public function lists()
{
$top_more_button[] = array('title' => '导入数据', 'url' => U('import'));
$this->assign('top_more_button', $top_more_button);
$model = $this->getModel('credit_data');
$map['token'] = get_token();
if (!empty($_GET['uid'])) {
$uidArr = wp_explode($_GET['uid']);
$map['uid'] = array('in', $uidArr);
} elseif (!empty($_REQUEST['nickname'])) {
$map['uid'] = array('in', D('Common/User')->searchUser($_REQUEST['nickname']));
}
if (!isset($map['uid'])) {
$map['uid'] = array('exp', '>0');
}
if (!empty($_REQUEST['credit_name'])) {
$map['credit_name'] = safe($_REQUEST['credit_name']);
}
if (!empty($_REQUEST['start_time']) && !empty($_REQUEST['end_time'])) {
$map['cTime'] = array('between', '"' . intval($_REQUEST['start_time']) . ',' . intval($_REQUEST['start_time']) . '"');
} elseif (!empty($_REQUEST['start_time'])) {
$map['cTime'] = array('egt', intval($_REQUEST['start_time']));
} elseif (!empty($_REQUEST['end_time'])) {
$map['cTime'] = array('elt', intval($_REQUEST['end_time']));
}
session('common_condition', $map);
$list_data = $this->_get_model_list($model);
foreach ($list_data['list_data'] as &$vo) {
$vo['uid'] = get_nickname($vo['uid']);
}
$this->assign($list_data);
// dump($list_data);
$this->display();
}
public static function InsertProducts($ProductsObject)
{
$DataBaseHelper = new DataAccessHelper();
$sql = "INSERT INTO `product` (`product_id`,`product_details_url`) VALUES ('" . NULL . "','" . safe($ProductsObject->product_details_url) . "')";
echo $sql . "<br/>";
return $DataBaseHelper->ExecuteInsertReturnID($sql);
}
private function _dealWeixinPost()
{
$content = wp_file_get_contents('php://input');
vendor('WXBiz.wxBizMsgCrypt');
$this->sReqTimeStamp = I('get.timestamp');
$this->sReqNonce = I('get.nonce');
$this->sEncryptMsg = I('get.msg_signature');
$this->wxcpt = new \WXBizMsgCrypt('weiphp', '0c79e1fa963cd80cc0be99b20a18faeb', 'wx2685aca90abe2895');
$sMsg = "";
// 解析之后的明文
$errCode = $this->wxcpt->DecryptMsg($this->sEncryptMsg, $this->sReqTimeStamp, $this->sReqNonce, $content, $sMsg);
if ($errCode != 0) {
addWeixinLog($_GET, "DecryptMsg Error: " . $errCode);
return false;
} else {
// 解密成功,sMsg即为xml格式的明文
$content = $sMsg;
}
$data = new \SimpleXMLElement($content);
// $data || die ( '参数获取失败' );
foreach ($data as $key => $value) {
$this->data[$key] = safe(strval($value));
}
return $data;
}
public function doLogin()
{
$email = safe($_POST['email']);
$password = safe($_POST['password']);
$remember = 1;
if (empty($email) || empty($password)) {
// $this->redirect(U('w3g/Public/login'), 3, '用户名和密码不能为空');
echo '用户名或密码不能为空';
exit;
}
if (!isValidEmail($email)) {
// $this->redirect(U('w3g/Public/login'), 3, 'Email格式错误,请重新输入');
echo 'Email格式错误,请重新输入';
exit;
}
if ($user = model('Passport')->getLocalUser($email, $password)) {
// dump($user);
if ($user['is_active'] == 0) {
// $this->redirect(U('w3g/Public/login'), 3, '帐号尚未激活,请激活后重新登录');
echo '帐号尚未激活,请激活后重新登录';
exit;
}
model('Passport')->loginLocal($email, $password, $remember);
$this->setSessionAndCookie($user['uid'], $user['uname'], $user['email'], intval($_POST['remember']) === 1);
// $this->recordLogin($user['uid']);
// model('Passport')->registerLogin($user, intval($_POST['remember']) === 1);
echo '1';
exit;
} else {
// $this->redirect(U('w3g/Public/login'), 3, '帐号或密码错误,请重新输入');
echo '帐号或密码错误,请重新输入';
}
}
public static function var_dump($var, $highlight = false)
{
$output = '';
if ($highlight) {
$output .= '<div style="font-weight: bold;">';
}
$xdebug = ini_get('xdebug.overload_var_dump');
if (!$xdebug) {
$output .= "<pre style='overflow: auto; background: #fff; color: #222; border: 1px dotted #ddd; padding: 3px;'>";
}
// Dump into a buffer
ob_start();
var_dump($var);
$dump = ob_get_clean();
if ($xdebug) {
$output .= $dump;
} else {
$output .= safe($dump);
$output .= "</pre>";
}
if ($highlight) {
$output .= '</div>';
}
echo $output;
}
public function lists()
{
$model = $this->getModel('credit_data');
$map['token'] = get_token();
if (!empty($_GET['uid'])) {
$map['uid'] = intval($_GET['uid']);
} elseif (!empty($_REQUEST['nickname'])) {
$user_map['nickname'] = array('like', '%' . htmlspecialchars($_REQUEST['nickname']) . '%');
}
if (!isset($map['uid'])) {
$map['uid'] = array('exp', '>0');
}
if (!empty($_REQUEST['credit_name'])) {
$map['credit_name'] = safe($_REQUEST['credit_name']);
}
if (!empty($_REQUEST['start_time']) && !empty($_REQUEST['end_time'])) {
$map['cTime'] = array('between', '"' . intval($_REQUEST['start_time']) . ',' . intval($_REQUEST['start_time']) . '"');
