/[LeafOK_CVS]/fenglin/bbs/post.php
ViewVC logotype

Annotation of /fenglin/bbs/post.php

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.6 - (hide annotations)
Mon Apr 7 06:31:50 2025 UTC (11 months, 1 week ago) by sysadm
Branch: MAIN
Changes since 1.5: +24 -12 lines 
Add update textarea with badword filter result
1 sysadm 1.1 <?
2     require_once "../lib/common.inc.php";
3     require_once "../lib/db_open.inc.php";
4     require_once "./common_lib.inc.php";
5     require_once "./session_init.inc.php";
6     require_once "./check_sub.inc.php";
7     require_once "../lib/lml.inc.php";
8     require_once "../lib/str_process.inc.php";
9     ?>
10     <?
11     force_login();
12    
13     $id = (isset($_GET["id"]) ? intval($_GET["id"]) : 0);
14     $reply_id = (isset($_GET["reply_id"]) ? intval($_GET["reply_id"]) : 0);
15     $sid = (isset($_GET["sid"]) ? intval($_GET["sid"]) : $BBS_default_sid);
16     $quote = (isset($_GET["quote"]) && $_GET["quote"] == "0" ? false : true);
17    
18     $title = "";
19     $content = "";
20     $emoji = 1;
21     $reply_note = ($reply_id == 0 ? 1 : 0);
22    
23     if($id == 0) // Post article
24     {
25     if ($reply_id == 0) // Post new thread
26     {
27     $sql = "SELECT title FROM section_config WHERE SID = $sid AND enable";
28    
29     $rs = mysqli_query($db_conn, $sql);
30     if ($rs == false)
31     {
32     echo("Query section error: " . mysqli_error($db_conn));
33     exit();
34     }
35    
36     if ($row = mysqli_fetch_array($rs))
37     {
38     $section_title = $row["title"];
39     }
40     else
41     {
42     error_msg("版块不存在!",true);
43     exit();
44     }
45     mysqli_free_result($rs);
46    
47     if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_POST))
48     {
49     error_msg("您无权发表文章!", true);
50     exit();
51     }
52     }
53     else // Reply article
54     {
55     $sql = "SELECT TID, bbs.SID, bbs.title, `lock`, username, nickname, content,
56     section_config.title AS s_title FROM bbs
57     INNER JOIN bbs_content ON bbs.CID = bbs_content.CID
58     INNER JOIN section_config ON bbs.SID = section_config.SID
59     WHERE bbs.AID = $reply_id AND visible";
60    
61     $rs = mysqli_query($db_conn, $sql);
62     if ($rs == false)
63     {
64     echo("Query article error: " . mysqli_error($db_conn));
65     exit();
66     }
67    
68     if ($row = mysqli_fetch_array($rs))
69     {
70     $tid = $row["TID"];
71     $sid = $row["SID"];
72     $title = $row["title"];
73     $lock = $row["lock"];
74     $r_username = $row["username"];
75     $r_nickname = $row["nickname"];
76     $content = $row["content"];
77     $section_title = $row["s_title"];
78     }
79     else
80     {
81     error_msg("回复的文章不存在!", true);
82     exit();
83     }
84     mysqli_free_result($rs);
85    
86     if ($tid != 0) // Article to be replied is not the head of topic thread
87     {
88     $sql = "SELECT SID, `lock` FROM bbs WHERE AID = $tid AND visible";
89    
90     $rs = mysqli_query($db_conn, $sql);
91     if ($rs == false)
92     {
93     echo("Query article error: " . mysqli_error($db_conn));
94     exit();
95     }
96    
97     if ($row = mysqli_fetch_array($rs))
98     {
99     $sid = $row["SID"]; // In case of inconsistent SID data
100     $lock = $row["lock"];
101     }
102     else
103     {
104     error_msg("回复的主题不存在!", true);
105     exit();
106     }
107     mysqli_free_result($rs);
108     }
109    
110     if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_POST))
