function index()
{
//面包屑导航
$data['headpagemenu'] = array(0 => array('name' => '后台', 'link' => "admin.php"), 1 => array('name' => '中奖管理', 'link' => ""));
$data['headpagetitle'] = "中奖管理";
//左侧菜单
$data['menumod'] = "prize";
//数据总量
$count = fetch_one_array("select count(*) as num from " . dbtable("prize") . " p," . dbtable("shopprize") . " u where p.city_id=u.id order by p.prize_date");
//分页
$per_page = getgpc("per_page");
$per_page = $per_page ? $per_page : 0;
$pnum = 20;
$list = fetch_array("select p.*,u.tname,u.city from " . dbtable("prize") . " p," . dbtable("shopprize") . " u where p.city_id=u.id order by p.id limit {$per_page},{$pnum} ");
foreach ($list as $key => $row) {
if ($row['status'] == 1 and !empty($row['city_no'])) {
$city_no = $row['city_no'];
$city_data = fetch_one_array("select tname from " . dbtable("shopprize") . " where city_no='" . $city_no . "'");
$list[$key]['extname'] = $city_data['tname'];
} else {
$list[$key]['extname'] = "";
}
}
$data["plist"] = $list;
$this->load->library('pagination');
$config['base_url'] = 'admin.php?mod=prize&act=index';
$config['total_rows'] = $count["num"];
$config['per_page'] = $pnum;
$this->pagination->initialize($config);
$data["page"] = $this->pagination->create_links();
$this->load->view('prize_index', $data);
}
public static function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0)
{
if (!getgpc($var)) {
return FALSE;
} else {
global $_G;
if ($allowget || $_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && $_GET['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) || preg_replace("/https?:\\/\\/([^\\:\\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\\:]+).*/", "\\1", $_SERVER['HTTP_HOST']))) {
if (empty($_GET['phone_reg'])) {
if (checkperm('seccode')) {
if ($secqaacheck && !check_secqaa($_GET['secanswer'], $_GET['sechash'])) {
showmessage('submit_secqaa_invalid');
}
if ($seccodecheck && !check_seccode($_GET['seccodeverify'], $_GET['sechash'])) {
showmessage('submit_seccode_invalid');
}
}
}
return TRUE;
// For ios reg modify by heavenK
} elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && !empty($_GET['phone_reg']) && empty($_SERVER['HTTP_X_FLASH_VERSION']) && empty($_SERVER['HTTP_REFERER'])) {
return TRUE;
} else {
//add by zh
if ($_GET['mod'] == 'sms' && $_GET['flag'] == 1) {
exit(lang('message', 'submit_invalid'));
} else {
showmessage('submit_invalid');
}
}
}
}
function check_priv()
{
$username = $this->sid_decode($this->view->sid);
if (empty($username)) {
// header('Location: '.UC_API.'/admin.php?m=user&a=login&iframe='.getgpc('iframe', 'G').($this->cookie_status ? '' : '&sid='.$this->view->sid));
// exit;
//暂时屏蔽
} else {
$this->user['isfounder'] = $username == 'UCenterAdministrator' ? 1 : 0;
if (!$this->user['isfounder']) {
$admin = $this->db->fetch_first("SELECT a.*, m.* FROM " . UC_DBTABLEPRE . "admins a LEFT JOIN " . UC_DBTABLEPRE . "members m USING(uid) WHERE a.username='******'");
if (empty($admin)) {
header('Location: ' . UC_API . '/admin.php?m=user&a=login&iframe=' . getgpc('iframe', 'G') . ($this->cookie_status ? '' : '&sid=' . $this->view->sid));
exit;
} else {
$this->user = $admin;
$this->user['username'] = $username;
$this->user['admin'] = 1;
$this->view->sid = $this->sid_encode($username);
$this->setcookie('sid', $this->view->sid, 86400);
}
} else {
$this->user['username'] = '******';
$this->user['admin'] = 1;
$this->view->sid = $this->sid_encode($this->user['username']);
$this->setcookie('sid', $this->view->sid, 86400);
}
$this->view->assign('user', $this->user);
}
}
function control()
{
parent::__construct();
$authkey = md5(UC_KEY . $_SERVER['HTTP_USER_AGENT'] . $this->onlineip);
$this->time = time();
$seccodeauth = getgpc('seccodeauth');
$seccode = $this->authcode($seccodeauth, 'DECODE', $authkey);
//$seccode = rand(100000, 999999);
//$this->setcookie('uc_secc', $this->authcode($seccode."\t".$this->time, 'ENCODE'));
@header("Expires: -1");
@header("Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0", FALSE);
@header("Pragma: no-cache");
include_once UC_ROOT . 'lib/seccode.class.php';
$code = new seccode();
$code->code = $seccode;
$code->type = 0;
$code->width = 70;
$code->height = 21;
$code->background = 0;
$code->adulterate = 1;
$code->ttf = 1;
$code->angle = 0;
$code->color = 1;
$code->size = 0;
$code->shadow = 1;
$code->animator = 0;
$code->fontpath = UC_ROOT . 'images/fonts/';
$code->datapath = UC_ROOT . 'images/';
$code->includepath = '';
$code->display();
}
/**
* 权限检测
* @author allen caowenpeng1990@126.com
*/
protected function check_acl()
{
$controller = $this->uri->rsegment(1) ? $this->uri->rsegment(1) : getgpc("mod");
$action = $this->uri->rsegment(2) ? $this->uri->rsegment(2) : getgpc("act");
$node_str = $controller . '/' . $action;
$query_node = $this->db->get_where('admin_node', array('node' => $node_str, 'status' => 1));
$node = $query_node->row_array();
//查出被权限的节点
$admin_utype = $this->session->userdata('admin_utype');
if ($admin_utype == 'sysadmin') {
//全站放行
return;
}
if (is_array($node) && count($node) > 0) {
$admin_id = $this->session->userdata('admin_id');
$query_acl = $this->db->select('admin_group.acl')->from('admin_group')->join('admin_user', 'admin_user.groupid = admin_group.id')->where(array('admin_user.id' => $admin_id))->get();
$acl = unserialize($query_acl->row_array()['acl']);
if (!in_array($node['id'], $acl)) {
if ($this->input->is_ajax_request()) {
$data['status'] = false;
$data['msg'] = '您没有权限进行此操作!';
ajaxReturn($data);
} else {
header("Content-type:text/html;charset=utf-8");
alert("您没有权限进行此操作!");
}
}
}
}
function onls()
{
//如果添加用户设置
if (getgpc('add_user_set', 'P')) {
$praArr = $_POST;
$praArr['username'] = $this->user['username'];
$usetArr = serialize($praArr);
if (!empty($usetArr)) {
$this->mUset->add_user_set($usetArr);
}
}
//如果删除
if (getgpc('del', 'G')) {
$id = getgpc('id');
$this->mUset->del_user_set($id);
}
//如果更新
if (getgpc('update', 'G')) {
$updateArr = serialize($_POST);
$this->mUset->update_user_set($updateArr);
}
$all_user_set = $this->mUset->get_user_set();
//获取所有用户设置
//$this->view->assign("result",$this->result);
$this->view->assign("all_user_set", $all_user_set);
$this->view->display('admin_uset');
}
function _call($a, $arg)
{
$do = getgpc('do');
$do = empty($do) ? 'onindex' : 'on' . $do;
if (method_exists($this, $do) && $do[0] != '_') {
$this->{$do}();
} else {
exit('Plugin module not found');
}
}
function onls()
{
$page = getgpc('page');
$delete = getgpc('delete', 'P');
$num = $_ENV['feed']->get_total_num();
$feedlist = $_ENV['feed']->get_list($page, UC_PPP, $num);
$multipage = $this->page($num, UC_PPP, $page, 'admin.php?m=feed&a=ls');
$this->view->assign('feedlist', $feedlist);
$this->view->assign('multipage', $multipage);
$this->view->display('admin_feed');
}
function onsend()
{
$mailid = intval(getgpc('mailid'));
$result = $_ENV['mail']->send_by_id($mailid);
if ($result) {
$this->writelog('mail_send', "appid={$appid}¬eid={$noteid}");
$this->message('mail_succeed', $_SERVER['HTTP_REFERER']);
} else {
$this->writelog('mail_send', 'failed');
$this->message('mail_false', $_SERVER['HTTP_REFERER']);
}
}
function onls()
{
$page = getgpc('page');
$find = getgpc('find', 'P');
$replacement = getgpc('replacement', 'P');
$replacementnew = getgpc('replacementnew', 'P');
$findnew = getgpc('findnew', 'P');
$delete = getgpc('delete', 'P');
if ($find) {
foreach ($find as $id => $arr) {
$_ENV['badword']->update_badword($find[$id], $replacement[$id], $id);
}
}
$status = 0;
if ($findnew) {
$_ENV['badword']->add_badword($findnew, $replacementnew, $this->user['username']);
$status = 1;
$this->writelog('badword_add', 'findnew=' . htmlspecialchars($findnew) . '&replacementnew=' . htmlspecialchars($replacementnew));
}
if (@$delete) {
$_ENV['badword']->delete_badword($delete);
$status = 2;
$this->writelog('badword_delete', "delete=" . implode(',', $delete));
}
if (getgpc('multisubmit', 'P')) {
$badwords = getgpc('badwords', 'P');
$type = getgpc('type', 'P');
if ($type == 0) {
$_ENV['badword']->truncate_badword();
$type = 1;
}
$arr = explode("\n", str_replace(array("\r", "\n\n"), array("\r", "\n"), $badwords));
foreach ($arr as $k => $v) {
$arr2 = explode("=", $v);
$_ENV['badword']->add_badword($arr2[0], $arr2[1], $this->user['username'], $type);
}
}
if ($status > 0) {
$notedata = $_ENV['badword']->get_list($page, 1000000, 1000000);
$this->load('note');
$_ENV['note']->add('updatebadwords', '', $this->serialize($notedata, 1));
$_ENV['note']->send();
$this->load('cache');
$_ENV['cache']->updatedata('badwords');
}
$num = $_ENV['badword']->get_total_num();
$badwordlist = $_ENV['badword']->get_list($page, UC_PPP, $num);
$multipage = $this->page($num, UC_PPP, $page, 'admin.php?m=badword&a=ls');
$this->view->assign('status', $status);
$this->view->assign('badwordlist', $badwordlist);
$this->view->assign('multipage', $multipage);
$this->view->display('admin_badword');
}
function getclass()
{
$gradeid = getgpc("gradeid");
$classid = getgpc("classid");
$res = fetch_array("select * from " . dbtable("class") . " where upid='" . $gradeid . "'");
$str = '<option value="0">全部班级</option>';
foreach ($res as $row) {
if ($classid == $row['id']) {
$add = " selected";
} else {
$add = "";
}
$str .= '<option value="' . $row["id"] . '" ' . $add . '>' . $row["name"] . '</option>';
}
echo $str;
}
function onupdate()
{
$updated = false;
if ($this->submitcheck('submit')) {
$type = getgpc('type', 'P');
if (!is_array($type) || in_array('data', $type)) {
$_ENV['cache']->updatedata();
}
if (!is_array($type) || in_array('tpl', $type)) {
$_ENV['cache']->updatetpl();
}
$updated = true;
}
$this->view->assign('updated', $updated);
$this->view->display('admin_cache');
}
function index()
{
$per_page = getgpc("per_page");
$per_page = $per_page ? $per_page : 0;
$pnum = 8;
$list = fetch_array("select * from " . dbtable("englandstyle") . " where 1 and status=1 order by displayorder desc, id desc limit {$per_page},{$pnum}");
foreach ($list as $key => $row) {
$res[intval($key / 4)][] = $row;
}
$count = fetch_one_array("select count(*) as num from " . dbtable("englandstyle") . " where 1 and status=1");
$data['total_num'] = $count['num'];
$data['per_page'] = $per_page + $pnum;
$data['pnum'] = $pnum;
$data["reslist"] = $res;
$this->load->view('englandstyle', $data);
}
function save(){
$this->redirect .= '&dxanchor='.$this->dxanchor;
$varsnew = getgpc('varsnew', 'p');
$varsnew['height'] = $varsnew['height'] > 0 ? intval($varsnew['height']) : 0;
$varsnew['lineheight'] = $varsnew['lineheight'] ? 'height:'.$varsnew['lineheight'].'px;line-height:'.$varsnew['lineheight'].'px;' : '';
$varsnew['left'] = intval($varsnew['left']).'px';
$varsnew['top'] = intval($varsnew['top']).'px';
$varsnew['left3'] = intval($varsnew['left3']);
$varsnew['top3'] = intval($varsnew['top3']);
$this->cache->set('settings', $varsnew);
$this->cache->styles('weather.css', $varsnew, true);
$this->cpmsg();
}
function dxcore(){
global $pluginid, $plugin;
define('XTQ_ROOT', realpath(dirname(__FILE__).'/../').'/');
$this->pluginid = $pluginid;
$this->identifier = $plugin['identifier'];
$this->basescript = 'plugins&operation=config&do='.$this->pluginid.'&identifier=ducexweather&pmod='.getgpc('pmod');
$this->redirect = getglobal('siteurl').ADMINSCRIPT.'?action='.$this->basescript;
require(XTQ_ROOT.'include/dx_cache.class.php');
$this->cache = new dx_xcache('ducexweather');
$this->settings = $this->cache->loadsetting();
$this->header();
}
/**
* 编辑积分规则
*/
public function onedit()
{
$a = getgpc('a');
$rule_id = getgpc('rule_id', 'G');
if (getgpc('edit_credit_rule', 'P')) {
$rule_id = getgpc('rid');
$rule_name = getgpc('rule_name', 'P');
$cycle_type = getgpc('cycle_type', 'P');
$reward_num = getgpc('reward_num', 'P');
$credit = getgpc('credit', 'P');
$is_use = getgpc('is_use', 'P');
$this->mCredit->update_credit_rule($rule_id, $rule_name, $cycle_type, $reward_num, $credit, $is_use);
$this->view->assign('status', 1);
}
$single_rule = $this->mCredit->get_single_credit_rule($rule_id);
$this->view->assign('a', $a);
$this->view->assign('single_rule', $single_rule);
$this->view->display('admin_credit');
}
function onadd()
{
$ucfounderpw = getgpc('ucfounderpw', 'P');
$apptype = getgpc('apptype', 'P');
$appname = getgpc('appname', 'P');
$appurl = getgpc('appurl', 'P');
$appip = getgpc('appip', 'P');
$viewprourl = getgpc('viewprourl', 'P');
$appcharset = getgpc('appcharset', 'P');
$appdbcharset = getgpc('appdbcharset', 'P');
$apptagtemplates = getgpc('apptagtemplates', 'P');
$appallowips = getgpc('allowips', 'P');
if (md5(md5($ucfounderpw) . UC_FOUNDERSALT) == UC_FOUNDERPW || strlen($ucfounderpw) == 32 && $ucfounderpw == md5(UC_FOUNDERPW)) {
@ob_start();
$return = '';
$app = $this->db->fetch_first("SELECT * FROM " . UC_DBTABLEPRE . "applications WHERE url='{$appurl}' AND type='{$apptype}'");
if (empty($app)) {
$authkey = $this->_generate_key();
$apptagtemplates = $this->serialize($apptagtemplates, 1);
$this->db->query("INSERT INTO " . UC_DBTABLEPRE . "applications SET\r\n\t\t\t\t\tname='{$appname}',\r\n\t\t\t\t\turl='{$appurl}',\r\n\t\t\t\t\tip='{$appip}',\r\n\t\t\t\t\tauthkey='{$authkey}',\r\n\t\t\t\t\tviewprourl='{$viewprourl}',\r\n\t\t\t\t\tsynlogin='******',\r\n\t\t\t\t\tcharset='{$appcharset}',\r\n\t\t\t\t\tdbcharset='{$appdbcharset}',\r\n\t\t\t\t\ttype='{$apptype}',\r\n\t\t\t\t\trecvnote='1',\r\n\t\t\t\t\ttagtemplates='{$apptagtemplates}',\r\n\t\t\t\t\tallowips='{$appallowips}'\r\n\t\t\t\t\t");
$appid = $this->db->insert_id();
$_ENV['app']->alter_app_table($appid, 'ADD');
//$return = "UC_STATUS_OK|$authkey|$appid|".UC_DBHOST.'|'.UC_DBNAME.'|'.UC_DBUSER.'|'.UC_DBPW.'|'.UC_DBCHARSET.'|'.UC_DBTABLEPRE.'|'.UC_CHARSET;
$return = "{$authkey}|{$appid}|" . UC_DBHOST . '|' . UC_DBNAME . '|' . UC_DBUSER . '|' . UC_DBPW . '|' . UC_DBCHARSET . '|' . UC_DBTABLEPRE . '|' . UC_CHARSET;
$this->load('cache');
$_ENV['cache']->updatedata('apps');
$this->load('note');
$notedata = $this->db->fetch_all("SELECT appid, type, name, url, ip, charset, synlogin, extra FROM " . UC_DBTABLEPRE . "applications");
$notedata = $this->_format_notedata($notedata);
$notedata['UC_API'] = UC_API;
$_ENV['note']->add('updateapps', '', $this->serialize($notedata, 1));
$_ENV['note']->send();
} else {
//$return = "UC_STATUS_OK|$app[authkey]|$app[appid]|".UC_DBHOST.'|'.UC_DBNAME.'|'.UC_DBUSER.'|'.UC_DBPW.'|'.UC_DBCHARSET.'|'.UC_DBTABLEPRE.'|'.UC_CHARSET;
$return = "{$app['authkey']}|{$app['appid']}|" . UC_DBHOST . '|' . UC_DBNAME . '|' . UC_DBUSER . '|' . UC_DBPW . '|' . UC_DBCHARSET . '|' . UC_DBTABLEPRE . '|' . UC_CHARSET;
}
@ob_end_clean();
exit($return);
} else {
exit('-1');
}
}
function onmain()
{
$ucinfo = '<sc' . 'ript language="Jav' . 'aScript" src="ht' . 'tp:/' . '/cus' . 'tome' . 'r.disc' . 'uz.n' . 'et/ucn' . 'ews' . '.p' . 'hp?' . $this->_get_uc_info() . '"></s' . 'cri' . 'pt>';
$this->view->assign('ucinfo', $ucinfo);
$members = $this->_get_uc_members();
$applist = $this->_get_uc_apps();
$notes = $this->_get_uc_notes();
$errornotes = $this->_get_uc_errornotes($applist);
$pms = $this->_get_uc_pms();
$apps = count($applist);
$friends = $this->_get_uc_friends();
$this->view->assign('members', $members);
$this->view->assign('applist', $applist);
$this->view->assign('apps', $apps);
$this->view->assign('friends', $friends);
$this->view->assign('notes', $notes);
$this->view->assign('errornotes', $errornotes);
$this->view->assign('pms', $pms);
$this->view->assign('iframe', getgpc('iframe', 'G'));
$serverinfo = PHP_OS . ' / PHP v' . PHP_VERSION;
$serverinfo .= @ini_get('safe_mode') ? ' Safe Mode' : NULL;
$dbversion = $this->db->result_first("SELECT VERSION()");
$fileupload = @ini_get('file_uploads') ? ini_get('upload_max_filesize') : '<font color="red">' . $lang['no'] . '</font>';
$dbsize = 0;
$tablepre = UC_DBTABLEPRE;
$query = $tables = $this->db->fetch_all("SHOW TABLE STATUS LIKE '{$tablepre}%'");
foreach ($tables as $table) {
$dbsize += $table['Data_length'] + $table['Index_length'];
}
$dbsize = $dbsize ? $this->_sizecount($dbsize) : $lang['unknown'];
$dbversion = $this->db->version();
$magic_quote_gpc = get_magic_quotes_gpc() ? 'On' : 'Off';
$allow_url_fopen = ini_get('allow_url_fopen') ? 'On' : 'Off';
$this->view->assign('serverinfo', $serverinfo);
$this->view->assign('fileupload', $fileupload);
$this->view->assign('dbsize', $dbsize);
$this->view->assign('dbversion', $dbversion);
$this->view->assign('magic_quote_gpc', $magic_quote_gpc);
$this->view->assign('allow_url_fopen', $allow_url_fopen);
$this->view->display('admin_frame_main');
}
public static function submitcheck($var, $allowget = 0, $seccodecheck = 0, $secqaacheck = 0)
{
if (!getgpc($var)) {
return FALSE;
} else {
global $_G;
if ($allowget || $_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_GET['formhash']) && $_GET['formhash'] == formhash() && empty($_SERVER['HTTP_X_FLASH_VERSION']) && (empty($_SERVER['HTTP_REFERER']) || strncmp($_SERVER['HTTP_REFERER'], 'http://wsq.discuz.qq.com', 24) === 0 || strncmp($_SERVER['HTTP_REFERER'], 'http://m.wsq.qq.com', 19) === 0 || preg_replace("/https?:\\/\\/([^\\:\\/]+).*/i", "\\1", $_SERVER['HTTP_REFERER']) == preg_replace("/([^\\:]+).*/", "\\1", $_SERVER['HTTP_HOST']))) {
if (checkperm('seccode')) {
if ($secqaacheck && !check_secqaa($_GET['secanswer'], $_GET['secqaahash'])) {
showmessage('submit_secqaa_invalid');
}
if ($seccodecheck && !check_seccode($_GET['seccodeverify'], $_GET['seccodehash'], 0, $_GET['seccodemodid'])) {
showmessage('submit_seccode_invalid');
}
}
return TRUE;
} else {
showmessage('submit_invalid');
}
}
}
function update_password()
{
$username = getgpc("username");
$old_password = getgpc("old_password");
$new_password = getgpc("new_password");
$new_password1 = getgpc("new_password1");
$data = array();
$md5salt = $this->config->item("md5salt");
if ($username) {
//
$res = fetch_one_array("select * from " . dbtable("admin_user") . " where username='******'");
if (!$res) {
alert("错误,找不到该用户");
} elseif ($res["password"] != md5($md5salt . $old_password)) {
alert("输入旧密码不正确!");
}
}
if (empty($old_password)) {
alert("请输入旧密码");
}
if (empty($new_password)) {
alert("请输入新密码");
}
if (empty($new_password1)) {
alert("请输入确认密码");
}
if ($old_password == $new_password) {
alert("请输入旧密码与新密码一样");
}
if ($new_password != $new_password1) {
alert("请输入新密码与确认密码不一致");
} else {
$updata['password'] = md5($md5salt . $new_password);
dbupdate("admin_user", $updata, array('username' => $username));
// echo" <script language='javascript'>this.close();alert('修改密码成功,请记住新密码哟!');</script>";
alert("修改密码成功,请记住新密码哟!", "admin.php?mod=login");
}
// $this->db->update('admin_user', $updata);
}
function onclear()
{
$delnum = 0;
if ($this->submitcheck()) {
$cleardays = intval(getgpc('cleardays', 'P'));
$unread = getgpc('unread') ? 1 : 0;
$usernames = trim(getgpc('usernames', 'P'));
$sqladd = '';
if ($cleardays > 0) {
$sqladd .= ' AND dateline < ' . ($this->time - $cleardays * 86400);
}
if ($unread) {
$sqladd .= " AND new='0'";
}
if ($usernames) {
$uids = 0;
$usernames = "'" . implode("', '", explode(',', $usernames)) . "'";
$query = $this->db->query("SELECT uid FROM " . UC_DBTABLEPRE . "members WHERE username IN ({$usernames})");
while ($res = $this->db->fetch_array($query)) {
$uids .= ',' . $res['uid'];
}
if ($uids) {
$sqladd .= " AND (msgfromid IN ({$uids}) OR msgtoid IN ({$uids}))";
}
}
if ($sqladd) {
$this->db->query("DELETE FROM " . UC_DBTABLEPRE . "pms WHERE 1 {$sqladd}", 'UNBUFFERED');
$delnum = $this->db->affected_rows();
$status = 1;
$this->writelog('pm_clear', "cleardays={$cleardays}&unread={$unread}");
}
}
$pmnum = $this->db->result_first("SELECT COUNT(*) FROM " . UC_DBTABLEPRE . "pms");
$this->view->assign('pmnum', $pmnum);
$this->view->assign('delnum', $delnum);
$this->view->assign('status', $status);
$this->view->display('admin_pm_clear');
}
function chlogin()
{
$adminname = getgpc("adminname");
$adminpwd = getgpc("adminpwd");
$chres = fetch_one_array("select * from " . dbtable("admin_user") . " where username='******'");
//dump($chres);
if ($chres) {
$md5salt = $this->config->item("md5salt");
if ($chres["password"] == md5($md5salt . $adminpwd)) {
//正常登录
$_SESSION['chadmin'] = 1;
$_SESSION['admin_id'] = $chres['id'];
$_SESSION['admin_utype'] = $chres['utype'];
$_SESSION['admin_username'] = $chres['username'];
$ip = convertip();
$updata = array('uid' => $chres['id'], 'username' => $chres['username'], 'time' => date("Y-m-d H:i:s"), 'ip' => $ip['ip'], 'ipaddr' => $ip['addr']);
$this->db->insert('admin_user_loginlog', $updata);
alert("登录成功", "admin.php");
exit;
}
}
alert("账号或者密码错误", "admin.php?mod=login");
}
}
$query = C::t('forum_forum')->fetch_all_sub_group_by_fup($toptype['secondlist']);
foreach ($query as $row) {
$data['lastupdategroup'][$id][] = $row;
}
if (empty($data['lastupdategroup'][$id])) {
$data['lastupdategroup'][$id] = array();
}
}
$lastupdategroup = $data['lastupdategroup'];
savecache('groupindex', $data);
}
$list = array();
if ($groupids) {
$orderby = in_array(getgpc('orderby'), array('membernum', 'dateline', 'thread', 'activity')) ? getgpc('orderby') : 'displayorder';
$page = intval(getgpc('page')) ? intval($_GET['page']) : 1;
$start = ($page - 1) * $perpage;
$getcount = grouplist('', '', '', $groupids, 1, 1);
if ($getcount) {
$list = grouplist($orderby, '', array($start, $perpage), $groupids, 1);
$multipage = multi($getcount, $perpage, $page, $url . "&orderby={$orderby}");
}
}
$endrows = $curtype['forumcolumns'] > 1 ? str_repeat('<td width="' . $curtype['forumcolwidth'] . '"></td>', $curtype['forumcolumns'] - count($list) % $curtype['forumcolumns']) : '';
$groupviewed_list = get_viewedgroup();
if (empty($sgid) && empty($gid)) {
foreach ($first as $key => $val) {
if (is_array($val['secondlist']) && !empty($val['secondlist'])) {
$first[$key]['secondlist'] = array_slice($val['secondlist'], 0, 8);
}
}
<?php
/**
* DiscuzX Convert
*
* $Id: access.php 10469 2010-05-11 09:12:14Z monkey $
* English by Valery Votintsev at sources.ru
*/
$curprg = basename(__FILE__);
$table_source = $db_source->tablepre . 'access';
$table_target = $db_target->tablepre . 'forum_access';
$limit = 2000;
$nextid = 0;
$start = getgpc('start');
if (empty($start)) {
$start = 0;
$db_target->query("TRUNCATE {$table_target}");
}
$query = $db_source->query("SELECT * FROM {$table_source} LIMIT {$start}, {$limit}");
while ($row = $db_source->fetch_array($query)) {
$nextid = 1;
$row = daddslashes($row, 1);
$data = implode_field_value($row, ',', db_table_fields($db_target, $table_target));
$db_target->query("INSERT INTO {$table_target} SET {$data}");
}
if ($nextid) {
showmessage(lang('continue_convert_table') . $table_source . lang('from') . $start . lang('to') . ($start + $limit) . lang('lines'), "index.php?a={$action}&source={$source}&prg={$curprg}&start=" . ($start + $limit));
//vot
}
<?php
/**
* DiscuzX Convert
*
* $Id: onlinetime.php 15475 2010-08-24 07:34:47Z monkey $
*/
$curprg = basename(__FILE__);
$table_source = $db_source->tablepre . 'onlinetime';
$table_target = $db_target->tablepre . 'common_onlinetime';
$limit = 2000;
$nextid = 0;
$start = intval(getgpc('start'));
if ($start == 0) {
$db_target->query("TRUNCATE {$table_target}");
}
$query = $db_source->query("SELECT * FROM {$table_source} WHERE uid>'{$start}' ORDER BY uid LIMIT {$limit}");
while ($row = $db_source->fetch_array($query)) {
$nextid = $row['uid'];
$row = daddslashes($row, 1);
$data = implode_field_value($row, ',', db_table_fields($db_target, $table_target));
$db_target->query("INSERT INTO {$table_target} SET {$data}");
}
if ($nextid) {
showmessage("继续转换数据表 " . $table_source . " uid > {$nextid} ", "index.php?a={$action}&source={$source}&prg={$curprg}&start={$nextid}");
}
function onrectavatar()
{
@header("Expires: 0");
@header("Cache-Control: private, post-check=0, pre-check=0, max-age=0", FALSE);
@header("Pragma: no-cache");
header("Content-type: application/xml; charset=utf-8");
$this->init_input(getgpc('agent'));
$uid = $this->input('uid');
if (empty($uid)) {
return '<root><message type="error" value="-1" /></root>';
}
$home = $this->get_home($uid);
if (!is_dir(UC_DATADIR . './avatar/' . $home)) {
$this->set_home($uid, UC_DATADIR . './avatar/');
}
$avatartype = getgpc('avatartype', 'G') == 'real' ? 'real' : 'virtual';
$bigavatarfile = UC_DATADIR . './avatar/' . $this->get_avatar($uid, 'big', $avatartype);
$middleavatarfile = UC_DATADIR . './avatar/' . $this->get_avatar($uid, 'middle', $avatartype);
$smallavatarfile = UC_DATADIR . './avatar/' . $this->get_avatar($uid, 'small', $avatartype);
$bigavatar = $this->flashdata_decode(getgpc('avatar1', 'P'));
$middleavatar = $this->flashdata_decode(getgpc('avatar2', 'P'));
$smallavatar = $this->flashdata_decode(getgpc('avatar3', 'P'));
if (!$bigavatar || !$middleavatar || !$smallavatar) {
return '<root><message type="error" value="-2" /></root>';
}
$success = 1;
$fp = @fopen($bigavatarfile, 'wb');
@fwrite($fp, $bigavatar);
@fclose($fp);
$fp = @fopen($middleavatarfile, 'wb');
@fwrite($fp, $middleavatar);
@fclose($fp);
$fp = @fopen($smallavatarfile, 'wb');
@fwrite($fp, $smallavatar);
@fclose($fp);
$biginfo = @getimagesize($bigavatarfile);
$middleinfo = @getimagesize($middleavatarfile);
$smallinfo = @getimagesize($smallavatarfile);
if (!$biginfo || !$middleinfo || !$smallinfo || $biginfo[2] == 4 || $middleinfo[2] == 4 || $smallinfo[2] == 4) {
file_exists($bigavatarfile) && unlink($bigavatarfile);
file_exists($middleavatarfile) && unlink($middleavatarfile);
file_exists($smallavatarfile) && unlink($smallavatarfile);
$success = 0;
}
$filetype = '.jpg';
@unlink(UC_DATADIR . './tmp/upload' . $uid . $filetype);
if ($success) {
return '<?xml version="1.0" ?><root><face success="1"/></root>';
} else {
return '<?xml version="1.0" ?><root><face success="0"/></root>';
}
}
}
if (empty($blockdata['parameters']['music']['config'])) {
$blockdata['parameters']['music']['config'] = array('showmod' => 'default', 'autorun' => 'true', 'shuffle' => 'true', 'crontabcolor' => '#D2FF8C', 'buttoncolor' => '#1F43FF', 'fontcolor' => '#1F43FF');
}
$setarr['blockposition'] = daddslashes(serialize($blockdata));
DB::update('common_member_field_home', $setarr, "uid = {$space['uid']}");
showmessage('do_success', 'home.php?mod=spacecp&ac=index&op=getblock&blockname=' . $blockname, array('blockname' => $blockname));
}
if (submitcheck('diysubmit')) {
$blockdata = array();
checksecurity($_POST['spacecss']);
$spacecss = dstripslashes($_POST['spacecss']);
$spacecss = preg_replace("/(\\<|\\>)/is", '', $spacecss);
$currentlayout = getstr($_POST['currentlayout'], 5, 1, 1);
$style = empty($_POST['style']) ? '' : preg_replace("/[^0-9a-z]/i", '', $_POST['style']);
$layoutdata = dstripslashes(getgpc('layoutdata', 'P'));
require_once libfile('class/xml');
$layoutdata = xml2array($layoutdata);
if (empty($layoutdata)) {
showmessage('space_data_format_invalid');
}
$layoutdata = $layoutdata['diypage'];
if ($style && $style != 'uchomedefault') {
$cssfile = DISCUZ_ROOT . './static/space/' . $style . '/style.css';
if (!file_exists($cssfile)) {
showmessage('theme_does_not_exist');
}
}
space_merge($space, 'field_home');
$blockdata = unserialize($space['blockposition']);
$blockdata['block'] = $layoutdata;
<?php
/**
* DiscuzX Convert
*
* $Id: home_group.php 13173 2010-07-22 06:03:26Z zhengqingpeng $
* English by Valery Votintsev at sources.ru
*/
$curprg = basename(__FILE__);
$table_source = $db_source->table('mtag');
require_once DISCUZ_ROOT . './include/editor.func.php';
$fieldid = intval(getgpc('fieldid'));
$tagid = intval(getgpc('tagid'));
$gid = intval(getgpc('gid'));
$fid = intval(getgpc('fid'));
$sid = intval(getgpc('sid'));
$limit = $setting['limit']['mtag'] ? $setting['limit']['mtag'] : 100;
$nextid = 0;
$threadquery = $db_source->query("SELECT * FROM " . $db_source->table('thread') . " WHERE tid > '{$start}' AND tagid='{$tagid}' ORDER BY tid LIMIT {$limit}");
while ($value = $db_source->fetch_array($threadquery)) {
$nextid = $value['tid'];
$value = daddslashes($value);
$value['replynum'] = intval($value['replynum']);
$threadarr = array('fid' => $sid, 'author' => $value['username'], 'authorid' => $value['uid'], 'subject' => $value['subject'], 'dateline' => $value['dateline'], 'lastpost' => $value['lastpost'], 'lastposter' => $value['lastauthor'], 'views' => $value['viewnum'], 'replies' => $value['replynum'], 'digest' => $value['digest'], 'displayorder' => $value['displayorder'] ? 1 : 0, 'isgroup' => 1);
$tid = $db_target->insert('forum_thread', $threadarr, true);
$lastpost = array();
$query = $db_source->query("SELECT * FROM " . $db_source->table('post') . " WHERE tid='{$value['tid']}' ORDER BY dateline");
while ($post = $db_source->fetch_array($query)) {
$post['message'] = html2bbcode($post['message']);
$post = daddslashes($post);
$postarr = array('fid' => $sid, 'tid' => $tid, 'first' => $post['isthread'] ? 1 : 0, 'author' => $post['username'], 'authorid' => $post['uid'], 'subject' => $post['subject'], 'dateline' => $post['dateline'], 'message' => $post['message'], 'useip' => $post['ip']);
<?php
/**
* DiscuzX Convert
*
* $Id: paymentlog.php 9643 2010-04-30 08:59:14Z zhaoxiongfei $
* English by Valery Votintsev at sources.ru
*/
$curprg = basename(__FILE__);
$table_source = $db_source->tablepre . 'paymentlog';
$table_target = $db_target->tablepre . 'common_credit_log';
$limit = $setting['limit']['paymentlog'] ? $setting['limit']['paymentlog'] : 2500;
$step = getgpc('step');
$step = intval($step);
$total = getgpc('total');
$total = intval($total);
$continue = false;
if (!$step && !$process['truncate_credit_log']) {
$process['truncate_credit_log'] = 1;
save_process('main', $process);
$db_target->query("TRUNCATE {$table_target}");
}
$query = $db_source->query("SELECT * FROM " . $db_source->tablepre . "settings WHERE variable IN ('creditstax', 'creditstrans')");
while ($setting = $db_source->fetch_array($query)) {
if ($setting['variable'] == 'creditstrans') {
$creditstrans = explode(',', $setting['value']);
$ext = $creditstrans[1] ? $creditstrans[1] : $creditstrans[0];
if (!$ext) {
$ext = 1;
}
}
function onmember()
{
$plid = intval(getgpc('plid'));
$scroll = getgpc('scroll');
$daterange = getgpc('daterange');
$filter = getgpc('filter');
$extra = 'extra=' . rawurlencode(getgpc('extra'));
$a = getgpc('a');
$do = getgpc('do');
$this->_auth();
$uid = $this->user['uid'];
$pmnum_private = $_ENV['pm']->getpmnum($uid, 0, 0);
$unreadpmnum = $_ENV['pm']->getpmnum($uid, 0, 1);
if ($do == 'kickmember') {
$memberuid = intval(getgpc('memberuid'));
if ($memberuid) {
$_ENV['pm']->kickchatpm($plid, $uid, $memberuid);
}
$this->message('pm_kickmember_succeed', "index.php?m=pm_client&a=member&plid={$plid}&filter=" . $filter . '&' . $_GET['extra'], 1);
}
if ($this->submitcheck() && $do == 'appendmember') {
$appendmember = $_ENV['user']->get_user_by_username(getgpc('appendmember'));
if ($appendmember) {
$return = $_ENV['pm']->appendchatpm($plid, $uid, $appendmember['uid']);
if ($return > 0) {
$this->message('pm_appendmember_succeed', "index.php?m=pm_client&a=member&plid={$plid}&filter=" . $filter . '&' . $_GET['extra'], 1);
}
}
$this->message('pm_appendmember_invalid', "index.php?m=pm_client&a=member&plid={$plid}&filter=" . $filter . '&' . $_GET['extra'], 1);
}
$members = $_ENV['pm']->chatpmmemberlist($uid, $plid);
$authorid = $members['author'];
$members = $members['member'];
$members = $_ENV['user']->id2name($members);
$this->view->assign('scroll', $scroll);
$this->view->assign('user', $this->user);
$this->view->assign('pmnum_private', $pmnum_private);
$this->view->assign('pmnum_chatpm', $pmnum_chatpm);
$this->view->assign('unreadpmnum', $unreadpmnum);
$this->view->assign('replypmid', $replypmid);
$this->view->assign('subject', $subject);
$this->view->assign('daterange', $daterange);
$this->view->assign('plid', $plid);
$this->view->assign('extra', $extra);
$this->view->assign('filter', $filter);
$this->view->assign('authorid', $authorid);
$this->view->assign('members', $members);
$this->view->display('pm_member');
}