} elseif (!empty($_REQUEST['start_time'])) {
$map['cTime'] = array('egt', intval($_REQUEST['start_time']));
} elseif (!empty($_REQUEST['end_time'])) {
$map['cTime'] = array('elt', intval($_REQUEST['end_time']));
}
session('common_condition', $map);
$list_data = $this->_get_model_list($model);
foreach ($list_data['list_data'] as &$vo) {
$vo['nickname'] = get_nickname($vo['uid']);
}
$this->assign($list_data);
// dump($list_data);
$this->display();
}
function show($widget)
{
$map['token'] = get_token();
if ($widget['data_from'] == 2) {
// 部分商品 cate_id=1,2,3&search_key=[search_key]&shopping_list=1
$condition = str_replace(array('[cate_id]', '[search_key]'), array($_REQUEST['cate_id'], $_REQUEST['search_key']), $widget['data_condition']);
parse_str($condition, $output);
if (!empty($output['cate_id'])) {
$map = getIdsForMap($output['cate_id'], $map, 'cate_id_1');
}
if (!empty($output['search_key'])) {
$key = safe($output['search_key']);
$map['title'] = array('like', "%{$key}%");
}
if (isset($output['shopping_list'])) {
// 购物清单 TODO
}
} elseif ($widget['data_from'] == 1) {
// 指定商品
$map = getIdsForMap($widget['data_ids'], $map);
}
if (isset($_REQUEST['cate_id'])) {
$cid = intval($_REQUEST['cate_id']);
$map['_string'] = ' (cate_id_1=' . $cid . ' or cate_id_2=' . $cid . ') ';
}
$list = M('shop_product')->where($map)->order($widget['order'])->selectPage($widget['list_row']);
// dump ( $list );
$this->assign('list', $list);
// dump ( $widget );
return $this->getWidgetHtml($widget);
}
function track()
{
$trace_num = isset($_POST['trace_num']) ? safe(trim($_POST['trace_num'])) : safe(trim($_GET['trace_num']));
$this->assign("trace_num", $trace_num);
if (!$trace_num) {
$this->display('goods.track.html');
}
$num = substr($trace_num, 2, 18);
preg_match("/^\\d{18}\$/", $num, $res);
if (!$res) {
$this->display('goods.track.empty.html');
return;
}
$info = $this->check->get("trace_num='{$trace_num}'");
if (empty($info)) {
$this->display('goods.track.empty.html');
return;
}
$traceinfo = $this->check->find(array("conditions" => "goods_id=" . $info['goods_id'], "fields" => 'trace_num,cid', 'order' => 'cid desc'));
$files_belong_track = $this->_uploadedfile_mod->find(array('conditions' => 'store_id = 0 AND belong = ' . BELONG_TRACK . ' AND item_id=' . $info['cid'], 'fields' => 'this.file_id, this.file_name, this.file_path', 'order' => 'add_time DESC'));
$files_belong_check = $this->_uploadedfile_mod->find(array('conditions' => 'store_id = 0 AND belong = ' . BELONG_CHECK . ' AND item_id=' . $info['cid'], 'fields' => 'this.file_id, this.file_path', 'order' => 'add_time DESC'));
$this->assign('files_belong_track', $files_belong_track);
$this->assign('files_belong_check', $files_belong_check);
$this->assign("trace", $info);
$this->assign("traceinfo", $traceinfo);
$data = $this->_get_common_info($info['goods_id']);
if ($data === false) {
return;
} else {
$data['cur_local'] = array(0 => array('text' => '追溯信息'));
$this->_assign_common_info($data);
}
$this->display('goods.track.index.html');
}
public function doRegister()
{
$email = safe($_POST['email']);
$uname = safe($_POST['uname']);
$password = safe($_POST['password']);
$repassword = safe($_POST['re_password']);
if ($password != $repassword) {
redirect(U('/Public/register', $_POST), 3, '两次的密码不符');
}
$service = model('UserRegister');
$uid = $service->register($email, $uname, $password, true);
if (!$uid) {
redirect(U('/Public/register', $_POST), 3, $service->getLastError());
} else {
//redirect(U('/Public/login'), 1, '注册成功');
if ($user = model('Passport')->getLocalUser($email, $password)) {
if ($user['is_active'] == 0) {
redirect(U('wap/Public/login'), 3, '帐号尚未激活,请激活后重新登录');
}
$result = model('Passport')->registerLogin($user);
redirect(U('wap/Index/index'));
} else {
redirect(U('wap/Public/login'), 3, '帐号或密码错误,请重新输入');
}
}
}
function array_safe($array)
{
$newArray = array();
foreach ($array as $value) {
array_push($newArray, safe($value));
}
return $newArray;
}
function safe_array( &$my_array )
{
foreach( $my_array as $key => &$value )
{
$value = safe( $value ) ;
}
return $my_array;
}
private static function init()
{
load_functions();
if (!build()) {
die('build directories error');
}
safe();
}
function getParticipantData()
{
global $participant;
$username = safe($_GET['username']);
// participant information
$participantdata = callStoredProcedure("GetParticipantDetails('" . $username . "')");
$participant = mysqli_fetch_array($participantdata);
}
