if ($action == 'mod') { if (!$code) { showmsg("请选择一种登录代码"); } $div_db[logintype] = $logintype; $div_db[div_w] = $div_w; $div_db[div_h] = $div_h; $div_db[div_bgcolor] = $div_bgcolor; $div = addslashes(serialize($div_db)); $typesystem = 0; $code = En_TruePath($code); //插入或更新标签库 do_post(); } $rsdb = get_label(); $rsdb[hide] ? $hide_1 = 'checked' : ($hide_0 = 'checked'); if ($rsdb[js_time]) { $js_time = 'checked'; } @extract(unserialize($rsdb[divcode])); $div_width && ($div_w = $div_width); $div_height && ($div_h = $div_height); //真实地址还原 $rsdb[code] = En_TruePath($rsdb[code], 0); if (!isset($logintype)) { $rsdb[code] = '<script language="JavaScript" src="' . $webdb[www_url] . '/do/hack.php?hack=login&job=js&styletype=0"></script>'; } $logintypedb[$logintype] = ' checked '; require "head.php"; require "template/label/hack_code.htm"; require "foot.php";
$detail = explode(",", $postdb[admin]); foreach ($detail as $key => $value) { if (!$value) { unset($detail[$key]); } else { $rs = $db->get_one("SELECT groupid,uid FROM {$pre}memberdata WHERE username='******'"); if (!$rs) { showmsg("你设置的版主:{$value},帐号不存在,或者还没激活帐号.请检查之"); } elseif ($rs[groupid] != 3 && $rs[groupid] != 5 && $rs[groupid] != 4) { //$db->query("UPDATE {$pre}memberdata SET groupid='5' WHERE uid='$rs[uid]' "); } } } $detail && ($postdb[admin] = ',' . implode(',', $detail) . ','); } $postdb[descrip] = En_TruePath($postdb[descrip]); $postdb[name] = filtrate($postdb[name]); $db->query("UPDATE {$pre}fu_sort SET fup='{$postdb['fup']}',name='{$postdb['name']}',type='{$postdb['type']}',admin='{$postdb['admin']}',passwd='{$postdb['passwd']}',logo='{$postdb['logo']}',descrip='{$postdb['descrip']}',style='{$postdb['style']}',template='{$postdb['template']}',jumpurl='{$postdb['jumpurl']}',listorder='{$postdb['listorder']}',maxperpage='{$postdb['maxperpage']}',allowcomment='{$postdb['allowcomment']}',allowpost='{$postdb['allowpost']}',allowviewtitle='{$postdb['allowviewtitle']}',allowviewcontent='{$postdb['allowviewcontent']}',allowdownload='{$postdb['allowdownload']}',forbidshow='{$postdb['forbidshow']}',config='{$postdb['config']}',list_html='{$postdb['list_html']}',bencandy_html='{$postdb['bencandy_html']}',fmid='{$postdb['fmid']}',domain='{$postdb['domain']}',metakeywords='{$postdb['metakeywords']}',domain_dir='{$postdb['domain_dir']}'{$SQL} WHERE fid='{$postdb['fid']}' "); mod_sort_class("{$pre}fu_sort", 0, 0); //更新class mod_sort_sons("{$pre}fu_sort", 0); //更新sons /*更新导航缓存*/ cache_guide(); //get_htmltype(); jump("修改成功", "{$FROMURL}"); } elseif ($job == 'batch_edit' && $Apower[fu_sort_power]) { if (!$fiddb) { showmsg("请选择一个栏目"); } $sort_fup = $Guidedb->Select("{$pre}fu_sort", "postdb[fup]", $rsdb[fup]);
$tpl_list = @unserialize($fidDB[template]); $tpl_show = @unserialize($rsdb[template]); $value_tpl_head = $tpl_show[head] ? $tpl_show[head] : $tpl_list[head]; $value_tpl_foot = $tpl_show[foot] ? $tpl_show[foot] : $tpl_list[foot]; $value_tpl_show = $tpl_show[bencandy] ? $tpl_show[bencandy] : $tpl_list[bencandy]; $tpl_head = select_template("", 7, $value_tpl_head); $tpl_head = str_replace("<select", "<select onChange='get_obj(\"head_tpl\").value=this.options[this.selectedIndex].value;'", $tpl_head); $tpl_foot = select_template("", 8, $value_tpl_foot); $tpl_foot = str_replace("<select", "<select onChange='get_obj(\"foot_tpl\").value=this.options[this.selectedIndex].value;'", $tpl_foot); $tpl_show = select_template("", 3, $value_tpl_show); $tpl_show = str_replace("<select", "<select onChange='get_obj(\"main_tpl\").value=this.options[this.selectedIndex].value;'", $tpl_show); $rsdb[posttime] && ($rsdb[posttime] = date("Y-m-d H:i:s", $rsdb[posttime])); $rsdb[begintime] && ($rsdb[begintime] = date("Y-m-d H:i:s", $rsdb[begintime])); $rsdb[endtime] && ($rsdb[endtime] = date("Y-m-d H:i:s", $rsdb[endtime])); //地址还原 $rsdb[content] = En_TruePath($rsdb[content], 0); $rsdb[content] = editor_replace($rsdb[content]); //修改文章时,需要读取自定义模块的数据 if ($mid && $job != 'postnew' && $job != 'post_more') { $_rsdb = $db->get_one("SELECT * FROM `{$pre}article_content_{$mid}` WHERE rid='{$rsdb['rid']}'"); if ($_rsdb) { $rsdb += $_rsdb; } $i_id = $_rsdb[id]; set_module_table_value($mid, 1); } elseif ($mid && $job == 'postnew') { set_module_table_value($mid, 0); } //页面显示设置 if (!$web_admin && !$groupdb[SetArticleTpl]) { $readonly = ' readonly ';
