/apps/diary/action/my.php
PHP | 593 lines | 453 code | 80 blank | 60 comment | 136 complexity | 65de748e2c29702a731cad7686cb4141 MD5 | raw file
- <?php
- !defined('A_P') && exit('Forbidden');
- //TODO 刪除不用的請求處理分支,分離出ajax請求
- if(!$winduid){
- S::gp(array('a','q','did'));
- $did = (int)S::getGP('did');
- ('detail' !== $a) && ('diary' !== $q) && !is_numeric($did) && Showmsg("not_login");
- $diaryService = L::loadClass('Diary', 'diary');
- $diaryTemp = $diaryService->get($did);
- $url = $db_bbsurl."/apps.php?q=diary&a=detail&did=".$did."&uid=".$diaryTemp['uid'];
- ObHeader($url);
- }
- $USCR = 'user_diary';
- //TODO 暫時調用
-
- S::gp(array('s','diraryAjax'));
- if ($diraryAjax == 1) define('AJAX', '1');
-
- $a = isset($a) ? $a : 'list';
-
- $basename = 'apps.php?q='.$q.'&';
- $temp_basename = 'apps.php?q='.$q.'&a='.$a.'&';
-
- if ($a == 'list') {//我的日誌列表
-
- $dtid = (int)S::getGP('dtid');//TODO 查看日誌分類ID
- $diaryTypeId = $dtid == '-1' ? 0 : (is_numeric($dtid) && $dtid > 0 ? $dtid : null);
- $diaryPrivacy = $dtid == '-2' ? array(2) : array();
- $diaryService = L::loadClass('Diary', 'diary'); /* @var $diaryService PW_Diary */
- list($diaryNums, $diaryType, $defaultTypeNum, $privacyNum) = $diaryService->getDiaryTypeMode($winduid, 0); //TODO 右側分類Start
- $count = (int)$diaryService->countUserDiarys($winduid, $diaryTypeId, $diaryPrivacy);
- $page > ceil($count/$db_perpage) && $page = ceil($count/$db_perpage);
- $diaryDb = ($count) ? $diaryService->findUserDiarysInPage($winduid, $page, $db_perpage, $diaryTypeId, $diaryPrivacy) : array();
- $pages = numofpage($count,$page,ceil($count/$db_perpage),"{$basename}a=$a&dtid=$dtid&");
-
- } elseif ($a == 'detail') {//查看我的日誌
- $stylepath = L::style('stylepath');
- $did = (int)S::getGP('did');
- $fuid = (int)S::getGP('fuid');
- !$did && Showmsg("日誌不存在");
- $diaryService = L::loadClass('Diary', 'diary'); /* @var $diaryService PW_Diary */
- list($diaryNums, $diaryType, $defaultTypeNum, $privacyNum) = $diaryService->getDiaryTypeMode($winduid, 0);//TODO 右側分類Start
- $diaryTemp = $diaryService->get($did);
- if ($diaryTemp['uid'] != $winduid) {//轉跳處理
- $url = $db_bbsurl."/apps.php?q=diary&a=detail&did=".$did."&uid=".$diaryTemp['uid'];
- ObHeader($url);
- }
- $diary = $diaryService->getDiaryDbView($diaryTemp);
- list($commentdb,$subcommentdb,$pages) = getCommentDbByTypeid('diary',$did,$page,"{$basename}a={$a}&did={$did}&#createcommentbox");
- $comment_type = 'diary';
- $comment_typeid = $did;
- $myOuserData = array();
- $ouserdataService = L::loadClass('Ouserdata', 'sns'); /* @var $ouserdataService PW_Ouserdata */
- $myOuserData = $ouserdataService->get($winduid);
- $weiboPriv = false;
- if (!$myOuserData['index_privacy'] && !$myOuserData['diary_privacy'] && !$diary['privacy']){
- $weiboPriv = true;
- }
-
- $diaryNextName=getNextOrPreDiaryName($did, $fuid,'next');
- $diaryPreName=getNextOrPreDiaryName($did, $fuid,'pre');
- } elseif ($a == 'friendslists') {//好友日誌列表
-
- $friendsService = L::loadClass('Friend', 'friend'); /* @var $friendsService PW_Friend */
- $friendsUids = array();
- $friendsUids = $friendsService->findFriendsByUid($winduid);
