_e('Allow Comment');
?>
</label></li>
</ul>
</li>
<li>
<label class="add-post-label"><?php
_e('Attachment');
?>
</label> <a href="#" onclick="uploadPanel(); return false;" style="font-size:12px;"><?php
_e('Upload');
?>
</a>
<ul class="clearfix" id="fsUpload">
<?php
$meta = new MetaLibrary();
$meta->setType(3);
$meta->setPID(1000000000);
$attachments = $meta->getMeta();
foreach ($attachments as $c) {
?>
<li class="multiline"><label for="attach-<?php
echo $c['mid'];
?>
"><?php
echo $c['name'];
?>
</label><a href="#" onclick="insertToEditor('<?php
path(array('mid' => $c['mid']), 'Attachment');
?>
','<?php
_e('Description');
?>
</th>
<th><?php
_e('Alias');
?>
</th>
<th class="radius-topright"><?php
_e('Reply');
?>
</th>
</tr>
</thead>
<tbody>
<?php
$meta = new MetaLibrary();
$meta->setType(2);
$categories = $meta->getMeta();
$i = 0;
foreach ($categories as $c) {
?>
<tr<?php
if ($i % 2 == 0) {
?>
class="even"<?php
}
?>
id="tag-<?php
echo $c['mid'];
?>
">
/**
* @brief delMeta 删除 Meta
*
* @return void
*/
public function delMeta()
{
$mid = Request::P('mid');
$meta = new MetaLibrary();
if ($meta->delMeta($mid)) {
$r = array('success' => TRUE, 'message' => _t('Delete Meta complete.'));
} else {
$r = array('success' => FALSE, 'message' => _t('Delete Meta failed.'));
}
Response::ajaxReturn($r);
}
/**
* @brief deletePost 删除一篇文章
*
* @return void
*/
public function deletePost()
{
$pid = Request::P('pid');
// 删除文章
$post = new PostLibrary();
$post->deletePost($pid);
// 删除 Meta 关系
$meta = new MetaLibrary();
$meta->setPID($pid);
$metas = $meta->getMeta();
foreach ($metas as $m) {
if ($m['type'] == 1 || $m['type'] == 2) {
$meta->delRelation($m['mid'], $pid);
} elseif ($m['type'] == 3) {
$meta->movRelation($m['mid'], $pid, 1000000000);
}
}
// 删除评论
$comment = new CommentLibrary();
$comment->deleteComments($pid);
$r = array('success' => TRUE);
Response::ajaxReturn($r);
}
/**
* @brief editPostDo 编辑文章
*
* @return void
*/
private function editPostDo()
{
// 验证用户权限
// 非管理员只能编辑自己的文章
// 如果原文章属于多个分类,那么编辑者必须拥有所有从属分类的权限
// 如果原文章不属于任何一个分类(正常情况下不会出现),那么任何人均可以编辑该文章
if (!Widget::getWidget('User')->isAdmin()) {
$pid = Request::P('pid');
$meta = new MetaLibrary();
$meta->setPID($pid);
$meta->setType(1);
$metas = $meta->getMeta(FALSE);
foreach ($metas as $m) {
if (!Widget::getWidget('User')->checkPrivilege('POST', $m['mid'])) {
Response::ajaxReturn(array('success' => FALSE, 'message' => _t('Permission denied.')));
return;
}
}
}
Widget::initWidget('Post');
Widget::getWidget('Post')->editPost();
}
public function execute()
{
// 返回的文件信息
$files = array('ogname' => '', 'name' => '', 'path' => '', 'size' => '', 'type' => '', 'status' => 1);
if (!count($_FILES)) {
return false;
}
$field = $this->field;
if ($_FILES[$field]['error'] != 0) {
switch ($_FILES[$field]['error']) {
case 1:
$files['status'] = -3;
break;
case 2:
case 3:
case 4:
$files['status'] = -4;
break;
}
return $files;
}
// 获取文件扩展名
$fileext = $this->fileext($_FILES[$field]['name']);
// 生成文件名
$filename = gmdate('YmdHis', $this->time) . mt_rand(1000000, 9999999);
// 文件大小
$filesize = $_FILES[$field]['size'];
// 限制上传格式
$disarr = array('asa', 'asax', 'ascx', 'asxh', 'asmx', 'asp', 'aspx', 'axd', 'cer', 'cs', 'java', 'php', 'php3', 'php4', 'shtm', 'shtml');
if (in_array($fileext, $disarr) || !in_array($fileext, $this->allow_types)) {
$files['status'] = -1;
return $files;
}
//文件大小超出
if ($filesize > $this->maxsize) {
$files['status'] = -2;
return $files;
}
$files['ogname'] = trim(htmlspecialchars($_FILES[$field]['name']));
$files['name'] = $filename;
$files['path'] = $this->path;
$files['size'] = $filesize;
$files['ext'] = $fileext;
//修正addslashes后win下路径多出转义导致文件无法上传的问题
$_FILES[$field]['tmp_name'] = str_replace('\\\\', '\\', $_FILES[$field]['tmp_name']);
//保存上传文件并删除临时文件
if (is_uploaded_file($_FILES[$field]['tmp_name'])) {
move_uploaded_file($_FILES[$field]['tmp_name'], $this->dir . $filename . '.' . $fileext);
//@unlink( $_FILES[$field]['tmp_name'] );
if (function_exists("mime_content_type")) {
$files['type'] = mime_content_type($this->dir . $filename . '.' . $fileext);
} elseif (isset($this->filetype[$fileext])) {
$files['type'] = $this->filetype[$fileext];
} else {
$files['type'] = "application/octet-stream";
}
//对图片进行加水印和生成缩略图
if (in_array($fileext, array('jpg', 'png', 'jpeg'))) {
if ($this->max_width || $this->max_height) {
$this->resize($this->dir . $filename . '.' . $fileext);
$files['size'] = filesize($this->dir . $filename . '.' . $fileext);
}
if ($this->thumb_width || $this->thumb_height) {
$this->create_thumb($this->dir . $filename . '.' . $fileext, $this->dir . 'thumb_' . $filename . '.' . $fileext);
}
if ($this->watermark_file) {
$this->create_watermark($this->dir . $filename . '.' . $fileext, $this->dir . 'watermark_' . $filename . '.' . $fileext);
}
}
}
// 将附件信息写入数据库
$meta = new MetaLibrary();
$m['name'] = $files['ogname'];
$m['alias'] = $this->path . $filename . '.' . $fileext;
$m['description'] = $files['type'];
$m['type'] = 3;
$mid = $meta->addMeta($m);
// 把 pid 为 1000000000 的文章作为新上传的附件的暂居地。这样做并不好,但我想这应该够了。
$meta->addRelation($mid, 1000000000);
$files['mid'] = $mid;
return $files;
}
