📄 vote.php
字号:
<?php
/*
*######################################
* PHPCMS v2.00 - Advanced Content Manage System.
* Copyright (c) 2004-2005 phpcms.cn
*
* For further information go to http://www.phpcms.cn/
* This copyright notice MUST stay intact for use.
*######################################
*/
if(!defined('IN_PHPCMS')) {
exit('Access Denied');
}
$referer=$referer ? $referer : $_SERVER["HTTP_REFERER"];
$action=$action ? $action : 'manage';
switch($action){
case 'add':
if($submit){
if(!ereg('^[01]+$',$type)){
showmessage('非法参数!请返回!');
}
if(empty($subject)){
showmessage('非法参数!请返回!');
}
if(empty($voteoption[0])){
showmessage('非法参数!请返回!');
}
if(!ereg('^[01]+$',$passed)){
showmessage('非法参数!请返回!');
}
if(strpos($fromtime, "-")) {
$time = explode("-", $fromtime);
$fromtime = gmmktime(0, 0, 0, $time[1], $time[2], $time[0]) - $timeoffset * 3600;
}else{
$fromtime = 0;
}
if(strpos($totime, "-")) {
$time = explode("-", $totime);
$totime = gmmktime(0, 0, 0, $time[1], $time[2], $time[0]) - $timeoffset * 3600;
}else{
$totime = 0;
}
$query="insert into $table_vote_subject(subject,type,inputer,addtime,checker,checktime,editor,updatetime,fromtime,totime,passed) values('$subject','$type','$_SESSION[phpcms_username]','$timestamp','$_SESSION[phpcms_username]','$timestamp','$_SESSION[phpcms_username]','$timestamp','$fromtime','$totime','$passed')";
$db->query($query);
if($db->affected_rows()>0){
$voteid=$db->insert_id();
foreach($voteoption as $optionid=>$option){
if(!empty($option)){
$query="insert into $table_vote_option(voteid,voteoption) values('$voteid','$option')";
$db->query($query);
}
}
$referer="?dir=plugin&file=vote&action=vote_js&voteid=".$voteid."&referer=".urlencode($referer);
showmessage('操作成功!',$referer);
}else{
showmessage('操作失败!请返回!');
}
}else{
$today=date("Y-m-d",$timestamp);
include template('vote_add',1);
}
break;
case 'edit':
if($submit){
if(!chartype('/^[0-9]+$/i',$voteid)){
showmessage('非法参数!请返回!');
}
if(!ereg('^[01]+$',$type)){
showmessage('非法参数!请返回!');
}
if(empty($subject)){
showmessage('非法参数!请返回!');
}
if(!ereg('^[01]+$',$passed)){
showmessage('非法参数!请返回!');
}
if(strpos($fromtime, "-")) {
$time = explode("-", $fromtime);
$fromtime = gmmktime(0, 0, 0, $time[1], $time[2], $time[0]) - $timeoffset * 3600;
}else{
$fromtime = 0;
}
if(strpos($totime, "-")) {
$time = explode("-", $totime);
$totime = gmmktime(0, 0, 0, $time[1], $time[2], $time[0]) - $timeoffset * 3600;
}else{
$totime = 0;
}
$db->query("UPDATE $table_vote_subject SET subject='$subject',type='$type',editor='$_SESSION[phpcms_username]',updatetime='$timestamp',fromtime='$fromtime',totime='$totime',passed='$passed' WHERE voteid='$voteid'");
if($db->affected_rows()>0){
foreach($voteoption as $optionid=>$option){
$db->query("UPDATE $table_vote_option set voteoption='$option' WHERE optionid='$optionid'");
}
$referer=urlencode($referer);
$referer="?dir=plugin&file=vote&action=vote_js&voteid=".$voteid."&referer=".$referer;
showmessage('操作成功!',$referer);
}else{
showmessage('操作失败!请返回!');
}
}else{
$query = $db->query("SELECT * FROM $table_vote_subject where voteid='$voteid'");
$vote=$db->fetch_array($query);
$subject=$vote[subject];
$voteid=$vote[voteid];
$type=$vote[type];
$passed=$vote[passed];
$fromdate=date("Y-m-d",$vote[fromtime]);
$todate=$vote[totime] ? date("Y-m-d",$vote[totime]) : 0 ;
$result=$db->query("SELECT * FROM $table_vote_option WHERE voteid='$voteid'");
while($option=$db->fetch_array($result)){
$voteoptions[]=$option;
}
include template('vote_edit',1);
}
break;
case 'passed':
if(!chartype('/^[01]+$/i',$passed)){
showmessage('非法参数!请返回!');
}
if(!chartype('/^[0-9]+$/i',$voteid)){
showmessage('非法参数!请返回!');
}
$db->query("update $table_vote_subject set passed='$passed',checker='$_SESSION[phpcms_username]',checktime='$timestamp' where voteid='$voteid'");
showmessage('操作成功!',$referer);
break;
case 'delete':
if(!chartype('/^[0-9]+$/i',$voteid)){
showmessage('非法参数!请返回!');
}
$voteid = is_array($voteid) ? implode(',',$voteid) : $voteid;
$db->query("delete from $table_vote_subject where voteid in ($voteid)");
$db->query("delete from $table_vote_option where voteid in ($voteid)");
showmessage('操作成功!',$referer);
break;
case 'vote_js':
if(strpos($voteid,',')){
$voteids=explode(',',$voteid);
}else{
$voteids=$voteid;
}
if(is_array($voteids)){
foreach($voteids as $voteid){
html($action);
}
}else{
html($action);
}
showmessage('操作成功!',$referer);
break;
case 'getcode':
$result=$db->query("SELECT * FROM $table_vote_subject WHERE voteid='$voteid'");
if($db->num_rows($result)==0)
showmessage('对不起,该记录不存在!请返回!');
$r=$db->fetch_array($result);
$subject=$r[subject];
$voteid=$r[voteid];
$type=$r[type] ? "checkbox" : "radio";
$name=$r[type] ? "voteoption[]" : "voteoption";
$result=$db->query("SELECT * FROM $table_vote_option WHERE voteid='$voteid'");
while($option=$db->fetch_array($result)){
$voteoptions[$option[optionid]]=$option[voteoption];
}
$opnumber=count($voteoptions);
include template('vote_getcode',1);
break;
default:
$query = $db->query("SELECT * FROM $table_vote_subject ORDER BY passed,voteid desc");
while($vote=$db->fetch_array($query)) {
$vote[bgcolor] = $vote[totime]<$timestamp ? "#BFDFFF" : "#F1F3F5";
$vote[fromdate]=date("Y-m-d",$vote[fromtime]);
$vote[todate]=$vote[totime] ? date("Y-m-d",$vote[totime]) : "不限";
$votes[]=$vote;
}
include template('vote_manage',1);
}
?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -