>|\t| |\n)/is", "", $rsdb[content]), 250));
$titleDB[description] = filtrate($rsdb[description]);
//文章风格
$STYLE = $rsdb[style] ? $rsdb[style] : ($fidDB[style] ? $fidDB[style] : $STYLE);
//相关栏目名称模板
if (is_file(html("{$webdb['SideSortStyle']}"))) {
$sortnameTPL = html("{$webdb['SideSortStyle']}");
} else {
$sortnameTPL = html("side_sort/0");
}
/**
*模板选择
**/
//类似大旗那样,框架网页模板
if ($rsdb[iframeurl]) {
$head_tpl = "template/default/none.htm";
$main_tpl = "template/default/none.htm";
} else {
showerr("还没通过审核");
}
}
/**
*内容页的风格优先于栏目的风格,栏目的风格优先于系统的风格
**/
if ($rsdb[style]) {
$STYLE = $rsdb[style];
} elseif ($fidDB[style]) {
$STYLE = $fidDB[style];
}
//SEO
$titleDB[title] = filtrate(strip_tags("{$rsdb['title']} - {$city_DB[name][$city_id]}{$fidDB['name']} - {$webdb['Info_webname']}"));
$titleDB[keywords] = filtrate(strip_tags($rsdb[keywords]));
$titleDB[description] = filtrate(get_word(strip_tags($rsdb[content]), 200)) . filtrate(strip_tags("{$fidDB['metadescription']} {$webdb['Info_metadescription']}"));
/**
*栏目指定了哪些用户组才能看信息内容
**/
if ($fidDB[allowviewcontent]) {
if (!$web_admin && !in_array($groupdb[gid], explode(",", $fidDB[allowviewcontent]))) {
if (!$lfjid || !in_array($lfjid, explode(",", $fidDB[admin]))) {
showerr("你所在用户组,无权浏览");
}
}
}
/**
*对信息内容字段的处理
**/
$Module_db->hidefield = true;
$Module_db->classidShowAll = true;
showerr('栏目不存在!');
}
//SEO
$titleDB[title] = "{$fidDB['name']} - {$webdb['Info_webname']}";
/**
*模型参数配置文件
**/
$field_db = $module_DB[$fidDB[mid]][field];
if (!$lfjuid) {
showerr('你还没有登录!');
} elseif ($fidDB[type]) {
showerr("大分类,不允许发表内容");
}
if ($action == "postnew" || $action == "edit") {
$postdb['title'] = filtrate($postdb['title']);
$postdb['keywords'] = filtrate($postdb['keywords']);
}
/**处理提交的新发表内容**/
if ($action == "postnew") {
/*验证码处理*/
if (!$web_admin) {
if (!check_imgnum($yzimg)) {
showerr("验证码不符合,发布失败");
}
}
if (!$postdb[title]) {
showerr("标题不能为空");
} elseif (strlen($postdb[title]) > 80) {
showerr("标题不能大于40个汉字.");
}
if (eregi("[a-z0-9]{15,}", $postdb[title])) {
function checkpost($field_db, &$postdb, $rsdb = '')
{
foreach ($field_db as $key => $rs) {
//检查必填项目
if ($rs[mustfill] == 1) {
if (is_array($postdb[$rs[field_name]])) {
if (implode('', $postdb[$rs[field_name]]) === '') {
showerr("{$rs['title']},你必须选择一项");
}
} elseif ($postdb[$rs[field_name]] === '' || !isset($postdb[$rs[field_name]])) {
showerr("{$rs['title']},不能为空");
}
}
//检查是否是整数
if ($rs[field_type] == 'int' && $postdb[$rs[field_name]] && !ereg("^[-0-9]+\$", $postdb[$rs[field_name]])) {
showerr("{$rs['title']} 必须为整数");
}
//检查是否超出字数
if ($rs[field_type] == 'varchar') {
$rs[field_leng] = $rs[field_leng] ? $rs[field_leng] : 255;
if (strlen($postdb[$rs[field_name]]) > $rs[field_leng]) {
showerr("{$rs['title']} 不能超过 {$rs[field_leng]} 个字");
}
}
if ($rs[field_type] == 'int') {
$rs[field_leng] = $rs[field_leng] ? $rs[field_leng] : 10;
if (strlen($postdb[$rs[field_name]]) > $rs[field_leng]) {
showerr("{$rs['title']} 不能超过 {$rs[field_leng]} 个字");
}
}
if ($rs[form_type] == 'upmorefile' || $rs[form_type] == 'upmorepic') {
//修改的时候
$array = array();
if ($rsdb[$rs[field_name]]) {
$detail = explode("\n", $rsdb[$rs[field_name]]);
foreach ($detail as $value) {
$d = explode("@@@", $value);
$array[] = $d[0];
}
}
foreach ($postdb[$rs[field_name]][url] as $key => $value) {
if (!$value) {
continue;
}
//修改的时候.就不需要
if (!@in_array($value, $array)) {
//$this->cut_img($value,$postdb); //裁个小图出来
//$this->img_water($value); //加水印
}
//标题介绍图
if (!$postdb[picurl]) {
$postdb[picurl] = $value;
$postdb[ispic] = 1;
}
$_array[] = "{$value}@@@{$postdb[$rs[field_name]][name][$key]}@@@{$postdb[$rs[field_name]][fen][$key]}";
}
$postdb[$rs[field_name]] = implode("\n", $_array);
}
if ($rs[form_type] == 'ieedit' || $rs[form_type] == 'ieeditsimp') {
global $lfjdb, $_pre;
$postdb[$key] = str_replace("<img ", "<img onload=\\'if(this.width>600)makesmallpic(this,600,800);\\' ", $postdb[$key]);
