function king_def()
{
global $king;
$kid = kc_get('kid', 2, 1);
$listid = kc_get('listid', 2, 1);
$modelid = kc_get('modelid', 2, 1);
$pid = isset($_GET['pid']) ? kc_get('pid', 2, 1) : 1;
$rn = isset($_GET['rn']) ? kc_get('rn', 2, 1) : 20;
if ($rn > 100) {
$rn = 100;
}
$king->Load('portal');
$model = $king->portal->infoModel($modelid);
$id = $king->portal->infoID($listid, $kid);
$tmp = new KC_Template_class($model['ktemplatecomment'], $king->config('templatepath') . '/inside/comment/' . strtolower($model['modeltable']) . '.htm');
$tmp->assign('title', $id['ktitle'] . ' ' . $king->lang->get('portal/common/comment'));
$tmp->assign('pid', $pid);
$tmp->assign('rn', $rn);
$tmp->assign('modelid', $modelid);
//传递模型id
$tmp->assign('listid', $listid);
//传递列表id
$tmp->assign('kid', $kid);
//传递文章id
$tmp->assign('comment', $id['ncomment']);
//评论统计
echo $tmp->output();
}
/**
添加/编辑碎片
*/
function king_def()
{
global $king;
$sql = "ktitle,kname,kemail,kqq,kphone,kcontent";
$s = $king->openForm($king->lang->get('feedback/name'), '', 'feedback_add');
$s .= $king->htmForm($king->lang->get('feedback/label/title'), kc_htm_input('ktitle', '', 50, 400) . '*');
$s .= $king->htmForm($king->lang->get('feedback/label/name'), kc_htm_input('kname', '', 30, 400) . '*');
$s .= $king->htmForm($king->lang->get('feedback/label/email'), kc_htm_input('kemail', '', 100, 400) . '*');
$s .= $king->htmForm($king->lang->get('feedback/label/qq'), kc_htm_input('kqq', '', 30, 400));
$s .= $king->htmForm($king->lang->get('feedback/label/phone'), kc_htm_input('kphone', '', 20, 400));
$s .= $king->htmForm($king->lang->get('feedback/label/content'), kc_htm_textarea('kcontent') . '*');
$s .= $king->htmForm(null, kc_htm_button($king->lang->get('system/common/add'), "\$.kc_ajax({CMD:'add',FORM:'feedback_add'});", 1));
$s .= $king->closeForm('none');
$tmp = new KC_Template_class($king->config('templatepath') . '/default.htm', $king->config('templatepath') . '/inside/feedback/default.htm');
$tmp->assign('content', $s);
$tmp->assign('title', $king->lang->get('feedback/name'));
$tmp->assign('type', 'add');
echo $tmp->output();
}
/**
POST过来的参数有 ass、kname、tags、sign
MD5(ass=[ass]&kname=[kname]&tags=[tags]{info['sign']}) == sign 当一致的时候,验证通过
*/
function king_def()
{
global $king;
$ass = kc_post('ass');
//isset($_POST['ass']) ? : '';
$kname = kc_post('kname');
$tags = kc_post('tags');
$sign = kc_post('sign');
$tmp = new KC_Template_class();
if ($info = $tmp->infoConn($kname)) {
$postsign = md5("ass={$ass}&kname={$kname}&tags={$tags}{$info['ksign']}");
if ($postsign == $sign) {
//验证通过
$assign = unserialize(base64_decode($_POST['ass']));
foreach ($assign as $key => $val) {
$tmp->assign($key, $val);
}
exit($tmp->output($tags));
}
}
exit('<!-- ' . $king->lang->get('system/error/conn') . ' -->');
}
function king_def()
{
global $king;
$array = array('version', 'cmdno', 'retcode', 'status', 'seller', 'total_fee', 'trade_price', 'transport_fee', 'buyer_id', 'chnid', 'cft_tid', 'mch_vno', 'attach');
$buffer = '';
foreach ($array as $val) {
if (isset($_GET[$val])) {
$buffer .= $val . '=' . $_GET[$val] . '&';
//$ret[$val]=$val.'='.$_GET[];
}
}
$md5_sign = strtoupper(md5($buffer . 'key=' . $king->config('tenpaykey', 'portal')));
if ($md5_sign = $_GET['sign']) {
$oid = kc_get('attach', 2, 1);
//attach来传递oid参数
$tmp = new KC_Template_class($king->config('templateorders'), $king->config('templatepath') . '/inside/user/orders_show.htm');
$tmp->assign('oid', $oid);
$tmp->assign('title', $king->lang->get('portal/title/buyok'));
echo $tmp->output();
} else {
kc_error($king->lang->get('portal/error/payment'));
}
}
/**
分页列表的设置
@param string $_url : 分页连接代码,格式如:index.php?pid=%d&rn=%d,注意的是pid必须在rn的前面
@param int $_per : record总数
@param int $_pid : 当前页
@param int $_rn : 每页显示数
@param string $_inner : 模板
*/
function kc_pagelist($_url = '', $_per, $_pid = 1, $_rn = 20, $_inner = null)
{
$_count = $_per / $_rn;
//总页数 可能非int类型,所以做如下比较并赋值
if ($_per == 0 || $_count == 1) {
return;
}
if ($_pid == null) {
$_pid = 1;
}
if ($_count != (int) $_count) {
$_count = (int) $_count + 1;
}
if ($_pid > $_count) {
//如果当前页大于总页数,这个是不现实的..
