public function api_add($uploadedfile)
{
$uploadfield = array();
$uploadfield = $uploadedfile;
unset($uploadfield['fn']);
$uploadfield = String::addslashes($uploadfield);
$this->insert($uploadfield);
$aid = $this->insert_id();
$uploadedfile['aid'] = $aid;
return $aid;
}
href="?app=admin&controller=linkage&action=public_manage_submenu&keyid=<?php
echo $info['linkageid'];
?>
&menuid=<?php
echo isset($_GET['menuid']) ? $_GET['menuid'] : '';
?>
"><?php
echo L('linkage_manage_submenu');
?>
</a>
| <a href="javascript:void(0);"
onclick="edit('<?php
echo $info['linkageid'];
?>
','<?php
echo String::addslashes($info['name']);
?>
')"><?php
echo L('edit');
?>
</a>
| <a
href="<?php
echo art_confirm(L('linkage_is_del'), '?app=admin&controller=linkage&action=delete&linkageid=' . $info['linkageid']);
?>
"><?php
echo L('delete');
?>
</a>
| <a
href="?app=admin&controller=linkage&action=public_cache&linkageid=<?php
/**
* 上传无记录的临时文件
*
* @param unknown_type $field
*/
public function upload_tmp($field)
{
$tmpPath = $this->upload_root . "tmp/";
if (!isset($_FILES[$field])) {
// 判断附件上传字段是否为空
$this->error = UPLOAD_ERR_OK;
return false;
}
// 判断限制的类型
$this->alowexts = C('attachment', 'allowext');
$this->savepath = $tmpPath;
$this->maxsize = C('attachment', 'maxsize') * 1024;
$this->uploads = 1;
if (!Folder::mk($this->savepath) && !is_dir($this->savepath)) {
$this->error = '8';
return false;
}
@chmod($this->savepath, 0755);
if (!is_writeable($this->savepath)) {
$this->error = '9';
return false;
}
$file = $_FILES[$field];
if (is_array($file['error'])) {
$this->error = '5';
return false;
} else {
$this->uploads = 1;
}
$fileext = File::get_suffix($file['name']);
if ($file['error'] != 0) {
$this->error = $file['error'];
return false;
}
if (!preg_match("/^(" . $this->alowexts . ")\$/", $fileext)) {
$this->error = '10';
return false;
}
if ($this->maxsize && $file['size'] > $this->maxsize) {
$this->error = '11';
return false;
}
if (!$this->isuploadedfile($file['tmp_name'])) {
$this->error = '12';
return false;
}
$filename = $this->getname("png");
$savefile = $this->savepath . $filename;
$filepath = preg_replace(String::addslashes("|^" . $this->upload_root . "|"), "", $savefile);
$upload_func = $this->upload_func;
if (@$upload_func($file['tmp_name'], $savefile)) {
@chmod($savefile, 0755);
@unlink($file['tmp_name']);
return $filepath;
} else {
return false;
}
}
?>
</td>
<td align="center"><a href="javascript:edit('<?php
echo $r['typeid'];
?>
','<?php
echo trim(String::addslashes($r['name']));
?>
')"><?php
echo L('edit');
?>
</a> | <a href="javascript:;" onclick="data_delete(this,'<?php
echo $r['typeid'];
?>
','<?php
echo trim(String::addslashes($r['name']));
?>
')"><?php
echo L('delete');
?>
</a> </td>
</tr>
<?php
}
?>
</tbody>
</table>
<div class="btn"><input type="submit" class="btn btn-primary btn-sm"name="dosubmit" value="<?php
echo L('listorder');
?>
</td>
<td align="center" width="12%"><a href="###" onclick="edit(<?php
echo $info['linkid'];
?>
, '<?php
echo String::addslashes($info['name']);
?>
')" title="<?php
echo L('edit');
?>
"><?php
echo L('edit');
?>
</a> |
<a href="<?php
echo art_confirm(L('confirm', array('message' => String::addslashes($info['name']))), '?app=link&controller=link&action=delete&linkid=' . $info['linkid']);