$postdb[$key] = move_attachment($lfjdb[uid], $postdb[$key], "{$_pre}/" . date("W"));
$postdb[$key] = En_TruePath($postdb[$key]);
//过滤js代码
$postdb[$key] = preg_replace('/javascript/i', 'java script', $postdb[$key]);
//过滤框架代码
$postdb[$key] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $postdb[$key]);
} elseif ($rs[form_type] == 'classdb') {
$postdb[$key] = filtrate(implode("/#/", $postdb[$key]));
} else {
if (is_array($postdb[$key])) {
$postdb[$key] = implode("/", $postdb[$key]);
}
//过滤不安全的字符
$postdb[$key] = filtrate($postdb[$key]);
}
if (strlen($postdb[$key]) > 30000) {
showerr("内容不能大于1.5万个汉字");
}
}
}
@(include_once ROOT_PATH . 'inc/biz/function.php');
if (!$webdb['debug']) {
error_reporting(0);
}
@(include_once ROOT_PATH . "data/module.php");
@(include_once ROOT_PATH . "data/htmltype.php");
@(include_once ROOT_PATH . "data/showhtmltype.php");
require_once ROOT_PATH . "data/mysql_config.php";
require_once ROOT_PATH . 'inc/mysql_class.php';
require_once ROOT_PATH . 'inc/class.user.php';
require_once ROOT_PATH . 'data/level.php';
$timestamp = time() + $webdb['time'] * 60;
$_POST[loginname] && ($_POST[loginname] = filtrate($_POST[loginname]));
$_POST[loginpwd] && ($_POST[loginpwd] = filtrate($_POST[loginpwd]));
$FROMURL = filtrate($FROMURL);
$WEBURL = filtrate($WEBURL);
/**
*封IP
**/
$IS_BIZ && Limt_IP('ForbidIp');
list($usr_sid, $usr_oltime, $usr_lastvist, $usr_lasturl) = explode("\t", get_cookie('USR'));
if (!$usr_sid) {
$usr_sid = rands(8);
}
unset($_ENV, $HTTP_COOKIE, $HTTP_ENV_VARS, $_REQUEST, $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_POST_FILES, $HTTP_COOKIE_VARS);
$db = new MYSQL_DB();
unset($web_admin, $sort_admin, $lfjid, $lfjuid, $lfjpwd, $lfjdb, $groupdb);
$usr_oltime = intval($usr_oltime);
/*用户登录模块*/
if ($webdb[passport_type] && is_file(ROOT_PATH . "inc/passport/{$webdb[passport_type]}.php")) {
require_once ROOT_PATH . "inc/passport/{$webdb[passport_type]}.php";
function register_user($array)
{
global $webdb;
if ($this->get_passport($array[username], 'name')) {
return '当前用户已经存在了';
}
if (!$array[username]) {
return '用户名不能为空';
} elseif (!$array[email]) {
return '邮箱不能为空';
} elseif (!$array[password]) {
return '密码不能为空';
} elseif (strlen($array[username]) > 15 || strlen($array[username]) < 3) {
return '用户名不能小于3个字节或大于15个字节';
} elseif (strlen($array[password]) > 30 || strlen($array[password]) < 5) {
return '密码不能小于5个字符或大于30个字符';
} elseif (!ereg("^[-a-zA-Z0-9_\\.]+\\@([0-9A-Za-z][0-9A-Za-z-]+\\.)+[A-Za-z]{2,5}\$", $array[email])) {
return '邮箱不符合规则';
} elseif ($webdb[emailOnly] && $this->check_emailexists($array[email])) {
return '当前邮箱已被注册了,请更换一个邮箱!';
}
$S_key = array('|', ' ', '', "'", '"', '/', '*', ',', '~', ';', '<', '>', '$', "\\", "\r", "\t", "\n", "`", "!", "?", "%", "^");
foreach ($S_key as $value) {
if (strpos($array[username], $value) !== false) {
return '用户名中包含有禁止的符号“{$value}”';
}
if (strpos($password, $value) !== false) {
return '密码中包含有禁止的符号“{$value}”';
}
}
foreach ($array as $key => $value) {
$array[$key] = filtrate($value);
}
$array[uid] = $this->register_passport($array);
$this->register_data($array);
return $array[uid];
}
<?php
require dirname(__FILE__) . "/" . "global.php";
require_once ROOT_PATH . "inc/class.inc.php";
$Guidedb = new Guide_DB();
$Guidedb->mid = $mid;
$keyword = str_replace("%", "\\%", $keyword);
$keyword = trim($keyword);
$rows = 20;
if (($_GET[type] || $_POST[type]) && !$keyword) {
showerr("关键字不能为空");
}
if ($_GET[keyword] || $_POST[keyword]) {
$type = filtrate($type);
$search_module = 0;
if (!$type) {
$type = 'title';
}
if (!$web_admin) {
if (!$groupdb[SearchArticleType]) {
showerr("你所在用户组,无权使用搜索!");
} elseif ($type == 'content' && $groupdb[SearchArticleType] != 2) {
showerr("你所在用户组,无权搜索文章内容!");
}
}
if ($_POST[keyword] && $timestamp - $_COOKIE[searchTime] < 3) {
showerr("3秒钟内,请不要重复提交查询");
}
setcookie("searchTime", $timestamp, $timestamp + 3);
$SQL = " A.yz=1 ";
if ($mid == -1) {