$_pid = $_count;
}
$_url = str_replace('RN', $_rn, $_url);
$_inner = isset($_inner[0]) ? $_inner : '<p class="k_pagelist">{king:Previous/}{king:Standard/}{king:Next/}{king:Jump/}</p>';
//full
$full = '';
for ($i = 1; $i <= $_count; $i++) {
$_pid == $i ? $full .= '<strong>' . $i . '</strong>' : ($full .= '<a href="' . kc_formatpath($_url, $i) . '">' . $i . '</a>');
}
//select
$select = '<select onChange="parent.location=this.options[this.selectedIndex].value">';
for ($i = 1; $i <= $_count; $i++) {
$_pid == $i ? $select .= '<option selected="selected">' . $i . '</option>' : ($select .= '<option value="' . kc_formatpath($_url, $i) . '">' . $i . '</option>');
}
$select .= '</select>';
//Next
$next = $_pid == $_count ? '<span>Next ></span>' : '<a href="' . kc_formatpath($_url, $_pid + 1) . '">Next ></a>';
//Previous
$previous = $_pid == 1 ? '<span>< Previous</span>' : '<a href="' . kc_formatpath($_url, $_pid - 1, 5) . '">< Previous</a>';
//Standard
$_numr = 5;
//每页右侧显示翻页数量
$_numl = 2;
//左侧显示2个
$_num = $_numr + $_numl + 1;
//合计显示
$sta = $_pid == 1 ? '<strong>1</strong>' : '<a href="' . kc_formatpath($_url, 1) . '">1</a>';
//Page 1
if ($_count >= 2) {
//Page 2
$sta .= $_pid == 2 ? '<strong>2</strong>' : '<a href="' . kc_formatpath($_url, 2) . '">2</a>';
}
if ($_pid >= $_numl + 4 && $_count > $_num + 3) {
$sta .= '<i>...</i>';
}
$i_sta = $_pid - $_numl;
//开始
$i_end = $_pid + $_numr;
//结束
if ($_pid <= $_numl + 2) {
//重新设置结束
$i_end = $_num + 2;
}
if ($_pid >= $_count - $_num + 2) {
//重新设置开始
$i_sta = $_count - $_num;
}
for ($i = $i_sta; $i < $i_end; $i++) {
//循环
if ($i >= 3 && $i <= $_count - 2) {
$i == $_pid ? $sta .= '<strong>' . $i . '</strong>' : ($sta .= '<a href="' . kc_formatpath($_url, $i) . '">' . $i . '</a>');
// : $sta.='<a href="'.sprintf($_url1,$i,$_rn).'">'.$i.'</a>';
}
}
if ($_pid + $_numr <= $_count - 2 && $_count - 2 > $_num + 1) {
$sta .= '<i>...</i>';
}
if ($_count > 3) {
$_pid == $_count - 1 ? $sta .= '<strong>' . ($_count - 1) . '</strong>' : ($sta .= '<a href="' . kc_formatpath($_url, $_count - 1) . '">' . ($_count - 1) . '</a>');
}
if ($_pid == $_count) {
//Page Count
if ($_count >= 3) {
$sta .= '<strong>' . $_count . '</strong>';
}
} else {
if ($_count >= 3) {
$sta .= '<a href="' . kc_formatpath($_url, $_count) . '">' . $_count . '</a>';
}
}
//first
$_pid == 1 ? $first = '<strong><< First</strong>' : ($first = '<a href="' . kc_formatpath($_url, 1) . '"><< First</a>');
//last
$_pid == $_count ? $last = '<strong>Last >></strong>' : ($last = '<a href="' . kc_formatpath($_url, $_count) . '">Last >></a>');
//jump
$jump = '<input type="text" size="3" onkeydown="if(event.keyCode==13) {window.location=\'' . kc_formatpath($_url, "'+this.value+'") . '\'; return false;}" />';
//sprintf(str_replace('pid=PID','pid=%s',$_url),"'+this.value+'",$_rn)
$tmp = new KC_Template_class();
$tmp->assign('standard', $sta);
$tmp->assign('select', $select);
$tmp->assign('previous', $previous);
//上一个
$tmp->assign('next', $next);
//下一个
$tmp->assign('first', $first);
//第一个
$tmp->assign('last', $last);
//最后一个
$tmp->assign('full', $full);
$tmp->assign('jump', $jump);
$tmp->assign('pagecount', $_count);
$tmp->assign('count', $_per);
$tmp->assign('pid', $_pid);
$tmp->assign('rn', $_rn);
$s = $tmp->output($_inner);
return $s;
}
private function array_format($inner, $array)
{
$s = '';
if (!empty($array)) {
foreach ($array as $arr) {
$tmp = new KC_Template_class();
foreach ($arr as $key => $val) {
$tmp->assign($key, $val);
}
$s .= $tmp->output($inner);
}
}
return $s;
}
/**
搜索结果显示页
########## 搜索结果和所属网站做绑定,根据URL判断 ##########
*/
function king_search()
{
global $king;
$king->Load('portal');
//获得modelid
if (!($modelTables = getModelTables())) {
$king->portal->error($king->lang->get('portal/common/error'), $king->lang->get('portal/error/notmodel'));
}
$currentArray = current($modelTables);
$modelid = isset($_GET['modelid']) ? $_GET['modelid'] : $currentArray['modelid'];
$model = $king->portal->infoModel($modelid);
$query = kc_get('query', 0);
$querys = preg_split("/[,\\*\\%\\.\\(\\)\\'\\`><\\}\\{ ]/", $query);
$querys = array_diff($querys, array(''));
$q = implode("%' or ktitle like '%", $querys);
if (isset($q[0])) {
$q = " and (ktitle like '%" . $q . "%')";
}
if (is_array($model['field']['issearch'])) {
foreach ($model['field']['issearch'] as $key => $val) {
$getVal = kc_get(substr($key, 1), 0);
if (isset($getVal[0])) {
$q .= " and {$key}='" . $king->db->escape($getVal) . "'";
}
}
}
foreach ($model['field']['id'] as $val) {
$getVal = kc_val($_GET, $val);
//kc_get($val,2);
if (isset($getVal[0])) {
if (kc_validate($getVal, 2)) {
$q .= " and {$val}='{$getVal}'";
} else {
$q .= " and {$val} in ({$getVal})";
}
}
}
$pid = isset($_GET['pid']) ? kc_get('pid', 2, 1) : 1;
$rn = isset($_GET['rn']) ? kc_get('rn', 2, 1) : 20;
if ($rn > 100) {
$rn = 100;
}
$tmp = new KC_Template_class($model['ktemplatesearch'], $king->config('templatepath') . '/inside/search/' . strtolower($model['modeltable']) . '[page].htm');
$tmp->assign('type', 'search');
$tmp->assign('pid', $pid);
$tmp->assign('rn', $rn);
$tmp->assign('search', $q);
//传递搜索条件,也就是where条件
$tmp->assign('modelid', $modelid);
//传递模型类型
// $tmp->assign('siteid');//这个还得获取
$tmp->assign('title', $king->lang->get('system/common/search'));
echo $tmp->output();
}
function king_orders_show()
{
global $king;
$user = $king->user->access();
$oid = kc_get('oid', 2, 1);
//attach来传递oid参数
//kc_error($king->config('templateorders'));
$tmp = new KC_Template_class($king->config('templateorders', 'portal'), $king->config('templatepath') . '/inside/user/orders_show.htm');
$tmp->assign('oid', $oid);
$tmp->assign('userid', $king->user->userid);
$tmp->assign('nav', $king->lang->get('portal/title/ordersshow'));
$tmp->assign('title', $king->lang->get('portal/title/ordersshow'));
echo $tmp->output();
}
private function tag_user_group($inner, $attrib)
{
global $king;
$whereArray = array();
$gid = kc_val($attrib, 'gid');
if ($gid == 0) {
//默认帐号
}
$group = $this->infoGroup($gid);
$tmp = new KC_Template_class();
$tmp->assign('gid', $group['gid']);
$tmp->assign('name', $group['kname']);
$tmp->assign('access', $group['kaccess']);
$tmp->assign('menu', $group['kmenu']);
$s = $tmp->output($inner);
return $s;
}
/**
返回管理首页的快捷菜单列表
@return array
*/
public function tag_lnk($inner, $ass, $attrib)
{
global $king;
if ($inner) {
$tmp = new KC_Template_class();
if (!($res = $king->db->getRows("select kid,kname,kpath,konclick,kimage,isblank,ktitle from %s_lnk where adminid=" . $king->admin['adminid'] . " order by norder desc"))) {
$res = array();
}
foreach ($res as $rs) {
$tmp->assign('id', $rs['kid']);
$tmp->assign('name', htmlspecialchars($rs['kname']));
$tmp->assign('href', htmlspecialchars($rs['kpath']));
$tmp->assign('onclick', htmlspecialchars($rs['konclick']));
$tmp->assign('image', 'system/images/lnk/' . $rs['kimage']);
$tmp->assign('target', $rs['isblank'] ? 'target="_blank"' : '');
$tmp->assign('title', htmlspecialchars($rs['ktitle']));
$s .= $tmp->output($inner);
}
} else {
//默认输出的项目
$cachepath = 'system/lnk/' . $king->admin['adminid'];
$s = $king->cache->get($cachepath);
if (!$s) {
if (!($res = $king->db->getRows("SELECT kid,kname,kpath,konclick,kimage,isblank,ktitle FROM %s_lnk where adminid=" . $king->admin['adminid'] . " order by norder desc"))) {
$res = array(array('norder' => 10, 'kname' => '栏目管理', 'ktitle' => '栏目管理中心', 'kpath' => '../portal/manage.php', 'kimage' => 'panel.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 9, 'kname' => '爬虫管理', 'ktitle' => '爬虫访问管理', 'kpath' => '../system/manage.php?action=bot', 'kimage' => 'bot.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 8, 'kname' => '管理日志', 'ktitle' => '管理员访问操作日志', 'kpath' => '../system/manage.php?action=log', 'kimage' => 'log.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 7, 'kname' => '附件管理', 'ktitle' => '已上传文件管理', 'kpath' => '../system/manage.php?action=upfile', 'kimage' => 'upfile.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 6, 'kname' => '首选项', 'ktitle' => 'CMS系统参数设置', 'kpath' => '../system/manage.php?action=config', 'kimage' => 'system.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 5, 'kname' => '管理员', 'ktitle' => '管理员信息及密码设置', 'kpath' => '../system/manage.php?action=admin', 'kimage' => 'admin.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 4, 'kname' => '模块管理', 'ktitle' => '模块管理', 'kpath' => '../system/manage.php?action=module', 'kimage' => 'module.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 3, 'kname' => 'KingCMS', 'ktitle' => 'KingCMS官方网站', 'kpath' => 'http://www.kingcms.com/', 'kimage' => 'lnk.gif', 'isblank' => 1, 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 2, 'kname' => 'Forums', 'ktitle' => 'KingCMS论坛', 'kpath' => 'http://bbs.kingcms.com/', 'kimage' => 'lnk.gif', 'isblank' => 1, 'adminid' => $king->admin['adminid'], 'konclick' => ''));
foreach ($res as $rs) {
$king->db->insert('%s_lnk', $rs);
}
}
$s = '<div id="k_lnk">';
foreach ($res as $rs) {
$s .= '<a href="' . htmlspecialchars($rs['kpath']) . '" ' . (!empty($rs['isblank']) ? 'target="_blank"' : '') . ' onclick="' . htmlspecialchars($rs['konclick']) . '" title="' . htmlspecialchars($rs['ktitle']) . '"><img src="images/lnk/' . $rs['kimage'] . '"/><i>' . htmlspecialchars($rs['kname']) . '</i></a>';
}
$s .= '<a href="http://www.kingcms.com/license/" target="_blank" title="' . $king->lang->get('system/common/license') . '"><img src="images/lnk/license.gif"/><i>' . $king->lang->get('system/common/license') . '</i></a>';
$s .= '<a href="javascript:;" class="k_ajax" rel="{URL:\'../system/manage.php\',CMD:\'faq\'}"><img src="images/lnk/faq.gif" title="' . $king->lang->get('system/common/faq') . '"/><i>' . $king->lang->get('system/common/faq') . '</i></a>';
$s .= '<a href="manage.php?action=lnk" title="' . $king->lang->get('system/title/lnk') . '"><img src="images/lnk/modify.gif"/><i>' . $king->lang->get('system/level/lnk') . '</i></a>';
$s .= '</div>';
$king->cache->put($cachepath, $s);
}
}
return $s;
}
/**
@param string $name 标签名 portal.article
@param string $inner 循环体内的
@param array $ass assign 内容
@param array $attrib 属性数组
@return string
*/
public function tag($name, $inner, $ass, $attrib)
{
global $king;
$name = kc_val($attrib, 'name');
if (empty($name)) {
return $king->lang->get('block/error/name', 4);
}
if (!($res = $king->db->getRows("select kid,ntype,bid,kcontent from %s_block where kname='" . $king->db->escape($name) . "' "))) {
return $king->lang->get('block/error/name', 5);
}
$array = array();
foreach ($res as $rs) {
$array["{$rs['ntype']}-{$rs['bid']}"] = $rs['kcontent'];
}
//很麻烦的绑定判断
$listid = kc_val($ass, 'listid');
if (empty($listid)) {
//如果listid为空值的话,直接调用默认值
$content = kc_val($array, '0-0');
} else {
if (isset($array["1-{$listid}"])) {
//先判断listid
$content = $array["1-{$listid}"];
} else {
//再判断modelid
if (!isset($ass['modelid'])) {
//若ass中没有modelid,则从info中加载
$king->Load('portal');
//加载portal类
$info = $king->portal->infoList($listid);
$modelid = $info['modelid'];
} else {
$modelid = $ass['modelid'];
}
//判断modelid
if (isset($array["2-{$modelid}"])) {
$content = $array["2-{$modelid}"];
} else {
//连modelid都没有的情况下才会去判断siteid
if (!isset($ass['siteid'])) {
//若ass中没有siteid
if (empty($info)) {
//如果info没有加载,则加载,似乎这个可能性发生的概率为0?
$king->Load('portal');
$info = $king->portal->infoList($listid);
}
$siteid = $info['siteid'];
} else {
$siteid = $ass['siteid'];
}
if (isset($array["3-{$siteid}"])) {
$content = $array["3-{$siteid}"];
} else {
//只能调用默认值
$content = kc_val($array, "0-0");
}
}
}
}
//获得了$content值后,调用模板解析
$tmp = new KC_Template_class();
if (is_array($ass)) {
foreach ($ass as $key => $val) {
$tmp->assign($key, $val);
}
}
$s = $tmp->output($content);
return $s;
}
/**
上传付款凭证
*/
function king_bank()
{
global $king;
$oid = kc_get('oid', 2, 1);
if (!($rs = $king->db->getRows_one("select ono,kname,nnumber,ntotal,kfeedback,eid,nexpress,userid,nstatus from %s_orders where oid={$oid}"))) {
kc_error($king->lang->get('system/error/param'));
}
if ($rs['userid'] > 0) {
$king->Load('user');
$king->user->access();
//如果有记录用户,则做登录验证
if ($king->user->userid != $rs['userid']) {
$king->portal->error($king->lang->get('system/common/error'), $king->lang->get('portal/error/cart'));
}
}
if ((int) $rs['nstatus'] !== 2) {
$king->portal->error($king->lang->get('system/common/error'), $king->lang->get('portal/error/status'));
}
$s = '<table class="k_table_list" cellspacing="0">';
$s .= '<caption>' . $king->lang->get('portal/cart/prodinfo') . '</caption>';
$s .= '<tr><th class="w150">' . $king->lang->get('portal/cart/youorders') . '</th><td><strong class="red">' . $rs['ono'] . '</strong></td>';
$s .= '<th>' . $king->lang->get('portal/cart/prodname') . '</th><td>' . $rs['kname'] . '</td></tr>';
