function chkLogin()
{
global $db;
$m_id = getCookie("adminid");
$m_id = chkSql($m_id, true);
$m_name = getCookie("adminname");
// writetofile("operate.log", "loginame:{".$m_name ."};action:{".be("all","action")."};referce:{".getReferer()."}.request:{".$_SERVER["REQUEST_URI"]."};parameters GET:{".json_encode($_GET)."}" );
writetofile("operate.log", "loginame:{" . $m_name . "};action:{" . be("all", "action") . "};referce:{" . getReferer() . "}.request:{" . $_SERVER["REQUEST_URI"] . "};parameters POST:{" . json_encode($_POST) . "}");
$m_name = chkSql($m_name, true);
if (!isN($m_name) && !isN($m_id)) {
$row = $db->getRow("SELECT * FROM {pre}manager WHERE m_name='" . $m_name . "' AND m_id= '" . $m_id . "' AND m_status ='1'");
if ($row) {
$loginValidate = md5($row["m_random"] . $row["m_name"] . $row["m_id"]);
if (getCookie("admincheck") != $loginValidate) {
sCookie("admincheck", "");
die("<script>top.location.href='index.php?action=login';</script>");
}
} else {
sCookie("admincheck", "");
die("<script>top.location.href='index.php?action=login';</script>");
}
} else {
die("<script>top.location.href='index.php?action=login';</script>");
}
}
function chklogin()
{
global $user;
if (intval($_SESSION["userid"]) > 0) {
$sql = "SELECT * FROM {pre}user where u_id=" . $_SESSION["userid"];
$user = $GLOBALS['db']->getRow($sql);
$user['u_regtime'] = date('Y-m-d H:i:s', $user['u_regtime']);
$user['u_logintime'] = date('Y-m-d H:i:s', $user['u_logintime']);
$user['u_loginip'] = long2ip($user['u_loginip']);
if (!empty($user['u_start'])) {
$user['u_start'] = date('Y-m-d', $user['u_start']);
}
if (!empty($user['u_end'])) {
$user['u_end'] = date('Y-m-d', $user['u_end']);
}
$loginValidate = md5($user["u_random"] . $user["u_id"]);
if ($user && $_SESSION["usercheck"] != $loginValidate) {
$_SESSION["userid"] = "";
$_SESSION["username"] = "";
$_SESSION["usergourp"] = "";
$_SESSION["usercheck"] = "";
sCookie('userid', '');
redirect('?m=user-login.html', 'top.');
}
} else {
redirect('?m=user-login.html', 'top.');
}
}
function chkLogin2()
{
global $db;
$m_id = getCookie('adminid');
ckSql($m_id);
$m_name = getCookie('adminname');
ckSql($m_name);
$m_check = getCookie('admincheck');
ckSql($m_check);
$index = 'index.php';
if (strpos($_SERVER['PHP_SELF'], 'editor') > -1) {
$index = "../" . $index;
}
if (!isN($m_name) && !isNum($m_id)) {
$row = $db->getRow('SELECT * FROM {pre}manager WHERE m_name=\'' . mysql_real_escape_string($m_name) . '\' AND m_id= \'' . $m_id . '\' AND m_status=1');
if ($row) {
$loginValidate = md5($row['m_random'] . $row['m_name'] . $row['m_id']);
if ($m_check != $loginValidate) {
sCookie('admincheck', '');
redirect($index . '?m=admin-login', 'top.');
}
} else {
sCookie('admincheck', '');
redirect($index . '?m=admin-login', 'top.');
}
} else {
redirect($index . '?m=admin-login', 'top.');
}
}
function logout()
{
sCookie("adminname", "");
sCookie("adminid", "");
sCookie("adminlevels", "");
sCookie("admincheck", "");
echo "<script>top.location.href='index.php?action=login';</script>";
}
$sql = "SELECT " . $col . "_score," . $col . "_scoreall," . $col . "_scorenum FROM {pre}" . $tab . " WHERE " . $col . "_id=" . $id;
$row = $db->getRow($sql);
if ($row) {
$d_score = $row["d_score"];
$d_scoreall = $row["d_scoreall"];
$d_scorenum = $row["d_scorenum"];
if ($score > 0) {
if (getCookie($tab . "score" . $id) == "ok") {
echo "haved";
return;
}
$d_scoreall += $score;
$d_scorenum++;
$d_score = round($d_scoreall / $d_scorenum, 1);
$db->Update("{pre}vod", array($col . "_score", $col . "_scoreall", $col . "_scorenum"), array($d_score, $d_scoreall, $d_scorenum), $col . "_id=" . $id);
sCookie($tab . "score" . $id, "ok");
}
if ($d_score > 10) {
$d_score = 10;
}
$res = '{"scoreall":' . $d_scoreall . ',"scorenum":' . $d_scorenum . ',"score":' . $d_score . '}';
}
unset($row);
echo $res;
} elseif ($ac == 'userfav') {
if ($id < 1) {
echo "err";
exit;
}
if (isN($_SESSION["userid"])) {
echo "login";
redirect('?m=admin-index');
} else {
alertUrl('您输入的用户名和密码不正确或者您不是系统管理员!', '?m=admin-login');
}
} elseif ($method == 'login') {
$plt->set_file('main', $ac . '_' . $method . '.html');
$plt->parse('mains', 'main');
} elseif ($method == 'logout') {
if (isset($_SESSION['adminauth'])) {
unset($_SESSION);
session_destroy();
}
sCookie('adminname', '');
sCookie('adminid', '');
sCookie('adminlevels', '');
sCookie('admincheck', '');
redirect('?m=admin-login');
} elseif ($method == 'index') {
$plt->set_file('main', $ac . '_' . $method . '.html');
$plt->set_block('main', 'list_quickmenu', 'rows_quickmenu');
$path = 'tpl/config/quickmenu.txt';
if (file_exists($path)) {
$fc = file_get_contents($path);
$fc = str_replace(chr(13), '', $fc);
$arr = explode(chr(10), $fc);
$i = 1;
foreach ($arr as $a) {
if (!empty($a)) {
$one = explode(',', $a);
$plt->set_var('quickid', 'quick' . $i);
$plt->set_var('quickname', $one[0]);
function score()
{
global $db, $action, $id;
$score = be("get", "score");
$score = chkSql($score, true);
$ac3 = be("get", "ac3");
if (getCookie("vodscore_" . $id) == "ok") {
echo "haved";
exit;
}
if (!isNum($id)) {
echo "err";
exit;
}
if (!isNum($score)) {
$score = 0;
} else {
$score = intval($score);
}
if ($score < 0) {
$score = 0;
}
if ($score > 10) {
$score = 10;
}
$res = 0;
$row = $db->getRow("SELECT d_score,d_scorecount FROM {pre}vod WHERE d_id=" . $id);
if ($row) {
$d_score = $row["d_score"] + $score;
$d_scorecount = $row["d_scorecount"] + 1;
$db->Update("{pre}vod", array("d_score", "d_scorecount"), array($d_score, $d_scorecount), "d_id=" . $id);
$res = round($d_score / $d_scorecount, 1);
if ($ac3 == "all") {
$res = $d_score . "," . $d_scorecount . "," . round($d_score / $d_scorecount, 1);
}
}
unset($row);
sCookie("vodscore_" . $id, "ok");
echo $res;
}
