function EditIndexpage($add,$userid,$username){ global $empire,$dbtbpre,$public_r; $tempid=(int)$add[tempid]; if(!$tempid||!$add[tempname]||!$add[temptext]) { printerror("EmptyIndexpageName","history.go(-1)"); } //验证权限 CheckLevel($userid,$username,$classid,"template"); $gid=(int)$add['gid']; $add[tempname]=hRepPostStr($add[tempname],1); $add[temptext]=RepPhpAspJspcode($add[temptext]); $sql=$empire->query("update {$dbtbpre}enewsindexpage set tempname='".$add[tempname]."',temptext='".eaddslashes2($add[temptext])."' where tempid='$tempid'"); //备份模板 AddEBakTemp('indexpage',1,$tempid,$add[tempname],$add[temptext],0,0,'',0,0,'',0,0,0,$userid,$username); //刷新首页 if($tempid==$public_r['indexpageid']) { NewsBq($classid,eaddslashes($add[temptext]),1,0); //删除动态模板缓存文件 DelOneTempTmpfile('indexpage'); } if($sql) { //操作日志 insert_dolog("tempid=$tempid&tempname=$add[tempname]"); printerror("EditIndexpageSuccess","ListIndexpage.php?gid=$gid".hReturnEcmsHashStrHref2(0)); } else { printerror("DbError","history.go(-1)"); } }
function EditPrintTemp($add, $userid, $username) { global $empire, $dbtbpre, $public_r; $tempid = (int) $add[tempid]; if (!$tempid || !$add[tempname] || !$add[temptext]) { printerror("EmptyPrintTemp", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "template"); $add[tempname] = hRepPostStr($add[tempname], 1); $add[temptext] = RepPhpAspJspcode($add[temptext]); $add[modid] = (int) $add[modid]; $gid = (int) $add['gid']; $sql = $empire->query("update " . GetDoTemptb("enewsprinttemp", $gid) . " set tempname='" . $add[tempname] . "',temptext='" . eaddslashes2($add[temptext]) . "',showdate='{$add['showdate']}',modid='{$add['modid']}' where tempid='{$tempid}'"); //备份模板 AddEBakTemp('printtemp', $gid, $tempid, $add[tempname], $add[temptext], 0, 0, '', 0, $add[modid], $add[showdate], 0, 0, 0, $userid, $username); //更新页面 if ($gid == $public_r['deftempid'] || !$public_r['deftempid'] && ($gid == 1 || $gid == 0)) { GetPrintPage($tempid); } if ($sql) { //操作日志 insert_dolog("tempid={$tempid}&tempname={$add['tempname']}&gid={$gid}"); printerror("EditPrintTempSuccess", "ListPrinttemp.php?gid={$gid}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
function EditPagetemp($add,$userid,$username){ global $empire,$dbtbpre; $tempid=(int)$add['tempid']; if(!$tempid||!$add[tempname]||!$add[temptext]) { printerror("EmptyPagetempname","history.go(-1)"); } //验证权限 CheckLevel($userid,$username,$classid,"template"); $gid=(int)$add['gid']; $add[tempname]=hRepPostStr($add[tempname],1); $add[temptext]=RepPhpAspJspcode($add[temptext]); $sql=$empire->query("update ".GetDoTemptb("enewspagetemp",$gid)." set tempname='$add[tempname]',temptext='".eaddslashes2($add[temptext])."' where tempid='$tempid'"); //备份模板 AddEBakTemp('pagetemp',$gid,$tempid,$add[tempname],$add[temptext],0,0,'',0,0,'',0,0,0,$userid,$username); if($sql) { //操作日志 insert_dolog("tempid=$tempid&tempname=$add[tempname]&gid=$gid"); printerror("EditPagetempSuccess","ListPagetemp.php?gid=$gid".hReturnEcmsHashStrHref2(0)); } else { printerror("DbError","history.go(-1)"); } }
function EditNewsTemplate($add, $userid, $username) { global $empire, $dbtbpre, $public_r; $add[tempid] = (int) $add[tempid]; if (!$add[tempid] || !$add[tempname] || !$add[temptext] || !$add[modid]) { printerror("EmptyTempname", "history.go(-1)"); } //操作权限 CheckLevel($userid, $username, $classid, "template"); $classid = (int) $add['classid']; $add[tempname] = hRepPostStr($add[tempname], 1); $add[temptext] = RepPhpAspJspcode($add[temptext]); $add[temptext] = RepTemplateJsUrl($add[temptext], 1, 0); //替换JS地址 $add[modid] = (int) $add[modid]; $gid = (int) $add['gid']; $sql = $empire->query("update " . GetDoTemptb("enewsnewstemp", $gid) . " set tempname='{$add['tempname']}',temptext='" . eaddslashes2($add[temptext]) . "',showdate='{$add['showdate']}',modid={$add['modid']},classid={$classid} where tempid='{$add['tempid']}'"); //将信息设为未生成 $mr = $empire->fetch1("select tbname from {$dbtbpre}enewsmod where mid='{$add['modid']}'"); //$usql=$empire->query("update {$dbtbpre}ecms_".$mr[tbname]." set havehtml=0 where newstempid='$add[tempid]'"); //备份模板 AddEBakTemp('newstemp', $gid, $add[tempid], $add[tempname], $add[temptext], 0, 0, '', 0, $add[modid], $add[showdate], 0, $classid, 0, $userid, $username); if ($gid == $public_r['deftempid'] || !$public_r['deftempid'] && ($gid == 1 || $gid == 0)) { //删除动态模板缓存文件 DelOneTempTmpfile('text' . $add[tempid]); } if ($sql) { //操作日志 insert_dolog("tempid=" . $add[tempid] . "<br>tempname=" . $add[tempname] . "&gid={$gid}"); printerror("EditNewsTempSuccess", "ListNewstemp.php?classid={$add['cid']}&modid={$add['mid']}&gid={$gid}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
function EditLink($add, $userid, $username) { global $empire, $dbtbpre; $add[lid] = (int) $add[lid]; if (!$add[lname] || !$add[lurl] || !$add[lid]) { printerror("EmptyLname", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "link"); $add[lname] = hRepPostStr($add[lname], 1); $add[lpic] = hRepPostStr($add[lpic], 1); $add[lurl] = hRepPostStr($add[lurl], 1); $add[email] = hRepPostStr($add[email], 1); $add[onclick] = (int) $add[onclick]; $add[myorder] = (int) $add[myorder]; $add[ltype] = (int) $add[ltype]; $add[checked] = (int) $add[checked]; $add[classid] = (int) $add[classid]; $add[cid] = (int) $add[cid]; $sql = $empire->query("update {$dbtbpre}enewslink set lname='" . $add[lname] . "',lpic='" . $add[lpic] . "',lurl='" . $add[lurl] . "',onclick={$add['onclick']},width='{$add['width']}',height='{$add['height']}',target='{$add['target']}',myorder={$add['myorder']},email='" . $add[email] . "',lsay='" . eaddslashes($add[lsay]) . "',ltype={$add['ltype']},checked={$add['checked']},classid={$add['classid']} where lid='{$add['lid']}'"); if ($sql) { //操作日志 insert_dolog("lid=" . $add[lid] . "<br>lname=" . $add[lname]); printerror("EditLinkSuccess", "ListLink.php?classid={$add['cid']}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
function EditBqtemp($tempid, $tempname, $modid, $subnews, $rownum, $showdate, $temptext, $listvar, $add, $userid, $username) { global $empire, $dbtbpre; $tempid = (int) $tempid; if (!$tempname || !$temptext || !$modid || !$listvar || !$tempid) { printerror("EmptyTempname", "history.go(-1)"); } //操作权限 CheckLevel($userid, $username, $classid, "template"); $classid = (int) $add['classid']; $tempname = hRepPostStr($tempname, 1); $temptext = RepPhpAspJspcode($temptext); $listvar = RepPhpAspJspcode($listvar); if ($add['autorownum']) { $rownum = substr_count($temptext, '<!--list.var'); } //变量处理 $modid = (int) $modid; $subnews = (int) $subnews; $rownum = (int) $rownum; $docode = (int) $add[docode]; $gid = (int) $add['gid']; $sql = $empire->query("update " . GetDoTemptb("enewsbqtemp", $gid) . " set tempname='{$tempname}',temptext='" . eaddslashes2($temptext) . "',modid={$modid},showdate='{$showdate}',listvar='" . eaddslashes2($listvar) . "',subnews={$subnews},rownum={$rownum},classid={$classid},docode='{$docode}' where tempid='{$tempid}'"); //备份模板 AddEBakTemp('bqtemp', $gid, $tempid, $tempname, $temptext, $subnews, 0, $listvar, $rownum, $modid, $showdate, 0, $classid, $docode, $userid, $username); if ($sql) { //操作日志 insert_dolog("tempid=" . $tempid . "<br>tempname=" . $tempname . "&gid={$gid}"); printerror("EditBqtempSuccess", "ListBqtemp.php?classid={$add['cid']}&modid={$add['mid']}&gid={$gid}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
