function dodefault()
{
$did = intval($this->post['did']);
if ($did) {
$marker['title'] = string::substring(strip_tags($this->post['title']), 0, 14);
$marker['description'] = string::substring(strip_tags($this->post['description']), 0, 60);
$marker['lat'] = floatval($this->post['lat']);
$marker['lng'] = floatval($this->post['lng']);
$marker['zoom'] = intval($this->post['zoom']);
$marker['did'] = $did;
$_ENV['googlemap']->edit_marker($did, $marker);
$marker['title'] = stripslashes($marker['title']);
$marker['description'] = stripslashes($marker['description']);
echo json_encode($marker);
}
}
function get_info($pic)
{
$pic['time'] = $this->base->date($pic['time']);
$picinfo = @getimagesize($pic['attachment']);
$pic['rawtitle'] = $pic['title'];
$pic['sizeinfo'] = $picinfo[0] . '*' . $picinfo[1] . ' - ' . round($pic['filesize'] / 1024) . 'k - ' . $pic['filetype'];
$pic['description'] = empty($pic['description']) ? $pic['title'] : $pic['description'];
$pic['subdescription'] = strlen($pic['description']) > 18 ? string::substring($pic['description'], 0, 8) . '...' : $pic['description'];
/*
if(false===strpos($pic['attachment'],'hdpic')){
$pathinfo=pathinfo($pic['attachment']);
$pic['attachment']=$pathinfo['dirname'].'/'.$pathinfo['filename'].'_140'.'.'.$pathinfo['extension'];
}*/
$pic_140 = $this->get_140($pic['attachment']);
if (is_file($pic_140)) {
$pic['attachment'] = $pic_140;
}
$pic['summary'] = htmlspecialchars($pic['summary']);
return $pic;
}
function doview()
{
$id = $this->get[2];
$did = $this->get[3];
if (!is_numeric($id) || !is_numeric($did) || empty($did)) {
$this->message($this->view->lang['parameterError'], 'BACK', 0);
}
$pic = $_ENV['pic']->get_pic_by_id($id);
$piclist = $_ENV['pic']->get_pic_by_did($did);
$comments = $_ENV['comment']->get_comments($did, $start = 0, $limit = 5);
foreach ($comments as $key => $comment) {
$comments[$key]['comment'] = string::hstrlen($comment['comment']) > 60 ? string::substring($comment['comment'], 0, 60) . "..." : $comment['comment'];
}
$countnum = count($piclist);
foreach ($piclist as $key => $val) {
if ($val['id'] == $id) {
$all_key = $key;
break;
}
}
if ($countnum <= 12) {
$returnlist =& $piclist;
$li_key = $all_key;
} else {
$i = 12 - ($countnum - $all_key);
$li_key = $i > 0 ? $i : 0;
$returnlist = array_slice($piclist, $all_key - $li_key, 12);
}
$this->view->assign('did', $did);
$this->view->assign('max_num', $countnum);
$this->view->assign('all_key', $all_key);
$this->view->assign('li_key', $li_key);
$this->view->assign('comments', $comments);
$this->view->assign('pic', $pic);
$this->view->assign("piclist", $returnlist);
$this->view->assign('navtitle', $pic['title'] . $this->view->lang['image']);
//$this->view->display('viewpic');
$_ENV['block']->view('viewpic');
}
function update_doc_by_time($did, $content)
{
$summary = addslashes(string::substring(strip_tags($content), 0, 100));
$content = addslashes($content);
$time = time();
$tmpdoc = $this->get_doc_title_by_id($did);
$author = $this->base->user['username'];
$authorid = $this->base->user['uid'];
$ip = $this->base->ip;
$sql = "INSERT INTO `" . DB_TABLEPRE . "edition` (`cid`,`did`,`author`,`authorid`,`time`,`ip`,`title`,`tag`,`summary`,`content`) VALUES ('{$tmpdoc['cid']}','{$did}','{$author}','{$authorid}','{$time}','{$ip}','{$tmpdoc['title']}','{$tmpdoc['tag']}','{$tmpdoc['summary']}','{$tmpdoc['content']}')";
$this->db->query($sql);
$sql = "UPDATE `" . DB_TABLEPRE . "doc` SET summary = '{$summary}', content = '{$content}',lastedit = '{$time}' WHERE did = '{$did}'";
$this->db->query($sql);
}
function dodefault()
{
if (isset($this->post['submit'])) {
$ids = isset($this->post['word_id']) ? $this->post['word_id'] : '';
$wordids = $this->post['upword_id'];
$find = $this->post['find'];
$replacement = $this->post['replacement'];
$newfind = string::haddslashes(htmlspecialchars($this->post['newfind']));
$muliword = string::haddslashes(htmlspecialchars($this->post['muliword']));
$newreplacement = string::substring(string::haddslashes(htmlspecialchars($this->post['newreplacement'])), 0, 18);
$words = NULL;
if (is_array($wordids)) {
foreach ($wordids as $id => $wordid) {
$find[$id] = string::substring($find[$id], 0, 18);
$replacement[$id] = string::substring($replacement[$id], 0, 18);
$words[] = array('id' => $wordid, 'find' => $find[$id], 'replacement' => $replacement[$id]);
}
}
if ($ids) {
$_ENV['word']->del_words($ids);
}
if ($words) {
$_ENV['word']->edit_words($words, $this->user['username']);
}
$havebannedwords = array();
$cachewords = $this->cache->getcache('word');
if ($cachewords) {
foreach ($cachewords as $cachekey => $cacheword) {
$havebannedwords[] = $cachekey;
}
}
$alluploadwords = array();
if ($newfind) {
$alluploadwords[] = str_replace(',', ',', $newfind);
}
if ($muliword) {
$textwords = explode(',', str_replace(',', ',', $muliword));
$alluploadwords = array_merge($alluploadwords, $textwords);
}
if (!empty($_FILES['file_path']['name'])) {
$allowexts = array('txt', 'csv');
$ext = substr($_FILES['file_path']['name'], strrpos($_FILES['file_path']['name'], '.') + 1);
if (!in_array($ext, $allowexts)) {
$this->message($this->view->lang['allowext'], 'index.php?admin_word');
}
$alluploadwords = $_ENV['word']->filewords($alluploadwords, $this->setting['attachment_size']);
}
if ($alluploadwords) {
array_walk($alluploadwords, create_function('&$v, $k', '$v = string::substring($v, 0, 18);'));
$alluploadwords = array_diff($alluploadwords, $havebannedwords);
$alluploadwords = array_unique($alluploadwords);
$alluploadwords = array_values($alluploadwords);
$_ENV['word']->add_word($alluploadwords, $newreplacement, $this->user['username']);
}
$this->message($this->view->lang['usermanageOptSuccess'], 'index.php?admin_word');
} else {
$page = max(1, intval($this->get[2]));
$num = isset($this->setting['list_prepage']) ? $this->setting['list_prepage'] : 20;
$start_limit = ($page - 1) * $num;
$allnum = $_ENV['word']->get_word_num();
$words = $_ENV['word']->get_word_list($start_limit, $num);
$departstr = $this->multi($allnum, $num, $page, 'admin_word-default');
$this->view->assign('departstr', $departstr);
$this->view->assign("docsum", $allnum);
$this->view->assign('words', $words);
$this->view->display('admin_word');
}
}
function recent_comment($start = 0, $limit = 10)
{
$comments = array();
$query = $this->db->query('SELECT u.image,c.* FROM ' . DB_TABLEPRE . 'comment c LEFT JOIN ' . DB_TABLEPRE . 'user u ON c.authorid=u.uid ORDER BY `time` DESC LIMIT ' . "{$start},{$limit}");
while ($comment = $this->db->fetch_array($query)) {
$comment['comment'] = $comment['comment'];
$comment['image'] = $comment['image'] ? $comment['image'] : 'style/default/user.jpg';
$comment['image'] = $_ENV['global']->uc_api_avatar($comment['image'], $comment['authorid'], 'small');
$comment['tipcomment'] = string::hstrlen($comment['comment']) > 12 ? string::substring($comment['comment'], 0, 12) . "..." : $comment['comment'];
$comment['time'] = $this->base->date($comment['time']);
$comments[] = $comment;
}
return $comments;
}
function search_attachment($start = 0, $limit = 10, $cid = '', $did = '', $authorid = '', $starttime = '', $endtime = '', $type = '', $isimage = '', $state = 0)
{
$doclist = array();
$attachlist = array();
$sql = "SELECT m.id,m.did,m.description,m.attachment,m.downloads,m.filesize,m.isimage,m.filename,m.uid,m.time,m.state,m.focus,d.title title,u.username author FROM " . DB_TABLEPRE . "attachment m LEFT JOIN " . DB_TABLEPRE . "doc d ON d.did = m.did LEFT JOIN " . DB_TABLEPRE . "user u ON u.uid=m.uid where 1=1 ";
if ($cid) {
$query = $this->db->query("SELECT did FROM " . DB_TABLEPRE . "categorylink WHERE cid = {$cid}");
while ($category = $this->db->fetch_array($query)) {
$dids[] = $category['did'];
}
$dids = is_array($dids) ? implode(',', $dids) : '';
if ($dids) {
$sql = $sql . " AND m.did IN ({$dids}) ";
} else {
$sql = $sql . " AND 1!=1 ";
}
}
if ($did) {
$sql = $sql . " AND m.did ='{$did}' ";
}
if ($authorid) {
$sql = $sql . " AND m.uid='{$authorid}' ";
}
if ($type) {
$sql = $sql . " AND m.filetype='{$type}' ";
}
if ($starttime) {
$sql = $sql . " AND m.time>={$starttime} ";
}
if ($endtime) {
$sql = $sql . " AND m.time<={$endtime} ";
}
if ($isimage) {
$sql = $sql . " AND m.isimage={$isimage} ";
}
$sql = $sql . " AND m.state={$state} ";
$sql = $sql . " ORDER BY m.time DESC LIMIT {$start},{$limit} ";
$query = $this->db->query($sql);
while ($attach = $this->db->fetch_array($query)) {
$attach['time'] = $this->base->date($attach['time']);
$attach['title'] = htmlspecialchars($attach['title']);
$attach['filename'] = string::substring($attach['filename'], 0, 28);
$attach['filename'] .= strlen($attach['filename']) > 28 ? "......" : "";
$attach['filesize'] = sprintf('%.2f', $attach['filesize'] / 1024) . "k";
$attachlist[] = $attach;
}
return $attachlist;
}
function doadd()
{
$did = intval(@$this->get[2]);
$type = isset($this->post['submit']) ? 0 : 2;
$message = $type == 2 ? '0;' : '';
$comment = htmlspecialchars(trim($this->post['comment']));
if (empty($did)) {
$this->message($message . $this->view->lang['parameterError'], '', $type);
}
if (empty($comment)) {
$this->message($message . $this->view->lang['commentNullError'], 'BACK', $type);
}
if ($this->setting['checkcode'] != 3) {
$msg = $_ENV['user']->checkcode($this->post['code2'], 1);
if ($msg != 'OK') {
$this->message($message . $this->view->lang['codeIsWrong'], '', $type);
}
}
$c_class = $this->post['c_class'];
$re_id = $this->post['re_id'];
$anonymity = $this->post['anonymity'];
if (WIKI_CHARSET == 'GBK') {
$comment = string::hiconv($comment);
}
$comment = string::stripscript($_ENV['doc']->replace_danger_word($comment));
$comment = nl2br(htmlspecialchars($comment));
if (empty($comment)) {
$this->message(0, '', 2);
} elseif (strlen($comment) > 200) {
$comment = string::substring($comment, 0, 200);
}
$reply = $re_id ? $_ENV['comment']->get_re_comment_by_id($re_id) : '';
$id = $_ENV['comment']->add_comment($did, $comment, addslashes($reply), $anonymity);
$this->load('noticemail');
$_ENV['noticemail']->comment_add($did, $comment, addslashes($reply), $anonymity);
