public function doWebSetting() { global $_W, $_GPC; checklogin(); load()->func('tpl'); $item = pdo_fetch("SELECT * FROM " . tablename($this->modulename . '_setting') . " WHERE weid = :weid", array(':weid' => $_W['uniacid'])); if (!empty($item)) { if (!empty($item['share_image'])) { $share_image = tomedia($item['share_image']); } } if (checksubmit('submit')) { $data = array('weid' => $_W['weid'], 'share_title' => trim($_GPC['share_title']), 'share_desc' => trim($_GPC['share_desc']), 'share_cancel' => trim($_GPC['share_cancel']), 'share_url' => trim($_GPC['share_url']), 'follow_url' => trim($_GPC['follow_url'])); if (!empty($_GPC['share_image'])) { $data['share_image'] = $_GPC['share_image']; load()->func('file'); file_delete($_GPC['share_image-old']); } if (!empty($item)) { pdo_update($this->modulename . '_setting', $data, array('weid' => $_W['uniacid'])); } else { pdo_insert($this->modulename . '_setting', $data); } message('更新成功!', $this->createWebUrl('setting'), 'success'); } include $this->template('setting'); }
function registreerNieuweUser($login, $pasw) { $_SESSION["msg"] = "Registratie niet gelukt. Probeer later opnieuw."; //default message //controleren of de login reeds gebruikt is.... $connection = new W_DatabaseHelper("cms"); $querystring = "SELECT * \n\t\t\t\t\t\t FROM users \n\t\t\t\t\t\t WHERE naam LIKE :login \n\t\t\t\t\t\t"; $bindValues = [":login" => $login]; $resultset = $connection->query($querystring, $bindValues); //$resultset = $connection->query($querystring); //var_dump($resultset); if (sizeof($resultset) > 0) { $_SESSION["msg"] = "Deze naam is reeds in gebruik. Gelieve een andere login te kiezen."; } else { $querystring = "INSERT INTO users(naam, paswoord, salt) \n\t\t\t\t\t\t\tVALUES (:login, :pasw, :newsalt) \n\t\t\t\t\t\t\t"; ///// SECURITY voor paswoord... //salt aanmaken $newsalt = generateSalt(); //parameter 5 in onderstaande lijn betekent dat we kiezen voor algoritme SHA256... $pasw = hash("sha256", $pasw . $newsalt); var_dump($pasw); $bindValues = [":login" => $login, ":pasw" => $pasw, ":newsalt" => $newsalt]; $resultset = $connection->query($querystring, $bindValues); $validatedUser = checklogin($login, $pasw); $_SESSION["msg"] = "Proficiat met uw registratie. U bent meteen ook ingelogd met uw nieuwe login en paswoord."; /// get the new user's userid... $querystring = "SELECT userid FROM users\n\t\t\t\t\t\t\tWHERE naam LIKE :login \n\t\t\t\t\t\t\tAND paswoord LIKE :pasw \n\t\t\t\t\t\t\tAND salt LIKE :newsalt\n\t\t\t\t\t\t\t"; $bindValues = [":login" => $login, ":pasw" => $pasw, ":newsalt" => $newsalt]; $resultset = $connection->query($querystring, $bindValues); var_dump($resultset); $_SESSION["user"] = $resultset[0]; $_SESSION["username"] = $login; } //return $resultmessage; }
public function doWebAwardlist() { global $_GPC, $_W; checklogin(); //$from_user = $_W['fans']['from_user']; $id = $_GPC['id']; if (checksubmit('delete')) { pdo_delete('mgamblemoon_user', " id IN ('" . implode("','", $_GPC['select']) . "')"); message('删除成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page']))); } if (!empty($_GPC['wid'])) { $wid = intval($_GPC['wid']); pdo_update('mgamblemoon_user', array('status' => intval($_GPC['status'])), array('id' => $wid)); message('标识领奖成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page']))); } $pindex = max(1, intval($_GPC['page'])); $psize = 50; $where = ''; $condition = array('mobile' => " AND b.mobile ='{$_GPC['profilevalue']}'", 'realname' => " AND b.realname ='{$_GPC['profilevalue']}'"); if (!empty($_GPC['profile'])) { $where .= $condition[$_GPC['profile']]; } $sql = "SELECT a.id, a.award,a.createtime,a.num,a.status, b.nickname, b.mobile FROM " . tablename('mgamblemoon_user') . " AS a\n\t\t\t\tLEFT JOIN " . tablename('fans') . " AS b ON a.from_user = b.from_user WHERE a.rid = {$id} {$where} ORDER BY a.huodeid ASC LIMIT " . ($pindex - 1) * $psize . ",{$psize}"; $list = pdo_fetchall($sql); if (!empty($list)) { $total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename('mgamblemoon_user') . " AS a\n\t\t\t\tLEFT JOIN " . tablename('fans') . " AS b ON a.from_user = b.from_user WHERE a.rid = '{$id}' {$where}"); $pager = pagination($total, $pindex, $psize); } include $this->template('awardlist'); }
public function doWebList() { global $_GPC, $_W; checklogin(); $weid = $_W['account']['weid']; //当前公众号ID $id = intval($_GPC['id']); $condition = ''; if (!empty($_GPC['name'])) { $condition .= " AND ( grabername LIKE '%{$_GPC['realname']}%' OR fitername LIKE '%{$_GPC['realname']}%' )"; } if (!empty($_GPC['mobile'])) { $condition .= " AND ( grabermobile = '{$_GPC['mobile']}' OR fitermobile = '{$_GPC['mobile']}' )"; } if (checksubmit('delete')) { pdo_delete('grabseat_record', " id IN ('" . implode("','", $_GPC['select']) . "')"); message('删除成功!', $this->createWebUrl('list', array('id' => $id, 'page' => $_GPC['page']))); } if (!empty($_GPC['wid'])) { $wid = intval($_GPC['wid']); pdo_update('grabseat_record', array('status' => intval($_GPC['status'])), array('id' => $wid)); message('标识领奖成功!', $this->createWebUrl('list', array('id' => $id, 'page' => $_GPC['page']))); } $pindex = max(1, intval($_GPC['page'])); $psize = 25; $list = pdo_fetchall("SELECT * FROM " . tablename('grabseat_record') . " WHERE weid = '{$_W['weid']}' {$condition} ORDER BY id DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize); $listtotal = pdo_fetchall("SELECT * FROM " . tablename('grabseat_record') . " WHERE weid = '{$_W['weid']}' {$condition} "); $total = count($listtotal); $pager = pagination($total, $pindex, $psize); include $this->template('list'); }
public function __web($f_name) { global $_W, $_GPC; checklogin(); $weid = $_W['uniacid']; //每个页面都要用的公共信息,今后可以考虑是否要运用到缓存 include_once 'web/' . strtolower(substr($f_name, 5)) . '.php'; }
public function __web($f_name) { global $_GPC, $_W; checklogin(); $uniacid = !empty($_W['uniacid']) ? $_W['uniacid'] : $_W['acid']; $rid = intval($_GPC['rid']); include_once 'fmweb/' . strtolower(substr($f_name, 5)) . '.php'; }
public function doWebsendlist() { global $_W; checklogin(); checkaccount(); $list = pdo_fetchall("select * from " . tablename($this->table) . " order by id desc"); include $this->template('list'); }
public function __comm($f_name) { global $_W, $_GPC; checklogin(); $weid = $_W['weid']; $subcp = $_GPC['subcp'] ? $_GPC['subcp'] : NULL; include_once 'web/wl' . strtolower(substr($f_name, 2)) . '.php'; }
public function doWebMoralist($rid, $state) { global $_GPC, $_W; checklogin(); $weid = $_W['account']['weid']; //当前公众号ID $id = intval($_GPC['id']); include $this->template('moralist'); }
public function doWebPrizes() { global $_GPC, $_W, $ptr_title; checklogin(); load()->func('tpl'); $op = $_GPC['op']; $group_id = intval($_GPC['group_id']); $settings = getModulesSettings($this->modulename); if ($group_id <= 0) { $group_id = $settings['prize_group']; } $_GPC['group_id'] = $group_id; $ops = array('display', 'edit', 'delete', 'test', 'record'); $op = in_array($op, $ops) ? $op : 'display'; $cls = new Prize(); $ptr_title = '奖品例表'; //ajax 按钮 if ($_W['ispost'] && $_W['isajax']) { if (!empty($_GPC['fieldmap']) && $_GPC['fieldmap'] == 'status' && $cls->change()) { exit('success'); } elseif (!empty($_GPC['fieldmap']) && $_GPC['fieldmap'] == 'release' && $cls->release()) { exit('success'); } exit('操作失败'); } if ($op == 'delete') { if ($cls->delete()) { message('删除成功!', $this->createWebUrl('Prizes')); } } elseif ($op == 'edit') { list($code, $groups) = $cls->groups(); $id = $_GPC['id']; $_W['page']['title'] = intval($id) > 0 ? '奖品编辑 - 主要业务模块 - 签到' : '奖品添加 - 主要业务模块 - 签到'; $ptr_title = intval($id) > 0 ? '奖品编辑' : '奖品添加'; list($code, $message, $prize) = $cls->edit(); if (!$code) { message($message); } if (intval($id) > 0 && empty($prize)) { message('奖品不存在.', $this->createWebUrl('Prizes', array('group_id' => $group_id))); } if ($code && !empty($message)) { message($message, $this->createWebUrl('Prizes', array('group_id' => $group_id))); } } elseif ($op == 'test') { $cls->test_lottery(1, $settings['prize_group']); } elseif ($op == 'record') { $prize = $cls->findPrize(); } if (checksubmit('import')) { $cls->import(); } //导入奖品 list($list, $total, $pager) = $cls->_list(); //未领 include $this->template('prizes'); }
public function doWebAwardlist() { global $_GPC, $_W; checklogin(); $id = intval($_GPC['id']); if (checksubmit('delete')) { pdo_delete('scratchcard_winner', " id IN ('" . implode("','", $_GPC['select']) . "')"); message('删除成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page']))); } if (!empty($_GPC['wid'])) { $wid = intval($_GPC['wid']); pdo_update('scratchcard_winner', array('status' => intval($_GPC['status'])), array('id' => $wid)); message('操作成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page']))); } $pindex = max(1, intval($_GPC['page'])); $psize = 50; $where = ''; $starttime = !empty($_GPC['start']) ? strtotime($_GPC['start']) : strtotime(date("Y-m-d", TIMESTAMP)); $endtime = !empty($_GPC['end']) ? strtotime($_GPC['end']) : strtotime(date("Y-m-d", TIMESTAMP)); $endtime = $endtime + 86400 - 1; $condition = array('isregister' => array('', " AND b.realname <> ''", " AND b.realname = ''"), 'isaward' => array('', " AND a.aid != '0'", " AND a.aid = '0'"), 'isstatus' => array('', " AND a.status != '0'", " AND a.status = '0'"), 'qq' => " AND b.qq ='{$_GPC['profilevalue']}'", 'mobile' => " AND b.mobile ='{$_GPC['profilevalue']}'", 'realname' => " AND b.realname ='{$_GPC['profilevalue']}'", 'title' => " AND a.award = '{$_GPC['awardvalue']}'", 'description' => " AND a.description = '{$_GPC['awardvalue']}'", 'starttime' => " AND a.createtime >= '{$starttime}'", 'endtime' => " AND a.createtime <= '{$endtime}'"); if (!isset($_GPC['isregister'])) { $_GPC['isregister'] = 1; } $where .= $condition['isregister'][$_GPC['isregister']]; if (!isset($_GPC['isaward'])) { $_GPC['isaward'] = 1; } $where .= $condition['isaward'][$_GPC['isaward']]; if (!empty($_GPC['profile'])) { $where .= $condition[$_GPC['profile']]; } if (!empty($_GPC['award'])) { $where .= $condition[$_GPC['award']]; } if (!isset($_GPC['isstatus'])) { $_GPC['isstatus'] = 0; } $where .= $condition['isstatus'][$_GPC['isstatus']]; if (!empty($starttime)) { $where .= $condition['starttime']; } if (!empty($endtime)) { $where .= $condition['endtime']; } $sql = "SELECT a.id, a.award, a.description, a.status, a.createtime, b.realname, b.mobile, b.qq FROM " . tablename('scratchcard_winner') . " AS a\n\t\t\t\tLEFT JOIN " . tablename('fans') . " AS b ON a.from_user = b.from_user WHERE a.rid = '{$id}' AND a.award <> '' {$where} ORDER BY a.createtime DESC, a.status ASC LIMIT " . ($pindex - 1) * $psize . ",{$psize}"; $list = pdo_fetchall($sql); if (!empty($list)) { $total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename('scratchcard_winner') . " AS a\n\t\t\t\tLEFT JOIN " . tablename('fans') . " AS b ON a.from_user = b.from_user WHERE a.rid = '{$id}' AND a.award <> '' {$where}"); $pager = pagination($total, $pindex, $psize); } include $this->template('awardlist'); }
public function doWebAwardlist() { global $_GPC, $_W; load()->func('tpl'); checklogin(); $id = intval($_GPC['id']); if (checksubmit('delete')) { if (is_array($_GPC['select'])) { pdo_delete('egg_winner', " id IN ('" . implode("','", $_GPC['select']) . "')"); message('删除成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page']))); } message('未选择任何记录,无法删除!', '', 'error'); } if (!empty($_GPC['wid'])) { $wid = intval($_GPC['wid']); pdo_update('egg_winner', array('status' => intval($_GPC['status'])), array('id' => $wid)); message('操作成功!', $this->createWebUrl('awardlist', array('id' => $id, 'page' => $_GPC['page']))); } $pindex = max(1, intval($_GPC['page'])); $psize = 15; $where = ''; if (empty($starttime) || empty($endtime)) { $starttime = strtotime('-1 month'); $endtime = TIMESTAMP; } if (!empty($_GPC['daterange'])) { $starttime = strtotime($_GPC['daterange']['start']); $endtime = strtotime($_GPC['daterange']['end']) + 86399; } $condition = array('isregister' => array('0' => '', '1' => " AND b.realname <> ''", '2' => " AND b.realname = ''"), 'isaward' => array('0' => '', '1' => " AND a.award <> ''", '2' => " AND a.award = ''"), 'qq' => " AND b.qq LIKE '%{$_GPC['profilevalue']}%'", 'mobile' => " AND b.mobile LIKE '%{$_GPC['profilevalue']}%'", 'realname' => " AND b.realname LIKE '%{$_GPC['profilevalue']}%'", 'title' => " AND a.award LIKE '%{$_GPC['awardvalue']}%'", 'description' => " AND a.description LIKE '%{$_GPC['awardvalue']}%'", 'starttime' => " AND a.createtime >= '{$starttime}'", 'endtime' => " AND a.createtime <= '{$endtime}'"); $where .= $condition['isregister'][$_GPC['isregister']]; $where .= $condition['isaward'][$_GPC['isaward']]; if (!empty($_GPC['profile'])) { $where .= $condition[$_GPC['profile']]; } if (!empty($_GPC['award'])) { $where .= $condition[$_GPC['award']]; } $where .= $condition['starttime']; $where .= $condition['endtime']; $sql = "SELECT a.id, a.award, a.description, a.status, a.createtime, b.realname, b.mobile, b.qq FROM " . tablename('egg_winner') . " a\r\n\t\t\t\tJOIN " . tablename('mc_mapping_fans') . " f on f.openid = a.from_user JOIN " . tablename('mc_members') . " b ON b.uid = f.uid\r\n\t\t\t\tWHERE a.rid = '{$id}' {$where} ORDER BY a.createtime DESC, a.status ASC LIMIT " . ($pindex - 1) * $psize . ",{$psize}"; $list = pdo_fetchall($sql); if (!empty($list)) { $sql = "SELECT COUNT(*) FROM " . tablename('egg_winner') . " AS a JOIN " . tablename('mc_mapping_fans') . " AS f on f.openid = a.from_user\r\n\t\t\t\t\tJOIN " . tablename('mc_members') . " b ON b.uid = f.uid WHERE a.rid = '{$id}' "; $total = pdo_fetchcolumn($sql); $pager = pagination($total, $pindex, $psize); } include $this->template('awardlist'); }
