function savegbform()
{
global $db;
$title = Html2Text($_POST["title"]);
$content = HtmlReplace($_POST["content"]);
$fileurl = HtmlReplace($_POST["fileurl"]);
$replyid = intval($_POST["replyid"]);
if (empty($title) || empty($content)) {
header("location:./");
exit;
} else {
$array = array('title' => $title, 'content' => $content, 'fileurl' => $fileurl, 'replyid' => $replyid, 'addtime' => time(), 'ip' => ip());
$db->insert("ve123_guestbook", $array);
header("location:./");
}
}
function savegbform()
{
global $db, $http_referer;
$title = Html2Text($_POST["title"]);
$content = HtmlReplace($_POST["content"]);
$fileurl = HtmlReplace($_POST["fileurl"]);
$replyid = intval($_POST["replyid"]);
if (empty($title) || empty($content)) {
header("location:" . $http_referer . "");
exit;
} else {
$array = array('title' => $title, 'content' => $content, 'fileurl' => $fileurl, 'replyid' => $replyid, 'addtime' => time(), 'ip' => ip());
$db->insert("kuaso_guestbook", $array);
$db->query("update kuaso_guestbook set reply_time='" . time() . "' where gid='" . $replyid . "'");
header("location:" . $http_referer . "");
}
}
function checklogin()
{
global $db;
$adminname = htmlspecialchars($_POST['adminname']);
$password = htmlspecialchars($_POST['password']);
$imagecode = trim(HtmlReplace($_POST['entered_imagecode']));
if ($_SESSION['dd_ckstr'] != $imagecode) {
jsalert('验证码错误!', 'login.php');
break;
}
$result = $db->query("select * from ve123_admin where adminname='{$adminname}' and password='******'");
$num = $db->num_rows($result);
if ($num > 0) {
$rs = $db->fetch_array($result);
$array = array('lastloginip' => $rs['loginip'], 'loginip' => ip(), 'lastlogintime' => $rs['logintime'], 'logintime' => date('Y-y-d H:i:s'));
$db->update('ve123_admin', $array, "admin_id={$rs['admin_id']}");
setcookie('adminname', $adminname);
header('location:index.php');
} else {
jsalert('用户名或密码错误!', 'login.php');
}
}
function MakeField($fname, $fvalue, $addvalue = '')
{
if ($fvalue == '') {
$fvalue = $this->ChannelFields[$fname]['default'];
}
//处理各种数据类型
$ftype = $this->ChannelFields[$fname]['type'];
if ($ftype == 'text') {
$fvalue = HtmlReplace($fvalue);
} else {
if ($ftype == 'textdata') {
if (!is_file($GLOBALS['cfg_basedir'] . $fvalue)) {
return '';
}
$fp = fopen($GLOBALS['cfg_basedir'] . $fvalue, 'r');
$fvalue = '';
while (!feof($fp)) {
$fvalue .= fgets($fp, 1024);
}
fclose($fp);
} else {
if ($ftype == 'addon') {
$foldvalue = $fvalue;
$tmptext = GetSysTemplets("channel_addon.htm");
$fvalue = str_replace('~link~', $foldvalue, $tmptext);
$fvalue = str_replace('~phpurl~', $GLOBALS['cfg_phpurl'], $fvalue);
} else {
if (file_exists(DEDEINC . '/taglib/channel/' . $ftype . '.lib.php')) {
include_once DEDEINC . '/taglib/channel/' . $ftype . '.lib.php';
$func = 'ch_' . $ftype;
$fvalue = $func($fvalue, $addvalue, $this, $fname);
}
}
}
}
return $fvalue;
}
set_time_limit(0);
require "global.php";
require_once PATH . "include/spider/spider_class.php";
$spider = new spider();
headhtml();
?>
<table width="100%" border="0" cellpadding="3" cellspacing="1" class="tablebg">
<tr>
<td><form id="form1" name="form1" method="post" action="?action=start">
<input type="submit" name="Submit" value="开始一键找站" />
</form>
</td>
</tr>
</table>
<?php
$action = HtmlReplace(trim($_GET["action"]));
switch ($action) {
case "start":
start();
break;
}
function start()
{
global $spider;
echo "正在处理中...<br>";
print str_repeat(" ", 4096);
ob_flush();
flush();
sleep(1);
$url = "http://www.hao123.com/";
$spider->url($url);
ResetVdValue();
ShowMsg('验证码错误!', '-1');
exit;
}
$uidnum = intval($uidnum);
if (empty($uidnum)) {
ShowMsg('参数错误!', '-1');
exit;
}
if (strlen($msg) < 6) {
ShowMsg('你的留言内容太短!', '-1');
exit;
}
$uname = HtmlReplace($uname, 1);
$msg = cn_substrR(HtmlReplace($msg), 2048);
