public function add() { $callback = $this->input->get('callback', true); $token = $this->input->get_post('token', TRUE); $add['uida'] = (int) $this->input->get_post('uid', TRUE); $add['neir'] = $this->input->get_post('neir', TRUE); $add['neir'] = facehtml(filter(get_bm($add['neir']))); //转化回复 preg_match_all('/' . L('gbook_02') . '@(.*)@:/i', $add['neir'], $bs); if (!empty($bs[0][0]) && !empty($bs[1][0])) { $uid = getzd('user', 'id', $bs[1][0], 'name'); $nichen = getzd('user', 'nichen', $bs[1][0], 'name'); $ulink = userlink('index', $uid, $bs[1][0]); if (empty($nichen)) { $nichen = $bs[1][0]; } $b = L('gbook_02') . '<a target="_blank" href="' . $ulink . '">@' . $nichen . '@</a>:'; $add['neir'] = str_replace($bs[0][0], $b, $add['neir']); } unset($bs); if ($add['uida'] == 0) { $error = '10000'; } elseif (!isset($_SESSION['gbooktoken']) || $token != $_SESSION['gbooktoken']) { $error = '10001'; } elseif (isset($_SESSION['gbookaddtime']) && time() < $_SESSION['gbookaddtime'] + 30) { $error = '10006'; } elseif (empty($add['neir'])) { $error = '10002'; } elseif (empty($_SESSION['cscms__id'])) { $error = '10003'; } else { $add['uidb'] = $_SESSION['cscms__id']; $add['fid'] = intval($this->input->get_post('fid')); $add['ip'] = getip(); $add['addtime'] = time(); $ids = $this->CsdjDB->get_insert('gbook', $add); if (intval($ids) == 0) { $error = '10004'; //失败 } else { //摧毁token unset($_SESSION['token']); $error = '10005'; $_SESSION['gbookaddtime'] = time(); //发送通知 $addm['uida'] = $add['uida']; $addm['uidb'] = $_SESSION['cscms__id']; $addm['name'] = L('gbook_03'); $addm['neir'] = vsprintf(L('ajax_04'), array($_SESSION['cscms__name'])); $addm['addtime'] = time(); $this->CsdjDB->get_insert('msg', $addm); } } echo $callback . "({error:" . $error . "})"; }
public function gbook_hf() { $callback = $this->input->get('callback', true); $fid = intval($this->input->get_post('fid')); //回复ID $uida = intval($this->input->get_post('uida')); //接收会员ID $neir = $this->input->get_post('neir', TRUE, TRUE); //内容 if ($fid == 0 || $uida == 0) { //参数错误 $err = 1001; } elseif (!$this->CsdjUser->User_Login(1)) { //未登陆 $err = 1000; } elseif (empty($neir)) { $err = 1002; //内容为空 } else { //判断留言是否存在 $row = $this->db->query("select id from " . CS_SqlPrefix . "gbook where id=" . $fid . "")->row(); if (!$row) { $err = 1003; //留言被删除 } else { $rowu = $this->db->query("select id from " . CS_SqlPrefix . "user where id=" . $uida . "")->row(); if (!$rowu) { $err = 1004; //接收会员不存在 } else { $add['uida'] = $uida; $add['fid'] = $fid; $add['uidb'] = $_SESSION['cscms__id']; $add['neir'] = facehtml($neir); $add['addtime'] = time(); $ids = $this->CsdjDB->get_insert('gbook', $add); if ($ids) { //发送消息提醒 $msg['uida'] = $uida; $msg['uidb'] = 0; $msg['name'] = $_SESSION['cscms__name'] . L('ajax_08'); $msg['neir'] = $_SESSION['cscms__name'] . L('ajax_09') . $neir; $msg['addtime'] = time(); $this->CsdjDB->get_insert('msg', $msg); $err = 1005; } } } } echo $callback . "({error:" . $err . "})"; }
public function add() { $callback = $this->input->get('callback', true); $token = $this->input->get_post('token', TRUE); $add['dir'] = $this->input->get_post('dir', TRUE); $add['content'] = $this->input->get_post('neir', TRUE); $add['content'] = facehtml(filter(get_bm($add['content']))); //转化回复 $hf = 0; preg_match_all('/回复@(.*)@:/i', $add['content'], $bs); if (!empty($bs[0][0]) && !empty($bs[1][0])) { $uid = getzd('user', 'id', $bs[1][0], 'name'); $nichen = getzd('user', 'nichen', $bs[1][0], 'name'); $ulink = userlink('index', $uid, $bs[1][0]); if (empty($nichen)) { $nichen = $bs[1][0]; } $b = '回复<a target="_blank" href="' . $ulink . '">@' . $nichen . '@</a>:'; $add['content'] = str_replace($bs[0][0], $b, $add['content']); $hf = 1; } unset($bs); $add['did'] = intval($this->input->get_post('did')); if (Pl_Modes == 3) { $error = '10000'; } elseif ($add['did'] == 0) { $error = '10001'; } elseif (!isset($_SESSION['pltoken']) || $token != $_SESSION['pltoken']) { $error = '10002'; } elseif (isset($_SESSION['pladdtime']) && time() < $_SESSION['pladdtime'] + 60) { $error = '10007'; } elseif (empty($add['content'])) { $error = '10003'; } elseif (Pl_Youke == 0 && empty($_SESSION['cscms__id'])) { //关闭游客评论 $error = '10004'; } else { $add['uid'] = isset($_SESSION['cscms__id']) ? intval($_SESSION['cscms__id']) : 0; $add['user'] = isset($_SESSION['cscms__name']) ? $_SESSION['cscms__name'] : '游客'; $add['cid'] = intval($this->input->get_post('cid')); $add['fid'] = intval($this->input->get_post('fid')); $add['ip'] = getip(); $add['addtime'] = time(); $ids = $this->CsdjDB->get_insert('pl', $add); if (intval($ids) == 0) { $error = '10005'; //失败 } else { //摧毁token unset($_SESSION['token']); $error = '10006'; $_SESSION['pladdtime'] = time(); //发送通知 if ($add['dir'] != 'singer') { $dirname = getzd('plugins', 'name', $add['dir'], 'dir'); if ($add['dir'] == 'dance') { $link = linkurl('play', 'id', $add['did'], 1, 'dance'); } elseif ($add['dir'] != 'blog') { $link = linkurl('show', 'id', $add['did'], 1, $add['dir']); } if ($add['dir'] == 'pic') { $dataname = getzd('pic_type', 'name', $add['did']); $pluid = getzd('pic_type', 'uid', $add['did']); } elseif ($add['dir'] == 'blog') { $pluid = getzd('blog', 'uid', $add['did']); $dataname = getzd('blog', 'neir', $add['did']); $dirname = '说说'; $username = getzd('user', 'name', $pluid); $link = userlink('blog', $pluid, $username, $add['did']); } else { $dataname = getzd($add['dir'], 'name', $add['did']); $pluid = getzd($add['dir'], 'uid', $add['did']); } if ($hf == 0) { $pltitle = vsprintf(L('pl_01'), array($dirname)); $plneir = vsprintf(L('pl_03'), array($_SESSION['cscms__name'], $dirname, $link, $dataname)); } else { $pltitle = L('pl_02'); $plneir = vsprintf(L('pl_04'), array($_SESSION['cscms__name'], $link, $dataname)); $pluid = $uid; } if ($pluid > 0) { $addm['uida'] = $pluid; $addm['uidb'] = $_SESSION['cscms__id']; $addm['name'] = $pltitle; $addm['neir'] = $plneir; $addm['addtime'] = time(); $this->CsdjDB->get_insert('msg', $addm); } } } } echo $callback . "({error:" . $error . "})"; }