/** * Overrides the domain and category for a plural context-based lookup. */ function _dcnpgettext($domain, $context, $singular, $plural, $category) { $l10n = _get_reader($domain, $category); return _encode($l10n->npgettext($context, $singular, $plural)); }
function LOAD_ENTRIES($type) { global $online_path, $theme_path, $current_tag, $thumb_w, $thumb_h, $root, $date_format, $separator_tags, $show_empty, $nice_permalinks; $data_entries = mysql_query("SELECT * FROM core_entries e WHERE e.entry_show = 1 ORDER BY e.entry_position DESC"); while ($e = mysql_fetch_array($data_entries)) { $entry_id = $e["entry_id"]; $entry_title = $e["entry_title"]; // DATE $date = $e["entry_date"]; $y = substr($t, 0, 4); $m = substr($t, 5, 2); $d = substr($t, 8, 2); $entry_date = date($date_format, mktime(0, 0, 0, $m, $d, $y)); $entry_position = $e["entry_position"]; $entry_client = $e["entry_client"]; $entry_extra1 = $e["entry_extra1"]; $entry_extra2 = $e["entry_extra2"]; $entry_text = $e["entry_text"]; $entry_new = $e["entry_new"]; $hits = $e["hits"]; if ($entry_new == 1) { $isNew = true; } else { $isNew = false; } if ($nice_permalinks) { $entry_permalink = "{$http}" . $entry_id; } else { $entry_permalink = "{$http}" . "entry={$entry_id}"; } $data_e2t = @mysql_query("SELECT e2t.tag_id FROM core_entry2tag e2t WHERE e2t.entry_id = {$entry_id}"); $tag_str = ""; while ($e2t = @mysql_fetch_array($data_e2t)) { $tag_id = $e2t["tag_id"]; $data_tags = @mysql_query("SELECT t.tag_text FROM core_tags t WHERE t.tag_id = {$tag_id} ORDER BY t.tag_position DESC"); while ($t = @mysql_fetch_array($data_tags)) { $tag_text = $t["tag_text"]; $tt_friendly = _encode($tag_text); $tag_str = $tag_str . "<a class=\"tag-link\" name=\"tag" . $tag_id . "\" href=\"#tag-" . $tt_friendly . "\">" . $tag_text . "</a>" . $separator_tags; } } $entry_tags = substr($tag_str, 0, strlen($tag_str) - strlen($separator_tags)); if ($type == "THUMBS") { $folder = treat_string($entry_title); $r_str = $root . "user/uploads/" . $folder; $f_str = "core/user/uploads/" . $folder; $arr = search_folder($r_str); if ($arr || $show_empty) { $img = false; $thumb = false; foreach ($arr as $f) { if (strstr($f, "_thumb")) { $thumb = $f; } if (!$thumb) { if (detect_type($f) == "image") { $img = $f; } } } if ($thumb) { $entry_thumb = "{$f_str}/{$thumb}"; } elseif ($img) { $entry_thumb = "core/functions/phpThumb/phpThumb.php?src=/{$online_path}/{$f_str}/{$img}&w={$thumb_w}&h={$thumb_h}&zc=1&f=png"; } require $theme_path . "parts/entry_link_thumbs.php"; } } elseif ($type == "LIST") { $arr = search_folder($root . "user/uploads/" . treat_string($entry_title)); if ($arr || $show_empty) { require $theme_path . "parts/entry_link.php"; } } } }
echo '-><a href="index.php?' . $_GET['path'] . '">取消选择</a> <a href="index.php?' . $_SERVER['QUERY_STRING'] . '&all=yes">全部选择</a>'; echo '<form action="system.php?path=' . _encode($f['.']) . '" method="post">'; if (count($f['dir']) >= 1) { echo <<<HTML <div class="big_board"><div class="board_title">目录列表</div></div> HTML; foreach ($f['dir'] as $dir) { echo "<input type=\"checkbox\" name=\"selected[]\" value=\"" . _encode($dir) . "\" {$select}/><a href=\"dirinfo.php?path=" . _encode($dir) . "\">[dir]</a><a href=\"{$_SERVER['PHP_SELF']}?path=" . _encode($dir) . "\">" . path2name($dir) . "</a><br/>"; } } if (count($f['file']) >= 1) { echo <<<HTML <div class="big_board"><div class="board_title">文件列表</div></div> HTML; foreach ($f['file'] as $file) { echo "<input type=\"checkbox\" name=\"selected[]\" value=\"" . _encode($file) . "\" {$select}/><a href=\"fileinfo.php?path=" . _encode($file) . "\">[file]</a>" . path2name($file) . '<br/><a href="download.php?path=' . _encode($file) . '">下载</a>.<a href="editor.php?path=' . _encode($file) . '">编辑</a>.<a href="view.php?path=' . _encode($file) . '">查看</a>.<a href="rename.php?path=' . _encode($file) . '">命名</a><br/>大小:' . _filesize($file) . ' 权限:' . substr(sprintf('%o', fileperms(_decode($file))), -4) . '<br/>'; } } echo <<<HTML <select name="type"> <option value="delete">删除文件(多选)</option> <option value="pkzip">压缩文件(多选)</option> <option value="move">移动文件(多选)</option> <option value="copy">复制文件(多选)</option> <option value="chmod">权限变更(多选)</option> </select> <input type="submit" value="[Go]"/> </form> HTML; } else { echo "Hello,貌似目录是空目录耶!";
public function adminzoneopr() { $tmp = _decode($_GET['action']); $back = array('controller' => 'sites', 'action' => 'adminzone', '?' => array('action' => _encode(array('id' => $tmp['site_id'])))); $formUrl = array('controller' => 'sites', 'action' => 'adminzoneopr', '?' => array('action' => _encode(array('site_id' => $tmp['site_id'])))); $this->set('back', $back); $this->set('formUrl', $formUrl); $this->set('site_id', $tmp['site_id']); if ($this->request->data) { $this->AdminZone->set($this->request->data); if ($this->AdminZone->validates()) { $data = $this->AdminZone->save($this->request->data); $this->Session->setFlash(__('Record successfully saved.'), 'success'); $this->redirect($back); } else { $errors = $this->Site->validationErrors; } } if (isset($_GET['action'])) { $opr = _decode($_GET['action']); if (isset($opr['opr'])) { switch ($opr['opr']) { case 'delete': if ($this->AdminZone->delete(array('id' => $opr['id']))) { $this->Session->setFlash(__('Record successfully deleted.'), 'success'); } else { $this->Session->setFlash(__('Record not deleted.'), 'error'); } $this->redirect(array('controller' => 'sites', 'action' => 'adminzone', '?' => array('action' => _encode(array('id' => $tmp['site_id']))))); exit; break; } } } //Valid country list $country = array(); $query = sprintf('SELECT c.code,c.name FROM `countries` c left join valid_zones vz on vz.country = c.code where vz.status = 1'); $tmp = $this->Country->query($query); foreach ($tmp as $key => $val) { if (isset($val['c']['code']) && isset($val['c']['name'])) { $country[$val['c']['code']] = $val['c']['name']; } } $this->set('country', $country); }
exit; } header('Content-Type:text/html;charset=UTF-8'); echo <<<HTML <html> <head> <title>文件管理-编辑</title> <style type="text/css"> .big_board{background-color:#009BCE;color:#FFF;} .board_title{margin-bottom:1px;border:1px solid #09F;} </style> </head> <body> <div class="big_board"><div class="board_title">爱特文管-路径信息</div></div> HTML; echo '<a href="index.php?path=' . _encode(dirname(_decode($_GET['path']))) . '">' . dirname(_decode($_GET['path'])) . '</a>/' . basename(_decode($_GET['path'])); if ($_POST['data'] != null) { if (!get_magic_quotes_gpc()) { $_data = addslashes($_POST['data']); } else { $_data = $_POST['data']; } if (file_put_contents(_decode($_GET['path']), stripslashes($_data)) == false) { echo <<<HTML <div class="big_board"><div class="board_title">Hello,文件保存错误!</div></div> HTML; } else { echo <<<HTML <div class="big_board"><div class="board_title">Hello,文件保存成功!</div></div> HTML; }
<p class="tag-link"><a name="tag<?php echo $tag_id; ?> " href="#tag-<?php echo _encode($tag_text); ?> "><?php echo $tag_text; ?> </a></p>
/** * Plural version of dcgettext. */ function _dcngettext($domain, $single, $plural, $number, $category) { $l10n = _get_reader($domain, $category); //return $l10n->ngettext($single, $plural, $number); return _encode($l10n->ngettext($single, $plural, $number)); }
$sql = "SELECT * FROM encuesta.tbcuestionario2 where Codigo_Cuestionario = {$id}"; $result = $mysqli->query($sql); $data["count"] = $result->num_rows; while ($row = $result->fetch_array(MYSQLI_ASSOC)) { $data["data"][] = array_map("utf8_encode", $row); } echo json_encode($data); break; case "get_asignatura": $data[response] = "OK"; $sql = "SELECT * FROM tbasignaturas where Carrera_Asignatura = {$asig} order by Semestre_Asignatura"; $result = $mysqli->query($sql); $data["count"] = $result->num_rows; while ($row = $result->fetch_array(MYSQLI_ASSOC)) { $data["data"][] = array_map("utf8_encode", $row); } echo json_encode($data); break; _encode($data); break; case "get_cuestionarios_alumnos": $data[response] = "OK"; $sql = "SELECT Codigo_Cuestionario,Codigo_Asignatura FROM encuesta.tbcuestionario3 where Codigo_Asignatura in (SELECT Codigo_Asignaturas FROM encuesta.tbalumasig where Codigo_Alumnos = " . $alumnos . " and Periodo_Alumno = " . $periodo . ")"; $result = $mysqli->query($sql); $data["count"] = $result->num_rows; while ($row = $result->fetch_array(MYSQLI_ASSOC)) { $data["data"][] = array_map("utf8_encode", $row); } echo json_encode($data); break; }
—<a href="#<?php echo _encode($title); ?> "><?php echo $title; ?> </a>
public function avatar_process($alias, &$_fields, &$error) { global $config, $user; $path = $config['assets_path'] . 'avatars/'; $send = $this->process($path, 'avatar'); if (count($this->error)) { $error = array_merge($error, $this->error); return; } if ($send !== false) { foreach ($send as $row) { $resize = $this->resize($row, $path, $path, _encode($alias) . time(), array(70, 70), false, false, true); if ($resize === false) { continue; } if ($user->d('avatar')) { _rm($path . $user->d('avatar')); } $_fields->avatar = $row->filename; } } return; }
if (preg_match('/^([a-zA-Z0-9_\\-\\.\\x{4e00}-\\x{9fa5}]+)$/u', $_POST['name']) == false) { echo 'Hello,名称格式错误!'; } else { if (is_dir(_decode($_GET['path']))) { chdir(dirname(_decode($_GET['path']) . '/' . $_POST['name']) . '/../'); $to = getcwd() . '/' . $_POST['name']; } else { $to = dirname(_decode($_GET['path'])); $to = $to . '/' . $_POST['name']; } if (rename(_decode($_GET['path']), $to) == false) { echo 'Hello,重命名失败了啦!'; } else { echo 'Hello,重命名成功了喔!'; if (is_dir($to)) { echo '<a href="index.php?path=' . _encode(dirname($to) . '/' . $_POST['name']) . '">返回</a>?'; } } } } echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-新的名称</div></div> HTML; echo <<<HTML <form action="{$_SERVER['PHP_SELF']}?path={$_GET['path']}" method="post"> <input type="text" name="name"/> <input type="submit" value="命名"/> </form> HTML; echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div>
protected function user() { switch($this->method){ case 'GET': if(empty($this->verb) && empty($this->args)){ $result = $this->db->query("select id, role_id, username, email, banned, ban_reason, phone from users"); $newResult = $result->rows; nullToEmptyString($newResult); return array("success" => 1, "items" => $newResult); } else if ($this->verb == 'role' && empty($this->args)){ $result = $this->db->query("select id, alt_name, locale, description from shop_rbac_roles_i18n where locale = 'ru'"); return array("success" => 1, "items" => $result->rows); } else if ($this->verb == 'role' && count($this->args) == 1){ $id = htmlspecialchars(strip_tags($this->args[0])); $result = $this->db->query("select id, alt_name, locale, description from shop_rbac_roles_i18n where locale = 'ru' and id = '".$id."'"); return array("success" => 1, "items" => $result->rows); } else if (empty($this->verb) && count($this->args) == 1){ $id = htmlspecialchars(strip_tags($this->args[0])); $result = $this->db->query("select id, role_id, username, email, banned, ban_reason, phone from users where id = '".$id."'"); $newResult = $result->rows; nullToEmptyString($newResult); return array("success" => 1, "items" => $newResult); } else { return array("success" => 0, "error_message" => "BAD REQUEST"); } break; case 'POST': if (empty($this->verb) && empty($this->args)){ $data = $this->request; $hash = _encode($data['user_password'], $this->encryption_key); $hash = crypt($hash); $result = $this->db->query("insert into users (role_id, username, password, email, phone) values ('".