function pkpost($cacheinfo, $cp = 1) { global $_G, $_SGLOBAL, $theurl, $mname, $checkresults; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $mustverify = false; $resultitems = $resultmessage = $updateitem = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($mname == "groupbuy" && preg_match('/^user_|^ext_/', $result['fieldname'])) { continue; } if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_G['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //輸入檢查 $_POST['subject'] = trim(strip_tags($_POST['subject'])); $itemid = $_POST['itemid']; $checkresults = array(); if (bstrlen($_POST['subject']) < 1 || bstrlen($_POST['subject']) > 80) { array_push($checkresults, array('subject' => lang('space_suject_length_error'))); } //數據檢查 checkvalues(array_merge($resultitems, $resultmessage), 1, 1); //商品價格處理 Start if ($modelsinfoarr['modelname'] == 'good') { if ($_POST['minprice'] > 0 && $_POST['maxprice'] > 0 && $_POST['maxprice'] < $_POST['minprice']) { array_push($checkresults, array('maxprice' => lang('maxprice_must_big_then_minprice'))); } } //商品價格處理 End //修改時檢驗標題圖片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //當file刪除時,或修改時執行刪除操作 $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); $hash = getmodelhash($modelsinfoarr['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //構建數據 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $itemgrade = DB::result_first("SELECT grade FROM " . tname($mname . "items") . " WHERE itemid = '{$itemid}'"); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['subjectimage'] = $_POST['subjectimage_value']; } if (empty($_POST['catid']) || $_POST['catid'] < 0) { array_push($checkresults, array('catid' => lang('cat_not_selected'))); } $setsqlarr['catid'] = $_POST['catid']; if ($modelsinfoarr['modelname'] != 'shop') { //限制必填信息所屬店舖 if (pkperm('isadmin')) { if (empty($_POST['shopid'])) { array_push($checkresults, array('shopid' => lang('please_select_shopid'))); } $setsqlarr['shopid'] = intval($_POST['shopid']); } else { $setsqlarr['shopid'] = $_G['myshopid']; } } else { $setsqlarr['letter'] = !empty($_POST['letter']) ? trim($_POST['letter']) : getletter(trim($_POST['subject'])); $setsqlarr['keywords'] = trim(strip_tags($_POST['keywords'])); $setsqlarr['description'] = trim(strip_tags($_POST['description'])); if (!empty($_POST['syncfid'])) { require_once B_ROOT . './api/bbs_syncpost.php'; if (checkbbsfid($_POST['syncfid'])) { $setsqlarr['syncfid'] = intval($_POST['syncfid']); } else { array_push($checkresults, array('syncfid' => lang('syncfid_noexists'))); } } } $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = 1; if (!empty($checkresults)) { cpmsg('addobject_error', '', '', '', true, true, $checkresults); } if (pkperm('isadmin')) { $setsqlarr['grade'] = isset($_POST['grade']) ? $_POST['grade'] : 3; } elseif ($_G['myshopstatus'] == 'verified') { if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy')) && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['grade'] = !empty($itemid) ? 5 : 0; if (!empty($itemid)) { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } } $mustverify = true; } else { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } else { $setsqlarr['grade'] = $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] ? 0 : 3; } } } elseif ($_G['myshopstatus'] == 'unverified') { $setsqlarr['grade'] = 0; } $setsqlarr['dateline'] = $_G['timestamp']; $setsqlarr['uid'] = $_G['uid']; $setsqlarr['username'] = $_G['username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; // 標題圖片處理 Start if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { if ($_GET['action'] == 'add') { $hotline = $_SGLOBAL['panelinfo']['tel']; $address = $_SGLOBAL['panelinfo']['address']; } else { $shopinfo = DB::fetch(DB::query("SELECT tel, address FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'")); $hotline = $shopinfo['tel']; $address = $shopinfo['address']; } $dealer_name = DB::result_first("SELECT subject FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'"); $createimgarr = array('id' => intval($_POST['imgtplid']), 'mid' => intval($modelsinfoarr['mid']), 'itemid' => intval($itemid), 'coupon_title' => $setsqlarr['subject'], 'dealer_id' => $setsqlarr['uid'], 'dealer_name' => $dealer_name, 'begin_date' => date('Y-m-d', $setsqlarr['validity_start']), 'end_date' => date('Y-m-d', $setsqlarr['validity_end']), 'brief' => trim($_POST['message']), 'exception' => trim($_POST['exception']), 'address' => $address, 'hotline' => $hotline, 'subjectimagewidth' => $modelsinfoarr['subjectimagewidth'], 'subjectimageheight' => $modelsinfoarr['subjectimageheight']); require_once B_ROOT . './source/adminfunc/tool.func.php'; if ($consumeimgpath = image_text($createimgarr)) { $setsqlarr['subjectimage'] = $consumeimgpath; $setsqlarr['imagetype'] = 0; $setsqlarr['imgtplid'] = intval($_POST['imgtplid']); } } else { $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => '圖片標題', 'formtype' => 