<?php
$vercode=''; //此处取值请自行修改
if(isset($_POST['vercode'])){
if ($_POST['vercode']!=$vercode){
 echo("[err]invalid vercode[/err]");
 exit();
}
}
define('EmpireCMSAdmin','1');
require("../class/connect.php");
require("../class/db_sql.php");
require("../class/functions.php");
require LoadLang("pub/fun.php");
require("../class/delpath.php");
require("../class/copypath.php");
require("../class/t_functions.php");
require("../data/dbcache/class.php");
require("../data/dbcache/MemberLevel.php");
$link=db_connect();
$empire=new mysqlquery();
$enews='AddNews';
/*$enews=$_POST['enews'];
if(empty($enews))
{
 $enews=$_GET['enews'];
}*/

//增加信息
function etAddNews($add,$userid,$username){
 global $empire,$class_r,$class_zr,$bclassid,$public_r,$dbtbpre,$emod_r;
 $add[classid]=(int)$add[classid];
 
    $add['newspath']=$class_r[$add[classid]][newspath];
    $add['newspath']=$add['newspath'] ? date($add['newspath']) : '';

 $userid=(int)$userid;
 $ztid=$add[ztid];
 if(!$add[title]||!$add[classid])
 {
  //printerror("EmptyTitle","history.go(-1)");
  exit("[err]请输入标题title,并选择栏目classid[/err]");
 }
 /*
 //操作权限
 $doselfinfo=CheckLevel($userid,$username,$add[classid],"news");
 if(!$doselfinfo['doaddinfo'])//增加权限
 {
  //printerror("NotAddInfoLevel","history.go(-1)");
  exit("[err]该用户没有增加信息的权限[/err]");
 }
 */
 $ccr=$empire->fetch1("select classid,modid,listdt,haddlist,sametitle,addreinfo,wburl,repreinfo from {$dbtbpre}enewsclass where classid='$add[classid]' and islast=1");
/* if(!$ccr['classid']||$ccr[wburl])
 {
  printerror("ErrorUrl","history.go(-1)");  
 }
 if($ccr['sametitle'])//验证标题重复
 {
  $num=$empire->gettotal("select count(*) as total from {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." where title='$add[title]' limit 1");
  if($num)
  {
   //printerror("ReInfoTitle","history.go(-1)");
   exit("[err]标题重复，增加不成功[/err]");
     }
    }
*/ $add=DoPostInfoVar($add);//返回变量
 $ret_r=ReturnAddF($add,$class_r[$add[classid]][modid],$userid,$username,0,0,1);//返回自定义字段
    $newspath=FormatPath($add[classid],$add[newspath],1);//查看目录是否存在，不存在则建立
 //签发
 $isqf=0;
    if($class_r[$add[classid]][wfid])
    {
        $add[checked]=0;
        $isqf=1;
    }
/*if($add[checkuser])
 {
  $checkuser=",".$add[checkuser].",";
  $isqf=1;
  
 }
  $add[checked]=isset($add[checked]) ? $add[checked]:1;
    