?>
"><?php
echo L('delete');
?>
</a>
</td>
</tr>
<?php
}
}
?>
</tbody>
</table>
</div>
<div class="btn">
/**
* 导入的数据添加到数据表
*
* @param intval $modelid 模型ID
* @param intval $specialid 信息的所属专题ID
* @param intval $id 信息的ID
* @param intval $typeid 信息的分类ID
* @param intval $listorder 信息的排序
*/
public function _import($modelid, $specialid, $id, $typeid, $listorder = 0)
{
if (!$specialid || !$id || !$typeid) {
return false;
}
$c = Loader::model('content_model');
$c->set_model($modelid);
$info = $c->where(array('id' => $id, 'status' => 99))->field('id, catid, title, thumb, url, description, username, inputtime, updatetime')->find();
if ($info) {
$info['curl'] = $info['id'] . '|' . $info['catid'];
unset($info['id'], $info['catid']);
if (!$this->c_db->get_one(array('title' => addslashes($info['title']), 'specialid' => $specialid, 'typeid' => $typeid))) {
$info['specialid'] = $specialid;
$info['typeid'] = $typeid;
$info['islink'] = 1;
$info['listorder'] = $listorder;
$info = String::addslashes($info);
return $this->c_db->insert($info, true);
}
}
return false;
}
/**
* 添加评论
*
* @param string $commentid 评论ID
* @param array $data
* 内容数组应该包括array('userid'=>用户ID,'username'=>用户名,'content'=>内容)
* @param string $id 回复评论的内容
* @param string $title 文章标题
* @param string $url 文章URL地址
*/
public function add($commentid, $data, $id = '', $title = '', $url = '')
{
// 开始查询评论这条评论是否存在。
$title = String::addslashes($title);
if (!($comment = $this->comment_db->where(array('commentid' => $commentid))->field('tableid, commentid')->find())) {
// 评论不存在
// 取得当前可以使用的内容数据表
$r = $this->comment_table_db->field('tableid, total')->order('tableid desc')->find();
$tableid = $r['tableid'];
if ($r['total'] >= 1000000) {
// 当上一张数据表存的数据已经达到1000000时,创建新的数据存储表,存储数据。
if (!($tableid = $this->comment_table_db->creat_table())) {
$this->msg_code = 4;
return false;
}
}
// 新建评论到评论总表中。
$comment_data = array('commentid' => $commentid, 'tableid' => $tableid);
if (!empty($title)) {
$comment_data['title'] = $title;
}
if (!empty($url)) {
$comment_data['url'] = $url;
}
if (!$this->comment_db->insert($comment_data)) {
$this->msg_code = 5;
return false;
}
} else {
// 评论存在时
$tableid = $comment['tableid'];
}
if (empty($tableid)) {
$this->msg_code = 1;
return false;
}
// 为数据存储数据模型设置 数据表名。
$this->comment_data_db->table_name($tableid);
// 检查数据存储表。
if (!$this->comment_data_db->table_exists('comment_data_' . $tableid)) {
// 当存储数据表不存时,尝试创建数据表。
if (!($tableid = $this->comment_table_db->creat_table($tableid))) {
$this->msg_code = 2;
return false;
}
}
// 向数据存储表中写入数据。
$data['commentid'] = $commentid;
$data['ip'] = IP;
$data['status'] = 1;
$data['creat_at'] = TIME;
// 对评论的内容进行关键词过滤。
$data['content'] = strip_tags($data['content']);
$badword = Loader::model('badword_model');
$data['content'] = $badword->replace_badword($data['content']);
if ($id) {
$r = $this->comment_data_db->getby_id($id);
if ($r) {
if ($r['reply']) {
$data['content'] = '<div class="content">' . str_replace('<span></span>', '<span class="blue f12">' . $r['username'] . ' ' . L('chez') . ' ' . Format::date($r['creat_at'], 1) . L('release') . '</span>', $r['content']) . '</div><span></span>' . $data['content'];
} else {