function stdhead($title = "")
{
global $SITENAME, $pic_base_url;
header("Content-Type: text/html; charset=iso-8859-1");
// header("Pragma: No-cache");
if ($title == "") {
$title = $SITENAME . (isset($_GET['tbv']) ? " (" . TBVERSION . ")" : '');
} else {
$title = $SITENAME . (isset($_GET['tbv']) ? " (" . TBVERSION . ")" : '') . " :: " . safe($title);
}
//$stylesheet = "themes/default/default.css";
//require_once '../styles.php';
?>
<html><head>
<title>Pre-Coded Installer</title>
<link rel="stylesheet" href="themes/default/default.css" type="text/css">
<style type="text/css">
p {
font-family:Arial, Helvetica, sans-serif;
font-size:12px;
padding:0px 0px 0px 0px;
}
</style>
<script type="text/javascript">
var ClassName = "color";
var FocusColor = "#0099FF";
window.onload = function() {
var inputfields = document.getElementsByTagName("input");
for(var x = 0 ; x < inputfields.length ; x++ ) {
if(inputfields[x].getAttribute("class") == ClassName) {
inputfields[x].onfocus = function() {
OriginalColor = this.style.border;
this.style.border = "2px solid "+FocusColor;
}
inputfields[x].onblur = function() {
this.style.border = OriginalColor;
}
}
}
}
</script>
</head>
<body style="font-family:Arial, Helvetica, sans-serif; font-size:12px;">
<?php
$w = "width=100%";
?>
<table class=mainouter <?php
$w;
?>
border="1" cellspacing="0" cellpadding="10">
<!------------- MENU ------------------------------------------------------------------------>
<?php
}
/**
Check if config is existing
**/
public function configExist($name)
{
$req = mysql_query("SELECT value FROM habbophp_config WHERE name='" . safe($name, 'SQL') . "'");
$data = mysql_fetch_assoc($req);
if ($data['value'] != null) {
return true;
}
return false;
}
function confirm($_POST, $_FILES)
{
extract($_POST);
$importfile = tempnam("/tmp", "cubitimport_");
$file = fopen($_FILES["compfile"]["tmp_name"], "r");
if ($file == false) {
return "<li class='err'>Cannot read file.</li>" . select_file();
}
db_conn('cubit');
$Sl = "\n\t\tCREATE TABLE import_data (\n\t\t\tdes1 varchar, des2 varchar, des3 varchar, des4 varchar, \n\t\t\tdes5 varchar, des6 varchar, des7 varchar, des8 varchar, \n\t\t\tdes9 varchar, des10 varchar, des11 varchar, des12 varchar, \n\t\t\tdes13 varchar, des14 varchar, des15 varchar, des16 varchar\n\t\t)";
$Ri = @db_exec($Sl);
$Sl = "DELETE FROM import_data";
$Ri = db_exec($Sl) or errDie("Unable to clear import table");
while (!feof($file)) {
$data = safe(fgets($file, 4096));
$datas = explode(",", $data);
if (!isset($datas[10])) {
continue;
}
$Sl = "\n\t\t\tINSERT INTO import_data (\n\t\t\t\tdes1, des2, des3, des4, des5, des6, \n\t\t\t\tdes7, des8, des9, des10, des11\n\t\t\t) VALUES (\n\t\t\t\t'{$datas['0']}', '{$datas['1']}', '{$datas['2']}', '{$datas['3']}', '{$datas['4']}', '{$datas['5']}', \n\t\t\t\t'{$datas['6']}', '{$datas['7']}', '{$datas['8']}', '{$datas['9']}', '{$datas['10']}'\n\t\t\t)";
$Rl = db_exec($Sl) or errDie("Unable to insert data.");
}
fclose($file);
#get departments
db_conn('exten');
$get_deps = "SELECT * FROM departments ORDER BY deptname";
$run_deps = db_exec($get_deps) or errDie("Unable to get department information.");
if (pg_numrows($run_deps) < 1) {
return "<li class='err'>No Departments Found. Please Add A Department.</li>";
} else {
$depdrop = "<select name='department'>";
while ($darr = pg_fetch_array($run_deps)) {
$depdrop .= "<option value='{$darr['deptname']}'>{$darr['deptname']}</option>";
}
$depdrop .= "</select>";
}
$out = "\n\t\t\t<h3>Customers Import</h3>\n\t\t\t<form action='" . SELF . "' method='POST'>\n\t\t\t<input type='hidden' name='key' value='write'>\n\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t<tr>\n\t\t\t\t\t<th colspan='2'>Select Department</th>\n\t\t\t\t</tr>\n\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t<td colspan='2'>{$depdrop}</td>\n\t\t\t\t</tr>\n\t\t\t\t" . TBL_BR . "\n\t\t\t\t<tr>\n\t\t\t\t\t<th>Acc No</th>\n\t\t\t\t\t<th>Name</th>\n\t\t\t\t\t<th>Postal Address</th>\n\t\t\t\t\t<th>Delivery Address</th>\n\t\t\t\t\t<th>VAT Number</th>\n\t\t\t\t\t<th>Contact Name</th>\n\t\t\t\t\t<th>Tell</th>\n\t\t\t\t\t<th>Cell</th>\n\t\t\t\t\t<th>Fax</th>\n\t\t\t\t\t<th>Email</th>\n\t\t\t\t\t<th>Website</th>\n\t\t\t\t</tr>";
db_conn('cubit');
$Sl = "SELECT * FROM import_data";
$Ri = db_exec($Sl);
$i = 0;
$showbutton = "\n\t\t\t\t<tr>\n\t\t\t\t\t<td colspan='5' align='right'><input type='submit' value='Write »'></td>\n\t\t\t\t</tr>";
while ($fd = pg_fetch_array($Ri)) {
#check if there is a conflict ...
$get_check = "SELECT * FROM customers WHERE accno = '{$fd['des1']}' LIMIT 1";
$run_check = db_exec($get_check) or errDie("Unable to get customer information.");
if (pg_numrows($run_check) > 0) {
$fd['des1'] = "<li class='err'>{$fd['des1']}</li>";
$showbutton = "";
}
$out .= "\n\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t<td>{$fd['des1']}</td>\n\t\t\t\t\t<td>{$fd['des2']}</td>\n\t\t\t\t\t<td>{$fd['des3']}</td>\n\t\t\t\t\t<td>{$fd['des4']}</td>\n\t\t\t\t\t<td>{$fd['des5']}</td>\n\t\t\t\t\t<td>{$fd['des6']}</td>\n\t\t\t\t\t<td>{$fd['des7']}</td>\n\t\t\t\t\t<td>{$fd['des8']}</td>\n\t\t\t\t\t<td>{$fd['des9']}</td>\n\t\t\t\t\t<td>{$fd['des10']}</td>\n\t\t\t\t\t<td>{$fd['des11']}</td>\n\t\t\t\t</tr>";
$i++;
}
$out .= "\n\t\t\t\t<tr><td><br></td></tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td colspan='5'><li class='err'>Items in red indicate conflicts with current data. Please corrent the information in the import file.</li></td>\n\t\t\t\t</tr>\n\t\t\t\t{$showbutton}\n\t\t\t</form>\n\t\t\t</table>";
return $out;
}
public static function InsertProducts($ProductsObject, $table)
{
// echo '<pre>';
// print_r($ProductsObject);
// echo '</pre>';
//echo "i am here";
$DataBaseHelper = new DataAccessHelper();
$sql = "INSERT INTO `product_spec` (`id`,`product_id`, `product_spec_type`, `product_data`,`table_name`) VALUES ('" . NULL . "','" . safe($ProductsObject->GetProductID()) . "','" . safe($ProductsObject->GetProductSpecType()) . "', '" . safe($ProductsObject->GetProductData()) . "','" . safe($table) . "')";
//echo $sql."<br/>";
return $DataBaseHelper->ExecuteInsertReturnID($sql);
}
public static function InsertProducts($ProductsObject)
{
// echo '<pre>';
// print_r($ProductsObject);
// echo '</pre>';
//echo "i am here";
$DataBaseHelper = new DataAccessHelper();
$sql = "INSERT INTO `products` (`product_id`,`product_name`, `product_price`, `dis_percentange`,`before_dis_price`,`emi_availablity`,`emi_rate`,`features`,`img_url`,`category_name`,`sub_category_name`,`product_details_url`,`product_rating`) VALUES ('" . NULL . "','" . safe($ProductsObject->GetProductName()) . "','" . safe($ProductsObject->GetProductPrice()) . "', '" . safe($ProductsObject->GetDiscountDetails()) . "','" . safe($ProductsObject->GetProductBeforeDiscounePrice()) . "','" . safe($ProductsObject->GetEmi()) . "','" . safe($ProductsObject->GetEmiDetails()) . "','" . safe($ProductsObject->GetProductFeatures()) . "','" . safe($ProductsObject->GetImgUrl()) . "','" . safe($ProductsObject->GetProductCategory()) . "','" . safe($ProductsObject->GetProductSubCategory()) . "','" . safe($ProductsObject->GetProductDetailUrl()) . "','" . safe($ProductsObject->GetProductRating()) . "')";
//echo $sql."<br/>";
return $DataBaseHelper->ExecuteInsertReturnID($sql);
}
function confirm($_POST, $_FILES)
{
extract($_POST);
$importfile = tempnam("/tmp", "cubitimport_");
$file = fopen($_FILES["compfile"]["tmp_name"], "r");
if ($file == false) {
return "<li class='err'>Cannot read file.</li>" . select_file();
}
db_conn('cubit');
$Sl = "\n\t\tCREATE TABLE import_data (\n\t\t\tdes1 varchar, des2 varchar,\n\t\t\tdes3 varchar, des4 varchar,\n\t\t\tdes5 varchar, des6 varchar,\n\t\t\tdes7 varchar, des8 varchar,\n\t\t\tdes9 varchar, des10 varchar,\n\t\t\tdes11 varchar, des12 varchar,\n\t\t\tdes13 varchar, des14 varchar,\n\t\t\tdes15 varchar, des16 varchar\n\t\t)";
$Ri = @db_exec($Sl);
$Sl = "DELETE FROM import_data";
$Ri = db_exec($Sl) or errDie("Unable to clear import table");
while (!feof($file)) {
$data = safe(fgets($file, 4096));
$datas = explode(",", $data);
if (!isset($datas[2])) {
continue;
}
$code = safe($datas[0]);
$description = safe($datas[1]);
$amount = sprint($datas[3]);
$camount = sprint($datas[2]);
$balance = sprint($datas[5]);
$units = safe($datas[4]);
$Sl = "\n\t\t\tINSERT INTO import_data (\n\t\t\t\tdes1, des2, des3, des4, des5, des6\n\t\t\t) VALUES (\n\t\t\t\t'{$code}', '{$description}', '{$amount}', '{$balance}', '{$units}', '{$camount}'\n\t\t\t)";
$Rl = db_exec($Sl) or errDie("Unable to insert data.");
}
fclose($file);
#get stores
db_conn('exten');
$get_stores = "SELECT * FROM warehouses WHERE div = '" . USER_DIV . "' ORDER BY whname";
$run_stores = db_exec($get_stores) or errDie("Unable to get stores information.");
if (pg_numrows($run_stores) < 1) {
return "Unable to get stores information.";
} else {
$storedrop = "<select name='store'>";
while ($sarr = pg_fetch_array($run_stores)) {
$storedrop .= "<option value='{$sarr['whid']}'>{$sarr['whname']}</option>";
}
$storedrop .= "</select>";
}
$out = "\n\t\t<h3>Stock Import</h3>\n\t\t<form action='" . SELF . "' method='POST'>\n\t\t\t<input type='hidden' name='key' value='write'>\n\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t<tr>\n\t\t\t\t\t<th colspan='3'>Select Store</th>\n\t\t\t\t</tr>\n\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t<td colspan='3'>{$storedrop}</td>\n\t\t\t\t</tr>\n\t\t\t\t" . TBL_BR . "\n\t\t\t\t<tr>\n\t\t\t\t\t<th>Stock Code</th>\n\t\t\t\t\t<th>Description</th>\n\t\t\t\t\t<th>Cost Price</th>\n\t\t\t\t\t<th>Selling Price</th>\n\t\t\t\t</tr>";
db_conn('cubit');
$Sl = "SELECT * FROM import_data";
$Ri = db_exec($Sl);
$i = 0;
while ($fd = pg_fetch_array($Ri)) {
$out .= "\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td>{$fd['des1']}</td>\n\t\t\t\t<td>{$fd['des2']}</td>\n\t\t\t\t<td>{$fd['des6']}</td>\n\t\t\t\t<td>{$fd['des3']}</td>\n\t\t\t</tr>";
$i++;
}
$out .= "\n\t\t\t<tr>\n\t\t\t\t<td colspan='3' align='right'><input type='submit' value='Write »'></td>\n\t\t\t</tr>\n\t\t</form>\n\t\t</table>";
return $out;
}
public function doAdd()
{
$textArr = array(1 => '一', 2 => '二', 3 => '三', 4 => '四', 5 => '五', 6 => '六', 7 => '七', 8 => '八', 9 => '九', 10 => '十');
$data = json_decode($_POST['dataStr'], true);
// dump ( $_POST );
// dump ( $data );
// exit ();
$ids = array();
foreach ($data as $key => $vo) {
$save = array();
foreach ($vo as $k => $v) {
$save[$v['name']] = safe($v['value']);
}
if (empty($save['title'])) {
$this->error('请填写第' . $textArr[$key + 1] . '篇文章的标题');
}
if (empty($save['cover_id'])) {
$this->error('请上传第' . $textArr[$key + 1] . '篇文章的封面图片');
}
if (empty($save['content'])) {
$this->error('请填写第' . $textArr[$key + 1] . '篇文章的正文内容');
}
if (!empty($save['id'])) {
// 更新数据
$map2['id'] = $save['id'];
M('material_news')->where($map2)->save($save);
} else {
// 新增加
$save['cTime'] = NOW_TIME;
$save['manager_id'] = $this->mid;
$save['token'] = get_token();
$id = M('material_news')->add($save);
if ($id) {
$ids[] = $id;
} else {
if (!empty($ids)) {
$map['id'] = array('in', $ids);
M('material_news')->where($map)->delete();
}
$this->error('增加第' . $textArr[$key + 1] . '篇文章失败,请检查数据后重试');
}
}
}
if (!empty($ids)) {
$map['id'] = array('in', $ids);
$group_id = I('get.group_id', 0, 'intval');
empty($group_id) && ($group_id = $ids[0]);
M('material_news')->where($map)->setField('group_id', $group_id);
}
$this->success('操作成功', U('material_lists'));
}
function get_ip_address()
{
$mysql = mysqli_query(db(), "SELECT * FROM users WHERE username='******'username']) . "' AND id='" . safe($_COOKIE['id']) . "' AND password='******'password']) . "'");
$row = mysqli_fetch_array($mysql);
foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (array_key_exists($key, $_SERVER) === true) {
foreach (explode(',', $_SERVER[$key]) as $ip) {
if (filter_var($ip, FILTER_VALIDATE_IP) !== false) {
return $ip;
}
}
}
}
}
public function search($params)
{
$from = array_key_exists('from', $params) ? safe($params['from']) : 0;
$size = array_key_exists('size', $params) ? safe($params['size']) : 0;
$type = array_key_exists('type', $params) ? safe($params['type']) : 0;
$sort = array_key_exists('sort', $params) ? safe($params['sort']) : 0;
$order = array_key_exists('order', $params) ? safe($params['order']) : 0;
$filters = array_key_exists('filters', $params) ? safe($params['filters']) : array();
