function check_allowed_category($category_id, $text = false)
{
if (LZ_MODULE != 'admin') {
return true;
}
if ($_SESSION['login_user']['limit_category_id'] && !$_SESSION['login_user']['rights']['categroy_' . $category_id]) {
if ($text) {
echo LANG_NOT_ALLOWED;
die;
} else {
lz_exit(LANG_NOT_ALLOWED);
}
} else {
return true;
}
}
lz_exit(LANG_PUBLISHED_ERROR, "javascript:history.go(-1);");
}
}
}
}
//添加项目
if ($action == 'new_item') {
include_once 'plugin/fckeditor/fckeditor.php';
$temp = template('item_new.html');
$temp->assign(array('item' => $_POST, 'categories' => $category->get_list(), 'publish_time' => time(), 'category_id' => $category_id, 'login_user' => $_SESSION['login_user'], 'category_tree' => print_category_tree($category->tree_category(0, 1), $category_id)));
$view_data['page_description'] = lang('NEW_ITEM');
$view_data['page_content'] = $temp->result();
} else {
if ($action == 'edit_item') {
if (!$item_id) {
lz_exit("need item_id!", 'javascript:history.go(-1)', 5);
}
include_once 'plugin/fckeditor/fckeditor.php';
$temp = template('item_new.html');
$_item = count($_POST) > 0 ? $_POST : $item->get_one($item_id);
if ($category_id) {
$_category = $category->get_one($category_id);
}
$author = $db->get_all("select * from lz_author where aid={$item_id}");
$keywords = $db->get_all("select * from lz_keyword where aid={$item_id}");
$temp->assign(array('item' => $_item, 'authors' => $author, 'keywords' => $keywords, 'publish_time' => $_item['publish_time'], 'item_id' => $item_id, 'categories' => $category->get_list(), 'category_id' => $category_id, 'page_type' => $page_type, 'category_name' => $_category['name'], 'login_user' => $_SESSION['login_user'], 'category_tree' => print_category_tree($category->tree_category(0), $_item['category_id'])));
$view_data['page_description'] = $page_type == 'category' ? lang('EDIT_PAGE') : lang('EDIT_ITEM');
$view_data['page_content'] = $temp->result();
} else {
$this_category = $category->get_one($category_id);
if ($this_category['status'] == '2') {
<?php
LZ_MODULE != 'admin' && die('Access Denied');
$m = $_GET['m'];
include_once 'model/config.php';
$config = new LZ_Config();
$config_id = intval($_GET['config_id']);
if ($m == "new_config") {
$data = filter_array($_POST, 'name!,description!,type!');
if ($data) {
if ($config->add($data)) {
lz_exit(lang('CONFIG_NEW_SUCCESS'), 'admin.php?p=config', 1);
} else {
$action = 'new_category';
$err_msg = lang('CONFIG_NEW_ERROR');
}
} else {
$action = 'new_config';
$err_msg = lang('CONFIG_FILL_ALL');
$view_data['thisconfig'] = $_POST;
}
}
$view_data['err_msg'] = $err_msg;
$view_data['config_list'] = $config->get_list();
$view_data['page_description'] = lang('TITLE');
$category_id = intval($_GET['category_id']);
$item_id = intval($_GET['item_id']);
$_SESSION['category_id'] = $category_id;
include_once 'model/category.php';
$category = new LZ_Category();
include_once 'model/item.php';
$item = new LZ_Item();
if ($m == 'new_category') {
$data = filter_array($_POST, 'name!');
$data['parent_id'] = $category_id;
if (!$data['parent_id']) {
$data['parent_id'] = 0;
}
if ($data) {
if ($category->add($data)) {
lz_exit(lang('CATEGORY_NEW_SUCCESS'), 'admin.php?p=category&category_id=' . $data['parent_id'], 1);
} else {
$action = 'new_category';
$err_msg = lang('CATEGOTY_NEW_ERROR');
}
} else {
$action = 'new_category';
$err_msg = lang('CATEGOTY_FILL_ALL');
$view_data['category'] = $_POST;
}
}
//显示分类和项目列表
$categories = $category->get_list(array('parent_id' => $category_id));
$_tree = $category->tree_category(0);
$view_data['all_category'] = print_category_tree_link('admin.php?p=category&category_id=', $_tree, $category_id);
$view_data['categories'] = $categories;
<?php
LZ_MODULE != 'admin' && die('Access Denied');
filter_array($_GET, 'm,action,intval:paper_id,status', true);
$status = isset($_GET['status']) ? $_GET['status'] : '0,1,2';
include_once 'model/paper.php';
$paper = new LZ_paper();
if ($m == 'status') {
$status = intval($_GET['status']);
