public function save_comment_action()
{
if (!($article_info = $this->model('article')->get_article_info_by_id($_POST['article_id']))) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('指定文章不存在')));
}
if ($article_info['lock'] and !($this->user_info['permission']['is_administortar'] or $this->user_info['permission']['is_moderator'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('已经锁定的文章不能回复')));
}
$message = trim($_POST['message'], "\r\n\t");
if (!$message) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请输入回复内容')));
}
if (strlen($message) < get_setting('answer_length_lower')) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('回复内容字数不得少于 %s 字节', get_setting('answer_length_lower'))));
}
if (!$this->user_info['permission']['publish_url'] and FORMAT::outside_url_exists($message)) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你所在的用户组不允许发布站外链接')));
}
if (human_valid('answer_valid_hour') and !AWS_APP::captcha()->is_validate($_POST['seccode_verify'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请填写正确的验证码')));
}
// !注: 来路检测后面不能再放报错提示
if (!valid_post_hash($_POST['post_hash'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('页面停留时间过长,或内容已提交,请刷新页面')));
}
if ($this->publish_approval_valid()) {
$this->model('publish')->publish_approval('article_comment', array('article_id' => intval($_POST['article_id']), 'message' => $message, 'at_uid' => intval($_POST['at_uid'])), $this->user_id);
H::ajax_json_output(AWS_APP::RSM(array('url' => get_js_url('/publish/wait_approval/article_id-' . intval($_POST['article_id']) . '__is_mobile-' . $_POST['_is_mobile'])), 1, null));
} else {
$comment_id = $this->model('publish')->publish_article_comment($_POST['article_id'], $message, $this->user_id, $_POST['at_uid']);
$url = get_js_url('/article/' . intval($_POST['article_id']) . '?item_id=' . $comment_id);
H::ajax_json_output(AWS_APP::RSM(array('url' => $url), 1, null));
}
}
public function modify_article_action()
{
if (!($article_info = $this->model('article')->get_article_info_by_id($_POST['article_id']))) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('文章不存在')));
}
if ($article_info['lock'] and !($this->user_info['permission']['is_administortar'] or $this->user_info['permission']['is_moderator'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('文章已锁定, 不能编辑')));
}
if (!$this->user_info['permission']['is_administortar'] and !$this->user_info['permission']['is_moderator'] and !$this->user_info['permission']['edit_article']) {
if ($article_info['uid'] != $this->user_id) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你没有权限编辑这个文章')));
}
}
if (!$_POST['title']) {
H::ajax_json_output(AWS_APP::RSM(null, -1, AWS_APP::lang()->_t('请输入文章标题')));
}
if (get_setting('category_enable') == 'N') {
$_POST['category_id'] = 1;
}
if (!$_POST['category_id']) {
H::ajax_json_output(AWS_APP::RSM(null, -1, AWS_APP::lang()->_t('请选择文章分类')));
}
if (get_setting('question_title_limit') > 0 and cjk_strlen($_POST['title']) > get_setting('question_title_limit')) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('文章标题字数不得大于') . ' ' . get_setting('question_title_limit') . ' ' . AWS_APP::lang()->_t('字节')));
}
if (!$this->user_info['permission']['publish_url'] and FORMAT::outside_url_exists($_POST['message'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你所在的用户组不允许发布站外链接')));
}
if (human_valid('question_valid_hour') and !AWS_APP::captcha()->is_validate($_POST['seccode_verify'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请填写正确的验证码')));
}
if (!$this->model('publish')->insert_attach_is_self_upload($_POST['message'], $_POST['attach_ids'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('只允许插入当前页面上传的附件')));
}
// !注: 来路检测后面不能再放报错提示
if (!valid_post_hash($_POST['post_hash'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('页面停留时间过长,或内容已提交,请刷新页面')));
}
$this->model('draft')->delete_draft(1, 'article', $this->user_id);
if ($_POST['do_delete'] and !$this->user_info['permission']['is_administortar'] and !$this->user_info['permission']['is_moderator']) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('对不起, 你没有删除文章的权限')));
}
if ($_POST['do_delete']) {
if ($this->user_id != $article_info['uid']) {
$this->model('account')->send_delete_message($article_info['uid'], $article_info['title'], $article_info['message']);
}
$this->model('article')->remove_article($article_info['id']);
