Beispiel #1
0
function ck_power($v)
{
    global $Apower, $webdb;
    if (!$Apower["Module_{$webdb['module_pre']}{$v}"]) {
        showmsg('你无权限!');
    }
    return true;
}
Beispiel #2
0
 public function editProject_Action()
 {
     if (app::v('checkallow', 'submit')) {
         $baseId = intval($this->getInput['baseId']);
         $moneyInfo = array(control_baseMoney::TABLE_BASEMONEY => $this->getInput[control_baseMoney::TABLE_BASEMONEY], control_baseMoney::TABLE_RUNMONEY => $this->getInput[control_baseMoney::TABLE_RUNMONEY], control_baseMoney::TABLE_CLIENTMONEY => $this->getInput[control_baseMoney::TABLE_CLIENTMONEY]);
         control_baseMoney::editBaseMoneyInfo($moneyInfo, $baseId);
         showmsg(control_returnCode::FORM_SUBMIT_TRUE);
     }
 }
Beispiel #3
0
 /**
  * 参数检查并写日志
  */
 public function stopAttack($StrFiltKey, $StrFiltValue, $ArrFiltReq)
 {
     if (is_array($StrFiltValue)) {
         $StrFiltValue = implode($StrFiltValue);
     }
     if (preg_match("/" . $ArrFiltReq . "/is", $StrFiltValue) == 1) {
         $this->writesLog($_SERVER["REMOTE_ADDR"] . "    " . strftime("%Y-%m-%d %H:%M:%S") . "    " . $_SERVER["PHP_SELF"] . "    " . $_SERVER["REQUEST_METHOD"] . "    " . $StrFiltKey . "    " . $StrFiltValue);
         showmsg('您提交的参数非法,系统已记录您的本次操作!', '', 0, 1);
     }
 }
Beispiel #4
0
 public function remove_atta()
 {
     $input = $this->input->get();
     $attachment = $this->attachment->get_by_id($input['id']);
     if (!$attachment) {
         showmsg('订单不存在');
     }
     $this->attachment->delete_by_id($input['id']);
     @unlink(HOMEBASE . 'web/uploads/' . $attachment['attachment']);
     showmsg('操作成功');
 }
Beispiel #5
0
function _asUpFiles($dir, $file_var, $max_size = '', $type = '', $name = false)
{
    if (!file_exists($dir)) {
        showmsg("上传图片失败:上传目录 " . $dir . " 不存在!", 0);
    } elseif (!is_writable($dir)) {
        showmsg("上传图片失败:上传目录 " . $dir . " 无法写入!", 0);
        exit;
    }
    $upfile =& $_FILES["{$file_var}"];
    $upfilename = $upfile['name'];
    if (!empty($upfilename)) {
        if (!is_uploaded_file($upfile['tmp_name'])) {
            showmsg('上传图片失败:你选择的文件无法上传', 0);
            exit;
        } elseif ($max_size > 0 && $upfile['size'] / 1024 > $max_size) {
            showmsg("上传图片失败:文件大小不能超过  " . $max_size . "KB", 0);
            exit;
        }
        $ext_name = strtolower(str_replace(".", "", strrchr($upfilename, ".")));
        if (!empty($type)) {
            $arr_type = explode('/', $type);
            $arr_type = array_map("strtolower", $arr_type);
            if (!in_array($ext_name, $arr_type)) {
                showmsg("上传图片失败:只允许上传 " . $type . " 的文件!", 0);
                exit;
            }
            /* 	$imgtype=array("jpg","gif","jpeg","bmp","png");		
            			if (in_array($ext_name,$imgtype))
            			{
            				$imageinfo = getimagesize($upfile['tmp_name']);
            				if (empty($imageinfo[0]) || empty($imageinfo[1]))
            				{
            				showmsg("上传图片失败:只允许上传 ".$type." 的文件!",0);
            				exit();
            				}
            			} */
            $harmtype = array("asp", "php", "jsp", "js", "css", "php3", "php4", "ashx", "aspx", "exe");
            if (in_array($ext_name, $harmtype)) {
                exit("ERR!");
            }
        }
        if (!is_bool($name)) {
            $uploadname = $name . "." . $ext_name;
        } elseif ($name === true) {
            $uploadname = time() . mt_rand(100, 999) . "." . $ext_name;
        }
        if (!move_uploaded_file($upfile['tmp_name'], $dir . $uploadname)) {
            showmsg('上传图片失败:文件上传出错!', 0);
            exit;
        }
        return $uploadname;
    }
    return '';
}
Beispiel #6
0
	function __construct($fid)
 	{
 		$this->FreeID = $fid;
 		$this->TypeLink = new TypeLink(0);

 		$this->dsql = new DedeSql(false);
 		$this->maintable = '#@__archives';

 		$this->TempletsFile = '';
 		$this->FLInfos = $this->dsql->GetOne("Select * From #@__freelist where aid='$fid' ");
 		$liststr = $this->FLInfos['listtag'];
 		//载入数据里保存的列表属性信息
 		$ndtp = new DedeTagParse();
 		$ndtp->SetNameSpace("dede","{","}");
 		$ndtp->LoadString($liststr);
