/**
* Overrides the domain and category for a plural context-based lookup.
*/
function _dcnpgettext($domain, $context, $singular, $plural, $category)
{
$l10n = _get_reader($domain, $category);
return _encode($l10n->npgettext($context, $singular, $plural));
}
function LOAD_ENTRIES($type)
{
global $online_path, $theme_path, $current_tag, $thumb_w, $thumb_h, $root, $date_format, $separator_tags, $show_empty, $nice_permalinks;
$data_entries = mysql_query("SELECT * FROM core_entries e WHERE e.entry_show = 1 ORDER BY e.entry_position DESC");
while ($e = mysql_fetch_array($data_entries)) {
$entry_id = $e["entry_id"];
$entry_title = $e["entry_title"];
// DATE
$date = $e["entry_date"];
$y = substr($t, 0, 4);
$m = substr($t, 5, 2);
$d = substr($t, 8, 2);
$entry_date = date($date_format, mktime(0, 0, 0, $m, $d, $y));
$entry_position = $e["entry_position"];
$entry_client = $e["entry_client"];
$entry_extra1 = $e["entry_extra1"];
$entry_extra2 = $e["entry_extra2"];
$entry_text = $e["entry_text"];
$entry_new = $e["entry_new"];
$hits = $e["hits"];
if ($entry_new == 1) {
$isNew = true;
} else {
$isNew = false;
}
if ($nice_permalinks) {
$entry_permalink = "{$http}" . $entry_id;
} else {
$entry_permalink = "{$http}" . "entry={$entry_id}";
}
$data_e2t = @mysql_query("SELECT e2t.tag_id FROM core_entry2tag e2t WHERE e2t.entry_id = {$entry_id}");
$tag_str = "";
while ($e2t = @mysql_fetch_array($data_e2t)) {
$tag_id = $e2t["tag_id"];
$data_tags = @mysql_query("SELECT t.tag_text FROM core_tags t WHERE t.tag_id = {$tag_id} ORDER BY t.tag_position DESC");
while ($t = @mysql_fetch_array($data_tags)) {
$tag_text = $t["tag_text"];
$tt_friendly = _encode($tag_text);
$tag_str = $tag_str . "<a class=\"tag-link\" name=\"tag" . $tag_id . "\" href=\"#tag-" . $tt_friendly . "\">" . $tag_text . "</a>" . $separator_tags;
}
}
$entry_tags = substr($tag_str, 0, strlen($tag_str) - strlen($separator_tags));
if ($type == "THUMBS") {
$folder = treat_string($entry_title);
$r_str = $root . "user/uploads/" . $folder;
$f_str = "core/user/uploads/" . $folder;
$arr = search_folder($r_str);
if ($arr || $show_empty) {
$img = false;
$thumb = false;
foreach ($arr as $f) {
if (strstr($f, "_thumb")) {
$thumb = $f;
}
if (!$thumb) {
if (detect_type($f) == "image") {
$img = $f;
}
}
}
if ($thumb) {
$entry_thumb = "{$f_str}/{$thumb}";
} elseif ($img) {
$entry_thumb = "core/functions/phpThumb/phpThumb.php?src=/{$online_path}/{$f_str}/{$img}&w={$thumb_w}&h={$thumb_h}&zc=1&f=png";
}
require $theme_path . "parts/entry_link_thumbs.php";
}
} elseif ($type == "LIST") {
$arr = search_folder($root . "user/uploads/" . treat_string($entry_title));
if ($arr || $show_empty) {
require $theme_path . "parts/entry_link.php";
}
}
}
}
echo '-><a href="index.php?' . $_GET['path'] . '">取消选择</a> <a href="index.php?' . $_SERVER['QUERY_STRING'] . '&all=yes">全部选择</a>';
echo '<form action="system.php?path=' . _encode($f['.']) . '" method="post">';
if (count($f['dir']) >= 1) {
echo <<<HTML
<div class="big_board"><div class="board_title">目录列表</div></div>
HTML;
foreach ($f['dir'] as $dir) {
echo "<input type=\"checkbox\" name=\"selected[]\" value=\"" . _encode($dir) . "\" {$select}/><a href=\"dirinfo.php?path=" . _encode($dir) . "\">[dir]</a><a href=\"{$_SERVER['PHP_SELF']}?path=" . _encode($dir) . "\">" . path2name($dir) . "</a><br/>";
}
}
if (count($f['file']) >= 1) {
echo <<<HTML
<div class="big_board"><div class="board_title">文件列表</div></div>
HTML;
foreach ($f['file'] as $file) {
