Exemple #1
0
function get_sqlfile_info($file)
{
    $file_info = array('74cms_ver' => '', 'mysql_ver' => '', 'add_time' => '');
    if (!($fp = @fopen($file, 'rb'))) {
        adminmsg("打开文件{$file}失败", 0);
    }
    $str = fread($fp, 200);
    @fclose($fp);
    $arr = explode("\n", $str);
    foreach ($arr as $val) {
        $pos = strpos($val, ':');
        if ($pos > 0) {
            $type = trim(substr($val, 0, $pos), "-\n\r\t ");
            $value = trim(substr($val, $pos + 1), "/\n\r\t ");
            if ($type == '74CMS VERSION') {
                $file_info['74cms_ver'] = $value;
            } elseif ($type == 'Mysql VERSION') {
                $file_info['mysql_ver'] = substr($value, 0, 3);
            } elseif ($type == 'Create time') {
                $file_info['add_time'] = $value;
            }
        }
    }
    return $file_info;
}
Exemple #2
0
 function checkTags($tags)
 {
     $tmpTags = explode(',', $tags);
     foreach ($tmpTags as $value) {
         $tagLength = strlen(trim($value));
         ($tagLength > 15 || $tagLength < 3) && adminmsg('标签的长度请控制在 3-15 个字节之间', $basename);
     }
     return $tmpTags;
 }
Exemple #3
0
 function _checkData()
 {
     $title = trim($this->_rateconfig['title']);
     $icon = trim($this->_rateconfig['icon']);
     $typeid = in_array($this->_rateconfig['typeid'], array(1, 2, 3)) ? $this->_rateconfig['typeid'] : 1;
     $isopen = in_array($this->_rateconfig['isopen'], array(1, 0)) ? $this->_rateconfig['isopen'] : 1;
     $jumpUrl = $this->_getDefaultUrl() . "&typeid=" . $typeid;
     if ($title == "" || $icon == "") {
         adminmsg("对不起,标题或图标不能为空不能为空", $jumpUrl);
     }
     if (strlen($title) > 6) {
         adminmsg("对不起,标题长度不能大于6个字节", $jumpUrl);
     }
     $iconExt = substr($icon, strrpos($icon, ".") + 1);
     if (!in_array($iconExt, array("gif", "png", "jpg", "jpeg"))) {
         adminmsg("对不起,图标格式不正确,请确定后缀是gif,png,jpg或jpeg", $jumpUrl);
     }
     return array($title, $icon, $typeid, $isopen, $jumpUrl);
 }
Exemple #4
0
function _asUpFiles($dir, $file_var, $max_size = '', $type = '', $name = false)
{
    if (!file_exists($dir)) {
        adminmsg("上传图片失败:上传目录 " . $dir . " 不存在!", 0);
    }
    if (!is_writable($dir)) {
        adminmsg("上传图片失败:上传目录 " . $dir . " 无法写入!", 0);
        exit;
    }
    $upfile =& $_FILES["{$file_var}"];
    $upfilename = $upfile['name'];
    if (!($upfilename === '')) {
        if (!is_uploaded_file($upfile['tmp_name'])) {
            adminmsg('上传图片失败:你选择的文件无法上传', 0);
            exit;
        }
        if ($max_size > 0 && $upfile['size'] / 1024 > $max_size) {
            adminmsg("上传图片失败:文件大小不能超过  " . $max_size . "KB", 0);
            exit;
        }
        $ext_name = strtolower(str_replace(".", "", strrchr($upfilename, ".")));
        if (!($type === '') && strpos($type, $ext_name) === false) {
            adminmsg("上传图片失败:只允许上传 " . $type . " 的文件!", 0);
            exit;
        }
        $name == true ? $uploadname = time() . mt_rand(100, 999) . "." . $ext_name : '';
        $name == false ? $uploadname = $upfilename : '';
        !is_bool($name) ? $uploadname = $name . "." . $ext_name : '';
        //$uploadname = $name ? md5(uniqid(rand())).".".$ext_name : $upfilename;
        if (!move_uploaded_file($upfile['tmp_name'], $dir . $uploadname)) {
            adminmsg('上传图片失败:文件上传出错!', 0);
            exit;
        }
        return $uploadname;
    } else {
        return '';
    }
}
Exemple #5
0
        }
        if ($num = report_audit($id, $audit, $type, $rid)) {
            write_log("设置举报信息审核状态,共影响{$num}行 ", $_SESSION['admin_name'], 3);
            adminmsg("设置成功!共影响 {$num}行 ", 2);
        } else {
            adminmsg("设置失败!", 0);
        }
    }
} elseif ($act == 'del_report') {
    check_token();
    check_permissions($_SESSION['admin_purview'], "report_del");
    $id = !empty($_REQUEST['id']) ? $_REQUEST['id'] : adminmsg("你没有选择项目!", 1);
    $id = $_REQUEST['id'];
    if ($num = del_report($id)) {
        write_log("删除举报信息,共删除{$num}行 ", $_SESSION['admin_name'], 3);
        adminmsg("删除成功!共删除" . $num . "行", 2);
    } else {
        adminmsg("删除失败!", 0);
    }
} elseif ($act == 'del_report_resume') {
    check_token();
    check_permissions($_SESSION['admin_purview'], "report_del");
    $id = !empty($_REQUEST['id']) ? $_REQUEST['id'] : adminmsg("你没有选择项目!", 1);
    $id = $_REQUEST['id'];
    if ($num = del_report_resume($id)) {
