📄 add_entry.php
字号:
<?
$page = "add_entry.php";
include "header.php";
if(isset($_POST['task'])) { $task = $_POST['task']; } else { $task = "main"; }
if(isset($_GET['task']) AND $_GET['task'] == "addsmilie") {
$server_array = explode("/", $_SERVER['PHP_SELF']);
$server_info = implode("/", $server_array);
$prefix = str_replace("manager/add_entry.php", "images/smilies", "http://".$_SERVER['HTTP_HOST'].$server_info);
echo "
<html>
<head>
<title>Insert Smilie</title>
<style type='text/css'>
body { margin: 15px; }
</style>
<script language='JavaScript'>
<!--
function addtheSmilie(imageURL) {
self.parent.addSmilie(imageURL, 'contents');
window.close();
}
// -->
</script>
<script language=\"JavaScript\" type=\"text/javascript\" src=\"richtext.js\"></script>
</head>
<body>
<table cellpadding='0' cellspacing='0' width='100%' height='100%'>
<tr>
<td align='center' valign='center'>
";
// READ FROM SMILIES DIRECTORY
$dirname="../images/smilies";
$dh = @opendir($dirname) or die("Error: Failed to open smilies directory.");
$filelist = array();
$c = 0;
while(!(($file = @readdir($dh)) === false)) {
if(!is_dir("$dirname/$file")) {
if(eregi("gif|jpeg|pjpeg|png", $file, $array)) {
$filelist[$c] = $file;
$c++;
}}}
closedir($dh);
sort($filelist);
$total = count($filelist);
$c = 0;
while($c < $total) {
echo "
<a href='#' onClick=\"addtheSmilie('$prefix/$filelist[$c]')\"><img src='../images/smilies/$filelist[$c]' border='0' style='margin: 5px;'></a>";
$c++;
}
echo "
</td></tr></table>
</body>
</html>
";
exit();
}
if($task == "doadd") {
$title = str_replace("<", "<", str_replace(">", ">", str_replace("'", "'", $_POST['title'])));
$contents = str_replace("'", "'", $_POST['contents']);
$tb_to_ping = $_POST['tb_to_ping'];
$tb_pinged = "";
$submit = $_POST['submit'];
$month = $_POST['month'];
$day = $_POST['day'];
$year = $_POST['year'];
$hour = $_POST['hour'];
$minute = $_POST['minute'];
$ampm = $_POST['ampm'];
$comments = $_POST['comments'];
$trackbacks = $_POST['trackbacks'];
$privacy = $_POST['privacy'];
$ec_id = $_POST['ec_id'];
$send_mail = $_POST['send_mail'];
// CONVERT DATE INTO UNIX TIMESTAMP
$date = strtotime("$month/$day/$year $hour:$minute:00 $ampm");
$date = untimezone($date);
$date = duplicatetime($date, 0);
// CENSOR BAD WORDS
$bad_words = explode(",", trim($admin_info[banned_badwords]));
$bad_words_replace = explode(",", trim($admin_info[banned_badwords_replace]));
$contents = str_replace($bad_words, $bad_words_replace, $contents);
$title = str_replace($bad_words, $bad_words_replace, $title);
// INSERT NEW ENTRY AS EITHER LIVE OR DRAFT
if($submit == "$add_entry20") { $draft = "1"; } else { $draft = "0"; }
mysql_query("INSERT INTO bhost_entries (u_id, ec_id, title, contents, draft, privacy, date, comments, trackbacks) VALUES ('$user_info[u_id]', '$ec_id', '$title', '$contents', '$draft', '$privacy', '$date', '$comments', '$trackbacks')");
$entry = mysql_fetch_assoc(mysql_query("SELECT e_id, title, contents FROM bhost_entries WHERE u_id='$user_info[u_id]' AND ec_id='$ec_id' AND title='$title' AND contents='$contents' AND date='$date'"));
$trackback_result = "";
include "../include/trackback_cls.php";
$trackback = new Trackback("$user_info[title]", "$user_info[display_name]", "UTF-8");
$tb_full_array = Array();
$detected_urls = 0;
if($tb_array = $trackback->auto_discovery($entry[contents])) {
foreach($tb_array as $tb_key => $tb_url) {
$tb_full_array[$detected_urls] = $tb_url;
$detected_urls = $detected_urls + 1;
}
}
if((str_replace(" ", "", $tb_to_ping) != "" | $detected_urls != 0) && $group_info[allow_trackback] != 0) {
// SEND TRACKBACKS IF NOT A DRAFT
if($draft == "0") {
$trackback_result = "$add_entry32<br>";
$tb_to_ping_urls = explode(" ", trim($tb_to_ping));
$tb_to_ping_urls = array_unique(array_merge($tb_to_ping_urls, $tb_full_array));
$tb_pinged = "";
$tb_to_ping = "";
$excerpt = substr($entry[contents], 0, 252)."...";
