public function avatar()
{
if ($_POST['dosubmit']) {
$_POST['id'] = $this->_userid;
if (!$this->dao->create($_POST)) {
$this->error($this->dao->getError());
}
$this->dao->update_time = time();
$this->dao->last_ip = ip();
$result = $this->dao->save();
if (false !== $result) {
if ($_POST['aid']) {
foreach ($_POST['aid'] as $r) {
$aids[] = intval($r);
}
$Attachment = M('Attachment');
$aids = implode(',', $aids);
$data['userid'] = $this->_userid;
$data['catid'] = 0;
$data['status'] = '1';
$Attachment->where("aid in (" . $aids . ")")->save($data);
}
$this->success(L('do_success'));
} else {
$this->error(L('do_error'));
}
exit;
}
$yourphp_auth_key = sysmd5(C('ADMIN_ACCESS') . $_SERVER['HTTP_USER_AGENT']);
$yourphp_auth = authcode('0-1-0-1-jpeg,jpg,png,gif-0.2-0', 'ENCODE', $yourphp_auth_key);
$this->assign('yourphp_auth', $yourphp_auth);
$this->display();
}
/**
*
* IP禁止判断接口,供外部调用 ...
*/
public function check_ip()
{
$ip_array = array();
//当前IP
$ip = ip();
//加载IP禁止缓存
$ipbanned_cache = getcache('ipbanned', 'commons');
if (!empty($ipbanned_cache)) {
foreach ($ipbanned_cache as $data) {
$ip_array[$data['ip']] = $data['ip'];
//是否是IP段
if (strpos($data['ip'], '*')) {
$ip_min = $this->convert_ip("min", $data['ip']);
$ip_max = $this->convert_ip("max", $data['ip']);
$result = $this->ipforbidden($ip, $ip_min, $ip_max);
if ($result == 0 && $data['expires'] > SYS_TIME) {
//被封
showmessage('你在IP禁止段内,所以禁止你访问');
}
} else {
//不是IP段,用绝对匹配
if ($ip == $data['ip'] && $data['expires'] > SYS_TIME) {
showmessage('IP地址绝对匹配,禁止你访问');
}
}
}
}
}
function info($data, $top)
{
global $protocols;
echo ' ', ip($data, 12), ' > ', ip($data, 16), ' protocol=';
if (!isset($protocols[$data[9]])) {
echo 'unknown(', $data[9], ')';
return;
}
echo $protocols[$data[9]];
if ($data[9] == 1) {
// ICMP
info_icmp(array_slice($data, 20));
if ($data[9] == 1 && $data[20] == 3) {
// ICMP Destination Unreachable
echo "\n\tdata: ";
// Print into on the contained packet
info(array_slice($data, 28), false);
}
} else {
if ($data[9] == 6) {
// TCP
info_tcp(array_slice($data, 20));
} else {
if ($data[9] == 17) {
// UDP
info_udp(array_slice($data, 20));
}
}
}
}
public function checklogin()
{
$seccode = md5($_POST['seccode']);
if ($_SESSION['verify'] !== $seccode) {
$this->error(L('VERIFYERROR'), 'index');
}
$username = $_POST['username'];
$pwd = md5($_POST['password']);
$DB = M('admin');
$list = $DB->where("user='******'")->find();
if ($list) {
if ($pwd != $list['pwd']) {
$this->error(L('LogError'), 'index');
}
$_SESSION['USER'] = $username;
$_SESSION['STATUS'] = true;
$_SESSION['LANGID'] = 1;
$logtime = time();
$logip = ip();
$data = array('logtime' => $logtime, 'logip' => $logip);
$DB->where(array('id' => $list['id']))->save($data);
$this->redirect('Index/index');
} else {
$this->error(L('LogError'), 'index');
}
}
function gravalog($numero, $texto, $pagina = null, $linha = null, $contexto = null)
{
$ddf = fopen(DIR_LOGS . "/" . date('Y.M.d') . ".log", 'a');
if ($ddf) {
$datalog = date('d.m.Y H:i:s');
$txt = "::[" . $datalog . "]--|" . ip() . "|----------------------\n";
$txt .= "(" . $numero . ") " . $texto . "\n";
if (!is_null($pagina)) {
$txt .= "Pagina: " . $pagina . "\n";
}
if (!is_null($linha)) {
$txt .= "Linha: " . $linha . "\n";
}
$txt .= "\n";
if (PROFILER) {
if (class_exists("Console")) {
$e = new ErrorException($texto, 0, $numero, $pagina, $linha);
