/**
*
* 内容替换函数 ...
* @param String $replacePrefix 标签占位符前缀
* @param Array $replaceData 对应占位符下标数组
* @param String $content 需要替换的内容
* @param int $i 替换下标,一般从0开始
*/
function replaceContent($replacePrefix, $replaceData, $content, $i = 0)
{
if ($replacePrefix && $content && is_array($replaceData) && $replaceData) {
$val = array_shift($replaceData);
$content = replaceContent($replacePrefix, $replaceData, str_replace('{$' . $replacePrefix . $i . '}', $val, $content), ++$i);
}
return $content;
}
* and/or its licensors, successors and assigners. All rights reserved. * * Use of Glype is subject to the terms of the Software License Agreement. * http://www.glype.com/license.php ******************************************************************* * * BY USING THIS DISCLAIMER, YOU ACKNOWLEDGE AND AGREE THAT ALL INFORMATION * CONTAINED HEREIN DOES NOT CONSTITUTE LEGAL ADVICE OF ANY KIND OR NATURE. * PLEASE CONSULT WITH LEGAL COUNSEL BEFORE USING THIS DISCLAIMER. * /***************************************************************** * Initialize glype ******************************************************************/ require 'includes/init.php'; /***************************************************************** * Create content ******************************************************************/ $content = <<<OUT \t<h2 class="first">Disclaimer</h2> \t<p>This service is provided as is, without warranty of any kind. Use of this service is entirely at your own risk. We cannot take responsibility for any direct or indirect damages resulting from the use of this service.</p> \t<p>The service allows indirect browsing of external, third-party websites. We are not responsible for the content on any external websites that may be accessible through our service. A website viewed through our service is in no way owned by or associated with this website.</p> \t<p>The term "indirect browsing" refers to the server which you connect to. During "direct" browsing, you connect to the server which provides the resource you are requesting. During "indirect" browsing, you connect to our server. Our script downloads the requested resource and forwards it to you.</p> \t<p>Any resource (such as web pages, images, files) downloaded through our service may be modified. This may include, but is not limited to, editing URLs so that any resources referenced by the target resource are also downloaded indirectly. The accuracy and reliablity of this process is not guaranteed. The resource which you receive may not be an accurate representation of the resource requested.</p> \t<p>A side-effect of indirect browsing may be anonymity. By connecting to our server instead of the target server, the target server does not see your IP address. However, we do not guarantee our service will be truly anonymous. The downloaded resource may reference other resources which your browser may automatically download. The service attempts to reroute all such requests through our server but may not be entirely successful. A single direct request will compromise your anonymity.</p> \t<p>This service may download a resource over a secure connection but this may be sent back to you over an unsecure connection. Do not enter confidential information unless you are on a secure connection to our server.</p> OUT; /***************************************************************** * Send content wrapped in our theme ******************************************************************/ echo replaceContent($content);
<?php
require_once "../action/checkAamsLogin.php";
require_once "../action/mysql.class.php";
if (isset($_POST[task]) && "addJob" == $_POST[task]) {
$db->query("insert into job(job_name,work_address,job_cnt,job_desc,create_date,job_type,work_exp,work_need,college,link_man,link_phone,link_mail) " . "values('{$_POST['title']}','{$_POST['workadd']}','{$_POST['num']}','" . replaceContent($_POST[content]) . "',now(),'{$_POST['type']}','{$_POST['work']}','" . replaceContent($_POST[content1]) . "'," . "'{$_POST['college']}','{$_POST['link_man']}','{$_POST['link_phone']}','{$_POST['link_email']}')");
echo "<script>if(confirm('招聘信息发布成功,是否继续发布?')){location.href='../addjob.php';}else{location.href='../job.php';}</script>";
} else {
if (isset($_GET[task]) && "deleteJob" == $_GET[task]) {
$db->query("delete from job where id = '{$_GET['jobid']}'");
echo "<script>alert('招聘信息删除成功?');location.href='../job.php';</script>";
} else {
if (isset($_GET[task]) && "toUpdateJob" == $_GET[task]) {
echo "<script>location.href='../updatejob.php?jobid=" . $_GET[jobid] . "';</script>";
