Esempio n. 1
0
 function doSave()
 {
     $uid = (int) $_POST['uid'];
     $info = array();
     if ($_POST['pwd'] || $_POST['pwd1'] || $_POST['pwd2']) {
         $pwd = md5(trim($_POST['pwd']));
         $pwd1 = md5(trim($_POST['pwd1']));
         $pwd2 = md5(trim($_POST['pwd2']));
         if (!$_POST['pwd'] || !$_POST['pwd1'] || !$_POST['pwd2']) {
             javascript::alert("修改密码.原密码,新密码,确认密码不能为空");
         }
         $pwd != $user['password'] && javascript::alert("原密码错误!");
         $pwd1 != $pwd2 && javascript::alert("新密码与确认密码不一致!");
         iCMS_DB::query("UPDATE `#iCMS@__members` SET `password` = '{$pwd2}' WHERE `uid` ='{$uid}' LIMIT 1");
     }
     //	    $username=dhtmlspecialchars($_POST['name']);
     $_POST['email'] && !eregi("^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$", $_POST['email']) && javascript::alert("E-mail格式错误!!");
     $email = stripslashes($_POST['email']);
     $gender = intval($_POST['gender']);
     $info['nickname'] = dhtmlspecialchars(stripslashes($_POST['nickname']));
     cstrlen($info['nickname']) > 12 && javascript::alert("昵称长度大于12");
     $info['icq'] = intval($_POST['icq']);
     $info['home'] = dhtmlspecialchars(stripslashes($_POST['home']));
     $info['year'] = intval($_POST['year']);
     $info['month'] = intval($_POST['month']);
     $info['day'] = intval($_POST['day']);
     $info['from'] = dhtmlspecialchars(stripslashes($_POST['from']));
     $info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature']));
     $user['info'] = $info;
     iCMS_DB::query("UPDATE `#iCMS@__members` SET `info` = '" . addslashes(serialize($user['info'])) . "',`email`='{$email}',`gender`='{$gender}' WHERE `uid` ='{$uid}' LIMIT 1");
     javascript::dialog('用户编辑完成!', 'url:' . __SELF__ . '?mo=user&do=manage');
 }
Esempio n. 2
0
 function doSave()
 {
     $id = (int) $_POST['id'];
     $name = dhtmlspecialchars($_POST['name']);
     $table = dhtmlspecialchars($_POST['table']);
     $description = dhtmlspecialchars($_POST['desc']);
     $position2 = $_POST['pos'];
     $position = $_POST['position'];
     $binding = isset($_POST['binding']) ? 1 : 0;
     empty($name) && javascript::alert('模块名称不能为空!');
     empty($table) && $binding && javascript::alert('模块名不能为空!');
     if (!$binding && empty($id)) {
         if (empty($table)) {
             include iPATH . 'include/cn.class.php';
             $table = CN::pinyin($name);
         }
         $table = $table . '_content';
     }
     if ($id) {
         iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__model` where `table` = '{$table}' and `id`!='{$id}'") && javascript::alert('该模块已经存在!请检查是否重复');
         iCMS_DB::query("UPDATE `#iCMS@__model` SET `name` = '{$name}', `table` = '{$table}', `binding` = '{$binding}', `description` = '{$description}', `position` = '{$position}', `position2` = '{$position2}' WHERE `id` = '{$id}';");
     } else {
         iCMS_DB::query("INSERT INTO `#iCMS@__model`(`name`, `table`, `binding`, `description`, `position`,`position2`, `addtime`)VALUES ('{$name}', '{$table}', '{$binding}', '{$description}', '{$position}','{$position2}', '" . time() . "');");
         $id = iCMS_DB::$insert_id;
     }
     model::cache();
     $moreaction = array(array("text" => "下一步添加字段", "url" => __SELF__ . "?mo=models&do=addfield&id=<?php echo {$id};?>"), array("text" => "返回模块列表", "url" => __SELF__ . "?mo=models&do=manage"));
     javascript::dialog('模块添加完成!<br />10秒后返回模块列表', "url:" . __SELF__ . "?mo=models&do=manage", $moreaction, 10);
 }
Esempio n. 3
0
 function doStatus()
 {
     $id = intval($_GET['id']);
     $act = intval($_GET['act']);
     iCMS_DB::query("UPDATE `#iCMS@__advertise` SET `status` = '{$act}' WHERE `id` ='{$id}'");
     $this->create($id);
     javascript::dialog("操作完成!", 'url:1');
 }
Esempio n. 4
0
 function dostatus0()
 {
     empty($_POST['id']) && javascript::dialog("请选择要操作的评论!");
     foreach ($_POST['id'] as $k => $id) {
         $indexId = $_POST['indexId'][$id];
         iCMS_DB::query("UPDATE `#iCMS@__comment` SET `status` = '0' WHERE `id` ='{$id}'");
         iCMS_DB::query("UPDATE `#iCMS@__article` SET `comments` = comments-1  WHERE `id` ='{$indexId}'");
     }
     javascript::dialog("取消审核!", "url:0");
 }
Esempio n. 5
0
 function doUpdate()
 {
     include_once iPATH . 'include/forum.class.php';
     if ($_POST['forum']) {
         $forum = new forum();
         $forum->cache();
     }
     if ($_POST['adm']) {
         include_once iPATH . 'admin/advertise.mo.php';
         $rs = iCMS_DB::getArray("SELECT * FROM `#iCMS@__advertise`", OBJECT);
         $_count = count($rs);
         for ($i = 0; $i < $_count; $i++) {
             adm($rs[$i]);
         }
     }
     $_POST['tpl'] && $this->iCMS->clear_compiled_tpl();
     $_POST['iCMS_list'] && FS::rmdir(iPATH . 'cache/list');
     $_POST['iCMS_forum'] && FS::rmdir(iPATH . 'cache/forum');
     $_POST['iCMS_tag'] && FS::rmdir(iPATH . 'cache/tags');
     if ($_POST['iCMS_ALL']) {
         FS::rmdir(iPATH . 'cache/list');
         FS::rmdir(iPATH . 'cache/forum');
         FS::rmdir(iPATH . 'cache/tags');
     }
     $_POST['keywords'] && keywords_cache();
     $_POST['tags'] && tags_cache();
     if ($_POST['model']) {
         include iPATH . 'include/model.class.php';
         model::cache();
     }
     $_POST['field'] && field_cache();
     $_POST['config'] && CreateConfigFile();
     if ($_POST['Re-Article-Count']) {
         $rs = iCMS_DB::getArray("SELECT fid FROM `#iCMS@__forum`");
         $_count = count($rs);
         for ($i = 0; $i < $_count; $i++) {
             $c = iCMS_DB::getValue("SELECT count(*) FROM #iCMS@__article where `fid`='" . $rs[$i]['fid'] . "' LIMIT 1 ");
             iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` ='{$c}' WHERE `fid` ='" . $rs[$i]['fid'] . "' LIMIT 1 ");
         }
     }
     if ($_POST['Re-Tag-Count']) {
         include_once iPATH . 'include/forum.class.php';
         $rs = iCMS_DB::getArray("SELECT id FROM `#iCMS@__tags`");
         $_count = count($rs);
         for ($i = 0; $i < $_count; $i++) {
             $_count = iCMS_DB::getValue("SELECT count(*) FROM `#iCMS@__taglist` WHERE `tid`='" . $rs[$i]['id'] . "'");
             iCMS_DB::query("UPDATE `#iCMS@__tags` SET `count` = '{$_count}'  WHERE `id` ='" . $rs[$i]['id'] . "'");
             tags_cache($rs[$i]['id']);
         }
     }
     javascript::dialog("执行完毕!", 'url:1');
 }
Esempio n. 6
0
 function dosave()
 {
     $id = (int) $_POST['id'];
     $keyword = dhtmlspecialchars($_POST['keyword']);
     $replace = preg_replace("'<p>(.*?)<\\/p>'si", '\\1', $_POST['replace']);
     if (empty($id)) {
         iCMS_DB::query("INSERT IGNORE INTO `#iCMS@__keywords`(`keyword`,`replace`,`addtime`,`status`) values ('{$keyword}','{$replace}','" . time() . "','1')");
     } else {
         iCMS_DB::query("update `#iCMS@__keywords` set `keyword`='{$keyword}',`replace`='{$replace}' where id='{$id}'");
     }
     keywords_cache();
     javascript::dialog('操作完成!', 'url:' . __SELF__ . '?mo=keywords');
 }
Esempio n. 7
0
 function doEdit()
 {
     foreach ($_POST['name'] as $id => $value) {
         iCMS_DB::query("update `#iCMS@__group` set `name`='{$value}',`order`='" . $_POST['order'][$id] . "' where `gid`='{$id}'");
     }
     if ($_POST['addnewname']) {
         iCMS_DB::query("INSERT INTO `#iCMS@__group`(`gid`,`name`,`order`,`power`,`cpower`,`type`) VALUES (NULL,'" . $_POST['addnewname'] . "','" . $_POST['addneworder'] . "','','','" . $_POST['type'] . "')");
         javascript::dialog('添加完成!', 'url:1');
         exit;
     }
     javascript::dialog('更新完成!', 'url:1');
     //_Header();
 }
Esempio n. 8
0
 function doDel()
 {
     $mid = (int) $_GET['mid'];
     $__TABLE__ = 'article';
     if ($mid) {
         $model = $this->iCMS->getCache('system/models.cache', $mid);
         $__TABLE__ = $model['tbn'];
     }
     $id = intval($_GET['id']);
     $indexId = intval($_GET['indexId']);
     $id && iCMS_DB::query("DELETE FROM `#iCMS@__comment` WHERE `id` ='{$id}'");
     $indexId && iCMS_DB::query("UPDATE `#iCMS@__" . $__TABLE__ . "` SET `comments` = comments-1  WHERE `id` ='{$indexId}'");
     javascript::dialog('评论删除成功!', 'js:parent.$("#tr-' . $id . '").remove();parent.iCMS.closeDialog();');
 }
Esempio n. 9
0
 function dosetting()
 {
     $gender = intval($_POST['gender']);
     $nickname = dhtmlspecialchars($_POST['nickname']);
     $info['icq'] = intval($_POST['icq']);
     $info['home'] = dhtmlspecialchars(stripslashes($_POST['home']));
     $info['year'] = intval($_POST['year']);
     $info['month'] = intval($_POST['month']);
     $info['day'] = intval($_POST['day']);
     $info['from'] = dhtmlspecialchars(stripslashes($_POST['from']));
     $info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature']));
     iCMS_DB::query("UPDATE `#iCMS@__members` SET `info` = '" . addslashes(serialize($info)) . "',`nickname`='{$nickname}',`gender`='{$gender}' WHERE `uid` ='" . member::$uId . "' LIMIT 1");
     javascript::dialog("资料修改完成!");
 }
Esempio n. 10
0
 function doSave()
 {
     $sortid = (int) $_POST['sortid'];
     $name = dhtmlspecialchars($_POST['name']);
     $url = dhtmlspecialchars($_POST['url']);
     $desc = dhtmlspecialchars($_POST['description']);
     $logo = dhtmlspecialchars($_POST['logo']);
     $orderNum = intval($_POST['orderNum']);
     empty($name) && javascript::alert('网站名称不能为空!');
     empty($url) && javascript::alert('网站URL不能为空!');
