public function actionUpdate()
{
is_admin();
if (!$_POST) {
header("Location:index.php?action=control_panel");
exit;
}
$this->_admin_password = ZFramework::app()->password;
$this->set_board_name();
$this->set_site_close();
$this->set_close_reason();
$this->set_admin_email();
$this->set_copyright_info();
$this->set_filter_words();
$this->set_valid_code_open();
$this->set_page_on();
$this->set_num_perpage();
$this->set_theme();
$this->set_admin_password();
$this->set_lang();
$this->set_time_zone();
$this->set_filter_type();
$this->set_allowed_tags();
header("Location:index.php?action=control_panel&subtab=siteset");
}
/**
*
* @return mixed
*/
public function actionCreate()
{
global $API_CODE;
if (isset($_POST['user'])) {
//Validation
$new_data_error_msg = '';
if (!strlen(trim($_POST['user'])) || !strlen(trim($_POST['content']))) {
$new_data_error_msg = t('FILL_NOT_COMPLETE');
} elseif (strlen($_POST['content'] > 580)) {
$new_data_error_msg = t('WORDS_TOO_LONG');
} elseif (ZFramework::app()->valid_code_open == 1 && gd_loaded() && !$this->_verifyCode->check($_POST['valid_code'])) {
$new_data_error_msg = t('CAPTCHA_WRONG');
}
if ($new_data_error_msg) {
if (defined('API_MODE')) {
$error_array = array('error_code' => '400', 'error' => $API_CODE['400'], 'error_detail' => $new_data_error_msg);
die(function_exists('json_encode') ? json_encode($error_array) : CJSON::encode($error_array));
}
if (!empty($_POST['ajax'])) {
die($new_data_error_msg);
} else {
show_message($new_data_error_msg, true, 'index.php');
}
}
// Ready to send query to database
$user = $this->_model->escape_string($_POST['user']);
if (!isset($_SESSION['admin']) && $_POST['user'] == ZFramework::app()->admin) {
$user = '******';
}
$userExists = $this->_model->queryAll(sprintf(parse_tbprefix("SELECT * FROM <sysuser> WHERE username='******'"), $this->_model->escape_string($_POST['user'])));
if ($userExists && @$_SESSION['user'] != $_POST['user']) {
$user = '******';
}
$content = $this->_model->escape_string($_POST['content']);
if (isset($_SESSION['uid'])) {
$sql_insert = sprintf(parse_tbprefix("INSERT INTO <post> ( uid , content , post_time , ip ) VALUES ( %d , '%s' , %d , '%s' )"), $_SESSION['uid'], $content, time(), getIp());
} else {
$sql_insert = sprintf(parse_tbprefix("INSERT INTO <post> ( uname , content , post_time , ip ) VALUES ( '%s' ,'%s' , %d , '%s')"), $user, $content, time(), getIp());
}
// Send query to database
if (!$this->_model->query($sql_insert)) {
die($this->_model->error());
}
performEvent('PostController/actionCreate', array($user, $content, time() + ZFramework::app()->timezone * 60 * 60));
if (defined('API_MODE')) {
$json_array = array('insert_id' => $this->_model->insert_id());
die(function_exists('json_encode') ? json_encode($json_array) : CJSON::encode($json_array));
}
if (isset($_POST['ajax'])) {
echo 'OK';
return TRUE;
}
}
if (defined('API_MODE')) {
$error_array = array('error_code' => '400', 'error' => $API_CODE['400'], 'error_detail' => t('ONLY_POST'));
die(function_exists('json_encode') ? json_encode($error_array) : CJSON::encode($error_array));
}
header("Location:index.php");
}
public function render($tplFile, $vars = NULL)
{
if ($vars) {
extract($vars);
}
$tplDir = 'themes/' . ZFramework::app()->theme . '/templates/';
$file = $tplDir . $tplFile;
include $file . '.php';
}
public function actionReply()
{
is_admin();
if ($_POST) {
$mid = (int) $_POST['mid'];
$reply_content = $this->_model->escape_string(str_replace(array("\n", "\r\n", "\r"), '', nl2br($_POST['content'])));
if (trim($reply_content) == '') {
show_message(t('REPLY_EMPTY'), true, 'index.php?action=control_panel&subtab=message', 3);
}
if (isset($_POST['update'])) {
$this->_model->query(sprintf(parse_tbprefix("UPDATE <reply> SET content='%s' WHERE pid=%d"), $reply_content, $mid));
} else {
$this->_model->query(sprintf(parse_tbprefix("INSERT INTO <reply> ( pid , content , r_time ) VALUES ( %d , '%s' , %d )"), $mid, $reply_content, time()));
}
header("Location:index.php?action=control_panel&subtab=message");
exit;
}
$reply_data = $this->loadModel();
$mid = (int) $_GET['mid'];
include 'themes/' . ZFramework::app()->theme . '/templates/' . "reply.php";
}
die('Access denied!');
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title><?php
echo t('LOGIN');
?>
</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" />
<!-- Bootstrap -->
<link href="<?php
echo './themes/' . ZFramework::app()->theme . '/css/bootstrap.min.css';
?>
" rel="stylesheet">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<div class="container">
<div id="backtoindex"><a href="index.php" title="<?php
echo t('WHERE_AM_I');
?>
">← <?php
<?php
/**
* @author rainyjune <*****@*****.**>
* @link http://yuan-pad.googlecode.com/
* @copyright Copyright © 2008-2011 rainyjune
* @license GPL2
* @version $Id$
*/
session_start();
define('IN_MP', true);
define('APPROOT', dirname(__FILE__));
define('DEBUG_MODE', true);
#define('DEBUG_MODE', false);
require_once './includes/preload.php';
ZFramework::app()->run();
/**
* Filter words
* @param array $input
*/
function filter_words($input)
{
$filter_array = explode(',', ZFramework::app()->filter_words);
$input = str_ireplace($filter_array, '***', $input);
return $input;
}
public function actionGetSysJSON()
{
$langArray = getLangArray();
$langArray['ADMIN_NAME_INDEX'] = ZFramework::app()->admin;
echo function_exists('json_encode') ? json_encode($langArray) : CJSON::encode($langArray);
}
public function actionLogin()
{
global $API_CODE;
$session_name = session_name();
if (isset($_SESSION['admin'])) {
//若管理员已经登录
if (defined('API_MODE')) {
$json_array = array('admin' => $_SESSION['admin'], 'session_name' => $session_name, 'session_value' => session_id());
die(function_exists('json_encode') ? json_encode($json_array) : CJSON::encode($json_array));
}
header("Location:index.php?action=control_panel");
exit;
}
if (isset($_SESSION['user'])) {
//若普通用户已经登录
if (defined('API_MODE')) {
$json_array = array('user' => $_SESSION['user'], 'uid' => $_SESSION['uid'], 'session_name' => $session_name, 'session_value' => session_id());
die(function_exists('json_encode') ? json_encode($json_array) : CJSON::encode($json_array));
}
header("Location:index.php");
exit;
}
//exit;
if (isset($_REQUEST['user']) && isset($_REQUEST['password'])) {
//若用户提交了登录表单
$user = $this->_model->escape_string($_REQUEST['user']);
$password = $this->_model->escape_string($_REQUEST['password']);
if ($user == ZFramework::app()->admin && $password == ZFramework::app()->password) {
//若使用管理员帐户成功登录
$_SESSION['admin'] = $_REQUEST['user'];
if (defined('API_MODE')) {
$json_array = array('admin' => $_SESSION['admin'], 'session_name' => $session_name, 'session_value' => session_id());
die(function_exists('json_encode') ? json_encode($json_array) : CJSON::encode($json_array));
}
header("Location:index.php?action=control_panel");
exit;
} else {
//使用普通用户登录
$user_result = $this->_model->queryAll(sprintf(parse_tbprefix("SELECT * FROM <user> WHERE username='******' AND password='******'"), $user, $password));
