'返回日志列表', 'link' => 'index.php?action=article'));
}
// 首页
!$action && $action = 'article';
// 文章列表
if ($action == 'article') {
$pagenum = 10;
if($page) {
$orderid = ($page - 1) * $pagenum;
$start_limit = ($page - 1) * $pagenum;
} else {
$orderid = 0;
$start_limit = 0;
$page = 1;
}
//定义相同的查询语句前部分
$query_sql = "SELECT a.articleid,a.title,a.dateline FROM {$db_prefix}articles a WHERE a.visible='1'";
$userid = intval($_GET['userid']);
$mid = sax_addslashes($_GET['mid']);
$searchid = intval($_GET['searchid']);
if ($mid) {
$r = $DB->fetch_one_array("SELECT mid, name, count, type FROM {$db_prefix}metas WHERE mid='$mid'");
if (!$r) {
wap_header('系统消息');
wap_message('记录不存在', array('title' => '返回日志列表', 'link' => 'index.php?action=article'));
}
$aids = get_cids($r['mid']);
$total = $r['count'];
if ($total && $aids) {
$query_sql .= " AND a.articleid IN ($aids) ORDER BY a.dateline DESC LIMIT $start_limit, ".$pagenum;
}
$pageurl = 'index.php?action=article&mid='.$mid;
if ($r['type'] == 'category') {
$catename = '分类:'.$r['name'];
} else {
$catename = 'Tag:'.$r['name'];
}
// 查看搜索结果的文章
} elseif ($searchid) {
$search = $DB->fetch_one_array("SELECT * FROM {$db_prefix}searchindex WHERE searchid='$searchid' AND expiration > '$timestamp'");
if (!$search) {
$DB->unbuffered_query("DELETE FROM {$db_prefix}searchindex WHERE expiration < '$timestamp'");
wap_header('系统消息');
wap_message('您指定的搜索不存在或已过期,请返回.', array('title' => '重新搜索', 'link' => 'index.php?action=search'));
}
$total = $search['totals'];
$query_sql .= " AND a.articleid IN (".$search['ids'].") ORDER BY a.".$search['sortby']." ".$search['orderby']." LIMIT $start_limit, ".$pagenum;
$pageurl = 'index.php?action=article&searchid='.$searchid;
$catename = '搜索:'.$search['keywords'];
// 查看首页文章
} else {
$catename = '全部文章';
$total = $stats['article_count'];
$setdate = intval($_GET['setdate']);
if ($setdate && getstrlen($setdate) == 6) {
$setyear = substr($setdate,0,4);
if ($setyear >= 2038 || $setyear <= 1970) {
$setyear = sadate('Y');
$setmonth = sadate('m');
$start = $end = 0;
} else {
$setmonth = substr($setdate,-2);
list($start, $end) = explode('-', gettimestamp($setyear,$setmonth));
$catename = $setyear.'年'.$setmonth.'月的文章';
}
} else {
$setyear = sadate('Y');
$setmonth = sadate('m');
$start = $end = 0;
}
//*******************************//
$startadd = $start ? " AND a.dateline >= '".correcttime($start)."' " : '';
$endadd = $end ? " AND a.dateline < '".correcttime($end)."' " : '';
//*******************************//
if($setdate) {
$query = $DB->query("SELECT COUNT(articleid) FROM {$db_prefix}articles a WHERE a.visible='1' ".$startadd.$endadd);
$total = $DB->result($query, 0);
}
//*******************************//
$query_sql .= $startadd.$endadd." ORDER BY a.dateline DESC LIMIT $start_limit, ".$pagenum;
$pageurl = 'index.php?action=article&setdate='.$setdate;
}
// 执行查询
wap_header($catename);
if ($total) {
$query = $DB->query($query_sql);
$multipage = multi($total, $pagenum, $page, $pageurl, $maxpages);
echo "\n";
while ($article = $DB->fetch_array($query)) {
$orderid++;
echo "- {$orderid}. ".$article['title']." (".sadate('m-d',$article['dateline']).")
\n";
}
$DB->free_result($query);
echo "
\n";
echo "共有{$total}篇文章
\n";
echo $multipage;
} else {
echo "没有任何日志
\n";
}
wap_footer();
}
if ($action == 'category' || $action == 'tag') {
if ($action == 'category') {
$name = '分类';
$total = $DB->result($DB->query("SELECT COUNT(mid) FROM {$db_prefix}metas WHERE type = 'category'"), 0);
} else {
$name = '标签';
$total = $stats['tag_count'];
}
wap_header($name);
$pagenum = 15;
if($page) {
$start_limit = ($page - 1) * $pagenum;
} else {
$start_limit = 0;
$page = 1;
}
$metadb = array();
if ($total) {
$multipage = multi($total, $pagenum, $page, 'index.php?action='.$action);
$query = $DB->query("SELECT * FROM {$db_prefix}metas WHERE type='$action' ORDER BY displayorder LIMIT $start_limit, $pagenum");
echo "\n";
while($meta = $DB->fetch_array($query)){
echo "- ".$meta['name']." (".$meta['count'].")
\n";
}
unset($meta);
$DB->free_result($query);
echo "
\n";
echo "共有{$total}个{$name}
\n";
echo $multipage;
} else {
echo '没有任何'.$name.'
';
}
wap_footer();
}
// 日志归档
if ($action == 'archives') {
wap_header('日志归档');
if (empty($archivecache)) {
echo '没有任何归档
';
} else {
$monthname = array('','一月','二月','三月','四月','五月','六月','七月','八月','九月','十月','十一月','十二月');
$pagenum = 15;
if($page) {
$start_limit = ($page - 1) * $pagenum;
} else {
$start_limit = 0;
$page = 1;
}
echo "\n";
$multipage = multi(count($archivecache), $pagenum, $page, 'index.php?action=archives');
$archivecache = @array_slice($archivecache,$start_limit,$pagenum);
foreach($archivecache as $key => $val){
$v = explode('-', $key);
$e_month = ($v[1] < 10) ? str_replace('0', '', $v[1]) : $v[1];
echo "- ".$monthname[$e_month].", ".$v[0]." (".$val['num'].")
\n";
}
echo "
\n";
echo $multipage;
}
wap_footer();
}
// 搜索引擎
if ($action == 'search') {
wap_header('搜索引擎');
$keywords = sax_addslashes(trim($_POST['keywords'] ? $_POST['keywords'] : $_GET['keywords']));
if (!$keywords || getstrlen($keywords) < 3) {
echo "注意:只搜索文章标题和内容,不对评论进行搜索.关键字不能少于3个字节.
\n";
echo "关键字中可使用通配符 "*"
匹配多个关键字全部, 可用空格或 "AND" 连接. 如: angel AND 4ngel
匹配多个关键字其中部分, 可用 "|" 或 "OR" 连接. 如: angel OR 4ngel
";
echo "\n";
} else {
$searchstring = sax_addslashes($keywords).'|content|dateline|desc|wap_all';
$searchindex = array('id' => 0, 'dateline' => '0');
$query = $DB->query("SELECT searchid, dateline,
(".($sax_uid ? "uid='$sax_uid'" : "ipaddress='$onlineip'")." AND $timestamp-dateline<20) AS flood, (searchstring='$searchstring' AND expiration>'$timestamp') AS indexvalid
FROM {$db_prefix}searchindex
WHERE (".($sax_uid ? "uid='$sax_uid'" : "ipaddress='$onlineip'")." AND $timestamp-dateline<20) ORDER BY flood");
while($index = $DB->fetch_array($query)) {
if($index['indexvalid'] && $index['dateline'] > $searchindex['dateline']) {
$searchindex = array('id' => $index['searchid'], 'dateline' => $index['dateline']);
break;
} elseif($index['flood'] && $sax_group != 1 && $sax_group != 2) {
wap_message('对不起,您在 20 秒内只能进行一次搜索.', array('title' => '重新搜索', 'link' => 'index.php?action=search'));
}
}
if($searchindex['id']) {
$searchid = $searchindex['id'];
} else {
$keywords = str_replace("_","\_",$keywords);
$keywords = str_replace("%","\%",$keywords);
if(preg_match("(AND|\+|&|\s)", $keywords) && !preg_match("(OR|\|)", $keywords)) {
$andor = ' AND ';
$sqltxtsrch = '1';
$keywords = preg_replace("/( AND |&| )/is", "+", $keywords);
} else {
$andor = ' OR ';
$sqltxtsrch = '0';
$keywords = preg_replace("/( OR |\|)/is", "+", $keywords);
}
$keywords = str_replace('*', '%', addcslashes($keywords, '%_'));
foreach(explode('+', $keywords) AS $text) {
$text = trim($text);
if($text) {
$sqltxtsrch .= $andor;
