post.php

9-6 post.php
001<?php
002 
003  /*----引入檔案----*/
004  require_once "config.php";
005  require_once "function.php";
006 
007  /*----整理傳進來的變數或變數初始值----*/
008  $op=isset($_REQUEST['op'])?$_REQUEST['op']:"";
009  $sn=isset($_REQUEST['sn'])?intval($_REQUEST['sn']):"";
010  $toolbar="<a href='index.php?g2p={$g2p}' class='btn btn-success btn-block'><i class='fa fa-home'></i> 新聞列表</a>";
011  $error_msg=$main="";
012 
013  /*----流程控制----*/
014 
015  switch ($op) {
016    case 'clear':
017      session_destroy();
018      header("location:post.php");
019      break;
020 
021    case 'db_error':
022      $error_msg=error_msg("資料庫連線錯誤！！請檢查資料庫帳號、密碼是否正確！");
023      break;
024 
025    case 'save':
026      save_news();
027      header("location:index.php");
028      exit;
029      break;
030 
031    case 'update':
032      save_news($sn);
033      header("location:index.php?op=view&sn={$sn}");
034      exit;
035      break;
036 
037     case 'modify':
038      $main=news_form($sn);
039      break;
040 
041    default:
042      $main=news_form();
043      break;
044  }
045 
046 
047  /*----輸出----*/
048  show_page('post_tpl');
049 
050 
051 
052  /*----所有函數----*/
053 
054  //新聞編輯表單
055  function news_form($sn=""){
056    if(!isset($_SESSION['uid']) or empty($_SESSION['uid'])){
057       return "<div class='alert alert-danger'>請先登入</div>";
058    }
059 
060    link_db();
061    if($sn){
062      //讀取eznews資料表所有欄位，並指定某一筆特定資料
063      $sql="select * from eznews where sn='$sn'";
064 
065      //傳回值存到 $result 以供抓取資料用
066      $result=mysql_query($sql) or die("{$sql}<br>".mysql_error());
067      $news=mysql_fetch_assoc($result);
068      // foreach ($news as $k => $v) {
069      //   $$k=$v;
070      // }
071 
072      $news_title=$news['news_title'];
073      $news_content=$news['news_content'];
074      $ip=$news['ip'];
075      $author=$news['author'];
076      $post_time=$news['post_time'];
077      $def_cate_sn=$news['cate_sn'];
078 
079      $next_op="update";
080 
081      //抓附檔
082      $sql="select * from eznews_files where sn={$sn}";
083      $result=mysql_query($sql) or die("{$sql}<br>".mysql_error());
084      $files_list="請選擇欲刪除檔案：";
085      while($file=mysql_fetch_assoc($result)){
086        $files_list.="
087        <div>
088          <input type='checkbox' name='del_files[{$file['file_sn']}]' value='{$file['file_new_name']}'>
089          <a href='uploads/{$file['file_new_name']}' target='_blank'>{$file['file_name']}</a>
090        </div>";
091      }
092 
093 
094    }else{
095      $news_title="";
096      $news_content="";
097      $ip=$_SERVER['REMOTE_ADDR'];
098      $author=$_SESSION['uname'];
099      $post_time=date("Y-m-d H:i:s");
100      $def_cate_sn="";
101      $files_list="";
102      $news['status']="";
103 
104      $next_op="save";
105    }
106 
107    //製作分類的下拉選項
108    $sql="select * from eznews_cate";
109    $result=mysql_query($sql) or die($sql.'<br>'.mysql_error());
110    $cate_options="";
111    while(list($cate_sn , $cate_title)=mysql_fetch_row($result)){
112      $selected=($cate_sn==$def_cate_sn)?"selected":"";
113      $cate_options.="<option value='$cate_sn' $selected>$cate_title</option>";
114    }
115 
116    $checked_default=(isset($news['status']) and $news['status']=="")?"checked":"";
117    $checked_top=(isset($news['status']) and $news['status']=="置頂")?"checked":"";
118    $checked_important=(isset($news['status']) and $news['status']=="高亮")?"checked":"";
119 
120    $main=<<<form
121    <form action="post.php" method="post" role="form" enctype="multipart/form-data">
122 
123      <div class="row">
124        <div class="col-md-7">
125          <div class="form-group">
126            <input type="text" name="news_title" placeholder="請輸入新聞標題" class="form-control" value="$news_title">
127          </div>
128        </div>
129 
130        <div class="col-md-3">
131          <div class="form-group">
132 
133            <label class="radio-inline">
134              <input type="radio" name="status" value="" $checked_default>正常
135            </label>
136 
137            <label class="radio-inline">
138              <input type="radio" name="status" value="置頂" $checked_top>置頂
139            </label>
140 
141            <label class="radio-inline">
142              <input type="radio" name="status" value="高亮" $checked_important>高亮
143            </label>
144 
145          </div>
146        </div>
147 
148 
149 
150        <div class="col-md-2">
151          <div class="form-group">
152            <input type="text" name="author" placeholder="請輸入發布者" class="form-control" value="$author">
153          </div>
154        </div>
155      </div>
156 
157 
158 
159      <div class="form-group">
160        <textarea id="summernote" name="news_content" style="height:300px;" placeholder="請輸入新聞內容" class="form-control">$news_content</textarea>
