function pkpost($cacheinfo, $cp = 1) { global $_G, $_SGLOBAL, $theurl, $mname, $checkresults; $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0; $hash = ''; $op = 'add'; $mustverify = false; $resultitems = $resultmessage = $updateitem = array(); $modelsinfoarr = $cacheinfo['models']; $columnsinfoarr = $cacheinfo['columns']; $feedcolum = array(); foreach ($columnsinfoarr as $result) { if ($mname == "groupbuy" && preg_match('/^user_|^ext_/', $result['fieldname'])) { continue; } if ($result['isfixed'] == 1) { $resultitems[] = $result; } else { $resultmessage[] = $result; } if ($result['formtype'] == 'linkage') { if (!empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]]; } } elseif ($result['formtype'] == 'timestamp') { if (empty($_POST[$result['fieldname']])) { $_POST[$result['fieldname']] = $_G['timestamp']; } else { $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]); } } } //輸入檢查 $_POST['subject'] = trim(strip_tags($_POST['subject'])); $itemid = $_POST['itemid']; $checkresults = array(); if (bstrlen($_POST['subject']) < 1 || bstrlen($_POST['subject']) > 80) { array_push($checkresults, array('subject' => lang('space_suject_length_error'))); } //數據檢查 checkvalues(array_merge($resultitems, $resultmessage), 1, 1); //商品價格處理 Start if ($modelsinfoarr['modelname'] == 'good') { if ($_POST['minprice'] > 0 && $_POST['maxprice'] > 0 && $_POST['maxprice'] < $_POST['minprice']) { array_push($checkresults, array('maxprice' => lang('maxprice_must_big_then_minprice'))); } } //商品價格處理 End //修改時檢驗標題圖片是否修改 $defaultmessage = array(); if (!empty($itemid)) { if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) { //當file刪除時,或修改時執行刪除操作 $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); $hash = getmodelhash($modelsinfoarr['mid'], $itemid); deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage')); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid)); $ext = fileext($defaultmessage['subjectimage']); if (in_array($ext, array('jpg', 'jpeg', 'png'))) { @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg'); } @unlink(A_DIR . '/' . $defaultmessage['subjectimage']); } } //構建數據 $setsqlarr = $setitemsqlarr = array(); $setsqlarr = getsetsqlarr($resultitems); $itemgrade = DB::result_first("SELECT grade FROM " . tname($mname . "items") . " WHERE itemid = '{$itemid}'"); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['subjectimage'] = $_POST['subjectimage_value']; } if (empty($_POST['catid']) || $_POST['catid'] < 0) { array_push($checkresults, array('catid' => lang('cat_not_selected'))); } $setsqlarr['catid'] = $_POST['catid']; if ($modelsinfoarr['modelname'] != 'shop') { //限制必填信息所屬店舖 if (pkperm('isadmin')) { if (empty($_POST['shopid'])) { array_push($checkresults, array('shopid' => lang('please_select_shopid'))); } $setsqlarr['shopid'] = intval($_POST['shopid']); } else { $setsqlarr['shopid'] = $_G['myshopid']; } } else { $setsqlarr['letter'] = !empty($_POST['letter']) ? trim($_POST['letter']) : getletter(trim($_POST['subject'])); $setsqlarr['keywords'] = trim(strip_tags($_POST['keywords'])); $setsqlarr['description'] = trim(strip_tags($_POST['description'])); if (!empty($_POST['syncfid'])) { require_once B_ROOT . './api/bbs_syncpost.php'; if (checkbbsfid($_POST['syncfid'])) { $setsqlarr['syncfid'] = intval($_POST['syncfid']); } else { array_push($checkresults, array('syncfid' => lang('syncfid_noexists'))); } } } $setsqlarr['subject'] = $_POST['subject']; $setsqlarr['allowreply'] = 1; if (!empty($checkresults)) { cpmsg('addobject_error', '', '', '', true, true, $checkresults); } if (pkperm('isadmin')) { $setsqlarr['grade'] = isset($_POST['grade']) ? $_POST['grade'] : 3; } elseif ($_G['myshopstatus'] == 'verified') { if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy')) && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['grade'] = !empty($itemid) ? 5 : 0; if (!empty($itemid)) { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } } $mustverify = true; } else { if (in_array($_POST['grade'], array(2, 3))) { $setsqlarr['grade'] = $_POST['grade']; } else { $setsqlarr['grade'] = $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] ? 0 : 3; } } } elseif ($_G['myshopstatus'] == 'unverified') { $setsqlarr['grade'] = 0; } $setsqlarr['dateline'] = $_G['timestamp']; $setsqlarr['uid'] = $_G['uid']; $setsqlarr['username'] = $_G['username']; $setsqlarr['lastpost'] = $setsqlarr['dateline']; // 標題圖片處理 Start if (!empty($modelsinfoarr['thumbsize'])) { $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize'])); $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0]; $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1]; } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { if ($_GET['action'] == 'add') { $hotline = $_SGLOBAL['panelinfo']['tel']; $address = $_SGLOBAL['panelinfo']['address']; } else { $shopinfo = DB::fetch(DB::query("SELECT tel, address FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'")); $hotline = $shopinfo['tel']; $address = $shopinfo['address']; } $dealer_name = DB::result_first("SELECT subject FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'"); $createimgarr = array('id' => intval($_POST['imgtplid']), 'mid' => intval($modelsinfoarr['mid']), 'itemid' => intval($itemid), 'coupon_title' => $setsqlarr['subject'], 'dealer_id' => $setsqlarr['uid'], 'dealer_name' => $dealer_name, 'begin_date' => date('Y-m-d', $setsqlarr['validity_start']), 'end_date' => date('Y-m-d', $setsqlarr['validity_end']), 'brief' => trim($_POST['message']), 'exception' => trim($_POST['exception']), 'address' => $address, 'hotline' => $hotline, 'subjectimagewidth' => $modelsinfoarr['subjectimagewidth'], 'subjectimageheight' => $modelsinfoarr['subjectimageheight']); require_once B_ROOT . './source/adminfunc/tool.func.php'; if ($consumeimgpath = image_text($createimgarr)) { $setsqlarr['subjectimage'] = $consumeimgpath; $setsqlarr['imagetype'] = 0; $setsqlarr['imgtplid'] = intval($_POST['imgtplid']); } } else { $uploadfilearr = $ids = array(); $subjectimageid = ''; $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => '圖片標題', 'formtype' => 'img')), $modelsinfoarr['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']); if (!empty($uploadfilearr)) { $feedsubjectimg = $uploadfilearr; foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['imagetype'] = 1; } } /* --------- 標題圖片處理 End --------------*/ //詞語過濾 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } //發佈時間 $setsqlarr['dateline'] = $_G['timestamp']; // 商品添加簡介 if ($mname == "good") { $setsqlarr['intro'] = trim(strip_tags($_POST['intro'])); } if (empty($itemid)) { //插入數據 $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1); if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy'))) { itemnumreset($modelsinfoarr['modelname'], $setsqlarr['shopid']); } } else { $_SGLOBAL['itemupdate'] = 1; //更新 $op = 'update'; unset($setsqlarr['uid']); unset($setsqlarr['username']); unset($setsqlarr['lastpost']); if ($itemgrade == 1 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 1 && pkperm('isadmin')) { $setsqlarr['grade'] = 1; } elseif ($itemgrade == 0 && !pkperm('isadmin')) { $setsqlarr['grade'] = 0; } elseif ($itemgrade == 0 && pkperm('isadmin')) { $setsqlarr['grade'] = 0; } if (pkperm('isadmin')) { //站長可以post任何數據 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid)); //權限限制 } else { // 店長不允許更改店舖組 unset($setsqlarr['groupid']); if ($modelsinfoarr['modelname'] == 'shop') { unset($setsqlarr['validity_start']); unset($setsqlarr['validity_end']); if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長提交店舖權限檢查 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $_G['myshopid'])); } } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $updatesqlarr = $setsqlarr; } else { //店長只能更改管理的店舖的信息 updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid, 'shopid' => $_G['myshopid'])); } } } $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE itemid = \'' . $itemid . '\''); $defaultmessage = DB::fetch($query); } $hash = getmodelhash($modelsinfoarr['mid'], $itemid); if (!empty($ids)) { $ids = simplode($ids); DB::query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')'); } $do = 'pass'; if ($op == 'update' && !$_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { if (!empty($resultmessage)) { foreach ($resultmessage as $value) { if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) { if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) { //當file刪除時,或修改時執行刪除操作 deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname'])); //刪除附件表 updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('itemid' => $itemid)); @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']] . '.thumb.jpg'); @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]); } } } } } //內容 $setsqlarr = $uploadfilearr = $ids = array(); $setsqlarr = getsetsqlarr($resultmessage); $uploadfilearr = $feedcolum = uploadfile($resultmessage, $modelsinfoarr['modelname'], $itemid, 0); $setsqlarr['message'] = trim($_POST['message']); $setsqlarr['message'] = saddslashes(html2bbcode(stripslashes($setsqlarr['message']))); if ($modelsinfoarr['modelname'] == 'consume') { $setsqlarr['exception'] = trim($_POST['exception']); } if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) { $setsqlarr['address'] = trim($_POST['address']); $setsqlarr['hotline'] = trim($_POST['hotline']); } $setsqlarr['postip'] = $_G['clientip']; if ($modelsinfoarr['modelname'] == 'shop' && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) { $setsqlarr['banner'] = $_POST['banner_value']; $setsqlarr['windowsimg'] = $_POST['windowsimg_value']; } if (!empty($uploadfilearr)) { foreach ($uploadfilearr as $tmpkey => $tmpvalue) { if (empty($tmpvalue['error'])) { $setsqlarr[$tmpkey] = $tmpvalue['filepath']; } if (!empty($tmpvalue['aid'])) { $ids[] = $tmpvalue['aid']; } } } //添加內容 if (!empty($modelsinfoarr['allowfilter'])) { $setsqlarr = scensor($setsqlarr, 1); } if ($op == 'add') { $setsqlarr['itemid'] = $itemid; //添加內容 inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr); } else { if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] && !pkperm('isadmin')) { $_SGLOBAL['updatesqlarr'] = array_merge($updatesqlarr, $setsqlarr); } else { //更新內容 updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid)); } } updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash)); return $itemid; }
function syncpost($itemid, $mname) { if (!in_array($mname, array('album', 'good', 'notice', 'consume', 'groupbuy'))) { if ($mname == 'album') { syncalbum($itmeid); return false; } } global $_G, $_SC, $_SGLOBAL; $bbs_dbpre = $_SC['bbs_dbpre']; $db = new db_mysql(array(1 => array('tablepre' => $_SC['bbs_dbpre'], 'dbcharset' => $_SC['bbs_dbcharset'], 'dbhost' => $_SC['bbs_dbhost'], 'dbuser' => $_SC['bbs_dbuser'], 'dbpw' => $_SC['bbs_dbpw'], 'dbname' => $_SC['bbs_dbname'], 'silent' => true))); $db->connect(); $item = DB::fetch_first("SELECT i.*, m.* FROM " . DB::table($mname . "items") . " i LEFT JOIN " . DB::table($mname . "message") . " m ON i.itemid = m.itemid WHERE i.itemid = '{$itemid}' AND i.grade = 3"); if (empty($item)) { $db->close(); unset($db); return false; } getpanelinfo($item['shopid']); $fid = $_SGLOBAL['panelinfo']['syncfid']; if (!checkbbsfid($fid)) { $db->close(); unset($db); return false; } //插入主題信息 $author = $_SGLOBAL['panelinfo']['username']; $authorid = $_SGLOBAL['panelinfo']['uid']; $subject = "[" . b_lang($mname) . "]" . $item['subject']; $message = postformat($mname, $item); $posttable_info = $db->result_first("SELECT svalue FROM {$bbs_dbpre}common_setting WHERE skey = 'posttable_info'"); $posttableid = 0; if (!empty($posttable_info)) { $posttable_info = unserialize($posttable_info); if (is_array($posttable_info)) { foreach ($posttable_info as $key => $info) { if ($info['type'] == 'primary') { $posttableid = $key; } } } } if (!$posttableid) { $tablename = 'forum_post'; } else { $tablename = "forum_post_{$posttableid}"; } if (empty($item['bbstid'])) { $db->query("INSERT INTO {$bbs_dbpre}forum_thread (fid, posttableid, author, authorid, subject, dateline, lastpost, lastposter)\n VALUES ('{$fid}', '{$posttableid}', '{$author}', '{$authorid}', '{$subject}', '{$_G['timestamp']}', '{$_G['timestamp']}', '{$author}')"); $tid = $db->insert_id(); $db->query("UPDATE {$bbs_dbpre}common_member_field_home SET recentnote = '{$subject}' WHERE uid = '{$authorid}'"); $db->query("INSERT INTO {$bbs_dbpre}forum_post_tableid (pid) values (null)"); $pid = $db->insert_id(); if ($pid % 1024 == 0) { $db->query("DELETE FROM {$bbs_dbpre}forum_post_tableid WHERE pid<{$pid}"); } $db->query("REPLACE INTO {$bbs_dbpre}common_syscache (cname, ctype, dateline, data) VALUES ('max_post_id', '0', '{$_G['timestamp']}', '{$pid}')"); if (!$posttableid) { $tablename = 'forum_post'; } else { $tablename = "forum_post_{$posttableid}"; } $db->query("INSERT INTO {$bbs_dbpre}{$tablename} SET `fid`='{$fid}',`tid`='{$tid}',`first`='1',`author`='{$author}',`authorid`='{$authorid}',`subject`='{$subject}',`dateline`='{$_G['timestamp']}',`message`='{$message} ',`useip`='unknown',`invisible`='0',`anonymous`='0',`usesig`='1',`htmlon`='0',`bbcodeoff`='0',`smileyoff`='-1',`parseurloff`='',`attachment`='0',`tags`='',`pid`='{$pid}'"); $db->query("UPDATE {$bbs_dbpre}forum_forum SET lastpost='{$tid} {$subject} {$_G[timestamp]} {$author}', threads=threads+1, posts=posts+1, todayposts=todayposts+1 WHERE fid='{$fid}'"); $db->query("UPDATE {$bbs_dbpre}common_stat SET `thread`=`thread`+1 WHERE daytime='" . date("Ymd", $_G[timestamp]) . "'"); updatetable($mname . 'items', array('bbstid' => $tid), array('itemid' => $item['itemid'])); } else { $tid = $item['bbstid']; $db->query("UPDATE {$bbs_dbpre}forum_thread SET subject='" . $subject . "' WHERE tid='{$tid}'"); $pid = $db->result_first("SELECT pid FROM {$bbs_dbpre}{$tablename} WHERE tid = '{$tid}' AND first = 1"); $db->query("UPDATE {$bbs_dbpre}{$tablename} SET message='{$message}' WHERE pid='{$pid}' AND tid = '{$tid}' AND first = 1"); } }