} if ($itemid) { if (empty($_SGLOBAL['supe_uid'])) { showmessage('no_permission'); } if ($do == 'pass') { $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('spaceitems') . ' i LEFT JOIN ' . tname('spacenews') . " n USING (itemid) WHERE i.itemid='{$itemid}'"); } else { $query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('postitems') . ' i LEFT JOIN ' . tname('postmessages') . " m USING (itemid) WHERE i.itemid='{$itemid}'"); } if (!($item = $_SGLOBAL['db']->fetch_array($query))) { showmessage('no_item', 'cp.php?ac=news&op=list'); } $checkedarr = explode(',', $item['othercatid']); $id = $do == 'pass' ? $item['itemid'] : (empty($item['oitemid']) ? $item['itemid'] : $item['oitemid']); $item['tagname'] = gettagname($id, '0'); //TAG $type = $item['type']; } $catarr = getcategory($type); $mpurlstr = str_replace(array(' ', 'AND', '\''), array('', '&', ''), $wheresql); #Modify by chenguoren $thevalue['allowmax'] = 100; $thevalue[allowtype] = ''; $thevalue['noinsert'] = 0; $thevalue['hash'] = smd5($_SGLOBAL['supe_uid'] . '/' . $_SGLOBAL['timestamp'] . random(6)); //setcookie('attachhash', $thevalue['hash']); #End if ($op == 'add') { if (empty($item)) { $mktitlestyle = '';
while ($attach = $_SGLOBAL['db']->fetch_array($query)) { $thevalue['uploadarr'][] = $attach; } if (empty($thevalue['uploadarr'])) { $setsqlarr = array('haveattach' => 0); $wheresqlarr = array('itemid' => $itemid); updatetable('spaceitems', $setsqlarr, $wheresqlarr); } } // } } else { $query = $_SGLOBAL['db']->query('SELECT ii.*, i.* FROM ' . tname('postitems') . ' ii LEFT JOIN ' . tname('postmessages') . ' i ON i.itemid=ii.itemid WHERE ii.itemid=\'' . $itemid . '\''); $thevalue = $_SGLOBAL['db']->fetch_array($query); $page = 1; $spacetag_itemid = empty($thevalue['oitemid']) ? $itemid : $thevalue['oitemid']; $thevalue['tagname'] = gettagname($spacetag_itemid, '0'); //TAG } $type = $thevalue['type']; $checkedarr = explode(',', $thevalue['othercatid']); } elseif ($_GET['op'] == 'add') { if (!(checkperm('managemodpost') || checkperm('manageeditpost'))) { showmessage('spacenews_no_popedom_add'); } //ONE ADD $thevalue = array('itemid' => 0, 'itemtypeid' => 0, 'catid' => $_SGET['catid'], 'type' => $type, 'subject' => '', 'dateline' => $_SGLOBAL['timestamp'], 'digest' => '0', 'top' => '0', 'allowreply' => '1', 'hash' => $hashstr, 'message' => '', 'tagname' => '', 'uploadarr' => array(), 'allowmax' => $allowmax, 'customfieldid' => 0, 'customfieldtext' => '', 'haveattach' => 0, 'replynum' => 0, 'tid' => 0, 'grade' => 0, 'picid' => 0, 'hottagarr' => array(), 'lasttagarr' => array()); $thevalue['newsurl'] = ''; $thevalue['nid'] = 0; $thevalue['newsfromurl'] = ''; $page = 1; $listcount = 1;