/**
* 判断COOKIE是否超过一个小时,如果没有超过则更新$_M['user']['cookie']中的信息
*/
function met_cooike_start()
{
global $_M;
$_M['user']['cookie'] = array();
$met_webkeys = $_M['config']['met_webkeys'];
list($username, $password) = explode("\t", authcode($_M['form']['met_auth'], 'DECODE', $met_webkeys . $_COOKIE['met_key']));
$username = sqlinsert($username);
$query = "SELECT * from {$_M['table']['admin_table']} WHERE admin_id = '{$username}'";
$user = DB::get_one($query);
$usercooike = json_decode($user['cookie']);
if (md5($user['admin_pass']) == $password && time() - $usercooike->time < 3600) {
foreach ($usercooike as $key => $val) {
$_M['user']['cookie'][$key] = $val;
}
if (defined('IN_ADMIN')) {
$_M['user']['admin_name'] = get_met_cookie('metinfo_admin_name');
$_M['user']['admin_id'] = $_M['user']['cookie']['metinfo_admin_id'];
$privilege = background_privilege();
$_M['user']['langok'] = $privilege['langok'];
}
$_M['user']['cookie']['time'] = time();
$json = json_encode($_M['user']['cookie']);
$query = "update {$_M['table']['admin_table']} set cookie = '{$json}' WHERE admin_id = '{$username}'";
$user = DB::query($query);
}
}
/**
* 获取当前会员信息;
* @return array $user 返回记录当前会员信息的数组
*/
function member_information()
{
global $_M;
$metinfo_member_name = get_met_cookie('metinfo_member_name');
$user = load::sys_class('user', 'new')->get_user_by_username($metinfo_member_name);
$user['usertype'] = $user['groupid'];
$user['admin_id'] = $user['username'];
$user['admin_pass'] = $user['password'];
$query = "SELECT id,name FROM {$_M['table']['column']} WHERE access <= '{$user['groupid']}' AND lang = '{$_M['lang']}'";
$column = DB::get_all($query);
$user['column'] = $column;
return $user;
}
/**
* 获取当前管理员信息
* @return array $user 返回记录当前管理员信息和有权限操作的栏目的数组
*/
function admin_information()
{
global $_M;
met_cooike_start();
$met_admin_table = $_M['table']['admin_table'];
$met_column = $_M['table']['column'];
$metinfo_admin_name = get_met_cookie('metinfo_admin_name');
$query = "SELECT * from {$_M['table']['admin_table']} WHERE admin_id = '{$metinfo_admin_name}'";
$user = DB::get_one($query);
$query = "SELECT id,name from {$_M['table']['column']} WHERE access <= '{$user['usertype']}' AND lang = '{$_M['lang']}'";
$column = DB::get_all($query);
$user['column'] = $column;
return $user;
}
/**
*
* @chech Code
*
*/
function CheckCode($code)
{
met_cooike_start();
if (empty($code)) {
return false;
} elseif (get_met_cookie('met_capcha_member1') === $code) {
return true;
} else {
return false;
}
}
require_once ROOTPATH . 'config/config.inc.php';
met_cooike_start();
$metmemberforce == $met_member_force;
if ($metmemberforce == $met_member_force) {
change_met_cookie('metinfo_member_name', "force");
change_met_cookie('metinfo_member_pass', "force");
change_met_cookie('metinfo_member_type', "256");
save_met_cookie();
}
$_M['user']['cookie'] = $met_cookie;
if ($met_member_use != 0) {
$metinfo_member_id = get_met_cookie('metinfo_admin_id') == "" ? get_met_cookie('metinfo_member_id') : get_met_cookie('metinfo_admin_id');
$metinfo_member_name = get_met_cookie('metinfo_admin_name') == "" ? get_met_cookie('metinfo_member_name') : get_met_cookie('metinfo_admin_name');
$metinfo_member_pass = get_met_cookie('metinfo_admin_pass') == "" ? get_met_cookie('metinfo_member_pass') : get_met_cookie('metinfo_admin_pass');
$metinfo_member_type = get_met_cookie('metinfo_admin_type') == "" ? get_met_cookie('metinfo_member_type') : '256';
$metinfo_admin_name = get_met_cookie('metinfo_admin_name');
if ($metinfo_member_name == '' or $metinfo_member_pass == '') {
$metinfo_member_type = 0;
}
} else {
$metinfo_member_type = "256";
}
!MAGIC_QUOTES_GPC && ($_FILES = daddslashes($_FILES));
$REQUEST_URI = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
$t_array = explode(' ', microtime());
$P_S_T = $t_array[0] + $t_array[1];
$met_obstart == 1 && function_exists('ob_gzhandler') ? ob_start('ob_gzhandler') : ob_start();
ob_start();
$referer ? $forward = $referer : ($forward = $_SERVER['HTTP_REFERER']);
$m_now_time = time();
$m_now_date = date('Y-m-d H:i:s', $m_now_time);
$tmp = trim($listlang['value']);
$js = $js . "user_msg['{$listlang['name']}']='{$tmp}';\n";
}
$name = 'lang_' . $listlang['name'];
${$name} = trim($listlang['value']);
$str .= '$' . "{$name}='" . str_replace(array('\\', "'"), array("\\\\", "\\'"), trim($listlang['value'])) . "';";
$lang_json[$listlang['name']] = $listlang['value'];
}
$js1 = '$' . "js='" . str_replace("'", "\\'", $js) . '\';';
$str = "<?php\n" . $str . $js1 . "\n?>";
file_put_contents(ROOTPATH . 'cache/langadmin_' . $langset . '.php', $str);
file_put_contents(ROOTPATH . 'cache/lang_json_admin_' . $langset . '.php', json_encode($lang_json));
} else {
require_once ROOTPATH . 'cache/langadmin_' . $langset . '.php';
}
$_M[langset] = get_met_cookie('languser');
$query = "select * from {$met_language} where site='1' and lang='{$_M[langset]}'";
$languages = $db->get_all($query);
foreach ($languages as $key => $val) {
$_M[word][$val[name]] = $val[value];
}
$query = "SELECT * FROM {$met_config} WHERE lang='{$langset}-metinfo'";
$result = $db->query($query);
while ($list_config = $db->fetch_array($result)) {
$setagents[$list_config['name']] = $list_config['value'];
}
@extract($setagents);
if ($met_agents_type > 1) {
$lang_indexthanks = $met_agents_thanks;
$lang_metinfo = $met_agents_name;
$lang_copyright = $met_agents_copyright;
/**
* 检测是否登陆
* 有权限则程序向后运行,无权限则提示物权限
*/
protected function check()
{
global $_M;
$current_url = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
if (strstr($current_url, $_M['url']['site_admin'] . "index.php")) {
$admin_index = 1;
} else {
$admin_index = '';
}
$met_adminfile = $_M['config']['met_adminfile'];
$met_admin_table = $_M['table']['admin_table'];
$metinfo_admin_name = get_met_cookie('metinfo_admin_name');
$metinfo_admin_pass = get_met_cookie('metinfo_admin_pass');
if (!$metinfo_admin_name || !$metinfo_admin_pass) {
if ($admin_index) {
met_cooike_unset();
met_setcookie("re_url", $re_url, time() - 3600);
Header("Location: " . $_M['url']['site_admin'] . "login/login.php");
} else {
if (!$re_url) {
$re_url = $_SERVER[HTTP_REFERER];
$HTTP_REFERERs = explode('?', $_SERVER[HTTP_REFERER]);
$admin_file_len1 = strlen("/{$met_adminfile}/");
$admin_file_len2 = strlen("/{$met_adminfile}/index.php");
if (strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len1)) == "/{$met_adminfile}/" || strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len2)) == "/{$met_adminfile}/index.php" || !$HTTP_REFERERs[0]) {
$re_url = "http://{$_SERVER[SERVER_NAME]}{$_SERVER[REQUEST_URI]}";
}
}
if (!$_COOKIE[re_url] && !strstr($re_url, "return.php")) {
met_setcookie("re_url", $re_url, time() + 3600);
}
met_cooike_unset();
Header("Location: " . $_M['url']['site_admin'] . "login/login.php");
}
exit;
} else {
$query = "SELECT * FROM {$_M['table']['admin_table']} WHERE admin_id = '{$metinfo_admin_name}' AND admin_pass = '******' AND usertype = '3'";
$admincp_ok = DB::get_one($query);
if (!$admincp_ok) {
if ($admin_index) {
met_cooike_unset();
met_setcookie("re_url", $re_url, time() - 3600);
Header("Location: " . $_M['url']['site_admin'] . "login/login.php");
} else {
if (!$re_url) {
$re_url = $_SERVER[HTTP_REFERER];
$HTTP_REFERERs = explode('?', $_SERVER[HTTP_REFERER]);
$admin_file_len1 = strlen("/{$met_adminfile}/");
$admin_file_len2 = strlen("/{$met_adminfile}/index.php");
if (strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len1)) == "/{$met_adminfile}/" || strrev(substr(strrev($HTTP_REFERERs[0]), 0, $admin_file_len2)) == "/{$met_adminfile}/index.php" || !$HTTP_REFERERs[0]) {
$re_url = "http://{$_SERVER[SERVER_NAME]}{$_SERVER[REQUEST_URI]}";
}
}
if (!strstr($re_url, "return.php")) {
if (!$_COOKIE['re_url']) {
met_setcookie("re_url", $re_url, time() + 3600);
}
}
met_cooike_unset();
Header("Location: " . $_M['url']['site_admin'] . "login/login.php");
}
exit;
}
}
$query = "SELECT * FROM {$_M['table']['admin_table']} WHERE admin_id='{$metinfo_admin_name}' AND admin_pass='******'";
$membercp_ok = DB::get_one($query);
if (!strstr($membercp_ok['admin_op'], "metinfo")) {
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
$return_url = "";
} else {
$return_url = "javascript:window.history.back();";
}
if (stristr(M_ACTION, 'add')) {
if (!strstr($membercp_ok['admin_op'], "add")) {
okinfo($return_url, $_M['word']['loginadd']);
}
}
if (stristr(M_ACTION, 'editor')) {
if (!strstr($membercp_ok['admin_op'], "editor")) {
okinfo($return_url, $_M['word']['loginedit']);
}
}
if (stristr(M_ACTION, 'del')) {
if (!strstr($membercp_ok['admin_op'], "del")) {
okinfo($return_url, $_M['word']['logindelete']);
}
}
if (stristr(M_ACTION, 'all')) {
if (!strstr($membercp_ok['admin_op'], "metinfo")) {
okinfo($return_url, $_M['word']['loginall']);
}
}
if (stristr(M_ACTION, 'table')) {
if (stristr($_M['form']['submit_type'], 'save')) {
if ($_M['form']['allid']) {
$power_ids = explode(',', $_M['form']['allid']);
$e = 0;
$a = 0;
foreach ($power_ids as $val) {
if ($val) {
if (is_numeric($val)) {
$e++;
} else {
$a++;
}
}
if ($e > 0) {
if (!strstr($membercp_ok['admin_op'], "editor")) {
okinfo($return_url, $_M['word']['loginedit']);
}
}
if ($a > 0) {
if (!strstr($membercp_ok['admin_op'], "add")) {
okinfo($return_url, $_M['word']['loginadd']);
}
}
}
}
}
if (stristr($_M['form']['submit_type'], 'del')) {
if (!strstr($membercp_ok['admin_op'], "del")) {
okinfo($return_url, $_M['word']['logindelete']);
}
}
}
}
if (stristr($_M['url']['own'], 'admin/appstore')) {
if (!stristr($membercp_ok['admin_type'], '1507') && $membercp_ok['admin_type'] != 'metinfo') {
echo "<script type='text/javascript'> alert('{$_M['word']['appmarket_jurisdiction']}');window.history.back();</script>";
exit;
}
}
if (stristr($_M['url']['own'], 'admin/theme')) {
if ($_M['form']['mobile']) {
if (!stristr($membercp_ok['admin_type'], '1102') && $membercp_ok['admin_type'] != 'metinfo') {
echo "<script type='text/javascript'> alert('{$_M['word']['setup_permissions']}');window.history.back();</script>";
exit;
}
} else {
if (!stristr($membercp_ok['admin_type'], '1101') && $membercp_ok['admin_type'] != 'metinfo') {
echo "<script type='text/javascript'> alert('{$_M['word']['setup_permissions']}');window.history.back();</script>";
exit;
}
}
}
}
* 1. Check the $baseUrl and $baseDir variables;
* 2. If available, paste your license key in the "LicenseKey" setting;
* 3. Create the CheckAuthentication() function that enables CKFinder for authenticated users;
*
* Other settings may be left with their default values, or used to control
* advanced features of CKFinder.
*/
/**
* This function must check the user session to be sure that he/she is
* authorized to upload and access files in the File Browser.
*
* @return boolean
*/
met_cooike_start();
$metinfo_admin_name = get_met_cookie('metinfo_admin_name');
$metinfo_admin_pass = get_met_cookie('metinfo_admin_pass');
$admincp_ok = $db->get_one("SELECT * FROM {$met_admin_table} WHERE admin_id='{$metinfo_admin_name}' and admin_pass='******' and usertype='3'");
function CheckAuthentication()
{
global $admincp_ok;
if (!$admincp_ok) {
session_unset();
return false;
} else {
return true;
}
return false;
}
// LicenseKey : Paste your license key here. If left blank, CKFinder will be
// fully functional, in demo mode.
$config['LicenseName'] = '';
change_met_cookie('languser', $_GET[langset]);
save_met_cookie();
}
met_cooike_start();
$query = "select * from {$tablepre}lang where mark='{$_GET[langset]}' and lang='metinfo'";
$isadminlang = $db->get_one($query);
if (!$isadminlang && $_GET[langset] != '') {
die('not have this language');
}
$_M['user']['cookie'] = $met_cookie;
$metinfo_admin_name = get_met_cookie('metinfo_admin_name');
$metinfo_admin_pass = get_met_cookie('metinfo_admin_pass');
$metinfo_admin_pop = get_met_cookie('metinfo_admin_pop');
$metinfo_admin_shortcut = get_met_cookie('metinfo_admin_shortcut');
$languser = get_met_cookie('languser');
$langadminok = get_met_cookie('metinfo_admin_lang');
$langusenow = $languser;
if ($langadminok != "" and $langadminok != 'metinfo') {
$adminlang = explode('-', $langadminok);
}
require_once ROOTPATH_ADMIN . 'include/lang.php';
isset($_REQUEST['GLOBALS']) && exit('Access Error');
unset($_POST['met_webkeys']);
unset($_GET['met_webkeys']);
unset($_POST['metinfo_admin_name']);
unset($_GET['metinfo_admin_name']);
unset($_GET['met_cookie']);
unset($_COOKIE['met_cookie']);
unset($_POST['met_cookie']);
foreach (array('_COOKIE', '_POST', '_GET') as $_request) {
foreach (${$_request} as $_key => $_value) {