function show_module_content($m_config) { global $rsdb, $web_admin, $lfjuid, $groupdb, $webdb, $Mrsdb; $Mrsdb = ''; foreach ($m_config[field_db] as $key => $rs) { if ($rs[form_type] == 'textarea') { $rsdb[$key] = format_text($rsdb[$key]); } elseif ($rs[form_type] == 'ieedit') { $rsdb[$key] = En_TruePath($rsdb[$key], 0); } elseif ($rs[form_type] == 'upfile') { $rsdb[$key] = tempdir($rsdb[$key]); } elseif ($rs[form_type] == 'upplay') { $detail = explode("\n", $rsdb[$key]); unset($rsdb[$key]); foreach ($detail as $_key => $value) { list($_url, $_type) = explode("@@@", $value); $Mrsdb[$key][url][] = $_url = tempdir($_url); $rsdb[$key][show][] = player($_url, $width = 400, $height = 336, $autostart = 'false', $_type); } $rsdb[$key] = implode("<br>", $rsdb[$key][show]); } elseif ($rs[form_type] == 'upmoremv') { $detail = explode("\n", $rsdb[$key]); unset($rsdb[$key]); foreach ($detail as $_key => $value) { list($_url, $_name, $_fen, $_type) = explode("@@@", $value); $_fen = intval($_fen); $_fen || ($_fen = $rsdb[money]); $Mrsdb[$key][name][] = $_name = $_name ? $_name : "DownLoad{$_key}"; $Mrsdb[$key][url][] = $_url = tempdir($_url); $Mrsdb[$key][type][] = $_type; $Mrsdb[$key][fen][] = $_fen; $_fen || ($_fen = $rsdb[money]); $_fen = $_fen ? $_fen = "(收费:{$_fen} {$webdb[MoneyName]})" : ""; if ($webdb[allowDownMv] && ($web_admin || !$_fen)) { $thunderUrl = eregi("^thunder:\\/\\/", $_url) ? $_url : Thunder_Encode($_url); $flashgetUrl = eregi("^thunder:\\/\\/", $_url) ? $_url : Flashget_Encode($_url, $webdb[FlashGet_ID]); $ohterdownurl = " <img src='{$webdb['www_url']}/images/default/down_ico.gif'> <A HREF='{$webdb['www_url']}/do/job.php?job=down_encode&fid={$rsdb['fid']}&id={$rsdb['aid']}&rid={$rsdb['rid']}&i_id={$rsdb['id']}&mid={$rsdb['mid']}&field={$key}&ti={$_key}' target=_blank>下载{$_name}</A> <span class='xunlei_flashget' style='display:;'> <img src='{$webdb['www_url']}/images/default/down_ico.gif'> <a href=\"#\" thunderHref=\"{$thunderUrl}\" thunderPid=\"{$webdb['XunLei_ID']}\" thunderType=\"\" thunderResTitle=\"{$filename}\" onClick=\"return OnDownloadClick_Simple(this,2)\" oncontextmenu=\"ThunderNetwork_SetHref(this)\" style='color:red;'>迅雷高速下载</a>\n\t\t\t\t\t <img src='{$webdb['www_url']}/images/default/down_ico.gif'> <a href=\"#\" onClick=\"ConvertURL2FG('{$flashgetUrl}','',{$webdb['FlashGet_ID']})\" oncontextmenu=\"Flashget_SetHref(this)\" fg=\"{$flashgetUrl}\" style='color:red;'>快车高速下载 {$filename}</a></span>"; } $rsdb[$key][show][] = "<img src='{$webdb['www_url']}/images/default/play.gif'> <A onclick=\"window.open('{$webdb['www_url']}/do/job.php?job=player&fid={$rsdb['fid']}&id={$rsdb['aid']}&rid={$rsdb['rid']}&i_id={$rsdb['id']}&mid={$rsdb['mid']}&field={$key}&ti={$_key}','','scrollbars=no,toolbar=no,status=no,resizable=0,left=200,top=100,height=400,width=500,titleBar=no')\" href='javascript:'>在线收看{$_name}</A> {$_fen} {$ohterdownurl}"; } $rsdb[$key] = implode("<br>", $rsdb[$key][show]); } elseif ($rs[form_type] == 'upmorefile') { $detail = explode("\n", $rsdb[$key]); unset($rsdb[$key]); foreach ($detail as $_key => $value) { list($_url, $_name, $_fen) = explode("@@@", $value); $_fen = intval($_fen); $Mrsdb[$key][name][] = $_name = $_name ? $_name : "点击本地下载"; $Mrsdb[$key][url][] = $_url = tempdir($_url); $Mrsdb[$key][fen][] = $_fen; $_fen || ($_fen = $rsdb[money]); $_fen = $_fen ? $_fen = "(收费:{$_fen} {$webdb[MoneyName]})" : ""; $ohterdownurl = ''; if ($web_admin || !$_fen) { $thunderUrl = eregi("^thunder:\\/\\/", $_url) ? $_url : Thunder_Encode($_url); $flashgetUrl = eregi("^thunder:\\/\\/", $_url) ? $_url : Flashget_Encode($_url, $webdb[FlashGet_ID]); $ohterdownurl = " <img src='{$webdb['www_url']}/images/default/down_ico.gif'> <a href=\"#\" thunderHref=\"{$thunderUrl}\" thunderPid=\"{$webdb['XunLei_ID']}\" thunderType=\"\" thunderResTitle=\"{$filename}\" onClick=\"return OnDownloadClick_Simple(this,2)\" oncontextmenu=\"ThunderNetwork_SetHref(this)\" style='color:red;'>迅雷高速下载</a>\n\t\t\t\t\t <img src='{$webdb['www_url']}/images/default/down_ico.gif'> <a href=\"#\" onClick=\"ConvertURL2FG('{$flashgetUrl}','',{$webdb['FlashGet_ID']})\" oncontextmenu=\"Flashget_SetHref(this)\" fg=\"{$flashgetUrl}\" style='color:red;'>快车高速下载 {$filename}</a>"; } $rsdb[$key][show][] = "<img src='{$webdb['www_url']}/images/default/down_ico.gif'> <A HREF='{$webdb['www_url']}/do/job.php?job=down_encode&fid={$rsdb['fid']}&id={$rsdb['aid']}&rid={$rsdb['rid']}&i_id={$rsdb['id']}&mid={$rsdb['mid']}&field={$key}&ti={$_key}' target=_blank>{$_name}</A> {$_fen} <span id='xunlei_flashget' style='display:;'>{$ohterdownurl}</span>"; } $rsdb[$key] = implode("<br>", $rsdb[$key][show]); } elseif ($rs[form_type] == 'upmorepic') { $detail = explode("\n", $rsdb[$key]); unset($rsdb[$key]); foreach ($detail as $_key => $value) { list($_url, $_name) = explode("@@@", $value); $Mrsdb[$key][name][] = $_name = addslashes($_name); $Mrsdb[$key][url][] = $_url = addslashes(tempdir($_url)); $rsdb[$key][picurl][] = "\"{$_url}\""; $rsdb[$key][picalt][] = "\"{$_name}\""; } $ImgLinks = implode(",", $rsdb[$key][picurl]); $ImgTitle = implode(",", $rsdb[$key][picalt]); $rsdb[$key] = "\n\t\t\t<table width=\"100%\" border=\"0\" cellspacing=\"5\" cellpadding=\"5\">\n\t\t\t\t\t\t <tr>\n\t\t\t\t\t\t\t<td align=\"center\"><a name='LOOK'></a><A HREF=\"#LOOK\" onclick=\"showMorePic(1)\"><img border=\"0\" id=\"upfilePicUrl\"></A></td>\n\t\t\t\t\t\t </tr>\n\t\t\t\t\t\t <tr>\n\t\t\t\t\t\t\t<td align=\"center\"><div id=\"pictitle\"></div> <div>(<a href=\"#LOOK\" onclick=\"showMorePic('head')\">首张</a>) (<a href=\"#LOOK\" onclick=\"showMorePic(-1)\">上一张</a>) 【<span id=\"upfilePicNum\">1/2</span>】(<a href=\"#LOOK\" onclick=\"showMorePic(1)\">下一张</a>) (<a href=\"#LOOK\" onclick=\"showMorePic('end')\">尾张</a>)</div></td>\n\t\t\t\t\t\t </tr>\n\t\t\t\t\t\t</table>\n\t\t\t<SCRIPT LANGUAGE=\"JavaScript\">\n\t\t\t<!--\n\t\t\tvar upfilePicNumId=0;\n\t\t\tfunction showMorePic(todo){\n\n\t\t\tvar ImgLinks= new Array({$ImgLinks});\n\t\t\tvar ImgTitle= new Array({$ImgTitle});\n\n\tif(todo==1){\n\t\tupfilePicNumId++;\n\t}else if(todo==-1){\n\t\tupfilePicNumId--;\n\t}else if(todo=='head'){\n\t\tupfilePicNumId=0;\n\t}else if(todo=='end'){\n\t\tupfilePicNumId=ImgLinks.length-1;\n\t}\n\tif(upfilePicNumId<0){\n\t\talert(\"已经是第一张了!\");\n\t\tupfilePicNumId=0;\n\t}\n\tif( upfilePicNumId>(ImgLinks.length-1) ){\n\t\talert(\"已经是最后一张了!\");\n\t\tupfilePicNumId=ImgLinks.length-1;\n\t}\n\n\tdocument.getElementById(\"upfilePicNum\").innerHTML=\"<font color=red>\"+(upfilePicNumId+1)+\"</font>/\"+ImgLinks.length;\n\tdocument.getElementById(\"upfilePicUrl\").src=ImgLinks[upfilePicNumId];\n\n\tvar srcImage = new Image();\n\tsrcImage.src=ImgLinks[upfilePicNumId];\n\t\n\tsrcImage.onload=function (){\n\t\tdocument.getElementById(\"upfilePicUrl\").width=srcImage.width\n\t\tif(srcImage.width>500){document.getElementById(\"upfilePicUrl\").width=500;}\n\t}\n\n\tdocument.getElementById(\"upfilePicUrl\").alt=ImgTitle[upfilePicNumId];\n\tdocument.getElementById(\"pictitle\").innerHTML=ImgTitle[upfilePicNumId]+\" (<A HREF='\"+ImgLinks[upfilePicNumId]+\"' target='blank'>原始尺寸</A>)\"\n\t\t\t}\n\t\t\tshowMorePic()\n\t\t\t//-->\n\t\t\t</SCRIPT>\n\t\t\t"; } if ($rs[allowview]) { $detail = explode(",", $rs[allowview]); if (!$web_admin && $lfjuid != $rsdb[uid] && !in_array($groupdb['gid'], $detail)) { $rsdb[$key] = "<font color=red>权限不够,无法查看!</font>"; } } } }
$rsdb[posttime] = date("Y-m-d H:i:s", $rsdb[posttime]); require "head.php"; require ROOT_PATH . "{$dirname}/data/form_tpl/admin_bencandy_{$mid}.htm"; require "foot.php"; } elseif ($job == "yz") { $db->query("UPDATE `{$_pre}content` SET yz='{$yz}' WHERE id='{$id}'"); jump("修改成功", "{$FROMURL}", '0'); } elseif ($job == "reply") { $rsdb = $db->get_one("SELECT * FROM `{$pre}form_reply` WHERE id='{$id}'"); $rsdb[content] = En_TruePath($rsdb[content], 0); $rsdb[content] = editor_replace($rsdb[content]); get_admin_html('reply'); } elseif ($action == "reply") { $rsdb = $db->get_one("SELECT A.*,U.mobphone FROM `{$_pre}content` A LEFT JOIN `{$pre}memberdata` U ON A.uid=U.uid WHERE A.id='{$id}'"); $db->query("DELETE FROM `{$pre}form_reply` WHERE id='{$id}'"); $postdb[content] = En_TruePath($postdb[content]); $db->query("UPDATE `{$_pre}content` SET yz=1 WHERE id='{$id}'"); $db->query("INSERT INTO `{$pre}form_reply` ( `id` , `mid` , `posttime` , `uid` , `username` , `content` , `ip` ) VALUES ('{$id}', '{$mid}', '{$timestamp}', '{$userdb['uid']}', '{$userdb['username']}', '{$postdb['content']}', '{$onlineip}')"); //手机短信通知客户 if ($send_sms) { if (!$rsdb[mobphone]) { $MSG = '客户没有设置手机号码,短信发送失败.'; } else { $mdb = $db->get_one("SELECT * FROM {$_pre}module WHERE id='{$mid}' "); $Title = "你好,你在<{$webdb['webname']}-{$mdb['name']}>提的问题,管理员已作解答,请尽快上网查阅!"; if (sms_send($rsdb[mobphone], $Title) === 1) { $MSG = '短信发送成功'; } else { $MSG = '短信发送失败,请检查短信接口,是否帐号有误,或者是余额不足!'; } }
showerr("请先登录"); } elseif ($lfjuid != $rsdb[uid]) { showerr("你没权限查看!"); } } } $rsdb[posttime] = date("Y-m-d H:i:s", $rsdb[posttime]); require_once ROOT_PATH . "inc/encode.php"; foreach ($m_config[field_db] as $key => $rs) { if ($key == 'content') { continue; } if ($rs[form_type] == 'textarea') { $rsdb[$key] = format_text($rsdb[$key]); } elseif ($rs[form_type] == 'ieedit') { $rsdb[$key] = En_TruePath($rsdb[$key], 0); } elseif ($rs[form_type] == 'upfile') { $rsdb[$key] = tempdir($rsdb[$key]); } elseif ($rs[form_type] == 'upmorefile') { $detail = explode("\n", $rsdb[$key]); unset($rsdb[$key]); foreach ($detail as $_key => $value) { list($_url, $_name) = explode("@@@", $value); $_rsdb[$key][name][] = $_name = $_name ? $_name : "DownLoad{$_key}"; $_rsdb[$key][url][] = $_url = tempdir($_url); $rsdb[$key][show][] = "<A HREF='{$_url}' target=_blank>{$_name}</A>"; } $rsdb[$key] = implode("<br>", $rsdb[$key][show]); } elseif ($rs[form_type] == 'radio' || $rs[form_type] == 'select' || $rs[form_type] == 'checkbox') { $rsdb[$key] = SRC_true_value($rs, $rsdb[$key]); }
$value = "<a href='{$picdb['imglink']}' target=_blank><img src='{$picdb['imgurl']}' {$width} {$height} border='0' /></a>"; } else { $value = "<img src='{$picdb['imgurl']}' {$width} {$height} border='0' />"; } } elseif ($rs[type] == 'swf') { $flashdb = unserialize($rs[code]); $flashdb[flashurl] = tempdir($flashdb[flashurl]); $flashdb[width] && ($width = " width='{$flashdb['width']}'"); $flashdb[height] && ($height = " height='{$flashdb['height']}'"); $value = "<object type='application/x-shockwave-flash' data='{$flashdb['flashurl']}' {$width} {$height} wmode='transparent'><param name='movie' value='{$flashdb['flashurl']}' /><param name='wmode' value='transparent' /></object>"; } elseif ($rs[type] == 'rollpic') { $value = rollPic_flash(unserialize($rs[code])); } else { $value = stripslashes($rs[code]); //真实地址还原 $value = En_TruePath($value, 0); } } $show = stripslashes($value); if (!is_dir(dirname($FileName))) { makepath(dirname($FileName)); } if (time() - filemtime($FileName) > $webdb["cache_time_js"] * 60) { if ($webdb["cache_time_js"] != -1) { write_file($FileName, "<?php \r\n\$show=stripslashes('" . addslashes($show) . "'); ?>"); } } $show = str_replace(array("\r", "\n", "'"), array("", "", "\\'"), $show); if ($iframeID) { //框架方式不会拖慢主页面打开速度,推荐 //处理跨域问题
$postdb[admin] = ",{$admin_str},"; } else { $postdb[admin] = ''; } } $_sql = ''; foreach ($Together as $key => $value) { $_sql .= "`{$key}`='{$postdb[$key]}',"; } if ($_sql) { $_sql .= "sons=sons"; $db->query("UPDATE {$_pre}sort SET {$_sql} WHERE fup='{$postdb['fid']}'"); } $m_config = unserialize($rs_fid[config]); foreach ($m_config[is_html] as $key => $value) { $cpostdb[$key] = En_TruePath($cpostdb[$key]); } $_array = array_flip($m_config[is_html]); foreach ($cpostdb as $key => $value) { $cpostdb[$key] = stripslashes($cpostdb[$key]); if (is_array($value)) { $cpostdb[$key] = implode("/", $value); } elseif (!@in_array($key, $_array)) { //$postdb[$key]=filtrate($value); } } $m_config[field_value] = $cpostdb; $postdb[config] = addslashes(serialize($m_config)); $postdb[name] = filtrate($postdb[name]); $postdb[dir_name] = preg_replace("/(\\/|\\\\|-)/", "_", $postdb[dir_name]); $db->query("UPDATE {$_pre}sort SET mid='{$postdb['mid']}',fup='{$postdb['fup']}',name='{$postdb['name']}',type='{$postdb['type']}',admin='{$postdb['admin']}',passwd='{$postdb['passwd']}',logo='{$postdb['logo']}',descrip='{$postdb['descrip']}',metatitle='{$postdb['metatitle']}',metakeywords='{$postdb['metakeywords']}',metadescription='{$postdb['metadescription']}',style='{$postdb['style']}',template='{$postdb['template']}',jumpurl='{$postdb['jumpurl']}',listorder='{$postdb['listorder']}',maxperpage='{$postdb['maxperpage']}',allowcomment='{$postdb['allowcomment']}',allowpost='{$postdb['allowpost']}',allowviewtitle='{$postdb['allowviewtitle']}',allowviewcontent='{$postdb['allowviewcontent']}',allowdownload='{$postdb['allowdownload']}',forbidshow='{$postdb['forbidshow']}',config='{$postdb['config']}',index_show='{$postdb['index_show']}',ifcolor='{$postdb['ifcolor']}',dir_name='{$postdb['dir_name']}'{$SQL} WHERE fid='{$postdb['fid']}' ");
$div = addslashes(serialize($div_db)); $typesystem = 0; //插入或更新标签库 do_post(); } else { $rsdb = get_label(); $div = unserialize($rsdb[divcode]); @extract($div); $code = unserialize($rsdb[code]); @extract($code); if (!is_array($picurl)) { $picurl = array(1 => "", 2 => ""); } $div_width && ($div_w = $div_width); $div_height && ($div_h = $div_height); if ($rsdb[js_time]) { $js_time = 'checked'; } $hide = (int) $rsdb[hide]; $hidedb["{$hide}"] = "checked"; foreach ($picurl as $key => $value) { $picurl[$key] = En_TruePath($value, 0); } foreach ($piclink as $key => $value) { $piclink[$key] = En_TruePath($value, 0); } $_rolltype[intval($rolltype)] = ' checked '; require "head.php"; require "template/label/rollpic.htm"; require "foot.php"; }
function checkpost($field_db, &$postdb, $rsdb = '') { foreach ($field_db as $key => $rs) { //检查必填项目 if ($rs[mustfill] == 1) { if (is_array($postdb[$rs[field_name]])) { if (implode('', $postdb[$rs[field_name]]) === '') { showerr("{$rs['title']},你必须选择一项"); } } elseif ($postdb[$rs[field_name]] === '' || !isset($postdb[$rs[field_name]])) { showerr("{$rs['title']},不能为空"); } } //检查是否是整数 if ($rs[field_type] == 'int' && $postdb[$rs[field_name]] && !ereg("^[-0-9]+\$", $postdb[$rs[field_name]])) { showerr("{$rs['title']} 必须为整数"); } //检查是否超出字数 if ($rs[field_type] == 'varchar') { $rs[field_leng] = $rs[field_leng] ? $rs[field_leng] : 255; if (strlen($postdb[$rs[field_name]]) > $rs[field_leng]) { showerr("{$rs['title']} 不能超过 {$rs[field_leng]} 个字"); } } if ($rs[field_type] == 'int') { $rs[field_leng] = $rs[field_leng] ? $rs[field_leng] : 10; if (strlen($postdb[$rs[field_name]]) > $rs[field_leng]) { showerr("{$rs['title']} 不能超过 {$rs[field_leng]} 个字"); } } if ($rs[form_type] == 'upmorefile' || $rs[form_type] == 'upmorepic') { //修改的时候 $array = array(); if ($rsdb[$rs[field_name]]) { $detail = explode("\n", $rsdb[$rs[field_name]]); foreach ($detail as $value) { $d = explode("@@@", $value); $array[] = $d[0]; } } foreach ($postdb[$rs[field_name]][url] as $key => $value) { if (!