function block_batch($param)
{
global $_SGLOBAL, $_SBLOCK, $_SCONFIG;
$cachekey = smd5($param);
$paramarr = parseparameter($param);
if (empty($_SCONFIG['allowcache'])) {
$paramarr['cachetime'] = 0;
//关闭 cache
} else {
$paramarr['cachetime'] = intval($paramarr['cachetime']);
}
if (!empty($paramarr['perpage'])) {
// pagination
$_GET['page'] = empty($_GET['page']) ? 1 : intval($_GET['page']);
if ($_GET['page'] < 1) {
$_GET['page'] = 1;
}
if ($_GET['page'] > 1 && $paramarr['cachetime']) {
$cachekey = smd5($param . $_GET['page']);
//key改变
}
}
//获取 cache
if ($paramarr['cachetime']) {
$caches = block_get($cachekey);
} else {
$caches = array();
}
if (!empty($caches['mtime']) && $_SGLOBAL['timestamp'] - $caches['mtime'] <= $paramarr['cachetime']) {
//使用 cache
$_SBLOCK[$paramarr['cachename']] = $caches['values'];
$_SBLOCK[$paramarr['cachename'] . '_multipage'] = $caches['multi'];
} else {
//查询数据
$blockarr = array();
$results = getparamsql($paramarr);
if ($results['count']) {
$query = $_SGLOBAL['db']->query($results['sql']);
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$blockarr[] = $value;
}
}
$_SBLOCK[$paramarr['cachename']] = $blockarr;
$_SBLOCK[$paramarr['cachename'] . '_multipage'] = $results['multi'];
// update cache
if ($paramarr['cachetime']) {
$blockarr['multipage'] = $results['multi'];
// cache pagination
block_set($cachekey, $blockarr);
}
}
}
<?php
/*
[SupeSite] (C) 2007-2009 Comsenz Inc.
$Id: $
*/
if (!defined('IN_SUPESITE')) {
exit('Access Denied');
}
$op = empty($_GET['op']) ? 'list' : trim($_GET['op']);
$channel = $nameid = postget('nameid');
$attach_hash = smd5($_SGLOBAL['supe_uid'] . '/' . $_SGLOBAL['timestamp'] . random(6));
//权限
if ($op == 'add' || $op == 'edit') {
$newchannel = '';
$postmenus = array();
if (checkperm('allowpost')) {
$newchannel = $channel;
}
foreach ($channels['menus'] as $key => $value) {
if (in_array($value['type'], array('type', 'model')) || $value['upnameid'] == 'news') {
$channel = $key;
if (checkperm('allowpost')) {
if (empty($newchannel)) {
$newchannel = $channel;
}
$postmenus[] = $key;
}
}
}
$channel = $nameid = empty($newchannel) ? $nameid : $newchannel;
function block($thekey, $param)
{
global $_SGLOBAL, $_SBLOCK, $_SCONFIG, $_SGET, $lang;
$_SBLOCK[$thekey] = array();
$havethekey = false;
$needcache = 0;
//»º´ækey
$cachekey = smd5($thekey . $param);
$paramarr = parseparameter($param, 0);
if (!empty($paramarr['uid'])) {
$uid = $paramarr['uid'];
} elseif (!empty($paramarr['authorid'])) {
$uid = $paramarr['authorid'];
} else {
$uid = 0;
}
if (!empty($paramarr['cachetime'])) {
if (!empty($paramarr['perpage']) && !empty($_SGET['page'])) {
//·ÖÒ³
$cachekey = smd5($thekey . $param . $_SGET['page']);
}
$cacheupdatetime = $paramarr['cachetime'];
} else {
$cacheupdatetime = 0;
$needcache = 3;
//DO NOT CACHE
}
if ($cacheupdatetime) {
//»ñÈ¡»º´æ
$tablename = $thekey == 'spacetag' ? 'tagcache' : 'cache';
getcache($cachekey, $tablename);
if (!isset($_SBLOCK[$cachekey])) {
$needcache = 1;
//ûÓлº´æ
} else {
//´´½¨Ï´θüÐÂʱ¼ä
if (!empty($_SBLOCK[$cachekey]['filemtime'])) {
$_SBLOCK[$cachekey]['updatetime'] = $_SBLOCK[$cachekey]['filemtime'] + $cacheupdatetime;
}
if ($_SBLOCK[$cachekey]['updatetime'] < $_SGLOBAL['timestamp']) {