$postdb[ispic] = 0;
}
//图片目录转移
$postdb[content] = move_attachment($lfjdb[uid], $postdb[content], "{$_pre}/{$fid}");
//获取远程图片
$postdb[content] = get_outpic($postdb[content], $fid, $GetOutPic);
$postdb[content] = En_TruePath($postdb[content]);
$postdb[content] = preg_replace('/javascript/i', 'java script', $postdb[content]);
//过滤js代码
$postdb[content] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $postdb[content]);
//过滤框架代码
foreach ($postdb as $key => $value) {
if ($key == 'content') {
continue;
}
$postdb[$key] = filtrate($value);
}
$db->query("UPDATE `{$_pre}content` SET title='{$postdb['title']}',keywords='{$postdb['keywords']}',picurl='{$postdb['picurl']}',ispic='{$postdb['ispic']}',city_id='{$city_id}',iframeurl='{$postdb['iframeurl']}',jumpurl='{$postdb['jumpurl']}',author='{$postdb['author']}',copyfrom='{$postdb['copyfrom']}',copyfromurl='{$postdb['copyfromurl']}' WHERE id='{$id}'");
$db->query("UPDATE `{$_pre}content_1` SET content='{$postdb['content']}' WHERE id='{$id}'");
refreshto("list.php?job=list", "<a href='{$Mdomain}/bencandy.php?fid={$fid}&id={$id}&rid={$rid}' target='_blank'>查看效果</a> <a href='list.php?job=list'>返回列表</a> <a href='{$FROMURL}'>继续修改</a>", 600);
} else {
$atc = "postnew";
$isiframe[0] = " checked ";
require ROOT_PATH . "member/head.php";
require dirname(__FILE__) . "/template/post.htm";
require ROOT_PATH . "member/foot.php";
}
//采集外部图片
function get_outpic($str, $fid = 0, $getpic = 1)
{
global $webdb, $_pre;
/*缩略图处理*/
if ($postdb[picurl] && !strstr($postdb[picurl], "http://")) {
//图片目录转移
move_attachment($lfjdb[uid], tempdir($postdb[picurl]), "special/{$postdb['fid']}");
if (file_exists(ROOT_PATH . "{$webdb['updir']}/special/{$postdb['fid']}/" . basename($postdb[picurl]))) {
$postdb[picurl] = "special/{$postdb['fid']}/" . basename($postdb[picurl]);
}
$water_info = getimagesize(ROOT_PATH . "{$webdb['updir']}/{$postdb['picurl']}");
if ($webdb[if_gdimg] && $water_info[0] > 150) {
gdpic(ROOT_PATH . "{$webdb['updir']}/{$postdb['picurl']}", ROOT_PATH . "{$webdb['updir']}/{$postdb['picurl']}", 200, 150);
}
}
$postdb[title] = filtrate($postdb[title]);
$postdb[content] = filtrate($postdb[content]);
$postdb[picurl] = filtrate($postdb[picurl]);
$postdb[banner] = filtrate($postdb[banner]);
$postdb[allowpost] = @implode(",", $postdb[allowpost]);
}
}
if ($job == 'listsp') {
$rows = 10;
if ($page < 1) {
$page = 1;
}
$min = ($page - 1) * $rows;
$showpage = getpage("{$pre}special", "WHERE uid='{$lfjuid}'", "?job=listsp", $rows);
$query = $db->query("SELECT S.*,F.name AS fname FROM {$pre}special S LEFT JOIN {$pre}spsort F ON S.fid=F.fid WHERE S.uid='{$lfjuid}' ORDER BY id DESC LIMIT {$min},{$rows}");
while ($rs = $db->fetch_array($query)) {
$detail = explode(",", $rs[aids]);
$rs[NUM] = count($detail);
$rs[picurl] = tempdir($rs[picurl]);
function label_set_rs($format, $rs)
{
global $db, $pre, $timestamp, $webdb, $TB_url;
//分类的话,对于分表的情况,要特别处理,不支持其它频道调用,会出错
if ($format[SYS] == 'fenlei' && !$rs[posttime]) {
global $Fid_db;
$_erp = $Fid_db[tableid][$rs[fid]];
$rs = $db->get_one("SELECT * FROM {$pre}{$format[wninfo]}content{$_erp} WHERE id='{$rs['id']}' ");
}
//读取自定义字段的表,方便调用,如果声明了noReadMid就不要读了
if ($format[wninfo] && $rs[mid] && !$format[noReadMid]) {
$_rss = $db->get_one("SELECT * FROM {$pre}{$format[wninfo]}content_{$rs[mid]} WHERE id='{$rs['id']}' ");
$_rss && ($rs = $rs + $_rss);
//文章要读取自定义字段的表,方便调用
} elseif ($format[SYS] == 'artcile' && $rs[mid]) {
$_rss = $db->get_one("SELECT * FROM {$pre}article_content_{$rs[mid]} WHERE aid='{$rs['aid']}' ");
$_rss && ($rs = $rs + $_rss);
}
//扩展接口,少用
if ($format[eval_code]) {
eval($format[eval_code]);
}
//附件处理
if ($format[SYS] == 'pwbbs') {
//隐藏或出售贴
if ($ifhide || strstr($rs[content], '[sell=')) {
$rs[content] = '******';
}
$rs[content] = preg_replace("/\\[([^\\]]+)\\]/is", "", $rs[content]);
global $db_attachname;
$rs[picurl] = '';
if ($rs[attachurl]) {
//兼容旧版与非主题有图片的.
if (is_file(ROOT_PATH . "{$webdb['passport_path']}/{$db_attachname}/thumb/{$rs['attachurl']}")) {
$rs[picurl] = "{$webdb['passport_url']}/{$db_attachname}/thumb/{$rs['attachurl']}";
} else {
$rs[picurl] = "{$webdb['passport_url']}/{$db_attachname}/{$rs['attachurl']}";
}
}
$dfont = explode("~", $rs[titlefont]);
$rs[titlecolor] = $dfont[0];
} elseif ($format[SYS] == 'dzbbs') {
$rs[content] = preg_replace("/\\[([^\\]]+)\\]/is", "", $rs[content]);
global $_DCACHE;
$rs[picurl] = '';
$rs[attachment] && ($rs[picurl] = "{$webdb['passport_url']}/{$_DCACHE[settings][attachurl]}/{$rs['attachment']}");
}
$rs[full_time] = $rs[posttime];
$rs[full_title] = $rs[title];
//内容
$rs[description] && ($rs[content] = $rs[description]);
$rs[content] = preg_replace('/<([^<]*)>/is', "", $rs[content]);
//把HTML代码过滤掉
$rs[content] = preg_replace('/ | | /is', "", $rs[content]);
//把多余的空格去除掉
$rs[full_content] = $rs[content];
$rs[content] = get_word($rs[content], $format[content_num]);
//标题样式
$rs[fontweight] = $rs[fontcolor] = '';
$rs[fonttype] == 1 && ($rs[fontweight] = 'font-weight:bold;');
$rs[titlecolor] && ($rs[fontcolor] = "color:{$rs['titlecolor']};");
//标题
$rs[smalltitle] && ($rs[title] = $rs[smalltitle]);
//如果有简短标题的话,就使用简短标题
$rs[title] = preg_replace('/<([^<]*)>/is', "", $rs[title]);
$rs[title] = get_word($rs[title], $format[titlenum], $format[titleflood]);
if (!$format[timeformat]) {
$format[timeformat] = "Y/m/d";
}
$rs[posttime] = date($format[timeformat], $rs[posttime]);
if ($rs[picurl]) {
$rs[picurl] = filtrate($rs[picurl]);
$rs[picurl] = tempdir($rs[picurl]);
//4:3的图
$rs[picurl2] = "{$rs['picurl']}.jpg";
//3:4的图
$rs[picurl3] = "{$rs['picurl']}.jpg.jpg";
//1:1的图
} else {
$rs[picurl2] = $rs[picurl3] = "";
}
//最新文章
if ($timestamp - $rs[full_time] < $format[newhour] * 3600) {
$rs['new'] = "<img src='{$webdb['www_url']}/images/default/new.gif' border=0>";
} else {
$rs['new'] = "";
}
//热门文章
if ($format[hothits] && $rs[hits] > $format[hothits]) {
$rs[hot] = "<img src='{$webdb['www_url']}/images/default/hot.gif' border=0>";
} else {
$rs[hot] = "";
}
//V6以前的版本需要用到
if ($format[SYS] == 'artcile') {
$rs[id] = $rs[aid];
}
//主要是针对$url,$listurl这两个地址得到其真实网址
$detail = make_ture_path($format, $rs);
$rs[tpl_1code] = $detail[tpl_1code];
$rs[showurl] = $detail[showurl];
//主要针对幻灯片
$detail[urlDB] && ($rs[urlDB] = $detail[urlDB]);
//针对标签里的PHP逻辑,对自定义URL要做处理
$rs[tpl_2code] = $detail[tpl_2code];
//不一定都存在的
$rs[dirid] = floor($rs[id] / 1000);
$rs[time_Y] = date("Y", $rs[full_time]);
$rs[time_W] = date("W", $rs[full_time]);
$rs[time_y] = date("y", $rs[full_time]);
$rs[time_m] = date("m", $rs[full_time]);
$rs[time_d] = date("d", $rs[full_time]);
$rs[time_H] = date("H", $rs[full_time]);
$rs[time_i] = date("i", $rs[full_time]);
$rs[time_s] = date("s", $rs[full_time]);
return $rs;
}
function member_field($array)
{
$post_tpl = "<!--\r\n<?php\r\nprint <<<EOT\r\n--> \r\n<table width=\"100%\" border=\"0\" cellspacing=\"3\" cellpadding=\"3\"><tr><td width='28%'></td><td width='72%'></td></tr>";
$show_tpl = "<!--\r\n<?php\r\nprint <<<EOT\r\n--> \r\n<table width=\"100%\" border=\"0\" cellspacing=\"3\" cellpadding=\"3\">";
foreach ($array as $key => $rs) {
if ($rs[mustfill]) {
$namedb[] = filtrate($rs[title]);
$iddb[] = "atc_{$rs[field_name]}";
}
$post_tpl .= make_post_table($rs);
$show_tpl .= "<tr> <td style='border-bottom:1px dotted #ccc;'>{$rs[title]}:</td> <td style='border-bottom:1px dotted #ccc;'>{\$rsdb[{$rs[field_name]}]} {$rs[form_units]} </td></tr>";
}
if ($namedb) {
$_name = implode(",", $namedb);
$_id = implode(",", $iddb);
$post_tpl = str_replace("<table", "<table onmouseover=\"ckregdata('{$_id}','{$_name}');\"", $post_tpl);
}
$post_tpl .= "</table>\r\n<!--\r\nEOT;\r\n?>-->";
$show_tpl .= "</table>\r\n<!--\r\nEOT;\r\n?>-->";
write_file(ROOT_PATH . "template/default/regfield_show.htm", $show_tpl);
write_file(ROOT_PATH . "template/default/regfield.htm", $post_tpl);
}
if ($job) {
$query = $db->query(" SELECT * FROM {$_pre}config ");
while ($rs = $db->fetch_array($query)) {
$webdb[$rs[c_key]] = $rs[c_value];
}
}
if ($job == "label") {
echo "<META HTTP-EQUIV=REFRESH CONTENT='0;URL=../{$dirname}/index.php?jobs=show'>";
exit;
} elseif ($job == "config") {