$query_terms = array_key_exists('query_terms', $params) ? safe($params['query_terms']) : '';
$query = '"match_all" : { }';
if ($query_terms) {
$query = '"query_string" : { "query" : "' . $query_terms . '" }';
}
$jsonfilters = array();
if ($type) {
$jsonfilters[] = '{ "type" : { "value" : "' . $type . '" } }';
}
foreach ($filters as $k => $v) {
if (strpos($v, '>') !== false and is_numeric(str_replace('>', '', $v))) {
$jsonfilters[] = '{ "range" : { "' . $k . '" : { "gt" : ' . str_replace('>', '', $v) . ' } } }';
} elseif (strpos($v, '<') !== false and is_numeric(str_replace('<', '', $v))) {
$jsonfilters[] = '{ "range" : { "' . $k . '" : { "lt" : ' . str_replace('<', '', $v) . ' } } }';
} elseif (strpos($v, '..') !== false and is_numeric(str_replace('..', '', $v))) {
$parts = explode("..", $v);
if (count($parts) == 2) {
$jsonfilters[] = '{ "range" : { "' . $k . '" : { "gte" : ' . $parts[0] . ', "lte" : ' . $parts[1] . ' } } }';
}
} else {
$jsonfilters[] = '{ "term" : { "' . $k . '" : "' . str_replace('_', ' ', $v) . '"} }';
}
}
$fjson = implode(',', $jsonfilters);
if (count($jsonfilters) > 1) {
$fjson = '"filter" : { "and" : [' . $fjson . '] },';
} elseif (count($jsonfilters) > 0) {
$fjson = '"filter" : ' . $fjson . ",\n";
}
$search_params['index'] = 'openml';
$search_params['body'] = '{' . '"from" : ' . $from . ",\n" . ($size ? '"size" : ' . $size . ",\n" : '') . '"query" : {' . $query . '}, ' . ($sort ? '"sort" : { "' . $sort . '" : "' . $order . '" },' : '') . ($fjson ? $fjson : '') . '"highlight" : {
"fields" : {
"_all" : {}
}
},' . "\n" . '"facets" : {
"type" : {
"terms" : { "field" : "_type"}
}
}
}';
return $this->_search($search_params);
}
function confirm($_POST, $_FILES)
{
extract($_POST);
$importfile = tempnam("/tmp", "cubitimport_");
$file = fopen($_FILES["compfile"]["tmp_name"], "r");
if ($file == false) {
return "<li class='err'>Cannot read file.</li>" . select_file();
}
db_conn('cubit');
$Sl = "\n\t\tCREATE TABLE import_data (\n\t\t\tdes1 varchar, des2 varchar,\n\t\t\tdes3 varchar, des4 varchar,\n\t\t\tdes5 varchar, des6 varchar,\n\t\t\tdes7 varchar, des8 varchar,\n\t\t\tdes9 varchar, des10 varchar,\n\t\t\tdes11 varchar, des12 varchar,\n\t\t\tdes13 varchar, des14 varchar,\n\t\t\tdes15 varchar, des16 varchar\n\t\t)";
$Ri = @db_exec($Sl);
$Sl = "DELETE FROM import_data";
$Ri = db_exec($Sl) or errDie("Unable to clear import table");
while (!feof($file)) {
$data = safe(fgets($file, 4096));
$datas = explode(",", $data);
if (!isset($datas[7])) {
continue;
}
$Sl = "\n\t\t\tINSERT INTO import_data (\n\t\t\t\tdes1, des2, des3, des4, des5, \n\t\t\t\tdes6, des7, des8\n\t\t\t) VALUES (\n\t\t\t\t'{$datas['0']}', '{$datas['1']}', '{$datas['2']}', '{$datas['3']}', '{$datas['4']}', \n\t\t\t\t'{$datas['5']}', '{$datas['6']}', '{$datas['7']}'\n\t\t\t)";
$Rl = db_exec($Sl) or errDie("Unable to insert data.");
}
fclose($file);
#get supplier department
db_conn('exten');
$get_deps = "SELECT * FROM departments ORDER BY deptname";
$run_deps = db_exec($get_deps) or errDie("Unable to get department information.");
if (pg_numrows($run_deps) < 1) {
return "<li class='err'>Unable to get departments information.</li>";
} else {
$deptdrop = "<select name='department'>";
while ($darr = pg_fetch_array($run_deps)) {
$deptdrop .= "<option value='{$darr['deptid']}'>{$darr['deptname']}</option>";
}
$deptdrop .= "</select>";
}
$out = "\n\t\t\t<h3>Suppliers Import</h3>\n\t\t\t<form action='" . SELF . "' method='POST'>\n\t\t\t\t<input type='hidden' name='key' value='write'>\n\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t<tr>\n\t\t\t\t\t<th colspan='2'>Select Supplier Departments</th>\n\t\t\t\t</tr>\n\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t<td colspan='2'>{$deptdrop}</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<th>Acc No</th>\n\t\t\t\t\t<th>Name</th>\n\t\t\t\t\t<th>Address Address</th>\n\t\t\t\t\t<th>Vat Number</th>\n\t\t\t\t\t<th>Contact Name</th>\n\t\t\t\t\t<th>Tell</th>\n\t\t\t\t\t<th>Fax</th>\n\t\t\t\t\t<th>Website</th>\n\t\t\t\t</tr>";
db_conn('cubit');
$Sl = "SELECT * FROM import_data";
$Ri = db_exec($Sl);
$i = 0;
while ($fd = pg_fetch_array($Ri)) {
$out .= "\n\t\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t\t<td>{$fd['des1']}</td>\n\t\t\t\t\t<td>{$fd['des2']}</td>\n\t\t\t\t\t<td>{$fd['des3']}</td>\n\t\t\t\t\t<td>{$fd['des4']}</td>\n\t\t\t\t\t<td>{$fd['des5']}</td>\n\t\t\t\t\t<td>{$fd['des6']}</td>\n\t\t\t\t\t<td>{$fd['des7']}</td>\n\t\t\t\t\t<td>{$fd['des8']}</td>\n\t\t\t\t</tr>";
$i++;
}
$out .= "\n\t\t\t<tr>\n\t\t\t\t<td colspan='3' align='right'><input type='submit' value='Write »'></td>\n\t\t\t</tr>\n\t\t</form>\n\t\t</table>";
return $out;
}
public function __construct()
{
if ($_REQUEST['doNotInit']) {
return true;
}
$content = wp_file_get_contents('php://input');
!empty($content) || die('这是微信请求的接口地址,直接在浏览器里无效');
if ($_GET['encrypt_type'] == 'aes') {
vendor('WXBiz.wxBizMsgCrypt');
$this->sReqTimeStamp = I('get.timestamp');
$this->sReqNonce = I('get.nonce');
$this->sEncryptMsg = I('get.msg_signature');
if (isset($_GET['appid'])) {
// if ($_GET ['appid'] == 'wx570bc396a51b8ff8') {
// $info ['token'] = 'gh_3c884a361561';
// $info ['encodingaeskey'] = 'DfEqNBRvzbg8MJdRQCSGyaMp6iLcGOldKFT0r8I6Tnp';
// $info ['appid'] = 'wxea0485bef5247236';
// } else {
// $map ['appid'] = I ( 'get.appid' );
// $info = D ( 'Common/Public' )->where ( $map )->find ();
// }
$map['appid'] = I('get.appid');
$info = D('Common/Public')->where($map)->find();
} else {
$id = I('get.id');
$info = D('Common/Public')->getInfo($id);
}
get_token($info['token']);
// 设置token
$this->wxcpt = new \WXBizMsgCrypt($info['mp_token'], $info['encodingaeskey'], $info['appid']);
$sMsg = "";
// 解析之后的明文
$errCode = $this->wxcpt->DecryptMsg($this->sEncryptMsg, $this->sReqTimeStamp, $this->sReqNonce, $content, $sMsg);
if ($errCode != 0) {
addWeixinLog($_GET, "DecryptMsg Error: " . $errCode);
addWeixinLog($content, "DecryptMsg Error: content");
exit;
} else {
// 解密成功,sMsg即为xml格式的明文
$content = $sMsg;
}
}
$data = new \SimpleXMLElement($content);
// $data || die ( '参数获取失败' );
foreach ($data as $key => $value) {
$this->data[$key] = safe(strval($value));
}
}
function nameVersionConstraints($datasets, $namespace = 'dataset')
{
if (trim($datasets) === '') {
return '1';
}
$datasets = explode(',', $datasets);
$constraint_string = '';
foreach ($datasets as $dataset) {
$name = strstr($dataset, '(', true);
$version = substr($dataset, strlen($name) + 1, -1);
if (trim(safe($name)) && trim(safe($version))) {
$constraint_string .= 'OR (`' . $namespace . '`.`name` = "' . trim(safe($name)) . '" AND `' . $namespace . '`.`version` = "' . trim(safe($version)) . '") ';
}
}
$res = '(' . substr($constraint_string, 3) . ')';
return $res;
}
function admin_login()
{
safe('admin_login');
global $smarty, $lang;
$username = substr(post('username'), 0, 30);
$password = substr(post('password'), 0, 30);
if ($username == '' || $password == '') {
unset_session('admin_username');
unset_session('admin_password');
$info_text = '对不起,用户名和密码不能为空';
$link_text = '返回重新登录';
} else {
$password = md5($password);
$obj = new admin();
$obj->set_field('adm_id,adm_last_login');
$obj->set_where("adm_username = '******'");
$obj->set_where("adm_password = '******'");
$one = $obj->get_one();
if (count($one) !== 0) {
set_session('session_id', session_id());
set_session('admin_username', $username);
set_session('admin_password', $password);
$adm_id = $one['adm_id'];
$adm_prev_login = $one['adm_last_login'];
$adm_last_login = time();
$obj->set_value('adm_prev_login', $adm_prev_login);
$obj->set_value('adm_last_login', $adm_last_login);
$obj->set_where('');
$obj->set_where("adm_id = {$adm_id}");
$obj->edit();
$info_text = '欢迎使用新秀文章管理系统后台';
$link_text = '进入后台';
} else {
unset_session('session_id');
unset_session('admin_username');
unset_session('admin_password');