$data['role_id']."', '".$data['login']."', '".$hash."', '".$data['email']."', '".$data['phone']."')"); if($result->errno){ return array("success" => 0, "error_message" => "INCORRECT DATA"); } else { $lastId = $this->db->getLastId(); $this->log("Добавлен пользователь. Id: ".$lastId, $data['username'], $data['device']); return array("success" => 1, "insert_id" => $lastId); } } else { return array("success" => 0, "error_message" => "BAD REQUEST"); } break; case 'PUT': if (empty($this->verb) && count($this->args) == 1){ $id = htmlspecialchars(strip_tags($this->args[0])); $data = $this->request; if(isset($data['user_password']) && !empty($data['user_password'])) { $hash = _encode($data['user_password'], $this->encryption_key); $hash = crypt($hash); $result = $this->db->query("update users set role_id='".$data['role_id']."', username='******'login']."', password='******', banned = '".$data['banned']."', ban_reason = '".$data['ban_reason']."', email='".$data['email']."', phone='".$data['phone']."' where id = '".$id."'"); } else { $result = $this->db->query("update users set role_id='".$data['role_id']."', username='******'login']."', banned = '".$data['banned']."', ban_reason = '".$data['ban_reason']."', email='".$data['email']."', phone='".$data['phone']."' where id = '".$id."'"); } if(!$result->errno){ $this->log("Изменен аккаунт пользователя. Id: ".$id, $data['username'], $data['device']); return array("success" => 1); } else { return array("success" => 0, "error_message" => "INCORRECT DATA"); } } else if ($this->verb == 'status' && count($this->args) == 1){ $id = htmlspecialchars(strip_tags($this->args[0])); $data = $this->request; $result = $this->db->query("update users set banned='".$data['banned']."' where id = '".$id."'"); if(!$result->errno){ $this->log("Изменен статус пользователя. Id: ".$id, $data['username'], $data['device']); return array("success" => 1); } else { return array("success" => 0, "error_message" => "INCORRECT DATA"); } } else { return array("success" => 0, "error_message" => "BAD REQUEST"); } break; case 'DELETE': if (empty($this->verb) && count($this->args) == 1){ $id = htmlspecialchars(strip_tags($this->args[0])); $result = $this->db->query("delete from users where id = '".$id."'"); if(!$result->errno){ $data = $this->request; $this->log("Удален пользователь. Id: ".$id, $data['username'], $data['device']); return array("success" => 1); } else { return array("success" => 0, "error_message" => "USER NOT FOUND"); } } else { return array("success" => 0, "error_message" => "BAD REQUEST"); } break; default: break; } }
} else { $isNew = false; } if ($nice_permalinks) { $entry_perma = "{$http}" . $entry_id; } else { $entry_perma = "{$http}" . "?entry={$entry_id}"; } $data_e2t = @mysql_query("SELECT e2t.tag_id FROM core_entry2tag e2t WHERE e2t.entry_id = {$entry_id}"); $tag_str = ""; while ($e2t = @mysql_fetch_array($data_e2t)) { $tag_id = $e2t["tag_id"]; $data_tags = @mysql_query("SELECT t.tag_text FROM core_tags t WHERE t.tag_id = {$tag_id}"); while ($t = @mysql_fetch_array($data_tags)) { $tag_text = $t["tag_text"]; $tag_str = $tag_str . "<a class=\"tag-link\" name=\"tag" . $tag_id . "\" href=\"#tag-" . _encode($tag_text) . "\">" . $tag_text . "</a>" . $separator_tags; } } $entry_tags = substr($tag_str, 0, strlen($tag_str) - strlen($separator_tags)); $layout_path = $root . "user/uploads/" . treat_string($entry_title) . "/layout.php"; if (is_file($layout_path) && @filesize($layout_path) > 0) { require $layout_path; } else { require $theme_path . "parts/entry.php"; } } mysql_query("UPDATE core_entries e SET\n\te.hits = {$entry_hits}\n\tWHERE e.entry_id = {$id}"); } if ($isPerma) { echo "<a class=\"index-link\" href=\"{$http}\">back to index</a>"; }