<?php
$vercode=''; //此处取值请自行修改
if ($_REQUEST['vercode']!=$vercode){
exit("[err]invalid vercode[/err]");
}

require("../class/connect.php");
require("../class/db_sql.php");
require("../class/functions.php");
require LoadLang("pub/fun.php");
require("../class/delpath.php");
require("../class/copypath.php");
require("../class/t_functions.php");
require("../data/dbcache/class.php");
require("../data/dbcache/MemberLevel.php");
$link=db_connect();
$empire=new mysqlquery();/*
$enews=$_POST['enews'];
if(empty($enews))
{
 $enews=$_GET['enews'];
}*/
$enews="AddNews";
//验证用户
//--------------------------------------------------------
$username=$_POST['username'];
$password=$_POST['password'];
 $username=RepPostVar($username);
 $password=RepPostVar($password);
 if(!$username||!$password)
 {
  //printerror("EmptyKey","index.php");
  exit("[err]username or password is empty[/err]");
 }
 $user_r=$empire->fetch1("select userid,password,salt,rnd,groupid from {$dbtbpre}enewsuser where username='".$username."' and checked=0 limit 1");
 if(!$user_r['userid'])
 {
  //InsertErrorLoginNum($username,$password,0,$loginip,$logintime);
  //printerror("LoginFail","index.php");
  exit("[err]username  is error[/err]");
 }
 $ch_password=md5(md5($password).$user_r['salt']);
 if($user_r['password']!=$ch_password)
 {
  //InsertErrorLoginNum($username,$password,0,$loginip,$logintime);
  //printerror("LoginFail","index.php");
  exit("[err]password is error[/err]");

 }
 $logininid=$user_r['userid'];
 $loginin=$username;
 //$loginrnd=$user_r['rnd'];
 //$loginlevel=$user_r['groupid'];
 
//--------------------------------------------------------
/*
$lur=is_login();
$logininid=$lur['userid'];
$loginin=$lur['username'];
$loginrnd=$lur['rnd'];
$loginlevel=$lur['groupid'];
$loginadminstyleid=$lur['adminstyleid'];*/
//--------------------------------------
//增加信息
function eAddNews($add,$userid,$username){
 global $empire,$class_r,$class_zr,$bclassid,$public_r,$dbtbpre,$emod_r;
 $add[classid]=(int)$add[classid];
 $userid=(int)$userid;
 $ztid=$add[ztid];
 if(!$add[title]||!$add[classid])
 {
  printerror("EmptyTitle","history.go(-1)");
 }
 //操作权限
 $doselfinfo=CheckLevel($userid,$username,$add[classid],"news");
 if(!$doselfinfo['doaddinfo'])//增加权限
 {
  printerror("NotAddInfoLevel","history.go(-1)");
 }
 
 $ccr=$empire->fetch1("select classid,modid,listdt,haddlist,sametitle,addreinfo,wburl,repreinfo from {$dbtbpre}enewsclass where classid='$add[classid]' and islast=1");
 if(!$ccr['classid']||$ccr[wburl])
 {
  printerror("ErrorUrl","history.go(-1)");
 }
 
 if($ccr['sametitle'])//验证标题重复
 {
  $num=$empire->gettotal("select count(*) as total from {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." where title='$add[title]' limit 1");
  if($num)
  {
   printerror("ReInfoTitle","history.go(-1)");
     }
    }
 