        write_log("删除举报简历信息,共删除{$num}行 ", $_SESSION['admin_name'], 3);
        adminmsg("删除成功!共删除" . $num . "行", 2);
    } else {
        adminmsg("删除失败!", 0);
    }
}
Exemple #6
0
} elseif ($act == 'title_field') {
    //数据库字段管理
    get_token();
    $list = get_title_field();
    $smarty->assign('pageheader', "字段标题");
    $smarty->assign('list', $list);
    $smarty->display('replace/admin_title_field.htm');
} elseif ($act == 'title_field_save') {
    //审核列表审核
    get_token();
    $setsqlarr['key'] = !empty($_POST['key']) ? trim($_POST['key']) : adminmsg('字段名不能为空!', 1);
    $setsqlarr['value'] = !empty($_POST['value']) ? trim($_POST['value']) : adminmsg('中文名不能为空!', 1);
    if (get_title_key($setsqlarr["key"])) {
        adminmsg('已存在!', 1);
    }
    $insert_id = $db->inserttable(table('resume_field'), $setsqlarr, true);
    write_log("添加替换标题字段" . $setsqlarr['name'], $_SESSION['admin_name'], 3);
    $link[0]['text'] = "返回列表";
    $link[0]['href'] = "?act=title_field";
    adminmsg('添加成功!', 2, $link);
    $smarty->display('company/admin_company_points.htm');
} elseif ($act == 'title_field_del') {
    //审核列表审核
    get_token();
    $id = !empty($_REQUEST['id']) ? trim($_REQUEST['id']) : adminmsg('id不能为空!', 1);
    if (!$db->query("Delete from " . table('resume_field') . " WHERE id IN (" . $id . ")")) {
        adminmsg("删除失败!", 0);
    } else {
        adminmsg("删除成功!", 0);
    }
}
Exemple #7
0
        //用于delect
        if (S::inArray($key, $fids)) {
            !$fidcommend[$key] && ($delSQL[$key] = $key);
        }
    }
    $addSQL && $db->update("REPLACE INTO pw_searchforum (fid,vieworder) VALUES " . pwSqlMulti($addSQL));
    if ($updateArr) {
        foreach ($updateArr as $key => $value) {
            $value && $db->update("UPDATE pw_searchforum SET " . pwSqlSingle($value) . " WHERE fid=" . pwEscape($key, false));
        }
    }
    $delSQL && $db->update("DELETE FROM pw_searchforum WHERE fid IN(" . pwImplode($delSQL) . ")");
    //if ($addSQL || $updateArr || $delSQL) {
    updatecache_search();
    //}
    adminmsg('operate_success', "{$basename}&action=forum");
} elseif ($action == 'statistic') {
    s::gp(array('keyword', 'createtime_s', 'createtime_e'));
    $createtime_s = $createtime_s ? $createtime_s : get_date($timestamp - 7 * 24 * 3600, 'Y-m-d');
    $createtime_e = $createtime_e ? $createtime_e : get_date($timestamp, 'Y-m-d');
    $addsql = '';
    if ($keyword) {
        $keyword = trim($keyword);
        $keywordarray = explode(",", $keyword);
        foreach ($keywordarray as $value) {
            $value = str_replace('*', '%', $value);
            $keywhere .= " OR keyword LIKE " . S::sqlEscape("%{$value}%");
        }
        $keywhere = substr_replace($keywhere, "", 0, 3);
        $addsql .= " AND ({$keywhere}) ";
    }
Exemple #8
0
        if (empty($_POST['step'])) {
            $direct = 1;
            empty($smstype) && adminmsg('类型不能为空');
            list($searchCount, $searchList) = $messageServer->manageMessageWithCategory($smstype, $keepunread, $direct, $page, $db_perpage);
            $pages = numofpage($searchCount, $page, ceil($searchCount / $db_perpage), "{$url}");
            if ($direct) {
                adminmsg('operate_success');
            } else {
                include PrintEot('superdel');
                exit;
            }
        } elseif ($_POST['step'] == 2) {
            S::gp(array('delid'), 'P');
            empty($delid) && adminmsg("请选择要删除的消息");
            $messageServer->manageMessageWithMessageIds($delid);
            adminmsg('operate_success', "{$url}");
        }
    }
}
function _delModelTopic($modeldb)
{
    global $db;
    foreach ($modeldb as $key => $value) {
        $modelids = S::sqlImplode($value);
        $pw_topicvalue = GetTopcitable($key);
        $db->update("DELETE FROM {$pw_topicvalue} WHERE tid IN({$modelids})");
    }
}
function _delPcTopic($pcdb)
{
    global $db;
Exemple #9
0
        $setsqlarr['m_type'] = 2;
        !$db->updatetable(table('mailqueue'), $setsqlarr, $wheresql);
        adminmsg('发送失败', 0);
    }
} elseif ($act == 'del') {
    $id = $_POST['id'];
    if (empty($id)) {
        adminmsg("请选择项目!", 1);
    }
    if (!is_array($id)) {
        $id = array($id);
    }
    $sqlin = implode(",", $id);
    if (preg_match("/^(\\d{1,10},)*(\\d{1,10})\$/", $sqlin)) {
        $db->query("Delete from " . table('mailqueue') . " WHERE m_id IN ({$sqlin}) ");
