function GetRankName($arcrank)
{
global $arcArray,$dsql;
if(!is_array($arcArray)){
$dsql = new DedeSql(false);
$dsql->SetQuery("Select * from #@__arcrank");
$dsql->Execute('rn1');
while($row = $dsql->GetObject('rn1')){ $arcArray[$row->rank]=$row->membername; }
}
if(isset($arcArray[$arcrank])) return $arcArray[$arcrank];
else return "不限";
}
function GetOptionList($selid=0,$userCatalog=0,$channeltype=0)
{
global $OptionArrayList,$channels,$dsql;
if(!is_object($dsql)) $dsql = new DedeSql(false);
$dsql->SetQuery("Select ID,typename From #@__channeltype ");
$dsql->Execute();
$channels = Array();
while($row = $dsql->GetObject()) $channels[$row->ID] = $row->typename;
$OptionArrayList = "";
$query = "Select ID,typename,ispart,channeltype,issend From #@__arctype where ispart<>2 And reID=0 order by sortrank asc ";
$dsql->SetQuery($query);
$dsql->Execute();
while($row=$dsql->GetObject())
{
if($row->channeltype==$channeltype && $row->issend==1){
if($row->ispart==0) $OptionArrayList .= "<option value='".$row->ID."' class='option3'>".$row->typename."</option>\r\n";
else if($row->ispart==1) $OptionArrayList .= "<option value='".$row->ID."' class='option2'>".$row->typename."</option>\r\n";
}
LogicGetOptionArray($row->ID,"─",$channeltype,$dsql);
}
return $OptionArrayList;
}
<?php
require(dirname(__FILE__)."/config.php");
CheckPurview('member_Edit');
if(!isset($_COOKIE['ENV_GOBACK_URL'])) $ENV_GOBACK_URL = "";
else $ENV_GOBACK_URL="member_main.php";
$ID = ereg_replace("[^0-9]","",$ID);
$dsql = new DedeSql(false);
$row=$dsql->GetOne("select m.*, mc.* from #@__member m left join #@__member_cominfo mc on mc.id=m.ID where m.ID='$ID'");
$sql = "select * from #@__sectors";
$dsql->SetQuery($sql);
$dsql->Execute();
$topsectors = $subsectors = array();
while($sector = $dsql->GetArray())
{
if($sector['reid'] == 0) {
$topsectors[] = $sector;
} else {
$subsectors[] = $sector;
}
}
$sectorcache = "<!--\ntopsectors=new Array();\n\n";
$typeid1name = $typeid2name = '-不限-';
foreach($topsectors as $topkey => $topsector)
{
if($topsector['id'] == $row['typeid1'])
{
$typeid1name = $topsector['name'];
}
$sectorcache .= "topsectors[$topkey]=".'"'.$topsector['id'].'~'.$topsector['name'].'";'."\n";
$sectorcache .= "\t".'subsectors'.$topsector['id'].'=new Array();'."\n";
//////////////////////////////////////////
if($dopost=="save")
{
//$ismore,$votename
$starttime = GetMkTime($starttime);
$endtime = GetMkTime($endtime);
$voteitems = "";
$j=0;
for($i=1;$i<=15;$i++)
{
if(!empty(${"voteitem".$i})){
$j++;
$voteitems .= "<v:note id=\\'$j\\' count=\\'0\\'>".${"voteitem".$i}."</v:note>\r\n";
}
}
$dsql = new DedeSql(false);
$inQuery = "
insert into #@__vote(votename,starttime,endtime,totalcount,ismore,votenote)
Values('$votename','$starttime','$endtime','0','$ismore','$voteitems');
";
$dsql->SetQuery($inQuery);