$needcache = 2;
//ÐèÒª¸üÐÂ
}
}
}
if ($needcache) {
$theblockarr = array();
include_once S_ROOT . './function/block.func.php';
$block_func = 'block_' . $thekey;
$theblockarr = $block_func($paramarr);
$_SBLOCK[$thekey] = $theblockarr;
$havethekey = true;
$_SBLOCK[$cachekey]['value'] = serialize($theblockarr);
$_SBLOCK[$cachekey]['updatetime'] = $_SGLOBAL['timestamp'] + $cacheupdatetime;
if ($needcache == 1 || $needcache == 2) {
//INSERT-UPDATE
$_SGLOBAL['tpl_blockvalue'][] = array('cachekey' => $cachekey, 'uid' => $uid, 'cachename' => $thekey, 'value' => $_SBLOCK[$cachekey]['value'], 'updatetime' => $_SBLOCK[$cachekey]['updatetime']);
}
}
if (!$havethekey) {
if (!empty($_SBLOCK[$cachekey]['value'])) {
$_SBLOCK[$thekey] = unserialize($_SBLOCK[$cachekey]['value']);
} else {
$_SBLOCK[$thekey] = array();
}
}
$iarr = $_SBLOCK[$thekey];
if (!empty($paramarr['cachename'])) {
if (empty($_SBLOCK[$thekey]['multipage'])) {
$_SBLOCK[$paramarr['cachename'] . '_multipage'] = '';
} else {
$_SBLOCK[$paramarr['cachename'] . '_multipage'] = $_SBLOCK[$thekey]['multipage'];
}
$_SBLOCK[$paramarr['cachename']] = $_SBLOCK[$thekey];
unset($_SBLOCK[$paramarr['cachename']]['multipage']);
}
if (!empty($paramarr['tpl']) && $paramarr['tpl'] != 'data') {
$paramarr['tpl'] = 'styles/' . $paramarr['tpl'] . '.html.php';
include template($paramarr['tpl'], 1);
}
}
if (!($item = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('no_item', 'cp.php?ac=news&op=list');
}
$checkedarr = explode(',', $item['othercatid']);
$id = $do == 'pass' ? $item['itemid'] : (empty($item['oitemid']) ? $item['itemid'] : $item['oitemid']);
$item['tagname'] = gettagname($id, '0');
//TAG
$type = $item['type'];
}
$catarr = getcategory($type);
$mpurlstr = str_replace(array(' ', 'AND', '\''), array('', '&', ''), $wheresql);
#Modify by chenguoren
$thevalue['allowmax'] = 100;
$thevalue[allowtype] = '';
$thevalue['noinsert'] = 0;
$thevalue['hash'] = smd5($_SGLOBAL['supe_uid'] . '/' . $_SGLOBAL['timestamp'] . random(6));
//setcookie('attachhash', $thevalue['hash']);
#End
if ($op == 'add') {
if (empty($item)) {
$mktitlestyle = '';
$item = array('subject' => '', 'catid' => $catid, 'message' => '', 'tagname' => '', 'newsauthor' => '', 'newsfrom' => '', 'newsfromurl' => '');
}
} elseif ($op == 'edit') {
if ($itemid && ($item['uid'] != $_SGLOBAL['supe_uid'] || empty($_SGLOBAL['supe_uid']))) {
showmessage('no_permission', 'cp.php?ac=news&op=list');
}
$mktitlestyle = empty($item['styletitle']) ? '' : mktitlestyle($item['styletitle']);
$item['subject'] = shtmlspecialchars($item['subject']);
// $item['message'] = jsstrip($item['message']);
#Modify by chenguoren
$_POST['catid'] = intval($_POST['catid']);
$itemids = implode('\',\'', $_POST['item']);
$itemidarr = array();
//标题
$query = $_SGLOBAL['db']->query('SELECT i.* FROM ' . tname('robotitems') . ' i WHERE i.itemid IN (\'' . $itemids . '\') AND i.isimport=0 ORDER BY i.robottime');
} else {
showmessage('robotmessage_op_success', $theurl);
}
} else {
$query = $_SGLOBAL['db']->query('SELECT i.* FROM ' . tname('robotitems') . ' i WHERE i.robotid=\'' . $_POST['robotid'] . '\' AND i.isimport=0 ORDER BY i.robottime');
}
