function TranTruePathFile($level, $path, $file, $file_name, $file_type, $file_size, $add, $userid, $username)
{
global $empire, $dbtbpre, $public_r;
if (!$file_name) {
printerror("EmptyTranFile", "history.go(-1)");
}
$r['filetype'] = GetFiletype($file_name);
//取得文件类型
//如果是.php文件
if (CheckSaveTranFiletype($r['filetype'])) {
printerror("TranPHP", "history.go(-1)");
}
$type_r = explode("|" . $r['filetype'] . "|", $public_r['filetype']);
if (count($type_r) < 2) {
printerror("TranFiletypeFail", "history.go(-1)");
}
if ($file_size > $public_r['filesize'] * 1024) {
printerror("TranFilesizeFail", "history.go(-1)");
}
//文件名
$r['insertfile'] = ReturnDoTranFilename($file_name, $classid);
$r['filename'] = $r['insertfile'] . $r['filetype'];
$r['name'] = ECMS_PATH . $path . '/' . $r['filename'];
$r['tran'] = 1;
//上传文件
$cp = @move_uploaded_file($file, $r['name']);
if (empty($cp)) {
$r['tran'] = 0;
printerror('TranFail', '');
}
DoChmodFile($r['name']);
//操作日志
insert_dolog("path={$path}<br>filename=" . $r['filename']);
echo '<meta http-equiv="refresh" content="0;url=' . $_SERVER['HTTP_REFERER'] . '">';
db_close();
$empire = null;
}
function AddFeedback($add)
{
global $empire, $dbtbpre, $level_r, $public_r;
CheckCanPostUrl();
//验证来源
if ($add['bid']) {
$bid = (int) $add['bid'];
} else {
$bid = (int) getcvar('feedbackbid');
}
if (empty($bid)) {
printerror("EmptyFeedbackname", "history.go(-1)", 1);
}
//验证码
$keyvname = 'checkfeedbackkey';
if ($public_r['fbkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
//版面是否存在
$br = $empire->fetch1("select bid,enter,mustenter,filef,groupid,checkboxf from {$dbtbpre}enewsfeedbackclass where bid='{$bid}';");
if (empty($br['bid'])) {
printerror("EmptyFeedback", "history.go(-1)", 1);
}
//权限
if ($br['groupid']) {
$user = islogin();
if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) {
printerror("HaveNotEnLevel", "history.go(-1)", 1);
}
}
$pr = $empire->fetch1("select feedbacktfile,feedbackfilesize,feedbackfiletype from {$dbtbpre}enewspublic limit 1");
//必填项
$mustr = explode(",", $br['mustenter']);
$count = count($mustr);
for ($i = 1; $i < $count - 1; $i++) {
$mf = $mustr[$i];
if (strstr($br['filef'], "," . $mf . ",")) {
if (!$pr['feedbacktfile']) {
printerror("NotOpenFBFile", "", 1);
}
if (!$_FILES[$mf]['name']) {
printerror("EmptyFeedbackname", "", 1);
}
} else {
$chmustval = ReturnFBCheckboxAddF($add[$mf], $mf, $br['checkboxf']);
if (!trim($chmustval)) {
printerror("EmptyFeedbackname", "", 1);
}
}
}
$saytime = date("Y-m-d H:i:s");
//字段处理
$dh = "";
$tranf = "";
$record = "<!--record-->";
$field = "<!--field--->";
$er = explode($record, $br['enter']);
$count = count($er);
for ($i = 0; $i < $count - 1; $i++) {
$er1 = explode($field, $er[$i]);
$f = $er1[1];
//附件
$add[$f] = str_replace('[!#@-', 'ecms', $add[$f]);
if (strstr($br['filef'], "," . $f . ",")) {
if ($_FILES[$f]['name']) {
if (!$pr['feedbacktfile']) {
printerror("NotOpenFBFile", "", 1);
}
$filetype = GetFiletype($_FILES[$f]['name']);
//取得文件类型
if (CheckSaveTranFiletype($filetype)) {
printerror("NotQTranFiletype", "", 1);
}
if (!strstr($pr['feedbackfiletype'], "|" . $filetype . "|")) {
printerror("NotQTranFiletype", "", 1);
}
if ($_FILES[$f]['size'] > $pr['feedbackfilesize'] * 1024) {
printerror("TooBigQTranFile", "", 1);
}
$tranf .= $dh . $f;
$dh = ",";
$fval = "[!#@-" . $f . "-@!]";
} else {
$fval = "";
}
} else {
$add[$f] = ReturnFBCheckboxAddF($add[$f], $f, $br['checkboxf']);
$fval = $add[$f];
}
$addf .= ",`" . $f . "`";
$addval .= ",'" . addslashes(RepPostStr($fval)) . "'";
}
$type = 0;
$classid = 0;
$filename = '';
