www.gusucode.com > Destoon B2B仿淘宝电子商务网站 UTF8 v6.0源码程序 > destoon/mobile/comment.php
<?php /* [Destoon B2B System] Copyright (c) 2008-2015 www.destoon.com This is NOT a freeware, use is subject to license.txt */ $moduleid = 3; require 'common.inc.php'; isset($MODULE[$mid]) or dheader('index.php'); $itemid or dheader(mobileurl($mid)); if(in_array($itemid, cache_read('bancomment-'.$mid.'.php'))) mobile_msg($L['comment_close'], mobileurl($mid, 0, $itemid)); require DT_ROOT.'/include/post.func.php'; require DT_ROOT.'/include/module.func.php'; $head_name = $L['comment_title']; $head_title = $head_name.$DT['seo_delimiter'].$head_title; $need_captcha = $MOD['comment_captcha_add'] == 2 ? $MG['captcha'] : $MOD['comment_captcha_add']; if($MOD['comment_pagesize']) { $pagesize = $MOD['comment_pagesize']; $offset = ($page-1)*$pagesize; } if($mid == 4) { $item = $db->get_one("SELECT company,linkurl,username,groupid,thumb FROM ".get_table($mid)." WHERE userid=$itemid"); $item or exit; $item['groupid'] > 4 or mobile_msg($L['msg_not_user']); $item['title'] = $item['company']; $linkurl = $item['linkurl']; } else { $item = $db->get_one("SELECT title,linkurl,username,status,thumb FROM ".get_table($mid)." WHERE itemid=$itemid"); $item or exit; $item['status'] > 2 or mobile_msg($L['msg_not_exist']); $linkurl = $MODULE[$mid]['linkurl'].$item['linkurl']; } $title = $item['title']; $thumb = $item['thumb']; switch($action) { case 'user': (isset($username) && check_name($username)) or $username = ''; $username or mobile_msg($L['msg_not_user']); $_userid or dheader('login.php?forward='.urlencode('comment.php?action='.$action.'&username='.$username.'&mid='.$mid.'&itemid='.$itemid)); $user = userinfo($username); $user or mobile_msg($L['msg_not_user']); $condition = "status=3 AND username='$username' AND hidden=0"; $r = $db->get_one("SELECT COUNT(*) AS num FROM {$DT_PRE}comment WHERE $condition", 'CACHE'); $items = $r['num']; $pages = mobile_pages($items, $page, $pagesize); $lists = array(); if($items) { $result = $db->query("SELECT * FROM {$DT_PRE}comment WHERE $condition ORDER BY itemid DESC LIMIT $offset,$pagesize"); while($r = $db->fetch_array($result)) { $lists[] = $r; } $db->free_result($result); } $head_name = $L['comment_user']; $head_title = $head_name.$DT['seo_delimiter'].$head_title; $foot = ''; include template('comment_user', 'mobile'); if(DT_CHARSET != 'UTF-8') toutf8(); break; case 'count': if($EXT['comment_api'] == 'changyan') { $rec = dcurl('http://changyan.sohu.com/api/2/topic/load?client_id='.$EXT['comment_api_id'].'&topic_source_id='.$mid.'-'.$itemid.'&topic_url='.urlencode($linkurl)); if(strpos($rec, 'cmt_sum') !== false) { $arr = json_decode($rec, true); echo $arr['cmt_sum']; exit; } else { exit('0'); } } else if($EXT['comment_api'] == 'duoshuo') { $rec = dcurl('http://api.duoshuo.com/threads/counts.json?short_name='.$EXT['comment_api_id'].'&threads='.$mid.'-'.$itemid); if(strpos($rec, 'comments') !== false) { $arr = json_decode($rec, true); echo $arr['response'][$mid.'-'.$itemid]['comments']; exit; } else { exit('0'); } } else { $condition = "item_mid=$mid AND item_id=$itemid AND status=3"; $r = $db->get_one("SELECT COUNT(*) AS num FROM {$DT_PRE}comment WHERE {$condition}"); echo $r['num']; exit; } break; case 'post': $username = $item['username']; if($username && $username == $_username) exit('self'); if(check_group($_groupid, $MOD['comment_group'])) { // } else { if($_userid) { exit('permission'); } else { exit('login'); } } $captcha = isset($captcha) ? input_trim($captcha) : ''; $msg = captcha($captcha, $need_captcha, true); if($msg) exit('captcha'); $sql = $_userid ? "username='$_username'" : "ip='$DT_IP'"; if($MOD['comment_limit']) { $today = $today_endtime - 86400; $r = $db->get_one("SELECT COUNT(*) AS num FROM {$DT_PRE}comment WHERE $sql AND addtime>$today"); $r['num'] < $MOD['comment_limit'] or exit('max'); } if($MOD['comment_time']) { $r = $db->get_one("SELECT addtime FROM {$DT_PRE}comment WHERE $sql ORDER BY addtime DESC"); if($r && $DT_TIME - $r['addtime'] < $MOD['comment_time']) exit('fast'); } $content = isset($content) ? convert(input_trim(nl2br($content)), 'UTF-8', DT_CHARSET) : ''; $content = dhtmlspecialchars(trim($content)); $content = preg_replace("/&([a-z]{1,});/", '', $content); $len = word_count($content); if($len < $MOD['comment_min']) exit('ko'); if($len > $MOD['comment_max']) exit('ko'); $star = intval($star); in_array($star, array(1, 2, 3)) or $star = 3; $status = get_status(3, $MOD['comment_check'] == 2 ? $MG['check'] : $MOD['comment_check']); $hidden = isset($hidden) ? 1 : 0; $title = addslashes($title); $content = nl2br($content); $quotation = ''; $qid = 0; $db->query("INSERT INTO {$DT_PRE}comment (item_mid,item_id,item_title,item_username,content,quotation,qid,addtime,username,passport,hidden,star,ip,status) VALUES ('$mid','$itemid','$title','$username','$content','$quotation','$qid','$DT_TIME','$_username','$_passport','$hidden','$star','$DT_IP','$status')"); $cid = $db->insert_id(); $r = $db->get_one("SELECT sid FROM {$DT_PRE}comment_stat WHERE moduleid=$mid AND itemid=$itemid"); $star = 'star'.$star; if($r) { $db->query("UPDATE {$DT_PRE}comment_stat SET comment=comment+1,`{$star}`=`{$star}`+1 WHERE sid=$r[sid]"); } else { $db->query("INSERT INTO {$DT_PRE}comment_stat (moduleid,itemid,{$star},comment) VALUES ('$mid','$itemid','1','1')"); } if($status == 3) { if($_username && $MOD['credit_add_comment']) { credit_add($_username, $MOD['credit_add_comment']); credit_record($_username, $MOD['credit_add_comment'], 'system', $L['comment_record_add'], 'ID:'.$cid); } exit('ok'); } else { exit('check'); } exit('ko'); break; default: if($EXT['comment_api']) { // } else { $lists = array(); $condition = "item_mid=$mid AND item_id=$itemid AND status=3"; $r = $db->get_one("SELECT COUNT(*) AS num FROM {$DT_PRE}comment WHERE {$condition}"); $items = $r['num']; $pages = mobile_pages($items, $page, $pagesize); if($items) { $result = $db->query("SELECT * FROM {$DT_PRE}comment WHERE {$condition} ORDER BY itemid ASC LIMIT $offset,$pagesize"); $floor = $page == 1 ? 0 : ($page-1)*$pagesize; while($r = $db->fetch_array($result)) { $r['floor'] = ++$floor; if($r['username']) { $r['name'] = $r['hidden'] ? $MOD['comment_am'] : $r['passport']; $r['uname'] = $r['hidden'] ? '' : $r['username']; } else { $r['name'] = 'IP:'.hide_ip($r['ip']); $r['uname'] = ''; } $lists[] = $r; } } } $head_title = $title.$DT['seo_delimiter'].$head_title; $foot = ''; include template('comment', 'mobile'); if(DT_CHARSET != 'UTF-8') toutf8(); break; } ?>