//是否允许评论
            $_SGLOBAL['db']->query('UPDATE ' . tname($resultmodels['modelname'] . 'items') . ' SET allowreply=\'' . $_POST['opallowreply'] . '\' WHERE itemid IN (' . $itemidstr . ')');
            break;
        case 'delete':
            //删除操作
            //积分
            $uids = getuids($newidarr, $resultmodels['modelname'] . 'items');
            updatecredit('delinfo', $uids);
            deletemodelitems($resultmodels['modelname'], $itemidstr, $_GET['mid'], $_POST['opdelete']);
            break;
    }
} elseif (submitcheck('valuesubmit')) {
    if (!(checkperm('managemodpost') || checkperm('manageeditpost'))) {
        showmessage('no_authority_management_operation');
    }
    modelpost($cacheinfo);
}
if (!empty($_GET['op']) && ($_GET['op'] == 'add' || $_GET['op'] == 'edit')) {
    if (!(checkperm('managemodpost') || checkperm('manageeditpost'))) {
        showmessage('no_authority_management_operation');
    }
    $resultmodelcolumns = array();
    if ($_GET['mid'] > 0) {
        $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('modelcolumns') . ' WHERE mid = \'' . $_GET['mid'] . '\' ORDER BY displayorder, id');
        while ($result = $_SGLOBAL['db']->fetch_array($query)) {
            $resultmodelcolumns[] = $result;
        }
    }
}
$addclass = $viewclass = '';
$wheresqlarr = $havecheck ? array() : array('uid' => $_SGLOBAL['supe_uid']);
Example #2
0
}
$do = empty($_GET['do']) ? 'me' : trim($_GET['do']);
$itemid = empty($_GET['itemid']) ? 0 : intval($_GET['itemid']);
$catid = empty($_GET['catid']) ? 0 : intval($_GET['catid']);
$page = empty($_GET['page']) && intval($_GET['page']) < 1 ? 1 : intval($_GET['page']);
$perpage = 20;
$start = ($page - 1) * $perpage;
$wheresql = $mpurlstr = '';
if (!empty($catid)) {
    $wheresql .= " AND catid='{$catid}' ";
}
if (submitcheck('postsubmit')) {
    if (!empty($_POST['itemid']) && empty($_SGLOBAL['supe_uid'])) {
        showmessage('no_permission');
    }
    modelpost($cacheinfo, 0);
} elseif (submitcheck('delitemsubmit')) {
    $itemarr = array();
    $tablename = $do == 'pass' ? $nameid . 'items' : 'modelfolders';
    $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($tablename) . ' WHERE itemid IN(' . simplode($_POST['item'], ',') . ') AND uid=\'' . $_SGLOBAL['supe_uid'] . '\'');
    while ($value = $_SGLOBAL['db']->fetch_array($query)) {
        $itemarr[] = $value['itemid'];
    }
    $_SGLOBAL['db']->query('DELETE FROM ' . tname($tablename) . ' WHERE itemid IN(' . simplode($itemarr, ',') . ')');
    $_SGLOBAL['db']->query('DELETE FROM ' . tname($tablename) . ' WHERE itemid IN(' . simplode($itemarr, ',') . ')');
    showmessage('do_success', 'cp.php?ac=models&op=list&do=' . $do . '&nameid=' . $nameid);
}
if ($itemid) {
    if ($do == 'pass') {
        $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($cacheinfo['models']['modelname'] . 'items') . ' LEFT JOIN ' . tname($cacheinfo['models']['modelname'] . 'message') . " USING (itemid) WHERE itemid='{$itemid}'");
        if (!($item = $_SGLOBAL['db']->fetch_array($query))) {
Example #3
0
    //echo '<PRE>';
    //print_r($cacheinfo2);
    if (empty($cacheinfo2['models'])) {
        showmessage('exists_module_error');
    }
    $itemid = intval($_POST['itemid']);
    $query = $_SGLOBAL['db']->query('SELECT * FROM ' . $tablename . ' WHERE itemid=\'' . $itemid . '\'');
    $thevalue = $_SGLOBAL['db']->fetch_array($query);
    if (intval($thevalue['grade']) > 0 && $_SGLOBAL['member']['groupname']['rdm'] < 1) {
        showmessage('no_modify_checked_item');
    }
    if (!(check_cate_perm($catid) || check_cate_director($catid) || $_SGLOBAL['supe_uid'] == $thevalue['uid'])) {
        showmessage('no_permission');
    }
    $theurl = "?action-model-name-" . $modelsinfoarr['modelname'] . "-mid-" . $modelsinfoarr['mid'] . "-catid-" . $catid . "-itemid-" . $itemid;
    modelpost($cacheinfo2);
} else {
    if (submitcheck('shenhesubmit')) {
        $itemid = intval($_POST['itemid']);
        $query = $_SGLOBAL['db']->query('SELECT * FROM ' . $tablename . ' WHERE itemid=\'' . $itemid . '\'');
        $thevalue = $_SGLOBAL['db']->fetch_array($query);
        if (intval($thevalue['grade']) > 0 && $_SGLOBAL['member']['groupname']['rdm'] < 1) {
            showmessage('no_modify_checked_item');
        }
        if (!(check_cate_perm($catid) || check_cate_director($catid) || $_SGLOBAL['supe_uid'] == $thevalue['uid'])) {
            showmessage('no_permission');
        }
        $theurl = "?action-model-name-" . $modelsinfoarr['modelname'] . "-mid-" . $modelsinfoarr['mid'] . "-catid-" . $catid . "-itemid-" . $itemid;
        if ($modelsinfoarr['modelname'] == 'defect') {
            $sqlstr = "UPDATE " . tname($modelsinfoarr['modelname'] . 'message') . " SET checkmessage='" . $_POST['checkmessage'] . "' WHERE itemid='" . $itemid . "'";
        } else {