function king_def() { global $king; $kid = kc_get('kid', 2, 1); $listid = kc_get('listid', 2, 1); $modelid = kc_get('modelid', 2, 1); $pid = isset($_GET['pid']) ? kc_get('pid', 2, 1) : 1; $rn = isset($_GET['rn']) ? kc_get('rn', 2, 1) : 20; if ($rn > 100) { $rn = 100; } $king->Load('portal'); $model = $king->portal->infoModel($modelid); $id = $king->portal->infoID($listid, $kid); $tmp = new KC_Template_class($model['ktemplatecomment'], $king->config('templatepath') . '/inside/comment/' . strtolower($model['modeltable']) . '.htm'); $tmp->assign('title', $id['ktitle'] . ' ' . $king->lang->get('portal/common/comment')); $tmp->assign('pid', $pid); $tmp->assign('rn', $rn); $tmp->assign('modelid', $modelid); //传递模型id $tmp->assign('listid', $listid); //传递列表id $tmp->assign('kid', $kid); //传递文章id $tmp->assign('comment', $id['ncomment']); //评论统计 echo $tmp->output(); }
/** 添加/编辑碎片 */ function king_def() { global $king; $sql = "ktitle,kname,kemail,kqq,kphone,kcontent"; $s = $king->openForm($king->lang->get('feedback/name'), '', 'feedback_add'); $s .= $king->htmForm($king->lang->get('feedback/label/title'), kc_htm_input('ktitle', '', 50, 400) . '*'); $s .= $king->htmForm($king->lang->get('feedback/label/name'), kc_htm_input('kname', '', 30, 400) . '*'); $s .= $king->htmForm($king->lang->get('feedback/label/email'), kc_htm_input('kemail', '', 100, 400) . '*'); $s .= $king->htmForm($king->lang->get('feedback/label/qq'), kc_htm_input('kqq', '', 30, 400)); $s .= $king->htmForm($king->lang->get('feedback/label/phone'), kc_htm_input('kphone', '', 20, 400)); $s .= $king->htmForm($king->lang->get('feedback/label/content'), kc_htm_textarea('kcontent') . '*'); $s .= $king->htmForm(null, kc_htm_button($king->lang->get('system/common/add'), "\$.kc_ajax({CMD:'add',FORM:'feedback_add'});", 1)); $s .= $king->closeForm('none'); $tmp = new KC_Template_class($king->config('templatepath') . '/default.htm', $king->config('templatepath') . '/inside/feedback/default.htm'); $tmp->assign('content', $s); $tmp->assign('title', $king->lang->get('feedback/name')); $tmp->assign('type', 'add'); echo $tmp->output(); }
/** POST过来的参数有 ass、kname、tags、sign MD5(ass=[ass]&kname=[kname]&tags=[tags]{info['sign']}) == sign 当一致的时候,验证通过 */ function king_def() { global $king; $ass = kc_post('ass'); //isset($_POST['ass']) ? : ''; $kname = kc_post('kname'); $tags = kc_post('tags'); $sign = kc_post('sign'); $tmp = new KC_Template_class(); if ($info = $tmp->infoConn($kname)) { $postsign = md5("ass={$ass}&kname={$kname}&tags={$tags}{$info['ksign']}"); if ($postsign == $sign) { //验证通过 $assign = unserialize(base64_decode($_POST['ass'])); foreach ($assign as $key => $val) { $tmp->assign($key, $val); } exit($tmp->output($tags)); } } exit('<!-- ' . $king->lang->get('system/error/conn') . ' -->'); }
function king_def() { global $king; $array = array('version', 'cmdno', 'retcode', 'status', 'seller', 'total_fee', 'trade_price', 'transport_fee', 'buyer_id', 'chnid', 'cft_tid', 'mch_vno', 'attach'); $buffer = ''; foreach ($array as $val) { if (isset($_GET[$val])) { $buffer .= $val . '=' . $_GET[$val] . '&'; //$ret[$val]=$val.'='.$_GET[]; } } $md5_sign = strtoupper(md5($buffer . 'key=' . $king->config('tenpaykey', 'portal'))); if ($md5_sign = $_GET['sign']) { $oid = kc_get('attach', 2, 1); //attach来传递oid参数 $tmp = new KC_Template_class($king->config('templateorders'), $king->config('templatepath') . '/inside/user/orders_show.htm'); $tmp->assign('oid', $oid); $tmp->assign('title', $king->lang->get('portal/title/buyok')); echo $tmp->output(); } else { kc_error($king->lang->get('portal/error/payment')); } }
