function UA($act, $cid) { global $iCMS; $cookietime = $iCMS->config['diggtime']; $ajax = intval($_GET['ajax']); $cTime = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false; if ($cTime) { set_cookie($cid . '_' . $act, time(), $cookietime); if ($cid && iCMS_DB::query("UPDATE `#iCMS@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) { $ajax ? jsonp("{state:'1'}", $_GET['callback']) : _Header($iCMS->config['publicURL'] . "/comment.php?indexId=" . $id); } } else { $ajax ? jsonp("{state:'0',text:'" . $iCMS->language('digged') . "' }", $_GET['callback']) : alert($iCMS->language('digged')); } }
function UA($act, $cid) { global $iCMS, $_iGLOBAL; $cookietime = $_iGLOBAL['cookie']['time']; $ajax = intval($_GET['ajax']); $ct = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false; if ($ct) { set_cookie($cid . '_' . $act, time(), $cookietime); if ($cid && $iCMS->db->query("UPDATE `#iCMS@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) { $ajax ? jsonp("{state:'1'}", $_GET['callback']) : _Header($iCMS->dir . "comment.php?aid=" . $id); } } else { $ajax ? jsonp("{state:'0',text:'" . $iCMS->language('digged') . "' }", $_GET['callback']) : alert($iCMS->language('digged')); } }
function(data){ if(data=='1'){ redirect("admincp.php?do=message"); } } ); } </script> </body></html><?php break; case 'del': $id = intval($_GET['id']); $id && $DreamCMS->db->query("DELETE FROM `#DC@__message` WHERE `id` ='{$id}'"); _Header('admincp.php?do=message'); break; case 'post': if (isset($_POST['delete'])) { foreach ($_POST['delete'] as $k => $id) { $id && $DreamCMS->db->query("DELETE FROM `#DC@__message` WHERE `id` ='{$id}'"); } _Header('admincp.php?do=message'); } else { alert("请选择要删除的留言!"); } break; } //$DreamCMS->_print("message","admin"); ?>
$table = $_POST['table'] ? save($_POST['table']) : ''; //查询是否已经存在此表 $tabledata = $DreamCMS->db->get_row("SELECT * FROM `#DC@__model` WHERE `table`='{$table}'", ARRAY_A); ($tabledata || $table == 'article' || $table == 'articledata') && alert('已经存在此表,请重新添加'); $name = save($_POST['name']); $description = $_POST['description'] ? save($_POST['description']) : ''; $DreamCMS->db->query("INSERT INTO `#DC@__model` (`name`,`description`,`table`) VALUES ('{$name}','{$description}','{$table}')"); $modelid = $DreamCMS->db->insert_id; if ($modelid) { //查询默认表字段 $morens = $DreamCMS->db->get_results("SELECT * FROM `#DC@__model_field` WHERE `modelid`=0 ORDER BY `disorder` ASC"); if ($morens && is_array($morens)) { foreach ($morens as $key => $val) { $field = $val['field']; $name = $val['name']; $tips = $val['tips']; $formtype = $val['formtype']; $setting = $val['setting']; $disorder = $val['disorder']; $state = $val['state']; $iszhu = $val['iszhu']; $isfuzhi = 1; $DreamCMS->db->query("INSERT INTO `#DC@__model_field` (`modelid`,`field`,`name`,`tips`,`formtype`,`setting`,`disorder`,`state`,`iszhu`,`isfuzhi`) VALUES ('{$modelid}','{$field}','{$name}','{$tips}','{$formtype}','{$setting}','{$disorder}','{$state}','{$iszhu}','{$isfuzhi}')"); } } } $DreamCMS->db->query("CREATE TABLE `#DC@__" . $table . "` (\n\t\t\t\t\t\t\t `rid` int(10) unsigned NOT NULL auto_increment,\n\t\t\t\t\t\t\t `aid` int(10) unsigned NOT NULL default '0',\n\t\t\t\t\t\t\t PRIMARY KEY (`rid`),\n\t\t\t\t\t\t\t KEY `aid` (`aid`)\n\t\t\t\t\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;"); _Header('admincp.php?do=modeltype'); } break; }
_Header(); break; case 'post': if ($action == 'edit') { if (isset($_POST['delete'])) { foreach ($_POST['delete'] as $k => $id) { $id && $iCMS->db->query("DELETE FROM `#iCMS@__contentype` WHERE `id` ='{$id}'"); } _Header(); } foreach ($_POST['name'] as $id => $value) { $iCMS->db->query("update `#iCMS@__contentype` set `name`='{$value}',`type`='" . $_POST['type'][$id] . "',`val`='" . $_POST['val'][$id] . "' where `id`='{$id}'"); } _Header(); } if ($action == 'add') { $name = dhtmlspecialchars($_POST['name']); $type = dhtmlspecialchars($_POST['type']); $val = intval($_POST['val']); $iCMS->db->query("INSERT INTO `#iCMS@__contentype` (`name`,`val`,`type`) VALUES ('{$name}','{$val}','{$type}')"); _Header(__SELF__ . '?do=contentype'); } break; default: $Admin->MP("menu_contentype"); $maxperpage = 20; $total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__contentype` order by id DESC"); $rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__contentype` order by id DESC "); $_count = count($rs); include iCMS_admincp_tpl('contentype'); }
_Header(); break; case 'open': $id = (int) $_GET['id']; $id && $DreamCMS->db->query("UPDATE `#DC@__keywords` SET `visible` = '1' WHERE `id` ='{$id}'"); _Header(); break; case 'post': if ($action == 'edit') { if (isset($_POST['delete'])) { foreach ($_POST['delete'] as $k => $id) { $id && $DreamCMS->db->query("DELETE FROM `#DC@__keywords` WHERE `id` ='{$id}'"); } keywords_cache(); _Header(); } foreach ($_POST['name'] as $id => $value) { $DreamCMS->db->query("update `#DC@__keywords` set `keyword`='{$value}',`replace`='" . $_POST['replace'][$id] . "' where `id`='{$id}'"); } keywords_cache(); _Header(); } if ($action == 'add') { $keyword = htmlspecialchars($_POST['keyword']); $replace = $_POST['replace']; $DreamCMS->db->query("insert into `#DC@__keywords`(`keyword`,`replace`,`addtime`,`visible`) values ('{$keyword}','{$replace}','" . time() . "','0')"); keywords_cache(); _Header('admincp.php?do=keywords'); } break; }
function doDelvlink() { $id = (int) $_GET['id']; $fid = (int) $_GET['fid']; $id && ($vlink = iCMS_DB::getValue("SELECT vlink FROM `#iCMS@__article` WHERE `id`='{$id}'")); $vlinkArray = explode(',', $vlink); $key = array_search($fid, $vlinkArray); unset($vlinkArray[$key]); $vlink = implode(',', $vlinkArray); iCMS_DB::query("UPDATE `#iCMS@__article` SET `vlink` = '{$vlink}' WHERE `id` ='{$id}'"); _Header(); }
* @copyright 2007-2009, iDreamSoft * @license http://www.idreamsoft.cn iDreamSoft * @author coolmoo <*****@*****.**> */ !defined('iPATH') && exit('What are you doing?'); switch ($operation) { case 'post': if ($action == 'edit') { $disable = explode("\r\n", dhtmlspecialchars($_POST['disable'])); $filter = explode("\r\n", dhtmlspecialchars($_POST['filter'])); if (is_array($filter)) { foreach ($filter as $k => $val) { $filterArray[$k] = explode("=", $val); } } $iCMS->cache(false, 'include/syscache', 0, true, false); $iCMS->addcache('word.disable', $disable, 0); $iCMS->addcache('word.filter', $filterArray, 0); _Header(__SELF__ . '?do=filter'); } break; default: $Admin->MP("menu_filter"); $cache = $iCMS->cache(array('word.filter', 'word.disable'), 'include/syscache', 0, true); if (is_array($cache['word.filter'])) { foreach ($cache['word.filter'] as $k => $val) { $filterArray[$k] = implode("=", $val); } } include iCMS_admincp_tpl('filter'); }
$aid = intval($_GET['aid']); $id && $DreamCMS->db->query("UPDATE `#DC@__comment` SET `isexamine` = '0' WHERE `id` ='{$id}'"); $aid && $DreamCMS->db->query("UPDATE `#DC@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'"); _Header('admincp.php?do=comment'); break; case 'del': $id = intval($_GET['id']); $aid = intval($_GET['aid']); $id && $DreamCMS->db->query("DELETE FROM `#DC@__comment` WHERE `id` ='{$id}'"); $aid && $DreamCMS->db->query("UPDATE `#DC@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'"); _Header('admincp.php?do=comment'); break; case 'post': if ($action == "del") { if (isset($_POST['id'])) { foreach ($_POST['id'] as $k => $id) { $aid = $_POST['aid'][$id]; $DreamCMS->db->query("DELETE FROM `#DC@__comment` WHERE `id` ='{$id}'"); $DreamCMS->db->query("UPDATE `#DC@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'"); } _Header('admincp.php?do=comment'); } else { alert("请选择要删除的评论!"); } } break; } //$DreamCMS->_print("comment","admin"); ?>