$s .= '<tr><th>' . $king->lang->get('portal/cart/total') . '</th><td>' . $rs['nnumber'] . '件</td>';
$s .= '<th>' . $king->lang->get('portal/cart/alltotal') . '</th><td>' . number_format($rs['ntotal'], 2) . '</td></tr>';
$s .= '</table>';
if ($_FILES) {
$ext = strtolower(kc_f_ext($_FILES['bankfile']['name']));
kc_f_md($king->config('uppath') . "/orders");
if (!in_array($ext, array('jpg', 'jpeg'))) {
$s .= '<p class="k_error">' . $king->lang->get('portal/error/ext') . '</p>';
//提示文件类型不正确
$s .= '<p><a href="cart.php?action=bank&oid=' . $oid . '">' . $king->lang->get('portal/cart/reup') . '</a></p>';
} elseif (move_uploaded_file($_FILES['bankfile']['tmp_name'], ROOT . $king->config('uppath') . "/orders/{$oid}.jpg")) {
$s .= '<p>' . $king->lang->get('portal/cart/upok') . '</p>';
$array = array('paymethod' => 'bank');
$king->db->update('%s_orders', $array, "oid={$oid}");
} else {
$s .= '<p class="k_error">' . $king->lang->get('portal/error/upbank') . '</p>';
}
} else {
$s .= $king->openForm('cart.php?action=bank', null, 1);
$s .= '<p>' . $king->lang->get('portal/cart/bankmemo') . '</p>';
$s .= '<p>' . $king->lang->get('portal/cart/bankmemo1') . '</p>';
$s .= $king->htmForm($king->lang->get('portal/cart/upbank'), "<input type=\"file\" name=\"bankfile\" class=\"k_in w400\" />");
$hide = array('oid' => $oid, 'MAX_FILE_SIZE' => 204800);
$s .= kc_htm_hidden($hide);
$s .= $king->closeForm($king->lang->get('system/common/upfile'));
}
$tmp = new KC_Template_class($king->config('templateorders', 'portal'));
$tmp->assign('oid', $oid);
$tmp->assign('title', $king->lang->get('portal/cart/upbank'));
$tmp->assign('nav', $king->lang->get('portal/cart/upbank'));
$tmp->assign('type', 'edit');
$tmp->assign('inside', $s);
echo $tmp->output();
}
function king_edt()
{
global $king;
$king->load('user');
//初始化zf
$listid = kc_get('listid', 2, 1);
//$info['listid'];
$info = $king->portal->infoList($listid);
$model = $king->portal->infoModel($info['modelid']);
$kid = kc_get('kid', 2);
$kid1 = kc_get('kid1', 2);
$isuser = $kid1 ? 'isuser2' : 'isuser1';
//次页:首页
$array_field = array_keys($model['field'][$isuser]);
$sql_field = implode(',', $array_field);
//[tablemodel]字段调用
//读取管理员列表
$editors = $king->portal->getListEditor($listid);
if (!is_array($editors)) {
$editors = array();
}
//用户权限及登录验证
if ($info['gidpublish'] == -1) {
$user = array('userid' => 0, 'username' => '[' . $king->lang->get('user/name/guest') . ']');
} else {
$user = $king->user->access();
if (!in_array($king->user->userid, $editors) && $info['gidpublish']) {
//非栏目编辑 并 限制组会员 ;栏目编辑员则跳过此验证
$king->user->access($info['gidpublish']);
}
}
//发帖验证,检查是否为不允许发布
//0不允许发布|1直接发布|2验证后发布
if (!in_array($user['userid'], $editors)) {
//栏目编辑员无需验证
if ((int) $info['ispublish' . ($kid1 ? 2 : 1)] === 0) {
$king->portal->error($king->lang->get('portal/title/stop'), $king->lang->get('portal/error/stop'));
}
}
//当kid有值的时候(编辑),进行所有权验证
if ($kid) {
$user = empty($user) ? $king->user->access() : $user;
//如果$user为null则进行登录验证,目的是要获得userid
$id = $king->portal->infoID($listid, $kid);
if (in_array($king->user->userid, $editors) || (int) $id['userid'] === (int) $king->user->userid) {
if (!in_array($king->user->userid, $editors)) {
//如果不是栏目管理员,则进行有效期验证
if (time() - $model['nlocktime'] * 3600 > $id['ndate'] && (int) $model['nlocktime'] !== 0) {
//如果超过可允许编辑时间期限 并 可编辑时间不能为0,则提示错误
$king->portal->error($king->lang->get('portal/title/stop'), $king->lang->get('portal/error/timeout'));
}
}
} else {
$king->portal->error($king->lang->get('portal/title/stop'), $king->lang->get('portal/error/noaccess'));
}
}
$fields = explode(',', $sql_field);
if ($GLOBALS['ismethod'] || $kid == '') {
//POST过程或新添加的过程
$data = $_POST;
if (!$GLOBALS['ismethod']) {
//初始化新添加的数据
$data['kpath'] = $king->portal->depathMode($info);
$data['nshow'] = 1;
$array_field_default = $model['field']['default'];
foreach ($array_field_default as $key => $val) {
$data[$key] = $val;
}
//从URL中获取初始值
foreach ($fields as $val) {
if (isset($_GET[$val])) {
$data[$val] = $_GET[$val];
}
}
}
} else {
//编辑数据,从数据库读出
//判断是否为栏目编辑 或 所有人
if (!($data = $king->db->getRows_one('select ' . $sql_field . ' from %s__' . $model['modeltable'] . ' where kid=' . $kid . ' limit 1;'))) {
