📄 search.php
字号:
<?
include_once 'inc/auth.php';
include_once 'inc/utility_all.php';
$ITEMS_IN_PAGE = 10;
if ((!isset ($start) OR ($start == '')))
{
$start = 0;
}
echo '
<html>
<head>
<title>查询文件</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
';
echo '<s';
echo 'cript>
function delete_comment(CONTENT_ID)
{
msg="确定要删除该文件吗?";
if(window.confirm(msg))
{
URL="delete.php?BOARD_ID=';
echo $BOARD_ID;
echo '&CONTENT_ID=" + CONTENT_ID;
window.location=URL;
}
}
function SaveFile(ATTACHMENT_ID,ATTACHMENT_NAME)
{
URL="/module/save_file?ATTACHMENT_ID="+ATTACHMENT_ID+"&ATTACHMENT_NAME="+ATTACHMENT_NAME+"&A=1";
loc_x=document.body.scrollLeft+event.clientX-event.offsetX-100;
loc_y=document.body.scrollTop+event.clientY-event.offsetY+170;
window.open(URL,null,"height=180,width=400,status';
echo '=1,toolbar=no,menubar=no,location=no,scrollbars=yes,top="+loc_y+",left="+loc_x+",resizable=yes");
}
</script>
</head>
<body class="bodycolor" topmargin="0">
';
$query = (((''.'SELECT * from FILE_SORT where SORT_ID=\'').$SORT_ID).'\'');
$cursor = exequery ($connection, $query);
if ($ROW = mysql_fetch_array ($cursor))
{
$SORT_NAME = $ROW['SORT_NAME'];
$USER_ID = $ROW['USER_ID'];
$MANAGE_USER = $ROW['MANAGE_USER'];
$DOWN_USER = $ROW['DOWN_USER'];
$NEW_USER = $ROW['NEW_USER'];
$USER_ARRAY = explode ('|', $USER_ID);
if (((((($USER_ID != $LOGIN_USER_ID) AND ($USER_ARRAY[0] != 'ALL_DEPT')) AND !find_id ($USER_ARRAY[0], $LOGIN_DEPT_ID)) AND !find_id ($USER_ARRAY[1], $LOGIN_USER_PRIV)) AND !find_id ($USER_ARRAY[2], $LOGIN_USER_ID)))
{
exit ();
}
$MANAGE_ARRAY = explode ('|', $MANAGE_USER);
$DOWN_ARRAY = explode ('|', $DOWN_USER);
$NEW_ARRAY = explode ('|', $NEW_USER);
if (((((($USER_ID == $LOGIN_USER_ID) OR ($MANAGE_ARRAY[0] == 'ALL_DEPT')) OR find_id ($MANAGE_ARRAY[0], $LOGIN_DEPT_ID)) OR find_id ($MANAGE_ARRAY[1], $LOGIN_USER_PRIV)) OR find_id ($MANAGE_ARRAY[2], $LOGIN_USER_ID)))
{
$MANAGE_PRIV = 1;
}
if (((((($USER_ID == $LOGIN_USER_ID) OR ($DOWN_ARRAY[0] == 'ALL_DEPT')) OR find_id ($DOWN_ARRAY[0], $LOGIN_DEPT_ID)) OR find_id ($DOWN_ARRAY[1], $LOGIN_USER_PRIV)) OR find_id ($DOWN_ARRAY[2], $LOGIN_USER_ID)))
{
$DOWN_PRIV = 1;
}
if (((((($USER_ID == $LOGIN_USER_ID) OR ($NEW_ARRAY[0] == 'ALL_DEPT')) OR find_id ($NEW_ARRAY[0], $LOGIN_DEPT_ID)) OR find_id ($NEW_ARRAY[1], $LOGIN_USER_PRIV)) OR find_id ($NEW_ARRAY[2], $LOGIN_USER_ID)))
{
$NEW_PRIV = 1;
}
$SORT_NAME = stripslashes ($SORT_NAME);
}
else
{
$SORT_NAME = '根目录';
if ((($SORT_ID != 0) OR ($SORT_ID == '')))
{
exit ();
}
}
if (($SUBJECT != ''))
{
($where_str .= (((''.' and SUBJECT like \'%').$SUBJECT).'%\''));
}
if (($CONTENT_NO != ''))
{
($where_str .= (((''.' and CONTENT_NO like \'%').$CONTENT_NO).'%\''));
