예제 #1
0
function TranTruePathFile($level, $path, $file, $file_name, $file_type, $file_size, $add, $userid, $username)
{
    global $empire, $dbtbpre, $public_r;
    if (!$file_name) {
        printerror("EmptyTranFile", "history.go(-1)");
    }
    $r['filetype'] = GetFiletype($file_name);
    //取得文件类型
    //如果是.php文件
    if (CheckSaveTranFiletype($r['filetype'])) {
        printerror("TranPHP", "history.go(-1)");
    }
    $type_r = explode("|" . $r['filetype'] . "|", $public_r['filetype']);
    if (count($type_r) < 2) {
        printerror("TranFiletypeFail", "history.go(-1)");
    }
    if ($file_size > $public_r['filesize'] * 1024) {
        printerror("TranFilesizeFail", "history.go(-1)");
    }
    //文件名
    $r['insertfile'] = ReturnDoTranFilename($file_name, $classid);
    $r['filename'] = $r['insertfile'] . $r['filetype'];
    $r['name'] = ECMS_PATH . $path . '/' . $r['filename'];
    $r['tran'] = 1;
    //上传文件
    $cp = @move_uploaded_file($file, $r['name']);
    if (empty($cp)) {
        $r['tran'] = 0;
        printerror('TranFail', '');
    }
    DoChmodFile($r['name']);
    //操作日志
    insert_dolog("path={$path}<br>filename=" . $r['filename']);
    echo '<meta http-equiv="refresh" content="0;url=' . $_SERVER['HTTP_REFERER'] . '">';
    db_close();
    $empire = null;
}
예제 #2
0
function AddFeedback($add)
{
    global $empire, $dbtbpre, $level_r, $public_r;
    CheckCanPostUrl();
    //验证来源
    if ($add['bid']) {
        $bid = (int) $add['bid'];
    } else {
        $bid = (int) getcvar('feedbackbid');
    }
    if (empty($bid)) {
        printerror("EmptyFeedbackname", "history.go(-1)", 1);
    }
    //验证码
    $keyvname = 'checkfeedbackkey';
    if ($public_r['fbkey_ok']) {
        ecmsCheckShowKey($keyvname, $add['key'], 1);
    }
    //版面是否存在
    $br = $empire->fetch1("select bid,enter,mustenter,filef,groupid,checkboxf from {$dbtbpre}enewsfeedbackclass where bid='{$bid}';");
    if (empty($br['bid'])) {
        printerror("EmptyFeedback", "history.go(-1)", 1);
    }
    //权限
    if ($br['groupid']) {
        $user = islogin();
        if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) {
            printerror("HaveNotEnLevel", "history.go(-1)", 1);
        }
    }
    $pr = $empire->fetch1("select feedbacktfile,feedbackfilesize,feedbackfiletype from {$dbtbpre}enewspublic limit 1");
    //必填项
    $mustr = explode(",", $br['mustenter']);
    $count = count($mustr);
    for ($i = 1; $i < $count - 1; $i++) {
        $mf = $mustr[$i];
        if (strstr($br['filef'], "," . $mf . ",")) {
            if (!$pr['feedbacktfile']) {
                printerror("NotOpenFBFile", "", 1);
            }
            if (!$_FILES[$mf]['name']) {
                printerror("EmptyFeedbackname", "", 1);
            }
        } else {
            $chmustval = ReturnFBCheckboxAddF($add[$mf], $mf, $br['checkboxf']);
            if (!trim($chmustval)) {
                printerror("EmptyFeedbackname", "", 1);
            }
        }
    }
    $saytime = date("Y-m-d H:i:s");
    //字段处理
    $dh = "";
    $tranf = "";
    $record = "<!--record-->";
    $field = "<!--field--->";
    $er = explode($record, $br['enter']);
    $count = count($er);
    for ($i = 0; $i < $count - 1; $i++) {
        $er1 = explode($field, $er[$i]);
        $f = $er1[1];
        //附件
        $add[$f] = str_replace('[!#@-', 'ecms', $add[$f]);
        if (strstr($br['filef'], "," . $f . ",")) {
            if ($_FILES[$f]['name']) {
                if (!$pr['feedbacktfile']) {
                    printerror("NotOpenFBFile", "", 1);
                }
                $filetype = GetFiletype($_FILES[$f]['name']);
                //取得文件类型
                if (CheckSaveTranFiletype($filetype)) {
                    printerror("NotQTranFiletype", "", 1);
                }
                if (!strstr($pr['feedbackfiletype'], "|" . $filetype . "|")) {
                    printerror("NotQTranFiletype", "", 1);
                }
                if ($_FILES[$f]['size'] > $pr['feedbackfilesize'] * 1024) {
                    printerror("TooBigQTranFile", "", 1);
                }
                $tranf .= $dh . $f;
                $dh = ",";
                $fval = "[!#@-" . $f . "-@!]";
            } else {
                $fval = "";
            }
        } else {
            $add[$f] = ReturnFBCheckboxAddF($add[$f], $f, $br['checkboxf']);
            $fval = $add[$f];
        }
        $addf .= ",`" . $f . "`";
