public function _initialize() { if (isset($_GET['code']) && hy_check($_GET['code'], 'un') == '#@_error') { hy_404(); } $this->registerPlugin("function", "func", array('appController', 'tpl_model')); }
public function checkcode() { $result = array('error' => 1, 'content' => '抱歉,本数据库没有此记录'); $code1 = hy_check(strtoupper($_POST['code1']), 'u'); $code2 = hy_check(strtoupper($_POST['code2']), 'u'); $code3 = hy_check(strtoupper($_POST['code3']), 'u'); $code4 = hy_check(strtoupper($_POST['code4']), 'u'); if ($code1 == '#@_error' || $code2 == '#@_error' || $code3 == '#@_error' || $code4 == '#@_error') { print_r(json_encode($result)); exit; } $code = $code1 . $code2 . $code3 . $code4; $res = Model('index')->db_count(array('table' => 'security_code', 'code' => $code)); if ($res == 1) { $result['error'] = 0; $result['content'] = '该防伪码有效'; } print_r(json_encode($result)); exit; }
public function _initialize() { if (isset($_GET['code']) && hy_check($_GET['code'], 'un') == '#@_error') { hy_404(); } /*开启手机功能*/ //$cfg=Model('app')->get_cfg(); $is_wap = C('wap_support'); //需要在controller取消注释Model()->getCfg() if ($is_wap == 1) { $ua = strtolower($_SERVER['HTTP_USER_AGENT']); $uachar = "/(nokia|sony|ericsson|mot|samsung|sgh|lg|philips|panasonic|alcatel|lenovo|cldc|midp|mobile)/i"; if (($ua == '' || preg_match($uachar, $ua)) && !strpos(strtolower($_SERVER['REQUEST_URI']), 'wap')) { $Loaction = '?g=mobile&a=index&m=index'; if (!empty($Loaction)) { header("Location: {$Loaction}\n"); } } } $this->registerPlugin("function", "func", array('appController', 'tpl_model')); }
public function submit() { $result = array('error' => 1, 'content' => ''); $info['name'] = isset($_POST['name']) ? hy_check($_POST['name'], 'ur') : ''; $info['email'] = isset($_POST['email']) ? hy_check($_POST['email'], 'e') : ''; $info['phone'] = isset($_POST['phone']) ? hy_check($_POST['phone'], 'n') : ''; $info['content'] = isset($_POST['content']) ? hy_substr($_POST['content'], '255') : ''; $info['ip'] = hy_getIP(); $info['created'] = $_SERVER['REQUEST_TIME']; if ($info['name'] == '#@_error') { $result['content'] = '名字格式错误'; print_r(json_encode($result)); exit; } if ($info['email'] == '#@_error') { $result['content'] = '邮件格式错误'; print_r(json_encode($result)); exit; } if ($info['phone'] == '#@_error') { $result['content'] = '电话格式错误'; print_r(json_encode($result)); exit; } $check = Model('forms')->check_ip(array('ip' => $info['ip'], 'table' => 'forms_log_1')); if (!$check) { $result['content'] = '你提交得太频繁了'; print_r(json_encode($result)); exit; } $res = Model('forms')->insert($info, 'forms_log_1'); if ($res) { $result['error'] = 0; $result['content'] = '添加成功'; } else { $result['content'] = '系统繁忙'; } print_r(json_encode($result)); exit; }
