PageRenderTime 42ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 0ms

/class/bbs/SaveEdit.class.php

https://github.com/hylinux/ltebbs
PHP | 292 lines | 170 code | 58 blank | 64 comment | 46 complexity | ca4c9dbcc4dbd7ad2d6899a230d9d316 MD5 | raw file
    

  1. <?php
    2. 

  2. //vim:set expandtab tabstop=3 shiftwidth=3 softtabstop=3 foldcolumn=1 foldmethod=marker:
    3. 

  3. /**
    4. 

  4.  * 项目:   5anet(BBS)
    5. 

  5.  * 文件:   class/bbs/SaveEdit.class.php
    6. 

  6.  *
    7. 

  7.  * 保存编辑后的帖子或者是主题
    8. 

  8.  *
    9. 

  9.  * PHP Version 5
    10. 

  10.  *
    11. 

  11.  * @package:   class.bbs
    12. 

  12.  * @author:    Mike.G   Chinese Name: 黄叶 <hylinux@gmail.com>
    13. 

  13.  * @license:   http://www.gnu.org/copyleft/lesser.html  LGPL License 2.1 
    14. 

  14.  * @copyright: http://www.5anet.com
    15. 

  15.  * @version:   $Id: SaveEdit.class.php,v 1.1.1.1 2006-08-28 13:09:20 ghw Exp $
    16. 

  16.  * @date:      $Date: 2006-08-28 13:09:20 $
    17. 

  17.  */
    18. 

  18. 

  19. include_once CLASS_PATH.'main/BaseAction.class.php';
    20. 

  20. include_once CLASS_PATH.'bbs/LayoutUtil.class.php';
    21. 

  21. include_once CLASS_PATH.'bbs/TopicUtil.class.php';
    22. 

  22. 

  23. include_once FUNCTION_PATH.'getCurrentDate.fun.php';
    24. 

  24. 

  25. 

  26. 

  27. //include the language file
    28. 

  28. if ( file_exists(LANG_PATH.SYSTEM_LANG.'/SaveEdit.lang.php') ) {
    29. 

  29.    include_once LANG_PATH.SYSTEM_LANG.'/SaveEdit.lang.php';
    30. 

  30. }
    31. 

  31. 

  32. class SaveEdit extends BaseAction {
    33. 

  33.    /**
    34. 

  34.     * 数据库的连接
    35. 

  35.     */
    36. 

  36.    public $db;
    37. 

  37. 

  38.    /**
    39. 

  39.     * 构造函数
    40. 

  40.     * @param:  NULL
    41. 

  41.     * @return: NULL
    42. 

  42.     * @access: public
    43. 

  43.     */
    44. 

  44.    public function __construct() {
    45. 

  45.       $this->db = $this->getDB();
    46. 

  46.    }
    47. 

  47. 

  48.    /**
    49. 

  49.     * 保存编辑后的帖子
    50. 

  50.     * @param:  NULL
    51. 

  51.     * @return: NULL
    52. 

  52.     * @access: public
    53. 

  53.     */
    54. 

  54.    public function run() {
    55. 

  55.       //收集变量
    56. 

  56.       $topic = $this->getParameterFromPOST('topic');
    57. 

  57.       $id = $this->getParameterFromPOST('id');
    58. 

  58.       $title = $this->getParameterFromPOST('title');
    59. 

  59.       $content = $this->getParameterFromPOST('content');
    60. 

  60.       $express = $this->getParameterFromPOST('express');
    61. 

  61.       $delattach = $this->getParameterFromPOST('delattach');
    62. 

  62. 

  63. 

  64.       if ( !$title || strlen($title)<=0 ) {
    65. 

  65.          $this->AlertAndBack(SE_TITLE_IS_EMPTY);
    66. 

  66.          return;
    67. 

  67.       }
    68. 

  68. 

  69.       /*
    70. 

  70.       if ( strlen($title) > 140 ) {
    71. 

  71.          $this->AlertAndBack(SE_TITLE_TOO_LONG);
    72. 

  72.          return;
    73. 

  73.       }*/
    74. 

  74. 

  75. 

  76. 

  77.       if ( !$content || strlen($content) <= 0 ) {
    78. 

  78.          $this->AlertAndBack(SE_CONTENT_IS_EMPTY);
    79. 

  79.          return;
    80. 

  80.       }
    81. 

  81. 

  82. 

  83.       //做出基本的判断/*{{{*/
    84. 

  84.       if ( !$id ) {
    85. 

  85.          $this->AlertandBack(SE_NO_TOPIC_ID);
    86. 

  86.          return;
    87. 

  87.       }
    88. 

  88. 

  89.       //找出这个帖子所在的版块的id, 作者。
    90. 

  90.       $layout_id = 0;
    91. 

  91.       $author = '';
    92. 

  92. 

  93.       if ( $topic ) {
    94. 

  94.          //如果是主题
    95. 

  95.          $sql = 'select layout_id, author from bbs_subject where id=?';
    96. 

  96.          $sth = $this->db->prepare($sql);
    97. 

  97.          $res = $this->db->execute($sth, array($id));
    98. 

  98.          $rows = $res->FetchRow();
    99. 

  99. 

  100.          $layout_id = $rows['layout_id'];
    101. 

  101.          $author = $rows['author'];
    102. 

  102.       } else {
    103. 

  103.          $sql = 'select layout_id, author from bbs_reply where id=?';
    104. 

  104.          $sth = $this->db->prepare($sql);
    105. 

  105.          $res = $this->db->execute($sth, array($id));
    106. 

  106.          $rows = $res->FetchRow();
    107. 

  107. 

  108.          $layout_id = $rows['layout_id'];
    109. 

  109.          $author = $rows['author'];
    110. 

  110.       }
    111. 

  111. 

  112.       if ( !$layout_id ) {
    113. 

  113.          //保存的帖子根本不存在。
    114. 

  114.          $this->AlertAndBlack(SE_TOPIC_IS_NOT_EXISTS);
    115. 

  115.          return;
    116. 

  116.       }
    117. 

  117. 

  118.       //判断用户是否可以编辑
    119. 

  119.        if ( $topic ) {
    120. 

  120.          //如果等于1,则为主题
    121. 

  121.             //如果存在,则判断用户是否有权利修改
    122. 

  122.             $sql = 'select author, layout_id from bbs_subject where id=?';
    123. 

  123.             $sth = $this->db->Prepare($sql);
    124. 

  124.             $res = $this->db->Execute($sth, array($id));
    125. 

  125.             $rows = $res->FetchRow();
    126. 

  126.             $user_name = $rows['author'];
    127. 

  127. 

  128.             $bbs_id = $rows['layout_id'];
    129. 

  129. 

  130.             $user_can_be_edit = 0;
    131. 

  131.             if ( strtolower($_SESSION['user']['name']) == strtolower($user_name) ) {
    132. 

  132.                $user_can_be_edit = 1;
    133. 

  133.             } else if ( strtolower($_SESSION['user']['name']) != strtolower($user_name) ) {
    134. 

  134.                //判断用户是否是这个版块的版主。
    135. 

  135.                $dep = UserUtil::getUserDep($db, $_SESSION['user']['name']);
    136. 

  136. 

  137.                if ( $dep == 1 || $dep == 2 ) {
    138. 

  138.                   $user_can_be_edit = 1;
    139. 

  139.                } else if ( $dep == 3 ) {
    140. 

  140.                   $user_can_be_edit = UserUtil::isThisLayoutAdmin($db, $id, $_SESSION['user']['name']);
    141. 

  141.                }
    142. 

  142.             }
    143. 

  143. 

  144.             if ( !$user_can_be_edit ) {
    145. 

  145.                $this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
    146. 

  146.                return;
    147. 

  147.             }
    148. 

  148.       } else {
    149. 

  149.          //$topic 为其他值,那么就是回帖,而不是主题
    150. 

  150.          $sql = 'select author, subject_id, layout_id from bbs_reply where id=?';
    151. 

  151.          $sth = $this->db->Prepare($sql);
    152. 

  152.          $res = $this->db->Execute($sth, array($id));
    153. 

  153.          $rows = $res->FetchRow();
    154. 

  154. 

  155.          if ( !$rows['author'] ) {
    156. 

  156.             $this->AlertAndBack(SE_TOPIC_ID_IS_NOT_EXISTS);
    157. 

  157.             return;
    158. 

  158.          }
    159. 

  159. 

  160.          //如果存在,
    161. 

  161.          //则判断用户是否有权限
    162. 

  162.          $user_name = $rows['author'];
    163. 

  163.          $subject_id = $rows['subject_id'];
    164. 

  164.          $bbs_id = $rows['layout_id'];
    165. 

  165. 

  166.          $user_can_be_edit = 0;
    167. 

  167.          if ( strtolower($_SESSION['user']['name']) == strtolower($user_name) ) {
    168. 

  168.             $user_can_be_edit = 1;
    169. 

  169.          } else if ( strtolower($_SESSION['user']['name']) != strtolower($user_name) ) {
    170. 

  170.             //判断用户是否是这个版块的版主。
    171. 

  171.             $dep = UserUtil::getUserDep($db, $_SESSION['user']['name']);
    172. 

  172. 

  173.             if ( $dep == 1 || $dep == 2 ) {
    174. 

  174.                $user_can_be_edit = 1;
    175. 

  175.             } else if ( $dep == 3 ) {
    176. 

  176.                $user_can_be_edit = UserUtil::isThisLayoutAdmin($db, $subject_id, $_SESSION['user']['name']);
    177. 

  177.             }
    178. 

  178.          }
    179. 

  179. 

  180.          if ( !$user_can_be_edit ) {
    181. 

  181.             $this->AlertAndBack(SE_YOU_HAVE_NO_PRIVIATE);
    182. 

  182.             return;
    183. 

  183.          }
    184. 

  184.       }
    185. 

  185.     /*}}}*/
    186. 

  186. 

  187. 

  188. 

  189.       //判断做完了,则可以开始进行更新了。
    190. 

  190.       
    191. 

  191.       //求现在的时间
    192. 

  192.       $now = getNoFormateCurrentDate();
    193. 

  193. 

  194. 

  195.       if ( $topic ) {
    196. 

  196.          $user_name = $_SESSION['user']['name'];
    197. 

  197. 

  198.          $sql = 'update bbs_subject set title=?, content=?, express=?, is_edit=1, '.
    199. 

  199.            ' edit_user=?, edit_time=? where id=?';
    200. 

  200.          $sth = $this->db->prepare($sql);
    201. 

  201.          $this->db->execute($sth, 
    202. 

  202.             array($title, $content, $express, $user_name, $now, $id));
    203. 

  203. 

  204.          if ( $this->db->ErrorNo() ) {
    205. 

  205.             $this->AlertAndBack($this->db->ErrorMsg());
    206. 

  206.             return;
    207. 

  207.          }
    208. 

  208. 

  209.          if ( $delattach ) {
    210. 

  210.             //删除这个附件
    211. 

  211.             $sql = 'select file_type from bbs_subject_attach where subject_id=?';
    212. 

  212.             $sth = $this->db->prepare($sql);
    213. 

  213.             $res = $this->db->execute($sth, array($id));
    214. 

  214.             $rows = $res->FetchRow();
    215. 

  215.             $file_type = $rows['file_type'];
    216. 

  216. 

  217.             $del_sql = 'delete from bbs_subject_attach where subject_id=?';
    218. 

  218.             $sth = $this->db->prepare($del_sql);
    219. 

  219.             $this->db->execute($sth, array($id));
    220. 

  220. 

  221.             //删除文件。
    222. 

  222.             $filename = ROOT_PATH.'upload/attach/'.$id.$file_type;
    223. 

  223.             unlink($filename);
    224. 

  224.          }
    225. 

  225.       } else {
    226. 

  226.          $user_name = $_SESSION['user']['name'];
    227. 

  227. 

  228.          $sql = 'update bbs_reply set title=?, content=?, express=?, is_edit=1, '.
    229. 

  229.            ' edit_user=?, edit_time=? where id=?';
    230. 

  230.          $sth = $this->db->prepare($sql);
    231. 

  231.          $this->db->execute($sth, 
    232. 

  232.             array($title, $content, $express, $user_name, $now, $id));
    233. 

  233. 

  234.          if ( $this->db->ErrorNo() ) {
    235. 

  235.             $this->AlertAndBack($this->db->ErrorMsg());
    236. 

  236.             return;
    237. 

  237.          }
    238. 

  238. 

  239. 

  240.          if ( $delattach ) {
    241. 

  241.             //删除这个附件
    242. 

  242.             $sql = 'select file_type from bbs_reply_attach where reply_id=?';
    243. 

  243.             $sth = $this->db->prepare($sql);
    244. 

  244.             $res = $this->db->execute($sth, array($id));
    245. 

  245.             $rows = $res->FetchRow();
    246. 

  246.             $file_type = $rows['file_type'];
    247. 

  247. 

  248.             $del_sql = 'delete from bbs_reply_attach where reply_id=?';
    249. 

  249.             $sth = $this->db->prepare($del_sql);
    250. 

  250.             $this->db->execute($sth, array($id));
    251. 

  251. 

  252.             //删除文件。
    253. 

  253.             $filename = ROOT_PATH.'upload/attach/reply/'.$id.$file_type;
    254. 

  254.             unlink($filename);
    255. 

  255.          }
    256. 

  256. 

  257.       }
    258. 

  258. 

  259. 

  260.       //编辑成功后,返回当时的页面
    261. 

  261.       if ( $topic ) {
    262. 

  262.          //如果是主页
    263. 

  263.          //则返回第一页
    264. 

  264.           $this->TipsAndForward(
    265. 

  265.               SE_SAVE_EDIT_SUCCESS,
    266. 

  266.               'index.php?module=bbs&action=viewtopic&id='.$id);
    267. 

  267. 

  268.          return;
    269. 

  269.       } else {
    270. 

  270.          //不是主题
    271. 

  271.          //则是回复
    272. 

  272.          //求这个回帖的位置所在的位置
    273. 

  273.          $sql = 'select subject_id from bbs_reply where id=?';
    274. 

  274.          $sth = $this->db->prepare($sql);
    275. 

  275.          $res = $this->db->Execute($sth, array($id));
    276. 

  276.          $rows = $res->FetchRow();
    277. 

  277.          
    278. 

  278.          $sort_number = TopicUtil::getSortNumber($this->db, $rows['subject_id'], $id);
    279. 

  279. 

  280.          $page = ceil ( $sort_number / 10 );
    281. 

  281. 

  282.          //这里还有很多的工作需要做
    283. 

  283.          $this->TipsAndForward(
    284. 

  284.              SE_SAVE_EDIT_SUCCESS,
    285. 

  285.              'index.php?module=bbs&action=viewtopic&id='.$rows['subject_id'].'&page='.$page.
    286. 

  286.              '#topic'.$sort_number);
    287. 

  287. 

  288.       }
    289. 

  289. 

  290.    }
    291. 

  291. 

  292. }
    293. 

  293.