        $addval .= ",'" . addslashes(RepPostStr($fval)) . "'";
    }
    $type = 0;
    $classid = 0;
    $filename = '';
    $filepath = '';
    $userid = (int) getcvar('mluserid');
    $username = RepPostVar(getcvar('mlusername'));
    $filepass = ReturnTranFilepass();
    //上传附件
    if ($tranf) {
        $dh = "";
        $tranr = explode(",", $tranf);
        $count = count($tranr);
        for ($i = 0; $i < $count; $i++) {
            $tf = $tranr[$i];
            $tfr = DoTranFile($_FILES[$tf]['tmp_name'], $_FILES[$tf]['name'], $_FILES[$tf]['type'], $_FILES[$tf]['size'], $classid);
            if ($tfr['tran']) {
                $filepath = $tfr[filepath];
                //写入数据库
                $filetime = $saytime;
                $filesize = (int) $_FILES[$tf]['size'];
                eInsertFileTable($tfr[filename], $filesize, $tfr[filepath], '[Member]' . $username, $classid, '[FB]' . addslashes(RepPostStr($add[title])), $type, $filepass, $filepass, $public_r[fpath], 0, 4, 0);
                $repfval = ($tfr[filepath] ? $tfr[filepath] . '/' : '') . $tfr[filename];
                $filename .= $dh . $tfr[filename];
                $dh = ",";
            } else {
                $repfval = "";
            }
            $addval = str_replace("[!#@-" . $tf . "-@!]", $repfval, $addval);
        }
    }
    $ip = egetip();
    $eipport = egetipport();
    $sql = $empire->query("insert into {$dbtbpre}enewsfeedback(bid,saytime,ip,filepath,filename,userid,username,haveread,eipport" . $addf . ") values('{$bid}','{$saytime}','{$ip}','{$filepath}','{$filename}','{$userid}','{$username}',0,'{$eipport}'" . $addval . ");");
    $fid = $empire->lastid();
    //更新附件
    UpdateTheFileOther(4, $fid, $filepass, 'other');
    ecmsEmptyShowKey($keyvname);
    //清空验证码
    if ($sql) {
        $reurl = DoingReturnUrl("../tool/feedback/?bid={$bid}", $add['ecmsfrom']);
        printerror("AddFeedbackSuccess", $reurl, 1);
    } else {
        printerror("DbError", "history.go(-1)", 1);
    }
}
예제 #3
0
function ReturnDoMemberF($fid, $add, $mr, $ecms = 0, $username = '', $admin = 0)
{
    global $empire, $dbtbpre, $tranpicturetype, $public_r;
    $pr = $empire->fetch1("select openmembertranimg,memberimgsize,memberimgtype,openmembertranfile,memberfilesize,memberfiletype from {$dbtbpre}enewspublic limit 1");
    $formr = $empire->fetch1("select fid,enter,mustenter,filef,imgf,canaddf,caneditf,checkboxf from {$dbtbpre}enewsmemberform where fid='{$fid}'");
    //检测必填字段
    $mustr = explode(",", $formr['mustenter']);
    $mustcount = count($mustr);
    for ($i = 1; $i < $mustcount - 1; $i++) {
        $mf = $mustr[$i];
        if (strstr($formr['filef'], "," . $mf . ",") || strstr($formr['imgf'], "," . $mf . ",")) {
            $mfilef = $mf . "file";
            //上传文件
            if ($_FILES[$mfilef]['name']) {
                if (strstr($formr['imgf'], "," . $mf . ",")) {
                    if (!$pr['openmembertranimg']) {
                        printerror("CloseQTranPic", "", 1);
                    }
                } else {
                    if (!$pr['openmembertranfile']) {
                        printerror("CloseQTranFile", "", 1);
                    }
                }
            } elseif (!trim($add[$mf]) && !$mr[$mf]) {
                printerror("EmptyQMustF", "", 1);
            }
        } else {
            $chmustval = ReturnMCheckboxAddF($add[$mf], $mf, $formr['checkboxf']);
            if (!trim($chmustval)) {
                printerror("EmptyQMustF", "", 1);
            }
        }
    }
    //字段处理
    $dh = "";
    $tranf = "";
    $record = "<!--record-->";
    $field = "<!--field--->";
    $fr = explode($record, $formr['enter']);
    $count = count($fr);
    for ($i = 0; $i < $count - 1; $i++) {
        $fr1 = explode($field, $fr[$i]);
        $f = $fr1[1];
        if ($admin == 0 && ($ecms == 0 && !strstr($formr['canaddf'], ',' . $f . ',') || $ecms == 1 && !strstr($formr['caneditf'], ',' . $f . ','))) {
            continue;
        }
        //附件
        $add[$f] = str_replace('[!#@-', '', $add[$f]);
        if (strstr($formr['filef'], "," . $f . ",") || strstr($formr['imgf'], "," . $f . ",")) {
            //上传附件
            $filetf = $f . "file";
            if ($_FILES[$filetf]['name']) {
                $filetype = GetFiletype($_FILES[$filetf]['name']);
                //取得文件类型
                if (CheckSaveTranFiletype($filetype)) {
                    printerror("NotQTranFiletype", "", 1);
                }
