public function ssologin()
 {
     $auth = mod_login::instance();
     if ($auth->is_login()) {
         $this->frame();
     }
     $sign = $_GET['sign'];
     if (!$sign) {
         header("Location: http://fladminsso.feiliu.com/?source=" . rawurlencode(BASE_URL . '?c=login&a=ssologin'));
     }
     $ret = ffile_get_contents("http://fladminsso.feiliu.com/client/check/{$sign}");
     $retinfo = json_decode($ret, 1);
     if ($retinfo['code'] == 0) {
         $retuinfo = $retinfo['userinfo'];
         $userdata['username'] = $retuinfo['login_name'];
         $userdata['password'] = $retuinfo['password'];
         if ($auth->authenticate($userdata, 'sso')) {
             mod_member::loginhistory(USERNAME);
             header("Location: " . BASE_URL);
             exit;
         }
     } else {
         header("Location: http://fladminsso.feiliu.com/?source=" . rawurlencode(BASE_URL . '?c=login&a=ssologin'));
         exit;
     }
 }
 public function answerlist()
 {
     if ($_POST['rquestion']) {
         $data['qid'] = $_POST['qid'];
         $data['content'] = $_POST['reply'];
         $data['create_time'] = time();
         $data['creater_id'] = ADMINUSERID;
         $data['reply_type'] = 'operation';
         pm_db::tran_query("BEGIN");
         $id = pm_db::insert('crm_answer', $data, 'tran');
         $reply['operation'] = 2;
         //运营已回复
         $status = pm_db::update('crm_question', $reply, "question_id = '{$_POST['qid']}'", 'tran');
         if ($id && $status) {
             pm_db::tran_query("COMMIT");
             mod_login::message('回复成功');
         } else {
             pm_db::tran_query("ROLLBACK");
             mod_login::message('回复失败');
         }
         pm_db::tran_query("END");
         exit;
     }
     $qid = $_GET['qid'];
     $info = mod_crmmanage::getqbyid($qid);
     $memberinfo = mod_member::get_oneamdinbyuser_id($info['create_id']);
     $proinfo = mod_product::get_one_product($info['game_id']);
     $serinfo = mod_crmmanage::getserverbyid($info['server_id']);
     $info['truename'] = $memberinfo['truename'];
     $info['pname'] = $proinfo['pname'];
     $info['server_name'] = $serinfo['server_name'];
     $tlist = mod_crmmanage::getqtype();
     $alist = mod_crmmanage::getanswerlist($qid);
     $userlist = mod_crmmanage::getusername();
     if ($alist) {
         foreach ($alist as &$value) {
             if ($value['reply_type'] != 'customer') {
                 foreach ($userlist as $val) {
                     if ($val['user_id'] == $value['creater_id']) {
                         $value['username'] = $val['user_name'];
                     }
                 }
             }
         }
     }
     pm_tpl::assign("tlist", $tlist);
     pm_tpl::assign("alist", $alist);
     pm_tpl::assign("info", $info);
     pm_tpl::assign("ur_here", "回复列表");
     pm_tpl::assign('action_link', array('href' => '?c=crmoper&a=index', 'text' => '问题列表'));
     pm_tpl::display('crmoper_answerlist');
 }
 public function getpwd()
 {
     $post = $_POST;
     if ($post['submit']) {
         try {
             $username = $post['name'];
             $email = $post['mail'];
             mod_member::getpwd($username, $email);
             mod_login::message('密码已发至您的邮箱,敬请查收', '?c=login');
         } catch (Exception $e) {
             mod_login::message($e->getMessage());
         }
     } else {
         pm_tpl::display('getpwd');
     }
 }
 public function delmember()
 {
     $user_id = $this->_get['id'];
     if (ADMINUSERID != 1) {
         make_json_error('对不起,您无权删除其他管理员');
     }
     if ($user_id == ADMINUSERID) {
         make_json_error('您不能删除自己');
     }
     if ($user_id) {
         mod_member::member_delete($user_id);
