function parse()
{
if (isset($_SESSION['db_data']) || $_GET['action'] == 'resetpass' || $_GET['action'] == 'changemail' || $_GET['action'] == 'resetpassmail') {
return get_parser();
}
if (isset($_POST['usr_email'])) {
return user_login(myfilter($_POST['usr_email'], 'user'), myfilter($_POST['password'], 'password'), myfilter($_POST['remember_me'], 'bool'));
}
if (isset($_COOKIE['cookie']['user']) && isset($_COOKIE['cookie']['pass'])) {
return cookie_login(myfilter($_COOKIE['cookie']['user'], '_id'), myfilter($_COOKIE['cookie']['pass'], 'password'));
}
if (isset($_GET['action'])) {
$_SESSION['get'] = $_GET;
}
return echo_front_page();
}
</script>
</head>
<body>
<?php
$sql = "select * from hy_category";
$rs = mysql_query($sql, $conn);
while ($row = mysql_fetch_assoc($rs)) {
$cate_array[$row['id']] = $row['name'];
//set cate id(article fid) as cate name
}
$title = '';
//为了分页方便
$fid = 0;
$p = 1;
if (!empty($_GET["title"])) {
$title = myfilter($_GET["title"], 3);
}
if (!empty($_GET["fid"])) {
$fid = intval($_GET["fid"]);
}
if (!empty($_GET["p"])) {
$p = intval($_GET["p"]);
}
if (!empty($_GET["title"]) && empty($fid)) {
$cSql = "select id from hy_article where title like '%{$title}%'";
$pSql = "select * from hy_article where title like '%{$title}%'";
$condition = "标题中含有'{$title}'";
}
if (empty($_GET["title"]) && !empty($fid)) {
$cSql = "select id from hy_article where fid={$fid}";
$pSql = "select * from hy_article where fid={$fid}";
} else {
msg($rs['errorMsg']);
jump($_SERVER['HTTP_REFERER']);
}
}
if (!empty($_POST["type"]) && $_POST["type"] == "file") {
//file
if ($_FILES["file"]["name"] == '') {
msg('请上传文件!');
jump($_SERVER['HTTP_REFERER']);
}
if (empty($_POST["name"]) || empty($_POST['fid']) || !is_numeric($_POST["fid"])) {
msg('请将信息填写完整');
jump($_SERVER['HTTP_REFERER']);
}
$name = myfilter($_POST["name"], 3);
$fid = $_POST['fid'];
$upload_time = date("Y-m-d H:i:s");
$rs = uploadFile("file");
if ($rs['error'] == 0) {
$sql = "insert into hy_product_file(name,file,fid,upload_time)values('{$name}','{$rs["fileName"]}',{$fid},'{$upload_time}')";
if (mysql_query($sql, $conn)) {
mysql_close($conn);
msg("添加成功!");
jump("file_list.php?fid=" . $fid);
//jump('product_succeed.php?fid='.$fid);
} else {
msg("失败了!");
exit(mysql_error());
mysql_close($conn);
}
<?php
header("Content-type: text/html; charset=utf-8");
include_once "inc/function.php";
if (empty($_POST) && empty($_GET)) {
msg('Error:Invalid Request!');
if (!empty($_SERVER['HTTP_REFERER'])) {
jump($_SERVER['HTTP_REFERER']);
} else {
jump("index.php");
}
exit;
}
include_once "inc/config.php";
include_once "inc/conn.php";
$email = myfilter($_POST["email"], 3);
$rule = "/^([a-zA-Z0-9]+[_|\\-|\\.]?)*[a-zA-Z0-9]+@([a-zA-Z0-9]+[_|\\-|\\.]?)*[a-zA-Z0-9]+\\.[a-zA-Z]{2,5}\$/";
$test = "*****@*****.**";
$result = preg_match($rule, $test);
if (!$result) {
msg("请输入正确的电子邮件地址");
if (!empty($_SERVER['HTTP_REFERER'])) {
jump($_SERVER['HTTP_REFERER']);
} else {
jump("index.php");
}
}
$sql = "select id from hy_email where email='" . $email . "'";
$rs = mysql_query($sql, $conn);
if (mysql_num_rows($rs) > 0) {
msg("此电子邮件已存在");
if (mysql_query($sql, $conn)) {
if ($is_newFile) {
$file = "../uploads/" . getPath($_POST["old_file"], 'file');
@unlink($file);
}
msg("附件修改成功");
mysql_close($conn);
jump("file_list.php?fid=" . $fid);
} else {
echo '附件修改失败!错误信息:';
exit(mysql_error());
}
}
if (!empty($_POST["type"]) && $_POST["type"] == "gbook") {
//guest book
$reply_content = myfilter($_POST["reply_content"], 3);
$is_show = $_POST["is_show"];
$id = $_POST['id'];
$replier = '';
$reply_time = '';
if (!empty($reply_content)) {
$replier = $_SESSION["hy_uid"];
$reply_time = date("Y-m-d H:i:s");
}
$sql = "update hy_guestbook set reply_content='{$reply_content}',is_show='{$is_show}',reply_time='{$reply_time}',replier={$replier} where id={$id}";
if (mysql_query($sql, $conn)) {
jump("gbook_detail.php?id=" . $id);
} else {
exit(mysql_error());
}
}
function html5_admin_bug($lang, $mod = null)
{
$conf = configurations();
global $text_cont;
$id = myfilter($_GET['id'], '_id');
if (is_array($mod)) {
return redirect($lang, '?action=' . $mod[0] . $mod[1] . '&mod=' . $mod[2]);
}
$content = html5_user_bug($lang, $mod);
$status = getvalue(explode('">', getvalue(explode('<span class="status ', $content), 1)), 0);
$content = explode('<span class="status ', $content);
$content[1] = getvalue(explode($status . '</span>', $content[1]), 1);
$html_var = '<form action="?action=editbug&id=' . $id . '" method="post"><select name="status">';
foreach ($conf['bugs'] as $key => $value) {
foreach ($value as $svalue) {
if ($status === $svalue) {
$def = 'selected="selected"';
} else {
$def = null;
}
$html_var .= '<option value="' . $svalue . '" ' . $def . '>' . $key . '/' . $svalue . '</option>';
}
}
$html_var .= '</select><input type="submit" value="' . $text_cont[18][$lang] . '" /></form>';
return $content[0] . $html_var . $content[1];
}
<?php
require_once "inc/function.php";
if (empty($_GET["q"])) {
header("Content-type: text/html; charset=utf-8");
msg("Invalid Argument!");
jump("index.php");
}
require_once "inc/config.php";
require_once "inc/conn.php";
$q = myfilter($_GET["q"], 3);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>后羿科技</title>
<link rel="stylesheet" type="text/css" href="css/reset.css">
<link rel="stylesheet" type="text/css" href="css/base.css">
<link rel="stylesheet" type="text/css" href="css/tipTip.css">
<link rel="stylesheet" type="text/css" href="css/short-code.css">
<link rel="stylesheet" type="text/css" href="css/prettyPhoto.css">
<link rel="stylesheet" type="text/css" href="css/css3.css">
<link rel="stylesheet" type="text/css" href="css/slider.css">
<link rel="stylesheet" type="text/css" href="css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="css/footable.core.css?v=2-0-1"/>
<script type="text/javascript" src="js/jquery-1.9.1.min.js"></script>
<script type="text/javascript" src="js/jquery.nivo.slider.js"></script>
<script type="text/javascript" src="js/cufon-yui.js"></script>
<script type="text/javascript" src="js/TitilliumText.font.js"></script>
<script type="text/javascript" src="js/scripts.js"></script>
<script type="text/javascript" src="js/shortcode.js"></script>
<?php
include_once "inc/function.php";
include_once "inc/config.php";
include_once "inc/conn.php";
$name = myfilter($_POST["name"], 3);
$email = myfilter($_POST["email"], 3);
$title = myfilter($_POST["title"], 3);
$contents = myfilter($_POST["contents"], 3);
$sql = "insert into hy_guestbook(name,email,title,contents,ip,create_time)values('" . $name . "','" . $email . "','" . $title . "','" . $contents . "','" . $_SERVER['REMOTE_ADDR'] . "','" . date('Y-m-d H:i:s') . "')";
if (mysql_query($sql, $conn)) {
echo 'goal';
} else {
exit(mysql_error());
}
mysql_close($conn);
<h2><a href="article.php?fid=<?php
echo $row["fid"];
?>
&id=<?php
echo $row["id"];
?>
" class="first-word"><?php
echo $row["title"];
?>
</a></h2>
<div class="posts-info"><span class="date" title=""><?php
echo $row['create_time'];
?>
</span></div>
<p><?php
echo mb_substr(myfilter($row['contents'], 3), 0, 150, 'utf-8');
?>
......</p>
<a class="read-more-cn" href="article.php?fid=<?php
echo $row["fid"];
?>
&id=<?php
echo $row["id"];
?>
" title="Read more" target="_blank">Read more</a></div>
</li>
<?php
}
?>
</ul>
<!--Pagination-->
