$lv->Close();
$row['typedir'] = eregi_replace("\{cmspath\}",$cfg_cmspath,$row['typedir']);
$editurl = "file_manage_view.php?backurl=catalog_main.php&fmdo=editview&ishead=yes&filename=".$row['defaultname']."&activepath=".urlencode($row['typedir'])."&job=edit";
header("location:$editurl");
exit();
}
/*-----------
编辑模板页面
function editSgTemplet();
-----------*/
else if($dopost=="editSgTemplet")
{
//检查权限许可
CheckPurview('plus_文件管理器');
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select tempone From #@__arctype where ID='$cid'");
$dsql->Close();
$tempone = $row['tempone'];
$tempone = eregi_replace("\{style\}",$cfg_df_style,$tempone);
if(!is_file($cfg_basedir.$cfg_templets_dir."/".$tempone)){
ShowMsg("这个单独页面没有使用模板,现在转向直接编辑这个页面。","catalog_do.php?cid=$cid&dopost=editSgPage");
exit();
}
$tempones = explode('/',$tempone);
$filename = $tempones[count($tempones)-1];
$tmpdir = $cfg_templets_dir;
if(count($tempones)>1){
foreach($tempones as $v){
if($v!="") $tmpdir .= "/".$v;
}
}
$rs = $dsql->ExecuteNoneQuery($query);
if($rs){
$chapterid = $dsql->GetLastID();
}
else
{
ShowMsg("增加章节失败,请检查原因!","-1");
exit();
}
}else
{
$dsql = new DedeSql();
}
//获得父栏目
$nrow = $dsql->GetOne("Select * From #@__story_catalog where id='$catid' ");
$bcatid = $nrow['pid'];
$booktype = $nrow['booktype'];
$addtime = time();
//本章最后一个漫画的排列顺次序
$lrow = $dsql->GetOne("Select sortid From #@__story_content where bookid='$bookid' And chapterid='$chapterid' order by sortid desc");
if(empty($lrow)) $sortid = 1;
else $sortid = $lrow['sortid']+1;
//处理上传的图片
if(!isset($isremote)) $isremote = 0;
//$bigpic = UploadOneImage('bigpic',$bigpicname,$ddisremote);
<?php
require_once(dirname(__FILE__)."/config.php");
empty($_COOKIE['ENV_GOBACK_URL']) ? $ENV_GOBACK_URL = "-1" : $ENV_GOBACK_URL=$_COOKIE['ENV_GOBACK_URL'];
CheckPurview('sys_Keyword');
$keyword = trim($keyword);
$rank = ereg_replace("[^0-9]","",$rank);
if(ereg(" ",$keyword)||$keyword=="")
{
ShowMsg("关键字不能带有空格或为空!",-1);
exit();
}
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select * From #@__keywords where keyword like '$keyword'");
if(is_array($row))
{
$dsql->Close();
ShowMsg("关键字已存在库中!","-1");
exit();
}
$inquery = "
INSERT INTO #@__keywords(keyword,rank,sta,rpurl) VALUES ('$keyword','$rank','1','$rpurl');
";
$dsql->SetQuery($inquery);
$dsql->ExecuteNoneQuery();
ClearAllLink();
ShowMsg("成功增加一个关键字!",$ENV_GOBACK_URL);
?>
function checkUser($username,$userpwd)
{
//只允许用户名和密码用0-9,a-z,A-Z,'@','_','.','-'这些字符
$this->userName = ereg_replace("[^0-9a-zA-Z_@\!\.-]",'',$username);
$this->userPwd = ereg_replace("[^0-9a-zA-Z_@\!\.-]",'',$userpwd);
$pwd = substr(md5($this->userPwd),0,24);
$dsql = new DedeSql(false);
$dsql->SetQuery("Select * From #@__admin where userid='".$this->userName."' limit 0,1");
$dsql->Execute();
$row = $dsql->GetObject();
if(!isset($row->pwd)){
$dsql->Close();
return -1;
}
else if($pwd!=$row->pwd){
$dsql->Close();
return -2;
}
else{
$loginip = GetIP();
$this->userID = $row->ID;
$this->userType = $row->usertype;
$this->userChannel = $row->typeid;
$this->userName = $row->uname;
$groupSet = $dsql->GetOne("Select * From #@__admintype where rank='".$row->usertype."'");
$this->userPurview = $groupSet['purviews'];
$dsql->SetQuery("update #@__admin set loginip='$loginip',logintime='".strftime("%Y-%m-%d %H:%M:%S",time())."' where ID='".$row->ID."'");
