<?php
/*
EditorTools自动采集助手-empirecms v5.1(GBK、UTF-8)新闻类文章发布接口
----------------------------------
文件名
etpost.php
empirecms v5.1文章主题发布文件，请复制在empirecms v5.1网站/e/admin目录下使用，为保密，请自行修改文件名


主要参数
username      会员名参数名，必须有管理员权限
password      密码参数名
title     主题标题参数名
newstext      内容参数名


附加参数
classid      栏目编号(请对照后台栏目管理) 
vercode      安全校验码，请自行设定，本项用以防止接口被他人利用，如果需要进行更多校验，请自行填加相关代码。

*/

$vercode=''; //此处取值请自行修改

/*



可选参数
ftitle                        副标题
smalltext        内容简介
keyboard                      关键词
writer                        作者
befrom                        信息来源
titlefont[b]=b                标题样式：粗体
titlefont[i]=i                标题样式：斜体
titlefont[s]=s                标题样式：删除线
titlecolor=                   标题颜色
isgood=1                      推荐
firsttitle=1                  头条 
newstempid=1             模板编号
copyimg=1                     远程保存图片
mark=1                        图片加水印
getfirsttitlepic=1            取第1张上传图为标题图片
getfirsttitlespic=1       取第1张上传图为缩略图
getfirsttitlespicw=           缩略图宽
getfirsttitlespich=           缩略图高
copyflash=1                   远程保存FLASH
qz_url=                       FLASH地址前缀
dokey=1                       关键字替换
autopage=1                    自动分页
autosize=5000                 自动分页大小，通常设为5000字
istop=0                       置顶级别，0-6级
groupid=0                     访问权限,0为游客，1为普通会员，2为VIP会员，3为企业会员，4为企业VIP会员
userfen=0                     查看扣除点数
closepl=1                     关闭评论
filenameqz=                   文件前缀
ztid[]=                       所属专题ID

ET发布配置-文章检查网址处，填写参考如下：
http://您的网址/e/admin/etpost.php

*/
if ($_REQUEST['vercode']!=$vercode){
exit("[err]invalid vercode[/err]");
}


require("../class/connect.php");
include("../class/db_sql.php");
include("../class/config.php");
include("../class/class.php");
include("../class/functions.php");
include("../class/delpath.php");
include LoadLang("pub/fun.php");
include("../class/copypath.php");
include("../class/t_functions.php");
include("../class/MemberLevel.php");
$link=db_connect();
$empire=new mysqlquery();

//增加信息
function ETAddNews($add,$userid,$username){
 global $empire,$class_r,$class_zr,$bclassid,$public_r,$dbtbpre;
 $add[classid]=(int)$add[classid];
 $userid=(int)$userid;
 $ztid=$add[ztid];
 if(!$add[title]||!$add[classid]||!$add[newstempid])
 {
  printerror("EmptyTitle","history.go(-1)");
 }
 //操作权限
 $doselfinfo=CheckLevel($userid,$username,$add[classid],"news");
 if(!$doselfinfo['doaddinfo'])//增加权限
 {
  printerror("NotAddInfoLevel","history.go(-1)");
 }
 $ccr=$empire->fetch1("select classid,modid,listdt,haddlist,sametitle,addreinfo,wburl from {$dbtbpre}enewsclass where classid='$add[classid]' and islast=1");
 if(!$ccr['classid']||$ccr[wburl])
 {
  printerror("ErrorUrl","history.go(-1)");
 }
 if($ccr['sametitle'])//验证标题重复
 {
  $num=$empire->gettotal("select count(*) as total from {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." where title='$add[title]' limit 1");
  if($num)
  {
   printerror("ReInfoTitle","history.go(-1)");
     }
    }
 $add=DoPostInfoVar($add);//返回变量
 $ret_r=ReturnAddF($add,$class_r[$add[classid]][modid],$userid,$username,0,0,1);//返回自定义字段
 $newspath=FormatPath($add[classid],'',0);//查看目录是否存在，不存在则建立
 //签发
 $isqf=0;
 if($add[checkuser])
 {
  $checkuser=",".$add[checkuser].",";
  $add[checked]=0;
  $isqf=1;
 }
 $truetime=time();
 $lastdotime=$truetime;
 //返回关键字组合
 $keyid=GetKeyid($add[keyboard],$add[classid],0,$class_r[$add[classid]][link_num]);
 $sql=$empire->query("insert into {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]."(classid,onclick,newspath,keyboard,keyid,userid,username,ztid,checked,istop,truetime,ismember,dokey,isgood,titlefont,titleurl,filename,filenameqz,fh,groupid,newstempid,plnum,firsttitle,isqf,userfen,totaldown,closepl,havehtml,lastdotime,haveaddfen,infopfen,infopfennum,votenum".$ret_r[fields].") values($add[classid],0,'$newspath','".addslashes($add[keyboard])."','$keyid',$userid,'".addslashes($username)."','$add[my_ztid]',$add[checked],$add[istop],$truetime,0,$add[dokey],$add[isgood],'".addslashes($add[my_titlefont])."','".addslashes($add[titleurl])."','$filename','$add[filenameqz]',$add[fh],$add[groupid],$add[newstempid],0,$add[firsttitle],'$isqf',$add[userfen],0,$add[closepl],0,$lastdotime,0,0,0,0".$ret_r[values].");");
 $id=$empire->lastid();
 //签发
 if($isqf==1)
 {
  $iqfsql=$empire->query("insert into {$dbtbpre}enewsqf(id,classid,checkuser,docheckuser,viewcheckuser,returncheck,notdocheckuser,checked) values('$id','$add[classid]','".addslashes($checkuser)."',',',',',0,',',0);");
 }
 //更新附件表
 UpdateTheFile($id,$add['filepass']);
 //取第一张图作为标题图片
 if($add['getfirsttitlepic']&&empty($add['titlepic']))
 {
  $firsttitlepic=GetFpicToTpic($add['classid'],$id,$add['getfirsttitlepic'],$add['getfirsttitlespic'],$add['getfirsttitlespicw'],$add['getfirsttitlespich']);
  if($firsttitlepic)
  {
   $addtitlepic=",titlepic='".addslashes($firsttitlepic)."'";
  }
 }
 //文件命名
 if($add['diyfilename']==1&&$add['filename'])
 {
  $filename=$add['filename'];
 }
 else
 {
  $filename=ReturnInfoFilename($add[classid],$id,$add[filenameqz]);
 }
 $usql=$empire->query("update {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." set filename='$filename'".$addtitlepic." where id='$id'");
 //投票
 AddInfoVote($add['classid'],$id,$add);
 //增加信息是否生成文件
 if($ccr['addreinfo'])
 {
  $ar=$empire->fetch1("select * from {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." where id='$id'");
  GetHtml($ar,$ret_r);
 }
 if($ccr[haddlist]&&$add[checked])
 {
  hAddListHtml($add[classid],$ccr['modid'],$ccr['haddlist'],$ccr['listdt']);//生成信息列表
  //ListHtml($add[classid],$ret_r,0);
  for($z=0;$z<count($ztid);$z++)//生成专题列表
  {
   ListHtml($ztid[$z],$ret_r,1);
  }
 }
 if($sql)
 {
  insert_dolog("classid=$add[classid]<br>id=".$id."<br>title=".$add[title]);//操作日志
  //printerror("AddNewsSuccess","AddNews.php?enews=AddNews&bclassid=$add[bclassid]&classid=$add[classid]");
  echo("[ok]");
 }
 else
 {
 // printerror("DbError","");
  echo("[err]post failed[/err]");

