Your IP : 216.73.216.170
<?php
$inc_path = "../../haibo/en/";$ua_sm_compile_dir = "newmember/";
require($inc_path."global.php");
require("session.php");$tb_prefix= $_SESSION['Version']."_";
require($inc_path .APP_NAME. 'configs/db_session.php');
if($_SESSION['Version']=="en")setvar("imgpath", "../../upload/".$_SESSION['MemberName']."/");else setvar("imgpath", "../../".$_SESSION['Version']."/upload/".$_SESSION['MemberName']."/");
uses("setting","company","section","member");
$member = new Members();
$setting = new Settings();
$section= new Newsection();
$company= new Companies();
$tpl_file = "section_list";
$conditions = " member_id = ".$_SESSION['MemberID'];
$sql = "select * from ".$_SESSION['Version']."_newsection where ".$conditions;
$res = $g_db->GetArray($sql);
$company_id = $company->field("id", "member_id=".$_SESSION['MemberID']);
setvar("sectionlist",$res);
if($_GET['sc']){
header("Location:sectioncontent.php?action=mod&id=".$_GET['sc']);
exit;
}
if ($_GET['action']=="mod") {
if(isset($_GET['id']))
{$conditions = "member_id = ".$_SESSION['MemberID'];
$sql = "select * from ".$_SESSION['Version']."_img where section_id = ".$_GET['id']." and member_id = ".$_SESSION['MemberID']." order by img_range DESC
";
setvar("s",$_GET['id']);
setvar("p",$_GET['id']);
$res = $g_db->GetArray($sql);
setvar("imglist",$res);
$sql = "select * from ".$_SESSION['Version']."_newsection where id = ".$_GET['id']." and member_id = ".$_SESSION['MemberID']."
";
$res = $g_db->GetArray($sql);
setvar("sn",$res[0]);
$res = $g_db->GetArray($sql);
setvar("pd",$res[0]);
$sql = "select * from ".$_SESSION['Version']."_newsection where ".$conditions." and id=".$_GET['id'];
$res = $g_db->GetArray($sql);
$res[0]['content']=stripslashes($res[0]['content']);
$res[0]['content']=html_entity_decode($res[0]['content']);
setvar("SectionInfo",$res[0]);
}else{$res[0]['content']=html_entity_decode($res[0]['content']);}
$tpl_file = "section_edit";
}
if ($_GET['act'] == "del" && !empty($_GET['id'])) {
$sql="select img from ".$_SESSION['Version']."_newsection where id=".$_GET['id']."";
$rr = $g_db->GetAll($sql);
foreach($rr as $k=>$v){
if($_SESSION['Version']=="en") {
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
} else {
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
}
}
$res = $section->read("id",$_GET['id']);
if($res){
if($section->del($_GET['id'], "member_id=".$_SESSION['MemberID'])){
flash("./tip.php","./newsection.php", $cfg['room']['action_complete']);
}else {
flash("./tip.php","./newsection.php", $cfg['room']['not_defined_error']);
}
}
}
if (isset($_POST['action'])) {
if($_POST['action']=="section_edit"){
$vals = array();
$pid = intval($_POST['id']);
if (!empty($_FILES['pic']['name'])) {
require(LIB_PATH.'controllers/upload.inc.php');
$f = $_FILES['pic'];
require(LIB_PATH.'controllers/GDImage.inc.php');
ini_set("memory_limit", "32M");
$check_path = uaCheckMediaPath('..'.DS.'..'.DS.$_SESSION['MemberName'].DS.$_SESSION['Version'].DS.$_SESSION['MemberName'].DS."section".DS);
$file_ext = fileext($f['name']);
if($_SESSION['Version']=='en'){$p_name=$_POST['name'];
$p_name = str_replace(" ","",$p_name);
$p_name = str_replace("&","",$p_name);
$p_name = str_replace(",","",$p_name);
$p_name = str_replace("/","",$p_name);
$p_name = str_replace(".","",$p_name);
$p_name = str_replace("%","",$p_name);
$p_name = str_replace("(","",$p_name);
$p_name = str_replace(")","",$p_name);
$p_name = str_replace("#","",$p_name);
$p_name = str_replace("@","",$p_name);
$p_name = str_replace("*","",$p_name);
$p_name = str_replace("=","",$p_name);
$p_name = str_replace(":","",$p_name);
$p_name = str_replace("-","",$p_name);