- $diaryService = L::loadClass('Diary', 'diary'); /* @var $diaryService PW_Diary */
- $count = (int)$diaryService->countFriendsDiarys($friendsUids);
- $page > ceil($count/$db_perpage) && $page = ceil($count/$db_perpage);
- $diaryDb = ($count) ? $diaryService->findFriendsDiarysInPage($friendsUids, $page, $db_perpage) : array();
- $page > ceil($count/$db_perpage) && $page = ceil($count/$db_perpage);
- $pages = numofpage($count, $page, ceil($count/$db_perpage), $basename."a=$a&");
-
- } elseif ($a == 'friendlist') {//單個好友列表
-
- S::gp(array('fuid', 'dtid'));
- !$fuid && Showmsg('好友不存在');
-
- $ouserPrivacy = array();
- if ($isGM) {
- $ouserPrivacy['index'] = true;
- $ouserPrivacy['diary'] = true;
- } else{
- $ouserdataService = L::loadClass('Ouserdata', 'sns'); /* @var $ouserdataService PW_Ouserdata */
- $ouserDb = array();
- $ouserDb = $ouserdataService->get($fuid);
- list(,$ouserPrivacy) = pwUserPrivacy($fuid,$ouserDb);
- }
- !$ouserPrivacy['index'] && Showmsg('該朋友的空間設置了查看權限');
- !$ouserPrivacy['diary'] && Showmsg('該朋友的日誌設置了查看權限');
-
- $diaryTypeId = ($dtid == '-1') ? 0 : ( (is_numeric($dtid) && $dtid > 0) ? $dtid : null );
- $friendsService = L::loadClass('Friend', 'friend'); /* @var $friendsService PW_Friend */
- if ($friendsService->isFriend($winduid,$fuid) !== true) Showmsg('好友不存在');
- $diaryPrivacy = array(0,1);
- $diaryService = L::loadClass('Diary', 'diary'); /* @var $diaryService PW_Diary */
- list($diaryNums, $diaryType, $defaultTypeNum, $privacyNum) = $diaryService->getDiaryTypeMode($fuid, $diaryPrivacy);//TODO 右側分類Start
- $count = (int)$diaryService->countUserDiarys($fuid, $diaryTypeId, $diaryPrivacy);
- $page > ceil($count/$db_perpage) && $page = ceil($count/$db_perpage);
- $diaryDb = ($count) ? $diaryService->findUserDiarysInPage($fuid, $page, $db_perpage, $diaryTypeId, $diaryPrivacy) : array();
- $page > ceil($count/$db_perpage) && $page = ceil($count/$db_perpage);
- $pages = numofpage($count,$page,ceil($count/$db_perpage),"{$basename}a=$a&fuid=$fuid&dtid=$dtid&");
-
- } elseif ($a == 'frienddetail') {//查看好友日誌
-
- S::gp(array('did', 'fuid'));
- !$did && Showmsg("日誌不存在");
- !$fuid && Showmsg("好友不存在");
-
- $ouserPrivacy = array();
- if ($isGM) {
- $ouserPrivacy['index'] = true;
- $ouserPrivacy['diary'] = true;
- } else{
- $ouserdataService = L::loadClass('Ouserdata', 'sns'); /* @var $ouserdataService PW_Ouserdata */
- $ouserDb = array();
- $ouserDb = $ouserdataService->get($fuid);
- list(,$ouserPrivacy) = pwUserPrivacy($fuid,$ouserDb);
- }
- !$ouserPrivacy['index'] && Showmsg('該朋友的空間設置了查看權限');
- !$ouserPrivacy['diary'] && Showmsg('該朋友的日誌設置了查看權限');
-
- $diaryService = L::loadClass('Diary', 'diary'); /* @var $diaryService PW_Diary */
- $diaryTemp = $diaryService->get($did);
-
- $diaryTemp['uid'] != $fuid && Showmsg('日誌不存在');
- $diaryTemp['privacy'] == 2 && Showmsg("日誌不存在");
- $diary = $diaryService->getDiaryDbView($diaryTemp);
-
- $friendsService = L::loadClass('Friend', 'friend'); /* @var $friendsService PW_Friend */
- if ($friendsService->isFriend($winduid,$fuid) !== true) Showmsg('好友不存在');
- $diaryPrivacy = array(0,1);
-
- list($diaryNums, $diaryType, $defaultTypeNum, $privacyNum) = $diaryService->getDiaryTypeMode($fuid, $diaryPrivacy);
-
- list($commentdb,$subcommentdb,$pages) = getCommentDbByTypeid('diary',$did,$page,"{$basename}a={$a}&fuid={$fuid}&did={$did}&");
- $comment_type = 'diary';
- $comment_typeid = $did;
-
- $myOuserData = array();
- $ouserdataService = L::loadClass('Ouserdata', 'sns'); /* @var $ouserdataService PW_Ouserdata */
- $myOuserData = $ouserdataService->get($fuid);
- $weiboPriv = false;
- if (!$myOuserData['index_privacy'] && !$myOuserData['diary_privacy'] && !$diary['privacy']){
- $weiboPriv = true;
- }
- $friendDiaryNextName=getNextOrPreDiaryName($did, $fuid,'next');
- $friendDiaryPreName=getNextOrPreDiaryName($did, $fuid,'pre');
- } elseif ($a == 'write') {
-
- //權限設置
- /**
- * 禁止受限制用戶發言
- */
- banUser();
- /*
- * 新註冊會員發日誌時間限制
- */
- $userGroupsService = L::loadClass('UserGroups', 'user');
- $systemGroup = $userGroupsService->getUserGroupIds('system');
- if (!S::inArray($groupid,$systemGroup) && $db_postallowtime && $timestamp - $winddb['regdate'] < $db_postallowtime*60) {
- Showmsg('post_newd_limit');
- }
-
- /*
- * 用戶組發日誌權限限制
- */
- if ($groupid != 3 && $o_diary_groups && strpos($o_diary_groups,",$groupid,") === false) {
- Showmsg('diary_group_right');
- }
-
- /*
- * 灌水機制
- */
- $endtime = $tdtime + 24*3600;
- $postdate = $db->get_value("SELECT postdate FROM pw_diary WHERE uid=".S::sqlEscape($winduid)." ORDER BY postdate DESC LIMIT 1");
- $todaycount = $db->get_value("SELECT COUNT(*) as count FROM pw_diary WHERE uid=".S::sqlEscape($winduid)." AND postdate>=".S::sqlEscape($tdtime)." AND postdate<".S::sqlEscape($endtime));
-
- $tdtime >= $postdate && $todaycount = 0;
-
- if ($groupid != 3 && $o_diarylimit && $todaycount >= $o_diarylimit) {
- Showmsg('diary_gp_limit');
- }
-
- if ($groupid != 3 && $o_diarypertime && $timestamp >= $postdate && $timestamp - $postdate <= $o_diarypertime) {
- Showmsg('diary_limit');
- }
- //權限設置
-
- $db_uploadfiletype = $o_uploadsize = !empty($o_uploadsize) ? unserialize($o_uploadsize) : array();
- $imageAllow = pwJsonEncode($db_uploadfiletype);
-
- $myAppsData = array();
- $ouserDataService = L::loadClass('Ouserdata', 'sns'); /* @var $ouserDataService PW_Ouserdata */
- $myAppsData = $ouserDataService->get($winduid);
-
- $appsDiaryPrivacy = false;
- $myAppsData['index_privacy'] < 1 && $myAppsData['diary_privacy'] < 1 && $appsDiaryPrivacy = true;
-
-
- $sendWeiboPrivacy = $appsDiaryPrivacy;
- $weibocheck = $appsDiaryPrivacy === true ? 'checked=checked' : '';
- $weibodisplay = $appsDiaryPrivacy === true ? '' : 'style="display:none"';
-
- if (!$_POST['step']) {
-
- $editor = getstatus($winddb['userstatus'], PW_USERSTATUS_EDITOR) ? 'wysiwyg' : 'textmode';
- $dtsel = '';
- $query = $db->query("SELECT * FROM pw_diarytype WHERE uid=".S::sqlEscape($winduid)." ORDER BY dtid");
- while ($rt = $db->fetch_array($query)) {
- $dtsel .= "<option value=\"$rt[dtid]\">$rt[name]</option>";
- }
- $convertChecked = $checked = 'checked';
- $disabled = '';
-
- } elseif ($_POST['step'] == 2) {
-
- S::gp(array("privacy"));
- require_once(R_P.'require/postfunc.php');
- PostCheck(1,$o_diary_gdcheck,$o_diary_qcheck);
- S::gp(array('dtid','privacy','ifcopy','ifsendweibo','flashatt','atc_title'),'P');
- require_once(R_P.'require/bbscode.php');
-
- $wordsfb = L::loadClass('FilterUtil', 'filter');
- if (($banword = $wordsfb->comprise($_POST['atc_title'])) !== false) {
- Showmsg('diary_title_wordsfb');
- }
- if (($banword = $wordsfb->comprise($_POST['atc_content'], false)) !== false) {
- Showmsg('diary_content_wordsfb');
- }
- if (!$atc_title) $_POST['atc_title'] = get_date($timestamp,'Y.m.d').' 日誌';
- list($atc_title,$atc_content,$ifconvert,$ifwordsfb) = check_data('new');
- $userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */
- if ($db_tcheck) { //內容驗證
- $userDataInfo = $userService->get($winduid, false, true, false);
- $postcheck = unserialize($userDataInfo['postcheck']);
- $postcheck['diary'] == ($diaryCheck = tcheck($atc_content)) && Showmsg('diary_content_same');
- }
- //$db_tcheck && $winddb['postcheck'] == tcheck($atc_content) && Showmsg('diary_content_same'); //內容驗證
- $dtid = (int)$dtid;
- $privacy = (int)$privacy;
- $ifcopy = (int)$ifcopy;
- $ifupload = 0;
- // !$privacy && $ifcopy = 1;
-
- $aids = $attachs = array();
- L::loadClass('diaryupload', 'upload', false);
- if (PwUpload::getUploadNum() || $flashatt) {
- S::gp(array('savetoalbum', 'albumid'), 'P', 2);
- $diaryUpload = new DiaryUpload($winduid, $flashatt, $savetoalbum, $albumid);
- $diaryUpload->check();
- PwUpload::upload($diaryUpload);
- $aids = $diaryUpload->getAids();
- $attachs = $diaryUpload->getAttachs();
- $attachIds = $diaryUpload->getAttachIds();
- $ifupload = $diaryUpload->ifupload;
- }
- /**
- $pwSQL = S::sqlSingle(array(
- 'uid' => $winduid,
- 'dtid' => $dtid,
- 'aid' => (!empty($attachs) ? addslashes(serialize($attachs)) : ''),
- 'username' => $windid,
- 'privacy' => $privacy,
- 'subject' => $atc_title,
- 'content' => $atc_content,
- 'ifcopy' => $ifcopy,
- 'ifconvert' => $ifconvert,
- 'ifupload' => $ifupload,
- 'ifwordsfb' => $ifwordsfb,
- 'postdate' => $timestamp,
- ));
- $db->update("INSERT INTO pw_diary SET $pwSQL");**/
- $pwSQL = array(
- 'uid' => $winduid,
- 'dtid' => $dtid,
- 'aid' => (!empty($attachs) ? addslashes(serialize($attachs)) : ''),
- 'username' => $windid,
- 'privacy' => $privacy,
- 'subject' => $atc_title,
- 'content' => $atc_content,
- 'ifcopy' => $ifcopy,
- 'ifconvert' => $ifconvert,
- 'ifupload' => $ifupload,
- 'ifwordsfb' => $ifwordsfb,
- 'postdate' => $timestamp,
- );
- pwQuery::insert('pw_diary', $pwSQL);
- $did = $db->insert_id();
- $db->update("UPDATE pw_diarytype SET num=num+1 WHERE uid=".S::sqlEscape($winduid)." AND dtid=".S::sqlEscape($dtid));//更新分類日誌數
-
- if ($aids) {
- $diaryService = L::loadClass('Diary', 'diary');
- $diaryService->updateDiaryContentByAttach($did, $attachIds);
- $db->update("UPDATE pw_attachs SET did=" . S::sqlEscape($did) . " WHERE aid IN(" . S::sqlImplode($aids) . ")");
- $pwInfoSQL = array(
- 'uploadtime' => $winddb['uploadtime'],
- 'uploadnum' => $winddb['uploadnum']
- );
- }
-
- if (!$privacy && !$myAppsData['index_privacy'] && !$myAppsData['diary_privacy']) {
- $userCache = L::loadClass('Usercache', 'user');
- $userCache->delete($winduid, 'carddiary');
- updateDatanalyse($did,'diaryNew',$timestamp);
- if ($sendWeiboPrivacy && $ifsendweibo) {
- $weiboService = L::loadClass('weibo','sns');/* @var $weiboService PW_Weibo */
- $atc_content = substrs(stripWindCode($weiboService->escapeStr($atc_content)), 125);
- $weiboExtra = array(
- 'did' => $did,
- 'title' => stripslashes($atc_title),
- );
- $weiboService->send($winduid,$atc_content,'diary',$did,$weiboExtra);
- }
- }
- countPosts('+1');
- //積分變動
- require_once(R_P.'require/credit.php');
- $o_diary_creditset = unserialize($o_diary_creditset);
- $creditset = getCreditset($o_diary_creditset['Post']);
- $creditset = array_diff($creditset,array(0));
- if (!empty($creditset)) {
- $credit->sets($winduid,$creditset,true);
- updateMemberid($winduid);
- }
-
- if ($creditlog = unserialize($o_diary_creditlog)) {
- addLog($creditlog['Post'],$windid,$winduid,'diary_Post');
- }
- updateUserAppNum($winduid,'diary');
- if ($db_tcheck) {
- $postcheck['diary'] = $diaryCheck;
- $pwInfoSQL['postcheck'] = serialize($postcheck);
- }
- S::isArray($pwInfoSQL) && $userService->update($winduid, array(), $pwInfoSQL);
- $url = "{$basename}a=detail&did=$did";
- $msg = defined('AJAX') ? "success\t".$url : 'operate_success';
- // defend start
- CloudWind::YunPostDefend ( $winduid, $windid, $groupid, $did, $atc_title, $atc_content, 'diary' );
- // defend end
- refreshto($url,$msg);
- }
- } elseif ($a == 'edit') {
-
- $db_uploadfiletype = $o_uploadsize = !empty($o_uploadsize) ? unserialize($o_uploadsize) : array();
- $imageAllow = pwJsonEncode($db_uploadfiletype);
-
- $sendWeiboPrivacy = false;
-
- if (!$_POST['step']) {
-
- $did = (int)S::getGP('did');
- $editor = getstatus($winddb['userstatus'], PW_USERSTATUS_EDITOR) ? 'wysiwyg' : 'textmode';
- $dtsel = '';
- $diary = $db->get_one("SELECT did,dtid,aid,privacy,subject,content,ifcopy,ifconvert FROM pw_diary WHERE uid=".S::sqlEscape($winduid)." AND did=".S::sqlEscape($did));
-
- !$diary && Showmsg('illegal_request');
- $attach = '';
- if ($diary['aid']) {
- $attachs = unserialize($diary['aid']);
- if (is_array($attachs)) {
- foreach ($attachs as $key => $value) {
- list($value['attachurl'],) = geturl($value['attachurl'], 'lf');
- $attach .= "'$key' : ['$value[name]', '$value[size]', '$value[attachurl]', '$value[type]', '$value[special]', '$value[needrvrc]', '$value[ctype]', '$value[desc]'],";
- }
- $attach = rtrim($attach,',');
- }
- }
-
- $atc_content = $diary['content'];
- ${'privacy_'.$diary['privacy']} = 'selected';
- $diary['ifcopy'] && $checked = 'checked';
-
-
- $diary['ifconvert'] == 2 && $convertChecked = 'checked';
-
-
- ($diary['privacy'] == '2') && $disabled = 'disabled';
-
- $query = $db->query("SELECT * FROM pw_diarytype WHERE uid=".S::sqlEscape($winduid)." ORDER BY dtid");
- while ($rs = $db->fetch_array($query)) {
- $selected = '';
- $rs['dtid'] == $diary['dtid'] && $selected .= 'selected';
- $dtsel .= "<option value=\"$rs[dtid]\" $selected>$rs[name]</option>";
- }
- if (strpos($atc_content,$db_bbsurl) !== false) {
- $atc_content = str_replace('p_w_picpath',$db_picpath,$atc_content);
- $atc_content = str_replace('p_w_upload',$db_attachname,$atc_content);
- }
-
- } elseif ($_POST['step'] == 2) {
-
- S::gp(array('did','dtid','dtided','privacy','privacyed','ifcopy','flashatt'),'P');
-
- require_once(R_P.'require/bbscode.php');
- require_once(R_P.'require/postfunc.php');
- PostCheck(1,$o_diary_gdcheck,$o_diary_qcheck);
-
- $wordsfb = L::loadClass('FilterUtil', 'filter');
- if (($banword = $wordsfb->comprise($_POST['atc_title'])) !== false) {
- Showmsg('diary_title_wordsfb');
- }
- if (($banword = $wordsfb->comprise($_POST['atc_content'], false)) !== false) {
- Showmsg('diary_content_wordsfb');
- }
-
- list($atc_title,$atc_content,$ifconvert,$ifwordsfb) = check_data('modify');
- //$db_tcheck && $winddb['postcheck'] == tcheck($atc_content) && Showmsg('diary_content_same'); //內容驗證
-
- $dtid = (int)$dtid;
- $dtided = (int)$dtided;
- $privacy = (int)$privacy;
- $ifcopy = (int)$ifcopy;
- $ifupload = 0;
-
- /**
- * 附件修改
- */
- $oldattach = $replacedb = $unsetattach = array();
-
- $aid = $db->get_value("SELECT aid FROM pw_diary WHERE uid=".S::sqlEscape($winduid)." AND did=".S::sqlEscape($did));
-
- if ($aid) {
- S::gp(array('oldatt_desc'), 'P');
- $oldattach = unserialize(stripslashes($aid));
- foreach ($oldattach as $key => $value) {
- $v = array(
- 'special' => 0, 'ctype' => '',
- 'needrvrc' => 0, 'desc' => $oldatt_desc[$key]
- );
- $oldattach[$key] = array_merge($oldattach[$key], $v);
-
- if (array_key_exists('replace_'.$key, $_FILES)) {
- $db_attachnum++;
- $replacedb[$key] = $oldattach[$key];
- } elseif ($value['desc'] <> $v['desc']) {
- $runsql[] = 'UPDATE pw_attachs SET ' . S::sqlSingle(array(
- 'needrvrc' => $v['needrvrc'],
- 'descrip' => $v['desc'],
- 'special' => $v['special'],
- 'ctype' => $v['ctype']
- )) . ' WHERE aid=' . S::sqlEscape($key);
- }
- }
- }
-
- $aids = $attachs = array();
- L::loadClass('diaryupload', 'upload', false);
- if (PwUpload::getUploadNum() || $flashatt) {
- S::gp(array('savetoalbum', 'albumid'), 'P', 2);
- $diaryUpload = new DiaryUpload($winduid, $flashatt, $savetoalbum, $albumid);
- $diaryUpload->check();
- $diaryUpload->setReplaceAtt($replacedb);
- PwUpload::upload($diaryUpload);
- $aids = $diaryUpload->getAids();
- $attachs = $diaryUpload->getAttachs();
- $attachIds = $diaryUpload->getAttachIds();
- $ifupload = $diaryUpload->ifupload;
- if ($oldattach && $diaryUpload->replacedb) {
- foreach ($diaryUpload->replacedb as $key => $value) {
- $oldattach[$key] = $value;
- }
- }
- }
-
- if ($attachs) {
- foreach ($attachs as $key => $value) {
- $oldattach[$key] = $value;
- }
- $userService = L::loadClass('UserService', 'user'); /* @var $userService PW_UserService */
- $userService->update($winduid, array(), array('uploadtime'=>$winddb['uploadtime'], 'uploadnum'=>$winddb['uploadnum']));
- }
-
- if ($oldattach) {
- $oldattach = addslashes(serialize($oldattach));
- } else {
- $oldattach = '';
- }
- /**
- * 附件修改
- */
- /**
- $pwSQL = S::sqlSingle(array(
- 'dtid' => $dtid,
- 'aid' => $oldattach,
- 'privacy' => $privacy,
- 'subject' => $atc_title,
- 'content' => $atc_content,
- 'ifcopy' => $ifcopy,
- 'ifconvert' => $ifconvert,
- 'ifupload' => $ifupload,
- 'ifwordsfb' => $ifwordsfb,
- ));
- $db->update("UPDATE pw_diary SET $pwSQL WHERE uid=".S::sqlEscape($winduid)." AND did=".S::sqlEscape($did));
- **/
- $pwSQL = array(
- 'dtid' => $dtid,
- 'aid' => $oldattach,
- 'privacy' => $privacy,
- 'subject' => $atc_title,
- 'content' => $atc_content,
- 'ifcopy' => $ifcopy,
- 'ifconvert' => $ifconvert,
- 'ifupload' => $ifupload,
- 'ifwordsfb' => $ifwordsfb,
- );
- pwQuery::update('pw_diary', 'uid =:uid AND did =:did', array($winduid, $did), $pwSQL);
-
- if ($aids) {
- $diaryService = L::loadClass('Diary', 'diary');
- $diaryService->updateDiaryContentByAttach($did, $attachIds);
- $db->update("UPDATE pw_attachs SET did=" . S::sqlEscape($did) . " WHERE aid IN(" . S::sqlImplode($aids) . ")");
- }
-
- if ($dtided != $dtid) {
- $db->update("UPDATE pw_diarytype SET num=num-1 WHERE uid=".S::sqlEscape($winduid)." AND dtid=".S::sqlEscape($dtided));
- $db->update("UPDATE pw_diarytype SET num=num+1 WHERE uid=".S::sqlEscape($winduid)." AND dtid=".S::sqlEscape($dtid));
- }
-
- if ($privacyed == 2 && $privacy !=2) {
- countPosts('+1');
- } elseif ($privacyed != 2 && $privacy ==2) {
- if ($affected_rows = delAppAction('diary',$did)) {
- countPosts("-$affected_rows");
- }
- }
- // defend start
- CloudWind::YunPostDefend ( $winduid, $windid, $groupid, $did, $atc_title, $atc_content, 'editdiary' );
- // defend end
- $url = "{$basename}a=detail&did=$did";
- $msg = defined('AJAX') ? "success\t".$url : 'operate_success';
- refreshto($url, $msg);
- }
- } elseif ($a == 'copydiary') {
- define('AJAX', 1);
- define('F_M',true);
- banUser();
- S::gp(array('did'));
-
- empty($did) && Showmsg('data_error');
-
- $dtsel = '';
- $query = $db->query("SELECT * FROM pw_diarytype WHERE uid=".S::sqlEscape($winduid)." ORDER BY dtid");
- while ($rt = $db->fetch_array($query)) {
- $dtsel .= "<option value=\"$rt[dtid]\">$rt[name]</option>";
- }
- require_once PrintEot('m_ajax');ajax_footer();
-
- } elseif ($a == 'next') {
-
- define('AJAX',1);
- $did = (int)S::getGP('did');
- $fuid = (int)S::getGP('fuid');
-
- $uid = $fuid ? $fuid : $winduid;
- $sqladd = "WHERE uid=".S::sqlEscape($uid);
- if ($uid != $winduid) {
- $sqladd .= " AND privacy!=2 AND did>".S::sqlEscape($did);
- $basename = $basename."a=frienddetail&fuid=$uid&";
- } else {
- $sqladd .= " AND did>".S::sqlEscape($did);
- $basename = $basename."a=detail&";
- }
- $did = $db->get_value("SELECT MIN(did) FROM pw_diary $sqladd");
- echo "success\t$did\t$basename";
- ajax_footer();
-
- } elseif ($a == 'pre') {
-
- define('AJAX',1);
- $did = (int)S::getGP('did');
- $fuid = (int)S::getGP('fuid');
- $uid = $fuid ? $fuid : $winduid;
- $sqladd = "WHERE uid=".S::sqlEscape($uid);
- if ($uid != $winduid) {
- $sqladd .= " AND privacy!=2 AND did<".S::sqlEscape($did);
- $basename = $basename."a=frienddetail&fuid=$uid&";
- } else {
- $sqladd .= " AND did<".S::sqlEscape($did);
- $basename = $basename."a=detail&";
- }
-
- $did = $db->get_value("SELECT MAX(did) FROM pw_diary $sqladd");
- echo "success\t$did\t$basename";
- ajax_footer();
-
- }
- if($s) require_once PrintEot('m_diary_bottom');
- else require_once PrintEot('m_diary');
-
- pwOutPut();
-
-