public function update_store() { $res = array('error' => 1, 'content' => ''); $info['area_id'] = yf_empty(intval($_POST['area_id']), "系统错误"); $info['kind_id'] = yf_empty(intval($_POST['kind_id']), "请选择店铺分类"); $info['store_name'] = yf_empty($_POST['store_name'], "请输入店铺名称"); $info['store_code'] = yf_empty($_POST['store_code'], "请输入标识建筑"); $info['store_member'] = yf_empty($_POST['store_member'], "请输入店铺负责人"); $info['store_phone'] = yf_empty($_POST['store_phone'], "请输入联系电话"); $info['store_tel'] = yf_empty($_POST['store_tel'], "请输入固定电话"); $info['store_long'] = yf_empty($_POST['store_long'], 113.270793, true); $info['store_lat'] = yf_empty($_POST['store_lat'], 23.135308, true); if (hy_check($info['store_phone'], 'm') == '#@_error') { $res['content'] = "输入的联系电话格式不正确"; $this->showMsg($res); } if (hy_check($info['store_tel'], 't') == '#@_error') { $res['content'] = "输入的固定电话格式不正确"; $this->showMsg($res); } $info['store_address'] = yf_empty($_POST['store_address'], "请输入店铺地址"); $info['store_thumb'] = yf_empty($_POST['store_thumb'], '', true); $info['store_des'] = yf_empty($_POST['store_des'], ''); $store_id = yf_empty(intval($_POST['store_id']), 'System Error'); $old_kind = Model('kind')->get_store_info($store_id); $id = Model('kind')->update_store($info, $store_id); if ($id) { if ($old_kind['kind_id'] != $info['kind_id']) { Model('kind')->update_kind_count($info['kind_id'], 1); Model('kind')->update_kind_count($old_kind['kind_id'], 0); } $res = array('error' => 0, 'content' => '修改成功'); } else { $res['content'] = "修改失败"; } $this->showMsg($res); }
public function submit() { $result = array('error' => 1, 'content' => ''); $info['name'] = isset($_POST['name']) ? hy_check($_POST['name'], 'ur') : ''; $info['email'] = isset($_POST['email']) ? hy_check($_POST['email'], 'e') : ''; $info['phone'] = isset($_POST['phone']) ? hy_check($_POST['phone'], 'n') : ''; $info['content'] = isset($_POST['content']) ? hy_substr($_POST['content'], '255') : ''; $info['ip'] = hy_getIP(); $info['created'] = $_SERVER['REQUEST_TIME']; $this->assign_global(); if ($_POST['name'] == '' || $_POST['email'] == '' || $_POST['phone'] == '' || $_POST['content'] == '') { $result['content'] = '请填写完整'; print_r(json_encode($result)); exit; } if ($info['name'] == '#@_error') { $result['content'] = '名字格式错误'; print_r(json_encode($result)); exit; } if ($info['email'] == '#@_error') { $result['content'] = '邮件格式错误'; print_r(json_encode($result)); exit; } if ($info['phone'] == '#@_error') { $result['content'] = '电话格式错误'; print_r(json_encode($result)); exit; } $check = Model('forms')->check_ip(array('ip' => $info['ip'], 'table' => 'forms_log_1')); if (!$check) { $result['content'] = '你提交得太频繁了'; print_r(json_encode($result)); exit; } $res = Model('forms')->insert($info, 'forms_log_1'); $mail = new PHPMailer(); $mail->IsSMTP(); // Set mailer to use SMTP $mail->Host = C('smtp'); // Specify main and backup server $mail->SMTPAuth = true; // Enable SMTP authentication $mail->Username = C('smtp_username'); // SMTP username $mail->Password = C('smtp_password'); // SMTP password $mail->From = C('smtp_email'); //$mail->FromName = 'Vancca'; $mail->AddAddress('*****@*****.**', 'Josh Adams'); // Add a recipient $mail->WordWrap = 50; // Set word wrap to 50 characters $mail->Subject = '留言'; $mail->Body = '<p>名称:' . $info['name'] . '</p><p>邮箱:' . $info['email'] . '</p><p>电话:' . $info['phone'] . '</p><p>留言:' . $info['content'] . '</p>'; $mail->AltBody = '<p>名称:' . $info['name'] . '</p><p>邮箱:' . $info['email'] . '</p><p>电话:' . $info['phone'] . '</p><p>留言:' . $info['content'] . '</p>'; $mail->Send(); if ($res) { $result['error'] = 0; $result['content'] = '添加成功'; } else { $result['content'] = '系统繁忙'; } print_r(json_encode($result)); exit; }
