if ($mid == 1) {
$field = "A.title";
} elseif ($mid == 2) {
$field = "B.truename";
}
}
$_SQL = " {$field} LIKE '%{$keyword}%' ";
} else {
$_SQL = " 1 ";
}
if ($fid > 0) {
$_SQL .= " AND A.fid='{$fid}' ";
}
$search_url = '';
foreach ($postdb as $key => $value) {
if ($value && table_field("{$_pre}content_{$mid}", $key)) {
$_SQL .= " AND B.`{$key}`='{$value}' ";
$rsdb[$key][$value] = " selected ";
$value = urlencode($value);
}
$search_url .= "&postdb[{$key}]={$value}";
}
//分页功能
$showpage = getpage("{$_pre}content A LEFT JOIN {$_pre}content_{$mid} B ON A.id=B.id", "WHERE A.mid='{$mid}' AND {$_SQL}", "?mid={$mid}&fid={$fid}&keyword={$keyword}&action=search&type={$type}{$search_url}", $rows);
$TABLE = $mid == 1 ? 'content' : 'person';
$SQL = "SELECT A.*,B.* FROM {$_pre}{$TABLE} A LEFT JOIN {$_pre}content_{$mid} B ON A.id=B.id WHERE A.mid='{$mid}' AND {$_SQL} ORDER BY A.posttime DESC LIMIT {$min},{$rows} ";
}
$query = $db->query("{$SQL}");
while ($rs = $db->fetch_array($query)) {
$rs[posttime] = date("Y-m-d H:i", $rs[posttime]);
$rs[content] = @preg_replace('/<([^>]*)>/is', "", $rs[content]);
<?php
require_once dirname(__FILE__) . "/global.php";
require_once ROOT_PATH . "/inc/qq.api.php";
if ($lfjuid) {
showerr('请不要重复登录!');
} elseif (!$webdb[QQ_login]) {
showerr('该功能已关闭!');
}
if (!table_field("{$pre}memberdata", 'qq_api')) {
$db->query("ALTER TABLE `{$pre}memberdata` ADD `qq_api` VARCHAR( 32 ) NOT NULL AFTER `username`;");
$db->query("ALTER TABLE `{$pre}memberdata` ADD INDEX ( `qq_api` );");
}
//齐博公共接口
if ($webdb[QQ_login] == 2) {
if ($_GET[qq_api]) {
list($token, $secret, $openid, $time) = explode("\t", qqmd5($_GET[qq_api], "DE", $webdb[QQ_QBappkey]));
if (!$openid) {
showerr('信息不全,出错了!!');
} elseif ($timestamp - $time > 60) {
showerr('超时了!!');
}
set_cookie('token_secret', mymd5($token . "\t" . $secret . "\t" . $openid), 3600);
if ($rs = $db->get_one("SELECT * FROM {$pre}memberdata WHERE `qq_api`='{$openid}'")) {
$userDB->login($rs[username], '', intval($webdb[QQ_logintime] * 3600), true);
$fromurl = get_cookie('qq_fromurl');
if ($fromurl && !eregi("login\\.php", $fromurl) && !eregi("reg\\.php", $fromurl)) {
$jumpto = $fromurl;
} else {
$jumpto = "{$webdb['www_url']}/";
}
$group_view = group_box("postdb[allowview]", explode(",", $rsdb[allowview]));
$_rs[field_type] = 'mediumtext';
$field_type[$_rs[field_type]] = " selected ";
$_rs[field_name] = "my_" . rand(1, 999);
$_rs[title] = "我的字段{$_rs['field_name']}";
$mustfill[0] = $search[0] = ' checked ';
$_rs[form_type] = 'text';
require "head.php";
require "template/article_module/editfield.htm";
require "foot.php";
} elseif ($action == "addfield" && $Apower[article_module]) {
$postdb[allowview] = implode(",", $postdb[allowview]);
if (!ereg("^([a-z])([a-z0-9_]{2,})\$", $postdb[field_name])) {
showmsg("字段ID不符合规则");
}
if (table_field("{$pre}article", $postdb[field_name]) || table_field("{$pre}reply", $postdb[field_name]) || table_field("{$pre}article_content_{$id}", $postdb[field_name])) {
showmsg("此字段ID已受保护或已存在,请更换一个");
}
$postdb[field_leng] = intval($postdb[field_leng]);
if ($postdb[field_type] == 'int') {
if ($postdb[field_leng] > 10 || $postdb[field_leng] < 1) {
$postdb[field_leng] = 10;
}
$db->query("ALTER TABLE `{$pre}article_content_{$id}` ADD `{$postdb[field_name]}` INT( {$postdb['field_leng']} ) NOT NULL");
} elseif ($postdb[field_type] == 'varchar') {
if ($postdb[field_leng] > 255 || $postdb[field_leng] < 1) {
$postdb[field_leng] = 255;
}
$db->query("ALTER TABLE `{$pre}article_content_{$id}` ADD `{$postdb[field_name]}` VARCHAR( {$postdb['field_leng']} ) NOT NULL");
} elseif ($postdb[field_type] == 'mediumtext') {
$db->query("ALTER TABLE `{$pre}article_content_{$id}` ADD `{$postdb[field_name]}` MEDIUMTEXT NOT NULL");
function check_table_field($table, $array)
{
global $db;
foreach ($array as $key => $value) {
if (!table_field($table, $key)) {
$SQL .= "ALTER TABLE `{$table}` ADD `{$key}` VARCHAR( 254 ) NOT NULL ;";
}
}
if ($SQL) {
$db->query($SQL);
}
}
<?php
!function_exists('html') && exit('ERR');
if ($job == 'list' && $Apower[menu_list]) {
if (!table_field("{$pre}menu", 'extend')) {
$db->query("ALTER TABLE `{$pre}menu` ADD `extend` VARCHAR( 30 ) NOT NULL");
}
$query = $db->query("SELECT * FROM {$pre}menu WHERE moduleid=0 AND type=0 AND fid=0 ORDER BY list DESC");
while ($rs = $db->fetch_array($query)) {
$rs[hide] = $rs[hide] ? '<a style="color:blue;">隐藏</a>' : '显示';
$listdb[] = $rs;
$query2 = $db->query("SELECT * FROM {$pre}menu WHERE moduleid=0 AND type=0 AND fid='{$rs['id']}' ORDER BY list DESC");
while ($rs2 = $db->fetch_array($query2)) {
$rs2[hide] = $rs2[hide] ? '<a style="color:blue;">隐藏</a>' : '显示';
$rs2[icon] = ' |--------';
$listdb[] = $rs2;
}
}
$ShowMenu[intval($webdb[ShowMenu])] = " checked ";
require dirname(__FILE__) . "/" . "head.php";
require dirname(__FILE__) . "/" . "template/guidemenu/menu.htm";
require dirname(__FILE__) . "/" . "template/guidemenu/list.htm";
require dirname(__FILE__) . "/" . "foot.php";
} elseif ($job == 'edit' && $Apower[menu_list]) {
$atc = "edit";
$rsdb = $db->get_one("SELECT * FROM {$pre}menu WHERE id='{$id}'");
$target[$rsdb[target]] = ' checked ';
$hide[$rsdb[hide]] = ' checked ';
$selected = select_fupmenu('fid', $rsdb[fid]);
require dirname(__FILE__) . "/" . "head.php";
require dirname(__FILE__) . "/" . "template/guidemenu/menu.htm";
function query_article_module($mid, $type, $post_db, $basedb)
{
global $db, $pre;
extract($basedb);
if (!($fidDB = $db->get_one("SELECT * FROM {$pre}article_module WHERE id='{$mid}'"))) {
return;
}
$m_config = unserialize($fidDB[config]);
foreach ($m_config[field_db] as $key => $rs) {
if ($rs[mustfill] == 1) {
if (is_array($post_db[$rs[field_name]])) {
$ckk = '';
foreach ($post_db[$rs[field_name]][url] as $Url) {
if ($Url) {
$ckk++;
}
}
if (!$ckk && !$post_db[$rs[field_name]][0]) {
showerr("{$rs[title]}不能为空");
}
} elseif (!$post_db[$rs[field_name]]) {
showerr("{$rs[title]}不能为空");
}
}
if (($rs[mustfill] == 2 || $rs[form_type] == 'pingfen') && $post_db[$rs[field_name]]) {
showerr("{$rs[title]}不能私自提交内容");
}
if ($rs[field_type] == 'int' && $post_db[$rs[field_name]] && !ereg("^[0-9]+\$", $post_db[$rs[field_name]])) {
showerr("{$rs[title]}只能为数字");
}
if ($rs[field_type] == 'varchar') {
$rs[field_leng] = $rs[field_leng] ? $rs[field_leng] : 255;
if (strlen($post_db[$rs[field_name]]) > $rs[field_leng]) {
showerr("{$rs[title]}不能超过{$rs[field_leng]}个字符,一个汉字等于两个字符");
}
}
if ($rs[field_type] == 'int') {
$rs[field_leng] = $rs[field_leng] ? $rs[field_leng] : 10;
if (strlen($post_db[$rs[field_name]]) > $rs[field_leng]) {
showerr("{$rs[title]}不能超过{$rs[field_leng]}个字符");
}
}
if ($rs[form_type] == 'upmoremv') {
unset($_array);
foreach ($post_db[$rs[field_name]][url] as $key => $value) {
if (!$value) {
continue;
}
$_array[] = "{$value}@@@{$post_db[$rs[field_name]][name][$key]}@@@{$post_db[$rs[field_name]][fen][$key]}@@@{$post_db[$rs[field_name]][type][$key]}";
}
$post_db[$rs[field_name]] = implode("\n", $_array);
}
if ($rs[form_type] == 'upmorefile' || $rs[form_type] == 'upmorepic') {
unset($_array);
foreach ($post_db[$rs[field_name]][url] as $key => $value) {
if (!$value) {
continue;
}
$_array[] = "{$value}@@@{$post_db[$rs[field_name]][name][$key]}@@@{$post_db[$rs[field_name]][fen][$key]}";
}
$post_db[$rs[field_name]] = implode("\n", $_array);
}
if ($rs[form_type] == 'upplay') {
unset($_array);
foreach ($post_db[$rs[field_name]][url] as $key => $value) {
if (!$value) {
continue;
}
$_array[] = "{$value}@@@{$post_db[$rs[field_name]][type][$key]}";
}
$post_db[$rs[field_name]] = implode("\n", $_array);
}
}
if ($type == '') {
return;
}
foreach ($m_config[is_html] as $key => $value) {
$post_db[$key] = str_replace("<img ", "<img onload=\\'if(this.width>600)makesmallpic(this,600,800);\\' ", $post_db[$key]);
//图片目录转移
$post_db[$key] = move_attachment($uid, $post_db[$key], "article/{$fid}");
//获取远程图片
//$post_db[$key]=get_outpic($post_db[$key],$GetOutPic);
$post_db[$key] = En_TruePath($post_db[$key]);
$post_db[$key] = preg_replace('/javascript/i', 'java script', $post_db[$key]);
//过滤js代码
$post_db[$key] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $post_db[$key]);
//过滤框架代码
}
$_array = array_flip($m_config[is_html]);
foreach ($post_db as $key => $value) {
if (is_array($value)) {
$post_db[$key] = implode("/", $value);
} elseif (!@in_array($key, $_array)) {
$post_db[$key] = filtrate($value);
}
}
unset($sqldb);
if ($type == 'add') {
$sqldb['aid'] = "aid='{$aid}'";
$sqldb['rid'] = "rid='{$rid}'";
$sqldb['fid'] = "fid='{$fid}'";
$sqldb['uid'] = "uid='{$uid}'";
$array = table_field("{$pre}article_content_{$fidDB['id']}");
foreach ($array as $key => $value) {
if (in_array($value, array('aid', 'rid', 'fid', 'uid', 'id'))) {
continue;
}
isset($post_db[$value]) && ($sqldb["{$value}"] = "`{$value}`='{$post_db[$value]}'");
}
$sql = implode(",", $sqldb);