$title = cn_substrR(HtmlReplace($title), 255);
if ($cfg_ml->M_UserName != '' && $cfg_ml->M_ID != $uidnum) {
$gid = $cfg_ml->M_UserName;
} else {
$gid = '';
}
$inquery = "INSERT INTO `#@__member_guestbook`(mid,gid,title,msg,uname,ip,dtime)\n VALUES ('{$uidnum}','{$gid}','{$title}','{$msg}','{$uname}','" . GetIP() . "'," . time() . "); ";
$dsql->ExecuteNoneQuery($inquery);
ShowMsg('成功提交你的留言!', "index.php?uid={$uid}&action=guestbook");
exit;
} else {
if ($action == 'guestbookdel') {
CheckRank(0, 0);
if ($cfg_ml->M_LoginID != $uid) {
ShowMsg('这条留言不是给你的,你不能删除!', -1);
exit;
if (!isset(${$vs[0]})) {
${$vs[0]} = '';
}
${$vs[0]} = GetFieldValueA(${$vs[0]}, $vs[1], $arcID);
}
}
$inadd_f .= ',' . $vs[0];
$inadd_v .= " ,'" . ${$vs[0]} . "' ";
}
}
}
//处理图片文档的自定义属性
if ($litpic != '') {
$flag = 'p';
}
$body = HtmlReplace($body, -1);
//生成文档ID
$arcID = GetIndexKey($arcrank, $typeid, $sortrank, $channelid, $senddate, $mid);
if (empty($arcID)) {
ShowMsg("无法获得主键,因此无法进行后续操作!", "-1");
exit;
}
//保存到主表
$inQuery = "INSERT INTO `#@__archives`(id,typeid,sortrank,flag,ismake,channel,arcrank,click,money,title,shorttitle,\r\ncolor,writer,source,litpic,pubdate,senddate,mid,description,keywords)\r\nVALUES ('{$arcID}','{$typeid}','{$sortrank}','{$flag}','{$ismake}','{$channelid}','{$arcrank}','0','{$money}','{$title}','{$shorttitle}',\r\n'{$color}','{$writer}','{$source}','{$litpic}','{$pubdate}','{$senddate}','{$mid}','{$description}','{$keywords}'); ";
if (!$dsql->ExecuteNoneQuery($inQuery)) {
$gerr = $dsql->GetError();
$dsql->ExecuteNoneQuery("Delete From `#@__arctiny` where id='{$arcID}' ");
ShowMsg("把数据保存到数据库主表 `#@__archives` 时出错,请联系管理员。", "javascript:;");
exit;
}
//软件链接列表
$dsql->SetQuery("Select id,typename,channeltype From `#@__arctype`");
$dsql->Execute();
while ($row = $dsql->GetArray()) {
fwrite($fp, "\$typeArr[{$row['id']}] = '{$row['typename']}';\r\n");
}
fwrite($fp, '?' . '>');
fclose($fp);
}
//引入栏目缓存并看关键字是否有相关栏目内容
require_once $typenameCacheFile;
if (isset($typeArr) && is_array($typeArr)) {
foreach ($typeArr as $id => $typename) {
//$keywordn = str_replace($typename, ' ', $keyword);
$keywordn = $keyword;
if ($keyword != $keywordn) {
$keyword = HtmlReplace($keywordn);
$typeid = intval($id);
break;
}
}
}
}
$keyword = addslashes(cn_substr($keyword, 30));
$typeid = intval($typeid);
if ($cfg_notallowstr != '' && preg_match("#" . $cfg_notallowstr . "#i", $keyword)) {
ShowMsg("你的搜索关键字中存在非法内容,被系统禁止!", "-1");
exit;
}
if (($keyword == '' || strlen($keyword) < 2) && empty($typeid)) {
ShowMsg('关键字不能小于2个字节!', '-1');
exit;
$action = isset($action) ? trim($action) : '';
if (!$cfg_ml->IsLogin()) {
ShowMsg("未登录前不充许该操作!", "-1");
exit;
}
if ($id < 1) {
ShowMsg("错误,未定义的操作!", "-1");
exit;
}
if ($action == "save") {
$svali = GetCkVdValue();
if (strtolower($vdcode) != $svali || $svali == "") {
ShowMsg("认证码错误!", "-1");
exit;
}
$subject = cn_substrR(trim(HtmlReplace($subject), 2), 80);
$text = preg_replace("#<(iframe|script)#i", "", $text);
if (CountStrLen($text) < 3 || CountStrLen($text) > 1000) {
ShowMsg("内容字数应该在3-1000个汉字!", "-1");
exit;
}
if (preg_match("#{$cfg_notallowstr}#", $subject) || preg_match("#{$cfg_notallowstr}#", $text)) {
ShowMsg("含有非法字符!", "-1");
exit;
}
$subject = preg_replace("/{$cfg_replacestr}/", "***", $subject);
$text = preg_replace("/{$cfg_replacestr}/", "***", $text);
$userip = GetIP();
$SetQuery = "INSERT INTO #@__group_guestbook(gid,title,uname,userid,stime,message,ip) ";
$SetQuery .= "VALUES('{$id}','{$subject}','" . $cfg_ml->M_UserName . "','" . $cfg_ml->M_ID . "','" . time() . "','{$text}','{$userip}');";
if ($db->ExecuteNoneQuery($SetQuery)) {
* 圈子分类设置
*
* @version $Id: group_store.php 1 15:34 2011-1-21 tianya $
* @package DedeCMS.Administrator
* @copyright Copyright (c) 2007 - 2010, DesDev, Inc.
