/[LeafOK_CVS]/fenglin/bbs/post.php
ViewVC logotype

Contents of /fenglin/bbs/post.php

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.6 - (show annotations)
Mon Apr 7 06:31:50 2025 UTC (11 months, 1 week ago) by sysadm
Branch: MAIN
Changes since 1.5: +24 -12 lines 
Add update textarea with badword filter result
1 <?
2 require_once "../lib/common.inc.php";
3 require_once "../lib/db_open.inc.php";
4 require_once "./common_lib.inc.php";
5 require_once "./session_init.inc.php";
6 require_once "./check_sub.inc.php";
7 require_once "../lib/lml.inc.php";
8 require_once "../lib/str_process.inc.php";
9 ?>
10 <?
11 force_login();
12
13 $id = (isset($_GET["id"]) ? intval($_GET["id"]) : 0);
14 $reply_id = (isset($_GET["reply_id"]) ? intval($_GET["reply_id"]) : 0);
15 $sid = (isset($_GET["sid"]) ? intval($_GET["sid"]) : $BBS_default_sid);
16 $quote = (isset($_GET["quote"]) && $_GET["quote"] == "0" ? false : true);
17
18 $title = "";
19 $content = "";
20 $emoji = 1;
21 $reply_note = ($reply_id == 0 ? 1 : 0);
22
23 if($id == 0) // Post article
24 {
25 if ($reply_id == 0) // Post new thread
26 {
27 $sql = "SELECT title FROM section_config WHERE SID = $sid AND enable";
28
29 $rs = mysqli_query($db_conn, $sql);
30 if ($rs == false)
31 {
32 echo("Query section error: " . mysqli_error($db_conn));
33 exit();
34 }
35
36 if ($row = mysqli_fetch_array($rs))
37 {
38 $section_title = $row["title"];
39 }
40 else
41 {
42 error_msg("版块不存在!",true);
43 exit();
44 }
45 mysqli_free_result($rs);
46
47 if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_POST))
48 {
49 error_msg("您无权发表文章!", true);
50 exit();
51 }
52 }
53 else // Reply article
54 {
55 $sql = "SELECT TID, bbs.SID, bbs.title, `lock`, username, nickname, content,
56 section_config.title AS s_title FROM bbs
57 INNER JOIN bbs_content ON bbs.CID = bbs_content.CID
58 INNER JOIN section_config ON bbs.SID = section_config.SID
59 WHERE bbs.AID = $reply_id AND visible";
60
61 $rs = mysqli_query($db_conn, $sql);
62 if ($rs == false)
63 {
64 echo("Query article error: " . mysqli_error($db_conn));
65 exit();
66 }
67
68 if ($row = mysqli_fetch_array($rs))
69 {
70 $tid = $row["TID"];
71 $sid = $row["SID"];
72 $title = $row["title"];
73 $lock = $row["lock"];
74 $r_username = $row["username"];
75 $r_nickname = $row["nickname"];
76 $content = $row["content"];
77 $section_title = $row["s_title"];
78 }
79 else
80 {
81 error_msg("回复的文章不存在!", true);
82 exit();
83 }
84 mysqli_free_result($rs);
85
86 if ($tid != 0) // Article to be replied is not the head of topic thread
87 {
88 $sql = "SELECT SID, `lock` FROM bbs WHERE AID = $tid AND visible";
89
90 $rs = mysqli_query($db_conn, $sql);
91 if ($rs == false)
92 {
93 echo("Query article error: " . mysqli_error($db_conn));
94 exit();
95 }
96
97 if ($row = mysqli_fetch_array($rs))
98 {
99 $sid = $row["SID"]; // In case of inconsistent SID data
100 $lock = $row["lock"];
101 }
102 else
103 {
104 error_msg("回复的主题不存在!", true);
105 exit();
106 }
107 mysqli_free_result($rs);
108 }
109
110 if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_POST))
111 {
112 error_msg("您无权发表文章!", true);
113 exit();
114 }
115
116 if ($lock)
117 {
118 error_msg("该主题谢绝回复!", true);
119 exit();
120 }
121 }
122 }
123 else // Modify article
124 {
125 $sql = "select UID, bbs.SID, TID, bbs.title, content, icon, reply_note, excerption,
126 section_config.title AS s_title FROM bbs
127 INNER JOIN bbs_content ON bbs.CID = bbs_content.CID
128 INNER JOIN section_config ON bbs.SID = section_config.SID
129 WHERE bbs.AID = $id AND visible";
130
131 $rs = mysqli_query($db_conn, $sql);
132 if ($rs == false)
133 {
134 echo("Query article error: " . mysqli_error($db_conn));
135 exit();
136 }
137
138 if ($row = mysqli_fetch_array($rs))
139 {
140 $uid = $row["UID"];
141 $sid = $row["SID"];
142 $tid = $row["TID"];
143 $title = $row["title"];
144 $content = $row["content"];
145 $emoji = $row["icon"];
146 $reply_note = $row["reply_note"];
147 $excerption = $row["excerption"];
148 $section_title = $row["s_title"];
149 }
150 else
151 {
152 error_msg("修改的文章不存在!", true);
153 exit();
154 }
155 mysqli_free_result($rs);
156
157 if (!($_SESSION["BBS_priv"]->checkpriv($sid, S_POST) && $_SESSION["BBS_uid"] == $uid && (!$excerption)))
158 {
159 error_msg("您无权修改此文章!",true);
160 exit();
161 }
162 }
163 ?>
164 <html>
165 <head>
166 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
167 <title>发表文章</title>
168 <link rel="stylesheet" href="css/default.css" type="text/css">
169 <script type="text/javascript" src="../js/nw_open.js"></script>
170 <script type="text/javascript" src="../js/lml_assistant.js"></script>
171 <script src="../js/polyfill.min.js"></script>
172 <script src="../js/axios.min.js"></script>
173 <script type="text/javascript">
174 function refresh_err_msg(errorFieldMap)
175 {
176 document.getElementsByName("err_msg").forEach(element => {
177 element.innerHTML = (errorFieldMap.has(element.id) ? errorFieldMap.get(element.id) : "");
178 });
179 }
180
181 function refresh_textarea(updateFieldMap)
182 {
183 document.getElementsByName("textarea").forEach(element => {
184 if (updateFieldMap.has(element.id))
185 {
186 element.value = updateFieldMap.get(element.id);
187 }
188 });
189 }
190
191 function post_article(f)
192 {
193 instance.post('post_service.php', {
194 id: <? echo $id; ?>,
195 reply_id: <? echo $reply_id; ?>,
196 sid: <? echo $sid; ?>,
197 title: f.textarea_title.value,
198 transship: (f.transship != null && f.transship.checked ? "1" : "0"),
199 content: f.textarea_content.value,
200 emoji: f.emoji.value,
201 sign_id: f.sign_id.value,
202 reply_note: (f.reply_note.checked ? "1" : "0"),
203 attachment: f.attachment.files,
204 }, {
205 headers: {
206 'Content-Type': 'multipart/form-data',
207 }
208 })
209 .then(function (response) {
210 var ret = response.data;
211 var errorFieldMap = new Map();
212 var updateFieldMap = new Map();
213 switch (ret.return.code)
214 {
215 case 0: // OK
216 var returnPath = "view_article.php?id=" + ret.return.aid + "#" + ret.return.aid;
217 document.location = returnPath;
218 refresh_err_msg(errorFieldMap);
219 break;
220 case -1: // Input validation failed
221 ret.return.errorFields.forEach(field => {
222 errorFieldMap.set("err_msg_" + field.id, "<br />" + field.errMsg);
223 updateFieldMap.set("textarea_" + field.id, field.updateValue);
224 });
225 refresh_err_msg(errorFieldMap);
226 refresh_textarea(updateFieldMap);
227 break;
228 case -2: // Internal error
229 console.log(ret.return.message);
230 errorFieldMap.set("err_msg_prompt", "内部错误");
231 refresh_err_msg(errorFieldMap);
232 break;
233 default:
234 console.log(ret.return.code);
235 break;
236 }
237 })
238 .catch(function (error) {
239 console.log(error);
240 });
241
242 return false;
243 }
244
245 function upload_del(id)
246 {
247 if (window.confirm('真的要删除吗?') == false)
248 {
249 return false;
250 }
251
252 instance.post('upload_del.php', {
253 aid: id
254 })
255 .then(function (response) {
256 var ret = response.data;
257 var errorFieldMap = new Map();
258 switch (ret.return.code)
259 {
260 case 0: // OK
261 case 1: // Already deleted
262 document.getElementById("attachment_" + id).style.display = "none";
263 refresh_err_msg(errorFieldMap);
264 break;
265 case -1: // Input validation failed
266 errorFieldMap.set("err_msg_attachment", "<br />" + ret.return.message);
267 refresh_err_msg(errorFieldMap);
268 break;
269 case -2: // Internal error
270 console.log(ret.return.message);
271 errorFieldMap.set("err_msg_prompt", "内部错误");
272 refresh_err_msg(errorFieldMap);
273 break;
274 default:
275 console.log(ret.return.code);
276 break;
277 }
278 })
279 .catch(function (error) {
280 console.log(error);
281 });
282
283 return false;
284 }
285
286 const instance = axios.create({
287 withCredentials: true,
288 timeout: 3000,
289 baseURL: document.location.protocol + '//' + document.location.hostname + (document.location.port=='' ? '' : (':' + document.location.port)) + '/bbs/',
290 });
291
292 window.addEventListener("load", () => {
293 var f = document.getElementById("post_form");
294 f.addEventListener("submit", (e) => {
295 e.preventDefault();
296 post_article(f);
297 });
298 });
299
300 </script>
301 </head>
302 <body>
303 <center>
304 <table border="0" cellpadding="1" cellspacing="0" width="770">
305 <tr>
306 <td>
307 <a class="s2" href="main.php?sid=<? echo $sid; ?>"><? echo $BBS_name; ?></a>&gt;&gt;<a class="s2" href="bbs.php?sid=<? echo $sid; ?>"><? echo $section_title; ?></a>&gt;&gt;<?
