function action_comments_remove() { $comm = new table("comments"); $id = intval($_GET["id"]); $comm->delete($id); show_msg("删除成功", $_SERVER["HTTP_REFERER"]); }
function cfg_write($data) { if (!is_writeable(CONF)) { show_msg(0, 'Conf目录不可写'); } $fp = fopen(CONF . '/appcfg.php', 'wb'); flock($fp, 3); fwrite($fp, "<" . "?php\r\n"); fwrite($fp, "return array(\r\n"); foreach ($data as $fval) { $fval['vals'] = htmlspecialchars_decode($fval['vals']); if ($fval['types'] == 'int' || $fval['types'] == 'bool') { if ($fval['vals'] == "") { $fval['vals'] = 0; } fwrite($fp, "\t'" . $fval['keyword'] . "' => " . addslashes($fval['vals']) . ",\r\n"); } elseif ($fval['types'] == 'select' || $fval['types'] == 'more') { list($key, $val) = explode('>>', $fval['vals']); if ($key == 'none') { fwrite($fp, "\t'" . $fval['keyword'] . "' => '',\r\n"); } else { fwrite($fp, "\t'" . $fval['keyword'] . "' => '" . addslashes($key) . "',\r\n"); } } else { fwrite($fp, "\t'" . $fval['keyword'] . "' => '" . addslashes($fval['vals']) . "',\r\n"); } } fwrite($fp, ");"); fclose($fp); }
function save_website_template($siteid, $template) { $db = Database::obtain(); $website['website_template'] = $template; $db->update(TABLE_WEBSITES, $website, "id='" . $siteid . "'"); show_msg(translate('Selected template saved successfully.', sz_config('language'))); }
function delete_user() { $db = Database::obtain(); $sql = "DELETE FROM `" . TABLE_USERS . "` WHERE `id`={$this->id}"; $db->query($sql); unset($this->user); show_msg(translate('User deleted.', $this->language)); }
updatecensorcache(); $msg = <<<EOF \t<form method="post" action="{$theurl}"> \t<table> \t<tr><td colspan="2">程序数据安装完成!<br><br> \t最后,请输入您在用户中心UCenter的用户名和密码<br>系统将自动把将您设为站点管理员! \t</td></tr> \t<tr><td>您的用户名</td><td><input type="text" name="username" value="" size="30"></td></tr> \t<tr><td>您的密码</td><td><input type="password" name="password" value="" size="30"></td></tr> \t<tr><td></td><td><input type="submit" name="opensubmit" value="设置管理员"></td></tr> \t</table> \t<input type="hidden" name="formhash" value="{$formhash}"> \t</form> <iframe id="phpframe" name="phpframe" width="0" height="0" marginwidth="0" frameborder="0" src="..\\"></iframe> EOF; show_msg($msg, 999); } //页面头部 function show_header() { global $_SGLOBAL, $nowarr, $step, $theurl, $_SC; $nowarr[$step] = ' class="current"'; print <<<END \t<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> \t<html xmlns="http://www.w3.org/1999/xhtml"> \t<head> \t<meta http-equiv="Content-Type" content="text/html; charset={$_SC['charset']}" /> \t<title> SupeSite 程序安装 </title> \t<style type="text/css"> \t* {font-size:12px; font-family: Verdana, Arial, Helvetica, sans-serif; line-height: 1.5em; word-break: break-all; } \tbody { text-align:center; margin: 0; padding: 0; background: #F5FBFF; }
$num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "sms_send WHERE 1 {$wheresql} "); $sql = "SELECT * FROM " . DB_TABLEPRE . "sms_send WHERE 1 {$wheresql} ORDER BY id desc LIMIT {$offset}, {$pagesize}"; $result = $db->fetch_all($sql); include_once 'template/index.php'; } elseif ($do == 'update') { get_key("office_info_delete"); $idarr = getGP('id', 'P', 'array'); foreach ($idarr as $id) { $db->query("DELETE FROM " . DB_TABLEPRE . "sms_send WHERE id = '{$id}' "); //db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'"); if ($id != '') { $oalog = array('uid' => $_USER->id, 'content' => '删除内部短信', 'title' => '删除内部短信', 'startdate' => get_date('Y-m-d H:i:s', PHP_TIME), 'contentid' => $id, 'type' => '4'); insert_db('oalog', $oalog); } } show_msg('短消息删除成功!', 'admin.php?ac=index&fileurl=sms&userkeytype=' . getGP('userkeytype', 'P') . ''); } elseif ($do == 'excel') { $datename = "sms_" . get_date('YmdHis', PHP_TIME); $outputFileName = 'data/excel/' . $datename . '.xls'; $content = array(); $archive = array("接收人", "发送人", "发送时间", "内容"); $content[] = $archive; $wheresql = ''; $vuidtype = getGP('vuidtype', 'P'); if (!is_superadmin() && $vuidtype == '') { $wheresql .= " AND uid ='" . $_USER->id . "'"; } if ($vuidtype != '') { if ($vuidtype == '-1') { $wheresql .= get_subordinate($_USER->id, 'uid'); } else {
$wheresql .= " AND (logindate>'" . $vstartdate . "' and logindate<'" . $venddate . "')"; $url .= '&vstartdate=' . $vstartdate . '&venddate=' . $venddate; } $num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "loginlog WHERE 1 {$wheresql} and uid='" . $_USER->id . "'"); $sql = "SELECT * FROM " . DB_TABLEPRE . "loginlog WHERE 1 {$wheresql} and uid='" . $_USER->id . "' ORDER BY id desc LIMIT {$offset}, {$pagesize}"; $result = $db->fetch_all($sql); include_once 'template/log.php'; } elseif ($do == 'update') { show_msg('你没有权限使用此功能,请联系系统管理员作删除操作!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . ''); } elseif ($do == 'userupdate') { get_key("config_log_delete"); $idarr = getGP('id', 'P', 'array'); foreach ($idarr as $id) { $db->query("DELETE FROM " . DB_TABLEPRE . "oalog WHERE id = '{$id}' "); } show_msg('你没有权限使用此功能,请联系系统管理员作删除操作!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '&do=loglist'); } elseif ($do == 'excel') { $datename = "log_" . get_date('YmdHis', PHP_TIME); $outputFileName = 'data/excel/' . $datename . '.xls'; //生成数据 $content = array(); $archive = array("姓名", "IP", "登录时间", "退出时间"); $content[] = $archive; $wheresql = ''; //根据条件导出 if ($name = getGP('name', 'P')) { $wheresql .= " AND name LIKE '%{$name}%'"; } //时间 $vstartdate = getGP('vstartdate', 'P'); $venddate = getGP('venddate', 'P');
private function _init_db() { $this->dbconfig['host'] = $this->config['db']['1']['dbhost']; $this->dbconfig['user'] = $this->config['db']['1']['dbuser']; $this->dbconfig['pw'] = $this->config['db']['1']['dbpw']; $this->dbconfig['name'] = $this->config['db']['1']['dbname']; $this->dbconfig['charset'] = $this->config['db']['1']['dbcharset']; $this->dbconfig['tablepre'] = $this->config['db']['1']['tablepre']; $this->ucdbconfig['host'] = UC_DBHOST; $this->ucdbconfig['user'] = UC_DBUSER; $this->ucdbconfig['pw'] = UC_DBPW; $this->ucdbconfig['name'] = UC_DBNAME; $this->ucdbconfig['charset'] = UC_DBCHARSET; $this->ucdbconfig['tablepre'] = UC_DBTABLEPRE; $this->connect_db(); $sql = "SHOW FULL PROCESSLIST"; $query = mysql_query($sql, $this->db); $waiting = false; $waiting_msg = ''; while ($l = mysql_fetch_array($query, MYSQL_ASSOC)) { if ($l['State'] == 'Checking table') { $this->close_db(); $waiting = true; $waiting_msg = '正在检查表,请稍后...'; } elseif ($l['State'] == 'Repair by sorting') { $this->close_db(); $waiting = true; $waiting_msg = '正在修复表,请稍后...'; } } if ($waiting) { show_msg($waiting_msg, 'tools.php?action=repairdb', 3000); } }
/** * database check */ function check_db($db_host, $db_user, $db_pwd, $db_name, $db_prefix, $db_port) { if (!function_exists('mysql_connect')) { show_msg('undefined function : mysql_connect()'); } if (!@mysql_connect($db_host . ":" . $db_port, $db_user, $db_pwd)) { show_msg('database connect failed'); } else { if ($query = mysql_query("SHOW TABLES FROM {$db_name}")) { while ($row = mysql_fetch_row($query)) { if (preg_match("/^{$db_prefix}/", $row[0])) { return false; } } } } return true; }
require $config['BASE_DIR'] . '/include/compat/json.php'; $data = array('status' => 1, 'msg' => ''); if (isset($_POST['user_id'])) { if (isset($_SESSION['uid'])) { $uid = intval($_SESSION['uid']); $filter = new VFilter(); $user_id = $filter->get('user_id', 'INTEGER'); if ($uid == $user_id) { $data['msg'] = show_err('Invalid request!?'); } else { $sql = "SELECT UID FROM video_subscribe WHERE UID = " . $uid . " AND SUID = " . $user_id . " LIMIT 1"; $conn->execute($sql); if ($conn->Affected_Rows() != 1) { $data['msg'] = show_err($lang['ajax.remove_sub_exists']); } else { $data['status'] = 1; $data['msg'] = show_msg($lang['ajax.remove_sub_success']); $sql = "DELETE FROM video_subscribe WHERE UID = " . $uid . " AND SUID = " . $user_id . " LIMIT 1"; $conn->execute($sql); $sql = "UPDATE signup SET popularity = popularity-1, points = points-2 WHERE UID = " . $uid . " LIMIT 1"; $conn->execute($sql); } } } else { $data['msg'] = show_err($lang['ajax.remove_sub_login']); } } else { $data['msg'] = show_err('Invalid request!'); } echo json_encode($data); die;