    */
 //$truetime=time();
 $truetime=strtotime($add[newstime]);
 $lastdotime=$truetime;
 //返回关键字组合
//    if($add['info_diyotherlink'])
//    {
//        $keyid=DoPostDiyOtherlinkID($add['info_keyid']);
//    }
//    else
//    {
        $keyid=GetKeyid($add[keyboard],$add[classid],0,$class_r[$add[classid]][link_num]);
//    }
 //主表
    $sql=$empire->query("insert into {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]."(classid,onclick,newspath,keyboard,keyid,userid,username,ztid,checked,istop,truetime,ismember,dokey,isgood,titlefont,titleurl,filename,groupid,newstempid,plnum,firsttitle,isqf,userfen,totaldown,closepl,havehtml,lastdotime,haveaddfen,infopfen,infopfennum,votenum,stb,ttid,infotags,ispic".$ret_r[fields].") values($add[classid],'$add[onclick]','$newspath','".addslashes($add[keyboard])."','$keyid',$userid,'".addslashes($username)."','$add[my_ztid]',$add[checked],'$add[istop]',$truetime,0,$add[dokey],$add[isgood],'".addslashes($add[my_titlefont])."','".addslashes($add[titleurl])."','$filename',$add[groupid],$add[newstempid],0,$add[firsttitle],'$isqf',$add[userfen],'$add[totaldown]',$add[closepl],0,$lastdotime,0,0,0,0,'".$ret_r[tb]."','$add[ttid]','".addslashes($add[infotags])."','$add[ispic]'".$ret_r[values].");");
 $id=$empire->lastid();
 //副表
 $fsql=$empire->query("insert into {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]."_data_".$ret_r['tb']."(id,classid".$ret_r[datafields].") values('$id','$add[classid]'".$ret_r[datavalues].");");
 //签发
 if($isqf==1)
 {
        InfoInsertToWorkflow($id,$add[classid],$class_r[$add[classid]][wfid],$userid,$username);
 }
 //更新附件表
 UpdateTheFile($id,$add['filepass']);
 //取第一张图作为标题图片
 if($add['getfirsttitlepic']&&empty($add['titlepic']))
 {
  $firsttitlepic=GetFpicToTpic($add['classid'],$id,$add['getfirsttitlepic'],$add['getfirsttitlespic'],$add['getfirsttitlespicw'],$add['getfirsttitlespich']);
  if($firsttitlepic)
  {
            $addtitlepic=",titlepic='".addslashes($firsttitlepic)."',ispic=1";
  }
 }
 //文件命名
 if($add['filename'])
 {
  $filename=$add['filename'];
 }
 else
 {
  $filename=ReturnInfoFilename($add[classid],$id,'');
 }
 $usql=$empire->query("update {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." set filename='$filename'".$addtitlepic." where id='$id'");
    //替换图片下一页
    if($add['repimgnexturl'])
    {
        UpdateImgNexturl($add[classid],$id);
    }
 //投票
 AddInfoVote($add['classid'],$id,$add);
    //TAGS
    if($add[infotags]&&$add[infotags]<>$add[oldinfotags])
    {
        $tagtime=empty($add[newstime])?time():to_time($add[newstime]);
        eInsertTags($add[infotags],$add['classid'],$id,$tagtime);
    }
 //增加信息是否生成文件
 if($ccr['addreinfo'])
 {
  $ar=$empire->fetch1("select * from {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." where id='$id'");
  GetHtml($ar,'');
 }
 //生成上一篇
 if($ccr['repreinfo']&&$add[checked])
 {
  $prer=$empire->fetch1("select * from {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." where id<$id and classid='$add[classid]' and checked=1 order by id desc limit 1");
  GetHtml($prer,'');
 }
 //生成栏目
 if($ccr[haddlist]&&$add[checked])
 {
  hAddListHtml($add[classid],$ccr['modid'],$ccr['haddlist'],$ccr['listdt']);//生成信息列表
  for($z=0;$z<count($ztid);$z++)//生成专题列表
  {
   ListHtml(intval($ztid[$z]),'',1);
  }
 }
 //同时发布
 $copyclassid=$add[copyclassid];
 $cpcount=count($copyclassid);
 if($cpcount)
 {
  $copyids=AddInfoToCopyInfo($add[classid],$id,$copyclassid,$userid,$username);
  if($copyids)
  {
   $empire->query("update {$dbtbpre}ecms_".$class_r[$add[classid]][tbname]." set copyids='$copyids' where id='$id'");
  }
 }
 if($sql)
 {
/*        //返回地址
        if($add['ecmsfrom']&&(stristr($add['ecmsfrom'],'ListNews.php')||stristr($add['ecmsfrom'],'ListAllInfo.php')))
        {
            $ecmsfrom=$add['ecmsfrom'];
        }
        else
        {
            $ecmsfrom=$add['ecmsnfrom']==1?"ListNews.php?bclassid=$add[bclassid]&classid=$add[classid]":"ListAllInfo.php?tbname=".$class_r[$add[classid]][tbname];
        }
        $GLOBALS['ecmsadderrorurl']=$ecmsfrom;
*/  insert_dolog("classid=$add[classid]<br>id=".$id."<br>title=".$add[title]);//操作日志
  //printerror("AddNewsSuccess","AddNews.php?enews=AddNews&bclassid=$add[bclassid]&classid=$add[classid]");
  echo("[ok]");
 }
 else
 {
  //printerror("DbError","");
  echo("[err]数据库出错，发布失败[/err]");
 }
}