 		$this->ListObj = $ndtp->GetTag('list');
 		$this->PageSize = $this->ListObj->GetAtt('pagesize');
 		if(empty($this->PageSize)) $this->PageSize = 30;
 		$channelid = $this->ListObj->GetAtt('channel');
 		if(empty($channelid)){
 			showmsg('必须指定频道','-1');exit();
 		}else{
 			$channelid = intval($channelid);
 			$channelinfo = $this->dsql->getone("select maintable from #@__channeltype where ID='$channelid'");
			$this->maintable = $channelinfo['maintable'];
 		}



 		//全局模板解析器
 		$this->dtp = new DedeTagParse();
 		$this->dtp->SetNameSpace("dede","{","}");

 		//设置一些全局参数的值
 		$this->Fields['aid'] = $this->FLInfos['aid'];
 		$this->Fields['title'] = $this->FLInfos['title'];
 		$this->Fields['position'] = $this->FLInfos['title'];
 		$this->Fields['keywords'] = $this->FLInfos['keyword'];
 		$this->Fields['description'] = $this->FLInfos['description'];
 		$channelid = $this->ListObj->GetAtt('channel');
 		if(!empty($channelid)){
 		   $this->Fields['channeltype'] = $channelid;
 		   $this->ChannelUnit = new ChannelUnit($channelid);
 	  }else{
 	  	 $this->Fields['channeltype'] = 0;
 	  }
 		foreach($GLOBALS['PubFields'] as $k=>$v) $this->Fields[$k] = $v;

 		$this->PartView = new PartView();

 		$this->CountRecord();

  }
Beispiel #7
0
function IDInflow()
{
    global $db;
    $ids = be("arr", "t_id");
    if (!isN($ids)) {
        $count = $db->getOne("Select count(id) as cc from apk_master_temp where status=1 and id in (" . $ids . ") ");
        $sql = "select *   from apk_master_temp where status=1 and  id in (" . $ids . ")  ";
        MovieInflow($sql, $count);
    } else {
        showmsg("请选择入库数据!", $backurl);
    }
}
Beispiel #8
0
 public function projectInfo_Action()
 {
     $userId = $this->getInput['userId'];
     if ($userId) {
         $userInfo = control_user::getUserInfo($userId);
         if (!$userInfo) {
             showmsg(control_returnCode::FORM_INFO_EMPTY);
         }
     }
     list(, $userPlanList) = control_userBase::getUserPlanList($userInfo[control_user::TABLE_KEY]);
     foreach ($userPlanList as $plan) {
         $baseId[] = $plan[control_userBase::TABLE_KEY];
     }
     list(, $basePlanList) = control_baseMoney::getListByIds($baseId);
     $this->modelDisplay(array('userInfo' => $userInfo, 'userPlanList' => $userPlanList, 'basePlanList' => $basePlanList));
 }
Beispiel #9
0
 function initCondition($array)
 {
     if (isset($array['action'])) {
         $array['action'] = strtolower($array['action']);
     }
     if (!isset($array['title'])) {
         $array['title'] = $this->name . "_" . $this->index;
         $this->index++;
     }
     foreach ($this->condition as $value) {
         if ($value['title'] == $array['title']) {
             showmsg('invoke_title_have_exist');
         }
     }
     $array['num'] = (int) $array['num'] ? (int) $array['num'] : 10;
     $array['invokename'] = $this->name;
     return $array;
 }
Beispiel #10
0
function save()
{
    global $db;
    $f_id = be("post", "f_id");
    $f_name = be("post", "f_name");
    $f_object = be("post", "f_object");
    $f_type = be("post", "f_type");
    $f_content = be("post", "f_content");
    $f_strstart = be("post", "f_strstart");
    $f_strend = be("post", "f_strend");
    $f_rep = be("post", "f_rep");
    $f_flag = be("post", "f_flag");
    $f_pid = be("post", "f_pid");
    if (isN($f_id)) {
        $f_id = 0;
    }
    if (isN($f_flag)) {
        $f_flag = 0;
    }
    if ($f_type == 1) {
        if (isN($f_content)) {
            alert("过滤的内容不能为空!");
        }
    } elseif ($f_type == 2) {
        if (isN($f_strstart) || isN($f_strend)) {
            alert("开始/结束标记不能为空!");
        }
    }
    if ($f_id == 0) {
        $sql = "insert {pre}cj_filters (f_name,f_object,f_type,f_content,f_strstart,f_strend,f_rep,f_flag,f_pid,f_sys) values('" . $f_name . "','" . $f_object . "','" . $f_type . "','" . $f_content . "','" . $f_strstart . "','" . $f_strend . "','" . $f_rep . "','" . $f_flag . "','" . $f_pid . "','1') ";
    } else {
        $sql = "update {pre}cj_filters set f_name='" . $f_name . "',f_object='" . $f_object . "',f_type='" . $f_type . "',f_pid='" . $f_pid . "',f_content='" . $f_content . "',f_strstart='" . $f_strstart . "',f_strend='" . $f_strend . "',f_rep='" . $f_rep . "',f_flag='" . $f_flag . "'\t where f_id=" . $f_id;
    }
    $db->query($sql);
    showmsg("成功修改过滤规则!", getReferer());
}
Beispiel #11
0
 $rsdb = $db->get_one("SELECT * FROM {$pre}module WHERE id='{$id}'");
 $array = @(include ROOT_PATH . "{$rsdb['dirname']}/install/fix.php");
 if ($array[forbid_del]) {
     showmsg('当前模块设置了禁止卸载!');
 }
 if (!ereg("^([_a-z0-9]+)\$", $postdb[pre])) {
     showmsg('数据表前缀只能是英文或数字');
 }
 if (!ereg("(_)\$", $postdb[pre])) {
     $postdb[pre] = "{$postdb[pre]}_";
 }
 if (!ereg("^([_a-z0-9]+)\$", $postdb['dir'])) {
     showmsg('只能是英文或数字');
 }
 if (!$postdb['name']) {
     showmsg('模块名称不能为空!');
 }
 $db->query("INSERT INTO `{$pre}module` (`type` , `name` , `pre` , `dirname` ) VALUES ('{$rsdb['type']}', '{$postdb['name']}', '{$postdb['pre']}', '{$postdb['dir']}')");
 $newid = $db->insert_id();
 $db->query("SET SQL_QUOTE_SHOW_CREATE = 1");
 $query = $db->query("SHOW TABLE STATUS");
 while ($rs = $db->fetch_array($query)) {
     if (eregi("^{$pre}{$rsdb[pre]}", $rs[Name])) {
         $array = $db->get_one("SHOW CREATE TABLE {$rs['Name']}");
         if (mysql_get_server_info() > '4.1' && $dbcharset) {
             $array['Create Table'] = preg_replace("/DEFAULT CHARSET=([0-9a-z]+)/is", "", $array['Create Table']);
             $array['Create Table'] .= " DEFAULT CHARSET={$dbcharset}";
         }
         $array['Create Table'] = str_replace("{$pre}{$rsdb['pre']}", "{$pre}{$postdb['pre']}", $array['Create Table']);
         $db->query($array['Create Table']);
         $newtable = str_replace("{$pre}{$rsdb['pre']}", "{$pre}{$postdb['pre']}", $rs[Name]);
Beispiel #12
0
        //执行支付成功操作
        include_once INC_PATH . "/recharge.class.php";
        $rechargeobj = RechargeClass::init();
        //收取手续费的规则
        $total_fee = $total_fee * 0.96 - 0.3;
        $money = $rechargeobj->ratechange($total_fee, 'USD');
        $rechargeobj->paysuccess($dingdan, $money);
        echo '支付成功!';
    } else {
        //输出支付失败提示
        showmsg("支付未完成!", "../../../m.php");
    }
} else {
    if (isset($paypal['business'])) {
        log_result("error" . date("Y-M-D H:d:S"));
        //输出支付失败提示
        showmsg("支付未完成!", "../../../m.php");
    } else {
        //输出支付失败提示
        showmsg("支付未完成!", "../../../m.php");
    }
}
//日志消息,记录反馈的参数记录下来
function log_result($word)
{
    $fp = fopen("log.txt", "a");
    flock($fp, LOCK_EX);
    fwrite($fp, $word . ":执行日期:" . strftime("%Y%m%d%H%I%S", time()) . "\t\n");
    flock($fp, LOCK_UN);
    fclose($fp);
}
Beispiel #13
0
 * 74cms 职位详细页
 * ============================================================================
 * 版权所有: 骑士网络,并保留所有权利。
 * 网站地址: http://www.74cms.com;
 * ----------------------------------------------------------------------------
 * 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和
 * 使用;不允许对程序代码以任何形式任何目的的再发布。
 * ============================================================================
*/
define('IN_QISHI', true);
$alias = "QS_hunter_jobsshow";
require_once dirname(__FILE__) . '/../include/common.inc.php';
if ($_PLUG['hunter']['p_install'] == 1) {
    $link[0]['text'] = "返回首页";
    $link[0]['href'] = $_CFG['site_dir'];
    showmsg("管理员已关闭此模块!", 1, $link);
}
if ($mypage['caching'] > 0) {
    $smarty->cache = true;
    $smarty->cache_lifetime = $mypage['caching'];
} else {
    $smarty->cache = false;
}
$cached_id = $alias . (isset($_GET['id']) ? "|" . intval($_GET['id']) % 100 . '|' . intval($_GET['id']) : '') . (isset($_GET['page']) ? "|p" . intval($_GET['page']) % 100 : '');
require_once QISHI_ROOT_PATH . 'include/mysql.class.php';
$db = new mysql($dbhost, $dbuser, $dbpass, $dbname);
unset($dbhost, $dbuser, $dbpass, $dbname);
$mypage['tpl'] = '../tpl_hunter/default/' . $mypage['tpl'];
$smarty->assign('user_tpl', '../tpl_hunter/');
$smarty->display($mypage['tpl'], $cached_id);
$db->close();
Beispiel #14
0
function trimall($_str)
{
    if (empty($_str)) {
        showmsg('Settings should not be empty!');
        return '';
        exit;
    }
    $_str = preg_replace("/\\s/", "", $_str);
    return $_str;
}
Beispiel #15
0
<?php

require_once dirname(__FILE__) . "/config.php";
@set_time_limit(0);
CheckPurview('sys_ArcBatch');
if (empty($dopost)) {
    $dopost = '';
}
if ($dopost == 'analyse') {
    $arr = $dsql->getone("select maintable from `#@__channeltype` where id='{$channelid}' ");
    if (is_array($arr)) {
        $maintable = $arr['maintable'];
    } else {
        showmsg('频道id不正确,无法处理!', 'javascript:;');
        exit;
    }
    $dsql->SetQuery("Select count(title) as dd,title From `{$maintable}` where channel='{$channelid}' group by title order by dd desc limit 0, {$pagesize}");
    $dsql->Execute();
    $allarc = 0;
    include DedeInclude('templets/article_result_same.htm');
    exit;
} else {
    if ($dopost == 'delsel') {
        require_once dirname(__FILE__) . "/../include/typelink.class.php";
        require_once dirname(__FILE__) . "/inc/inc_batchup.php";
        if (empty($titles)) {
            header("Content-Type: text/html; charset={$cfg_ver_lang}");
            echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset={$cfg_ver_lang}\">\r\n";
            echo "没有指定删除的文档!";
            exit;
        }
Beispiel #16
0
        } elseif ($action == 'delete') {
            if (empty($do)) {
                if (is_array($id)) {
                    $ids = implode(',', $id);
                } else {
                    showmsg('未选中要操作的内容', '-1');
                    exit;
                }
                $query = "DELETE FROM `{$diy->table}` WHERE id IN ({$ids})";
                if ($dsql->ExecuteNoneQuery($query)) {
                    showmsg('删除成功', "diy_list.php?action=list&diyid={$diy->diyid}");
                } else {
                    showmsg('删除失败', "diy_list.php?action=list&diyid={$diy->diyid}");
                }
            } else {
                if ($do = 1) {
                    $row = $dsql->GetOne("SELECT * FROM `{$diy->table}` WHERE id='{$id}'");
                    if (file_exists($cfg_basedir . $row[$name])) {
                        unlink($cfg_basedir . $row[$name]);
                        $dsql->ExecuteNoneQuery("UPDATE `{$diy->table}` SET {$name}='' WHERE id='{$id}'");
                        showmsg('文件删除成功', "diy_list.php?action=list&diyid={$diy->diyid}");
                    } else {
                        showmsg('文件不存在', '-1');
                    }
                }
            }
        } else {
            showmsg('未定义操作', "-1");
        }
    }
}
Beispiel #17
0
    for ($i = 1; $i < $page; $i++) {
        echo "<a href='index.php?mod=admin-job&page=" . $i . $link . "'>[" . $i . "]</a> ";
    }
    echo "[" . $page . "]";
    for ($i = $page + 1; $i <= $pages; $i++) {
        echo "<a href='index.php?mod=admin-job&page=" . $i . $link . "'>[" . $i . "]</a> ";
    }
    echo '<br>';
    $first = 1;
    $prev = $page - 1;
    $next = $page + 1;
    $last = $pages;
    if ($page > 1) {
        echo "<a href='index.php?mod=admin-job&page=" . $first . $link . "'>首页</a>.";
        echo "<a href='index.php?mod=admin-job&page=" . $prev . $link . "'>上一页</a>";
    }
    if ($page < $pages) {
        echo "<a href='index.php?mod=admin-job&page=" . $next . $link . "'>下一页</a>.";
        echo "<a href='index.php?mod=admin-job&page=" . $last . $link . "'>尾页</a>";
    }
    echo '</div>';
    ##分页
} else {
    showmsg('后台管理登录失败。请以管理员身份 <a href="index.php?mod=login">重新登录</a>!', 3);
}
echo '<div class="copy">';
echo date("Y年m月d日 H:i:s");
echo '<br>';
echo '<a href="./">返回后台管理</a>-<a href="index.php">返回首页</a>';
include ROOT . 'includes/foot.php';
echo '</div></body></html>';
Beispiel #18
0
    //更改状态操作
    exit("1");
} elseif ($action == "del" && !empty($did)) {
    //执行删除操作
    $did = GetNum($did);
    $info = $Table->del($did);
    if ($info == "OK") {
        showmsg("删除成功!", PHP_SELF);
    } else {
        showmsg($info, PHP_SELF);
    }
} elseif ($action == "dels") {
    if (empty($delids)) {
        showmsg("没有选择任何对象!", PHP_SELF);
        exit;
    }
    //空选择
    //执行删除多个操作
    $delids = explode('|', $delids);
    foreach ($delids as $id) {
        if (GetNum($id)) {
            $info = $Table->del($id);
        }
    }
    if ($info == "OK") {
        exit("1");
    }
} else {
    showmsg("未知请求", "-1");
    //出错!
}
Beispiel #19
0
                    exit;
                }
                if ($pl && !preg_match('/[0-9]/', $pl)) {
                    showmsg('运行频率只能是数字哦!', 3);
                    exit;
                }
                if ($isadmin == 1) {
                    $sql18 = "update `wjob_job` set `mc` ='{$mc}',`url` ='{$url}',`post` ='{$post}',`postfields` ='{$postfields}',`cookie` ='{$cookie}',`usep` ='{$usep}',`proxy` ='{$proxy}',`referer` ='{$referer}',`useragent` ='{$useragent}',`start`='{$start}',`stop`='{$stop}',`pl`='{$pl}' where `jobid`='{$jobid}'";
                } else {
                    $sql18 = "update `wjob_job` set `mc` ='{$mc}',`url` ='{$url}',`post` ='{$post}',`postfields` ='{$postfields}',`cookie` ='{$cookie}',`usep` ='{$usep}',`proxy` ='{$proxy}',`referer` ='{$referer}',`useragent` ='{$useragent}',`start`='{$start}',`stop`='{$stop}',`pl`='{$pl}',`timea`='{$date}' where `jobid`='{$jobid}'";
                }
                $sds = $DB->query($sql18);
                if ($sds) {
                    showmsg('任务已成功修改!', 1, 'addrw');
                } else {
                    showmsg('任务修改失败!<br/>' . $DB->error());
                }
            } else {
                showmsg('网址不合法!必须包含且只能包含一个http://');
            }
        } else {
            showmsg('你只能编辑自己的任务哦!');
        }
    }
} else {
    showmsg('你还没登录哦,请先<a href="index.php?mod=login">登录</a>!', 2);
}
echo '<div class="copy">';
echo date("Y年m月d日 H:i:s");
include ROOT . 'includes/foot.php';
echo '</div></div></div></div></body></html>';
Beispiel #20
0
 public function reboot()
 {
     $this->form_validation->set_rules('reboot', 'reboot', 'trim|required|xss_clean');
     if ($this->form_validation->run()) {
         //$exec('sudo reboot');
         exec('sudo rdate -s tick.greyware.com');
         //同步时钟
         $command = 'sudo reboot 2>&1';
         exec($command, $output, $result);
         //var_dump($command);
         //var_dump($output);
         //var_dump($result);
         showmsg('Rebooting...Wait for 45s...', WEB_ROOT, '45');
     } else {
         $this->data['title'] = 'reboot';
         $this->load->view('common/header', $this->data);
         $this->load->view('common/left');
         $this->load->view('reboot');
         $this->load->view('common/footer');
     }
 }
Beispiel #21
0
    }
    $setsqlarr['likekey'] = $setsqlarr['jobname'] . "," . $setsqlarr['comname'] . "," . $setsqlarr['address'] . "," . $setsqlarr['detailed'];
    require_once QISHI_ROOT_PATH . 'include/splitword.class.php';
    $sp = new SPWord();
    $setsqlarr['key'] = $setsqlarr['jobname'] . $setsqlarr['comname'] . $setsqlarr['address'] . $setsqlarr['detailed'];
    $setsqlarr['key'] = "{$setsqlarr['jobname']} {$setsqlarr['comname']} " . $sp->extracttag($setsqlarr['key']);
    $setsqlarr['key'] = $sp->pad($setsqlarr['key']);
    $link[0]['text'] = "返回微招聘列表";
    $link[0]['href'] = url_rewrite('QS_simplelist');
    if ($db->updatetable(table('simple'), $setsqlarr, " id='{$id}' ")) {
        if ($_CFG['simple_edit_audit'] > 1) {
            $str = ",请等待管理员审核";
        }
        showmsg("修改成功{$str}!", 2, $link);
    } else {
        showmsg("修改失败!", 0);
    }
} elseif ($act == 'check_tel') {
    $tel = $_GET['tel'];
    $id = intval($_GET['id']);
    if (preg_match("/^\\d*\$/", $tel)) {
        if ($id > 0) {
            $wheresql = " AND id<>'{$id}'";
        }
        $sql = "select id from " . table('simple') . " where tel = '{$tel}' {$wheresql} LIMIT 1";
        $info = $db->getone($sql);
        if (!empty($info)) {
            exit('false');
        } else {
            exit('true');
        }
Beispiel #22
0
} elseif ($act == 'reg_save') {
    if (empty($_SESSION["taobao_access_token"])) {
        exit("access_token is empty");
    }
    $val['username'] = !empty($_POST['nickname']) ? trim($_POST['nickname']) : exit("err");
    $val['mobile'] = !empty($_POST['mobile']) ? trim($_POST['mobile']) : exit("err");
    $val['email'] = !empty($_POST['email']) ? trim($_POST['email']) : exit("err");
    $val['member_type'] = intval($_POST['utype']);
    $val['password'] = !empty($_POST['password']) ? trim($_POST['password']) : exit("err");
    require_once QISHI_ROOT_PATH . 'include/mysql.class.php';
    $db = new mysql($dbhost, $dbuser, $dbpass, $dbname);
    unset($dbhost, $dbuser, $dbpass, $dbname);
    require_once QISHI_ROOT_PATH . 'include/fun_user.php';
    $userid = user_register(3, $val['password'], $val['member_type'], $val['email'], $val['mobile'], $uc_reg = true);
    if ($userid > 0) {
        $time = time();
        $db->query("UPDATE " . table('members') . " SET taobao_access_token = '{$_SESSION['taobao_access_token']}', taobao_nick = '{$val['username']}',taobao_binding_time='{$time}'  WHERE uid='{$userid}' AND taobao_access_token='' LIMIT 1");
        unset($_SESSION["taobao_access_token"]);
        unset($_SESSION["taobao_nickname"]);
        update_user_info($userid);
        $userurl = get_member_url($val['member_type']);
        header("Location:{$userurl}");
    } else {
        unset($_SESSION["taobao_access_token"]);
        unset($_SESSION["taobao_nickname"]);
        require_once QISHI_ROOT_PATH . 'include/tpl.inc.php';
        $link[0]['text'] = "返回首页";
        $link[0]['href'] = "{$_CFG['site_dir']}";
        showmsg('注册失败!', 0, $link);
    }
}
Beispiel #23
0
/*
 * 74cms 支付响应页面
 * ============================================================================
 * 版权所有: 骑士网络,并保留所有权利。
 * 网站地址: http://www.74cms.com;
 * ----------------------------------------------------------------------------
 * 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和
 * 使用;不允许对程序代码以任何形式任何目的的再发布。
 * ============================================================================
*/
define('IN_QISHI', true);
require_once dirname(__FILE__) . '/../common.inc.php';
require_once QISHI_ROOT_PATH . 'include/mysql.class.php';
$db = new mysql($dbhost, $dbuser, $dbpass, $dbname);
$funtype = array('1' => 'include/fun_company.php');
require_once QISHI_ROOT_PATH . $funtype[$_SESSION['utype']];
require_once QISHI_ROOT_PATH . "include/payment/alipay.php";
if (respond()) {
    $orderurl = array('1' => 'company_service.php?act=order_list');
    $link[0]['text'] = "查看订单";
    $link[0]['href'] = get_member_url($_SESSION['utype'], true) . $orderurl[$_SESSION['utype']];
    $link[1]['text'] = "会员中心";
    $link[1]['href'] = url_rewrite('QS_login');
    $link[2]['text'] = "网站首页";
    $link[2]['href'] = $_CFG['site_dir'];
    showmsg("付款成功!", 2, $link, false);
} else {
    $link[0]['text'] = "会员中心";
    $link[0]['href'] = get_member_url($_SESSION['utype']);
    showmsg("付款失败!请联系网站管理员", 0, $link);
}
Beispiel #24
0
<?php

!defined('P_W') && exit('Forbidden');
define('AJAX', 1);
S::gp(array('stopic_id', 'category_id', 'is_cover'), null, 2);
S::gp(array('block_config', 'stopic_title', 'file_name'));
$file_name = trim($file_name);
if ('' == $file_name) {
    $file_name = $stopic_id;
}
if (!$stopic_id || !$category_id) {
    showmsg('undefined_error');
}
$stopic_data = $stopic_service->getSTopicInfoById($stopic_id);
if (empty($stopic_data)) {
    showmsg('undefined_error');
}
if (!stopic_check_file_name($file_name)) {
    Showmsg('文件名格式错误,只允许英文字母、数字、“-”和“_”', $basename . "&job=stman");
}
$old_file_name = $stopic_data['file_name'];
if ('' == $old_file_name) {
    $old_file_name = $stopic_id;
}
$is_conflict = false;
if ($file_name != $old_file_name || $stopic_service->isFileUsed($stopic_id, $file_name)) {
    if (file_exists($stopic_service->getStopicDir($stopic_id, $file_name))) {
        $is_conflict = true;
    }
}
if ($is_conflict && !$is_cover) {
Beispiel #25
0
    if (!$postdb[adminurl] || !$postdb[class2]) {
        $postdb[class1] = $postdb[class2] = '';
    }
    $db->query("INSERT INTO `{$pre}hack` ( `keywords` , `name` , `isclose` , `author` , `config` , `htmlcode` , `hackfile` , `hacksqltable` , `about`,`adminurl`,`class1`,`class2`,`list`,`linkname` ) VALUES ('{$postdb['keywords']}','{$postdb['name']}','{$postdb['isclose']}','{$postdb['author']}','{$postdb['config']}','{$postdb['htmlcode']}','{$postdb['hackfile']}','{$postdb['hacksqltable']}','{$postdb['about']}','{$postdb['adminurl']}','{$postdb['class1']}','{$postdb['class2']}','{$postdb['list']}','{$postdb['linkname']}')");
