function blog_post($POST, $olds=array()) {
global $_G, $space;
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_G['uid']) {
$isself = 0;
$__G = $_G;
$_G['uid'] = $olds['uid'];
$_G['username'] = addslashes($olds['username']);
}
$POST['subject'] = getstr(trim($POST['subject']), 80);
$POST['subject'] = censor($POST['subject']);
if(strlen($POST['subject'])<1) $POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d');
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
$uids = array();
$names = empty($_POST['target_names'])?array():explode(',', preg_replace("/(\s+)/s", ',', $_POST['target_names']));
if($names) {
$uids = C::t('common_member')->fetch_all_uid_by_username($names);
}
if(empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500);
$POST['tag'] = censor($POST['tag']);
$POST['message'] = checkhtml($POST['message']);
if($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
if(censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) {
$blog_status = 1;
} else {
$blog_status = 0;
}
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname);
$classname = censor($classname);
if(empty($classname)) {
$classid = 0;
} else {
$classid = C::t('home_class')->fetch_classid_by_uid_classname($_G['uid'], $classname);
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_G['uid'],
'dateline' => $_G['timestamp']
);
$classid = C::t('home_class')->insert($setarr, true);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
$query = C::t('home_class')->fetch($classid);
$classname = ($query['uid'] == $_G['uid']) ? $query['classname'] : '';
if(empty($classname)) $classid = 0;
}
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
'password' => $POST['password'],
'noreply' => empty($POST['noreply'])?0:1,
'catid' => intval($POST['catid']),
'status' => $blog_status,
);
$titlepic = '';
$uploads = array();
if(!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = C::t('home_pic')->fetch_all_by_uid($_G['uid'], 0, 0, $picids);
foreach($query as $value) {
if(empty($titlepic) && $value['thumb']) {
$titlepic = getimgthumbname($value['filepath']);
$blogarr['picflag'] = $value['remote']?2:1;
}
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$uploads[md5($picurl)] = $value;
}
if(empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote']?2:1;
}
}
if($uploads) {
$albumid = 0;
if($POST['savealbumid'] < 0 && !empty($POST['newalbum'])) {
$albumname = addslashes(dhtmlspecialchars(trim($POST['newalbum'])));
if(empty($albumname)) $albumname = dgmdate($_G['timestamp'],'Ymd');
$albumarr = array('albumname' => $albumname);
$albumid = album_creat($albumarr);
} else {
$albumid = $POST['savealbumid'] < 0 ? 0 : intval($POST['savealbumid']);
}
if($albumid) {
C::t('home_pic')->update_for_uid($_G['uid'], $picids, array('albumid' => $albumid));
album_update_pic($albumid);
}
preg_match_all("/\s*\<img src=\"(.+?)\".*?\>\s*/is", $message, $mathes);
if(!empty($mathes[1])) {
foreach ($mathes[1] as $key => $value) {
$urlmd5 = md5($value);
if(!empty($uploads[$urlmd5])) {
unset($uploads[$urlmd5]);
}
}
}
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
}
}
$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
if(empty($ckmessage)) {
return false;
}
if(checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if($olds['blogid']) {
if($blogarr['catid'] != $olds['catid']) {
if($olds['catid']) {
C::t('home_blog_category')->update_num_by_catid(-1, $olds['catid'], true, true);
}
if($blogarr['catid']) {
C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']);
}
}
$blogid = $olds['blogid'];
C::t('home_blog')->update($blogid, $blogarr);
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
if($blogarr['catid']) {
C::t('home_blog_category')->update_num_by_catid(1, $blogarr['catid']);
}
$blogarr['uid'] = $_G['uid'];
$blogarr['username'] = $_G['username'];
$blogarr['dateline'] = empty($POST['dateline'])?$_G['timestamp']:$POST['dateline'];
$blogid = C::t('home_blog')->insert($blogarr, true);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => $_G['timestamp']));
C::t('common_member_field_home')->update($_G['uid'], array('recentnote'=>$POST['subject']));
}
$blogarr['blogid'] = $blogid;
$class_tag = new tag();
$POST['tag'] = $olds ? $class_tag->update_field($POST['tag'], $blogid, 'blogid') : $class_tag->add_tag($POST['tag'], $blogid, 'blogid');
$fieldarr = array(
'message' => $message,
'postip' => $_G['clientip'],
'target_ids' => $POST['target_ids'],
'tag' => $POST['tag']
);
if(!empty($titlepic)) {
$fieldarr['pic'] = $titlepic;
}
if($olds) {
C::t('home_blogfield')->update($blogid, $fieldarr);
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
C::t('home_blogfield')->insert($fieldarr);
}
if($isself && !$olds && $blog_status == 0) {
updatecreditbyaction('publishblog', 0, array('blogs' => 1));
include_once libfile('function/stat');
updatestat('blog');
}
if($olds['blogid'] && $blog_status == 1) {
updatecreditbyaction('publishblog', 0, array('blogs' => -1), '', -1);
include_once libfile('function/stat');
updatestat('blog');
}
if($POST['makefeed'] && $blog_status == 0) {
include_once libfile('function/feed');
feed_publish($blogid, 'blogid', $olds?0:1);
}
if(!empty($__G)) $_G = $__G;
if($blog_status == 1) {
updatemoderate('blogid', $blogid);
manage_addnotify('verifyblog');
}
return $blogarr;
}
function blog_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC, $space;
//�����߽�ɫ�л�
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//����
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//��˽
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//�ض�����
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//���Լ��ɼ�
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//����
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//����
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//�������
//����
if ($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
//���˷���
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//������
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if (empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid');
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
//�Ƿ����Լ���
$classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname');
if (empty($classname)) {
$classid = 0;
}
}
//����
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
//����ͼƬ
$titlepic = '';
//��ȡ�ϴ���ͼƬ
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
}
//��������
if ($uploads) {
preg_match_all("/\\<img\\s.*?\\_uchome\\_localimg\\_([0-9]+).+?src\\=\"(.+?)\"/i", $message, $mathes);
if (!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if (!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_{$value}";
