if (!$logo_url) {
$error = true;
$sysmsg[] = __('logo_url_error');
}
if (!$error) {
$ins = array('logo_url' => $logo_url);
$db->query_unbuffered("update {$tpf}users set " . $db->sql_array($ins) . " where userid='{$pd_uid}'");
$sysmsg[] = __('logo_url_update_success');
redirect('back', $sysmsg);
} else {
redirect('back', $sysmsg);
}
} elseif ($task == 'mod_pro') {
form_auth(gpc('formhash', 'P', ''), formhash());
$space_name = trim(gpc('space_name', 'P', ''));
if (checklength($space_name, 1, 250)) {
$error = true;
$sysmsg[] = __('space_name_error');
}
if (!$error) {
$ins = array('space_name' => htmlspecialchars($space_name));
$db->query_unbuffered("update {$tpf}users set " . $db->sql_array($ins) . " where userid='{$pd_uid}'");
$sysmsg[] = __('space_name_update_success');
redirect('back', $sysmsg);
} else {
redirect('back', $sysmsg);
}
} elseif ($task == 'mod_domain') {
auth_task_mod_domain();
} elseif ($task == 'space_pwd') {
auth_task_space_pwd();
$db->query_unbuffered("delete from {$tpf}folders where folder_id='{$folder_id}' and userid='{$pd_uid}'");
$sysmsg[] = __('delete_folder_success');
redirect($ref, $sysmsg);
} else {
$ref = $_SERVER['HTTP_REFERER'];
$folder_name = @$db->result_first("select folder_name from {$tpf}folders where folder_id='{$folder_id}' and userid='{$pd_uid}'");
require_once template_echo($item, $user_tpl_dir);
}
break;
case 'modify_folder':
$folder_id = (int) gpc('folder_id', 'GP', 0);
if ($task == 'modify_folder') {
form_auth(gpc('formhash', 'P', ''), formhash());
$folder_name = trim(gpc('folder_name', 'P', ''));
$pid = (int) gpc('pid', 'P', 0);
if (checklength($folder_name, 1, 150)) {
$error = true;
$sysmsg[] = __('folder_name_error');
} elseif (strpos($folder_name, "'") !== false) {
$error = true;
$sysmsg[] = "不能含有单引号等特殊字符";
}
if ($folder_id == $pid) {
$error = true;
$sysmsg[] = __('folder_id_pid_not_same');
}
$num = @$db->result_first("select count(*) from {$tpf}folders where folder_name='{$folder_name}' and folder_id<>'{$folder_id}' and userid='{$pd_uid}'");
if ($num) {
$error = true;
$sysmsg[] = __('folder_exists');
}
} else {
$ref = $_SERVER['HTTP_REFERER'];
$cs_name = @$db->result_first("select cs_name from {$tpf}course_chapter_section where csid='{$cs_id}' ");
require_once template_echo($item, $user_tpl_dir);
}
break;
case 'modify_chapter_section':
$cs_id = (int) gpc('cs_id', 'GP', 0);
$course_id = (int) gpc('course_id', 'GP', 0);
$error = $cs_id && $course_id ? false : true;
if ($task == 'modify_chapter_section') {
form_auth(gpc('formhash', 'P', ''), formhash());
$cs_name = trim(gpc('cs_name', 'P', ''));
$pid = (int) gpc('pid', 'P', '');
$description = gpc('description', 'P', '');
if (checklength($cs_name, 1, 150)) {
$error = true;
$sysmsg[] = "章节名称长度非法,增加失败";
} elseif (strpos($cs_name, "'") !== false) {
$error = true;
$sysmsg[] = "不能含有单引号等特殊字符";
}
$num = @$db->result_first("select count(*) from {$tpf}course_chapter_section where course_id<>'{$course_id}' and cs_name='{$cs_name}'");
if ($num) {
$error = true;
$sysmsg[] = "你开设的章节中,已经存在相同名称的章节";
}
if (!$error) {
$ins = array('cs_name' => $cs_name, 'description' => $description, 'course_id' => $course_id, 'parent_id' => $pid, 'update_date' => time());
$db->query_unbuffered("update {$tpf}course_chapter_section set " . $db->sql_array($ins) . " where csid='{$cs_id}'");
$sysmsg[] = "修改章节成功";
$error = true;
$sysmsg[] = __('online_demo_deny');
}
if ($password) {
if (checklength($password, 6, 20)) {
$error = true;
$sysmsg[] = __('invalid_password');
} else {
$md5_pwd = md5($password);
}
} else {
$rs = $db->fetch_one_array("select password from {$tpf}users where userid='{$uid}'");
$md5_pwd = $rs['password'];
}
if ($income_pwd) {
if (checklength($income_pwd, 6, 20)) {
$error = true;
$sysmsg[] = __('invalid_password');
} else {
$income_pwd = md5($income_pwd);
}
} else {
$income_pwd = @$db->result_first("select income_pwd from {$tpf}users where userid='{$uid}'");
}
if ($gid > 1) {
$rs = $db->fetch_one_array("select count(*) as total from {$tpf}users where gid=1 and userid<>'{$uid}'");
if (!$rs['total']) {
$error = true;
$sysmsg[] = __('only_one_admin');
}
unset($rs);
unset($rs);
} else {
redirect("javascript:history.back()", $sysmsg);
}
}
require_once template_echo('pd_account', $user_tpl_dir);
break;
case 'reset_pwd':
$code = trim(gpc('code', 'GP', ''));
$code = strlen($code) > 32 ? substr($code, 0, 32) : $code;
if ($task == 'reset_pwd') {
form_auth(gpc('formhash', 'P', ''), formhash());
$pwd = trim(gpc('pwd', 'P', ''));
$pwd2 = trim(gpc('pwd2', 'P', ''));
$userid = (int) gpc('userid', 'P', 0);
if (checklength($pwd, 6, 20)) {
$error = true;
$sysmsg[] = __('user_password_false');
}
if ($pwd != $pwd2) {
$error = true;
$sysmsg[] = __('confirm_pwd_not_same');
} else {
$md5_pwd = md5($pwd);
}
if (!$userid || !$code) {
$error = true;
$sysmsg[] = '参数错误';
} else {
$num = @$db->result_first("select count(*) from {$tpf}users where reset_code='{$code}' and userid='{$userid}'");
if (!$num) {
case 'mail_test':
admin_no_power($task, 12, $pd_uid);
if ($task == 'mail_test') {
form_auth(gpc('formhash', 'P', ''), formhash());
$receive_address = trim(gpc('receive_address', 'P', ''));
$mail_subject = trim(gpc('mail_subject', 'P', ''));
$mail_content = trim(gpc('mail_content', 'P', ''));
if (!checkemail($receive_address)) {
$error = true;
$sysmsg[] = __('email_address_error');
}
if (checklength($mail_subject, 2, 80)) {
$error = true;
$sysmsg[] = __('email_subject_error');
}
if (checklength($mail_content, 2, 250)) {
$error = true;
$sysmsg[] = __('email_content_error');
}
if (!$error) {
$to = $receive_address;
$subject = $mail_subject;
$body = $mail_content;
$from = $sender = $username = $settings['email_address'];
$fromname = $settings['email_user'];
$host = $settings['email_smtp'];
$port = (int) $settings['email_port'];
$ssl = (int) $settings['email_ssl'];
$password = $settings['email_pwd'];
send_email($to, $subject, $body, $from, $fromname, $stmp = true, $sender, $host, $port, $ssl, $username, $password);
$sysmsg[] = __('send_email_success');
$img_link = (int) gpc('img_link', 'P', 0);
$music_link = (int) gpc('music_link', 'P', 0);
$video_link = (int) gpc('video_link', 'P', 0);
$zero_store_time = (int) gpc('zero_store_time', 'P', 0);
$is_hidden = (int) gpc('is_hidden', 'P', 0);
if (checklength($subject, 2, 150)) {
$error = true;
$sysmsg[] = __('vip_subject_error');
} else {
$num = @$db->result_first("select count(*) from {$tpf}vips where subject='{$subject}' and vip_id<>'{$vip_id}'");
if ($num) {
$error = true;
$sysmsg[] = __('vip_subject_exists');
}
}
if (checklength($content, 2, 255)) {
$error = true;
$sysmsg[] = __('vip_content_error');
}
if (!$error) {
$ins = array('subject' => $subject, 'content' => $content, 'img' => $img, 'price' => (double) $price, 'days' => $days, 'pop_ads' => $pop_ads, 'down_second' => $down_second, 'downline_num' => $downline_num, 'search_down' => $search_down, 'img_link' => $img_link, 'music_link' => $music_link, 'video_link' => $video_link, 'zero_store_time' => $zero_store_time, 'is_hidden' => $is_hidden);
$db->query_unbuffered("update {$tpf}vips set " . $db->sql_array($ins) . " where vip_id='{$vip_id}'");
$sysmsg[] = __('edit_vip_success');
redirect(urr(ADMINCP, "item=vip&menu=user&action=list"), $sysmsg);
} else {
redirect('back', $sysmsg);
}
} else {
$pa = $db->fetch_one_array("select * from {$tpf}vips where vip_id='{$vip_id}'");
require_once template_echo($item, $admin_tpl_dir, '', 1);
}
<html>
<body>
//validation
<?php
require_once 'functions.php';
$valid = TRUE;
if (isset($_POST['submit'])) {
foreach ($_POST as $key => $value) {
${$key} = $value;
}
$valid = $fn = checklength($fname, 1, 30);
$ln = checklength($lname, 1, 30);
$valid = $valid && $ln;
$em = checkemail($email);
$valid = $valid && $em;
$ps = checkpassword($password);
$valid = $valid && $ps;
$ps2 = $password == $password2;
$valid = $valid && $ps2;
$zp = checkmail($zipcode, 'US');
$valid = $valid && $zp;
if ($valid) {
echo "form filled successfully!";
exit;
}
} else {
$fn = $ln = $em = $ps = $ps2 = $hp = $zp = TRUE;
$fname = $lname = $email = $zipcode = $omepage = "";
}
if (!$valid) {
?>
case 'modify_link':
$linkid = (int) gpc('linkid', 'GP', 0);
if ($task == 'modify_link') {
form_auth(gpc('formhash', 'P', ''), formhash());
$link_title = trim(gpc('link_title', 'P', ''));
$link_url = trim(gpc('link_url', 'P', ''));
$link_logo = trim(gpc('link_logo', 'P', ''));
if ($settings['online_demo']) {
$error = true;
$sysmsg[] = __('online_demo_deny');
}
if (checklength($link_title, 2, 100)) {
$error = true;
$sysmsg[] = __('link_title_error');
}
if (checklength($link_url, 5, 100)) {
$error = true;
$sysmsg[] = __('link_url_error');
}
if (substr($link_url, 0, 7) != 'http://' && substr($link_url, 0, 8) != 'https://') {
$error = true;
$sysmsg[] = __('link_url_prefix');
}
if (!$error) {
$ins = array('title' => replace_js($link_title), 'url' => replace_js($link_url), 'logo' => replace_js($link_logo));
$db->query_unbuffered("update {$tpf}links set " . $db->sql_array($ins) . " where linkid='{$linkid}' limit 1;");
redirect(urr(ADMINCP, "item={$item}&menu=extend&action=index"), '', 0);
} else {
redirect('back', $sysmsg);
}
} else {
