function AddPl($username, $password, $nomember, $key, $saytext, $id, $classid, $repid, $add)
{
global $empire, $dbtbpre, $public_r, $class_r, $level_r;
//验证本时间允许操作
eCheckTimeCloseDo('pl');
//验证IP
eCheckAccessDoIp('pl');
$id = (int) $id;
$repid = (int) $repid;
$classid = (int) $classid;
//验证码
$keyvname = 'checkplkey';
if ($public_r['plkey_ok']) {
ecmsCheckShowKey($keyvname, $key, 1);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
$mgroupid = (int) getcvar('mlgroupid');
if ($muserid) {
$cklgr = qCheckLoginAuthstr();
if ($cklgr['islogin']) {
$username = $musername;
} else {
$muserid = 0;
}
} else {
if (empty($nomember)) {
if (!$username || !$password) {
printerror("FailPassword", "history.go(-1)", 1);
}
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password,checked,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (empty($ur['userid'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if ($ur['checked'] == 0) {
printerror("NotCheckedUser", '', 1);
}
$muserid = $ur['userid'];
$mgroupid = $ur['groupid'];
} else {
$muserid = 0;
}
}
if ($public_r['plgroupid']) {
if (!$muserid) {
printerror("GuestNotToPl", "history.go(-1)", 1);
}
if ($level_r[$mgroupid][level] < $level_r[$public_r['plgroupid']][level]) {
printerror("NotLevelToPl", "history.go(-1)", 1);
}
}
//专题
$doaction = $add['doaction'];
if ($doaction == 'dozt') {
if (!trim($saytext) || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select ztid,closepl,checkpl,restb from {$dbtbpre}enewszt where ztid='{$classid}'");
if (!$r['ztid']) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($r['closepl']) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//审核
if ($r['checkpl']) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pubid = '-' . $classid;
$id = 0;
$pagefunr = eReturnRewritePlUrl($classid, $id, 'dozt', 0, 0, 1);
$returl = $pagefunr['pageurl'];
} else {
if (!trim($saytext) || !$id || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//表存在
if (empty($class_r[$classid][tbname])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select classid,stb,restb from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' limit 1");
if (!$r['classid'] || $r['classid'] != $classid) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($class_r[$r[classid]][openpl]) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//单信息关闭评论
$pubid = ReturnInfoPubid($classid, $id);
$finfor = $empire->fetch1("select closepl from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_data_" . $r['stb'] . " where id='{$id}' limit 1");
if ($finfor['closepl']) {
printerror("CloseInfoPl", "history.go(-1)", 1);
}
//审核
if ($class_r[$classid][checkpl]) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pagefunr = eReturnRewritePlUrl($classid, $id, 'doinfo', 0, 0, 1);
$returl = $pagefunr['pageurl'];
}
//设置参数
$plsetr = $empire->fetch1("select pltime,plsize,plincludesize,plclosewords,plmustf,plf,plmaxfloor,plquotetemp from {$dbtbpre}enewspl_set limit 1");
if (strlen($saytext) > $plsetr['plsize']) {
$GLOBALS['setplsize'] = $plsetr['plsize'];
printerror("PlSizeTobig", "history.go(-1)", 1);
}
$time = time();
$saytime = $time;
$pltime = getcvar('lastpltime');
if ($pltime) {
if ($time - $pltime < $plsetr['pltime']) {
$GLOBALS['setpltime'] = $plsetr['pltime'];
printerror("PlOutTime", "history.go(-1)", 1);
}
}
$sayip = egetip();
$eipport = egetipport();
$username = str_replace("\r\n", "", $username);
$username = RepPostStr($username);
$saytext = nl2br(RepFieldtextNbsp(RepPostStr($saytext)));
if ($repid) {
$saytext = RepPlTextQuote($repid, $saytext, $plsetr, $restb);
CkPlQuoteFloor($plsetr['plmaxfloor'], $saytext);
//验证楼层
}
//过滤字符
$saytext = ReplacePlWord($plsetr['plclosewords'], $saytext);
if ($level_r[$mgroupid]['plchecked']) {
$checked = 0;
}
$ret_r = ReturnPlAddF($add, $plsetr, 0);
//主表
$sql = $empire->query("insert into {$dbtbpre}enewspl_" . $restb . "(pubid,username,sayip,saytime,id,classid,checked,zcnum,fdnum,userid,isgood,saytext,eipport" . $ret_r['fields'] . ") values('{$pubid}','" . $username . "','{$sayip}','{$saytime}','{$id}','{$classid}','{$checked}',0,0,'{$muserid}',0,'" . addslashes($saytext) . "','{$eipport}'" . $ret_r['values'] . ");");
$plid = $empire->lastid();
if ($doaction != 'dozt') {
//信息表加1
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set plnum=plnum+1 where id='{$id}' limit 1");
}
//更新新评论数
DoUpdateAddDataNum('pl', $restb, 1);
//设置最后发表时间
$set1 = esetcookie("lastpltime", time(), time() + 3600 * 24);
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
$reurl = DoingReturnUrl($returl, $_POST['ecmsfrom']);
printerror("AddPlSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
$enews = "MAddInfo";
}
$r = array();
$memberinfor = array();
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
$mrnd = RepPostVar(getcvar('mlrnd'));
$id = 0;
$newstime = time();
$r[newstime] = date("Y-m-d H:i:s");
$todaytime = $r[newstime];
$showkey = "";
$r['newstext'] = "";
$rechangeclass = '';
//验证会员信息
$mloginauthr = qCheckLoginAuthstr();
//取得登陆会员资料
if ($muserid && $mloginauthr['islogin']) {
$memberinfor = $empire->fetch1("select " . eReturnSelectMemberF('*', 'u.') . ",ui.* from " . eReturnMemberTable() . " u LEFT JOIN {$dbtbpre}enewsmemberadd ui ON u." . egetmf('userid') . "=ui.userid where u." . egetmf('userid') . "='{$muserid}' limit 1");
}
//增加
if ($enews == "MAddInfo") {
$cr = DoQCheckAddLevel($classid, $muserid, $musername, $mrnd, 0, 1);
$mr = $empire->fetch1("select qenter,qmname from {$dbtbpre}enewsmod where mid='{$cr['modid']}'");
if (empty($mr['qenter'])) {
printerror("NotOpenCQInfo", "history.go(-1)", 1);
}
//IP发布数限制
$check_ip = egetip();
$check_checked = $cr['wfid'] ? 0 : $cr['checkqadd'];
eCheckIpAddInfoNum($check_ip, $cr['tbname'], $cr['modid'], $check_checked);
function sys_CheckMemberGroup($groupid)
{
if (!defined('InEmpireCMSUser')) {
include_once ECMS_PATH . DASHBOARD . '/member/class/user.php';
}
$r = qCheckLoginAuthstr();
if (!$r['islogin']) {
return 0;
}
if (!strstr(',' . $groupid . ',', ',' . $r['groupid'] . ',')) {
return -1;
}
return 1;
}