$data['content'] = '<div class="content"><span class="blue f12">' . $r['username'] . ' ' . L('chez') . ' ' . Format::date($r['creat_at'], 1) . L('release') . '</span><pre>' . $r['content'] . '</pre></div><span></span>' . $data['content'];
}
$data['reply'] = 1;
}
}
// 判断站点是否需要审核
$site = S('common/comment');
if ($site['check']) {
$data['status'] = 0;
}
if ($comment_data_id = $this->comment_data_db->insert($data, true)) {
// 需要审核,插入到审核表
if ($data['status'] == 0) {
$this->comment_check_db->insert(array('comment_data_id' => $comment_data_id, 'tableid' => $tableid));
} elseif (!empty($data['userid']) && !empty($site['add_point']) && app_exists('pay')) {
// 不需要审核直接给用户添加积分
Loader::lib('pay:receipts', false);
receipts::point($site['add_point'], $data['userid'], $data['username'], '', 'selfincome', 'Comment');
}
// 开始更新数据存储表数据总条数
$this->comment_table_db->edit_total($tableid, '+=1');
// 开始更新评论总表数据总数
$sql['lastupdate'] = TIME;
// 只有在评论通过的时候才更新评论主表的评论数
if ($data['status'] == 1) {
$sql['total'] = '+=1';
}
$this->comment_db->where(array('commentid' => $commentid))->update($sql);
if ($site['check']) {
$this->msg_code = 7;
} else {
$this->msg_code = 0;
}
return true;
} else {
$this->msg_code = 3;
return false;
}
}
<td align="center"><a
href="javascript:edit('<?php
echo $r['id'];
?>
','<?php
echo String::addslashes($r['sitename']);
?>
')"><?php
echo L('edit');
?>
</a> | <a href="javascript:;"
onclick="data_delete(this,'<?php
echo $r['id'];
?>
','<?php
echo L('confirm', array('message' => String::addslashes($r['sitename'])));
?>
')"><?php
echo L('delete');
?>
</a></td>
</tr>
<?php
}
?>
</tbody>
</table>
<div class="btn">
<input type="submit" class="btn btn-primary btn-sm"name="dosubmit"
value="<?php
echo L('listorder');
/**
* 历史记录还原
*/
public function history_restore()
{
$id = isset($_GET['id']) && intval($_GET['id']) ? intval($_GET['id']) : showmessage(L('illegal_operation'), HTTP_REFERER);
if (!($data = $this->history_db->getby_id($id))) {
showmessage(L('nofound'), HTTP_REFERER);
}
$data['data'] = string2array($data['data']);
$this->db->where(array('id' => $data['blockid']))->update(array('data' => String::addslashes($data['data']['data']), 'template' => String::addslashes($data['data']['template'])));
if ($data['data']['type'] == 2) {
$block = Loader::lib('block:block_tag');
$block->template_url($data['blockid'], $data['data']['template']);
}
showmessage(L('operation_success'), HTTP_REFERER);
}
')"
title="<?php
echo L('edit');
?>
"><?php
echo L('edit');
?>
</a> | <a href="javascript:call(<?php
echo String::addslashes($info['subjectid']);
?>
);void(0);"><?php
echo L('call_js_code');
?>
</a> | <a
href='?app=vote&controller=vote&action=delete&subjectid=<?php
echo String::addslashes($info['subjectid']);
?>
'
onClick="return confirm('<?php
echo L('vote_confirm_del');
?>
')"><?php
echo L('delete');
?>
</a>
</td>
</tr>
<?php
}
}
?>
/**
* 管理联动菜单子菜单
*/
public function public_manage_submenu()
{
$keyid = isset($_GET['keyid']) && trim($_GET['keyid']) ? trim($_GET['keyid']) : showmessage(L('linkage_parameter_error'));
$tree = Loader::lib('Tree');
$tree->icon = array(' │ ', ' ├─ ', ' └─ ');
$tree->nbsp = ' ';
$sum = $this->db->where(array('keyid' => $keyid))->count();
$sql_parentid = isset($_GET['parentid']) ? trim($_GET['parentid']) : 0;
