<?php //引入共同檔 require_once "header.php"; //變數初始化 $op=isset($_REQUEST['op'])?$_REQUEST['op']:""; $sn= isset($_REQUEST['sn'])? intval($_REQUEST['sn']) : ""; //流程控制 switch($op){ case "admin": $main= ($_SESSION['isLeader']) ? list_article($_SESSION['isLeader']) : login_form(); break; case "login": leader_login($_POST['class_sn'], $_POST['pass']); header("location:index.php?op=admin"); break; case "logout": $_SESSION['isLeader']=null; header("location:index.php"); break; case "insert": insert_article(); header("location:{$_SERVER['PHP_SELF']}"); break; case "edit": $main=article_form($sn); break; case "update": update_article($sn); header("location:{$_SERVER['PHP_SELF']}"); break; case "delete": delete_article($sn); header("location:{$_SERVER['PHP_SELF']}"); break; case "search": $main=list_article(); break; default: $main=empty($sn)?list_article():show_article($sn); break; } //套用樣板 theme("theme.html"); /*************** 功能函數區 **************/ //登入表單 function login_form(){ $now_seme=get_seme(); $sql="select class_sn,class_name from tncomu_class where access='1' and seme='{$now_seme}' "; $result=mysql_query($sql) or die($sql); $opt=""; while(list($class_sn , $class_name) = mysql_fetch_row($result)){ $opt.="<option value='$class_sn'>$class_name</option>"; } $main=" <form action='{$_SERVER['PHP_SELF']}' method='post'> <select name='class_sn'> $opt </select> 密碼:<input type='password' name='pass'> <input type='hidden' name='op' value='login'> <input type='submit' value='登入'> </form>"; return $main; } //進行認證 function leader_login($class_sn='',$pass=''){ if(empty($class_sn) or empty($pass))return; //設定SQL語法 $sql="select passwd from `tncomu_class` where class_sn='{$class_sn}'"; $result=mysql_query($sql) or die("無法執行:".mysql_error()); list($passwd)=mysql_fetch_row($result); if($passwd==$pass){ $_SESSION['isLeader']=$class_sn; } } //秀出某一篇文章 function show_article($sn=null){ $now_seme=get_seme(); $sql="update `tncomu_article` set `counter`=`counter`+1 where sn='$sn'"; mysql_query($sql) or die("無法執行:".mysql_error()); //設定SQL語法 $sql="select a.* , b.class_name from `tncomu_article` as a left join `tncomu_class` as b on a.class_sn=b.class_sn where a.enable='1' and a.sn='$sn'"; //執行SQL語法 $result = mysql_query($sql) or die("無法執行:".mysql_error()); $data=mysql_fetch_assoc($result); $data['content']=($data['mode']=="圖片")?"<img src='pic/{$data['content']}'>":$data['content']; $main=" <h1>「{$data['stud_name']}」的學習收藏</h1> <div style='text-align:right;margin:10px 0px;'>{$data['class_name']}</div> <div>{$data['content']}</div> <div style='text-align:right;margin:10px 0px;'>{$data['post_time']}</div> "; return $main; } //列出所有文章 function list_article($class_sn=null){ require_once "pagebar.php"; $now_seme=get_seme(); $and_class_sn=empty($class_sn)?"":"and a.class_sn='$class_sn'"; $and_key=empty($_GET['key'])?"":"and (a.stud_name like '%{$_GET['key']}%' or a.content like '%{$_GET['key']}%')"; //設定SQL語法 $sql="select a.* , b.class_name from `tncomu_article` as a left join `tncomu_class` as b on a.class_sn=b.class_sn where a.enable='1' and b.seme='$now_seme' $and_class_sn $and_key order by a.post_time desc"; //PageBar(資料數, 每頁顯示幾筆資料, 最多顯示幾個頁數選項); mysql_query($sql); $total=mysql_affected_rows(); $navbar = new PageBar($total, 10, 10); $mybar = $navbar->makeBar(); $bar= "<p align='center'>{$mybar['left']}{$mybar['center']}{$mybar['right']}</p>"; $sql.=$mybar['sql']; //執行SQL語法 $result = mysql_query($sql) or die("無法執行:".mysql_error()); $js=""; if($_SESSION['isLeader']){ $js=" <script> function delete_func(sn){ var sure = window.confirm('確定要刪除此資料?'); if (!sure) return; location.href='{$_SERVER['PHP_SELF']}?op=delete&sn=' + sn; } </script>"; } $main=" $js $bar <table> <tr> <th>所屬班級</th> <th>學員姓名</th> <th>發布日期</th> <th>人氣</th> <th>相關功能</th> </tr>"; $i=2; while($data=mysql_fetch_assoc($result)){ $color=($i % 2)?"white":"#D0D0D0"; $i++; $tool=($_SESSION['isLeader']==$data['class_sn'] and !empty($_SESSION['isLeader']))?"| <a href='javascript:delete_func({$data['sn']})'>刪除</a>":""; $main.=" <tr style='background-color:$color;'> <td>{$data['class_name']}</td> <td><a href='{$_SERVER['PHP_SELF']}?sn={$data['sn']}'>{$data['stud_name']}</a></td> <td>{$data['post_time']}</td> <td>{$data['counter']}</td> <td><a href = '{$_SERVER['PHP_SELF']}?sn={$data['sn']}&op=edit' >編輯</a>{$tool}</td> </tr>"; } $main.