public function doemail()
{
global $_M;
if (!load::sys_class('pin', 'new')->check_pin($_M['form']['code'])) {
okinfo($_M['url']['getpassword'], $_M['word']['membercode']);
}
load::sys_func('str');
if (is_email($_M['form']['username'])) {
$user = $this->userclass->get_user_by_email($_M['form']['username']);
if (!$user) {
okinfo($_M['url']['getpassword'], $_M['word']['nouser']);
}
$valid = load::mod_class('user/class/valid', 'new');
if ($valid->get_email($_M['form']['username'], 'getpassword')) {
okinfo($_M['url']['login'], $_M['word']['emailsucpass']);
} else {
okinfo($_M['url']['login'], $_M['word']['emailfail']);
}
} elseif (is_phone($_M['form']['username'])) {
$user = $this->userclass->get_user_by_tel($_M['form']['username']);
if (!$user) {
okinfo($_M['url']['getpassword'], $_M['word']['nouser']);
}
require_once $this->template('tem/getpassword_telset');
} else {
okinfo($_M['url']['getpassword'], $_M['word']['emailvildtips3']);
}
}
public static function del($file, $type = 'php')
{
load::sys_func('file');
if ($type == 'file') {
@deldir(PATH_CACHE . $file);
} else {
@unlink(PATH_CACHE . $file . '.' . $type);
}
}
<?php
defined('IN_MET') or exit('No permission');
load::sys_func('common');
class pin
{
public function check_pin($pin)
{
global $_M;
$authpin = $this->getpin();
if ($authpin && $authpin == strtoupper($pin)) {
$this->setpin($this->make_rand(4));
return true;
} else {
return false;
}
}
public function create_pin()
{
$this->getAuthImage($this->make_rand(4));
}
function getAuthImage($text)
{
$this->setpin($text);
$im_x = 160;
$im_y = 40;
$im = imagecreatetruecolor($im_x, $im_y);
$text_c = ImageColorAllocate($im, mt_rand(0, 100), mt_rand(0, 100), mt_rand(0, 100));
$tmpC0 = mt_rand(100, 255);
$tmpC1 = mt_rand(100, 255);
$tmpC2 = mt_rand(100, 255);
<?php
defined('IN_MET') or exit('No permission');
load::sys_class('admin');
load::sys_class('curl');
load::sys_func('file');
class download extends admin
{
public $curl;
protected $info;
protected $savedir;
protected $getdir;
function __construct()
{
global $_M;
parent::__construct();
$this->curl = new curl();
$this->analyze($_M['form']['data']);
$this->savedir = PATH_WEB . "{$_M['config'][met_adminfile]}/update/{$this->info['type']}/{$this->info['no']}/";
}
public function dlfile()
{
global $_M;
$dlfile = load::sys_class('dlfile', 'new');
return $dlfile;
}
public function dodownload()
{
global $_M;
switch ($this->info['action']) {
case 'doc':
function tminisave($have)
{
global $_M;
//新方法
$this->iniclass->tminisave($have);
$wap_ok = 0;
$cglist = $this->configlist;
if ($have['mobile'] == '1') {
$have['wap_skin_user'] = $have['met_skin_user'];
$have['wap_skin_css'] = $have['met_skin_css'];
$cglist = $this->mobile_configlist;
//$have['flash_10001'] = $_M['config']['flash_10001'];
$have['flash_10001'] = '1|' . $have['met_flash_10001_y'];
$wap_ok = 1;
} else {
/*备用字段*/
$preview['otherinfo']['imgurl1'] = $have['imgurl1'];
$preview['otherinfo']['imgurl2'] = $have['imgurl2'];
$query = "update {$_M[table][otherinfo]} SET ";
for ($i = 1; $i <= 10; $i++) {
$infoval = $have['info' . $i];
if (isset($have['info' . $i])) {
$query .= "info{$i} = '{$infoval}',";
}
}
$query .= "\n\t\t\t\timgurl1 = '{$have['imgurl1']}',\n\t\t\t\timgurl2 = '{$have['imgurl2']}'\n\t\t\t\twhere id='{$have['otherinfoid']}'\n\t\t\t";
DB::query($query);
load::sys_func('file');
delfile(PATH_WEB . "cache/otherinfo_{$this->lang}.inc.php");
$have['flash_10001'] = '1|' . $have['met_flash_10001_x'] . '|' . $have['met_flash_10001_y'] . '|' . $have['met_flash_10001_imgtype'];
}
$cglist[] = 'met_productTabok';
$cglist[] = 'met_productTabname';
$cglist[] = 'met_productTabname_1';
$cglist[] = 'met_productTabname_2';
$cglist[] = 'met_productTabname_3';
$cglist[] = 'met_productTabname_4';
configsave($cglist, $have, $this->lang);
/*保存系统配置*/
/*保存banner设置*/
$nowidold = array();
$bannerid = DB::get_all("select * from {$_M[table][flash]} where wap_ok='{$wap_ok}' and (module like '%,10001,%' or module = 'metinfo') and lang='{$this->lang}' and img_path!='' order by no_order ");
foreach ($bannerid as $key => $val) {
$nowidold[] = $val['id'];
}
$nowidnew = array();
$have['indexbannerlist'] = str_replace("\\", "", $have['indexbannerlist']);
$bannerlist = json_decode($have['indexbannerlist'], true);
foreach ($bannerlist as $key => $val) {
if ($val['img_path'] != '') {
if (!strstr($val['img_path'], "../")) {
$val['img_path'] = '../' . $val['img_path'];
}
if ($val['id']) {
$query = "update {$_M[table][flash]} SET \n\t\t\t\t\timg_title = '{$val['img_title']}',\n\t\t\t\t\timg_path = '{$val['img_path']}',\n\t\t\t\t\timg_link = '{$val['img_link']}',\n\t\t\t\t\tno_order = '{$key}'\n\t\t\t\t\tWHERE id = '{$val['id']}'";
$nowidnew[] = $val['id'];
} else {
$query = "INSERT INTO {$_M[table][flash]} SET \n\t\t\t\t\timg_title = '{$val['img_title']}',\n\t\t\t\t\timg_path = '{$val['img_path']}',\n\t\t\t\t\timg_link = '{$val['img_link']}',\n\t\t\t\t\tno_order = '{$key}',\n\t\t\t\t\tmodule = ',10001,',\n\t\t\t\t\twap_ok = '{$wap_ok}',\n\t\t\t\t\tlang = '{$this->lang}'";
}
DB::query($query);
}
}
$nowid = array_diff($nowidold, $nowidnew);
if ($nowid) {
foreach ($nowid as $key => $val) {
$query = "delete from {$_M[table][flash]} where id='{$val}'";
DB::query($query);
}
}
}
<?php
defined('IN_MET') or exit('No permission');
load::sys_class('admin');
load::sys_func('array');
class getword extends admin
{
function __construct()
{
parent::__construct();
}
public function dogetword()
{
global $_M;
$lang = $_M['form']['lang'] ? $_M['form']['lang'] : $_M['lang'];
$word = $_M['form']['word'];
$site = $_M['form']['site'];
if (!file_get_contents(PATH_WEB . 'cache/lang_' . $lang . '.php')) {
$query = "select * from {$_M['table'][language]} where lang='{$lang}' and site='{$site}' and name='{$word}'";
$result = DB::get_one($query);
$getword = $result['value'];
} else {
if ($site == 1) {
require_once PATH_WEB . 'cache/langadmin_' . $lang . '.php';
} else {
require_once PATH_WEB . 'cache/lang_' . $lang . '.php';
}
$word = "lang_{$word}";
$getword = ${$word};
}
if ($getword) {
<?php
defined('IN_MET') or exit('No permission');
load::sys_func('file.func.php');
/**
* 缩略图类
* @param string $thumb_width 缩略图宽
* @param string $thumb_height 缩略图高
* @param string $thumb_savepath 缩略图保存地址
* @param string $thumb_save_type 保存方式,1:保存在原图路径的子目录下,2:覆盖原图片,3:自定义路径
* @param string $thumb_bgcolor 缩略图背景颜色,已#开头
* @param string $thumb_kind 生成缩略图方式,1拉升,2留白,3裁剪
* 以上路径变量都必须是绝对路径,如果不使用类的set方法
*/
class thumb
{
public $thumb_src_image = "";
public $thumb_width = 350;
public $thumb_height = 350;
public $thumb_savepath = "";
public $thumb_save_type = 1;
public $thumb_bgcolor = ' ';
public $thumb_kind = 1;
function __construct()
{
global $_M;
$this->list_news();
}
/**
* 设置字段
* @param string $name 需要设置的字段名,为public字段都可以设置
$headinfo['domain'] = $_SERVER['SERVER_NAME'];
//域名
$script = !empty($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : (!empty($_SERVER['SCRIPT_NAME']) ? $_SERVER['SCRIPT_NAME'] : $_SERVER['REQUEST_URI']);
$headinfo['script'] = $script;
//脚本地址
return $headinfo;
}
/**
* 把$_M['word'][]字符串转为其所指示的语言变量的值
* @param string $str $_M['word'][]字符串
* @return array 返回此语言参数字符串的语言变量的值
*/
function get_word($str)
{
global $_M;
$str_old = $str;
if (substr($str, 0, 5) == 'lang_') {
$str = str_replace('lang_', '', $str);
}
if (substr($str, 0, 3) == '$_M') {
$str = str_replace(array('$_M', '\'', '[word]', '[', ']'), '', $str);
}
if ($_M['word'][$str]) {
return $_M['word'][$str];
} else {
return $str_old;
}
}
load::sys_func('compatible');
load::sys_func('power');
<?php
defined('IN_MET') or exit('No permission');
load::sys_class('admin');
load::sys_func('admin');
class index extends admin
{
public function doindex()
{
global $_M;
$jsrand = str_replace('.', '', $_M[config][metcms_v]) . $_M[config][met_patch];
if ($_M['config']['met_agents_type'] >= 2) {
$met_admin_logo = "{$_M[url][site]}" . str_replace('../', '', $_M['config']['met_agents_logo_index']);
$query = "SELECT * FROM {$_M['table']['config']} WHERE lang='{$_M['langset']}-metinfo'";
$result = DB::query($query);
while ($list_config = DB::fetch_array($result)) {
$lang_agents[$list_config['name']] = $list_config['value'];
}
$_M['word']['metinfo'] = $lang_agents['met_agents_name'];
}
//
$toparr = get_adminnav();
if ($_M['config']['met_agents_type'] >= 2) {
$met_admin_logo = "{$_M[url][site]}" . str_replace('../', '', $_M['config']['met_agents_logo_index']);
$query = "SELECT * FROM {$_M['table']['config']} WHERE lang='{$_M['langset']}-metinfo'";
$result = DB::query($query);
while ($list_config = DB::fetch_array($result)) {
$lang_agents[$list_config['name']] = $list_config['value'];
}
$_M['word']['indexthanks'] = $lang_agents['met_agents_thanks'];
$_M['word']['metinfo'] = $lang_agents['met_agents_name'];
function dositemapeditor()
{
global $_M;
$configlist = array();
$configlist[] = 'met_sitemap_auto';
$configlist[] = 'met_sitemap_not1';
$configlist[] = 'met_sitemap_not2';
$configlist[] = 'met_sitemap_lang';
$configlist[] = 'met_sitemap_xml';
$configlist[] = 'met_sitemap_txt';
configsave($configlist);
/*保存系统配置*/
load::sys_func('file');
/*验证读写权限*/
function yanquan($fname)
{
global $_M;
$r = false;
if (!file_exists(PATH_WEB . $fname)) {
file_put_contents(PATH_WEB . $fname, 'metinfo');
$str = 'metinfo';
} else {
$str = file_get_contents(PATH_WEB . $fname);
}
if (!file_put_contents(PATH_WEB . $fname, $str)) {
$r = true;
}
return $r;
}
$err = false;
if (!$_M['form']['met_sitemap_xml']) {
delfile(PATH_WEB . "/sitemap.xml");
} else {
$err = yanquan('sitemap.xml');
}
if (!$_M['form']['met_sitemap_txt']) {
delfile(PATH_WEB . "/sitemap.txt");
} else {
$err = yanquan('sitemap.txt');
}
if ($err) {
turnover("{$_M[url][own_form]}a=dositemap", $_M['form']['otherinfocache2']);
} else {
$sitemaptype = $_M['form']['met_sitemap_xml'] ? 'xml' : ($_M['form']['met_sitemap_txt'] ? 'txt' : 0);
sitemap_robots($sitemaptype);
if ($_M['form']['met_sitemap_xml'] || $_M['form']['met_sitemap_txt']) {
$gent = "sitemap/index.php?lang={$_M[lang]}&htmsitemap={$_M['config']['met_member_force']}";
$curl = load::sys_class('curl', 'new');
$curl->set('host', $_M['url']['site']);
$curl->set('file', $gent);
$post = array('post' => '');
$curl->curl_post($post);
}
turnover("{$_M[url][own_form]}a=dositemap");
}
}
public function get_user_by_username($username)
{
global $_M;
$user = $this->get_user_by_username_sql($username);
if (!$user) {
load::sys_func('str');
if (is_email($username)) {
$user = $this->get_user_by_email($username);
}
if (is_phone($username)) {
$user = $this->get_user_by_tel($username);
}
//if($user)$this->get_user_by_username($user['username']);
}
return $this->analyze($user);
}
public function dosetsave()
{
global $_M;
$list = explode(",", $_M[form][allid]);
$type = $_M[form][submit_type];
$i = 0;
foreach ($list as $id) {
if ($id) {
$i++;
if ($type == 'save' || !$type) {
$name = $_M['form']['name-' . $id];
$defaultvalue = $_M['form']['defaultvalue-' . $id];
$valueinfo = $_M['form']['valueinfo-' . $id];
$type1 = $_M['form']['type-' . $id];
$tips = $_M['form']['tips-' . $id];
$selectd = $_M['form']['selectd-' . $id];
$style = $_M['form']['style-' . $id];
$no = $_M['form']['no'];
$pos = $_M['form']['pos-' . $id];
$no_order = $i;
if ($pos != $_M['form']['pos']) {
$counter = DB::counter($_M['table']['templates'], " WHERE no='{$_M['form']['no']}' and pos='{$pos}' and lang='{$_M['form']['lang']}'", '*');
$no_order = $no_order + $counter;
}
$query = "\n\t\t\t\t\t\tno = '{$no}',\n\t\t\t\t\t\tpos = '{$pos}',\n\t\t\t\t\t\tno_order = '{$no_order}',\n\t\t\t\t\t\tname = '{$name}',\n\t\t\t\t\t\tdefaultvalue = '{$defaultvalue}',\n\t\t\t\t\t\tvalueinfo = '{$valueinfo}',\n\t\t\t\t\t\ttype\t = '{$type1}',\n\t\t\t\t\t\ttips\t = '{$tips}',\n\t\t\t\t\t\tselectd\t = '{$selectd}',\n\t\t\t\t\t\tstyle\t = '{$style}',\n\t\t\t\t\t\tlang = '{$_M['form']['lang']}'\n\t\t\t\t\t";
if (is_number($id)) {
//修改
$query = "UPDATE {$_M['table']['templates']} SET {$query} WHERE id = '{$id}' ";
} else {
//新增
$query = "INSERT INTO {$_M['table']['templates']} SET value = '{$defaultvalue}', {$query} ";
}
} elseif ($type == 'del') {
//删除
if (is_number($id)) {
$query = "DELETE FROM {$_M['table']['templates']} WHERE id='{$id}' and pos = '{$_M['form']['pos']}' and lang='{$_M['form']['lang']}' ";
}
}
DB::query($query);
}
}
/*同步到其它语言*/
$query = "SELECT * FROM {$_M['table']['templates']} where no='{$_M['form']['no']}' AND lang='{$_M['form']['lang']}' ORDER BY no_order,id";
$tems = DB::get_all($query);
foreach ($_M['langlist']['web'] as $key => $val) {
if ($key != $_M['form']['lang']) {
$query = "DELETE FROM {$_M['table']['templates']} WHERE no='{$_M['form']['no']}' AND lang='{$key}'";
DB::query($query);
foreach ($tems as $keytems => $valtems) {
$query = "INSERT INTO {$_M['table']['templates']} SET no='{$valtems['no']}',pos ='{$valtems['pos']}',no_order='{$valtems['no_order']}',type='{$valtems['type']}',style='{$valtems['style']}',selectd='{$valtems['selectd']}',name ='{$valtems['name']}',value='{$valtems['value']}',defaultvalue='{$valtems['defaultvalue']}',valueinfo ='{$valtems['valueinfo']}',tips='{$valtems['tips']}',lang='{$key}'";
DB::query($query);
}
}
}
/*生成安装文件*/
load::sys_func('file');
$file = "templates/{$_M['form']['no']}/install/install.class.php";
makefile($file);
$query = "SELECT * FROM {$_M['table']['skin_table']} where skin_file='{$_M['form']['no']}'";
$tem = DB::get_one($query);
$query = "SELECT * FROM {$_M['table']['templates']} where no='{$_M['form']['no']}' AND lang='{$_M['form']['lang']}' ORDER BY no_order,id";
$tems = DB::get_all($query);
foreach ($tems as $keytems => $valtems) {
$sql[] = "pos ='{$valtems['pos']}',no_order='{$valtems['no_order']}',type='{$valtems['type']}',style='{$valtems['style']}',selectd='{$valtems['selectd']}',name ='{$valtems['name']}',value='{$valtems['defaultvalue']}',defaultvalue='{$valtems['defaultvalue']}',valueinfo ='{$valtems['valueinfo']}',tips='{$valtems['tips']}'";
}
$sql_info = var_export($sql, true);
$info .= "\n\$sql = {$sql_info};\n\$no='{$_M['form']['no']}';\n\$devices='{$tem['devices']}';";
$str = file_get_contents(PATH_OWN_FILE . 'file/install.class.php');
$str = str_replace('/*<!--sql-->*/', $info, $str);
file_put_contents(PATH_WEB . $file, $str);
turnover("{$_M[url][own_form]}a=doset&no={$_M['form']['no']}&pos={$_M['form']['pos']}", '操作成功');
}
<?php
defined('IN_MET') or exit('No permission');
load::sys_class('admin');
load::sys_func('news');
class news extends admin
{
function __construct()
{
parent::__construct();
}
public function doindex()
{
global $_M;
if ($_M['form']['search_type']) {
$search_url = $_M['url']['own_form'] . "a=doindex&search_type={$_M['form']['search_type']}";
} else {
$search_url = $_M['url']['own_form'] . "a=doindex&search_type=all";
}
require $this->template('tem/news');
}
public function doofficial()
{
global $_M;
$info = news_search($_M['form']['id']);
$time = date("Y-m-d H:i:s", $info['time']);
require $this->template('tem/official');
}
public function donews_info()
{
global $_M;
<?php
defined('IN_MET') or exit('No permission');
load::sys_func('str');
/**
* 数组是否为空
* @param array $arr 要检测的数组
* @return boolean $flag 数组为空返回false,否则返回true
*/
function is_arrempty($arr)
{
$flag = true;
if (empty($arr)) {
$flag = false;
}
return $flag;
}
/**
* 数组转换为字符串(多维情况)
* @param array $arr 要转换的数组
* @param string $delimiter1 一维数组分割符
* @param string $delimiter2 二维数组分割符
* @param string $delimiter3 三维数组分割符
* @return string $str 返回由数组转换后的字符串,输入的数组不正确(数组为混合数组)返回false
*/
function arrayto_string($arr, $decollator1 = ',', $decollator2 = '|', $decollator3 = '&')
{
if (array_level($arr) == 1) {
$str = implode($decollator1, $arr);
} else {
if (array_level($arr) == 2) {
<?php
defined('IN_MET') or exit('No permission');
load::sys_class('common.class.php');
load::sys_func('web');
/**
* 前台基类
*/
class web extends common
{
/**
* 初始化
*/
public function __construct()
{
parent::__construct();
global $_M;
$this->tem_dir();
//确定模板根目录
$this->load_language();
//语言加载
//met_cooike_start();//读取已登陆会员信息
$this->load_publuc_data();
//加载公共数据
load::plugin('doweb');
//加载插件
}
/**
* 重写common类的load_form方法,前台对提交的GET,POST,COOKIE进行安全的过滤处理
*/
protected function load_form()