function index() { //user must be logged in checklogin(); /*** move to model after demo ***/ $data['tables'] = $this->db->query("SELECT * FROM " . DATABASE_TABLE_RULES . " WHERE is_hidden=0")->result(); $data['groups'] = $this->db->query("SELECT * FROM " . DATABASE_MENU_GROUPS)->result(); $meta['company_info'] = $this->ContentModel->getCompanyInfo(); $meta['page_title'] = "Welcome"; $meta['breadcrumbs']['none'] = 'search'; $this->load->view('includes/header', $meta); $this->load->view('homeview', $data); $this->load->view('includes/footer'); /*** end move to model after demo ***/ }
public function doWebDeleteaward() { checklogin(); global $_W, $_GPC; $id = intval($_GPC['id']); $rid = intval($_GPC['rid']); $sql = "SELECT id FROM " . tablename('stonefish_luckynum_award') . " WHERE `id`=:id"; $row = pdo_fetch($sql, array(':id' => $id)); if (empty($row)) { message('抱歉,奖品不存在或是已经被删除!', '', 'error'); } if (pdo_delete('stonefish_luckynum_award', array('id' => $id))) { message('奖品删除成功', murl('platform/reply/post', array('m' => 'stonefish_luckynum', 'rid' => $rid)), 'success'); } }
public function doWebDisplay() { global $_GPC, $_W; checklogin(); $id = intval($_GPC['id']); if (checksubmit('delete')) { pdo_delete('exchange_record', " id IN ('" . implode("','", $_GPC['select']) . "')"); message('删除成功!', $this->createWebUrl('display', array('id' => $id, 'page' => $_GPC['page']))); } $pindex = max(1, intval($_GPC['page'])); $psize = 15; $exchangeinfo = pdo_fetchall('SELECT * FROM ' . tablename('exchange_record') . ' WHERE rid= :rid ORDER BY `id` desc LIMIT ' . ($pindex - 1) * $psize . ',' . $psize, array(':rid' => $id)); $total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('exchange_record') . " WHERE weid = '{$_W['weid']}' AND rid = '{$id}' "); $pager = pagination($total, $pindex, $psize); include $this->template('display'); }
public function doWebDisplay() { global $_GPC, $_W; checklogin(); $id = intval($_GPC['id']); if (checksubmit('delete')) { pdo_delete('lxy_signin_record', " id IN ('" . implode("','", $_GPC['select']) . "')"); message('删除成功!', $this->createWebUrl('display', array('id' => $id, 'page' => $_GPC['page']))); } $pindex = max(1, intval($_GPC['page'])); $psize = 15; $signinlist = pdo_fetchall('SELECT * FROM ' . tablename('lxy_signin_record') . ' WHERE weid= :weid order by `id` desc LIMIT ' . ($pindex - 1) * $psize . ',' . $psize, array(':weid' => $_W['weid'])); $total = pdo_fetchcolumn('SELECT count(1) as totle FROM ' . tablename('lxy_signin_record') . ' WHERE weid= :weid order by `id` desc ', array(':weid' => $_W['weid'])); $pager = pagination($total, $pindex, $psize); include $this->template('display'); }
public function doWebmanage() { global $_GPC, $_W; checklogin(); $id = intval($_GPC['id']); if (checksubmit('delete') && !empty($_GPC['select'])) { pdo_delete($this->tablename, " id IN ('" . implode("','", $_GPC['select']) . "')"); message('删除成功!', create_url('site/module/manage', array('name' => 'msg', 'id' => $id, 'page' => $_GPC['page']))); } $pindex = max(1, intval($_GPC['page'])); $psize = 20; $list = pdo_fetchall("SELECT * FROM " . tablename('msg_reply') . " AS a INNER JOIN " . tablename('fans') . " AS b ON a.fid=b.id WHERE a.rid = '{$id}' ORDER BY a.create_time DESC LIMIT " . ($pindex - 1) * $psize . ",{$psize}"); if (!empty($list)) { $total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('msg_reply') . " WHERE rid = '{$id}'"); $pager = pagination($total, $pindex, $psize); } include $this->template('manage'); }
function menu($id) { checklogin(); $data['group'] = $this->memcached_library->get("navigation_menu_group_{$id}"); $data['tables'] = $this->memcached_library->get("navigation_menu_data_tables_{$id}"); if (!$data['group']) { $data['group'] = $this->db->query("SELECT * FROM " . DATABASE_MENU_GROUPS . " WHERE id='{$id}'")->row(); // $this->memcached_library->set("navigation_menu_group_$id", $data['group']); } if (!$data['tables']) { $data['tables'] = $this->db->query("SELECT m.table_name FROM " . DATABASE_TABLE_RULES . " m JOIN " . DATABASE_MENU_GROUPS . " n ON n.id=m.group_id WHERE m.is_hidden=0 AND n.id='{$id}' ORDER BY m.`order`")->result(); // $this->memcached_library->set("navigation_menu_data_tables_$id", $data['tables']); } if (strtolower($data['group']->group_name) != 'reports') { $t = (array) $data['tables']; ### $e = $this->session->userdata('user'); $f = $e['access']; // echo "<pre>"; // print_r($f); // echo "</pre>";die() ### $g = array(); foreach ($t as $tt) { if (in_array($tt->table_name, $f)) { $g[] = $tt->table_name; } } // echo "<pre>"; // print_r($g); // echo "</pre>";die(); redirect('/content/' . $g[0]); exit; } else { $data['reports'] = $this->memcached_library->get("navigation_menu_data_reports"); if (!$data['reports']) { $data['reports'] = $this->db->query("SELECT * FROM " . DATABASE_REPORTS)->result(); //$this->memcached_library->set("navigation_menu_data_reports", $data['reports']); } $t = (array) $data['reports']; redirect('/reports/' . $t[0]->id); exit; } }
public function doWebSetout() { global $_GPC, $_W; checklogin(); $id = intval($_GPC['id']); $rid = $_GPC['rid']; $item = pdo_fetch('SELECT * FROM ' . tablename($this->wintable) . ' WHERE id=:id ', array(':id' => $id)); if (checksubmit('submit')) { $data = array('sendwcontinuedays' => $_GPC['sendwcontinuedays'] + intval($item['sendwcontinuedays']), 'sendwsumdays' => $_GPC['sendwsumdays'] + intval($item['sendwsumdays']), 'sendwsumfirst' => $_GPC['sendwsumfirst'] + intval($item['sendwsumfirst']), 'wcontinuedays' => $item['wcontinuedays'] - intval($_GPC['sendwcontinuedays']), 'wsumdays' => $item['wsumdays'] - $_GPC['sendwsumdays'], 'wsumfirst' => $item['wsumfirst'] - $_GPC['sendwsumfirst']); //上传图片 if (empty($id)) { message('发放异常!', '', 'error'); } else { pdo_update($this->wintable, $data, array('id' => $id)); } message('发放奖品成功!', $this->createWebUrl('awardlist', array('id' => $rid)), 'success'); } include $this->template('awardsent'); }
public function doWebList() { global $_W, $_GPC; checklogin(); $id = intval($_GPC['id']); if (checksubmit('delete') && !empty($_GPC['select'])) { pdo_delete('timeaxis', " id IN ('" . implode("','", $_GPC['select']) . "')"); message('删除成功!', create_url('site/module', array('do' => 'list', 'name' => 'timeaxis'))); } $pindex = max(1, intval($_GPC['page'])); $psize = 10; $timelist = pdo_fetchall("SELECT * FROM " . tablename('timeaxis') . " WHERE weid=:wid ORDER BY id ASC LIMIT " . ($pindex - 1) * $psize . ",{$psize}", array(':wid' => $_W['weid'])); //print_r($list); if (!empty($timelist)) { $total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('timeaxis')); $pager = pagination($total, $pindex, $psize); } include $this->template('list'); }
public function doList() { global $_GPC, $_W; checklogin(); $weid = $_W['weid']; if (checksubmit('delete')) { pdo_delete('heka_list', " id IN ('" . implode("','", $_GPC['select']) . "')"); message('删除成功!', create_url('site/module', array('do' => 'list', 'name' => 'heka', 'page' => $_GPC['page']))); } $pindex = max(1, intval($_GPC['page'])); $psize = 50; $where = ''; $sql = "SELECT * FROM " . tablename('heka_list') . " WHERE weid = {$weid} ORDER BY create_time DESC LIMIT " . ($pindex - 1) * $psize . ",{$psize}"; $list = pdo_fetchall($sql); if (!empty($list)) { $total = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename('heka_list') . " WHERE weid = {$weid}"); $pager = pagination($total, $pindex, $psize); } include $this->template('list'); }
public function doUploadMusic() { global $_W; checklogin(); if (empty($_FILES['attachFile']['name'])) { $result['message'] = '请选择要上传的音乐!'; exit(json_encode($result)); } if ($_FILES['attachFile']['error'] != 0) { $result['message'] = '上传失败,请重试!'; exit(json_encode($result)); } if ($file = $this->fileUpload($_FILES['attachFile'], 'music')) { if (!$file['success']) { exit(json_encode($file)); } $result['url'] = $_W['config']['upload']['attachdir'] . $file['path']; $result['error'] = 0; $result['filename'] = $file['path']; exit(json_encode($result)); } }