    write_hackmenu_cache();
    jump("安装成功,你还需要添加后台管理权限,否则无权管理", "index.php?lfj=group&job=admin_gr&gid=3", 10);
} elseif ($job == 'edit' && $Apower[hack_list]) {
    require "menu.php";
    $rsdb = $db->get_one("SELECT * FROM {$pre}hack WHERE keywords='{$keywords}' ");
    require dirname(__FILE__) . "/" . "head.php";
    require dirname(__FILE__) . "/" . "template/hack/edit.htm";
    require dirname(__FILE__) . "/" . "foot.php";
} elseif ($action == 'edit' && $Apower[hack_list]) {
    $rs = $db->get_one("SELECT * FROM {$pre}hack WHERE `name`='{$postdb['name']}' AND keywords!='{$keywords}'");
    if ($rs) {
        showmsg("名称已经存在了.不能重复");
    }
    if (!$postdb[adminurl] || !$postdb[class2]) {
        $postdb[class1] = $postdb[class2] = '';
    }
    $db->query("UPDATE `{$pre}hack` SET name='{$postdb['name']}',hackfile='{$postdb['hackfile']}',hacksqltable='{$postdb['hacksqltable']}',about='{$postdb['about']}',adminurl='{$postdb['adminurl']}',class1='{$postdb['class1']}',class2='{$postdb['class2']}',list='{$postdb['list']}',linkname='{$postdb['linkname']}' WHERE keywords='{$keywords}'");
    write_hackmenu_cache();
    jump("修改成功", $FROMURL, 1);
} elseif ($action == 'delete' && $Apower[hack_list]) {
    $rsdb = $db->get_one("SELECT * FROM {$pre}hack WHERE keywords='{$keywords}' ");
    $db->query("DELETE FROM {$pre}hack WHERE keywords='{$keywords}'");
    $detail = explode("\r\n", $rsdb[hackfile]);
    foreach ($detail as $key => $value) {
        if ($value) {
            del_file(ROOT_PATH . $value);
        }
Beispiel #26
0
}
if ($action == 'save') {
    if ($s_name == '') {
        ShowMsg('请输入职工的姓名', '-1');
        exit;
    }
    $addsql = "update #@__staff set s_name='{$s_name}',s_address='{$s_address}',s_phone='{$s_phone}',s_part='{$s_part}',s_way='{$s_way}',s_money='{$s_money}',s_utype='{$s_utype}',s_duty='{$s_duty}' where id='{$id}'";
    $message = "修改公司职工" . $s_name . "资料成功";
    $loginip = getip();
    $logindate = getdatetimemk(time());
    $username = str_replace($cfg_cookie_encode, '', $_COOKIE["VioomaUserID"]);
    $asql = new Dedesql(false);
    $asql->ExecuteNoneQuery($addsql);
    $asql->ExecuteNoneQuery("insert into #@__recordline(message,date,ip,userid) values('{$message}','{$logindate}','{$loginip}','{$username}')");
    $asql->close();
    showmsg('成功修改了职工的资料', 'system_worker.php');
    exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<link href="style/main.css" rel="stylesheet" type="text/css" />
<title><?php 
echo $cfg_softname;
?>
职工管理</title>
<script language="javascript">
function cway(value){
if(value==0)
Beispiel #27
0
    }
    if ($opuser == 1) {
        echo '<form action="index.php" method="get"><input type="hidden" name="mod" value="list"><input type="hidden" name="sys" value="' . $sysid . '"><input type="hidden" name="user" value="' . $gl . '"><input type="text" name="page" value="' . $page . '"><br><input type="submit" value="跳转"></form>';
    } else {
        echo '<form action="index.php" method="get"><input type="hidden" name="mod" value="list"><input type="hidden" name="sys" value="' . $sysid . '"><input type="text" name="page" value="' . $page . '"><br><input type="submit" value="跳转"></form>';
    }
    echo '</div>';
    #分页
    echo '<div class="w h">运行日志:&nbsp&nbsp<a href="all.php">详细>></a></div><div class="box">系统共有' . $zongs . '条任务<br>系统累计运行了' . $info['times'] . '次<br>上次运行:' . $info['last'] . '<br>当前时间:' . $date . '</div>';
    if (function_exists(sys_getloadavg)) {
        $arr = sys_getloadavg();
        echo '<div class="w h">系统负载:</div>';
        $f = sys_getloadavg();
        echo '<div class="box">';
        echo "1min:{$f[0]}";
        echo "|5min:{$f[1]}";
        echo "|15min:{$f[2]}";
        echo '</div>';
    }
} else {
    showmsg('登录失败,可能是密码错误或者身份失效了,请<a href="index.php?mod=login">重新登录</a>!', 3);
}
echo '<div class="copy"><a href="index.php">返回首页</a>-<a href="index.php?mod=help">功能介绍</a>';
include ROOT . 'includes/foot.php';
echo '</div>';
