cateatc.php

自己写的一个网络日志(BLOG)系统

<?php
!function_exists('adminmsg') && exit('Forbidden');
$basename .= "&job=$job";

if ($set == 'edit' && $_POST['step']!=1) {
	$itemid = GetGP('itemid');
	(int)$itemid < 1 && adminmsg('illegal_request');
	((int)$admin_gid < 1) && $admin_gid = '2';
	if (file_exists(D_P."data/groupdb/group_$admin_gid.php")) {
		require_once(Pcv(D_P."data/groupdb/group_$admin_gid.php"));
	} else {
		require_once(D_P.'data/groupdb/group_1.php');
	}
	require_once(R_P.'mod/post_mod.php');
	$dirgpslt = '';
	$dirarray = $attdb = $tagdb = $absurldb = $songurldb = array();
	$atc = $db->get_one("SELECT im.*,i.cid,i.dirid,i.uid,i.author,i.icon,i.subject,i.allowreply,i.ifcheck,i.ifhide,i.uploads FROM pw_$job im LEFT JOIN pw_items i ON im.itemid = i.itemid WHERE im.itemid='$itemid'");
	$cid = $atc['cid'];
	$dirdb = getitemtype($job,$atc['uid']);
	foreach ($dirdb as $value) {
 		$dirselected = ($atc['dirid']==$value['typeid']) ? ' SELECTED' : '';
		$dirgpslt .= "<option id=\"dirop$value[typeid]\" value=\"$value[typeid]\"$dirselected>$value[name]</option>";
		$dirarray[$value['typeid']] = array('name' => $value['name'],'vieworder' => $value['vieworder']);
	}
	unset($dirdb);
	${'icon_'.(int)$atc['icon']} = ' CHECKED';
	$tdisplay = ' style="display:none;"';
	if ($atc['tags']) {
		$tagdb = explode(',',$atc['tags']);
		$tagdb[0] && $tdisplay = '';
	}
	${'allowreply_'.(int)$atc['allowreply']} = ${'ifhide_'.(int)$atc['ifhide']} = ' SELECTED';
	$html_CK = (int)$atc['ifsign'] < 2 ? '' : 'CHECKED';
	$ifsign_CK = ($atc['ifsign']==1 || $atc['ifsign']==3) ? 'CHECKED' : '';
	$editor = 'wysiwyg';
	$atc_content = (strpos($atc['content'],$db_blogurl)!==false) ? str_replace(array('p_w_picpath','p_w_upload','<','>'),array($picpath,$attachpath,'&lt;','&gt;'),$atc['content']) : str_replace(array('<','>'),array('&lt;','&gt;'),$atc['content']);
	$atc['uploads'] && $attachdb = unserialize($atc['uploads']);
	!is_array($attachdb) && $attachdb = array();
	$_GROUP['attachext'] && $db_uploadfiletype = $_GROUP['attachext'];
	$_GROUP['uploadnum'] && $db_attachnum = $_GROUP['uploadnum'];
	$_GROUP['attachsize'] && $db_uploadmaxsize = $_GROUP['attachsize'];
	list($db_titlemax,$db_postmin,$db_postmax) = explode(',',$db_lenlimit);
	if ($job == 'photo') {
 		$absurldb = $atc['absoluteurl'] ? unserialize($atc['absoluteurl']) : array();
	} elseif ($job == 'goods') {
 		${'quality_'.$atc['quality']} = 'CHECKED';
 		${'feemode_'.$atc['feemode']} = 'CHECKED';
 	} elseif ($job == 'music') {
 		$songurldb = $atc['musicurl'] ? unserialize($atc['musicurl']) : array();
 	} elseif ($job == 'file') {
 		${'unit_'.$atc['unit']} = 'CHECKED';
 		$osdb = explode(',',$atc['os']);
 		foreach ($osdb as $value){
 			${'os_'.$value} = 'CHECKED';
 		}
 		$fileurldb = $atc['absoluteurl'] ? unserialize($atc['absoluteurl']) : array();
 	}
}
$categpslt = $selected = '';
if ($job != 'gbook') {
	include_once(D_P."data/cache/forum_cache_$job.php");
	$catedb = ${strtoupper('_'.$job)};
	foreach ($catedb as $key => $value) {
		$add = '';
		for ($i=0;$i<$value['type'];$i++) {
			$add .= '>';
		}
		$selected = ($set == 'edit' && $cid && $value['cid'] == $cid) ? ' SELECTED' : '';
