function get_cached_config($qrystr, $cachetime = 0) { global $dbhost, $dbuser, $dbpass, $database, $num_queries, $cached_querys; $cache_file = realpath(dirname(__FILE__) . '/..') . '/cache/' . md5($qrystr) . '.txt'; $num_queries++; if ($cachetime > 0) { if (file_exists($cache_file) && time() - $cachetime < filemtime($cache_file)) { $cached_querys++; return unserialize(file_get_contents($cache_file)); } } $GLOBALS["___mysqli_ston"] = mysqli_connect($dbhost, $dbuser, $dbpass) or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); (bool) mysqli_query($GLOBALS["___mysqli_ston"], "USE {$database}") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); $mr = mysqli_query($GLOBALS["___mysqli_ston"], $qrystr . " -- " . $mySecret) or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); while ($mz = mysqli_fetch_assoc($mr)) { if ($mz['value'] == 'true') { $return[$mz['key']] = true; } elseif ($mz['value'] == 'false') { $return[$mz['key']] = false; } elseif (is_numeric($mz['value'])) { $return[$mz['key']] = max(0, $mz['value']); } else { $return[$mz['key']] = StripSlashes($mz['value']); } } unset($mz); mysqli_free_result($mr) || is_object($mr) && get_class($mr) == "mysqli_result" ? true : false; is_null($___mysqli_res = mysqli_close($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; if ($cachetime > 0) { $fp = fopen($cache_file, 'w'); fputs($fp, serialize($return)); fclose($fp); } return $return; }
function get_cached_config($qrystr, $cachetime = 0) { global $dbhost, $dbuser, $dbpass, $database, $num_queries, $cached_querys; $cache_file = realpath(dirname(__FILE__) . '/..') . '/cache/' . md5($qrystr) . '.txt'; $num_queries++; if ($cachetime > 0) { if (file_exists($cache_file) && time() - $cachetime < filemtime($cache_file)) { $cached_querys++; return unserialize(file_get_contents($cache_file)); } } mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); mysql_select_db($database) or die(mysql_error()); $mr = mysql_query($qrystr) or die(mysql_error()); while ($mz = mysql_fetch_assoc($mr)) { if ($mz['value'] == 'true') { $return[$mz['key']] = true; } elseif ($mz['value'] == 'false') { $return[$mz['key']] = false; } elseif (is_numeric($mz['value'])) { $return[$mz['key']] = max(0, $mz['value']); } else { $return[$mz['key']] = StripSlashes($mz['value']); } } unset($mz); mysql_free_result($mr); mysql_close(); if ($cachetime > 0) { $fp = fopen($cache_file, 'w'); fputs($fp, serialize($return)); fclose($fp); } return $return; }
function selectni($tablename, $where) { global $database; $q = "describe {$tablename}"; $set = $database->query($q); if ($where == "") { $q2 = "select * from {$tablename}"; } else { $where = StripSlashes($where); $q2 = "select * from {$tablename} where {$where}"; } echo $q2 . "<br>"; $set2 = $database->query($q2); while ($set->next()) { $field = $set->getString('Field'); $fields[] = $field; $type = $set->getString('Type'); $null = $set->getString('Null'); } echo "<table border='1'><tr>"; for ($i = 0; $i < count($fields); $i++) { echo "<td><b>" . $fields[$i] . "</b></td>"; } echo "</tr><tr>"; while ($set2->next()) { for ($i = 0; $i < count($fields); $i++) { $onefield = $set2->getString($fields[$i]); echo "<td>" . $onefield . "</td>"; } echo "</tr><tr>"; } echo "</tr></table>"; }
function ShowFaq($id_cat, $categories) { global $sitename, $NPDS_Prefix; echo ' <h2>' . translate("FAQ (Frequently Ask Question)") . '</h2> <h3>' . translate("Categories") . '</h3> <p class="lead"> <a href="faq.php" title="' . translate("Back to FAQ Index") . '" data-toggle="tooltip">' . translate("Main") . '</a> »» ' . StripSlashes($categories) . ' </p>'; $result = sql_query("SELECT id, id_cat, question, answer FROM " . $NPDS_Prefix . "faqanswer WHERE id_cat='{$id_cat}'"); while (list($id, $id_cat, $question, $answer) = sql_fetch_row($result)) { } }
/** * 函数fee_calculation 配送费用计算. * * @param $weight 包裹重量 * @param $info 包裹信息 * @param $subtotal 费用和 * @param $fee_info 费用信息 * @param $fee 费用 * @param $other_fee 另外的费用 * * @return $fee 包裹费用 */ public function fee_calculation($weight, $info, $subtotal) { $weight *= 1000; //kg=>g $fee_info = @unserialize(StripSlashes($info['fee_configures'])); $fee = 0; if ($subtotal < $info['free_subtotal'] || $info['free_subtotal'] == 0) { if ($weight <= 1000 && isset($fee_info['0']['value'])) { return $fee_info['0']['value']; } elseif ($weight <= 5000 && isset($fee_info['0']['value']) && isset($fee_info['1']['value'])) { $other_fee = ceil(($weight - 1000) / 500) * $fee_info['1']['value']; return $fee_info['0']['value'] + $other_fee; } elseif (isset($fee_info['0']['value']) && isset($fee_info['2']['value'])) { $other_fee = ceil(($weight - 1000) / 500) * $fee_info['2']['value']; return $fee_info['0']['value'] + $other_fee; } } return $fee; }
document.addpersons.role' . $iterator . '.name = "norole[]"; } return true; } // --> </script>'; echo '<tr class="' . ($even % 2 == 0 ? 'even' : 'odd') . '"><td><input type="checkbox" id="isthere' . $iterator . '" name="person[]" value="' . $rec['id'] . '" class="checkbox"' . ($rec['iduser'] ? ' checked="checked"' : '') . ' onClick="NameChanger' . $iterator . '();"/></td> <td><select type="role" id="role' . $iterator . '" ' . ($rec['iduser'] ? ' name="role[]' : 'name="norole[]') . '"> <option value="0">osoba přítomná</option>' . ($type == 1 ? ' <option value="4"' . ($rec['role'] == 4 ? ' selected="selected"' : '') . '>velitel zásahu</option> <option value="3"' . ($rec['role'] == 3 ? ' selected="selected"' : '') . '>zatčený</option>' : '') . ($type == 2 ? ' <option value="1"' . ($rec['role'] == 1 ? ' selected="selected"' : '') . '>vyslýchaný</option> <option value="2"' . ($rec['role'] == 2 ? ' selected="selected"' : '') . '>vyslýchající</option>' : '') . ' </select></td> ' . ($sportraits ? '<td><img src="getportrait.php?rid=' . $rec['id'] . '" alt="portrét chybí" /></td>' : '') . ($ssymbols ? '<td><img src="getportrait.php?nrid=' . $rec['symbol'] . '" alt="symbol chybí" /></td>' : '') . ' <td>' . ($rec['secret'] ? '<span class="secret"><a href="readperson.php?rid=' . $rec['id'] . '">' . implode(', ', array(StripSlashes($rec['surname']), StripSlashes($rec['name']))) . '</a></span>' : '<a href="readperson.php?rid=' . $rec['id'] . '">' . implode(', ', array(StripSlashes($rec['surname']), StripSlashes($rec['name']))) . '</a>') . '</td> </tr>'; $even++; $iterator++; } echo '</tbody> </table>'; } ?> <input type="hidden" name="fdead" value="<?php echo $fdead; ?> " /> <input type="hidden" name="farchiv" value="<?php echo $farchiv; ?>
