function doedit()
{
$fname = string::hstripslashes(str_replace('*', '.', $this->get[2]));
$dir = str_replace('*', '.', $this->get[3]);
if ($this->post['fname'] != "") {
$fname = $this->post['fname'];
}
if ($this->post['dir'] != "") {
$dir = $this->post['dir'];
}
if (!is_writeable($fname)) {
$this->message($this->view->lang['file'] . ' ' . $fname . ' ' . $this->view->lang['cannot_write_edit_online']);
}
if ($this->post['dosubmit']) {
$content = $this->post['content'];
if ($content) {
$content = str_replace(array('\\n', '\\r'), array(chr(10), chr(13)), $content);
}
file_put_contents($fname, stripslashes($content));
$this->message($this->view->lang['operation_success'], "index.php?admin_filemanager-default-" . urlencode($dir));
} else {
$content = file_get_contents($fname);
$filemtime = date("Y-m-d H:i:s", filemtime($fname));
$this->view->assign("fname", $fname);
$this->view->assign("dir", $dir);
$this->view->assign("content", $content);
$this->view->display('admin_fileedit');
}
}
function dosavetemp()
{
//将参数写入临时文件,等待模板“保存修改”时调用参数,存入到数据库。
$iseidt = isset($this->post['bid']);
//编辑时
$bid = $iseidt ? $this->post['bid'] : uniqid('hd');
file_exists($this->tempfile) && (include $this->tempfile);
if (strtoupper(WIKI_CHARSET) == 'GBK' && isset($this->post['params'])) {
//ajax在gbk下传过来的值是utf8的,所以gbk下需要转码。
//array_walk($this->post['params'],string::hiconv());
foreach ($this->post['params'] as $key => $val) {
$this->post['params'][$key] = string::hiconv($val);
}
}
$this->post = string::hstripslashes($this->post);
if ($this->post['tplcontent']) {
$tplc = $this->post['tplcontent'];
unset($this->post['tplcontent']);
}
if ($iseidt) {
if (is_numeric($bid)) {
//如果是数字,则有可能是第一次编辑,临时表中,并没有他的数据。那么交给get_setting去处理。
$data = $_ENV['theme']->get_setting($bid);
$temp[$bid]['block'] = $data['block'];
$temp[$bid]['fun'] = $data['fun'];
}
$temp[$bid]['params'] = $this->post['params'];
$cls = $temp[$bid]['block'];
$fun = $temp[$bid]['fun'];
} else {
$cls = $this->post['block'];
$fun = $this->post['fun'];
$temp[$bid] = $this->post;
}
$contents = '<?php $temp=';
$contents .= var_export($temp, true) . ' ?>';
file::writetofile($this->tempfile, $contents);
$this->view->setlang($this->setting['lang_name'], 'front');
//得到数据
$blockfile = $_ENV['global']->block_file($GLOBALS['theme'], "/{$cls}/{$cls}.php");
if (is_file($blockfile)) {
include_once $blockfile;
$obj = new $cls($this);
if (method_exists($obj, $fun)) {
$blockdata = $obj->{$fun}($this->post['params']);
} else {
$blockdata = array();
}
}
//将数据赋值给模板。显示替换上数据的html代码。
$this->view->assign('bid', $bid);
$this->view->assign('data', $blockdata);
//2010-11-8模板代码编辑将文件内容写入临时文件,目的是给下面的预览时模板调用使用。
$tplfile = HDWIKI_ROOT . "/data/tmp/" . $GLOBALS['theme'] . ".{$cls}.{$fun}.htm";
isset($tplc) && file::writetofile($tplfile, $tplc);
if (file_exists($tplfile)) {
$tplfile = "file://data/tmp/" . $GLOBALS['theme'] . ".{$cls}.{$fun}";
} else {
if (!file_exists(HDWIKI_ROOT . '/block/' . $GLOBALS['theme'] . "/{$cls}/{$fun}.htm")) {
$tplfile = "file://block/default/{$cls}/{$fun}";
} else {
$tplfile = 'file://block/' . $GLOBALS['theme'] . "/{$cls}/{$fun}";
}
}
$this->view->display($tplfile);
}
function donoticemail()
{
if (!isset($this->post['submit'])) {
if (isset($this->setting['noticemail']) && isset($this->setting['noticemailtpl'])) {
$config = unserialize($this->setting['noticemail']);
$this->view->assign('doc_create', explode(',', $config['doc-create']));
$this->view->assign('doc_edit', explode(',', $config['doc-edit']));
$this->view->assign('comment_add', explode(',', $config['comment_add']));
$configtpl = unserialize($this->setting['noticemailtpl']);
$this->view->assign('noticemailtpl', $configtpl);
} else {
$this->view->assign('doc_create', array());
$this->view->assign('doc_edit', array());
}
$this->load('usergroup');
$groups = $_ENV['usergroup']->get_all_list(-1, 'type asc');
$this->view->assign('groups', $groups);
$this->view->display("admin_noticemail");
} else {
$config['noticemail'] = serialize(array('doc-create' => empty($this->post['doc-create']) ? '' : implode(',', $this->post['doc-create']), 'doc-edit' => empty($this->post['doc-edit']) ? '' : implode(',', $this->post['doc-edit']), 'comment_add' => empty($this->post['comment_add']) ? '' : implode(',', $this->post['comment_add'])));
$this->post['noticemailtpl'] = string::hstripslashes($this->post['noticemailtpl']);
// foreach($this->post['noticemailtpl'] as $key => $val) { //由于已经在base里执行了 addslashes,此处必须先去掉slashes
// $this->post['noticemailtpl'][$key] = stripslashes($val);
// }
$config['noticemailtpl'] = addslashes(serialize($this->post['noticemailtpl']));
$_ENV['setting']->update_setting($config);
$this->cache->removecache('setting');
$this->message($this->view->lang['commonSuccess'], 'BACK');
}
}
function editsql($datacall)
{
if (empty($datacall)) {
return false;
} else {
$datacall['desc'] = !trim($datacall['desc']) ? $this->base->view->lang['sqlcall'] : trim($datacall['desc']);
$datacall['desc'] = string::substring($datacall['desc'], 0, 80);
$datacall['param']['tplcode'] = !trim($datacall['param']['tplcode']) ? '' : trim($datacall['param']['tplcode']);
$datacall['param']['empty_tplcode'] = !trim($datacall['param']['empty_tplcode']) ? '' : trim($datacall['param']['empty_tplcode']);
$param_str = string::haddslashes(serialize(string::hstripslashes($datacall['param'])), 1);
$classname = 'sql';
$function = 'sql';
$type = 'sql';
if (isset($datacall['editflag'])) {
$sql = "UPDATE `" . DB_TABLEPRE . "datacall` SET ";
$sql .= "`name`='" . $datacall['name'] . "',`category`='" . $datacall['category'] . "', `classname`='" . $classname . "', `function`='" . $function . "', `desc`='" . $datacall['desc'] . "', `param`='" . $param_str . "', `cachetime`='" . $datacall['cachetime'] . "'";
$sql .= " WHERE `id`='" . $datacall['id'] . "'";
} else {
$sql = 'INSERT INTO ' . DB_TABLEPRE . 'datacall (`name`,`type`, `category`, `classname`, `function`, `desc`, `param`, `cachetime`) ';
$sql .= " SELECT '" . $datacall['name'] . "','" . $type . "','" . $datacall['category'] . "','" . $classname . "','" . $function . "', ";
$sql .= "'" . $datacall['desc'] . "', '" . $param_str . "', '" . $datacall['cachetime'] . "'";
$sql .= " FROM dual WHERE not exists (SELECT * FROM " . DB_TABLEPRE . "datacall WHERE name= '" . $datacall['name'] . "' )";
}
return $this->db->query($sql);
}
}
