示例#1
0
function pkpost($cacheinfo, $cp = 1)
{
    global $_G, $_SGLOBAL, $theurl, $mname, $checkresults;
    $itemid = !empty($_POST['itemid']) ? intval($_POST['itemid']) : 0;
    $hash = '';
    $op = 'add';
    $mustverify = false;
    $resultitems = $resultmessage = $updateitem = array();
    $modelsinfoarr = $cacheinfo['models'];
    $columnsinfoarr = $cacheinfo['columns'];
    $feedcolum = array();
    foreach ($columnsinfoarr as $result) {
        if ($mname == "groupbuy" && preg_match('/^user_|^ext_/', $result['fieldname'])) {
            continue;
        }
        if ($result['isfixed'] == 1) {
            $resultitems[] = $result;
        } else {
            $resultmessage[] = $result;
        }
        if ($result['formtype'] == 'linkage') {
            if (!empty($_POST[$result['fieldname']])) {
                $_POST[$result['fieldname']] = $cacheinfo['linkage']['info'][$result['fieldname']][$_POST[$result['fieldname']]];
            }
        } elseif ($result['formtype'] == 'timestamp') {
            if (empty($_POST[$result['fieldname']])) {
                $_POST[$result['fieldname']] = $_G['timestamp'];
            } else {
                $_POST[$result['fieldname']] = sstrtotime($_POST[$result['fieldname']]);
            }
        }
    }
    //輸入檢查
    $_POST['subject'] = trim(strip_tags($_POST['subject']));
    $itemid = $_POST['itemid'];
    $checkresults = array();
    if (bstrlen($_POST['subject']) < 1 || bstrlen($_POST['subject']) > 80) {
        array_push($checkresults, array('subject' => lang('space_suject_length_error')));
    }
    //數據檢查
    checkvalues(array_merge($resultitems, $resultmessage), 1, 1);
    //商品價格處理 Start
    if ($modelsinfoarr['modelname'] == 'good') {
        if ($_POST['minprice'] > 0 && $_POST['maxprice'] > 0 && $_POST['maxprice'] < $_POST['minprice']) {
            array_push($checkresults, array('maxprice' => lang('maxprice_must_big_then_minprice')));
        }
    }
    //商品價格處理 End
    //修改時檢驗標題圖片是否修改
    $defaultmessage = array();
    if (!empty($itemid)) {
        if (empty($_POST['subjectimage_value']) || !empty($_FILES['subjectimage']['name'])) {
            //當file刪除時,或修改時執行刪除操作
            $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'items') . ' WHERE itemid = \'' . $itemid . '\'');
            $defaultmessage = DB::fetch($query);
            $hash = getmodelhash($modelsinfoarr['mid'], $itemid);
            deletetable('attachments', array('hash' => $hash, 'subject' => 'subjectimage'));
            //刪除附件表
            updatetable($modelsinfoarr['modelname'] . 'items', array('subjectimage' => ''), array('itemid' => $itemid));
            $ext = fileext($defaultmessage['subjectimage']);
            if (in_array($ext, array('jpg', 'jpeg', 'png'))) {
                @unlink(A_DIR . '/' . substr($defaultmessage['subjectimage'], 0, strrpos($defaultmessage['subjectimage'], '.')) . '.thumb.jpg');
            }
            @unlink(A_DIR . '/' . $defaultmessage['subjectimage']);
        }
    }
    //構建數據
    $setsqlarr = $setitemsqlarr = array();
    $setsqlarr = getsetsqlarr($resultitems);
    $itemgrade = DB::result_first("SELECT grade FROM " . tname($mname . "items") . " WHERE itemid = '{$itemid}'");
    if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
        $setsqlarr['subjectimage'] = $_POST['subjectimage_value'];
    }
    if (empty($_POST['catid']) || $_POST['catid'] < 0) {
        array_push($checkresults, array('catid' => lang('cat_not_selected')));
    }
    $setsqlarr['catid'] = $_POST['catid'];
    if ($modelsinfoarr['modelname'] != 'shop') {
        //限制必填信息所屬店舖
        if (pkperm('isadmin')) {
            if (empty($_POST['shopid'])) {
                array_push($checkresults, array('shopid' => lang('please_select_shopid')));
            }
            $setsqlarr['shopid'] = intval($_POST['shopid']);
        } else {
            $setsqlarr['shopid'] = $_G['myshopid'];
        }
    } else {
        $setsqlarr['letter'] = !empty($_POST['letter']) ? trim($_POST['letter']) : getletter(trim($_POST['subject']));
        $setsqlarr['keywords'] = trim(strip_tags($_POST['keywords']));
        $setsqlarr['description'] = trim(strip_tags($_POST['description']));
        if (!empty($_POST['syncfid'])) {
            require_once B_ROOT . './api/bbs_syncpost.php';
            if (checkbbsfid($_POST['syncfid'])) {
                $setsqlarr['syncfid'] = intval($_POST['syncfid']);
            } else {
                array_push($checkresults, array('syncfid' => lang('syncfid_noexists')));
            }
        }
    }
    $setsqlarr['subject'] = $_POST['subject'];
    $setsqlarr['allowreply'] = 1;
    if (!empty($checkresults)) {
        cpmsg('addobject_error', '', '', '', true, true, $checkresults);
    }
    if (pkperm('isadmin')) {
        $setsqlarr['grade'] = isset($_POST['grade']) ? $_POST['grade'] : 3;
    } elseif ($_G['myshopstatus'] == 'verified') {
        if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy')) && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
            $setsqlarr['grade'] = !empty($itemid) ? 5 : 0;
            if (!empty($itemid)) {
                if (in_array($_POST['grade'], array(2, 3))) {
                    $setsqlarr['grade'] = $_POST['grade'];
                }
            }
            $mustverify = true;
        } else {
            if (in_array($_POST['grade'], array(2, 3))) {
                $setsqlarr['grade'] = $_POST['grade'];
            } else {
                $setsqlarr['grade'] = $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] ? 0 : 3;
            }
        }
    } elseif ($_G['myshopstatus'] == 'unverified') {
        $setsqlarr['grade'] = 0;
    }
    $setsqlarr['dateline'] = $_G['timestamp'];
    $setsqlarr['uid'] = $_G['uid'];
    $setsqlarr['username'] = $_G['username'];
    $setsqlarr['lastpost'] = $setsqlarr['dateline'];
    // 標題圖片處理 Start
    if (!empty($modelsinfoarr['thumbsize'])) {
        $modelsinfoarr['thumbsize'] = explode(',', trim($modelsinfoarr['thumbsize']));
        $modelsinfoarr['subjectimagewidth'] = $modelsinfoarr['thumbsize'][0];
        $modelsinfoarr['subjectimageheight'] = $modelsinfoarr['thumbsize'][1];
    }
    if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) {
        if ($_GET['action'] == 'add') {
            $hotline = $_SGLOBAL['panelinfo']['tel'];
            $address = $_SGLOBAL['panelinfo']['address'];
        } else {
            $shopinfo = DB::fetch(DB::query("SELECT tel, address FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'"));
            $hotline = $shopinfo['tel'];
            $address = $shopinfo['address'];
        }
        $dealer_name = DB::result_first("SELECT subject FROM " . tname('shopitems') . " WHERE itemid='{$setsqlarr['shopid']}'");
        $createimgarr = array('id' => intval($_POST['imgtplid']), 'mid' => intval($modelsinfoarr['mid']), 'itemid' => intval($itemid), 'coupon_title' => $setsqlarr['subject'], 'dealer_id' => $setsqlarr['uid'], 'dealer_name' => $dealer_name, 'begin_date' => date('Y-m-d', $setsqlarr['validity_start']), 'end_date' => date('Y-m-d', $setsqlarr['validity_end']), 'brief' => trim($_POST['message']), 'exception' => trim($_POST['exception']), 'address' => $address, 'hotline' => $hotline, 'subjectimagewidth' => $modelsinfoarr['subjectimagewidth'], 'subjectimageheight' => $modelsinfoarr['subjectimageheight']);
        require_once B_ROOT . './source/adminfunc/tool.func.php';