$sqltxtsrch .= "(content LIKE '%".$text."%' OR title LIKE '%".$text."%')";
}
}
//搜索文章
$totals = 0;
$ids = $comma = '';
$query = $DB->query("SELECT articleid FROM {$db_prefix}articles WHERE visible='1' AND ($sqltxtsrch) ORDER BY dateline desc");
while($article = $DB->fetch_array($query)) {
$ids .= $comma.$article['articleid'];
$comma = ',';
$totals++;
}
$DB->free_result($query);
$DB->query("INSERT INTO {$db_prefix}searchindex (keywords, searchstring, dateline, expiration, sortby, orderby, totals, ids, ipaddress, uid) VALUES ('".char_cv($keywords)."', '$searchstring', '$timestamp', '".($timestamp+3600)."', 'dateline', 'desc', '$totals', '$ids', '$onlineip', '$sax_uid')");
$searchid = $DB->insert_id();
}
wap_message('搜索成功完成', array('title' => '查看搜索结果', 'link' => 'index.php?action=article&searchid='.$searchid));
}
wap_footer();
}
// 最新评论
if ($action == 'comments') {
$articleid = intval($_GET['articleid']);
$query_sql = "SELECT c.articleid,c.author,c.commentid,c.dateline,c.content, a.title FROM {$db_prefix}comments c LEFT JOIN {$db_prefix}articles a ON (a.articleid=c.articleid) WHERE a.visible='1' AND c.visible='1'";
if ($articleid) {
$query_sql .= " AND c.articleid='$articleid'";
$article = $DB->fetch_one_array("SELECT title,comments FROM {$db_prefix}articles WHERE articleid='$articleid'");
$total = $article['comments'];
$pageurl = 'index.php?action=comments&articleid='.$articleid;
$subtitle = "《".$article['title']."》的评论";
} else {
$total = $stats['comment_count'];
$pageurl = 'index.php?action=comments';
$subtitle = "全部评论";
}
wap_header($subtitle);
if ($total) {
$pagenum = 5;
if($page) {
$orderid = ($page - 1) * $pagenum;
$start_limit = ($page - 1) * $pagenum;
} else {
$orderid = 0;
$start_limit = 0;
$page = 1;
}
$query_sql .= " ORDER BY commentid DESC LIMIT $start_limit, $pagenum";
$multipage = multi($total, $pagenum, $page, $pageurl);
$query = $DB->query($query_sql);
echo "";
while ($comment=$DB->fetch_array($query)) {
$orderid++;
echo "- ";
if (!$articleid) {
echo "
{$orderid}.文章:".$comment['title']."
\n";
}
echo "".($articleid ? "{$orderid}. " : "").$comment['author']." : ".sadate('Y-m-d H:i',$comment['dateline'],1);
if ($sax_group == 1) {
echo " [编辑]";
}
echo "
\n";
echo "内容:".wap_html_clean($comment['content'])."
\n";
echo "
\n";
echo " \n";
}
echo "
";
unset($comment);
echo "共有".$total."条评论
\n";
echo $multipage;
$DB->free_result($query);
} else {
echo "没有任何评论
\n";
}
echo "";
if ($articleid) {
if (!$sax_uid || !$sax_hash) {
echo "立即登陆发表评论
\n";
} else {
echo "发表评论
\n";
}
echo "返回文章
";
}
wap_footer();
}
// 浏览日志
if ($action == 'show') {
$offset = $_GET['offset'] ? intval($_GET['offset']) : 0;
$articleid = intval($_GET['id']);
// 获取文章信息
if (!$articleid) {
wap_header('系统消息');
wap_message('缺少参数', array('title' => '返回日志列表', 'link' => 'index.php?action=article'));
} else {
$article = $DB->fetch_one_array("SELECT a.articleid,a.uid,a.title,a.content,a.dateline,a.views,a.comments,a.closecomment,a.readpassword,a.attachments,u.username
FROM {$db_prefix}articles a
LEFT JOIN {$db_prefix}users u ON a.uid=u.userid
WHERE a.visible='1' AND articleid='$articleid'");
if (!$article) {
wap_header('系统消息');
wap_message('记录不存在', array('title' => '返回日志列表', 'link' => 'index.php?action=article'));
}
$DB->unbuffered_query("UPDATE {$db_prefix}articles SET views=views+1 WHERE articleid='$articleid'");
// 获取文章的关联信息
$metadb = array();
$query = $DB->query("SELECT m.mid, m.name, m.slug, m.type, r.cid FROM {$db_prefix}metas m
INNER JOIN {$db_prefix}relationships r ON r.mid = m.mid
WHERE m.type IN ('category', 'tag') AND r.cid='".$article['articleid']."'
ORDER BY m.displayorder ASC, m.mid DESC");
while ($meta = $DB->fetch_array($query)) {
$metadb[$article['articleid']][$meta['type']][] = $meta;
}
$DB->free_result($query);
}
wap_header($article['title']);
echo "
".$article['username']." 发表于 ".sadate('Y-m-d H:i',$article['dateline'],1)."
";
echo "分类:";
$comma = '';
foreach ($metadb[$article['articleid']]['category'] as $meta) {
echo $comma."".$meta['name']."\n";
$comma = ', ';
}
echo "
\n";
if ($article['readpassword']) {
echo "本文需要输入密码才能浏览,请通过HTTP浏览器浏览.
\n";
} else {
if ($metadb[$article['articleid']]['tag']) {
echo "标签:";
$comma = '';
foreach ($metadb[$article['articleid']]['tag'] as $meta) {
echo $comma."".$meta['name']."\n";
$comma = ', ';
}
echo "
\n";
}
//附件
if ($article['attachments']) {
//单张显示附件图片
$attach_offset = isset($_GET['attach_offset']) ? max(1, intval($_GET['attach_offset'])) : 1;
if($attach_offset && $attach_offset <= $article['attachments']) {
$start_limit = $attach_offset - 1;
} else {
$start_limit = 0;
$attach_offset = 1;
}
$attach = $DB->fetch_one_array("SELECT attachmentid, articleid, dateline, filename, filetype, filesize, downloads, filepath, thumb_filepath, thumb_width, thumb_height, isimage FROM {$db_prefix}attachments WHERE articleid='$articleid' ORDER BY attachmentid DESC LIMIT $attach_offset, 1");
if (file_exists(SABLOG_ROOT.$options['attachments_dir'].$attach['filepath'])) {
echo "![\"\"](\"imgout.php?attachid=".$attach['attachmentid']."\")
\n";
}
echo "共{$article[attachments]}张图片";
if ($attach_offset > 1) {
echo ', 上张图片';
}
if ($attach_offset < $article['attachments']) {
echo ', 下张图片';
}
echo "
\n";
}
//htmlSubString
//echo 'aaa:'.getstrlen($article['content']);
$article['content'] = html2text(str_replace(array('[php]','[/php]'),'',$article['content']));
//截取内容
if($options['wap_article_limit'] && !$offset) {
if(getstrlen($article['content']) < $options['wap_article_limit']) {
$last = 0;
$next = 0;
} else {
$article['content'] = trimmed_title($article['content'], $options['wap_article_limit']);
$last = 0;
$next = 1;
$offset_next = $offset + $options['wap_article_limit'];
}
} elseif ($options['wap_article_limit'] && $offset > 0) {
$article['content'] = trimmed_title($article['content'], $options['wap_article_limit'], $offset);
$last = 1;
$offset_last = $offset - $options['wap_article_limit'];
if ($offset_last < 0) {
$offset_last = 0;
}
if(getstrlen($article['content']) < $options['wap_article_limit']) {
$next = 0;
} else {
$next = 1;
$offset_next = $offset + $options['wap_article_limit'];
}
} else {
$last = 0;
$next = 0;
}
//截取内容结束
echo "".$article['content']."
\n";
echo "\n";
echo ($last ? "上页 " : '');
echo ($next ? " 下页" : '');
echo "
\n";
//上一篇
$previous_one = $DB->fetch_one_array("SELECT articleid,alias,title FROM {$db_prefix}articles WHERE dateline < '".$article['dateline']."' AND visible='1' ORDER BY dateline DESC LIMIT 1");
if($previous_one) {
echo "上一篇:".$previous_one['title']."
\n";
}
//下一篇
$next_one = $DB->fetch_one_array("SELECT articleid,alias,title FROM {$db_prefix}articles WHERE dateline > '".$article['dateline']."' AND visible='1' ORDER BY dateline ASC LIMIT 1");
if($next_one) {
echo "下一篇:".$next_one['title']."
\n";
}
echo "\n";
if ($article['comments']) {
echo "".$article['comments']."条评论
\n";
}
if (!$article['closecomment']) {
if (!$sax_uid || !$sax_hash) {
echo "立即登陆发表评论
\n";
} else {
echo "发表评论
\n";
}
}
echo "
\n";
// 显示相关文章
if ($options['related_shownum'] && $metadb[$article['articleid']]['tag']) {
$mids = $comma = '';
foreach($metadb[$article['articleid']]['tag'] as $tag) {
$mids .= $comma.$tag['mid'];
$comma = ',';
}
if ($mids) {
$query = $DB->query("SELECT cid FROM {$db_prefix}relationships WHERE mid IN ($mids)");
$relaids = $comma = '';
while ($meta = $DB->fetch_array($query)) {
$relaids .= $comma.$meta['cid'];
$comma = ',';
}
unset($meta);
$relids = explode(',', $relaids);
// 清除重复值的单元并删除当前ID
$relids = array_unique($relids);
$relids = array_flip($relids);
unset($relids[$article['articleid']]);
$relids = array_flip($relids);
////////
$related_total = count($relids);
$relids = implode(',',$relids);
if ($related_total > 1 && $relids != $article['articleid']) {
echo "相关文章
";
echo '';
$query = $DB->query("SELECT articleid,title,comments FROM {$db_prefix}articles WHERE visible='1' AND articleid IN ($relids) ORDER BY dateline DESC LIMIT ".intval($options['related_shownum']));
$orderid = 0;
while ($title = $DB->fetch_array($query)) {
$orderid++;
echo "- {$orderid}.".$title['title']."(".$title['comments'].")
";
}
echo '
';
unset($title);
$DB->free_result($query);
}
}
}
}
wap_footer();
}
//登陆
if ($action == 'login') {
wap_header('用户登陆');
if (!$do || $do != 'login') {
echo "\n";
} elseif ($do == 'login') {
// 登陆验证
$username = sax_addslashes(trim($_POST['username']));
$password = md5($_POST['password']);
$user = $DB->fetch_one_array("SELECT userid,username,logincount,groupid,password FROM {$db_prefix}users WHERE username='$username' LIMIT 1");
if ($user['userid'] && $user['password'] == $password) {
$sax_uid = $user['userid'];
$logincount = $user['logincount']+1;
$DB->unbuffered_query("UPDATE {$db_prefix}users SET logincount=logincount+1, logintime='$timestamp', loginip='$onlineip' WHERE userid='$sax_uid'");
//保存COOKIE
scookie('sax_auth', authcode("$sax_uid\t$password\t$logincount"), $login_life);
//更新数据库中的登陆会话
if ($user['groupid'] == 1 || $user['groupid'] == 2) {
loginresult($username,'Succeed');
}
wap_message('登陆成功', array('title' => '返回日志列表', 'link' => 'index.php?action=article'));
} else {
replacesession();
if ($user['groupid'] == 1 || $user['groupid'] == 2 || $sax_group == 1 || $sax_group == 2) {
loginresult($username,'Failed');
}
$sax_hash = '';
dcookies();
wap_message('登陆失败', array('title' => '重新登陆', 'link' => 'index.php?action=login'));
}
}
wap_footer();
}
// 添加评论
if ($action == 'addcomment') {
wap_header('添加评论');
if ($options['close_comment']) {
wap_message('禁止发表评论', array('title' => '返回日志列表', 'link' => 'index.php?action=article'));
}
$articleid = intval($articleid);
if (!$articleid) {
wap_message('缺少必要参数', array('title' => '返回日志列表', 'link' => 'index.php?action=article'));
} else {
$article = $DB->fetch_one_array("SELECT title, closecomment FROM {$db_prefix}articles WHERE articleid='$articleid'");
if ($article['closecomment']) {
wap_message('本文不允许发表评论', array('title' => '返回日志列表', 'link' => 'index.php?action=article'));
}
}
if($do == 'addcomment') {
if ($options['banip_enable']) {
$options['ban_ip'] = str_replace(',', ',', $options['ban_ip']);
$ban_ips = explode(',', $options['ban_ip']);
if (is_array($ban_ips) && count($ban_ips)) {
foreach ($ban_ips AS $ban_ip) {
$ban_ip = str_replace( '\*', '.*', preg_quote($ban_ip, "/") );
if (preg_match("/^$ban_ip/", $onlineip)) {
wap_message('您的IP已经被系统禁止发表评论.');
}
}
}
}
//如果没有登陆
if (!$sax_uid || !$sax_hash) {
wap_message('只有登陆后才能发表评论.', array('title' => '立即登陆', 'link' => 'index.php?action=login'));
} else {
$username = $sax_user;
$email = char_cv($sax_email);
$url = char_cv($sax_url);
}
$content = sax_addslashes(trim($_POST['content'] ? $_POST['content'] : $_GET['content']))." \n\n<自 WAP 发表>";
$spam = false;
// 不属于撰写组以上的成员需要做审核检查
if ($sax_group != 1 && $sax_group != 2) {
// 检查限制选项
if ($options['audit_comment']) {
$spam = true;
} else {
//禁止IP
if ($options['banip_enable'] && $options['ban_ip']) {
$options['ban_ip'] = str_replace(',', ',', $options['ban_ip']);
$ban_ips = explode(',', $options['ban_ip']);
if (is_array($ban_ips) && count($ban_ips)) {
foreach ($ban_ips as $ban_ip) {
$ban_ip = str_replace( '\*', '.*', preg_quote($ban_ip, "/") );
if (preg_match("/^$ban_ip/", $onlineip)) {
wap_message('您的IP已经被系统禁止发表评论');
}
}
}
}
if ($options['spam_enable']) {
//链接次数
if (substr_count($content, 'http://') >= $options['spam_url_num']) {
$spam = true;
}
//禁止词语
if ($options['spam_words']) {
$options['spam_words'] = str_replace(',', ',', $options['spam_words']);
$badwords = explode(',', $options['spam_words']);
if (is_array($badwords) && count($badwords) ) {
foreach ($badwords AS $n) {
if ($n) {
if (preg_match( "/".preg_quote($n, '/' )."/i", $content)) {
$spam = true;
break;
}
}
}
}
}
//内容长度
if ($options['spam_content_size'] && getstrlen($content) >= $options['spam_content_size']) {
$spam = true;
}
}
}
}
$visible = $spam ? '0' : '1';
if ($sax_group != 1 && $sax_group != 2) {
if ($options['comment_post_space'] && $timestamp - $user['lastpost'] <= $options['comment_post_space']){
wap_message('为防止灌水,发表评论时间间隔为'.$options['comment_post_space'].'秒.', array('title' => '重新发表', 'link' => 'index.php?action=addcomment&articleid='.$articleid));
}
}
$checkcontent = checkcontent($content);
if($checkcontent){
wap_message($checkcontent, array('title' => '重新发表', 'link' => 'index.php?action=addcomment&articleid='.$articleid));
}
$r = $DB->fetch_one_array("SELECT commentid FROM {$db_prefix}comments WHERE articleid='$articleid' AND author='$username' AND content='$content'");
if($r['commentid']) {
wap_message('该评论已存在', array('title' => '重新发表', 'link' => 'index.php?action=addcomment&articleid='.$articleid));
}
unset($r);
$msg = '添加评论成功, '.($spam ? '目前发表评论需要管理员审核才会显示,请耐心等待管理员审核...' : '');
$DB->query("INSERT INTO {$db_prefix}comments (articleid, author, url, dateline, content, ipaddress, visible) VALUES ('$articleid', '$username', '$url', '$timestamp', '$content', '$onlineip', '$visible')");
$cmid = $DB->insert_id();
if ($sax_uid && $sax_hash) {
$DB->unbuffered_query("UPDATE {$db_prefix}users SET lastpost='$timestamp' WHERE userid='$sax_uid'");
}
if (!$spam) {
// 更新当前文章评论数
$DB->unbuffered_query("UPDATE {$db_prefix}articles SET comments=comments+1 WHERE articleid='$articleid'");
$DB->unbuffered_query("UPDATE {$db_prefix}statistics SET comment_count=comment_count+1");
require_once(SABLOG_ROOT.'include/func/permalink.func.php');
require_once(SABLOG_ROOT.'include/func/cache.func.php');
newcomments_recache();
statistics_recache();
}
wap_message($msg, array('title' => '查看评论', 'link' => 'index.php?action=comments&articleid='.$articleid));
} else {
echo "文章:".$article['title']."
\n";
if ($sax_uid && $sax_hash) {
echo "\n";
} else {
echo "只有登陆后才能发表评论
\n";
echo "立即登陆
";
}
}
wap_footer();
}
// 添加文章
if ($action == 'add') {
wap_header("写文章");
if ($sax_group == 1 || $sax_group == 2 && $sax_hash) {
// 添加文章
if($do == 'add') {
$title = sax_addslashes(trim($_POST['title']));
$content = sax_addslashes($_POST['content']);
$mids = $_POST['mids'];
$keywords = strtolower(sax_addslashes(trim($_POST['keywords'])));
if ($keywords) {
$keywords = str_replace(',', ',', $keywords);
$keywords = str_replace(',,', ',', $keywords);
if (substr($keywords, -1) == ',') {
$keywords = substr($keywords, 0, getstrlen($keywords)-1);
}
$v = explode(',', $keywords);
$v_num = count($v);
if ($v_num > 10) {
wap_message('关键字不能超过10个', array('title' => '重新发表', 'link' => 'index.php?action=addarticle'));
} else {
for($i=0; $i<$v_num; $i++) {
if(getstrlen($v[$i]) > 30) {
wap_message('每个关键字不能超过30个字符', array('title' => '重新发表', 'link' => 'index.php?action=addarticle'));
}
}
}
}
if($title == '' || getstrlen($title) > 120) {
wap_message('标题不能为空并且不能多于120个字节', array('title' => '重新发表', 'link' => 'index.php?action=addarticle'));
}
if(!$mids) {
wap_message('你还没有选择分类', array('title' => '重新发表', 'link' => 'index.php?action=addarticle'));
}
if(!$content) {
wap_message('内容不能为空', array('title' => '重新发表', 'link' => 'index.php?action=addarticle'));
}
$title = char_cv($title);
$r = $DB->result($DB->query("SELECT COUNT(articleid) FROM {$db_prefix}articles WHERE title='$title'"), 0);
if($r) {
wap_message('数据库中已存在一样的标题了,建议您换一个', array('title' => '重新发表', 'link' => 'index.php?action=addarticle'));
}
// 插入数据部分
$DB->query("INSERT INTO {$db_prefix}articles (uid, title, content, dateline) VALUES ('$sax_uid', '$title', '$content
自 WAP 发表', '$timestamp')");
$articleid = $DB->insert_id();
// 关联文章分类
foreach ($mids as $mid) {
$DB->unbuffered_query("UPDATE {$db_prefix}metas SET count=count+1 WHERE mid='$mid' AND type='category'");
$DB->query("INSERT INTO {$db_prefix}relationships (cid, mid) VALUES ('$articleid', '$mid')");
}
// 插入/更新Tags
if ($keywords) {
$tagdb = explode(',', $keywords);
foreach($tagdb as $tag) {
if ($tag) {
$tag = sax_addslashes($tag);
$r = $DB->fetch_one_array("SELECT mid FROM {$db_prefix}metas WHERE name='$tag' AND type='tag' LIMIT 1");
if(!$r) {
$new_mid = insert_meta($tag,$slug,'tag',1);
$DB->query("INSERT INTO {$db_prefix}relationships (cid, mid) VALUES ('$articleid', '$new_mid')");
$DB->unbuffered_query("UPDATE {$db_prefix}statistics SET tag_count=tag_count+1");
} else {
$DB->query("INSERT INTO {$db_prefix}relationships (cid, mid) VALUES ('$articleid', '".$r['mid']."')");
$DB->unbuffered_query("UPDATE {$db_prefix}metas SET count=count+1 WHERE mid='".$r['mid']."' AND type='tag'");
}
}
}
}
$DB->unbuffered_query("UPDATE {$db_prefix}users SET articles=articles+1 WHERE userid='$sax_uid'");
$DB->unbuffered_query("UPDATE {$db_prefix}statistics SET article_count=article_count+1");
require_once(SABLOG_ROOT.'include/func/permalink.func.php');
require_once(SABLOG_ROOT.'include/func/cache.func.php');
archives_recache();
categories_recache();
statistics_recache();
newarticles_recache();
getlog();
wap_message('添加文章成功', array('title' => '查看文章', 'link' => 'index.php?action=show&id='.$articleid));
} else {
echo "\n";
}
} else {
wap_message('你没有权限进行此操作');
}
wap_footer();
}
// 管理评论
if ($action == 'editcomment') {
wap_header("管理评论");
if ($sax_group == 1 && $sax_hash) {
$commentid = intval($commentid);
// 获取文章信息
if (!$commentid) {
wap_message('缺少参数');
} else {
$comment = $DB->fetch_one_array("SELECT author,articleid,content FROM {$db_prefix}comments WHERE commentid='$commentid'");
if (!$comment) {
wap_message('记录不存在');
}
}
if($act == 'edit') {
$do = in_array($do, array('hidden', 'delete')) ? $do : 'hidden';
if($do == 'hidden') {
$DB->query("UPDATE {$db_prefix}comments SET visible='0' WHERE commentid='$commentid'");
$msg = '评论已隐藏';
} else {
$DB->query("DELETE FROM {$db_prefix}comments WHERE commentid='$commentid'");
$msg = '评论已删除';
}
$DB->unbuffered_query("UPDATE {$db_prefix}articles SET comments=comments-1 WHERE articleid='".$comment['articleid']."'");
$DB->unbuffered_query("UPDATE {$db_prefix}statistics SET comment_count=comment_count-1");
require_once(SABLOG_ROOT.'include/func/permalink.func.php');
require_once(SABLOG_ROOT.'include/func/cache.func.php');
newcomments_recache();
statistics_recache();
getlog();
wap_message($msg, array('title' => '返回评论列表', 'link' => "index.php?action=comments&articleid=".$comment['articleid']));
} else {
echo "\n";
}
} else {
wap_message('你没有权限进行此操作');
}
wap_footer();
}
// 审核评论列表
if ($action == 'auditcm' && ($sax_group == '1' || $sax_group == '2') && $sax_hash) {
wap_header('审核评论');
$total = $DB->result($DB->query("SELECT COUNT(commentid) FROM {$db_prefix}comments WHERE visible='0'"), 0);
if ($total) {
$pagenum = 5;
if($page) {
$orderid = ($page - 1) * $pagenum;
$start_limit = ($page - 1) * $pagenum;
} else {
$orderid = 0;
$start_limit = 0;
$page = 1;
}
$multipage = multi($total, $pagenum, $page, 'index.php?action=auditcm');
$sqladd = '';
if ($sax_group == '2') {
$sqladd = " AND a.uid='$sax_uid'";
}
$query = $DB->query("SELECT c.articleid, c.author, c.commentid, c.dateline, c.content, a.title FROM {$db_prefix}comments c LEFT JOIN {$db_prefix}articles a ON (a.articleid=c.articleid) WHERE a.visible='1' AND c.visible='0' $sqladd ORDER BY commentid DESC LIMIT $start_limit, $pagenum");
echo "\n";
while ($comment=$DB->fetch_array($query)) {
$orderid++;
echo "- \n";
echo "
{$orderid}.文章:".$comment['title']."
\n";
echo "".$comment['author']." : ".sadate('Y-m-d H:i',$comment['dateline'],1)." [显示]
\n";
echo "".wap_html_clean($comment['content'])."
\n";
echo "
\n";
echo " \n";
}
echo "
\n";
unset($comment);
echo "共有".$total."条隐藏评论
\n";
echo $multipage;
$DB->free_result($query);
} else {
echo "没有需要审核的评论
\n";
}
wap_footer();
}
// 审核评论操作
if ($action == 'auditcm_ok' && ($sax_group == '1' || $sax_group == '2') && $sax_hash) {
wap_header('审核评论');
$commentid = intval($commentid);
// 获取文章信息
if (!$commentid) {
wap_message('缺少参数');
}
$comment = $DB->fetch_one_array("SELECT c.articleid, a.uid FROM {$db_prefix}comments c LEFT JOIN {$db_prefix}articles a ON (a.articleid=c.articleid) WHERE c.commentid='$commentid'");
if (!$comment) {
wap_message('记录不存在');
}
if ($sax_group == '2') {
if ($comment['uid'] != $sax_uid) {
wap_message('此评论不属于您发表的文章');
}
}
$DB->query("UPDATE {$db_prefix}comments SET visible='1' WHERE commentid='$commentid'");
$DB->unbuffered_query("UPDATE {$db_prefix}articles SET comments=comments+1 WHERE articleid='".$comment['articleid']."'");
$DB->unbuffered_query("UPDATE {$db_prefix}statistics SET comment_count=comment_count+1");
require_once(SABLOG_ROOT.'include/func/permalink.func.php');
require_once(SABLOG_ROOT.'include/func/cache.func.php');
newcomments_recache();
statistics_recache();
getlog();
wap_message('评论已显示', array('title' => '返回隐藏评论列表', 'link' => 'index.php?action=auditcm'));
}
?>