                if (strstr($formr['imgf'], "," . $f . ",")) {
                    if (!$pr['openmembertranimg']) {
                        printerror("CloseQTranPic", "", 1);
                    }
                    if (!strstr($pr['memberimgtype'], "|" . $filetype . "|")) {
                        printerror("NotQTranFiletype", "", 1);
                    }
                    if ($_FILES[$filetf]['size'] > $pr['memberimgsize'] * 1024) {
                        printerror("TooBigQTranFile", "", 1);
                    }
                    if (!strstr($tranpicturetype, ',' . $filetype . ',')) {
                        printerror("NotQTranFiletype", "", 1);
                    }
                } else {
                    if (!$pr['openmembertranfile']) {
                        printerror("CloseQTranFile", "", 1);
                    }
                    if (!strstr($pr['memberfiletype'], "|" . $filetype . "|")) {
                        printerror("NotQTranFiletype", "", 1);
                    }
                    if ($_FILES[$filetf]['size'] > $pr['memberfilesize'] * 1024) {
                        printerror("TooBigQTranFile", "", 1);
                    }
                }
                $tranf .= $dh . $f;
                $dh = ",";
                $fval = "[!#@-" . $f . "-@!]";
            } else {
                $fval = $add[$f];
                if ($ecms == 1 && $mr[$f] && !trim($fval)) {
                    $fval = $mr[$f];
                }
            }
        } else {
            $add[$f] = ReturnMCheckboxAddF($add[$f], $f, $formr['checkboxf']);
            $fval = $add[$f];
        }
        $fval = DoMemberFValue($fval);
        $fval = RepPostStr2($fval);
        $fval = addslashes($fval);
        if ($ecms == 0) {
            $ret_r[0] .= ",`" . $f . "`";
            $ret_r[1] .= ",'" . $fval . "'";
        } else {
            $ret_r[0] .= ",`" . $f . "`='" . $fval . "'";
        }
    }
    //上传附件
    if ($tranf) {
        $infoid = 0;
        $filepass = 0;
        $classid = 0;
        $tranr = explode(",", $tranf);
        $count = count($tranr);
        for ($i = 0; $i < $count; $i++) {
            $tf = $tranr[$i];
            $tffile = $tf . "file";
            $tfr = DoTranFile($_FILES[$tffile]['tmp_name'], $_FILES[$tffile]['name'], $_FILES[$tffile]['type'], $_FILES[$tffile]['size'], $classid);
            if ($tfr['tran']) {
                if (strstr($formr['imgf'], "," . $tf . ",")) {
                    $type = 1;
                } else {
                    $type = 0;
                }
                //写入数据库
                $filetime = date("Y-m-d H:i:s");
                $filesize = (int) $_FILES[$tffile]['size'];
                $sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,id,cjid,fpath) values('{$tfr['filename']}',{$filesize},'[EditInfo]" . $username . "','{$tfr['filepath']}','{$filetime}',{$classid},'Member[" . $tf . "]',{$type},{$infoid},{$filepass},'{$public_r['fpath']}');");
                //删除旧文件
                if ($ecms == 1 && $mr[$tf]) {
                    DelYMemberTranFile($mr[$tf], $tf, $username);
                }
                $repfval = $tfr['url'];
            } else {
                $repfval = $mr[$tf];
            }
            if ($ecms == 0) {
                $ret_r[1] = str_replace("[!#@-" . $tf . "-@!]", $repfval, $ret_r[1]);
            } else {
                $ret_r[0] = str_replace("[!#@-" . $tf . "-@!]", $repfval, $ret_r[0]);
            }
        }
    }
    return $ret_r;
}
예제 #4
0
파일: editorfun.php 프로젝트: novnan/meiju
function TranFile($file, $file_name, $file_type, $file_size, $tranurl, $no, $classid, $type, $post, $userid, $username)
{
    global $empire, $public_r, $loginrnd, $dbtbpre, $ecms_config;
    if (!$no) {
        $no = $file_name;
    }
    $tranfrom = (int) $post['tranfrom'];
    $classid = (int) $classid;
    $modtype = (int) $post['modtype'];
    $infoid = (int) $post['infoid'];
    $fstb = 0;
    if (empty($modtype)) {
        $fstb = GetInfoTranFstb($classid, $infoid, 0);
    }
    //是否为空
    if (!$file_name) {
        if (empty($tranurl) || $tranurl == "http://") {
            $tranfrom == 0 ? printerror("EmptyHttp", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'EmptyHttp', '', '');
        }
        $filetype = GetFiletype($tranurl);
        //取得文件类型
        $file_size = 0;
    } else {
        $filetype = GetFiletype($file_name);
        //取得文件类型
    }
    //如果是.php文件