		$categpslt .= "<option value=\"$value[cid]\"$selected>$add $value[name]</option>";
	}
}
if ($set == 'list') {
	InitGP(array('page','atccid','author','ckauthor','keyword','ktype','ckkeyword','postdate1','postdate2','digest','topped','ifcheck','orderby','sc','perpage','username','ckusername'));
	$sql = $addpage = $pages = '';
	$atcdb = array();
	if ($job != 'gbook') {
		if (strlen($atccid) > 0 && (int)$atccid > -1) {
			$sql .= ($sql ? ' AND' : '')." i.cid='$atccid'";
			$addpage .= "atccid=$atccid&";
		}
		if (strlen($postdate1) > 0 || strlen($postdate2) > 0) {
			if ($postdate1) {
				!is_numeric($postdate1) && $postdate1 = PwStrtoTime($postdate1);
				$sql .= ($sql ? ' AND' : '')." i.postdate>'$postdate1'";
				$addpage .= "postdate1=$postdate1&";
			}
			if ($postdate2) {
				!is_numeric($postdate2) && $postdate2 = PwStrtoTime($postdate2);
				$sql .= ($sql ? ' AND' : '')." i.postdate<'$postdate2'";
				$addpage .= "postdate2=$postdate2&";
			}
		}
		if (strlen($digest) > 0 && (int)$digest > -1) {
			$sql .= ($sql ? ' AND' : '')." i.digest='$digest'";
			$addpage .= "digest=$digest&";
		}
		if (strlen($ifcheck) > 0 && (int)$ifcheck > -1) {
			$sql .= ($sql ? ' AND' : '')." i.ifcheck='$ifcheck'";
			$addpage .= "ifcheck=$ifcheck&";
		}
	} else {
		if (strlen($username) > 0) {
			$sql .= ($sql ? ' AND' : '').' im.username';
			if ($ckusername) {
				$sql .= "='$username'";
				$addpage = 'ckusername=1&';
			} else {
				$sql .= " LIKE '%".str_replace('*','%',$username)."%'";
			}
			$addpage .= "username=$username&";
		}
	}
	if (strlen($author) > 0) {
		$sql .= ($sql ? ' AND' : '').' i.author';
		if ($ckauthor) {
			$sql .= "='$author'";
			$addpage = 'ckauthor=1&';
		} else {
			$sql .= " LIKE '%".str_replace('*','%',$author)."%'";
		}
		$addpage .= "author=$author&";
	}
	if (strlen($keyword) > 0) {
		$sql .= $sql ? ' AND' : '';
		$pre = 'im';
		if ($job == 'gbook') {
			$pre = 'i';
			$ktype = 'content';
		}
		if ($ktype != 'content') {
			$ktype = 'subject';
			$sql .= ' i.subject';
		} else {
			$sql .= " $pre.content";
		}
		if ($ckkeyword) {
			$sql .= "='$keyword'";
			$addpage .= 'ckkeyword=1&';
		} else {
			$sql .= " LIKE '%".str_replace('*','%',$keyword)."%'";
		}
		$addpage .= ($job == 'gbook' ? '' : "ktype=$ktype&")."keyword=$keyword&";
	}
	$where = $sql ? "WHERE $sql" : '';
	$orderby != 'uid' && $orderby != 'cid' && $orderby = 'postdate';
	$sc != 'asc' && $sc = 'desc';
	if ((int)$perpage < 1) {
		$perpage = $db_perpage ? $db_perpage : 30;
	}
	$addpage .= ($orderby == 'postdate' ? '' : "orderby=$orderby&")."sc=$sc&perpage=$perpage&";
	$orderby = " ORDER BY i.$orderby $sc";
	(int)$page<1 && $page = 1;
	$limit = 'LIMIT '.($page-1)*$perpage.",$perpage";
	$feildslt = 'i.itemid,i.cid,i.subject,i.topped,i.digest,i.ifcheck,';
	$fromjoin = "pw_$job im LEFT JOIN pw_items i USING(itemid)";
	if ($job == 'gbook') {
		$feildslt = 'i.id,i.content,im.username,';
		$fromjoin = 'pw_gbook i LEFT JOIN pw_user im USING(uid)';
	}
	$query = $db->query("SELECT {$feildslt}i.uid,i.author,i.postdate FROM $fromjoin $where $orderby $limit");
	while ($rt = $db->fetch_array($query)) {
		strlen($rt['cid']) > 0 && $rt['cate'] = $catedb[$rt['cid']]['name'];
		strlen($rt['digest']) > 0 && $rt['digest'] = $otherlang['digest_'.(int)$rt['digest']];
