function htmlFilter($string)
{
if (is_array($string)) {
foreach ($string as $key => $val) {
$string[$key] = htmlFilter($val);
}
} else {
$string = preg_replace('/&((#(\\d{3,5}|x[a-fA-F0-9]{4})|[a-zA-Z][a-z0-9]{2,5});)/', '&\\1', str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $string));
}
return $string;
}
}
}
$k = trim($_GET['k']);
$curPage = intval($_GET["page"]);
$cid = intval($_GET["cid"]);
$pagerlink = $webcore->genUrl("productlist.php?cid={$cid}&page={page}" . (empty($k) ? "" : "&k={$k}"));
$condition = "langid={$_SYS['langid']}";
$condition .= empty($k) ? "" : " and name like '%{$k}%'";
$condition .= empty($cid) ? "" : " and cid in (select id from {$db->pre}procates where id={$cid} or pid={$cid})";
$orderstr = "ordernum,id desc";
$pager = new Pager();
$pager->init(intval($cache_settings['perpagepro']), $curPage, $pagerlink);
$products = $pager->queryRows($db, "products", $condition, "id,cid,type,hits,posttime,alias,name,price1,picids,picpaths", $orderstr);
foreach ($products as $key => $product) {
$product['link'] = $webcore->genUrl("product.php?id={$product['id']}");
$product['name'] = htmlFilter($product['name']);
$product['price1'] = number_format($product['price1'], 2);
$protmppic = $webcore->getPics($product['picids'], $product['picpaths'], 0, true, true);
$product['picpath'] = $protmppic['picpath'];
$products[$key] = $product;
}
unset($protmppic);
if (!empty($cid)) {
$procate = $cache_procates[$cid];
empty($procate) && $webcore->checkViewLang('productlist', $cid);
$headtitle = empty($procate['seotitle']) ? strip_tags($procate['title']) : strip_tags(str_replace(array("\r", "\n"), array('', ''), $procate['seotitle']));
$headkeywords = empty($procate['metakeywords']) ? $headtitle : strip_tags(str_replace(array("\r", "\n"), array('', ''), $procate['metakeywords']));
$headdesc = empty($procate['metadesc']) ? $headtitle : strip_tags(str_replace(array("\r", "\n"), array('', ''), $procate['metadesc']));
$_SYS['positionchannel'] = " » <a href=" . $webcore->genUrl("productlist.php?cid={$procate['id']}") . ">{$procate['title']}</a>";
} else {
$headtitle = empty($cache_prochannel['seotitle']) ? strip_tags($cache_prochannel['title']) : strip_tags(str_replace(array("\r", "\n"), array('', ''), $cache_prochannel['seotitle']));
$secmenu .= "<li class='big'><a href=\"" . $webcore->genNavLink($tmpchannel) . "\">{$tmpchannel['title']}</a></li>";
}
} else {
$par_channel = $channel;
}
$msgkey = $_GET['msgkey'];
$curPage = intval($_GET["page"]);
$condition = "langid={$_SYS['langid']} and state=1";
$condition .= empty($msgkey) ? "" : " and (name like '%{$msgkey}%' or title like '%{$msgkey}%' or remark like '%{$msgkey}%' or reply like '%{$msgkey}%')";
$orderstr = "id desc";
$pagerlink = $webcore->genUrl("msg.php?page={page}" . (empty($msgkey) ? "" : "&msgkey={$msgkey}"));
$pager = new Pager();
$pager->init(intval($cache_settings['perpagemsg']), $curPage, $pagerlink);
$msgs = $pager->queryRows($db, "msgs", $condition, "*", $orderstr);
$index = 0;
foreach ($msgs as $key => $msg) {
$msg['mod'] = ++$index % 2;
$msg['name'] = htmlFilter($msg['name']);
$msg['email'] = htmlFilter($msg['email']);
$msg['contact1'] = htmlFilter($msg['contact1']);
$msg['title'] = htmlFilter($msg['title']);
$msg['remark'] = nl2br(htmlFilter($msg['remark']));
$msg['posttime'] = getDateStr($msg['posttime']);
$msg['replytime'] = getDateStr($msg['replytime']);
$msgs[$key] = $msg;
}
$_SYS['positionchannel'] = " » <a href=" . $webcore->genUrl("msg.php") . ">{$channel['title']}</a>";
$msgkey = empty($msgkey) ? $_LANG['header.search'] : htmlFilter($msgkey);
require_once './header.php';
require_once getTemplatePath('msg.htm');
footer();
//preview
setCookies("lastfoldertype", 2);
$pagerlink = "files.php?page={page}&folderid={$folderid}";
$condition = "folderid={$folderid}";
$orderstr = "id desc";
$pager = new Pager();
$pager->init(10, $curPage, $pagerlink);
$attachements = $pager->queryRows($db, "attachments", $condition, "*", $orderstr);
foreach ($attachements as $key => $att) {
$att['shortfilename'] = htmlFilter(cutStr($att['filename'], 12));
$att['filename'] = htmlFilter($att['filename']);
$att['uploadtime'] = getDateStr($att['uploadtime']);
$attachements[$key] = $att;
}
$folderrow = $cache_folders[$folderid];
$folderrow['title'] = htmlFilter($folderrow['title']);
print <<<EOT
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>IMAGE</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="css/default.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="../../getfiles.php?t=js&v={$_SYS['VERSION']}&f=util|ajax|admin"></script>
<body style="background:#fff;">
<table width="100%"><tr><td width="140px"><a href="folder.php" target="_self" title="{$_AL['folder.returnfolder']}"><img src="images/btn_uplevel.gif" border="0" /></a> <img src="images/btn_close.gif" id="btnClose" onclick="window.parent.popwin.close()" border="0" style="cursor:pointer;" /> </td><td><div class="list_pager">{$pager->getPageStr()}</div></td></tr></table>
<form id="filesform" onsubmit="return false">
<!--#######################-->
<div class="condiv"><a href="folder.php">{$_AL['folder.all']}</a> -> {$folderrow['title']} [<a href="javascript:showRenameFolder()">{$_AL['folder.rename']}</a>] | <input type="checkbox" onclick="selectAll('filesform',this.checked)" />{$_AL['all.selectall']} <a href="javascript:showDelFiles()">{$_AL['folder.delselfiles']}</a> <a href="javascript:showMoveFiles()">{$_AL['folder.moveselfiles']}</a>
\t<!--#######################-->
\t<div id="renamefolderdiv" style="display:none;">
<input class="button_css" type="button" value=" {$_AL['all.search']} " onclick="searchvotes()" />
{$recstr}</div>
\t<table class="table_1" width="100%">
\t\t<tr><td class="td_6"><a class="td_5_1a" href="admin.php?inc=vote&action=add"><img src="images/ico_add.gif" border="0" /> {$_AL['vote.add']}</a></td></tr>
\t</table>
EOT;
echo "<form id=\"votesform\" onsubmit=\"return false;\">";
echo "<table class=\"table_1\" width=\"100%\">";
echo "<tr style=\"font-weight:bold;color:#333333;\"><td class=\"row_0\">" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[6]}px;\">{$_AL['vote.order']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[2]}px;\">{$_AL['vote.subject']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[3]}px;\">{$_AL['vote.allowvotetime']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[4]}px;\">{$_AL['vote.totalnum']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[5]}px;\">{$_AL['all.control']}</div>" . "";
for ($i = 0; $i < count($rows); $i++) {
$tabindex = $i;
$row = $rows[$i];
$row['starttime'] = getDateStr($row['starttime']);
$row['stoptime'] = getDateStr($row['stoptime']);
$row['title'] = htmlFilter($row['title']);
$checkboxstr = "<input type=\"checkbox\" value=\"{$row['id']}\" name=\"ids[]\" class=\"checkbox_css\" />";
echo "<tr><td class=\"row_0\" style=\"line-height:150%;\">" . "<div class='rowdiv_0' style='width:{$dwidth[6]}px;'><input type=\"text\" size=\"2\" value=\"{$row[ordernum]}\" name=\"ordernum[{$row['id']}]\" tabIndex=\"{$tabindex}\" class=\"text_css\" /></div>" . "<div class='rowdiv_0' style='width:{$dwidth[2]}px;'><a href=\"../vote.php?id={$row['id']}\" target=\"_blank\">{$row['title']}</a> </div>" . "<div class='rowdiv_0' style='width:{$dwidth[3]}px;'><span class='time'>{$row['starttime']}</span> ~ <span class='time'>{$row['stoptime']}</span> </div>" . "<div class='rowdiv_0' style='width:{$dwidth[4]}px;'><span class='time'>{$row['votednum']}</span></div>" . "<div class='rowdiv_0' style='width:{$dwidth[5]}px;'><a href=\"admin.php?inc=vote&action=edit&id={$row['id']}\">{$_AL['all.edit']}</a> <a href=\"javascript:ajax_delvote_yn({$row['id']})\">{$_AL['all.delete']}</a> </div>" . "";
}
echo "</table>";
echo <<<EOT
\t<table class="table_1" width="100%">
\t\t<tr><td class="td_6"><a class="td_5_1a" href="admin.php?inc=vote&action=add"><img src="images/ico_add.gif" border="0" /> {$_AL['vote.add']}</a></td></tr>
\t</table>
\t<table width=100%><tr><td><input type="button" class="button_css" value=" {$_AL['all.submit']} " onclick="ajax_dovotes()" /></td><td><div class='pagestrdiv'>{$pager->getPageStr()}</div></td></tr></table>
EOT;
echo "</form>";
echo <<<EOT
\t</div>
\t<div id="t2"></div>
$webmaintitle = empty($cache_settings['seotitle']) ? strip_tags($cache_settings['webname']) : strip_tags($cache_settings['seotitle']);
$headtitle = empty($headtitle) ? $webmaintitle : "{$headtitle} - " . strip_tags($cache_settings['webname']);
$headtitle .= $cache_global['copyrightheader'];
//语言
$langstr = '';
foreach ($cache_langs as $lang) {
$langstr .= "<li><a href='index.php?langid={$lang['id']}' style='background-image:url(language/{$lang['directory']}/flag.gif)'>{$lang['name']}</a></li>";
}
//位置
$_SYS['indexurl'] = $webcore->genUrl('index.php');
$_SYS['positionindex'] = "<a href=\"{$_SYS['indexurl']}\">{$cache_settings['webname']}</a>";
//友情链接
foreach ($cache_links_logo as $link) {
$links_logo .= "<li><a href=\"{$link['url']}\" target=\"_blank\" title=\"{$link['content']}\"><img src=\"{$link['logo']}\" border=\"0\" /></a></li>";
}
foreach ($cache_links_text as $link) {
$links_text .= "<li><a href=\"{$link['url']}\" target=\"_blank\" title=\"{$link['content']}\">{$link['name']}</a></li>";
}
//Banner获取
$bannerad = "";
for ($b = 1; $b < 6; $b++) {
if (intval($cache_settings["banner" . $b]) > 0) {
$bannerad .= "<div class=slide style='height:300px'><a href=\"" . $cache_settings['bannerlink' . $b] . "\" target=\"_blank\"><img src=\"" . $webcore->getPicPath($cache_settings['bannerpath' . $b]) . "\"></a></div>";
//$bannerad.="<li class='slide'><a href=\"".$cache_settings['bannerlink'.$b]."\" target=\"_blank\"><img src=\"".$webcore->getPicPath($cache_settings['bannerpath'.$b])."\"></a></li>";
}
}
//Logo
$cache_settings['logopath'] = $webcore->getPicPath($cache_settings['logopath']);
$headmeta = "" . "<meta name=\"keywords\" content=\"{$headkeywords}\" />\n" . "<meta name=\"description\" content=\"{$headdesc}\" />\n" . "<meta name=\"generator\" content=\"6KZZ v1.4\" />\n" . "<meta name=\"author\" content=\"www.6kzz.com\" />\n" . "<meta name=\"copyright\" content=\"2011 6KZZ\" />\n" . "<meta name=\"MSSmartTagsPreventParsing\" content=\"True\" />\n" . "<meta http-equiv=\"MSThemeCompatible\" content=\"Yes\" />\n" . "<meta http-equiv=\"x-ua-compatible\" content=\"ie=7\" />\n" . "<script type=\"text/javascript\" src=\"language/{$cache_langs[$_cachelangid]['directory']}/language.js\"></script>";
$k = empty($k) ? $_LANG['header.search'] : htmlFilter($k);
require_once getTemplatePath('header.htm');
<?php
$effect_lang = _LANG($_AL['all.set.effect'], array($cache_langs[$_SYS['alangid']]['name']));
switch ($action) {
/************************************** friendlink BEGIN ************************************************/
case "friendlink":
$rows = $db->row_select("links", "langid={$_SYS['alangid']}", 0, "*", "langid,ordernum");
foreach ($rows as $key => $row) {
$row['name'] = htmlFilter($row['name']);
$row['url'] = htmlFilter($row['url']);
$row['content'] = htmlFilter($row['content']);
$row['logo'] = htmlFilter($row['logo']);
$rows[$key] = $row;
}
$dwidth = array(0, 40, 70, 150, 150, 150, 150);
echo <<<EOT
<script>
var maxIndex=0;
function addFriendLink(linkid, ordernum, linkname, url, content, logo){
\tvar namepre='links';
\tif(linkid==''){
\t\tnamepre='newlinks';
\t}
\tvar s="<table class=\\"table_1\\" width=\\"100%\\"><tr><td class=\\"td_6\\"><div class=\\"rowdiv_0\\" style=\\"width:{$dwidth[1]}px;\\"><input type=\\"checkbox\\" value=\\""+linkid+"\\" name=\\""+namepre+"_delid[]\\" class=\\"checkbox_css\\" /></div><div class=\\"rowdiv_0\\" style=\\"width:{$dwidth[2]}px;\\"><input type=\\"text\\" size=\\"5\\" value=\\""+ordernum+"\\" name=\\""+namepre+"_ordernum["+linkid+"]\\" class=\\"text_css\\" /></div><div class=\\"rowdiv_0\\" style=\\"width:{$dwidth[3]}px;\\"><input type='text' value='"+linkname+"' size='20' name='"+namepre+"_name["+linkid+"]' class=\\"text_css\\" /></div><div class=\\"rowdiv_0\\" style=\\"width:{$dwidth[4]}px;\\"><input type='text' value='"+url+"' size='20' name='"+namepre+"_url["+linkid+"]' class=\\"text_css\\" /></div><div class=\\"rowdiv_0\\" style=\\"width:{$dwidth[5]}px;\\"><input type='text' value='"+content+"' size='20' name='"+namepre+"_content["+linkid+"]' class=\\"text_css\\" /></div><div class=\\"rowdiv_0\\" style=\\"width:{$dwidth[6]}px;\\"><input type='text' value='"+logo+"' size='20' name='"+namepre+"_logo["+linkid+"]' class=\\"text_css\\" /></div></td></tr></table>";