$sql && $db->query("INSERT INTO `{$pre}article_content_{$mid}` SET {$sql}");
} elseif ($type == 'edit') {
$array = table_field("{$pre}article_content_{$mid}");
foreach ($array as $key => $value) {
//if(in_array($value,array('aid','rid','fid','uid','id')))
//{
// continue;
//}
if (!$m_config[field_db][$value]) {
continue;
//非用户自定义字段,如一些点击率之类的字段,就不能更新
}
//isset($post_db[$value]) &&
$sqldb[] = "`{$value}`='{$post_db[$value]}'";
}
$sql = implode(",", $sqldb);
$sql && $db->query("UPDATE `{$pre}article_content_{$fidDB['id']}` SET fid='{$basedb['fid']}',{$sql} WHERE id='{$i_id}' ");
}
}
$menu_partDB = array('base' => array('核心设置', '网站常用功能管理', '数据库工具', '菜单管理'), 'article' => array('文章基本功能', '内容/栏目/评论管理', '静态页生成管理', '更新标签内容', '专题管理', '辅栏目管理'), 'member' => array('用户管理', '权限管理'));
$menudb = array('核心设置' => array('网站全局参数设置' => array('power' => 'center_config', 'link' => 'index.php?lfj=center&job=config'), '会员注册设置' => array('power' => 'user_reg', 'link' => 'index.php?lfj=center&job=user_reg'), '系统模块管理' => array('power' => 'module_list', 'link' => 'index.php?lfj=module&job=list'), '插件管理' => array('power' => 'hack_list', 'link' => 'index.php?lfj=hack&job=list'), '整合外部论坛系统设置' => array('power' => 'blend_set', 'link' => 'index.php?lfj=blend&job=set')), '网站常用功能管理' => array('友情链接管理' => array('power' => 'friendlink_mod', 'link' => 'index.php?lfj=friendlink&job=list'), '单篇文章独立页面管理' => array('power' => 'alonepage_list', 'link' => 'index.php?lfj=alonepage&job=list')), '数据库工具' => array('备份数据库' => array('power' => 'mysql_out', 'link' => 'index.php?lfj=mysql&job=out'), '数据库还原' => array('power' => 'mysql_into', 'link' => 'index.php?lfj=mysql&job=into'), '删除备份数据' => array('power' => 'mysql_del', 'link' => 'index.php?lfj=mysql&job=del')), '菜单管理' => array('网站头部导航菜单设置' => array('power' => 'menu_list', 'link' => 'index.php?lfj=guidemenu&job=list'), '管理员后台菜单设置' => array('power' => 'adminmenu_list', 'link' => 'index.php?lfj=adminguidemenu&job=list')), '用户管理' => array('用户资料管理' => array('power' => 'member_list', 'link' => 'index.php?lfj=member&job=list'), '添加新用户' => array('power' => 'member_addmember', 'link' => 'index.php?lfj=member&job=addmember')), '权限管理' => array('前台权限管理' => array('power' => 'group_list', 'link' => 'index.php?lfj=group&job=list'), '后台权限管理' => array('power' => 'group_list_admin', 'link' => 'index.php?lfj=group&job=list_admin'), '添加用户组' => array('power' => 'group_add', 'link' => 'index.php?lfj=group&job=add')));
@(include dirname(__FILE__) . '/cms_menu.php');
@(include ROOT_PATH . "data/hack.php");
if ($ForceEnter || $GLOBALS[ForceEnter]) {
//强制进后台
foreach ($menu_partDB as $key1 => $value1) {
if ($key1 == 'base') {
continue;
}
foreach ($value1 as $key2 => $value2) {
$menu_partDB['base'][] = $value2;
}
}
} else {
if (!table_field("{$pre}module", 'ifsys')) {
$db->query("ALTER TABLE `{$pre}module` ADD `ifsys` TINYINT( 1 ) NOT NULL");
}
//模块
$query = $db->query("SELECT * FROM {$pre}module WHERE type=2 AND ifclose=0 ORDER BY list DESC");
while ($rs = $db->fetch_array($query)) {
if (!$rs['dirname']) {
continue;
}
if ($rs['ifsys']) {
//独立的顶部菜单
$base_menuName[$rs['pre']] = $rs['name'];
$menu_partDB[$rs['pre']][] = $rs['name'];
} else {
$menu_partDB['module'][] = $rs['name'];
}
$id = $iddb[0];
unset($iddb[0]);
if ($iddb[1]) {
$ids = implode(',', $iddb);
}
echo "<META HTTP-EQUIV=REFRESH CONTENT='0;URL={$webdb['www_url']}/do/alonepage.php?id={$id}&ids={$ids}&job=makehtml&adminurl={$webdb['admin_url']}'>";
exit;
} elseif ($action == "check" && $Apower[alonepage_list]) {
if ($ifclose) {
$rsdb = $db->get_one("SELECT * FROM {$pre}alonepage WHERE id='{$id}'");
unlink(ROOT_PATH . "{$rsdb['filename']}");
}
$db->query("UPDATE `{$pre}alonepage` SET `ifclose`='{$ifclose}' WHERE id='{$id}'");
jump("设置成功", $FROMURL, 0);
} elseif ($job == "list" && $Apower[alonepage_list]) {
if (!table_field("{$pre}alonepage", 'ifclose')) {
$db->query("ALTER TABLE `{$pre}alonepage` ADD `ifclose` TINYINT( 1 ) NOT NULL");
}
!$page && ($page = 1);
$rows = 50;
$min = ($page - 1) * $rows;
$showpage = getpage("`{$pre}alonepage`", "", "index.php?lfj=alonepage&job=list", $rows);
$query = $db->query("SELECT * FROM `{$pre}alonepage` ORDER BY id DESC LIMIT {$min},{$rows}");
while ($rs = $db->fetch_array($query)) {
$rs[posttime] = date("Y-m-d H:i", $rs[posttime]);
if ($rs[ifclose]) {
$rs[_ifclose] = "<A HREF='?lfj={$lfj}&action=check&id={$rs['id']}&ifclose=0'><img alt='当前处于关闭状态' src='../member/images/check_no.gif' border=0></A>";
$rs[checked] = '';
} else {
$rs[checked] = ' checked ';
$rs[_ifclose] = "<A HREF='?lfj={$lfj}&action=check&id={$rs['id']}&ifclose=1'><img alt='当前处于开放状态' src='../member/images/check_yes.gif' border=0></A>";
} elseif ($job == "addfield") {
$rsdb = $db->get_one("SELECT * FROM {$_pre}module WHERE id='{$id}' ");
//$group_view=group_box("postdb[allowview]",explode(",",$rsdb[allowview]));
$_rs[field_type] = 'mediumtext';
$field_type[$_rs[field_type]] = " selected ";
$_rs[field_name] = "my_" . rand(1, 999);
$_rs[title] = "我的字段{$_rs['field_name']}";
$mustfill[0] = $search[0] = ' checked ';
$listshow[intval($_rs[listshow])] = " checked ";
get_admin_html('editfield');
} elseif ($action == "addfield") {
$postdb[allowview] = implode(",", $postdb[allowview]);
if (!ereg("^([a-z])([a-z0-9_]+)\$", $postdb[field_name])) {
showmsg("字段ID不符合规则");
}
if (table_field("{$_pre}content", $postdb[field_name]) || table_field("{$_pre}content_{$id}", $postdb[field_name])) {
showmsg("此字段ID已受保护或已存在,请更换一个");
}
$postdb[field_leng] = intval($postdb[field_leng]);
if ($postdb[field_type] == 'int') {
if ($postdb[field_leng] > 10 || $postdb[field_leng] < 1) {
$postdb[field_leng] = 10;
}
$db->query("ALTER TABLE `{$_pre}content_{$id}` ADD `{$postdb[field_name]}` INT( {$postdb['field_leng']} ) NOT NULL");
} elseif ($postdb[field_type] == 'varchar') {
if ($postdb[field_leng] > 255 || $postdb[field_leng] < 1) {
$postdb[field_leng] = 255;
}
$db->query("ALTER TABLE `{$_pre}content_{$id}` ADD `{$postdb[field_name]}` VARCHAR( {$postdb['field_leng']} ) NOT NULL");
} elseif ($postdb[field_type] == 'mediumtext') {
$db->query("ALTER TABLE `{$_pre}content_{$id}` ADD `{$postdb[field_name]}` MEDIUMTEXT NOT NULL");
} elseif ($job == "addfield" && $Apower[regfield]) {
//$group_view=group_box("postdb[allowview]",explode(",",$rsdb[allowview]));
$_rs[field_type] = 'mediumtext';
$field_type[$_rs[field_type]] = " selected ";
$_rs[field_name] = "my_" . rand(1, 999);
$_rs[title] = "我的字段{$_rs['field_name']}";
$mustfill[0] = $search[0] = ' checked ';
require "head.php";
require "template/regfield/editfield.htm";
require "foot.php";
} elseif ($action == "addfield" && $Apower[regfield]) {
$postdb[allowview] = implode(",", $postdb[allowview]);
if (!ereg("^([a-z])([a-z0-9_]{2,})\$", $postdb[field_name])) {
showmsg("字段ID不符合规则");
}
if (table_field("{$pre}memberdata", $postdb[field_name]) || $postdb[field_name] == 'username' || $postdb[field_name] == 'password') {
showmsg("此字段ID已受保护或已存在,请更换一个");
}
$postdb[field_leng] = intval($postdb[field_leng]);
if ($postdb[field_type] == 'int') {
if ($postdb[field_leng] > 10 || $postdb[field_leng] < 1) {
$postdb[field_leng] = 10;
}
$db->query("ALTER TABLE `{$pre}memberdata` ADD `{$postdb[field_name]}` INT( {$postdb['field_leng']} ) NOT NULL");
} elseif ($postdb[field_type] == 'varchar') {
if ($postdb[field_leng] > 255 || $postdb[field_leng] < 1) {
$postdb[field_leng] = 255;
}
$db->query("ALTER TABLE `{$pre}memberdata` ADD `{$postdb[field_name]}` VARCHAR( {$postdb['field_leng']} ) NOT NULL");
} elseif ($postdb[field_type] == 'mediumtext') {
$db->query("ALTER TABLE `{$pre}memberdata` ADD `{$postdb[field_name]}` MEDIUMTEXT NOT NULL");
if (mysql_get_server_info() > '4.1') {
if (!strstr($sql, 'DEFAULT CHARSET')) {
$sql .= $SQL;
}
}
$db->query($sql);
}
$db->query("UPDATE `{$_pre}sort` SET tableid='{$tableid}' WHERE fid='{$fid}'");
fid_cache();
}
if (!$page) {
$page = 1;
}
$rows = 50;
$min = ($page - 1) * $rows;
$fieldDB = table_field("{$_pre}content{$tableid0}");
$query = $db->query("SELECT * FROM {$_pre}content{$tableid0} WHERE fid='{$fid}' ORDER BY id ASC LIMIT {$min},{$rows}");
while ($rs = $db->fetch_array($query)) {
$SQL = "INSERT INTO {$_pre}content{$tableid} SET ";
foreach ($fieldDB as $key => $value) {
if ($rs[$value] && !is_numeric($rs[$value])) {
$rs[$value] = addslashes($rs[$value]);
}
$SQL .= "`{$value}`='{$rs[$value]}',";
}
$SQL = substr($SQL, 0, -1);
$db->query($SQL);
$ckk++;
}
if ($ckk) {
$page++;
function check_field_name($id, $field_name)
{
if (!ereg("^([a-z])([a-z0-9_]+)\$", $field_name)) {
showerr("数据库字段ID只能是数字或字母,并且是字母开头");
}
if (table_field($this->table_title, $field_name) || table_field($this->table_content . $id, $field_name)) {
return true;
}
}
function edit_pw_member($array)
{
if (!$array[uid]) {
return false;
}
$fieldArry = table_field("{$this->memberTable}");
foreach ($array as $key => $value) {
if ($key == 'uid' || $key == 'username' || !in_array($key, $fieldArry)) {
continue;
}
$sqlDB[] = "`{$key}`='{$value}'";
}
if ($sqlDB) {
$this->db_passport->query("UPDATE {$this->memberTable} SET " . implode(",", $sqlDB) . " WHERE uid='{$array['uid']}'");
}
}
}
}
if ($starttijd) {
$starttijd = preg_replace("/([\\d]+)-([\\d]+)-([\\d]+) ([\\d]+):([\\d]+):([\\d]+)/eis", "mk_time('\\4','\\5', '\\6', '\\2', '\\3', '\\1')", $starttijd);
$SQL .= " AND A.posttime>'{$starttijd}'";
}
if ($eindtijd) {
$eindtijd = preg_replace("/([\\d]+)-([\\d]+)-([\\d]+) ([\\d]+):([\\d]+):([\\d]+)/eis", "mk_time('\\4','\\5', '\\6', '\\2', '\\3', '\\1')", $eindtijd);
$SQL .= " AND A.posttime<'{$eindtijd}'";
}
//搜索按照时间来处理-结束
$search_url = '';
if ($mid && is_table("{$pre}article_content_{$mid}")) {
$erp = $article_moduleDB[$mid][iftable] ? $article_moduleDB[$mid][iftable] : '';
foreach ($postdb as $key => $value) {
if ($value && table_field("{$pre}article_content_{$mid}", $key)) {
$SQL .= " AND C.`{$key}`='{$value}' ";
$rsdb[$key][$value] = " selected ";
$search_module = 1;
}
$value = urlencode($value);
$search_url .= "&postdb[{$key}]={$value}";
}
}
if ($page < 1) {
$page = 1;
}
$min = ($page - 1) * $rows;
$_SQL = " AND B.topic=1 ";
if ($fid) {
$_SQL = " AND A.fid='{$fid}' ";
}
$_array = array_flip($m_config[is_html]);
/**
*提交的内容如果是复选框,就要做处理,如果不是在线编辑器的,也要做过滤,显然,使用在线编辑器是有危险的
**/
foreach ($postdb as $key => $value) {
if (is_array($value)) {
$postdb[$key] = implode("/", $value);
} elseif (!@in_array($key, $_array) && $key != 'template') {
$postdb[$key] = filtrate($value);
}
}
$db->query("UPDATE `{$_pre}content` SET title='{$postdb['title']}' WHERE id='{$id}'");
/*检查判断辅信息表要插入哪些字段的内容*/
unset($sqldb);
$array = table_field("{$_pre}content_{$fidDB['id']}");
foreach ($array as $key => $value) {
if ($value == "id" || $value == "uid") {
continue;
}
//这里必须要做判断,不然的话,一些二次开发用的字段里的值就可能被清空
isset($postdb[$value]) && ($sqldb[] = "`{$value}`='{$postdb[$value]}'");
}
$sql = implode(",", $sqldb);
/*更新辅信息表*/
$db->query("UPDATE `{$_pre}content_{$fidDB['id']}` SET {$sql} WHERE id='{$id}' ");
refreshto("bencandy_form.php?mid={$mid}&id={$id}", "修改成功");
} else {
//URL变量做处理
//if(is_array($rsdb)){
if ($rsdb = $_GET[rsdb]) {
<?php
!function_exists('html') && exit('ERR');
//所有专题列表
if ($job == "list" && $Apower[special_list]) {
if (!table_field("{$pre}special", "yz")) {
$db->query("ALTER TABLE `{$pre}special` ADD `yz` TINYINT( 1 ) NOT NULL");
$db->query("ALTER TABLE `{$pre}special` ADD INDEX ( `yz` )");
$db->query("update `{$pre}special` set yz=1");
}
$rows = 30;
!$page && ($page = 1);
$min = ($page - 1) * $rows;
$rsdb = $db->get_one("SELECT * FROM {$pre}spsort WHERE fid='{$fid}' ");
$aids = explode(",", $rsdb[aids]);
$aids = implode("\r\n", $aids);
if ($fid) {
$SQL = " WHERE SP.fid='{$fid}' ";
} else {
$SQL = ' WHERE 1 ';
}
if ($yz == 'yes') {
$SQL .= ' AND SP.yz=1 ';
} elseif ($yz == 'no') {
$SQL .= ' AND SP.yz=0 ';
}
if ($com == 'yes') {
$SQL .= ' AND SP.levels=1 ';
} elseif ($com == 'no') {
$SQL .= ' AND SP.levels=0 ';
}
