<?php define('ROOT_PATH', str_replace("\\", "/", realpath(dirname(__FILE__) . "/../"))); require ROOT_PATH . "/include/config.php"; require ROOT_PATH . "/include/parameter.php"; require ROOT_PATH . "/source/function/global.php"; require ROOT_PATH . "/source/function/web.php"; require ROOT_PATH . "/source/function/admin.php"; require ROOT_PATH . "/source/class/abstract.class.php"; require ROOT_PATH . "/source/class/mystep.class.php"; header("Expires: -1"); header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0", false); header("Pragma: no-cache"); $mystep = new MyStep(); $mystep->getLanguage(dirname(__FILE__) . "/language/"); $mystep->pageStart(); $db->Reconnect(true, $setting['db']['name']); $setting['gen']['minify'] = false; $usergroup = $req->getSession("usergroup"); if ($usergroup === 0) { $goto_url = "../"; $mystep->pageEnd(false); } $group = getParaInfo("user_group", "group_id", $usergroup); if ($setting['info']['self'] == "login.php") { $method = $req->getServer("QUERY_STRING"); if (!empty($group['power_func']) && $method != "logout") { $goto_url = "./index.php"; $mystep->pageEnd(false); } } else {
<?php define('ROOT_PATH', str_replace("\\", "/", realpath(dirname(__FILE__) . "/../../"))); require ROOT_PATH . "/include/config.php"; require ROOT_PATH . "/include/parameter.php"; include ROOT_PATH . "/source/function/etag.php"; require ROOT_PATH . "/source/function/global.php"; require ROOT_PATH . "/source/function/web.php"; require ROOT_PATH . "/source/function/admin.php"; require ROOT_PATH . "/source/class/abstract.class.php"; require ROOT_PATH . "/source/class/mystep.class.php"; $mystep = new MyStep(); $mystep->getLanguage(dirname(ROOT_PATH . $_SERVER['PHP_SELF']) . "/language/"); $mystep->pageStart(true); $db->Reconnect(true, $setting['db']['name']); $method = $req->getGet("method"); if (empty($method)) { $method = "list"; } $mid = $req->getReq("mid"); $id = $req->getReq("id"); $field = $req->getReq("f"); if (empty($field) || empty($id)) { header("HTTP/1.0 404 Not Found"); $db->close(); unset($db, $req); exit; } if ($data = $db->result($setting['db']['pre'] . "custom_form_" . $mid, $field, array("id", "n=", $id))) { $data = explode("::", $data); $the_file = dirname(__FILE__) . "/setting/" . $mid . "/" . $data[2];
exit; } $id = intval($id); define('ROOT_PATH', str_replace("\\", "/", realpath(dirname(__FILE__) . "/../"))); include ROOT_PATH . "/include/config.php"; if ($setting['web']['close'] && !isset($_COOKIE['force'])) { header("HTTP/1.0 404 Not Found"); exit; } include ROOT_PATH . "/include/parameter.php"; include ROOT_PATH . "/source/function/global.php"; include ROOT_PATH . "/source/function/web.php"; include ROOT_PATH . "/source/class/abstract.class.php"; include ROOT_PATH . "/source/class/mystep.class.php"; $mystep = new MyStep(); $mystep->pageStart(false); ob_end_clean(); set_time_limit(1200); $sql = $db->buildSel(array(array("name" => $setting['db']['pre'] . "attachment", "idx" => "a", "col" => "*", "condition" => array("id", "n=", $id)), array("name" => $setting['db']['pre'] . "news_show", "idx" => "b", "col" => "view_lvl", "join" => "web_id,news_id"))); if ($record = getData($sql, "record", 1800)) { if ($record['view_lvl'] > $setting['info']['user']['type']['view_lvl']) { $db->close(); header("location: " . getUrl("read", $record['news_id'], 1, $record['web_id'])); exit; } if (strpos($record['file_type'], "image") === 0) { include ROOT_PATH . "/source/function/etag.php"; } $the_ext = "." . GetFileExt($record['file_name']); $the_path = ROOT_PATH . "/" . $setting['path']['upload'] . date("/Y/m/d", substr($record['file_time'], 0, 10)); $the_file = $record['file_time'] . substr(md5($record['file_size']), 0, 5);