$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
unset($uploads[$value]);
}
}
if ($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//�������
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>";
}
}
//û����д�κζ���
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
//���slashes
$message = addslashes($message);
//�������ж�ȡͼƬ
if (empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
//�ȶ�
if (checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
//����
if ($_POST['attachid'] && $_POST['attachpath'] && $_POST['attachname'] && $_POST['attachsize']) {
$blogarr['attachid'] = $_POST['attachid'];
$blogarr['attachpath'] = $_POST['attachpath'];
$blogarr['attachname'] = $_POST['attachname'];
$blogarr['attachsize'] = $_POST['attachsize'];
}
if ($olds['blogid']) {
//����
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid' => $blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
//��������
$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//����
$fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']);
//TAG
$oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if ($POST['tag'] != $oldtagstr) {
if (!empty($olds['tag'])) {
//�Ȱ���ǰ�ĸ������
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if ($oldtags) {
$_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET blognum=blognum-1 WHERE tagid IN (" . simplode($oldtags) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//���¸����е�tag
$fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr));
}
if ($olds) {
//����
updatetable('blogfield', $fieldarr, array('blogid' => $blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//�ռ����
if ($isself) {
if ($olds) {
//�ռ����
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'");
} else {
if (empty($space['blognum'])) {
$space['blognum'] = getcount('blog', array('uid' => $space['uid']));
$blognumsql = "blognum=" . $space['blognum'];
} else {
$blognumsql = 'blognum=blognum+1';
}
//���
$reward = getreward('publishblog', 0);
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$blognumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
//ͳ��
updatestat('blog');
}
}
//����feed
if ($POST['makefeed']) {
include_once S_ROOT . './source/function_feed.php';
feed_publish($blogid, 'blogid', $olds ? 0 : 1);
}
//����
if (empty($olds) && $blogarr['topicid']) {
topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}
//��ɫ�л�
if (!empty($__SGLOBAL)) {
$_SGLOBAL = $__SGLOBAL;
}
return $blogarr;
}
function blog_post($POST, $olds=array()) {
global $_SGLOBAL, $_SC, $space;
//操作者角色切换
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if(strlen($POST['subject'])<1) $POST['subject'] = sgmdate('Y-m-d');
$POST['friend'] = intval($POST['friend']);
//隐私
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names'])?array():explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM ".tname('space')." WHERE username IN (".simplode($names).")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if(empty($uids)) {
$POST['friend'] = 3;//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;//公开
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1); //语词屏蔽
//内容
if($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
//个人分类
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//分类名
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if(empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname'=>$classname, 'uid'=>$_SGLOBAL['supe_uid']), 'classid');
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_SGLOBAL['supe_uid'],
'dateline' => $_SGLOBAL['timestamp']
);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
//是否是自己的
$classname = getcount('class', array('classid'=>$classid, 'uid'=>$_SGLOBAL['supe_uid']), 'classname');
if(empty($classname)) $classid = 0;
}
//主表
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
'password' => $POST['password'],
'noreply' => empty($_POST['noreply'])?0:1
);
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if(!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('pic')." WHERE picid IN (".simplode($picids).") AND uid='$_SGLOBAL[supe_uid]'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if(empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'].'.thumb.jpg';
$blogarr['picflag'] = $value['remote']?2:1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if(empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote']?2:1;
}
}
//插入文章
if($uploads) {
preg_match_all("/\<img\s.*?\_uchome\_localimg\_([0-9]+).+?src\=\"(.+?)\"/i", $message, $mathes);
if(!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if(!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_$value";
$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
unset($uploads[$value]);
}
}
if($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//未插入文章
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
}
}
//没有填写任何东西
$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\ \;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
if(empty($ckmessage)) {
return false;
}
//添加slashes
$message = addslashes($message);
//从内容中读取图片
if(empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
//热度
if(checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if($olds['blogid']) {
//更新
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid'=>$blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
//参与热闹
$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline'])?$_SGLOBAL['timestamp']:$POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//附表
$fieldarr = array(
'message' => $message,
'postip' => getonlineip(),
'target_ids' => $POST['target_ids']
);
//TAG
$oldtagstr = addslashes(empty($olds['tag'])?'':implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if($POST['tag'] != $oldtagstr) {
if(!empty($olds['tag'])) {
//先把以前的给清理掉
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM ".tname('tagblog')." WHERE blogid='$blogid'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if($oldtags) {
$_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum-1 WHERE tagid IN (".simplode($oldtags).")");
$_SGLOBAL['db']->query("DELETE FROM ".tname('tagblog')." WHERE blogid='$blogid'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//更新附表中的tag
$fieldarr['tag'] = empty($tagarr)?'':addslashes(serialize($tagarr));
}
if($olds) {
//更新
updatetable('blogfield', $fieldarr, array('blogid'=>$blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//空间更新
if($isself) {
if($olds) {
//空间更新
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET updatetime='$_SGLOBAL[timestamp]' WHERE uid='$_SGLOBAL[supe_uid]'");
} else {
if(empty($space['blognum'])) {