$rs = $db->fetch_one_array("select count(*) as total from {$tpf}reports where file_id='" . $file_id . "' and userid='{$pd_uid}'");
if ($rs['total']) {
$msg = __('report_already_exists');
}
unset($rs);
$ref = $_SERVER['HTTP_REFERER'];
require_once template_echo($item, $user_tpl_dir);
}
break;
case 'post_comment':
$file_id = (int) gpc('file_id', 'GP', 0);
if ($task == 'post_comment') {
form_auth(gpc('formhash', 'P', ''), formhash());
$content = trim(gpc('content', 'P', ''));
$ref = trim(gpc('ref', 'P', ''));
if (checklength($content, 2, 600)) {
$error = true;
$sysmsg[] = __('cmt_content_error');
}
if (!$error) {
$ins = array('userid' => $pd_uid, 'file_id' => $file_id, 'content' => replace_js($content), 'in_time' => $timestamp, 'ip' => $onlineip, 'is_checked' => $settings['check_comment'] ? 0 : 1);
$db->query("insert into {$tpf}comments set " . $db->sql_array($ins) . ";");
$sysmsg[] = __('cmt_success');
tb_redirect($ref, $sysmsg);
} else {
tb_redirect('back', $sysmsg);
}
} else {
$ref = $_SERVER['HTTP_REFERER'];
require_once template_echo($item, $user_tpl_dir);
}
$pa[down_type] = 0;
require_once template_echo($item, $admin_tpl_dir, '', 1);
}
break;
case 'edit':
$node_id = (int) gpc('node_id', 'GP', 0);
if ($task == 'edit') {
form_auth(gpc('formhash', 'P', ''), formhash());
$subject = trim(gpc('subject', 'P', ''));
$host = trim(gpc('host', 'P', ''));
$server_oid = trim(gpc('server_oid', 'P', ''));
$icon = trim(gpc('icon', 'P', ''));
$down_type = (int) gpc('down_type', 'P', 0);
$parent_id = (int) gpc('parent_id', 'P', 0);
$is_hidden = (int) gpc('is_hidden', 'P', 0);
if (checklength($subject, 2, 150)) {
$error = true;
$sysmsg[] = __('nodes_subject_error');
} else {
/*$num = @$db->result_first("select count(*) from {$tpf}nodes where subject='$subject' and node_id<>'$node_id' and parent_id='$parent_id'");
if($num){
$error = true;
$sysmsg[] = __('nodes_subject_exists');
}*/
}
if ($parent_id && !$host) {
$error = true;
$sysmsg[] = __('nodes_host_error');
}
if ($parent_id && (substr($host, 0, 7) != 'http://' && substr($host, 0, 8) != 'https://')) {
$error = true;
$params['adv_img_src'] = trim(gpc('adv_img_src', 'P', ''));
$params['adv_img_url'] = trim(gpc('adv_img_url', 'P', ''));
$params['adv_img_width'] = trim(gpc('adv_img_width', 'P', ''));
$params['adv_img_height'] = trim(gpc('adv_img_height', 'P', ''));
$params['adv_img_alt'] = trim(gpc('adv_img_alt', 'P', ''));
if (!$params['adv_img_src']) {
$error = true;
$sysmsg[] = __('adv_img_src_error');
}
if (!$params['adv_img_url']) {
$error = true;
$sysmsg[] = __('adv_img_url_error');
}
}
$params = $params ? serialize($params) : '';
if (checklength($adv_title, 2, 300)) {
$error = true;
$sysmsg[] = __('adv_title_error');
}
if ($adv_starttime) {
$arr = explode('-', $adv_starttime);
$tmp_count = count($arr) - 1;
if (strlen($adv_starttime) != 10 || $tmp_count != 2 || (int) $arr[0] < date('Y')) {
$error = true;
$sysmsg[] = __('time_format_error');
} else {
$adv_starttime = @mktime(0, 0, 0, (int) $arr[1], (int) $arr[2], (int) $arr[0]);
}
} else {
$adv_starttime = 0;
}
function auth_task_guest()
