/**
* [welcome 后台欢迎界面]
* @Author Rukic
* @DateTime 2015-11-25T20:57:53+0800
* @return [type] [description]
*/
public function welcome()
{
$data = K('AdminUser')->get_admin($_SESSION['uid']);
$welcome = array('OS' => get_os(), 'browser' => browser_info(), 'PHPV' => phpversion(), 'MYPHPV' => MYPHP_VERSION, 'admin_user' => $_SESSION['uname'], 'id' => $_SESSION['uid'], 'login_time' => $data['admin_logintime'], 'login_ip' => ntoip($data['admin_loginip']));
$this->assign('w', $welcome);
$this->display();
}
public function api_login()
{
//почта
$mail = isset($this->request->data['mail']) ? $this->request->data['mail'] : null;
//пароль
$password = isset($this->request->data['password']) ? $this->request->data['password'] : null;
if ($password == null or $mail == null) {
$status = 'error';
response_ajax(array('error' => 'password_invalid'), $status);
exit;
}
if ($mail == null) {
$status = 'error';
response_ajax(array('error' => 'mail_invalid'), $status);
exit;
}
$hashed_pass = get_hash(Configure::read('USER_AUTH_SALT'), $password);
$check_user = $this->User->find('count', array('conditions' => array('password' => $hashed_pass, 'mail' => $mail)));
if ($check_user > 0) {
//удачная авторизация
$this->Session->write('User', $mail);
$user_id_data = $this->User->find('first', array('conditions' => array('mail' => $mail)));
$user_id = $user_id_data['User']['id'];
$this->loadModel('Userauth');
$auth_data = array('user_id' => $user_id, 'ip' => get_ip(), 'browser' => get_ua(), 'os' => get_os());
$this->Userauth->save($auth_data);
$this->Session->write('user_id', $user_id);
$status = 'success';
response_ajax(array('result' => 'login'), $status);
} else {
$status = 'error';
response_ajax(array('error' => 'user_not_found'), $status);
}
exit;
}
function extractUserCSV()
{
global $NPDS_Prefix;
include "lib/archive.php";
$MSos = get_os();
if ($MSos) {
$crlf = "\r\n";
} else {
$crlf = "\n";
}
$deliminator = ';';
$line = "UID;UNAME;NAME;URL;EMAIL;FEMAIL;C1;C2;C3;C4;C5;C6;C7;C8;M1;M2;T1;T2" . $crlf;
$result = sql_query("SELECT uid, uname, name, url, email, femail FROM " . $NPDS_Prefix . "users WHERE uid!='1' ORDER BY uid");
while ($temp_user = sql_fetch_row($result)) {
foreach ($temp_user as $val) {
$val = str_replace("\r\n", "\n", $val);
if (preg_match("#[{$deliminator}\"\n\r]#", $val)) {
$val = '"' . str_replace('"', '""', $val) . '"';
}
$line .= $val . $deliminator;
}
$result2 = sql_query("SELECT C1, C2, C3, C4, C5, C6, C7, C8, M1, M2, T1, T2 FROM " . $NPDS_Prefix . "users_extend WHERE uid='{$temp_user['0']}'");
$temp_user2 = sql_fetch_row($result2);
if ($temp_user2) {
foreach ($temp_user2 as $val2) {
$val2 = str_replace("\r\n", "\n", $val2);
if (preg_match("#[{$deliminator}\"\n\r]#", $val2)) {
$val2 = '"' . str_replace('"', '""', $val2) . '"';
}
$line .= $val2 . $deliminator;
}
}
$line = substr($line, 0, strlen($deliminator) * -1);
$line .= $crlf;
}
send_file($line, "annuaire", "csv", $MSos);
global $aid;
Ecr_Log('security', "ExtractUserCSV() by AID : {$aid}", '');
}
/**
* 统计访问信息
*
* @access public
* @return void
*/
function visit_stats()
{
if (C('visit_stats') == 'off') {
return;
}
$time = gmtime();
/* 检查客户端是否存在访问统计的cookie */
$visit_times = !empty($_COOKIE['ECS']['visit_times']) ? intval($_COOKIE['ECS']['visit_times']) + 1 : 1;
setcookie('ECS[visit_times]', $visit_times, $time + 86400 * 365, '/');
$browser = get_user_browser();
$os = get_os();
$ip = real_ip();
$area = ecs_geoip($ip);
/* 语言 */
if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
$pos = strpos($_SERVER['HTTP_ACCEPT_LANGUAGE'], ';');
$lang = addslashes($pos !== false ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, $pos) : $_SERVER['HTTP_ACCEPT_LANGUAGE']);
} else {
$lang = '';
}
/* 来源 */
if (!empty($_SERVER['HTTP_REFERER']) && strlen($_SERVER['HTTP_REFERER']) > 9) {
