function dodefault() { $did = intval($this->post['did']); if ($did) { $marker['title'] = string::substring(strip_tags($this->post['title']), 0, 14); $marker['description'] = string::substring(strip_tags($this->post['description']), 0, 60); $marker['lat'] = floatval($this->post['lat']); $marker['lng'] = floatval($this->post['lng']); $marker['zoom'] = intval($this->post['zoom']); $marker['did'] = $did; $_ENV['googlemap']->edit_marker($did, $marker); $marker['title'] = stripslashes($marker['title']); $marker['description'] = stripslashes($marker['description']); echo json_encode($marker); } }
function get_info($pic) { $pic['time'] = $this->base->date($pic['time']); $picinfo = @getimagesize($pic['attachment']); $pic['rawtitle'] = $pic['title']; $pic['sizeinfo'] = $picinfo[0] . '*' . $picinfo[1] . ' - ' . round($pic['filesize'] / 1024) . 'k - ' . $pic['filetype']; $pic['description'] = empty($pic['description']) ? $pic['title'] : $pic['description']; $pic['subdescription'] = strlen($pic['description']) > 18 ? string::substring($pic['description'], 0, 8) . '...' : $pic['description']; /* if(false===strpos($pic['attachment'],'hdpic')){ $pathinfo=pathinfo($pic['attachment']); $pic['attachment']=$pathinfo['dirname'].'/'.$pathinfo['filename'].'_140'.'.'.$pathinfo['extension']; }*/ $pic_140 = $this->get_140($pic['attachment']); if (is_file($pic_140)) { $pic['attachment'] = $pic_140; } $pic['summary'] = htmlspecialchars($pic['summary']); return $pic; }
function doview() { $id = $this->get[2]; $did = $this->get[3]; if (!is_numeric($id) || !is_numeric($did) || empty($did)) { $this->message($this->view->lang['parameterError'], 'BACK', 0); } $pic = $_ENV['pic']->get_pic_by_id($id); $piclist = $_ENV['pic']->get_pic_by_did($did); $comments = $_ENV['comment']->get_comments($did, $start = 0, $limit = 5); foreach ($comments as $key => $comment) { $comments[$key]['comment'] = string::hstrlen($comment['comment']) > 60 ? string::substring($comment['comment'], 0, 60) . "..." : $comment['comment']; } $countnum = count($piclist); foreach ($piclist as $key => $val) { if ($val['id'] == $id) { $all_key = $key; break; } } if ($countnum <= 12) { $returnlist =& $piclist; $li_key = $all_key; } else { $i = 12 - ($countnum - $all_key); $li_key = $i > 0 ? $i : 0; $returnlist = array_slice($piclist, $all_key - $li_key, 12); } $this->view->assign('did', $did); $this->view->assign('max_num', $countnum); $this->view->assign('all_key', $all_key); $this->view->assign('li_key', $li_key); $this->view->assign('comments', $comments); $this->view->assign('pic', $pic); $this->view->assign("piclist", $returnlist); $this->view->assign('navtitle', $pic['title'] . $this->view->lang['image']); //$this->view->display('viewpic'); $_ENV['block']->view('viewpic'); }
function update_doc_by_time($did, $content) { $summary = addslashes(string::substring(strip_tags($content), 0, 100)); $content = addslashes($content); $time = time(); $tmpdoc = $this->get_doc_title_by_id($did); $author = $this->base->user['username']; $authorid = $this->base->user['uid']; $ip = $this->base->ip; $sql = "INSERT INTO `" . DB_TABLEPRE . "edition` (`cid`,`did`,`author`,`authorid`,`time`,`ip`,`title`,`tag`,`summary`,`content`) VALUES ('{$tmpdoc['cid']}','{$did}','{$author}','{$authorid}','{$time}','{$ip}','{$tmpdoc['title']}','{$tmpdoc['tag']}','{$tmpdoc['summary']}','{$tmpdoc['content']}')"; $this->db->query($sql); $sql = "UPDATE `" . DB_TABLEPRE . "doc` SET summary = '{$summary}', content = '{$content}',lastedit = '{$time}' WHERE did = '{$did}'"; $this->db->query($sql); }
