/[LeafOK_CVS]/fenglin/bbs/article_service_post.php
ViewVC logotype

Annotation of /fenglin/bbs/article_service_post.php

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.6 - (hide annotations)
Tue Apr 29 11:55:32 2025 UTC (10 months, 2 weeks ago) by sysadm
Branch: MAIN
Changes since 1.5: +0 -1 lines 
Remove redundant PHP closing tag
1 sysadm 1.1 <?php
2     require_once "../lib/common.inc.php";
3     require_once "../lib/db_open.inc.php";
4     require_once "../lib/lml.inc.php";
5     require_once "../lib/str_process.inc.php";
6     require_once "./article_op.inc.php";
7     require_once "./session_init.inc.php";
8     require_once "./check_sub.inc.php";
9    
10     force_login();
11    
12     $id = (isset($_POST["id"]) ? intval($_POST["id"]) : 0);
13     $reply_id = (isset($_POST["reply_id"]) ? intval($_POST["reply_id"]) : 0);
14     $sid = (isset($_POST["sid"]) ? intval($_POST["sid"]) : $BBS_default_sid);
15     $title = (isset($_POST["title"]) ? trim($_POST["title"]) : "");
16     $transship = (isset($_POST["transship"]) && $_POST["transship"] == "1" ? 1 : 0);
17     $content = (isset($_POST["content"]) ? $_POST["content"] : "");
18     $emoji = (isset($_POST["emoji"]) ? intval($_POST["emoji"]) : 1);
19     $reply_note = (isset($_POST["reply_note"]) && $_POST["reply_note"] == "1" ? 1 : 0);
20     $sign_id = (isset($_POST["sign_id"]) ? intval($_POST["sign_id"]) : 0);
21    
22     $result_set = array(
23     "return" => array(
24     "code" => 0,
25     "tid" => 0,
26     "aid" => 0,
27     "message" => "",
28     "errorFields" => array(),
29     )
30     );
31    
32     header("Content-Type:application/json; charset=utf-8");
33    
34     // Validate input
35     if ($title == "")
36     {
37     $result_set["return"]["code"] = -1;
38     array_push($result_set["return"]["errorFields"], array(
39     "id" => "title",
40     "errMsg" => "不能为空",
41     ));
42     }
43    
44     $r_title = split_line($title, "", 80, 1);
45     if ($title != $r_title)
46     {
47     $result_set["return"]["code"] = -1;
48     array_push($result_set["return"]["errorFields"], array(
49     "id" => "title",
50     "errMsg" => "超长已截断",
51     "updateValue" => $r_title,
52     ));
53     }
54    
55     $r_title = check_badwords($title, "****");
56     if ($title != $r_title)
57     {
58     $result_set["return"]["code"] = -1;
59     array_push($result_set["return"]["errorFields"], array(
60     "id" => "title",
61     "errMsg" => "已过滤",
62     "updateValue" => $r_title,
63     ));
64     }
65    
66     $r_content = check_badwords($content, "****");
67     if ($content != $r_content)
68     {
69     $result_set["return"]["code"] = -1;
70     array_push($result_set["return"]["errorFields"], array(
71     "id" => "content",
72     "errMsg" => "已过滤",
73     "updateValue" => $r_content,
74     ));
75     }
76    
77     if ($emoji <= 0 || $emoji > $BBS_emoji_count)
78     {
79     $result_set["return"]["code"] = -1;
80     array_push($result_set["return"]["errorFields"], array(
81     "id" => "emoji",
82     "errMsg" => "选择有误",
83     ));
84     }
85    
86     if ($sign_id < 0 || $sign_id > 3)
87     {
88     $result_set["return"]["code"] = -1;
89     array_push($result_set["return"]["errorFields"], array(
90     "id" => "sign",
91     "errMsg" => "选择有误",
92     ));
93     }
94    
95     if ($result_set["return"]["code"] != 0)
96     {
97     mysqli_close($db_conn);
98     exit(json_encode($result_set));
99     }
100    
101     // Append sign for new post
102     if ($id == 0 && $sign_id > 0)
103     {
104     $sql = "SELECT sign_" . $sign_id . " AS sign FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];
105     $rs = mysqli_query($db_conn, $sql);
106     if ($rs == false)
107     {
108     $result_set["return"]["code"] = -2;
109     $result_set["return"]["message"] = "Query sign error: " . mysqli_error($db_conn);
110 sysadm 1.5
111 sysadm 1.1 mysqli_close($db_conn);
112     exit(json_encode($result_set));
113     }
114    
115     if($row = mysqli_fetch_array($rs))
116     {
117     $content .= ("\n\n--\n" . split_line($row["sign"], "", 80, 10) . "\n");
118     }
119     mysqli_free_result($rs);
120     }
121    
122     // Append indication of article update
123     if ($id != 0)
124     {
125     $content .= ("\n--\n※作者已于 " . date("Y-m-d H:i:s") . " 修改本文※\n");
126     }
127    
128     // Calculate length of content
129     $length = str_length(LML($content, false, false, 1024));
130    
131     // Initial variables
132     $tid = 0;
133     $nickname = "";
134     $exp = 0;
135    
136     // Begin transaction
137     $rs = mysqli_query($db_conn, "SET autocommit=0");
138     if ($rs == false)
139     {
140     $result_set["return"]["code"] = -2;
141     $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
142    
143     mysqli_close($db_conn);
144     exit(json_encode($result_set));
145     }
146 sysadm 1.5
147 sysadm 1.1 $rs = mysqli_query($db_conn, "BEGIN");
148     if ($rs == false)
149     {
150     $result_set["return"]["code"] = -2;
151     $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
152    
153     mysqli_close($db_conn);
154     exit(json_encode($result_set));
155     }
156    
157     if($id == 0) // Post article
158     {
159     if (time() - $_SESSION["BBS_last_sub_tm"] < 5)
160     {
161     $result_set["return"]["code"] = -1;
162     array_push($result_set["return"]["errorFields"], array(
163     "id" => "prompt",
164     "errMsg" => "发帖过于频繁,请稍等",
165     ));
166    
167     mysqli_close($db_conn);
168     exit(json_encode($result_set));
169     }
170 sysadm 1.5
171 sysadm 1.1 if ($reply_id == 0) // Post new thread
172     {
173     $sql = "SELECT SID FROM section_config WHERE SID = $sid AND enable";
174    
175     $rs = mysqli_query($db_conn, $sql);
176     if ($rs == false)
177     {
178     $result_set["return"]["code"] = -2;
179     $result_set["return"]["message"] = "Query section error: " . mysqli_error($db_conn);
180 sysadm 1.5
181 sysadm 1.1 mysqli_close($db_conn);
182     exit(json_encode($result_set));
183     }
184 sysadm 1.5
185 sysadm 1.1 if (mysqli_num_rows($rs) == 0)
186     {
187     $result_set["return"]["code"] = -1;
188     array_push($result_set["return"]["errorFields"], array(
189     "id" => "prompt",
190     "errMsg" => "版块不存在!",
191     ));
192 sysadm 1.5
193 sysadm 1.1 mysqli_close($db_conn);
194     exit(json_encode($result_set));
195     }
196     mysqli_free_result($rs);
197    
198     if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_POST))
199     {
200     $result_set["return"]["code"] = -1;
201     array_push($result_set["return"]["errorFields"], array(
202     "id" => "prompt",
203     "errMsg" => "您无权发表文章!",
204     ));
205 sysadm 1.5
206 sysadm 1.1 mysqli_close($db_conn);
207     exit(json_encode($result_set));
208     }
209    
210     if (check_post_count(5, $sid, true, $db_conn) != true)
211     {
212     $result_set["return"]["code"] = -1;
213     array_push($result_set["return"]["errorFields"], array(
214     "id" => "prompt",
215     "errMsg" => "本版连续发表主题数量达到上限",
216     ));
217 sysadm 1.5
218 sysadm 1.1 mysqli_close($db_conn);
219     exit(json_encode($result_set));
220     }
221     }
222     else // Reply article
223     {
224     $sql = "SELECT TID, SID, title, `lock` FROM bbs WHERE AID = $reply_id AND visible FOR UPDATE";
225 sysadm 1.5
226 sysadm 1.1 $rs = mysqli_query($db_conn, $sql);
227     if ($rs == false)
228     {
229     $result_set["return"]["code"] = -2;
230     $result_set["return"]["message"] = "Query article error: " . mysqli_error($db_conn);
231 sysadm 1.5
232 sysadm 1.1 mysqli_close($db_conn);
233     exit(json_encode($result_set));
234     }
235    
236     if ($row = mysqli_fetch_array($rs))
237     {
238     $tid = $row["TID"];
239     $sid = $row["SID"];
240     $r_title = $row["title"];
241     $lock = $row["lock"];
242     }
243     else
244     {
245     $result_set["return"]["code"] = -1;
246     array_push($result_set["return"]["errorFields"], array(
247     "id" => "prompt",
248     "errMsg" => "回复的文章不存在!",
249     ));
250 sysadm 1.5
251 sysadm 1.1 mysqli_close($db_conn);
252     exit(json_encode($result_set));
253 sysadm 1.5 }
254 sysadm 1.1 mysqli_free_result($rs);
255    
256     if ($tid != 0) // Article to be replied is not the head of topic thread
257     {
258     $sql = "SELECT SID, title, `lock` FROM bbs WHERE AID = $tid AND visible FOR UPDATE";
259    
260     $rs = mysqli_query($db_conn, $sql);
261     if ($rs == false)
262     {
263     $result_set["return"]["code"] = -2;
264     $result_set["return"]["message"] = "Query article error: " . mysqli_error($db_conn);
265 sysadm 1.5
266 sysadm 1.1 mysqli_close($db_conn);
267     exit(json_encode($result_set));
268     }
269 sysadm 1.5
270 sysadm 1.1 if ($row = mysqli_fetch_array($rs))
271     {
272     $sid = $row["SID"]; // In case of inconsistent SID data
273     $r_title = $row["title"];
274     $lock = $row["lock"];
275     }
276     else
277     {
278     $result_set["return"]["code"] = -1;
279     array_push($result_set["return"]["errorFields"], array(
280     "id" => "prompt",
281     "errMsg" => "回复的主题不存在!",
282     ));
283 sysadm 1.5
284 sysadm 1.1 mysqli_close($db_conn);
285     exit(json_encode($result_set));
286     }
287 sysadm 1.5 mysqli_free_result($rs);
288 sysadm 1.1 }
289     else
290     {
291     $tid = $reply_id; // Set tid to the head of the replied thread
292     }
293    
294     if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_POST))
295     {
296     $result_set["return"]["code"] = -1;
297     array_push($result_set["return"]["errorFields"], array(
298     "id" => "prompt",
299     "errMsg" => "您无权发表文章!",
300     ));
301 sysadm 1.5
302 sysadm 1.1 mysqli_close($db_conn);
303     exit(json_encode($result_set));
304     }
305    
306     if ($lock)
307     {
308     $result_set["return"]["code"] = -1;
309     array_push($result_set["return"]["errorFields"], array(
310     "id" => "prompt",
311     "errMsg" => "该主题谢绝回复!",
312     ));
313 sysadm 1.5
314 sysadm 1.1 mysqli_close($db_conn);
315     exit(json_encode($result_set));
316     }
317    
318     if (check_post_count(10, $sid, false, $db_conn) != true)
319     {
320     $result_set["return"]["code"] = -1;
321     array_push($result_set["return"]["errorFields"], array(
322     "id" => "prompt",
323     "errMsg" => "本版连续发表文章数量达到上限",
324     ));
325 sysadm 1.5
326 sysadm 1.1 mysqli_close($db_conn);
327     exit(json_encode($result_set));
328     }
329     }
330    