$showNoPassComment[intval($webdb[showNoPassComment])] = ' checked ';
$webdb[Info_webOpen] ? $Info_webOpen1 = 'checked' : ($Info_webOpen0 = 'checked');
$Info_webOpen[intval($webdb[Info_webOpen])] = ' checked ';
$yzImgGuestBook[intval($webdb[yzImgGuestBook])] = ' checked ';
$viewNoPassGuestBook[intval($webdb[viewNoPassGuestBook])] = ' checked ';
$ifOpenGuestBook[intval($webdb[ifOpenGuestBook])] = ' checked ';
$groupPassPassGuestBook = group_box("webdbs[groupPassPassGuestBook]", explode(",", $webdb[groupPassPassGuestBook]));
$module_close[intval($webdb[module_close])] = " checked ";
get_admin_html('config');
} elseif ($action == "config") {
if (isset($webdbs[Info_webadmin])) {
$webdbs[Info_webadmin] = filtrate($webdbs[Info_webadmin]);
$db->query("UPDATE {$pre}module SET adminmember='{$webdbs['Info_webadmin']}' WHERE id='{$webdb['module_id']}'");
}
if (isset($webdbs[Info_weburl])) {
$webdbs[Info_weburl] = filtrate($webdbs[Info_weburl]);
$db->query("UPDATE {$pre}module SET domain='{$webdbs['Info_weburl']}' WHERE id='{$webdb['module_id']}'");
}
module_write_config_cache($webdbs);
refreshto($FROMURL, "修改成功");
}
} elseif ($job == 'send') {
if ($step == 2) {
$rsdb = $userDB->get_passport($touser, 'name');
if (!$rsdb) {
showerr("当前用户不存在");
}
if (!$title) {
showerr("标题不能为空");
}
if (strlen($array[title]) > 100) {
showerr("标题太长了!");
}
$array[touid] = $rsdb[uid];
$array[fromuid] = $lfjuid;
$array[fromer] = $lfjid;
$array[title] = filtrate($title);
//针对火狐浏览器做的处理
$postdb[content] = str_replace("=\\\"../{$webdb['updir']}/", "=\\\"{$webdb['www_url']}/{$webdb['updir']}/", $postdb[content]);
$postdb[content] = preg_replace('/javascript/i', 'java script', $postdb[content]);
$postdb[content] = preg_replace('/<(script)([^<>]*)>/i', '<\\1\\2>', $postdb[content]);
$postdb[content] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $postdb[content]);
$array[content] = stripslashes($postdb[content]);
$array[content] = En_TruePath($array[content], 1);
pm_msgbox($array);
refreshto("?job=list", "发送成功", 1);
}
if ($uid) {
$rsdb = $userDB->get_passport($uid);
$username = $rsdb[username];
}
require dirname(__FILE__) . "/" . "head.php";
<?php
require_once dirname(__FILE__) . "/" . "global.php";
$etype = $etype ? 'simple' : 'full';
$_GET[id] = filtrate($_GET[id]);
print <<<EOT
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=gb2312">
<title>Æ벩Õûվϵͳ</title>
</head>
<body leftmargin="0" topmargin="0">
<SCRIPT LANGUAGE="JavaScript">
<!--
var bokecc_id='{$webdb['bokecc_id']}';
var KE_EDITOR_TYPE = "{$etype}";
//-->
</SCRIPT>
<script type="text/javascript" src="{$webdb['www_url']}/ewebeditor/KindEditor.js"></script>
<input type="hidden" name="content" id="content">
<script type="text/javascript">
var editor = new KindEditor("editor");
editor.hiddenName = "content";
editor.skinPath = "{$webdb['www_url']}/ewebeditor/skins/default/";
editor.iconPath = "{$webdb['www_url']}/images/default/faceicon/";
editor.imageAttachPath = "upload_files";
editor.imageUploadCgi = "upfile_eweb.php";
editor.cssPath = "{$webdb['www_url']}/ewebeditor/common.css";
editor.editorWidth = "100%";
$array[updateTable] = 1;
//统计用户上传的文件占用空间大小
$filename = upfile($postfile, $array);
$postdb[logo] = "friendlink/{$filename}";
}
}
if ($postdb[logo] && !eregi("(gif|jpg|png)\$", $postdb[logo])) {
showerr("LOGO,只能上传GIF,JPG,PNG格式的文件,你不能上传此文件:{$array['name']}");
}
if (!strstr($postdb[url], 'htttp://')) {
$postdb[url] = "htttp://" . $postdb[url];
}
$postdb[name] = filtrate($postdb[name]);
$postdb[url] = filtrate($postdb[url]);
$postdb[descrip] = filtrate($postdb[descrip]);
$postdb[logo] = filtrate($postdb[logo]);
}
if ($action == 'reg') {
if (!$lfjid) {
showerr('请先登录');
}
$db->query("INSERT INTO `{$pre}friendlink` (`name` , `url` ,`fid` , `logo` , `descrip` , `list`,ifhide,yz,iswordlink,uid,username ) VALUES ('{$postdb['name']}','{$postdb['url']}','{$postdb['fid']}','{$postdb['logo']}','{$postdb['descrip']}','0','1','0','0','{$lfjuid}','{$lfjid}')");
refreshto("?", "你的申请资料已经提交成功,请等待管理员审核后,才可以显示出来", '10');
} else {
$select_fid = select_fsort("postdb[fid]", "");
require ROOT_PATH . "inc/head.php";
require html("friendlink");
require ROOT_PATH . "inc/foot.php";
}
function select_fsort($name, $ckfid)
{
$erp = $Fid_db[iftable][$fid];
