”替换为phpcms2008分页标记“[page]”)
附加参数
info[catid] 栏目编号(请对照后台栏目管理)
vercode 安全校验码,请自行设定,本项用以防止接口被他人利用,如果需要进行更多校验,请自行填加相关代码。
*/
$vercode=''; //此处取值请自行修改
/*
可选参数
info[style] 颜色和字型,颜色取值c1至c15,加粗取值b,格式为“info[style]=c2 b”,颜色请对照后台发布信息界面
info[titleintact] 完整标题
info[thumb] 缩略图地址
info[keywords] 关键词
info[author] 作者
info[copyfrom] 来源
info[description] 摘要
info[islink] 是否转向链接,值1为是
info[linkurl] 转向链接地址
info[posids][]=1 推荐位:首页推荐
info[posids][]=2 推荐位:首页焦点
info[posids][]=3 推荐位:首页头条
info[posids][]=4 推荐位:列表页推荐
info[posids][]=5 推荐位:内容页推荐
info[groupids_view][]=1 阅读权限:管理员
info[groupids_view][]=2 阅读权限:禁用
info[groupids_view][]=3 阅读权限:游客
info[groupids_view][]=4 阅读权限:待邮件验证
info[groupids_view][]=5 阅读权限:待审核
info[groupids_view][]=6 阅读权限:注册会员
info[readpoint] 阅读所需点数
info[template]=show 内容页模板:show=文章内容页,show_down=下载内容页,show_info=信息内容页,show_picture=图片内容页,show_product=产品内容页,showmessage=提示信息
status=99 文章状态:99=发布,3=审核,2=草稿
ET发布配置-文章检查网址处,填写参考如下:
http://您的网址/etpost.php
*/
if(isset($_REQUEST['vercode'])){
if ($_REQUEST['vercode']!=$vercode){
exit("[err]invalid vercode[/err]");
}
}
define('IN_ADMIN', TRUE);
require dirname(__FILE__).'/include/admin/global.func.php';
//require dirname(__FILE__).'/include/common.inc.php';
//include/common.inc.php开始
//define('PHPCMS_ROOT', str_replace("\\", '/', substr(dirname(__FILE__), 0, -7)));
define('PHPCMS_ROOT', str_replace("\\", '/', dirname(__FILE__).'/'));
define('MICROTIME_START', microtime());
define('IN_PHPCMS', TRUE);
define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
define('TIME', time());
set_include_path(PHPCMS_ROOT.'include/');
set_magic_quotes_runtime(0);
unset($LANG, $HTTP_ENV_VARS, $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_POST_FILES, $HTTP_COOKIE_VARS);
require 'config.inc.php';
require 'global.func.php';
require 'dir.func.php';
require 'url.func.php';
require 'output.class.php';
require 'priv_group.class.php';
require 'times.class.php';
require PHPCMS_ROOT.'languages/'.LANG.'/phpcms.lang.php';
ERRORLOG ? set_error_handler('phpcms_error') : error_reporting(E_ERROR | E_WARNING | E_PARSE);
define('IP', ip());
define('HTTP_REFERER', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
define('SCRIPT_NAME', isset($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : preg_replace("/(.*)\.php(.*)/i", "\\1.php", $_SERVER['PHP_SELF']));
define('QUERY_STRING', $_SERVER['QUERY_STRING']);
define('PATH_INFO', isset($_SERVER['PATH_INFO']) ? $_SERVER['PATH_INFO'] : '');
define('DOMAIN', isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : preg_replace("/([^:]*)[:0-9]*/i", "\\1", $_SERVER['HTTP_HOST']));
define('SCHEME', $_SERVER['SERVER_PORT'] == '443' ? 'https://' : 'http://');
define('SITE_URL', SCHEME.$_SERVER['HTTP_HOST'].PHPCMS_PATH);
define('RELATE_URL', isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : SCRIPT_NAME.(QUERY_STRING ? '?'.QUERY_STRING : PATH_INFO));
define('URL', SCHEME.$_SERVER['HTTP_HOST'].RELATE_URL);
define('RELATE_REFERER',urlencode(RELATE_URL));
if(function_exists('date_default_timezone_set')) date_default_timezone_set(TIMEZONE);
header('Content-type: text/html; charset='.CHARSET);
if(CACHE_PAGE && !defined('IN_ADMIN')) cache_page_start();
if(GZIP && extension_loaded('zlib')) ini_set('zlib.output_compression', 'On');
ob_start();
