function DoPostInfoTypeVar($add){
if(empty($add['ttype']))
{
$add['ttype']='.html';
}
$add['tname']=eaddslashes(ehtmlspecialchars($add['tname']));
$add['mid']=(int)$add['mid'];
$add['myorder']=(int)$add['myorder'];
$add['yhid']=(int)$add['yhid'];
$add['tnum']=(int)$add['tnum'];
$add['listtempid']=(int)$add['listtempid'];
$add['maxnum']=(int)$add['maxnum'];
$add['reorder']=RepPostVar2($add['reorder']);
$add['intro']=eaddslashes(RepPhpAspJspcode($add['intro']));
$add['pagekey']=eaddslashes(RepPhpAspJspcode($add['pagekey']));
$add['newline']=(int)$add['newline'];
$add['hotline']=(int)$add['hotline'];
$add['goodline']=(int)$add['goodline'];
$add['hotplline']=(int)$add['hotplline'];
$add['firstline']=(int)$add['firstline'];
$add['jstempid']=(int)$add['jstempid'];
$add['nrejs']=(int)$add['nrejs'];
$add['listdt']=(int)$add['listdt'];
$add['repagenum']=(int)$add['repagenum'];
//目录
$add['tpath']=trim($add['tpath']);
$add['tpath']=$add['pripath'].$add['tpath'];
$add['tpath']=eaddslashes($add['tpath']);
return $add;
}
function UserSearchDoKeyboard($f, $hh, $keyboard)
{
$keyboard = RepPostVar2($keyboard);
if (empty($keyboard)) {
return '';
}
if ($hh == 'EQ') {
$where = $f . "='" . $keyboard . "'";
} else {
$where = $f . " LIKE '%" . $keyboard . "%'";
}
return $where;
}
function DoPostZtTypeVar($add)
{
if (empty($add['ttype'])) {
$add['ttype'] = '.html';
}
$add['cname'] = eaddslashes(ehtmlspecialchars($add['cname']));
$add['myorder'] = (int) $add['myorder'];
$add['islist'] = (int) $add['islist'];
$add['listtempid'] = (int) $add['listtempid'];
$add['maxnum'] = (int) $add['maxnum'];
$add['tnum'] = (int) $add['tnum'];
$add['reorder'] = RepPostVar2($add['reorder']);
$add['classtext'] = RepPhpAspJspcode($add['classtext']);
return $add;
}
}
include "../../class/user.php";
include "../" . LoadLang("pub/fun.php");
$page = (int) $_GET['page'];
$start = 0;
$line = 25;
//每页显示条数
$page_line = 12;
//每页显示链接数
$offset = $page * $line;
//总偏移量
//搜索
$search = '';
$and = '';
if ($_GET['sear']) {
$keyboard = RepPostVar2($_GET['keyboard']);
if ($keyboard) {
$show = $_GET['show'];
if ($show == 1) {
$and .= " where title like '%{$keyboard}%'";
} elseif ($show == 2) {
$and .= " where ftext like '%{$keyboard}%'";
} elseif ($show == 3) {
$and .= " where userid='{$keyboard}'";
} elseif ($show == 4) {
$and .= " where ip like '%{$keyboard}%'";
}
$search .= "&sear=1&keyboard={$keyboard}&show={$show}";
}
}
$query = "select fid,title,uid,uname,addtime,userid from {$dbtbpre}enewsmemberfeedback" . $and;
//搜索
$sear = $_POST['sear'];
if (empty($sear)) {
$sear = $_GET['sear'];
}
$sear = RepPostStr($sear, 1);
if ($sear) {
$groupid = $_POST['groupid'];
if (empty($groupid)) {
$groupid = $_GET['groupid'];
}
$keyboard = $_POST['keyboard'];
if (empty($keyboard)) {
$keyboard = $_GET['keyboard'];
}
$keyboard = RepPostVar2($keyboard);
$show = (int) $_GET['show'];
if ($keyboard) {
if ($show == 2) {
$add = " where " . egetmf('email') . " like '%{$keyboard}%'";
} else {
$add = " where " . egetmf('username') . " like '%{$keyboard}%'";
}
}
$groupid = (int) $groupid;