if ($job == 'postnew' && $webdb[ForbidRepeatTitle] && $db->get_one("SELECT * FROM {$pre}article{$erp} WHERE title='{$postdb['title']}' AND fid='{$fid}'")) {
showerr("系统不允许本栏目有重复的标题,请更换标题!");
}
//一些权限功能的设置
article_more_set_ckecked($job);
//过滤一些用害的代码
$postdb[title] = filtrate($postdb[title]);
$postdb[subhead] = filtrate($postdb[subhead]);
$postdb[keywords] = filtrate($postdb[keywords]);
$postdb[smalltitle] = filtrate($postdb[smalltitle]);
$postdb[picurl] = filtrate($postdb[picurl]);
//$postdb[description]= filtrate($postdb[description]);
$postdb[author] = filtrate($postdb[author]);
$postdb[copyfrom] = filtrate($postdb[copyfrom]);
$postdb[copyfromurl] = filtrate($postdb[copyfromurl]);
$postdb[description] = preg_replace('/javascript/i', 'java script', $postdb[description]);
$postdb[description] = preg_replace('/<(script)([^<>]*)>/i', '<\\1\\2>', $postdb[description]);
$postdb[description] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $postdb[description]);
//针对火狐浏览器做的处理
$postdb[content] = str_replace("=\\\"../{$webdb['updir']}/", "=\\\"{$webdb['www_url']}/{$webdb['updir']}/", $postdb[content]);
if (!$groupdb[PostNoDelCode]) {
$postdb[content] = preg_replace('/javascript/i', 'java script', $postdb[content]);
$postdb[content] = preg_replace('/<(script)([^<>]*)>/i', '<\\1\\2>', $postdb[content]);
$postdb[content] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $postdb[content]);
}
//对自定义模块表单数据进行判断
if ($mid) {
query_article_module($mid, '', $post_db, '');
}
//采集外部图片
if ($mobphone && !ereg("^1([0-9]{10})\$", $mobphone)) {
showerr('手机号码有误!');
}
if ($password != $password2) {
showerr("两次输入密码不一样");
} elseif ($msn && !ereg("^[-a-zA-Z0-9_\\.]+\\@([0-9A-Za-z][0-9A-Za-z-]+\\.)+[A-Za-z]{2,5}\$", $msn)) {
showerr("MSN不符合规则");
}
if ($webdb[forbidRegName]) {
$detail = explode("\r\n", $webdb[forbidRegName]);
if (in_array($username, $detail)) {
showerr("受保护的帐号,不允许使用,请更换一个吧");
}
}
$msn = filtrate($msn);
$homepage = filtrate($homepage);
$gtype = 0;
//需要用户填写资料后,才能成为企业用户.如不填写资料也能成为企业用户的话,请把下面的//线取消即可
//$gtype=$grouptype==1?1:0;
if ($groupid == 3 || $groupid == 4 || $memberlevel[$groupid] || !in_array($groupid, explode(",", $webdb[reg_group]))) {
$groupid = 8;
}
$groupid || ($groupid = 8);
$array = array('username' => $username, 'password' => $password, 'groupid' => intval($groupid), 'grouptype' => $gtype, 'yz' => $webdb[RegYz], 'lastvist' => $timestamp, 'lastip' => $onlineip, 'regdate' => $timestamp, 'regip' => $onlineip, 'sex' => $sex, 'bday' => "{$bday_y}-{$bday_m}-{$bday_d}", 'oicq' => $oicq, 'msn' => $msn, 'homepage' => $homepage, 'email' => $email, 'mobphone' => $mobphone);
//用户注册
$uid = $userDB->register_user($array);
if (!is_numeric($uid)) {
showerr($uid);
}
if ($webdb[RegCompany] && $gtype == 1) {
//注册企业用户
$gudie = getGuide($fid, "{$admin_path}&job=listsort&fid=");
$query = $db->query("SELECT * FROM {$_pre}class WHERE fup='{$fid}' ORDER BY list DESC");
while ($rs = $db->fetch_array($query)) {
extract($db->get_one("SELECT COUNT(*) AS NUM FROM {$_pre}class WHERE fup='{$rs['fid']}'"));
$rs[NUM] = intval($NUM);
$listdb[] = $rs;
}
get_admin_html('sort');
} elseif ($action == "addsort") {
if (!$name) {
showerr('名称不能为空!');
}
$detail = explode("\r\n", $name);
foreach ($detail as $key => $value) {
if ($value) {
$value = filtrate($value);
$db->query("INSERT INTO {$_pre}class (name,fup) VALUES ('{$value}','{$fup}')");
}
}
refreshto("{$FROMURL}", "创建成功");
} elseif ($job == "editsort") {
$rsdb = $db->get_one("SELECT * FROM {$_pre}class WHERE fid='{$fid}'");
$gudie = getGuide($rsdb[fup], "{$admin_path}&job=listsort&fid=");
get_admin_html('editsort');
} elseif ($action == "editsort") {
$db->query("UPDATE {$_pre}class SET name='{$postdb['name']}' WHERE fid='{$postdb['fid']}' ");
refreshto("{$FROMURL}", "修改成功");
} elseif ($action == "delete") {
if (!$fid_db && $fid) {
$fid_db[] = $fid;
}
function edit_vote($aid)
{
global $db, $pre, $timestamp, $votesdb, $vote_db, $ModuleDB;
//没安装投票模块
if (!$ModuleDB['vote_']) {
return;
}
$vote_path = $ModuleDB['vote_']['dirname'] ? $ModuleDB['vote_']['dirname'] : 'vote';
$vote_db[begintime] && ($vote_db[begintime] = preg_replace("/([\\d]+)-([\\d]+)-([\\d]+) ([\\d]+):([\\d]+):([\\d]+)/eis", "mk_time('\\4','\\5', '\\6', '\\2', '\\3', '\\1')", $vote_db[begintime]));
