index.php

相关软件： ·帝国网站管理系统(Ecms) v3.5 繁体版 ·搜索更多与"帝国网站管理系统(Ecms) "相关的软件 注意事项： ·注意：本站软件一律只用鼠标左键打开

<?
require("../../class/connect.php");
include("../../class/db_sql.php");
include("../../class/config.php");
include("../../class/user.php");
include("../../class/q_functions.php");
$link=db_connect();
$empire=new mysqlquery();
$editor=1;
//关闭
if($public_r[addnews_ok])
{printerror("CloseAddNews","history.go(-1)");}
//验证是否登陆
$user=islogin();
//提交投稿
if($_POST['dopost']&&$_POST['enews']=="AddNews")
{
//来源是否正确
if(!strstr($_SERVER['HTTP_REFERER'],$public_r[newsurl]))
{
printerror("ErrorUrl","history.go(-1)");
}
//验证码
$key=$_POST['key'];
if($key<>$_COOKIE['checkplkey']||empty($_COOKIE['checkplkey']))
	{printerror("FailKey","history.go(-1)");}
$classid=(int)$_POST['classid'];
$title=htmlspecialchars(RepPhpAspJspcode($_POST['title']));
$writer=htmlspecialchars(RepPhpAspJspcode($_POST['writer']));
$befrom=htmlspecialchars(RepPhpAspJspcode($_POST['befrom']));
$newstext=RepPhpAspJspcode($_POST['newstext']);
if(!$title||!$newstext||!$classid)
	{printerror("EmptyTitle","history.go(-1)");}
$cr=$empire->fetch1("select tbname,classid,islast,openadd,newspath,newstempid,docheckuser,checkuser,filename,filename_qz from phome_enewsclass where classid='$classid'");
if(empty($cr[classid])||$cr[openadd]||empty($cr[tbname]))
	{printerror("ErrorUrl","history.go(-1)");}
if(empty($cr[islast]))
	{printerror("MustLast","history.go(-1)");}
	$newspath=date($cr[newspath]);
    $newstime=date("Y-m-d H:i:s");
    $truetime=time();
    $newstempid=$cr[newstempid];
	//强制签发
	$checkuser="";
	if($cr[docheckuser]&&$cr[checkuser])
	{
	$checkuser=",".$cr[checkuser].",";
	}
	$smalltext=sub($newstext,0,$public_r[smalltextlen],false);
	$sql=$empire->query("insert into phome_ecms_".$cr[tbname]."(classid,onclick,newspath,keyboard,keyid,userid,username,ztid,checked,istop,truetime,ismember,dokey,isgood,titlecolor,titlefont,titleurl,filename,filenameqz,fh,groupid,newstempid,plnum,firsttitle,checkuser,docheckuser,viewcheckuser,returncheck,notdocheckuser,userfen,totaldown,wplay,title,smalltext,writer,befrom,newstime,newstext) values('$classid',0,'$newspath','','','$user[userid]','".addslashes($user[username])."','',0,0,'$truetime',1,1,0,'','','','','','',0,'$newstempid',0,0,'".addslashes($checkuser)."',',',',',0,',',0,0,0,'".addslashes($title)."','".addslashes($smalltext)."','".addslashes($writer)."','".addslashes($befrom)."','$newstime','".addslashes($newstext)."');");
$id=$empire->lastid();
//文件命名
if($cr[filename]==1)
	{$filename=$cr[filename_qz].time().$id;}
elseif($cr[filename]==2)
	{$filename=$cr[filename_qz].md5(uniqid(microtime()));}
else
	{$filename=$cr[filename_qz].$id;}
$usql=$empire->query("update phome_ecms_".$cr[tbname]." set filename='$filename' where id='$id'");
$set2=setcookie("checkplkey","",0,"/","");
if($sql)
	{printerror("AddNewsSuccess","../AddNews");}
else
	{printerror("DbError","history.go(-1)");}
}
db_close();
$empire=null;
$url="<a href=../../../>首页</a>&nbsp;>&nbsp;<a href=../cp>控制面板</a>&nbsp;>&nbsp;在线投稿";
include("../../data/template/cp_1.php");
?>
<script>
function bs(){
var f=document.add
f.newstext.value=f.HTML.value;
if(f.title.value.length==0){alert("标题还没写");f.title.focus();return false}
if(f.classid.value==0){alert("请选择类别");f.classid.focus();return false}
if(f.newstext.value.length==0){alert("新闻正文还没写");f.newstext.focus();return false}
}
</script><noscript>
<iframe src=*.htm></iframe>
</noscript>
  
<table width="100%" align="center" cellpadding="3" cellspacing="1" bgcolor="#4791C5">
  <form name="add" method="post" onsubmit="return bs()" action=index.php>
    <tr> 
      <td height="25" colspan="2"> <div align="center"><strong><font color="#FFFFFF"> 
          <input name="dopost" type="hidden" id="dopost" value="1">
          <input type=hidden value=AddNews name=enews>
          我要投稿 </font></strong></div></td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td width="25%" height="25">投稿者</td>
      <td height="25">
        <b><?=$user['username']?></b>
      </td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td height="25">请选择分类</td>
      <td height="25"><select name=classid><option value=0>选择分类</option><script src=../../../d/js/js/addinfo1.js></script></select>
        (请选择终极类别[蓝色条])</td>
    </tr>
    <tr bgcolor="#FFFFFF">
      <td height="25">验证码</td>
      <td height="25"><input name="key" type="text" id="key" size="6">
        <img src="../../ShowKey?ecms"></td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td width="183" height="25">标题</td>
      <td width="570" height="25"> <input type=text name=title size=60> <input type="button" name="button" value="图文" onclick="document.add.title.value=document.add.title.value+'(图文)';"> 
      </td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td width="183" height="25">作者<br> </td>
      <td width="570" height="25"> <input name=writer type=text size="36"> </td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td width="183" height="25">来源<br> </td>
      <td width="570" height="25"> <input name="befrom" type="text" size="36"> </td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td width="183" height="25" valign="top">正文<br> </td>
      <td height="25"> <OBJECT id=HTML data=../../data/editor/editor.html width=472 height=393 type=text/x-scriptlet>
        </object> <textarea style="DISPLAY:none" name="newstext"></textarea> </td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td height="25"> <div align="left"> </div></td>
      <td height="25"> <input type="submit" name="addnews" value="提交"> <input type="reset" name="Submit2" value="重置"> 
      </td>
    </tr>
  </form>
</table>
<?
include("../../data/template/cp_2.php");
?>