public function save()
{
$aid = $this->admin['aid'];
$password = ForceStringFrom('password');
$passwordconfirm = ForceStringFrom('passwordconfirm');
$email = ForceStringFrom('email');
$fullname = ForceStringFrom('fullname');
$fullname_en = ForceStringFrom('fullname_en');
if (strlen($password) or strlen($passwordconfirm)) {
if (strcmp($password, $passwordconfirm)) {
$errors[] = '两次输入的密码不相同!';
}
}
if (!$email) {
$errors[] = '请输入Email地址!';
} elseif (!IsEmail($email)) {
$errors[] = 'Email地址不规范!';
} elseif (APP::$DB->getOne("SELECT aid FROM " . TABLE_PREFIX . "admin WHERE email = '{$email}' AND aid != '{$aid}'")) {
$errors[] = 'Email地址已占用!';
}
if (!$fullname) {
$errors[] = '请输入中文昵称!';
}
if (!$fullname_en) {
$errors[] = '请输入英文昵称!';
}
if (isset($errors)) {
Error($errors, '编辑我的信息错误');
} else {
APP::$DB->exe("UPDATE " . TABLE_PREFIX . "admin SET \r\n\t\t\t" . Iif($password, "password = '******',") . "\r\n\t\t\temail = '{$email}',\r\n\t\t\tfullname = '{$fullname}',\r\n\t\t\tfullname_en = '{$fullname_en}'\r\n\t\t\tWHERE aid = '{$aid}'");
Success('myprofile');
}
}
/**
* 框架主方法 !!!
*
* @return boolean
*/
public static function run()
{
$controller = ForceStringFrom('c');
//注意POST或GET中c和a变量名称被占用
$action = ForceStringFrom('a');
$controller = Iif($controller, $controller, self::$defaultController);
$action = Iif($action, $action, self::$defaultAction);
$app_file = "./controllers/" . $controller . ".php";
if (!is_file($app_file)) {
self::debug("file[{$app_file}] does not exists.");
return false;
} else {
require_once realpath($app_file);
}
$classname = 'c_' . $controller;
if (!class_exists($classname, false)) {
self::debug("class[{$classname}] does not exists.");
return false;
}
$path[0] = $controller;
$path[1] = $action;
self::$C = new $classname($path);
//实例化控件类, 设置为APP当前的控件对像
if (!method_exists(self::$C, $action)) {
self::debug("method[{$action}] does not exists in class[{$classname}].");
return false;
}
return call_user_func(array(&self::$C, $action), $path);
}
public function verify()
{
if (!IsGet('key') or !IsGet('sid')) {
$this->out('邮件验证参数非法!');
}
$key = ForceStringFrom('key');
$sid = ForceStringFrom('sid');
if (!$key or !$sid) {
$this->out('邮件验证参数非法!');
}
$email = base64_decode($key);
if (!IsEmail($email)) {
$this->out('Email地址非法!');
}
if (!($user = APP::$DB->getOne("SELECT u.aid, u.username, u.password, u.fullname, u.verifycode FROM " . TABLE_PREFIX . "admin u WHERE u.email = '{$email}' AND u.activated = 1"))) {
$this->out('Email地址不存在!');
} else {
$code = md5($user['fullname'] . WEBSITE_KEY . $user['password'] . $user['verifycode']);
if ($sid != $code) {
$this->out('链接请求的验证码错误!');
}
$newpass = PassGen(8);
$backend_url = BASEURL . ADMINDIR . '/';
$subject = '您的新密码 -- ' . APP::$_CFG['Title'];
$content = "{$user['fullname']}:<br><br>您好! <br><br>您的登录名是: {$user['username']}<br>您的新密码是:{$newpass}<br><br>";
$content .= "请点击以下链接登录后台管理:<br><br><a href=\"{$backend_url}\" target=\"_blank\">{$backend_url}</a><br><br>";
if (SendMail($email, $subject, $content) === true) {
//邮件发送成功后才更新用户密码, 清空验证码防止重复点击邮件中更新密码的链接
APP::$DB->exe("UPDATE " . TABLE_PREFIX . "admin SET password = '******', verifycode = '' WHERE aid = '{$user['aid']}'");
$this->out('新密码已发送到您的邮箱, 请查收!', 0);
} else {
$this->out('发送邮件失败! 请尝试刷新当前页面.');
}
}
}
public function index()
{
$myid = $this->admin['aid'];
$NumPerPage = 10;
$page = ForceIntFrom('p', 1);
$search = ForceStringFrom('s');
$groupid = ForceStringFrom('g');
if (IsGet('s')) {
$search = urldecode($search);
}
$start = $NumPerPage * ($page - 1);
SubMenu('我的常用短语', array(array('常用短语列表', 'myphrases', 1), array('添加常用短语', 'myphrases/add')));
TableHeader('搜索常用短语');
TableRow('<center><form method="post" action="' . BURL('myphrases') . '" name="searchmyphrases" style="display:inline-block;"><label>关键字:</label> <input type="text" name="s" size="18"> <label>状态:</label> <select name="g"><option value="0">全部</option><option value="1" ' . Iif($groupid == '1', 'SELECTED') . '>可用</option><option value="2" ' . Iif($groupid == '2', 'SELECTED') . ' class=red>已禁用</option></select> <input type="submit" value="搜索常用短语" class="cancel"></form></center>');
