📄 postmanageaction.java
字号:
}else if(maxtradeprice>0&&(mintradeprice > item_price || maxtradeprice < item_price)){
request.setAttribute("errorInfo","对不起,商品价格必须在 "+mintradeprice+" 元至 "+maxtradeprice+" 元之间,请返回修改。");
return mapping.findForward("showMessage");
}else if(maxtradeprice==0&&mintradeprice > item_price){
request.setAttribute("errorInfo","对不起,商品价格必须大于 "+mintradeprice+" 元,请返回修改。");
return mapping.findForward("showMessage");
}else if(item_number<1){
request.setAttribute("errorInfo","对不起,商品数量不能为空,请返回修改。");
return mapping.findForward("showMessage");
}
boolean allowpostattach = (Boolean) request.getAttribute("allowpostattach");
if (allowpostattach) {
String[] attach = request.getParameterValues("attach[]");
if (attach != null) {
Map<Integer, Integer> postattachcredits = dataParse.characterParse(forumfield.getPostattachcredits(),true);
for (String attachname : attach) {
if (attachname != null && !attachname.equals("")) {
String errorMessage = checklowerlimit(extcredits,postattachcredits, checklowerlimits, member, 1);
if (errorMessage != null) {
request.setAttribute("errorInfo", errorMessage);
return mapping.findForward("showMessage");
}
}
}
lowerlimits=null;
postattachcredits=null;
creditspolicy=null;
attach=null;
}
}
boolean modnewthreads=false;
if(Common.periodscheck(settings.get("postmodperiods"), Byte.valueOf(usergroups.get("disableperiodctrl")),Float.valueOf(settings.get("timeoffset")))!=null) {
modnewthreads =true;
} else {
int allowdirectpost = Integer.valueOf(usergroups.get("allowdirectpost"));
boolean censormod = censormod(subject + "\t" + message, request);
modnewthreads = (allowdirectpost == 0 || allowdirectpost == 1)&& (forum.getModnewposts() > 0 || censormod);
}
List<Map<String,String>> wordlist = dataBaseService.executeQuery("select find,replacement from jrun_words");
if(wordlist!=null && wordlist.size()>0){
for(Map<String,String> word :wordlist){
if(Common.matches(message,word.get("find"))){
if(word.get("replacement").equals("{BANNED}")){
request.setAttribute("errorInfo", "对不起,您填写的内容包含不良内容而无法提交,请返回修改。");
return mapping.findForward("showMessage");
}else if(word.get("replacement").equals("{MOD}")){
modnewthreads = true;
}else{
message = message.replaceAll(word.get("find"),word.get("replacement"));
}
}
if(Common.matches(subject,word.get("find"))){
if(word.get("replacement").equals("{BANNED}")){
request.setAttribute("errorInfo", "对不起,您填写的标题包含不良内容而无法提交,请返回修改。");
return mapping.findForward("showMessage");
}else if(word.get("replacement").equals("{MOD}")){
modnewthreads = true;
}else{
subject = subject.replaceAll(word.get("find"),word.get("replacement"));
}
}
}
}
FormFile tradfile = fileupload.getTradeattach();
if(tradfile!=null && tradfile.getFileSize()>0){
List tradfilelist = new ArrayList();
tradfilelist.add(tradfile);
String mess = checkAttachment(request, tradfilelist, forumfield);
if (mess != null) {
request.setAttribute("errorInfo", mess);
return mapping.findForward("showMessage");
}
}
short typeid=Common.toDigit(request.getParameter("typeid"), 100000L, 0L).shortValue();
short tradetypeid=Common.toDigit(request.getParameter("tradetypeid"), 100000L, 0L).shortValue();
short iconid = Common.toDigit(request.getParameter("iconid"), 100000L, 0L).shortValue();
boolean ismoderator = Common.ismoderator(fid, member);
byte displayorder = (byte)(modnewthreads ? -2 : (ismoderator&& request.getParameter("sticktopic") != null ? 1 : 0));
byte digest = (byte)(ismoderator&& request.getParameter("addtodigest") != null ? 1 : 0);
byte blog = (byte)(allowuseblog == 1 && forum.getAllowshare() > 0&& request.getParameter("addtoblog") != null ? 1 : 0);
short readperm = "1".equals(usergroups.get("allowsetreadperm")) ? Common.toDigit(request.getParameter("readperm"), 255L, 0L).shortValue(): 0;
byte isanonymous = (byte)(Common.toDigit(request.getParameter("isanonymous"),255L, 0L) > 0&& (Boolean) request.getAttribute("allowanonymous") ? 1 : 0);
short price = Common.toDigit(request.getParameter("price"), 1000000000L, 0L).shortValue();
short maxprice = Short.valueOf(usergroups.get("maxprice"));
price = maxprice > 0 && special == 0 ? (price <= maxprice ? price: maxprice) : 0;
Map tradetypes = dataParse.characterParse(forumfield.getTradetypes(), false);