         $list = mod_member::member_list($start, $level, 20);
         pm_tpl::assign('admin_list', $list['data']);
         make_json_result(pm_tpl::fetch('member_list'));
     } else {
         make_json_error('删除失败');
     }
 }
 public function sendmsgtouser()
 {
     $username = $_GET['username'];
     if (!$username) {
         mod_login::message('请选择要发送的对象');
     }
     $uinfo = mod_member::get_oneamdinbyusername($username);
     if ($_POST['submit']) {
         $post = $_POST;
         $data = array();
         $data['content'] = $post['content'];
         $data['touser'] = $post['username'];
         $data['addtime'] = time();
         mod_pmsys::sendmsg($data);
         mod_login::message('发送消息成功', '?c=member&a=member_list');
     } else {
         pm_tpl::assign('user', $uinfo);
         pm_tpl::assign('ur_here', '权限管理 - 发送消息');
         pm_tpl::display('pmsys_sendmsgtouser');
     }
 }
 public static function get_sec_thrid_menu()
 {
     $get = $_GET;
     $user_id = ADMINUSERID;
     $usermenu = mod_member::get_user_menu($user_id);
     $menu = array();
     $query = pm_db::query("SELECT * FROM pm_menu WHERE level=1 AND is_show=1 AND menu_id='{$get['menu_id']}' AND status=1");
     while ($row = pm_db::fetch_one($query)) {
         $secondmenu = array();
         $query1 = pm_db::query("SELECT menu_id,menu_name FROM pm_menu WHERE level=2 AND parent_id='{$row['menu_id']}' AND is_show=1 AND status=1");
         while ($row1 = pm_db::fetch_one($query1)) {
             $thirdmenu = array();
             $query2 = pm_db::query("SELECT menu_id,menu_name,act_url,actioncode FROM pm_menu WHERE level=3 AND parent_id='{$row1['menu_id']}' AND is_show=1 AND status=1 order by sort desc");
             while ($row2 = pm_db::fetch_one($query2)) {
                 $menu[$row1['menu_id']]['f'] = $row1;
                 $menu[$row1['menu_id']]['s'][] = $row2;
             }
         }
     }
     return $menu;
 }
 public function authenticate($data, $type = null)
 {
     $timestamp = time();
     //当前时间戳
     $admin_recordfile = PATH_ADMIN . "/data/log/admin_log.php";
     //用户登录log记录文件
     $F_count = F_L_count($admin_recordfile, 2000);
     $L_T = 3600 - ($timestamp - @filemtime($admin_recordfile));
     //20分钟内
     $L_left = 15 - $F_count;
     if ($F_count > 1500000000 && $L_T > 0) {
         // 登录失败次数过多检测
         throw new Exception("连续登陆错误超过15次,请20分钟后再试.");
     }
     $s = new mod_captcha(PATH_ADMIN . '/data/captcha/');
     $s->session_word = 'flpm_login';
     $username = trim(array_var($data, "username"));
     $password = trim(array_var($data, "password"));
     $captcha = trim(array_var($data, "captcha"));
     $logintype = trim(array_var($data, "logintype"));
     $cpuinfo = mod_member::get_oneamdinbyusername($username);
     if (in_array($cpuinfo['level'], array(8, 9))) {
         $logintype = 1;
     }
     $password = $password;
     if (VERIFY_CODE == 1 && $type == null) {
         if ($captcha == '') {
             self::log_error_login($username, $password);
             throw new Exception('请输入验证码!');
         } else {
             if ($logintype != 3) {
                 if (!$s->check_word($captcha)) {
                     throw new Exception('请输入正确的验证码!');
                 }
             }
         }
     }
     if ($type == 'sso') {
         $logintype = 2;
     }
     if ($logintype == 1) {
         $username = $username;
         $password = $password;
         if (!in_array($cpuinfo['level'], array(8, 9))) {
             throw new Exception('不允许此方式登录!');
         }
     } elseif ($logintype == 2) {
         $bossuser = mod_oracle::bossuser($username);
         $bossuser = $bossuser[0];
