/**
* 模型在线投稿提交处理函数
*/
function modelpost($cacheinfo, $cp = 1)
{
global $_SGLOBAL, $theurl, $_SCONFIG;
include_once S_ROOT . './function/upload.func.php';
$_POST['mid'] = !empty($_POST['mid']) ? intval($_POST['mid']) : 0;
$itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0;
$hash = '';
$op = 'add';
$resultitems = $resultmessage = array();
$modelsinfoarr = $cacheinfo['models'];
$columnsinfoarr = $cacheinfo['columns'];
//获取等级信息
if ($cacheinfo['models']['modelname'] == 'defect') {
switch ($_POST['grade']) {
case 1:
$_POST['grade'] = '64';
break;
case 2:
$_POST['grade'] = '32';
break;
case 3:
$_POST['grade'] = '16';
break;
case 4:
$_POST['grade'] = '9';
break;
case 5:
$_POST['grade'] = '4';
break;
case 6:
$_POST['grade'] = '1';
break;
case 7:
$_POST['grade'] = '-1';
break;
case 8:
$_POST['grade'] = '-2';
break;
case 9:
$_POST['grade'] = '-3';
break;
}
$gradearr = array('0' => $alang['general_state'], '64' => $alang['check_grade_1'], '32' => $alang['check_grade_2'], '16' => $alang['check_grade_3_1'], '9' => $alang['check_grade_3_2'], '4' => $alang['check_grade_3_3'], '1' => $alang['check_grade_4'], '-1' => $alang['check_grade_5'], '-2' => $alang['check_grade_6'], '-3' => $alang['check_grade_7']);
if (!empty($_SCONFIG['checkgrade'])) {
$newgradearr = explode("\t", $_SCONFIG['checkgrade']);
$gradearr['64'] = $newgradearr[0];
$gradearr['32'] = $newgradearr[1];
$gradearr['16'] = $newgradearr[2];
$gradearr['9'] = $newgradearr[3];
$gradearr['4'] = $newgradearr[4];
$gradearr['1'] = $newgradearr[5];
$gradearr['-1'] = $newgradearr[6];
$gradearr['-2'] = $newgradearr[7];
$gradearr['-3'] = $newgradearr[8];
}
} else {
$gradearr = array('0' => $alang['general_state'], '1' => $alang['check_grade_1'], '2' => $alang['check_grade_2'], '3' => $alang['check_grade_3'], '4' => $alang['check_grade_4'], '5' => $alang['check_grade_5'], '6' => $alang['check_grade_6'], '7' => $alang['check_grade_7']);
if (!empty($_SCONFIG['checkgrade'])) {
$newgradearr = explode("\t", $_SCONFIG['checkgrade']);
for ($i = 0; $i < count($newgradearr); $i++) {
if (!empty($newgradearr[$i])) {
$gradearr[$i + 1] = $newgradearr[$i];
}
}
}
}
if (empty($_POST['mid']) || $_POST['mid'] != $modelsinfoarr['mid']) {
showmessage('parameter_error');
}
$feedcolum = array();
foreach ($columnsinfoarr as $result) {
if ($result['isfixed'] == 1) {
$resultitems[] = $result;
} else {
$resultmessage[] = $result;
}
if ($result['formtype'] == 'linkage') {
if (!empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]];
}
} elseif ($result['formtype'] == 'timestamp') {
if (empty($_POST[$result['fieldname']])) {
$_POST[$result['fieldname']] = $_SGLOBAL['timestamp'];
} else {
$_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]);
}
}
}
//更新用户最新更新时间
if (empty($itemid) && $_SGLOBAL['supe_uid']) {
updatetable('members', array('updatetime' => $_SGLOBAL['timestamp']), array('uid' => $_SGLOBAL['supe_uid']));
}
//输入检查
$_POST['catid'] = intval($_POST['catid']);
$_POST['allowreply'] = isset($_POST['allowreply']) ? intval($_POST['allowreply']) : checkperm('allowcomment') ? 1 : 0;
$_POST['subject'] = shtmlspecialchars(trim($_POST['subject']));
//检查输入
if (strlen($_POST['subject']) < 2 || strlen($_POST['subject']) > 80) {
showmessage('space_suject_length_error');
}
if (empty($_POST['catid'])) {
showmessage('admin_func_catid_error');
}
if (!empty($_FILES['subjectimage']['name'])) {
$fileext = fileext($_FILES['subjectimage']['name']);
if (!in_array($fileext, array('jpg', 'jpeg', 'gif', 'png'))) {
showmessage('document_types_can_only_upload_pictures');
}
}
//数据检查
checkvalues(array_merge($resultitems, $resultmessage), 0, 1);
//修改时检验标题图片是否修改
$defaultmessage = array();
if (!empty($itemid)) {
if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) {
//当file删除时,或修改时执行删除操作
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\'');
$defaultmessage = $_SGLOBAL['db']->fetch_array($query);
$hash = getmodelhash($_GET['mid'], $itemid);
deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage'));
//删除附件表
updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid));
$ext = fileext($defaultmessage['subjectimage']);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage['subjectimage']);
}
}
//构建数据
$setsqlarr = $setitemsqlarr = array();
$setsqlarr = getsetsqlarr($resultitems);
$setsqlarr['catid'] = $_POST['catid'];
$setsqlarr['subject'] = $_POST['subject'];
$setsqlarr['allowreply'] = $_POST['allowreply'];
$setsqlarr['grade'] = intval($_POST['grade']);
//modify by jyf,没权限的用户不能改审核等级
if ($setsqlarr['grade'] > 0) {
if (!checkperm('manageeditpost')) {
showmessage('no_permission');
}
}
//end
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
$setsqlarr['uid'] = $_SGLOBAL['supe_uid'];
$setsqlarr['username'] = $_SGLOBAL['supe_username'];
$setsqlarr['lastpost'] = $setsqlarr['dateline'];
$modelsinfoarr['subjectimagewidth'] = 400;
$modelsinfoarr['subjectimageheight'] = 300;
if (!empty($modelsinfoarr['thumbsize'])) {
$modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize']));
$modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0];
$modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1];
}
$uploadfilearr = $ids = array();
$subjectimageid = '';
$uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => modelmsg('photo_title'), 'formtype' => 'img')), $_POST['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']);
if (!empty($uploadfilearr)) {
$feedsubjectimg = $uploadfilearr;
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//词语过滤
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
//发布时间
if (empty($_POST['dateline'])) {
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
} else {
$setsqlarr['dateline'] = sstrtotime($_POST['dateline']);
if ($setsqlarr['dateline'] > $_SGLOBAL['timestamp'] || $setsqlarr['dateline'] < $_SGLOBAL['timestamp'] - 3600 * 24 * 365 * 2) {
//不能早于2年
$setsqlarr['dateline'] = $_SGLOBAL['timestamp'];
}
}
//附件处理-by jyf
if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) {
$setsqlarr['attaches'] = implode(',', $_POST['divupload']);
}
//创新园地新增两个字段-------89184
if ($cacheinfo['models']['modelname'] == 'creative') {
if (empty($_POST['creative_value'])) {
showmessage('请输入创新价值说明');
}
if (empty($_POST['creative_days'])) {
showmessage('本创新所耗的工作量');
}
$setsqlarr['value'] = $_POST['creative_value'];
$setsqlarr['days'] = $_POST['creative_days'];
}
if (!checkperm('allowdirectpost') || checkperm('managemodpost')) {
//不需要审核时入item表
if (empty($itemid)) {
//插入数据
$itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1);
//取消邮件通知 --89184
$email = get_cate_mail($_POST['catid']);
$url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
if ($_POST['modelname'] == 'creative') {
if ($_POST['creative_type'] == '流程建议') {
$email = $email . ',' . get_cate_process_mail($setsqlarr['catid']);
}
}
$emails = explode(',', $email);
if (count($emails) > 0) {
include S_ROOT . './function/sendmail.fun.php';
$url1 = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
if ($cacheinfo['models']['modelname'] == 'creative') {
$msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的创新:<br />' . $url1;
sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的创新《' . $_POST['subject'] . "》", $msg1);
} else {
if ($cacheinfo['models']['modelname'] == 'defect') {
$msg1 = '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例:<br />' . $url1;
sendmail($emails, '用户 ' . $setsqlarr['username'] . ' 提交了新的缺陷预防案例《' . $_POST['subject'] . "》", $msg1);
}
}
}
} else {
//更新
$op = 'update';
unset($setsqlarr['uid']);
unset($setsqlarr['username']);
unset($setsqlarr['lastpost']);
if ($setsqlarr['grade'] > 0) {
$setsqlarr['shenhezhe'] = $_SGLOBAL['supe_username'];
if ($_POST['modelname'] == 'creative') {
if ($_POST['creative_type'] == '主管月度创新') {
if (!check_cate_director($setsqlarr['catid'])) {
showmessage('no_permission');
}
}
}
}
updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid));
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE nid = \'' . $_POST['nid'] . '\'');