$space['blognum'] = getcount('blog', array('uid'=>$space['uid']));
$blognumsql = "blognum=".$space['blognum'];
} else {
$blognumsql = 'blognum=blognum+1';
}
//积分
$reward = getreward('publishblog', 0);
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET {$blognumsql}, lastpost='$_SGLOBAL[timestamp]', updatetime='$_SGLOBAL[timestamp]', credit=credit+$reward[credit], experience=experience+$reward[experience] WHERE uid='$_SGLOBAL[supe_uid]'");
//统计
updatestat('blog');
}
}
//产生feed
if($POST['makefeed']) {
include_once(S_ROOT.'./source/function_feed.php');
feed_publish($blogid, 'blogid', $olds?0:1);
}
//热闹
if(empty($olds) && $blogarr['topicid']) {
topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}
//角色切换
if(!empty($__SGLOBAL)) $_SGLOBAL = $__SGLOBAL;
return $blogarr;
}
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('thread') . " WHERE tid='{$tid}'");
if (!($thread = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('no_privilege');
}
//检查权限
$tagid = $thread['tagid'];
$mtag = ckmtagspace($thread['tagid']);
if ($mtag['grade'] < 8 && $thread['uid'] != $_SGLOBAL['supe_uid'] && $userevent['status'] < 3) {
showmessage('no_privilege');
}
}
$subject = getstr($_POST['subject'], 80, 1, 1, 1);
if (strlen($subject) < 2) {
showmessage('title_not_too_little');
}
$_POST['message'] = checkhtml($_POST['message']);
$_POST['message'] = getstr($_POST['message'], 0, 1, 0, 1, 0, 1);
$_POST['message'] = preg_replace("/\\<div\\>\\<\\/div\\>/i", '', $_POST['message']);
$message = $_POST['message'];
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if (!empty($_POST['picids'])) {
$picids = array_keys($_POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = pic_get($value['filepath'], $value['thumb'], $value['remote']);
}
$uploads[$_POST['picids'][$value['picid']]] = $value;
include_once S_ROOT . './source/function_blog.php';
if (empty($results) || empty($_POST['ids'])) {
showmessage('choose_at_least_one_log', 'cp.php?ac=import');
}
$allcount = $incount = 0;
krsort($results);
//倒序
foreach ($results as $key => $value) {
$allcount = $allcount + 1;
if (in_array($key, $_POST['ids'])) {
$value = saddslashes($value);
$dateline = intval(sstrtotime($value['dateCreated']));
$subject = getstr($value['title'], 80, 1, 1, 1);
$message = isset($value['description']) ? $value['description'] : $value['content'];
$message = getstr($message, 0, 1, 1, 1, 0, 1);
$message = checkhtml($message);
if (empty($subject) || empty($message)) {
$results[$key]['status'] = '--';
$results[$key]['blogid'] = 0;
continue;
}
//开始导入
$blogarr = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'subject' => $subject, 'pic' => getmessagepic($message), 'dateline' => $dateline ? $dateline : $_SGLOBAL['timestamp']);
$blogid = inserttable('blog', $blogarr, 1);
//插入内容
$fieldarr = array('blogid' => $blogid, 'message' => $message, 'postip' => getonlineip());
inserttable('blogfield', $fieldarr);
//统计
$incount = $incount + 1;
$results[$key]['status'] = 'OK';
$results[$key]['blogid'] = $blogid;
function blog_post($POST, $olds = array())
{
global $_G, $space;
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_G['uid']) {
$isself = 0;
$__G = $_G;
$_G['uid'] = $olds['uid'];
$_G['username'] = addslashes($olds['username']);
}
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1);
$POST['subject'] = censor($POST['subject']);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(',', preg_replace("/(\\s+)/s", ',', $_POST['target_names']));
if ($names) {
$query = DB::query("SELECT uid FROM " . DB::table('common_member') . " WHERE username IN (" . dimplode($names) . ")");
while ($value = DB::fetch($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1);
$POST['tag'] = censor($POST['tag']);
if ($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 0, 1);
$POST['message'] = censor($POST['message']);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
if (censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) {
$blog_status = 1;
} else {
$blog_status = 0;
}
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1);
$classname = censor($classname);
if (empty($classname)) {
$classid = 0;
} else {
$classid = DB::result(DB::query("SELECT classid FROM " . DB::table('home_class') . " WHERE uid='{$_G['uid']}' AND classname='{$classname}'"));
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_G['uid'], 'dateline' => $_G['timestamp']);
$classid = DB::insert('home_class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
$classname = DB::result(DB::query("SELECT classname FROM " . DB::table('home_class') . " WHERE classid='{$classid}' AND uid='{$_G['uid']}'"));
if (empty($classname)) {
$classid = 0;
}
}
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($POST['noreply']) ? 0 : 1, 'catid' => intval($POST['catid']), 'status' => $blog_status);
$titlepic = '';
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = DB::query("SELECT * FROM " . DB::table('home_pic') . " WHERE picid IN (" . dimplode($picids) . ") AND uid='{$_G['uid']}'");
while ($value = DB::fetch($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
}
if ($uploads) {
preg_match_all("/\\[imgid\\=(\\d+)\\]/i", $message, $mathes);
if (!empty($mathes[1])) {
$searchs = $replaces = array();
foreach ($mathes[1] as $key => $value) {
if (!empty($uploads[$value])) {
$picurl = pic_get($uploads[$value]['filepath'], 'album', $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
$searchs[] = "[imgid={$value}]";
$replaces[] = "<img src=\"{$picurl}\">";
unset($uploads[$value]);
}
}
if ($searchs) {
$message = str_replace($searchs, $replaces, $message);
}
}
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], 'album', $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>";
}
}
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
$message = addslashes($message);
if (empty($titlepic) && empty($olds)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
if (checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if ($olds['blogid']) {
if ($blogarr['catid'] != $olds['catid']) {
if ($olds['catid']) {
DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num-1 WHERE catid='{$olds['catid']}' AND num>0");
}
if ($blogarr['catid']) {
DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num+1 WHERE catid='{$blogarr['catid']}'");
}
}
$blogid = $olds['blogid'];
DB::update('home_blog', $blogarr, array('blogid' => $blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
if ($blogarr['catid']) {
DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num+1 WHERE catid='{$blogarr['catid']}'");
}
$blogarr['uid'] = $_G['uid'];
$blogarr['username'] = $_G['username'];