if ($id) {
$_ENV['user']->add_credit($this->user['uid'], 'user-comment', $this->setting['credit_comment'], $this->setting['coin_comment']);
$_ENV['doc']->update_field('comments', 1, $did, 0);
if ($type == 0) {
$this->header('comment-view-' . $did);
}
if ($c_class) {
$page = 1;
$doc = $this->db->fetch_by_field('doc', 'did', $did);
$num = isset($this->setting['list_prepage']) ? $this->setting['list_prepage'] : 20;
$start_limit = ($page - 1) * $num;
$comments = $_ENV['comment']->get_comments($did, $start_limit, $num);
$comments = array_pad($comments, $num, '');
$departstr = $this->multi($doc['comments'], $num, $page, "comment-view-{$did}");
$this->view->assign("type", 2);
$this->view->assign("page", $page);
$this->view->assign("departstr", $departstr);
} else {
$comments = $this->db->fetch_by_field('comment', 'id', $id);
$comments['author'] = $_ENV['comment']->ip_show($comments['author']);
$this->view->assign("type", 3);
$this->view->assign("comment", stripslashes($comment));
$this->view->assign('reply', $reply);
$this->view->assign('time', $this->date($this->time));
$this->view->assign('id', $id);
}
$this->view->assign("commentEdit", $this->checkable('comment-edit'));
$this->view->assign("comments", $comments);
$this->view->display('comment_ajax');
} else {
$this->message($message . $this->view->lang['insertBaseWrong'], '', $type);
}
}
function get_loglist($title = '', $username = '', $startprice = '', $endprice = '', $starttime = '', $endtime = '', $start_limit = 0, $limit = 20)
{
$loglist = array();
$sql = "SELECT l.id,g.title,g.image,u.uid,u.username,u.truename,u.location,u.postcode,u.telephone,u.qq,u.email,l.extra,l.time,l.status FROM " . DB_TABLEPRE . "gift g," . DB_TABLEPRE . "giftlog l," . DB_TABLEPRE . "user u WHERE g.id=l.gid and u.uid=l.uid ";
if ($title) {
$sql = $sql . " AND g.title LIKE '%{$title}%' ";
}
if ($username) {
$sql = $sql . " AND u.username LIKE '%{$username}%' ";
}
if ($startprice) {
$sql = $sql . " AND g.credit BETWEEN {$startprice} AND {$endprice} ";
}
if ($starttime) {
$sql = $sql . " AND l.time>={$starttime} ";
}
if ($endtime) {
$sql = $sql . " AND l.time<={$endtime} ";
}
$sql = $sql . " ORDER BY l.time DESC LIMIT {$start_limit},{$limit} ";
$query = $this->db->query($sql);
while ($giftlog = $this->db->fetch_array($query)) {
$giftlog['time'] = $this->base->date($giftlog['time']);
$giftlog['title'] = string::substring($giftlog['title'], 0, 10);
$loglist[] = $giftlog;
}
return $loglist;
}
function dorename()
{
$title = string::hiconv(trim($this->post['newname']));
$title = string::substring(string::stripspecialcharacter($title), 0, 80);
if ($title == '') {
echo "-1";
} else {
if ($this->db->fetch_by_field('doc', 'title', $title)) {
echo "-2";
} elseif ($_ENV['doc']->change_name($this->post['did'], $title)) {
if (1 == $this->setting['cloud_search']) {
// 编辑标题 通知云搜索
$_ENV['search']->cloud_change(array('dids' => $this->post['did'], 'mode' => '2'));
}
echo "1";
} else {
echo "0";
}
}
$this->cache->removecache('data_' . $GLOBALS['theme'] . '_index');
}
function doimport()
{
//global $wmdb;
if (file_exists($this->configfile) && file_exists($this->sumfile)) {
include $this->configfile;
include $this->sumfile;
} else {
$this->message('5|0', '', 2);
}
$this->wmdb = new hddb(WDB_HOST, WDB_USER, WDB_PW, WDB_NAME, WDB_CHARSET, WDB_CONNECT);
//$wmdb = $this->wmdb;
//判断做到哪一步了.
