<?php
define('Memberpath', dirname(__FILE__) . '/');
require Memberpath . "../inc/common.inc.php";
@(include ROOT_PATH . "data/level.php");
@(include_once ROOT_PATH . "data/all_fid.php");
//全部栏目配置文件
@(include ROOT_PATH . "data/article_module.php");
if (!$webdb[web_open]) {
$webdb[close_why] = str_replace("\n", "<br>", $webdb[close_why]);
showerr("网站暂时关闭:{$webdb['close_why']}");
}
if ($id || $aid) {
if (strlen($aid ? $aid : $id) > 8 && !in_array($erp = get_id_table($aid ? $aid : $id), $Fid_db[iftable])) {
unset($erp);
}
}
$id = intval($id);
$aid = intval($aid);
$tid = intval($tid);
/**
*允许哪些IP访问
**/
$IS_BIZ && Limt_IP('AllowVisitIp');
$payType = filtrate($payType);
$address = filtrate($address);
$otherSay = filtrate($otherSay);
$array = explode(",", $buyid);
unset($orderid);
$totalmoney = 0;
$shopmoney = 0;
foreach ($array as $key => $value) {
if (!is_numeric($value)) {
continue;
}
if (!$orderid) {
$db->query("INSERT INTO `{$pre}shoporderuser` (`uid` , `username` , `truename` , `sex` , `telphone` , `mobphone` , `email` , `oicq` , `postalcode` , `sendtype` , `paytype` , `olpaytype` , `address` , `othersay` , `posttime` ) \n\t\t\t\tVALUES \n\t\t\t('{$lfjuid}','{$lfjid}','{$buyer}','{$sex}','{$telphone}','{$mobphone}','{$email}','{$oicq}','{$postalcode}','{$sendType}','{$payType}','{$olpaytype}','{$address}','{$otherSay}','{$timestamp}')");
@extract($db->get_one("SELECT id AS orderid FROM `{$pre}shoporderuser` ORDER BY id DESC LIMIT 1"));
}
$erp = get_id_table($value);
$rs = $db->get_one("SELECT * FROM {$pre}article{$erp} WHERE aid={$value} ");
if ($rs[mid]) {
$rss = $db->get_one("SELECT * FROM {$pre}article_content_{$rs[mid]} WHERE aid='{$value}' ");
if ($rss) {
$rs += $rss;
if ($rss[shopnum] > 0) {
$db->query("UPDATE `{$pre}article_content_{$rs[mid]}` SET `shopnum`=`shopnum`-1 WHERE aid='{$value}'");
}
//奖励购买者积分
$shopmoney += $rss[shopmoney];
}
}
if ($buydb[$value]) {
$_rs = $db->get_one("SELECT pid FROM {$pre}shoporderproduct WHERE `shopid`={$value} ORDER BY pid DESC LIMIT 1");
$db->query("UPDATE `{$pre}shoporderproduct` SET `amount`=`amount`+1 WHERE pid='{$_rs['pid']}'");
<?php
require_once "global.php";
if (!$id) {
$id = $aid;
} elseif (!$aid) {
$aid = $id;
}
$erp = get_id_table($id);
$rsdb = $db->get_one("SELECT A.*,S.* FROM {$pre}article{$erp} A LEFT JOIN {$pre}sort S ON A.fid=S.fid WHERE A.aid='{$id}'");
$fid = $rsdb[fid];
if (!$rsdb) {
die("地址有误,请检查之");
}
get_guide($fid);
//栏目导航
$GuideFid[$fid] = str_replace("'list.php?", "'{$webdb['www_url']}{$webdb['path']}/list.php?", $GuideFid[$fid]);
require ROOT_PATH . "inc/head.php";
require html("comment");
require ROOT_PATH . "inc/foot.php";
$rs[com] = "<A HREF='index.php?lfj=comment&action=list&jobs=com&ciddb[{$rs[cid]}]={$rs['cid']}' title='非精华,点击可推荐为精华'><img src='../member/images/nogood_ico.gif'></A>";
}
$listdb[] = $rs;
}
require dirname(__FILE__) . "/" . "head.php";
//require(dirname(__FILE__)."/"."template/comment/menu.htm");
require dirname(__FILE__) . "/" . "template/comment/list.htm";
require dirname(__FILE__) . "/" . "foot.php";
} elseif ($action == "list" && $Apower[comment_list]) {
if (!$ciddb) {
showmsg("请选择一条评论");
}
if ($jobs == "delete") {
foreach ($ciddb as $key => $rs) {
$rs = $db->get_one("SELECT aid FROM {$pre}comment WHERE cid='{$key}' ");
$erp = get_id_table($rs[aid]);
$db->query(" UPDATE {$pre}article{$erp} SET comments=comments-1 WHERE aid='{$rs['aid']}' ");
$db->query("DELETE FROM {$pre}comment WHERE cid='{$key}' ");
$ck++;
}
} elseif ($jobs == "yz" || $jobs == "unyz") {
if ($jobs == "yz") {
$yz = 1;
} else {
$yz = 0;
}
foreach ($ciddb as $key => $rs) {
$db->query(" UPDATE {$pre}comment SET yz='{$yz}' WHERE cid='{$key}' ");
$ck++;
}
} elseif ($jobs == "com" || $jobs == "uncom") {
$uid = isset($rsdb[uid]) ? $rsdb[uid] : $lfjuid;
if ($job == 'endHTML') {
$htmlurldb = get_html_url();
//首页生成静态
@unlink(ROOT_PATH . "index.htm.bak");
rename(ROOT_PATH . "index.htm", ROOT_PATH . "index.htm.bak");
refreshto("myarticle.php?job=myarticle&mid={$mid}&only={$only}", "<CENTER>[<A HREF='?job=postnew&fid={$fid}&mid={$mid}&only={$only}'>发表新主题</A>] [<A HREF='?job=post_more&aid={$aid}&mid={$mid}&only={$only}'>续发本主题</A>] [<A HREF='myarticle.php?job=myarticle&fid={$fid}&mid={$mid}&only={$only}'>返回文章列表</A>] [<A HREF='{$htmlurldb[showurl]}' target=_blank>查看文章</A>] [<A HREF='?job=manage&aid={$aid}&mid={$mid}&only={$only}'>修改文章</A>]</CENTER><div style='display:none;'><iframe src='{$webdb['www_url']}/do/job.php?job=article_html&fid={$fid}&aid={$aid}' width=0 height=0></iframe></div>", 60);
} elseif ($job == 'manage') {
if (!$atc_power) {
showerr("你没权限");
}
if ($rsdb[pages] < 2) {
header("location:post.php?job=edit&aid={$aid}&mid={$mid}&only={$only}");
exit;
}
$erp = get_id_table($aid);
if ($step == 2) {
asort($orderDB);
$i = 0;
foreach ($orderDB as $key => $value) {
$i++;
$db->query("UPDATE {$pre}reply{$erp} SET orderid={$i} WHERE aid='{$aid}' AND rid='{$key}'");
}
refreshto("{$FROMURL}", "排序成功", 1);
}
if ($rsdb[pages] > 1) {
$MSG = "修改内容";
$i = 0;
$query = $db->query("SELECT * FROM {$pre}reply{$erp} WHERE aid='{$aid}' ORDER BY topic DESC,orderid ASC");
while ($rs = $db->fetch_array($query)) {
if (!$rs[subhead]) {
/**
*文章检查
**/
function check_article(&$rsdb)
{
global $fidDB, $timestamp, $web_admin, $groupdb, $timestamp, $lfjid, $lfjuid, $fid, $id, $aid, $buy, $lfjdb, $webdb, $pre, $db;
if (!$rsdb) {
showerr("文章不存在");
}
//if( $fidDB[allowviewcontent]&&!in_array($fidDB[M_keyword],array('mv','download')) )
if ($fidDB[allowviewcontent]) {
if (!$web_admin && !in_array($groupdb[gid], explode(",", $fidDB[allowviewcontent]))) {
showerr("你所在用户组不允许浏览文章内容");
}
}
//if( $rsdb[allowview]&&!in_array($fidDB[M_keyword],array('mv','download')) )
