postmodify.php

自己写的一个网络日志(BLOG)系统

<?php
/**
 * Copyright (c) 2003-07  PHPWind.net. All rights reserved.
 * 
 * @filename: postmodify.php
 * @author: Noizy (noizyfeng@gmail.com), QQ:7703883
 * @modify: Mon Mar 19 18:20:53 CST 2007
 */
!defined('USERPOST') && exit('Forbidden');

$itemdb = $db->get_one("SELECT * FROM pw_$type t LEFT JOIN pw_items i USING(itemid) WHERE t.itemid='$itemid'");
(!$itemdb || $itemdb['uid']!=$admin_uid) && usermsg('modify_error');
if ($_POST['step']!=2) {
	$atc_title = $itemdb['subject'];
	$html_CK = (int)$itemdb['ifsign'] < 2 ? '' : 'CHECKED';
	$ifsign_CK = ($itemdb['ifsign']==1 || $itemdb['ifsign']==3) ? 'CHECKED' : '';
	$atc_content = (strpos($itemdb['content'],$db_blogurl)!==false) ? str_replace(array('p_w_picpath','p_w_upload','<','>'),array($picpath,$attachpath,'&lt;','&gt;'),$itemdb['content']) : str_replace(array('<','>'),array('&lt;','&gt;'),$itemdb['content']);
	${'icon_'.(int)$itemdb['icon']} = ${'allowreply_'.(int)$itemdb['allowreply']} = ' CHECKED';
	foreach ($catedb as $value) {
		$add = '';
		for ($i=0;$i<$value['type'];$i++) {
			$add .= '>';
		}
		$slted = ($itemdb['cid']==$value['cid']) ? ' SELECTED' : '';
		$forumcache .= "<option value=\"$value[cid]\"$slted>$add $value[name]</option>";
	}
	foreach ($dirdb as $value) {
		$slted = ($itemdb['dirid']==$value['typeid']) ? ' SELECTED' : '';
		$itemcache .= "<option id=\"dirop$value[typeid]\" value=\"$value[typeid]\"$slted>$value[name]</option>";
		$itemarray[$value['typeid']] = array('name' => $value['name'],'vieworder' => (int)$value['vieworder']);
	}
	$tagdisplay = 'none';
	if ($itemdb['tags']) {
		$tagname = explode(',',$itemdb['tags']);
		$tagname[0] && $tagdisplay = '';
	}
	${'ifhide_'.(int)$itemdb['ifhide']} = ' SELECTED';
	$itemdb['uploads'] && $uploaddb = unserialize($itemdb['uploads']);
	if ($type == 'file') {
		$filetype = $itemdb['type'];
		unset($itemdb['type']);
	}
	@extract($itemdb); unset($itemdb);
	if ($type == 'file') {
		$absoluteurl = $absoluteurl ? unserialize($absoluteurl) : array();
		$osdb = explode(',',$os);
		foreach($osdb as $value){
			${'os_'.$value} = 'CHECKED';
		}
		unset($osdb);
	} elseif ($type == 'goods') {
		${'quality_'.$quality} = ${'feemode_'.$feemode} = 'CHECKED';
	} elseif ($type == 'music') {
		$musicurl = $musicurl ? unserialize($musicurl) : array();
	} elseif ($type == 'photo') {
		$absoluteurl = $absoluteurl ? unserialize($absoluteurl) : array();
	}
	require_once PrintEot('post');footer();
} else {	InitGP(array('atc_ifsign','atc_autourl','gdcode','atc_iconid','atc_cid','atc_dirid','atc_tagdb','atc_allowreply','atc_ifhide','atc_bbsfid','atc_teamid'),'P');
	if ($admindb['items'] < $postgd) {
		$cknum = GetCookie('cknum');
		Cookie('cknum','',0);
		if (!$gdcode || !SafeCheck(explode("\t",StrCode($cknum,'DECODE')),$gdcode)) {
			usermsg('gdcode_error');
		}
	}
	$updatefeile = '';
	if ($type == 'photo') {
		$absoluteurl = GetGP('absoluteurl','P');
		$temparray = array();
		if (is_array($absoluteurl)) {
			foreach ($absoluteurl as $key => $value) {
				is_numeric($key) && $value && $temparray[$key] = $value;
			}
		}
		if (!empty($temparray)) {
			Strip_S($temparray);
			$absoluteurl = addslashes(serialize($temparray));
		} else {
			$absoluteurl = '';
		}
		$updatefeile = ",absoluteurl='$absoluteurl'";
	} elseif ($type == 'music') {
		InitGP(array('singer','songname','songurl'),'P');
		$musicurl = array();
		if (is_array($songname) && is_array($songurl)) {
			foreach ($songname as $key => $value) {
				is_numeric($key) && $value && $musicurl[$key]['name'] = $value;
			}
			foreach ($songurl as $key => $value) {
				is_numeric($key) && $value && $musicurl[$key]['url'] = $value;
			}
		}
		if (!empty($musicurl)) {
			Strip_S($musicurl);
			$musicurl = addslashes(serialize($musicurl));
		} else {
			$musicurl = '';
		}
		$updatefeile = ",singer='$singer',musicurl='$musicurl'";
	} elseif ($type == 'goods') {
		InitGP(array('atc_oldcid','quality','price','feemode','maillfee','expressfee','emsfee','province','city','alipay','paypal','pay99bill'),'P');
		!is_numeric($price) && $price = 0;
		!is_numeric($feemode) && $feemode = 0;
		!is_numeric($maillfee) && $maillfee = 0;
		!is_numeric($expressfee) && $expressfee = 0;
		!is_numeric($emsfee) && $emsfee = 0;
		$updatefeile = ",quality='$quality',price='$price',feemode='$feemode',maillfee='$maillfee',expressfee='$expressfee',emsfee='$emsfee',province='$province',city='$city',alipay='$alipay',paypal='$paypal',pay99bill='$pay99bill'";
	} elseif ($type == 'bookmark') {
		$bookmarkurl = GetGP('bookmarkurl','P');
		(!$bookmarkurl || !preg_match("/^http|mms/i",$bookmarkurl)) && usermsg('bookmark_url_error');
		$updatefeile = ",bookmarkurl='$bookmarkurl'";
	} elseif ($type == 'file') {
		InitGP(array('filesize','unit','version','updatetime','language','filetype','os','level','publish','publishlink','manner','filename','fileurl'),'P');
		$absoluteurl = $newos = array();
		if (is_array($filename) && is_array($fileurl)) {
			foreach ($filename as $key => $value) {
				is_numeric($key) && $value && $absoluteurl[$key]['name'] = $value;
			}
			foreach ((array)$fileurl as $key => $value) {
				is_numeric($key) && $value && $absoluteurl[$key]['url'] = $value;
			}
		}
		if (!empty($absoluteurl)) {
			Strip_S($absoluteurl);
			$absoluteurl = addslashes(serialize($absoluteurl));
		} else {
			$absoluteurl = '';
		}
		$flsize = (int)$flsize;
		if (is_array($os)) {
			foreach ($os as $key => $value) {
				is_numeric($key) && $value && $newos[$key] = $value;
			}
		}
		if (!empty($newos)) {
			Strip_S($newos);
			$os = addslashes(implode(',',$newos));
		} else {
			$os = '';
		}
		$updatefeile = ",absoluteurl='$absoluteurl',size='$filesize',unit='$unit',version='$version',updatetime='$updatetime',language='$language',type='$filetype',os='$os',level='$level',publish='$publish',publishlink='$publishlink',manner='$manner'";
	}
	$type != 'blog' && !$updatefeile && usermsg('undefined_action');
	
