Your IP : 216.73.216.170
<?php
$inc_path = "../../haibo/en/";$ua_sm_compile_dir = "newmember/";
require($inc_path."global.php");
require("session.php");$tb_prefix= $_SESSION['Version']."_";
//ini_set('display_errors','On');
//error_reporting(E_ALL);
uaCheckPermission(2);
require($inc_path.APP_NAME.'include/page.php');
uses("member","companynews", "company","newstype");
$member = new Members();
$newstype = new Newstypes();
$companynews = new Companynewses();
$company = new Companies;
$tables = $companynews->getTable(true);
$tpl_file = "news";
$company_id = $company->field("id", "member_id=".$_SESSION['MemberID']);
$conditions = "member_id=".$_SESSION['MemberID'];
if (empty($company_id)){
gotoUrl("./company.php");
}
if ($_GET['action'] == "mod") {
if(!empty($_GET['id'])){
$res = $companynews->read("Companynews.id AS ID,type_id AS TypeId,title AS Title,status AS Status ,content AS Content,des AS Newsdes,keywords AS Keywords,beizu_pid AS BeizuPid,beizu_youtube AS BeizuYoutube,created AS CreateDate,picture",$_GET['id']);
$res['Content']= stripslashes($res['Content']);
$res['Content']= html_entity_decode($res['Content']);
setvar("NewsInfo",$res);
setvar("ShowCaption","none");
$aaa =$newstype->findAll("id AS ID,name AS Name","member_id=".$_SESSION['MemberID'] );
setvar("NewsTypes",$aaa);
}else{
$aaa =$newstype->findAll("id AS ID,name AS Name","member_id=".$_SESSION['MemberID'] );
if(count($aaa)==0){flash("./tip.php","./newstype.php","请添加一个类别");
}
setvar("NewsTypes",$aaa);
$bbb=array();
$bbb['TypeId']=$sid;
setvar("NewsInfo",$bbb);
$res['Content']= html_entity_decode($res['Content']);
}
$tpl_file = "news_edit";
}
if (isset($_POST['save'])) {
require(LIB_PATH.'controllers/upload.inc.php');
require(LIB_PATH.'controllers/GDImage.inc.php');
require($inc_path .APP_NAME. 'include/inc.imageWaterMark.php');
$vals=$_POST['news'];
if(!empty($_FILES['picture']['name'])) {
$f = $_FILES['picture'];
ini_set("memory_limit", "32M");
$check_path = uaCheckMediaPath('..'.DS.'..'.DS.$_SESSION['MemberName'].DS.$_SESSION['Version'].DS.$_SESSION['MemberName'].DS."news".DS);
$file_ext = fileext($f['name']);
if($_SESSION['Version']=='en'){$p_name=$_POST['title'];
$p_name = str_replace(" ","",$p_name);
$p_name = str_replace("&","",$p_name);
$p_name = str_replace(",","",$p_name);
$p_name = str_replace("/","",$p_name);
$p_name = str_replace(".","",$p_name);
$p_name = str_replace("%","",$p_name);
$p_name = str_replace("(","",$p_name);
$p_name = str_replace(")","",$p_name);
$p_name = str_replace("#","",$p_name);
$p_name = str_replace("@","",$p_name);
$p_name = str_replace("*","",$p_name);
$p_name = str_replace("=","",$p_name);
$p_name = str_replace(":","",$p_name);
$p_name = str_replace("-","",$p_name);
$p_name = str_replace("_","",$p_name);
$p_name = str_replace("!","",$p_name);
$p_name = str_replace("?","",$p_name);
$p_name = str_replace("\'","",$p_name);
$p_name = str_replace("\"","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("+","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("`","",$p_name);
$p_name = str_replace("$","",$p_name);
$p_name = str_replace("[","",$p_name);
$p_name = str_replace("]","",$p_name);
$p_name = str_replace("“","",$p_name);
$p_name = str_replace("”","",$p_name);
$p_name = str_replace(",","",$p_name);
$p_name=strtolower($p_name);
$this_product_pic = $_SESSION['MemberID']."_news_".$p_name."_".$time_stamp.$file_ext;}
else $this_product_pic = $_SESSION['MemberID']."_news_".$time_stamp.$file_ext;
$u = new upload($f['name']);
if($u->checkImage()){
$uploade_file = move_uploaded_file($f['tmp_name'],$check_path.$this_product_pic);
}else{
flash("./tip.php","./news.php?id=".$_POST['newsid'], $cfg['room']['pic_upload_error'],0);
}
if(!$uploade_file){
flash("./tip.php","./news.php?id=".$_POST['newsid'],$cfg['room']['pic_upload_false'],0);
}
$image = new GDImage2($check_path,uaCheckMediaPath('..'.DS.'..'.DS.$_SESSION['MemberName'].DS.$_SESSION['Version'].DS.$_SESSION['MemberName'].DS."companynewses".DS,"small".DS));
$image2 = new GDImage2($check_path,uaCheckMediaPath('..'.DS.'..'.DS.$_SESSION['MemberName'].DS.$_SESSION['Version'].DS.$_SESSION['MemberName'].DS."companynewses".DS,"middle".DS));
$sql = "select width_pic,height_pic from members
WHERE id=".$_SESSION['MemberID'];
$res = $g_db->GetArray($sql);
$arr=getimagesize($check_path.$this_product_pic);
if($arr[0]>=$arr[1]){
$image->makeThumb($this_product_pic,300,'',$res[0]['width_pic'],$res[0]['height_pic']);
$image2->makeThumb($this_product_pic,300);}else{$image->makeThumb($this_product_pic,300,'',$res[0]['width_pic'],$res[0]['height_pic']);
$image2->makeThumb($this_product_pic,300);}
if(!empty($this_product_pic)) {
$sql="select picture from ".$_SESSION['Version']."_companynewses where id='".$_GET['id']."'";
$rr = $g_db->GetAll($sql);
foreach($rr as $k=>$v){
if($_SESSION['Version']=="en") {
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['picture']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['picture']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['picture']);
} else {
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['picture']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['picture']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['picture']);
}
}
$vals['picture'] = $this_product_pic;
}
}
if($_POST['pic_del']==1)
{
$sql="select picture from ".$_SESSION['Version']."_companynewses where id=".$_POST['newsid']."";
$rr = $g_db->GetAll($sql);
foreach($rr as $k=>$v){
if($_SESSION['Version']=="en") {
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['picture']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['picture']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['picture']);
} else {
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['picture']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['picture']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['picture']);
}
}
$vals['picture']='';
}
$vals['title'] = stripslashes(trim($_POST['title']));
$vals['content']= htmlspecialchars($_POST['des']);
$vals['type_id']=$_POST['sort'];
$vals['title2'] = stripslashes(trim($_POST['title']));
$vals['keywords'] = stripslashes($_POST['keywords']);
$vals['beizu_pid'] = stripslashes($_POST['beizu_pid']);
$vals['beizu_youtube'] = stripslashes($_POST['beizu_youtube']);
$vals['des'] = stripslashes(trim($_POST['newsdes']));
array_walk($vals,"uatrim");
if(!empty($_POST['newsid'])){
$vals['modified'] = $time_stamp;
$companynews->save($vals, "update",$_POST['newsid'],null, " and member_id=".$_SESSION['MemberID']);
flash("./tip.php", "./news.php",$cfg['room']['action_complete']);
}else {
$vals['created'] = $time_stamp;
$vals['member_id'] = $_SESSION['MemberID'];
$vals['company_id'] = $company_id;
$result = $companynews->save($vals);
flash("./tip.php", "./news.php",$cfg['room']['action_complete']);
}
}
if ($_POST['del']) {
$ids=implode(',',$_POST['newsid']);
$sql="select picture from ".$_SESSION['Version']."_companynewses where id in (".$ids.")";
$rr = $g_db->GetAll($sql);
foreach($rr as $k=>$v){
if($_SESSION['Version']=="en") {
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['picture']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['picture']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['picture']);
} else {
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['picture']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['picture']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['picture']);
}
}
$sql="DELETE FROM `".$_SESSION['Version']."_companynewses` WHERE `id` in (".$ids.")";
$res = $g_db->Query($sql);
if ($res) {
flash("./tip.php", "./news.php",$cfg['room']['action_complete']);
}else {
flash("./tip.php", "./news.php",$cfg['room']['not_defined_error']);
}
}
$tmpamount = $companynews->findCount($conditions);
pageft($tmpamount,20);
$sql = "select News.title as CompanynewsTitle,News.status as CompanynewsStatus,News.created as CompanynewsCreated,News.id as CompanynewsId,News.type_id,en_newstypes.name FROM ".$_SESSION['Version']."_companynewses AS News left join en_newstypes on en_newstypes.id=News.type_id WHERE News.".$conditions." order by News.id desc";
$res = $g_db->GetArray($sql);
function build_pagelinks($record) {
$nav = array();
if ( ($record['TOTAL_POSS'] % $record['PER_PAGE']) == 0 ){
$page_num = $record['TOTAL_POSS'] / $record['PER_PAGE'];
} else {
$page_num = ceil($record['TOTAL_POSS'] / $record['PER_PAGE']);
}
$page_num--;
if($record['CUR_ST'] == 0) {
$nav['first'] = "<a href='#'>First</a>";
$nav['last'] = "<a href='#'>前一页</a>";
$nav['all'] = "<a href='{$record['BASE_URL']}&all=1'>全部</a>";
}else{
$nav['first'] = "<a href='{$record['BASE_URL']}&st=0'>First</a>";
$nav['last'] = "<a href='{$record['BASE_URL']}&st=".($record['CUR_ST']-1)."'>前一页</a>";
}
if($record['CUR_ST'] >= $page_num) {
$nav['end'] = "<a href='#'>Last</a>";
$nav['next'] = "<a href='#'>后一页</a>";
} else {
$nav['end'] = "<a href='{$record['BASE_URL']}&st={$page_num}'>Last</a>";
$nav['next'] = "<a href='{$record['BASE_URL']}&st=".($record['CUR_ST']+1)."'>后一页</a>";
}
for($i=0; $i<=$page_num; $i++){if($i == $record['CUR_ST']){$nav['dot_page'] .= "".($i+1)." ";}
else
{$nav['dot_page'] .="<a href='{$record['BASE_URL']}&st=$i'>".($i+1)."</a> ";;
}
}
$nav['jump_page'] = "<select onchange=\"javascript:window.location='{$record['BASE_URL']}&st=' + this.options[this.selectedIndex].value\">\n";
for($i=0; $i<=$page_num; $i++){
$nav['jump_page'] .= " <option value={$i}";
if($i == $record['CUR_ST']){
$nav['jump_page'] .= " selected";
}
$nav['jump_page'] .= ">The ".($i+1)." page</option>\n";
}
$nav['jump_page'] .= "</select>";
return "{$nav['last']} {$nav['dot_page']} {$nav['next']} ";
}
$base_url= 'news.php?';
$page_num=20;
$st=$_GET['st'];
if($st=='')$st=0;
$pages = build_pagelinks(array( 'TOTAL_POSS' => count($res),
'PER_PAGE' => $page_num,
'CUR_ST' => $st,
'BASE_URL' => $base_url
)
);
$sql = "select News.title as CompanynewsTitle,News.status as CompanynewsStatus,News.created as CompanynewsCreated,News.id as CompanynewsId,News.type_id,en_newstypes.name FROM ".$_SESSION['Version']."_companynewses AS News left join en_newstypes on en_newstypes.id=News.type_id WHERE News.".$conditions." order by News.id desc LIMIT ".$st*$page_num.','.$page_num; setvar("pages",$pages);
$res = $g_db->GetArray($sql);
for ($i = 0; $i < count($res); $i++){
}
setvar("News",$res);
setvar("is_index",$_SESSION['is_index']);
setvar("CheckStatus", $product->check_status);
uaAssign(array("Amount"=>$amount,"ByPages"=>$pagenav,"Msg"=>$msg,"Remain"=>($remain)));
include("head.php");
template("newmember/".$tpl_file);
?>