:::

8-1 post.php

<?php

  /*----引入檔案----*/
  require_once "config.php";
  require_once "function.php";

  /*----整理傳進來的變數或變數初始值----*/
  $op=isset($_REQUEST['op'])?$_REQUEST['op']:"";
  $sn=isset($_REQUEST['sn'])?intval($_REQUEST['sn']):"";
  $toolbar="<a href='index.php?g2p={$g2p}' class='btn btn-success btn-block'><i class='fa fa-home'></i> 新聞列表</a>";
  $error_msg=$main="";

  /*----流程控制----*/

  switch ($op) {
    case 'clear':
      session_destroy();
      header("location:post.php");
      break;

    case 'passwd_error':
      $main=news_form($sn);
      $error_msg=error_msg("密碼錯誤!!請檢查密碼是否正確!");
      break;

    case 'db_error':
      $error_msg=error_msg("資料庫連線錯誤!!請檢查資料庫帳號、密碼是否正確!");
      break;

    case 'save':
      save_news();
      header("location:index.php");
      exit;
      break;

    case 'update':
      save_news($sn);
      header("location:index.php?op=view&sn={$sn}");
      exit;
      break;

     case 'modify':
      $main=news_form($sn);
      break;

    default:
      $main=news_form();
      break;
  }


  /*----輸出----*/
  show_page('post_tpl');



  /*----所有函數----*/

  //新聞編輯表單
  function news_form($sn=""){

    link_db();
    if($sn){
      //讀取eznews資料表所有欄位,並指定某一筆特定資料
      $sql="select * from eznews where sn='$sn'";

      //傳回值存到 $result 以供抓取資料用
      $result=mysql_query($sql) or die("{$sql}<br>".mysql_error());
      $news=mysql_fetch_assoc($result);
      // foreach ($news as $k => $v) {
      //   $$k=$v;
      // }

      $news_title=$news['news_title'];
      $news_content=$news['news_content'];
      $ip=$news['ip'];
      $author=$news['author'];
      $post_time=$news['post_time'];
      $def_cate_sn=$news['cate_sn'];

      $next_op="update";

      //抓附檔
      $sql="select * from eznews_files where sn={$sn}";
      $result=mysql_query($sql) or die("{$sql}<br>".mysql_error());
      $files_list="請選擇欲刪除檔案:";
      while($file=mysql_fetch_assoc($result)){
        $files_list.="
        <div>
          <input type='checkbox' name='del_files[{$file['file_sn']}]' value='{$file['file_new_name']}'>
          <a href='uploads/{$file['file_new_name']}' target='_blank'>{$file['file_name']}</a>
        </div>";
      }


    }else{
      $news_title=isset($_SESSION['news_title'])?$_SESSION['news_title']:"";
      $news_content=isset($_SESSION['news_content'])?$_SESSION['news_content']:"";
      $ip=$_SERVER['REMOTE_ADDR'];
      $author=isset($_SESSION['author'])?$_SESSION['author']:"";
      $post_time=isset($_SESSION['post_time'])?$_SESSION['post_time']:date("Y-m-d H:i:s");
      $def_cate_sn="";

      $news['status']="";

      $next_op="save";
    }

    //製作分類的下拉選項
    $sql="select * from eznews_cate";
    $result=mysql_query($sql) or die($sql.'<br>'.mysql_error());
    $cate_options="";
    while(list($cate_sn , $cate_title)=mysql_fetch_row($result)){
      $selected=($cate_sn==$def_cate_sn)?"selected":"";
      $cate_options.="<option value='$cate_sn' $selected>$cate_title</option>";
    }

    $checked_default=(isset($news['status']) and $news['status']=="")?"checked":"";
    $checked_top=(isset($news['status']) and $news['status']=="置頂")?"checked":"";
    $checked_important=(isset($news['status']) and $news['status']=="高亮")?"checked":"";

    $main=<<<form
    <form action="post.php" method="post" role="form" enctype="multipart/form-data">

      <div class="row">
        <div class="col-md-5">
          <div class="form-group">
            <input type="text" name="news_title" placeholder="請輸入新聞標題" class="form-control" value="$news_title">
          </div>
        </div>

        <div class="col-md-3">
          <div class="form-group">

            <label class="radio-inline">
              <input type="radio" name="status" value="" $checked_default>正常
            </label>

            <label class="radio-inline">
              <input type="radio" name="status" value="置頂" $checked_top>置頂
            </label>

            <label class="radio-inline">
              <input type="radio" name="status" value="高亮" $checked_important>高亮
            </label>

          </div>
        </div>

        <div class="col-md-2">
          <div class="form-group">
            <input type="text" name="post_time" id="datetimepicker" placeholder="請輸入發布日期" class="form-control" value="$post_time">
          </div>
        </div>


        <div class="col-md-2">
          <div class="form-group">
            <input type="text" name="author" placeholder="請輸入發布者" class="form-control" value="$author">
          </div>
        </div>
      </div>



      <div class="form-group">
        <textarea id="summernote" name="news_content" style="height:300px;" placeholder="請輸入新聞內容" class="form-control">$news_content</textarea>
      </div>

      <div class="row">
        <div class="col-md-3">
          <select name="cate_sn" class="form-control">
            <option value="">請選擇分類</option>
            $cate_options
          </select>
        </div>
        <div class="col-md-3">
          <input type="text" name="cate_title" class="form-control" placeholder="請輸入新分類">
        </div>
        <div class="col-md-3">
          <div class="form-group">
            <input type="password" name="password" class="form-control" placeholder="請輸入密碼">
          </div>
        </div>
        <div class="col-md-3">

