ExecuteNoneQuery("UPDATE `#@__feedback` SET good = good+1 WHERE id='$fid' "); $row = $dsql->GetOne("SELECT good FROM `#@__feedback` WHERE id='$fid' "); echo "支持[{$row['good']}]"; exit(); } else if($action=='badfb') { AjaxHead(); $fid = intval($fid); $dsql->ExecuteNoneQuery("UPDATE `#@__feedback` SET bad = bad+1 WHERE id='$fid' "); $row = $dsql->GetOne("SELECT bad FROM `#@__feedback` WHERE id='$fid' "); echo "反对[{$row['bad']}]"; exit(); } //查看评论 /* function __ViewFeedback(){ } */ //----------------------------------- else if($action=='' || $action=='show') { //读取文档信息 $arcRow = GetOneArchive($aid); if(empty($arcRow['aid'])) { ShowMsg('无法查看未知文档的评论!','-1'); exit(); } extract($arcRow, EXTR_SKIP); include_once(DEDEINC.'/datalistcp.class.php'); $dlist = new DataListCP(); $dlist->pageSize = 20; if(empty($ftype) || ($ftype!='good' && $ftype!='bad' && $ftype!='feedback')) { $ftype = ''; } $wquery = $ftype!='' ? " And ftype like '$ftype' " : ''; helper('smiley'); //评论内容列表 $querystring = "SELECT fb.*,mb.userid,mb.face as mface,mb.spacesta,mb.scores,mb.sex FROM `#@__feedback` fb LEFT JOIN `#@__member` mb on mb.mid = fb.mid WHERE fb.aid='$aid' AND fb.ischeck='1' $wquery ORDER BY fb.id desc"; $dlist->SetParameter('aid',$aid); $dlist->SetParameter('action','show'); $dlist->SetTemplate(DEDETEMPLATE.'/plus/feedback_templet.htm'); $dlist->SetSource($querystring); $dlist->Display(); exit(); } //引用评论 //------------------------------------ /* function __Quote(){ } */ else if($action=='quote') { $type = empty($type)? '' : 'ajax'; if($type == 'ajax') { AjaxHead(); } $row = $dsql->GetOne("SELECT * FROM `#@__feedback` WHERE id ='$fid'"); require_once(DEDEINC.'/dedetemplate.class.php'); $dtp = new DedeTemplate(); $tplfile = $type == ''? DEDETEMPLATE.'/plus/feedback_quote.htm' : DEDETEMPLATE.'/plus/feedback_quote_ajax.htm'; $dtp->LoadTemplate($tplfile); $dtp->Display(); exit(); } //发表评论 //------------------------------------ /* function __SendFeedback(){ } */ else if($action=='send') { //读取文档信息 $arcRow = GetOneArchive($aid); if((empty($arcRow['aid']) || $arcRow['notpost']=='1') && empty($fid)) { ShowMsg('无法对该文档发表评论!','-1'); exit(); } //是否加验证码重确认 if(empty($isconfirm)) { $isconfirm = ''; } if($isconfirm!='yes' && $cfg_feedback_ck=='Y') { extract($arcRow, EXTR_SKIP); require_once(DEDEINC.'/dedetemplate.class.php'); $dtp = new DedeTemplate(); $dtp->LoadTemplate(DEDETEMPLATE.'/plus/feedback_confirm.htm'); $dtp->Display(); exit(); } //检查验证码 if(preg_match("/4/",$safe_gdopen)){ $validate = isset($validate) ? strtolower(trim($validate)) : ''; $svali = GetCkVdValue(); if(strtolower($validate)!=$svali || $svali=='') { ResetVdValue(); ShowMsg('验证码错误！', '-1'); exit(); } } //检查用户登录 if(empty($notuser)) { $notuser=0; } if($cfg_feedback_guest == 'N' && $cfg_ml->M_ID < 1) { ShowMsg('管理员禁用了游客评论！','-1'); exit(); } //匿名发表评论 if($notuser==1) { $username = $cfg_ml->M_ID > 0 ? '匿名' : '游客'; } //已登录的用户 else if($cfg_ml->M_ID > 0) { $username = $cfg_ml->M_UserName; } //用户身份验证 else { if($username!='' && $pwd!='') { $rs = $cfg_ml->CheckUser($username,$pwd); if($rs==1) { $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET logintime='".time()."',loginip='".GetIP()."' WHERE mid='{$cfg_ml->M_ID}'; "); } else { $username = '游客'; } } else { $username = '游客'; } } $ip = GetIP(); $dtime = time(); //检查评论间隔时间； if(!empty($cfg_feedback_time)) { //检查最后发表评论时间，如果未登陆判断当前IP最后评论时间 if($cfg_ml->M_ID > 0) { $where = "WHERE `mid` = '$cfg_ml->M_ID'"; } else { $where = "WHERE `ip` = '$ip'"; } $row = $dsql->GetOne("SELECT dtime FROM `#@__feedback` $where ORDER BY `id` DESC "); if(is_array($row) && $dtime - $row['dtime'] < $cfg_feedback_time) { ResetVdValue(); ShowMsg('管理员设置了评论间隔时间，请稍等休息一下！','-1'); exit(); } } if(empty($face)) { $face = 0; } $face = intval($face); $typeid = (isset($typeid) && is_numeric($typeid)) ? intval($typeid) : 0; extract($arcRow, EXTR_SKIP); $msg = cn_substrR(TrimMsg($msg), 1000); $username = cn_substrR(HtmlReplace($username, 2), 20); if(empty($feedbacktype) || ($feedbacktype!