/[LeafOK_CVS]/fenglin/bbs/article_service_post.php
ViewVC logotype

Annotation of /fenglin/bbs/article_service_post.php

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.13 - (hide annotations)
Wed Feb 11 10:59:14 2026 UTC (4 weeks, 6 days ago) by sysadm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.12: +5 -3 lines 
Replace string concat operation with implode() for xxxx_id_list
1 sysadm 1.1 <?php
2     require_once "../lib/common.inc.php";
3     require_once "../lib/db_open.inc.php";
4     require_once "../lib/lml.inc.php";
5     require_once "../lib/str_process.inc.php";
6     require_once "./article_op.inc.php";
7     require_once "./session_init.inc.php";
8     require_once "./check_sub.inc.php";
9    
10     force_login();
11    
12     $id = (isset($_POST["id"]) ? intval($_POST["id"]) : 0);
13     $reply_id = (isset($_POST["reply_id"]) ? intval($_POST["reply_id"]) : 0);
14     $sid = (isset($_POST["sid"]) ? intval($_POST["sid"]) : $BBS_default_sid);
15     $title = (isset($_POST["title"]) ? trim($_POST["title"]) : "");
16     $transship = (isset($_POST["transship"]) && $_POST["transship"] == "1" ? 1 : 0);
17     $content = (isset($_POST["content"]) ? $_POST["content"] : "");
18     $emoji = (isset($_POST["emoji"]) ? intval($_POST["emoji"]) : 1);
19     $reply_note = (isset($_POST["reply_note"]) && $_POST["reply_note"] == "1" ? 1 : 0);
20     $sign_id = (isset($_POST["sign_id"]) ? intval($_POST["sign_id"]) : 0);
21    
22     $result_set = array(
23     "return" => array(
24     "code" => 0,
25     "tid" => 0,
26     "aid" => 0,
27     "message" => "",
28     "errorFields" => array(),
29     )
30     );
31    
32     header("Content-Type:application/json; charset=utf-8");
33    
34     // Validate input
35     if ($title == "")
36     {
37     $result_set["return"]["code"] = -1;
38     array_push($result_set["return"]["errorFields"], array(
39     "id" => "title",
40     "errMsg" => "不能为空",
41     ));
42     }
43    
44     $r_title = split_line($title, "", 80, 1);
45     if ($title != $r_title)
46     {
47     $result_set["return"]["code"] = -1;
48     array_push($result_set["return"]["errorFields"], array(
49     "id" => "title",
50     "errMsg" => "超长已截断",
51     "updateValue" => $r_title,
52     ));
53     }
54    
55 sysadm 1.12 $bw_count = 0;
56     $r_title = check_badwords($title, "****", $bw_count);
57     if ($bw_count > 0)
58 sysadm 1.1 {
59     $result_set["return"]["code"] = -1;
60     array_push($result_set["return"]["errorFields"], array(
61     "id" => "title",
62     "errMsg" => "已过滤",
63     "updateValue" => $r_title,
64     ));
65     }
66    
67 sysadm 1.12 $bw_count = 0;
68     $r_content = check_badwords($content, "****", $bw_count);
69     if ($bw_count > 0)
70 sysadm 1.1 {
71     $result_set["return"]["code"] = -1;
72     array_push($result_set["return"]["errorFields"], array(
73     "id" => "content",
74     "errMsg" => "已过滤",
75     "updateValue" => $r_content,
76     ));
77     }
78    
79     if ($emoji <= 0 || $emoji > $BBS_emoji_count)
80     {
81     $result_set["return"]["code"] = -1;
82     array_push($result_set["return"]["errorFields"], array(
83     "id" => "emoji",
84     "errMsg" => "选择有误",
85     ));
86     }
87    
88     if ($sign_id < 0 || $sign_id > 3)
89     {
90     $result_set["return"]["code"] = -1;
91     array_push($result_set["return"]["errorFields"], array(
92     "id" => "sign",
93     "errMsg" => "选择有误",
94     ));
95     }
96    
97     if ($result_set["return"]["code"] != 0)
98     {
99     mysqli_close($db_conn);
100     exit(json_encode($result_set));
101     }
102    
103     // Append sign for new post
104     if ($id == 0 && $sign_id > 0)
105     {
106     $sql = "SELECT sign_" . $sign_id . " AS sign FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];
107     $rs = mysqli_query($db_conn, $sql);
108     if ($rs == false)
109     {
110     $result_set["return"]["code"] = -2;
111     $result_set["return"]["message"] = "Query sign error: " . mysqli_error($db_conn);
112 sysadm 1.5
113 sysadm 1.1 mysqli_close($db_conn);
114     exit(json_encode($result_set));
115     }
116    
117     if($row = mysqli_fetch_array($rs))
118     {
119     $content .= ("\n\n--\n" . split_line($row["sign"], "", 80, 10) . "\n");
120     }
121     mysqli_free_result($rs);
122     }
123    
124     // Append indication of article update
125     if ($id != 0)
126     {
127 sysadm 1.7 $content .= ("\n--\n※ 作者已于 " . (new DateTimeImmutable("", $_SESSION["BBS_user_tz"]))->format("Y-m-d H:i:s (\U\T\C P)") . " 修改本文※\n");
128 sysadm 1.1 }
129    
130     // Calculate length of content
131 sysadm 1.11 $length = str_length($content, true);
132 sysadm 1.1
133     // Initial variables
134     $tid = 0;
135     $nickname = "";
136     $exp = 0;
137    
138     // Begin transaction
139     $rs = mysqli_query($db_conn, "SET autocommit=0");
140     if ($rs == false)
141     {
142     $result_set["return"]["code"] = -2;
143     $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
144    
145     mysqli_close($db_conn);
146     exit(json_encode($result_set));
147     }
148 sysadm 1.5
149 sysadm 1.1 $rs = mysqli_query($db_conn, "BEGIN");
150     if ($rs == false)
151     {
152     $result_set["return"]["code"] = -2;
153     $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
154    
155     mysqli_close($db_conn);
156     exit(json_encode($result_set));
157     }
158    
159     if($id == 0) // Post article
160     {
161     if (time() - $_SESSION["BBS_last_sub_tm"] < 5)
162     {
163     $result_set["return"]["code"] = -1;
164     array_push($result_set["return"]["errorFields"], array(
165     "id" => "prompt",
166     "errMsg" => "发帖过于频繁,请稍等",
167     ));
168    
169     mysqli_close($db_conn);
170     exit(json_encode($result_set));
171     }
172 sysadm 1.5
173 sysadm 1.1 if ($reply_id == 0) // Post new thread
174     {
175     $sql = "SELECT SID FROM section_config WHERE SID = $sid AND enable";
176    
177     $rs = mysqli_query($db_conn, $sql);
178     if ($rs == false)
179     {
180     $result_set["return"]["code"] = -2;
181     $result_set["return"]["message"] = "Query section error: " . mysqli_error($db_conn);
182 sysadm 1.5
183 sysadm 1.1 mysqli_close($db_conn);
184     exit(json_encode($result_set));
185     }
186 sysadm 1.5
187 sysadm 1.1 if (mysqli_num_rows($rs) == 0)
188     {
189     $result_set["return"]["code"] = -1;
190     array_push($result_set["return"]["errorFields"], array(
191     "id" => "prompt",
192     "errMsg" => "版块不存在!",
193     ));
194 sysadm 1.5
195 sysadm 1.1 mysqli_close($db_conn);
196     exit(json_encode($result_set));
197     }
198     mysqli_free_result($rs);
199    
200     if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_POST))
201     {
202     $result_set["return"]["code"] = -1;
203     array_push($result_set["return"]["errorFields"], array(
204     "id" => "prompt",
205     "errMsg" => "您无权发表文章!",
206     ));
207 sysadm 1.5
208 sysadm 1.1 mysqli_close($db_conn);
209     exit(json_encode($result_set));
210     }
211    
212     if (check_post_count(5, $sid, true, $db_conn) != true)
213     {
214     $result_set["return"]["code"] = -1;
215     array_push($result_set["return"]["errorFields"], array(
216     "id" => "prompt",
217     "errMsg" => "本版连续发表主题数量达到上限",
218     ));
219 sysadm 1.5
220 sysadm 1.1 mysqli_close($db_conn);
221     exit(json_encode($result_set));
222     }
223     }
224     else // Reply article
225     {
226     $sql = "SELECT TID, SID, title, `lock` FROM bbs WHERE AID = $reply_id AND visible FOR UPDATE";
227 sysadm 1.5
228 sysadm 1.1 $rs = mysqli_query($db_conn, $sql);
229     if ($rs == false)
230     {
231     $result_set["return"]["code"] = -2;
232     $result_set["return"]["message"] = "Query article error: " . mysqli_error($db_conn);
233 sysadm 1.5
234 sysadm 1.1 mysqli_close($db_conn);
235     exit(json_encode($result_set));
236     }
237    
238     if ($row = mysqli_fetch_array($rs))
239     {
240     $tid = $row["TID"];
241     $sid = $row["SID"];
242     $r_title = $row["title"];
243     $lock = $row["lock"];
244     }
245     else
246     {
247     $result_set["return"]["code"] = -1;
248     array_push($result_set["return"]["errorFields"], array(
249     "id" => "prompt",
250     "errMsg" => "回复的文章不存在!",
251     ));
252 sysadm 1.5
253 sysadm 1.1 mysqli_close($db_conn);
254     exit(json_encode($result_set));
255 sysadm 1.5 }
256 sysadm 1.1 mysqli_free_result($rs);
257    
258     if ($tid != 0) // Article to be replied is not the head of topic thread
259     {
260     $sql = "SELECT SID, title, `lock` FROM bbs WHERE AID = $tid AND visible FOR UPDATE";
261    
262     $rs = mysqli_query($db_conn, $sql);
263     if ($rs == false)
264     {
265     $result_set["return"]["code"] = -2;
266     $result_set["return"]["message"] = "Query article error: " . mysqli_error($db_conn);
267 sysadm 1.5
268 sysadm 1.1 mysqli_close($db_conn);
269     exit(json_encode($result_set));
270     }
271 sysadm 1.5
272 sysadm 1.1 if ($row = mysqli_fetch_array($rs))
273     {
274     $sid = $row["SID"]; // In case of inconsistent SID data
275     $r_title = $row["title"];
276     $lock = $row["lock"];
277     }
278     else
279     {
280     $result_set["return"]["code"] = -1;
281     array_push($result_set["return"]["errorFields"], array(
282     "id" => "prompt",
283     "errMsg" => "回复的主题不存在!",
284     ));
285 sysadm 1.5
286 sysadm 1.1 mysqli_close($db_conn);
287     exit(json_encode($result_set));
288     }
289 sysadm 1.5 mysqli_free_result($rs);
290 sysadm 1.1 }
291     else
292     {
293     $tid = $reply_id; // Set tid to the head of the replied thread
294     }
295    
296     if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_POST))
297     {
298     $result_set["return"]["code"] = -1;
299     array_push($result_set["return"]["errorFields"], array(
300     "id" => "prompt",
301     "errMsg" => "您无权发表文章!",
302     ));
303 sysadm 1.5
304 sysadm 1.1 mysqli_close($db_conn);
305     exit(json_encode($result_set));
306     }
307    
308     if ($lock)
309     {
310     $result_set["return"]["code"] = -1;
311     array_push($result_set["return"]["errorFields"], array(
312     "id" => "prompt",
313     "errMsg" => "该主题谢绝回复!",
314     ));
315 sysadm 1.5
316 sysadm 1.1 mysqli_close($db_conn);
317     exit(json_encode($result_set));
318     }
319    
320     if (check_post_count(10, $sid, false, $db_conn) != true)
321     {
322     $result_set["return"]["code"] = -1;
323     array_push($result_set["return"]["errorFields"], array(
324     "id" => "prompt",
325     "errMsg" => "本版连续发表文章数量达到上限",
326     ));
327 sysadm 1.5
328 sysadm 1.1 mysqli_close($db_conn);
329     exit(json_encode($result_set));
330     }
331     }
332    
333     $sql = "SELECT nickname, exp FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];
334     $rs = mysqli_query($db_conn, $sql);
335     if ($rs == false)
336     {
337     $result_set["return"]["code"] = -2;
338     $result_set["return"]["message"] = "Query user pubinfo error: " . mysqli_error($db_conn);
339 sysadm 1.5
340 sysadm 1.1 mysqli_close($db_conn);
341     exit(json_encode($result_set));
342     }
343 sysadm 1.5
344 sysadm 1.1 if($row = mysqli_fetch_array($rs))
345     {
346 sysadm 1.3 $nickname = $row["nickname"];
347 sysadm 1.1 $exp = $row["exp"];
348     }
349     mysqli_free_result($rs);
350     }
351     else // Modify article
352     {
353     $sql = "SELECT TID, UID, SID, excerption FROM bbs WHERE AID = $id AND visible FOR UPDATE";
354    
355     $rs = mysqli_query($db_conn, $sql);
356     if ($rs == false)
357     {
358     $result_set["return"]["code"] = -2;
359     $result_set["return"]["message"] = "Query article error: " . mysqli_error($db_conn);
360 sysadm 1.5
361 sysadm 1.1 mysqli_close($db_conn);
362     exit(json_encode($result_set));
363     }
364 sysadm 1.5
365 sysadm 1.1 if($row = mysqli_fetch_array($rs))
366     {
367     $tid = ($row["TID"] > 0 ? $row["TID"] : $id);
368     $uid = $row["UID"];
369     $sid = $row["SID"];
370     $excerption = $row["excerption"];
371     }
372     else
373     {
374     $result_set["return"]["code"] = -1;
375     array_push($result_set["return"]["errorFields"], array(
376     "id" => "prompt",
377     "errMsg" => "修改的文章不存在!",
378     ));
379 sysadm 1.5
380 sysadm 1.1 mysqli_close($db_conn);
381     exit(json_encode($result_set));
382     }
383     mysqli_free_result($rs);
384 sysadm 1.5
385 sysadm 1.1 if (!($_SESSION["BBS_priv"]->checkpriv($sid, S_POST) && $_SESSION["BBS_uid"] == $uid && (!$excerption)))
386     {
387     $result_set["return"]["code"] = -1;
388     array_push($result_set["return"]["errorFields"], array(
389     "id" => "prompt",
390     "errMsg" => "您无权修改此文章!",
391     ));
392 sysadm 1.5
393 sysadm 1.1 mysqli_close($db_conn);
394     exit(json_encode($result_set));
395 sysadm 1.5 }
396 sysadm 1.1 }
397    
398     // Get upload quota and used space
399 sysadm 1.13 $atta_id_list = array(-1);
400 sysadm 1.1 $attachment_count = (isset($_FILES['attachment']['error']) ? count($_FILES['attachment']['error']) : 0);
401     if ($attachment_count > $BBS_upload_count_limit)
402     {
403     $result_set["return"]["code"] = -1;
404     array_push($result_set["return"]["errorFields"], array(
405     "id" => "attachment",
406     "errMsg" => "文件数量超过限制",
407     ));
408    
409     mysqli_close($db_conn);
410     exit(json_encode($result_set));
411     }
412    
413     $upload_limit = 0;
414     $upload_used = 0;
415     $upload_size = 0;
416    
417     if ($attachment_count > 0)
418     {
419     $sql = "SELECT upload_limit FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];
420     $rs = mysqli_query($db_conn, $sql);
421     if ($rs == false)
422     {
423     $result_set["return"]["code"] = -2;
424     $result_set["return"]["message"] = "Query upload limit error: " . mysqli_error($db_conn);
425 sysadm 1.5
426 sysadm 1.1 mysqli_close($db_conn);
427     exit(json_encode($result_set));
428     }
429 sysadm 1.5
430 sysadm 1.1 if ($row = mysqli_fetch_array($rs))
431     {
432     $upload_limit = $row["upload_limit"];
433     }
434     mysqli_free_result($rs);
435 sysadm 1.5
436 sysadm 1.1 $sql = "SELECT COUNT(size) AS upload_used FROM upload_file WHERE UID = " . $_SESSION["BBS_uid"] .