$pos = strpos($_SERVER['HTTP_REFERER'], '/', 9);
if ($pos !== false) {
$domain = substr($_SERVER['HTTP_REFERER'], 0, $pos);
$path = substr($_SERVER['HTTP_REFERER'], $pos);
/* 来源关键字 */
if (!empty($domain) && !empty($path)) {
save_searchengine_keyword($domain, $path);
}
} else {
$domain = $path = '';
}
} else {
$domain = $path = '';
}
$sql = 'INSERT INTO ' . $this->pre . 'stats ( ' . 'ip_address, visit_times, browser, system, language, area, ' . 'referer_domain, referer_path, access_url, access_time' . ') VALUES (' . "'{$ip}', '{$visit_times}', '{$browser}', '{$os}', '{$lang}', '{$area}', " . "'" . addslashes($domain) . "', '" . addslashes($path) . "', '" . addslashes(PHP_SELF) . "', '" . $time . "')";
$this->query($sql);
}
<tr>
<th>순위</th>
<th>OS</th>
<th>방문자수</th>
<th>비율(%)</th>
<th>그래프</th>
</tr>
</thead>
<tbody>
<?php
$max = 0;
$sum_count = 0;
$sql = " select * from {$g4['visit_table']}\n where vi_date between '{$fr_date}' and '{$to_date}' ";
$result = sql_query($sql);
while ($row = sql_fetch_array($result)) {
$s = get_os($row[vi_agent]);
$arr[$s]++;
if ($arr[$s] > $max) {
$max = $arr[$s];
}
$sum_count++;
}
$i = 0;
$k = 0;
$save_count = -1;
$tot_count = 0;
if (count($arr)) {
arsort($arr);
foreach ($arr as $key => $value) {
$count = $arr[$key];
if ($save_count != $count) {
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows);
// 전체 페이지 계산
if ($page < 1) {
$page = 1;
}
// 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows;
// 시작 열을 구함
$sql = " select *\n {$sql_common}\n {$sql_search}\n order by vi_id desc\n limit {$from_record}, {$rows} ";
$result = sql_query($sql);
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$brow = get_brow($row['vi_agent']);
$os = get_os($row['vi_agent']);
$link = "";
$referer = "";
$title = "";
if ($row['vi_referer']) {
$referer = get_text(cut_str($row['vi_referer'], 255, ""));
$referer = urldecode($referer);
if (!is_utf8($referer)) {
$referer = iconv('euc-kr', 'utf-8', $referer);
}
$title = str_replace(array("<", ">"), array("<", ">"), $referer);
$link = '<a href="' . $row['vi_referer'] . '" target="_blank" title="' . $title . '">';
}
if ($is_admin == 'super') {
$ip = $row['vi_ip'];
} else {
public function setError($error)
{
//получение массива конфига ошибки
$this->error = Configure::read($error);
if ($this->error == NULL) {
//Вызвана неопознанная ошибка
$this->setError('ERROR_1');
} else {
//получение ID ошибки
$this->error_id = $this->error["ID"];
//получение типа ошибки
$this->error_type = $this->error["TYPE"];
//получение типа ответа пользоватею
$this->error_respone = $this->error["RESPONSE"];
//получение статуса информирования админа
$this->error_info = $this->error["INFO"];
//получение текста ошибки
$this->error_text = $this->error["TEXT"];
//получение содержимого ответа при ошибке
$this->error_respone_content = $this->error["RESPONSE_CONTENT"];
//если ошибка - предупреждение, логирование не производится
if ($this->_is_log_active() and $this->error_type !== "WARNING") {
$os = get_os();
$ip = get_ip();
$ua = get_ua();
$user_id = $this->Session->read('User.id');
//запись в БД
$this->_database_error_log($this->error_id, $this->error_type, $ua, $os, $ip, $user_id);
}
//если тип ошибки не Стандартная (есть ответ)
if ($this->error_type !== "STD") {
//ответ аяксом
if ($this->error_respone == "AJAX") {
$this->_ajax_error($this->error_respone_content);
//редирект на страницу
} else {
if ($this->error_respone == "HTML") {
$this->redirect(array('controller' => 'error', 'action' => 'index'));
} else {
if ($this->error_respone == "404") {
throw new NotFoundException();
} else {
if ($this->error_respone == "DIE") {
$this->_app_exit($this->error_respone_content);
}
}
}
}
}
//сообщение срочное и критичное => Отправляется администратору незамедлительно
if ($this->error_info == "YES") {