$dsql->ExecuteNoneQuery();
$dsql->Close();
return 1;
}
}
<?php
require_once(dirname(__FILE__)."/config.php");
CheckPurview('plus_站内新闻发布');
if(empty($dopost)) $dopost = "";
$aid = ereg_replace("[^0-9]","",$aid);
$dsql = new DedeSql(false);
if($dopost=="del")
{
$dsql->SetQuery("Delete From #@__mynews where aid='$aid';");
$dsql->ExecuteNoneQuery();
$dsql->Close();
ShowMsg("成功删除一条站内新闻!","mynews_main.php");
exit();
}
else if($dopost=="editsave")
{
$dsql->SetQuery("Update #@__mynews set title='$title',typeid='$typeid',writer='$writer',senddate='".GetMKTime($sdate)."',body='$body' where aid='$aid';");
$dsql->ExecuteNoneQuery();
$dsql->Close();
ShowMsg("成功更改一条站内新闻!","mynews_main.php");
exit();
}
$myNews = $dsql->GetOne("Select #@__mynews.*,#@__arctype.typename From #@__mynews left join #@__arctype on #@__arctype.ID=#@__mynews.typeid where #@__mynews.aid='$aid';");
require_once(dirname(__FILE__)."/templets/mynews_edit.htm");
ClearAllLink();
?>
<?php
require_once(dirname(__FILE__)."/config.php");
AjaxHead();
if(empty($t)) echo '';
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select aid From #@__full_search where title like '$t' ");
$dsql->Close();
if(is_array($row)) echo "提示:系统已经存在标题为 '<a href='../plus/view.php?aid={$row['aid']}' style='color:red' target='_blank'><u>$t</u></a>' 的文档。[<a href='#' onclick='javascript:HideObj(\"_mytitle\")'>关闭</a>]";
else echo '';
?>
require_once(dirname(__FILE__)."/../config.php");
CheckPurview('story_New');
require_once(dirname(__FILE__)."/../../include/inc_photograph.php");
require_once(dirname(__FILE__)."/../../include/pub_oxwindow.php");
require_once(dirname(__FILE__)."/../inc/inc_archives_functions.php");
if(!isset($iscommend)) $iscommend = 0;
if($catid==0){
ShowMsg("请指定图书所属栏目!","-1");
exit();
}
$dsql = new DedeSql(false);
//获得父栏目
$nrow = $dsql->GetOne("Select * From #@__story_catalog where id='$catid' ");
$bcatid = $nrow['pid'];
$booktype = $nrow['booktype'];
$pubdate = GetMkTime($pubdate);
$bookname = cn_substr($bookname,50);
if($keywords!="") $keywords = trim(cn_substr($keywords,60));
//处理上传的缩略图
$litpic = GetDDImage('litpic',$litpicname,0);
$adminID = $cuserLogin->getUserID();
//自动摘要
<?php
require_once(dirname(__FILE__)."/config.php");
CheckPurview('sys_MakeHtml');
require_once(dirname(__FILE__)."/../include/inc_typelink.php");
$dsql = new DedeSql(false);
$action = (empty($action) ? '' : $action);
if($action=='')
{
$row = $dsql->GetOne("Select * From `#@__task`");
if(!is_array($row))
{
$ks = explode(',','usermtools,rmpwd,tasks,typeid,startid,endid,nodes,dotime,degree');
foreach($ks as $k) $row[$k] = '';
$row['dotime'] = '02:30:00';
$row['usermtools'] = '1';
}
require_once(dirname(__FILE__)."/templets/makehtml_task.htm");
$dsql->Close();
exit();
}
else if($action=='save')
{
if(!is_array($tasks)){
ShowMsg("你没选择需要操作的任务!","-1");
exit();
}
if(empty($rmpwd)){
ShowMsg("远程管理密码不能为空!","-1");
exit();
}
if(eregi("[^0-9a-z@!]",$rmpwd)){
{
$dsql = new DedeSql();
$dsql->ExecuteNoneQuery("Update #@__story_chapter set chaptername='$chaptername',chapnum='$chapnum' where id='$cid' ");
AjaxHead();
echo "<font color='red'>成功更新章节:{$chaptername} ! [<a href=\"javascript:CloseLayer('editchapter')\">关闭提示</a>]</font> <br /><br /> 提示:修改章节名称或章节序号直接在左边修改,然后点击右边的 [更新] 会保存。 ";
$dsql->Close();
exit();
}
/*--------------------
function DelChapter()
删除章节信息
-------------------*/
else if($action=='delChapter')
{
$dsql = new DedeSql();
$row = $dsql->GetOne("Select c.bookid,b.booktype From #@__story_chapter c left join #@__story_books b on b.id=c.bookid where c.id='$cid' ");
$bookid = $row['bookid'];
$booktype = $row['booktype'];
$dsql->ExecuteNoneQuery("Delete From #@__story_chapter where id='$cid' ");
//删除图片
if($booktype==1)
{
$dsql->SetQuery("Select bigpic From #@__story_content where bookid='$bookid' ");
$dsql->Execute();
while($row = $dsql->GetArray()){
$bigpic = $row['bigpic'];
if( $bigpic!="" && !eregi('^http://',$bigpic) ) @unlink($cfg_basedir.$bigpic);
}
}
$dsql->ExecuteNoneQuery("Delete From #@__story_content where chapterid='$cid' ");
//更新图书记录
function CheckUser($loginuser,$loginpwd)
{
if(!TestStringSafe($loginuser)||!TestStringSafe($loginpwd))
{
ShowMsg("用户名或密码不合法!","-1");
exit();
}
$loginuser = ereg_replace("[;%'\\\?\*\$]","",$loginuser);
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select ID,pwd From #@__member where userid='$loginuser' ");
if(is_array($row)) //用户存在
{
//密码错误
if($row['pwd'] != $loginpwd){ return -1; }
else{ //成功登录
$dsql->ExecuteNoneQuery("update #@__member set logintime='".time()."',loginip='".GetIP()."' where ID='{$row['ID']}';");
$dsql->Close();
$this->PutLoginInfo($row['ID']);
$this->FushCache();
return 1;
}
}else{ //用户不存在
return 0;
}
}
ob_start();
include $cfg_templets_dir . "/mobile/index.htm";
$pageBody = ob_get_contents();
ob_end_clean();
$fp = @fopen('../m/index.html', 'w') or die('读取失败,确定有写入权限?');
fwrite($fp, $pageBody);
fclose($fp);
exit('更新主页成功');
} else {
if ($action == 'list') {
$id = ereg_replace("[^0-9]", '', $id);
if (empty($id)) {
exit('List Error!');
}
require DEDEINC . "/datalistcpWap.class.php";
$row = $dsql->GetOne("Select typename,ishidden, description,seotitle,keywords From `#@__arctype` where id='{$id}' ");
if ($row['ishidden'] == 1) {
exit('this listID is hiddening');
}
$typename = ConvertStr($row['typename']);
$keywords = ConvertStr($row['typename']);
$description = ConvertStr($row['description']);
$seotitle = ConvertStr($row['seotitle']);
//当前栏目下级分类
$dsql->SetQuery("Select id,typename From `#@__arctype` where reid='{$id}' And channeltype=1 And ishidden=0 And ispart<>2 order by sortrank");
$dsql->Execute();
while ($row = $dsql->GetObject()) {
$channellistnext .= "<li><a href='{$hostName}/list/{$row->id}.html'>" . ConvertStr($row->typename) . "</a></li>";
}
//栏目内容(分页输出)
$sids = GetSonIds($id, 1, true);
function GetCoRank($arcrank,$typeid){
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select corank From #@__arctype where ID='$typeid' ");
if($row['corank']!=0) return $row['corank'];
else return $arcrank;
}
<?php
require_once(dirname(__FILE__)."/config.php");
require_once(dirname(__FILE__)."/../include/pub_dedetag.php");
require_once(dirname(__FILE__)."/inc/inc_admin_channel.php");
if(empty($action)) $action = '';
//获取模型信息
$dsql = new DedeSql(false);
$mysql_version = $dsql->GetVersion();
$mysql_versions = explode(".",trim($mysql_version));
$mysql_version = $mysql_versions[0].".".$mysql_versions[1];
$row = $dsql->GetOne("Select fieldset,maintable,addtable,issystem From #@__channeltype where ID='$ID'");