}
if (($ATTACHMENT_DESC != ''))
{
($where_str .= (((''.' and ATTACHMENT_DESC like \'%').$ATTACHMENT_DESC).'%\''));
}
if (($KEY1 != ''))
{
($where_str .= (((''.' and CONTENT like \'%').$KEY1).'%\''));
}
if (($KEY2 != ''))
{
($where_str .= (((''.' and CONTENT like \'%').$KEY2).'%\''));
}
if (($KEY3 != ''))
{
($where_str .= (((''.' and CONTENT like \'%').$KEY3).'%\''));
}
if (($ATTACHMENT_NAME != ''))
{
($where_str .= (((''.' and ATTACHMENT_NAME like \'%').$ATTACHMENT_NAME).'%\''));
}
if (($SORT_ID != '0'))
{
$query = ((((''.'SELECT count(*) from FILE_CONTENT where SORT_ID=\'').$SORT_ID).'\'').$where_str);
}
else
{
$query = ((((((''.'SELECT count(*) from FILE_CONTENT where SORT_ID=').$SORT_ID).' and USER_ID=\'').$LOGIN_USER_ID).'\'').$where_str);
}
$cursor = exequery ($connection, $query);
if ($ROW = mysql_fetch_array ($cursor))
{
$CONTENT_COUNT = $ROW[0];
}
echo '
<table border="0" width="100%" cellspacing="0" cellpadding="3" class="small">
<tr>
<td class="Big"><img src="/images/folder_search.gif" align="absmiddle"><b>';
echo '<s';
echo 'pan class="Big1"> ';
echo $SORT_NAME;
echo ' - 文件查询结果</span></b><br>
</td>
<td align="right" valign="bottom" class="small1">共';
echo $CONTENT_COUNT;
echo '条 ';
echo page_bar ($start, $CONTENT_COUNT, $ITEMS_IN_PAGE, 'start');
echo '</td>
</tr>
</table>
';
if (($SORT_ID != '0'))
{
$query = ((((''.'SELECT * from FILE_CONTENT where SORT_ID=\'').$SORT_ID).'\'').$where_str);
}
else
{
$query = ((((((''.'SELECT * from FILE_CONTENT where SORT_ID=').$SORT_ID).' and USER_ID=\'').$LOGIN_USER_ID).'\'').$where_str);
}
($query .= ((((''.' order by CONTENT_NO,SEND_TIME desc limit ').$start).',').$ITEMS_IN_PAGE));
$cursor = exequery ($connection, $query);
$CONTENT_COUNT = 0;
while ($ROW = mysql_fetch_array ($cursor))
{
$CONTENT_ID = $ROW['CONTENT_ID'];
$SUBJECT = $ROW['SUBJECT'];
$SEND_TIME = $ROW['SEND_TIME'];
$ATTACHMENT_ID = $ROW['ATTACHMENT_ID'];
$ATTACHMENT_NAME = $ROW['ATTACHMENT_NAME'];
$ATTACHMENT_DESC = $ROW['ATTACHMENT_DESC'];
if ((($ATTACHMENT_DATA != '') AND ($ATTACHMENT_NAME == '')))
{
continue;
}
else
{
if ((($ATTACHMENT_DATA != '') AND ($ATTACHMENT_NAME != '')))
{
$ATTACHMENT_ID_ARRAY = explode (',', $ATTACHMENT_ID);
$ATTACHMENT_NAME_ARRAY = explode ('*', $ATTACHMENT_NAME);
$ARRAY_COUNT = sizeof ($ATTACHMENT_ID_ARRAY);
($value == 0);
for ($I = 0; ($I < $ARRAY_COUNT); ++$I)
{
$FILE_PATH = ((($ATTACH_PATH.$ATTACHMENT_ID_ARRAY[$I]).'/').$ATTACHMENT_NAME_ARRAY[$I]);
if (!file_exists ($FILE_PATH))
{
break;
}
$msg = '';
if ((stristr ($ATTACHMENT_NAME_ARRAY[$I], '.doc') AND ($SEARCH_DOC == 'on')))
{
$msg = doc2txt ($FILE_PATH);
$msg = preg_replace ('/<style>.+<\\/style>/is', '', $msg);
}
else
{
if ((stristr ($ATTACHMENT_NAME_ARRAY[$I], '.htm') OR stristr ($ATTACHMENT_NAME_ARRAY[$I], '.html')))
{
$msg = file_get_contents ($FILE_PATH);
$msg = strip_tags ($msg);
}
else
{
if (stristr ($ATTACHMENT_NAME_ARRAY[$I], '.txt'))
{
$msg = file_get_contents ($FILE_PATH);
}
}
}
$msg = str_replace (' ', '', $msg);
$msg = preg_replace ('/<[^>]+>/', '', $msg);
$value = preg_match ((((''.'/.*').$ATTACHMENT_DATA).'.*/i'), $msg);
if ($value)
{
break;
}
}
if (($value == 0))
{
continue;
}
}
++$CONTENT_COUNT;
$SUBJECT = htmlspecialchars ($SUBJECT);
$ATTACHMENT_DESC = htmlspecialchars ($ATTACHMENT_DESC);
if (($CONTENT_COUNT == 1))
{
echo '<table border="0" cellspacing="1" width="100%" class="small" bgcolor="#000000" cellpadding="3">
<tr class="TableHeader">
<td nowrap align="center">文件名称</td>
<td nowrap align="center">附件文件</td>
<td nowrap align="center">附件说明</td>
<td nowrap align="center">发布时间 <img border=0 src="/images/arrow_down.gif" width="11" height="10"></td>
';
if (($MANAGE_PRIV == 1))
{
echo ' <td nowrap align="center">操作</td>
';
}
echo ' </tr>
';
}
if ((($CONTENT_COUNT % 2) == 1))
{
$TableLine = 'TableLine1';
}
else
{
$TableLine = 'TableLine2';
}
echo ' <tr class="';
echo $TableLine;
echo '">
<td align="center"><a href="read.php?SORT_ID=';
echo $SORT_ID;
echo '&CONTENT_ID=';
echo $CONTENT_ID;
echo '&start=';
echo $start;
echo '">';
echo $SUBJECT;
echo '</a></td>
<td align="left">';
echo attach_link ($ATTACHMENT_ID, $ATTACHMENT_NAME, 0, 1, $DOWN_PRIV);
echo '</td>
<td align="center">';
echo $ATTACHMENT_DESC;
echo '</td>
<td align="center"width="150" nowrap>';
echo $SEND_TIME;
echo '</td>
';
if (($MANAGE_PRIV == 1))
{
echo ' <td align="center" width="80" nowrap>
<a href="edit.php?FILE_SORT=';
echo $FILE_SORT;
echo '&SORT_ID=';
echo $SORT_ID;
echo '&CONTENT_ID=';
echo $CONTENT_ID;
echo '&start=';
echo $start;
echo '">编辑</a>
<a href="javascript:delete_content(';
echo $CONTENT_ID;
echo ');"> 删除</a>
</td>
';
}
echo ' </tr>
';
continue;
}
}
if ((0 < $CONTENT_COUNT))
{
echo ' </table>
';
}
else
{
message ('', '<br>未找到符合条件的文件');
}
echo '
<br>
<div align="center">
<input type="button" value="返回" class="BigButton" onclick="location=\'query.php?FILE_SORT=';
echo $FILE_SORT;
echo '&SORT_ID=';
echo $SORT_ID;
echo '\'">
</div>
';
echo '<s';
echo 'cript>
function delete_content(CONTENT_ID)
{
msg="确定要删除该文件吗?这将不可恢复!";
if(window.confirm(msg))
{
URL="delete.php?FILE_SORT=';
echo $FILE_SORT;
echo '&SORT_ID=';
echo $SORT_ID;
echo '&start=';
echo $start;
echo '&CONTENT_ID=" + CONTENT_ID;
window.location=URL;
}
}
</script>
</body>
</html>';
?>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -