eCheckAccessDoIp('showinfo'); if (!$classid || !$id || !$mid || !$tbname || InfoIsInTable($tbname)) { printerror('此信息不存在', '', 1, 0, 1); } $r = $empire->fetch1("select * from {$dbtbpre}ecms_" . $tbname . " where id='{$id}' limit 1"); if (!$r['id'] || $classid != $r['classid']) { printerror('此信息不存在', '', 1, 0, 1); } //外部链接 if ($r['isurl']) { $titleurl = $r['titleurl']; Header("Location:{$titleurl}"); exit; } //moreport if (Moreport_ReturnMustDt()) { $class_r[$classid]['showdt'] = 2; } //是否支持动态内容页 if ($class_r[$classid]['showdt'] != 2) { $titleurl = sys_ReturnBqTitleLink($r); Header("Location:{$titleurl}"); exit; } //副表 $finfor = $empire->fetch1("select " . ReturnSqlFtextF($mid) . " from {$dbtbpre}ecms_" . $tbname . "_data_" . $r['stb'] . " where id='{$r['id']}' limit 1"); $r = array_merge($r, $finfor); //权限 if ($r['groupid'] || $class_r[$classid]['cgtoinfo']) { define('empirecms', 'wm_chief'); define('PageCheckLevel', 'wm_chief');
<?php require '../../class/connect.php'; require '../../class/db_sql.php'; require '../../class/functions.php'; require '../../class/t_functions.php'; require '../' . LoadLang('pub/fun.php'); require '../../data/dbcache/class.php'; require '../../data/dbcache/MemberLevel.php'; $link = db_connect(); $empire = new mysqlquery(); $editor = 1; $classid = (int) $_GET['classid']; $id = (int) $_GET['id']; //内部表 if (!$classid || !$id || !$class_r[$classid]['tbname'] || InfoIsInTable($class_r[$classid]['tbname']) || Moreport_ReturnMustDt()) { printerror('ErrorUrl', 'history.go(-1)', 1); } $addgethtmlpath = '../'; $titleurl = DoGetHtml($classid, $id); db_close(); $empire = null; Header("Location:{$titleurl}");
function NewsBq($classid, $indextext, $enews = 0, $doing = 0) { global $empire, $dbtbpre, $public_r, $emod_r, $class_r, $class_zr, $fun_r, $navclassid, $navinfor, $class_tr, $level_r, $etable_r; $indextext = stripSlashes($indextext); $indextext = ReplaceTempvar($indextext); //替换全局模板变量 $classlevel = ''; if ($enews == 0) { if ($class_r[$classid]['listdt'] || $class_r[$classid]['wburl'] || strstr($public_r['nreclass'], ',' . $classid . ',') || InfoIsInTable($class_r[$classid]['tbname'])) { return ''; } $GLOBALS['navclassid'] = $classid; $url = ReturnClassLink($classid); //导航 $cf = $doing == 1 ? ',classpath,classtype,classname' : ''; $cr = $empire->fetch1("select classpagekey,intro,classimg,cgroupid" . $cf . " from {$dbtbpre}enewsclass where classid='{$classid}'"); if (!empty($cf)) { $class_r[$classid][classpath] = $cr[classpath]; $class_r[$classid][classtype] = $cr[classtype]; $class_r[$classid][classname] = $cr[classname]; } //权限 if ($cr['cgroupid']) { $classlevel = AddCheckClassLevel($classid, $cr['cgroupid'], ''); } //页面 $pagetitle = ehtmlspecialchars($class_r[$classid][classname]); $pagekey = ehtmlspecialchars($cr['classpagekey']); $pagedes = ehtmlspecialchars($cr['intro']); $classimg = $cr['classimg']; $onclick = "<script src=" . $public_r[newsurl] . "e/public/onclick/?enews=doclass&classid={$classid}></script>"; $truefile = eReturnTrueEcmsPath() . ReturnSaveClassPath($classid, 1); //moreport $file = ECMS_PATH . DASHBOARD . '/data/tmp/class' . $classid . '.php'; $indextext = str_replace("[!--newsnav--]", $url, $indextext); //位置导航 $indextext = Class_ReplaceSvars($indextext, $url, $classid, $pagetitle, $pagekey, $pagedes, $classimg, $add, 0); } elseif ($enews == 3) { $GLOBALS['navclassid'] = $classid; $url = ReturnZtLink($classid); //导航 $cf = $doing == 1 ? ',ztpath,zttype,ztname' : ''; $cr = $empire->fetch1("select ztpagekey,intro,ztimg" . $cf . " from {$dbtbpre}enewszt where ztid='{$classid}'"); if (!empty($cf)) { $class_zr[$classid][ztpath] = $cr[ztpath]; $class_zr[$classid][zttype] = $cr[zttype]; $class_zr[$classid][ztname] = $cr[ztname]; } $pagetitle = ehtmlspecialchars($class_zr[$classid][ztname]); $pagekey = ehtmlspecialchars($cr['ztpagekey']); $pagedes = ehtmlspecialchars($cr['intro']); $classimg = $cr['ztimg']; $onclick = "<script src=" . $public_r[newsurl] . "e/public/onclick/?enews=dozt&ztid={$classid}></script>"; $truefile = ECMS_PATH . ReturnSaveZtPath($classid, 1); $file = ECMS_PATH . DASHBOARD . '/data/tmp/zt' . $classid . '.php'; $indextext = str_replace("[!--newsnav--]", $url, $indextext); //位置导航 $indextext = Class_ReplaceSvars($indextext, $url, $classid, $pagetitle, $pagekey, $pagedes, $classimg, $add, 1); } elseif ($enews == 4) { $cr = $empire->fetch1("select ztid,cname,ttype from {$dbtbpre}enewszttype where cid='{$classid}'"); $GLOBALS['navclassid'] = $classid; $GLOBALS['navinfor']['ecmsbid'] = $cr['ztid']; $url = ReturnZtLink($cr['ztid']); //导航 $pagetitle = ehtmlspecialchars($cr['cname']); $pagekey = ehtmlspecialchars($cr['cname']); $pagedes = ehtmlspecialchars($cr['cname']); $onclick = "<script src=" . $public_r[newsurl] . "e/public/onclick/?enews=dozt&ztid={$cr['ztid']}></script>"; $truefile = ECMS_PATH . ReturnSaveZtPath($cr['ztid'], 0) . '/type' . $classid . $cr['ttype']; $file = ECMS_PATH . DASHBOARD . '/data/tmp/ztc' . $classid . '.php'; $indextext = str_replace("[!--newsnav--]", $url, $indextext); //位置导航 $indextext = Class_ReplaceSvars($indextext, $url, $classid, $pagetitle, $pagekey, $pagedes, $classimg, $add, 1); } elseif ($enews == 1) { $pr = $empire->fetch1("select sitekey,siteintro,indexpagedt from {$dbtbpre}enewspublic limit 1"); if ($pr['indexpagedt'] || Moreport_ReturnMustDt() && !defined('ECMS_SELFPATH')) { return ''; } //页面 $pagetitle = ehtmlspecialchars($public_r['sitename']); $pagekey = ehtmlspecialchars($pr['sitekey']); $pagedes = ehtmlspecialchars($pr['siteintro']); $url = "<a href=\"" . ReturnSiteIndexUrl() . "\">" . $fun_r['index'] . "</a>"; //栏目导航 $onclick = ''; $truefile = eReturnTrueEcmsPath() . ReturnSaveIndexFile(); //moreport $file = ECMS_PATH . DASHBOARD . '/data/tmp/index.php'; $indextext = ReplaceSvars($indextext, $url, 0, $pagetitle, $pagekey, $pagedes, $add, 0); } $indextext = str_replace("[!--page.stats--]", $onclick, $indextext); //替换标签 $indextext = DoRepEcmsLoopBq($indextext); $indextext = RepBq($indextext); //写文件 WriteFiletext($file, AddCheckViewTempCode() . $indextext); //读取文件内容 ob_start(); include $file; $string = ob_get_contents(); ob_end_clean(); $string = RepExeCode($string); //解析代码 WriteFiletext($truefile, $classlevel . $string); return $string; }
