public function result()
{
$show['type'] = $typeID = I('get.typeID');
$searchTxt = I('get.searchTxt');
fliter_script($searchTxt);
$show['searchTxt'] = $searchTxt;
$this->assign('show', $show);
switch ($typeID) {
case '分类信息':
$this->searchClass($searchTxt);
break;
case '社区资讯':
$this->searchSqData($searchTxt);
break;
}
$model = M('sq_data');
//热评信息
$order = 'a.visits desc, a.editTime desc';
//热评的信息
$where['a.verify'] = 1;
$where['a.editTime'] = ['gt', time() - 3 * 24 * 3600];
$where['a.gid'] = $_SESSION['gid'];
$hotList = $model->alias('a')->field('a.comments,a.id,a.title,a.editTime as postTime,m.userName,m.avatar,m.uid')->join(['left join ybirds_member m on m.uid=a.userID'])->where($where)->order($order)->limit(20)->select();
$this->assign('hotList', $hotList);
if (!empty($_SESSION)) {
$replyCountInfo = M('member')->field('ctgs,sqs,follows,fans,comments,replys')->where("uid={$_SESSION['userID']}")->find();
$this->assign('replyCountInfo', $replyCountInfo);
}
$this->theme("bootstrap")->display();
}
/**
* 智能匹配计算.
* @access private
* @param array
* @return void
* @author liuxiaolin <*****@*****.**>
*/
public function matchAction()
{
//传入数据
//contry,所在国家,1表示中国,2表示英国
//school,当前就读学校名
//esid 希望就读的学科ID
//csid 自已所学专业的学科ID
//score 自已的成绩
//lang 语言成绩
//year 希望入学年份:2016年
$data = I('post.data');
trim_all($data);
fliter_script($data);
$errormsg = '';
if (!preg_match('/^[0-9]{1,2}$/', $data['score'])) {
$errormsg .= L('CONTROLLER_MSG1') . '<br/>';
}
if (!empty($data['lscore']) && !preg_match('/^(?:(?:[1-8]\\.(?:0|5))|(?:9\\.0)|(?:[1-9]))$/', $data['lscore'])) {
//if (!empty($data['lscore']) && !preg_match('/^[0-9]\.[05]|[1-9]$/', $data['lscore'])) {
$errormsg .= L('CONTROLLER_MSG2') . '<br/>';
}
if (!empty($errormsg)) {
$this->error($errormsg);
}
$uid = session('uid');
//如果已登录
if (!empty($uid)) {
$data['uid'] = $uid;
$model = M('apply_info');
//查询以前是否已录入过
$info = $model->where(['uid' => $uid])->find();
if ($info) {
$res = $model->where([['uid' => $uid]])->save($data);
} else {
$res = $model->add($data);
}
//未登录,存入到cookie中
} else {
$applyInfo = authcode(serialize($data), 'ENCODE', C('AUTH_KEY'));
cookie('applyInfo', $applyInfo);
}
$this->redirect('result');
}
/**
* 订单确认处理
*
* @author liuxiaolin <*****@*****.**>
* @access protected
*
* @return array
*/
public function orderConfirm()
{
$carts = I('post.data');
$check = I('post.check');
trim_all($carts);
trim_all($check);
fliter_script($carts);
foreach ($check as $key => $val) {
$Arr['aid'][$key] = $val;
$Arr['num'][$key] = $carts[$val];
if ($carts[$val] < 4) {
$this->error('请至少购买4周');
}
}
$uid = session('userID');
$model = M('ad_all');
//先判断所选的广告位,有没有被购买或被锁定
$map['id'] = array('in', $Arr['aid']);
$map['_string'] = 'isLock=1 OR isSall=1';
$res = $model->where($map)->select();
if ($res) {
$this->error('你所选购的广告位已经被购买,请重新选择', U('Ucenter/Adv/listMyCarts'));
}
//把选购的广告位锁定, 以防止其它人再次购买
$saveDate = array('isLock' => 1, 'lockTime' => time(), 'uid' => $uid);
$saveMap = array('id' => array('in', $Arr['aid']));
//开启事务
$model->startTrans();
$saveRes = $model->where($saveMap)->setField($saveDate);
//成功后提交,失败后回滚
if ($saveRes !== false) {
$model->commit();
$field = 'a.id, a.place, a.page, a.gid, a.price, b.type, b.title, c.name, b.width, b.height, b.srcUrl';
$join = array('LEFT JOIN __AD_POSITION__ AS b on a.pid = b.id', 'LEFT JOIN __AD_COUNTRY__ AS c ON a.gid = c.gid');
$where['a.id'] = array('in', $Arr['aid']);
$data = $model->alias('a')->field($field)->where($where)->join($join)->select();
//处理数据
foreach ($data as $k => $v) {
if ($Arr['num'][$v['id']] >= 52) {
$discount = 0.7;
} else {
if ($Arr['num'][$v['id']] >= 26) {
$discount = 0.8;
} else {
$discount = 1;
}
}
//存在订单表中的数组
$saveData['data'][] = array('uid' => $uid, 'aid' => $v['id'], 'adType' => $v['type'], 'price' => $v['price'], 'num' => $Arr['num'][$v['id']], 'total' => $Arr['num'][$v['id']] * $v['price'] * $discount, 'discount' => $discount, 'payMoney' => $Arr['num'][$v['id']] * $v['price']);
//用于用户确认的数据
$showData[] = array('aid' => $v['id'], 'page' => $v['page'], 'name' => $v['name'], 'type' => $v['type'], 'title' => $v['title'], 'width' => $v['width'], 'height' => $v['height'], 'srcUrl' => $v['srcUrl'], 'price' => $v['price'], 'num' => $Arr['num'][$v['id']], 'total' => $Arr['num'][$v['id']] * $v['price'] * $discount, 'discount' => $Arr['num'][$v['id']] . ' * ' . $v['price'] . ' * ' . $discount, 'payMoney' => $Arr['num'][$v['id']] * $v['price']);
}
//获得总价
$totalMoney = 0;
foreach ($showData as $value) {
$totalMoney += $value['total'];
}
//存入session,以被插入订单表中使用
$saveData['aid'] = $Arr['aid'];
session('orderData', null);
session('orderData', $saveData);
session('totalMoney', $totalMoney);
//生成令牌, 防止重复提交
$auth = array('name' => session('userName'), 'key' => md5(time() . 'confirmOrder'));
$token = data_auth_sign($auth);
session('token', null);
session('token', $token);
//p($totalMoney, false);
//p($saveData, false);
//p($showData);
$this->assign('token', $token);
$this->assign('totalNum', count($data));
$this->assign('totalMoney', $totalMoney);
$this->assign('showData', $showData);
$this->display();
} else {
$model->rollback();
$this->error('结算失败,请重新选择', U('Ucenter/Adv/listMyCarts'));
}
}
/**
* 处理搜索请求
* @author liuxiaolin <*****@*****.**>
* @param maxied $userName 用户名
* @access protected
* @return array
*/
public function search()
{
$userName = I('get.userName');
$uid = session('userID');
$info['msg'] = '';
if (empty($userName)) {
$info['msg'] = '请输入查询的用户';
}
if ($userName == session('userName')) {
$info['msg'] = '你输入的是你自己的用户名';
}
if (!empty($info['msg'])) {
$info['status'] = FALSE;
return $this->ajaxReturn($info, 'json');
}
fliter_script($userName);
$model = M('member');
$map['userName'] = $userName;
//$join = array('LEFT JOIN __FRIEND__ AS b ON a.uid = b.uid');
$data = $model->field('uid, userName, avatar')->where($map)->select();
//$sql = $model->getLastSql();
//如果没有数据,则返回false
if (!$data) {
$info['status'] = FALSE;
$info['msg'] = '查无此人……';
return $this->ajaxReturn($info, 'json');
} else {
$info['status'] = TRUE;
}
//获取我的好友数据
$arr = $this->getFriend($uid, False);
// 判断查询的人与自己是否有好友关系,type: 1表示已为好友,2表示自己处于申请加好友状态,3表示没有好友关系
$this->getFriendType($data, $arr);
return $this->ajaxReturn($data, 'json');
}
/**
* 增加社区信息
*/
public function addSqInfo()
{
//判断用户是否需要检查
$uid = $_SESSION['userID'];
//检测是否是黑名单用户
$groupID = M('user')->where(array('userID' => $uid))->getField('groupID');
if ($groupID == 4) {
$result['status'] = FALSE;
$result['massage'] = '你已被加入黑名单,不允许发布~';
$this->ajaxReturn($result, 'json');
}
//新用户审核
if (!checkNewUserPost($uid, 1)) {
$result['status'] = FALSE;
$result['massage'] = '新注册用户请在注册' . C('NEW_USER_POST_TIME') . '分钟后发帖';
$this->ajaxReturn($result, 'json');
}
$idList = array(9, 10, 11, 12);
$userInfo = M('user')->field('groupID')->where("userID={$uid}")->find();
if (!in_array($userInfo['groupID'], $idList)) {
//检测每天只能发送的数量
if (!checkTimes($uid, 1)) {
$result['status'] = FALSE;
$result['massage'] = '每个帐号每天只能发送' . C('POST_NUM') . '条社区资讯!';
$this->ajaxReturn($result, 'json');
}
//检测发帖时间间隔
if (!checkTimesInterval($uid, 1)) {
$result['status'] = FALSE;
$result['massage'] = '每次发帖间隔时间为' . C('INTERVAL_TIME') . '分钟';
$this->ajaxReturn($result, 'json');
}
}
fliter_script($_POST);
$dataModel = M('SqData');
$data['userID'] = $_SESSION['userID'];
$data['userName'] = $_SESSION['userName'];
$data['editor'] = $_SESSION['userName'];
$data['editTime'] = time();
$data['postTime'] = time();
$data['gid'] = $_POST['gid'];