if(!$dsql->ExecuteNoneQuery())
{
$dsql->Close();
ShowMsg("增加投票失败,请检查数据是否非法!","-1");
exit();
}
$dsql->Close();
ShowMsg("成功增加一组投票!","vote_main.php");
exit();
}
$row = $dsql->GetOne("SELECT * FROM #@__story_chapter WHERE bookid='{$bookid}' ORDER BY chapnum DESC");
if (is_array($row)) {
$nchapnum = $row['chapnum'] + 1;
} else {
$nchapnum = 1;
}
$query = "INSERT INTO `#@__story_chapter`(`bookid`,`catid`,`chapnum`,`mid`,`chaptername`,`bookname`)\n VALUES ('{$bookid}', '{$catid}', '{$nchapnum}', '0', '{$chapternew}','{$bookname}');";
$rs = $dsql->ExecuteNoneQuery($query);
if ($rs) {
$chapterid = $dsql->GetLastID();
} else {
ShowMsg("增加章节失败,请检查原因!", "-1");
exit;
}
} else {
$dsql = new DedeSql();
}
//获得父栏目
$nrow = $dsql->GetOne("SELECT * FROM #@__story_catalog WHERE id='{$catid}' ");
$bcatid = $nrow['pid'];
$booktype = $nrow['booktype'];
if (empty($bcatid)) {
$bcatid = 0;
}
if (empty($booktype)) {
$booktype = 0;
}
$addtime = time();
//处理上传的缩略图
if (!isset($isremote)) {
$isremote = 0;
$wintitle = "文档管理-移动文档";
$wecome_info = "<a href='".$ENV_GOBACK_URL."'>文档管理</a>::移动文档";
$win = new OxWindow();
$win->Init("archives_do.php","js/blank.js","POST");
$win->AddHidden("fmdo","yes");
$win->AddHidden("dopost",$dopost);
$win->AddHidden("qstr",$qstr);
$win->AddHidden("aid",$aid);
$win->AddTitle("你目前的操作是移动文档,请选择目标栏目:");
$win->AddMsgItem($typeOptions,"30","1");
$win->AddMsgItem("你选中的文档ID是: $qstr <br>移动的栏目必须和选定的文档频道类型一致,否则程序会自动勿略不符合的文档。","30","1");
$winform = $win->GetWindow("ok");
$win->Display();
}else{
$targetTypeid = ereg_replace('[^0-9]','',$targetTypeid);
$dsql = new DedeSql(false);
$typeInfos = $dsql->GetOne(" Select * From #@__arctype where ID='$targetTypeid' ");
if(!is_array($typeInfos)){
ShowMsg("参数错误!","-1");
$dsql->Close();
exit();
}
if($typeInfos['ispart']!=0){
ShowMsg("文档保存的栏目必须为最终列表栏目!","-1");
$dsql->Close();
exit();
}
$arcids = explode('`',$qstr);
$arc = "";
$j = 0;
$okids = Array();
$templet = str_replace("{style}",$cfg_df_style,$templet);
$pv->SetTemplet($cfg_basedir.$cfg_templets_dir."/".$templet);
$pv->Display();
$pv->Close();
}
else if($dopost=="make")
{
header("Content-Type: text/html; charset={$cfg_ver_lang}");
$homeFile = dirname(__FILE__)."/".$position;
$homeFile = str_replace("\\","/",$homeFile);
$homeFile = str_replace("//","/",$homeFile);
$fp = fopen($homeFile,"w") or die("你指定的文件名有问题,无法创建文件");
fclose($fp);
if($saveset==1)
{
$dsql = new DedeSql(false);
$dsql->SetQuery("update #@__homepageset set templet='$templet',position='$position' ");
$dsql->ExecuteNoneQuery();
$dsql->Close();
}
$templet = str_replace("{style}",$cfg_df_style,$templet);
$pv = new PartView();
$pv->SetTemplet($cfg_basedir.$cfg_templets_dir."/".$templet);
$pv->SaveToHtml($homeFile);
$pv->Close();
echo "成功更新主页HTML:".$homeFile;
echo "<br/><br/><a href='$position' target='_blank'>浏览...</a>";
}
$t2 = ExecTime();
echo "<!-- ".($t2-$t1)." -->";
exit();
}
//严格检查最终的文件名
if(eregi("\.(php|asp|pl|shtml|jsp|cgi|aspx)",$fullfilename)){
ShowMsg("你所上传的文件类型被禁止,系统只允许上传<br>".$cfg_mb_mediatype." 类型附件!","-1");
exit();
}
if(eregi("\.(php|asp|pl|shtml|jsp|cgi|aspx)",$full_litfilename)){
ShowMsg("你所上传的文件类型被禁止,系统只允许上传<br>".$cfg_mb_mediatype." 类型附件!","-1");
exit();
}
@move_uploaded_file($imgfile,$fullfilename);
$dsql = new DedeSql(false);
if($dd=="yes")
{
copy($fullfilename,$full_litfilename);
if(in_array($imgfile_type,$cfg_photo_typenames)) ImageResize($full_litfilename,$w,$h);
$urlValue = $bfilename;
$imgsrcValue = $litfilename;
$info = "";
$sizes = getimagesize($full_litfilename,$info);
$imgwidthValue = $sizes[0];
$imgheightValue = $sizes[1];
$imgsize = filesize($full_litfilename);
$inquery = "
INSERT INTO #@__uploads(title,url,mediatype,width,height,playtime,filesize,uptime,adminid,memberid)
VALUES ('小图{$dblitfile}','$imgsrcValue','1','$imgwidthValue','$imgheightValue','0','{$imgsize}','{$nowtme}','".$cuserLogin->getUserID()."','0');
";
<?php
//require_once(dirname(__FILE__)."./../include/config_base.php");
require_once(dirname(__FILE__)."./../member/config.php");
$dsql = new DedeSql(false);
$areas = $sectors = $topsectors = $subsectors = array();
$dsql->setquery("select id, name, reid from #@__sectors order by disorder desc,id asc");
$dsql->Execute();
while($row = $dsql->GetArray())
{
if($row['reid'] == 0){
$topsectors[] = $row;
}else{
$subsectors[] = $row;
}
}
foreach($topsectors as $topsector){
$sectors[] = $topsector;
foreach($subsectors as $key => $subsector){
if($subsector['reid'] == $topsector['id']){
$sectors[] = $subsector;
unset($subsectors[$key]);
}
}
}
//////////////////////地区数据处理s/////////////////////////////
$sql = "select * from #@__area order by disorder asc,id asc";
$dsql->SetQuery($sql);
$dsql->Execute();
<?php
require_once(dirname(__FILE__)."/config.php");
CheckPurview('sys_Keyword');
empty($_COOKIE['ENV_GOBACK_URL']) ? $ENV_GOBACK_URL = "article_keywords_main.php" : $ENV_GOBACK_URL=$_COOKIE['ENV_GOBACK_URL'];
if(!isset($aids)){
ShowMsg("你没有选择要更改的东东!",$ENV_GOBACK_URL);
exit();
}
$dsql = new DedeSql(false);
foreach($aids as $aid)
{
$rpurl = ${'rpurl_'.$aid};
$rpurlold = ${'rpurlold_'.$aid};
$keyword = ${'keyword_'.$aid};
//删除项目
if(!empty(${'isdel_'.$aid}))
{
$query = "update #@__full_search set keywords = Replace(keywords,' $keyword ',' ')";
$dsql->SetQuery($query);
$dsql->ExecuteNoneQuery();
$dsql->SetQuery("Delete From #@__keywords where aid='$aid'");
$dsql->ExecuteNoneQuery();
continue;
}
//禁用项目
$staold = ${'staold_'.$aid};
if(!empty(${'isnouse_'.$aid})) $sta = 0;
else $sta = 1;
if($staold!=$sta)
{
$query1 = "update #@__keywords set sta='$sta',rpurl='$rpurl' where aid='$aid' ";
$cfg_ml->PutLoginInfo($cfg_ml->M_ID);
//该文件,网银自动校单返回参数要到网很后台设设,地址指到该文件路径.
