function UA($act, $cid)
{
global $iCMS;
$cookietime = $iCMS->config['diggtime'];
$ajax = intval($_GET['ajax']);
$cTime = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false;
if ($cTime) {
set_cookie($cid . '_' . $act, time(), $cookietime);
if ($cid && iCMS_DB::query("UPDATE `#iCMS@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) {
$ajax ? jsonp("{state:'1'}", $_GET['callback']) : _Header($iCMS->config['publicURL'] . "/comment.php?indexId=" . $id);
}
} else {
$ajax ? jsonp("{state:'0',text:'" . $iCMS->language('digged') . "' }", $_GET['callback']) : alert($iCMS->language('digged'));
}
}
function UA($act, $cid)
{
global $iCMS, $_iGLOBAL;
$cookietime = $_iGLOBAL['cookie']['time'];
$ajax = intval($_GET['ajax']);
$ct = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false;
if ($ct) {
set_cookie($cid . '_' . $act, time(), $cookietime);
if ($cid && $iCMS->db->query("UPDATE `#iCMS@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) {
$ajax ? jsonp("{state:'1'}", $_GET['callback']) : _Header($iCMS->dir . "comment.php?aid=" . $id);
}
} else {
$ajax ? jsonp("{state:'0',text:'" . $iCMS->language('digged') . "' }", $_GET['callback']) : alert($iCMS->language('digged'));
}
}
function(data){
if(data=='1'){
redirect("admincp.php?do=message");
}
}
);
}
</script>
</body></html><?php
break;
case 'del':
$id = intval($_GET['id']);
$id && $DreamCMS->db->query("DELETE FROM `#DC@__message` WHERE `id` ='{$id}'");
_Header('admincp.php?do=message');
break;
case 'post':
if (isset($_POST['delete'])) {
foreach ($_POST['delete'] as $k => $id) {
$id && $DreamCMS->db->query("DELETE FROM `#DC@__message` WHERE `id` ='{$id}'");
}
_Header('admincp.php?do=message');
} else {
alert("请选择要删除的留言!");
}
break;
}
//$DreamCMS->_print("message","admin");
?>
$table = $_POST['table'] ? save($_POST['table']) : '';
//查询是否已经存在此表
$tabledata = $DreamCMS->db->get_row("SELECT * FROM `#DC@__model` WHERE `table`='{$table}'", ARRAY_A);
($tabledata || $table == 'article' || $table == 'articledata') && alert('已经存在此表,请重新添加');
$name = save($_POST['name']);
$description = $_POST['description'] ? save($_POST['description']) : '';
$DreamCMS->db->query("INSERT INTO `#DC@__model` (`name`,`description`,`table`) VALUES ('{$name}','{$description}','{$table}')");
$modelid = $DreamCMS->db->insert_id;
if ($modelid) {
//查询默认表字段
$morens = $DreamCMS->db->get_results("SELECT * FROM `#DC@__model_field` WHERE `modelid`=0 ORDER BY `disorder` ASC");
if ($morens && is_array($morens)) {
foreach ($morens as $key => $val) {
$field = $val['field'];
$name = $val['name'];
$tips = $val['tips'];
$formtype = $val['formtype'];
$setting = $val['setting'];
$disorder = $val['disorder'];
$state = $val['state'];
$iszhu = $val['iszhu'];
$isfuzhi = 1;
$DreamCMS->db->query("INSERT INTO `#DC@__model_field` (`modelid`,`field`,`name`,`tips`,`formtype`,`setting`,`disorder`,`state`,`iszhu`,`isfuzhi`) VALUES ('{$modelid}','{$field}','{$name}','{$tips}','{$formtype}','{$setting}','{$disorder}','{$state}','{$iszhu}','{$isfuzhi}')");
}
}
}
$DreamCMS->db->query("CREATE TABLE `#DC@__" . $table . "` (\n\t\t\t\t\t\t\t `rid` int(10) unsigned NOT NULL auto_increment,\n\t\t\t\t\t\t\t `aid` int(10) unsigned NOT NULL default '0',\n\t\t\t\t\t\t\t PRIMARY KEY (`rid`),\n\t\t\t\t\t\t\t KEY `aid` (`aid`)\n\t\t\t\t\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;");
_Header('admincp.php?do=modeltype');
}
break;
}
_Header();
break;
case 'post':
if ($action == 'edit') {
if (isset($_POST['delete'])) {
foreach ($_POST['delete'] as $k => $id) {
$id && $iCMS->db->query("DELETE FROM `#iCMS@__contentype` WHERE `id` ='{$id}'");
}
_Header();
}
foreach ($_POST['name'] as $id => $value) {
