function pkpost($cacheinfo, $cp = 1) { global $_G, $_SGLOBAL, $theurl, $mname, $checkresults; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $mustverify = false; $resultitems = $resultmessage = $updateitem = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($mname == "groupbuy" && preg_match('/^user_|^ext_/', $result['fieldname'])) { continue; } if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_G['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //輸入檢查 $_POST['subject'] = trim(strip_tags($_POST['subject'])); $itemid = $_POST['itemid']; $checkresults = array(); if (bstrlen($_POST['subject']) < 1 || bstrlen($_POST['subject']) > 80) { array_push($checkresults, array('subject' => lang('space_suject_length_error'))); } //數據檢查 checkvalues(array_merge($resultitems, $resultmessage), 1, 1); //商品價格處理 Start if ($modelsinfoarr['modelname'] == 'good') { if ($_POST['minprice'] > 0 && $_POST['maxprice'] > 0 && $_POST['maxprice'] < $_POST['minprice']) { array_push($checkresults, array('maxprice' => lang('maxprice_must_big_then_minprice'))); } } //商品價格處理 End //修改時檢驗標題圖片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //當file刪除時,或修改時執行刪除操作 $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); $hash = getmodelhash($modelsinfoarr['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //構建數據 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $itemgrade = DB::result_first("SELECT grade FROM " . tname($mname . "items") . " WHERE itemid = '{$itemid}'"); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['subjectimage'] = $_POST['subjectimage_value']; } if (empty($_POST['catid']) || $_POST['catid'] < 0) { array_push($checkresults, array('catid' => lang('cat_not_selected'))); } $setsqlarr['catid'] = $_POST['catid']; if ($modelsinfoarr['modelname'] != 'shop') { //限制必填信息所屬店舖 if (pkperm('isadmin')) { if (empty($_POST['shopid'])) { array_push($checkresults, array('shopid' => lang('please_select_shopid'))); } $setsqlarr['shopid'] = intval($_POST['shopid']); } else { $setsqlarr['shopid'] = $_G['myshopid']; } } else { $setsqlarr['letter'] = !empty($_POST['letter']) ? trim($_POST['letter']) : getletter(trim($_POST['subject'])); $setsqlarr['keywords'] = trim(strip_tags($_POST['keywords'])); $setsqlarr['description'] = trim(strip_tags($_POST['description'])); if (!empty($_POST['syncfid'])) { require_once B_ROOT . './api/bbs_syncpost.php'; if (checkbbsfid($_POST['syncfid'])) { $setsqlarr['syncfid'] = intval($_POST['syncfid']); } else { array_push($checkresults, array('syncfid' => lang('syncfid_noexists'))); } } } $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = 1; if (!empty($checkresults)) { cpmsg('addobject_error', '', '', '', true, true, $checkresults); } if (pkperm('isadmin')) { $setsqlarr['grade'] = isset($_POST['grade']) ? $_POST['grade'] : 3; } elseif ($_G['myshopstatus'] == 'verified') { if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy')) && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['grade'] = !empty($itemid) ? 5 : 0; if (!empty($itemid)) { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } } $mustverify = true; } else { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } else { $setsqlarr['grade'] = $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] ? 0 : 3; } } } elseif ($_G['myshopstatus'] == 'unverified') { $setsqlarr['grade'] = 0; } $setsqlarr['dateline'] = $_G['timestamp']; $setsqlarr['uid'] = $_G['uid']; $setsqlarr['username'] = $_G['username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; // 標題圖片處理 Start if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { if ($_GET['action'] == 'add') { $hotline = $_SGLOBAL['panelinfo']['tel']; $address = $_SGLOBAL['panelinfo']['address']; } else { $shopinfo = DB::fetch(DB::query("SELECT tel, address FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'")); $hotline = $shopinfo['tel']; $address = $shopinfo['address']; } $dealer_name = DB::result_first("SELECT subject FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'"); $createimgarr = array('id' => intval($_POST['imgtplid']), 'mid' => intval($modelsinfoarr['mid']), 'itemid' => intval($itemid), 'coupon_title' => $setsqlarr['subject'], 'dealer_id' => $setsqlarr['uid'], 'dealer_name' => $dealer_name, 'begin_date' => date('Y-m-d', $setsqlarr['validity_start']), 'end_date' => date('Y-m-d', $setsqlarr['validity_end']), 'brief' => trim($_POST['message']), 