$data['ip'] = $_SERVER['REMOTE_ADDR'];
$data['cityID'] = $_POST['cityID'];
$data['title'] = $_POST['title'];
$data['sid'] = $_POST['classId'];
$data['from_author'] = $_POST['from_author'];
$data['from_url'] = $_POST['from_url'];
$map['content'] = $_POST['content'];
$thumb = array();
foreach ($_POST['picUrl'] as $v) {
$thumbList = explode('.', $v);
$thumbList['1'] = $thumbList['1'] . '_thumb';
$thumbList = implode('.', $thumbList);
$thumb[] = $thumbList;
}
if ($_POST['picUrl']) {
$data['thumb'] = implode('|', $thumb);
$data['picUrl'] = implode('|', $_POST['picUrl']);
}
$dataModel->startTrans();
$res1 = $dataModel->data($data)->add();
$map['dataID'] = $res1;
$res2 = M('SqFdata')->data($map)->add();
if ($res1 == true && $res2 == true) {
M('member')->where("uid={$_SESSION['userID']}")->setInc('sqs');
M('postlog')->data(['days' => date('Ymd'), 'uid' => $data['userID'], 'type' => 1])->add();
$dataModel->commit();
$res['status'] = true;
$res['massage'] = "发布成功";
} else {
$dataModel->rollback();
$res['status'] = false;
$res['massage'] = "发布失败";
}
$this->ajaxReturn($res, 'json');
}
/**
* 编辑全局分类处理
*
* @author liuxiaolin <*****@*****.**>
* @access public
* @param $ejyClassID 分类栏目ID
*
* @return void
*/
public function editPosAction()
{
//存入ybirds_ad_position表的原始数据
$post = $_POST['post'];
//传入进来的数据处理,安全过滤
trim_all($post);
fliter_script($post);
//错误提示信息
$errorMsg = '';
//传入的数据验证处理
if (empty($post['title'])) {
$errorMsg .= '广告位的文字说明(如 首页侧面广告)必须填写<br/>';
}
if (empty($post['width'])) {
$errorMsg .= '广告位的宽度必须填写<br/>';
}
if (empty($post['height'])) {
$errorMsg .= '广告位的高度必须填写<br/>';
}
if (!preg_match('/^\\d{1,4}$/', $post['width'])) {
$errorMsg .= '广告位的宽度只能是数字</br>';
}
if (!preg_match('/^\\d{1,4}$/', $post['height'])) {
$errorMsg .= '广告位的高度只能是数字</br>';
}
//有错误则显示消息
if (!empty($errorMsg)) {
$this->error($errorMsg);
}
//处理广告位上传示意图
if ($_FILES['srcUrl']['name']) {
$info1 = $this->upload($_FILES['srcUrl']);
$post['srcUrl'] = C('PIC_UPLOAD.rootPath') . $info1['savepath'] . $info1['savename'];
}
//处理默认广告
if ($post['type'] == 2) {
if ($_FILES['default']['name']) {
$info2 = $this->upload($_FILES['default']);
$post['default'] = C('PIC_UPLOAD.rootPath') . $info2['savepath'] . $info2['savename'];
}
} elseif ($post['type'] == 1) {
if (!empty($_POST['default'])) {
$post['default'] = $_POST['default'];
}
}
$model = M('ad_position');
$allModel = M('ad_all');
//开户事务
$model->startTrans();
$adAll = $allModel->field('id')->where(array('pid' => $post['id']))->select();
$res[0] = $model->data($post)->save();
foreach ($adAll as $k => $v) {
$res[] = $allModel->data(array('id' => $v['id'], 'page' => $post['page']))->save();
}
$url = session('advPosUrl');
session('advPosUrl', null);
//成功就提交,失败回滚
if (!in_array(false, $res, true)) {
$model->commit();
operateLog('编辑广告位' . $post['id'], 4);
$this->success('编辑广告位成功', $url);
} else {
$model->rollback();
$this->error('编辑广告位失败', $url);
}
}
public static function process()
{
theme_features::check_referer();
$type = isset($_REQUEST['type']) && is_string($_REQUEST['type']) ? $_REQUEST['type'] : false;
$current_user_id = theme_cache::get_current_user_id();
switch ($type) {
/**
* backend create db table
*/
case 'create-db':
if (!theme_cache::current_user_can('manage_options')) {
die(___('Sorry, your permission is not enough to create database table.'));
}
//die(theme_features::json_format([
// 'status' => 'error',
// 'code' => 'invaild_permission',
// 'msg' => ___('Sorry, your permission is not enough to create database table.'),
//]));
if (self::has_table()) {
die(___('Sorry, the database table already exists.'));
}
//die(theme_features::json_format([
// 'status' => 'error',
// 'code' => 'exists_table',
// 'msg' => ___('Sorry, the database table already exists.'),
