function Admin_Login($key = '')
{
if (empty($key)) {
$id = isset($_SESSION['admin_id']) ? intval($_SESSION['admin_id']) : 0;
$name = isset($_SESSION['admin_name']) ? $_SESSION['admin_name'] : '';
$pass = isset($_SESSION['admin_pass']) ? $_SESSION['admin_pass'] : '';
} else {
$str = unserialize(stripslashes(sys_auth($key, 'D')));
$id = isset($str['id']) ? intval($str['id']) : 0;
$name = isset($str['name']) ? $str['name'] : '';
$pass = isset($str['pass']) ? $str['pass'] : '';
}
$type = $this->uri->segment(1) == 'opt' ? 'top' : 'window';
$admin_id = intval($this->cookie->get_cookie('admin_id'));
$admin_login = $this->cookie->get_cookie('admin_login');
if (empty($id) || empty($name) || empty($pass)) {
$login = FALSE;
//判断记住登录COOKIE
if ($admin_id > 0 && !empty($admin_login)) {
//判断非法COOKIE
if (!preg_match('/^[0-9a-zA-Z]*$/', $admin_login)) {
$adminlogin = '';
}
$row = $this->db->query("SELECT id,adminname,adminpass,logip,logtime FROM " . CS_SqlPrefix . "admin where id='{$admin_id}'")->row();
if ($row && md5($row->adminname . $row->adminpass) == $admin_login) {
$_SESSION['admin_name'] = $row->adminname;
$_SESSION['admin_id'] = $row->id;
$_SESSION['admin_pass'] = md5($row->adminpass);
$_SESSION['admin_logtime'] = date('Y-m-d H:i:s', $row->logtime);
$_SESSION['admin_logip'] = $row->logip;
$login = true;
}
}
if (!$login) {
die("<script>" . $type . ".location='" . site_url('login/logout') . "';</script>");
}
} else {
$admin = $this->db->query("SELECT * FROM " . CS_SqlPrefix . "admin where id=" . $id . "")->row();
if ($admin) {
//密码不对
if (md5($admin->adminpass) != $pass || $admin->adminname != $name) {
die("<script>" . $type . ".location='" . site_url('login/logout') . "';</script>");
}
//IP不对
if (getip() != $admin->logip) {
die("<script>" . $type . ".location='" . site_url('login/logout') . "';</script>");
}
//判断权限
if ($admin->sid > 1) {
$zu = $this->db->query("SELECT sys,app FROM " . CS_SqlPrefix . "adminzu where id=" . $admin->sid . "")->row();
if (!defined('PLUBPATH')) {
$quanxian = $zu->sys;
//系统默认权限
} else {
$apparr = unarraystring($zu->app);
$quanxian = !empty($apparr[PLUBPATH]) ? $apparr[PLUBPATH] : '';
//板块权限
}
$arr = @parse_url(REQUEST_URI);
$re_url = str_replace("/" . SELF . "/", "", $arr['path']);
$permarr = explode('/', $re_url);
if (count($permarr) < 2 && $re_url != 'index') {
$re_url .= '/index';
}
if ($re_url != 'index' && $re_url != '/index' && $re_url != 'opt/main' && $re_url != 'opt/head' && $re_url != 'opt/error' && $re_url != 'opt/menu' && $re_url != 'opt/bottom') {
if (getqx($re_url, $quanxian, 1) != 'ok') {
if ($re_url == 'upload/up') {
die("<script>alert('" . L('err_03') . "');parent.\$('.webox').css({display:'none'});parent.\$('.background').css({display:'none'});parent.parent.web_box(2);</script>");
} else {
admin_msg(L('err_03'), 'javascript:history.back();', 'no');
}
}
}
}
} else {
die("<script>" . $type . ".location='" . site_url('login/logout') . "';</script>");
}
}
}
public function cscmsumenu($str, $uid = 0)
{
preg_match_all('/{cscmsmenu:([A-Za-z0-9]+)}([\\s\\S]+?){\\/cscmsmenu}/', $str, $Mark_M);
//榜单标签解析
if (!empty($Mark_M) && !empty($Mark_M[0][0])) {
$ci =& get_instance();
if (!isset($ci->db)) {
$ci->load->database();
}
$us = $ci->db->query("select level,zid from " . CS_SqlPrefix . "user where id=" . $uid . "")->row_array();
if (!$us) {
$us['zid'] = 0;
$us['level'] = 0;
}
$sqlstr = "select dir from " . CS_SqlPrefix . "plugins order by id asc";
$result = $ci->db->query($sqlstr);
$menu_s = '';
foreach ($result->result() as $row) {
if (file_exists(FCPATH . 'plugins/' . $row->dir . '/config/menu.php') && file_exists(FCPATH . 'plugins/' . $row->dir . '/config/site.php')) {
preg_match_all('/{cscmsmenu:auto}([\\s\\S]+?){\\/cscmsmenu:auto}/', $str, $Mark_A);
//榜单标签解析
if (!empty($Mark_A)) {
$site_arr = (require FCPATH . 'plugins/' . $row->dir . '/config/site.php');
$menu_arr = (require FCPATH . 'plugins/' . $row->dir . '/config/menu.php');
$menu = $menu_arr['user'];
if (!empty($menu[0]['menu']) && getqx($us['zid'], $site_arr['User_Qx']) != 'ok' && getqx($us['level'], $site_arr['User_Dj_Qx']) != 'ok') {
$count = count($menu[0]['menu']);
$mstr = '';
for ($j = 0; $j < $count; $j++) {
$mstr .= str_replace(array('[menu:i]', '[menu:dir]', '[menu:name]', '[menu:link]'), array($j + 1, $row->dir, $menu[0]['menu'][$j]['name'], spacelink($menu[0]['menu'][$j]['link'], $row->dir)), $Mark_A[1][0]);
}
$mstr = str_replace($Mark_A[0][0], $mstr, $Mark_M[2][0]);
} else {
$mstr = '';
}
}
unset($Mark_A);
}
$menu_s .= $mstr;
if (!empty($menu[0]['name'])) {
$menu_s = str_replace('[menu:name]', $menu[0]['name'], $menu_s);
}
}
$str = str_replace($Mark_M[0][0], $menu_s, $str);
}
unset($Mark_M);
return $str;
}
public function type_init()
{
$id = intval($this->input->get('id'));
$rowc = $this->db->query("SELECT fid FROM " . CS_SqlPrefix . "vod_list where id=" . $id . "")->row();
if ($rowc->fid > 0) {
$id = $rowc->fid;
}
$type = $this->input->get('type', true);
$sql_string = "SELECT id,name FROM " . CS_SqlPrefix . "vod_type where cid=" . $id . " order by xid asc";
$query = $this->db->query($sql_string);
$data = array();
$i = 0;
foreach ($query->result() as $row) {
$data[$i]['name'] = get_bm($row->name, 'gbk', 'utf-8');
$data[$i]['chk'] = getqx($row->name, $type) == 'ok' ? 'true' : 'false';
$i++;
}
echo json_encode($data);
}
