_e('Allow Comment'); ?> </label></li> </ul> </li> <li> <label class="add-post-label"><?php _e('Attachment'); ?> </label> <a href="#" onclick="uploadPanel(); return false;" style="font-size:12px;"><?php _e('Upload'); ?> </a> <ul class="clearfix" id="fsUpload"> <?php $meta = new MetaLibrary(); $meta->setType(3); $meta->setPID(1000000000); $attachments = $meta->getMeta(); foreach ($attachments as $c) { ?> <li class="multiline"><label for="attach-<?php echo $c['mid']; ?> "><?php echo $c['name']; ?> </label><a href="#" onclick="insertToEditor('<?php path(array('mid' => $c['mid']), 'Attachment'); ?> ','<?php
_e('Description'); ?> </th> <th><?php _e('Alias'); ?> </th> <th class="radius-topright"><?php _e('Reply'); ?> </th> </tr> </thead> <tbody> <?php $meta = new MetaLibrary(); $meta->setType(2); $categories = $meta->getMeta(); $i = 0; foreach ($categories as $c) { ?> <tr<?php if ($i % 2 == 0) { ?> class="even"<?php } ?> id="tag-<?php echo $c['mid']; ?> ">
/** * @brief delMeta 删除 Meta * * @return void */ public function delMeta() { $mid = Request::P('mid'); $meta = new MetaLibrary(); if ($meta->delMeta($mid)) { $r = array('success' => TRUE, 'message' => _t('Delete Meta complete.')); } else { $r = array('success' => FALSE, 'message' => _t('Delete Meta failed.')); } Response::ajaxReturn($r); }
/** * @brief deletePost 删除一篇文章 * * @return void */ public function deletePost() { $pid = Request::P('pid'); // 删除文章 $post = new PostLibrary(); $post->deletePost($pid); // 删除 Meta 关系 $meta = new MetaLibrary(); $meta->setPID($pid); $metas = $meta->getMeta(); foreach ($metas as $m) { if ($m['type'] == 1 || $m['type'] == 2) { $meta->delRelation($m['mid'], $pid); } elseif ($m['type'] == 3) { $meta->movRelation($m['mid'], $pid, 1000000000); } } // 删除评论 $comment = new CommentLibrary(); $comment->deleteComments($pid); $r = array('success' => TRUE); Response::ajaxReturn($r); }
/** * @brief editPostDo 编辑文章 * * @return void */ private function editPostDo() { // 验证用户权限 // 非管理员只能编辑自己的文章 // 如果原文章属于多个分类,那么编辑者必须拥有所有从属分类的权限 // 如果原文章不属于任何一个分类(正常情况下不会出现),那么任何人均可以编辑该文章 if (!Widget::getWidget('User')->isAdmin()) { $pid = Request::P('pid'); $meta = new MetaLibrary(); $meta->setPID($pid); $meta->setType(1); $metas = $meta->getMeta(FALSE); foreach ($metas as $m) { if (!Widget::getWidget('User')->checkPrivilege('POST', $m['mid'])) { Response::ajaxReturn(array('success' => FALSE, 'message' => _t('Permission denied.'))); return; } } } Widget::initWidget('Post'); Widget::getWidget('Post')->editPost(); }
public function execute() { // 返回的文件信息 $files = array('ogname' => '', 'name' => '', 'path' => '', 'size' => '', 'type' => '', 'status' => 1); if (!count($_FILES)) { return false; } $field = $this->field; if ($_FILES[$field]['error'] != 0) { switch ($_FILES[$field]['error']) { case 1: $files['status'] = -3; break; case 2: case 3: case 4: $files['status'] = -4; break; } return $files; } // 获取文件扩展名 $fileext = $this->fileext($_FILES[$field]['name']); // 生成文件名 $filename = gmdate('YmdHis', $this->time) . mt_rand(1000000, 9999999); // 文件大小 $filesize = $_FILES[$field]['size']; // 限制上传格式 $disarr = array('asa', 'asax', 'ascx', 'asxh', 'asmx', 'asp', 'aspx', 'axd', 'cer', 'cs', 'java', 'php', 'php3', 'php4', 'shtm', 'shtml'); if (in_array($fileext, $disarr) || !in_array($fileext, $this->allow_types)) { $files['status'] = -1; return $files; } //文件大小超出 if ($filesize > $this->maxsize) { $files['status'] = -2; return $files; } $files['ogname'] = trim(htmlspecialchars($_FILES[$field]['name'])); $files['name'] = $filename; $files['path'] = $this->path; $files['size'] = $filesize; $files['ext'] = $fileext; //修正addslashes后win下路径多出转义导致文件无法上传的问题 $_FILES[$field]['tmp_name'] = str_replace('\\\\', '\\', $_FILES[$field]['tmp_name']); //保存上传文件并删除临时文件 if (is_uploaded_file($_FILES[$field]['tmp_name'])) { move_uploaded_file($_FILES[$field]['tmp_name'], $this->dir . $filename . '.' . $fileext); //@unlink( $_FILES[$field]['tmp_name'] ); if (function_exists("mime_content_type")) { $files['type'] = mime_content_type($this->dir . $filename . '.' . $fileext); } elseif (isset($this->filetype[$fileext])) { $files['type'] = $this->filetype[$fileext]; } else { $files['type'] = "application/octet-stream"; } //对图片进行加水印和生成缩略图 if (in_array($fileext, array('jpg', 'png', 'jpeg'))) { if ($this->max_width || $this->max_height) { $this->resize($this->dir . $filename . '.' . $fileext); $files['size'] = filesize($this->dir . $filename . '.' . $fileext); } if ($this->thumb_width || $this->thumb_height) { $this->create_thumb($this->dir . $filename . '.' . $fileext, $this->dir . 'thumb_' . $filename . '.' . $fileext); } if ($this->watermark_file) { $this->create_watermark($this->dir . $filename . '.' . $fileext, $this->dir . 'watermark_' . $filename . '.' . $fileext); } } } // 将附件信息写入数据库 $meta = new MetaLibrary(); $m['name'] = $files['ogname']; $m['alias'] = $this->path . $filename . '.' . $fileext; $m['description'] = $files['type']; $m['type'] = 3; $mid = $meta->addMeta($m); // 把 pid 为 1000000000 的文章作为新上传的附件的暂居地。这样做并不好,但我想这应该够了。 $meta->addRelation($mid, 1000000000); $files['mid'] = $mid; return $files; }