public function insertXueshu($arr)
{
$user = new User($this->arr);
if ($user->islogin()) {
$user_id = $user->getUserId();
$huida_id = isset($arr['huida_id']) ? (int) $arr['huida_id'] : 0;
$kinds = C::safe($arr['kinds'], $this->dbc);
$title = C::safe($arr['title'], $this->dbc);
$content = Safe::removeXSS($arr['content']);
$filename = sha1(uniqid() . $user_id) . '.txt';
// $table = $this->arr['xml']->xueshu['table'];
$table = $this->table;
$file_dir = $this->arr['xml']->xueshu['dir'];
$root_dir = $this->arr['root_dir'];
if (file_put_contents(dirname(dirname(__FILE__)) . '/' . $file_dir . $filename, $content)) {
$query = sprintf("INSERT INTO %s (user_id,kinds,title,filename,huida_id)\n\t\t\t\t\t\tVALUES(%d,'%s','%s','%s', %d)", $table, $user_id, $kinds, $title, $filename, $huida_id);
$result = C::query($query, $this->dbc);
if ($result) {
$arr = array('isok' => '1', 'info' => 'Ok', 'content' => $content);
} else {
$arr = array('isok' => '0', 'code' => 3, 'info' => mysql_error($this->dbc));
}
if ($huida_id !== 0) {
$query = sprintf("UPDATE %s SET huida = huida + 1 WHERE xueshu_id = %d", $table, $huida_id);
C::query($query, $this->dbc);
}
} else {
$arr = array('isok' => '0', 'code' => 2, 'info' => 'can not write into file!');
}
} else {
$arr = array('isok' => '0', 'code' => 1, 'info' => 'have not login!');
}
return $arr;
}