function EditJstemp($add, $userid, $username) { global $empire, $dbtbpre; $tempid = (int) $add['tempid']; if (!$tempid || !$add[tempname] || !$add[temptext]) { printerror("EmptyJstempname", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "template"); $add[tempname] = hRepPostStr($add[tempname], 1); $modid = (int) $add['modid']; $classid = (int) $add['classid']; $subnews = (int) $add['subnews']; $subtitle = (int) $add['subtitle']; $add[temptext] = str_replace("\r\n", "", $add[temptext]); $gid = (int) $add['gid']; $sql = $empire->query("update " . GetDoTemptb("enewsjstemp", $gid) . " set tempname='{$add['tempname']}',temptext='" . eaddslashes2($add[temptext]) . "',classid={$classid},showdate='{$add['showdate']}',modid='{$modid}',subnews='{$subnews}',subtitle='{$subtitle}' where tempid={$tempid}"); //备份模板 AddEBakTemp('jstemp', $gid, $tempid, $add[tempname], $add[temptext], $subnews, 0, '', 0, $modid, $add[showdate], $subtitle, $classid, 0, $userid, $username); if ($sql) { //操作日志 insert_dolog("tempid={$tempid}&tempname={$add['tempname']}&gid={$gid}"); printerror("EditJstempSuccess", "ListJstemp.php?classid={$add['cid']}&gid={$gid}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
function EditClasstemp($add,$userid,$username){ global $empire,$dbtbpre,$public_r; $tempid=(int)$add['tempid']; if(!$tempid||!$add[tempname]||!$add[temptext]) { printerror("EmptyClasstempname","history.go(-1)"); } //验证权限 CheckLevel($userid,$username,$classid,"template"); $classid=(int)$add['classid']; $gid=(int)$add['gid']; $add[tempname]=hRepPostStr($add[tempname],1); $add[temptext]=RepPhpAspJspcode($add[temptext]); $sql=$empire->query("update ".GetDoTemptb("enewsclasstemp",$gid)." set tempname='$add[tempname]',temptext='".eaddslashes2($add[temptext])."',classid=$classid where tempid=$tempid"); //备份模板 AddEBakTemp('classtemp',$gid,$tempid,$add[tempname],$add[temptext],0,0,'',0,0,'',0,$classid,0,$userid,$username); if($gid==$public_r['deftempid']||(!$public_r['deftempid']&&($gid==1||$gid==0))) { //删除动态模板缓存文件 DelOneTempTmpfile('classtemp'.$tempid); } if($sql) { //操作日志 insert_dolog("tempid=$tempid&tempname=$add[tempname]&gid=$gid"); printerror("EditClasstempSuccess","ListClasstemp.php?classid=$add[cid]&gid=$gid".hReturnEcmsHashStrHref2(0)); } else { printerror("DbError","history.go(-1)"); } }
function EditTempvar($add, $userid, $username) { global $empire, $dbtbpre; $add[varid] = (int) $add['varid']; if (!$add[varid] || !$add[myvar] || !$add[varvalue] || !$add[varname]) { printerror("EmptyTempvar", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "tempvar"); $add[myvar] = hRepPostStr($add[myvar], 1); $add[varname] = hRepPostStr($add[varname], 1); $add[varvalue] = RepPhpAspJspcode($add[varvalue]); $classid = (int) $add[classid]; $isclose = (int) $add[isclose]; $add[myorder] = (int) $add[myorder]; $gid = (int) $add['gid']; $sql = $empire->query("update " . GetDoTemptb("enewstempvar", $gid) . " set myvar='{$add['myvar']}',varname='{$add['varname']}',varvalue='" . eaddslashes2($add[varvalue]) . "',classid={$classid},isclose={$isclose},myorder={$add['myorder']} where varid='{$add['varid']}'"); //备份模板 AddEBakTemp('tempvar', $gid, $add[varid], $add[myvar], $add[varvalue], $add[myorder], 0, $add[varname], 0, 0, '', 0, $classid, $isclose, $userid, $username); if ($sql) { //操作日志 insert_dolog("varid=" . $add[varid] . "<br>var=" . $add[myvar] . "&gid={$gid}"); printerror("EditTempvarSuccess", "ListTempvar.php?classid={$add['cid']}&gid={$gid}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
