/**
*
* 用户登录提交
*
*/
function loginPost()
{
if (isset($_POST['t_username']) && isset($_POST['t_password'])) {
/**
* $this->specifyChar 类中自带的字符过滤
*/
$t_username = $this->specifyChar($_POST['t_username']);
$t_password = md5($this->specifyChar($_POST['t_password']));
$sql = "select *,count(*) as num from " . $this->table_name('administrator_had') . " where h_name='" . $t_username . "' and h_password='******' ";
$sod = getFetchAll($sql, $this->conn);
/*pr($sql);die;*/
if ($sod[0]['num'] == '1' && ($sod[0]['power'] == 0 || $sod[0]['power'] == 2)) {
$this->writeSession($sod[0]['h_name'], "userName");
$this->writeSession($sod[0]['h_id'], "h_id");
if ($_POST['get_c'] == 'on') {
$this->writeCookie($sod[0]['h_name'], "userName");
$this->writeCookie($sod[0]['h_id'], "h_id");
}
$this->writeCookie('zh_tw', "b_lang");
$this->writeSession('zh_tw', "b_lang");
/*pr($_POST);
pr($_COOKIE);
pr($_SESSION);die;*/
echo "<script>parent.location.href='index.php?a=admin&m=index';</script>";
exit;
} else {
js_alert_redir('密码错误,请重新再试', 'index.php?a=login&m=login');
exit;
}
} else {
js_alert_redir('不能为空,请重新再试', 'index.php?a=login&m=login');
exit;
}
}
function edit_news()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = $_GET['id'];
$d = date("Y-m-d H:i:s");
$sql = "update " . $this->table_name('article') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where art_id='{$id}'";
$a = mysql_query($sql, $this->conn);
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/news_doc/";
$doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path);
if (!empty($_POST['edit_doc'])) {
foreach ($_POST['edit_doc'] as $k => $v) {
if ($v == 1) {
$sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$img_b = getFetchAll($sql, $this->conn);
if (!empty($img_b)) {
@unlink('.' . $img_b[0]['original_src']);
$sql = "update " . $this->table_name('img') . " set original_src='" . $doc_src[$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where img_id='" . $_POST['img_id'][$k] . "' ";
$c = mysql_query($sql, $this->conn);
} else {
$p = explode('-', $k);
$sql = "insert into " . $this->table_name('img') . "(type_id,type,original_src,add_by ,add_time,edit_by,i8n) values('" . $id . "','A','" . $doc_src[$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $p[1] . "')";
$c = mysql_query($sql, $this->conn);
}
}
}
}
if ($a) {
if (!empty($_POST['detail'])) {
foreach ($_POST['detail'] as $k => $v) {
$art_detail = addslashes(implode('":;"', $v));
$sql = "update " . $this->table_name('article_i8n') . " set art_detail='" . $art_detail . "' where art_i8n_id='" . $_POST['iid'][$k] . "'";
$b = mysql_query($sql, $this->conn);
}
}
//$this->index();
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function edit_config()
{
$this->isset_cookie();
$d = date("Y-m-d H:i:s");
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/config_doc/";
$doc_src = uploaded_file($this->table_name('img'), 'original_src', 'file_url', $path);
if ($_GET['id'] != '') {
$id = $_GET['id'];
$sql = "update " . $this->table_name('config') . " set con_name='" . $_POST['con_name'] . "' where con_id='{$id}'";
$a = mysql_query($sql, $this->conn);
if ($_POST['edit_doc'] == 1) {
$img_id = $_POST['img_id'];
$sql = "select * from " . $this->table_name('img') . " where img_id='{$img_id}'";
$product = getFetchAll($sql, $this->conn);
if (!empty($product)) {
foreach ($product as $k => $v) {
@unlink('.' . $v['original_src']);
}
}
$sql = "delete from " . $this->table_name('img') . " where img_id='{$img_id}'";
$a = mysql_query($sql, $this->conn);
}
if (!empty($doc_src)) {
$sql = "insert into " . $this->table_name('img') . "(type_id,type,img_title,order_by,original_src,add_by ,add_time,edit_by) values('" . $id . "','CON','" . $_POST['img_name'] . "','" . $_POST['img_by'] . "','{$doc_src}','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')";
$b = mysql_query($sql, $this->conn);
}
if ($a) {
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function edit_category()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = addslashes($_GET['id']);
$sql = "update " . $this->table_name('category') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where cat_id='{$id}'";
$a = mysql_query($sql, $this->conn);
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/category_doc/";
$doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path);
if (!empty($_POST['edit_doc'])) {
foreach ($_POST['edit_doc'] as $k => $v) {
$sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$img_b = getFetchAll($sql, $this->conn);
if (!empty($img_b)) {
if ($v == 1) {
$img_sql = " , original_src='" . $doc_src[$k] . "' ";
@unlink('.' . $img_b[0]['original_src']);
} else {
$img_sql = "";
}
// order_by='".$_POST['order_by'][$k]."',
$sql = "update " . $this->table_name('img') . " set original_link='" . $_POST['original_link'][$k] . "',is_show='" . $_POST['is_showi'][$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' " . $img_sql . " where img_id='" . $_POST['img_id'][$k] . "' ";
} else {
if ($v == 1) {
$img_sql = ",original_link";
$img_sql1 = ",'" . $doc_src[$k] . "'";
} else {
$img_sql = "";
$img_sql1 = "";
}
$sql = "insert into " . $this->table_name('img') . "(type_id,type,original_link" . $img_sql . ",is_show,add_by ,add_time,edit_by) values('" . $id . "','C','" . $_POST['original_link'][$k] . "'" . $img_sql1 . ",'" . $_POST['is_showi'][$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')";
}
$c = mysql_query($sql, $this->conn);
}
}
if ($a) {
if (!empty($_POST['detail'])) {
foreach ($_POST['detail'] as $k => $v) {
$art_detail = addslashes(implode('":;"', $v));
$sql = "update " . $this->table_name('category_i8n') . " set cat_detail='" . $art_detail . "' where cat_i8n_id='" . $_POST['iid'][$k] . "'";
$b = mysql_query($sql, $this->conn);
}
}
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function del_product()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "delete from " . $this->table_name('goods') . " where goods_id='{$id}'";
$a = mysql_query($sql, $this->conn);
$sql = "delete from " . $this->table_name('goods_i8n') . " where goods_id='{$id}'";
$a = mysql_query($sql, $this->conn);
$sql = "select * from " . $this->table_name('img') . " where type_id='{$id}' and type='P'";
$product = getFetchAll($sql, $this->conn);
if (!empty($product)) {
foreach ($product as $k => $v) {
@unlink('.' . $v['original_src']);
}
}
$sql = "delete from " . $this->table_name('img') . " where type_id='{$id}' and type='P'";
$a = mysql_query($sql, $this->conn);
if ($a) {
$this->index();
} else {
js_alert('删除失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function favorite()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "select * from " . $this->table_name('user') . " where user_id='{$id}'";
$product = getFetchAll($sql, $this->conn);
$sql = "select *,f.add_time as los from " . $this->table_name('favorite') . " as f " . "left join " . $this->table_name('goods') . " as g on f.goods_id=g.goods_id " . "left join " . $this->table_name('goods_i8n') . " as i on f.goods_id=i.goods_id where f.user_id='" . $id . "' and i.i8n='" . $_SESSION[$this->shop_name]['b_lang'] . "' ";
$products = getFetchAll($sql, $this->conn);
//pr($products);
$tmpPath = $this->sysVar['template'] . 'admin/show_favorite_detailed.php';
include $tmpPath;
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function edit_order_type()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
//order
$orderid = $_GET['id'];
$type = $_GET['type'];
$sql_o = "update " . $this->table_name('order') . " \n\t\t\t\t\t\tset type='{$type}'\n\t\t\t\t\t\twhere orderid='{$orderid}'";
$o = mysql_query($sql_o, $this->conn);
// echo $sql_o;die;
if ($o) {
$this->index();
} else {
js_alert('订单修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function del_img()
{
isset_cookie();
if (isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "delete from aich_img where i_id='{$id}'";
$a = mysql_query($sql, $this->conn);
if ($a) {
$this->index();
} else {
js_alert('删除失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
