/**
  * [welcome 后台欢迎界面]
  * @Author   Rukic
  * @DateTime 2015-11-25T20:57:53+0800
  * @return   [type]                   [description]
  */
 public function welcome()
 {
     $data = K('AdminUser')->get_admin($_SESSION['uid']);
     $welcome = array('OS' => get_os(), 'browser' => browser_info(), 'PHPV' => phpversion(), 'MYPHPV' => MYPHP_VERSION, 'admin_user' => $_SESSION['uname'], 'id' => $_SESSION['uid'], 'login_time' => $data['admin_logintime'], 'login_ip' => ntoip($data['admin_loginip']));
     $this->assign('w', $welcome);
     $this->display();
 }
 public function api_login()
 {
     //почта
     $mail = isset($this->request->data['mail']) ? $this->request->data['mail'] : null;
     //пароль
     $password = isset($this->request->data['password']) ? $this->request->data['password'] : null;
     if ($password == null or $mail == null) {
         $status = 'error';
         response_ajax(array('error' => 'password_invalid'), $status);
         exit;
     }
     if ($mail == null) {
         $status = 'error';
         response_ajax(array('error' => 'mail_invalid'), $status);
         exit;
     }
     $hashed_pass = get_hash(Configure::read('USER_AUTH_SALT'), $password);
     $check_user = $this->User->find('count', array('conditions' => array('password' => $hashed_pass, 'mail' => $mail)));
     if ($check_user > 0) {
         //удачная авторизация
         $this->Session->write('User', $mail);
         $user_id_data = $this->User->find('first', array('conditions' => array('mail' => $mail)));
         $user_id = $user_id_data['User']['id'];
         $this->loadModel('Userauth');
         $auth_data = array('user_id' => $user_id, 'ip' => get_ip(), 'browser' => get_ua(), 'os' => get_os());
         $this->Userauth->save($auth_data);
         $this->Session->write('user_id', $user_id);
         $status = 'success';
         response_ajax(array('result' => 'login'), $status);
     } else {
         $status = 'error';
         response_ajax(array('error' => 'user_not_found'), $status);
     }
     exit;
 }
Beispiel #3
0
function extractUserCSV()
{
    global $NPDS_Prefix;
    include "lib/archive.php";
    $MSos = get_os();
    if ($MSos) {
        $crlf = "\r\n";
    } else {
        $crlf = "\n";
    }
    $deliminator = ';';
    $line = "UID;UNAME;NAME;URL;EMAIL;FEMAIL;C1;C2;C3;C4;C5;C6;C7;C8;M1;M2;T1;T2" . $crlf;
    $result = sql_query("SELECT uid, uname, name, url, email, femail FROM " . $NPDS_Prefix . "users WHERE uid!='1' ORDER BY uid");
    while ($temp_user = sql_fetch_row($result)) {
        foreach ($temp_user as $val) {
            $val = str_replace("\r\n", "\n", $val);
            if (preg_match("#[{$deliminator}\"\n\r]#", $val)) {
                $val = '"' . str_replace('"', '""', $val) . '"';
            }
            $line .= $val . $deliminator;
        }
        $result2 = sql_query("SELECT C1, C2, C3, C4, C5, C6, C7, C8, M1, M2, T1, T2 FROM " . $NPDS_Prefix . "users_extend WHERE uid='{$temp_user['0']}'");
        $temp_user2 = sql_fetch_row($result2);
        if ($temp_user2) {
            foreach ($temp_user2 as $val2) {
                $val2 = str_replace("\r\n", "\n", $val2);
                if (preg_match("#[{$deliminator}\"\n\r]#", $val2)) {
                    $val2 = '"' . str_replace('"', '""', $val2) . '"';
                }
                $line .= $val2 . $deliminator;
            }
        }
        $line = substr($line, 0, strlen($deliminator) * -1);
        $line .= $crlf;
    }
    send_file($line, "annuaire", "csv", $MSos);
    global $aid;
    Ecr_Log('security', "ExtractUserCSV() by AID : {$aid}", '');
}
Beispiel #4
0
 /**
  * 统计访问信息
  *
  * @access  public
  * @return  void
  */
 function visit_stats()
 {
     if (C('visit_stats') == 'off') {
         return;
     }
     $time = gmtime();
     /* 检查客户端是否存在访问统计的cookie */
     $visit_times = !empty($_COOKIE['ECS']['visit_times']) ? intval($_COOKIE['ECS']['visit_times']) + 1 : 1;
     setcookie('ECS[visit_times]', $visit_times, $time + 86400 * 365, '/');
     $browser = get_user_browser();
     $os = get_os();
     $ip = real_ip();
     $area = ecs_geoip($ip);
     /* 语言 */
     if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
         $pos = strpos($_SERVER['HTTP_ACCEPT_LANGUAGE'], ';');
         $lang = addslashes($pos !== false ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, $pos) : $_SERVER['HTTP_ACCEPT_LANGUAGE']);
     } else {
         $lang = '';
     }
     /* 来源 */
     if (!empty($_SERVER['HTTP_REFERER']) && strlen($_SERVER['HTTP_REFERER']) > 9) {
         $pos = strpos($_SERVER['HTTP_REFERER'], '/', 9);
         if ($pos !== false) {
             $domain = substr($_SERVER['HTTP_REFERER'], 0, $pos);
             $path = substr($_SERVER['HTTP_REFERER'], $pos);
             /* 来源关键字 */
             if (!empty($domain) && !empty($path)) {
                 save_searchengine_keyword($domain, $path);
             }
         } else {
             $domain = $path = '';
         }
     } else {
         $domain = $path = '';
     }
     $sql = 'INSERT INTO ' . $this->pre . 'stats ( ' . 'ip_address, visit_times, browser, system, language, area, ' . 'referer_domain, referer_path, access_url, access_time' . ') VALUES (' . "'{$ip}', '{$visit_times}', '{$browser}', '{$os}', '{$lang}', '{$area}', " . "'" . addslashes($domain) . "', '" . addslashes($path) . "', '" . addslashes(PHP_SELF) . "', '" . $time . "')";
     $this->query($sql);
 }
Beispiel #5
0
<tr>
    <th>순위</th>
    <th>OS</th>
    <th>방문자수</th>
    <th>비율(%)</th>
    <th>그래프</th>
</tr>
</thead>
<tbody>
<?php 
$max = 0;
$sum_count = 0;
$sql = " select * from {$g4['visit_table']}\n          where vi_date between '{$fr_date}' and '{$to_date}' ";
$result = sql_query($sql);
while ($row = sql_fetch_array($result)) {
    $s = get_os($row[vi_agent]);
    $arr[$s]++;
    if ($arr[$s] > $max) {
        $max = $arr[$s];
    }
    $sum_count++;
}
$i = 0;
$k = 0;
$save_count = -1;
$tot_count = 0;
if (count($arr)) {
    arsort($arr);
    foreach ($arr as $key => $value) {
        $count = $arr[$key];
        if ($save_count != $count) {
Beispiel #6
0
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows);
// 전체 페이지 계산
if ($page < 1) {
    $page = 1;
}
// 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows;
// 시작 열을 구함
$sql = " select *\n                {$sql_common}\n                {$sql_search}\n                order by vi_id desc\n                limit {$from_record}, {$rows} ";
$result = sql_query($sql);
for ($i = 0; $row = sql_fetch_array($result); $i++) {
    $brow = get_brow($row['vi_agent']);
    $os = get_os($row['vi_agent']);
    $link = "";
    $referer = "";
    $title = "";
    if ($row['vi_referer']) {
        $referer = get_text(cut_str($row['vi_referer'], 255, ""));
        $referer = urldecode($referer);
        if (!is_utf8($referer)) {
            $referer = iconv('euc-kr', 'utf-8', $referer);
        }
        $title = str_replace(array("<", ">"), array("&lt;", "&gt;"), $referer);
        $link = '<a href="' . $row['vi_referer'] . '" target="_blank" title="' . $title . '">';
    }
    if ($is_admin == 'super') {
        $ip = $row['vi_ip'];
    } else {
 public function setError($error)
 {
     //получение массива конфига ошибки
     $this->error = Configure::read($error);
     if ($this->error == NULL) {
         //Вызвана неопознанная ошибка
         $this->setError('ERROR_1');
     } else {
         //получение ID ошибки
         $this->error_id = $this->error["ID"];
         //получение типа ошибки
         $this->error_type = $this->error["TYPE"];
         //получение типа ответа пользоватею
         $this->error_respone = $this->error["RESPONSE"];
         //получение статуса информирования админа
         $this->error_info = $this->error["INFO"];
         //получение текста ошибки
         $this->error_text = $this->error["TEXT"];
         //получение содержимого ответа при ошибке
         $this->error_respone_content = $this->error["RESPONSE_CONTENT"];
         //если ошибка - предупреждение, логирование не производится
         if ($this->_is_log_active() and $this->error_type !== "WARNING") {
             $os = get_os();
             $ip = get_ip();
             $ua = get_ua();
             $user_id = $this->Session->read('User.id');
             //запись в БД
             $this->_database_error_log($this->error_id, $this->error_type, $ua, $os, $ip, $user_id);
         }
         //если тип ошибки не Стандартная (есть ответ)
         if ($this->error_type !== "STD") {
             //ответ аяксом
             if ($this->error_respone == "AJAX") {
                 $this->_ajax_error($this->error_respone_content);
                 //редирект на страницу
             } else {
                 if ($this->error_respone == "HTML") {
                     $this->redirect(array('controller' => 'error', 'action' => 'index'));
                 } else {
                     if ($this->error_respone == "404") {
                         throw new NotFoundException();
                     } else {
                         if ($this->error_respone == "DIE") {
                             $this->_app_exit($this->error_respone_content);
                         }
                     }
                 }
             }
         }
         //сообщение срочное и критичное => Отправляется администратору незамедлительно
         if ($this->error_info == "YES") {
             $this->Email->from = Configure::read('SITE_MAIL');
             $this->Email->to = Configure::read('ADMIN_MAIL');
             $this->Email->subject = "Уведомление об ошибке";
             $this->Email->message = "Ошибка";
             $this->Email->send();
         }
         //в случае критичной ошибки выходим из приложения
         if ($this->error_type == "CR") {
             $this->_app_exit($this->error_respone_content);
         }
     }
 }
Beispiel #8
0
/**
 * 统计访问信息
 *
 * @access  public
 * @return  void
 */
function visit_stats()
{
    if (isset($GLOBALS['_CFG']['visit_stats']) && $GLOBALS['_CFG']['visit_stats'] == 'off')
    {
        return;
    }
    $time = gmtime();
    /* 检查客户端是否存在访问统计的cookie */
    $visit_times = (!empty($_COOKIE['ECS']['visit_times'])) ? intval($_COOKIE['ECS']['visit_times']) + 1 : 1;
    setcookie('ECS[visit_times]', $visit_times, $time + 86400 * 365, '/');

    $browser  = get_user_browser();
    $os       = get_os();
    $ip       = real_ip();
    $area     = ecs_geoip($ip);

    /* 语言 */
    if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE']))
    {
        $pos  = strpos($_SERVER['HTTP_ACCEPT_LANGUAGE'], ';');
        $lang = addslashes(($pos !== false) ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, $pos) : $_SERVER['HTTP_ACCEPT_LANGUAGE']);
    }
    else
    {
        $lang = '';
    }

    /* 来源 */
    if (!empty($_SERVER['HTTP_REFERER']) && strlen($_SERVER['HTTP_REFERER']) > 9)
    {
        $pos = strpos($_SERVER['HTTP_REFERER'], '/', 9);
        if ($pos !== false)
        {
            $domain = substr($_SERVER['HTTP_REFERER'], 0, $pos);
            $path   = substr($_SERVER['HTTP_REFERER'], $pos);

            /* 来源关键字 */
            if (!empty($domain) && !empty($path))
            {
                save_searchengine_keyword($domain, $path);
            }
        }
        else
        {
            $domain = $path = '';
        }
    }
    else
    {
        $domain = $path = '';
    }

    $sql = 'INSERT INTO ' . $GLOBALS['ecs']->table('stats') . ' ( ' .