/** * 添加商品 */ public function new_goods() { $this->admin_priv('add_goods', 2); $result = array('error' => 1, 'content' => ''); $en_name = isset($_POST['en_name']) ? $_POST['en_name'] : ''; $info['goods_name'] = isset($_POST['goods_name']) ? CH_SC . $_POST['goods_name'] . DIG_EC . EN_SC . $en_name . DIG_EC : ''; $en_brief = isset($_POST['en_brief']) ? $_POST['en_brief'] : ''; $info['goods_brief'] = isset($_POST['goods_brief']) ? CH_SC . $_POST['goods_brief'] . DIG_EC . EN_SC . $en_brief . DIG_EC : ''; $en_desc = isset($_POST['en_desc']) ? $_POST['en_desc'] : ''; $info['goods_desc'] = isset($_POST['goods_desc']) ? CH_SC . $_POST['goods_desc'] . DIG_EC . EN_SC . $en_desc . DIG_EC : ''; $info['market_price'] = hy_check($_POST['market_price'], 'f'); $info['shop_price'] = hy_check($_POST['shop_price'], 'f'); $info['goods_num'] = hy_check($_POST['goods_num'], 'n'); $info['goods_sn'] = empty($_POST['goods_sn']) ? '' : $_POST['goods_sn']; $info['goods_type'] = intval($_POST['goods_type']); $info['recommend_type'] = intval($_POST['recommend_type']); $info['goods_status'] = intval($_POST['status']); $info['goods_thumb'] = $_POST['goods_thumb']; $info['page_title'] = $_POST['page_title']; $info['keywords'] = $_POST['keywords']; $info['abstract'] = $_POST['abstract']; $info['weixin_chain'] = $_POST['weixin_chain']; $info['external_chain'] = $_POST['external_chain']; $info['brand_id'] = intval($_POST['brand_id']); $info['cat_id'] = intval($_POST['cat_id']); $info['createtime'] = $_SERVER['REQUEST_TIME']; $photo = is_array($_POST['photo']) ? $_POST['photo'] : array($_POST['photo']); $link = is_array($_POST['link_goods']) ? $_POST['link_goods'] : array($_POST['link_goods']); $attr_pid = is_array($_POST['attr_pid']) ? $_POST['attr_pid'] : array($_POST['attr_pid']); $attr_val = is_array($_POST['attr_name']) ? $_POST['attr_name'] : array($_POST['attr_name']); $attr_img = is_array($_POST['attr_img']) ? $_POST['attr_img'] : array($_POST['attr_img']); $goods = Model('goods'); foreach ($_POST as $k => $v) { if (preg_match('/^(val_spec_)/', $k)) { $spec[$k] = $v; } elseif (preg_match('/^spec_/', $k)) { $specname[$k] = $v; } } $spec = $this->format_spec($specname, $spec); $goods_id = $goods->insert($info, 'goods'); if ($goods_id) { if ($spec[0] != '') { //插入规格 foreach ($spec as $k => $v) { $spec[$k]['goods_id'] = $goods_id; } $goods->insert($spec, 'goods_spec_extend'); } //插入相册 if ($photo[0] != '') { $photo_arr = array(); foreach ($photo as $k => $v) { $photo_arr[$k]['goods_id'] = $goods_id; $photo_arr[$k]['original_pic'] = $v; } $goods->insert($photo_arr, 'goods_gallery'); } //保存属性 if ($attr_pid[0] != '') { $attr_info = array(); foreach ($attr_pid as $k => $v) { $attr_info[$k]['goods_id'] = $goods_id; $attr_info[$k]['attr_value'] = $attr_val[$k]; $attr_info[$k]['goods_img'] = $attr_img[$k]; $attr_info[$k]['attr_id'] = $attr_pid[$k]; } $goods->insert($attr_info, 'goods_attr_extend'); } //关联商品 if ($link[0] != '') { $link_goods = array(); foreach ($link as $k => $v) { $link_goods[$k]['goods_id'] = $goods_id; $link_goods[$k]['link_goods'] = $v; } $goods->insert($link_goods, 'link_goods'); } $result['error'] = 0; $result['content'] = Lang('SUCCESS_ADD'); } else { $result['content'] = Lang('INVALID_OPERATION'); } $this->showMsg($result); }
/** * 登录操作 */ public function act_login() { $username = isset($_POST['username']) ? hy_check($_POST['username'], 'un', 15) : ''; $password = isset($_POST['password']) ? hy_check($_POST['password'], '', 20) : ''; $captcha = isset($_POST['captcha']) ? $_POST['captcha'] : ''; $check_vali = $this->validator($captcha); if (!$check_vali || $captcha == '') { $this->showMsg('验证码错误', 'index.php?g=admin&m=index&a=login'); } if ($username == '#@_error' || $password == '#@_error') { Error::log('[后台登录错误]' . $_POST['username'] . '--' . hy_getIP(), ADMIN_LOG); $this->showMsg(Lang('账号或者密码错误'), '/qq_admin.php'); } if (Model('index')->check_user($username, $password)) { header("Location:index.php?g=admin&m=index&a=index"); } else { Error::log('[后台登录错误]' . $_POST['username'] . '--' . hy_getIP(), ADMIN_LOG); $this->showMsg(Lang('账号或者密码错误'), 'index.php?g=admin&m=index&a=login'); } }
/** * 更新管理员编辑信息 */ public function update_admin() { $res = array('error' => 1, 'content' => ''); $id = yf_empty($_POST['id'], 0, true); $info['username'] = yf_empty(trim($_POST['username']), "用户名不能为空"); $info['qq'] = yf_empty(intval($_POST['qq']), "QQ不能为空"); $info['email'] = yf_empty($_POST['email'], "邮箱不能为空"); $info['group_id'] = yf_empty(intval($_POST['group_id']), "请选择管理组"); $info['password'] = yf_empty(trim($_POST['new_password']), "", true); $confirm_password = yf_empty(trim($_POST['confirm_password']), "", true); if (!empty($info['password']) && !empty($confirm_password)) { if ($confirm_password != $info['password']) { $res['content'] = Lang('twice_pwd_not_match'); $this->showMsg($res); } if (strlen($info['password']) < 6) { $res['content'] = Lang('PWD_TOO_SHORT'); $this->showMsg($res); } $info['password'] = md5($info['password']); } else { unset($info['password']); } if (hy_check($info['email'], "e") == '#@_error') { $res['content'] = Lang('EMAIL_FORMAT_ERROR'); $this->showMsg($res); } if (Model('admin')->checkInfo($info['username'], $info['email'], $id)) { $info['modified'] = yf_time(); if (Model('admin')->updateInfo($info, $id)) { $res = array('error' => 0, 'content' => Lang('SUCCESS_EDIT')); } else { $res['content'] = Lang('INVALID_OPERATION'); } } else { $res['content'] = "用户名或者邮箱已被使用"; } $this->showMsg($res); }
public function act_login() { $result = array('error' => 1, 'content' => '', 'url' => ''); if (isset($_SESSION['account']) && isset($_SESSION['pwd'])) { $username = isset($_POST[$_SESSION['account']]) ? hy_check($_POST[$_SESSION['account']], 'n', 15) : ''; $password = isset($_POST[$_SESSION['pwd']]) ? hy_check($_POST[$_SESSION['pwd']], '', 30) : ''; if ($username == '#@_error' || $password == '#@_error') { $result['content'] = Lang('LOGIN_ERR'); } else { if (Model('user')->check_user($username, $password)) { $result['error'] = 0; $result['content'] = Lang('WELCOME_BACK'); if (REWRITE == 1) { $result['url'] = '/user/index.html'; } else { $result['url'] = '/index.php?g=home&m=user&a=index'; } } else { $result['content'] = Lang('LOGIN_ERR'); } } die(json_encode($result)); } else { exit; } }