kc_error($king->lang->get('system/error/param') . '<br/>select ' . $sql_field . ' from %s__' . $model['modeltable'] . ' where kid=' . $kid . ' limit 1;' . '<br/>File:' . basename(__FILE__) . ';Line:' . __LINE__);
}
}
$data = kc_data($fields, $data);
$data['kid'] = $kid;
if (!($res = $king->db->getRows("select * from %s_field where modelid={$info['modelid']} and {$isuser}=1 and kid1=0 order by norder,kid;"))) {
//全部调用
$res = array();
}
$s = $king->openForm('index.php?action=edt');
$s .= kc_htm_hidden(array('listid' => $listid, 'kid' => $kid, 'kid1' => $kid1));
//这个隐藏域不要放在下面
foreach ($res as $rs) {
$s .= $king->portal->formdecode($rs, $data, $info, 0, $kid1 ? 2 : 1);
}
$s .= $king->closeForm($king->lang->get('system/common/publish'));
//数据处理
if ($GLOBALS['ischeck']) {
$_array = array();
//设置为空数组
//收集字段的值
foreach ($array_field as $val) {
if (substr($val, 0, 1) == 'n') {
$_array[$val] = $data[$val] ? 1 : 0;
} else {
if (is_array($data[$val])) {
$_array[$val] = implode(',', $data[$val]);
} else {
$_array[$val] = $data[$val];
}
}
}
//listid & kid1
$_array['listid'] = $data['listid'];
$_array['kid1'] = $data['kid1'] ? $data['kid1'] : 0;
/**
检查kpath是否在键名列表里,如果有则判断是否为空值
如果没有,则补充
*/
if (empty($_array['kpath'])) {
$_array['kpath'] = $king->portal->depathMode($info);
}
/**
检查kkeywords,如果没有,则自动补充其值
如果有,则更新列表
*/
$_array['kkeywords'] = !empty($data['kkeywords']) ? $king->portal->getKey($_array['ktitle'], $_array['kkeywords']) : $king->portal->getKey($_array['ktitle']);
/**
检查ktag,如果没有,则自动补充其值
如果有,则更新列表
*/
$_array['ktag'] = !empty($data['ktag']) ? $king->portal->getTag($_array['ktitle'], $_array['ktag']) : $king->portal->gettag($_array['ktitle']);
/**
如果description值为空,则从content中获取
*/
if (empty($data['kdescription']) && !empty($data['kcontent'])) {
$kdescription = strip_tags($data['kcontent']);
$kdescription = preg_replace('/\\&[a-z]{1,6};/', '', $kdescription);
$_array['kdescription'] = kc_substr($kdescription, 0, 200);
}
//副标题长度
$_array['nsublength'] = isset($data['ksubtitle']) ? kc_strlen($data['ksubtitle']) : 0;
//更新时间
$_array['nlastdate'] = time();
//如果有kid1值,则对kid1对应的nlastdate进行更新
if ($kid1) {
$king->db->update('%s__' . $model['modeltable'], array('nlastdate' => time()), 'kid=' . $kid1 . ' limit 1');
}
//添加&更新数据
if ($kid) {
//update
$king->db->update('%s__' . $model['modeltable'], $_array, 'kid=' . $kid);
$_nlog = 7;
} else {
$_array['ndate'] = time();
$_array['norder'] = $king->db->neworder('%s__' . $model['modeltable']);
$_array['userid'] = $user['userid'];
$_array['nshow'] = $info['ispublish' . ($kid1 ? 2 : 1)];
$kid = $king->db->insert('%s__' . $model['modeltable'], $_array);
$_nlog = 5;
if ($kid == 0) {
kc_error($king->lang->get('system/error/insert') . kc_clew(__FILE__, __LINE__, nl2br(print_r($_array, 1))));
}
}
//更新列表信息
$king->portal->lastUpdated($listid, 'list');
//删除缓存重建缓存
$king->cache->del('portal/list/' . $listid);
kc_f_delete($king->config('xmlpath', 'portal') . '/portal/' . $info['modelid'] . '/' . wordwrap($kid, 1, '/', 1) . '.xml');
$id = $king->portal->infoID($listid, $kid);
if ($kid1) {
kc_f_delete($king->config('xmlpath', 'portal') . '/portal/' . $info['modelid'] . '/' . wordwrap($kid1, 1, '/', 1) . '.xml');
$id = $king->portal->infoID($listid, $kid1);
}
//生成操作
if ($info['npage'] == 0) {
if ($info['npagenumber'] == 1) {
$king->portal->createPage($listid, $kid1 ? $kid1 : $kid);
//$listid,$kid,$pid=1,$is=null
$subkid = $id['subkid'];
if (isset($subkid)) {
$subid = explode(',', $subkid);
foreach ($subid as $sid) {
$king->portal->createPage($listid, $sid);
}
}
} else {
$pcount = ceil($id['ncount'] / $info['npagenumber']);
for ($i = 1; $i <= $pcount; $i++) {
$king->portal->createPage($listid, $kid1 ? $kid1 : $kid, $i);
}
}
}
//跳转,当留言反馈类型的时候,这个跳转需要改动
echo "<script type=\"text/javascript\">parent.location='" . $king->portal->pathPage($info, $id['kid'], $id['kpath']) . "'</script>";
}
$tmp = new KC_Template_class($model['ktemplatepublish']);
$tmp->assign('inside', $s);
$tmp->assign('listid', $listid);
$tmp->assign('title', $info['klistname']);
$tmp->assign('type', 'edit');
echo $tmp->output();
// list($left,$right)=king_inc_list();
// $king->skin->output($king->lang->get('portal/title/content'.($kid?'edt':'add')),$left,$right,$s);
}
private function tag_dbquery($inner, $attrib)
{
$query = kc_val($attrib, 'query');
$s = '';