$where = $sum > 40 ? array('keyid' => $keyid, 'parentid' => $sql_parentid) : array('keyid' => $keyid);
$result = $this->db->where($where)->order('listorder ,linkageid')->select();
$areas = array();
foreach ($result as $areaid => $area) {
$areas[$area['linkageid']] = array('id' => $area['linkageid'], 'parentid' => $area['parentid'], 'name' => $area['name'], 'listorder' => $area['listorder'], 'style' => $area['style'], 'keyid' => $keyid, 'description' => $area['description']);
$areas[$area['linkageid']]['str_manage'] = $sum > 40 && $this->_is_last_node($area['keyid'], $area['linkageid']) ? '<a href="?app=admin&controller=linkage&action=public_manage_submenu&keyid=' . $area['keyid'] . '&parentid=' . $area['linkageid'] . '">' . L('linkage_manage_submenu') . '</a> | ' : '';
$areas[$area['linkageid']]['str_manage'] .= '<a href="javascript:void(0);" onclick="add(\'' . $keyid . '\',\'' . String::addslashes($area['name']) . '\',\'' . $area['linkageid'] . '\')">' . L('linkage_add_submenu') . '</a> | <a href="javascript:void(0);" onclick="edit(\'' . $area['linkageid'] . '\',\'' . $area['name'] . '\',\'' . $area['parentid'] . '\')">' . L('edit') . '</a> | <a href="' . art_confirm(L('linkage_is_del'), '?app=admin&controller=linkage&action=delete&linkageid=' . $area['linkageid'] . '&keyid=' . $area['keyid']) . '">' . L('delete') . '</a> ';
}
$str = "<tr>\n <td align='center' width='80'><input name='listorders[\$id]' type='text' size='3' value='\$listorder' class='input-text-c'></td>\n <td align='center' width='100'>\$id</td>\n <td>\$spacer\$name</td>\n <td >\$description</td>\n <td align='center'>\$str_manage</td>\n </tr>";
$tree->init($areas);
$submenu = $tree->get_tree($sql_parentid, $str);
$big_menu = big_menu('?app=admin&controller=linkage&action=public_sub_add&keyid=' . $keyid, 'add', L('linkage_add'), 500, 430);
include $this->view('linkage_submenu');
}
/**
* 转换数据为HTML代码
*
* @param array $data
* 数组
*/
private static function arr_to_html($data)
{
if (is_array($data)) {
$str = 'array(';
foreach ($data as $key => $val) {
if (is_array($val)) {
$str .= "'{$key}'=>" . self::arr_to_html($val) . ",";
} else {
if (strpos($val, '$') === 0) {
$str .= "'{$key}'=>{$val},";
} else {
$str .= "'{$key}'=>'" . String::addslashes($val) . "',";
}
}
}
return $str . ')';
}
return false;
}
</td>
<td align="center"><textarea ondblclick="copy_text(this)" style="width: 400px;height:30px" /><?php
echo htmlspecialchars($v['tag']);
?>
</textarea></td>
<td align="center"><a href="javascript:edit(<?php
echo $v['id'];
?>
, '<?php
echo htmlspecialchars(String::addslashes($v['name']));
?>
')"><?php
echo L('edit');
?>
</a> | <a href="<?php
echo art_confirm(htmlspecialchars(String::addslashes(L('confirm', array('message' => $v['name'])))), '?app=tag&controller=tag&action=del&id=' . $v['id']);
?>
" ><?php
echo L('delete');
?>
</a></td>
</tr>
<?php
}
}
?>
</tbody>
</table>
<div class="btn">
<label for="check_box"><?php
echo L('select_all');
/**
* 导入模型
*/
public function import()
{
if (isset($_POST['dosubmit'])) {
$info = array();
$info['name'] = $_POST['info']['modelname'];
// 主表表名
$basic_table = $info['tablename'] = $_POST['info']['tablename'];
// 从表表名
$table_data = $basic_table . '_data';
$info['description'] = $_POST['info']['description'];
