public function register($data = array())
{
##返回结果参数
$ret = array();
##删除内容前后的空格
$data = filter_array($data, "trim:username,\n\t\t\ttrim:password,\n\t\t\ttrim:name,\n\t\t\ttrim:company_name,\n\t\t\ttrim:email,\n\t\t\ttrim:phone,\n\t\t\trole");
##处理用户名并检查数据不可缺数据
$data = filter_array($data, "strtolower:username!,\n\t\t\tpassword!,\n\t\t\tname,\n\t\t\tcompany_name,\n\t\t\temail!,\n\t\t\tphone,\n\t\t\trole!");
if ($data) {
##检查用户名是否重复
if (model('wt_user')->exists(array('username' => $data['username']))) {
return '40002:The username has been used.';
} else {
##添加用户状态
$data['status'] = 1;
##写入数据库
$id = model('wt_user')->add($data);
if ($id) {
$user = model('wt_user')->get_one($id);
$this->user_data = $user;
$ret['r'] = 'ok';
$ret['msg'] = $this;
return $this;
} else {
$ret['r'] = 'error';
$ret['msg'] = '50001:Data insert error.';
return $ret;
}
}
} else {
$ret['r'] = 'error';
$ret['msg'] = '10001:Required fields can not be emmty.';
return $ret;
}
}
/**
* Speichert die Daten dieser Zeile in der database.
* Dazu muss eine UID geladen worden sein!
* @return ModelRow Diese Instanz zur Methodenverkettung.
*/
public function write()
{
if (!is_integer($this->data['uid'])) {
throw new InvalidArgumentException('Keine UID für Datensatz gegeben');
}
// Nur numerische Indizes verwenden.
$values = filter_array($this->data, 'is_numeric', 1);
$this->db->pushpopState($this->querystate)->filter('UID=?')->bind('i', $this->data['uid'])->replace($values)->popState();
return $this;
}
public function create($data)
{
##返回结果参数
$ret = array();
##去除提交数据中数组类型的值的无用空格
foreach ($data as $d_key => $d_value) {
if (is_array($d_value)) {
foreach ($d_value as $key => $value) {
$data[$d_key][$key] = trim($value);
}
$data[$d_key] = json_encode($data[$d_key]);
}
}
##去除内容两端的无用空格并检查必须项
$data = filter_array($data, "activity_id!,\n\t\t\torder_id!,\n\t\t\tticket_id!,\n\t\t\ttrim:name,\n\t\t\ttrim:company,\n\t\t\ttrim:title,\n\t\t\ttrim:phone,\n\t\t\ttrim:telephone,\n\t\t\ttrim:email!,\n\t\t\ttrim:extra_info\n\t\t\t");
##检查数据
if (!$data) {
$ret['r'] = 'error';
$ret['msg'] = '10001:Required fields can not be emmty.';
return $ret;
}
##检查Email格式
if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
$ret['r'] = 'error';
$ret['msg'] = '20001:Email format error.';
return $ret;
}
##检查活动、订单、门票id
if (!model('wt_activity')->exists($data['activity_id']) || !model('wt_order')->exists($data['order_id']) || !model('wt_ticket_type')->exists($data['ticket_id'])) {
$ret['r'] = 'error';
$ret['msg'] = '30001:Illegal data.';
return $ret;
}
##获取attendee_type_id,与ticket_type设置保持一致
$ticket = model('wt_ticket_type')->get_one($data['ticket_id']);
$data['attendee_type_id'] = $ticket['attendee_type_id'];
##设置审核状态
$data['host_check'] = $ticket['need_approve'] == 1 ? -2 : 2;
##设置active状态
$data['active'] = $ticket['need_approve'] == -1 && $ticket['price'] == 0 ? 1 : -1;
##设置数据初始status值
$data['status'] = 1;
$id = model('wt_attendee')->add($data);
if ($id) {
//$this->attendee_data = model('wt_attendee')->get_one($id);
$this->set_attendee_data($id);
$ret['r'] = 'ok';
$ret['msg'] = $this;
return $ret;
} else {
$ret['r'] = 'error';
$ret['msg'] = '50001:Data insert error.';
return $ret;
}
}
<?php
LZ_MODULE != 'admin' && die('Access Denied');
$m = $_GET['m'];
include_once 'model/guestbook.php';
$obj = new LZ_Guestbook();
if ($m == 'new') {
$data = filter_array($_POST, 'name!,email,content!');
if ($data) {
$data['date'] = time();
echo $obj->add($data) ? 'success' : 'error';
} else {
echo FILL_ALL;
}
die;
}
$view_data['items'] = lz_page($obj, array(), 20);
$view_data['page_description'] = lang('GUESTBOOK');
$view_data['title'] = lang('GUESTBOOK');
function smarty_function_find_isbn($params, &$smarty)
{
function filter_array($theHaystack, $info)
{
if (is_array($theHaystack)) {
for ($k = 0; $k <= count($theHaystack); $k++) {
if (substr_count($theHaystack[$k][0], '245') > 0 && substr_count($theHaystack[$k][0], 'a') > 0) {
if ($info == 'title') {
return $theHaystack[$k][1] . " " . substr($theHaystack[$k + 1][1], 0, strlen($theHaystack[$k + 1][1]) - 1);
} elseif ($info == 'author') {
return $theHaystack[$k + 2][1];
}
}
}
} else {
//$array=$explode(" / ", $theHaystack);
$parts = explode("/", $theHaystack);
if ($info == 'title') {
return $parts[0];
} elseif ($info == 'author') {
return substr($parts[1], 0, strpos($parts[1], '-'));
}
}
return "";
}
$isbninfo = array();
if (empty($params['var'])) {
$smarty->trigger_error("assign: missing 'var' parameter");
return;
}
if (empty($params['info'])) {
$smarty->trigger_error("assign: missing 'info' parameter");
return;
} else {
$info = $params['info'];
}
if (empty($params['isbn'])) {
$smarty->trigger_error("assign: missing 'isbn' parameter");
return;
} else {
$isbn = $params['isbn'];
}
$name = array("HeBIS", "Deutsche Nationalbibliothek", "GILS", "Libraray of Congress");
$host = array("tolk.hebis.de:20212/hebis", "z3950.dbf.ddb.de:210/iltis", "bagel.indexdata.dk/gils", "z3950.loc.gov:7090/voyager");
$user = array("3950", "gast", "", "");
$passwd = array("Z3950", "gast", "", "");
$syntax = array("usmarc", "sutrs", "usmarc", "usmarc");
$query = "@attr 1=7 " . $isbn;
$found = false;
$i = 0;
$j = 0;
while ($found == false && $i <= 3) {
$id[$i] = yaz_connect($host[$i], array("user" => $user[$i], "password" => $passwd[$i]));
yaz_syntax($id[$i], $syntax[$i]);
yaz_range($id[$i], 1, 1);
yaz_search($id[$i], "rpn", $query);
yaz_wait();
$error = yaz_error($id[$i]);
$hits = yaz_hits($id[$i]);
if (!empty($error) | $hits == 0) {
$i++;
if (!empty($error)) {
$j++;
}
} else {
$found = true;
if ($i == 1) {
$rec = yaz_record($id[$i], 1, "string");
} else {
$rec = yaz_record($id[$i], 1, "array");
}
//var_dump($rec);
//echo "<table>";
//echo "<tr><td valign='top'><b>Titel: </b></td><td>".filter_array($rec, 'title')."</td></tr>";
//echo "<tr><td valign='top'><b>Autor: </b></td><td> ".filter_array($rec, 'author')."</td></tr>";
//echo "</table>";
$isbninfo['title'] = filter_array($rec, 'title');
$isbninfo['author'] = filter_array($rec, 'author');
}
}
if (empty($isbninfo['title']) | $found == false) {
$isbninfo['title'] = "Es wurden keine Einträge gefunden.";
$isbninfo['author'] = "Es wurden keine Einträge gefunden.";
if ($j == 4) {
$isbninfo['title'] = "Es konnte keine Verbindung hergestellt werden.";
$isbninfo['author'] = "Es konnte keine Verbindung hergestellt werden.";
}
}
//var_dump($isbninfo);
$smarty->assign($params['var'], $isbninfo);
}
<?php
END_MODULE != 'admin' && die('Access Denied');
filter_array($_GET, 'action,m,intval:category_id', true);
$category = model('category');
load_models();
if ($m == 'new_category') {
check_allowed('category', 'add');
$data = filter_array($_POST, 'name!,intval:parent_id,status!');
if ($data && !$data['parent_id']) {
$data['parent_id'] = 0;
}
if ($data) {
if ($new_id = $category->add($data)) {
header('Location: admin.php?p=category&action=edit_category&category_id=' . $new_id);
die;
} else {
$action = 'new_category';
$err_msg = lang('CATEGOTY_NEW_ERROR');
}
} else {
$action = 'new_category';
$err_msg = lang('CATEGOTY_FILL_ALL');
$view_data['category'] = $_POST;
}
} else {
if ($m == 'edit_category') {
check_allowed('category', 'update');
$_category = $category->get_one($category_id);
$data = array('category_id' => $category_id);
$errors = array();
<?php
!defined('LZ_MODULE') && die('Access Denied');
filter_array($_GET, 'action,m,intval:item_id!', true);
if (!$item_id) {
die('Access Denied');
}
include_once LZ_BASEPATH . 'model/item.php';
$item = new LZ_Item();
include_once LZ_BASEPATH . 'model/category.php';
$category = new LZ_Category();
//load news data from a config file
//config_data('left.config');
//add view_count
$item->add_view_count($item_id);
$this_item = $item->get_one($item_id);
$item_keywords = $item->query("select * from lz_keyword where aid = {$item_id}");
$this_category = $category->get_one($this_item['category_id']);
$category_id = $this_item['category_id'];
if ($this_category['parent_id'] > 0) {
$view_data['parent_category'] = $category->get_one($this_category['parent_id']);
}
$position = $category->position_category($category_id);
$url = $position[count($position) - 1]['url'];
$lz_make_html_total_page = $info['total_page'];
$view_data['item'] = $this_item;
$view_data['title'] = $this_item['name'] . ' ' . $config['site_name'];
$view_data['description'] = $this_item['metadescription'];
$view_data['download'] = $this_item['file_name'];
$view_data['keywords'] = $this_item['keywords'];
$view_data['item_keywords'] = $item_keywords;
<?php
LZ_MODULE != 'admin' && die('Access Denied');
define('LZ_RESPONSE', 'text');
$m = $_GET['m'];
include 'model/user.php';
$user = new LZ_User();
if ($m == 'edit') {
check_allowed('account', 'update', 1);
set_allowed('user', 'update');
$data = filter_array($_POST, 'email');
if ($_POST['password']) {
$data['password'] = lz_encode($_POST['password']);
}
if ($data && $user->update($_SESSION['login_user']['user_id'], $data)) {
remove_allowed('user', 'update');
$_SESSION['login_user'] = $user->get_one($_SESSION['login_user']['user_id']);
echo lang('USER_UPDATE_SUCCESS');
die;
} else {
remove_allowed('user', 'update');
echo lang('USER_UPDATE_ERR');
die;
}
} else {
if ($m == 'get_user') {
$arr = $user->get_one($_SESSION['login_user']['user_id']);
echo json_encode($arr);
die;
}
}
/**
* filter superglobals $_POST | $_GET for each request
* @return void
*/
private function filterGlobals()
{
foreach (array($_GET, $_POST) as $global) {
filter_array($global);
}
}
<?php
//入口验证
END_MODULE != 'admin' && die('Access Denied');
//过滤数据,并写入全局变量
filter_array($_GET, 'm,action,intval:item_id,intval:category_id,item_type,status', true);
load_models();
$category = model('category');
$err_msg = '';
$success_msg = '';
if ($action == 'get_tree') {
}
/* 必须传入 category_id*/
if ($category_id || $item_type) {
if (!$item_type) {
$this_category = $category->get_one($category_id);
$item_type = preg_replace('/_list$/i', '', $this_category['status']);
define('END_ADMIN_CATEGORY_ID', $category_id);
} else {
$this_category = $category->get_one(array('status' => $item_type . '_list'));
$category_id = $this_category['category_id'];
define('END_ADMIN_CATEGORY_ID', $category_id);
}
if ($item_type) {
define('END_ADMIN_ITEM_TYPE', $item_type);
} else {
die('please provide valid category_id or item_type!');
}
}
//如果不是列表页面
if ($this_category && !preg_match('/_list$/', $this_category['status'])) {
$data['update_time'] = $publish_time;
$data['user_id'] = $_SESSION['login_user']['user_id'];
unset($data['time']);
if ($item->add($data)) {
lz_exit(lang('NEW_ITEM_SUCCESS'), 'admin.php?p=item&category_id=' . $data['category_id'], 1);
} else {
$action = 'new_item';
$err_msg = lang('ITEM_UNKNOWN_ERROR');
}
} else {
$action = 'new_item';
$err_msg = lang('ITEM_FILL_ALL');
}
} else {
if ($m == 'edit_item') {
$data = filter_array($_POST, 'name!,time,description!,keywords,intval:category_id!,intval:order_id,author');
$publish_time = mktime($data['time']['hour'], $data['time']['minute'], 0, $data['time']['month'], $data['time']['day'], $data['time']['year']);
$item_arr = $item->get_one($item_id);
if ($data) {
unset($data['time']);
$data['pic_url'] = get_first_image_url($data['description']);
$data['has_pic'] = $data['pic_url'] ? 1 : 0;
$data['update_time'] = time();
$data['publish_time'] = $publish_time;
$data['update_user_id'] = $_SESSION['login_user']['user_id'];
if ($item->update($item_id, $data)) {
if ($page_type == 'category') {
$this_category = $category->get_one($data['category_id']);
$return_to = 'admin.php?p=category&category_id=' . $this_category['parent_id'];
} else {
if ($page_type == 'preview') {
<?php
!defined('LZ_MODULE') && die('Access Denied');
$m = $_GET['m'];
include_once 'model/paper.php';
$paper = new LZ_Paper();
include_once 'model/paper_file.php';
$paper_file = new LZ_Paper_File();
chdir('../');
!is_dir(LZ_PAPER_PATH) && @mkdir(LZ_PAPER_PATH);
if ($m == 'new') {
$data = filter_array($_POST, 'htmlspecialchars:name!,htmlspecialchars:school,intval:student_id!');
if ($data) {
$data['time'] = time();
$paper->add($data);
$paper_id = mysql_insert_id();
if (!$paper_id) {
echo "数据提交失败<br />";
} else {
echo "数据提交成功<br />";
foreach ($_FILES as $file) {
$myfile = $file["tmp_name"];
if (!$myfile) {
continue;
}
$ftype = getext($file['name']);
if (!$ftype || !preg_match("/\\*\\.{$ftype};/i", $config['upload_file_types'])) {
$err = true;
echo "文件类型不允许:" . $ftype . "<br />";
} else {
$file_url = LZ_PAPER_PATH . time() . rand(1111, 9999) . '.' . $ftype;
function get_xset_results($unit)
{
global $snap;
if (array_key_exists($unit->name, $snap->xset_results)) {
return filter_array($snap->xset_results[$unit->name]);
}
return array();
}
<?php
END_MODULE != 'admin' && die('Access Denied');
define('END_RESPONSE', 'text');
$m = $_GET['m'];
$admin = model('admin');
if ($m == 'update_password') {
check_allowed('account', 'update', 1);
$data = filter_array($_POST, 'end_encode:old_password,end_encode:password');
if ($data && $admin->exists(array('admin_id' => get_admin_id(), 'password' => $data['old_password']))) {
if ($admin->update(get_admin_id(), array('password' => $data['password']))) {
$_SESSION['login_user'] = $admin->get_one(get_admin_id());
echo lang('admin_UPDATE_SUCCESS');
die;
} else {
echo lang('admin_UPDATE_ERR');
die;
}
} else {
echo lang('ADMIN_OLD_PASSWORD_ERROR');
die;
}
} else {
if ($m == 'get_admin') {
$arr = $admin->get_one(get_admin_id());
echo json_encode($arr);
die;
}
}
$view_data['admin'] = $admin->get_one(get_admin_id());
$view_data['page_description'] = lang('MY_ACCOUNT');
protected function indexedDataOnly()
{
return filter_array($this->data, 'is_numeric', 1);
}
<?php
!defined('LZ_MODULE') && die('Access Denied');
filter_array($_GET, 'action,m,intval:category_id!', true);
include_once LZ_BASEPATH . 'model/item.php';
$item = new LZ_Item();
include_once LZ_BASEPATH . 'model/category.php';
$category = new LZ_Category();
$this_category = $category->get_one($category_id);
if ($this_category['parent_id'] > 0) {
$view_data['parent_category'] = $category->get_one($this_category['parent_id']);
}
$position = $category->position_category($category_id);
$view_data['category_id'] = $category_id;
$view_data['category'] = $this_category;
$view_data['position'] = $position;
$view_data['description'] = $this_category['description'];
$view_data['title'] = $this_category['name'] . ' ' . $config['site_name'];
$view_data['category_tree'] = $category->tree_category($category_id);
if (count($view_data['category_tree']) <= 0) {
$view_data['sibling_category'] = $category->tree_category($this_category['parent_id']);
if ($this_category['parent_id'] == "0") {
$view_data['sibling_category'] = array($this_category);
}
} else {
$view_data['sibling_category'] = $view_data['category_tree'];
}
if ($this_category['status'] == 2) {
$view_data['page_type'] = 'page';
$view_data['item'] = $item->get_one($this_category['item_id']);
} else {
$__arr[] = array('name' => $_ms[1][$_i], 'mark' => $_ms[3][$_i], 'index' => $_i);
$_mark += floatval($_ms[3][$_i]);
$total_mark += floatval($_ms[3][$_i]);
}
$_arr['answer'] = $__arr;
$_arr['mark'] = $_mark;
$_arr['index'] = $index;
}
$qs[] = $_arr;
$index++;
}
$view_data['qs'] = $qs;
$action = "import";
} else {
if ($m == 'import') {
$data = filter_array($_POST, 'qs!,intval:exam_id!');
if ($data) {
$total = 0;
foreach ($data['qs'] as $q) {
$ans = 'array(';
foreach ($q['answer'] as $a) {
$ans .= " array('name'=>'" . addslashes($a[name]) . "','mark'=>'{$a['mark']}'),";
}
$ans .= ');';
$data = array('name' => $q['name'], 'mark' => $q['mark'], 'answer' => $ans, 'exam_id' => $data['exam_id']);
if ($question->add($data)) {
$total++;
}
}
$_SESSION['import_content'] = null;
lz_exit("成功添加了 {$total} 道题目!", "admin.php?p=question&exam_id=" . $data['exam_id'], 2);
<?php
LZ_MODULE != 'admin' && die('Access Denied');
filter_array($_GET, 'm,action,intval:paper_id,status', true);
$status = isset($_GET['status']) ? $_GET['status'] : '0,1,2';
include_once 'model/paper.php';
$paper = new LZ_paper();
if ($m == 'status') {
$status = intval($_GET['status']);
$this_paper = $paper->get_one($paper_id);
if ($paper->update($paper_id, array('status' => $status))) {
lz_exit('Success', 'admin.php?p=paper');
} else {
lz_exit('error', "javascript:history.go(-1);");
}
}
if ($action == "view") {
include_once 'model/paper_file.php';
$paper_file = new LZ_Paper_File();
$temp = template('paper_view.html');
$temp->assign(array('paper' => $paper->get_one($paper_id), 'files' => $paper_file->get_list(array('paper_id' => $paper_id))));
$view_data['page_description'] = "查看";
$view_data['page_content'] = $temp->result();
} else {
//分页处理
$cond = array('status' => $status);
$papers = lz_page($paper, $cond, intval($config['admin_paper_page_size']) ? intval($config['admin_paper_page_size']) : 20);
$view_data['papers'] = $papers;
$view_data['page_description'] = lang('paper_LIST');
}
$view_data['err_msg'] = $err_msg;
<?php
LZ_MODULE != 'admin' && die('Access Denied');
$m = $_GET['m'];
include_once 'model/config.php';
$config = new LZ_Config();
$config_id = intval($_GET['config_id']);
if ($m == "new_config") {
$data = filter_array($_POST, 'name!,description!,type!');
if ($data) {
if ($config->add($data)) {
lz_exit(lang('CONFIG_NEW_SUCCESS'), 'admin.php?p=config', 1);
} else {
$action = 'new_category';
$err_msg = lang('CONFIG_NEW_ERROR');
}
} else {
$action = 'new_config';
$err_msg = lang('CONFIG_FILL_ALL');
$view_data['thisconfig'] = $_POST;
}
}
$view_data['err_msg'] = $err_msg;
$view_data['config_list'] = $config->get_list();
$view_data['page_description'] = lang('TITLE');
$db->query($map);
}
$map = "delete from lz_keyword where aid={$item_id}";
$db->query($map);
for ($i = 0; $i < $count_keyword; $i++) {
$keywords .= "," . $_POST['_keywords'][$i];
$_keywords = $_POST['_keywords'][$i];
$map = "insert into lz_keyword values('" . $item_id . "','" . $_keywords . "')";
$db->query($map);
}
$_POST['author'] = $author;
$_POST['authoren'] = $authoren;
$_POST['institution'] = $institution;
$_POST['institutionen'] = $institutionen;
$_POST['keywords'] = $keywords;
$data = filter_array($_POST, 'periodsAndpage,DOI,reference,file_name,classnum,name!,name_en,time,html,description,keywords,intval:category_id!,intval:order_id,author,authoren,institution,institutionen');
$publish_time = mktime($data['time']['hour'], $data['time']['minute'], 0, $data['time']['month'], $data['time']['day'], $data['time']['year']);
$item_arr = $item->get_one($item_id);
if ($data) {
unset($data['time']);
$data['pic_url'] = get_first_image_url($data['description']);
$data['has_pic'] = $data['pic_url'] ? 1 : 0;
$data['update_time'] = time();
$data['publish_time'] = $publish_time;
$data['update_user_id'] = $_SESSION['login_user']['user_id'];
if ($item->update($item_id, $data)) {
if ($page_type == 'category') {
$this_category = $category->get_one($data['category_id']);
$return_to = 'admin.php?p=category&category_id=' . $this_category['parent_id'];
} else {
if ($page_type == 'preview') {
LZ_MODULE != 'admin' && die('Access Denied');
$action = $_GET['action'];
$m = $_GET['m'];
$_authorized = false;
if ($_SESSION['login_user']['status'] == 'admin') {
$_authorized = true;
}
$category_id = intval($_GET['category_id']);
$item_id = intval($_GET['item_id']);
$_SESSION['category_id'] = $category_id;
include_once 'model/category.php';
$category = new LZ_Category();
include_once 'model/item.php';
$item = new LZ_Item();
if ($m == 'new_category') {
$data = filter_array($_POST, 'name!,publish_time');
$data['parent_id'] = $category_id;
if (!$data['parent_id']) {
$data['parent_id'] = 0;
}
if ($data) {
if ($category->add($data)) {
lz_exit(lang('CATEGORY_NEW_SUCCESS'), 'admin.php?p=category&category_id=' . $data['parent_id'], 1);
} else {
$action = 'new_category';
$err_msg = lang('CATEGOTY_NEW_ERROR');
}
} else {
$action = 'new_category';
$err_msg = lang('CATEGOTY_FILL_ALL');
$view_data['category'] = $_POST;
public static function check_certificate($activity_id, $data = array())
{
$ret = array();
##去除不必要空格
$data = filter_array($data, "trim:email!,\n\t\t\ttrim:certificate_number!\n\t\t\t");
##检查数据
if (!$data) {
$ret['r'] = 'error';
$ret['msg'] = '10001:Required fields can not be empty.';
return $ret;
}
$data['activity_id'] = $activity_id;
$data['status'] = 1;
$exists_ret = model('wt_certificate')->exists($data);
if (!$exists_ret) {
$ret['r'] = 'error';
$ret['msg'] = '40001:Certificate failed.';
return $ret;
}
$ret['r'] = 'ok';
return $ret;
}
LZ_MODULE != 'admin' && die('Access Denied');
$action = $_GET['action'];
$m = $_GET['m'];
$_authorized = false;
if ($_SESSION['login_user']['status'] == 'admin') {
$_authorized = true;
}
$category_id = intval($_GET['category_id']);
$item_id = intval($_GET['item_id']);
$_SESSION['category_id'] = $category_id;
include_once 'model/category.php';
$category = new LZ_Category();
include_once 'model/item.php';
$item = new LZ_Item();
if ($m == 'new_category') {
$data = filter_array($_POST, 'name!');
$data['parent_id'] = $category_id;
if (!$data['parent_id']) {
$data['parent_id'] = 0;
}
if ($data) {
if ($category->add($data)) {
lz_exit(lang('CATEGORY_NEW_SUCCESS'), 'admin.php?p=category&category_id=' . $data['parent_id'], 1);
} else {
$action = 'new_category';
$err_msg = lang('CATEGOTY_NEW_ERROR');
}
} else {
$action = 'new_category';
$err_msg = lang('CATEGOTY_FILL_ALL');
$view_data['category'] = $_POST;
<?php
!defined('END_MODULE') && die('Access Denied');
$module = $_GET['module'];
$m = $_GET['m'];
$back_url = $_REQUEST['backurl'] ? $_REQUEST['backurl'] : 'admin.php';
if ($m == 'login') {
$admin = model('admin');
$data = filter_array($_POST, 'name!,end_encode:password!');
if ($data) {
$u = $admin->check_password($data['name'], $data['password']);
if ($u['admin_id']) {
$_SESSION['login_user'] = $u;
header('Location:' . $back_url);
//end_exit(lang('LOGIN_SUCCESS'),$back_url,1);
} else {
$err_msg = lang('LOGIG_ERROR');
}
}
} else {
if ($m == 'logout') {
unset($_SESSION['login_user']);
end_exit(lang('LOGOUT_SUCCESS'), $back_url, 1);
}
}
$view_data['backurl'] = $back_url;
$view_data['err_msg'] = $err_msg;
<?php
!defined('LZ_MODULE') && die('Access Denied');
$m = $_GET['m'];
include_once 'model/guestbook.php';
$obj = new LZ_Guestbook();
include_once 'model/item.php';
$item = new LZ_Item();
if ($m == 'new') {
$data = filter_array($_POST, 'htmlspecialchars:name!,htmlspecialchars:email,htmlspecialchars:content!');
if ($data) {
$data['time'] = time();
echo $obj->add($data) ? 'success' : 'error';
} else {
echo lang('FILL_ALL');
}
die;
}
$items = lz_page($obj, array('status' => 1), intval($config['guestbook_per_page']) ? intval($config['guestbook_per_page']) : 10);
$view_data['items'] = $items;
$view_data['title'] = lang('TITLE') . ' ' . $config['site_name'];
$view_data['item'] = $item->get_one(array('category_id' => 83, 'status' => 3));