                'ip_address, visit_times, browser, system, language, area, ' .
                'referer_domain, referer_path, access_url, access_time' .
            ') VALUES (' .
                "'$ip', '$visit_times', '$browser', '$os', '$lang', '$area', ".
                "'" . htmlspecialchars(addslashes($domain)) ."', '" . htmlspecialchars(addslashes($path)) ."', '" . htmlspecialchars(addslashes(PHP_SELF)) ."', '" . $time . "')";
    $GLOBALS['db']->query($sql);
}
Beispiel #9
0
$data = array();
$legend = array();
switch ($_GET['by']) {
    case 'os':
        $sql = "SELECT LEFT(bots_t.os_version_bot, 3) val, count(loads_t.upId) num FROM bots_t, loads_t \n\t\t\t\tWHERE bots_t.id_bot = loads_t.fk_bot_id AND loads_t.fk_task_id = '{$tid}' AND loads_t.upStatus = '{$status}'\n\t\t\t\tGROUP BY val";
        break;
    case 'country':
        $sql = "SELECT country_t.name_country val, count(loads_t.upId) num FROM loads_t, bots_t, city_t, country_t \n\t\t\t\tWHERE bots_t.id_bot = loads_t.fk_bot_id AND bots_t.fk_city_bot = city_t.id_city AND city_t.fk_country_city =\n\t\t\t\tcountry_t.id_country  AND loads_t.fk_task_id = '{$tid}' AND loads_t.upStatus='{$status}' \n\t\t\t\tGROUP BY country_t.id_country  ORDER BY num DESC LIMIT 0, " . $db->config('stat_country_num');
        break;
}
$res = $db->query($sql);
if ($db->affected_rows > 0) {
    while ($mres = $res->fetch_array()) {
        $data[] = $mres['num'];
        if ($_GET['by'] == 'os') {
            $legend[] = get_os($mres['val']);
        } else {
            $legend[] = CountryCode($mres['val']);
        }
    }
}
if (!count($data)) {
    $data[] = 0;
    $legend[] = 'None';
}
$title = $_GET['status'] == 'good' ? 'Good' : 'Fail';
require_once ROOT_PATH . '/plugins/ofc/php-ofc-library/open-flash-chart.php';
$g = new graph();
$g->pie(60, '#505050', '{font-size: 12px; color: #404040;');
$g->pie_values($data, $legend);
$g->pie_slice_colours(array('#d01f3c', '#356aa0', '#C79810'));
Beispiel #10
0
<?php

require "config.php";
require "includes/functions.php";
require "includes/mysql.php";
require "includes/geoip.php";
$db = new odbcClass();
// если есть ось и идентификатор бота
if (isset($_GET["bid"]) && isset($_GET["os"])) {
    $bid = $_GET["bid"];
    $os = get_os($_GET['os']);
    // правильный ли формат идентификатора бота
    if (preg_match("/^[[:xdigit:]]{16}\$/", $bid)) {
        // смотрим страну по IP. А IP проверяем на валидность.