 $add=DoPostInfoVar($add);//返回变量
 $ret_r=ReturnAddF($add,$class_r[$add[classid]][modid],$userid,$username,0,0,1);//返回自定义字段
 $newspath=FormatPath($add[classid],'',0);//查看目录是否存在，不存在则建立
 //签发
 $isqf=0;
 if($add[checkuser])
 {
  $checkuser=",".$add[checkuser].",";
  $add[checked]=0;
  $isqf=1;
 }
 $truetime=time();
 $lastdotime=$truetime;
 //**********************************
 $flagrand=rand(1,10);
 if($flagrand==1)$add[isgood]=1;
 if($flagrand==2)$add[firsttitle]=1;
 //dokey
 //filename
 //返回关键字组合
 $keyid=GetKeyid($add[keyboard],$add[classid],0,$class_r[$add[classid]][link_num]);
 //主表
 $sql=$empire->query("insert into {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]."(classid,onclick,newspath,keyboard,keyid,userid,username,ztid,checked,istop,truetime,ismember,dokey,isgood,titlefont,titleurl,filename,groupid,newstempid,plnum,firsttitle,isqf,userfen,totaldown,closepl,havehtml,lastdotime,haveaddfen,infopfen,infopfennum,votenum,stb,ttid".$ret_r[fields].") values($add[classid],0,'$newspath','".addslashes($add[keyboard])."','$keyid',$userid,'".addslashes($username)."','$add[my_ztid]',$add[checked],$add[istop],$truetime,0,$add[dokey],$add[isgood],'".addslashes($add[my_titlefont])."','".addslashes($add[titleurl])."','$filename',$add[groupid],$add[newstempid],0,$add[firsttitle],'$isqf',$add[userfen],0,$add[closepl],0,$lastdotime,0,0,0,0,'".$ret_r[tb]."','$add[ttid]'".$ret_r[values].");");
 $id=$empire->lastid();
 //副表
 $fsql=$empire->query("insert into {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]."_data_".$ret_r['tb']."(id,classid".$ret_r[datafields].") values('$id','$add[classid]'".$ret_r[datavalues].");");
 //签发
 if($isqf==1)
 {
  $iqfsql=$empire->query("insert into {$dbtbpre}enewsqf(id,classid,checkuser,docheckuser,viewcheckuser,returncheck,notdocheckuser,checked) values('$id','$add[classid]','".addslashes($checkuser)."',',',',',0,',',0);");
 }
 //更新附件表
 UpdateTheFile($id,$add['filepass']);
 //取第一张图作为标题图片
 if($add['getfirsttitlepic']&&empty($add['titlepic']))
 {
  $firsttitlepic=GetFpicToTpic($add['classid'],$id,$add['getfirsttitlepic'],$add['getfirsttitlespic'],$add['getfirsttitlespicw'],$add['getfirsttitlespich']);
  if($firsttitlepic)
  {
   $addtitlepic=",titlepic='".addslashes($firsttitlepic)."'";
  }
 }
 //文件命名
 if($add['filename'])
 {
  $filename=$add['filename'];
 }
 else
 {
  $filename=ReturnInfoFilename($add[classid],$id,'');
  
 }
 $usql=$empire->query("update {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." set filename='$filename'".$addtitlepic." where id='$id'");
 //投票
 AddInfoVote($add['classid'],$id,$add);//?????????????????
 /*
 //增加信息是否生成文件
 if($ccr['addreinfo'])
 {
  $ar=$empire->fetch1("select * from {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." where id='$id'");
  GetHtml($ar,'');
 }
 //生成上一篇
 if($ccr['repreinfo']&&$add[checked])
 {
  $prer=$empire->fetch1("select * from {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." where id<$id and classid='$add[classid]' and checked=1 order by id desc limit 1");
  GetHtml($prer,'');
 }
 //生成栏目
 if($ccr[haddlist]&&$add[checked])
 {
  hAddListHtml($add[classid],$ccr['modid'],$ccr['haddlist'],$ccr['listdt']);//生成信息列表
  for($z=0;$z<count($ztid);$z++)//生成专题列表
  {
   ListHtml(intval($ztid[$z]),'',1);
  }
 }*/
 //同时发布
 $copyclassid=$add[copyclassid];
 $cpcount=count($copyclassid);
 if($cpcount)
 {
  $copyids=AddInfoToCopyInfo($add[classid],$id,$copyclassid,$userid,$username);
  if($copyids)
  {
   $empire->query("update {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." set copyids='$copyids' where id='$id'");
  }
 }
 if($sql)
 {
  //$GLOBALS['ecmsadderrorurl']="ListNews.php?bclassid=$add[bclassid]&classid=$add[classid]";
  //insert_dolog("classid=$add[classid]<br>id=".$id."<br>title=".$add[title]);//操作日志
  //printerror("AddNewsSuccess","AddNews.php?enews=AddNews&bclassid=$add[bclassid]&classid=$add[classid]");
  echo("[ok]");
 }
 else
 {
  //printerror("DbError","");
  echo("[err]post failed[/err]");
 }
}