TableFooter();
if ($search) {
$searchsql = " WHERE (msg LIKE '%{$search}%' OR msg_en LIKE '%{$search}%') AND aid = '{$myid}' ";
$title = "搜索: <span class=note>{$search}</span> 的常用短语列表";
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " AND activated = " . Iif($groupid == 1, 1, 0) . " ";
$title = "在 <span class=note>" . Iif($groupid == 1, '可用的常用短语', '已禁用的常用短语') . "</span> 中, " . $title;
}
}
} else {
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " WHERE aid = '{$myid}' AND activated = " . Iif($groupid == 1, 1, 0) . " ";
$title = "全部 <span class=note>" . Iif($groupid == 1, '可用的常用短语', '已禁用的常用短语') . "</span> 列表";
}
} else {
$searchsql = " WHERE aid = '{$myid}' ";
$title = '全部常用短语列表';
}
}
$getmyphrases = APP::$DB->query("SELECT * FROM " . TABLE_PREFIX . "phrase " . $searchsql . " ORDER BY aid DESC, sort DESC LIMIT {$start},{$NumPerPage}");
$maxrows = APP::$DB->getOne("SELECT COUNT(pid) AS value FROM " . TABLE_PREFIX . "phrase " . $searchsql);
echo '<form method="post" action="' . BURL('myphrases/updatemyphrases') . '" name="myphrasesform">
<input type="hidden" name="p" value="' . $page . '">';
TableHeader($title . '(' . $maxrows['value'] . '个)');
TableRow(array('所属客服', '排序', '状态', '短语 (中)', '短语 (英)', '<input type="checkbox" id="checkAll" for="deletepids[]"> <label for="checkAll">删除</label>'), 'tr0');
if ($maxrows['value'] < 1) {
TableRow('<center><BR><font class=redb>未搜索到任何常用短语!</font><BR><BR></center>');
} else {
while ($phrase = APP::$DB->fetch($getmyphrases)) {
TableRow(array('<input type="hidden" name="pids[]" value="' . $phrase['pid'] . '">' . $this->admin['fullname'] . " (ID: {$myid})", '<input type="text" name="sorts[]" value="' . $phrase['sort'] . '" size="4">', '<select name="activateds[]"' . Iif(!$phrase['activated'], ' class=red') . '><option value="1">可用</option><option class="red" value="0" ' . Iif(!$phrase['activated'], 'SELECTED') . '>禁用</option></select>', '<input type="text" name="msgs[]" value="' . $phrase['msg'] . '" size="60">', '<input type="text" name="msg_ens[]" value="' . $phrase['msg_en'] . '" size="60">', '<input type="checkbox" name="deletepids[]" value="' . $phrase['pid'] . '">'));
}
$totalpages = ceil($maxrows['value'] / $NumPerPage);
if ($totalpages > 1) {
TableRow(GetPageList(BURL('myphrases'), $totalpages, $page, 10, 's', urlencode($search), 'g', $groupid));
}
}
TableFooter();
echo '<div class="submit"><input type="submit" name="updatemyphrases" value="保存更新" class="cancel" style="margin-right:28px"><input type="submit" name="deletemyphrases" value="删除常用短语" class="save" onclick="var _me=$(this);showDialog(\'确定删除所选常用短语吗?\', \'确认操作\', function(){_me.closest(\'form\').submit();});return false;"></div></form>';
}
public function index()
{
$NumPerPage = 10;
$page = ForceIntFrom('p', 1);
$search = ForceStringFrom('s');
$groupid = ForceStringFrom('g');
if (IsGet('s')) {
$search = urldecode($search);
}
$start = $NumPerPage * ($page - 1);
SubMenu('记录列表', array(array('记录列表', 'messages', 1)));
TableHeader('搜索及快速删除');
TableRow('<center><form method="post" action="' . BURL('messages') . '" name="searchmessages" style="display:inline-block;*display:inline;"><label>关键字:</label> <input type="text" name="s" size="18"> <label>分类:</label> <select name="g"><option value="0">全部</option><option value="1" ' . Iif($groupid == '1', 'SELECTED') . ' class=red>客人的发言</option><option value="2" ' . Iif($groupid == '2', 'SELECTED') . '>客服的发言</option></select> <input type="submit" value="搜索记录" class="cancel"></form>
<form method="post" action="' . BURL('messages/fastdelete') . '" name="fastdelete" style="display:inline-block;margin-left:80px;*display:inline;"><label>快速删除记录:</label> <select name="days"><option value="0">请选择 ...</option><option value="360">12个月前的对话记录</option><option value="180"> 6 个月前的对话记录</option><option value="90"> 3 个月前的对话记录</option><option value="30"> 1 个月前的对话记录</option></select> <input type="submit" value="快速删除" class="save" onclick="var _me=$(this);showDialog(\'确定删除所选记录吗?\', \'确认操作\', function(){_me.closest(\'form\').submit();});return false;"></form></center>');
TableFooter();
if ($search) {
if (preg_match("/^[1-9][0-9]*\$/", $search)) {
$s = ForceInt($search);
$searchsql = " WHERE mid = '{$s}' OR fromid = '{$s}' OR toid = '{$s}' ";
//按ID搜索
$title = "搜索ID号为: <span class=note>{$s}</span> 的记录";
} else {
$searchsql = " WHERE (fromname LIKE '%{$search}%' OR toname LIKE '%{$search}%' OR msg LIKE '%{$search}%') ";
$title = "搜索: <span class=note>{$search}</span> 的记录列表";
}
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " AND type = " . Iif($groupid == 1, 0, 1) . " ";
$title = "在 <span class=note>" . Iif($groupid == 1, '客人的发言', '客服的发言') . "</span> 中, " . $title;
}
}
} else {
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " WHERE type = " . Iif($groupid == 1, 0, 1) . " ";
$title = "全部 <span class=note>" . Iif($groupid == 1, '客人的发言', '客服的发言') . "</span> 列表";
}
} else {
$searchsql = '';
$title = '全部记录列表';
}
}
$getmessages = APP::$DB->query("SELECT * FROM " . TABLE_PREFIX . "msg " . $searchsql . " ORDER BY mid DESC LIMIT {$start},{$NumPerPage}");
$maxrows = APP::$DB->getOne("SELECT COUNT(mid) AS value FROM " . TABLE_PREFIX . "msg " . $searchsql);
echo '<form method="post" action="' . BURL('messages/updatemessages') . '" name="messagesform">
<input type="hidden" name="p" value="' . $page . '">';
TableHeader($title . '(' . $maxrows['value'] . '个)');
TableRow(array('ID', '发送人', '对话内容', '接收人', '记录时间', '<input type="checkbox" id="checkAll" for="deletemids[]"> <label for="checkAll">删除</label>'), 'tr0');
if ($maxrows['value'] < 1) {
TableRow('<center><BR><font class=redb>未搜索到任何记录!</font><BR><BR></center>');
} else {
while ($msg = APP::$DB->fetch($getmessages)) {
TableRow(array($msg['mid'], "<a title=\"编辑\" href=\"" . Iif($msg['type'], BURL('users/edit?aid=' . $msg['fromid']), BURL('guests/edit?gid=' . $msg['fromid'])) . "\">{$msg['fromname']}</a>", getSmile($msg['msg']), "<a title=\"编辑\" href=\"" . Iif($msg['type'], BURL('guests/edit?gid=' . $msg['toid']), BURL('users/edit?aid=' . $msg['toid'])) . "\">{$msg['toname']}</a>", DisplayDate($msg['time'], '', 1), '<input type="checkbox" name="deletemids[]" value="' . $msg['mid'] . '">'));
}
$totalpages = ceil($maxrows['value'] / $NumPerPage);
if ($totalpages > 1) {
TableRow(GetPageList(BURL('messages'), $totalpages, $page, 10, 's', urlencode($search), 'g', $groupid));
}
}
TableFooter();
PrintSubmit('删除记录', '', 1, '确定删除所选记录吗?');
}
die($json->encode($ajax));
} elseif ($act == 'get') {
getVVC();
die;
}
$key = ForceStringFrom('key');
$code = ForceStringFrom('code');
$decode = authcode($code, 'DECODE', $key);
if ($decode != md5(WEBSITE_KEY . $_CFG['KillRobotCode'])) {
die($json->encode($ajax));
//验证码过期
}
$fullname = ForceStringFrom('fullname');
$email = ForceStringFrom('email');
$phone = ForceStringFrom('phone');
$content = ForceStringFrom('content');
$vid = ForceIntFrom('vid');
$vvc = ForceIntFrom('vvc');
if (!$fullname or strlen($fullname) > 90) {
$ajax['s'] = 2;
die($json->encode($ajax));
} elseif (!IsEmail($email)) {
$ajax['s'] = 3;
die($json->encode($ajax));
} elseif (!$content or strlen($content) > 1800) {
$ajax['s'] = 4;
die($json->encode($ajax));
} elseif (!checkVVC($vid, $vvc)) {
$ajax['s'] = 5;
die($json->encode($ajax));
}
public function operate()
{
$action = ForceStringFrom('dbaction');
$tablename = ForceStringFrom('tablename');
switch ($action) {
case 'checktable':
$this->PrintResults('数据库表查错', $this->TableOperation($tablename, 'CHECK'));
break;
case 'checkall':
$this->PrintResults('数据库表查错', $this->BatchTableOperation($_POST['tablenames'], 'CHECK'));
break;
case 'optimizetable':
$this->PrintResults('数据库表优化', $this->TableOperation($tablename, 'OPTIMIZE'));
break;
case 'optimizeall':
$this->PrintResults('数据库表优化', $this->BatchTableOperation($_POST['tablenames'], 'OPTIMIZE'));
break;
case 'repairtable':
$this->PrintResults('数据库表修复', $this->TableOperation($tablename, 'REPAIR'));
break;
case 'repairall':
