-
Notifications
You must be signed in to change notification settings - Fork 27
/
question.php
180 lines (153 loc) · 5.63 KB
/
question.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
<?php
/**
* 鸿宇多用户商城 提交用户咨询
* ============================================================================
* 版权所有 2005-2010 鸿宇多用户商城科技有限公司,并保留所有权利。
* 网站地址: http://bbs.hongyuvip.com;
* ----------------------------------------------------------------------------
* 仅供学习交流使用,如需商用请购买正版版权。鸿宇不承担任何法律责任。
* 踏踏实实做事,堂堂正正做人。
* ============================================================================
* $ Author: QQ123456789 $
* $ bbs.hongyuvip.com $
*/
define('IN_ECS', true);
require(dirname(__FILE__) . '/includes/init.php');
require(ROOT_PATH . 'includes/cls_json.php');
if (!isset($_REQUEST['cmt']) && !isset($_REQUEST['act']))
{
/* 只有在没有提交咨询内容以及没有act的情况下才跳转 */
ecs_header("Location: ./\n");
exit;
}
$_REQUEST['cmt'] = isset($_REQUEST['cmt']) ? json_str_iconv($_REQUEST['cmt']) : '';
$json = new JSON;
$result = array('error' => 0, 'message' => '', 'content' => '');
if (empty($_REQUEST['act']))
{
/*
* act 参数为空
* 默认为添加咨询内容
*/
$cmt = $json->decode($_REQUEST['cmt']);
$cmt->page = 1;
$cmt->id = !empty($cmt->id) ? intval($cmt->id) : 0;
if (empty($cmt) || !isset($cmt->id))
{
$result['error'] = 1;
$result['message'] = '此咨询无效!';
}
elseif (!is_email($cmt->email))
{
$result['error'] = 1;
$result['message'] = $_LANG['error_email'];
}
else
{
if ((intval($_CFG['captcha']) & CAPTCHA_QUESTION) && gd_version() > 0)
{
/* 检查验证码 */
include_once('includes/cls_captcha.php');
$validator = new captcha();
$validator->session_word = 'captcha_zixun';
if (!$validator->check_word($cmt->captcha))
{
$result['error'] = 1;
$result['message'] = $_LANG['invalid_captcha'];
}
else
{
/* 无错误就保存留言 */
if (empty($result['error']))
{
add_question($cmt);
}
}
}
else
{
/* 没有验证码时,用时间来限制机器人发帖或恶意发评论 */
if (!isset($_SESSION['send_time']))
{
$_SESSION['send_time'] = 0;
}
$cur_time = gmtime();
if (($cur_time - $_SESSION['send_time']) < 30) // 小于30秒禁止发评论
{
$result['error'] = 1;
$result['message'] = $_LANG['cmt_spam_warning'];
}
else
{
/* 无错误就保存留言 */
if (empty($result['error']))
{
add_question($cmt);
$_SESSION['send_time'] = $cur_time;
}
}
}
}
}
else
{
/*
* act 参数不为空
* 默认为咨询内容列表
* 根据 _GET 创建一个静态对象
*/
$cmt = new stdClass();
$cmt->id = !empty($_GET['id']) ? intval($_GET['id']) : 0;
$cmt->type = !empty($_GET['type']) ? intval($_GET['type']) : 0;
$cmt->page = !empty($_GET['page']) ? intval($_GET['page']) : 1;
$cmt->question_type = !empty($_GET['question_type']) ? intval($_GET['question_type']) : 0;
}
if ($result['error'] == 0)
{
$comments = assign_question($cmt->id, $cmt->page, $cmt->question_type);
$smarty->assign('id', $cmt->id);
$smarty->assign('username', $_SESSION['user_name']);
$smarty->assign('email', $_SESSION['email']);
$smarty->assign('question_list', $comments['comments']);
$smarty->assign('pager', $comments['pager']);
/* 验证码相关设置 */
if ((intval($_CFG['captcha']) & CAPTCHA_QUESTION) && gd_version() > 0)
{
$smarty->assign('enabled_captcha_question', 1);
$smarty->assign('rand', mt_rand());
}
$result['message'] = $_CFG['comment_check'] ? '您的咨询已成功提交, 请等待管理员的审核!' : '您的咨询已成功提交, 感谢您的参与!';
$result['content'] = $smarty->fetch("library/question_list.lbi");
$result['question_type'] = $cmt->question_type;
$result['goods_id'] = $cmt->id;
}
echo $json->encode($result);
/*------------------------------------------------------ */
//-- PRIVATE FUNCTION
/*------------------------------------------------------ */
/**
* 添加咨询内容
*
* @access public
* @param object $cmt
* @return void
*/
function add_question($cmt)
{
/* 咨询是否需要审核 */
$status = 1 - $GLOBALS['_CFG']['comment_check'];
$user_id = empty($_SESSION['user_id']) ? 0 : $_SESSION['user_id'];
$email = empty($cmt->email) ? $_SESSION['email'] : trim($cmt->email);
$user_name = empty($cmt->username) ? $_SESSION['user_name'] : trim($cmt->username);
$email = htmlspecialchars($email);
$question_type = empty($cmt->question_type) ? 0 : intval($cmt->question_type);
$user_name = htmlspecialchars($user_name);
/* 保存咨询内容 */
$sql = "INSERT INTO " .$GLOBALS['ecs']->table('question') .
"( id_value, question_type, email, user_name, content, add_time, ip_address, status, parent_id, user_id) VALUES " .
"('" .$cmt->id. "', '$question_type', '$email', '$user_name', '" .$cmt->content."', ".gmtime().", '".real_ip()."', '$status', '0', '$user_id')";
$result = $GLOBALS['db']->query($sql);
clear_cache_files('question_list.lbi');
return $result;
}
?>