$iCMS->db->query("update `#iCMS@__contentype` set `name`='{$value}',`type`='" . $_POST['type'][$id] . "',`val`='" . $_POST['val'][$id] . "' where `id`='{$id}'");
}
_Header();
}
if ($action == 'add') {
$name = dhtmlspecialchars($_POST['name']);
$type = dhtmlspecialchars($_POST['type']);
$val = intval($_POST['val']);
$iCMS->db->query("INSERT INTO `#iCMS@__contentype` (`name`,`val`,`type`) VALUES ('{$name}','{$val}','{$type}')");
_Header(__SELF__ . '?do=contentype');
}
break;
default:
$Admin->MP("menu_contentype");
$maxperpage = 20;
$total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__contentype` order by id DESC");
$rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__contentype` order by id DESC ");
$_count = count($rs);
include iCMS_admincp_tpl('contentype');
}
_Header();
break;
case 'open':
$id = (int) $_GET['id'];
$id && $DreamCMS->db->query("UPDATE `#DC@__keywords` SET `visible` = '1' WHERE `id` ='{$id}'");
_Header();
break;
case 'post':
if ($action == 'edit') {
if (isset($_POST['delete'])) {
foreach ($_POST['delete'] as $k => $id) {
$id && $DreamCMS->db->query("DELETE FROM `#DC@__keywords` WHERE `id` ='{$id}'");
}
keywords_cache();
_Header();
}
foreach ($_POST['name'] as $id => $value) {
$DreamCMS->db->query("update `#DC@__keywords` set `keyword`='{$value}',`replace`='" . $_POST['replace'][$id] . "' where `id`='{$id}'");
}
keywords_cache();
_Header();
}
if ($action == 'add') {
$keyword = htmlspecialchars($_POST['keyword']);
$replace = $_POST['replace'];
$DreamCMS->db->query("insert into `#DC@__keywords`(`keyword`,`replace`,`addtime`,`visible`) values ('{$keyword}','{$replace}','" . time() . "','0')");
keywords_cache();
_Header('admincp.php?do=keywords');
}
break;
}
function doDelvlink()
{
$id = (int) $_GET['id'];
$fid = (int) $_GET['fid'];
$id && ($vlink = iCMS_DB::getValue("SELECT vlink FROM `#iCMS@__article` WHERE `id`='{$id}'"));
$vlinkArray = explode(',', $vlink);
$key = array_search($fid, $vlinkArray);
unset($vlinkArray[$key]);
$vlink = implode(',', $vlinkArray);
iCMS_DB::query("UPDATE `#iCMS@__article` SET `vlink` = '{$vlink}' WHERE `id` ='{$id}'");
_Header();
}
* @copyright 2007-2009, iDreamSoft
* @license http://www.idreamsoft.cn iDreamSoft
* @author coolmoo <*****@*****.**>
*/
!defined('iPATH') && exit('What are you doing?');
switch ($operation) {
case 'post':
if ($action == 'edit') {
$disable = explode("\r\n", dhtmlspecialchars($_POST['disable']));
$filter = explode("\r\n", dhtmlspecialchars($_POST['filter']));
if (is_array($filter)) {
foreach ($filter as $k => $val) {
$filterArray[$k] = explode("=", $val);
}
}
$iCMS->cache(false, 'include/syscache', 0, true, false);
$iCMS->addcache('word.disable', $disable, 0);
$iCMS->addcache('word.filter', $filterArray, 0);
_Header(__SELF__ . '?do=filter');
}
break;
default:
$Admin->MP("menu_filter");
$cache = $iCMS->cache(array('word.filter', 'word.disable'), 'include/syscache', 0, true);
if (is_array($cache['word.filter'])) {
foreach ($cache['word.filter'] as $k => $val) {
$filterArray[$k] = implode("=", $val);
}
}
include iCMS_admincp_tpl('filter');
}
$aid = intval($_GET['aid']);
$id && $DreamCMS->db->query("UPDATE `#DC@__comment` SET `isexamine` = '0' WHERE `id` ='{$id}'");
$aid && $DreamCMS->db->query("UPDATE `#DC@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'");
_Header('admincp.php?do=comment');
break;
case 'del':
$id = intval($_GET['id']);
$aid = intval($_GET['aid']);
$id && $DreamCMS->db->query("DELETE FROM `#DC@__comment` WHERE `id` ='{$id}'");
$aid && $DreamCMS->db->query("UPDATE `#DC@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'");
_Header('admincp.php?do=comment');
break;
case 'post':
if ($action == "del") {
if (isset($_POST['id'])) {
foreach ($_POST['id'] as $k => $id) {
$aid = $_POST['aid'][$id];
$DreamCMS->db->query("DELETE FROM `#DC@__comment` WHERE `id` ='{$id}'");
$DreamCMS->db->query("UPDATE `#DC@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'");
}
_Header('admincp.php?do=comment');
} else {
alert("请选择要删除的评论!");
}
}
break;
}
//$DreamCMS->_print("comment","admin");
?>
$iCMS->db->query("delete from `#iCMS@__links` where `id`='{$id}'");
}
_Header();
}
foreach ($_POST['name'] as $id => $value) {
$iCMS->db->query("update `#iCMS@__links` set `name`='{$value}',`logo`='" . $_POST['logo'][$id] . "',`url`='" . $_POST['url'][$id] . "',`desc`='" . $_POST['description'][$id] . "',`orderid`='" . $_POST['displayorder'][$id] . "' where `id`='{$id}'");
}
_Header();
}
if ($action == 'add') {
$name = dhtmlspecialchars($_POST['name']);
$url = dhtmlspecialchars($_POST['url']);
$desc = dhtmlspecialchars($_POST['description']);
$logo = dhtmlspecialchars($_POST['logo']);
$orderid = intval($_POST['displayorder']);
empty($name) && alert('网站名称不能为空!');
empty($url) && alert('网站URL不能为空!');
strpos($url, 'http://') === false && ($url = 'http://' . $url);
$iCMS->db->query("INSERT INTO `#iCMS@__links` (`name`,`logo`,`desc`,`url`,`orderid`) VALUES ('{$name}','{$logo}','{$desc}','{$url}','{$orderid}')");
_Header(__SELF__ . "?do=link");
}
break;
default:
$Admin->MP(array("menu_index_link", "menu_link"));
$maxperpage = 60;
$total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__links` ORDER BY `logo`, `orderid` ASC");
page($total, $maxperpage, '个链接');
$rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__links` ORDER BY `logo`, `orderid` ASC LIMIT {$firstcount},{$maxperpage}");
$_count = count($rs);
include iCMS_admincp_tpl('link');
}
keywords_cache();
_Header();
}
foreach ($_POST['name'] as $id => $value) {
$iCMS->db->query("update `#iCMS@__keywords` set `keyword`='{$value}',`replace`='" . $_POST['replace'][$id] . "' where `id`='{$id}'");
}
keywords_cache();
_Header();
}
if ($action == 'save') {
$id = (int) $_POST['id'];
$keyword = dhtmlspecialchars($_POST['keyword']);
$replace = $_POST['replace'];
if (empty($id)) {
$iCMS->db->query("insert into `#iCMS@__keywords`(`keyword`,`replace`,`addtime`,`visible`) values ('{$keyword}','{$replace}','" . time() . "','0')");
} else {
$iCMS->db->query("update `#iCMS@__keywords` set `keyword`='{$keyword}',`replace`='{$replace}' where id='{$id}'");
}
keywords_cache();
_Header(__SELF__ . '?do=keywords');
}
break;
default:
$Admin->MP("menu_keywords");
$maxperpage = 20;
$total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__keywords` order by id DESC");
page($total, $maxperpage, "个关键字");
$rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__keywords` order by id DESC LIMIT {$firstcount},{$maxperpage}");
$_count = count($rs);
include iCMS_admincp_tpl('keywords');
}
<?php
require_once 'functions.php';
require_once "../includes/global.php";
_Header("BillAd");
$date = $_POST["date"];
$amt = $_POST["amt"];
$cid = $_POST["cid"];
$sql = "INSERT INTO bill_record(Date,Cust_ID,Amount) VALUES('{$date}','{$cid}',{$amt})";
if ($mysqli->query($sql) === TRUE) {
//update cust table
$sql = "Update customer_details set Pending_Amount = Pending_Amount + {$amt} where Cust_ID={$cid}";
$mysqli->query($sql);
//update ledger table
//check if first entry
$sql = "select Date from ledger where Date='{$date}'";
echo $sql;
$res = $mysqli->query($sql);
if ($res->num_rows > 0) {
echo "yess";
$sql = "update ledger set Bill_Amount = Bill_Amount + {$amt} where Date='{$date}'";
echo "<br>" . $sql;
$mysqli->query($sql);
echo "updated";
} else {
echo "noo";
$sql = "insert into ledger values('{$date}',{$amt},0)";
echo $sql;
if ($mysqli->query($sql) === TRUE) {
echo "Inserted";
} else {
<?php
require_once "includes/global.php";
require_once "Customers/functions.php";
_Header("Ledger");
$sql = "SELECT * From ledger;";
