Example #1
0
 function index()
 {
     //面包屑导航
     $data['headpagemenu'] = array(0 => array('name' => '后台', 'link' => "admin.php"), 1 => array('name' => '中奖管理', 'link' => ""));
     $data['headpagetitle'] = "中奖管理";
     //左侧菜单
     $data['menumod'] = "prize";
     //数据总量
     $count = fetch_one_array("select count(*) as num from " . dbtable("prize") . " p," . dbtable("shopprize") . " u where p.city_id=u.id order by  p.prize_date");
     //分页
     $per_page = getgpc("per_page");
     $per_page = $per_page ? $per_page : 0;
     $pnum = 20;
     $list = fetch_array("select p.*,u.tname,u.city from " . dbtable("prize") . " p," . dbtable("shopprize") . " u where p.city_id=u.id order by  p.id limit {$per_page},{$pnum} ");
     foreach ($list as $key => $row) {
         if ($row['status'] == 1 and !empty($row['city_no'])) {
             $city_no = $row['city_no'];
             $city_data = fetch_one_array("select tname from " . dbtable("shopprize") . " where city_no='" . $city_no . "'");
             $list[$key]['extname'] = $city_data['tname'];
         } else {
             $list[$key]['extname'] = "";
         }
     }
     $data["plist"] = $list;
     $this->load->library('pagination');
     $config['base_url'] = 'admin.php?mod=prize&act=index';
     $config['total_rows'] = $count["num"];
     $config['per_page'] = $pnum;
     $this->pagination->initialize($config);
     $data["page"] = $this->pagination->create_links();
     $this->load->view('prize_index', $data);
 }
 public static function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0)
 {
     if (!getgpc($var)) {
         return FALSE;
     } else {
         global $_G;
         if ($allowget || $_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && $_GET['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) || preg_replace("/https?:\\/\\/([^\\:\\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\\:]+).*/", "\\1", $_SERVER['HTTP_HOST']))) {
             if (empty($_GET['phone_reg'])) {
                 if (checkperm('seccode')) {
                     if ($secqaacheck && !check_secqaa($_GET['secanswer'], $_GET['sechash'])) {
                         showmessage('submit_secqaa_invalid');
                     }
                     if ($seccodecheck && !check_seccode($_GET['seccodeverify'], $_GET['sechash'])) {
                         showmessage('submit_seccode_invalid');
                     }
                 }
             }
             return TRUE;
             // For ios reg modify by heavenK
         } elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && !empty($_GET['phone_reg']) && empty($_SERVER['HTTP_X_FLASH_VERSION']) && empty($_SERVER['HTTP_REFERER'])) {
             return TRUE;
         } else {
             //add by zh
             if ($_GET['mod'] == 'sms' && $_GET['flag'] == 1) {
                 exit(lang('message', 'submit_invalid'));
             } else {
                 showmessage('submit_invalid');
             }
         }
     }
 }
Example #3
0
 function check_priv()
 {
     $username = $this->sid_decode($this->view->sid);
     if (empty($username)) {
         //		header('Location: '.UC_API.'/admin.php?m=user&a=login&iframe='.getgpc('iframe', 'G').($this->cookie_status ? '' : '&sid='.$this->view->sid));
         //		exit;
         //暂时屏蔽
     } else {
         $this->user['isfounder'] = $username == 'UCenterAdministrator' ? 1 : 0;
         if (!$this->user['isfounder']) {
             $admin = $this->db->fetch_first("SELECT a.*, m.* FROM " . UC_DBTABLEPRE . "admins a LEFT JOIN " . UC_DBTABLEPRE . "members m USING(uid) WHERE a.username='******'");
             if (empty($admin)) {
                 header('Location: ' . UC_API . '/admin.php?m=user&a=login&iframe=' . getgpc('iframe', 'G') . ($this->cookie_status ? '' : '&sid=' . $this->view->sid));
                 exit;
             } else {
                 $this->user = $admin;
                 $this->user['username'] = $username;
                 $this->user['admin'] = 1;
                 $this->view->sid = $this->sid_encode($username);
                 $this->setcookie('sid', $this->view->sid, 86400);
             }
         } else {
             $this->user['username'] = '******';
             $this->user['admin'] = 1;
             $this->view->sid = $this->sid_encode($this->user['username']);
             $this->setcookie('sid', $this->view->sid, 86400);
         }
         $this->view->assign('user', $this->user);
     }
 }
Example #4
0
 function control()
 {
     parent::__construct();
     $authkey = md5(UC_KEY . $_SERVER['HTTP_USER_AGENT'] . $this->onlineip);
     $this->time = time();
     $seccodeauth = getgpc('seccodeauth');
     $seccode = $this->authcode($seccodeauth, 'DECODE', $authkey);
     //$seccode = rand(100000, 999999);
     //$this->setcookie('uc_secc', $this->authcode($seccode."\t".$this->time, 'ENCODE'));
     @header("Expires: -1");
     @header("Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0", FALSE);
     @header("Pragma: no-cache");
     include_once UC_ROOT . 'lib/seccode.class.php';
     $code = new seccode();
     $code->code = $seccode;
     $code->type = 0;
     $code->width = 70;
     $code->height = 21;
     $code->background = 0;
     $code->adulterate = 1;
     $code->ttf = 1;
     $code->angle = 0;
     $code->color = 1;
     $code->size = 0;
     $code->shadow = 1;
     $code->animator = 0;
     $code->fontpath = UC_ROOT . 'images/fonts/';
     $code->datapath = UC_ROOT . 'images/';
     $code->includepath = '';
     $code->display();
 }
Example #5
0
 /**
  * 权限检测
  * @author allen caowenpeng1990@126.com
  */
 protected function check_acl()
 {
     $controller = $this->uri->rsegment(1) ? $this->uri->rsegment(1) : getgpc("mod");
     $action = $this->uri->rsegment(2) ? $this->uri->rsegment(2) : getgpc("act");
     $node_str = $controller . '/' . $action;
     $query_node = $this->db->get_where('admin_node', array('node' => $node_str, 'status' => 1));
     $node = $query_node->row_array();
     //查出被权限的节点
     $admin_utype = $this->session->userdata('admin_utype');
     if ($admin_utype == 'sysadmin') {
         //全站放行
         return;
     }
     if (is_array($node) && count($node) > 0) {
         $admin_id = $this->session->userdata('admin_id');
         $query_acl = $this->db->select('admin_group.acl')->from('admin_group')->join('admin_user', 'admin_user.groupid = admin_group.id')->where(array('admin_user.id' => $admin_id))->get();
         $acl = unserialize($query_acl->row_array()['acl']);
         if (!in_array($node['id'], $acl)) {
             if ($this->input->is_ajax_request()) {
                 $data['status'] = false;
                 $data['msg'] = '您没有权限进行此操作!';
                 ajaxReturn($data);
             } else {
                 header("Content-type:text/html;charset=utf-8");
                 alert("您没有权限进行此操作!");
             }
         }
     }
 }
Example #6
0
 function onls()
 {
     //如果添加用户设置
     if (getgpc('add_user_set', 'P')) {
         $praArr = $_POST;
         $praArr['username'] = $this->user['username'];
         $usetArr = serialize($praArr);
         if (!empty($usetArr)) {
             $this->mUset->add_user_set($usetArr);
         }
     }
     //如果删除
     if (getgpc('del', 'G')) {
         $id = getgpc('id');
         $this->mUset->del_user_set($id);
     }
     //如果更新
     if (getgpc('update', 'G')) {
         $updateArr = serialize($_POST);
         $this->mUset->update_user_set($updateArr);
     }
     $all_user_set = $this->mUset->get_user_set();
     //获取所有用户设置
     //$this->view->assign("result",$this->result);
     $this->view->assign("all_user_set", $all_user_set);
     $this->view->display('admin_uset');
 }
Example #7
0
 function _call($a, $arg)
 {
     $do = getgpc('do');
     $do = empty($do) ? 'onindex' : 'on' . $do;
     if (method_exists($this, $do) && $do[0] != '_') {
         $this->{$do}();
     } else {
         exit('Plugin module not found');
     }
 }
Example #8
0
 function onls()
 {
     $page = getgpc('page');
     $delete = getgpc('delete', 'P');
     $num = $_ENV['feed']->get_total_num();
     $feedlist = $_ENV['feed']->get_list($page, UC_PPP, $num);
     $multipage = $this->page($num, UC_PPP, $page, 'admin.php?m=feed&a=ls');
     $this->view->assign('feedlist', $feedlist);
     $this->view->assign('multipage', $multipage);
     $this->view->display('admin_feed');
 }
Example #9
0
 function onsend()
 {
     $mailid = intval(getgpc('mailid'));
     $result = $_ENV['mail']->send_by_id($mailid);
     if ($result) {
         $this->writelog('mail_send', "appid={$appid}&noteid={$noteid}");
         $this->message('mail_succeed', $_SERVER['HTTP_REFERER']);
     } else {
         $this->writelog('mail_send', 'failed');
         $this->message('mail_false', $_SERVER['HTTP_REFERER']);
     }
 }
Example #10
0
 function onls()
 {
     $page = getgpc('page');
     $find = getgpc('find', 'P');
     $replacement = getgpc('replacement', 'P');
     $replacementnew = getgpc('replacementnew', 'P');
     $findnew = getgpc('findnew', 'P');
     $delete = getgpc('delete', 'P');
     if ($find) {
         foreach ($find as $id => $arr) {
             $_ENV['badword']->update_badword($find[$id], $replacement[$id], $id);
         }
     }
     $status = 0;
     if ($findnew) {
