function category_get_wheresql($cat) { $wheresql = ''; if (is_array($cat)) { $catid = $cat['catid']; if (!empty($cat['subs'])) { include_once libfile('function/portalcp'); $subcatids = category_get_childids('portal', $catid); $subcatids[] = $catid; $wheresql = "at.catid IN (" . dimplode($subcatids) . ")"; } else { $wheresql = "at.catid='{$catid}'"; } } $wheresql .= " AND at.status='0'"; return $wheresql; }
function getdata($style, $parameter) { global $_G; $parameter = $this->cookparameter($parameter); $aids = !empty($parameter['aids']) ? explode(',', $parameter['aids']) : array(); $uids = !empty($parameter['uids']) ? explode(',', $parameter['uids']) : array(); $keyword = !empty($parameter['keyword']) ? $parameter['keyword'] : ''; $tag = !empty($parameter['tag']) ? $parameter['tag'] : array(); $starttime = !empty($parameter['starttime']) ? strtotime($parameter['starttime']) : 0; $endtime = !empty($parameter['endtime']) ? strtotime($parameter['endtime']) : 0; $publishdateline = isset($parameter['publishdateline']) ? intval($parameter['publishdateline']) : 0; $startrow = isset($parameter['startrow']) ? intval($parameter['startrow']) : 0; $items = isset($parameter['items']) ? intval($parameter['items']) : 10; $titlelength = isset($parameter['titlelength']) ? intval($parameter['titlelength']) : 40; $summarylength = isset($parameter['summarylength']) ? intval($parameter['summarylength']) : 80; $clickarr = array('click1', 'click2', 'click3', 'click4', 'click5', 'click6', 'click7', 'click8'); $orderby = in_array($parameter['orderby'], array_merge(array('dateline', 'viewnum', 'commentnum'), $clickarr)) ? $parameter['orderby'] : 'dateline'; $catid = array(); if (!empty($parameter['catid'])) { if ($parameter['catid'][0] == '0') { unset($parameter['catid'][0]); } $catid = $parameter['catid']; } $picrequired = !empty($parameter['picrequired']) ? 1 : 0; $bannedids = !empty($parameter['bannedids']) ? explode(',', $parameter['bannedids']) : array(); loadcache('portalcategory'); $list = array(); $wheres = array(); if ($aids) { $wheres[] = 'at.aid IN (' . dimplode($aids) . ')'; } if ($uids) { $wheres[] = 'at.uid IN (' . dimplode($uids) . ')'; } if ($catid) { include_once libfile('function/portalcp'); $childids = array(); foreach ($catid as $id) { if ($_G['cache']['portalcategory'][$id]['disallowpublish']) { $childids = array_merge($childids, category_get_childids('portal', $id)); } } $catid = array_merge($catid, $childids); $catid = array_unique($catid); $wheres[] = 'at.catid IN (' . dimplode($catid) . ')'; } if (!$aids && !$catid && $_G['setting']['blockmaxaggregationitem']) { if (($maxid = $this->getmaxid() - $_G['setting']['blockmaxaggregationitem']) > 0) { $wheres[] = 'at.aid > ' . $maxid; } } if (empty($aids) && $picrequired) { $wheres[] = "at.pic != ''"; } if ($publishdateline) { $time = TIMESTAMP - $publishdateline; $wheres[] = "at.dateline >= '{$time}'"; } if ($starttime) { $wheres[] = "at.dateline >= '{$starttime}'"; } if ($endtime) { $wheres[] = "at.dateline <= '{$endtime}'"; } if ($bannedids) { $wheres[] = 'at.aid NOT IN (' . dimplode($bannedids) . ')'; } $wheres[] = "at.status='0'"; if (is_array($tag)) { $article_tags = array(); foreach ($tag as $k) { $article_tags[$k] = 1; } include_once libfile('function/portalcp'); $v = article_make_tag($article_tags); if ($v > 0) { $wheres[] = "(at.tag & {$v}) = {$v}"; } } if ($keyword) { require_once libfile('function/search'); $keyword = searchkey($keyword, "at.title LIKE '%{text}%'"); } $wheresql = $wheres ? implode(' AND ', $wheres) : '1'; if (in_array($orderby, $clickarr)) { $orderby = "at.{$orderby} DESC,at.dateline DESC"; } else { $orderby = $orderby == 'dateline' ? 'at.dateline DESC ' : "ac.{$orderby} DESC"; } $query = DB::query("SELECT at.*, ac.viewnum, ac.commentnum FROM " . DB::table('portal_article_title') . " at LEFT JOIN " . DB::table('portal_article_count') . " ac ON at.aid=ac.aid WHERE {$wheresql}{$keyword} ORDER BY {$orderby} LIMIT {$startrow}, {$items}"); while ($data = DB::fetch($query)) { if (empty($data['pic'])) { $data['pic'] = STATICURL . 