public static function setUpBeforeClass()
{
parent::setUpBeforeClass();
SecurityTestHelper::createSuperAdmin();
$i = new I();
$i->iMember = 'iString1';
$i->name = 'd';
assert($i->save());
// Not Coding Standard
$i = new I();
$i->iMember = 'xString1';
$i->name = 'e';
assert($i->save());
// Not Coding Standard
$i = new I();
$i->iMember = 'yString1';
$i->name = 'f';
assert($i->save());
// Not Coding Standard
$j = new J();
$j->jMember = 'jString1';
$j->name = 'a';
assert($j->save());
// Not Coding Standard
$j = new J();
$j->jMember = 'xString1';
$j->name = 'b';
assert($j->save());
// Not Coding Standard
$j = new J();
$j->jMember = 'yString1';
$j->name = 'c';
assert($j->save());
// Not Coding Standard
$k = new K();
$k->kMember = 'kString1';
$k->name = 'g';
assert($k->save());
// Not Coding Standard
$k = new K();
$k->kMember = 'xString1';
$k->name = 'i';
assert($k->save());
// Not Coding Standard
$k = new K();
$k->kMember = 'yString1';
$k->name = 'h';
assert($k->save());
// Not Coding Standard
}
public function save($id)
{
$today = date('Y-m-d', __TIME);
if (!($id = (int) $id) && !($id = (int) $this->GP('id'))) {
$this->err->add('未指定要修改的内容ID', 211);
} else {
if (!($detail = K::M('activity/main')->detail($id))) {
$this->err->add('您要修改的内容不存在或已经操作成功', 212);
} elseif ($detail['reg_time'] < $today) {
$this->err->add('报名已经结束', 212);
} else {
if (!($data = $this->GP('data'))) {
$this->err->add('非法的数据提交', 201);
} else {
$data['uid'] = (int) $this->uid;
$data['activity_id'] = $id;
if (K::M('activity/sign')->create($data)) {
K::M('activity/main')->update_count($id, 'sign_num');
$obj = K::M('sms/sms');
$obj->send($data['mobile'], 'sms_activity_yezhu', array('name' => $data['cantact'] ? $data['cantact'] : '业主', 'mobile' => $data['mobile'], 'activity' => $detail['title']));
$obj->admin('sms_admin_activity', array('name' => $data['name'] ? $data['cantact'] : '业主', 'mobile' => $data['mobile'], 'activity' => $detail['title']));
$this->err->add('添加内容成功');
$this->err->set_data('forward', $this->mklink('activity:detail', array($id), array(), true));
}
}
}
}
}
public function help(&$params)
{
$data['cate_list'] = K::M('article/cate')->fetch_all();
$data['content_list'] = K::M('article/view')->items(array('from' => 'help', 'closed' => 0), array('article_id' => 'ASC'), 1, 50);
$params['tpl'] = 'help.html';
return $data;
}
/**
* 需要加载Widget.YDM.js挂件一起使用
*/
function smarty_function_area($params, $smarty)
{
$GUID = K::GUID(microtime());
$YMD = $params['YMD'] ? $params['YMD'] : date('Y-n-j');
list($Y, $M, $D) = explode('-', $YMD);
$Y = isset($params['Y']) ? isset($params['Y']) : $Y;
$M = isset($params['M']) ? isset($params['M']) : $M;
$D = isset($params['D']) ? isset($params['D']) : $D;
$start = $params['start'] ? $params['start_year'] : 1970;
$end = $params['end'] ? $params['end_year'] : date('Y');
$name = $params['name'] ? $params['name'] : 'YMD';
$yy = $mm = $dd = '';
$yy .= '<select name="' . $name . '[Y]" Y="' . $Y . '">';
for ($i = $start; $i <= $end; $i++) {
$yy .= '<option value="' . $i . '">' . $i . '</option>';
}
$yy .= '</select>';
$mm .= '<select name="' . $name . '[M]" M="' . $M . '">';
for ($i = 1; $i <= 12; $i++) {
$mm .= '<option value="' . $i . '">' . $i . '</option>';
}
$mm .= '</select>';
$dd .= '<select name="' . $name . '[D]" D="' . $D . '">';
for ($i = 1; $i <= 31; $i++) {
$dd .= '<option value="' . $i . '">' . $i . '</option>';
}
$dd .= '</select>';
$html = "<span id='{$GUID}''>{$yy}年{$mm}月{$dd}日</span>";
$html .= "<script>(function(T, \$){Widget.YMD.init('#{$GUID}');})(window.TP, window.jQuery);</script>";
return $html;
}
function smarty_function_items($params, &$smarty)
{
if (!$params['mdl']) {
return false;
}
$filter = $orderby = array();
foreach ($params as $k => $v) {
if (substr($k, 0, 7) == 'filter_') {
$filter[substr($k, 7)] = $v;
} else {
if (substr($k, 0, 8) == 'orderby_') {
$orderby[substr($k, 8)] = $v;
}
}
}
$limit = $params['limit'] ? $params['limit'] : 10;
if ($params['cache']) {
$ttl = $params['ttl'] ? (int) $params['ttl'] : 3600;
$key = 'smarty-items-' . $params['cache'];
if (!($items = K::$system->cache->get($key, $ttl))) {
$items = K::M($params['mdl'])->items($filter, $orderby, 1, $limit);
K::$system->cache->set($key, $items, $ttl);
}
} else {
$items = K::M($params['mdl'])->items($filter, $orderby, 1, $limit);
}
$smarty->assign($params['name'], $items);
}
public function edit($tracking_id = null)
{
if (!($tracking_id = (int) $tracking_id) && !($tracking_id = $this->GP('tracking_id'))) {
$this->err->add('未指定要修改的内容ID', 211);
} else {
if (!($detail = K::M('tenders/tracking')->detail($tracking_id))) {
$this->err->add('您要修改的内容不存在或已经删除', 212);
} else {
if ($this->checksubmit('data')) {
if (!($data = $this->GP('data'))) {
$this->err->add('非法的数据提交', 201);
} else {
$data['reply_time'] = __TIME;
if (K::M('tenders/tracking')->update($tracking_id, $data)) {
$this->err->add('修改内容成功');
}
}
} else {
$this->pagedata['tracking'] = K::M('tenders/tracking')->items(array('tracking_id' => $tracking_id), null, 1, 10, $count);
//获取id号
$pid = null;
foreach ($this->pagedata['tracking'] as $value) {
$pid = $value['tracking_id'];
}
//插入判断字段
$this->pagedata['pd'] = K::M('tenders/tracking')->update($pid, array('pd' => '0'));
$this->pagedata['detail'] = $detail;
$this->tmpl = 'admin:tenders/tracking/edit.html';
}
}
}
}
public function index()
{
$cfg = $this->system->config->get('site');
if (!$cfg['multi_city']) {
header('Location:index.php');
exit;
}
$city_list = K::M('data/city')->fetch_all();
$provinces_list = K::M('data/provinces')->items();
$py_list = array();
$citys = array();
foreach ($city_list as $k => $v) {
if ($v['pinyin']) {
$py = strtoupper(substr($v['pinyin'], 0, 1));
$py_list[$py][$k] = $v;
}
}
/*foreach($provinces_list as $k=>$v)
{
foreach($city_list as $k1=>$v1){
if($v1['provinces_id']=$v['id']){
$provinces_list[$k1]['city']=$v1;//要加三个key
}
}
}*/
ksort($py_list);
$this->pagedata['allcity'] = $city_list;
$this->pagedata['pycity'] = $py_list;
$this->pagedata['allprovinces'] = $provinces_list;
K::M('helper/seo')->init('city', array());
$this->tmpl = 'city.html';
}
public function export_begin($keys, $file)
{
K::M('dataio/file')->download($file . '-' . date('Ymd') . '.csv');
if ($keys) {
$this->export_rows(array($keys));
}
}
/**
* 更新会员头像
* @param $uid 用户UID
* @param $face 头像大图file文件路径
* @param $data 头像大图数据流{$face,$data,两选一即可}
*/
public function update_face($uid, $file = '', $data = null)
{
$cfg = K::$system->config->get('attach');
$D = $cfg['attachdir'];
$a = strtoupper(md5($uid));
$b = substr($a, 0, 3);
$face = "face/{$b}/180/{$a}.jpg";
$face_80 = "face/{$b}/80/{$a}.jpg";
$face_32 = "face/{$b}/32/{$a}.jpg";
if ($data !== null) {
if (preg_match("/\\<(\\?php|\\<\\? )/is", $data)) {
$this->err->add('不是安全的图片', 999);
return false;
}
K::M('io/dir')->create(dirname($D . $face));
if (!file_put_contents($D . $face, $data)) {
$this->err->add('保存图片数据失败', 501);
return false;
}
} else {
if ($file != $D . $face) {
if (!K::M('image/gd')->thumb($file, $D . $face, 180, 180, true)) {
$this->err->add('图片处理失败', 502);
return false;
}
}
}
$thumbs = array('80' => "{$D}{$face_80}", '32' => "{$D}{$face_32}");
K::M('image/gd')->thumbs($D . $face, $thumbs);
$a = array('face' => $face, 'face_80' => $face_80, 'face_32' => $face_32);
$this->db->update($this->_table, $a, "uid='{$uid}'");
//刷新用户缓存
return true;
}
public function detail($news_id = null)
{
if (!($news_id = (int) $news_id)) {
$this->error(404);
} else {
if (!($detail = K::M('shop/news')->detail($news_id))) {
$this->error(404);
} else {
if (empty($detail['audit'])) {
$this->err->add('内容还在审核中', 211);
} else {
$shop = $this->check_shop($detail['shop_id']);
if ($next = K::M('shop/news')->items(array('shop_id' => $detail['shop_id'], 'news_id' => '>:' . $news_id), array('news_id' => 'ASC'), 1, 1)) {
$pager['next'] = $next;
}
if ($next = K::M('shop/news')->items(array('shop_id' => $detail['shop_id'], 'news_id' => '<:' . $news_id), array('news_id' => 'DESC'), 1, 1)) {
$pager['next'] = $next;
}
$this->pagedata['pager'] = $pager;
$this->pagedata['detail'] = $detail;
$this->tmpl = 'shop/newsdetail.html';
$seo = $this->seo->set_shop($shop);
$seo['title'] = $detail['title'];
$this->seo->init('shop_news', $seo);
}
}
}
}
/**
* 需要加载Widget.YDM.js挂件一起使用
*/
function smarty_function_YMD($params, $smarty)
{
$GUID = K::GUID(microtime());
$class = $params['class'] ? ' ' . $params['class'] : '';
$YMD = $params['YMD'] ? $params['YMD'] : date('Y-n-j');
list($Y, $M, $D) = explode('-', $YMD);
$Y = isset($params['Y']) ? $params['Y'] : $Y;
$M = isset($params['M']) ? $params['M'] : $M;
$D = isset($params['D']) ? $params['D'] : $D;
$start = $params['start'] ? $params['start_year'] : 1970;
$end = $params['end'] ? $params['end_year'] : date('Y');
$name = $params['name'] ? $params['name'] : 'YMD';
$yy = $mm = $dd = '';
$yy .= '<select name="' . $name . '[Y]" Y="' . $Y . '" class="w-100' . $class . '">';
for ($i = $end; $i >= $start; $i--) {
$selected = $Y == $i ? ' selected="selected"' : '';
$yy .= '<option value="' . $i . '"' . $selected . '>' . $i . '</option>';
}
$yy .= '</select>';
$mm .= '<select name="' . $name . '[M]" M="' . $M . '" class="w-50' . $class . '">';
for ($i = 1; $i <= 12; $i++) {
$selected = $M == $i ? ' selected="selected"' : '';
$mm .= '<option value="' . $i . '"' . $selected . '>' . $i . '</option>';
}
$mm .= '</select>';
$dd .= '<select name="' . $name . '[D]" D="' . $D . '" class="w-50' . $class . '">';
for ($i = 1; $i <= 31; $i++) {
$selected = $D == $i ? ' selected="selected"' : '';
$dd .= '<option value="' . $i . '"' . $selected . '>' . $i . '</option>';
}
$dd .= '</select>';
$html = "<span id='{$GUID}'>{$yy} 年 {$mm} 月 {$dd} 日</span>";
$html .= "<script>(function(K, \$){Widget.YMD.init('#{$GUID}');})(window.KT, window.jQuery);</script>";