/** 分页列表的设置 @param string $_url : 分页连接代码,格式如:index.php?pid=%d&rn=%d,注意的是pid必须在rn的前面 @param int $_per : record总数 @param int $_pid : 当前页 @param int $_rn : 每页显示数 @param string $_inner : 模板 */ function kc_pagelist($_url = '', $_per, $_pid = 1, $_rn = 20, $_inner = null) { $_count = $_per / $_rn; //总页数 可能非int类型,所以做如下比较并赋值 if ($_per == 0 || $_count == 1) { return; } if ($_pid == null) { $_pid = 1; } if ($_count != (int) $_count) { $_count = (int) $_count + 1; } if ($_pid > $_count) { //如果当前页大于总页数,这个是不现实的.. $_pid = $_count; } $_url = str_replace('RN', $_rn, $_url); $_inner = isset($_inner[0]) ? $_inner : '<p class="k_pagelist">{king:Previous/}{king:Standard/}{king:Next/}{king:Jump/}</p>'; //full $full = ''; for ($i = 1; $i <= $_count; $i++) { $_pid == $i ? $full .= '<strong>' . $i . '</strong>' : ($full .= '<a href="' . kc_formatpath($_url, $i) . '">' . $i . '</a>'); } //select $select = '<select onChange="parent.location=this.options[this.selectedIndex].value">'; for ($i = 1; $i <= $_count; $i++) { $_pid == $i ? $select .= '<option selected="selected">' . $i . '</option>' : ($select .= '<option value="' . kc_formatpath($_url, $i) . '">' . $i . '</option>'); } $select .= '</select>'; //Next $next = $_pid == $_count ? '<span>Next ></span>' : '<a href="' . kc_formatpath($_url, $_pid + 1) . '">Next ></a>'; //Previous $previous = $_pid == 1 ? '<span>< Previous</span>' : '<a href="' . kc_formatpath($_url, $_pid - 1, 5) . '">< Previous</a>'; //Standard $_numr = 5; //每页右侧显示翻页数量 $_numl = 2; //左侧显示2个 $_num = $_numr + $_numl + 1; //合计显示 $sta = $_pid == 1 ? '<strong>1</strong>' : '<a href="' . kc_formatpath($_url, 1) . '">1</a>'; //Page 1 if ($_count >= 2) { //Page 2 $sta .= $_pid == 2 ? '<strong>2</strong>' : '<a href="' . kc_formatpath($_url, 2) . '">2</a>'; } if ($_pid >= $_numl + 4 && $_count > $_num + 3) { $sta .= '<i>...</i>'; } $i_sta = $_pid - $_numl; //开始 $i_end = $_pid + $_numr; //结束 if ($_pid <= $_numl + 2) { //重新设置结束 $i_end = $_num + 2; } if ($_pid >= $_count - $_num + 2) { //重新设置开始 $i_sta = $_count - $_num; } for ($i = $i_sta; $i < $i_end; $i++) { //循环 if ($i >= 3 && $i <= $_count - 2) { $i == $_pid ? $sta .= '<strong>' . $i . '</strong>' : ($sta .= '<a href="' . kc_formatpath($_url, $i) . '">' . $i . '</a>'); // : $sta.='<a href="'.sprintf($_url1,$i,$_rn).'">'.$i.'</a>'; } } if ($_pid + $_numr <= $_count - 2 && $_count - 2 > $_num + 1) { $sta .= '<i>...</i>'; } if ($_count > 3) { $_pid == $_count - 1 ? $sta .= '<strong>' . ($_count - 1) . '</strong>' : ($sta .= '<a href="' . kc_formatpath($_url, $_count - 1) . '">' . ($_count - 1) . '</a>'); } if ($_pid == $_count) { //Page Count if ($_count >= 3) { $sta .= '<strong>' . $_count . '</strong>'; } } else { if ($_count >= 3) { $sta .= '<a href="' . kc_formatpath($_url, $_count) . '">' . $_count . '</a>'; } } //first $_pid == 1 ? $first = '<strong><< First</strong>' : ($first = '<a href="' . kc_formatpath($_url, 1) . '"><< First</a>'); //last $_pid == $_count ? $last = '<strong>Last >></strong>' : ($last = '<a href="' . kc_formatpath($_url, $_count) . '">Last >></a>'); //jump $jump = '<input type="text" size="3" onkeydown="if(event.keyCode==13) {window.location=\'' . kc_formatpath($_url, "'+this.value+'") . '\'; return false;}" />'; //sprintf(str_replace('pid=PID','pid=%s',$_url),"'+this.value+'",$_rn) $tmp = new KC_Template_class(); $tmp->assign('standard', $sta); $tmp->assign('select', $select); $tmp->assign('previous', $previous); //上一个 $tmp->assign('next', $next); //下一个 $tmp->assign('first', $first); //第一个 $tmp->assign('last', $last); //最后一个 $tmp->assign('full', $full); $tmp->assign('jump', $jump); $tmp->assign('pagecount', $_count); $tmp->assign('count', $_per); $tmp->assign('pid', $_pid); $tmp->assign('rn', $_rn); $s = $tmp->output($_inner); return $s; }
private function array_format($inner, $array) { $s = ''; if (!empty($array)) { foreach ($array as $arr) { $tmp = new KC_Template_class(); foreach ($arr as $key => $val) { $tmp->assign($key, $val); } $s .= $tmp->output($inner); } } return $s; }
/** 搜索结果显示页 ########## 搜索结果和所属网站做绑定,根据URL判断 ########## */ function king_search() { global $king; $king->Load('portal'); //获得modelid if (!($modelTables = getModelTables())) { $king->portal->error($king->lang->get('portal/common/error'), $king->lang->get('portal/error/notmodel')); } $currentArray = current($modelTables); $modelid = isset($_GET['modelid']) ? $_GET['modelid'] : $currentArray['modelid']; $model = $king->portal->infoModel($modelid); $query = kc_get('query', 0); $querys = preg_split("/[,\\*\\%\\.\\(\\)\\'\\`><\\}\\{ ]/", $query); $querys = array_diff($querys, array('')); $q = implode("%' or ktitle like '%", $querys); if (isset($q[0])) { $q = " and (ktitle like '%" . $q . "%')"; } if (is_array($model['field']['issearch'])) { foreach ($model['field']['issearch'] as $key => $val) { $getVal = kc_get(substr($key, 1), 0); if (isset($getVal[0])) { $q .