$blogarr['dateline'] = empty($POST['dateline']) ? $_G['timestamp'] : $POST['dateline'];
$blogid = DB::insert('home_blog', $blogarr, 1);
DB::update('common_member_status', array('lastpost' => $_G['timestamp']), array('uid' => $_G['uid']));
DB::update('common_member_field_home', array('recentnote' => $POST['subject']), array('uid' => $_G['uid']));
}
$blogarr['blogid'] = $blogid;
$fieldarr = array('message' => $message, 'postip' => $_G['clientip'], 'target_ids' => $POST['target_ids'], 'tag' => $POST['tag']);
if (!empty($titlepic)) {
$fieldarr['pic'] = $titlepic;
}
if ($olds) {
DB::update('home_blogfield', $fieldarr, array('blogid' => $blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
DB::insert('home_blogfield', $fieldarr);
}
if ($isself && !$olds && $blog_status == 0) {
updatecreditbyaction('publishblog', 0, array('blogs' => 1));
include_once libfile('function/stat');
updatestat('blog');
}
if ($POST['makefeed'] && $blog_status == 0) {
include_once libfile('function/feed');
feed_publish($blogid, 'blogid', $olds ? 0 : 1);
}
if (!empty($__G)) {
$_G = $__G;
}
return $blogarr;
}
function blog_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC;
//操作者角色切换
if (!empty($olds['uid'])) {
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//隐私
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//公开
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//语词屏蔽
//内容
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace("/\\<div\\>\\<\\/div\\>/i", '', $POST['message']);
$message = $POST['message'];
//个人分类
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//分类名
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if (empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid');
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
//是否是自己的
$classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname');
if (empty($classname)) {
$classid = 0;
}
}
//主表
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
}
//插入文章
if ($uploads) {
preg_match_all("/\\<img\\s.*?\\_uchome\\_localimg\\_([0-9]+).+?src\\=\"(.+?)\"/i", $message, $mathes);
if (!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if (!empty($mathes[2][$key]) && !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_{$value}";
$replaces[] = mkpicurl($uploads[$value], 0);
unset($uploads[$value]);
}
}
if ($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//未插入文章
foreach ($uploads as $value) {
$picurl = mkpicurl($value, 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"{$picurl}\"><p>{$value['title']}</p></div>";
}
}
//没有填写任何东西
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
//添加slashes
$message = addslashes($message);
//从内容中读取图片
if (empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;
if ($olds['blogid']) {
//更新
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid' => $blogid));
$fuids = array();
$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1);
}
$blogarr['blogid'] = $blogid;
//附表
$fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']);
//TAG
$oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if ($POST['tag'] != $oldtagstr) {
if (!empty($olds['tag'])) {
//先把以前的给清理掉
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if ($oldtags) {
$_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET blognum=blognum-1 WHERE tagid IN (" . simplode($oldtags) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('tagblog') . " WHERE blogid='{$blogid}'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//更新附表中的tag
$fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr));
}
if ($olds) {
//更新
updatetable('blogfield', $fieldarr, array('blogid' => $blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}
//空间更新
if ($olds) {
//空间更新
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'");
} else {
//积分
updatespacestatus('get', 'blog');
}
//feed
if (empty($olds) && $blogarr['friend'] != 3) {
//事件feed
$fs = array();
$fs['icon'] = 'blog';
$fs['title_data'] = array();
$fs['images'] = $fs['image_links'] = array();
if ($blogarr['friend'] == 4) {
//加密日志feed
$fs['title_template'] = cplang('feed_blog_password');
$fs['title_data'] = array('subject' => "<a href=\"space.php?uid={$_SGLOBAL['supe_uid']}&do=blog&id={$blogid}\">{$blogarr['subject']}</a>");
$fs['body_template'] = '';
$fs['body_data'] = array();
} else {
if ($blogarr['pic']) {
$fs['images'] = array(mkpicurl($blogarr));
$fs['image_links'] = array("space.php?uid={$_SGLOBAL['supe_uid']}&do=blog&id={$blogid}");
}
$fs['title_template'] = cplang('feed_blog');
$fs['body_template'] = '<b>{subject}</b><br>{summary}';
$fs['body_data'] = array('subject' => "<a href=\"space.php?uid={$_SGLOBAL['supe_uid']}&do=blog&id={$blogid}\">{$blogarr['subject']}</a>", 'summary' => getstr($message, 150, 1, 1, 0, 0, -1));
}
$fs['body_general'] = '';
$fs['target_ids'] = $fieldarr['target_ids'];
$fs['friend'] = $blogarr['friend'];
if (ckprivacy('blog', 1)) {
include_once S_ROOT . './source/function_cp.php';
feed_add($fs['icon'], $fs['title_template'], $fs['title_data'], $fs['body_template'], $fs['body_data'], $fs['body_general'], $fs['images'], $fs['image_links'], $fs['target_ids'], $fs['friend']);
}
}
//角色切换
if (!empty($__SGLOBAL)) {
$_SGLOBAL = $__SGLOBAL;
}
return $blogarr;
}
function save_news()
{
$site = $this->config->item('site');
$this->config->load('uploader_settings', TRUE);
$this->load->helper("getstr");
$this->load->helper("checkhtml");
$this->load->helper(array('form', 'url'));
$this->load->library('form_validation');
$this->form_validation->set_rules('title', 'News Title', 'required|max_length[255]');
$this->form_validation->set_rules('content', 'News Detail', 'required');
//$this->form_validation->set_rules('catid', 'Category', 'required|numeric');
//$this->form_validation->set_rules('path', 'Photo', 'required');
$this->form_validation->set_rules('tag', 'Tag', 'required|max_length[100]');
if ($this->form_validation->run() == FALSE) {
$message = validation_errors();
$json = array("code" => 0, "message" => $message);
echo json_encode($json);
die;
} else {
$title = $this->input->post("title", TRUE);
$title = getstr($title, 255, 0, 0, -1);
$content = $this->input->post("content");
//Sexy过滤