function DodoInfo($add, $ecms = 0) { global $empire, $public_r, $emod_r, $level_r, $class_r, $dbtbpre, $fun_r; //验证来源 if ($ecms == 0 || $ecms == 1) { CheckCanPostUrl(); } //开启投稿 if ($public_r['addnews_ok']) { printerror("CloseQAdd", "", 1); } //验证本时间允许操作 eCheckTimeCloseDo('info'); $classid = (int) $add['classid']; $mid = (int) $class_r[$classid]['modid']; if (!$mid || !$classid) { printerror("EmptyQinfoCid", "", 1); } $tbname = $emod_r[$mid]['tbname']; $qenter = $emod_r[$mid]['qenter']; if (!$tbname || !$qenter || $qenter == ',') { printerror("ErrorUrl", "history.go(-1)", 1); } $muserid = (int) getcvar('mluserid'); $musername = RepPostVar(getcvar('mlusername')); $mrnd = RepPostVar(getcvar('mlrnd')); //取得栏目信息 $isadd = 0; if ($ecms == 0) { $isadd = 1; } $setuserday = ''; $cr = DoQCheckAddLevel($classid, $muserid, $musername, $mrnd, $ecms, $isadd); $setuserday = $cr['checkaddnumquery']; $filepass = (int) $add['filepass']; $id = (int) $add['id']; $infor = array(); //组合标题属性 $titlecolor = RepPostStr(RepPhpAspJspcodeText($add[titlecolor])); $titlefont = TitleFont($add[titlefont], $titlecolor); $titlecolor = ""; $titlefont = ""; $ttid = (int) $add['ttid']; $keyboard = addslashes(RepPostStr(trim(DoReplaceQjDh($add[keyboard])))); $keyid = ''; //返回关键字组合 if ($keyboard && strstr($qenter, ',special.field,')) { $keyboard = str_replace('[!--f--!]', 'ecms', $keyboard); $keyid = GetKeyid($keyboard, $classid, $id, $class_r[$classid][link_num]); } //验证码 $keyvname = 'checkinfokey'; //moreport if (Moreport_ReturnMustDt()) { define('ECMS_SELFPATH', eReturnEcmsMainPortPath()); Moreport_ResetMainTempGid(); } //-----------------增加 if ($ecms == 0) { //时间 $lasttime = getcvar('lastaddinfotime'); if ($lasttime) { if (time() - $lasttime < $public_r['readdinfotime']) { printerror("QAddInfoOutTime", "", 1); } } //验证码 if ($cr['qaddshowkey']) { ecmsCheckShowKey($keyvname, $add['key'], 1); } //IP发布数限制 $check_ip = egetip(); $check_checked = $cr['wfid'] ? 0 : $cr['checkqadd']; eCheckIpAddInfoNum($check_ip, $tbname, $mid, $check_checked); //返回字段 $ret_r = ReturnQAddinfoF($mid, $add, $infor, $classid, $filepass, $muserid, $musername, 0); $checked = $cr['checkqadd']; $havehtml = 0; $newspath = date($cr['newspath']); $truetime = time(); $newstime = $truetime; $newstempid = $cr['newstempid']; $haveaddfen = 0; //强制签发 $isqf = 0; if ($cr['wfid']) { $checked = 0; $isqf = 1; } //增扣点 if ($checked && $muserid) { AddInfoFen($cr['addinfofen'], $muserid); $haveaddfen = 1; } if (empty($muserid)) { $musername = $fun_r['guest']; } //会员投稿数更新 if ($setuserday) { $empire->query($setuserday); } //发布时间 if (!strstr($qenter, ',newstime,')) { $ret_r[0] = ",newstime" . $ret_r[0]; $ret_r[1] = ",'{$newstime}'" . $ret_r[1]; } else { if ($add['newstime']) { $newstime = to_time($add['newstime']); $newstime = intval($newstime); } } //附加链接参数 $addecmscheck = empty($checked) ? '&ecmscheck=1' : ''; //索引表 $indexsql = $empire->query("insert into {$dbtbpre}ecms_" . $tbname . "_index(classid,checked,newstime,truetime,lastdotime,havehtml) values('{$classid}','{$checked}','{$newstime}','{$truetime}','{$truetime}','{$havehtml}');"); $id = $empire->lastid(); //返回表信息 $infotbr = ReturnInfoTbname($tbname, $checked, $ret_r[4]); //主表 $sql = $empire->query("insert into " . $infotbr['tbname'] . "(id,classid,ttid,onclick,plnum,totaldown,newspath,filename,userid,username,firsttitle,isgood,istop,isqf,ismember,isurl,truetime,lastdotime,havehtml,groupid,userfen,titlefont,titleurl,stb,fstb,restb,keyboard" . $ret_r[0] . ") values('{$id}','{$classid}','{$ttid}',0,0,0,'{$newspath}','','" . $muserid . "','" . addslashes($musername) . "',0,0,0,'{$isqf}',1,0,'{$truetime}','{$truetime}','{$havehtml}',0,0,'{$titlefont}','','{$ret_r['4']}','{$public_r['filedeftb']}','{$public_r['pldeftb']}','{$keyboard}'" . $ret_r[1] . ");"); //副表 $fsql = $empire->query("insert into " . $infotbr['datatbname'] . "(id,classid,keyid,dokey,newstempid,closepl,haveaddfen,infotags" . $ret_r[2] . ") values('{$id}','{$classid}','{$keyid}',1,'{$newstempid}',0,'{$haveaddfen}',''" . $ret_r[3] . ");"); //扣点记录 if ($haveaddfen) { if ($cr['addinfofen'] < 0) { BakDown($classid, $id, 0, $muserid, $musername, RepPostStr($add[title]), abs($cr['addinfofen']), 3); } } //签发 if ($isqf == 1) { InfoInsertToWorkflow($id, $classid, $cr['wfid'], $muserid, addslashes($musername)); } //文件命名 $filename = ReturnInfoFilename($classid, $id, ''); //信息地址 $infourl = GotoGetTitleUrl($classid, $id, $newspath, $filename, 0, 0, ''); $usql = $empire->query("update " . $infotbr['tbname'] . " set filename='{$filename}',titleurl='{$infourl}' where id='{$id}'"); //修改ispic UpdateTheIspic($classid, $id, $checked); //修改附件 if ($filepass) { UpdateTheFile($id, $filepass, $classid, $public_r['filedeftb']); } //更新栏目信息数 AddClassInfos($classid, '+1', '+1', $checked); //更新新信息数 DoUpdateAddDataNum('info', $class_r[$classid]['tid'], 1); //清除验证码 ecmsEmptyShowKey($keyvname); esetcookie("qeditinfo", "", 0); //生成页面 if ($checked && !$cr['showdt']) { $titleurl = qAddGetHtml($classid, $id); } //生成列表 if ($checked) { qAddListHtml($classid, $mid, $cr['qaddlist'], $cr['listdt']); //生成上一篇 if ($cr['repreinfo']) { $prer = $empire->fetch1("select * from {$dbtbpre}ecms_" . $tbname . " where id<{$id} and classid='{$classid}' order by id desc limit 1"); GetHtml($prer['classid'], $prer['id'], $prer, 1); } } if ($sql) { $reurl = DoingReturnUrl("AddInfo.php?classid={$classid}&mid={$mid}" . $addecmscheck, $add['ecmsfrom']); if ($add['gotoinfourl'] && $checked) { if ($cr['showdt'] == 1) { $reurl = $public_r[newsurl] . "e/action/ShowInfo/?classid={$classid}&id={$id}"; } elseif ($cr['showdt'] == 2) { $rewriter = eReturnRewriteInfoUrl($classid, $id, 1); $reurl = $rewriter['pageurl']; } else { $reurl = $titleurl; } } esetcookie("lastaddinfotime", time(), time() + 3600 * 24); //设置最后发表时间 printerror("AddQinfoSuccess", $reurl, 1); } else { printerror("DbError", "history.go(-1)", 1); } } elseif ($ecms == 1) { if (!$id) { printerror("ErrorUrl", "history.go(-1)", 1); } //检测权限 $infor = CheckQdoinfo($classid, $id, $muserid, $tbname, $cr['adminqinfo'], 1); //检测时间 if ($public_r['qeditinfotime']) { if (time() - $infor['truetime'] > $public_r['qeditinfotime'] * 60) { printerror("QEditInfoOutTime", "history.go(-1)", 1); } } $iaddfield = ''; $addfield = ''; $faddfield = ''; //返回字段 $ret_r = ReturnQAddinfoF($mid, $add, $infor, $classid, $filepass, $muserid, $musername, 1); if ($keyboard) { $addfield = ",keyboard='{$keyboard}'"; $faddfield = ",keyid='{$keyid}'"; } //时间 if (strstr($qenter, ',newstime,')) { if ($add['newstime']) { $newstime = to_time($add['newstime']); $newstime = intval($newstime); $iaddfield .= ",newstime='{$newstime}'"; } } //修改是否需要审核 $ychecked = $infor['checked']; if ($cr['qeditchecked']) { $infor['checked'] = 0; $iaddfield .= ",checked=0"; $relist = 1; //删除原页面 DelNewsFile($infor[filename], $infor[newspath], $infor[classid], $infor[newstext], $infor[groupid]); } //会员投稿数更新 if ($setuserday) { //$empire->query($setuserday); } $lastdotime = time(); //附加链接参数 $addecmscheck = empty($infor['checked']) ? '&ecmscheck=1' : ''; //索引表 $indexsql = $empire->query("update {$dbtbpre}ecms_" . $tbname . "_index set lastdotime={$lastdotime},havehtml=0" . $iaddfield . " where id='{$id}'"); //返回表信息 $infotbr = ReturnInfoTbname($tbname, $ychecked, $infor['stb']); //主表 $sql = $empire->query("update " . $infotbr['tbname'] . " set lastdotime={$lastdotime},havehtml=0,ttid='{$ttid}'" . $addfield . $ret_r[0] . " where id={$id} and classid={$classid} and userid='{$muserid}' and ismember=1"); //副表 $fsql = $empire->query("update " . $infotbr['datatbname'] . " set classid='{$classid}'" . $faddfield . $ret_r[3] . " where id='{$id}'"); //修改ispic UpdateTheIspic($classid, $id, $ychecked); //更新附件 UpdateTheFileEdit($classid, $id, $infor['fstb']); //未审核信息互转 if ($ychecked != $infor['checked']) { MoveCheckInfoData($tbname, $ychecked, $infor['stb'], "id='{$id}'"); //更新栏目信息数 if ($infor['checked']) { AddClassInfos($classid, '', '+1'); } else { AddClassInfos($classid, '', '-1'); } } esetcookie("qeditinfo", "", 0); //生成页面 if ($infor['checked'] && !$cr['showdt']) { $titleurl = qAddGetHtml($classid, $id); } //生成列表 if ($infor['checked'] || $relist == 1) { qAddListHtml($classid, $mid, $cr['qaddlist'], $cr['listdt']); } //生成上一篇 if ($cr['repreinfo'] && $infor['checked']) { $prer = $empire->fetch1("select * from {$dbtbpre}ecms_" . $tbname . " where id<{$id} and classid='{$classid}' order by id desc limit 1"); GetHtml($prer['classid'], $prer['id'], $prer, 1); } if ($sql) { $reurl = DoingReturnUrl("ListInfo.php?mid={$mid}" . $addecmscheck, $add['ecmsfrom']); if ($add['editgotoinfourl'] && $infor['checked']) { if ($cr['showdt'] == 1) { $reurl = $public_r[newsurl] . "e/action/ShowInfo/?classid={$classid}&id={$id}"; } elseif ($cr['showdt'] == 2) { $rewriter = eReturnRewriteInfoUrl($classid, $id, 1); $reurl = $rewriter['pageurl']; } else { $reurl = $titleurl; } } printerror("EditQinfoSuccess", $reurl, 1); } else { printerror("DbError", "history.go(-1)", 1); } } elseif ($ecms == 2) { if (!$id) { printerror("ErrorUrl", "history.go(-1)", 1); } //检测权限 $r = CheckQdoinfo($classid, $id, $muserid, $tbname, $cr['adminqinfo'], 2); //附加链接参数 $addecmscheck = empty($r['checked']) ? '&ecmscheck=1' : ''; //返回表信息 $infotbr = ReturnInfoTbname($tbname, $r['checked'], $r['stb']); $stf = $emod_r[$mid]['savetxtf']; $pf = $emod_r[$mid]['pagef']; //分页字段 if ($pf) { if (strstr($emod_r[$mid]['tbdataf'], ',' . $pf . ',')) { $finfor = $empire->fetch1("select " . $pf . " from " . $infotbr['datatbname'] . " where id='{$id}' limit 1"); $r[$pf] = $finfor[$pf]; } } //存文本 if ($stf) { $newstextfile = $r[$stf]; $r[$stf] = GetTxtFieldText($r[$stf]); //删除文件 DelTxtFieldText($newstextfile); } //删除信息文件 DelNewsFile($r[filename], $r[newspath], $classid, $r[$pf], $r[groupid]); $indexsql = $empire->query("delete from {$dbtbpre}ecms_" . $tbname . "_index where id='{$id}'"); $sql = $empire->query("delete from " . $infotbr['tbname'] . " where id={$id} and classid={$classid} and userid='{$muserid}' and ismember=1"); $fsql = $empire->query("delete from " . $infotbr['datatbname'] . " where id={$id}"); esetcookie("qdelinfo", "", 0); //更新栏目信息数 AddClassInfos($classid, '-1', '-1', $r['checked']); //删除其它表记录和附件 DelSingleInfoOtherData($classid, $id, $r, 0, 0); //生成列表 if ($r['checked']) { qAddListHtml($classid, $mid, $cr['qaddlist'], $cr['listdt']); //生成上一篇 if ($cr['repreinfo']) { $prer = $empire->fetch1("select * from {$dbtbpre}ecms_" . $tbname . " where id<{$id} and classid='{$classid}' order by id desc limit 1"); GetHtml($prer['classid'], $prer['id'], $prer, 1); //下一篇 $nextr = $empire->fetch1("select * from {$dbtbpre}ecms_" . $tbname . " where id>{$id} and classid='{$classid}' order by id limit 1"); if ($nextr['id']) { GetHtml($nextr['classid'], $nextr['id'], $nextr, 1); } } } if ($sql) { $reurl = DoingReturnUrl("ListInfo.php?mid={$mid}", $add['ecmsfrom']); printerror("DelQinfoSuccess", $reurl, 1); } else { printerror("DbError", "history.go(-1)", 1); } } else { printerror("ErrorUrl", "", 1); } }
function ReturnSiteIndexUrl() { global $public_r; if (empty($public_r['indexaddpage'])) { return $public_r['newsurl']; } if ($public_r['indexpagedt'] || Moreport_ReturnMustDt()) { $public_r['indextype'] = '.php'; } $file = $public_r['newsurl'] . 'index' . $public_r['indextype']; return $file; }