$postdb[author] = filtrate($postdb[author]); $postdb[copyfrom] = filtrate($postdb[copyfrom]); $postdb[copyfromurl] = filtrate($postdb[copyfromurl]); $postdb[description] = preg_replace('/javascript/i', 'java script', $postdb[description]); $postdb[description] = preg_replace('/<(script)([^<>]*)>/i', '<\\1\\2>', $postdb[description]); $postdb[description] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $postdb[description]); //针对火狐浏览器做的处理 $postdb[content] = str_replace("=\\\"../{$webdb['updir']}/", "=\\\"{$webdb['www_url']}/{$webdb['updir']}/", $postdb[content]); if (!$groupdb[PostNoDelCode]) { $postdb[content] = preg_replace('/javascript/i', 'java script', $postdb[content]); $postdb[content] = preg_replace('/<(script)([^<>]*)>/i', '<\\1\\2>', $postdb[content]); $postdb[content] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $postdb[content]); } //对自定义模块表单数据进行判断 if ($mid) { query_article_module($mid, '', $post_db, ''); } //采集外部图片 $postdb[content] = get_outpic($postdb[content], $fid, $GetOutPic); //去除超级链接 $DelLink && ($postdb[content] = preg_replace("/<a([^<>]*) href=\\\\\"([^\"]+)\\\\\"/is", "<a", $postdb[content])); //附件目录转移 $downloadDIR = "article/{$fid}"; if ($webdb[ArticleDownloadDirTime]) { $downloadDIR .= "/" . date($webdb[ArticleDownloadDirTime], $timestamp); } $postdb[content] = move_attachment($lfjuid, $postdb[content], $downloadDIR, 'PostArticle'); //对于太大的图片要做处理自动缩放比例 //$postdb[content]=str_replace("<img ","<img onload=\'if(this.width>600)makesmallpic(this,600,1800);\' ",$postdb[content]); //获取附件 $file_db = get_content_attachment($postdb[content]);
function query_reply($aid, $rid, $type = '') { global $ExplodePage, $PageNum, $postdb, $fid, $lfjdb, $rsdb, $db, $pre, $mid, $post_db, $i_id, $uid, $web_admin, $groupdb, $lfjuid, $timestamp; $erp = get_id_table($aid); //专辑,文集处理 if ($type == 'edit' || $type == 'postnew' && $postdb[special]) { $query = $db->query("SELECT * FROM {$pre}special LIMIT 1000"); while ($rs = $db->fetch_array($query)) { if ($type == 'edit') { extract($db->get_one("SELECT topic FROM {$pre}reply{$erp} WHERE rid='{$rid}'")); if (!$topic) { break; } } $detail = explode(",", $rs[aids]); if (in_array($rs[id], $postdb[special])) { //防止私自提交变量 if ($rs[allowpost] && !$web_admin) { if (!in_array($groupdb['gid'], explode(",", $rs[allowpost]))) { if (!$lfjuid || $rs[uid] != $lfjuid) { continue; } } } if (!in_array($aid, $detail)) { if ($detail[0] == '') { unset($detail[0]); } $detail[] = $aid; $string = implode(",", $detail); $db->query("UPDATE {$pre}special SET aids='{$string}' WHERE id='{$rs['id']}'"); } } else { if (in_array($aid, $detail)) { foreach ($detail as $key => $value) { if ($value == $aid) { unset($detail[$key]); } } $string = implode(",", $detail); $db->query("UPDATE {$pre}special SET aids='{$string}' WHERE id='{$rs['id']}'"); } } } } if ($ExplodePage == 1 && $PageNum > 0) { $contentDB = explode_content(stripslashes($postdb[content]), $PageNum); } elseif ($ExplodePage != 1 && strstr($postdb[content], '[-page-]')) { $contentDB = explode("[-page-]", stripslashes($postdb[content])); foreach ($contentDB as $key => $value) { $contentDB[$key] = addslashes($value); } } else { $contentDB[] = $postdb[content]; } foreach ($contentDB as $key => $content) { $j++; if ($j == 1 && ($type == 'postnew' || $type == 'edit')) { if ($type == 'postnew') { $db->query("INSERT INTO `{$pre}reply{$erp}` ( `aid` ,`fid` ,`uid` , `content` ,`subhead`,`topic`) VALUES ( '{$aid}', '{$fid}','{$lfjdb['uid']}', '{$content}','{$postdb['subhead']}','1')"); } elseif ($type == 'edit') { $db->query("UPDATE `{$pre}reply{$erp}` SET fid='{$fid}',content='{$content}',subhead='{$postdb['subhead']}' WHERE rid='{$rid}'"); } } else { $db->query("INSERT INTO `{$pre}reply{$erp}` ( `aid` , `fid` ,`uid` , `content` ,`subhead`,`topic`) VALUES ( '{$aid}','{$fid}','{$uid}','{$content}','{$postdb['subhead']}','0')"); } if ($mid && $j == 1) { if ($type == 'edit') { $basedb = array('uid' => $lfjdb[uid], 'fid' => $fid, 'aid' => $aid, 'rid' => '', 'i_id' => $i_id); query_article_module($mid, 'edit', $post_db, $basedb); } else { $rid = $db->insert_id(); $basedb = array('uid' => $uid, 'fid' => $fid, 'aid' => $aid, 'rid' => $rid); query_article_module($mid, 'add', $post_db, $basedb); } } } @extract($db->get_one("SELECT COUNT(*) AS NUM FROM `{$pre}reply{$erp}` WHERE `aid`='{$aid}'")); $db->query("UPDATE `{$pre}article{$erp}` SET pages='{$NUM}' WHERE aid='{$aid}'"); }