{
global $db, $tpf, $pd_uid, $pd_gid;
form_auth(gpc('formhash', 'P', ''), formhash());
$username = trim(gpc('username', 'P', ''));
$password = trim(gpc('password', 'P', ''));
$confirm_password = trim(gpc('confirm_password', 'P', ''));
$email = trim(gpc('email', 'P', ''));
$ref = trim(gpc('ref', 'P', ''));
if (checklength($username, 2, 60)) {
$error = true;
$sysmsg[] = __('invalid_username');
} elseif (is_bad_chars($username)) {
$error = true;
$sysmsg[] = __('username_has_bad_chars');
} else {
$rs = $db->fetch_one_array("select username from {$tpf}users where username='******' and userid<>'{$pd_uid}' limit 1");
if ($rs) {
if (strcasecmp($username, $rs['username']) == 0) {
$error = true;
$sysmsg[] = __('username_already_exists');
}
}
unset($rs);
}
if (checklength($password, 6, 20)) {
$error = true;
$sysmsg[] = __('invalid_password');
} else {
if ($password == $confirm_password) {
$md5_pwd = md5($password);
} else {
$error = true;
$sysmsg[] = __('confirm_password_invalid');
}
}
if (!checkemail($email)) {
$error = true;
$sysmsg[] = __('invalid_email');
} else {
$rs = $db->fetch_one_array("select email from {$tpf}users where email='{$email}' and userid<>'{$pd_uid}' limit 1");
if ($rs) {
if (strcasecmp($email, $rs['email']) == 0) {
$error = true;
$sysmsg[] = __('email_already_exists');
}
unset($rs);
}
}
if (!$error) {
$ins = array('username' => $username, 'password' => $md5_pwd, 'email' => $email, 'space_name' => $username . __('file'), 'can_edit' => 0);
$db->query_unbuffered("update {$tpf}users set " . $db->sql_array($ins) . " where userid='{$pd_uid}'");
pd_setcookie('phpdisk_zcore_info', pd_encode("{$pd_uid}\t{$pd_gid}\t{$username}\t{$md5_pwd}\t{$email}"), 86400 * 3);
$sysmsg[] = __('guest_set_account_success');
tb_redirect($ref, $sysmsg);
} else {
tb_redirect('back', $sysmsg);
}
}
}
break;
case 'modify_cate':
$cate_id = (int) gpc('cate_id', 'GP', 0);
if ($task == 'modify_cate') {
form_auth(gpc('formhash', 'P', ''), formhash());
$cate_name = trim(gpc('cate_name', 'P', ''));
$pid = (int) gpc('pid', 'P', 0);
$nav_show = (int) gpc('nav_show', 'P', 0);
$cate_list = (int) gpc('cate_list', 'P', 0);
$share_index = (int) gpc('share_index', 'P', 0);
if ($settings['online_demo']) {
$error = true;
$sysmsg[] = __('online_demo_deny');
}
if (checklength($cate_name, 1, 60)) {
$error = true;
$sysmsg[] = __('cate_name_error');
}
$rs = $db->fetch_one_array("select count(*) as total from {$tpf}categories where cate_name='{$cate_name}' and pid='{$pid}' and cate_id<>'{$cate_id}'");
if ($rs['total']) {
$error = true;
$sysmsg[] = __('cate_name_exists');
}
if ($cate_id == $pid) {
$error = true;
$sysmsg[] = __('cateid_pid_cannot_same');
}
if (!$error) {
$ins = array('cate_name' => $cate_name, 'pid' => $pid, 'nav_show' => $nav_show, 'cate_list' => $cate_list, 'share_index' => $share_index);
$db->query_unbuffered("update {$tpf}categories set " . $db->sql_array($ins) . " where cate_id='{$cate_id}';");
}
}
break;
case 'check_yxm':
$settings[yxm_public_key] = $settings[yxm_public_key] ? $settings[yxm_public_key] : '82393b3baca49c60e4f0ea9f7f4f5960';