$sexword = array("Vibrator", "Pink Leopard", "Stimulator", "G-Spot", "california exotics", "sexual", "sexy", "Circumcision", "Stimulation", "Penis", "Clitoral", "Penis Enlarger", "Vaginal", "Adult Toys", "Personal Massager", "Pink Lady", "cook ring", "v****a", "Cigarette", "condom", "vibrator", "personal Lubricant", "Toy-G", "urethral", "Vibrating Ring", "masturbation", "masturbators", "Virgin", "vibrators", "G spot", "Vibrating Wand", "cigar", "anal", "vibrating ball", "Fat Ring", "bullet", "wet towel", "Love Lounger", "Nandrolone phenylpropionate", "Climax", "d***o", "Women massaging", "Artificial Pussy", "Silicone Finger Ring", "Fresh pussy", "Gynecological Hydrogel", "delay spray", "Delay wet tissue", "Male Enhancement", "Exercise Balls", "Classic Double Balls", "Geisha", "Pussy", "Premature E*********n", "Double Dong", "OTO tablets", "Princess doll", "Fleshlight", "Massaging Wand", "Roman emperor", "NITERIDER", "love doll", "contraceptive", "spermicide", "sperm", "Black Ant", "beads Pulse", "Rabbits Rings", "Rabbits Ring", "Love Making", "Make Love", "love ball", "Power Love", "Pornography", "marijuana", "drug", "breast", "masturbator", "Original", "inflatable doll", "Kinekt", "nipple cover", "nipple tape");
foreach ($sexword as $sex) {
if (preg_match("/\\b{$sex}\\b/i", $title)) {
$json = array("code" => 0, "message" => "Title Contains Sensitive Words!");
echo json_encode($json);
die;
} elseif (preg_match("/\\b{$sex}\\b/i", $content)) {
$json = array("code" => 0, "message" => "Content Contains Sensitive Words!");
echo json_encode($json);
die;
}
}
$timestamp = time();
$img_rootpath = $this->config->item('img_rootpath', 'uploader_settings');
$img_path = $this->config->item('img_path', 'uploader_settings');
$username = $this->username;
$itemid = $this->input->post("itemid");
$itemid = intval($itemid);
$linkurl = preg_replace("/[^a-zA-z0-9]+/", "-", $title);
$introduce = $this->input->post("introduce") ? $this->input->post("introduce") : getstr($content, 255, 0, 0, -1);
$content = checkhtml($content);
$catid = $this->input->post("catid");
$catid = intval($catid);
$thumb = $this->input->post("path", TRUE);
$thumb = getstr($thumb, 255, 0, 0, -1);
$tag = $this->input->post("tag", TRUE);
$tag = getstr($tag, 255, 0, 0, -1);
$author = $this->input->post("author") ? $this->input->post("author") : $username;
$author = getstr($author, 50, 0, 0, -1);
$editor = $this->input->post("editor") ? $this->input->post("editor") : $username;
$editor = getstr($editor, 30, 0, 0, -1);
$source = $this->input->post("source") ? $this->input->post("source") : $site['site_name'];
$source = getstr($source, 30, 0, 0, -1);
$fromurl = $this->input->post("fromurl") ? $this->input->post("fromurl") : $site['main_domain'];
$fromurl = getstr($fromurl, 255, 0, 0, -1);
$ip = $this->input->ip_address();
$areaid = intval($areaid);
if ($fromurl && stripos($fromurl, $site['site_url']) === false) {
$islink = 1;
}
$totime = strtotime("30 years");
if ($itemid) {
$findnews = $this->comm->find("news", array("itemid" => $itemid, "username" => $username));
if (!$findnews) {
$json = array("code" => 0, "message" => 'Update error : You don\'t have operation permissions or the news is not exsit');
echo json_encode($json);
die;
}
if ($catid) {
$findcate = $this->comm->find("category", array("catid" => $catid, "parentid" => 0));
if (!$findcate) {
$json = array("code" => 0, "message" => 'Please choose the Category');
echo json_encode($json);
die;
} else {
$catid = 0;
}
}
$updaterecord = array('title' => $title, 'catid' => $catid, 'tag' => $tag, 'areaid' => $areaid, 'author' => $author, 'editor' => $editor, 'source' => $source, 'fromurl' => $fromurl, 'username' => $username, 'edittime' => $timestamp, 'introduce' => $introduce, 'totime' => $totime, 'linkurl' => $linkurl, 'ip' => $ip, 'news_data' => array('content' => $content));
$this->comm->linker()->update("news", array("itemid" => $itemid), $updaterecord);
$newthumb = $this->move_image($thumb, $linkurl);
if ($newthumb !== false) {
$this->db->update("news", array("thumb" => $newthumb), array("itemid" => $itemid));
}
$json = array("code" => 1, 'message' => "update success", 'href' => site_url("user/news/manage_news"));
echo json_encode($json);
die;
} else {
$companyinfo = $this->comm->linker()->find("member", array("username" => $username));
$newrecord = array('title' => $title, 'catid' => $catid, 'tag' => $tag, 'areaid' => $areaid, 'author' => $author, 'editor' => $editor, 'source' => $source, 'fromurl' => $fromurl, 'addtime' => $timestamp, 'username' => $username, "edittime" => $timestamp, 'introduce' => $introduce, 'totime' => $totime, 'linkurl' => $linkurl, 'status' => 2, 'ip' => $ip, 'news_data' => array('content' => $content));
$cmd5 = md5($title . $companyinfo['company']);
$findnews = $this->comm->find("check_news", array("cmd5" => $cmd5));
if (!$findnews) {
$itemid = $this->comm->linker()->create("news", $newrecord);
if ($itemid) {
$newthumb = $this->move_image($thumb, $linkurl);
if ($newthumb) {
$this->db->update("news", array("thumb" => $newthumb), array("itemid" => $itemid));
}
$this->db->insert("check_news", array("cmd5" => $cmd5, "nid" => $itemid));
$json = array("code" => 1, 'message' => "post successfully", 'href' => site_url("user/news/manage_news"));
echo json_encode($json);
} else {
$json = array("code" => 0, 'message' => 'post error,please retry');
echo json_encode($json);
}
} else {
$json = array("code" => 0, 'message' => 'The News has exsit');
echo json_encode($json);
}
}
}
}
function comment_post()
{
$this->check_token();
$id = I('get.id', 0, 'intval');
$comment = $this->get_request_data();
if ($id > 0 && $this->check_body_fields($comment, array("content"))) {
if (!M('information')->where(array('id' => $id, 'status' => 1))->count()) {
$this->error(1405);
}
$_POST['member_id'] = $this->uid;
$rules = array(array('content', 'require', '内容不能为空!', 1, ''));
$_POST['content'] = checkhtml($comment['content']);
$_POST['table'] = 'information';
$_POST['table_id'] = $id;
$result = update_data('comment', $rules);
if (is_numeric($result)) {
$this->success(array("comment_id" => $result));
} else {
$this->error($result);
}
}
$this->error(1001);
}
function member_edit2()
{
$userid = intval($this->uri->rsegment(3, 0));
$result = $this->comm->linker()->find('member', array('userid' => $userid), 'edittime DESC', '');
$user = array();
$company = array();
$data['user'] = $user[] = $result;
$data['company'] = $company[] = $result['mcompany'];
$data['area'] = $area = $this->comm->findAll('area', '', 'listorder DESC', 'areaid,areaname', '');
$data['areaid'] = $result['areaid'];
$phone = $result['mobile'];
$phone = explode("-", $phone);
if (count($phone) == 2) {
$data['phone_1'] = isset($phone[0]) ? $phone[0] : "086";
$data['phone_2'] = $phone[1];
} else {
$data['phone_1'] = '';
$data['phone_2'] = '';
}
$data['groupid'] = $result['groupid'];
$data['ctype'] = $result['mcompany']['ctype'];
$data['thumb'] = $result['mcompany']['thumb'];
$data['mode'] = $mode = $result['mcompany']['mode'];
$data['size'] = $result['mcompany']['size'];