$filepath = '';
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
$filepass = ReturnTranFilepass();
//上传附件
if ($tranf) {
$dh = "";
$tranr = explode(",", $tranf);
$count = count($tranr);
for ($i = 0; $i < $count; $i++) {
$tf = $tranr[$i];
$tfr = DoTranFile($_FILES[$tf]['tmp_name'], $_FILES[$tf]['name'], $_FILES[$tf]['type'], $_FILES[$tf]['size'], $classid);
if ($tfr['tran']) {
$filepath = $tfr[filepath];
//写入数据库
$filetime = $saytime;
$filesize = (int) $_FILES[$tf]['size'];
eInsertFileTable($tfr[filename], $filesize, $tfr[filepath], '[Member]' . $username, $classid, '[FB]' . addslashes(RepPostStr($add[title])), $type, $filepass, $filepass, $public_r[fpath], 0, 4, 0);
$repfval = ($tfr[filepath] ? $tfr[filepath] . '/' : '') . $tfr[filename];
$filename .= $dh . $tfr[filename];
$dh = ",";
} else {
$repfval = "";
}
$addval = str_replace("[!#@-" . $tf . "-@!]", $repfval, $addval);
}
}
$ip = egetip();
$eipport = egetipport();
$sql = $empire->query("insert into {$dbtbpre}enewsfeedback(bid,saytime,ip,filepath,filename,userid,username,haveread,eipport" . $addf . ") values('{$bid}','{$saytime}','{$ip}','{$filepath}','{$filename}','{$userid}','{$username}',0,'{$eipport}'" . $addval . ");");
$fid = $empire->lastid();
//更新附件
UpdateTheFileOther(4, $fid, $filepass, 'other');
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
$reurl = DoingReturnUrl("../tool/feedback/?bid={$bid}", $add['ecmsfrom']);
printerror("AddFeedbackSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function ReturnDoMemberF($fid, $add, $mr, $ecms = 0, $username = '', $admin = 0)
{
global $empire, $dbtbpre, $tranpicturetype, $public_r;
$pr = $empire->fetch1("select openmembertranimg,memberimgsize,memberimgtype,openmembertranfile,memberfilesize,memberfiletype from {$dbtbpre}enewspublic limit 1");
$formr = $empire->fetch1("select fid,enter,mustenter,filef,imgf,canaddf,caneditf,checkboxf from {$dbtbpre}enewsmemberform where fid='{$fid}'");
//检测必填字段
$mustr = explode(",", $formr['mustenter']);
$mustcount = count($mustr);
for ($i = 1; $i < $mustcount - 1; $i++) {
$mf = $mustr[$i];
if (strstr($formr['filef'], "," . $mf . ",") || strstr($formr['imgf'], "," . $mf . ",")) {
$mfilef = $mf . "file";
//上传文件
if ($_FILES[$mfilef]['name']) {
if (strstr($formr['imgf'], "," . $mf . ",")) {
if (!$pr['openmembertranimg']) {
printerror("CloseQTranPic", "", 1);
}
} else {
if (!$pr['openmembertranfile']) {
printerror("CloseQTranFile", "", 1);
}
}
} elseif (!trim($add[$mf]) && !$mr[$mf]) {
printerror("EmptyQMustF", "", 1);
}
} else {
$chmustval = ReturnMCheckboxAddF($add[$mf], $mf, $formr['checkboxf']);
if (!trim($chmustval)) {
printerror("EmptyQMustF", "", 1);
}
}
}
//字段处理
$dh = "";
$tranf = "";
$record = "<!--record-->";
$field = "<!--field--->";
$fr = explode($record, $formr['enter']);
$count = count($fr);
for ($i = 0; $i < $count - 1; $i++) {
$fr1 = explode($field, $fr[$i]);
$f = $fr1[1];
if ($admin == 0 && ($ecms == 0 && !strstr($formr['canaddf'], ',' . $f . ',') || $ecms == 1 && !strstr($formr['caneditf'], ',' . $f . ','))) {
continue;
}
//附件
$add[$f] = str_replace('[!#@-', '', $add[$f]);
if (strstr($formr['filef'], "," . $f . ",") || strstr($formr['imgf'], "," . $f . ",")) {
//上传附件
$filetf = $f . "file";
if ($_FILES[$filetf]['name']) {
$filetype = GetFiletype($_FILES[$filetf]['name']);
//取得文件类型
if (CheckSaveTranFiletype($filetype)) {
printerror("NotQTranFiletype", "", 1);
}
if (strstr($formr['imgf'], "," . $f . ",")) {
if (!$pr['openmembertranimg']) {
printerror("CloseQTranPic", "", 1);
}
if (!strstr($pr['memberimgtype'], "|" . $filetype . "|")) {
