function SMS_ADD_POST($person = 0, $content = 0, $type, $url = 0, $userid) { //发送消息表 $sms_send = array('receiveperson' => $person, 'content' => $content, 'uid' => $userid, 'date' => get_date('y-m-d H:i:s', PHP_TIME)); insert_db('sms_send', $sms_send); global $db; $blog = $db->fetch_one_array("SELECT * FROM " . DB_TABLEPRE . "sms_send WHERE receiveperson = '" . $person . "' and uid='" . $userid . "' order by id desc"); $id = $blog["id"]; //获取字符串 $receivepersonarr = explode(',', $person); //发送消息表 for ($i = 0; $i < sizeof($receivepersonarr); $i++) { //接收消息表 $sms_receive = array('sendperson' => $userid, 'date' => get_date('y-m-d H:i:s', PHP_TIME), 'content' => $content, 'receiveperson' => get_userid($receivepersonarr[$i]), 'type' => '2', 'smskey' => '1', 'sendid' => $id); //接收消息表 insert_db('sms_receive', $sms_receive); } if ($id != '') { $oalog = array('uid' => $userid, 'content' => $content . get_log(1) . $person, 'title' => '发布短消息', 'startdate' => get_date('Y-m-d H:i:s', PHP_TIME), 'contentid' => $id, 'type' => '4'); insert_db('oalog', $oalog); } if ($type == '1') { goto_page($url); } }
<?php (!defined('IN_TOA') || !defined('IN_ADMIN')) && exit('Access Denied!'); //if ( !is_superadmin() && !check_purview('manage_link') ) prompt('对不起,你没有权限执行本操作!'); //初始化信息,进入表单页面 empty($do) && ($do = 'list'); if ($do == 'edit') { $id = getGP('id', 'G', 'int'); $blog = $db->fetch_one_array("SELECT * FROM " . DB_TABLEPRE . "book WHERE id = '{$id}' "); include_once 'template/views.php'; } elseif ($do == 'save') { goto_page(getGP('dow', 'P')); } //读取部门 function GET_FILE_PUBLIC_LIST($fatherid = 0, $selid = 0, $layer = 0) { $str = ""; global $db; $query = $db->query("SELECT * FROM " . DB_TABLEPRE . "book_type where father='{$fatherid}' ORDER BY id Asc "); if (count($query) > 0) { for ($i = 0; $i < $layer; $i++) { $str .= "├"; } while ($row = $db->fetch_array($query)) { $selstr = $row['id'] == $selid ? 'selected="selected"' : ''; $htmlstr = '<option value="' . $row['id'] . '" ' . $selstr . '>' . $str . $row['title'] . '</option>'; echo $htmlstr; GET_FILE_PUBLIC_LIST($row['id'], $selid, $layer + 1, $type); } } return;
$db->query("DELETE FROM " . DB_TABLEPRE . "sms_receive WHERE id = '{$id}' "); //db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'"); } show_msg('短消息删除成功!', 'admin.php?ac=receive&fileurl=sms&userkeytype=' . getGP('userkeytype', 'P') . ''); } elseif ($do == 'smskey') { $idarr = getGP('id', 'G'); //foreach ($idarr as $id) { $sms_receive = array('smskey' => 2); update_db('sms_receive', $sms_receive, array('id' => $idarr)); //} goto_page('admin.php?ac=receive&fileurl=sms&userkeytype=' . $_GET['userkeytype']); } elseif ($do == 'smskeymana') { $idarr = getGP('id', 'G'); $sms_receive = array('smskey' => 2); update_db('sms_receive', $sms_receive, array('id' => $idarr)); goto_page("admin.php?ac=" . str_replace('-', "&", getGP('urls', 'G'))); } elseif ($do == 'excel') { $datename = "sms_" . get_date('YmdHis', PHP_TIME); $outputFileName = 'data/excel/' . $datename . '.xls'; $content = array(); $archive = array("状态", "发送人", "发送时间", "内容"); $content[] = $archive; $wheresql = ''; $vuidtype = getGP('vuidtype', 'P'); if (!is_superadmin() && $vuidtype == '') { $wheresql .= " AND receiveperson ='" . $_USER->id . "'"; } if ($vuidtype != '') { $wheresql .= get_subordinate($_USER->id, 'receiveperson'); } $sql = "SELECT * FROM " . DB_TABLEPRE . "sms_receive WHERE 1 {$wheresql} ORDER BY id desc";
<?php // Returns an error code. require_once "api.php"; if ($_SERVER["REQUEST_METHOD"] == "POST") { $connection = get_connection(); check_connection($connection); $username = $connection->real_escape_string($_POST["username"]); $password = $connection->real_escape_string($_POST["password"]); echo register_user($connection, $username, $password); $connection->close(); } else { goto_page(""); }
if (strtolower($vdcode) != $_SESSION['vdcode']) { $errmsg[] = '验证码不正确。'; } unset($_SESSION['vdcode']); } if (count($errmsg)) { show_msg($errmsg, 'login.php'); } $flag = $_USER->login($username, $password, $remember); if ($flag == 1) { //记录cookies setcookie("username", $username, time() + 3600 * 24 * 365); goto_page('admin.php'); } elseif ($flag == -3) { show_msg('登录失败,你的帐号尚未通过审核。', 'login.php'); } elseif ($flag == -5) { show_msg('登录失败,你的IP错误。', 'login.php'); } else { show_msg('登录失败,用户名或密码错误。', 'login.php'); } } if ($do == "logout") { $_USER->logout(); session_destroy(); show_msg('你已经安全退出登录,现在转到首页...', './'); } else { if ($_USER->id) { goto_page('admin.php'); } } include_once template . 'login.php';
$res = Utility::HttpRequest($phoneurl); $rqnum = explode('||', $res); for ($i = 0; $i < sizeof($rqnum); $i++) { $revalue = explode('#', $rqnum[$i]); if ($rqnum[$i] != '') { $phone_receive = array('content' => u8gb($revalue[1]), 'sendphone' => $revalue[0], 'date' => $revalue[2]); //接收消息表 insert_db('phone_receive', $phone_receive); } } ////////////////////////////////////////////// //读数据 //列表信息 $wheresql = ''; $page = max(1, getGP('page', 'G', 'int')); $pagesize = 20; $offset = ($page - 1) * $pagesize; $url = 'admin.php?ac=smsreceive&fileurl=sms'; $num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "phone_receive WHERE 1 {$wheresql} "); $sql = "SELECT * FROM " . DB_TABLEPRE . "phone_receive WHERE 1 {$wheresql} ORDER BY id desc LIMIT {$offset}, {$pagesize}"; $result = $db->fetch_all($sql); include_once 'template/smsreceive.php'; } elseif ($do == '删 除') { get_key("office_sms_delete"); $idarr = getGP('id', 'P', 'array'); foreach ($idarr as $id) { $db->query("DELETE FROM " . DB_TABLEPRE . "phone_receive WHERE id = '{$id}' "); //db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'"); } goto_page('admin.php?ac=smsreceive&fileurl=sms&message=1'); }
update_db('sms_receive', $sms_receive, array('receiveperson' => $_USER->id)); $wheresql = ''; $page = max(1, getGP('page', 'G', 'int')); $pagesize = 20; $offset = ($page - 1) * $pagesize; $url = 'admin.php?ac=sms_receive&fileurl=sms'; $wheresql .= " AND receiveperson='" . $_USER->id . "'"; if ($type = getGP('type', 'G')) { $wheresql .= " AND type ='" . $_GET["type"] . "'"; $url .= '&type=' . rawurlencode($type); } $num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "sms_receive WHERE 1 {$wheresql} and smskey='1' ORDER BY smskey asc, id desc"); $sql = "SELECT * FROM " . DB_TABLEPRE . "sms_receive WHERE 1 {$wheresql} and smskey='1' ORDER BY smskey asc, id desc LIMIT {$offset}, {$pagesize}"; $result = $db->fetch_all($sql); include_once 'template/sms_receive.php'; } elseif ($do == '删 除') { get_key("office_info_delete"); $idarr = getGP('id', 'P', 'array'); foreach ($idarr as $id) { $db->query("DELETE FROM " . DB_TABLEPRE . "sms_receive WHERE id = '{$id}' "); //db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'"); } goto_page('admin.php?ac=sms_receive&fileurl=sms&message=1&type=' . $_GET["type"] . ''); } elseif ($do == '标志为己读') { $idarr = getGP('id', 'P', 'array'); foreach ($idarr as $id) { $sms_receive = array('smskey' => 2); update_db('sms_receive', $sms_receive, array('id' => $id)); } goto_page('admin.php?ac=sms_receive&fileurl=sms&message=1&type=' . $_GET["type"] . ''); }