          <input type="hidden" name="ip" value="$ip">
          <input type="hidden" name="sn" value="$sn">
          <input type="hidden" name="op" value="$next_op">
          <a href="post.php?op=clear" class="btn btn-danger">清除</a>
          <input type="submit" value="儲存" class="btn btn-info">
        </div>
      </div>

      <div class="row">
        <div class="col-md-3">
          <input type="file" name="files[]" multiple>
        </div>
        <div class="col-md-9">
          $files_list
        </div>
      </div>
    </form>
form;
    return $main;
  }


  //儲存新聞
  function save_news($sn=""){

    //過濾外面傳來的變數
    $op=isset($_POST['op'])?$_POST['op']:"";
    $password=isset($_POST['password'])?$_POST['password']:"";
    $news_title=isset($_POST['news_title'])?check_input($_POST['news_title']):"";
    $news_content=isset($_POST['news_content'])?check_input($_POST['news_content']):"";
    $author=isset($_POST['author'])?check_input($_POST['author']):"";
    $ip=isset($_POST['ip'])?check_input($_POST['ip']):"";
    $post_time=isset($_POST['post_time'])?check_input($_POST['post_time']):"";
    $status=isset($_POST['status'])?check_input($_POST['status']):"";
    $cate_title=isset($_POST['cate_title'])?check_input($_POST['cate_title']):"";
    $cate_sn=isset($_POST['cate_sn'])?intval($_POST['cate_sn']):"";

    //接收使用者輸入密碼,失敗轉回發布頁
    if(empty($password) or $password!=_POST_PASSWD){
      // 產生 cookie
      // setcookie('news_title',$news_title);
      // setcookie('news_content',$news_content);

      // 產生 session,以記住剛剛使用者輸入的資料,避免需要重打
      $_SESSION['news_title']=$news_title;
      $_SESSION['news_content']=$news_content;
      $_SESSION['author']=$author;
      $_SESSION['status']=$status;
      $_SESSION['cate_sn']=$cate_sn;

      //轉回編輯頁面,並用 get 方式,傳遞 $op 以便顯示密碼有誤的訊息
      header("location:{$_SERVER['PHP_SELF']}?op=passwd_error&sn=$sn");
      exit;
    }else{
      // nl2br()將換行符號轉換為<br>標籤
      //$news_content=nl2br($news_content);
      // 發布正確,剛剛輸入的內容無需在記住,因此清空之。
      //session_destroy();
      unset($_SESSION['news_title']);
      unset($_SESSION['news_content']);
      unset($_SESSION['author']);
      unset($_SESSION['status']);
      unset($_SESSION['cate_sn']);
    }

    link_db();

    //新增分類
    if(empty($cate_sn) and !empty($cate_title)){
      $sql="insert into eznews_cate (cate_title) values('$cate_title')";
      mysql_query($sql) or die($sql."<br>".mysql_error());
      $cate_sn=mysql_insert_id();
    }elseif(!empty($cate_sn) and !empty($cate_title)){
      //修改分類
      $sql="update eznews_cate set cate_title='$cate_title' where cate_sn='$cate_sn'";
      mysql_query($sql) or die($sql."<br>".mysql_error());
    }

    //存到資料庫
    if($sn){
      $sql="update eznews set cate_sn='$cate_sn', news_title='$news_title', news_content='$news_content', ip='$ip', author='$author', post_time='$post_time', status='$status' where sn='$sn'";
      mysql_query($sql) or die($sql."<br>".mysql_error());
    }else{
      $sql="insert into eznews (cate_sn,news_title, news_content, ip, author, post_time,status) values('$cate_sn','$news_title', '$news_content', '$ip', '$author', '$post_time', '$status')";
      mysql_query($sql) or die($sql."<br>".mysql_error());
      $sn=mysql_insert_id();
    }

    //刪除勾選的檔案
    if(isset($_POST['del_files'])){
      foreach ($_POST['del_files'] as $file_new_name) {
        //刪除實體檔案
        if(unlink("uploads/{$file_new_name}")){
          //刪除資料庫紀錄
          $sql="delete from eznews_files where file_new_name='$file_new_name'";
          mysql_query($sql) or die($sql."<br>".mysql_error());
        }
      }
    }


    //上傳檔案
    if(isset($_FILES)){
      //建立資料夾
      if(!is_dir('uploads')){
        mkdir('uploads');
      }

      foreach($_FILES['files']['tmp_name'] as $i =>$tmp_name){
        $ext=pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION);
        $new=substr(md5($_FILES['files']['name'][$i]), -5);
        $new_name="uploads/{$sn}_{$new}.{$ext}";

        if(move_uploaded_file($tmp_name, $new_name)){
          $sql="insert into eznews_files ( sn, file_name, file_size, file_type, file_new_name) values('$sn','{$_FILES['files']['name'][$i]}', '{$_FILES['files']['size'][$i]}}', '{$_FILES['files']['type'][$i]}', '{$sn}_{$new}.{$ext}')";
          mysql_query($sql) or die($sql."<br>".mysql_error());
        }
      }
    }

  }

  //替特殊符號加入反斜線
  function check_input($value){
    if (!get_magic_quotes_gpc()){
      $value = addslashes($value);
    }
    return $value;
  }


?>

 


:::

搜尋

QR Code 區塊

https%3A%2F%2Ftad0616.cp22.secserverpros.com%2Fmodules%2Ftad_book3%2Fpage.php%3Ftbdsn%3D1097%26tbsn%3D34

書籍目錄

展開 | 闔起

線上使用者

105人線上 (26人在瀏覽線上書籍)

會員: 0

訪客: 105

更多…