$fieldset = $row['fieldset'];
$trueTable = $row['addtable'];
$dtp = new DedeTagParse();
$dtp->SetNameSpace("field","<",">");
$dtp->LoadSource($fieldset);
foreach($dtp->CTags as $ctag){
if(strtolower($ctag->GetName())==strtolower($fname)) break;
}
//字段类型信息
$ds = file(dirname(__FILE__)."/inc/fieldtype.txt");
foreach($ds as $d){
$dds = explode(',',trim($d));
$fieldtypes[$dds[0]] = $dds[1];
}
//保存更改
/*--------------------
function _SAVE()
<?php
require_once(dirname(__FILE__)."/config.php");
CheckPurview('sys_SoftConfig');
if(empty($dopost)) $dopost = "";
//保存
$dsql = new DedeSql(false);
$upok = '';
if($dopost=="save")
{
$query = "UPDATE `#@__softconfig` SET downtype = '$downtype' , showlocal = '$showlocal',
gotojump='$gotojump' , ismoresite = '$ismoresite',sites = '$sites'";
$dsql->SetQuery($query);
$dsql->ExecuteNoneQuery();
$upok = "<font color='red'>成功保存更改!</font>";
}
//读取参数
$row = $dsql->GetOne("select * From #@__softconfig");
if(!is_array($row)){
$dsql->ExecuteNoneQuery("INSERT INTO `#@__softconfig` ( `downtype` , `ismoresite` ,`showlocal` , `gotojump` , `sites` ) VALUES ('0', '0','0' , '0', '');");
$row['downtype']=1;
$row['ismoresite']=0;
$row['sites']="";
$row['gotojump']=0;
}
require_once(dirname(__FILE__)."/templets/soft_config.htm");
ClearAllLink();
?>
$v_pmode = trim($_POST['v_pmode']);
$v_pstatus = trim($_POST['v_pstatus']);
$v_pstring = trim($_POST['v_pstring']);
$v_amount = trim($_POST['v_amount']);
$v_moneytype = trim($_POST['v_moneytype']);
$remark1 = trim($_POST['remark1']);
$remark2 = trim($_POST['remark2']);
$v_md5str = trim($_POST['v_md5str']);
$md5string = strtoupper(md5($v_oid . $v_pstatus . $v_amount . $v_moneytype . $key));
//拼凑加密串
if ($v_md5str == $md5string) {
if ($v_pstatus == "20") {
$dsql = new DedeSql(false);
$buyid = $v_oid;
//获取订单信息,检查订单的有效性
$row = $dsql->GetOne("Select * From #@__member_operation where buyid='{$buyid}' ");
if (!is_array($row) || $row['sta'] == 2) {
$oldinfo = $row['oldinfo'];
}
$mid = $row['mid'];
$pid = $row['pid'];
//更新交易状态为已付款
$dsql->ExecuteNoneQuery("Update #@__member_operation set sta=1 where buyid='{$buyid}' ");
//-------------------------------------------
//会员产品
//-------------------------------------------
if ($row['product'] == 'member') {
$row = $dsql->GetOne(" Select rank,exptime From #@__member_type where aid='{$row['pid']}' ");
$rank = $row['rank'];
$exptime = $row['exptime'];
$equery = " Update #@__member set \r\n\t\t\t\t\t\t\t\t\tmembertype='{$rank}',exptime='{$exptime}',uptime='" . time() . "' where mid='{$mid}' ";
if(!isset($channelid)) $channelid = 0;
if(!isset($typeid)) $typeid = 0;
if(!isset($pageno)) $pageno = 1;
if(!isset($startid)) $startid = 0;
if(!isset($endid)) $endid = 0;
if(!isset($makehtml)) $makehtml = 0;
if(!isset($onlytitle)) $onlytitle = 0;
if(!isset($smakeid)) $smakeid = 0;
$nid = intval($nid);
if($channelid>0 && $typeid==0){
ShowMsg('请指定栏目ID!','javascript:;');
exit();
}
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select ex.*,n.arcsource From `#@__conote` n left join `#@__co_exrule` ex on ex.aid=n.typeid where nid='$nid'");
if(!is_array($row)){
ShowMsg('找不到导入规则,无法完成操作!','javascript:;');
$dsql->Close();
exit();
}
$channelid = $row['channelid'];
$etype = $row['etype'];
$arcsource = $row['arcsource'];
$senddate = time();
$typeinfos = $dsql->GetOne("Select * From `#@__arctype` where ID='$typeid'",MYSQL_ASSOC);
//分析规则,并生成临时的SQL语句
//-------------------------------------
$dtp = new DedeTagParse();
$dtp->LoadString($row['ruleset']);
<?php
require(dirname(__FILE__)."/config.php");
CheckPurview('co_EditNote');
if(empty($job)) $job="";
if($job=="")
{
require_once(dirname(__FILE__)."/../include/pub_oxwindow.php");
$wintitle = "更改采集规则";
$wecome_info = "<a href='co_main.php'><u>采集点管理</u></a>::更改采集规则";
$win = new OxWindow();
$win->Init("co_edit_text.php","js/blank.js","POST");
$win->AddHidden("job","yes");
$win->AddHidden("nid",$nid);
$win->AddTitle("文本配置专家更改模式:[<a href='co_edit.php?nid={$nid}'>使用可视化修改模式</a>]");
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select * From #@__conote where nid='$nid' ");
$dsql->Close();
$win->AddMsgItem("<textarea name='notes' style='width:100%;height:500px' rows='20'>{$row['noteinfo']}</textarea>");
$winform = $win->GetWindow("ok");
$win->Display();
exit();
}
else
{
CheckPurview('co_EditNote');
require_once(dirname(__FILE__)."/../include/pub_dedetag.php");
$dtp = new DedeTagParse();
$dbnotes = $notes;
$notes = stripslashes($notes);
$dtp->LoadString($notes);
if(!is_array($dtp->CTags)){
$pv->Close();
}
else{
$fp = fopen($filename,"w") or die("创建:{$filename} 失败,可能是没有权限!");
fwrite($fp,stripslashes($body));
fclose($fp);
}
ShowMsg("成功更新一个页面!","templets_one.php");
exit();
}
/*----------------------
function __delete();
-------------------*/
else if($dopost=="delete")
{
$row = $dsql->GetOne("Select filename From #@__sgpage where aid='$aid'");
$filename = $cfg_basedir.$cfg_cmspath."/".$row['filename'];
$dsql->SetQuery("Delete From #@__sgpage where aid='$aid'");
$dsql->ExecuteNoneQuery();
$dsql->Close();
if(is_file($filename)) unlink($filename);
ShowMsg("成功删除一个页面!","templets_one.php");
exit();
}
/*----------------------
function __make();
-------------------*/
else if($dopost=="make")
{
require_once(dirname(__FILE__)."/../include/inc_arcpart_view.php");
$dsql->SetQuery("update #@__sgpage set uptime='".time()."' where aid='$aid'");
<?php
require_once(dirname(__FILE__)."/config.php");
require_once(dirname(__FILE__)."/inc/inc_catalog_options.php");
require_once(DEDEADMIN."/inc/inc_archives_functions.php");
if(empty($channelid)) $channelid=4;
if(empty($cid)) $cid = 0;
$dsql = new DedeSql(false);
if($cid>0)
{
$query = "Select t.typename as arctypename,c.* From #@__arctype t left join #@__channeltype c on c.ID=t.channeltype where t.ID='$cid' ";
$cInfos = $dsql->GetOne($query);
$channelid = $cInfos['ID'];
$addtable = $cInfos['addtable'];
}
else if($channelid>0)
{
$query = " Select * From #@__channeltype where ID='$channelid'";
$cInfos = $dsql->GetOne($query);
$channelid = $cInfos['ID'];
$addtable = $cInfos['addtable'];
}
require_once(dirname(__FILE__)."/templets/flash_add.htm");
ClearAllLink();
?>
if(empty($sid)) $sid = 0;
if(empty($eid)) $eid = 0;
$addtable = urldecode($addtable);
$addtable = ereg_replace("[^a-zA-Z_#@]","",$addtable);
$rpfield = ereg_replace("[^a-zA-Z_\[\]]","",$rpfield);
//$channel = ereg_replace("[^0-9]","",$channel);
$channel = intval($channel);
$channelinfo = $dsql->getone("select * from #@__channeltype where ID=$channel");
$maintable = $channelinfo['maintable'];
require_once(dirname(__FILE__)."/inc/inc_archives_functions.php");
//统计记录总数
if($totalnum==0){
$addquery = " where channel='$channel' ";
if($sid!=0) $addquery .= " and ID>='$sid' ";
if($eid!=0) $addquery .= " and ID<='$eid' ";
$row = $dsql->GetOne("Select count(*) as dd From $maintable $addquery;");
$totalnum = $row['dd'];
}
//获取记录,并分析
if($totalnum > $startdd+$pagesize){
$limitSql = " limit $startdd,$pagesize";
}elseif(($totalnum-$startdd)>0){
$limitSql = " limit $startdd,".($totalnum - $startdd);
}else $limitSql = "";
$tjnum = $startdd;
if($limitSql!=""){
$where = array();
if($sid!=0) $where[] = "aid>='$sid'";
if($eid!=0) $where[] = "aid<='$eid'";
echo "<script src='{$cfg_plus_dir}/ad_js.php?aid=$aid' language='javascript'></script>";
exit();
}
else if($dopost=="saveedit")
{
$dsql = new DedeSql(false);
$starttime = GetMkTime($starttime);
$endtime = GetMkTime($endtime);
$query = "
Update #@__myad
set
typeid='$typeid',
adname='$adname',
timeset='$timeset',
starttime='$starttime',
endtime='$endtime',
normbody='$normbody',
expbody='$expbody'
where aid='$aid'
";
$dsql->SetQuery($query);
$dsql->ExecuteNoneQuery();
$dsql->Close();
ShowMsg("成功更改一则广告代码!",$ENV_GOBACK_URL);
exit();
}
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select * From #@__myad where aid='$aid'");
ClearAllLink();
require_once(dirname(__FILE__)."/templets/ad_edit.htm");
?>
<?php
require(dirname(__FILE__)."/config.php");
CheckPurview('member_Edit');
if(!isset($_COOKIE['ENV_GOBACK_URL'])) $ENV_GOBACK_URL = "";
else $ENV_GOBACK_URL="member_main.php";
$ID = ereg_replace("[^0-9]","",$ID);
$dsql = new DedeSql(false);
$row=$dsql->GetOne("select m.*, mc.* from #@__member m left join #@__member_cominfo mc on mc.id=m.ID where m.ID='$ID'");
$sql = "select * from #@__sectors";
$dsql->SetQuery($sql);
$dsql->Execute();
$topsectors = $subsectors = array();
while($sector = $dsql->GetArray())
{
if($sector['reid'] == 0) {
$topsectors[] = $sector;
} else {
$subsectors[] = $sector;
}
}
$sectorcache = "<!--\ntopsectors=new Array();\n\n";
$typeid1name = $typeid2name = '-不限-';
foreach($topsectors as $topkey => $topsector)
{
if($topsector['id'] == $row['typeid1'])
{
$typeid1name = $topsector['name'];
}
$sectorcache .= "topsectors[$topkey]=".'"'.$topsector['id'].'~'.$topsector['name'].'";'."\n";
$sectorcache .= "\t".'subsectors'.$topsector['id'].'=new Array();'."\n";
$newartlist .= "<a href='wap.php?action=article&id={$row->id}'>" . ConvertStr($row->title) . "</a> [" . date("m-d", $row->pubdate) . "]<br />";
}
//显示WML
include $cfg_templets_dir . "/wap/index.wml";
$dsql->Close();
echo $pageBody;
exit;
} else {
if ($action == 'list') {
$needCode = 'utf-8';
$id = ereg_replace("[^0-9]", '', $id);
if (empty($id)) {
exit('Error!');
}
require_once dirname(__FILE__) . "/include/datalistcp.class.php";
$row = $dsql->GetOne("Select typename,ishidden From `#@__arctype` where id='{$id}' ");
if ($row['ishidden'] == 1) {
exit;
}
$typename = ConvertStr($row['typename']);
//当前栏目下级分类
$dsql->SetQuery("Select id,typename From `#@__arctype` where reid='{$id}' And channeltype=1 And ishidden=0 And ispart<>2 order by sortrank");
$dsql->Execute();
while ($row = $dsql->GetObject()) {
$channellistnext .= "<a href='wap.php?action=list&id={$row->id}'>" . ConvertStr($row->typename) . "</a> ";
