Esempio n. 1
0
function auth_time($time)
{
    global $MOD, $DT_TIME, $L;
    if ($MOD['auth_days'] && $DT_TIME - $time > $MOD['auth_days'] * 86400) {
        dalert($L['auth_time'], $MOD['linkurl']);
    }
}
Esempio n. 2
0
function auth_time($time, $type = 0)
{
    global $MOD, $DT_TIME, $L;
    $second = $type ? 600 : 86400;
    if ($MOD['auth_days'] && $DT_TIME - $time > $MOD['auth_days'] * $second) {
        dalert($L['auth_time'], $MOD['linkurl']);
    }
}
Esempio n. 3
0
function strip_key($array, $deep = 0)
{
    foreach ($array as $k => $v) {
        if ($deep && !preg_match("/^[a-z0-9_\\-]{1,}\$/i", $k)) {
            dhttp(403, 0);
            dalert('HTTP 403 Forbidden', DT_PATH);
        }
        if (is_array($v)) {
            strip_key($v, 1);
        }
    }
}
Esempio n. 4
0
function property_check($post_ppt)
{
    global $post;
    include load('include.lang');
    $OP = $post['catid'] ? property_option($post['catid']) : array();
    if (!$OP) {
        return;
    }
    foreach ($OP as $v) {
        if ($v['required'] && !$post_ppt[$v['oid']]) {
            $msg = lang($v['type'] > 1 ? $L['fields_choose'] : $L['fields_input'], array($v['name']));
            defined('DT_ADMIN') ? msg($msg) : dalert($msg);
        }
    }
}
Esempio n. 5
0
<?php

defined('IN_DESTOON') or exit('Access Denied');
login();
require DT_ROOT . '/module/' . $module . '/common.inc.php';
$MG['sendmail'] or dalert(lang('message->without_permission_and_upgrade'), 'goback');
require DT_ROOT . '/include/post.func.php';
if (isset($preview)) {
    $title = isset($title) ? trim(stripslashes($title)) : '';
    $content = isset($content) ? trim(stripslashes($content)) : '';
    include template('send', 'mail');
    exit;
}
if ($submit) {
    captcha($captcha);
    $email = trim($email);
    if (!is_email($email)) {
        message($L['sendmail_pass_mailto']);
    }
    $title = trim(stripslashes($title));
    if (strlen($title) < 5) {
        message($L['pass_title']);
    }
    $content = trim(stripslashes($content));
    if (strlen($content) < 10) {
        message($L['pass_content']);
    }
    clear_upload($content);
    $content = dsafe(save_local($content));
    $content = ob_template('send', 'mail');
    $DT['mail_name'] = $_company;
Esempio n. 6
0
        //dalert($L['not_file'], $linkurl);
    }
}
if (isset($mirror)) {
    include DT_ROOT . '/file/config/mirror.inc.php';
    if (isset($MIRROR[$mirror])) {
        if ($local) {
            dheader(str_replace(DT_ROOT . '/', $MIRROR[$mirror]['url'], $localfile));
        } else {
            if ($DT['ftp_remote'] && $DT['remote_url']) {
                $fileurl = str_replace($DT['remote_url'], $MIRROR[$mirror]['url'], $fileurl);
            }
            dheader($fileurl);
        }
    } else {
        dalert($L['not_mirror'], $linkurl);
    }
} else {
    if ($local) {
        if ($MOD['upload'] && filesize($localfile) < $MOD['readsize'] * 1024 * 1024) {
            $ext = file_ext($localfile);
            if (!in_array($ext, explode('|', $MOD['upload'])) || in_array($ext, array('php', 'sql')) || strpos($localfile, './') !== false) {
                dheader($fileurl);
            }
            //Safe
            $title = file_vname($title);
            $title or dheader($fileurl);
            if (strpos($_SERVER['HTTP_USER_AGENT'], 'Chrome') !== false) {
                $title = convert($title, DT_CHARSET, 'UTF-8');
            }
            if (strpos($_SERVER['HTTP_USER_AGENT'], 'Firefox') !== false) {
Esempio n. 7
0
<?php

require '../../../common.inc.php';
require 'init.inc.php';
$_REQUEST['code'] or dalert('Error Request.', $MODULE[2]['linkurl'] . $DT['file_login'] . '?step=callback&site=' . $site);
$par = 'grant_type=authorization_code' . '&code=' . $_REQUEST['code'] . '&client_id=' . BD_ID . '&client_secret=' . BD_SECRET . '&redirect_uri=' . urlencode(BD_CALLBACK);
$rec = dcurl(BD_TOKEN_URL, $par);
if (strpos($rec, 'access_token') !== false) {
    $arr = json_decode($rec, true);
    $_SESSION['bd_access_token'] = $arr['access_token'];
    dheader('index.php?time=' . $DT_TIME);
} else {
    dalert('Error Token.', $MODULE[2]['linkurl'] . $DT['file_login'] . '?step=token&site=' . $site);
}
Esempio n. 8
0
<?php

defined('IN_DESTOON') or exit('Access Denied');
login();
require DT_ROOT . '/module/' . $module . '/common.inc.php';
require DT_ROOT . '/include/post.func.php';
isset($item) or message();
$names = $L['type_names'];
isset($names[$item]) or message();
require DT_ROOT . '/include/type.class.php';
$do = new dtype();
$do->item = $item . '-' . $_userid;
if ($submit) {
    if ($MG['type_limit'] && $type[0]['typename'] && count($type) > $MG['type_limit']) {
        dalert(lang($L['type_msg_limit'], array($MG['type_limit'])), 'goback');
    }
    $do->update($type);
    dmsg($L['op_update_success'], '?item=' . $item);
} else {
    $head_title = lang($L['type_title'], array($names[$item]));
    $types = $do->get_list();
    foreach ($types as $k => $v) {
        $types[$k]['style_select'] = dstyle('type[' . $v['typeid'] . '][style]', $v['style']);
    }
    $new_style = dstyle('type[0][style]');
    include template('type', $module);
}
Esempio n. 9
0
<?php

defined('IN_DESTOON') or exit('Access Denied');
login();
require DT_ROOT . '/module/' . $module . '/common.inc.php';
$MG['homepage'] && $MG['style'] or dalert(lang('message->without_permission_and_upgrade'), 'goback');
require DT_ROOT . '/include/post.func.php';
require MD_ROOT . '/style.class.php';
$do = new style();
$user = userinfo($_username);
$domain = $user['domain'];
if ($itemid) {
    $do->itemid = $itemid;
    $r = $do->get_one();
    $r or message($L['style_msg_not_exist']);
    if ($r['groupid']) {
        $groupids = explode(',', $r['groupid']);
        if (!in_array($_groupid, $groupids)) {
            message($L['style_msg_group']);
        }
    }
    if ($action == 'buy' && $r['fee']) {
        $currency = $r['currency'];
        $months = array(1, 2, 3, 6, 12, 24);
        $unit = $currency == 'money' ? $DT['money_unit'] : $DT['credit_unit'];
        if ($submit) {
            in_array($month, $months) or message($L['style_msg_month']);
            $amount = $r['fee'] * $month;
            if ($currency == 'money') {
                if ($amount > $_money) {
                    message($L['money_not_enough'], $MODULE[2]['linkurl'] . 'charge.php?action=pay&amount=' . ($amount - $_money));
Esempio n. 10
0
         $db->query("INSERT INTO {$DT_PRE}validate (type,username,ip,addtime,status,title,editor,edittime) VALUES ('mobile','{$username}','{$DT_IP}','{$DT_TIME}','3','{$mobile}','system','{$DT_TIME}')");
         message($L['send_mobile_success'], $MOD['linkurl']);
     }
     message($L['send_mobile_code_error']);
 } else {
     $DT['sms'] or message($L['send_sms_close']);
     $fee = $DT['sms_fee'];
     if ($submit) {
         is_mobile($mobile) or message($L['send_mobile_bad']);
         $r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1 AND userid<>{$_userid}");
         if ($r) {
             message($L['send_mobile_exist']);
         }
         if ($fee && $_sms < 1) {
             $fee <= $_money or message($L['money_not_enough'], $MOD['linkurl'] . 'charge.php?action=pay');
             is_payword($_username, $password) or dalert($L['error_payword']);
         }
         $auth = random(6, '0123456789');
         $content = lang('sms->sms_code', array($auth, $MOD['auth_days'])) . $DT['sms_sign'];
         $sms_code = send_sms($mobile, $content);
         if (strpos($sms_code, $DT['sms_ok']) !== false) {
             if ($fee) {
                 if ($_sms < 1) {
                     money_add($_username, -$fee);
                     money_record($_username, -$fee, $L['in_site'], $_username, $L['send_mobile_record'], $mobile);
                 } else {
                     sms_add($_username, -1);
                     sms_record($_username, -1, $_username, $L['send_mobile_record'], $mobile);
                 }
             }
             $db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$mobile}',authtime='{$DT_TIME}' WHERE username='******'");
Esempio n. 11
0
     }
     if ($MST['vmobile'] && $MG['vmobile']) {
         $V['vmobile'] or dheader('validate.php?action=mobile&itemid=1');
     }
     if ($MST['vtruename'] && $MG['vtruename']) {
         $V['vtruename'] or dheader('validate.php?action=truename&itemid=1');
     }
     if ($MST['vcompany'] && $MG['vcompany']) {
         $V['vcompany'] or dheader('validate.php?action=company&itemid=1');
     }
 }
 if ($_credit < 0 && $MST['credit_less'] && $action == 'add') {
     dheader('credit.php?action=less');
 }
 if ($submit) {
     check_post() or dalert($L['bad_data']);
     //safe
     $BANWORD = cache_read('banword.php');
     if ($BANWORD && isset($post)) {
         $keys = array('title', 'tag', 'introduce', 'content');
         foreach ($keys as $v) {
             if (isset($post[$v])) {
                 $post[$v] = banword($BANWORD, $post[$v]);
             }
         }
     }
 }
 $MYMODS = array();
 if (isset($MG['moduleids']) && $MG['moduleids']) {
     $MYMODS = explode(',', $MG['moduleids']);
 }
Esempio n. 12
0
<?php

require '../../../common.inc.php';
require 'init.inc.php';
$success = 0;
$DS = array();
if ($_SESSION['token']) {
    $c = new SaeTClientV2(WB_AKEY, WB_SKEY, $_SESSION['token']['access_token']);
    $ms = $c->home_timeline();
    $uid_get = $c->get_uid();
    $uid = $uid_get['uid'];
    $me = $c->show_user_by_id($uid);
    if (isset($me['error'])) {
        dalert('API Error:' . $me['error'], $MODULE[2]['linkurl'] . $DT['file_login']);
    }
    if ($me && isset($me['screen_name'])) {
        $success = 1;
        $openid = $me['id'];
        $nickname = convert($me['screen_name'], 'UTF-8', DT_CHARSET);
        $avatar = $me['profile_image_url'];
        $url = $me['url'];
        $DS = array('token');
    }
}
require '../destoon.inc.php';
Esempio n. 13
0
    $_userid = isset($_dauth[0]) ? intval($_dauth[0]) : 0;
    $_username = isset($_dauth[1]) ? trim($_dauth[1]) : '';
    $_groupid = isset($_dauth[2]) ? intval($_dauth[2]) : 3;
    $_admin = isset($_dauth[4]) ? intval($_dauth[4]) : 0;
    if ($_userid && !defined('DT_NONUSER')) {
        $_password = isset($_dauth[3]) ? trim($_dauth[3]) : '';
        $USER = $db->get_one("SELECT username,passport,company,truename,password,groupid,email,message,chat,sound,online,sms,credit,money,loginip,admin,aid,edittime,trade FROM {$DT_PRE}member WHERE userid={$_userid}");
        if ($USER && $USER['password'] == $_password) {
            if ($USER['groupid'] == 2) {
                dalert(lang('message->common_forbidden'));
            }
            extract($USER, EXTR_PREFIX_ALL, '');
            if ($USER['loginip'] != $DT_IP && ($DT['ip_login'] == 2 || $DT['ip_login'] == 1 && IN_ADMIN)) {
                $_userid = 0;
                set_cookie('auth', '');
                dalert(lang('message->common_login', array($USER['loginip'])), DT_PATH);
            }
        } else {
            $_userid = 0;
            if ($db->linked && !isset($swfupload) && strpos($_SERVER['HTTP_USER_AGENT'], 'Flash') === false) {
                set_cookie('auth', '');
            }
        }
        unset($destoon_auth, $USER, $_dauth, $_password);
    }
}
if ($_userid == 0) {
    $_groupid = 3;
    $_username = '';
}
if (!IN_ADMIN) {
Esempio n. 14
0
     $userid or msg('请选择会员');
     $db->halt = 0;
     if (!$_founder) {
         if (is_array($userid)) {
             foreach ($userid as $uid) {
                 $do->userid = $uid;
                 $user = $do->get_one();
                 if ($user['groupid'] == 1) {
                     dalert('您无权删除管理员', '?file=logout');
                 }
             }
         } else {
             $do->userid = $userid;
             $user = $do->get_one();
             if ($user['groupid'] == 1) {
                 dalert('您无权删除管理员', '?file=logout');
             }
         }
     }
     if ($do->delete($userid)) {
         dmsg('删除成功', $forward);
     } else {
         msg($do->errmsg);
     }
     break;
 case 'move':
     $userid or msg('请选择会员');
     $gid = isset($groupids) ? $groupids : $groupid;
     if ($gid == 1) {
         msg('操作失败!&nbsp;如果需要添加管理员<br/><a href="?file=admin&action=add">请点这里进入管理员管理...</a>');
     }
Esempio n. 15
0
     if ($job != 'guestbook') {
         $content .= '<br/>' . $L['content_from'];
     }
     if ($job == 'guestbook') {
         $type = 3;
     } else {
         if ($job == 'price') {
             $type = 2;
         } else {
             $type = 1;
         }
     }
     if (send_message($username, $title, $content, $type, $_username)) {
         dalert($L['msg_home_success'], '', 'parent.window.location=parent.window.location;');
     } else {
         dalert($_userid ? $L['msg_home_member_failed'] : $L['msg_home_guest_failed']);
     }
     break;
 case 'next':
     $itemid or dheader($MOD['linkurl']);
     check_name($username) or dheader($MOD['linkurl']);
     $user = userinfo($username);
     $domain = $user['domain'];
     if ($domain) {
         $DT['rewrite'] = intval($CFG['com_rewrite']);
     }
     $r = $db->get_one("SELECT itemid FROM {$DT_PRE}sell_5 WHERE username='******' AND itemid>{$itemid} AND status=3 ORDER BY itemid ASC");
     if ($r) {
         dheader(userurl($username, 'file=sell&itemid=' . $r['itemid'], $domain));
     }
     dheader(userurl($username, 'file=sell', $domain));
Esempio n. 16
0
     $do->login($username, '', 0, true);
     message($L['send_check_success'], $MOD['linkurl']);
 } else {
     if ($DT['mail_type'] == 'close') {
         message($L['send_mail_close']);
     }
     if ($MOD['checkuser'] != 2) {
         dheader(DT_PATH);
     }
     if ($submit) {
         captcha($captcha);
         check_name($username) or message($L['send_check_username_bad']);
         $user = userinfo($username);
         if ($user) {
             if ($user['groupid'] != 4) {
                 dalert($L['send_check_deny'], DT_PATH);
             }
             if ($user['password'] != dpassword($password, $user['passsalt'])) {
                 message($L['send_check_password_bad']);
             }
             $email = trim($email);
             if ($email && $email != $user['email']) {
                 is_email($email) or message($L['send_check_email_bad']);
                 $r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE email='{$email}'");
                 if ($r) {
                     message($L['send_check_email_repeat']);
                 }
                 $db->query("UPDATE {$DT_PRE}member SET email='{$email}' WHERE username='******'");
             } else {
                 $email = $user['email'];
             }
Esempio n. 17
0
$post['total_fee'] = $charge * 100;
$post['spbill_create_ip'] = $DT_IP;
$post['notify_url'] = DT_PATH . 'api/pay/' . $bank . '/' . ($PAY[$bank]['notify'] ? $PAY[$bank]['notify'] : 'notify.php');
$post['trade_type'] = 'NATIVE';
$post['product_id'] = $itemid;
$post['sign'] = make_sign($post, $PAY[$bank]['keycode']);
$rec = dcurl('https://api.mch.weixin.qq.com/pay/unifiedorder', make_xml($post));
#log_write($rec, 'wxr', 1);
if (strpos($rec, 'code_url') !== false) {
    $x = simplexml_load_string($rec, 'SimpleXMLElement', LIBXML_NOCDATA);
} else {
    if (strpos($rec, 'return_msg') !== false) {
        $x = simplexml_load_string($rec, 'SimpleXMLElement', LIBXML_NOCDATA);
        dalert(convert($x->return_msg, 'UTF-8', DT_CHARSET), $MODULE[2]['linkurl'] . 'charge.php?action=record');
    } else {
        dalert('Can Not Connect weixin', $MODULE[2]['linkurl'] . 'charge.php?action=record');
    }
}
?>
<html>
<head>
    <meta http-equiv="content-type" content="text/html;charset=<?php 
echo DT_CHARSET;
?>
"/>
    <meta name="viewport" content="width=device-width, initial-scale=1" /> 
    <title>微信支付<?php 
echo $DT['seo_delimiter'];
echo $DT['sitename'];
?>
</title>
Esempio n. 18
0
        }
        if ($could_emailcode) {
            $db->query("UPDATE {$DT_PRE}member SET vemail=1 WHERE username='******'");
        }
        if ($could_mobilecode) {
            $db->query("UPDATE {$DT_PRE}member SET vmobile=1 WHERE username='******'");
        }
        if (!get_cookie('bind')) {
            session_destroy();
        }
        $forward = 'goto.php?action=register_success&username='******'&auth=' . encrypt('LOGIN|' . $username . '|' . $post['password'] . '|' . $DT_TIME, DT_KEY . 'LOGIN') . '&forward=' . urlencode($forward);
        dalert('', '', 'parent.window.location="' . $forward . '"');
    } else {
        $reload_captcha = $MOD['captcha_register'] ? reload_captcha() : '';
        $reload_question = $MOD['question_register'] ? reload_question() : '';
        dalert($do->errmsg, '', $reload_captcha . $reload_question);
    }
} else {
    $COM_TYPE = explode('|', $MOD['com_type']);
    $COM_SIZE = explode('|', $MOD['com_size']);
    $COM_MODE = explode('|', $MOD['com_mode']);
    $MONEY_UNIT = explode('|', $MOD['money_unit']);
    $mode_check = dcheckbox($COM_MODE, 'post[mode][]', '', 'onclick="check_mode(this);"', 0);
    $auth = isset($auth) ? rawurldecode($auth) : '';
    $username = $password = $email = $passport = '';
    if ($auth) {
        $auth = decrypt($auth, DT_KEY . 'UC');
        $auth = explode('|', $auth);
        $passport = $auth[0];
        if (check_name($passport)) {
            $username = $passport;
Esempio n. 19
0
 case 'delete':
     $MG['delete'] or message();
     $itemid or message();
     $itemids = is_array($itemid) ? $itemid : array($itemid);
     foreach ($itemids as $itemid) {
         $do->itemid = $itemid;
         $item = $db->get_one("SELECT username FROM {$table} WHERE itemid={$itemid}");
         if (!$item || $item['username'] != $_username) {
             message();
         }
         $do->recycle($itemid);
     }
     dmsg($L['success_delete'], $forward);
     break;
 case 'refresh':
     $MG['refresh_limit'] > -1 or dalert(lang('message->without_permission_and_upgrade'), 'goback');
     $do->_update($_username);
     $itemid or message($L['select_info']);
     $itemids = $itemid;
     $s = $f = 0;
     foreach ($itemids as $itemid) {
         $do->itemid = $itemid;
         $item = $db->get_one("SELECT username,edittime FROM {$table} WHERE itemid={$itemid}");
         $could_refresh = $item && $item['username'] == $_username;
         if ($could_refresh && $MG['refresh_limit'] && $DT_TIME - $item['edittime'] < $MG['refresh_limit']) {
             $could_refresh = false;
         }
         if ($could_refresh && $MOD['credit_refresh'] && $MOD['credit_refresh'] > $_credit) {
             $could_refresh = false;
         }
         if ($could_refresh) {
Esempio n. 20
0
function dmail($mail_to, $mail_subject, $mail_body, $mail_from = '', $mail_sign = true)
{
    global $DT;
    if ($DT['mail_type'] == 'close') {
        return 'close';
    }
    $sendmail_from = $mail_from ? $mail_from : $DT['mail_sender'];
    $mail_from = "=?" . strtolower(DT_CHARSET) . "?B?" . base64_encode($DT['mail_name'] ? $DT['mail_name'] : $DT['sitename']) . "?= <" . $sendmail_from . ">";
    $mail_subject = stripslashes($mail_subject);
    $mail_subject = str_replace("\r", '', str_replace("\n", '', $mail_subject));
    $mail_subject = "=?" . strtolower(DT_CHARSET) . "?B?" . base64_encode($mail_subject) . "?=";
    if ($DT['mail_sign'] && $mail_sign) {
        $mail_body .= $DT['mail_sign'];
    }
    $mail_body = stripslashes($mail_body);
    $mail_body = chunk_split(base64_encode(str_replace("\r\n.", " \r\n..", str_replace("\n", "\r\n", str_replace("\r", "\n", str_replace("\r\n", "\n", str_replace("\n\r", "\r", $mail_body)))))));
    $mail_dlmt = $DT['mail_delimiter'] == 1 ? "\r\n" : ($DT['mail_delimiter'] == 2 ? "\n" : "\r");
    $headers = '';
    $headers .= "From: {$mail_from}" . $mail_dlmt;
    $headers .= "X-Priority: 3" . $mail_dlmt;
    $headers .= "X-Mailer: Destoon" . $mail_dlmt;
    $headers .= "MIME-Version: 1.0" . $mail_dlmt;
    $headers .= "Content-type: text/html; charset=" . DT_CHARSET . $mail_dlmt;
    $headers .= "Content-Transfer-Encoding: base64" . $mail_dlmt;
    if ($DT['mail_type'] == 'smtp') {
        $host = $DT['smtp_host'] . ':' . $DT['smtp_port'] . ' ';
        if (!($fp = fsockopen($DT['smtp_host'], $DT['smtp_port'], $errno, $errstr, 30))) {
            $errmsg = $host . 'can not connect to the SMTP server';
            if (defined('TESTMAIL')) {
                dalert('Error:' . trim($errmsg));
            }
            log_write($errmsg, 'smtp');
            return $errmsg;
        }
        stream_set_blocking($fp, true);
        $RE = fgets($fp, 512);
        if (substr($RE, 0, 3) != '220') {
            $errmsg = $host . $RE;
            if (defined('TESTMAIL')) {
                dalert('Error:' . trim($errmsg));
            }
            log_write($errmsg, 'smtp');
            return $errmsg;
        }
        fputs($fp, ($DT['smtp_auth'] ? 'EHLO' : 'HELO') . " Destoon\r\n");
        $RE = fgets($fp, 512);
        if (substr($RE, 0, 3) != 220 && substr($RE, 0, 3) != 250) {
            $errmsg = $host . 'HELO/EHLO - ' . $RE;
            if (defined('TESTMAIL')) {
                dalert('Error:' . trim($errmsg));
            }
            log_write($errmsg, 'smtp');
            return $errmsg;
        }
        while (1) {
            if (substr($RE, 3, 1) != '-' || empty($RE)) {
                break;
            }
            $RE = fgets($fp, 512);
        }
        if ($DT['smtp_auth']) {
            fputs($fp, "AUTH LOGIN\r\n");
            $RE = fgets($fp, 512);
            if (substr($RE, 0, 3) != 334) {
                $errmsg = $host . 'AUTH LOGIN - ' . $RE;
                if (defined('TESTMAIL')) {
                    dalert('Error:' . trim($errmsg));
                }
                log_write($errmsg, 'smtp');
                return $errmsg;
            }
            fputs($fp, base64_encode($DT['smtp_user']) . "\r\n");
            $RE = fgets($fp, 512);
            if (substr($RE, 0, 3) != 334) {
                $errmsg = $host . 'USERNAME - ' . $RE;
                if (defined('TESTMAIL')) {
                    dalert('Error:' . trim($errmsg));
                }
                log_write($errmsg, 'smtp');
                return $errmsg;
            }
            fputs($fp, base64_encode($DT['smtp_pass']) . "\r\n");
            $RE = fgets($fp, 512);
            if (substr($RE, 0, 3) != 235) {
                $errmsg = $host . 'PASSWORD - ' . $RE;
                if (defined('TESTMAIL')) {
                    dalert('Error:' . trim($errmsg));
                }
                log_write($errmsg, 'smtp');
                return $errmsg;
            }
            $mail_from = strpos($DT['smtp_user'], '@') !== false ? $DT['smtp_user'] : $DT['mail_sender'];
        } else {
            $mail_from = $DT['mail_sender'];
        }
        fputs($fp, "MAIL FROM: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $mail_from) . ">\r\n");
        $RE = fgets($fp, 512);
        if (substr($RE, 0, 3) != 250) {
            fputs($fp, "MAIL FROM: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $mail_from) . ">\r\n");
            $RE = fgets($fp, 512);
            if (substr($RE, 0, 3) != 250) {
                $errmsg = $host . 'MAIL FROM - ' . $RE;
                if (defined('TESTMAIL')) {
                    dalert('Error:' . trim($errmsg));
                }
                log_write($errmsg, 'smtp');
                return $errmsg;
            }
        }
        foreach (explode(',', $mail_to) as $touser) {
            $touser = trim($touser);
            if ($touser) {
                fputs($fp, "RCPT TO: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $touser) . ">\r\n");
                $RE = fgets($fp, 512);
                if (substr($RE, 0, 3) != 250) {
                    fputs($fp, "RCPT TO: <" . preg_replace("/.*\\<(.+?)\\>.*/", "\\1", $touser) . ">\r\n");
                    $RE = fgets($fp, 512);
                    $errmsg = $host . 'RCPT TO - ' . $RE;
                    if (defined('TESTMAIL')) {
                        dalert('Error:' . trim($errmsg));
                    }
                    log_write($errmsg, 'smtp');
                    return $errmsg;
                }
            }
        }
        fputs($fp, "DATA\r\n");
        $RE = fgets($fp, 512);
        if (substr($RE, 0, 3) != 354) {
            $errmsg = $host . 'DATA - ' . $RE;
            if (defined('TESTMAIL')) {
                dalert('Error:' . trim($errmsg));
            }
            log_write($errmsg, 'smtp');
            return $errmsg;
        }
        list($msec, $sec) = explode(' ', microtime());
        $headers .= "Message-ID: <" . date('YmdHis', $sec) . "." . $msec * 1000000 . "." . substr($mail_from, strpos($mail_from, '@')) . ">" . $mail_dlmt;
        fputs($fp, "Date: " . date('r') . "\r\n");
        fputs($fp, "To: " . $mail_to . "\r\n");
        fputs($fp, "Subject: " . $mail_subject . "\r\n");
        fputs($fp, $headers . "\r\n");
        fputs($fp, "\r\n\r\n");
        fputs($fp, "{$mail_body}\r\n.\r\n");
        $RE = fgets($fp, 512);
        if (substr($RE, 0, 3) != 250) {
            $errmsg = $host . 'END - ' . $RE;
            if (defined('TESTMAIL')) {
                dalert('Error:' . trim($errmsg));
            }
            log_write($errmsg, 'smtp');
            return $errmsg;
        }
        fputs($fp, "QUIT\r\n");
        return 'SUCCESS';
    } else {
        if ($DT['mail_type'] != 'mail') {
            ini_set('SMTP', $DT['smtp_host']);
            ini_set('smtp_port', $DT['smtp_port']);
            ini_set('sendmail_from', $sendmail_from);
        }
        return @mail($mail_to, $mail_subject, $mail_body, $headers) ? 'SUCCESS' : '';
    }
}
Esempio n. 21
0
<?php

defined('IN_DESTOON') or exit('Access Denied');
if ($DT_BOT) {
    dhttp(403);
}
require DT_ROOT . '/module/' . $module . '/common.inc.php';
check_group($_groupid, $MOD['group_compare']) or dalert(lang('message->without_permission'), 'goback');
$DT_URL = $DT_REF;
$itemid && is_array($itemid) or dalert($L['compare_choose'], 'goback');
$itemid = array_unique($itemid);
$item_nums = count($itemid);
$item_nums < 9 or dalert($L['compare_max'], 'goback');
$item_nums > 1 or dalert($L['compare_min'], 'goback');
$itemid = implode(',', $itemid);
$tags = array();
$result = $db->query("SELECT * FROM {$table} WHERE itemid IN ({$itemid}) ORDER BY addtime DESC");
while ($r = $db->fetch_array($result)) {
    if ($r['status'] != 3) {
        continue;
    }
    $r['editdate'] = timetodate($r['edittime'], 3);
    $r['adddate'] = timetodate($r['addtime'], 3);
    $r['stitle'] = dsubstr($r['title'], 30);
    $r['stitle'] = set_style($r['stitle'], $r['style']);
    $r['userurl'] = userurl($r['username']);
    $r['linkurl'] = $MOD['linkurl'] . $r['linkurl'];
    $tags[] = $r;
}
$head_title = $L['compare_title'] . $DT['seo_delimiter'] . $MOD['name'];
include template($MOD['template_compare'] ? $MOD['template_compare'] : 'compare', $module);
Esempio n. 22
0
                $js .= 'window.parent.SetUrl("' . $saveto . '");';
                $js .= 'window.parent.GetE("frmUpload").reset();';
            } else {
                if ($from == 'attach') {
                    $js .= 'window.parent.GetE("txtUrl").value="' . $saveto . '";';
                    $js .= 'window.parent.window.parent.Ok();';
                } else {
                    if ($from == 'file') {
                        if ($moduleid == 2 && $fid == 'chat') {
                            $js .= $pr . '("word").value="' . $saveto . '";';
                            $js .= 'window.parent.chat_send();';
                        } else {
                            $js .= $pr . '("' . $fid . '").value="' . $saveto . '";';
                            if ($module == 'down') {
                                $js .= 'window.parent.initd(' . dround($do->file_size / 1024 / 1024, 2) . ');';
                            }
                        }
                        $js .= 'window.parent.cDialog();';
                    }
                }
            }
        }
    }
    dalert('', '', $js);
} else {
    $errmsg = 'Error(9)' . $do->errmsg;
    if ($swfupload) {
        exit(convert($errmsg, DT_CHARSET, 'UTF-8'));
    }
    dalert($errmsg, '', $errjs);
}
Esempio n. 23
0
                     }
                     $max = $tmp;
                 } else {
                     in_array($ext, array('jpg', 'jpeg', 'gif', 'png', 'bmp')) or file_del($f);
                 }
             }
             if ($htm) {
                 dalert('', '', 'parent.Upsuccess("' . $htm . '");');
             } else {
                 dalert('系统未在压缩包内找到HTM文件');
             }
         } else {
             dalert('解压缩失败,请检查目录权限');
         }
     } else {
         dalert($upload->errmsg);
     }
     break;
 case 'read':
     if ($word && in_array(file_ext($word), array('htm', 'html'))) {
         $data = file_get(DT_ROOT . '/file/temp/' . $word);
         if ($data) {
             if ($charset) {
                 $data = convert($data, $charset, DT_CHARSET);
             }
             if (preg_match("/<body[^>]*>([\\s\\S]+)<\\/body>/i", $data, $m)) {
                 $data = trim($m[1]);
             }
             $data = str_replace('<![if !vml]>', '', $data);
             $data = str_replace('<![endif]>', '', $data);
             $data = str_replace('<o:p>', '', $data);
Esempio n. 24
0
     }
     $post = array();
     $post['content'] = $word;
     $post['type'] = 'reply';
     $post['openid'] = $openid;
     $post['editor'] = $_username;
     $post['addtime'] = $DT_TIME;
     $post['misc']['type'] = $type;
     $post['misc'] = $post['misc'] ? serialize($post['misc']) : '';
     $post = daddslashes($post);
     $sql = '';
     foreach ($post as $k => $v) {
         $sql .= ",{$k}='{$v}'";
     }
     $db->query("INSERT INTO {$DT_PRE}weixin_chat SET " . substr($sql, 1));
     dalert('', '', 'window.parent.chat_show(2);');
     break;
 case 'load':
     $openid or exit;
     $chatlast = $_chatlast = intval($chatlast);
     $josn = $debug = '';
     $i = $j = 0;
     if ($chatlast) {
         $sql = "SELECT * FROM {$DT_PRE}weixin_chat WHERE openid='{$openid}' AND event=0 AND addtime>{$chatlast} ORDER BY addtime DESC";
     } else {
         $sql = "SELECT * FROM {$DT_PRE}weixin_chat WHERE openid='{$openid}' AND event=0 ORDER BY addtime DESC LIMIT 20";
     }
     $lists = array();
     $result = $db->query($sql);
     while ($r = $db->fetch_array($result)) {
         if ($r['type'] == 'reply' && $r['editor'] != $_username) {
Esempio n. 25
0
function banword($WORD, $string, $extend = true)
{
    $string = stripslashes($string);
    foreach ($WORD as $v) {
        $v[0] = preg_quote($v[0]);
        $v[0] = str_replace('/', '\\/', $v[0]);
        $v[0] = str_replace("\\*", ".*", $v[0]);
        if ($v[2] && $extend) {
            if (preg_match("/" . $v[0] . "/i", $string)) {
                dalert(lang('include->msg_word_ban'));
            }
        } else {
            if ($string == '') {
                break;
            }
            if (preg_match("/" . $v[0] . "/i", $string)) {
                $string = preg_replace("/" . $v[0] . "/i", $v[1], $string);
            }
        }
    }
    return addslashes($string);
}
Esempio n. 26
0
<?php

defined('IN_DESTOON') or exit('Access Denied');
if ($DT_BOT) {
    dhttp(403);
}
login();
require DT_ROOT . '/module/' . $module . '/common.inc.php';
SELL_ORDER or dalert(lang('message->without_permission'), 'goback');
require DT_ROOT . '/include/post.func.php';
include load('misc.lang');
include load('member.lang');
include load('order.lang');
if ($submit) {
    $ids = '';
    if ($post) {
        $add = array_map('trim', $add);
        $add['address'] = area_pos($add['areaid'], '') . $add['address'];
        $add = dhtmlspecialchars($add);
        $buyer_address = $add['address'];
        if (strlen($buyer_address) < 10) {
            message($L['msg_type_address']);
        }
        $buyer_postcode = $add['postcode'];
        if (strlen($buyer_postcode) < 6) {
            message($L['msg_type_postcode']);
        }
        $buyer_name = $add['truename'];
        if (strlen($buyer_name) < 2) {
            message($L['msg_type_truename']);
        }
Esempio n. 27
0
                 fields_check($post_fields);
             }
             if ($CP) {
                 property_check($post_ppt);
             }
             if ($FD) {
                 fields_update($post_fields, $table, $do->itemid);
             }
             if ($CP) {
                 property_update($post_ppt, $moduleid, $post['catid'], $do->itemid);
             }
             $do->edit($post);
             set_cookie('dmsg', $L['success_edit']);
             dalert('', '', 'parent.window.location="' . $forward . '"');
         } else {
             dalert($do->errmsg);
         }
     } else {
         extract($item);
     }
     break;
 case 'delete':
     $MG['delete'] or message();
     $itemid or message();
     $itemids = is_array($itemid) ? $itemid : array($itemid);
     foreach ($itemids as $itemid) {
         $do->itemid = $itemid;
         $item = $do->get_one();
         if (!$item || $item['username'] != $_username) {
             message();
         }
Esempio n. 28
0
 case 'last':
     if ($_message) {
         $item = $db->get_one("SELECT itemid,feedback FROM {$DT_PRE}message WHERE touser='******' AND status=3 AND isread=0 ORDER BY itemid DESC");
         if ($item) {
             dheader('?action=show&itemid=' . $item['itemid'] . ($item['feedback'] ? '&feedback=1' : ''));
         }
     }
     dheader('?action=index');
     break;
 default:
     if ($MG['inbox_limit']) {
         $r = $db->get_one("SELECT COUNT(*) AS num FROM {$DT_PRE}message WHERE touser='******' AND status=3");
         $limit_used = $r['num'];
         $limit_free = $MG['inbox_limit'] > $limit_used ? $MG['inbox_limit'] - $limit_used : 0;
         if ($limit_used >= $MG['inbox_limit']) {
             dalert($L['message_msg_inbox_limit'], '?action=empty');
         }
     }
     $status = 3;
     $name = $L['message_title_inbox'];
     if ($_message) {
         $do->fix_message();
     }
     $condition = "touser='******' AND status={$status} " . $condition;
     $messages = $do->get_list($condition);
     $systems = $do->get_sys();
     $color_select = '';
     foreach ($COLORS as $v) {
         $color_select .= '<option value="' . $v . '" style="background:#' . $v . ';">&nbsp;</option>';
     }
     break;
Esempio n. 29
0
login();
require DT_ROOT . '/module/' . $module . '/common.inc.php';
if ($_groupid > 5 && !$_edittime && $action == 'add') {
    dheader($MODULE[2]['linkurl'] . 'edit.php?tab=2');
}
$MG['homepage'] && $MG['news_limit'] > -1 or dalert(lang('message->without_permission_and_upgrade'), 'goback');
require DT_ROOT . '/include/post.func.php';
$TYPE = get_type('news-' . $_userid);
require MD_ROOT . '/news.class.php';
$do = new news();
switch ($action) {
    case 'add':
        if ($MG['news_limit']) {
            $r = $db->get_one("SELECT COUNT(*) AS num FROM {$DT_PRE}news WHERE username='******' AND status>0");
            if ($r['num'] >= $MG['news_limit']) {
                dalert(lang($L['limit_add'], array($MG['news_limit'], $r['num'])), 'goback');
            }
        }
        if ($submit) {
            if ($do->pass($post)) {
                $post['username'] = $_username;
                $post['level'] = $post['addtime'] = 0;
                $need_check = $MOD['news_check'] == 2 ? $MG['check'] : $MOD['news_check'];
                $post['status'] = get_status(3, $need_check);
                $do->add($post);
                dmsg($L['op_add_success'], '?status=' . $post['status']);
            } else {
                message($do->errmsg);
            }
        } else {
            foreach ($do->fields as $v) {
Esempio n. 30
0
function split_sell($part)
{
    global $db, $CFG, $MODULE;
    $sql = file_get(DT_ROOT . '/file/setting/split_sell.sql');
    $sql or dalert('请检查文件file/setting/split_sell.sql是否存在');
    $sql = str_replace('destoon_sell', $db->pre . 'sell_' . $part, $sql);
    if ($db->version() > '4.1' && $CFG['db_charset']) {
        $sql .= " ENGINE=MyISAM DEFAULT CHARSET=" . $CFG['db_charset'];
    } else {
        $sql .= " TYPE=MyISAM";
    }
    $sql .= " COMMENT='" . $MODULE[5]['name'] . "分表_" . $part . "';";
    $db->query($sql);
}