    if (CheckSaveTranFiletype($filetype)) {
        $tranfrom == 0 ? printerror("TranPHP", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranPHP', '', '');
    }
    $type_r = explode("|" . $filetype . "|", $public_r['filetype']);
    if (count($type_r) < 2) {
        $tranfrom == 0 ? printerror("TranFiletypeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFiletypeFail', '', '');
    }
    if ($file_size > $public_r['filesize'] * 1024) {
        $tranfrom == 0 ? printerror("TranFilesizeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFilesizeFail', '', '');
    }
    if ($type == 1) {
        if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) {
            $tranfrom == 0 ? printerror("NotTranImg", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranImg', '', '');
        }
    } elseif ($type == 2) {
        if (!strstr($ecms_config['sets']['tranflashtype'], ',' . $filetype . ',')) {
            $tranfrom == 0 ? printerror("NotTranFlash", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranFlash', '', '');
        }
    } elseif ($type == 3) {
    } else {
    }
    //远程保存
    if (empty($file_name)) {
        $r = DoTranUrl($tranurl, $classid);
        if (empty($r[tran])) {
            $tranfrom == 0 ? printerror("TranHttpFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranHttpFail', '', '');
        }
    } else {
        $r = DoTranFile($file, $file_name, $file_type, $file_size, $classid);
        if (empty($r[tran])) {
            $tranfrom == 0 ? printerror("TranFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFail', '', '');
        }
    }
    if (!$no) {
        $no = $r[filename];
    }
    //写入数据库
    $r[filesize] = (int) $r[filesize];
    $classid = (int) $classid;
    $post[filepass] = (int) $post[filepass];
    $type = (int) $type;
    $sql = eInsertFileTable($r[filename], $r[filesize], $r[filepath], $username, $classid, $no, $type, $post[filepass], $post[filepass], $public_r[fpath], 0, $modtype, $fstb);
    $fileid = $empire->lastid();
    //导入gd.php文件
    if ($type == 1 && ($post['getsmall'] || $post['getmark'])) {
        @(include ECMS_PATH . DASHBOARD . "/class/gd.php");
    }
    //缩略图
    if ($type == 1 && $post['getsmall']) {
        GetMySmallImg($classid, $no, $r[insertfile], $r[filepath], $r[yname], $post[width], $post[height], $r[name], $post['filepass'], $post['filepass'], $userid, $username, $modtype, $fstb);
    }
    //水印
    if ($type == 1 && $post['getmark']) {
        GetMyMarkImg($r['yname']);
    }
    if ($sql) {
        if ($tranfrom == 1) {
            //$imgstr=EditorSetTranPic($r[url],$r[url],$post);
            ECMS_EditorPrintError(0, $r[url], $r[filename], '', $no, $r[filesize]);
            db_close();
            exit;
        }
        echo "<script>parent.location.reload();</script>";
        db_close();
        exit;
    } else {
        $tranfrom == 0 ? printerror("InTranRecordFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'InTranRecordFail', '', '');
    }
}
예제 #5
0
파일: qinfofun.php 프로젝트: novnan/meiju
function DoQTranFile($add, $file, $file_name, $file_type, $file_size, $userid, $username, $rnd, $ecms = 0)
{
    global $empire, $dbtbpre, $class_r, $public_r, $ecms_config;
    if ($public_r['addnews_ok']) {
        $ecms != 1 ? printerror("NotOpenCQInfo", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotOpenCQInfo', '', '');
    }
    $filepass = (int) $add['filepass'];
    $classid = (int) $add['classid'];
    $infoid = (int) $add['infoid'];
    if (!$file_name || !$filepass || !$classid || !$class_r[$classid][tbname]) {
        $ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', '');
    }
    //信息
    if ($infoid) {
        $index_r = $empire->fetch1("select classid,checked from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_index where id='{$infoid}'");
        if (!$index_r['classid'] || $classid != $index_r['classid']) {
            $ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', '');
        }
        $infotb = ReturnInfoMainTbname($class_r[$classid][tbname], $index_r['checked']);
        $infor = $empire->fetch1("select classid,fstb from " . $infotb . " where id='{$infoid}'");
        if (!$infor['fstb'] || $classid != $infor['classid']) {
            $ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', '');
        }
        $fstb = $infor['fstb'];
    } else {
        $fstb = $public_r['filedeftb'];
    }
    //验证权限
    $userid = (int) $userid;
    $username = RepPostVar($username);