$iCMS->db->query("delete from `#iCMS@__links` where `id`='{$id}'"); } _Header(); } foreach ($_POST['name'] as $id => $value) { $iCMS->db->query("update `#iCMS@__links` set `name`='{$value}',`logo`='" . $_POST['logo'][$id] . "',`url`='" . $_POST['url'][$id] . "',`desc`='" . $_POST['description'][$id] . "',`orderid`='" . $_POST['displayorder'][$id] . "' where `id`='{$id}'"); } _Header(); } if ($action == 'add') { $name = dhtmlspecialchars($_POST['name']); $url = dhtmlspecialchars($_POST['url']); $desc = dhtmlspecialchars($_POST['description']); $logo = dhtmlspecialchars($_POST['logo']); $orderid = intval($_POST['displayorder']); empty($name) && alert('网站名称不能为空!'); empty($url) && alert('网站URL不能为空!'); strpos($url, 'http://') === false && ($url = 'http://' . $url); $iCMS->db->query("INSERT INTO `#iCMS@__links` (`name`,`logo`,`desc`,`url`,`orderid`) VALUES ('{$name}','{$logo}','{$desc}','{$url}','{$orderid}')"); _Header(__SELF__ . "?do=link"); } break; default: $Admin->MP(array("menu_index_link", "menu_link")); $maxperpage = 60; $total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__links` ORDER BY `logo`, `orderid` ASC"); page($total, $maxperpage, '个链接'); $rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__links` ORDER BY `logo`, `orderid` ASC LIMIT {$firstcount},{$maxperpage}"); $_count = count($rs); include iCMS_admincp_tpl('link'); }
keywords_cache(); _Header(); } foreach ($_POST['name'] as $id => $value) { $iCMS->db->query("update `#iCMS@__keywords` set `keyword`='{$value}',`replace`='" . $_POST['replace'][$id] . "' where `id`='{$id}'"); } keywords_cache(); _Header(); } if ($action == 'save') { $id = (int) $_POST['id']; $keyword = dhtmlspecialchars($_POST['keyword']); $replace = $_POST['replace']; if (empty($id)) { $iCMS->db->query("insert into `#iCMS@__keywords`(`keyword`,`replace`,`addtime`,`visible`) values ('{$keyword}','{$replace}','" . time() . "','0')"); } else { $iCMS->db->query("update `#iCMS@__keywords` set `keyword`='{$keyword}',`replace`='{$replace}' where id='{$id}'"); } keywords_cache(); _Header(__SELF__ . '?do=keywords'); } break; default: $Admin->MP("menu_keywords"); $maxperpage = 20; $total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__keywords` order by id DESC"); page($total, $maxperpage, "个关键字"); $rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__keywords` order by id DESC LIMIT {$firstcount},{$maxperpage}"); $_count = count($rs); include iCMS_admincp_tpl('keywords'); }
<?php require_once 'functions.php'; require_once "../includes/global.php"; _Header("BillAd"); $date = $_POST["date"]; $amt = $_POST["amt"]; $cid = $_POST["cid"]; $sql = "INSERT INTO bill_record(Date,Cust_ID,Amount) VALUES('{$date}','{$cid}',{$amt})"; if ($mysqli->query($sql) === TRUE) { //update cust table $sql = "Update customer_details set Pending_Amount = Pending_Amount + {$amt} where Cust_ID={$cid}"; $mysqli->query($sql); //update ledger table //check if first entry $sql = "select Date from ledger where Date='{$date}'"; echo $sql; $res = $mysqli->query($sql); if ($res->num_rows > 0) { echo "yess"; $sql = "update ledger set Bill_Amount = Bill_Amount + {$amt} where Date='{$date}'"; echo "<br>" . $sql; $mysqli->query($sql); echo "updated"; } else { echo "noo"; $sql = "insert into ledger values('{$date}',{$amt},0)"; echo $sql; if ($mysqli->query($sql) === TRUE) { echo "Inserted"; } else {
<?php require_once "includes/global.php"; require_once "Customers/functions.php"; _Header("Ledger"); $sql = "SELECT * From ledger;"; //echo $sql."<br>"; $result = $mysqli->query($sql); //echo "Query Called"; if ($result->num_rows > 0) { table_l(); while ($row = $result->fetch_assoc()) { l_details($row); } end_table(); } else { echo "No Transactions Yet<br>"; } _link("Index Page", "index.php");
$info = array(); if ($_POST['pwd'] || $_POST['pwd1'] || $_POST['pwd2']) { $pwd = md5(trim($_POST['pwd'])); $pwd1 = md5(trim($_POST['pwd1'])); $pwd2 = md5(trim($_POST['pwd2'])); if (!$_POST['pwd'] || !$_POST['pwd1'] || !$_POST['pwd2']) { alert("修改密码.原密码,新密码,确认密码不能为空"); } $pwd != $user['password'] && alert("原密码错误!"); $pwd1 != $pwd2 && alert("新密码与确认密码不一致!"); $iCMS->db->query("UPDATE `#iCMS@__members` SET `password` = '{$pwd2}' WHERE `uid` ='{$uid}' LIMIT 1"); } // $username=dhtmlspecialchars($_POST['name']); $_POST['email'] && !eregi("^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$", $_POST['email']) && alert("E-mail格式错误!!"); $email = stripslashes($_POST['email']); $gender = intval($_POST['gender']); $info['nickname'] = dhtmlspecialchars(stripslashes($_POST['nickname'])); cstrlen($info['nickname']) > 12 && alert("昵称长度大于12"); $info['icq'] = intval($_POST['icq']); $info['home'] = dhtmlspecialchars(stripslashes($_POST['home'])); $info['year'] = intval($_POST['year']); $info['month'] = intval($_POST['month']); $info['day'] = intval($_POST['day']); $info['from'] = dhtmlspecialchars(stripslashes($_POST['from'])); $info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature'])); $user['info'] = $info; $iCMS->db->query("UPDATE `#iCMS@__members` SET `info` = '" . addslashes(serialize($user['info'])) . "',`email`='{$email}',`gender`='{$gender}' WHERE `uid` ='{$uid}' LIMIT 1"); _Header(__SELF__ . '?do=setting&operation=profile'); } break; }
$quanxian['selectall'] = intval($_POST['selectall']); $quanxian['select'] = $_POST['select']; $quanxian['selectzilei'] = $_POST['selectzilei']; $quanxian['selectzileiall'] = $_POST['selectzileiall']; $quanxianids = serialize($quanxian); $up = $DreamCMS->db->query("update `#DC@__articletype` set `quanxianids`='{$quanxianids}' where `id`='{$id}'"); if ($up !== false) { alert('更新成功!', 'url:1'); } else { alert('更新失败!'); } } if ($action == 'add') { $name = htmlspecialchars($_POST['name']); $DreamCMS->db->query("INSERT INTO `#DC@__articletype` (`name`) VALUES ('{$name}')"); _Header('admincp.php?do=articletype'); } break; } function catalog($cid = 0, $level = 1, $quanxianids = '') { global $_catalog_array, $DreamCMS; if (isset($_catalog_array[$cid])) { foreach ($_catalog_array[$cid] as $root => $cata) { $selectzilei = ''; $selectzileiall = ''; $select = ''; if ($quanxianids && is_array($quanxianids)) { $quanxianids['selectzilei'] && in_array($cata['id'], $quanxianids['selectzilei']) && ($selectzilei = " checked='checked' "); $quanxianids['selectzileiall'] && in_array($cata['id'], $quanxianids['selectzileiall']) && ($selectzileiall = " checked='checked' "); $quanxianids['select'] && in_array($cata['id'], $quanxianids['select']) && ($select = " checked='checked' ");
* @package iCMS V3.1 * @copyright 2007-2009, iDreamSoft * @license http://www.idreamsoft.cn iDreamSoft * @author coolmoo <*****@*****.**> */ !defined('iPATH') && exit('What are you doing?'); switch ($operation) { case 'del': $id = intval($_GET['id']); $id && $iCMS->db->query("DELETE FROM `#iCMS@__message` WHERE `id` ='{$id}'"); _Header(__SELF__ . '?do=message'); break; case 'post': if (isset($_POST['delete'])) { foreach ($_POST['delete'] as $k => $id) { $id && $iCMS->db->query("DELETE FROM `#iCMS@__message` WHERE `id` ='{$id}'"); } _Header(__SELF__ . '?do=message'); } else { alert("请选择要删除的留言!"); } break; default: $Admin->MP("menu_message"); $maxperpage = 20; $total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__message` order by id DESC"); page($total, $maxperpage, "条留言"); $rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__message` order by id DESC LIMIT {$firstcount},{$maxperpage}"); $_count = count($rs); include iCMS_admincp_tpl('message'); }
//zhaoyanmin start 添加顶级栏目id catalog_cache(); redirect("栏目添加完成!", 'admincp.php?do=catalog'); } else { //$DreamCMS->db->get_var("SELECT `dir` FROM `#DC@__catalog` where `dir` ='$dir' AND `id` !='$cid'") && alert('该栏目别名/目录已经存在!请另选一个'); $DreamCMS->db->query("UPDATE `#DC@__catalog` SET `rootid` = '{$rootid}',`order` = '{$order}',`name` = '{$name}',`password`='{$password}',`keywords` = '{$keywords}',`description` = '{$description}',`dir` = '{$dir}',`url` = '{$url}',`icon`='{$icon}',`tpl_index` = '{$tpl_index}',`tpl_list` = '{$tpl_list}',`tpl_contents` = '{$tpl_contents}',`attrib` = '{$attrib}',`isexamine`='{$isexamine}',`ishidden`='{$ishidden}',`issend`='{$issend}',`topid`='{$topid}',`level`='{$level}',`content`='{$content}',`modelid`='{$modelid}',`caturlset`='{$caturlset}',`arturlset`='{$arturlset}' WHERE `id` ='{$cid}' "); catalog_cache(); redirect("栏目编辑完成!", 'admincp.php?do=catalog'); } } if ($action == 'edit') { foreach ($_POST['order'] as $cid => $order) { $DreamCMS->db->query("UPDATE `#DC@__catalog` SET `name` = '" . $_POST['name'][$cid] . "',`order` = '" . intval($order) . "' WHERE `id` ='" . intval($cid) . "' LIMIT 1"); } catalog_cache(); _Header("admincp.php?do=catalog"); } break; case 'del': $id = (int) $_GET['id']; if ($id) { catalogvars($id); if (empty($_catalog_array)) { $DreamCMS->db->query("DELETE FROM `#DC@__catalog` WHERE `id` = '{$id}'"); $art = $DreamCMS->db->get_results("SELECT id FROM `#DC@__article` WHERE `cid` = '{$id}'"); if ($art) { foreach ($art as $a) { delArticle($a['id']); } } catalog_cache();
} foreach ($_POST['search'] as $id => $value) { $value = str_replace(array('%', '_'), array('\\%', '\\_'), $value); $iCMS->db->query("update `#iCMS@__search` set `search`='{$value}',`times`='" . $_POST['times'][$id] . "' where `id`='{$id}'"); } search_cache(); _Header(); } if ($action == 'save') { $id = (int) $_POST['id']; $search = dhtmlspecialchars($_POST['search']); $search = str_replace(array('%', '_'), array('\\%', '\\_'), $search); $times = (int) $_POST['times']; if (empty($id)) { $iCMS->db->query("insert into `#iCMS@__search`(`search`,`times`,`addtime`) values ('{$search}','{$times}','" . time() . "')"); } else { $iCMS->db->query("update `#iCMS@__search` set `search`='{$search}',`times`='{$times}' where id='{$id}'"); } search_cache(); _Header(__SELF__ . '?do=search'); } break; default: $Admin->MP("menu_search"); $maxperpage = 20; $total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__search` order by id DESC"); page($total, $maxperpage, "个关键字"); $rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__search` order by id DESC LIMIT {$firstcount},{$maxperpage}"); $_count = count($rs); include iCMS_admincp_tpl('search'); }
function UA($act, $cid) { global $DreamCMS, $cookietime; $ajax = intval($_GET['ajax']); $ct = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false; if ($ct) { set_cookie($cid . '_' . $act, time(), $cookietime); if ($cid && $DreamCMS->db->query("UPDATE `#DC@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) { if ($ajax) { echo "{state:'1'}"; } else { _Header($DreamCMS->dir . "comment.php?aid=" . $id); } } } else { if ($ajax) { echo "{state:'0',text:'" . $DreamCMS->language('digged') . "' }"; } else { alert($DreamCMS->language('digged')); } } }
case 'del': $id = intval($_GET['id']); $aid = intval($_GET['aid']); $id && $iCMS->db->query("DELETE FROM `#iCMS@__comment` WHERE `id` ='{$id}'"); $aid && $iCMS->db->query("UPDATE `#iCMS@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'"); _Header(__SELF__ . '?do=comment'); break; case 'post': if ($action == "del") { if (isset($_POST['id'])) { foreach ($_POST['id'] as $k => $id) { $aid = $_POST['aid'][$id]; $iCMS->db->query("DELETE FROM `#iCMS@__comment` WHERE `id` ='{$id}'"); $iCMS->db->query("UPDATE `#iCMS@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'"); } _Header(__SELF__ . '?do=comment'); } else { alert("请选择要删除的评论!"); } } break; default: $Admin->MP(array("menu_index_comment", "menu_comment")); include_once iPATH . 'include/ubb.fun.php'; $maxperpage = 20; $total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__comment` order by id DESC"); page($total, $maxperpage, "条评论"); $rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__comment` order by id DESC LIMIT {$firstcount},{$maxperpage}"); $_count = count($rs); include iCMS_admincp_tpl('comment'); }
} else { $DreamCMS->db->query("INSERT INTO `#DC@__advertise`(`varname` , `title` ,`style`, `starttime` , `endtime` , `code` , `status` ) VALUES ('{$varname}','{$title}','{$style}','{$starttime}', '{$endtime}', '{$code}', '{$state}')"); $id = $DreamCMS->db->insert_id; } $jsfile = "YWR2ZXJ0aXNl/{$style}-id-{$id}.js"; $html = getadvhtml($style, stripslashes($code)); $html = "/*\n{$varname}\n标签:<!--{DreamCMS:advertise name=\"{$varname}\"}-->\n*/\n" . documentwriteln($html); writefile(DCPATH . $jsfile, $html); _Header("admincp.php?do=advertise"); } break; case 'status': $id = intval($_GET['id']); $act = intval($_GET['act']); $DreamCMS->db->query("UPDATE `#DC@__advertise` SET `status` = '{$act}' WHERE `id` ='{$id}'"); _Header("admincp.php?do=advertise"); break; } function getadvhtml($style, $code) { $code = unserialize($code); switch ($style) { case "code": $html = stripslashes($code["code"]['html']); break; case "image": $code['image']['width'] && ($width = " width=\"{$code['image']['width']}\""); $code['image']['height'] && ($height = " height=\"{$code['image']['height']}\""); $html = "<a href=\"{$code['image']['link']}\" target=\"_blank\" title=\"{$code['image']['alt']}\"><img src=\"{$code['image']['url']}\" alt=\"{$code['image']['alt']}\"{$width}{$height} alt=\"{$code['image']['alt']}\" border=\"0\"></a>"; break; case "flash":
<?php /** * @package iCMS V3.1 * @copyright 2007-2009, iDreamSoft * @license http://www.idreamsoft.cn iDreamSoft * @author coolmoo <*****@*****.**> */ !defined('iPATH') && exit('What are you doing?'); switch ($operation) { case 'post': if ($action == 'edit') { $sources = explode("\r\n", dhtmlspecialchars($_POST['source'])); $authors = explode("\r\n", dhtmlspecialchars($_POST['author'])); $editors = explode("\r\n", dhtmlspecialchars($_POST['author'])); writefile(iPATH . 'include/default.value.php', "<?php\n\$sources=" . da_var_export($sources) . ";\n\$authors=" . da_var_export($authors) . ";\n\$editors=" . da_var_export($editors) . ";\n?>"); _Header(__SELF__ . '?do=default'); } break; default: $Admin->MP("menu_article_default"); include_once iPATH . 'include/default.value.php'; include iCMS_admincp_tpl('default'); }
$Admin->CP($cid, 'Permission_Denied', __SELF__ . '?do=catalog'); $rootid != $catalog->catalog[$cid]['rootid'] && $Admin->CP($rootid, 'Permission_Denied', __SELF__ . '?do=catalog'); $iCMS->db->getValue("SELECT `dir` FROM `#iCMS@__catalog` where `dir` ='{$dir}' AND `id` !='{$cid}'") && alert('该栏目别名/目录已经存在!