     strpos($url, 'http://') === false && ($url = 'http://' . $url);
     iCMS_DB::query("INSERT INTO `#iCMS@__links` (`sortid`,`name`,`logo`,`desc`,`url`,`orderNum`) VALUES ('{$sortid}','{$name}','{$logo}','{$desc}','{$url}','{$orderNum}')");
     javascript::dialog("添加完成!", 'url:' . __SELF__ . '?mo=link');
 }
Esempio n. 11
0
 function dosave()
 {
     $id = (int) $_POST['id'];
     $search = dhtmlspecialchars($_POST['search']);
     $search = str_replace(array('%', '_'), array('\\%', '\\_'), $search);
     $times = (int) $_POST['times'];
     if (empty($id)) {
         iCMS_DB::query("insert into `#iCMS@__search`(`search`,`times`,`addtime`) values ('{$search}','{$times}','" . time() . "')");
     } else {
         iCMS_DB::query("update `#iCMS@__search` set `search`='{$search}',`times`='{$times}' where id='{$id}'");
     }
     search_cache();
     javascript::dialog('操作完成!', 'url:' . __SELF__ . '?mo=search');
 }
Esempio n. 12
0
function UA($act, $cid)
{
    global $iCMS;
    $cookietime = $iCMS->config['diggtime'];
    $ajax = intval($_GET['ajax']);
    $cTime = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false;
    if ($cTime) {
        set_cookie($cid . '_' . $act, time(), $cookietime);
        if ($cid && iCMS_DB::query("UPDATE `#iCMS@__comment` SET `{$act}` = {$act}+1  WHERE `id` ='{$cid}'")) {
            $ajax ? jsonp("{state:'1'}", $_GET['callback']) : _Header($iCMS->config['publicURL'] . "/comment.php?indexId=" . $id);
        }
    } else {
        $ajax ? jsonp("{state:'0',text:'" . $iCMS->language('digged') . "' }", $_GET['callback']) : alert($iCMS->language('digged'));
    }
}
Esempio n. 13
0
 function checklogin($a, $p, $Ret = false)
 {
     $ip = getip();
     if (empty($a) && empty($p)) {
         $auth = get_cookie('auth');
         list($a, $p) = explode('#=iCMS[' . $ip . ']=#', authcode($auth, 'DECODE'));
         return self::checkadmin($a, $p, $Ret);
     } else {
         $crs = self::checkadmin($a, $p, $Ret);
         set_cookie('auth', authcode($a . '#=iCMS[' . $ip . ']=#' . $p, 'ENCODE'));
         iCMS_DB::query("UPDATE `#iCMS@__admin` SET `lastip`='" . $ip . "',`lastlogintime`='" . time() . "',`logintimes`=logintimes+1 WHERE `uid`='" . self::$uId . "'");
         !$Ret && javascript::dialog("登陆成功!", 'url:' . __SELF__);
         //UI::redirect('登陆成功, 请稍候......', __SELF__);
         return $crs;
     }
 }
Esempio n. 14
0
 function dosave()
 {
     $author = dhtmlspecialchars($_POST['author']);
     $email = dhtmlspecialchars($_POST['email']);
     $url = dhtmlspecialchars($_POST['url']);
     $content = dhtmlspecialchars($_POST['content']);
     empty($author) && exit('昵称不能为空!');
     empty($content) && exit('留言内容不能为空!');
     WordFilter($author) && exit('昵称包含被系统屏蔽的字符,请返回重新填写。');
     WordFilter($url) && exit('您的网址包含被系统屏蔽的字符,请返回重新填写。');
     WordFilter($content) && exit('留言内容包含被系统屏蔽的字符,请返回重新填写。');
     !preg_match("/^([\\w\\.-]+)@([a-zA-Z0-9-]+)(\\.[a-zA-Z\\.]+)\$/i", $email) && exit('邮箱格式错误!');
     strpos($url, 'http://') === false && ($url = 'http://' . $url);
     iCMS_DB::query("INSERT INTO `#iCMS@__plugins_message` (`author`,`email`,`url`,`content`,`reply`,`addtime`,`ip`,`status`) VALUES ('{$author}','{$email}','{$url}','{$content}','','" . time() . "','" . getip() . "','0')");
     exit('1');
 }
Esempio n. 15
0
 function dosetup($isSetup = 1)
 {
     $plugName = $_GET['name'];
     $plugins = $this->iCMS->getCache('system/plugins');
     //        $plugins[$plugName]=plugin::config($plugName,'config');
     $plugins[$plugName]['isSetup'] = $plugins[$plugName]['status'] = $isSetup;
     $this->iCMS->setCache('system/plugins', $plugins, 0);
     $rs = plugin::config($plugName, 'admincp');
     $plang = $this->iCMS->getCache('system/plugins.lang');
     if ($rs['lang']) {
         foreach ($rs['lang'] as $key => $val) {
             if ($isSetup) {
                 $plang[$key] = $val;
             } else {
                 unset($plang[$key]);
             }
         }
         $this->iCMS->setCache('system/plugins.lang', $plang, 0);
     }
     $pmenu = $this->iCMS->getCache('system/plugins.menu');
     if ($rs['menu']) {
         foreach ($rs['menu'] as $key => $val) {
             if ($isSetup) {
                 $pmenu[$key] = $val;
             } else {
                 unset($pmenu[$key]);
             }
         }
         $this->iCMS->setCache('system/plugins.menu', $pmenu, 0);
     }
     $data = plugin::sql($plugName, $isSetup ? 'install' : 'uninstall');
     if ($data) {
         $sqlArray = explode(";", $data);
         foreach ($sqlArray as $sql) {
             $sql = trim($sql);
             $sql && iCMS_DB::query($sql);
         }
     }