* @license http://help.dedecms.com/usersguide/license.html
* @link http://www.dedecms.com
*/
require_once dirname(__FILE__) . "/config.php";
CheckPurview('group_Store');
require_once DEDEINC . '/datalistcp.class.php';
setcookie("ENV_GOBACK_URL", $dedeNowurl, time() + 3600, "/");
$id = isset($id) && is_numeric($id) ? $id : 0;
$action = isset($action) ? trim($action) : '';
if ($action == "add") {
$storename = cn_substrR(HtmlReplace($storename, 2), 20);
$tops = preg_replace("#[^0-9]#", "", $tops);
$orders = preg_replace("#[^0-9]#", "", $orders);
if ($tops < 1) {
$tops = 0;
}
if ($orders < 1) {
$orders = 0;
}
if (empty($storename)) {
$msg = "错误,分类名不能为空!";
} else {
$db->ExecuteNoneQuery("INSERT INTO #@__store_groups(storename,tops,orders) VALUES('" . $storename . "','" . $tops . "','" . $orders . "');");
$msg = "成功添加分类";
}
} else {
<?php
/*
[kuaso!] (C)209-2010 Kuaso Inc.
This is NOT a freeware, use is subject to license terms
$Id: shoulu.php 2010-01-24 16:17:18Z anjel $
*/
require "../global.php";
$url = HtmlReplace($_GET["ref"]);
if ($url != $config["url"] && stristr($url, "http://")) {
$url = GetSiteUrl($url);
$site = $db->get_one("select * from kuaso_sites where url='{$url}'");
if (empty($site)) {
$array = array('url' => $url, 'spider_depth' => $config["spider_depth"], 'indexdate' => time(), 'addtime' => time());
$db->insert("kuaso_sites", $array);
}
$site = $db->get_one("select * from kuaso_sites where url='{$url}'");
if (!empty($site)) {
$ip = ip();
//$referer=$_SERVER['HTTP_REFERER'];
$v = $db->get_one("select * from kuaso_stat_visitor where v_ip='" . $ip . "' and v_time>='" . (time() - 86400 * 1) . "'");
if (empty($v)) {
$array = array('v_time' => time(), 'v_ip' => $ip);
$db->insert("kuaso_stat_visitor", $array);
$db->query("update kuaso_sites set com_time='" . time() . "',com_count_ip=com_count_ip+1 where url='" . $url . "'");
}
}
$site = $db->get_one("select * from kuaso_sites where url='{$url}'");
if (!empty($site)) {
</div>
<!--login start-->
<div class="login" style="position: relative;">
<div class="login_month"></div>
<div class="login_month_img1"></div>
<div class="login_month_img"></div>
<div class="login_top"></div>
<div class="login_middle">
<div class="login_middle_img"></div>
<div class="login_middle_img1" style="background-position: -416px -46px;"></div>
<div class="login_middle_clear"></div>
<form action=\'login.php\' METHOD=post onSubmit="return checkData()">
<input type="hidden" name="action" value="login">
<table class="login_table" border="0" cellspacing="0">
';
$msg = HtmlReplace($_GET['msg']);
if (empty($msg)) {
echo '请输入用户名';
} else {
echo $msg;
}
echo ' </td>
</tr>
<tr>
<form name="form" method="post" action="/s/web__login.asp?action=login">
<table class="login_table" border="0" cellspacing="0">
<tbody><tr>
<td class="login_table_text1">用户名</td>
<td class="login_table_text1_1"><input class="login_table_text1_input" name="entered_login"id="entered_login" maxlength="50" style="border-color: rgb(132, 161, 189); font-weight: bold; font-family: Verdana,Arial,Helvetica,sans-serif; ime-mode: disabled;" type="text" ></td>
<td class="login_table_text1_img" title="$ Googie.cn"></td>
function dolistform()
{
global $db;
$site_id = $_POST['site_id'];
$do_action = HtmlReplace($_POST['do_action']);
for ($i = 0; $i < count($site_id); $i++) {
$site_id_str = $site_id_str . $site_id[$i] . ',';
}
$site_id_str = rtrim($site_id_str, ',');
if (empty($site_id_str)) {
return;
}
if ($do_action == 'del') {
$sql = 'delete from ve123_sites where site_id in(' . $site_id_str . ')';
}
$db->query($sql);
header('location:' . $_SERVER['HTTP_REFERER']);
}
<?php
/**
* @version $Id: buy_action.php 1 8:38 2010年7月9日Z tianya $
* @package DedeCMS.Member
* @copyright Copyright (c) 2007 - 2010, DesDev, Inc.
* @license http://help.dedecms.com/usersguide/license.html
* @link http://www.dedecms.com
*/
require_once dirname(__FILE__) . "/config.php";
CheckRank(0, 0);
$menutype = 'mydede';
$menutype_son = 'op';
require_once DEDEINC . '/dedetemplate.class.php';
$product = isset($product) ? trim(HtmlReplace($product, 1)) : '';
$mid = $cfg_ml->M_ID;
$ptype = '';
$pname = '';
$price = '';
$mtime = time();
if (isset($pd_encode) && isset($pd_verify) && md5("payment" . $pd_encode . $cfg_cookie_encode) == $pd_verify) {
parse_str(mchStrCode($pd_encode, 'DECODE'), $mch_Post);
$product = preg_replace("#[^0-9a-z]#i", "", $mch_Post['product']);
$pid = preg_replace("#[^0-9a-z]#i", "", $mch_Post['pid']);
$row = $dsql->GetOne("SELECT * FROM #@__member_operation WHERE mid='{$mid}' And sta=0 AND product='{$product}'");
if (!isset($row['buyid'])) {
ShowMsg("请不要重复提交表单!", 'javascript:;');
exit;
}
if (!isset($paytype)) {
ShowMsg("请选择支付方式!", 'javascript:;');
if ($cInfos['issend'] != 1 || $cInfos['ispart'] != 0 || $cInfos['channeltype'] != $channelid || $cInfos['cissend'] != 1) {
ShowMsg("你所选择的栏目不支持投稿!", "-1");
exit;
}
//文档的默认状态
if ($cInfos['arcsta'] == 0) {
$arcrank = 0;
} else {
if ($cInfos['arcsta'] == 1) {
$arcrank = 0;
} else {
$arcrank = -1;
}
}
//对保存的内容进行处理
$title = cn_substrR(HtmlReplace($title, 1), $cfg_title_maxlen);
$mid = $cfg_ml->M_ID;
//处理上传的缩略图
$litpic = MemberUploads('litpic', $oldlitpic, $mid, 'image', '', $cfg_ddimg_width, $cfg_ddimg_height, false);
if ($litpic != '') {
SaveUploadInfo($title, $litpic, 1);
} else {
$litpic = $oldlitpic;
}
//分析处理附加表数据
$inadd_f = '';
if (!empty($dede_addonfields)) {
$addonfields = explode(';', $dede_addonfields);
if (is_array($addonfields)) {
foreach ($addonfields as $v) {
if ($v == '') {
$ip = GetIP();
$dtime = time();
if (!empty($cfg_feedback_time)) {
//检查最后发表评论时间,如果未登陆判断当前IP最后评论时间
$where = $cfg_ml->M_ID > 0 ? "WHERE `mid` = '{$cfg_ml->M_ID}' " : "WHERE `ip` = '{$ip}' ";
$row = $dsql->GetOne("SELECT dtime FROM `#@__feedback` {$where} ORDER BY `id` DESC ");
if (is_array($row) && $dtime - $row['dtime'] < $cfg_feedback_time) {
ResetVdValue();
echo '<font color="red">管理员设置了评论间隔时间,请稍等休息一下!</font>';
exit;
}
}
$face = intval($face);
extract($arcRow, EXTR_SKIP);
$msg = cn_substrR(TrimMsg($msg), 500);
$username = cn_substrR(HtmlReplace($username, 2), 20);
if (empty($feedbacktype) || $feedbacktype != 'good' && $feedbacktype != 'bad') {
$feedbacktype = 'feedback';
}
//保存评论内容
if (!empty($fid)) {
$row = $dsql->GetOne("Select username,msg from `#@__feedback` where id ='{$fid}' ");
$qmsg = '{quote}{title}' . $row['username'] . ' 的原帖:{/title}{content}' . $row['msg'] . '{/content}{/quote}';
$msg = addslashes($qmsg) . $msg;
}
$ischeck = $cfg_feedbackcheck == 'Y' ? 0 : 1;
$arctitle = addslashes($title);
$inquery = "INSERT INTO `#@__feedback`(`aid`,`typeid`,`username`,`arctitle`,`ip`,`ischeck`,`dtime`, `mid`,`bad`,`good`,`ftype`,`face`,`msg`)\r\n\t VALUES ('{$aid}','{$typeid}','{$username}','{$arctitle}','{$ip}','{$ischeck}','{$dtime}', '{$cfg_ml->M_ID}','0','0','{$feedbacktype}','{$face}','{$msg}'); ";
$rs = $dsql->ExecuteNoneQuery($inquery);
if (!$rs) {
echo "<font color='red'>发表评论出错了!</font>";
function saveconfig()
{
global $db;
$name = HtmlReplace($_POST["name"]);
$user_agent = HtmlReplace($_POST["user_agent"]);
$adtitle = $_POST["adtitle"];
$copyright = $_POST["copyright"];
$icp = HtmlReplace($_POST["icp"]);
$url = HtmlReplace($_POST["url"]);
$status_content = HtmlReplace($_POST["status_content"]);
$statcode = $_POST["statcode"];
$Keywords = HtmlReplace($_POST["Keywords"]);
$description = $_POST["description"];
$telephone = $_POST["telephone"];
