$smarty->assign('token', $firewall->set_token('mobile_show_add')); $smarty->display('mobile.htm'); } elseif ($act == 'insert') { if (empty($_POST['show_name'])) { $dou->dou_msg($_LANG['show_name'] . $_LANG['is_empty']); } // 上传图片生成 $name = date('Ymd'); for ($i = 0; $i < 6; $i++) { $name .= chr(mt_rand(97, 122)); } $upfile = $img->upload_image('show_img', $name); // 上传的文件域 $file = $images_dir . $upfile; $img->to_file = true; $img->make_thumb($upfile, 100, 100); // CSRF防御令牌验证 $firewall->check_token($_POST['token'], 'mobile_show_add'); $sql = "INSERT INTO " . $dou->table('show') . " (id, show_name, show_link, show_img, type, sort)" . " VALUES (NULL, '{$_POST['show_name']}', '{$_POST['show_link']}', '{$file}', 'mobile', '{$_POST['sort']}')"; $dou->query($sql); $dou->create_admin_log($_LANG['mobile'] . ' - ' . $_LANG['show_add'] . ': ' . $_POST[show_name]); $dou->dou_msg($_LANG['show_add_succes'], 'mobile.php?rec=show'); } elseif ($act == 'edit') { // 验证并获取合法的ID $id = $check->is_number($_REQUEST['id']) ? $_REQUEST['id'] : ''; $query = $dou->select($dou->table('show'), '*', '`id` = \'' . $id . '\''); $show = $dou->fetch_array($query); // CSRF防御令牌生成 $smarty->assign('token', $firewall->set_token('mobile_show_edit')); // 赋值给模板 $smarty->assign('id', $id);
$smarty->assign('product', $product); $smarty->display('product.htm'); } elseif ($rec == 'insert') { if (empty($_POST['product_name'])) { $dou->dou_msg($_LANG['product_name'] . $_LANG['is_empty']); } if (!$check->is_price($_POST['price'] = trim($_POST['price']))) { $dou->dou_msg($_LANG['price_wrong']); } $upfile = array(); // 判断是否有上传图片/上传图片生成 if ($_FILES['product_image']['name'] != '') { $upfile[0] = $img->upload_image('product_image', $id); // 上传的文件域 $file = $images_dir . $upfile[0]; $img->make_thumb($upfile[0], $_CFG['thumb_width'], $_CFG['thumb_height']); } for ($i = 1; $i <= 5; $i++) { //添加附属图片input名为product_image_1样式的 if ($_FILES['product_image_' . $i]['name'] != '') { $upfile[$i] = $img->upload_image('product_image_' . $i, $id); $file = $file . "," . $images_dir . $upfile[$i]; $img->make_thumb($upfile[$i], $_CFG['thumb_width'], $_CFG['thumb_height']); } } // CSRF防御令牌验证 $firewall->check_token($_POST['token'], 'product_add'); $add_time = time(); // 格式化自定义参数 $_POST['defined'] = str_replace("\r\n", ',', $_POST['defined']); $sql = "INSERT INTO " . $dou->table('product') . " (id, cat_id, product_name, price, defined, content, product_image ,keywords, add_time, description)" . " VALUES (NULL, '{$_POST['cat_id']}', '{$_POST['product_name']}', '{$_POST['price']}', '{$_POST['defined']}', '{$_POST['content']}', '{$file}', '{$_POST['keywords']}', '{$add_time}', '{$_POST['description']}')";
$smarty->assign('product_category', $dou->get_category_nolevel('product_category')); $smarty->assign('product', $product); $smarty->display('product.htm'); } elseif ($rec == 'insert') { if (empty($_POST['name'])) { $dou->dou_msg($_LANG['name'] . $_LANG['is_empty']); } if (!$check->is_price($_POST['price'] = trim($_POST['price']))) { $dou->dou_msg($_LANG['price_wrong']); } // 判断是否有上传图片/上传图片生成 if ($_FILES['image']['name'] != '') { $upfile = $img->upload_image('image', $id); // 上传的文件域 $file = $images_dir . $upfile; $img->make_thumb($upfile, $_CFG['thumb_width'], $_CFG['thumb_height']); } $add_time = time(); // 格式化自定义参数 $_POST['defined'] = str_replace("\r\n", ',', $_POST['defined']); // CSRF防御令牌验证 $firewall->check_token($_POST['token'], 'product_add'); $sql = "INSERT INTO " . $dou->table('product') . " (id, cat_id, name, price, defined, content, image ,keywords, add_time, description)" . " VALUES (NULL, '{$_POST['cat_id']}', '{$_POST['name']}', '{$_POST['price']}', '{$_POST['defined']}', '{$_POST['content']}', '{$file}', '{$_POST['keywords']}', '{$add_time}', '{$_POST['description']}')"; $dou->query($sql); // 为了产品图片管理方便,重新以产品ID定义图片名称 if ($_FILES['image']['name'] != '') { // 格式化图片名称 $good_id = mysql_insert_id(); $no_ext = explode('.', $file); $file_thumb = $no_ext[0] . '_thumb' . '.' . $no_ext[1]; $new_name = $images_dir . $good_id . '.' . $no_ext[1];
} elseif ($rec == 'insert') { if (empty($_POST['page_name'])) { $dou->dou_msg($_LANG['page_name'] . $_LANG['is_empty']); } // 上传banner生成 $name = date('Ymd'); for ($i = 0; $i < 6; $i++) { $name .= chr(mt_rand(97, 122)); } if (!empty($_FILES['banner']['name'])) { //检查是否上传了banner,如果没有上传则为空 $upfile = $img->upload_image('banner', $name); // 上传的文件域 $file = $banner_dir . $upfile; $img->to_file = true; $img->make_thumb($upfile, 140, 36); } else { $file = ""; } // CSRF防御令牌验证 $firewall->check_token($_POST['token'], 'page_add'); $sql = "INSERT INTO " . $dou->table('page') . " (id, unique_id, parent_id, page_name, content ,keywords, description, banner, type)" . " VALUES (NULL, '{$_POST['unique_id']}', '{$_POST['parent_id']}', '{$_POST['page_name']}', '{$_POST['content']}', '{$_POST['keywords']}', '{$_POST['description']}', '{$file}', '{$_POST['page_type']}')"; $dou->query($sql); $miid = mysql_insert_id(); $sql = "UPDATE " . $dou->table('page_images') . " SET page_id = '" . $miid . "' WHERE temp_num = '{$_POST['page_temp_num']}'"; //将新建页面时增加的图片链接上该页面生成的id号 $dou->query($sql); if (!$check->is_unique_id($_POST['unique_id'])) { $dou->dou_msg($_LANG['unique_id_wrong'] . '<br />注意:不添加别名在URL重写模式下导航链接将出错!', 'page.php?rec=edit&id=' . $miid . '&temp_num=' . $temp_num . '&page_id=' . $miid, '', '5'); } $dou->create_admin_log($_LANG['page_add'] . ': ' . $_POST[page_name]);
} elseif ($rec == 'insert') { if (empty($_POST['image_name'])) { $dou->dou_msg('图片名称' . $_LANG['is_empty'], 'image.php?temp_num=' . $temp_num . '&page_id=' . $page_id, 'out'); } // 上传图片生成 $name = date('Ymd'); for ($i = 0; $i < 6; $i++) { $name .= chr(mt_rand(97, 122)); } $upfile = $img->upload_image('image_img', $name); // 上传的文件域 $file = $images_dir . $upfile; $img->to_file = true; //统一标准缩放图片 $img_size = $dou->get_image_size(ROOT_URL . $file, $_CFG['thumb_width'], $_CFG['thumb_height']); $img->make_thumb($upfile, $img_size['width'], $img_size['height'], false, 100, false); //$img->make_thumb($upfile, $_CFG['thumb_width'], $_CFG['thumb_height'] ); // CSRF防御令牌验证 $firewall->check_token($_POST['token'], 'image_add'); $sql = "INSERT INTO " . $dou->table('page_images') . " (id, name, image_link, image_url, temp_num, page_id, sort)" . " VALUES (NULL, '{$_POST['image_name']}', '{$_POST['image_link']}', '{$file}', '{$temp_num}' , '{$page_id}', '{$_POST['sort']}')"; //如果是已有的页面新增,则新增时间会直接写入page_id值 $dou->query($sql); $dou->create_admin_log('添加图片页图片' . ': ' . $_POST[image_name]); $dou->dou_msg('添加图片页图片成功', 'image.php?temp_num=' . $temp_num . '&page_id=' . $page_id, 'out'); //添加成功后的跳转要继续传回temp_num,加out则不会显示整个后台的模板 } elseif ($rec == 'edit') { // 验证并获取合法的ID $id = $check->is_number($_REQUEST['id']) ? $_REQUEST['id'] : ''; $query = $dou->select($dou->table('page_images'), '*', '`id` = \'' . $id . '\''); $image = $dou->fetch_array($query); //print_r($image);