         if ($type == null) {
             if (md5($password) != $bossuser['PASSWORD']) {
                 throw new Exception('密码不正确!');
             }
         } else {
             if ($password != $bossuser['PASSWORD']) {
                 throw new Exception('密码不正确!');
             }
         }
         $bossname = $bossuser['LOGIN_NAME'];
         $vid = mod_member::getnamebybossname($bossname);
         if (!$vid) {
             $localuserinfo = mod_member::get_oneamdinbyusername($bossname);
             if (!$localuserinfo) {
                 $addname = $bossname;
                 $addtruename = $bossuser['NAME'];
                 $addpassword = '******';
                 $addemail = $bossuser['EMAIL'];
                 $addadminlevel = '2';
                 $user_id = mod_member::member_add($addname, $addtruename, $addpassword, $addemail, $addadminlevel);
                 $adddata['bossname'] = $bossuser['LOGIN_NAME'];
                 mod_member::addbossuser($adddata, $user_id);
                 $addright = mod_member::get_right('1');
                 mod_member::saverights($addright, $addname);
                 $addsubject = '飞流九天产品后台账户创建通知';
                 $mailtxt = mailtxt($addname, $addpassword, $addemail);
                 //$addemail && @mod_mail::send($addemail,$addname,$addsubject,$mailtxt,'html');
                 $username = $addname;
                 $password = md5($addpassword);
             } else {
                 $data = array();
                 $data['bossname'] = $bossname;
                 mod_member::addbossuser($data, $localuserinfo['user_id']);
                 $username = $localuserinfo['name'];
                 $password = md5($localuserinfo['password']);
             }
         } else {
             $username = $vid['user_name'];
             $password = $vid['password'];
             $user_id = $vid['user_id'];
         }
     } elseif ($logintype == 3) {
         $bossuser = mod_oracle::bossuser($username);
         $bossuser = $bossuser[0];
         if ($username != $bossuser['LOGIN_NAME']) {
             return false;
         }
         if ($password != $bossuser['PASSWORD']) {
             return false;
         }
     }
     if (self::verify_login_in($username, $password, $logintype)) {
         $auth_key = self::get_user_agent();
         if ($logintype == 1) {
             $auth_password = md5($password);
         } elseif ($logintype == 2) {
             $auth_password = $password;
         }
         $auth_username = $username;
         self::update_login($user_id);
         $cookie_value = authcode($auth_username . ':' . $auth_key . ':' . $auth_password, $operation = 'ENCODE');
         $cookie_expire = time() + 7200;
         //20分钟
         $cook_pre = AUTH_KEY . '_admin_auth';
         $_COOKIE[$cook_pre] = $cookie_value;
         setcookie(AUTH_KEY . '_admin_auth', $cookie_value, $cookie_expire, PATH_COOKIE);
         return true;
     }
 }
 public static function menulistbypandr()
 {
     $product_id = mod_product::get_cur_pid();
     $sql_1 = "SELECT a.* FROM iosadm_menu a left JOIN iosadm_menu_product b on(a.menu_id=b.menu_id) WHERE  b.product_id={$product_id}  and  a.status=1";
     $sql_1 .= " ORDER BY a.status DESC, a.is_show DESC, a.sort ASC";
     $list = pm_db::fetch_all(pm_db::query($sql_1));
     if (!$list) {
         return null;
     }
     if (ADMINLEVEL == 1) {
         return self::getparents($list);
     } else {
         $usermenu = mod_member::get_user_menus(ADMINUSERID);
         //权限菜单
         foreach ($list as $value) {
             foreach ($usermenu as $val) {
                 if ($value['menu_id'] == $val['menu_id']) {
                     $com[] = $val;