        adminmsg("删除成功", 2);
    }
} elseif ($act == "log") {
    get_token();
    require_once QISHI_ROOT_PATH . 'include/page.class.php';
    $key = isset($_GET['key']) ? trim($_GET['key']) : "";
    $key_type = isset($_GET['key_type']) ? intval($_GET['key_type']) : "";
    if (!empty($key) && $key_type > 0) {
        if ($key_type === 1) {
            $wheresql = " WHERE subject like '%{$key}%'";
        }
        if ($key_type === 2) {
            $wheresql = " WHERE send_to = '{$key}'";
        }
        if ($key_type === 3) {
            $wheresql = " WHERE send_from = '{$key}'";
Exemple #10
0
            $checked = strpos($postcate['viewright'], ',' . $key . ',') !== false ? 'checked' : '';
            $htm_tr = '';
            $num++;
            $num % 5 == 0 ? $htm_tr = '</tr><tr>' : '';
            $viewrighthtml .= "<td><input class='input' type='checkbox' name='viewright[]' value='" . $key . "' " . $checked . ">" . $value['grouptitle'] . "</td>" . $htm_tr;
        }
        $viewrighthtml .= "</tr></table>";
        include PrintEot('postcate');
        exit;
    } else {
        InitGP(array('viewright', 'adminright'));
        $viewrights = ',' . implode(',', $viewright) . ',';
        $adminrights = ',' . implode(',', $adminright) . ',';
        $db->update("UPDATE pw_postcate" . " SET " . pwSqlSingle(array('viewright' => $viewrights, 'adminright' => $adminrights)) . " WHERE pcid=" . pwEscape($pcid));
        updatecache_postcate();
        adminmsg('operate_success', $basename . "&action=rightset&pcid={$pcid}");
    }
}
function getFieldSqlByType($type)
{
    if (in_array($type, array('number', 'calendar'))) {
        $sql = "INT(10) UNSIGNED NOT NULL default '0'";
    } elseif (in_array($type, array('radio', 'select'))) {
        $sql = "TINYINT(3) UNSIGNED NOT NULL default '0'";
    } elseif ($type == 'textarea') {
        $sql = "TEXT NOT NULL";
    } else {
        $sql = "VARCHAR(255) NOT NULL";
    }
    return $sql;
}
Exemple #11
0
    }
} elseif ($action == 'showfield') {
    define('AJAX', 1);
    S::gp(array('currentmodelid'));
    $query = $db->query("SELECT fieldid,name FROM pw_topicfield WHERE modelid=" . S::sqlEscape($modelid));
    while ($rt = $db->fetch_array($query)) {
        $fielddb[$rt['fieldid']] = $rt['name'];
    }
    $fielddb = pwJsonEncode($fielddb);
    echo "success\t{$fielddb}";
    ajax_footer();
} elseif ($action == 'copyfield') {
    define('AJAX', 1);
    S::gp(array('copyfield'));
    if (empty($copyfield) || !is_array($copyfield)) {
        adminmsg('topiccate_copyfield_none');
    }
    $query = $db->query("SELECT name,type,rules,descrip FROM pw_topicfield WHERE fieldid IN (" . S::sqlImplode($copyfield) . ")");
    while ($rt = $db->fetch_array($query)) {
        $name = $db->get_value("SELECT name FROM pw_topicfield WHERE modelid=" . S::sqlEscape($modelid));
        $db->update("INSERT INTO pw_topicfield SET " . S::sqlSingle(array('name' => $rt['name'], 'fieldname' => $rt['fieldname'], 'modelid' => $modelid, 'type' => $rt['type'], 'rules' => $rt['rules'], 'descrip' => $rt['descrip'])), false);
        $fieldid = $db->insert_id();
        $fieldname = 'field' . $fieldid;
        $tablename = GetTopcitable($modelid);
        $db->update("UPDATE pw_topicfield SET fieldname=" . S::sqlEscape($fieldname) . " WHERE fieldid=" . S::sqlEscape($fieldid));
        $ckfieldname = $db->get_one("SHOW COLUMNS FROM {$tablename} LIKE '{$fieldname}'");
        if ($ckfieldname) {
            $db->update("DELETE FROM pw_topicfield WHERE fieldid=" . S::sqlEscape($fieldid));
            Showmsg('field_have_exists');
        } else {
            $sql = getFieldSqlByType($rt['type']);
Exemple #12
0
            $db->query("TRUNCATE TABLE pw_draft");
        } else {
            InitGP(array('username', 'keyword', 'num'));
            $num < 1 && ($num = 200);
            $sql = '';
            if ($username) {
                $rt = $db->get_one("SELECT uid FROM pw_members WHERE username="******" AND uid=" . pwEscape($rt['uid']);
            }
            if ($keyword) {
                $sql .= " AND content LIKE " . pwEscape("%{$keyword}%");
            }
            $db->update("DELETE FROM pw_draft WHERE 1 {$sql} LIMIT {$num}");
        }
        adminmsg('operate_success');
    }
} elseif ($_POST['action'] == 'draft') {
    InitGP(array('selid'));
    if (!($selid = checkselid($selid))) {