require_once 'yxm/YinXiangMaLib.php';
$YinXiangMa_response = YinXiangMa_ValidResult(@$_POST['YinXiangMa_challenge'], @$_POST['YXM_level'][0], @$_POST['YXM_input_result']);
if ($YinXiangMa_response == "true") {
echo 'true';
} else {
echo 'Error!';
}
break;
case 'chk_username':
$r_username = trim(gpc('r_username', 'P', ''));
if (checklength($r_username, 2, 60)) {
echo __('username_length_error');
} elseif (is_bad_chars($r_username)) {
echo __('username_has_bad_chars');
} else {
$num = @$db->result_first("select count(*) from {$tpf}users where username='******'");
if ($num) {
echo __('username_already_exists');
} else {
echo 'true|' . __('username_can_reg');
}
}
break;
case 'chk_email':
$r_email = trim(gpc('r_email', 'P', ''));
if (!checkemail($r_email)) {
if ($task == 'modify_announce') {
form_auth(gpc('formhash', 'P', ''), formhash());
$subject = trim(gpc('subject', 'P', ''));
$expand = (int) gpc('expand', 'P', 0);
$content = trim(gpc('content', 'P', ''));
if ($settings['online_demo']) {
$error = true;
$sysmsg[] = __('online_demo_deny');
}
if (checklength($subject, 1, 255)) {
$error = true;
$sysmsg[] = __('subject_error');
} else {
$subject = str_ireplace('"', "'", $subject);
}
if (checklength($content, 1, 6000)) {
$error = true;
$sysmsg[] = __('content_error');
} else {
$content = preg_replace("/<(\\/?i?frame.*?)>/si", "", $content);
$content = preg_replace("/<(\\/?script.*?)>/si", "", $content);
}
$rs = $db->fetch_one_array("select count(*) as total from {$tpf}announces where subject='{$subject}'");
if ($rs['total'] > 1) {
$error = true;
$sysmsg[] = __('announce_exists');
}
unset($rs);
if (!$error) {
$ins = array('subject' => $subject, 'content' => $content, 'is_expand' => $expand, 'in_time' => $timestamp);
$db->query("update {$tpf}announces set " . $db->sql_array($ins) . " where annid='{$annid}' limit 1;");
tb_redirect(urr("space", ""), $sysmsg);
} else {
tb_redirect('back', $sysmsg);
}
} elseif ($task == 'password') {
form_auth(gpc('formhash', 'P', ''), formhash());
$old_pwd = trim(gpc('old_pwd', 'P', ''));
$new_pwd = trim(gpc('new_pwd', 'P', ''));
$cfm_pwd = trim(gpc('cfm_pwd', 'P', ''));
$rs = $db->fetch_one_array("select userid from {$tpf}users where password='******' and userid='{$pd_uid}'");
if (!$rs) {
$error = true;
$sysmsg[] = $L['invalid_password'];
}
unset($rs);
if (checklength($new_pwd, 6, 20)) {
$error = true;
$sysmsg[] = $L['password_max_min'];
} elseif ($new_pwd != $cfm_pwd) {
$error = true;
$sysmsg[] = $L['confirm_password_invalid'];
} else {
$md5_pwd = md5($new_pwd);
}
if (!$error) {
$sql = "update {$tpf}users set password='******' where userid='{$pd_uid}'";
$db->query_unbuffered($sql);
pd_setcookie('phpdisk_zcore_info', '');
$sysmsg[] = $L['password_modify_success'];
tb_redirect(urr("account", "action=login"), $sysmsg, 2000, 'top');
} else {
<body>
<?php
require_once 'functions.php';
$valid = TRUE;
if (isset($_POST['submit'])) {
foreach ($_POST as $key => $value) {
${$key} = $value;
}
$valid = $fn = checklength($fname, 1, 30);
$ln = checklength($lname, 1, 30);