= " and {$key}='" . $king->db->escape($getVal) . "'"; } } } foreach ($model['field']['id'] as $val) { $getVal = kc_val($_GET, $val); //kc_get($val,2); if (isset($getVal[0])) { if (kc_validate($getVal, 2)) { $q .= " and {$val}='{$getVal}'"; } else { $q .= " and {$val} in ({$getVal})"; } } } $pid = isset($_GET['pid']) ? kc_get('pid', 2, 1) : 1; $rn = isset($_GET['rn']) ? kc_get('rn', 2, 1) : 20; if ($rn > 100) { $rn = 100; } $tmp = new KC_Template_class($model['ktemplatesearch'], $king->config('templatepath') . '/inside/search/' . strtolower($model['modeltable']) . '[page].htm'); $tmp->assign('type', 'search'); $tmp->assign('pid', $pid); $tmp->assign('rn', $rn); $tmp->assign('search', $q); //传递搜索条件,也就是where条件 $tmp->assign('modelid', $modelid); //传递模型类型 // $tmp->assign('siteid');//这个还得获取 $tmp->assign('title', $king->lang->get('system/common/search')); echo $tmp->output(); }
function king_orders_show() { global $king; $user = $king->user->access(); $oid = kc_get('oid', 2, 1); //attach来传递oid参数 //kc_error($king->config('templateorders')); $tmp = new KC_Template_class($king->config('templateorders', 'portal'), $king->config('templatepath') . '/inside/user/orders_show.htm'); $tmp->assign('oid', $oid); $tmp->assign('userid', $king->user->userid); $tmp->assign('nav', $king->lang->get('portal/title/ordersshow')); $tmp->assign('title', $king->lang->get('portal/title/ordersshow')); echo $tmp->output(); }
private function tag_user_group($inner, $attrib) { global $king; $whereArray = array(); $gid = kc_val($attrib, 'gid'); if ($gid == 0) { //默认帐号 } $group = $this->infoGroup($gid); $tmp = new KC_Template_class(); $tmp->assign('gid', $group['gid']); $tmp->assign('name', $group['kname']); $tmp->assign('access', $group['kaccess']); $tmp->assign('menu', $group['kmenu']); $s = $tmp->output($inner); return $s; }
/** 返回管理首页的快捷菜单列表 @return array */ public function tag_lnk($inner, $ass, $attrib) { global $king; if ($inner) { $tmp = new KC_Template_class(); if (!($res = $king->db->getRows("select kid,kname,kpath,konclick,kimage,isblank,ktitle from %s_lnk where adminid=" . $king->admin['adminid'] . " order by norder desc"))) { $res = array(); } foreach ($res as $rs) { $tmp->assign('id', $rs['kid']); $tmp->assign('name', htmlspecialchars($rs['kname'])); $tmp->assign('href', htmlspecialchars($rs['kpath'])); $tmp->assign('onclick', htmlspecialchars($rs['konclick'])); $tmp->assign('image', 'system/images/lnk/' . $rs['kimage']); $tmp->assign('target', $rs['isblank'] ? 'target="_blank"' : ''); $tmp->assign('title', htmlspecialchars($rs['ktitle'])); $s .= $tmp->output($inner); } } else { //默认输出的项目 $cachepath = 'system/lnk/' . $king->admin['adminid']; $s = $king->cache->get($cachepath); if (!$s) { if (!($res = $king->db->getRows("SELECT kid,kname,kpath,konclick,kimage,isblank,ktitle FROM %s_lnk where adminid=" . $king->admin['adminid'] . " order by norder desc"))) { $res = array(array('norder' => 10, 'kname' => '栏目管理', 'ktitle' => '栏目管理中心', 'kpath' => '../portal/manage.php', 'kimage' => 'panel.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 9, 'kname' => '爬虫管理', 'ktitle' => '爬虫访问管理', 'kpath' => '../system/manage.php?action=bot', 'kimage' => 'bot.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 8, 'kname' => '管理日志', 'ktitle' => '管理员访问操作日志', 'kpath' => '../system/manage.php?action=log', 'kimage' => 'log.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 7, 'kname' => '附件管理', 'ktitle' => '已上传文件管理', 'kpath' => '../system/manage.php?action=upfile', 'kimage' => 'upfile.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 6, 'kname' => '首选项', 'ktitle' => 'CMS系统参数设置', 'kpath' => '../system/manage.php?action=config', 'kimage' => 'system.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 5, 'kname' => '管理员', 'ktitle' => '管理员信息及密码设置', 'kpath' => '../system/manage.php?action=admin', 'kimage' => 'admin.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 4, 'kname' => '模块管理', 'ktitle' => '模块管理', 'kpath' => '../system/manage.php?action=module', 'kimage' => 'module.gif', 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 3, 'kname' => 'KingCMS', 'ktitle' => 'KingCMS官方网站', 'kpath' => 'http://www.kingcms.com/', 'kimage' => 'lnk.gif', 'isblank' => 1, 'adminid' => $king->admin['adminid'], 'konclick' => ''), array('norder' => 2, 'kname' => 'Forums', 'ktitle' => 'KingCMS论坛', 'kpath' => 'http://bbs.kingcms.com/', 'kimage' => 'lnk.gif', 'isblank' => 1, 'adminid' => $king->admin['adminid'], 'konclick' => '')); foreach ($res as $rs) { $king->db->insert('%s_lnk', $rs); } } $s = '<div id="k_lnk">'; foreach ($res as $rs) { $s .= '<a href="' . htmlspecialchars($rs['kpath']) . '" ' . (!empty($rs['isblank']) ? 'target="_blank"' : '') . ' onclick="' . htmlspecialchars($rs['konclick']) . '" title="' . htmlspecialchars($rs['ktitle']) . '"><img src="images/lnk/' . $rs['kimage'] . '"/><i>' . htmlspecialchars($rs['kname']) . '</i></a>'; } $s .= '<a href="http://www.kingcms.com/license/" target="_blank" title="' . $king->lang->get('system/common/license') . '"><img src="images/lnk/license.gif"/><i>' . $king->lang->get('system/common/license') . '</i></a>'; $s .= '<a href="javascript:;" class="k_ajax" rel="{URL:\'../system/manage.php\',CMD:\'faq\'}"><img src="images/lnk/faq.gif" title="' . $king->lang->get('system/common/faq') . '"/><i>' . $king->lang->get('system/common/faq') . '</i></a>'; $s .= '<a href="manage.php?action=lnk" title="' . $king->lang->get('system/title/lnk') . '"><img src="images/lnk/modify.gif"/><i>' . $king->lang->get('system/level/lnk') . '</i></a>'; $s .= '</div>'; $king->cache->put($cachepath, $s); } } return $s; }
/** @param string $name 标签名 portal.article @param string $inner 循环体内的 @param array $ass assign 内容 @param array $attrib 属性数组 @return string */ public function tag($name, $inner, $ass, $attrib) { global $king; $name = kc_val($attrib, 'name'); if (empty($name)) { return $king->lang->get('block/error/name', 4); } if (!($res = $king->db->getRows("select kid,ntype,bid,kcontent from %s_block where kname='" . $king->db->escape($name) . "' "))) { return $king->lang->get('block/error/name', 5); } $array = array(); foreach ($res as $rs) { $array["{$rs['ntype']}-{$rs['bid']}"] = $rs['kcontent']; } //很麻烦的绑定判断 $listid = kc_val($ass, 'listid'); if (empty($listid)) { //如果listid为空值的话,直接调用默认值 $content = kc_val($array, '0-0'); } else { if (isset($array["1-{$listid}"])) { //先判断listid $content = $array["1-{$listid}"]; } else { //再判断modelid if (!isset($ass['modelid'])) { //若ass中没有modelid,则从info中加载 $king->Load('portal'); //加载portal类 $info = $king->portal->infoList($listid); $modelid = $info['modelid']; } else { $modelid = $ass['modelid']; } //判断modelid if (isset($array["2-{$modelid}"])) { $content = $array["2-{$modelid}"]; } else { //连modelid都没有的情况下才会去判断siteid if (!isset($ass['siteid'])) { //若ass中没有siteid if (empty($info)) { //如果info没有加载,则加载,似乎这个可能性发生的概率为0? $king->Load('portal'); $info = $king->portal->infoList($listid); } $siteid = $info['siteid']; } else { $siteid = $ass['siteid']; } if (isset($array["3-{$siteid}"])) { $content = $array["3-{$siteid}"]; } else { //只能调用默认值 $content = kc_val($array, "0-0"); } } } } //获得了$content值后,调用模板解析 $tmp = new KC_Template_class(); if (is_array($ass)) { foreach ($ass as $key => $val) { $tmp->assign($key, $val); } } $s = $tmp->output($content); return $s; }
/** 上传付款凭证 */ function king_bank() { global $king; $oid = kc_get('oid', 2, 1); if (!($rs = $king->db->getRows_one("select ono,kname,nnumber,ntotal,kfeedback,eid,nexpress,userid,nstatus from %s_orders where oid={$oid}"))) { kc_error($king->lang->get('system/error/param')); } if ($rs['userid'] > 0) { $king->Load('user'); $king->user->access(); //如果有记录用户,则做登录验证 if ($king->user->userid != $rs['userid']) { $king->portal->error($king->lang->get('system/common/error'), $king->lang->get('portal/error/cart')); } } if ((int) $rs['nstatus'] !== 2) { $king->portal->error($king->lang->get('system/common/error'), $king->lang->get('portal/error/status')); } $s = '<table class="k_table_list" cellspacing="0">'; $s .= '<caption>' . $king->lang->get('portal/cart/prodinfo') . '</caption>'; $s .= '<tr><th class="w150">' . $king->lang->get('portal/cart/youorders') . '</th><td><strong class="red">' . $rs['ono'] . '</strong></td>'; $s .= '<th>' . $king->lang->get('portal/cart/prodname') . '</th><td>' . $rs['kname'] . '</td></tr>'; $s .= '<tr><th>' . $king->lang->get('portal/cart/total') . '</th><td>' . $rs['nnumber'] . '件</td>'; $s .