     javascript::dialog($isSetup ? '安装完成!' : '卸载成功', 'url:1');
 }
Esempio n. 16
0
 function doSave()
 {
     $uid = (int) $_POST['uid'];
     $info = array();
     if ($_POST['pwd1'] && $_POST['pwd2']) {
         $pwd1 = md5(trim($_POST['pwd1']));
         $pwd2 = md5(trim($_POST['pwd2']));
         (!$_POST['pwd1'] || !$_POST['pwd2']) && javascript::alert("新密码,确认密码不能为空");
         $pwd1 != $pwd2 && javascript::alert("新密码与确认密码不一致!");
         iCMS_DB::query("UPDATE `#iCMS@__members` SET `password` = '{$pwd2}' WHERE `uid` ='{$uid}' LIMIT 1");
     }
     //$_POST['username']&&!preg_match("/^([_\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\.([a-z]{2,6})$/i",$_POST['username'])&&javascript::alert("E-mail格式错误!!");
     $gender = intval($_POST['gender']);
     $nickname = dhtmlspecialchars($_POST['nickname']);
     $info['icq'] = intval($_POST['icq']);
     $info['home'] = dhtmlspecialchars(stripslashes($_POST['home']));
     $info['year'] = intval($_POST['year']);
     $info['month'] = intval($_POST['month']);
     $info['day'] = intval($_POST['day']);
     $info['from'] = dhtmlspecialchars(stripslashes($_POST['from']));
     $info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature']));
     iCMS_DB::query("UPDATE `#iCMS@__members` SET `info` = '" . addslashes(serialize($info)) . "',`nickname`='{$nickname}',`gender`='{$gender}' WHERE `uid` ='{$uid}' LIMIT 1");
     javascript::dialog('用户编辑完成!', 'url:' . __SELF__ . '?mo=user&do=manage');
 }
Esempio n. 17
0
    case 'logout':
        member::cleancookie();
        break;
    default:
        require_once iPATH . 'include/UI.class.php';
        $action = $_POST['action'];
        //$forward= $_POST['forward'];
        if ($action == 'register') {
            ckseccode($_POST['seccode'], 'U') && javascript::json('seccode', 'error:seccode');
            $username = dhtmlspecialchars($_POST['username']);
            !preg_match("/^([\\w\\.-]+)@([a-zA-Z0-9-]+)(\\.[a-zA-Z\\.]+)\$/i", $username) && javascript::json('username', 'register:emailerror');
            iCMS_DB::getValue("SELECT uid FROM `#iCMS@__members` where `username`='{$username}'") && javascript::json('username', 'register:emailusr');
            $password = md5(trim($_POST['password']));
            $pwdrepeat = md5(trim($_POST['pwdrepeat']));
            $password != $pwdrepeat && javascript::json('pwdrepeat', 'register:different');
            $nickname = dhtmlspecialchars($_POST['nickname']);
            cstrlen($nickname) > 12 && javascript::json(0, 'register:nicknamelong');
            iCMS_DB::query("INSERT INTO `#iCMS@__members` (`groupid`,`username`,`password`,`nickname`,`gender`,`info`,`power`,`cpower`,`regtime`,`lastip`,`lastlogintime`,`logintimes`,`post`,`type`,`status`) VALUES ('4','{$username}','{$password}', '{$nickname}','2','','','','" . time() . "','" . getip() . "', '" . time() . "','0','0','0','1') ");
            $uid = iCMS_DB::$insert_id;
            //设置为登陆状态
            member::set_user_cookie($username, $password, $nickname);
            javascript::json(1, 'register:finish');
        } elseif ($action == "login") {
            ckseccode($_POST['seccode'], 'U') && javascript::json(0, 'error:seccode');
            if (member::checklogin(true)) {
                javascript::json(1, 'login:success');
            } else {
                javascript::json(0, 'login:failed');
            }
        }
}
Esempio n. 18
0
function updateConfig($v, $n)
{
    global $iCMS;
    iCMS_DB::query("UPDATE `#iCMS@__config` SET `value` = '{$v}' WHERE `name` ='{$n}'");
}
Esempio n. 19
0
 function del($tags)
 {
     global $iCMS;
     $tagArray = explode(",", $tags);
     foreach ($tagArray as $k => $v) {
         if (iCMS_DB::getValue("SELECT `count` FROM `#iCMS@__tags` WHERE `name`='{$v}'") == "1") {
             iCMS_DB::query("DELETE FROM `#iCMS@__tags`  WHERE `name`='{$v}'");
             $iCMS->iCache->delete($iCMS->getTagKey($v));
         } else {
             iCMS_DB::query("UPDATE `#iCMS@__tags` SET  `count`=count-1 ,`updatetime`='" . time() . "' WHERE `name`='{$v}'");
         }
     }
     iCMS_DB::query("DELETE FROM `#iCMS@__taglist` WHERE indexId='{$id}' AND modelId='0'");
     return '标签更新…<span style=\'color:green;\'>√</span><br />';
 }
Esempio n. 20
0
 function FILES($field, $intro = "", $_dir = "", $FileName = "", $type = "upload")
 {
     global $iCMS;
     $RootPath = FS::path_join(iPATH, $iCMS->config['uploadfiledir']) . '/';
     //绝对路径
     if ($_FILES[$field]['name']) {
         $tmp_name = $_FILES[$field]['tmp_name'];
         !is_uploaded_file($tmp_name) && exit("What are you doing?");
         if ($_FILES[$field]['error'] > 0) {
             switch ((int) $_FILES[$field]['error']) {