function checkfacebook() { require './fb/facebook.php'; $facebook = new Facebook(array('appId' => '430750040324017', 'secret' => '9270d721dd3ace32a18e0548a1aee947', 'cookie' => true)); $user = $facebook->getUser(); if ($user) { try { // Proceed knowing you have a logged in user who's authenticated. $user_profile = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); $user = null; } } if ($user) { $logoutUrl = $facebook->getLogoutUrl(); echo "<br>{$user_profile['id']}<br>{$user_profile['username']}"; $fbuser = $user_profile['username']; $fbpw = $user_profile['id']; $fbfname = $user_profile['first_name']; $fblname = $user_profile['last_name']; $datetime = date('Y-m-d H:i:s', time()); if (checklogin($fbuser, $fbpw)) { echo "Welcome back"; } else { $postsql = "INSERT INTO `userinfo` VALUES (NULL, '{$fbuser}','{$fbfname}','{$fblname}', '{$fbpw}', 1, '{$datetime}', 0);"; include 'uploadinformation.php'; postthing($postsql); } $_SESSION['email'] = $fbuser; $_SESSION['pass'] = $fbpw; $_SESSION['facebook'] = 1; header("Location: http://localhost/givemebook/index.php"); } else { $loginUrl = $facebook->getLoginUrl(); echo "{$loginUrl}"; header("Location: {$loginUrl}"); } }
function registreerNieuweUser($login, $pasw) { //controleren of de login reeds gebruikt is.... $connection = new W_DatabaseHelper("cms"); $querystring = "SELECT * \n\t\t\t\t\t\t FROM users \n\t\t\t\t\t\t WHERE naam LIKE :login \n\t\t\t\t\t\t"; $bindValues = [":login" => $login]; $resultset = $connection->query($querystring, $bindValues); //$resultset = $connection->query($querystring); //var_dump($resultset); if (sizeof($resultset) > 0) { $resultmessage = "Deze naam is reeds in gebruik. Gelieve een andere login te kiezen."; } else { $querystring = "INSERT INTO users(naam, paswoord) \n\t\t\t\t\t\t\tVALUES (:login, :pasw) \n\t\t\t\t\t\t\t"; $bindValues = [":login" => $login, ":pasw" => $pasw]; $resultset = $connection->query($querystring, $bindValues); $validatedUser = checklogin($login, $pasw); $resultmessage = "Proficiat met uw registratie. U bent meteen ook ingelogd met uw nieuwe login en paswoord."; $_SESSION["user"] = $validatedUser; $_SESSION["username"] = $login; } return $resultmessage; }
public function doSet() { global $_GPC, $_W; checklogin(); if ($_GPC['action'] == 'save') { $id = intval($_GPC['id']); $data = array('weid' => $_W['weid'], 'status' => intval($_GPC['status']), 'isshow' => intval($_GPC['isshow'])); if ($id == 0) { $temp = pdo_insert('message_reply', $data); } else { $temp = pdo_update('message_reply', $data, array('weid' => $_W['weid'], 'id' => $id)); } if ($temp === false) { message('数据保存错误,请稍后再试试'); } else { message('数据更新成功!', $this->createWebUrl('Set'), 'success'); } } $message = pdo_fetch("SELECT id, isshow FROM " . tablename('message_reply') . " WHERE weid = '{$_W['weid']}' LIMIT 1"); if ($message == false) { $message = array('id' => 0, 'status' => 1, 'isshow' => 1); } include $this->template('set'); }
<?php /** * [Weizan System] Copyright (c) 2014 012WZ.COM * Weizan is NOT a free software, it under the license terms, visited http://www.012wz.com/ for more details. */ defined('IN_IA') or exit('Access Denied'); include_once 'common/common.inc.php'; global $_W, $_GPC; checklogin(); $_W['page']['title'] = "购买短信"; $ops = array("record"); $op = in_array($_GPC["op"], $ops) ? $_GPC["op"] : "display"; $settings = get_settings(); if ($_W['ispost'] && $_W['isajax']) { $number = intval($_GPC["number"]); $result = array("code" => 0, "message" => "提交失败,请重试!"); if ($_W["user"]["uid"] <= 0) { die(json_encode(array("code" => 0, "message" => "获取身份失败,请重新登录"))); } if ($_W["user"]["credit2"] <= 0) { die(json_encode(array("code" => 1, "message" => "余额不足,请进行充值", "url" => $this->createWebUrl("Recharge")))); } if ($number < 1) { die(json_encode(array("code" => 0, "message" => "至少购买1条"))); } $price = 0.1; if (!empty($settings) && doubleval($settings["dx_UnitPrice"]) > 0) { $price = doubleval($settings["dx_UnitPrice"]); } $total = $price * $number;
public function doWebOrder() { global $_GPC, $_W; checklogin(); $hotelid = intval($_GPC['hotelid']); $hotel = pdo_fetch("select id,title from " . tablename('hotel2') . " where id=:id limit 1", array(":id" => $hotelid)); $roomid = intval($_GPC['roomid']); $room = pdo_fetch("select id,title from " . tablename('hotel2_room') . " where id=:id limit 1", array(":id" => $roomid)); $op = $_GPC['op']; if ($op == 'edit') { $id = $_GPC['id']; if (!empty($id)) { $item = pdo_fetch("SELECT * FROM " . tablename('hotel2_order') . " WHERE id = :id", array(':id' => $id)); if (empty($item)) { message('抱歉,订单不存在或是已经删除!', '', 'error'); } } if (checksubmit('submit')) { $old_status = $_GPC['old_status']; $data = array('status' => $_GPC['status'], 'msg' => $_GPC['msg'], 'mngtime' => time()); $params = array(); $sql = "SELECT id, roomdate, num FROM " . tablename('hotel2_room_price'); $sql .= " WHERE 1 = 1"; $sql .= " AND roomid = :roomid"; $sql .= " AND roomdate >= :btime AND roomdate < :etime"; $sql .= " AND status = 1"; $params[':roomid'] = $item['roomid']; $params[':btime'] = $item['btime']; $params[':etime'] = $item['etime']; //订单确认 if ($data['status'] == 1 && $old_status != 1) { $room_date_list = pdo_fetchall($sql, $params); if ($room_date_list) { //$change_data = array(); foreach ($room_date_list as $key => $value) { $num = $value['num']; if ($num > 0) { if ($num > $item['nums']) { $now_num = $num - $item['nums']; } else { $now_num = 0; } pdo_update('hotel2_room_price', array('num' => $now_num), array('id' => $value['id'])); } } } } //订单取消 //print_r($old_status . '=>' . $data['status']); exit; if ($old_status == 1 && ($data['status'] == -1 || $data['status'] == 2)) { $room_date_list = pdo_fetchall($sql, $params); if ($room_date_list) { foreach ($room_date_list as $key => $value) { $num = $value['num']; if ($num >= 0) { $now_num = $num + $item['nums']; pdo_update('hotel2_room_price', array('num' => $now_num), array('id' => $value['id'])); } } } } pdo_update('hotel2_order', $data, array('id' => $id)); message('订单信息处理完成!', $this->createWebUrl('order', array('hotelid' => $hotelid, "roomid" => $roomid)), 'success'); } $btime = $item['btime']; $etime = $item['etime']; $start = date('m-d', $btime); $end = date('m-d', $etime); //日期列 $days = ceil(($etime - $btime) / 86400); //print_r($days);exit; $date_array = array(); $date_array[0]['date'] = $start; $date_array[0]['day'] = date('j', $btime); $date_array[0]['time'] = $btime; $date_array[0]['month'] = date('m', $btime); if ($days > 1) { for ($i = 1; $i < $days; $i++) { $date_array[$i]['time'] = $date_array[$i - 1]['time'] + 86400; $date_array[$i]['date'] = date('Y-m-d', $date_array[$i]['time']); $date_array[$i]['day'] = date('j', $date_array[$i]['time']); $date_array[$i]['month'] = date('m', $date_array[$i]['time']); } } //print_r($date_array);exit; $sql = "SELECT id, roomdate, num, status FROM " . tablename('hotel2_room_price'); $sql .= " WHERE 1 = 1"; $sql .= " AND roomid = :roomid"; $sql .= " AND roomdate >= :btime AND roomdate < :etime"; $sql .= " AND status = 1"; $params[':roomid'] = $item['roomid']; $params[':btime'] = $item['btime']; $params[':etime'] = $item['etime']; $room_date_list = pdo_fetchall($sql, $params); if ($room_date_list) { $flag = 1; } else { $flag = 0; } $list = array(); if ($flag == 1) { for ($i = 0; $i < $days; $i++) { $k = $date_array[$i]['time']; foreach ($room_date_list as $p_key => $p_value) { //判断价格表中是否有当天的数据 if ($p_value['roomdate'] == $k) { $list[$k]['status'] = $p_value['status']; if (empty($p_value['num'])) { $list[$k]['num'] = 0; } else { if ($p_value['num'] == -1) { $list[$k]['num'] = "不限"; } else { $list[$k]['num'] = $p_value['num']; } } $list[$k]['has'] = 1; break; } } //价格表中没有当天数据 if (empty($list[$k])) { $list[$k]['num'] = "不限"; $list[$k]['status'] = 1; } } } else { //价格表中没有数据 for ($i = 0; $i < $days; $i++) { $k = $date_array[$i]['time']; $list[$k]['num'] = "不限"; $list[$k]['status'] = 1; } } $member_info = pdo_fetch("SELECT from_user,isauto FROM " . tablename('hotel2_member') . " WHERE id = :id LIMIT 1", array(':id' => $item['memberid'])); include $this->template('order_form'); } else { if ($op == 'delete') { $id = intval($_GPC['id']); $item = pdo_fetch("SELECT id FROM " . tablename('hotel2_order') . " WHERE id = :id LIMIT 1", array(':id' => $id)); if (empty($item)) { message('抱歉,订单不存在或是已经删除!', '', 'error'); } pdo_delete('hotel2_order', array('id' => $id)); message('删除成功!', referer(), 'success'); } elseif ($op == 'deleteall') { foreach ($_GPC['idArr'] as $k => $id) { $id = intval($id); pdo_delete('hotel2_order', array('id' => $id)); } $this->web_message('删除成功!', '', 0); exit; } else { $weid = $_W['uniacid']; $realname = $_GPC['realname']; $mobile = $_GPC['mobile']; $ordersn = $_GPC['ordersn']; $roomtitle = $_GPC['roomtitle']; $hoteltitle = $_GPC['hoteltitle']; $condition = ''; $params = array(); if (!empty($hoteltitle)) { $condition .= ' AND h.title LIKE :hoteltitle'; $params[':hoteltitle'] = "%{$hoteltitle}%"; } if (!empty($roomtitle)) { $condition .= ' AND r.title LIKE :roomtitle'; $params[':roomtitle'] = "%{$roomtitle}%"; } if (!empty($realname)) { $condition .= ' AND o.name LIKE :realname'; $params[':realname'] = "%{$realname}%"; } if (!empty($mobile)) { $condition .= ' AND o.mobile LIKE :mobile'; $params[':mobile'] = "%{$mobile}%"; } if (!empty($ordersn)) { $condition .= ' AND o.ordersn LIKE :ordersn'; $params[':ordersn'] = "%{$ordersn}%"; } if (!empty($hotelid)) { $condition .= " and o.hotelid=" . $hotelid; } if (!empty($roomid)) { $condition .= " and o.roomid=" . $roomid; } $status = $_GPC['status']; if ($status != '') { $condition .= " and o.status=" . intval($status); } $paystatus = $_GPC['paystatus']; if ($paystatus != '') { $condition .= " and o.paystatus=" . intval($paystatus); } $pindex = max(1, intval($_GPC['page'])); $psize = 20; $list = pdo_fetchall("SELECT o.*,h.title as hoteltitle,r.title as roomtitle FROM " . tablename('hotel2_order') . " o left join " . tablename('hotel2') . "h on o.hotelid=h.id left join " . tablename("hotel2_room") . " r on r.id = o.roomid WHERE o.weid = '{$_W['uniacid']}' {$condition} ORDER BY o.id DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize, $params); $total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('hotel2_order') . " o left join " . tablename('hotel2') . "h on o.hotelid=h.id left join " . tablename("hotel2_room") . " r on r.id = o.roomid WHERE o.weid = '{$_W['uniacid']}' {$condition}", $params); $pager = pagination($total, $pindex, $psize); include $this->template('order'); } } }
exit; } //////////////////////////////////////////////// // Image report if (isset($_POST['report']) && check_set('SET_ALLOW_REPORT')) { if (!report_img(cl($_POST['report']))) { echo json_encode(array('status' => 0, 'error' => show_feedback(false))); exit; } echo json_encode(array('status' => 1, 'suc' => show_feedback(false))); exit; } //////////////////////////////////////////////// // admin only code below // check if user is loged in as admin if (!checklogin()) { header('Location: index.php'); exit; } //////////////////////////////////////////////// // database backup if (isset($_POST['act']) && $_POST['act'] == 'backup') { $backup = isset($_POST['id']) ? $_POST['id'] : 1; require_once 'lib/backup.class.php'; if (backup_imgdb($backup)) { echo json_encode(array('status' => 1, 'suc' => show_feedback(false))); exit; } else { echo json_encode(array('status' => 0, 'error' => show_feedback(false))); exit; }
<?php checklogin($_GET["lock"]); $query = "SELECT * FROM `tbl_accounts` WHERE `userid` = " . $_SESSION['GTUserID']; $rs = mysql_query_with_throw($query); $perpage = 20; $currentpage = $_REQUEST['currentpage'] ? $_REQUEST['currentpage'] : '1'; $startrecord = ($currentpage - 1) * $perpage; $totalrows = mysql_num_rows($rs); //echo $query." ORDER BY `add_date` DESC LIMIT $startrecord, $perpage"; $result = mysql_query_with_throw($query . " ORDER BY `add_date` DESC LIMIT {$startrecord}, {$perpage}") or die(mysql_error()); $j = 1; ?> <div class="gt-heading"><p class="sub-heading-label" >Dashboard</p></div> <div class="gt-accountsection"> <h3 class="gt-subheading">Accounts Overview <span style="float:right;"><input type="button" name="button" id="button" value="+ Add New" class="rwsbutton" onclick="javascript:document.location.href='<?php echo $baseurl; ?> index.php?p=add-account&edit=true&add=new'" /><!-- <input type="button" name="button" id="button" value="View All" class="rwsbutton" onclick="javascript:document.location.href='<?php echo $baseurl; ?> index.php?p=accounts'" />--></span></h3> <?php if ($totalrows > 0) { $k = 1; while ($row = mysql_fetch_assoc($result)) { if ($k == 1) { ?> <div class="rws-listtitle">
// You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. // // File: galaxy_new.php include "config/config.php"; updatecookie(); // New database driven language entries load_languages($db, $lang, array('main', 'port', 'galaxy', 'common', 'global_includes', 'global_funcs', 'footer'), $langvars, $db_logging); global $l_map_title; $title = $l_map_title; include "header.php"; ?> <div class="tablecell content both-border"> <div class="pad"> <?php if (checklogin()) { die; } $res = $db->Execute("SELECT * FROM {$db->prefix}ships WHERE ship_id='{$user_ship_id}'"); db_op_result($db, $res, __LINE__, __FILE__, $db_logging); $playerinfo = $res->fields; $result3 = $db->Execute("SELECT distinct {$db->prefix}movement_log.sector_id, port_type, beacon FROM {$db->prefix}movement_log,{$db->prefix}universe WHERE ship_id = {$playerinfo['ship_id']} AND {$db->prefix}movement_log.sector_id={$db->prefix}universe.sector_id order by sector_id ASC;"); db_op_result($db, $result3, __LINE__, __FILE__, $db_logging); $row = $result3->fields; bigtitle(); $tile['special'] = "port-special.png"; $tile['ore'] = "port-ore.png"; $tile['organics'] = "port-organics.png"; $tile['energy'] = "port-energy.png"; $tile['goods'] = "port-goods.png"; $tile['none'] = "space.png";