    $rnd = RepPostVar($rnd);
    DoQCheckAddLevel($classid, $userid, $username, $rnd, 0, 0);
    $filetype = GetFiletype($file_name);
    //取得文件类型
    if (CheckSaveTranFiletype($filetype)) {
        $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
    }
    $type = (int) $add['type'];
    $pr = $empire->fetch1("select qaddtran,qaddtransize,qaddtranimgtype,qaddtranfile,qaddtranfilesize,qaddtranfiletype from {$dbtbpre}enewspublic limit 1");
    if ($type == 1) {
        if (!$pr['qaddtran']) {
            $ecms != 1 ? printerror("CloseQTranPic", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranPic', '', '');
        }
        if (!strstr($pr['qaddtranimgtype'], "|" . $filetype . "|")) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
        if ($file_size > $pr['qaddtransize'] * 1024) {
            $ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', '');
        }
        if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
    } elseif ($type == 2) {
        if (!$pr['qaddtranfile']) {
            $ecms != 1 ? printerror("CloseQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranFile', '', '');
        }
        if (!strstr($pr['qaddtranfiletype'], "|" . $filetype . "|")) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
        if ($file_size > $pr['qaddtranfilesize'] * 1024) {
            $ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', '');
        }
        if (!strstr($ecms_config['sets']['tranflashtype'], ',' . $filetype . ',')) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
    } else {
        if (!$pr['qaddtranfile']) {
            $ecms != 1 ? printerror("CloseQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranFile', '', '');
        }
        if (!strstr($pr['qaddtranfiletype'], "|" . $filetype . "|")) {
            $ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
        }
        if ($file_size > $pr['qaddtranfilesize'] * 1024) {
            $ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', '');
        }
    }
    $r = DoTranFile($file, $file_name, $file_type, $file_size, $classid);
    if (empty($r[tran])) {
        $ecms != 1 ? printerror("TranFail", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TranFail', '', '');
    }
    //写入数据库
    $filetime = time();
    $r[filesize] = (int) $r[filesize];
    $classid = (int) $classid;
    eInsertFileTable($r[filename], $r[filesize], $r[filepath], '[Member]' . $username, $classid, $r[filename], $type, $filepass, $filepass, $public_r[fpath], 0, 0, $fstb);
    //编辑器
    if ($ecms == 1) {
        ECMS_QEditorPrintError(0, $r[url], $r[filename], '', $r[filename], $r[filesize]);
    } else {
        echo "<script>opener.document.add." . $add['field'] . ".value='" . $r['url'] . "';window.close();</script>";
    }
    db_close();
    $empire = null;
    exit;
}
예제 #6
0
function SaveMorepicFile($varname, $msavepic, $i, $picurl, $picname, $classid, $id, $add)
{
    global $public_r, $empire, $loginin, $dbtbpre, $tranpicturetype;
    if ($varname == "mbigpfile") {
        $addname = "[b]";
    }
    $type = 1;
    $r[url] = $picurl;
    //上传
    if ($_FILES[$varname]['name'][$i]) {
        //取得文件类型
        $filetype = GetFiletype($_FILES[$varname]['name'][$i]);
        //允许上传类型
        if (CheckSaveTranFiletype($filetype)) {
            return $r;
        }
        if (!strstr($public_r['filetype'], "|" . $filetype . "|")) {
            return $r;
        }
        //图片文件
        if (!strstr($tranpicturetype, ',' . $filetype . ',')) {
            return $r;
        }
        //文件大小
        if ($_FILES[$varname]['size'][$i] > $public_r['filesize'] * 1024) {
            return $r;
        }
        //上传
        $r = DoTranFile($_FILES[$varname]['tmp_name'][$i], $_FILES[$varname]['name'][$i], $_FILES[$varname]['type'][$i], $_FILES[$varname]['size'][$i], $classid);
        //------------------------写入数据库
        $r[filesize] = (int) $r[filesize];
        $classid = (int) $classid;
        $filetime = date("Y-m-d H:i:s");
        if (empty($picname)) {
            $picname = $r[filename];
        } else {
            $picname = $addname . $picname;
        }
        $picname = RepPostStr($picname);
        $id = (int) $id;
        $cjid = 0;
        if (!$id) {
            $cjid = (int) $add['filepass'];
        }
        $sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,onclick,id,cjid,fpath) values('{$r['filename']}',{$r['filesize']},'{$loginin}','{$r['filepath']}','{$filetime}',{$classid},'{$picname}',{$type},0,{$id},{$cjid},'{$public_r['fpath']}');");
