/**
* 功能:根据省id获取对应市结点内容
* 参数:省id
* 返回:
* 备注:
*/
public function getCityByProId()
{
$data = array(array('province_id', 'int'));
dataFilter($data, 'post');
$rs = M('s_city')->select('CityID,CityName', 'ProvinceID=' . $data['province_id']);
returnJson(SUCCESS, $rs);
}
public function addPraise()
{
$data = array(array('obj_id', 'int'));
dataFilter($data, 'post');
$user_id = 1;
$rs = D('Praise')->addPraise($user_id, $data['obj_id']);
$msg = $rs == -1 ? '取消点赞成功!' : '点赞成功!';
returnJson(SUCCESS, $msg);
}
/**
* 地址修改
*/
public function alterAddr()
{
codecheck();
$data = array(array('addr', 'string'), array('name', 'string'), array('phone', 'string'), array('id', 'int'));
dataFilter($data, 'post');
$id = $data['id'];
unset($data['id']);
D('Address')->update($data, 'cust_id=' . $_SESSION['userinfo']['id'] . ' AND id=' . $id);
returnJson(SUCCESS, '', '操作成功');
}
/**
* 修改绑定手机号
*/
public function modifyPhoneNum()
{
new Codecheck();
$data = array(array('phone', 'string'), array('identifyCode', 'string'), array('new_phone', 'string'));
dataFilter($data, 'post');
if (D('identify')->checkCorrent($data['phone'], $data['identifyCode'])) {
$upData = array('c_phone' => $data['new_phone']);
D('Customer')->update($upData, 'c_id=' . $_SESSION['userinfo']['cc_cust_id']);
returnJson(SUCCESS, '修改成功');
}
returnJson(FAIL, '验证码错误');
}
/**
* 发送消息
*/
public function sendMsg()
{
$cust_id = 2;
$data = array(array('target_id', 'int'), array('msg_type', 'int'), array('msg', 'string'), array('perOrGroup', 'int'));
dataFilter($data, 'post');
$user_id = $group_id = 0;
$data['perOrGroup'] == 1 ? $user_id = $data['target_id'] : ($group_id = $data['target_id']);
$userData = array('um_cust_id' => $cust_id, 'um_receive_userid' => $user_id, 'um_perOrGroup' => $data['perOrGroup'], 'um_group_id' => $group_id);
$conData = array('cm_time' => NOW, 'cm_content' => $data['msg'], 'cm_type' => $data['msg_type']);
$msg_id = D('Chatmsg')->sendMsg($userData, $conData);
$retData = array('msg_id' => $msg_id, 'msg' => $data['msg'], 'msg_type' => $data['msg_type'], 'msg_time' => $data['msg'], 'perOrGroup' => $data['perOrGroup'], 'receive_userid' => $user_id, 'group_id' => $group_id);
returnJson(SUCCESS, $retData);
}
public function sendMsg()
{
$data = array(array('msg_type', 'int'), array('target_id', 'int'), array('perOrGroup', 'int'));
dataFilter($data, 'post');
$provArr = array('20' => 'imgStrategy', '21' => 'voiceStrategy', '22' => 'otherStrategy');
$this->msg_type = $data['msg_type'];
$data['perOrGroup'] == 1 ? $this->user_id = $data['target_id'] : ($this->group_id = $data['target_id']);
$this->perOrGroup = $data['perOrGroup'];
if (isset($_FILES['fname']) && $_FILES['fname']) {
$this->{$provArr}[$data['msg_type']]();
} else {
returnJson(FAIL, 'unlawfule request');
}
}
/**
* 判断验证码是否相同
*/
public function isEqualCode()
{
$data = array(array('phone', 'string', 'sj', '手机'), array('identifyCode', 'string'));
dataFilter($data, 'post');
if (D('Checkcode')->checkCorrent($data['phone'], $data['identifyCode'])) {
returnJson(SUCCESS, '', '验证成功');
} else {
returnJson(FAIL, '验证码错误');
}
$data = D('Basefilter')->postFilter($filterData);
if ($data) {
if (D('Code')->checkCorrent($data['phone'], $data['code'])) {
returnJson(SUCCESS, '', '验证成功');
} else {
returnJson(FAIL, '验证码错误');
}
} else {
returnJson(FAIL, 'unlawful request');
}
}
public function checkCode()
{
if (!isset($_POST['code'])) {
returnJson(CODE_RROR, '校验码错误');
}
$data = array(array('code', 'string'));
dataFilter($data, 'post');
//校验码检查
$rs = D('CustCode')->checkValid($data['code']);
if ($rs === false) {
returnJson(CODE_RROR, '校验码错误');
} else {
if ($rs == -1) {
returnJson(CODE_EXPIRE, '用户校验码已过期,请重新登陆');
} else {
$_SESSION['userinfo'] = array();
$_SESSION['userinfo']['id'] = $rs;