= '<th>' . $king->lang->get('portal/cart/alltotal') . '</th><td>' . number_format($rs['ntotal'], 2) . '</td></tr>'; $s .= '</table>'; if ($_FILES) { $ext = strtolower(kc_f_ext($_FILES['bankfile']['name'])); kc_f_md($king->config('uppath') . "/orders"); if (!in_array($ext, array('jpg', 'jpeg'))) { $s .= '<p class="k_error">' . $king->lang->get('portal/error/ext') . '</p>'; //提示文件类型不正确 $s .= '<p><a href="cart.php?action=bank&oid=' . $oid . '">' . $king->lang->get('portal/cart/reup') . '</a></p>'; } elseif (move_uploaded_file($_FILES['bankfile']['tmp_name'], ROOT . $king->config('uppath') . "/orders/{$oid}.jpg")) { $s .= '<p>' . $king->lang->get('portal/cart/upok') . '</p>'; $array = array('paymethod' => 'bank'); $king->db->update('%s_orders', $array, "oid={$oid}"); } else { $s .= '<p class="k_error">' . $king->lang->get('portal/error/upbank') . '</p>'; } } else { $s .= $king->openForm('cart.php?action=bank', null, 1); $s .= '<p>' . $king->lang->get('portal/cart/bankmemo') . '</p>'; $s .= '<p>' . $king->lang->get('portal/cart/bankmemo1') . '</p>'; $s .= $king->htmForm($king->lang->get('portal/cart/upbank'), "<input type=\"file\" name=\"bankfile\" class=\"k_in w400\" />"); $hide = array('oid' => $oid, 'MAX_FILE_SIZE' => 204800); $s .= kc_htm_hidden($hide); $s .= $king->closeForm($king->lang->get('system/common/upfile')); } $tmp = new KC_Template_class($king->config('templateorders', 'portal')); $tmp->assign('oid', $oid); $tmp->assign('title', $king->lang->get('portal/cart/upbank')); $tmp->assign('nav', $king->lang->get('portal/cart/upbank')); $tmp->assign('type', 'edit'); $tmp->assign('inside', $s); echo $tmp->output(); }
function king_edt() { global $king; $king->load('user'); //初始化zf $listid = kc_get('listid', 2, 1); //$info['listid']; $info = $king->portal->infoList($listid); $model = $king->portal->infoModel($info['modelid']); $kid = kc_get('kid', 2); $kid1 = kc_get('kid1', 2); $isuser = $kid1 ? 'isuser2' : 'isuser1'; //次页:首页 $array_field = array_keys($model['field'][$isuser]); $sql_field = implode(',', $array_field); //[tablemodel]字段调用 //读取管理员列表 $editors = $king->portal->getListEditor($listid); if (!is_array($editors)) { $editors = array(); } //用户权限及登录验证 if ($info['gidpublish'] == -1) { $user = array('userid' => 0, 'username' => '[' . $king->lang->get('user/name/guest') . ']'); } else { $user = $king->user->access(); if (!in_array($king->user->userid, $editors) && $info['gidpublish']) { //非栏目编辑 并 限制组会员 ;栏目编辑员则跳过此验证 $king->user->access($info['gidpublish']); } } //发帖验证,检查是否为不允许发布 //0不允许发布|1直接发布|2验证后发布 if (!in_array($user['userid'], $editors)) { //栏目编辑员无需验证 if ((int) $info['ispublish' . ($kid1 ? 2 : 1)] === 0) { $king->portal->error($king->lang->get('portal/title/stop'), $king->lang->get('portal/error/stop')); } } //当kid有值的时候(编辑),进行所有权验证 if ($kid) { $user = empty($user) ? $king->user->access() : $user; //如果$user为null则进行登录验证,目的是要获得userid $id = $king->portal->infoID($listid, $kid); if (in_array($king->user->userid, $editors) || (int) $id['userid'] === (int) $king->user->userid) { if (!in_array($king->user->userid, $editors)) { //如果不是栏目管理员,则进行有效期验证 if (time() - $model['nlocktime'] * 3600 > $id['ndate'] && (int) $model['nlocktime'] !== 0) { //如果超过可允许编辑时间期限 并 可编辑时间不能为0,则提示错误 $king->portal->error($king->lang->get('portal/title/stop'), $king->lang->get('portal/error/timeout')); } } } else { $king->portal->error($king->lang->get('portal/title/stop'), $king->lang->get('portal/error/noaccess')); } } $fields = explode(',', $sql_field); if ($GLOBALS['ismethod'] || $kid == '') { //POST过程或新添加的过程 $data = $_POST; if (!$GLOBALS['ismethod']) { //初始化新添加的数据 $data['kpath'] = $king->portal->depathMode($info); $data['nshow'] = 1; $array_field_default = $model['field']['default']; foreach ($array_field_default as $key => $val) { $data[$key] = $val; } //从URL中获取初始值 foreach ($fields as $val) { if (isset($_GET[$val])) { $data[$val] = $_GET[$val]; } } } } else { //编辑数据,从数据库读出 //判断是否为栏目编辑 或 所有人 if (!($data = $king->db->getRows_one('select ' . $sql_field . ' from %s__' . $model['modeltable'] . ' where kid=' . $kid . ' limit 1;'))) { kc_error($king->lang->get('system/error/param') . '<br/>select ' . $sql_field . ' from %s__' . $model['modeltable'] . ' where kid=' . $kid . ' limit 1;' . '<br/>File:' . basename(__FILE__) . ';Line:' . __LINE__); } } $data = kc_data($fields, $data); $data['kid'] = $kid; if (!