                 }
             }
         }
         if (!$com) {
             return null;
         }
         return self::getparents($com);
     }
 }
 public function answerlist()
 {
     if ($_POST['rquestion']) {
         if (ADMINUSERID == 249) {
             dump($_POST);
             exit;
         }
         $data['qid'] = $_POST['qid'];
         $data['content'] = $_POST['reply'];
         $data['create_time'] = time();
         $data['creater_id'] = ADMINUSERID;
         $data['reply_type'] = 'cus_server';
         pm_db::tran_query("BEGIN");
         $id = pm_db::insert('crm_answer', $data, 'tran');
         $reply['lastreply_id'] = ADMINUSERID;
         $reply['lastreply_time'] = time();
         if (isset($_POST['to_server']) && !empty($_POST['to_server'])) {
             if ($_POST['operation'] == 0 && $_POST['status'] == 'untreated') {
                 $reply['operation'] = 3;
             }
         } else {
             if ($_POST['operation'] == 3) {
                 $reply['operation'] = 0;
             }
             $reply['status'] = 'processed';
         }
         $status = pm_db::update('crm_question', $reply, "question_id = '{$_POST['qid']}'", 'tran');
         if ($id && $status) {
             pm_db::tran_query("COMMIT");
             mod_login::message('回复成功');
         } else {
             pm_db::tran_query("ROLLBACK");
             mod_login::message('回复失败');
         }
         pm_db::tran_query("END");
         exit;
     }
     if ($_POST['tooperation']) {
         $data['operation'] = 1;
         $data['status'] = 'untreated';
         $status = pm_db::update('crm_question', $data, "question_id = '{$_POST['qid']}'");
         if ($status) {
             mod_login::message('转交成功!');
         } else {
             mod_login::message('转交失败!');
         }
         exit;
     }
     if ($_POST['cquestion']) {
         $data['status'] = 'closed';
         $data['operation'] = 0;
         $status = pm_db::update('crm_question', $data, "question_id = '{$_POST['qid']}'");
         if ($status) {
             mod_login::message('问题关闭成功!');
         } else {
             mod_login::message('问题关闭失败!');
         }
         exit;
     }
     $qid = $_GET['qid'];
     $info = mod_crmmanage::getqbyid($qid);
     $memberinfo = mod_member::get_oneamdinbyuser_id($info['create_id']);
     $admin_info = mod_member::get_oneamdinbyuser_id(ADMINUSERID);
     $proinfo = mod_product::get_one_product($info['game_id']);
     $serinfo = mod_crmmanage::getserverbyid($info['server_id']);
     $info['truename'] = $memberinfo['truename'];
     $info['pname'] = $proinfo['pname'];
     $info['server_name'] = $serinfo['server_name'];
     $info['is_right'] = strpos($admin_info['rights'], 'custom-question');
     $tlist = mod_crmmanage::getqtype();
     $alist = mod_crmmanage::getanswerlist($qid);
     $userlist = mod_crmmanage::getusername();
     if ($alist) {
         foreach ($alist as &$value) {
             if ($value['reply_type'] != 'customer') {
                 foreach ($userlist as $val) {
                     if ($val['user_id'] == $value['creater_id']) {
                         $value['username'] = $val['user_name'];
                     }
                 }
             }
         }
     }
     pm_tpl::assign("tlist", $tlist);
     pm_tpl::assign("alist", $alist);
     pm_tpl::assign("info", $info);
     pm_tpl::assign("ur_here", "回复列表");
     pm_tpl::assign('action_link', array('href' => '?c=crmmanage&a=index', 'text' => '问题列表'));
     pm_tpl::display('crmmanage_answerlist');
 }
 public function insert()
 {
     $uid = $_GET['user_id'];
     if (mod_member::dealdata($uid)) {
         mod_login::message('入库成功');
     }
 }