function comment_js_action() {
front::check_type(front::get('aid'));
$comment=new comment();
$this->view->comments=$comment->getrows('state=1 and aid='.front::get('aid'),20,'1');
$this->view->aid=front::get('aid');
echo tool::text_javascript($this->fetch());
exit;
}
function edit_action() {
if(front::post('submit')) {
unset(front::$post['groupid']);
unset(front::$post['powerlist']);
foreach (front::$post as $k => $v){
if(is_array($v) && !empty($v)){
front::$post[$k] = implode(',', $v);
}
front::check_type(front::post($k), 'safe');
}
$this->_user->rec_update(front::$post,'userid='.session::get('userid'));
front::flash(lang('修改资料成功!'));
front::redirect(url::create('user/index'));
}
$this->view->data=$this->view->user;
}
function do_action() {
if(front::post('submit') &&front::post('vote') &&front::post('aid')) {
front::check_type(front::post('aid'));
if(!isset($this->view->user)) front::flash(lang('请登陆!'));
$vote=new vote();
$_vote=$vote->getrow('aid='.front::post('aid'));
if(eregi($this->view->user['username'].',',$_vote['users'])) {
front::flash(lang('不能重复投票!'));
front::redirect(front::$from);
}
$_votes=$_vote['votes'];
if(!$_votes) $_votes=array();
else $_votes=unserialize($_votes);
$_votes[front::post('vote')]=$_votes[front::post('vote')]+1;
$votes=serialize($_votes);
$vote_data=array_merge($_vote,array('votes'=>$votes,'aid'=>front::post('aid'),'users'=>$_vote['users'].$this->view->user['username'].','));
$vote->rec_replace($vote_data,front::post('aid'));
front::flash(lang('投票成功!'));
}else {
front::flash(lang('投票失败!'));
}
front::redirect(front::$from);
}
function eaddslashes($string, $force = 1) {
if (is_array($string)) {
$keys = array_keys($string);
foreach ($keys as $key) {
$val = $string[$key];
unset($string[$key]);
$string[$key] = eaddslashes($val, $force);
}
} else {
$string = htmlspecialchars(trim($string));
if(!front::$isadmin){
front::check_type($string,'safe');
}
}
return $string;
}
function show_action() {
front::check_type(front::$get['id']);
$this->_view_table=$this->_table->getrow(front::$get['id'],1,'1 desc',$this->_table->getcols('modify'));
}
front::check_type(front::post('keyword'), 'safe');
if (front::post('keyword')) {
$_keyword=trim(front::post('keyword'));
session::set('keyword', $_keyword);
}
else {
session::set('keyword', null);
$_keyword=session::get('keyword');
}
if (front::get('keywordcount') && !front::post('keywordcount'))
front::$post['keywordcount']=front::get('keywordcount');
front::check_type(front::post('keywordcount'), 'safe');
if (front::post('keywordcount')) {
$_keywordcount=trim(front::post('keywordcount'));
session::set('keywordcount', $_keywordcount);
}
else {
session::set('keywordcount', null);
$_keywordcount=session::get('keywordcount');
}
}
if ($_GET['site'] != 'default') {
function view_js_action() {
front::check_type(front::get('aid'));
$aid = front::get('aid');
$this->archive->rec_update('view=view+1', $aid);
$archive = $this->archive->getrow($aid);
echo tool::text_javascript($archive['view']);
exit;
}
function test_action() {
front::check_type(front::get('id'));
$tagid=front::get('id');
echo templatetag::tag($tagid);
}
function delete_action() {
front::check_type(front::get('id'));
$row = $this->_table->getrow(array('id'=>front::get('id')));
if($row['mid'] != $this->view->user['userid']){
exit('你没权限删除');
}
$delete=$this->_table->rec_delete(front::get('id'));
if($delete) front::flash(lang('删除记录成功!'));
front::redirect(url::modify('act/list/manage/'.$this->table));
}
function search_action() {
if(front::get('keyword') &&!front::post('keyword'))
front::$post['keyword']=front::get('keyword');
front::check_type(front::post('keyword'),'safe');
if(front::post('keyword')) {
$this->view->keyword=trim(front::post('keyword'));
session::set('keyword',$this->view->keyword);
}
else {
session::set('keyword',null);
$this->view->keyword=session::get('keyword');
}
$type = $this->view->type;
$condition = "";
if(front::post('catid')) {
$condition .= "catid = '".front::post('catid')."' AND ";
}
$condition .= "(title like '%".$this->view->keyword."%'";
$sets=settings::getInstance()->getrow(array('tag'=>'table-fieldset'));
$arr = unserialize($sets['value']);
if(is_array($arr['archive']) &&!empty($arr['archive'])) {
foreach ($arr['archive'] as $v) {
if($v['issearch'] == '1') {
$condition .= " OR {$v['name']} like '%{$this->view->keyword}%'";
}
}
}
$condition .= ")";
$order = "`listorder` desc,1 DESC";
$limit=(($this->view->page-1)*$this->pagesize).','.$this->pagesize;
$articles=$this->archive->getrows($condition,$limit,$order);
foreach($articles as $order=>$arc) {
$articles[$order]['url']=archive::url($arc);
$articles[$order]['catname']=category::name($arc['catid']);
$articles[$order]['caturl']=category::url($arc['catid']);
$articles[$order]['adddate']= sdate($arc['adddate']);
$articles[$order]['stitle']= strip_tags($arc['title']);
}
$this->view->articles=$articles;
$this->view->archives=$articles;
$this->view->record_count=$this->archive->record_count;
}
function show_action() {
front::check_type(front::get('id'));
$announcement=new announcement();
$this->view->announ=$announcement->getrow(front::get('id'));
}
function index_archive($catid) {
$index_archive = new archive();
$index_category = category::getInstance();
$index_view_category = $index_category->category;
if (front::get('page'))
$page = front::get('page');
else
$page = 1;
$index_view_page = $page;
front::check_type($page);
$_catpage = category::categorypages($catid);
if ($_catpage) {
$index_pagesize = $_catpage;
} else {
$index_pagesize = config::get('list_pagesize');
}
front::check_type($index_pagesize);
$index_view_categorys = category::getpositionlink2($catid);
$topid = category::gettopparent($catid);
if (!isset($index_category->category[$catid]) ||
!isset($index_category->category[$topid])) {
$this->out('message/error.html');
}
$limit = (($index_view_page - 1) * $index_pagesize) . ',' . $index_pagesize;
$categories = array();
if (@$index_category->category[$catid]['ispages'])
$categories = $index_category->sons($catid);
$categories[] = $catid;
$index_view_pages = @$index_category->category[$catid]['ispages'];
if (!rank::catget($catid, $index_view_usergroupid))
$this->out('message/error.html');
$order = "`listorder` asc,`adddate` DESC";
if (@$index_category->category[$catid]['includecatarchives'])
$articles = $index_archive->getrows('catid in (' . implode(',', $categories) . ') and checked=1', $limit, $order);
else
$articles = $index_archive->getrows('catid=' . $catid . ' and checked=1', $limit, $order);
if (!is_array($articles)) {
$this->out('message/error.html');
}
foreach ($articles as $order => $arc) {
$articles[$order]['url'] = archive::url($arc);
$articles[$order]['catname'] = category::name($arc['catid']);
$articles[$order]['caturl'] = category::url($arc['catid']);
$articles[$order]['adddate'] = sdate($arc['adddate']);
$articles[$order]['stitle'] = strip_tags($arc['title']);
$articles[$order]['strgrade'] = archive::getgrade($arc['grade']);
}
$index_view_archives = $articles;
if (@$index_category->category[$catid]['includecatarchives'])
$index_view_record_count = $index_archive->rec_count('catid in(' . implode(',', $categories) . ')');
else
$index_view_record_count = $index_archive->rec_count('catid=' . $catid);
front::$record_count = $index_view_record_count;
return $index_view_archives;
}
function down_action() {
if(config::get('verifycode')) {
if(cookie::get('allowdown')!=md5(url::create('attachment/downfile/aid/'.front::get('aid').'/v/ce'))) {
header("Location: index.php?case=attachment&act=downfile&aid=".front::get('aid')."&v=ce");
}
}
front::check_type(front::get('aid'));
if(!rank::arcget(front::get('aid'),$this->view->usergroupid,'down')) {
$link="<script>alert(\"未取得授权,无法下载!\");</script>";
exit($link);
}
if(strtolower(substr(archive_attachment(front::get('aid'),'path'),0,4)) == 'http'){
echo "<script>window.location.href='".archive_attachment(front::get('aid'),'path')."';</script>";
exit;
}
$path=ROOT.'/'.archive_attachment(front::get('aid'),'path');
$path=iconv('utf-8','gbk//ignore',$path);
if (!is_readable($path)) {
header("HTTP/1.1 404 Not Found");
exit;
}
$size=filesize($path);
$content=file_get_contents($path);
$size=strlen($content);
$name=preg_replace('%(.*)[\\\\\/](.*)_\d+(\.[a-z]+)$%i','$2$3',$path);
$name=substr($name,-7,7);
$name='CmsEasy_file_'.$name;
header('Content-Type: application/octet-stream');
header("Content-Length: $size");
header("Content-Disposition: attachment; filename=\"$name\"");
header("Content-Transfer-Encoding: binary");
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
echo $content;
exit;
}