echo "<input type=\"checkbox\" name=\"selected[]\" value=\"" . _encode($file) . "\" {$select}/><a href=\"fileinfo.php?path=" . _encode($file) . "\">[file]</a>" . path2name($file) . '<br/><a href="download.php?path=' . _encode($file) . '">下载</a>.<a href="editor.php?path=' . _encode($file) . '">编辑</a>.<a href="view.php?path=' . _encode($file) . '">查看</a>.<a href="rename.php?path=' . _encode($file) . '">命名</a><br/>大小:' . _filesize($file) . ' 权限:' . substr(sprintf('%o', fileperms(_decode($file))), -4) . '<br/>';
}
}
echo <<<HTML
<select name="type">
<option value="delete">删除文件(多选)</option>
<option value="pkzip">压缩文件(多选)</option>
<option value="move">移动文件(多选)</option>
<option value="copy">复制文件(多选)</option>
<option value="chmod">权限变更(多选)</option>
</select>
<input type="submit" value="[Go]"/>
</form>
HTML;
} else {
echo "Hello,貌似目录是空目录耶!";
public function adminzoneopr()
{
$tmp = _decode($_GET['action']);
$back = array('controller' => 'sites', 'action' => 'adminzone', '?' => array('action' => _encode(array('id' => $tmp['site_id']))));
$formUrl = array('controller' => 'sites', 'action' => 'adminzoneopr', '?' => array('action' => _encode(array('site_id' => $tmp['site_id']))));
$this->set('back', $back);
$this->set('formUrl', $formUrl);
$this->set('site_id', $tmp['site_id']);
if ($this->request->data) {
$this->AdminZone->set($this->request->data);
if ($this->AdminZone->validates()) {
$data = $this->AdminZone->save($this->request->data);
$this->Session->setFlash(__('Record successfully saved.'), 'success');
$this->redirect($back);
} else {
$errors = $this->Site->validationErrors;
}
}
if (isset($_GET['action'])) {
$opr = _decode($_GET['action']);
if (isset($opr['opr'])) {
switch ($opr['opr']) {
case 'delete':
if ($this->AdminZone->delete(array('id' => $opr['id']))) {
$this->Session->setFlash(__('Record successfully deleted.'), 'success');
} else {
$this->Session->setFlash(__('Record not deleted.'), 'error');
}
$this->redirect(array('controller' => 'sites', 'action' => 'adminzone', '?' => array('action' => _encode(array('id' => $tmp['site_id'])))));
exit;
break;
}
}
}
//Valid country list
$country = array();
$query = sprintf('SELECT c.code,c.name FROM `countries` c left join valid_zones vz on vz.country = c.code where vz.status = 1');
$tmp = $this->Country->query($query);
foreach ($tmp as $key => $val) {
if (isset($val['c']['code']) && isset($val['c']['name'])) {
$country[$val['c']['code']] = $val['c']['name'];
}
}
$this->set('country', $country);
}
exit;
}
header('Content-Type:text/html;charset=UTF-8');
echo <<<HTML
<html>
<head>
<title>文件管理-编辑</title>
<style type="text/css">
.big_board{background-color:#009BCE;color:#FFF;}
.board_title{margin-bottom:1px;border:1px solid #09F;}
</style>
</head>
<body>
<div class="big_board"><div class="board_title">爱特文管-路径信息</div></div>
HTML;
echo '<a href="index.php?path=' . _encode(dirname(_decode($_GET['path']))) . '">' . dirname(_decode($_GET['path'])) . '</a>/' . basename(_decode($_GET['path']));
if ($_POST['data'] != null) {
if (!get_magic_quotes_gpc()) {
$_data = addslashes($_POST['data']);
} else {
$_data = $_POST['data'];
}
if (file_put_contents(_decode($_GET['path']), stripslashes($_data)) == false) {
echo <<<HTML
<div class="big_board"><div class="board_title">Hello,文件保存错误!</div></div>
HTML;
} else {
echo <<<HTML
<div class="big_board"><div class="board_title">Hello,文件保存成功!</div></div>
HTML;
}
<p class="tag-link"><a name="tag<?php echo $tag_id; ?> " href="#tag-<?php echo _encode($tag_text); ?> "><?php echo $tag_text; ?> </a></p>
/**
* Plural version of dcgettext.
*/
function _dcngettext($domain, $single, $plural, $number, $category)
{
$l10n = _get_reader($domain, $category);
//return $l10n->ngettext($single, $plural, $number);
return _encode($l10n->ngettext($single, $plural, $number));
}
$sql = "SELECT * FROM encuesta.tbcuestionario2 where Codigo_Cuestionario = {$id}";
$result = $mysqli->query($sql);
$data["count"] = $result->num_rows;
while ($row = $result->fetch_array(MYSQLI_ASSOC)) {
$data["data"][] = array_map("utf8_encode", $row);
}
echo json_encode($data);
break;
case "get_asignatura":
$data[response] = "OK";
$sql = "SELECT * FROM tbasignaturas where Carrera_Asignatura = {$asig} order by Semestre_Asignatura";
$result = $mysqli->query($sql);
$data["count"] = $result->num_rows;
while ($row = $result->fetch_array(MYSQLI_ASSOC)) {
$data["data"][] = array_map("utf8_encode", $row);
}
echo json_encode($data);
break;
_encode($data);
break;
case "get_cuestionarios_alumnos":
$data[response] = "OK";
$sql = "SELECT Codigo_Cuestionario,Codigo_Asignatura FROM encuesta.tbcuestionario3 where Codigo_Asignatura in (SELECT Codigo_Asignaturas FROM encuesta.tbalumasig where Codigo_Alumnos = " . $alumnos . " and Periodo_Alumno = " . $periodo . ")";
$result = $mysqli->query($sql);
$data["count"] = $result->num_rows;
while ($row = $result->fetch_array(MYSQLI_ASSOC)) {
$data["data"][] = array_map("utf8_encode", $row);
}
echo json_encode($data);
break;
}
—<a href="#<?php echo _encode($title); ?> "><?php echo $title; ?> </a>
public function avatar_process($alias, &$_fields, &$error) {
global $config, $user;
$path = $config['assets_path'] . 'avatars/';
$send = $this->process($path, 'avatar');
if (count($this->error)) {
$error = array_merge($error, $this->error);
return;
}
if ($send !== false) {
foreach ($send as $row) {
$resize = $this->resize($row, $path, $path, _encode($alias) . time(), array(70, 70), false, false, true);
if ($resize === false) {
continue;
}
if ($user->d('avatar')) {
_rm($path . $user->d('avatar'));
}
$_fields->avatar = $row->filename;
}
}
return;
}
if (preg_match('/^([a-zA-Z0-9_\\-\\.\\x{4e00}-\\x{9fa5}]+)$/u', $_POST['name']) == false) {
echo 'Hello,名称格式错误!';
} else {
if (is_dir(_decode($_GET['path']))) {
chdir(dirname(_decode($_GET['path']) . '/' . $_POST['name']) . '/../');
$to = getcwd() . '/' . $_POST['name'];
} else {
$to = dirname(_decode($_GET['path']));
$to = $to . '/' . $_POST['name'];
}
if (rename(_decode($_GET['path']), $to) == false) {
echo 'Hello,重命名失败了啦!';
} else {
echo 'Hello,重命名成功了喔!';
if (is_dir($to)) {
echo '<a href="index.php?path=' . _encode(dirname($to) . '/' . $_POST['name']) . '">返回</a>?';
}
}
}
}
echo <<<HTML
<div class="big_board"><div class="board_title">爱特文管-新的名称</div></div>
HTML;
echo <<<HTML
<form action="{$_SERVER['PHP_SELF']}?path={$_GET['path']}" method="post">
<input type="text" name="name"/>
<input type="submit" value="命名"/>
</form>
HTML;
echo <<<HTML
<div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div>
protected function user() {
switch($this->method){
case 'GET':
if(empty($this->verb) && empty($this->args)){
$result = $this->db->query("select id, role_id, username, email, banned, ban_reason, phone from users");
$newResult = $result->rows;
nullToEmptyString($newResult);
return array("success" => 1, "items" => $newResult);
} else if ($this->verb == 'role' && empty($this->args)){
$result = $this->db->query("select id, alt_name, locale, description from shop_rbac_roles_i18n where locale = 'ru'");
return array("success" => 1, "items" => $result->rows);
} else if ($this->verb == 'role' && count($this->args) == 1){
$id = htmlspecialchars(strip_tags($this->args[0]));
$result = $this->db->query("select id, alt_name, locale, description from shop_rbac_roles_i18n where locale = 'ru' and id = '".$id."'");
return array("success" => 1, "items" => $result->rows);
} else if (empty($this->verb) && count($this->args) == 1){
$id = htmlspecialchars(strip_tags($this->args[0]));
$result = $this->db->query("select id, role_id, username, email, banned, ban_reason, phone from users where id = '".$id."'");
$newResult = $result->rows;
nullToEmptyString($newResult);
return array("success" => 1, "items" => $newResult);
} else {
return array("success" => 0, "error_message" => "BAD REQUEST");
}
break;
case 'POST':
if (empty($this->verb) && empty($this->args)){
$data = $this->request;
$hash = _encode($data['user_password'], $this->encryption_key);
$hash = crypt($hash);
$result = $this->db->query("insert into users (role_id, username, password, email, phone) values ('".$data['role_id']."', '".$data['login']."', '".$hash."', '".$data['email']."', '".$data['phone']."')");
if($result->errno){
return array("success" => 0, "error_message" => "INCORRECT DATA");
} else {
$lastId = $this->db->getLastId();
$this->log("Добавлен пользователь. Id: ".$lastId, $data['username'], $data['device']);
return array("success" => 1, "insert_id" => $lastId);
}
} else {
return array("success" => 0, "error_message" => "BAD REQUEST");
}
break;
case 'PUT':
if (empty($this->verb) && count($this->args) == 1){
$id = htmlspecialchars(strip_tags($this->args[0]));
$data = $this->request;
if(isset($data['user_password']) && !empty($data['user_password'])) {
$hash = _encode($data['user_password'], $this->encryption_key);
$hash = crypt($hash);
$result = $this->db->query("update users set role_id='".$data['role_id']."', username='******'login']."', password='******', banned = '".$data['banned']."', ban_reason = '".$data['ban_reason']."', email='".$data['email']."', phone='".$data['phone']."' where id = '".$id."'");
} else {
$result = $this->db->query("update users set role_id='".$data['role_id']."', username='******'login']."', banned = '".$data['banned']."', ban_reason = '".$data['ban_reason']."', email='".$data['email']."', phone='".$data['phone']."' where id = '".$id."'");
}
if(!$result->errno){
$this->log("Изменен аккаунт пользователя. Id: ".$id, $data['username'], $data['device']);
return array("success" => 1);
} else {
return array("success" => 0, "error_message" => "INCORRECT DATA");
}
} else if ($this->verb == 'status' && count($this->args) == 1){
$id = htmlspecialchars(strip_tags($this->args[0]));
$data = $this->request;
$result = $this->db->query("update users set banned='".$data['banned']."' where id = '".$id."'");
if(!$result->errno){
$this->log("Изменен статус пользователя. Id: ".$id, $data['username'], $data['device']);
return array("success" => 1);
} else {
return array("success" => 0, "error_message" => "INCORRECT DATA");
}
} else {
return array("success" => 0, "error_message" => "BAD REQUEST");
}
break;
case 'DELETE':
if (empty($this->verb) && count($this->args) == 1){
$id = htmlspecialchars(strip_tags($this->args[0]));
$result = $this->db->query("delete from users where id = '".$id."'");
if(!$result->errno){
$data = $this->request;
$this->log("Удален пользователь. Id: ".$id, $data['username'], $data['device']);
return array("success" => 1);
} else {
return array("success" => 0, "error_message" => "USER NOT FOUND");
}
} else {
return array("success" => 0, "error_message" => "BAD REQUEST");
}
break;
default:
break;
}
}
} else {
$isNew = false;
}
if ($nice_permalinks) {
$entry_perma = "{$http}" . $entry_id;
} else {
$entry_perma = "{$http}" . "?entry={$entry_id}";
}
$data_e2t = @mysql_query("SELECT e2t.tag_id FROM core_entry2tag e2t WHERE e2t.entry_id = {$entry_id}");
$tag_str = "";
while ($e2t = @mysql_fetch_array($data_e2t)) {
$tag_id = $e2t["tag_id"];
$data_tags = @mysql_query("SELECT t.tag_text FROM core_tags t WHERE t.tag_id = {$tag_id}");
while ($t = @mysql_fetch_array($data_tags)) {
$tag_text = $t["tag_text"];
$tag_str = $tag_str . "<a class=\"tag-link\" name=\"tag" . $tag_id . "\" href=\"#tag-" . _encode($tag_text) . "\">" . $tag_text . "</a>" . $separator_tags;
}
}
$entry_tags = substr($tag_str, 0, strlen($tag_str) - strlen($separator_tags));
$layout_path = $root . "user/uploads/" . treat_string($entry_title) . "/layout.php";
if (is_file($layout_path) && @filesize($layout_path) > 0) {
require $layout_path;
} else {
require $theme_path . "parts/entry.php";
}
}
mysql_query("UPDATE core_entries e SET\n\te.hits = {$entry_hits}\n\tWHERE e.entry_id = {$id}");
}
if ($isPerma) {
echo "<a class=\"index-link\" href=\"{$http}\">back to index</a>";
}