111     {
112     error_msg("您无权发表文章!", true);
113     exit();
114     }
115    
116     if ($lock)
117     {
118     error_msg("该主题谢绝回复!", true);
119     exit();
120     }
121     }
122     }
123     else // Modify article
124     {
125     $sql = "select UID, bbs.SID, TID, bbs.title, content, icon, reply_note, excerption,
126     section_config.title AS s_title FROM bbs
127     INNER JOIN bbs_content ON bbs.CID = bbs_content.CID
128     INNER JOIN section_config ON bbs.SID = section_config.SID
129     WHERE bbs.AID = $id AND visible";
130    
131     $rs = mysqli_query($db_conn, $sql);
132     if ($rs == false)
133     {
134     echo("Query article error: " . mysqli_error($db_conn));
135     exit();
136     }
137    
138     if ($row = mysqli_fetch_array($rs))
139     {
140     $uid = $row["UID"];
141     $sid = $row["SID"];
142     $tid = $row["TID"];
143     $title = $row["title"];
144     $content = $row["content"];
145     $emoji = $row["icon"];
146     $reply_note = $row["reply_note"];
147     $excerption = $row["excerption"];
148     $section_title = $row["s_title"];
149     }
150     else
151     {
152     error_msg("修改的文章不存在!", true);
153     exit();
154     }
155     mysqli_free_result($rs);
156    
157     if (!($_SESSION["BBS_priv"]->checkpriv($sid, S_POST) && $_SESSION["BBS_uid"] == $uid && (!$excerption)))
158     {
159     error_msg("您无权修改此文章!",true);
160     exit();
161     }
162     }
163     ?>
164     <html>
165     <head>
166     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
167     <title>发表文章</title>
168     <link rel="stylesheet" href="css/default.css" type="text/css">
169 sysadm 1.5 <script type="text/javascript" src="../js/nw_open.js"></script>
170     <script type="text/javascript" src="../js/lml_assistant.js"></script>
171 sysadm 1.1 <script src="../js/polyfill.min.js"></script>
172     <script src="../js/axios.min.js"></script>
173     <script type="text/javascript">
174     function refresh_err_msg(errorFieldMap)
175     {
176     document.getElementsByName("err_msg").forEach(element => {
177 sysadm 1.6 element.innerHTML = (errorFieldMap.has(element.id) ? errorFieldMap.get(element.id) : "");
178     });
179     }
180    
181     function refresh_textarea(updateFieldMap)
182     {
183     document.getElementsByName("textarea").forEach(element => {
184     if (updateFieldMap.has(element.id))
185 sysadm 1.1 {
186 sysadm 1.6 element.value = updateFieldMap.get(element.id);
187 sysadm 1.1 }
188     });
189     }
190    
191     function post_article(f)
192     {
193     instance.post('post_service.php', {
194     id: <? echo $id; ?>,
195     reply_id: <? echo $reply_id; ?>,
196     sid: <? echo $sid; ?>,
197 sysadm 1.6 title: f.textarea_title.value,
198 sysadm 1.1 transship: (f.transship != null && f.transship.checked ? "1" : "0"),
199 sysadm 1.6 content: f.textarea_content.value,
200 sysadm 1.1 emoji: f.emoji.value,
201 sysadm 1.4 sign_id: f.sign_id.value,
202 sysadm 1.1 reply_note: (f.reply_note.checked ? "1" : "0"),
203     attachment: f.attachment.files,
204     }, {
205     headers: {
206     'Content-Type': 'multipart/form-data',
207     }
208     })
209     .then(function (response) {
210     var ret = response.data;
211     var errorFieldMap = new Map();
212 sysadm 1.6 var updateFieldMap = new Map();
213 sysadm 1.1 switch (ret.return.code)
214     {
215     case 0: // OK
216 sysadm 1.6 var returnPath = "view_article.php?id=" + ret.return.aid + "#" + ret.return.aid;
217 sysadm 1.1 document.location = returnPath;