                 case UPLOAD_ERR_NO_FILE:
                     @unlink($tmp_name);
                     javascript::alert('请选择上传文件!');
                     return false;
                     break;
                 case UPLOAD_ERR_FORM_SIZE:
                     @unlink($tmp_name);
                     javascript::alert('上传的文件超过大小!');
                     return false;
                     break;
             }
             return false;
         }
         $_FileSize = @filesize($tmp_name);
         //文件类型
         $oFileName = $_FILES[$field]['name'];
         //            preg_match("/\.([a-zA-Z0-9]{2,4})$/",$oFileName,$exts);
         $FileExt = strtolower(FS::getExt($oFileName));
         //&#316;&#701;
         self::CheckValidExt($oFileName);
         //判断文件类型
         //过滤文件;
         strstr($FileExt, 'ph') && ($FileExt = "phpfile");
         in_array($FileExt, array('cer', 'htr', 'cdx', 'asa', 'asp', 'jsp', 'aspx', 'cgi')) && ($FileExt .= "file");
         $FileMd5 = md5_file($tmp_name);
         $rs = iCMS_DB::getRow("SELECT * FROM #iCMS@__file WHERE `filename`='{$FileMd5}' LIMIT 1");
         if (empty($rs) || $type == "reupload") {
             empty($FileName) && ($FileName = $FileMd5 . "." . $FileExt);
             // 文件保存目录方式
             $FileDir = "";
             if (empty($_dir)) {
                 if ($iCMS->config['savedir']) {
                     $FileDir = str_replace(array('Y', 'y', 'm', 'n', 'd', 'j', 'H', 'EXT'), array(get_date('', 'Y'), get_date('', 'y'), get_date('', 'm'), get_date('', 'n'), get_date('', 'd'), get_date('', 'j'), get_date('', 'H'), $FileExt), $iCMS->config['savedir']);
                 }
             } else {
                 $FileDir = $_dir;
             }
             $RootPath = $RootPath . $FileDir . '/';
             //创建目录
             FS::mkdir($RootPath);
             //文件名
             $FilePath = $FileDir . '/' . $FileName;
             $FileRootPath = $RootPath . $FileName;
             self::saveUpload($tmp_name, $FileRootPath);
             if (in_array($FileExt, array('gif', 'jpg', 'jpeg', 'png'))) {
                 if ($iCMS->config['isthumb'] && ($iCMS->config['thumbwidth'] || $iCMS->config['thumbhight'])) {
                     FS::mkdir($RootPath . "thumb");
                     $Thumb = self::thumbnail($RootPath, $FileRootPath, $FileMd5);
                     !empty($Thumb['src']) && $iCMS->config['thumbwatermark'] && self::watermark($Thumb['src']);
                 }
                 self::watermark($FileRootPath);
             }
             // 写入数据库
             empty($_FileSize) && ($_FileSize = 0);
             if ($type == "upload") {
                 iCMS_DB::query("INSERT INTO `#iCMS@__file` (`filename`,`ofilename`,`path`,`intro`,`ext`,`size`,`time`,`type`) VALUES ('{$FileMd5}', '{$oFileName}', '{$FileDir}','{$intro}', '{$FileExt}', '{$_FileSize}', '" . time() . "', '0') ");
                 $fid = iCMS_DB::$insert_id;
             }
         } else {
             $fid = $rs->id;
             $FilePath = $rs->path . "/" . $rs->filename . "." . $rs->ext;
             $FileName = $rs->filename . "." . $rs->ext;
             unlink($tmp_name);
         }
         return array('fid' => $fid, 'FilePath' => $FilePath, 'OriginalFileName' => $oFileName, 'FileName' => $FileName);
     } else {
         return;
     }
 }
Esempio n. 21
0
 function doDel()
 {
     $fid = (int) $_GET['fid'];
     Admin::CP($fid, 'Permission_Denied', __SELF__ . '?mo=forums');
     $forum = new forum();
     $msg = '请选择要删除的栏目!';
     if (empty($forum->_array[$id])) {
         iCMS_DB::query("DELETE FROM `#iCMS@__forum` WHERE `fid` = '{$fid}'");
         $this->iCMS->iCache->delete('system/forum/' . $fid);
         $art = iCMS_DB::getArray("SELECT id FROM `#iCMS@__article` WHERE `fid` = '{$fid}'");
         foreach ((array) $art as $a) {
             delArticle($a['fid']);
         }
         $forum = new forum();
         $forum->cache();
         $msg = '删除成功!';
     } else {
         $msg = '请先删除本栏目下的子栏目!';
     }
     javascript::dialog($msg, 'url:' . __SELF__ . '?mo=forums');
 }
Esempio n. 22
0
function runquery($sql)
{
    global $db, $tablenum;
    $sql = str_replace("\r", "\n", str_replace('#iCMS@__', DB_PREFIX, $sql));
    $ret = array();
    $num = 0;
    foreach (explode(";\n", trim($sql)) as $query) {
        $queries = explode("\n", trim($query));
        foreach ($queries as $query) {
            $ret[$num] .= $query[0] == '#' ? '' : $query;
        }
        $num++;
    }
    unset($sql);
    foreach ($ret as $query) {
        $query = trim($query);
        if ($query) {
            if (substr($query, 0, 12) == 'CREATE TABLE') {
                preg_match("|CREATE TABLE (.*) \\(  |i", $query, $name);
                flush();
                echo '创建表 ' . $name[1] . ' ... <font color="#0000EE">成功</font><br />';
                flush();
                iCMS_DB::query(createtable($query, DB_CHARSET));
                $tablenum++;
            } else {
                iCMS_DB::query($query);
            }
        }
    }
}
Esempio n. 23
0
 function delTagCache($id)
 {
     $id = implode(',', (array) $id);
     $rs = iCMS_DB::getRow("SELECT `name` FROM `#iCMS@__tags` WHERE `id` in ({$id}) ");
     $this->iCMS->iCache->delete($this->iCMS->getTagKey($rs->name));
     iCMS_DB::query("DELETE FROM `#iCMS@__tags` WHERE `id` in ({$id}) ");
 }
Esempio n. 24
0
    $auth = get_cookie('user');
    require_once iPATH . "usercp/user.class.php";
    //    require_once iPATH.'usercp/usercp.lang.php';
    if ($auth) {
        list($a, $p) = explode('#=iCMS!=#', authcode($auth, 'DECODE'));
        User::checkuser($a, $p);
        $uid = User::$uId;
        $username = $anonymous && $iCMS->config['anonymous'] ? $iCMS->config['anonymousname'] : User::$nickname;
    } else {
        $iCMS->config['anonymous'] ? $username = $iCMS->config['anonymousname'] : javascript::json(0, 'login:no', $frame);
    }
    $status = $iCMS->config['isexamine'] ? '0' : '1';
    $query = iCMS_DB::query("INSERT INTO `#iCMS@__comment` (`mid`, `sortId`, `indexId`, `userId`, `username`, `title`, `contents`, `quote`, `floor`, `reply`, `up`, `down`, `ip`, `addtime`, `status`) VALUES ('{$mId}', '{$sortId}', '{$indexId}', '{$uid}', '{$username}', '{$title}', '{$contents}', '{$quote}', '{$floor}', '{$reply}', '0', '0', '" . getip() . "', '" . time() . "', '{$status}')");
    if ($query) {
        if ($status) {
            if (empty($mId)) {
                $__TABLE__ = 'article';
            } else {
                $__MODEL__ = $iCMS->cache('model.id', 'include/syscache', 0, true);
                $model = $__MODEL__[$mId];
                $__TABLE__ = $model['table'] . '_content';
            }
            iCMS_DB::query("UPDATE `#iCMS@__{$__TABLE__}` SET `comments` = comments+1  WHERE `id` ='{$indexId}'");
            javascript::json(1, 'comment:post', $frame);
        } else {
            javascript::json(1, 'comment:examine', $frame);
        }
    } else {
        javascript::json(1, 'comment:Unknown', $frame);
    }
}
Esempio n. 25
0
 function search($q = '')
 {
     $q == '' && javascript::alert($this->language('search:keywordempty'));
     empty($type) && ($type = 'title');
     $keyword = $q;
     $q = str_replace(array('%', '_'), array('\\%', '\\_'), $q);
     $this->actionSQL = " And CONCAT(title,keywords,description,author) like '%{$q}%' ";
     if ($id = iCMS_DB::getValue("SELECT id FROM `#iCMS@__search` where `search`='{$q}'")) {
         iCMS_DB::query("UPDATE `#iCMS@__search` SET `times`=times+1 WHERE `id`='{$id}'");
     } else {
         iCMS_DB::query("INSERT INTO `#iCMS@__search` (`search`,`times`,`addtime`) VALUES ('{$q}','0','" . time() . "')");
     }
     $this->assign("search", array('keyword' => $keyword));
     $this->iPrint("iTPL", "search");
 }
Esempio n. 26
0
 function remotepic(&$content, $intro = '', $autopic = false)
 {
     global $iCMS;
     $content = stripslashes($content);
     $img = array();
     preg_match_all("/<img.*?src\\s*=[\"|'|\\s]*((http|file):\\/\\/.*?\\.(gif|jpg|jpeg|bmp|png)).*?>/is", $content, $match);
     $_array = (array) array_unique($match[1]);
     $uri = parse_url($iCMS->config['uploadURL']);
     foreach ($_array as $_k => $imgurl) {
         if (strstr(strtolower($imgurl), $uri['host'])) {
             unset($_array[$_k]);
         }
     }
     if (empty($_array)) {
         $content = addslashes($content);
         return;
     }
     set_time_limit(0);
     $RootPath = self::path_join(iPATH, $iCMS->config['uploadfiledir']) . '/';
     //绝对路径
     $FileDir = "";
     if ($iCMS->config['savedir']) {
         $FileDir = str_replace(array('Y', 'y', 'm', 'n', 'd', 'j', 'H', 'EXT'), array(get_date('', 'Y'), get_date('', 'y'), get_date('', 'm'), get_date('', 'n'), get_date('', 'd'), get_date('', 'j'), get_date('', 'H'), $FileExt), $iCMS->config['savedir']);
     }
     $RootPath = $RootPath . $FileDir . "/";
     $milliSecond = 'remote_' . get_date('', "YmdHis") . rand(1, 99999);
     self::mkdir($RootPath);
     require_once iPATH . 'include/snoopy.class.php';
     require_once iPATH . 'include/upload.class.php';
     $Snoopy = new Snoopy();
     $Snoopy->agent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5";
     $Snoopy->accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
     foreach ($_array as $key => $value) {
         $FileExt = strtolower(FS::getExt($value));