//]));
self::create_db_table();
theme_options::set_options(__CLASS__, ['db-version' => self::$db_version]);
header('location: ' . theme_options::get_url() . '&' . __CLASS__);
die;
//die(theme_features::json_format([
// 'status' => 'success',
// 'msg' => ___('Database table has been created.'),
//]));
/**
* get-userdata
*/
//die(theme_features::json_format([
// 'status' => 'success',
// 'msg' => ___('Database table has been created.'),
//]));
/**
* get-userdata
*/
case 'get-userdata':
/** nonce */
theme_features::check_nonce();
/**
* uid
*/
$uid = isset($_REQUEST['uid']) && is_numeric($_REQUEST['uid']) ? $_REQUEST['uid'] : false;
/**
* get userdata
*/
$user = self::check_uid($uid);
/** add user to lists */
self::add_list($current_user_id, $user->ID);
die(theme_features::json_format(['status' => 'success', 'name' => esc_html($user->display_name), 'avatar' => get_avatar_url($user->ID), 'msg' => ___('User data loaded, you can send P.M. now.'), 'url' => theme_cache::get_author_posts_url($user->ID)]));
/**
* remove user lists
*/
/**
* remove user lists
*/
case 'remove-dialog':
$receiver_uid = isset($_REQUEST['uid']) && is_numeric($_REQUEST['uid']) ? (int) $_REQUEST['uid'] : false;
$receiver = self::check_uid($receiver_uid);
$status = self::remove_list($current_user_id, $receiver->ID);
if ($status) {
die(theme_features::json_format(['status' => 'success', 'code' => 'removed']));
}
die(theme_features::json_format(['status' => 'error', 'code' => 'remove_fail']));
/**
* send
*/
/**
* send
*/
case 'send':
/** nonce */
theme_features::check_nonce();
$receiver_uid = isset($_REQUEST['uid']) && is_numeric($_REQUEST['uid']) ? $_REQUEST['uid'] : false;
$receiver = self::check_uid($receiver_uid);
/** check content */
$content = isset($_REQUEST['content']) && is_string($_REQUEST['content']) ? trim($_REQUEST['content']) : false;
if ($content != '') {
$content = fliter_script(strip_tags($content, '<a><b><strong><em><i><del>'));
}
if (trim($content) == '') {
die(theme_features::json_format(['status' => 'error', 'code' => 'empty_content', 'msg' => ___('Sorry, message content is null, please try again.')]));
}
/** pass */
$pm_id = self::insert_pm(['pm_author' => $current_user_id, 'pm_receiver' => $receiver->ID, 'pm_content' => $content]);
if (!$pm_id) {
die(theme_features::json_format(['status' => 'error', 'code' => 'can_not_create_pm', 'msg' => ___('Sorry, system can not create the private message, please try again later.')]));
}
/** get pm */
$pm = self::get_pm($pm_id);
/** add list for author */
self::add_list($current_user_id, $pm->pm_receiver);
/** add list for receiver */
self::add_list($pm->pm_receiver, $current_user_id);
die(theme_features::json_format(['status' => 'success', 'pm' => ['pm_receiver' => self::get_niceid($pm->pm_receiver), 'pm_author' => self::get_niceid($pm->pm_author), 'pm_date' => current_time('Y/m/d H:i:s'), 'pm_content' => $pm->pm_content, 'url' => theme_cache::get_author_posts_url($pm->pm_receiver)], 'msg' => ___('Message sent.')]));
/**
* latest pm id
*/
/**
* latest pm id
*/
case 'comet':
/** nonce */
theme_features::check_nonce();
$receiver_id = $current_user_id;
$client_timestamp = isset($_REQUEST['timestamp']) && is_numeric($_REQUEST['timestamp']) ? $_REQUEST['timestamp'] : false;
/** if not client timestamp, return error */
if (!$client_timestamp) {
die(theme_features::json_format(['status' => 'error', 'code' => 'invaild_timestamp', 'msg' => ___('Sorry, your session is timeout, please refresh page.')]));
}
/** set timeout */
set_time_limit(60);
/** check new pm for receiver */
for ($i = 0; $i < self::$comet_timeout; ++$i) {
/** have new pm */
$timestamp = self::get_timestamp($receiver_id);
if ($timestamp <= $client_timestamp) {