$vote_db[endtime] && ($vote_db[endtime] = preg_replace("/([\\d]+)-([\\d]+)-([\\d]+) ([\\d]+):([\\d]+):([\\d]+)/eis", "mk_time('\\4','\\5', '\\6', '\\2', '\\3', '\\1')", $vote_db[endtime]));
$vote_db[votetype] = intval($vote_db[votetype]);
$tplcode = addslashes(read_file(ROOT_PATH . "{$vote_path}/template/default/vote_js/{$vote_db['votetype']}.htm"));
$vote_db[name] = filtrate($vote_db[name]);
$vote_db[about] = filtrate($vote_db[about]);
$db->query("UPDATE `{$pre}vote_topic` SET name='{$vote_db['name']}',about='{$vote_db['about']}',type='{$vote_db['type']}',limittime='{$vote_db['limittime']}',limitip='{$vote_db['limitip']}',begintime='{$vote_db['begintime']}',endtime='{$vote_db['endtime']}',forbidguestvote='{$vote_db['forbidguestvote']}',votetype='{$vote_db['votetype']}',tplcode='{$tplcode}' WHERE aid='{$aid}'");
@extract($db->get_one("SELECT cid FROM `{$pre}vote_topic` WHERE aid='{$aid}'"));
foreach ($votesdb as $key => $v) {
$v[title] = filtrate($v[title]);
$v[img] = filtrate($v[img]);
$v[describes] = filtrate($v[describes]);
$v[url] = filtrate($v[url]);
if ($v[id]) {
$db->query("UPDATE `{$pre}vote_element` SET title='{$v['title']}',list='{$v['list']}',img='{$v['img']}',describes='{$v['describes']}',url='{$v['url']}' WHERE id='{$v['id']}' AND cid='{$cid}'");
} else {
$v[title] && $db->query("INSERT INTO `{$pre}vote_element` (`cid` , `title` , `img`, `describes`, `url` ) VALUES ('{$cid}', '{$v['title']}', '{$v['img']}', '{$v['describes']}', '{$v['url']}')");
}
}
}
jump("修改成功", $FROMURL);
} elseif ($job == "list" && $Apower[comment_list]) {
!$page && ($page = 1);
$rows = 20;
$min = ($page - 1) * $rows;
$SQL = " WHERE 1 ";
if ($aid) {
$SQL .= " AND aid='{$aid}' ";
}
if ($type == 'noyz') {
$SQL .= " AND yz='0' ";
}
$showpage = getpage("{$pre}comment", "{$SQL}", "index.php?lfj={$lfj}&job={$job}&aid={$aid}", "{$rows}");
$query = $db->query(" SELECT * FROM {$pre}comment {$SQL} ORDER BY cid DESC LIMIT {$min},{$rows} ");
while ($rs = $db->fetch_array($query)) {
$rs[content] = filtrate(get_word($rs[content], 60));
$rs[posttime] = date("Y-m-d", $rs[posttime]);
$rs[username] = $rs[username] ? $rs[username] : $rs[ip];
if ($rs[yz] == 1) {
$rs[yz] = "<A HREF='index.php?lfj=comment&action=list&jobs=unyz&ciddb[{$rs[cid]}]={$rs['cid']}' style='color:blue;' title='已通过审核,点击取消审核'><img src='../member/images/check_yes.gif'></A>";
} elseif ($rs[yz] == 0) {
$rs[yz] = "<A HREF='index.php?lfj=comment&action=list&jobs=yz&ciddb[{$rs[cid]}]={$rs['cid']}' style='color:red;' title='还没通过审核,点击通过审核'><img src='../member/images/check_no.gif'></A>";
}
if ($rs[ifcom] == 1) {
$rs[com] = "<A HREF='index.php?lfj=comment&action=list&jobs=uncom&ciddb[{$rs[cid]}]={$rs['cid']}' style='color:red;' title='已推荐为精华,点击可取消精华'><img src='../images/default/good_ico.gif'></A>";
} elseif ($rs[ifcom] == 0) {
$rs[com] = "<A HREF='index.php?lfj=comment&action=list&jobs=com&ciddb[{$rs[cid]}]={$rs['cid']}' title='非精华,点击可推荐为精华'><img src='../member/images/nogood_ico.gif'></A>";
}
$listdb[] = $rs;
}
require dirname(__FILE__) . "/" . "head.php";
<?php
if (!$FROMURL) {
//die();
}
//$urlstring=mymd5($urlstring,'DE');
$urlstring = filtrate(urldecode($urlstring));
echo "\nvar www_url='{$webdb['www_url']}';\ndocument.write(\"<SCRIPT LANGUAGE='JavaScript' src='{$webdb['www_url']}/images/default/player.js'><\\/SCRIPT>\");\nplayurl='{$urlstring}';\n";
if ($fidDB[fmid] && !$fidDB[config][ListShowType]) {
$listTPL = html("list_tpl/mod_{$fidDB['fmid']}");
}
if (!$listTPL) {
$listTPL = html("list_tpl/0", ROOT_PATH . "template/default/{$fidDB[config][ListShowType]}.htm");
}
$atc_content = '';
//跳转到外部地址
if ($fidDB[jumpurl]) {
$atc_content = "<META HTTP-EQUIV=REFRESH CONTENT='0;URL={$fidDB['jumpurl']}'>";
$atc_content = str_replace("?", "?&", $atc_content);
}
//SEO
$titleDB[title] = filtrate("{$fidDB['name']} - {$webdb['webname']}");
$titleDB[keywords] = filtrate("{$fidDB['metakeywords']} {$webdb['metakeywords']}");
$titleDB[description] = filtrate("{$fidDB['descrip']}");
$fidDB[style] && ($STYLE = $fidDB[style]);
/*模板*/
$FidTpl = unserialize($fidDB[template]);
$head_tpl = $FidTpl['head'];
$foot_tpl = $FidTpl['foot'];
/**
*获取标签参数,其他模块的列表可以是$ch='2';$chtype=2,3,4,5,6,7,8,;