$info_text = '对不起,用户名不存在或密码不正确';
$link_text = '返回重新登录';
}
}
$smarty->assign('info_text', $info_text);
$smarty->assign('link_text', $link_text);
$smarty->assign('link_href', $_SERVER['PHP_SELF']);
}
function remove()
{
JRequest::checkToken() or jexit('Invalid Token');
$cid = JRequest::getVar('cid', array(0));
$row =& JTable::getInstance('Messages', 'Table');
foreach ($cid as $id) {
$id = (int) safe($id);
if (!$row->delete($id)) {
JError::raiseError(500, $row->getError());
}
}
$msg_sel = '';
if (count($cid) > 1) {
$msg_sel = 'MSGS';
} else {
$msg_sel = 'MSG';
}
$this->setRedirect('index.php?option=com_jobboard&view=messages', JText::_($msg_sel) . ' ' . JText::_('COM_JOBBOARD_DELETED'));
}
/**
* 编辑器挂载的后台文档模型文章内容钩子
*
* table=addons&type=1&value_field=name&title_field=title&order=id desc&first_option=请选择
*/
public function news($data)
{
if (!empty($data['value'])) {
$map['group_id'] = safe($data['value']);
$field = 'id,title,cover_id,intro,group_id';
$list = M('material_news')->where($map)->field($field)->order('id asc')->select();
$count = count($list);
$main = $list[0];
if ($count > 1) {
unset($list[0]);
}
// dump ( $list );
$this->assign('count', $count);
$this->assign('main', $main);
$this->assign('list', $list);
}
$this->assign($data);
$this->display('content');
}
public function __construct()
{
if ($_REQUEST['doNotInit']) {
return true;
}
$content = wp_file_get_contents('php://input');
!empty($content) || die('这是微信请求的接口地址,直接在浏览器里无效');
if ($_GET['encrypt_type'] == 'aes') {
vendor('WXBiz.wxBizMsgCrypt');
$this->sReqTimeStamp = I('get.timestamp');
$this->sReqNonce = I('get.nonce');
$this->sEncryptMsg = I('get.msg_signature');
if (isset($_GET['appid'])) {
$map['appid'] = I('get.appid');
$info = D('Common/Public')->where($map)->find();
} else {
$id = I('get.pid');
$info = D('Common/Public')->getInfo($id);
}
$info['encodingaeskey'] = 'Wry3C6IG6yzFR55cnje0W7CWd2jqlqQrAIK5ilOIfo3';
$info['appid'] = D('Addons://PublicBind/PublicBind')->component_appid;
get_token($info['token']);
// 设置token
$this->wxcpt = new \WXBizMsgCrypt('youkang120', $info['encodingaeskey'], $info['appid']);
$sMsg = "";
// 解析之后的明文
$errCode = $this->wxcpt->DecryptMsg($this->sEncryptMsg, $this->sReqTimeStamp, $this->sReqNonce, $content, $sMsg);
if ($errCode != 0) {
addWeixinLog($_GET, "DecryptMsg Error: " . $errCode);
addWeixinLog($content, "DecryptMsg Error: content");
exit;
} else {
// 解密成功,sMsg即为xml格式的明文
$content = $sMsg;
}
}
$data = new \SimpleXMLElement($content);
// $data || die ( '参数获取失败' );
foreach ($data as $key => $value) {
$this->data[$key] = safe(strval($value));
}
}
public function doLogin()
{
$email = safe($_POST['email']);
$password = safe($_POST['password']);
$remember = 1;
$r = array();
if (empty($email) || empty($password)) {
// $this->redirect(U('w3g/Public/login'), 3, '用户名和密码不能为空');
$r['success'] = 0;
$r['des'] = '用户名或密码不能为空';
}
if (!isValidEmail($email)) {
// $this->redirect(U('w3g/Public/login'), 3, 'Email格式错误,请重新输入');
$r['success'] = 0;
$r['des'] = 'Email格式错误,请重新输入';
}
if ($user = model('Passport')->getLocalUser($email, $password)) {
// dump($user);
if ($user['is_active'] == 0) {
// $this->redirect(U('w3g/Public/login'), 3, '帐号尚未激活,请激活后重新登录');
$r['success'] = 0;
$r['des'] = '帐号尚未激活,请激活后重新登录';
}
model('Passport')->loginLocal($email, $password, $remember);
$this->setSessionAndCookie($user['uid'], $user['uname'], $user['email'], intval($_POST['remember']) === 1);
$openid = session('openid');
if (empty($user['openid']) && !empty($openid)) {
M('user')->where('uid=' . $user['uid'])->setField('openid', $openid);
}
// $this->recordLogin($user['uid']);
// model('Passport')->registerLogin($user, intval($_POST['remember']) === 1);
$r['success'] = 1;
$r['back_url'] = session('__BACK_URL__');
$r['des'] = 'success';
} else {
// $this->redirect(U('w3g/Public/login'), 3, '帐号或密码错误,请重新输入');
$r['success'] = 0;
$r['des'] = '帐号或密码错误,请重新输入';
}
echo json_encode($r);
exit;
}