$qq = $_POST["qq"];
$spider_depth = intval($_POST["spider_depth"]);
$is_tijiao_shoulu = $_POST["is_tijiao_shoulu"];
$filter_word = $_POST["filter_word"];
$array = array('name' => $name, 'user_agent' => $user_agent, 'adtitle' => $adtitle, 'copyright' => $copyright, 'icp' => $icp, 'statcode' => $statcode, 'url' => $url, 'status_content' => $status_content, 'Keywords' => $Keywords, 'description' => $description, 'telephone' => $telephone, 'qq' => $qq, 'is_tijiao_shoulu' => $is_tijiao_shoulu, 'spider_depth' => $spider_depth, 'filter_word' => $filter_word);
$db->update("ve123_siteconfig", $array, "config_id='1'");
$config = $db->get_one("select * from ve123_siteconfig limit 1");
$str .= "<?php" . chr(13) . chr(10);
$str .= "\$config['name']=\"" . $name . "\";" . chr(13) . chr(10);
$str .= "\$config['user_agent']=\"" . $user_agent . "\";" . chr(13) . chr(10);
$str .= "\$config['adtitle']=\"" . $adtitle . "\";" . chr(13) . chr(10);
$str .= "\$config['copyright']=\"" . $copyright . "\";" . chr(13) . chr(10);
$str .= "\$config['icp']=\"" . $icp . "\";" . chr(13) . chr(10);
$str .= "\$config['url']=\"" . $url . "\";" . chr(13) . chr(10);
$str .= "\$config['status_content']=\"" . $status_content . "\";" . chr(13) . chr(10);
$str .= "\$config['statcode']=\"" . addslashes($statcode) . "\";" . chr(13) . chr(10);
$str .= "\$config['Keywords']=\"" . $Keywords . "\";" . chr(13) . chr(10);
$str .= "\$config['description']=\"" . $description . "\";" . chr(13) . chr(10);
$str .= "\$config['telephone']=\"" . $telephone . "\";" . chr(13) . chr(10);
$str .= "\$config['qq']=\"" . $qq . "\";" . chr(13) . chr(10);
$str .= "\$config['is_tijiao_shoulu']=\"" . $is_tijiao_shoulu . "\";" . chr(13) . chr(10);
$str .= "\$config['spider_depth']=" . $spider_depth . ";" . chr(13) . chr(10);
$str .= "\$config['author']=\"" . $config["author"] . "\";" . chr(13) . chr(10);
$str .= "\$config['copyright']=\"" . $copyright . "\";" . chr(13) . chr(10);
$str .= "\$config['filter_word']=" . var_export(explode(",", $filter_word), true) . ";" . chr(13) . chr(10);
$str .= "?>";
$fp = @fopen("../cache/site_config.php", "w") or die("写方式打开文件失败,请检查程序目录是否为可写");
//配置conn.php文件
@fputs($fp, $str) or die("文件写入失败,请检查程序目录是否为可写");
@fclose($fp);
jsalert("修改成功!");
}
//会员的默认金币
$dfscores = 0;
$dfmoney = 0;
$dfrank = $dsql->GetOne("SELECT money,scores FROM `#@__arcrank` WHERE rank='10' ");
if (is_array($dfrank)) {
$dfmoney = $dfrank['money'];
$dfscores = $dfrank['scores'];
}
$jointime = time();
$logintime = time();
$joinip = GetIP();
$loginip = GetIP();
$pwd = md5($userpwd);
$mtype = RemoveXSS(HtmlReplace($mtype, 1));
$safeanswer = HtmlReplace($safeanswer);
$safequestion = HtmlReplace($safequestion);
$spaceSta = $cfg_mb_spacesta < 0 ? $cfg_mb_spacesta : 0;
$inQuery = "INSERT INTO `#@__member` (`mtype` ,`userid` ,`pwd` ,`uname` ,`sex` ,`rank` ,`money` ,`email` ,`scores` ,\n `matt`, `spacesta` ,`face`,`safequestion`,`safeanswer` ,`jointime` ,`joinip` ,`logintime` ,`loginip` )\n VALUES ('{$mtype}','{$userid}','{$pwd}','{$uname}','{$sex}','10','{$dfmoney}','{$email}','{$dfscores}',\n '0','{$spaceSta}','','{$safequestion}','{$safeanswer}','{$jointime}','{$joinip}','{$logintime}','{$loginip}'); ";
if ($dsql->ExecuteNoneQuery($inQuery)) {
$mid = $dsql->GetLastID();
//写入默认会员详细资料
if ($mtype == '个人') {
$space = 'person';
} else {
if ($mtype == '企业') {
$space = 'company';
} else {
$space = 'person';
}
}
//写入默认统计数据
<?php
require 'global.php';
$action = $_POST['action'];
if ($action == 'savereg') {
$user_name = HtmlReplace($_POST['user_name']);
$password = HtmlReplace($_POST['passwd1']);
$email = HtmlReplace($_POST['email']);
$real_name = HtmlReplace($_POST['real_name']);
$question = HtmlReplace($_POST['question']);
$answer = HtmlReplace($_POST['answer']);
$check = $db->get_one("select * from ve123_zz_user where user_name='" . $user_name . "'");
if (empty($check)) {
$array = array('user_name' => $user_name, 'password' => md5($password), 'real_name' => $real_name, 'question' => $question, 'answer' => $answer, 'email' => $email, 'reg_ip' => ip(), 'reg_time' => time(), 'points' => $zz_config['zs_points']);
$db->insert('ve123_zz_user', $array);
$_SESSION['user_name'] = $user_name;
header('location:./');
} else {
header('location:reg.php?msg=' . urlencode('用户名已存在,请换个再试!'));
}
}
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>';
echo $config['name'];
echo '推广平台</title>
<link href="images/reg.css" rel="stylesheet" type="text/css">
</head>
}
//文档的默认状态
if ($cInfos['arcsta'] == 0) {
$ismake = 0;
$arcrank = 0;
} else {
if ($cInfos['arcsta'] == 1) {
$ismake = -1;
$arcrank = 0;
} else {
$ismake = 0;
$arcrank = -1;
}
}
//对保存的内容进行处理
$title = cn_substrR(HtmlReplace($title, 1), $cfg_title_maxlen);
$writer = cn_substrR(HtmlReplace($writer, 1), 20);
if (empty($description)) {
$description = '';
}
$description = cn_substrR(HtmlReplace($description, 1), 250);
$keywords = cn_substrR(HtmlReplace($tags, 1), 30);
$mid = $cfg_ml->M_ID;
$isadmin = $cfg_ml->fields['matt'] == 10 ? true : false;
//处理上传的缩略图
$litpic = MemberUploads('litpic', $oldlitpic, $mid, 'image', '', $cfg_ddimg_width, $cfg_ddimg_height, false, $isadmin);
if ($litpic != '') {
SaveUploadInfo($title, $litpic, 1);
} else {
$litpic = $oldlitpic;
}
$aid = intval($aid);
if (empty($aid)) {
exit("<font color='red'>参数错误!</font>");
}
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_flink` WHERE aid='{$aid}' AND mid='" . $cfg_ml->M_ID . "';");
echo "<font color='red'>成功删除链接:{$aid}</font>";
GetLinkList($dsql);
} else {
if ($dopost == "update") {
AjaxHead();
$aid = intval($aid);
if (!preg_match("#^http:\\/\\/#", $url)) {
$url = "http://" . HtmlReplace($url, 2);
}
$title = HtmlReplace($title);
$url = HtmlReplace($url);
$upquery = "UPDATE `#@__member_flink` SET title='{$title}',url='{$url}' WHERE aid='{$aid}' AND mid='" . $cfg_ml->M_ID . "'; ";
$rs = $dsql->ExecuteNoneQuery($upquery);
if ($rs) {
echo "<font color='red'>成功更新链接:{$title}</font>";
GetLinkList($dsql);
exit;
} else {
echo "<font color='red'>更新链接:{$title} 失败!</font>";
GetLinkList($dsql);
exit;
}
} else {
if ($dopost == "reload") {
AjaxHead();
GetLinkList($dsql);
ShowMsg("成功退出登录!", "index.php", 0, 2000);
exit;
}
}
} else {
if ($fmdo == 'moodmsg') {
//用户登录
if ($dopost == "sendmsg") {
if (!empty($content)) {
$ip = GetIP();
$dtime = time();
$ischeck = $cfg_mb_msgischeck == 'Y' ? 0 : 1;
if ($cfg_soft_lang == 'gb2312') {
$content = utf82gb(nl2br($content));
}
$content = cn_substrR(HtmlReplace($content, 1), 360);
//对表情进行解析
$content = addslashes(preg_replace("/\\[face:(\\d{1,2})\\]/is", "<img src='" . $cfg_memberurl . "/templets/images/smiley/\\1.gif' style='cursor: pointer; position: relative;'>", $content));
$content = RemoveXSS($content);
$inquery = "INSERT INTO `#@__member_msg`(`mid`,`userid`,`ip`,`ischeck`,`dtime`, `msg`)\n VALUES ('{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','{$ip}','{$ischeck}','{$dtime}', '{$content}'); ";
$rs = $dsql->ExecuteNoneQuery($inquery);
if (!$rs) {
$output['type'] = 'error';
$output['data'] = '更新失败,请重试.';
exit;
}
$output['type'] = 'success';
if ($cfg_soft_lang == 'gb2312') {
$content = utf82gb(nl2br($content));
}
$output['data'] = stripslashes($content);
* @copyright Copyright (c) 2007 - 2010, DesDev, Inc.
* @license http://help.dedecms.com/usersguide/license.html
* @link http://www.dedecms.com
*/
require_once dirname(__FILE__) . "/../include/common.inc.php";
require_once DEDEINC . '/memberlogin.class.php';
$htmltitle = "错误提交";
$aid = isset($aid) && is_numeric($aid) ? $aid : 0;
if (empty($dopost)) {
$row = $dsql->GetOne(" SELECT a.`title`,b.`typename` FROM `#@__archives` a left join `#@__arctype` b on(a.typeid=b.id) WHERE a.`id` ='{$aid}'");
if (!$row) {
ShowMsg("谢谢您对本网站的支持,我们会尽快处理您的建议!", "javascript:window.close();");
exit;
}
$title = $row['typename'] . "-" . $row['title'];
require_once DEDEROOT . "/templets/plus/erraddsave.htm";
$url = $_SERVER["HTTP_REFERER"];
echo $url;
} elseif ($dopost == "saveedit") {
$cfg_ml = new MemberLogin();
$title = HtmlReplace($title);
$type = isset($type) && is_numeric($type) ? $type : 0;
$mid = isset($cfg_ml->M_ID) ? $cfg_ml->M_ID : 0;
$err = trimMsg(cn_substr($err, 2000), 1);
$oktxt = trimMsg(cn_substr($erradd, 2000), 1);
$time = time();
$query = "INSERT INTO `#@__erradd`(aid,mid,title,type,errtxt,oktxt,sendtime)\r\n VALUES ('{$aid}','{$mid}','{$title}','{$type}','{$err}','{$oktxt}','{$time}'); ";
$dsql->ExecuteNoneQuery($query);
ShowMsg("谢谢您对本网站的支持,我们会尽快处理您的建议!", "javascript:window.close();");
exit;
}
<?php
require "global.php";
$action = $_POST["action"];
if ($action == "savereg") {
$user_name = HtmlReplace($_POST["user_name"]);
$password = HtmlReplace($_POST["passwd1"]);
$email = HtmlReplace($_POST["email"]);
$real_name = HtmlReplace($_POST["real_name"]);
$check = $db->get_one("select * from ve123_zz_user where user_name='" . $user_name . "'");
if (empty($check)) {
$array = array('user_name' => $user_name, 'password' => md5($password), 'real_name' => $real_name, 'email' => $email, 'reg_ip' => ip(), 'reg_time' => time(), 'points' => $zz_config["zs_points"]);
$db->insert("ve123_zz_user", $array);
$_SESSION["user_name"] = $user_name;
header("location:./");
} else {
header("location:reg.php?msg=" . urlencode("用户名已存在,请换个再试!"));
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title><?php
echo $config["name"];
?>
推广平台</title>
<link href="images/reg.css" rel="stylesheet" type="text/css">
</head>
function saveform()
{
global $db;
$title = HtmlReplace(trim($_POST['title']));
$url = HtmlReplace(trim($_POST['url']));
$class_id = intval($_POST['class_id']);
$link_id = intval($_POST['link_id']);
$do_action = $_POST['do_action'];
if ($do_action == 'modify') {
$array = array('title' => $title, 'url' => $url, 'class_id' => $class_id);
$db->update('ve123_dh_links', $array, "link_id='{$link_id}'");
jsalert('修改成功');
} else {
$array = array('title' => $title, 'url' => $url, 'class_id' => $class_id);
$db->insert('ve123_dh_links', $array);
jsalert('提交成功');
}
}
ShowMsg("你上传的Logo文件超过了系统限制大小:{$cfg_max_face} K!", '-1');
exit;
}
//删除旧图片(防止文件扩展名不同,如:原来的是gif,后来的是jpg)
if (eregi("\\.(jpg|gif|png)\$", $oldspacelogo) && file_exists($cfg_basedir . $oldspacelogo)) {
@unlink($cfg_basedir . $oldspacelogo);
}
//上传新工图片
$spacelogo = MemberUploads('spacelogo', '', $cfg_ml->M_ID, 'image', 'mylogo', 200, 50);
} else {
$spacelogo = $oldspacelogo;
}
$pagesize = intval($pagesize);
$spacename = cn_substrR(HtmlReplace($spacename, 2), 50);
$sign = cn_substrR(HtmlReplace($sign), 100);
$spacenews = HtmlReplace($spacenews, -1);
$query = "update `#@__member_space` set `pagesize` = '{$pagesize}',`spacename`='{$spacename}' , spacelogo='{$spacelogo}', `sign` = '{$sign}' ,`spacenews`='{$spacenews}' where mid='{$cfg_ml->M_ID}' ";
$dsql->ExecuteNoneQuery($query);
if ($cfg_ml->M_Spacesta >= 0) {
$dsql->ExecuteNoneQuery("update `#@__member` set spacesta=1 where mid='{$cfg_ml->M_ID}' And spacesta < 1 ");
}
ShowMsg('成功更新空间信息!', 'edit_space_info.php');
exit;
} else {
$row = $dsql->GetOne("select * from `#@__member_space` where mid='" . $cfg_ml->M_ID . "'");
if (!is_array($row)) {
$inquery = "Insert Into `#@__member_space`(`mid` ,`pagesize` ,`matt` ,`spacename` ,`spacelogo` , `sign` ,`spacenews`)\r\n\t\t\t Values('{$cfg_ml->M_ID}', '10', '0', '{$cfg_ml->M_UserName}的空间', '', '', ''); ";
$row['spacename'] = '';
$row['sign'] = '';
$row['pagesize'] = 10;
$row['spacestyle'] = 'person';
}
if ($arow['mid'] != $cfg_ml->M_ID) {
ShowMsg("你没有修改这个附件的权限!", "-1");
exit;
}
include DEDEMEMBER . "/templets/uploads_edit.htm";
exit;
} else {
if ($dopost == 'save') {
$title = HtmlReplace($title, 2);
if ($mediatype == 1) {
$utype = 'image';
} else {
if ($mediatype == 2) {
$utype = 'flash';
} else {
if ($mediatype == 3) {
$utype = 'media';
} else {
$utype = 'addon';
}
}
}
$title = HtmlReplace($title, 2);
$exname = preg_replace("#(.*)/#", "", $oldurl);
$exname = preg_replace("#\\.(.*)\$#", "", $exname);
$filename = MemberUploads('addonfile', $oldurl, $cfg_ml->M_ID, $utype, $exname, -1, -1, TRUE);
SaveUploadInfo($title, $filename, $mediatype);
ShowMsg("成功修改文件!", "uploads_edit.php?aid={$aid}");
}
}
qiangzhisave();
break;
case "addform":
addform($action);
break;
case "qiangzhi":
qiangzhi($action);
break;
case "modify":
addform($action);
break;
case "options":
options(intval($_GET["site_id"]));
break;
case "dell_links":
dell_links(HtmlReplace($_GET["url"]));
break;
case "del":
$site_id = intval($_GET["site_id"]);
$db->query("delete from ve123_sites where site_id='" . $site_id . "'");
break;
case "add_in_site_link":
$site_id = $_GET["site_id"];
echo "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td width=\"98%\"><iframe src=\"start.php?action=add_in_site_link&site_id=" . $site_id . "\" height=\"450\" width=\"100%\"></iframe></td></tr></table><br>";
break;
case "add_all_lry":
//收录全站
$site_id = $_GET["site_id"];
echo "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr><td width=\"98%\"><iframe src=\"start.php?action=add_all_lry&site_id=" . $site_id . "\" height=\"450\" width=\"100%\"></iframe></td></tr></table><br>";
break;
case "update_in_site_all_links":
if ($subject == '') {
ShowMsg("请填写信息标题!", "-1");
exit;
}
$msg = CheckUserID($msgtoid, "用户名", false);
if ($msg != 'ok') {
ShowMsg($msg, "-1");
exit;
}
$row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE userid LIKE '{$msgtoid}' ");
if (!is_array($row)) {
ShowMsg("你指定的用户不存在,不能发送信息!", "-1");
exit;
}
$subject = cn_substrR(HtmlReplace($subject, 1), 60);
$message = cn_substrR(HtmlReplace($message, 0), 1024);
$sendtime = $writetime = time();
//发给收件人(收件人可管理)
$inquery1 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)\r\n VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','inbox','{$subject}','{$sendtime}','{$writetime}','0','0','{$message}'); ";
//保留到自己的发件箱(自己可管理)
$inquery2 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)\r\n VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','outbox','{$subject}','{$sendtime}','{$writetime}','0','0','{$message}'); ";
$dsql->ExecuteNoneQuery($inquery1);
$dsql->ExecuteNoneQuery($inquery2);
ShowMsg("成功发送一条信息!", "pm.php?dopost=outbox");
exit;
} else {
if ($dopost == 'del') {
$ids = preg_replace("#[^0-9,]#", "", $ids);
if ($folder == 'inbox') {
$boxsql = "SELECT * FROM `#@__member_pms` WHERE id IN({$ids}) AND folder LIKE 'inbox' AND toid='{$cfg_ml->M_ID}'";
$dsql->SetQuery($boxsql);
function saveform()
{
global $db, $config;
$title = addslashes(HtmlReplace(trim($_POST["title"])));
$content = trim($_POST["content"]);
$filename = HtmlReplace(trim($_POST["filename"]));
$url = HtmlReplace(trim($_POST["url"]));
$sortid = intval($_POST["sortid"]);
$about_id = intval($_POST["about_id"]);
$do_action = HtmlReplace($_POST["do_action"]);
$is_show = $_POST["is_show"];
ob_start();
require "temp/a.php";
$str = ob_get_contents();
ob_end_clean();
$str = stripslashes($str);
file_put_contents("../a/" . $filename . ".html", $str);
if ($do_action == "modify") {
$array = array('title' => $title, 'content' => $content, 'url' => $url, 'filename' => $filename, 'sortid' => $sortid, 'is_show' => $is_show);
$db->update("ve123_about", $array, "about_id='{$about_id}'");
jsalert("修改成功");
} else {
$array = array('title' => $title, 'content' => $content, 'url' => $url, 'filename' => $filename, 'sortid' => $sortid, 'is_show' => $is_show);
$db->insert("ve123_about", $array);
jsalert("提交成功");
}
}