📄 news_man.jsp
字号:
<!--
whilvydy 新闻发布系统
-->
<%@ page contentType="text/html; charset=GB2312" language="java" import="java.sql.*" %>
<%@ include file = "func/parameter.jsp" %>
<%@ page import="java.io.*" %>
<%@ page import="java.util.*" %>
<jsp:useBean id="NewsBean" scope="page" class="net.jspcn.db.DbConnect" />
<jsp:useBean id='oMD5' scope='page' class='net.jspcn.tool.MD5'/>
<jsp:useBean id='fileBean' scope='page' class='net.jspcn.tool.UploadBean' />
<jsp:useBean id='StrTool' scope='page' class='net.jspcn.tool.StringProcess' />
<%
int user_power = Integer.parseInt((String) session.getValue("user_power"));
if (user_power<1)
response.sendRedirect("login.jsp");
/*************************************** 本页面程序初始化 **************************************/
/************基本变量定义*************/
boolean isedit = false; //是否在编辑状态
int news_id,type_id,board_id; //定义相关全局变量
String sql,temp=""; //定义sql语句
String filepath = message[7];
ResultSet rs,rs1;
int intPageCount,intPageSize,intCurrentPage,intRowCount,i;
intPageSize = param[0];
i=0;
/******************处理从left传过来的参数********/
if(request.getParameter("type_id")!=null)
session.putValue("type_id",request.getParameter("type_id"));
if(request.getParameter("board_id")!=null)
session.putValue("board_id",request.getParameter("board_id"));
type_id = Integer.parseInt((String)session.getValue("type_id"));
board_id = Integer.parseInt((String)session.getValue("board_id"));
//out.println(type_id+","+board_id);
/*************** javabean初始化************/
NewsBean.openConnection();
fileBean.setObjectPath(filepath);
fileBean.setSize(200*1024);
fileBean.setSuffix(".gif.jpg.png.doc.txt");
fileBean.CreateObjectPath();
fileBean.setSourceFile(request);
/****************************************** 处理本页面的表单 ********************************************/
if("edit".equalsIgnoreCase(request.getParameter("action")))
isedit=true;
if(fileBean.getFieldValue("news_id")==null&&request.getParameter("news_id")==null)
news_id = 1;
else
{
if(request.getParameter("news_id")==null)
news_id = Integer.parseInt(fileBean.getFieldValue("news_id").trim());
else
news_id = Integer.parseInt(request.getParameter("news_id").trim());
}
/******************************************新闻发布状态*****************************************/
if("pass".equals(request.getParameter("action")))
{
String news_audit=request.getParameter("news_audit").trim();
sql = "update "+news_table+" set news_audit="+Integer.parseInt(news_audit)+" where news_id="+news_id;
NewsBean.executeQuery(sql);
//log process
String sql_in = "insert into "+logrecord_table+" (logrecord_id,user_name,operation_time,logrecord_operation) values('','"+session.getValue("user_name")+"',now(),'change news status to "+news_audit+" type: "+type_id+", board: "+board_id+", news_id: "+news_id+" ')";
NewsBean.executeUpdate(sql_in);
}
//************************************修改新闻**************************************
if("modify".equalsIgnoreCase(fileBean.getFieldValue("action")))
{
//out.println("U have upload "+fileBean.getFieldValue("upcount")+" files");
String news_title=fileBean.getFieldValue("news_title").trim();
String news_author=fileBean.getFieldValue("news_author").trim();
String news_source=fileBean.getFieldValue("news_source").trim();
String news_audit=fileBean.getFieldValue("news_audit").trim();
if(!"".equals(news_title)&&!"".equals(news_author)&&!"".equals(news_source))
{
//////////////////////////// insert into news;
sql = "update "+news_table+" set news_title='"+news_title+"',news_author='"+news_author+"',news_source='"+news_source+"',news_audit="+Integer.parseInt(news_audit)+" where news_id="+news_id;
NewsBean.executeQuery(sql);
////////////////////// delete news keyword
sql = "delete from "+keyword_table+" where news_id="+news_id;
NewsBean.executeQuery(sql);
String s = fileBean.getFieldValue("keyword_value").trim();
s=StrTool.StringReplace(s,",",","); //替换
int k;
while((k=s.indexOf(","))!=-1)
{
sql = "insert into "+keyword_table+" (news_id,keyword_value) values ("+news_id+",'"+s.substring(0,k)+"')";
NewsBean.executeQuery(sql);
s = s.substring(k+1,s.length());
}
sql = "select * from "+newsdetail_table+" where news_id="+news_id;
rs = NewsBean.executeQuery(sql);
for(i=0;rs.next();i++)
{
File file = new File(filepath+rs.getString("newsdetail_img"));
//out.println(filepath+rs.getString("newsdetail_img"));
file.delete();
}
sql = "delete from "+newsdetail_table+" where news_id="+news_id;
rs = NewsBean.executeQuery(sql);
String objectfile[] = fileBean.getObjectFileName();
String description[] = fileBean.getDescription();
boolean upstate[] = fileBean.getUpState();
int icount = fileBean.getCount();
for(i=0;i<icount;i++)
{
if(upstate[i]==false&&!"ERR: File suffix is wrong.".equals(description[i]))
{
out.println(description[i]+"上传失败");
}
String newcontent = "newsdetail_content"+Integer.toString(i+1);
String content = StrTool.HtmlEncode(fileBean.getFieldValue(newcontent));
String img;
if(objectfile[i]==null)
img = "";
else
img = StrTool.StringReplace(fileBean.getObjectSubPath(),"\\","\\\\")+objectfile[i];
//out.println(img+"<br>");
sql = "insert into "+newsdetail_table+" values('',"+news_id+",'"+content+"','"+img+"','')";
NewsBean.executeQuery(sql);
}
//log process
String sql_in = "insert into "+logrecord_table+" (logrecord_id,user_name,operation_time,logrecord_operation) values('','"+session.getValue("user_name")+"',now(),'update news where news_id is "+news_id+" ')";
NewsBean.executeUpdate(sql_in);
}
else
out.println("请填写完整");
}
//************************************添加新闻**************************************
if("add".equalsIgnoreCase(fileBean.getFieldValue("action")))
{
String news_title=fileBean.getFieldValue("news_title").trim();
String news_author=fileBean.getFieldValue("news_author").trim();
String news_source=fileBean.getFieldValue("news_source").trim();
String news_audit=fileBean.getFieldValue("news_audit").trim();
if(!"".equals(news_title)&&!"".equals(news_author)&&!"".equals(news_source))
{
//////////////////////////// insert into news;
sql = "insert into "+news_table+" values('',"+type_id+","+board_id+",'"+news_title+"',0,'"+news_source+"','"+news_author+"',now(),now(),'"+Integer.parseInt(news_audit)+"',"+Integer.parseInt((String)session.getValue("user_id"))+","+Integer.parseInt((String)session.getValue("user_id"))+")";
NewsBean.executeQuery(sql);
////////////////////// get news_id
sql = "select news_id from "+news_table+" order by news_id desc limit 1";
rs = NewsBean.executeQuery(sql);
rs.next();
int id = Integer.parseInt(rs.getString("news_id"));
String objectfile[] = fileBean.getObjectFileName();
String description[] = fileBean.getDescription();
boolean upstate[] = fileBean.getUpState();
String s = fileBean.getFieldValue("keyword_value").trim();
s=StrTool.StringReplace(s,",",","); //替换
s = s + ",";
int k;
while((k=s.indexOf(","))!=-1)
{
if(!"".equals(s.substring(0,k))) {
sql = "insert into "+keyword_table+" (news_id,keyword_value) values ("+id+",'"+s.substring(0,k)+"')";
NewsBean.executeQuery(sql);
}
s = s.substring(k+1,s.length());
}
int icount = fileBean.getCount();
for(i=0;i<icount;i++)
{
if(upstate[i]==false&&!"ERR: File suffix is wrong.".equals(description[i]))
{
out.println(description[i]+"上传失败");
}
String newcontent = "newsdetail_content"+Integer.toString(i+1);
String content = StrTool.HtmlEncode(fileBean.getFieldValue(newcontent));
String img;
if(objectfile[i]==null)
img = "";
else
img = StrTool.StringReplace(fileBean.getObjectSubPath(),"\\","\\\\")+objectfile[i];
//out.println(img);
sql = "insert into "+newsdetail_table+" values('',"+id+",'"+content+"','"+img+"','')";
NewsBean.executeQuery(sql);
}
//log process
String sql_in = "insert into "+logrecord_table+" (logrecord_id,user_name,operation_time,logrecord_operation) values('','"+session.getValue("user_name")+"',now(),'add news type: "+type_id+",board: "+board_id+", news title: "+news_title+" ')";
NewsBean.executeUpdate(sql_in);
}
else
out.println("请填写完整");
}
//************************************删除新闻**************************************
if("delete".equalsIgnoreCase(request.getParameter("action")))
{
if (user_power>=9999) {
sql = "delete from "+keyword_table+" where news_id ="+news_id;
NewsBean.executeQuery(sql);
sql = "select * from "+newsdetail_table+" where news_id="+news_id;
rs = NewsBean.executeQuery(sql);
for(i=0;rs.next();i++)
{
File file = new File(filepath+rs.getString("newsdetail_img"));
//out.println(filepath+rs.getString("newsdetail_img"));
file.delete();
}
sql = "delete from "+newsdetail_table+" where news_id ="+news_id;
NewsBean.executeQuery(sql);
sql = "delete from "+news_table+" where news_id = "+news_id;
NewsBean.executeQuery(sql);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -