function admin_permissions($login, $year) { global $conf_sysadmins, $conf_data_path; $perms = array(); if (!in_array($login, $conf_sysadmins)) { $perms_path = $conf_data_path . "/permissions.json"; if (file_exists($perms_path)) { $all_perms = json_decode(file_get_contents($perms_path), true); $perms = $all_perms[$login]; } if ($conf_zamger) { // Sysadmins can see all courses, other just those they are teachers for require_once "zamger/courses.php"; $tcs = teacher_courses($year); if ($tcs == false) { admin_log("failed to retrieve courses"); niceerror("Neuspješno preuzimanje spiska predmeta"); print "<p>Konekcija na Zamger ne funkcioniše. Probajte logout pa login...</p>\n"; print "</body></html>\n"; return 0; } if (empty($tcs)) { niceerror("Izgleda da nemate status nastavnika niti na jednom predmetu."); return 0; } foreach ($tcs as $tc) { $c9id = "X" . $tc['id'] . "_" . $year; if (!in_array($c9id, $perms)) { $perms[] = $c9id; } } } } return $perms; }
public function remove($pr_id) { if (!$pr_id && ($pr_id = $this->input->get('pr_ids'))) { $pr_id = implode(',', $pr_id); } if (!Validate::isJoinedIntStr($pr_id)) { message('请选择需要删除的职业能力倾向'); } if (ProfessionRelatedModel::removeProfessionRelated($pr_id)) { admin_log('delete', 'vocational_aptitude', $pr_id); message('删除成功', '/admin/vocational_aptitude/index'); } else { message('删除失败', '/admin/vocational_aptitude/index'); } }
public function remove($profession_id) { if (!$profession_id && ($profession_id = $this->input->get('profession_ids'))) { $profession_id = implode(',', $profession_id); } if (!Validate::isJoinedIntStr($profession_id)) { message('请选择需要删除的职业'); } if (ProfessionModel::removeProfession($profession_id)) { admin_log('delete', 'profession', $profession_id); message('删除成功', '/admin/profession/index'); } else { message('删除失败', '/admin/profession/index'); } }
/** * Archive articles (cron task function). * * @param vivvo_lite_site $sm */ function auto_archive($sm) { require_once VIVVO_FS_INSTALL_ROOT . 'lib/vivvo/core/Articles.class.php'; if (VIVVO_ARTICLE_AUTO_ARCHIVE > 0) { $article_list = new Articles_list(); $search_params = array('search_cid' => VIVVO_ARTICLE_AUTO_ARCHIVE_ITEMS, 'search_before_after' => 0, 'search_search_date' => VIVVO_ARTICLE_AUTO_ARCHIVE); $article_list->search($search_params, '', 'ascending', 0, 0, false); require_once VIVVO_FS_FRAMEWORK . 'vivvo_post.php'; $article_list->sql_update_list(new vivvo_post_master(), array('status' => '-1'), null, true); if (defined('VIVVO_CRONJOB_MODE')) { echo 'auto_archive: Finished.' . PHP_EOL; } else { admin_log('(Cron task: Auto Archive)', 'Finished.'); } } }
/** * 修改借款信息状态 * @param integer $id ID * @param integer $status 状态值 * @return boolean */ public function update_status($id, $status) { $data['status'] = $status; if ($status == 'verified' || $status == 'auto_lock') { $data['verified_time'] = time(); } if ($status == 'repayment') { $data['reverified_time'] = time(); } $result = $this->update($id, $data); if ($result) { isset($_SESSION['user']) ? admin_log($_SESSION['user']['username'] . "修改了借款信息状态:将" . $id . '状态修改为:' . $this->status[$status]) : ''; return TRUE; } else { return FALSE; } }
/** * Delete articles (cron task function). * * @param vivvo_lite_site $sm */ function auto_delete($sm) { require_once VIVVO_FS_INSTALL_ROOT . 'lib/vivvo/core/Articles.class.php'; if (VIVVO_ARTICLE_AUTO_DELETE > 0) { $al = new Articles_list($sm); $al->_query->add_where('created < ( DATE_SUB( \'' . date('Y-m-d H:i:s') . '\', INTERVAL ' . VIVVO_ARTICLE_AUTO_DELETE . ' DAY ))'); $al->_query->set_from('`' . VIVVO_DB_PREFIX . 'articles`'); $al->_query->add_fields('*'); $article_params['search_options']['search_cid'] = VIVVO_ARTICLE_AUTO_DELETE_ITEMS; $al->search($article_params['search_options'], '', 'ascending', 0, 0, false); require_once VIVVO_FS_FRAMEWORK . 'vivvo_post.php'; $pm = new vivvo_post_master($sm); $al->sql_delete_list($pm, NULL, true); if (defined('VIVVO_CRONJOB_MODE')) { echo 'auto_delete: Finished.' . PHP_EOL; } else { admin_log('(Cron task: Auto Delete)', 'Finished.'); } } }
function do_restore() { global $config, $plugin_config, $db; $file = $_FILES['file']['tmp_name']; $f = file($file); $first_line = trim($f[0]); $second_line = trim($f[1]); global $t; $t->assign('backup_header', "{$first_line}<br />{$second_line}"); $f = join('', $f); if (!strlen($f)) { fatal_error("Uploaded file is empty!"); } if (!preg_match('/^### aMember Pro .+? database backup/', $first_line)) { fatal_error("Uploaded file is not valid aMember Pro backup"); } foreach (preg_split('/;\\n/', $f) as $sql) { if (strlen($sql)) { $db->query($sql); } } admin_log("Restored from {$first_line}"); }
public function login() { $u = t(v('uname')); $p = t(v('psw')); if (true !== $this->loginCheck($u, $p)) { return ajax_json(array('title' => '登录失败:', 'status' => 1, 'msg' => '用户名或者密码错误!')); } // $p=md5(v('psw')); $sql = "select name from admin_user as u where u.name=" . s($u); $result = get_line($sql); //var_dump($result); if (!$result) { return ajax_json(array('title' => '登录失败:', 'status' => 1, 'msg' => '用户名或者密码错误1!')); } elseif ($result['status'] == 'delete') { return ajax_json(array('title' => '登录失败:', 'status' => 1, 'msg' => '用户已经被封禁!')); } elseif ($result['status'] == 'active') { ss_set('uid', $result['id']); ss_set('email', $result['email']); ss_set('nickname', $result['nickname']); ss_set('uname', $u); admin_log($result['id'], "登录后台管理系统."); return ajax_json(array('title' => '登录成功:', 'status' => 0, 'msg' => '您已成功登录!')); } }
$delete_region[] = $id; $new_region_id = $id; if ($region_type < 6) { for ($i = 1; $i < 6 - $region_type; $i++) { $new_region_id = new_region_id($new_region_id); if (count($new_region_id)) { $delete_region = array_merge($delete_region, $new_region_id); } else { continue; } } } $sql = "DELETE FROM " . $ecs->table("region") . "WHERE region_id" . db_create_in($delete_region); $db->query($sql); if ($exc->drop($id)) { admin_log(addslashes($region['region_name']), 'remove', 'area'); /* 获取地区列表 */ $region_arr = area_list($region['parent_id']); $smarty->assign('region_arr', $region_arr); $smarty->assign('region_type', $region['region_type']); make_json_result($smarty->fetch('area_list.htm')); } else { make_json_error($db->error()); } } function new_region_id($region_id) { $regions_id = array(); if (empty($region_id)) { return $regions_id; }
$sql = "INSERT INTO " . $ecs->table('admin_message') . " (sender_id, receiver_id, sent_time, " . "read_time, readed, deleted, title, message) " . "VALUES ('" . $_SESSION['admin_id'] . "', '{$_POST['receiver_id']}', '" . gmtime() . "', " . "0, '0', '0', '{$_POST['title']}', '{$_POST['message']}')"; $db->query($sql); $link[0]['text'] = $_LANG['back_list']; $link[0]['href'] = 'message.php?act=list'; sys_msg($_LANG['send_msg'] . ' ' . $_LANG['action_succeed'], 0, $link); /* 记录管理员操作 */ admin_log(addslashes($_LANG['send_msg']), 'add', 'admin_message'); } elseif ($_REQUEST['act'] == 'drop_msg') { if (isset($_POST['checkboxes'])) { $count = 0; foreach ($_POST['checkboxes'] as $key => $id) { $sql = "UPDATE " . $ecs->table('admin_message') . " SET " . "deleted = '1'" . "WHERE message_id = '{$id}' AND (sender_id='{$_SESSION['admin_id']}' OR receiver_id='{$_SESSION['admin_id']}')"; $db->query($sql); $count++; } admin_log('', 'remove', 'admin_message'); $link[] = array('text' => $_LANG['back_list'], 'href' => 'message.php?act=list'); sys_msg(sprintf($_LANG['batch_drop_success'], $count), 0, $link); } else { sys_msg($_LANG['no_select_msg'], 1); } } elseif ($_REQUEST['act'] == 'remove') { $id = intval($_GET['id']); $sql = "UPDATE " . $ecs->table('admin_message') . " SET deleted=1 " . " WHERE message_id={$id} AND (sender_id='{$_SESSION['admin_id']}' OR receiver_id='{$_SESSION['admin_id']}')"; $db->query($sql); $url = 'message.