function ck_power($v) { global $Apower, $webdb; if (!$Apower["Module_{$webdb['module_pre']}{$v}"]) { showmsg('你无权限!'); } return true; }
public function editProject_Action() { if (app::v('checkallow', 'submit')) { $baseId = intval($this->getInput['baseId']); $moneyInfo = array(control_baseMoney::TABLE_BASEMONEY => $this->getInput[control_baseMoney::TABLE_BASEMONEY], control_baseMoney::TABLE_RUNMONEY => $this->getInput[control_baseMoney::TABLE_RUNMONEY], control_baseMoney::TABLE_CLIENTMONEY => $this->getInput[control_baseMoney::TABLE_CLIENTMONEY]); control_baseMoney::editBaseMoneyInfo($moneyInfo, $baseId); showmsg(control_returnCode::FORM_SUBMIT_TRUE); } }
/** * 参数检查并写日志 */ public function stopAttack($StrFiltKey, $StrFiltValue, $ArrFiltReq) { if (is_array($StrFiltValue)) { $StrFiltValue = implode($StrFiltValue); } if (preg_match("/" . $ArrFiltReq . "/is", $StrFiltValue) == 1) { $this->writesLog($_SERVER["REMOTE_ADDR"] . " " . strftime("%Y-%m-%d %H:%M:%S") . " " . $_SERVER["PHP_SELF"] . " " . $_SERVER["REQUEST_METHOD"] . " " . $StrFiltKey . " " . $StrFiltValue); showmsg('您提交的参数非法,系统已记录您的本次操作!', '', 0, 1); } }
public function remove_atta() { $input = $this->input->get(); $attachment = $this->attachment->get_by_id($input['id']); if (!$attachment) { showmsg('订单不存在'); } $this->attachment->delete_by_id($input['id']); @unlink(HOMEBASE . 'web/uploads/' . $attachment['attachment']); showmsg('操作成功'); }
function _asUpFiles($dir, $file_var, $max_size = '', $type = '', $name = false) { if (!file_exists($dir)) { showmsg("上传图片失败:上传目录 " . $dir . " 不存在!", 0); } elseif (!is_writable($dir)) { showmsg("上传图片失败:上传目录 " . $dir . " 无法写入!", 0); exit; } $upfile =& $_FILES["{$file_var}"]; $upfilename = $upfile['name']; if (!empty($upfilename)) { if (!is_uploaded_file($upfile['tmp_name'])) { showmsg('上传图片失败:你选择的文件无法上传', 0); exit; } elseif ($max_size > 0 && $upfile['size'] / 1024 > $max_size) { showmsg("上传图片失败:文件大小不能超过 " . $max_size . "KB", 0); exit; } $ext_name = strtolower(str_replace(".", "", strrchr($upfilename, "."))); if (!empty($type)) { $arr_type = explode('/', $type); $arr_type = array_map("strtolower", $arr_type); if (!in_array($ext_name, $arr_type)) { showmsg("上传图片失败:只允许上传 " . $type . " 的文件!", 0); exit; } /* $imgtype=array("jpg","gif","jpeg","bmp","png"); if (in_array($ext_name,$imgtype)) { $imageinfo = getimagesize($upfile['tmp_name']); if (empty($imageinfo[0]) || empty($imageinfo[1])) { showmsg("上传图片失败:只允许上传 ".$type." 的文件!",0); exit(); } } */ $harmtype = array("asp", "php", "jsp", "js", "css", "php3", "php4", "ashx", "aspx", "exe"); if (in_array($ext_name, $harmtype)) { exit("ERR!"); } } if (!is_bool($name)) { $uploadname = $name . "." . $ext_name; } elseif ($name === true) { $uploadname = time() . mt_rand(100, 999) . "." . $ext_name; } if (!move_uploaded_file($upfile['tmp_name'], $dir . $uploadname)) { showmsg('上传图片失败:文件上传出错!', 0); exit; } return $uploadname; } return ''; }
function __construct($fid) { $this->FreeID = $fid; $this->TypeLink = new TypeLink(0); $this->dsql = new DedeSql(false); $this->maintable = '#@__archives'; $this->TempletsFile = ''; $this->FLInfos = $this->dsql->GetOne("Select * From #@__freelist where aid='$fid' "); $liststr = $this->FLInfos['listtag']; //载入数据里保存的列表属性信息 $ndtp = new DedeTagParse(); $ndtp->SetNameSpace("dede","{","}"); $ndtp->LoadString($liststr); $this->ListObj = $ndtp->GetTag('list'); $this->PageSize = $this->ListObj->GetAtt('pagesize'); if(empty($this->PageSize)) $this->PageSize = 30; $channelid = $this->ListObj->GetAtt('channel'); if(empty($channelid)){ showmsg('必须指定频道','-1');exit(); }else{ $channelid = intval($channelid); $channelinfo = $this->dsql->getone("select maintable from #@__channeltype where ID='$channelid'"); $this->maintable = $channelinfo['maintable']; } //全局模板解析器 $this->dtp = new DedeTagParse(); $this->dtp->SetNameSpace("dede","{","}"); //设置一些全局参数的值 $this->Fields['aid'] = $this->FLInfos['aid']; $this->Fields['title'] = $this->FLInfos['title']; $this->Fields['position'] = $this->FLInfos['title']; $this->Fields['keywords'] = $this->FLInfos['keyword']; $this->Fields['description'] = $this->FLInfos['description']; $channelid = $this->ListObj->GetAtt('channel'); if(!empty($channelid)){ $this->Fields['channeltype'] = $channelid; $this->ChannelUnit = new ChannelUnit($channelid); }else{ $this->Fields['channeltype'] = 0; } foreach($GLOBALS['PubFields'] as $k=>$v) $this->Fields[$k] = $v; $this->PartView = new PartView(); $this->CountRecord(); }
function IDInflow() { global $db; $ids = be("arr", "t_id"); if (!isN($ids)) { $count = $db->getOne("Select count(id) as cc from apk_master_temp where status=1 and id in (" . $ids . ") "); $sql = "select * from apk_master_temp where status=1 and id in (" . $ids . ") "; MovieInflow($sql, $count); } else { showmsg("请选择入库数据!", $backurl); } }
public function projectInfo_Action() { $userId = $this->getInput['userId']; if ($userId) { $userInfo = control_user::getUserInfo($userId); if (!$userInfo) { showmsg(control_returnCode::FORM_INFO_EMPTY); } } list(, $userPlanList) = control_userBase::getUserPlanList($userInfo[control_user::TABLE_KEY]); foreach ($userPlanList as $plan) { $baseId[] = $plan[control_userBase::TABLE_KEY]; } list(, $basePlanList) = control_baseMoney::getListByIds($baseId); $this->modelDisplay(array('userInfo' => $userInfo, 'userPlanList' => $userPlanList, 'basePlanList' => $basePlanList)); }
function initCondition($array) { if (isset($array['action'])) { $array['action'] = strtolower($array['action']); } if (!isset($array['title'])) { $array['title'] = $this->name . "_" . $this->index; $this->index++; } foreach ($this->condition as $value) { if ($value['title'] == $array['title']) { showmsg('invoke_title_have_exist'); } } $array['num'] = (int) $array['num'] ? (int) $array['num'] : 10; $array['invokename'] = $this->name; return $array; }
function save() { global $db; $f_id = be("post", "f_id"); $f_name = be("post", "f_name"); $f_object = be("post", "f_object"); $f_type = be("post", "f_type"); $f_content = be("post", "f_content"); $f_strstart = be("post", "f_strstart"); $f_strend = be("post", "f_strend"); $f_rep = be("post", "f_rep"); $f_flag = be("post", "f_flag"); $f_pid = be("post", "f_pid"); if (isN($f_id)) { $f_id = 0; } if (isN($f_flag)) { $f_flag = 0; } if ($f_type == 1) { if (isN($f_content)) { alert("过滤的内容不能为空!"); } } elseif ($f_type == 2) { if (isN($f_strstart) || isN($f_strend)) { alert("开始/结束标记不能为空!"); } } if ($f_id == 0) { $sql = "insert {pre}cj_filters (f_name,f_object,f_type,f_content,f_strstart,f_strend,f_rep,f_flag,f_pid,f_sys) values('" . $f_name . "','" . $f_object . "','" . $f_type . "','" . $f_content . "','" . $f_strstart . "','" . $f_strend . "','" . $f_rep . "','" . $f_flag . "','" . $f_pid . "','1') "; } else { $sql = "update {pre}cj_filters set f_name='" . $f_name . "',f_object='" . $f_object . "',f_type='" . $f_type . "',f_pid='" . $f_pid . "',f_content='" . $f_content . "',f_strstart='" . $f_strstart . "',f_strend='" . $f_strend . "',f_rep='" . $f_rep . "',f_flag='" . $f_flag . "'\t where f_id=" . $f_id; } $db->query($sql); showmsg("成功修改过滤规则!", getReferer()); }