 }
}


function chklogin($username,$password){
 global $empire,$dbtbpre,$logininid,$loginin,$loginrnd,$loginlevel;
 //eCheckAccessIp(1);//禁止IP
 $username=RepPostVar($username);
 $password=RepPostVar($password);
 if(!$username||!$password)
 {
  //printerror("EmptyKey","index.php");
  exit("[err]username or password is empty[/err]");
 }

 if(strlen($username)>30||strlen($password)>30)
 {
  //printerror("EmptyKey","index.php");
  exit("[err]username or password is too long[/err]");
 }
 $loginip=egetip();
 $logintime=time();
 //CheckLoginNum($loginip,$logintime);

 $user_r=$empire->fetch1("select userid,password,salt,rnd,groupid from {$dbtbpre}enewsuser where username='".$username."' and checked=0 limit 1");
 if(!$user_r['userid'])
 {
  InsertErrorLoginNum($username,$password,0,$loginip,$logintime);
  //printerror("LoginFail","index.php");
  exit("[err]username  is error[/err]");
 }
 $ch_password=md5(md5($password).$user_r['salt']);
 if($user_r['password']!=$ch_password)
 {
  InsertErrorLoginNum($username,$password,0,$loginip,$logintime);
  //printerror("LoginFail","index.php");
  exit("[err]password is error[/err]");

 }
 $logininid=$user_r['userid'];
 $loginin=$username;
 $loginrnd=$user_r['rnd'];
 $loginlevel=$user_r['groupid'];
}

/*
$logininid=getcvar('loginuserid');
$loginin=getcvar('loginusername');
$loginrnd=getcvar('loginrnd');
$loginlevel=getcvar('loginlevel');
*/
/*$enews=$_POST['enews'];
if(empty($enews))
{$enews=$_GET['enews'];}*/
$enews="AddNews";
chklogin($_POST['username'],$_POST['password']);
/*
is_login($logininid,$loginin,$loginrnd);*/


if($public_r['phpmode']){
 include("../class/ftp.php");
 $incftp=1;
}
//防采集
/*if($public_r['opennotcj']){
 @include("../class/notcj.php");
}*/
//会员组
/*
if($enews=="CheckNews_all"){
 @include("../class/user.php");
}*/
//普通操作
$comenews=',AddZt,EditZt,DelZt,CheckPath,SetEnews,AddClass,EditClass,DelClass,ChangeClassIslast,AddMemberF,EditMemberF,DelMemberF,EditMemberFOrder,AddMemberForm,EditMemberForm,DelMemberForm,AddNews,EditNews,DelNews,DelNews_all,DelInfoDoc_all,DelFile,DelFile_all,TDelFile_all,DelFreeFile,TopNews_all,CheckNews_all,NoCheckNews_all,MoveNews_all,CopyNews_all,DelPl_all,CheckPl_all,EditPltemp,EditGbooktemp,EditCptemp,EditLoginIframe,AddMemberGroup,EditMemberGroup,DelMemberGroup,EditCjNews,DelCjNews,DelCjNews_all,CjNewsIn,CjNewsIn_all,AddBq,EditBq,DelBq,MoveClassNews,EditClassOrder,EditSearchTemp,EditOtherLinkTemp,EditPrintTemp,DelPathFile,AddUserpage,EditUserpage,DelUserpage,GoodInfo_all,DoZtNews_all,SetAllCheckInfo,DoGoodPl_all,AddInfoToReHtml,ReSingleInfo,EditLoginJstemp,';
if(strstr($comenews,','.$enews.',')){
 @include("../class/comdofun.php");
}

//增加信息
$navtheid=(int)$_POST['filepass'];
$_POST['newstime']=date("Y-m-d H:i:s"); //发布日期
$_POST['checked']='1';  //通过审核
$_POST['bclassid']='2'; //新闻类
if (empty($_POST['newstempid'])){$_POST['newstempid']='1';} //模板
if (empty($_POST['fh'])){$_POST['fh']='0';} //模板
if (empty($_POST['autopage'])){$_POST['autopage']='1';} //自动分页
if (empty($_POST['autosize'])){$_POST['autosize']='5000';} //分页大小

ETAddNews($_POST,$logininid,$loginin);

db_close();
$empire=null;
?>