$id = getGP('id', 'G', 'int'); $workdate = $db->fetch_one_array("SELECT * FROM " . DB_TABLEPRE . "book_type WHERE id = '{$id}' "); include_once 'template/file_type_edit.php'; } elseif ($do == 'save') { $savetype = getGP('savetype', 'P'); $id = getGP('id', 'P', 'int'); $title = getGP('title', 'P'); $father = getGP('father', 'P'); $keyuser = getGP('keyuser', 'P'); //$uid=$_USER->id; $book_type = array('title' => $title, 'father' => $father, 'keyuser' => $keyuser); update_db('book_type', $book_type, array('id' => $id)); $content = serialize($book_type); $title = '编辑图书类别'; get_logadd($id, $content, $title, 22, $_USER->id); show_msg('您要处理的信息操作成功!', 'admin.php?ac=file_type&fileurl=' . $fileurl . ''); } function GET_FILE_PUBLIC_LIST($fatherid = 0, $selid = 0, $layer = 0) { $str = ""; global $db; $query = $db->query("SELECT * FROM " . DB_TABLEPRE . "book_type where father='{$fatherid}' ORDER BY id Asc "); if (count($query) > 0) { for ($i = 0; $i < $layer; $i++) { $str .= "├"; } while ($row = $db->fetch_array($query)) { $selstr = $row['id'] == $selid ? 'selected="selected"' : ''; $htmlstr = '<option value="' . $row['id'] . '" ' . $selstr . '>' . $str . $row['title'] . '</option>'; echo $htmlstr; GET_FILE_PUBLIC_LIST($row['id'], $selid, $layer + 1, $type);
$db->query("UPDATE " . DB_TABLEPRE . "plugin set type='1' WHERE id = '" . $_POST['pid'] . "' "); //权限 $db->query("DELETE FROM " . DB_TABLEPRE . "keytable WHERE id = 391"); for ($i = 262; $i <= 266; $i++) { $db->query("DELETE FROM " . DB_TABLEPRE . "keytable WHERE id = " . $i . ""); } //菜单 for ($i = 129; $i <= 132; $i++) { $db->query("DELETE FROM " . DB_TABLEPRE . "menu WHERE menuid = " . $i . ""); } $db->query("DELETE FROM " . DB_TABLEPRE . "menu WHERE menuid = 73"); //数据库 $db->query("DROP TABLE toa_property"); $db->query("DROP TABLE toa_property_depreciation"); $db->query("DROP TABLE toa_property_type"); show_msg('固定资产组件模块卸载成功!', '../admin.php?ac=plugin&fileurl=mana'); } else { global $db; $sql = "SELECT * FROM " . DB_TABLEPRE . "plugin WHERE id = '" . $_GET['pid'] . "'"; $row = $db->fetch_one_array($sql); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"/> <link rel="stylesheet" type="text/css" href="../template/default/content/css/style.css"> <title>天生创想OA办公系统组件集成安装程序</title> </head> <body class="bodycolor"> <table width="60%" border="0" align="center" cellpadding="3" cellspacing="0" class="small" style="margin-top:20px;margin-bottom:10px;"> <tr>
foreach (getGP('newinherited', 'P', 'array') as $name) { $newinherited .= $name . ','; } $newname = explode(',', substr($newname, 0, -1)); $newinherited = explode(',', substr($newinherited, 0, -1)); if ($newname != '') { for ($i = 0; $i < sizeof($newname); $i++) { if ($newname[$i] != '') { if ($newname[$i] == '') { $newname[$i] = '新文件夹名称'; } if ($newinherited[$i] != '') { $fatherid = $newinherited[$i]; } else { $fatherid = '0'; } $document_type = array('title' => $newname[$i], 'father' => $fatherid, 'date' => $date, 'type' => $_GET['type'], 'uid' => $_USER->id); insert_db('document_type', $document_type); } } } $str = ',新增了<font color=red>' . sizeof($newname) . '</font>条信息'; } show_msg('批量文件夹信息更新成功' . $str . '!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '&do=documenttype&type=' . $_GET['type'] . ''); } elseif ($_GET['view'] == 'typeupdate') { $db->query("DELETE FROM " . DB_TABLEPRE . "document_type WHERE id = '" . $_GET[id] . "' "); $db->query("UPDATE " . DB_TABLEPRE . "document_type set father='" . $_GET['fid'] . "' WHERE father = '" . $_GET[id] . "' "); show_msg('文件夹信息删除成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '&do=documenttype&type=' . $_GET['type'] . ''); } include_once 'template/documenttype.php'; }