$rsdb = $db->get_one("SELECT * FROM {$pre}module WHERE id='{$id}'"); $array = @(include ROOT_PATH . "{$rsdb['dirname']}/install/fix.php"); if ($array[forbid_del]) { showmsg('当前模块设置了禁止卸载!'); } if (!ereg("^([_a-z0-9]+)\$", $postdb[pre])) { showmsg('数据表前缀只能是英文或数字'); } if (!ereg("(_)\$", $postdb[pre])) { $postdb[pre] = "{$postdb[pre]}_"; } if (!ereg("^([_a-z0-9]+)\$", $postdb['dir'])) { showmsg('只能是英文或数字'); } if (!$postdb['name']) { showmsg('模块名称不能为空!'); } $db->query("INSERT INTO `{$pre}module` (`type` , `name` , `pre` , `dirname` ) VALUES ('{$rsdb['type']}', '{$postdb['name']}', '{$postdb['pre']}', '{$postdb['dir']}')"); $newid = $db->insert_id(); $db->query("SET SQL_QUOTE_SHOW_CREATE = 1"); $query = $db->query("SHOW TABLE STATUS"); while ($rs = $db->fetch_array($query)) { if (eregi("^{$pre}{$rsdb[pre]}", $rs[Name])) { $array = $db->get_one("SHOW CREATE TABLE {$rs['Name']}"); if (mysql_get_server_info() > '4.1' && $dbcharset) { $array['Create Table'] = preg_replace("/DEFAULT CHARSET=([0-9a-z]+)/is", "", $array['Create Table']); $array['Create Table'] .= " DEFAULT CHARSET={$dbcharset}"; } $array['Create Table'] = str_replace("{$pre}{$rsdb['pre']}", "{$pre}{$postdb['pre']}", $array['Create Table']); $db->query($array['Create Table']); $newtable = str_replace("{$pre}{$rsdb['pre']}", "{$pre}{$postdb['pre']}", $rs[Name]);
//执行支付成功操作 include_once INC_PATH . "/recharge.class.php"; $rechargeobj = RechargeClass::init(); //收取手续费的规则 $total_fee = $total_fee * 0.96 - 0.3; $money = $rechargeobj->ratechange($total_fee, 'USD'); $rechargeobj->paysuccess($dingdan, $money); echo '支付成功!'; } else { //输出支付失败提示 showmsg("支付未完成!", "../../../m.php"); } } else { if (isset($paypal['business'])) { log_result("error" . date("Y-M-D H:d:S")); //输出支付失败提示 showmsg("支付未完成!", "../../../m.php"); } else { //输出支付失败提示 showmsg("支付未完成!", "../../../m.php"); } } //日志消息,记录反馈的参数记录下来 function log_result($word) { $fp = fopen("log.txt", "a"); flock($fp, LOCK_EX); fwrite($fp, $word . ":执行日期:" . strftime("%Y%m%d%H%I%S", time()) . "\t\n"); flock($fp, LOCK_UN); fclose($fp); }
* 74cms 职位详细页 * ============================================================================ * 版权所有: 骑士网络,并保留所有权利。 * 网站地址: http://www.74cms.com; * ---------------------------------------------------------------------------- * 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和 * 使用;不允许对程序代码以任何形式任何目的的再发布。 * ============================================================================ */ define('IN_QISHI', true); $alias = "QS_hunter_jobsshow"; require_once dirname(__FILE__) . '/../include/common.inc.php'; if ($_PLUG['hunter']['p_install'] == 1) { $link[0]['text'] = "返回首页"; $link[0]['href'] = $_CFG['site_dir']; showmsg("管理员已关闭此模块!", 1, $link); } if ($mypage['caching'] > 0) { $smarty->cache = true; $smarty->cache_lifetime = $mypage['caching']; } else { $smarty->cache = false; } $cached_id = $alias . (isset($_GET['id']) ? "|" . intval($_GET['id']) % 100 . '|' . intval($_GET['id']) : '') . (isset($_GET['page']) ? "|p" . intval($_GET['page']) % 100 : ''); require_once QISHI_ROOT_PATH . 'include/mysql.class.php'; $db = new mysql($dbhost, $dbuser, $dbpass, $dbname); unset($dbhost, $dbuser, $dbpass, $dbname); $mypage['tpl'] = '../tpl_hunter/default/' . $mypage['tpl']; $smarty->assign('user_tpl', '../tpl_hunter/'); $smarty->display($mypage['tpl'], $cached_id); $db->close();
function trimall($_str) { if (empty($_str)) { showmsg('Settings should not be empty!'); return ''; exit; } $_str = preg_replace("/\\s/", "", $_str); return $_str; }
<?php require_once dirname(__FILE__) . "/config.php"; @set_time_limit(0); CheckPurview('sys_ArcBatch'); if (empty($dopost)) { $dopost = ''; } if ($dopost == 'analyse') { $arr = $dsql->getone("select maintable from `#@__channeltype` where id='{$channelid}' "); if (is_array($arr)) { $maintable = $arr['maintable']; } else { showmsg('频道id不正确,无法处理!', 'javascript:;'); exit; } $dsql->SetQuery("Select count(title) as dd,title From `{$maintable}` where channel='{$channelid}' group by title order by dd desc limit 0, {$pagesize}"); $dsql->Execute(); $allarc = 0; include DedeInclude('templets/article_result_same.htm'); exit; } else { if ($dopost == 'delsel') { require_once dirname(__FILE__) . "/../include/typelink.class.php"; require_once dirname(__FILE__) . "/inc/inc_batchup.php"; if (empty($titles)) { header("Content-Type: text/html; charset={$cfg_ver_lang}"); echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset={$cfg_ver_lang}\">\r\n"; echo "没有指定删除的文档!"; exit; }
} elseif ($action == 'delete') { if (empty($do)) { if (is_array($id)) { $ids = implode(',', $id); } else { showmsg('未选中要操作的内容', '-1'); exit; } $query = "DELETE FROM `{$diy->table}` WHERE id IN ({$ids})"; if ($dsql->ExecuteNoneQuery($query)) { showmsg('删除成功', "diy_list.php?action=list&diyid={$diy->diyid}"); } else { showmsg('删除失败', "diy_list.php?action=list&diyid={$diy->diyid}"); } } else { if ($do = 1) { $row = $dsql->GetOne("SELECT * FROM `{$diy->table}` WHERE id='{$id}'"); if (file_exists($cfg_basedir . $row[$name])) { unlink($cfg_basedir . $row[$name]); $dsql->ExecuteNoneQuery("UPDATE `{$diy->table}` SET {$name}='' WHERE id='{$id}'"); showmsg('文件删除成功', "diy_list.php?action=list&diyid={$diy->diyid}"); } else { showmsg('文件不存在', '-1'); } } } } else { showmsg('未定义操作', "-1"); } } }
for ($i = 1; $i < $page; $i++) { echo "<a href='index.php?mod=admin-job&page=" . $i . $link . "'>[" . $i . "]</a> "; } echo "[" . $page . "]"; for ($i = $page + 1; $i <= $pages; $i++) { echo "<a href='index.php?mod=admin-job&page=" . $i . $link . "'>[" . $i . "]</a> "; } echo '<br>'; $first = 1; $prev = $page - 1; $next = $page + 1; $last = $pages; if ($page > 1) { echo "<a href='index.php?mod=admin-job&page=" . $first . $link . "'>首页</a>."; echo "<a href='index.php?mod=admin-job&page=" . $prev . $link . "'>上一页</a>"; } if ($page < $pages) { echo "<a href='index.php?mod=admin-job&page=" . $next . $link . "'>下一页</a>."; echo "<a href='index.php?mod=admin-job&page=" . $last . $link . "'>尾页</a>"; } echo '</div>'; ##分页 } else { showmsg('后台管理登录失败。请以管理员身份 <a href="index.php?mod=login">重新登录</a>!', 3); } echo '<div class="copy">'; echo date("Y年m月d日 H:i:s"); echo '<br>'; echo '<a href="./">返回后台管理</a>-<a href="index.php">返回首页</a>'; include ROOT . 'includes/foot.php'; echo '</div></body></html>';
//更改状态操作 exit("1"); } elseif ($action == "del" && !empty($did)) { //执行删除操作 $did = GetNum($did); $info = $Table->del($did); if ($info == "OK") { showmsg("删除成功!", PHP_SELF); } else { showmsg($info, PHP_SELF); } } elseif ($action == "dels") { if (empty($delids)) { showmsg("没有选择任何对象!", PHP_SELF); exit; } //空选择 //执行删除多个操作 $delids = explode('|', $delids); foreach ($delids as $id) { if (GetNum($id)) { $info = $Table->del($id); } } if ($info == "OK") { exit("1"); } } else { showmsg("未知请求", "-1"); //出错! }
exit; } if ($pl && !preg_match('/[0-9]/', $pl)) { showmsg('运行频率只能是数字哦!', 3); exit; } if ($isadmin == 1) { $sql18 = "update `wjob_job` set `mc` ='{$mc}',`url` ='{$url}',`post` ='{$post}',`postfields` ='{$postfields}',`cookie` ='{$cookie}',`usep` ='{$usep}',`proxy` ='{$proxy}',`referer` ='{$referer}',`useragent` ='{$useragent}',`start`='{$start}',`stop`='{$stop}',`pl`='{$pl}' where `jobid`='{$jobid}'"; } else { $sql18 = "update `wjob_job` set `mc` ='{$mc}',`url` ='{$url}',`post` ='{$post}',`postfields` ='{$postfields}',`cookie` ='{$cookie}',`usep` ='{$usep}',`proxy` ='{$proxy}',`referer` ='{$referer}',`useragent` ='{$useragent}',`start`='{$start}',`stop`='{$stop}',`pl`='{$pl}',`timea`='{$date}' where `jobid`='{$jobid}'"; } $sds = $DB->query($sql18); if ($sds) { showmsg('任务已成功修改!', 1, 'addrw'); } else { showmsg('任务修改失败!<br/>' . $DB->error()); } } else { showmsg('网址不合法!必须包含且只能包含一个http://'); } } else { showmsg('你只能编辑自己的任务哦!'); } } } else { showmsg('你还没登录哦,请先<a href="index.php?mod=login">登录</a>!', 2); } echo '<div class="copy">'; echo date("Y年m月d日 H:i:s"); include ROOT . 'includes/foot.php'; echo '</div></div></div></div></body></html>';
public function reboot() { $this->form_validation->set_rules('reboot', 'reboot', 'trim|required|xss_clean'); if ($this->form_validation->run()) { //$exec('sudo reboot'); exec('sudo rdate -s tick.greyware.com'); //同步时钟 $command = 'sudo reboot 2>&1'; exec($command, $output, $result); //var_dump($command); //var_dump($output); //var_dump($result); showmsg('Rebooting...Wait for 45s...', WEB_ROOT, '45'); } else { $this->data['title'] = 'reboot'; $this->load->view('common/header', $this->data); $this->load->view('common/left'); $this->load->view('reboot'); $this->load->view('common/footer'); } }
} $setsqlarr['likekey'] = $setsqlarr['jobname'] . "," . $setsqlarr['comname'] . "," . $setsqlarr['address'] . "," . $setsqlarr['detailed']; require_once QISHI_ROOT_PATH . 'include/splitword.class.php'; $sp = new SPWord(); $setsqlarr['key'] = $setsqlarr['jobname'] . $setsqlarr['comname'] . $setsqlarr['address'] . $setsqlarr['detailed']; $setsqlarr['key'] = "{$setsqlarr['jobname']} {$setsqlarr['comname']} " . $sp->extracttag($setsqlarr['key']); $setsqlarr['key'] = $sp->pad($setsqlarr['key']); $link[0]['text'] = "返回微招聘列表"; $link[0]['href'] = url_rewrite('QS_simplelist'); if ($db->updatetable(table('simple'), $setsqlarr, " id='{$id}' ")) { if ($_CFG['simple_edit_audit'] > 1) { $str = ",请等待管理员审核"; } showmsg("修改成功{$str}!", 2, $link); } else { showmsg("修改失败!", 0); } } elseif ($act == 'check_tel') { $tel = $_GET['tel']; $id = intval($_GET['id']); if (preg_match("/^\\d*\$/", $tel)) { if ($id > 0) { $wheresql = " AND id<>'{$id}'"; } $sql = "select id from " . table('simple') . " where tel = '{$tel}' {$wheresql} LIMIT 1"; $info = $db->getone($sql); if (!empty($info)) { exit('false'); } else { exit('true'); }
} elseif ($act == 'reg_save') { if (empty($_SESSION["taobao_access_token"])) { exit("access_token is empty"); } $val['username'] = !empty($_POST['nickname']) ? trim($_POST['nickname']) : exit("err"); $val['mobile'] = !empty($_POST['mobile']) ? trim($_POST['mobile']) : exit("err"); $val['email'] = !empty($_POST['email']) ? trim($_POST['email']) : exit("err"); $val['member_type'] = intval($_POST['utype']); $val['password'] = !empty($_POST['password']) ? trim($_POST['password']) : exit("err"); require_once QISHI_ROOT_PATH . 'include/mysql.class.php'; $db = new mysql($dbhost, $dbuser, $dbpass, $dbname); unset($dbhost, $dbuser, $dbpass, $dbname); require_once QISHI_ROOT_PATH . 'include/fun_user.php'; $userid = user_register(3, $val['password'], $val['member_type'], $val['email'], $val['mobile'], $uc_reg = true); if ($userid > 0) { $time = time(); $db->query("UPDATE " . table('members') . " SET taobao_access_token = '{$_SESSION['taobao_access_token']}', taobao_nick = '{$val['username']}',taobao_binding_time='{$time}' WHERE uid='{$userid}' AND taobao_access_token='' LIMIT 1"); unset($_SESSION["taobao_access_token"]); unset($_SESSION["taobao_nickname"]); update_user_info($userid); $userurl = get_member_url($val['member_type']); header("Location:{$userurl}"); } else { unset($_SESSION["taobao_access_token"]); unset($_SESSION["taobao_nickname"]); require_once QISHI_ROOT_PATH . 'include/tpl.inc.php'; $link[0]['text'] = "返回首页"; $link[0]['href'] = "{$_CFG['site_dir']}"; showmsg('注册失败!', 0, $link); } }
/* * 74cms 支付响应页面 * ============================================================================ * 版权所有: 骑士网络,并保留所有权利。 * 网站地址: http://www.74cms.com; * ---------------------------------------------------------------------------- * 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和 * 使用;不允许对程序代码以任何形式任何目的的再发布。 * ============================================================================ */ define('IN_QISHI', true); require_once dirname(__FILE__) . '/../common.inc.php'; require_once QISHI_ROOT_PATH . 'include/mysql.class.php'; $db = new mysql($dbhost, $dbuser, $dbpass, $dbname); $funtype = array('1' => 'include/fun_company.php'); require_once QISHI_ROOT_PATH . $funtype[$_SESSION['utype']]; require_once QISHI_ROOT_PATH . "include/payment/alipay.php"; if (respond()) { $orderurl = array('1' => 'company_service.php?act=order_list'); $link[0]['text'] = "查看订单"; $link[0]['href'] = get_member_url($_SESSION['utype'], true) . $orderurl[$_SESSION['utype']]; $link[1]['text'] = "会员中心"; $link[1]['href'] = url_rewrite('QS_login'); $link[2]['text'] = "网站首页"; $link[2]['href'] = $_CFG['site_dir']; showmsg("付款成功!", 2, $link, false); } else { $link[0]['text'] = "会员中心"; $link[0]['href'] = get_member_url($_SESSION['utype']); showmsg("付款失败!请联系网站管理员", 0, $link); }
<?php !defined('P_W') && exit('Forbidden'); define('AJAX', 1); S::gp(array('stopic_id', 'category_id', 'is_cover'), null, 2); S::gp(array('block_config', 'stopic_title', 'file_name')); $file_name = trim($file_name); if ('' == $file_name) { $file_name = $stopic_id; } if (!$stopic_id || !$category_id) { showmsg('undefined_error'); } $stopic_data = $stopic_service->getSTopicInfoById($stopic_id); if (empty($stopic_data)) { showmsg('undefined_error'); } if (!stopic_check_file_name($file_name)) { Showmsg('文件名格式错误,只允许英文字母、数字、“-”和“_”', $basename . "&job=stman"); } $old_file_name = $stopic_data['file_name']; if ('' == $old_file_name) { $old_file_name = $stopic_id; } $is_conflict = false; if ($file_name != $old_file_name || $stopic_service->isFileUsed($stopic_id, $file_name)) { if (file_exists($stopic_service->getStopicDir($stopic_id, $file_name))) { $is_conflict = true; } } if ($is_conflict && !$is_cover) {
if (!$postdb[adminurl] || !$postdb[class2]) { $postdb[class1] = $postdb[class2] = ''; } $db->query("INSERT INTO `{$pre}hack` ( `keywords` , `name` , `isclose` , `author` , `config` , `htmlcode` , `hackfile` , `hacksqltable` , `about`,`adminurl`,`class1`,`class2`,`list`,`linkname` ) VALUES ('{$postdb['keywords']}','{$postdb['name']}','{$postdb['isclose']}','{$postdb['author']}','{$postdb['config']}','{$postdb['htmlcode']}','{$postdb['hackfile']}','{$postdb['hacksqltable']}','{$postdb['about']}','{$postdb['adminurl']}','{$postdb['class1']}','{$postdb['class2']}','{$postdb['list']}','{$postdb['linkname']}')"); write_hackmenu_cache(); jump("安装成功,你还需要添加后台管理权限,否则无权管理", "index.php?lfj=group&job=admin_gr&gid=3", 10); } elseif ($job == 'edit' && $Apower[hack_list]) { require "menu.php"; $rsdb = $db->get_one("SELECT * FROM {$pre}hack WHERE keywords='{$keywords}' "); require dirname(__FILE__) . "/" . "head.php"; require dirname(__FILE__) . "/" . "template/hack/edit.htm"; require dirname(__FILE__) . "/" . "foot.php"; } elseif ($action == 'edit' && $Apower[hack_list]) { $rs = $db->get_one("SELECT * FROM {$pre}hack WHERE `name`='{$postdb['name']}' AND keywords!='{$keywords}'"); if ($rs) { showmsg("名称已经存在了.不能重复"); } if (!$postdb[adminurl] || !$postdb[class2]) { $postdb[class1] = $postdb[class2] = ''; } $db->query("UPDATE `{$pre}hack` SET name='{$postdb['name']}',hackfile='{$postdb['hackfile']}',hacksqltable='{$postdb['hacksqltable']}',about='{$postdb['about']}',adminurl='{$postdb['adminurl']}',class1='{$postdb['class1']}',class2='{$postdb['class2']}',list='{$postdb['list']}',linkname='{$postdb['linkname']}' WHERE keywords='{$keywords}'"); write_hackmenu_cache(); jump("修改成功", $FROMURL, 1); } elseif ($action == 'delete' && $Apower[hack_list]) { $rsdb = $db->get_one("SELECT * FROM {$pre}hack WHERE keywords='{$keywords}' "); $db->query("DELETE FROM {$pre}hack WHERE keywords='{$keywords}'"); $detail = explode("\r\n", $rsdb[hackfile]); foreach ($detail as $key => $value) { if ($value) { del_file(ROOT_PATH . $value); }
} if ($action == 'save') { if ($s_name == '') { ShowMsg('请输入职工的姓名', '-1'); exit; } $addsql = "update #@__staff set s_name='{$s_name}',s_address='{$s_address}',s_phone='{$s_phone}',s_part='{$s_part}',s_way='{$s_way}',s_money='{$s_money}',s_utype='{$s_utype}',s_duty='{$s_duty}' where id='{$id}'"; $message = "修改公司职工" . $s_name . "资料成功"; $loginip = getip(); $logindate = getdatetimemk(time()); $username = str_replace($cfg_cookie_encode, '', $_COOKIE["VioomaUserID"]); $asql = new Dedesql(false); $asql->ExecuteNoneQuery($addsql); $asql->ExecuteNoneQuery("insert into #@__recordline(message,date,ip,userid) values('{$message}','{$logindate}','{$loginip}','{$username}')"); $asql->close(); showmsg('成功修改了职工的资料', 'system_worker.php'); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <link href="style/main.css" rel="stylesheet" type="text/css" /> <title><?php echo $cfg_softname; ?> 职工管理</title> <script language="javascript"> function cway(value){ if(value==0)
} if ($opuser == 1) { echo '<form action="index.php" method="get"><input type="hidden" name="mod" value="list"><input type="hidden" name="sys" value="' . $sysid . '"><input type="hidden" name="user" value="' . $gl . '"><input type="text" name="page" value="' . $page . '"><br><input type="submit" value="跳转"></form>'; } else { echo '<form action="index.php" method="get"><input type="hidden" name="mod" value="list"><input type="hidden" name="sys" value="' . $sysid . '"><input type="text" name="page" value="' . $page . '"><br><input type="submit" value="跳转"></form>'; } echo '</div>'; #分页 echo '<div class="w h">运行日志:  <a href="all.php">详细>></a></div><div class="box">系统共有' . $zongs . '条任务<br>系统累计运行了' . $info['times'] . '次<br>上次运行:' . $info['last'] . '<br>当前时间:' . $date . '</div>'; if (function_exists(sys_getloadavg)) { $arr = sys_getloadavg(); echo '<div class="w h">系统负载:</div>'; $f = sys_getloadavg(); echo '<div class="box">'; echo "1min:{$f[0]}"; echo "|5min:{$f[1]}"; echo "|15min:{$f[2]}"; echo '</div>'; } } else { showmsg('登录失败,可能是密码错误或者身份失效了,请<a href="index.php?mod=login">重新登录</a>!', 3); } echo '<div class="copy"><a href="index.php">返回首页</a>-<a href="index.php?mod=help">功能介绍</a>'; include ROOT . 'includes/foot.php'; echo '</div>'; if ($conf['sjyl'] == 1) { $txt = file(ROOT . 'includes/content/content.db'); shuffle($txt); echo "{$txt['0']}"; } echo '</body></html>';
if ($dtime - $tptim > $row['mailtime']) { $db->executenonequery("DELETE FROM `#@__pwd_tmp` WHERE `md` = '{$id}';"); ShowMsg("对不起,临时密码修改期限已过期", "login.php"); exit; } require_once dirname(__FILE__) . "/templets/resetpassword2.htm"; } elseif ($setp == 2) { if (isset($key)) { $pwdtmp = $key; } $sn = md5(trim($pwdtmp)); if ($row['pwd'] == $sn) { if ($pwd != "") { if ($pwd == $pwdok) { $pwdok = md5($pwdok); $sql = "DELETE FROM `#@__pwd_tmp` WHERE `mid` = '{$id}';"; $db->executenonequery($sql); $sql = "UPDATE `#@__member` SET `pwd` = '{$pwdok}' WHERE `mid` = '{$id}';"; if ($db->executenonequery($sql)) { showmsg('更改密码成功,请牢记新密码', 'login.php'); exit; } } } showmsg('对不起,新密码为空或填写不一致', '-1'); exit; } showmsg('对不起,临时密码错误', '-1'); exit; } }
if ($dsql->ExecuteNoneQuery($inquery)) { $inquery = "UPDATE `#@__member` SET money=money-{$needMoney} WHERE mid='" . $cfg_ml->M_ID . "'"; if (!$dsql->ExecuteNoneQuery($inquery)) { showmsg('购买失败, 请返回', -1); exit; } #api{{ if (defined('UC_APPID')) { include_once DEDEROOT . '/api/uc.func.php'; $row = $dsql->GetOne("SELECT `scores`,`userid` FROM `#@__member` WHERE `mid`='" . $cfg_ml->M_ID . "'"); uc_credit_note($row['userid'], -$needMoney, 'money'); } #/aip}} showmsg('购买成功,购买扣点不会重扣金币,谢谢!', '/plus/view.php?aid=' . $aid); exit; } else { showmsg('购买失败, 请返回', -1); exit; } } $msgtitle = "扣金币购买阅读!"; $moremsg = "阅读该文档内容需要付费!<br>这篇文档需要 <font color='red'>" . $needMoney . " 金币</font> 才能访问,你目前拥有金币 <font color='red'>" . $cfg_ml->M_Money . " </font>个!<br>确认阅读请点 [<a href='/plus/view.php?aid=" . $aid . "&dopost=buy' target='_blank'>确认付点阅读</a>]"; include_once $cfg_basedir . $cfg_templets_dir . "/plus/view_msg.htm"; $arc->Close(); exit; } } } //金币处理付处理 } $arc->Display();
$url = "https://graph.qq.com/user/get_user_info?access_token=" . $access_token . "&oauth_consumer_key={$_CFG['qq_appid']}&openid=" . $_SESSION["openid"]; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $output = curl_exec($ch); curl_close($ch); $jsoninfo = json_decode($output, true); $nickname = iconv("utf-8", "gbk", $jsoninfo["nickname"]); $time = time(); $db->query("UPDATE " . table('members') . " SET qq_openid = '{$_SESSION[openid]}', qq_nick = '{$nickname}', qq_binding_time = '{$time}' WHERE uid='" . $_SESSION['uid'] . "' AND qq_openid='' LIMIT 1"); $link[0]['text'] = "进入会员中心"; $link[0]['href'] = get_member_url($_SESSION['utype']); $_SESSION['uqqid'] = $_SESSION['openid']; showmsg('绑定QQ帐号成功!', 2, $link); } } function get_url_contents($url) { if (ini_get("allow_url_fopen") == "1") { return file_get_contents($url); } elseif (function_exists(curl_init)) { $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_URL, $url); $result = curl_exec($ch); curl_close($ch); return $result; } else { exit("请把allow_url_fopen设为On或打开CURL扩展");