return $html;
}
public function edit($news_id = 0)
{
$this->check_company();
if (!($news_id = (int) $news_id) && !($news_id = (int) $this->GP('news_id'))) {
$this->err->add('未指定要修改的内容ID', 211);
} else {
if (!($detail = K::M('company/news')->detail($news_id))) {
$this->err->add('您要修改的内容不存在或已经删除', 212);
} elseif ($detail['company_id'] != $this->company['company_id']) {
$this->err->add('就是想侮辱我的智商么', 212);
} else {
if ($data = $this->checksubmit('data')) {
if (!($data = $this->check_fields($data, $this->_news_allow_fields))) {
$this->err->add('非法的数据提交', 201);
} else {
if (K::M('company/news')->update($news_id, $data)) {
$this->err->add('修改内容成功');
}
}
} else {
$this->pagedata['detail'] = $detail;
$this->tmpl = 'ucenter/news/edit.html';
}
}
}
}
public function create()
{
$this->check_company();
if (!($data = $this->GP('data'))) {
$this->err->add('非法的数据提交', 201);
} elseif (empty($data['username']) || empty($data['password'])) {
$this->err->add('非法的数据提交', 201);
} else {
if (!($member = K::M('member/view')->member($data['username'], 'uname'))) {
$this->err->add('用户名密码错误1', 201);
} elseif ($member['passwd'] != md5($data['password'])) {
$this->err->add('用户名密码错误2', 201);
} elseif ($member['from'] != 'designer') {
$this->err->add('用户名密码错误3', 201);
} elseif (!($designer = K::M('designer/designer')->detail($member['uid']))) {
$this->err->add('用户名密码错误4', 201);
} elseif (!empty($designer['company_id'])) {
$this->err->add('用户名密码错误5', 201);
} else {
if (K::M('designer/designer')->update($member['uid'], array('company_id' => $this->company['company_id']), true)) {
$this->err->add('操作成功');
} else {
$this->err->add('更新失败', 201);
}
}
}
}
public function download($coupon_id = null)
{
if (!($coupon_id = (int) $coupon_id) && !($coupon_id = (int) $this->GP('coupon_id'))) {
$this->error(404);
} else {
if (!($coupon = K::M('shop/coupon')->detail($coupon_id))) {
$this->error(404);
} else {
if (empty($coupon['audit'])) {
$this->err->add('优惠券审核中', 211);
} else {
if ($data = $this->checksubmit('data')) {
$shop = $this->check_shop($coupon['shop_id']);
if (K::M('shop/coupon')->download($coupon_id, $data['mobile'], $data['contact'])) {
$this->err->add('优惠券下载成功,短息会在2分钟内到达');
$this->system->cookie->set('LAST_Mobile', $data['mobile']);
$this->system->cookie->set('LAST_Contact', $data['contact']);
}
} else {
$shop = $this->check_shop($coupon['shop_id']);
if (!($mobile = $this->system->cookie->get('LAST_Mobile'))) {
$mobile = $this->MEMBER['mobile'];
}
$pager['mobile'] = $mobile;
if ($contact = $this->system->cookie->get('LAST_Contact')) {
$pager['contact'] = $contact;
}
$this->pagedata['pager'] = $pager;
$this->pagedata['coupon'] = $coupon;
$this->tmpl = 'view:coupon/download.html';
}
}
}
}
}
public function reply($comment_id = null)
{
$shop = $this->ucenter_shop();
if (!($comment_id = (int) $comment_id) && !($comment_id = (int) $this->GP('comment_id'))) {
$this->err->add('未定义操作', 211);
} else {
if (!($comment = K::M('shop/comment')->detail($comment_id))) {
$this->err->add('评论不存在或已经删除', 212);
} else {
if ($shop['shop_id'] != $comment['shop_id']) {
$this->err->add('你没有权限回复该评论', 212);
} else {
if ($reply_content = $this->checksubmit('reply_content')) {
if (K::M('shop/comment')->reply($comment_id, $reply_content)) {