437     " AND deleted = 0";
438 sysadm 1.5
439 sysadm 1.1 $rs = mysqli_query($db_conn, $sql);
440     if ($rs == false)
441     {
442     $result_set["return"]["code"] = -2;
443     $result_set["return"]["message"] = "Query upload file error: " . mysqli_error($db_conn);
444 sysadm 1.5
445 sysadm 1.1 mysqli_close($db_conn);
446     exit(json_encode($result_set));
447     }
448 sysadm 1.5
449 sysadm 1.1 if ($row = mysqli_fetch_array($rs))
450     {
451     $upload_used = $row["upload_used"];
452     }
453     mysqli_free_result($rs);
454     }
455    
456     // Validate attachments
457     for ($i = 0; $i < $attachment_count; $i++)
458     {
459     if (!isset($_FILES['attachment']['error'][$i]) || $_FILES['attachment']['error'][$i] != UPLOAD_ERR_OK)
460     {
461     $result_set["return"]["code"] = -1;
462     array_push($result_set["return"]["errorFields"], array(
463     "id" => "attachment",
464     "errMsg" => "上传文件错误",
465     ));
466 sysadm 1.5
467 sysadm 1.1 mysqli_close($db_conn);
468     exit(json_encode($result_set));
469     }
470    
471     $filesize = $_FILES['attachment']['size'][$i];
472     $filename = $_FILES['attachment']['name'][$i];
473    
474     if ($filesize > 0)
475     {
476     if ($filesize > 1024 * 1024 * 2)
477     {
478     $result_set["return"]["code"] = -1;
479     array_push($result_set["return"]["errorFields"], array(
480     "id" => "attachment",
481     "errMsg" => "文件大小超过限制",
482     ));
483 sysadm 1.5
484 sysadm 1.1 mysqli_close($db_conn);
485     exit(json_encode($result_set));
486     }
487    
488     $upload_used += $filesize;
489     if ($upload_used > $upload_limit)
490     {
491     $result_set["return"]["code"] = -1;
492     array_push($result_set["return"]["errorFields"], array(
493     "id" => "attachment",
494     "errMsg" => "用户上传空间配额不足",
495     ));
496 sysadm 1.5
497 sysadm 1.1 mysqli_close($db_conn);
498     exit(json_encode($result_set));
499     }
500    
501 sysadm 1.4 $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
502 sysadm 1.1 switch ($ext)
503     {
504     case "bmp":
505     case "gif":
506     case "jpg":
507     case "jpeg":
508     case "png":
509     case "tif":
510     case "tiff":
511     case "txt":
512     case "zip":
513     case "rar":
514     break;
515     default:
516     $result_set["return"]["code"] = -1;
517     array_push($result_set["return"]["errorFields"], array(
518     "id" => "attachment",
519     "errMsg" => "不支持的文件扩展名",
520     ));
521 sysadm 1.5
522 sysadm 1.1 mysqli_close($db_conn);
523     exit(json_encode($result_set));
524     }
525 sysadm 1.5
526 sysadm 1.1 $finfo = new finfo(FILEINFO_MIME_TYPE);
527     $mime_type = $finfo->file($_FILES['attachment']['tmp_name'][$i]);
528     $real_ext = array_search($mime_type, array(
529     'txt' => 'text/plain',
530     'bmp' => 'image/x-ms-bmp',
531     'jpg' => 'image/jpeg',
532     'png' => 'image/png',
533     'gif' => 'image/gif',
534     'tif' => 'image/tiff',
535     'rar' => 'application/x-rar',
536     'zip' => 'application/zip',
537     ), true);
538 sysadm 1.5
539 sysadm 1.1 if ($real_ext === false)
540     {
541     $result_set["return"]["code"] = -1;
542     array_push($result_set["return"]["errorFields"], array(
543     "id" => "attachment",
544     "errMsg" => "不支持的文件格式",
545     ));
546 sysadm 1.5
547 sysadm 1.1 mysqli_close($db_conn);
548     exit(json_encode($result_set));
549     }
550     }
551     }
552    
553     // Store attachments
554     for ($i = 0; $i < $attachment_count; $i++)
555     {
556     $filesize = $_FILES['attachment']['size'][$i];
557     $filename = $_FILES['attachment']['name'][$i];
558    
559     $sql = "INSERT INTO upload_file(UID, size, filename, `check`) VALUES(" .
560     $_SESSION["BBS_uid"] . ", $filesize, '$filename', 0)";
561    
562     $rs = mysqli_query($db_conn, $sql);
563     if ($rs == false)
564     {
565     $result_set["return"]["code"] = -2;
566     $result_set["return"]["message"] = "Add upload file error: " . mysqli_error($db_conn);
567 sysadm 1.5
568 sysadm 1.1 mysqli_close($db_conn);
569     exit(json_encode($result_set));
570     }
571 sysadm 1.5
572 sysadm 1.1 $attachment_id = mysqli_insert_id($db_conn);
573 sysadm 1.13 array_push($atta_id_list, $attachment_id);
574 sysadm 1.1
575     $file_path = "upload/" . $attachment_id;
576     if(!move_uploaded_file($_FILES['attachment']['tmp_name'][$i], $file_path))
577     {
578     $result_set["return"]["code"] = -2;
579     $result_set["return"]["message"] = "Copy file error";
580 sysadm 1.5
581 sysadm 1.1 mysqli_close($db_conn);
582     exit(json_encode($result_set));
583     }
584     }
585    
586     // Add content
587     $sql = "INSERT INTO bbs_content(AID, content) values(0, '" .
588     mysqli_real_escape_string($db_conn, $content) . "')";
589    
590     $rs = mysqli_query($db_conn, $sql);
591     if ($rs == false)
592     {
593     $result_set["return"]["code"] = -2;
594     $result_set["return"]["message"] = "Add content error: " . mysqli_error($db_conn);
595 sysadm 1.5
596 sysadm 1.1 mysqli_close($db_conn);
597     exit(json_encode($result_set));
598     }
599     $cid = mysqli_insert_id($db_conn);
600    
601     if($id == 0) // Post article
602     {
603     $sql = "INSERT INTO bbs(SID, TID, UID, username, nickname, title, CID, transship,
604     sub_dt, sub_ip, reply_note, exp, last_reply_dt, icon, length)
605     VALUES($sid, $tid, " . $_SESSION["BBS_uid"] . ", '" .
606     $_SESSION["BBS_username"] . "', '" .
607     mysqli_real_escape_string($db_conn, $nickname) . "', '" .
608     mysqli_real_escape_string($db_conn, $title) . "', " .
609     "$cid, $transship, NOW(), '" . client_addr() .
610     "', $reply_note, $exp, NOW(), $emoji, $length)";
611    
612     $rs = mysqli_query($db_conn, $sql);
613     if ($rs == false)
614     {
615     $result_set["return"]["code"] = -2;
616     $result_set["return"]["message"] = "Add article error: " . mysqli_error($db_conn);
617 sysadm 1.5
618 sysadm 1.1 mysqli_close($db_conn);
619     exit(json_encode($result_set));
620     }
621     $aid = mysqli_insert_id($db_conn);
622    
623     //Set last reply info
624     if ($reply_id > 0)
625     {
626     $sql = "UPDATE bbs SET reply_count = reply_count + 1,
627     last_reply_dt = NOW(), last_reply_UID=" . $_SESSION["BBS_uid"] .
628     ", last_reply_username = '" . $_SESSION["BBS_username"] .
629 sysadm 1.3 "', last_reply_nickname = '" . mysqli_real_escape_string($db_conn, $nickname) .
630     "' WHERE Aid = $tid";
631 sysadm 1.1
632     $rs = mysqli_query($db_conn, $sql);
633     if ($rs == false)
634     {
635     $result_set["return"]["code"] = -2;
636     $result_set["return"]["message"] = "Update replied article error: " . mysqli_error($db_conn);
637 sysadm 1.5
638 sysadm 1.1 mysqli_close($db_conn);
639     exit(json_encode($result_set));
640     }
641    
642 sysadm 1.8 //Notify the authors of the topic / article which is replyed.
643     $sql = "SELECT DISTINCT UID FROM bbs WHERE (AID = $tid OR AID = $reply_id)
644 sysadm 1.1 AND visible AND reply_note AND UID <> " . $_SESSION["BBS_uid"];
645    
646     $rs = mysqli_query($db_conn, $sql);
647     if ($rs == false)
648     {
649     $result_set["return"]["code"] = -2;
650     $result_set["return"]["message"] = "Read reply info error: " . mysqli_error($db_conn);
651 sysadm 1.5
652 sysadm 1.1 mysqli_close($db_conn);
653     exit(json_encode($result_set));
654     }
655    
656     while ($row = mysqli_fetch_array($rs))
657     {
658     //Send notification message
659 sysadm 1.9 $msg_content = "有人回复了您所发表/回复的文章,快来".
660 sysadm 1.1 "[article $aid]看看[/article]《" . $r_title . "》吧!\n";
661    
662     $sql = "INSERT INTO bbs_msg(fromUID, toUID, content, send_dt, send_ip)
663 sysadm 1.5 VALUES($BBS_sys_uid, " . $row["UID"] . ", '" .
664 sysadm 1.1 mysqli_real_escape_string($db_conn, $msg_content) .
665     "', NOW(), '" . client_addr() . "')";
666    
667     $rs_msg = mysqli_query($db_conn, $sql);
668     if ($rs_msg == false)
669     {
670     $result_set["return"]["code"] = -2;
671     $result_set["return"]["message"] = "Insert msg error: " . mysqli_error($db_conn);
672 sysadm 1.5
673 sysadm 1.1 mysqli_close($db_conn);
674     exit(json_encode($result_set));
675     }
676 sysadm 1.5 }
677 sysadm 1.1
678     mysqli_free_result($rs);
679     }
680     else // Post new article
681     {
682     $tid = $aid;
683     }
684    
685     //Add exp
686     if ($_SESSION["BBS_priv"]->checkpriv($sid, S_GETEXP)) //Except in test section
687     {
688     $rs = user_exp_change($_SESSION["BBS_uid"], ($reply_id > 0 ? 3 : ($transship ? 5 : 15)), $db_conn);
689     if ($rs == false)
690     {
691     $result_set["return"]["code"] = -2;
692     $result_set["return"]["message"] = "Add exp error: " . mysqli_error($db_conn);
693 sysadm 1.5
694 sysadm 1.1 mysqli_close($db_conn);
695     exit(json_encode($result_set));
696     }
697     }
698     }
699     else // Modify article
700     {
701     $aid = $id;
702    
703     $sql = "UPDATE bbs SET CID = $cid, reply_note = $reply_note,
704     icon = $emoji, length = $length WHERE AID = $aid";
705    
706     $rs = mysqli_query($db_conn, $sql);
707     if ($rs == false)
708     {
709     $result_set["return"]["code"] = -2;
710     $result_set["return"]["message"] = "Update article error: " . mysqli_error($db_conn);
711    
712     mysqli_close($db_conn);
713     exit(json_encode($result_set));
714     }
715     }
716    
717     // Link content to article
718     $sql = "UPDATE bbs_content SET AID = $aid WHERE CID = $cid";
719    
720     $rs = mysqli_query($db_conn, $sql);
721     if ($rs == false)
722     {
723     $result_set["return"]["code"] = -2;
724     $result_set["return"]["message"] = "Update content error: " . mysqli_error($db_conn);
725    
726     mysqli_close($db_conn);
727     exit(json_encode($result_set));
728     }
729    
730     // Link attachments to article
731 sysadm 1.13 $sql = "UPDATE upload_file SET ref_AID = $aid WHERE AID IN (" .
732     implode(",", $atta_id_list) .
733     ")";
734 sysadm 1.1
735     $rs = mysqli_query($db_conn, $sql);
736     if ($rs == false)
737     {
738     $result_set["return"]["code"] = -2;
739     $result_set["return"]["message"] = "Update upload file error: " . mysqli_error($db_conn);
740    
741     mysqli_close($db_conn);
742     exit(json_encode($result_set));
743     }
744    
745     // Add log
746     $rs = article_op_log($aid, $_SESSION["BBS_uid"], ($id == 0 ? "A" : "M"), client_addr(), $db_conn);
747     if ($rs == false)
748     {
749     $result_set["return"]["code"] = -2;
750     $result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);
751 sysadm 1.5
752 sysadm 1.1 mysqli_close($db_conn);
753     exit(json_encode($result_set));
754     }
755    
756     // Commit transaction
757     $rs = mysqli_query($db_conn, "COMMIT");
758     if ($rs == false)
759     {
760     $result_set["return"]["code"] = -2;
761     $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
762    
763     mysqli_close($db_conn);
764     exit(json_encode($result_set));
765     }
766    
767     // Set return path
768     $result_set["return"]["aid"] = $aid;
769    
770     $_SESSION["BBS_last_sub_tm"] = time();
771    
772     mysqli_close($db_conn);
773     exit(json_encode($result_set));
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1