www.gusucode.com > 08CMS空白站群系统 3.3 繁体 UTF-8 > upload/comments.php
<?
include_once './include/general.inc.php';
include_once M_ROOT.'./include/common.fun.php';
include_once M_ROOT.'./include/archive.fun.php';
$querystr = $_SERVER['QUERY_STRING'];
un_virtual($querystr);
parse_str($querystr);
$aid = empty($aid) ? 0 : max(0,intval($aid));
!($commu = read_cache('commu',5)) && message(lang('confirmchoose commu item'));
empty($commu['available']) && message(lang('this commu item closed'));
if(empty($action)){
!$aid && message(lang('confirmchoose archive'));
if(!submitcheck('submit')){//解析评论页面
include_once M_ROOT.'./include/archive.cls.php';
//分析基本信息
$arc = new cls_archive();
$arc->arcid($aid);
!$arc->aid && message(lang('confirmchoose archive'));
!$arc->archive['checked'] && message(lang('pointed archive nocheck')); //未审合辑不能评论
!arc_allow($arc->archive,'aread') && message(lang('none archive browse permission'));//没有当前文档的阅读权限
//根据当前文档所在的子站重新处理缓存
switch_cache($arc->archive['sid']);
$sid = $arc->archive['sid'];
if_siteclosed($sid);
cache_merge($commu,'commu',$sid);
if(@!$tplname = $commu['cutpl']) message(lang('please define comment template'));//未定义评论模板
if(!($arc->template = load_tpl($tplname))) message(lang('please add template content !'));//未定义模板内容
$page = empty($page) ? 1 : max(1,intval($page));
$arc->parsedata();
$arc->mpcheck();
$temparr = $arc->transarr();
$arc->mpinfos['durlpre'] = $cms_abs."comments.php?aid=".$arc->aid."&page=";
$arc->mpinfos['nowpage'] = max(1,min($page,$arc->mpinfos['pcount']));
$arc->mpinfos['static'] = 0;
$s_item = array();
$arc->nreplace($arc->template,'p',$s_item);
nreplace($arc->template,'c',$temparr);
$arc->nreplace($arc->template,'u',$s_item);
$arc->nreplace($arc->template,'b',$s_item);
code_parse($arc->template);
mexit($arc->template);
}else{//处理页面//操作权限//积分策略
//!$memberid && message(lang('nouser none operate permission'));
if(!regcode_pass('comment',empty($regcode) ? '' : trim($regcode))) message(lang('regcode error'),M_REFERER);
!$curuser->checkforbid('comment') && message(lang('userisforbid'),M_REFERER);//屏蔽组
!$curuser->pmsbyugids(explode(',',$commu['setting']['ugids'])) && message(lang('you nohave this item permission'),M_REFERER);
include_once M_ROOT.'./include/arcedit.cls.php';
$aedit = new cls_arcedit();
$aedit->set_aid($aid);
$aedit->basic_data();
!$aedit->aid && message(lang('confirmchoose archive'));
!$aedit->archive['checked'] && message(lang('pointed archive nocheck'));
$content = empty($content) ? '' : trim($content);
(!empty($commu['setting']['minlength']) && strlen($content) < $commu['setting']['minlength']) && message(lang('comment over minlength'),M_REFERER);
if(!empty($commu['setting']['norepeat']) || !empty($commu['setting']['repeattime'])){
if(empty($m_cookie['cms_cuid'.$commu['cuid'].'_'.$aid.'_operated'])){
msetcookie('cms_cuid'.$commu['cuid'].'_'.$aid.'_operated','1',!empty($commu['setting']['norepeat']) ? 365 * 24 * 3600 : $commu['setting']['repeattime'] * 60);
}else{
message(empty($commu['setting']['norepeat']) ? lang('overquick') : lang('please dont repeat operate'),M_REFERER);
}
}
!empty($commu['setting']['maxlength']) && $content = cutstr($content,$commu['setting']['maxlength']);
$score = empty($score) ? 0 : max(0,intval($score));
!empty($commu['setting']['minscore']) && $score = max($score,$commu['setting']['minscore']);
!empty($commu['setting']['maxscore']) && $score = min($score,$commu['setting']['maxscore']);
$mname = $curuser->infos['mname'];
$title = $aedit->archive['subject'];
$checked = !empty($commu['setting']['autocheck']) ? 1 : 0;
$db->query("INSERT INTO {$tblprefix}comments SET
aid='$aid',
mid='$memberid',
mname='$mname',
title='$title',
score='$score',
content='$content',
createdate='$timestamp',
ip='$onlineip',
checked='$checked'
");
if($checked){
$aedit->comments_num($score,1,1);
$curuser->basedeal('comment',1,1,1);
}
message(lang('comment add succeed'),M_REFERER);
}
}elseif($action == 'del' && $cid){
include_once M_ROOT.'./include/arcedit.cls.php';
!$memberid && message(lang('nouser none operate permission'));
if(!$item = $db->fetch_one("SELECT * FROM {$tblprefix}comments WHERE cid='$cid'")) message(lang('confirmchoose comment'));
if(!$curuser->isadmin() && ($item['mid'] != $memberid)) message(lang('no delete comment permission'));
$aedit = new cls_arcedit;
$aedit->set_aid($item['aid']);
$aedit->comments_num($item['score'],0,1);
$actuser = new cls_userinfo;
$actuser->activeuser($item['mid']);
$actuser->basedeal('comment',0,1,1);
$db->query("DELETE FROM {$tblprefix}comments WHERE cid='$cid'",'UNBUFFERED');
message(lang('comment delete succeed'),M_REFERER);
}
?>