$this->err->add('回复评论成功');
}
} else {
if ($uid = $comment['uid']) {
$this->pagedata['member'] = K::M('member/view')->detail($uid);
}
$this->pagedata['comment'] = $comment;
$this->tmpl = 'ucenter/shop/comment/reply.html';
}
}
}
}
}
public function yuyue()
{
if (!($mobile = $this->GP('mobile'))) {
$this->err->add('联系电话不正确', 211);
} else {
if (!($contact = $this->GP('contact'))) {
$this->err->add('联系人不正确', 212);
} else {
if (!($company_id = (int) $this->GP('company_id'))) {
$this->err->add('未指定要预约的公司', 213);
} else {
if (!K::M('verify/check')->mobile($mobile)) {
$this->err->add('手机号码不合法', 214);
} else {
$contact = K::M('content/html')->encode($contact);
$content = K::M('content/html')->encode($this->GP('content'));
$data = array('company_id' => $company_id, 'mobile' => $mobile, 'cantact' => $contact, 'content' => $content);
if (K::M('company/yuyue')->create($data, true)) {
$this->err->add('预约成功');
}
}
}
}
}
}
protected function _check($data, $ID = null)
{
if (isset($data['title']) || !$ID) {
if (empty($data['title'])) {
$this->err->add('导航菜单标题不能为空', 401);
return false;
}
}
if (isset($data['parent_id']) || !$ID) {
if ($pid = intval($data['parent_id'])) {
if (!($parent = K::M('module/view')->module($pid))) {
$this->err->add('指定的父级菜单不存在', 402);
return false;
} else {
if ($parent['module'] == 'module') {
$this->err->add('指定的父级菜不能为控制模型', 403);
return false;
}
}
$data['level'] = 2;
$data['module'] = 'menu';
$data['parent_id'] = $pid;
} else {
$data['level'] = 1;
$data['module'] = 'top';
$data['parent_id'] = 0;
}
}
if (isset($data['orderby'])) {
$data['orderby'] = intval($data['orderby']);
}
return parent::_check($data);
}
function smarty_function_widget($params, &$smarty)
{
if ($smarty->widgets_mdl === null) {
$smarty->widgets_mdl = K::M('system/widget');
}
return $smarty->widgets_mdl->load($params, $smarty);
}
public function index()
{
K::M('helper/seo')->init('mall', array());
$cate_list = K::M('shop/cate')->fetch_all();
$this->tmpl = 'mall/index.html';
$this->seo->init('mall');
}
function smarty_modifier_format($data, $format = null)
{
static $mdl = null;
if (!is_numeric($data)) {
return 'NULL';
} else {
if ($format == 'size') {
if ($mdl === null) {
$mdl = K::M('helper/format');
}
return $mdl->size($data);
} else {
if ($format == 'price') {
} else {
if ($format === null) {
if (!defined('IN_ADMIN')) {
if ($mdl === null) {
$mdl = K::M('helper/format');
}
return $mdl->time($data);
}
$format = "Y-m-d H:i:s";
} else {
if (strpos($format, '%') !== false) {
$format = str_replace(array('%D', '%T'), array('Y-m-d', 'H:i:s'), $format);
}
}
}
}
}
return date($format, $data);
}
protected function _check($data, $link_id = null)
{
$oHtml = K::M('content/html');
if (!$link_id || isset($data['title'])) {
if (empty($data['title'])) {
$this->err->add('友情连接标题不能为空', 451);
return false;
}
$data['title'] = $oHtml->encode($data['title']);
}
if (!$link_id || isset($data['link'])) {
if (empty($data['link'])) {
$this->err->add('友情连接不能为空', 451);
return false;
}
$data['link'] = $oHtml->encode($data['link']);
}
if (isset($data['logo'])) {
$data['logo'] = $oHtml->encode($data['logo']);
}
if (isset($data['desc'])) {
$data['desc'] = $oHtml->encode($data['desc']);
}
if (isset($data['city_ids'])) {