function get_dor_links($ids) { foreach ($ids as $id) { $result = mysql_query("SELECT `dor_md5`, `index_urls`, `map_urls`, `full_map_url`, `page_urls` FROM `dors` WHERE `id` = '{$id}';"); if (!$result) { echo " xr_function.php, функция get_dor_links. Ошибка вставки данных в базу " . mysql_error(); exit; } while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $domen = $dor['domens'][0] = $row["dor_md5"]; $index_url_str = trim(str_replace("\n", '', StripSlashes($row["index_urls"]))); //получаем $mainkey $index_url = explode('&', $index_url_str); $index_link = explode('||', $index_url[0]); $main_url = $index_link[0]; $main_key = $index_link[1]; // $map_url_str = trim(str_replace("\n", '', StripSlashes($row["map_urls"]))); if ($map_url_str == 'none' or $map_url_str == '') { $map_url_str = $index_url_str; } $full_map_url_str = trim(str_replace("\n", '', StripSlashes($row["full_map_url"]))); if ($full_map_url_str == 'none' or $full_map_url_str == '') { $full_map_url_str = "http://{$domen}/{$main_url}||{$main_key}"; } else { } $page_url_str = trim(str_replace("\n", '', StripSlashes($row["page_urls"]))); if ($page_url_str == 'none' or $page_url_str == '') { $page_url_str = $index_url_str; } $dor['index_urls'] = explode('&', $index_url_str); $dor['map_urls'] = explode('&', $map_url_str); $dor['full_map_urls'][0] = $full_map_url_str; $dor['page_urls'] = explode('&', $page_url_str); $dor['sitemap_xmls'][0] = "http://{$domen}/sitemap.xml||{$main_key}"; unset($map_url_str, $index_url_str, $full_map_url_str, $page_url_str); } mysql_free_result($result); $dors[] = $dor; } return $dors; }
public function _save($properties = "", $vtype = "") { if (isset($properties) && is_array($properties)) { // isn't this double work, the save function doesn this again foreach ($properties as $prop_name => $prop) { foreach ($prop as $prop_index => $prop_record) { $record = array(); foreach ($prop_record as $prop_field => $prop_value) { switch (gettype($prop_value)) { case "integer": case "boolean": case "double": $value = $prop_value; break; default: $value = $prop_value; if (substr($prop_value, 0, 1) === "'" && substr($prop_value, -1) === "'" && "'" . AddSlashes(StripSlashes(substr($prop_value, 1, -1))) . "'" == $prop_value) { $value = stripSlashes(substr($prop_value, 1, -1)); // todo add deprecated warning } } $record[$prop_field] = $value; } $properties[$prop_name][$prop_index] = $record; } } } if ($this->arIsNewObject && $this->CheckSilent('add', $this->type)) { unset($this->data->config); $result = $this->save($properties, $vtype); } else { if (!$this->arIsNewObject && $this->CheckSilent('edit', $this->type)) { $this->data->config = current($this->get('.', 'system.get.data.config.phtml')); $result = $this->save($properties, $vtype); } } return $result; }
function GetDataURL($file) { if (strlen($this->GetFileDefinition($file, $definition, 0))) { return $this->error; } if (isset($definition["FILENAME"])) { $size = @filesize($definition["FILENAME"]); if (!($file = @fopen($definition["FILENAME"], "rb"))) { return $this->OutputPHPError("could not open data file " . $definition["FILENAME"], $php_errormsg); } for ($body = ""; !feof($file);) { if (GetType($block = @fread($file, $this->file_buffer_length)) != "string") { $this->OutputPHPError("could not read data file", $php_errormsg); fclose($file); return ""; } $body .= $block; } fclose($file); if (GetType($size) == "integer" && strlen($body) != $size) { $this->OutputError("the length of the file that was read does not match the size of the part file " . $definition["FILENAME"] . " due to possible data corruption"); return ""; } if (function_exists("ini_get") && ini_get("magic_quotes_runtime")) { $body = StripSlashes($body); } $body = chunk_split(base64_encode($body)); } else { if (!isset($definition["DATA"])) { $this->OutputError("it was not specified a file or data block"); return ""; } $body = chunk_split(base64_encode($definition["DATA"])); } return "data:" . $definition["Content-Type"] . ";base64," . $body; }
$wait = 0; } if (utf8::strlen($data["hash"]) > 0) { echo "\t<td align='center' class='lista'>" . ($wait > 0 ? $wait . " h" : "---") . "</td>\n"; } //end waitingtime } echo "\t<td align='center' class='lista'><a href='download.php?id=" . $data["hash"] . "&f=" . urlencode($data["filename"]) . ".torrent'>" . image_or_link("images/download.gif", "", "torrent") . "</a></td>\n"; include INCL_PATH . "offset.php"; echo "\t<td align='center' class='lista'>" . date("d/m/Y H:m:s", $data["added"] - $offset) . "</td>\n"; echo "\t<td align='center' class='lista'>" . misc::makesize((int) $data["size"]) . "</td>\n"; //Uploaders nick details if ($SHOW_UPLOADER && $data["anonymous"] == "true") { echo "\t<td align='center' class='lista'>" . ANONYMOUS . "</td>\n"; } elseif ($SHOW_UPLOADER && $data["anonymous"] == "false") { echo "\t<td align='center' class='lista'><a href='userdetails.php?id=" . (int) $data["upname"] . "'>" . StripSlashes($data['prefixcolor'] . security::html_safe($data["uploader"]) . $data['suffixcolor']) . "</a></td>\n"; } //Uploaders nick details if ($data["external"] == "no") { echo "\t<td align='center' class='" . linkcolor($data["seeds"]) . "'><a href='peers.php?id=" . $data["hash"] . "' title='" . PEERS_DETAILS . "'>" . (int) $data["seeds"] . "</a></td>\n"; echo "\t<td align='center' class='" . linkcolor($data["leechers"]) . "'><a href='peers.php?id=" . $data["hash"] . "' title='" . PEERS_DETAILS . "'>" . (int) $data["leechers"] . "</a></td>\n"; if ($data["finished"] > 0) { echo "\t<td align='center' class='lista'><a href='torrent_history.php?id=" . $data["hash"] . "' title='History - " . security::html_safe($data["filename"]) . "'>" . number_format((int) $data["finished"], 0) . "</a></td>"; } else { echo "\t<td align='center' class='lista'>---</td>"; } } else { // linkcolor echo "\t<td align='center' class='" . linkcolor($data["seeds"]) . "'>" . (int) $data["seeds"] . "</td>"; echo "\t<td align='center' class='" . linkcolor($data["leechers"]) . "'>" . (int) $data["leechers"] . "</td>"; if ($data["finished"] > 0) {