'exception' => trim($_POST['exception']), 'address' => $address, 'hotline' => $hotline, 'subjectimagewidth' => $modelsinfoarr['subjectimagewidth'], 'subjectimageheight' => $modelsinfoarr['subjectimageheight']); require_once B_ROOT . './source/adminfunc/tool.func.php'; if ($consumeimgpath = image_text($createimgarr)) { $setsqlarr['subjectimage'] = $consumeimgpath; $setsqlarr['imagetype'] = 0; $setsqlarr['imgtplid'] = intval($_POST['imgtplid']); } } else { $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => '圖片標題', 'formtype' => 'img')), $modelsinfoarr['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['imagetype'] = 1; } } /* --------- 標題圖片處理 End --------------*/ //詞語過濾 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //發佈時間 $setsqlarr['dateline'] = $_G['timestamp']; // 商品添加簡介 if ($mname == "good") { $setsqlarr['intro'] = trim(strip_tags($_POST['intro'])); } if (empty($itemid)) { //插入數據 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy'))) { itemnumreset($modelsinfoarr['modelname'], $setsqlarr['shopid']); } } else { $_SGLOBAL['itemupdate'] = 1; //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); if ($itemgrade == 1 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 1 && pkperm('isadmin')) { $setsqlarr['grade'] = 1; } elseif ($itemgrade == 0 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 0 && pkperm('isadmin')) { $setsqlarr['grade'] = 0; } if (pkperm('isadmin')) { //站長可以post任何數據 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); //權限限制 } else { // 店長不允許更改店舖組 unset($setsqlarr['groupid']); if ($modelsinfoarr['modelname'] == 'shop') { unset($setsqlarr['validity_start']); unset($setsqlarr['validity_end']); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長提交店舖權限檢查 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $_G['myshopid'])); } } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長只能更改管理的店舖的信息 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid, 'shopid' => $_G['myshopid'])); } } } $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); } $hash = getmodelhash($modelsinfoarr['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); DB::query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; if ($op == 'update' && !$_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //當file刪除時,或修改時執行刪除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('itemid' => $itemid)); @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']] . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //內容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $modelsinfoarr['modelname'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['message'] = saddslashes(html2bbcode(stripslashes($setsqlarr['message']))); if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['exception'] = trim($_POST['exception']); } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { $setsqlarr['address'] = trim($_POST['address']); $setsqlarr['hotline'] = trim($_POST['hotline']); } $setsqlarr['postip'] = $_G['clientip']; if ($modelsinfoarr['modelname'] == 'shop' && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['banner'] = $_POST['banner_value']; $setsqlarr['windowsimg'] = $_POST['windowsimg_value']; } if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加內容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加內容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] && !pkperm('isadmin')) { $_SGLOBAL['updatesqlarr'] = array_merge($updatesqlarr, $setsqlarr); } else { //更新內容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); return $itemid; }
* [品牌空間] (C)2001-2010 Comsenz Inc. * This is NOT a freeware, use is subject to license terms * * $Id: add_album.inc.php 4442 2010-09-14 09:43:34Z yumiao $ */ if (!defined('IN_ADMIN') && !defined('IN_STORE')) { exit('Acess Denied'); } if (empty($_SGLOBAL['panelinfo']['enablealbum'])) { cpmsg('no_perm'); } require_once B_ROOT . './source/adminfunc/album.func.php'; if (!empty($_POST['valuesubmit'])) { $albumid = createalbum($shopid, $_POST['catid'], $_G['uid'], $_G['username'], $_POST['album']['subject'], $_POST['album']['description']); if ($albumid > 0) { itemnumreset('album', $shopid); $_BCACHE->deltype('sitelist', 'album'); $_BCACHE->deltype('storelist', 'album', $shopid); $_BCACHE->deltype('storelist', 'photo', $shopid, $albumid); cpmsg('message_success', $BASESCRIPT . '?action=add&m=photo&albumid=' . $albumid); } } //添加或更改的頁面 shownav('infomanage', 'nav_album_add', $_SGLOBAL['panelinfo']['subject']); showformheader('add&m=album'); showtableheader(''); showsetting('album_subject', 'album[subject]', '', 'text'); showsetting('album_description', 'album[description]', '', 'textarea'); $mycats = mymodelcategory('album'); $please_select = '<select name="album[catid]" id="album_catid" style="width:140px;"><option value="0" selected="selected">' . lang('please_select') . '</option>'; foreach ($mycats as $value) {
