|
- <?php
- /**
- *
- * 自定义表单
- *
- * @version $Id: diy.php$
- * @package DedeBIZ.Site
- * @copyright Copyright (c) 2021, DedeBIZ.COM
- * @license https://www.dedebiz.com/license
- * @link https://www.dedebiz.com
- */
- require_once(dirname(__FILE__) . "/../include/common.inc.php");
- $diyid = isset($diyid) && is_numeric($diyid) ? $diyid : 0;
- $action = isset($action) && in_array($action, array('post', 'list', 'view')) ? $action : 'post';
- $id = isset($id) && is_numeric($id) ? $id : 0;
- if (empty($diyid)) {
- showMsg('非法操作!', 'javascript:;');
- exit();
- }
- require_once DEDEINC . '/diyform.cls.php';
- $diy = new diyform($diyid);
- /*----------------------------
- function Post(){ }
- ---------------------------*/
- if ($action == 'post') {
- if (empty($do)) {
- $postform = $diy->getForm(true);
- include DEDEROOT . "/templets/plus/{$diy->postTemplate}";
- exit();
- } elseif ($do == 2) {
- $dede_fields = empty($dede_fields) ? '' : trim($dede_fields);
- $dede_fieldshash = empty($dede_fieldshash) ? '' : trim($dede_fieldshash);
- if (!empty($dede_fields)) {
- if ($dede_fieldshash != md5($dede_fields . $cfg_cookie_encode)) {
- showMsg('数据校验不对,程序返回', '-1');
- exit();
- }
- }
- $diyform = $dsql->getOne("SELECT * from `#@__diyforms` WHERE diyid='$diyid' ");
- if (!is_array($diyform)) {
- showmsg('自定义表单不存在', '-1');
- exit();
- }
- $addvar = $addvalue = '';
- if (!empty($dede_fields)) {
- $fieldarr = explode(';', $dede_fields);
- if (is_array($fieldarr)) {
- foreach ($fieldarr as $field) {
- if ($field == '') continue;
- $fieldinfo = explode(',', $field);
- if ($fieldinfo[1] == 'textdata') {
- ${$fieldinfo[0]} = FilterSearch(stripslashes(${$fieldinfo[0]}));
- ${$fieldinfo[0]} = addslashes(${$fieldinfo[0]});
- }
- //获取地址,表单添加text数据类型ip字段型后模板用<input type="hidden" name="ip" value="">
- if($fieldinfo[0] == 'ip')
- {
- ${$fieldinfo[0]}=GetIP();
- }
- //获取时间,表单添加text数据类型sj字段型后模板用<input type="hidden" name="sj" value="">
- if($fieldinfo[0] == 'sj')
- {
- ${$fieldinfo[0]}=date("Y-m-d H:i");
- } else {
- ${$fieldinfo[0]} = GetFieldValue(${$fieldinfo[0]}, $fieldinfo[1],0,'add','','diy', $fieldinfo[0]);
- }
- $addvar .= ', `' . $fieldinfo[0] . '`';
- $addvalue .= ", '" . ${$fieldinfo[0]} . "'";
- }
- }
- }
- $query = "INSERT INTO `{$diy->table}` (`id`, `ifcheck` $addvar) VALUES (NULL, 0 $addvalue); ";
- if ($dsql->ExecuteNoneQuery($query)) {
- $id = $dsql->GetLastID();
- if ($diy->public == 2)
- {
- $goto = "diy.php?action=list&diyid={$diy->diyid}";
- $bkmsg = '发布成功,现在转向表单列表页';
- } else {
- $goto = !empty($cfg_cmspath) ? $cfg_cmspath : '/';
- $bkmsg = '发布成功,请等待管理员处理';
- //提交后返回提交页面
- echo"<script>alert('提交成功');history.go(-1)</script>";
- }
- showmsg($bkmsg, $goto);
- }
- }
- }
- /*----------------------------
- function list(){ }
- ---------------------------*/
- else if ($action == 'list') {
- if (empty($diy->public)) {
- ShowMsg('后台关闭前台浏览', 'javascript:;');
- exit();
- }
- include_once DEDEINC . '/datalistcp.class.php';
- if ($diy->public == 2)
- $query = "SELECT * FROM `{$diy->table}` ORDER BY id DESC";
- else
- $query = "SELECT * FROM `{$diy->table}` WHERE ifcheck=1 ORDER BY id DESC";
- $datalist = new DataListCP();
- $datalist->pageSize = 10;
- $datalist->SetParameter('action', 'list');
- $datalist->SetParameter('diyid', $diyid);
- $datalist->SetTemplate(DEDEINC . "/../templets/plus/{$diy->listTemplate}");
- $datalist->SetSource($query);
- $fieldlist = $diy->getFieldList();
- $datalist->Display();
- } else if ($action == 'view') {
- if (empty($diy->public)) {
- showMsg('后台关闭前台浏览', 'javascript:;');
- exit();
- }
- if (empty($id)) {
- showMsg('非法操作!未指定id', 'javascript:;');
- exit();
- }
- if ($diy->public == 2) {
- $query = "SELECT * FROM `{$diy->table}` WHERE id='$id' ";
- } else {
- $query = "SELECT * FROM `{$diy->table}` WHERE id='$id' AND ifcheck=1";
- }
- $row = $dsql->GetOne($query);
-
- if (!is_array($row)) {
- showmsg('你访问的记录不存在或未经审核', '-1');
- exit();
- }
- $fieldlist = $diy->getFieldList();
- include DEDEROOT . "/templets/plus/{$diy->viewTemplate}";
- }
|