$p_name = str_replace("_","",$p_name);
$p_name = str_replace("!","",$p_name);
$p_name = str_replace("?","",$p_name);
$p_name = str_replace("\'","",$p_name);
$p_name = str_replace("\"","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("+","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("`","",$p_name);
$p_name = str_replace("$","",$p_name);
$p_name = str_replace("[","",$p_name);
$p_name = str_replace("]","",$p_name);
$p_name = str_replace("“","",$p_name);
$p_name = str_replace("”","",$p_name);
$p_name = str_replace(",","",$p_name);
$p_name=strtolower($p_name);
$this_product_pic = $_SESSION['MemberID']."_page_".$p_name."_".$time_stamp.$file_ext;}
else $this_product_pic = $_SESSION['MemberID']."_page_".$time_stamp.$file_ext;
$u = new upload($f['name']);
if($u->checkImage()){
$uploade_file = move_uploaded_file($f['tmp_name'],$check_path.$this_product_pic);
}else{
flash("./tip.php","./newsection.php", $cfg['room']['pic_upload_error'],0);
}
if(!$uploade_file){
flash("./tip.php","./newsection.php",$cfg['room']['pic_upload_false'],0);
}else {
$oldfile = substr($check_path,0,-7).$_POST['oldimgname'];
$oldfile = str_replace("\\","/",$oldfile);
@unlink($oldfile);
$oldsmallfile = substr($check_path,0,-11)."small".DS.$_POST['oldimgname'];
@unlink(str_replace("\\","/",$oldsmallfile));
}
$image = new GDImage2($check_path,uaCheckMediaPath('..'.DS.'..'.DS.$_SESSION['MemberName'].DS.$_SESSION['Version'].DS.$_SESSION['MemberName'].DS."section".DS,"small".DS));
$image->makeThumb($this_product_pic);
$set_watermark = $setting->field("ab","aa='watermark'");
if($set_watermark && empty($pid)){
$water_text = $setting->field("ab","aa='watertext'");
$water_color = $setting->field("ab","aa='watercolor'");
if (empty($water_text)) {
$water_text = URL;
}
require($inc_path .APP_NAME. 'include/inc.imageWaterMark.php');
imageWaterMark($check_path.$this_product_pic,8,"",$water_text,5,$water_color);
}
}
if(!empty($this_product_pic)) {
$sql="select img from ".$_SESSION['Version']."_newsection where id=".$pid."";
$rr = $g_db->GetAll($sql);
foreach($rr as $k=>$v){
if($_SESSION['Version']=="en") {
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
} else {
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
}
}
$vals['img'] = $this_product_pic;
}
if($_POST['pic_del']==1){
$sql="select img from ".$_SESSION['Version']."_newsection where id=".$pid."";
$rr = $g_db->GetAll($sql);
foreach($rr as $k=>$v){
if($_SESSION['Version']=="en") {
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
} else {
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
}
}
$vals['img']='';
}
$vals['name'] = stripslashes(trim($_POST['name']));
$vals['name2'] = stripslashes(trim($_POST['name']));
$vals['title'] = stripslashes(trim($_POST['title']));
$vals['beizu1'] = stripslashes(trim($_POST['beizu1']));
$vals['des'] = stripslashes(trim($_POST['des']));
$vals['keyword'] = stripslashes(trim($_POST['keyword']));
$vals['content'] = htmlspecialchars($_POST['desmore']);
array_walk($vals,"uatrim");
if (empty($company_id)) {
flash("./tip.php","./newsection.php", $cfg['room']['re_complete_corp'],0);
}
if (!empty($pid)) {
$result = $section->save($vals, "update", $pid, null,'');
}else {
$vals['member_id'] = $_SESSION['MemberID'];
$vals['company_id'] = $company_id;
$vals['created'] = $time_stamp;
$result = $section->save($vals);
}
if ($result) {
$message_info = $cfg['room']['action_complete'];
flash("./tip.php","./newsection.php",$cfg['room']['action_complete']);
}else {
flash("./tip.php","./newsection.php",$cfg['room']['not_defined_error'],0);
}
}
}
include("head.php");template("newmember/".$tpl_file);
?>