$info['type'] = 0;
$info['default_style'] = $_POST['default_style'];
$info['category_template'] = $_POST['setting']['category_template'];
$info['list_template'] = $_POST['setting']['list_template'];
$info['show_template'] = $_POST['setting']['show_template'];
if (!empty($_FILES['model_import']['tmp_name'])) {
$model_import = @file_get_contents($_FILES['model_import']['tmp_name']);
if (!empty($model_import)) {
$model_import_data = string2array($model_import);
}
}
$is_exists = $this->db->table_exists($basic_table);
if ($is_exists) {
showmessage(L('operation_failure'), U('content/model/init'));
}
$modelid = $this->db->add($info, 1);
if ($modelid) {
$tablepre = $this->db->get_prefix();
// 建立数据表
$model_sql = file_get_contents(MODEL_PATH . 'model.sql');
$model_sql = str_replace('$basic_table', $tablepre . $basic_table, $model_sql);
$model_sql = str_replace('$table_data', $tablepre . $table_data, $model_sql);
$model_sql = str_replace('$table_model_field', $tablepre . 'model_field', $model_sql);
$model_sql = str_replace('$modelid', $modelid, $model_sql);
$this->db->sql_execute($model_sql);
if (!empty($model_import_data)) {
$this->model_field_db = Loader::model('model_field_model');
$system_field = array('title', 'style', 'catid', 'url', 'listorder', 'status', 'userid', 'username', 'inputtime', 'updatetime', 'pages', 'readpoint', 'template', 'groupids_view', 'posids', 'content', 'keywords', 'description', 'thumb', 'typeid', 'relation', 'islink', 'allow_comment');
foreach ($model_import_data as $v) {
$field = $v['field'];
if (in_array($field, $system_field)) {
unset($v['fieldid'], $v['modelid'], $v['field']);
$v = String::addslashes($v);
$v['setting'] = serialize($v['setting']);
$this->model_field_db->where(array('modelid' => $modelid, 'field' => $field))->update($v);
} else {
$tablename = $v['issystem'] ? $tablepre . $basic_table : $tablepre . $table_data;
// 重组模型表字段属性
$minlength = $v['minlength'] ? $v['minlength'] : 0;
$maxlength = $v['maxlength'] ? $v['maxlength'] : 0;
$field_type = $v['formtype'];
require MODEL_PATH . $field_type . DIRECTORY_SEPARATOR . 'config.inc.php';
if (isset($v['setting']['fieldtype'])) {
$field_type = $v['setting']['fieldtype'];
}
require MODEL_PATH . 'add.sql.php';
$v['tips'] = addslashes($v['tips']);
$v['setting'] = serialize($v['setting']);
$v['modelid'] = $modelid;
unset($v['fieldid']);
$this->model_field_db->insert($v);
}
}
}
$this->public_cache();
showmessage(L('operation_success'), U('content/model/init'));
}
} else {
$show_validator = '';
$style_list = template_list(0);
foreach ($style_list as $k => $v) {
$style_list[$v['dirname']] = $v['name'] ? $v['name'] : $v['dirname'];
unset($style_list[$k]);
}
$big_menu = big_menu(U('content/model/add'), 'add', L('add_model'), 580, 400);
include $this->view('model_import');
}
}
echo $applications[$info['application']]['name'];
?>
</td>
<td width="8%" align="center"><?php
echo $category[$info['catid']]['catname'];
?>
</td>
<td width="20%"><img
src="<?php
echo file_icon($info['filename'], 'gif');
?>
" /> <?php
echo $info['filename'];
?>
<?php
echo $thumb ? '<img title="' . L('att_thumb_manage') . '" src="statics/images/admin_img/havthumb.png" onclick="showthumb(' . $info['aid'] . ', \'' . String::addslashes($info['filename']) . '\')"/>' : '';
