function blog_post($POST, $olds = array()) { global $_G, $space; $isself = 1; if (!empty($olds['uid']) && $olds['uid'] != $_G['uid']) { $isself = 0; $__G = $_G; $_G['uid'] = $olds['uid']; $_G['username'] = addslashes($olds['username']); } $POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1); $POST['subject'] = censor($POST['subject']); if (strlen($POST['subject']) < 1) { $POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d'); } $POST['friend'] = intval($POST['friend']); $POST['target_ids'] = ''; if ($POST['friend'] == 2) { $uids = array(); $names = empty($_POST['target_names']) ? array() : explode(',', preg_replace("/(\\s+)/s", ',', $_POST['target_names'])); if ($names) { $query = DB::query("SELECT uid FROM " . DB::table('common_member') . " WHERE username IN (" . dimplode($names) . ")"); while ($value = DB::fetch($query)) { $uids[] = $value['uid']; } } if (empty($uids)) { $POST['friend'] = 3; } else { $POST['target_ids'] = implode(',', $uids); } } elseif ($POST['friend'] == 4) { $POST['password'] = trim($POST['password']); if ($POST['password'] == '') { $POST['friend'] = 0; } } if ($POST['friend'] !== 2) { $POST['target_ids'] = ''; } if ($POST['friend'] !== 4) { $POST['password'] == ''; } $POST['tag'] = dhtmlspecialchars(trim($POST['tag'])); $POST['tag'] = getstr($POST['tag'], 500, 1, 1); $POST['tag'] = censor($POST['tag']); if ($_G['mobile']) { $POST['message'] = getstr($POST['message'], 0, 1, 0, 1); $POST['message'] = censor($POST['message']); } else { $POST['message'] = checkhtml($POST['message']); $POST['message'] = getstr($POST['message'], 0, 1, 0, 0, 1); $POST['message'] = censor($POST['message']); $POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']); } $message = $POST['message']; if (censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) { $blog_status = 1; } else { $blog_status = 0; } if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) { if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') { $classname = dhtmlspecialchars(trim(substr($POST['classid'], 4))); $classname = getstr($classname, 0, 1, 1); $classname = censor($classname); if (empty($classname)) { $classid = 0; } else { $classid = DB::result(DB::query("SELECT classid FROM " . DB::table('home_class') . " WHERE uid='{$_G['uid']}' AND classname='{$classname}'")); if (empty($classid)) { $setarr = array('classname' => $classname, 'uid' => $_G['uid'], 'dateline' => $_G['timestamp']); $classid = DB::insert('home_class', $setarr, 1); } } } else { $classid = intval($POST['classid']); } } else { $classid = $olds['classid']; } if ($classid && empty($classname)) { $classname = DB::result(DB::query("SELECT classname FROM " . DB::table('home_class') . " WHERE classid='{$classid}' AND uid='{$_G['uid']}'")); if (empty($classname)) { $classid = 0; } } $blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($POST['noreply']) ? 0 : 1, 'catid' => intval($POST['catid']), 'status' => $blog_status); $titlepic = ''; $uploads = array(); if (!empty($POST['picids'])) { $picids = array_keys($POST['picids']); $query = DB::query("SELECT * FROM " . DB::table('home_pic') . " WHERE picid IN (" . dimplode($picids) . ") AND uid='{$_G['uid']}'"); while ($value = DB::fetch($query)) { if (empty($titlepic) && $value['thumb']) { $titlepic = getimgthumbname($value['filepath']); $blogarr['picflag'] = $value['remote'] ? 2 : 1; } $uploads[$POST['picids'][$value['picid']]] = $value; } if (empty($titlepic) && $value) { $titlepic = $value['filepath']; $blogarr['picflag'] = $value['remote'] ? 2 : 1; } } if ($uploads) { preg_match_all("/\\[imgid\\=(\\d+)\\]/i", $message, $mathes); if (!empty($mathes[1])) { $searchs = $replaces = array(); foreach ($mathes[1] as $key => $value) { if (!empty($uploads[$value])) { $picurl = pic_get($uploads[$value]['filepath'], 'album', $uploads[$value]['thumb'], $uploads[$value]['remote'], 0); $searchs[] = "[imgid={$value}]"; $replaces[] = "<img src=\"{$picurl}\">"; unset($uploads[$value]); } } if ($searchs) { $message = str_replace($searchs, $replaces, $message); } } foreach ($uploads as $value) { $picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0); $message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>"; } } $ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message); if (empty($ckmessage)) { return false; } $message = addslashes($message); if (checkperm('manageblog')) { $blogarr['hot'] = intval($POST['hot']); } if ($olds['blogid']) { if ($blogarr['catid'] != $olds['catid']) { if ($olds['catid']) { DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num-1 WHERE catid='{$olds['catid']}' AND num>0"); } if ($blogarr['catid']) { DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num+1 WHERE catid='{$blogarr['catid']}'"); } } $blogid = $olds['blogid']; DB::update('home_blog', $blogarr, array('blogid' => $blogid)); $fuids = array(); $blogarr['uid'] = $olds['uid']; $blogarr['username'] = $olds['username']; } else { if ($blogarr['catid']) { DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num+1 WHERE catid='{$blogarr['catid']}'"); } $blogarr['uid'] = $_G['uid']; $blogarr['username'] = $_G['username']; $blogarr['dateline'] = empty($POST['dateline']) ? $_G['timestamp'] : $POST['dateline']; $blogid = DB::insert('home_blog', $blogarr, 1); DB::update('common_member_status', array('lastpost' => $_G['timestamp']), array('uid' => $_G['uid'])); DB::update('common_member_field_home', array('recentnote' => $POST['subject']), array('uid' => $_G['uid'])); } $blogarr['blogid'] = $blogid; $POST['tag'] = $olds ? modblogtag($POST['tag'], $blogid) : addblogtag($POST['tag'], $blogid); $fieldarr = array('message' => $message, 'postip' => $_G['clientip'], 'target_ids' => $POST['target_ids'], 'tag' => $POST['tag']); if (!empty($titlepic)) { $fieldarr['pic'] = $titlepic; } if ($olds) { DB::update('home_blogfield', $fieldarr, array('blogid' => $blogid)); } else { $fieldarr['blogid'] = $blogid; $fieldarr['uid'] = $blogarr['uid']; DB::insert('home_blogfield', $fieldarr); } if ($isself && !$olds && $blog_status == 0) { updatecreditbyaction('publishblog', 0, array('blogs' => 1)); include_once libfile('function/stat'); updatestat('blog'); } if ($POST['makefeed'] && $blog_status == 0) { include_once libfile('function/feed'); feed_publish($blogid, 'blogid', $olds ? 0 : 1); } if (!empty($__G)) { $_G = $__G; } if ($blog_status == 1) { updatemoderate('blogid', $blogid); manage_addnotify('verifyblog'); } return $blogarr; }
function pick_blog_post($POST, $olds = array()) { global $_G, $space; $__G = $_G; $_G['uid'] = $POST['uid']; $_G['username'] = addslashes($POST['username']); $POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1); //$POST['subject'] = addslashes($POST['subject']); if (strlen($POST['subject']) < 1) { $POST['subject'] = dgmdate($POST['public_time'], 'Y-m-d'); } $POST['friend'] = intval($POST['friend']); $POST['target_ids'] = ''; if ($POST['friend'] == 2) { $uids = array(); $names = empty($_GET['target_names']) ? array() : explode(',', preg_replace("/(\\s+)/s", ',', $_GET['target_names'])); if ($names) { $query = DB::query("SELECT uid FROM " . DB::table('common_member') . " WHERE username IN (" . dimplode($names) . ")"); while ($value = DB::fetch($query)) { $uids[] = $value['uid']; } } if (empty($uids)) { $POST['friend'] = 3; } else { $POST['target_ids'] = implode(',', $uids); } } elseif ($POST['friend'] == 4) { $POST['password'] = trim($POST['password']); if ($POST['password'] == '') { $POST['friend'] = 0; } } if ($POST['friend'] !== 2) { $POST['target_ids'] = ''; } if ($POST['friend'] !