function edit_category()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = addslashes($_GET['id']);
$sql = "update " . $this->table_name('category') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where cat_id='{$id}'";
$a = mysql_query($sql, $this->conn);
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/category_doc/";
$doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path);
if (!empty($_POST['edit_doc'])) {
foreach ($_POST['edit_doc'] as $k => $v) {
$sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$img_b = getFetchAll($sql, $this->conn);
if (!empty($img_b)) {
if ($v == 1) {
$img_sql = " , original_src='" . $doc_src[$k] . "' ";
@unlink('.' . $img_b[0]['original_src']);
} else {
$img_sql = "";
}
$sql = "update " . $this->table_name('img') . " set original_link='" . $_POST['original_link'][$k] . "',is_show='" . $_POST['is_showi'][$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' " . $img_sql . " where img_id='" . $_POST['img_id'][$k] . "' ";
} else {
if ($v == 1) {
$img_sql = ",original_link";
$img_sql1 = ",'" . $doc_src[$k] . "'";
} else {
$img_sql = "";
$img_sql1 = "";
}
$sql = "insert into " . $this->table_name('img') . "(type_id,type,original_link" . $img_sql . ",is_show,add_by ,add_time,edit_by) values('" . $id . "','C','" . $_POST['original_link'][$k] . "'" . $img_sql1 . ",'" . $_POST['is_showi'][$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')";
}
$c = mysql_query($sql, $this->conn);
}
}
if ($a) {
if (!empty($_POST['detail'])) {
foreach ($_POST['detail'] as $k => $v) {
$art_detail = addslashes(implode('":;"', $v));
$sql = "update " . $this->table_name('category_i8n') . " set cat_detail='" . $art_detail . "' where cat_i8n_id='" . $_POST['iid'][$k] . "'";
$b = mysql_query($sql, $this->conn);
}
}
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function edit_config()
{
$this->isset_cookie();
$d = date("Y-m-d H:i:s");
//pr($_POST);die;
if (!empty($_POST)) {
foreach ($_POST as $k => $v) {
$sql = "update " . $this->table_name('config') . " set type='" . $v . "' where con_name='{$k}'";
$a = mysql_query($sql, $this->conn);
}
}
if ($a) {
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
}
function edit_news()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = $_GET['id'];
$d = date("Y-m-d H:i:s");
$sql = "update " . $this->table_name('article') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where art_id='{$id}'";
$a = mysql_query($sql, $this->conn);
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/news_doc/";
$doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path);
if (!empty($_POST['edit_doc'])) {
foreach ($_POST['edit_doc'] as $k => $v) {
if ($v == 1) {
$sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$img_b = getFetchAll($sql, $this->conn);
if (!empty($img_b)) {
@unlink('.' . $img_b[0]['original_src']);
$sql = "update " . $this->table_name('img') . " set original_src='" . $doc_src[$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where img_id='" . $_POST['img_id'][$k] . "' ";
$c = mysql_query($sql, $this->conn);
} else {
$p = explode('-', $k);
$sql = "insert into " . $this->table_name('img') . "(type_id,type,original_src,add_by ,add_time,edit_by,i8n) values('" . $id . "','A','" . $doc_src[$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $p[1] . "')";
$c = mysql_query($sql, $this->conn);
}
}
}
}
if ($a) {
if (!empty($_POST['detail'])) {
foreach ($_POST['detail'] as $k => $v) {
$art_detail = addslashes(implode('":;"', $v));
$sql = "update " . $this->table_name('article_i8n') . " set art_detail='" . $art_detail . "' where art_i8n_id='" . $_POST['iid'][$k] . "'";
$b = mysql_query($sql, $this->conn);
}
}
//$this->index();
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function edit_config()
{
$this->isset_cookie();
$d = date("Y-m-d H:i:s");
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/config_doc/";
$doc_src = uploaded_file($this->table_name('img'), 'original_src', 'file_url', $path);
if ($_GET['id'] != '') {
$id = $_GET['id'];
$sql = "update " . $this->table_name('config') . " set con_name='" . $_POST['con_name'] . "' where con_id='{$id}'";
$a = mysql_query($sql, $this->conn);
if ($_POST['edit_doc'] == 1) {
$img_id = $_POST['img_id'];
$sql = "select * from " . $this->table_name('img') . " where img_id='{$img_id}'";
$product = getFetchAll($sql, $this->conn);
if (!empty($product)) {
foreach ($product as $k => $v) {
@unlink('.' . $v['original_src']);
}
}
$sql = "delete from " . $this->table_name('img') . " where img_id='{$img_id}'";
$a = mysql_query($sql, $this->conn);
}
if (!empty($doc_src)) {
$sql = "insert into " . $this->table_name('img') . "(type_id,type,img_title,order_by,original_src,add_by ,add_time,edit_by) values('" . $id . "','CON','" . $_POST['img_name'] . "','" . $_POST['img_by'] . "','{$doc_src}','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')";
$b = mysql_query($sql, $this->conn);
}
if ($a) {
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function edit_product()
{
$this->isset_cookie();
$d = date("Y-m-d H:i:s");
$c_id = $_POST['c_id'];
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/product_doc/";
$doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path);
//pr($doc_src);die;
if ($_GET['id'] != '' && $_POST['act'] == 'edit') {
$id = $_GET['id'];
$sql = "update " . $this->table_name('goods') . " set is_show='" . $_POST['is_show'] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where goods_id='{$id}'";
$a = mysql_query($sql, $this->conn);
if (!empty($_POST['edit_doc'])) {
foreach ($_POST['edit_doc'] as $k => $v) {
$sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$img_b = getFetchAll($sql, $this->conn);
if (!empty($img_b) && $_POST['acti'][$k] == 'del') {
@unlink('.' . $img_b[0]['original_src']);
$sql = "delete from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$c = mysql_query($sql, $this->conn);
} else {
if (!empty($img_b)) {
if ($v == 1) {
$src = ",original_src='" . $doc_src[$k] . "'";
@unlink('.' . $img_b[0]['original_src']);
} else {
$src = "";
}
if (isset($_POST['is_showi'][$k])) {
$where = " ,is_show='" . $_POST['is_showi'][$k] . "'";
} else {
$where = "";
}
$sql = "update " . $this->table_name('img') . " set order_by='" . $_POST['order_by'][$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "'" . $where . $src . " where img_id='" . $_POST['img_id'][$k] . "' ";
$c = mysql_query($sql, $this->conn);
} else {
if ($v == 1) {
$p = explode('-', $k);
if (!empty($_POST['is_show'][$k])) {
$where = $_POST['is_show'][$k];
} else {
$where = "1";
}
$sql = "insert into " . $this->table_name('img') . "(type_id,order_by,is_show,type,original_src,add_by ,add_time,edit_by,point,i8n) values('" . $id . "','" . $_POST['order_by'][$k] . "','" . $where . "','P','" . $doc_src[$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $p[2] . "','" . $p[1] . "')";
$c = mysql_query($sql, $this->conn);
}
}
}
}
}
if ($a) {
if (!empty($_POST['detail'])) {
foreach ($_POST['detail'] as $k => $v) {
$title = addslashes(implode('<br />', $_POST['title'][$k]));
$overview = addslashes($_POST['overview'][$k]);
$art_detail = addslashes(implode('":;"', $v));
$sql = "update " . $this->table_name('goods_i8n') . " set goods_name='" . $title . "',goods_overview='" . $overview . "',goods_detail='" . $art_detail . "' where goods_i8n_id='" . $_POST['iid'][$k] . "'";
$b = mysql_query($sql, $this->conn);
}
}
js_redir('index.php?a=product&m=index&id=' . $c_id);
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
if ($_POST['act'] == 'add') {
$sql = "insert into " . $this->table_name('goods') . "(cat_id,is_show,order_by,add_by,add_time,edit_by) values ('" . $c_id . "','" . $_POST['is_show'] . "','50','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "') ";
$a = mysql_query($sql, $this->conn);
$id = mysql_insert_id();
if (!empty($_POST['edit_doc'])) {
foreach ($_POST['edit_doc'] as $k => $v) {
$sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$img_b = getFetchAll($sql, $this->conn);
if (!empty($img_b) && $_POST['acti'][$k] == 'del') {
@unlink('.' . $img_b[0]['original_src']);
$sql = "delete from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$c = mysql_query($sql, $this->conn);
} else {
if (!empty($img_b)) {
if ($v == 1) {
$src = ",original_src='" . $doc_src[$k] . "'";
@unlink('.' . $img_b[0]['original_src']);
} else {
$src = "";
}
if (isset($_POST['is_showi'][$k])) {
$where = " ,is_show='" . $_POST['is_showi'][$k] . "'";
} else {
$where = "";
}
$sql = "update " . $this->table_name('img') . " set order_by='" . $_POST['order_by'][$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "'" . $where . $src . " where img_id='" . $_POST['img_id'][$k] . "' ";
$c = mysql_query($sql, $this->conn);
} else {
if ($v == 1) {
$p = explode('-', $k);
if (!empty($_POST['is_show'][$k])) {
$where = $_POST['is_show'][$k];
} else {
$where = "1";
}
$sql = "insert into " . $this->table_name('img') . "(type_id,order_by,is_show,type,original_src,add_by ,add_time,edit_by,point,i8n) values('" . $id . "','" . $_POST['order_by'][$k] . "','" . $where . "','P','" . $doc_src[$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $p[2] . "','" . $p[1] . "')";
$c = mysql_query($sql, $this->conn);
}
}
}
}
}
if ($a) {
if (!empty($_POST['detail'])) {
foreach ($_POST['detail'] as $k => $v) {
$title = addslashes(implode('<br />', $_POST['title'][$k]));
$overview = addslashes($_POST['overview'][$k]);
$art_detail = addslashes(implode('":;"', $v));
$sql = "insert into " . $this->table_name('goods_i8n') . "(goods_id,goods_name,goods_overview,goods_detail,i8n) values('" . $id . "','" . $title . "','" . $overview . "','" . $art_detail . "','" . $k . "')";
$b = mysql_query($sql, $this->conn);
}
}
js_redir('index.php?a=product&m=index&id=' . $c_id);
} else {
js_alert('添加失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
}
function __construct()
{
parent::__construct();
js_redir('index.php?a=home&m=index');
}
echo "<textarea name=rcontent cols=60 rows=10 wrap>" . post2textarea($umo->content) . "</textarea><br>\n";
echo "<br>\n";
echo "<input type=hidden name=posted value=1>\n";
echo "<input type=hidden name=type value=\"modify\">\n";
echo "<input type=hidden name=type2 value=\"" . $_GET["type2"] . "\">\n";
echo "<input type=hidden name=id value=\"" . $_GET["id"] . "\">\n";
echo "<input type=submit value=\"Save changes\">\n";
} else {
$rq = pg_safe_exec("UPDATE default_msgs SET label='" . post2db($_GET["rlabel"]) . "', content='" . post2db($_GET["rcontent"]) . "' WHERE id='" . (int) $_GET["id"] . "'");
if (!$rq) {
die(pg_errormessage());
} else {
if ($_GET["type2"] == 1) {
js_redir("default_msgs.php?type=review");
} else {
js_redir("default_msgs.php?type=complaints");
}
}
}
}
if ($_GET["type"] == "complaints") {
echo "<h3>Edit default complaint replies</h3><a href=\"complaints/admin.php\"><b>Complaints Manager Home</b></a><hr width=100% noshade size=1><br>\n";
$crm = pg_safe_exec("SELECT * FROM default_msgs WHERE type=3");
echo "<b>COMPLAINT REPLIES</b> <input type=button value=\"Add\" onClick=\"location.href='default_msgs.php?type=addcom'\"><br>\n";
echo "<table width=650 border=1 cellspacing=0 cellpadding=5 bordercolor=#000000>\n";
echo "<tr bgcolor=#eeeeee>";
echo "<td>Label</td><td>Content</td><td>Action</td>\n";
echo "</tr>\n";
while ($crmo = pg_fetch_object($crm)) {
echo "<tr>";
echo "<td valign=top>" . db2disp($crmo->label) . "</td>\n";
function isset_cookie()
{
if (!isset($_COOKIE[$this->shop_name]['userName']) && empty($_SESSION[$this->shop_name]['userName'])) {
js_redir('index.php?a=login&m=login');
}
}