$v_oid = trim($_POST['v_oid']);
$v_pmode = trim($_POST['v_pmode']);
$v_pstatus = trim($_POST['v_pstatus']);
$v_pstring = trim($_POST['v_pstring']);
$v_amount = trim($_POST['v_amount']);
$v_moneytype = trim($_POST['v_moneytype']);
$remark1 = trim($_POST['remark1']);
$remark2 = trim($_POST['remark2']);
$v_md5str = trim($_POST['v_md5str']);
$md5string = strtoupper(md5($v_oid . $v_pstatus . $v_amount . $v_moneytype . $key));
//拼凑加密串
if ($v_md5str == $md5string) {
if ($v_pstatus == "20") {
$dsql = new DedeSql(false);
$buyid = $v_oid;
//获取订单信息,检查订单的有效性
$row = $dsql->GetOne("Select * From #@__member_operation where buyid='{$buyid}' ");
if (!is_array($row) || $row['sta'] == 2) {
$oldinfo = $row['oldinfo'];
}
$mid = $row['mid'];
$pid = $row['pid'];
//更新交易状态为已付款
$dsql->ExecuteNoneQuery("Update #@__member_operation set sta=1 where buyid='{$buyid}' ");
//-------------------------------------------
//会员产品
//-------------------------------------------
if ($row['product'] == 'member') {
$row = $dsql->GetOne(" Select rank,exptime From #@__member_type where aid='{$row['pid']}' ");
require_once(dirname(__FILE__)."/config.php");
CheckPurview('sys_User');
require_once(dirname(__FILE__)."/../include/inc_typelink.php");
if(empty($dopost)) $dopost="";
if($dopost=="add")
{
if(ereg("[^0-9a-zA-Z_@!\.-]",$pwd)){
ShowMsg("用户密码不合法!","-1",0,300);
exit();
}
if(ereg("[^0-9a-zA-Z_@!\.-]",$userid)){
ShowMsg("用户名不合法!","-1",0,300);
exit();
}
$dsql = new DedeSql(false);
$dsql->SetQuery("Select * from `#@__admin` where userid='$userid' Or uname='$uname'");
$dsql->Execute();
$ns = $dsql->GetTotalRow();
if($ns>0){
$dsql->Close();
ShowMsg("用户名或笔名已存在,不允许重复使用!","-1");
exit();
}
$ks = Array();
foreach($typeid as $v){
$vs = explode('-',$v);
if(isset($vs[1])) $t = $vs[1];
else $t = $vs[0];
if(!isset($ks[$vs[0]])) $ks[$t] = 1;
}
<?php
require_once(dirname(__FILE__)."/config.php");
CheckPurview('sys_Edit');
$varname = $_POST['varname'];
if(!eregi('cfg_',$varname)){
ShowMsg("变量名称必须以 cfg_ 开头","-1");
exit();
}
if($vartype=='bool' && ($varvalue!='Y' && $varvalue!='N')){
ShowMsg("布尔变量值必须为'Y'或'N'!","-1");
exit();
}
$varvalue = htmlspecialchars($varvalue);
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select * From #@__sysconfig where varname like '$varname' ");
if(is_array($row)){
ShowMsg("该变量名称已经存在!","-1");
$dsql->Close();
exit();
}
$row = $dsql->GetOne("Select * From #@__sysconfig order by aid desc ");
$aid = $row['aid']+1;
$inquery = "INSERT INTO `#@__sysconfig`(`aid`,`varname`,`info`,`value`,`type`,`group`)
VALUES ('$aid','$varname','$varmsg','$varvalue','$vartype','$vargroup')";
$rs = $dsql->ExecuteNoneQuery($inquery);
<?php
require_once(dirname(__FILE__)."/config.php");
CheckPurview('member_Type');
if(empty($dopost)) $dopost = "";
$dsql = new DedeSql(false);
//保存更改
//--------------------
if($dopost=="save")
{
$startID = 1;
$endID = $idend;
for(;$startID<=$endID;$startID++)
{
$query = "";
$ID = ${"ID_".$startID};
$name = ${"name_".$startID};
$rank = ${"rank_".$startID};
$money = ${"money_".$startID};
if(isset(${"check_".$startID})){
if($rank>0) $query = "update #@__arcrank set membername='$name',money='$money',rank='$rank' where ID='$ID'";
}
else{
$query = "Delete From #@__arcrank where ID='$ID' And rank<>10";
}
if($query!=""){
$dsql->SetQuery($query);
$dsql->ExecuteNoneQuery();
}
}
if(isset($check_new))
//订单加密信息
$signMsg = $Digest;
//密匙
//接收新的md5加密认证
$newmd5info = $newmd5info;
$digest = strtoupper(md5($OrderInfo . $cfg_merpassword));
//本地的校对密钥
$newtext = $m_id . $m_orderid . $m_oamount . $cfg_merpassword . $mState;
$myDigest = strtoupper(md5($newtext));
$mysign == md5($cfg_merchant . $buyid . $money . $success . $cfg_merpassword);
//--------------------------------------------------------
//签名正确
if ($digest == $signMsg && $mState == 2) {
$OrderInfo = HexToStr($OrderInfo);
if ($newmd5info == $myDigest) {
$dsql = new DedeSql(false);
//获取订单信息,检查订单的有效性
$row = $dsql->GetOne("Select state From #@__shops_orders where oid='{$buyid}' ");
if ($row['state'] > 0) {
$msg = "付款已经完成!,系统返回信息( {$buyid} ) <br><br> <a href='control.php'>返回主页</a> ";
ShowMsg($msg, "javascript:;");
$dsql->Close();
exit;
}
$sql = "UPDATE `#@__shops_orders` SET `state`='1' WHERE `oid`='{$buyid}' AND `userid`='" . $cfg_ml->M_ID . "';";
if ($dsql->ExecuteNoneQuery($sql)) {
$dsql->Close();
ShowMsg("支付成功!", "javascript:;");
exit;
} else {
$dsql->Close();
<?php
require(dirname(__FILE__)."/config.php");
CheckPurview('temp_Other');
require_once(dirname(__FILE__)."/../include/inc_typelink.php");
if(empty($dopost)) $dopost = "";
//////////////////////////////////////////
if($dopost=="save")
{
$tagname = trim($tagname);
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select typeid From #@__mytag where typeid='$typeid' And tagname like '$tagname'");
if(is_array($row)){
$dsql->Close();
ShowMsg("在相同栏目下已经存在同名的标记!","-1");
exit();
}
$starttime = GetMkTime($starttime);
$endtime = GetMkTime($endtime);
$inQuery = "
Insert Into #@__mytag(typeid,tagname,timeset,starttime,endtime,normbody,expbody)
Values('$typeid','$tagname','$timeset','$starttime','$endtime','$normbody','$expbody');
";
$dsql->SetQuery($inQuery);
$dsql->ExecuteNoneQuery();
$dsql->Close();
ShowMsg("成功增加一个自定义标记!","mytag_main.php");
exit();
}
$startDay = time();
$endDay = AddDay($startDay,30);
$startDay = GetDateTimeMk($startDay);
function checkUser($username,$userpwd)
{
//只允许用户名和密码用0-9,a-z,A-Z,'@','_','.','-'这些字符
$this->userName = ereg_replace("[^0-9a-zA-Z_@\!\.-]",'',$username);
$this->userPwd = ereg_replace("[^0-9a-zA-Z_@\!\.-]",'',$userpwd);
$pwd = substr(md5($this->userPwd),0,24);
$dsql = new DedeSql(false);
$dsql->SetQuery("Select * From #@__admin where userid='".$this->userName."' limit 0,1");
$dsql->Execute();
$row = $dsql->GetObject();
if(!isset($row->pwd)){
$dsql->Close();
return -1;
}
else if($pwd!=$row->pwd){
$dsql->Close();
return -2;
}
else{
$loginip = GetIP();
$this->userID = $row->ID;
$this->userType = $row->usertype;
$this->userChannel = $row->typeid;
$this->userName = $row->uname;
$groupSet = $dsql->GetOne("Select * From #@__admintype where rank='".$row->usertype."'");
$this->userPurview = $groupSet['purviews'];
$dsql->SetQuery("update #@__admin set loginip='$loginip',logintime='".strftime("%Y-%m-%d %H:%M:%S",time())."' where ID='".$row->ID."'");
$dsql->ExecuteNoneQuery();
$dsql->Close();
return 1;
}
}
CheckPurview('co_EditNote');
require_once(dirname(__FILE__)."/../include/pub_dedetag.php");
$dtp = new DedeTagParse();
$dbnotes = $notes;
$notes = stripslashes($notes);
$dtp->LoadString($notes);
if(!is_array($dtp->CTags)){
ShowMsg("该规则不合法,无法保存!","-1");
$dsql->Close();
exit();
}
$ctag = $dtp->GetTagByName("item");
$query = "
Update #@__conote
set typeid='".$ctag->GetAtt('typeid')."',
gathername='".$ctag->GetAtt('name')."',
language='".$ctag->GetAtt('language')."',
lasttime=0,
savetime='".time()."',
noteinfo='".$dbnotes."'
where nid = $nid;
";
$dsql = new DedeSql(false);
$rs = $dsql->ExecuteNoneQuery($query);
$dsql->Close();
ShowMsg("成功保存规则!","co_main.php");
exit();
}
ClearAllLink();
?>
<?php
require_once dirname(__FILE__) . "/include/common.inc.php";
header("Content-Type: text/html; charset=utf-8");
//header("Content-type:text/vnd.wap.wml");
require_once dirname(__FILE__) . "/include/wap.inc.php";
if (empty($action)) {
$action = 'index';
}
$dsql = new DedeSql(false);
$cfg_templets_dir = $cfg_basedir . $cfg_templets_dir;
$channellist = '';
$newartlist = '';
$channellistnext = '';
//顶级导航列表
$dsql->SetQuery("Select id,typename From `#@__arctype` where reid=0 And channeltype=1 And ishidden=0 And ispart<>2 order by sortrank");
$dsql->Execute();
while ($row = $dsql->GetObject()) {
$channellist .= "<a href='wap.php?action=list&id={$row->id}'>{$row->typename}</a> ";
}
//当前时间
$curtime = strftime("%Y-%m-%d %H:%M:%S", time());
$cfg_webname = ConvertStr($cfg_webname);
//主页
/*------------
function __index();
------------*/
if ($action == 'index') {
//最新文章
$dsql->SetQuery("Select id,title,pubdate From `#@__archives` where channel=1 And arcrank = 0 order by id desc limit 0,10");
$dsql->Execute();
<?php
//require_once(dirname(__FILE__)."./../include/config_base.php");
require_once(dirname(__FILE__)."./../member/config.php");
require_once(dirname(__FILE__)."/../include/pub_datalist_dm.php");
$dsql = new DedeSql(false);
if(empty($areaid)) $areaid = 0;
if(empty($areaid2)) $areaid2 = 0;
if(!isset($sectorid)) $sectorid = 0;
if(!isset($sectorid2)) $sectorid2 = 0;
if(empty($page)) $page = 1;
$areaid = intval($areaid);
$areaid2 = intval($areaid2);
$sectorid = intval($sectorid);
$sectorid2 = intval($sectorid2);
$page = intval($page);
isset($comname) || $comname = '';
$comname = trim($comname);
$allsectors = $areas = array();
$dsql->setquery("select id, name from #@__sectors order by disorder desc,id asc");
$dsql->Execute();
while($row = $dsql->getarray())
{
$allsectors[$row['id']] = $row['name'];
}
//////////////////////地区数据处理s/////////////////////////////
$sql = "select * from #@__area order by disorder desc,id asc";
<?php
require(dirname(__FILE__)."/config.php");
CheckPurview('sys_MakeHtml');
$dsql = new DedeSql(false);
$cids = '';
$dsql->SetQuery("Select ID From `#@__channeltype` ");
$dsql->Execute();
while($row = $dsql->GetArray())
{
$cids .= ($cids=='' ? $row[0] : ','.$row[0]);
}
if($cids!='')
{
$rs = $dsql->ExecuteNoneQuery("Delete From `#@__arctype` where NOT (channeltype in ($cids));");
if($rs>0){
$dsql->ExecuteNoneQuery("OPTIMIZE TABLE `#@__arctype`;");
UpDateCatCache($dsql);
}
$rs = $dsql->ExecuteNoneQuery("Delete From `#@__full_search` where NOT (channeltype in ($cids));");
if($rs>0) $dsql->ExecuteNoneQuery("OPTIMIZE TABLE `#@__full_search`;");
$rs = $dsql->ExecuteNoneQuery("Delete From `#@__archives` where NOT (channel in ($cids));");
if($rs>0) $dsql->ExecuteNoneQuery("OPTIMIZE TABLE `#@__archives`;");
$rs = $dsql->ExecuteNoneQuery("Delete From `#@__archivesspec` where NOT (channel in ($cids));");
if($rs>0) $dsql->ExecuteNoneQuery("OPTIMIZE TABLE `#@__archivesspec`;");
}
<?php
require_once(dirname(__FILE__)."/config.php");
AjaxHead();
if(empty($t)) echo '';
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select aid From #@__full_search where title like '$t' ");
$dsql->Close();
