function thumb($url = '', $source = '', $name = '', $type = -1, $width = 0, $height = 0) { //如何生成不成功,则返回原url global $cms_abs, $cmsurl, $ftp_url, $atm_smallsite; if (!$url || !$source || !$name || !$width || !$height) { return $url; } include_once M_ROOT . "./include/upload.cls.php"; if ($ftp_url && preg_match(u_regcode($ftp_url), $url)) { //ftp上的文件 include_once M_ROOT . "./include/http.cls.php"; include_once M_ROOT . "./include/ftp.fun.php"; //下载原图 $tempfile = M_ROOT . './dynamic/imcache/' . basename($url); mmkdir($tempfile, 0, 1); $m_http = new http(); $m_http->savetofile($url, $tempfile); unset($m_http); //生成缩略图 $m_upload = new cls_upload(); $m_upload->image_resize($tempfile, $width, $height, $tempfile . '.s.jpg'); @unlink($tempfile); unset($m_upload); //上传缩略图 $ftpfile = preg_replace(u_regcode($ftp_url), '', $url) . 's/' . $width . '_' . $height . '.jpg'; //根据url得到缩略上传到的位置 $tempfile .= '.s.jpg'; if (ftp_upload($tempfile, $ftpfile)) { $this->refresh_record($source, $name, $type, $width, $height); //将缩略图规格写入数据库 return $url . 's/' . $width . '_' . $height . '.jpg'; } else { return $url; } @unlink($tempfile); } else { //本地服务器上的文件 $m_upload = new cls_upload(); $localfile = local_atm($url); $m_upload->image_resize($localfile, $width, $height, $localfile . 's/' . $width . '_' . $height . '.jpg'); unset($m_upload); return $url . 's/' . $width . '_' . $height . '.jpg'; } }
function fileUpload($resourceType, $currentFolder) { $sErrorNumber = '0'; $sfileName = ''; $c_upload = new cls_upload(); $c_upload->current_dir = $currentFolder; $uploadfile = $c_upload->local_upload('Newfile', $resourceType); unset($c_upload); if ($uploadfile['error']) { $sErrorNumber = '202'; } else { $sErrorNumber = '0'; $sfileName = tag2atm($uploadfile['remote']); } echo '<script type="text/javascript">'; echo 'window.parent.frames["frmUpload"].OnUploadCompleted(' . $sErrorNumber . ',"' . str_replace('"', '\\"', $sfileName) . '");'; echo '</script>'; mexit(); }
if (empty($commu['setting']['repeat']) || !empty($commu['setting']['repeattime'])) { if (empty($m_cookie['08cms_cuid_' . $commu['cuid'] . '_' . $aid])) { msetcookie('08cms_cuid_' . $commu['cuid'] . '_' . $aid, '1', empty($commu['setting']['repeat']) ? 365 * 24 * 3600 : $commu['setting']['repeattime'] * 60); } else { mcmessage(empty($commu['setting']['repeat']) ? 'norepeatoper' : 'overquick', axaction(2, M_REFERER)); } } $citems = empty($commu['setting']['citems']) ? array() : explode(',', $commu['setting']['citems']); foreach ($bfields as $k => $v) { if (in_array($k, $citems)) { $fields[$k] = $v; } } $fields = fields_order($fields); $sqlstr = ''; $c_upload = new cls_upload(); $a_field = new cls_field(); foreach ($ucotypes as $k => $v) { if (in_array('uccid' . $k, $citems) && $v['umode'] != 2) { if ($v['notblank'] && empty($communew['uccid' . $k])) { mcmessage('notnull', axaction(2, M_REFERER), $v['cname']); } $sqlstr .= ",uccid{$k}='" . $communew['uccid' . $k] . "'"; if ($v['emode']) { $communew["uccid{$k}date"] = !isdate($communew["uccid{$k}date"]) ? 0 : strtotime($communew["uccid{$k}date"]); if ($communew["uccid{$k}"] && !$communew["uccid{$k}date"] && $v['emode'] == 2) { mcmessage('setcoclass', axaction(2, M_REFERER), $v['cname']); } !$communew["uccid{$k}"] && ($communew["uccid{$k}date"] = 0); $sqlstr .= ",uccid{$k}date='" . $communew["uccid{$k}date"] . "'"; }
include_once M_ROOT . "./include/fields.cls.php"; include_once M_ROOT . "./include/upload.cls.php"; include_once M_ROOT . "./include/cheader.inc.php"; include_once M_ROOT . "./include/mcuedit.cls.php"; $inajax ? aheader() : _header(); if (!empty($mcommu['setting']['norepeat']) && ($cid = $db->result_one("SELECT cid FROM {$tblprefix}mflinks WHERE mid='{$mid}' AND fromid='{$memberid}' ORDER BY cid"))) { mcmessage('dorepeataddflink', axaction(2, M_REFERER)); } $db->query("INSERT INTO {$tblprefix}mflinks SET\n\t\t\tmid='{$mid}',\n\t\t\tmname='" . $actuser->info['mname'] . "',\n\t\t\tfromid='{$memberid}',\n\t\t\tfromname='" . $curuser->info['mname'] . "',\n\t\t\tcreatedate='{$timestamp}'\n\t\t\t"); if ($cid = $db->insert_id()) { $uedit = new cls_mcuedit(); $uedit->read($cid, 'flink'); foreach (array('fields') as $var) { ${$var} =& $uedit->{$var}; } $c_upload = new cls_upload(); $fields = fields_order($fields); $a_field = new cls_field(); foreach ($fields as $k => $v) { if (!$v['isfunc'] && !$v['isadmin']) { $a_field->init(); $a_field->field = $v; if ($curuser->pmbypmids('field', $v['pmid'])) { $a_field->oldvalue = ''; $a_field->deal('communew'); if (!empty($a_field->error)) { $c_upload->rollback(); $uedit->delete(); mcmessage($a_field->error, axaction(2, M_REFERER)); } $uedit->updatefield($k, $a_field->newvalue);
