<?php require_once dirname(__FILE__) . "/../../App.class.php"; App::loadMod("User"); App::loadMod("Tools"); App::loadMod("Setting"); $app = new App(); $user = new User(); $tools = new Tools(); $setting = new Setting(); if (!$user->isLogin()) { header("Location: status.php?action=login"); } if ($user->getPower() != 0 && $setting->get("UploadOpen", "on") != "on") { die("<script>alert('服务器禁止上传!');</script>"); } include "upload.php"; $myclass = new upload_file(); empty($_GET['curl']) ? $myclass->flash_directory = "" : ($myclass->flash_directory = str_replace("..", "", urldecode($_GET['curl']))); //删除文件 if (isset($_GET["del"])) { $myclass->del_files(urldecode($_GET["del"])); } //删除文件夹 if (isset($_GET["deldir"])) { if ("yes" == $_GET["deldir"]) { $myclass->rm_dir(); $myclass->flash_directory = ""; } } //创建文件夹
App::loadMod("User"); App::loadMod("Eassy"); App::loadMod("Setting"); $app = new App(); $user = new User(); $eassy = new Eassy(); if (!$user->isLogin()) { redirect("Location: status.php?action=login"); } if (isset($_GET['action']) || isset($_GET['id'])) { if ($_GET['action'] == "delete") { if (!$user->str_check($_GET['id'])) { redirect("Location: error.php"); } $e = $eassy->getEassy($_GET['id']); if ($user->getPower() != 0) { if ($user->getUser() != $e['author']) { redirect("Location: error.php"); } } $eassy->deleteEassy($_GET['id']); echo "<script language=\"javascript\">alert('删除成功!');history.back(-1);</script>"; die; } } $limit = isset($_GET['page']) ? (intval($_GET['page']) - 1) * 20 : "0"; $list = $eassy->getList(1, 20, $limit, $user->getPower() == 0 ? "" : $user->getUser()); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head>
<?php require_once "../App.class.php"; App::loadMod("User"); $app = new App(); $user = new User(); if (!$user->isLogin()) { header("Location: status.php?action=login"); } $alert = ""; if (isset($_POST['old']) && isset($_POST['new'])) { if ($_POST['new'] != "") { if ($user->str_check($_POST['new']) && $_POST['old'] == $user->getPass()) { $flag = $user->userRenew($user->getUser(), $_POST['new'], "", $user->getPower()); if ($flag) { $alert = "修改成功!"; } else { $alert = "修改失败!"; } } else { $alert = "修改失败!"; } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>用户管理 > <?php echo $user->getUser();
if (!isset($_GET['id'])) { redirect("Location: error.php"); } if ($_GET['id'] == "new") { $t = false; $post['type'] = "草稿"; } else { $t = true; if (!$user->str_check($_GET['id'])) { header("Location: error.php"); } $post = $eassy->getEassy($_GET['id']); if (!$post) { header("Location: error.php"); } if ($user->getPower() != 0) { if ($user->getUser() != $post['author']) { redirect("Location: error.php"); } } } $type = unserialize($setting->get("EassyType")); if ($post['type'] != "草稿") { $flag = false; for ($i = 0; $i < count($type); ++$i) { if (!empty($type[$i])) { $flag = $flag || $type[$i] == $post['type']; } } if (!$flag) { redirect("Location: error.php");
<?php /** Author: SpringHack - springhack@live.cn Last modified: 2016-02-01 12:27:05 Filename: admin/user.php Description: Created by SpringHack using vim automatically. **/ require_once "../App.class.php"; App::loadMod("User"); $app = new App(); $user = new User(); if (!$user->isLogin()) { header("Location: status.php?action=login"); } if ($user->getPower() != 0) { header("Location: status.php?action=login"); } if (isset($_GET['action']) || isset($_GET['user'])) { if (!$user->str_check($_GET['user'])) { header("Location: error.php"); } if ($_GET['action'] == "delete") { $user->userDelete($_GET['user']); echo "<script language=\"javascript\">alert('删除成功!');history.back(-1);</script>"; die; } if ($_GET['action'] == "up") { $user->userRenew($_GET['user'], $user->getPass($_GET['user']), "", 0); echo "<script language=\"javascript\">alert('提权成功!');history.back(-1);</script>"; die;