$data['regunit'] = $result['mcompany']['regunit'];
$telephone = $result['mcompany']['telephone'];
$telephone = explode("-", $telephone);
if ($telephone[0]) {
$data['telephone_1'] = isset($telephone[0]) ? $telephone[0] : "086";
$data['telephone_2'] = $telephone[1];
$data['telephone_3'] = $telephone[2];
} else {
$data['telephone_1'] = '';
$data['telephone_2'] = '';
$data['telephone_3'] = '';
}
$content = $result['company_data']['content'];
$data['content'] = checkhtml($content);
$this->load->view('member/member/member_edit', $data);
}
function save_sell()
{
$this->config->load('uploader_settings', TRUE);
$this->load->helper("getstr");
$this->load->helper("checkhtml");
$this->load->helper(array('form', 'url'));
$this->load->library('form_validation');
$this->form_validation->set_rules('title', 'Product Name', 'required|max_length[255]');
$this->form_validation->set_rules('content', 'product Detail', 'required');
$this->form_validation->set_rules('catid', 'Category', 'required|numeric');
$this->form_validation->set_rules('path', 'Photo', 'required');
$this->form_validation->set_rules('minamount', 'Minimum Order', 'required|numeric');
$this->form_validation->set_rules('unit', 'Unit Type', 'required');
$this->form_validation->set_rules('minprice', 'Price', 'required|numeric');
$this->form_validation->set_rules('currency', 'Currency', 'required');
if ($this->form_validation->run() == FALSE) {
$message = validation_errors();
$json = array("code" => 0, "message" => $message);
echo json_encode($json);
die;
} else {
$title = $this->input->post("title", TRUE);
$title = getstr($title, 255, 0, 0, -1);
$content = $this->input->post("content");
//Sexy过滤
$sexword = array("Vibrator", "Pink Leopard", "Stimulator", "G-Spot", "california exotics", "sexual", "sexy", "Circumcision", "Stimulation", "Penis", "Clitoral", "Penis Enlarger", "Vaginal", "Adult Toys", "Personal Massager", "Pink Lady", "cook ring", "v****a", "Cigarette", "condom", "vibrator", "personal Lubricant", "Toy-G", "urethral", "Vibrating Ring", "masturbation", "masturbators", "Virgin", "vibrators", "G spot", "Vibrating Wand", "cigar", "anal", "vibrating ball", "Fat Ring", "bullet", "wet towel", "Love Lounger", "Nandrolone phenylpropionate", "Climax", "d***o", "Women massaging", "Artificial Pussy", "Silicone Finger Ring", "Fresh pussy", "Gynecological Hydrogel", "delay spray", "Delay wet tissue", "Male Enhancement", "Exercise Balls", "Classic Double Balls", "Geisha", "Pussy", "Premature E*********n", "Double Dong", "OTO tablets", "Princess doll", "Fleshlight", "Massaging Wand", "Roman emperor", "NITERIDER", "love doll", "contraceptive", "spermicide", "sperm", "Black Ant", "beads Pulse", "Rabbits Rings", "Rabbits Ring", "Love Making", "Make Love", "love ball", "Power Love", "Pornography", "marijuana", "drug", "breast", "masturbator", "Original", "inflatable doll", "Kinekt", "nipple cover", "nipple tape");
foreach ($sexword as $sex) {
if (preg_match("/\\b{$sex}\\b/i", $title)) {
$json = array("code" => 0, "message" => "Title Contains Sensitive Words!");
echo json_encode($json);
die;
} elseif (preg_match("/\\b{$sex}\\b/i", $content)) {
$json = array("code" => 0, "message" => "Content Contains Sensitive Words!");
echo json_encode($json);
die;
}
}
$timestamp = time();
$img_rootpath = $this->config->item('img_rootpath', 'uploader_settings');
$img_path = $this->config->item('img_path', 'uploader_settings');
$username = $this->username;
$itemid = $this->input->post("itemid");
$itemid = intval($itemid);
$linkurl = preg_replace("/[^a-zA-z0-9]+/", "-", $title);
$introduce = getstr($content, 255, 0, 0, -1);
$content = checkhtml($content);
$catid = $this->input->post("catid");
$catid = intval($catid);
$thumb = $this->input->post("path", TRUE);
$thumb = getstr($thumb, 255, 0, 0, -1);
$thumb1 = $this->input->post("path_1", TRUE);
$thumb1 = getstr($thumb1, 255, 0, 0, -1);
$thumb2 = $this->input->post("path_2", TRUE);
$thumb2 = getstr($thumb2, 255, 0, 0, -1);
$option = $this->input->post("option", TRUE);
foreach ($option as $k => $v) {
$tmp[$k] = getstr($v, 255, 0, 0, -1);
}
$option = $tmp;
$minamount = $this->input->post("minamount");
$minamount = floatval($minamount);
$unit = $this->input->post("unit", TRUE);
$unit = getstr($unit, 30, 0, 0, -1);
$minprice = $this->input->post("minprice");
$minprice = floatval($minprice);
$currency = $this->input->post("currency", TRUE);
$currency = getstr($currency, 15, 0, 0, -1);
$mycatid = $this->input->post("mycatid");
$mycatid = intval($mycatid);
$ip = $this->input->ip_address();
$i = 0;
foreach ($option as $k => $v) {
if ($i == 0) {
if (!is_numeric($v)) {
$areaid = 1;
break;
}
$areaid = $v;
$area = $this->comm->find("area", array("areaid" => $areaid));
$araeid = $area['areaid'];
$option[$k] = $area['areaname'];
break;
}
}
$areaid = intval($areaid);
if ($itemid) {
$findsell = $this->comm->find("sell", array("itemid" => $itemid, "username" => $username));
if (!$findsell) {
$json = array("code" => 0, "message" => 'Update error : You don\'t have operation permissions or the product is not exsit');
echo json_encode($json);
die;
}
$findcate = $this->comm->find("category", array("catid" => $catid));
if ($findcate && $findcate['child'] == 1) {
$json = array("code" => 0, "message" => 'Please choose the last Category');
echo json_encode($json);
die;
}
$updaterecord = array('title' => $title, 'catid' => $catid, 'mycatid' => $mycatid, 'areaid' => $areaid, 'unit' => $unit, 'minprice' => $minprice, 'maxprice' => $minprice, 'currency' => $currency, 'minamount' => $minamount, 'groupid' => 6, "edittime" => $timestamp, "editdate" => date("Y-m-d", $timestamp), 'introduce' => $introduce, "linkurl" => $linkurl, 'sell_data' => array('content' => $content));
$this->comm->linker()->update("sell", array("itemid" => $itemid), $updaterecord);
foreach ($option as $k => $o) {
$oid = $k;
$value = $o;
$this->db->update("category_value", array("value" => $value), array("itemid" => $itemid, "oid" => $oid));
}
$newthumb = $this->move_image($thumb, $linkurl);
if ($newthumb !== false) {
$this->db->update("sell", array("thumb" => $newthumb), array("itemid" => $itemid));
}
if ($thumb1) {
$newthumb1 = $this->move_image($thumb1, $linkurl);
if ($newthumb !== false) {
$this->db->update("sell", array("thumb1" => $newthumb1), array("itemid" => $itemid));
}
}
if ($thumb2) {
$newthumb2 = $this->move_image($thumb2, $linkurl);
if ($newthumb !== false) {
$this->db->update("sell", array("thumb2" => $newthumb2), array("itemid" => $itemid));
}
}
$json = array("code" => 1, 'message' => "update success", 'href' => site_url("user/sell/manage_sell"));
