コード例 #1
0
ファイル: upload.php プロジェクト: Ethan0814/STBlog
 /**
  * 替换上传文件
  *
  * 本方法仅允许被Flash触发
  * 由于flash触发此方法时会产生一个新的session
  * 所以这里采用token来验证上传是否合法
  *
  * @access  public
  * @param   int    $pid 文章ID
  * @return  void
  */
 public function modify($pid = 0)
 {
     $uid = $this->input->post('__uid', TRUE);
     $token = $this->input->post('__token', TRUE);
     if (empty($uid) || empty($token) || empty($pid) || !is_numeric($pid)) {
         show_404();
     }
     $user = $this->users_mdl->get_user_by_id($uid);
     $attachment = $this->posts_mdl->get_post_by_id('pid', $pid);
     if ($attachment) {
         $info = unserialize($attachment->text);
     } else {
         show_404();
     }
     unset($attachment);
     if ($user['token'] == $token && ('contributor' == $user['group'] || 'editor' == $user['group'] || 'administrator' == $user['group'])) {
         /** 合法用户,设置执行参数并执行上传 */
         $config['upload_path'] = FCPATH . $this->_upload_dir;
         $config['allowed_types'] = $this->_upload_exts;
         $config['file_name'] = $info['name'];
         $config['overwrite'] = TRUE;
         $this->upload->initialize($config);
         if (!$this->upload->do_upload($filed = 'Filedata')) {
             log_message('debug', $this->upload->display_errors());
         } else {
             $upload_data = $this->upload->data();
             $file = array('name' => $upload_data['file_name'], 'path' => $this->_upload_dir . $upload_data['file_name'], 'size' => $upload_data['file_size'], 'mime' => get_mime_by_extension($upload_data['orig_name']), 'isImage' => $this->_is_image($upload_data['file_name']));
             //DB
             $attachment_data = array('modified' => time(), 'text' => serialize($file), 'authorId' => $uid);
             if ($this->posts_mdl->update_post($pid, $attachment_data)) {
                 $this->load->helper('json');
                 throwJson(array('pid' => $pid, 'title' => $upload_data['file_name'], 'type' => $this->_get_type($upload_data['file_name']), 'size' => $upload_data['file_size'], 'isImage' => $this->_is_image($upload_data['file_name']), 'url' => base_url() . $this->_upload_dir . $upload_data['file_name'], 'permalink' => site_url('attachment' . '/' . $pid)));
             }
         }
     }
     show_404();
 }
コード例 #2
0
ファイル: comments.php プロジェクト: Ethan0814/STBlog
 /**
  * 编辑
  * 
  * @access private
  * @return void
  */
 private function _edit()
 {
     $cid = $this->input->get('cid', TRUE);
     //to do: 添加验证配置
     $comment = $this->comments_mdl->get_cmt($cid);
     if ($comment && $this->_is_cmt_writable($comment)) {
         $data = array('text' => trim($this->input->post('text', TRUE)), 'author' => trim($this->input->post('author', TRUE)), 'mail' => trim($this->input->post('mail', TRUE)), 'url' => trim($this->input->post('url', TRUE)));
         $this->comments_mdl->update_cmt($cid, $data);
         $updated = $this->comments_mdl->get_cmt($cid);
         throwJson(array('success' => 1, 'comment' => $updated));
     }
     throwJson(array('success' => 0, 'comment' => '修改评论失败'));
 }