'image/common/nophoto.gif'; $data['picflag'] = '0'; } else { $data['pic'] = $data['pic']; $data['picflag'] = $data['remote'] == '1' ? '2' : '1'; } $list[] = array('id' => $data['aid'], 'idtype' => 'aid', 'title' => cutstr($data['title'], $titlelength, ''), 'url' => 'portal.php?mod=view&aid=' . $data['aid'], 'pic' => $data['pic'], 'picflag' => $data['picflag'], 'summary' => cutstr(strip_tags($data['summary']), $summarylength, ''), 'fields' => array('uid' => $data['uid'], 'username' => $data['username'], 'avatar' => avatar($data['uid'], 'small', true, false, false, $_G['setting']['ucenterurl']), 'avatar_middle' => avatar($data['uid'], 'middle', true, false, false, $_G['setting']['ucenterurl']), 'avatar_big' => avatar($data['uid'], 'big', true, false, false, $_G['setting']['ucenterurl']), 'fulltitle' => $data['title'], 'dateline' => $data['dateline'], 'caturl' => $_G['cache']['portalcategory'][$data['catid']]['caturl'], 'catname' => $_G['cache']['portalcategory'][$data['catid']]['catname'], 'articles' => $_G['cache']['portalcategory'][$data['catid']]['articles'], 'viewnum' => intval($data['viewnum']), 'commentnum' => intval($data['commentnum']))); } return array('html' => '', 'data' => $list); }
$query = DB::query("SELECT * FROM " . DB::table('portal_article_title') . " WHERE aid IN (" . dimplode($getidarr) . ")"); $list = array(); while ($value = DB::fetch($query)) { $list[$value['aid']] = $value; } foreach ($getidarr as $getid) { if ($list[$getid]) { $articlelist[] = $list[$getid]; } } } } elseif ($op == 'search') { $catids = array(); $searchkey = stripsearchkey($_GET['searchkey']); $searchcate = intval($_GET['searchcate']); $catids = category_get_childids('portal', $searchcate); $catids[] = $searchcate; if ($searchkey) { $wherearr[] = "title LIKE '%{$searchkey}%'"; } $searchkey = dhtmlspecialchars($searchkey); if ($searchcate) { $wherearr[] = "catid IN (" . dimplode($catids) . ")"; } $wheresql = implode(' AND ', $wherearr); if ($wheresql) { $wheresql = " WHERE " . $wheresql; } $count = DB::result(DB::query("SELECT COUNT(*) FROM " . DB::table('portal_article_title') . "{$wheresql} LIMIT 50"), 0); if ($count) { $query = DB::query("SELECT * FROM " . DB::table('portal_article_title') . "{$wheresql} ORDER BY dateline DESC LIMIT 50");
function category_get_childids($type, $catid, $depth = 3) { global $_G; if (!in_array($type, array('portal', 'blog', 'album'))) { return array(); } loadcache($type . 'category'); $category = $_G['cache'][$type . 'category']; $catids = array(); if (isset($category[$catid]) && !empty($category[$catid]['children']) && $depth) { $catids = $category[$catid]['children']; foreach ($category[$catid]['children'] as $id) { $catids = array_merge($catids, category_get_childids($type, $id, $depth - 1)); } } return $catids; }
include_once libfile('function/portalcp'); $mpurl = ADMINSCRIPT . '?action=article&operation=' . $operation; $intkeys = array('aid', 'uid'); $strkeys = array(); $randkeys = array(); $likekeys = array('title', 'username'); $results = getwheres($intkeys, $strkeys, $randkeys, $likekeys); foreach ($likekeys as $k) { $_GET[$k] = dhtmlspecialchars($_GET[$k]); } $wherearr = $results['wherearr']; $mpurl .= '&' . implode('&', $results['urls']); if (!empty($_GET['catid'])) { $catid = intval($_GET['catid']); $mpurl .= '&catid=' . $catid; $catids = category_get_childids('portal', $_GET['catid']); $catids[] = $_GET['catid']; $wherearr[] = 'catid IN (' . dimplode($catids) . ')'; } if (!empty($_GET['tag'])) { $tag = article_make_tag($_GET['tag']); $wherearr[] = "(tag & '{$tag}' = '{$tag}')"; foreach ($_GET['tag'] as $k => $v) { $mpurl .= "&tag[{$k}]={$v}"; } } $wheresql = empty($wherearr) ? '1' : implode(' AND ', $wherearr); $orders = getorders(array('dateline'), 'aid'); $ordersql = $orders['sql']; if ($orders['urls']) { $mpurl .= '&' . implode('&', $orders['urls']);
$typearr[$_GET['type']] = 'class="a"'; $theurl = "portal.php?mod=portalcp&ac=category&catid={$catid}&perpage={$perpage}&type={$_GET['type']}&formhash=" . FORMHASH . "&searchkey=" . urlencode($_GET['searchkey']); $allowmanage = checkperm('allowmanagearticle'); $allowpost = checkperm('allowpostarticle'); $catids = $wherearr = array(); $category = $_G['cache']['portalcategory']; $permission = getallowcategory($_G['uid']); if ($catid) { if (!$allowmanage && !$allowpost && empty($permission[$catid]['allowmanage']) && empty($permission[$catid]['allowpublish'])) { showmessage('portal_nopermission'); } $cate = $category[$catid]; if (empty($cate)) { showmessage('article_category_empty'); } $catids = category_get_childids('portal', $catid); $catids[] = $catid; } else { $catids = array_keys($permission); if (!$allowmanage && !$allowpost && empty($catids)) { showmessage('portal_nopermission'); } } if ($_GET['type'] == 'me' || !$admincp2 && !$allowmanage) { $wherearr[] = " uid='{$_G['uid']}'"; } if ($catids) { $wherearr[] = " catid IN (" . dimplode($catids) . ")"; } if ($_GET['searchkey']) { $_GET['searchkey'] = stripsearchkey($_GET['searchkey']);