        return $r;
    } else {
        if (empty($msavepic)) {
            return $r;
        }
        if (empty($picurl)) {
            return $r;
        }
        //----------------取得文件类型
        $filetype = GetFiletype($picurl);
        //允许上传类型
        if (CheckSaveTranFiletype($filetype)) {
            return $r;
        }
        if (!strstr($public_r['filetype'], "|" . $filetype . "|")) {
            return $r;
        }
        //图片文件
        if (!strstr($tranpicturetype, ',' . $filetype . ',')) {
            return $r;
        }
        //保存
        $r = DoTranUrl($picurl, $classid);
        if ($r['tran']) {
            //记录数据库
            $filetime = date("Y-m-d H:i:s");
            //变量处理
            $r[filesize] = (int) $r[filesize];
            $classid = (int) $classid;
            $r[type] = (int) $r[type];
            if (empty($picname)) {
                $picname = $r[filename];
            } else {
                $picname = $addname . $picname;
            }
            $picname = RepPostStr($picname);
            $id = (int) $id;
            $cjid = 0;
            if (!$id) {
                $cjid = (int) $add['filepass'];
            }
            $sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,id,cjid,onclick,fpath) values('{$r['filename']}',{$r['filesize']},'{$loginin}','{$r['filepath']}','{$filetime}',{$classid},'{$picname}',{$type},{$id},{$cjid},0,'{$public_r['fpath']}');");
            return $r;
        }
        return $r;
    }
}
예제 #7
0
파일: functions.php 프로젝트: novnan/meiju
function SaveMorepicFile($varname, $msavepic, $i, $picurl, $picname, $classid, $id, $add, $modtype = 0, $fstb = 1)
{
    global $public_r, $empire, $loginin, $dbtbpre, $ecms_config;
    if ($varname == "mbigpfile") {
        $addname = "[b]";
    }
    $type = 1;
    $r[url] = $picurl;
    //上传
    if ($_FILES[$varname]['name'][$i]) {
        //取得文件类型
        $filetype = GetFiletype($_FILES[$varname]['name'][$i]);
        //允许上传类型
        if (CheckSaveTranFiletype($filetype)) {
            return $r;
        }
        if (!strstr($public_r['filetype'], "|" . $filetype . "|")) {
            return $r;
        }
        //图片文件
        if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) {
            return $r;
        }
        //文件大小
        if ($_FILES[$varname]['size'][$i] > $public_r['filesize'] * 1024) {
            return $r;
        }
        //上传
        $r = DoTranFile($_FILES[$varname]['tmp_name'][$i], $_FILES[$varname]['name'][$i], $_FILES[$varname]['type'][$i], $_FILES[$varname]['size'][$i], $classid);
        //------------------------写入数据库
        $r[filesize] = (int) $r[filesize];
        $classid = (int) $classid;
        if (empty($picname)) {
            $picname = $r[filename];
        } else {
            $picname = $addname . $picname;
        }
        $picname = RepPostStr($picname);
        $id = (int) $id;
        $cjid = 0;
        if (!$id) {
            $cjid = (int) $add['filepass'];
        }
        eInsertFileTable($r[filename], $r[filesize], $r[filepath], $loginin, $classid, $picname, $type, $id, $cjid, $public_r[fpath], 0, 0, $fstb);
        return $r;
    } else {
        if (empty($msavepic)) {
            return $r;
        }
        if (empty($picurl)) {
            return $r;
        }
        //----------------取得文件类型
        $filetype = GetFiletype($picurl);
        //允许上传类型
        if (CheckSaveTranFiletype($filetype)) {
            return $r;
        }
        if (!strstr($public_r['filetype'], "|" . $filetype . "|")) {
            return $r;
        }
        //图片文件
        if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) {
            return $r;
        }
        //保存
        $r = DoTranUrl($picurl, $classid);
        if ($r['tran']) {
            //记录数据库
            //变量处理
            $r[filesize] = (int) $r[filesize];
            $classid = (int) $classid;
            $r[type] = (int) $r[type];
            if (empty($picname)) {
                $picname = $r[filename];
            } else {
                $picname = $addname . $picname;
            }
            $picname = RepPostStr($picname);
            $id = (int) $id;
            $cjid = 0;
            if (!$id) {
                $cjid = (int) $add['filepass'];
            }
            eInsertFileTable($r[filename], $r[filesize], $r[filepath], $loginin, $classid, $picname, $type, $id, $cjid, $public_r[fpath], 0, 0, $fstb);