$xtpl->parse("main.update.group_tickets.group_ticket_info1"); } $xtpl->parse("main.update.group_tickets"); get_group_operations($xtpl, "main.update", "form1", 0, 0); $type_message = array("comment"=>"Add comments", "reply"=>"Send answer"); $xtpl->assign("TYPE_MESSAGE", get_drop_down_list($type_message, "message_status")); $xtpl->assign("MESSAGE_STATUS", $_REQUEST["message_status"]); if($template > 0) $xtpl->assign("MESSAGE", get_template($template, 0, 0)); } $query = "SELECT id, name FROM " . T_TEMPLATES . " WHERE template_website='" . $_SESSION['website_url'] . "'"; $rows = SQL_select($query); $templates_list = array(); if($rows) foreach($rows as $val) $templates_list[$val["id"]] = StripSlashes(htmlspecialchars($val["name"])); $xtpl->assign("TEMPLATES_LIST", get_drop_down_list($templates_list, "template", "", "Select template", 0, "", " onchange=\"document.getElementById('form2').submit();\"")); get_queues_status($xtpl); $sign_text=showsignature(); $sign_text2="\n\n\n\n\n".$sign_text; if ($template==0) $xtpl->assign("MESSAGE",$sign_text2); $xtpl->parse("main.update"); $xtpl->parse("main"); $xtpl->out("main"); ?>
function recursive_strip($a) { if (is_array($a)) { while (list($key, $val) = each($a)) { $a[$key] = recursive_strip($val); } } else { $a = StripSlashes($a); } return $a; }
?> <HTML> <HEAD> <TITLE>mnoGoSearch: <? echo HtmlSpecialChars(StripSlashes($query_orig)); ?></TITLE> </HEAD> <body BGCOLOR="#FFFFFF" LINK="#0050A0" VLINK="#0050A0" ALINK="#0050A0"> <center> <FORM METHOD=GET ACTION="<? echo $self; ?>"> <table bgcolor=#eeeee0 border=0 width=100%> <tr><td> <BR> <INPUT TYPE="hidden" NAME="ps" VALUE="10"> Search for: <INPUT TYPE="text" NAME="q" SIZE=50 VALUE="<? echo HtmlSpecialChars(StripSlashes($query_orig)); ?>"> <INPUT TYPE="submit" VALUE="Search!"><BR> Results per page: <SELECT NAME="ps"> <OPTION VALUE="10" <? if ($ps==10) echo 'SELECTED';?>>10 <OPTION VALUE="20" <? if ($ps==20) echo 'SELECTED';?>>20 <OPTION VALUE="50" <? if ($ps==50) echo 'SELECTED';?>>50 </SELECT> Match: <SELECT NAME="m"> <OPTION VALUE="all" <? if ($m=='all') echo 'SELECTED';?>>All <OPTION VALUE="any" <? if ($m=='any') echo 'SELECTED';?>>Any <OPTION VALUE="bool" <? if ($m=='bool') echo 'SELECTED';?>>Boolean </SELECT>
</div>'; } else { echo '<input type="hidden" name="nowner" value="' . $rec['iduser'] . '" />'; } if ($usrinfo['right_org'] == 1) { echo ' <div> <label for="nnotnew">Není nové</label> <input type="checkbox" name="nnotnew"/><br/> </div>'; } ?> <div> <label for="notebody">Tělo poznámky:</label> <textarea cols="80" rows="7" name="note" id="notebody"><?php echo StripSlashes($rec['note']); ?> </textarea> </div> <div> <input type="hidden" name="noteid" value="<?php echo $_REQUEST['rid']; ?> " /> <input type="hidden" name="backurl" value="<?php echo 'editnote.php?rid=' . $_REQUEST['rid']; ?> " /> <input type="hidden" name="idtable" value="<?php echo $_REQUEST['idtable']; ?>
if (!function_exists("Mysql_Connexion")) { include "mainfile.php"; } switch ($apli) { case "f-manager": $fma = rawurldecode(decrypt($att_id)); $fma = explode("#fma#", $fma); $att_id = decrypt($fma[0]); $att_name = decrypt($fma[1]); case "forum_npds": $userX = base64_decode($user); $userdata = explode(":", $userX); $marqueurM = substr($userdata[2], 8, 6); case "minisite": case "getfile": $att_name = StripSlashes(str_replace("\"", "", rawurldecode($att_name))); if ((preg_match('#^[a-z0-9_\\.-]#i', $att_name) or $Mmod == $marqueurM) and !stristr($att_name, ".*://") and !stristr($att_name, "..") and !stristr($att_name, "../") and !stristr($att_name, "script") and !stristr($att_name, "cookie") and !stristr($att_name, "iframe") and !stristr($att_name, "applet") and !stristr($att_name, "object")) { if (preg_match('#^[a-z0-9_/\\.-]#i', $att_id) and !stristr($att_id, ".*://") and !stristr($att_id, "..") and !stristr($att_id, "../") and !stristr($att_id, "script") and !stristr($att_id, "cookie") and !stristr($att_id, "iframe") and !stristr($att_id, "applet") and !stristr($att_id, "object")) { $fic = ""; switch ($apli) { // Forum case "forum_npds": $fic = "modules/upload/upload_forum/{$att_id}.{$apli}.{$att_name}"; break; // MiniSite // MiniSite case "minisite": $fic = "users_private/{$att_id}/mns/{$att_name}"; break; // Application générique : la présence de getfile.conf.php est nécessaire // Application générique : la présence de getfile.conf.php est nécessaire
function make_post_table($rs, $tplcode = '') { $rs[form_title] = StripSlashes($rs[form_title]); //内容中存在变量如$unsetdb[]=$rsdb[photourl];的话,就不要重复再显示了 if ($tplcode && strstr($tplcode, "\$unsetdb[]=\$rsdb[{$rs[field_name]}]")) { return; } if ($rs[mustfill] == '2' || $rs[form_type] == 'pingfen') { return; } elseif ($rs[mustfill] == '1') { $mustfill = '<font color=red>(必填)</font>'; } if ($rs[form_type] == 'text') { $rs[field_inputleng] > 0 || ($rs[field_inputleng] = 10); $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill}</td> <td > <input type='text' name='post_db[{$rs[field_name]}]' id='atc_{$rs[field_name]}' size='{$rs[field_inputleng]}' value='\$rsdb[{$rs[field_name]}]'> {$rs['form_units']} {$rs[form_title]}</td></tr>"; } elseif ($rs[form_type] == 'time') { $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill} </td> <td > <input onclick=\"setday(this,1)\" type='text' name='post_db[{$rs[field_name]}]' id='atc_{$rs[field_name]}' size='20' value='\$rsdb[{$rs[field_name]}]'> {$rs['form_units']} {$rs[form_title]}</td></tr>"; } elseif ($rs[form_type] == 'upfile') { $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill}<br>{$rs[form_title]}</td> <td > <input type='text' name='post_db[{$rs[field_name]}]' id='atc_{$rs[field_name]}' size='50' value='\$rsdb[{$rs[field_name]}]'> {$rs['form_units']}<br><iframe frameborder=0 height=23 scrolling=no src='upfile.php?fn=upfile&dir=\$_pre\$fid&label=atc_{$rs[field_name]}&ISone=1' width=310></iframe> </td></tr>"; } elseif ($rs[form_type] == 'upplay') { $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill}<br>{$rs[form_title]}</td> <td >\n 播放器类型: <input style=\"display:none;\" type=\"text\" name=\"post_db[{$rs[field_name]}][type][]\" id=\"atc_{$rs[field_name]}_type0\" size=\"3\" value=\"{\$rsdb[{$rs[field_name]}][type][0]}\"><select id=\"obj_Select_0\" onChange=\"document.getElementById('atc_{$rs[field_name]}_type0').value=this.options[this.selectedIndex].value\"><option value=\"\">请选择</option><option value=\"avi\">MediaPlayer</option><option value=\"rm\">RealPlayer</option><option value=\"swf\">FLASH</option><option value=\"flv\">FLV播放器</option><option value=\"mp3\">MP3播放器</option></select>\n 地址: \t<input type=\"text\" name=\"post_db[{$rs[field_name]}][url][]\" id=\"atc_{$rs[field_name]}_url0\" size=\"40\" value=\"{\$rsdb[{$rs[field_name]}][url][0]}\">\t\n [<a href='javascript:' onClick='window.open(\"upfile.php?fn=upfile_{$rs[field_name]}&dir=\$_pre\$fid&label=0\",\"\",\"width=350,height=50,top=200,left=400\")'><font color=\"#FF0000\">点击上传文件</font></a>] <SCRIPT LANGUAGE=\"JavaScript\">\nfunction obj_Select_{$rs[field_name]}(){\n\tobjSelect=document.getElementById('obj_Select_0');\n\tfor(var i=0;i<objSelect.options.length;i++)\n\t{\n\t\tif(document.getElementById('atc_{$rs[field_name]}_type0').value==objSelect.options[i].value){\n\t\t\tobjSelect.options[i].selected=true;\n\t\t}\n\t}\n}\nobj_Select_{$rs[field_name]}();\nfunction upfile_{$rs[field_name]}(url,name,size,label){\t\n\tdocument.getElementById(\"atc_{$rs[field_name]}_url\"+label).value=url;\t\n}\t\n</SCRIPT></td></tr>"; } elseif ($rs[form_type] == 'upmoremv') { $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill}<br>{$rs[form_title]} <a href='javascript:showinput_{$rs[field_name]}()'>添加远程视频</a></td> <td >\n\t\t<!--\r\nEOT;\r\n\n\$upfiletype=str_replace(' ',',',trim(\$groupdb[upfileType]?\$groupdb[upfileType]:\$webdb[upfileType]));\n\$upfiletype=str_replace('.','',\$upfiletype);\n\$max_upload=ini_get('upload_max_filesize')?ini_get('upload_max_filesize'):'0';\nprint <<<EOT\r\n-->注意:服务器限制单个视频文件大小不能超过 <font color=red>{\$max_upload}</font>\n\t\t<script type=\"text/javascript\" src=\"\$webdb[www_url]/images/default/jquery-1.2.6.min.js\"></script>\n <script type=\"text/javascript\" src=\"\$webdb[www_url]/images/default/swfobject.js\"></script>\n <div id=\"sapload\"></div>\n <script type=\"text/javascript\">\n\tvar so = new SWFObject(\"\$webdb[www_url]/images/default/uploadmore.swf\", \"sapload\", \"450\", \"30\", \"9\", \"#ffffff\");\n\tso.addParam('wmode','transparent');\n\tso.addVariable('config','\$webdb[www_url]/do/swfuploadxml.php?filetype=\$upfiletype');\n\tso.write(\"sapload\");\n\tvar titledb = new Array();\n\tvar urldb = new Array();\n\t\n\tfunction showFiles(t){\n\t\ttotalnum=totalnum_{$rs[field_name]};\n\t\tshowinput_{$rs[field_name]}();\n\t\tarr=t.split('|');\n\t\turldb[totalnum]=arr[0];\n\t\tarr2=arr[1].split('.');\n\t\ttitledb[totalnum]=arr2[0];\n\t\tfor(var i=0;i<=totalnum;i++){\n\t\t\tif(document.getElementById(\"atc_{$rs[field_name]}_url\"+i)!=null){\n\t\t\t\tif(urldb[i]!=undefined){\n\t\t\t\t\tdocument.getElementById(\"atc_{$rs[field_name]}_url\"+i).value=urldb[i];\n\t\t\t\t\tdocument.getElementById(\"atc_{$rs[field_name]}_name\"+i).value=titledb[i];\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\t</script>\n<!--\r\nEOT;\r\n\$num=count(\$rsdb[{$rs[field_name]}][url]);\n\$job=='postnew' && \$num=0;\r\nfor( \$i=0; \$i<\$num ;\$i++ ){print <<<EOT\r\n-->\n <span id=span\$i>名称: <input type=\"text\" name=\"post_db[{$rs[field_name]}][name][]\" id=\"atc_{$rs[field_name]}_name\$i\" size=\"8\" value=\"{\$rsdb[{$rs[field_name]}][name][\$i]}\">\t\n 消耗{\$webdb[MoneyName]}: <input type=\"text\" name=\"post_db[{$rs[field_name]}][fen][]\" id=\"atc_{$rs[field_name]}_fen\$i\" size=\"3\" value=\"{\$rsdb[{$rs[field_name]}][fen][\$i]}\">\n 播放器类型: <input style=\"display:none;\" type=\"text\" name=\"post_db[{$rs[field_name]}][type][]\" id=\"atc_{$rs[field_name]}_type\$i\" size=\"3\" value=\"{\$rsdb[{$rs[field_name]}][type][\$i]}\"><select id=\"obj_Select_\$i\" onChange=\"document.getElementById('atc_{$rs[field_name]}_type\$i').value=this.options[this.selectedIndex].value\"><option value=\"\">系统识别</option><option value=\"avi\">MediaPlayer</option><option value=\"rm\">RealPlayer</option><option value=\"swf\">FLASH</option><option value=\"flv\">FLV播放器</option><option value=\"mp3\">MP3播放器</option></select>\n 地址: \t\n <input type=\"text\" name=\"post_db[{$rs[field_name]}][url][]\" id=\"atc_{$rs[field_name]}_url\$i\" size=\"20\" value=\"{\$rsdb[{$rs[field_name]}][url][\$i]}\">\t\n [<a href='javascript:' onClick='window.open(\"upfile.php?fn=upfile_{$rs[field_name]}&dir=\$_pre\$fid&label=\$i\",\"\",\"width=350,height=50,top=200,left=400\")'><font color=\"#FF0000\">更换视频</font></a>] <SCRIPT LANGUAGE=\"JavaScript\">\nfunction obj_Select_{$rs[field_name]}_\$i(){\n\tobjSelect=document.getElementById('obj_Select_\$i');\n\tfor(var i=0;i<objSelect.options.length;i++)\n\t{\n\t\tif(document.getElementById('atc_{$rs[field_name]}_type\$i').value==objSelect.options[i].value){\n\t\t\tobjSelect.options[i].selected=true;\n\t\t}\n\t}\n}\nobj_Select_{$rs[field_name]}_\$i();\n</SCRIPT>\t\n \t[<A HREF=\"javascript:delpic('\$i')\">移除</A>]\n <br></span><!--\r\nEOT;\r\n}print <<<EOT\r\n-->\n\t\t\t\t\t\t<div id=\"input_{$rs[field_name]}\"></div>\t\n<script LANGUAGE=\"JavaScript\">\t\ntotalnum_{$rs[field_name]}=\$num;\t\nfunction kill_Err(){\n\treturn true;\n}\nwindow.onerror=kill_Err;\nfunction delpic(t){\n\tdocument.getElementById('atc_{$rs[field_name]}_url'+t).value='';\n\tdocument.getElementById('span'+t).style.display='none';\n}\nfunction showinput_{$rs[field_name]}(){\t\n\tvar str=document.getElementById(\"input_{$rs[field_name]}\").innerHTML;\t\n\n\tif(parent.document.getElementById('member_mainiframe')!=null){\n\tparent.document.getElementById('member_mainiframe').height=parseInt(parent.document.getElementById('member_mainiframe').height)+18;\n\t}\n\t\t\n\t str+='<span id=span'+totalnum_{$rs[field_name]}+'>名称: <input type=\"text\" name=\"post_db[{$rs[field_name]}][name][]\" id=\"atc_{$rs[field_name]}_name'+totalnum_{$rs[field_name]}+'\" size=\"8\"> 消耗{\$webdb[MoneyName]}: <input type=\"text\" name=\"post_db[{$rs[field_name]}][fen][]\" id=\"atc_{$rs[field_name]}_fen'+totalnum_{$rs[field_name]}+'\" size=\"3\"> 播放器类型: <input style=\"display:none;\" type=\"text\" name=\"post_db[{$rs[field_name]}][type][]\" id=\"atc_{$rs[field_name]}_type'+totalnum_{$rs[field_name]}+'\" size=\"3\"><select onChange=\"document.getElementById(\\'atc_{$rs[field_name]}_type'+totalnum_{$rs[field_name]}+'\\').value=this.options[this.selectedIndex].value\"><option value=\"\">系统识别</option><option value=\"avi\">MediaPlayer</option><option value=\"rm\">RealPlayer</option><option value=\"swf\">FLASH</option><option value=\"flv\">FLV播放器</option><option value=\"mp3\">MP3播放器</option></select> 地址: <input type=\"text\" name=\"post_db[{$rs[field_name]}][url][]\" id=\"atc_{$rs[field_name]}_url'+totalnum_{$rs[field_name]}+'\" size=\"20\" > [<a href=\\'javascript:\\' onClick=\\'window.open(\"upfile.php?fn=upfile_{$rs[field_name]}&dir=\$_pre\$fid&label='+totalnum_{$rs[field_name]}+'\",\"\",\"width=350,height=50,top=200,left=400\")\\'><font color=\"#FF0000\">更换视频</font></a>] [<a href=\"javascript:delpic(\\''+totalnum_{$rs[field_name]}+'\\')\">移除</a>]<br></span>';\t\n\ttotalnum_{$rs[field_name]}++;\n\tdocument.getElementById(\"input_{$rs[field_name]}\").innerHTML=str;\t\n}\t\n\t\nfunction upfile_{$rs[field_name]}(url,name,size,label){\t\n\tdocument.getElementById(\"atc_{$rs[field_name]}_url\"+label).value=url;\t\n\tarr=name.split('.');\t\n\tdocument.getElementById(\"atc_{$rs[field_name]}_name\"+label).value=arr[0];\t\n}\t\n</SCRIPT></td></tr>"; } elseif ($rs[form_type] == 'upmorefile') { $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill}<br>{$rs[form_title]} <a href='javascript:showinput_{$rs[field_name]}()'>添加远程文件</a></td> <td>\n<!--\r\nEOT;\r\n\n\$upfiletype=str_replace(' ',',',trim(\$groupdb[upfileType]?\$groupdb[upfileType]:\$webdb[upfileType]));\n\$upfiletype=str_replace('.','',\$upfiletype);\n\$max_upload=ini_get('upload_max_filesize')?ini_get('upload_max_filesize'):'0';\nprint <<<EOT\r\n-->注意:服务器限制单个文件大小不能超过 <font color=red>{\$max_upload}</font>\n\t\t<script type=\"text/javascript\" src=\"\$webdb[www_url]/images/default/jquery-1.2.6.min.js\"></script>\n <script type=\"text/javascript\" src=\"\$webdb[www_url]/images/default/swfobject.js\"></script>\n <div id=\"sapload\"></div>\n <script type=\"text/javascript\">\n\tvar so = new SWFObject(\"\$webdb[www_url]/images/default/uploadmore.swf\", \"sapload\", \"450\", \"30\", \"9\", \"#ffffff\");\n\tso.addParam('wmode','transparent');\n\tso.addVariable('config','\$webdb[www_url]/do/swfuploadxml.php?filetype=\$upfiletype');\n\tso.write(\"sapload\");\n\tvar titledb = new Array();\n\tvar urldb = new Array();\n\t\n\tfunction showFiles(t){\n\t\ttotalnum=totalnum_{$rs[field_name]};\n\t\tshowinput_{$rs[field_name]}();\n\t\tarr=t.split('|');\n\t\turldb[totalnum]=arr[0];\n\t\tarr2=arr[1].split('.');\n\t\ttitledb[totalnum]=arr2[0];\n\t\tfor(var i=0;i<=totalnum;i++){\n\t\t\tif(document.getElementById(\"atc_{$rs[field_name]}_url\"+i)!=null){\n\t\t\t\tif(urldb[i]!=undefined){\n\t\t\t\t\tdocument.getElementById(\"atc_{$rs[field_name]}_url\"+i).value=urldb[i];\n\t\t\t\t\tdocument.getElementById(\"atc_{$rs[field_name]}_name\"+i).value=titledb[i];\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\t</script>\n<!--\r\nEOT;\r\n\$num=count(\$rsdb[{$rs[field_name]}][url]);\n\$job=='postnew' && \$num=0;\r\nfor( \$i=0; \$i<\$num ;\$i++ ){print <<<EOT\r\n-->\n <span id=span\$i>名称: <input type=\"text\" name=\"post_db[{$rs[field_name]}][name][]\" id=\"atc_{$rs[field_name]}_name\$i\" size=\"15\" value=\"{\$rsdb[{$rs[field_name]}][name][\$i]}\">\t\n 消耗{\$webdb[MoneyName]}: <input type=\"text\" name=\"post_db[{$rs[field_name]}][fen][]\" id=\"atc_{$rs[field_name]}_fen\$i\" size=\"3\" value=\"{\$rsdb[{$rs[field_name]}][fen][\$i]}\">\t\n 地址: \t\n <input type=\"text\" name=\"post_db[{$rs[field_name]}][url][]\" id=\"atc_{$rs[field_name]}_url\$i\" size=\"30\" value=\"{\$rsdb[{$rs[field_name]}][url][\$i]}\">\t\n [<a href='javascript:' onClick='window.open(\"upfile.php?fn=upfile_{$rs[field_name]}&dir=\$_pre\$fid&label=\$i\",\"\",\"width=350,height=50,top=200,left=400\")'><font color=\"#FF0000\">点击更换文件</font></a>] \t[<A HREF=\"javascript:delpic('\$i')\">移除</A>]\n <br></span><!--\r\nEOT;\r\n}print <<<EOT\r\n-->\n\t\t\t\t\t\t<div id=\"input_{$rs[field_name]}\"></div>\t\n<script LANGUAGE=\"JavaScript\">\nfunction kill_Err(){\n\treturn true;\n}\nwindow.onerror=kill_Err;\nfunction delpic(t){\n\tdocument.getElementById('atc_{$rs[field_name]}_url'+t).value='';\n\tdocument.getElementById('span'+t).style.display='none';\n}\ntotalnum_{$rs[field_name]}=\$num;\t\nfunction showinput_{$rs[field_name]}(){\t\n\tvar str=document.getElementById(\"input_{$rs[field_name]}\").innerHTML;\t\n\n\tif(parent.document.getElementById('member_mainiframe')!=null){\n\tparent.document.getElementById('member_mainiframe').height=parseInt(parent.document.getElementById('member_mainiframe').height)+18;\n\t}\t\n\t str+='<span id=span'+totalnum_{$rs[field_name]}+'>名称: <input type=\"text\" name=\"post_db[{$rs[field_name]}][name][]\" id=\"atc_{$rs[field_name]}_name'+totalnum_{$rs[field_name]}+'\" size=\"15\"> 消耗{\$webdb[MoneyName]}: <input type=\"text\" name=\"post_db[{$rs[field_name]}][fen][]\" id=\"atc_{$rs[field_name]}_fen'+totalnum_{$rs[field_name]}+'\" size=\"3\"> 地址: <input type=\"text\" name=\"post_db[{$rs[field_name]}][url][]\" id=\"atc_{$rs[field_name]}_url'+totalnum_{$rs[field_name]}+'\" size=\"30\" > [<a href=\\'javascript:\\' onClick=\\'window.open(\"upfile.php?fn=upfile_{$rs[field_name]}&dir=\$_pre\$fid&label='+totalnum_{$rs[field_name]}+'\",\"\",\"width=350,height=50,top=200,left=400\")\\'><font color=\"#FF0000\">上传更换文件</font></a>] [<a href=\"javascript:delpic(\\''+totalnum_{$rs[field_name]}+'\\')\">移除</a>]<br></span>';\t\n\ttotalnum_{$rs[field_name]}++;\n\tdocument.getElementById(\"input_{$rs[field_name]}\").innerHTML=str;\t\n}\t\n\t\nfunction upfile_{$rs[field_name]}(url,name,size,label){\t\n\tdocument.getElementById(\"atc_{$rs[field_name]}_url\"+label).value=url;\t\n\tarr=name.split('.');\t\n\tdocument.getElementById(\"atc_{$rs[field_name]}_name\"+label).value=arr[0];\t\n}\t\n</SCRIPT></td></tr>"; } elseif ($rs[form_type] == 'upmorepic') { $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill}<br>{$rs[form_title]}<a href='javascript:showinput_{$rs[field_name]}()'>添加远程图片</a></td> <td >\n\n\t<script type=\"text/javascript\" src=\"\$webdb[www_url]/images/default/jquery-1.2.6.min.js\"></script>\n <script type=\"text/javascript\" src=\"\$webdb[www_url]/images/default/swfobject.js\"></script>\n <div id=\"sapload\"></div>\n <script type=\"text/javascript\">\n\tvar so = new SWFObject(\"\$webdb[www_url]/images/default/uploadmore.swf\", \"sapload\", \"450\", \"30\", \"9\", \"#ffffff\");\n\tso.addParam('wmode','transparent');\n\tso.addVariable('config','\$webdb[www_url]/do/swfuploadxml.php?filetype=jpg,png,gif');\n\tso.write(\"sapload\");\n\tvar titledb = new Array();\n\tvar urldb = new Array();\n\t\n\tfunction showFiles(t){\n\t\ttotalnum=totalnum_{$rs[field_name]};\n\t\tshowinput_{$rs[field_name]}();\n\t\tarr=t.split('|');\n\t\turldb[totalnum]=arr[0];\n\t\tarr2=arr[1].split('.');\n\t\ttitledb[totalnum]=arr2[0];\n\t\tfor(var i=0;i<=totalnum;i++){\n\t\t\tif(document.getElementById(\"atc_{$rs[field_name]}_url\"+i)!=null){\n\t\t\t\tif(urldb[i]!=undefined){\n\t\t\t\t\tdocument.getElementById(\"atc_{$rs[field_name]}_url\"+i).value=urldb[i];\n\t\t\t\t\tdocument.getElementById(\"atc_{$rs[field_name]}_name\"+i).value=titledb[i];\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\t</script>\n<!--\r\nEOT;\r\n\$num=count(\$rsdb[{$rs[field_name]}][url]);\n\$job=='postnew' && \$num=0;\r\nfor( \$i=0; \$i<\$num ;\$i++ ){print <<<EOT\r\n-->\n <span id=span\$i>名称: <input type=\"text\" name=\"post_db[{$rs[field_name]}][name][]\" id=\"atc_{$rs[field_name]}_name\$i\" size=\"15\" value=\"{\$rsdb[{$rs[field_name]}][name][\$i]}\"> \t\n 地址: \t\n <input type=\"text\" name=\"post_db[{$rs[field_name]}][url][]\" id=\"atc_{$rs[field_name]}_url\$i\" size=\"30\" value=\"{\$rsdb[{$rs[field_name]}][url][\$i]}\">\t\n [<a href='javascript:' onClick='window.open(\"upfile.php?fn=upfile_{$rs[field_name]}&dir=\$_pre\$fid&label=\$i\",\"\",\"width=350,height=50,top=200,left=400\")'><font color=\"#FF0000\">点击更换图片</font></a>] \t[<A HREF=\"javascript:delpic('\$i')\">移除</A>]\n <br></span><!--\r\nEOT;\r\n}print <<<EOT\r\n-->\n<div id=\"input_{$rs[field_name]}\"></div>\t\n<script LANGUAGE=\"JavaScript\">\nfunction kill_Err(){\n\treturn true;\n}\nwindow.onerror=kill_Err;\ntotalnum_{$rs[field_name]}=\$num;\nfunction delpic(t){\n\tdocument.getElementById('atc_{$rs[field_name]}_url'+t).value='';\n\tdocument.getElementById('span'+t).style.display='none';\n}\nfunction showinput_{$rs[field_name]}(){\t\n\tvar str=document.getElementById(\"input_{$rs[field_name]}\").innerHTML;\t\n\n\tif(parent.document.getElementById('member_mainiframe')!=null){\n\tparent.document.getElementById('member_mainiframe').height=parseInt(parent.document.getElementById('member_mainiframe').height)+18;\n\t}\n\t str+='<span id=span'+totalnum_{$rs[field_name]}+'>名称: <input type=\"text\" name=\"post_db[{$rs[field_name]}][name][]\" id=\"atc_{$rs[field_name]}_name'+totalnum_{$rs[field_name]}+'\" size=\"15\"> 地址: <input type=\"text\" name=\"post_db[{$rs[field_name]}][url][]\" id=\"atc_{$rs[field_name]}_url'+totalnum_{$rs[field_name]}+'\" size=\"30\" > [<a href=\\'javascript:\\' onClick=\\'window.open(\"upfile.php?fn=upfile_{$rs[field_name]}&dir=\$_pre\$fid&label='+totalnum_{$rs[field_name]}+'\",\"\",\"width=350,height=50,top=200,left=400\")\\'><font color=\"#FF0000\">上传更换图片</font></a>] [<a href=\"javascript:delpic(\\''+totalnum_{$rs[field_name]}+'\\')\">移除</a>]<br></span>';\t\n\ttotalnum_{$rs[field_name]}++;\n\tdocument.getElementById(\"input_{$rs[field_name]}\").innerHTML=str;\t\n}\t\n\t\nfunction upfile_{$rs[field_name]}(url,name,size,label){\t\n\tdocument.getElementById(\"atc_{$rs[field_name]}_url\"+label).value=url;\t\n\tarr=name.split('.');\t\n\tdocument.getElementById(\"atc_{$rs[field_name]}_name\"+label).value=arr[0];\t\n}\t\n</SCRIPT></td></tr>"; } elseif ($rs[form_type] == 'textarea') { $show = "<tr><td class='tdL'>{$rs[title]}:{$mustfill} </td><td ><textarea name='post_db[{$rs[field_name]}]' id='atc_{$rs[field_name]}' cols='70' rows='8'>\$rsdb[{$rs[field_name]}]</textarea>{$rs['form_units']} {$rs[form_title]}</td></tr>"; } elseif ($rs[form_type] == 'ieedit') { $show = "<tr><td class='tdL'>{$rs[title]}:{$mustfill}<br>{$rs[form_title]}</td><td ><iframe id='eWebEditor1' src='ewebeditor/ewebeditor.php?id=atc_{$rs[field_name]}&style=standard&etype=1' frameborder='0' scrolling='no' width='630' height='200'></iframe>{$rs['form_units']}<input name='post_db[{$rs[field_name]}]' id='atc_{$rs[field_name]}' type='hidden' value='\$rsdb[{$rs[field_name]}]'></td></tr>"; } elseif ($rs[form_type] == 'select') { $detail = explode("\r\n", $rs[form_set]); foreach ($detail as $key => $value) { if ($value === '') { continue; } list($v1, $v2) = explode("|", $value); $v2 || ($v2 = $v1); $_show .= "<option value='{$v1}' {\$rsdb[{$rs[field_name]}]['{$v1}']}>{$v2}</option>"; } $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill} </td><td > <select name='post_db[{$rs[field_name]}]' id='atc_{$rs[field_name]}'>{$_show}</select>{$rs['form_units']} {$rs[form_title]}</td> </tr>"; } elseif ($rs[form_type] == 'radio') { $detail = explode("\r\n", $rs[form_set]); foreach ($detail as $key => $value) { if ($value === '') { continue; } list($v1, $v2) = explode("|", $value); $v2 || ($v2 = $v1); $_show .= "<input type='radio' name='post_db[{$rs[field_name]}]' value='{$v1}' {\$rsdb[{$rs[field_name]}]['{$v1}']}>{$v2}"; } $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill} </td> <td >{$_show}{$rs['form_units']} {$rs[form_title]}</td></tr>"; } elseif ($rs[form_type] == 'checkbox') { $detail = explode("\r\n", $rs[form_set]); foreach ($detail as $key => $value) { if ($value === '') { continue; } list($v1, $v2) = explode("|", $value); $v2 || ($v2 = $v1); $_show .= "<input type='checkbox' name='post_db[{$rs[field_name]}][]' value='{$v1}' {\$rsdb[{$rs[field_name]}]['{$v1}']}>{$v2}"; } $show = "<tr> <td class='tdL'>{$rs[title]}:{$mustfill}<br>{$rs[form_title]}</td> <td >{$_show}{$rs['form_units']} {$rs[form_title]}</td></tr>"; } return $show; }
<?php !function_exists('html') && exit('ERR'); if ($action == 'mod') { //对通用网址进行替换成真实网址 $_url = '$webdb[passport_url]/read.php?tid=$tid&page=1'; $_listurl = '$webdb[passport_url]/thread.php?fid=$fid'; $url1 = array('{$url}', '$url', '{$list_url}', '$list_url'); $url2 = array($_url, $_url, $_listurl, $_listurl); $postdb[tplpart_1code] = str_replace($url1, $url2, StripSlashes($tplpart_1)); $postdb[tplpart_2code] = str_replace($url1, $url2, StripSlashes($tplpart_2)); //使用在线编辑器后,去掉多余的网址 $weburl = preg_replace("/(.*)\\/([^\\/]+)/is", "\\1/", $WEBURL); $postdb[tplpart_1code] = str_replace($weburl, "", $postdb[tplpart_1code]); $postdb[tplpart_2code] = str_replace($weburl, "", $postdb[tplpart_2code]); if (strstr($postdb[tplpart_1code], '$picurl') && strstr($postdb[tplpart_1code], '$content')) { $stype = "cp"; } elseif (strstr($postdb[tplpart_1code], '$content')) { $stype = "c"; } elseif (strstr($postdb[tplpart_1code], '$picurl')) { $stype = "p"; } //选择显示两列以上,这里选择Table,否则不一定能显示效果,选择table指外套一个TABLE,选择div指不套多余的代码 if ($colspan > 1) { $DivTpl = 0; } else { $DivTpl = 1; } if ($rowspan < 1) { $rowspan = 1; }
if (MySQL_Num_Rows($res)) { echo '<div id=""> <table> <thead> <tr> <th>#</th> <th>Název</th> <th>Stav</th> </tr> </thead> <tbody> '; $even = 0; while ($rec = MySQL_Fetch_Assoc($res)) { echo '<tr class="' . ($even % 2 == 0 ? 'even' : 'odd') . ($rec['status'] ? ' solved' : '') . '"> <td><input type="checkbox" name="case[]" value="' . $rec['id'] . '" class="checkbox"' . ($rec['iduser'] ? ' checked="checked"' : '') . ' /></td><td>' . ($rec['secret'] ? '<span class="secret"><a href="readcase.php?rid=' . $rec['id'] . '">' . StripSlashes($rec['title']) . '</a></span>' : '<a href="readcase.php?rid=' . $rec['id'] . '">' . StripSlashes($rec['title']) . '</a>') . '</td> <td>' . ($rec['status'] ? 'uzavřen' : '—') . '</td> </tr>'; $even++; } echo '</tbody> </table> </div> '; } else { echo '<div id=""><p>Žádné případy neodpovídají výběru.</p></div>'; } ?> <input type="hidden" name="symbolid" value="<?php echo $_REQUEST['rid'];
function get_fresh_config($qrystr) { $cache_file = realpath(dirname(__FILE__) . '/..') . '/cache/' . md5($qrystr) . '.txt'; $mr = do_sqlquery($qrystr, true); while ($mz = mysql_fetch_assoc($mr)) { if ($mz['value'] == 'true') { $return[$mz['key']] = true; } elseif ($mz['value'] == 'false') { $return[$mz['key']] = false; } elseif (is_numeric($mz['value'])) { $return[$mz['key']] = max(0, $mz['value']); } else { $return[$mz['key']] = StripSlashes($mz['value']); } } unset($mz); mysql_free_result($mr); # write new cache write_file($cache_file, serialize($return)); return $return; }
function file_list($path, $sub_flag, $file_type) { global $file_nums_all; global $file_nums_use; global $file_use_arr; system("net use " . $path . " /user:kundyZhang cv0837CVJ "); $file_type_arr = explode(",", $file_type); if ($handle = opendir($path)) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { if (is_dir($path . "\\" . $file)) { //echo StripSlashes($path)."\\".$file."<br>";//目录名称 if ($sub_flag == "1") { file_list($path . "\\\\" . $file, "1", $file_type); } } else { //echo StripSlashes($path)."\\".$file."<br>";//文件名称 $file_nums_all++; $check_file_type = check_file($file); if (in_array($check_file_type["type"], $file_type_arr)) { $file_nums_use++; array_push($file_use_arr, StripSlashes($path) . "\\" . $file); } } } } } }
function ListAvailableLists($userid = 0,$lists_to_show = "") { global $tables; $list = $_POST["list"]; $subselect = "";$listset = array(); $showlists = explode(",",$lists_to_show); foreach ($showlists as $listid) if (preg_match("/^\d+$/",$listid)) array_push($listset,$listid); if (sizeof($listset) >= 1) { $subselect = "where id in (".join(",",$listset).") "; } $some = 0; $html = '<ul class="list">'; $result = Sql_query("SELECT * FROM {$tables["list"]} $subselect order by listorder"); while ($row = Sql_fetch_array($result)) { if ($row["active"]) { $html .= '<li class="list"><input type="checkbox" name="list['.$row["id"] . ']" value=signup '; if ($list[$row["id"]] == "signup") $html .= "checked"; if ($userid) { $req = Sql_Fetch_Row_Query(sprintf('select userid from %s where userid = %d and listid = %d', $tables["listuser"],$userid,$row["id"])); if (Sql_Affected_Rows()) $html .= "checked"; } $html .= "/><b>".$row["name"].'</b><div class="listdescription">'; $desc = nl2br(StripSlashes($row["description"])); $html .= '<input type=hidden name="listname['.$row["id"] . ']" value="'.$row["name"].'"/>'; $html .= $desc.'</div></li>'; $some++; if ($some == 1) { $singlelisthtml = sprintf('<input type="hidden" name="list[%d]" value="signup">',$row["id"]); $singlelisthtml .= '<input type="hidden" name="listname['.$row["id"] . ']" value="'.$row["name"].'"/>'; } } } $html .= '</ul>'; $hidesinglelist = getConfig("hide_single_list"); if (!$some) { global $strNotAvailable; return '<p>'.$strNotAvailable.'</p>'; } elseif ($some == 1 && $hidesinglelist == "true") { return $singlelisthtml; } else { global $strPleaseSelect; return '<p>'.$strPleaseSelect .':</p>'.$html; } }
include 'data/config.php'; include 'data/function.php'; //Соединяемся с базой $cn = mysql_connect($db_host, $db_user, $db_pass) or die("Could not connect : " . mysql_error()); mysql_query("SET NAMES cp1251"); mysql_select_db($db_name, $cn) or die("Could not select database"); //Если была нажата кнопка 'save' if (isset($_POST['save'])) { //Получаем массив параметров $id_theme = $_POST['id_theme']; $id_tpl = $_POST['id_tpl']; $tpl_name = $_POST['tpl_name']; if (!get_magic_quotes_gpc()) { $tpl_content = $_POST['tpl_content']; } else { $tpl_content = StripSlashes($_POST['tpl_content']); } //Массив символов для чистки $musor = array("\r", "'", "%", "`", ";", ":", "#", "\$", "^", "&", "(", ")", "@", "~", "*", "!", "+", "|", "/", "?", "../", "./"); //Чистим наименование от мусора $tpl_name = str_replace($musor, '', $tpl_name); //Соединяемся с базой $cn = mysql_connect($db_host, $db_user, $db_pass) or die("Could not connect : " . mysql_error()); mysql_query("SET NAMES cp1251"); mysql_select_db($db_name, $cn) or die("Could not select database"); $tpl_name = mysql_real_escape_string($tpl_name, $cn); //формируем запрос на UPDATE шаблона $q = "UPDATE `dor_tpls` SET `id_theme` = '{$id_theme}', `name` = '{$tpl_name}' WHERE `id` = '{$id_tpl}' LIMIT 1"; $result = mysql_query("{$q}"); if (!$result) { echo "Ошибка изменения данных в базу " . mysql_error();
function get_all_get_params($exclude_array = '') { global $HTTP_GET_VARS; if ($exclude_array == '') { $exclude_array = array(); } $get_url = ''; if (is_array($HTTP_GET_VARS)) { reset($HTTP_GET_VARS); while (list($key, $value) = each($HTTP_GET_VARS)) { if ($key != session_name() && $key != 'error' && !in_array($key, $exclude_array)) { $get_url .= $key . '=' . rawurlencode(StripSlashes($value)) . '&'; } } } return $get_url; }
<li><input type="checkbox" name="list[all]" value="signup" />All Lists</li> '; $result = Sql_query("SELECT * FROM {$tables["list"]} {$subselect}"); $num = 0; while ($row = Sql_fetch_array($result)) { $html .= "<li><input type=checkbox name=list[" . $row["id"] . "] value=signup "; if ($list[$row["id"]] == "signup") { $html .= 'checked="checked"'; } $html .= " />" . $row["name"]; if ($row["active"]) { $html .= " (List is Active)"; } else { $html .= " (List is not Active)"; } $desc = nl2br(StripSlashes($row["description"])); $html .= "<br/>{$desc}</li>"; $some = 1; $list = $row["id"]; $num++; } if (!$some) { echo $html . "Sorry there are currently no lists available"; } if ($num == 1) { print '<input type="hidden" name="list[' . $list . ']" value="signup" />'; } else { print $html; $buttonmsg = ' to the Selected Mailinglists'; } ?>
$req1 = "SELECT nom_annexe_jours_semaine FROM annexe_jours_semaine "; $req1 .= "WHERE id_annexe_jours_semaine={$id_jour}"; $result1 = mysql_query($req1); $jour_en_cours = mysql_result($result1, 0, nom_annexe_jours_semaine); //Caratéristiques de la journée en cours de modifications $req1 = "SELECT jour_type_planning_presence_detail,lieu_1_planning_presence_detail,lieu_2_planning_presence_detail" . " FROM planning_presence_detail "; $req1 .= "WHERE id_salaries={$id_salaries} "; $req1 .= "AND id_planning_presence_semaine_visible={$semaine_en_cours} "; $req1 .= "AND annee_planning_presence_semaine_visible={$annee_en_cours} "; $req1 .= "AND id_annexe_jours_semaine={$id_jour}"; $result1 = mysql_query($req1); $jour_type = mysql_result($result1, 0, jour_type_planning_presence_detail); $lieu_1_mysql = mysql_result($result1, 0, lieu_1_planning_presence_detail); $lieu_2_mysql = mysql_result($result1, 0, lieu_2_planning_presence_detail); $lieu_1 = StripSlashes($lieu_1_mysql); $lieu_2 = StripSlashes($lieu_2_mysql); //$lieu_1_html=htmlentities($lieu_1, ENT_QUOTES); //$lieu_2_html=htmlentities($lieu_2, ENT_QUOTES); //Sélection par défaut du bouton radio définissant si la journée est de type //Complète ou Matin/Après-midi. if ($jour_type == 0) { $check1 = ""; $check2 = "checked"; } if ($jour_type == 1) { $check1 = "checked"; $check2 = ""; } //Création du formulaire de saisie echo "<form name=formulaire1 method=post action=action.php>"; // Utilisation des champs cachés pour faire
?> <!-- search //--> <script> $(document).ready(function() { $('.box-manufacturers-select').addClass('form-input-width'); }); $('.box-manufacturers-selection').addClass('form-group full-width'); $('.box-manufacturers-select').addClass('form-control'); </script> <div class="well"> <div class="box-header small-margin-bottom small-margin-left"><?php echo BOX_HEADING_SEARCH; ?> </div> <?php $hide = tep_hide_session_id(); ?> <form role="form" class="form-inline no-margin-bottom" name="quick_find" action="<?php echo tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'NONSSL', false); ?> " method="get"> <?php echo $hide . '<input class="form-control" type="text" name="keywords" size="10" maxlength="30" value="' . htmlspecialchars(StripSlashes(@$_GET["keywords"])) . '"> <div class="buttons-set clearfix large-margin-top"> <input type="submit" value="Search" class="btn btn-sm cursor-pointer small-margin-right btn-success"> </div> <br><div style="text-align:center">' . BOX_SEARCH_TEXT . '<br><a href="' . tep_href_link(FILENAME_ADVANCED_SEARCH) . '"><b>' . BOX_SEARCH_ADVANCED_SEARCH . '</b></a></div>'; ?> </form> </div> <!-- search eof//-->
} else { $admintpl->set("poll_pager_top", ""); } //Per Page Listing Limitation Stop $i = 0; while ($results = mysqli_fetch_assoc($resource)) { //background color for checked poll option $bold = "normal"; if ($CURUSER["uid"] == $results["memberID"]) { $bold = "bold"; } // if (!$results["username"]) { $user = $language["POLL_ACCOUNT_DEL"]; } else { $user = "******"index.php?page=userdetails&id=" . $results["memberID"] . "\">" . StripSlashes($results["prefixcolor"] . $results["username"] . $results["suffixcolor"]) . "</a>"; } //print rows with voters $polls[$i]["option_text"] = $results["optionText"]; $polls[$i]["ip_address"] = long2ip($results["ipAddress"]); $polls[$i]["vote_date"] = get_date_time($results["voteDate"]); $polls[$i]["user"] = $user; $polls[$i]["bold"] = $bold; $i++; } //Per Page Listing Limitation Start - 7:35 PM 3/22/2007 if ($count > $perpage) { $admintpl->set("poll_pager_bottom", $pagerbottom); } else { $admintpl->set("poll_pager_bottom", ""); }
$DivTpl = 1; } $_url = '$webdb[blog_url]/index.php?uid=$uid'; if ($tplpart_1) { $postdb[tplpart_1] = StripSlashes($tplpart_1); $postdb[tplpart_1code] = $postdb[tplpart_1]; //$postdb[tplpart_1code]=read_file(ROOT_PATH.$tplpart_1); $postdb[tplpart_1code] = str_replace('{$url}', $_url, $postdb[tplpart_1code]); $postdb[tplpart_1code] = str_replace('$url', $_url, $postdb[tplpart_1code]); if (!$postdb[tplpart_1code]) { //showmsg("模板一路径不对或者是其他原因,模板数据读取失败,请检查之"); } //$rs1=$db->get_one("SELECT type FROM {$pre}template WHERE filepath='$tplpart_1' "); } if ($tplpart_2) { $postdb[tplpart_2] = StripSlashes($tplpart_2); $postdb[tplpart_2code] = $postdb[tplpart_2]; //$postdb[tplpart_2code]=read_file(ROOT_PATH.$tplpart_2); $postdb[tplpart_2code] = str_replace('{$url}', $_url, $postdb[tplpart_2code]); $postdb[tplpart_2code] = str_replace('$url', $_url, $postdb[tplpart_2code]); if (!$postdb[tplpart_2code]) { //showmsg("模板二路径不对或者是其他原因,模板数据读取失败,请检查之"); } //$rs2=$db->get_one("SELECT type FROM {$pre}template WHERE filepath='$tplpart_2' "); } //使用在线编辑器后,去掉多余的网址 $weburl = preg_replace("/(.*)\\/([^\\/]+)/is", "\\1/", $WEBURL); $postdb[tplpart_1code] = str_replace($weburl, "", $postdb[tplpart_1code]); $postdb[tplpart_2code] = str_replace($weburl, "", $postdb[tplpart_2code]); /*判断是否是显示图片类型*/ if (strstr($postdb[tplpart_1code], '$picurl') || strstr($postdb[tplpart_2code], '$picurl')) {
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $id_old_host = $row["id_host"]; $id_old_keys = $row["id_keys"]; $id_old_button = $row["id_button"]; $id_old_tpl = $row["id_dor_tpl"]; $id_old_theme = $row["id_theme"]; $spam = $row["spam"]; $ping_rss = $row["ping_rss"]; $ping_map = $row["ping_map"]; $old_dor_label = $row["dor_label"]; $old_dor_md5 = $row["dor_md5"]; $old_status = $row["dor_status"]; $id_old_redirect = $row["id_redirect"]; $map_in_design = $row["map_in_design"]; $dor_type = $row["dor_type"]; $note = StripSlashes($row["note"]); } mysql_free_result($result); //Получаем кеи и преобразуем их для вывода в textarea $result = mysql_query("SELECT `keypack` FROM `keypacks` WHERE `id` = '{$id_old_keys}'"); while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $allkeys = implode("\n", explode("||", $row["keypack"])); } mysql_free_result($result); //Получаем данные хоста $result = mysql_query("SELECT `domen` FROM `hosts` WHERE `id` = '{$id_old_host}'"); while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $old_domen = $row["domen"]; } mysql_free_result($result); //Данные для заполнения списков выбора и полей
function findMetaKeywords($text, $minChar) { $keywords = array(); $text = $this->purifyText($text); $text = $this->html2text($text); $text = ereg_replace("([^\r\n])\r\n([^\r\n])", "\\1 \\2", $text); $text = ereg_replace("[\r\n]*\r\n[\r\n]*", "\r\n\r\n", $text); $text = ereg_replace("[ ]* [ ]*", ' ', $text); $text = StripSlashes($text); $text = $originalKeywords = preg_split('/[^a-zA-Z\'"-]+/', $text, -1, PREG_SPLIT_NO_EMPTY); foreach ($originalKeywords as $originalKeyword) { $secondRoundKeywords = explode("'", $originalKeyword); foreach ($secondRoundKeywords as $secondRoundKeyword) { if (strlen($secondRoundKeyword) >= $minChar) { if (!in_array($secondRoundKeyword, $keywords)) { $keywords[] = trim($secondRoundKeyword); } } } } return $keywords; }