Exemplo n.º 1
0
 public function vxBlogLinkSave()
 {
     $return = $_SERVER['HTTP_REFERER'];
     header('Content-type: text/plain;charset=UTF-8');
     if ($this->User->vxIsLogin()) {
         if (isset($_GET['weblog_id'])) {
             $weblog_id = intval($_GET['weblog_id']);
             $sql = "SELECT blg_id, blg_uid, blg_title, blg_links FROM babel_weblog WHERE blg_id = {$weblog_id}";
             $rs = mysql_query($sql);
             if ($_weblog = mysql_fetch_array($rs)) {
                 mysql_free_result($rs);
                 if ($_weblog['blg_uid'] == $this->User->usr_id) {
                     if (isset($_POST['blg_links'])) {
                         $blg_links = fetch_multi($_POST['blg_links']);
                         if (strlen($blg_links) > 2048) {
                             $_SESSION['babel_message_weblog'] = '链接描述文本过长';
                         } else {
                             $blg_links = str_replace('\\|', '{$pipeline}', $blg_links);
                             $blg_links_md5 = md5($blg_links);
                             $_links = explode("\n", $blg_links);
                             $links = array();
                             $category_current = '';
                             foreach ($_links as $entry) {
                                 $entry = trim($entry);
                                 if ($entry != '') {
                                     if (strpos($entry, '|') === false) {
                                         // This is a link category:
                                         $category_md5 = md5($entry);
                                         if (!in_array($category_md5, $links)) {
                                             $category_current = $category_md5;
                                             $links[$category_md5] = array();
                                             $links[$category_md5]['category'] = str_replace('{$pipeline}', '\\|', $entry);
                                             $links[$category_md5]['links'] = array();
                                         }
                                     } else {
                                         // This is a link:
                                         if ($category_current == '') {
                                             $category_current = md5('Blogroll');
                                             $links[$category_current] = array();
                                             $links[$category_current]['category'] = 'Blogroll';
                                             $links[$category_current]['links'] = array();
                                         }
                                         $_link_info = explode('|', $entry);
                                         $_link_info[0] = str_replace('{$pipeline}', '\\|', trim($_link_info[0]));
                                         $_link_info[1] = str_replace('{$pipeline}', '\\|', trim($_link_info[1]));
                                         if (mb_strlen($_link_info[1], 'UTF-8') > 7) {
                                             if (strtolower(mb_substr($_link_info[1], 0, 7, 'UTF-8')) != 'http://') {
                                                 $_link_info[1] = 'http://' . $_link_info['1'];
                                             }
                                         } else {
                                             $_link_info[1] = 'http://' . $_link_info['1'];
                                         }
                                         $link_md5 = md5($_link_info[1]);
                                         $links[$category_current]['links'][$link_md5] = array();
                                         $links[$category_current]['links'][$link_md5]['title'] = $_link_info[0];
                                         $links[$category_current]['links'][$link_md5]['url'] = $_link_info[1];
                                     }
                                 }
                             }
                             $links_sql = mysql_real_escape_string(serialize($links));
                             $sql = "UPDATE babel_weblog SET blg_links = '{$links_sql}' WHERE blg_id = {$weblog_id}";
                             mysql_unbuffered_query($sql);
                         }
                         return URL::vxToRedirect(URL::vxGetBlogLink($_weblog['blg_id']));
                     } else {
                         return URL::vxToRedirect(URL::vxGetBlogLink($_weblog['blg_id']));
                     }
                 } else {
                     return js_alert('你没有权力对这个博客网站进行操作', '/blog/admin.vx');
                 }
             } else {
                 mysql_free_result($rs);
                 return js_alert('指定的博客网站没有找到', '/blog/admin.vx');
             }
         } else {
             return js_alert('指定的博客网站没有找到', '/blog/admin.vx');
         }
     } else {
         return js_alert('你还没有登录,请登录之后再进行操作', URL::vxGetLogin(URL::vxGetBlogAdmin()));
     }
 }
                 }
                 mysql_free_result($rs);
             }
         } else {
             $flag_permit = false;
             $error_friend = true;
         }
     } else {
         $flag_permit = true;
     }
 } else {
     $flag_permit = false;
 }
 if ($flag_permit) {
     if (isset($_COOKIE['babel_weblog_comment_default'])) {
         $_default = unserialize(fetch_multi($_COOKIE['babel_weblog_comment_default']));
     } else {
         $_default = array();
         if ($User->vxIsLogin()) {
             $_default['nick'] = $User->usr_nick;
             $_default['email'] = $User->usr_email;
             $_default['url'] = '';
             $_default['remember'] = true;
         } else {
             $_default['nick'] = '';
             $_default['email'] = '';
             $_default['url'] = '';
             $_default['remember'] = false;
