線上書籍

Home

[1032]PHP入門

<?php /*----引入檔案----*/ require_once "config.php"; require_once "function.php"; /*----整理傳進來的變數或變數初始值----*/ $op=isset($_REQUEST['op'])?$_REQUEST['op']:""; $sn=isset($_REQUEST['sn'])?intval($_REQUEST['sn']):""; $toolbar="<a href='index.php?g2p={$g2p}' class='btn btn-success btn-block'><i class='fa fa-home'></i> 新聞列表</a>"; $error_msg=$main=""; /*----流程控制----*/ switch ($op) { case 'clear': session_destroy(); header("location:post.php"); break; case 'db_error': $error_msg=error_msg("資料庫連線錯誤!!請檢查資料庫帳號、密碼是否正確!"); break; case 'save': save_news(); header("location:index.php"); exit; break; case 'update': save_news($sn); header("location:index.php?op=view&sn={$sn}"); exit; break; case 'modify': $main=news_form($sn); break; default: $main=news_form(); break; } /*----輸出----*/ show_page('post_tpl'); /*----所有函數----*/ //新聞編輯表單 function news_form($sn=""){ if(!isset($_SESSION['uid']) or empty($_SESSION['uid'])){ return "<div class='alert alert-danger'>請先登入</div>"; } link_db(); if($sn){ //讀取eznews資料表所有欄位,並指定某一筆特定資料 $sql="select * from eznews where sn='$sn'"; //傳回值存到 $result 以供抓取資料用 $result=mysql_query($sql) or die("{$sql}<br>".mysql_error()); $news=mysql_fetch_assoc($result); // foreach ($news as $k => $v) { // $$k=$v; // } $news_title=$news['news_title']; $news_content=$news['news_content']; $ip=$news['ip']; $author=$news['author']; $post_time=$news['post_time']; $def_cate_sn=$news['cate_sn']; $next_op="update"; //抓附檔 $sql="select * from eznews_files where sn={$sn}"; $result=mysql_query($sql) or die("{$sql}<br>".mysql_error()); $files_list="請選擇欲刪除檔案:"; while($file=mysql_fetch_assoc($result)){ $files_list.=" <div> <input type='checkbox' name='del_files[{$file['file_sn']}]' value='{$file['file_new_name']}'> <a href='uploads/{$file['file_new_name']}' target='_blank'>{$file['file_name']}</a> </div>"; } }else{ $news_title=""; $news_content=""; $ip=$_SERVER['REMOTE_ADDR']; $author=$_SESSION['uname']; $post_time=date("Y-m-d H:i:s"); $def_cate_sn=""; $files_list=""; $news['status']=""; $next_op="save"; } //製作分類的下拉選項 $sql="select * from eznews_cate"; $result=mysql_query($sql) or die($sql.'<br>'.mysql_error()); $cate_options=""; while(list($cate_sn , $cate_title)=mysql_fetch_row($result)){ $selected=($cate_sn==$def_cate_sn)?"selected":""; $cate_options.="<option value='$cate_sn' $selected>$cate_title</option>"; } $checked_default=(isset($news['status']) and $news['status']=="")?"checked":""; $checked_top=(isset($news['status']) and $news['status']=="置頂")?"checked":""; $checked_important=(isset($news['status']) and $news['status']=="高亮")?"checked":""; $main=<<<form <form action="post.php" method="post" role="form" enctype="multipart/form-data"> <div class="row"> <div class="col-md-7"> <div class="form-group"> <input type="text" name="news_title" placeholder="請輸入新聞標題" class="form-control" value="$news_title"> </div> </div> <div class="col-md-3"> <div class="form-group"> <label class="radio-inline"> <input type="radio" name="status" value="" $checked_default>正常 </label> <label class="radio-inline"> <input type="radio" name="status" value="置頂" $checked_top>置頂 </label> <label class="radio-inline"> <input type="radio" name="status" value="高亮" $checked_important>高亮 </label> </div> </div> <div class="col-md-2"> <div class="form-group"> <input type="text" name="author" placeholder="請輸入發布者" class="form-control" value="$author"> </div> </div> </div> <div class="form-group"> <textarea id="summernote" name="news_content" style="height:300px;" placeholder="請輸入新聞內容" class="form-control">$news_content</textarea> </div> <div class="row"> <div class="col-md-3"> <select