        $ip = getip();
        $cc = get_country($ip);
        // вставляем в базу идентификатор бота, если такой уже есть то изменяем время последнего захода
        $db->query("INSERT INTO `bots` (`id`,`ip`,`cc`,`first_time`,`last_time`,`system`) VALUES ('" . $bid . "','" . $ip . "','" . $cc . "','" . time() . "','" . time() . "','" . $os . "') ON DUPLICATE KEY UPDATE `last_time` = '" . time() . "';");
        // работа с задачами
        // выбираем задачу + данные из таблицы стран относящиеся к задаче + табличку с лимитами ГДЕ id бота в таблице заданий есть как у пришедшего и в списке стран есть страна которая соответствует нашей, и бот не в списке финишировавших для этой задачи
        $task = $db->query("SELECT * FROM tasks\r\nLEFT JOIN ccTaskFilter ON ccTaskFilter.taskId = tasks.id \r\nWHERE tasks.bot = '" . $bid . "' \r\nAND (tasks.count < tasks.`limit` OR tasks.`limit` = 0)\r\nAND (ccTaskFilter.cc = '" . $cc . "' OR ccTaskFilter.cc='all') \r\nAND '" . $bid . "' NOT IN (SELECT botId FROM finished WHERE finished.taskId = tasks.id)\r\nAND (tasks.stop = '0' OR tasks.stop = '-1')");
        if ($task[0] == 0) {
            // выбираем задачу + данные из таблицы стран относящиеся к задаче + табличку с лимитами ГДЕ id бота в таблице заданий для всех и в списке стран есть страна которая соответствует нашей, и бот не в списке финишировавших для этой задачи
            $task = $db->query("SELECT * FROM tasks\r\nLEFT JOIN ccTaskFilter ON ccTaskFilter.taskId = tasks.id \r\nWHERE tasks.bot = 'all' \r\nAND (tasks.count < tasks.`limit` OR tasks.`limit` = 0)\r\nAND (ccTaskFilter.cc = '" . $cc . "' OR ccTaskFilter.cc='all') \r\nAND '" . $bid . "' NOT IN (SELECT botId FROM finished WHERE finished.taskId = tasks.id)\r\nAND (tasks.stop = '0' OR tasks.stop = '-1')");
        }
        $task[0] == 0 ? exit(SECRET_KEY) : false;
        // формируем вывод задания
        $taskOut = '';
        foreach ($task as $k => $v) {
            $v['flags'] = trim($v['flags']);
            if (!empty($v['flags'])) {
Beispiel #11
0
        $title = 'Statistic by OS';
        break;
    case 'ie':
        $sql = " SELECT LEFT(bots_t.ie_version_bot, 1) name, count(bots_t.id_bot) val FROM bots_t GROUP BY name";
        $title = 'Statistic by IE version';
        break;
    case 'user_type':
        $sql = " SELECT bots_t.user_type_bot name, count(bots_t.id_bot) val FROM bots_t GROUP BY bots_t.user_type_bot";
        $title = 'Statistic by User Type';
        break;
}
$res = $db->query($sql);
while ($mres = $res->fetch_array()) {
    $data[] = $mres['val'];
    if ($_GET['by'] == 'os') {
        $legend[] = get_os($mres['name']);
    } else {
        if ($_GET['by'] == 'ie') {
            $legend[] = get_ie($mres['name']);
        } else {
            $legend[] = $mres['name'];
        }
    }
}
if (!count($data)) {
    $data[] = 0;
    $legend[] = 'None';
}
require_once ROOT_PATH . '/plugins/ofc/php-ofc-library/open-flash-chart.php';
$g = new graph();
$g->pie(60, '#505050', '{font-size: 12px; color: #404040;');
 public function login()
 {
     //почта
     $mail = $this->request->data['User']['mail'];
     //авторизация через бэкофис
     $bo = $this->request->data['User']['backoffice'] ? true : false;
     //пароль
     $password = $this->request->data['User']['password'];
     $hashed_pass = get_hash(Configure::read('USER_AUTH_SALT'), $password);
     $check_user = $this->User->find('count', array('conditions' => array('password' => $hashed_pass, 'mail' => $mail)));
     if ($check_user) {
         //удачная авторизация
         $this->Session->write('User', $mail);
         $user_id_data = $this->User->find('first', array('conditions' => array('mail' => $mail)));
         $user_id = $user_id_data['User']['id'];
         $this->loadModel('Userauth');
         $auth_data = array('user_id' => $user_id, 'ip' => get_ip(), 'browser' => get_ua(), 'os' => get_os());
         $this->Userauth->save($auth_data);
         $this->Session->write('user_id', $user_id);
         if ($bo) {
             $this->redirect(array('controller' => 'backoffice', 'action' => 'index'));