}
//栏目内容(分页输出)
$sids = GetSonIds($id, 1, true);
$varlist = "cfg_webname,typename,channellist,channellistnext,cfg_templeturl";
ConvertCharset($varlist);
$dlist = new DataListCP();
<?php
require(dirname(__FILE__)."/config.php");
CheckPurview('temp_Other');
require_once(dirname(__FILE__)."/../include/inc_typelink.php");
if(empty($dopost)) $dopost = "";
//////////////////////////////////////////
if($dopost=="save")
{
$tagname = trim($tagname);
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select typeid From #@__mytag where typeid='$typeid' And tagname like '$tagname'");
if(is_array($row)){
$dsql->Close();
ShowMsg("在相同栏目下已经存在同名的标记!","-1");
exit();
}
$starttime = GetMkTime($starttime);
$endtime = GetMkTime($endtime);
$inQuery = "
Insert Into #@__mytag(typeid,tagname,timeset,starttime,endtime,normbody,expbody)
Values('$typeid','$tagname','$timeset','$starttime','$endtime','$normbody','$expbody');
";
$dsql->SetQuery($inQuery);
$dsql->ExecuteNoneQuery();
$dsql->Close();
ShowMsg("成功增加一个自定义标记!","mytag_main.php");
exit();
}
$startDay = time();
$endDay = AddDay($startDay,30);
$startDay = GetDateTimeMk($startDay);
$wecome_info = "<a href='".$ENV_GOBACK_URL."'>文档管理</a>::移动文档";
$win = new OxWindow();
$win->Init("archives_do.php","js/blank.js","POST");
$win->AddHidden("fmdo","yes");
$win->AddHidden("dopost",$dopost);
$win->AddHidden("qstr",$qstr);
$win->AddHidden("aid",$aid);
$win->AddTitle("你目前的操作是移动文档,请选择目标栏目:");
$win->AddMsgItem($typeOptions,"30","1");
$win->AddMsgItem("你选中的文档ID是: $qstr <br>移动的栏目必须和选定的文档频道类型一致,否则程序会自动勿略不符合的文档。","30","1");
$winform = $win->GetWindow("ok");
$win->Display();
}else{
$targetTypeid = ereg_replace('[^0-9]','',$targetTypeid);
$dsql = new DedeSql(false);
$typeInfos = $dsql->GetOne(" Select * From #@__arctype where ID='$targetTypeid' ");
if(!is_array($typeInfos)){
ShowMsg("参数错误!","-1");
$dsql->Close();
exit();
}
if($typeInfos['ispart']!=0){
ShowMsg("文档保存的栏目必须为最终列表栏目!","-1");
$dsql->Close();
exit();
}
$arcids = explode('`',$qstr);
$arc = "";
$j = 0;
$okids = Array();
foreach($arcids as $arcid){
//密匙
//接收新的md5加密认证
$newmd5info = $newmd5info;
$digest = strtoupper(md5($OrderInfo . $cfg_merpassword));
//本地的校对密钥
$newtext = $m_id . $m_orderid . $m_oamount . $cfg_merpassword . $mState;
$myDigest = strtoupper(md5($newtext));
$mysign == md5($cfg_merchant . $buyid . $money . $success . $cfg_merpassword);
//--------------------------------------------------------
//签名正确
if ($digest == $signMsg && $mState == 2) {
$OrderInfo = HexToStr($OrderInfo);
if ($newmd5info == $myDigest) {
$dsql = new DedeSql(false);
//获取订单信息,检查订单的有效性
$row = $dsql->GetOne("Select state From #@__shops_orders where oid='{$buyid}' ");
if ($row['state'] > 0) {
$msg = "付款已经完成!,系统返回信息( {$buyid} ) <br><br> <a href='control.php'>返回主页</a> ";
ShowMsg($msg, "javascript:;");
$dsql->Close();
exit;
}
$sql = "UPDATE `#@__shops_orders` SET `state`='1' WHERE `oid`='{$buyid}' AND `userid`='" . $cfg_ml->M_ID . "';";
if ($dsql->ExecuteNoneQuery($sql)) {
$dsql->Close();
ShowMsg("支付成功!", "javascript:;");
exit;
} else {
$dsql->Close();
ShowMsg("支付失败", "javascript:;");
exit;
} else {
$nchapnum = 1;
}
$query = "INSERT INTO `#@__story_chapter`(`bookid`,`catid`,`chapnum`,`mid`,`chaptername`,`bookname`)\n VALUES ('{$bookid}', '{$catid}', '{$nchapnum}', '0', '{$chapternew}','{$bookname}');";