name="cate_sn" class="form-control"> <option value="">請選擇分類</option> $cate_options </select> </div> <div class="col-md-3"> <input type="text" name="cate_title" class="form-control" placeholder="請輸入新分類"> </div> <div class="col-md-3"> <div class="form-group"> <input type="text" name="post_time" id="datetimepicker" placeholder="請輸入發布日期" class="form-control" value="$post_time"> </div> </div> <div class="col-md-3"> <input type="hidden" name="ip" value="$ip"> <input type="hidden" name="sn" value="$sn"> <input type="hidden" name="op" value="$next_op"> <a href="post.php?op=clear" class="btn btn-danger">清除</a> <input type="submit" value="儲存" class="btn btn-info"> </div> </div> <div class="row"> <div class="col-md-3"> <input type="file" name="files[]" multiple> </div> <div class="col-md-9"> $files_list </div> </div> </form> form; return $main; } //儲存新聞 function save_news($sn=""){ if(!isset($_SESSION['uid']) or empty($_SESSION['uid'])){ return; } //過濾外面傳來的變數 $op=isset($_POST['op'])?$_POST['op']:""; $password=isset($_POST['password'])?$_POST['password']:""; $news_title=isset($_POST['news_title'])?check_input($_POST['news_title']):""; $news_content=isset($_POST['news_content'])?check_input($_POST['news_content']):""; $author=isset($_POST['author'])?check_input($_POST['author']):""; $ip=isset($_POST['ip'])?check_input($_POST['ip']):""; $post_time=isset($_POST['post_time'])?check_input($_POST['post_time']):""; $status=isset($_POST['status'])?check_input($_POST['status']):""; $cate_title=isset($_POST['cate_title'])?check_input($_POST['cate_title']):""; $cate_sn=isset($_POST['cate_sn'])?intval($_POST['cate_sn']):""; link_db(); //新增分類 if(empty($cate_sn) and !empty($cate_title)){ $sql="insert into eznews_cate (cate_title) values('$cate_title')"; mysql_query($sql) or die($sql."<br>".mysql_error()); $cate_sn=mysql_insert_id(); }elseif(!empty($cate_sn) and !empty($cate_title)){ //修改分類 $sql="update eznews_cate set cate_title='$cate_title' where cate_sn='$cate_sn'"; mysql_query($sql) or die($sql."<br>".mysql_error()); } //存到資料庫 if($sn){ $sql="update eznews set cate_sn='$cate_sn', news_title='$news_title', news_content='$news_content', ip='$ip', author='$author', post_time='$post_time', status='$status' where sn='$sn' and uid='{$_SESSION['uid']}'"; mysql_query($sql) or die($sql."<br>".mysql_error()); }else{ $sql="insert into eznews (cate_sn,news_title, news_content, ip, author, uid, post_time,status) values('$cate_sn','$news_title', '$news_content', '$ip', '$author', '{$_SESSION['uid']}','$post_time', '$status')"; mysql_query($sql) or die($sql."<br>".mysql_error()); $sn=mysql_insert_id(); } //刪除勾選的檔案 if(isset($_POST['del_files'])){ foreach ($_POST['del_files'] as $file_new_name) { //刪除實體檔案 if(unlink("uploads/{$file_new_name}")){ //刪除資料庫紀錄 $sql="delete from eznews_files where file_new_name='$file_new_name'"; mysql_query($sql) or die($sql."<br>".mysql_error()); } } } //上傳檔案 if(isset($_FILES)){ //建立資料夾 if(!is_dir('uploads')){ mkdir('uploads'); } foreach($_FILES['files']['tmp_name'] as $i =>$tmp_name){ $ext=pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION); $new=substr(md5($_FILES['files']['name'][$i]), -5); $new_name="uploads/{$sn}_{$new}.{$ext}"; if(move_uploaded_file($tmp_name, $new_name)){ $sql="insert into eznews_files ( sn, file_name, file_size, file_type, file_new_name) values('$sn','{$_FILES['files']['name'][$i]}', '{$_FILES['files']['size'][$i]}}', '{$_FILES['files']['type'][$i]}', '{$sn}_{$new}.{$ext}')"; mysql_query($sql) or die($sql."<br>".mysql_error()); } } } } //替特殊符號加入反斜線 function check_input($value){ if (!get_magic_quotes_gpc()){ $value = addslashes($value); } return $value; } ?>