/**
* 添加用户
* @author pwstrick
*/
public function add()
{
InitPHP::getHelper('view/user');
$breadcrumbs = array(array(base_url('user/lists'), '用户列表'), array(base_url('user/add'), '用户添加修改'));
$form = add_view();
$attrs = array('id' => 'add_view', 'data-uploadify' => 'cover', 'data-ueditor' => 'txtContent', 'data-hiddeniframe' => 'selectCategory');
$form = $this->form_token_view($form, $attrs);
$this->view->assign('form', $form);
$this->mainFormTemplate('用户添加', $breadcrumbs);
}
function post_show($id, $preview = TRUE, $db, $adm_log = 0)
{
if (!ctype_digit($id)) {
alert_try_sqlinj();
header('Location:index.php?error=error');
die;
}
$id = validate($id, $db);
$query = 'SELECT post_title,post_logo,p.categ_id,categ_name,post_text,UNIX_TIMESTAMP(post_edit_date) AS post_edit_date,UNIX_TIMESTAMP(post_date) AS post_date FROM posts p JOIN categories c ON p.categ_id=c.categ_id WHERE post_id=' . mysql_real_escape_string($id, $db);
$result = sql_query($query, $db);
if (mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_assoc($result)) {
extract($row);
echo '<table class=post-tablef>
<tr><td>';
echo $adm_log == 1 ? '<div>
<span class="span-edit">
<a href="admin_main.php?mode=confirm&submit=post_delete&post_id=' . $id . '">
Delete this post
</a>
||
<a href="admin_main.php?mode=edit_post&post_id=' . $id . '">
Edit this post
</a>
</span>
</div>' : '';
echo '<div>
<div><span class="span-posttitle">
<a href="view_post.php?id=' . mysql_real_escape_string($id, $db) . '">
' . nl2br(deletenbsp($post_title)) . '
</a>
</span>
</div>
</br>';
echo '<span class="span-submitted"><strong>
Submitted:</strong>' . htmlspecialchars(date('l F j, Y H:i', $post_date)) . '
</span>
</br>';
if ($post_edit_date != "") {
echo '<span class="span-submitted">
<strong>Edit Date:</strong>
' . htmlspecialchars(date('l F j, Y H:i', $post_edit_date)) . '
</span>
</br>';
}
echo '
<span class="span-category">
<strong>Category:</strong>
<a href="index.php?categ=' . $categ_id . '">
' . deletenbsp($categ_name) . '
</a>
</span>
</br></br>';
if ($post_logo != "") {
echo '<img class="logo_link" src="' . stripslashes(deletescript(html_entity_decode(deletenbsp($post_logo), ENT_QUOTES))) . '"/></br></br>';
}
if ($preview) {
$text = nl2br(stripslashes(preview(htmlsostitution(deletenbsp($post_text)))));
echo '<table class="post-textf">
<tr>
<td>' . $text;
if (strlen(nl2br(stripslashes(htmlsostitution(deletenbsp($post_text))))) > MAX_LENGTH_PREVIEW) {
echo '</br>
<a href="view_post.php?id=' . $id . '">
More
</a>';
}
echo '</td>
</tr>
</table>';
} else {
echo '<table class="post-textf">
<tr>
<td>
' . nl2br(stripslashes(htmlsostitution(deletenbsp($post_text)))) . '
</td>
</tr>
</table>';
}
echo '</br>
<div>
<strong>
Tags:
</strong></br>
<span class="span-tags">';
$query = 'SELECT * FROM
tags t JOIN posttags pt ON t.tag_id=pt.tag_id
WHERE
pt.post_id= ' . mysql_real_escape_string($id, $db) . ' ORDER BY t.tag_name ASC ';
$result = sql_query($query, $db);
if (mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_array($result)) {
extract($row);
echo $tag_name . '; ';
}
} else {
echo 'No tags for this post';
}
echo '</span>
</div></br>';
if (!$preview) {
add_view($id, $db);
echo '<span style="font-size:15px;">' . get_views($id, $db) . '</span></br>';
show_tag_posts($id, $db);
show_comments($id, $db);
}
if ($preview) {
$query = 'SELECT * FROM comments
WHERE
post_id=' . mysql_real_escape_string($id, $db);
$result2 = sql_query($query, $db);
echo '<span style="font-size:15px;">' . get_views($id, $db) . ',<a href="view_post.php?id=' . $id . '">
Comments:' . mysql_num_rows($result2) . '
</a>
</span>
</div>';
}
}
mysql_free_result($result);
} else {
echo 'Article Not found';
}
echo '</td>
</tr>';
echo '</table>
</br>';
}
if (config('permalink.type') == 'post') {
$redir = site_url() . 'post/' . $name;
header("location: {$redir}", TRUE, 301);
}
if (config("views.counter") != "true") {
if (!login()) {
file_cache($_SERVER['REQUEST_URI']);
}
}
$post = find_post($year, $month, $name);
$current = $post['current'];
if (!$current) {
not_found();
}
if (config("views.counter") == "true") {
add_view($current->file);
if (!login()) {
file_cache($_SERVER['REQUEST_URI']);
}
}
$author = get_author($current->author);
if (isset($author[0])) {
$author = $author[0];
} else {
$author = default_profile($current->author);
}
if (array_key_exists('prev', $post)) {
$prev = $post['prev'];
} else {
$prev = array();
}
$message['error'] .= '<li>CSRF Token not correct.</li>';
}
config('views.root', 'system/admin/views');
render('add-page', array('head_contents' => head_contents('Add page - ' . blog_title(), blog_description(), site_url()), 'error' => '<ul>' . $message['error'] . '</ul>', 'postTitle' => $title, 'postUrl' => $url, 'postContent' => $content, 'bodyclass' => 'addpage', 'breadcrumb' => '<a href="' . site_url() . '">' . config('breadcrumb.home') . '</a> » <a href="' . $post->url . '">' . $post->title . '</a> Add page'));
}
});
get('/:static/:sub', function ($static, $sub) {
$father_post = get_static_post($static);
if (!$father_post) {
not_found();
}
$post = get_static_sub_post($static, $sub);
if (!$post) {
not_found();
}
$post = $post[0];
if (config("views.counter") == "true") {
add_view($post->file);
}
if (!login()) {
file_cache($_SERVER['REQUEST_URI']);
}
render('static', array('head_contents' => head_contents($post->title . ' - ' . blog_title(), $post->description, $post->url), 'bodyclass' => 'inpage', 'breadcrumb' => '<a href="' . site_url() . '">' . config('breadcrumb.home') . '</a> » <a href="' . $father_post[0]->url . '">' . $father_post[0]->title . '</a> » ' . $post->title, 'p' => $post, 'type' => 'staticpage'));
});
// If we get here, it means that
// nothing has been matched above
get('.*', function () {
not_found();
});
// Serve the blog
dispatch();
function count_visits($content)
{
global $post;
if (!$post instanceof WP_Post) {
return $content;
}
if (is_singular() && is_main_query()) {
$vote = esc_attr(get_post_meta($post->ID, 'cb_vote_allow', true));
if ($vote == "yes") {
if (function_exists('add_view')) {
add_view($post->ID);
}
}
}
return $content;
}
<?php
$out_file = path(APP_PATH, 'app', 'controllers', "{$name}.php");
if (is_file($out_file)) {
error("\n Controller '{$name}' already exists\n");
} else {
add_controller($name, arg('A no-action'));
add_route($name, "{$name}#index", $name);
if (!arg('V no-view')) {
$text = "section\n header\n {$name}#index.view\n pre = path(APP_PATH, 'app', 'views', '{$name}', 'index.php.neddle')";
add_view($name, 'index.php.neddle', "{$text}\n");
}
}
<?php
$out_file = path(APP_PATH, 'app', 'controllers', "{$name}.php");
if (!is_file($out_file)) {
error("\n Missing '{$name}' controller\n");
} elseif (!$action) {
error("\n Missing action for '{$name}' controller\n");
} else {
$continue = TRUE;
$method = arg('m method') ?: 'get';
$route = arg('r route') ?: "{$name}/{$action}";
$path = arg('p path') ?: "{$name}_{$action}";
if (!arg('A no-action')) {
if (!add_action($name, $action, $method, $route, $path)) {
error("\n Action '{$action}' already exists\n");
$continue = FALSE;
}
}
if ($continue) {
add_route($route, "{$name}#{$action}", $path, $method);
if (!arg('V no-view')) {
$text = "section\n header\n {$name}#{$action}.view\n pre = path(APP_PATH, 'app', 'views', '{$name}', '{$action}.php.neddle')";
add_view($name, "{$action}.php.neddle", "{$text}\n");
}
}
}