$dbclass = 'db_'.DB_DATABASE;
require $dbclass.'.class.php';
$db = new $dbclass;
$db->connect(DB_HOST, DB_USER, DB_PW, DB_NAME, DB_PCONNECT, DB_CHARSET);
require 'session_'.SESSION_STORAGE.'.class.php';
$session = new session();
session_set_cookie_params(0, COOKIE_PATH, COOKIE_DOMAIN);
if($_REQUEST)
{
if(MAGIC_QUOTES_GPC)
{
$_REQUEST = new_stripslashes($_REQUEST);
if($_COOKIE) $_COOKIE = new_stripslashes($_COOKIE);
}
if(!defined('IN_ADMIN')) $_REQUEST = filter_xss($_REQUEST, ALLOWED_HTMLTAGS);
extract($db->escape($_REQUEST), EXTR_SKIP);
if($_COOKIE) $db->escape($_COOKIE);
}
if(QUERY_STRING && strpos(QUERY_STRING, '=') === false && preg_match("/^(.*)\.(htm|html|shtm|shtml)$/", QUERY_STRING, $urlvar))
{
parse_str(str_replace(array('/', '-', ' '), array('&', '=', ''), $urlvar[1]));
}
$CACHE = cache_read('common.php');
if(!$CACHE)
{
require_once 'cache.func.php';
cache_all();
$CACHE = cache_read('common.php');
}
extract($CACHE);
unset($CACHE);
if($PHPCMS['enable_ipbanned'] && ip_banned(IP)) showmessage($LANG['administrator_banned_this_IP']);
if(!defined('IN_ADMIN'))
{
if(FILTER_ENABLE && filter_word()) showmessage('The content including illegal information: '.ILLEGAL_WORD.' .');
if($PHPCMS['minrefreshtime'])
{
$cc = new times();
$cc->set('cc', $PHPCMS['minrefreshtime'], 1);
if($cc->check()) showmessage('Do not refresh the page in '.$PHPCMS['minrefreshtime'].' seconds!');
$cc->add();
unset($cc);
}
if(!isset($forward)) $forward = HTTP_REFERER;
}
$M = $TEMP = array();
if(!isset($mod)) $mod = 'phpcms';
if($mod != 'phpcms')
{
isset($MODULE[$mod]) or exit($LANG['module_not_exists']);
$langfile = defined('IN_ADMIN') ? $mod.'_admin' : $mod;
@include PHPCMS_ROOT.'languages/'.LANG.'/'.$langfile.'.lang.php';
$M = cache_read('module_'.$mod.'.php');
}
$_userid = 0;
$_username = '';
$_groupid = 3;
//$phpcms_auth = get_cookie('auth');
$action='add';
$dosubmit=true;
//ET增加登录验证
require PHPCMS_ROOT.'languages/'.LANG.'/member.lang.php';
require PHPCMS_ROOT.'member/include/member.class.php';
$member = new member();
$result = $member->login($username, $password);
if(!$result)
{
exit("[err]invalid username or password[/err]");
}
@extract($result, EXTR_PREFIX_ALL, '');
if($_groupid > 1)
{
exit("[err]you are not admin[/err]");
}
$_SESSION['is_admin'] = 1;
/*
if($phpcms_auth)
{
$auth_key = md5(AUTH_KEY.$_SERVER['HTTP_USER_AGENT']);
list($_userid, $_password) = explode("\t", phpcms_auth($phpcms_auth, 'DECODE', $auth_key));
$_userid = intval($_userid);
$sql_member = "SELECT * FROM `".DB_PRE."member_cache` WHERE `userid`=$_userid";
$r = $db->get_one($sql_member);
if(!$r && cache_member())
{
$r = $db->get_one($sql_member);
}
if($r && $r['password'] === $_password)
{
if($r['groupid'] == 2)
{
set_cookie('auth', '');
showmessage($LANG['userid_banned_by_administrator']);
}
@extract($r, EXTR_PREFIX_ALL, '');
}
else
{
$_userid = 0;
$_username = '';
$_groupid = 3;
set_cookie('auth', '');
}
unset($r, $phpcms_auth, $phpcms_auth_key, $_password, $sql_member);
}
*/
$G = cache_read('member_group_'.$_groupid.'.php');
$priv_group = new priv_group();
define('SKIN_PATH', 'templates/'.TPL_NAME.'/skins/'.TPL_CSS.'/');
define('PASSPORT_ENABLE', ($PHPCMS['uc'] || $PHPCMS['enablepassport'] || $PHPCMS['enableserverpassport']) ? 1 : 0);
//include/common.inc.php结束