if (file_exists($this->processfile)) {
include $this->processfile;
list($type, $i) = explode('|', $process);
if ($type >= 5) {
$this->message('5|0', '', 2);
}
} else {
list($type, $i) = array(1, 0);
}
$totalnum = array(1 => $catsum, 2 => $usersum, 3 => $docsum, 4 => $clinksum);
$totalnum = $totalnum[$type];
$j = 10;
for (; $i < $totalnum; $i += $j) {
$msg = $type . '|' . (($n = $i + $j) >= $totalnum ? $totalnum : $n);
if ($type == 1 || $type == 2 || $type == 4) {
//导入分类和用户。
$hdsql = $_ENV['mwimport']->get_sql($this->wmdb, $type, $i, $j);
if (!$hdsql || $this->db->query($hdsql)) {
$_ENV['mwimport']->writefile($this->processfile, '<?php $process = "' . $msg . '"; ?>');
} else {
$this->message('5|0', '', 2);
}
} elseif ($type == 3) {
include HDWIKI_ROOT . '/plugins/mwimport/text/Mediawiki.php';
$parser = 'Mediawiki';
$text_wiki = new Text_Wiki_Mediawiki();
$sql = "SELECT a.page_id, a.page_title, b.old_text, b.old_flags, b.old_id FROM " . WDB_TABLEPRE . "page a, " . WDB_TABLEPRE . "text b WHERE a.page_namespace = 0 AND a.page_latest = b.old_id limit " . $i . ",{$j}";
$query = $this->wmdb->query($sql);
while ($doc = $this->wmdb->fetch_array($query)) {
if ($_ENV['doc']->get_doc_by_title($doc['page_title'])) {
continue;
}
$doc['did'] = $doc['page_id'];
$doc['title'] = $doc['page_title'];
$doc['letter'] = string::getfirstletter($doc['page_title']);
$wiki = $text_wiki->singleton($parser);
$result = $wiki->transform($source);
$doc['old_text'] = $wiki->transform($doc['old_text']);
//加入对内容的处理和过滤。
$doc['old_text'] = mysql_real_escape_string($doc['old_text']);
$doc['tags'] = '';
$doc['summary'] = trim(string::convercharacter(string::substring(strip_tags($doc['old_text']), 0, 100)));
$doc['images'] = util::getimagesnum($doc['old_text']);
$doc['time'] = $this->time;
$doc['words'] = string::hstrlen($doc['old_text']);
$doc['visible'] = '1';
$doc['cid'] = $_ENV['mwimport']->get_cid($this->wmdb, '', $doc['did']);
$sql = "SELECT rev_user,rev_user_text FROM " . WDB_TABLEPRE . "revision WHERE rev_page = " . $doc['page_id'] . " ORDER BY rev_id ";
$user = $this->wmdb->fetch_first($sql);
$this->db->query("REPLACE INTO " . DB_TABLEPRE . "doc\r\n\t\t\t (did,cid,letter,title,tag ,summary ,content,author,authorid,time,lastedit,lasteditor,lasteditorid,visible,editions)\r\n\t\t\t VALUES (" . $doc['did'] . "," . $doc['cid'] . ",'" . $doc['letter'] . "','" . $doc['title'] . "','" . $doc['tags'] . "','" . $doc['summary'] . "','" . $doc['old_text'] . "',\r\n\t\t\t '" . $user['rev_user_text'] . "','" . $user['rev_user'] . "',\r\n\t\t\t " . $doc['time'] . "," . $doc['time'] . ",'" . $user['rev_user_text'] . "','" . $user['rev_user'] . "','" . $doc['visible'] . "',1)");
}
$_ENV['mwimport']->writefile($this->processfile, '<?php $process = "' . $msg . '"; ?>');
}
$this->message($msg, '', 2);