331     $sql = "SELECT nickname, exp FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];
332     $rs = mysqli_query($db_conn, $sql);
333     if ($rs == false)
334     {
335     $result_set["return"]["code"] = -2;
336     $result_set["return"]["message"] = "Query user pubinfo error: " . mysqli_error($db_conn);
337 sysadm 1.5
338 sysadm 1.1 mysqli_close($db_conn);
339     exit(json_encode($result_set));
340     }
341 sysadm 1.5
342 sysadm 1.1 if($row = mysqli_fetch_array($rs))
343     {
344 sysadm 1.3 $nickname = $row["nickname"];
345 sysadm 1.1 $exp = $row["exp"];
346     }
347     mysqli_free_result($rs);
348     }
349     else // Modify article
350     {
351     $sql = "SELECT TID, UID, SID, excerption FROM bbs WHERE AID = $id AND visible FOR UPDATE";
352    
353     $rs = mysqli_query($db_conn, $sql);
354     if ($rs == false)
355     {
356     $result_set["return"]["code"] = -2;
357     $result_set["return"]["message"] = "Query article error: " . mysqli_error($db_conn);
358 sysadm 1.5
359 sysadm 1.1 mysqli_close($db_conn);
360     exit(json_encode($result_set));
361     }
362 sysadm 1.5
363 sysadm 1.1 if($row = mysqli_fetch_array($rs))
364     {
365     $tid = ($row["TID"] > 0 ? $row["TID"] : $id);
366     $uid = $row["UID"];
367     $sid = $row["SID"];
368     $excerption = $row["excerption"];
369     }
370     else
371     {
372     $result_set["return"]["code"] = -1;
373     array_push($result_set["return"]["errorFields"], array(
374     "id" => "prompt",
375     "errMsg" => "修改的文章不存在!",
376     ));
377 sysadm 1.5
378 sysadm 1.1 mysqli_close($db_conn);
379     exit(json_encode($result_set));
380     }
381     mysqli_free_result($rs);
382 sysadm 1.5
383 sysadm 1.1 if (!($_SESSION["BBS_priv"]->checkpriv($sid, S_POST) && $_SESSION["BBS_uid"] == $uid && (!$excerption)))
384     {
385     $result_set["return"]["code"] = -1;
386     array_push($result_set["return"]["errorFields"], array(
387     "id" => "prompt",
388     "errMsg" => "您无权修改此文章!",
389     ));
390 sysadm 1.5
391 sysadm 1.1 mysqli_close($db_conn);
392     exit(json_encode($result_set));
393 sysadm 1.5 }
394 sysadm 1.1 }
395    
396     // Get upload quota and used space
397     $atta_id_list = "-1";
398     $attachment_count = (isset($_FILES['attachment']['error']) ? count($_FILES['attachment']['error']) : 0);
399     if ($attachment_count > $BBS_upload_count_limit)
400     {
401     $result_set["return"]["code"] = -1;
402     array_push($result_set["return"]["errorFields"], array(
403     "id" => "attachment",
404     "errMsg" => "文件数量超过限制",
405     ));
406    
407     mysqli_close($db_conn);
408     exit(json_encode($result_set));
409     }
410    
411     $upload_limit = 0;
412     $upload_used = 0;
413     $upload_size = 0;
414    
415     if ($attachment_count > 0)
416     {
417     $sql = "SELECT upload_limit FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];
418     $rs = mysqli_query($db_conn, $sql);
419     if ($rs == false)
420     {
421     $result_set["return"]["code"] = -2;
422     $result_set["return"]["message"] = "Query upload limit error: " . mysqli_error($db_conn);
423 sysadm 1.5
424 sysadm 1.1 mysqli_close($db_conn);
425     exit(json_encode($result_set));
426     }
427 sysadm 1.5
428 sysadm 1.1 if ($row = mysqli_fetch_array($rs))
429     {
430     $upload_limit = $row["upload_limit"];
431     }
432     mysqli_free_result($rs);
433 sysadm 1.5
434 sysadm 1.1 $sql = "SELECT COUNT(size) AS upload_used FROM upload_file WHERE UID = " . $_SESSION["BBS_uid"] .
435     " AND deleted = 0";
436 sysadm 1.5
437 sysadm 1.1 $rs = mysqli_query($db_conn, $sql);
438     if ($rs == false)
439     {
440     $result_set["return"]["code"] = -2;
441     $result_set["return"]["message"] = "Query upload file error: " . mysqli_error($db_conn);
442 sysadm 1.5
443 sysadm 1.1 mysqli_close($db_conn);
444     exit(json_encode($result_set));
445     }
446 sysadm 1.5
447 sysadm 1.1 if ($row = mysqli_fetch_array($rs))
448     {
449     $upload_used = $row["upload_used"];
450     }
451     mysqli_free_result($rs);
452     }
453    
454     // Validate attachments
455     for ($i = 0; $i < $attachment_count; $i++)
456     {
457     if (!isset($_FILES['attachment']['error'][$i]) || $_FILES['attachment']['error'][$i] != UPLOAD_ERR_OK)
458     {
459     $result_set["return"]["code"] = -1;
460     array_push($result_set["return"]["errorFields"], array(
461     "id" => "attachment",
462     "errMsg" => "上传文件错误",
463     ));
464 sysadm 1.5
465 sysadm 1.1 mysqli_close($db_conn);
466     exit(json_encode($result_set));
467     }
468    
469     $filesize = $_FILES['attachment']['size'][$i];
470     $filename = $_FILES['attachment']['name'][$i];
471    
472     if ($filesize > 0)
473     {
474     if ($filesize > 1024 * 1024 * 2)
475     {
476     $result_set["return"]["code"] = -1;
477     array_push($result_set["return"]["errorFields"], array(
478     "id" => "attachment",
479     "errMsg" => "文件大小超过限制",
480     ));
481 sysadm 1.5
482 sysadm 1.1 mysqli_close($db_conn);
483     exit(json_encode($result_set));
484     }
485    
486     $upload_used += $filesize;
487     if ($upload_used > $upload_limit)
488     {
489     $result_set["return"]["code"] = -1;
490     array_push($result_set["return"]["errorFields"], array(
491     "id" => "attachment",
492     "errMsg" => "用户上传空间配额不足",
493     ));
494 sysadm 1.5
495 sysadm 1.1 mysqli_close($db_conn);
496     exit(json_encode($result_set));
497     }
498    
499 sysadm 1.4 $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
500 sysadm 1.1 switch ($ext)
501     {
502     case "bmp":
503     case "gif":
504     case "jpg":
505     case "jpeg":
506     case "png":
507     case "tif":
508     case "tiff":
509     case "txt":
510     case "zip":
511     case "rar":
512     break;
513     default:
514     $result_set["return"]["code"] = -1;
515     array_push($result_set["return"]["errorFields"], array(
516     "id" => "attachment",
517     "errMsg" => "不支持的文件扩展名",
518     ));
519 sysadm 1.5
520 sysadm 1.1 mysqli_close($db_conn);
521     exit(json_encode($result_set));
522     }
523 sysadm 1.5
524 sysadm 1.1 $finfo = new finfo(FILEINFO_MIME_TYPE);
525     $mime_type = $finfo->file($_FILES['attachment']['tmp_name'][$i]);
526     $real_ext = array_search($mime_type, array(
527     'txt' => 'text/plain',
528     'bmp' => 'image/x-ms-bmp',
529     'jpg' => 'image/jpeg',
530     'png' => 'image/png',
531     'gif' => 'image/gif',
532     'tif' => 'image/tiff',
533     'rar' => 'application/x-rar',
534     'zip' => 'application/zip',
535     ), true);
536 sysadm 1.5
537 sysadm 1.1 if ($real_ext === false)
538     {
539     $result_set["return"]["code"] = -1;
540     array_push($result_set["return"]["errorFields"], array(
541     "id" => "attachment",
542     "errMsg" => "不支持的文件格式",
543     ));
544 sysadm 1.5
545 sysadm 1.1 mysqli_close($db_conn);
546     exit(json_encode($result_set));
547     }
548     }
549     }
550    
551     // Store attachments
552     for ($i = 0; $i < $attachment_count; $i++)
553     {
554     $filesize = $_FILES['attachment']['size'][$i];
555     $filename = $_FILES['attachment']['name'][$i];
556    
557     $sql = "INSERT INTO upload_file(UID, size, filename, `check`) VALUES(" .