if ($rsdb[allowview]) {
if (!$web_admin && !in_array($groupdb[gid], explode(",", $rsdb[allowview]))) {
showerr("本文,你所在用户组不允许浏览文章内容");
}
}
//设置了开始浏览日期限制
if ($rsdb[begintime] && $timestamp < $rsdb[begintime]) {
$rsdb[begintime] = date("Y-m-d H:i:s", $rsdb[begintime]);
if ($web_admin) {
Remind_msg("本文只有到了“{$rsdb[begintime]}”那个时间才可以查看,因为你是管理员,所以可以查看,其他人是不能查看的");
} else {
showerr("<font color='red' ><u>很抱歉,发布者设置了本文内容只有到了“{$rsdb[begintime]}”那个时间才可以查看</u></font>");
}
}
//设置了失效浏览日期限制
if ($rsdb[endtime] && $timestamp > $rsdb[endtime]) {
$rsdb[endtime] = date("Y-m-d H:i:s", $rsdb[endtime]);
if ($web_admin) {
Remind_msg("本文内容最后查看期限是“{$rsdb[endtime]}”,因为你是管理员,所以可以查看,其他人是不能查看的");
} else {
showerr("<font color='red' ><u>很抱歉,发布者设置了本文内容最后查看期限是“{$rsdb[endtime]}”,现在已超过了这个期限,所以不能查看</u></font>");
}
}
if ($rsdb[yz] == 2) {
if ($web_admin) {
Remind_msg("回收站的内容不可以查看,因为你是管理员,所以可以查看,其他人是不能查看的");
} else {
showerr("回收站的内容你不可以查看");
}
}
//未审核
if ($rsdb[yz] == 0 && (!$lfjid || $lfjuid != $rsdb[uid])) {
if ($web_admin) {
Remind_msg("本文还没通过验证,因为你是管理员,所以可以查看,其他人是不能查看的");
} else {
showerr("<font color='red' ><u>很抱歉,本文还没通过验证,你不能查看</u></font>");
}
}
//定时发布
if ($rsdb[yz] == 3 && $rsdb[begintime] > $timestamp) {
if ($web_admin) {
Remind_msg("本文为定时发布,时间没到,不能查看,因为你是管理员,所以可以查看,其他人是不能查看的");
} elseif ($lfjuid && $lfjuid == $rsdb[uid]) {
Remind_msg("本文为定时发布,时间没到,不能查看,因为你是作者,所以可以查看,其他人是不能查看的");
} else {
showerr("<font color='red' ><u>本文为定时发布,时间没到,不能查看</u></font>");
}
} elseif ($rsdb[yz] == 3) {
corntab_post('DE', $rsdb[aid]);
//处理发布
}
//跳转到外面
if ($rsdb[jumpurl]) {
echo "页面正在跳转中,请稍候...<META HTTP-EQUIV=REFRESH CONTENT='0;URL={$rsdb['jumpurl']}'>";
exit;
}
//文章密码
if ($rsdb[passwd]) {
if ($web_admin) {
Remind_msg("本文设置了密码,因为你是管理员,所以可以查看,其他人是不能查看的");
} else {
if ($_POST[password] && $_POST[TYPE] == 'article') {
if ($_POST[password] != $rsdb[passwd]) {
echo "<A HREF=\"bencandy.php?fid={$fid}&NeedCheck=1&aid={$aid}\">密码不正确,点击返回</A>";
exit;
} else {
setcookie("article_passwd_{$id}", $rsdb[passwd]);
$_COOKIE["article_passwd_{$id}"] = $rsdb[passwd];
}
}
if ($_COOKIE["article_passwd_{$id}"] != $rsdb[passwd]) {
echo "<CENTER><form name=\"form1\" method=\"post\" action=\"\">请输入文章密码:<input type=\"password\" name=\"password\"><input type=\"hidden\" name=\"TYPE\" value=\"article\"><input type=\"hidden\" name=\"NeedCheck\" value=\"1\"><input type=\"submit\" name=\"Submit\" value=\"提交\"></form></CENTER>";
exit;
}
}
}
//栏目密码
if ($makehtml != 2 && $fidDB[passwd]) {
if ($web_admin) {
Remind_msg("本栏目设置了密码,因为你是管理员,所以可以查看,其他人是不能查看的");
} else {
if ($_POST[password] && $_POST[TYPE] == 'sort') {
if ($_POST[password] != $fidDB[passwd]) {
echo "<A HREF=\"?fid={$fid}&aid={$aid}\">密码不正确,点击返回</A>";
exit;
} else {
setcookie("sort_passwd_{$fid}", $fidDB[passwd]);
$_COOKIE["sort_passwd_{$fid}"] = $fidDB[passwd];
}
}
if ($_COOKIE["sort_passwd_{$fid}"] != $fidDB[passwd]) {