if ($res = $this->db->getRows($query)) {
$tmp = new KC_Template_class();
foreach ($res as $rs) {
foreach ($rs as $key => $val) {
$tmp->assign($key, $val);
}
$s .= $tmp->output($inner);
}
}
return $s;
}
function king_def()
{
global $king;
//die(uc_user_synlogin(2));
if ($GLOBALS['ismethod']) {
//POST过程
$data = $_POST;
} else {
$data = array('re' => kc_val($_SERVER, 'HTTP_REFERER'));
}
$data = kc_data(array('re', 'username', 'userpass', 'expire'));
if ($king->config('blackuser', 'user')) {
$array_black = explode('|', $king->config('blackuser', 'user'));
$array_black = array_diff($array_black, array(null));
} else {
$array_black = array();
}
$s = $king->openForm('login.php');
//username
$_array = array(array('username', 0, 3, 15), array('username', 14, $king->lang->get('portal/check/reg/u-1'), array('*', '\\', ':', '?', '<', '>', '|', ';', ',', '\'', '!', '~', '$', '#', '@', '^', '(', ')', '{', '}', '=', '+', '%', '/')), array('username', 14, $king->lang->get('portal/check/reg/u-2'), $array_black));
$s .= $king->htmForm($king->lang->get('portal/user/name'), '<input class="k_in w150" type="text" name="username" value="' . htmlspecialchars($data['username']) . '" maxlength="15" />', $_array, null, "<tt><a href=\"javascript:; \" class=\"k_user_register\">" . $king->lang->get('portal/user/reg') . "</a></tt>");
//pass
$_array = array(array('userpass', 0, 6, 30));
if ($data['userpass'] && $GLOBALS['ischeck']) {
//有密码 并 账号验证成功的时候进行验证
$username = $data['username'];
$is = False;
if ($king->user->isuc) {
//如果有UC
if ($array_uc = uc_user_login($data['username'], $data['userpass'])) {
//链接成功
if ((int) $array_uc[0] < 0) {
//用户名不存在或密码错误
if ($res = $king->db->getRows_one("select usermail,userpass,ksalt,userid from %s_user where username='******' and uid=0")) {
//判断本地是否存在这个用户并且未同步到uc
$userid = $res['userid'];
if (md5($res['ksalt'] . $data['userpass']) == $res['userpass']) {
//检测密码
$uid = uc_user_register($username, $data['userpass'], $res['usermail']);
//注册用户到uc
$king->db->update('%s_user', array('lastlogindate' => time(), 'uid' => $uid > 0 ? $uid : 0), 'username=\'' . $king->db->escape($username . '\''));
uc_user_login($data['username'], $data['userpass']);
} else {
$is = True;
$errId = -2;
}
} else {
$is = True;
$errId = $array_uc[0];
}
} else {
//登录成功的时候,检查一下本地是否有这个账号
$uid = $array_uc[0];
//UC中的UID
if ($res = $king->db->getRows_one("select userpass,ksalt,userid from %s_user where username='******'")) {
//如果有这么个账号
$userid = $res['userid'];
if (md5($res['ksalt'] . $data['userpass']) != $res['userpass']) {
//若不一致,则进行更新
$userpass = md5($res['ksalt'] . $data['userpass']);
$king->db->update('%s_user', array('userpass' => $userpass, 'lastlogindate' => time()), 'username=\'' . $king->db->escape($username . '\''));
} else {
$king->db->update('%s_user', array('lastlogindate' => time()), 'username=\'' . $king->db->escape($username . '\''));
}
} else {
//如果本地没有这个账号,则添加
$usermail = $array_uc[3];
$ksalt = kc_random(6);
$array = array('username' => $username, 'userpass' => md5($ksalt . $data['userpass']), 'usermail' => $usermail, 'ksalt' => $ksalt, 'uid' => $uid, 'regdate' => time(), 'lastlogindate' => time());
$king->db->insert('%s_user', $array);
$res = $king->db->getRows_one("select userid from %s_user where uid='" . $uid . "' and isdelete=0");
$userid = $res['userid'];
}
}
} else {
kc_error($king->lang->get('portal/error/connect'));
//连接错误
}
} else {
//如果没有UC
if ($res = $king->db->getRows_one("select userpass,ksalt,userid from %s_user where username='******' and isdelete=0")) {
//如果有这么个账号
$md5pass = md5($res['ksalt'] . $data['userpass']);
// kc_error($md5pass."\t".$res['userpass']);
if ($md5pass != $res['userpass']) {
//若不一致,提示错误
$is = True;
$errId = -2;
} else {
//验证通过
$userid = $res['userid'];
$king->db->update('%s_user', array('lastlogindate' => time()), 'userid=' . $userid);
// $userpass=md5($res['ksalt'].$data['userpass']);
}
} else {
$is = True;
$errId = -1;
}
}
if (!empty($errId)) {
$_array[] = array('userpass', 12, $king->lang->get('portal/check/pwd/p' . $errId), $is);
}
}
$s .= $king->htmForm($king->lang->get('portal/user/pass') . '', '<input class="k_in w150" type="password" name="userpass" maxlength="30" />', $_array, null, "<tt><a href=\"javascript:;\" class=\"k_user_lostpwd\">" . $king->lang->get('portal/user/lostpwd') . "</a></tt>");
