📄 modify.php
字号:
<?php
include_once( "inc/auth.php" );
include_once( "inc/utility_all.php" );
include_once( "inc/utility_file.php" );
include_once( "inc/utility_org.php" );
include_once( "inc/editor.php" );
$query = "select PARA_VALUE from SYS_PARA where PARA_NAME='NOTIFY_AUDITING_SINGLE'";
$cursor = exequery( $connection, $query );
if ( $ROW = mysql_fetch_array( $cursor ) )
{
$NOTIFY_AUDITING_SINGLE = $ROW['PARA_VALUE'];
}
else
{
$NOTIFY_AUDITING_SINGLE = 0;
}
echo "<html>\r\n<head>\r\n<title>编辑公告通知</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\"><script src=\"/inc/js/module.js\"></script>\r\n<script src=\"/inc/js/utility.js\"></script>\r\n<script src=\"/inc/js/attach.js\"></script>\r\n<script Language=\"JavaScript\">\r\nvar upload_limit=";
echo $UPLOAD_LIMIT;
echo ",limit_type=\"";
echo strtolower( $UPLOAD_LIMIT_TYPE );
echo "\";\r\nString.prototype.trim= function()\r\n{\r\n return this.replace(/(^\\s*)|(\\s*\$)/g, \"\");\r\n}\r\n\r\nfunction CheckForm()\r\n{\r\n if(document.form1.TO_ID.value==\"\"&&document.form1.PRIV_ID.value==\"\"&&document.form1.COPY_TO_ID.value==\"\")\r\n { alert(\"请指定发布范围!\");\r\n return (false);\r\n }\r\n\r\n if(document.form1.SUBJECT.value.trim()==\"\")\r\n { alert(\"公告通知的标题不能为空!\");\r\n return (false);\r\n }\r\n\r\n if(document.form1.FORMAT.value==\"1\" && document.form1.ATTACHMENT_ID_OLD.value==\"\")\r\n { \r\n var inputs=document.getElementsByTagName(\"INPUT\");\r\n var file_count=0;\r\n for(var i=0;i<inputs.length;i++)\r\n {\r\n var el = inputs[i];\r\n var elType = el.type.toLowerCase();\r\n if(elType==\"file\")\r\n {\r\n if(el.value!=\"\")\r\n file_count++;\r\n }\r\n }\r\n \r\n if (file_count==0)\r\n {\r\n alert(\"请选择MHT文件 !\");\r\n return (false);\r\n }\r\n }\r\n\r\n if(TDeditorAPI.GetInstance('CONTENT').EditorDocument.body.innerText.length==0 && document.form1.ATTACHMENT_ID_OLD.value==\"\" && document.form1.FORMAT.value==\"0\")\r\n { \r\n alert(\"公告通知的内容不能为空!\");\r\n return (false);\r\n }\r\n\r\n return (true);\r\n}\r\n\r\nfunction InsertImage(src)\r\n{\r\n var oEditor = TDeditorAPI.GetInstance('CONTENT') ;\r\n oEditor.InsertHtml('<img src=\"'+src+'\">');\r\n}\r\nfunction sendForm(publish)\r\n{\r\n document.form1.PUBLISH.value=publish;\r\n if(CheckForm())\r\n {\r\n document.form1.OP.value = publish==\"0\" ? \"0\" : \"1\";\r\n document.form1.submit();\r\n }\r\n}\r\n\r\nfunction upload_attach()\r\n{\r\n document.form1.PUBLISH.value=\"0\";\r\n if(CheckForm())\r\n {\r\n document.form1.OP.value=\"0\";\r\n document.form1.submit();\r\n }\r\n}\r\n\r\nfunction delete_attach(ATTACHMENT_ID,ATTACHMENT_NAME)\r\n{\r\n msg=\"确定要删除文件 '\"+ ATTACHMENT_NAME +\"' 吗?\";\r\n if(window.confirm(msg))\r\n {\r\n URL=\"delete_attach.php?NOTIFY_ID=";
echo $NOTIFY_ID;
echo "&ATTACHMENT_ID=\"+ATTACHMENT_ID+\"&ATTACHMENT_NAME=\"+URLSpecialChars(ATTACHMENT_NAME);\r\n window.location=URL;\r\n }\r\n}\r\n\r\nfunction changeFormat()\r\n{\r\n var obj=document.getElementById(\"FORMAT\");\r\n if(!obj)\r\n return;\r\n \r\n if(obj.value==\"1\")\r\n {\r\n document.getElementById(\"EDITOR\").style.display=\"none\";\r\n document.getElementById(\"attachment1\").style.display=\"\";\r\n document.getElementById(\"attachment3\").style.display=\"\";\r\n document.getElementById(\"attachment2\").style.display=\"\";\r\n document.getElementById(\"url_address\").style.display=\"none\";\r\n }\r\n else if(obj.value==\"0\")\r\n {\r\n document.getElementById(\"EDITOR\").style.display=\"\";\r\n document.getElementById(\"attachment1\").style.display=\"\";\r\n document.getElementById(\"attachment3\").style.display=\"\";\r\n document.getElementById(\"attachment2\").style.display=\"\";\r\n document.getElementById(\"url_address\").style.display=\"none\";\r\n }\r\n else if(obj.value==\"2\")\r\n {\r\n document.getElementById(\"EDITOR\").style.display=\"none\";\r\n document.getElementById(\"attachment1\").style.display=\"none\";\r\n document.getElementById(\"attachment3\").style.display=\"none\";\r\n document.getElementById(\"attachment2\").style.display=\"\";\r\n document.getElementById(\"url_address\").style.display=\"\";\r\n }\r\n}\r\n</script>\r\n</head>\r\n";
$query = "select PARA_VALUE from SYS_PARA where PARA_NAME='NOTIFY_AUDITING_SINGLE'";
$cursor = exequery( $connection, $query );
if ( $ROW = mysql_fetch_array( $cursor ) )
{
$NOTIFY_AUDITING_SINGLE = $ROW['PARA_VALUE'];
}
else
{
$NOTIFY_AUDITING_SINGLE = 0;
}
$query = "select * from NOTIFY where NOTIFY_ID='".$NOTIFY_ID."'";
if ( $LOGIN_USER_PRIV != "1" )
{
$query .= " and FROM_ID='".$LOGIN_USER_ID."'";
}
$cursor = exequery( $connection, $query );
if ( $ROW = mysql_fetch_array( $cursor ) )
{
$FROM_ID = $ROW['FROM_ID'];
$TO_ID = $ROW['TO_ID'];
$SUBJECT = $ROW['SUBJECT'];
$CONTENT = $ROW['CONTENT'];
$BEGIN_DATE = $ROW['BEGIN_DATE'];
$END_DATE = $ROW['END_DATE'];
$ATTACHMENT_ID = $ROW['ATTACHMENT_ID'];
$ATTACHMENT_NAME = $ROW['ATTACHMENT_NAME'];
$PRINT = $ROW['PRINT'];
$FORMAT = $ROW['FORMAT'];
$TOP = $ROW['TOP'];
$PRIV_ID = $ROW['PRIV_ID'];
$USER_ID = $ROW['USER_ID'];
$TYPE_ID = $ROW['TYPE_ID'];
$PUBLISH_OLD = $ROW['PUBLISH'];
$AUDITER = $ROW['AUDITER'];
if ( $FROM_ID != $LOGIN_USER_ID && $LOGIN_USER_PRIV != 1 )
{
exit( );
}
$IMG_TYPE_STR = "gif,jpg,png,tiff,bmp,iff,jp2,jpx,jb2,jpc,xbm,wbmp,";
$ATTACHMENT_ID_ARRAY = explode( ",", $ATTACHMENT_ID );
$ATTACHMENT_NAME_ARRAY = explode( "*", $ATTACHMENT_NAME );
$ARRAY_COUNT = sizeof( $ATTACHMENT_ID_ARRAY );
$I = 0;
for ( ; do
{
$I < $ARRAY_COUNT; ++$I )
{
if ( $ATTACHMENT_ID_ARRAY[$I] == "" || !is_image( $ATTACHMENT_NAME_ARRAY[$I] ) )
{
$ATTACHMENT_ID1 = $ATTACHMENT_ID_ARRAY[$I];
$YM = substr( $ATTACHMENT_ID1, 0, strpos( $ATTACHMENT_ID1, "_" ) );
if ( $YM )
{
$ATTACHMENT_ID1 = substr( $ATTACHMENT_ID1, strpos( $ATTACHMENT_ID1, "_" ) + 1 );
}
$IMG_YM .= $YM.",";
$IMG_ATTACHMENT_ID .= attach_id_encode( $ATTACHMENT_ID1, $ATTACHMENT_NAME_ARRAY[$I] ).",";
$IMG_ATTACHMENT_NAME .= $ATTACHMENT_NAME_ARRAY[$I]."*";
}
break;
}
} while ( 1 );
}
else
{
exit( );
}
if ( $END_DATE == "0000-00-00" )
{
$END_DATE = "";
}
$CONTENT = str_replace( "\"", "'", $CONTENT );
$CONTENT = str_replace( chr( 10 ), "", $CONTENT );
$CONTENT = str_replace( chr( 13 ), "", $CONTENT );
$query = "select DEPT_ID,DEPT_NAME from DEPARTMENT";
$cursor = exequery( $connection, $query );
while ( $ROW = mysql_fetch_array( $cursor ) )
{
$DEPT_ID = $ROW['DEPT_ID'];
$DEPT_NAME = $ROW['DEPT_NAME'];
if ( find_id( $TO_ID, $DEPT_ID ) )
{
$TO_NAME .= $DEPT_NAME.",";
}
}
if ( $TO_ID == "ALL_DEPT" )
{
$TO_NAME = "全体部门";
}
$TOK = strtok( $PRIV_ID, "," );
while ( $TOK != "" )
{
$query1 = "SELECT PRIV_NAME from USER_PRIV where USER_PRIV='".$TOK."'";
$cursor1 = exequery( $connection, $query1 );
if ( $ROW = mysql_fetch_array( $cursor1 ) )
{
$PRIV_NAME .= $ROW['PRIV_NAME'].",";
}
$TOK = strtok( "," );
}
$TOK = strtok( $USER_ID, "," );
while ( $TOK != "" )
{
$query1 = "SELECT USER_NAME from USER where USER_ID='".$TOK."'";
$cursor1 = exequery( $connection, $query1 );
if ( $ROW = mysql_fetch_array( $cursor1 ) )
{
$USER_NAME .= $ROW['USER_NAME'].",";
}
$TOK = strtok( "," );
}
echo "<body class=\"bodycolor\" topmargin=\"5\" onLoad=\"changeFormat(); form1.SUBJECT.focus();\">\r\n<table border=\"0\" width=\"90%\" cellspacing=\"0\" cellpadding=\"3\" class=\"small\">\r\n <tr>\r\n <td class=\"Big\"><img src=\"/images/notify_new.gif\" align=\"absmiddle\"><span class=\"big3\"> 编辑公告通知</span>\r\n </td>\r\n </tr>\r\n</table>\r\n\r\n<form enctype=\"multipart/form-data\" action=\"update.php\" method=\"post\" name=\"form1\">\r\n<table class=\"TableBlock\" width=\"85%\" align=\"center\">\r\n <tr>\r\n <td nowrap class=\"TableData\"> 格式:</td>\r\n <td class=\"TableData\">\r\n <select name=\"FORMAT\" class=\"BigSelect\" onChange=\"changeFormat();\">\r\n <option value=\"0\"";
if ( $FORMAT == "0" )
{
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -