首页 > UCHome源码分析 > UCHome中关于处理日志相关函数(function_blog.php)页面的代码分析

UCHome中关于处理日志相关函数(function_blog.php)页面的代码分析

2009年10月14日 浏览 16,803 次 admin 
<?php
/*
[UCenter Home] (C) 2007-2008 Comsenz Inc.
$Id: function_blog.php 2009-10-12 20:37:00
@author ymaozi
@copyright http://www.codedesign.cn
@uchome源码交流QQ群:83400173
*/

if(!defined('IN_UCHOME')) {
exit('Access Denied');
}

//添加博客
function blog_post($POST, $olds=array()) {
global $_SGLOBAL, $_SC, $space;

//操作者角色切换
$isself = 1;
if(!empty($olds['uid']) &amp;&amp; $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}



//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1); //以防文章的标题太长
if(strlen($POST['subject'])<1) $POST['subject'] = sgmdate('Y-m-d'); //如果没有提交标题,则将当前的时间做为文章的标题
$POST['friend'] = intval($POST['friend']); //访问权限设置

//隐私
$POST['target_ids'] = ''; //设置指定的好友
if($POST['friend'] == 2) {//如果设置为指定好友访问
//特定好友
$uids = array();
//获取前指定的可以访问日志的好友用户名,如果存在,则将字符串以空格为分隔符,他字符串分开,存入数组
$names = empty($_POST['target_names'])?array():explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if($names) {//如果存在指定用户,则查找用户的uid
$query = $_SGLOBAL['db']->query("SELECT uid FROM ".tname('space')." WHERE username IN (".simplode($names).")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if(empty($uids)) { //如果没有查到uids则表示只有自己可以看到
$POST['friend'] = 3;//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);//将$uids数组用","号分隔成字符串
}
} elseif($POST['friend'] == 4) { //如果是密码访问的
//加密
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;//如果密码为空,则为公开的
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}

$POST['tag'] = shtmlspecialchars(trim($POST['tag'])); //转义
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1); //语词屏蔽

//内容
if($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']); ////屏蔽html
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']); //替换div代码
}
$message = $POST['message'];

//个人分类
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
//分类名为空或是提交的分类与以前的分类不相同
if(!empty($POST['classid']) &amp;&amp; substr($POST['classid'], 0, 4) == 'new:') {
//分类名
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if(empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname'=>$classname, 'uid'=>$_SGLOBAL['supe_uid']), 'classid');
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_SGLOBAL['supe_uid'],
'dateline' => $_SGLOBAL['timestamp']
);
$classid = inserttable('class', $setarr, 1);
}
//如果分类存在,则更新分类表
}
} else {
$classid = intval($POST['classid']);

}
} else {
$classid = $olds['classid'];
}
if($classid &amp;&amp; empty($classname)) {
//是否是自己的
$classname = getcount('class', array('classid'=>$classid, 'uid'=>$_SGLOBAL['supe_uid']), 'classname');
if(empty($classname)) $classid = 0;
}

//主表
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
'password' => $POST['password'],
'noreply' => empty($_POST['noreply'])?0:1 //是否可以评论日志
);

//标题图片
$titlepic = '';

//获取上传的图片
$uploads = array();
if(!empty($POST['picids'])) {
$picids = array_keys($POST['picids']); //返回数组中所有的键名
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('pic')." WHERE picid IN (".simplode($picids).") AND uid='$_SGLOBAL[supe_uid]'");
//查看图片库中是否有选定的图片
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if(empty($titlepic) &amp;&amp; $value['thumb']) {
//如果标题图片不存在而数据库中存在标题图片
$titlepic = $value['filepath'].'.thumb.jpg'; //设置标题图片
$blogarr['picflag'] = $value['remote']?2:1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if(empty($titlepic) &amp;&amp; $value) {
$titlepic = $value['filepath'];
$blogarr['picflag'] = $value['remote']?2:1;
}
}

