function AdminFileManager() { UseScript('elfinder'); $options = array('url' => 'index.php?name=plugins&p=connectors&mod=elfinder', 'lang' => 'ru', 'docked' => true, 'height' => 490); System::admin()->AddOnLoadJS('var elfinder = $("#finder").elfinder(' . JsonEncode($options) . ')'); System::admin()->AddTextBox('�איכמג�י לוםוהזונ', '<div id="finder">finder</div>'); }
/** * Выводит дерево в html-коде для отображения в админ-панели * @param int $ParentId * @return bool|string */ public function ShowCats($ParentId = 0) { UseScript('jquery_ui_treeview'); if ($ParentId == 0 && isset($_GET['_cat_parent'])) { $ParentId = SafeEnv($_GET['_cat_parent'], 11, int); } $elements = array(); if ($ParentId == 0 && !isset($this->Cats[$ParentId])) { return 'Нет категорий'; } foreach ($this->Cats[$ParentId] as $cat) { $id = SafeDB($cat['id'], 11, int); $icon = trim(SafeDB($cat['icon'], 255, str)); $info = ''; if ($icon != '') { $info .= '<img src="' . $icon . '">'; } if ($this->index_id_par_name != '') { $link_go = Ufu('index.php?name=' . $this->module . '&' . $this->index_id_par_name . '=' . $id, $this->module . '/{' . $this->index_id_par_name . '}/'); $info .= ($icon != '' ? '<br>' : '') . '<b>Адрес</b>: <a href="' . $link_go . '" target="_blank">/' . $link_go . '</a>'; } $icon = 'images/folder.png'; $add_cat_link = ADMIN_FILE . '?exe=' . $this->module . '&' . $this->action_par_name . '=' . $this->edit_met . '&_cat_adto=' . $id; $edit_cat_link = ADMIN_FILE . '?exe=' . $this->module . '&' . $this->action_par_name . '=' . $this->edit_met . '&' . $this->id_par_name . '=' . $id; $func = ''; $func .= System::admin()->SpeedButton('Добавить дочернюю категорию', $add_cat_link, 'images/admin/folder_add.png'); $func .= System::admin()->SpeedButton('Редактировать', $edit_cat_link, 'images/admin/edit.png'); $func .= System::admin()->SpeedConfirmJs('Удалить категорию', '$(\'#cats_tree_container\').treeview(\'deleteNode\', ' . $id . ');', 'images/admin/delete.png', 'Уверены что хотите удалить? Все дочерние объекты так-же будут удалены.'); $obj_counts = $this->GetCountersRecursive($id); $elements[] = array('id' => $id, 'icon' => $icon, 'title' => '<b>' . System::admin()->Link(SafeDB($cat['title'], 255, str) . ' (' . $obj_counts['files'] . ')', $edit_cat_link) . '</b>', 'info' => $info, 'func' => $func, 'isnode' => isset($this->Cats[$id]), 'child_url' => ADMIN_FILE . '?exe=' . $this->module . '&' . $this->action_par_name . '=' . $this->showcats_met . '&_cat_parent=' . $id); } if ($ParentId == 0) { System::admin()->AddOnLoadJS('$("#cats_tree_container").treeview({del: \'' . ADMIN_FILE . '?exe=' . $this->module . '&' . $this->action_par_name . '=' . $this->del_met . '&ok=1\', delRequestType: \'GET\', tree: ' . JsonEncode($elements) . '});'); return '<div id="cats_tree_container"></div>'; } else { echo JsonEncode($elements); exit; } }
} } } /* 模块 end */ foreach ($keys as $key) { $content[$key] = Val($key, 'REQUEST'); } if (in_array('toplocation', $keys)) { $content['toplocation'] = !empty($content['toplocation']) ? $content['toplocation'] : $content['location']; } $judgeCookie = in_array('cookie', $keys) ? true : false; /* cookie hash */ $cookieHash = md5($project['id'] . '_' . $content['cookie'] . '_' . $content['location'] . '_' . $content['toplocation']); $cookieExisted = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('project_content') . " WHERE projectId='{$project[id]}' AND cookieHash='{$cookieHash}'"); if (!$judgeCookie || $cookieExisted <= 0) { //服务器获取的content $serverContent = array(); $serverContent['HTTP_REFERER'] = $_SERVER['HTTP_REFERER']; $referers = @parse_url($serverContent['HTTP_REFERER']); $domain = $referers['host'] ? $referers['host'] : ''; $domain = StripStr($domain); $serverContent['HTTP_REFERER'] = StripStr($_SERVER['HTTP_REFERER']); $serverContent['HTTP_USER_AGENT'] = StripStr($_SERVER['HTTP_USER_AGENT']); $serverContent['REMOTE_ADDR'] = StripStr($_SERVER['HTTP_X_FORWARDED_FOR']); $values = array('projectId' => $project['id'], 'content' => JsonEncode($content), 'serverContent' => JsonEncode($serverContent), 'domain' => $domain, 'cookieHash' => $cookieHash, 'num' => 1, 'addTime' => time()); $db->AutoExecute(Tb('project_content'), $values); } else { $db->Execute("UPDATE " . Tb('project_content') . " SET num=num+1,updateTime='" . time() . "' WHERE projectId='{$project[id]}' AND cookieHash='{$cookieHash}'"); } header("Location: {$_SERVER['HTTP_REFERER']} "); }
function UnitTest($apicode, $request = array()) { $script = ''; $response = ''; if (API_VERSION != 'dev' and API_VERSION != 'test') { $script = sprintf(API_URL, API_NAME, API_VERSION); } else { if (empty($_REQUEST['development']) and count($argv) == 1) { $script = sprintf(API_URL, API_NAME, API_VERSION); } else { if (count($argv) == 1) { $script = sprintf(API_TEST_URL, API_NAME, API_VERSION); } else { $script = join(array(API_ROOT, API_NAME, 'dev', 'index.php'), DIRECTORY_SEPARATOR); } } } $request['code'] = "{$apicode}"; $params = JsonEncode($request); if (strpos($script, 'http') === 0) { $response = HttpPost($script, array('data' => $params)); } else { $response = shell_exec(sprintf("/usr/bin/php %s '%s'", $script, $params)); } echo "Request: "; print_r($request); echo "Response: "; $result = json_decode($response, TRUE); if ($result) { print_r($result); } else { print_r($response); } }
ShowError('模块不存在或没有权限'); } if ($user->adminLevel <= 0) { if ($module['isOpen'] == 1 && $module['isAudit'] == 1) { ShowError('已通过审核的公共模块不能修改'); } } $title = Val('title', 'POST'); $description = Val('description', 'POST'); if (empty($title)) { ShowError('模块名称不能为空', URL_ROOT . '/index.php?do=module&act=create'); } $keys = Val('keys', 'POST', 0, 1); $keys = JsonEncode($keys); $setkeys = Val('setkeys', 'POST', 0, 1); $setkeys = JsonEncode($setkeys); $isOpen = Val('isOpen', 'POST', 1); $code = Val('code', 'POST'); $values = array('title' => $title, 'description' => $description, 'userId' => $user->userId, '`keys`' => $keys, '`setkeys`' => $setkeys, 'code' => $code, 'isOpen' => $isOpen); $db->AutoExecute(Tb('module'), $values, 'UPDATE', " id={$id}"); ShowSuccess('操作成功'); break; case 'delete': if (!$user->CheckToken(Val('token', 'GET'))) { ShowError('操作失败'); } $id = Val('id', 'GET', 1); $db = DBConnect(); //读取module信息 $module = $db->FirstRow("SELECT * FROM " . Tb('module') . " WHERE id='{$id}' AND userId='" . $user->userId . "'"); if (empty($module)) {
// @package hhxc if (!defined('HHXC')) { die('Permission denied'); } if (CheckOpenID($params['openid'], $params['uid']) == FALSE) { $result['msg'] = MESSAGE_WARNING; } else { if ($params['reward'] == 1) { $result['msg'] = '该回复已经被采纳!'; } else { $info_tid = StorageFindID('hh_techforum_list', Assign($params['tolistid'], 0)); $user_uid = StorageFindID('hh_techuser', Assign($params['uid'], 0)); $user_touid = StorageFindID('hh_techuser', Assign($params['touid'], 0)); $info_tid = StorageFindID('hh_techforum', Assign($params['tid'], 0)); if ($info_tid['rewarded'] == 1) { die(JsonEncode(array('code' => '100', 'msg' => '该回复已经被采纳!'))); } ## 設置回帖的採納狀態 $fields_tolist = array('adopt' => 1); StorageEditByID('hh_techforum_list', $fields_tolist, Assign($params['tolistid'], 0)); ## 添加會貼者之可兌換積分 $message = sprintf(RANKSCORE_ADOPTED, $info_tid['title'], SafeUsername($user_uid), Techuser_viewRankScore($params['reward'])); //Techuser_setRankscore(Assign($params['touid'], 0), $params['reward'], $message, TRUE); Techuser_setRankByScore(Assign($params['touid'], 0), Techuser_viewRankScore($params['reward']), $message); ## 設置主題悬赏狀態 $fields_tid = array('rewarded' => 1); StorageEditByID('hh_techforum', $fields_tid, Assign($params['tid'], 0)); ## 記錄樓主採納日誌 $message = sprintf(RANKSCORE_ADOPT, SafeUsername($user_touid), Techuser_viewRankScore($params['reward'])); Techuser_setRankscore(Assign($params['uid'], 0), 0, $message); ## 添加回帖者經驗值
function ShowASuccess($content = '操作成功', $data = array()) { $return = array('error' => 0, 'content' => $content); if (!empty($data)) { $return['data'] = $data; } die(JsonEncode($return)); }
public function DelFolder($path) { $result = array(); if (RealPath2($path) == '') { $result['error'] = 'Нельзя удалить корневую папку!'; return JsonEncode($result); } $path = RealPath2(DIR_FILES . '/' . $path); if (!is_dir($path)) { $result['error'] = 'Папка не существует'; return JsonEncode($result); } if (RmDirRecursive($path)) { $result['ok'] = true; } else { $result['error'] = 'Ошибка при удалении папки'; } return JsonEncode($result); }
function AdminAdminMenuMain() { UseScript('jquery_ui_treeview'); $reserved = array('_system_menu', '_site_menu', '_mods_menu', '_help_menu'); if (isset($_GET['parent'])) { $parent = SafeEnv($_GET['parent'], 11, int); } else { $parent = 0; } $itemsdb = System::database()->Select('adminmenu'); SortArray($itemsdb, 'order'); $items = array(); foreach ($itemsdb as $item) { $items[$item['parent']][] = $item; } if (!isset($items[$parent])) { return ''; } foreach ($items[$parent] as $item) { $id = SafeDB($item['id'], 11, int); $icon = SafeDB($item['icon'], 255, str); $type = SafeDB($item['type'], 255, str); $title = SafeDB($item['title'], 255, str); if ($icon == '') { $icon = 'images/page.png'; } if ($type == 'delimiter') { $title = '-- Разделитель --'; } $editlink = ADMIN_FILE . '?exe=adminmenu&a=editor&id=' . $id; $func = ''; $func .= System::admin()->SpeedButton('Добавить дочернюю ссылку', ADMIN_FILE . '?exe=adminmenu&a=editor&parent=' . $id, 'images/admin/link_add.png'); $func .= ' '; $func .= System::admin()->SpeedStatus('Выключить', 'Включить', ADMIN_FILE . '?exe=adminmenu&a=changestatus&id=' . $id, $item['enabled'] == '1', 'images/bullet_green.png', 'images/bullet_red.png'); if (!in_array($item['module'], $reserved)) { $func .= ' '; $func .= System::admin()->SpeedButton('Редактировать', $editlink, 'images/admin/edit.png'); $func .= System::admin()->SpeedConfirmJs('Удалить', '$(\'#tree_container\').treeview(\'deleteNode\', ' . $id . ');', 'images/admin/delete.png', 'Удалить элемент "' . $title . '"?'); $title = '<strong>' . System::admin()->Link($title, $editlink, 'Редактировать') . '</strong>'; } $elements[] = array('id' => $id, 'icon' => $icon, 'title' => $title, 'func' => $func, 'isnode' => isset($items[$id]), 'child_url' => 'admin.php?exe=adminmenu&a=ajaxtree&parent=' . $id); } if ($parent == 0) { System::admin()->AddOnLoadJS('$("#tree_container").treeview({move: \'' . ADMIN_FILE . '?exe=adminmenu&a=ajaxmove\', del: \'' . ADMIN_FILE . '?exe=adminmenu&a=delete\', tree: ' . JsonEncode($elements) . '});'); AddTextBox('Меню администратора', '<div id="tree_container"></div>'); } else { echo JsonEncode($elements); exit; } }