?>
<?php
echo $info['status'] ? '<img src="statics/images/admin_img/link.png"' : '';
?>
</td>
<td width="10%" align="center"><?php
echo $this->attachment->size($info['filesize']);
?>
</td>
<td width="12%" align="center"><?php
echo date('Y-m-d H:i:s', $info['uploadtime']);
?>
</td>
<td align="center"><a
href="javascript:preview(<?php
</td>
<td align="center" width="10%"><?php
echo $info['send_to_id'];
?>
</td>
<td align="center" width="15%"><?php
echo date("Y-m-d H:i:s", $info['message_time']);
?>
</td>
<td align="center" width="15%"> <a
href='?app=message&controller=message&action=delete&messageid=<?php
echo $info['messageid'];
?>
'
onClick="return confirm('<?php
echo L('confirm', array('message' => String::addslashes($info['subject'])));
?>
')"><?php
echo L('delete');
?>
</a>
</td>
</tr>
<?php
}
}
?>
</tbody>
</table>
<div class="btn"><a href="#"
onClick="javascript:$('input[type=checkbox]').attr('checked', true)"><?php
?>
"></td>
<td width="30%" align="left"><?php
echo $info['word'];
?>
</td>
<td align="center"><?php
echo $info['url'];
?>
</td>
<td align="center"><a
href="javascript:edit(<?php
echo $info['keylinkid'];
?>
, '<?php
echo String::addslashes($info['word']);
?>
')"><?php
echo L('edit');
?>
</a> | <a
href="<?php
echo art_confirm(L('keylink_confirm_del'), '?app=admin&controller=keylink&action=delete&keylinkid=' . $info['keylinkid']);
?>
"><?php
echo L('delete');
?>
</a></td>
</tr>
<?php
}
/**
* 生成模板临时文件 @param $filepath 文件地址 @param $style 风格 @param $dir 目录名
*/
function creat_template_bak($filepath, $style, $dir)
{
$filename = basename($filepath);
Loader::model('template_bak_model')->insert(array('creat_at' => TIME, 'fileid' => $style . "_" . $dir . "_" . $filename, 'userid' => cookie('userid'), 'username' => cookie('admin_username'), 'template' => String::addslashes(file_get_contents($filepath))));
}
/**
* 复制采集
*/
public function copy()
{
$nodeid = isset($_GET['nodeid']) ? intval($_GET['nodeid']) : showmessage(L('illegal_parameters'), HTTP_REFERER);
if ($data = $this->db->getby_nodeid($nodeid)) {
if (isset($_POST['dosubmit'])) {
unset($data['nodeid']);
$name = isset($_POST['name']) && trim($_POST['name']) ? trim($_POST['name']) : showmessage(L('illegal_parameters'), HTTP_REFERER);
if ($this->db->where(array('name' => $name))->field('nodeid')->find()) {
showmessage(L('nodename') . L('exists'), HTTP_REFERER);
}
$data['name'] = $name;
$data = String::addslashes($data);
if ($this->db->insert($data)) {
showmessage(L('operation_success'), '', '', 'test');
} else {
showmessage(L('operation_failure'));
}
} else {
$show_validator = $show_header = true;
include $this->view('node_copy');
}
} else {
showmessage(L('notfound'));
}
}
?>
" size="30" /></td>
<td align="center"><a href="javascript:edit(<?php
echo $v['id'];
?>
, '<?php
echo htmlspecialchars(String::addslashes($v['name']));
?>
')"><?php
echo L('edit');
?>
</a> | <a href="?app=dbsource&controller=data&action=del&id=<?php
echo $v['id'];
?>
" onclick="return confirm('<?php
echo htmlspecialchars(String::addslashes(L('confirm', array('message' => $v['name']))));
?>
')"><?php
echo L('delete');
?>
</a></td>
</tr>
<?php
}
}
?>
</tbody>
</table>
<div class="btn">
<label for="check_box"><?php
echo L('select_all');
