www.gusucode.com > Destoon B2B仿淘宝电子商务网站 UTF8 v6.0源码程序 > destoon/module/member/ask.inc.php
<?php
defined('IN_DESTOON') or exit('Access Denied');
login();
require DT_ROOT.'/module/'.$module.'/common.inc.php';
$MG['ask'] or dalert(lang('message->without_permission_and_upgrade'), 'goback');
require DT_ROOT.'/include/post.func.php';
$TYPE = get_type('ask', 1);
$TYPE or message($L['feature_close']);
$forward or $forward = '?action=index';
$dstatus = $L['ask_status'];
$r = $db->get_one("SELECT support FROM {$DT_PRE}member WHERE userid=$_userid");
$support = $r['support'] ? $r['support'] : '';
switch($action) {
case 'add':
$a = array();
if($itemid) {
$r = $db->get_one("SELECT * FROM {$DT_PRE}ask WHERE itemid=$itemid");
if($r['username'] == $_username && $r['status'] > 1) $a = $r;
}
if($submit) {
$typeid = intval($typeid);
if(!$typeid || !isset($TYPE[$typeid])) message($L['pass_typeid']);
if(empty($title)) message($L['pass_title']);
if(empty($content)) message($L['pass_content']);
$fields = array(
'typeid' => $typeid,
'title' => $title,
);
$fields = dhtmlspecialchars($fields);
clear_upload($content);
$content = dsafe(addslashes(save_remote(save_local(stripslashes($content)))));
$fields['content'] = $content;
$fields['qid'] = $a ? $a['itemid'] : 0;
$fields['username'] = $_username;
$fields['addtime'] = $DT_TIME;
$sqlk = $sqlv = '';
foreach($fields as $k=>$v) {
$sqlk .= ','.$k; $sqlv .= ",'$v'";
}
$sqlk = substr($sqlk, 1); $sqlv = substr($sqlv, 1);
$db->query("INSERT INTO {$DT_PRE}ask ($sqlk) VALUES ($sqlv)");
dmsg($L['ask_add_success'], '?action=index');
} else {
$typeid = isset($typeid) ? intval($typeid) : 0;
$title = '';
$content = '';
if($a) {
$typeid = $a['typeid'];
$title = $a['title'];
$content = $a['content'];
}
$type_select = type_select($TYPE, 1, 'typeid', $L['choose_type'], $typeid, 'id="typeid"');
$head_title = $L['ask_title_add'];
}
break;
case 'edit':
$itemid or message();
$r = $db->get_one("SELECT * FROM {$DT_PRE}ask WHERE itemid=$itemid");
$r or message();
$r['username'] == $_username or message();
if($r['status'] > 0) message($L['ask_msg_edit']);
if($submit) {
$typeid = intval($typeid);
if(!$typeid || !isset($TYPE[$typeid])) message($L['pass_typeid']);
if(empty($title)) message($L['pass_title']);
if(empty($content)) message($L['pass_content']);
clear_upload($content);
$content = dsafe(addslashes(save_remote(save_local(stripslashes($content)))));
$fields = array(
'typeid' => $typeid,
'title' => $title,
);
$fields = dhtmlspecialchars($fields);
$fields['content'] = $content;
$sql = '';
foreach($fields as $k=>$v) {
$sql .= ",$k='$v'";
}
$sql = substr($sql, 1);
$db->query("UPDATE {$DT_PRE}ask SET $sql WHERE itemid=$itemid");
dmsg($L['op_edit_success'], $forward);
} else {
extract($r);
$type_select = type_select($TYPE, 1, 'typeid', $L['choose_type'], $typeid, 'id="typeid"');
$head_title = $L['ask_title_edit'];
}
break;
case 'show':
$itemid or message();
$r = $db->get_one("SELECT * FROM {$DT_PRE}ask WHERE itemid=$itemid");
$r or message();
$r['username'] == $_username or message();
extract($r);
$addtime = timetodate($addtime, 5);
$edittime = $edittime ? timetodate($edittime, 5) : '';
$stars = $L['ask_star_type'];
$head_title = $L['ask_title_show'];
break;
case 'star':
$itemid or message();
$r = $db->get_one("SELECT * FROM {$DT_PRE}ask WHERE itemid=$itemid");
$r or message();
$r['username'] == $_username or message();
$r['star'] == 0 or message();
$star = isset($star) ? intval($star) : 3;
in_array($star, array(1, 2, 3)) or $star = 3;
$db->query("UPDATE {$DT_PRE}ask SET star=$star WHERE itemid=$itemid");
dmsg($L['ask_star_success'], '?action=show&itemid='.$itemid);
break;
case 'delete':
$itemid or message();
$r = $db->get_one("SELECT * FROM {$DT_PRE}ask WHERE itemid=$itemid");
$r or message();
$r['username'] == $_username or message();
$r['status'] == 0 or message();
$db->query("DELETE FROM {$DT_PRE}ask WHERE itemid=$itemid");
dmsg($L['op_del_success'], $forward);
break;
default:
isset($fields) && isset($dfields[$fields]) or $fields = 0;
$typeid = isset($typeid) ? ($typeid === '' ? -1 : intval($typeid)) : -1;
$type_select = type_select($TYPE, 1, 'typeid', $L['default_type'], $typeid, '', $L['all_type']);
$condition = "username='$_username'";
if($keyword) $condition .= " AND title LIKE '%$keyword%'";
if($typeid > -1) $condition .= " AND typeid=$typeid";
$r = $db->get_one("SELECT COUNT(*) AS num FROM {$DT_PRE}ask WHERE $condition");
$pages = pages($r['num'], $page, $pagesize);
$asks = array();
$result = $db->query("SELECT * FROM {$DT_PRE}ask WHERE $condition ORDER BY itemid DESC LIMIT $offset,$pagesize");
while($r = $db->fetch_array($result)) {
$r['adddate'] = timetodate($r['addtime'], 5);
$r['editdate'] = $r['edittime'] ? timetodate($r['edittime'], 5) : 'N/A';
$r['dstatus'] = $dstatus[$r['status']];
$r['dstar'] = $L['ask_star_type'][$r['star']];
$r['type'] = $r['typeid'] && isset($TYPE[$r['typeid']]) ? set_style($TYPE[$r['typeid']]['typename'], $TYPE[$r['typeid']]['style']) : $L['default_type'];
$asks[] = $r;
}
$head_title = $L['ask_title'];
break;
}
include template('ask', $module);
?>