$value) { continue; } //修改的时候.就不需要 if (!@in_array($value, $array)) { //$this->cut_img($value,$postdb); //裁个小图出来 //$this->img_water($value); //加水印 } //标题介绍图 if (!$postdb[picurl]) { $postdb[picurl] = $value; $postdb[ispic] = 1; } $_array[] = "{$value}@@@{$postdb[$rs[field_name]][name][$key]}@@@{$postdb[$rs[field_name]][fen][$key]}"; } $postdb[$rs[field_name]] = implode("\n", $_array); } if ($rs[form_type] == 'ieedit' || $rs[form_type] == 'ieeditsimp') { global $lfjdb, $_pre; $postdb[$key] = str_replace("<img ", "<img onload=\\'if(this.width>600)makesmallpic(this,600,800);\\' ", $postdb[$key]); $postdb[$key] = move_attachment($lfjdb[uid], $postdb[$key], "{$_pre}/" . date("W")); $postdb[$key] = En_TruePath($postdb[$key]); //过滤js代码 $postdb[$key] = preg_replace('/javascript/i', 'java script', $postdb[$key]); //过滤框架代码 $postdb[$key] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $postdb[$key]); } elseif ($rs[form_type] == 'classdb') { $postdb[$key] = filtrate(implode("/#/", $postdb[$key])); } else { if (is_array($postdb[$key])) { $postdb[$key] = implode("/", $postdb[$key]); } //过滤不安全的字符 $postdb[$key] = filtrate($postdb[$key]); } if (strlen($postdb[$key]) > 30000) { showerr("内容不能大于1.5万个汉字"); } } }
if (!$rsdb) { showerr("当前用户不存在"); } if (!$title) { showerr("标题不能为空"); } if (strlen($array[title]) > 100) { showerr("标题太长了!"); } $array[touid] = $rsdb[uid]; $array[fromuid] = $lfjuid; $array[fromer] = $lfjid; $array[title] = filtrate($title); //针对火狐浏览器做的处理 $postdb[content] = str_replace("=\\\"../{$webdb['updir']}/", "=\\\"{$webdb['www_url']}/{$webdb['updir']}/", $postdb[content]); $postdb[content] = preg_replace('/javascript/i', 'java script', $postdb[content]); $postdb[content] = preg_replace('/<(script)([^<>]*)>/i', '<\\1\\2>', $postdb[content]); $postdb[content] = preg_replace('/<iframe ([^<>]+)>/i', '<iframe \\1>', $postdb[content]); $array[content] = stripslashes($postdb[content]); $array[content] = En_TruePath($array[content], 1); pm_msgbox($array); refreshto("?job=list", "发送成功", 1); } if ($uid) { $rsdb = $userDB->get_passport($uid); $username = $rsdb[username]; } require dirname(__FILE__) . "/" . "head.php"; require dirname(__FILE__) . "/" . "template/pm/send.htm"; require dirname(__FILE__) . "/" . "foot.php"; }
<?php $label[enterprise_hotline] = En_TruePath(stripslashes("<div align=\"right\"><font color=\"#000000\" size=\"+1\" face=\"Arial Black, Gadget, sans-serif\">销售热线:13507424308 15197343170</font></div>"), 0); $label[enterprise_headatc] = En_TruePath(stripslashes("<a href=\"http://www_qibosoft_com/form/form.php?mid=2\" class=\"help\">在线报名</a>\r\r\n<a href=\"http://www_qibosoft_com/guestbook/\" class=\"set\"> 访客留言</a>"), 0); $label[enterprise_menu] = En_TruePath(stripslashes("<li class=\"begin\"><a href=\"http://www_qibosoft_com\" class=\"ck\" onmouseover=\"SubOn(this)\">网站首页</a></li>\r\r\n<li><a href=\"http://www_qibosoft_com/introduce.htm\" onmouseover=\"SubOn(this)\">关于我们</a></li>\r\r\n<li><a href=\"#\" onmouseover=\"SubOn(this)\">产品中心</a></li>\r\r\n<li><a href=\"#\" onmouseover=\"SubOn(this)\">新闻中心</a></li>\r\r\n<li><a href=\"#\" onmouseover=\"SubOn(this)\">企业招聘</a></li>\r\r\n<li><a href=\"#\" onmouseover=\"SubOn(this)\">售后服务</a></li>\r\r\n<li><a href=\"#\" onmouseover=\"SubOn(this)\">联系我们</a></li>"), 0);
} else { $postdb[title] = $title; } if (!$postdb[picurl] && $webdb[if_gdimg]) { $smallpic = str_replace(".", "_", $photo) . ".gif"; $Newpicpath = ROOT_PATH . "{$webdb['updir']}/{$smallpic}"; gdpic(ROOT_PATH . "{$webdb['updir']}/{$photo}", $Newpicpath, 200, 150); if (file_exists($Newpicpath)) { $postdb[picurl] = "{$smallpic}"; } else { $postdb[picurl] = "{$photo}"; } } elseif (!$postdb[picurl]) { $postdb[picurl] = "{$photo}"; } $postdb[content] = addslashes(En_TruePath("<CENTER><IMG onclick=window.open(this.src); src='" . tempdir($photo) . "' onload=makesmallpic(this,500,700); border=0><br><br>{$namedb[$key]}</CENTER>")); $postdb[yz] = 1; $erp = $Fid_db[iftable][$postdb[fid]]; if ($batch == 0 || $ck == 0) { $timestamp++; $db->query("\n\t\t\tINSERT INTO {$pre}article{$erp} ( `title`, `fid`,`fname`,`pages`, `posttime`, `list`, `uid`, `username`, `author`,`picurl`,`ispic`, `yz`, `keywords`,`style`, `template`, `target`,`ip` ) \n\t\t\tVALUES\n\t\t\t('{$postdb['title']}','{$postdb['fid']}','{$fname}','1','{$timestamp}','{$timestamp}','{$userdb['uid']}','{$userdb['username']}','{$postdb['author']}','{$postdb['picurl']}',1,'{$postdb['yz']}','{$postdb['keywords']}','{$postdb['style']}','{$postdb['template']}','{$postdb['target']}','{$onlineip}')\n\t\t\t"); $rs = $db->get_one("SELECT * FROM {$pre}article{$erp} ORDER BY aid DESC LIMIT 1"); $db->query("INSERT INTO {$pre}reply{$erp} ( `aid` , `fid` ,`uid` , `content` ,`topic`) VALUES ( '{$rs['aid']}', '{$postdb['fid']}','{$userdb['uid']}', '{$postdb['content']}','1')"); unset($postdb[picurl]); $aidDB[] = $rs[aid]; } else { $db->query(" UPDATE {$pre}article{$erp} SET pages=pages+1 WHERE aid='{$rs['aid']}' "); $db->query("INSERT INTO {$pre}reply{$erp} ( `aid` , `fid` ,`uid` , `content`) VALUES ( '{$rs['aid']}', '{$postdb['fid']}','{$userdb['uid']}', '{$postdb['content']}')"); $II++; } $ck++;
function delete_attachment($uid, $str) { global $webdb, $db, $pre; if (!$str || !$uid) { return; } //ÕæʵµØÖ·»¹Ô $str = En_TruePath($str, 0); $filedb = get_content_attachment($str); foreach ($filedb as $key => $value) { $name = basename($value); $detail = explode("_", $name); //»ñÈ¡ÎļþµÄUIDÓëÓû§µÄUIDÒ»Ñùʱ.²Åɾ³ý.²»ÒªÂÒɾ³ý if ($detail[0] && $detail[0] == $uid) { $turepath = ROOT_PATH . $webdb[updir] . "/" . $value; if ($rs = $db->get_one("SELECT * FROM {$pre}upfile WHERE filename='{$name}'")) { if ($rs[num] > 1) { $db->query("UPDATE `{$pre}upfile` SET `num`=`num`-1 WHERE filename='{$name}'"); continue; } $db->query("DELETE FROM `{$pre}upfile` WHERE filename='{$name}'"); } $size = @filesize($turepath); $size && @unlink($turepath); //ɾ³ýFTPÉϵÄ×ÊÔ´ if (!$size && $webdb[ArticleDownloadUseFtp]) { $value && ($size = ftp_delfile($value)); } $db->query(" UPDATE {$pre}memberdata SET usespace=usespace-'{$size}' WHERE uid='{$uid}' "); } } }
<?php require dirname(__FILE__) . "/" . "global.php"; //栏目导航 get_guide($fid); if (!is_writable(ROOT_PATH . "cache/htm_cache/{$cacheid}_makelist.php")) { showerr("/cache/htm_cache/{$cacheid}_makelist.php文件不存在,或文件不可写"); } set_time_limit(0); $fidDB = $db->get_one("SELECT S.*,M.alias AS M_alias,M.config AS M_config FROM {$pre}sort S LEFT JOIN {$pre}article_module M ON S.fmid=M.id WHERE S.fid='{$fid}'"); $fidDB[M_alias] || ($fidDB[M_alias] = '文章'); $fidDB[M_config] = unserialize($fidDB[M_config]); $fidDB[config] = unserialize($fidDB[config]); $fidDB[descrip] = En_TruePath($fidDB[descrip], 0); if ($fidDB[type] == 2) { $rsdb[content] = $fidDB[descrip]; } $fupId = intval($fidDB[type] ? $fid : $fidDB[fup]); //相关栏目名称模板 if (is_file(html("{$webdb['SideSortStyle']}"))) { $sortnameTPL = html("{$webdb['SideSortStyle']}"); } else { $sortnameTPL = html("side_sort/0"); } //栏目介绍模板 $aboutsortTPL = html("aboutsort_tpl/0"); //大分类显示方式 $fidDB[config][ListShowBigType] || ($fidDB[config][ListShowBigType] = 0); unset($bigsortTPL); if ($fidDB[fmid] && !$fidDB[config][ListShowBigType]) { $bigsortTPL = html("bigsort_tpl/mod_{$fidDB['fmid']}");
$TempSearch_array[$key] = ${$key}; //其它链接使用 $search_fieldDB[$key][${$key} != '' ? ${$key} : 0] = " selected class='ck' style='color:red;'"; } } /** *栏目配置参数及栏目用户自定义的变量 *对栏目用户自定义的变量附件路径做处理 *以下用的比较少,可以删除忽略 **/ $fidDB[config] = unserialize($fidDB[config]); $CV = $fidDB[config][field_value]; $_array = array_flip($fidDB[config][is_html]); foreach ($fidDB[config][field_db] as $key => $rs) { if (in_array($key, $_array)) { $CV[$key] = En_TruePath($CV[$key], 0); } elseif ($rs[form_type] == 'upfile') { $CV[$key] = tempdir($CV[$key]); } } //SEO $titleDB[title] = $fidDB[metatitle] ? $fidDB[metatitle] : strip_tags("{$city_DB[name][$city_id]} {$fidDB['name']}"); $titleDB[keywords] = $fidDB[metakeywords]; $titleDB[description] = $fidDB[metadescription]; //栏目风格 $fidDB[style] && ($STYLE = $fidDB[style]); /** *栏目模板优先于城市模板 **/ if ($fidDB[template]) { $FidTpl = unserialize($fidDB[template]);
function label_hf($tag, $_value) { global $db, $pre, $webdb; $query = $db->query(" SELECT * FROM {$pre}label WHERE chtype='99' "); while ($rs = $db->fetch_array($query)) { if ($rs[type] == 'code') { $rs[code] = En_TruePath($rs[code], 0); $value = stripslashes($rs[code]); //$value=str_replace("$webdb[www_url]/$webdb[updir]",'$webdb[www_url]/$webdb[updir]',$value); } elseif ($rs[type] == 'pic') { $picdb = unserialize($rs[code]); $picdb[imgurl] = tempdir("{$picdb['imgurl']}"); $picdb[width] && ($width = " width='{$picdb['width']}'"); $picdb[height] && ($height = " height='{$picdb['height']}'"); if ($picdb['imglink']) { $value = "<a href='{$picdb['imglink']}' target=_blank><img src='{$picdb['imgurl']}' {$width} {$height} border='0' /></a>"; } else { $value = "<img src='{$picdb['imgurl']}' {$width} {$height} border='0' />"; } //$value=str_replace("$webdb[www_url]/$webdb[updir]",'$webdb[www_url]/$webdb[updir]',$value); } elseif ($rs[type] == 'swf') { $flashdb = unserialize($rs[code]); $flashdb[flashurl] = tempdir($flashdb[flashurl]); $flashdb[width] && ($width = " width='{$flashdb['width']}'"); $flashdb[height] && ($height = " height='{$flashdb['height']}'"); $value = "<object type='application/x-shockwave-flash' data='{$flashdb['flashurl']}' {$width} {$height} wmode='transparent'><param name='movie' value='{$flashdb['flashurl']}' /><param name='wmode' value='transparent' /></object>"; //$value=str_replace("$webdb[www_url]/$webdb[updir]",'$webdb[www_url]/$webdb[updir]',$value); } else { $value = stripslashes($rs[code]); //真实地址还原 $value = En_TruePath($value, 0); } $label[$rs[tag]] = $value; } $label[$tag] = stripslashes($_value); $show = "<?php\r\n"; foreach ($label as $key => $value) { if ($value == '') { continue; } $value = addslashes($value); $value = str_replace('$', '\\$', $value); //$value=str_replace("$webdb[www_url]/$webdb[updir]",'$webdb[www_url]/$webdb[updir]',$value); $value = En_TruePath($value, 1); $show .= "\n\t\t\$label[{$key}]=En_TruePath(stripslashes(\"{$value}\"),0);"; } write_file(ROOT_PATH . "data/label_hf.php", $show); }
$postdb[imglink] = En_TruePath($imglink); $postdb[width] = $width; $postdb[height] = $height; $code = addslashes(serialize($postdb)); $div_db[div_w] = $div_w; $div_db[div_h] = $div_h; $div_db[div_bgcolor] = $div_bgcolor; $div = addslashes(serialize($div_db)); $typesystem = 0; //插入或更新标签库 do_post(); } else { $rsdb = get_label(); $div = unserialize($rsdb[divcode]); @extract($div); $code = unserialize($rsdb[code]); @extract($code); $rsdb[hide] ? $hide_1 = 'checked' : ($hide_0 = 'checked'); if ($rsdb[js_time]) { $js_time = 'checked'; } $div_width && ($div_w = $div_width); $div_height && ($div_h = $div_height); $hide = (int) $rsdb[hide]; $imgurl = En_TruePath($imgurl, 0); $imglink = En_TruePath($imglink, 0); $hidedb["{$hide}"] = "checked"; require "head.php"; require "template/label/pic.htm"; require "foot.php"; }