161      </div>
162 
163      <div class="row">
164        <div class="col-md-3">
165          <select name="cate_sn" class="form-control">
166            <option value="">請選擇分類</option>
167            $cate_options
168          </select>
169        </div>
170        <div class="col-md-3">
171          <input type="text" name="cate_title" class="form-control" placeholder="請輸入新分類">
172        </div>
173        <div class="col-md-3">
174          <div class="form-group">
175            <input type="text" name="post_time" id="datetimepicker" placeholder="請輸入發布日期" class="form-control" value="$post_time">
176          </div>
177        </div>
178        <div class="col-md-3">
179 
180          <input type="hidden" name="ip" value="$ip">
181          <input type="hidden" name="sn" value="$sn">
182          <input type="hidden" name="op" value="$next_op">
183          <a href="post.php?op=clear" class="btn btn-danger">清除</a>
184          <input type="submit" value="儲存" class="btn btn-info">
185        </div>
186      </div>
187 
188      <div class="row">
189        <div class="col-md-3">
190          <input type="file" name="files[]" multiple>
191        </div>
192        <div class="col-md-9">
193          $files_list
194        </div>
195      </div>
196    </form>
197form;
198    return $main;
199  }
200 
201 
202  //儲存新聞
203  function save_news($sn=""){
204    if(!isset($_SESSION['uid']) or empty($_SESSION['uid'])){
205       return;
206    }
207 
208    //過濾外面傳來的變數
209    $op=isset($_POST['op'])?$_POST['op']:"";
210    $password=isset($_POST['password'])?$_POST['password']:"";
211    $news_title=isset($_POST['news_title'])?check_input($_POST['news_title']):"";
212    $news_content=isset($_POST['news_content'])?check_input($_POST['news_content']):"";
213    $author=isset($_POST['author'])?check_input($_POST['author']):"";
214    $ip=isset($_POST['ip'])?check_input($_POST['ip']):"";
215    $post_time=isset($_POST['post_time'])?check_input($_POST['post_time']):"";
216    $status=isset($_POST['status'])?check_input($_POST['status']):"";
217    $cate_title=isset($_POST['cate_title'])?check_input($_POST['cate_title']):"";
218    $cate_sn=isset($_POST['cate_sn'])?intval($_POST['cate_sn']):"";
219 
220    link_db();
221 
222    //新增分類
223    if(empty($cate_sn) and !empty($cate_title)){
224      $sql="insert into eznews_cate (cate_title) values('$cate_title')";
225      mysql_query($sql) or die($sql."<br>".mysql_error());
226      $cate_sn=mysql_insert_id();
227    }elseif(!empty($cate_sn) and !empty($cate_title)){
228      //修改分類
229      $sql="update eznews_cate set cate_title='$cate_title' where cate_sn='$cate_sn'";
230      mysql_query($sql) or die($sql."<br>".mysql_error());
231    }
232 
233    //存到資料庫
234    if($sn){
235      $sql="update eznews set cate_sn='$cate_sn', news_title='$news_title', news_content='$news_content', ip='$ip', author='$author', post_time='$post_time', status='$status' where sn='$sn' and uid='{$_SESSION['uid']}'";
236      mysql_query($sql) or die($sql."<br>".mysql_error());
237    }else{
238      $sql="insert into eznews (cate_sn,news_title, news_content, ip, author, uid, post_time,status) values('$cate_sn','$news_title', '$news_content', '$ip', '$author', '{$_SESSION['uid']}','$post_time', '$status')";
239      mysql_query($sql) or die($sql."<br>".mysql_error());
240      $sn=mysql_insert_id();
241    }
242 
243    //刪除勾選的檔案
244    if(isset($_POST['del_files'])){
245      foreach ($_POST['del_files'] as $file_new_name) {
246        //刪除實體檔案
247        if(unlink("uploads/{$file_new_name}")){
248          //刪除資料庫紀錄
249          $sql="delete from eznews_files where file_new_name='$file_new_name'";
250          mysql_query($sql) or die($sql."<br>".mysql_error());
251        }
252      }
253    }
254 
255 
256    //上傳檔案
257    if(isset($_FILES)){
258      //建立資料夾
259      if(!is_dir('uploads')){
260        mkdir('uploads');
261      }
262 
263      foreach($_FILES['files']['tmp_name'] as $i =>$tmp_name){
264        $ext=pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION);
265        $new=substr(md5($_FILES['files']['name'][$i]), -5);
266        $new_name="uploads/{$sn}_{$new}.{$ext}";
267 
268        if(move_uploaded_file($tmp_name, $new_name)){
269          $sql="insert into eznews_files ( sn, file_name, file_size, file_type, file_new_name) values('$sn','{$_FILES['files']['name'][$i]}', '{$_FILES['files']['size'][$i]}}', '{$_FILES['files']['type'][$i]}', '{$sn}_{$new}.{$ext}')";
270          mysql_query($sql) or die($sql."<br>".mysql_error());
271        }
272      }
273    }
274 
275  }
276 
277  //替特殊符號加入反斜線
278  function check_input($value){
279    if (!get_magic_quotes_gpc()){
280      $value = addslashes($value);
281    }
282    return $value;
283  }
284 
285 
286?>
9-6 post.php

搜尋

QR Code 區塊

快速登入

書籍目錄

線上使用者