sleep(1);
continue;
}
/** have new pm, output latest pm */
$latest_pm = self::get_pm(self::get_latest_pm_id($receiver_id));
/** clear unreads for me */
self::clear_unreads($current_user_id);
die(theme_features::json_format(['status' => 'success', 'pm' => ['pm_receiver' => self::get_niceid($latest_pm->pm_receiver), 'pm_author' => self::get_niceid($latest_pm->pm_author), 'pm_author_name' => theme_cache::get_the_author_meta('display_name', $latest_pm->pm_author), 'pm_author_avatar' => get_avatar_url($latest_pm->pm_author), 'pm_date' => current_time('Y/m/d H:i:s'), 'pm_content' => $latest_pm->pm_content, 'url' => theme_cache::get_author_posts_url($pm->pm_author)], 'timestamp' => $timestamp]));
}
/** timeout msg */
die(theme_features::json_format(['status' => 'error', 'code' => 'timeout', 'msg' => ___('Timeout')]));
default:
die(theme_features::json_format(['status' => 'error', 'code' => 'invaild_type', 'msg' => ___('Sorry, type param is invaild.')]));
}
}
private static function process_post()
{
$output = [];
$ctb = isset($_POST['ctb']) && is_array($_POST['ctb']) ? array_filter($_POST['ctb']) : null;
/** check ctb object */
if (empty($ctb)) {
$output['status'] = 'error';
$output['code'] = 'invaild_ctb_param';
$output['msg'] = ___('Invaild contribution param.');
die(theme_features::json_format($output));
}
$edit_post_id = isset($_POST['post-id']) && is_numeric($_POST['post-id']) ? (int) $_POST['post-id'] : 0;
$edit_again = false;
/**
* check edit
*/
if ($edit_post_id != 0) {
/** set edit again */
$edit_again = true;
//self::set_once_published($edit_post_id);
/**
* check post exists
*/
$old_post = theme_cache::get_post($edit_post_id);
if (!$old_post || $old_post->post_type !== 'post' || !self::in_edit_post_status($old_post->post_status)) {
die(theme_features::json_format(['status' => 'error', 'code' => 'post_not_exist', 'msg' => ___('Sorry, the post does not exist.')]));
}
/**
* check post author is myself
*/
if ($old_post->post_author != theme_cache::get_current_user_id()) {
die(theme_features::json_format(['status' => 'error', 'code' => 'post_not_exist', 'msg' => ___('Sorry, you are not the post author, can not edit it.')]));
}
/**
* check post edit lock status
*/
$lock_user_id = self::wp_check_post_lock($edit_post_id);
if ($lock_user_id) {
die(theme_features::json_format(['status' => 'error', 'code' => 'post_not_exist', 'msg' => ___('Sorry, the post does not exist.')]));
}
}
/**
* post title
*/
$post_title = isset($ctb['post-title']) && is_string($ctb['post-title']) ? trim($ctb['post-title']) : null;
if (!$post_title) {
$output['status'] = 'error';
$output['code'] = 'invaild_post_title';
$output['msg'] = ___('Please write the post title.');
die(theme_features::json_format($output));
}
/**
* post excerpt
*/
$post_excerpt = isset($ctb['post-excerpt']) && is_string($ctb['post-excerpt']) ? trim($ctb['post-excerpt']) : null;
/**
* post content
*/
$post_content = isset($ctb['post-content']) && is_string($ctb['post-content']) ? trim($ctb['post-content']) : null;
if (!$post_content) {
$output['status'] = 'error';
$output['code'] = 'invaild_post_content';
$output['msg'] = ___('Please write the post content.');
die(theme_features::json_format($output));
}
/**
* check thumbnail cover
*/
$thumbnail_id = isset($ctb['thumbnail-id']) && is_numeric($ctb['thumbnail-id']) ? (int) $ctb['thumbnail-id'] : null;
if (!$thumbnail_id) {
$output['status'] = 'error';
$output['code'] = 'invaild_thumbnail_id';
$output['msg'] = ___('Please set an image as post thumbnail');
die(theme_features::json_format($output));
}
/**
* cats
*/
if ($edit_post_id == 0) {
/** new post */
$cat_ids = isset($ctb['cats']) && is_array($ctb['cats']) ? $ctb['cats'] : null;
if (is_null_array($cat_ids)) {