218     refresh_err_msg(errorFieldMap);
219     break;
220     case -1: // Input validation failed
221     ret.return.errorFields.forEach(field => {
222     errorFieldMap.set("err_msg_" + field.id, "<br />" + field.errMsg);
223 sysadm 1.6 updateFieldMap.set("textarea_" + field.id, field.updateValue);
224 sysadm 1.1 });
225     refresh_err_msg(errorFieldMap);
226 sysadm 1.6 refresh_textarea(updateFieldMap);
227 sysadm 1.1 break;
228     case -2: // Internal error
229     console.log(ret.return.message);
230     errorFieldMap.set("err_msg_prompt", "内部错误");
231     refresh_err_msg(errorFieldMap);
232     break;
233     default:
234     console.log(ret.return.code);
235     break;
236     }
237     })
238     .catch(function (error) {
239     console.log(error);
240     });
241    
242     return false;
243     }
244    
245 sysadm 1.2 function upload_del(id)
246     {
247     if (window.confirm('真的要删除吗?') == false)
248     {
249     return false;
250     }
251    
252     instance.post('upload_del.php', {
253     aid: id
254     })
255     .then(function (response) {
256     var ret = response.data;
257     var errorFieldMap = new Map();
258     switch (ret.return.code)
259     {
260     case 0: // OK
261 sysadm 1.3 case 1: // Already deleted
262 sysadm 1.2 document.getElementById("attachment_" + id).style.display = "none";
263     refresh_err_msg(errorFieldMap);
264     break;
265     case -1: // Input validation failed
266 sysadm 1.3 errorFieldMap.set("err_msg_attachment", "<br />" + ret.return.message);
267 sysadm 1.2 refresh_err_msg(errorFieldMap);
268     break;
269     case -2: // Internal error
270     console.log(ret.return.message);
271     errorFieldMap.set("err_msg_prompt", "内部错误");
272     refresh_err_msg(errorFieldMap);
273     break;
274     default:
275     console.log(ret.return.code);
276     break;
277     }
278     })
279     .catch(function (error) {
280     console.log(error);
281     });
282    
283     return false;
284     }
285    
286 sysadm 1.1 const instance = axios.create({
287     withCredentials: true,
288     timeout: 3000,
289     baseURL: document.location.protocol + '//' + document.location.hostname + (document.location.port=='' ? '' : (':' + document.location.port)) + '/bbs/',
290     });
291    
292     window.addEventListener("load", () => {
293     var f = document.getElementById("post_form");
294     f.addEventListener("submit", (e) => {
295     e.preventDefault();
296     post_article(f);
297     });
298     });
299    
300     </script>
301     </head>
302     <body>
303     <center>
304     <table border="0" cellpadding="1" cellspacing="0" width="770">
305     <tr>
306     <td>
307     <a class="s2" href="main.php?sid=<? echo $sid; ?>"><? echo $BBS_name; ?></a>&gt;&gt;<a class="s2" href="bbs.php?sid=<? echo $sid; ?>"><? echo $section_title; ?></a>&gt;&gt;<?
308     if ($id == 0)
309     {
310     if ($reply_id > 0)
311     {
312     ?><a class="s2" href="view_article.php?id=<? echo ($tid ? $tid : $reply_id) . "#$reply_id"; ?>"><? echo split_line(htmlspecialchars($title, ENT_HTML401, 'UTF-8'), "", 65, 2, "<br />"); ?></a>&gt;&gt;<a class="s2" href="#">回复文章</a><?
313     }
314     else
315     {
316     ?><a class="s2" href="#">发表新文章</a><?
317     }
318     }
319     else
320     {
321     ?><a class="s2" href="view_article.php?id=<? echo ($tid ? $tid : $id) . "#$id"; ?>"><? echo split_line(htmlspecialchars($title, ENT_HTML401, 'UTF-8'), "", 65, 2, "<br />"); ?></a>&gt;&gt;<a class="s2" href="#">修改文章</a><?
