예제 #1
0
파일: pcmanage.php 프로젝트: bianle/www2
<script language="javascript">
alert("已将 <?php 
        echo htmlspecialchars($rows[subject]);
        ?>
 放入剪切板!");
</script>
<?php 
        pc_return("pcdoc.php?userid=" . $pc["USER"] . "&tag=3&pid=" . $rows[pid]);
    } elseif ($act == "favpaste") {
        if (!$_COOKIE["BLOGFAVACTION"]) {
            pc_html_init("gb2312", stripslashes($pc["NAME"]));
            html_error_quit("您的剪贴板是空的,请先剪切或者复制一个文件!");
            exit;
        }
        $pid = intval($_GET["pid"]);
        if (!pc_load_directory($link, $pc["UID"], $pid)) {
            pc_html_init("gb2312", stripslashes($pc["NAME"]));
            html_error_quit("目标文件夹不存在!");
            exit;
        }
        if (pc_file_num($link, $pc["UID"], $pid) + 1 > $pc["NLIM"]) {
            pc_html_init("gb2312", stripslashes($pc["NAME"]));
            html_error_quit("目标文件夹中的文件数已达上限 " . $pc["NLIM"] . " 个!");
            exit;
        }
        if (intval($_COOKIE["BLOGFAVNID"])) {
            if ($_COOKIE["BLOGFAVACTION"] == "favcut") {
                $query = "UPDATE nodes SET `pid` = '" . $pid . "' WHERE `nid` = '" . intval($_COOKIE["BLOGFAVNID"]) . "';";
            } elseif ($_COOKIE["BLOGFAVACTION"] == "favcopy") {
                $query = "SELECT * FROM nodes WHERE `nid` = '" . intval($_COOKIE["BLOGFAVNID"]) . "' LIMIT 0 , 1 ;";
                $result = mysql_query($query, $link);
예제 #2
0
파일: pcfuncs.php 프로젝트: bianle/www2
function pc_add_node($link, $pc, $pid, $tid, $emote, $comment, $access, $htmlTag, $trackback, $theme, $subject, $body, $nodeType, $autodetecttbp, $tbpUrl, $tbpArt, $convert_encoding, $filtered, $address, $publisher)
{
    global $pcconfig, $support_encodings, $sending_encoding;
    $pid = intval($pid);
    $tid = intval($tid);
    $emote = intval($emote);
    $comment = $comment == 1 ? 1 : 0;
    $access = intval($access);
    $htmlTag = $htmlTag == 1 ? 1 : 0;
    $trackback = $trackback == 1 ? 1 : 0;
    $subject = addslashes(trim($subject));
    $body = html_editorstr_format(trim($body));
    $nodeType = intval($nodeType);
    //0: 普通;1: log,不可删除
    if ($convert_encoding) {
        if (!strstr($support_encodings, $convert_encoding)) {
            $convert_encoding = $sending_encoding;
        }
    } else {
        $convert_encoding = $sending_encoding;
    }
    if (!$pc || !is_array($pc)) {
        return FALSE;
    }
    if (!$subject) {
        //检查主题
        return -1;
    }
    if ($access < 0 || $access > 4) {
        $access = 2;
    }
    //如果参数错误先在私人区发表
    if ($access == 3) {
        if (!pc_load_directory($link, $pc["UID"], $pid)) {
            return -2;
        }
        if (pc_used_space($link, $pc["UID"], 3, $pid) >= $pc["NLIM"]) {
            //目标文件夹使用空间
            return -3;
        }
        $tid = 0;
    } else {
        $pid = 0;
        if (pc_used_space($link, $pc["UID"], $access) >= $pc["NLIM"]) {
            //目标文件夹使用空间
            return -3;
        }
        if ($tid != 0) {
            if (!pc_load_topic($link, $pc["UID"], $tid, $topicname, $access)) {
                return -4;
            }
        }
    }
    if ($access != 0) {
        $tbpUrl = "";
        $autodetecttbp = FALSE;
    }
    $into_filter = false;
    if (!$filtered) {
        //未经过过滤检查的要先检查一次
        if (bbs_checkbadword($subject) || bbs_checkbadword($body)) {
            $into_filter = true;
        }
    }
    if (!pc_is_groupwork($pc)) {
        $publisher = "";
    } elseif (!$publisher) {
        return -10;
    } else {
    }
    if (!$into_filter) {
        if ($tbpUrl && pc_tbp_check_url($tbpUrl) && $tbpArt) {
            if ($htmlTag) {
                $body .= "<br /><br /><strong>相关文章</strong><br />\n" . "<a href='" . $tbpArt . "'>" . $tbpArt . "</a>";
            } else {
                $body .= "\n\n[相关文章]\n" . $tbpArt;
            }
        }
        if (pc_is_groupwork($pc)) {
            //群体BLOG文章要加一个头
            $body = pc_groupwork_addhead($pc, $body, $htmlTag, $publisher);
        }
    }
    if (!isset($pcconfig["SECTION"][$theme])) {
        $theme = "others";
    }
    $theme = addslashes($theme);
    $body = addslashes($body);
    if (!$address) {
        $address = $_SERVER["REMOTE_ADDR"];
    }
    //日志入库
    if ($into_filter) {
        $query = "INSERT INTO `filter` (  `pid` , `nid` , `tid` , `type` , `state` , `recuser` , `emote` , `hostname` , `changed` , `created` , `uid` , `username` , `comment` , `commentcount` , `subject` , `body` , `access` , `visitcount` , `htmltag`,`trackback` ,`trackbackcount`,`nodetype`,`tbp_url`,`tbp_art`,`auto_tbp`,`tbpencoding`,`theme`,`publisher`) " . "VALUES ( '" . $pid . "', 0 , '" . $tid . "' , '0', '0' , '', '" . $emote . "' ,  '" . addslashes($_SERVER["REMOTE_ADDR"]) . "',NOW( ) , NOW( ), '" . $pc["UID"] . "' , '" . addslashes($pc["USER"]) . "' , '" . $comment . "', '0', '" . $subject . "', '" . $body . "', '" . $access . "', '0' , '" . $htmlTag . "' ,'" . $trackback . "','0','" . $nodeType . "','" . addslashes($tbpUrl) . "','" . addslashes($tbpArt) . "','" . intval($autodetecttbp) . "','" . addslashes($convert_encoding) . "','" . $theme . "','" . addslashes($publisher) . "');";
    } else {
        $query = "INSERT INTO `nodes` (  `pid` , `tid` , `type` , `recuser` , `emote` , `hostname` , `changed` , `created` , `uid` , `comment` , `commentcount` , `subject` , `body` , `access` , `visitcount` , `htmltag`,`trackback` ,`trackbackcount`,`nodetype`,`theme`,`publisher`) " . "VALUES ( '" . $pid . "', '" . $tid . "' , '0', '', '" . $emote . "' ,  '" . addslashes($address) . "',NOW( ) , NOW( ), '" . $pc["UID"] . "', '" . $comment . "', '0', '" . $subject . "', '" . $body . "', '" . $access . "', '0' , '" . $htmlTag . "' ,'" . $trackback . "','0','" . $nodeType . "','" . $theme . "','" . addslashes($publisher) . "');";
    }
    if (!mysql_query($query, $link)) {
        return -5;
    }
    //公开区文章发布后更新文章数
    if (!$into_filter) {
        if ($access == 0) {
            pc_update_record($link, $pc["UID"], "+1");
        }
    }
    if (!$into_filter) {
        $detectnum = 0;
        if ($autodetecttbp) {
            $detecttbps = array();
            $detectnum = pc_detect_trackbackpings($body, $detecttbps, $tbpUrl);
        }
        if ($tbpUrl || $detectnum) {
            //提取日志的nid
            $query = "SELECT `nid` FROM nodes WHERE `subject` = '" . $subject . "' AND `body` = '" . $body . "' AND `uid` = '" . $pc["UID"] . "' AND `access` = '" . $access . "' AND `pid` = '" . $pid . "' AND `tid` = '" . $tid . "' ORDER BY nid DESC LIMIT 0,1;";
            $result = mysql_query($query, $link);
            $rows = mysql_fetch_array($result);
            if (!$rows) {
                return -6;
            }
            $thisNid = $rows[nid];
            mysql_free_result($result);
            if ($htmlTag) {
                $tbbody = undo_html_format(strip_tags(stripslashes($body)));
            } else {
                $tbbody = stripslashes($body);
            }
            if (strlen($tbbody) > 255) {
                $tbbody = substr($tbbody, 0, 251) . " ...";
            }
            $subject = stripslashes($subject);
            $blogname = undo_html_format($pc["NAME"]);
            if ($pcconfig["ENCODINGTBP"]) {
                iconv_set_encoding("internal_encoding", $convert_encoding);
                iconv_set_encoding("output_encoding", $convert_encoding);
                $subject = iconv($default_encoding, $convert_encoding, $subject);
                $tbbody = iconv($default_encoding, $convert_encoding, $tbbody);
                $blogname = iconv($default_encoding, $convert_encoding, $blogname);
            }
            $tbarr = array("title" => $subject, "excerpt" => $tbbody, "url" => "http://" . $pcconfig["SITE"] . "/pc/pccon.php?id=" . $pc["UID"] . "&tid=" . $tid . "&nid=" . $thisNid . "&s=all", "blogname" => $blogname);
            if ($tbpUrl) {
                //发送引用通告
                pc_tbp_trackback_ping($tbpUrl, $tbarr);
            }
            for ($i = 0; $i < $detectnum; $i++) {
                pc_tbp_trackback_ping($detecttbps[$i], $tbarr);
            }
        }
    }
    if ($into_filter) {
        return -9;
    } else {
        return 0;
    }
}