$itemarr = $theitemidarr = array();
while ($item = $_SGLOBAL['db']->fetch_array($query)) {
$robotitemid = $theitemidarr[] = $item['itemid'];
$item = saddslashes($item);
$hashstr = smd5($_SGLOBAL['supe_uid'] . '/' . rand(1000, 9999) . $_SGLOBAL['timestamp'] . $item['itemid']);
$catarr = explode('_', $_POST['import']);
$setsqlarr = array('catid' => $catarr[1], 'uid' => $item['uid'], 'username' => $item['username'], 'type' => $catarr[0], 'subject' => $item['subject'], 'dateline' => $item['dateline'], 'lastpost' => $item['dateline'], 'fromtype' => 'robotpost', 'fromid' => $item['robotid'], 'hash' => $hashstr, 'haveattach' => $item['haveattach'] == 1 ? 1 : 0);
$itemid = inserttable('spaceitems', $setsqlarr, 1);
$robotid = $item['robotid'];
$itemidarr[$item['itemid']] = $itemid;
$itemarr[$item['itemid']] = $item;
if ($item['haveattach']) {
$_SGLOBAL['db']->query("UPDATE " . tname('attachments') . " SET itemid='{$itemid}', catid='{$_POST['catid']}', uid='{$item['uid']}', hash='{$hashstr}' WHERE hash='R{$robotid}I{$robotitemid}'");
//更新图文资讯
$attvalue = $_SGLOBAL['db']->fetch_array($_SGLOBAL['db']->query("SELECT aid FROM " . tname('attachments') . " WHERE itemid='{$itemid}' AND isimage='1' LIMIT 0 ,1"));
$_SGLOBAL['db']->query("UPDATE " . tname('spaceitems') . " SET picid='{$attvalue['aid']}' WHERE itemid='{$itemid}'");
}
}
//内容
if (empty($theitemidarr)) {
$sqlstr3 = "SELECT * FROM dede_addonarticle WHERE aid='" . $item[id] . "'";
$query3 = $devdb->query($sqlstr3);
$messages = $devdb->fetch_array($query3);
$messages['body'] = str_replace("'", "''", $messages['body']);
$itemarr = array('message' => '<div id="article_extinfo">' . $item['description'] . '</div>' . $messages['body'], 'relativetags' => '', 'newsfrom' => '', 'newsauthor' => $item['writer'], 'newsfromurl' => '', 'postip' => $_SGLOBAL['onlineip'], 'includetags' => '');
$sqlstr4 = "SELECT * FROM " . tname("spaceitems") . " WHERE itemtypeid='" . $item['id'] . "'";
$query4 = $_SGLOBAL['db']->query($sqlstr4);
$res4 = $_SGLOBAL['db']->fetch_array($query4);
if (empty($res4['itemtypeid'])) {
$itemarr['itemid'] = inserttable('spaceitems', $newsarr, 1);
inserttable('spacenews', $itemarr);
//附件处理
if (!empty($messages['attachment'])) {
$newsarr['haveattach'] = 1;
$attachments = explode(';', $messages['attachment']);
$hash = smd5($newuid . '/' . $_SGLOBAL['timestamp'] . random(6));
foreach ($attachments as $attachment) {
if (!empty($attachment)) {
echo '处理附件:' . $attachment . '<br />';
$filename = basename($attachment);
$fileext = fileext($filename);
$subject = basename($attachment, $fileext);
$insertsqlarr = array('uid' => $newuid, 'isavailable' => 1, 'type' => $catetype, 'itemid' => $itemarr['itemid'], 'catid' => $cateid, 'dateline' => $_SGLOBAL['timestamp'], 'filename' => saddslashes($filename), 'subject' => trim(shtmlspecialchars($subject)), 'attachtype' => $fileext, 'isimage' => in_array($fileext, array('jpg', 'jpeg', 'gif', 'png')) ? 1 : 0, 'size' => '', 'filepath' => $attachment, 'thumbpath' => '', 'hash' => $hash);
inserttable('attachments', $insertsqlarr);
}
}
$sqlstr5 = "UPDATE " . tname("spaceitems") . " SET haveattach='1' WHERE itemid='" . $itemarr['itemid'] . "'";