308 if ($id == 0)
309 {
310 if ($reply_id > 0)
311 {
312 ?><a class="s2" href="view_article.php?id=<? echo ($tid ? $tid : $reply_id) . "#$reply_id"; ?>"><? echo split_line(htmlspecialchars($title, ENT_HTML401, 'UTF-8'), "", 65, 2, "<br />"); ?></a>&gt;&gt;<a class="s2" href="#">回复文章</a><?
313 }
314 else
315 {
316 ?><a class="s2" href="#">发表新文章</a><?
317 }
318 }
319 else
320 {
321 ?><a class="s2" href="view_article.php?id=<? echo ($tid ? $tid : $id) . "#$id"; ?>"><? echo split_line(htmlspecialchars($title, ENT_HTML401, 'UTF-8'), "", 65, 2, "<br />"); ?></a>&gt;&gt;<a class="s2" href="#">修改文章</a><?
322 }
323 ?>
324 </td>
325 </tr>
326 </table>
327 <form method="POST" ENCTYPE="multipart/form-data" id="post_form" name="post_form" action="#">
328 <table border="0" cellpadding="5" cellspacing="0" width="770">
329 <tr>
330 <td colspan="2" align="center" style="color:red;">别忙着发贴,请先看一下<a class="s0" href="doc/management.xml" target=_blank>《论坛管理章程》</a>吧!<br>
331 (请对您的言论负责,遵守有关法律、法规,尊重网络道德)</td>
332 </tr>
333 <tr height="10">
334 <td colspan="2" align="center"><span id="err_msg_prompt" name="err_msg" style="color: red;"></span></td>
335 </tr>
336 <tr>
337 <td width="10%" align="right">标题<span id="err_msg_title" name="err_msg" style="color: red;"></span></td>
338 <td width="90%">
339 <input type="text" name="textarea" id="textarea_title" size="80" <? echo ($id != 0 ? "readonly" : ""); ?> value="<? echo ($reply_id > 0 ? split_line(htmlspecialchars($title, ENT_QUOTES | ENT_HTML401, 'UTF-8'), "Re: ", 80, 1) : htmlspecialchars($title, ENT_QUOTES | ENT_HTML401, 'UTF-8')); ?>">
340 <?
341 if ($id == 0 && $reply_id == 0)
342 {
343 ?>
344 <input type="checkbox" name="transship">转载
345 <?
346 }
347 ?></td>
348 </tr>
349 <tr>
350 <td align="right">正文<span id="err_msg_content" name="err_msg" style="color: red;"></span></td>
351 <td>
352 <textarea name="textarea" id="textarea_content" cols="80" rows="25"><?
353 if ($reply_id == 0)
354 {
355 echo htmlspecialchars($content, ENT_HTML401, 'UTF-8');
356 }
357 else if ($quote)
358 {
359 ?>
360
361
362
363 【 在 <? echo htmlspecialchars($r_username, ENT_HTML401, 'UTF-8'); ?> (<? echo htmlspecialchars($r_nickname, ENT_HTML401, 'UTF-8'); ?>) 的大作中提到: 】
364 <?
365 echo htmlspecialchars(LMLtagFilter(LML(split_line($content, ": ", 76, 20), false, false, 1024)), ENT_HTML401, 'UTF-8');
366 }
367 ?></textarea>
368 </td>
369 </tr>
370 <tr>
371 <td align="right"><a class="s0" href="doc/lml.htm" target=_blank>LML</a>助手</td>
372 <td>
373 <INPUT type="button" value="B" onclick="b_bold(content)" style="font-weight:bold; width:25px;">
374 <INPUT type="button" value="I" onclick="b_italic(content)" style="font-style:italic; width:25px;">
375 <INPUT type="button" value="U" onclick="b_underline(content)" style="text-decoration:underline; width:25px;">
376 <INPUT type="button" value="[" onclick="b_left(content)" style="width:20px;">
377 <INPUT type="button" value="]" onclick="b_right(content)" style="width:20px;">
378 <INPUT type="button" value="Aa" onclick="b_size(content)" style="width:30px;">
379 <INPUT type="button" value="A" onclick="b_color(content)" style="font-weight:bold; color:red; width:25px;">
380 <INPUT type="button" value="@" onclick="b_email(content)" style="width:25px;">
381 <INPUT type="button" value="Link" onclick="b_link(content)" style="text-decoration:underline; color:blue; width:40px;">
382 <INPUT type="button" value="主题" onclick="b_article(content)" style="text-decoration:underline; color:green; width:40px;">
383 <INPUT type="button" value="图片" onclick="b_image(content)" style="width:40px;">
384 <INPUT type="button" value="字幕" onclick="b_marquee(content)" style="width:40px;">
385 </td>
386 </tr>
387 <tr>
388 <td align="right">上传附件<span id="err_msg_attachment" name="err_msg" style="color: red;"></span></td>
389 <td>
390 单个文件大小不能超过<? echo $BBS_upload_size_limit; ?>M,
391 单次上传不超过<? echo $BBS_upload_count_limit; ?>个文件<br />
392 文件类型限于BMP,GIF,JPEG,PNG,TIFF,TXT,ZIP,RAR<br />
393 <INPUT TYPE=FILE SIZE=40 name="attachment[]" id="attachment" multiple>
394 <?
395 if ($id != 0) // Modify article
396 {
397 $sql = "SELECT * FROM upload_file WHERE ref_AID = $id
398 AND deleted = 0 AND deny = 0
399 ORDER BY AID";
400
401 $rs = mysqli_query($db_conn, $sql);
402 if ($rs == false)
403 {
404 echo ("Read attachment error: " . mysqli_error($db_conn));
405 exit();
406 }
407
408 if (mysqli_num_rows($rs) > 0)
409 {
410 ?>
411 <hr width="80%" align="left" />已上传附件<br />
412 <?
413 }
414
415 while ($row = mysqli_fetch_array($rs))
416 {
417 $filename = $row["filename"];
418 $ext = strtolower(substr($filename, (strrpos($filename, ".") ? strrpos($filename, ".") + 1 : 0)));
419 ?>
420 <span id="attachment_<? echo $row["AID"]; ?>"><img src="images/closed.gif"><a class="s2" href="dl_file.php?aid=<? echo $row["AID"]; ?>" target="_target"><? echo $filename; ?></a> (<? echo $row["size"]; ?>字节)
421 <?
422 if ($row["check"] == 0)
423 {
424 ?><font color="red">未审核</font><?
425 }
426 ?>
427 <a class="s2" href="#" onclick="return upload_del(<? echo $row["AID"]; ?>);">删除</a>
428 <br /></span>
429 <?
430 }
431
432 mysqli_free_result($rs);
433 }
434 ?>
435 </td>
436 </tr>
437 <tr>
438 <td align="right">表情<span id="err_msg_emoji" name="err_msg" style="color: red;"></span></td>
439 <td><?
440 for ($i = 1; $i <= $BBS_emoji_count; $i++)
441 {
442 ?><input type="radio" name="emoji" value="<? echo $i; ?>" <? echo ($i == $emoji ? "checked" : ""); ?>><img src="images/expression/<? echo $i; ?>.gif" width="15" height="15" alt="<? echo $i; ?>.gif"><?
443 if (($i % 12)==0)
444 {
445 ?><br><?
446 }
447 }
448 ?></td>
449 </tr>
450 <?
451 if ($id == 0)
452 {
453 ?>
454 <tr>
455 <td align="right">签名<span id="err_msg_sign" name="err_msg" style="color: red;"></span></td>
456 <td>
457 <input type="radio" id="sign_id_0" name="sign_id" value="0" checked>不使用&nbsp;
458 <input type="radio" id="sign_id_1" name="sign_id" value="1">1&nbsp;
459 <input type="radio" id="sign_id_2" name="sign_id" value="2">2&nbsp;
460 <input type="radio" id="sign_id_3" name="sign_id" value="3">3&nbsp;
461 <a class="s0" href="preference.php" target=_blank>设置个人签名</a>
462 </td>
463 </tr>
464 <?
465 }
466 else
467 {
468 ?>
469 <input type="hidden" id="sign_id_0" name="sign_id" value="0">
470 <?
471 }
472 ?>
473 <tr>
474 <td align="right"></td>
475 <td><input type="checkbox" name="reply_note" id="reply_note" <? echo ($reply_note ? "checked":""); ?>>有人回复该主题时通知我</td>
476 </tr>
477 </table>
478 <p><input type="submit" value="提交" name="submit">&nbsp;&nbsp;&nbsp;<input type="reset" value="重填" name="reset"></p>
479 </center>
480 </form>
481 <?
482 mysqli_close($db_conn);
483
484 include "./foot.inc.php";
485 ?>
486 </body>
487 </html>
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1