            return $r;
        }
        return $r;
    }
}
예제 #8
0
파일: filefun.php 프로젝트: novnan/meiju
function TranMoreFile($file, $file_name, $file_type, $file_size, $no, $type, $userid, $username)
{
    global $empire, $public_r, $dbtbpre;
    $count = count($file_name);
    if (empty($count)) {
        printerror("MustChangeTranOneFile", "history.go(-1)");
    }
    //操作权限
    CheckLevel($userid, $username, $classid, "file");
    $type = (int) $type;
    for ($i = 0; $i < $count; $i++) {
        if (empty($file_name[$i])) {
            continue;
        }
        //取得文件类型
        $filetype = GetFiletype($file_name[$i]);
        //如果是.php文件
        if (CheckSaveTranFiletype($filetype)) {
            continue;
        }
        $type_r = explode("|" . $filetype . "|", $public_r['filetype']);
        if (count($type_r) < 2) {
            continue;
        }
        if ($file_size[$i] > $public_r['filesize'] * 1024) {
            continue;
        }
        //上传
        $r = DoTranFile($file[$i], $file_name[$i], $file_type[$i], $file_size[$i], $classid);
        //写入数据库
        $r[filesize] = (int) $r[filesize];
        $classid = (int) $classid;
        if (empty($no[$i])) {
            $no[$i] = $file_name[$i];
        }
        eInsertFileTable($r[filename], $r[filesize], $r[filepath], $username, $classid, $no[$i], $type, 0, 0, $public_r[fpath], 0, 5, 0);
    }
    insert_dolog("");
    //操作日志
    printerror("TranMoreFileSuccess", "file/TranMoreFile.php" . hReturnEcmsHashStrHref2(1));
}
예제 #9
0
파일: connect.php 프로젝트: novnan/meiju
function DoTranUrl($url, $classid)
{
    global $public_r, $class_r, $ecms_config, $efileftp_fr;
    $classid = (int) $classid;
    //处理地址
    $url = trim($url);
    $url = str_replace(" ", "%20", $url);
    $r[tran] = 1;
    //附件地址
    $r[url] = $url;
    //文件类型
    $r[filetype] = GetFiletype($url);
    if (CheckSaveTranFiletype($r[filetype])) {
        $r[tran] = 0;
        return $r;
    }
    //是否已上传的文件
    $havetr = CheckNotSaveUrl($url);
    if ($havetr) {
        $r[tran] = 0;
        return $r;
    }
    //是否地址
    if (!strstr($url, '://')) {
        $r[tran] = 0;
        return $r;
    }
    $string = ReadFiletext($url);
    if (empty($string)) {
        $r[tran] = 0;
        return $r;
    }
    //文件名
    $r[insertfile] = ReturnDoTranFilename($file_name, $classid);
    $r[filename] = $r[insertfile] . $r[filetype];
    //日期目录
    $r[filepath] = FormatFilePath($classid, $mynewspath, 0);
    $filepath = $r[filepath] ? $r[filepath] . '/' : $r[filepath];
    //存放目录
    $fspath = ReturnFileSavePath($classid);
    $r[savepath] = eReturnEcmsMainPortPath() . $fspath['filepath'] . $filepath;
    //moreport
    //附件地址
    $r[url] = $fspath['fileurl'] . $filepath . $r[filename];
    //缩图文件
    $r[name] = $r[savepath] . "small" . $r[insertfile];
    //附件文件
    $r[yname] = $r[savepath] . $r[filename];
    WriteFiletext_n($r[yname], $string);
    $r[filesize] = @filesize($r[yname]);
    //返回类型
    if (strstr($ecms_config['sets']['tranflashtype'], ',' . $r[filetype] . ',')) {
        $r[type] = 2;
    } elseif (strstr($ecms_config['sets']['tranpicturetype'], ',' . $r[filetype] . ',')) {
        $r[type] = 1;
    } elseif (strstr($ecms_config['sets']['mediaplayertype'], ',' . $r[filetype] . ',') || strstr($ecms_config['sets']['realplayertype'], ',' . $r[filetype] . ',')) {
        $r[type] = 3;
    } else {
        $r[type] = 0;
    }
    //FileServer
    if ($public_r['openfileserver']) {
        $efileftp_fr[] = $r['yname'];
    }
    return $r;
}
예제 #10
0
function TranMoreFile($file, $file_name, $file_type, $file_size, $no, $type, $userid, $username)
{
    global $empire, $public_r, $dbtbpre;
    $count = count($file_name);
    if (empty($count)) {
        printerror("MustChangeTranOneFile", "history.go(-1)");
    }
    //操作权限
    CheckLevel($userid, $username, $classid, "file");
    $type = (int) $type;
    for ($i = 0; $i < $count; $i++) {
        if (empty($file_name[$i])) {
            continue;
        }
        //取得文件类型
        $filetype = GetFiletype($file_name[$i]);
        //如果是.php文件
        if (CheckSaveTranFiletype($filetype)) {
            continue;
        }
        $type_r = explode("|" . $filetype . "|", $public_r['filetype']);
        if (count($type_r) < 2) {
            continue;
        }
        if ($file_size[$i] > $public_r['filesize'] * 1024) {
            continue;
        }
        //上传