//echo $sql."<br>";
$result = $mysqli->query($sql);
//echo "Query Called";
if ($result->num_rows > 0) {
table_l();
while ($row = $result->fetch_assoc()) {
l_details($row);
}
end_table();
} else {
echo "No Transactions Yet<br>";
}
_link("Index Page", "index.php");
$info = array();
if ($_POST['pwd'] || $_POST['pwd1'] || $_POST['pwd2']) {
$pwd = md5(trim($_POST['pwd']));
$pwd1 = md5(trim($_POST['pwd1']));
$pwd2 = md5(trim($_POST['pwd2']));
if (!$_POST['pwd'] || !$_POST['pwd1'] || !$_POST['pwd2']) {
alert("修改密码.原密码,新密码,确认密码不能为空");
}
$pwd != $user['password'] && alert("原密码错误!");
$pwd1 != $pwd2 && alert("新密码与确认密码不一致!");
$iCMS->db->query("UPDATE `#iCMS@__members` SET `password` = '{$pwd2}' WHERE `uid` ='{$uid}' LIMIT 1");
}
// $username=dhtmlspecialchars($_POST['name']);
$_POST['email'] && !eregi("^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$", $_POST['email']) && alert("E-mail格式错误!!");
$email = stripslashes($_POST['email']);
$gender = intval($_POST['gender']);
$info['nickname'] = dhtmlspecialchars(stripslashes($_POST['nickname']));
cstrlen($info['nickname']) > 12 && alert("昵称长度大于12");
$info['icq'] = intval($_POST['icq']);
$info['home'] = dhtmlspecialchars(stripslashes($_POST['home']));
$info['year'] = intval($_POST['year']);
$info['month'] = intval($_POST['month']);
$info['day'] = intval($_POST['day']);
$info['from'] = dhtmlspecialchars(stripslashes($_POST['from']));
$info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature']));
$user['info'] = $info;
$iCMS->db->query("UPDATE `#iCMS@__members` SET `info` = '" . addslashes(serialize($user['info'])) . "',`email`='{$email}',`gender`='{$gender}' WHERE `uid` ='{$uid}' LIMIT 1");
_Header(__SELF__ . '?do=setting&operation=profile');
}
break;
}
$quanxian['selectall'] = intval($_POST['selectall']);
$quanxian['select'] = $_POST['select'];
$quanxian['selectzilei'] = $_POST['selectzilei'];
$quanxian['selectzileiall'] = $_POST['selectzileiall'];
$quanxianids = serialize($quanxian);
$up = $DreamCMS->db->query("update `#DC@__articletype` set `quanxianids`='{$quanxianids}' where `id`='{$id}'");
if ($up !== false) {
alert('更新成功!', 'url:1');
} else {
alert('更新失败!');
}
}
if ($action == 'add') {
$name = htmlspecialchars($_POST['name']);
$DreamCMS->db->query("INSERT INTO `#DC@__articletype` (`name`) VALUES ('{$name}')");
_Header('admincp.php?do=articletype');
}
break;
}
function catalog($cid = 0, $level = 1, $quanxianids = '')
{
global $_catalog_array, $DreamCMS;
if (isset($_catalog_array[$cid])) {
foreach ($_catalog_array[$cid] as $root => $cata) {
$selectzilei = '';
$selectzileiall = '';
$select = '';
if ($quanxianids && is_array($quanxianids)) {
$quanxianids['selectzilei'] && in_array($cata['id'], $quanxianids['selectzilei']) && ($selectzilei = " checked='checked' ");
$quanxianids['selectzileiall'] && in_array($cata['id'], $quanxianids['selectzileiall']) && ($selectzileiall = " checked='checked' ");
$quanxianids['select'] && in_array($cata['id'], $quanxianids['select']) && ($select = " checked='checked' ");
* @package iCMS V3.1
* @copyright 2007-2009, iDreamSoft
* @license http://www.idreamsoft.cn iDreamSoft
* @author coolmoo <*****@*****.**>
*/
!defined('iPATH') && exit('What are you doing?');
switch ($operation) {
case 'del':
$id = intval($_GET['id']);
$id && $iCMS->db->query("DELETE FROM `#iCMS@__message` WHERE `id` ='{$id}'");
_Header(__SELF__ . '?do=message');
break;
case 'post':
if (isset($_POST['delete'])) {
foreach ($_POST['delete'] as $k => $id) {
$id && $iCMS->db->query("DELETE FROM `#iCMS@__message` WHERE `id` ='{$id}'");
}
_Header(__SELF__ . '?do=message');
} else {
alert("请选择要删除的留言!");
}
break;
default:
$Admin->MP("menu_message");
$maxperpage = 20;
$total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__message` order by id DESC");
page($total, $maxperpage, "条留言");
$rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__message` order by id DESC LIMIT {$firstcount},{$maxperpage}");
$_count = count($rs);
include iCMS_admincp_tpl('message');
}
//zhaoyanmin start 添加顶级栏目id
catalog_cache();
redirect("栏目添加完成!", 'admincp.php?do=catalog');
} else {
//$DreamCMS->db->get_var("SELECT `dir` FROM `#DC@__catalog` where `dir` ='$dir' AND `id` !='$cid'") && alert('该栏目别名/目录已经存在!请另选一个');
$DreamCMS->db->query("UPDATE `#DC@__catalog` SET `rootid` = '{$rootid}',`order` = '{$order}',`name` = '{$name}',`password`='{$password}',`keywords` = '{$keywords}',`description` = '{$description}',`dir` = '{$dir}',`url` = '{$url}',`icon`='{$icon}',`tpl_index` = '{$tpl_index}',`tpl_list` = '{$tpl_list}',`tpl_contents` = '{$tpl_contents}',`attrib` = '{$attrib}',`isexamine`='{$isexamine}',`ishidden`='{$ishidden}',`issend`='{$issend}',`topid`='{$topid}',`level`='{$level}',`content`='{$content}',`modelid`='{$modelid}',`caturlset`='{$caturlset}',`arturlset`='{$arturlset}' WHERE `id` ='{$cid}' ");
catalog_cache();
redirect("栏目编辑完成!", 'admincp.php?do=catalog');
}
}
if ($action == 'edit') {
foreach ($_POST['order'] as $cid => $order) {
$DreamCMS->db->query("UPDATE `#DC@__catalog` SET `name` = '" . $_POST['name'][$cid] . "',`order` = '" . intval($order) . "' WHERE `id` ='" . intval($cid) . "' LIMIT 1");
}
catalog_cache();
_Header("admincp.php?do=catalog");
}
break;
case 'del':
$id = (int) $_GET['id'];
if ($id) {
catalogvars($id);
if (empty($_catalog_array)) {
$DreamCMS->db->query("DELETE FROM `#DC@__catalog` WHERE `id` = '{$id}'");
$art = $DreamCMS->db->get_results("SELECT id FROM `#DC@__article` WHERE `cid` = '{$id}'");
if ($art) {
foreach ($art as $a) {
delArticle($a['id']);
}
}
catalog_cache();
}
foreach ($_POST['search'] as $id => $value) {
$value = str_replace(array('%', '_'), array('\\%', '\\_'), $value);
$iCMS->db->query("update `#iCMS@__search` set `search`='{$value}',`times`='" . $_POST['times'][$id] . "' where `id`='{$id}'");
}
search_cache();
_Header();
}
if ($action == 'save') {
$id = (int) $_POST['id'];
$search = dhtmlspecialchars($_POST['search']);
$search = str_replace(array('%', '_'), array('\\%', '\\_'), $search);
$times = (int) $_POST['times'];
if (empty($id)) {
$iCMS->db->query("insert into `#iCMS@__search`(`search`,`times`,`addtime`) values ('{$search}','{$times}','" . time() . "')");
} else {
$iCMS->db->query("update `#iCMS@__search` set `search`='{$search}',`times`='{$times}' where id='{$id}'");
}
search_cache();
_Header(__SELF__ . '?do=search');
}
break;
default:
$Admin->MP("menu_search");
$maxperpage = 20;
$total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__search` order by id DESC");
page($total, $maxperpage, "个关键字");
$rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__search` order by id DESC LIMIT {$firstcount},{$maxperpage}");
$_count = count($rs);
include iCMS_admincp_tpl('search');
}
function UA($act, $cid)
{
global $DreamCMS, $cookietime;
$ajax = intval($_GET['ajax']);
$ct = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false;
if ($ct) {
set_cookie($cid . '_' . $act, time(), $cookietime);
if ($cid && $DreamCMS->db->query("UPDATE `#DC@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) {
if ($ajax) {
echo "{state:'1'}";
} else {
_Header($DreamCMS->dir . "comment.php?aid=" . $id);
}
}
} else {
if ($ajax) {
echo "{state:'0',text:'" . $DreamCMS->language('digged') . "' }";
} else {
alert($DreamCMS->language('digged'));
}
}
}
case 'del':
$id = intval($_GET['id']);
$aid = intval($_GET['aid']);
$id && $iCMS->db->query("DELETE FROM `#iCMS@__comment` WHERE `id` ='{$id}'");
$aid && $iCMS->db->query("UPDATE `#iCMS@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'");
_Header(__SELF__ . '?do=comment');
break;
case 'post':
if ($action == "del") {
if (isset($_POST['id'])) {
foreach ($_POST['id'] as $k => $id) {
$aid = $_POST['aid'][$id];
$iCMS->db->query("DELETE FROM `#iCMS@__comment` WHERE `id` ='{$id}'");
$iCMS->db->query("UPDATE `#iCMS@__article` SET `comments` = comments-1 WHERE `id` ='{$aid}'");
}
_Header(__SELF__ . '?do=comment');
} else {
alert("请选择要删除的评论!");
}
}
break;
default:
$Admin->MP(array("menu_index_comment", "menu_comment"));
include_once iPATH . 'include/ubb.fun.php';
$maxperpage = 20;
$total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__comment` order by id DESC");
page($total, $maxperpage, "条评论");
$rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__comment` order by id DESC LIMIT {$firstcount},{$maxperpage}");
$_count = count($rs);
include iCMS_admincp_tpl('comment');
}
} else {
$DreamCMS->db->query("INSERT INTO `#DC@__advertise`(`varname` , `title` ,`style`, `starttime` , `endtime` , `code` , `status` ) VALUES ('{$varname}','{$title}','{$style}','{$starttime}', '{$endtime}', '{$code}', '{$state}')");
$id = $DreamCMS->db->insert_id;
}
$jsfile = "YWR2ZXJ0aXNl/{$style}-id-{$id}.js";
$html = getadvhtml($style, stripslashes($code));
$html = "/*\n{$varname}\n标签:<!--{DreamCMS:advertise name=\"{$varname}\"}-->\n*/\n" . documentwriteln($html);
writefile(DCPATH . $jsfile, $html);
_Header("admincp.php?do=advertise");
}
break;
case 'status':
$id = intval($_GET['id']);
$act = intval($_GET['act']);
$DreamCMS->db->query("UPDATE `#DC@__advertise` SET `status` = '{$act}' WHERE `id` ='{$id}'");
_Header("admincp.php?do=advertise");
break;
}
function getadvhtml($style, $code)
{
$code = unserialize($code);
switch ($style) {
case "code":
$html = stripslashes($code["code"]['html']);
break;
case "image":
$code['image']['width'] && ($width = " width=\"{$code['image']['width']}\"");
$code['image']['height'] && ($height = " height=\"{$code['image']['height']}\"");
$html = "<a href=\"{$code['image']['link']}\" target=\"_blank\" title=\"{$code['image']['alt']}\"><img src=\"{$code['image']['url']}\" alt=\"{$code['image']['alt']}\"{$width}{$height} alt=\"{$code['image']['alt']}\" border=\"0\"></a>";
break;
case "flash":
<?php
/**
* @package iCMS V3.1
* @copyright 2007-2009, iDreamSoft
* @license http://www.idreamsoft.cn iDreamSoft
* @author coolmoo <*****@*****.**>
*/
!defined('iPATH') && exit('What are you doing?');
switch ($operation) {
case 'post':
if ($action == 'edit') {
$sources = explode("\r\n", dhtmlspecialchars($_POST['source']));
$authors = explode("\r\n", dhtmlspecialchars($_POST['author']));
$editors = explode("\r\n", dhtmlspecialchars($_POST['author']));
writefile(iPATH . 'include/default.value.php', "<?php\n\$sources=" . da_var_export($sources) . ";\n\$authors=" . da_var_export($authors) . ";\n\$editors=" . da_var_export($editors) . ";\n?>");
_Header(__SELF__ . '?do=default');
}
break;
default:
$Admin->MP("menu_article_default");
include_once iPATH . 'include/default.value.php';
include iCMS_admincp_tpl('default');
}
$Admin->CP($cid, 'Permission_Denied', __SELF__ . '?do=catalog');
$rootid != $catalog->catalog[$cid]['rootid'] && $Admin->CP($rootid, 'Permission_Denied', __SELF__ . '?do=catalog');
$iCMS->db->getValue("SELECT `dir` FROM `#iCMS@__catalog` where `dir` ='{$dir}' AND `id` !='{$cid}'") && alert('该栏目别名/目录已经存在!请另选一个');
$iCMS->db->query("UPDATE `#iCMS@__catalog` SET `rootid` = '{$rootid}',`mid` = '{$mid}',`order` = '{$order}',`name` = '{$name}',`password`='{$password}',`keywords` = '{$keywords}',`description` = '{$description}',`dir` = '{$dir}',`url` = '{$url}',`domain` = '{$domain}',`icon`='{$icon}',`tpl_index` = '{$tpl_index}',`tpl_list` = '{$tpl_list}',`tpl_contents` = '{$tpl_contents}',`attr` = '{$attr}',`isexamine`='{$isexamine}',`ishidden`='{$ishidden}',`issend`='{$issend}' WHERE `id` ='{$cid}' ");
