/**
* 返回服务端.
*
* @return Response
*/
public function server(Request $request)
{
$account = account()->getAccountByTag($request->t);
if (!$account) {
return;
}
return $this->server->make($account);
}
function account_report_add($account, $account_type)
{
$acc = account($account);
if ($acc) {
pdo_update('account', array('report_count' => $acc['report_count'] + 1), array('account' => $account, 'account_type' => $account_type));
} else {
pdo_insert('account', array('account' => $account, 'account_type' => $account_type, 'report_count' => 1));
}
}
public function compose(View $view)
{
if (!Auth::check()) {
$newConversationsCount = 0;
} else {
$newConversationsCount = account()->participations()->unread()->count();
}
$view->with(compact('newConversationsCount'));
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!account()->chosedId()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect(admin_url('account'));
}
}
return $next($request);
}
public function verify()
{
$uid = $this->__Return_Verify($this->config);
if ($uid == 'VERIFY_FAILED')
{
return false;
}
account('ulogin')->token($uid, get('token'));
$this->adata || $this->__cddata();
get('target_url') && account()->loginReferer(get('target_url'), false);
return $uid;
}
public function __construct(FanGroupRepository $fanGroupRepository)
{
$account = account()->getCurrent();
/*
* 1 初始化 SDK Config
* 2 构建 SDK 对象
*/
$this->group = new Group($account->app_id, $account->app_secret);
/*
* 3 构建 FanGroup Repository 对象
*/
$this->fanGroupRepository = $fanGroupRepository;
}
public function queryuserid()
{
$this->CheckAdminPrivs('reports','ajax');
$username = get('username', 'string');
$acc = account()->Search('name', $username, 1);
if ($acc)
{
exit($acc['uid'].'');
}
else
{
exit('0');
}
}
public function CreateLink($payment, $parameter)
{
$parameter['name'] = preg_replace('/\&[a-z]{2,4}\;/i', '', $parameter['name']);
$parameter['detail'] = str_replace(array('"',"'",'\\','&'), '', $parameter['detail']);
$post = array(
'service' => $payment['config']['service'],
'payment_type' => '1',
'seller_email' => $payment['config']['account'],
'partner' => $payment['config']['partner'],
'return_url' => $parameter['notify_url'],
'notify_url' => $parameter['notify_url'],
'_input_charset' => ini('settings.charset'),
'show_url' => $parameter['product_url'],
'out_trade_no' => $parameter['sign'],
'subject' => $parameter['name'],
'body' => '',
'price' => $parameter['price'],
'quantity' => 1,
'logistics_fee' => '0.00',
'logistics_type' => 'EXPRESS',
'logistics_payment' => 'SELLER_PAY',
);
if ($payment['config']['service'] == 'create_partner_trade_by_buyer')
{
$parameter['addr_name'] || $parameter['addr_name'] = 'USER';
$parameter['addr_address'] || $parameter['addr_address'] = 'ADDRESS';
$parameter['addr_zip'] || $parameter['addr_zip'] = '000000';
$parameter['addr_phone'] || $parameter['addr_phone'] = '13000000000';
$post['receive_name'] = $parameter['addr_name'];
$post['receive_address'] = $parameter['addr_address'];
$post['receive_zip'] = $parameter['addr_zip'];
$post['receive_phone'] = $parameter['addr_phone'];
}
$token = account('ulogin')->token();
if ($token)
{
$post['token'] = $token;
}
$post['extend_param'] = 'isv^tt11';
return $this->__BuildForm($payment, $post);
}
function post_insertHandler()
{
if (!isset($_POST['comment'])) {
return false;
}
if ($_POST['comment'] == 'Type your comment here') {
return false;
}
$auth = account();
$what = array();
$what['feedback_comment'] = $_POST['comment'];
$what['user_upn'] = $auth['upn'];
//print_r($what);
$dbh = db_connect();
$result = db_insertFeedback($dbh, $what);
if ($result == -1) {
return false;
}
return true;
}
public function get_password() {
if(MEMBER_ID > 0) {
$this->msg('您已经登录了');
}
$is_android = stripos($_SERVER['HTTP_USER_AGENT'], 'android');
$act = ($_GET['act'] ? $_GET['act'] : $_POST['act']);
if('step2' == $act) {
$username = post('username');
if(empty($username)) {
$this->msg('用户名不能为空', -1);
}
$username = account()->username($username);
$user = dbc(DBCMax)->select("members")->where(array('username' => $username))->limit(1)->done();
if(false == $user) {
$this->msg('用户已经不存在了', -1);
}
$uid = $user['uid'];
if(empty($user['phone']) || false == $user['phone_validate']) {
$this->msg('该用户没有设置手机或该号码还没有通过验证,不能通过手机方式找回密码');
}
$phone = substr($user['phone'], 0, 3) . '****' . substr($user['phone'], -4);
$ret = logic('phone')->VfSend($user['phone'], $uid);
if($ret) {
$this->msg($ret);
}
} elseif ('step3' == $act) {
$uid = post('uid', 'int');
if($uid < 1) {
$this->msg('请指定一个用户UID');
}
$user = user($uid)->get();
if(false == $user) {
$this->msg('用户已经不存在了');
}
$vfcode = post('vfcode');
if(empty($vfcode)) {
$this->msg('手机验证码不能为空', -1);
}
if('' == $this->Post['password'])
{
$this->msg('新密码不能为空', -1);
}
if($this->Post['password']!=$this->Post['confirm'])
{
$this->msg('两次输入的密码不一致', -1);
}
$ret = logic('phone')->Vfcode($user['phone'], $vfcode, $uid);
if($ret) {
$this->msg($ret, -1);
}
if($user['email2']=='zuitu'){
$password=md5($this->Post['password'].'@4!@#$%@');
}else{
$password=md5($this->Post['password']);
}
$sql="UPDATE ".TABLE_PREFIX. 'system_members'." SET `password`='{$password}' WHERE uid='$uid'";
$this->DatabaseHandler->Query($sql);
$sql="UPDATE ".TABLE_PREFIX.'system_memberfields'." SET `authstr`='',`auth_try_times`='0' WHERE uid='$uid'";
$this->DatabaseHandler->Query($sql);
if ( true === UCENTER )
{
include_once (UC_CLIENT_ROOT . './client.php');
$result = uc_user_edit($user['username'], '', $this->Post['password'], '', 1);
if($result ==0 || $result ==1)
{
;
}
elseif($result ==-8)
{
$this->msg('您的帐号在UC里是管理员,请到UC里修改密码!');
}
else
{
$this->msg('通知UC修改密码失败,请检查你的UC配置!');
}
}
$this->msg("新密码设置成功");
}
include handler('template')->file('@wap/get_password');
}
function gl_link()
{
if ($this->input->post('cmdSave')) {
$data['accounts_payable'] = $this->acc_id($this->input->post('accounts_payable'));
$data['po_freight'] = $this->acc_id($this->input->post('po_freight'));
$data['po_other'] = $this->acc_id($this->input->post('po_other'));
$data['po_tax'] = $this->acc_id($this->input->post('po_tax'));
$data['po_discounts_taken'] = $this->acc_id($this->input->post('po_discounts_taken'));
$data['supplier_credit_account_number'] = $this->acc_id($this->input->post('supplier_credit_account_number'));
$data['inventory_sales'] = $this->acc_id($this->input->post('inventory_sales'));
$data['inventory'] = $this->acc_id($this->input->post('inventory'));
$data['inventory_cogs'] = $this->acc_id($this->input->post('inventory_cogs'));
$data['accounts_receivable'] = $this->acc_id($this->input->post('accounts_receivable'));
$data['so_freight'] = $this->acc_id($this->input->post('so_freight'));
$data['so_other'] = $this->acc_id($this->input->post('so_other'));
$data['so_tax'] = $this->acc_id($this->input->post('so_tax'));
$data['so_discounts_given'] = $this->acc_id($this->input->post('so_discounts_given'));
$data['customer_credit_account_number'] = $this->acc_id($this->input->post('customer_credit_account_number'));
$data['default_cash_payment_account'] = $this->acc_id($this->input->post('default_cash_payment_account'));
$data['earning_account'] = $this->acc_id($this->input->post('earning_account'));
$data['year_earning_account'] = $this->acc_id($this->input->post('year_earning_account'));
$data['historical_balance_account'] = $this->acc_id($this->input->post('historical_balance_account'));
$data['default_bank_account_number'] = $this->acc_id($this->input->post('default_bank_account_number'));
$data['default_credit_card_account'] = $this->acc_id($this->input->post('default_credit_card_account'));
$this->company_model->update($this->access->cid, $data);
$this->sysvar->save('COA Uang Muka Pembelian', $this->acc_id($this->input->post('txtUangMukaBeli')));
$this->sysvar->save('COA Retur Penjualan', $this->acc_id($this->input->post('txtReturJual')));
$this->sysvar->save('COA Item Out Others', $this->acc_id($this->input->post('txtCoaItemOut')));
$this->sysvar->save('COA Item In Others', $this->acc_id($this->input->post('txtCoaItemIn')));
$this->sysvar->save('COA Item Adjustment', $this->acc_id($this->input->post('txtCoaItemAdj')));
$this->sysvar->save('COA Uang Muka Penjualan', $this->acc_id($this->input->post('txtUangMukaJual')));
$this->sysvar->save('CoaChargeCreditCard', $this->acc_id($this->input->post('txtChargeCC')));
$this->sysvar->save('CoaPromo', $this->acc_id($this->input->post('txtPromo')));
$this->sysvar->save('CoaGift', $this->acc_id($this->input->post('txtGift')));
}
$set = $this->company_model->get_by_id($this->access->cid)->row();
$data['accounts_payable'] = account($set->accounts_payable);
$data['po_freight'] = account($set->po_freight);
$data['po_other'] = account($set->po_other);
$data['po_tax'] = account($set->po_tax);
$data['po_discounts_taken'] = account($set->po_discounts_taken);
$data['supplier_credit_account_number'] = account($set->supplier_credit_account_number);
$data['inventory_sales'] = account($set->inventory_sales);
$data['inventory'] = account($set->inventory);
$data['inventory_cogs'] = account($set->inventory_cogs);
$data['accounts_receivable'] = account($set->accounts_receivable);
$data['so_freight'] = account($set->so_freight);
$data['so_other'] = account($set->so_other);
$data['so_tax'] = account($set->so_tax);
$data['so_discounts_given'] = account($set->so_discounts_given);
$data['customer_credit_account_number'] = account($set->customer_credit_account_number);
$data['default_cash_payment_account'] = account($set->default_cash_payment_account);
$data['earning_account'] = account($set->earning_account);
$data['year_earning_account'] = account($set->year_earning_account);
$data['historical_balance_account'] = account($set->historical_balance_account);
$data['default_bank_account_number'] = account($set->default_bank_account_number);
$data['default_credit_card_account'] = account($set->default_credit_card_account);
$data['txtUangMukaBeli'] = account($this->sysvar->getvar('COA Uang Muka Pembelian'));
$data['txtReturJual'] = account($this->sysvar->getvar('COA Retur Penjualan'));
$data['txtCoaItemOut'] = account($this->sysvar->getvar('COA Item Out Others'));
$data['txtCoaItemIn'] = account($this->sysvar->getvar('COA Item In Others'));
$data['txtCoaItemAdj'] = account($this->sysvar->getvar('COA Item Adjustment'));
$data['txtUangMukaJual'] = account($this->sysvar->getvar('COA Uang Muka Penjualan'));
$data['txtChargeCC'] = account($this->sysvar->getvar('CoaChargeCreditCard'));
$data['txtPromo'] = account($this->sysvar->getvar('CoaPromo'));
$data['txtGift'] = account($this->sysvar->getvar('CoaGift'));
$this->template->display_form_input('admin/gl_link', $data);
}
function writebody()
{
global $db, $domain, $suserid, $sitename, $cachelife, $template, $gamesfolder, $thumbsfolder, $limitboxgames, $seo_on, $blogentriesshown, $enabledcode_on, $comments_on, $directorypath, $autoapprovecomments, $gamesonpage, $abovegames, $belowgames, $showwebsitelimit, $supportemail, $showblog, $blogentriesshown, $blogcharactersshown, $blogcommentpermissions, $blogcommentsshown, $blogfollowtags, $blogcharactersrss, $usrdata, $userid, $avatar_on, $gender_on, $aimg, $fimg, $mimg;
if (!isset($suserid)) {
echo '<div class=\'error\'>Please login first.</div>';
return;
}
function changeavatar()
{
global $domain, $db, $usrdata, $seo_on, $template, $directorypath;
$userid = $usrdata['userid'];
if (isset($_POST['avatar'])) {
$avatar = clean($_POST['avatar']);
if ($avatar == 0) {
mysql_query("UPDATE fas_users SET avatar='{$avatar}', avatarfile='' WHERE userid='{$userid}'");
echo '<div class=\'msg\'>Profile updated</div>';
} else {
function findexts($filename)
{
$filename = strtolower($filename);
$exts = explode(".", $filename);
$n = count($exts) - 1;
$exts = $exts[$n];
return $exts;
}
if ($_FILES['uploaded']['size'] > 40000) {
echo '<div class=\'error\'>File size too big.</div>';
return;
}
$ext = findexts($_FILES['uploaded']['name']);
$os = array("gif", "jpg", "jpeg", "png");
if (!in_array($ext, $os)) {
echo '<div class=\'error\'>File type not allowed or no file selected!</div>';
return;
} else {
}
$ran = "avatar";
$ran3 = $usrdata['userid'];
$ran4 = $ran . $userid . '.';
$avatarfile = $ran4 . $ext;
//This assigns the subdirectory you want to save into... make sure it exists!