请另选一个'); $iCMS->db->query("UPDATE `#iCMS@__catalog` SET `rootid` = '{$rootid}',`mid` = '{$mid}',`order` = '{$order}',`name` = '{$name}',`password`='{$password}',`keywords` = '{$keywords}',`description` = '{$description}',`dir` = '{$dir}',`url` = '{$url}',`domain` = '{$domain}',`icon`='{$icon}',`tpl_index` = '{$tpl_index}',`tpl_list` = '{$tpl_list}',`tpl_contents` = '{$tpl_contents}',`attr` = '{$attr}',`isexamine`='{$isexamine}',`ishidden`='{$ishidden}',`issend`='{$issend}' WHERE `id` ='{$cid}' "); $catalog = new catalog(); $catalog->cache(); redirect("栏目编辑完成!", __SELF__ . '?do=catalog'); } } if ($action == 'edit') { foreach ($_POST['order'] as $cid => $order) { $Admin->CP($cid) && $iCMS->db->query("UPDATE `#iCMS@__catalog` SET `name` = '" . $_POST['name'][$cid] . "',`order` = '" . intval($order) . "' WHERE `id` ='" . intval($cid) . "' LIMIT 1"); } $catalog = new catalog(); $catalog->cache(); _Header(__SELF__ . "?do=catalog"); } break; case 'del': $id = (int) $_GET['id']; $Admin->CP($id, 'Permission_Denied', __SELF__ . '?do=catalog'); $catalog = new catalog(); if ($id) { if (empty($catalog->array[$id])) { $iCMS->db->query("DELETE FROM `#iCMS@__catalog` WHERE `id` = '{$id}'"); $art = $iCMS->db->getArray("SELECT id FROM `#iCMS@__article` WHERE `cid` = '{$id}'"); if ($art) { foreach ($art as $a) { delArticle($a['id']); } }
empty($_POST['id']) && alert("请选择要显示的文章"); if (is_array($_POST['id'])) { foreach ($_POST['id'] as $id) { $DreamCMS->db->query("UPDATE `#DC@__article` SET `visible` = '1' WHERE `id` ='{$id}'"); } } _Header($_SERVER['HTTP_REFERER']); } if ($action == 'cancel') { empty($_POST['id']) && alert("请选择要隐藏的文章"); if (is_array($_POST['id'])) { foreach ($_POST['id'] as $id) { $DreamCMS->db->query("UPDATE `#DC@__article` SET `visible` = '0' WHERE `id` ='{$id}'"); } } _Header($_SERVER['HTTP_REFERER']); } if ($action == 'updateHTML') { empty($_POST['id']) && alert("请选择要更新的文章"); require_once DCPATH . "include/template.fun.php"; $i = 0; if (is_array($_POST['id'])) { foreach ($_POST['id'] as $aid) { MakeArticleHtm($aid) && $i++; } } alert($i . '个文件更新完成!', "url:1"); } if ($action == 'articletype') { empty($_POST['id']) && alert("请选择要更改的文章"); $type = empty($_POST['type']) ? "0" : implode(',', $_POST['type']);
if ($_POST['name']) { foreach ($_POST['name'] as $id => $value) { $iCMS->db->query("update `#iCMS@__tags` set `name`='{$value}',`sortid`='" . $_POST['sortid'][$id] . "',`updatetime`='" . time() . "' where `id`='{$id}'"); } } tags_cache(); } _Header(); break; case 'delsort': $id = (int) $_GET['id']; $tSort = $iCMS->cache('tag.sort', 'include/syscache', 0, true); unset($tSort[$id]); $iCMS->cache(false, 'include/syscache', 0, true, false); $iCMS->addcache('tag.sort', $tSort, 0); _Header(); break; case 'sort': $rs = $iCMS->cache('tag.sort', 'include/syscache', 0, true); $_count = count($rs); include iCMS_admincp_tpl("tag.sort"); break; case 'manage': $Admin->MP("menu_tag_manage"); $maxperpage = 20; $total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__tags` order by id DESC"); page($total, $maxperpage, "个TAG"); $rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__tags` order by id DESC LIMIT {$firstcount},{$maxperpage}"); $_count = count($rs); $tSort = $iCMS->cache('tag.sort', 'include/syscache', 0, true); include iCMS_admincp_tpl("tag.manage");
alert('删除成功', 'url:1'); } else { alert('删除失败'); } exit; break; case 'post': if ($action == 'edit') { foreach ($_POST['picdes'] as $picid => $value) { $thispicorder = intval($_POST['picorder'][$picid]); $picid && $DreamCMS->db->query("update `#DC@__otherpics` set `picdes`='{$value}',`picorder`='{$thispicorder}' where `picid`='{$picid}'"); } _Header(); } if ($action == 'add') { $picid = intval($picid); $picdes = $_POST['picdes'] ? save($_POST['picdes']) : ''; $picorder = intval($_POST['picorder']); $pictype = $_POST['pictype'] ? save($_POST['pictype']) : 'download'; $artpicurl = $_POST['artpicurl'] ? save($_POST['artpicurl']) : ''; $_picurl = uploadfile("picurl", $picdes); $picurl = empty($_picurl) ? $artpicurl : $_picurl['FilePath']; if ($picid) { $DreamCMS->db->query("UPDATE `#DC@__otherpics` SET `picdes`='{$picdes}',`picorder`='{$picorder}',`pictype`='{$pictype}',`picurl`='{$picurl}' WHERE `picid`='{$picid}' LIMIT 1"); } else { $DreamCMS->db->query("INSERT INTO `#DC@__otherpics` (`picdes`,`picorder`,`pictype`,`picurl`) VALUES ('{$picdes}','{$picorder}','{$pictype}','{$picurl}')"); } _Header("admincp.php?do=otherpics&pictype=" . $pictype); } break; }
$pwd = md5(trim($_POST['pwd'])); $pwd1 = md5(trim($_POST['pwd1'])); $pwd2 = md5(trim($_POST['pwd2'])); if (!$_POST['pwd'] || !$_POST['pwd1'] || !$_POST['pwd2']) { alert("修改密码.原密码,新密码,确认密码不能为空"); } $pwd != $user['password'] && alert("原密码错误!"); $pwd1 != $pwd2 && alert("新密码与确认密码不一致!"); $DreamCMS->db->query("UPDATE `#DC@__members` SET `password` = '{$pwd2}' WHERE `uid` ='{$uid}' LIMIT 1"); } // $username=htmlspecialchars($_POST['name']); //$_POST['email']&&!eregi("^([_\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\.([a-z]{2,6})$",$_POST['email'])&&alert("E-mail格式错误!!"); $_POST['email'] && !preg_match("/^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$/i", $_POST['email']) && alert("E-mail格式错误!!"); //zhaoyanmin php5.3以上版本 eregi在php5.3以上版本改成preg_match $email = stripslashes($_POST['email']); $gender = intval($_POST['gender']); $info['nickname'] = htmlspecialchars(stripslashes($_POST['nickname'])); cstrlen($info['nickname']) > 12 && alert("昵称长度大于12"); $info['icq'] = intval($_POST['icq']); $info['home'] = htmlspecialchars(stripslashes($_POST['home'])); $info['year'] = intval($_POST['year']); $info['month'] = intval($_POST['month']); $info['day'] = intval($_POST['day']); $info['from'] = htmlspecialchars(stripslashes($_POST['from'])); $info['introduce'] = htmlspecialchars(stripslashes($_POST['introduce'])); $user['info'] = $info; $DreamCMS->db->query("UPDATE `#DC@__members` SET `info` = '" . addslashes(serialize($user['info'])) . "',`email`='{$email}',`gender`='{$gender}' WHERE `uid` ='{$uid}' LIMIT 1"); _Header('admincp.php?do=user&operation=edit&userid=' . $uid); } break; }
function jumptohtml($fp, $url = '') { $this->config['ishtm'] && $this->mode != 'CreateHtml' && file_exists($fp) && _Header(path($url)); }
function jumptohtml($filepath) { $this->config['ishtm'] && $this->mode != 'CreateHtml' && file_exists(DCPATH . $filepath . $this->config['htmlext']) && _Header($filepath . $this->config['htmlext']); }
} _Header(); } foreach ($_POST['name'] as $id => $value) { $DreamCMS->db->query("update `#DC@__links` set `name`='{$value}',`url`='" . $_POST['url'][$id] . "',`desc`='" . $_POST['description'][$id] . "',`orderid`='" . $_POST['displayorder'][$id] . "' where `id`='{$id}'"); } _Header(); } if ($action == 'add') { $id = intval($id); $name = $_POST['name'] ? save($_POST['name']) : ''; $url = $_POST['url'] ? save($_POST['url']) : ''; $desc = $_POST['description'] ? save($_POST['description']) : ''; //$logo = $_POST['logo']; $orderid = intval($_POST['displayorder']); empty($name) && alert('网站名称不能为空!'); empty($url) && alert('网站URL不能为空!'); strpos($url, 'http://') === false && ($url = 'http://' . $url); $artlogo = $_POST['artlogo'] ? save($_POST['artlogo']) : ''; $_logo = uploadfile("logo", $name); $logo = empty($_logo) ? $artlogo : $_logo['FilePath']; //$DreamCMS->db->query("INSERT INTO `#DC@__links` (`name`,`logo`,`desc`,`url`,`orderid`) VALUES ('$name','$logo','$desc','$url','$orderid')"); if ($id) { $DreamCMS->db->query("UPDATE `#DC@__links` SET `name`='{$name}',`logo`='{$logo}',`desc`='{$desc}',`url`='{$url}',`orderid`='{$orderid}' WHERE `id`='{$id}' LIMIT 1"); } else { $DreamCMS->db->query("INSERT INTO `#DC@__links` (`name`,`logo`,`desc`,`url`,`orderid`) VALUES ('{$name}','{$logo}','{$desc}','{$url}','{$orderid}')"); } _Header("admincp.php?do=link"); } break; }