function post_add_action($BD)
{
$OK = TRUE;
$who = isset($_SESSION['member']['id']) ? $_SESSION['member']['id'] : 0;
if ($_POST['post_author'] != $who) {
$OK = FALSE;
set_clue('登入身份已經變動要繼續動作請再切換!');
}
if (empty($_POST['post_author_nicename'])) {
$OK = FALSE;
set_clue('請記得填寫作者名稱!');
}
if (empty($_POST['post_title'])) {
$OK = FALSE;
set_clue('請記得填寫標題!');
}
if (empty($_POST['post_content'])) {
$OK = FALSE;
set_clue('最重要的內文怎麼可以不寫呢!');
}
if (!email_check($_POST['post_author_email'])) {
$OK = FALSE;
set_clue('請填寫正確的電子郵件位址!');
}
if ($OK) {
$post_author = $_POST['post_author'];
$post_author_ip = ip2long($_SERVER['REMOTE_ADDR']);
$post_author_nicename = sanitize_text($_POST['post_author_nicename']);
$post_author_email = strtolower($_POST['post_author_email']);
$post_title = sanitize_text($_POST['post_title']);
$post_content = trim($_POST['post_content']);
$post_date = date("Y-m-d H:i:s");
$post_update = $post_date;
$post_update_who = $post_author_nicename;
$post_update_member = $post_author;
$post_board_id = board_id($BD);
if (isset($_POST['post_password']) && !empty($_POST['post_password'])) {
$post_pass = hash('sha256', $_POST['post_password']);
} else {
$post_pass = '';
}
$key = array('post_author', 'post_author_ip', 'post_author_nicename', 'post_author_email', 'post_title', 'post_content', 'post_date', 'post_board', 'post_update', 'post_update_who', 'post_update_member', 'post_password');
$value = array($post_author, $post_author_ip, $post_author_nicename, $post_author_email, $post_title, $post_content, $post_date, $post_board_id, $post_update, $post_update_who, $post_update_member, $post_pass);
input('posts', $key, $value);
$last = mysql_fetch_assoc(inget('LAST_INSERT_ID()', 'posts'));
unset($_SESSION['post']);
header('location: ' . OUT_PATH . $last['LAST_INSERT_ID()']);
} else {
if (!isset($_SESSION['post'])) {
$_SESSION['post'] = array();
}
$_SESSION['post']['author_nicename'] = $_POST['post_author_nicename'];
$_SESSION['post']['author_email'] = $_POST['post_author_email'];
$_SESSION['post']['title'] = $_POST['post_title'];
$_SESSION['post']['content'] = $_POST['post_content'];
$_SESSION['post']['board'] = $BD;
$_SESSION['post']['id'] = 0;
header('location: ' . OUT_PATH . $BD . '/post');
}
}
function get_post_list($board_name = 0, $current_page, $items_page = 0, $list_order = 'post')
{
if ($items_page == 0) {
//need query options implement
}
$board = $board_name ? 'WHERE `post_board` = ' . board_id($board_name) . ' ' : '';
$result = inget('`id`', 'posts', $board);
$total_items = mysql_num_rows($result);
$query = page_items($items_page, $current_page, $total_items);
$start = $query['start'];
$current_page = $query['current_page'];
$total_pages = $query['total_pages'];
$list_order = $list_order == 'update' ? 'post_update' : 'post_date';
$result = inget('`id`, `post_title`, `post_author`, `post_author_nicename`, `post_date`, `post_update`, `post_update_who`, `post_update_member`, `post_board`, `post_change`, `comment_count`', 'posts', $board . 'ORDER BY `' . $list_order . '` DESC LIMIT ' . $start . ', ' . $items_page);
$list = mysql_fetch_all($result);
return $list;
}
