function delete_poll($poll_id)
{
global $msql, $strVoteDelOK;
$msql->query(" DELETE FROM {P}_tools_polldata WHERE poll_id = '{$poll_id}' ");
$msql->query(" DELETE FROM {P}_tools_pollindex WHERE id = '{$poll_id}' ");
$del_message = SayOk($strVoteDelOK, "poll_set.php?action=show", "");
return $del_message;
}
function ResetPass()
{
global $msql, $SiteUrl;
global $strLostpassNtc1, $strLostpassNtc2, $strLostpassNtc3, $strLostpassNtc4, $strLostpassNtc5;
global $strLostpassNtc6, $strLostpassNtc7, $strLostpassNtc8, $strLostpassNtc9;
$coltitle = $GLOBALS["PLUSVARS"]["coltitle"];
$tempname = $GLOBALS["PLUSVARS"]["tempname"];
$Temp = LoadTemp($tempname);
$step = $_REQUEST["step"];
if ($step == "checkmail") {
$codestr = $_GET["codestr"];
$username = $_GET["username"];
$tm = $_GET["tm"];
if (!isset($_COOKIE["NEWPASSWD"]) || $_COOKIE["NEWPASSWD"] == "") {
$PageMain = err($strLostpassNtc7, "lostpass.php", "");
return $PageMain;
}
$md5 = md5($username . "Z(o)C~LoSbZ8Tj7MvBAs(8)!nn^Lp^12345^Pm" . $_COOKIE["NEWPASSWD"] . $tm);
if ($md5 == $codestr) {
$mdpass = md5($_COOKIE["NEWPASSWD"]);
$msql->query("update {P}_member set password='******' where user='******'");
$PageMain = SayOk($strLostpassNtc8, "login.php", "");
return $PageMain;
} else {
$PageMain = err($strLostpassNtc9, "lostpass.php", "");
return $PageMain;
}
} elseif ($step == "2") {
$username = $_POST["username"];
$newpass = $_POST["newpass"];
if (!isset($username) || $username == "" || $newpass == "") {
$str = err($strLostpassNtc1, "", "");
return $str;
} else {
$msql->query("select email from {P}_member where user='******'");
if ($msql->next_record()) {
$email = $msql->f('email');
$tm = time();
setCookie("NEWPASSWD", $newpass, time() + 7200);
$md5 = md5($username . "Z(o)C~LoSbZ8Tj7MvBAs(8)!nn^Lp^12345^Pm" . $newpass . $tm);
$link = $SiteUrl . "lostpass.php?step=checkmail&username="******"&codestr=" . $md5 . "&tm=" . $tm;
$message = $username . $strLostpassNtc2 . "\r\n \r\n" . $strLostpassNtc3 . "\r\n \r\n" . $link . "\r\n \r\n" . $GLOBALS["CONF"]["SiteName"] . "\r\n" . $GLOBALS["CONF"]["SiteHttp"];
include ROOTPATH . "includes/ebmail.inc.php";
ebmail($email, $GLOBALS["CONF"]["SiteEmail"], $strLostpassNtc4, $message);
$str = SayOk($strLostpassNtc5 . "<br><br>" . $email, "", "");
return $str;
} else {
$str = err($strLostpassNtc6, "", "");
return $str;
}
}
} else {
$var = array('coltitle' => $coltitle);
$str = ShowTplTemp($Temp, $var);
return $str;
}
}
//校验处理
if ($jobname == "") {
err($strJobNotice2, "", "");
}
if (strlen($jobname) > 200) {
err($strJobNotice3, "", "");
}
if (strlen($jobintro) > 65000) {
err($strJobNotice5, "", "");
}
if (strlen($jobrequest) > 65000) {
err($strJobNotice6, "", "");
}
//插入数据
$msql->query("update {P}_job set \r\n\tjobname='{$jobname}',\r\n\tjobtype='{$jobtype}',\r\n\texperience='{$experience}',\r\n\teducation='{$education}',\r\n\tlangneed='{$langneed}',\r\n\tlanglevel='{$langlevel}',\r\n\tpnums='{$pnums}',\r\n\tjobaddr='{$jobaddr}',\r\n\tjobintro='{$jobintro}',\r\n\tjobrequest='{$jobrequest}',\r\n\tjobstat='{$jobstat}',\r\n\tcontact='{$contact}',\r\n\ttel='{$tel}',\r\n\temail='{$email}',\r\n\tuptime='{$uptime}' where id='{$id}'");
SayOk($strJobNotice8, "job.php", "");
}
?>
<?php
$msql->query("select * from {P}_job where id='{$id}' limit 0,1");
if ($msql->next_record()) {
$jobname = $msql->f('jobname');
$jobtype = $msql->f('jobtype');
$experience = $msql->f('experience');
$education = $msql->f('education');
$langneed = $msql->f('langneed');
$langlevel = $msql->f('langlevel');
$pnums = $msql->f('pnums');
$jobaddr = $msql->f('jobaddr');
$jobintro = $msql->f('jobintro');
function modify_poll($poll_id)
{
$groupname = $_POST["groupname"];
$cc = $_POST["cc"];
$option_id = $_POST["option_id"];
$votes = $_POST["votes"];
$status = $_POST["status"];
$color = $_POST["color"];
global $msql;
global $strVoteSel, $strModifyOk, $strVoteSave, $strClose, $strOpen, $strHidden, $strVoteTitle;
global $strVoteColor1, $strVoteColor2, $strVoteColor3, $strVoteColor4, $strVoteColor5, $strVoteColor6;
global $strVoteColor7, $strVoteColor8, $strVoteColor9, $strVoteColor10, $strVoteColor11, $strVoteColor12;
if ($cc == $strVoteSave) {
$msql->query(" UPDATE {P}_tools_pollindex SET\r\n\t\t\t\t\t\tgroupname = '{$groupname}',\r\n\t\t\t\t\t\tstatus = '{$status}'\r\n\t\t\t\t\t where id = '{$poll_id}' ");
for ($i = 1; $i <= sizeof($option_id); $i++) {
$option_id[$i] = trim($option_id[$i]);
if (!empty($option_id[$i])) {
if (!get_magic_quotes_gpc()) {
$option_id[$i] = addslashes($option_id[$i]);
}
$msql->query(" UPDATE {P}_tools_polldata SET \r\n\t\t\t\t\t\t\t\toption_text = '{$option_id[$i]}',\r\n\t\t\t\t\t\t\t\tcolor = '{$color[$i]}',\r\n\t\t\t\t\t\t\t\tvotes = '{$votes[$i]}'\r\n\t\t\t\t\t\t\t\twhere option_id = '{$i}' and poll_id = '{$poll_id}' ");
}
}
SayOk($strModifyOk, "", "");
}
$msql->query(" SELECT * FROM {P}_tools_pollindex WHERE id = '{$poll_id}' ");
if ($msql->next_record()) {
$groupname = $msql->f('groupname');
$status = $msql->f('status');
$modify_string = "<tr><td width=\"90\" >" . $strVoteTitle . "</td><td >\r\n\t\t\t\t <input type=\"text\" name=\"groupname\" value=\"{$groupname}\" size=\"29\" class=\"input\" />\r\n\t\t\t\t <select name=\"status\" id=\"status\">\r\n <option value=\"0\" " . seld($status, 0) . ">" . $strClose . "</option><option value=\"1\" " . seld($status, 1) . ">" . $strOpen . "</option><option value=\"2\" " . seld($status, 2) . ">" . $strHidden . "</option></select></td></tr>";
}
$msql->query(" SELECT * FROM {P}_tools_polldata WHERE poll_id = '{$poll_id}' ORDER BY option_id ASC");
while ($msql->next_record()) {
$option_id = $msql->f('option_id');
$option_text = $msql->f('option_text');
$color = $msql->f('color');
$votes = $msql->f('votes');
$seloption_id = $modify_string .= "<tr><td >" . $strVoteSel . "(" . $option_id . ")</td>\r\n\t\t\t\t\t<td >\r\n\t\t\t\t\t<input name=\"option_id[{$option_id}]\" type=\"text\" value=\"{$option_text}\" class=\"input\" />\r\n\t\t\t\t\t<input name=\"votes[{$option_id}]\" type=\"text\" id=\"vote\" value=\"{$votes}\" size=\"5\" class=\"input\" />\r\n\t\t\t\t\t<select class=\"select\" name=\"color[{$option_id}]\" onChange=\"javascript:ChangeBar(options[selectedIndex].value,{$option_id})\">\r\n <option value=\"blank\" " . seld($color, "blank") . ">---</option>\r\n <option value=\"aqua\" " . seld($color, "aqua") . ">" . $strVoteColor1 . "</option>\r\n <option value=\"blue\" " . seld($color, "blue") . ">" . $strVoteColor2 . "</option>\r\n <option value=\"brown\" " . seld($color, "brown") . ">" . $strVoteColor3 . "</option>\r\n <option value=\"darkgreen\" " . seld($color, "darkgreen") . ">" . $strVoteColor4 . "</option>\r\n <option value=\"gold\" " . seld($color, "gold") . ">" . $strVoteColor5 . "</option>\r\n <option value=\"green\" " . seld($color, "green") . ">" . $strVoteColor6 . "</option>\r\n <option value=\"grey\" " . seld($color, "grey") . ">" . $strVoteColor7 . "</option>\r\n <option value=\"orange\" " . seld($color, "orange") . ">" . $strVoteColor8 . "</option>\r\n <option value=\"pink\" " . seld($color, "pink") . ">" . $strVoteColor9 . "</option>\r\n <option value=\"purple\" " . seld($color, "purple") . ">" . $strVoteColor10 . "</option>\r\n <option value=\"red\" " . seld($color, "red") . ">" . $strVoteColor11 . "</option>\r\n <option value=\"yellow\" " . seld($color, "yellow") . ">" . $strVoteColor12 . "</option>\r\n\r\n </select><img src=\"images/" . $color . ".gif\" name=\"bar{$option_id}\" width=\"8\" height=\"8\" align=\"absmiddle\"></td></tr>";
}
$modify_string .= "<tr><td ></td><td ><input type=\"submit\" name=\"cc\" value=\"" . $strVoteSave . "\"></td></tr>";
return $modify_string;
}
echo $strAdminTitle;
?>
</title>
</head>
<body>
<?php
if ($step == "modify") {
$var = $_POST["var"];
while (list($key, $val) = each($var)) {
$msql->query("update {P}_down_config set value='{$val}' where variable='{$key}'");
}
SayOk($strConfigOk, "config.php", "");
}
?>
<div class="formzone">
<form name="form1" method="post" action="config.php">
<div class="tablezone">
<table width="100%" border="0" align="center" cellpadding="8" cellspacing="0">
<tr>
<td class="innerbiaoti"><strong><?php
echo $strConfigName;
?>
</strong></td>
<td class="innerbiaoti" width="300" height="28"><strong><?php
echo $strConfigSet;
?>
}
if ($clearcount == "yes") {
$msql->query("delete from {P}_tools_statdate");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (11, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
$msql->query("INSERT INTO {P}_tools_statdate VALUES (12, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)");
SayOk($strStatNotice3, "", "");
exit;
}
$hour = $_REQUEST["hour"];
$minute = $_REQUEST["minute"];
$second = $_REQUEST["second"];
$month = $_REQUEST["month"];
$day = $_REQUEST["day"];
$year = $_REQUEST["year"];
$ShowCount = $_REQUEST["ShowCount"];
$ShowCountType = $_REQUEST["ShowCountType"];
$ShowCountSize = $_REQUEST["ShowCountSize"];
$ShowCountStat = $_REQUEST["ShowCountStat"];
$CountIpExp = $_REQUEST["CountIpExp"];
if ($step == "mod") {
$starttime = @mktime($hour, $minute, $second, $month, $day, $year);
function modify_poll($poll_id)
{
$groupname = $_POST["groupname"];
$cc = $_POST["cc"];
$votes = $_POST["votes"];
$status = $_POST["status"];
global $msql;
global $strVoteSel, $strModifyOk, $strVoteSave, $strClose, $strOpen, $strHidden, $strVoteTitle;
global $strVoteColor1, $strVoteColor2, $strVoteColor3, $strVoteColor4, $strVoteColor5, $strVoteColor6;
global $strVoteColor7, $strVoteColor8, $strVoteColor9, $strVoteColor10, $strVoteColor11, $strVoteColor12;
if ($cc == $strVoteSave) {
$uptime = time();
$msql->query(" UPDATE {P}_tools_photopollindex SET\r\n\t\t\t\t\t\tcat = '{$groupname}',\r\n\t\t\t\t\t\tgroupname = '{$groupname}',\r\n\t\t\t\t\t\tstatus = '{$status}'\r\n\t\t\t\t\t where id = '{$poll_id}' ");
SayOk($strModifyOk, "", "");
}
$msql->query(" SELECT * FROM {P}_tools_photopollindex WHERE id = '{$poll_id}' ");
if ($msql->next_record()) {
$groupname = $msql->f('groupname');
$status = $msql->f('status');
$modify_string = "<tr><td width=\"90\" >" . $strVoteTitle . "</td><td >\r\n\t\t\t\t <input type=\"text\" name=\"groupname\" value=\"{$groupname}\" size=\"29\" class=\"input\" />\r\n\t\t\t\t <select name=\"status\" id=\"status\">\r\n <option value=\"0\" " . seld($status, 0) . ">" . $strClose . "</option><option value=\"1\" " . seld($status, 1) . ">" . $strOpen . "</option><option value=\"2\" " . seld($status, 2) . ">" . $strHidden . "</option></select></td></tr>";
}
$modify_string .= "<tr><td ></td><td ><input type=\"submit\" name=\"cc\" value=\"" . $strVoteSave . "\"></td></tr>";
return $modify_string;
}
$updatemode = $_POST["updatemode"];
$ids = $_POST["ids"];
if (strlen($body) > 65000) {
err($strDiyNotice3, "", "");
exit;
}
$body = Url2Path($body);
$msql->query("update {P}_base_plus set `body`='{$body}' where `pluslable`='modEdit' and id='{$nowplusid}'");
if ($updatemode == "all") {
$nums = sizeof($ids);
for ($i = 0; $i < $nums; $i++) {
$idall = $ids[$i];
$msql->query("update {P}_base_plus set `body`='{$body}' where `pluslable`='modEdit' and id='{$idall}'");
}
}
SayOk($strDiyNotice5, "plus_diyedit.php?nowplusid=" . $nowplusid, "");
exit;
}
//空时取第一个
if ($nowplusid == "") {
$fsql->query("select id from {P}_base_plus where `pluslable`='modEdit' order by plustype limit 0,1");
if ($fsql->next_record()) {
$nowplusid = $fsql->f('id');
}
}
?>
<form name="selpluslocat" method="get" action="" >
<select name="pp" onchange="self.location=this.options[this.selectedIndex].value" >
<?php
$msql->query("select * from {P}_base_plus where `pluslable`='modEdit' order by plustype");
$moveable = $_POST["moveable"];
$textfield = $_POST["textfield"];
$fieldsize = $_POST["fieldsize"];
$fieldvalue = $_POST["fieldvalue"];
$mustfill = $_POST["mustfill"];
$canrepeat = $_POST["canrepeat"];
$memo = $_POST["memo"];
$used = $_POST["used"];
$xuhao = $_POST["xuhao"];
$nums = sizeof($field_id);
for ($j = 1; $j <= $nums; $j++) {
$fieldtype = "fieldtype_" . $j;
$field_type = $_POST[$fieldtype];
$msql->query("update {P}_feedback set \r\n\t\tfield_caption = '{$textfield[$j]}',\r\n\t\tfield_type = '{$field_type}',\r\n\t\tfield_size = '{$fieldsize[$j]}',\r\n\t\tfield_value = '{$fieldvalue[$j]}',\r\n\t\tfield_null = '{$mustfill[$j]}',\r\n\t\tvalue_repeat = '{$canrepeat[$j]}',\r\n\t\tfield_intro = '{$memo[$j]}',\r\n\t\tuse_field = '{$used[$j]}',\r\n\t\txuhao = '{$xuhao[$j]}'\r\n \t\twhere id = '{$field_id[$j]}'");
}
SayOk($strFormNotice2, "form_set.php?groupid=" . $groupid, "");
} else {
?>
<div class="listzone">
<form name="dform" action="form_set.php" method="post">
<table width="100%" border="0" cellspacing="0" align="center" cellpadding="3">
<tr bgcolor="#f0f0f0">
<td width="35" height="28" class="biaoti"><?php
echo $strFormL1;
?>
</td>
<td width="35" class="biaoti"><?php
echo $strFormL9;
?>
</td>
$moveable = $_POST["moveable"];
$textfield = $_POST["textfield"];
$fieldsize = $_POST["fieldsize"];
$fieldvalue = $_POST["fieldvalue"];
$mustfill = $_POST["mustfill"];
$canrepeat = $_POST["canrepeat"];
$memo = $_POST["memo"];
$used = $_POST["used"];
$xuhao = $_POST["xuhao"];
$nums = sizeof($field_id);
for ($j = 1; $j <= $nums; $j++) {
$fieldtype = "fieldtype_" . $j;
$field_type = $_POST[$fieldtype];
$msql->query("update {P}_job_form set \r\n\t\tfield_caption = '{$textfield[$j]}',\r\n\t\tfield_type = '{$field_type}',\r\n\t\tfield_size = '{$fieldsize[$j]}',\r\n\t\tfield_value = '{$fieldvalue[$j]}',\r\n\t\tfield_null = '{$mustfill[$j]}',\r\n\t\tvalue_repeat = '{$canrepeat[$j]}',\r\n\t\tfield_intro = '{$memo[$j]}',\r\n\t\tuse_field = '{$used[$j]}',\r\n\t\txuhao = '{$xuhao[$j]}'\r\n \t\twhere id = '{$field_id[$j]}'");
}
SayOk($strFormNotice2, "form_set.php", "");
} else {
?>
<div class="listzone">
<form name="dform" action="form_set.php" method="post">
<table width="100%" border="0" cellspacing="0" align="center" cellpadding="3">
<tr bgcolor="#f0f0f0">
<td width="35" height="28" class="biaoti"><?php
echo $strFormL1;
?>
</td>
<td width="35" class="biaoti"><?php
echo $strFormL9;
?>
</td>
fclose($fd);
$filename = "../" . $folder . "/" . $pagefolder . ".php";
$fp = fopen($filename, "w");
fwrite($fp, $str);
fclose($fp);
@chmod($filename, 0755);
//添加页面记录
$msql->query("insert into {P}_base_pageset set \r\n\t\t\t`name`='{$title}',\r\n\t\t\t`coltype`='page',\r\n\t\t\t`pagename`='{$pagename}',\r\n\t\t\t`buildhtml`='0'\r\n\t\t");
}
$msql->query("select max(xuhao) from {P}_page where groupid='{$groupid}'");
if ($msql->next_record()) {
$newxuhao = $msql->f('max(xuhao)') + 1;
}
//更新数据
$msql->query("insert into {P}_page set \r\n\tgroupid='{$groupid}',\r\n\ttitle='{$title}',\r\n\tmemo='{$memo}',\r\n\txuhao='{$newxuhao}',\r\n\tpagefolder='{$pagefolder}',\r\n\turl='{$url}',\r\n\tsrc='{$src}',\r\n\tbody='{$body}'\r\n\t");
SayOk($strHtmNotice7, "page.php?groupid=" . $groupid, "");
}
?>
<?php
$msql->query("select max(id) from {P}_page");
if ($msql->next_record()) {
$ftempname = $msql->f('max(id)');
}
?>
<form action="page_add.php" method="post" enctype="multipart/form-data" name="form" id="addPageForm">
<div class="formzone">
<div class="namezone">
<?php
echo $strHtmAdd;
$nowplusid = $_REQUEST["nowplusid"];
if ($step == "2") {
$updatemode = $_POST["updatemode"];
$body = $_POST["body"];
if (strlen($body) > 65000) {
err($strDiyBottomNotice3, "", "");
exit;
}
$body = Url2Path($body);
if ($updatemode == "all") {
$msql->query("update {P}_base_plus set `body`='{$body}' where `pluslable`='modButtomInfo'");
SayOk($strDiyBottomNotice4, "plus_bottomedit.php", "");
exit;
} else {
$msql->query("update {P}_base_plus set `body`='{$body}' where `pluslable`='modButtomInfo' and id='{$nowplusid}'");
SayOk($strDiyBottomNotice5, "plus_bottomedit.php?nowplusid=" . $nowplusid, "");
exit;
}
}
//空时取首页id
if ($nowplusid == "") {
$msql->query("select id from {P}_base_plus where `pluslable`='modButtomInfo' and `plustype`='index' and `pluslocat`='index' limit 0,1");
if ($msql->next_record()) {
$nowplusid = $msql->f('id');
} else {
$fsql->query("select id from {P}_base_plus where `pluslable`='modButtomInfo' order by plustype limit 0,1");
if ($fsql->next_record()) {
$nowplusid = $fsql->f('id');
}
}
}
