📄 file_main.php
字号:
<?
/********************************************************************************/
/* 极限办公自动化系统 (极限OA) */
/* ======================== */
/* 欢迎使用 极限OA,在您开始使用之前,请务必完整阅读本软件附带的全部说明档 */
/********************************************************************************/
/* Welcome to http://www.xsp.cn & http://oa.xsp.cn */
/* 技术支持论坛 http://www.1119.net */
/********************************************************************************/
/* 商业购买请联系 临海市极限网络有限公司 */
/* 联系电话: (0576) 5131349 邮件: mkt@xsp.cn QQ: 562873 */
/********************************************************************************/
if(!defined('KIN_UNION')){die("Hacking attempt");}
$personid = personalfolder();
$fid = $fid?$fid:$personid;
if($fid) {
$folder = $db->query_fetch("select * from $table_folder where id='$fid'");
$pre_s = true;
if($folder[type] == 1)
$folder[ttype] = '个人文件夹';
elseif($folder[type] == 2)
$folder[ttype] = '部门文件夹';
elseif($folder[type] == 3)
$folder[ttype] = '共享文件夹';
elseif($folder[type] == 0) {
$folder[ttype] = '根目录';
$pre_s = false;
}
}
if($sysaction == 'folderdel') {
checkright(41,11,4);
if(!$fid)
showmessage("没有指定欲删除的文件夹 请返回");
//删除处理
$folders=$db->query("SELECT id FROM $table_folder WHERE INSTR(CONCAT(',',plist,','), ',$fid,')>0");
$flist = "0";
while($thisb=$db->fetch_array($folders)) {
$flist .= ",$thisb[id]";
}
$files=$db->query("SELECT fname FROM $table_file WHERE fid IN ($flist)");
while($thisf=$db->fetch_array($files)) {
unlink("./data/$thisf[fname]");
}
$sql = "DELETE FROM $table_folder WHERE id IN ($flist);";
$sql .= "DELETE FROM $table_file WHERE fid IN ($flist)";
//$db->query($sql);
showmessage("文件夹删除成功","document.php?action=file");
//header("Location:document.php");exit;
}elseif($sysaction == 'folderadd') {
checkright(41,11,2);
if($addsubmit) {
if(!$edit) {
$ttime = date('Y-m-d H:i:s',$timestamp);
$tmp = $db->query_fetch("select * from $table_folder where id='$upfolder'");
if($tmp[id] < 2)
showmessage("对不起 不允许创建文件夹于根目录下 请返回");
if($tmp[type] == 2 && $name) {
$tmp2 = $db->query_fetch("select id from $table_folder where name='$name' && pid='3'");
if($tmp3[id]) {
showmessage("对不起 已有此部门的文件夹存在 请返回");
}
$tmp3 = $db->query_fetch("select name from $table_department where name='$name'");
if(!$tmp3[name])
showmessage("对不起 此部门不存在 请返回");
//$db->query("insert into $table_folder (type,name,des,mid,admin,dorder,pid,ttime)
// values ('2','$name','$des','$union_uid','$union_user','$dorder','$tmp[pid]','$ttime')");
}else {
//$db->query("insert into $table_folder (type,name,des,mid,admin,dorder,pid,ttime)
// values ('$tmp[type]','$name','$des','$union_uid','$union_user','$dorder','$tmp[pid]','$ttime')");
}
$sql = "insert into $table_folder (type,name,des,mid,admin,dorder,pid,ttime)
values ('$tmp[type]','$name','$des','$union_uid','$union_user','$dorder','$tmp[id]','$ttime')";
//echo $sql;
$db->query($sql);
$tmpfid = $db->insert_id();
$db->query("update $table_folder set plist='$tmpfid,$tmp[plist]' where id='$tmpfid'");
header("Location:document.php?action=file&fid=$tmpfid");exit;
}else {
checkright(41,11,3);
$tmp0 = $db->query_fetch("select * from $table_folder where pid='$fid'");
if($tmp0[id] != $upfolder) {
$tmp = $db->query_fetch("select * from $table_folder where id='$upfolder'");
if($tmp[id] < 2)
showmessage("对不起 不允许更改文件夹于根目录下 请返回");
if($tmp[type] == 2 && $name) {
$tmp2 = $db->query_fetch("select id from $table_folder where id!='$fid' && name='$name' && pid='3'");
if($tmp2[id]) {
showmessage("对不起 已有此部门的文件夹存在 请返回");
}
$tmp3 = $db->query_fetch("select name from $table_department where name='$name'");
if(!$tmp3[name])
showmessage("对不起 此部门不存在 请返回");
}
