www.gusucode.com > ShopEx481 & PHPWind 整合版码程序 > bbs/admin/announcement.php
<?php !function_exists('adminmsg') && exit('Forbidden'); require_once GetLang('all'); $basename = "$admin_file?adminjob=announcement"; if ($action=='order') { !is_array($vieworder = $_POST['vieworder']) && $vieworder = array(); $updatedb = array(); foreach ($vieworder as $key => $value) { if (is_numeric($key)) { $value = (int)$value; $updatedb[$value] .= ",'$key'"; } } foreach ($updatedb as $key => $value) { $value && $db->update("UPDATE pw_announce SET vieworder='$key' WHERE aid IN (".substr($value,1).')'); } updatecache_i(); adminmsg('operate_success'); } elseif ($action=='add') { list($fids,$forumcache,$cmscache) = GetForumdb(); if ($_POST['step']!=2) { $fid = (int)$_GET['fid']==0 ? -1 : $_GET['fid']; $ifopen_Y = 'CHECKED'; $vieworder = (int)$vieworder; $ifopen_N = $subject = $atc_content = $enddate = ''; $startdate = get_date($timestamp,'Y-m-d H:i'); Showoption($fid); $ckdisplay = Displayfid(); include PrintEot('notice');exit; } else { $successurl = $basename; $basename .= '&action=add'; $fid = (int)$_POST['fid']; !$fid && adminmsg('annouce_fid'); !Checkright($fids,$fid) && adminmsg('annouce_right'); $basename .= "&fid=$fid"; $atc_title = trim(ieconvert($_POST['atc_title'])); !$atc_title && adminmsg('annouce_title'); $atc_content = trim(ieconvert($_POST['atc_content'])); $url = trim(Char_cv(str_replace(array('"',"'",'\\'),'',$_POST['url']),true)); !$atc_content && !$url && adminmsg('annouce_content'); $startdate = $_POST['startdate'] ? PwStrtoTime($_POST['startdate']) : $timestamp; $enddate = $_POST['enddate'] ? PwStrtoTime($_POST['enddate']) : ''; $enddate && $enddate<=$startdate && adminmsg('annouce_time'); // !Datecheck($fid,$startdate,$enddate) && adminmsg('annouce_date'); InitGP(array('ifopen','vieworder'),'P'); $db->update("INSERT INTO pw_announce(fid,ifopen,vieworder,author,startdate,enddate,url,subject,content) VALUES ('$fid','".(int)$ifopen."','".(int)$vieworder."','$admin_name','$startdate','$enddate','$url','$atc_title','$atc_content')"); updatecache_i(); adminmsg('operate_success',$successurl); } } elseif ($action=='edit') { $aid = (int)GetGP('aid'); $sql_select = $_POST['step']!=2 ? ',ifopen,vieworder,startdate,enddate,url,subject,content' : ''; $rt = $db->get_one("SELECT aid,fid $sql_select FROM pw_announce WHERE aid='$aid'"); !$rt['aid'] && adminmsg('operate_fail'); list($fids,$forumcache,$cmscache) = GetForumdb(); !Checkright($fids,$rt['fid']) && adminmsg('annouce_right'); if ($_POST['step']!=2) { extract($rt,EXTR_SKIP); ifcheck($ifopen,'ifopen'); $subject = Char_cv($subject); $atc_content = Char_cv($content); Showoption($fid); $ckdisplay = Displayfid(); $startdate && $startdate = get_date($startdate,'Y-m-d H:i'); $enddate && $enddate = get_date($enddate,'Y-m-d H:i'); $vieworder = (int)$vieworder; include PrintEot('notice');exit; } else { $successurl = $basename; $basename .= "&action=edit&aid=$aid"; $fid = (int)$_POST['fid']; !$fid && adminmsg('annouce_fid'); !Checkright($fids,$fid) && adminmsg('annouce_right'); $basename .= "&fid=$fid"; $atc_title = trim(ieconvert($_POST['atc_title'])); !$atc_title && adminmsg('annouce_title'); $atc_content = trim(ieconvert($_POST['atc_content'])); $url = trim(Char_cv(str_replace(array('"',"'",'\\'),'',$_POST['url']),true)); !$atc_content && !$url && adminmsg('annouce_content'); $startdate = $_POST['startdate'] ? PwStrtoTime($_POST['startdate']) : $timestamp; $enddate = $_POST['enddate'] ? PwStrtoTime($_POST['enddate']) : ''; $enddate && $enddate<=$startdate && adminmsg('annouce_time'); // !Datecheck($fid,$startdate,$enddate,$aid) && adminmsg('annouce_date'); InitGP(array('ifopen','vieworder'),'P'); $db->update("UPDATE pw_announce SET fid='$fid',ifopen='".(int)$ifopen."',vieworder='".(int)$vieworder."',startdate='$startdate',enddate='$enddate',url='$url',subject='$atc_title',content='$atc_content' WHERE aid='$aid'"); updatecache_i(); adminmsg('operate_success',$successurl); } } elseif ($action=='del') { $aid = (int)$_GET['aid']; $rt = $db->get_one("SELECT aid,fid FROM pw_announce WHERE aid='$aid'"); !$rt['aid'] && adminmsg('operate_fail'); list($fids) = GetForumdb(); !Checkright($fids,$rt['fid']) && adminmsg('annouce_right'); $db->update("DELETE FROM pw_announce WHERE aid='$aid'"); updatecache_i(); adminmsg('operate_success'); } else { include_once(D_P.'data/bbscache/forum_cache.php'); $titledb = $namedb = array(); list($fids,$forumcache,$cmscache) = GetForumdb(); $pages = ''; $sqlwhere = 'WHERE 1'; InitGP(array('fid','page','ifopen')); $fid = (int)$fid; (int)$page<1 && $page = 1; if ($fid && Checkright($fids,$fid)) { $sqlwhere .= " AND fid='$fid'"; switch ($fid) { case -1: $titledb[-1] = " (<a href=\"$basename\"><b>$lang[all_notice]</b></a> » $lang[whole_notice] » <a href=\"$basename&action=add&fid=$fid\"><b style=\"color:#0033FF\">$lang[add_notice]</b></a>)"; break; case -2: $titledb[-2] = " (<a href=\"$basename\"><b>$lang[all_notice]</b></a> » $lang[cms_notice] » <a href=\"$basename&action=add&fid=$fid\"><b style=\"color:#0033FF\">$lang[add_notice]</b></a>)"; break; default: $titledb[$fid] = " (<a href=\"$basename\"><b>$lang[all_notice]</b></a> » {$forum[$fid][name]} » <a href=\"$basename&action=add&fid=$fid\"><b style=\"color:#0033FF\">$lang[add_notice]</b></a>)"; } } else { $namedb = $forum; $namedb[-1]['name'] = $lang['whole_notice']; $namedb[-2]['name'] = $lang['cms_notice']; if ($fids) { switch ($admin_gid) { case 5: $sqlwhere .= " AND fid IN ($fids)"; break; default: $sqlwhere .= " AND fid NOT IN ($fids)"; } } } unset($forum); if (isset($_POST['ifopen'])) { $sqlwhere .= ' AND ifopen='; ${'ifopen_'.$ifopen} = 'SELECTED'; switch ($ifopen) { case 3: $sqlwhere .= "1 AND startdate>$timestamp"; break;//未发布 case 2: $sqlwhere .= "1 AND enddate>0 AND enddate<$timestamp"; break;//已过期 case 1: $sqlwhere .= "1 AND startdate<=$timestamp AND (enddate=0 OR enddate>=$timestamp)"; break;//已发布 default: $sqlwhere .= '0';//已关闭 } } Showoption($fid); $annoucedb = array(); $query = $db->query("SELECT aid,fid,ifopen,vieworder,author,subject,startdate,enddate FROM pw_announce $sqlwhere ORDER BY fid,vieworder,startdate DESC LIMIT ".($page-1)*$db_perpage.",$db_perpage"); while ($rt = $db->fetch_array($query)) { $rt['subject'] = htmlspecialchars(substrs($rt['subject'],30)); $rt['starttime'] = $rt['startdate'] ? get_date($rt['startdate'],'Y-m-d H:i') : '--'; $rt['endtime'] = $rt['enddate'] ? get_date($rt['enddate'],'Y-m-d H:i') : '--'; $annoucedb[$rt['fid']][] = $rt; } $db->free_result($query); $count = $db->get_value("SELECT COUNT(*) FROM pw_announce $sqlwhere"); if ($count > $db_perpage) { require_once(R_P.'require/forum.php'); $addpage = $fid ? "fid=$fid&" : ''; $pages = numofpage($count,$page,ceil($count/$db_perpage),"$basename&$addpage"); } include PrintEot('notice');exit; } function GetForumdb(){ global $admin_gid,$admin_name; if ($admin_gid==5) { list($fids,$forumcache) = GetAllowForum($admin_name); $cmscache = ''; } else { include D_P.'data/bbscache/forumcache.php'; list($fids,$hideforum) = GetHiddenForum(); if ($admin_gid==3) { $fids = ''; $forumcache .= $hideforum; } unset($hideforum); $cmscache = trim($cmscache); } return array($fids,$forumcache,$cmscache); } function Checkright($fids,$fid){ global $admin_gid; if ($fids) { $strpos = strpos(",$fids,","$fid"); if ($admin_gid==5 && $strpos===false) { return false; } elseif ($admin_gid!=5 && $strpos!==false) { return false; } } return true; } function Displayfid(){ include(D_P.'data/bbscache/forum_cache.php'); $ckdisplay = ',-1,'; foreach ($forum as $value) { if ($value['type']=='category') { $ckdisplay .= "$value[fid],"; } } return $ckdisplay; } function Showoption($fid){ global $admin_gid,$forumcache,$cmscache,$lang; $admin_gid!=5 && $forumcache = "<option value=\"-1\">$lang[whole_notice]</option>$forumcache"; if ($admin_gid==3 && $cmscache) { $forumcache .= "<option></option><option value=\"-2\">$lang[cms_notice]</option>$cmscache"; } $fid && $forumcache = str_replace("\"$fid\"","\"$fid\" SELECTED",$forumcache); } function Datecheck($fid,$startdate,$enddate=null,$aid=null){ global $db; !empty($enddate) && $startdate = $enddate; $sql_where = empty($aid) ? '' : "AND aid!='$aid'"; $rt = $db->get_one("SELECT startdate,enddate FROM pw_announce WHERE fid='$fid' $sql_where ORDER BY vieworder,startdate DESC LIMIT 1"); if ($rt['startdate']) { $rt['enddate'] && $rt['startdate'] = $rt['enddate']; if ($startdate<=$rt['startdate']) { return false; } } return true; } ?>