if($entry[title] == "") { $title = "$add_entry33"; } else { $title = $entry[title]; }
for($tb=0;$tb<count($tb_to_ping_urls);$tb++) {
if(str_replace(" ", "", $tb_to_ping_urls[$tb]) != "") {
$response = $trackback->ping("$tb_to_ping_urls[$tb]", url("entry", "$user_info[username]", "$entry[e_id]"), "$title", "$excerpt");
if($response == "1") {
$trackback_result .= "<i>$tb_to_ping_urls[$tb]</i> - $add_entry27<br>";
} elseif($response == "2") {
$trackback_result .= "<i>$tb_to_ping_urls[$tb]</i> - $add_entry28<br>";
$tb_pinged .= "$tb_to_ping_urls[$tb] ";
} else {
$trackback_result .= "<i>$tb_to_ping_urls[$tb]</i> - $add_entry29<br>";
}
}
}
$tb_pinged = trim($tb_pinged);
} else {
$tb_to_ping = $tb_to_ping;
$tb_pinged = "";
}
// ENTER TRACKBACK URLs PINGED
mysql_query("UPDATE bhost_entries SET tb_to_ping='$tb_to_ping', tb_pinged='$tb_pinged' WHERE e_id='$entry[e_id]' AND u_id='$user_info[u_id]'");
}
// INCREMENT NUM_ENTRIES IN BHOST_USERS
$new_num_entries = $user_info[num_entries] + 1;
mysql_query("UPDATE bhost_users SET num_entries='$new_num_entries' WHERE u_id='$user_info[u_id]'");
if($send_mail == "1" & $draft == "0") {
if(str_replace(" ", "", $title) == "") { $title = "$add_entry22"; }
$subject = "[".str_replace("'", "'", $user_info[title])."] ".str_replace("'", "'", $title);
$subject = stripslashes(strip_tags($subject));
$message = str_replace("'", "'", stripslashes($contents));
$message = stripslashes(strip_tags($message));
$message = "$add_entry23\n\n$add_entry24 $user_info[username]\n\n$title\n$message";
mail($user_info[mailing_list], $subject, $message, "From: $user_info[email]");
}
if($trackback_result == "") {
header("Location: index.php");
exit();
} else {
echo $head;
echo "$add_entry30
<br><br>
$trackback_result
<br>
<form action='index.php' method='POST'>
<input type='submit' class='button' value='$add_entry31'>
</form>
";
echo $foot;
exit();
}}
// GET CURRENT DATE AND TIME
$thism = cdate("n", timezone(time()));
$thisd = cdate("j", timezone(time()));
$thisy = cdate("Y", timezone(time()));
$thishour = cdate("g", timezone(time()));
$thismin = cdate("i", timezone(time()));
$thisampm = cdate("A", timezone(time()));
// GET ENTRY DEFAULT
$entry_default = str_replace("'", "\'", $user_info[entry_default]);
$entry_default = str_replace("\r\n", "", $entry_default);
// GET FILES ARE SPECIFIED IN URL, CHECK FOR OWNERSHIP, ADD TO ENTRY DEFAULT
$path = str_replace("manager/add_entry.php", "", $_SERVER['SCRIPT_NAME']);
$path = "http://".$_SERVER['HTTP_HOST'].$path."uploads/";
$filehtml = "";
if(isset($_GET['f_ids'])) { $f_ids = $_GET['f_ids']; }
if(isset($f_ids) AND $f_ids != "") {
$f_ids = explode("_", $f_ids);
$total = count($f_ids);
$count = 0;
while($count < $total) {
$filequery = mysql_query("SELECT * FROM bhost_uploads WHERE f_id='$f_ids[$count]' AND u_id='$user_info[u_id]'");
$file = mysql_fetch_assoc($filequery);
if(mysql_num_rows($filequery) != 1) { exit(); }
elseif(mysql_num_rows($filequery) == 1) {
// GET EXTENSION
$ext = strtolower(strrchr($file[filename], "."));
$ext = str_replace(".", "", $ext);
// IF FILE IS IMAGE, USE IMG TAG
if($ext == "jpg" OR $ext == "jpeg" OR $ext == "gif" OR $ext == "png" OR $ext == "bmp") {
// IF FILE IS NOT IMAGE, MAKE A LINK
$filehtml = "<a href=\"$path$file[filename]\"><img src=\"$path$file[filename]\" border=\"0\"></a>";
} else {
$filehtml = "$add_entry25 <a href=\"$path$file[filename]\">$file[filename]</a>";
}}
$entry_default = "$entry_default$filehtml";
if($total > 1) { $entry_default .= "<br>"; }
$count++;
}
}
echo $head;
echo "
<h2>$add_entry1</h2>
$add_entry2
<br><br>
<script language='JavaScript'>
<!--
function preloader() {
bold_d = new Image();
bold_d.src = '../images/bold_d.gif';
italic_d = new Image();
italic_d.src = '../images/italic_d.gif';
underline_d = new Image();
underline_d.src = '../images/underline_d.gif';
left_just_d = new Image();
left_just_d.src = '../images/left_just_d.gif';
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -