www.gusucode.com > 08CMS空白站群系统 3.3 繁体 UTF-8 > upload/comments.php
<? include_once './include/general.inc.php'; include_once M_ROOT.'./include/common.fun.php'; include_once M_ROOT.'./include/archive.fun.php'; $querystr = $_SERVER['QUERY_STRING']; un_virtual($querystr); parse_str($querystr); $aid = empty($aid) ? 0 : max(0,intval($aid)); !($commu = read_cache('commu',5)) && message(lang('confirmchoose commu item')); empty($commu['available']) && message(lang('this commu item closed')); if(empty($action)){ !$aid && message(lang('confirmchoose archive')); if(!submitcheck('submit')){//解析评论页面 include_once M_ROOT.'./include/archive.cls.php'; //分析基本信息 $arc = new cls_archive(); $arc->arcid($aid); !$arc->aid && message(lang('confirmchoose archive')); !$arc->archive['checked'] && message(lang('pointed archive nocheck')); //未审合辑不能评论 !arc_allow($arc->archive,'aread') && message(lang('none archive browse permission'));//没有当前文档的阅读权限 //根据当前文档所在的子站重新处理缓存 switch_cache($arc->archive['sid']); $sid = $arc->archive['sid']; if_siteclosed($sid); cache_merge($commu,'commu',$sid); if(@!$tplname = $commu['cutpl']) message(lang('please define comment template'));//未定义评论模板 if(!($arc->template = load_tpl($tplname))) message(lang('please add template content !'));//未定义模板内容 $page = empty($page) ? 1 : max(1,intval($page)); $arc->parsedata(); $arc->mpcheck(); $temparr = $arc->transarr(); $arc->mpinfos['durlpre'] = $cms_abs."comments.php?aid=".$arc->aid."&page="; $arc->mpinfos['nowpage'] = max(1,min($page,$arc->mpinfos['pcount'])); $arc->mpinfos['static'] = 0; $s_item = array(); $arc->nreplace($arc->template,'p',$s_item); nreplace($arc->template,'c',$temparr); $arc->nreplace($arc->template,'u',$s_item); $arc->nreplace($arc->template,'b',$s_item); code_parse($arc->template); mexit($arc->template); }else{//处理页面//操作权限//积分策略 //!$memberid && message(lang('nouser none operate permission')); if(!regcode_pass('comment',empty($regcode) ? '' : trim($regcode))) message(lang('regcode error'),M_REFERER); !$curuser->checkforbid('comment') && message(lang('userisforbid'),M_REFERER);//屏蔽组 !$curuser->pmsbyugids(explode(',',$commu['setting']['ugids'])) && message(lang('you nohave this item permission'),M_REFERER); include_once M_ROOT.'./include/arcedit.cls.php'; $aedit = new cls_arcedit(); $aedit->set_aid($aid); $aedit->basic_data(); !$aedit->aid && message(lang('confirmchoose archive')); !$aedit->archive['checked'] && message(lang('pointed archive nocheck')); $content = empty($content) ? '' : trim($content); (!empty($commu['setting']['minlength']) && strlen($content) < $commu['setting']['minlength']) && message(lang('comment over minlength'),M_REFERER); if(!empty($commu['setting']['norepeat']) || !empty($commu['setting']['repeattime'])){ if(empty($m_cookie['cms_cuid'.$commu['cuid'].'_'.$aid.'_operated'])){ msetcookie('cms_cuid'.$commu['cuid'].'_'.$aid.'_operated','1',!empty($commu['setting']['norepeat']) ? 365 * 24 * 3600 : $commu['setting']['repeattime'] * 60); }else{ message(empty($commu['setting']['norepeat']) ? lang('overquick') : lang('please dont repeat operate'),M_REFERER); } } !empty($commu['setting']['maxlength']) && $content = cutstr($content,$commu['setting']['maxlength']); $score = empty($score) ? 0 : max(0,intval($score)); !empty($commu['setting']['minscore']) && $score = max($score,$commu['setting']['minscore']); !empty($commu['setting']['maxscore']) && $score = min($score,$commu['setting']['maxscore']); $mname = $curuser->infos['mname']; $title = $aedit->archive['subject']; $checked = !empty($commu['setting']['autocheck']) ? 1 : 0; $db->query("INSERT INTO {$tblprefix}comments SET aid='$aid', mid='$memberid', mname='$mname', title='$title', score='$score', content='$content', createdate='$timestamp', ip='$onlineip', checked='$checked' "); if($checked){ $aedit->comments_num($score,1,1); $curuser->basedeal('comment',1,1,1); } message(lang('comment add succeed'),M_REFERER); } }elseif($action == 'del' && $cid){ include_once M_ROOT.'./include/arcedit.cls.php'; !$memberid && message(lang('nouser none operate permission')); if(!$item = $db->fetch_one("SELECT * FROM {$tblprefix}comments WHERE cid='$cid'")) message(lang('confirmchoose comment')); if(!$curuser->isadmin() && ($item['mid'] != $memberid)) message(lang('no delete comment permission')); $aedit = new cls_arcedit; $aedit->set_aid($item['aid']); $aedit->comments_num($item['score'],0,1); $actuser = new cls_userinfo; $actuser->activeuser($item['mid']); $actuser->basedeal('comment',0,1,1); $db->query("DELETE FROM {$tblprefix}comments WHERE cid='$cid'",'UNBUFFERED'); message(lang('comment delete succeed'),M_REFERER); } ?>