function EditUserjs($add, $userid, $username) { global $empire, $dbtbpre; $cid = (int) $add['cid']; $jsid = (int) $add['jsid']; $jstempid = (int) $add['jstempid']; if (!$jsid || !$add[jsname] || !$jstempid || !$add[jssql] || !$add[jsfilename]) { printerror("EmptyUserJsname", "history.go(-1)"); } $query_first = substr($add['jssql'], 0, 7); if (!($query_first == "select " || $query_first == "SELECT ")) { printerror("JsSqlError", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "userjs"); //删除旧js文件 if ($add['oldjsfilename'] != $add['jsfilename']) { DelFiletext($add['oldjsfilename']); } $add[jssql] = ClearAddsData($add[jssql]); $add[jsname] = hRepPostStr($add[jsname], 1); $add['classid'] = (int) $add['classid']; $sql = $empire->query("update {$dbtbpre}enewsuserjs set jsname='{$add['jsname']}',jssql='" . addslashes($add[jssql]) . "',jstempid={$jstempid},jsfilename='{$add['jsfilename']}',classid='{$add['classid']}' where jsid={$jsid}"); //刷新js ReUserjs($add, "../"); if ($sql) { //操作日志 insert_dolog("jsid={$jsid}&jsname={$add['jsname']}"); printerror("EditUserjsSuccess", "ListUserjs.php?classid={$cid}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
function EditMSearchtemp($add, $userid, $username) { global $empire, $dbtbpre; $add[tempid] = (int) $add[tempid]; if (!$add[tempname] || !$add[temptext] || !$add[listvar] || !$add[modid] || !$add[tempid]) { printerror("EmptySearchTempname", "history.go(-1)"); } //操作权限 CheckLevel($userid, $username, $classid, "template"); $classid = (int) $add['classid']; $add[tempname] = hRepPostStr($add[tempname], 1); $add[temptext] = RepPhpAspJspcode($add[temptext]); $add[listvar] = RepPhpAspJspcode($add[listvar]); if ($add['autorownum']) { $add[rownum] = substr_count($add[temptext], '<!--list.var'); } //变量处理 $add[subnews] = (int) $add[subnews]; $add[rownum] = (int) $add[rownum]; $add[modid] = (int) $add[modid]; $add[subtitle] = (int) $add[subtitle]; $docode = (int) $add[docode]; $gid = (int) $add['gid']; $sql = $empire->query("update " . GetDoTemptb("enewssearchtemp", $gid) . " set subnews={$add['subnews']},tempname='{$add['tempname']}',temptext='" . eaddslashes2($add[temptext]) . "',listvar='" . eaddslashes2($add[listvar]) . "',rownum={$add['rownum']},modid={$add['modid']},showdate='{$add['showdate']}',subtitle={$add['subtitle']},classid={$classid},docode='{$docode}' where tempid='{$add['tempid']}'"); //备份模板 AddEBakTemp('searchtemp', $gid, $add[tempid], $add[tempname], $add[temptext], $add[subnews], 0, $add[listvar], $add[rownum], $add[modid], $add[showdate], $add[subtitle], $classid, $docode, $userid, $username); if ($sql) { //操作日志 insert_dolog("tempid=" . $add[tempid] . "<br>tempname=" . $add[tempname] . "&gid={$gid}"); printerror("EditMSearchTempSuccess", "ListSearchtemp.php?classid={$add['cid']}&modid={$add['mid']}&gid={$gid}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
function EditMoreport($add, $userid, $username) { global $empire, $dbtbpre; $add[pid] = (int) $add[pid]; if (!$add[pid] || !$add[pname] || !$add[ppath] || !$add[purl] || !$add[postpass] || !$add[tempgid]) { printerror("EmptyMoreport", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "moreport"); $add['pname'] = hRepPostStr($add['pname'], 1); $add['purl'] = RepPostStr($add['purl'], 1); $add['ppath'] = RepPostStr($add['ppath'], 1); $add['postpass'] = RepPostStr($add['postpass'], 1); $add['postfile'] = RepPostStr($add['postfile'], 1); $add['tempgid'] = (int) $add['tempgid']; $add['mustdt'] = (int) $add['mustdt']; $add['isclose'] = (int) $add['isclose']; $add['closeadd'] = (int) $add['closeadd']; if (!file_exists($add['ppath'] . 'e/config/config.php')) { printerror("ErrorMoreportPath", "history.go(-1)"); } $sql = $empire->query("update {$dbtbpre}enewsmoreport set pname='{$add['pname']}',purl='{$add['purl']}',ppath='{$add['ppath']}',postpass='******'postpass']}',postfile='{$add['postfile']}',tempgid='{$add['tempgid']}',mustdt='{$add['mustdt']}',isclose='{$add['isclose']}',closeadd='{$add['closeadd']}' where pid='{$add['pid']}'"); //更新缓存 Moreport_UpdateIsclose(); GetConfig(); if ($sql) { //操作日志 insert_dolog("pid={$add['pid']}&pname={$add['pname']}"); printerror("EditMoreportSuccess", "ListMoreport.php" . hReturnEcmsHashStrHref2(1)); } else { printerror("DbError", "history.go(-1)"); } }
function EditMenu($add, $userid, $username) { global $empire, $dbtbpre; $classid = (int) $add['classid']; $menuid = $add['menuid']; $delmenuid = $add['delmenuid']; $menuname = $add['menuname']; $menuurl = $add['menuurl']; $myorder = $add['myorder']; $addhash = $add['addhash']; $count = count($menuid); if (!$classid || !$count) { printerror("EmptyMenu", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "menu"); //删除 $del = 0; $ids = ''; $delcount = count($delmenuid); if ($delcount) { $dh = ''; for ($j = 0; $j < $delcount; $j++) { $ids .= $dh . intval($delmenuid[$j]); $dh = ','; } $empire->query("delete from {$dbtbpre}enewsmenu where menuid in (" . $ids . ")"); $del = 1; } //修改 for ($i = 0; $i < $count; $i++) { $menuid[$i] = (int) $menuid[$i]; if (strstr(',' . $ids . ',', ',' . $menuid[$i] . ',')) { continue; } $myorder[$i] = (int) $myorder[$i]; $menuname[$i] = hRepPostStr($menuname[$i], 1); $menuurl[$i] = hRepPostStr($menuurl[$i], 1); $addhash[$i] = (int) $addhash[$i]; $empire->query("update {$dbtbpre}enewsmenu set menuname='" . $menuname[$i] . "',menuurl='" . $menuurl[$i] . "',myorder='" . $myorder[$i] . "',addhash='" . $addhash[$i] . "' where menuid='" . $menuid[$i] . "'"); } //操作日志 insert_dolog("classid={$classid}&del={$del}"); printerror("EditMenuSuccess", "ListMenu.php?classid={$classid}" . hReturnEcmsHashStrHref2(0)); }
function AddInfoVote($classid, $id, $add) { global $empire, $dbtbpre, $class_r; $pubid = ReturnInfoPubid($classid, $id); $num = $empire->gettotal("select count(*) as total from {$dbtbpre}enewsinfovote where pubid='{$pubid}' limit 1"); $votename = $add['vote_name']; $votenum = $add['vote_num']; //统计总票数 for ($i = 0; $i < count($votename); $i++) { $t_votenum += $votenum[$i]; } $t_votenum = (int) $t_votenum; $voteclass = (int) $add['vote_class']; $width = (int) $add['vote_width']; $height = (int) $add['vote_height']; $doip = (int) $add['dovote_ip']; $tempid = (int) $add['vote_tempid']; $add['vote_title'] = hRepPostStr($add['vote_title'], 1); $add['vote_dotime'] = hRepPostStr($add['vote_dotime'], 1); //附加字段 $diyotherlink = (int) $add['info_diyotherlink']; $infouptime = 0; if ($add['info_infouptime']) { $infouptime = to_time($add['info_infouptime']); } $infodowntime = 0; if ($add['info_infodowntime']) { $infodowntime = to_time($add['info_infodowntime']); } if ($num) { $votetext = ReturnVote($add['vote_name'], $add['vote_num'], $add['delvote_id'], $add['vote_id'], 1); //返回组合 $votetext = hRepPostStr($votetext, 1); $sql = $empire->query("update {$dbtbpre}enewsinfovote set title='{$add['vote_title']}',votenum='{$t_votenum}',votetext='{$votetext}',voteclass='{$voteclass}',doip='{$doip}',dotime='{$add['vote_dotime']}',tempid='{$tempid}',width='{$width}',height='{$height}',diyotherlink='{$diyotherlink}',infouptime='{$infouptime}',infodowntime='{$infodowntime}' where pubid='{$pubid}' limit 1"); } else { $votetext = ReturnVote($add['vote_name'], $add['vote_num'], $add['delvote_id'], $add['vote_id'], 0); //返回组合 if (!($votetext || $diyotherlink || $infouptime || $infodowntime)) { return ''; } $votetext = hRepPostStr($votetext, 1); $sql = $empire->query("insert into {$dbtbpre}enewsinfovote(pubid,id,classid,title,votenum,voteip,votetext,voteclass,doip,dotime,tempid,width,height,diyotherlink,infouptime,infodowntime,copyids) values('{$pubid}','{$id}','{$classid}','{$add['vote_title']}','{$t_votenum}','','{$votetext}','{$voteclass}','{$doip}','{$add['vote_dotime']}','{$tempid}','{$width}','{$height}','{$diyotherlink}','{$infouptime}','{$infodowntime}','');"); } }
function EditKeyClass($classid, $classname, $userid, $username) { global $empire, $dbtbpre; $classid = (int) $classid; if (!$classname || !$classid) { printerror("EmptyKeyClass", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "key"); $classname = hRepPostStr($classname, 1); $sql = $empire->query("update {$dbtbpre}enewskeyclass set classname='{$classname}' where classid='{$classid}'"); if ($sql) { //操作日志 insert_dolog("classid=" . $classid . "<br>classname=" . $classname); printerror("EditKeyClassSuccess", "KeyClass.php" . hReturnEcmsHashStrHref2(1)); } else { printerror("DbError", "history.go(-1)"); } }
function EditUserClass($add, $userid, $username) { global $empire, $dbtbpre; $classid = (int) $add[classid]; if (!$add[classname] || !$classid) { printerror("EmptyUserClass", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "user"); $add[classname] = hRepPostStr($add[classname], 1); $sql = $empire->query("update {$dbtbpre}enewsuserclass set classname='" . $add[classname] . "' where classid='{$classid}'"); if ($sql) { //操作日志 insert_dolog("classid=" . $classid . "<br>classname=" . $add[classname]); printerror("EditUserClassSuccess", "UserClass.php" . hReturnEcmsHashStrHref2(1)); } else { printerror("DbError", "history.go(-1)"); } }
function EditPlayer($add, $userid, $username) { global $empire, $dbtbpre; $add[id] = (int) $add[id]; if (!$add[player] || !$add[filename] || !$add[id]) { printerror("EmptyPlayerName", "history.go(-1)"); } CheckPlayerFilename($add[filename]); $add['player'] = hRepPostStr($add['player'], 1); $add['bz'] = hRepPostStr($add['bz'], 1); $sql = $empire->query("update {$dbtbpre}enewsplayer set player='" . $add['player'] . "',filename='" . eaddslashes($add[filename]) . "',bz='" . $add['bz'] . "' where id='{$add['id']}'"); if ($sql) { //操作日志 insert_dolog("id={$add['id']}<br>player={$add['player']}"); printerror("EditPlayerSuccess", "player.php" . hReturnEcmsHashStrHref2(1)); } else { printerror("DbError", "history.go(-1)"); } }