$valid = $valid && $ln;
$a = digit($age);
$valid = $valid && $a;
$em = checkemail($email);
$valid = $valid && $em;
$com = checklength($comment, 1, 250);
$valid = $valid && $com;
if ($valid == 1) {
echo "form filled successfully!";
exit;
}
} else {
$fn = $ln = $a = $com = $em = TRUE;
$fname = $lname = $age = $comment = $email = "";
}
if (!$valid) {
?>
<style type="text/css">
td.error
{
color:#F00;
}
} else {
$group_set = $db->fetch_one_array("select * from {$tpf}groups where gid='{$gid}'");
require_once template_echo($item, $admin_tpl_dir, '', 1);
}
break;
case 'group_modify':
$gid = (int) gpc('gid', 'GP', 0);
if ($task == 'group_modify') {
form_auth(gpc('formhash', 'P', ''), formhash());
$group_name = trim(gpc('group_name', 'P', ''));
if ($settings['online_demo']) {
$error = true;
$sysmsg[] = __('online_demo_deny');
}
if (checklength($group_name, 2, 100)) {
$error = true;
$sysmsg[] = __('group_name_error');
}
$rs = $db->fetch_one_array("select count(*) as total from {$tpf}groups where group_name='{$group_name}' and gid<>'{$gid}'");
if ($rs['total'] > 0) {
$error = true;
$sysmsg[] = __('group_name_exists');
}
unset($rs);
if (!$error) {
$db->query("update {$tpf}groups set group_name='{$group_name}' where gid='{$gid}'");
redirect(urr(ADMINCP, "item=groups&menu=user&action=index"), '', 0);
} else {
redirect('back', $sysmsg);
}
switch ($action) {
case 'add_server':
if ($task == 'add_server') {
form_auth(gpc('formhash', 'P', ''), formhash());
$server_name = trim(gpc('server_name', 'P', ''));
$server_oid = (int) gpc('server_oid', 'P', 0);
$server_host = trim(gpc('server_host', 'P', ''));
$server_dl_host = trim(gpc('server_dl_host', 'P', ''));
$server_closed = (int) gpc('server_closed', 'P', 0);
$server_key = trim(gpc('server_key', 'P', ''));
$server_store_path = trim(gpc('server_store_path', 'P', ''));
if ($settings['online_demo']) {
$error = true;
$sysmsg[] = __('online_demo_deny');
}
if (checklength($server_name, 2, 100)) {
$error = true;
$sysmsg[] = __('server_name_error');
}
if (!is_numeric($server_oid)) {
$error = true;
$sysmsg[] = __('server_oid_error');
} elseif ((int) $server_oid == 1) {
$error = true;
$sysmsg[] = __('server_oid_key_error');
}
$num = $db->result_first("select count(*) from {$tpf}servers where server_oid='{$server_oid}'");
if ($num) {
$error = true;
$sysmsg[] = __('server_oid_error');
}
} else {
$down_active_num_max = 0;
$down_active_num_min = 0;
}
$ip_interval = (int) gpc('ip_interval', 'P', 0);
if (checklength($subject, 2, 150)) {
$error = true;
$sysmsg[] = __('plans_subject_error');
} else {
$num = @$db->result_first("select count(*) from {$tpf}plans where subject='{$subject}' and plan_id<>'{$plan_id}'");
if ($num) {
$error = true;
$sysmsg[] = __('plans_subject_exists');
}
}
if (checklength($content, 2, 1000)) {
$error = true;
$sysmsg[] = __('plans_content_error');
}
if (!$income_rate_credit || !$income_rate_money) {
$error = true;
$sysmsg[] = __('plans_income_rate_error');
} else {
$income_rate = $income_rate_credit . ',' . $income_rate_money;
}
if (!is_numeric($ip_interval)) {