$target = $directorypath . "avatars/";
//This combines the directory, the userid, and the extension
$target = $target . $ran4 . $ext;
if (move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) {
echo '<div class=\'msg\'>The file has been uploaded.</div>';
mysql_query("UPDATE fas_users SET avatar='{$avatar}', avatarfile='{$avatarfile}' WHERE userid='{$userid}'");
} else {
echo '<div class=\'error\'>Sorry, there was a problem uploading your file.</div>';
}
}
} else {
if ($seo_on == 1) {
$curl1 = '' . $domain . '/myaccount/changeavatar/';
} else {
$curl1 = '' . $domain . '/index.php?action=myaccount&cmd=changeavatar';
}
echo '<table align=\'center\' width="100%">
<tr>
<td colspan=\'4\' class=\'header\'>Edit Avatar</td>
</tr>
<tr>
<td class=\'content\'>
<form enctype=\'multipart/form-data\' action=\'' . $curl1 . '\' method=\'POST\'>
Use Avatar?:
<select type=\'dropdown\' name=\'avatar\'>
<option value=\'0\'>No</option>
<option value=\'1\' >Yes</option>
</select>
<p>
Please choose a file: <input name=\'uploaded\' type=\'file\' /><br />
<input type=\'submit\' value=\'Upload\' />
</form>
</td>
</tr>
</table>';
}
}
function account()
{
global $domain, $db, $seo_on, $usrdata, $utemplate, $template, $avatar_on, $gender_on, $aimg, $fimg, $mimg;
if ($seo_on == 1) {
$url1 = '' . $domain . '/myaccount/favorites/';
$url2 = '' . $domain . '/myaccount/changepassword/';
$url3 = '' . $domain . '/myaccount/';
$url4 = '' . $domain . '/messages/';
$url5 = '' . $domain . '/myaccount/changeavatar/';
$url6 = '' . $domain . '/myaccount/changequestion/';
$url7 = '' . $domain . '/myaccount/changeemail/';
} else {
$url1 = '' . $domain . '/index.php?action=myaccount&cmd=favorites';
$url2 = '' . $domain . '/index.php?action=myaccount&cmd=changepassword';
$url3 = '' . $domain . '/index.php?action=myaccount';
$url4 = '' . $domain . '/index.php?action=messages';
$url5 = '' . $domain . '/index.php?action=myaccount&cmd=changeavatar';
$url6 = '' . $domain . '/index.php?action=myaccount&cmd=changequestion';
$url7 = '' . $domain . '/index.php?action=myaccount&cmd=changeemail';
}
if (isset($_POST['newsletter'])) {
$userid = $usrdata['userid'];
$newsletter = clean($_POST['newsletter']);
$utemplate = clean($_POST['template']);
$aim = clean($_POST['aim']);
$icq = clean($_POST['icq']);
$msn = clean($_POST['msn']);
$yim = clean($_POST['yim']);
$location = clean($_POST['location']);
$job = clean($_POST['job']);
$website = clean($_POST['website']);
$link1 = clean($_POST['link1']);
$link2 = clean($_POST['link2']);
$link3 = clean($_POST['link3']);
$link4 = clean($_POST['link4']);
$link5 = clean($_POST['link5']);
$link6 = clean($_POST['link6']);
$link7 = clean($_POST['link7']);
$link8 = clean($_POST['link8']);
$sex = clean($_POST['sex']);
$interests = clean($_POST['interests']);
$bio = clean($_POST['bio']);
$ip = $_SERVER['REMOTE_ADDR'];
mysql_query("UPDATE fas_users SET newsletter='{$newsletter}', template='{$utemplate}', aim='{$aim}', icq='{$icq}', msn='{$msn}', yim='{$yim}', location='{$location}',\njob='{$job}', website='{$website}', link1='{$link1}', link2='{$link2}', link3='{$link3}', link4='{$link4}', link5='{$link5}', link6='{$link6}', link7='{$link7}', link8='{$link8}', sex='{$sex}', interests='{$interests}', bio='{$bio}', ip='{$ip}' WHERE userid='{$userid}'");
echo '<div class=\'msg\'>Profile updated</div><p>';
}
$userid = $usrdata['userid'];
$ir = $db->query(sprintf('SELECT * FROM fas_users WHERE userid=\'%u\'', $userid));
$r2 = $db->fetch_row($ir);
$username = $r2['username'];
$plays = $r2['plays'];
$newsletter = $r2['newsletter'];
$utemplate = $r2['template'];
$aim = $r2['aim'];
$icq = $r2['icq'];
$msn = $r2['msn'];
$yim = $r2['yim'];
$location = $r2['location'];
$job = $r2['job'];
$website = $r2['website'];
$link1 = $r2['link1'];
$link2 = $r2['link2'];
$link3 = $r2['link3'];
$link4 = $r2['link4'];
$link5 = $r2['link5'];
$link6 = $r2['link6'];
$link7 = $r2['link7'];
$link8 = $r2['link8'];
$sex = $r2['sex'];
$interests = $r2['interests'];
$bio = $r2['bio'];
$avatar = $r2['avatar'];
$avatarfile = $r2['avatarfile'];
if ($newsletter == "yes") {
$nsel = "selected";
} else {
$nsel = "";
}
if ($sex == "m") {
$msel = "selected";
}
if ($sex == "f") {
$fsel = "selected";
}
$avatarfileurl = get_avatar($userid);
echo '<table align=\'center\' width="100%">
<tr>
<td colspan=\'4\' class=\'header\'>My Account</td>
</tr>
<tr>
<td class=\'content\' style=\'padding:3px;\'><img src=\'' . $domain . '/avatars/' . $avatarfileurl . '\' height=\'100\' width=\'100\' /></td>
<td colspan=\'3\' class=\'content\' style=\'padding:3px;\'><a href=\'' . $url1 . '\'>My Favorites</a> -
<a href=\'' . $url2 . '\'>Change Password</a> -
<a href= \'' . $url6 . '\'>Change security question/answer</a> -
<a href= \'' . $url7 . '\'>Change email</a> -
<a href= \'' . $url4 . '\'>Messages</a> -
<a href= \'' . $url5 . '\'>Change Avatar</a>
</td>
</tr>
<tr>
<form action="' . $url3 . '" method="POST">
<td class="content">Games Played:</td>
<td class="content">' . $plays . '</td>
</tr>
<tr>
<td class="content">Newsletter:</td>
<td class="content"><select type="dropdown" name="newsletter">
<option value="no">No</option>
<option value="yes" ' . $nsel . ' >Yes</option>
</select>
</td>
</tr>
<tr>
<td class="content">Template:</td>
<td class="content"><select type="dropdown" name="template">
<option value="default">default</option>';
$theme = "SELECT * FROM fas_themes WHERE `active`='1'";
$theme = sqlcache('themes', $cachelife, $theme);
foreach ($theme as $row2) {
if ($row2['name'] == $utemplate) {
$usel = "selected";
} else {
$usel = NULL;
}
echo "<option value=" . $row2['name'] . " " . $usel . " >" . $row2['name'] . "</option>";
}
echo '
</select>
</td>
</tr>
<tr>
<td class="content">Location:</td>
<td class="content"><input name="location" type="text" size="50" value="' . $location . '"></td>
</tr>
<tr>
<td class="content">Website:<br><small>(Leave off the http://)</small></td>
<td class="content"><input name="website" type="text" size="50" value="' . $website . '"></td>
</tr>
<tr>
<td class="content">Occupation:<br></td>
<td class="content"><input name="job" type="text" size="50" value="' . $job . '"></td>
</tr>
<tr>
<td class="content">Sex:</td>
<td class="content"><select type="dropdown" name="sex" >
<option value="u">Undisclosed</option>
<option value="m" ' . $msel . '>Male</option>
<option value="f" ' . $fsel . '>Female</option>
</select></td>
</tr>
<tr>
<td class="content">AIM:</td>
<td class="content"><input name="aim" type="text" size="50" value="' . $aim . '"></td>
</tr>
<tr>
<td class="content">ICQ:</td>
<td class="content"><input name="icq" type="text" size="50" value="' . $icq . '"></td>
</tr>
<tr>
<td class="content">MSN:</td>
<td class="content"><input name="msn" type="text" size="50" value="' . $msn . '"></td>
</tr>
<tr>
<td class="content">Yahoo:</td>
<td class="content"><input name="yim" type="text" size="50" value="' . $yim . '"></td>
</tr>
<tr>
<td class="content">Interests:<br><small>100 characters<br>HTML/scripts not allowed!</small></td>
<td class="content"><textarea name="interests" rows="2" cols="50" >' . $interests . '</textarea></td>
</tr>
<tr>
<td class="content">About Me:<br><small>250 characters<br>HTML/scripts not allowed!</small></td>
<td class="content"><textarea name="bio" rows="4" cols="50" >' . $bio . '</textarea></td>
</tr>
<tr>
<td class="content">My Cool Sites:<br><small>For your MySpace profile, FaceBook, Twitter, Etc. <br>(Leave off the http://)</small></td>
<td class="content">
<input name="link1" type="text" size="50" value="' . $link1 . '"><br>
<input name="link2" type="text" size="50" value="' . $link2 . '"><br>
<input name="link3" type="text" size="50" value="' . $link3 . '"><br>
<input name="link4" type="text" size="50" value="' . $link4 . '"><br>
<input name="link5" type="text" size="50" value="' . $link5 . '"><br>
<input name="link6" type="text" size="50" value="' . $link6 . '"><br>
<input name="link7" type="text" size="50" value="' . $link7 . '"><br>
<input name="link8" type="text" size="50" value="' . $link8 . '">
</td>
</tr>
<tr>
<td class="content" colspan="4">
<input type="submit" name="submit" value="Submit Changes">
</td>
</tr>
</table>';
}
function deletefavorite()
{
global $domain, $db, $usrdata, $template;
$in1 = $db->query(sprintf('SELECT * FROM fas_games WHERE ID=\'%u\'', $_GET['deleteID']));
$in = $db->fetch_row($in1);
$gamename = preg_replace('#\\W#', '', $in['name']);
echo '<div class=\'msg\'>Are you sure you want to remove the game ' . $gamename . ' from your favorites?<br>
<a href=\'' . $domain . '/index.php?action=myaccount&cmd=favorites&deletename=' . $gamename . '&deleteID=' . $_GET['deleteID'] . '\'>Yes</a> <a href=\'' . $domain . '/index.php?action=myaccount&cmd=favorites\'>No</a></div>';
}
function favorites()
{
global $domain, $db, $usrdata, $thumbsfolder, $gamesfolder, $seo_on, $template;
if (isset($_GET['deleteID']) && !empty($_GET['deleteID'])) {
mysql_query('DELETE FROM fas_user_favorites WHERE userid=\'' . $usrdata['userid'] . '\' AND gameid=\'' . $_GET['deleteID'] . '\'');
echo '<div class=\'msg\'>Deleted ' . $_GET['deletename'] . ' from your favorites.</div>';
}
$ro = $db->query(sprintf('SELECT * FROM fas_user_favorites WHERE userid=\'' . $usrdata['userid'] . '\''));
echo '<table align=\'center\' width="100%">
<tr>
<td colspan=\'4\' class=\'header\'>My Favorites</td>
</tr>';
while ($r = $db->fetch_row($ro)) {
$in1 = $db->query(sprintf('SELECT * FROM fas_games WHERE ID=\'%u\'', $r['gameid']));
$in = $db->fetch_row($in1);
$gamename = preg_replace('#\\W#', '', $in['name']);
if ($seo_on == 1) {
$playlink = '' . $domain . '/play/' . $in['ID'] . '-' . $gamename . '.html';
} else {
$playlink = '' . $domain . '/index.php?action=play&ID=' . $in['ID'] . '';
}
echo '
<tr>
<td valign=\'top\' colspan=\'2\' class=\'header\'><a href=\'' . $playlink . '\'><b>' . $in['name'] . '</b></a></td>
</tr>
<tr>
<td width=\'55\' height=\'55\' valign=\'top\' class=\'content\'>
<a href=\'' . $playlink . '\'>
';
if ($in['type'] == 1) {
echo ' <img src=\'' . $domain . '/' . $thumbsfolder . '/' . $in['thumb'] . '\' width=\'55\' height=\'55\' border=\'0\' alt=\'' . $gamename . '\'>';
} else {
echo ' <img src=\'' . $in['thumburl'] . '\' width=\'55\' height=\'55\' border=\'0\' alt=\'' . $gamename . '\'>';
}
echo ' </a>
</td>
<td valign=\'top\' class=\'content\'>' . browsedesclimit($in['description']) . '';
mysql_query('DELETE FROM fas_user_favorites WHERE ID=' . $in['ID'] . '');
echo '<div style="float: right; padding-right: 20px;"><a href=\'' . $domain . '/index.php?action=myaccount&cmd=deletefavorite&deleteID=' . $in['ID'] . '\'><img src=\'' . $domain . '/templates/' . $template . '/images/delete.png\' border=\'0\' alt="delete" /></a></div>
</td>
</tr>';
}
echo '</table>';
echo ' ';
}
function changeemail()
{
global $domain, $db, $usrdata, $seo_on, $supportemail, $sitename, $template;
$userid = $usrdata['userid'];
$ir = $db->query(sprintf('SELECT * FROM fas_users WHERE userid=\'%u\'', $userid));
$r2 = $db->fetch_row($ir);
$current_email = $r2['email'];
if (isset($_POST['submit'])) {
$email = clean($_POST['email']);
if (!$email) {
echo '<div class=\'error\'>All feilds are required!</div>';
return;
}
if ($email == $current_email) {
echo '<div class=\'error\'>This is your current email. Change your email to something different</div>';
return;
}
$ru = $db->query('SELECT email FROM fas_users WHERE email=\'' . $email . '\'');
if ($db->num_rows($ru) == 1) {
echo '<div class=\'error\'>Email is already in use.</div>';
return;
}
$user_name = $usrdata[username];
$activation_number = rand();
$subject = 'Email change';
$message = 'Dear ' . $user_name . ',<br>We have recived a request to change your email on <a href="' . $domain . '">' . $sitename . '</a>. Please click <a href="' . $domain . '/index.php?action=activateemail&newemail=' . $email . '&oldemail=' . $current_email . '&id=' . $activation_number . '">here</a> to activate your new email.<br>Thanks,<br>' . $sitename . ' administration';
$headers = 'From: ' . $supportemail . '' . "\r\n" . 'Content-Type: text/html; charset=\\"iso-8859-1\\"' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($email, $subject, $message, $headers);
mysql_query("UPDATE fas_users SET `new_email`='{$email}', `new_email_key`='{$activation_number}' WHERE userid='{$usrdata['userid']}'");
echo '<div class=\'msg\'>An email has been sent for you to comfirm its correct.</div>';
}
if ($seo_on == 1) {
$surl = '' . $domain . '/myaccount/changeemail/';
} else {
$surl = '' . $domain . '/index.php?action=myaccount&cmd=changeemail';
}
echo '<form action=\'' . $surl . '\' method=\'POST\'>
<table width="100%">
<tr>
<td class=\'header\' colspan=\'2\'>Change email</td>
</tr>
<tr>
<td class=\'content\'>Email:</td>
<td class=\'content\'><input type=\'text\' name=\'email\' size=\'35\' value=\'' . $current_email . '\'></td>
</tr>
<tr>
<th colspan=\'2\' class=\'content\'><input type=\'submit\' name=\'submit\' value=\'Submit\'></th>
</tr>
</table>
</form>';
}
function changequestion()
{
global $domain, $db, $usrdata, $seo_on, $template;
if (isset($_POST['submit'])) {
$pass = clean($_POST['pass']);
$salt = $usrdata['salt'];
$pass = checkpass($pass, $salt);
$answer = clean($_POST['answer']);
$answer = checkPass($answer, $salt);
$question = clean($_POST['question']);
if (!$question || !$answer || !$pass) {
echo '<div class=\'error\'>All feilds were not filled out!</div>';
return;
}
if ($pass != $usrdata['password']) {
echo '<div class=\'error\'>Current Password is incorrect.</div>';
} else {
mysql_query("UPDATE fas_users SET `pass_question`='{$question}', `pass_answer`='{$answer}' WHERE userid='{$usrdata['userid']}'");
echo '<div class=\'msg\'>Question & answer updated.</div>';
}
}
if ($seo_on == 1) {
$surl = '' . $domain . '/myaccount/changequestion/';
} else {
$surl = '' . $domain . '/index.php?action=myaccount&cmd=changequestion';
}
$userid = $usrdata['userid'];
$ir = $db->query(sprintf('SELECT * FROM fas_users WHERE userid=\'%u\'', $userid));
$r2 = $db->fetch_row($ir);
$questionf = $r2['pass_question'];
echo '<form action=\'' . $surl . '\' method=\'POST\'>
<table width="100%">
<tr>
<td class=\'header\' colspan=\'2\'>Change password question/answer</td>
</tr>
<tr>
<td class=\'content\'>Question:</td>
<td class=\'content\'><input type=\'text\' name=\'question\' size=\'35\' value=\'' . $questionf . '\'></td>
</tr>
<tr>
<td class=\'content\'>Answer:</td>
<td class=\'content\'><input type=\'text\' name=\'answer\' size=\'35\' value=\'\'></td>
</tr>
<tr>
<td class=\'content\'>Current Password:</td>
<td class=\'content\'><input type=\'password\' name=\'pass\' size=\'35\'></td>
</tr>
<tr>
<th colspan=\'2\' class=\'content\'><input type=\'submit\' name=\'submit\' value=\'Submit\'></th>
</tr>
</table>
</form>';
}
function changepassword()
{
global $domain, $db, $usrdata, $seo_on, $template;
if (isset($_POST['submit'])) {
$salt = $usrdata['salt'];
$oldpass = clean($_POST['oldpass']);
$newpass = clean($_POST['newpass']);
$oldpass = checkpass($oldpass, $salt);
$newpass = setpass($newpass, $salt);
if (!$oldpass || !$newpass) {
echo '<div class=\'error\'>All feilds were not filled out!</div>';
return;
}
if ($oldpass != $usrdata['password']) {
echo '<div class=\'error\'>Old Password is incorrect.</div>';
} else {
$db->query(sprintf('UPDATE fas_users SET password=\'%s\' WHERE userid=\'%u\'', $newpass, $usrdata['userid']));
echo '<div class=\'msg\'>Password Updated</div>';
}
}
if ($seo_on == 1) {
$surl = '' . $domain . '/myaccount/changepassword/';
} else {
$surl = '' . $domain . '/index.php?action=myaccount&cmd=changepassword';
}
echo '<form action=\'' . $surl . '\' method=\'POST\'>
<table width="100%">
<tr>
<td class=\'header\' colspan=\'2\'>Change Password</td>
</tr>
<tr>
<td class=\'content\'>Old Password:</td>
<td class=\'content\'><input type=\'password\' name=\'oldpass\' size=\'35\'></td>
</tr>
<tr>
<td class=\'content\'>New Password:</td>
<td class=\'content\'><input type=\'password\' name=\'newpass\' size=\'35\'></td>
</tr>
<tr>
<th colspan=\'2\' class=\'content\'><input type=\'submit\' name=\'submit\' value=\'Submit\'></th>
</tr>
</table>
</form>';
}
if (!isset($_GET['cmd'])) {
$_GET['cmd'] = NULL;
}
switch ($_GET['cmd']) {
default:
account();
break;
case 'favorites':
favorites();
break;
case 'deletefavorite':
deletefavorite();
break;
case 'changepassword':
changepassword();
break;
case 'changequestion':
changequestion();
break;
case 'changeemail':
changeemail();
break;
case 'changeavatar':
changeavatar();
break;
}
}
function view($id, $message = null)
{
$id = urldecode($id);
$model = $this->customer_model->get_by_id($id)->row();
$data = $this->set_defaults($model);
$data['id'] = $id;
$data['mode'] = 'view';
$data['message'] = $message;
$data['finance_charge_acct'] = account($data['finance_charge_acct']);
$this->template->display_form_input('sales/customer', $data);
}
$sqlt = "SELECT * FROM `tests` where `id`='" . $row2[it] . "'";
$queryt = @mysql_query($sqlt);
$rowt = @mysql_fetch_array($queryt);
// Lấy cate1
$sql11 = "SELECT * FROM `cate1` where `id`='" . $rowt[id1] . "'";
$query11 = @mysql_query($sql11);
$row11 = @mysql_fetch_array($query11);
// Lấy cate2
$sql22 = "SELECT * FROM `cate2` where `id`='" . $row11[id2] . "'";
$query22 = @mysql_query($sql22);
$row22 = @mysql_fetch_array($query22);
// Lấy cate3
$sql33 = "SELECT * FROM `cate3` where `id`='" . $row22[id3] . "'";
$query33 = @mysql_query($sql33);
$row33 = @mysql_fetch_array($query33);
echo "\n<table class='lololol' width='100%'>\n<tr>\n<td rowspan='3' align='center'>\n<img src='" . $rowt['thumb'] . "' width='60' height='61' class='img2'>\n</td>\n<td class='title' colspan=2 width='100%'>\n<a href='./bao-cao-lam-thu/" . strtolower(str_filter(account($row2[uid], username))) . "/" . strtolower(str_filter($rowt[title])) . "-" . $row2['id'] . "'><div class='more2'>Xem</div></a>\n<a href='./bao-cao-lam-thu/" . strtolower(str_filter(account($row2[uid], username))) . "/" . strtolower(str_filter($rowt[title])) . "-" . $row2['id'] . "' style='font-size: 1.2em;' alt='" . $rowt['title'] . "' title='" . $rowt['title'] . "'><b>" . cu_t($rowt[title], 50) . "</a></b>\n</td>\n</tr>\n<tr>\n<td width='*'>\nNgày làm: <i id='yeah'>" . ti_me($row2[time]) . "</i>\n</td>\n<td width='100px'>\nĐiểm: <i id='yeah'>" . $row2[score] . "</i>\n</td>\n</tr>\n<tr>\n<td width='*'>\nDanh mục: <i id='yeah'><a href='./" . strtolower(str_filter($row33[title])) . "." . $row33[id] . "'>" . $row33[title] . "</a> > <a href='./" . strtolower(str_filter($row33[title])) . "/" . strtolower(str_filter($row22[title])) . "." . $row22[id] . "'>" . $row22[title] . "</a> > <a href='./" . strtolower(str_filter($row33[title])) . "/" . strtolower(str_filter($row22[title])) . "/" . strtolower(str_filter($row11[title])) . "." . $row11[id] . "'>" . $row11[title] . "</a></i></td>\n<td>\nThời gian hoàn thành: " . $row2[comp] . " phút\n</td>\n</tr>\n</table>\n";