        $r = DoTranFile($file[$i], $file_name[$i], $file_type[$i], $file_size[$i], $classid);
        //写入数据库
        $r[filesize] = (int) $r[filesize];
        $classid = (int) $classid;
        $filetime = date("Y-m-d H:i:s");
        if (empty($no[$i])) {
            $no[$i] = $r[filename];
        }
        $sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,onclick,id,cjid,fpath) values('{$r['filename']}',{$r['filesize']},'{$username}','{$r['filepath']}','{$filetime}',{$classid},'{$no[$i]}',{$type},0,0,0,'{$public_r['fpath']}');");
    }
    insert_dolog("");
    //操作日志
    printerror("TranMoreFileSuccess", "file/TranMoreFile.php");
}
예제 #11
0
function TranFile($file, $file_name, $file_type, $file_size, $tranurl, $no, $classid, $type, $post, $userid, $username)
{
    global $empire, $public_r, $loginrnd, $dbtbpre, $tranpicturetype, $tranflashtype, $mediaplayertype, $realplayertype;
    if (!$no) {
        $no = $file_name;
    }
    $tranfrom = (int) $post['tranfrom'];
    $classid = (int) $classid;
    //是否为空
    if (!$file_name) {
        if (empty($tranurl) || $tranurl == "http://") {
            $tranfrom == 0 ? printerror("EmptyHttp", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'EmptyHttp', '', '');
        }
        $filetype = GetFiletype($tranurl);
        //取得文件类型
        $file_size = 0;
    } else {
        $filetype = GetFiletype($file_name);
        //取得文件类型
    }
    //如果是.php文件
    if (CheckSaveTranFiletype($filetype)) {
        $tranfrom == 0 ? printerror("TranPHP", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranPHP', '', '');
    }
    $type_r = explode("|" . $filetype . "|", $public_r['filetype']);
    if (count($type_r) < 2) {
        $tranfrom == 0 ? printerror("TranFiletypeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFiletypeFail', '', '');
    }
    if ($file_size > $public_r['filesize'] * 1024) {
        $tranfrom == 0 ? printerror("TranFilesizeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFilesizeFail', '', '');
    }
    if ($type == 1) {
        if (!strstr($tranpicturetype, ',' . $filetype . ',')) {
            $tranfrom == 0 ? printerror("NotTranImg", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranImg', '', '');
        }
    } elseif ($type == 2) {
        if (!strstr($tranflashtype, ',' . $filetype . ',')) {
            $tranfrom == 0 ? printerror("NotTranFlash", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranFlash', '', '');
        }
    } elseif ($type == 3) {
    } else {
    }
    //远程保存
    if (empty($file_name)) {
        $r = DoTranUrl($tranurl, $classid);
        if (empty($r[tran])) {
            $tranfrom == 0 ? printerror("TranHttpFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranHttpFail', '', '');
        }
    } else {
        $r = DoTranFile($file, $file_name, $file_type, $file_size, $classid);
        if (empty($r[tran])) {
            $tranfrom == 0 ? printerror("TranFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFail', '', '');
        }
    }
    if (!$no) {
        $no = $r[filename];
    }
    //写入数据库
    $r[filesize] = (int) $r[filesize];
    $classid = (int) $classid;
    $post[filepass] = (int) $post[filepass];
    $type = (int) $type;
    $filetime = date("Y-m-d H:i:s");
    $sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,id,cjid,fpath) values('{$r['filename']}',{$r['filesize']},'{$username}','{$r['filepath']}','{$filetime}',{$classid},'{$no}',{$type},{$post['filepass']},{$post['filepass']},'{$public_r['fpath']}');");
    $fileid = $empire->lastid();
    //导入gd.php文件
    if ($type == 1 && ($post['getsmall'] || $post['getmark'])) {
        @(include ECMS_PATH . "e/class/gd.php");
    }
    //缩略图
    if ($type == 1 && $post['getsmall']) {
        GetMySmallImg($classid, $no, $r[insertfile], $r[filepath], $r[yname], $post[width], $post[height], $r[name], $post['filepass'], $post['filepass'], $userid, $username);
    }
    //水印
    if ($type == 1 && $post['getmark']) {
        GetMyMarkImg($r['yname']);
    }
    if ($sql) {
        if ($tranfrom == 1) {
            //$imgstr=EditorSetTranPic($r[url],$r[url],$post);
            ECMS_EditorPrintError(0, $r[url], $r[filename], '', $no, $r[filesize]);
            db_close();
            exit;
        }
        echo "<script>parent.location.reload();</script>";
        db_close();
        exit;
    } else {
        $tranfrom == 0 ? printerror("InTranRecordFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'InTranRecordFail', '', '');
    }
}