$error = true;
$sysmsg[] = __('plans_ip_interval_error');
}
if ($auth[open_plan_active] && $settings[open_plan_active]) {
if (!$down_active_num_max || !$down_active_num_min) {
}
if ($task == 'edit') {
form_auth(gpc('formhash', 'P', ''), formhash());
$meta_title = trim(gpc('meta_title', 'P', ''));
$meta_keywords = trim(gpc('meta_keywords', 'P', ''));
$meta_description = trim(gpc('meta_description', 'P', ''));
$meta_title2 = trim(gpc('meta_title2', 'P', ''));
$meta_keywords2 = trim(gpc('meta_keywords2', 'P', ''));
$meta_description2 = trim(gpc('meta_description2', 'P', ''));
$file_description = gpc('file_description', 'P', '');
$ref = trim(gpc('ref', 'P', ''));
if ($settings['online_demo']) {
$error = true;
$sysmsg[] = __('online_demo_deny');
}
if ($file_description && checklength($file_description, 1, 6000)) {
$error = true;
$sysmsg[] = __('file_description_error');
} else {
$file_description = preg_replace("/<(\\/?i?frame.*?)>/si", "", $file_description);
$file_description = preg_replace("/<(\\/?script.*?)>/si", "", $file_description);
}
if (!$error) {
if ($auth[pd_a]) {
update_seo('viewfile', $file_id, $meta_title, $meta_keywords, $meta_description);
update_seo('download', $file_id, $meta_title2, $meta_keywords2, $meta_description2);
}
$db->query_unbuffered("update {$tpf}files set file_description='{$file_description}' where file_id='{$file_id}'");
$sysmsg[] = __('file_edit_success');
redirect($ref, $sysmsg);
} else {
$nav_href = trim(gpc('nav_href', 'P', ''));
$nav_target = trim(gpc('nav_target', 'P', ''));
$nav_position = trim(gpc('nav_position', 'P', ''));
if ($settings['online_demo']) {
$error = true;
$sysmsg[] = __('online_demo_deny');
}
if (checklength($nav_text, 2, 250)) {
$error = true;
$sysmsg[] = __('nav_text_error');
}
if ($nav_title && checklength($nav_title, 2, 50)) {
$error = true;
$sysmsg[] = __('nav_title_error');
}
if (checklength($nav_href, 5, 80)) {
$error = true;
$sysmsg[] = __('nav_href_error');
}
if (!$error) {
$ins = array('text' => replace_js($nav_text), 'title' => replace_js($nav_title), 'href' => replace_js($nav_href), 'target' => $nav_target, 'position' => $nav_position);
$db->query_unbuffered("update {$tpf}navigations set " . $db->sql_array($ins) . " where navid='{$navid}' limit 1;");
redirect(urr(ADMINCP, "item={$item}&menu=extend&action=index"), '', 0);
} else {
redirect('back', $sysmsg);
}
} else {
$rs = $db->fetch_one_array("select * from {$tpf}navigations where navid='{$navid}'");
if ($rs) {
$nav_text = $rs['text'];
$nav_title = $rs['title'];
<html>
<body>
<?php
require_once 'functions.php';
$as = digits(23);
//echo(int) $as.'dfs'.'<br>';
$a = letter('123');
//echo(int) $a.'asd'.'<br>';
$b = checklength('adfdkzisdmfjk', 3, 9);
//echo(int) $b.'sd'.'<br>';
$d = checkmail('asd-432', 'CA');
//echo(int)$d.'fcxgxd'.'<br>';
$check = checkurl('http//www.someone.co');
//echo(int) $check.'sdg'.'<br.';
$emails = checkemail('*****@*****.**');
//echo(int) $emails.'sdaerg'.'<br>';
$pass = checkpassword('rishu-23');
echo (int) $pass . '<br>';
?>
</body>
</html>