}
echo "</fieldset>";
if ($page > 1) {
echo "<ul class='pagination' align='center'>";
$prev = $p - 1;
$next = $p + 1;
if ($p - 1 > 1) {
echo "<li><b><a href='./danh-sach-bao-cao-lam-thu-moi-nhat' title='Trang đầu tiên - 1'>«</a></b></li> ";
}
if ($p > 1) {
echo "<li><b><a href='./danh-sach-bao-cao-lam-thu-moi-nhat_" . $prev . "' title='Trang trước - " . $prev . "' alt='Trang trước - " . $prev . "'><font face='arial'>◄</font></a></b></li> ";
echo "<li><b><a href='./danh-sach-bao-cao-lam-thu-moi-nhat_" . $prev . "' title='Trang " . $prev . "' alt='Trang " . $prev . "'>" . $prev . "</a></b></li> ";
}
echo "<li><b><a title='Trang hiện tại' alt='Trang hiện tại' class='current'>" . $p . "</a></b></li> ";
if ($p < $page) {
function finish()
{
$sql = "insert into `test_history`(it,uid,comp,time) values('" . $_GET['it'] . "','" . $_SESSION["userid"] . "','" . $comp . "','" . $_POST["timee"] . "')";
$query = @mysql_query($sql);
$tid = @mysql_insert_id();
$comp = time() - $_POST["timee"];
$comp2 = round($comp / 60);
$sqlques = "SELECT * FROM `ques_parts` where `it`='" . $_GET['it'] . "'";
$queryques = @mysql_query($sqlques);
$i = 0;
$score = 0;
while ($rowques = @mysql_fetch_array($queryques)) {
$i++;
if ($rowques[answer] != NULL) {
$score2 = $score2 + $rowques[score];
if ($_POST["ans" . $i] == $rowques[tf]) {
$score = $score + $rowques[score];
$tf = 1;
} else {
$tf = 0;
}
$sqlqueshis = "insert into `ques_history`(qid,tid,content,tf) values('" . $rowques[id] . "','" . $tid . "','" . mysql_escape_string($_POST["ans" . $i]) . "','" . $tf . "')";
$queryqueshis = @mysql_query($sqlqueshis);
} else {
$sqlqueshis = "insert into `ques_history`(qid,tid,content,tf) values('" . $rowques[id] . "','" . $tid . "','" . mysql_escape_string($_POST["ans" . $i]) . "',3)";
$queryqueshis = @mysql_query($sqlqueshis);
}
}
$sql = "update `test_history` set `score`='" . $score . "',`comp`='" . $comp2 . "' where `id`=" . $tid . "";
$query = @mysql_query($sql);
$sql = "SELECT * FROM `tests` where `id`='" . $_GET['it'] . "'";
$query = @mysql_query($sql);
$row = @mysql_fetch_array($query);
echo "<h4 style='font-style: normal;'>Điểm: " . $score . "/" . $score2 . "</h4>";
echo "<h4 style='font-style: normal;'>Thời gian làm bài: " . $comp2 . " phút/" . $row[time2] . " phút</h4>";
echo "<center><p><a href='./bao-cao-lam-thu/" . strtolower(str_filter(account($_SESSION["userid"], username))) . "/" . strtolower(str_filter($row[title])) . "-" . $tid . "'><button class='button2'>Xem chi tiết kết quả</button></a><br/></p></center>";
}
exit(json_encode(['result' => 1, 'msg' => '举报账号不为空']));
}
if (empty($_GPC['type_id'])) {
exit(json_encode(['result' => 1, 'msg' => '举报类型不为空']));
}
if ($_GPC['account_type'] == 1 && !preg_match('/^[1-9][0-9]{4,12}$/', $_GPC['account'])) {
exit(json_encode(['result' => 1, 'msg' => '请输入正确的qq号']));
}
if ($_GPC['account_type'] == 2 && preg_match('/^\\d*$/', $_GPC['account'])) {
exit(json_encode(['result' => 1, 'msg' => '请输入正确的旺旺号']));
}
/*if (empty($_FILES['image'])) {
message('请上传图片作为证据');
}*/
load()->model('account');
$acc = account($_GPC['account']);
if ($acc['status_id'] == 2) {
exit(json_encode(['result' => 1, 'msg' => '此号已经在网站实名认证,如发现其有恶意行为,请第一时间联系我们网站客服QQ,下掉此QQ马甲。投诉电话:0773-3639184']));
}
$params['account'] = $_GPC['account'];
$params['report_ip'] = CLIENT_IP;
$ipAccTime = setting_module_load('report_set', 'timeLimit', 0);
$ipTime = setting_module_load('report_set', 'ipTime', 0);
$ipAccLimit = pdo_fetch("SELECT * FROM " . tablename('report') . " WHERE account=:account AND report_ip=:report_ip AND UNIX_TIMESTAMP()-time<{$ipAccTime}", $params);
if ($ipAccLimit && !cly_isAdmin()) {
exit(json_encode(['result' => 1, 'msg' => "禁止在{$ipAccTime}秒内举报同一账号"]));
}
$ipLimit = pdo_fetch("SELECT * FROM " . tablename('report') . " WHERE report_ip=:report_ip AND UNIX_TIMESTAMP()-time<{$ipTime}", array('report_ip' => CLIENT_IP));
if ($ipLimit && !cly_isAdmin()) {
exit(json_encode(['result' => 1, 'msg' => "禁止在{$ipTime}秒内重复举报"]));
}
public function decide(User $user, OrderCancellation $orderCancellation)
{
return $orderCancellation->isActive() and $orderCancellation->getReactor()->is(account());
}
function view($id, $message = null)
{
$id = urldecode($id);
$inventory = $this->inventory_model->get_by_id($id)->row();
$data = $this->set_defaults($inventory);
$data['id'] = $id;
$data['mode'] = 'view';
$data['message'] = $message;
$sql = "select q.item_number,i.description,q.gudang,sum(q.qty_masuk)-sum(q.qty_keluar) as quantity \n\t\t\t\tfrom qry_kartustock_union q left join inventory i on i.item_number=q.item_number \n\t\t\t\twhere q.item_number='{$id}' \t\t\n\t\t\t\tgroup by q.item_number,i.description,q.gudang ";
$data['qty_gudang'] = browse_simple($sql);
$data['inventory_account'] = account($data['inventory_account']);
$data['sales_account'] = account($data['sales_account']);
$data['cogs_account'] = account($data['cogs_account']);
$data['tax_account'] = account($data['tax_account']);
$this->template->display_form_input($this->file_view, $data, '');
}
default:
account();
}
// Funktionen für nicht angemelde User //
} elseif (isset($_GET['action'])) {
switch ($_GET['action']) {
case 'register':
account_register();
break;
case 'login':
account_login();
break;
case 'open':
account_aktiv((int) $_GET['id'], strsave(@$_GET['key']));
break;
case 'sendpw':
account_send_pw();
break;
case 'confirmdel':
account_del_confirm((int) $_GET['id'], strsave($_GET['code']));
break;
case 'change_pw':
account_change_pw((int) $_GET['userid'], strsave($_GET['code']));
break;
default:
account();
}
// Aufruf bei keiner action Angabe //
} else {
account();
}
}
$_GPC['account'] = trim($_GPC['account']);
if (empty($_GPC['account'])) {
exit(json_encode(['result' => false, 'msg' => '账号为空']));
}
$code = strtolower($_GPC['code']);
$hash = md5($code . $_W['config']['setting']['authkey']);
if ($_GPC['__code'] != $hash) {
exit(json_encode(['result' => false, 'msg' => '你输入的验证码不正确, 请重新输入.']));
}
checkQueryLimit();
$reportType = pdo_fetchall("SELECT * FROM " . tablename('report_type'), array(), 'id');
$accountStatus = pdo_fetchall("SELECT * FROM " . tablename('account_status'), array(), 'id');
$setting = setting_load();
load()->model('account');
$account = account($_GPC['account'], true);
if ($account) {
cly_cash_refresh($account);
$status = $account['status_id'];
$authTime = empty($account['auth_time']) ? '' : date('Y-m-d', $account['auth_time']);
$faker = <<<EOT
<tr style="color:red;font-weight:bold;height:40px">
<td colspan="4">
{$_GPC['account']}已被多数用户举报为恶意号码,请用户谨慎合作
</td>
</tr>
<tr style="color:red;font-weight:bold;height:40px">
<td colspan="2">
备注:{$account['remark']}
</td>
<td colspan="1">
function view($id, $message = null)
{
$id = urldecode($id);
$inventory = $this->inventory_model->get_by_id($id)->row();
$data = $this->set_defaults($inventory);
$data['id'] = $id;
$data['mode'] = 'view';
$data['message'] = $message;
$sql = "select q.item_number,i.description,q.gudang,sum(q.qty_masuk)-sum(q.qty_keluar) as quantity \n \t\tfrom qry_kartustock_union q left join inventory i on i.item_number=q.item_number \n\t\twhere q.item_number='{$id}' \t\t\n \t\tgroup by q.item_number,i.description,q.gudang ";
$data['qty_gudang'] = browse_simple($sql);
$data['inventory_account'] = account($data['inventory_account']);
$data['sales_account'] = account($data['sales_account']);
$data['cogs_account'] = account($data['cogs_account']);
$data['tax_account'] = account($data['tax_account']);
$data['quantity_in_stock'] = $this->inventory_model->quantity_in_stock($id);
$supp_name = "";
if ($query = $this->db->query("select supplier_name \n\t\t from suppliers where supplier_number='" . $inventory->supplier_number . "'")) {
if ($row = $query->row()) {
$supp_name = $row->supplier_name;
}
}
$data['supplier_name'] = $supp_name;
$this->session->set_userdata('_right_menu', 'inventory/inventory_menu');
$this->template->display_form_input($this->file_view, $data, '');
}
<input name="username" type="text" class="f-l input_h" placeholder="输入用户名、邮箱或手机号码" />
</div>
<div class="field">
<label>密 码</label>
<input name="password" type="password" class="f-l input_h"/>
<span class="lostpassword"><a href="?mod=get_password">忘记密码?</a></span>
</div>
<div class="field">
<input name="keeplogin" type="checkbox" checked="checked" id="check_remember" />
<label id="remember" for="check_remember">记住登录状态</label>
</div>
<div id="l_act">
<input type="submit" class="btn btn-primary" value="登 录">
</div>
</div>
<?=account('ulogin')->wlist()?>
</div>
</div>
</div>
</div>
<div class="site-ms__right">
<div class="t_area_out">
<h1>还没有本站帐户?</h1>
<div class="t_area_in">
<p><a class="R12" href="?mod=account&code=register">立即注册</a>,仅需30秒!</p>
</div>
</div>
<?=ui('widget')->load()?>
</div>
</form>
</div>
$lbl_home->setClass("labelMenuOption");
$lbl_home->setCaption("Home");
$table_home->onTap(home());
$table_home->addControl($img_home, 1, 1, 1, 1, "Center", "Middle");
$table_home->addControl($lbl_home, 1, 2, 1, 1, "Left", "Middle");
$table_account = new Table();
$table_account->setClass("tableMenuOption");
$table_account->setColumnsStyle("20%;80%");
$table_account->setInvisibleMode("Collapse Space");
$img_account = new Image();
$img_account->setImage("img/Android/hdpi/ic_product.png");
$img_account->setClass("imagemenu");
$lbl_account = new Label();
$lbl_account->setClass("labelMenuOption");
$lbl_account->setCaption("Account");
$table_account->onTap(account());
$table_account->addControl($img_account, 1, 1, 1, 1, "Center", "Middle");
$table_account->addControl($lbl_account, 1, 2, 1, 1, "Left", "Middle");
$table_transactions = new Table();
$table_transactions->setClass("tableMenuOption");
$table_transactions->setColumnsStyle("20%;80%");
$table_transactions->setInvisibleMode("Collapse Space");
$img_transactions = new Image();
$img_transactions->setImage("img/Android/hdpi/ic_category.png");
$img_transactions->setClass("imagemenu");
$lbl_transactions = new Label();
$lbl_transactions->setClass("labelMenuOption");
$lbl_transactions->setCaption("Transactions");
$table_transactions->onTap(transactions());
$table_transactions->addControl($img_transactions, 1, 1, 1, 1, "Center", "Middle");
$table_transactions->addControl($lbl_transactions, 1, 2, 1, 1, "Left", "Middle");
/**
* @return User|Shop|null
*/
protected function account()
{
return $this->currentAccount ?: ($this->currentAccount = account());
}
function DoAdd()
{
$this->CheckAdminPrivs('memberadd');
$data = array();
$data['username'] = trim($this->Post['username']);
$data['password'] = md5(trim($this->Post['password']));
$data['email'] = trim($this->Post['email']);
$data['role_type'] = in_array($this->Post['role_type'],array('normal','admin')) ? $this->Post['role_type'] : 'normal';
$data['role_id'] = 0;
$data['privs'] = '';
$data['regdate'] = time();
if ($data['username']=='' or $data['password']=='')
{
$this->Messager("用户名或密码不能为空");
}
$this->DatabaseHandler->SetTable(TABLE_PREFIX.'system_members');
$is_exists = $this->DatabaseHandler->Select('', "username='******'username']}'");
if($is_exists != false)
{
$this->Messager("用户名 {$data['username']} 已经被注册");
}
$result = $this->DatabaseHandler->Insert($data);
if($result != false)
{
account()->Validated($result);
$this->Messager("添加成功", 'admin.php?mod=member');
}
else
{
$this->Messager("添加失败");
}
}
function view($id, $message = null)
{
$id = urldecode($id);
$data['id'] = $id;
$model = $this->bank_accounts_model->get_by_id($id)->row();
$data = $this->set_defaults($model);
$data['mode'] = 'view';
$data['message'] = $message;
$data['account_id'] = account($data['account_id']);
$this->template->display_form_input($this->file_view, $data, '');
}
/**
* 解析新闻类型的菜单 [转换为事件/存储图文为素材].
*
* @param array $menu 菜单
*
* @return array
*/
private function resolveNewsMenu($menu)
{
$menu['type'] = 'click';
$mediaId = $this->materialService->saveArticle(account()->getCurrent()->id, $menu['news_info']['list'], null, Material::CREATED_FROM_WECHAT, Material::CAN_NOT_EDITED);
$menu['key'] = $this->eventService->makeMediaId($mediaId);
unset($menu['value']);
unset($menu['news_info']);
return $menu;
}
require 'eRx_xml.php';
$userRole = sqlQuery("select * from users where username=?", array($_SESSION['authUser']));
$userRole['newcrop_user_role'] = preg_replace('/erx/', '', $userRole['newcrop_user_role']);
$msg = '';
$doc = new DOMDocument();
$doc->formatOutput = true;
$r = $doc->createElement("NCScript");
$r->setAttribute('xmlns', 'http://secure.newcropaccounts.com/interfaceV7');
$r->setAttribute('xmlns:NCStandard', 'http://secure.newcropaccounts.com/interfaceV7:NCStandard');
$r->setAttribute('xmlns:xsi', 'http://www.w3.org/2001/XMLSchema-instance');
$doc->appendChild($r);
credentials($doc, $r);
user_role($doc, $r);
$page = $_REQUEST['page'];
destination($doc, $r, $page, $pid);
account($doc, $r);
if ($userRole['newcrop_user_role'] != 'manager') {
location($doc, $r);
}
if ($userRole['newcrop_user_role'] == 'doctor' || $page == 'renewal') {
LicensedPrescriber($doc, $r);
}
if ($userRole['newcrop_user_role'] == 'manager' || $userRole['newcrop_user_role'] == 'admin' || $userRole['newcrop_user_role'] == 'nurse') {
Staff($doc, $r);
}
if ($userRole['newcrop_user_role'] == 'supervisingDoctor') {
SupervisingDoctor($doc, $r);
}
if ($userRole['newcrop_user_role'] == 'midlevelPrescriber') {
MidlevelPrescriber($doc, $r);
}
/**
* 上传图文素材到远程.
*
* @param array $articles 图文素材
*
* @return string
*/
public function postRemoteArticles($articles)
{
$mediaService = new MediaService(account()->getCurrent()->app_id, account()->getCurrent()->app_secret);
return $mediaService->news($articles);
}
if ($_SESSION["userid"] == NULL) {
$x = explode('?' . $_SERVER['QUERY_STRING'], '?' . $_SERVER['QUERY_STRING'] . $_SERVER['REQUEST_URI']);
if ($x[1] == "/dang-nhap") {
echo "<li><a href='./dang-nhap'>Đăng nhập</a></li>";
echo "<li><a href='./dang-ky'>Đăng ký</a></li>";
} else {
echo "<li><a href='./dang-nhap?goto=" . $_SERVER['REQUEST_URI'] . "'>Đăng nhập</a></li>";
echo "<li><a href='./dang-ky?goto=" . $_SERVER['REQUEST_URI'] . "'>Đăng ký</a></li>";
}
} else {
if (logging_account(avatar) == NULL) {
$avatar = "./images/noavatar.jpg";
} else {
$avatar = logging_account(avatar);
}
echo "\n\t\t\t\t\t\t\t\t\t\t<li><a href='./thong-tin-thanh-vien-" . strtolower(str_filter(account($_SESSION["userid"], username))) . "-" . $_SESSION["userid"] . "' class='username'>\n\t\t\t\t\t\t\t\t\t\t\t\t<img class='img2' width='30px' height='30px' src='" . $avatar . "'>\n\t\t\t\t\t\t\t\t\t\t\t\t<span>" . logging_account(username) . "</span>\n\t\t\t\t\t\t\t\t\t\t\t\t</a>\n\t\t\t\t\t\t\t\t\t\t\t\t<div class='dropdown1'>\n\t\t\t\t\t\t\t\t\t\t\t\t<div class='dropdowntop'></div>\n\t\t\t\t\t\t\t\t\t\t\t\t<div class='dropdownbottom'>\n\t\t\t\t\t\t\t\t\t\t\t\t<ul class='menudrop1'>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a href='./danh-sach-de-da-dong-gop-cua-" . strtolower(str_filter(account($_SESSION["userid"], username))) . "-" . $_SESSION["userid"] . "'>Danh sách đề đã đóng góp</a></li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a href='./danh-sach-de-da-tai-cua-" . strtolower(str_filter(account($_SESSION["userid"], username))) . "-" . $_SESSION["userid"] . "'>Danh sách đề đã tải</a></li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a href='./thay-doi-thong-tin-thanh-vien'>Sửa thông tin cá nhân</a></li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a href='./doi-mat-khau'>Đổi mật khẩu</a></li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a href='./dang-xuat'>Đăng xuất</a></li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div class='clear'></div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t</ul>\n\t\t\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t\t\t\t\t</li>";
}
?>
</div>
</ul>
</div>
<br/>
<ul id="breadcrumb">
<li><a href="./" title="ĐềKiểmTra.Net">ĐềKiểmTra.Net</a></li>
<?php
if ($title4 != "") {
echo "<li><a href='" . $link4 . "' title='" . $title4 . "' id='title4'>" . $title4 . "</a></li>";
}
if ($title3 != "") {
echo "<li><a href='" . $link3 . "' title='" . $title3 . "' id='title3'>" . $title3 . "</a></li>";
}
