function checkimg($imgdir, $index = 0)
{
$dir = opendir($imgdir);
if ($dir == NULL) {
return;
}
while ($file = readdir($dir)) {
if ($file != "." and $file != "..") {
//echo $imgdir."/".$file."<br>";
$path = $imgdir . "/" . $file;
if (is_dir($path)) {
checkimg($path, $index + 1);
} else {
$filename = basename($path);
$ifused = getresultNumrows(getresult("select * from I_article where contents like '%" . $filename . "%'"));
if ($ifused <= 0) {
echo "删除:" . $path . "<br>";
unlink($path);
}
}
}
}
closedir($dir);
//呵呵,这个函数只能删除空文件夹,有文件的文件夹会失败
if ($index != 0) {
if (rmdir($imgdir)) {
echo "删除" . $imgdir . "<br>";
}
}
}
function showColumnstructure($columnid, $classindex = 0)
{
$query = "select childcolumn from I_column where id={$columnid}";
$result = getresult($query);
$count = getresultNumrows($result);
if ($count > 0) {
$childColumnId = getresultData($result, 0, "childcolumn");
//没有子栏目即返回
//echo $childColumnId."<br>";
if ($childColumnId == NULL || $childColumnId == 0 || $childColumnId == "") {
if ($classindex == 0) {
echo "<tr style=\"height:24px;\">\n";
echo "<td align='center' colspan='3'>" . gettext_r("haveNot") . gettext_r("column") . "</td>";
echo "</tr>\n";
}
return false;
}
$childId = explode("|", $childColumnId);
foreach ($childId as $id) {
echo "<tr class='list'>\n";
$getchildcolumnQuery = "select columnname,childcount from I_column where id={$id}";
$childColumn = getresult($getchildcolumnQuery);
$childColumnname = getresultData($childColumn, 0, "columnname");
$childCount = getresultData($childColumn, 0, "childcount");
echo "<td> " . $id . "</td>\n";
echo "<td> " . space($classindex) . $childColumnname . "</td>\n";
echo "<td align='center'>";
echo " ";
//如果为大栏目调整,不出现添子栏目菜单
if ($columnid != 0) {
echo "<a href=\"admin_column.php?action=add&columnid=" . $id . "\">" . gettext_r("add") . gettext_r("child") . gettext_r("column") . "</a>";
echo " | ";
}
echo "<a href=\"javascript:jump('admin_column.php','modify'," . $id . ")\">" . gettext_r("update") . gettext_r("column") . gettext_r("attribute") . "</a>";
echo " | ";
if ($columnid != 0) {
echo "<a href=\"admin_article.php?action=add&columnid=" . $id . "\">" . gettext_r("add") . gettext_r("article") . "</a>";
echo " | ";
}
echo "<a href=\"javascript:if(confirm('" . gettext_r("deleteColumnTip") . "'))jump('admin_column.php','delete'," . $id . ")\">" . gettext_r("delete") . "</a>";
//echo " | ";
//如果有子栏目则显示管理子栏目
/* if($childCount > 0)
echo "<a href=\"admin_column.php?columnid=".$id."\">管理子栏目($childCount)</a>\n";
else
echo "<a href=\"#\">管理子栏目($childCount)</a>\n";*/
echo "</tr>\n";
//如果为大栏目调整,则不递归显示子栏目
if ($columnid != 0) {
showColumnstructure($id, $classindex + 1);
}
}
} else {
return false;
}
}
function translatemylabel($mylabel)
{
$result = getresult("select * from I_mylabel where labelname='{$mylabel}'");
//echo "select * from I_mylabel where labelname='$mylabel'";
if (getresultNumrows($result) < 1) {
return $mylabel;
} else {
return getresultData($result, 0, "labelcontent");
}
}
function translatecolumnlist($template)
{
//匹配自定义文章列表标签正则
$flag = "/【columnlist】([\\s\\S]*?)【\\/columnlist】/";
preg_match_all($flag, $template, $matches, PREG_SET_ORDER);
//替换所有articlelist标签
$html = $template;
//echo $template."<br>".$flag;
//得到需要循环的部分
$str = $matches[0][1];
//echo $str ;
//得到子栏目id数组
$columnid = $_GET["columnid"];
$query = "select childcolumn,columnname from I_column where id={$columnid}";
$result = getresult($query);