//登陆 function login($username,$password,$key,$post)
function chklogin($username,$password){
 global $empire,$public_r,$dbtbpre,$do_loginauth,$logininid,$loginin,$loginrnd,$loginlevel;
 //eCheckAccessIp(1);//禁止IP
 $username=RepPostVar($username);
 $password=RepPostVar($password);
 if(!$username||!$password)
 {
  //printerror("EmptyKey","index.php");
  exit("[err]username or password is empty[/err]");  
 }
 /*
 //验证码
 $keyvname='checkkey';
 if(!$public_r['adminloginkey'])
 {
  ecmsCheckShowKey($keyvname,$key,0,1);
 }
 */
 if(strlen($username)>30||strlen($password)>30)
 {
  //printerror("EmptyKey","index.php");
  exit("[err]username or password is too long[/err]");
 }
 $loginip=egetip();
 $logintime=time();
 //CheckLoginNum($loginip,$logintime);
 /*
 //认证码
 if($do_loginauth&&$do_loginauth!=$post['loginauth'])
 {
  InsertErrorLoginNum($username,$password,1,$loginip,$logintime);
  printerror("ErrorLoginAuth","index.php");
 }*/
 $user_r=$empire->fetch1("select userid,password,salt from {$dbtbpre}enewsuser where username='".$username."' and checked=0 limit 1");
 if(!$user_r['userid'])
 {
  //InsertErrorLoginNum($username,$password,0,$loginip,$logintime);
  //printerror("LoginFail","index.php");
  exit("[err]username  is error[/err]");
 }
 $ch_password=md5(md5($password).$user_r['salt']);
 if($user_r['password']!=$ch_password)
 {
  //InsertErrorLoginNum($username,$password,0,$loginip,$logintime);
  //printerror("LoginFail","index.php");
  exit("[err]password is error[/err]");
 }
 
 $logininid=$user_r['userid'];
 $loginin=$username;
 $loginrnd=$user_r['rnd'];
 $loginlevel=$user_r['groupid'];
 /* 
 //取得随机密码
 $rnd=make_password(20);
 $sql=$empire->query("update {$dbtbpre}enewsuser set rnd='$rnd',loginnum=loginnum+1,lastip='$loginip',lasttime='$logintime' where username='$username' limit 1");
 $r=$empire->fetch1("select groupid,userid,styleid from {$dbtbpre}enewsuser where username='$username' limit 1");
 //样式
 if(empty($r[styleid]))
 {
  $stylepath=$public_r['defadminstyle']?$public_r['defadminstyle']:1;
 }
 else
 {
  $styler=$empire->fetch1("select path,styleid from {$dbtbpre}enewsadminstyle where styleid='$r[styleid]'");
  if(empty($styler[styleid]))
  {
   $stylepath=$public_r['defadminstyle']?$public_r['defadminstyle']:1;
  }
  else
  {
   $stylepath=$styler['path'];
  }
 }
 //设置备份
 $cdbdata=0;
 $bnum=$empire->gettotal("select count(*) as total from {$dbtbpre}enewsgroup where groupid='$r[groupid]' and dodbdata=1");
 if($bnum)
 {
  $cdbdata=1;
  $set5=esetcookie("ecmsdodbdata","empirecms",0,1);
    }
 else
 {
  $set5=esetcookie("ecmsdodbdata","",0,1);
 }
 
 ecmsEmptyShowKey($keyvname,1);//清空验证码
 $set4=esetcookie("loginuserid",$r[userid],0,1);
 $set1=esetcookie("loginusername",$username,0,1);
 $set2=esetcookie("loginrnd",$rnd,0,1);
 $set3=esetcookie("loginlevel",$r[groupid],0,1);
 $set5=esetcookie("eloginlic","empirecmslic",0,1);
 $set6=esetcookie("loginadminstyleid",$stylepath,0,1);
 //COOKIE加密验证
 DoECookieRnd($r[userid],$username,$rnd,$cdbdata,$r[groupid],intval($stylepath));
 //最后登陆时间
 $set4=esetcookie("logintime",$logintime,0,1);
 //写入日志
 insert_log($username,'',1,$loginip,0);
 if($set1&&$set2&&$set3)
 {
  //操作日志
     insert_dolog("");
  if($post['adminwindow'])
  {
  ?>
   <script>
   AdminWin=window.open("admin.php","EmpireCMS","scrollbars");
   AdminWin.moveTo(0,0);
   AdminWin.resizeTo(screen.width,screen.height-30);
   self.location.href="blank.php";
   </script>
  <?
  exit();
  }
  else
  {
   printerror("LoginSuccess","admin.php");
  }
 }
 else
 {
  printerror("NotCookie","index.php");
 }
 */
}

/*
//验证用户
$lur=is_login();
$logininid=$lur['userid'];
$loginin=$lur['username'];
$loginrnd=$lur['rnd'];
$loginlevel=$lur['groupid'];
$loginadminstyleid=$lur['adminstyleid'];*/
chklogin($_POST['username'],$_POST['password']);
$incftp=0;
if($public_r['phpmode'])
{
 include("../class/ftp.php");
 $incftp=1;
}
/*//防采集
if($public_r['opennotcj'])
{
 @include("../data/dbcache/notcj.php");
}
//会员组
if($enews=="CheckNews_all")
{
 @include("../class/user.php");
}*/
require("../class/hinfofun.php");
//if($enews=="AddNews")//增加信息
//{
$_POST['filepass']=time(); //zzcity add
 $navtheid=(int)$_POST['filepass'];

 if (!isset($_POST['checked'])){$_POST['checked']='1';} //审核
 if (!isset($_POST['bclassid'])){$_POST['bclassid']='2';} //分类栏目ID，见管理栏目，新闻中心默认2，下载中心默认3
 if (!isset($_POST['newstempid'])){$_POST['newstempid']='1';} //内容模板ID，默认新闻内容模板1，默认下载内容模板2
 //if (empty($_POST['fh'])){$_POST['fh']='0';} //模板
 if (!isset($_POST['autopage'])){$_POST['autopage']='1';} //自动分页
 if (empty($_POST['autosize'])){$_POST['autosize']='5000';} //分页大小
 if (!isset($_POST['onclick'])){   //点击数
  $_POST['onclick']='0';
}else {
 $_POST['onclick']=rand(0,$_POST['onclick']);
}
if (empty($_POST['newstime'])){   //发布日期
  $_POST['newstime']=date("Y-m-d H:i:s"); 
 }
else{
 $_POST['newstime']=str_replace("/","-",trim($_POST['newstime'])); 
 $_POST['newstime']=str_replace(array("年","月"),"-",trim($_POST['newstime'])); 
 $_POST['newstime']=str_replace(array("时","分"),":",trim($_POST['newstime'])); 
 $_POST['newstime']=str_replace(array("日","秒")," ",trim($_POST['newstime'])); 
 $_POST['newstime']=preg_replace('/ {2,}/',' ',trim($_POST['newstime']));
 $_POST['newstime']=preg_replace('/\-(\d)\-/','-0$1-',trim($_POST['newstime']));
 $_POST['newstime']=preg_replace('/\-(\d) /','-0$1 ',trim($_POST['newstime']));
 $_POST['newstime']=preg_replace('/\-(\d)$/','-0$1',trim($_POST['newstime']));
 $_POST['newstime']=preg_replace('/ (\d):/',' 0$1:',trim($_POST['newstime']));
 $_POST['newstime']=preg_replace('/:(\d):/',':0$1:',trim($_POST['newstime']));
 $_POST['newstime']=preg_replace('/:(\d)$/',':0$1',trim($_POST['newstime']));
}

if (strtotime($_POST['newstime'])==false||strtotime($_POST['newstime'])==-1){
 echo("[err]发布时间格式错误[/err]");
 exit();
}


 etAddNews($_POST,$logininid,$loginin);
//}
/*
elseif($enews=="EditNews")//修改信息
{
 $navtheid=(int)$_POST['id'];
 EditNews($_POST,$logininid,$loginin);
}
elseif($enews=="DelNews")//删除信息
{
 $id=$_GET['id'];
 $classid=$_GET['classid'];
 $bclassid=$_GET['bclassid'];
 DelNews($id,$classid,$logininid,$loginin);
}
elseif($enews=="DelNews_all")//批量删除信息
{
 $id=$_POST['id'];
 $classid=$_POST['classid'];
 $bclassid=$_POST['bclassid'];
 DelNews_all($id,$classid,$logininid,$loginin);
}
elseif($enews=="DelInfoDoc_all")//删除归档
{
 $id=$_POST['id'];
 $classid=$_POST['classid'];
 $bclassid=$_POST['bclassid'];
 DelNews_all($id,$classid,$logininid,$loginin,1);
}
elseif($enews=='AddInfoToReHtml')//刷新页面
{
 AddInfoToReHtml($_GET['classid'],$_GET['dore']);
}
elseif($enews=="TopNews_all")//信息置顶
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $istop=$_POST['istop'];
 TopNews_all($classid,$id,$istop,$logininid,$loginin);
}
elseif($enews=="CheckNews_all")//审核信息
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 CheckNews_all($classid,$id,$logininid,$loginin);
}
elseif($enews=="NoCheckNews_all")//取消审核信息
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 NoCheckNews_all($classid,$id,$logininid,$loginin);
}
elseif($enews=="MoveNews_all")//移动信息
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $to_classid=$_POST['to_classid'];
 MoveNews_all($classid,$id,$to_classid,$logininid,$loginin);
}
elseif($enews=="CopyNews_all")//复制信息
{
 $bclassid=$_POST['bclassid'];
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $to_classid=$_POST['to_classid'];
 CopyNews_all($classid,$id,$to_classid,$logininid,$loginin);
}
elseif($enews=="MoveClassNews")//批量移动信息
{
 $add=$_POST['add'];
 MoveClassNews($add,$logininid,$loginin);
}
elseif($enews=="GoodInfo_all")//批量推荐/头条信息
{
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $isgood=$_POST['isgood'];
 $doing=$_POST['doing'];
 GoodInfo_all($classid,$id,$isgood,$doing,$logininid,$loginin);
}
elseif($enews=="DoZtNews_all")//批量转移信息到专题
{
 $classid=$_POST['classid'];
 $id=$_POST['id'];
 $ztid=$_POST['ztid'];
 DoZtNews_all($classid,$id,$ztid,$logininid,$loginin);
}
elseif($enews=="SetAllCheckInfo")//本栏目信息全部审核
{
 $classid=$_GET['classid'];
 $bclassid=$_GET['bclassid'];
 SetAllCheckInfo($bclassid,$classid,$logininid,$loginin);
}
elseif($enews=="DoCheckUser")//签发信息
{
 DoCheckUser($_POST,$logininid,$loginin);
}
elseif($enews=="ViewQfNews")//查看签发内容
{
 $id=$_GET['id'];
 $classid=$_GET['classid'];
 ViewQfNews($id,$classid,$logininid,$loginin);
}
elseif($enews=="DelInfoData")//删除信息页面
{
 $start=$_GET['start'];
 $classid=$_GET['classid'];
 $from=$_GET['from'];
 $retype=$_GET['retype'];
 $startday=$_GET['startday'];
 $endday=$_GET['endday'];
 $startid=$_GET['startid'];
 $endid=$_GET['endid'];
 $tbname=$_GET['tbname'];
 DelInfoData($start,$classid,$from,$retype,$startday,$endday,$startid,$endid,$tbname,$_GET,$logininid,$loginin);
}
elseif($enews=="InfoToDoc")//归档信息
{
 if($_GET['ecmsdoc']==1)//栏目
 {
  InfoToDoc_class($_GET,$logininid,$loginin);
 }
 elseif($_GET['ecmsdoc']==2)//条件
 {
  InfoToDoc($_GET,$logininid,$loginin);
 }
 else//信息
 {
  InfoToDoc_info($_POST,$logininid,$loginin);
 }
}
else
{
 printerror("ErrorUrl","history.go(-1)");
}*/
db_close();
$empire=null;
?>