<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("user")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.admin.set'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "delusers":
try {
$deluid = $_POST['deluid'];
if (isIntArray($deluid)) {
foreach ($deluid as $uid) {
//delete users
$db->row_delete("users", "id={$uid}");
}
}
writeUsersCache();
succeedFlag();
} catch (Exception $e) {
echo $e;
}
break;
case "savepopedom":
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("picture")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.product.man'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "savepicture":
try {
$doaction = strFilter($_POST['doaction']);
$pro['name'] = strFilter($_POST['name']);
$pro['alias'] = strFilter($_POST['alias']);
$pro['serialnum'] = strFilter($_POST['serialnum']);
$pro['price1'] = strFilter($_POST['price1']);
if (empty($pro['price1'])) {
unset($pro['price1']);
}
$pro['level'] = intval($_POST['level']);
$pro['store'] = intval($_POST['store']);
$pro['sold'] = intval($_POST['sold']);
$pro['cid'] = intval($_POST['cid']);
$pro['type'] = intval($_POST['type']);
/*$picids=array(
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("main")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.site.man'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "savesettings":
$settings = $_POST['settings'];
$row = $db->row_select_one("attachments", "id=" . intval($settings['logo']) . "");
$settings['logopath'] = $row['filepath'];
try {
saveSettings($settings);
writeSettingsCache();
succeedFlag();
} catch (Exception $e) {
echo $e;
}
break;
case "savebanner":
$settings = $_POST['settings'];
$rows = $db->row_select("attachments", "id in (" . intval($settings['banner1']) . "," . intval($settings['banner2']) . "," . intval($settings['banner3']) . "," . intval($settings['banner4']) . "," . intval($settings['banner5']) . ")", 0, "id,filepath");
$picpathmap = array();
<?php
header("Content-Type:text/html; charset=utf-8");
include_once '../inc/init.php';
include_once '../inc/cache.php';
include_once 'inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("member")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.member.man'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "delmembers":
try {
$deluid = $_POST['deluid'];
if (isIntArray($deluid)) {
foreach ($deluid as $uid) {
//1.delete favs
$db->row_delete("favs", "memberid={$uid}");
//2.delete memberfield
$db->row_delete("memberfield", "memberid={$uid}");
//3.delete members
$db->row_delete("members", "id={$uid}");
}
}
succeedFlag();
} catch (Exception $e) {
echo $e;
<?php
//初始化
require_once './common.php';
if ($_GET['my_suffix'] == '/appadmin/list') {
$is_admin = true;
// 检查管理员权限(即:是否有“后台/应用”的权限)
if (!hasPopedom($_SITE_CONFIG['uid'], 'admin/Apps/*', false)) {
redirect(SITE_URL, 5, '您无权限查看');
}
} else {
$is_admin = false;
}
if (empty($_SITE_CONFIG['my_site_id']) || empty($_SITE_CONFIG['my_site_key'])) {
$_SITE_CONFIG['my_status'] = 0;
}
if (submitcheck('mysubmit')) {
//开启漫游 OR 同步漫游信息
$_SITE_CONFIG['site_key'] = trim($_SITE_CONFIG['site_key']);
if (empty($_SITE_CONFIG['site_key'])) {
$_SITE_CONFIG['site_key'] = mksitekey();
$db_prefix = getDbPrefix();
doQuery("REPLACE INTO {$db_prefix}system_data (`list`, `key`, `value`) VALUES ('myop', 'site_key', '" . serialize($_SITE_CONFIG['site_key']) . "')");
}
//如果漫游关闭再开启则直接调用更新接口
if (empty($_SITE_CONFIG['my_status']) && !empty($_SITE_CONFIG['my_site_id']) && !empty($_SITE_CONFIG['my_site_key'])) {
$_SITE_CONFIG['my_status'] = 1;
}
$is_register = 0;
if (empty($_SITE_CONFIG['my_status'])) {
$is_register = 1;
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("link")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.frilink.list'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "savelinks":
try {
$links_delid = $_POST['links_delid'];
//DELETE
if (isIntArray($links_delid)) {
$delids = implode(",", $links_delid);
$db->row_delete("links", "id in ({$delids})");
}
//UPDATE
$links_ordernum = $_POST['links_ordernum'];
$links_name = $_POST['links_name'];
$links_url = $_POST['links_url'];
$links_content = $_POST['links_content'];
$links_logo = $_POST['links_logo'];
$links_lang = $_POST['links_lang'];
if (is_array($links_name)) {
<?php
if (!hasPopedom("database")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.data.man'])));
}
$database = new db_class($_DB['hostname'], $_DB['username'], $_DB['password'], $_DB['database']);
$backdir = "backup/" . md5($cache_settings['salt']);
mysql_query("set names utf8");
if (!file_exists($backdir)) {
create($backdir);
}
echo "<script>var links={}; " . "links.t1='admin.php?inc=database&action=backupform';" . "links.t2='admin.php?inc=database&action=restoreform';" . "links.t3='admin.php?inc=database&action=sqllist';" . "</script>";
switch ($action) {
/************************************** backupform BEGIN ************************************************/
case "backupform":
$tablesopt = '';
$database->query("show table status from `{$_DB['database']}`");
while ($database->nextrecord()) {
if (strpos($database->f('Name'), $_DB['prefix']) === 0) {
} else {
continue;
}
$tablesopt .= "<option value='" . $database->f('Name') . "'>" . $database->f('Name') . "</option>";
}
$_AL['database.b.tips'] = _LANG($_AL['database.b.tips'], array($backdir));
echo <<<EOT
\t<style>
\t\t.td_1{width:400px; line-height:200%;}
\t</style>
\t<div id="smalltab_container"></div>
\t<div class="smalltab_line"></div>
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("procate")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.procate.list'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "saveset":
try {
$ordernums = $_POST['ordernum'];
$title = $_POST['title'];
if (is_array($ordernums)) {
foreach ($ordernums as $id => $value) {
$procate['ordernum'] = intval($value);
$procate['title'] = $title[$id];
$db->row_update("procates", $procate, "id={$id}");
}
}
writeProductsCateCache();
succeedFlag();
} catch (Exception $e) {
echo $e;
}
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("article")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.article.man'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "savearticle":
try {
$doaction = strFilter($_POST['doaction']);
$art['title'] = strFilter($_POST['title']);
$art['alias'] = strFilter($_POST['alias']);
$art['posttime'] = strFilter($_POST['posttime']);
$art['posttime'] = empty($art['posttime']) ? time() : strtotime($art['posttime']) - $cache_settings['timeoffset'] * 3600;
$art['posttime'] = $art['posttime'] < 0 ? time() : $art['posttime'];
$art['channelid'] = intval($_POST['channelid']);
$art['langid'] = $_SYS['alangid'];
$art['type'] = intval($_POST['type']);
$art['seotitle'] = strFilter($_POST['seotitle']);
$art['metakeywords'] = strFilter($_POST['metakeywords']);
$art['metadesc'] = strFilter($_POST['metadesc']);
$art['content'] = strFilter($_POST['content']);
$art["picid"] = intval($_POST['picid']);
?>
&f=tab|util|ajax|choosedate|color|jquery|admin"></script>
<script type="text/javascript" src="../inc/kindeditor/kindeditor.js"></script>
<script type="text/javascript" src="../js/admin.js"></script>
<script type="text/javascript">
var popwin = window.parent.popwin;
</script>
<style>
body{margin:10px;}
</style>
</head>
<body>
<?php
$inc_arr = array('channel', 'procate', 'products', 'piccate', 'picture', 'lang', 'main', 'template', 'link', 'user', 'database', 'article', 'page', 'msg', 'vote', 'member', 'order');
$incname_arr = array($_AL['index.channel.man'], $_AL['index.procate.list'], $_AL['index.product.list'], $_AL['index.piccate.list'], $_AL['index.picture.list'], $_AL['index.language.set'], $_AL['index.site.set'] . ',' . $_AL['index.banner.set'] . ',' . $_AL['index.contact.set'] . ',' . $_AL['index.sitecache.set'] . ',' . $_AL['index.email.set'] . ',' . $_AL['index.site.fun'], $_AL['index.template.set'], $_AL['index.frilink.list'], $_AL['index.admin.set'], $_AL['index.data.man'], $_AL['index.article.man'], $_AL['index.page.man'], $_AL['index.msg.list'], $_AL['index.vote.list'], $_AL['index.member.man'], $_AL['index.order.man']);
foreach ($inc_arr as $key => $incpage) {
if ($inc == $incpage) {
//Channel. Read Only.
if ($incpage != 'channel') {
if (!hasPopedom($incpage)) {
printRes(_LANG($_AL['admin.nopopedom'], array($incname_arr[$key])));
}
}
require_once $inc . ".php";
break;
}
}
?>
</body>
</html>
<?php
header("Content-Type:text/html; charset=utf-8");
include_once '../inc/init.php';
include_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("msg")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.msg.list'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "savemsg":
try {
$doaction = strFilter($_POST['doaction']);
$msg['name'] = strFilter($_POST['name']);
$msg['email'] = strFilter($_POST['email']);
$msg['contact1'] = strFilter($_POST['contact1']);
$msg['title'] = strFilter($_POST['title']);
$msg['remark'] = strFilter($_POST['remark']);
$msg['replier'] = strFilter($cache_users[$lg['userid']]['username']);
$msg['reply'] = strFilter($_POST['reply']);
$msg['state'] = intval($_POST['state']);
$msg['replytime'] = time();
$id = intval($_POST['id']);
$db->row_update("msgs", $msg, "id={$id}");
printRes("{$_AL['msg.reply.succeed']}<script>setTimeout(function(){reloadSelf('admin.php?inc=msg&action=list');},1500);</script>");
} catch (Exception $e) {
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("order")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.order.man'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "saveorders":
try {
$order['state'] = intval($_POST['state']);
$order['remark2'] = strFilter($_POST['remark2']);
$order['expresscharges'] = strFilter($_POST['expresscharges']);
$order['name'] = strFilter($_POST['name']);
$order['phonenum'] = strFilter($_POST['phonenum']);
$order['email'] = strFilter($_POST['email']);
$order['address'] = strFilter($_POST['address']);
$order['zipcode'] = strFilter($_POST['zipcode']);
$order['remark'] = strFilter($_POST['remark']);
$id = intval($_POST['id']);
$oldstate = intval($_POST['oldstate']);
$db->row_update("orders", $order, "id={$id}");
printRes("{$_AL['order.edit.succeed']}<script>setTimeout(function(){reloadSelf('admin.php?inc=order&action=list&state={$oldstate}');},2000);</script>");
} catch (Exception $e) {
<?php
header("Content-Type:text/html; charset=utf-8");
require_once './../inc/init.php';
require_once './../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("lang")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.language.set'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "savelang":
try {
$lang_delid = $_POST['lang_delid'];
//UPDATE
$lang_ordernum = $_POST['lang_ordernum'];
$lang_name = $_POST['lang_name'];
$lang_directory = $_POST['lang_directory'];
if (is_array($lang_name)) {
foreach ($lang_name as $key => $tmp_name) {
//Create Cache Directory
$cache_dir = "../cache/{$key}";
if (!is_dir($cache_dir)) {
@mkdir($cache_dir, 0777);
@fopen("{$cache_dir}/index.htm", "a");
}
$langobj['ordernum'] = intval($lang_ordernum[$key]);
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("template")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.template.set'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "settemplate":
try {
$template = $_POST['tdefault'];
$tlang = $_POST['tlang'];
$settings['template'] = $template;
$settings['templatelang'] = $tlang[$template];
saveSettings($settings);
writeSettingsCache();
succeedFlag();
} catch (Exception $e) {
echo $e;
}
break;
case "savevars":
try {
$doaction = strFilter($_POST['doaction']);
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("products")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.product.man'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "saveproducts":
try {
$doaction = strFilter($_POST['doaction']);
$pro['name'] = strFilter($_POST['name']);
$pro['alias'] = strFilter($_POST['alias']);
$pro['serialnum'] = strFilter($_POST['serialnum']);
$pro['price1'] = strFilter($_POST['price1']);
if (empty($pro['price1'])) {
unset($pro['price1']);
}
$pro['level'] = intval($_POST['level']);
$pro['store'] = intval($_POST['store']);
$pro['sold'] = intval($_POST['sold']);
$pro['cid'] = intval($_POST['cid']);
$pro['type'] = intval($_POST['type']);
/*$picids=array(
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("page")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.page.man'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "savepage":
$channelid = intval($_POST['channelid']);
$content = strFilter($_POST['content']);
$channel['content'] = $content;
$db->row_update("channels", $channel, "id={$channelid}");
writeChannelsCache();
printRes("{$_AL['page.edit.succeed']}<script>setTimeout(function(){reloadSelf('admin.php?inc=channel&action=set');},2000);</script>");
//succeedFlag();
break;
default:
echo $_AL['all.noaction'];
break;
}
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("channel")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.channel.man'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "saveset":
try {
$ordernums = $_POST['ordernum'];
$positions = $_POST['position'];
$title = $_POST['title'];
if (is_array($ordernums)) {
foreach ($ordernums as $id => $value) {
$channel['ordernum'] = intval($value);
$channel['positions'] = isIntArray($positions[$id]) ? "|" . implode($positions[$id], "|") . "|" : "";
$channel['title'] = $title[$id];
$db->row_update("channels", $channel, "id={$id} and langid={$_SYS['alangid']}");
}
}
writeChannelsCache();
succeedFlag();
} catch (Exception $e) {
<?php
header("Content-Type:text/html; charset=utf-8");
require_once '../inc/init.php';
require_once '../inc/cache.php';
require_once './inc/adminfun.php';
require_once "./language/language.php";
if (!isAdmin()) {
exit($_AL['all.notlogin']);
}
if (!hasPopedom("vote")) {
exit(_LANG($_AL['admin.nopopedom'], array($_AL['index.vote.list'])));
}
$action = strFilter($_GET['action']);
switch ($action) {
case "savevotes":
try {
$id = intval($_POST['id']);
$level = intval($_POST['level']);
$doaction = $_POST['doaction'];
$voteitem = $_POST['voteitem'];
$votednum = $_POST['votednum'];
$maxvotes = intval($_POST['maxvotes']);
$starttime = $_POST['starttime'];
$stoptime = $_POST['stoptime'];
$title = $_POST['title'];
$voteitem = !empty($voteitem) ? str_replace("\t", ' ', $voteitem) : $voteitem;
if (!is_array($voteitem)) {
exit($_AL['vote.item.empty']);
}
$totalvote = 0;