if(is_array($row)) echo "提示:系统已经存在标题为 '<a href='../plus/view.php?aid={$row['aid']}' style='color:red' target='_blank'><u>$t</u></a>' 的文档。[<a href='#' onclick='javascript:HideObj(\"_mytitle\")'>关闭</a>]";
else echo '';
?>
<?php
require_once(dirname(__FILE__)."/config.php");
CheckPurview('plus_站内新闻发布');
if(empty($dopost)) $dopost = "";
$aid = ereg_replace("[^0-9]","",$aid);
$dsql = new DedeSql(false);
if($dopost=="del")
{
$dsql->SetQuery("Delete From #@__mynews where aid='$aid';");
$dsql->ExecuteNoneQuery();
$dsql->Close();
ShowMsg("成功删除一条站内新闻!","mynews_main.php");
exit();
}
else if($dopost=="editsave")
{
$dsql->SetQuery("Update #@__mynews set title='$title',typeid='$typeid',writer='$writer',senddate='".GetMKTime($sdate)."',body='$body' where aid='$aid';");
$dsql->ExecuteNoneQuery();
$dsql->Close();
ShowMsg("成功更改一条站内新闻!","mynews_main.php");
exit();
}
$myNews = $dsql->GetOne("Select #@__mynews.*,#@__arctype.typename From #@__mynews left join #@__arctype on #@__arctype.ID=#@__mynews.typeid where #@__mynews.aid='$aid';");
require_once(dirname(__FILE__)."/templets/mynews_edit.htm");
ClearAllLink();
?>
{dede:match}".$matchstr."{/dede:match}
$trimstr
{dede:function}".$GLOBALS["function".$i]."{/dede:function}
{/dede:note}";
}
}
$itemconfig .= "
{/dede:art}
";
$inQuery = "
Update #@__conote set gathername='$notename',language='$language',arcsource='$arcsource',noteinfo='$itemconfig'
Where nid='$nid';
";
$dsql = new DedeSql(false);
if($dsql->ExecuteNoneQuery($inQuery))
{
$dsql->Close();
ShowMsg("成功更改一个节点!","co_main.php");
exit();
}
else
{
$gerr = $dsql->GetError();
$dsql->Close();
header("Content-Type: text/html; charset={$cfg_ver_lang}");
echo "SQL语句:<xmp>$inQuery</xmp>";
echo "<hr>错误提示:".$gerr."<hr>";
$dsql->Close();
ShowMsg("更改节点失败,请检查原因!","javascript:;");
if(is_array($row)) $nchapnum = $row['chapnum']+1;
else $nchapnum = 1;
$query = "INSERT INTO `#@__story_chapter`(`bookid`,`catid`,`chapnum`,`memberid`,`chaptername`,`bookname`)
VALUES ('$bookid', '$catid', '$nchapnum', '0', '$chapternew','$bookname');";
$rs = $dsql->ExecuteNoneQuery($query);
if($rs){
$chapterid = $dsql->GetLastID();
}
else
{
ShowMsg("增加章节失败,请检查原因!","-1");
exit();
}
}else
{
$dsql = new DedeSql();
}
//获得父栏目
$nrow = $dsql->GetOne("Select * From #@__story_catalog where id='$catid' ");
$bcatid = $nrow['pid'];
$booktype = $nrow['booktype'];
$addtime = time();
//本章最后一个漫画的排列顺次序
$lrow = $dsql->GetOne("Select sortid From #@__story_content where bookid='$bookid' And chapterid='$chapterid' order by sortid desc");
if(empty($lrow)) $sortid = 1;
else $sortid = $lrow['sortid']+1;
<?php
require_once(dirname(__FILE__)."/config.php");
require_once(dirname(__FILE__)."/inc/inc_catalog_options.php");
require_once(DEDEADMIN."/inc/inc_archives_functions.php");
if(empty($channelid)) $channelid=4;
if(empty($cid)) $cid = 0;
$dsql = new DedeSql(false);
if($cid>0)
{
$query = "Select t.typename as arctypename,c.* From #@__arctype t left join #@__channeltype c on c.ID=t.channeltype where t.ID='$cid' ";
$cInfos = $dsql->GetOne($query);
$channelid = $cInfos['ID'];
$addtable = $cInfos['addtable'];
}
else if($channelid>0)
{
$query = " Select * From #@__channeltype where ID='$channelid'";
$cInfos = $dsql->GetOne($query);
$channelid = $cInfos['ID'];
$addtable = $cInfos['addtable'];
}
require_once(dirname(__FILE__)."/templets/flash_add.htm");
ClearAllLink();
?>
<?php