$defaultmessage = $_SGLOBAL['db']->fetch_array($query);
//邮件通知--等级审核
if ($setsqlarr['grade'] > 0) {
$sqlstr = 'SELECT u.*, s.* FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' s LEFT JOIN ' . tname('members') . ' u ON u.uid=s.uid WHERE s.itemid=\'' . $itemid . '\'';
$query = $_SGLOBAL['db']->query($sqlstr);
$value = $_SGLOBAL['db']->fetch_array($query);
$email = $value['email'];
if (!empty($email)) {
include S_ROOT . './function/sendmail.fun.php';
$url = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
$emails = explode(',', $email);
if ($_POST['modelname'] == 'creative') {
$msg = '你的创新已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url;
} else {
$msg = '你的缺陷预防案例已被审核,等级:' . $gradearr[$setsqlarr[grade]] . '(' . $setsqlarr['grade'] . ')<br />' . $url;
}
sendmail($emails, $setsqlarr['subject'], $msg);
}
}
}
if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) {
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=1, type=\'' . $modelsinfoarr['modelname'] . '\', itemid=' . $itemid . ', catid=\'' . $_POST['catid'] . '\' WHERE hash=\'' . $_POST['hash'] . '\'');
}
$hash = getmodelhash($_POST['mid'], $itemid);
if (!empty($ids)) {
$ids = simplode($ids);
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$do = 'pass';
} else {
if (!empty($uploadfilearr['subjectimage']['aid'])) {
$subjectimageid = $uploadfilearr['subjectimage']['aid'];
}
$setitemsqlarr = $setsqlarr;
$do = 'me';
}
if ($op == 'update') {
if (!empty($resultmessage)) {
foreach ($resultmessage as $value) {
if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) {
if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) {
//当file删除时,或修改时执行删除操作
deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname']));
//删除附件表
updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('nid' => $_POST['nid']));
$ext = fileext($defaultmessage[$value['fieldname']]);
if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
@unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg');
}
@unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]);
}
}
}
}
}
//内容
$setsqlarr = $uploadfilearr = $ids = array();
$setsqlarr = getsetsqlarr($resultmessage);
$uploadfilearr = $feedcolum = uploadfile($resultmessage, $_POST['mid'], $itemid, 0);
$setsqlarr['message'] = trim($_POST['message']);
$setsqlarr['postip'] = $_SGLOBAL['onlineip'];
if (!empty($uploadfilearr)) {
foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
if (empty($tmpvalue['error'])) {
$setsqlarr[$tmpkey] = $tmpvalue['filepath'];
}
if (!empty($tmpvalue['aid'])) {
$ids[] = $tmpvalue['aid'];
}
}
}
//添加内容
if (!empty($modelsinfoarr['allowfilter'])) {
$setsqlarr = scensor($setsqlarr, 1);
}
if (!checkperm('allowdirectpost') || checkperm('managemodpost') || checkperm('allowdirectpost') && $op == 'update') {
//不需要审核时入message表
if ($op == 'add') {
$setsqlarr['itemid'] = $itemid;
//添加内容
inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr);
getreward('postinfo');
if (allowfeed() && !empty($_POST['addfeed']) && !empty($_SGLOBAL['supe_uid'])) {
$feed['icon'] = 'comment';
$feed['title_template'] = 'feed_model_title';
$murl = geturl('action/model/name/' . $modelsinfoarr['modelname'] . '/itemid/' . $itemid);
$aurl = A_URL;
if (empty($_SCONFIG['siteurl'])) {
$siteurl = getsiteurl();
$murl = $siteurl . $murl;
$aurl = $siteurl . $aurl;
} else {
$siteurl = S_URL_ALL;
}
$feed['title_data'] = array('modelname' => '<a href="' . $siteurl . '/m.php?name=' . $modelsinfoarr['modelname'] . '">' . $modelsinfoarr['modelalias'] . '</a>');
$feed['body_template'] = 'feed_model_message';
$feed['body_data'] = array('subject' => '<a href="' . $murl . '">' . $_POST['subject'] . '</a>', 'message' => cutstr(strip_tags(preg_replace("/\\[.+?\\]/is", '', $_POST['message'])), 150));
if (!empty($feedsubjectimg)) {
$feed['images'][] = array('url' => $aurl . '/' . $feedsubjectimg['subjectimage']['filepath'], 'link' => $murl);
} else {
foreach ($feedcolum as $feedimgvalue) {
if ($feedimgvalue['filepath']) {