H::ajax_json_output(AWS_APP::RSM(array('url' => get_js_url('/home/explore/')), 1, null));
}
$this->model('article')->update_article($article_info['id'], $_POST['title'], $_POST['message'], $_POST['topics'], $_POST['category_id'], $this->user_info['permission']['create_topic']);
if ($_POST['attach_access_key']) {
$this->model('publish')->update_attach('article', $article_info['id'], $_POST['attach_access_key']);
}
H::ajax_json_output(AWS_APP::RSM(array('url' => get_js_url('/article/' . $article_info['id'])), 1, null));
}
public function update_answer_action()
{
if (!($answer_info = $this->model('answer')->get_answer_by_id($_GET['answer_id']))) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('答案不存在')));
}
if ($_POST['do_delete']) {
if ($answer_info['uid'] != $this->user_id and !$this->user_info['permission']['is_administortar'] and !$this->user_info['permission']['is_moderator']) {
H::ajax_json_output(AWS_APP::RSM(null, -1, AWS_APP::lang()->_t('你没有权限进行此操作')));
}
$this->model('answer')->remove_answer_by_id($_GET['answer_id']);
// 通知回复的作者
if ($this->user_id != $answer_info['uid']) {
$this->model('notify')->send($this->user_id, $answer_info['uid'], notify_class::TYPE_REMOVE_ANSWER, notify_class::CATEGORY_QUESTION, $answer_info['question_id'], array('from_uid' => $this->user_id, 'question_id' => $answer_info['question_id']));
}
$this->model('question')->save_last_answer($answer_info['question_id']);
H::ajax_json_output(AWS_APP::RSM(null, 1, null));
}
$answer_content = trim($_POST['answer_content'], "\r\n\t");
if (!$answer_content) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请输入回复内容')));
}
if (strlen($answer_content) < get_setting('answer_length_lower')) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('回复内容字数不得少于 %s 字节', get_setting('answer_length_lower'))));
}
if (!$this->user_info['permission']['publish_url'] and FORMAT::outside_url_exists($answer_content)) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你所在的用户组不允许发布站外链接')));
}
if (!$this->model('publish')->insert_attach_is_self_upload($answer_content, $_POST['attach_ids'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('只允许插入当前页面上传的附件')));
}
if ($answer_info['uid'] != $this->user_id and !$this->user_info['permission']['is_administortar'] and !$this->user_info['permission']['is_moderator']) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你没有权限编辑这个回复')));
}
if ($answer_info['uid'] == $this->user_id and time() - $answer_info['add_time'] > get_setting('answer_edit_time') * 60 and get_setting('answer_edit_time') and !$this->user_info['permission']['is_administortar'] and !$this->user_info['permission']['is_moderator']) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('已经超过允许编辑的时限')));
}
$this->model('answer')->update_answer($_GET['answer_id'], $answer_info['question_id'], $answer_content, $_POST['attach_access_key']);
H::ajax_json_output(AWS_APP::RSM(array('target_id' => $_GET['target_id'], 'display_id' => $_GET['display_id']), 1, null));
}
public function save_comment_action()
{
if (!($article_info = $this->model('article')->get_article_info_by_id($_POST['article_id']))) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('指定文章不存在')));
}
if ($article_info['lock'] and !($this->user_info['permission']['is_administortar'] or $this->user_info['permission']['is_moderator'])) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('已经锁定的文章不能回复')));
}
$message = trim($_POST['message'], "\r\n\t");
if (!$message) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('请输入回复内容')));
}
if (strlen($message) < get_setting('answer_length_lower')) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('回复内容字数不得少于 %s 字节', get_setting('answer_length_lower'))));
}
if (!$this->user_info['permission']['publish_url'] and FORMAT::outside_url_exists($message)) {
H::ajax_json_output(AWS_APP::RSM(null, '-1', AWS_APP::lang()->_t('你所在的用户组不允许发布站外链接')));
}
if ($this->publish_approval_valid($message)) {
$this->model('publish')->publish_approval('article_comment', array('article_id' => intval($_POST['article_id']), 'message' => $message, 'at_uid' => intval($_POST['at_uid'])), $this->user_id);
H::ajax_json_output(AWS_APP::RSM(null, '0', AWS_APP::lang()->_t('发布成功, 请等待管理员审核...')));
} else {
$comment_id = $this->model('publish')->publish_article_comment($_POST['article_id'], $message, $this->user_id, $_POST['at_uid']);
H::ajax_json_output(AWS_APP::RSM(array('comment_id' => $comment_id), 1, null));
}
}