if ($conf['sjyl'] == 1) {
    $txt = file(ROOT . 'includes/content/content.db');
    shuffle($txt);
    echo "{$txt['0']}";
}
echo '</body></html>';
Beispiel #28
0
        if ($dtime - $tptim > $row['mailtime']) {
            $db->executenonequery("DELETE FROM `#@__pwd_tmp` WHERE `md` = '{$id}';");
            ShowMsg("对不起,临时密码修改期限已过期", "login.php");
            exit;
        }
        require_once dirname(__FILE__) . "/templets/resetpassword2.htm";
    } elseif ($setp == 2) {
        if (isset($key)) {
            $pwdtmp = $key;
        }
        $sn = md5(trim($pwdtmp));
        if ($row['pwd'] == $sn) {
            if ($pwd != "") {
                if ($pwd == $pwdok) {
                    $pwdok = md5($pwdok);
                    $sql = "DELETE FROM `#@__pwd_tmp` WHERE `mid` = '{$id}';";
                    $db->executenonequery($sql);
                    $sql = "UPDATE `#@__member` SET `pwd` = '{$pwdok}' WHERE `mid` = '{$id}';";
                    if ($db->executenonequery($sql)) {
                        showmsg('更改密码成功,请牢记新密码', 'login.php');
                        exit;
                    }
                }
            }
            showmsg('对不起,新密码为空或填写不一致', '-1');
            exit;
        }
        showmsg('对不起,临时密码错误', '-1');
        exit;
    }
}
Beispiel #29
0
                    if ($dsql->ExecuteNoneQuery($inquery)) {
                        $inquery = "UPDATE `#@__member` SET money=money-{$needMoney} WHERE mid='" . $cfg_ml->M_ID . "'";
                        if (!$dsql->ExecuteNoneQuery($inquery)) {
                            showmsg('购买失败, 请返回', -1);
                            exit;
                        }
                        #api{{
                        if (defined('UC_APPID')) {
                            include_once DEDEROOT . '/api/uc.func.php';
                            $row = $dsql->GetOne("SELECT `scores`,`userid` FROM `#@__member` WHERE `mid`='" . $cfg_ml->M_ID . "'");
                            uc_credit_note($row['userid'], -$needMoney, 'money');
                        }
                        #/aip}}
                        showmsg('购买成功,购买扣点不会重扣金币,谢谢!', '/plus/view.php?aid=' . $aid);
                        exit;
                    } else {
                        showmsg('购买失败, 请返回', -1);
                        exit;
                    }
                }
                $msgtitle = "扣金币购买阅读!";
                $moremsg = "阅读该文档内容需要付费!<br>这篇文档需要 <font color='red'>" . $needMoney . " 金币</font> 才能访问,你目前拥有金币 <font color='red'>" . $cfg_ml->M_Money . " </font>个!<br>确认阅读请点 [<a href='/plus/view.php?aid=" . $aid . "&dopost=buy' target='_blank'>确认付点阅读</a>]";
                include_once $cfg_basedir . $cfg_templets_dir . "/plus/view_msg.htm";
                $arc->Close();
                exit;
            }
        }
    }
    //金币处理付处理
}
$arc->Display();
Beispiel #30
0
        $url = "https://graph.qq.com/user/get_user_info?access_token=" . $access_token . "&oauth_consumer_key={$_CFG['qq_appid']}&openid=" . $_SESSION["openid"];
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        $output = curl_exec($ch);
        curl_close($ch);
        $jsoninfo = json_decode($output, true);
        $nickname = iconv("utf-8", "gbk", $jsoninfo["nickname"]);
        $time = time();
        $db->query("UPDATE " . table('members') . " SET qq_openid = '{$_SESSION[openid]}', qq_nick = '{$nickname}', qq_binding_time = '{$time}' WHERE uid='" . $_SESSION['uid'] . "' AND qq_openid='' LIMIT 1");
        $link[0]['text'] = "进入会员中心";
        $link[0]['href'] = get_member_url($_SESSION['utype']);
        $_SESSION['uqqid'] = $_SESSION['openid'];
        showmsg('绑定QQ帐号成功!', 2, $link);
    }
}
function get_url_contents($url)
{
    if (ini_get("allow_url_fopen") == "1") {
        return file_get_contents($url);
    } elseif (function_exists(curl_init)) {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
        curl_setopt($ch, CURLOPT_URL, $url);
        $result = curl_exec($ch);
        curl_close($ch);
        return $result;
    } else {
        exit("请把allow_url_fopen设为On或打开CURL扩展");