\tvar ele=document.createElement('div');
\tele.id="group_div_"+maxIndex;
\tele.innerHTML=s;
\tE("linksdiv").appendChild(ele);
\tmaxIndex++;
}
</script>
$cond = "ishidden=0";
$pager->init(10, $curPage, "admin.php?inc=user&action=search&username={$username}&userid={$userid}&groupid={$groupid}&page={page}");
$rows = $pager->queryRows($db, "users", $cond, "*", "id desc");
echo <<<EOT
\t<div class="div_clear" style="height:10px;"></div>
EOT;
echo "<form id=\"usersform\" onsubmit=\"return false;\">";
echo "<table class=\"table_1\" width=\"100%\">";
echo "<tr style=\"font-weight:bold;color:#333333;\"><td class=\"row_0\"><div class=\"rowdiv_0\" style=\"width:{$dwidth[1]}px;\"><span class=\"warning\">{$_AL['all.delete']}</span></div><div class=\"rowdiv_0\" style=\"width:{$dwidth[2]}px;\">{$_AL['user.username']}</div><div class=\"rowdiv_0\" style=\"width:{$dwidth[3]}px;\">{$_AL['user.realname']}</div><div class=\"rowdiv_0\" style=\"width:{$dwidth[4]}px;\">{$_AL['user.lastip']}</div><div class=\"rowdiv_0\" style=\"width:{$dwidth[5]}px;\">{$_AL['user.lastlogin']}</div><div class=\"rowdiv_0\" style=\"width:{$dwidth[6]}px;\">{$_AL['user.addtime']}</div><div class=\"rowdiv_0\" style=\"width:{$dwidth[7]}px;\">{$_AL['all.control']}</div></td></tr>";
for ($i = 0; $i < count($rows); $i++) {
$row = $rows[$i];
$row['lastip'] = empty($row['lastip']) ? '--' : $row['lastip'];
$row['lasttime'] = empty($row['lasttime']) ? '--' : getDateStr($row['lasttime']);
$row['addtime'] = empty($row['addtime']) ? '--' : getDateStr($row['addtime']);
$row['username'] = htmlFilter($row['username']);
$row['realname'] = htmlFilter($row['realname']);
$checkboxstr = '';
if ($row['id'] == $lg['userid']) {
$checkboxstr = "<input type=\"checkbox\" disabled=\"true\" class=\"checkbox_css\" />";
} else {
$checkboxstr = "<input type=\"checkbox\" value=\"{$row['id']}\" name=\"deluid[]\" class=\"checkbox_css\" />";
}
echo "<tr><td class=\"row_0\" style=\"line-height:150%;\"><div class='rowdiv_0' style='width:{$dwidth[1]}px;'>{$checkboxstr}</div><div class='rowdiv_0' style='width:{$dwidth[2]}px;'><a href=\"admin.php?inc=user&action=edituser&uid={$row['id']}\">{$row['username']}</a> </div><div class='rowdiv_0' style='width:{$dwidth[3]}px;'>{$row['realname']} </div><div class='rowdiv_0' style='width:{$dwidth[4]}px;'>{$row['lastip']}</div><div class='rowdiv_0' style='width:{$dwidth[5]}px;'>{$row['lasttime']}</div><div class='rowdiv_0' style='width:{$dwidth[6]}px;'>{$row['addtime']}</div><div class='rowdiv_0' style='width:{$dwidth[7]}px;'><a href=\"admin.php?inc=user&action=edituser&uid={$row['id']}\">{$_AL['all.edit']}</a> <a href=\"admin.php?inc=user&action=popedom&uid={$row['id']}\">{$_AL['user.popedom']}</a></div></td></tr>";
}
echo "</table>";
echo <<<EOT
\t<table class="table_1" width="100%">
\t\t<tr><td class="td_6"><a class="td_5_1a" href="admin.php?inc=user&action=adduser"><img src="images/ico_add.gif" border="0" /> {$_AL['user.add.tab']}</a></td></tr>
\t</table>
EOT;
echo "</form>";
$pager->init(10, $curPage, $pagerlink);
$res = $pager->queryRowsBySQL($db, "SELECT * FROM {$tempsql} ORDER BY posttime DESC", $recordnum);
foreach ($res as $key => $rs) {
switch ($rs['rtype']) {
case 1:
$rs['link'] = $webcore->genUrl("product.php?id={$rs['id']}");
$rs['posttime'] = getDateStr($rs['posttime']);
break;
case 2:
$rs['link'] = $webcore->genUrl("view.php?id={$rs['id']}");
$rs['posttime'] = getDateStr($rs['posttime']);
break;
case 3:
$rs['link'] = $webcore->genUrl("page.php?cid={$rs['id']}");
$rs['posttime'] = "";
break;
}
$rs['type'] = $_SLANG['search.types'][intval($rs['rtype'])];
$rs['title'] = htmlFilter($rs['title']);
$rs['content'] = cutStr(strip_tags($rs['content']), 300);
$rs['title'] = preg_replace('/' . $k . '/i', "<u>{$k}</u>", $rs['title']);
$rs['content'] = preg_replace('/' . $k . '/i', "<u>{$k}</u>", $rs['content']);
$res[$key] = $rs;
}
$headtitle = empty($voterow['title']) ? "" : strip_tags(str_replace(array("\r", "\n"), array('', ''), $voterow['title']));
$headkeywords = $headtitle;
$headdesc = $headtitle;
$_SYS['positionchannel'] = " » {$_SLANG['search.site']}";
require_once './header.php';
require_once getTemplatePath('search.htm');
footer();
exit('<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>' . $cache_settings['webname'] . '</title></head><body>' . $cache_settings['offdetails'] . '</body></html>');
}
//初始化
$timer_begin = getmicrotime();
$db = new db();
$db->connect($_DB);
$webcore = new WebCore();
//管理员登录信息
$lg['userid'] = intval(rSESSION('userid'));
$lg['isadmin'] = intval(rSESSION('isadmin'));
//会员登录信息
$lg['memberid'] = intval(rSESSION('memberid'));
$lg['groupid'] = intval(rSESSION('groupid'));
$lg['isadmin'] = intval(rSESSION('isadmin'));
$lg['membername'] = strFilter(rSESSION('membername'));
$lg['displayname'] = htmlFilter(rSESSION('membername'));
$lg['memberpass'] = strFilter(rSESSION('memberpass'));
$lg['memberauth'] = strFilter(rSESSION('memberauth'));
$lg['expire'] = intval(getCookies('expire'));
$islogin = isLogin();
if (empty($lg['membername']) || empty($lg['memberpass'])) {
$lg['memberid'] = 0;
$lg['groupid'] = 0;
} elseif (md5($lg['membername'] . $lg['memberpass'] . $cache_global['salt']) != $lg['memberauth']) {
//echo md5($lg['membername'].$lg['memberpass'].$cache_global['salt']);exit;
$lg['memberid'] = 0;
$lg['groupid'] = 0;
$lg['membername'] = '';
$lg['memberpass'] = '';
}
//var_dump($lg);exit;
\t<div class="tips_1">
{$_AL['all.keyword']}: <input class="text_css" type="text" size="20" value="{$keyword}" id="keyword" /> <select id="state"><option value="all">{$_AL['msg.cond0']}</option><option value="y">{$_AL['msg.cond1']}</option><option value="n">{$_AL['msg.cond2']}</option></select> <input class="button_css" type="button" value=" {$_AL['all.search']} " onclick="searchmsg()" />
{$recstr}</div>
EOT;
echo "<form id=\"msgsform\" onsubmit=\"return false;\">";
echo "<table class=\"table_1\" width=\"100%\">";
echo "<tr style=\"font-weight:bold;color:#333333;\"><td class=\"row_0\">" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[1]}px;\">{$_AL['all.select']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[2]}px;padding:0px 10px;\">{$_AL['msg.title']}/{$_AL['msg.user']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[3]}px;\">{$_AL['msg.email']}/{$_AL['msg.contact']}/{$_AL['msg.ip']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[4]}px;padding:0px 10px;\">{$_AL['msg.lastreply']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[5]}px;\"> {$_AL['msg.verify.state']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[6]}px;\">{$_AL['all.control']}</div>" . "";
for ($i = 0; $i < count($rows); $i++) {
$row = $rows[$i];
$row['posttime'] = $row['posttime'] == 0 ? "——" : getDateStr($row['posttime']);
$row['replytime'] = $row['replytime'] == 0 ? "——" : getDateStr($row['replytime']);
$row['name'] = htmlFilter($row['name']);
$row['contact1'] = htmlFilter($row['contact1']);
$row['email'] = htmlFilter($row['email']);
$row['title'] = htmlFilter($row['title']);
$row['replier'] = htmlFilter($row['replier']);
$row['remark'] = cutStr(strip_tags(str_replace(array("\r", "\n"), array('', ''), $row['remark'])), 30);
$row['reply'] = cutStr(strip_tags(str_replace(array("\r", "\n"), array('', ''), $row['reply'])), 30);
$statestr = intval($row['state']) == 0 ? "<a href='msg_ajax.php?action=verify&state=1&id={$row['id']}' class='def_no' title=\"{$_AL['msg.click2verify']}\">{$_AL['msg.notverify']}</a>" : "<a href='msg_ajax.php?action=verify&state=0&id={$row['id']}' class='def_yes' title='{$_AL['msg.click2notverify']}'>{$_AL['msg.hadverify']}</a>";
$checkboxstr = "<input type=\"checkbox\" value=\"{$row['id']}\" name=\"ids[]\" class=\"checkbox_css\" />";
echo "<tr><td class=\"row_0\" style=\"line-height:150%;\">" . "<div class='rowdiv_0' style='width:{$dwidth[1]}px;'>{$checkboxstr}</div>" . "<div class='rowdiv_0' style='width:{$dwidth[2]}px; padding:0px 10px;'>{$row['title']}<br /><b>{$row['name']}</b> <span class='time'>{$row['posttime']}</span></div>" . "<div class='rowdiv_0' style='width:{$dwidth[3]}px;'>{$row['email']}<br />{$row['contact1']}<br /><span class='time'>{$row['ip']}</span></div>" . "<div class='rowdiv_0' style='width:{$dwidth[4]}px; padding:0px 10px;'>{$row['reply']}<br /><b>{$row['replier']}</b> <span class='time'>{$row['replytime']}</span></div>" . "<div class='rowdiv_0' style='width:{$dwidth[5]}px;'>{$statestr}</div>" . "<div class='rowdiv_0' style='width:{$dwidth[6]}px;'><a href=\"admin.php?inc=msg&action=reply&id={$row['id']}\">{$_AL['msg.reply']}</a></div>" . "";