$output['status'] = 'error';
$output['code'] = 'invaild_cat_id';
$output['msg'] = ___('Please select a category.');
die(theme_features::json_format($output));
}
/** edit post */
} else {
/**
* get all cats
*/
$cat_id = isset($ctb['cat']) && is_numeric($ctb['cat']) ? (int) $ctb['cat'] : null;
if (empty($cat_id)) {
$output['status'] = 'error';
$output['code'] = 'invaild_cat_id';
$output['msg'] = ___('Please select a category.');
die(theme_features::json_format($output));
}
$cat_ids = [];
theme_features::get_all_cats_by_child($cat_id, $cat_ids);
}
/**
* tags
*/
$tags = isset($ctb['tags']) && is_array($ctb['tags']) ? array_filter($ctb['tags']) : [];
if (!empty($tags)) {
$tags = array_map(function ($tag) {
if (!is_string($tag)) {
return null;
}
return $tag;
}, $tags);
}
/**
* post status
*/
if (theme_cache::current_user_can('publish_posts')) {
$post_status = 'publish';
} else {
$post_status = 'pending';
}
/*****************************
* PASS ALL, WRITE TO DB
*****************************/
/** edit post */
if ($edit_post_id != 0) {
$post_status = self::get_update_post_status($old_post->post_status);
$post_id = wp_update_post(['ID' => $edit_post_id, 'post_title' => $post_title, 'post_status' => $post_status, 'post_type' => $old_post->post_type, 'post_excerpt' => fliter_script($post_excerpt), 'post_content' => fliter_script($post_content), 'post_category' => $cat_ids, 'tags_input' => $tags], true);
/**
* insert post
*/
} else {
$post_id = wp_insert_post(['post_title' => $post_title, 'post_excerpt' => fliter_script($post_excerpt), 'post_content' => fliter_script($post_content), 'post_status' => $post_status, 'post_author' => theme_cache::get_current_user_id(), 'post_category' => $cat_ids, 'tags_input' => $tags], true);
}
/**
* check error
*/
if (is_wp_error($post_id)) {
$output['status'] = 'error';
$output['code'] = $post_id->get_error_code();
$output['msg'] = $post_id->get_error_message();
die(theme_features::json_format($output));
}
/** end post error */
/** set post thumbnail */
set_post_thumbnail($post_id, $thumbnail_id);
/**
* set attachment parent
*/
$attach_ids = isset($ctb['attach-ids']) && is_array($ctb['attach-ids']) ? array_map('intval', array_filter($ctb['attach-ids'])) : null;
if ($attach_ids) {
/** set attachment post parent */
foreach ($attach_ids as $attach_id) {
$post = theme_cache::get_post($attach_id);
if (!$post || $post->post_type !== 'attachment') {
continue;
}
wp_update_post(['ID' => $attach_id, 'post_parent' => $post_id]);
}
}
/** end set post thumbnail */
/**
* if new post
*/
if ($edit_post_id == 0) {
/**
* pending status
*/
if ($post_status === 'pending') {
$output['status'] = 'success';
$output['msg'] = ___('Your post submitted successful, it will be published after approve in a while.');
die(theme_features::json_format($output));
} else {
$output['status'] = 'success';
$output['msg'] = sprintf(___('Congratulation! Your post has been published. You can %s or %s.'), '<a href="' . theme_cache::get_permalink($post_id) . '" title="' . theme_cache::get_the_title($post_id) . '">' . ___('View it now') . '</a>', '<a href="javascript:location.href=location.href;">' . ___('countinue to write a new post') . '</a>');
/**
* add point
*/
if ($edit_again && class_exists('theme_custom_point')) {
$post_publish_point = theme_custom_point::get_point_value('post-publish');
$output['point'] = array('value' => $post_publish_point, 'detail' => ___('Post published'));
}
/** end point */
}
/** end post status */
} else {
$output['status'] = 'success';
if ($old_post->post_status == 'publish') {
$output['msg'] = ___('Your post has updated successful.') . ' <a href="' . theme_cache::get_permalink($post_id) . '" target="_blank">' . ___('Views it now') . '</a>';
