DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1369 Commits
3 Branches
110MB
Tree: a343e44973
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a343e44973'
${ noResults }
DedeV6/src/apps/feedback.php

247 lines
8.9KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 评论

  4.  *

  5.  * @version        $id:feedback.php$

  6.  * @package        DedeBIZ.Site

  7.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/../system/common.inc.php");

  12. if ($cfg_feedback_forbid == 'Y') {

  13.     echo json_encode(array(

  14.         "code" => -1,

  15.         "msg" => "系统已经禁止评论功能",

  16.         "data" => null,

  17.     ));

  18.     exit();

  19. }

  20. require_once(DEDEINC."/filter.inc.php");

  21. if (!isset($action)) {

  22.     $action = '';

  23. }

  24. $msg = isset($msg) ? $msg : "";

  25. $feedbacktype = isset($feedbacktype) ? $feedbacktype : "";

  26. $validate = isset($validate) ? $validate : "";

  27. $pwd = isset($pwd) ? $pwd : "";

  28. $comtype = isset($comtype) ? $comtype : "";

  29. $good = isset($good) ? intval($good) : 0;

  30. $cfg_formmember = isset($cfg_formmember) ? true : false;

  31. $ischeck = $cfg_feedbackcheck == 'Y' ? 0 : 1;

  32. $aid = isset($aid) ? intval($aid) : 0;

  33. $fid = isset($fid) ? intval($fid) : 0; //用来标记回复评论的变量

  34. if (empty($aid) && empty($fid)) {

  35.     echo json_encode(array(

  36.         "code" => -1,

  37.         "msg" => "文档id不能为空",

  38.         "data" => null,

  39.     ));

  40.     exit();

  41. }

  42. include_once(DEDEINC."/memberlogin.class.php");

  43. $cfg_ml = new MemberLogin();

  44. //查看评论

  45. if ($action == '' || $action == 'show') {

  46.     //读取文档信息

  47.     $arcRow = GetOneArchive($aid);

  48.     if (empty($arcRow['aid'])) {

  49.         echo json_encode(array(

  50.             "code" => -1,

  51.             "msg" => "无法查看未知文档的评论",

  52.             "data" => null,

  53.         ));

  54.         exit();

  55.     }

  56.     $where_sql = "WHERE 1=1";

  57.     if (!empty($fid)) {

  58.         $where_sql .= " AND fb.fid={$fid}";

  59.     }

  60.     if (!empty($aid)) {

  61.         $where_sql .= " AND fb.aid={$aid}";

  62.     }

  63.     //调用20条热评

  64.     $querystring = "SELECT fb.*,mb.userid,mb.face as mface,mb.spacesta,mb.scores,mb.sex FROM `#@__feedback` fb LEFT JOIN `#@__member` mb on mb.mid = fb.mid $where_sql AND fb.ischeck='1' ORDER BY fb.good DESC";

  65.     $dsql->Execute('fb', $querystring." LIMIT 20 ");

  66.     $data = array();

  67.     while ($row = $dsql->GetArray('fb')) {

  68.         $row['face'] = empty($row['mface']) ? $GLOBALS['cfg_cmspath'].'/static/web/img/admin.png' : $row['mface'];

  69.         $row['dtimestr'] = MyDate('Y-m-d', $row['dtime']);

  70.         unset($row['ip']);

  71.         $data[] = $row;

  72.     }

  73.     echo json_encode(array(

  74.         "code" => 200,

  75.         "msg" => "",

  76.         "data" => $data,

  77.     ));

  78.     exit;

  79. }

  80. //发表评论

  81. else if ($action == 'send') {

  82.     //读取文档信息

  83.     $arcRow = GetOneArchive($aid);

  84.     if ((empty($arcRow['aid']) || $arcRow['notpost'] == '1') && empty($fid)) {

  85.         echo json_encode(array(

  86.             "code" => -1,

  87.             "msg" => "无法对该文档发表评论",

  88.             "data" => null,

  89.         ));

  90.         exit();

  91.     }

  92.     //如果没有登录,则需要检查验证码

  93.     if (!$cfg_ml->IsLogin()) {

  94.         if ($feedbacktype === 'good') {

  95. 