//expire
$array_select = array(0 => $king->lang->get('system/time/cookie'), 86400 => $king->lang->get('system/time/oneday'), 2592000 => $king->lang->get('system/time/jan'), 15768000 => $king->lang->get('system/time/halfyear'), 31536000 => $king->lang->get('system/time/ayear'), 315360000 => $king->lang->get('system/time/forever'));
$s .= $king->htmForm($king->lang->get('portal/user/expire'), kc_htm_radio('expire', $array_select, 2592000));
//verify
$verify = new KC_Verify_class();
$s .= $verify->Show();
$s .= kc_htm_hidden(array('re' => $data['re']));
$s .= $king->closeForm($king->lang->get('system/common/login'));
if ($GLOBALS['ischeck']) {
//写Cookie
$s = $king->user->userLogin($userid, $data['expire']);
$array = array('<a href="/">' . $king->lang->get('portal/user/return/home') . '</a>', '<a href="index.php">' . $king->lang->get('portal/user/return/uc') . '</a>');
if ($data['re']) {
$array[] = '<a href="' . $data['re'] . '">' . $king->lang->get('portal/user/return/re') . ' : ' . $data['re'] . '</a>';
$goto = $data['re'];
} else {
$goto = $king->config('inst') . 'user/index.php';
}
$s .= kc_htm_ol($king->lang->get('portal/user/loginok'), $array, $goto);
}
$tmp = new KC_Template_class($king->config('templateuser', 'user'), $king->config('templatepath') . '/inside/user/login.htm');
$tmp->assign('main', $s);
$tmp->assign('title', $king->lang->get('portal/title/login'));
echo $tmp->output();
}
/**
对king:portal.comment的解析
Code By: CiBill
@param
@return
*/
private function tag_comment($inner, $attrib)
{
global $king;
//读取数量
$number = kc_val($attrib, 'number', 30);
$number = kc_validate($number, 2) ? $number : 30;
//跳过条数
$skip = kc_val($attrib, 'skip', 0);
$skip = kc_validate($skip, 2) ? $skip : 0;
//查询条件
$whereArray = array();
$modelid = kc_val($attrib, 'modelid');
//modelid
if (!kc_validate($modelid, 2)) {
//如果没有modelid传入,则通过listid获取modelid
$listid = kc_val($attrib, 'listid');
//listid
if (kc_validate($listid, 2)) {
//listid为数字时,读取单个modelid
if ($list = $king->portal->infoList($listid)) {
$modelid = $list['modelid'];
$whereArray[] = "modelid={$modelid}";
} else {
return false;
}
} elseif (kc_validate($listid, 3)) {
$listid = explode(',', $listid);
$modelid = array();
foreach ($listid as $val) {
if ($list = $king->portal->infoList($val)) {
$modelid[] = $list['modelid'];
}
}
if ($modelid) {
$modelid = implode(',', $modelid);
$whereArray[] = "modelid in ({$modelid})";
} else {
return false;
}
}
}
$kid = kc_val($attrib, 'kid');
//文章id
if (kc_validate($kid, 2)) {
$whereArray[] = "kid={$kid}";
} elseif (kc_validate($kid, 3)) {
$whereArray[] = "kid in ({$kid})";
}
$orderby = isset($attrib['orderby']) ? ' ORDER BY ' . $attrib['orderby'] : ' ORDER BY cid desc';
$where = $whereArray ? 'where ' . implode(' and ', $whereArray) : '';
$limit = 'limit ' . $skip . ',' . $number;
$tmp = new KC_Template_class();
/*if($skip==0 && $number==30 && kc_validate($kid,2) && kc_validate($modelid,2)){
$comment=$king->portal->infoComment($modelid,$kid);
if(!$comment)return false;
}else*/
if (!($comment = $king->db->getRows("select * from %s_comment {$where} {$orderby} {$limit}"))) {
return false;
}
$s = '';
foreach ($comment as $rs) {
$tmp->assign('id', $rs['cid']);
$tmp->assign('kid', $rs['kid']);
$tmp->assign('modelid', $rs['modelid']);
$tmp->assign('username', $rs['username']);
$content = $rs['kcontent'];
if (substr($content, 0, 7) == '[quote]') {
$rid = intval(substr($content, 7, 10));
if ($r = $king->db->getRows_One("select * from %s_comment where cid={$rid}")) {
$r['kcontent'] = preg_replace("/\\[quote].*\\[\\/quote]/siU", '', $r['kcontent']);
$ypost = "Originally posted by <i><b>" . ($r['username'] != '' ? $r['username'] : '******') . "</b></i> at " . kc_formatdate($r['ndate'], 'Y-m-d') . ":<br>";
$include = "<table border=0 width='100%' cellspacing=1 cellpadding=10 bgcolor='#cccccc'><tr><td width='100%' bgcolor='#FFFFFF' style='word-break:break-all'>" . $ypost . $r['kcontent'] . "</td></tr></table>";
$content = str_replace("[quote]" . $rid . "[/quote]", $include, $content);
}
}
$tmp->assign('content', $content);
$tmp->assign('ip', long2ip($rs['nip']));
$tmp->assign('date', $rs['ndate']);
$s .= $tmp->output($inner);
}
return $s;
}