($res = $king->db->getRows("select * from %s_field where modelid={$info['modelid']} and {$isuser}=1 and kid1=0 order by norder,kid;"))) { //全部调用 $res = array(); } $s = $king->openForm('index.php?action=edt'); $s .= kc_htm_hidden(array('listid' => $listid, 'kid' => $kid, 'kid1' => $kid1)); //这个隐藏域不要放在下面 foreach ($res as $rs) { $s .= $king->portal->formdecode($rs, $data, $info, 0, $kid1 ? 2 : 1); } $s .= $king->closeForm($king->lang->get('system/common/publish')); //数据处理 if ($GLOBALS['ischeck']) { $_array = array(); //设置为空数组 //收集字段的值 foreach ($array_field as $val) { if (substr($val, 0, 1) == 'n') { $_array[$val] = $data[$val] ? 1 : 0; } else { if (is_array($data[$val])) { $_array[$val] = implode(',', $data[$val]); } else { $_array[$val] = $data[$val]; } } } //listid & kid1 $_array['listid'] = $data['listid']; $_array['kid1'] = $data['kid1'] ? $data['kid1'] : 0; /** 检查kpath是否在键名列表里,如果有则判断是否为空值 如果没有,则补充 */ if (empty($_array['kpath'])) { $_array['kpath'] = $king->portal->depathMode($info); } /** 检查kkeywords,如果没有,则自动补充其值 如果有,则更新列表 */ $_array['kkeywords'] = !empty($data['kkeywords']) ? $king->portal->getKey($_array['ktitle'], $_array['kkeywords']) : $king->portal->getKey($_array['ktitle']); /** 检查ktag,如果没有,则自动补充其值 如果有,则更新列表 */ $_array['ktag'] = !empty($data['ktag']) ? $king->portal->getTag($_array['ktitle'], $_array['ktag']) : $king->portal->gettag($_array['ktitle']); /** 如果description值为空,则从content中获取 */ if (empty($data['kdescription']) && !empty($data['kcontent'])) { $kdescription = strip_tags($data['kcontent']); $kdescription = preg_replace('/\\&[a-z]{1,6};/', '', $kdescription); $_array['kdescription'] = kc_substr($kdescription, 0, 200); } //副标题长度 $_array['nsublength'] = isset($data['ksubtitle']) ? kc_strlen($data['ksubtitle']) : 0; //更新时间 $_array['nlastdate'] = time(); //如果有kid1值,则对kid1对应的nlastdate进行更新 if ($kid1) { $king->db->update('%s__' . $model['modeltable'], array('nlastdate' => time()), 'kid=' . $kid1 . ' limit 1'); } //添加&更新数据 if ($kid) { //update $king->db->update('%s__' . $model['modeltable'], $_array, 'kid=' . $kid); $_nlog = 7; } else { $_array['ndate'] = time(); $_array['norder'] = $king->db->neworder('%s__' . $model['modeltable']); $_array['userid'] = $user['userid']; $_array['nshow'] = $info['ispublish' . ($kid1 ? 2 : 1)]; $kid = $king->db->insert('%s__' . $model['modeltable'], $_array); $_nlog = 5; if ($kid == 0) { kc_error($king->lang->get('system/error/insert') . kc_clew(__FILE__, __LINE__, nl2br(print_r($_array, 1)))); } } //更新列表信息 $king->portal->lastUpdated($listid, 'list'); //删除缓存重建缓存 $king->cache->del('portal/list/' . $listid); kc_f_delete($king->config('xmlpath', 'portal') . '/portal/' . $info['modelid'] . '/' . wordwrap($kid, 1, '/', 1) . '.xml'); $id = $king->portal->infoID($listid, $kid); if ($kid1) { kc_f_delete($king->config('xmlpath', 'portal') . '/portal/' . $info['modelid'] . '/' . wordwrap($kid1, 1, '/', 1) . '.xml'); $id = $king->portal->infoID($listid, $kid1); } //生成操作 if ($info['npage'] == 0) { if ($info['npagenumber'] == 1) { $king->portal->createPage($listid, $kid1 ? $kid1 : $kid); //$listid,$kid,$pid=1,$is=null $subkid = $id['subkid']; if (isset($subkid)) { $subid = explode(',', $subkid); foreach ($subid as $sid) { $king->portal->createPage($listid, $sid); } } } else { $pcount = ceil($id['ncount'] / $info['npagenumber']); for ($i = 1; $i <= $pcount; $i++) { $king->portal->createPage($listid, $kid1 ? $kid1 : $kid, $i); } } } //跳转,当留言反馈类型的时候,这个跳转需要改动 echo "<script type=\"text/javascript\">parent.location='" . $king->portal->pathPage($info, $id['kid'], $id['kpath']) . "'</script>"; } $tmp = new KC_Template_class($model['ktemplatepublish']); $tmp->assign('inside', $s); $tmp->assign('listid', $listid); $tmp->assign('title', $info['klistname']); $tmp->assign('type', 'edit'); echo $tmp->output(); // list($left,$right)=king_inc_list(); // $king->skin->output($king->lang->get('portal/title/content'.($kid?'edt':'add')),$left,$right,$s); }