echo "<CENTER><form name=\"form1\" method=\"post\" action=\"\">请输入栏目密码:<input type=\"password\" name=\"password\"><input type=\"hidden\" name=\"TYPE\" value=\"sort\"><input type=\"hidden\" name=\"NeedCheck\" value=\"1\"><input type=\"submit\" name=\"Submit\" value=\"提交\"></form></CENTER>";
exit;
}
}
}
//积分处理
//if( ($rsdb[money]=abs($rsdb[money]))&&!in_array($fidDB[M_keyword],array('mv','download')) ){
if ($rsdb[money] = abs($rsdb[money])) {
if ($webdb[view_sell_article]) {
$content = preg_replace('/<([^<]*)>/is', "", $rsdb[content]);
$num = floor(strlen($content) / 3);
//$content = substr($content,0,$num);
$content = mb_substr($content, 0, $num, 'gb2312');
}
if (!$lfjuid) {
if ($webdb[view_sell_article]) {
$rsdb[content] = "{$content}<div style='border:1px solid red;padding:10px;background:eee;'>请先登录,需要支付{$rsdb[money]}{$webdb[MoneyName]}才能查看全部内容</div>";
//$rsdb[content] = substr($content,0,-7);
} else {
showerr("请先登录,需要支付{$rsdb[money]}{$webdb[MoneyName]}才能查看");
}
} elseif ($web_admin) {
Remind_msg("本文设置了收费,因为你是管理员,所以可以查看,其他人是不能查看的");
} elseif ($lfjuid == $rsdb[uid]) {
Remind_msg("本文设置了收费,因为你是发布者,所以可以查看,其他人是不能查看的");
} elseif (!strstr($rsdb[buyuser], ",{$lfjid},")) {
$lfjdb[money] = get_money($lfjuid);
if ($lfjdb[money] < $rsdb[money]) {
if ($webdb[view_sell_article]) {
$rsdb[content] = "{$content}<div style='border:1px solid red;padding:10px;background:eee;'>你的{$webdb[MoneyName]}不足{$rsdb['money']},不能查看全部内容</div>";
} else {
showerr("你的{$webdb[MoneyName]}不足{$rsdb['money']}");
}
} elseif ($buy == 1) {
add_user($lfjuid, "-{$rsdb['money']}", '查看文章内容扣分');
add_user($rsdb[uid], "{$rsdb['money']}", '文章被浏览奖分');
$rsdb[buyuser] = $rsdb[buyuser] ? ",{$lfjid}{$rsdb[buyuser]}" : ",{$lfjid},";
$erp = get_id_table($id);
$db->query("UPDATE {$pre}article{$erp} SET buyuser='******'buyuser']}' WHERE aid={$id}");
refreshto("bencandy.php?fid={$fid}&NeedCheck=1&id={$id}", "购买成功,你刚刚消耗了{$webdb[MoneyName]}{$rsdb[money]}{$webdb[MoneyDW]}", 3);
} else {
if ($webdb[view_sell_article]) {
$rsdb[content] = "{$content}<div style='border:1px solid red;padding:10px;background:eee;'>你需要消耗{$webdb[MoneyName]}{$rsdb[money]}{$webdb[MoneyDW]}才有权限查看全部内容,是否继续<br><br>[<A HREF='bencandy.php?fid={$fid}&buy=1&NeedCheck=1&id={$id}'>我要继续</A>]</div>";
} else {
showerr("你需要消耗{$webdb[MoneyName]}{$rsdb[money]}{$webdb[MoneyDW]}才有权限查看,是否继续<br><br>[<A HREF='bencandy.php?fid={$fid}&buy=1&NeedCheck=1&id={$id}'>我要继续</A>]");
}
}
}
}
}
/**
*真静态功能函数
**/
function make_html_Function($fid, $id, $page = 1, $P = '', $linkcode = '')
{
global $webdb, $Html_Type, $showHtml_Type, $WEBURL, $db, $pre;
$linkcode = stripslashes($linkcode);
if ($id) {
if ($showHtml_Type[bencandy][$id]) {
$filename = $showHtml_Type[bencandy][$id];
} elseif ($Html_Type['bencandy'][$fid]) {
$filename = $Html_Type['bencandy'][$fid];
} else {
$filename = $webdb[bencandy_filename];
}
//对于内容页的首页把$page去除