'img')), $modelsinfoarr['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['imagetype'] = 1; } } /* --------- 標題圖片處理 End --------------*/ //詞語過濾 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //發佈時間 $setsqlarr['dateline'] = $_G['timestamp']; // 商品添加簡介 if ($mname == "good") { $setsqlarr['intro'] = trim(strip_tags($_POST['intro'])); } if (empty($itemid)) { //插入數據 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy'))) { itemnumreset($modelsinfoarr['modelname'], $setsqlarr['shopid']); } } else { $_SGLOBAL['itemupdate'] = 1; //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); if ($itemgrade == 1 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 1 && pkperm('isadmin')) { $setsqlarr['grade'] = 1; } elseif ($itemgrade == 0 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 0 && pkperm('isadmin')) { $setsqlarr['grade'] = 0; } if (pkperm('isadmin')) { //站長可以post任何數據 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); //權限限制 } else { // 店長不允許更改店舖組 unset($setsqlarr['groupid']); if ($modelsinfoarr['modelname'] == 'shop') { unset($setsqlarr['validity_start']); unset($setsqlarr['validity_end']); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長提交店舖權限檢查 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $_G['myshopid'])); } } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長只能更改管理的店舖的信息 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid, 'shopid' => $_G['myshopid'])); } } } $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); } $hash = getmodelhash($modelsinfoarr['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); DB::query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; if ($op == 'update' && !$_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //當file刪除時,或修改時執行刪除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('itemid' => $itemid)); @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']] . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //內容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $modelsinfoarr['modelname'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['message'] = saddslashes(html2bbcode(stripslashes($setsqlarr['message']))); if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['exception'] = trim($_POST['exception']); } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { $setsqlarr['address'] = trim($_POST['address']); $setsqlarr['hotline'] = trim($_POST['hotline']); } $setsqlarr['postip'] = $_G['clientip']; if ($modelsinfoarr['modelname'] == 'shop' && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['banner'] = $_POST['banner_value']; $setsqlarr['windowsimg'] = $_POST['windowsimg_value']; } if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加內容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加內容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] && !pkperm('isadmin')) { $_SGLOBAL['updatesqlarr'] = array_merge($updatesqlarr, $setsqlarr); } else { //更新內容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); return $itemid; }
/** * 模型在线投稿提交处理函数 */ function modelpost($cacheinfo, $cp = 1) { global $_SGLOBAL, $theurl, $_SCONFIG; include_once S_ROOT . './function/upload.func.php'; $_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $resultitems = $resultmessage = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; //获取等级信息 if ($cacheinfo['models']['modelname'] == 'defect') { switch ($_POST['grade']) { case 1: $_POST['grade'] = '64'; break; case 2: $_POST['grade'] = '32'; break; case 3: $_POST['grade'] = '16'; break; case 4: $_POST['grade'] = '9'; break; case 5: $_POST['grade'] = '4'; break; case 6: $_POST['grade'] = '1'; break; case 7: $_POST['grade'] = '-1'; break; case 8: $_POST['grade'] = '-2'; break; case 9: $_POST['grade'] = '-3'; break; } $gradearr = array('0' => $alang['general_state'], '64' => $alang['check_grade_1'], '32' => $alang['check_grade_2'], '16' => $alang['check_grade_3_1'], '9' => $alang['check_grade_3_2'], '4' => $alang['check_grade_3_3'], '1' => $alang['check_grade_4'], '-1' => $alang['check_grade_5'], '-2' => $alang['check_grade_6'], '-3' => $alang['check_grade_7']); if (!empty($_SCONFIG['checkgrade'])) { $newgradearr = explode("\t", $_SCONFIG['checkgrade']); $gradearr['64'] = $newgradearr[0]; $gradearr['32'] = $newgradearr[1]; $gradearr['16'] = $newgradearr[2]; $gradearr['9'] = $newgradearr[3]; $gradearr['4'] = $newgradearr[4]; $gradearr['1'] = $newgradearr[5]; $gradearr['-1'] = $newgradearr[6]; $gradearr['-2'] = $newgradearr[7]; $gradearr['-3'] = $newgradearr[8]; } } else { $gradearr = array('0' => $alang['general_state'], '1' => $alang['check_grade_1'], '2' => $alang['check_grade_2'], '3' => $alang['check_grade_3'], '4' => $alang['check_grade_4'], '5' => $alang['check_grade_5'], '6' => $alang['check_grade_6'], '7' => $alang['check_grade_7']); if (!empty($_SCONFIG['checkgrade'])) { $newgradearr = explode("\t", $_SCONFIG['checkgrade']); for ($i = 0; $i < count($newgradearr); $i++) { if (!empty($newgradearr[$i])) { $gradearr[$i + 1] = $newgradearr[$i]; } } } } if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) { showmessage('parameter_error'); } $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_SGLOBAL['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //更新用户最新更新时间 if (empty($itemid) && $_SGLOBAL['supe_uid']) { updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid'])); } //输入检查 $_POST['catid'] = intval($_POST['catid']); $_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0; $_POST['subject'] = shtmlspecialchars(trim($_POST['subject'])); //检查输入 if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) { showmessage('space_suject_length_error'); } if (empty($_POST['catid'])) { showmessage('admin_func_catid_error'); } if (!empty($_FILES['subjectimage']['name'])) { $fileext = fileext($_FILES['subjectimage']['name']); if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) { showmessage('document_types_can_only_upload_pictures'); } } //数据检查 checkvalues(array_merge($resultitems, $resultmessage), 0, 1); //修改时检验标题图片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //当file删除时,或修改时执行删除操作 $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); $hash = getmodelhash($_GET['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //构建数据 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $setsqlarr['catid'] = $_POST['catid']; $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = $_POST['allowreply']; $setsqlarr['grade'] = intval($_POST['grade']); //modify by jyf,没权限的用户不能改审核等级 if ($setsqlarr['grade'] > 0) { if (!checkperm('manageeditpost')) { showmessage('no_permission'); } } //end $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; $setsqlarr['uid'] = $_SGLOBAL['supe_uid']; $setsqlarr['username'] = $_SGLOBAL['supe_username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; $modelsinfoarr['subjectimagewidth'] = 400; $modelsinfoarr['subjectimageheight'] = 300; if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //词语过滤 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //发布时间 if (empty($_POST['dateline'])) { $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } else { $setsqlarr['dateline'] = sstrtotime($_POST['dateline']); if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) { //不能早于2年 $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } } //附件处理-by jyf if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) { $setsqlarr['attaches'] = implode(',', $_POST['divupload']); } //创新园地新增两个字段-------89184 if ($cacheinfo['models']['modelname'] == 'creative') { if (empty($_POST['creative_value'])) { showmessage('请输入创新价值说明'); } if (empty($_POST['creative_days'])) { showmessage('本创新所耗的工作量'); } $setsqlarr['value'] = $_POST['creative_value']; $setsqlarr['days'] = $_POST['creative_days']; } if (!checkperm('allowdirectpost') || checkperm('managemodpost')) { //不需要审核时入item表 if (empty($itemid)) { //插入数据 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); //取消邮件通知 --89184 $email = get_cate_mail($_POST['catid']); $url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); if ($_POST['modelname'] == 'creative') { if ($_POST['creative_type'] == '流程建议') { $email = $email . ',' . get_cate_process_mail($setsqlarr['catid']); } } $emails = explode(',', $email); if (count($emails) > 0) { include S_ROOT . './function/sendmail.fun.php'; $url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); if ($cacheinfo['models']['modelname'] == 'creative') { $msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的创新:<br />' . $url1; sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的创新《' . $_POST['subject'] . "》", $msg1); } else { if ($cacheinfo['models']['modelname'] == 'defect') { $msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例:<br />' . $url1; sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例《' . $_POST['subject'] . "》", $msg1); } } } } else { //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); if ($setsqlarr['grade'] > 0) { $setsqlarr['shenhezhe'] = $_SGLOBAL['supe_username']; if ($_POST['modelname'] == 'creative') { if ($_POST['creative_type'] == '主管月度创新') { if (!check_cate_director($setsqlarr['catid'])) { showmessage('no_permission'); } } } } updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); //邮件通知--等级审核 if ($setsqlarr['grade'] > 0) { $sqlstr = 'SELECT u.*, s.* FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' s LEFT JOIN ' . tname('members') . ' u ON u.uid=s.uid WHERE s.itemid=\'' . $itemid . '\''; $query = $_SGLOBAL['db']->query($sqlstr); $value = $_SGLOBAL['db']->fetch_array($query); $email = $value['email']; if (!empty($email)) { include S_ROOT . './function/sendmail.fun.php'; $url = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); $emails = explode(',', $email); if ($_POST['modelname'] == 'creative') { $msg = '你的创新已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url; } else { $msg = '你的缺陷预防案例已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url; } sendmail($emails, $setsqlarr['subject'], $msg); } } } if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) { $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=1, type=\'' . $modelsinfoarr['modelname'] . '\', itemid=' . $itemid . ', catid=\'' . $_POST['catid'] . '\' WHERE hash=\'' . $_POST['hash'] . '\''); } $hash = getmodelhash($_POST['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; } else { if (!empty($uploadfilearr['subjectimage']['aid'])) { $subjectimageid = $uploadfilearr['subjectimage']['aid']; } $setitemsqlarr = $setsqlarr; $do = 'me'; } if ($op == 'update') { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //当file删除时,或修改时执行删除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid'])); $ext = fileext($defaultmessage[$value['fieldname']]); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //内容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['postip'] = $_SGLOBAL['onlineip']; if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加内容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') { //不需要审核时入message表 if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加内容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); getreward('postinfo'); if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) { $feed['icon'] = 'comment'; $feed['title_template'] = 'feed_model_title'; $murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); $aurl = A_URL; if (empty($_SCONFIG['siteurl'])) { $siteurl = getsiteurl(); $murl = $siteurl . $murl; $aurl = $siteurl . $aurl; } else { $siteurl = S_URL_ALL; } $feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>'); $feed['body_template'] = 'feed_model_message'; $feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150)); if (!empty($feedsubjectimg)) { $feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl); } else { foreach ($feedcolum as $feedimgvalue) { if ($feedimgvalue['filepath']) { $feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl); break; } } if (empty($feed['images'])) { $picurl = getmessagepic(stripslashes($_POST['message'])); if ($picurl && strpos($picurl, '://') === false) { $picurl = $siteurl . '/' . $picurl; } if (!empty($picurl)) { $feed['images'][] = array('url' => $picurl, 'link' => $murl); } } } postfeed($feed); } } else { //更新内容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); if (checkperm('allowdirectpost') && $op == 'update') { deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1); } if (checkperm('allowdirectpost') && $op == 'update') { $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } else { $jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('online_contributions_success', $jpurl); } } else { $setsqlarr = array_merge($setitemsqlarr, $setsqlarr); $setsqlarr['addfeed'] = $_POST['addfeed']; $setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1); if (!empty($_POST['itemid'])) { $itemid = intval($_POST['itemid']); updatetable('modelfolders', $setsqlarr, array('itemid' => $itemid)); } else { $itemid = inserttable('modelfolders', $setsqlarr, 1); } if (!empty($subjectimageid)) { $ids[] = $subjectimageid; } if (!empty($ids)) { $ids = simplode($ids); $hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } }
/** * 模型在线投稿提交处理函数 */ function modelpost($cacheinfo, $cp = 1) { global $_SGLOBAL, $theurl, $_SCONFIG; include_once S_ROOT . './function/upload.func.php'; $_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $resultitems = $resultmessage = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) { showmessage('parameter_error'); } $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_SGLOBAL['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //更新用户最新更新时间 if (empty($itemid) && $_SGLOBAL['supe_uid']) { updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid'])); } //输入检查 $_POST['catid'] = intval($_POST['catid']); $_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0; $_POST['subject'] = shtmlspecialchars(trim($_POST['subject'])); //检查输入 if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) { showmessage('space_suject_length_error'); } if (empty($_POST['catid'])) { showmessage('admin_func_catid_error'); } if (!empty($_FILES['subjectimage']['name'])) { $fileext = fileext($_FILES['subjectimage']['name']); if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) { showmessage('document_types_can_only_upload_pictures'); } } //数据检查 checkvalues(array_merge($resultitems, $resultmessage), 0, 1); //修改时检验标题图片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //当file删除时,或修改时执行删除操作 $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); $hash = getmodelhash($_GET['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //构建数据 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $setsqlarr['catid'] = $_POST['catid']; $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = $_POST['allowreply']; if (checkperm('managefolder') || checkperm('managemodpost')) { $setsqlarr['grade'] = intval($_POST['grade']); } else { $setsqlarr['grade'] = 0; } $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; $setsqlarr['uid'] = $_SGLOBAL['supe_uid']; $setsqlarr['username'] = $_SGLOBAL['supe_username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; $modelsinfoarr['subjectimagewidth'] = 400; $modelsinfoarr['subjectimageheight'] = 300; if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //词语过滤 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //发布时间 if (empty($_POST['dateline'])) { $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } else { $setsqlarr['dateline'] = sstrtotime($_POST['dateline']); if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) { //不能早于2年 $setsqlarr['dateline'] = $_SGLOBAL['timestamp']; } } if (!checkperm('allowdirectpost') || checkperm('managemodpost')) { //不需要审核时入item表 if (empty($itemid)) { //插入数据 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); } else { //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\''); $defaultmessage = $_SGLOBAL['db']->fetch_array($query); } $hash = getmodelhash($_POST['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; } else { if (!empty($uploadfilearr['subjectimage']['aid'])) { $subjectimageid = $uploadfilearr['subjectimage']['aid']; } $setitemsqlarr = $setsqlarr; $do = 'me'; } if ($op == 'update') { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //当file删除时,或修改时执行删除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //删除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid'])); $ext = fileext($defaultmessage[$value['fieldname']]); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //内容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['postip'] = $_SGLOBAL['onlineip']; if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加内容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') { //不需要审核时入message表 if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加内容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) { $feed['icon'] = 'comment'; $feed['title_template'] = 'feed_model_title'; $murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid); $aurl = A_URL; if (empty($_SCONFIG['siteurl'])) { $siteurl = getsiteurl(); $murl = $siteurl . $murl; $aurl = $siteurl . $aurl; } else { $siteurl = S_URL_ALL; } $feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>'); $feed['body_template'] = 'feed_model_message'; $feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150)); if (!empty($feedsubjectimg)) { $feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl); } else { foreach ($feedcolum as $feedimgvalue) { if ($feedimgvalue['filepath']) { $feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl); break; } } if (empty($feed['images'])) { $picurl = getmessagepic(stripslashes($_POST['message'])); if ($picurl && strpos($picurl, '://') === false) { $picurl = $siteurl . '/' . $picurl; } if (!empty($picurl)) { $feed['images'][] = array('url' => $picurl, 'link' => $murl); } } } postfeed($feed); } } else { //更新内容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); if (checkperm('allowdirectpost') && $op == 'update') { deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1); } if (checkperm('allowdirectpost') && $op == 'update') { $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } else { $jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('online_contributions_success', $jpurl); } } else { $setsqlarr = array_merge($setitemsqlarr, $setsqlarr); $setsqlarr['addfeed'] = $_POST['addfeed']; $setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1); $itemid = inserttable('modelfolders', $setsqlarr, 1); if (!empty($subjectimageid)) { $ids[] = $subjectimageid; } if (!empty($ids)) { $ids = simplode($ids); $hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT); $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}"; showmessage('writing_success_online_please_wait_for_audit', $jpurl); } }
$status = intval($_POST['show'][$nameid]); if ($_POST['default'] == $nameid) { $status = 2; } if ($channeltype == 'user') { if (!empty($_POST['delete'][$nameid])) { //删除频道文件 @unlink(S_ROOT . './channel/channel_' . $nameid . '.php'); @unlink(S_ROOT . './templates/' . $_SCONFIG['template'] . '/channel_' . $nameid . '.html.php'); deletetable('channels', array('nameid' => $nameid)); deletetable('spaceitems', array('type' => $nameid)); deletetable('spacecomments', array('type' => $nameid)); deletetable('postitems', array('type' => $nameid)); deletetable('customfields', array('type' => $nameid)); deletetable('categories', array('type' => $nameid)); deletetable('attachments', array('type' => $nameid)); } else { $setsqlarr = array('name' => $_POST['name'][$nameid], 'status' => $status, 'path' => $_POST['path'][$nameid], 'displayorder' => $_POST['displayorder'][$nameid]); updatetable('channels', $setsqlarr, array('nameid' => $nameid)); } } else { $setsqlarr = array('name' => $_POST['name'][$nameid], 'url' => $_POST['url'][$nameid], 'status' => $status, 'displayorder' => $_POST['displayorder'][$nameid]); updatetable('channels', $setsqlarr, array('nameid' => $nameid)); } } //更新缓存 updatesettingcache(); updateuserspacemid(); showmessage('channel_update_ok', $theurl); } elseif (submitcheck('valuesubmit')) { $nameid = trim(strtolower($_POST['nameid']));
function moveitemfolder($itemarr, $from = 0, $to = 1, $colname = 'itemid') { global $_SGLOBAL; include_once S_ROOT . './function/tag.func.php'; $itemstr = is_array($itemarr) ? simplode($itemarr) : trim($itemarr); if (empty($from)) { $item = array(); $itemmsg = $uidarr = array(); $query = $_SGLOBAL['db']->query('SELECT i.*, ii.* FROM ' . tname('spaceitems') . ' ii LEFT JOIN ' . tname('spacenews') . ' i ON i.itemid=ii.itemid WHERE ii.' . $colname . ' IN(' . $itemstr . ')'); $oldid = ''; while ($value = $_SGLOBAL['db']->fetch_array($query)) { if ($value['itemid'] != $oldid) { $item['oitemid'] = intval($value['itemid']); $item['catid'] = intval($value['catid']); $item['uid'] = intval($value['uid']); $item['username'] = $value['username']; $item['subject'] = $value['subject']; $item['type'] = $value['type']; $item['dateline'] = $value['dateline']; $item['lastpost'] = $value['lastpost']; $item['hash'] = $value['hash']; $item['haveattach'] = $value['haveattach']; $item['picid'] = $value['picid']; $item['fromtype'] = $value['fromtype']; $item['fromid'] = $value['fromid']; $item['folder'] = $to; $itemmsg['itemid'] = inserttable('postitems', saddslashes($item), 1); $uidarr[$item['uid']] = $item['uid']; } $itemmsg['onid'] = intval($value['onid']); $itemmsg['message'] = $value['message']; $itemmsg['relativetags'] = $value['relativetags']; $itemmsg['postip'] = $value['postip']; $itemmsg['relativeitemids'] = $value['relativeitemids']; $itemmsg['customfieldid'] = $value['customfieldid']; $itemmsg['customfieldtext'] = $value['customfieldtext']; $itemmsg['includetags'] = $value['includetags']; $itemmsg['newsauthor'] = $value['newsauthor']; $itemmsg['newsfrom'] = $value['newsfrom']; $itemmsg['newsfromurl'] = $value['newsfromurl']; $itemmsg['newsurl'] = $value['newsurl']; $itemmsg['pageorder'] = intval($value['pageorder']); updatespacetagspass($item['oitemid'], '0'); inserttable('postmessages', saddslashes($itemmsg)); deletetable('spaceitems', array('itemid' => $value['itemid'])); deletetable('spacenews', array('itemid' => $value['itemid'])); } updatecredit('delinfo', $uidarr); } elseif ($to == 0) { $item = array(); $itemmsg = array(); $query = $_SGLOBAL['db']->query('SELECT ii.*, i.* FROM ' . tname('postitems') . ' ii LEFT JOIN ' . tname('postmessages') . ' i ON i.itemid=ii.itemid WHERE ii.' . $colname . ' IN(' . $itemstr . ')'); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $item['itemid'] = empty($value['oitemid']) ? '' : intval($value['oitemid']); $item['subject'] = $value['subject']; $item['username'] = $value['username']; $item['uid'] = $value['uid']; $item['catid'] = $value['catid']; $item['dateline'] = $value['dateline']; $item['lastpost'] = $value['dateline']; $item['type'] = $value['type']; $item['picid'] = $value['picid']; $item['haveattach'] = $value['haveattach']; $item['allowreply'] = $value['allowreply']; $item['hash'] = $value['hash']; $item['fromtype'] = $value['fromtype']; $item['fromid'] = $value['fromid']; $item_query = $_SGLOBAL['db']->query('SELECT itemid FROM ' . tname('spaceitems') . ' WHERE itemid = \'' . $item['itemid'] . '\''); $item_space = $_SGLOBAL['db']->fetch_array($item_query); $itemmsg['itemid'] = $item_space ? $item['itemid'] : inserttable('spaceitems', saddslashes($item), 1); if (!empty($value['onid'])) { $itemmsg['nid'] = intval($value['onid']); } $itemmsg['message'] = $value['message']; $itemmsg['relativetags'] = $value['relativetags']; $itemmsg['postip'] = $value['postip']; $itemmsg['relativeitemids'] = $value['relativeitemids']; $itemmsg['customfieldid'] = $value['customfieldid']; $itemmsg['customfieldtext'] = $value['customfieldtext']; $itemmsg['includetags'] = $value['includetags']; $itemmsg['newsauthor'] = $value['newsauthor']; $itemmsg['newsfrom'] = $value['newsfrom']; $itemmsg['newsfromurl'] = $value['newsfromurl']; $itemmsg['newsurl'] = $value['newsurl']; $itemmsg['pageorder'] = $value['pageorder']; inserttable('spacenews', saddslashes($itemmsg)); //Òƶ¯¶Ôtag½øÐиüРempty($value['oitemid']) ? updatespacetagspass($value['itemid'], '1', '1', $itemmsg['itemid']) : updatespacetagspass($value['oitemid'], '1'); deletetable('postitems', array('itemid' => $value['itemid'])); deletetable('postmessages', array('itemid' => $value['itemid'])); getreward('postinfo', 1, $value['uid']); } } else { $query = $_SGLOBAL['db']->query('UPDATE ' . tname('postitems') . ' SET folder=\'' . $to . '\' WHERE ' . $colname . ' IN(' . $itemstr . ')'); } }
