adminmsg('user_not_exists'); } $uid = $userdb['uid']; } if ($uid) { $sql .= " AND fs.uid=" . S::sqlEscape($uid); } if ($fid) { $sql .= " AND fs.fid=" . S::sqlEscape($fid); } $page < 1 && ($page = 1); $limit = S::sqlLimit(($page - 1) * $db_perpage, $db_perpage); $rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_forumsell fs {$sql}"); $pages = numofpage($rt['sum'], $page, ceil($rt['sum'] / $db_perpage), "{$basename}&uid={$uid}&fid={$fid}&"); $buydb = array(); $query = $db->query("SELECT fs.*,m.username,m.uid FROM pw_forumsell fs LEFT JOIN pw_members m USING(uid) {$sql} ORDER BY fs.overdate DESC {$limit}"); while ($rt = $db->fetch_array($query)) { $rt['buydate'] = get_date($rt['buydate']); $rt['overtime'] = get_date($rt['overdate']); $buydb[] = $rt; } include PrintEot('forumsell'); exit; } elseif ($_POST['action'] == 'del') { S::gp(array('selid')); if (!($selid = checkselid($selid))) { adminmsg('operate_error'); } $db->update("DELETE FROM pw_forumsell WHERE id IN({$selid})"); adminmsg('operate_success'); }
$query = $db->query("SELECT fid,name,allowhtm FROM pw_forums {$sqladd}"); while ($rt = $db->fetch_array($query)) { $num++; $htm_tr = $num % 5 == 0 ? '' : ''; $checked = $rt['allowhtm'] ? 'checked' : ($checked = ''); $tmpName = strip_tags($rt['name'], '<img>'); $forumcheck .= "<li><input type='checkbox' name='selid[]' value='{$rt['fid']}' {$checked}>{$tmpName}</li>{$htm_tr}"; $rt['allowhtm'] && ($select .= "<option value=\"{$rt['fid']}\">{$rt['name']}</option>"); } $forumcheck .= "</ul>"; include PrintEot('creathtm'); exit; } elseif ($_POST['action'] == 'submit') { S::gp(array('selid'), 'P'); $_tmpSelid = $selid; $selid = checkselid($selid); if ($selid === false) { $basename = "javascript:history.go(-1);"; adminmsg('operate_error'); } elseif ($selid == '') { //* $db->update("UPDATE pw_forums SET allowhtm='0' $sqladd"); $db->update(pwQuery::buildClause("UPDATE :pw_table SET allowhtm='0' {$sqladd}", array('pw_forums'))); } elseif ($selid) { //* $db->update("UPDATE pw_forums SET allowhtm='1' $sqladd AND fid IN($selid)"); //* $db->update("UPDATE pw_forums SET allowhtm='0' $sqladd AND fid NOT IN($selid)"); $db->update(pwQuery::buildClause("UPDATE :pw_table SET allowhtm='1' {$sqladd} AND fid IN(:fid)", array('pw_forums', $_tmpSelid))); $db->update(pwQuery::buildClause("UPDATE :pw_table SET allowhtm='0' {$sqladd} AND fid NOT IN(:fid)", array('pw_forums', $_tmpSelid))); } updatecache_f(); adminmsg('operate_success'); } elseif ($action == 'creat') {
${'r_' . $i . '_' . $s} = 'checked'; } include PrintEot('pwcode'); exit; } else { S::gp(array('id', 'name', 'icon', 'pattern', 'param', 'title', 'descrip')); S::gp(array('replace'), 'P', 0); $pattern = implode("\t", $pattern); $db->update("UPDATE pw_windcode" . " SET " . S::sqlSingle(array('name' => $name, 'icon' => $icon, 'pattern' => $pattern, 'replacement' => $replace, 'param' => $param, 'title' => $title, 'descrip' => $descrip)) . " WHERE id=" . S::sqlEscape($id)); //updatecache_wcode(); updatecache_c(); adminmsg("operate_success"); } } elseif ($_POST['action'] == 'submit') { S::gp(array('selid', 'icon')); $delids = checkselid($selid); if ($delids) { $db->update("DELETE FROM pw_windcode WHERE id IN({$delids})"); } adminmsg('operate_success'); } } elseif ($adminitem == 'commonsmile') { if (empty($action)) { $facedb = array(); //type=0:使用的分类 type=-1:未启用的分类 $query = $db->query("SELECT * FROM pw_smiles WHERE type=0 OR type=-1 ORDER BY vieworder"); $maxOrder = 1; while ($postcache = $db->fetch_array($query)) { $facedb[] = $postcache; if ($postcache['vieworder'] >= $maxOrder) { $maxOrder = $postcache['vieworder'] + 1;
} $grouplist = str_replace("<option value=\"{$gid}\">", "<option value=\"{$gid}\" selected>", $groupstitle); $togrouplist = str_replace("<option value=\"{$men['togid']}\">", "<option value=\"{$men['togid']}\" selected>", $groupstitle); include PrintEot('uptime'); exit; } elseif ($_POST['step'] == 3) { PostCheck($verify); InitGP(array('togid', 'days', 'treset'), 'P'); $gid == 3 && !If_manager && adminmsg('manager_right'); $gid == $togid && adminmsg('gid_same'); $rt = $db->get_one("SELECT * FROM pw_extragroups WHERE uid=" . pwEscape($uid) . "AND gid=" . pwEscape($gid)); (int) $days < 1 && ($days = 30); if ($rt) { $sql = $treset ? ",startdate=" . pwEscape($timestamp) : ''; $db->update('UPDATE pw_extragroups SET days=' . pwEscape($days) . ',togid=' . pwEscape($togid) . " {$sql} WHERE uid=" . pwEscape($uid) . 'AND gid=' . pwEscape($gid)); } else { $db->update("INSERT INTO pw_extragroups" . " SET " . pwSqlSingle(array('uid' => $uid, 'gid' => $gid, 'togid' => $togid, 'startdate' => $timestamp, 'days' => $days))); } adminmsg('operate_success'); } } elseif ($_POST['action'] == 'del') { PostCheck($verify); InitGP(array('selid'), 'P'); (!$selid || !is_array($selid)) && adminmsg('operate_error'); foreach ($selid as $gid => $value) { if ($uids = checkselid($value)) { $db->update("DELETE FROM pw_extragroups WHERE gid=" . pwEscape($gid) . "AND uid IN({$uids})"); } } adminmsg('operate_success'); }
InitGP(array('id')); @extract($db->get_one("SELECT name,value FROM pw_setform WHERE id=" . pwEscape($id))); !$name && adminmsg('operate_error'); $setform = unserialize($value); $num = count($setform); include PrintEot('setform'); exit; } else { InitGP(array('id', 'name', 'value', 'descipt'), 'P'); (!$name || !$value) && adminmsg('setform_empty'); $setform = array(); foreach ($value as $k => $v) { $setform[] = array($v, $descipt[$k]); } $setform = serialize($setform); $db->update("UPDATE pw_setform SET" . pwSqlSingle(array('name' => $name, 'value' => $setform)) . "WHERE id=" . pwEscape($id)); updatecache_form(); adminmsg("operate_success"); } } elseif ($_POST['action'] == 'del') { InitGP(array('selid', 'ifopen'), 'P'); if ($selid = checkselid($selid)) { $db->update("DELETE FROM pw_setform WHERE id IN({$selid})"); } $db->update("UPDATE pw_setform SET ifopen='0'"); if ($ifopen = checkselid($ifopen)) { $db->update("UPDATE pw_setform SET ifopen='1' WHERE id IN({$ifopen})"); } updatecache_form(); adminmsg("operate_success"); }