/** * @return bffBase object */ function init($isFrontend = true) { global $oDb, $oSm, $oSecurity; self::$isFrontend = $isFrontend; self::$isAjax = func::isAjaxRequest(); self::$isPost = func::isPostMethod(); if ($isFrontend) { define('TPL_PATH', PATH_BASE . 'tpl/main/'); $oSm->template_dir = TPL_PATH; } else { define('TPL_PATH', PATH_BASE . 'tpl/main/admin/'); define('THEME_URL', SITEURL . '/styles/default'); //default admin theme! $oSm->template_dir = TPL_PATH; } spl_autoload_register(array('bffBase', 'autoload')); $oSecurity->checkExpired(); if (!defined('THEME_URL')) { define('THEME_URL', SITEURL . '/styles/' . THEMES_DEFAULTTHEME_KEY); } $oSm->assign('theme_url', THEME_URL); $oSm->assign('class', self::$class = substr(strtolower(func::GETPOST('s')), 0, 30)); $oSm->assign('event', self::$event = substr(strtolower(func::GETPOST('ev')), 0, 30)); $oSm->assign_by_ref('tplJSIncludes', self::$includesJS); $oSm->assign_by_ref('tplCSSIncludes', self::$includesCSS); bff::initApp($isFrontend); return $this; }
function show($nPageID = null) { $nRecordID = !isset($nPageID) ? func::POSTGET('page') : (int) $nPageID; $aData = $this->db->one_array('SELECT title, mkeywords, mdescription, filename FROM ' . TABLE_PAGES . ' WHERE filename = ' . $this->db->str2sql($nRecordID) . ' LIMIT 1'); if (empty($aData)) { Errors::httpError(404); } //get page content $aData['content'] = CDir::getFileContent(PAGES_PATH . $aData['filename'] . PAGES_EXTENSION); config::set(array('title' => $aData['title'] . ' | ' . config::get('title', ''), 'mkeywords' => $aData['mkeywords'], 'mdescription' => $aData['mdescription'])); if ($aData['content'] === false) { Errors::httpError(404); } $aData['menu'] = bff::i()->Sitemap_getmenu('info', 'all-sub'); // echo '<pre>', print_r($aData['menu'], true), '</pre>'; exit; $this->tplAssign('aData', $aData); return $this->tplFetch('page.tpl'); }
public function init() { parent::init(); if (!func::extensionLoaded('apc')) { throw new Exception('CApcCache requires PHP apc extension to be loaded.'); } }
function ajax() { if (!$this->haveAccessTo('edit') || !bff::$isAjax) { $this->ajaxResponse(Errors::ACCESSDENIED); } switch (func::GET('act')) { case 'del': $nContactID = func::POST('rec', false, true); if ($nContactID <= 0) { $this->ajaxResponse(Errors::IMPOSSIBLE); } $this->db->execute('DELETE FROM ' . TABLE_CONTACTS . ' WHERE id = ' . $nContactID); $this->ajaxResponse(Errors::SUCCESSFULL); break; case 'send': $nType = func::POST('type', false, true); switch ($nType) { case CONTACTS_TYPE_CONTACT: // break; } $this->ajaxResponse(Errors::IMPOSSIBLE); break; } $this->ajaxResponse(Errors::IMPOSSIBLE); }
function create() { if (!FORDEV) { return $this->showAccessDenied(); } $aData = $this->input->postm(array('title' => TYPE_STR, 'type' => TYPE_UINT, 'keyword' => TYPE_STR)); if (bff::$isPost) { if (empty($aData['title'])) { $this->errors->set(_t('services', 'Название услуги указано некорректно')); } if (empty($aData['keyword'])) { $this->errors->set(_t('services', 'Keyword услуги указан некорректно')); } else { $aKeywordExists = $this->db->one_array('SELECT id, title FROM ' . TABLE_SERVICES . ' WHERE keyword = ' . $this->db->str2sql($aData['keyword'])); if (!empty($aKeywordExists)) { $this->errors->set(_t('services', 'Указанный keyword уже используется услугой "[title]"', array('title' => $aKeywordExists['title']))); } } if ($this->errors->no()) { $aSettings = array(); $aSettings = serialize($aSettings); $res = $this->db->execute('INSERT INTO ' . TABLE_SERVICES . ' (type, keyword, title, settings, enabled) VALUES(' . $aData['type'] . ', :keyword, :title, :settings, 1)', array(':keyword' => $aData['keyword'], ':title' => $aData['title'], ':settings' => $aSettings)); $this->adminRedirect(!empty($res) ? Errors::SUCCESS : Errors::IMPOSSIBLE, 'settings'); } $aData = func::array_2_htmlspecialchars($aData, array('title', 'keyword')); } return $this->tplFetchPHP($aData, 'admin.create.php'); }
function requireAdmin() { global $service, $session; if (isAdmin()) return true; if (empty($session['id']) || !isLoggedIn()) requireLogin(); func::printError(_t('이 페이지에 접근할 권한이 없습니다.')); requireLogin(); }
function getuserinfo($userid) { global $db, $cfg; $row_poster = $db->qry_first("SELECT username, type, avatar_path, signature FROM %prefix%user WHERE userid=%int%", $userid); $count_rows = $db->qry_first("SELECT COUNT(*) AS posts FROM %prefix%board_posts WHERE userid = %int%", $userid); $html_image = '<img src="%s" alt="%s" border="0">'; $user["username"] = $row_poster["username"]; $user["avatar"] = func::chk_img_path($row_poster["avatar_path"]) ? sprintf($html_image, $row_poster["avatar_path"], "") : ""; $user["signature"] = $row_poster["signature"]; if ($cfg['board_ranking'] == TRUE) { $user["rank"] = getboardrank($count_rows["posts"]); } $user["posts"] = $count_rows["posts"]; switch ($row_poster["type"]) { case 1: $user["type"] = t('Benutzer'); break; case 2: $user["type"] = t('Organisator'); break; case 3: $user["type"] = t('Superadmin'); break; } return $user; }
/** загрузка(сохранение/обновление) аватара * @param integer ID записи * @param boolean удалять предыдущий аватар * @return имя файла успешно загруженной аватары | false */ function update($nRecordID, $bDeletePrevious = false, $bDoUpdateQuery = false) { global $oDb; if ($nRecordID && !empty($_FILES) && $_FILES[$this->input]['error'] == UPLOAD_ERR_OK) { $oUpload = new Upload($this->input, false); $aImageSize = getimagesize($_FILES[$this->input]['tmp_name']); if ($oUpload->isSuccessfull() && $aImageSize !== FALSE && in_array($aImageSize[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) { if ($bDeletePrevious) { $this->delete($nRecordID, false); } $sExtension = func::image_type_to_extension($aImageSize[2], false); $sFilename = Func::generateRandomName($this->filenameLetters, true, true) . '.' . $sExtension; //проверяем размер файла if (!$oUpload->checkSize($this->maxsize)) { return false; } //создаем thumbnail $oThumb = new thumbnail($_FILES[$this->input]['tmp_name']); $oThumb->jpeg_quality(85); $oThumb->crop_proportionaly(1, 1, 'middle', 'center'); $oThumb->createTumbnail_if_more_then($this->path . $nRecordID . '_' . $sFilename, $this->width, $this->height, true); @unlink($_FILES[$this->input]['tmp_name']); if ($bDoUpdateQuery) { $oDb->execute("UPDATE {$this->table} \n SET {$this->fieldAvatar} =" . $oDb->str2sql($sFilename) . "\n WHERE {$this->fieldID} = {$nRecordID} "); } return $sFilename; } } return false; }
function getAsArray($names) { global $database, $db; $names = explode(',',$names); if (!$data = $db->queryAll('SELECT name, value FROM '.$database['prefix'].'ServiceSettings WHERE name IN ('.func::implode_string(',',$names).')',MYSQL_ASSOC)) return false; $result = array(); foreach($names as $name) { $result[trim($name)] = ''; } foreach($data as $item) { $result[$item['name']] = $item['value']; } return $result; }
function users() { if (!$this->haveAccessTo('ban')) { return $this->showAccessDenied(); } $aData = array(); if (Func::isPostMethod()) { if (Func::POST('action') == 'massdel') { $mBanID = func::POST('banid', false); $this->removeBan($mBanID); } else { $sMode = Func::POST('banmode'); if (empty($sMode)) { $sMode = 'ip'; } $ban = func::POST('ban_' . $sMode, true); $nBanPeriod = func::POST('banlength', false, true); $nBanPeriodDate = func::POST('bandate', true); $nExclude = func::POST('exclude') ? 1 : 0; $sDescription = func::POST('description', true); $sReason = func::POST('reason', true); if (!empty($ban)) { $this->createBan($sMode, $ban, $nBanPeriod, $nBanPeriodDate, $nExclude, $sDescription, $sReason); $this->adminRedirect(Errors::SUCCESSFULL, 'users'); } } } $aBanEndText = array(0 => 'бессрочно', 30 => '30 минут', 60 => '1 час', 360 => '6 часов', 1440 => '1 день', 10080 => '7 дней', 20160 => '2 недели', 40320 => '1 месяц'); /* `uid` int(11) unsigned NOT NULL default '0', `ip` varchar(40) NOT NULL default '', `email` varchar(100) NOT NULL default '', `started` int(11) unsigned NOT NULL default '0', `finished` int(11) unsigned NOT NULL default '0', `exclude` tinyint(1) unsigned NOT NULL default '0', `description` varchar(255) NOT NULL default '', `reason` varchar(255) NOT NULL default '', `status` tinyint(1) unsigned NOT NULL default '0', */ $aData['bans'] = $this->db->select('SELECT B.* FROM ' . TABLE_USERS_BANLIST . ' B WHERE (B.finished >= ' . time() . ' OR B.finished = 0) ORDER BY B.ip, B.email'); foreach ($aData['bans'] as $key => &$ban) { $timeLength = $ban['finished'] ? ($ban['finished'] - $ban['started']) / 60 : 0; $ban['till'] = isset($aBanEndText[$timeLength]) ? $aBanEndText[$timeLength] : ''; $ban['finished_formated'] = date('Y-m-d H:i:s', $ban['finished']); //0000-00-00 00:00:00 } $this->tplAssign('aData', $aData); $this->adminCustomCenterArea(); return $this->tplFetch('admin.listing.tpl'); }
function group_edit() { if (!FORDEV && !$this->manageNonSystemGroups) { return $this->showAccessDenied(); } if (!$this->haveAccessTo('groups-edit')) { return $this->showAccessDenied(); } $aData = array(); if (!($nGroupID = $this->input->id())) { $this->adminRedirect(Errors::IMPOSSIBLE, 'group_listing'); } $aGroupInfo = $this->getGroup($nGroupID); if ($aGroupInfo && $aGroupInfo['issystem'] && !FORDEV) { return $this->showAccessDenied(); } if (func::isPostMethod()) { $this->input->postm(array('title' => TYPE_STR, 'keyword' => TYPE_STR, 'adminpanel' => TYPE_BOOL, 'color' => TYPE_STR, 'issystem' => TYPE_BOOL), $aData); if (!$aData['title']) { $this->errors->set('no_group_title'); } if (empty($aData['keyword'])) { $this->errors->set('no_group_keyword'); } else { $aData['keyword'] = mb_strtolower($aData['keyword']); if ($this->isGroupKeywordExists($aData['keyword'])) { $this->errors->set('group_keyword_exists'); } } if (empty($aData['color'])) { $aData['color'] = '#000'; } if ($this->errors->no()) { $sQueryAdd = ''; if (isset($aData['keyword']) && $aData['keyword']) { $sQueryAdd .= ' keyword = ' . $this->db->str2sql($aData['keyword']) . ', '; } $this->db->execute('UPDATE ' . TABLE_USERS_GROUPS . ' SET title = ' . $this->db->str2sql($aData['title']) . ', color = ' . $this->db->str2sql($aData['color']) . ', adminpanel = ' . $aData['adminpanel'] . ', ' . (FORDEV ? 'issystem = ' . $this->db->str2sql($aData['issystem']) . ', ' : '') . ' ' . $sQueryAdd . ' modified = ' . $this->db->getNOW() . ' WHERE group_id=' . $nGroupID); $this->adminRedirect(Errors::SUCCESSFULL, 'group_listing'); } } else { $aData = $aGroupInfo; } $aData['deletable'] = !in_array($nGroupID, array(self::GROUPID_MEMBER, self::GROUPID_MODERATOR, self::GROUPID_SUPERADMIN)); $this->tplAssign('aData', $aData); return $this->tplFetch('admin.group.form.tpl', PATH_CORE . 'modules/users/tpl/' . LANG_DEFAULT . '/'); }
/** * Сохранение файла изображения * @param string путь для сохранения * @param integer ID объекта * @param array данные о загрузке */ function saveImageFileCustom($sPath, $nID, $aUploadData) { $sFilename = func::generator(12) . '.' . $aUploadData['ext']; $oThumb = new CThumbnail($aUploadData['tmp_name'], false); $aSave = array(); $aSave[] = array('filename' => $sPath . $nID . 's' . $sFilename, 'width' => 74, 'height' => 74, 'autofit' => true, 'crop_h' => 'center', 'crop_v' => 'center', 'quality' => 90); $aSave[] = array('filename' => $sPath . $nID . 't' . $sFilename, 'width' => 102, 'height' => 102, 'autofit' => true, 'crop_h' => 'center', 'crop_v' => 'center', 'quality' => 90); $aSave[] = array('filename' => $sPath . $nID . $sFilename, 'width' => 600, 'height' => 480, 'autofit' => true, 'crop_h' => 'center', 'crop_v' => 'center', 'quality' => 90); if (!$oThumb->save($aSave)) { return false; } return $sFilename; }
public function executeMainPageTrigger(sfWebRequest $request) { sfApplicationConfiguration::getActive()->loadHelpers(array('Partial')); $this->filename = 'error'; $post = Doctrine::getTable('Post')->find(array($this->getRequestParameter('post_id'))); $admin = sfGuardUser::getAdminUser(); if ($admin && $admin->getProfile()->getUsecrossposting() && urldecode($this->getRequestParameter('login')) == $admin->getProfile()->getLjlogin() && urldecode($this->getRequestParameter('pass')) == $admin->getProfile()->getLjpassword() && $post != null) { if (!$post->getLj() && $post->getRating() >= sfConfig::get('app_post_mainpage_threshold')) { func::crossposting($admin->getProfile()->getLjlogin(), $admin->getProfile()->getLjpassword(), get_partial('post/post_lj', array('post' => $post, 'showUsername' => 1)), $post->getMoodNameI18N(), $post->getMoodSmile()); $post->setLj(1); $post->save(); $this->filename = 'ok'; } } return $this->renderPartial('upload', array('filename' => $this->filename)); }
public function detectLang() { $lng = !empty($_GET[LANG_VAR]) ? $_GET[LANG_VAR] : (!empty($_POST[LANG_VAR]) ? $_POST[LANG_VAR] : false); if ($lng) { //инициировали смену языка func::setCOOKIE(LANG_VAR, $lng); } else { $lng = isset($_COOKIE[LANG_VAR]) ? $_COOKIE[LANG_VAR] : false; } if (!$lng) { $lng = $this->defaultLanguage; func::setCOOKIE(LANG_VAR, $lng); } $this->currentLanguage = $lng; $this->detected = true; return $lng; }
function FetchDataRow($username) { global $func, $dsp, $line; $html_image = '<img src="%s" alt="%s" border="0">'; $avatar = func::chk_img_path($line['avatar_path']) ? sprintf($html_image, $line['avatar_path'], t('Avatar')) : ''; if ($line['userid']) { $ret .= $dsp->FetchUserIcon($line['userid'], $username); } else { $ret = '<i>' . t('Gast') . '</i>'; } $ret .= HTML_NEWLINE; $ret .= $func->unixstamp2date($line['date'], datetime) . HTML_NEWLINE; if ($avatar) { $ret .= $avatar . HTML_NEWLINE; } return $ret; }
static function SendQueue($sType, $aParams) { global $oDb; $time = time(); switch ($sType) { case 'subscribe': $res = $oDb->execute('INSERT INTO ' . TABLE_ENOTIFY_SUBSCRIBE . ' (user_id, created) VALUES(' . $aParams['user_id'] . ', ' . $time . ') '); if (empty($res)) { func::log('Ошибка sql-запроса CMail::SendQueue(' . $sType . ', uid=' . $aParams['user_id'] . '); '); return false; } return true; break; } return false; }
function createMap() { global $database, $db; func::mkpath($this->cacheDir); if (!is_dir($this->cacheDir) || !is_writable($this->cacheDir)) return false; requireComponent('LZ.PHP.XMLStruct'); requireComponent('LZ.PHP.XMLWriter'); $case = array(); $program = array(); $xmls = new XMLStruct; $db->query("SELECT domain, program FROM {$database['prefix']}Exports WHERE status='on' ORDER BY id ASC"); // 활성화 된 플러그인 목록 while ($data = $db->fetch()) { if (!$xmls->openFile(ROOT . '/exports/'. $data->program . '/index.xml')) continue; for ($i=1; $func=$xmls->getValue("/export/binding/listener[$i]"); $i++) { $action = $xmls->getAttribute("/export/binding/listener[$i]", 'action'); if (!isset($case[$data->domain])) $case[$data->domain] = array(); if (!isset($program[$data->domain])) $program[$data->domain] = $data->program; array_push($case[$data->domain], array("program"=>$data->program, "action"=> $action, "listener"=>$func)); } } // bloglounge $xml = new XMLFile($this->cacheDir.'/export_1.xml.php'); $xml->startGroup('map'); foreach ($case as $domain=>$binders) { $xml->startGroup('event', array('domain'=>$domain, 'program'=>$program[$domain])); foreach ($binders as $bind) { $xml->write('bind', $bind['listener'], false, array('action'=>$bind['action'])); } $xml->endGroup(); } $xml->endAllGroups(); $xml->close(); return true; }
function write() { if (bff::$isAjax) { $nUserID = $this->security->getUserID(); $p = $this->input->postm(array('email' => TYPE_STR, 'phone' => TYPE_NOHTML, 'message' => TYPE_NOHTML, 'captcha' => TYPE_STR)); if (!$nUserID) { if (empty($p['email']) || !Func::IsEmailAddress($p['email'])) { $this->errors->set('wrong_email'); } } $p['phone'] = func::cleanComment($p['phone']); if (empty($p['phone'])) { $this->errors->set('no_phone'); } $p['message'] = func::cleanComment($p['message']); if (empty($p['message'])) { $this->errors->set('no_message'); } if (!$nUserID) { $oProtection = new CCaptchaProtection(); if (!$oProtection->valid(isset($_SESSION['c2']) ? $_SESSION['c2'] : '', $p['captcha'])) { $this->errors->set('wrong_captcha'); } } if ($this->errors->no()) { unset($_SESSION['c2']); $this->db->execute('INSERT INTO ' . TABLE_CONTACTS . ' (user_id, email, phone, message, created) VALUES (' . $nUserID . ', ' . $this->db->str2sql($p['email']) . ', ' . $this->db->str2sql($p['phone']) . ', ' . $this->db->str2sql(nl2br($p['message'])) . ', ' . $this->db->getNOW() . ')'); $nRecordID = $this->db->insert_id(TABLE_CONTACTS, 'id'); if ($nRecordID) { config::saveCount('contacts_new', 1); bff::sendMailTemplate(array('user' => !$nUserID ? 'Аноним' : $this->security->getUserEmail(), 'email' => !$nUserID ? $p['email'] : $this->security->getUserEmail(), 'phone' => $p['phone'], 'message' => nl2br($p['message'])), 'admin_contacts', config::get('mail_admin', BFF_EMAIL_SUPPORT)); } } $this->ajaxResponse(Errors::SUCCESS); } config::set('title', 'Связь с редактором - ' . config::get('title', '')); return $this->tplFetch('write.tpl'); }
/** загрузка(сохранение/обновление) скриншота * @param integer ID записи * @param boolean удалять предыдущий скриншот * @return имя файла успешно загруженного скриншота | false */ function update($nRecordID, $bDeletePrevious = false, $bDoUpdateQuery = false) { global $oDb; if ($nRecordID && !empty($_FILES) && $_FILES[$this->input]['error'] == UPLOAD_ERR_OK) { $oUpload = new Upload($this->input, false); $aImageSize = getimagesize($_FILES[$this->input]['tmp_name']); if ($oUpload->isSuccessfull() && $aImageSize !== FALSE && in_array($aImageSize[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) { if ($bDeletePrevious) { $this->delete($nRecordID, false); } $sExtension = func::image_type_to_extension($aImageSize[2], false); $sFilename = Func::generateRandomName($this->filenameLetters, true, true) . '.' . $sExtension; //проверяем размер файла if (!$oUpload->checkSize($this->maxsize)) { return false; } //создаем thumbnail $oThumb = new thumbnail($_FILES[$this->input]['tmp_name']); $oThumb->jpeg_quality(85); $bFileMoved = false; foreach ($this->sizes as $s) { if (!empty($s['original'])) { $oUpload->save($this->path, $nRecordID . '_' . $s['p'] . $sFilename, false, false); $bFileMoved = true; break; } $oThumb->createTumbnail_if_more_then($this->path . $nRecordID . '_' . $s['p'] . $sFilename, $s['w'], $s['h'], isset($s['autofit']) ? $s['autofit'] : true); } if (!$bFileMoved) { @unlink($_FILES[$this->input]['tmp_name']); } if ($bDoUpdateQuery) { $oDb->execute("UPDATE {$this->table} \n SET {$this->fieldPreview} =" . $oDb->str2sql($sFilename) . "\n WHERE {$this->fieldID} = {$nRecordID}"); } return $sFilename; } } return false; }
function getBBSCategories($aSelectedID = array(), $bOptions = false) { if (!is_array($aSelectedID)) { $aSelectedID = array($aSelectedID); } bff::i()->GetModule('bbs'); $aCats = $this->db->select('SELECT id, title, 0 as disabled FROM ' . TABLE_BBS_CATEGORIES . ' WHERE numlevel=1 ORDER BY numleft'); if ($bOptions) { $sOptions = ''; array_unshift($aCats, array('id' => 0, 'title' => 'любой', 'disabled' => 0), array('id' => -2, 'title' => '------------------------', 'disabled' => 1), array('id' => 1, 'title' => 'Все разделы сайта', 'disabled' => 0)); foreach ($aCats as $v) { $sOptions .= '<option value="' . $v['id'] . '" class="' . ($v['id'] == 0 || $v['id'] == 1 ? 'bold' : '') . '" ' . ($v['id'] == -2 ? 'disabled' : '') . ' ' . (in_array($v['id'], $aSelectedID) ? ' selected="selected"' : '') . '>' . $v['title'] . '</option>'; } } else { array_unshift($aCats, array('id' => 1, 'title' => 'Все разделы сайта')); $sCheckbox = ''; foreach ($aCats as $v) { $sCheckbox .= '<label><input type="checkbox" name="cat[]" class="catcheck ' . ($v['id'] == 1 ? 'all bold' : 'cat') . '" value="' . $v['id'] . '"' . (in_array($v['id'], $aSelectedID) ? ' checked="checked"' : '') . '/> ' . $v['title'] . '</label><br/>'; } } $aCats = func::array_transparent($aCats, 'id', true); return array('cats' => $aCats, 'options' => !empty($sOptions) ? $sOptions : '', 'checks' => !empty($sCheckbox) ? $sCheckbox : ''); }
$response['error'] = 1; $response['message'] = _t('관리자만이 이 기능을 사용할 수 있습니다.'); } else { $response['error'] = 1; $pluginName = $_POST['plugin']; $ting = (isset($_POST['ting']) && !empty($_POST['ting'])) ? Validator::getBool($_POST['ting']) : null; if (!preg_match('/^[A-Za-z0-9 _-]+$/', $pluginName)) { $response['message'] = _t('잘못된 플러그인 이름입니다'); func::printRespond($response); } if (!is_dir(ROOT . '/plugins/'.$pluginName)) { $response['message'] = _t('플러그인이 존재하지 않습니다'); func::printRespond($response); } if (!file_exists(ROOT . '/plugins/'.$pluginName.'/index.xml')) { $response['message'] = _t('플러그인 정보를 찾을 수 없습니다'); func::printRespond($response); } if (Plugin::activate($pluginName, $ting)) $response['error'] = 0; } func::printRespond($response); ?>
echo $aData['url_listing']; ?> &owner=<?php echo $aData['owner_id']; ?> "><?php echo $aData['owner_title']; ?> </a> → <span class="bold">динамические свойства</span> </div> <div class="right"> <?php if (false && $this->inherit === 1) { $vis = !func::getCOOKIE(BFF_COOKIE_PREFIX . 'bbs_dynprop_inh'); ?> <a href="#" class="ajax desc">скрыть наследуемые</a> <?php } ?> </div> <div class="clear-all"></div> </div> <table class="admtbl tblhover" id="dynprop_listing"> <tr class="header nodrag nodrop"> <?php if (FORDEV) { ?> <th width="30">DF</th><?php
statusResult[<?php echo Bills::statusCompleted; ?> ] = '<span style="color:green;">завершен</span>'; statusResult[<?php echo Bills::statusCanceled; ?> ] = '<span style="color:#666;">отменен</span>'; var $progress, $list, $listPgn, filters; var url = '<?php echo $this->adminCreateLink('listing'); ?> '; var orders = <?php echo func::php2js($orders); ?> ; var orderby = '<?php echo $f['order_by']; ?> '; var status = <?php echo $f['status']; ?> ; var _processing = false; $(function(){ $progress = $('#j-bills-progress'); $list = $('#j-bills-list');
</div> <div class="clear"></div> <div class="padTop">Ccылка на сайт:</div> <div class="padTop"><input type="text" class="inputText2" name="contacts[site]" value="http://<?php echo $contacts_site; ?> " style="width:427px;" /></div> </div> <div class="padBlock"> <div class="caption">Текст вашего объявления при публикации</div> <div class="textDiv"><textarea class="adText" id="edit-ad-text" name="descr" readonly="readonly"><?php echo $descr; ?> </textarea></div> <div class="simbol">Осталось: <span class="orange" id="edit-ad-text-counter"><?php echo func::declension($add_config['adtxt_limit'], array('символ', 'символа', 'символов')); ?> </span></div> </div> <div class="padBlock"> <div class="caption left">Фотографии</div> <div class="left" style="margin:-3px 0 0 10px;"><span id="edit-images-button"></span></div> <div class="left progress hidden" style="margin-top: 4px;" id="edit-images-progress"></div> <div class="button photoBt hidden"> <span class="left"> </span> <input type="button" value="загрузить фото" /> </div> <div class="clear"></div> <div class="padTop"> <input type="hidden" name="imgfav" id="edit-images-fav" value="<?php echo $imgfav;
<li class="sep"></li> <li class="<?php echo $value=='blind'?'selected':'';?>"><span><a href="<?php echo $service['path'];?>/admin/setting/blind"><?php echo _t("블라인드");?></a></span></li> <li class="sep"></li> <li class="lastChild <?php echo $value=='etc'?'selected':'';?>"><span><a href="<?php echo $service['path'];?>/admin/setting/etc"><?php echo _t("그외설정");?></a></span></li> <?php func::printPluginMenu('setting',$value); ?> </ul> <?php } else { ?> <!-- user --> <ul id="submenu_user" class="submenu_user<?php echo $action=='user'?' viewed':'';?>"> <li class="lastChild <?php echo $value=='myinfo'?'selected':'';?>"><span><a href="<?php echo $service['path'];?>/admin/user/myinfo"><?php echo _t("내 정보수정");?></a></span></li> <?php func::printPluginMenu('user',$value); ?> </ul> <?php } ?> </div> <!-- wrap close --> </div> <!-- submenu close --> <div id="submenu2"> <div class="wrap"> <div id="project_message"> <ul> <?php if($is_admin) { ?>
<body style="background:transparent;"> <?php $config = new Settings; $requests = array(); $requests['title'] = $db->escape($_POST['title']); $requests['description'] = $db->escape($_POST['description']); if (isset($_POST['delLogo'])) { $requests['logo'] = ''; @unlink(ROOT.'/cache/logo/'.$config->logo); } $config->setWithArray($requests); if(!empty($_FILES['logoFile']['tmp_name']) && !isset($_POST['delLogo'])){ if (!Validator::enum(func::getExt($_FILES['logoFile']['name']), 'gif,jpg,png')) { echo '<script type="text/javascript">parent.addMessage("'._t('로고는 GIF, JPG, PNG 형식의 파일만 가능합니다').'");</script>'; exit; } else { $path = ROOT . '/cache/logo'; if (!is_dir($path)) { mkdir($path); if (!is_dir($path)) { echo '<script type="text/javascript">parent.addMessage("'._t('로고 이미지를 업로드 할 수 없었습니다').'");</script>'; exit; } @chmod($path, 0777); } if (file_exists($path . '/'. basename($_FILES['logoFile']['name']))) { $filename = substr(md5(time()), -1, 8).$_FILES['logoFile']['name'];
// For XHTML compatibility @ini_set('arg_separator.output', '&'); ### load $_POST and $_GET variables // Fallback for PHP < 4.1 (still needed?) if (!is_array($_POST)) { $_POST = $HTTP_POST_VARS; } if (!is_array($_GET)) { $_GET = $HTTP_GET_VARS; } if (!is_array($_COOKIE)) { $_COOKIE = $HTTP_COOKIE_VARS; } // Base Functions (anything that doesnt belong elsewere) require_once "inc/classes/class_func.php"; $func = new func(); // Prevent XSS foreach ($_GET as $key => $val) { if (!is_array($_GET[$key])) { $_GET[$key] = $func->NoHTML($_GET[$key], 1); } else { foreach ($_GET[$key] as $key2 => $val2) { if (!is_array($_GET[$key][$key2])) { $_GET[$key][$key2] = $func->NoHTML($_GET[$key][$key2], 1); } else { foreach ($_GET[$key][$key2] as $key3 => $val3) { $_GET[$key][$key2][$key3] = $func->NoHTML($_GET[$key][$key2][$key3], 1); } } } }
function ajax() { if (!bff::$isAjax) { $this->ajaxResponse(Errors::ACCESSDENIED); } $nBillID = $this->input->post('bid', TYPE_UINT); switch (func::GET('act')) { case 'user-autocomplete': $sQ = $this->input->post('q', TYPE_STR); //получаем список подходящих по логину пользователей, исключая: // - неактивированных пользователей $aResult = $this->db->select('SELECT U.user_id as id, U.login FROM ' . TABLE_USERS . ' U WHERE U.activated = 1 AND U.login LIKE (' . $this->db->str2sql("{$sQ}%") . ') ORDER BY U.login LIMIT 12'); $aUsers = array(); foreach ($aResult as $u) { $aUsers[$u['id']] = $u['login']; } unset($aResult); $this->ajaxResponse($aUsers); break; /** * Изменение статуса счета: * @param integer $nStatus ID статуса, допустимые: завершен, отменен */ /** * Изменение статуса счета: * @param integer $nStatus ID статуса, допустимые: завершен, отменен */ case 'status': if (!$this->haveAccessTo('edit')) { $this->ajaxResponse(Errors::ACCESSDENIED); } if (!$nBillID) { $this->ajaxResponse(Errors::IMPOSSIBLE); } $nStatus = $this->input->post('status', TYPE_UINT); if (!in_array($nStatus, array(self::statusCompleted, self::statusCanceled))) { $this->ajaxResponse(Errors::IMPOSSIBLE); } $aBill = $this->db->one_array('SELECT user_id, type, status, amount FROM ' . TABLE_BILLS . ' WHERE id=' . $nBillID . ' LIMIT 1'); if (!$aBill) { $this->ajaxResponse(Errors::IMPOSSIBLE); } $res = $this->changeBillStatus($nBillID, $nStatus, $aBill['status']); if ($res) { // обновляем баланс пользователя // в случае закрытия счета типа: "пополнение счета" if ($aBill['type'] == self::typeInPay && $nStatus == self::statusCompleted) { $this->updateBalance($aBill['user_id'], $aBill['amount'], '+'); } } $this->ajaxResponse(array('status' => $nStatus)); break; /** * Проверка состояния счета: * 1) webmoney - X18 интерфейс */ /** * Проверка состояния счета: * 1) webmoney - X18 интерфейс */ case 'check': if (!$this->haveAccessTo('edit')) { $this->ajaxResponse(Errors::ACCESSDENIED); } if (!$nBillID) { $this->ajaxResponse(Errors::IMPOSSIBLE); } $aBill = $this->getBill($nBillID); if (!$aBill) { $this->ajaxResponse(Errors::IMPOSSIBLE); } switch ($aBill['psystem']) { case self::psystemWMZ: case self::psystemWME: case self::psystemWMR: case self::psystemWMU: # Интерфейс запроса статуса платежа X18 $sResponse = ''; $wmid = config::get('ps_webmoney_id'); $lmi_payee_purse = $this->getWebmoneyPurse($aBill['psystem']); // кошелек-получатель, на который совершался платеж $md5 = strtoupper(md5($wmid . $lmi_payee_purse . $nBillID . $this->getWebmoneyPurseSecret($aBill['psystem']))); # т.к. используется хеш, то 2 других метода авторизации - sign и secret_key - оставляем пустыми $request = "<merchant.request> \n <wmid>{$wmid}</wmid> \n <lmi_payee_purse>{$lmi_payee_purse}</lmi_payee_purse> \n <lmi_payment_no>{$nBillID}</lmi_payment_no> \n <sign></sign><md5>{$md5}</md5><secret_key></secret_key> \n </merchant.request>"; $ch = curl_init("https://merchant.webmoney.ru/conf/xml/XMLTransGet.asp"); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $request); // curl_setopt($ch, CURLOPT_CAINFO, "/path/to/verisign.cer"); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $result = curl_exec($ch); curl_close($ch); $xmlres = simplexml_load_string($result); // смотрим результат выполнения запроса $retval = strval($xmlres->retval); if ($retval == -8) { $sResponse = "Платеж №<b>{$nBillID}</b> не проводился"; } elseif ($retval != 0) { // если результат не равен -8 и не равен 0, то возникла ошибка при обработке запроса $sResponse = "Запрос составлен некорректно ({$retval})"; } else { // если результат равен 0, то платеж с таким номером проведен $wmtranid = strval($xmlres->operation->attributes()->wmtransid); $date = strval($xmlres->operation->operdate); $payer = strval($xmlres->operation->pursefrom); $ip = strval($xmlres->operation->IPAddress); $sResponse = "Платеж №<b>{$nBillID}</b> завершился успешно.<br /> \n Он был произведен {$date} с кошелька {$payer}.<br /> \n Плательщик использовал IP-адрес {$ip}.<br /> \n WM-транзакции присвоен идентификатор {$wmtranid}."; } $this->ajaxResponse($sResponse); break; case self::psystemRobox: if (!config::get('ps_robox_on', 0)) { $this->ajaxResponse(Errors::IMPOSSIBLE); } $robox_login = config::get('ps_robox_login'); $robox_pass2 = config::get('ps_robox_pass2'); $request = 'https://merchant.roboxchange.com/WebService/Service.asmx/OpState?MerchantLogin='******'&InvoiceID=' . $nBillID . '&Signature=' . md5($robox_login . ':' . $nBillID . ':' . $robox_pass2); $ch = curl_init($request); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $result = curl_exec($ch); curl_close($ch); /** <?xml version="1.0" encoding="utf-8" ?> <OperationStateResponse xmlns="http://merchant.roboxchange.com/WebService/"> <Result> <Code>integer</Code> <Description>string</Description> </Result> <State> <Code>integer</Code> <RequestDate>datetime</RequestDate> <StateDate>datetime</StateDate> </State> <Info> <IncCurrLabel>string</IncCurrLabel> <IncSum>decimal</IncSum> <IncAccount>string</IncAccount> <PaymentMethod> <Code>string</Code> <Description>string</Description> </PaymentMethod> <OutCurrLabel>string</OutCurrLabel> <OutSum>decimal</OutSum> </Info> </OperationStateResponse> */ $xml = simplexml_load_string($result); // смотрим результат выполнения запрос $sResponse = ''; if (empty($result)) { $sResponse = 'Ошибка ответа сервера Robox'; } elseif (intval($xml->Result->Code) != 0) { $sResponse = strval($xml->Result->Description); } else { $sResponse = ''; // состояние счета $sState = '?'; switch (intval($xml->State->Code)) { case 5: $sState = 'Операция только инициализирована, деньги от покупателя не получены'; break; case 10: $sState = 'Операция отменена, деньги от покупателя не были получены'; break; case 50: $sState = 'Деньги от покупателя получены, производится зачисление денег на счет магазина'; break; case 60: $sState = 'Деньги после получения были возвращены покупателю'; break; case 80: $sState = 'Исполнение операции приостановлено'; break; case 100: $sState = 'Операция выполнена, завершена успешно'; break; } $sResponse = 'Состояние: ' . $sState . ' (' . date('d.m.Y H:i:s', strtotime(strval($xml->State->StateDate))) . ')<br/>'; //информация об операции $sResponse .= ' Способ оплаты: <b>' . strval($xml->Info->PaymentMethod->Description) . '</b>, <br/> Сумма уплаченная клиентом: <b>' . strval($xml->Info->IncSum) . ' ' . strval($xml->Info->IncCurrLabel) . '</b>, <br/> Аккаунт клиента в системе оплаты: <b>' . strval($xml->Info->IncAccount) . '</b>, <br/> Сумма отправленная ' . SITEHOST . ': <b>' . strval($xml->Info->OutSum) . ' ' . strval($xml->Info->OutCurrLabel) . '</b>'; } $this->ajaxResponse($sResponse); break; } break; case 'extra': if (!$nBillID) { $this->ajaxResponse(Errors::IMPOSSIBLE); } $aResponse = array('extra' => $this->db->one_data('SELECT details FROM ' . TABLE_BILLS . ' WHERE id=' . $nBillID . ' LIMIT 1')); $this->ajaxResponse($aResponse); break; } $this->ajaxResponse(Errors::IMPOSSIBLE); }
<?php include(dirname(dirname(dirname(__FILE__))) . '/app.php'); need_manager(); need_auth('market'); include('./public_func.php'); $func = new func(); //显示灯鹭设置页面上是文字 $arr_cache[] = $func->show_onoff('denglu_top',$denglu_cache['denglu_top'],$Dlang['denglu_top'],$Dlang['denglu_top_comment']); $arr_cache[] = $func->show_onoff('denglu_force_bind',$denglu_cache['denglu_force_bind'],$Dlang['denglu_force_bind'],$Dlang['denglu_force_bind_comment']); $arr_cache[] = $func->show_onoff('denglu_login_syn',$denglu_cache['denglu_login_syn'],$Dlang['denglu_login_syn'],$Dlang['denglu_login_syn_comment']); // $arr_cache[] = show_onoff('denglu_ignore_checkmail',$denglu_cache['denglu_ignore_checkmail'],$Dlang['denglu_ignore_checkmail'],$Dlang['denglu_ignore_checkmail_comment']); // $arr_cache[] = show_onoff('denglu_syn_source',$denglu_cache['denglu_syn_source'],$Dlang['denglu_syn_source'],$Dlang['denglu_syn_source_comment']); // $arr_cache[] = $func->show_onoff('denglu_syn_goods',$denglu_cache['denglu_syn_goods'],$Dlang['denglu_syn_goods'],$Dlang['denglu_syn_goods_comment']); $arr_cache[] = $func->show_onoff('denglu_syn_comment',$denglu_cache['denglu_syn_comment'],$Dlang['denglu_syn_comment'],$Dlang['denglu_syn_comment_comment']); $arr_cache[] = $func->show_input('denglu_appid',$denglu_cache['denglu_appid'],$Dlang['denglu_appid'],$Dlang['denglu_appid_comment']); $arr_cache[] = $func->show_input('denglu_appkey',$denglu_cache['denglu_appkey'],'APPKEY',$Dlang['denglu_appkey_comment']); ///////////保存设置 if($_GET['act']=='do_denglu_set'){ unset($_POST['submit']);unset($_POST['reset']); $denglu_cache = $_POST; !is_writeable(dirname(dirname(dirname(__FILE__))).'/denglu/lib') && exit($Dlang['lib_cannot_write']); $str = "<?php\r\n \$denglu_cache = ".var_export($denglu_cache,1)."\r\n\n?>"; if($fp = fopen(dirname(dirname(dirname(__FILE__))).'/denglu/lib/denglu_cache.php','wb')){ fwrite($fp,$str); }
<input type="hidden" name="feedURL" value="<?php echo $feed['xmlURL'];?>" /> <dl> <dt><?php echo _t('피드주소');?></dt> <dd class="text xml_text"><?php echo func::filterURLModel($feed['xmlURL']); ?></dd> </dl> <dl> <dt><?php echo _t('제목');?></dt> <dd class="text title_text"><?php echo stripslashes($feed['title']); ?></dd> </dl> <dl> <dt><?php echo _t('설명');?></dt> <dd class="text description_text"><?php echo stripslashes($feed['description']); ?></dd> </dl> <dl> <dt><?php echo _t('주소');?></dt> <dd class="text url_text"><?php echo func::filterURLModel($feed['blogURL']); ?> <!--<?php echo $feed['blogTool'];?>--></dd> </dl> <?php if(feed::doesExistXmlURL($feed['xmlURL'])) { ?> <div class="warning_messages_wrap"> <br /> <?php echo _t('이 블로그는 이미 등록되어 있어 재등록 하실 수 없습니다.');?> <br /><br /> <a href="#" class="normalbutton" onclick="history.back(); return false;"><span><?php echo _t('뒤로');?></span></a> </div> <?php } else { $result = $event->on('Add.getFeed', $xml); if(!is_array($result)) {