Console::logError($e, $texto);
}
}
if (fwrite($ddf, $txt)) {
return true;
if (DEBUG) {
alert('Arquivo gravado com sucesso', false);
}
}
} else {
if (DEBUG) {
alert('Erro ao gravar arquivo', false);
}
}
fclose($ddf);
}
function post($nickname, $message)
{
global $prefs;
if ($this->banned(ip())) {
return false;
}
if (!$this->validate($message, $prefs['messageLength'])) {
return false;
}
if (!$this->validate($nickname, $prefs['nicknameLength'])) {
return false;
}
$message = trim(clean($message));
$nickname = trim(clean($nickname));
if ($message == '') {
return false;
}
if ($nickname == '') {
return false;
}
$timestamp = ts();
$message = $this->censor($message);
$nickname = $this->censor($nickname);
$post = array('nickname' => $nickname, 'message' => $message, 'timestamp' => $timestamp, 'admin' => $this->admin, 'uid' => md5($timestamp . ' ' . $nickname), 'adminInfo' => array('ip' => ip()));
$s = $this->storage->open(true);
$s['posts'][] = $post;
if (sizeof($s['posts']) > $prefs['history']) {
$this->truncate($s['posts']);
}
$s['info']['latestTimestamp'] = $post['timestamp'];
$this->storage->close($s);
$this->postProcess($post);
return $post;
}
/**
* 信息保存到附件表的数据组装
*/
public function save_data()
{
if (empty($this->res_data)) {
return false;
}
/*图片信息保存到数据*/
$pic_data['realname'] = $this->res_data['client_name'];
$pic_data['filename'] = $this->res_data['file_name'];
$pic_data['fileext'] = $this->res_data['file_ext'];
$base_path = str_replace('\\', '/', FCPATH);
$pic_data['filepath'] = str_replace($base_path, '', $this->res_data['full_path']);
$pic_data['filesize'] = $this->res_data['file_size'];
$pic_data['img_spec'] = $this->res_data['image_width'] . 'x' . $this->res_data['image_height'];
$pic_data['shop_id'] = $this->shop_id;
$pic_data['aclass_id'] = $this->class_id;
$pic_data['isadmin'] = $this->isadmin;
$pic_data['upload_ip'] = ip();
$pic_data['upload_time'] = time();
$pic_data['sts'] = $this->sts;
if (!isset($this->CI)) {
$this->CI =& get_instance();
}
$this->CI->load->model('m_uploadfile_model');
$id = $this->CI->m_uploadfile_model->save_uploadfile($pic_data);
return $id;
}
function gravalog($numero, $texto, $pagina = null, $linha = null, $contexto = null)
{
$ddf = fopen(DIR_LOGS . date('Y.M.d') . ".log", 'a');
if ($ddf) {
$datalog = date('d.m.Y H:i:s');
$txt = "::[" . $datalog . "]--|" . ip() . "|----------------------\n";
$txt .= "(" . $numero . ") " . $texto . "\n";
if (!is_null($pagina)) {
$txt .= "Pagina: " . $pagina . "\n";
}
if (!is_null($linha)) {
$txt .= "Linha: " . $linha . "\n";
}
$txt .= "\n";
if (fwrite($ddf, $txt)) {
return true;
if (DEBUG) {
alert('Arquivo gravado com sucesso', false);
}
}
} else {
if (DEBUG) {
alert('Erro ao gravar arquivo', false);
}
}
fclose($ddf);
}
/**
* 登录
* @param $username
* @param $password
* @param $checkcode
* @return array
*/
public function login($username, $password, $checkcode)
{
$msg = array('status' => false, 'msg' => '请认真输入');
if (!isset($_SESSION['code']) || strtolower($checkcode) != $_SESSION['code']) {
$msg['status'] = false;
$msg['msg'] = '验证码错误';
unset($_SESSION['code']);
return $msg;
}
$user = $this->where('username', $this->addslashes($username))->select()->query();
if (!empty($user)) {
if (md5($password . $user[0]['encrypt']) != $user[0]['password']) {
$msg['status'] = false;
$msg['msg'] = '密码错误';
} else {
$msg['status'] = true;
$_SESSION['adminuser'] = $user[0]['username'];
$_SESSION['loginKey'] = $this->loginkey($user[0]['username'], $user[0]['password']);
$update = array('lastloginip' => ip(), 'lastlogintime' => time());
$this->where('username', $this->addslashes($username))->update($update);
}
unset($_SESSION['code']);
return $msg;
} else {
$msg = array('status' => false, 'msg' => '用户名错误');
unset($_SESSION['code']);
return $msg;
}
}
function validate_ip($ip)
{
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false) {
return false;
}
self::$ip = $ip;
return true;
}
public function write($sessID, $sessData = '')
{
$ip = ip();
$username = cookie('username') ? cookie('username') : '';
$groupid = cookie('groupid') ? intval(cookie('groupid')) : 4;
$sessiondata = array('sessionid' => $sessID, 'userid' => intval(cookie('userid')), 'username' => $username, 'ip' => $ip, 'lastvisit' => time(), 'groupid' => $groupid, 'data' => '');
return $this->dao->add($sessiondata, '', true);
}
public static function host()
{
$host = isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : null;
if (is_null($host) || $host == "") {
$host = ip();
}
return $host;
}
function currentCityInfo()
{
$geoObj = bpBase::loadAppClass('geoObj', 'geo', 1);
$ipGeo = $geoObj->getGeoByIP(ip());
if (!$ipGeo) {
$geo_db = bpBase::loadModel('geo_model');
$defaultChildLocation = $geo_db->getDefaultChildLocation();
$ipGeo = $defaultChildLocation;
}
echo '{"city":[{"name":"' . $ipGeo->name . '","id":"' . $ipGeo->id . '","geoindex":"' . $ipGeo->geoindex . '"}]}';
}
function __construct() {
pc_base::load_app_func('global');
$this->vote = pc_base::load_model('vote_subject_model');//投票标题
$this->vote_option = pc_base::load_model('vote_option_model');//投票选项
$this->vote_data = pc_base::load_model('vote_data_model'); //投票统计的数据模型
$this->username = param::get_cookie('_username');
$this->userid = param::get_cookie('_userid');
$this->ip = ip();
$siteid = isset($_GET['siteid']) ? intval($_GET['siteid']) : get_siteid();
define("SITEID",$siteid);
}
function login()
{
if (isset($_GET['dosubmit'])) {
$username = trim($this->input->post('username'));
$password = trim($this->input->post('password'));
$code = trim($this->input->post('code'));
$login_url = $this->admin_url . 'main_index/index/login';
$this->load->model('a_system_model');
$r = $this->a_system_model->get_one(array('username' => $username, 'sts' => 0), $this->tb_admini);
//if ($this->session->userdata('adlogin_verifycode') != strtolower($code)) {//判断验证码
//$this->showmessage('error',lang('com_verifycode_error'),$login_url);
//}
if (!$r) {
$this->showmessage('goback', lang('password_error'), $login_url);
}
$password = md5(md5($password . $r['encrypt']));
$maxloginfailedtimes = 5;
$logintime = time() - 7200;
$rtime = $this->a_system_model->get_one(array('username' => $username, 'isadmin' => 1, 'logintime >' => $logintime), $this->tb_times);
// if($rtime && $rtime['times'] > $maxloginfailedtimes) {
// $this->showmessage('error',lang('com_login_maxtimes_error'),$login_url);
// }
if ($r['password'] != $password) {
$ip = ip();
if ($rtime && $rtime['times'] < $maxloginfailedtimes + 1) {
$times = $maxloginfailedtimes - intval($rtime['times']);
$this->a_system_model->update_set(array('username' => $username), array('ip' => $ip, 'isadmin' => 1, 'data_set' => array('times' => 'times+1')), $this->tb_times);
} else {
$this->a_system_model->del(array('username' => $username, 'isadmin' => 1), 'sys_times');
$this->a_system_model->add(array('username' => $username, 'ip' => $ip, 'isadmin' => 1, 'logintime' => time(), 'times' => 1), $this->tb_times);
$times = $maxloginfailedtimes;
}
if ($times >= 3) {
//密码输入错误小于3次时提示
$this->showmessage('error', lang('com_login_error'), $login_url);
} else {
$com_login_error = lang('com_login_times_error');
$com_login_error = cc_str_replace($com_login_error, array('times' => $times));
$this->showmessage('error', $com_login_error, $login_url);
}
}
$this->a_system_model->del(array('username' => $username, 'isadmin' => 1), $this->tb_times);
$last_login_time = empty($r['this_login_time']) ? time() : $r['this_login_time'];
$loghash = random(6, 'abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789');
$this->a_system_model->update(array('id' => $r['id']), array('last_login_ip' => ip(), 'last_login_time' => $last_login_time, 'this_login_time' => time()), $this->tb_admini);
$ses_data = array('admin_user_id' => $r['id'], 'admin_username' => $username, 'admin_role_id' => $r['role_id'], 'admin_area_id' => $r['areaids'], 'admin_login' => 'logined', 'loghash' => $loghash);
$this->session->set_userdata($ses_data);
redirect($this->admin_url . 'main_index/index/?loghash=' . $loghash);
}
$this->cismarty->display('login.html');
}
public function write($id, $data)
{
$uid = isset($_SESSION['userid']) ? $_SESSION['userid'] : 0;
$roleid = isset($_SESSION['roleid']) ? $_SESSION['roleid'] : 0;
$m = defined('M') ? M : '';
$c = defined('C') ? C : '';
$a = defined('A') ? A : '';
if (strlen($data) > 255) {
$data = '';
}
$ip = ip();
$sessiondata = array('sessionid' => $id, 'userid' => $uid, 'roleid' => $roleid, 'lastvisit' => SYS_TIME, 'ip' => $ip, 'm' => $m, 'c' => $c, 'a' => $a, 'data' => $data);
return $this->db->insert($sessiondata, 1, 1);
}
public function submit()
{
$formid = isset($_REQUEST['formid']) ? intval($_REQUEST['formid']) : false;
$form = model('form')->where('formid', $formid)->getOne();
if ($form['checkcode'] == 1) {
if (!isset($_REQUEST['checkcode'])) {
$status = array('status' => 'false', 'msg' => '需要验证码!');
}
} else {
if ($_REQUEST['checkcode'] != $_SESSION['code']) {
$status = array('status' => 'false', 'msg' => '验证码不正确!');
return $this->Freturn($status);
}
if (empty($form)) {
$status = array('status' => 'false', 'msg' => '请仔细检查表单是否存在!');
return $this->Freturn($status);
}
$this->formname = $formname = $form['formname'];
$this->formid = $formid;
$formField = unserialize($form['formsetting']);
$ip = ip();
$lastsubmitform = model('form_content')->where('fid', $formid)->where('time>' . (time() - 20))->getOne();
if (!empty($lastsubmitform)) {
$status = array('status' => false, 'msg' => '对不起,您已经提交过' . $formname . '了!');
return $this->Freturn($status);
}
if (!$formid) {
$status = array('status' => false, 'msg' => '参数不完整,缺少formid!');
return $this->Freturn($status);
} else {
unset($form);
foreach ($formField as $field) {
if (!isset($_REQUEST[$field])) {
$status = array('status' => false, 'msg' => '参数' . $field . '不存在!');
return $this->Freturn($status);
} else {
$form[$field] = $_REQUEST[$field];
}
}
$form = serialize($form);
}
$insert = array('fid' => $formid, 'time' => time(), 'value' => $form, 'ip' => ip());
if (model('form_content')->insert($insert)) {
$status = array('status' => true, 'msg' => $formname . '提交成功了!');
} else {