$this->PrintResults('数据库表修复', $this->BatchTableOperation($_POST['tablenames'], 'REPAIR'));
break;
case 'backuptable':
$this->PrintResults('数据库表备份', $this->BackupSingleTable($tablename));
break;
case 'backupall':
$this->PrintResults('数据库表备份', $this->BatchBackupTable($_POST['tablenames']));
break;
case 'emptytable':
$this->PrintResults('数据库表清空', $this->EmptyTable($tablename));
break;
}
$this->index();
}
public function edit()
{
SubMenu('语言管理', array(array('语言列表及操作', 'language')));
$filename = ForceStringFrom('filename');
$filepath = $this->lang_path . $filename;
if (!is_file($filepath)) {
Error('正在打开的文件不存在!', '打开文件错误');
}
$filecontent = htmlspecialchars(implode("", file($filepath)));
echo '<form method="post" name="editform" onsubmit="return false;">
<input type="hidden" name="filename" value="' . $filename . '">
<input type="hidden" name="action" value="savelang">';
TableHeader('编辑语言文件: ' . BASEURL . "language/{$filename}");
TableRow('<b>注意:</b> <span class=note>语言文件为PHP程序文件, 请使用正确的标点符号, 不正确的编辑可能导致系统运行错误!</span><BR><textarea rows="26" style="width:90%;margin-top:8px" name="filecontent" >' . $filecontent . '</textarea>');
TableFooter();
echo '<div class="submit"><input type="submit" id="updatelang" value="保存更新" class="save"><input class="cancel" type="submit" name="cancel" value="返回" onclick="history.back();return false;"></div></form>
<script type="text/javascript">
$(function(){
$("#updatelang").click(function(e){
var form = $(this).closest("form");
showDialog("确定保存更新语言文件: ' . $filename . ' 吗?", "确认操作", function(){
ajax("' . BURL('language/ajax') . '", form.serialize(), function(data){
showInfo("当前语言文件已更新!", "Ajax操作", "", 2, 1);
});
});
e.preventDefault();
});
});
</script>';
}
/**
* 登录验证
*/
private function check()
{
$username = ForceStringFrom('username');
$password = ForceStringFrom('password');
$remember = ForceIntFrom('remember');
$key = ForceStringFrom('key');
$code = ForceStringFrom('code');
$decode = authcode($code, 'DECODE', $key);
$cookievalue = ForceCookieFrom(COOKIE_SAFE);
if (!strlen($username) or !strlen($password)) {
$error = '请输入用户名和密码!';
} elseif (!isName($username)) {
$error = '用户名存在非法字符!';
} elseif ($cookievalue != md5(WEBSITE_KEY . $key . APP::$_CFG['KillRobotCode'])) {
$error = '验证码不正确!';
} elseif ($decode != md5(WEBSITE_KEY)) {
$error = '验证码过期, 请重新登录!';
} else {
$password = md5($password);
$user = APP::$DB->getOne("SELECT a.aid, a.type FROM " . TABLE_PREFIX . "admin a WHERE a.username = '******' AND a.password = '******' AND a.activated = 1");
if (!$user['aid']) {
$error = '用户不存在或密码错误!';
} else {
//授权成功, 执行相关操作
$userip = GetIP();
$timenow = time();
$sessionid = md5(uniqid($user['aid'] . COOKIE_KEY));
$agent = md5(substr($_SERVER['HTTP_USER_AGENT'], 0, 252) . WEBSITE_KEY);
APP::$DB->exe("INSERT INTO " . TABLE_PREFIX . "session (sid, aid, ip, agent, time)\n\t\t\t\t\t\t VALUES ('{$sessionid}', '{$user['aid']}', '{$userip}', '{$agent}', '{$timenow}')");
APP::$DB->exe("UPDATE " . TABLE_PREFIX . "admin SET last = '{$timenow}', lastip = '{$userip}', logins = (logins + 1) WHERE aid = '{$user['aid']}'");
$time = Iif($remember, $timenow + 3600 * 24 * 30, 0);
setcookie(COOKIE_ADMIN, $sessionid, $time, '/');
if (!$user['type']) {
Redirect('online');
}
//如果是客服人员直接跳转到客服操作页面
Redirect();
//登录验证成功后跳转到首页
}
}
return $error;
//提交数据有错误或验证用户失败, 返回错误信息在登录中显示
}
public function index()
{
$NumPerPage = 10;
$page = ForceIntFrom('p', 1);
$search = ForceStringFrom('s');
$groupid = ForceStringFrom('g');
if (IsGet('s')) {
$search = urldecode($search);
}
$start = $NumPerPage * ($page - 1);
SubMenu('留言列表', array(array('留言列表', 'comments', 1)));
TableHeader('搜索及快速删除');
TableRow('<center><form method="post" action="' . BURL('comments') . '" name="searchcomments" style="display:inline-block;*display:inline;"><label>关键字:</label> <input type="text" name="s" size="18"> <label>状态:</label> <select name="g"><option value="0">全部</option><option value="1" ' . Iif($groupid == '1', 'SELECTED') . ' class=red>未读</option><option value="2" ' . Iif($groupid == '2', 'SELECTED') . '>已读</option></select> <input type="submit" value="搜索留言" class="cancel"></form>