printerror("NotQTranFiletype", "", 1);
}
if ($_FILES[$filetf]['size'] > $pr['memberimgsize'] * 1024) {
printerror("TooBigQTranFile", "", 1);
}
if (!strstr($tranpicturetype, ',' . $filetype . ',')) {
printerror("NotQTranFiletype", "", 1);
}
} else {
if (!$pr['openmembertranfile']) {
printerror("CloseQTranFile", "", 1);
}
if (!strstr($pr['memberfiletype'], "|" . $filetype . "|")) {
printerror("NotQTranFiletype", "", 1);
}
if ($_FILES[$filetf]['size'] > $pr['memberfilesize'] * 1024) {
printerror("TooBigQTranFile", "", 1);
}
}
$tranf .= $dh . $f;
$dh = ",";
$fval = "[!#@-" . $f . "-@!]";
} else {
$fval = $add[$f];
if ($ecms == 1 && $mr[$f] && !trim($fval)) {
$fval = $mr[$f];
}
}
} else {
$add[$f] = ReturnMCheckboxAddF($add[$f], $f, $formr['checkboxf']);
$fval = $add[$f];
}
$fval = DoMemberFValue($fval);
$fval = RepPostStr2($fval);
$fval = addslashes($fval);
if ($ecms == 0) {
$ret_r[0] .= ",`" . $f . "`";
$ret_r[1] .= ",'" . $fval . "'";
} else {
$ret_r[0] .= ",`" . $f . "`='" . $fval . "'";
}
}
//上传附件
if ($tranf) {
$infoid = 0;
$filepass = 0;
$classid = 0;
$tranr = explode(",", $tranf);
$count = count($tranr);
for ($i = 0; $i < $count; $i++) {
$tf = $tranr[$i];
$tffile = $tf . "file";
$tfr = DoTranFile($_FILES[$tffile]['tmp_name'], $_FILES[$tffile]['name'], $_FILES[$tffile]['type'], $_FILES[$tffile]['size'], $classid);
if ($tfr['tran']) {
if (strstr($formr['imgf'], "," . $tf . ",")) {
$type = 1;
} else {
$type = 0;
}
//写入数据库
$filetime = date("Y-m-d H:i:s");
$filesize = (int) $_FILES[$tffile]['size'];
$sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,id,cjid,fpath) values('{$tfr['filename']}',{$filesize},'[EditInfo]" . $username . "','{$tfr['filepath']}','{$filetime}',{$classid},'Member[" . $tf . "]',{$type},{$infoid},{$filepass},'{$public_r['fpath']}');");
//删除旧文件
if ($ecms == 1 && $mr[$tf]) {
DelYMemberTranFile($mr[$tf], $tf, $username);
}
$repfval = $tfr['url'];
} else {
$repfval = $mr[$tf];
}
if ($ecms == 0) {
$ret_r[1] = str_replace("[!#@-" . $tf . "-@!]", $repfval, $ret_r[1]);
} else {
$ret_r[0] = str_replace("[!#@-" . $tf . "-@!]", $repfval, $ret_r[0]);
}
}
}
return $ret_r;
}
function TranFile($file, $file_name, $file_type, $file_size, $tranurl, $no, $classid, $type, $post, $userid, $username)
{
global $empire, $public_r, $loginrnd, $dbtbpre, $ecms_config;
if (!$no) {
$no = $file_name;
}
$tranfrom = (int) $post['tranfrom'];
$classid = (int) $classid;
$modtype = (int) $post['modtype'];
$infoid = (int) $post['infoid'];
$fstb = 0;
if (empty($modtype)) {
$fstb = GetInfoTranFstb($classid, $infoid, 0);
}
//是否为空
if (!$file_name) {
if (empty($tranurl) || $tranurl == "http://") {
$tranfrom == 0 ? printerror("EmptyHttp", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'EmptyHttp', '', '');
}
$filetype = GetFiletype($tranurl);
//取得文件类型
$file_size = 0;
} else {
$filetype = GetFiletype($file_name);
//取得文件类型
}
//如果是.php文件
if (CheckSaveTranFiletype($filetype)) {
$tranfrom == 0 ? printerror("TranPHP", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranPHP', '', '');
}
$type_r = explode("|" . $filetype . "|", $public_r['filetype']);
if (count($type_r) < 2) {
$tranfrom == 0 ? printerror("TranFiletypeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFiletypeFail', '', '');
}
if ($file_size > $public_r['filesize'] * 1024) {
$tranfrom == 0 ? printerror("TranFilesizeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFilesizeFail', '', '');
}
if ($type == 1) {
if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) {
$tranfrom == 0 ? printerror("NotTranImg", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranImg', '', '');
}
} elseif ($type == 2) {
if (!strstr($ecms_config['sets']['tranflashtype'], ',' . $filetype . ',')) {
$tranfrom == 0 ? printerror("NotTranFlash", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranFlash', '', '');
}
} elseif ($type == 3) {
} else {
}
//远程保存
if (empty($file_name)) {
$r = DoTranUrl($tranurl, $classid);
if (empty($r[tran])) {
$tranfrom == 0 ? printerror("TranHttpFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranHttpFail', '', '');
}
} else {
$r = DoTranFile($file, $file_name, $file_type, $file_size, $classid);
if (empty($r[tran])) {
$tranfrom == 0 ? printerror("TranFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFail', '', '');
}
}
if (!$no) {
$no = $r[filename];
}
//写入数据库
$r[filesize] = (int) $r[filesize];
$classid = (int) $classid;
$post[filepass] = (int) $post[filepass];
$type = (int) $type;
$sql = eInsertFileTable($r[filename], $r[filesize], $r[filepath], $username, $classid, $no, $type, $post[filepass], $post[filepass], $public_r[fpath], 0, $modtype, $fstb);
$fileid = $empire->lastid();
//导入gd.php文件
if ($type == 1 && ($post['getsmall'] || $post['getmark'])) {
@(include ECMS_PATH . DASHBOARD . "/class/gd.php");
}
//缩略图
if ($type == 1 && $post['getsmall']) {
GetMySmallImg($classid, $no, $r[insertfile], $r[filepath], $r[yname], $post[width], $post[height], $r[name], $post['filepass'], $post['filepass'], $userid, $username, $modtype, $fstb);
}
//水印
if ($type == 1 && $post['getmark']) {
GetMyMarkImg($r['yname']);
}
if ($sql) {
if ($tranfrom == 1) {
//$imgstr=EditorSetTranPic($r[url],$r[url],$post);
ECMS_EditorPrintError(0, $r[url], $r[filename], '', $no, $r[filesize]);
db_close();
exit;
}
echo "<script>parent.location.reload();</script>";
db_close();
exit;
} else {
$tranfrom == 0 ? printerror("InTranRecordFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'InTranRecordFail', '', '');
}
}
function DoQTranFile($add, $file, $file_name, $file_type, $file_size, $userid, $username, $rnd, $ecms = 0)
{
global $empire, $dbtbpre, $class_r, $public_r, $ecms_config;
if ($public_r['addnews_ok']) {
$ecms != 1 ? printerror("NotOpenCQInfo", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotOpenCQInfo', '', '');
}
$filepass = (int) $add['filepass'];
$classid = (int) $add['classid'];
$infoid = (int) $add['infoid'];
if (!$file_name || !$filepass || !$classid || !$class_r[$classid][tbname]) {
$ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', '');
}
//信息
if ($infoid) {
$index_r = $empire->fetch1("select classid,checked from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_index where id='{$infoid}'");
if (!$index_r['classid'] || $classid != $index_r['classid']) {
$ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', '');
}
$infotb = ReturnInfoMainTbname($class_r[$classid][tbname], $index_r['checked']);
$infor = $empire->fetch1("select classid,fstb from " . $infotb . " where id='{$infoid}'");
if (!$infor['fstb'] || $classid != $infor['classid']) {
$ecms != 1 ? printerror("EmptyQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'EmptyQTranFile', '', '');
}
$fstb = $infor['fstb'];
} else {
$fstb = $public_r['filedeftb'];
}
//验证权限
$userid = (int) $userid;
$username = RepPostVar($username);
$rnd = RepPostVar($rnd);
DoQCheckAddLevel($classid, $userid, $username, $rnd, 0, 0);
$filetype = GetFiletype($file_name);
//取得文件类型
if (CheckSaveTranFiletype($filetype)) {
$ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
}
$type = (int) $add['type'];
$pr = $empire->fetch1("select qaddtran,qaddtransize,qaddtranimgtype,qaddtranfile,qaddtranfilesize,qaddtranfiletype from {$dbtbpre}enewspublic limit 1");
if ($type == 1) {
if (!$pr['qaddtran']) {
$ecms != 1 ? printerror("CloseQTranPic", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranPic', '', '');
}
if (!strstr($pr['qaddtranimgtype'], "|" . $filetype . "|")) {
$ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
}
if ($file_size > $pr['qaddtransize'] * 1024) {
$ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', '');
}
if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) {
$ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
}
} elseif ($type == 2) {
if (!$pr['qaddtranfile']) {
$ecms != 1 ? printerror("CloseQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranFile', '', '');
}
if (!strstr($pr['qaddtranfiletype'], "|" . $filetype . "|")) {
$ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
}
if ($file_size > $pr['qaddtranfilesize'] * 1024) {
$ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', '');
}
if (!strstr($ecms_config['sets']['tranflashtype'], ',' . $filetype . ',')) {
$ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
}
} else {
if (!$pr['qaddtranfile']) {
$ecms != 1 ? printerror("CloseQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'CloseQTranFile', '', '');
}
if (!strstr($pr['qaddtranfiletype'], "|" . $filetype . "|")) {
$ecms != 1 ? printerror("NotQTranFiletype", "", 9) : ECMS_QEditorPrintError(1, '', '', 'NotQTranFiletype', '', '');
}
if ($file_size > $pr['qaddtranfilesize'] * 1024) {
$ecms != 1 ? printerror("TooBigQTranFile", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TooBigQTranFile', '', '');
}
}
$r = DoTranFile($file, $file_name, $file_type, $file_size, $classid);
if (empty($r[tran])) {
$ecms != 1 ? printerror("TranFail", "", 9) : ECMS_QEditorPrintError(1, '', '', 'TranFail', '', '');
}
//写入数据库
$filetime = time();
$r[filesize] = (int) $r[filesize];
$classid = (int) $classid;
eInsertFileTable($r[filename], $r[filesize], $r[filepath], '[Member]' . $username, $classid, $r[filename], $type, $filepass, $filepass, $public_r[fpath], 0, 0, $fstb);
//编辑器
if ($ecms == 1) {
ECMS_QEditorPrintError(0, $r[url], $r[filename], '', $r[filename], $r[filesize]);
} else {
echo "<script>opener.document.add." . $add['field'] . ".value='" . $r['url'] . "';window.close();</script>";
}
db_close();
$empire = null;
exit;
}
function SaveMorepicFile($varname, $msavepic, $i, $picurl, $picname, $classid, $id, $add)
{
global $public_r, $empire, $loginin, $dbtbpre, $tranpicturetype;
if ($varname == "mbigpfile") {
$addname = "[b]";
}
$type = 1;
$r[url] = $picurl;
//上传
if ($_FILES[$varname]['name'][$i]) {
//取得文件类型
$filetype = GetFiletype($_FILES[$varname]['name'][$i]);
//允许上传类型
if (CheckSaveTranFiletype($filetype)) {
return $r;
}
if (!strstr($public_r['filetype'], "|" . $filetype . "|")) {
return $r;
}
//图片文件
if (!strstr($tranpicturetype, ',' . $filetype . ',')) {
return $r;
}
//文件大小
if ($_FILES[$varname]['size'][$i] > $public_r['filesize'] * 1024) {
return $r;
}
//上传
$r = DoTranFile($_FILES[$varname]['tmp_name'][$i], $_FILES[$varname]['name'][$i], $_FILES[$varname]['type'][$i], $_FILES[$varname]['size'][$i], $classid);
//------------------------写入数据库
$r[filesize] = (int) $r[filesize];
$classid = (int) $classid;
$filetime = date("Y-m-d H:i:s");
if (empty($picname)) {
$picname = $r[filename];
} else {
$picname = $addname . $picname;
}
$picname = RepPostStr($picname);
$id = (int) $id;
$cjid = 0;
if (!$id) {
$cjid = (int) $add['filepass'];
}
$sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,onclick,id,cjid,fpath) values('{$r['filename']}',{$r['filesize']},'{$loginin}','{$r['filepath']}','{$filetime}',{$classid},'{$picname}',{$type},0,{$id},{$cjid},'{$public_r['fpath']}');");
return $r;
} else {
if (empty($msavepic)) {
return $r;
}
if (empty($picurl)) {
return $r;
}
//----------------取得文件类型
$filetype = GetFiletype($picurl);
//允许上传类型
if (CheckSaveTranFiletype($filetype)) {
return $r;
}
if (!strstr($public_r['filetype'], "|" . $filetype . "|")) {
return $r;
}
//图片文件
if (!strstr($tranpicturetype, ',' . $filetype . ',')) {
return $r;
}
//保存
$r = DoTranUrl($picurl, $classid);
if ($r['tran']) {
//记录数据库
$filetime = date("Y-m-d H:i:s");
//变量处理
$r[filesize] = (int) $r[filesize];
$classid = (int) $classid;
$r[type] = (int) $r[type];
if (empty($picname)) {
$picname = $r[filename];
} else {
$picname = $addname . $picname;
}
$picname = RepPostStr($picname);
$id = (int) $id;
$cjid = 0;
if (!$id) {
$cjid = (int) $add['filepass'];
}
$sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,id,cjid,onclick,fpath) values('{$r['filename']}',{$r['filesize']},'{$loginin}','{$r['filepath']}','{$filetime}',{$classid},'{$picname}',{$type},{$id},{$cjid},0,'{$public_r['fpath']}');");
return $r;
}
return $r;
}
}
function SaveMorepicFile($varname, $msavepic, $i, $picurl, $picname, $classid, $id, $add, $modtype = 0, $fstb = 1)
{
global $public_r, $empire, $loginin, $dbtbpre, $ecms_config;
if ($varname == "mbigpfile") {
$addname = "[b]";
}
$type = 1;
$r[url] = $picurl;
//上传
if ($_FILES[$varname]['name'][$i]) {
//取得文件类型
$filetype = GetFiletype($_FILES[$varname]['name'][$i]);
//允许上传类型
if (CheckSaveTranFiletype($filetype)) {
return $r;
}
if (!strstr($public_r['filetype'], "|" . $filetype . "|")) {
return $r;
}
//图片文件
if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) {
return $r;
}
//文件大小
if ($_FILES[$varname]['size'][$i] > $public_r['filesize'] * 1024) {
return $r;
}
//上传
$r = DoTranFile($_FILES[$varname]['tmp_name'][$i], $_FILES[$varname]['name'][$i], $_FILES[$varname]['type'][$i], $_FILES[$varname]['size'][$i], $classid);
//------------------------写入数据库
$r[filesize] = (int) $r[filesize];
$classid = (int) $classid;
if (empty($picname)) {
$picname = $r[filename];
} else {
$picname = $addname . $picname;
}
$picname = RepPostStr($picname);
$id = (int) $id;
$cjid = 0;
if (!$id) {
$cjid = (int) $add['filepass'];
}
eInsertFileTable($r[filename], $r[filesize], $r[filepath], $loginin, $classid, $picname, $type, $id, $cjid, $public_r[fpath], 0, 0, $fstb);
return $r;
} else {
if (empty($msavepic)) {
return $r;
}
if (empty($picurl)) {
return $r;
}
//----------------取得文件类型
$filetype = GetFiletype($picurl);
//允许上传类型
if (CheckSaveTranFiletype($filetype)) {
return $r;
}
if (!strstr($public_r['filetype'], "|" . $filetype . "|")) {
return $r;
}
//图片文件
if (!strstr($ecms_config['sets']['tranpicturetype'], ',' . $filetype . ',')) {
return $r;
}
//保存
$r = DoTranUrl($picurl, $classid);
if ($r['tran']) {
//记录数据库
//变量处理
$r[filesize] = (int) $r[filesize];
$classid = (int) $classid;
$r[type] = (int) $r[type];
if (empty($picname)) {
$picname = $r[filename];
} else {
$picname = $addname . $picname;
}
$picname = RepPostStr($picname);
$id = (int) $id;
$cjid = 0;
if (!$id) {
$cjid = (int) $add['filepass'];
}
eInsertFileTable($r[filename], $r[filesize], $r[filepath], $loginin, $classid, $picname, $type, $id, $cjid, $public_r[fpath], 0, 0, $fstb);
return $r;
}
return $r;
}
}
function TranMoreFile($file, $file_name, $file_type, $file_size, $no, $type, $userid, $username)
{
global $empire, $public_r, $dbtbpre;
$count = count($file_name);
if (empty($count)) {
printerror("MustChangeTranOneFile", "history.go(-1)");
}
//操作权限
CheckLevel($userid, $username, $classid, "file");