}
echo "</table>";
echo <<<EOT
\t<table width=100%><tr><td><input type="checkbox" onclick="selectAll('msgsform',this.checked)" class="checkbox_css" /> {$_AL['all.selectall']} <select id="postaction" name="postaction">
\t\t<option value="NOTHING">{$_AL['all.chooseaction']}</option>
\t\t<option value="verifyY">{$_AL['msg.action1']}</option>
\t\t<option value="verifyN">{$_AL['msg.action2']}</option>
\t\t<option value="delMsg">{$_AL['msg.action3']}</option>
\t</select>
\t <input type="button" class="button_css" value=" {$_AL['all.submit']} " onclick="ajax_domsgs_yn()" /></td><td><div class='pagestrdiv'>{$pager->getPageStr()}</div></td></tr></table>
<?php
require_once 'inc/init.php';
$action = $_GET['action'];
switch ($action) {
case "buy":
$action = "buy";
break;
default:
$action = "view";
}
$cartid = getCookies("cartid");
if (!empty($cartid)) {
$odts = $db->row_select("orderdetails", "cartid={$cartid} and langid={$_SYS['langid']}");
foreach ($odts as $okey => $odt) {
$odt['proname'] = htmlFilter($odt['proname']);
$odt['displayprice'] = number_format($odt['price'], 2);
$odt['itemtotal'] = number_format($odt['price'] * $odt['pronum'], 2);
$ordertotal += $odt['price'] * $odt['pronum'];
$odt['prourl'] = "../product.php?id={$odt['proid']}";
$protmppic = $webcore->getPics($odt['picid'], $odt['picpath'], 0, true, true);
$odt['picpath'] = $protmppic['picpath'];
$odts[$okey] = $odt;
}
}
require_once './header.php';
require_once getTemplatePath('cart.htm');
footer();
$rows = $db->row_select("members", "groupid=" . GROUP_NOVERIFY, 0, "*", "id");
echo <<<EOT
\t<div id="smalltab_container"></div>
\t<div class="smalltab_line"></div>
\t<div class="div_clear" style="height:10px;"></div>
\t<div id="t1">
\t\t<form id="verifyform" onsubmit="return false;">
\t\t<div class="tips_1">{$_AL['member.s.tips']}</div>
\t\t<div class="div_clear" style="height:10px;"></div>
\t\t
EOT;
echo "<table class=\"table_1\" width=\"100%\">";
echo "<tr style=\"font-weight:bold;color:#333333;\"><td class=\"row_0\"><div class=\"rowdiv_0\" style=\"width:{$dwidth[1]}px;\">{$_AL['all.control']}</div><div class=\"rowdiv_0\" style=\"width:{$dwidth[2]}px;\">{$_AL['member.name']}/{$_AL['member.email']}</div><div class=\"rowdiv_0\" style=\"width:{$dwidth[3]}px;\">{$_AL['member.signupip']}/{$_AL['member.signuptime']}</div></td></tr>";
for ($i = 0; $i < count($rows); $i++) {
$row = $rows[$i];
$row['membername'] = htmlFilter($row['membername']);
$row['signuptime'] = getDateStr($row['signuptime'], false);
echo "<tr><td class=\"row_0\" style=\"line-height:180%;\"><div class='rowdiv_0' style='width:{$dwidth[1]}px;'><input type='radio' value='0' name='doaction[{$row['id']}]' class='radio_css' /> {$_AL['member.state0']} <input type='radio' value='1' name='doaction[{$row['id']}]' checked='true' class='radio_css' /> {$_AL['member.state1']}<br /><input type='radio' value='2' name='doaction[{$row['id']}]' class='radio_css' /> {$_AL['member.state2']} <input type='radio' value='3' name='doaction[{$row['id']}]' class='radio_css' /> {$_AL['member.state3']}<br /></div><div class='rowdiv_0' style='width:{$dwidth[2]}px;'><span style='color:#FF6600;'>{$row['membername']}</span><br />{$row['email']}</div><div class='rowdiv_0' style='width:{$dwidth[3]}px;'>{$row['signupip']}<br />{$row['signuptime']}</div></td></tr>";
}
echo "<tr><td class=\"td_3\"><input class=\"button_css\" type=\"button\" value=\" {$_AL['all.submit']} \" onclick=\"ajax_verify()\" /></td></tr>";
echo "</table>";
echo <<<EOT
\t\t
\t
\t</form>
</div>
<div id="t2"></div>
<div id="t3"></div>
<div class="div_clear" style="height:30px;"></div>
<script>
var smallNowTab;
<?php
require_once './inc/init.php';
require_once './inc/pager.php';
require_once './inc/parsefile.php';
$id = intval($_GET['id']);
$row = $db->row_select_one("products", "id='{$id}' and langid={$_SYS['langid']}");
if (!empty($row)) {
$id = $row['id'];
$db->row_query("update {$db->pre}products set hits=hits+1 where id={$id}");
$row['posttime'] = getDateStr($row['posttime'], 0, 0);
$row['name'] = htmlFilter($row['name']);
$row['serialnum'] = htmlFilter($row['serialnum']);
$row['price1'] = number_format($row['price1'], 2);
$row['content'] = $parsefile->parse($row['content']);
$row['smallimages'] = '';
$pics = $webcore->getPics($row['picids'], $row['picpaths'], -1, true, true);
foreach ($pics as $pic) {
$row['smallimages'] .= intval($pic['picid']) > 0 ? "<li id=\"liimg_{$pic['picpath']}\"><img src=\"{$pic['picpath']}\" /></li>" : "";
}
$row['picpath'] = $pics[0]['picpath'];
unset($pics);
}
empty($row) && $webcore->checkViewLang('product', $id);
$cid = $row['cid'];
$procate = $cache_procates[$cid];
$_SYS['positionchannel'] = " » <a href=" . $webcore->genUrl("productlist.php?cid={$procate['id']}") . ">{$procate['title']}</a>";
$headtitle = empty($row['seotitle']) ? strip_tags($row['name']) : strip_tags(str_replace(array("\r", "\n"), array('', ''), $row['seotitle']));
$headtitle .= " - {$procate['title']}";
$headkeywords = empty($row['metakeywords']) ? $headtitle : strip_tags(str_replace(array("\r", "\n"), array('', ''), $row['metakeywords']));
$headdesc = empty($row['metadesc']) ? $headtitle : strip_tags(str_replace(array("\r", "\n"), array('', ''), $row['metadesc']));
$par_channel = $cache_channels[$channel['pid']];
foreach ($cache_channels[$channel['pid']]['childcid'] as $childcid) {
$tmpchannel = $cache_channels[$childcid];
if ($tmpchannel['ishidden'] == '1') {
continue;
}
$secmenu .= "<li class='big'><a href=\"" . $webcore->genNavLink($tmpchannel) . "\">{$tmpchannel['title']}</a></li>";
}
} else {
$par_channel = $channel;
}
$condition = empty($channelid) ? "" : "channelid={$channelid}";
$orderstr = "id desc";
$curPage = intval($_GET["page"]);
$pagerlink = "articlelist.php?cid={$channelid}";
$pagerlink .= "&page={page}";
$pagerlink = $webcore->genUrl($pagerlink);
$pager = new Pager();
$pager->init(intval($cache_settings['perpageart']), $curPage, $pagerlink);
$articles = $pager->queryRows($db, "articles", $condition, "*", $orderstr);
foreach ($articles as $key => $article) {
$article['link'] = $webcore->genUrl("view.php?id={$article['id']}");
$article['title'] = htmlFilter($article['title']);
$article['picpath'] = $webcore->getPicPath($article['picpath'], true, true);
$article['posttime'] = getDateStr($article['posttime'], false, 0);
$articles[$key] = $article;
}
$_SYS['positionchannel'] = " » <a href=" . $webcore->genUrl("articlelist.php?cid={$channel['id']}") . ">{$channel['title']}</a>";
require_once './header.php';
require_once getTemplatePath('articlelist.htm');
footer();
<select id="orderby"><option value="id">{$_AL['all.orderby']}</option><option value="posttime">{$_AL['all.posttime']}</option><option value="hits">{$_AL['all.hits']}</option></select>
<input class="button_css" type="button" value=" {$_AL['all.search']} " onclick="searcharticle()" />
{$recstr}</div>
\t<table class="table_1" width="100%">
\t\t<tr><td class="td_6"><a class="td_5_1a" href="admin.php?inc=article&action=add&channelid={$channelid}"><img src="images/ico_add.gif" border="0" /> {$_AL['article.add']}</a></td></tr>
\t</table>
EOT;
echo "<form id=\"articlesform\" onsubmit=\"return false;\">";
echo "<table class=\"table_1\" width=\"100%\">";
echo "<tr style=\"font-weight:bold;color:#333333;\"><td class=\"row_0\">" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[1]}px;\">{$_AL['all.select']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[2]}px;\">{$_AL['all.title']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[7]}px;\">{$_AL['all.hits']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[5]}px;\">{$_AL['all.posttime']}</div>" . "<div class=\"rowdiv_0\" style=\"width:{$dwidth[8]}px;\">{$_AL['all.control']}</div>" . "";
for ($i = 0; $i < count($rows); $i++) {
$row = $rows[$i];
$row['posttime'] = getDateStr($row['posttime']);
$row['title'] = htmlFilter($row['title']);
$row['username'] = htmlFilter($row['username']);
$checkboxstr = "<input type=\"checkbox\" value=\"{$row['id']}\" name=\"aids[]\" class=\"checkbox_css\" />";
echo "<tr><td class=\"row_0\" style=\"line-height:150%;\">" . "<div class='rowdiv_0' style='width:{$dwidth[1]}px;'>{$checkboxstr}</div>" . "<div class='rowdiv_0' style='width:{$dwidth[2]}px;'><a href=\"../view.php?id={$row['id']}\" target=\"_blank\">{$row['title']}</a> </div>" . "<div class='rowdiv_0' style='width:{$dwidth[7]}px;'><span class='time'>{$row['hits']}</span></div>" . "<div class='rowdiv_0' style='width:{$dwidth[5]}px;'><span class='time'>{$row['posttime']}</span></div>" . "<div class='rowdiv_0' style='width:{$dwidth[8]}px;'><a href=\"admin.php?inc=article&action=edit&id={$row['id']}\">{$_AL['all.edit']}</a></div>" . "";
}
echo "</table>";
echo "<table width=100%><tr><td><input type=\"checkbox\" onclick=\"selectAll('articlesform',this.checked)\" class=\"checkbox_css\" /> {$_AL['all.selectall']} <input type=\"button\" class=\"button_css\" value=\" {$_AL['all.delete']} \" onclick=\"ajax_doarticles_yn()\" /></td><td><div class='pagestrdiv'>{$pager->getPageStr()}</div></td></tr></table>";
echo "</form>";
echo <<<EOT
\t</div>
\t<div id="t2"></div>
\t<div id="t3"></div>
\t<div class="div_clear" style="height:30px;"></div>
<script>
var smallNowTab;
var pt = new Tabs();
pt.classpre="smalltab_";
$row['phonenum'] = htmlFilter($row['phonenum']);
$row['email'] = htmlFilter($row['email']);
$row['address'] = htmlFilter(cutStr($row['address'], 12));
$row['zipcode'] = htmlFilter($row['zipcode']);
$row['remark'] = htmlFilter($row['remark']);
$row['total'] = number_format($row['total'], 2);
$orows = $db->row_select("orderdetails", "langid={$_SYS['alangid']} and orderid={$row['id']}", 0, "proid,price,proname,pronum");
//$proids=explode($SPRT,$row['proids']);
//$prices=explode($SPRT,$row['prices']);
//$pronames=explode($SPRT,htmlFilter($row['pronames']));
//$pronums=explode($SPRT,$row['pronums']);
$prostr = '';
foreach ($orows as $key => $orow) {
//$prices[$key]=number_format($prices[$key],2);
$orow['price'] = number_format($orow['price'], 2);
$orow['proname'] = htmlFilter($orow['proname']);
$prostr .= "<p class='order_pro_p' title=\"{$orow['proname']}\"><a href='../product.php?id={$orow['proid']}' target='_blank' class='proname'>{$orow['proname']}</a><span class='time'>{$cache_settings['cur']}{$orow['price']}</span> <span style='font-size:10px;'>X</span> <span class='time'><b>{$orow['pronum']}</b></span></p>";
}
$checkboxstr = "<input type=\"checkbox\" value=\"{$row['id']}\" name=\"aids[]\" class=\"checkbox_css\" />";
echo "<tr><td class=\"row_0\" style=\"line-height:150%;\">" . "<div class='rowdiv_0' style='width:{$dwidth[1]}px;'>{$checkboxstr}</div>" . "<div class='rowdiv_0' style='width:{$dwidth[2]}px; '><a href=\"admin.php?inc=order&action=edit&id={$row['id']}\">{$row['ordernum']}</a><br /><span class=time>{$row['createtime']}</span></div>" . "<div class='rowdiv_0' style='width:{$dwidth[3]}px; padding-right:8px; '>{$prostr}</div>" . "<div class='rowdiv_0' style='width:{$dwidth[4]}px; '><span class='time' style='font-weight:bold;'>{$cache_settings['cur']}{$row['total']}</span></div>" . "<div class='rowdiv_0' style='width:{$dwidth[5]}px;'>{$row['name']} {$row['phonenum']}<br />{$row['address']}</div>" . "<div class='rowdiv_0' style='width:{$dwidth[6]}px;'><a href=\"admin.php?inc=order&action=edit&id={$row['id']}\"><span style='color:{$orderstatecolor[$row['state']]}'>{$orderstate[$row['state']]}</span></a></div>" . "<div class='rowdiv_0' style='width:{$dwidth[7]}px;'><a href=\"admin.php?inc=order&action=edit&id={$row['id']}\">{$_AL['all.edit']}</a></div>" . "";
}
echo "</table>";
echo "<table width=100%><tr><td><input type=\"checkbox\" onclick=\"selectAll('ordersform',this.checked)\" class=\"checkbox_css\" /> {$_AL['all.selectall']} <input type=\"button\" class=\"button_css\" value=\" {$_AL['all.delete']} \" onclick=\"ajax_doorders_yn()\" /></td><td><div class='pagestrdiv'>{$pager->getPageStr()}</div></td></tr></table>";
echo "</form>";
echo <<<EOT
\t</div>
\t<div id="t2"></div>
\t<div id="t3"></div>
\t<div class="div_clear" style="height:30px;"></div>
<script>
var smallNowTab;