<form method="post" action="' . BURL('comments/fastdelete') . '" name="fastdelete" style="display:inline-block;margin-left:80px;*display:inline;"><label>快速删除留言:</label> <select name="days"><option value="0">请选择 ...</option><option value="360">12个月前的已读留言</option><option value="180"> 6 个月前的已读留言</option><option value="90"> 3 个月前的已读留言</option><option value="30"> 1 个月前的已读留言</option></select> <input type="submit" value="快速删除" class="save" onclick="var _me=$(this);showDialog(\'确定删除所选留言吗?\', \'确认操作\', function(){_me.closest(\'form\').submit();});return false;"></form></center>');
TableFooter();
if ($search) {
if (preg_match("/^[1-9][0-9]*\$/", $search)) {
$s = ForceInt($search);
$searchsql = " WHERE cid = '{$s}' OR gid = '{$s}' OR phone LIKE '%{$s}%' ";
//按ID搜索
$title = "搜索数字为: <span class=note>{$s}</span> 的留言";
} else {
$searchsql = " WHERE (fullname LIKE '%{$search}%' OR email LIKE '%{$search}%' OR content LIKE '%{$search}%') ";
$title = "搜索: <span class=note>{$search}</span> 的留言列表";
}
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " AND readed = " . Iif($groupid == 1, 0, 1) . " ";
$title = "在 <span class=note>" . Iif($groupid == 1, '未读留言', '已读留言') . "</span> 中, " . $title;
}
}
} else {
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " WHERE readed = " . Iif($groupid == 1, 0, 1) . " ";
$title = "全部 <span class=note>" . Iif($groupid == 1, '未读留言', '已读留言') . "</span> 列表";
}
} else {
$searchsql = '';
$title = '全部留言列表';
}
}
$getcomments = APP::$DB->query("SELECT * FROM " . TABLE_PREFIX . "comment " . $searchsql . " ORDER BY readed ASC, cid DESC LIMIT {$start},{$NumPerPage}");
$maxrows = APP::$DB->getOne("SELECT COUNT(cid) AS value FROM " . TABLE_PREFIX . "comment " . $searchsql);
echo '<form method="post" action="' . BURL('comments/updatecomments') . '" name="commentsform">
<input type="hidden" name="p" value="' . $page . '">';
TableHeader($title . '(' . $maxrows['value'] . '个)');
TableRow(array('ID', '状态', '姓名', 'Email', '电话', '留言内容', '<input type="checkbox" id="checkAll2" for="updatecids[]"> <label for="checkAll2">标记已读</label>', 'IP', '留言时间', '<input type="checkbox" id="checkAll" for="deletecids[]"> <label for="checkAll">删除</label>'), 'tr0');
if ($maxrows['value'] < 1) {
TableRow('<center><BR><font class=redb>未搜索到任何留言!</font><BR><BR></center>');
} else {
while ($comm = APP::$DB->fetch($getcomments)) {
TableRow(array($comm['cid'], Iif($comm['readed'], '<font class=grey>已读</font>', '<font class=red>未读</font>'), Iif($comm['gid'], '<a title="编辑" href="' . BURL('guests/edit?gid=' . $comm['gid']) . '">' . "{$comm['fullname']}</a>", $comm['fullname']), Iif($comm['email'], '<a href="mailto:' . $comm['email'] . '">' . $comm['email'] . '</a>'), $comm['phone'], nl2br($comm['content']), Iif(!$comm['readed'], '<input type="checkbox" name="updatecids[]" value="' . $comm['cid'] . '">'), $comm['ip'], DisplayDate($comm['time'], '', 1), '<input type="checkbox" name="deletecids[]" value="' . $comm['cid'] . '">'));
}
$totalpages = ceil($maxrows['value'] / $NumPerPage);
if ($totalpages > 1) {
TableRow(GetPageList(BURL('comments'), $totalpages, $page, 10, 's', urlencode($search), 'g', $groupid));
}
}
TableFooter();
echo '<div class="submit"><input type="submit" name="updatecomms" value="标记已读" class="cancel" style="margin-right:28px"><input type="submit" name="deletecomms" value="删除留言" class="save" onclick="var _me=$(this);showDialog(\'确定删除所选留言吗?\', \'确认操作\', function(){_me.closest(\'form\').submit();});return false;"></div></form>';
}
public function index()
{
$NumPerPage = 10;
$page = ForceIntFrom('p', 1);
$letter = ForceStringFrom('key');
$search = ForceStringFrom('s');
$groupid = ForceStringFrom('g');
if (IsGet('s')) {
$search = urldecode($search);
}
$start = $NumPerPage * ($page - 1);
$admins = array();
$getadmins = APP::$DB->query("SELECT aid, fullname FROM " . TABLE_PREFIX . "admin");
while ($a = APP::$DB->fetch($getadmins)) {
$admins[$a['aid']] = $a['fullname'];
}
SubMenu('客人列表', array(array('客人列表', 'guests', 1)));
TableHeader('快速查找客人');
for ($alphabet = 'a'; $alphabet != 'aa'; $alphabet++) {
$alphabetlinks .= '<a href="' . BURL('guests?key=' . $alphabet) . '" title="' . strtoupper($alphabet) . '开头的客人">' . strtoupper($alphabet) . '</a> ';
}
TableRow('<center><b><a href="' . BURL('guests') . '">[全部客人]</a> <a href="' . BURL('guests?key=Other') . '">[中文名]</a> ' . $alphabetlinks . '</b></center>');
TableFooter();
TableHeader('搜索及快速删除');
TableRow('<center><form method="post" action="' . BURL('guests') . '" name="searchguests" style="display:inline-block;*display:inline;"><label>关键字:</label> <input type="text" name="s" size="18"> <label>语言或意向:</label> <select name="g"><option value="0">全部</option><option value="cn" ' . Iif($groupid == 'cn', 'SELECTED') . ' class=blue>中文 (语言)</option><option value="en" ' . Iif($groupid == 'en', 'SELECTED') . ' class=red>EN (语言)</option><option value="5" ' . Iif($groupid == '5', 'SELECTED') . '>5分 (意向)</option><option value="4" ' . Iif($groupid == '4', 'SELECTED') . '>4分 (意向)</option><option value="3" ' . Iif($groupid == '3', 'SELECTED') . '>3分 (意向)</option><option value="2" ' . Iif($groupid == '2', 'SELECTED') . '>2分 (意向)</option><option value="1" ' . Iif($groupid == '1', 'SELECTED') . '>1分 (意向)</option></select> <input type="submit" value="搜索客人" class="cancel"></form>
<form method="post" action="' . BURL('guests/fastdelete') . '" name="fastdelete" style="display:inline-block;margin-left:80px;*display:inline;"><label>快速删除客人:</label> <select name="days"><option value="0">请选择 ...</option><option value="360">12个月前登录的客人</option><option value="180"> 6 个月前登录的客人</option><option value="90"> 3 个月前登录的客人</option><option value="30"> 1 个月前登录的客人</option></select> <input type="submit" value="快速删除" class="save" onclick="var _me=$(this);showDialog(\'确定删除所选客人吗?<br>注: 客人的对话记录将同时被删除.\', \'确认操作\', function(){_me.closest(\'form\').submit();});return false;"></form></center>');
TableFooter();
if ($letter) {
if ($letter == 'Other') {
$searchsql = " WHERE fullname <> '' AND fullname NOT REGEXP(\"^[a-zA-Z]\") ";
$title = '<span class=note>中文姓名</span> 的客人列表';
} else {
$searchsql = " WHERE fullname LIKE '{$letter}%' ";
$title = '<span class=note>' . strtoupper($letter) . '</span> 字母开头的客人列表';
}
} else {
if ($search) {
if (preg_match("/^[1-9][0-9]*\$/", $search)) {
$s = ForceInt($search);
$searchsql = " WHERE gid = '{$s}' OR aid = '{$s}' OR phone LIKE '{$s}' ";
//按ID搜索
$title = "搜索数字为: <span class=note>{$s}</span> 的客人";
} else {
$searchsql = " WHERE (fullname LIKE '%{$search}%' OR address LIKE '%{$search}%' OR browser LIKE '%{$search}%' OR email LIKE '%{$search}%' OR ipzone LIKE '%{$search}%' OR remark LIKE '%{$search}%') ";
$title = "搜索: <span class=note>{$search}</span> 的客人列表";
}
if ($groupid) {
if ($groupid == 'cn' or $groupid == 'en') {
$searchsql .= " AND lang = " . Iif($groupid == 'cn', 1, 0) . " ";
$title = "在 <span class=note>" . Iif($groupid == 'cn', '中文客人', '英文客人') . "</span> 中, " . $title;
} else {
$searchsql .= " AND grade = '{$groupid}' ";
$title = "在 <span class=note>意向为: " . $groupid . "分</span> 中, " . $title;
}
}
} else {
if ($groupid) {
if ($groupid == 'cn' or $groupid == 'en') {
$searchsql .= " WHERE lang = " . Iif($groupid == 'cn', 1, 0) . " ";
$title = "全部 <span class=note>" . Iif($groupid == 'cn', '中文客人', '英文客人') . "</span> 列表";
} else {
$searchsql .= " WHERE grade = '{$groupid}' ";
$title = "<span class=note>意向为: " . $groupid . " 分</span> 的客人列表";
}
} else {
$searchsql = '';
$title = '全部客人列表';
}
}
}
$getguests = APP::$DB->query("SELECT * FROM " . TABLE_PREFIX . "guest " . $searchsql . " ORDER BY last DESC LIMIT {$start},{$NumPerPage}");
$maxrows = APP::$DB->getOne("SELECT COUNT(gid) AS value FROM " . TABLE_PREFIX . "guest " . $searchsql);
echo '<form method="post" action="' . BURL('guests/updateguests') . '" name="guestsform">
<input type="hidden" name="p" value="' . $page . '">';
TableHeader($title . '(' . $maxrows['value'] . '个)');