private function tag_dbquery($inner, $attrib) { $query = kc_val($attrib, 'query'); $s = ''; if ($res = $this->db->getRows($query)) { $tmp = new KC_Template_class(); foreach ($res as $rs) { foreach ($rs as $key => $val) { $tmp->assign($key, $val); } $s .= $tmp->output($inner); } } return $s; }
function king_def() { global $king; //die(uc_user_synlogin(2)); if ($GLOBALS['ismethod']) { //POST过程 $data = $_POST; } else { $data = array('re' => kc_val($_SERVER, 'HTTP_REFERER')); } $data = kc_data(array('re', 'username', 'userpass', 'expire')); if ($king->config('blackuser', 'user')) { $array_black = explode('|', $king->config('blackuser', 'user')); $array_black = array_diff($array_black, array(null)); } else { $array_black = array(); } $s = $king->openForm('login.php'); //username $_array = array(array('username', 0, 3, 15), array('username', 14, $king->lang->get('portal/check/reg/u-1'), array('*', '\\', ':', '?', '<', '>', '|', ';', ',', '\'', '!', '~', '$', '#', '@', '^', '(', ')', '{', '}', '=', '+', '%', '/')), array('username', 14, $king->lang->get('portal/check/reg/u-2'), $array_black)); $s .= $king->htmForm($king->lang->get('portal/user/name'), '<input class="k_in w150" type="text" name="username" value="' . htmlspecialchars($data['username']) . '" maxlength="15" />', $_array, null, "<tt><a href=\"javascript:; \" class=\"k_user_register\">" . $king->lang->get('portal/user/reg') . "</a></tt>"); //pass $_array = array(array('userpass', 0, 6, 30)); if ($data['userpass'] && $GLOBALS['ischeck']) { //有密码 并 账号验证成功的时候进行验证 $username = $data['username']; $is = False; if ($king->user->isuc) { //如果有UC if ($array_uc = uc_user_login($data['username'], $data['userpass'])) { //链接成功 if ((int) $array_uc[0] < 0) { //用户名不存在或密码错误 if ($res = $king->db->getRows_one("select usermail,userpass,ksalt,userid from %s_user where username='******' and uid=0")) { //判断本地是否存在这个用户并且未同步到uc $userid = $res['userid']; if (md5($res['ksalt'] . $data['userpass']) == $res['userpass']) { //检测密码 $uid = uc_user_register($username, $data['userpass'], $res['usermail']); //注册用户到uc $king->db->update('%s_user', array('lastlogindate' => time(), 'uid' => $uid > 0 ? $uid : 0), 'username=\'' . $king->db->escape($username . '\'')); uc_user_login($data['username'], $data['userpass']); } else { $is = True; $errId = -2; } } else { $is = True; $errId = $array_uc[0]; } } else { //登录成功的时候,检查一下本地是否有这个账号 $uid = $array_uc[0]; //UC中的UID if ($res = $king->db->getRows_one("select userpass,ksalt,userid from %s_user where username='******'")) { //如果有这么个账号 $userid = $res['userid']; if (md5($res['ksalt'] . $data['userpass']) != $res['userpass']) { //若不一致,则进行更新 $userpass = md5($res['ksalt'] . $data['userpass']); $king->db->update('%s_user', array('userpass' => $userpass, 'lastlogindate' => time()), 'username=\'' . $king->db->escape($username . '\'')); } else { $king->db->update('%s_user', array('lastlogindate' => time()), 'username=\'' . $king->db->escape($username . '\'')); } } else { //如果本地没有这个账号,则添加 $usermail = $array_uc[3]; $ksalt = kc_random(6); $array = array('username' => $username, 'userpass' => md5($ksalt . $data['userpass']), 'usermail' => $usermail, 'ksalt' => $ksalt, 'uid' => $uid, 'regdate' => time(), 'lastlogindate' => time()); $king->db->insert('%s_user', $array); $res = $king->db->getRows_one("select userid from %s_user where uid='" . $uid . "' and isdelete=0"); $userid = $res['userid']; } } } else { kc_error($king->lang->get('portal/error/connect')); //连接错误 } } else { //如果没有UC if ($res = $king->db->getRows_one("select userpass,ksalt,userid from %s_user where username='******' and isdelete=0")) { //如果有这么个账号 $md5pass = md5($res['ksalt'] . $data['userpass']); // kc_error($md5pass."\t".$res['userpass']); if ($md5pass != $res['userpass']) { //若不一致,提示错误 $is = True; $errId = -2; } else { //验证通过 $userid = $res['userid']; $king->db->update('%s_user', array('lastlogindate' => time()), 'userid=' . $userid); // $userpass=md5($res['ksalt'].$data['userpass']); } } else { $is = True; $errId = -1; } } if (!empty($errId)) { $_array[] = array('userpass', 12, $king->lang->get('portal/check/pwd/p' . $errId), $is); } } $s .