//++++++++++++++++++++++++++++++++++++++
$incftp=0;
if($public_r['phpmode'])
{
 include("../class/ftp.php");
 $incftp=1;
}
//防采集
if($public_r['opennotcj'])
{
 @include("../data/dbcache/notcj.php");
}
//会员组
if($enews=="CheckNews_all")
{
 @include("../class/user.php");
}
require("../class/hinfofun.php");
if($enews=="AddNews")//增加信息//+++++++++++++++++++++++++
{
 $navtheid=(int)$_POST['filepass'];
 eAddNews($_POST,$logininid,$loginin);
}/*
elseif($enews=="EditNews")//修改信息
{
 $navtheid=(int)$_POST['id'];
 EditNews($_POST,$logininid,$loginin);
}
elseif($enews=="DelNews")//删除信息
{
 $id=$_GET['id'];
 $classid=$_GET['classid'];
 $bclassid=$_GET['bclassid'];
 DelNews($id,$classid,$logininid,$loginin);
}
elseif($enews=="DelNews_all")//批量删除信息
{
 $id=$_POST['id'];
 $classid=$_POST['classid'];
 $bclassid=$_POST['bclassid'];
 DelNews_all($id,$classid,$logininid,$loginin);
}
elseif($enews=="DelInfoDoc_all")//删除归档
{
 $id=$_POST['id'];
 $classid=$_POST['classid'];
 $bclassid=$_POST['bclassid'];
 DelNews_all($id,$classid,$logininid,$loginin,1);
}
elseif($enews=='AddInfoToReHtml')//刷新页面
{
 AddInfoToReHtml($_GET['classid'],$_GET['dore']);
}
elseif($enews=="TopNews_all")//信息置顶
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $istop=$_POST['istop'];
 TopNews_all($classid,$id,$istop,$logininid,$loginin);
}
elseif($enews=="CheckNews_all")//审核信息
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 CheckNews_all($classid,$id,$logininid,$loginin);
}
elseif($enews=="NoCheckNews_all")//取消审核信息
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 NoCheckNews_all($classid,$id,$logininid,$loginin);
}
elseif($enews=="MoveNews_all")//移动信息
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $to_classid=$_POST['to_classid'];
 MoveNews_all($classid,$id,$to_classid,$logininid,$loginin);
}
elseif($enews=="CopyNews_all")//复制信息
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $to_classid=$_POST['to_classid'];
 CopyNews_all($classid,$id,$to_classid,$logininid,$loginin);
}
elseif($enews=="MoveClassNews")//批量移动信息
{
 $add=$_POST['add'];
 MoveClassNews($add,$logininid,$loginin);
}
elseif($enews=="GoodInfo_all")//批量推荐/头条信息
{
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $isgood=$_POST['isgood'];
 $doing=$_POST['doing'];
 GoodInfo_all($classid,$id,$isgood,$doing,$logininid,$loginin);
}
elseif($enews=="DoZtNews_all")//批量转移信息到专题
{
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $ztid=$_POST['ztid'];
 DoZtNews_all($classid,$id,$ztid,$logininid,$loginin);
}
elseif($enews=="SetAllCheckInfo")//本栏目信息全部审核
{
 $classid=$_GET['classid'];
 $bclassid=$_GET['bclassid'];
 SetAllCheckInfo($bclassid,$classid,$logininid,$loginin);
}
elseif($enews=="DoCheckUser")//签发信息
{
 DoCheckUser($_POST,$logininid,$loginin);
}
elseif($enews=="ViewQfNews")//查看签发内容
{
 $id=$_GET['id'];
 $classid=$_GET['classid'];
 ViewQfNews($id,$classid,$logininid,$loginin);
}
elseif($enews=="DelInfoData")//删除信息页面
{
 $start=$_GET['start'];
 $classid=$_GET['classid'];
 $from=$_GET['from'];
 $retype=$_GET['retype'];
 $startday=$_GET['startday'];
 $endday=$_GET['endday'];
 $startid=$_GET['startid'];
 $endid=$_GET['endid'];
 $tbname=$_GET['tbname'];
 DelInfoData($start,$classid,$from,$retype,$startday,$endday,$startid,$endid,$tbname,$_GET,$logininid,$loginin);
}
elseif($enews=="InfoToDoc")//归档信息
{
 if($_GET['ecmsdoc']==1)//栏目
 {
  InfoToDoc_class($_GET,$logininid,$loginin);
 }
 elseif($_GET['ecmsdoc']==2)//条件
 {
  InfoToDoc($_GET,$logininid,$loginin);
 }
 else//信息
 {
  InfoToDoc_info($_POST,$logininid,$loginin);
 }
}
else
{
 printerror("ErrorUrl","history.go(-1)");
}*/
db_close();
$empire=null;
?>