$rs = $dsql->ExecuteNoneQuery($query);
if ($rs) {
$chapterid = $dsql->GetLastID();
} else {
ShowMsg("增加章节失败,请检查原因!", "-1");
exit;
}
} else {
$dsql = new DedeSql();
}
//获得父栏目
$nrow = $dsql->GetOne("SELECT * FROM #@__story_catalog WHERE id='{$catid}' ");
$bcatid = $nrow['pid'];
$booktype = $nrow['booktype'];
if (empty($bcatid)) {
$bcatid = 0;
}
if (empty($booktype)) {
$booktype = 0;
}
$addtime = time();
//处理上传的缩略图
if (!isset($isremote)) {
$isremote = 0;
}
$bigpic = UploadOneImage('imgfile', $imgurl, $isremote);
$adminID = $cuserLogin->getUserID();
CheckPurview('sys_Edit');
$varname = $_POST['varname'];
if(!eregi('cfg_',$varname)){
ShowMsg("变量名称必须以 cfg_ 开头","-1");
exit();
}
if($vartype=='bool' && ($varvalue!='Y' && $varvalue!='N')){
ShowMsg("布尔变量值必须为'Y'或'N'!","-1");
exit();
}
$varvalue = htmlspecialchars($varvalue);
$dsql = new DedeSql(false);
$row = $dsql->GetOne("Select * From #@__sysconfig where varname like '$varname' ");
if(is_array($row)){
ShowMsg("该变量名称已经存在!","-1");
$dsql->Close();
exit();
}
$row = $dsql->GetOne("Select * From #@__sysconfig order by aid desc ");
$aid = $row['aid']+1;
$inquery = "INSERT INTO `#@__sysconfig`(`aid`,`varname`,`info`,`value`,`type`,`group`)
VALUES ('$aid','$varname','$varmsg','$varvalue','$vartype','$vargroup')";
$rs = $dsql->ExecuteNoneQuery($inquery);
if(!$rs){
if(empty($eid)) $eid = 0;
if(empty($dojob)) $dojob = 'desc';
$addtable = urldecode($addtable);
$addtable = ereg_replace("[^0-9a-zA-Z_#@]","",$addtable);
$rpfield = ereg_replace("[^0-9a-zA-Z_\[\]]","",$rpfield);
$channel = intval($channel);
if($dsize>250) $dsize = 250;
$channelinfo = $dsql->getone("select * from #@__channeltype where ID=$channel");
$maintable = $channelinfo['maintable'];
if(empty($totalnum)){
$addquery = "";
if($sid!=0) $addquery = " And aid>='$sid' ";
if($eid!=0) $addquery = " And aid<='$eid' ";
$tjQuery = "Select count(*) as dd From #@__full_search where channelid='{$channel}' $addquery";
$row = $dsql->GetOne($tjQuery);
$totalnum = $row['dd'];
}
if($totalnum > 0){
$addquery = "";
if($sid!=0) $addquery = " And maintable.ID>='$sid' ";
if($eid!=0) $addquery = " And maintable.ID<='$eid' ";
$fquery = "
Select maintable.ID,maintable.title,maintable.description,addtable.{$rpfield} as body
From $maintable maintable left join {$addtable} addtable on addtable.aid=maintable.ID
where maintable.channel='{$channel}' $addquery limit $startdd,$pagesize ;
";
$dsql->SetQuery($fquery);
$dsql->Execute();
while($row=$dsql->GetArray())
{
ShowMsg('添加地区成功,将返回地区管理页面','area.php');
}else
{
ShowMsg('更新地区失败,将返回地区管理页面','area.php');
}
/*
function edit()
*/
}elseif($action == 'edit')
{
if(empty($step)){
$sectorscache = '<option value="0">无(作为一级地区)</option>';
$sql = "select * from #@__area where id=$id";
$db->SetQuery($sql);
$sector = $db->GetOne();
$sql = "select * from #@__area where reid=0 and id!=$id order by disorder asc, id asc";
$db->SetQuery($sql);
$db->Execute();
while($topsector = $db->GetArray())
{
$check = '';
if($sector['reid'] != 0 && $topsector['id'] == $sector['reid'])
{
$check = 'selected';
}
$sectorscache .= '<option value="'.$topsector['id'].'" '. $check.'>'.$topsector['name'].'</option>';
}
include(dirname(__FILE__)."/templets/area.htm");
}elseif($step == 2){
