DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
275 Commits
3 Branches
110MB
Tree: 66f402eac8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '66f402eac8'
${ noResults }
DedeV6/src/plus/diy.php

133 lines
4.6KB
Raw Blame History 

  1. <?php

  2. 

  3. /**

  4.  *

  5.  * 自定义表单

  6.  *

  7.  * @version        $Id: diy.php$

  8.  * @package        DedeBIZ.Site

  9.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  10.  * @license        https://www.dedebiz.com/license

  11.  * @link           https://www.dedebiz.com

  12.  */

  13. require_once(dirname(__FILE__) . "/../include/common.inc.php");

  14. 

  15. $diyid = isset($diyid) && is_numeric($diyid) ? $diyid : 0;

  16. $action = isset($action) && in_array($action, array('post', 'list', 'view')) ? $action : 'post';

  17. $id = isset($id) && is_numeric($id) ? $id : 0;

  18. 

  19. if (empty($diyid)) {

  20.     showMsg('非法操作!', 'javascript:;');

  21.     exit();

  22. }

  23. 

  24. require_once DEDEINC . '/diyform.cls.php';

  25. $diy = new diyform($diyid);

  26. 

  27. /*----------------------------

  28. function Post(){ }

  29. ---------------------------*/

  30. if ($action == 'post') {

  31.     if (empty($do)) {

  32.         $postform = $diy->getForm(true);

  33.         include DEDEROOT . "/templets/plus/{$diy->postTemplate}";

  34.         exit();

  35.     } elseif ($do == 2) {

  36.         $dede_fields = empty($dede_fields) ? '' : trim($dede_fields);

  37.         $dede_fieldshash = empty($dede_fieldshash) ? '' : trim($dede_fieldshash);

  38.         if (!empty($dede_fields)) {

  39.             if ($dede_fieldshash != md5($dede_fields . $cfg_cookie_encode)) {

  40.                 showMsg('数据校验不对,程序返回', '-1');

  41.                 exit();

  42.             }

  43.         }

  44.         $diyform = $dsql->getOne("SELECT * from `#@__diyforms` WHERE diyid='$diyid' ");

  45.         if (!is_array($diyform)) {

  46.             showmsg('自定义表单不存在', '-1');

  47.             exit();

  48.         }

  49. 

  50.         $addvar = $addvalue = '';

  51. 

  52.         if (!empty($dede_fields)) {

  53. 

  54.             $fieldarr = explode(';', $dede_fields);

  55.             if (is_array($fieldarr)) {

  56.                 foreach ($fieldarr as $field) {

  57.                     if ($field == '') continue;

  58.                     $fieldinfo = explode(',', $field);

  59.                     if ($fieldinfo[1] == 'textdata') {

  60.                         ${$fieldinfo[0]} = FilterSearch(stripslashes(${$fieldinfo[0]}));

  61.                         ${$fieldinfo[0]} = addslashes(${$fieldinfo[0]});

  62.                     } else {

  63.                         ${$fieldinfo[0]} = GetFieldValue(${$fieldinfo[0]}, $fieldinfo[1], 0, 'add', '', 'diy', $fieldinfo[0]);

  64.                     }

  65.                     $addvar .= ', `' . $fieldinfo[0] . '`';

  66.                     $addvalue .= ", '" . ${$fieldinfo[0]} . "'";

  67.                 }

  68.             }

  69.         }

  70. 

  71.         $query = "INSERT INTO `{$diy->table}` (`id`, `ifcheck` $addvar) VALUES (NULL, 0 $addvalue); ";

  72. 

  73.         if ($dsql->ExecuteNoneQuery($query)) {

  74.             $id = $dsql->GetLastID();

  75.             if ($diy->public == 2) {

  76.                 //diy.php?action=view&diyid={$diy->diyid}&id=$id

  77.                 $goto = "diy.php?action=list&diyid={$diy->diyid}";

  78.                 $bkmsg = '发布成功,现在转向表单列表页...';

  79.             } else {

  80.                 $goto = !empty($cfg_cmspath) ? $cfg_cmspath : '/';

  81.                 $bkmsg = '发布成功,请等待管理员处理...';

  82.             }

  83.             ShowMsg($bkmsg, $goto);

  84.         }

  85.     }

  86. }

  87. /*----------------------------

  88. function list(){ }

  89. ---------------------------*/ else if ($action == 'list') {

  90.     if (empty($diy->public)) {

  91.         ShowMsg('后台关闭前台浏览', 'javascript:;');

  92.         exit();

  93.     }

  94.     include_once DEDEINC . '/datalistcp.class.php';

  95.     if ($diy->public == 2)

  96.         $query = "SELECT * FROM `{$diy->table}` ORDER BY id DESC";

  97.     else

  98.         $query = "SELECT * FROM `{$diy->table}` WHERE ifcheck=1 ORDER BY id DESC";

  99. 

  100.     $datalist = new DataListCP();

  101.     $datalist->pageSize = 10;

  102.     $datalist->SetParameter('action', 'list');

  103.     $datalist->SetParameter('diyid', $diyid);

  104.     $datalist->SetTemplate(DEDEINC . "/../templets/plus/{$diy->listTemplate}");

  105.     $datalist->SetSource($query);

  106.     $fieldlist = $diy->getFieldList();

  107.     $datalist->Display();

  108. } else if ($action == 'view') {

  109.     if (empty($diy->public)) {

  110.         showMsg('后台关闭前台浏览', 'javascript:;');

  111.         exit();

  112.     }

  113. 

  114.     if (empty($id)) {

  115.         showMsg('非法操作!未指定id', 'javascript:;');

  116.         exit();

  117.     }

  118.     if ($diy->public == 2) {

  119.         $query = "SELECT * FROM `{$diy->table}` WHERE id='$id' ";

  120.     } else {

  121.         $query = "SELECT * FROM `{$diy->table}` WHERE id='$id' AND ifcheck=1";

  122.     }

  123.     $row = $dsql->GetOne($query);

  124. 

  125.     if (!is_array($row)) {

  126.         showmsg('你访问的记录不存在或未经审核', '-1');

  127.         exit();

  128.     }

  129. 

  130.     $fieldlist = $diy->getFieldList();

  131.     include DEDEROOT . "/templets/plus/{$diy->viewTemplate}";

  132. }