}
$msg = $type + 1 . '|0';
$_ENV['mwimport']->writefile($this->processfile, '<?php $process = "' . $msg . '"; ?>');
$this->message($msg, '', 2);
}
function cooperatedocs($num = 0)
{
$coopdoc = array();
$cooperatedocs = explode(';', $this->base->setting['cooperatedoc']);
if ($num == 0) {
$counts = count($cooperatedocs);
} else {
$counts = $num;
}
for ($i = 0; $i < $counts; $i++) {
if ($cooperatedocs[$i] == '') {
unset($cooperatedocs[$i]);
} else {
$coopdoc[$i]['shorttitle'] = string::hstrlen($cooperatedocs[$i]) > 10 ? string::substring($cooperatedocs[$i], 0, 5) . "..." : $cooperatedocs[$i];
$coopdoc[$i]['title'] = $cooperatedocs[$i];
}
}
return $coopdoc;
}
function docooperate()
{
$coopdoc = array();
$cooperatedocs = explode(';', $this->setting['cooperatedoc']);
$counts = count($cooperatedocs);
for ($i = 0; $i < $counts; $i++) {
if ($cooperatedocs[$i] == '') {
unset($cooperatedocs[$i]);
} else {
$coopdoc[$i]['shorttitle'] = string::hstrlen($cooperatedocs[$i]) > 4 ? string::substring($cooperatedocs[$i], 0, 4) . "..." : $cooperatedocs[$i];
$coopdoc[$i]['title'] = $cooperatedocs[$i];
}
}
$this->view->assign('coopdoc', $coopdoc);
//$this->view->display('cooperate');
$_ENV['block']->view('cooperate');
}
function editsql($datacall)
{
if (empty($datacall)) {
return false;
} else {
$datacall['desc'] = !trim($datacall['desc']) ? $this->base->view->lang['sqlcall'] : trim($datacall['desc']);
$datacall['desc'] = string::substring($datacall['desc'], 0, 80);
$datacall['param']['tplcode'] = !trim($datacall['param']['tplcode']) ? '' : trim($datacall['param']['tplcode']);
$datacall['param']['empty_tplcode'] = !trim($datacall['param']['empty_tplcode']) ? '' : trim($datacall['param']['empty_tplcode']);
$param_str = string::haddslashes(serialize(string::hstripslashes($datacall['param'])), 1);
$classname = 'sql';
$function = 'sql';
$type = 'sql';
if (isset($datacall['editflag'])) {
$sql = "UPDATE `" . DB_TABLEPRE . "datacall` SET ";
$sql .= "`name`='" . $datacall['name'] . "',`category`='" . $datacall['category'] . "', `classname`='" . $classname . "', `function`='" . $function . "', `desc`='" . $datacall['desc'] . "', `param`='" . $param_str . "', `cachetime`='" . $datacall['cachetime'] . "'";
$sql .= " WHERE `id`='" . $datacall['id'] . "'";
} else {
$sql = 'INSERT INTO ' . DB_TABLEPRE . 'datacall (`name`,`type`, `category`, `classname`, `function`, `desc`, `param`, `cachetime`) ';
$sql .= " SELECT '" . $datacall['name'] . "','" . $type . "','" . $datacall['category'] . "','" . $classname . "','" . $function . "', ";
$sql .= "'" . $datacall['desc'] . "', '" . $param_str . "', '" . $datacall['cachetime'] . "'";
$sql .= " FROM dual WHERE not exists (SELECT * FROM " . DB_TABLEPRE . "datacall WHERE name= '" . $datacall['name'] . "' )";
}
return $this->db->query($sql);
}
}