**/
$chdb[main_tpl] = html("list", $FidTpl['list']);
/**
*标签
**/
$ch_fid = intval($fidDB[config][label_list]);
//是否定义了栏目专用标签
$ch_pagetype = 2;
foreach ($detail as $key => $value) {
if (!$value) {
unset($detail[$key]);
} else {
$rs = $db->get_one("SELECT groupid,uid FROM {$pre}memberdata WHERE username='******'");
if (!$rs) {
showmsg("你设置的版主:{$value},帐号不存在,或者还没激活帐号.请检查之");
} elseif ($rs[groupid] != 3 && $rs[groupid] != 5 && $rs[groupid] != 4) {
//$db->query("UPDATE {$pre}memberdata SET groupid='5' WHERE uid='$rs[uid]' ");
}
}
}
$detail && ($postdb[admin] = ',' . implode(',', $detail) . ',');
}
$postdb[descrip] = En_TruePath($postdb[descrip]);
$postdb[name] = filtrate($postdb[name]);
$db->query("UPDATE {$pre}fu_sort SET fup='{$postdb['fup']}',name='{$postdb['name']}',type='{$postdb['type']}',admin='{$postdb['admin']}',passwd='{$postdb['passwd']}',logo='{$postdb['logo']}',descrip='{$postdb['descrip']}',style='{$postdb['style']}',template='{$postdb['template']}',jumpurl='{$postdb['jumpurl']}',listorder='{$postdb['listorder']}',maxperpage='{$postdb['maxperpage']}',allowcomment='{$postdb['allowcomment']}',allowpost='{$postdb['allowpost']}',allowviewtitle='{$postdb['allowviewtitle']}',allowviewcontent='{$postdb['allowviewcontent']}',allowdownload='{$postdb['allowdownload']}',forbidshow='{$postdb['forbidshow']}',config='{$postdb['config']}',list_html='{$postdb['list_html']}',bencandy_html='{$postdb['bencandy_html']}',fmid='{$postdb['fmid']}',domain='{$postdb['domain']}',metakeywords='{$postdb['metakeywords']}',domain_dir='{$postdb['domain_dir']}'{$SQL} WHERE fid='{$postdb['fid']}' ");
mod_sort_class("{$pre}fu_sort", 0, 0);
//更新class
mod_sort_sons("{$pre}fu_sort", 0);
//更新sons
/*更新导航缓存*/
cache_guide();
//get_htmltype();
jump("修改成功", "{$FROMURL}");
} elseif ($job == 'batch_edit' && $Apower[fu_sort_power]) {
if (!$fiddb) {
showmsg("请选择一个栏目");
}
$sort_fup = $Guidedb->Select("{$pre}fu_sort", "postdb[fup]", $rsdb[fup]);
$style_select = select_style('postdb[style]', $rsdb[style]);
showerr("联系手机号码不能为空");
}
if (!ereg("^1[0-9]{10}\$", $mobphone)) {
showerr("手机号码有误");
}
$buyer = filtrate($buyer);
$sex = filtrate($sex);
$telphone = filtrate($telphone);
$mobphone = filtrate($mobphone);
$email = filtrate($email);
$oicq = filtrate($oicq);
$postalcode = filtrate($postalcode);
$sendType = filtrate($sendType);
$payType = filtrate($payType);
$address = filtrate($address);
$otherSay = filtrate($otherSay);
$array = explode(",", $buyid);
unset($orderid);
$totalmoney = 0;
$shopmoney = 0;
foreach ($array as $key => $value) {
if (!is_numeric($value)) {
continue;
}
if (!$orderid) {
$db->query("INSERT INTO `{$pre}shoporderuser` (`uid` , `username` , `truename` , `sex` , `telphone` , `mobphone` , `email` , `oicq` , `postalcode` , `sendtype` , `paytype` , `olpaytype` , `address` , `othersay` , `posttime` ) \n\t\t\t\tVALUES \n\t\t\t('{$lfjuid}','{$lfjid}','{$buyer}','{$sex}','{$telphone}','{$mobphone}','{$email}','{$oicq}','{$postalcode}','{$sendType}','{$payType}','{$olpaytype}','{$address}','{$otherSay}','{$timestamp}')");
@extract($db->get_one("SELECT id AS orderid FROM `{$pre}shoporderuser` ORDER BY id DESC LIMIT 1"));
}
$erp = get_id_table($value);
$rs = $db->get_one("SELECT * FROM {$pre}article{$erp} WHERE aid={$value} ");
if ($rs[mid]) {
// showerr("手机号码不符合规则");
// }
if (!$postdb[email]) {
showerr("邮箱不能为空");
}
if ($postdb[email] && !ereg("^[-a-zA-Z0-9_\\.]+\\@([0-9A-Za-z][0-9A-Za-z-]+\\.)+[A-Za-z]{2,5}\$", $postdb[email])) {
showerr("邮箱不符合规则");
}
// if($postdb[weburl]&&!eregi(":\/\/",$postdb[weburl])){
// $postdb[weburl]="http://$postdb[weburl]";
// }
// if($postdb[blogurl]&&!eregi(":\/\/",$postdb[blogurl])){
// $postdb[blogurl]="http://$postdb[blogurl]";
// }
foreach ($postdb as $key => $value) {
$postdb[$key] = filtrate($postdb[$key]);
}
$yz = 0;
if ($web_admin) {
$yz = 1;
} elseif ($webdb[groupPassPassGuestBook]) {
$webdb[groupPassPassGuestBook] = explode(",", $webdb[groupPassPassGuestBook]);
if (in_array($groupdb[gid], $webdb[groupPassPassGuestBook])) {
$yz = 1;
}
}
//过滤不健康的字
// $postdb[content]=replace_bad_word($postdb[content]);
// $postdb[username]=replace_bad_word($postdb[username]);
//处理有人恶意用他人帐号做署名的
// if($postdb[username]){