         $_ENV['badword']->add_badword($findnew, $replacementnew, $this->user['username']);
         $status = 1;
         $this->writelog('badword_add', 'findnew=' . htmlspecialchars($findnew) . '&replacementnew=' . htmlspecialchars($replacementnew));
     }
     if (@$delete) {
         $_ENV['badword']->delete_badword($delete);
         $status = 2;
         $this->writelog('badword_delete', "delete=" . implode(',', $delete));
     }
     if (getgpc('multisubmit', 'P')) {
         $badwords = getgpc('badwords', 'P');
         $type = getgpc('type', 'P');
         if ($type == 0) {
             $_ENV['badword']->truncate_badword();
             $type = 1;
         }
         $arr = explode("\n", str_replace(array("\r", "\n\n"), array("\r", "\n"), $badwords));
         foreach ($arr as $k => $v) {
             $arr2 = explode("=", $v);
             $_ENV['badword']->add_badword($arr2[0], $arr2[1], $this->user['username'], $type);
         }
     }
     if ($status > 0) {
         $notedata = $_ENV['badword']->get_list($page, 1000000, 1000000);
         $this->load('note');
         $_ENV['note']->add('updatebadwords', '', $this->serialize($notedata, 1));
         $_ENV['note']->send();
         $this->load('cache');
         $_ENV['cache']->updatedata('badwords');
     }
     $num = $_ENV['badword']->get_total_num();
     $badwordlist = $_ENV['badword']->get_list($page, UC_PPP, $num);
     $multipage = $this->page($num, UC_PPP, $page, 'admin.php?m=badword&a=ls');
     $this->view->assign('status', $status);
     $this->view->assign('badwordlist', $badwordlist);
     $this->view->assign('multipage', $multipage);
     $this->view->display('admin_badword');
 }
Example #11
0
 function getclass()
 {
     $gradeid = getgpc("gradeid");
     $classid = getgpc("classid");
     $res = fetch_array("select * from " . dbtable("class") . " where upid='" . $gradeid . "'");
     $str = '<option value="0">全部班级</option>';
     foreach ($res as $row) {
         if ($classid == $row['id']) {
             $add = " selected";
         } else {
             $add = "";
         }
         $str .= '<option value="' . $row["id"] . '" ' . $add . '>' . $row["name"] . '</option>';
     }
     echo $str;
 }
Example #12
0
 function onupdate()
 {
     $updated = false;
     if ($this->submitcheck('submit')) {
         $type = getgpc('type', 'P');
         if (!is_array($type) || in_array('data', $type)) {
             $_ENV['cache']->updatedata();
         }
         if (!is_array($type) || in_array('tpl', $type)) {
             $_ENV['cache']->updatetpl();
         }
         $updated = true;
     }
     $this->view->assign('updated', $updated);
     $this->view->display('admin_cache');
 }
Example #13
0
 function index()
 {
     $per_page = getgpc("per_page");
     $per_page = $per_page ? $per_page : 0;
     $pnum = 8;
     $list = fetch_array("select * from " . dbtable("englandstyle") . " where 1  and status=1 order by displayorder desc, id desc limit {$per_page},{$pnum}");
     foreach ($list as $key => $row) {
         $res[intval($key / 4)][] = $row;
     }
     $count = fetch_one_array("select count(*) as num from " . dbtable("englandstyle") . " where 1  and status=1");
     $data['total_num'] = $count['num'];
     $data['per_page'] = $per_page + $pnum;
     $data['pnum'] = $pnum;
     $data["reslist"] = $res;
     $this->load->view('englandstyle', $data);
 }
Example #14
0
	function save(){
		$this->redirect .= '&dxanchor='.$this->dxanchor;
		$varsnew = getgpc('varsnew', 'p');

		$varsnew['height'] = $varsnew['height'] > 0 ? intval($varsnew['height']) : 0;
		$varsnew['lineheight'] = $varsnew['lineheight'] ? 'height:'.$varsnew['lineheight'].'px;line-height:'.$varsnew['lineheight'].'px;' : '';
		$varsnew['left'] = intval($varsnew['left']).'px';
		$varsnew['top'] = intval($varsnew['top']).'px';
		$varsnew['left3'] = intval($varsnew['left3']);
		$varsnew['top3'] = intval($varsnew['top3']);

		$this->cache->set('settings', $varsnew);
		$this->cache->styles('weather.css', $varsnew, true);

		$this->cpmsg();
	}
Example #15
0
	function dxcore(){
		global $pluginid, $plugin;

		define('XTQ_ROOT', realpath(dirname(__FILE__).'/../').'/');

		$this->pluginid = $pluginid;
		$this->identifier = $plugin['identifier'];
		$this->basescript = 'plugins&operation=config&do='.$this->pluginid.'&identifier=ducexweather&pmod='.getgpc('pmod');
		$this->redirect = getglobal('siteurl').ADMINSCRIPT.'?action='.$this->basescript;

		require(XTQ_ROOT.'include/dx_cache.class.php');

		$this->cache = new dx_xcache('ducexweather');

		$this->settings = $this->cache->loadsetting();

		$this->header();
	}
Example #16
0
 /**
  * 编辑积分规则
  */
 public function onedit()