='good' && $feedbacktype!='bad')) { $feedbacktype = 'feedback'; } //保存评论内容 if($comtype == 'comments') { $arctitle = addslashes($title); $typeid = intval($typeid); $ischeck = intval($ischeck); $feedbacktype = preg_replace("#[^0-9a-z]#i", "", $feedbacktype); if($msg!='') { $inquery = "INSERT INTO `#@__feedback`(`aid`,`typeid`,`username`,`arctitle`,`ip`,`ischeck`,`dtime`, `mid`,`bad`,`good`,`ftype`,`face`,`msg`) VALUES ('$aid','$typeid','$username','$arctitle','$ip','$ischeck','$dtime', '{$cfg_ml->M_ID}','0','0','$feedbacktype','$face','$msg'); "; $rs = $dsql->ExecuteNoneQuery($inquery); if(!$rs) { ShowMsg(' 发表评论错误! ', '-1'); //echo $dsql->GetError(); exit(); } } } //引用回复 elseif ($comtype == 'reply') { $row = $dsql->GetOne("SELECT * FROM `#@__feedback` WHERE id ='$fid'"); $arctitle = addslashes($row['arctitle']); $aid =$row['aid']; $msg = $quotemsg.$msg; $msg = HtmlReplace($msg, 2); $inquery = "INSERT INTO `#@__feedback`(`aid`,`typeid`,`username`,`arctitle`,`ip`,`ischeck`,`dtime`,`mid`,`bad`,`good`,`ftype`,`face`,`msg`) VALUES ('$aid','$typeid','$username','$arctitle','$ip','$ischeck','$dtime','{$cfg_ml->M_ID}','0','0','$feedbacktype','$face','$msg')"; $dsql->ExecuteNoneQuery($inquery); } if($feedbacktype=='bad') { $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET scores=scores-{cfg_feedback_sub},badpost=badpost+1,lastpost='$dtime' WHERE id='$aid' "); } else if($feedbacktype=='good') { $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET scores=scores+{$cfg_feedback_add},goodpost=goodpost+1,lastpost='$dtime' WHERE id='$aid' "); } else { $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET scores=scores+1,lastpost='$dtime' WHERE id='$aid' "); } if($cfg_ml->M_ID > 0) { $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET scores=scores+{$cfg_sendfb_scores} WHERE mid='{$cfg_ml->M_ID}' "); } //统计用户发出的评论 if($cfg_ml->M_ID > 0) { #api{{ if(defined('UC_API') && @include_once DEDEROOT.'/api/uc.func.php') { //同步积分 uc_credit_note($cfg_ml->M_LoginID, $cfg_sendfb_scores); //推送事件 $arcRow = GetOneArchive($aid); $feed['icon'] = 'thread'; $feed['title_template'] = '{username} 在网站发表了评论'; $feed['title_data'] = array('username' => $cfg_ml->M_UserName); $feed['body_template'] = '{subject}
{message}'; $url = !strstr($arcRow['arcurl'],'http://') ? ($cfg_basehost.$arcRow['arcurl']) : $arcRow['arcurl']; $feed['body_data'] = array('subject' => "$arcRow[arctitle]", 'message' => cn_substr(strip_tags(preg_replace("/\[.+?\]/is", '', $msg)), 150)); $feed['images'][] = array('url' => $cfg_basehost.'/images/scores.gif', 'link'=> $cfg_basehost); uc_feed_note($cfg_ml->M_LoginID,$feed); unset($arcRow); } #/aip}} $row = $dsql->GetOne("SELECT COUNT(*) AS nums FROM `#@__feedback` WHERE `mid`='".$cfg_ml->M_ID."'"); $dsql->ExecuteNoneQuery("UPDATE `#@__member_tj` SET `feedback`='$row[nums]' WHERE `mid`='".$cfg_ml->M_ID."'"); } //会员动态记录 $cfg_ml->RecordFeeds('feedback', $arctitle, $msg, $aid); $_SESSION['sedtime'] = time(); if(empty($uid) && isset($cmtuser)) $uid = $cmtuser; $backurl = $cfg_formmember ? "index.php?uid={$uid}&action=viewarchives&aid={$aid}" : "feedback.php?aid={$aid}"; if($ischeck==0) { ShowMsg('成功发表评论，但需审核后才会显示你的评论!', $backurl); } else { ShowMsg('成功发表评论，现在转到评论页面!', $backurl); } exit(); }