if ($groupid) {
if (empty($keyboard)) {
$add .= " where " . egetmf('groupid') . "='{$groupid}'";
} else {
$add .= " and " . egetmf('groupid') . "='{$groupid}'";
}
function ReturnSearchAllSql($add)
{
global $public_r, $class_r;
//关闭
if (empty($public_r['openschall'])) {
printerror("SchallClose", '', 1);
}
//关键字
$keyboard = RepPostVar2($add['keyboard']);
if (!trim($keyboard)) {
printerror('EmptySchallKeyboard', '', 1);
}
$strlen = strlen($keyboard);
if ($strlen < $public_r['schallminlen'] || $strlen > $public_r['schallmaxlen']) {
printerror('SchallMinKeyboard', '', 1);
}
$returnr['keyboard'] = ehtmlspecialchars($keyboard);
$returnr['search'] = "&keyboard=" . $keyboard;
//字段
$field = (int) $add['field'];
if ($field) {
$returnr['search'] .= "&field=" . $field;
}
if ($field == 1) {
if ($public_r['schallfield'] != 1) {
printerror('SchallNotOpenTitleText', '', 1);
}
$sf = "title,infotext";
} elseif ($field == 2) {
if ($public_r['schallfield'] == 3) {
printerror('SchallNotOpenTitle', '', 1);
}
$sf = "title";
} elseif ($field == 3) {
if ($public_r['schallfield'] == 2) {
printerror('SchallNotOpenText', '', 1);
}
$sf = "infotext";
} else {
$sf = ReturnSearchAllField(0);
}
$where = '';
//栏目
$classid = RepPostVar($add['classid']);
if ($classid) {
$returnr['search'] .= "&classid=" . $classid;
if (strstr($classid, ",")) {
$son_r = sys_ReturnMoreClass($classid, 1);
$where .= '(' . $son_r[1] . ') and ';
} else {
$classid = (int) $classid;
$where .= $class_r[$classid][islast] ? "classid='{$classid}' and " : ReturnClass($class_r[$classid][sonclass]) . ' and ';
}
}
//关键字
if (strstr($keyboard, ' ')) {
$andkey = '';
$keyr = explode(' ', $keyboard);
$kcount = count($keyr);
for ($i = 0; $i < $kcount; $i++) {
if (strlen($keyr[$i]) < $public_r['schallminlen']) {
continue;
}
$kb = SearchAllChangeChar($keyr[$i]);
//转码
$kb = SearchReturnSaveStr($kb);
$kb = RepPostVar2($kb);
if (!trim($kb)) {
continue;
}
$where .= $andkey . "MATCH(" . $sf . ") AGAINST('" . $kb . "' IN BOOLEAN MODE)";
$andkey = ' and ';
}
if (empty($where)) {
printerror('SchallMinKeyboard', '', 1);
}
} else {
$keyboard = SearchAllChangeChar($keyboard);
//转码
$keyboard = SearchReturnSaveStr($keyboard);
$keyboard = RepPostVar2($keyboard);
if (!trim($keyboard)) {
printerror('EmptySchallKeyboard', '', 1);
}
$where .= "MATCH(" . $sf . ") AGAINST('" . $keyboard . "' IN BOOLEAN MODE)";
}
$returnr['where'] = $where;
return $returnr;
}
function SearchDoKeyboardVar($keyboard)
{
$keyboard = RepPostVar2(trim($keyboard));
$keyboard = str_replace(' ', '', $keyboard);
return $keyboard;
}
function DoPostClassVar($add)
{
if (empty($add[classtype])) {
$add[classtype] = ".html";
}
$add[classname] = addslashes(htmlspecialchars($add[classname]));
$add[intro] = addslashes(RepPhpAspJspcode($add[intro]));
$add[classpagekey] = addslashes(RepPhpAspJspcode($add[classpagekey]));
//过滤字符
$add[listorder] = RepPostVar2($add[listorder]);
$add[reorder] = RepPostVar2($add[reorder]);
//处理变量
$add[jstempid] = (int) $add['jstempid'];
$add[bclassid] = (int) $add[bclassid];
$add[link_num] = (int) $add[link_num];
$add[newstempid] = (int) $add[newstempid];
$add[islast] = (int) $add[islast];
$add[filename] = (int) $add[filename];
$add[openpl] = (int) $add[openpl];
$add[openadd] = (int) $add[openadd];
$add[newline] = (int) $add[newline];
$add[hotline] = (int) $add[hotline];
$add[goodline] = (int) $add[goodline];
$add[groupid] = (int) $add[groupid];
$add[hotplline] = (int) $add[hotplline];
$add[modid] = (int) $add[modid];
$add[checked] = (int) $add[checked];
$add[firstline] = (int) $add[firstline];
$add[islist] = (int) $add[islist];
$add[searchtempid] = (int) $add[searchtempid];
$add[checkpl] = (int) $add[checkpl];
$add[down_num] = (int) $add[down_num];
if (empty($add[down_num])) {
$add[down_num] = 1;
}
$add[online_num] = (int) $add[online_num];
if (empty($add[online_num])) {
$add[online_num] = 1;
}
$add[addinfofen] = (int) $add[addinfofen];
$add[listdt] = (int) $add[listdt];
$add[showdt] = (int) $add[showdt];
$add[maxnum] = (int) $add[maxnum];
$add[showclass] = (int) $add[showclass];
$add[checkqadd] = (int) $add[checkqadd];
$add[qaddlist] = (int) $add[qaddlist];
$add[qaddgroupid] = DoPostClassQAddGroupid($add[qaddgroupidck]);
$add[qaddshowkey] = (int) $add[qaddshowkey];
$add[adminqinfo] = (int) $add[adminqinfo];
$add[doctime] = (int) $add[doctime];
$add[nreclass] = (int) $add[nreclass];
$add[nreinfo] = (int) $add[nreinfo];
$add[nrejs] = (int) $add[nrejs];
$add[nottobq] = (int) $add[nottobq];
$add[lencord] = (int) $add[lencord];
$add[listtempid] = (int) $add[listtempid];
$add[dtlisttempid] = (int) $add[dtlisttempid];
$add[classtempid] = (int) $add[classtempid];
if (empty($add[bname])) {
$add[bname] = $add[classname];
}
$add[myorder] = (int) $add[myorder];
if ($add[infopath] == 0) {
$add[ipath] = '';
}
$add[addreinfo] = (int) $add[addreinfo];
$add[haddlist] = (int) $add[haddlist];
$add[sametitle] = (int) $add[sametitle];
$add[definfovoteid] = (int) $add[definfovoteid];
$add[qeditchecked] = (int) $add[qeditchecked];
$add[wapstyleid] = (int) $add[wapstyleid];
$add[repreinfo] = (int) $add[repreinfo];
$add[pltempid] = (int) $add[pltempid];
$add[classtext] = RepPhpAspJspcode($add[classtext]);
$add[yhid] = (int) $add[yhid];
$add[wfid] = (int) $add[wfid];
if ($add['islist'] == 3) {
$add['bdinfoid'] = RepPostVar($add['bdinfoid']);
} else {
$add['bdinfoid'] = '';
}
//设置访问权限
$add[cgroupid] = DoPostClassQAddGroupid($add[cgroupidck]);
$add[cgtoinfo] = (int) $add[cgtoinfo];
if ($add[cgroupid]) {
$add[classtype] = '.php';
if ($add[cgtoinfo]) {
$add[filetype] = '.php';
}
} else {
$add[cgtoinfo] = 0;
}
return $add;
}
require "../../data/dbcache/class.php";
$link = db_connect();
$empire = new mysqlquery();
$editor = 1;
//验证用户
$lur = is_login();
$logininid = $lur['userid'];
$loginin = $lur['username'];
$loginrnd = $lur['rnd'];
$loginlevel = $lur['groupid'];
$loginadminstyleid = $lur['adminstyleid'];
//ehash
$ecms_hashur = hReturnEcmsHashStrAll();
$enews = ehtmlspecialchars($_POST['enews']);
$changeinfoid = RepPostVar($_POST['changeinfoid']);
$keyboard = RepPostVar2($_POST['keyboard']);
$show = (int) $_POST['show'];
$sear = (int) $_POST['sear'];
$tbname = RepPostVar($_POST['tbname']);
$classid = (int) $_POST['classid'];
if (!$tbname || !trim($keyboard)) {
exit;
}
//表名
$tbr = $empire->fetch1("select tbname from {$dbtbpre}enewstable where tbname='{$tbname}' limit 1");
if (!$tbr['tbname']) {
exit;
}
$changeinfonum = 0;
if ($changeinfoid) {
$changeinfonumr = explode(',', $changeinfoid);
}
$search .= '&line=' . $line . '&tempid=' . $tempid;
if (empty($mid)) {
$mid = $tempr['modid'];
}
//结合项
if (!empty($emod_r[$mid]['listandf']) && $_GET['ph'] == 1) {
$andor = $_GET['andor'] == 'or' ? 'or' : 'and';
$search .= '&ph=1&andor=' . $andor;
$listandf = '';
$andr = explode(',', $emod_r[$mid]['listandf']);
$count = count($andr) - 1;
for ($i = 1; $i < $count; $i++) {
$andval = $_GET[$andr[$i]];
if (!empty($andval)) {
$andval = RepPostVar2($andval);
$doandor = empty($listandf) ? '' : ' ' . $andor . ' ';
if (strstr($andval, '__')) {
$andbtr = explode('__', $andval);
$andbtr[0] = (double) $andbtr[0];
$andbtr[1] = (double) $andbtr[1];
if ($andbtr[0] && $andbtr[1]) {
$listandf .= $doandor . $andr[$i] . " BETWEEN '" . $andbtr[0] . "' and '" . $andbtr[1] . "'";
}
} elseif (empty($emod_r[$mid]['setandf'])) {
$listandf .= $doandor . $andr[$i] . "='" . $andval . "'";
} else {
$listandf .= $doandor . $andr[$i] . " like '%" . $andval . "%'";
}
$search .= "&" . $andr[$i] . "={$andval}";
}
function DelMoreMsg($add, $userid, $username)
{
global $empire, $dbtbpre;
$starttime = RepPostVar($add['starttime']);
$endtime = RepPostVar($add['endtime']);
if (!$starttime || !$endtime) {
printerror("EmptyDelMoreMsg", "history.go(-1)");
}
//信箱类型
$msgtype = (int) $add['msgtype'];
if ($msgtype == 1) {
$a = " and outbox=0";
} elseif ($msgtype == 2) {
$a = " and outbox=1";
} elseif ($msgtype == 3) {
$a = " and issys=1";
} else {
$a = "";
}
//发件人
$from_username = RepPostVar($add['from_username']);
if ($from_username) {
if ($add['fromlike'] == 1) {
$a .= " and from_username like '%{$from_username}%'";
} else {
$a .= " and from_username='******'";
}
}
$to_username = RepPostVar($add['to_username']);
if ($to_username) {
if ($add['tolike'] == 1) {
$a .= " and to_username like '%{$to_username}%'";
} else {
$a .= " and to_username='******'";
}
}
//关键字
$keyboard = RepPostVar2($add['keyboard']);
if (trim($keyboard)) {
//检索字段
$keyfield = (int) $add['keyfield'];
if ($keyfield == 1) {
$likef = "title like '%[!--key--]%'";
} elseif ($keyfield == 2) {
$likef = "msgtext like '%[!--key--]%'";
} else {
$likef = "title like '%[!--key--]%' or msgtext like '%[!--key--]%'";
}
$r = explode(",", $keyboard);
$likekey = "";
$count = count($r);
for ($i = 0; $i < $count; $i++) {
if ($i == 0) {
$or = "";
} else {
$or = " or ";
}
$likekey .= $or . str_replace("[!--key--]", $r[$i], $likef);
}
$a .= " and (" . $likekey . ")";
}
$sql = $empire->query("delete from {$dbtbpre}enewsqmsg where msgtime>'{$starttime}' and msgtime<'{$endtime}'" . $a);
if ($sql) {
//操作日志
insert_dolog("starttime={$starttime}&endtime={$endtime}");
printerror("DelMoreMsgSuccess", "DelMoreMsg.php");
} else {
printerror("DbError", "history.go(-1)");
}
}