function EditBefrom($befromid, $sitename, $siteurl, $userid, $username) { global $empire, $dbtbpre; if (!$sitename || !$siteurl || !$befromid) { printerror("EmptyBefrom", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "befrom"); $befromid = (int) $befromid; $sitename = hRepPostStr($sitename, 1); $siteurl = hRepPostStr($siteurl, 1); $sql = $empire->query("update {$dbtbpre}enewsbefrom set sitename='" . $sitename . "',siteurl='" . $siteurl . "' where befromid='{$befromid}'"); GetConfig(); //更新缓存 if ($sql) { //操作日志 insert_dolog("befromid=" . $befromid . "<br>sitename=" . $sitename); printerror("EditBefromSuccess", "BeFrom.php" . hReturnEcmsHashStrHref2(1)); } else { printerror("DbError", "history.go(-1)"); } }
function EditAd($add, $titlefont, $titlecolor, $userid, $username) { global $empire, $time, $dbtbpre; $add[adid] = (int) $add[adid]; if (!$add[classid] || !$add[title] || !$add[adtype] || !$add[adid]) { printerror("EmptyAd", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "ad"); $add[htmlcode] = AddAddsData(RepPhpAspJspcodeText($add[htmlcode])); $add[reptext] = AddAddsData(RepPhpAspJspcodeText($add[reptext])); $ttitlefont = TitleFont($titlefont, 'no'); //重置 if ($add[reset]) { $a = ",onclick=0"; } //变量处理 $add['title'] = hRepPostStr($add['title'], 1); $add[pic_width] = (int) $add[pic_width]; $add[pic_height] = (int) $add[pic_height]; $add[classid] = (int) $add[classid]; $add[adtype] = (int) $add[adtype]; $add[t] = (int) $add[t]; $add[ylink] = (int) $add[ylink]; $add['filepass'] = (int) $add['filepass']; $sql = $empire->query("update {$dbtbpre}enewsad set picurl='{$add['picurl']}',url='{$add['url']}',pic_width={$add['pic_width']},pic_height={$add['pic_height']},classid={$add['classid']},adtype={$add['adtype']},title='{$add['title']}',target='{$add['target']}',alt='{$add['alt']}',starttime='{$add['starttime']}',endtime='{$add['endtime']}',adsay='{$add['adsay']}',titlefont='{$ttitlefont}',titlecolor='{$titlecolor}',htmlcode='{$add['htmlcode']}',t={$add['t']},ylink={$add['ylink']},reptext='{$add['reptext']}'" . $a . " where adid='{$add['adid']}'"); UpdateTheFileEditOther(3, $add['adid'], 'other'); GetAdJs($add[adid]); if ($sql) { //操作日志 insert_dolog("adid=" . $add[adid] . "<br>title=" . $add[title]); printerror("EditAdSuccess", "ListAd.php?time={$time}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
function EditKey($keyid, $keyname, $keyurl, $userid, $username) { global $empire, $dbtbpre; $cid = (int) $_POST['cid']; $fcid = (int) $_POST['fcid']; if (!$keyname || !$keyurl || !$keyid) { printerror("EmptyKeyname", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "key"); $keyid = (int) $keyid; $keyname = hRepPostStr($keyname, 1); $keyurl = hRepPostStr($keyurl, 1); $sql = $empire->query("update {$dbtbpre}enewskey set keyname='{$keyname}',keyurl='{$keyurl}',cid='{$cid}' where keyid='{$keyid}'"); GetConfig(); //更新缓存 if ($sql) { //操作日志 insert_dolog("keyid=" . $keyid . "<br>keyname=" . $keyname); printerror("EditKeySuccess", "key.php?fcid={$fcid}" . hReturnEcmsHashStrHref2(0)); } else { printerror("DbError", "history.go(-1)"); } }
$link = db_connect(); $empire = new mysqlquery(); $editor = 1; //验证用户 $lur = is_login(); $logininid = (int) $lur['userid']; $loginin = $lur['username']; $loginrnd = $lur['rnd']; $loginlevel = $lur['groupid']; $loginadminstyleid = $lur['adminstyleid']; //ehash $ecms_hashur = hReturnEcmsHashStrAll(); //变量 $leftfile = hRepPostStr($_GET['leftfile'], 1); $mainfile = hRepPostStr($_GET['mainfile'], 1); $title = hRepPostStr($_GET['title'], 1); if (empty($leftfile)) { $leftfile = 'left.php'; } if (empty($mainfile)) { $mainfile = 'main.php'; } if (empty($title)) { $title = '管理'; } ?> <HTML> <HEAD> <title><?php echo $title; ?>
function EditMenuClass($add, $userid, $username) { global $empire, $dbtbpre; $classid = $add['classid']; $delclassid = $add['delclassid']; $classname = $add['classname']; $myorder = $add['myorder']; $classtype = $add['classtype']; $count = count($classid); if (!$count) { printerror("EmptyMenuClass", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "menu"); //删除 $del = 0; $ids = ''; $delcount = count($delclassid); if ($delcount) { $dh = ''; for ($j = 0; $j < $delcount; $j++) { $ids .= $dh . intval($delclassid[$j]); $dh = ','; } $empire->query("delete from {$dbtbpre}enewsmenuclass where classid in (" . $ids . ")"); $empire->query("delete from {$dbtbpre}enewsmenu where classid in (" . $ids . ")"); $del = 1; } //修改 for ($i = 0; $i < $count; $i++) { $classid[$i] = (int) $classid[$i]; if (strstr(',' . $ids . ',', ',' . $classid[$i] . ',')) { continue; } $myorder[$i] = (int) $myorder[$i]; $classtype[$i] = (int) $classtype[$i]; $classname[$i] = hRepPostStr($classname[$i], 1); $empire->query("update {$dbtbpre}enewsmenuclass set classname='" . $classname[$i] . "',myorder='" . $myorder[$i] . "',classtype='" . $classtype[$i] . "' where classid='" . $classid[$i] . "'"); } MenuClassToShow(); //操作日志 insert_dolog("del={$del}"); printerror("EditMenuClassSuccess", "MenuClass.php" . hReturnEcmsHashStrHref2(1)); }
function DelPathFile($filename, $userid, $username) { global $empire, $dbtbpre, $public_r, $efileftp_dr; //操作权限 CheckLevel($userid, $username, $classid, "file"); $count = count($filename); if (empty($count)) { printerror("NotFileid", "history.go(-1)"); } //基目录 $basepath = eReturnEcmsMainPortPath() . "/data"; //moreport for ($i = 0; $i < $count; $i++) { if (strstr($filename[$i], "..")) { continue; } if (!file_exists($basepath . "/" . $filename[$i])) { continue; } DelFiletext($basepath . "/" . $filename[$i]); $dfile = ReturnPathFile($filename[$i]); $dfile = hRepPostStr($dfile, 1); $dfnum = $empire->gettotal("select count(*) as total from {$dbtbpre}enewsfile_1 where filename='{$dfile}'"); if ($dfnum) { $empire->query("delete from {$dbtbpre}enewsfile_1 where filename='{$dfile}'"); //FileServer if ($public_r['openfileserver']) { $efileftp_dr[] = $basepath . "/" . $filename[$i]; } } } //操作日志 insert_dolog(""); printerror("DelFileSuccess", $_SERVER['HTTP_REFERER']); }
function ShopSys_DdInsertLog($ddid, $ecms, $bz, $addbz) { global $empire, $dbtbpre, $logininid, $loginin; $ddid = (int) $ddid; $ecms = RepPostVar($ecms); $logtime = date("Y-m-d H:i:s"); if (empty($addbz)) { $addbz = "---"; } $bz = hRepPostStr($bz, 1); $addbz = addslashes(stripSlashes($addbz)); $empire->query("insert into {$dbtbpre}enewsshop_ddlog(ddid,userid,username,ecms,bz,addbz,logtime) values('{$ddid}','{$logininid}','{$loginin}','{$ecms}','{$bz}','{$addbz}','{$logtime}');"); }
function EditSql($add, $userid, $username) { global $empire, $dbtbpre; $id = (int) $add[id]; if (!$add['sqlname'] || !$add['sqltext'] || !$id) { printerror("EmptySqltext", "history.go(-1)"); } $add['sqlname'] = hRepPostStr($add['sqlname'], 1); $add[sqltext] = ClearAddsData($add[sqltext]); $sql = $empire->query("update {$dbtbpre}enewssql set sqlname='" . $add['sqlname'] . "',sqltext='" . addslashes($add[sqltext]) . "' where id='{$id}'"); if ($sql) { //操作日志 insert_dolog("id=" . $id . "<br>sqlname=" . $add[sqlname]); printerror("EditSqlSuccess", "ListSql.php" . hReturnEcmsHashStrHref2(1)); } else { printerror("DbError", "history.go(-1)"); } }