echo json_encode($json);
die;
} else {
$companyinfo = $this->comm->linker()->find("member", array("username" => $username));
$newrecord = array('title' => $title, 'catid' => $catid, 'mycatid' => $mycatid, 'areaid' => $areaid, 'unit' => $unit, 'minprice' => $minprice, 'maxprice' => $minprice, 'currency' => $currency, 'minamount' => $minamount, 'thumb' => $thumb, 'thumb1' => $thumb1, 'thumb2' => $thumb2, 'groupid' => 6, 'pptword' => '', 'company' => $companyinfo['company'], 'truename' => $companyinfo['truename'], 'username' => $username, "telephone" => $companyinfo['mcompany']['telephone'], "mobile" => $companyinfo['mobile'], "address" => $companyinfo['mcompany']['address'], "email" => $companyinfo['mcompany']['mail'], "addtime" => $timestamp, "edittime" => $timestamp, "adddate" => date("Y-m-d", $timestamp), "editdate" => date("Y-m-d", $timestamp), "status" => 1, 'ip' => $ip, 'introduce' => $introduce, "linkurl" => $linkurl, 'sell_data' => array('content' => $content));
$cmd5 = md5($title . $companyinfo['company']);
$findsell = $this->comm->find("check_sell", array("cmd5" => $cmd5));
if (!$findsell) {
$itemid = $this->comm->linker()->create("sell", $newrecord);
if ($itemid) {
$parentids = $this->comm->find("category", array("catid" => $catid));
$parentids = $parentids['arrparentid'] . "," . $catid;
$parentids = explode(",", $parentids);
foreach ($parentids as $catid) {
$this->db->set("item", "item+1", FALSE);
$this->db->where("catid", $catid);
$this->db->update("category");
}
foreach ($option as $k => $o) {
$oid = $k;
$value = $o;
if (!empty($value)) {
$this->db->insert("category_value", array("itemid" => $itemid, "oid" => $oid, "value" => $value));
$this->db->set("item", "item+1", FALSE);
$this->db->where("oid", $oid);
$this->db->update("category_option");
}
}
$option_values = $this->comm->findAll("category_value", array("itemid" => $itemid), "oid asc");
$tmp_op = array();
foreach ($option_values as $v) {
$tmp_op[] = $v['oid'];
}
$option_values = implode(",", $tmp_op);
$newthumb = $this->move_image($thumb, $linkurl);
if ($newthumb) {
$this->db->update("sell", array("pptword" => $option_values, "thumb" => $newthumb), array("itemid" => $itemid));
} else {
$this->db->update("sell", array("pptword" => $option_values), array("itemid" => $itemid));
}
if ($thumb1) {
$newthumb1 = $this->move_image($thumb1, $linkurl);
if ($newthumb1) {
$this->db->update("sell", array("thumb1" => $newthumb1), array("itemid" => $itemid));
}
}
if ($thumb2) {
$newthumb2 = $this->move_image($thumb2, $linkurl);
if ($newthumb2) {
$this->db->update("sell", array("thumb2" => $newthumb2), array("itemid" => $itemid));
}
}
$this->db->insert("check_sell", array("cmd5" => $cmd5, "sid" => $itemid));
$json = array("code" => 1, 'message' => "post successfully", 'href' => site_url("user/sell/manage_sell"));
echo json_encode($json);
} else {
$json = array("code" => 0, 'message' => 'post error,please retry');
echo json_encode($json);
}
} else {
$json = array("code" => 0, 'message' => 'The product has exsit');
echo json_encode($json);
}
}
}
}
function hclean($string)
{
$string = strip_tags($string, '<p><a><b><i><blockquote><h1><h2><ol><ul><li><img><div><br><pre><strike>');
$string = checkhtml($string);
$string = tidytag($string);
return $string;
}
function pick_blog_post($POST, $olds = array())
{
global $_G, $space;
$__G = $_G;
$_G['uid'] = $POST['uid'];
$_G['username'] = addslashes($POST['username']);
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1);
//$POST['subject'] = addslashes($POST['subject']);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = dgmdate($POST['public_time'], 'Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
$uids = array();
$names = empty($_GET['target_names']) ? array() : explode(',', preg_replace("/(\\s+)/s", ',', $_GET['target_names']));
if ($names) {
$query = DB::query("SELECT uid FROM " . DB::table('common_member') . " WHERE username IN (" . dimplode($names) . ")");
while ($value = DB::fetch($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['article_tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1);
$POST['tag'] = censor($POST['tag']);
if ($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 0, 1);
//$POST['message'] = addslashes($POST['message']);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
$blog_status = 0;
if ($olds['blog_id']) {
$info = DB::fetch_first("SELECT blogid FROM " . DB::table('home_blog') . " WHERE blogid='" . $olds['blog_id'] . "'");
}
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1);
$classname = censor($classname);
if (empty($classname)) {
$classid = 0;
} else {
$classid = DB::result(DB::query("SELECT classid FROM " . DB::table('home_class') . " WHERE uid='{$_G['uid']}' AND classname='{$classname}'"));
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_G['uid'], 'dateline' => $_G['timestamp']);
$classid = DB::insert('home_class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
$classname = DB::result(DB::query("SELECT classname FROM " . DB::table('home_class') . " WHERE classid='{$classid}' AND uid='{$_G['uid']}'"));
if (empty($classname)) {
$classid = 0;
}
}
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'viewnum' => $POST['view_num'], 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($POST['noreply']) ? 0 : 1, 'catid' => intval($POST['catid']), 'status' => $blog_status);
$titlepic = '';
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
$message = addslashes($message);
if (checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if ($blogarr['catid']) {
DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num+1 WHERE catid='{$blogarr['catid']}'");
}
$blogarr['uid'] = $_G['uid'];
$blogarr['username'] = $_G['username'];
$blogarr['dateline'] = empty($POST['public_time']) ? $_G['timestamp'] : $POST['public_time'];
if ($info['blogid']) {
DB::update('home_blog', $blogarr, array('blogid' => $info['blogid']));
$blogid = $info['blogid'];
} else {
$blogid = DB::insert('home_blog', $blogarr, 1);
}
DB::update('common_member_status', array('lastpost' => $POST['public_time']), array('uid' => $_G['uid']));
DB::update('common_member_field_home', array('recentnote' => $POST['subject']), array('uid' => $_G['uid']));
$blogarr['blogid'] = $blogid;
if (function_exists('modblogtag')) {
$POST['tag'] = $olds ? modblogtag($POST['tag'], $blogid) : addblogtag($POST['tag'], $blogid);
} else {
$class_tag = new tag();
$POST['tag'] = $olds ? $class_tag->update_field($POST['tag'], $blogid, 'blogid') : $class_tag->add_tag($POST['tag'], $blogid, 'blogid');
}
$fieldarr = array('message' => $message, 'postip' => $_G['clientip'], 'target_ids' => $POST['target_ids'], 'tag' => $POST['tag']);