if (getresultNumrows($result) < 1) {
//没有才此栏目
return str_replace($str, "No such column!", $html);
return;
}
$columnname = getresultData($result, 0, "columnname");
$childColumnId = getresultData($result, 0, "childcolumn");
if ($childColumnId == NULL || $childColumnId == 0 || $childColumnId == "") {
//没有子栏目
return str_replace($str, "No child column!", $html);
return;
}
$temphtml = "";
$childId = explode("|", $childColumnId);
foreach ($childId as $id) {
$tempstr = str_replace("【#columnid】", "{$id}", $str);
$tempstr = str_replace("【#columnname】", getcolumnformationBycolumnid($id, "columnname"), $tempstr);
$temphtml .= $tempstr;
}
$html = str_replace($matches[0][0], $temphtml, $html);
return $html;
}
<tr>
<td height="29px" style="background:url(images/vote_fg1.png) no-repeat"></td>
</tr>
<?php
$voteid = $_GET["voteid"];
//根据调查类型执行投票
include "conn.php";
include_once 'library/basefunction.php';
include_once 'lang/envinit.php';
$result = getresult("select * from I_vote where id={$voteid}");
if ($result == NULL || getresultNumrows($result) < 1) {
die("<script type='text/javascript'>window.location='error.html'</script>");
}
//首先判断是否已经投过票(通过ip记录)
$userip = $_SERVER["REMOTE_ADDR"];
$ifhavevoted = getresultNumrows(getresult("select * from I_iprecord where action='vote' and ip='" . $userip . "'"));
if ($ifhavevoted > 0) {
echo "<script type='text/javascript'>alert('" . gettext_r("youhavevoted") . "')</script>";
} else {
$votetype = getresultData($result, 0, "type");
//接收投票信息
if ($_POST["votetype"] != NULL && $_POST["votetype"] != "") {
//区分多选和单选
if ($_POST["votetype"] == 0) {
if ($_POST["option"] != NULL && $_POST["option"] != "") {
getresult("update I_vote set count" . $_POST["option"] . "=count" . $_POST["option"] . "+1 where id={$voteid}");
}
} else {
if ($_POST["option"] != NULL && $_POST["option"] != "") {
$option = $_POST["option"];
//echo count($option);
<?php
session_start();
include_once "conn.php";
$username = $_GET["username"];
$password = md5($_GET["password"]);
if ($username == NULL || $username == "" || $password == NULL || $password == "") {
if ($_COOKIE["username"] == NULL || $_COOKIE["username"] == "") {
die("notlogin");
}
}
try {
$query = "select * from I_user where username = '******' and password = '******'";
//echo $query;
$result = getresult($query);
if (getresultNumrows($result) < 1) {
throw new Exception("登录失败!");
} else {
if (getresultData($result, 0, "iflock") === "1") {
die("locked");
}
setcookie("username", getresultData($result, 0, "username"));
setcookie("userid", getresultData($result, 0, "id"));
$_SESSION["username"] = getresultData($result, 0, "username");
$_SESSION["userid"] = getresultData($result, 0, "id");
getresult("update I_user set logintimes=logintimes+1 where id=" . getresultData($result, 0, "id"));
//echo "update I_admin set logintimes=logintimes+1,lastip=".$_SERVER["REMOTE_ADDR"].",lasttime=CURRENT_TIMESTAMP where id=$id";
//echo getlogininfo("adminname");
echo "logined";
}
} catch (Exception $e) {
function getarticleidlist($columnid)
{
global $childcolumnString;
getchildcolumnid_improveed($columnid);
if ($functionarray[$columnid] === "2" || getlogininfo("adminrole") === "0") {
$query = "select id from I_article where columnid in ({$childcolumnString})";
} else {
$query = "select id from I_article where columnid in ({$childcolumnString}) and adminid=" . getlogininfo("adminid");
}
$result = getresult($query);
if (getresultNumrows($result) < 1) {
return "-1";
} else {
$articleidlist = "";
while ($row = getresultArray($result)) {
if ($articleidlist == "") {
$articleidlist = $row["id"];
}
$articleidlist .= "," . $row["id"];
}
return $articleidlist;
}
}
<?php
if ($_POST["action"] == "login") {
include_once "conn.php";
$preurl = $_GET["preurl"];
$username = trim($_POST["username"]);
$password = md5(trim($_POST["password"]));
$realname = $_POST["realname "];
$email = $_POST["email"];
$sex = $_POST["sex"];
$qq = $_POST["qq"];
$phone = $_POST["phone"];
$address = $_POST["address"];
if (strlen($username) < 4 || strlen($password) < 6) {
die("<script type='text/javascript'>alert('Sorry ,You have not registed!');history.back(-1);</script>");
}
if (getresultNumrows(getresult("select * from I_user where username='******'")) > 0) {
die("<script type='text/javascript'>alert('Sorry ,The username have existed!');history.back(-1);</script>");
}
$query = "insert into I_user(username,password,realname,email,sex,qq,tel,address) values('{$username}','{$password}','{$realname}','{$email}',{$sex},'{$qq}','{$phone}','{$address}')";
//echo $query;
if (!getresult($query)) {
die("<script type='text/javascript'>alert('Sorry ,You have not registed!');history.back(-1);</script>");
} else {
die("<script type='text/javascript'>alert('Congratulations,You have registe successfully!');window.location='{$preurl}'</script>");
}
}
?>
<div align="center">
<div style="font-family:'微软雅黑','宋体'; font-size:24px; font-weight:bold; text-align:left; width:760px">用户注册</div>
<div style="width:760px; border:solid #e1e1e1 5px;">
<form name="form" method="post" action="" onsubmit="return check();">
<?php
include '../conn.php';
$voteid = $_GET["voteid"];
$result = getresult("select * from I_vote where id={$voteid}");
//如果调查不存在则不显示调查
if ($result == NULL || getresultNumrows($result) < 1) {
die("");
}
echo "<div id='vote'>";
echo "<form name='voteform' target='_blank' method='post' action='showvoteresult.php?voteid=" . $voteid . "'>\n";
$title = getresultData($result, 0, "title");
echo "<div id='votetitle'>{$title}</div>";
$attrcount = getresultData($result, 0, "attrcount");
$type = getresultData($result, 0, "type");
//Form表单
for ($i = 1; $i < $attrcount + 1; $i++) {
echo "<div class='voteoption'>";
echo "<input type='hidden' name='votetype' value='" . $type . "'>";
if ($type == 0) {
echo "<span><input type='radio' name='option' value='{$i}'/></span>";
} else {
echo "<span><input type='checkbox' name='option[]' value='{$i}'/></span>";
}
echo "<span class='optionvalue'>" . getresultData($result, 0, "option" . $i) . "</span>";
echo "</div>";
}
echo "<input type='submit' id='votebutton' value='Vote'>\n";
echo "</form>";
echo "</div>";
function getchildcolumnid($columnid, &$childidstring, $index = 0)
{
if ($index == 0) {
$childidstring = $columnid;
}
$query = "select childcolumn from I_column where id={$columnid}";
$result = getresult($query);
$count = getresultNumrows($result);
if ($count > 0) {
$childColumnId = getresultData($result, 0, "childcolumn");
//没有子栏目即返回
//echo $childColumnId."<br>";
if ($childColumnId == NULL || $childColumnId == 0 || $childColumnId == "") {
return false;
}
$childId = explode("|", $childColumnId);
foreach ($childId as $id) {
$childidstring .= "," . $id;
//echo $childidstring;
getchildcolumnid($id, $childidstring, $index + 1);
}
} else {
return false;
}
}
function showletersearch($firstletter, $currentpage, $pagesize = 10)
