do.php

泛微协同办公系统标准版E-office V5.5的源代码内含泛微办公系统V5.5自动注册文件。

<?php

function rolesuffix( $suffix )
{
	$role = "JPG|BMP|PNG|GIF|JPEG";
	$pos = strpos( $role, strtoupper( $suffix ) );
	if ( $pos === false )
	{
		return false;
	}
	return true;
}

include_once( "inc/auth.php" );
include_once( "inc/utility_all.php" );
include_once( "fck/upfunction.php" );
$tpl_content = deal_with_upinsertpic( $fckeditor1 );
$connection = openconnection( );
if ( $_REQUEST['cur_page'] == "" )
{
	$cur_page = 1;
}
else
{
	$cur_page = $_REQUEST['cur_page'];
}
switch ( $_REQUEST['f'] )
{
case "save" :
	if ( $_REQUEST['tpl_id'] == "" )
	{
		if ( $ATTACHMENT_NAME != "" )
		{
			preg_match( "/\\.([a-zA-Z]{2,4})\$/", $ATTACHMENT_NAME, $arrayT );
			$suffix = $arrayT[1];
			if ( rolesuffix( $suffix ) )
			{
				$ATTACHMENT_ID = upload( $ATTACHMENT, $ATTACHMENT_NAME );
				$ATTACHMENT_ID = $ATTACHMENT_ID_OLD.$ATTACHMENT_ID.",";
				$ATTACHMENT_NAME = $ATTACHMENT_NAME_OLD.$ATTACHMENT_NAME."*";
			}
			else
			{
				$ATTACHMENT_ID = "";
				$ATTACHMENT_NAME = "";
			}
		}
		$tpl_thread = strip_tags( $_REQUEST['SUBJECT'] );
		$tpl_general = strip_tags( $_REQUEST['GENERAL'] );
		$tpl_pic = $ATTACHMENT_NAME;
		$sql = "\r\n\t\t\t\t\tINSERT INTO template_html \r\n\t\t\t\t\t\t(TPL_THREAD,TPL_GENERAL,TPL_CONTENT,ATTACHMENT_ID,ATTACHMENT_NAME)\r\n\t\t\t\t\t\t VALUES\r\n\t\t\t\t\t\t('{$tpl_thread}','{$tpl_general}','{$tpl_content}','{$ATTACHMENT_ID}','{$ATTACHMENT_NAME}')\r\n\t\t\t\t   ";
		exequery( $connection, $sql );
		$tpl_id = mysql_insert_id( );
		$TABLE_ID = $tpl_id;
		$TABLE_NAME = "template_html";
		$i = 0;
		for ( ;	$i < count( $afpatth );	++$i	)
		{
			writetodatabase( $TABLE_ID, $TABLE_NAME, $LOGIN_USER_ID, $afpatth[$i], $type[$i], $oldfn[$i], $size[$i] );
		}
		include_once( "fck/fcktemplates.php" );
		if ( $_REQUEST['OP'] == 1 )
		{
			header( "location:index.php?&order=".$_REQUEST['order']."&sens=".$_REQUEST['sens']."&cur_page=".$cur_page );
		}
		else
		{
			header( "location:edit.php?tpl_id=".$tpl_id."&order=".$_REQUEST['order']."&sens=".$_REQUEST['sens']."&cur_page=".$cur_page );
		}
	}
	else
	{
		if ( $ATTACHMENT_NAME != "" )
		{
			preg_match( "/\\.([a-zA-Z]{2,4})\$/", $ATTACHMENT_NAME, $arrayT );
			$suffix = $arrayT[1];
			if ( rolesuffix( $suffix ) )
			{
				$ATTACHMENT_ID = upload( $ATTACHMENT, $ATTACHMENT_NAME );
				$ATTACHMENT_ID = $ATTACHMENT_ID_OLD.$ATTACHMENT_ID.",";
				$ATTACHMENT_NAME = $ATTACHMENT_NAME_OLD.$ATTACHMENT_NAME."*";
			}
			else
			{
				$ATTACHMENT_ID = "";
				$ATTACHMENT_NAME = "";
			}
		}
		$tpl_thread = strip_tags( $_REQUEST['SUBJECT'] );
		$tpl_general = strip_tags( $_REQUEST['GENERAL'] );
		$tpl_pic = $ATTACHMENT_NAME;
		$sql = "\r\n\t\t\t\t\tUPDATE template_html \r\n\t\t\t\t\t\tSET  TPL_THREAD='{$tpl_thread}',TPL_GENERAL='{$tpl_general}',TPL_CONTENT='{$tpl_content}'\r\n\t\t\t\t   ";
		if ( $ATTACHMENT_NAME != "" )
		{
			$sql .= ",ATTACHMENT_ID='{$ATTACHMENT_ID}',ATTACHMENT_NAME='{$ATTACHMENT_NAME}'";
		}
		$sql .= " WHERE tpl_id=".$_REQUEST['tpl_id'];
		exequery( $connection, $sql );
		$TABLE_ID = $_REQUEST['tpl_id'];
		$TABLE_NAME = "template_html";
		$i = 0;
		for ( ;	$i < count( $afpatth );	++$i	)
		{
			writetodatabase( $TABLE_ID, $TABLE_NAME, $LOGIN_USER_ID, $afpatth[$i], $type[$i], $oldfn[$i], $size[$i] );
		}
		include_once( "fck/fcktemplates.php" );
		if ( $_REQUEST['OP'] == 1 )
		{
			header( "location:index.php?&order=".$_REQUEST['order']."&sens=".$_REQUEST['sens']."&cur_page=".$cur_page );
		}
		else
		{
			header( "location:edit.php?tpl_id=".$_REQUEST['tpl_id']."&order=".$_REQUEST['order']."&sens=".$_REQUEST['sens']."&cur_page=".$cur_page );
			break;
		}
	}
	exit( );
case "del_attachment" :
	delete_attach( $ATTACHMENT_ID, $ATTACHMENT_NAME );
	$sql = "\r\n\t\t        UPDATE template_html SET ATTACHMENT_ID='',ATTACHMENT_NAME='' \r\n\t\t\t\t\tWHERE tpl_id=".$_REQUEST['tpl_id']."\r\n\t\t       ";
	exequery( $connection, $sql );
	header( "location:edit.php?&order=".$_REQUEST['order']."&sens=".$_REQUEST['sens']."&cur_page=".$cur_page."&tpl_id=".$_REQUEST['tpl_id'] );
	break;
	exit( );
case "delete" :
	if ( $_REQUEST['tpl_id'] != "" )
	{
		$sql = "SELECT * FROM template_html WHERE tpl_id=".$_REQUEST['tpl_id'];
		$rs = exequery( $connection, $sql );
		$ATTACHMENT_NAME = "";
		if ( $row = mysql_fetch_array( $rs ) )
		{
			$ATTACHMENT_ID = $row['ATTACHMENT_ID'];
			$ATTACHMENT_NAME = $row['ATTACHMENT_NAME'];
		}
		if ( $ATTACHMENT_NAME != "" )
		{
			$ATTACHMENT_ID_ARRAY = explode( ",", $ATTACHMENT_ID );
			$ATTACHMENT_NAME_ARRAY = explode( "*", $ATTACHMENT_NAME );
			$ARRAY_COUNT = sizeof( $ATTACHMENT_ID_ARRAY );
			$I = 0;
			for ( ;	$I < $ARRAY_COUNT;	++$I	)
			{
				if ( $ATTACHMENT_ID_ARRAY[$I] != "" )
				{
					delete_attach( $ATTACHMENT_ID_ARRAY[$I], $ATTACHMENT_NAME_ARRAY[$I] );
				}
			}
		}
		$query = "DELETE FROM template_html WHERE tpl_id=".$_REQUEST['tpl_id'];
		exequery( $connection, $query );
	}
	if ( $_REQUEST['id_str'] != "" )
	{
		$id_str_array = explode( ",", $_REQUEST['id_str'] );
		while ( list( $key, $var ) = each( $id_str_array ) )
		{
			if ( $var == "" )
			{
			}
			else
			{
				$tpl_p_id = $var;
				$sql = "SELECT * FROM template_html WHERE tpl_id=".$tpl_p_id;
				$rs = exequery( $connection, $sql );
				$ATTACHMENT_NAME = "";
				if ( $row = mysql_fetch_array( $rs ) )
				{
					$ATTACHMENT_ID = $row['ATTACHMENT_ID'];
					$ATTACHMENT_NAME = $row['ATTACHMENT_NAME'];
				}
				if ( $ATTACHMENT_NAME != "" )
				{
					$ATTACHMENT_ID_ARRAY = explode( ",", $ATTACHMENT_ID );
					$ATTACHMENT_NAME_ARRAY = explode( "*", $ATTACHMENT_NAME );
					$ARRAY_COUNT = sizeof( $ATTACHMENT_ID_ARRAY );
					$I = 0;
					for ( ;	$I < $ARRAY_COUNT;	++$I	)
					{
						if ( $ATTACHMENT_ID_ARRAY[$I] != "" )
						{
							delete_attach( $ATTACHMENT_ID_ARRAY[$I], $ATTACHMENT_NAME_ARRAY[$I] );
						}
					}
				}
				$query = "DELETE FROM template_html WHERE tpl_id=".$tpl_p_id;
				exequery( $connection, $query );
			}
		}
	}
	header( "location:index.php?&order=".$_REQUEST['order']."&sens=".$_REQUEST['sens']."&cur_page=".$cur_page );
	break;
	exit( );
default :
}
?>