} else {
$output['msg'] = ___('Your post has updated successful.');
}
die(theme_features::json_format($output));
}
/** end post edit */
die(theme_features::json_format($output));
}
public static function process()
{
$output = [];
theme_features::check_referer();
theme_features::check_nonce();
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : null;
switch ($type) {
/**
* case upload
*/
case 'add-cover':
/**
* if not image
*/
$filename = isset($_FILES['img']['name']) ? $_FILES['img']['name'] : null;
$file_ext = $filename ? array_slice(explode('.', $filename), -1, 1)[0] : null;
$file_ext = strtolower($file_ext);
if (!in_array($file_ext, self::$file_exts)) {
$output['status'] = 'error';
$output['code'] = 'invaild_file_type';
$output['msg'] = ___('Invaild file type.');
die(theme_features::json_format($output));
}
/** rename file name */
$_FILES['img']['name'] = theme_cache::get_current_user_id() . '-' . current_time('YmdHis') . '-' . rand(100, 999) . '.' . $file_ext;
/**
* pass
*/
require_once ABSPATH . 'wp-admin/includes/image.php';
require_once ABSPATH . 'wp-admin/includes/file.php';
require_once ABSPATH . 'wp-admin/includes/media.php';
$attach_id = media_handle_upload('img', 0);
if (is_wp_error($attach_id)) {
$output['status'] = 'error';
$output['code'] = $attach_id->get_error_code();
$output['msg'] = $attach_id->get_error_message();
die(theme_features::json_format($output));
} else {
$output['status'] = 'success';
$output['thumbnail'] = ['url' => esc_url(self::wp_get_attachment_image_src($attach_id, 'thumbnail')[0])];
$output['attach-id'] = $attach_id;
$output['msg'] = ___('Upload success.');
die(theme_features::json_format($output));
}
break;
/**
* post
*/
/**
* post
*/
case 'post':
$clt = isset($_POST['clt']) && is_array($_POST['clt']) ? $_POST['clt'] : null;
if (is_null_array($clt)) {
$output['status'] = 'error';
$output['code'] = 'invaild_ctb_param';
$output['msg'] = ___('Invaild collection param.');
die(theme_features::json_format($output));
}
/**
* get posts
*/
$posts = isset($clt['posts']) && is_array($clt['posts']) ? $clt['posts'] : null;
if (empty($posts)) {
$output['status'] = 'error';
$output['code'] = 'invaild_posts';
$output['msg'] = ___('Sorry, posts can not be empty.');
die(theme_features::json_format($output));
}
/**
* post title
*/
$post_title = isset($clt['post-title']) && is_string($clt['post-title']) ? esc_html(trim($clt['post-title'])) : null;
if (empty($post_title)) {
$output['status'] = 'error';
$output['code'] = 'invaild_post_title';
$output['msg'] = ___('Please write the post title.');
die(theme_features::json_format($output));
}
/**
* check thumbnail cover
*/
$thumbnail_id = isset($clt['thumbnail-id']) && is_numeric($clt['thumbnail-id']) ? (int) $clt['thumbnail-id'] : null;
if (empty($thumbnail_id)) {
$output['status'] = 'error';
$output['code'] = 'invaild_thumbnail_id';
$output['msg'] = ___('Please set an image as post thumbnail');
die(theme_features::json_format($output));
}
/**
* post content
*/
$post_content = isset($clt['post-content']) && is_string($clt['post-content']) ? strip_tags(trim($clt['post-content']), '<del><a><b><strong><em><i>') : null;
if (empty($post_content)) {
$output['status'] = 'error';
$output['code'] = 'invaild_post_content';
$output['msg'] = ___('Please explain why you recommend this collection.');
die(theme_features::json_format($output));
}
/**
* get posts template
*/
$post_content = '<p>' . $post_content . '</p>' . self::get_preview($posts);
/**
* tags
*/
$tags = isset($clt['tags']) && is_array($clt['tags']) ? $clt['tags'] : [];
if (!empty($tags)) {
$tags = array_map(function ($tag) {
if (!is_string($tag)) {
return null;
}
return $tag;
}, $tags);
}
/**
* post status
*/