require 'log.class.php';
require 'form.class.php';
require 'priv_role.class.php';
require_once 'cache.func.php';
require_once 'version.inc.php';
require PHPCMS_ROOT.'languages/'.LANG.'/phpcms_admin.lang.php';
if(!isset($file)) $file = 'index';
preg_match("/^[0-9A-Za-z_-]+$/", $file) or showmessage('Invalid Request.');
$action = isset($action) ? $action : '';
$catid = isset($catid) ? intval($catid) : 0;
$specialid = isset($specialid) ? intval($specialid) : 0;
if(!isset($forward) && str_exists(HTTP_REFERER, '?')) $forward = HTTP_REFERER;
session_start();
if($_userid && $_groupid == 1 && $_SESSION['is_admin'] == 1)
{
$ROLE = cache_read('role.php');
$GROUP = cache_read('member_group.php');
$POS = cache_read('position.php');
$STATUS = cache_read('status.php');
// $_roleid = cache_read('admin_role_'.$_userid.'.php');
// if(!$_roleid) showmessage('您没有任何角色权限!');
// $priv_role = new priv_role();
// if(!$priv_role->module()) showmessage('您没有操作权限!');
}
/*elseif($file != 'login')
{
showmessage('请登录!', '?mod=phpcms&file=login&forward='.urlencode(URL),1,1);
}*/
$log = new log();
if(ADMIN_LOG && $file != 'database' && !in_array($action, array('get_menu_list', 'menu_pos')))
{
$log->set('admin', 0);
$log->add();
}
//if($mod != 'phpcms' && !@include PHPCMS_ROOT.$M['path'].'admin/admin.inc.php') showmessage('The file ./'.$M['path'].'admin.inc.php is not exists!');
if($mod != 'phpcms' && !@include PHPCMS_ROOT.$M['path'].'admin/admin.inc.php') exit('[err]The file ./'.$M['path'].'admin.inc.php is not exists! [/err]');
//if(!@include PHPCMS_ROOT.(isset($M['path']) ? $M['path'] : '').'admin/'.$file.'.inc.php') exit("[err]The file ./{$M['path']}admin/{$file}.inc.php is not exists![/err]");
defined('IN_PHPCMS') or exit("Access Denied");
require_once 'admin/process.class.php';
require_once 'admin/content.class.php';
require_once 'attachment.class.php';
$c = new content();
if(is_numeric($contentid))
{
$data = $c->get($contentid);
$catid = $data['catid'];
$modelid = $CATEGORY[$catid]['modelid'];
}
$catid=$info['catid']; //ET增加
if(!isset($catid) || !isset($CATEGORY[$catid])) showmessage('缺少 catid 参数!');
extract(cache_read('category_'.$catid.'.php'));
if($type == 2)
{
if($action == 'manage') $action = 'link';
}
elseif($type == 1)
{
if($action == 'manage') $action = 'block';
}
else
{
/*
$allow_manage = $priv_role->check('catid', $catid, 'manage');
$allow_add = $allow_manage ? true : $priv_role->check('catid', $catid, 'add');
$allow_check = $allow_manage ? true : $priv_role->check('catid', $catid, 'check');
$allow_view = $allow_manage ? true : $priv_role->check('catid', $catid, 'view');
*/
$allow_manage = true;
$allow_add = true ;
$allow_check =false;
$allow_view = false;
$attachment = new attachment($mod, $catid);
$p = new process($workflowid);
$PROCESS = cache_read('process_'.$workflowid.'.php');
$submenu = $allowprocessids = array();
if($allow_add)
{
$submenu[] = array('发布信息', '?mod='.$mod.'&file='.$file.'&action=add&catid='.$catid);
$submenu[] = array('我发布的信息', '?mod='.$mod.'&file='.$file.'&action=my&catid='.$catid);
}
if($allow_check)
{
foreach($PROCESS as $pid=>$processname)
{
if($priv_role->check('processid', $pid))
{
$allow_processids[] = $pid;
$submenu[] = array($processname, '?mod='.$mod.'&file='.$file.'&action=check&catid='.$catid.'&processid='.$pid);
}
}
}
if($allow_manage)
{
$submenu[] = array('管理', '?mod='.$mod.'&file='.$file.'&action=manage&catid='.$catid);
$submenu[] = array('回收站', '?mod='.$mod.'&file='.$file.'&action=recycle&catid='.$catid);
$submenu[] = array('碎片', '?mod='.$mod.'&file='.$file.'&action=block&catid='.$catid);
}
elseif($allow_view)
{
$submenu[] = array('浏览', '?mod='.$mod.'&file='.$file.'&action=browse&catid='.$catid);
}
$submenu[] = array('搜索', '?mod='.$mod.'&file='.$file.'&action=search&catid='.$catid);
$menu = admin_menu($CATEGORY[$catid]['catname'].' 栏目管理', $submenu);
if(!isset($processid) || !in_array($processid, $allow_processids)) $processid = $allow_processids[0];
}
switch($action)
{
case 'add':
//if(!$priv_role->check('catid', $catid, 'add') && !$allow_manage) showmessage('无发布权限!');
if($dosubmit)
{
$info['status'] = ($status == 2 || $status == 3) ? $status : ($allow_manage ? 99 : 3);
$contentid = $c->add($info,$cat_selected);
//if($contentid) showmessage('发布成功!', '?mod=phpcms&file=content&action=add&catid='.$catid);
if($contentid){
exit("[ok]");}
else{
exit("[err]post failed[/err]");
}
}
else
{
$data['catid'] = $catid;
$data['template'] = isset($template_show) ? $template_show :$MODEL[$modelid]['template_show'];
require CACHE_MODEL_PATH.'content_form.class.php';
$content_form = new content_form($modelid);
$forminfos = $content_form->get($data);
require_once 'tree.class.php';
foreach($CATEGORY as $cid=>$c)
{
if($c['module'] != $mod || $c['type'] > 0) continue;
$checkbox = $c['child'] ? '' : '';
$cats[$cid] = array('id'=>$cid, 'parentid'=>$c['parentid'], 'name'=>$c['catname'], 'checkbox'=>$checkbox);
}
$str = "| \$spacer\$name | \$checkbox |
";
$tree = new tree($cats);
$categorys = $tree->get_tree(0, $str);
$pagetitle = $CATEGORY[$catid]['catname'].'-发布';
include admin_tpl('content_add');
}
break;
/*
case 'edit':
if($dosubmit)
{
$c->edit($contentid, $info);
showmessage('修改成功!', $forward);
}
else
{
require CACHE_MODEL_PATH.'content_form.class.php';
$content_form = new content_form($modelid);
$forminfos = $content_form->get($data);
include admin_tpl('content_edit');
}
break;
case 'view':
if(!$priv_role->check('catid', $catid, 'view') && !$allow_manage) showmessage('无查看权限!');
require_once CACHE_MODEL_PATH.'content_output.class.php';
$coutput = new content_output();
$info = $coutput->get($data);
include admin_tpl('content_view');
break;
case 'log_list':
$ACTION = array('add'=>'发布', 'edit'=>'修改', 'delete'=>'删除');
$content = $c->get($contentid);
extract($content);
$log->set('contentid', $contentid);
$data = $log->listinfo($where, $page, 20);
include admin_tpl('content_log');
break;
case 'my':
if(!$allow_add) showmessage('无发布权限!');
$c->set_userid($_userid);
$status = isset($status) ? intval($status) : -1;
$where = "`catid`=$catid ";
if($status != -1) $where .= " AND `status`='$status'";
$infos = $c->listinfo($where, 'listorder DESC,contentid DESC', $page, 20);
$pagetitle = '我的信息-管理';
include admin_tpl('content_my');
break;
case 'my_contribute':
$c->set_userid($_userid);
$contentid = $c->contentid($contentid, array(0, 1, 2));
$c->status($contentid, 3);
showmessage('操作成功!', $forward);
break;
case 'my_cancelcontribute':
$c->set_userid($_userid);
$contentid = $c->contentid($contentid, array(3));
$c->status($contentid, 2);
showmessage('操作成功!', $forward);
break;
case 'my_edit':
$c->set_userid($_userid);
$contentid = $c->contentid($contentid, array(0, 1, 2, 3));
if($dosubmit)
{
$c->edit($contentid, $info);
showmessage('修改成功!', $forward);
}
else
{
require CACHE_MODEL_PATH.'content_form.class.php';
$content_form = new content_form($modelid);
$forminfos = $content_form->get($data);
include admin_tpl('content_edit');
}
break;
case 'my_delete':
$c->set_userid($_userid);
$contentid = $c->contentid($contentid, array(0, 1, 2, 3));
$c->delete($contentid);
showmessage('操作成功!', $forward);
break;
case 'my_view':
$c->set_userid($_userid);
$contentid = $c->contentid($contentid, array(0, 1, 2, 3));
require_once CACHE_MODEL_PATH.'content_output.class.php';
$coutput = new content_output();
$info = $coutput->get($data);
include admin_tpl('content_view');
break;
case 'check':
$allow_status = $p->get_process_status($processid);
if(!isset($status) || !in_array($status, $allow_status)) $status = -1;
$where = "`catid`=$catid ";
$where .= $status == -1 ? " AND `status` IN(".implode(',', $allow_status).")" : " AND `status`='$status'";
$infos = $c->listinfo($where, 'listorder DESC,contentid DESC', $page, 20);
$process = $p->get($processid, 'passname,passstatus,rejectname,rejectstatus');
extract($process);
$pagetitle = $CATEGORY[$catid]['catname'].'-审核';
include admin_tpl('content_check');
break;
case 'browse':
$where = "`catid`=$catid AND `status`=99";
$infos = $c->listinfo($where, 'listorder DESC,contentid DESC', $page, 20);
include admin_tpl('content_browse');
break;
case 'search':
if($dosubmit)
{
require CACHE_MODEL_PATH.'content_search.class.php';
$content_search = new content_search();
$infos = $content_search->data($page, 20);
include admin_tpl('content_search_list');
}
else
{
require CACHE_MODEL_PATH.'content_search_form.class.php';
$content_search_form = new content_search_form();
$forminfos = $content_search_form->get_where();
$orderfields = $content_search_form->get_order();
$pagetitle = $CATEGORY[$catid]['catname'].'-搜索';
include admin_tpl('content_search');
}
break;
case 'recycle':
if(!$allow_manage) showmessage('无管理权限!');
$infos = $c->listinfo("catid=$catid AND status=0", 'listorder DESC,contentid DESC', $page, 20);
$pagetitle = $CATEGORY[$catid]['catname'].'-回收站';
include admin_tpl('content_recycle');
break;
case 'pass':
if(!$priv_role->check('catid', $catid, 'check') && !$allow_manage) showmessage('无审核权限!');
$allow_status = $p->get_process_status($processid);
if($contentid=='') showmessage('请选择要批准的内容');
$contentid = $c->contentid($contentid, 0, $allow_status);
$process = $p->get($processid, 'passstatus');
$c->status($contentid, $process['passstatus']);
showmessage('操作成功!', $forward);
break;
case 'reject':
if(!$priv_role->check('catid', $catid, 'check') && !$allow_manage) showmessage('无审核权限!');
$allow_status = $p->get_process_status($processid);
if($contentid=='') showmessage('请选择要批准的内容');
$contentid = $c->contentid($contentid, 0, $allow_status);
$process = $p->get($processid, 'rejectstatus');
$c->status($contentid, $process['rejectstatus']);
showmessage('操作成功!', $forward);
break;
case 'cancel':
if(!$allow_manage) showmessage('无管理权限!');
$c->status($contentid, 0);
showmessage('操作成功!', $forward);
break;
case 'delete':
if(!$allow_manage) showmessage('无管理权限!');
$c->delete($contentid);
showmessage('操作成功!', $forward);
break;
case 'clear':
if(!$allow_manage) showmessage('无管理权限!');
$c->clear();
showmessage('操作成功!', $forward);
break;
case 'restore':
if(!$allow_manage) showmessage('无管理权限!');
$c->restore($contentid);
showmessage('操作成功!', $forward);
break;
case 'restoreall':
if(!$allow_manage) showmessage('无管理权限!');
$c->restoreall();
showmessage('操作成功!', $forward);
break;
case 'listorder':
$result = $c->listorder($listorders);
if($result)
{
showmessage('操作成功!', $forward);
}
else
{
showmessage('操作失败!');
}
break;
case 'link':
if($dosubmit)
{
require_once 'admin/category.class.php';
$cat = new category($mod);
$cat->link($catid, $category);
showmessage('操作成功!', $forward);
}
else
{
include admin_tpl('content_link');
}
break;
case 'block':
if($type == 0)
{
$page = max(intval($page), 1);
if($tpl == 'category')
{
if($child == 1)
{
$arrchildid = subcat('phpcms', $catid);
$template = $template_category;
}
else
{
$template = $template_list;
}
}
elseif($tpl == 'show')
{
$template = $MODEL[$modelid]['template_show'];
}
else
{
$template = $template_list;
}
}
elseif($type == 2)
{
header('location:'.$url);
}
$catlist = submodelcat($modelid);
$arrparentid = explode(',', $arrparentid);
$parentid = $arrparentid[1];
$head['title'] = $catname;
$head['keywords'] = $meta_keywords;
$head['description'] = $meta_description;
include admin_template('phpcms', $template);
include admin_tpl('block_ajax', 'phpcms');
break;
case 'category':
$catid = intval($catid);
if(!isset($CATEGORY[$catid])) showmessage('访问的栏目不存在!');
$C = cache_read('category_'.$catid.'.php');
extract($C);
if($type == 1)
{
$template = $C['template'];
}
elseif($type == 2)
{
header('location:'.$url);
}
else
{
$page = max(intval($page), 0);
if($page == 0)
{
$template = $C['template_category'];
$categorys = $child ? subcat('phpcms', $catid, 0) : array();
}
else
{
$template = $C['template_list'];
}
}
$head['title'] = $catname;
$head['keywords'] = $meta_keywords;
$head['description'] = $meta_description;
define('BLOCK_EDIT', 1);
include template('phpcms', $template);
break;
default:
require_once 'admin/model_field.class.php';
$model_field = new model_field($modelid);
$where = "`catid`=$catid AND `status`=99 ";
if($typeid) $where .= " AND `typeid`='$typeid' ";
if($areaid) $where .= " AND `areaid`='$areaid' ";
if($inputdate_start) $where .= " AND `inputtime`>='".strtotime($inputdate_start.' 00:00:00')."'"; else $inputdate_start = date('Y-m-01');
if($inputdate_end) $where .= " AND `inputtime`<='".strtotime($inputdate_end.' 23:59:59')."'"; else $inputdate_end = date('Y-m-d');
if($q)
{
if($field == 'title')
{
$where .= " AND `title` LIKE '%$q%'";
}
elseif($field == 'userid')
{
$userid = intval($q);
if($userid) $where .= " AND `userid`=$userid";
}
elseif($field == 'username')
{
$userid = userid($q);
if($userid) $where .= " AND `userid`=$userid";
}
elseif($field == 'contentid')
{
$contentid = intval($q);
if($contentid) $where .= " AND `contentid`=$contentid";
}
}
$infos = $c->listinfo($where, '`listorder` DESC,`contentid` DESC', $page, 20);
$pagetitle = $CATEGORY[$catid]['catname'].'-管理';
$POS[0] = '不限推荐位';
include admin_tpl('content_manage');
*/
}
?>