$admin_name = $_POST['admin_name']; $admin_password = $_POST['admin_password']; $admin_template = $_POST['admin_template']; $a = System::user()->Login($admin_name, $admin_password, false, true); if ($a === true && System::user()->SecondLoginAdmin) { System::user()->Data('admin_template', $admin_template); Audit('Вход в админ-панель'); } else { System::user()->UnsetCookie(System::user()->AdminCookieName); System::admin()->Login('Неверный логин или пароль.'); // exit } } else { // Форма авторизации if (IsAjax()) { exit(JsonEncode(array('auth' => GetPageUri(true)))); } System::admin()->Login(); // exit } } System::admin()->InitPage(); define('INDEX_PHP', false); // Получаем имя модуля $ModuleName = ''; if (!isset($_GET['exe'])) { $ModuleName = 'adminpanel'; } else { $ModuleName = $_GET['exe']; if ($ModuleName == 'exit') { // Выход
public function GetOptions() { $options = array('columns' => $this->columns, 'rows' => $this->rows, 'listing' => $this->listing, 'total' => $this->total, 'page' => $this->page, 'onpage' => $this->onpage, 'sortby' => $this->sortby, 'sortdesc' => $this->sortdesc, 'del' => $this->del); return JsonEncode($options); }
function AdminForumMain() { UseScript('jquery_ui_treeview'); if (CheckGet('parent')) { // Запрос дочернего дерева $parent = SafeEnv($_GET['parent'], 11, int); $default_level = 0; } else { $parent = 0; $default_level = 1; } $forumsdb = System::database()->Select('forums'); SortArray($forumsdb, 'order'); $forums = array(); foreach ($forumsdb as $f) { $forums[$f['parent_id']][] = $f; } $elements = array(); if (isset($forums[$parent])) { foreach ($forums[$parent] as $forum) { $element = AdminForumGetElement($forum, $forums, $default_level); if ($parent == 0 && isset($forums[$forum['id']])) { foreach ($forums[$forum['id']] as $forum) { $element['childs'][] = AdminForumGetElement($forum, $forums, 2); } } $elements[] = $element; } } elseif (!CheckGet('parent')) { AddTextBox('Управление форумами', 'Нет категорий.'); return; } if ($parent == 0) { $delete_url = ADMIN_FILE . '?exe=forum&a=delete'; $move_url = ADMIN_FILE . '?exe=forum&a=move'; System::admin()->AddOnLoadJS('$("#tree_container").treeview({move: "' . $move_url . '", del: "' . $delete_url . '", tree: ' . JsonEncode($elements) . '});'); AddTextBox('Управление форумами', '<div id="tree_container"></div>'); } else { echo JsonEncode($elements); exit; } }
function AdminCodetesterSave($action) { $snippet = SafeR('title,type', 255, str) + SafeR('code', 0, str); ObjectUtf8ToCp1251($snippet); if ($action == 'save' && (isset($_POST['id']) && $_POST['id'] != 0)) { // Редактирование $id = SafeEnv($_POST['id'], 11, int); System::database()->Update('snippets', MakeSet($snippet), "`id`='{$id}'"); Audit('Тестирование кода: Изменение сниппета "' . $snippet['title'] . '"'); echo JsonEncode(array('id' => $id)); } else { // Добавить новый снипет System::database()->Insert('snippets', MakeValues("'','title','code','type'", $snippet)); Audit('Тестирование кода: Добавление сниппета "' . $snippet['title'] . '"'); echo JsonEncode(array('id' => System::database()->GetLastId())); } exit; }
* OldCMS,site:http://www.oldcms.com */ if (!defined('IN_OLDCMS')) { die('Access Denied'); } $auth = Val('auth', 'GET'); $db = DBConnect(); $project = $db->FirstRow("SELECT * FROM " . Tb('project') . " WHERE authCode='{$auth}'"); if (empty($project)) { exit('Auth Err.'); } switch ($act) { case 'content': default: $domain = Val('domain', 'GET'); $where = ''; if (!empty($domain)) { $where .= " AND domain='{$domain}'"; } $contents = $db->FirstColumn("SELECT content FROM " . Tb('project_content') . " WHERE projectId='{$project[id]}' {$where} ORDER BY id DESC"); $data = array(); foreach ($contents as $k => $v) { $row = array(); $v = (array) json_decode($v); $row['url'] = $v['opener'] ? $v['opener'] : $v['toplocation']; $row['cookie'] = $v['cookie']; $data[] = $row; } echo JsonEncode($data); break; }
$moduleSetKeys = array(); //配置的参数 foreach ($modules as $mId) { $module = $db->FirstRow("SELECT * FROM " . Tb('module') . " WHERE id='{$mId}'"); if (!empty($module) && !empty($module['setkeys'])) { $mSetKeys = (array) json_decode($module['setkeys'], true); foreach ($mSetKeys as $setkey) { $setkeyK = "setkey_{$mId}_{$setkey}"; $setkeyV = Val($setkeyK, 'POST'); if (!empty($setkeyV)) { $moduleSetKeys["{$setkeyK}"] = urlencode($setkeyV); } } } } $values['moduleSetKeys'] = JsonEncode($moduleSetKeys); } $db->AutoExecute(Tb('project'), $values, 'UPDATE', " id='{$id}'"); if ($ty == 'create') { header("Location: " . URL_ROOT . '/index.php?do=project&act=viewcode&ty=create&id=' . $id); } else { ShowSuccess('操作成功'); } break; case 'view': $id = Val('id', 'GET', 1); $db = DBConnect(); $project = $db->FirstRow("SELECT * FROM " . Tb('project') . " WHERE id='{$id}' AND userId='" . $user->userId . "'"); if (empty($project)) { ShowError('项目不存在或没有权限'); }
$apicodes = array('1', '24', '25', '26', '28', '29', '31', '32', '33', '35', '36', '37', '38', '39', '40', '41', '42', '43', '44', '45', '46', '47', '49', '50', '54', '55', '60', '62', '94', '95', '96'); ## 加載相對應API接口腳本 $script = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'API' . substr(strval($params['code'] + 1000), 1, 3) . '.php'; if (file_exists($script) == FALSE) { die('Permission denied for the APIs'); } else { if (in_array($params['code'], $apicodes)) { die(HttpPost('http://www.haohaoxiuche.com/api_hhxc4.php', array('data' => JsonEncode($params)))); } else { require_once $script; } } header('Content-Type: text/html;charset=utf-8'); header('Access-Control-Allow-Origin:*'); mysqli_close($mysql); die(JsonEncode($result)); /**************************************** 公共函數 ****************************************/ // 檢測用戶OpenID有效性 function CheckOpenID($loginid, $uid = 0) { if (DEBUG == FALSE and FALSE) { $result = StorageQueryOne('hh_techuser', '*', array('loginid' => $loginid, 'zhuangtai' => 1)); if (is_array($result)) { return $uid > 0 and $uid == Assign($result['id'], '0'); } return FALSE; } return TRUE; } ## 設置技師用戶積分並且記錄積分日誌 ## 若達到每日積分極限則返回-1
/** * Генерирует Ajax дерево страниц * @return void */ function AdminPagesAjaxTree() { UseScript('jquery_ui_treeview'); if (CheckGet('parent')) { $parent = SafeEnv($_GET['parent'], 11, int); } else { $parent = 0; } $pages = System::database()->Select('pages'); SortArray($pages, 'order'); $pages_tree = new Tree($pages); $elements = array(); if ($parent == 0) { $func = ''; $func .= SpeedButton('Добавить дочернюю страницу', ADMIN_FILE . '?exe=pages&a=editor', 'images/admin/page_add.png'); $func .= SpeedButton('Добавить дочернюю ссылку', ADMIN_FILE . '?exe=pages&a=link', 'images/admin/link_add.png'); $func .= SpeedButton('Добавить дочернюю категорию', ADMIN_FILE . '?exe=pages&a=cat', 'images/admin/folder_add.png'); $site_node = array('id' => '0', 'title' => System::config('general/site_name'), 'icon' => 'images/globe.png', 'func' => $func, 'isnode' => true, 'opened' => true, 'childs' => array()); } foreach ($pages_tree->Cats[$parent] as $page) { $id = SafeDB($page['id'], 11, int); if ($page['type'] == 'page') { $link = Ufu('index.php?name=pages&file=' . SafeDB($page['link'], 255, str), 'pages:page'); $icon = 'images/page.png'; $type = 'Страница'; $counter = SafeDB($page['hits'], 11, int); $edit_link = ADMIN_FILE . '?exe=pages&a=editor&id=' . $id; } elseif ($page['type'] == 'link') { $link = SafeDB($page['text'], 255, str); if (substr($link, 0, 6) == 'mod://') { $link = Ufu('index.php?name=' . substr($link, 6), '{name}/'); } $icon = 'images/link.png'; $type = 'Ссылка'; $counter = '- '; $edit_link = ADMIN_FILE . '?exe=pages&a=link&id=' . $id; } else { $link = Ufu('index.php?name=pages&file=' . SafeDB($page['link'], 255, str), 'pages:page'); $icon = 'images/folder.png'; $type = 'Категория'; $counter = '- '; $edit_link = ADMIN_FILE . '?exe=pages&a=cat&id=' . $id; } $func = ''; $func .= System::admin()->SpeedButton('Добавить дочернюю страницу', ADMIN_FILE . '?exe=pages&a=editor&parent=' . $id, 'images/admin/page_add.png'); $func .= System::admin()->SpeedButton('Добавить дочернюю ссылку', ADMIN_FILE . '?exe=pages&a=link&parent=' . $id, 'images/admin/link_add.png'); $func .= System::admin()->SpeedButton('Добавить дочернюю категорию', ADMIN_FILE . '?exe=pages&a=cat&parent=' . $id, 'images/admin/folder_add.png'); $func .= ' '; $func .= System::admin()->SpeedStatus('Скрыть из меню', 'Показать в меню', ADMIN_FILE . '?exe=pages&a=changemenu&id=' . $id, $page['showinmenu'] == '1', 'images/menu_enabled.png', 'images/menu_disabled.png'); $func .= System::admin()->SpeedStatus('Выключить', 'Включить', ADMIN_FILE . '?exe=pages&a=changestatus&id=' . $id, $page['enabled'] == '1', 'images/bullet_green.png', 'images/bullet_red.png'); $func .= ' '; $func .= System::admin()->SpeedButton('Редактировать', $edit_link, 'images/admin/edit.png'); $func .= System::admin()->SpeedConfirmJs('Удалить', '$(\'#tree_container\').treeview(\'deleteNode\', ' . $id . ');', 'images/admin/delete.png', 'Уверены что хотите удалить? Все дочерние страницы и ссылки так-же будут удалены.'); $view = ViewLevelToStr(SafeDB($page['view'], 1, int)); $info = Indent("\n\t\t\t<b>Тип</b>: {$type}<br />\n\t\t\t" . ($page['type'] == 'page' ? "<b>Просмотров</b>: {$counter}<br />" : '') . "\n\t\t\t<b>Видят</b>: {$view}<br />\n\t\t\t<b>Адрес</b>: <a href=\"{$link}\" target=\"_blank\">/" . Utf8ToCp1251(rawurldecode($link)) . "</a>\n\t\t"); $elements[] = array('id' => $id, 'icon' => $icon, 'title' => '<b>' . System::admin()->Link(SafeDB($page['title'], 255, str), $edit_link) . '</a></b>', 'info' => $info, 'func' => $func, 'isnode' => isset($pages_tree->Cats[$id]), 'child_url' => 'admin.php?exe=pages&a=ajaxtree&parent=' . $id); } if ($parent == 0) { $site_node['childs'] =& $elements; $tree = array(&$site_node); } else { $tree =& $elements; } if ($parent == 0) { System::admin()->AddOnLoadJS('$("#tree_container").treeview({move: \'' . ADMIN_FILE . '?exe=pages&a=ajaxmove\', del: \'' . ADMIN_FILE . '?exe=pages&a=delete\', tree: ' . JsonEncode($tree) . '});'); AddTextBox('Страницы', '<div id="tree_container"></div>'); } else { echo JsonEncode($tree); exit; } }