$status = array('status' => false, 'msg' => '出现未知错误!');
}
}
return $this->Freturn($status);
}
function agent($o = false)
{
if ($o) {
ob_start();
}
foreach ($_SERVER as $key => $val) {
$server[strtolower($key)] = trim(strip_tags($val));
}
ksort($server);
?>
<table class='server'><?php
foreach ($server as $key => $val) {
?>
<tr><?php
?>
<th><?php
echo $key;
?>
</th><?php
?>
<td><?php
echo $val;
?>
</td><?php
?>
</tr><?php
}
?>
<tr><th>ip</th><td><?php
echo ip();
?>
</td></tr>
<tr><th>ipv4</th><td><?php
echo ipmore($ip)["IPv4"];
?>
</td></tr>
<tr><th>ipv6</th><td><?php
echo ipmore($ip)["IPv6"];
?>
</td></tr>
<?php
?>
</table><?php
if ($o) {
$r = ob_get_contents();
ob_end_clean();
return $r;
}
}
function Register($data)
{
$data['password'] = md5($data['password']);
$data['create_at'] = now();
$data['update_at'] = now();
$data['create_ip'] = ip();
$userid = db_new("user", $data);
if ($userid) {
$userinfo = GetInfo($userid);
$token = Crypt3Des::encrypt(json_encode($userinfo), $GLOBALS['keys']);
return ErrorCode::CODE("1002", array("token" => urlencode($token)));
} else {
return ErrorCode::CODE("1003");
}
}
function savegbform()
{
global $db;
$title = Html2Text($_POST["title"]);
$content = HtmlReplace($_POST["content"]);
$fileurl = HtmlReplace($_POST["fileurl"]);
$replyid = intval($_POST["replyid"]);
if (empty($title) || empty($content)) {
header("location:./");
exit;
} else {
$array = array('title' => $title, 'content' => $content, 'fileurl' => $fileurl, 'replyid' => $replyid, 'addtime' => time(), 'ip' => ip());
$db->insert("ve123_guestbook", $array);
header("location:./");
}
}
function savegbform()
{
global $db, $http_referer;
$title = Html2Text($_POST["title"]);
$content = HtmlReplace($_POST["content"]);
$fileurl = HtmlReplace($_POST["fileurl"]);
$replyid = intval($_POST["replyid"]);
if (empty($title) || empty($content)) {
header("location:" . $http_referer . "");
exit;
} else {
$array = array('title' => $title, 'content' => $content, 'fileurl' => $fileurl, 'replyid' => $replyid, 'addtime' => time(), 'ip' => ip());
$db->insert("kuaso_guestbook", $array);
$db->query("update kuaso_guestbook set reply_time='" . time() . "' where gid='" . $replyid . "'");
header("location:" . $http_referer . "");
}
}
function checklogin()
{
global $db;
$adminname = htmlspecialchars($_POST["adminname"]);
$password = htmlspecialchars($_POST["password"]);
$result = $db->query("select * from ve123_admin where adminname='{$adminname}' and password='******'");
$num = $db->num_rows($result);
if ($num > 0) {
$rs = $db->fetch_array($result);
$array = array('lastloginip' => $rs["loginip"], 'loginip' => ip(), 'lastlogintime' => $rs["logintime"], 'logintime' => date("Y-y-d H:i:s"));
$db->update("ve123_admin", $array, "admin_id={$rs['admin_id']}");
setcookie("adminname", $adminname);
header("location:index.php");
} else {
jsalert("用户名或密码错误!", "login.php");
}
}
function checklogin()
{
global $db;
$_obfuscate_RLkTYUq0nZlJ = htmlspecialchars($_POST['adminname']);
$_obfuscate_LyySC3IF7Iÿ = htmlspecialchars($_POST['password']);
$_obfuscate_xs33Yt_k = $db->query("select * from ve123_admin where adminname='" . $_obfuscate_RLkTYUq0nZlJ . "' and password='******'");
$_obfuscate_Ybai = $db->num_rows($_obfuscate_xs33Yt_k);
if (0 < $_obfuscate_Ybai) {
$_obfuscate_SF4ÿ = $db->fetch_array($_obfuscate_xs33Yt_k);
$_obfuscate_kIVhqJkÿ = array('lastloginip' => $_obfuscate_SF4ÿ['loginip'], 'loginip' => ip(), 'lastlogintime' => $_obfuscate_SF4ÿ['logintime'], 'logintime' => date('Y-y-d H:i:s'));
$db->update('ve123_admin', $_obfuscate_kIVhqJkÿ, 'admin_id=' . $_obfuscate_SF4ÿ['admin_id']);
setcookie('adminname', $_obfuscate_RLkTYUq0nZlJ);
header('location:index.php?somao=ok');
} else {
jsalert('Óû§Ãû»òÃÜÂë´íÎó!', 'lg.php');
}
}
function logg($page = 1, $msg = 1, $priority = 'notSet', $color = 'blue', $mail = 'no')
{
if ($page == 1 || $msg == 1) {
if ($page == 1) {
$page = $_SERVER['PHP_SELF'];
//get full page direction (Ej. /index.php
$pages = explode('/', $page);
//explode the / and take 1 (Only suitable for first level pages)
$name = explode('.', $pages[1]);
//explode the .php, and leave only the "name" ($name[0])
$page = $name[0];
//Now the page name is in the form of "log" for the page "/log.php"
}
//Use the following arrays to store the default pages:
//
$high = array('log');
//for the example the important page is log.php
$medium = array('test');
//for the example the medium is test.php
//
if ($priority == 'notSet') {
//If priority was left blank
//Now perform the check to see if page is important:
if (in_array($page, $high)) {
$priority = 'High';
$color = 'red';
} else {
if (in_array($page, $medium)) {
$priority = 'Medium';
$color = 'yellow';
} else {
$priority = 'Low';
}
}
}
if ($msg == 1) {
//This are the default messages to use when no arguments are given.
$msg = 'Access allowed to page ' . $page;
}
//
}
if ($mail == 'yes') {
$this->newLog($msg, $_SESSION['username']);
}
return $this->addLog($msg, $_SESSION['username'], time(), ip(), $priority, $color);
}
/**
* Constructor.
*/
public final function __construct()
{
$app = app();
// set ip
$this->ip = ip();
// set language
$this->language = $app->config->get('app.language');
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
$language = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
if (in_array($language, $app->config->get('app.languages'))) {
$this->language = $language;
}
}
// set locale
$this->locale = sprintf('%s_%s', $this->language, strtoupper($this->language));
if (!array_key_exists($this->locale, $app->config->get('app.locales'))) {
$this->locale = $app->config->get('app.locale');
}
}
/**
* 用户登录
* @param $username 用户名
* @param $password 密码
*/
public function login($username, $password)
{
$username = $this->addslashes($username);
$password = $this->addslashes($password);
$suser = $this->where('username', $username)->getOne();
if (empty($suser)) {
return false;
}
$password = md5($password . $suser['encrypt']);
if ($password == $suser['password']) {
$suser['lastlogin'] = time();
$suser['lastip'] = ip();
$update = array('lastlogin' => $suser['lastlogin'], 'lastip' => $suser['lastip']);
$this->where('userid', $suser['userid'])->update($update);
if (!$suser['nickername']) {
$suser['nickername'] = $suser['username'];
}
return $suser;
} else {
return false;
}
}
/**
* 管理员登陆
* @param string $username 用户名
* @param string $password 密码
* @return boolean
*/
public function login($username, $password) {
if (!$this->db) {
$this->db = pc_base::load_model('admin_model');
}
if ($data = $this->db->get_one(array('username'=>$username))) {
$password = md5(md5($password).$data['encrypt']);
if ($password != $data['password']) {
$this->err_code = 2;
return false;
} elseif ($password == $data['password']) {
$this->db->update(array('ip'=>ip(), 'lastlogin'=>SYS_TIME),array('id'=>$data['id']));
param::set_cookie('username', $username);
param::set_cookie('userid', $data['id']);
return true;
}
$this->err_code = 0;
return false;
} else {
$this->err_code = 1;
return false;
}
}
/**
* 写入session_id 的值
*
* @param $id session
* @param $data 值
* @return mixed query 执行结果
*/
public function write($id, $data)
{
$uid = isset($_SESSION['userid']) ? $_SESSION['userid'] : 0;
$m = defined('ROUTE_MODEL') ? ROUTE_MODEL : '';
$c = defined('ROUTE_CONTROL') ? ROUTE_CONTROL : '';
$a = defined('ROUTE_ACTION') ? ROUTE_ACTION : '';
if (strlen($data) > 255) {
$data = '';
}
$ip = ip();
$sessiondata = array('sessionid' => $id, 'userid' => $uid, 'ip' => $ip, 'lastvisit' => SYS_TIME, 'm' => $m, 'c' => $c, 'a' => $a, 'data' => $data);
if (!$this->oldSys) {
return $this->db->insert($sessiondata, 1, 1);
} else {
$exist = $this->db->get_row('SELECT * FROM ' . $this->table . ' WHERE sessionid=\'' . $id . '\'');
if (!$exist) {
return @$this->db->query($this->db->get_insert_sql($this->table, $sessiondata));
} else {
return @$this->db->query('UPDATE ' . $this->table . ' SET ip=\'' . $sessiondata['ip'] . '\',lastvisit=\'' . $sessiondata['lastvisit'] . '\',m=\'' . $sessiondata['m'] . '\',c=\'' . $sessiondata['c'] . '\',a=\'' . $sessiondata['a'] . '\',data=\'' . $sessiondata['data'] . '\' WHERE sessionid=\'' . $id . '\'');
}
}
}
public function useradd()
{
if (isset($_GET['role'])) {
$rolemodel = new rolemodel("admin_role");
$data = $rolemodel->excute("select roleid, rolename from admin_role");
$this->ajaxReturn($data);
} elseif (isset($_POST['dosubmit'])) {
$username = trim($_POST['username']);
$usermodel = new usermodel('admin_user');
$exsituser = $usermodel->excute("select userid from admin_user where username='******' limit 1");
if (!empty($exsituser[0]['userid'])) {
$returndata = array("errorMsg" => '用户名重复');
} else {
$usermodel->data['lastlogintime'] = time();
$usermodel->data['lastloginip'] = ip();
$usermodel->data['regtime'] = time();
$usermodel->data['regip'] = ip();
if (isset($_POST['username'])) {
$usermodel->data['username'] = $_POST['username'];
}
if (isset($_POST['password'])) {
$usermodel->data['password'] = md5($_POST['username']);
}
if (isset($_POST['email'])) {
$usermodel->data['email'] = $_POST['email'];
}
if (isset($_POST['roleid'])) {
$usermodel->data['roleid'] = $_POST['roleid'];
}
$row = $usermodel->add();
if ($row > 0) {
$returndata = array("successMsg" => '用户添加成功');
} else {
$returndata = array("errorMsg" => '用户添加失败');
}
}
$this->ajaxReturn($returndata);
}
}
function checklogin()
{
global $db;
$adminname = htmlspecialchars($_POST['adminname']);
$password = htmlspecialchars($_POST['password']);
$imagecode = trim(HtmlReplace($_POST['entered_imagecode']));
if ($_SESSION['dd_ckstr'] != $imagecode) {
jsalert('验证码错误!', 'login.php');
break;
}
$result = $db->query("select * from ve123_admin where adminname='{$adminname}' and password='******'");
$num = $db->num_rows($result);
if ($num > 0) {
$rs = $db->fetch_array($result);
$array = array('lastloginip' => $rs['loginip'], 'loginip' => ip(), 'lastlogintime' => $rs['logintime'], 'logintime' => date('Y-y-d H:i:s'));
$db->update('ve123_admin', $array, "admin_id={$rs['admin_id']}");
setcookie('adminname', $adminname);
header('location:index.php');
} else {
jsalert('用户名或密码错误!', 'login.php');
}
}