} else {
if (isset($_POST[task]) && "updateJob" == $_POST[task]) {
$db->query("update job set job_name='{$_POST['title']}',work_address='{$_POST['workadd']}',job_cnt='{$_POST['num']}',job_desc='" . replaceContent($_POST[content]) . "'," . "job_type='{$_POST['type']}',work_exp='{$_POST['work']}',work_need='" . replaceContent($_POST[content1]) . "',college='{$_POST['college']}',link_man='{$_POST['link_man']}'," . "link_phone='{$_POST['link_phone']}',link_mail='{$_POST['link_email']}' where id='" . $_POST[jobid] . "'");
echo "<script>if(confirm('招聘信息修改成功,是否继续修改?')){location.href='../updatejob.php?jobid=" . $_POST[jobid] . "';}else{location.href='../job.php';}</script>";
}
}
}
}
function replaceContent($str)
{
return str_replace("'", "´", $str);
}
require_once "../action/checkAamsLogin.php";
require_once "../action/mysql.class.php";
if (isset($_POST[task]) && "addNews" == $_POST[task]) {
$db->query("insert into news(title,type_id,author,content,create_date,lang) values('{$_POST['title']}','{$_POST['type']}'," . "'{$_POST['author']}','" . replaceContent($_POST[content]) . "',now(),'{$_POST['lang']}')");
echo "<script>if(confirm('新闻发布成功,是否继续发布?')){location.href='../addnews.php';}else{location.href='../news.php';}</script>";
} else {
if (isset($_GET[task]) && "deleteNews" == $_GET[task]) {
$db->query("delete from news where id = '{$_GET['newsid']}'");
echo "<script>alert('新闻删除成功?');location.href='../news.php';</script>";
} else {
if (isset($_GET[task]) && "toUpdateNews" == $_GET[task]) {
echo "<script>location.href='../updatenews.php?newsid=" . $_GET[newsid] . "';</script>";
} else {
if (isset($_POST[task]) && "updateNews" == $_POST[task]) {
$db->query("update news set title='{$_POST['title']}',type_id='{$_POST['type']}',author='{$_POST['author']}'," . "content='" . replaceContent($_POST[content]) . "',lang='{$_POST['lang']}' where id='" . $_POST[newsid] . "'");
echo "<script>if(confirm('新闻修改成功,是否继续修改?')){location.href='../updatenews.php?newsid=" . $_POST[newsid] . "';}else{location.href='../news.php';}</script>";
} else {
if (isset($_POST[task]) && "updateNewsType" == $_POST[task]) {
$db->query("update news_type set news_type_zh_cn='{$_POST['zh_cn']}',news_type_en='{$_POST['en']}' where id='" . $_POST[typeid] . "'");
echo "<script>alert('修改成功!');location.href='../newstype.php';</script>";
} else {
if (isset($_POST[task]) && "addNewsType" == $_POST[task]) {
$db->query("insert into news_type(news_type_zh_cn,news_type_en,create_date) values('{$_POST['zh_cn']}','{$_POST['en']}',now())");
echo "<script>alert('添加新闻类型成功!');location.href='../newstype.php';</script>";
} else {
if (isset($_GET[task]) && "deleteNewsType" == $_GET[task]) {
$db->query("delete from news_type where id = '{$_GET['typeid']}'");
echo "<script>alert('删除新闻类型成功!');location.href='../newstype.php';</script>";
}
}
function addEmailQueue()
{
$appuniqueid = trim($this->input['appuniqueid']);
if (!$appuniqueid) {
$this->errorOutput(NO_APPUNIQUEID);
}
//获取邮件配置
$email_settings = $this->mEmailSettings->getEmailSettings($appuniqueid);
if (!$email_settings) {
$this->errorOutput('配置信息不存在');
}
if (!$email_settings['status']) {
$this->errorOutput('配置信息未审核');
}
$emailsend = $email_settings['emailsend'];
$usessl = $email_settings['usessl'];
$smtpauth = $email_settings['smtpauth'];
$smtphost = $email_settings['smtphost'];
$smtpuser = $email_settings['smtpuser'];
$smtppassword = $email_settings['smtppassword'];
$from = $email_settings['smtpuser'] ? $email_settings['smtpuser'] : $emailsend;
$fromname = $email_settings['fromname'];
$emailtype = $email_settings['emailtype'];
$smtpport = $email_settings['smtpport'] ? $email_settings['smtpport'] : 25;
$to = trim($this->input['to']);
$subject = trim($this->input['subject']);
$body = trim($this->input['body']);
if (!$body || !$subject) {
$emailContent = $this->email_module->getEmailContentSettings($appuniqueid);
$replaceData = $this->input['tspace'] ? $this->input['tspace'] : array();
if ($replaceData && $emailContent['subject']) {
$subject = replaceContent('tspace', $replaceData, html_entity_decode($emailContent['subject']));
}
$replaceData = $this->input['bspace'] ? $this->input['bspace'] : array();
if ($replaceData && $emailContent['body']) {
$body = replaceContent('bspace', $replaceData, html_entity_decode($emailContent['body']));
}
}
if (!$subject) {
$this->errorOutput('邮件标题不能为空');
}
if (!$body) {
$this->errorOutput('邮件内容不能为空');
}
$htmlbody = '';
if ($email_settings['is_head_foot'] && $email_settings['header']) {
$htmlbody .= $email_settings['header'];
}