        adminmsg('operate_error');
    }
    $db->update("DELETE FROM pw_draft WHERE did IN({$selid})");
    adminmsg("operate_success");
} elseif ($_POST['action'] == 'empty') {
    $db->query("TRUNCATE TABLE pw_draft");
    adminmsg("operate_success");
}
Exemple #13
0
             countPosts("-{$affected_rows}");
         }
         $uids[] = $rt['uid'];
         $dids[] = $rt['did'];
     }
     $uids = array_unique($uids);
     updateUserAppNum($uids, 'diary', 'recount');
     //删除日志时,删除微博
     $weiboService = L::loadClass('weibo', 'sns');
     /* @var $weiboService PW_Weibo */
     $weiboArr = $weiboService->getWeibosByObjectIdsAndType($dids, 'diary');
     foreach ($weiboArr as $weibo) {
         $mids[] = $weibo['mid'];
     }
     $mids && $weiboService->deleteWeibos($mids);
     adminmsg('operate_success', "{$basename}&action=cp&step=list&groupid={$groupid}&author={$author}&keyword={$keyword}&postdate_s={$postdate_s}&postdate_e={$postdate_e}&hits={$hits}&replies={$replies}&tcounts={$tcounts}&counts={$counts}&orderby={$orderby}&sc={$sc}&perpage={$perpage}&&page={$page}&");
 } else {
     $sc = $sc ? $sc : 'desc';
     $diarydb = array();
     !$perpage && ($perpage = $db_perpage);
     null === $searchDisplay && ($searchDisplay = 'none');
     if (empty($groupid) && empty($groups) && empty($author) && empty($keyword) && empty($postdate_s) && empty($postdate_s) && empty($postdate_e)) {
         $noticeMessage = getLangInfo('cpmsg', 'noenough_condition');
     } else {
         $sql = " WHERE 1";
         if ($groupid) {
             $groups = explode(",", $groupid);
         }
         if ($groups) {
             $groupid = implode(",", $groups);
             $sql .= " AND m.groupid IN(" . S::sqlImplode($groups) . ")";
Exemple #14
0
        $link[1]['href'] = '?act=exhibitors';
        adminmsg("添加成功!", 2, $link);
    } else {
        adminmsg("添加失败!", 0);
    }
} elseif ($act == 'exhibitors_edit') {
    check_permissions($_SESSION['admin_purview'], "jobfair_exhibitors");
    get_token();
    $id = intval($_GET['id']);
    $sql = "select * from " . table('jobfair_exhibitors') . " where id='{$id}' LIMIT 1";
    $info = $db->getone($sql);
    if ($info['uid'] > 0) {
        $info['company_url'] = url_rewrite('QS_companyshow', array('id' => $info['company_id']));
    }
    $smarty->assign('info', $info);
    $smarty->assign('jobfair', get_jobfair_audit());
    $smarty->assign('pageheader', "招聘会");
    $smarty->display('jobfair/admin_jobfair_exhibitors_edit.htm');
} elseif ($act == 'exhibitors_edit_save') {
    check_permissions($_SESSION['admin_purview'], "jobfair_exhibitors");
    check_token();
    $id = intval($_POST['id']);
    $setsqlarr['companyname'] = !empty($_POST['companyname']) ? trim($_POST['companyname']) : adminmsg('您没有企业名称!', 1);
    $setsqlarr['audit'] = intval($_POST['audit']);
    $setsqlarr['etypr'] = intval($_POST['etypr']);
    $setsqlarr['note'] = trim($_POST['note']);
    $link[0]['text'] = "返回列表";
    $link[0]['href'] = '?act=exhibitors';
    write_log("修改id为:" . $id . "的参会企业信息", $_SESSION['admin_name'], 3);
    !$db->updatetable(table('jobfair_exhibitors'), $setsqlarr, " id=" . $id . "") ? adminmsg("修改失败!", 0) : adminmsg("修改成功!", 2, $link);
}
Exemple #15
0
function PostCheck($verify)
{
    global $db_hash, $admin_name, $admin_gid;
    $source = '';
    foreach ($_GET as $key => $val) {
        if (!in_array($key, array('verify', 'nowtime'))) {
            $source .= $key . $val;
        }
    }
    if ($verify != substr(md5($source . $admin_name . $admin_gid . $db_hash), 0, 8)) {
        adminmsg('illegal_request');
    }
    return true;
}
        } else {
            for ($b = 1; $b < $pageli; $b++) {
                $xmlfile = $xmldir . $xmlset['xmlpre'] . $b . '.xml';
                $xmlfile = ltrim($xmlfile, '../');
                $xmlfile = ltrim($xmlfile, '..\\');
                $atime = filemtime($xmldir . $xmlset['xmlpre'] . $b . '.xml');
                $atime = date("Y-m-d", $atime);
                $index[] = array($_CFG['site_domain'] . $_CFG['site_dir'] . $xmlfile, $atime);
            }
            $baiduxml->XML_index_put($xmldir . $xmlset['indexname'], $index);
            $link[0]['text'] = "查看结果";
            $link[0]['href'] = '?act=xmllist';
            $pageli--;
            $total = $total - $err;
            adminmsg("生成完成!总计生成{$pageli}个资源文档,1个索引文档,{$total}个职位生成成功,{$err}个职位生成失败", 2, $link);
        }
    } else {
        $xmlname = $xmldir . $xmlset['xmlpre'] . $pageli . '.xml';
        if ($baiduxml->XML_put($xmlname)) {
            $pageli++;
            $link[0]['text'] = "系统将自动继续...";
            $link[0]['href'] = "?act=make&total=" . $total . "&pageli=" . $pageli . "&err=" . $err;
            adminmsg("{$xmlname}生成成功,系统将自动继续...", 1, $link, true, 2);
            exit;
        } else {
            $link[0]['text'] = "返回列表";
            $link[0]['href'] = '?act=xmllist';
            adminmsg("生成失败!", 1, $link);
        }
    }
}
Exemple #17
0
        }
        $names = array();
        $query = $db->query("SELECT * FROM pw_cnskin");
        while ($rt = $db->fetch_array($query)) {
            $names[$rt['dir']] = $rt['name'];
        }
        require_once PrintApp('admin');
    } else {
        S::gp(array('name', 'style_name'));
        $db->update("DELETE FROM pw_cnskin");
        $pwSQL = array();
        foreach ($name as $key => $value) {
            $pwSQL[] = array($value, $style_name[$key]);
        }
        $db->update("REPLACE INTO pw_cnskin (dir, name) VALUES " . S::sqlMulti($pwSQL));
        adminmsg('operate_success', "{$basename}&action=colonystyle");
    }
}
function Delcnimg($filename)
{
    return pwDelatt("cn_img/{$filename}", $GLOBALS['db_ifftp']);
}
function updatecache_cnc()
{
    global $db;
    $classdb = array();
    $query = $db->query('SELECT fid,cname FROM pw_cnclass WHERE ifopen=1');
    while ($rt = $db->fetch_array($query)) {
        $classdb[$rt['fid']] = $rt['cname'];
    }
    $classdb = serialize($classdb);
Exemple #18
0
    check_permissions($_SESSION['admin_purview'], "consultant_edit");
    $id = intval($_POST['id']);
    if (!$id) {
        adminmsg("请选择顾问!", 1);
    }
    $consultant = get_consultant_one($id);
    $setsqlarr['name'] = !empty($_POST['name']) ? trim($_POST['name']) : adminmsg('请填写姓名!', 1);
    $setsqlarr['qq'] = !empty($_POST['qq']) ? trim($_POST['qq']) : adminmsg('请填写QQ!', 1);
    if ($_FILES['pic']['name']) {
        $upload_image_dir = "../data/" . $_CFG['updir_images'] . "/" . date("Y/m/d/");
        make_dir($upload_image_dir);
        require_once dirname(__FILE__) . '/include/upload.php';
        $setsqlarr['pic'] = _asUpFiles($upload_image_dir, "pic", "2048", 'gif/jpg/bmp/png', true);
        $setsqlarr['pic'] = date("Y/m/d/") . $setsqlarr['pic'];
        @unlink("../data/" . $_CFG['updir_images'] . "/" . $consultant['pic']);
    }
    updatetable(table('consultant'), $setsqlarr, " id={$id} ");
    $link[0]['text'] = "返回列表";
    $link[0]['href'] = "?act=consultant";
    $link[1]['text'] = "查看修改结果";
    $link[1]['href'] = "?act=consultant_edit&id={$id}";
    adminmsg('修改成功!', 2, $link);
} elseif ($act == "consultant_del") {
    check_permissions($_SESSION['admin_purview'], "consultant_del");
    $id = intval($_GET['id']);
    if (!$id) {
        adminmsg("请选择顾问!", 1);
    }
    del_consultant($id);
    adminmsg("删除成功!", 2);
}
Exemple #19
0
    makejs_classify();
    makejs_train_classify();
    //填写管理员日志
    write_log("后台成功修改专业分类!", $_SESSION['admin_name'], 3);
    adminmsg("保存成功!", 2, $link);
} elseif ($act == 'add_category_major') {
    get_token();
    $smarty->assign('navlabel', "major");
    $smarty->display('category/admin_category_major_add.htm');
} elseif ($act == 'add_category_major_save') {
    check_token();
    //新增的入库
    if (is_array($_POST['categoryname']) && count($_POST['categoryname']) > 0) {
        for ($i = 0; $i < count($_POST['categoryname']); $i++) {
            if (!empty($_POST['categoryname'][$i])) {
                $setsqlarr['categoryname'] = trim($_POST['categoryname'][$i]);
                $setsqlarr['category_order'] = intval($_POST['category_order'][$i]);
                $setsqlarr['parentid'] = intval($_POST['parentid'][$i]);
                !$db->inserttable(table('category_major'), $setsqlarr) ? adminmsg("保存失败!", 0) : "";
                $num = $num + $db->affected_rows();
            }
        }
    }
    $link[0]['text'] = "返回列表";
    $link[0]['href'] = '?act=major';
    makejs_classify();
    makejs_train_classify();
    //填写管理员日志
    write_log("后台成功添加专业分类!本次添加了" . $num . "个分类", $_SESSION['admin_name'], 3);
    adminmsg("添加成功!本次添加了" . $num . "个分类", 2, $link);
}
Exemple #20
0
 * ----------------------------------------------------------------------------
 * 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和
 * 使用;不允许对程序代码以任何形式任何目的的再发布。
 * ============================================================================
*/
define('IN_QISHI', true);
require_once dirname(__FILE__) . '/../data/config.php';
require_once dirname(__FILE__) . '/include/admin_common.inc.php';
$act = !empty($_GET['act']) ? trim($_GET['act']) : 'set';
$smarty->assign('act', $act);
$smarty->assign('pageheader', "个人设置");
check_permissions($_SESSION['admin_purview'], "set_per");
if ($act == 'set') {
    get_token();
    $smarty->assign('config', $_CFG);
    $smarty->assign('text', get_cache('text'));
    $smarty->display('set_per/admin_set_per.htm');
} elseif ($act == 'set_save') {
    check_token();
    //填写管理员日志
    write_log("后台更新设置", $_SESSION['admin_name'], 3);
    foreach ($_POST as $k => $v) {
        !$db->query("UPDATE " . table('config') . " SET value='{$v}' WHERE name='{$k}'") ? adminmsg('更新设置失败', 1) : "";
    }
    foreach ($_POST as $k => $v) {
        !$db->query("UPDATE " . table('text') . " SET value='{$v}' WHERE name='{$k}'") ? adminmsg('更新设置失败', 1) : "";
    }
    refresh_cache('config');
    refresh_cache('text');
    adminmsg("保存成功!", 2);
}
Exemple #21
0
    $smarty->assign('pageheader', "删除系统错误日志");
    $smarty->display('syslog/admin_syslog_del.htm');
} elseif ($act == 'pidel_syslog_del') {
    check_token();
    $l_type = $_POST['l_type'];
    if (empty($l_type)) {
        adminmsg('请选择错误类型!', 1);
    }
    $starttime = intval(convert_datefm($_POST['starttime'], 2));
    if (empty($starttime)) {
        adminmsg('请填写开始时间!', 1);
    }
    $endtime = intval(convert_datefm($_POST['endtime'], 2));
    if (empty($endtime)) {
        adminmsg('请填写结束时间!', 1);
    }
    if ($starttime > $endtime) {
        adminmsg('开始时间不能大于结束时间!', 1);
    }
    $link[0]['text'] = "返回日志列表";
    $link[0]['href'] = '?act=list';
    $link[1]['text'] = "继续删除";
    $link[1]['href'] = '?act=pidel_syslog';
    $dnum = pidel_syslog($l_type, $starttime, $endtime);
    if ($dnum > 0) {
        write_log("删除系统日志,共删除" . $dnum . "行", $_SESSION['admin_name'], 3);
        adminmsg("删除成功!共删除" . $dnum . "行", 2, $link);
    } else {
        adminmsg("该日期段没有日志或删除失败,请检查!", 0, $link);
    }
}
Exemple #22
0
                $cklog[3]++;
                $dirlist[$dir][] = array($filename, $filesize, $filemtime, '3');
            } elseif (!in_array($file, $md5_c)) {
                $cklog[1]++;
                $dirlist[$dir][] = array($filename, $filesize, $filemtime, '1');
            }
        }
    }
    include PrintEot('safecheck');
    exit;
} elseif ($action == 'cache') {
    $check = $dirlist = array();
    $cklog = array('1' => 0, '2' => 0, '3' => 0);
    cachefile(D_P . 'data/');
    if (empty($check)) {
        adminmsg('all_file_ok');
    }
    foreach ($check as $file => $value) {
        $dir = dirname($file);
        $filename = basename($file);
        $filemtime = get_date(pwFilemtime($file));
        $filesize = filesize($file);
        $dirlist[$dir][] = array($filename, $filesize, $filemtime, $value);
    }
    include PrintEot('safecheck');
    exit;
}
function checkfile($keyword, $dir, $sub)
{
    global $check;
    $fp = opendir($dir);
Exemple #23
0
        adminmsg('operate_success', "{$basename}&action=verify");
    }
    /* 勋章设置 */
} elseif ($action == 'set') {
    S::gp(array('step'), 'P');
    if (!$step) {
        ifcheck($db_md_ifopen, 'ifopen');
        ifcheck($db_md_ifapply, 'ifapply');
        require_once PrintApp('admin_set');
    } else {
        S::gp(array('config'), 'P');
        foreach ($config as $key => $value) {
            setConfig($key, $value);
        }
        updatecache_c();
        adminmsg('operate_success', "{$basename}&action=set");
    }
}
/**
 * JSON处理
 * 
 * @return Ambigous <multitype:, string>
 */
function getMedalJson($medal)
{
    $openMedalTemp = array();
    foreach ($medal as $v) {
        $openMedalTemp[] = $v;
    }
    return pwJsonEncode($openMedalTemp);
}
Exemple #24
0
                    adminmsg('operate_error', $jumpurl);
                }
            } else {
                $pwSQL = 'uid>0 ';
            }
            $pwSQL .= ($fid ? ' AND fid=' . S::sqlEscape($fid) : ' AND fid>0 ') . ' AND gid=0';
        } elseif ($job == 'group') {
            if ($fid && $gid) {
                $pwSQL[] = 'uid=0 AND fid=' . S::sqlEscape($fid) . 'AND gid=' . S::sqlEscape($gid);
            }
        }
    }
    if ($pwSQL) {
        $db->update("DELETE FROM pw_permission WHERE {$pwSQL}");
    }
    adminmsg('operate_success', $jumpurl);
}
function getothersel($id, $t = 'U')
{
    global $fid, $db, $forum, $forumcache;
    if ($t == 'U') {
        $sql = 'uid=' . S::sqlEscape($id) . " AND fid>'0' AND gid='0'";
    } else {
        $sql = "uid='0' AND fid>'0' AND gid=" . S::sqlEscape($id);
    }
    $g_fid = array($fid);
    $ghtml = $forumcache;
    $query = $db->query("SELECT fid FROM pw_permission WHERE {$sql} GROUP BY fid");
    while ($rt = $db->fetch_array($query)) {
        $g_fid[] = $rt['fid'];
    }
Exemple #25
0
} elseif ($action == 'msgList') {
    S::gp(array('page'), 'GP');
    $messageServer = L::loadClass('message', 'message');
    $attachCount = $messageServer->countAllAttachs();
    $pageCount = ceil($attachCount / $db_perpage);
    $page = $page < 0 || empty($page) ? 1 : ($page > $pageCount ? $pageCount : $page);
    $attachList = $messageServer->getAllAttachs($page, $db_perpage);
    $pages = numofpage($attachCount, $page, $pageCount, $basename . '&action=msgList&');
    include PrintEot('attachment');
    exit;
} elseif ($action == 'msgDel') {
    S::gp(array('mids'), 'GP');
    !is_array($mids) && adminmsg('请选择要删除的附件');
    $messageServer = L::loadClass('message', 'message');
    $messageServer->deleteAttachsByMessageIds($mids);
    adminmsg('附件删除成功!', "{$basename}&action=msgList&");
}
function attachcheck($file)
{
    global $cache_file, $attachdir, $admin_pwd, $filename, $filesize, $ifless, $postdate1, $postdate2, $direct, $attachdir;
    if ($filename && strpos($file, $filename) === false) {
        return;
    }
    if ($filesize) {
        if ($ifless && filesize("{$attachdir}/{$file}") >= $filesize * 1024) {
            return;
        } elseif (!$ifless && filesize("{$attachdir}/{$file}") <= $filesize * 1024) {
            return;
        }
    }
    if ($postdate1) {
Exemple #26
0
        include PrintEot('sharelink');
        ajax_footer();
    } elseif ($step == 2) {
        S::gp(array('name', 'ifable', 'vieworder'), 'P');
        (!$name || strlen($name) > 30) && adminmsg('type_name_long');
        $typeService = L::loadClass('SharelinksTypeService', 'site');
        $stid = $typeService->getTypeIdByName($name);
        $stid && adminmsg('type_name_exist');
        $fieldsData = array('name' => $name, 'ifable' => intval($ifable), 'vieworder' => intval($vieworder));
        $typeService->insert($fieldsData);
        adminmsg('linkstype_add_success', "{$basename}&action=types");
    }
} elseif ($action == 'edittype') {
    S::gp(array('types'), 'P');
    !is_array($types) && ($types = array());
    $typeService = L::loadClass('SharelinksTypeService', 'site');
    foreach ($types as $key => $value) {
        $value['ifable'] = $value['ifable'] > 0 ? '1' : '0';
        $typeService->update($value, $key);
    }
    adminmsg('operate_success', "{$basename}&action=types");
} elseif ($action == 'deltype') {
    S::gp(array('stid'), 'G');
    $typeService = L::loadClass('SharelinksTypeService', 'site');
    $result = $typeService->delete($stid);
    if ($result) {
        $relationService = L::loadClass('SharelinksRelationService', 'site');
        $relationService->deleteByStid($stid);
    }
    adminmsg('operate_success', "{$basename}&action=types");
}
Exemple #27
0
    }
    $setsqlarr['jobname'] = trim($_POST['jobname']) ? trim($_POST['jobname']) : adminmsg('您没有填写职位名称!', 1);
    $setsqlarr['amount'] = intval($_POST['amount']);
    $setsqlarr['comname'] = trim($_POST['comname']) ? trim($_POST['comname']) : adminmsg('您没有填写单位名称!', 1);
    $setsqlarr['contact'] = trim($_POST['contact']) ? trim($_POST['contact']) : adminmsg('您没有填写联系人!', 1);
    $setsqlarr['tel'] = trim($_POST['tel']) ? trim($_POST['tel']) : adminmsg('您没有填写联系电话!', 1);
    $setsqlarr['district'] = intval($_POST['district']) ? intval($_POST['district']) : adminmsg("您没有选择地区");
    $setsqlarr['sdistrict'] = intval($_POST['sdistrict']) ? intval($_POST['sdistrict']) : adminmsg("您没有选择地区");
    $district_cn = explode("/", trim($_POST['district_cn']));
    $setsqlarr['district_cn'] = $district_cn[0];
    $setsqlarr['sdistrict_cn'] = $district_cn[1];
    $setsqlarr['detailed'] = trim($_POST['detailed']);
    $setsqlarr['refreshtime'] = time();
    $days = intval($_POST['days']);
    if ($days > 0) {
        $time = $_POST['olddeadline'] > time() ? $_POST['olddeadline'] : time();
        $setsqlarr['deadline'] = strtotime("{$days} day", $time);
    }
    require_once QISHI_ROOT_PATH . 'include/splitword.class.php';
    $sp = new SPWord();
    $setsqlarr['key'] = $setsqlarr['jobname'] . $setsqlarr['comname'] . $setsqlarr['address'] . $setsqlarr['detailed'];
    $setsqlarr['key'] = "{$setsqlarr['jobname']} {$setsqlarr['comname']} " . $sp->extracttag($setsqlarr['key']);
    $setsqlarr['key'] = $sp->pad($setsqlarr['key']);
    if (updatetable(table('simple'), $setsqlarr, " id='{$id}' ")) {
        $link[0]['text'] = "返回列表";
        $link[0]['href'] = '?act=list';
        adminmsg("修改成功!", 2, $link);
    } else {
        adminmsg("修改失败!", 0);
    }
}
Exemple #28
0
    if ($total_val > $perpage) {
        $smarty->assign('page', $page->show(3));
        //分页符
    }
    $smarty->display('users/admin_users_log.htm');
} elseif ($act == 'users_set') {
    get_token();
    $id = intval($_GET['id']);
    $account = get_admin_account($id);
    $smarty->assign('account', $account);
    $smarty->assign('admin_purview', $_SESSION['admin_purview']);
    $smarty->assign('admin_set', explode(',', $account['purview']));
    $smarty->display('users/admin_users_set.htm');
} elseif ($act == 'users_set_save') {
    check_token();
    $id = intval($_POST['id']);
    if ($_SESSION['admin_purview'] != "all") {
        adminmsg("权限不足!", 1);
    }
    $setsqlarr['purview'] = $_POST['purview'];
    $setsqlarr['purview'] = implode(',', $setsqlarr['purview']);
    if ($db->updatetable(table('admin'), $setsqlarr, ' admin_id=' . $id)) {
        //填写管理员日志
        write_log("成功设置管理员权限", $_SESSION['admin_name'], 3);
        adminmsg("设置成功!", 2);
    } else {
        //填写管理员日志
        write_log("设置管理员权限失败", $_SESSION['admin_name'], 3);
        adminmsg("设置失败!", 0);
    }
}
Exemple #29
0
    $sqlarray = file_exists(R_P . "hack/{$id}/sql.txt") ? FileArray($id) : array();
    !empty($sqlarray) && SQLDrop($sqlarray);
    setConfig('db_hackdb', $db_hackdb);
    $navMenu = L::loadClass('navmenu');
    $navMenu->settype('bbs_navinfo');
    $navMenu->del('hack_' . $id);
    $navMenu->cache();
    adminmsg('operate_success');
} elseif ($action == 'add') {
    InitGP(array('hackdir', 'hackname', 'hackopen'), 'G');
    !empty($db_hackdb[$hackdir]) && adminmsg('hackcenter_sign_exists');
    $sqlarray = file_exists(R_P . "hack/{$hackdir}/sql.txt") ? FileArray($hackdir) : array();
    !empty($sqlarray) && SQLCreate($sqlarray);
    $db_hackdb[$hackdir] = array($hackname, $hackdir, $hackopen);
    setConfig('db_hackdb', $db_hackdb);
    $navMenu = L::loadClass('navmenu');
    $navMenu->settype('bbs_navinfo');
    $navMenu->update('hack_' . $hackdir, array('title' => strip_tags($hackname), 'link' => 'hack.php?H_name=' . $hackdir));
    if ($hackopen == 0) {
        $navMenu->setshow('hack_' . $hackdir, 0);
        $navMenu->setupnav('hack_' . $hackdir, 'hack');
    } elseif ($hackopen == 1) {
        $navMenu->setshow('hack_' . $hackdir, 1);
        $navMenu->setupnav('hack_' . $hackdir, 'hack');
    } elseif ($hackopen == 2) {
        $navMenu->setshow('hack_' . $hackdir, 1);
        $navMenu->setupnav('hack_' . $hackdir);
    }
    $navMenu->cache();
    adminmsg('operate_success');
}
Exemple #30
0
        $to_a_err = array();
        foreach ($to_a_temp as $value) {
            $flag = $userService->isExistByUserName($value);
            if (true === $flag) {
                array_push($to_a, $value);
            } else {
                array_push($to_a_err, $value);
            }
        }
        $to_a && ($sqlwhere = "username IN(" . S::sqlImplode($to_a) . ")");
        $count = count($to_a);
        if ($sqlwhere) {
            $query = $db->query("SELECT uid FROM pw_members WHERE {$sqlwhere}");
            $uids = array();
            while ($rt = $db->fetch_array($query)) {
                $uids[] = $rt['uid'];
            }
        }
        if ($uids) {
            $messageInfo = array('create_uid' => $winduid, 'create_username' => $windid, 'title' => $subject, 'content' => $sendmessage);
            $messageServer->sendOnlineMessages($uids, $messageInfo);
        }
        if (0 !== count($to_a_err)) {
            $existUsers = S::sqlImplode($to_a_err);
            adminmsg('sendmsg_success_part');
        }
        adminmsg('sendmsg_success');
    } else {
        adminmsg('operate_error');
    }
}