} $setsqlarr = array('linkid' => $linkid, 'displayorder' => $displayorder, 'name' => trim($_POST['name']), 'url' => trim($_POST['url']), 'shopid' => $_SGLOBAL['panelinfo']['itemid']); inserttable('brandlinks', $setsqlarr, '', 1); if (empty($linkid)) { itemnumreset('brandlinks', $setsqlarr['shopid']); } $_BCACHE->deltype('storelist', 'brandlinks', $_G['myshopid']); cpmsg('addbrandlinks_success', $BASESCRIPT . '?action=brandlinks', 'succeed'); } if (submitcheck('deletesubmit')) { if (trim($_POST['operation']) == 'delete') { if (!empty($_POST['link'])) { $linkid = implode(',', $_POST['link']); $subnum = DB::result_first("SELECT count(*) FROM " . tname("brandlinks") . " WHERE linkid IN ({$linkid}) and shopid = '{$_G['myshopid']}'"); DB::query("DELETE FROM " . tname('brandlinks') . " WHERE linkid IN ({$linkid}) and shopid = '{$_G['myshopid']}'"); itemnumreset('brandlinks', $_SGLOBAL['panelinfo']['itemid'], $do = 'sub', $subnum); } else { cpmsg('notselect_item', '', 'error', '', true, true); } } elseif (trim($_POST['operation']) == 'display') { foreach ($_POST['display'] as $key => $value) { $key = intval($key); $value = intval($value); if ($key > 0 && $value > -1) { DB::query('UPDATE ' . tname('brandlinks') . ' SET displayorder=\'' . $value . '\' WHERE linkid=\'' . $key . '\';'); } } $_BCACHE->deltype('storelist', 'brandlinks', $_G['myshopid']); } cpmsg('message_success', $BASESCRIPT . '?action=brandlinks'); }
if (trim($_POST['operation']) == 'delete') { if (!empty($_POST['link'])) { $linkid = implode(',', $_POST['link']); foreach ($_POST['item_shopid'] as $pitemid => $pshopid) { if (in_array($pitemid, $_POST['link'])) { if (!empty($shopids[$pshopid])) { $shopids[$pshopid]++; } else { $shopids[$pshopid] = 1; } } } $subnum = 0; foreach ($shopids as $ushopid => $uitemnum) { $subnum = DB::result_first("SELECT count(*) FROM " . tname("brandlinks") . " WHERE linkid IN ({$linkid}) and shopid = '{$ushopid}'"); itemnumreset('brandlinks', $ushopid, $do = 'sub', $subnum); $subnum = 0; } DB::query("DELETE FROM " . tname('brandlinks') . " WHERE linkid IN ({$linkid})"); } else { cpmsg('notselect_item', '', 'error', '', true, true); } } elseif (trim($_POST['operation']) == 'display') { foreach ($_POST['display'] as $key => $value) { $key = intval($key); $value = intval($value); if ($key > 0 && $value > -1) { DB::query('UPDATE ' . tname('brandlinks') . ' SET displayorder=\'' . $value . '\' WHERE linkid=\'' . $key . '\';'); } } $_BCACHE->deltype('storelist', 'brandlinks', $_POST['shopid']);
if (empty($_POST['confirmed'])) { $extra_input = ''; foreach ($_POST['item'] as $value) { $extra_input .= '<input type="hidden" name="item[]" value="' . $value . '" />'; } $extra_input .= '<input type="hidden" name="operation" value="delete" /><input type="hidden" name="opdelete" value="' . $_POST['opdelete'] . '" />'; cpmsg('mod_delete_confirm', $BASESCRIPT . '?action=batchmod&m=' . $mname, 'form', $extra_input); //二次確認 } else { if (in_array($mname, array('good', 'notice', 'consume', 'groupbuy'))) { $subnum = DB::result_first("SELECT count(*) FROM " . tname($mname . "items") . " i INNER JOIN " . tname($mname . 'message') . " m ON i.itemid=m.itemid WHERE i.itemid IN ({$items}) and i.shopid = '{$_G['myshopid']}'"); } elseif ($mname == 'album') { $subnum = DB::result_first("SELECT count(*) FROM " . tname($mname . "items") . " WHERE itemid IN ({$items}) and shopid = '{$_G['myshopid']}' and frombbs = 0"); } if (in_array($mname, array('good', 'notice', 'consume', 'groupbuy', 'album'))) { itemnumreset($mname, $_G['myshopid'], $do = 'sub', $subnum); } delmitems($wheresql, $mname); $opsql = $wheresql = ''; cpmsg('message_success', $cookie_referer); } break; case 'update_album_info': update_album_info($_POST['subject'], $mname, $wheresql); break; case 'album_movecat': album_movecat_panel($wheresql); break; case 'setalbumimg': setalbumimg(); break;