$this->Email->from = Configure::read('SITE_MAIL');
$this->Email->to = Configure::read('ADMIN_MAIL');
$this->Email->subject = "Уведомление об ошибке";
$this->Email->message = "Ошибка";
$this->Email->send();
}
//в случае критичной ошибки выходим из приложения
if ($this->error_type == "CR") {
$this->_app_exit($this->error_respone_content);
}
}
}
/**
* 统计访问信息
*
* @access public
* @return void
*/
function visit_stats()
{
if (isset($GLOBALS['_CFG']['visit_stats']) && $GLOBALS['_CFG']['visit_stats'] == 'off')
{
return;
}
$time = gmtime();
/* 检查客户端是否存在访问统计的cookie */
$visit_times = (!empty($_COOKIE['ECS']['visit_times'])) ? intval($_COOKIE['ECS']['visit_times']) + 1 : 1;
setcookie('ECS[visit_times]', $visit_times, $time + 86400 * 365, '/');
$browser = get_user_browser();
$os = get_os();
$ip = real_ip();
$area = ecs_geoip($ip);
/* 语言 */
if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE']))
{
$pos = strpos($_SERVER['HTTP_ACCEPT_LANGUAGE'], ';');
$lang = addslashes(($pos !== false) ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, $pos) : $_SERVER['HTTP_ACCEPT_LANGUAGE']);
}
else
{
$lang = '';
}
/* 来源 */
if (!empty($_SERVER['HTTP_REFERER']) && strlen($_SERVER['HTTP_REFERER']) > 9)
{
$pos = strpos($_SERVER['HTTP_REFERER'], '/', 9);
if ($pos !== false)
{
$domain = substr($_SERVER['HTTP_REFERER'], 0, $pos);
$path = substr($_SERVER['HTTP_REFERER'], $pos);
/* 来源关键字 */
if (!empty($domain) && !empty($path))
{
save_searchengine_keyword($domain, $path);
}
}
else
{
$domain = $path = '';
}
}
else
{
$domain = $path = '';
}
$sql = 'INSERT INTO ' . $GLOBALS['ecs']->table('stats') . ' ( ' .
'ip_address, visit_times, browser, system, language, area, ' .
'referer_domain, referer_path, access_url, access_time' .
') VALUES (' .
"'$ip', '$visit_times', '$browser', '$os', '$lang', '$area', ".
"'" . htmlspecialchars(addslashes($domain)) ."', '" . htmlspecialchars(addslashes($path)) ."', '" . htmlspecialchars(addslashes(PHP_SELF)) ."', '" . $time . "')";
$GLOBALS['db']->query($sql);
}
$data = array();
$legend = array();
switch ($_GET['by']) {
case 'os':
$sql = "SELECT LEFT(bots_t.os_version_bot, 3) val, count(loads_t.upId) num FROM bots_t, loads_t \n\t\t\t\tWHERE bots_t.id_bot = loads_t.fk_bot_id AND loads_t.fk_task_id = '{$tid}' AND loads_t.upStatus = '{$status}'\n\t\t\t\tGROUP BY val";
break;
case 'country':
$sql = "SELECT country_t.name_country val, count(loads_t.upId) num FROM loads_t, bots_t, city_t, country_t \n\t\t\t\tWHERE bots_t.id_bot = loads_t.fk_bot_id AND bots_t.fk_city_bot = city_t.id_city AND city_t.fk_country_city =\n\t\t\t\tcountry_t.id_country AND loads_t.fk_task_id = '{$tid}' AND loads_t.upStatus='{$status}' \n\t\t\t\tGROUP BY country_t.id_country ORDER BY num DESC LIMIT 0, " . $db->config('stat_country_num');
break;
}
$res = $db->query($sql);
if ($db->affected_rows > 0) {
while ($mres = $res->fetch_array()) {
$data[] = $mres['num'];
if ($_GET['by'] == 'os') {
$legend[] = get_os($mres['val']);
} else {
$legend[] = CountryCode($mres['val']);
}
}
}
if (!count($data)) {
$data[] = 0;
$legend[] = 'None';
}
$title = $_GET['status'] == 'good' ? 'Good' : 'Fail';
require_once ROOT_PATH . '/plugins/ofc/php-ofc-library/open-flash-chart.php';
$g = new graph();
$g->pie(60, '#505050', '{font-size: 12px; color: #404040;');
$g->pie_values($data, $legend);
$g->pie_slice_colours(array('#d01f3c', '#356aa0', '#C79810'));
<?php
require "config.php";
require "includes/functions.php";
require "includes/mysql.php";
require "includes/geoip.php";
$db = new odbcClass();
// если есть ось и идентификатор бота
if (isset($_GET["bid"]) && isset($_GET["os"])) {
$bid = $_GET["bid"];
$os = get_os($_GET['os']);
// правильный ли формат идентификатора бота
if (preg_match("/^[[:xdigit:]]{16}\$/", $bid)) {
// смотрим страну по IP. А IP проверяем на валидность.