$submitstr = ''; tabheader($aedit->matype['cname'] . ' - ' . lang('contentsetting'), 'marchive', "?matid={$matid}&maid={$maid}&action=marchive{$param_suffix}{$forwardstr}", 2, 1, 1, 1); foreach ($fields as $k => $field) { if ($field['available'] && !$field['isadmin'] && !$field['isfunc']) { $a_field->init(); $a_field->field = $field; $a_field->oldvalue = isset($aedit->archive[$k]) ? $aedit->archive[$k] : ''; $a_field->trfield('marchivenew', '', 'ma', $matid); $submitstr .= $a_field->submitstr; } } unset($a_field); tabfooter('bmarchive'); check_submit_func($submitstr); } else { $c_upload = new cls_upload(); $fields = fields_order($fields); $a_field = new cls_field(); foreach ($fields as $k => $v) { if ($v['available'] && !$v['isadmin'] && !$v['isfunc']) { $a_field->init(); $a_field->field = $v; $a_field->oldvalue = isset($aedit->archive[$k]) ? $aedit->archive[$k] : ''; $a_field->deal('marchivenew'); if (!empty($a_field->error)) { $c_upload->rollback(); mcmessage($a_field->error, M_REFERER); } $aedit->updatefield($k, $a_field->newvalue); if ($arr = multi_val_arr($a_field->newvalue, $v)) { foreach ($arr as $x => $y) {
$sqlmain .= ",enddate='" . ($timestamp + $archiveadd['validperiod'] * 24 * 3600) . "'"; } //权限方案与出售 if (!in_array('salecp', $citems) && !in_array('salecp', $additems) && !empty($archiveadd['salecp'])) { $sqlmain .= ",salecp='" . $archiveadd['salecp'] . "'"; } if (!in_array('fsalecp', $citems) && !in_array('fsalecp', $additems) && !empty($archiveadd['fsalecp'])) { $sqlmain .= ",fsalecp='" . $archiveadd['fsalecp'] . "'"; } if (!in_array('ucid', $citems) && !in_array('ucid', $additems) && !empty($archiveadd['ucid'])) { $sqlmain .= ",ucid='" . $archiveadd['ucid'] . "'"; } if (!in_array('jumpurl', $citems) && !in_array('jumpurl', $additems) && !empty($archiveadd['jumpurl'])) { $sqlmain .= ",jumpurl='" . trim($archiveadd['jumpurl']) . "'"; } $c_upload = new cls_upload(); $fields = fields_order($fields); $a_field = new cls_field(); foreach ($fields as $k => $field) { if ($field['available'] && !$field['isadmin'] && !$field['isfunc'] && !in_array($k, $additems)) { $a_field->init(); $a_field->field = $field; if ($curuser->pmbypmids('field', $a_field->field['pmid'])) { $a_field->deal('archiveadd'); if (!empty($a_field->error)) { $c_upload->rollback(); mcmessage($a_field->error, axaction(2, M_REFERER)); } $archiveadd[$k] = $a_field->newvalue; } }
if (empty($mtagnew['template'])) { if (!submitcheck('bmtagcode')) { amessage('input_tag_tpl', M_REFERER); } else { $errormsg = lang('pleinptatem'); } //生成代码出错的提示信息 } $mtagnew['setting']['length'] = $mtagnew['setting']['length'] ? $mtagnew['setting']['length'] : '10'; $mtagnew['setting']['tname'] = trim($mtagnew['setting']['tname']); if (empty($mtagnew['setting']['tname']) || !preg_match("/^[a-zA-Z_\$][a-zA-Z0-9_\\[\\]]*\$/", $mtagnew['setting']['tname'])) { if (!submitcheck('bmtagcode')) { amessage('sourceillegal', M_REFERER); } else { $errormsg = lang('sourceillegal'); } //生成代码出错的提示信息 } $mtagnew['setting']['limits'] = max(0, intval($mtagnew['setting']['limits'])); $mtagnew['setting']['limits'] = empty($mtagnew['setting']['limits']) ? '10' : $mtagnew['setting']['limits']; $mtagnew['setting']['maxwidth'] = max(0, intval($mtagnew['setting']['maxwidth'])); $mtagnew['setting']['maxheight'] = max(0, intval($mtagnew['setting']['maxheight'])); $c_upload = new cls_upload(); $mtagnew['setting']['emptyurl'] = upload_s($mtagnew['setting']['emptyurl'], isset($mtag['setting']['emptyurl']) ? $mtag['setting']['emptyurl'] : '', 'image'); if ($k = strpos($mtagnew['setting']['emptyurl'], '#')) { $mtagnew['setting']['emptyurl'] = substr($mtagnew['setting']['emptyurl'], 0, $k); } $c_upload->closure(2); $c_upload->saveuptotal(1); unset($c_upload); }
foreach ($fields as $k => $v) { if (!$v['isfunc']) { $a_field->init(); $a_field->field = $v; $a_field->oldvalue = $oldrow[$k]; if ($curuser->pmbypmids('field', $v['pmid'])) { $a_field->trfield('commentnew', '', 'c'); $submitstr .= $a_field->submitstr; } } } unset($a_field); tabfooter('bcommentdetail'); check_submit_func($submitstr); } else { $c_upload = new cls_upload(); $fields = fields_order($fields); $a_field = new cls_field(); foreach ($ucotypes as $k => $v) { if (in_array('uccid' . $k, $citems) && $v['umode'] != 1) { $uedit->updatefield('uccid' . $k, $commentnew['uccid' . $k]); if ($v['emode']) { $commentnew["uccid{$k}date"] = !isdate($commentnew["uccid{$k}date"]) ? 0 : strtotime($commentnew["uccid{$k}date"]); if ($uedit->info["uccid{$k}"] && !$commentnew["uccid{$k}date"] && $v['emode'] == 2) { amessage('setcoclass', axaction(2, M_REFERER), $v['cname']); } !$uedit->info["uccid{$k}"] && ($commentnew["uccid{$k}date"] = 0); $uedit->updatefield("uccid{$k}date", $commentnew["uccid{$k}date"]); } } }
$mainarr['mtcid'] = empty($mtcid) ? 1 : $mtcid; } foreach ($grouptypes as $k => $v) { if (!$v['mode'] && in_array("grouptype{$k}", $additems)) { $mainarr["grouptype{$k}"] = empty(${"grouptype{$k}"}) ? 0 : ${"grouptype{$k}"}; } } foreach ($currencys as $crid => $currency) { if ($currency['available'] && $currency['initial']) { $mainarr["currency{$crid}"] = $currency['initial']; } } $mainarr['checked'] = $autocheck == 1 ? 1 : 0; $mainarr['regip'] = $onlineip; $mainarr['regdate'] = $timestamp; $c_upload = new cls_upload(); $a_field = new cls_field(); foreach ($mfields as $k => $v) { if (!$upload_nouser && in_array($v['datatype'], array('image', 'images', 'flash', 'flashs', 'media', 'medias', 'file', 'files'))) { continue; } if ($v['available'] && !$v['issystem'] && !$v['isfunc'] && !$v['isadmin'] && in_array($k, $additems)) { if ($curuser->pmbypmids('field', $v['pmid'])) { $a_field->init(); $a_field->field = $v; $a_field->deal(); if (!empty($a_field->error)) { $c_upload->rollback(); message($a_field->error, M_REFERER); } ${$v['tbl'] . 'arr'}[$k] = $a_field->newvalue;
} } if ($coclassnew['conditions']['closed'] == '-1') { unset($coclassnew['conditions']['closed']); } $coclassnew['conditions']['sqlstr'] = trim($coclassnew['conditions']['sqlstr']); if ($coclassnew['conditions']['sqlstr'] == '') { unset($coclassnew['conditions']['sqlstr']); } if (empty($coclassnew['conditions'])) { amessage('setself_regcondition', axaction(2, M_REFERER)); } $coclassnew['conditions'] = addslashes(serialize($coclassnew['conditions'])); $sqlstr0 .= ",conditions='{$coclassnew['conditions']}'"; } $c_upload = new cls_upload(); $ccfields = fields_order($ccfields); $a_field = new cls_field(); $sqlstr = ""; foreach ($ccfields as $k => $v) { $a_field->init(); $a_field->field = $v; $a_field->oldvalue = !isset($coclass[$k]) ? '' : $coclass[$k]; $a_field->deal('coclassnew'); if (!empty($a_field->error)) { $c_upload->rollback(); amessage($a_field->error, "?entry=coclass&action=coclassdetail&coid={$coid}&ccid={$ccid}"); } $sqlstr .= ',' . $k . "='" . $a_field->newvalue . "'"; if ($arr = multi_val_arr($a_field->newvalue, $v)) { foreach ($arr as $x => $y) {
trbasic(lang('remark'), 'paynew[remark]', empty($oldmsg['remark']) ? '' : $oldmsg['remark'], 'textarea'); trspecial(lang('paywarrant'), 'paynew[warrant]', '', 'image'); $submitstr = ''; $submitstr .= makesubmitstr('paynew[amount]', 1, 'number', 0, 15); $submitstr .= makesubmitstr('paynew[truename]', 0, 0, 0, 80); $submitstr .= makesubmitstr('paynew[telephone]', 0, 0, 0, 30); $submitstr .= makesubmitstr('paynew[email]', 0, 'email', 0, 100); $submitstr .= makesubmitstr('paynew[remark]', 0, 0, 0, 200); $submitstr .= tr_regcode('payonline'); tabfooter('bpayother'); check_submit_func($submitstr); } else { if (!regcode_pass('payonline', empty($regcode) ? '' : trim($regcode))) { mcmessage('regcodeerror', '?action=payother'); } $paynew['amount'] = max(0, round(floatval($paynew['amount']), 2)); empty($paynew['amount']) && mcmessage('pinputpayamount', '?action=payother'); include_once M_ROOT . "./include/upload.cls.php"; $paynew['truename'] = trim(strip_tags($paynew['truename'])); $paynew['telephone'] = trim(strip_tags($paynew['telephone'])); $paynew['email'] = trim(strip_tags($paynew['email'])); $c_upload = new cls_upload(); $paynew['warrant'] = upload_s($paynew['warrant'], '', 'image'); $c_upload->saveuptotal(1); $db->query("INSERT INTO {$tblprefix}pays SET\n\t\t\t\t mid='" . $memberid . "', \n\t\t\t\t mname='" . $curuser->info['mname'] . "', \n\t\t\t\t pmode='{$paynew['pmode']}',\n\t\t\t\t amount='{$paynew['amount']}',\n\t\t\t\t truename='{$paynew['truename']}',\n\t\t\t\t telephone='{$paynew['telephone']}',\n\t\t\t\t email='{$paynew['email']}',\n\t\t\t\t remark='{$paynew['remark']}',\n\t\t\t\t warrant='{$paynew['warrant']}',\n\t\t\t\t senddate='{$timestamp}',\n\t\t\t\t ip='{$onlineip}'\n\t\t\t\t "); $c_upload->closure(1, $db->insert_id(), 'pays'); unset($c_upload); mcmessage('csnsspwad', '?action=pays'); /* */ }
trbasic(lang('mrowpp'), 'mconfigsnew[mrowpp]', $mconfigs['mrowpp']); trbasic(lang('uclmaxamolim'), 'mconfigsnew[maxuclassnum]', empty($mconfigs['maxuclassnum']) ? 0 : $mconfigs['maxuclassnum']); trbasic(lang('uclbytlenlim'), 'mconfigsnew[uclasslength]', $mconfigs['uclasslength']); trspecial(lang('memcenterlogo'), 'mconfigsnew[mcenterlogo]', $mconfigs['mcenterlogo'], 'image', 0, lang('agmclogo')); trbasic(lang('enablefloatwin'), 'mconfigsnew[mallowfloatwin]', empty($mconfigs['mallowfloatwin']) ? 0 : $mconfigs['mallowfloatwin'], 'radio'); trbasic(lang('floatwinwidth'), 'mconfigsnew[mfloatwinwidth]', empty($mconfigs['mfloatwinwidth']) ? 0 : $mconfigs['mfloatwinwidth']); trbasic(lang('floathei'), 'mconfigsnew[mfloatwinheight]', empty($mconfigs['mfloatwinheight']) ? 0 : $mconfigs['mfloatwinheight']); tabfooter('bmconfigs'); } else { $mconfigsnew['mmsgforwordtime'] = max(0, intval($mconfigsnew['mmsgforwordtime'])); $mconfigsnew['mrowpp'] = max(5, intval($mconfigsnew['mrowpp'])); $mconfigsnew['uclasslength'] = min(30, max(4, intval($mconfigsnew['uclasslength']))); $mconfigsnew['mfloatwinwidth'] = min(1200, max(400, intval($mconfigsnew['mfloatwinwidth']))); $mconfigsnew['mfloatwinheight'] = min(1000, max(300, intval($mconfigsnew['mfloatwinheight']))); $mconfigsnew['maxuclassnum'] = max(0, intval($mconfigsnew['maxuclassnum'])); $c_upload = new cls_upload(); $mconfigsnew['mcenterlogo'] = upload_s($mconfigsnew['mcenterlogo'], $mconfigs['mcenterlogo'], 'image'); if ($k = strpos($mconfigsnew['mcenterlogo'], '#')) { $mconfigsnew['mcenterlogo'] = substr($mconfigsnew['mcenterlogo'], 0, $k); } $c_upload->saveuptotal(1); unset($c_upload); saveconfig('view'); adminlog(lang('websiteset'), lang('pagandtemset')); amessage('websitesetfinish', "?entry=backparams&action=mcparams{$param_suffix}"); } } function saveconfig($cftype) { global $mconfigs, $mconfigsnew, $db, $tblprefix; foreach ($mconfigsnew as $k => $v) {
# trhidden('crc', my_crc($oid, $tomname, $ordersn, $oldsum, $spma, $goods)); trhidden('crc', my_crc($oid, $tomname, $oldsum, $spma, $goods)); echo "<input class=\"button\" type=\"submit\" name=\"bcartpay\" value=\"" . lang('continue') . "\"></form>"; // echo "<input class=\"button\" type=\"button\" onclick=\"javasrcipt:history.go(-1);return false\" value=\"".lang('goback')."\">"; check_submit_func($submitstr); } elseif (submitcheck('bcartpay')) { if ($crc != my_crc($oid, $tomname, $orderfee, $spma, $goods) || !in_array($shipingfee, explode(',', $spma))) { _header(); mcmessage('crc_error'); } $spmd = explode('_', $shipingfee); $spmd[1] = empty($spmd[1]) ? 0 : max(0, floatval($spmd[1])); $totalfee = $orderfee + $spmd[1]; $sqlstr = ""; $pfields = fields_order($pfields); $c_upload = new cls_upload(); $a_field = new cls_field(); foreach ($pfields as $k => $v) { if (!$v['isadmin']) { $a_field->init(); $a_field->field = $v; $a_field->deal(); if (!empty($a_field->error)) { $c_upload->rollback(); _header(); mcmessage($a_field->error, M_REFERER); } $sqlstr .= ',' . $k . "='" . $a_field->newvalue . "'"; if ($arr = multi_val_arr($a_field->newvalue, $v)) { foreach ($arr as $x => $y) { $sqlstr .= ',' . $k . '_' . $x . "='{$y}'";
<?php @set_time_limit(0); include_once dirname(__FILE__) . "./../general.inc.php"; include_once M_ROOT . "./include/upload.cls.php"; $c_upload = new cls_upload(); $uploadfile = $c_upload->local_upload('Newfile', $_GET['type']); unset($c_upload); if ($uploadfile['error']) { SendResults('202'); } else { $sErrorNumber = '0'; SendResults('0', tag2atm($uploadfile['remote'])); } function SendResults($errorNumber, $fileUrl = '', $fileName = '', $customMsg = '') { echo '<script type="text/javascript">'; echo 'window.parent.OnUploadCompleted(' . $errorNumber . ',"' . str_replace('"', '\\"', $fileUrl) . '","' . str_replace('"', '\\"', $fileName) . '","' . str_replace('"', '\\"', $customMsg) . '");'; echo '</script>'; mexit(); }
trbasic(lang('casarrtim'), '', $item['receivedate'] ? date("{$dateformat} {$timeformat}", $item['receivedate']) : '-', ''); trbasic(lang('currsavtime'), '', $item['transdate'] ? date("{$dateformat} {$timeformat}", $item['transdate']) : '-', ''); trbasic(lang('contaname'), 'itemnew[truename]', $item['truename']); trbasic(lang('contatelep'), 'itemnew[telephone]', $item['telephone']); trbasic(lang('contactemail'), 'itemnew[email]', $item['email']); trbasic(lang('remark'), 'itemnew[remark]', br2nl($item['remark']), 'textarea'); trspecial(lang('paywarrant') . " [" . "<a href=\"" . $item['warrant'] . "\" target=\"_blank\">" . lang('bigimage') . "</a>" . "]", 'itemnew[warrant]', $item['warrant'], 'image'); if ($item['transdate']) { tabfooter(); echo "<input class=\"button\" type=\"submit\" name=\"\" value=\"" . lang('goback') . "\" onclick=\"history.go(-1);\">"; } else { tabfooter('bpaydetail', lang('modify')); } a_guide('paydetail'); } else { include_once M_ROOT . "./include/upload.cls.php"; $itemnew['amount'] = max(0, round(floatval($itemnew['amount']), 2)); empty($itemnew['amount']) && amessage('inppayamo', M_REFERER); $itemnew['truename'] = trim(strip_tags($itemnew['truename'])); $itemnew['telephone'] = trim(strip_tags($itemnew['telephone'])); $itemnew['email'] = trim(strip_tags($itemnew['email'])); $itemnew['remark'] = mnl2br(mhtmlspecialchars($itemnew['remark'])); $c_upload = new cls_upload(); $itemnew['warrant'] = upload_s($itemnew['warrant'], $item['warrant'], 'image'); $c_upload->closure(1, $pid, 'pays'); $c_upload->saveuptotal(1); unset($c_upload); $db->query("UPDATE {$tblprefix}pays SET\n\t\t\t\t\t amount='{$itemnew['amount']}',\n\t\t\t\t\t truename='{$itemnew['truename']}',\n\t\t\t\t\t telephone='{$itemnew['telephone']}',\n\t\t\t\t\t email='{$itemnew['email']}',\n\t\t\t\t\t remark='{$itemnew['remark']}',\n\t\t\t\t\t warrant='{$itemnew['warrant']}' \n\t\t\t\t\t WHERE pid='{$pid}'\n\t\t\t\t\t "); amessage('paymesmodfin', $forward); } }
trbasic(lang('usuorder'), 'usualurlnew[vieworder]', $usualurl['vieworder'], 'text'); trspecial(lang('urlimage'), 'usualurlnew[logo]', $usualurl['logo'], 'image'); trbasic(lang('newwin'), 'usualurlnew[newwin]', $usualurl['newwin'], 'radio'); if (!$ismc) { $sidsarr = array('m' => lang('msite')) + sidsarr(1); trbasic(lang('belsitforuse'), '', makecheckbox('sidsnew[]', $sidsarr, $usualurl['sids'] === '' ? array() : explode(',', $usualurl['sids']), 5), ''); trbasic(lang('inhitatt'), 'usualurlnew[actsid]', $usualurl['actsid'], 'radio'); } else { trbasic(lang('onclick'), 'usualurlnew[onclick]', $usualurl['onclick'], 'btext'); } trbasic(lang('u_permission_set'), 'usualurlnew[pmid]', makeoption(pmidsarr('menu'), $usualurl['pmid']), 'select'); tabfooter('busualurldetail'); a_guide('usualurldetail'); } else { $usualurlnew['title'] = trim(strip_tags($usualurlnew['title'])); $usualurlnew['url'] = trim(strip_tags($usualurlnew['url'])); $usualurlnew['vieworder'] = max(0, intval($usualurlnew['vieworder'])); $usualurlnew['title'] = empty($usualurlnew['title']) ? $usualurl['title'] : $usualurlnew['title']; $usualurlnew['url'] = empty($usualurlnew['url']) ? $usualurl['url'] : $usualurlnew['url']; $c_upload = new cls_upload(); $usualurlnew['logo'] = upload_s($usualurlnew['logo'], $usualurl['logo'], 'image'); $usualurlnew['sids'] = !empty($sidsnew) ? implode(',', $sidsnew) : ''; $usualurlnew['actsid'] = empty($usualurlnew['actsid']) ? 0 : 1; $usualurlnew['onclick'] = empty($usualurlnew['onclick']) ? '' : trim($usualurlnew['onclick']); $db->query("UPDATE {$tblprefix}usualurls SET \n\t\t\t\t\ttitle='{$usualurlnew['title']}', \n\t\t\t\t\turl='{$usualurlnew['url']}', \n\t\t\t\t\tlogo='{$usualurlnew['logo']}', \n\t\t\t\t\tpmid='{$usualurlnew['pmid']}', \n\t\t\t\t\tsids='{$usualurlnew['sids']}', \n\t\t\t\t\tnewwin='{$usualurlnew['newwin']}',\n\t\t\t\t\tonclick='{$usualurlnew['onclick']}',\n\t\t\t\t\tactsid='{$usualurlnew['actsid']}',\n\t\t\t\t\tvieworder='{$usualurlnew['vieworder']}'\n\t\t\t\t\tWHERE uid='{$uid}'"); $c_upload->closure(1, $uid, 'usualurls'); adminlog(lang('edusudet')); updatecache('usualurls'); amessage('usuamodifin', axaction(6, "?entry=usualurls&action=usualurlsedit{$mc_suffix}")); } }
require PBBLOG_ROOT . '/' . PBBLOG_WS_ADMIN . '/includes/friendlink.php'; } elseif ($action == 'plugins_list' || $action == 'plugins_setup_list' || $action == 'setup_plugin' || $action == 'del_plugin' || $action == 'plugin_cp') { require PBBLOG_ROOT . '/' . PBBLOG_WS_ADMIN . '/includes/plugins.php'; } elseif ($action == 'attachments_list' || $action == 'tags_list' || $action == 'del_tag' || $action == 'del_attachment' || $action == 'auto_save' || $action == 'get_auto_save' || $action == 'check_auto_date') { require PBBLOG_ROOT . '/' . PBBLOG_WS_ADMIN . '/includes/other.php'; } elseif ($action == 'clear_cache') { $smarty->cache_dir = PBBLOG_ROOT . 'home/cache'; $smarty->compile_dir = PBBLOG_ROOT . '/home/compiled'; $smarty->clear_all_cache(); $smarty->clear_compiled_tpl(); $smarty->compile_dir = PBBLOG_ROOT . '/home/admin_compiled'; $smarty->clear_compiled_tpl(); sys_message('清除缓存成功', 'admin.php?act=default'); } elseif ($action == 'upload') { require ROOT . '/includes/upload.html5.class.php'; $file = new cls_upload(); $file_name = $file->upload($_FILES['filedata'], $_GET['type']); $file_url = ''; if ($file->error() == '') { $sql = "INSERT INTO " . table('attachments') . " (`attachment_id` ,`file_name` ,`type`,`add_time`)VALUES (NULL , '{$file_name}', '" . $_GET['type'] . "', '" . time() . "' )"; $db->query($sql); $u = str_replace(PBBLOG_WS_ADMIN, '', dirname($url)); if ($_GET['type'] == 'img') { $file_url = $u . $file_name; } else { $file_url = $u . 'attachment.php?fid=' . $db->insert_id(); } } header('Content-Type: text/html; charset=UTF-8'); $str = '{"err":"' . $file->error() . '","msg":"' . $file_url . '"}'; exit($str);
tabfooter('newcommu'); check_submit_func($submitstr); m_guide(@$u_guide); } else { include M_ROOT . $u_tplname; } } else { if (isset($offernew['oprice'])) { $uedit->updatefield('oprice', max(0, round($offernew['oprice'], 2))); $uedit->updatefield('refreshdate', $timestamp); $uedit->updatefield('enddate', empty($uedit->commu['setting']['vdays']) ? 0 : $timestamp + 86400 * $uedit->commu['setting']['vdays']); } if (isset($offernew['storage'])) { $uedit->updatefield('storage', max(-1, intval($offernew['storage']))); } $c_upload = new cls_upload(); $fields = fields_order($fields); $a_field = new cls_field(); foreach ($ucotypes as $k => $v) { if (isset($offernew['uccid' . $k])) { if (in_array('uccid' . $k, $citems) && !noedit('uccid' . $k, $v['umode'] == 2)) { $uedit->updatefield('uccid' . $k, $offernew['uccid' . $k]); if ($v['emode']) { $offernew["uccid{$k}date"] = !isdate($offernew["uccid{$k}date"]) ? 0 : strtotime($offernew["uccid{$k}date"]); if ($uedit->info["uccid{$k}"] && !$offernew["uccid{$k}date"] && $v['emode'] == 2) { mcmessage('setcoclass', axaction(2, M_REFERER), $v['cname']); } !$uedit->info["uccid{$k}"] && ($offernew["uccid{$k}date"] = 0); $uedit->updatefield("uccid{$k}date", $offernew["uccid{$k}date"]); } }
$fromstr = empty($fromid) ? "" : "a.aid<{$fromid}"; $nwheresql = !$wheresql ? $fromstr ? "WHERE {$fromstr}" : "" : $wheresql . ($fromstr ? " AND " : "") . $fromstr; $query = $db->query("SELECT a.aid {$fromsql} {$nwheresql} ORDER BY a.aid DESC LIMIT 0,{$atpp}"); while ($item = $db->fetch_array($query)) { $selectid[] = $item['aid']; } } } $aedit = new cls_arcedit(); if (!empty($arcdeal['autokeyword'])) { include_once M_ROOT . "./include/splitword.cls.php"; $a_split = new SplitWord(); } if (!empty($arcdeal['autothumb'])) { include_once M_ROOT . "./include/upload.cls.php"; $c_upload = new cls_upload(); } foreach ($selectid as $aid) { $aedit->set_aid($aid); $aedit->basic_data(); if (!empty($arcdeal['delete'])) { $aedit->arc_delete(); continue; } if (!empty($arcdeal['readd'])) { //重发布 $aedit->readd(1); } if (!empty($arcdeal['autoabstract'])) { $aedit->autoabstract(); }
if (!in_array($field['ename'], $allow)) { continue; } $a_field->init(); $a_field->field = $field; $a_field->oldvalue = isset($catalog[$field['ename']]) ? $catalog[$field['ename']] : ''; $a_field->trfield('catalognew', '', 'ca'); $submitstr .= $a_field->submitstr; } tabfooter('bcatalogdetail'); check_submit_func($submitstr); a_guide('catalogdetail'); } else { $forward = empty($forward) ? M_REFERER : $forward; $catalognew['dirname'] = strtolower($catalognew['dirname']); $c_upload = new cls_upload(); $cafields = fields_order($cafields); $a_field = new cls_field(); $sqlstr = ""; foreach ($cafields as $k => $v) { $a_field->init(); $a_field->field = $v; $a_field->oldvalue = isset($catalog[$k]) ? $catalog[$k] : ''; $a_field->deal('catalognew'); if (!empty($a_field->error)) { $c_upload->rollback(); amessage($a_field->error, $forward); } $sqlstr .= ',' . $k . "='" . $a_field->newvalue . "'"; if ($arr = multi_val_arr($a_field->newvalue, $v)) { foreach ($arr as $x => $y) {
foreach ($_POST as $k => $v) { if (substr($k, 0, $cklen) == $ckpre) { $m_cookie[substr($k, $cklen)] = QUOTES_GPC ? $v : maddslashes($v); } } unset($cklen); $curuser->init(); $curuser->currentuser(); $memberid = $curuser->info['mid']; } $allow = $memberid || $curuser->upload_capacity() == -1; if (isset($action) && $action == 'upload') { $fn = @$_GET['CKEditorFuncNum']; $allow || fckEditor($fn, '-1'); include M_ROOT . 'include/upload.cls.php'; $up = new cls_upload(); if ($mode == 'zip') { $ret = $up->zip_upload('Filedata', $lfile); if (empty($ret['error'])) { $up->closure(); echo "0|{$ret['count']}"; foreach ($ret['remote'] as $v) { echo '|' . tag2atm($v); } } else { echo $ret['error']; } } elseif ($fn) { $ret = $up->local_upload('upload', $lfile); empty($ret['error']) && ($ret['error'] = 0); $ret['error'] || $up->closure();
} $a_field = new cls_field(); foreach ($bfields as $k => $v) { if (!$v['isfunc'] && in_array($k, $citems)) { $a_field->init(); $a_field->field = $v; $a_field->oldvalue = isset($report[$k]) ? $report[$k] : ''; $a_field->trfield('communew', '', 'b'); $submitstr .= $a_field->submitstr; } } unset($a_field); tabfooter('newcommu'); check_submit_func($submitstr); } else { $c_upload = new cls_upload(); $bfields = fields_order($bfields); $sqlstr = ''; $a_field = new cls_field(); foreach ($ucotypes as $k => $v) { if (in_array('uccid' . $k, $citems) && $v['umode'] != 1) { if ($v['notblank'] && empty($communew['uccid' . $k])) { amessage('notnull', axaction(2, M_REFERER), $v['cname']); } $sqlstr .= ",uccid{$k}='" . $communew['uccid' . $k] . "'"; if ($v['emode']) { $communew["uccid{$k}date"] = !isdate($communew["uccid{$k}date"]) ? 0 : strtotime($communew["uccid{$k}date"]); if ($communew["uccid{$k}"] && !$communew["uccid{$k}date"] && $v['emode'] == 2) { amessage('setcoclass', axaction(2, M_REFERER), $v['cname']); } !$communew["uccid{$k}"] && ($communew["uccid{$k}date"] = 0);
trcategory(array(lang('id'), lang('repugrade') . lang('cname'), lang('rgbase'), lang('available'), lang('ico'), lang('preview'))); $query = $db->query("SELECT * FROM {$tblprefix}repugrades ORDER BY rgid ASC"); while ($row = $db->fetch_array($query)) { $rgid = $row['rgid']; $validstr = empty($invalid) && (!isset($oldvalue) || $row['rgbase'] > $oldvalue) ? 'Y' : '-'; $oldvalue = $row['rgbase']; $invalid = $validstr != '-' ? false : true; $thumbstr = $row['thumb'] ? "<img src=\"" . view_atmurl($row['thumb']) . "\" height=\"18\">" : ''; echo "<tr class=\"txtcenter txt\"><td class=\"txtC\">{$rgid}</td>\n" . "<td class=\"txtC\"><input type=\"text\" size=\"25\" name=\"repugradesnew[{$rgid}][cname]\" value=\"{$row['cname']}\"></td>\n" . "<td class=\"txtC\"><input type=\"text\" size=\"5\" name=\"repugradesnew[{$rgid}][rgbase]\" value=\"{$row['rgbase']}\"></td>\n" . "<td class=\"txtC\">{$validstr}</td>\n" . "<td class=\"txtC\">"; echo singlemodule("repugradesnew[{$rgid}][thumb]", $row['thumb'], 'image'); echo "</td>\n" . "<td class=\"txtC\">{$thumbstr}</td>\n" . "</tr>\n"; } tabfooter('brepugradesedit', lang('modify')); a_guide('repugradesedit'); } else { $c_upload = new cls_upload(); foreach ($repugradesnew as $rgid => $repugrade) { $repugrade['rgbase'] = intval($repugrade['rgbase']); $repugrade['cname'] = trim($repugrade['cname']); $sqlstr = "rgbase='{$repugrade['rgbase']}'"; $repugrade['cname'] && ($sqlstr .= ",cname='{$repugrade['cname']}'"); $repugrade['thumb'] = upload_s($repugrade['thumb'], @$repugrades[$rgid]['thumb'], 'image'); if ($k = strpos($repugrade['thumb'], '#')) { $repugrade['thumb'] = substr($repugrade['thumb'], 0, $k); } $repugrade['thumb'] && ($sqlstr .= ",thumb='{$repugrade['thumb']}'"); $db->query("UPDATE {$tblprefix}repugrades SET {$sqlstr} WHERE rgid='{$rgid}'"); } $c_upload->closure(2, $sid, 'repugrades'); $c_upload->saveuptotal(1); unset($c_upload);
if (is_dir(M_ROOT . $mconfigs[$var])) { if (!rename(M_ROOT . $mconfigs[$var], M_ROOT . $mconfigsnew[$var])) { $mconfigsnew[$var] = $mconfigs[$var]; } } else { mmkdir(M_ROOT . $mconfigsnew[$var], 0); } } $c_upload = new cls_upload(); $mconfigsnew['cmslogo'] = upload_s($mconfigsnew['cmslogo'], $mconfigs['cmslogo'], 'image'); if ($k = strpos($mconfigsnew['cmslogo'], '#')) { $mconfigsnew['cmslogo'] = substr($mconfigsnew['cmslogo'], 0, $k); } saveconfig('site'); } else { $c_upload = new cls_upload(); $subsitenew['cmslogo'] = upload_s($subsitenew['cmslogo'], $subsite['cmslogo'], 'image'); if ($k = strpos($subsitenew['cmslogo'], '#')) { $subsitenew['cmslogo'] = substr($subsitenew['cmslogo'], 0, $k); } $db->query("UPDATE {$tblprefix}subsites SET \n\t\t\tcmslogo='{$subsitenew['cmslogo']}',\n\t\t\tcmstitle='{$subsitenew['cmstitle']}',\n\t\t\tcmskeyword='{$subsitenew['cmskeyword']}',\n\t\t\tcmsdescription='{$subsitenew['cmsdescription']}' \n\t\t\tWHERE sid='{$sid}'"); updatecache('subsites'); } $c_upload->closure(2, $sid, 'mconfigs'); $c_upload->saveuptotal(1); unset($c_upload); adminlog(lang('websiteset'), lang('sitemessaadmi')); amessage('websitesetfinish', M_REFERER); } } elseif ($action == 'cfbasic') { url_nav(lang('webparam'), $urlsarr, 'cfbasic', 12);
foreach ($values as $k => $v) { $a_field->init(); $a_field->field = read_cache('mfield', $user->info['mchid'], $k); if (!empty($certdata['flags'][$k])) { $a_field->field['cname'] .= ' [<i title="' . lang('memcert_ok') . '">ok</i>]'; } elseif ($k == $memcert['mobile'] && $msgcode_mode == 1) { $a_field->field['cname'] .= ' [<i title="' . lang('msg_code') . '">' . $certdata['codes'][$k] . '</i>]'; } $a_field->oldvalue = $v; $a_field->trfield('memcertnew', '', 'm', $user->info['mchid']); } tabfooter('bmemcertcheck', lang('memcert_modify_cert')); } else { unset($certdata['values']); $user->updatefield('memcert', $record['mcid']); $c_upload = new cls_upload(); $a_field = new cls_field(); foreach ($values as $k => $v) { $a_field->init(); $a_field->field = read_cache('mfield', $user->info['mchid'], $k); if ($curuser->pmbypmids('field', $a_field->field['pmid'])) { $a_field->deal('memcertnew'); if (!empty($a_field->error)) { $c_upload->rollback(); message($a_field->error, M_REFERER); } $user->updatefield($k, $a_field->newvalue, $a_field->field['tbl']); $certdata['flags'][$k] = 1; } } $user->updatedb();