$user_result = @$user_result[0];
if ($user_result) {
$_SESSION['user'] = $_REQUEST['user'];
$_SESSION['uid'] = $user_result['uid'];
if (defined('API_MODE')) {
$json_array = array('user' => $_REQUEST['user'], 'uid' => $user_result['uid'], 'session_name' => $session_name, 'session_value' => session_id());
die(function_exists('json_encode') ? json_encode($json_array) : CJSON::encode($json_array));
}
header("Location:index.php");
exit;
} else {
$errormsg = t('LOGIN_ERROR');
}
}
}
if (defined('API_MODE')) {
if (isset($errormsg)) {
$error_array = array('error_code' => '403', 'error' => $API_CODE['403'], 'error_detail' => $errormsg);
die(function_exists('json_encode') ? json_encode($error_array) : CJSON::encode($error_array));
} else {
$error_array = array('error_code' => '401', 'error' => $API_CODE['401'], 'error_detail' => t('LOGIN_REQUIRED'));
die(function_exists('json_encode') ? json_encode($error_array) : CJSON::encode($error_array));
}
}
include 'themes/' . ZFramework::app()->theme . '/templates/' . "login.php";
}
<?php
if ($redirect == true) {
echo "<meta http-equiv='Refresh' content='{$time_delay};URL={$redirect_url}' />";
}
?>
<style type='text/css'>
.container{
border:1px solid #ccc;
text-align: center;
}
</style>
</head>
<body>
<div class="container">
<h2><?php
echo t('MESSAGE');
?>
</h2>
<?php
echo '<pre>';
print_r($msg);
echo '</pre>';
?>
<br /><?php
echo ZFramework::app()->copyright_info ? htmlspecialchars_decode(ZFramework::app()->copyright_info) : "Powered by YuanPad";
?>
</div>
</body></html>
<script type="text/javascript" src="http://mapleleaf.googlecode.com/files/jqModal.js"></script>
<script type="text/javascript" src="<?php
echo './themes/' . ZFramework::app()->theme . '/scripts/user_index.js';
?>
"></script>
<title><?php
echo t('ACP_INDEX');
?>
</title>
</head>
<body>
<div class="container">
<div id="hd">
<?php
if (ZFramework::app()->site_close) {
?>
<span class="notice"><?php
echo t('OFF_LINE_MODE');
?>
</span><?php
}
?>
<a href="index.php"><?php
echo t('HOME');
?>
</a> <a href="index.php?controller=user&action=logout" title="<?php
echo t('LOGOUT');
?>
"><?php
echo t('LOGOUT');
<?php
if ($redirect == true) {
echo "<meta http-equiv='Refresh' content='{$time_delay};URL={$redirect_url}' />";
}
?>
<style type='text/css'>
.container{
border:1px solid #ccc;
text-align: center;
}
</style>
</head>
<body>
<div class="container">
<h2><?php
echo t('MESSAGE');
?>
</h2>
<?php
echo '<pre>';
print_r($msg);
echo '</pre>';
?>
<br /><?php
echo ZFramework::app()->copyright_info ? htmlspecialchars_decode(ZFramework::app()->copyright_info) : "Powered by MapleLeaf";
?>
</div>
</body></html>
}
?>
<button type="submit" class="btn btn-primary">Submit</button>
</form>
</div>
<!-- Form End-->
</div>
<!-- Modal -->
<div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content"></div><!-- /.modal-content -->
</div>
<!-- /.modal-dialog -->
</div>
<!-- /.modal -->
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="<?php
echo './themes/' . ZFramework::app()->theme . '/js/bootstrap.min.js';
?>
"></script>
<script src="<?php
echo './themes/' . ZFramework::app()->theme . '/js/index.js';
?>
"></script>
</body>
</html>
</title>
<link rel="stylesheet" href="<?php
echo './themes/' . ZFramework::app()->theme . '/scripts/';
?>
blueprint/screen.css" type="text/css" media="screen, projection" />
<link rel="stylesheet" href="<?php