558     $_SESSION["BBS_uid"] . ", $filesize, '$filename', 0)";
559    
560     $rs = mysqli_query($db_conn, $sql);
561     if ($rs == false)
562     {
563     $result_set["return"]["code"] = -2;
564     $result_set["return"]["message"] = "Add upload file error: " . mysqli_error($db_conn);
565 sysadm 1.5
566 sysadm 1.1 mysqli_close($db_conn);
567     exit(json_encode($result_set));
568     }
569 sysadm 1.5
570 sysadm 1.1 $attachment_id = mysqli_insert_id($db_conn);
571     $atta_id_list .= ("," . $attachment_id);
572    
573     $file_path = "upload/" . $attachment_id;
574     if(!move_uploaded_file($_FILES['attachment']['tmp_name'][$i], $file_path))
575     {
576     $result_set["return"]["code"] = -2;
577     $result_set["return"]["message"] = "Copy file error";
578 sysadm 1.5
579 sysadm 1.1 mysqli_close($db_conn);
580     exit(json_encode($result_set));
581     }
582     }
583    
584     // Add content
585     $sql = "INSERT INTO bbs_content(AID, content) values(0, '" .
586     mysqli_real_escape_string($db_conn, $content) . "')";
587    
588     $rs = mysqli_query($db_conn, $sql);
589     if ($rs == false)
590     {
591     $result_set["return"]["code"] = -2;
592     $result_set["return"]["message"] = "Add content error: " . mysqli_error($db_conn);
593 sysadm 1.5
594 sysadm 1.1 mysqli_close($db_conn);
595     exit(json_encode($result_set));
596     }
597     $cid = mysqli_insert_id($db_conn);
598    
599     if($id == 0) // Post article
600     {
601     $sql = "INSERT INTO bbs(SID, TID, UID, username, nickname, title, CID, transship,
602     sub_dt, sub_ip, reply_note, exp, last_reply_dt, icon, length)
603     VALUES($sid, $tid, " . $_SESSION["BBS_uid"] . ", '" .
604     $_SESSION["BBS_username"] . "', '" .
605     mysqli_real_escape_string($db_conn, $nickname) . "', '" .
606     mysqli_real_escape_string($db_conn, $title) . "', " .
607     "$cid, $transship, NOW(), '" . client_addr() .
608     "', $reply_note, $exp, NOW(), $emoji, $length)";
609    
610     $rs = mysqli_query($db_conn, $sql);
611     if ($rs == false)
612     {
613     $result_set["return"]["code"] = -2;
614     $result_set["return"]["message"] = "Add article error: " . mysqli_error($db_conn);
615 sysadm 1.5
616 sysadm 1.1 mysqli_close($db_conn);
617     exit(json_encode($result_set));
618     }
619     $aid = mysqli_insert_id($db_conn);
620    
621     //Set last reply info
622     if ($reply_id > 0)
623     {
624     $sql = "UPDATE bbs SET reply_count = reply_count + 1,
625     last_reply_dt = NOW(), last_reply_UID=" . $_SESSION["BBS_uid"] .
626     ", last_reply_username = '" . $_SESSION["BBS_username"] .
627 sysadm 1.3 "', last_reply_nickname = '" . mysqli_real_escape_string($db_conn, $nickname) .
628     "' WHERE Aid = $tid";
629 sysadm 1.1
630     $rs = mysqli_query($db_conn, $sql);
631     if ($rs == false)
632     {
633     $result_set["return"]["code"] = -2;
634     $result_set["return"]["message"] = "Update replied article error: " . mysqli_error($db_conn);
635 sysadm 1.5
636 sysadm 1.1 mysqli_close($db_conn);
637     exit(json_encode($result_set));
638     }
639    
640     //Notify the authors of the topic which is replyed.
641     $sql = "SELECT DISTINCT UID FROM bbs WHERE (AID = $tid OR TID = $tid)
642     AND visible AND reply_note AND UID <> " . $_SESSION["BBS_uid"];
643    
644     $rs = mysqli_query($db_conn, $sql);
645     if ($rs == false)
646     {
647     $result_set["return"]["code"] = -2;
648     $result_set["return"]["message"] = "Read reply info error: " . mysqli_error($db_conn);
649 sysadm 1.5
650 sysadm 1.1 mysqli_close($db_conn);
651     exit(json_encode($result_set));
652     }
653    
654     while ($row = mysqli_fetch_array($rs))
655     {
656     //Send notification message
657     $msg_content = "[hide]SYS_Reply_Article[/hide]有人回复了您所发表/回复的主题文章,快来".
658     "[article $aid]看看[/article]《" . $r_title . "》吧!\n";
659    
660     $sql = "INSERT INTO bbs_msg(fromUID, toUID, content, send_dt, send_ip)
661 sysadm 1.5 VALUES($BBS_sys_uid, " . $row["UID"] . ", '" .
662 sysadm 1.1 mysqli_real_escape_string($db_conn, $msg_content) .
663     "', NOW(), '" . client_addr() . "')";
664    
665     $rs_msg = mysqli_query($db_conn, $sql);
666     if ($rs_msg == false)
667     {
668     $result_set["return"]["code"] = -2;
669     $result_set["return"]["message"] = "Insert msg error: " . mysqli_error($db_conn);
670 sysadm 1.5
671 sysadm 1.1 mysqli_close($db_conn);
672     exit(json_encode($result_set));
673     }
674 sysadm 1.5 }
675 sysadm 1.1
676     mysqli_free_result($rs);
677     }
678     else // Post new article
679     {
680     $tid = $aid;
681     }
682    
683     //Add exp
684     if ($_SESSION["BBS_priv"]->checkpriv($sid, S_GETEXP)) //Except in test section
685     {
686     $rs = user_exp_change($_SESSION["BBS_uid"], ($reply_id > 0 ? 3 : ($transship ? 5 : 15)), $db_conn);
687     if ($rs == false)
688     {
689     $result_set["return"]["code"] = -2;
690     $result_set["return"]["message"] = "Add exp error: " . mysqli_error($db_conn);
691 sysadm 1.5
692 sysadm 1.1 mysqli_close($db_conn);
693     exit(json_encode($result_set));
694     }
695     }
696     }
697     else // Modify article
698     {
699     $aid = $id;
700    
701     $sql = "UPDATE bbs SET CID = $cid, reply_note = $reply_note,
702     icon = $emoji, length = $length WHERE AID = $aid";
703    
704     $rs = mysqli_query($db_conn, $sql);
705     if ($rs == false)
706     {
707     $result_set["return"]["code"] = -2;
708     $result_set["return"]["message"] = "Update article error: " . mysqli_error($db_conn);
709    
710     mysqli_close($db_conn);
711     exit(json_encode($result_set));
712     }
713     }
714    
715     // Link content to article
716     $sql = "UPDATE bbs_content SET AID = $aid WHERE CID = $cid";
717    
718     $rs = mysqli_query($db_conn, $sql);
719     if ($rs == false)
720     {
721     $result_set["return"]["code"] = -2;
722     $result_set["return"]["message"] = "Update content error: " . mysqli_error($db_conn);
723    
724     mysqli_close($db_conn);
725     exit(json_encode($result_set));
726     }
727    
728     // Link attachments to article
729     $sql = "UPDATE upload_file SET ref_AID = $aid WHERE AID IN ($atta_id_list)";
730    
731     $rs = mysqli_query($db_conn, $sql);
732     if ($rs == false)
733     {
734     $result_set["return"]["code"] = -2;
735     $result_set["return"]["message"] = "Update upload file error: " . mysqli_error($db_conn);
736    
737     mysqli_close($db_conn);
738     exit(json_encode($result_set));
739     }
740    
741     // Add log
742     $rs = article_op_log($aid, $_SESSION["BBS_uid"], ($id == 0 ? "A" : "M"), client_addr(), $db_conn);
743     if ($rs == false)
744     {
745     $result_set["return"]["code"] = -2;
746     $result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);
747 sysadm 1.5
748 sysadm 1.1 mysqli_close($db_conn);
749     exit(json_encode($result_set));
750     }
751    
752     // Commit transaction
753     $rs = mysqli_query($db_conn, "COMMIT");
754     if ($rs == false)
755     {
756     $result_set["return"]["code"] = -2;
757     $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
758    
759     mysqli_close($db_conn);
760     exit(json_encode($result_set));
761     }
762    
763     // Set return path
764     $result_set["return"]["aid"] = $aid;
765    
766     $_SESSION["BBS_last_sub_tm"] = time();
767    
768     mysqli_close($db_conn);
769     exit(json_encode($result_set));
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1