         }
         if ($_default['remember']) {
             setcookie('babel_weblog_comment_default', serialize($_default), time() + 86400 * 30, '/');
Exemplo n.º 3
0
 public function vxNodeEditCheck($node_id)
 {
     $rt = array();
     $rt['node_id'] = $node_id;
     $rt['errors'] = 0;
     /* Check: nod_name */
     $rt['nod_name_value'] = '';
     $rt['nod_name_maxlength'] = 40;
     $rt['nod_name_error'] = 0;
     $rt['nod_name_error_msg'] = array(1 => 'Node name cannot be empty.', 2 => 'New node name is too long.', 3 => 'Node name cannot be duplicated.', 4 => 'New node name contains illegal characters.');
     if (isset($_POST['nod_name'])) {
         $rt['nod_name_value'] = strtolower(fetch_single($_POST['nod_name']));
         if ($rt['nod_name_value'] != '') {
             if (strlen($rt['nod_name_value']) > $rt['nod_name_maxlength']) {
                 $rt['errors']++;
                 $rt['nod_name_error'] = 2;
             } else {
                 $sql = "SELECT nod_id FROM babel_node WHERE nod_id != '{$node_id}' AND nod_name = '" . mysql_real_escape_string($rt['nod_name_value']) . "'";
                 $rs = mysql_query($sql);
                 if (mysql_num_rows($rs) > 0) {
                     $rt['errors']++;
                     $rt['nod_name_error'] = 3;
                 }
                 mysql_free_result($rs);
             }
         } else {
             $rt['errors']++;
             $rt['nod_name_error'] = 1;
         }
     } else {
         $rt['errors']++;
         $rt['nod_name_error'] = 1;
     }
     /* Check: nod_title */
     $rt['nod_title_value'] = '';
     $rt['nod_title_maxlength'] = 50;
     $rt['nod_title_error'] = 0;
     $rt['nod_title_error_msg'] = array(1 => 'General title cannot be empty.', 2 => 'New title is too long.');
     if (isset($_POST['nod_title'])) {
         $rt['nod_title_value'] = fetch_single($_POST['nod_title']);
         if ($rt['nod_title_value'] != '') {
             if (strlen($rt['nod_title_value']) > $rt['nod_title_maxlength']) {
                 $rt['errors']++;
                 $rt['nod_title_error'] = 2;
             }
         } else {
             $rt['errors']++;
             $rt['nod_title_error'] = 1;
         }
     } else {
         $rt['errors']++;
         $rt['nod_title_error'] = 1;
     }
     /* Check: nod_title_en_us */
     $rt['nod_title_en_us_value'] = '';
     $rt['nod_title_en_us_error'] = 0;
     $rt['nod_title_en_us_error_msg'] = array(2 => 'New title of en-US is too long.');
     if (isset($_POST['nod_title_en_us'])) {
         $rt['nod_title_en_us_value'] = fetch_single($_POST['nod_title_en_us']);
         if ($rt['nod_title_en_us_value'] != '') {
             if (strlen($rt['nod_title_en_us_value']) > $rt['nod_title_maxlength']) {
                 $rt['errors']++;
                 $rt['nod_title_en_us_error'] = 2;
             }
         }
     }
     /* Check: nod_title_de_de */
     $rt['nod_title_de_de_value'] = '';
     $rt['nod_title_de_de_error'] = 0;
     $rt['nod_title_de_de_error_msg'] = array(2 => 'New title of de-DE is too long.');
     if (isset($_POST['nod_title_de_de'])) {
         $rt['nod_title_de_de_value'] = fetch_single($_POST['nod_title_de_de']);
         if ($rt['nod_title_de_de_value'] != '') {
             if (strlen($rt['nod_title_de_de_value']) > $rt['nod_title_maxlength']) {
                 $rt['errors']++;
                 $rt['nod_title_de_de_error'] = 2;
             }
         }
     }
     /* Check: nod_title_zh_cn */
     $rt['nod_title_zh_cn_value'] = '';
     $rt['nod_title_zh_cn_error'] = 0;
     $rt['nod_title_zh_cn_error_msg'] = array(2 => 'New title of zh-CN is too long.');
     if (isset($_POST['nod_title_zh_cn'])) {
         $rt['nod_title_zh_cn_value'] = fetch_single($_POST['nod_title_zh_cn']);
         if ($rt['nod_title_zh_cn_value'] != '') {
             if (strlen($rt['nod_title_zh_cn_value']) > $rt['nod_title_maxlength']) {
                 $rt['errors']++;
                 $rt['nod_title_zh_cn_error'] = 2;
             }
         }
     }
     /* Check: nod_description */
     $rt['nod_description_value'] = '';
     $rt['nod_description_maxlength'] = 1000;
     $rt['nod_description_error'] = 0;
     $rt['nod_description_error_msg'] = array(2 => 'New description is too long.');
     if (isset($_POST['nod_description'])) {
         $rt['nod_description_value'] = fetch_multi($_POST['nod_description']);
         if ($rt['nod_description_value'] != '') {
             if (mb_strlen($rt['nod_description_value'], 'UTF-8') > $rt['nod_description_maxlength']) {
                 $rt['errors']++;
                 $rt['nod_description_error'] = 2;
             }
         }
     }
     /* Check: nod_header */
     $rt['nod_header_value'] = '';
     $rt['nod_header_maxlength'] = 1000;
     $rt['nod_header_error'] = 0;
     $rt['nod_header_error_msg'] = array(2 => 'New header is too long.');
     if (isset($_POST['nod_header'])) {
         $rt['nod_header_value'] = fetch_multi($_POST['nod_header']);
         if ($rt['nod_header_value'] != '') {
             if (mb_strlen($rt['nod_header_value'], 'UTF-8') > $rt['nod_header_maxlength']) {
                 $rt['errors']++;
                 $rt['nod_header_error'] = 2;
             }
         }
     }
     /* Check: nod_footer */
     $rt['nod_footer_value'] = '';
     $rt['nod_footer_maxlength'] = 1000;
     $rt['nod_footer_error'] = 0;
     $rt['nod_footer_error_msg'] = array(2 => 'New footer is too long.');
     if (isset($_POST['nod_footer'])) {
         $rt['nod_footer_value'] = fetch_multi($_POST['nod_footer']);
         if ($rt['nod_footer_value'] != '') {
             if (mb_strlen($rt['nod_footer_value'], 'UTF-8') > $rt['nod_footer_maxlength']) {
                 $rt['errors']++;
                 $rt['nod_footer_error'] = 2;
             }
         }
     }
     return $rt;
 }