if (get_magic_quotes_gpc()) {
$htmlbody .= stripslashes($body);
} else {
$htmlbody .= $body;
}
if ($email_settings['is_head_foot'] && $email_settings['footer']) {
$htmlbody .= $email_settings['footer'];
}
if (!$emailsend) {
$this->errorOutput('发件邮箱不能为空');
}
if (!$to) {
$this->errorOutput('收件人邮箱不能为空');
}
if (!$this->mEmail->check_emailformat($to)) {
$this->errorOutput('发件人邮箱不合法');
}
if (!$emailtype) {
$emailtype = 'sendmail';
}
$smtp = array('from' => $emailsend, 'fromname' => $fromname);
if ($emailtype == 'smtp') {
if (!$smtphost) {
$this->errorOutput('SMTP主机不能为空');
}
if (!$smtpuser) {
$this->errorOutput('SMTP发件人邮箱不能为空');
}
if (!$smtppassword) {
$this->errorOutput('SMTP发件人邮箱密码不能为空');
}
$smtp['smtpauth'] = $smtpauth;
$smtp['smtpport'] = $smtpport;
$smtp['smtphost'] = $smtphost;
$smtp['smtpuser'] = $smtpuser;
$smtp['smtppassword'] = $smtppassword;
$smtp['from'] = $from;
}
$queue_info = array('emailsend' => $emailsend, 'emailtype' => $emailtype, 'usessl' => $usessl, 'smtpauth' => $smtpauth, 'smtphost' => $smtphost, 'smtpport' => $smtpport, 'smtpuser' => $smtpuser, 'smtppassword' => $smtppassword, 'from' => $smtp['from'], 'fromname' => $fromname);
//入队列
$ret_addEmailQueue = $this->mEmailQueue->addEmailQueue($queue_info, $to, $subject, $htmlbody);
//记录日志
if ($ret_addEmailQueue['id']) {
$ret_email_log = $this->mEmailLog->addEmailSendLog($ret_addEmailQueue['id'], $queue_info, $to, $subject, $htmlbody);
}
$this->addItem($ret_addEmailQueue['id']);
$this->output();
}
} else {
echo "<script>alert('案例发布失败,请重试!');location.href='../addcase.php';</script>";
}
} else {
if (isset($_GET[task]) && "deleteCase" == $_GET[task]) {
$db->query("delete from obj_case where id = '{$_GET['caseid']}'");
echo "<script>alert('案例删除成功?');location.href='../case.php';</script>";
} else {
if (isset($_POST[task]) && "updateCase" == $_POST[task]) {
//文件保存目录URL
$save_path = '../../images/case';
//定义允许上传的文件扩展名
$ext_arr = array('gif', 'jpg', 'png');
require "../action/FileUpload.class.php";
$up = new FileUpload(array('isRandName' => true, 'allowType' => $ext_arr, 'FilePath' => $save_path, 'MAXSIZE' => 100000));
//100k
if ($up->uploadFile('casepic')) {
$filename = $up->getNewFileName();
unlink("../../images/case/" . $_POST[case_pic]);
} else {
$filename = $_POST[case_pic];
}
$db->query("update obj_case set case_name='{$_POST['title']}',case_desc='" . replaceContent($_POST[content]) . "',case_pic='{$filename}'," . "lang='{$_POST['lang']}' where id='" . $_POST[caseid] . "'");
echo "<script>if(confirm('案例信息修改成功,是否继续修改?')){location.href='../updatecase.php?caseid=" . $_POST[caseid] . "';}else{location.href='../case.php';}</script>";
}
}
}
function replaceContent($str)
{
return str_replace("'", "´", $str);
}
if (isset($_POST[task]) && "updateProd" == $_POST[task]) {
//文件保存目录URL
$save_path = '../../images/product';
//定义允许上传的文件扩展名
$ext_arr = array('gif', 'jpg', 'png');
require "../action/FileUpload.class.php";
$up = new FileUpload(array('isRandName' => true, 'allowType' => $ext_arr, 'FilePath' => $save_path, 'MAXSIZE' => 100000));
//100k
if ($up->uploadFile('prod_picture')) {
$filename = $up->getNewFileName();
unlink("../../images/product/" . $_POST[prodpic]);
} else {
$filename = $_POST[prodpic];
}
//print_r($up->getErrorMsg());
$db->query("update product set product_name='{$_POST['prod_name']}',type_id='{$_POST['type']}'," . "product_desc='" . replaceContent($_POST[content]) . "',product_pic='{$filename}'," . "lang='{$_POST['lang']}' where id='" . $_POST[prodid] . "'");
echo "<script>if(confirm('产品修改成功,是否继续发布?')){location.href='../updateprod.php?task=toUpdateProduct&prodid=" . $_POST[prodid] . "';}else{location.href='../product.php';}</script>";
} else {
if (isset($_POST[task]) && "updateProdType" == $_POST[task]) {
$db->query("update product_type set product_type_zh_cn='{$_POST['zh_cn']}',product_type_en='{$_POST['en']}' where id='" . $_POST[typeid] . "'");
echo "<script>alert('修改成功!');location.href='../prodtype.php';</script>";
} else {
if (isset($_POST[task]) && "addProdType" == $_POST[task]) {
$db->query("insert into product_type(product_type_zh_cn,product_type_en,pid,create_date,remark) values('{$_POST['zh_cn']}','{$_POST['en']}','{$_POST['pid']}',now(),'1')");
echo "<script>alert('添加产品类型成功!');location.href='../prodtype.php';</script>";
} else {
if (isset($_GET[task]) && "deleteProdType" == $_GET[task]) {
$db->query("select id from product_type where pid='{$_GET['typeid']}'");
$cnt = $db->db_num_rows();
if ($cnt > 0) {
echo "<script>alert('无法删除该产品类型,请先删除它的子类!');location.href='../prodtype.php';</script>";