if (is_array($data['city_ids'])) {
$data['city_ids'] = implode(',', $data['city_ids']);
}
}
return parent::_check($data);
}
/**
* @return int
*/
public static function getTime()
{
if (K::app() instanceof K_Task) {
return time();
}
return $_SERVER['REQUEST_TIME'];
}
protected function _format_row($row)
{
if ($cate = K::M('shop/cate')->cate($row['cat_id'])) {
$row['cat_title'] = $cate['title'];
}
return $row;
}
public function fetch($widget, &$smarty)
{
$file = __CFG::DIR . "plugins/widgets/" . $widget['widget'] . '/widget.php';
if (!$widget['method']) {
$widget['method'] = 'index';
}
$wdt = K::W($widget['widget']);
$wdt->smarty =& $smarty;
if (!method_exists($wdt, $widget['method'])) {
$widget['act'] = $widget['method'];
$widget['method'] = 'index';
}
if (!($data = $wdt->{$widget}['method']($widget))) {
return '';
}
$smarty->assign('data', $data);
$widget['GUID'] = K::GUID('widget');
$smarty->assign('widget', $widget);
if (!$widget['tpl']) {
$widget['tpl'] = 'widget:/default/default.html';
}
if (strpos($widget['tpl'], ':') === false && strpos($widget['tpl'], '/') === false) {
$tmpl = "widget:{$widget['widget']}/{$widget['tpl']}";
} else {
$tmpl = $widget['tpl'];
}
return $smarty->fetch($tmpl);
}
public function upload($shop_id, $attach)
{
if (!UPLOAD_ERR_OK == $attach['error']) {
$this->err->add('上传文件失败', 201);
return false;
}
$cfg = K::$system->config->get('attach');
$B = 'product/' . date('Ym/', __CFG::TIME);
$D = $cfg['attachdir'] . $B;
if (!($F = K::M('helper/upload')->upload($attach, $D, $fname))) {
return false;
}
$data = array();
$data['shop_id'] = (int) $shop_id;
if (!($data['title'] = $attach['title'])) {
$data['title'] = preg_replace("/\\.(jpg|jpeg|png|gif|bmp)\$/i", '', $attach['name']);
}
$data['title'] = K::M('content/html')->encode($data['title']);
$data['photo'] = $B . $fname;
$data['photo'] = K::M('content/html')->encode($data['photo']);
$data['dateline'] = __CFG::TIME;
if ($banner_id = $this->db->insert($this->_table, $data, true)) {
$data['banner_id'] = $banner_id;
return $data;
}
return false;
}
protected function _run()
{
$this->admin = K::M('admin/auth');
if (!$this->admin->token()) {
exit('请先以管理员身份登录后台再进行安装, <a href="../admin/index.php" target="_blank">登录后台</a>');
}
$this->update();
}
public function export_begin($keys, $file)
{
K::M('dataio/file')->download($file . '-' . date('Ymd') . '.xls');
echo '<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><style>td{vnd.ms-excel.numberformat:@}</style></head>';
echo '<table width="100%" border="1">';
echo '<tr><th filter=all>' . implode('</th><th filter=all>', $keys) . "</th></tr>\r\n";
flush();
}
public function __construct(&$system)
{
parent::__construct($system);
$filter = K::M('content/filter');
self::$__GET = $filter->Addslashes($_GET);
self::$__POST = $filter->Addslashes($_POST);
self::$__COOKIE = K::M('system/cookie')->_COOKIE;
}
/**
* 敏感词替换
*/
function smarty_modifier_filter($content)
{
static $censor = null;
if ($censor === null) {
$censor = K::M('content/censor');
}
return $censor->filter($content);
}
public function __construct(&$system)
{
parent::__construct($system);
$system->config->ucenter();
if (!defined('UC_API')) {
K::M('system/logs')->error('Ucenter已经开启,但未能正确配置');
}
Import::L('uc_client/client.php');
}