$type = (int) $type;
for ($i = 0; $i < $count; $i++) {
if (empty($file_name[$i])) {
continue;
}
//取得文件类型
$filetype = GetFiletype($file_name[$i]);
//如果是.php文件
if (CheckSaveTranFiletype($filetype)) {
continue;
}
$type_r = explode("|" . $filetype . "|", $public_r['filetype']);
if (count($type_r) < 2) {
continue;
}
if ($file_size[$i] > $public_r['filesize'] * 1024) {
continue;
}
//上传
$r = DoTranFile($file[$i], $file_name[$i], $file_type[$i], $file_size[$i], $classid);
//写入数据库
$r[filesize] = (int) $r[filesize];
$classid = (int) $classid;
if (empty($no[$i])) {
$no[$i] = $file_name[$i];
}
eInsertFileTable($r[filename], $r[filesize], $r[filepath], $username, $classid, $no[$i], $type, 0, 0, $public_r[fpath], 0, 5, 0);
}
insert_dolog("");
//操作日志
printerror("TranMoreFileSuccess", "file/TranMoreFile.php" . hReturnEcmsHashStrHref2(1));
}
function DoTranUrl($url, $classid)
{
global $public_r, $class_r, $ecms_config, $efileftp_fr;
$classid = (int) $classid;
//处理地址
$url = trim($url);
$url = str_replace(" ", "%20", $url);
$r[tran] = 1;
//附件地址
$r[url] = $url;
//文件类型
$r[filetype] = GetFiletype($url);
if (CheckSaveTranFiletype($r[filetype])) {
$r[tran] = 0;
return $r;
}
//是否已上传的文件
$havetr = CheckNotSaveUrl($url);
if ($havetr) {
$r[tran] = 0;
return $r;
}
//是否地址
if (!strstr($url, '://')) {
$r[tran] = 0;
return $r;
}
$string = ReadFiletext($url);
if (empty($string)) {
$r[tran] = 0;
return $r;
}
//文件名
$r[insertfile] = ReturnDoTranFilename($file_name, $classid);
$r[filename] = $r[insertfile] . $r[filetype];
//日期目录
$r[filepath] = FormatFilePath($classid, $mynewspath, 0);
$filepath = $r[filepath] ? $r[filepath] . '/' : $r[filepath];
//存放目录
$fspath = ReturnFileSavePath($classid);
$r[savepath] = eReturnEcmsMainPortPath() . $fspath['filepath'] . $filepath;
//moreport
//附件地址
$r[url] = $fspath['fileurl'] . $filepath . $r[filename];
//缩图文件
$r[name] = $r[savepath] . "small" . $r[insertfile];
//附件文件
$r[yname] = $r[savepath] . $r[filename];
WriteFiletext_n($r[yname], $string);
$r[filesize] = @filesize($r[yname]);
//返回类型
if (strstr($ecms_config['sets']['tranflashtype'], ',' . $r[filetype] . ',')) {
$r[type] = 2;
} elseif (strstr($ecms_config['sets']['tranpicturetype'], ',' . $r[filetype] . ',')) {
$r[type] = 1;
} elseif (strstr($ecms_config['sets']['mediaplayertype'], ',' . $r[filetype] . ',') || strstr($ecms_config['sets']['realplayertype'], ',' . $r[filetype] . ',')) {
$r[type] = 3;
} else {
$r[type] = 0;
}
//FileServer
if ($public_r['openfileserver']) {
$efileftp_fr[] = $r['yname'];
}
return $r;
}
function TranMoreFile($file, $file_name, $file_type, $file_size, $no, $type, $userid, $username)
{
global $empire, $public_r, $dbtbpre;
$count = count($file_name);
if (empty($count)) {
printerror("MustChangeTranOneFile", "history.go(-1)");
}
//操作权限
CheckLevel($userid, $username, $classid, "file");
$type = (int) $type;
for ($i = 0; $i < $count; $i++) {
if (empty($file_name[$i])) {
continue;
}
//取得文件类型
$filetype = GetFiletype($file_name[$i]);
//如果是.php文件
if (CheckSaveTranFiletype($filetype)) {
continue;
}
$type_r = explode("|" . $filetype . "|", $public_r['filetype']);
if (count($type_r) < 2) {
continue;
}
if ($file_size[$i] > $public_r['filesize'] * 1024) {
continue;
}
//上传
$r = DoTranFile($file[$i], $file_name[$i], $file_type[$i], $file_size[$i], $classid);
//写入数据库
$r[filesize] = (int) $r[filesize];
$classid = (int) $classid;
$filetime = date("Y-m-d H:i:s");
if (empty($no[$i])) {
$no[$i] = $r[filename];
}
$sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,onclick,id,cjid,fpath) values('{$r['filename']}',{$r['filesize']},'{$username}','{$r['filepath']}','{$filetime}',{$classid},'{$no[$i]}',{$type},0,0,0,'{$public_r['fpath']}');");
}
insert_dolog("");
//操作日志
printerror("TranMoreFileSuccess", "file/TranMoreFile.php");
}
function TranFile($file, $file_name, $file_type, $file_size, $tranurl, $no, $classid, $type, $post, $userid, $username)
{
global $empire, $public_r, $loginrnd, $dbtbpre, $tranpicturetype, $tranflashtype, $mediaplayertype, $realplayertype;
if (!$no) {
$no = $file_name;
}
$tranfrom = (int) $post['tranfrom'];
$classid = (int) $classid;
//是否为空
if (!$file_name) {
if (empty($tranurl) || $tranurl == "http://") {
$tranfrom == 0 ? printerror("EmptyHttp", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'EmptyHttp', '', '');
}
$filetype = GetFiletype($tranurl);
//取得文件类型
$file_size = 0;
} else {
$filetype = GetFiletype($file_name);
//取得文件类型
}
//如果是.php文件
if (CheckSaveTranFiletype($filetype)) {
$tranfrom == 0 ? printerror("TranPHP", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranPHP', '', '');
}
$type_r = explode("|" . $filetype . "|", $public_r['filetype']);
if (count($type_r) < 2) {
$tranfrom == 0 ? printerror("TranFiletypeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFiletypeFail', '', '');
}
if ($file_size > $public_r['filesize'] * 1024) {
$tranfrom == 0 ? printerror("TranFilesizeFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFilesizeFail', '', '');
}
if ($type == 1) {
if (!strstr($tranpicturetype, ',' . $filetype . ',')) {
$tranfrom == 0 ? printerror("NotTranImg", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranImg', '', '');
}
} elseif ($type == 2) {
if (!strstr($tranflashtype, ',' . $filetype . ',')) {
$tranfrom == 0 ? printerror("NotTranFlash", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'NotTranFlash', '', '');
}
} elseif ($type == 3) {
} else {
}
//远程保存
if (empty($file_name)) {
$r = DoTranUrl($tranurl, $classid);
if (empty($r[tran])) {
$tranfrom == 0 ? printerror("TranHttpFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranHttpFail', '', '');
}
} else {
$r = DoTranFile($file, $file_name, $file_type, $file_size, $classid);
if (empty($r[tran])) {
$tranfrom == 0 ? printerror("TranFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'TranFail', '', '');
}
}
if (!$no) {
$no = $r[filename];
}
//写入数据库
$r[filesize] = (int) $r[filesize];
$classid = (int) $classid;
$post[filepass] = (int) $post[filepass];
$type = (int) $type;
$filetime = date("Y-m-d H:i:s");
$sql = $empire->query("insert into {$dbtbpre}enewsfile(filename,filesize,adduser,path,filetime,classid,no,type,id,cjid,fpath) values('{$r['filename']}',{$r['filesize']},'{$username}','{$r['filepath']}','{$filetime}',{$classid},'{$no}',{$type},{$post['filepass']},{$post['filepass']},'{$public_r['fpath']}');");
$fileid = $empire->lastid();
//导入gd.php文件
if ($type == 1 && ($post['getsmall'] || $post['getmark'])) {
@(include ECMS_PATH . "e/class/gd.php");
}
//缩略图
if ($type == 1 && $post['getsmall']) {
GetMySmallImg($classid, $no, $r[insertfile], $r[filepath], $r[yname], $post[width], $post[height], $r[name], $post['filepass'], $post['filepass'], $userid, $username);
}
//水印
if ($type == 1 && $post['getmark']) {
GetMyMarkImg($r['yname']);
}
if ($sql) {
if ($tranfrom == 1) {
//$imgstr=EditorSetTranPic($r[url],$r[url],$post);
ECMS_EditorPrintError(0, $r[url], $r[filename], '', $no, $r[filesize]);
db_close();
exit;
}
echo "<script>parent.location.reload();</script>";
db_close();
exit;
} else {
$tranfrom == 0 ? printerror("InTranRecordFail", "history.go(-1)", 8) : ECMS_EditorPrintError(1, '', '', 'InTranRecordFail', '', '');
}
}