TableRow(array('ID', '姓名', '意向分', '语言', '登录', '踢出 (次)', '最后服务', '浏览器', '来自页面', 'Email', '电话', '地址', '备注', '归属地 (IP)', '最后登陆', '<input type="checkbox" id="checkAll" for="deletegids[]"> <label for="checkAll">删除</label>'), 'tr0');
if ($maxrows['value'] < 1) {
TableRow('<center><BR><font class=redb>未搜索到任何客人!</font><BR><BR></center>');
} else {
while ($user = APP::$DB->fetch($getguests)) {
TableRow(array($user['gid'], '<a title="编辑" href="' . BURL('guests/edit?gid=' . $user['gid']) . '">' . Iif($user['fullname'], $user['fullname'], '<font class=grey>' . Iif($user['lang'], '无名', 'None') . '</font>') . '</a>', $user['grade'], Iif($user['lang'], '中文', 'EN'), $user['logins'], $user['banned'], $admins[$user['aid']], $user['browser'], "<a href=\"{$user['fromurl']}\" target=\"_blank\">" . ShortTitle($user['fromurl'], 36) . "</a>", Iif($user['email'], '<a href="mailto:' . $user['email'] . '">' . $user['email'] . '</a>'), $user['phone'], $user['address'], ShortTitle($user['remark'], 48), $user['ipzone'] . " ({$user['lastip']})", DisplayDate($user['last'], '', 1), '<input type="checkbox" name="deletegids[]" value="' . $user['gid'] . '">'));
}
$totalpages = ceil($maxrows['value'] / $NumPerPage);
if ($totalpages > 1) {
TableRow(GetPageList(BURL('guests'), $totalpages, $page, 10, 'key', $letter, 's', urlencode($search), 'g', $groupid));
}
}
TableFooter();
PrintSubmit('删除客人', '', 1, '确定删除所选客人吗?<br>注: 客人的对话记录将同时被删除.');
}
public function save()
{
$aid = ForceIntFrom('aid');
$type = ForceIntFrom('type');
$activated = ForceIntFrom('activated');
$username = ForceStringFrom('username');
$password = ForceStringFrom('password');
$passwordconfirm = ForceStringFrom('passwordconfirm');
$email = ForceStringFrom('email');
$fullname = ForceStringFrom('fullname');
$fullname_en = ForceStringFrom('fullname_en');
$post = ForceStringFrom('post');
$post_en = ForceStringFrom('post_en');
$deleteuser = ForceIntFrom('deleteuser');
if ($deleteuser and $aid != $this->admin['aid']) {
$this->DeleteUser($aid);
Success('users');
//如果删除客服, 直接跳转
}
if (!$username) {
$errors[] = '请输入用户名!';
} elseif (!IsName($username)) {
$errors[] = '用户名存在非法字符!';
} elseif (APP::$DB->getOne("SELECT aid FROM " . TABLE_PREFIX . "admin WHERE username = '******' AND aid != '{$aid}'")) {
$errors[] = '用户名已存在!';
}
if ($aid) {
if (strlen($password) or strlen($passwordconfirm)) {
if (strcmp($password, $passwordconfirm)) {
$errors[] = '两次输入的密码不相同!';
}
}
} else {
if (!$password) {
$errors[] = '请输入密码!';
} elseif ($password != $passwordconfirm) {
$errors[] = '两次输入的密码不相同!';
}
}
if (!$email) {
$errors[] = '请输入Email地址!';
} elseif (!IsEmail($email)) {
$errors[] = 'Email地址不规范!';
} elseif (APP::$DB->getOne("SELECT aid FROM " . TABLE_PREFIX . "admin WHERE email = '{$email}' AND aid != '{$aid}'")) {
$errors[] = 'Email地址已占用!';
}
if (!$fullname) {
$errors[] = '请输入中文昵称!';
}
if (!$fullname_en) {
$errors[] = '请输入英文昵称!';
}
if (!$post) {
$errors[] = '请输入中文职位!';
}
if (!$post_en) {
$errors[] = '请输入英文职位!';
}
if (isset($errors)) {
Error($errors, Iif($aid, '编辑客服错误', '添加客服错误'));
} else {
if ($aid) {
APP::$DB->exe("UPDATE " . TABLE_PREFIX . "admin SET username = '******',\n\t\t\t\t" . Iif($aid != $this->admin['aid'], "type = '{$type}', activated = '{$activated}',") . "\n\t\t\t\t" . Iif($password, "password = '******',") . "\n\t\t\t\temail = '{$email}',\n\t\t\t\tfullname = '{$fullname}',\n\t\t\t\tfullname_en = '{$fullname_en}',\n\t\t\t\tpost = '{$post}',\n\t\t\t\tpost_en = '{$post_en}'\t\t\t\t\t\t\t\t\t\t \n\t\t\t\tWHERE aid = '{$aid}'");
} else {
APP::$DB->exe("INSERT INTO " . TABLE_PREFIX . "admin (type, activated, username, password, email, first, fullname, fullname_en, post, post_en) VALUES ('{$type}', 1, '{$username}', '" . md5($password) . "', '{$email}', '" . time() . "', '{$fullname}', '{$fullname_en}', '{$post}', '{$post_en}')");
}
Success('users');
}
}
public function save()
{
$action = ForceStringFrom('action');
$filename = ROOT . "config/settings.php";
if (!is_writeable($filename)) {
$errors = '请将系统配置文件config/settings.php设置为可写, 即属性设置为: 777';