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); ecs_header("Location: {$url}\n"); exit; } /** * 获取管理员留言列表
//insert $sql = "insert into " . $ecs->table("teacher") . " (name,sexuality,birthday,\r\n\t\tnational,id_card,phone,email,address,\r\n\t\ttitle,is_header,level,class_code,\r\n\t\tcreated )\r\n\t\tvalues \r\n\t\t\t('" . $_REQUEST["name"] . "','" . $_REQUEST["sexuality"] . "',\r\n\t\t\t'" . $_REQUEST["birthday"] . "','" . $_REQUEST["national"] . "',\r\n\t\t\t'" . $_REQUEST["id_card"] . "','" . $_REQUEST["phone"] . "','" . $_REQUEST["email"] . "',\r\n\t\t\t'" . $_REQUEST["address"] . "','" . $_REQUEST["title"] . "','" . $_REQUEST["is_header"] . "',\r\n\t\t\t'" . $_REQUEST["level"] . "','" . $_SESSION["class_code"] . "',\r\n\t\t\tnow())"; $db->query($sql); admin_log(addslashes($_REQUEST["name"]), 'add', 'teacher'); make_json_result("添加“" . $_REQUEST["name"] . "”成功!"); } else { $sql = "update " . $ecs->table("teacher") . " set name='" . $_REQUEST["name"] . "',\r\n\t\t\tsexuality='" . $_REQUEST["sexuality"] . "',\r\n\t\t\tbirthday='" . $_REQUEST["birthday"] . "',\r\n\t\t\tnational='" . $_REQUEST["national"] . "',\r\n\t\t\tid_card='" . $_REQUEST["id_card"] . "',\r\n\t\t\tphone='" . $_REQUEST["phone"] . "',\r\n\t\t\temail='" . $_REQUEST["email"] . "',\r\n\t\t\taddress='" . $_REQUEST["address"] . "',\r\n\t\t\ttitle='" . $_REQUEST["title"] . "',\r\n\t\t\tis_header='" . $_REQUEST["is_header"] . "',\r\n\t\t\tlevel='" . $_REQUEST["level"] . "'\r\n\t\t\twhere teacher_id=" . $id; $db->query($sql); admin_log(addslashes($_REQUEST["name"]), 'update', 'teacher'); make_json_result("修改“" . $_REQUEST["name"] . "”成功!"); } } elseif ($_REQUEST['act'] == 'ajax_delete') { $id = !empty($_REQUEST['teacher_id']) ? intval($_REQUEST['teacher_id']) : 0; $sql = "delete from " . $ecs->table("teacher") . " where teacher_id=" . $id; $db->query($sql); admin_log($_REQUEST["teacher_id"], 'delete', 'teacher'); make_json_result("删除成功!"); } /** * 返回班级管理员列表数据 * * @access public * @param * * @return void */ function teacher_list() { $result = get_filter(); if ($result === false) { /* 过滤条件 */
/* 检查权限 */ check_authz_json('shop_config'); /* 取得参数 */ $code = trim($_GET['code']); $filename = $_CFG[$code]; //删除文件 @unlink($filename); //更新设置 update_configure($code, ''); /* 记录日志 */ admin_log('', 'edit', 'shop_config'); /* 清除缓存 */ clear_all_files(); sys_msg($_LANG['save_success'], 0); } /** * 设置系统设置 * * @param string $key * @param string $val * * @return boolean
foreach ($order_id_list as $id_order) { /* 检查能否操作 */ $order = order_info('', $id_order); $operable_list = operable_list($order); if (!isset($operable_list['remove'])) { $sn_not_list[] = $id_order; continue; } /* 删除订单 */ $db->query("DELETE FROM " . $ecs->table('order_info') . " WHERE order_id = '{$order['order_id']}'"); $db->query("DELETE FROM " . $ecs->table('order_goods') . " WHERE order_id = '{$order['order_id']}'"); $db->query("DELETE FROM " . $ecs->table('order_action') . " WHERE order_id = '{$order['order_id']}'"); $action_array = array('delivery', 'back'); del_delivery($order['order_id'], $action_array); /* todo 记录日志 */ admin_log($order['order_sn'], 'remove', 'order'); $sn_list[] = $order['order_sn']; } $sn_str = $_LANG['remove_order']; } else { die('invalid params'); } /* 取得备注信息 */ // $action_note = $_REQUEST['action_note']; if (empty($sn_not_list)) { $sn_list = empty($sn_list) ? '' : $_LANG['updated_order'] . join($sn_list, ','); $msg = $sn_list; $links[] = array('text' => $_LANG['return_list'], 'href' => 'order.php?act=list&' . list_link_postfix()); sys_msg($msg, 0, $links); } else { $order_list_no_fail = array();
public function batch_unshenhe() { $ids = $this->input->post('ids'); if (empty($ids) or !is_array($ids)) { message('请选择要取消审核的题目!'); return; } $success = $fail = 0; foreach ($ids as $id) { $this->examine_permission($id); $be_tested = QuestionModel::question_has_test_action($id); $question = QuestionModel::get_question($id); if ($be_tested || !$this->has_question_check($question) || $question['is_original'] != 1 || $question['check'] != 1) { $fail++; continue; } $sql = "update {pre}question set `check`=0 where ques_id='{$id}'"; $return = $this->db->query($sql); if ($return === true) { $liyo = 'unexamine'; admin_log($liyo, 'question', $id); $success++; } else { $fail++; } } $back_url = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'admin/question_external/index'; message('批量操作完成,成功取消审核:' . $success . ' 个,失败:' . $fail . ' 个。', $back_url); }
sys_msg($_LANG['no_select_goods'], 1); } $count = 0; foreach ($_POST['checkboxes'] as $key => $id) { if ($exc->drop($id)) { admin_log($id, 'remove', 'exchange_goods'); $count++; } } $lnk[] = array('text' => $_LANG['back_list'], 'href' => 'exchange_goods.php?act=list'); sys_msg(sprintf($_LANG['batch_remove_succeed'], $count), 0, $lnk); } elseif ($_REQUEST['act'] == 'remove') { check_authz_json('exchange_goods'); $id = intval($_GET['id']); if ($exc->drop($id)) { admin_log($id, 'remove', 'article'); clear_cache_files(); } $url = 'exchange_goods.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); ecs_header("Location: {$url}\n"); exit; } elseif ($_REQUEST['act'] == 'search_goods') { include_once ROOT_PATH . 'includes/cls_json.php'; $json = new JSON(); $filters = $json->decode($_GET['JSON']); $arr = get_goods_list($filters); make_json_result($arr); } /* 获得商品列表 */ function get_exchange_goodslist() {
clear_cache_files(); make_json_result(stripcslashes($val)); } else { make_json_error($db->error()); } } else { make_json_error(sprintf($_LANG['field_name_exist'], htmlspecialchars($val))); } } elseif ($_REQUEST['act'] == 'edit_order') { $id = intval($_REQUEST['id']); $val = isset($_REQUEST['val']) ? json_str_iconv(trim($_REQUEST['val'])) : ''; check_authz_json('reg_fields'); if (is_numeric($val)) { if ($exc->edit("dis_order = '{$val}'", $id)) { /* 管理员日志 */ admin_log($val, 'edit', 'reg_fields'); clear_cache_files(); make_json_result(stripcslashes($val)); } else { make_json_error($db->error()); } } else { make_json_error($_LANG['order_not_num']); } } elseif ($_REQUEST['act'] == 'toggle_dis') { check_authz_json('reg_fields'); $id = intval($_POST['id']); $is_dis = intval($_POST['val']); if ($exc->edit("display = '{$is_dis}'", $id)) { clear_cache_files(); make_json_result($is_dis);
admin_log($ad_name, 'edit', 'ads'); make_json_result(stripslashes($ad_name)); } else { make_json_error($db->error()); } } } elseif ($_REQUEST['act'] == 'remove') { check_authz_json('ad_manage'); $id = intval($_GET['id']); $img = $exc->get_name($id, 'ad_code'); $exc->drop($id); if (strpos($img, 'http://') === false && strpos($img, 'https://') === false) { $img_name = basename($img); @unlink(ROOT_PATH . DATA_DIR . '/afficheimg/' . $img_name); } admin_log('', 'remove', 'ads'); $url = 'ads.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); ecs_header("Location: {$url}\n"); exit; } /* 获取广告数据列表 */ function get_adslist() { /* 过滤查询 */ $pid = !empty($_REQUEST['pid']) ? intval($_REQUEST['pid']) : 0; $filter = array(); $filter['sort_by'] = empty($_REQUEST['sort_by']) ? 'ad.ad_name' : trim($_REQUEST['sort_by']); $filter['sort_order'] = empty($_REQUEST['sort_order']) ? 'DESC' : trim($_REQUEST['sort_order']); $where = 'WHERE 1 '; if ($pid > 0) { $where .= " AND ad.position_id = '{$pid}' ";
make_json_error($_LANG['repeat_area_name']); } /* 更新名称 */ $exc->edit("shipping_area_name = '{$val}'", $id); /* 记录日志 */ admin_log($val, 'edit', 'shipping_area'); /* 返回 */ make_json_result(stripcslashes($val)); } elseif ($_REQUEST['act'] == 'remove_area') { check_authz_json('shiparea_manage'); $id = intval($_GET['id']); $name = $exc->get_name($id); $shipping_id = $exc->get_name($id, 'shipping_id'); $exc->drop($id); $db->query('DELETE FROM ' . $ecs->table('area_region') . ' WHERE shipping_area_id=' . $id); admin_log($name, 'remove', 'shipping_area'); $list = get_shipping_area_list($shipping_id); $smarty->assign('areas', $list); make_json_result($smarty->fetch('shipping_area_list.htm')); } /** * 取得配送区域列表 * @param int $shipping_id 配送id */ function get_shipping_area_list($shipping_id) { $sql = "SELECT * FROM " . $GLOBALS['ecs']->table('shipping_area'); if ($shipping_id > 0) { $sql .= " WHERE shipping_id = '{$shipping_id}'"; } $res = $GLOBALS['db']->query($sql);
case 'remove': $db->query("DELETE FROM " . $ecs->table('feedback') . " WHERE " . db_create_in($_POST['checkboxes'], 'msg_id')); $db->query("DELETE FROM " . $ecs->table('feedback') . " WHERE " . db_create_in($_POST['checkboxes'], 'parent_id')); break; case 'allow': $db->query("UPDATE " . $ecs->table('feedback') . " SET msg_status = 1 WHERE " . db_create_in($_POST['checkboxes'], 'msg_id')); break; case 'deny': $db->query("UPDATE " . $ecs->table('feedback') . " SET msg_status = 0,msg_area =1 WHERE " . db_create_in($_POST['checkboxes'], 'msg_id')); break; default: break; } clear_cache_files(); $action = $action == 'remove' ? 'remove' : 'edit'; admin_log('', $action, 'adminlog'); $link[] = array('text' => $_LANG['back_list'], 'href' => 'user_msg.php?act=list_all'); sys_msg(sprintf($_LANG['batch_drop_success'], count($_POST['checkboxes'])), 0, $link); } else { /* 提示信息 */ $link[] = array('text' => $_LANG['back_list'], 'href' => 'user_msg.php?act=list_all'); sys_msg($_LANG['no_select_comment'], 0, $link); } } elseif ($_REQUEST['act'] == 'view') { $smarty->assign('send_fail', !empty($_REQUEST['send_ok'])); $smarty->assign('msg', get_feedback_detail(intval($_REQUEST['id']))); $smarty->assign('ur_here', $_LANG['reply']); $smarty->assign('action_link', array('text' => $_LANG['08_unreply_msg'], 'href' => 'user_msg.php?act=list_all')); assign_query_info(); $smarty->display('msg_info.htm'); } elseif ($_REQUEST['act'] == 'action') {
// 清除模版缓存 admin_log($ad_height, 'edit', 'ads_position'); make_json_result(stripslashes($ad_height)); } else { make_json_error($db->error()); } } elseif ($_REQUEST['act'] == 'remove') { check_authz_json('ad_manage'); $id = intval($_GET['id']); /* 查询广告位下是否有广告存在 */ $sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('ad') . " WHERE position_id = '{$id}'"; if ($db->getOne($sql) > 0) { make_json_error($_LANG['not_del_adposit']); } else { $exc->drop($id); admin_log('', 'remove', 'ads_position'); } $url = 'ad_position.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); ecs_header("Location: {$url}\n"); exit; } /* 获取广告位置列表 */ function ad_position_list() { $filter = array(); /* 记录总数以及页数 */ $sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table('ad_position'); $filter['record_count'] = $GLOBALS['db']->getOne($sql); $filter = page_and_size($filter); /* 查询数据 */ $arr = array();
} if ($auction['deposit'] <= 0) { sys_msg($_LANG['no_deposit']); } /* 处理保证金 */ $exc->edit("is_finished = 2", $id); // 修改状态 if (isset($_POST['unfreeze'])) { /* 解冻 */ log_account_change($auction['last_bid']['bid_user'], $auction['deposit'], -1 * $auction['deposit'], 0, 0, sprintf($_LANG['unfreeze_auction_deposit'], $auction['act_name'])); } else { /* 扣除 */ log_account_change($auction['last_bid']['bid_user'], 0, -1 * $auction['deposit'], 0, 0, sprintf($_LANG['deduct_auction_deposit'], $auction['act_name'])); } /* 记日志 */ admin_log($auction['act_name'], 'edit', 'auction'); /* 清除缓存 */ clear_cache_files(); /* 提示信息 */ sys_msg($_LANG['settle_deposit_ok']); } elseif ($_REQUEST['act'] == 'search_goods') { check_authz_json('auction'); include_once ROOT_PATH . 'includes/cls_json.php'; $json = new JSON(); $filter = $json->decode($_GET['JSON']); $arr['goods'] = get_goods_list($filter); if (!empty($arr['goods'][0]['goods_id'])) { $arr['products'] = get_good_products($arr['goods'][0]['goods_id']); } make_json_result($arr); } elseif ($_REQUEST['act'] == 'search_products') {
if (brand_exists($brand)) { make_json_error($_LANG['brand_name_exist']); } else { $sql = "INSERT INTO " . $ecs->table('brand') . "(brand_name)" . "VALUES ( '{$brand}')"; $db->query($sql); $brand_id = $db->insert_id(); $arr = array("id" => $brand_id, "brand" => $brand); make_json_result($arr); } } elseif ($_REQUEST['act'] == 'edit_sort_order') { check_authz_json('brand_manage'); $id = intval($_POST['id']); $order = intval($_POST['val']); $name = $exc->get_name($id); if ($exc->edit("sort_order = '{$order}'", $id)) { admin_log(addslashes($name), 'edit', 'brand'); make_json_result($order); } else { make_json_error(sprintf($_LANG['brandedit_fail'], $name)); } } elseif ($_REQUEST['act'] == 'toggle_show') { check_authz_json('brand_manage'); $id = intval($_POST['id']); $val = intval($_POST['val']); $exc->edit("is_show='{$val}'", $id); make_json_result($val); } elseif ($_REQUEST['act'] == 'remove') { check_authz_json('brand_manage'); $id = intval($_GET['id']); /* 删除该品牌的图标 */ $sql = "SELECT brand_logo FROM " . $ecs->table('brand') . " WHERE brand_id = '{$id}'";
} else { make_json_error($db->error()); } } } elseif ($_REQUEST['act'] == 'remove') { check_authz_json('friendlink'); $id = intval($_GET['id']); /* 获取链子LOGO,并删除 */ $link_logo = $exc->get_name($id, "link_logo"); if (strpos($link_logo, 'http://') === false && strpos($link_logo, 'https://') === false) { $img_name = basename($link_logo); @unlink(ROOT_PATH . DATA_DIR . '/afficheimg/' . $img_name); } $exc->drop($id); clear_cache_files(); admin_log('', 'remove', 'friendlink'); $url = 'friend_link.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); ecs_header("Location: {$url}\n"); exit; } elseif ($_REQUEST['act'] == 'edit_show_order') { check_authz_json('friendlink'); $id = intval($_POST['id']); $order = json_str_iconv(trim($_POST['val'])); /* 检查输入的值是否合法 */ if (!preg_match("/^[0-9]+\$/", $order)) { make_json_error(sprintf($_LANG['enter_int'], $order)); } else { if ($exc->edit("show_order = '{$order}'", $id)) { clear_cache_files(); make_json_result(stripslashes($order)); }
$product_array = $GLOBALS['db']->getAll($sql); if (!empty($product_array)) { foreach ($product_array as $value) { $sum += $value['product_number']; } $goods_id = $product_array[0]['goods_id']; /* 删除货品 */ $sql = "DELETE FROM " . $ecs->table('products') . " WHERE product_id {$product_bound}"; if ($db->query($sql)) { //记录日志 admin_log('', 'delete', 'products'); } /* 修改商品库存 */ if (update_goods_stock($goods_id, -$sum)) { //记录日志 admin_log('', 'update', 'goods'); } /* 返回 */ sys_msg($_LANG['product_batch_del_success'], 0, $link); } else { /* 错误 */ sys_msg($_LANG['cannot_found_products'], 1, $link); } } /* 返回 */ sys_msg($_LANG['no_operation'], 1, $link); } elseif ($_REQUEST['act'] == 'agency_add') { //add by hg for date 2014-04-21 代理商添加商品 $code = empty($_REQUEST['extension_code']) ? '' : trim($_REQUEST['extension_code']); $code = $code == 'virtual_card' ? 'virtual_card' : ''; $agency_goods_list = agency_goods_list();
if (!isset($_POST['checkboxes']) || !is_array($_POST['checkboxes'])) { sys_msg($_LANG['no_select_article'], 1); } /* 删除原来的文件 */ $sql = "SELECT file_url FROM " . $ecs->table('article') . " WHERE article_id " . db_create_in(join(',', $_POST['checkboxes'])) . " AND file_url <> ''"; $res = $db->query($sql); while ($row = $db->fetchRow($res)) { $old_url = $row['file_url']; if (strpos($old_url, 'http://') === false && strpos($old_url, 'https://') === false) { @unlink(ROOT_PATH . $old_url); } } foreach ($_POST['checkboxes'] as $key => $id) { if ($exc->drop($id)) { $name = $exc->get_name($id); admin_log(addslashes($name), 'remove', 'article'); } } } /* 批量隐藏 */ if ($_POST['type'] == 'button_hide') { check_authz_json('article_manage'); if (!isset($_POST['checkboxes']) || !is_array($_POST['checkboxes'])) { sys_msg($_LANG['no_select_article'], 1); } foreach ($_POST['checkboxes'] as $key => $id) { $exc->edit("is_open = '0'", $id); } } /* 批量显示 */ if ($_POST['type'] == 'button_show') {
$rank_name = $exc->get_name($rank_id); admin_log(addslashes($rank_name), 'edit', 'user_rank'); clear_cache_files(); make_json_result($val); } else { make_json_error($val); } } elseif ($_REQUEST['act'] == 'toggle_special') { check_authz_json('user_rank'); $rank_id = intval($_POST['id']); $is_special = intval($_POST['val']); if ($exc->edit("special_rank = '{$is_special}'", $rank_id)) { $rank_name = $exc->get_name($rank_id); admin_log(addslashes($rank_name), 'edit', 'user_rank'); make_json_result($is_special); } else { make_json_error($db->error()); } } elseif ($_REQUEST['act'] == 'toggle_showprice') { check_authz_json('user_rank'); $rank_id = intval($_POST['id']); $is_show = intval($_POST['val']); if ($exc->edit("show_price = '{$is_show}'", $rank_id)) { $rank_name = $exc->get_name($rank_id); admin_log(addslashes($rank_name), 'edit', 'user_rank'); clear_cache_files(); make_json_result($is_show); } else { make_json_error($db->error()); } }
/** * 鏇存柊鏍囩? * * @param $name * @param $id * @return void */ function edit_tag($name, $id, $goods_id = '') { $db = $GLOBALS['db']; $sql = 'UPDATE ' . $GLOBALS['ecs']->table('tag') . " SET tag_words = '{$name}'"; if (!empty($goods_id)) { $sql .= ", goods_id = '{$goods_id}'"; } $sql .= " WHERE tag_id = '{$id}'"; $GLOBALS['db']->query($sql); admin_log($name, 'edit', 'tag'); }
$db->query($sql); clear_cache_files(); make_json_result($val); } elseif ($_REQUEST['act'] == 'remove') { check_authz_json('group_by'); $id = intval($_GET['id']); /* 取得团购活动信息 */ $group_buy = group_buy_info($id); /* 如果团购活动已经有订单,不能删除 */ if ($group_buy['valid_order'] > 0) { make_json_error($_LANG['error_exist_order']); } /* 删除团购活动 */ $sql = "DELETE FROM " . $ecs->table('goods_activity') . " WHERE act_id = '{$id}' LIMIT 1"; $db->query($sql); admin_log(addslashes($group_buy['goods_name']) . '[' . $id . ']', 'remove', 'group_buy'); clear_cache_files(); $url = 'group_buy.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); ecs_header("Location: {$url}\n"); exit; } /* * 取得团购活动列表 * @return array */ function group_buy_list() { $result = get_filter(); if ($result === false) { /* 过滤条件 */ $filter['keyword'] = empty($_REQUEST['keyword']) ? '' : trim($_REQUEST['keyword']);
check_authz_json('cat_manage'); /* 初始化分类ID并取得分类名称 */ $cat_id = intval($_GET['id']); $cat_name = $db->getOne('SELECT cat_name FROM ' . $ecs->table('category') . " WHERE cat_id='{$cat_id}'"); /* 当前分类下是否有子分类 */ $cat_count = $db->getOne('SELECT COUNT(*) FROM ' . $ecs->table('category') . " WHERE parent_id='{$cat_id}'"); /* 当前分类下是否存在商品 */ $goods_count = $db->getOne('SELECT COUNT(*) FROM ' . $ecs->table('goods') . " WHERE cat_id='{$cat_id}'"); /* 如果不存在下级子分类和商品,则删除之 */ if ($cat_count == 0 && $goods_count == 0) { /* 删除分类 */ $sql = 'DELETE FROM ' . $ecs->table('category') . " WHERE cat_id = '{$cat_id}'"; if ($db->query($sql)) { $db->query("DELETE FROM " . $ecs->table('nav') . "WHERE ctype = 'c' AND cid = '" . $cat_id . "' AND type = 'middle'"); clear_cache_files(); admin_log($cat_name, 'remove', 'category'); } } else { make_json_error($cat_name . ' ' . $_LANG['cat_isleaf']); } $url = 'category.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']); ecs_header("Location: {$url}\n"); exit; } /*------------------------------------------------------ */ //-- PRIVATE FUNCTIONS /*------------------------------------------------------ */ // ///** // * 检查分类是否已经存在 // *
/** * 添加/编辑客服信息的提交 */ function action_insert_update() { $user = $GLOBALS['user']; $_CFG = $GLOBALS['_CFG']; $_LANG = $GLOBALS['_LANG']; $smarty = $GLOBALS['smarty']; $db = $GLOBALS['db']; $ecs = $GLOBALS['ecs']; $user_id = $_SESSION['user_id']; $user_id = intval($_POST['user_id']); /* 取得客服id */ $cus_id = intval($_POST['cus_id']); $customer = array('supp_id' => -1, 'user_id' => $_POST['user_id'], 'of_username' => $_POST['of_username'], 'cus_name' => $_POST['cus_name'], 'cus_password' => $_POST['cus_password'], 'cus_type' => $_POST['cus_type'], 'cus_enable' => $_POST['cus_enable'], 'cus_desc' => $_POST['cus_desc']); // 判断密码是否为空 if (empty($customer['of_username'])) { sys_msg($_LANG['error_of_username_empty']); } // 判断客服名称是否为空 if (empty($customer['cus_name'])) { sys_msg($_LANG['error_cus_name_empty']); } // 检查聊天系统用户名是否已经绑定了其他管理员账户 if (check_of_username_binding($customer['of_username'], $customer['user_id'])) { sys_msg($_LANG['error_of_username_binding']); } else { // 用户不存在则需要判断密码是否为空 if (!check_of_username_exist($customer['of_username'])) { // 判断密码是否为空 if (empty($customer['cus_password'])) { sys_msg($_LANG['error_password_empty']); } } // 创建活更新聊天系统用户 $create_success = create_of_user($customer['of_username'], $customer['cus_password'], $customer['cus_name'], null, 10, -1); if (!$create_success) { sys_msg($_LANG['error_create_of_user']); } } if (empty($_POST['cus_id'])) { // 检查管理员账户是否存在 if (check_user_id_exist($user_id)) { sys_msg($_LANG['error_user_id_exist']); } $customer['add_time'] = gmtime(); /* insert */ $db->autoExecute($ecs->table('chat_customer'), $customer, 'INSERT'); /* log */ admin_log(addslashes($customer['of_username']), 'add', 'chat_customer'); /* 提示信息 */ $links = array(array('href' => 'customer.php?act=add', 'text' => $_LANG['continue_add']), array('href' => 'customer.php?act=list', 'text' => $_LANG['back_list'])); sys_msg($_LANG['add_success'], 0, $links); } else { // 检查管理员账户是否存在 if (check_user_id_exist($user_id, $cus_id)) { sys_msg($_LANG['error_user_id_exist']); } /* update */ $db->autoExecute($ecs->table('chat_customer'), $customer, 'UPDATE', "cus_id = '{$cus_id}'"); /* log */ admin_log(addslashes($customer['of_username']) . '[' . $cus_id . ']', 'edit', 'chat_customer'); /* 提示信息 */ $links = array(array('href' => 'customer.php?act=list&' . list_link_postfix(), 'text' => $_LANG['back_list'])); sys_msg($_LANG['edit_success'], 0, $links); } /* 显示客服列表页面 */ assign_query_info(); $smarty->display('customer_info.htm'); }