header('location:' . $url); exit; } if (empty($_sys) && ($html = template('login', $temparr))) { mexit($html); } else { include_once M_ROOT . "./include/cheader.inc.php"; _header(lang('memberlogin')); $cookiedef = '1m'; $cookiearr = array('0' => lang('inbrowser'), '1h' => '1' . lang('hours'), '1d' => '1' . lang('days'), '1w' => '1' . lang('weeks'), '1m' => '1' . lang('month'), '-1' => lang('saveforever')); echo '<form name="cmslogin" id="cmslogin" method="post" action="?forward=' . rawurlencode($forward) . ($infloat ? "&infloat={$infloat}&handlekey={$handlekey}" : '') . '" onsubmit="return checklogin(this)">'; tabheader_e(); echo '<tr class="header"><td colspan="2"><b>' . lang('memberlogin') . ' >><a href="tools/lostpwd.php"' . (empty($infloat) ? '' : " onclick=\"return floatwin('open_{$handlekey}',this)\"") . '>' . lang('getpwd') . '</a></b></td></tr>'; trbasic(lang('membercname'), 'username'); trbasic(lang('loginpwd'), 'password', '', 'password'); tr_regcode('login'); trbasic('Cookie', 'expires', makeoption($cookiearr, $cookiedef), 'select'); trhidden('client_t', ''); $infloat && trhidden('infloat', 1); tabfooter('cmslogin', lang('login')); mexit('</div></body></html>'); } } } else { switch (empty($expires) ? '0' : strtolower($expires)) { case '-1': $expires = 3650 * 86400; break; case '1m': $expires = 30 * 86400; break;
} if (!in_array('fsalecp', $citems) && !in_array('fsalecp', $additems)) { trbasic(lang('annex_price'), 'archiveadd[fsalecp]', makeoption(array('' => lang('freesale')) + $vcps['fsale']), 'select'); } if (!in_array('ucid', $citems) && !in_array('ucid', $additems)) { //关于文档的个人分类 $uclasses = loaduclasses($curuser->info['mid']); $ucidsarr = array(0 => lang('p_choose')); foreach ($uclasses as $k => $v) { if (!$v['cuid']) { $ucidsarr[$k] = $v['title']; } } trbasic(lang('mycoclass'), 'archiveadd[ucid]', makeoption($ucidsarr), 'select'); } $submitstr .= tr_regcode('archive'); tabfooter('barchiveadd', lang('add')); check_submit_func($submitstr); _footer(); } else { include_once M_ROOT . './include/common.fun.php'; parse_str($_SERVER['QUERY_STRING'], $_da); _aenter($_da, 1); @extract($btags); extract($_da, EXTR_OVERWRITE); tpl_refresh($tplname); @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php"); $_content = ob_get_contents(); ob_clean(); mexit($_content); }
<?php !defined('M_COM') && exit('No Permission'); if (!submitcheck('bmemberpwd')) { tabheader(lang('memberpwdsetting'), 'memberpwd', '?action=memberpwd', 2, 0, 1); trbasic(lang('membercname'), '', $curuser->info['mname'], ''); trbasic(lang('oldpwd'), 'opassword', '', 'password'); trbasic(lang('newpwd'), 'npassword', '', 'password'); trbasic(lang('repwd'), 'npassword2', '', 'password'); $submitstr = ''; $submitstr .= makesubmitstr('opassword', 1, 0, 0, 15); $submitstr .= makesubmitstr('npassword', 1, 0, 0, 15); $submitstr .= makesubmitstr('npassword2', 1, 0, 0, 15); $submitstr .= tr_regcode('login'); tabfooter('bmemberpwd'); check_submit_func($submitstr); } else { if (!regcode_pass('login', empty($regcode) ? '' : trim($regcode))) { mcmessage('regcodeerror', '?action=memberpwd'); } $opassword = trim($opassword); $npassword = trim($npassword); $npassword2 = trim($npassword2); if (md5(md5($opassword)) != $curuser->info['password']) { mcmessage('oldpasserror', '?action=memberpwd'); } if ($npassword != $npassword2) { mcmessage('notsamepwd', '?action=memberpwd'); } if (!$npassword || strlen($npassword) > 15 || $npassword != addslashes($npassword)) { mcmessage('memberpwdillegal', '?action=memberpwd');
for ($i = 0; $i < $l; $i++) { $urlsarr[$boxs[$i]] = array(lang($boxl[$i]) . ($new[$boxs[$i]] ? '(' . $new[$boxs[$i]] . ')' : ''), "?action=pmbox&box={$boxs[$i]}&page={$page}"); } murl_nav($urlsarr, 'pmbox' == $action ? $box : 'pmsend', 6); if ($action == 'pmsend') { if (!submitcheck('bpmsend')) { //发送框 tabheader(lang('sendpm'), 'pmsend', "?action=pmsend&box={$box}&page={$page}", 2, 0, 1); trbasic(lang('pmtitle'), 'pmnew[title]', '', 'btext'); trbasic(lang('pmtonames'), 'pmnew[tonames]', empty($tonames) ? '' : $tonames, 'btext'); trbasic(lang('pmcontent'), 'pmnew[content]', '', 'btextarea'); $submitstr = ''; // $submitstr .= makesubmitstr('pmnew[title]',1,0,0,80); $submitstr .= makesubmitstr('pmnew[tonames]', 1, 0, 0, 100); $submitstr .= makesubmitstr('pmnew[content]', 1, 0, 0, 1000); $submitstr .= tr_regcode('pm'); tabfooter('bpmsend'); check_submit_func($submitstr); } else { //发送短信 if (!regcode_pass('pm', empty($regcode) ? '' : trim($regcode))) { mcmessage(lang('regcodeerror'), M_REFERER); } $pmnew['title'] = trim($pmnew['title']); $pmnew['tonames'] = trim($pmnew['tonames']); $pmnew['content'] = trim($pmnew['content']); if (empty($pmnew['content']) || empty($pmnew['tonames'])) { mcmessage(lang('pmdatamiss'), M_REFERER); } $tos = array_filter(explode(',', $pmnew['tonames'])); $count = 0;
} unset($a_field); tabfooter('newcommu'); check_submit_func($submitstr); } else { //修改 if (!($reportold = $db->fetch_one("SELECT * FROM {$tblprefix}mreports WHERE mid='{$mid}' AND fromid='{$memberid}' AND cid='{$cid}'"))) { mcmessage('choosereport', $forward); } if (!submitcheck('breportdetail')) { tabheader($mcommu['cname'] . ' - ' . lang('basemessage'), 'reportdetail', "?action=mreport&mid={$mid}&cid={$cid}{$forwardstr}", 2, 1, 1); $submitstr = ''; trbasic(lang('lookreportobject'), '', "<a href=\"{$mspaceurl}index.php?mid={$mid}\" target=\"_blank\">>> " . $reportold['mname'] . "</a>", ''); trbasic(lang('addtime'), '', date('Y-m-d H:i', $reportold['createdate']), ''); tabfooter(); $submitstr .= tr_regcode('report'); $a_field = new cls_field(); tabheader($mcommu['cname'] . ' - ' . lang('submitmessage')); foreach ($mbfields as $k => $v) { if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $fieldsarr)) { $a_field->init(); $a_field->field = $v; $a_field->oldvalue = isset($reportold[$k]) ? $reportold[$k] : ''; $a_field->trfield('reportnew', '', 'mb'); $submitstr .= $a_field->submitstr; } } unset($a_field); tabfooter('breportdetail', '', strbutton('', 'goback', "redirect('{$forward}');")); check_submit_func($submitstr); } else {
exit; } if (!($tplname = @$mchannel['addtpl'])) { //系统自带的的模板 include_once M_ROOT . './include/cheader.inc.php'; load_cache('mtconfigs'); _header(lang('register')); echo '<script type="text/javascript" src="include/js/register.js"></script>'; $mchannel = $mchannels[$mchid]; $mfields = read_cache('mfields', $mchid); foreach (array('additems') as $var) { ${$var} = !empty($mchannel[$var]) ? explode(',', $mchannel[$var]) : array(); } tabheader(lang('newreg'), 'cmsregister', "?mchid={$mchid}&forward=" . rawurlencode($forward), 2, 1, 1); $muststr = '<span style="color:red">*</span>'; $submitstr = tr_regcode('register') ? '' : "passinfo['code']=1;\n"; trbasic($muststr . lang('membercname'), 'mname'); trbasic($muststr . lang('password'), 'password', '', 'password'); trbasic($muststr . lang('repwd'), 'password2', '', 'password'); trbasic($muststr . lang('email'), 'email'); $submitstr = "function checkChannel(form){\nvar i = true;\n{$submitstr}"; if (in_array('mtcid', $additems)) { trbasic(lang('spacetemplateproject'), 'mtcid', makeoption(mtcidsarr($mchid)), 'select'); } foreach ($grouptypes as $k => $v) { if (!$v['mode'] && !in_array($mchid, explode(',', $v['mchids'])) && in_array("grouptype{$k}", $additems)) { trbasic($v['cname'], 'grouptype' . $k, makeoption(ugidsarr($k, $mchid)), 'select'); } } $a_field = new cls_field(); foreach ($mfields as $k => $field) {
$a_field = new cls_field(); foreach ($rfields as $k => $v) { if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $citems)) { $a_field->init(); $a_field->field = $v; if (isset($oldmsg[$k])) { $a_field->oldvalue = $oldmsg[$k]; } else { $a_field->isadd = 1; } $a_field->trfield('communew', '', 'r'); $submitstr .= $a_field->submitstr; } } unset($a_field); $submitstr .= tr_regcode('reply'); tabfooter('newcommu'); check_submit_func($submitstr); _footer(); } else { $_da =& $arc->archive; arc_parse($_da); _aenter($_da, 1); @extract($btags); extract($_da, EXTR_OVERWRITE); tpl_refresh($tplname); @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php"); $_content = ob_get_contents(); ob_clean(); mexit($_content); }
$amount = empty($amount) ? '' : max(0, round($amount, 2)); if (!($oldmsg = $db->fetch_one("SELECT * FROM {$tblprefix}pays WHERE mid='{$memberid}' ORDER BY pid DESC LIMIT 0,1"))) { $oldmsg = array(); } tabheader(lang('onlinepay'), 'paynew', '?action=payonline&deal=confirm', 2, 0, 1); trbasic(lang('payinterface'), 'paynew[poid]', makeoption($poids), 'select'); trbasic(lang('payamount'), 'paynew[amount]', $amount, 'text', lang('payamountrmbi')); trbasic(lang('contactorname'), 'paynew[truename]', empty($oldmsg['truename']) ? '' : $oldmsg['truename'], 'btext'); trbasic(lang('contacttel'), 'paynew[telephone]', empty($oldmsg['telephone']) ? '' : $oldmsg['telephone'], 'btext'); trbasic(lang('contactemail'), 'paynew[email]', empty($oldmsg['email']) ? '' : $oldmsg['email'], 'btext'); $submitstr = ''; $submitstr .= makesubmitstr('paynew[amount]', 1, 'number', 0, 15); $submitstr .= makesubmitstr('paynew[truename]', 0, 0, 0, 80); $submitstr .= makesubmitstr('paynew[telephone]', 0, 0, 0, 30); $submitstr .= makesubmitstr('paynew[email]', 0, 'email', 0, 100); $submitstr .= tr_regcode('payonline'); tabfooter('submit', lang('continue')); check_submit_func($submitstr); } elseif ($deal == 'confirm') { if (!regcode_pass('payonline', empty($regcode) ? '' : trim($regcode))) { mcmessage('regcodeerror', '?action=payonline'); } $paynew['amount'] = max(0, round(floatval($paynew['amount']), 2)); empty($paynew['amount']) && mcmessage('pinputpayamount', '?action=payonline'); array_key_exists($paynew['poid'], $poids) || mcmessage('errorpaymode', '?action=payonline'); /* $paynew['handfee'] = 0; if(!empty($payonline['percent'])){ $paynew['handfee'] = round($paynew['amount'] * $payonline['percent'] / 100,2); } $paynew['total'] = $paynew['amount'] + $paynew['handfee'];*/
include_once M_ROOT . './include/ucenter/uc.inc.php'; } $npassword = md5(md5($npassword)); $db->query("UPDATE {$tblprefix}members SET password='******' WHERE mid='{$mid}'"); $db->query("UPDATE {$tblprefix}members_sub SET confirmstr='' WHERE mid='{$mid}'"); mcmessage('refindpwdsucceed'); } } else { if (!submitcheck('blostpwd')) { tabheader(lang('membergetpwd'), 'lostpwd', "?{$forwardstr}", 2, 0, 1); trbasic(lang('membercname'), 'mname'); trbasic(lang('memberemail'), 'email'); $submitstr = ''; $submitstr .= makesubmitstr('mname', 1, 0, 0, 15); $submitstr .= makesubmitstr('email', 1, 'email', 0, 80); $submitstr .= tr_regcode('register'); tabfooter('blostpwd'); check_submit_func($submitstr); } else { if (!regcode_pass('register', empty($regcode) ? '' : trim($regcode))) { mcmessage('safecodeerr'); } $mname = trim($mname); $email = trim($email); if (strlen($mname) < 3 || strlen($mname) > 15) { mcmessage('membernamelenillegal'); } $guestexp = '\\xA1\\xA1|^Guest|^\\xD3\\xCE\\xBF\\xCD|\\xB9\\x43\\xAB\\xC8'; if (preg_match("/^\\s*\$|^c:\\con\\con\$|[%,\\*\"\\s\t\\<\\>\\&]|{$guestexp}/is", $mname)) { mcmessage('membercnameillegal'); }