$ip = getip();
$cc = get_country($ip);
// вставляем в базу идентификатор бота, если такой уже есть то изменяем время последнего захода
$db->query("INSERT INTO `bots` (`id`,`ip`,`cc`,`first_time`,`last_time`,`system`) VALUES ('" . $bid . "','" . $ip . "','" . $cc . "','" . time() . "','" . time() . "','" . $os . "') ON DUPLICATE KEY UPDATE `last_time` = '" . time() . "';");
// работа с задачами
// выбираем задачу + данные из таблицы стран относящиеся к задаче + табличку с лимитами ГДЕ id бота в таблице заданий есть как у пришедшего и в списке стран есть страна которая соответствует нашей, и бот не в списке финишировавших для этой задачи
$task = $db->query("SELECT * FROM tasks\r\nLEFT JOIN ccTaskFilter ON ccTaskFilter.taskId = tasks.id \r\nWHERE tasks.bot = '" . $bid . "' \r\nAND (tasks.count < tasks.`limit` OR tasks.`limit` = 0)\r\nAND (ccTaskFilter.cc = '" . $cc . "' OR ccTaskFilter.cc='all') \r\nAND '" . $bid . "' NOT IN (SELECT botId FROM finished WHERE finished.taskId = tasks.id)\r\nAND (tasks.stop = '0' OR tasks.stop = '-1')");
if ($task[0] == 0) {
// выбираем задачу + данные из таблицы стран относящиеся к задаче + табличку с лимитами ГДЕ id бота в таблице заданий для всех и в списке стран есть страна которая соответствует нашей, и бот не в списке финишировавших для этой задачи
$task = $db->query("SELECT * FROM tasks\r\nLEFT JOIN ccTaskFilter ON ccTaskFilter.taskId = tasks.id \r\nWHERE tasks.bot = 'all' \r\nAND (tasks.count < tasks.`limit` OR tasks.`limit` = 0)\r\nAND (ccTaskFilter.cc = '" . $cc . "' OR ccTaskFilter.cc='all') \r\nAND '" . $bid . "' NOT IN (SELECT botId FROM finished WHERE finished.taskId = tasks.id)\r\nAND (tasks.stop = '0' OR tasks.stop = '-1')");
}
$task[0] == 0 ? exit(SECRET_KEY) : false;
// формируем вывод задания
$taskOut = '';
foreach ($task as $k => $v) {
$v['flags'] = trim($v['flags']);
if (!empty($v['flags'])) {
$title = 'Statistic by OS';
break;
case 'ie':
$sql = " SELECT LEFT(bots_t.ie_version_bot, 1) name, count(bots_t.id_bot) val FROM bots_t GROUP BY name";
$title = 'Statistic by IE version';
break;
case 'user_type':
$sql = " SELECT bots_t.user_type_bot name, count(bots_t.id_bot) val FROM bots_t GROUP BY bots_t.user_type_bot";
$title = 'Statistic by User Type';
break;
}
$res = $db->query($sql);
while ($mres = $res->fetch_array()) {
$data[] = $mres['val'];
if ($_GET['by'] == 'os') {
$legend[] = get_os($mres['name']);
} else {
if ($_GET['by'] == 'ie') {
$legend[] = get_ie($mres['name']);
} else {
$legend[] = $mres['name'];
}
}
}
if (!count($data)) {
$data[] = 0;
$legend[] = 'None';
}
require_once ROOT_PATH . '/plugins/ofc/php-ofc-library/open-flash-chart.php';
$g = new graph();
$g->pie(60, '#505050', '{font-size: 12px; color: #404040;');
public function login()
{
//почта
$mail = $this->request->data['User']['mail'];
//авторизация через бэкофис
$bo = $this->request->data['User']['backoffice'] ? true : false;
//пароль
$password = $this->request->data['User']['password'];
$hashed_pass = get_hash(Configure::read('USER_AUTH_SALT'), $password);
$check_user = $this->User->find('count', array('conditions' => array('password' => $hashed_pass, 'mail' => $mail)));
if ($check_user) {
//удачная авторизация
$this->Session->write('User', $mail);
$user_id_data = $this->User->find('first', array('conditions' => array('mail' => $mail)));
$user_id = $user_id_data['User']['id'];
$this->loadModel('Userauth');