        if ($consumeimgpath = image_text($createimgarr)) {
            $setsqlarr['subjectimage'] = $consumeimgpath;
            $setsqlarr['imagetype'] = 0;
            $setsqlarr['imgtplid'] = intval($_POST['imgtplid']);
        }
    } else {
        $uploadfilearr = $ids = array();
        $subjectimageid = '';
        $uploadfilearr = uploadfile(array(array('fieldname' => 'subjectimage', 'fieldcomment' => '圖片標題', 'formtype' => 'img')), $modelsinfoarr['mid'], 0, 1, $modelsinfoarr['subjectimagewidth'], $modelsinfoarr['subjectimageheight']);
        if (!empty($uploadfilearr)) {
            $feedsubjectimg = $uploadfilearr;
            foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
                if (empty($tmpvalue['error'])) {
                    $setsqlarr[$tmpkey] = $tmpvalue['filepath'];
                }
                if (!empty($tmpvalue['aid'])) {
                    $ids[] = $tmpvalue['aid'];
                }
            }
        }
        if ($modelsinfoarr['modelname'] == 'consume') {
            $setsqlarr['imagetype'] = 1;
        }
    }
    /* --------- 標題圖片處理 End --------------*/
    //詞語過濾
    if (!empty($modelsinfoarr['allowfilter'])) {
        $setsqlarr = scensor($setsqlarr, 1);
    }
    //發佈時間
    $setsqlarr['dateline'] = $_G['timestamp'];
    // 商品添加簡介
    if ($mname == "good") {
        $setsqlarr['intro'] = trim(strip_tags($_POST['intro']));
    }
    if (empty($itemid)) {
        //插入數據
        $itemid = inserttable($modelsinfoarr['modelname'] . 'items', $setsqlarr, 1);
        if (in_array($modelsinfoarr['modelname'], array('good', 'notice', 'consume', 'album', 'groupbuy'))) {
            itemnumreset($modelsinfoarr['modelname'], $setsqlarr['shopid']);
        }
    } else {
        $_SGLOBAL['itemupdate'] = 1;
        //更新
        $op = 'update';
        unset($setsqlarr['uid']);
        unset($setsqlarr['username']);
        unset($setsqlarr['lastpost']);
        if ($itemgrade == 1 && !pkperm('isadmin')) {
            $setsqlarr['grade'] = 0;
        } elseif ($itemgrade == 1 && pkperm('isadmin')) {
            $setsqlarr['grade'] = 1;
        } elseif ($itemgrade == 0 && !pkperm('isadmin')) {
            $setsqlarr['grade'] = 0;
        } elseif ($itemgrade == 0 && pkperm('isadmin')) {
            $setsqlarr['grade'] = 0;
        }
        if (pkperm('isadmin')) {
            //站長可以post任何數據
            updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid));
            //權限限制
        } else {
            // 店長不允許更改店舖組
            unset($setsqlarr['groupid']);
            if ($modelsinfoarr['modelname'] == 'shop') {
                unset($setsqlarr['validity_start']);
                unset($setsqlarr['validity_end']);
                if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
                    $updatesqlarr = $setsqlarr;
                } else {
                    //店長提交店舖權限檢查
                    updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $_G['myshopid']));
                }
            } else {
                if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
                    $updatesqlarr = $setsqlarr;
                } else {
                    //店長只能更改管理的店舖的信息
                    updatetable($modelsinfoarr['modelname'] . 'items', $setsqlarr, array('itemid' => $itemid, 'shopid' => $_G['myshopid']));
                }
            }
        }
        $query = DB::query('SELECT * FROM ' . tname($modelsinfoarr['modelname'] . 'message') . ' WHERE itemid = \'' . $itemid . '\'');
        $defaultmessage = DB::fetch($query);
    }
    $hash = getmodelhash($modelsinfoarr['mid'], $itemid);
    if (!empty($ids)) {
        $ids = simplode($ids);
        DB::query('UPDATE ' . tname('attachments') . ' SET hash=\'' . $hash . '\' WHERE aid IN (' . $ids . ')');