$pay->send($order['ordersn'], $subject, ''); } } } elseif (submitcheck('bordercancel')) { //取消订单,返还库存 $order['state'] && $order['state'] != 1 && mcmessage('cheordcanmod', $forward); $db->query("UPDATE {$tblprefix}orders SET state=-2,updatedate='{$timestamp}' WHERE oid='{$oid}'"); $query = $db->query("SELECT aid,nums FROM {$tblprefix}purchases WHERE oid='{$oid}'"); while ($row = $db->fetch_array($query)) { $db->query("UPDATE {$tblprefix}archives_sub SET storage=storage+{$row['nums']} WHERE aid={$row['aid']} AND storage>=0"); } mcmessage('ordersmodifyfinish', $forward); } elseif (submitcheck('borderinfo')) { //修改买家信息 !$order['state'] || $order['state'] == 1 || mcmessage('cheordcanmod', $forward); $c_upload = new cls_upload(); $pfields = fields_order($pfields); $a_field = new cls_field(); $sqlstr = ""; foreach ($pfields as $k => $v) { $a_field->init(); $a_field->field = $v; $a_field->deal('cartnew'); if (!empty($a_field->error)) { $c_upload->rollback(); mcmessage($a_field->error, M_REFERER); } $sqlstr .= ($sqlstr ? ',' : '') . $k . "='" . $a_field->newvalue . "'"; if ($arr = multi_val_arr($a_field->newvalue, $v)) { foreach ($arr as $x => $y) { $sqlstr .= ($sqlstr ? ',' : '') . $k . '_' . $x . "='{$y}'";
} tabfooter('bgmissionoutput'); check_submit_func($submitstr); a_guide('gmissionoutput'); } else { //数组内的addsalshes if (empty($dvaluesnew['caid'])) { amessage('choosecatalog', "?entry=gmissions&action=gmissionoutput&gsid={$gsid}{$param_suffix}"); } $dvaluesnew['musts'] = empty($dvaluesnew['musts']) ? '' : implode(',', $dvaluesnew['musts']); foreach ($cotypes as $k => $v) { $dvaluesnew["ccid{$k}"] = empty($dvaluesnew["ccid{$k}"]) ? '' : $dvaluesnew["ccid{$k}"]; } $dvaluesnew['autoabstract'] = empty($dvaluesnew['autoabstract']) ? 0 : $dvaluesnew['autoabstract']; $dvaluesnew['autothumb'] = empty($dvaluesnew['autothumb']) ? 0 : $dvaluesnew['autothumb']; $c_upload = new cls_upload(); $fields = fields_order($fields); $a_field = new cls_field(); foreach ($fields as $k => $field) { if ($field['available'] && !in_array($k, array_keys($gmodel['gfields'])) && !in_array($k, array('abstract', 'thumb'))) { $a_field->init(); $a_field->field = $field; $a_field->oldvalue = !isset($dvalues[$k]) ? '' : $dvalues[$k]; $a_field->deal('dvaluesnew'); if (!empty($a_field->error)) { //非采集字段的设置 $c_upload->rollback(); amessage($a_field->error, M_REFERER); } $dvaluesnew[$k] = $a_field->newvalue; }
tabfooter('bmemberdetail'); check_submit_func($submitstr); a_guide('memberdetail'); } else { $minfosnew['email'] = empty($minfosnew['email']) ? '' : trim($minfosnew['email']); if (empty($minfosnew['email']) || !isemail($minfosnew['email'])) { amessage('memberemailillegal', M_REFERER); } if (!empty($minfosnew['password']) && strlen($minfosnew['password']) > 15 || $minfosnew['password'] != addslashes($minfosnew['password'])) { amessage('memberpwdillegal', M_REFERER); } $minfosnew['password'] = trim($minfosnew['password']); $actuser->updatefield('email', $minfosnew['email'], 'main'); !empty($minfosnew['password']) && $actuser->updatefield('password', md5(md5($minfosnew['password'])), 'main'); $actuser->updatefield('mtcid', empty($minfosnew['mtcid']) ? 0 : $minfosnew['mtcid'], 'main'); $c_upload = new cls_upload(); $mfields = fields_order($mfields); $a_field = new cls_field(); foreach ($mfields as $k => $v) { if ($v['available'] && !$v['issystem'] && !$v['isfunc']) { $a_field->init(); $a_field->field = $v; if (!$curuser->pmbypmids('field', $a_field->field['pmid'])) { continue; } $a_field->oldvalue = isset($actuser->info[$k]) ? $actuser->info[$k] : ''; $a_field->deal('minfosnew'); if (!empty($a_field->error)) { $c_upload->rollback(); amessage($a_field->error, M_REFERER); }
if (!in_array('ucid', $citems)) { $aedit->updatefield('ucid', $archivenew['ucid'], 'main'); } } if (isset($archivenew['salecp'])) { if (!in_array('salecp', $citems) && !noedit('salecp')) { $aedit->updatefield('salecp', $archivenew['salecp'], 'main'); } } if (isset($archivenew['fsalecp'])) { if (!in_array('fsalecp', $citems) && !noedit('fsalecp')) { $aedit->updatefield('fsalecp', $archivenew['fsalecp'], 'main'); } } $aedit->sale_define(); $c_upload = new cls_upload(); $fields = fields_order($fields); $a_field = new cls_field(); foreach ($fields as $k => $v) { if (isset($archivenew[$k])) { if ($v['available'] && !$v['isadmin'] && !$v['isfunc'] && !noedit($k)) { if ($curuser->pmbypmids('field', $v['pmid'])) { //字段附加权限设置 $a_field->init(); $a_field->field = $v; $a_field->oldvalue = isset($aedit->archive[$k]) ? $aedit->archive[$k] : ''; $a_field->deal('archivenew'); if (!empty($a_field->error)) { $c_upload->rollback(); mcmessage($a_field->error, axaction(2, M_REFERER)); }