if (theme_cache::current_user_can('moderate_comments')) {
$post_status = 'publish';
} else {
$post_status = 'pending';
}
/**
* insert
*/
$post_id = wp_insert_post(array('post_title' => $post_title, 'post_content' => fliter_script($post_content), 'post_status' => $post_status, 'post_author' => theme_cache::get_current_user_id(), 'post_category' => (array) self::get_options('cats'), 'tags_input' => $tags), true);
if (is_wp_error($post_id)) {
$output['status'] = 'error';
$output['code'] = $post_id->get_error_code();
$output['msg'] = $post_id->get_error_message();
} else {
/** set post thumbnail */
set_post_thumbnail($post_id, $thumbnail_id);
/**
* pending status
*/
if ($post_status === 'pending') {
$output['status'] = 'success';
$output['msg'] = sprintf(___('Your collection submitted successful, it will be published after approve in a while. Thank you very much! How about %s again?'), '<a href="' . self::get_tabs('collection')['url'] . '">' . ___('write a new collection') . '</a>');
die(theme_features::json_format($output));
} else {
$output['status'] = 'success';
$output['msg'] = sprintf(___('Congratulation! Your post has been published. You can %s or %s.'), '<a href="' . theme_cache::get_permalink($post_id) . '" title="' . theme_cache::get_the_title($post_id) . '">' . ___('View it now') . '</a>', '<a href="' . self::get_tabs('collection')['url'] . '">' . ___('countinue to write a new collection') . '</a>');
/**
* add point
*/
if (class_exists('theme_custom_point')) {
$post_publish_point = theme_custom_point::get_point_value('post-publish');
$output['point'] = array('value' => $post_publish_point, 'detail' => ___('Post published'));
}
die(theme_features::json_format($output));
}
}
break;
/**
* get post
*/
/**
* get post
*/
case 'get-post':
$post_id = isset($_REQUEST['post-id']) && is_numeric($_REQUEST['post-id']) ? $_REQUEST['post-id'] : null;
if (!$post_id) {
$output['status'] = 'error';
$output['code'] = 'invaild_post_id';
$output['msg'] = ___('Sorry, the post id is invaild.');
die(theme_features::json_format($output));
}
global $post;
$post = theme_cache::get_post($post_id);
if (!$post || $post->post_type !== 'post') {
$output['status'] = 'error';
$output['code'] = 'post_not_exist';
$output['msg'] = ___('Sorry, the post do not exist, please type another post ID.');
//echo(json_encode($output));
die(theme_features::json_format($output));
}
setup_postdata($post);
$output = ['status' => 'success', 'msg' => ___('Finished get the post data.'), 'thumbnail' => ['url' => theme_functions::get_thumbnail_src($post_id), 'size' => [theme_functions::$thumbnail_size[1], theme_functions::$thumbnail_size[2]]], 'title' => theme_cache::get_the_title($post_id), 'excerpt' => html_minify(str_sub(strip_tags(trim($post->post_content)), 120, '...'))];
wp_reset_postdata();
die(theme_features::json_format($output));
}
die(theme_features::json_format($output));
}
/**
* 安全过滤函数-过滤javascript,iframes等不安全参数
* @author liuxiaolinl <*****@*****.**>
* @param maxied $input 需要过滤的值,可是是数组,字符
* @return string
*/
function fliter_script(&$input)
{
if (is_array($input)) {
foreach ($input as &$v) {
if (is_array($v)) {
fliter_script($v);
} else {
$v = preg_replace("/(javascript:)?on(click|load|key|mouse|error|abort|move|unload|change|dblclick|move|reset|resize|submit)/i", "&111n\\2", $v);
$v = preg_replace("/<script(.*?)<\\/script>/si", "", $v);
$v = preg_replace("/<iframe(.*?)<\\/iframe>/si", "", $v);
}
}
} else {
$input = preg_replace("/(javascript:)?on(click|load|key|mouse|error|abort|move|unload|change|dblclick|move|reset|resize|submit)/i", "&111n\\2", $input);
$input = preg_replace("/<script(.*?)<\\/script>/si", "", $input);
$input = preg_replace("/<iframe(.*?)<\\/iframe>/si", "", $input);
}
}
