Exemple #1
0
function admin_permissions($login, $year)
{
    global $conf_sysadmins, $conf_data_path;
    $perms = array();
    if (!in_array($login, $conf_sysadmins)) {
        $perms_path = $conf_data_path . "/permissions.json";
        if (file_exists($perms_path)) {
            $all_perms = json_decode(file_get_contents($perms_path), true);
            $perms = $all_perms[$login];
        }
        if ($conf_zamger) {
            // Sysadmins can see all courses, other just those they are teachers for
            require_once "zamger/courses.php";
            $tcs = teacher_courses($year);
            if ($tcs == false) {
                admin_log("failed to retrieve courses");
                niceerror("Neuspješno preuzimanje spiska predmeta");
                print "<p>Konekcija na Zamger ne funkcioniše. Probajte logout pa login...</p>\n";
                print "</body></html>\n";
                return 0;
            }
            if (empty($tcs)) {
                niceerror("Izgleda da nemate status nastavnika niti na jednom predmetu.");
                return 0;
            }
            foreach ($tcs as $tc) {
                $c9id = "X" . $tc['id'] . "_" . $year;
                if (!in_array($c9id, $perms)) {
                    $perms[] = $c9id;
                }
            }
        }
    }
    return $perms;
}
Exemple #2
0
 public function remove($pr_id)
 {
     if (!$pr_id && ($pr_id = $this->input->get('pr_ids'))) {
         $pr_id = implode(',', $pr_id);
     }
     if (!Validate::isJoinedIntStr($pr_id)) {
         message('请选择需要删除的职业能力倾向');
     }
     if (ProfessionRelatedModel::removeProfessionRelated($pr_id)) {
         admin_log('delete', 'vocational_aptitude', $pr_id);
         message('删除成功', '/admin/vocational_aptitude/index');
     } else {
         message('删除失败', '/admin/vocational_aptitude/index');
     }
 }
Exemple #3
0
 public function remove($profession_id)
 {
     if (!$profession_id && ($profession_id = $this->input->get('profession_ids'))) {
         $profession_id = implode(',', $profession_id);
     }
     if (!Validate::isJoinedIntStr($profession_id)) {
         message('请选择需要删除的职业');
     }
     if (ProfessionModel::removeProfession($profession_id)) {
         admin_log('delete', 'profession', $profession_id);
         message('删除成功', '/admin/profession/index');
     } else {
         message('删除失败', '/admin/profession/index');
     }
 }
Exemple #4
0
/**
 * Archive articles (cron task function).
 *
 * @param vivvo_lite_site	$sm
 */
function auto_archive($sm)
{
    require_once VIVVO_FS_INSTALL_ROOT . 'lib/vivvo/core/Articles.class.php';
    if (VIVVO_ARTICLE_AUTO_ARCHIVE > 0) {
        $article_list = new Articles_list();
        $search_params = array('search_cid' => VIVVO_ARTICLE_AUTO_ARCHIVE_ITEMS, 'search_before_after' => 0, 'search_search_date' => VIVVO_ARTICLE_AUTO_ARCHIVE);
        $article_list->search($search_params, '', 'ascending', 0, 0, false);
        require_once VIVVO_FS_FRAMEWORK . 'vivvo_post.php';
        $article_list->sql_update_list(new vivvo_post_master(), array('status' => '-1'), null, true);
        if (defined('VIVVO_CRONJOB_MODE')) {
            echo 'auto_archive: Finished.' . PHP_EOL;
        } else {
            admin_log('(Cron task: Auto Archive)', 'Finished.');
        }
    }
}
Exemple #5
0
 /**
  * 修改借款信息状态
  * @param  integer   $id        ID
  * @param  integer   $status    状态值
  * @return boolean
  */
 public function update_status($id, $status)
 {
     $data['status'] = $status;
     if ($status == 'verified' || $status == 'auto_lock') {
         $data['verified_time'] = time();
     }
     if ($status == 'repayment') {
         $data['reverified_time'] = time();
     }
     $result = $this->update($id, $data);
     if ($result) {
         isset($_SESSION['user']) ? admin_log($_SESSION['user']['username'] . "修改了借款信息状态:将" . $id . '状态修改为:' . $this->status[$status]) : '';
         return TRUE;
     } else {
         return FALSE;
     }
 }
Exemple #6
0
/**
 * Delete articles (cron task function).
 *
 * @param vivvo_lite_site	$sm
 */
function auto_delete($sm)
{
    require_once VIVVO_FS_INSTALL_ROOT . 'lib/vivvo/core/Articles.class.php';
    if (VIVVO_ARTICLE_AUTO_DELETE > 0) {
        $al = new Articles_list($sm);
        $al->_query->add_where('created < ( DATE_SUB( \'' . date('Y-m-d H:i:s') . '\', INTERVAL ' . VIVVO_ARTICLE_AUTO_DELETE . ' DAY ))');
        $al->_query->set_from('`' . VIVVO_DB_PREFIX . 'articles`');
        $al->_query->add_fields('*');
        $article_params['search_options']['search_cid'] = VIVVO_ARTICLE_AUTO_DELETE_ITEMS;
        $al->search($article_params['search_options'], '', 'ascending', 0, 0, false);
        require_once VIVVO_FS_FRAMEWORK . 'vivvo_post.php';
        $pm = new vivvo_post_master($sm);
        $al->sql_delete_list($pm, NULL, true);
        if (defined('VIVVO_CRONJOB_MODE')) {
            echo 'auto_delete: Finished.' . PHP_EOL;
        } else {
            admin_log('(Cron task: Auto Delete)', 'Finished.');
        }
    }
}
Exemple #7
0
function do_restore()
{
    global $config, $plugin_config, $db;
    $file = $_FILES['file']['tmp_name'];
    $f = file($file);
    $first_line = trim($f[0]);
    $second_line = trim($f[1]);
    global $t;
    $t->assign('backup_header', "{$first_line}<br />{$second_line}");
    $f = join('', $f);
    if (!strlen($f)) {
        fatal_error("Uploaded file is empty!");
    }
    if (!preg_match('/^### aMember Pro .+? database backup/', $first_line)) {
        fatal_error("Uploaded file is not valid aMember Pro backup");
    }
    foreach (preg_split('/;\\n/', $f) as $sql) {
        if (strlen($sql)) {
            $db->query($sql);
        }
    }
    admin_log("Restored from {$first_line}");
}
Exemple #8
0
 public function login()
 {
     $u = t(v('uname'));
     $p = t(v('psw'));
     if (true !== $this->loginCheck($u, $p)) {
         return ajax_json(array('title' => '登录失败:', 'status' => 1, 'msg' => '用户名或者密码错误!'));
     }
     //		$p=md5(v('psw'));
     $sql = "select name from admin_user as u where u.name=" . s($u);
     $result = get_line($sql);
     //var_dump($result);
     if (!$result) {
         return ajax_json(array('title' => '登录失败:', 'status' => 1, 'msg' => '用户名或者密码错误1!'));
     } elseif ($result['status'] == 'delete') {
         return ajax_json(array('title' => '登录失败:', 'status' => 1, 'msg' => '用户已经被封禁!'));
     } elseif ($result['status'] == 'active') {
         ss_set('uid', $result['id']);
         ss_set('email', $result['email']);
         ss_set('nickname', $result['nickname']);
         ss_set('uname', $u);
         admin_log($result['id'], "登录后台管理系统.");
         return ajax_json(array('title' => '登录成功:', 'status' => 0, 'msg' => '您已成功登录!'));
     }
 }
Exemple #9
0
    $delete_region[] = $id;
    $new_region_id = $id;
    if ($region_type < 6) {
        for ($i = 1; $i < 6 - $region_type; $i++) {
            $new_region_id = new_region_id($new_region_id);
            if (count($new_region_id)) {
                $delete_region = array_merge($delete_region, $new_region_id);
            } else {
                continue;
            }
        }
    }
    $sql = "DELETE FROM " . $ecs->table("region") . "WHERE region_id" . db_create_in($delete_region);
    $db->query($sql);
    if ($exc->drop($id)) {
        admin_log(addslashes($region['region_name']), 'remove', 'area');
        /* 获取地区列表 */
        $region_arr = area_list($region['parent_id']);
        $smarty->assign('region_arr', $region_arr);
        $smarty->assign('region_type', $region['region_type']);
        make_json_result($smarty->fetch('area_list.htm'));
    } else {
        make_json_error($db->error());
    }
}
function new_region_id($region_id)
{
    $regions_id = array();
    if (empty($region_id)) {
        return $regions_id;
    }
Exemple #10
0
    $sql = "INSERT INTO " . $ecs->table('admin_message') . " (sender_id, receiver_id, sent_time, " . "read_time, readed, deleted, title, message) " . "VALUES ('" . $_SESSION['admin_id'] . "', '{$_POST['receiver_id']}', '" . gmtime() . "', " . "0, '0', '0', '{$_POST['title']}', '{$_POST['message']}')";
    $db->query($sql);
    $link[0]['text'] = $_LANG['back_list'];
    $link[0]['href'] = 'message.php?act=list';
    sys_msg($_LANG['send_msg'] . ' ' . $_LANG['action_succeed'], 0, $link);
    /* 记录管理员操作 */
    admin_log(addslashes($_LANG['send_msg']), 'add', 'admin_message');
} elseif ($_REQUEST['act'] == 'drop_msg') {
    if (isset($_POST['checkboxes'])) {
        $count = 0;
        foreach ($_POST['checkboxes'] as $key => $id) {
            $sql = "UPDATE " . $ecs->table('admin_message') . " SET " . "deleted = '1'" . "WHERE message_id = '{$id}' AND (sender_id='{$_SESSION['admin_id']}' OR receiver_id='{$_SESSION['admin_id']}')";
            $db->query($sql);
            $count++;
        }
        admin_log('', 'remove', 'admin_message');
        $link[] = array('text' => $_LANG['back_list'], 'href' => 'message.php?act=list');
        sys_msg(sprintf($_LANG['batch_drop_success'], $count), 0, $link);
    } else {
        sys_msg($_LANG['no_select_msg'], 1);
    }
} elseif ($_REQUEST['act'] == 'remove') {
    $id = intval($_GET['id']);
    $sql = "UPDATE " . $ecs->table('admin_message') . " SET deleted=1 " . " WHERE message_id={$id} AND (sender_id='{$_SESSION['admin_id']}' OR receiver_id='{$_SESSION['admin_id']}')";
    $db->query($sql);
    $url = 'message.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
    ecs_header("Location: {$url}\n");
    exit;
}
/**
 *  获取管理员留言列表
Exemple #11
0
        //insert
        $sql = "insert into " . $ecs->table("teacher") . " (name,sexuality,birthday,\r\n\t\tnational,id_card,phone,email,address,\r\n\t\ttitle,is_header,level,class_code,\r\n\t\tcreated )\r\n\t\tvalues \r\n\t\t\t('" . $_REQUEST["name"] . "','" . $_REQUEST["sexuality"] . "',\r\n\t\t\t'" . $_REQUEST["birthday"] . "','" . $_REQUEST["national"] . "',\r\n\t\t\t'" . $_REQUEST["id_card"] . "','" . $_REQUEST["phone"] . "','" . $_REQUEST["email"] . "',\r\n\t\t\t'" . $_REQUEST["address"] . "','" . $_REQUEST["title"] . "','" . $_REQUEST["is_header"] . "',\r\n\t\t\t'" . $_REQUEST["level"] . "','" . $_SESSION["class_code"] . "',\r\n\t\t\tnow())";
        $db->query($sql);
        admin_log(addslashes($_REQUEST["name"]), 'add', 'teacher');
        make_json_result("添加“" . $_REQUEST["name"] . "”成功!");
    } else {
        $sql = "update " . $ecs->table("teacher") . " set name='" . $_REQUEST["name"] . "',\r\n\t\t\tsexuality='" . $_REQUEST["sexuality"] . "',\r\n\t\t\tbirthday='" . $_REQUEST["birthday"] . "',\r\n\t\t\tnational='" . $_REQUEST["national"] . "',\r\n\t\t\tid_card='" . $_REQUEST["id_card"] . "',\r\n\t\t\tphone='" . $_REQUEST["phone"] . "',\r\n\t\t\temail='" . $_REQUEST["email"] . "',\r\n\t\t\taddress='" . $_REQUEST["address"] . "',\r\n\t\t\ttitle='" . $_REQUEST["title"] . "',\r\n\t\t\tis_header='" . $_REQUEST["is_header"] . "',\r\n\t\t\tlevel='" . $_REQUEST["level"] . "'\r\n\t\t\twhere teacher_id=" . $id;
        $db->query($sql);
        admin_log(addslashes($_REQUEST["name"]), 'update', 'teacher');
        make_json_result("修改“" . $_REQUEST["name"] . "”成功!");
    }
} elseif ($_REQUEST['act'] == 'ajax_delete') {
    $id = !empty($_REQUEST['teacher_id']) ? intval($_REQUEST['teacher_id']) : 0;
    $sql = "delete from " . $ecs->table("teacher") . " where teacher_id=" . $id;
    $db->query($sql);
    admin_log($_REQUEST["teacher_id"], 'delete', 'teacher');
    make_json_result("删除成功!");
}
/**
 *  返回班级管理员列表数据
 *
 * @access  public
 * @param
 *
 * @return void
 */
function teacher_list()
{
    $result = get_filter();
    if ($result === false) {
        /* 过滤条件 */
Exemple #12
0
    /* 检查权限 */
    check_authz_json('shop_config');

    /* 取得参数 */
    $code          = trim($_GET['code']);

    $filename = $_CFG[$code];

    //删除文件
    @unlink($filename);

    //更新设置
    update_configure($code, '');

    /* 记录日志 */
    admin_log('', 'edit', 'shop_config');

    /* 清除缓存 */
    clear_all_files();

    sys_msg($_LANG['save_success'], 0);

}

/**
 * 设置系统设置
 *
 * @param   string  $key
 * @param   string  $val
 *
 * @return  boolean
Exemple #13
0
     foreach ($order_id_list as $id_order) {
         /* 检查能否操作 */
         $order = order_info('', $id_order);
         $operable_list = operable_list($order);
         if (!isset($operable_list['remove'])) {
             $sn_not_list[] = $id_order;
             continue;
         }
         /* 删除订单 */
         $db->query("DELETE FROM " . $ecs->table('order_info') . " WHERE order_id = '{$order['order_id']}'");
         $db->query("DELETE FROM " . $ecs->table('order_goods') . " WHERE order_id = '{$order['order_id']}'");
         $db->query("DELETE FROM " . $ecs->table('order_action') . " WHERE order_id = '{$order['order_id']}'");
         $action_array = array('delivery', 'back');
         del_delivery($order['order_id'], $action_array);
         /* todo 记录日志 */
         admin_log($order['order_sn'], 'remove', 'order');
         $sn_list[] = $order['order_sn'];
     }
     $sn_str = $_LANG['remove_order'];
 } else {
     die('invalid params');
 }
 /* 取得备注信息 */
 //    $action_note = $_REQUEST['action_note'];
 if (empty($sn_not_list)) {
     $sn_list = empty($sn_list) ? '' : $_LANG['updated_order'] . join($sn_list, ',');
     $msg = $sn_list;
     $links[] = array('text' => $_LANG['return_list'], 'href' => 'order.php?act=list&' . list_link_postfix());
     sys_msg($msg, 0, $links);
 } else {
     $order_list_no_fail = array();
Exemple #14
0
 public function batch_unshenhe()
 {
     $ids = $this->input->post('ids');
     if (empty($ids) or !is_array($ids)) {
         message('请选择要取消审核的题目!');
         return;
     }
     $success = $fail = 0;
     foreach ($ids as $id) {
         $this->examine_permission($id);
         $be_tested = QuestionModel::question_has_test_action($id);
         $question = QuestionModel::get_question($id);
         if ($be_tested || !$this->has_question_check($question) || $question['is_original'] != 1 || $question['check'] != 1) {
             $fail++;
             continue;
         }
         $sql = "update {pre}question set `check`=0 where ques_id='{$id}'";
         $return = $this->db->query($sql);
         if ($return === true) {
             $liyo = 'unexamine';
             admin_log($liyo, 'question', $id);
             $success++;
         } else {
             $fail++;
         }
     }
     $back_url = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'admin/question_external/index';
     message('批量操作完成,成功取消审核:' . $success . ' 个,失败:' . $fail . ' 个。', $back_url);
 }
Exemple #15
0
        sys_msg($_LANG['no_select_goods'], 1);
    }
    $count = 0;
    foreach ($_POST['checkboxes'] as $key => $id) {
        if ($exc->drop($id)) {
            admin_log($id, 'remove', 'exchange_goods');
            $count++;
        }
    }
    $lnk[] = array('text' => $_LANG['back_list'], 'href' => 'exchange_goods.php?act=list');
    sys_msg(sprintf($_LANG['batch_remove_succeed'], $count), 0, $lnk);
} elseif ($_REQUEST['act'] == 'remove') {
    check_authz_json('exchange_goods');
    $id = intval($_GET['id']);
    if ($exc->drop($id)) {
        admin_log($id, 'remove', 'article');
        clear_cache_files();
    }
    $url = 'exchange_goods.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
    ecs_header("Location: {$url}\n");
    exit;
} elseif ($_REQUEST['act'] == 'search_goods') {
    include_once ROOT_PATH . 'includes/cls_json.php';
    $json = new JSON();
    $filters = $json->decode($_GET['JSON']);
    $arr = get_goods_list($filters);
    make_json_result($arr);
}
/* 获得商品列表 */
function get_exchange_goodslist()
{
Exemple #16
0
            clear_cache_files();
            make_json_result(stripcslashes($val));
        } else {
            make_json_error($db->error());
        }
    } else {
        make_json_error(sprintf($_LANG['field_name_exist'], htmlspecialchars($val)));
    }
} elseif ($_REQUEST['act'] == 'edit_order') {
    $id = intval($_REQUEST['id']);
    $val = isset($_REQUEST['val']) ? json_str_iconv(trim($_REQUEST['val'])) : '';
    check_authz_json('reg_fields');
    if (is_numeric($val)) {
        if ($exc->edit("dis_order = '{$val}'", $id)) {
            /* 管理员日志 */
            admin_log($val, 'edit', 'reg_fields');
            clear_cache_files();
            make_json_result(stripcslashes($val));
        } else {
            make_json_error($db->error());
        }
    } else {
        make_json_error($_LANG['order_not_num']);
    }
} elseif ($_REQUEST['act'] == 'toggle_dis') {
    check_authz_json('reg_fields');
    $id = intval($_POST['id']);
    $is_dis = intval($_POST['val']);
    if ($exc->edit("display = '{$is_dis}'", $id)) {
        clear_cache_files();
        make_json_result($is_dis);
Exemple #17
0
            admin_log($ad_name, 'edit', 'ads');
            make_json_result(stripslashes($ad_name));
        } else {
            make_json_error($db->error());
        }
    }
} elseif ($_REQUEST['act'] == 'remove') {
    check_authz_json('ad_manage');
    $id = intval($_GET['id']);
    $img = $exc->get_name($id, 'ad_code');
    $exc->drop($id);
    if (strpos($img, 'http://') === false && strpos($img, 'https://') === false) {
        $img_name = basename($img);
        @unlink(ROOT_PATH . DATA_DIR . '/afficheimg/' . $img_name);
    }
    admin_log('', 'remove', 'ads');
    $url = 'ads.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
    ecs_header("Location: {$url}\n");
    exit;
}
/* 获取广告数据列表 */
function get_adslist()
{
    /* 过滤查询 */
    $pid = !empty($_REQUEST['pid']) ? intval($_REQUEST['pid']) : 0;
    $filter = array();
    $filter['sort_by'] = empty($_REQUEST['sort_by']) ? 'ad.ad_name' : trim($_REQUEST['sort_by']);
    $filter['sort_order'] = empty($_REQUEST['sort_order']) ? 'DESC' : trim($_REQUEST['sort_order']);
    $where = 'WHERE 1 ';
    if ($pid > 0) {
        $where .= " AND ad.position_id = '{$pid}' ";
Exemple #18
0
        make_json_error($_LANG['repeat_area_name']);
    }
    /* 更新名称 */
    $exc->edit("shipping_area_name = '{$val}'", $id);
    /* 记录日志 */
    admin_log($val, 'edit', 'shipping_area');
    /* 返回 */
    make_json_result(stripcslashes($val));
} elseif ($_REQUEST['act'] == 'remove_area') {
    check_authz_json('shiparea_manage');
    $id = intval($_GET['id']);
    $name = $exc->get_name($id);
    $shipping_id = $exc->get_name($id, 'shipping_id');
    $exc->drop($id);
    $db->query('DELETE FROM ' . $ecs->table('area_region') . ' WHERE shipping_area_id=' . $id);
    admin_log($name, 'remove', 'shipping_area');
    $list = get_shipping_area_list($shipping_id);
    $smarty->assign('areas', $list);
    make_json_result($smarty->fetch('shipping_area_list.htm'));
}
/**
 * 取得配送区域列表
 * @param   int     $shipping_id    配送id
 */
function get_shipping_area_list($shipping_id)
{
    $sql = "SELECT * FROM " . $GLOBALS['ecs']->table('shipping_area');
    if ($shipping_id > 0) {
        $sql .= " WHERE shipping_id = '{$shipping_id}'";
    }
    $res = $GLOBALS['db']->query($sql);
Exemple #19
0
            case 'remove':
                $db->query("DELETE FROM " . $ecs->table('feedback') . " WHERE " . db_create_in($_POST['checkboxes'], 'msg_id'));
                $db->query("DELETE FROM " . $ecs->table('feedback') . " WHERE " . db_create_in($_POST['checkboxes'], 'parent_id'));
                break;
            case 'allow':
                $db->query("UPDATE " . $ecs->table('feedback') . " SET msg_status = 1  WHERE " . db_create_in($_POST['checkboxes'], 'msg_id'));
                break;
            case 'deny':
                $db->query("UPDATE " . $ecs->table('feedback') . " SET msg_status = 0,msg_area =1  WHERE " . db_create_in($_POST['checkboxes'], 'msg_id'));
                break;
            default:
                break;
        }
        clear_cache_files();
        $action = $action == 'remove' ? 'remove' : 'edit';
        admin_log('', $action, 'adminlog');
        $link[] = array('text' => $_LANG['back_list'], 'href' => 'user_msg.php?act=list_all');
        sys_msg(sprintf($_LANG['batch_drop_success'], count($_POST['checkboxes'])), 0, $link);
    } else {
        /* 提示信息 */
        $link[] = array('text' => $_LANG['back_list'], 'href' => 'user_msg.php?act=list_all');
        sys_msg($_LANG['no_select_comment'], 0, $link);
    }
} elseif ($_REQUEST['act'] == 'view') {
    $smarty->assign('send_fail', !empty($_REQUEST['send_ok']));
    $smarty->assign('msg', get_feedback_detail(intval($_REQUEST['id'])));
    $smarty->assign('ur_here', $_LANG['reply']);
    $smarty->assign('action_link', array('text' => $_LANG['08_unreply_msg'], 'href' => 'user_msg.php?act=list_all'));
    assign_query_info();
    $smarty->display('msg_info.htm');
} elseif ($_REQUEST['act'] == 'action') {
Exemple #20
0
        // 清除模版缓存
        admin_log($ad_height, 'edit', 'ads_position');
        make_json_result(stripslashes($ad_height));
    } else {
        make_json_error($db->error());
    }
} elseif ($_REQUEST['act'] == 'remove') {
    check_authz_json('ad_manage');
    $id = intval($_GET['id']);
    /* 查询广告位下是否有广告存在 */
    $sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('ad') . " WHERE position_id = '{$id}'";
    if ($db->getOne($sql) > 0) {
        make_json_error($_LANG['not_del_adposit']);
    } else {
        $exc->drop($id);
        admin_log('', 'remove', 'ads_position');
    }
    $url = 'ad_position.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
    ecs_header("Location: {$url}\n");
    exit;
}
/* 获取广告位置列表 */
function ad_position_list()
{
    $filter = array();
    /* 记录总数以及页数 */
    $sql = 'SELECT COUNT(*) FROM ' . $GLOBALS['ecs']->table('ad_position');
    $filter['record_count'] = $GLOBALS['db']->getOne($sql);
    $filter = page_and_size($filter);
    /* 查询数据 */
    $arr = array();
Exemple #21
0
    }
    if ($auction['deposit'] <= 0) {
        sys_msg($_LANG['no_deposit']);
    }
    /* 处理保证金 */
    $exc->edit("is_finished = 2", $id);
    // 修改状态
    if (isset($_POST['unfreeze'])) {
        /* 解冻 */
        log_account_change($auction['last_bid']['bid_user'], $auction['deposit'], -1 * $auction['deposit'], 0, 0, sprintf($_LANG['unfreeze_auction_deposit'], $auction['act_name']));
    } else {
        /* 扣除 */
        log_account_change($auction['last_bid']['bid_user'], 0, -1 * $auction['deposit'], 0, 0, sprintf($_LANG['deduct_auction_deposit'], $auction['act_name']));
    }
    /* 记日志 */
    admin_log($auction['act_name'], 'edit', 'auction');
    /* 清除缓存 */
    clear_cache_files();
    /* 提示信息 */
    sys_msg($_LANG['settle_deposit_ok']);
} elseif ($_REQUEST['act'] == 'search_goods') {
    check_authz_json('auction');
    include_once ROOT_PATH . 'includes/cls_json.php';
    $json = new JSON();
    $filter = $json->decode($_GET['JSON']);
    $arr['goods'] = get_goods_list($filter);
    if (!empty($arr['goods'][0]['goods_id'])) {
        $arr['products'] = get_good_products($arr['goods'][0]['goods_id']);
    }
    make_json_result($arr);
} elseif ($_REQUEST['act'] == 'search_products') {
Exemple #22
0
    if (brand_exists($brand)) {
        make_json_error($_LANG['brand_name_exist']);
    } else {
        $sql = "INSERT INTO " . $ecs->table('brand') . "(brand_name)" . "VALUES ( '{$brand}')";
        $db->query($sql);
        $brand_id = $db->insert_id();
        $arr = array("id" => $brand_id, "brand" => $brand);
        make_json_result($arr);
    }
} elseif ($_REQUEST['act'] == 'edit_sort_order') {
    check_authz_json('brand_manage');
    $id = intval($_POST['id']);
    $order = intval($_POST['val']);
    $name = $exc->get_name($id);
    if ($exc->edit("sort_order = '{$order}'", $id)) {
        admin_log(addslashes($name), 'edit', 'brand');
        make_json_result($order);
    } else {
        make_json_error(sprintf($_LANG['brandedit_fail'], $name));
    }
} elseif ($_REQUEST['act'] == 'toggle_show') {
    check_authz_json('brand_manage');
    $id = intval($_POST['id']);
    $val = intval($_POST['val']);
    $exc->edit("is_show='{$val}'", $id);
    make_json_result($val);
} elseif ($_REQUEST['act'] == 'remove') {
    check_authz_json('brand_manage');
    $id = intval($_GET['id']);
    /* 删除该品牌的图标 */
    $sql = "SELECT brand_logo FROM " . $ecs->table('brand') . " WHERE brand_id = '{$id}'";
Exemple #23
0
        } else {
            make_json_error($db->error());
        }
    }
} elseif ($_REQUEST['act'] == 'remove') {
    check_authz_json('friendlink');
    $id = intval($_GET['id']);
    /* 获取链子LOGO,并删除 */
    $link_logo = $exc->get_name($id, "link_logo");
    if (strpos($link_logo, 'http://') === false && strpos($link_logo, 'https://') === false) {
        $img_name = basename($link_logo);
        @unlink(ROOT_PATH . DATA_DIR . '/afficheimg/' . $img_name);
    }
    $exc->drop($id);
    clear_cache_files();
    admin_log('', 'remove', 'friendlink');
    $url = 'friend_link.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
    ecs_header("Location: {$url}\n");
    exit;
} elseif ($_REQUEST['act'] == 'edit_show_order') {
    check_authz_json('friendlink');
    $id = intval($_POST['id']);
    $order = json_str_iconv(trim($_POST['val']));
    /* 检查输入的值是否合法 */
    if (!preg_match("/^[0-9]+\$/", $order)) {
        make_json_error(sprintf($_LANG['enter_int'], $order));
    } else {
        if ($exc->edit("show_order = '{$order}'", $id)) {
            clear_cache_files();
            make_json_result(stripslashes($order));
        }
Exemple #24
0
        $product_array = $GLOBALS['db']->getAll($sql);
        if (!empty($product_array)) {
            foreach ($product_array as $value) {
                $sum += $value['product_number'];
            }
            $goods_id = $product_array[0]['goods_id'];
            /* 删除货品 */
            $sql = "DELETE FROM " . $ecs->table('products') . " WHERE product_id {$product_bound}";
            if ($db->query($sql)) {
                //记录日志
                admin_log('', 'delete', 'products');
            }
            /* 修改商品库存 */
            if (update_goods_stock($goods_id, -$sum)) {
                //记录日志
                admin_log('', 'update', 'goods');
            }
            /* 返回 */
            sys_msg($_LANG['product_batch_del_success'], 0, $link);
        } else {
            /* 错误 */
            sys_msg($_LANG['cannot_found_products'], 1, $link);
        }
    }
    /* 返回 */
    sys_msg($_LANG['no_operation'], 1, $link);
} elseif ($_REQUEST['act'] == 'agency_add') {
    //add by hg for date 2014-04-21 代理商添加商品
    $code = empty($_REQUEST['extension_code']) ? '' : trim($_REQUEST['extension_code']);
    $code = $code == 'virtual_card' ? 'virtual_card' : '';
    $agency_goods_list = agency_goods_list();
Exemple #25
0
     if (!isset($_POST['checkboxes']) || !is_array($_POST['checkboxes'])) {
         sys_msg($_LANG['no_select_article'], 1);
     }
     /* 删除原来的文件 */
     $sql = "SELECT file_url FROM " . $ecs->table('article') . " WHERE article_id " . db_create_in(join(',', $_POST['checkboxes'])) . " AND file_url <> ''";
     $res = $db->query($sql);
     while ($row = $db->fetchRow($res)) {
         $old_url = $row['file_url'];
         if (strpos($old_url, 'http://') === false && strpos($old_url, 'https://') === false) {
             @unlink(ROOT_PATH . $old_url);
         }
     }
     foreach ($_POST['checkboxes'] as $key => $id) {
         if ($exc->drop($id)) {
             $name = $exc->get_name($id);
             admin_log(addslashes($name), 'remove', 'article');
         }
     }
 }
 /* 批量隐藏 */
 if ($_POST['type'] == 'button_hide') {
     check_authz_json('article_manage');
     if (!isset($_POST['checkboxes']) || !is_array($_POST['checkboxes'])) {
         sys_msg($_LANG['no_select_article'], 1);
     }
     foreach ($_POST['checkboxes'] as $key => $id) {
         $exc->edit("is_open = '0'", $id);
     }
 }
 /* 批量显示 */
 if ($_POST['type'] == 'button_show') {
Exemple #26
0
        $rank_name = $exc->get_name($rank_id);
        admin_log(addslashes($rank_name), 'edit', 'user_rank');
        clear_cache_files();
        make_json_result($val);
    } else {
        make_json_error($val);
    }
} elseif ($_REQUEST['act'] == 'toggle_special') {
    check_authz_json('user_rank');
    $rank_id = intval($_POST['id']);
    $is_special = intval($_POST['val']);
    if ($exc->edit("special_rank = '{$is_special}'", $rank_id)) {
        $rank_name = $exc->get_name($rank_id);
        admin_log(addslashes($rank_name), 'edit', 'user_rank');
        make_json_result($is_special);
    } else {
        make_json_error($db->error());
    }
} elseif ($_REQUEST['act'] == 'toggle_showprice') {
    check_authz_json('user_rank');
    $rank_id = intval($_POST['id']);
    $is_show = intval($_POST['val']);
    if ($exc->edit("show_price = '{$is_show}'", $rank_id)) {
        $rank_name = $exc->get_name($rank_id);
        admin_log(addslashes($rank_name), 'edit', 'user_rank');
        clear_cache_files();
        make_json_result($is_show);
    } else {
        make_json_error($db->error());
    }
}
Exemple #27
0
/**
 * 鏇存柊鏍囩?
 *
 * @param  $name
 * @param  $id
 * @return void
 */
function edit_tag($name, $id, $goods_id = '')
{
    $db = $GLOBALS['db'];
    $sql = 'UPDATE ' . $GLOBALS['ecs']->table('tag') . " SET tag_words = '{$name}'";
    if (!empty($goods_id)) {
        $sql .= ", goods_id = '{$goods_id}'";
    }
    $sql .= " WHERE tag_id = '{$id}'";
    $GLOBALS['db']->query($sql);
    admin_log($name, 'edit', 'tag');
}
Exemple #28
0
    $db->query($sql);
    clear_cache_files();
    make_json_result($val);
} elseif ($_REQUEST['act'] == 'remove') {
    check_authz_json('group_by');
    $id = intval($_GET['id']);
    /* 取得团购活动信息 */
    $group_buy = group_buy_info($id);
    /* 如果团购活动已经有订单,不能删除 */
    if ($group_buy['valid_order'] > 0) {
        make_json_error($_LANG['error_exist_order']);
    }
    /* 删除团购活动 */
    $sql = "DELETE FROM " . $ecs->table('goods_activity') . " WHERE act_id = '{$id}' LIMIT 1";
    $db->query($sql);
    admin_log(addslashes($group_buy['goods_name']) . '[' . $id . ']', 'remove', 'group_buy');
    clear_cache_files();
    $url = 'group_buy.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
    ecs_header("Location: {$url}\n");
    exit;
}
/*
 * 取得团购活动列表
 * @return   array
 */
function group_buy_list()
{
    $result = get_filter();
    if ($result === false) {
        /* 过滤条件 */
        $filter['keyword'] = empty($_REQUEST['keyword']) ? '' : trim($_REQUEST['keyword']);
Exemple #29
0
    check_authz_json('cat_manage');
    /* 初始化分类ID并取得分类名称 */
    $cat_id = intval($_GET['id']);
    $cat_name = $db->getOne('SELECT cat_name FROM ' . $ecs->table('category') . " WHERE cat_id='{$cat_id}'");
    /* 当前分类下是否有子分类 */
    $cat_count = $db->getOne('SELECT COUNT(*) FROM ' . $ecs->table('category') . " WHERE parent_id='{$cat_id}'");
    /* 当前分类下是否存在商品 */
    $goods_count = $db->getOne('SELECT COUNT(*) FROM ' . $ecs->table('goods') . " WHERE cat_id='{$cat_id}'");
    /* 如果不存在下级子分类和商品,则删除之 */
    if ($cat_count == 0 && $goods_count == 0) {
        /* 删除分类 */
        $sql = 'DELETE FROM ' . $ecs->table('category') . " WHERE cat_id = '{$cat_id}'";
        if ($db->query($sql)) {
            $db->query("DELETE FROM " . $ecs->table('nav') . "WHERE ctype = 'c' AND cid = '" . $cat_id . "' AND type = 'middle'");
            clear_cache_files();
            admin_log($cat_name, 'remove', 'category');
        }
    } else {
        make_json_error($cat_name . ' ' . $_LANG['cat_isleaf']);
    }
    $url = 'category.php?act=query&' . str_replace('act=remove', '', $_SERVER['QUERY_STRING']);
    ecs_header("Location: {$url}\n");
    exit;
}
/*------------------------------------------------------ */
//-- PRIVATE FUNCTIONS
/*------------------------------------------------------ */
//
///**
// * 检查分类是否已经存在
// *
Exemple #30
0
/**
 * 添加/编辑客服信息的提交
 */
function action_insert_update()
{
    $user = $GLOBALS['user'];
    $_CFG = $GLOBALS['_CFG'];
    $_LANG = $GLOBALS['_LANG'];
    $smarty = $GLOBALS['smarty'];
    $db = $GLOBALS['db'];
    $ecs = $GLOBALS['ecs'];
    $user_id = $_SESSION['user_id'];
    $user_id = intval($_POST['user_id']);
    /* 取得客服id */
    $cus_id = intval($_POST['cus_id']);
    $customer = array('supp_id' => -1, 'user_id' => $_POST['user_id'], 'of_username' => $_POST['of_username'], 'cus_name' => $_POST['cus_name'], 'cus_password' => $_POST['cus_password'], 'cus_type' => $_POST['cus_type'], 'cus_enable' => $_POST['cus_enable'], 'cus_desc' => $_POST['cus_desc']);
    // 判断密码是否为空
    if (empty($customer['of_username'])) {
        sys_msg($_LANG['error_of_username_empty']);
    }
    // 判断客服名称是否为空
    if (empty($customer['cus_name'])) {
        sys_msg($_LANG['error_cus_name_empty']);
    }
    // 检查聊天系统用户名是否已经绑定了其他管理员账户
    if (check_of_username_binding($customer['of_username'], $customer['user_id'])) {
        sys_msg($_LANG['error_of_username_binding']);
    } else {
        // 用户不存在则需要判断密码是否为空
        if (!check_of_username_exist($customer['of_username'])) {
            // 判断密码是否为空
            if (empty($customer['cus_password'])) {
                sys_msg($_LANG['error_password_empty']);
            }
        }
        // 创建活更新聊天系统用户
        $create_success = create_of_user($customer['of_username'], $customer['cus_password'], $customer['cus_name'], null, 10, -1);
        if (!$create_success) {
            sys_msg($_LANG['error_create_of_user']);
        }
    }
    if (empty($_POST['cus_id'])) {
        // 检查管理员账户是否存在
        if (check_user_id_exist($user_id)) {
            sys_msg($_LANG['error_user_id_exist']);
        }
        $customer['add_time'] = gmtime();
        /* insert */
        $db->autoExecute($ecs->table('chat_customer'), $customer, 'INSERT');
        /* log */
        admin_log(addslashes($customer['of_username']), 'add', 'chat_customer');
        /* 提示信息 */
        $links = array(array('href' => 'customer.php?act=add', 'text' => $_LANG['continue_add']), array('href' => 'customer.php?act=list', 'text' => $_LANG['back_list']));
        sys_msg($_LANG['add_success'], 0, $links);
    } else {
        // 检查管理员账户是否存在
        if (check_user_id_exist($user_id, $cus_id)) {
            sys_msg($_LANG['error_user_id_exist']);
        }
        /* update */
        $db->autoExecute($ecs->table('chat_customer'), $customer, 'UPDATE', "cus_id = '{$cus_id}'");
        /* log */
        admin_log(addslashes($customer['of_username']) . '[' . $cus_id . ']', 'edit', 'chat_customer');
        /* 提示信息 */
        $links = array(array('href' => 'customer.php?act=list&' . list_link_postfix(), 'text' => $_LANG['back_list']));
        sys_msg($_LANG['edit_success'], 0, $links);
    }
    /* 显示客服列表页面 */
    assign_query_info();
    $smarty->display('customer_info.htm');
}