Map<Integer, String> optiondata = new TreeMap<Integer, String>();
if(tradetypes!=null&&tradetypeid>0){
Common.include(request, response, servlet, "/forumdata/cache/threadtype_"+tradetypeid+".jsp", null);
Map<String, String> threadtype = (Map<String, String>) request.getAttribute("threadtype");
if (threadtype != null) {
Map<Integer, Map<String, String>> dtype = dataParse.characterParse(threadtype.get("dtype"),true);
threadtype=null;
if (dtype != null&& dtype.size() > 0&& !(forum.getAllowspecialonly() > 0)) {
Set<Integer> keys = dtype.keySet();
for (Integer optionid : keys) {
Map<String, String> option = dtype.get(optionid);
String title = option.get("title");
String identifier = option.get("identifier");
String type = option.get("type");
int maxlength = Common.toDigit(option.get("maxlength"),1000000000L, 0L).intValue();
int maxnum = Common.toDigit(option.get("maxnum"), 1000000000L,0L).intValue();
int minnum = Common.toDigit(option.get("minnum"), 1000000000L,0L).intValue();
byte required = Common.toDigit(option.get("required"), 1L, 0L).byteValue();
String value = request.getParameter("typeoption["+ identifier + "]");
if (required > 0 && (value==null||value.equals(""))) {
request.setAttribute("errorInfo", "资料填写不全,请返回检查"+ title + "选项。");
return mapping.findForward("showMessage");
} else if (value!=null&&!value.equals("")&& (type.equals("number") && !Common.isNum(value) || type.equals("email")&& !Common.isEmail(value))) {
request.setAttribute("errorInfo", "资料格式不正确,请返回检查"+ title + "选项。");
return mapping.findForward("showMessage");
} else if (value!=null&&!value.equals("") && maxlength > 0&& value.length() > maxlength) {
request.setAttribute("errorInfo", "资料长度过长,请返回检查"+ title + "选项。");
return mapping.findForward("showMessage");
} else if (value!=null&&!value.equals("")&& ((option.get("maxnum") != null && Integer.valueOf(value) > Integer.valueOf(maxnum)) || (option.get("minnum") != null && Integer.valueOf(value) < Integer.valueOf(minnum)))) {
request.setAttribute("errorInfo", "'资料数值不正确,请返回检查"+ title + "选项。");
return mapping.findForward("showMessage");
}
optiondata.put(optionid, value);
}
}
dtype=null;
}
}
String counterdesc=request.getParameter("counterdesc");
String aboutcounter=request.getParameter("aboutcounter");
String threadmessage=counterdesc+"\t\t\t"+aboutcounter;
String author = isanonymous == 0 ? (member!=null?member.getUsername():"匿名") : "";
int moderated=digest>0 || displayorder > 0 ? 1 : 0;
int attachment=Byte.valueOf("0");
List filelist = getAttach(form);
String attachmentMessage = this.checkAttachment(request,filelist,forumfield);
if (attachmentMessage != null) {
request.setAttribute("errorInfo", attachmentMessage);
return mapping.findForward("showMessage");
}
byte subscribed = (byte)(request.getParameter("emailnotify") != null&& member != null ? 1 : 0);
Map supe_pushsetting = dataParse.characterParse(forumfield.getSupe_pushsetting(),false);
byte supe_pushstatus = (byte)("1".equals(settings.get("super_status"))&& supe_pushsetting != null&& "1".equals(supe_pushsetting.get("status")) && modnewthreads ? 1: 0);
supe_pushsetting=null;
subject=Common.dhtmlspecialchars(subject);
int tid=dataBaseService.insert("INSERT INTO jrun_threads (fid, readperm, price, iconid, typeid, author, authorid, subject, dateline, lastpost, lastposter, displayorder, digest, blog, special, attachment, subscribed, moderated, supe_pushstatus, replies)VALUES ('"+fid+"', '"+readperm+"', '"+price+"', '"+iconid+"', '"+typeid+"', '"+author+"', '"+jsprun_uid+"', '"+subject+"', '"+timestamp+"', '"+timestamp+"', '"+author+"', '"+displayorder+"', '"+digest+"', '"+blog+"', '"+special+"', '"+attachment+"', '"+subscribed+"', '"+moderated+"', '"+supe_pushstatus+"', '1')", true);
if(subscribed>0) {
dataBaseService.runQuery("REPLACE INTO jrun_subscriptions (uid, tid, lastpost, lastnotify) VALUES ('"+jsprun_uid+"', '"+tid+"', '"+timestamp+"', '"+timestamp+"')");
}
dataBaseService.runQuery("REPLACE INTO jrun_mythreads (uid, tid, dateline, special) VALUES ('"+jsprun_uid+"', '"+tid+"', '"+timestamp+"', '"+special+"')");
if (moderated > 0) {
Common.updatemodlog(member, timestamp, String.valueOf(tid),(displayorder > 0 ? "STK" : "DIG"), null, 1, false);
