function ViewOnlineKFen($showdown_r, $u, $userid, $classid, $id, $pathid, $r)
{
global $level_r, $class_r, $dbtbpre, $public_r, $empire, $have_bak, $have_fen;
if ($showdown_r[2]) {
//下载次数限制
$setuserday = "";
if ($level_r[$u['groupid']][daydown]) {
$setuserday = DoCheckMDownNum($userid, $u['groupid'], 1);
}
//点数是否足够
$showdown_r[3] = intval($showdown_r[3]);
if ($showdown_r[3]) {
if ($have_fen == 1) {
//去除点数
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('userfen') . "=" . egetmf('userfen') . "-" . $showdown_r[3] . " where " . egetmf('userid') . "='{$userid}'");
}
if ($have_bak == 0) {
//备份下载记录
$utfusername = $u['username'];
BakDown($classid, $id, $pathid, $userid, $utfusername, $r[title], $showdown_r[3], 1);
}
}
//更新用户下载次数
if ($setuserday) {
$usql = $empire->query($setuserday);
}
}
//总下载数据增一
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set totaldown=totaldown+1 where id='{$id}'");
}
function DelMsg_all($mid)
{
global $empire, $dbtbpre;
$user = islogin();
$count = count($mid);
if (!$count) {
printerror("EmptyDelMsg", "", 1);
}
for ($i = 0; $i < $count; $i++) {
$add .= "mid='" . intval($mid[$i]) . "' or ";
}
$add = substr($add, 0, strlen($add) - 4);
$sql = $empire->query("delete from {$dbtbpre}enewsqmsg where (" . $add . ") and to_username='******'username']}'");
if ($sql) {
$num = $empire->gettotal("select count(*) as total from {$dbtbpre}enewsqmsg where to_username='******'username']}' and haveread=0 limit 1");
if (!$num) {
$newhavemsg = eReturnSetHavemsg($user['havemsg'], 0);
$newhavemsg = $newhavemsg == 2 || $newhavemsg == 3 ? 2 : 0;
$empire->query("update " . eReturnMemberTable() . " set " . egetmf('havemsg') . "='{$newhavemsg}' where " . egetmf('userid') . "='{$user['userid']}'");
}
printerror("DelMsgSuccess", "../member/msg/", 1);
} else {
printerror("DbError", "", 1);
}
}
function EditFriend($add)
{
global $empire, $dbtbpre;
//是否登陆
$user_r = islogin();
$fid = (int) $add['fid'];
$fname = RepPostVar(trim($add['fname']));
$add['fcid'] = (int) $add['fcid'];
if (!$fname || !$fid) {
printerror("EmptyFriend", "", 1);
}
//加自己为好友
if ($fname == $user_r['username']) {
printerror("NotAddFriendSelf", "", 1);
}
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$fname}' limit 1");
if (!$num) {
printerror("NotFriendUsername", "", 1);
}
//重复提交
if ($fname != $add['oldfname']) {
$num = $empire->gettotal("select count(*) as total from {$dbtbpre}enewshy where fname='{$fname}' and userid='{$user_r['userid']}' limit 1");
if ($num) {
printerror("ReAddFriend", "", 1);
}
}
$cid = (int) $add['cid'];
$fsay = RepPostStr($add['fsay']);
$sql = $empire->query("update {$dbtbpre}enewshy set fname='" . addslashes($fname) . "',cid={$cid},fsay='" . addslashes($fsay) . "' where fid={$fid} and userid='{$user_r['userid']}'");
if ($sql) {
printerror("EditFriendSuccess", "../member/friend/?cid={$add['fcid']}", 1);
} else {
printerror("DbError", "", 1);
}
}
function MemberConnect_DoLogin($apptype, $openid)
{
global $empire, $dbtbpre;
$apptype = RepPostVar($apptype);
$openid = RepPostVar($openid);
$mcr = MemberConnect_CheckOpenid($apptype, $openid);
if ($mcr['id']) {
$lifetime = 0;
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='" . $mcr['userid'] . "' limit 1");
DoEcmsMemberLogin($r, $lifetime);
MemberConnect_UpdateBindLogin($mcr['id']);
MemberConnect_ResetVar();
printerrortourl('../../../');
} else {
printerrortourl('../tobind.php');
}
}
function AddMemberFeedback($add)
{
global $empire, $dbtbpre;
//验证码
$keyvname = 'checkspacefbkey';
ecmsCheckShowKey($keyvname, $add['key'], 1);
//用户
$userid = intval($add['userid']);
$ur = $empire->fetch1("select " . egetmf('userid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
if (empty($ur['userid'])) {
printerror("NotUsername", "", 1);
}
//发表者
$uid = (int) getcvar('mluserid');
if ($uid) {
$uname = RepPostVar(getcvar('mlusername'));
} else {
$uid = 0;
$uname = '';
}
$uname = RepPostStr($uname);
$name = RepPostStr($add['name']);
$company = RepPostStr($add['company']);
$phone = RepPostStr($add['phone']);
$fax = RepPostStr($add['fax']);
$email = RepPostStr($add['email']);
$address = RepPostStr($add['address']);
$zip = RepPostStr($add['zip']);
$title = RepPostStr($add['title']);
$ftext = RepPostStr($add['ftext']);
if (!trim($name) || !trim($title) || !trim($ftext)) {
printerror("EmptyMemberFeedback", "history.go(-1)", 1);
}
$addtime = date("Y-m-d H:i:s");
$ip = egetip();
$eipport = egetipport();
$sql = $empire->query("insert into {$dbtbpre}enewsmemberfeedback(name,company,phone,fax,email,address,zip,title,ftext,userid,ip,uid,uname,addtime,eipport) values('{$name}','{$company}','{$phone}','{$fax}','{$email}','{$address}','{$zip}','{$title}','{$ftext}',{$userid},'{$ip}',{$uid},'{$uname}','{$addtime}','{$eipport}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
printerror("AddMemberFeedbackSuccess", $_SERVER['HTTP_REFERER'], 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function EditInfo($post)
{
global $empire, $dbtbpre, $public_r;
$user_r = islogin();
//是否登陆
$userid = $user_r[userid];
$username = $user_r[username];
$dousername = $username;
$rnd = $user_r[rnd];
$groupid = $user_r[groupid];
if (!$userid || !$username) {
printerror("NotEmpty", "history.go(-1)", 1);
}
//验证附加表必填项
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
$user_r = $empire->fetch1("select " . eReturnSelectMemberF('groupid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}'");
$fid = GetMemberFormId($user_r['groupid']);
if (empty($addr[userid])) {
$mr['add_filepass'] = $userid;
$member_r = ReturnDoMemberF($fid, $post, $mr, 0, $dousername);
} else {
$addr['add_filepass'] = $userid;
$member_r = ReturnDoMemberF($fid, $post, $addr, 1, $dousername);
}
//附加表
if (empty($addr[userid])) {
//IP
$regip = egetip();
$regipport = egetipport();
$lasttime = time();
$sql = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$regip}','{$lasttime}','{$regip}',1,'{$regipport}','{$regipport}'" . $member_r[1] . ");");
} else {
$sql = $empire->query("update {$dbtbpre}enewsmemberadd set userid='{$userid}'" . $member_r[0] . " where userid='{$userid}'");
}
//更新附件
UpdateTheFileEditOther(6, $userid, 'member');
if ($sql) {
printerror("EditInfoSuccess", "../member/EditInfo/", 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function AddMemberGbook($add)
{
global $empire, $dbtbpre;
//验证码
$keyvname = 'checkspacegbkey';
ecmsCheckShowKey($keyvname, $add['key'], 1);
//用户
$userid = intval($add['userid']);
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
if (empty($ur['userid'])) {
printerror("NotUsername", "", 1);
}
//发表者
$uid = (int) getcvar('mluserid');
if ($uid) {
$uname = RepPostVar(getcvar('mlusername'));
} else {
$uid = 0;
$uname = trim($add['uname']);
}
$uname = RepPostStr($uname);
$gbtext = RepPostStr($add['gbtext']);
if (empty($uname) || !trim($gbtext)) {
printerror("EmptyMemberGbook", "history.go(-1)", 1);
}
$isprivate = intval($add['isprivate']);
$addtime = date("Y-m-d H:i:s");
$ip = egetip();
$eipport = egetipport();
$sql = $empire->query("insert into {$dbtbpre}enewsmembergbook(userid,isprivate,uid,uname,ip,addtime,gbtext,retext,eipport) values({$userid},{$isprivate},{$uid},'{$uname}','{$ip}','{$addtime}','{$gbtext}','','{$eipport}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
printerror("AddMemberGbookSuccess", $_SERVER['HTTP_REFERER'], 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function CardGetFen($username, $reusername, $card_no, $password)
{
global $empire, $dbtbpre;
$card_no = RepPostVar($card_no);
$password = RepPostVar($password);
$username = RepPostVar($username);
if (!trim($username) || !trim($card_no) || !trim($password)) {
printerror("EmptyGetCard", "history.go(-1)", 1);
}
if ($username != $reusername) {
printerror("DifCardUsername", "history.go(-1)", 1);
}
$user = $empire->fetch1("select " . eReturnSelectMemberF('userid,userdate,username') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$user['userid']) {
printerror("ExiestCardUsername", "history.go(-1)", 1);
}
$num = $empire->gettotal("select count(*) as total from {$dbtbpre}enewscard where card_no='" . $card_no . "' and password='******' limit 1");
if (!$num) {
printerror("CardPassError", "history.go(-1)", 1);
}
//是否过期
$buytime = date("Y-m-d H:i:s");
$r = $empire->fetch1("select cardfen,money,endtime,carddate,cdgroupid,cdzgroupid from {$dbtbpre}enewscard where card_no='{$card_no}' limit 1");
if ($r[endtime] != "0000-00-00") {
$endtime = to_date($r[endtime]);
if ($endtime < time()) {
printerror("CardOutDate", "history.go(-1)", 1);
}
}
//充值
eAddFenToUser($r[cardfen], $r[carddate], $r[cdgroupid], $r[cdzgroupid], $user);
$sql1 = $empire->query("delete from {$dbtbpre}enewscard where card_no='{$card_no}'");
//删除卡号
//备份购买记录
BakBuy($user['userid'], $username, $card_no, $r[cardfen], $r[money], $r[carddate], 0);
printerror("CardGetFenSuccess", "../member/card/", 1);
}
$r['signbuild'] = ehtmlspecialchars($r['signbuild']);
$r['besttime'] = ehtmlspecialchars($r['besttime']);
$r['bz'] = ehtmlspecialchars($r['bz']);
$r['fptt'] = ehtmlspecialchars($r['fptt']);
$r['fpname'] = ehtmlspecialchars($r['fpname']);
$r['fp'] = (int) $r['fp'];
$r['psid'] = (int) $r['psid'];
$r['payfsid'] = (int) $r['payfsid'];
$r['precode'] = RepPostVar($r['precode']);
$total = array();
//必填项
ShopSys_CheckDdMust($r, $shoppr);
$ddno = ShopSys_ReturnDdNo();
//订单ID
$classids = '';
$price = 0;
//取得用户信息
$user = array();
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
if ($userid) {
$rnd = RepPostVar(getcvar('mlrnd'));
$user = $empire->fetch1("select " . eReturnSelectMemberF('userid,money,userfen,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' and " . egetmf('rnd') . "='{$rnd}' limit 1");
if (!$user['userid']) {
printerror("MustSingleUser", "history.go(-1)", 1);
}
}
//导入模板
require ECMS_PATH . DASHBOARD . '/template/ShopSys/SubmitOrder.php';
db_close();
$empire = null;
require_once ECMS_PATH . DASHBOARD . '/space/spacefun.php';
//用户是否存在
$userid = intval($_GET['userid']);
if ($userid) {
$add = "userid={$userid}";
$username = '';
$utfusername = '';
$uadd = egetmf('userid') . "='{$userid}'";
} else {
$username = RepPostVar($_GET['username']);
if (empty($username)) {
printerror("NotUsername", "", 1);
}
$add = "username='******'";
$utfusername = $username;
$uadd = egetmf('username') . "='{$username}'";
}
$ur = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . $uadd . " limit 1");
if (empty($ur['username'])) {
printerror("NotUsername", "", 1);
}
$userid = $userid ? $userid : $ur['userid'];
$utfusername = $utfusername ? $utfusername : $ur['username'];
$username = $username ? $username : $ur['username'];
$groupid = $ur['groupid'];
UpdateSpaceViewStats($userid);
//统计访问
$addur = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='" . $userid . "' limit 1");
//头像
$userpic = $addur['userpic'] ? $addur['userpic'] : $public_r[newsurl] . 'e/data/images/nouserpic.gif';
//空间地址
function qlogin($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
if ($ecms_config['member']['loginurl']) {
Header("Location:" . $ecms_config['member']['loginurl']);
exit;
}
$dopr = 1;
if ($_POST['prtype']) {
$dopr = 9;
}
$username = trim($add['username']);
$password = trim($add['password']);
if (!$username || !$password) {
printerror("EmptyLogin", "history.go(-1)", $dopr);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkloginkey';
if ($public_r['loginkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], $dopr);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$num = 0;
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$r['userid']) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if (!eDoCkMemberPw($password, $r['password'], $r['salt'])) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
if ($r['checked'] == 0) {
if ($public_r['regacttype'] == 1) {
printerror('NotCheckedUser', '../member/register/regsend.php', 1);
} else {
printerror('NotCheckedUser', '', 1);
}
}
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($r['userid']);
}
$rnd = make_password(20);
//取得随机密码
//默认会员组
if (empty($r['groupid'])) {
$r['groupid'] = eReturnMemberDefGroupid();
}
$r['groupid'] = (int) $r['groupid'];
$lasttime = time();
//IP
$lastip = egetip();
$lastipport = egetipport();
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('rnd') . "='{$rnd}'," . egetmf('groupid') . "='{$r['groupid']}' where " . egetmf('userid') . "='{$r['userid']}'");
$empire->query("update {$dbtbpre}enewsmemberadd set lasttime='{$lasttime}',lastip='{$lastip}',loginnum=loginnum+1,lastipport='{$lastipport}' where userid='{$r['userid']}'");
//设置cookie
$lifetime = (int) $add['lifetime'];
$logincookie = 0;
if ($lifetime) {
$logincookie = time() + $lifetime;
}
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $r['userid'], $logincookie);
$set3 = esetcookie("mlgroupid", $r['groupid'], $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($r['userid'], $username, $rnd, $r['groupid'], $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl) {
$location = $returnurl;
}
if (strstr($_SERVER['HTTP_REFERER'], "e/member/iframe")) {
$location = "../member/iframe/";
}
if (strstr($location, "enews=exit") || strstr($location, "e/member/register") || strstr($_SERVER['HTTP_REFERER'], "e/member/register")) {
$location = "../member/cp/";
$_POST['ecmsfrom'] = '';
}
ecmsEmptyShowKey($keyvname);
//清空验证码
$set6 = esetcookie("returnurl", "");
if ($set1 && $set2) {
//易通行系统
DoEpassport('login', $r['userid'], $username, $password, $r['salt'], $r['email'], $r['groupid'], $r['registertime']);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("LoginSuccess", $location, $dopr);
} else {
printerror("NotCookie", "history.go(-1)", $dopr);
}
}
$user = islogin();
if ($level_r[$user[groupid]]['level'] < $level_r[$public_r[showinfolevel]]['level']) {
printerror("NotLevelShowInfo", "", 1);
}
}
$userid = (int) $_GET['userid'];
if ($userid) {
$where = egetmf('userid') . "='{$userid}'";
$username = '';
} else {
$username = RepPostVar($_GET['username']);
if (empty($username)) {
printerror("NotUsername", "", 1);
}
$utfusername = $username;
$where = egetmf('username') . "='{$username}'";
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('userid,username,email,groupid,userfen,userdate,registertime') . " from " . eReturnMemberTable() . " where " . $where . " limit 1");
if (empty($r['userid'])) {
printerror("NotUsername", "", 1);
}
if (empty($username)) {
$username = $r['username'];
}
$registertime = eReturnMemberRegtime($r['registertime'], 'Y-m-d H:i:s');
$email = $r['email'];
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='" . $r['userid'] . "' limit 1");
//取得表单
$formid = GetMemberFormId($r['groupid']);
$formr = $empire->fetch1("select filef,imgf,tobrf,viewenter from {$dbtbpre}enewsmemberform where fid='{$formid}'");
//导入模板
$memberinfor = array();
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
$mrnd = RepPostVar(getcvar('mlrnd'));
$id = 0;
$newstime = time();
$r[newstime] = date("Y-m-d H:i:s");
$todaytime = $r[newstime];
$showkey = "";
$r['newstext'] = "";
$rechangeclass = '';
//验证会员信息
$mloginauthr = qCheckLoginAuthstr();
//取得登陆会员资料
if ($muserid && $mloginauthr['islogin']) {
$memberinfor = $empire->fetch1("select " . eReturnSelectMemberF('*', 'u.') . ",ui.* from " . eReturnMemberTable() . " u LEFT JOIN {$dbtbpre}enewsmemberadd ui ON u." . egetmf('userid') . "=ui.userid where u." . egetmf('userid') . "='{$muserid}' limit 1");
}
//增加
if ($enews == "MAddInfo") {
$cr = DoQCheckAddLevel($classid, $muserid, $musername, $mrnd, 0, 1);
$mr = $empire->fetch1("select qenter,qmname from {$dbtbpre}enewsmod where mid='{$cr['modid']}'");
if (empty($mr['qenter'])) {
printerror("NotOpenCQInfo", "history.go(-1)", 1);
}
//IP发布数限制
$check_ip = egetip();
$check_checked = $cr['wfid'] ? 0 : $cr['checkqadd'];
eCheckIpAddInfoNum($check_ip, $cr['tbname'], $cr['modid'], $check_checked);
//初始变量
$word = "增加信息";
$ecmsfirstpost = 1;
function GetSofturl($classid, $id, $pathid, $p, $pass, $onlinetime, $onlinepass)
{
global $empire, $dbtbpre, $public_r, $class_r, $emod_r, $level_r, $ecms_config;
//验证IP
eCheckAccessDoIp('onlineinfo');
$classid = (int) $classid;
$id = (int) $id;
$pathid = (int) $pathid;
$onlinetime = (int) $onlinetime;
$p = RepPostVar($p);
if (!$classid || empty($id) || empty($p)) {
exit;
}
$p_r = explode(":::", $p);
$userid = $p_r[0];
$rnd = $p_r[1];
//验证码
$cpass = md5(ReturnDownSysCheckIp() . "wm_chief" . $public_r[downpass] . $userid);
if ($cpass != $pass) {
exit;
}
//验证验证码
CheckOnlinePass($onlinetime, $onlinepass);
//表不存在
if (empty($class_r[$classid][tbname])) {
exit;
}
$mid = $class_r[$classid][modid];
$tbname = $class_r[$classid][tbname];
$r = $empire->fetch1("select * from {$dbtbpre}ecms_" . $tbname . " where id='{$id}' limit 1");
if (empty($r['id']) || $r['classid'] != $classid) {
exit;
}
//副表
$finfor = $empire->fetch1("select " . ReturnSqlFtextF($mid) . " from {$dbtbpre}ecms_" . $tbname . "_data_" . $r[stb] . " where id='{$r['id']}' limit 1");
$r = array_merge($r, $finfor);
//区分下载地址
$path_r = explode("\r\n", $r[onlinepath]);
if (!$path_r[$pathid]) {
exit;
}
$showdown_r = explode("::::::", $path_r[$pathid]);
$downgroup = $showdown_r[2];
//下载权限
if ($downgroup) {
$userid = (int) $userid;
$rnd = RepPostVar($rnd);
//取得会员资料
$u = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' and " . egetmf('rnd') . "='{$rnd}' limit 1");
if (empty($u['userid'])) {
exit;
}
//下载次数限制
$setuserday = "";
if ($level_r[$u['groupid']]['daydown']) {
$setuserday = DoCheckMDownNum($userid, $u['groupid'], 1);
}
if ($level_r[$downgroup][level] > $level_r[$u[groupid]][level]) {
exit;
}
//点数是否足够
$showdown_r[3] = intval($showdown_r[3]);
if ($showdown_r[3]) {
//---------是否有历史记录
$bakr = $empire->fetch1("select id,truetime from {$dbtbpre}enewsdownrecord where id='{$id}' and classid='{$classid}' and userid='{$userid}' and pathid='{$pathid}' and online=1 order by truetime desc limit 1");
if ($bakr[id] && time() - $bakr[truetime] <= $public_r[redodown] * 3600) {
} else {
//包月卡
if ($u['userdate'] - time() > 0) {
} else {
if ($showdown_r[3] > $u['userfen']) {
exit;
}
//去除点数
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('userfen') . "=" . egetmf('userfen') . "-" . $showdown_r[3] . " where " . egetmf('userid') . "='{$userid}'");
}
//备份下载记录
$utfusername = $u['username'];
BakDown($classid, $id, $pathid, $userid, $utfusername, $r[title], $showdown_r[3], 1);
}
}
//更新用户下载次数
if ($setuserday) {
$usql = $empire->query($setuserday);
}
}
//总下载数据增一
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set totaldown=totaldown+1 where id='{$id}'");
//选择播放器
$ftype = GetFiletype($showdown_r[1]);
if (strstr($ecms_config['sets']['realplayertype'], ',' . $ftype . ',')) {
Header("Content-Type: audio/x-pn-realaudio");
} else {
Header("Content-Type: video/x-ms-asf");
}
$downurl = stripSlashes($showdown_r[1]);
$downurlr = ReturnDownQzPath($downurl, $showdown_r[4]);
$downurl = $downurlr['repath'];
//防盗链
@(include ECMS_PATH . DASHBOARD . "/DownSys/class/enpath.php");
$downurl = DoEnOnlinepath($downurl);
db_close();
$empire = null;
echo $downurl;
exit;
}
if (empty($r[userid])) {
Header("Location:{$gotourl}");
exit;
}
//cookie
if ($type == 1) {
$gfencookie = getcvar('ecmsgfen');
if ($gfencookie) {
Header("Location:{$gotourl}");
exit;
}
$set = esetcookie("ecmsgfen", "ecms", time() + $retime);
} else {
$ip = egetip();
$time = time();
//删除过期记录
$del = $empire->query("delete from {$dbtbpre}enewsgfenip where " . $time . "-addtime>" . $retime);
$ipr = $empire->fetch1("select ip,addtime from {$dbtbpre}enewsgfenip where ip='{$ip}' limit 1");
if ($ipr['ip']) {
Header("Location:{$gotourl}");
exit;
} else {
$usql = $empire->query("insert into {$dbtbpre}enewsgfenip(ip,addtime) values('{$ip}',{$time});");
}
}
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('userfen') . "=" . egetmf('userfen') . "+" . $fen . " where " . $where);
$set = esetcookie("gfenuserid", $r[userid], 0);
$set = esetcookie("gfenusername", $r[username], 0);
db_close();
$empire = null;
header("Refresh:0; URL={$gotourl}");
function AddDd($add)
{
global $empire, $public_r, $dbtbpre;
$shoppr = ShopSys_ReturnSet();
//验证权限
ShopCheckAddDdGroup($shoppr);
//购物车无内容
if (!getcvar('mybuycar')) {
printerror("EmptyBuycar", "history.go(-1)", 1);
}
$add[ddno] = RepPostVar($add[ddno]);
$add[truename] = RepPostStr($add[truename]);
$add[oicq] = RepPostStr($add[oicq]);
$add[msn] = RepPostStr($add[msn]);
$add[mycall] = RepPostStr($add[mycall]);
$add[phone] = RepPostStr($add[phone]);
$add[email] = RepPostStr($add[email]);
$add[address] = RepPostStr($add[address]);
$add[zip] = RepPostStr($add[zip]);
$add[signbuild] = RepPostStr($add[signbuild]);
$add[besttime] = RepPostStr($add[besttime]);
$add[bz] = RepPostStr($add[bz]);
$add[fptt] = RepPostStr($add[fptt]);
$add[fpname] = RepPostStr($add[fpname]);
$add[fp] = (int) $add[fp];
$add[psid] = (int) $add[psid];
$add[payfsid] = (int) $add[payfsid];
$add['precode'] = RepPostVar($add['precode']);
//基本必填
if (!$add['ddno']) {
printerror("EmptyBuycar", "history.go(-1)", 1);
}
//必填项
ShopSys_CheckDdMust($add, $shoppr);
$mess = "AddDdSuccess";
$haveprice = 0;
$payby = 0;
//返回购物车存放格式
$buyr = ReturnBuycardd($shoppr);
$alltotal = $buyr[2];
$alltotalfen = $buyr[1];
$buycar = $buyr[3];
$classids = $buyr['classids'];
//配送方式
$pr = array();
if ($shoppr['shoppsmust']) {
$pr = $empire->fetch1("select pid,pname,price from {$dbtbpre}enewsshopps where pid='{$add['psid']}' and isclose=0");
if (empty($pr['pid'])) {
printerror("NotPsid", "history.go(-1)", 1);
}
}
//支付方式
$payr = array();
if ($shoppr['shoppayfsmust']) {
$payr = $empire->fetch1("select payid,payname,payurl,userpay,userfen from {$dbtbpre}enewsshoppayfs where payid='{$add['payfsid']}' and isclose=0");
if (empty($payr['payid'])) {
printerror("NotPayfsid", "history.go(-1)", 1);
}
}
//取得用户信息
$user = array();
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
if ($userid) {
$rnd = RepPostVar(getcvar('mlrnd'));
$user = $empire->fetch1("select " . eReturnSelectMemberF('userid,money,userfen,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' and " . egetmf('rnd') . "='{$rnd}' limit 1");
if (!$user['userid']) {
printerror("MustSingleUser", "history.go(-1)", 1);
}
}
//优惠
$prer = array();
$pretotal = 0;
if ($add['precode']) {
$prer = ShopSys_GetPre($add['precode'], $alltotal, $user, $classids);
$pretotal = ShopSys_PreMoney($prer, $alltotal);
}
//运费
$truetotalmoney = $alltotal - $pretotal;
if ($pr['pid']) {
$pr['price'] = ShopSys_PrePsTotal($pr['pid'], $pr['price'], $truetotalmoney, $shoppr);
}
//发票
$fptotal = 0;
if ($add[fp]) {
$fptotal = ($alltotal - $pretotal) * ($shoppr['fpnum'] / 100);
}
//支付金额
$buyallfen = $alltotalfen + $pr['price'];
$buyallmoney = $alltotal + $pr['price'] + $fptotal - $pretotal;
if ($buyallmoney < 0) {
$buyallmoney = 0;
}
$location = "buycar/";
if ($payr[userfen]) {
if ($buyr[0]) {
printerror("NotProductForBuyfen", "history.go(-1)", 1);
} else {
if ($userid) {
$buyallfen = $alltotalfen + $pr[price];
if ($buyallfen > $user['userfen']) {
printerror("NotEnoughFenBuy", "history.go(-1)", 1);
}
//扣除点数
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('userfen') . "=" . egetmf('userfen') . "-" . $buyallfen . " where " . egetmf('userid') . "='{$userid}'");
if ($usql) {
$mess = "AddDdSuccessa";
$payby = 1;
$haveprice = 1;
}
} else {
printerror("NotLoginTobuy", "history.go(-1)", 1);
}
}
} elseif ($payr[userpay]) {
if ($userid) {
$buyallmoney = $alltotal + $pr[price] + $fptotal - $pretotal;
if ($buyallmoney < 0) {
$buyallmoney = 0;
}
if ($buyallmoney > $user['money']) {
printerror("NotEnoughMoneyBuy", "history.go(-1)", 1);
}
//扣除金额
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('money') . "=" . egetmf('money') . "-" . $buyallmoney . " where " . egetmf('userid') . "='{$userid}'");
if ($usql) {
$mess = "AddDdSuccessa";
$payby = 2;
$haveprice = 1;
}
} else {
printerror("NotLoginTobuy", "history.go(-1)", 1);
}
} elseif ($payr[payurl]) {
$mess = "AddDdAndToPaySuccess";
$location = $payr[payurl];
} else {
}
$ddtime = date("Y-m-d H:i:s");
$ddtruetime = time();
$ip = egetip();
$pr[price] = (double) $pr[price];
$alltotal = (double) $alltotal;
$alltotalfen = (double) $alltotalfen;
$fptotal = (double) $fptotal;
$pretotal = (double) $pretotal;
$sql = $empire->query("insert into {$dbtbpre}enewsshopdd(ddno,ddtime,userid,username,outproduct,haveprice,checked,truename,oicq,msn,email,`mycall`,phone,address,zip,psid,psname,pstotal,alltotal,payfsid,payfsname,payby,alltotalfen,fp,fptt,fptotal,fpname,userip,signbuild,besttime,pretotal,ddtruetime) values('{$add['ddno']}','{$ddtime}',{$userid},'{$username}',0,'{$haveprice}',0,'{$add['truename']}','{$add['oicq']}','{$add['msn']}','{$add['email']}','{$add['mycall']}','{$add['phone']}','{$add['address']}','{$add['zip']}','{$add['psid']}','{$pr['pname']}',{$pr['price']},{$alltotal},'{$add['payfsid']}','{$payr['payname']}','{$payby}',{$alltotalfen},{$add['fp']},'{$add['fptt']}',{$fptotal},'{$add['fpname']}','{$ip}','{$add['signbuild']}','{$add['besttime']}','{$pretotal}','{$ddtruetime}');");
$ddid = $empire->lastid();
$sqladd = $empire->query("insert into {$dbtbpre}enewsshopdd_add(ddid,buycar,bz,retext) values('{$ddid}','" . addslashes($buycar) . "','{$add['bz']}','');");
//减库存
if ($shoppr['cutnumtype'] == 0) {
Shopsys_CutMaxnum($ddid, $buycar, 0, $shoppr, 0);
} else {
if ($haveprice == 1) {
Shopsys_CutMaxnum($ddid, $buycar, 0, $shoppr, 0);
}
}
//优惠码
if ($prer['id']) {
$prer['id'] = (int) $prer['id'];
if ($prer['reuse'] == 0) {
$empire->query("delete from {$dbtbpre}enewsshop_precode where id='" . $prer['id'] . "'");
} elseif ($prer['reuse'] && $prer['usenum']) {
if ($prer['usenum'] <= $prer['haveusenum'] + 1) {
$empire->query("delete from {$dbtbpre}enewsshop_precode where id='" . $prer['id'] . "'");
} else {
$empire->query("update {$dbtbpre}enewsshop_precode set haveusenum=haveusenum+1 where id='" . $prer['id'] . "'");
}
}
}
if ($sql) {
$set = esetcookie("paymoneyddid", $ddid, 0);
SetBuycar("");
printerror($mess, $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
$finfor = $empire->fetch1("select " . ReturnSqlFtextF($mid) . " from {$dbtbpre}ecms_" . $tbname . "_data_" . $r[stb] . " where id='{$r['id']}' limit 1");
$r = array_merge($r, $finfor);
//区分下载地址
$path_r = explode("\r\n", $r[downpath]);
if (!$path_r[$pathid]) {
echo "<script>alert('此信息不存在');window.close();</script>";
exit;
}
$showdown_r = explode("::::::", $path_r[$pathid]);
//下载权限
$user = array();
$downgroup = $showdown_r[2];
if ($downgroup) {
$user = islogin();
//取得会员资料
$u = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$user['userid']}' and " . egetmf('rnd') . "='{$user['rnd']}' limit 1");
if (empty($u['userid'])) {
echo "<script>alert('同一帐号,只能一人在线');window.close();</script>";
exit;
}
//下载次数限制
if ($level_r[$u['groupid']]['daydown']) {
$setuserday = DoCheckMDownNum($user['userid'], $u['groupid'], 2);
if ($setuserday == 'error') {
echo "<script>alert('您的下载与观看次数已超过系统限制(" . $level_r[$u['groupid']]['daydown'] . " 次)!');window.close();</script>";
exit;
}
}
if ($level_r[$downgroup][level] > $level_r[$u['groupid']][level]) {
echo "<script>alert('您的会员级别不足(" . $level_r[$downgroup][groupname] . "),没有下载此软件的权限!');window.close();</script>";
exit;
<?php
if(!defined('InEmpireCMS'))
{
exit();
}
?>
<?php
//配置查询自定义字段列表,逗号开头,多个用逗号格开,格式“ui.字段名”
$useraddf=',ui.userpic';
//分页SQL
$query='select '.eReturnSelectMemberF('userid,username,email,registertime,groupid','u.').$useraddf.' from '.eReturnMemberTable().' u'.$add." order by u.".egetmf('userid')." desc limit $offset,$line";
$sql=$empire->query($query);
//导航
$public_diyr['pagetitle']='会员列表';
$url="<a href='../../../'>首页</a> > 会员列表";
require(ECMS_PATH.DASHBOARD.'/template/incfile/header.php');
?>
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="1" class="tableborder">
<form name="memberform" method="get" action="index.php">
<input type="hidden" name="sear" value="1">
<input type="hidden" name="groupid" value="<?=$groupid?>">
<tr class="header">
<td width="10%"><div align="center">ID</div></td>
<td width="38%" height="25"><div align="center">用户名</div></td>
<td width="30%" height="25"><div align="center">注册时间</div></td>
<td width="22%" height="25"><div align="center"></div></td>
</tr>
<?php
function DoRegSend($add)
{
global $empire, $dbtbpre, $public_r;
if ($public_r['regacttype'] != 1) {
printerror('CloseRegAct', '', 1);
}
$username = trim($add[username]);
$password = trim($add[password]);
$email = trim($add[email]);
$newemail = trim($add[newemail]);
if (!$username || !$password || !$email) {
printerror("EmptyRegAct", "history.go(-1)", 1);
}
//验证码
$key = $add['key'];
$keyvname = 'checkregsendkey';
ecmsCheckShowKey($keyvname, $key, 1);
$username = RepPostVar($username);
$password = RepPostVar($password);
$username = RepPostStr($username);
$email = RepPostStr($email);
$newemail = RepPostStr($newemail);
if (!chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
if ($newemail) {
if (!chemail($newemail)) {
printerror("EmailFail", "history.go(-1)", 1);
}
$sendemail = $newemail;
} else {
$sendemail = $email;
}
//密码
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (!$ur['userid']) {
printerror("ErrorRegActUser", "history.go(-1)", 1);
}
if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) {
printerror("ErrorRegActUser", "history.go(-1)", 1);
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
$useremail = $r['email'];
if (!$r['userid'] || $useremail != $email) {
printerror("ErrorRegActUser", "history.go(-1)", 1);
}
if ($r['checked']) {
printerror("HaveRegActUser", '', 1);
}
$addr = $empire->fetch1("select userid,authstr from {$dbtbpre}enewsmemberpub where userid='" . $r['userid'] . "' limit 1");
$ar = explode('||', $addr['authstr']);
if (!$addr['userid'] || !$addr['authstr'] || $ar[1] != 2) {
printerror("HaveRegActUser", '', 1);
}
ecmsEmptyShowKey($keyvname);
//清空验证码
SendActUserEmail($r['userid'], $username, $sendemail);
}
function AddPl($username, $password, $nomember, $key, $saytext, $id, $classid, $repid, $add)
{
global $empire, $dbtbpre, $public_r, $class_r, $level_r;
//验证本时间允许操作
eCheckTimeCloseDo('pl');
//验证IP
eCheckAccessDoIp('pl');
$id = (int) $id;
$repid = (int) $repid;
$classid = (int) $classid;
//验证码
$keyvname = 'checkplkey';
if ($public_r['plkey_ok']) {
ecmsCheckShowKey($keyvname, $key, 1);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
$mgroupid = (int) getcvar('mlgroupid');
if ($muserid) {
$cklgr = qCheckLoginAuthstr();
if ($cklgr['islogin']) {
$username = $musername;
} else {
$muserid = 0;
}
} else {
if (empty($nomember)) {
if (!$username || !$password) {
printerror("FailPassword", "history.go(-1)", 1);
}
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,salt,password,checked,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if (empty($ur['userid'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if (!eDoCkMemberPw($password, $ur['password'], $ur['salt'])) {
printerror("FailPassword", "history.go(-1)", 1);
}
if ($ur['checked'] == 0) {
printerror("NotCheckedUser", '', 1);
}
$muserid = $ur['userid'];
$mgroupid = $ur['groupid'];
} else {
$muserid = 0;
}
}
if ($public_r['plgroupid']) {
if (!$muserid) {
printerror("GuestNotToPl", "history.go(-1)", 1);
}
if ($level_r[$mgroupid][level] < $level_r[$public_r['plgroupid']][level]) {
printerror("NotLevelToPl", "history.go(-1)", 1);
}
}
//专题
$doaction = $add['doaction'];
if ($doaction == 'dozt') {
if (!trim($saytext) || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select ztid,closepl,checkpl,restb from {$dbtbpre}enewszt where ztid='{$classid}'");
if (!$r['ztid']) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($r['closepl']) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//审核
if ($r['checkpl']) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pubid = '-' . $classid;
$id = 0;
$pagefunr = eReturnRewritePlUrl($classid, $id, 'dozt', 0, 0, 1);
$returl = $pagefunr['pageurl'];
} else {
if (!trim($saytext) || !$id || !$classid) {
printerror("EmptyPl", "history.go(-1)", 1);
}
//表存在
if (empty($class_r[$classid][tbname])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
//是否关闭评论
$r = $empire->fetch1("select classid,stb,restb from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' limit 1");
if (!$r['classid'] || $r['classid'] != $classid) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
if ($class_r[$r[classid]][openpl]) {
printerror("CloseClassPl", "history.go(-1)", 1);
}
//单信息关闭评论
$pubid = ReturnInfoPubid($classid, $id);
$finfor = $empire->fetch1("select closepl from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_data_" . $r['stb'] . " where id='{$id}' limit 1");
if ($finfor['closepl']) {
printerror("CloseInfoPl", "history.go(-1)", 1);
}
//审核
if ($class_r[$classid][checkpl]) {
$checked = 1;
} else {
$checked = 0;
}
$restb = $r['restb'];
$pagefunr = eReturnRewritePlUrl($classid, $id, 'doinfo', 0, 0, 1);
$returl = $pagefunr['pageurl'];
}
//设置参数
$plsetr = $empire->fetch1("select pltime,plsize,plincludesize,plclosewords,plmustf,plf,plmaxfloor,plquotetemp from {$dbtbpre}enewspl_set limit 1");
if (strlen($saytext) > $plsetr['plsize']) {
$GLOBALS['setplsize'] = $plsetr['plsize'];
printerror("PlSizeTobig", "history.go(-1)", 1);
}
$time = time();
$saytime = $time;
$pltime = getcvar('lastpltime');
if ($pltime) {
if ($time - $pltime < $plsetr['pltime']) {
$GLOBALS['setpltime'] = $plsetr['pltime'];
printerror("PlOutTime", "history.go(-1)", 1);
}
}
$sayip = egetip();
$eipport = egetipport();
$username = str_replace("\r\n", "", $username);
$username = RepPostStr($username);
$saytext = nl2br(RepFieldtextNbsp(RepPostStr($saytext)));
if ($repid) {
$saytext = RepPlTextQuote($repid, $saytext, $plsetr, $restb);
CkPlQuoteFloor($plsetr['plmaxfloor'], $saytext);
//验证楼层
}
//过滤字符
$saytext = ReplacePlWord($plsetr['plclosewords'], $saytext);
if ($level_r[$mgroupid]['plchecked']) {
$checked = 0;
}
$ret_r = ReturnPlAddF($add, $plsetr, 0);
//主表
$sql = $empire->query("insert into {$dbtbpre}enewspl_" . $restb . "(pubid,username,sayip,saytime,id,classid,checked,zcnum,fdnum,userid,isgood,saytext,eipport" . $ret_r['fields'] . ") values('{$pubid}','" . $username . "','{$sayip}','{$saytime}','{$id}','{$classid}','{$checked}',0,0,'{$muserid}',0,'" . addslashes($saytext) . "','{$eipport}'" . $ret_r['values'] . ");");
$plid = $empire->lastid();
if ($doaction != 'dozt') {
//信息表加1
$usql = $empire->query("update {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " set plnum=plnum+1 where id='{$id}' limit 1");
}
//更新新评论数
DoUpdateAddDataNum('pl', $restb, 1);
//设置最后发表时间
$set1 = esetcookie("lastpltime", time(), time() + 3600 * 24);
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
$reurl = DoingReturnUrl($returl, $_POST['ecmsfrom']);
printerror("AddPlSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function CheckShowNewsLevel($infor)
{
global $check_path, $level_r, $empire, $gotourl, $toreturnurl, $public_r, $dbtbpre, $class_r;
$groupid = $infor['groupid'];
$userfen = $infor['userfen'];
$id = $infor['id'];
$classid = $infor['classid'];
//是否登陆
$user_r = ViewCheckLogin($infor);
//验证权限
if ($class_r[$infor[classid]]['cgtoinfo']) {
$checkcr = $empire->fetch1("select cgroupid from {$dbtbpre}enewsclass where classid='{$infor['classid']}'");
if ($checkcr['cgroupid']) {
if (!strstr($checkcr[cgroupid], ',' . $user_r[groupid] . ',')) {
$infor['eclass_cgroupid'] = $checkcr[cgroupid];
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您没有足够权限查看此信息! <a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
}
}
if ($groupid) {
if ($level_r[$groupid][level] > $level_r[$user_r[groupid]][level]) {
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您的会员级别不足(您的当前级别:" . $level_r[$user_r[groupid]][groupname] . "),没有查看此信息的权限! <a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
}
//扣点
if (!empty($userfen)) {
//是否有历史记录
$bakr = $empire->fetch1("select id,truetime from {$dbtbpre}enewsdownrecord where id='{$id}' and classid='{$classid}' and userid='{$user_r['userid']}' and online=2 order by truetime desc limit 1");
if ($bakr['id'] && time() - $bakr['truetime'] <= $public_r['redoview'] * 3600) {
} else {
if ($user_r[userdate] - time() > 0) {
} else {
if ($user_r[userfen] < $userfen) {
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您的点数不足(您当前拥有的点数 " . $user_r[userfen] . " 点),没有查看此信息的权限! <a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
//扣点
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('userfen') . "=" . egetmf('userfen') . "-" . $userfen . " where " . egetmf('userid') . "='{$user_r['userid']}'");
}
//备份下载记录
$utfusername = $user_r['username'];
BakDown($classid, $id, 0, $user_r['userid'], $utfusername, $infor[title], $userfen, 2);
}
}
}
function eSendMsg($title, $msgtext, $to_username, $from_userid, $from_username, $isadmin, $issys, $ecms = 0)
{
global $empire, $dbtbpre;
$tbname = $ecms == 1 ? $dbtbpre . 'enewshmsg' : $dbtbpre . 'enewsqmsg';
$msgtime = date("Y-m-d H:i:s");
$empire->query("insert into " . $tbname . "(title,msgtext,haveread,msgtime,to_username,from_userid,from_username,isadmin,issys) values('{$title}','{$msgtext}',0,'{$msgtime}','{$to_username}','{$from_userid}','{$from_username}','{$isadmin}','{$issys}');");
//消息状态
$userr = $empire->fetch1("select " . eReturnSelectMemberF('userid,havemsg') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$to_username}' limit 1");
if (!$userr['havemsg']) {
$newhavemsg = eReturnSetHavemsg($userr['havemsg'], 0);
$empire->query("update " . eReturnMemberTable() . " set " . egetmf('havemsg') . "='{$newhavemsg}' where " . egetmf('userid') . "='" . $userr['userid'] . "' limit 1");
}
}
function PayApiBuyGroupPay($bgid, $money, $orderid, $userid, $username, $groupid, $ecms_paytype)
{
global $empire, $dbtbpre, $level_r;
$bgid = (int) $bgid;
$userid = (int) $userid;
$username = RepPostVar($username);
$groupid = (int) $groupid;
$ecms_paytype = RepPostVar($ecms_paytype);
//验证是否重复提交
$orderid = RepPostVar($orderid);
$num = $empire->gettotal("select count(*) as total from {$dbtbpre}enewspayrecord where orderid='{$orderid}' limit 1");
if ($num) {
printerror('您已成功充值', '../../../', 1, 0, 1);
}
$buyr = $empire->fetch1("select * from {$dbtbpre}enewsbuygroup where id='{$bgid}'");
if ($buyr['id'] && $money == $buyr['gmoney'] && $level_r[$buyr[buygroupid]][level] <= $level_r[$groupid][level]) {
$money = (double) $money;
//充值
$user = $empire->fetch1("select " . eReturnSelectMemberF('userdate,userid,username') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}'");
eAddFenToUser($buyr['gfen'], $buyr['gdate'], $buyr['ggroupid'], $buyr['gzgroupid'], $user);
$posttime = date("Y-m-d H:i:s");
$payip = egetip();
$paybz = "充值类型:" . addslashes($buyr['gname']);
$paybz = RepPostStr($paybz);
$empire->query("insert into {$dbtbpre}enewspayrecord(id,userid,username,orderid,money,posttime,paybz,type,payip) values(NULL,'{$userid}','{$username}','{$orderid}','{$money}','{$posttime}','{$paybz}','{$ecms_paytype}','{$payip}');");
//备份充值记录
BakBuy($userid, $username, $buyr['gname'], $buyr['gfen'], $money, $buyr['gdate'], 1);
}
printerror('您已成功充值', '../../../', 1, 0, 1);
}
$logininid = (int) $lur['userid'];
$loginin = $lur['username'];
$loginrnd = $lur['rnd'];
$loginlevel = (int) $lur['groupid'];
$loginadminstyleid = $lur['adminstyleid'];
//ehash
$ecms_hashur = hReturnEcmsHashStrAll();
//我的状态
$user_r = $empire->fetch1("select pretime,preip,loginnum,preipport from {$dbtbpre}enewsuser where userid='{$logininid}'");
$gr = $empire->fetch1("select groupname from {$dbtbpre}enewsgroup where groupid='{$loginlevel}'");
//管理员统计
$adminnum = $empire->gettotal("select count(*) as total from {$dbtbpre}enewsuser");
$date = date("Y-m-d");
$noplnum = $empire->gettotal("select count(*) as total from {$dbtbpre}enewspl_" . $public_r['pldeftb'] . " where checked=1");
//未审核会员
$nomembernum = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('checked') . "=0");
//过期广告
$outtimeadnum = $empire->gettotal("select count(*) as total from {$dbtbpre}enewsad where endtime<'{$date}' and endtime<>'0000-00-00'");
//系统信息
if (function_exists('ini_get')) {
$onoff = ini_get('register_globals');
} else {
$onoff = get_cfg_var('register_globals');
}
if ($onoff) {
$onoff = "打开";
} else {
$onoff = "关闭";
}
if (function_exists('ini_get')) {
$upload = ini_get('file_uploads');
function register($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
//关闭注册
if ($public_r['register_ok']) {
printerror('CloseRegister', '', 1);
}
//验证时间段允许操作
eCheckTimeCloseDo('reg');
//验证IP
eCheckAccessDoIp('register');
if (!empty($ecms_config['member']['registerurl'])) {
Header("Location:" . $ecms_config['member']['registerurl']);
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror('LoginToRegister', '', 1);
}
CheckCanPostUrl();
//验证来源
$username = trim($add['username']);
$password = trim($add['password']);
$username = RepPostVar($username);
$password = RepPostVar($password);
$email = RepPostStr($add['email']);
if (!$username || !$password || !$email) {
printerror("EmptyMember", "history.go(-1)", 1);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkregkey';
if ($public_r['regkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$user_groupid = eReturnMemberDefGroupid();
$groupid = (int) $add['groupid'];
$groupid = empty($groupid) ? $user_groupid : $groupid;
CheckMemberGroupCanReg($groupid);
//IP
$regip = egetip();
$regipport = egetipport();
//用户字数
$pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
$userlen = strlen($username);
if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
printerror('FaiUserlen', '', 1);
}
//密码字数
$passlen = strlen($password);
if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
printerror('FailPasslen', '', 1);
}
if ($add['repassword'] !== $password) {
printerror('NotRepassword', '', 1);
}
if (!chemail($email)) {
printerror('EmailFail', '', 1);
}
if (strstr($username, '|') || strstr($username, '*')) {
printerror('NotSpeWord', '', 1);
}
//同一IP注册
eCheckIpRegTime($regip, $pr['regretime']);
//保留用户
toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
$username = RepPostStr($username);
//重复用户
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if ($num) {
printerror('ReUsername', '', 1);
}
//重复邮箱
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' limit 1");
if ($num) {
printerror('ReEmailFail', '', 1);
}
}
//注册时间
$lasttime = time();
$registertime = eReturnAddMemberRegtime();
$rnd = make_password(20);
//产生随机密码
$userkey = eReturnMemberUserKey();
//密码
$truepassword = $password;
$salt = eReturnMemberSalt();
$password = eDoMemberPw($password, $salt);
//审核
$checked = ReturnGroupChecked($groupid);
if ($checked && $public_r['regacttype'] == 1) {
$checked = 0;
}
//验证附加表必填项
$mr['add_filepass'] = ReturnTranFilepass();
$fid = GetMemberFormId($groupid);
$member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
$sql = $empire->query("insert into " . eReturnMemberTable() . "(" . eReturnInsertMemberF('username,password,rnd,email,registertime,groupid,userfen,userdate,money,zgroupid,havemsg,checked,salt,userkey') . ") values('{$username}','{$password}','{$rnd}','{$email}','{$registertime}','{$groupid}','{$public_r['reggetfen']}','0','0','0','0','{$checked}','{$salt}','{$userkey}');");
//取得userid
$userid = $empire->lastid();
//附加表
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
if (!$addr[userid]) {
$spacestyleid = ReturnGroupSpaceStyleid($groupid);
$sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}','{$lasttime}','{$regip}','1','{$regipport}','{$regipport}'" . $member_r[1] . ");");
}
//更新附件
UpdateTheFileOther(6, $userid, $mr['add_filepass'], 'member');
ecmsEmptyShowKey($keyvname);
//清空验证码
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($userid);
}
if ($sql) {
//邮箱激活
if ($checked == 0 && $public_r['regacttype'] == 1) {
include 'class/member_actfun.php';
SendActUserEmail($userid, $username, $email);
}
//审核
if ($checked == 0) {
$location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
printerror("RegisterSuccessCheck", $location, 1);
}
$logincookie = 0;
if ($ecms_config['member']['regcookietime']) {
$logincookie = time() + $ecms_config['member']['regcookietime'];
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $userid, $logincookie);
$set3 = esetcookie("mlgroupid", $groupid, $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($userid, $username, $rnd, $groupid, $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
$location = $returnurl;
}
$set5 = esetcookie("returnurl", "");
//易通行系统
DoEpassport('reg', $userid, $username, $truepassword, $salt, $email, $groupid, $registertime);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("RegisterSuccess", $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
$uswhere .= $or . '(' . $onewhere . ')';
$search .= '&show[]=' . $show[$i] . '&hh[]=' . RepPostStr($hh[$i], 1) . '&keyboard[]=' . RepPostStr($keyboard[$i], 1);
}
}
if ($uswhere) {
$add .= $where . '(' . $uswhere . ')';
}
} else {
$searchf = 'username';
if ($keyboard[0]) {
$add .= $where . UserSearchDoKeyboard('u.' . egetmf('username'), $hh[0], $keyboard[0]);
}
$search .= '&hh[]=' . RepPostStr($hh[0], 1) . '&keyboard[]=' . RepPostStr($keyboard[0], 1);
}
}
$add = " LEFT JOIN {$dbtbpre}enewsmemberadd ui ON u." . egetmf('userid') . "=ui.userid" . $add;
$page = (int) $_GET['page'];
$page = RepPIntvar($page);
$start = 0;
$line = $public_r['member_num'];
//每页显示条数
$page_line = 10;
//每页显示链接数
$offset = $page * $line;
//总偏移量
$totalnum = (int) $_GET['totalnum'];
if ($totalnum < 1) {
$totalquery = "select count(*) as total from " . eReturnMemberTable() . " u" . $add;
$num = $empire->gettotal($totalquery);
//取得总条数
} else {
>留言者IP</option>
</select>
<input type="submit" name="Submit" value="搜索">
<input name="sear" type="hidden" id="sear" value="1">
</div></td>
</tr>
</form>
</table>
<form name=thisform method=post action=MemberGbook.php onsubmit="return confirm('确认要执行操作?');">
<?php
echo $ecms_hashur['form'];
?>
<?
while($r=$empire->fetch($sql))
{
$ur=$empire->fetch1("select ".egetmf('username')." from ".eReturnMemberTable()." where ".egetmf('userid')."='$r[userid]'");
if($r['uid'])
{
$r['uname']="<b><a href='../../space/?userid=$r[uid]' target='_blank'>$r[uname]</a></b>";
}
$username=$ur['username'];
$private='';
if($r['isprivate'])
{
$private='<b>[悄悄话]</b>';
}
?>
<table width="700" border="0" align="center" cellpadding="3" cellspacing="1" class=tableborder>
<tr class=header>
<td width="55%" height="23">发布者:
<?php
require "../../../class/db_sql.php";
require "../../class/user.php";
$link = db_connect();
$empire = new mysqlquery();
$editor = 2;
eCheckCloseMods('member');
//关闭模块
$user = islogin();
$mid = (int) $_GET['mid'];
if (empty($mid)) {
printerror("HaveNotMsg", "", 1);
}
$r = $empire->fetch1("select mid,title,msgtext,from_userid,from_username,msgtime,haveread,issys from {$dbtbpre}enewsqmsg where mid={$mid} and to_username='******'username']}' limit 1");
if (empty($r[mid])) {
printerror("HaveNotMsg", "", 1);
}
if ($r['issys']) {
$r[from_username] = "<b>系统信息</b>";
}
if (!$r['haveread']) {
$newhavemsg = 0;
if ($user['havemsg'] == 3) {
$newhavemsg = 2;
}
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('havemsg') . "='{$newhavemsg}' where " . egetmf('userid') . "='{$user['userid']}'");
$usql = $empire->query("update {$dbtbpre}enewsqmsg set haveread=1 where mid={$mid}");
}
//导入模板
require ECMS_PATH . DASHBOARD . '/template/member/ViewMsg.php';
db_close();
$empire = null;
}
//审核
$schecked = (int) $_GET['schecked'];
if ($schecked) {
$and = $add ? ' and ' : ' where ';
if ($schecked == 1) {
$add .= $and . egetmf('checked') . "=0";
} else {
$add .= $and . egetmf('checked') . "=1";
}
$search .= "&schecked={$schecked}";
}
$totalquery = "select count(*) as total from " . eReturnMemberTable() . $add;
$num = $empire->gettotal($totalquery);
$query = "select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . $add;
$query .= " order by " . egetmf('userid') . " desc limit {$offset},{$line}";
$sql = $empire->query($query);
$returnpage = page2($num, $line, $page_line, $start, $page, $search);
//----------会员组
$sql1 = $empire->query("select * from {$dbtbpre}enewsmembergroup order by level");
while ($l_r = $empire->fetch($sql1)) {
if ($groupid == $l_r[groupid]) {
$select = " selected";
} else {
$select = "";
}
$group .= "<option value=" . $l_r[groupid] . $select . ">" . $l_r[groupname] . "</option>";
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
function sys_ListMemberInfo($line=10,$ecms=0,$groupid=0,$userids=0,$fields=''){
global $empire,$dbtbpre,$public_r,$navinfor,$level_r;
if(!defined('InEmpireCMSUser'))
{
include_once ECMS_PATH.DASHBOARD.'/member/class/user.php';
}
//操作类型
if($ecms==1)//积分排行
{
$order='u.'.egetmf('userfen').' desc';
}
elseif($ecms==2)//资金排行
{
$order='u.'.egetmf('money').' desc';
}
elseif($ecms==3)//空间人气排行
{
$order='ui.viewstats desc';
}
else//用户ID排行
{
$order='u.'.egetmf('userid').' desc';
}
$where='';
if($groupid)
{
$where.=' and u.'.egetmf('groupid').' in ('.$groupid.')';
}
if($userids)
{
$where.=' and u.'.egetmf('userid').' in ('.$userids.')';
}
if(empty($fields))
{
$fields='u.*,ui.*';
}
$sql=$empire->query("select ".$fields." from ".eReturnMemberTable()." u LEFT JOIN {$dbtbpre}enewsmemberadd ui ON u.".egetmf('userid')."=ui.userid where u.".egetmf('checked')."=1".$where." order by ".$order." limit ".$line);
return $sql;
}