//插入文章
if($uploads) {
preg_match_all("/\<img\s.*?\_uchome\_localimg\_([0-9]+).+?src\=\"(.+?)\"/i", $message, $mathes);
if(!empty($mathes[1])) {
$searchs = $idsearchs = array();
$replaces = array();
foreach ($mathes[1] as $key => $value) {
if(!empty($mathes[2][$key]) &amp;&amp; !empty($uploads[$value])) {
$searchs[] = $mathes[2][$key];
$idsearchs[] = "_uchome_localimg_$value";
$replaces[] = pic_get($uploads[$value]['filepath'], $uploads[$value]['thumb'], $uploads[$value]['remote'], 0);
unset($uploads[$value]);
}
}
if($searchs) {
$message = str_replace($searchs, $replaces, $message);
$message = str_replace($idsearchs, 'uchomelocalimg[]', $message);
}
}
//未插入文章
foreach ($uploads as $value) {
$picurl = pic_get($value['filepath'], $value['thumb'], $value['remote'], 0);
$message .= "<div class=\"uchome-message-pic\"><img src=\"$picurl\"><p>$value[title]</p></div>";
}
}

//没有填写任何东西
$ckmessage = preg_replace("/(\<div\>|\<\/div\>|\s|\&amp;nbsp\;|\<br\>|\<p\>|\<\/p\>)+/is", '', $message);
if(empty($ckmessage)) {
return false;
}

//添加slashes
$message = addslashes($message);

//从内容中读取图片
if(empty($titlepic)) {
$titlepic = getmessagepic($message);
$blogarr['picflag'] = 0;
}
$blogarr['pic'] = $titlepic;

//热度
if(checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']); //获取热度值
}

if($olds['blogid']) {
//更新
$blogid = $olds['blogid'];
updatetable('blog', $blogarr, array('blogid'=>$blogid)); //如果是编辑是的话,则更新日志信息

$fuids = array();

$blogarr['uid'] = $olds['uid'];
$blogarr['username'] = $olds['username'];
} else {
//参与热闹
$blogarr['topicid'] = topic_check($POST['topicid'], 'blog');

$blogarr['uid'] = $_SGLOBAL['supe_uid'];
$blogarr['username'] = $_SGLOBAL['supe_username'];
$blogarr['dateline'] = empty($POST['dateline'])?$_SGLOBAL['timestamp']:$POST['dateline'];
$blogid = inserttable('blog', $blogarr, 1); //插入日志表
}

$blogarr['blogid'] = $blogid;

//附表
$fieldarr = array(
'message' => $message,
'postip' => getonlineip(),
'target_ids' => $POST['target_ids']
);

//TAG
$oldtagstr = addslashes(empty($olds['tag'])?'':implode(' ', unserialize($olds['tag'])));

$tagarr = array();
if($POST['tag'] != $oldtagstr) {
if(!empty($olds['tag'])) {
//先把以前的给清理掉
$oldtags = array();
$query = $_SGLOBAL['db']->query("SELECT tagid, blogid FROM ".tname('tagblog')." WHERE blogid='$blogid'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$oldtags[] = $value['tagid'];
}
if($oldtags) {
$_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum-1 WHERE tagid IN (".simplode($oldtags).")");
$_SGLOBAL['db']->query("DELETE FROM ".tname('tagblog')." WHERE blogid='$blogid'");
}
}
$tagarr = tag_batch($blogid, $POST['tag']);
//更新附表中的tag
$fieldarr['tag'] = empty($tagarr)?'':addslashes(serialize($tagarr));
}

if($olds) {
//更新
updatetable('blogfield', $fieldarr, array('blogid'=>$blogid));
} else {
$fieldarr['blogid'] = $blogid;
$fieldarr['uid'] = $blogarr['uid'];
inserttable('blogfield', $fieldarr);
}

//空间更新
if($isself) {
if($olds) {
//空间更新
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET updatetime='$_SGLOBAL[timestamp]' WHERE uid='$_SGLOBAL[supe_uid]'");
} else {
if(empty($space['blognum'])) {
$space['blognum'] = getcount('blog', array('uid'=>$space['uid']));
$blognumsql = "blognum=".$space['blognum'];
} else {
$blognumsql = 'blognum=blognum+1';
}
//积分
$reward = getreward('publishblog', 0);
$_SGLOBAL['db']->query("UPDATE ".tname('space')." SET {$blognumsql}, lastpost='$_SGLOBAL[timestamp]', updatetime='$_SGLOBAL[timestamp]', credit=credit+$reward[credit], experience=experience+$reward[experience] WHERE uid='$_SGLOBAL[supe_uid]'");