} empty($do) && ($do = 'list'); if ($do == 'list') { $goodsid = "515158"; $idarr = getGP('id', 'P', 'array'); foreach ($idarr as $id) { $goodsid = $goodsid . "," . $id; } //echo str_replace("515158,","",$goodsid); //exit; $sql = "SELECT * FROM " . DB_TABLEPRE . "office_goods WHERE id in(" . str_replace("515158,", "", $goodsid) . ") ORDER BY id desc"; $result = $db->fetch_all($sql); if (str_replace("515158", "", $goodsid) != '') { include_once 'template/goods_stock_add.php'; } else { goto_page('admin.php?ac=goods_stock_goodsadd&fileurl=goods'); } } elseif ($do == 'save') { $savetype = getGP('savetype', 'P'); $type = getGP('type', 'P'); $content = getGP('content', 'P'); //计算总价 $idarr = getGP('id', 'P', 'array'); $arr_id = "515158"; foreach ($idarr as $id) { $arr_id = $arr_id . "," . $id; } // $goods_typearr = getGP('goods_type', 'P', 'array'); $arr_goods_type = "515158"; foreach ($goods_typearr as $goods_type) {
} elseif ($do == 'save') { $savetype = getGP('savetype', 'P'); $id = getGP('id', 'P', 'int'); $goods_type = getGP('goods_type', 'P'); $title = getGP('title', 'P'); $specification = getGP('specification', 'P'); $unit = getGP('unit', 'P'); $price = getGP('price', 'P'); $number = getGP('number', 'P'); $content = getGP('content', 'P'); $recorduser = getGP('recorduser', 'P'); $department = getGP('department', 'P'); $recordnum = getGP('recordnum', 'P'); $office_goods_record = array('goods_type' => $goods_type, 'title' => $title, 'specification' => $specification, 'unit' => $unit, 'price' => $price, 'number' => $number, 'content' => $content, 'recorduser' => $recorduser, 'department' => $department, 'type' => 1, 'officegoods' => $id, 'recordnum' => $recordnum, 'date' => get_date('Y-m-d H:i:s', PHP_TIME), 'uid' => $_USER->id); insert_db('office_goods_record', $office_goods_record); goto_page('admin.php?ac=goods_record_view&fileurl=goods&mykey=1'); } //读取部门 function GET_FILE_PUBLIC_LIST($fatherid = 0, $selid = 0, $layer = 0) { $str = ""; global $db; $query = $db->query("SELECT * FROM " . DB_TABLEPRE . "goods_type where father='{$fatherid}' ORDER BY id Asc "); if (count($query) > 0) { for ($i = 0; $i < $layer; $i++) { $str .= "├"; } while ($row = $db->fetch_array($query)) { $selstr = $row['id'] == $selid ? 'selected="selected"' : ''; $htmlstr = '<option value="' . $row['id'] . '" ' . $selstr . '>' . $str . $row['title'] . '</option>'; echo $htmlstr;
if ($_GET["type"] == '1') { $wheresql = "and uid='" . $_USER->id . "'"; } } $num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "communication WHERE 1 {$wheresql}"); $sql = "SELECT * FROM " . DB_TABLEPRE . "communication WHERE 1 {$wheresql} ORDER BY id desc LIMIT {$offset}, {$pagesize}"; $result = $db->fetch_all($sql); include_once 'template/index.php'; } elseif ($do == 'update') { get_key("office_communication_delete"); $idarr = getGP('id', 'P', 'array'); foreach ($idarr as $id) { $db->query("DELETE FROM " . DB_TABLEPRE . "communication WHERE id = '{$id}' "); //db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'"); } $content = serialize($idarr); $title = '删除通迅录'; get_logadd($id, $content, $title, 9, $_USER->id); show_msg('删除通迅录成功!', 'admin.php?ac=index&fileurl=communication&message=1&type=' . getGP('type', 'P') . ''); } elseif ($do == 'phone') { $idarr = getGP('phone', 'P', 'array'); $phones = "|515158|"; $persons = "|515158|"; foreach ($idarr as $phone) { if ($phone != '') { $phones .= "," . $phone; $persons .= "," . getGP('person_' . $phone . '', 'P'); } } goto_page('admin.php?ac=smsadd&fileurl=sms&phone=' . str_replace("|515158|,", " ", $phones) . '&name=' . str_replace("|515158|,", " ", $persons) . ''); }