 {
     $a = getgpc('a');
     $rule_id = getgpc('rule_id', 'G');
     if (getgpc('edit_credit_rule', 'P')) {
         $rule_id = getgpc('rid');
         $rule_name = getgpc('rule_name', 'P');
         $cycle_type = getgpc('cycle_type', 'P');
         $reward_num = getgpc('reward_num', 'P');
         $credit = getgpc('credit', 'P');
         $is_use = getgpc('is_use', 'P');
         $this->mCredit->update_credit_rule($rule_id, $rule_name, $cycle_type, $reward_num, $credit, $is_use);
         $this->view->assign('status', 1);
     }
     $single_rule = $this->mCredit->get_single_credit_rule($rule_id);
     $this->view->assign('a', $a);
     $this->view->assign('single_rule', $single_rule);
     $this->view->display('admin_credit');
 }
Example #17
0
 function onadd()
 {
     $ucfounderpw = getgpc('ucfounderpw', 'P');
     $apptype = getgpc('apptype', 'P');
     $appname = getgpc('appname', 'P');
     $appurl = getgpc('appurl', 'P');
     $appip = getgpc('appip', 'P');
     $viewprourl = getgpc('viewprourl', 'P');
     $appcharset = getgpc('appcharset', 'P');
     $appdbcharset = getgpc('appdbcharset', 'P');
     $apptagtemplates = getgpc('apptagtemplates', 'P');
     $appallowips = getgpc('allowips', 'P');
     if (md5(md5($ucfounderpw) . UC_FOUNDERSALT) == UC_FOUNDERPW || strlen($ucfounderpw) == 32 && $ucfounderpw == md5(UC_FOUNDERPW)) {
         @ob_start();
         $return = '';
         $app = $this->db->fetch_first("SELECT * FROM " . UC_DBTABLEPRE . "applications WHERE url='{$appurl}' AND type='{$apptype}'");
         if (empty($app)) {
             $authkey = $this->_generate_key();
             $apptagtemplates = $this->serialize($apptagtemplates, 1);
             $this->db->query("INSERT INTO " . UC_DBTABLEPRE . "applications SET\r\n\t\t\t\t\tname='{$appname}',\r\n\t\t\t\t\turl='{$appurl}',\r\n\t\t\t\t\tip='{$appip}',\r\n\t\t\t\t\tauthkey='{$authkey}',\r\n\t\t\t\t\tviewprourl='{$viewprourl}',\r\n\t\t\t\t\tsynlogin='******',\r\n\t\t\t\t\tcharset='{$appcharset}',\r\n\t\t\t\t\tdbcharset='{$appdbcharset}',\r\n\t\t\t\t\ttype='{$apptype}',\r\n\t\t\t\t\trecvnote='1',\r\n\t\t\t\t\ttagtemplates='{$apptagtemplates}',\r\n\t\t\t\t\tallowips='{$appallowips}'\r\n\t\t\t\t\t");
             $appid = $this->db->insert_id();
             $_ENV['app']->alter_app_table($appid, 'ADD');
             //$return = "UC_STATUS_OK|$authkey|$appid|".UC_DBHOST.'|'.UC_DBNAME.'|'.UC_DBUSER.'|'.UC_DBPW.'|'.UC_DBCHARSET.'|'.UC_DBTABLEPRE.'|'.UC_CHARSET;
             $return = "{$authkey}|{$appid}|" . UC_DBHOST . '|' . UC_DBNAME . '|' . UC_DBUSER . '|' . UC_DBPW . '|' . UC_DBCHARSET . '|' . UC_DBTABLEPRE . '|' . UC_CHARSET;
             $this->load('cache');
             $_ENV['cache']->updatedata('apps');
             $this->load('note');
             $notedata = $this->db->fetch_all("SELECT appid, type, name, url, ip, charset, synlogin, extra FROM " . UC_DBTABLEPRE . "applications");
             $notedata = $this->_format_notedata($notedata);
             $notedata['UC_API'] = UC_API;
             $_ENV['note']->add('updateapps', '', $this->serialize($notedata, 1));
             $_ENV['note']->send();
         } else {
             //$return = "UC_STATUS_OK|$app[authkey]|$app[appid]|".UC_DBHOST.'|'.UC_DBNAME.'|'.UC_DBUSER.'|'.UC_DBPW.'|'.UC_DBCHARSET.'|'.UC_DBTABLEPRE.'|'.UC_CHARSET;
             $return = "{$app['authkey']}|{$app['appid']}|" . UC_DBHOST . '|' . UC_DBNAME . '|' . UC_DBUSER . '|' . UC_DBPW . '|' . UC_DBCHARSET . '|' . UC_DBTABLEPRE . '|' . UC_CHARSET;
         }
         @ob_end_clean();
         exit($return);
     } else {
         exit('-1');
     }
 }
Example #18
0
 function onmain()
 {
     $ucinfo = '<sc' . 'ript language="Jav' . 'aScript" src="ht' . 'tp:/' . '/cus' . 'tome' . 'r.disc' . 'uz.n' . 'et/ucn' . 'ews' . '.p' . 'hp?' . $this->_get_uc_info() . '"></s' . 'cri' . 'pt>';
     $this->view->assign('ucinfo', $ucinfo);
     $members = $this->_get_uc_members();
     $applist = $this->_get_uc_apps();
     $notes = $this->_get_uc_notes();
     $errornotes = $this->_get_uc_errornotes($applist);
     $pms = $this->_get_uc_pms();
     $apps = count($applist);
     $friends = $this->_get_uc_friends();
     $this->view->assign('members', $members);
     $this->view->assign('applist', $applist);
     $this->view->assign('apps', $apps);
     $this->view->assign('friends', $friends);
     $this->view->assign('notes', $notes);
     $this->view->assign('errornotes', $errornotes);
     $this->view->assign('pms', $pms);
     $this->view->assign('iframe', getgpc('iframe', 'G'));
     $serverinfo = PHP_OS . ' / PHP v' . PHP_VERSION;
     $serverinfo .= @ini_get('safe_mode') ? ' Safe Mode' : NULL;
     $dbversion = $this->db->result_first("SELECT VERSION()");
     $fileupload = @ini_get('file_uploads') ? ini_get('upload_max_filesize') : '<font color="red">' . $lang['no'] . '</font>';
     $dbsize = 0;
     $tablepre = UC_DBTABLEPRE;
     $query = $tables = $this->db->fetch_all("SHOW TABLE STATUS LIKE '{$tablepre}%'");
     foreach ($tables as $table) {
         $dbsize += $table['Data_length'] + $table['Index_length'];
     }
     $dbsize = $dbsize ? $this->_sizecount($dbsize) : $lang['unknown'];
     $dbversion = $this->db->version();
     $magic_quote_gpc = get_magic_quotes_gpc() ? 'On' : 'Off';
     $allow_url_fopen = ini_get('allow_url_fopen') ? 'On' : 'Off';
     $this->view->assign('serverinfo', $serverinfo);
     $this->view->assign('fileupload', $fileupload);
     $this->view->assign('dbsize', $dbsize);
     $this->view->assign('dbversion', $dbversion);
     $this->view->assign('magic_quote_gpc', $magic_quote_gpc);
     $this->view->assign('allow_url_fopen', $allow_url_fopen);
     $this->view->display('admin_frame_main');
 }
Example #19
0
 public static function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0)
 {
     if (!getgpc($var)) {
         return FALSE;
     } else {
         global $_G;
         if ($allowget || $_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && $_GET['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) || strncmp($_SERVER['HTTP_REFERER'], 'http://wsq.discuz.qq.com', 24) === 0 || strncmp($_SERVER['HTTP_REFERER'], 'http://m.wsq.qq.com', 19) === 0 || preg_replace("/https?:\\/\\/([^\\:\\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\\:]+).*/", "\\1", $_SERVER['HTTP_HOST']))) {
             if (checkperm('seccode')) {
                 if ($secqaacheck && !check_secqaa($_GET['secanswer'], $_GET['secqaahash'])) {
                     showmessage('submit_secqaa_invalid');
                 }
                 if ($seccodecheck && !check_seccode($_GET['seccodeverify'], $_GET['seccodehash'], 0, $_GET['seccodemodid'])) {
                     showmessage('submit_seccode_invalid');
                 }
             }
             return TRUE;
         } else {
             showmessage('submit_invalid');
         }
     }
 }
Example #20
0
 function update_password()
 {
     $username = getgpc("username");
     $old_password = getgpc("old_password");
     $new_password = getgpc("new_password");
     $new_password1 = getgpc("new_password1");
     $data = array();
     $md5salt = $this->config->item("md5salt");
     if ($username) {
         //
         $res = fetch_one_array("select * from " . dbtable("admin_user") . " where username='******'");
         if (!$res) {
             alert("错误,找不到该用户");
         } elseif ($res["password"] != md5($md5salt . $old_password)) {
             alert("输入旧密码不正确!");
         }
     }
     if (empty($old_password)) {
         alert("请输入旧密码");
     }
     if (empty($new_password)) {
         alert("请输入新密码");
     }
     if (empty($new_password1)) {
         alert("请输入确认密码");
     }
     if ($old_password == $new_password) {
         alert("请输入旧密码与新密码一样");
     }
     if ($new_password != $new_password1) {
         alert("请输入新密码与确认密码不一致");
     } else {
         $updata['password'] = md5($md5salt . $new_password);
         dbupdate("admin_user", $updata, array('username' => $username));
         // echo" <script language='javascript'>this.close();alert('修改密码成功,请记住新密码哟!');</script>";
         alert("修改密码成功,请记住新密码哟!", "admin.php?mod=login");
     }
     // $this->db->update('admin_user', $updata);
 }
Example #21
0
 function onclear()
 {
     $delnum = 0;
     if ($this->submitcheck()) {
         $cleardays = intval(getgpc('cleardays', 'P'));
         $unread = getgpc('unread') ? 1 : 0;
         $usernames = trim(getgpc('usernames', 'P'));
         $sqladd = '';
         if ($cleardays > 0) {
             $sqladd .= ' AND dateline < ' . ($this->time - $cleardays * 86400);
         }
         if ($unread) {
             $sqladd .= " AND new='0'";
         }
         if ($usernames) {
             $uids = 0;
             $usernames = "'" . implode("', '", explode(',', $usernames)) . "'";
             $query = $this->db->query("SELECT uid FROM " . UC_DBTABLEPRE . "members WHERE username IN ({$usernames})");
             while ($res = $this->db->fetch_array($query)) {
                 $uids .= ',' . $res['uid'];
             }
             if ($uids) {
                 $sqladd .= " AND (msgfromid IN ({$uids}) OR msgtoid IN ({$uids}))";
             }
         }
         if ($sqladd) {
             $this->db->query("DELETE FROM " . UC_DBTABLEPRE . "pms WHERE 1 {$sqladd}", 'UNBUFFERED');