		strlen($rt['author']) < 1 && $rt['author'] = 'guest';
		strlen($rt['author']) > 0 && $rt['author'] = substrs($rt['author'],16);
		strlen($rt['content']) > 0 && $rt['content'] = substrs($rt['content'],50);
		$rt['postdate'] = get_date($rt['postdate'],'Y-m-d');
		$atcdb[] = $rt;
	}
	$db->free_result($query);
	$count = $db->get_value("SELECT COUNT(*) FROM $fromjoin $where");
	if ($count > $perpage) {
		require_once(R_P.'mod/page_mod.php');
		$pages = page($count,$page,$perpage,"$basename&set=list&$addpage");
	}
} elseif ($set == 'edit' && is_numeric($_POST['step'])) {
	if ($_POST['step']==1) {
		InitGP(array('selid','type','digest','atccid'),'P');
		$tids = '';
		!is_array($selid) && $selid = array();
		if (!empty($selid)) {
			foreach ($selid as $value) {
				if ((int)$value > 0) {
					$tids .= ($tids ? ',' : '')."'$value'";
				}
			}
		}
		!$tids && adminmsg('operate_error');
		$tids = strpos($tids,',')===false ? "=$tids" : " IN ($tids)";
		if ($type == 'delete') {
			$userdb = array();
			if ($job != 'gbook') {
				$itemids = '';
				$catedb = $typedb = $typesdb = array();
				$query = $db->query("SELECT itemid,cid,type,uid,ifcheck FROM pw_items WHERE itemid{$tids}");
				while ($rt = $db->fetch_array($query)) {
					if ($rt['ifcheck']) {
						$catedb[$rt['cid']]['num']++;
						$userdb[$rt['uid']]['items']++;
						$itemids .= ($itemids ? ',' : '')."'$rt[itemid]'";
						$uid = $rt['uid'];
					} else {
						$uid = 0;
					}
					$typedb[$rt['type']][] = array($uid,$rt['itemid']);
				}
				if ($itemids) {
					$itemids = strpos($itemids,',')===false ? "=$itemids" : " IN ($itemids)";
					$query = $db->query("SELECT uid FROM pw_comment WHERE ifcheck='1' AND itemid{$itemids}");
					while ($rt = $db->fetch_array($query)) {
						$userdb[$rt['uid']]['comments']++;
					}
					$query = $db->query("SELECT tagid,tagtype,COUNT(*) AS tagnum FROM pw_taginfo WHERE itemid{$itemids} GROUP BY tagid");
					while ($rt = $db->fetch_array($query)) {
						if ($rt['tagid'] && $rt['tagtype']) {
							$tagnum = "{$rt[tagtype]}num";
							$db->update("UPDATE pw_tags SET allnum=allnum-$rt[tagnum],$tagnum=$tagnum-$rt[tagnum] WHERE tagid='$rt[tagid]'");
						}
					}
				}
				$query = $db->query("SELECT attachurl,ifthumb FROM pw_upload WHERE itemid{$tids}");
				while ($rt = $db->fetch_array($query)) {
					P_unlink("$attachdir/$rt[attachurl]");
					if ($rt['ifthumb'] == 1) {
						$ext = strrchr($rt['attachurl'],'.');
						$thumb = str_replace($ext,"_thumb$ext",$rt['attachurl']);
						P_unlink("$attachdir/$thumb");
					}
				}
				$db->free_result($query);
				foreach ($catedb as $key => $value) {
					$db->update("UPDATE pw_categories SET counts=counts-'$value[num]' WHERE cid='$key'");
				}
				foreach ($typedb as $key => $value) {
					foreach ($value as $k => $v) {
						$db->update("DELETE FROM pw_$key WHERE itemid = $v[1]");
						$v[0] > 0 && $userdb[$v[0]][$key.'s']++;
					}
					!in_array($key.'s',$typesdb) && $typesdb[] = $key.'s';
				}
				foreach ($userdb as $key => $value) {
					$updatesql = '';
					if ($value['items']) {
						$updatesql .= ($updatesql ? ',' : '')."items=items-'$value[items]'";