}
}
return true;
}
/**
* 保存用户编辑资料
*/
public function saveEdit()
{
codecheck();
//参数对应
$refData = array('icon_id' => array('icon_id', 'int'), 'nicname' => array('nicname', 'string'), 'birth_time' => array('birth_time', 'int'), 'mail' => array('mail', ''), 'sex' => array('sex', 'ing'), 'sign' => array('sign', 'string'));
$upData = array();
foreach ($refData as $k => $v) {
if (isset($_POST[$k])) {
$tmp = array(array($k, $v[1]));
dataFilter($tmp, 'post');
$upData[$v[0]] = $tmp[$k];
}
}
if ($upData) {
if (isset($upData['nicname'])) {
$upData['pinyin'] = D('Language.Chn2pinyin')->Pinyin($upData['nicname']);
}
D('Customer')->update($upData, 'id=' . $_SESSION['userinfo']['id']);
}
$retData = D('Customer')->getUserinfo($_SESSION['userinfo']['id']);
returnJson(SUCCESS, $retData);
}
}
$mysqli->set_charset('utf8');
function dataFilter($str)
{
return addslashes(htmlspecialchars(trim($str), ENT_COMPAT, 'UTF-8'));
}
if (isset($_GET['action'])) {
$action = intval($_GET['action']);
}
if (isset($action) && $action == 1) {
$sql = "SELECT * FROM comment";
$mysqli_result = $mysqli->query($sql);
if ($mysqli_result && $mysqli_result->num_rows > 0) {
$result = array();
$i = 0;
while ($row = $mysqli_result->fetch_array(MYSQL_ASSOC)) {
$result[$i]['author'] = $row['name'];
$result[$i]['text'] = $row['text'];
$i++;
}
$mysqli_result->free();
}
echo json_encode($result);
}
if (isset($action) && $action == 2) {
$name = dataFilter($_POST['name']);
$text = dataFilter($_POST['text']);
$time = time();
$sql = "INSERT INTO comment(name, text, time) VALUES('{$name}', '{$text}', {$time})";
$res = $mysqli->query($sql);
}
if ($step == 1) {
$rslt2 = class_exists('PDO') ? 1 : 0;
$rslt3 = checkWritable() ? 1 : 0;
$rslt4 = 1;
if ($rslt2 == 0) {
$rslt5 = 0;
} else {
$PDOSupported = PDO::getAvailableDrivers();
$rslt5 = in_array('sqlite', $PDOSupported) || in_array('mysql', $PDOSupported) ? 1 : 0;
}
$rslt6 = $rslt2 * $rslt3 * $rslt4 * $rslt5;
die(json_encode(array('rslt2' => $rslt2, 'rslt3' => $rslt3, 'rslt4' => $rslt4, 'rslt5' => $rslt5, 'rslt6' => $rslt6)));
}
if ($step == 2) {
if (isset($_POST['instd'])) {
$instd = dataFilter(array('siteAuthor', 'siteKey', 'dbType', 'dbName', 'dbAddr', 'dbUser', 'dbPass'), $_POST['instd']);
$dbConfContent = $instd['dbType'] == 'SQLite' ? "<?php \r\ndefine ('DBTYPE', 'SQLite');\r\ndefine ('DBNAME', '{$instd['dbName']}');" : "<?php \r\ndefine ('DBTYPE', 'MySQL');\r\ndefine ('DBNAME', '{$instd['dbName']}');\r\ndefine ('DBADDR', '{$instd['dbAddr']}');\r\ndefine ('DBUSERNAME', '{$instd['dbUser']}');\r\ndefine ('DBPASSWORD', '{$instd['dbPass']}');";
$writeResult = @file_put_contents('./conf/dbcon.php', $dbConfContent);
$siteURL = curPageURL();
$siteAuthor = htmlspecialchars($instd['siteAuthor'], ENT_QUOTES, 'UTF-8');
$siteKey = sha1($instd['siteKey']);
$infoConfContent = "<?php\n\$conf=array (\n 'siteName' => '{$l['data.sitename']}',\n 'siteURL' => '{$siteURL}',\n 'authorName' => '{$siteAuthor}',\n 'authorIntro' => '{$l['data.siteintro']}',\n 'siteKey' => '{$siteKey}',\n 'timeZone' => 'Asia/Shanghai',\n 'pageCache' => '0',\n 'commentOpt' => '0',\n 'comFrequency' => '10',\n 'comPerLoad' => '20',\n 'siteTheme' => 'default',\n 'siteLang' => '{$l['data.lang']}',\n 'perPage' => '3',\n 'linkPrefixIndex' => 'index.php',\n 'linkPrefixCategory' => 'category.php',\n 'linkPrefixArticle' => 'read.php',\n 'linkPrefixTag' => 'tag.php',\n 'social-sina-weibo' => '',\n 'social-weixin' => '',\n 'social-twitter' => '',\n 'social-facebook' => '',\n 'social-douban' => '',\n 'social-instagram' => '',\n 'social-renren' => '',\n 'social-linkedin' => '',\n 'externalLinks' => 'http://bw.bo-blog.com=bW Home',\n);";
$writeResult = $writeResult && @file_put_contents('./conf/info.php', $infoConfContent);
$servicesConfContent = "<?php\n\$conf+=array (\n 'duoshuoID' => '',\n 'disqusID' => '',\n 'sinaAKey' => '',\n 'sinaSKey' => '',\n 'qiniuAKey' => '',\n 'qiniuSKey' => '',\n 'qiniuBucket' => '',\n 'qiniuSync' => '',\n 'qiniuUpload' => '0',\n 'qiniuDomain' => '',\n);";
$writeResult = $writeResult && @file_put_contents('./conf/services.php', $servicesConfContent);
if (!$writeResult) {
$rslt7 = $rslt8 = $rslt9 = 0;
$rslt10 = $l['data.error'];
} else {
$rslt7 = 1;
define('P', './');
$article->getSinglePageList();
$adminsinglepagelist = $article->articleList;
$view->setMaster('admin');
$view->setPassData(array('adminarticlelist' => $adminarticlelist, 'admindraftlist' => $admindraftlist, 'adminsinglepagelist' => $adminsinglepagelist, 'admincatelist' => bw::$cateList, 'themeList' => $view->scanForThemes(), 'newCSRFCode' => $admin->getCSRFCode('newarticle'), 'oldCSRFCode' => $admin->getCSRFCode('navibar'), 'cateCSRFCode' => $admin->getCSRFCode('category')));
$view->setWorkFlow(array('adminarticlelist', 'admincategorylist', 'adminarticles', 'admin'));
$view->finalize();
}
}
if ($canonical->currentArgs['mainAction'] == 'services') {
if ($canonical->currentArgs['subAction'] == 'store') {
$admin->checkCSRFCode('services');
if (!isset($_REQUEST['smt'])) {
stopError($conf['l']['admin:msg:NoData']);
}
$acceptedKeys = array('duoshuoID', 'disqusID', 'sinaAKey', 'sinaSKey', 'qiniuAKey', 'qiniuSKey', 'qiniuBucket', 'qiniuSync', 'qiniuUpload', 'qiniuDomain', 'APIOpen', 'basicAPI', 'advancedAPI', 'aliyunAKey', 'aliyunSKey', 'aliyunBucket', 'aliyunRegion');
$smt = dataFilter($acceptedKeys, $_REQUEST['smt']);
$basicAPI = @explode('<>', $smt['basicAPI']);
$advancedAPI = @explode('<>', $smt['advancedAPI']);
$smt = array_map('htmlspecialchars', $smt);
$smt['basicAPI'] = array_filter($basicAPI, 'strlen');
$smt['advancedAPI'] = array_filter($advancedAPI, 'strlen');
if ($smt['qiniuBucket'] == '1') {
require_once P . "inc/script/qiniu/QiniuClient.php";
$qiniuClient = new qiniuClient($smt['qiniuAKey'], $smt['qiniuSKey']);
$result = $qiniuClient->listFiles($smt['qiniuBucket'], $limit = 1);
if (!$result) {
stopError($conf['l']['admin:msg:QiniuError'] . $qiniuClient->err);
}
}
$valString = "<?php\r\n\$conf+=" . var_export($smt, true) . ";?>";
$rS = file_put_contents(P . "conf/services.php", $valString);
private function checkComData($smt)
{
$acceptedKeys = array('userName', 'userURL', 'userContent', 'aID', 'comkey', 'socialkey', 'userAvatar');
$smt = dataFilter($acceptedKeys, $smt);
if (empty($smt['aID']) || $smt['userName'] === '' || empty($smt['userContent']) || empty($smt['comkey'])) {
stopError(bw::$conf['l']['admin:msg:NoData']);
}
$smt['userName'] = htmlspecialchars($smt['userName'], ENT_QUOTES, 'UTF-8');
$smt['userURL'] = htmlspecialchars($smt['userURL'], ENT_QUOTES, 'UTF-8');
$smt['userContent'] = htmlspecialchars($smt['userContent'], ENT_QUOTES, 'UTF-8');
return $smt;
}
private function checkArticleData($smt)
{
$acceptedKeys = array('aTitle', 'aID', 'aContent', 'aCateURLName', 'aTime', 'aTags');
if (isset($smt['originID'])) {
$acceptedKeys[] = 'originID';
}
$smt = dataFilter($acceptedKeys, $smt);
if (empty($smt['aTitle']) || $smt['aID'] === '' || empty($smt['aContent'])) {
stopError(bw::$conf['l']['admin:msg:NoData']);
}
if (!array_key_exists($smt['aCateURLName'], bw::$cateData) && $smt['aCateURLName'] != '_trash' && $smt['aCateURLName'] != '_page') {
stopError(bw::$conf['l']['admin:msg:NotExist'] . ': ' . $smt['aCateURLName']);
}
if (empty($smt['aTime'])) {
$smt['aTime'] = $this->cutTime;
} else {
$smt['aTime'] = date('Y-m-d H:i:s', strtotime($smt['aTime']));
}
$smt['aTitle'] = htmlspecialchars($smt['aTitle'], ENT_QUOTES, 'UTF-8');
$smt['aID'] = urlencode($smt['aID']);
return $smt;
}
