<?php
require_once '../inc/init.php';
$langid = intval($_GET['langid']);
$urlrewrite = intval($cache_settings['urlrewrite']);
_header_('Content-Type:text/xml;');
print "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n";
$lastmod = getDateStr(time(), "dateonly", false);
print <<<EOT
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
EOT;
$rows = $db->row_select("channels", "langid={$langid}", "5000", "id,ishidden,channeltype,pid,systemtype");
$i = 0;
foreach ($rows as $channel) {
if ($channel['channeltype'] == '4') {
continue;
}
$priority = 1 - $i++ / 10000;
$priority = $priority < 0.6 ? 0.6 : $priority;
$priority = number_format($priority, 2);
$locurl = $webcore->genNavLink($channel);
$locurl = str_replace('/sitemap/', '/', $locurl);
print <<<EOT
<url>
<loc>{$locurl}</loc>
<priority>{$priority}</priority>
<changefreq>daily</changefreq>
<lastmod>{$lastmod}</lastmod>
</url>
$filepath = getUrlPath() . '/' . $filepath;
$filepath = preg_replace('/\\/' . ADMIN_DIR . '\\//i', '/', $filepath);
//ob_end_clean();
header("HTTP/1.1 301 Moved Permanently");
header("Last-Modified:" . date('r'));
header("Expires: " . date('r', time() + 86400));
header("Location:{$filepath}");
exit;
}
$filepath = ATT_PATH . "/uploadfile/attachment/" . $row['filepath'];
$filename = stristr($_SERVER['HTTP_USER_AGENT'], 'MSIE') ? urlencode($row['filename']) : $row['filename'];
ob_end_clean();
_header_('Content-Encoding: none');
_header_('Content-Type: application/octet-stream');
_header_('Content-Disposition: attachment; filename="' . $filename . '"');
_header_('Content-Length: ' . filesize($filepath));
getlocalfile($filepath, 1);
function getlocalfile($filename, $readmod = 2, $range = 0)
{
if ($readmod == 1 || $readmod == 3 || $readmod == 4) {
if ($fp = @fopen($filename, 'rb')) {
@fseek($fp, $range);
if (function_exists('fpassthru') && ($readmod == 3 || $readmod == 4)) {
@fpassthru($fp);
} else {
echo @fread($fp, filesize($filename));
}
}
@fclose($fp);
} else {
@readfile($filename);
function checkViewLang($type, $id)
{
global $_SLANG;
$reallangid;
switch ($type) {
case 'articlelist':
case 'page':
$row = $this->db->row_select_one("channels", "id={$id}");
empty($row) && exitRes($_SLANG['webcore.channel.ne']);
$reallangid = $row['langid'];
break;
case 'productlist':
$row = $this->db->row_select_one("procates", "id={$id}");
empty($row) && exitRes($_SLANG['webcore.cate.ne']);
$reallangid = $row['langid'];
break;
case 'product':
$row = $this->db->row_select_one("products", "id={$id}");
empty($row) && exitRes($_SLANG['webcore.product.ne']);
$reallangid = $row['langid'];
break;
case 'view':
$row = $this->db->row_select_one("articles", "id={$id}");
empty($row) && exitRes($_SLANG['webcore.art.ne']);
$reallangid = $row['langid'];
break;
}
setCookies("langid", $reallangid, 3600 * 24 * 365);
$tourl = '';
unset($_GET['langid']);
foreach ($_GET as $getkey => $getvalue) {
!empty($getvalue) && ($tourl .= "&{$getkey}={$getvalue}");
}
$tourl = "{$type}.php?langid={$reallangid}{$tourl}";
//exit($tourl);
_header_("location:{$tourl}");
}
if (file_exists('install') && !file_exists('install/install.lock')) {
header("location:install");
exit;
}
require_once './inc/init.php';
if ($_GET['langid']) {
$refer = $_SERVER['HTTP_REFERER'];
if (!empty($_GET['preview']) || !stristr($refer, $_SERVER['HTTP_HOST']) || !stristr($refer, 'admin/')) {
$refer = "index.php";
}
$refer = empty($refer) ? "index.php" : $refer;
_header_("location:{$refer}");
exit;
}
if ($_GET['alangid']) {
_header_("location:admin/index.php");
exit;
}
//程序实现伪静态
if ($cache_settings['urlrewrite'] == '1') {
$uri_ = $_SERVER["REQUEST_URI"];
$uri_parm = array();
$p = '/\\?(.*).html/isU';
preg_match($p, $uri_, $r);
$uri_ = $r[1];
$parms_vars = explode("-", $uri_);
switch ($parms_vars[0]) {
case 'articlelist':
if (!empty($parms_vars[1])) {
$_GET['cid'] = intval($parms_vars[1]);
}
//var_dump($lg);exit;
if ($lg['memberid'] == 0 || $lg['groupid'] == 0) {
$lg['groupid'] = GROUP_GUESS;
//自动登录
if (!empty($lg['membername']) && !empty($lg['memberpass'])) {
$lgrow = $db->row_select_one("members", "membername='{$lg[membername]}' and memberpass='******'", "id,groupid");
if (empty($lgrow)) {
$lg['groupid'] = GROUP_GUESS;
} else {
if ($lgrow['groupid'] == GROUP_NOVERIFY || $lgrow['groupid'] == GROUP_NOVISIT || $lgrow['groupid'] == GROUP_VERIFYFAILED) {
//待验证 //禁止访问 //验证不通过
$cleart = -86400 * 365 * 2;
setCookies('membername', '', $cleart);
setCookies('memberpass', '', $cleart);
setCookies('expire', '', $cleart);
_header_("location:index.php");
} else {
setCookies('memberauth', md5($lg['membername'] . $lg['memberpass'] . $cache_settings['salt']), $lg['expire']);
wSESSION('memberid', $lgrow['id']);
wSESSION('groupid', $lgrow['groupid']);
$lg['memberid'] = intval(rSESSION('memberid'));
$lg['groupid'] = intval(rSESSION('groupid'));
}
}
}
}
//模板相关
$_SYS['styleid'] = $cache_settings['template'];
if (isset($_GET['preview'])) {
$_SYS['styleid'] = $_GET['styleid'];
$_SYS['styleid'] = str_replace(array("'", "/", "\\", "\"", "."), array('', '', '', '', ''), $_SYS['styleid']);
if ($username == '' || $userpass == '' || $userpass == '') {
$errtips = 'login_detailsrequired';
} elseif (strtolower(rSESSION('validationcode')) != strtolower($securitycode)) {
$errtips = 'login_validationcodeerr';
} else {
$userpass = encrypt($username, $userpass);
$row = $db->row_select_one("users", "username='******' and userpass='******'");
if ($row == null) {
$errtips = 'login_namepasserr';
} else {
$uobj['lastip'] = getIP();
$uobj['lasttime'] = time();
$db->row_update("users", $uobj, "id={$row['id']}");
wSESSION('isadmin', 1);
wSESSION('userid', $row['id']);
_header_("location:{$ref}");
$errtips = 'login_succeed';
}
}
} else {
//$ref = $_GET["ref"];
if ($ref == "") {
$ref = "index.php";
}
}
$errtipsstr = array('login_detailsrequired' => $_AL['login.required'], 'login_validationcodeerr' => $_AL['login.codeerr'], 'login_namepasserr' => $_AL['login.usererr']);
print <<<EOT
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
function attachment()
{
$host_referer = parse_url($_SERVER['HTTP_REFERER']);
$host_server = $_SERVER['HTTP_HOST'];
if (($pos = strpos($host_server, ':')) !== FALSE) {
$host_server = substr($host_server, 0, $pos);
}
if ($_SERVER['HTTP_REFERER'] && !($host_referer['host'] == $host_server)) {
$this->error('来源错误');
}
$id = I('get.id');
$id = empty($id) ? 0 : intval(I('get.id'));
if (empty($id)) {
$this->error('文件ID不存在');
}
$attach = D('attachments');
$row = $attach->where("id={$id}")->find();
if (empty($row)) {
$this->error('文件不存在');
}
$filepath = "/Public/uploadfile/images/" . $row['filepath'];
//if is image and redirect
//if(intval($_GET['r'])==1 && $row['type']==1){
if ($row['type'] == 1) {
if (!file_exists("." . $filepath)) {
$this->error('文件已经被删除');
}
//ob_end_clean();
$filepath = __ROOT__ . $filepath;
header("HTTP/1.1 301 Moved Permanently");
header("Last-Modified:" . date('r'));
header("Expires: " . date('r', time() + 86400));
header("Location:{$filepath}");
exit;
}
$filepath = ATT_PATH . "/uploadfile/attachment/" . $row['filepath'];
$filename = stristr($_SERVER['HTTP_USER_AGENT'], 'MSIE') ? urlencode($row['filename']) : $row['filename'];
ob_end_clean();
_header_('Content-Encoding: none');
_header_('Content-Type: application/octet-stream');
_header_('Content-Disposition: attachment; filename="' . $filename . '"');
_header_('Content-Length: ' . filesize($filepath));
getlocalfile($filepath, 1);
function getlocalfile($filename, $readmod = 2, $range = 0)
{
if ($readmod == 1 || $readmod == 3 || $readmod == 4) {
if ($fp = @fopen($filename, 'rb')) {
@fseek($fp, $range);
if (function_exists('fpassthru') && ($readmod == 3 || $readmod == 4)) {
@fpassthru($fp);
} else {
echo @fread($fp, filesize($filename));
}
}
@fclose($fp);
} else {
@readfile($filename);
}
@flush();
@ob_flush();
@ob_end_flush();
}
}
$db->row_insert("procates", $procate);
$procate['cateid'] = $db->insert_id();
}
writeProductsCateCache();
succeedFlag();
} catch (Exception $e) {
echo $e;
}
break;
case "sethide":
$procateid = intval($_GET['procateid']);
$hide = intval($_GET['hide']);
$procate['ishidden'] = $hide;
$db->row_update("procates", $procate, "id={$procateid}");
writeProductsCateCache();
_header_("location:admin.php?inc=procate&action=set");
//succeedFlag();
break;
case "delprocate":
try {
$cid = intval($_GET['cid']);
if (empty($cid)) {
exit($_AL['all.parmerr']);
}
$rows = $db->row_select("procates", "pid={$cid}");
if (!empty($rows)) {
exit($_AL['procate.deldown.failed']);
}
//del products
$db->row_delete("products", "cid={$cid}");
//del procates
break;
case "verifyY":
$msg['state'] = 1;
$db->row_update("msgs", $msg, "id in ({$idstr})");
break;
case "verifyN":
$msg['state'] = 0;
$db->row_update("msgs", $msg, "id in ({$idstr})");
break;
default:
echo $_AL['all.noaction'];
break;
}
succeedFlag();
}
} catch (Exception $e) {
echo $e;
}
break;
case "verify":
$id = intval($_GET['id']);
$state = intval($_GET['state']);
$msg['state'] = $state;
$db->row_update("msgs", $msg, "id={$id}");
_header_("location:{$_SERVER['HTTP_REFERER']}");
//succeedFlag();
break;
default:
echo $_AL['all.noaction'];
break;
}
<?php
require_once "./../inc/init.php";
require_once "./inc/adminfun.php";
require_once "./language/language.php";
if (!isAdmin()) {
_header_("location:login.php?ref=" . urlencode($_SERVER['REQUEST_URI']));
}
$inc = strFilter($_GET['inc']);
$action = strFilter($_GET['action']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>www.6kzz.com</title>
<link href="css/pager.css" rel="stylesheet" type="text/css" />
<link href="css/global.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="../getfiles.php?t=js&v=<?php
echo $_SYS['VERSION'];
?>
&f=tab|util|ajax|choosedate|color|jquery|admin"></script>
<script type="text/javascript" src="../inc/kindeditor/kindeditor.js"></script>
<script type="text/javascript" src="../js/admin.js"></script>
<script type="text/javascript">
var popwin = window.parent.popwin;
</script>
<style>
body{margin:10px;}
</style>
</head>