$_SGLOBAL['db']->query($sqlstr5);
}
}
}
/**
* 采集器方法
*/
function messageaddtodb($msgarr, $robotid, $itemid = 0)
{
global $_SGLOBAL;
$filepath = S_ROOT . './data/robot/robot_' . $robotid . '.cache.php';
@(include_once $filepath);
if (!$itemid) {
$uid = empty($msgarr['uid']) ? $_SGLOBAL['supe_uid'] : $msgarr['uid'];
$username = empty($cacheinfo['uids'][$msgarr['uid']]) ? $_SGLOBAL['supe_username'] : $cacheinfo['uids'][$msgarr['uid']];
//判断是否直接入库操作
if (empty($msgarr['importcatid'])) {
$insertsqlarr = array('uid' => $uid, 'username' => saddslashes($username), 'robotid' => $robotid, 'robottime' => $_SGLOBAL['timestamp'], 'subject' => saddslashes($msgarr['subject']));
if (!empty($msgarr['itemfrom'])) {
$insertsqlarr['itemfrom'] = saddslashes($msgarr['itemfrom']);
}
if (!empty($msgarr['author'])) {
$insertsqlarr['author'] = saddslashes($msgarr['author']);
}
if (!empty($msgarr['dateline'])) {
$insertsqlarr['dateline'] = $msgarr['dateline'];
}
if (!empty($msgarr['patharr'])) {
$insertsqlarr['haveattach'] = 1;
}
$itemid = inserttable('robotitems', $insertsqlarr, 1);
} else {
$hashstr = smd5($_SGLOBAL['supe_uid'] . '/' . rand(1000, 9999) . $_SGLOBAL['timestamp']);
$insertsqlarr = array('catid' => $msgarr['importcatid'], 'uid' => $uid, 'username' => saddslashes($username), 'type' => $msgarr['importtype'], 'subject' => saddslashes($msgarr['subject']), 'dateline' => $msgarr['dateline'], 'lastpost' => $msgarr['dateline'], 'hash' => $hashstr, 'fromtype' => 'robotpost', 'fromid' => $robotid, 'haveattach' => !empty($msgarr['patharr']) ? 1 : 0);
$itemid = inserttable('spaceitems', $insertsqlarr, 1);
}
$hash = md5($msgarr['subject']);
$_SGLOBAL['db']->query('REPLACE INTO ' . tname('robotlog') . " (hash) VALUES ('{$hash}')");
//插入起防重复操作
}
//INSERT MESSAGE
if (empty($msgarr['importcatid'])) {
$insertsqlarr = array('itemid' => $itemid, 'robotid' => $robotid);
if (!empty($msgarr['message'])) {
$insertsqlarr['message'] = saddslashes($msgarr['message']);
}
if (!empty($msgarr['picarr'])) {
$insertsqlarr['picurls'] = saddslashes(serialize($msgarr['picarr']));
}
if (!empty($msgarr['flasharr'])) {
$insertsqlarr['flashurls'] = saddslashes(serialize($msgarr['flasharr']));
}
inserttable('robotmessages', $insertsqlarr, 0, 1);
} else {
$insertsqlarr = array('itemid' => $itemid, 'message' => saddslashes($msgarr['message']), 'newsauthor' => saddslashes($msgarr['author']), 'newsfrom' => saddslashes($msgarr['itemfrom']));
inserttable('spacenews', $insertsqlarr);
}
if (!empty($msgarr['patharr'])) {
$attacharr['hash'] = 'R' . $robotid . 'I' . $itemid;
$thevalue = array();
if (empty($msgarr['importcatid'])) {
$query = $_SGLOBAL['db']->query("SELECT haveattach, uid FROM " . tname('robotitems') . " WHERE itemid='{$itemid}'");
} else {
$query = $_SGLOBAL['db']->query("SELECT haveattach, hash, uid FROM " . tname('spaceitems') . " WHERE itemid='{$itemid}'");
}
$thevalue = $_SGLOBAL['db']->fetch_array($query);
if (!empty($thevalue['hash'])) {
$attacharr['hash'] = $thevalue['hash'];
}
$uid = $thevalue['uid'];
$insertkeysql = $comma = '';
$insertvaluesql = '(';
foreach ($msgarr['patharr'] as $key => $value) {
$value['hash'] = $attacharr['hash'];
$value['uid'] = $uid;