if (!empty($titlepic)) {
$fieldarr['pic'] = $titlepic;
}
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
if ($info['blogid']) {
DB::update('home_blogfield', $fieldarr, array('blogid' => $info['blogid']));
} else {
DB::query("UPDATE " . DB::table('common_member_count') . " SET blogs=blogs+1 WHERE uid='{$fieldarr['uid']}'");
//更新数
DB::insert('home_blogfield', $fieldarr);
}
if ($isself && !$olds && $blog_status == 0) {
updatecreditbyaction('publishblog', 0, array('blogs' => 1));
include_once libfile('function/stat');
updatestat('blog');
}
if ($POST['makefeed'] && $blog_status == 0) {
include_once libfile('function/feed');
feed_publish($blogid, 'blogid', $olds ? 0 : 1);
}
if (!empty($__G)) {
$_G = $__G;
}
if ($blog_status == 1) {
updatemoderate('blogid', $blogid);
manage_addnotify('verifyblog');
}
return $blogarr;
}
function bwzt_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC, $space;
//操作者角色切换
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//性别
$POST['sex'] = getstr(trim($POST['sex']), 80, 1, 1, 1);
if (strlen($POST['sex']) < 1) {
$POST['sex'] = "女";
}
//年龄
$POST['age'] = intval($POST['age']);
if ($POST['age'] < 0) {
$POST['age'] = 0;
}
//隐私
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//公开
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//语词屏蔽
//内容
if ($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
//个人分类
if (empty($olds['bwztclassid']) || $POST['bwztclassid'] != $olds['bwztclassid']) {
if (!empty($POST['bwztclassid']) && substr($POST['bwztclassid'], 0, 4) == 'new:') {
//分类名
$bwztclassname = shtmlspecialchars(trim(substr($POST['bwztclassid'], 4)));
$bwztclassname = getstr($bwztclassname, 0, 1, 1, 1);
if (empty($bwztclassname)) {
$bwztclassid = 0;
} else {
$bwztclassid = getcount('bwztclass', array('bwztclassname' => $bwztclassname, 'uid' => $_SGLOBAL['supe_uid']), 'bwztclassid');
if (empty($bwztclassid)) {
$setarr = array('bwztclassname' => $bwztclassname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$bwztclassid = inserttable('bwztclass', $setarr, 1);
}
}
} else {
$bwztclassid = intval($POST['bwztclassid']);
}
} else {
$bwztclassid = $olds['bwztclassid'];
}
//new
//科室分类
//
if (empty($olds['bwztdivisionid']) || $POST['bwztdivisionid'] != $olds['bwztdivisionid']) {
if (!empty($POST['bwztdivisionid']) && substr($POST['bwztdivisionid'], 0, 4) == 'new:') {
//分类名
$bwztdivisionname = shtmlspecialchars(trim(substr($POST['bwztdivisionid'], 4)));
$bwztdivisionname = getstr($bwztdivisionname, 0, 1, 1, 1);
if (empty($bwztdivisionname)) {
$bwztdivisionid = 0;
} else {
$bwztdivisionid = getcount('bwztdivision', array('bwztdivisionname' => $bwztdivisionname, 'uid' => $_SGLOBAL['supe_uid']), 'bwztdivisionid');
if (empty($bwztdivisionid)) {
$setarr = array('bwztdivisionname' => $bwztdivisionname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$bwztdivisionid = inserttable('bwztdivision', $setarr, 1);
}
}
} else {
$bwztdivisionid = intval($POST['bwztdivisionid']);
}
} else {
$bwztdivisionid = $olds['bwztdivisionid'];
}
//主表
$bwztarr = array('subject' => $POST['subject'], 'bwztclassid' => $bwztclassid, 'bwztdivisionid' => $bwztdivisionid, 'sex' => $POST['sex'], 'age' => $POST['age'], 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$bwztarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
$titlepic = $value['filepath'];
$bwztarr['picflag'] = $value['remote'] ? 2 : 1;
}
}
//记录图片数组
if ($uploads) {
$pics = array();
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$pics[] = array('picurl' => $picurl, 'title' => $value['title']);
}
$bwztarr['pics'] = json_encode($pics);
}
//没有填写任何东西
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
//添加slashes
$message = addslashes($message);
//从内容中读取图片
if (empty($titlepic)) {
$titlepic = getmessagepic($message);
$bwztarr['picflag'] = 0;
}
$bwztarr['pic'] = $titlepic;
//热度
if (checkperm('managebwzt')) {
$bwztarr['hot'] = intval($POST['hot']);
}
if ($olds['bwztid']) {
//更新
$bwztid = $olds['bwztid'];
updatetable('bwzt', $bwztarr, array('bwztid' => $bwztid));
$fuids = array();
$bwztarr['uid'] = $olds['uid'];
$bwztarr['username'] = $olds['username'];
} else {
//参与热闹
$bwztarr['topicid'] = topic_check($POST['topicid'], 'bwzt');
$bwztarr['uid'] = $_SGLOBAL['supe_uid'];
$bwztarr['username'] = $_SGLOBAL['supe_username'];
$bwztarr['dateline'] = empty($POST['dateline']) ? $_SGLOBAL['timestamp'] : $POST['dateline'];
$bwztid = inserttable('bwzt', $bwztarr, 1);
}
$bwztarr['bwztid'] = $bwztid;
//附表
$fieldarr = array('message' => $message, 'postip' => getonlineip(), 'target_ids' => $POST['target_ids']);
//TAG
$oldtagstr = addslashes(empty($olds['tag']) ? '' : implode(' ', unserialize($olds['tag'])));
$tagarr = array();
if ($POST['tag'] != $oldtagstr) {
if (!empty($olds['tag'])) {
//先把以前的给清理掉
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, bwztid FROM " . tname('tagbwzt') . " WHERE bwztid='{$bwztid}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if ($oldtags) {
$_SGLOBAL['db']->query("UPDATE " . tname('tag') . " SET bwztnum=bwztnum-1 WHERE tagid IN (" . simplode($oldtags) . ")");
$_SGLOBAL['db']->query("DELETE FROM " . tname('tagbwzt') . " WHERE bwztid='{$bwztid}'");
}
}
$tagarr = tag_batch($bwztid, $POST['tag']);
//更新附表中的tag
$fieldarr['tag'] = empty($tagarr) ? '' : addslashes(serialize($tagarr));
}
if ($olds) {
//更新
updatetable('bwztfield', $fieldarr, array('bwztid' => $bwztid));
} else {
$fieldarr['bwztid'] = $bwztid;
$fieldarr['uid'] = $bwztarr['uid'];
inserttable('bwztfield', $fieldarr);
}
//空间更新
if ($isself) {
if ($olds) {
//空间更新
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET updatetime='{$_SGLOBAL['timestamp']}' WHERE uid='{$_SGLOBAL['supe_uid']}'");
} else {
if (empty($space['bwztnum'])) {
$space['bwztnum'] = getcount('bwzt', array('uid' => $space['uid']));
$bwztnumsql = "bwztnum=" . $space['bwztnum'];
} else {
$bwztnumsql = 'bwztnum=bwztnum+1';
}
//积分
$reward = getreward('publishbwzt', 0);
$_SGLOBAL['db']->query("UPDATE " . tname('space') . " SET {$bwztnumsql}, lastpost='{$_SGLOBAL['timestamp']}', updatetime='{$_SGLOBAL['timestamp']}', credit=credit+{$reward['credit']}, experience=experience+{$reward['experience']} WHERE uid='{$_SGLOBAL['supe_uid']}'");
//统计
updatestat('bwzt');
}
}
//产生feed
if ($POST['makefeed']) {
include_once S_ROOT . './source/function_feed.php';
feed_publish($bwztid, 'bwztid', $olds ? 0 : 1);
}
//热闹
if (empty($olds) && $bwztarr['topicid']) {
topic_join($bwztarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}
//角色切换
if (!empty($__SGLOBAL)) {
$_SGLOBAL = $__SGLOBAL;
}
return $bwztarr;
}