         //&#316;&#701;
         iUpload::CheckValidExt($value);
         //判断文件类型
         //过滤文件;
         strstr($FileExt, 'ph') && ($FileExt = "phpfile");
         in_array($FileExt, array('cer', 'htr', 'cdx', 'asa', 'asp', 'jsp', 'aspx', 'cgi')) && ($FileExt .= "file");
         $FileRootPathTmp = $RootPath . $milliSecond . $key . "." . $FileExt;
         $Snoopy->fetch($value);
         if ($Snoopy->results) {
             self::write($FileRootPathTmp, $Snoopy->results);
             $FileMd5 = md5_file($FileRootPathTmp);
             $rs = iCMS_DB::getRow("SELECT * FROM #iCMS@__file WHERE `filename`='{$FileMd5}' LIMIT 1");
             if (empty($rs)) {
                 $FileName = $FileMd5 . "." . $FileExt;
                 $FilePath = $FileDir . "/" . $FileName;
                 $FileRootPath = $RootPath . $FileName;
                 rename($FileRootPathTmp, $FileRootPath);
                 if (in_array($FileExt, array('gif', 'jpg', 'jpeg', 'png'))) {
                     if ($iCMS->config['isthumb'] && ($iCMS->config['thumbwidth'] || $iCMS->config['thumbhight'])) {
                         list($width, $height, $imagetype) = getimagesize($FileRootPath);
                         if ($width > $iCMS->config['thumbwidth'] || $height > $iCMS->config['thumbhight']) {
                             self::mkdir($RootPath . "thumb");
                         }
                         $Thumbnail = iUpload::thumbnail($RootPath, $FileRootPath, $FileMd5);
                         !empty($Thumbnail['filepath']) && $iCMS->config['thumbwatermark'] && iUpload::watermark($Thumbnail['filepath']);
                     }
                     iUpload::watermark($FileRootPath);
                 }
                 $_FileSize = @filesize($FileRootPath);
                 empty($_FileSize) && ($_FileSize = 0);
                 iCMS_DB::query("INSERT INTO `#iCMS@__file` (`filename`,`ofilename`,`path`,`intro`,`ext`,`size` ,`time`,`type`) VALUES ('{$FileMd5}', '{$value}', '{$FileDir}','{$intro}', '{$FileExt}', '{$_FileSize}', '" . time() . "', '1') ");
             } else {
                 $FilePath = $rs->path . "/" . $rs->filename . "." . $rs->ext;
                 self::del($FileRootPathTmp);
             }
             $content = str_replace($value, self::fp($FilePath, '+http'), $content);
             if ($autopic && $key == 0) {
                 break;
             }
         }
     }
     $content = addslashes($content);
 }
Esempio n. 27
0
 function bakindata($filename)
 {
     $sql = file($filename);
     $query = '';
     $num = 0;
     foreach ($sql as $key => $value) {
         $value = trim($value);
         if (!$value || $value[0] == '#') {
             continue;
         }
         if (eregi("\\;\$", $value)) {
             $query .= $value;
             if (eregi("^CREATE", $query)) {
                 $extra = substr(strrchr($query, ')'), 1);
                 $tabtype = substr(strchr($extra, '='), 1);
                 $tabtype = substr($tabtype, 0, strpos($tabtype, strpos($tabtype, ' ') ? ' ' : ';'));
                 $query = str_replace($extra, '', $query);
                 if (version_compare(mysql_get_server_info(), '4.1.0', '>=')) {
                     $extra = DB_CHARSET ? "ENGINE={$tabtype} DEFAULT CHARSET=" . DB_CHARSET . ";" : "ENGINE={$tabtype};";
                 } else {
                     $extra = "TYPE={$tabtype};";
                 }
                 $query .= $extra;
             } elseif (eregi("^INSERT", $query)) {
                 $query = 'REPLACE ' . substr($query, 6);
             }
             iCMS_DB::query(str_replace('iCMS_', DB_PREFIX, $query));
             $query = '';
         } else {
             $query .= $value;
         }
     }
 }
Esempio n. 28
0
 function doSave()
 {
     $id = (int) $_POST['id'];
     $name = dhtmlspecialchars($_POST['name']);
     $table = dhtmlspecialchars($_POST['table']);
     $description = dhtmlspecialchars($_POST['desc']);
     $show = (int) $_POST['show'];
     $position = $_POST['position'];
     $position2 = $_POST['pos'];
     $form = dhtmlspecialchars($_POST['form']);
     $binding = isset($_POST['binding']) ? 1 : 0;
     empty($name) && javascript::alert('模块名称不能为空!');
     empty($table) && $binding && javascript::alert('模块名不能为空!');
     if (!$binding && empty($id)) {
         if (empty($table)) {
             include iPATH . 'include/cn.class.php';
             $table = CN::pinyin($name);
         }
     }
     !preg_match("/[a-zA-Z]/", $table[0]) && javascript::alert('模型表名只能以英文字母开头');
     !preg_match("/[a-zA-Z0-9_\\-~]/", $table) && javascript::alert('模型表名只能由英文字母或数字组成');
     //model::isSysTable($table) && javascript::alert('您所填写的模块表名是系统表!请重新填写.');
     if ($id) {
         iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__model` where `table` = '{$table}' and `id`!='{$id}'") && javascript::alert('该模块已经存在!请检查是否重复');
         iCMS_DB::query("UPDATE `#iCMS@__model` SET `name` = '{$name}', `table` = '{$table}', `binding` = '{$binding}', `description` = '{$description}', `show` = '{$show}', `position` = '{$position}', `position2` = '{$position2}', `form` = '{$form}' WHERE `id` = '{$id}';");
         if (!$binding) {
             $oTable = iCMS_DB::getValue("SELECT `table` FROM `#iCMS@__model` where `id` ='{$id}'");
             if ($oTable != $table) {
                 iCMS_DB::query("RENAME TABLE `#iCMS@__" . model::tbn($oTable) . "` TO `#iCMS@__" . model::tbn($table) . "`");
             }
         }
     } else {
         iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__model` where `table` = '{$table}'") && javascript::alert('该模块已经存在!请检查是否重复');
         $field = $binding ? '' : model::$defaultField;
         iCMS_DB::query("INSERT INTO `#iCMS@__model`(`name`, `table`, `field`, `binding`, `description`,`show`, `position`,`position2`,`form`, `addtime`)VALUES ('{$name}', '{$table}','{$field}', '{$binding}', '{$description}','{$show}', '{$position}','{$position2}','{$form}', '" . time() . "');");
         $id = iCMS_DB::$insert_id;
         if (!$binding) {
             //创建模块基础表
             $tableSQL = "CREATE TABLE `#iCMS@__" . model::tbn($table) . "` (\n\t\t\t\t\t   `id` int(10) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t   `fid` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t   `orderNum` smallint(6) NOT NULL DEFAULT '0',\n\t\t\t\t\t   `title` varchar(255) NOT NULL DEFAULT '',\n\t\t\t\t\t   `clink` varchar(255) NOT NULL DEFAULT '',\n\t\t\t\t\t   `editor` varchar(200) NOT NULL DEFAULT '',\n\t\t\t\t\t   `userid` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t   `tags` varchar(255) NOT NULL DEFAULT '',\n\t\t\t\t\t   `pubdate` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t   `hits` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t   `comments` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t   `good` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t   `bad` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t   `vlink` varchar(255) NOT NULL DEFAULT '',\n\t\t\t\t\t   `type` smallint(6) NOT NULL DEFAULT '0',\n\t\t\t\t\t   `top` smallint(6) NOT NULL DEFAULT '0',\n\t\t\t\t\t   `postype` tinyint(1) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t   `status` tinyint(1) unsigned NOT NULL DEFAULT '1',\n\t\t\t\t\t   PRIMARY KEY (`id`),\n\t\t\t\t\t   KEY `pubdate` (`pubdate`),\n\t\t\t\t\t   KEY `comment` (`comments`),\n\t\t\t\t\t   KEY `hit` (`hits`),\n\t\t\t\t\t   KEY `order` (`orderNum`),\n\t\t\t\t\t   KEY `sortid` (`fid`,`id`),\n\t\t\t\t\t   KEY `topord` (`top`,`orderNum`),\n\t\t\t\t\t   KEY `userid` (`userid`),\n\t\t\t\t\t   KEY `postype` (`postype`,`id`),\n\t\t\t\t\t   KEY `status` (`status`,`postype`,`id`)\n\t\t\t\t\t ) ENGINE=MyISAM  DEFAULT CHARSET=" . DB_CHARSET;
             iCMS_DB::query($tableSQL);
         }
     }
     model::cache();
     $moreaction = array(array("text" => "下一步添加字段", "url" => __SELF__ . "?mo=models&do=addfield&id=" . $id), array("text" => "返回模块列表", "url" => __SELF__ . "?mo=models&do=manage"));
     javascript::dialog('模块' . ($id ? '编辑' : '添加') . '完成!<br />模块基础建表完成...<br />10秒后返回模块列表', "url:" . __SELF__ . "?mo=models&do=manage", $moreaction, 10);
 }
Esempio n. 29
0
 function dotrash()
 {
     $id = (int) $_GET['id'];
     $mid = (int) $_GET['mid'];
     $table = model::tbn($_GET['table']);
     iCMS_DB::query("UPDATE `#iCMS@__{$table}` SET `status` = '2' WHERE `id` ='{$id}'");
     javascript::dialog('此项目已经移动到回收站!', 'js:parent.$("#aid' . $id . '").remove();parent.iCMS.closeDialog();');
 }
Esempio n. 30
0
 function insert_db_remote($content, $aid)
 {
     $content = stripslashes($content);
     preg_match_all("/<img.*?src\\s*=[\"|'|\\s]*((http|file):\\/\\/.*?\\.(gif|jpg|jpeg|bmp|png)).*?>/is", $content, $match);
     $_array = array_unique($match[1]);
     set_time_limit(0);
     foreach ($_array as $key => $value) {
         $value = uploadpath($value, '-http');
         $filename = basename($value);
         $pic = iCMS_DB::getValue("SELECT `pic` FROM `#iCMS@__article` WHERE `id` = '{$aid}'");
         $this->autopic && $key == 0 && empty($pic) && iCMS_DB::query("UPDATE `#iCMS@__article` SET `isPic`='1',`pic` = '{$value}' WHERE `id` = '{$aid}'");
         $faid = iCMS_DB::getValue("SELECT `aid` FROM `#iCMS@__file` WHERE `filename` ='{$filename}'");
         empty($faid) && iCMS_DB::query("UPDATE `#iCMS@__file` SET `aid` = '{$aid}' WHERE `filename` ='{$filename}'");
     }
 }