	$attachdb = (array)$_POST['attachdb'];
	list($atc_title,$atc_content) = ConCheck($_POST['atc_title'],$_POST['atc_content']);
	$atc_ifsign = $atc_ifsign ? 1 : 0;
	($_GROUP['htmlcode'] && $_POST['atc_htmlcode']) && $atc_ifsign += 2;
	$atc_content = Atc_cv($atc_content,$atc_ifsign);
	$ifconvert = ($atc_content==convert($atc_content,$db_post)) ? 0 : 1;
	$ifwordsfb = 0;
	$cktitle = $atc_title;
	$ckcontent = $atc_content;
	foreach ($_FORBIDDB as $value) {
		$cktitle = N_strireplace($value['word'],$value['wordreplace'],$cktitle);
		$ckcontent = N_strireplace($value['word'],$value['wordreplace'],$ckcontent);
	}
	if ($cktitle != $atc_title) {
		$atc_title = $cktitle;
		$ifwordsfb = 1;
	}
	if ($ckcontent != $atc_content) {
		$atc_content = $ckcontent;
		$ifwordsfb = 1;
	}
	$atc_cid		= (int)$atc_cid;
	$atc_dirid		= (int)$atc_dirid;
	$atc_iconid 	= (int)$atc_iconid;
	$atc_allowreply = (int)$atc_allowreply;
	$atc_ifhide 	= (int)$atc_ifhide;
	$atc_bbsfid 	= (int)$atc_bbsfid;
	$atc_teamid 	= (int)$atc_teamid;
	$ipfrom 		= cvipfrom($onlineip);
	if ((int)$atc_oldcid != $atc_cid && $itemdb['ifcheck']) {
		$db->update("UPDATE pw_categories SET counts=counts-1 WHERE cid='$atc_oldcid'");
		$db->update("UPDATE pw_categories SET counts=counts+1 WHERE cid='$atc_cid'");
		updatecache_cate($type);
	}
	$db->update("UPDATE pw_items SET cid='$atc_cid',dirid='$atc_dirid',icon='$atc_iconid',subject='$atc_title',allowreply='$atc_allowreply',ifwordsfb='$ifwordsfb',ifhide='$atc_ifhide' WHERE itemid='$itemid'");
	$newtagdb = array();
	if (is_array($atc_tagdb)) {
		foreach ($atc_tagdb as $key => $value) {
			is_numeric($key) && $value && $newtagdb[$key] = $value;
		}
		$atc_tagdb = implode(',',array_unique($newtagdb));
	}
	$db->update("UPDATE pw_$type SET tags='$atc_tagdb',ifsign='$atc_ifsign'$updatefeile,ifconvert='$ifconvert',content='$atc_content' WHERE itemid='$itemid'");
	updatecache_cate($type);
	UploadSQL($admin_uid,$itemid,$atc_cid,$type);
	usermsg('operate_success',"$user_file?action=itemcp&type=$type");
}
?>