  96.             //未登录点good不进行数据库记录

  97.             echo json_encode(array(

  98.                 "code" => 200,

  99.                 "msg" => "",

  100.                 "data" => $good + 1,

  101.             ));

  102.             exit();

  103.         }

  104.         $svali = GetCkVdValue();

  105.         if (strtolower($validate) != $svali || $svali == '') {

  106.             //ResetVdValue();

  107.             echo json_encode(array(

  108.                 "code" => -1,

  109.                 "msg" => "验证码不正确",

  110.                 "data" => null,

  111.             ));

  112.             exit();

  113.         }

  114.     }

  115.     //检查用户登录

  116.     if (empty($notuser)) {

  117.         $notuser = 0;

  118.     }

  119.     if ($cfg_feedback_guest == 'N' && $cfg_ml->M_ID < 1) {

  120.         echo json_encode(array(

  121.             "code" => -1,

  122.             "msg" => "管理员禁用了游客评论",

  123.             "data" => null,

  124.         ));

  125.         exit();

  126.     }

  127.     //匿名发表评论

  128.     if ($notuser == 1) {

  129.         $username = $cfg_ml->M_ID > 0 ? '匿名' : '游客';

  130.     }

  131.     //已登录的用户

  132.     else if ($cfg_ml->M_ID > 0) {

  133.         $username = $cfg_ml->M_UserName;

  134.     }

  135.     //用户身份验证

  136.     else {

  137.         if ($username != '' && $pwd != '') {

  138.             $rs = $cfg_ml->CheckUser($username, $pwd);

  139.             if ($rs == 1) {

  140.                 $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET logintime='".time()."',loginip='".GetIP()."' WHERE mid='{$cfg_ml->M_ID}'; ");

  141.             } else {

  142.                 $username = '游客';

  143.             }

  144.         } else {

  145.             $username = '游客';

  146.         }

  147.     }

  148.     $ip = GetIP();

  149.     $dtime = time();

  150.     //检查评论间隔时间;

  151.     if (!empty($cfg_feedback_time)) {

  152.         //检查最后发表评论时间,如果未登录判断当前IP最后评论时间

  153.         if ($cfg_ml->M_ID > 0) {

  154.             $where = "WHERE `mid` = '$cfg_ml->M_ID'";

  155.         } else {

  156.             $where = "WHERE `ip` = '$ip'";

  157.         }

  158.         $row = $dsql->GetOne("SELECT dtime FROM `#@__feedback` $where ORDER BY `id` DESC ");

  159.         if (is_array($row) && $dtime - $row['dtime'] < $cfg_feedback_time) {

  160.             ResetVdValue();

  161.             echo json_encode(array(

  162.                 "code" => -1,

  163.                 "msg" => "管理员设置了评论间隔时间,请稍等休息一下",

  164.                 "data" => null,

  165.             ));

  166.             exit();

  167.         }

  168.     }

  169.     if (empty($face)) {

  170.         $face = 0;

  171.     }

  172.     $face = intval($face);

  173.     $typeid = (isset($typeid) && is_numeric($typeid)) ? intval($typeid) : 0;

  174.     extract($arcRow, EXTR_SKIP);

  175.     $msg = cn_substrR(TrimMsg($msg), $cfg_feedback_msglen);

  176.     $username = cn_substrR(HtmlReplace($username, 2), 20);

  177.     if (empty($feedbacktype) || !in_array($feedbacktype, array('good', 'bad'))) {

  178.         $feedbacktype = 'feedback';

  179.     }

  180.     //保存评论文档

  181.     if ($comtype == 'comments' || $comtype == 'reply') {

  182.         $arctitle = empty($title) ? "" : addslashes($title);

  183.         $typeid = intval($typeid);

  184.         $ischeck = intval($ischeck);

  185.         $feedbacktype = preg_replace("#[^0-9a-z]#i", "", $feedbacktype);