public function help_set() { $res = array('error' => 1, 'content' => '', 'url' => ''); $info['username'] = yf_empty($_POST['username'], "请输入自己的姓名"); $info['mobile'] = yf_empty($_POST['mobile'], "请输入自己的手机"); if (hy_check($info['mobile'], 'm') == '#@_error') { $res['content'] = "输入的手机格式不正确"; $this->showMsg($res); } $info['title'] = yf_empty($_POST['title'], "请输入标题"); $info['message'] = yf_empty($_POST['message'], "请输入评价内容"); $info['rank'] = yf_empty(intval($_POST['rank']), 0, true); if ($info['rank'] == 0) { $res['content'] = "请给ta打分"; $this->showMsg($res); } $info['address'] = yf_empty($_POST['address'], '', true); $info['from_id'] = yf_empty(intval($_POST['from_id']), "系统繁忙"); $info['to_id'] = yf_empty(intval($_POST['to_id']), "系统繁忙"); $info['created'] = yf_time(); $id = Model('attend')->insert_comment($info); if ($id) { $res['error'] = 0; $res['content'] = "提交成功"; $res['url'] = "index.php?g=mobile&m=index&a=index"; } else { $res['content'] = "系统繁忙"; } $this->showMsg($res); }
/** * 添加字段信息 */ public function new_field() { $this->admin_priv('add_word'); $result = array('error' => 1, 'content' => ''); $info['data'] = yf_empty($_POST['data'], '数据库字段不能为空'); $info['type'] = yf_empty($_POST['type'], 0, true); $en_name = yf_empty($_POST['en_name'], '', true); $name = yf_empty($_POST['name'], '注释名称不能为空'); $info['name'] = isset($_POST['name']) ? CH_SC . $name . DIG_EC . EN_SC . $en_name . DIG_EC : ''; $en_tips = yf_empty($_POST['en_tips'], '', true); $info['tips'] = isset($_POST['tips']) ? CH_SC . $_POST['tips'] . DIG_EC . EN_SC . $en_tips . DIG_EC : ''; $en_default = yf_empty($_POST['en_default'], '', true); $info['default_val'] = isset($_POST['default']) ? CH_SC . $_POST['default'] . DIG_EC . EN_SC . $en_default . DIG_EC : ''; $en_field = is_array($_POST['en_field']) ? implode('::', $_POST['en_field']) : $_POST['en_field']; $info['field'] = is_array($_POST['field']) ? CH_SC . implode('::', $_POST['field']) . DIG_EC . EN_SC . $en_field . DIG_EC : CH_SC . $_POST['field'] . DIG_EC . EN_SC . $en_field . DIG_EC; $info['pattern'] = yf_empty($_POST['pattern'], 0, true); if (hy_check($info['data'], 'un') == '#@_error') { $result['content'] = '数据库字段不合规范'; $this->showMsg($result); } $id = Model('forms')->check_same_data($info['data']); if ($id > 0) { $result['content'] = "该数据库字段已存在,请换一个"; $this->showMsg($result); } $res = Model('forms')->insert($info, 'fields'); if ($res) { $result['error'] = 0; $result['content'] = Lang('SUCCESS_ADD'); } else { $result['content'] = Lang('INVALID_OPERATION'); } $this->showMsg($result); }
/** * 更新菜单栏目信息 */ public function update_menu() { $this->admin_priv('editmenu'); $id = yf_empty(intval($_POST['id']), '', true); $info['parent_id'] = yf_empty(intval($_POST['parent_id']), 0, true); $info['name'] = yf_empty($_POST['name'], Lang('title_empty')); $en_name = yf_empty($_POST['en_name'], "", true); $info['name'] = CH_SC . $info['name'] . DIG_EC . EN_SC . $en_name . DIG_EC; $info['is_show'] = yf_empty(intval($_POST['is_show']), 0, true); $info['nav_pos'] = is_array($_POST['nav_pos']) ? implode(',', $_POST['nav_pos']) : $_POST['nav_pos']; $info['code'] = yf_empty(trim(strtolower($_POST['code'])), "栏目别名不能为空"); $info['is_extend_links'] = yf_empty(intval($_POST['is_extend_links']), 0, true); $data = array('error' => 1, 'content' => ''); if ($info['parent_id'] == $id) { $data['content'] = Lang('PARENT_ID_ERR'); $this->showMsg($data); } if (hy_check($info['code'], 'un') == '#@_error') { $data['content'] = Lang('code_error'); $this->showMsg($data); } if ($info['is_extend_links'] == 1) { $info['redirect_url'] = yf_empty($_POST['redirect_url'], "", true); if (hy_check($info['redirect_url'], 'u') == '#@_error' && $info['redirect_url'] != 'http://') { $data['content'] = Lang('url_error'); $this->showMsg($data); } $info['type'] = ''; $info['page_title'] = ''; $info['keywords'] = ''; $info['description'] = ''; } else { $info['thumb'] = yf_empty($_POST['thumb'], '', true); $info['type'] = yf_empty($_POST['type'], '', true); $info['page_title'] = yf_empty($_POST['page_title'], '', true); $info['keywords'] = yf_empty($_POST['keywords'], '', true); $info['description'] = yf_empty($_POST['description'], '', true); $info['redirect_url'] = ''; } if (Model('menu')->check_code($info['code'], $id)) { $result = Model('menu')->update_menu($info, $id); if ($result) { $data['error'] = 0; $data['content'] = Lang('SUCCESS_EDIT'); } else { $data['content'] = Lang('INVALID_OPERATION'); } $this->showMsg($data); } else { $data['content'] = Lang('CODE_REPEATING'); $this->showMsg($data); } }
public function update_user() { $res = array('error' => 1, 'content' => '系统繁忙', 'url' => "index.php?g=mobile&m=index&a=index"); $data['area_id'] = yf_empty(intval($_POST['area_id']), 0, true); $data['first'] = 1; if ($data['area_id'] == 0) { $data['first'] = 0; } $info['username'] = yf_empty($_POST['username'], "请输入姓名"); $info['mobile'] = yf_empty($_POST['mobile'], "请输入手机"); if (hy_check($info['mobile'], 'm') == '#@_error') { $res['content'] = "输入的手机格式不正确"; $this->showMsg($res); } $id = Model('index')->update_info($data, $info, $_SESSION['wxid']); if ($id) { $res['error'] = 0; $res['content'] = "修改成功"; } $this->showMsg($res); }
public function testemail() { $smtp = $_POST['smtp']; $smtp_username = $_POST['smtp_username']; $smtp_password = $_POST['smtp_password']; $smtp_email = $_POST['smtp_email']; $test_email = $_POST['test_email']; $content = '<p>Hello,欢迎使用Qiaqia CMS</p>'; $result = array('error' => 1, 'content' => '发送失败'); if ($test_email == '' || hy_check($test_email, 'e') == '#@_error') { $result['content'] = '测试地址格式不正确'; $this->showMsg($result); } $mail = new PHPMailer(); $mail->IsSMTP(); // Set mailer to use SMTP $mail->Host = $smtp; // Specify main and backup server $mail->SMTPAuth = true; // Enable SMTP authentication $mail->Username = $smtp_username; // SMTP username $mail->Password = $smtp_password; // SMTP password $mail->From = $smtp_email; $mail->FromName = '维赛网络科技有限公司'; $mail->AddAddress($test_email, 'Hungry'); // Add a recipient //$mail->AddAddress('*****@*****.**', 'shawn'); // Add a recipient $mail->WordWrap = 50; // Set word wrap to 50 characters $mail->Subject = 'Qiaqia CMS 测试邮件'; $mail->Body = $content; $mail->AltBody = $content; $res = $mail->Send(); if ($res) { $result['error'] = 0; $result['content'] = '发送成功'; } $this->showMsg($result); }