echo './themes/' . ZFramework::app()->theme . '/scripts/';
?>
blueprint/print.css" type="text/css" media="print" />
<!--[if lt IE 8]><link rel="stylesheet" href="<?php
echo './themes/' . ZFramework::app()->theme . '/scripts/';
?>
blueprint/ie.css" type="text/css" media="screen, projection" /><![endif]-->
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
<script type="text/javascript" src="<?php
echo './themes/' . ZFramework::app()->theme . '/scripts/register.js';
?>
"></script>
<style type="text/css"> .container { width: 500px;} </style>
</head>
<body>
<div class="container">
<div class="login_error" id="login_error"><?php
echo @$errorMsg;
?>
</div>
<div class="login">
<form id="registerForm" action="index.php?controller=user&action=create" method="post">
<fieldset>
<legend><?php
echo t('REGISTER');
blueprint/screen.css" type="text/css" media="screen, projection" />
<link rel="stylesheet" href="<?php
echo './themes/' . ZFramework::app()->theme . '/scripts/';
?>
blueprint/print.css" type="text/css" media="print" />
<!--[if lt IE 8]><link rel="stylesheet" href="<?php
echo './themes/' . ZFramework::app()->theme . '/scripts/';
?>
blueprint/ie.css" type="text/css" media="screen, projection" /><![endif]-->
<link rel="stylesheet" type="text/css" href="<?php
echo './themes/' . ZFramework::app()->theme . '/scripts/login-bp.css';
?>
" />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
<script type="text/javascript" src="<?php
echo './themes/' . ZFramework::app()->theme . '/scripts/login.js';
?>
"></script>
</head>
<body>
<div id="backtoindex"><a href="index.php" title="<?php
echo t('WHERE_AM_I');
?>
">← <?php
echo t('BACK');
?>
</a></div>
<div class="container">
<?php
if (@$errormsg) {
?>
</tr>
</table>
</form>
</div>
<div class="clear">
<form action="index.php?controller=search" method="post">
<input id="search" type="text" size="10" value="Search" name="s">
<input type="image" src="http://aguestbook.sourceforge.net/demo/images/posts/search.gif" value="Search" alt="Search" name="searchImg">
</form>
</div>
</div><!-- body -->
<div class="clear"><?php
echo htmlspecialchars_decode(ZFramework::app()->copyright_info);
?>
<a href="mailto:<?php
echo ZFramework::app()->admin_email;
?>
"><?php
echo t('ADMIN_EMAIL');
?>
</a> <?php
if (!isset($_SESSION['user'])) {
?>
<a href="index.php?action=control_panel"><?php
echo t('ACP');
?>
</a><?php
}
?>
Powered by <a href="http://mapleleaf.googlecode.com/" target="_blank" title="Find More">MapleLeaf <?php
echo MP_VERSION;
<footer>
<p class="text-center">Powered by <a href="http://yuan-pad.googlecode.com/">YuanPad <?php
echo MP_VERSION;
?>
</a></p>
</footer><!-- footer -->
</div>
<!-- Modal -->
<div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content"></div><!-- /.modal-content -->
</div>
<!-- /.modal-dialog -->
</div>
<!-- /.modal -->
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="<?php
echo './themes/' . ZFramework::app()->theme . '/js/bootstrap.min.js';
?>
"></script>
<script src="<?php
echo './themes/' . ZFramework::app()->theme . '/js/admin.js';
?>
"></script>
</body>
</html>
if (ZFramework::app()->filter_type == 2) {
?>
checked='checked'<?php
}
?>
/><?php
echo t('ESCAPE_ALL_TAGS');
?>
</td>
</tr>
<tr>
<td><?php
echo t('ALLOWED_HTML_TAGS');
?>
:</td><td><input name="allowed_tags" type="text" value="<?php
echo ZFramework::app()->allowed_tags;
?>
" /></td>
</tr>
</table>
</fieldset>
<fieldset>
<legend><?php
echo t('ADMIN_CONF');
?>
</legend>
<table>
<tr>
<td><?php
echo t('CHANGE_PWD');
?>