    }
    $do = 'pass';
    if ($op == 'update' && !$_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
        if (!empty($resultmessage)) {
            foreach ($resultmessage as $value) {
                if (preg_match("/^(img|flash|file)\$/i", $value['formtype']) && !empty($defaultmessage[$value['fieldname']])) {
                    if (empty($_POST[$value['fieldname'] . '_value']) || !empty($_FILES[$value['fieldname']]['name'])) {
                        //當file刪除時,或修改時執行刪除操作
                        deletetable('attachments', array('hash' => $hash, 'subject' => $value['fieldname']));
                        //刪除附件表
                        updatetable($modelsinfoarr['modelname'] . 'message', array($value['fieldname'] => ''), array('itemid' => $itemid));
                        @unlink(A_DIR . '/' . substr($defaultmessage[$value['fieldname']], 0, strrpos($defaultmessage[$value['fieldname']], '.')) . '.thumb.jpg');
                        @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']] . '.thumb.jpg');
                        @unlink(A_DIR . '/' . $defaultmessage[$value['fieldname']]);
                    }
                }
            }
        }
    }
    //內容
    $setsqlarr = $uploadfilearr = $ids = array();
    $setsqlarr = getsetsqlarr($resultmessage);
    $uploadfilearr = $feedcolum = uploadfile($resultmessage, $modelsinfoarr['modelname'], $itemid, 0);
    $setsqlarr['message'] = trim($_POST['message']);
    $setsqlarr['message'] = saddslashes(html2bbcode(stripslashes($setsqlarr['message'])));
    if ($modelsinfoarr['modelname'] == 'consume') {
        $setsqlarr['exception'] = trim($_POST['exception']);
    }
    if ($_POST['imagetype'] == 0 && $modelsinfoarr['modelname'] == 'consume' && $_G['setting']['allowcreateimg']) {
        $setsqlarr['address'] = trim($_POST['address']);
        $setsqlarr['hotline'] = trim($_POST['hotline']);
    }
    $setsqlarr['postip'] = $_G['clientip'];
    if ($modelsinfoarr['modelname'] == 'shop' && $itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']]) {
        $setsqlarr['banner'] = $_POST['banner_value'];
        $setsqlarr['windowsimg'] = $_POST['windowsimg_value'];
    }
    if (!empty($uploadfilearr)) {
        foreach ($uploadfilearr as $tmpkey => $tmpvalue) {
            if (empty($tmpvalue['error'])) {
                $setsqlarr[$tmpkey] = $tmpvalue['filepath'];
            }
            if (!empty($tmpvalue['aid'])) {
                $ids[] = $tmpvalue['aid'];
            }
        }
    }
    //添加內容
    if (!empty($modelsinfoarr['allowfilter'])) {
        $setsqlarr = scensor($setsqlarr, 1);
    }
    if ($op == 'add') {
        $setsqlarr['itemid'] = $itemid;
        //添加內容
        inserttable($modelsinfoarr['modelname'] . 'message', $setsqlarr);
    } else {
        if ($itemgrade > 1 && $_SGLOBAL['panelinfo']['group']['verify' . $modelsinfoarr['modelname']] && !pkperm('isadmin')) {
            $_SGLOBAL['updatesqlarr'] = array_merge($updatesqlarr, $setsqlarr);
        } else {
            //更新內容
            updatetable($modelsinfoarr['modelname'] . 'message', $setsqlarr, array('nid' => $_POST['nid'], 'itemid' => $itemid));
        }
    }
    updatetable('attachments', array('isavailable' => '1', 'type' => 'model'), array('hash' => $hash));
    return $itemid;
}
示例#2
0
function syncpost($itemid, $mname)
{
    if (!in_array($mname, array('album', 'good', 'notice', 'consume', 'groupbuy'))) {
        if ($mname == 'album') {
            syncalbum($itmeid);
            return false;
        }
    }
    global $_G, $_SC, $_SGLOBAL;
    $bbs_dbpre = $_SC['bbs_dbpre'];