== 4) { $POST['password'] == ''; } $POST['tag'] = dhtmlspecialchars(trim($POST['article_tag'])); $POST['tag'] = getstr($POST['tag'], 500, 1, 1); $POST['tag'] = censor($POST['tag']); if ($_G['mobile']) { $POST['message'] = getstr($POST['message'], 0, 1, 0, 1); $POST['message'] = censor($POST['message']); } else { $POST['message'] = checkhtml($POST['message']); $POST['message'] = getstr($POST['message'], 0, 1, 0, 0, 1); //$POST['message'] = addslashes($POST['message']); $POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']); } $message = $POST['message']; $blog_status = 0; if ($olds['blog_id']) { $info = DB::fetch_first("SELECT blogid FROM " . DB::table('home_blog') . " WHERE blogid='" . $olds['blog_id'] . "'"); } if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) { if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') { $classname = dhtmlspecialchars(trim(substr($POST['classid'], 4))); $classname = getstr($classname, 0, 1, 1); $classname = censor($classname); if (empty($classname)) { $classid = 0; } else { $classid = DB::result(DB::query("SELECT classid FROM " . DB::table('home_class') . " WHERE uid='{$_G['uid']}' AND classname='{$classname}'")); if (empty($classid)) { $setarr = array('classname' => $classname, 'uid' => $_G['uid'], 'dateline' => $_G['timestamp']); $classid = DB::insert('home_class', $setarr, 1); } } } else { $classid = intval($POST['classid']); } } else { $classid = $olds['classid']; } if ($classid && empty($classname)) { $classname = DB::result(DB::query("SELECT classname FROM " . DB::table('home_class') . " WHERE classid='{$classid}' AND uid='{$_G['uid']}'")); if (empty($classname)) { $classid = 0; } } $blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'viewnum' => $POST['view_num'], 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($POST['noreply']) ? 0 : 1, 'catid' => intval($POST['catid']), 'status' => $blog_status); $titlepic = ''; $ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message); if (empty($ckmessage)) { return false; } $message = addslashes($message); if (checkperm('manageblog')) { $blogarr['hot'] = intval($POST['hot']); } if ($blogarr['catid']) { DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num+1 WHERE catid='{$blogarr['catid']}'"); } $blogarr['uid'] = $_G['uid']; $blogarr['username'] = $_G['username']; $blogarr['dateline'] = empty($POST['public_time']) ? $_G['timestamp'] : $POST['public_time']; if ($info['blogid']) { DB::update('home_blog', $blogarr, array('blogid' => $info['blogid'])); $blogid = $info['blogid']; } else { $blogid = DB::insert('home_blog', $blogarr, 1); } DB::update('common_member_status', array('lastpost' => $POST['public_time']), array('uid' => $_G['uid'])); DB::update('common_member_field_home', array('recentnote' => $POST['subject']), array('uid' => $_G['uid'])); $blogarr['blogid'] = $blogid; if (function_exists('modblogtag')) { $POST['tag'] = $olds ? modblogtag($POST['tag'], $blogid) : addblogtag($POST['tag'], $blogid); } else { $class_tag = new tag(); $POST['tag'] = $olds ? $class_tag->update_field($POST['tag'], $blogid, 'blogid') : $class_tag->add_tag($POST['tag'], $blogid, 'blogid'); } $fieldarr = array('message' => $message, 'postip' => $_G['clientip'], 'target_ids' => $POST['target_ids'], 'tag' => $POST['tag']); if (!empty($titlepic)) { $fieldarr['pic'] = $titlepic; } $fieldarr['blogid'] = $blogid; $fieldarr['uid'] = $blogarr['uid']; if ($info['blogid']) { DB::update('home_blogfield', $fieldarr, array('blogid' => $info['blogid'])); } else { DB::query("UPDATE " . DB::table('common_member_count') . " SET blogs=blogs+1 WHERE uid='{$fieldarr['uid']}'"); //更新数 DB::insert('home_blogfield', $fieldarr); } if ($isself && !$olds && $blog_status == 0) { updatecreditbyaction('publishblog', 0, array('blogs' => 1)); include_once libfile('function/stat'); updatestat('blog'); } if ($POST['makefeed'] && $blog_status == 0) { include_once libfile('function/feed'); feed_publish($blogid, 'blogid', $olds ? 0 : 1); } if (!empty($__G)) { $_G = $__G; } if ($blog_status == 1) { updatemoderate('blogid', $blogid); manage_addnotify('verifyblog'); } return $blogarr; }