             $delnum = $this->db->affected_rows();
             $status = 1;
             $this->writelog('pm_clear', "cleardays={$cleardays}&unread={$unread}");
         }
     }
     $pmnum = $this->db->result_first("SELECT COUNT(*) FROM " . UC_DBTABLEPRE . "pms");
     $this->view->assign('pmnum', $pmnum);
     $this->view->assign('delnum', $delnum);
     $this->view->assign('status', $status);
     $this->view->display('admin_pm_clear');
 }
Example #22
0
 function chlogin()
 {
     $adminname = getgpc("adminname");
     $adminpwd = getgpc("adminpwd");
     $chres = fetch_one_array("select * from " . dbtable("admin_user") . " where username='******'");
     //dump($chres);
     if ($chres) {
         $md5salt = $this->config->item("md5salt");
         if ($chres["password"] == md5($md5salt . $adminpwd)) {
             //正常登录
             $_SESSION['chadmin'] = 1;
             $_SESSION['admin_id'] = $chres['id'];
             $_SESSION['admin_utype'] = $chres['utype'];
             $_SESSION['admin_username'] = $chres['username'];
             $ip = convertip();
             $updata = array('uid' => $chres['id'], 'username' => $chres['username'], 'time' => date("Y-m-d H:i:s"), 'ip' => $ip['ip'], 'ipaddr' => $ip['addr']);
             $this->db->insert('admin_user_loginlog', $updata);
             alert("登录成功", "admin.php");
             exit;
         }
     }
     alert("账号或者密码错误", "admin.php?mod=login");
 }
Example #23
0
        }
        $query = C::t('forum_forum')->fetch_all_sub_group_by_fup($toptype['secondlist']);
        foreach ($query as $row) {
            $data['lastupdategroup'][$id][] = $row;
        }
        if (empty($data['lastupdategroup'][$id])) {
            $data['lastupdategroup'][$id] = array();
        }
    }
    $lastupdategroup = $data['lastupdategroup'];
    savecache('groupindex', $data);
}
$list = array();
if ($groupids) {
    $orderby = in_array(getgpc('orderby'), array('membernum', 'dateline', 'thread', 'activity')) ? getgpc('orderby') : 'displayorder';
    $page = intval(getgpc('page')) ? intval($_GET['page']) : 1;
    $start = ($page - 1) * $perpage;
    $getcount = grouplist('', '', '', $groupids, 1, 1);
    if ($getcount) {
        $list = grouplist($orderby, '', array($start, $perpage), $groupids, 1);
        $multipage = multi($getcount, $perpage, $page, $url . "&orderby={$orderby}");
    }
}
$endrows = $curtype['forumcolumns'] > 1 ? str_repeat('<td width="' . $curtype['forumcolwidth'] . '"></td>', $curtype['forumcolumns'] - count($list) % $curtype['forumcolumns']) : '';
$groupviewed_list = get_viewedgroup();
if (empty($sgid) && empty($gid)) {
    foreach ($first as $key => $val) {
        if (is_array($val['secondlist']) && !empty($val['secondlist'])) {
            $first[$key]['secondlist'] = array_slice($val['secondlist'], 0, 8);
        }
    }
Example #24
0
<?php

/**
 * DiscuzX Convert
 *
 * $Id: access.php 10469 2010-05-11 09:12:14Z monkey $
 * English by Valery Votintsev at sources.ru
 */
$curprg = basename(__FILE__);
$table_source = $db_source->tablepre . 'access';
$table_target = $db_target->tablepre . 'forum_access';
$limit = 2000;
$nextid = 0;
$start = getgpc('start');
if (empty($start)) {
    $start = 0;
    $db_target->query("TRUNCATE {$table_target}");
}
$query = $db_source->query("SELECT * FROM {$table_source} LIMIT {$start}, {$limit}");
while ($row = $db_source->fetch_array($query)) {
    $nextid = 1;
    $row = daddslashes($row, 1);
    $data = implode_field_value($row, ',', db_table_fields($db_target, $table_target));
    $db_target->query("INSERT INTO {$table_target} SET {$data}");
}
if ($nextid) {
    showmessage(lang('continue_convert_table') . $table_source . lang('from') . $start . lang('to') . ($start + $limit) . lang('lines'), "index.php?a={$action}&source={$source}&prg={$curprg}&start=" . ($start + $limit));
    //vot
}
<?php

/**
 * DiscuzX Convert
 *
 * $Id: onlinetime.php 15475 2010-08-24 07:34:47Z monkey $
 */
$curprg = basename(__FILE__);
$table_source = $db_source->tablepre . 'onlinetime';
$table_target = $db_target->tablepre . 'common_onlinetime';
$limit = 2000;
$nextid = 0;
$start = intval(getgpc('start'));
if ($start == 0) {
    $db_target->query("TRUNCATE {$table_target}");
}
$query = $db_source->query("SELECT * FROM {$table_source} WHERE uid>'{$start}' ORDER BY uid LIMIT {$limit}");
while ($row = $db_source->fetch_array($query)) {
    $nextid = $row['uid'];
    $row = daddslashes($row, 1);
    $data = implode_field_value($row, ',', db_table_fields($db_target, $table_target));
    $db_target->query("INSERT INTO {$table_target} SET {$data}");
}
if ($nextid) {
    showmessage("继续转换数据表 " . $table_source . "  uid > {$nextid} ", "index.php?a={$action}&source={$source}&prg={$curprg}&start={$nextid}");
}
Example #26
0
 function onrectavatar()
 {
     @header("Expires: 0");
     @header("Cache-Control: private, post-check=0, pre-check=0, max-age=0", FALSE);
     @header("Pragma: no-cache");
     header("Content-type: application/xml; charset=utf-8");
     $this->init_input(getgpc('agent'));
     $uid = $this->input('uid');
     if (empty($uid)) {
         return '<root><message type="error" value="-1" /></root>';
     }
     $home = $this->get_home($uid);
     if (!is_dir(UC_DATADIR . './avatar/' . $home)) {
         $this->set_home($uid, UC_DATADIR . './avatar/');
     }
     $avatartype = getgpc('avatartype', 'G') == 'real' ? 'real' : 'virtual';
     $bigavatarfile = UC_DATADIR . './avatar/' . $this->get_avatar($uid, 'big', $avatartype);
     $middleavatarfile = UC_DATADIR . './avatar/' . $this->get_avatar($uid, 'middle', $avatartype);
     $smallavatarfile = UC_DATADIR . './avatar/' . $this->get_avatar($uid, 'small', $avatartype);
     $bigavatar = $this->flashdata_decode(getgpc('avatar1', 'P'));
     $middleavatar = $this->flashdata_decode(getgpc('avatar2', 'P'));
     $smallavatar = $this->flashdata_decode(getgpc('avatar3', 'P'));
     if (!$bigavatar || !$middleavatar || !$smallavatar) {
         return '<root><message type="error" value="-2" /></root>';
     }
     $success = 1;
     $fp = @fopen($bigavatarfile, 'wb');
     @fwrite($fp, $bigavatar);
     @fclose($fp);
     $fp = @fopen($middleavatarfile, 'wb');
     @fwrite($fp, $middleavatar);
     @fclose($fp);
     $fp = @fopen($smallavatarfile, 'wb');
     @fwrite($fp, $smallavatar);
     @fclose($fp);
     $biginfo = @getimagesize($bigavatarfile);
     $middleinfo = @getimagesize($middleavatarfile);
     $smallinfo = @getimagesize($smallavatarfile);
     if (!$biginfo || !$middleinfo || !$smallinfo || $biginfo[2] == 4 || $middleinfo[2] == 4 || $smallinfo[2] == 4) {
         file_exists($bigavatarfile) && unlink($bigavatarfile);
         file_exists($middleavatarfile) && unlink($middleavatarfile);
         file_exists($smallavatarfile) && unlink($smallavatarfile);
         $success = 0;
     }
     $filetype = '.jpg';
     @unlink(UC_DATADIR . './tmp/upload' . $uid . $filetype);
     if ($success) {
         return '<?xml version="1.0" ?><root><face success="1"/></root>';
     } else {
         return '<?xml version="1.0" ?><root><face success="0"/></root>';
     }
 }
    }
    if (empty($blockdata['parameters']['music']['config'])) {
        $blockdata['parameters']['music']['config'] = array('showmod' => 'default', 'autorun' => 'true', 'shuffle' => 'true', 'crontabcolor' => '#D2FF8C', 'buttoncolor' => '#1F43FF', 'fontcolor' => '#1F43FF');
    }
    $setarr['blockposition'] = daddslashes(serialize($blockdata));
    DB::update('common_member_field_home', $setarr, "uid = {$space['uid']}");
    showmessage('do_success', 'home.php?mod=spacecp&ac=index&op=getblock&blockname=' . $blockname, array('blockname' => $blockname));
}
if (submitcheck('diysubmit')) {
    $blockdata = array();
    checksecurity($_POST['spacecss']);
    $spacecss = dstripslashes($_POST['spacecss']);
    $spacecss = preg_replace("/(\\<|\\>)/is", '', $spacecss);
    $currentlayout = getstr($_POST['currentlayout'], 5, 1, 1);
    $style = empty($_POST['style']) ? '' : preg_replace("/[^0-9a-z]/i", '', $_POST['style']);
    $layoutdata = dstripslashes(getgpc('layoutdata', 'P'));
    require_once libfile('class/xml');
    $layoutdata = xml2array($layoutdata);
    if (empty($layoutdata)) {
        showmessage('space_data_format_invalid');
    }
    $layoutdata = $layoutdata['diypage'];
    if ($style && $style != 'uchomedefault') {
        $cssfile = DISCUZ_ROOT . './static/space/' . $style . '/style.css';
        if (!file_exists($cssfile)) {
            showmessage('theme_does_not_exist');
        }
    }
    space_merge($space, 'field_home');
    $blockdata = unserialize($space['blockposition']);
    $blockdata['block'] = $layoutdata;
Example #28
0
<?php

/**
 * DiscuzX Convert
 *
 * $Id: home_group.php 13173 2010-07-22 06:03:26Z zhengqingpeng $
 * English by Valery Votintsev at sources.ru
 */
$curprg = basename(__FILE__);
$table_source = $db_source->table('mtag');
require_once DISCUZ_ROOT . './include/editor.func.php';
$fieldid = intval(getgpc('fieldid'));
$tagid = intval(getgpc('tagid'));
$gid = intval(getgpc('gid'));
$fid = intval(getgpc('fid'));
$sid = intval(getgpc('sid'));
$limit = $setting['limit']['mtag'] ? $setting['limit']['mtag'] : 100;
$nextid = 0;
$threadquery = $db_source->query("SELECT * FROM " . $db_source->table('thread') . " WHERE tid > '{$start}' AND tagid='{$tagid}' ORDER BY tid LIMIT {$limit}");
while ($value = $db_source->fetch_array($threadquery)) {
    $nextid = $value['tid'];
    $value = daddslashes($value);
    $value['replynum'] = intval($value['replynum']);
    $threadarr = array('fid' => $sid, 'author' => $value['username'], 'authorid' => $value['uid'], 'subject' => $value['subject'], 'dateline' => $value['dateline'], 'lastpost' => $value['lastpost'], 'lastposter' => $value['lastauthor'], 'views' => $value['viewnum'], 'replies' => $value['replynum'], 'digest' => $value['digest'], 'displayorder' => $value['displayorder'] ? 1 : 0, 'isgroup' => 1);
    $tid = $db_target->insert('forum_thread', $threadarr, true);
    $lastpost = array();
    $query = $db_source->query("SELECT * FROM " . $db_source->table('post') . " WHERE tid='{$value['tid']}' ORDER BY dateline");
    while ($post = $db_source->fetch_array($query)) {
        $post['message'] = html2bbcode($post['message']);
        $post = daddslashes($post);
        $postarr = array('fid' => $sid, 'tid' => $tid, 'first' => $post['isthread'] ? 1 : 0, 'author' => $post['username'], 'authorid' => $post['uid'], 'subject' => $post['subject'], 'dateline' => $post['dateline'], 'message' => $post['message'], 'useip' => $post['ip']);
Example #29
0
<?php

/**
 * DiscuzX Convert
 *
 * $Id: paymentlog.php 9643 2010-04-30 08:59:14Z zhaoxiongfei $
 * English by Valery Votintsev at sources.ru
 */
$curprg = basename(__FILE__);
$table_source = $db_source->tablepre . 'paymentlog';
$table_target = $db_target->tablepre . 'common_credit_log';
$limit = $setting['limit']['paymentlog'] ? $setting['limit']['paymentlog'] : 2500;
$step = getgpc('step');
$step = intval($step);
$total = getgpc('total');
$total = intval($total);
$continue = false;
if (!$step && !$process['truncate_credit_log']) {
    $process['truncate_credit_log'] = 1;
    save_process('main', $process);
    $db_target->query("TRUNCATE {$table_target}");
}
$query = $db_source->query("SELECT * FROM " . $db_source->tablepre . "settings WHERE variable IN ('creditstax', 'creditstrans')");
while ($setting = $db_source->fetch_array($query)) {
    if ($setting['variable'] == 'creditstrans') {
        $creditstrans = explode(',', $setting['value']);
        $ext = $creditstrans[1] ? $creditstrans[1] : $creditstrans[0];
        if (!$ext) {
            $ext = 1;
        }
    }
Example #30
0
 function onmember()
 {
     $plid = intval(getgpc('plid'));
     $scroll = getgpc('scroll');
     $daterange = getgpc('daterange');
     $filter = getgpc('filter');
     $extra = 'extra=' . rawurlencode(getgpc('extra'));
     $a = getgpc('a');
     $do = getgpc('do');
     $this->_auth();
     $uid = $this->user['uid'];
     $pmnum_private = $_ENV['pm']->getpmnum($uid, 0, 0);
     $unreadpmnum = $_ENV['pm']->getpmnum($uid, 0, 1);
     if ($do == 'kickmember') {
         $memberuid = intval(getgpc('memberuid'));
         if ($memberuid) {
             $_ENV['pm']->kickchatpm($plid, $uid, $memberuid);
         }
         $this->message('pm_kickmember_succeed', "index.php?m=pm_client&a=member&plid={$plid}&filter=" . $filter . '&' . $_GET['extra'], 1);
     }
     if ($this->submitcheck() && $do == 'appendmember') {
         $appendmember = $_ENV['user']->get_user_by_username(getgpc('appendmember'));
         if ($appendmember) {
             $return = $_ENV['pm']->appendchatpm($plid, $uid, $appendmember['uid']);
             if ($return > 0) {
                 $this->message('pm_appendmember_succeed', "index.php?m=pm_client&a=member&plid={$plid}&filter=" . $filter . '&' . $_GET['extra'], 1);
             }
         }
         $this->message('pm_appendmember_invalid', "index.php?m=pm_client&a=member&plid={$plid}&filter=" . $filter . '&' . $_GET['extra'], 1);
     }
     $members = $_ENV['pm']->chatpmmemberlist($uid, $plid);
     $authorid = $members['author'];
     $members = $members['member'];
     $members = $_ENV['user']->id2name($members);
     $this->view->assign('scroll', $scroll);
     $this->view->assign('user', $this->user);
     $this->view->assign('pmnum_private', $pmnum_private);
     $this->view->assign('pmnum_chatpm', $pmnum_chatpm);
     $this->view->assign('unreadpmnum', $unreadpmnum);
     $this->view->assign('replypmid', $replypmid);
     $this->view->assign('subject', $subject);
     $this->view->assign('daterange', $daterange);
     $this->view->assign('plid', $plid);
     $this->view->assign('extra', $extra);
     $this->view->assign('filter', $filter);
     $this->view->assign('authorid', $authorid);
     $this->view->assign('members', $members);
     $this->view->display('pm_member');
 }