function dodefault() { if (isset($this->post['submit'])) { $ids = isset($this->post['word_id']) ? $this->post['word_id'] : ''; $wordids = $this->post['upword_id']; $find = $this->post['find']; $replacement = $this->post['replacement']; $newfind = string::haddslashes(htmlspecialchars($this->post['newfind'])); $muliword = string::haddslashes(htmlspecialchars($this->post['muliword'])); $newreplacement = string::substring(string::haddslashes(htmlspecialchars($this->post['newreplacement'])), 0, 18); $words = NULL; if (is_array($wordids)) { foreach ($wordids as $id => $wordid) { $find[$id] = string::substring($find[$id], 0, 18); $replacement[$id] = string::substring($replacement[$id], 0, 18); $words[] = array('id' => $wordid, 'find' => $find[$id], 'replacement' => $replacement[$id]); } } if ($ids) { $_ENV['word']->del_words($ids); } if ($words) { $_ENV['word']->edit_words($words, $this->user['username']); } $havebannedwords = array(); $cachewords = $this->cache->getcache('word'); if ($cachewords) { foreach ($cachewords as $cachekey => $cacheword) { $havebannedwords[] = $cachekey; } } $alluploadwords = array(); if ($newfind) { $alluploadwords[] = str_replace(',', ',', $newfind); } if ($muliword) { $textwords = explode(',', str_replace(',', ',', $muliword)); $alluploadwords = array_merge($alluploadwords, $textwords); } if (!empty($_FILES['file_path']['name'])) { $allowexts = array('txt', 'csv'); $ext = substr($_FILES['file_path']['name'], strrpos($_FILES['file_path']['name'], '.') + 1); if (!in_array($ext, $allowexts)) { $this->message($this->view->lang['allowext'], 'index.php?admin_word'); } $alluploadwords = $_ENV['word']->filewords($alluploadwords, $this->setting['attachment_size']); } if ($alluploadwords) { array_walk($alluploadwords, create_function('&$v, $k', '$v = string::substring($v, 0, 18);')); $alluploadwords = array_diff($alluploadwords, $havebannedwords); $alluploadwords = array_unique($alluploadwords); $alluploadwords = array_values($alluploadwords); $_ENV['word']->add_word($alluploadwords, $newreplacement, $this->user['username']); } $this->message($this->view->lang['usermanageOptSuccess'], 'index.php?admin_word'); } else { $page = max(1, intval($this->get[2])); $num = isset($this->setting['list_prepage']) ? $this->setting['list_prepage'] : 20; $start_limit = ($page - 1) * $num; $allnum = $_ENV['word']->get_word_num(); $words = $_ENV['word']->get_word_list($start_limit, $num); $departstr = $this->multi($allnum, $num, $page, 'admin_word-default'); $this->view->assign('departstr', $departstr); $this->view->assign("docsum", $allnum); $this->view->assign('words', $words); $this->view->display('admin_word'); } }
function recent_comment($start = 0, $limit = 10) { $comments = array(); $query = $this->db->query('SELECT u.image,c.* FROM ' . DB_TABLEPRE . 'comment c LEFT JOIN ' . DB_TABLEPRE . 'user u ON c.authorid=u.uid ORDER BY `time` DESC LIMIT ' . "{$start},{$limit}"); while ($comment = $this->db->fetch_array($query)) { $comment['comment'] = $comment['comment']; $comment['image'] = $comment['image'] ? $comment['image'] : 'style/default/user.jpg'; $comment['image'] = $_ENV['global']->uc_api_avatar($comment['image'], $comment['authorid'], 'small'); $comment['tipcomment'] = string::hstrlen($comment['comment']) > 12 ? string::substring($comment['comment'], 0, 12) . "..." : $comment['comment']; $comment['time'] = $this->base->date($comment['time']); $comments[] = $comment; } return $comments; }
function search_attachment($start = 0, $limit = 10, $cid = '', $did = '', $authorid = '', $starttime = '', $endtime = '', $type = '', $isimage = '', $state = 0) { $doclist = array(); $attachlist = array(); $sql = "SELECT m.id,m.did,m.description,m.attachment,m.downloads,m.filesize,m.isimage,m.filename,m.uid,m.time,m.state,m.focus,d.title title,u.username author FROM " . DB_TABLEPRE . "attachment m LEFT JOIN " . DB_TABLEPRE . "doc d ON d.did = m.did LEFT JOIN " . DB_TABLEPRE . "user u ON u.uid=m.uid where 1=1 "; if ($cid) { $query = $this->db->query("SELECT did FROM " . DB_TABLEPRE . "categorylink WHERE cid = {$cid}"); while ($category = $this->db->fetch_array($query)) { $dids[] = $category['did']; } $dids = is_array($dids) ? implode(',', $dids) : ''; if ($dids) { $sql = $sql . " AND m.did IN ({$dids}) "; } else { $sql = $sql . " AND 1!=1 "; } } if ($did) { $sql = $sql . " AND m.did ='{$did}' "; } if ($authorid) { $sql = $sql . " AND m.uid='{$authorid}' "; } if ($type) { $sql = $sql . " AND m.filetype='{$type}' "; } if ($starttime) { $sql = $sql . " AND m.time>={$starttime} "; } if ($endtime) { $sql = $sql . " AND m.time<={$endtime} "; } if ($isimage) { $sql = $sql . " AND m.isimage={$isimage} "; } $sql = $sql . " AND m.state={$state} "; $sql = $sql . " ORDER BY m.time DESC LIMIT {$start},{$limit} "; $query = $this->db->query($sql); while ($attach = $this->db->fetch_array($query)) { $attach['time'] = $this->base->date($attach['time']); $attach['title'] = htmlspecialchars($attach['title']); $attach['filename'] = string::substring($attach['filename'], 0, 28); $attach['filename'] .= strlen($attach['filename']) > 28 ? "......" : ""; $attach['filesize'] = sprintf('%.2f', $attach['filesize'] / 1024) . "k"; $attachlist[] = $attach; } return $attachlist; }
function doadd() { $did = intval(@$this->get[2]); $type = isset($this->post['submit']) ? 0 : 2; $message = $type == 2 ? '0;' : ''; $comment = htmlspecialchars(trim($this->post['comment'])); if (empty($did)) { $this->message($message . $this->view->lang['parameterError'], '', $type); } if (empty($comment)) { $this->message($message . $this->view->lang['commentNullError'], 'BACK', $type); } if ($this->setting['checkcode'] != 3) { $msg = $_ENV['user']->checkcode($this->post['code2'], 1); if ($msg != 'OK') { $this->message($message . $this->view->lang['codeIsWrong'], '', $type); } } $c_class = $this->post['c_class']; $re_id = $this->post['re_id']; $anonymity = $this->post['anonymity']; if (WIKI_CHARSET == 'GBK') { $comment = string::hiconv($comment); } $comment = string::stripscript($_ENV['doc']->replace_danger_word($comment)); $comment = nl2br(htmlspecialchars($comment)); if (empty($comment)) { $this->message(0, '', 2); } elseif (strlen($comment) > 200) { $comment = string::substring($comment, 0, 200); } $reply = $re_id ? $_ENV['comment']->get_re_comment_by_id($re_id) : ''; $id = $_ENV['comment']->add_comment($did, $comment, addslashes($reply), $anonymity); $this->load('noticemail'); $_ENV['noticemail']->comment_add($did, $comment, addslashes($reply), $anonymity); if ($id) { $_ENV['user']->add_credit($this->user['uid'], 'user-comment', $this->setting['credit_comment'], $this->setting['coin_comment']); $_ENV['doc']->update_field('comments', 1, $did, 0); if ($type == 0) { $this->header('comment-view-' . $did); } if ($c_class) { $page = 1; $doc = $this->db->fetch_by_field('doc', 'did', $did); $num = isset($this->setting['list_prepage']) ? $this->setting['list_prepage'] : 20; $start_limit = ($page - 1) * $num; $comments = $_ENV['comment']->get_comments($did, $start_limit, $num); $comments = array_pad($comments, $num, ''); $departstr = $this->multi($doc['comments'], $num, $page, "comment-view-{$did}"); $this->view->assign("type", 2); $this->view->assign("page", $page); $this->view->assign("departstr", $departstr); } else { $comments = $this->db->fetch_by_field('comment', 'id', $id); $comments['author'] = $_ENV['comment']->ip_show($comments['author']); $this->view->assign("type", 3); $this->view->assign("comment", stripslashes($comment)); $this->view->assign('reply', $reply); $this->view->assign('time', $this->date($this->time)); $this->view->assign('id', $id); } $this->view->assign("commentEdit", $this->checkable('comment-edit')); $this->view->assign("comments", $comments); $this->view->display('comment_ajax'); } else { $this->message($message . $this->view->lang['insertBaseWrong'], '', $type); } }
function get_loglist($title = '', $username = '', $startprice = '', $endprice = '', $starttime = '', $endtime = '', $start_limit = 0, $limit = 20) { $loglist = array(); $sql = "SELECT l.id,g.title,g.image,u.uid,u.username,u.truename,u.location,u.postcode,u.telephone,u.qq,u.email,l.extra,l.time,l.status FROM " . DB_TABLEPRE . "gift g," . DB_TABLEPRE . "giftlog l," . DB_TABLEPRE . "user u WHERE g.id=l.gid and u.uid=l.uid "; if ($title) { $sql = $sql . " AND g.title LIKE '%{$title}%' "; } if ($username) { $sql = $sql . " AND u.username LIKE '%{$username}%' "; } if ($startprice) { $sql = $sql . " AND g.credit BETWEEN {$startprice} AND {$endprice} "; } if ($starttime) { $sql = $sql . " AND l.time>={$starttime} "; } if ($endtime) { $sql = $sql . " AND l.time<={$endtime} "; } $sql = $sql . " ORDER BY l.time DESC LIMIT {$start_limit},{$limit} "; $query = $this->db->query($sql); while ($giftlog = $this->db->fetch_array($query)) { $giftlog['time'] = $this->base->date($giftlog['time']); $giftlog['title'] = string::substring($giftlog['title'], 0, 10); $loglist[] = $giftlog; } return $loglist; }
function dorename() { $title = string::hiconv(trim($this->post['newname'])); $title = string::substring(string::stripspecialcharacter($title), 0, 80); if ($title == '') { echo "-1"; } else { if ($this->db->fetch_by_field('doc', 'title', $title)) { echo "-2"; } elseif ($_ENV['doc']->change_name($this->post['did'], $title)) { if (1 == $this->setting['cloud_search']) { // 编辑标题 通知云搜索 $_ENV['search']->cloud_change(array('dids' => $this->post['did'], 'mode' => '2')); } echo "1"; } else { echo "0"; } } $this->cache->removecache('data_' . $GLOBALS['theme'] . '_index'); }
function doimport() { //global $wmdb; if (file_exists($this->configfile) && file_exists($this->sumfile)) { include $this->configfile; include $this->sumfile; } else { $this->message('5|0', '', 2); } $this->wmdb = new hddb(WDB_HOST, WDB_USER, WDB_PW, WDB_NAME, WDB_CHARSET, WDB_CONNECT); //$wmdb = $this->wmdb; //判断做到哪一步了. if (file_exists($this->processfile)) { include $this->processfile; list($type, $i) = explode('|', $process); if ($type >= 5) { $this->message('5|0', '', 2); } } else { list($type, $i) = array(1, 0); } $totalnum = array(1 => $catsum, 2 => $usersum, 3 => $docsum, 4 => $clinksum); $totalnum = $totalnum[$type]; $j = 10; for (; $i < $totalnum; $i += $j) { $msg = $type . '|' . (($n = $i + $j) >= $totalnum ? $totalnum : $n); if ($type == 1 || $type == 2 || $type == 4) { //导入分类和用户。 $hdsql = $_ENV['mwimport']->get_sql($this->wmdb, $type, $i, $j); if (!$hdsql || $this->db->query($hdsql)) { $_ENV['mwimport']->writefile($this->processfile, '<?php $process = "' . $msg . '"; ?>'); } else { $this->message('5|0', '', 2); } } elseif ($type == 3) { include HDWIKI_ROOT . '/plugins/mwimport/text/Mediawiki.php'; $parser = 'Mediawiki'; $text_wiki = new Text_Wiki_Mediawiki(); $sql = "SELECT a.page_id, a.page_title, b.old_text, b.old_flags, b.old_id FROM " . WDB_TABLEPRE . "page a, " . WDB_TABLEPRE . "text b WHERE a.page_namespace = 0 AND a.page_latest = b.old_id limit " . $i . ",{$j}"; $query = $this->wmdb->query($sql); while ($doc = $this->wmdb->fetch_array($query)) { if ($_ENV['doc']->get_doc_by_title($doc['page_title'])) { continue; } $doc['did'] = $doc['page_id']; $doc['title'] = $doc['page_title']; $doc['letter'] = string::getfirstletter($doc['page_title']); $wiki = $text_wiki->singleton($parser); $result = $wiki->transform($source); $doc['old_text'] = $wiki->transform($doc['old_text']); //加入对内容的处理和过滤。 $doc['old_text'] = mysql_real_escape_string($doc['old_text']); $doc['tags'] = ''; $doc['summary'] = trim(string::convercharacter(string::substring(strip_tags($doc['old_text']), 0, 100))); $doc['images'] = util::getimagesnum($doc['old_text']); $doc['time'] = $this->time; $doc['words'] = string::hstrlen($doc['old_text']); $doc['visible'] = '1'; $doc['cid'] = $_ENV['mwimport']->get_cid($this->wmdb, '', $doc['did']); $sql = "SELECT rev_user,rev_user_text FROM " . WDB_TABLEPRE . "revision WHERE rev_page = " . $doc['page_id'] . " ORDER BY rev_id "; $user = $this->wmdb->fetch_first($sql); $this->db->query("REPLACE INTO " . DB_TABLEPRE . "doc\r\n\t\t\t (did,cid,letter,title,tag ,summary ,content,author,authorid,time,lastedit,lasteditor,lasteditorid,visible,editions)\r\n\t\t\t VALUES (" . $doc['did'] . "," . $doc['cid'] . ",'" . $doc['letter'] . "','" . $doc['title'] . "','" . $doc['tags'] . "','" . $doc['summary'] . "','" . $doc['old_text'] . "',\r\n\t\t\t '" . $user['rev_user_text'] . "','" . $user['rev_user'] . "',\r\n\t\t\t " . $doc['time'] . "," . $doc['time'] . ",'" . $user['rev_user_text'] . "','" . $user['rev_user'] . "','" . $doc['visible'] . "',1)"); } $_ENV['mwimport']->writefile($this->processfile, '<?php $process = "' . $msg . '"; ?>'); } $this->message($msg, '', 2); } $msg = $type + 1 . '|0'; $_ENV['mwimport']->writefile($this->processfile, '<?php $process = "' . $msg . '"; ?>'); $this->message($msg, '', 2); }
function cooperatedocs($num = 0) { $coopdoc = array(); $cooperatedocs = explode(';', $this->base->setting['cooperatedoc']); if ($num == 0) { $counts = count($cooperatedocs); } else { $counts = $num; } for ($i = 0; $i < $counts; $i++) { if ($cooperatedocs[$i] == '') { unset($cooperatedocs[$i]); } else { $coopdoc[$i]['shorttitle'] = string::hstrlen($cooperatedocs[$i]) > 10 ? string::substring($cooperatedocs[$i], 0, 5) . "..." : $cooperatedocs[$i]; $coopdoc[$i]['title'] = $cooperatedocs[$i]; } } return $coopdoc; }
function docooperate() { $coopdoc = array(); $cooperatedocs = explode(';', $this->setting['cooperatedoc']); $counts = count($cooperatedocs); for ($i = 0; $i < $counts; $i++) { if ($cooperatedocs[$i] == '') { unset($cooperatedocs[$i]); } else { $coopdoc[$i]['shorttitle'] = string::hstrlen($cooperatedocs[$i]) > 4 ? string::substring($cooperatedocs[$i], 0, 4) . "..." : $cooperatedocs[$i]; $coopdoc[$i]['title'] = $cooperatedocs[$i]; } } $this->view->assign('coopdoc', $coopdoc); //$this->view->display('cooperate'); $_ENV['block']->view('cooperate'); }
function editsql($datacall) { if (empty($datacall)) { return false; } else { $datacall['desc'] = !trim($datacall['desc']) ? $this->base->view->lang['sqlcall'] : trim($datacall['desc']); $datacall['desc'] = string::substring($datacall['desc'], 0, 80); $datacall['param']['tplcode'] = !trim($datacall['param']['tplcode']) ? '' : trim($datacall['param']['tplcode']); $datacall['param']['empty_tplcode'] = !trim($datacall['param']['empty_tplcode']) ? '' : trim($datacall['param']['empty_tplcode']); $param_str = string::haddslashes(serialize(string::hstripslashes($datacall['param'])), 1); $classname = 'sql'; $function = 'sql'; $type = 'sql'; if (isset($datacall['editflag'])) { $sql = "UPDATE `" . DB_TABLEPRE . "datacall` SET "; $sql .= "`name`='" . $datacall['name'] . "',`category`='" . $datacall['category'] . "', `classname`='" . $classname . "', `function`='" . $function . "', `desc`='" . $datacall['desc'] . "', `param`='" . $param_str . "', `cachetime`='" . $datacall['cachetime'] . "'"; $sql .= " WHERE `id`='" . $datacall['id'] . "'"; } else { $sql = 'INSERT INTO ' . DB_TABLEPRE . 'datacall (`name`,`type`, `category`, `classname`, `function`, `desc`, `param`, `cachetime`) '; $sql .= " SELECT '" . $datacall['name'] . "','" . $type . "','" . $datacall['category'] . "','" . $classname . "','" . $function . "', "; $sql .= "'" . $datacall['desc'] . "', '" . $param_str . "', '" . $datacall['cachetime'] . "'"; $sql .= " FROM dual WHERE not exists (SELECT * FROM " . DB_TABLEPRE . "datacall WHERE name= '" . $datacall['name'] . "' )"; } return $this->db->query($sql); } }