{
echo "<table width='100%' cellpadding='0' cellspacing='0' border='0' style='font-size:12px;'>";
$tempresult = getresult("select count(*) as countofarticle from I_article where left(title,1)='" . $firstletter . "' and ifpass=1");
//echo $tempresult;
$countofarticle = getresultData($tempresult, 0, "countofarticle");
if ($countofarticle < 1) {
echo "<tr class='list'>\n";
echo "<td align='center'>No article</td>\n";
echo "</tr>";
echo "</table>";
return;
}
//echo $countofarticle."|";
//分页显示
$query = "select * from I_article where left(title,1)='" . $firstletter . "' and ifpass=1 order by id desc limit " . ($currentpage - 1) * $pagesize . ",{$pagesize}";
//echo $query;
$result = getresult($query);
if (getresultNumrows($result) < 1) {
return;
}
echo "<tr class='articlesegline'>\n";
echo "<td colspan='3'></td>";
echo "</tr>";
while ($row = getresultArray($result)) {
echo "<tr class='list'>\n";
echo "<td><a href=\"javascript:parent.location='showarticle.php?articleid=" . $row["id"] . "'\";')\">" . $row["title"] . "</a></td>";
echo "<td width='60'>" . $row["author"] . "</td>";
echo "<td width='150' align='right'>" . $row["addtime"] . "</td>";
echo "</tr>";
echo "<tr class='articlesegline'>\n";
echo "<td colspan='3'></td>";
echo "</tr>";
}
echo "</table>";
//分页
echo "<div class='showpage'>";
if ($countofarticle % $pagesize == 0) {
$allpage = $countofarticle / $pagesize;
} else {
$allpage = floor($countofarticle / $pagesize) + 1;
}
//消除文章数为零时显示下一页链接的bug
if ($countofarticle == 0) {
$allpage += 1;
}
//echo $countofarticle%$pagesize." ".$currentpage;
echo "<b> " . $allpage . " </b> Pages ";
if ($currentpage == 1) {
echo "First | pre | ";
} else {
echo "<a href='articlelist.php?firstletter={$firstletter}¤tpage=1'>First</a> | <a href='articlelist.php?firstletter={$firstletter}¤tpage=" . ($currentpage - 1) . "'>Pre</a> | ";
}
$temppage = 1;
if ($currentpage - 1 < 5) {
while ($temppage <= $currentpage) {
if ($currentpage == $temppage) {
echo "<b>" . $temppage . "</b> ";
$temppage++;
continue;
}
echo "<a href='articlelist.php?firstletter={$firstletter}¤tpage={$temppage}'>" . $temppage . "</a> ";
$temppage++;
}
} else {
while ($temppage <= $currentpage) {
if ($currentpage == $temppage) {
echo "<b>" . $temppage . "</b> ";
$temppage++;
continue;
}
if ($temppage == 1) {
echo "<a href='articlelist.php?firstletter={$firstletter}¤tpage={$temppage}'>" . $temppage . "</a> … ";
$temppage++;
continue;
}
if ($currentpage - $temppage > 3) {
$temppage++;
continue;
}
echo "<a href='articlelist.php?firstletter={$firstletter}¤tpage={$temppage}'>" . $temppage . "</a> ";
$temppage++;
}
}
if ($allpage - $currentpage < 5) {
while ($temppage <= $allpage) {
if ($temppage == 1) {
echo "<a href='articlelist.php?firstletter={$firstletter}¤tpage={$temppage}'>" . $temppage . "</a> ";
$temppage++;
continue;
}
echo "<a href='articlelist.php?firstletter={$firstletter}¤tpage={$temppage}'>" . $temppage . "</a> ";
$temppage++;
}
} else {
while ($temppage <= $allpage) {
if ($temppage == $allpage) {
echo " … <a href='articlelist.php?firstletter={$firstletter}¤tpage={$temppage}'>" . $temppage . "</a> ";
$temppage++;
continue;
}
if ($temppage - $currentpage > 3) {
$temppage++;
continue;
}
echo "<a href='articlelist.php?firstletter={$firstletter}¤tpage={$temppage} '>" . $temppage . "</a> ";
$temppage++;
}
}
if ($currentpage == $allpage) {
echo "| Next | Last";
} else {
echo "| <a href='articlelist.php?firstletter={$firstletter}¤tpage=" . ($currentpage + 1) . "'>Next</a> | <a href='articlelist.php?firstletter={$firstletter}¤tpage={$allpage}'>Last</a>";
}
echo "</div>";
}
include_once 'templatefunction/Iron.column.php';
include_once 'templatefunction/Iron.label.php';
loadlibrary("library/third/FirePHPCore/fb.php");
FB::log('Log message');
FB::info('Info message');
FB::warn('Warn message');
FB::error('Error message');
readcache();
$siteconfig = getresult("SELECT * FROM I_siteconfig LIMIT 0 , 1");
//如果没有网站配置项
if (getresultNumrows($siteconfig) < 1) {
die("<script type='text/javascript'>window.location='error.html'</script>");
}
$templateid = getresultData($siteconfig, 0, "indextemplate");
$templateinfo = getresult("select * from I_template where id={$templateid} limit 0,1");
if (getresultNumrows($templateinfo) < 1) {
die("<script type='text/javascript'>window.location='error.html'</script>");
}
$templatepath = getresultData($templateinfo, 0, "path");
$templatefile = getroot() . "/templates/" . $templatepath;
//echo $templatefile;
if (!file_exists($templatefile)) {
die("The template file doesn'n exit!");
}
$template = file_get_contents($templatefile);
//如果模板被删除
if (!$template) {
die("<script type='text/javascript'>alert('The template doesn't exists!')window.location='error.html'</script>");
}
$template = translatelabel($template);
$template = translateArticlelist($template);
getresult("rollback");
throw new Exception(gettext_r("superManagerLeastOne"));
}
getresult("commit");
getresult("end");
die("<script type='text/javascript'>alert(\"" . gettext_r("delete") . gettext_r("success") . "\");window.location='admin_admin.php'</script>");
} catch (Exception $e) {
echo $e->getMessage();
die("<script type='text/javascript'>alert(\"" . gettext_r("delete") . gettext_r("fail") . "\");history.back(-1)</script>");
}
break;
case "add":
if ($_POST["submmit"] == gettext_r("submit")) {
$adminname = trim($_POST["adminname"]);
$tempresult = getresult("select * from I_admin where adminname='{$adminname}'");
if (getresultNumrows($tempresult) >= 1) {
echo "<script type=\"text/javascript\">alert('" . gettext_r("adminNameAlreadyExist") . "');history.back(-1);</script>";
die;
}
$pwd = md5(trim($_POST["pwd"]));
if ($_POST["adminrole"] != 1) {
//是超级管理员
$query = "insert into I_admin(adminname,password,adminrole) values('{$adminname}','{$pwd}',0)";
getresult($query);
echo "<script type=\"text/javascript\">alert('" . gettext_r("add") . gettext_r("success") . "');window.location='admin_admin.php';</script>";
die;
}
$result = getresult("select * from I_column where parentid=0");
$functioncode = "";
$index = 0;
while ($row = getresultArray($result)) {
case "add":
if ($_POST["submit"] == gettext_r("submit")) {
//存储自定义字段
$fieldname = "sdel_" . trim($_POST["fieldname"]);
//加“sdel_”表示自定义字段
$info = trim($_POST["info"]);
$datatype = trim($_POST["datatype"]);
$insertsql = "insert into I_field(columnid,fieldname,info,datatype) value({$columnid},'" . $fieldname . "','" . $info . "','" . $datatype . "')";
if ($datatype == "double") {
$addarticleField = "ALTER TABLE I_article ADD {$fieldname} {$datatype}";
} else {
$addarticleField = "ALTER TABLE I_article ADD {$fieldname} {$datatype} CHARACTER SET utf8 COLLATE utf8_general_ci";
}
//已经存在此字段
//die( $addarticleField);
if (getresultNumrows(getresult("select * from I_field where fieldname='" . $fieldname . "'")) > 0) {
die("<script type='text/javascript'>alert('" . gettext_r("fieldAlreadyExist") . "');history.back('-1');</script>\n");
}
if (getresult($insertsql) && getresult($addarticleField)) {
die("<script type='text/javascript'>alert(\"" . gettext_r("add") . gettext_r("success") . "\");window.location='admin_field.php?columnid={$columnid}'</script>");
} else {
die("<script type='text/javascript'>alert(\"" . gettext_r("add") . gettext_r("fail") . "\");history.back(-1)</script>");
}
}
?>
<form action="" method="post">
<table width="100%">
<tr>
<td class='label' width="150px"><?php
echo gettext_r("field") . gettext_r("name");
?>
$result = getresult("select * from I_template where id =" . $_GET["id"]);
unlink(getroot() . "/templates/" . getresultData($result, 0, "path"));
if (!getresult("delete from I_template where id=" . $_GET["id"])) {
die("<script type=\"text/javascript\">alert('" . gettext_r("delete") . gettext_r("fail") . "');window.location=\"{$preurl}\";</script>");
} else {
die("<script type=\"text/javascript\">alert('" . gettext_r("delete") . gettext_r("success") . "');window.location=\"{$preurl}\";</script>");
}
break;
case "add":
if ($_POST["submit"] == gettext_r("submit")) {
//存储模板
$templatename = trim($_POST["templatename"]);
if ($templatename == "") {
die("<script type='text/javascript'>alert('模板名字不能为空');history.back(-1);</script>");
}
if (getresultNumrows(getresult("select * from I_template where templatename='{$templatename}'")) > 0) {
die("<script type='text/javascript'>alert('已存在此名字的模板');history.back('-1');</script>\n");
}
if (!empty($_FILES["templatefile"][name])) {
$file = $_FILES["templatefile"];
$pos = strrpos($file[name], ".");
//取得文件名中后缀名的开始位置
$ext = substr($file[name], $pos + 1);
//取得后缀名,包括点号
if ($ext != "tpl") {
echo "<script type='text/javascript'>alert('文件类型错误');history.back(-1);</script>";
} else {
$filename = $file[name];
$tempfilename = $file[name];
//echo $tempfilename;
$index = 1;
function showcolumnlist($columnid, $columnofarticleid = -1, $classindex = 0)
{
$query = "select childcolumn from I_column where id={$columnid}";
$result = getresult($query);
$count = getresultNumrows($result);
if ($classindex == 0) {
$tempresult = getresult("select * from I_column where id={$columnid}");
$columnname = getresultData($tempresult, 0, "columnname");
//echo $columnname;
if ($columnid == $columnofarticleid) {
echo "<option selected=\"true\" value='" . $columnid . "'>\n";
} else {
echo "<option value='" . $columnid . "'>\n";
}
echo "{$columnname}</option>";
}
if ($count > 0) {
$childColumnId = getresultData($result, 0, "childcolumn");
//没有子栏目即返回
//echo $childColumnId."<br>";
if ($childColumnId == NULL || $childColumnId == 0 || $childColumnId == "") {
if ($classindex == 0) {
//echo "<option value='-1'>暂无栏目</option>";
}
return false;
}
$childId = explode("|", $childColumnId);
foreach ($childId as $id) {
$getchildcolumnQuery = "select columnname,childcount from I_column where id={$id}";
$childColumn = getresult($getchildcolumnQuery);
$childColumnname = getresultData($childColumn, 0, "columnname");
$childCount = getresultData($childColumn, 0, "childcount");
if ($id == $columnofarticleid) {
echo "<option selected=\"true\" value='" . $id . "'>\n";
} else {
echo "<option value='" . $id . "'>\n";
}
echo space($classindex + 1) . $childColumnname . "</option>\n";
//如果为大栏目调整,则不递归显示子栏目
if ($columnid != 0) {
showcolumnlist($id, $columnofarticleid, $classindex + 1);
}
}
} else {
return false;
}
}
case "add":
if ($_POST["submmit2"] == gettext_r("submit")) {
$columnid = $_POST["columnid"];
$title = $_POST["title"];
$keywords = $_POST["keywords"];
$author = $_POST["author"];
$source = $_POST["source"];
$addtime = $_POST["addtime"];
$modifytime = $_POST["modifytime"];
$notes = $_POST["notes"];
$contents = transbadchar($_POST["contents"]);
//echo $contents;
$picurl = $_POST["picurl"];
$ifpass = $_POST["ifpass"] != NULL ? $_POST["ifpass"] : 0;
//如果已存在此题目的文章则提示错误
if (getresultNumrows(getresult("select * from I_article where title='{$title}' and columnid={$columnid}")) > 0) {
die("<script type='text/javascript'>alert('" . gettext_r("articleAlreadyExist") . "');history.back('-1');</script>\n");
}
//echo nl2br($contents);
//自定义字段
$sdef_fields = getresult("select * from I_field where columnid=" . getChanelidByColumnid($columnid));
$sdef_fieldsString = "";
$sdef_fieldsValueString = "";
while ($row = getresultarray($sdef_fields)) {
if ($_POST[$row["fieldname"]] != null && $_POST[$row["fieldname"]] != "") {
$sdef_fieldsString .= "," . $row["fieldname"];
$sdef_fieldsValueString .= ",'" . $_POST[$row["fieldname"]] . "'";
}
}
$query = "insert into I_article(adminid,columnid,addtime,modifytime,title,keywords,author,source,notes,contents,picurl,ifpass" . $sdef_fieldsString . ") values(" . getlogininfo("adminid") . ",{$columnid},'{$addtime}','{$modifytime}','{$title}','{$keywords}','{$author}','{$source}','{$notes}','{$contents}','{$picurl}',{$ifpass}" . $sdef_fieldsValueString . ")";
//die( $query);
function getNext()
{
global $siteconfig, $article, $column, $articleid, $columnid;
if (!$article) {
return "";
}
$result = getresult("select * from I_article where id>{$articleid} and columnid=" . getresultData($article, 0, "columnid") . " order by id asc limit 0,1");
if (getresultNumrows($result) < 1) {
return "No article!";
}
return "<a href='showarticle.php?articleid=" . getresultData($result, 0, "id") . "'>" . getresultData($result, 0, "title") . "</a>";
}
<?php
$action = $_POST["action"];
if ($action == "login") {
//echo $_POST["confirmstr"]."|".$_SESSION['randcode'];
if ($_SESSION['randcode'] == NULL) {
die("<script type=\"text/javascript\">alert('等待时间过长');window.location=\"login.php\"</script>");
}
if ($_POST["confirmstr"] != $_SESSION['randcode']) {
die("<script type=\"text/javascript\">alert('验证码不正确');window.location=\"login.php\"</script>");
}
$adminname = $_POST["adminname"];
$password = md5($_POST["password"]);
try {
$query = "select * from I_admin where adminname = '" . $adminname . "' and password = '******'";
$result = getresult($query);
if (!getresultNumrows($result)) {
throw new Exception(gettext_r("login") . gettext_r("fail"));
} else {
$id = getresultData($result, 0, "id");
$_SESSION["adminid"] = getresultData($result, 0, "id");
$_SESSION["adminrole"] = getresultData($result, 0, "adminrole");
$_SESSION["functioncode"] = getresultData($result, 0, "functioncode");
$_SESSION["adminname"] = $adminname;
setcookie("adminid", getresultData($result, 0, "id"));
setcookie("adminrole", getresultData($result, 0, "adminrole"));
setcookie("functioncode", getresultData($result, 0, "functioncode"));
setcookie("adminname", $adminname);
getresult("update I_admin set logintimes=logintimes+1,lastip='" . $_SERVER["REMOTE_ADDR"] . "',lasttime=CURRENT_TIMESTAMP where id={$id}");
//写日志
$newLog = new Log();
$newLog->adminName = $adminname;