  186.         if ($msg != '') {

  187.             $inquery = "INSERT INTO `#@__feedback` (`aid`,`typeid`,`fid`, `username`,`arctitle`,`ip`,`ischeck`,`dtime`, `mid`,`bad`,`good`,`ftype`,`face`,`msg`) VALUES ('$aid','$typeid','$fid','$username','$arctitle','$ip','$ischeck','$dtime', '{$cfg_ml->M_ID}','0','0','$feedbacktype','$face','$msg'); ";

  188.             $rs = $dsql->ExecuteNoneQuery($inquery);

  189.             if (!$rs) {

  190.                 echo json_encode(array(

  191.                     "code" => -1,

  192.                     "msg" => "发表评论错误",

  193.                     "data" => null,

  194.                 ));

  195.                 //echo $dsql->GetError();

  196.                 exit();

  197.             }

  198.         }

  199.     }

  200.     if ($feedbacktype == 'bad') {

  201.         $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET scores=scores-{cfg_feedback_sub},badpost=badpost+1,lastpost='$dtime' WHERE id='$aid' ");

  202.     } else if ($feedbacktype == 'good') {

  203.         $row = $dsql->GetOne("SELECT COUNT(*) as dd FROM `#@__feedback_goodbad` WHERE fid={$fid} AND mid={$cfg_ml->M_ID} AND fgtype=0");

  204.         if (intval($row['dd']) <= 0) {

  205.             $dsql->ExecuteNoneQuery("INSERT INTO `#@__feedback_goodbad` (`mid`, `fid`, `fgtype`) VALUES ('$cfg_ml->M_ID', '$fid', '0');");

  206.             $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET scores=scores+{$cfg_feedback_add},goodpost=goodpost+1,lastpost='$dtime' WHERE id='$aid' ");

  207.         } else {

  208.             $dsql->ExecuteNoneQuery("DELETE FROM `#@__feedback_goodbad` WHERE mid='{$cfg_ml->M_ID}' AND fid={$fid} AND fgtype=0");

  209.             $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET scores=scores-{$cfg_feedback_add},goodpost=goodpost-1,lastpost='$dtime' WHERE id='$aid' ");

  210.         }

  211.         $rr = $dsql->GetOne("SELECT COUNT(*) as dd FROM `#@__feedback_goodbad` WHERE fid={$fid}");

  212.         $dsql->ExecuteNoneQuery("UPDATE `#@__feedback` SET good='{$rr['dd']}' WHERE id={$fid}");

  213.         echo json_encode(array(

  214.             "code" => 200,

  215.             "msg" => "",

  216.             "data" => $rr['dd'],

  217.         ));

  218.         exit;

  219.     } else {

  220.         $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET scores=scores+1,lastpost='$dtime' WHERE id='$aid' ");

  221.     }

  222.     if ($cfg_ml->M_ID > 0) {

  223.         $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET scores=scores+{$cfg_sendfb_scores} WHERE mid='{$cfg_ml->M_ID}' ");

  224.     }

  225.     //统计用户发出的评论

  226.     if ($cfg_ml->M_ID > 0) {

  227.         $row = $dsql->GetOne("SELECT COUNT(*) AS nums FROM `#@__feedback` WHERE `mid`='".$cfg_ml->M_ID."'");

  228.         $dsql->ExecuteNoneQuery("UPDATE `#@__member_tj` SET `feedback`='$row[nums]' WHERE `mid`='".$cfg_ml->M_ID."'");

  229.     }

  230.     $_SESSION['sedtime'] = time();

  231.     if (empty($uid) && isset($cmtuser)) $uid = $cmtuser;

  232.     if ($ischeck == 0) {

  233.         echo json_encode(array(

  234.             "code" => 200,

  235.             "msg" => "成功发表评论,审核后才会显示您的评论",

  236.             "data" => "ok",

  237.         ));

  238.     } else {

  239.         echo json_encode(array(

  240.             "code" => 200,

  241.             "msg" => "成功发表评论,现在跳转评论页面",

  242.             "data" => "ok",

  243.         ));

  244.     }

  245.     exit();

  246. }

  247. ?>