$_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0; $resultmodels = array(); $resultmodels = getmodelinfo($_POST['mid']); $_POST['id'] = !empty($_POST['id']) ? intval($_POST['id']) : 0; $resultfield = array(); $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('modelcolumns') . ' WHERE id = \'' . $_POST['id'] . '\''); $resultfield = $_SGLOBAL['db']->fetch_array($query); if (empty($resultfield)) { showmessage('field_not_exists'); } //ɾ³ýÊý¾Ý¿â $sql = 'ALTER TABLE ' . tname($resultmodels['modelname']); $sql .= $resultfield['isfixed'] == 1 ? 'items' : 'message'; $sql .= ' DROP `' . $resultfield['fieldname'] . '` '; $_SGLOBAL['db']->query($sql); deletetable('modelcolumns', array('id' => $resultfield['id'])); updatemodel('mid', $_POST['mid']); showmessage('field_del_suc', CPURL . '?action=models&op=field&mid=' . $resultmodels['mid']); } elseif (submitcheck('delimportsubmit')) { //Ö´ÐÐɾ³ý±¸·Ý $_POST['worddelete'] = !empty($_POST['worddelete']) ? intval($_POST['worddelete']) : 0; if (!empty($_POST['worddelete'])) { if (!empty($_POST['delexport'])) { foreach ($_POST['delexport'] as $tmpvalue) { deltree(S_ROOT . '/data/model/' . $tmpvalue . '/'); } showmessage('delete_success', CPURL . '?action=models&op=import'); } else { showmessage('not_designated_backup_del', CPURL . '?action=models&op=import'); } } else {
if (!strexists($values[0], 'cache')) { $oldtables[] = $values[0]; } } //模型投稿转换 $mid = array_slice($_SGLOBAL['updatemodel']['folder'], 0, 1); if (!empty($mid[0])) { $modelarr = $_SGLOBAL['updatemodel']['model'][$mid[0]]; if (in_array(tname($modelarr['modelname'] . 'folders'), $oldtables)) { $count = $_SGLOBAL['db']->result($_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelarr['modelname'] . 'folders')), 0); if ($count) { $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelarr['modelname'] . 'folders') . ' LIMIT 30'); while ($value = $_SGLOBAL['db']->fetch_array($query)) { $setarr = array('mid' => $modelarr['mid'], 'uid' => $value['uid'], 'subject' => $value['subject'], 'message' => $value['message'], 'dateline' => $value['dateline'], 'folder' => $value['folder']); inserttable('modelfolders', saddslashes($setarr)); deletetable($modelarr['modelname'] . 'folders', array('itemid' => $value['itemid'])); } show_msg('[数据升级] ' . $modelarr['modelalias'] . '模型投稿转换 还剩' . $count . '条数据,进入下一步', 'update.php?step=data&op=model&do=folder'); } } unset($_SGLOBAL['updatemodel']['folder'][$modelarr['mid']]); $text = '$_SGLOBAL[\'updatemodel\']=' . arrayeval($_SGLOBAL['updatemodel']) . ";"; writefile($cachefile, $text, 'php'); show_msg('[数据升级] ' . $modelarr['modelalias'] . '模型投稿转换 还剩' . count($_SGLOBAL['updatemodel']['folder']) . '个模型,进入下一步', 'update.php?step=data&op=model&do=folder'); } else { show_msg('[数据升级] 模型投稿转换 全部结束,进入下一步', 'update.php?step=data&op=model&do=' . $nextdo); } } elseif ($_GET['do'] == 'hot') { $nextdo = 'end'; $query = $_SGLOBAL['db']->query("SHOW TABLES LIKE '{$_SC['tablepre']}%'"); while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($ucarr[0]) || empty($ucarr[1])) { exit; } $uid = intval($ucarr[0]); if (empty($uid)) { exit; } $query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('attachments') . " WHERE aid='{$aid}' AND uid='{$uid}'"); if (!($value = $_SGLOBAL['db']->fetch_array($query))) { exit; } $hash = $value['hash']; if ($action == 'delete') { @unlink(A_DIR . '/' . $value['filepath']); @unlink(A_DIR . '/' . $value['thumbpath']); deletetable('attachments', array('aid' => $aid)); $aid = 0; showresult($blang['successfully_deleted_files'], 'ok'); } else { showresult(''); } } elseif (!empty($_POST)) { //编辑标题 if (!empty($_GET['editaid']) && ($editaid = intval($_GET['editaid']))) { $editsubject = cutstr(trim(shtmlspecialchars($_POST['editsubject'])), 50); updatetable('attachments', array('subject' => $editsubject), array('aid' => $editaid)); print <<<END \t\t<script language="javascript"> \t\tvar div = parent.document.getElementById("div_upload_" + {$editaid}); \t\tvar pf = parent.document.getElementById("phpframe"); \t\tpf.src = "about:blank";
} //х╗оч if (!checkperm('managecustomfields')) { showmessage('no_authority_management_operation'); } $listarr = array(); $thevalue = array(); //[POST] if (submitcheck('listsubmit')) { //LIST UPDATE if (!empty($_POST['displayorder'])) { if (is_array($_POST['displayorder'])) { foreach ($_POST['displayorder'] as $customfieldkey => $customfielddisplayordervalue) { $wheresqlarr = array('customfieldid' => $customfieldkey, 'uid' => $_SGLOBAL['supe_uid']); if (!empty($_POST['delete'][$customfieldkey])) { deletetable('customfields', $wheresqlarr); } else { $setsqlarr = array('displayorder' => intval($_POST['displayorder'][$customfieldkey])); updatetable('customfields', $setsqlarr, $wheresqlarr); } } } } showmessage('customfield_list_update_success', $theurl); } elseif (submitcheck('valuesubmit')) { $_POST['customfieldid'] = intval($_POST['customfieldid']); $_POST['name'] = shtmlspecialchars($_POST['name']); $_POST['customfieldname'] = sstripslashes($_POST['customfieldname']); $_POST['isdefault'] = intval($_POST['isdefault']); if (strlen($_POST['name']) < 1 || strlen($_POST['name']) > 50) { $_POST['name'] = $_SGLOBAL['timestamp'];
$listarr = array(); $thevalue = array(); $protect_channel = array('bbs', 'news', 'uchblog', 'uchimage'); //POST METHOD if (submitcheck('listsubmit')) { foreach ($_POST['nameid'] as $nameid => $channeltype) { $status = intval($_POST['show'][$nameid]); if ($_POST['default'] == $nameid) { $status = 2; } if ($channeltype == 'user') { if (!empty($_POST['delete'][$nameid])) { //删除频道文件 @unlink(S_ROOT . './channel/channel_' . $nameid . '.php'); @unlink(S_ROOT . './templates/' . $_SCONFIG['template'] . '/channel_' . $nameid . '.html.php'); deletetable('channels', array('nameid' => $nameid)); } else { $setsqlarr = array('name' => $_POST['name'][$nameid], 'url' => $_POST['url'][$nameid], 'status' => $status, 'tpl' => $_POST['tpl'][$nameid], 'displayorder' => $_POST['displayorder'][$nameid]); updatetable('channels', $setsqlarr, array('nameid' => $nameid)); } } else { $setsqlarr = array('name' => $_POST['name'][$nameid], 'url' => $_POST['url'][$nameid], 'status' => $status, 'displayorder' => $_POST['displayorder'][$nameid]); updatetable('channels', $setsqlarr, array('nameid' => $nameid)); } } //更新缓存 updateuserspacemid(); updatesettingcache(); showmessage('channel_update_ok', $theurl); } elseif (submitcheck('valuesubmit')) { $nameid = trim(strtolower($_POST['nameid']));
function delmitems($wheresql = '', $type = 'shop') { global $_G, $_SGLOBAL, $itemarr, $mname, $_BCACHE; if (!empty($wheresql)) { $thissql = str_replace(' itemid IN', ' i.itemid IN', $wheresql); $itemidsql = $relatedidsql = ''; if ($mname != 'shop') { $itemidsql = 'itemid'; $relatedidsql = 'relatedid'; } if ($type == 'shop') { $subsql = str_replace(' itemid IN', ' shopid IN', $wheresql); if ($_POST['opdelete']) { //遞歸刪除所有店舖的子元素 delmitems($subsql, 'good'); delmitems($subsql, 'consume'); delmitems($subsql, 'notice'); delmitems($subsql, 'photo'); delmitems($subsql, 'album'); $commquery = DB::query("SELECT cid FROM " . tname("spacecomments") . " WHERE {$wheresql}"); while ($res = DB::fetch($commquery)) { deletecomment($res['cid']); } $shop_related_sql = str_replace(' itemid IN', ' shopid IN', $wheresql); DB::query("DELETE FROM " . tname('relatedinfo') . " WHERE " . $shop_related_sql); } $selectsql = ' i.itemid, i.subject, m.banner, m.windowsimg '; $joinsql = tname('shopitems') . ' i INNER JOIN ' . tname('shopmessage') . ' m ON i.itemid=m.itemid '; } elseif ($type == 'album') { $subsql = str_replace(' itemid IN', ' i.albumid IN', $wheresql); delmitems($subsql, 'photo'); $selectsql = ' i.itemid, i.subjectimage '; $joinsql = tname($type . 'items') . ' i'; // 刪除關聯信息 $related_sql = str_replace(' itemid IN', ' IN', $wheresql); DB::query("DELETE FROM " . tname('relatedinfo') . " WHERE relatedtype = 'album' AND {$relatedid} " . $related_sql); } elseif ($type == 'photo') { $selectsql = ' i.itemid, i.albumid, i.subjectimage '; $joinsql = tname($type . 'items') . ' i'; } else { $selectsql = ' i.itemid, i.subjectimage '; $joinsql = tname($type . 'items') . ' i'; $related_sql = str_replace(' itemid IN', ' IN', $wheresql); if ($type == 'good' || $type == 'groupbuy') { DB::query("DELETE FROM " . tname('relatedinfo') . " WHERE type = '" . $type . "' AND {$itemidsql} " . $related_sql); } DB::query("DELETE FROM " . tname('relatedinfo') . " WHERE relatedtype = '" . $type . "' AND {$relatedid} " . $related_sql); } $thisalbumid = 0; $query = DB::query('SELECT ' . $selectsql . ' FROM ' . $joinsql . ' WHERE ' . $thissql); $filefields = array('subjectimage', 'banner', 'windowsimg'); //刪除圖片 while ($value = DB::fetch($query)) { foreach ($filefields as $v) { if (!empty($value[$v]) && strstr($value[$v], '.jpg')) { @unlink(A_DIR . '/' . $value[$v]); @unlink(A_DIR . '/' . substr($value[$v], 0, -4) . '.thumb.jpg'); } } $thisalbumid = $value['albumid']; } if (in_array($type, array('album', 'photo'))) { $query = DB::query('DELETE i FROM ' . tname($type . 'items') . ' i WHERE ' . $thissql); //刪除相冊和圖片信息,只有item表 if ($type == 'photo' && $thisalbumid > 0) { $picnums = DB::affected_rows($query); $query = DB::query('UPDATE ' . tname('albumitems') . " SET `picnum`=`picnum`-{$picnums} WHERE itemid='{$thisalbumid}'"); //刪除相冊和圖片信息,只有item表 if (!empty($thisalbumid)) { require_once B_ROOT . './api/bbs_syncpost.php'; syncalbum($thisalbumid); } if ($_SGLOBAL['panelinfo']['group']['verifyalbum']) { $thisalbumgrade = DB::result_first('SELECT grade FROM ' . tname('albumitems') . ' WHERE itemid=\'' . $thisalbumid . '\''); if ($thisalbumgrade == 1) { DB::query("UPDATE " . tname('albumitems') . " SET grade = 0 WHERE itemid = '{$thisalbumid}'"); } } } } elseif ($type == 'shop') { foreach ($itemarr as $itemid) { updatemyshopid($itemid); deletetable('shopitems', array('itemid' => $itemid)); deletetable('shopmessage', array('itemid' => $itemid)); } } else { $query = DB::query('DELETE i, m FROM ' . tname($type . 'items') . ' i INNER JOIN ' . tname($type . 'message') . ' m ON i.itemid=m.itemid WHERE ' . $thissql); //刪除信息 } } }