(!defined('IN_TOA') || !defined('IN_ADMIN')) && exit('Access Denied!'); get_key("office_communication_Increase"); empty($do) && ($do = 'list'); if ($do == 'list') { include_once 'template/add.php'; } elseif ($do == 'save') { $savetype = getGP('savetype', 'P'); $company = getGP('company', 'P'); $person = getGP('person', 'P'); $tel = getGP('tel', 'P'); $phone = getGP('phone', 'P'); $fax = getGP('fax', 'P'); $mail = getGP('mail', 'P'); $zipcode = getGP('zipcode', 'P'); $address = getGP('address', 'P'); $position = getGP('position', 'P'); $sex = getGP('sex', 'P'); $msn = getGP('msn', 'P'); $date = get_date('Y-m-d h:i:s', PHP_TIME); $type = getGP('type', 'P'); $uid = $_USER->id; //主表信息 $communication = array('company' => $company, 'person' => $person, 'tel' => $tel, 'phone' => $phone, 'fax' => $fax, 'mail' => $mail, 'zipcode' => $zipcode, 'address' => $address, 'position' => $position, 'sex' => $sex, 'msn' => $msn, 'type' => $type, 'date' => $date, 'uid' => $uid); //写入主表信息 insert_db('communication', $communication); $id = $db->insert_id(); $content = serialize($communication); $title = '添加通迅录'; get_logadd($id, $content, $title, 9, $_USER->id); show_msg('添加通迅录成功!', 'admin.php?ac=index&fileurl=communication&type=' . $type . ''); }
function check_db($dbhost, $dbuser, $dbpw, $dbname, $tablepre, $dbport) { if (!function_exists('mysql_connect')) { show_msg('undefine_func', 'mysql_connect', 0); } if (!@mysql_connect($dbhost . ":" . $dbport, $dbuser, $dbpw)) { $errno = mysql_errno(); $error = mysql_error(); if ($errno == 1045) { show_msg('database_errno_1045', $error, 0); } elseif ($errno == 2003) { show_msg('database_errno_2003', $error, 0); } else { show_msg('database_connect_error', $error, 0); } } else { if ($query = mysql_query("SHOW TABLES FROM {$dbname}")) { while ($row = mysql_fetch_row($query)) { if (preg_match("/^{$tablepre}/", $row[0])) { return false; } } } } return true; }
function register_administrator($db, $prefix, $admin, $auth) { show_msg('开始注册创始人帐号...'); $uid = 1; /*插入用户*/ $sql = <<<sql REPLACE INTO `[PREFIX]ucenter_member` (`id`, `username`, `password`, `email`, `mobile`, `reg_time`, `reg_ip`, `last_login_time`, `last_login_ip`, `update_time`, `status`, `type`) VALUES ('[UID]', '[NAME]', '[PASS]','[EMAIL]', '', '[TIME]', '[IP]', '[TIME]', '[IP]', '[TIME]', 1, 1); sql; /* "REPLACE INTO `[PREFIX]ucenter_member` VALUES " . "('1', '[NAME]', '[PASS]', '[EMAIL]', '', '[TIME]', '[IP]', 0, 0, '[TIME]', '1',1,'finish')";*/ $password = user_md5($admin['password'], $auth); $sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]', '[UID]'), array($prefix, $admin['username'], $password, $admin['email'], NOW_TIME, get_client_ip(1), $uid), $sql); //执行sql $db->execute($sql); /*插入用户资料*/ $sql = <<<sql REPLACE INTO `[PREFIX]member` (`uid`, `nickname`, `sex`, `birthday`, `qq`, `login`, `reg_ip`, `reg_time`, `last_login_ip`, `last_login_role`, `show_role`, `last_login_time`, `status`, `signature`) VALUES ('[UID]','[NAME]', 0, '0', '', 1, 0, '[TIME]', 0, 1, 1, '[TIME]', 1, ''); sql; $sql = str_replace(array('[PREFIX]', '[NAME]', '[TIME]', '[UID]'), array($prefix, $admin['username'], NOW_TIME, $uid), $sql); $db->execute($sql); /*初始化角色表*/ $sql = <<<sql REPLACE INTO `[PREFIX]role` (`id`, `group_id`, `name`, `title`, `description`, `user_groups`, `invite`, `audit`, `sort`, `status`, `create_time`, `update_time`) VALUES (1, 0, 'default', '普通用户', '普通用户', '1', 0, 0, 0, 1, [TIME], [TIME]); sql; $sql = str_replace(array('[PREFIX]', '[TIME]', '[UID]'), array($prefix, NOW_TIME, $uid), $sql); $db->execute($sql); /*插入角色和用户对应关系*/ $sql = <<<sql REPLACE INTO `[PREFIX]user_role` (`id`, `uid`, `role_id`, `status`, `step`, `init`) VALUES (1, [UID], 1, 1, 'finish', 1); sql; $sql = str_replace(array('[PREFIX]', '[UID]'), array($prefix, $uid), $sql); $db->execute($sql); /*初始化用户角色end*/ show_msg('创始人帐号注册完成!'); }