="</table> $bar"; return $main; } //輸入學習收藏的表單 function article_form($sn=''){ $next_op="insert"; //初始值設定 $data['stud_name'] = $data['class_sn'] = $data['content'] = $data['enable'] = $radio1 = $radio0 = ""; if($sn){ //設定SQL語法 $sql="select * from `tncomu_article` where sn='{$sn}'"; //執行SQL語法 $result=mysql_query($sql) or die("無法執行:".mysql_error()); //擷取資料回來存到 $data $data=mysql_fetch_assoc($result); //還原下拉選單預設值 $radio1=($data['enable']=="1")?"checked":""; $radio0=($data['enable']=="0")?"checked":""; $next_op="update"; } $now_seme=get_seme(); $sql="select class_sn,class_name from tncomu_class where access='1' and seme='{$now_seme}' "; $result=mysql_query($sql) or die($sql); $opt=""; while(list($class_sn , $class_name) = mysql_fetch_row($result)){ $selected = ($class_sn == $data['class_sn'])?"selected":""; $opt.="<option value='$class_sn' $selected>$class_name</option>"; } $main="<h3 style='color:#0066CC'>輸入學習收藏</h3> <script type='text/javascript' src='ckeditor/ckeditor.js'></script> <form action='{$_SERVER['PHP_SELF']}' method='post' enctype='multipart/form-data'> <table> <tr> <th>您的姓名:</th> <td><input type='text' name='stud_name' size='10' value='{$data['stud_name']}'></td> <th>{$now_seme}班級:</th> <td> <select name='class_sn'> <option value=''>請選擇{$now_seme}班級</option> $opt </select> </td> </tr> <tr> <td colspan=4> <textarea name='content' id='editor' cols=50 rows=8>{$data['content']}</textarea> <script type='text/javascript'> CKEDITOR.replace('editor' , { skin : 'v2' , toolbar : 'MyToolbar' } ); </script> </td> </tr> <tr> <th>上傳圖檔:</th> <td colspan=3><input type='file' name='pic' accept='image/*'></td> </tr> <tr> <th>設定密碼:</th> <td><input type='text' name='text_passwd' size='10'></td> <th>是否發布?</th> <td> <input type='radio' name='enable' value='1' id='enable' $radio1><label for='enable'>發布</label> <input type='radio' name='enable' value='0' id='unable' $radio0><label for='unable'>暫不發布</label> <input type='hidden' name='sn' value='$sn'> <input type='hidden' name='op' value='$next_op'> <input type='submit' value='儲存'> </td> </tr> </table> </form> "; return $main; } //執行儲存動作 function insert_article(){ //過濾姓名 $stud_name=trim($_POST['stud_name']); $stud_name=strip_tags($stud_name); $stud_name = (! get_magic_quotes_gpc()) ? addslashes($stud_name) : $stud_name; $stud_name=htmlspecialchars($stud_name); //過濾內容 $_POST['content'] = (! get_magic_quotes_gpc()) ? addslashes($_POST['content']) : $_POST['content']; $_POST['content']=htmlspecialchars($_POST['content']); //過濾密碼 $_POST['text_passwd'] = (! get_magic_quotes_gpc()) ? addslashes($_POST['text_passwd']) : $_POST['text_passwd']; $class_sn=intval($_POST['class_sn']); $sql="INSERT INTO `tncomu_article`(`stud_name`, `content`, `post_time`, `enable`, `class_sn`, `mode`, `text_passwd`) VALUES ('{$stud_name}' , '{$_POST['content']}' , now(), '{$_POST['enable']}', '{$class_sn}', '文字', '{$_POST['text_passwd']}')"; mysql_query($sql) or die(mysql_error().$sql); $sn=mysql_insert_id(); if($_FILES['pic']['name']){ $ext=strtolower(strrchr($_FILES['pic']['name'],".")); move_uploaded_file($_FILES['pic']['tmp_name'],"pic/{$sn}{$ext}"); $sql="update `tncomu_article` set `mode`='圖片',content='{$sn}{$ext}' where `sn`='{$sn}'"; mysql_query($sql) or die(mysql_error().$sql); } return "儲存完畢"; } //執行更新動作 function update_article($sn=''){ if($sn){ //設定SQL語法 $sql="select text_passwd from `tncomu_article` where sn='{$sn}'"; //執行SQL語法 $result=mysql_query($sql) or die("無法執行:".mysql_error()); //擷取資料回來存到 $data list($text_passwd)=mysql_fetch_row($result); if($text_passwd!=$_POST['text_passwd'] or empty($_POST['text_passwd'])){ return; } } //過濾姓名 $stud_name=trim($_POST['stud_name']); $stud_name=strip_tags($stud_name); $stud_name = (! get_magic_quotes_gpc()) ? addslashes($stud_name) : $stud_name; $stud_name=htmlspecialchars($stud_name); //過濾內容 $_POST['content'] = (! get_magic_quotes_gpc()) ? addslashes($_POST['content']) : $_POST['content']; $_POST['content']=htmlspecialchars($_POST['content']); //過濾密碼 $_POST['text_passwd'] = (! get_magic_quotes_gpc()) ? addslashes($_POST['text_passwd']) : $_POST['text_passwd']; $class_sn=intval($_POST['class_sn']); $sql="update `tncomu_article` set `stud_name`='{$stud_name}', `content`='{$_POST['content']}', `post_time`=now(), `enable`='{$_POST['enable']}', `class_sn`='{$_POST['class_sn']}' where `sn`='{$sn}'"; mysql_query($sql) or die(mysql_error().$sql); return "儲存完畢"; } //刪除文章資料 function delete_article($sn=null){ //設定SQL語法 $sql="delete from `tncomu_article` where sn='{$sn}'"; //執行SQL語法 mysql_query($sql) or die("無法執行:".mysql_error()); //執行完轉向 header("location: {$_SERVER['PHP_SELF']}"); } ?>