= $king->htmForm($king->lang->get('portal/user/pass') . '', '<input class="k_in w150" type="password" name="userpass" maxlength="30" />', $_array, null, "<tt><a href=\"javascript:;\" class=\"k_user_lostpwd\">" . $king->lang->get('portal/user/lostpwd') . "</a></tt>"); //expire $array_select = array(0 => $king->lang->get('system/time/cookie'), 86400 => $king->lang->get('system/time/oneday'), 2592000 => $king->lang->get('system/time/jan'), 15768000 => $king->lang->get('system/time/halfyear'), 31536000 => $king->lang->get('system/time/ayear'), 315360000 => $king->lang->get('system/time/forever')); $s .= $king->htmForm($king->lang->get('portal/user/expire'), kc_htm_radio('expire', $array_select, 2592000)); //verify $verify = new KC_Verify_class(); $s .= $verify->Show(); $s .= kc_htm_hidden(array('re' => $data['re'])); $s .= $king->closeForm($king->lang->get('system/common/login')); if ($GLOBALS['ischeck']) { //写Cookie $s = $king->user->userLogin($userid, $data['expire']); $array = array('<a href="/">' . $king->lang->get('portal/user/return/home') . '</a>', '<a href="index.php">' . $king->lang->get('portal/user/return/uc') . '</a>'); if ($data['re']) { $array[] = '<a href="' . $data['re'] . '">' . $king->lang->get('portal/user/return/re') . ' : ' . $data['re'] . '</a>'; $goto = $data['re']; } else { $goto = $king->config('inst') . 'user/index.php'; } $s .= kc_htm_ol($king->lang->get('portal/user/loginok'), $array, $goto); } $tmp = new KC_Template_class($king->config('templateuser', 'user'), $king->config('templatepath') . '/inside/user/login.htm'); $tmp->assign('main', $s); $tmp->assign('title', $king->lang->get('portal/title/login')); echo $tmp->output(); }
/** 对king:portal.comment的解析 Code By: CiBill @param @return */ private function tag_comment($inner, $attrib) { global $king; //读取数量 $number = kc_val($attrib, 'number', 30); $number = kc_validate($number, 2) ? $number : 30; //跳过条数 $skip = kc_val($attrib, 'skip', 0); $skip = kc_validate($skip, 2) ? $skip : 0; //查询条件 $whereArray = array(); $modelid = kc_val($attrib, 'modelid'); //modelid if (!kc_validate($modelid, 2)) { //如果没有modelid传入,则通过listid获取modelid $listid = kc_val($attrib, 'listid'); //listid if (kc_validate($listid, 2)) { //listid为数字时,读取单个modelid if ($list = $king->portal->infoList($listid)) { $modelid = $list['modelid']; $whereArray[] = "modelid={$modelid}"; } else { return false; } } elseif (kc_validate($listid, 3)) { $listid = explode(',', $listid); $modelid = array(); foreach ($listid as $val) { if ($list = $king->portal->infoList($val)) { $modelid[] = $list['modelid']; } } if ($modelid) { $modelid = implode(',', $modelid); $whereArray[] = "modelid in ({$modelid})"; } else { return false; } } } $kid = kc_val($attrib, 'kid'); //文章id if (kc_validate($kid, 2)) { $whereArray[] = "kid={$kid}"; } elseif (kc_validate($kid, 3)) { $whereArray[] = "kid in ({$kid})"; } $orderby = isset($attrib['orderby']) ? ' ORDER BY ' . $attrib['orderby'] : ' ORDER BY cid desc'; $where = $whereArray ? 'where ' . implode(' and ', $whereArray) : ''; $limit = 'limit ' . $skip . ',' . $number; $tmp = new KC_Template_class(); /*if($skip==0 && $number==30 && kc_validate($kid,2) && kc_validate($modelid,2)){ $comment=$king->portal->infoComment($modelid,$kid); if(!$comment)return false; }else*/ if (!($comment = $king->db->getRows("select * from %s_comment {$where} {$orderby} {$limit}"))) { return false; } $s = ''; foreach ($comment as $rs) { $tmp->assign('id', $rs['cid']); $tmp->assign('kid', $rs['kid']); $tmp->assign('modelid', $rs['modelid']); $tmp->assign('username', $rs['username']); $content = $rs['kcontent']; if (substr($content, 0, 7) == '[quote]') { $rid = intval(substr($content, 7, 10)); if ($r = $king->db->getRows_One("select * from %s_comment where cid={$rid}")) { $r['kcontent'] = preg_replace("/\\[quote].*\\[\\/quote]/siU", '', $r['kcontent']); $ypost = "Originally posted by <i><b>" . ($r['username'] != '' ? $r['username'] : '******') . "</b></i> at " . kc_formatdate($r['ndate'], 'Y-m-d') . ":<br>"; $include = "<table border=0 width='100%' cellspacing=1 cellpadding=10 bgcolor='#cccccc'><tr><td width='100%' bgcolor='#FFFFFF' style='word-break:break-all'>" . $ypost . $r['kcontent'] . "</td></tr></table>"; $content = str_replace("[quote]" . $rid . "[/quote]", $include, $content); } } $tmp->assign('content', $content); $tmp->assign('ip', long2ip($rs['nip'])); $tmp->assign('date', $rs['ndate']); $s .= $tmp->output($inner); } return $s; }