    $db = new db_mysql(array(1 => array('tablepre' => $_SC['bbs_dbpre'], 'dbcharset' => $_SC['bbs_dbcharset'], 'dbhost' => $_SC['bbs_dbhost'], 'dbuser' => $_SC['bbs_dbuser'], 'dbpw' => $_SC['bbs_dbpw'], 'dbname' => $_SC['bbs_dbname'], 'silent' => true)));
    $db->connect();
    $item = DB::fetch_first("SELECT i.*, m.* FROM " . DB::table($mname . "items") . " i LEFT JOIN " . DB::table($mname . "message") . " m ON i.itemid = m.itemid WHERE i.itemid = '{$itemid}' AND i.grade = 3");
    if (empty($item)) {
        $db->close();
        unset($db);
        return false;
    }
    getpanelinfo($item['shopid']);
    $fid = $_SGLOBAL['panelinfo']['syncfid'];
    if (!checkbbsfid($fid)) {
        $db->close();
        unset($db);
        return false;
    }
    //插入主題信息
    $author = $_SGLOBAL['panelinfo']['username'];
    $authorid = $_SGLOBAL['panelinfo']['uid'];
    $subject = "[" . b_lang($mname) . "]" . $item['subject'];
    $message = postformat($mname, $item);
    $posttable_info = $db->result_first("SELECT svalue FROM {$bbs_dbpre}common_setting WHERE skey = 'posttable_info'");
    $posttableid = 0;
    if (!empty($posttable_info)) {
        $posttable_info = unserialize($posttable_info);
        if (is_array($posttable_info)) {
            foreach ($posttable_info as $key => $info) {
                if ($info['type'] == 'primary') {
                    $posttableid = $key;
                }
            }
        }
    }
    if (!$posttableid) {
        $tablename = 'forum_post';
    } else {
        $tablename = "forum_post_{$posttableid}";
    }
    if (empty($item['bbstid'])) {
        $db->query("INSERT INTO {$bbs_dbpre}forum_thread (fid, posttableid, author, authorid, subject, dateline, lastpost, lastposter)\n        VALUES ('{$fid}', '{$posttableid}', '{$author}', '{$authorid}', '{$subject}', '{$_G['timestamp']}', '{$_G['timestamp']}', '{$author}')");
        $tid = $db->insert_id();
        $db->query("UPDATE {$bbs_dbpre}common_member_field_home SET recentnote = '{$subject}' WHERE uid = '{$authorid}'");
        $db->query("INSERT INTO {$bbs_dbpre}forum_post_tableid (pid) values (null)");
        $pid = $db->insert_id();
        if ($pid % 1024 == 0) {
            $db->query("DELETE FROM {$bbs_dbpre}forum_post_tableid WHERE pid<{$pid}");
        }
        $db->query("REPLACE INTO {$bbs_dbpre}common_syscache (cname, ctype, dateline, data) VALUES ('max_post_id', '0', '{$_G['timestamp']}', '{$pid}')");
        if (!$posttableid) {
            $tablename = 'forum_post';
        } else {
            $tablename = "forum_post_{$posttableid}";
        }
        $db->query("INSERT INTO {$bbs_dbpre}{$tablename} SET `fid`='{$fid}',`tid`='{$tid}',`first`='1',`author`='{$author}',`authorid`='{$authorid}',`subject`='{$subject}',`dateline`='{$_G['timestamp']}',`message`='{$message} ',`useip`='unknown',`invisible`='0',`anonymous`='0',`usesig`='1',`htmlon`='0',`bbcodeoff`='0',`smileyoff`='-1',`parseurloff`='',`attachment`='0',`tags`='',`pid`='{$pid}'");
        $db->query("UPDATE {$bbs_dbpre}forum_forum SET lastpost='{$tid} {$subject} {$_G[timestamp]} {$author}', threads=threads+1, posts=posts+1, todayposts=todayposts+1 WHERE fid='{$fid}'");
        $db->query("UPDATE {$bbs_dbpre}common_stat SET `thread`=`thread`+1 WHERE daytime='" . date("Ymd", $_G[timestamp]) . "'");
        updatetable($mname . 'items', array('bbstid' => $tid), array('itemid' => $item['itemid']));
    } else {
        $tid = $item['bbstid'];
        $db->query("UPDATE {$bbs_dbpre}forum_thread SET subject='" . $subject . "' WHERE tid='{$tid}'");
        $pid = $db->result_first("SELECT pid FROM {$bbs_dbpre}{$tablename} WHERE tid = '{$tid}' AND first = 1");
        $db->query("UPDATE {$bbs_dbpre}{$tablename} SET message='{$message}' WHERE pid='{$pid}' AND tid = '{$tid}' AND first = 1");
    }
}