         } else {
             $this->redirect(array('controller' => 'index', 'action' => 'index'));
         }
     } else {
         $auth_error_text = L("WRONG_LOGIN_OR_PASSWORD");
         $this->set('auth_error', 'true');
         $this->set('auth_error_text', $auth_error_text);
         if ($bo) {
             $this->redirect(array('controller' => 'backoffice', 'action' => 'index', '?' => array('auth_error' => 'true', 'auth_error_text' => $auth_error_text)));
         } else {
             $this->redirect(array('controller' => 'index', 'action' => 'index', '?' => array('auth_error' => 'true', 'auth_error_text' => $auth_error_text)));
         }
     }
     exit;
 }
Beispiel #13
0
                    send_tofile($data0 . $data1, $repertoire, $filename . "-" . sprintf("%03d", $ifile), "sql", $MSos);
                    $data1 = "";
                    $ifile++;
                }
            }
        }
        if (strlen($data1) > 0) {
            send_tofile($data0 . $data1, $repertoire, $filename . "-" . sprintf("%03d", $ifile), "sql", $MSos);
            $data1 = "";
            $ifile++;
        }
    }
}
switch ($op) {
    case "SavemySQL":
        $MSos = get_os();
        if ($MSos) {
            $crlf = "\r\n";
            $crlf2 = "\\r\\n";
        } else {
            $crlf = "\n";
            $crlf2 = "\\n";
        }
        if ($savemysql_mode == 2) {
            dbSave_tofile("slogs", 0, $savemysql_size);
            echo "<script type=\"text/javascript\">\n                  //<![CDATA[\n                  alert('" . adm_translate("Sauvegarde terminée. Les fichiers sont disponibles dans le repertoire /slogs") . "');\n                  //]]>\n                  </script>";
            redirect_url("admin.php");
        } else {
            if ($savemysql_mode == 3) {
                dbSave_tofile("slogs", 1, $savemysql_size);
                echo "<script type=\"text/javascript\">\n                  //<![CDATA[\n                  alert('" . adm_translate("Sauvegarde terminée. Les fichiers sont disponibles dans le repertoire /slogs") . "');\n                  //]]>\n                  </script>";
 public function login()
 {
     //почта
     $mail = $this->request->data['Admin']['mail'];
     //пароль
     $password = $this->request->data['Admin']['password'];
     $hashed_pass = get_hash(Configure::read('USER_AUTH_SALT'), $password);
     $this->loadModel('Admin');
     $check_admin = $this->Admin->find('count', array('conditions' => array('password' => $hashed_pass, 'mail' => $mail)));
     if ($check_admin) {
         $has_access = $this->Admin->find('first', array('conditions' => array('password' => $hashed_pass, 'mail' => $mail)));
         $has_access = $has_access['Admin']['status'];
         if ($has_access == 1) {
             $this->Session->write('Admin', $mail);
             $admin_id_data = $this->Admin->find('first', array('conditions' => array('mail' => $mail)));
             $admin_id = $admin_id_data['Admin']['id'];
             //запись авторизации
             $this->loadModel('Adminauth');
             $auth_data = array('admin_id' => $admin_id, 'ip' => get_ip(), 'browser' => get_ua(), 'os' => get_os());
             $admin_auth_data = $this->Adminauth->save($auth_data);
             $this->Session->write('admin_id', $admin_id);
             $this->redirect(array('controller' => 'admin', 'action' => 'index'));
         } else {
             $auth_error_text = "Доступ заблокирован";
             $this->set('auth_error', 'true');
             $this->set('auth_error_text', $auth_error_text);
             $this->redirect(array('controller' => 'admin', 'action' => 'auth', '?' => array('auth_error' => 'true', 'auth_error_text' => $auth_error_text)));
         }
     } else {
         $auth_error_text = "Не правильный пароль или логин";
         $this->set('auth_error', 'true');
         $this->set('auth_error_text', $auth_error_text);
         $this->redirect(array('controller' => 'admin', 'action' => 'auth', '?' => array('auth_error' => 'true', 'auth_error_text' => $auth_error_text)));
     }
 }