require_once(dirname(__FILE__)."/config.php");
empty($_COOKIE['ENV_GOBACK_URL']) ? $ENV_GOBACK_URL = "-1" : $ENV_GOBACK_URL=$_COOKIE['ENV_GOBACK_URL'];
CheckPurview('sys_Keyword');
$keyword = trim($keyword);
$rank = ereg_replace("[^0-9]","",$rank);
if(ereg(" ",$keyword)||$keyword=="")
{
ShowMsg("关键字不能带有空格或为空!",-1);
exit();
}
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select * From #@__keywords where keyword like '$keyword'");
if(is_array($row))
{
$dsql->Close();
ShowMsg("关键字已存在库中!","-1");
exit();
}
$inquery = "
INSERT INTO #@__keywords(keyword,rank,sta,rpurl) VALUES ('$keyword','$rank','1','$rpurl');
";
$dsql->SetQuery($inquery);
$dsql->ExecuteNoneQuery();
ClearAllLink();
ShowMsg("成功增加一个关键字!",$ENV_GOBACK_URL);
?>
<?php
require_once(dirname(__FILE__)."/../config.php");
CheckPurview('story_New');
require_once(dirname(__FILE__)."/../../include/inc_photograph.php");
require_once(dirname(__FILE__)."/../../include/pub_oxwindow.php");
require_once(dirname(__FILE__)."/../inc/inc_archives_functions.php");
if(!isset($iscommend)) $iscommend = 0;
if($catid==0){
ShowMsg("请指定图书所属栏目!","-1");
exit();
}
$dsql = new DedeSql(false);
//获得父栏目
$nrow = $dsql->GetOne("Select * From #@__story_catalog where id='$catid' ");
$bcatid = $nrow['pid'];
$booktype = $nrow['booktype'];
$pubdate = GetMkTime($pubdate);
$bookname = cn_substr($bookname,50);
if($keywords!="") $keywords = trim(cn_substr($keywords,60));
//处理上传的缩略图
$litpic = GetDDImage('litpic',$litpicname,0);
$adminID = $cuserLogin->getUserID();
$channel = str_replace('#@__',$cfg_dbprefix,$channel['addtable']);
$dsql->GetTableFields($channel);
echo "<div style='border:1px solid #ababab;background-color:#FEFFF0;margin-top:6px;padding:3px;line-height:160%'>";
echo "表(".$channel.")含有的字段:<br>";
while($row = $dsql->GetFieldObject()){
echo "<a href=\"javascript:pf('{$row->name}')\"><u>".$row->name."</u></a>\r\n";
}
echo "<input type='hidden' name='addtable' value='$channel' />";
echo "</div>";
$dsql->Close();
exit();
}elseif($action == 'fetch')
{
header("Content-Type: text/html; charset={$cfg_ver_lang}");
$dsql = new DedeSql(false);
if(empty($startdd)) $startdd = 0;
if(empty($pagesize)) $pagesize = 100;
if(empty($totalnum)) $totalnum = 0;
if(empty($sid)) $sid = 0;
if(empty($eid)) $eid = 0;
if(empty($dojob)) $dojob = 'desc';
$addtable = urldecode($addtable);
$addtable = ereg_replace("[^0-9a-zA-Z_#@]","",$addtable);
$rpfield = ereg_replace("[^0-9a-zA-Z_\[\]]","",$rpfield);
$channel = intval($channel);
if($dsize>250) $dsize = 250;
$channelinfo = $dsql->getone("select * from #@__channeltype where ID=$channel");
$maintable = $channelinfo['maintable'];
if(empty($totalnum)){
echo "<script src='{$cfg_plus_dir}/ad_js.php?aid=$aid' language='javascript'></script>";
exit();
}
else if($dopost=="saveedit")
{
$dsql = new DedeSql(false);
$starttime = GetMkTime($starttime);
$endtime = GetMkTime($endtime);
$query = "
Update #@__myad
set
typeid='$typeid',
adname='$adname',
timeset='$timeset',
starttime='$starttime',
endtime='$endtime',
normbody='$normbody',
expbody='$expbody'
where aid='$aid'
";
$dsql->SetQuery($query);
$dsql->ExecuteNoneQuery();
$dsql->Close();
ShowMsg("成功更改一则广告代码!",$ENV_GOBACK_URL);
exit();
}
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select * From #@__myad where aid='$aid'");
ClearAllLink();
require_once(dirname(__FILE__)."/templets/ad_edit.htm");
?>