Common.updatemodworks(settings, jsprun_uid, timestamp,(displayorder > 0 ? "STK" : "DIG"), 1);
}
Map<String, String> searcharray = dataParse.characterParse(((Map<String, String>) request.getAttribute("smilies")).get("searcharray"), false);
byte bbcodeoff =checkbbcodes(message, Common.toDigit(request.getParameter("bbcodeoff"), 1L, 0L));
byte smileyoff = checksmilies(message, Common.toDigit(request.getParameter("smileyoff"), 1L, 0L), searcharray);
byte parseurloff = Common.toDigit(request.getParameter("parseurloff"), 1L, 0L).byteValue();
byte tagstatus = Common.toDigit(settings.get("tagstatus"), 255L, 0L).byteValue();
byte htmlon = (byte)((tagstatus > 0&& request.getParameter("tagoff") != null ? 1 : 0)+ ("1".equals(usergroups.get("allowhtml"))&& request.getParameter("htmlon") != null ? 1 : 0));
byte pinvisible = (byte)(modnewthreads ? -2 : 0);
byte usesig = Common.toDigit(request.getParameter("usesig"), 1L, 0L).byteValue();
int page = Common.toDigit(request.getParameter("page"), 1000000000L, 0L).intValue();
int pid=dataBaseService.insert("INSERT INTO jrun_posts (fid, tid, first, author, authorid, subject, dateline, message, useip, invisible, anonymous, usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment) VALUES ('"+fid+"', '"+tid+"', '1', '"+author+"', '"+jsprun_uid+"', '"+subject+"', '"+timestamp+"', '"+threadmessage+"', '"+request.getRemoteAddr()+"', '"+pinvisible+"', '"+isanonymous+"', '"+usesig+"', '"+htmlon+"', '"+bbcodeoff+"', '"+smileyoff+"', '"+parseurloff+"', '0')",true);
String tags = request.getParameter("tags");
if (tagstatus > 0 && tags != null && !"".equals(tags)) {
String[] tagarray = tags.split(" ");
int tagcount = 0;
for (String tagname : tagarray) {
tagname = tagname.trim();
int len=Common.strlen(tagname);
if (len>=3&&len<=20) {
List<Map<String, String>> map = dataBaseService.executeQuery("SELECT closed FROM jrun_tags WHERE tagname='" + tagname + "'");
int isclosed=0;
if (map != null && map.size() > 0) {
isclosed = Integer.valueOf(map.get(0).get("closed"));
if (isclosed == 0) {
dataBaseService.runQuery("UPDATE jrun_tags SET total=total+1 WHERE tagname='"+ tagname + "'",true);
}
} else {
dataBaseService.runQuery("INSERT INTO jrun_tags (tagname, closed, total) VALUES ('"+ tagname + "', 0, 1)",true);
}
if (isclosed == 0) {
dataBaseService.runQuery("INSERT jrun_threadtags (tagname, tid) VALUES ('" + tagname + "', " + tid + ")",true);
}
tagcount++;
if (tagcount > 4) {
break;
}
}
}
}
if (tradetypes!=null&& optiondata != null&& optiondata.size() > 0) {
StringBuffer sql=new StringBuffer();
sql.append("INSERT INTO jrun_tradeoptionvars (typeid, pid, optionid,value) VALUES ");
boolean flag=false;
Set<Integer> keys = optiondata.keySet();
for (Integer optionid : keys) {
if(flag){
sql.append(",('"+ tradetypeid + "', '" + pid + "', '" + optionid + "', '"+ optiondata.get(optionid) + "')");
}else{
sql.append("('"+ tradetypeid + "', '" + pid + "', '" + optionid + "', '"+ optiondata.get(optionid) + "')");
}
flag=true;
}
if(flag){
dataBaseService.runQuery(sql.toString(),true);
}
}
int postage_mail=Common.toDigit(request.getParameter("postage_mail"));
int postage_express=Common.toDigit(request.getParameter("postage_express"));
int postage_ems=Common.toDigit(request.getParameter("postage_ems"));
String item_expiration=request.getParameter("item_expiration");
int expiration=Common.datecheck(item_expiration) ? Common.dataToInteger(item_expiration,"yyyy-MM-dd"): 0;
String item_costprice=request.getParameter("item_costprice");
String seller=request.getParameter("seller");
if("".equals(item_costprice)||item_costprice.matches("^-?\\d+\\.?\\d*$")){
item_costprice=Common.number_format(Double.valueOf(item_costprice), "0.00");
}
String aid="0";
pid=dataBaseService.insert("INSERT INTO jrun_posts (fid, tid, first, author, authorid, subject, dateline, message, useip, invisible, anonymous, usesig, htmlon, bbcodeoff, smileyoff, parseurloff, attachment) VALUES ('"+fid+"', '"+tid+"', '0', '"+author+"', '"+jsprun_uid+"', '"+subject+"', '"+timestamp+"', '"+threadmessage+"', '"+request.getRemoteAddr()+"', '"+pinvisible+"', '"+isanonymous+"', '"+usesig+"', '"+htmlon+"', '"+bbcode⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -