function post_add_action($BD) { $OK = TRUE; $who = isset($_SESSION['member']['id']) ? $_SESSION['member']['id'] : 0; if ($_POST['post_author'] != $who) { $OK = FALSE; set_clue('登入身份已經變動要繼續動作請再切換!'); } if (empty($_POST['post_author_nicename'])) { $OK = FALSE; set_clue('請記得填寫作者名稱!'); } if (empty($_POST['post_title'])) { $OK = FALSE; set_clue('請記得填寫標題!'); } if (empty($_POST['post_content'])) { $OK = FALSE; set_clue('最重要的內文怎麼可以不寫呢!'); } if (!email_check($_POST['post_author_email'])) { $OK = FALSE; set_clue('請填寫正確的電子郵件位址!'); } if ($OK) { $post_author = $_POST['post_author']; $post_author_ip = ip2long($_SERVER['REMOTE_ADDR']); $post_author_nicename = sanitize_text($_POST['post_author_nicename']); $post_author_email = strtolower($_POST['post_author_email']); $post_title = sanitize_text($_POST['post_title']); $post_content = trim($_POST['post_content']); $post_date = date("Y-m-d H:i:s"); $post_update = $post_date; $post_update_who = $post_author_nicename; $post_update_member = $post_author; $post_board_id = board_id($BD); if (isset($_POST['post_password']) && !empty($_POST['post_password'])) { $post_pass = hash('sha256', $_POST['post_password']); } else { $post_pass = ''; } $key = array('post_author', 'post_author_ip', 'post_author_nicename', 'post_author_email', 'post_title', 'post_content', 'post_date', 'post_board', 'post_update', 'post_update_who', 'post_update_member', 'post_password'); $value = array($post_author, $post_author_ip, $post_author_nicename, $post_author_email, $post_title, $post_content, $post_date, $post_board_id, $post_update, $post_update_who, $post_update_member, $post_pass); input('posts', $key, $value); $last = mysql_fetch_assoc(inget('LAST_INSERT_ID()', 'posts')); unset($_SESSION['post']); header('location: ' . OUT_PATH . $last['LAST_INSERT_ID()']); } else { if (!isset($_SESSION['post'])) { $_SESSION['post'] = array(); } $_SESSION['post']['author_nicename'] = $_POST['post_author_nicename']; $_SESSION['post']['author_email'] = $_POST['post_author_email']; $_SESSION['post']['title'] = $_POST['post_title']; $_SESSION['post']['content'] = $_POST['post_content']; $_SESSION['post']['board'] = $BD; $_SESSION['post']['id'] = 0; header('location: ' . OUT_PATH . $BD . '/post'); } }
function get_post_list($board_name = 0, $current_page, $items_page = 0, $list_order = 'post') { if ($items_page == 0) { //need query options implement } $board = $board_name ? 'WHERE `post_board` = ' . board_id($board_name) . ' ' : ''; $result = inget('`id`', 'posts', $board); $total_items = mysql_num_rows($result); $query = page_items($items_page, $current_page, $total_items); $start = $query['start']; $current_page = $query['current_page']; $total_pages = $query['total_pages']; $list_order = $list_order == 'update' ? 'post_update' : 'post_date'; $result = inget('`id`, `post_title`, `post_author`, `post_author_nicename`, `post_date`, `post_update`, `post_update_who`, `post_update_member`, `post_board`, `post_change`, `comment_count`', 'posts', $board . 'ORDER BY `' . $list_order . '` DESC LIMIT ' . $start . ', ' . $items_page); $list = mysql_fetch_all($result); return $list; }