$this_paper = $paper->get_one($paper_id);
if ($paper->update($paper_id, array('status' => $status))) {
lz_exit('Success', 'admin.php?p=paper');
} else {
lz_exit('error', "javascript:history.go(-1);");
}
}
if ($action == "view") {
include_once 'model/paper_file.php';
$paper_file = new LZ_Paper_File();
$temp = template('paper_view.html');
$temp->assign(array('paper' => $paper->get_one($paper_id), 'files' => $paper_file->get_list(array('paper_id' => $paper_id))));
$view_data['page_description'] = "查看";
$view_data['page_content'] = $temp->result();
} else {
//分页处理
$cond = array('status' => $status);
$papers = lz_page($paper, $cond, intval($config['admin_paper_page_size']) ? intval($config['admin_paper_page_size']) : 20);
$view_data['papers'] = $papers;
$view_data['page_description'] = lang('paper_LIST');
}
$view_data['err_msg'] = $err_msg;
$total = 0;
foreach ($data['qs'] as $q) {
$ans = 'array(';
foreach ($q['answer'] as $a) {
$ans .= " array('name'=>'" . addslashes($a[name]) . "','mark'=>'{$a['mark']}'),";
}
$ans .= ');';
$data = array('name' => $q['name'], 'mark' => $q['mark'], 'answer' => $ans, 'exam_id' => $data['exam_id']);
if ($question->add($data)) {
$total++;
}
}
$_SESSION['import_content'] = null;
lz_exit("成功添加了 {$total} 道题目!", "admin.php?p=question&exam_id=" . $data['exam_id'], 2);
} else {
lz_exit("参数错误", "javascript:history.go(-1)", 1);
}
}
}
}
}
//添加项目
if ($action == 'new_question') {
$temp = template('question_new.html');
$temp->assign(array('question' => $_POST, 'answer' => $_POST['answer'], 'exam_id' => $exam_id, 'login_user' => $_SESSION['login_user']));
$view_data['page_description'] = "往 \"" . $this_exam['name'] . "\" 添加题目";
$view_data['page_content'] = $temp->result();
} else {
if ($action == 'import') {
$temp = template('question_import.html');
$temp->assign(array('content' => $_SESSION['import_content'], 'exam_id' => $exam_id, 'login_user' => $_SESSION['login_user'], 'total_mark' => $total_mark, 'qs' => $qs));
}
}
$_temp = template('login_ajax.html');
$view_html = $_temp->result();
} else {
if ($module == 'admin') {
if ($m == 'login') {
include_once 'model/user.php';
$user = new LZ_User();
//$user->test($_GET['name']);
$data = filter_array($_POST, 'name!,lz_encode:password!');
if ($data) {
$u = $user->check_password($data['name'], $data['password']);
if ($u['user_id']) {
$_SESSION['login_user'] = $u;
lz_exit(lang('LOGIN_SUCCESS'), $back_url, 1);
} else {
$err_msg = lang('LOGIG_ERROR');
}
}
} else {
if ($m == 'logout') {
$_SESSION['login_user'] = null;
lz_exit(lang('LOGOUT_SUCCESS'), $back_url, 1);
}
}
$_temp = template('login.html');
$_temp->assign('err_msg', $err_msg);
$view_html = $_temp->result();
}
}
<?php
LZ_MODULE != 'admin' && die('Access Denied');
include_once 'model/category.php';
$category = new LZ_Category();
include_once 'model/item.php';
$item = new LZ_Item();
$result = $item->update($_POST['id'], array("recommend" => $_POST['recommend']));
if ($result) {
lz_exit(lang('提交成功'), 'admin.php?p=item', 1);
} else {
lz_exit(lang('提交失败'), 'admin.php?p=item', 1);
}
$data = filter_array($_POST, 'name!');
if ($data && $rights->add($data)) {
lz_exit(lang('rights_add_success'), 'admin.php?p=rights');
} else {
lz_exit(lang('rights_add_failed'), 'admin.php?p=rights');
}
} elseif ($m == 'config' && $rights_id) {
$r = array();
foreach ($_POST as $key => $val) {
if (strtolower($val) == 'on') {
$r[] = $key;
}
}
$data['rights'] = join(',', $r);
if ($rights->update($rights_id, $data)) {
lz_exit(lang('rights_updated'), 'admin.php?p=rights');
}
}
if ($rights_id) {
$_SESSION['login_user']['rights']['limit_category_id'] = false;
$view_data['rights'] = $lz_rights;
$arr = $rights->get_one($rights_id);
$view_data['this_group'] = $arr;
$category->flat_tree($category->tree_category(0), $view_data['categories']);
$r = explode(',', $arr['rights']);
foreach ($r as $val) {
$view_data['this_rights'][$val] = true;
}
}
$view_data['groups'] = $rights->get_list();
$view_data['page_description'] = lang('rights');