function show_license() { global $self, $uchidden, $step; /*vot*/ global $language; $next = $step + 1; if (VIEW_OFF) { show_msg('license_contents', lang('license'), 1); } else { show_header(); $license = str_replace(' ', ' ', lang('license')); $lang_agreement_yes = lang('agreement_yes'); $lang_agreement_no = lang('agreement_no'); echo <<<EOT </div> <div class="main" style="margin-top:-123px;"> \t<div class="licenseblock">{$license}</div> \t<div class="btnbox marginbot"> \t\t<form method="get" autocomplete="off" action="index.php"> <!--vot-->\t<input type='hidden' name='language' value='{$language}' /> \t\t<input type="hidden" name="step" value="{$next}"> \t\t<input type="hidden" name="uchidden" value="{$uchidden}"> \t\t<input type="submit" name="submit" value="{$lang_agreement_yes}" style="padding: 2px"> \t\t<input type="button" name="exit" value="{$lang_agreement_no}" style="padding: 2px" onclick="javascript: window.close(); return false;"> \t\t</form> \t</div> EOT; show_footer(); } }
$title = getGP('title', 'P'); $specification = getGP('specification', 'P'); $unit = getGP('unit', 'P'); $price = getGP('price', 'P'); $number = getGP('number', 'P'); $content = getGP('content', 'P'); //$purchase=getGP('purchase','P'); //$examination=getGP('examination','P'); //$warehousing=getGP('warehousing','P'); $office_goods = array('goods_type' => $goods_type, 'title' => $title, 'specification' => $specification, 'unit' => $unit, 'price' => $price, 'number' => $number, 'content' => $content, 'date' => get_date('Y-m-d H:i:s', PHP_TIME), 'uid' => $_USER->id); insert_db('office_goods', $office_goods); $id = $db->insert_id(); $content = serialize($office_goods); $title = '新增办公用品信息'; get_logadd($id, $content, $title, 23, $_USER->id); show_msg('您要处理的信息操作成功!', 'admin.php?ac=index&fileurl=' . $fileurl . ''); } //读取部门 function GET_FILE_PUBLIC_LIST($fatherid = 0, $selid = 0, $layer = 0) { $str = ""; global $db; $query = $db->query("SELECT * FROM " . DB_TABLEPRE . "goods_type where father='{$fatherid}' ORDER BY id Asc "); if (count($query) > 0) { for ($i = 0; $i < $layer; $i++) { $str .= "├"; } while ($row = $db->fetch_array($query)) { $selstr = $row['id'] == $selid ? 'selected="selected"' : ''; $htmlstr = '<option value="' . $row['id'] . '" ' . $selstr . '>' . $str . $row['title'] . '</option>'; echo $htmlstr;
require_once libfile('function/importdata'); $dir = DB::result_first("SELECT t.directory FROM " . DB::table('common_style') . " s LEFT JOIN " . DB::table('common_template') . " t ON t.templateid=s.templateid WHERE s.styleid='1'"); import_styles(1, $dir, 1, 0); DB::update('common_setting', array('svalue' => 1), "skey='styleid'"); show_msg(lang('update', 'default_style_restored'), "{$theurl}?step=cache"); } elseif ($_GET['step'] == 'cache') { if (!$devmode && @($fp = fopen($lockfile, 'w'))) { fwrite($fp, ' '); fclose($fp); } dir_clear(ROOT_PATH . './data/template'); dir_clear(ROOT_PATH . './data/cache'); dir_clear(ROOT_PATH . './data/threadcache'); dir_clear(ROOT_PATH . './uc_client/data'); dir_clear(ROOT_PATH . './uc_client/data/cache'); show_msg(lang('update', 'database_updated') . '<iframe src="../misc.php?mod=initsys" style="display:none;"></iframe>'); } function has_another_special_table($tablename, $key) { if (!$key) { return $tablename; } $tables_array = get_special_tables_array($tablename); if ($key > count($tables_array)) { return FALSE; } else { return TRUE; } } function get_special_tables_array($tablename) {
$code .= '<div class="row">'; $code .= '<div class="pull-left">'; $code .= '<a href="' . $config['BASE_URL'] . '/user/' . $username . '">'; $code .= '<img src="' . $config['BASE_URL'] . '/media/users/' . $photo . '" title="' . $username . '\'s avatar" alt="' . $username . '\'s avatar" class="img-responsive comment-avatar" />'; $code .= '</a>'; $code .= '</div>'; $code .= '<div class="comment new-comment">'; $code .= '<div class="comment-info">'; $code .= '<a href="' . $config['BASE_URL'] . '/user/' . $username . '">' . $username . '</a> - <span class="">' . $lang['global.right_now'] . '</span>'; $code .= '</div>'; $code .= '<div class="comment-body overflow-hidden">' . nl2br($comment) . '</div>'; $code .= '<div class="comment-actions">'; $code .= '<a href="#delete_comment" id="delete_comment_notice_' . $cid . '_' . $nid . '">' . $lang['global.delete'] . '</a> <span id="delete_response_' . $cid . '" style="display: none;"></span>'; $code .= '</div>'; $code .= '</div>'; $code .= '<div class="clearfix"></div>'; $code .= '</div>'; $code .= '</div>'; $data['code'] = $code; $data['cid'] = $cid; $data['nid'] = $nid; $data['status'] = 1; $data['msg'] = show_msg($lang['global.comment_success']); $_SESSION['n_comment_added'] = time(); } } else { $data['msg'] = show_err($lang['ajax.notice_comment_login']); } } echo json_encode($data); die;
include_once 'mana/template_edit.php'; } elseif ($do == 'editsave') { $tplid = getGP('tplid', 'P', 'int'); $title = getGP('title', 'P'); $typeid = getGP('typeid', 'P'); $tplkey = getGP('tplkey', 'P'); if (getGP('tpluser', 'P') != '') { $tpluser = getGP('tpluser', 'P'); } else { $tpluser = '******'; } if (getGP('tpladmin', 'P') != '') { $tpladmin = getGP('tpladmin', 'P'); } else { $tpladmin = '0'; } $tpladdr = getGP('tpladdr', 'P'); //主表信息 $workclass_template = array('title' => $title, 'typeid' => $typeid, 'tplkey' => $tplkey, 'tpluser' => $tpluser, 'tpladmin' => $tpladmin, 'tpladdr' => $tpladdr); update_db('workclass_template', $workclass_template, array('tplid' => $tplid)); //更新表单 $workclass_from = array('typeid' => $typeid); update_db('workclass_from', $workclass_from, array('tplid' => $tplid)); //更新流程 $workclass_flow = array('typeid' => $typeid); update_db('workclass_flow', $workclass_flow, array('tplid' => $tplid)); $content = serialize($workclass_template); $title = '编辑工作流模板'; get_logadd($id, $content, $title, 35, $_USER->id); show_msg('工作流模板修改成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . ''); }
$uid = check_str(getGP('userid', 'P')); $startdate = getGP('startdate', 'P') . " " . getGP('starth', 'P') . ":" . getGP('starti', 'P') . ":00"; $enddate = getGP('enddate', 'P') . " " . getGP('endh', 'P') . ":" . getGP('endi', 'P') . ":00"; $startnote = check_str(getGP('startnote', 'P')); $endnote = check_str(getGP('endnote', 'P')); $date = check_str(getGP('date', 'P')); $startyype = check_str(getGP('startyype', 'P')); $endtype = check_str(getGP('endtype', 'P')); $registration = array('name' => $name, 'startdate' => $startdate, 'enddate' => $enddate, 'startnote' => $startnote, 'endnote' => $endnote, 'uid' => $uid, 'startyype' => $startyype, 'endtype' => $endtype, 'date' => $date); insert_db('registration', $registration); $id = $db->insert_id(); $content = serialize($registration); $title = '录入考勤信息'; get_logadd($id, $content, $title, 7, $_USER->id); } show_msg('考勤信息操作成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . ''); } else { $id = getGP('id', 'G', 'int'); if ($id != '') { $user = $db->fetch_one_array("SELECT * FROM " . DB_TABLEPRE . "registration WHERE id = '{$id}' "); $startdate = explode(' ', $user['startdate']); $starttime = explode(':', $startdate[1]); $enddate = explode(' ', $user['enddate']); $endtime = explode(':', $enddate[1]); $_title['name'] = '更改'; } else { $startdate = explode(' ', get_date('Y-m-d H:i:s', PHP_TIME)); $starttime = explode(':', $startdate[1]); $starttime[0] = '08'; $starttime[1] = '50'; $enddate = explode(' ', get_date('Y-m-d H:i:s', PHP_TIME));
$personnel2 = array('type' => $row9['type'], 'name' => $row9['name'], 'uid' => $row9['uid'], 'node' => $row9['node'], 'pkey' => 0, 'fileid' => $row9['fileid'], 'apptype' => $row9['apptype'], 'appflow' => $row9['appflow'], 'appkey' => $row9['appkey'], 'appkey1' => $row9['appkey1']); insert_db('personnel', $personnel2); if ($row9['appkey'] == '1') { $staff = explode(',', $row9['name']); $staffid = explode(',', $row9['uid']); for ($i = 0; $i < sizeof($staffid); $i++) { $personnel_log = array('type' => 2, 'name' => $staff[$i], 'uid' => $staffid[$i], 'pkey' => 0, 'perid' => $row9['id']); insert_db('personnel_log', $personnel_log); } } //$db->query('UPDATE personnel SET oapostscript ="流程被回退,理由:".$_POST['ly'] where id='); ///////////////////////////// if ($_POST['type'] == '1') { show_msg('操作成功,当前步骤已被撤销!', 'admin.php?ac=attachment&fileurl=app&type=5'); } else { show_msg('操作成功,当前步骤已被撤销!', 'admin.php?ac=approval&fileurl=app&type=5'); } } else { echo '在您提交回退操作前,该公文状态已发生变化,且当前状态无法进行回退操作!'; } } } } else { if ($_GET['type'] == '1') { $tkey = "attachment"; } else { $tkey = "approval"; } $sql = "select title from toa_" . $tkey . " where id=" . $_GET['id']; $row = $db->fetch_one_array($sql); ?>
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php'; require $config['BASE_DIR'] . '/include/dbconn.php'; $data = array('status' => 0, 'msg' => ''); if (isset($_POST['video_id'])) { $filter = new VFilter(); $video_id = $filter->get('video_id', 'INTEGER'); if (isset($_SESSION['uid'])) { $sql = "SELECT VID FROM favourite WHERE VID = " . $video_id . " AND UID = " . intval($_SESSION['uid']) . " LIMIT 1"; $conn->execute($sql); if ($conn->Affected_Rows() == 1) { $data['msg'] = show_err($lang['ajax.favorite_video_exists']); } else { $sql = "SELECT VID FROM video WHERE VID = " . $video_id . " AND UID = " . intval($_SESSION['uid']) . " LIMIT 1"; $conn->execute($sql); if ($conn->Affected_Rows() == 1) { $data['msg'] = show_err($lang['ajax.favorite_video_self']); } else { $sql = "INSERT INTO favourite SET VID = " . $video_id . ", UID = " . intval($_SESSION['uid']); $conn->execute($sql); $sql = "UPDATE video SET fav_num = fav_num+1 WHERE VID = " . $video_id . " LIMIT 1"; $conn->execute($sql); $data['msg'] = show_msg($lang['ajax.favorite_video_success']); $data['status'] = 1; } } } else { $data['msg'] = show_err($lang['ajax.favorite_video_login']); } } echo json_encode($data); die;
<?php (!defined('IN_TOA') || !defined('IN_ADMIN')) && exit('Access Denied!'); get_key("file_Increase"); empty($do) && ($do = 'list'); if ($do == 'list') { include_once 'template/add.php'; } elseif ($do == 'save') { $savetype = getGP('savetype', 'P'); $filetype = getGP('filetype', 'P'); $filenumber = getGP('filenumber', 'P'); $filename = getGP('filename', 'P'); $enddate = getGP('enddate', 'P'); $position = getGP('position', 'P'); $page = getGP('page', 'P'); $appendix = getGP('file1', 'P') . "," . getGP('file2', 'P') . "," . getGP('file3', 'P'); $content = getGP('content', 'P'); $file = array('filetype' => $filetype, 'filenumber' => $filenumber, 'filename' => $filename, 'enddate' => $enddate, 'position' => $position, 'page' => $page, 'appendix' => $appendix, 'content' => $content, 'type' => '0', 'date' => get_date('Y-m-d H:i:s', PHP_TIME), 'uid' => $_USER->id); insert_db('file', $file); $id = $db->insert_id(); $content = serialize($file); $title = '新增档案信息'; get_logadd($id, $content, $title, 20, $_USER->id); show_msg('新增档案信息成功!', 'admin.php?ac=index&fileurl=file'); }
$wage_basis = array('username' => $username[$id], 'name' => $name[$id], 'content' => $content[$id]); update_db('wage_basis', $wage_basis, array('bid' => $id)); } //$sqlu = "SELECT tid,name FROM ".DB_TABLEPRE."wage_type order by tnumber asc"; //$results = $db->query($sqlu); //while ($type = $db->fetch_array($results)) { foreach ($_CACHE['wage_type'] as $type) { $contentdb = getGP('type_' . $type['tid'], 'P', 'array'); $wdb = $db->fetch_one_array("SELECT did FROM " . DB_TABLEPRE . "wage_data WHERE type=1 and viewid='" . $id . "' and tid='" . $type['tid'] . "'"); if ($wdb['did'] != '') { $wage_data = array('content' => $contentdb[$id]); update_db('wage_data', $wage_data, array('viewid' => $id, 'tid' => $type['tid'], 'type' => 1)); } else { $wage_data = array('viewid' => $id, 'tid' => $type['tid'], 'name' => $type['name'], 'content' => $contentdb[$id], 'type' => 1); insert_db('wage_data', $wage_data); } } } show_msg('薪资基础信息操作成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . ''); } elseif (getGP('id', 'G') != '') { $db->query("DELETE FROM " . DB_TABLEPRE . "wage_type WHERE tid = '" . getGP('id', 'G') . "' "); $content = getGP('id', 'G'); $title = '删除薪资项目'; get_logadd(getGP('id', 'G'), $content, $title, 36, $_USER->id); show_msg('薪资项目删除成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . ''); } else { $sql = "SELECT a.