322     }
323     ?>
324     </td>
325     </tr>
326     </table>
327     <form method="POST" ENCTYPE="multipart/form-data" id="post_form" name="post_form" action="#">
328     <table border="0" cellpadding="5" cellspacing="0" width="770">
329     <tr>
330     <td colspan="2" align="center" style="color:red;">别忙着发贴,请先看一下<a class="s0" href="doc/management.xml" target=_blank>《论坛管理章程》</a>吧!<br>
331     (请对您的言论负责,遵守有关法律、法规,尊重网络道德)</td>
332     </tr>
333     <tr height="10">
334 sysadm 1.2 <td colspan="2" align="center"><span id="err_msg_prompt" name="err_msg" style="color: red;"></span></td>
335 sysadm 1.1 </tr>
336     <tr>
337     <td width="10%" align="right">标题<span id="err_msg_title" name="err_msg" style="color: red;"></span></td>
338     <td width="90%">
339 sysadm 1.6 <input type="text" name="textarea" id="textarea_title" size="80" <? echo ($id != 0 ? "readonly" : ""); ?> value="<? echo ($reply_id > 0 ? split_line(htmlspecialchars($title, ENT_QUOTES | ENT_HTML401, 'UTF-8'), "Re: ", 80, 1) : htmlspecialchars($title, ENT_QUOTES | ENT_HTML401, 'UTF-8')); ?>">
340 sysadm 1.1 <?
341     if ($id == 0 && $reply_id == 0)
342     {
343     ?>
344     <input type="checkbox" name="transship">转载
345     <?
346     }
347     ?></td>
348     </tr>
349     <tr>
350     <td align="right">正文<span id="err_msg_content" name="err_msg" style="color: red;"></span></td>
351     <td>
352 sysadm 1.6 <textarea name="textarea" id="textarea_content" cols="80" rows="25"><?
353 sysadm 1.1 if ($reply_id == 0)
354     {
355     echo htmlspecialchars($content, ENT_HTML401, 'UTF-8');
356     }
357     else if ($quote)
358     {
359     ?>
360    
361    
362    
363     【 在 <? echo htmlspecialchars($r_username, ENT_HTML401, 'UTF-8'); ?> (<? echo htmlspecialchars($r_nickname, ENT_HTML401, 'UTF-8'); ?>) 的大作中提到: 】
364     <?
365     echo htmlspecialchars(LMLtagFilter(LML(split_line($content, ": ", 76, 20), false, false, 1024)), ENT_HTML401, 'UTF-8');
366     }
367     ?></textarea>
368     </td>
369     </tr>
370     <tr>
371     <td align="right"><a class="s0" href="doc/lml.htm" target=_blank>LML</a>助手</td>
372     <td>
373     <INPUT type="button" value="B" onclick="b_bold(content)" style="font-weight:bold; width:25px;">
374     <INPUT type="button" value="I" onclick="b_italic(content)" style="font-style:italic; width:25px;">
375     <INPUT type="button" value="U" onclick="b_underline(content)" style="text-decoration:underline; width:25px;">
376     <INPUT type="button" value="[" onclick="b_left(content)" style="width:20px;">
377     <INPUT type="button" value="]" onclick="b_right(content)" style="width:20px;">
378     <INPUT type="button" value="Aa" onclick="b_size(content)" style="width:30px;">
379     <INPUT type="button" value="A" onclick="b_color(content)" style="font-weight:bold; color:red; width:25px;">
380     <INPUT type="button" value="@" onclick="b_email(content)" style="width:25px;">
381     <INPUT type="button" value="Link" onclick="b_link(content)" style="text-decoration:underline; color:blue; width:40px;">
382     <INPUT type="button" value="主题" onclick="b_article(content)" style="text-decoration:underline; color:green; width:40px;">
383     <INPUT type="button" value="图片" onclick="b_image(content)" style="width:40px;">
384     <INPUT type="button" value="字幕" onclick="b_marquee(content)" style="width:40px;">
385     </td>
386     </tr>
387     <tr>
388 sysadm 1.2 <td align="right">上传附件<span id="err_msg_attachment" name="err_msg" style="color: red;"></span></td>
389 sysadm 1.1 <td>
390     单个文件大小不能超过<? echo $BBS_upload_size_limit; ?>M,
391     单次上传不超过<? echo $BBS_upload_count_limit; ?>个文件<br />
392     文件类型限于BMP,GIF,JPEG,PNG,TIFF,TXT,ZIP,RAR<br />
393     <INPUT TYPE=FILE SIZE=40 name="attachment[]" id="attachment" multiple>
394     <?
395     if ($id != 0) // Modify article
396     {
397     $sql = "SELECT * FROM upload_file WHERE ref_AID = $id
398     AND deleted = 0 AND deny = 0
399     ORDER BY AID";
400    
401     $rs = mysqli_query($db_conn, $sql);
402     if ($rs == false)
403     {
404     echo ("Read attachment error: " . mysqli_error($db_conn));
405     exit();
406     }
407    
408     if (mysqli_num_rows($rs) > 0)
409     {
410     ?>
411     <hr width="80%" align="left" />已上传附件<br />
412     <?
413     }
414    
415     while ($row = mysqli_fetch_array($rs))
416     {
417     $filename = $row["filename"];
418     $ext = strtolower(substr($filename, (strrpos($filename, ".") ? strrpos($filename, ".") + 1 : 0)));
419     ?>
420 sysadm 1.2 <span id="attachment_<? echo $row["AID"]; ?>"><img src="images/closed.gif"><a class="s2" href="dl_file.php?aid=<? echo $row["AID"]; ?>" target="_target"><? echo $filename; ?></a> (<? echo $row["size"]; ?>字节)
421 sysadm 1.1 <?
422     if ($row["check"] == 0)
423     {
424     ?><font color="red">未审核</font><?
425     }
426     ?>
427 sysadm 1.2 <a class="s2" href="#" onclick="return upload_del(<? echo $row["AID"]; ?>);">删除</a>
428     <br /></span>
429 sysadm 1.1 <?
430     }
431    
432     mysqli_free_result($rs);
433     }
434     ?>
435     </td>
436     </tr>
437     <tr>
438 sysadm 1.4 <td align="right">表情<span id="err_msg_emoji" name="err_msg" style="color: red;"></span></td>
439 sysadm 1.1 <td><?
440     for ($i = 1; $i <= $BBS_emoji_count; $i++)
441     {
442     ?><input type="radio" name="emoji" value="<? echo $i; ?>" <? echo ($i == $emoji ? "checked" : ""); ?>><img src="images/expression/<? echo $i; ?>.gif" width="15" height="15" alt="<? echo $i; ?>.gif"><?
443     if (($i % 12)==0)
444     {
445     ?><br><?
446     }
447     }
448     ?></td>
449     </tr>
450     <?
451     if ($id == 0)
452     {
453     ?>
454     <tr>
455 sysadm 1.4 <td align="right">签名<span id="err_msg_sign" name="err_msg" style="color: red;"></span></td>
456 sysadm 1.1 <td>
457 sysadm 1.4 <input type="radio" id="sign_id_0" name="sign_id" value="0" checked>不使用&nbsp;
458     <input type="radio" id="sign_id_1" name="sign_id" value="1">1&nbsp;
459 sysadm 1.1 <input type="radio" id="sign_id_2" name="sign_id" value="2">2&nbsp;
460     <input type="radio" id="sign_id_3" name="sign_id" value="3">3&nbsp;
461 sysadm 1.6 <a class="s0" href="preference.php" target=_blank>设置个人签名</a>
462 sysadm 1.1 </td>
463     </tr>
464     <?
465     }
466 sysadm 1.6 else
467     {
468     ?>
469     <input type="hidden" id="sign_id_0" name="sign_id" value="0">
470     <?
471     }
472 sysadm 1.1 ?>
473     <tr>
474     <td align="right"></td>
475     <td><input type="checkbox" name="reply_note" id="reply_note" <? echo ($reply_note ? "checked":""); ?>>有人回复该主题时通知我</td>
476     </tr>
477     </table>
478     <p><input type="submit" value="提交" name="submit">&nbsp;&nbsp;&nbsp;<input type="reset" value="重填" name="reset"></p>
479     </center>
480     </form>
481     <?
482     mysqli_close($db_conn);
483    
484     include "./foot.inc.php";
485     ?>
486     </body>
487     </html>
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1