($arc->archive['closed'] || $arc->archive['finishdate'] < $timestamp) && message('questionclosed'); switch_cache($arc->archive['sid']); $sid = $arc->archive['sid']; if_siteclosed($sid); cache_merge($commu, 'commu', $sid); if (!($tplname = @$commu['addtpl'])) { load_cache('mlangs'); include_once M_ROOT . "./include/admin.fun.php"; include_once M_ROOT . "./include/adminm.fun.php"; include_once M_ROOT . "./include/cheader.inc.php"; _header(); tabheader(lang('add') . $commu['cname'] . ' ' . "<a href=\"" . view_arcurl($arc->archive) . "\" target=\"_blank\">>> " . $arc->archive['subject'] . "</a>", 'answeradd', "?aid={$aid}{$forwardstr}", 2, 1, 1); $submitstr = ''; trbasic(lang('answer0'), 'communew[answer]', '', 'textarea'); $submitstr .= makesubmitstr('communew[answer]', 1, 0, $commu['setting']['minlength'], $commu['setting']['maxlength'], 'multitext'); $submitstr .= tr_regcode('answer'); tabfooter('newcommu'); check_submit_func($submitstr); } else { $_da =& $arc->archive; arc_parse($_da); _aenter($_da, 1); @extract($btags); extract($_da, EXTR_OVERWRITE); tpl_refresh($tplname); @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php"); $_content = ob_get_contents(); ob_clean(); mexit($_content); } } else {
$a_field = new cls_field(); foreach ($cfields as $k => $v) { if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $citems)) { $a_field->init(); $a_field->field = $v; if (isset($oldmsg[$k])) { $a_field->oldvalue = $oldmsg[$k]; } else { $a_field->isadd = 1; } $a_field->trfield('communew', '', 'c'); $submitstr .= $a_field->submitstr; } } unset($a_field); $submitstr .= tr_regcode('comment'); tabfooter('newcommu'); check_submit_func($submitstr); _footer(); } else { $_da =& $arc->archive; arc_parse($_da); _aenter($_da, 1); @extract($btags); extract($_da, EXTR_OVERWRITE); tpl_refresh($tplname); @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php"); $_content = ob_get_contents(); ob_clean(); mexit($_content); }
tabheader($mcommu['cname'] . ' - ' . lang('needmessage')); foreach ($mlfields as $k => $v) { if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $fieldsarr)) { trbasic($v['cname'], '', $flinkold[$k], ''); } } unset($a_field); tabfooter('', '', strbutton('', 'goback', "redirect('{$forward}');")); } elseif (!submitcheck('bflinkdetail')) { tabheader($mcommu['cname'] . ' - ' . lang('basemessage'), 'flinkdetail', "?action=mflink&mid={$mid}&cid={$cid}{$forwardstr}", 2, 1, 1); $submitstr = ''; trbasic(lang('looklinkobject'), '', "<a href=\"{$mspaceurl}index.php?mid={$mid}\" target=\"_blank\">>> " . $flinkold['mname'] . "</a>", ''); trbasic(lang('checkstate'), '', empty($flinkold['checked']) ? lang('nocheck') : lang('checked'), ''); trbasic(lang('addtime'), '', date('Y-m-d H:i', $flinkold['createdate']), ''); tabfooter(); $submitstr .= tr_regcode('link'); $a_field = new cls_field(); tabheader($mcommu['cname'] . ' - ' . lang('submitmessage')); foreach ($mlfields as $k => $v) { if (!$v['isadmin'] && !$v['isfunc'] && in_array($k, $fieldsarr)) { $a_field->init(); $a_field->field = $v; $a_field->oldvalue = isset($flinkold[$k]) ? $flinkold[$k] : ''; $a_field->trfield('flinknew', '', 'ml'); $submitstr .= $a_field->submitstr; } } unset($a_field); tabfooter('bflinkdetail', '', strbutton('', 'goback', "redirect('{$forward}');")); check_submit_func($submitstr); } else {