if ($page == 1) {
$filename = preg_replace("/(.*)(-{\\\$page}|_{\\\$page})(.*)/is", "\\1\\3", $filename);
}
$dirid = floor($id / 1000);
//对于内容页的栏目小于1000篇文章时,把DIR分目录去除
if ($dirid == 0) {
$filename = preg_replace("/(.*)(-{\\\$dirid}|_{\\\$dirid})(.*)/is", "\\1\\3", $filename);
}
if (strstr($filename, '$time_')) {
$erp = get_id_table($id);
$rs = $db->get_one("SELECT posttime FROM {$pre}article{$erp} WHERE aid='{$id}'");
$time_Y = date("Y", $rs[posttime]);
$time_y = date("y", $rs[posttime]);
$time_m = date("m", $rs[posttime]);
$time_d = date("d", $rs[posttime]);
$time_W = date("W", $rs[posttime]);
$time_H = date("H", $rs[posttime]);
$time_i = date("i", $rs[posttime]);
$time_s = date("s", $rs[posttime]);
}
} else {
if ($Html_Type['list'][$fid]) {
$filename = $Html_Type['list'][$fid];
} else {
$filename = $webdb[list_filename];
}
if ($page == 1) {
$filename = preg_replace("/(.*)\\/([^\\/]+)/is", "\\1/", $filename);
}
}
/*
if($P&&$P!='/'&&$P!="$webdb[www_url]/"){
if($id){
return "{$P}bencandy.php?fid=$fid&id=$id";
}else{
return "{$P}list.php?fid=$fid";
}
}
*/
//$dirid=floor($id/1000);
eval("\$filename=\"{$filename}\";");
//自定义了栏目域名
if ($Html_Type[domain][$fid] && $Html_Type[domain_dir][$fid]) {
$rule = str_replace("/", "\\/", $Html_Type[domain_dir][$fid]);
$filename = preg_replace("/^{$rule}/is", "{$Html_Type[domain][$fid]}/", $filename);
//特别处理一下些自定义内容页文件名的情况.
if (!eregi("^http:\\/\\/", $filename)) {
$filename = "{$webdb['www_url']}/{$filename}";
}
return "{$linkcode}{$filename}";
} else {
//使用绝对地址,避免在二级目录以下URL出错
if (!$P || $P == './') {
if ($webdb[www_url] == '/.') {
$P = "/";
} else {
$P = "{$webdb['www_url']}/";
}
}
return "{$linkcode}{$P}{$filename}";
}
}
function get_one_article($id)
{
global $db, $pre;
$erp = get_id_table($id);
$rs = $db->get_one("SELECT * FROM {$pre}article{$erp} WHERE aid='{$id}'");
return $rs;
}
if ($rs[yz] == 1) {
$rs[yz] = "<A HREF='{$admin_path}&action=list&jobs=unyz&ciddb[{$rs[cid]}]={$rs['cid']}' style='color:blue;'>ÒÑÉóºË</A>";
} elseif ($rs[yz] == 0) {
$rs[yz] = "<A HREF='{$admin_path}&action=list&jobs=yz&ciddb[{$rs[cid]}]={$rs['cid']}' style='color:red;'>δÉóºË</A>";
}
$listdb[] = $rs;
}
get_admin_html('list');
} elseif ($action == "list") {
if (!$ciddb) {
showerr("ÇëÑ¡ÔñÒ»ÌõÆÀÂÛ");
}
if ($jobs == "delete") {
foreach ($ciddb as $key => $rs) {
$rs = $db->get_one("SELECT id FROM {$_pre}comments WHERE cid='{$key}' ");
$_erp = get_id_table($rs[id]);
$db->query(" UPDATE {$_pre}content{$_erp} SET comments=comments-1 WHERE id='{$rs['id']}' ");
$db->query("DELETE FROM {$_pre}comments WHERE cid='{$key}' ");
$ck++;
}
} elseif ($jobs == "yz" || $jobs == "unyz") {
if ($jobs == "yz") {
$yz = 1;
} else {
$yz = 0;
}
foreach ($ciddb as $key => $rs) {
$db->query(" UPDATE {$_pre}comments SET yz='{$yz}' WHERE cid='{$key}' ");
$ck++;
}
} elseif ($jobs == "good" || $jobs == "ungood") {