$catalog = new catalog();
$catalog->cache();
redirect("栏目编辑完成!", __SELF__ . '?do=catalog');
}
}
if ($action == 'edit') {
foreach ($_POST['order'] as $cid => $order) {
$Admin->CP($cid) && $iCMS->db->query("UPDATE `#iCMS@__catalog` SET `name` = '" . $_POST['name'][$cid] . "',`order` = '" . intval($order) . "' WHERE `id` ='" . intval($cid) . "' LIMIT 1");
}
$catalog = new catalog();
$catalog->cache();
_Header(__SELF__ . "?do=catalog");
}
break;
case 'del':
$id = (int) $_GET['id'];
$Admin->CP($id, 'Permission_Denied', __SELF__ . '?do=catalog');
$catalog = new catalog();
if ($id) {
if (empty($catalog->array[$id])) {
$iCMS->db->query("DELETE FROM `#iCMS@__catalog` WHERE `id` = '{$id}'");
$art = $iCMS->db->getArray("SELECT id FROM `#iCMS@__article` WHERE `cid` = '{$id}'");
if ($art) {
foreach ($art as $a) {
delArticle($a['id']);
}
}
empty($_POST['id']) && alert("请选择要显示的文章");
if (is_array($_POST['id'])) {
foreach ($_POST['id'] as $id) {
$DreamCMS->db->query("UPDATE `#DC@__article` SET `visible` = '1' WHERE `id` ='{$id}'");
}
}
_Header($_SERVER['HTTP_REFERER']);
}
if ($action == 'cancel') {
empty($_POST['id']) && alert("请选择要隐藏的文章");
if (is_array($_POST['id'])) {
foreach ($_POST['id'] as $id) {
$DreamCMS->db->query("UPDATE `#DC@__article` SET `visible` = '0' WHERE `id` ='{$id}'");
}
}
_Header($_SERVER['HTTP_REFERER']);
}
if ($action == 'updateHTML') {
empty($_POST['id']) && alert("请选择要更新的文章");
require_once DCPATH . "include/template.fun.php";
$i = 0;
if (is_array($_POST['id'])) {
foreach ($_POST['id'] as $aid) {
MakeArticleHtm($aid) && $i++;
}
}
alert($i . '个文件更新完成!', "url:1");
}
if ($action == 'articletype') {
empty($_POST['id']) && alert("请选择要更改的文章");
$type = empty($_POST['type']) ? "0" : implode(',', $_POST['type']);
if ($_POST['name']) {
foreach ($_POST['name'] as $id => $value) {
$iCMS->db->query("update `#iCMS@__tags` set `name`='{$value}',`sortid`='" . $_POST['sortid'][$id] . "',`updatetime`='" . time() . "' where `id`='{$id}'");
}
}
tags_cache();
}
_Header();
break;
case 'delsort':
$id = (int) $_GET['id'];
$tSort = $iCMS->cache('tag.sort', 'include/syscache', 0, true);
unset($tSort[$id]);
$iCMS->cache(false, 'include/syscache', 0, true, false);
$iCMS->addcache('tag.sort', $tSort, 0);
_Header();
break;
case 'sort':
$rs = $iCMS->cache('tag.sort', 'include/syscache', 0, true);
$_count = count($rs);
include iCMS_admincp_tpl("tag.sort");
break;
case 'manage':
$Admin->MP("menu_tag_manage");
$maxperpage = 20;
$total = $iCMS->db->getValue("SELECT count(*) FROM `#iCMS@__tags` order by id DESC");
page($total, $maxperpage, "个TAG");
$rs = $iCMS->db->getArray("SELECT * FROM `#iCMS@__tags` order by id DESC LIMIT {$firstcount},{$maxperpage}");
$_count = count($rs);
$tSort = $iCMS->cache('tag.sort', 'include/syscache', 0, true);
include iCMS_admincp_tpl("tag.manage");
alert('删除成功', 'url:1');
} else {
alert('删除失败');
}
exit;
break;
case 'post':
if ($action == 'edit') {
foreach ($_POST['picdes'] as $picid => $value) {
$thispicorder = intval($_POST['picorder'][$picid]);
$picid && $DreamCMS->db->query("update `#DC@__otherpics` set `picdes`='{$value}',`picorder`='{$thispicorder}' where `picid`='{$picid}'");
}
_Header();
}
if ($action == 'add') {
$picid = intval($picid);
$picdes = $_POST['picdes'] ? save($_POST['picdes']) : '';
$picorder = intval($_POST['picorder']);
$pictype = $_POST['pictype'] ? save($_POST['pictype']) : 'download';
$artpicurl = $_POST['artpicurl'] ? save($_POST['artpicurl']) : '';
$_picurl = uploadfile("picurl", $picdes);
$picurl = empty($_picurl) ? $artpicurl : $_picurl['FilePath'];
if ($picid) {
$DreamCMS->db->query("UPDATE `#DC@__otherpics` SET `picdes`='{$picdes}',`picorder`='{$picorder}',`pictype`='{$pictype}',`picurl`='{$picurl}' WHERE `picid`='{$picid}' LIMIT 1");
} else {
$DreamCMS->db->query("INSERT INTO `#DC@__otherpics` (`picdes`,`picorder`,`pictype`,`picurl`) VALUES ('{$picdes}','{$picorder}','{$pictype}','{$picurl}')");
}
_Header("admincp.php?do=otherpics&pictype=" . $pictype);
}
break;
}
$pwd = md5(trim($_POST['pwd']));
$pwd1 = md5(trim($_POST['pwd1']));
$pwd2 = md5(trim($_POST['pwd2']));
if (!$_POST['pwd'] || !$_POST['pwd1'] || !$_POST['pwd2']) {
alert("修改密码.原密码,新密码,确认密码不能为空");
}
$pwd != $user['password'] && alert("原密码错误!");
$pwd1 != $pwd2 && alert("新密码与确认密码不一致!");
$DreamCMS->db->query("UPDATE `#DC@__members` SET `password` = '{$pwd2}' WHERE `uid` ='{$uid}' LIMIT 1");
}
// $username=htmlspecialchars($_POST['name']);
//$_POST['email']&&!eregi("^([_\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\.([a-z]{2,6})$",$_POST['email'])&&alert("E-mail格式错误!!");
$_POST['email'] && !preg_match("/^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$/i", $_POST['email']) && alert("E-mail格式错误!!");
//zhaoyanmin php5.3以上版本 eregi在php5.3以上版本改成preg_match
$email = stripslashes($_POST['email']);
$gender = intval($_POST['gender']);
$info['nickname'] = htmlspecialchars(stripslashes($_POST['nickname']));
cstrlen($info['nickname']) > 12 && alert("昵称长度大于12");
$info['icq'] = intval($_POST['icq']);
$info['home'] = htmlspecialchars(stripslashes($_POST['home']));
$info['year'] = intval($_POST['year']);
$info['month'] = intval($_POST['month']);
$info['day'] = intval($_POST['day']);
$info['from'] = htmlspecialchars(stripslashes($_POST['from']));
$info['introduce'] = htmlspecialchars(stripslashes($_POST['introduce']));
$user['info'] = $info;
$DreamCMS->db->query("UPDATE `#DC@__members` SET `info` = '" . addslashes(serialize($user['info'])) . "',`email`='{$email}',`gender`='{$gender}' WHERE `uid` ='{$uid}' LIMIT 1");
_Header('admincp.php?do=user&operation=edit&userid=' . $uid);
}
break;
}
function jumptohtml($fp, $url = '')
{
$this->config['ishtm'] && $this->mode != 'CreateHtml' && file_exists($fp) && _Header(path($url));
}
function jumptohtml($filepath)
{
$this->config['ishtm'] && $this->mode != 'CreateHtml' && file_exists(DCPATH . $filepath . $this->config['htmlext']) && _Header($filepath . $this->config['htmlext']);
}
}
_Header();
}
foreach ($_POST['name'] as $id => $value) {
$DreamCMS->db->query("update `#DC@__links` set `name`='{$value}',`url`='" . $_POST['url'][$id] . "',`desc`='" . $_POST['description'][$id] . "',`orderid`='" . $_POST['displayorder'][$id] . "' where `id`='{$id}'");
}
_Header();
}
if ($action == 'add') {
$id = intval($id);
$name = $_POST['name'] ? save($_POST['name']) : '';
$url = $_POST['url'] ? save($_POST['url']) : '';
$desc = $_POST['description'] ? save($_POST['description']) : '';
//$logo = $_POST['logo'];
$orderid = intval($_POST['displayorder']);
empty($name) && alert('网站名称不能为空!');
empty($url) && alert('网站URL不能为空!');
strpos($url, 'http://') === false && ($url = 'http://' . $url);
$artlogo = $_POST['artlogo'] ? save($_POST['artlogo']) : '';
$_logo = uploadfile("logo", $name);
$logo = empty($_logo) ? $artlogo : $_logo['FilePath'];
//$DreamCMS->db->query("INSERT INTO `#DC@__links` (`name`,`logo`,`desc`,`url`,`orderid`) VALUES ('$name','$logo','$desc','$url','$orderid')");
if ($id) {
$DreamCMS->db->query("UPDATE `#DC@__links` SET `name`='{$name}',`logo`='{$logo}',`desc`='{$desc}',`url`='{$url}',`orderid`='{$orderid}' WHERE `id`='{$id}' LIMIT 1");
} else {
$DreamCMS->db->query("INSERT INTO `#DC@__links` (`name`,`logo`,`desc`,`url`,`orderid`) VALUES ('{$name}','{$logo}','{$desc}','{$url}','{$orderid}')");
}
_Header("admincp.php?do=link");
}
break;
}
