$itemid = empty($_POST['oitemid']) ? $itemid : $_POST['oitemid']; postspacetag('update', $type, $itemid, $tagarr, $status); } //附件 if ($setsqlarr['haveattach']) { $_SGLOBAL['db']->query('UPDATE ' . tname('attachments') . ' SET isavailable=1, type=\'' . $type . '\', itemid=' . $itemid . ', catid=\'' . $_POST['catid'] . '\' WHERE hash=\'' . $_POST['hash'] . '\''); } //内容 图片路径和附件路径处理 $_POST['message'] = preg_replace_callback("/src\\=(.{2})([^\\>\\s]{10,105})\\.(jpg|gif|png)/i", 'addurlhttp', $_POST['message']); $_POST['message'] = str_replace('href=\\"batch.download.php', 'href=\\"' . S_URL . '/batch.download.php', $_POST['message']); $setsqlarr = array('message' => scensor($_POST['message'], 1), 'postip' => $_SGLOBAL['onlineip'], 'customfieldid' => $_POST['customfieldid'], 'customfieldtext' => $setcustomfieldtext); //相关TAG $tagnamearr = array_merge($tagarr['existsname'], $tagarr['nonename']); $setsqlarr['relativetags'] = addslashes(serialize($tagnamearr)); //包含tag $setsqlarr['includetags'] = postgetincludetags($_POST['message'], $tagnamearr); //相关阅读 $setsqlarr['relativeitemids'] = getrelativeitemids($itemid, array('news')); //额外信息 $setsqlarr['newsauthor'] = shtmlspecialchars(trim($_POST['newsauthor'])); $setsqlarr['newsfrom'] = shtmlspecialchars(trim($_POST['newsfrom'])); $setsqlarr['newsurl'] = shtmlspecialchars(trim($_POST['newsurl'])); $setsqlarr['newsfromurl'] = shtmlspecialchars(trim($_POST['newsfromurl'])); $setsqlarr['pageorder'] = $pageorder; $setsqlarr['itemid'] = $itemid; if ($op == 'add') { //添加内容 $arraymessage = array(); if (!$_SGET['folder']) { $arraymessage = explode('###NextPage###', $setsqlarr['message']); } else {
showmessage('admin_func_catid_error'); } //TAG处理 if (empty($_POST['tagname'])) { $_POST['tagname'] = ''; } $tagarr = posttag($_POST['tagname']); $tagnamearr = array_merge($tagarr['existsname'], $tagarr['nonename']); $othercatidarr = array(); if (!empty($_POST['othercatid'])) { $othercatidarr = $_POST['othercatid']; } $othercatidarr = array_unique($othercatidarr); $itemid = empty($_POST['itemid']) ? 0 : intval($_POST['itemid']); $newsarr = array('subject' => $_POST['subject'], 'catid' => $_POST['catid'], 'type' => $_POST['type'], 'reply_notify' => $_POST['reply_notify'], 'allowedit' => $_POST['allowedit'], 'pollid' => $_POST['pollid'], 'othercatid' => implode(',', $othercatidarr), 'lastpost' => $_SGLOBAL['timestamp']); $itemarr = array('message' => $_POST['message'], 'relativetags' => addslashes(serialize($tagnamearr)), 'newsfrom' => $_POST['newsfrom'], 'newsauthor' => $_POST['newsauthor'], 'newsfromurl' => $_POST['newsfromurl'], 'postip' => $_SGLOBAL['onlineip'], 'includetags' => postgetincludetags($_POST['message'], $tagnamearr)); #Modify by chenguoren $newsarr['hash'] = trim($_POST['hash']); if (!empty($_POST['divupload']) && is_array($_POST['divupload'])) { $newsarr['haveattach'] = 1; $newsarr['picid'] = intval($_POST['picid']); } #end if (empty($itemid)) { if (!empty($_SCONFIG['posttime']) && $_SGLOBAL['group']['groupid'] != 1) { if ($_SGLOBAL['timestamp'] - $_SGLOBAL['member']['lastposttime'] < $_SCONFIG['posttime']) { showmessage('post_too_much'); } } $newsarr['uid'] = $_SGLOBAL['supe_uid']; $newsarr['username'] = $_SGLOBAL['supe_username'];
$_POST['newsauthor'] = shtmlspecialchars(trim($_POST['newsauthor'])); $_POST['newsfromurl'] = shtmlspecialchars(trim($_POST['newsfromurl'])); $_POST['catid'] = intval($_POST['catid']); $_POST['type'] = shtmlspecialchars(trim($_POST['type'])); if (empty($_POST['catid'])) { showmessage('admin_func_catid_error'); } //TAG´¦Àí if (empty($_POST['tagname'])) { $_POST['tagname'] = ''; } $tagarr = posttag($_POST['tagname']); $tagnamearr = array_merge($tagarr['existsname'], $tagarr['nonename']); $itemid = empty($_POST['itemid']) ? 0 : intval($_POST['itemid']); $newsarr = array('subject' => $_POST['subject'], 'catid' => $_POST['catid'], 'type' => $_POST['type'], 'lastpost' => $_SGLOBAL['timestamp']); $itemarr = array('message' => $_POST['message'], 'newsfrom' => $_POST['newsfrom'], 'newsauthor' => $_POST['newsauthor'], 'newsfromurl' => $_POST['newsfromurl'], 'postip' => $_SGLOBAL['onlineip'], 'includetags' => postgetincludetags($_POST['message'], $tagnamearr)); if (empty($itemid)) { $newsarr['uid'] = $_SGLOBAL['supe_uid']; $newsarr['username'] = $_SGLOBAL['supe_username']; $newsarr['dateline'] = $_SGLOBAL['timestamp']; if ($_POST['fromtype'] == 'newspost') { $newsarr['fromtype'] = 'newspost'; $newsarr['fromid'] = intval($_POST['id']); } else { $newsarr['fromtype'] = 'userpost'; } if (!checkperm('allowdirectpost')) { $itemarr['itemid'] = inserttable('spaceitems', $newsarr, 1); inserttable('spacenews', $itemarr); getreward('postinfo'); $do = 'pass';