}
if (isset($errors)) {
Error($errors, '系统设置错误');
}
$settings = $_POST['settings'];
$fp = @fopen($filename, 'rb');
$contents = @fread($fp, filesize($filename));
@fclose($fp);
$contents = trim($contents);
$oldcontents = $contents;
foreach ($settings as $key => $value) {
if (APP::$_CFG[$key] != $settings[$key]) {
$value = ForceString($value);
if ($key == 'KillRobotCode' and trim($value) == "") {
$value = APP::$_CFG[$key];
}
if ($key == 'BaseUrl' and substr($value, -1) != '/') {
$value .= '/';
}
switch ($key) {
case 'Update':
$value = ForceInt($value);
if ($value < 1) {
$value = 1;
}
if ($value > 20) {
$value = 20;
}
break;
case 'AutoOffline':
$value = ForceInt($value);
if ($value < 6) {
$value = 6;
}
if ($value > 60) {
$value = 60;
}
break;
case 'SocketPort':
$value = ForceInt($value);
if ($value < 100) {
$value = 100;
}
if ($value > 65535) {
$value = 65535;
}
break;
}
$code = ForceString($key);
$contents = preg_replace("/[\$]_CFG\\['{$code}'\\]\\s*\\=\\s*[\"'].*?[\"'];/is", "\$_CFG['{$code}'] = \"{$value}\";", $contents);
}
}
if ($contents != $oldcontents) {
$fp = @fopen($filename, 'w');
@fwrite($fp, $contents);
@fclose($fp);
}
Success('settings' . Iif($action, '/' . $action));
}
public function index()
{
$myid = $this->admin['aid'];
$NumPerPage = 10;
$page = ForceIntFrom('p', 1);
$search = ForceStringFrom('s');
$groupid = ForceStringFrom('g');
if (IsGet('s')) {
$search = urldecode($search);
}
$start = $NumPerPage * ($page - 1);
SubMenu('我的对话记录', array(array('记录列表', 'mymessages', 1)));
TableHeader('搜索对话记录');
TableRow('<center><form method="post" action="' . BURL('mymessages') . '" name="search" style="display:inline-block;"><label>关键字:</label> <input type="text" name="s" size="18"> <label>分类:</label> <select name="g"><option value="0">全部</option><option value="1" ' . Iif($groupid == '1', 'SELECTED') . ' class=red>客人的发言</option><option value="2" ' . Iif($groupid == '2', 'SELECTED') . '>我的发言</option></select> <input type="submit" value="搜索记录" class="cancel"></form></center>');
TableFooter();
if ($search) {
if (preg_match("/^[1-9][0-9]*\$/", $search)) {
$s = ForceInt($search);
$searchsql = " WHERE (mid = '{$s}' OR fromid = '{$s}' OR toid = '{$s}') ";
//按ID搜索
$title = "搜索ID号为: <span class=note>{$s}</span> 的记录";
} else {
$searchsql = " WHERE (fromname LIKE '%{$search}%' OR toname LIKE '%{$search}%' OR msg LIKE '%{$search}%') ";
$title = "搜索: <span class=note>{$search}</span> 的记录列表";
}
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " AND (" . Iif($groupid == 1, "type = 0 AND toid = '{$myid}'", "type = 1 AND fromid = '{$myid}'") . ") ";
$title = "在 <span class=note>" . Iif($groupid == 1, '客人的发言', '我的发言') . "</span> 中, " . $title;
}
} else {
$searchsql .= " AND ((type = 1 AND fromid = '{$myid}') OR (type = 0 AND toid = '{$myid}')) ";
}
} else {
if ($groupid) {
if ($groupid == 1 or $groupid == 2) {
$searchsql .= " WHERE " . Iif($groupid == 1, "type = 0 AND toid = '{$myid}' ", "type = 1 AND fromid = '{$myid}' ");
$title = "全部 <span class=note>" . Iif($groupid == 1, '客人的发言', '我的发言') . "</span> 列表";
}
} else {
$searchsql = " WHERE (type = 1 AND fromid = '{$myid}') OR (type = 0 AND toid = '{$myid}') ";
$title = '全部记录列表';
}
}
$getmy = APP::$DB->query("SELECT * FROM " . TABLE_PREFIX . "msg " . $searchsql . " ORDER BY mid DESC LIMIT {$start},{$NumPerPage}");
$maxrows = APP::$DB->getOne("SELECT COUNT(mid) AS value FROM " . TABLE_PREFIX . "msg " . $searchsql);
TableHeader($title . '(' . $maxrows['value'] . '个)');
TableRow(array('ID', '发送人', '对话内容', '接收人', '记录时间'), 'tr0');
if ($maxrows['value'] < 1) {
TableRow('<center><BR><font class=redb>未搜索到任何记录!</font><BR><BR></center>');
} else {
while ($msg = APP::$DB->fetch($getmy)) {
TableRow(array($msg['mid'], $msg['fromname'], getSmile($msg['msg']), $msg['toname'], DisplayDate($msg['time'], '', 1)));
}
$totalpages = ceil($maxrows['value'] / $NumPerPage);
if ($totalpages > 1) {
TableRow(GetPageList(BURL('mymessages'), $totalpages, $page, 10, 's', urlencode($search), 'g', $groupid));
}
}
TableFooter();
}