$feed['images'][] = array('url' => $aurl . '/' . $feedimgvalue['filepath'], 'link' => $murl);
break;
}
}
if (empty($feed['images'])) {
$picurl = getmessagepic(stripslashes($_POST['message']));
if ($picurl && strpos($picurl, '://') === false) {
$picurl = $siteurl . '/' . $picurl;
}
if (!empty($picurl)) {
$feed['images'][] = array('url' => $picurl, 'link' => $murl);
}
}
}
postfeed($feed);
}
} else {
//更新内容
updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid));
}
updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash));
if (checkperm('allowdirectpost') && $op == 'update') {
deletemodelitems($modelsinfoarr['modelname'], array($itemid), $_POST['mid'], 1, 1);
}
if (checkperm('allowdirectpost') && $op == 'update') {
$jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('writing_success_online_please_wait_for_audit', $jpurl);
} else {
$jpurl = $cp ? S_URL . '/' . $theurl . '&mid=' . $modelsinfoarr['mid'] : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('online_contributions_success', $jpurl);
}
} else {
$setsqlarr = array_merge($setitemsqlarr, $setsqlarr);
$setsqlarr['addfeed'] = $_POST['addfeed'];
$setsqlarr = array('subject' => $setitemsqlarr['subject'], 'mid' => $modelsinfoarr['mid'], 'uid' => $setsqlarr['uid'], 'message' => saddslashes(serialize($setsqlarr)), 'dateline' => $_SGLOBAL['timestamp'], 'folder' => 1);
if (!empty($_POST['itemid'])) {
$itemid = intval($_POST['itemid']);
updatetable('modelfolders', $setsqlarr, array('itemid' => $itemid));
} else {
$itemid = inserttable('modelfolders', $setsqlarr, 1);
}
if (!empty($subjectimageid)) {
$ids[] = $subjectimageid;
}
if (!empty($ids)) {
$ids = simplode($ids);
$hash = 'm' . str_pad($_POST['mid'], 6, 0, STR_PAD_LEFT) . 'f' . str_pad($itemid, 8, 0, STR_PAD_LEFT);
$_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=\'1\', type=\'model\', hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
}
$jpurl = $cp ? empty($setsqlarr['uid']) ? S_URL . "/admincp.php?action=modelmanages&op=add&mid={$modelsinfoarr['mid']}" : S_URL . "/admincp.php?action=modelfolders&mid={$modelsinfoarr['mid']}" : S_URL . "/cp.php?ac=models&op=list&do={$do}&nameid={$modelsinfoarr['modelname']}";
showmessage('writing_success_online_please_wait_for_audit', $jpurl);
}
}
showmessage('no_modify_checked_item');
}
if (!(check_cate_perm($catid) || check_cate_director($catid) || $_SGLOBAL['supe_uid'] == $thevalue['uid'])) {
showmessage('no_permission');
}
$theurl = "?action-model-name-" . $modelsinfoarr['modelname'] . "-mid-" . $modelsinfoarr['mid'] . "-catid-" . $catid . "-itemid-" . $itemid;
modelpost($cacheinfo2);
} else {
if (submitcheck('shenhesubmit')) {
$itemid = intval($_POST['itemid']);
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . $tablename . ' WHERE itemid=\'' . $itemid . '\'');
$thevalue = $_SGLOBAL['db']->fetch_array($query);
if (intval($thevalue['grade']) > 0 && $_SGLOBAL['member']['groupname']['rdm'] < 1) {
showmessage('no_modify_checked_item');
}
if (!(check_cate_perm($catid) || check_cate_director($catid) || $_SGLOBAL['supe_uid'] == $thevalue['uid'])) {
showmessage('no_permission');
}
$theurl = "?action-model-name-" . $modelsinfoarr['modelname'] . "-mid-" . $modelsinfoarr['mid'] . "-catid-" . $catid . "-itemid-" . $itemid;
if ($modelsinfoarr['modelname'] == 'defect') {
$sqlstr = "UPDATE " . tname($modelsinfoarr['modelname'] . 'message') . " SET checkmessage='" . $_POST['checkmessage'] . "' WHERE itemid='" . $itemid . "'";
} else {
$sqlstr = "UPDATE " . tname($modelsinfoarr['modelname'] . 'message') . " SET shenhe_description='" . $_POST['shenhe_description'] . "' WHERE itemid='" . $itemid . "'";
}
$_SGLOBAL['db']->query($sqlstr);
$sqlstr = "UPDATE " . tname($modelsinfoarr['modelname'] . 'items') . " SET grade='" . $_POST['grade'] . "' ,shenhezhe='" . $_SGLOBAL['supe_username'] . "' WHERE itemid='" . $itemid . "'";
$_SGLOBAL['db']->query($sqlstr);
showmessage('do_success', $theurl);
} else {
if (submitcheck('donesubmit')) {
$grade = $_POST['grade'];