$value['itemid'] = empty($msgarr['importcatid']) ? 0 : $itemid;
foreach ($value as $insert_key => $insert_value) {
if ($key == 0) {
$insertkeysql .= $comma . $insert_key;
}
$insertvaluesql .= $comma . '\'' . $insert_value . '\'';
$comma = ', ';
}
if (count($msgarr['patharr']) - 1 > $key) {
$insertvaluesql .= '), (';
$comma = '';
}
}
$insertvaluesql .= ')';
$_SGLOBAL['db']->query('INSERT INTO ' . tname('attachments') . ' (' . $insertkeysql . ') VALUES ' . $insertvaluesql);
if (isset($thevalue['hash'])) {
$query = $_SGLOBAL['db']->query("SELECT aid FROM " . tname('attachments') . " WHERE itemid='{$itemid}' AND isimage='1' LIMIT 0 ,1");
$attvalue = $_SGLOBAL['db']->fetch_array($query);
$_SGLOBAL['db']->query("UPDATE " . tname('spaceitems') . " SET haveattach='1',picid='{$attvalue['aid']}' WHERE itemid='{$itemid}'");
}
}
return $itemid;
}
$type = postget('type');
$type = $channel = empty($type) ? 'news' : trim($type);
$_SGET['folder'] = intval(postget('folder'));
$_SGET['folder'] = empty($_SGET['folder']) ? 0 : intval($_SGET['folder']);
if ($_SGET['folder'] == 1 && !(checkperm('managefolder') || checkperm('managemodpost'))) {
showmessage('spacenews_no_popedom_check');
}
$allowmax = 100;
//最大上传数量
$catarr = array();
$perpage = empty($_GET['perpage']) ? 0 : intval($_GET['perpage']);
//默认每页显示列表数目
if (!$perpage) {
$perpage = 20;
}
$hashstr = smd5($_SGLOBAL['supe_uid'] . '/' . $_SGLOBAL['timestamp'] . random(6));
//附件识别码
//获取的变量初始化
$_SGET['page'] = intval(postget('page'));
$_SGET['catid'] = intval(postget('catid'));
$_SGET['itemtypeid'] = intval(postget('itemtypeid'));
$_SGET['digest'] = intval(postget('digest'));
$_SGET['fromtype'] = postget('fromtype');
$_SGET['order'] = postget('order');
$_SGET['sc'] = postget('sc');
$_SGET['searchid'] = intval(postget('searchid')) == 0 ? '' : intval(postget('searchid'));
$_SGET['searchkey'] = stripsearchkey(postget('searchkey'));
if (empty($_SGET['subtype'])) {
$_SGET['subtype'] = '';
}
$_SGET['page'] < 1 ? $_SGET['page'] = 1 : '';
}
}
} elseif ($set['setting']['posttype'] == 'bbs') {
$query = $_SGLOBAL['db_temp']->query('SELECT type, fup, fid, name FROM `' . $set['setting']['setdbname'] . '`.' . $set['setting']['setdbpre'] . 'forums');
while ($forum = $_SGLOBAL['db_temp']->fetch_array($query)) {
$_SGLOBAL['bbsforumarr'][] = $forum;
}
$forumselect = forumselect();
$strclass = '<select name="cateid">' . $forumselect . '</select>';
}
}
echo $strclass;
exit;
} elseif ($ac == 'toss') {
//¼ì²éÖظ´
$funpre = smd5($_SGLOBAL['timestamp'] . random(5));
if (empty($set)) {
exit;
}
$message_id = trim($_GET['message']);
$subject_id = trim($_GET['subject']);
if (empty($set['setting']['seticon'])) {
$strbtn = "<a href=\"javascript:;\" onclick=\"document.getElementById(\\'theform_" . $funpre . "\\').submit();\">" . $set['setname'] . "</a>";
} else {
$strbtn = "<a href=\"javascript:;\" onclick=\"document.getElementById(\\'theform_" . $funpre . "\\').submit();\"><img src=\"{$_SC['siteurl']}/images/push/" . $set['setting']['seticon'] . "\" title=\"" . $set['setname'] . "\" /></a>";
}
echo <<<eof
document.write('<div id="ss_btn"></div>');
function geturl_{$funpre}() {
\turlstr = 'http://' + location.host;
\tif(window.location.port) {