//统计
updatestat('blog');
}
}

//产生feed
if($POST['makefeed']) {
include_once(S_ROOT.'./source/function_feed.php');
feed_publish($blogid, 'blogid', $olds?0:1);
}

//热闹
if(empty($olds) &amp;&amp; $blogarr['topicid']) {
topic_join($blogarr['topicid'], $_SGLOBAL['supe_uid'], $_SGLOBAL['supe_username']);
}

//角色切换
if(!empty($__SGLOBAL)) $_SGLOBAL = $__SGLOBAL;

return $blogarr;
}

//处理tag
function tag_batch($blogid, $tags) {
global $_SGLOBAL;

$tagarr = array();
$tagnames = empty($tags)?array():array_unique(explode(' ', $tags)); //array array_unique(array);返回没有重复值的新数组。
if(empty($tagnames)) return $tagarr; //如果数组不存在,则返回空数组

$vtags = array();
//查询tag表
$query = $_SGLOBAL['db']->query("SELECT tagid, tagname, close FROM ".tname('tag')." WHERE tagname IN (".simplode($tagnames).")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$value['tagname'] = addslashes($value['tagname']); //对tagname先转义
$vkey = md5($value['tagname']);
$vtags[$vkey] = $value;
}
$updatetagids = array();
foreach ($tagnames as $tagname) {
if(!preg_match('/^([\x7f-\xff_-]|\w){3,20}$/', $tagname)) continue;
//128-255,\w:任一“字”的字符
$vkey = md5($tagname);
//如果tag表中没有现tag值,则插入数据库
if(empty($vtags[$vkey])) {
$setarr = array(
'tagname' => $tagname,
'uid' => $_SGLOBAL['supe_uid'],
'dateline' => $_SGLOBAL['timestamp'],
'blognum' => 1
);
$tagid = inserttable('tag', $setarr, 1);
$tagarr[$tagid] = $tagname;
} else {
if(empty($vtags[$vkey]['close'])) {//是否是锁定的tag
$tagid = $vtags[$vkey]['tagid']; //获取添加的tag在数据库中的id
$updatetagids[] = $tagid;
$tagarr[$tagid] = $tagname;
}
}
}
//更新tag日志信息
if($updatetagids) $_SGLOBAL['db']->query("UPDATE ".tname('tag')." SET blognum=blognum+1 WHERE tagid IN (".simplode($updatetagids).")");
$tagids = array_keys($tagarr); //返回键名,也就是tagid
$inserts = array();
foreach ($tagids as $tagid) {
$inserts[] = "('$tagid','$blogid')";
}
//更新tag的记tagblog表
if($inserts) $_SGLOBAL['db']->query("REPLACE INTO ".tname('tagblog')." (tagid,blogid) VALUES ".implode(',', $inserts));

//返回tag数组
return $tagarr;
}

//获取日志图片
function getmessagepic($message) {
$pic = '';
$message = stripslashes($message); //去除$message中的转义字符
//头像的路径一般为:<img src="image/face/4.gif">
$message = preg_replace("/\<img src=\".*?image\/face\/(.+?).gif\".*?\>\s*/is", '', $message); //移除表情符
preg_match("/src\=[\"\']*([^\>\s]{25,105})\.(jpg|gif|png)/i", $message, $mathes); //提取日志中的图片
if(!empty($mathes[1]) || !empty($mathes[2])) {
$pic = "{$mathes[1]}.{$mathes[2]}";
}
return addslashes($pic); //转义图片地址
}

//屏蔽html
function checkhtml($html) {
$html = stripslashes($html);
if(!checkperm('allowhtml')) {

/*
sample:
$html='<h1 class="logo"><a href="index.php"><img src="template/default/image/logo.gif" alt="我的空间" /></a></h1>
';

preg_match_all("/\<([^\<]+)\>/is", $html, $ms);

print_r($ms);

得到的结果为:

Array
(
[0] => Array
(
[0] => <h1 class="logo">
[1] => <a href="index.php">
[2] => <img src="template/default/image/logo.gif" alt="我的空间" />
[3] => </a>
[4] => </h1>
)

[1] => Array
(
[0] => h1 class="logo"
[1] => a href="index.php"
[2] => img src="template/default/image/logo.gif" alt="我的空间" /
[3] => /a
[4] => /h1
)

)
*/

preg_match_all("/\<([^\<]+)\>/is", $html, $ms);

$searchs[] = '<';
$replaces[] = '<';
$searchs[] = '>';
$replaces[] = '>';

if($ms[1]) {
$allowtags = 'img|a|font|div|table|tbody|caption|tr|td|th|br|p|b|strong|i|u|em|span|ol|ul|li|blockquote|object|param|embed';//允许的标签
$ms[1] = array_unique($ms[1]); //移除数组中重复值
foreach ($ms[1] as $value) {
$searchs[] = "<".$value.">";
$value = shtmlspecialchars($value);
$value = str_replace(array('\\','/*'), array('.','/.'), $value);
$value = preg_replace(array("/(javascript|script|eval|behaviour|expression)/i", "/(\s+|"|')on/i"), array('.', ' .'), $value);
if(!preg_match("/^[\/|\s]?($allowtags)(\s+|$)/is", $value)) {
$value = '';
}
$replaces[] = empty($value)?'':"<".str_replace('"', '"', $value).">";
}
}
$html = str_replace($searchs, $replaces, $html);
}
$html = addslashes($html);

return $html;
}

//视频标签处理
function blog_bbcode($message) {
$message = preg_replace("/\[flash\=?(media|real)*\](.+?)\[\/flash\]/ie", "blog_flash('\\2', '\\1')", $message);
return $message;
}
//视频
function blog_flash($swf_url, $type='') {
$width = '520';
$height = '390';
if ($type == 'media') {
$html = '<object classid="clsid:6bf52a52-394a-11d3-b153-00c04f79faa6" width="'.$width.'" height="'.$height.'">
<param name="autostart" value="0">
<param name="url" value="'.$swf_url.'">
<embed autostart="false" src="'.$swf_url.'" type="video/x-ms-wmv" width="'.$width.'" height="'.$height.'" controls="imagewindow" console="cons"></embed>
</object>';
} elseif ($type == 'real') {
$html = '<object classid="clsid:cfcdaa03-8be4-11cf-b84b-0020afbbccfa" width="'.$width.'" height="'.$height.'">
<param name="autostart" value="0">
<param name="src" value="'.$swf_url.'">
<param name="controls" value="Imagewindow,controlpanel">
<param name="console" value="cons">
<embed autostart="false" src="'.$swf_url.'" type="audio/x-pn-realaudio-plugin" width="'.$width.'" height="'.$height.'" controls="controlpanel" console="cons"></embed>
</object>';
} else {
$html = '<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="'.$width.'" height="'.$height.'">
<param name="movie" value="'.$swf_url.'">
<param name="allowscriptaccess" value="always">
<embed src="'.$swf_url.'" type="application/x-shockwave-flash" width="'.$width.'" height="'.$height.'" allowfullscreen="true" allowscriptaccess="always"></embed>
</object>';
}
return $html;
}

?>

日志处理的函数,分析的不是很详细,有时间再做进一步的分析,如果有什么疑问的话,可以加群进行询问,或是在下面留言,我会为你们解答

相关日志

  • UCHome中关于公共函数(function_common.php)页面的代码分析(二)
  • UCHome中关于公共函数(function_common.php)页面的代码分析(一)
  • UCHome中我要上榜(cp_top.php)操作页面的代码分析
  • UCHome关于查看加密图片的程序处理过程
  • UCHome中缓存处理文件(function_cache.php)的代码分析
  • UCHome中数据库操作类(class_mysql.php)页面的代码分析
  • UCHome中关于日志相关操作(cp_blog.php)页面的代码分析
  • UCHome中关于日志列表,详细页面的代码分析(未完)
分类: UCHome源码分析 标签: ,
本文的评论功能被关闭了.