filter_array($_GET, 'm,action,intval:paper_id,status', true);
$status = isset($_GET['status']) ? $_GET['status'] : '0,1,2';
include_once 'model/paper.php';
$paper = new LZ_paper();
if ($m == 'status') {
$status = intval($_GET['status']);
$this_paper = $paper->get_one($paper_id);
if ($paper->update($paper_id, array('status' => $status))) {
lz_exit('Success', 'admin.php?p=paper');
} else {
lz_exit('error', "javascript:history.go(-1);");
}
}
if ($action == "view") {
include_once 'model/paper_file.php';
$paper_file = new LZ_Paper_File();
$temp = template('paper_view.html');
$temp->assign(array('paper' => $paper->get_one($paper_id), 'files' => $paper_file->get_list(array('paper_id' => $paper_id))));
$view_data['page_description'] = "查看";
$view_data['page_content'] = $temp->result();
} else {
//分页处理
$cond = array('status' => $status);
$papers = lz_page($paper, $cond, intval($config['admin_paper_page_size']) ? intval($config['admin_paper_page_size']) : 20);
$view_data['papers'] = $papers;
$view_data['page_description'] = lang('paper_LIST');
}
$view_data['err_msg'] = $err_msg;
$view_data['success_msg'] = $success_msg;
//nav
$statuses = array();
<?php
!defined('LZ_MODULE') && die('Access Denied');
$m = $_GET['m'];
include_once 'model/paper.php';
$paper = new LZ_Paper();
include_once 'model/paper_file.php';
$paper_file = new LZ_Paper_File();
chdir('../');
!is_dir(LZ_PAPER_PATH) && @mkdir(LZ_PAPER_PATH);
if ($m == 'new') {
$data = filter_array($_POST, 'htmlspecialchars:name!,htmlspecialchars:school,intval:student_id!');
if ($data) {
$data['time'] = time();
$paper->add($data);
$paper_id = mysql_insert_id();
if (!$paper_id) {
echo "数据提交失败<br />";
} else {
echo "数据提交成功<br />";
foreach ($_FILES as $file) {
$myfile = $file["tmp_name"];
if (!$myfile) {
continue;
}
$ftype = getext($file['name']);
if (!$ftype || !preg_match("/\\*\\.{$ftype};/i", $config['upload_file_types'])) {
$err = true;
echo "文件类型不允许:" . $ftype . "<br />";
} else {
$file_url = LZ_PAPER_PATH . time() . rand(1111, 9999) . '.' . $ftype;