$auth_data = array('user_id' => $user_id, 'ip' => get_ip(), 'browser' => get_ua(), 'os' => get_os());
$this->Userauth->save($auth_data);
$this->Session->write('user_id', $user_id);
if ($bo) {
$this->redirect(array('controller' => 'backoffice', 'action' => 'index'));
} else {
$this->redirect(array('controller' => 'index', 'action' => 'index'));
}
} else {
$auth_error_text = L("WRONG_LOGIN_OR_PASSWORD");
$this->set('auth_error', 'true');
$this->set('auth_error_text', $auth_error_text);
if ($bo) {
$this->redirect(array('controller' => 'backoffice', 'action' => 'index', '?' => array('auth_error' => 'true', 'auth_error_text' => $auth_error_text)));
} else {
$this->redirect(array('controller' => 'index', 'action' => 'index', '?' => array('auth_error' => 'true', 'auth_error_text' => $auth_error_text)));
}
}
exit;
}
send_tofile($data0 . $data1, $repertoire, $filename . "-" . sprintf("%03d", $ifile), "sql", $MSos);
$data1 = "";
$ifile++;
}
}
}
if (strlen($data1) > 0) {
send_tofile($data0 . $data1, $repertoire, $filename . "-" . sprintf("%03d", $ifile), "sql", $MSos);
$data1 = "";
$ifile++;
}
}
}
switch ($op) {
case "SavemySQL":
$MSos = get_os();
if ($MSos) {
$crlf = "\r\n";
$crlf2 = "\\r\\n";
} else {
$crlf = "\n";
$crlf2 = "\\n";
}
if ($savemysql_mode == 2) {
dbSave_tofile("slogs", 0, $savemysql_size);
echo "<script type=\"text/javascript\">\n //<![CDATA[\n alert('" . adm_translate("Sauvegarde terminée. Les fichiers sont disponibles dans le repertoire /slogs") . "');\n //]]>\n </script>";
redirect_url("admin.php");
} else {
if ($savemysql_mode == 3) {
dbSave_tofile("slogs", 1, $savemysql_size);
echo "<script type=\"text/javascript\">\n //<![CDATA[\n alert('" . adm_translate("Sauvegarde terminée. Les fichiers sont disponibles dans le repertoire /slogs") . "');\n //]]>\n </script>";
public function login()
{
//почта
$mail = $this->request->data['Admin']['mail'];
//пароль
$password = $this->request->data['Admin']['password'];
$hashed_pass = get_hash(Configure::read('USER_AUTH_SALT'), $password);
$this->loadModel('Admin');
$check_admin = $this->Admin->find('count', array('conditions' => array('password' => $hashed_pass, 'mail' => $mail)));
if ($check_admin) {
$has_access = $this->Admin->find('first', array('conditions' => array('password' => $hashed_pass, 'mail' => $mail)));
$has_access = $has_access['Admin']['status'];
if ($has_access == 1) {
$this->Session->write('Admin', $mail);
$admin_id_data = $this->Admin->find('first', array('conditions' => array('mail' => $mail)));
$admin_id = $admin_id_data['Admin']['id'];
//запись авторизации
$this->loadModel('Adminauth');
$auth_data = array('admin_id' => $admin_id, 'ip' => get_ip(), 'browser' => get_ua(), 'os' => get_os());
$admin_auth_data = $this->Adminauth->save($auth_data);
$this->Session->write('admin_id', $admin_id);
$this->redirect(array('controller' => 'admin', 'action' => 'index'));
} else {
$auth_error_text = "Доступ заблокирован";
$this->set('auth_error', 'true');
$this->set('auth_error_text', $auth_error_text);
$this->redirect(array('controller' => 'admin', 'action' => 'auth', '?' => array('auth_error' => 'true', 'auth_error_text' => $auth_error_text)));
}
} else {
$auth_error_text = "Не правильный пароль или логин";
$this->set('auth_error', 'true');
$this->set('auth_error_text', $auth_error_text);
$this->redirect(array('controller' => 'admin', 'action' => 'auth', '?' => array('auth_error' => 'true', 'auth_error_text' => $auth_error_text)));
}
}