*,b.name FROM " . DB_TABLEPRE . "user a," . DB_TABLEPRE . "user_view b where a.ischeck!=0 and a.id!=1 and a.id=b.uid ORDER BY a.numbers asc"; $result = $db->fetch_all($sql); include_once 'template/basis.php'; } }
function show_next($batch) { global $turl, $next, $start, $perpage; $nowtime = gmdate('H:i:\\<\\b\\>s\\<\\/\\b\\>', time() + 8 * 3600); if ($next) { $start = $start + $perpage; show_msg("第 {$_GET['step']} 步 / 共 13 步<br>OK,本次处理完成! ({$start})<br><br><a href=\"{$turl}?step={$_GET['step']}&start={$start}\">进入下一批 <strong>{$batch}</strong> 处理, 请耐心等待 ...</a><br><br>Now Time: {$nowtime} ", "{$turl}?step={$_GET['step']}&start={$start}"); } else { show_msg("第 {$_GET['step']} 步 / 共 13 步<br><strong>{$batch}</strong> 全部处理完毕! <br><br><a href=\"{$turl}?step=" . ($_GET['step'] + 1) . "\">进入下一步处理</a><br><br>Now Time: {$nowtime}", "{$turl}?step=" . ($_GET['step'] + 1)); } }
function register_administrator($db, $prefix, $admin, $auth) { show_msg('开始注册创始人帐号...'); $sql = "UPDATE `[PREFIX]ucenter_member` " . "set `username`='[NAME]', `password`='[PASS]', `email`='[EMAIL]', `last_login_time`= '[TIME]', `last_login_ip`='[IP]', `update_time`='[TIME]'"; $password = user_md5($admin['password'], $auth); $sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]'), array($prefix, $admin['username'], $password, $admin['email'], NOW_TIME, get_client_ip(1)), $sql); //执行sql $db->execute($sql); // $sql = "INSERT INTO `[PREFIX]member` VALUES ". // "('1', '[NAME]','', '[NAME]', '0', '0', '', '0', '1', '0', '[TIME]', '0', '[TIME]','[TIME]', '1');"; // $sql = str_replace( // array('[PREFIX]', '[NAME]', '[TIME]'), // array("common_", $admin['username'], NOW_TIME), // $sql); // $db->execute($sql); show_msg('创始人帐号注册完成!'); }
$show = show_msg($msgs); include $template->getfile('restore.htm'); pageend(); } $voltmp = explode("_v", $_SESSION['data_file']); $volname = $voltmp[0]; $volnum = explode(".sq", $voltmp[1]); $volnum = intval($volnum[0]) + 1; $tmpfile = $volname . "_v" . $volnum . ".sql"; if (file_exists("./backup/" . $tmpfile)) { $msgs[] = "程序将在3秒钟后自动开始导入此分卷备份的下一部份:文件" . $tmpfile . ",请勿手动中止程序的运行,以免数据库结构受损"; $_SESSION['data_file'] = $tmpfile; $show = show_msg($msgs); sleep(3); echo "<script language='javascript'>"; echo "location='restore.php';"; echo "</script>"; } else { $msgs[] = "此分卷备份全部导入成功"; unset($_SESSION['data_file']); $show = show_msg($msgs); } } } else { $msgs[] = "本功能在恢复备份数据的同时,将全部覆盖原有数据"; $msgs[] = "数据恢复只能恢复由本系统导出的数据文件,其他软件导出格式无法识别"; $msgs[] = "从本地恢复数据最大数据2m"; $msgs[] = "如果您使用了分卷备份,只需手工导入文件卷1,其他数据文件会由系统导入"; $show = show_msg($msgs); } include $template->getfile('restore.htm');
show_msg('missing_parameter', '', 0); } else { show_form($form_db_init_items, $error_msg); } } elseif ($method == 'ext_info') { @touch($lockfile); if (VIEW_OFF) { show_msg('ext_info_succ'); } else { show_header(); echo '</div><div class="main" style="margin-top: -123px;"><ul style="line-height: 200%; margin-left: 30px;">'; echo '<li><a href="../">' . lang('install_succeed') . '</a><br>'; echo '<script>setTimeout(function(){window.location=\'../\'}, 2000);</script>' . lang('auto_redirect') . '</li>'; echo '</ul></div>'; show_footer(); } } elseif ($method == 'install_check') { if (file_exists($lockfile)) { show_msg('installstate_succ'); } else { show_msg('lock_file_not_touch', $lockfile, 0); } } elseif ($method == 'tablepre_check') { $dbinfo = getgpc('dbinfo'); extract($dbinfo); if (check_db($dbhost, $dbuser, $dbpw, $dbname, $tablepre)) { show_msg('tablepre_not_exists', 0); } else { show_msg('tablepre_exists', $tablepre, 0); } }