$sql = "update $table_folder set type='$tmp[type]',name='$name',des='$des',dorder='$dorder',pid='$tmp[id]' where id='$fid'";
}else {
$tmp = $db->query_fetch("select * from $table_folder where id='$fid'");
if($tmp[type] == 2 && $name) {
$tmp2 = $db->query_fetch("select id from $table_folder where id!='$fid' && name='$name' && pid='3'");
if($tmp2[id]) {
showmessage("对不起 已有此部门的文件夹存在 请返回");
}
$tmp3 = $db->query_fetch("select name from $table_department where name='$name'");
if(!$tmp3[name])
showmessage("对不起 此部门不存在 请返回");
}
$sql = "update $table_folder set name='$name',des='$des'";
}
$db->query($sql);
updateparentlists();
header("Location:document.php?action=file&fid=$fid");exit;
}
}else {
if($edit == 1) {
$fol_t = $db->query_fetch("select * from $table_folder where id='$fid'");
$upid = $fol_t[pid];
$fo_type = $fol_t[type];
}else {
$upid = $fid;
$fo_type = $folder[type];
}
$foldersel = makebbschoosercode('upfolder',$upid);
$foldtypes = array("type$folder[type]"=>' checked');
$query = $db->query("select * from $table_folder where pid='3'");
while($ls = $db->fetch_array($query)) {
$depart_folder[$ls[name]] = 1;
}
$query = $db->query("select * from $table_department where fig='1' order by id ASC");
while($list = $db->fetch_array($query)) {
if($depart_folder[$list[name]]) $list[sel] = ' disabled';
else $list[sel] = '';
$depart_list[$list[id]] = $list;
}
}
}elseif($sysaction == 'fileadd') {
checkright(41,11,2);
if (function_exists("set_time_limit") && !get_cfg_var('safe_mode')){
set_time_limit(10000);
}
if($edit) {
include_once 'includes/upload.php';
if(!$id) {
$picftpsave = 'file';
$maxpicftpsize = '5000000';
pic_attach_upload();
if($content_err)
showmessage($content_err);
$extension = strtolower(substr(strrchr($picftp_name, "."), 1));
$filename = substr($picftp_name, 0, strlen($picftp_name) - strlen($extension) - 1);
$name = $name?$name:$filename;
$ttime = date('Y-m-d H:i:s',$timestamp);
$db->query("insert into $table_file (fid,name,fname,extension,filetype,size,time,ttime)
values ('$fid','$name','$picftp_fname','$extension','$picftp_type','$picftp_size','$timestamp','$ttime')");
showmessage('文件上传成功 正在转向',"document.php?action=file_main&fid=$fid");
}else {
checkright(41,11,3);
$fil_t = $db->query_fetch("select * from $table_file where id='$id'");
if($attachedit == 'del') {
@unlink("./data/$fil_t[fname]");
$db->query("delete from $table_file where id='$id'");
showmessage('文件删除成功 正在转向',"document.php?action=file_main&fid=$fid");
}
if($attachedit == 'new') {
@unlink("./data/$fil_t[fname]");
$picftpsave = 'file';
$maxpicftpsize = '5000000';
pic_attach_upload();
if($content_err)
showmessage($content_err);
$extension = strtolower(substr(strrchr($picftp_name, "."), 1));
$filename = substr($picftp_name, 0, strlen($picftp_name) - strlen($extension) - 1);
$name = $name?$name:$filename;
$codi = ",name='$name',fname='$picftp_fname',extension='$extension',filetype='$picftp_type',size='$picftp_size'";
}else {
if($name)
$codi = ",name='$name'";
}
$db->query("update $table_file set edit='$timestamp'$codi where id='$id'");
showmessage('文件修改成功 正在转向',"document.php?action=file_main&fid=$fid");
}
}else {
if($id) {
$fil_t = $db->query_fetch("select * from $table_file where id='$id'");
if($fil_t[name]) {
$tmmp = explode(':',attachicon($fil_t['extension']));
$fil_t['typeimg'] = $tmmp[0];
}
}
}
}elseif($sysaction == 'filedown') {
$attach = $db->query_fetch("SELECT * FROM $table_file WHERE id='$id'");
$filename = './data/'.$attach['fname'];
if(is_readable($filename)) {
$filesize = filesize($filename);
header('Pragma: no-cache');
header("Cache-control: private");
header("Content-type: ".$attach['filetype']);
header("Content-Length: $filesize");
header("Content-Disposition: attachment; filename=".$attach['name'].".".$attach['extension']);
header("Content-Description: http://www.xsp.cn");
$fp=fopen($filename,'rb');
while(!feof($fp)) {
print(fread($fp, 4096));
flush();
}
exit;
} else {
showmessage('文件不存在 可能已经被删除');
}
}
if($pre_s) {
$perpage = 10;
if(!$page) {
$page = 1;
}
$offset = ($page - 1) * $perpage;
$query = $db->query("SELECT COUNT(*) FROM $table_file where fid='$fid'");
$num = $total = $db->result($query, 0);
$multipage = pages($num, $perpage, $page, "document.php?action=file_main&fid=$fid");
$query = $db->query("select * from $table_file where fid='$fid' order by id ASC LIMIT $offset, $perpage");
while($list = $db->fetch_array($query)) {
if($timestamp - $list['time'] < 3600*24)
$list['new'] = 1;
$tmmp = explode(':',attachicon($list['extension']));
$list['typeimg'] = $tmmp[0];
$list['typename'] = $tmmp[1];
$list[size] = sizecount($list[size]);
$list[name] = wordscut($list[name],28,'..');
$file_list[$list['id']] = $list;
}
if($num < $perpage) {
for($ji=1;$ji<=($perpage-$num);$ji++) {
$jii = -1000 + $ji;
$file_list[$jii] = array('blank'=>1);
}
}
}
include getData('document_file_main');
#######################################################################
function personalfolder() {
global $db,$table_folder,$union_uid,$union_user,$timestamp;
$ps = $db->query_fetch("select id from $table_folder where type=1 && mid='$union_uid'");
if($ps[id]) {
return $ps[id];
}else {
$ttime = date('Y-m-d H:i:s',$timestamp);
$sql = "insert into $table_folder (type,name,des,mid,admin,dorder,pid,outspread,ttime)
values ('1','个人文件夹','个人专用文件夹','$union_uid','$union_user','0','1','1','$ttime')";
//echo $sql.'<br>';
$db->query($sql);
$inrid = $db->insert_id();
$plist = "$inrid,1,-1";
$sql = "update $table_folder set plist='$inrid,1,-1' where id='$inrid'";
//echo $sql;
$db->query($sql);
}
}
function makebbschoosercode ($name,$selectedid=-1,$unionid=-1,$depth="",$topname="请选择所属目录",$title="跟目录",$displaytop=0,$displayid=0) {
global $db,$table_folder,$union_uid;
if ($unionid==-1) {
$union_select .= "<select name=\"$name\" size=\"1\" onchange=\"changetype(this.options[this.selectedIndex].value)\">\n";
if ($displaytop==1) {
$union_select .= "<option value=\"-1\" ".iif($selectedid==$unionid,"SELECTED","").">$depth$topname</option>\n";
}
} else {
$unioninfo=$db->fetch_array($db->query("SELECT id,type,name FROM $table_folder WHERE !(type=1 && mid!='$union_uid') && id='$unionid'"));
$union_select .= "<option value=\"$unioninfo[id]\" " . iif($selectedid==$unionid,"SELECTED","") . ">$depth$unioninfo[name]" .iif($displayid," $unioninfo[id]","-")."</option>\n";
}
$depth.="-";
$unions=$db->query("SELECT id FROM $table_folder WHERE !(type=1 && mid!='$union_uid') && pid='$unionid' ORDER BY dorder");
while ($union=$db->fetch_array($unions)) {
$union_select .= makebbschoosercode("union_p",$selectedid,$union[id],$depth,"","",1,$displayid);
}
if ($unionid==-1) {
$union_select .= "</select>\n";
}
return $union_select;
}
function makeparentlist($fid) {
global $db,$table_folder;
$folderinfo=$db->query_fetch("SELECT pid,plist FROM $table_folder WHERE id=$fid");
$folderlist=$fid;
if ($folderinfo[pid] != -1) {
$folderlist .= ','.makeparentlist($folderinfo[pid]);
}
if (substr($folderlist, -2) != "-1") {
$folderlist.=",-1";
}
return $folderlist;
}
function updateparentlists($fid=-1) {
global $db,$table_folder;
$unions=$db->query("SELECT id FROM $table_folder where pid='$fid'");
while($union=$db->fetch_array($unions)) {
$parentlist = makeparentlist($union['id']);
$db->query("UPDATE $table_folder SET plist='".addslashes($parentlist)."' WHERE id=$union[id]");
updateparentlists($union['id']);
}
}
?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -