function doSave() { $uid = (int) $_POST['uid']; $info = array(); if ($_POST['pwd'] || $_POST['pwd1'] || $_POST['pwd2']) { $pwd = md5(trim($_POST['pwd'])); $pwd1 = md5(trim($_POST['pwd1'])); $pwd2 = md5(trim($_POST['pwd2'])); if (!$_POST['pwd'] || !$_POST['pwd1'] || !$_POST['pwd2']) { javascript::alert("修改密码.原密码,新密码,确认密码不能为空"); } $pwd != $user['password'] && javascript::alert("原密码错误!"); $pwd1 != $pwd2 && javascript::alert("新密码与确认密码不一致!"); iCMS_DB::query("UPDATE `#iCMS@__members` SET `password` = '{$pwd2}' WHERE `uid` ='{$uid}' LIMIT 1"); } // $username=dhtmlspecialchars($_POST['name']); $_POST['email'] && !eregi("^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$", $_POST['email']) && javascript::alert("E-mail格式错误!!"); $email = stripslashes($_POST['email']); $gender = intval($_POST['gender']); $info['nickname'] = dhtmlspecialchars(stripslashes($_POST['nickname'])); cstrlen($info['nickname']) > 12 && javascript::alert("昵称长度大于12"); $info['icq'] = intval($_POST['icq']); $info['home'] = dhtmlspecialchars(stripslashes($_POST['home'])); $info['year'] = intval($_POST['year']); $info['month'] = intval($_POST['month']); $info['day'] = intval($_POST['day']); $info['from'] = dhtmlspecialchars(stripslashes($_POST['from'])); $info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature'])); $user['info'] = $info; iCMS_DB::query("UPDATE `#iCMS@__members` SET `info` = '" . addslashes(serialize($user['info'])) . "',`email`='{$email}',`gender`='{$gender}' WHERE `uid` ='{$uid}' LIMIT 1"); javascript::dialog('用户编辑完成!', 'url:' . __SELF__ . '?mo=user&do=manage'); }
function doSave() { $id = (int) $_POST['id']; $name = dhtmlspecialchars($_POST['name']); $table = dhtmlspecialchars($_POST['table']); $description = dhtmlspecialchars($_POST['desc']); $position2 = $_POST['pos']; $position = $_POST['position']; $binding = isset($_POST['binding']) ? 1 : 0; empty($name) && javascript::alert('模块名称不能为空!'); empty($table) && $binding && javascript::alert('模块名不能为空!'); if (!$binding && empty($id)) { if (empty($table)) { include iPATH . 'include/cn.class.php'; $table = CN::pinyin($name); } $table = $table . '_content'; } if ($id) { iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__model` where `table` = '{$table}' and `id`!='{$id}'") && javascript::alert('该模块已经存在!请检查是否重复'); iCMS_DB::query("UPDATE `#iCMS@__model` SET `name` = '{$name}', `table` = '{$table}', `binding` = '{$binding}', `description` = '{$description}', `position` = '{$position}', `position2` = '{$position2}' WHERE `id` = '{$id}';"); } else { iCMS_DB::query("INSERT INTO `#iCMS@__model`(`name`, `table`, `binding`, `description`, `position`,`position2`, `addtime`)VALUES ('{$name}', '{$table}', '{$binding}', '{$description}', '{$position}','{$position2}', '" . time() . "');"); $id = iCMS_DB::$insert_id; } model::cache(); $moreaction = array(array("text" => "下一步添加字段", "url" => __SELF__ . "?mo=models&do=addfield&id=<?php echo {$id};?>"), array("text" => "返回模块列表", "url" => __SELF__ . "?mo=models&do=manage")); javascript::dialog('模块添加完成!<br />10秒后返回模块列表', "url:" . __SELF__ . "?mo=models&do=manage", $moreaction, 10); }
function dodels() { empty($_POST['id']) && javascript::alert('请选择要操作项'); foreach ($_POST['id'] as $k => $id) { $id && iCMS_DB::query("DELETE FROM `#iCMS@__search` WHERE `id` ='{$id}'"); } search_cache(); javascript::dialog('操作完成!', 'url:0'); }
function dodels() { empty($_POST['id']) && javascript::alert('请选择要操作的TAG'); foreach ((array) $_POST['id'] as $tId) { $this->delArticleTag($tId); $this->delTagCache($tId); $js[] = '#tid' . $tId; } javascript::dialog('全部成功删除!', 'js:parent.$("' . implode(',', $js) . '").remove();parent.iCMS.closeDialog();'); }
function dodels() { empty($_POST['id']) && javascript::alert('请选择要操作的关键字'); foreach ($_POST['id'] as $k => $id) { $id && iCMS_DB::query("DELETE FROM `#iCMS@__keywords` WHERE `id` ='{$id}'"); $js[] = '#kid' . $id; } keywords_cache(); javascript::dialog('全部成功删除!', 'js:parent.$("' . implode(',', $js) . '").remove();parent.iCMS.closeDialog();'); }
function doSave() { strpos($_POST['tplpath'], '..') !== false && javascript::alert("文件路径不能带有.."); preg_match("/\\.([a-zA-Z0-9]{2,4})\$/", $_POST['tplpath'], $exts); $FileExt = strtolower($exts[1]); strstr($FileExt, 'ph') && javascript::alert("文件格式错误!"); in_array($FileExt, array('cer', 'htr', 'cdx', 'asa', 'asp', 'jsp', 'aspx', 'cgi')) && javascript::alert("文件格式错误!"); $FileData = stripslashes($_POST['html']); FS::write(iPATH . 'templates' . $_POST['tplpath'], $FileData); javascript::dialog('保存成功!', 'url:' . __SELF__ . $_POST['REFERER']); }
function dodelete() { if (isset($_POST['delete'])) { foreach ($_POST['delete'] as $k => $id) { iCMS_DB::query("DELETE FROM `#iCMS@__plugins_message` WHERE `id` ='{$id}'"); $js[] = '#mid' . $id; } javascript::dialog('全部成功删除!', 'js:parent.$("' . implode(',', $js) . '").remove();parent.iCMS.closeDialog();'); } else { javascript::alert("请选择要删除的留言!"); } }
function doSave() { $sortid = (int) $_POST['sortid']; $name = dhtmlspecialchars($_POST['name']); $url = dhtmlspecialchars($_POST['url']); $desc = dhtmlspecialchars($_POST['description']); $logo = dhtmlspecialchars($_POST['logo']); $orderNum = intval($_POST['orderNum']); empty($name) && javascript::alert('网站名称不能为空!'); empty($url) && javascript::alert('网站URL不能为空!'); strpos($url, 'http://') === false && ($url = 'http://' . $url); iCMS_DB::query("INSERT INTO `#iCMS@__links` (`sortid`,`name`,`logo`,`desc`,`url`,`orderNum`) VALUES ('{$sortid}','{$name}','{$logo}','{$desc}','{$url}','{$orderNum}')"); javascript::dialog("添加完成!", 'url:' . __SELF__ . '?mo=link'); }
function doSave() { $id = intval($_POST['id']); $load = $_POST['load']; $state = intval($_POST['state']); $varname = $_POST['varname']; $title = dhtmlspecialchars($_POST['title']); $style = $_POST['style']; $starttime = empty($_POST['starttime']) ? 0 : _strtotime($_POST['starttime']); $endtime = empty($_POST['endtime']) ? 0 : _strtotime($_POST['endtime']); $code = addslashes(serialize($_POST['adv'])); !$varname && javascript::alert("广告标识符不能为空"); if ($id) { iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__advertise` where `varname` ='{$varname}' AND `id` !='{$id}'") && javascript::alert('该广告标识已经存在!请检查是否重复'); iCMS_DB::query("UPDATE `#iCMS@__advertise` SET `varname` = '{$varname}',`title` = '{$title}',`style`='{$style}',`starttime` = '{$starttime}',`endtime` = '{$endtime}',`code` = '{$code}',`load` = '{$load}',`status` = '{$state}' WHERE `id` ='{$id}'"); } else { iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__advertise` where `varname` ='{$varname}'") && javascript::alert('该广告标识已经存在!请检查是否重复'); iCMS_DB::query("INSERT INTO `#iCMS@__advertise`(`varname` , `title` ,`style`, `starttime` , `endtime` , `code` , `load`, `status` ) VALUES ('{$varname}','{$title}','{$style}','{$starttime}', '{$endtime}', '{$code}', '{$load}', '{$state}')"); $id = iCMS_DB::$insert_id; } $this->create($id); javascript::dialog("更新完成!", 'url:' . __SELF__ . "?mo=advertise"); }
function doSave() { $uid = (int) $_POST['uid']; $info = array(); if ($_POST['pwd1'] && $_POST['pwd2']) { $pwd1 = md5(trim($_POST['pwd1'])); $pwd2 = md5(trim($_POST['pwd2'])); (!$_POST['pwd1'] || !$_POST['pwd2']) && javascript::alert("新密码,确认密码不能为空"); $pwd1 != $pwd2 && javascript::alert("新密码与确认密码不一致!"); iCMS_DB::query("UPDATE `#iCMS@__members` SET `password` = '{$pwd2}' WHERE `uid` ='{$uid}' LIMIT 1"); } //$_POST['username']&&!preg_match("/^([_\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\.([a-z]{2,6})$/i",$_POST['username'])&&javascript::alert("E-mail格式错误!!"); $gender = intval($_POST['gender']); $nickname = dhtmlspecialchars($_POST['nickname']); $info['icq'] = intval($_POST['icq']); $info['home'] = dhtmlspecialchars(stripslashes($_POST['home'])); $info['year'] = intval($_POST['year']); $info['month'] = intval($_POST['month']); $info['day'] = intval($_POST['day']); $info['from'] = dhtmlspecialchars(stripslashes($_POST['from'])); $info['signature'] = dhtmlspecialchars(stripslashes($_POST['signature'])); iCMS_DB::query("UPDATE `#iCMS@__members` SET `info` = '" . addslashes(serialize($info)) . "',`nickname`='{$nickname}',`gender`='{$gender}' WHERE `uid` ='{$uid}' LIMIT 1"); javascript::dialog('用户编辑完成!', 'url:' . __SELF__ . '?mo=user&do=manage'); }
<?php /** * @package iCMS * @copyright 2007-2010, iDreamSoft * @license http://www.idreamsoft.com iDreamSoft * @author coolmoo <*****@*****.**> */ require_once dirname(__FILE__) . '/../global.php'; define('__ADMINCP__', __SELF__ . '?mo'); error_reporting(E_ALL ^ E_NOTICE); iCMS_DB::$show_errors = true; require_once iPATH . 'include/member.class.php'; require_once iPATH . 'include/forum.class.php'; require_once iPATH . 'admin/function.php'; require_once iPATH . 'admin/admincp.lang.php'; require_once iPATH . 'include/UI.class.php'; require_once iPATH . 'admin/menu.class.php'; require_once iPATH . 'admin/admincp.class.php'; //admincp_log(); if ($_POST['action'] == "login") { ckseccode($_POST['seccode'], 'B') && javascript::alert("验证码错误!", 'js:parent.$("#seccodeimg").click();'); } member::$isAdmin = true; member::checklogin(); member::MP("ADMINCP", "ADMINCP_Permission_Denied");
function domove() { empty($_POST['id']) && javascript::alert("请选择要移动的文章"); !$_POST['fid'] && javascript::alert("请选择目标栏目"); $fid = intval($_POST['fid']); foreach ((array) $_POST['id'] as $id) { $id = intval($id); $ofid = iCMS_DB::getValue("SELECT `fid` FROM `#iCMS@__article` where `id` ='{$id}'"); iCMS_DB::query("UPDATE `#iCMS@__article` SET fid='{$fid}' WHERE `id` ='{$id}'"); if ($ofid != $fid) { iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count-1 WHERE `id` ='{$ofid}' LIMIT 1 "); iCMS_DB::query("UPDATE `#iCMS@__forum` SET `count` = count+1 WHERE `id` ='{$fid}' LIMIT 1 "); iCMS_DB::query("UPDATE `#iCMS@__vlink` SET `sortId` = '{$fid}' WHERE `sortId` ='{$ofid}' and `indexId`='{$id}'"); } } javascript::dialog('成功移动到目标栏目!', "url:1"); }
function doSave() { $id = (int) $_POST['id']; $name = dhtmlspecialchars($_POST['name']); $table = dhtmlspecialchars($_POST['table']); $description = dhtmlspecialchars($_POST['desc']); $show = (int) $_POST['show']; $position = $_POST['position']; $position2 = $_POST['pos']; $form = dhtmlspecialchars($_POST['form']); $binding = isset($_POST['binding']) ? 1 : 0; empty($name) && javascript::alert('模块名称不能为空!'); empty($table) && $binding && javascript::alert('模块名不能为空!'); if (!$binding && empty($id)) { if (empty($table)) { include iPATH . 'include/cn.class.php'; $table = CN::pinyin($name); } } !preg_match("/[a-zA-Z]/", $table[0]) && javascript::alert('模型表名只能以英文字母开头'); !preg_match("/[a-zA-Z0-9_\\-~]/", $table) && javascript::alert('模型表名只能由英文字母或数字组成'); //model::isSysTable($table) && javascript::alert('您所填写的模块表名是系统表!请重新填写.'); if ($id) { iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__model` where `table` = '{$table}' and `id`!='{$id}'") && javascript::alert('该模块已经存在!请检查是否重复'); iCMS_DB::query("UPDATE `#iCMS@__model` SET `name` = '{$name}', `table` = '{$table}', `binding` = '{$binding}', `description` = '{$description}', `show` = '{$show}', `position` = '{$position}', `position2` = '{$position2}', `form` = '{$form}' WHERE `id` = '{$id}';"); if (!$binding) { $oTable = iCMS_DB::getValue("SELECT `table` FROM `#iCMS@__model` where `id` ='{$id}'"); if ($oTable != $table) { iCMS_DB::query("RENAME TABLE `#iCMS@__" . model::tbn($oTable) . "` TO `#iCMS@__" . model::tbn($table) . "`"); } } } else { iCMS_DB::getValue("SELECT `id` FROM `#iCMS@__model` where `table` = '{$table}'") && javascript::alert('该模块已经存在!请检查是否重复'); $field = $binding ? '' : model::$defaultField; iCMS_DB::query("INSERT INTO `#iCMS@__model`(`name`, `table`, `field`, `binding`, `description`,`show`, `position`,`position2`,`form`, `addtime`)VALUES ('{$name}', '{$table}','{$field}', '{$binding}', '{$description}','{$show}', '{$position}','{$position2}','{$form}', '" . time() . "');"); $id = iCMS_DB::$insert_id; if (!$binding) { //创建模块基础表 $tableSQL = "CREATE TABLE `#iCMS@__" . model::tbn($table) . "` (\n\t\t\t\t\t `id` int(10) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t `fid` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t `orderNum` smallint(6) NOT NULL DEFAULT '0',\n\t\t\t\t\t `title` varchar(255) NOT NULL DEFAULT '',\n\t\t\t\t\t `clink` varchar(255) NOT NULL DEFAULT '',\n\t\t\t\t\t `editor` varchar(200) NOT NULL DEFAULT '',\n\t\t\t\t\t `userid` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t `tags` varchar(255) NOT NULL DEFAULT '',\n\t\t\t\t\t `pubdate` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t `hits` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t `comments` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t `good` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t `bad` int(10) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t `vlink` varchar(255) NOT NULL DEFAULT '',\n\t\t\t\t\t `type` smallint(6) NOT NULL DEFAULT '0',\n\t\t\t\t\t `top` smallint(6) NOT NULL DEFAULT '0',\n\t\t\t\t\t `postype` tinyint(1) unsigned NOT NULL DEFAULT '0',\n\t\t\t\t\t `status` tinyint(1) unsigned NOT NULL DEFAULT '1',\n\t\t\t\t\t PRIMARY KEY (`id`),\n\t\t\t\t\t KEY `pubdate` (`pubdate`),\n\t\t\t\t\t KEY `comment` (`comments`),\n\t\t\t\t\t KEY `hit` (`hits`),\n\t\t\t\t\t KEY `order` (`orderNum`),\n\t\t\t\t\t KEY `sortid` (`fid`,`id`),\n\t\t\t\t\t KEY `topord` (`top`,`orderNum`),\n\t\t\t\t\t KEY `userid` (`userid`),\n\t\t\t\t\t KEY `postype` (`postype`,`id`),\n\t\t\t\t\t KEY `status` (`status`,`postype`,`id`)\n\t\t\t\t\t ) ENGINE=MyISAM DEFAULT CHARSET=" . DB_CHARSET; iCMS_DB::query($tableSQL); } } model::cache(); $moreaction = array(array("text" => "下一步添加字段", "url" => __SELF__ . "?mo=models&do=addfield&id=" . $id), array("text" => "返回模块列表", "url" => __SELF__ . "?mo=models&do=manage")); javascript::dialog('模块' . ($id ? '编辑' : '添加') . '完成!<br />模块基础建表完成...<br />10秒后返回模块列表', "url:" . __SELF__ . "?mo=models&do=manage", $moreaction, 10); }
function search($q = '') { $q == '' && javascript::alert($this->language('search:keywordempty')); empty($type) && ($type = 'title'); $keyword = $q; $q = str_replace(array('%', '_'), array('\\%', '\\_'), $q); $this->actionSQL = " And CONCAT(title,keywords,description,author) like '%{$q}%' "; if ($id = iCMS_DB::getValue("SELECT id FROM `#iCMS@__search` where `search`='{$q}'")) { iCMS_DB::query("UPDATE `#iCMS@__search` SET `times`=times+1 WHERE `id`='{$id}'"); } else { iCMS_DB::query("INSERT INTO `#iCMS@__search` (`search`,`times`,`addtime`) VALUES ('{$q}','0','" . time() . "')"); } $this->assign("search", array('keyword' => $keyword)); $this->iPrint("iTPL", "search"); }
function doSave() { $fid = (int) $_POST['fid']; $rootid = (int) $_POST['rootid']; $modelid = (int) $_POST['modelid']; $status = (int) $_POST['status']; $issend = (int) $_POST['issend']; $isexamine = (int) $_POST['isexamine']; $orderNum = (int) $_POST['orderNum']; $mode = (int) $_POST['mode']; $name = dhtmlspecialchars($_POST['name']); $subname = dhtmlspecialchars($_POST['subname']); $domain = dhtmlspecialchars($_POST['domain']); $htmlext = dhtmlspecialchars($_POST['htmlext']); $url = dhtmlspecialchars($_POST['url']); $password = dhtmlspecialchars($_POST['password']); $pic = dhtmlspecialchars($_POST['pic']); $dir = dhtmlspecialchars($_POST['dir']); $title = dhtmlspecialchars($_POST['title']); $keywords = dhtmlspecialchars($_POST['keywords']); $description = dhtmlspecialchars($_POST['description']); $attr = dhtmlspecialchars($_POST['attr']); $forumRule = dhtmlspecialchars($_POST['forumRule']); $contentRule = dhtmlspecialchars($_POST['contentRule']); $indexTPL = dhtmlspecialchars($_POST['indexTPL']); $listTPL = dhtmlspecialchars($_POST['listTPL']); $contentTPL = dhtmlspecialchars($_POST['contentTPL']); $fid && $fid == $rootid && javascript::dialog('不能以自身做为上级栏目'); empty($name) && javascript::dialog('栏目名称不能为空!'); if (empty($dir) && empty($url)) { include iPATH . 'include/cn.class.php'; $dir = strtolower(CN::pinyin($name)); } if ($mode == "2") { if (strpos($forumRule, '{FDIR}') === FALSE && strpos($forumRule, '{FID}') === FALSE) { javascript::dialog('伪静态模式下版块URL规则<br />必需要有<br />{FDIR}版块目录<br />或者<br />{FID}版块ID', 'js:', 'ok', 10); } if (strpos($contentRule, '{AID}') === FALSE && strpos($contentRule, '{0xID}') === FALSE && strpos($contentRule, '{LINK}') === FALSE) { javascript::dialog('伪静态模式下内容URL规则<br />必需要有<br />{AID}文章ID <br />或者<br />{0xID}文章ID补零<br />或者<br />{LINK}文章自定义链接', 'js:', 'ok', 10); } global $iCMS; $htaFile = iPATH . "/.htaccess"; // if(file_exists($htaFile)){ // $RewriteRule=FS::read($htaFile); // } // if(empty($RewriteRule)){ $RewriteBase = $iCMS->config['dir'] == "/" ? '' : $iCMS->config['dir']; $RewriteRule = "RewriteEngine On\nRewriteBase /" . $RewriteBase . "\nRewriteCond %{REQUEST_FILENAME} !-f\nRewriteCond %{REQUEST_FILENAME} !-d\n\n"; // } //内容 $contentRR = RewriteRule($contentRule, "show", $htmlext, $iCMS->config['htmldir']); $cmd5 = md5($contentRR); if (strstr($RewriteRule, $cmd5) === false) { $RewriteRule .= "#{$cmd5}\n" . $contentRR . "#{$cmd5}\n\n\n"; } //版块 $forumRR = RewriteRule($forumRule, "forum", $htmlext, $iCMS->config['htmldir']); $fmd5 = md5($forumRR); if (strstr($RewriteRule, $fmd5) === false) { $RewriteRule .= "#{$fmd5}\n" . $forumRR . "#{$fmd5}\n\n\n"; } FS::write($htaFile, $RewriteRule); } if (empty($fid)) { iCMS_DB::getValue("SELECT `dir` FROM `#iCMS@__forum` where `dir` ='{$dir}'") && empty($url) && javascript::dialog('该栏目别名/目录已经存在!请另选一个'); iCMS_DB::query("INSERT INTO `#iCMS@__forum` (`rootid`,`modelid`,`orderNum`,`name`,`subname`,`password`,`title`,`keywords`,`description`,`dir`,`mode`,`domain`,`url`,`pic`,`htmlext`,`forumRule`,`contentRule`,`indexTPL`,`listTPL`,`contentTPL`,`attr`,`isexamine`,`issend`,`status`)\n \t\tVALUES ('{$rootid}','{$modelid}', '{$orderNum}', '{$name}','{$subname}','{$password}','{$title}','{$keywords}', '{$description}', '{$dir}','{$mode}','{$domain}', '{$url}','{$pic}','{$htmlext}','{$forumRule}', '{$contentRule}','{$indexTPL}', '{$listTPL}', '{$contentTPL}', '{$attr}','{$isexamine}','{$issend}','{$status}')"); $forum = new forum(); $forum->cache(); $msg = "栏目添加完成!"; } else { Admin::CP($fid, 'Permission_Denied', __SELF__ . '?mo=forums'); $rootid != $forum->forum[$fid]['rootid'] && Admin::CP($rootid, 'Permission_Denied', __SELF__ . '?mo=forums'); iCMS_DB::getValue("SELECT `dir` FROM `#iCMS@__forum` where `dir` ='{$dir}' AND `fid` !='{$fid}'") && empty($url) && javascript::alert('该栏目别名/目录已经存在!请另选一个'); iCMS_DB::query("UPDATE `#iCMS@__forum` SET `rootid` = '{$rootid}',`modelid` = '{$modelid}',`orderNum` = '{$orderNum}',`name` = '{$name}',`subname` = '{$subname}',`password`='{$password}',`title` = '{$title}',`keywords` = '{$keywords}',`description` = '{$description}',`dir` = '{$dir}',`url` = '{$url}',`mode` = '{$mode}',`domain` = '{$domain}',`pic`='{$pic}',`htmlext`='{$htmlext}',`forumRule`='{$forumRule}',`contentRule`='{$contentRule}',`indexTPL` = '{$indexTPL}',`listTPL` = '{$listTPL}',`contentTPL` = '{$contentTPL}',`attr` = '{$attr}',`isexamine`='{$isexamine}',`status`='{$status}',`issend`='{$issend}' WHERE `fid` ='{$fid}' "); $forum = new forum(); $forum->cache(); $msg = "栏目编辑完成!"; } javascript::dialog($msg, 'url:' . __SELF__ . '?mo=forums'); }
function doSave() { $uid = (int) $_POST['uid']; $name = dhtmlspecialchars($_POST['name']); $nickname = dhtmlspecialchars($_POST['nickname']); $groupid = $_POST['groupid']; $pwd = md5($_POST['pwd']); $password = md5($_POST['pwd2']); if ($_POST['pwd'] && $_POST['pwd2']) { $pwd != $password && javascript::alert("密码与确认密码不一致!"); } $email && !preg_match("/^([_\\.0-9a-z-]+)@([0-9a-z][0-9a-z-]+)\\.([a-z]{2,6})\$/i", $email) && javascript::alert("E-mail格式错误!!"); if (empty($uid)) { if (!$_POST['pwd'] || !$_POST['pwd2']) { javascript::alert("密码不能为空"); } iCMS_DB::getValue("SELECT `uid` FROM `#iCMS@__members` WHERE `username`='{$name}'") && javascript::alert("该用户名已经存在!"); iCMS_DB::query("INSERT INTO `#iCMS@__members` (`username`,`password`,`groupid`,`nickname`,`gender`,`info`,`power`,`cpower`,`lastip`,`lastlogintime`,`logintimes`,`post`,`type`,`status`)values('{$name}', '{$password}', '{$groupid}', '{$name}', '0', '', '', '', '', '0.0.0.0', '" . time() . "', '0', '0', '1', '1')"); javascript::dialog("添加完成!", "url:" . __SELF__ . '?mo=account&do=manage'); } else { if ($_POST['pwd'] && $_POST['pwd2']) { iCMS_DB::query("UPDATE `#iCMS@__members` SET `password` = '{$password}' WHERE `uid` ='{$uid}' LIMIT 1"); } iCMS_DB::query("UPDATE `#iCMS@__members` SET `nickname`='{$nickname}',`groupid`='{$groupid}' WHERE `uid` ='{$uid}' LIMIT 1"); javascript::dialog("编辑完成!", "url:" . __SELF__ . '?mo=account&do=manage'); } }
function doReplace_Action() { $field = $_POST["field"]; $pattern = $_POST["pattern"]; $replacement = $_POST["replacement"]; $where = $_POST["where"]; empty($pattern) && javascript::alert("查找项不能为空~!"); if ($field == "body") { iCMS_DB::query("UPDATE `#iCMS@__article_data` SET `body` = REPLACE(`body`, '{$pattern}', '{$replacement}') {$where}"); } else { if ($field == "tkd") { iCMS_DB::query("UPDATE `#iCMS@__article` SET `title` = REPLACE(`title`, '{$pattern}', '{$replacement}'),\n\t\t \t`keywords` = REPLACE(`keywords`, '{$pattern}', '{$replacement}'),\n\t\t \t`description` = REPLACE(`description`, '{$pattern}', '{$replacement}'){$where}"); } else { iCMS_DB::query("UPDATE `#iCMS@__article` SET `{$field}` = REPLACE(`{$field}`, '{$pattern}', '{$replacement}'){$where}"); } } javascript::dialog(iCMS_DB::$rows_affected . "条记录被替换<br />操作完成!!"); }
function doEmpty() { javascript::alert("请选择操作项", 'url:0'); }
<?php /** * @package iCMS * @copyright 2007-2010, iDreamSoft * @license http://www.idreamsoft.com iDreamSoft * @author coolmoo <*****@*****.**> */ require_once dirname(__FILE__) . '/../global.php'; require_once iPATH . 'admin/admin.class.php'; require_once iPATH . 'admin/function.php'; require_once iPATH . 'admin/admincp.lang.php'; require_once iPATH . 'include/UI.class.php'; require_once iPATH . 'admin/menu.class.php'; require_once iPATH . 'admin/admincp.class.php'; define('__ADMINCP__', __SELF__ . '?mo'); if ($_POST['action'] == "login") { ckseccode($_POST['seccode']) && javascript::alert('验证码错误!'); $username = $_POST['username']; $password = md5($_POST['password']); } Admin::checklogin($username, $password); admincp_log(); Admin::MP("ADMINCP", "ADMINCP_Permission_Denied");
function doextractpic() { Admin::MP("menu_extract_pic"); include iPATH . 'include/forum.class.php'; set_time_limit(0); $speed = 100; //提取速度 $action = $this->PG('action'); $fids = $this->PG('fid'); $startid = (int) $this->PG('startid'); $endid = (int) $this->PG('endid'); $starttime = $this->PG('starttime'); $endtime = $this->PG('endtime'); $totle = isset($_GET['totle']) ? $_GET['totle'] : 0; $loop = isset($_GET['loop']) ? $_GET['loop'] : 1; $i = isset($_GET['i']) ? $_GET['i'] : 0; empty($action) && javascript::alert("请选择操作项"); if ($fids) { empty($fids) && javascript::alert("请选择版块"); is_array($fids) && ($fids = implode(",", $fids)); if (strstr($fids, 'all')) { $forum = new forum(); $fids = substr($forum->fid(), 0, -1); if (empty($fids)) { javascript::dialog("提取完毕", 'url:' . __SELF__ . '?mo=files&do=extract'); } else { _header(__SELF__ . '?mo=files&do=extractpic&fid=' . $fids . '&action=' . $action); } } else { $cArray = explode(',', $fids); $_Ccount = count($cArray); $k = isset($_GET['k']) ? $_GET['k'] : 0; $rs = iCMS_DB::getArray("SELECT id FROM #iCMS@__article WHERE fid in ({$fids}) and `status`='1'"); empty($totle) && ($totle = count($rs)); $tloop = ceil($totle / $speed); if ($loop <= $tloop) { $max = $i + $speed > $totle ? $totle : $i + $speed; for ($j = $i; $j < $max; $j++) { if ($action == "thumb") { if ($this->extractThumb($rs[$j]['id'])) { $msg .= "文章ID:" . $rs[$j]['id'] . "提取…<span style='color:green;'>√</span><br />"; } } elseif ($action == "into") { $intoMsg = $this->into($rs[$j]['id']); if ($intoMsg) { $msg .= $intoMsg . "文章ID:" . $rs[$j]['id'] . "提取…<span style='color:green;'>√</span><br />"; } } } javascript::dialog($msg ? $msg : "暂无提取信息!", 'src:' . __SELF__ . '?mo=files&do=extractpic&fid=' . $fids . '&totle=' . $totle . '&loop=' . ($loop + 1) . '&i=' . $j . '&action=' . $action); } else { javascript::dialog("提取完毕", 'url:' . __SELF__ . '?mo=files&do=extract'); } } } elseif ($startid && $endid) { $startid > $endid && !isset($_GET['g']) && javascript::alert("开始ID不能大于结束ID"); empty($totle) && ($totle = $endid - $startid + 1); empty($i) && ($i = $startid); $tloop = ceil($totle / $speed); if ($loop <= $tloop) { $max = $i + $speed > $endid ? $endid : $i + $speed; for ($j = $i; $j <= $max; $j++) { if ($action == "thumb") { if ($this->extractThumb($j)) { $msg .= "文章ID:" . $j . "提取…<span style='color:green;'>√</span><br />"; } } elseif ($action == "into") { $intoMsg = $this->into($j); if ($intoMsg) { $msg .= $intoMsg . "文章ID:" . $j . "提取…<span style='color:green;'>√</span><br />"; } } } javascript::dialog($msg ? $msg : "暂无提取信息!", 'src:' . __SELF__ . '?mo=files&do=extractpic&startid=' . $startid . '&endid=' . $endid . '&g&loop=' . ($loop + 1) . '&i=' . $j . '&action=' . $action); } else { javascript::dialog("提取完毕", 'url:' . __SELF__ . '?mo=files&do=extract'); } } elseif ($starttime) { $s = strtotime($starttime); $e = empty($endtime) ? time() + 86400 : strtotime($endtime); $rs = iCMS_DB::getArray("SELECT id FROM #iCMS@__article WHERE `pubdate`>='{$s}' and `pubdate`<='{$e}' and `status`='1'"); empty($totle) && ($totle = count($rs)); $tloop = ceil($totle / $speed); if ($loop <= $tloop) { $max = $i + $speed > $totle ? $totle : $i + $speed; for ($j = $i; $j < $max; $j++) { if ($action == "thumb") { if ($this->extractThumb($rs[$j]['id'])) { $msg .= "文章ID:" . $rs[$j]['id'] . "提取…<span style='color:green;'>√</span><br />"; } } elseif ($action == "into") { $intoMsg = $this->into($rs[$j]['id']); if ($intoMsg) { $msg .= $intoMsg . "文章ID:" . $rs[$j]['id'] . "提取…<span style='color:green;'>√</span><br />"; } } } javascript::dialog($msg ? $msg : "暂无提取信息!", 'src:' . __SELF__ . '?mo=files&do=extractpic&starttime=' . $starttime . '&endtime=' . $endtime . '&totle=' . $totle . '&loop=' . ($loop + 1) . '&i=' . $j . '&action=' . $action); } else { javascript::dialog("提取完毕", 'url:' . __SELF__ . '?mo=files&do=extract'); } } else { javascript::alert("请选择方式"); } }
function CheckValidExt($value) { global $iCMS; $FileExt = strtolower(FS::getExt($value)); $aExt = explode(',', strtoupper($iCMS->config['fileext'])); if (!in_array(strtoupper($FileExt), $aExt)) { javascript::alert('[' . $value . '] 不支持上传此类扩展名的附件'); } }
function dopreview() { $id = (int) $_GET['id']; !$id && javascript::alert("请选择要删除的文章"); $rs = iCMS_DB::getRow("SELECT a.*,ad.tpl,ad.body,ad.subtitle FROM `#iCMS@__article` a LEFT JOIN `#iCMS@__article_data` ad ON a.id=ad.aid WHERE a.id='{$id}' AND a.userid='" . member::$uId . "' AND a.postype='0'", ARRAY_A); echo '<style type="text/css"> .preview .title { height:53px; line-height:53px; margin:0px auto 0px; text-align: center; } .preview .title h1 { font-size:24px; font-weight: bold; } .preview .content { overflow:hidden; margin:10px auto; color:#444; font-size:14px; line-height:160%; padding:5px; } .preview .content p { font-size: 14px; margin-top: 10px; margin-right: auto; margin-bottom: 0px; margin-left: auto; line-height: 25px; text-indent: 2em; padding: 0px; } .preview .content img { clear: both; display: block; margin: 0 auto; } .preview .content a { border-bottom:1px dotted #0B3B8C; color:#0B3B8C; text-decoration:none; } </style>'; echo '<div class="preview"><div class="title"><h1>' . $rs['title'] . '</h1></div>'; echo '<div class="content">' . $rs['body'] . '</div></div>'; }
function dodel() { $id = $_GET['id']; $mid = $_GET['mid']; !$id && javascript::alert("请选择要删除的内容"); $msg = delContent($id, $mid); javascript::dialog($msg . '<br />成功删除!', 'js:parent.$("#aid' . $id . '").remove();parent.iCMS.closeDialog();'); }
function doCreateTag() { $speed = 25; //生成速度 $sids = $this->PG('sortid'); $startid = (int) $this->PG('startid'); $endid = (int) $this->PG('endid'); $starttime = $this->PG('starttime'); $endtime = $this->PG('endtime'); $cpageNum = 0; //$_GET['cpn']; $totle = isset($_GET['totle']) ? $_GET['totle'] : 0; $loop = isset($_GET['loop']) ? $_GET['loop'] : 1; $i = isset($_GET['i']) ? $_GET['i'] : 0; $isA = $this->isAll(); if ($sids) { empty($sids) && javascript::alert("请选择分类"); is_array($sids) && ($sids = implode(",", $sids)); if (strstr($sids, 'all')) { $forum = new forum(); $sids = substr($forum->fid(), 0, -1); _header(__SELF__ . '?mo=html&do=CreateTag&time=' . $this->cTime . '&cpn=' . $cpageNum . '&sortid=' . $sids . $isA); } else { $sArray = explode(',', $sids); $sCount = count($sArray); $cpage = isset($_GET['cpage']) ? $_GET['cpage'] : 1; $k = isset($_GET['k']) ? $_GET['k'] : 0; $rs = iCMS_DB::getArray("SELECT `id`,`name` FROM #iCMS@__tags WHERE `sortid` in ({$sids}) and `status`='1' order by id DESC"); empty($totle) && ($totle = count($rs)); $tloop = ceil($totle / $speed); if ($loop <= $tloop) { $max = $i + $speed > $totle ? $totle : $i + $speed; for ($j = $i; $j < $max; $j++) { $c = iHtml::Tag($rs[$j]['name'], $cpage, $loop, $cpageNum); $msg .= "标签: [" . $c['name'] . "] 生成…<span style='color:green;'>√</span><br />"; } javascript::dialog($msg, 'src:' . __SELF__ . '?mo=html&do=CreateTag&sortid=' . $sids . '&totle=' . $totle . '&loop=' . ($loop + 1) . '&i=' . $j . $isA, 'ok', 0); } else { $isA && javascript::dialog("标签更新完毕!<br />开始生成首页", 'url:' . __SELF__ . '?mo=html&do=index&all=true'); javascript::dialog("标签更新完毕"); } } // }elseif($startid && $endid){ // ($startid>$endid &&!isset($_GET['g'])) && javascript::alert("开始ID不能大于结束ID"); // empty($totle)&&$totle=($endid-$startid)+1; // empty($i)&&$i=$startid; // $tloop=ceil($totle/$speed); // if($loop<=$tloop){ // $max=$i+$speed>$endid?$endid:$i+$speed; // for($j=$i;$j<=$max;$j++){ // iHtml::Tag($j); // $msg.="标签ID:{$j}生成…<span style='color:green;'>√</span><br />"; // } // javascript::dialog($msg,'src:'.__SELF__.'?mo=html&do=CreateTag&startid='.$startid.'&endid='.$endid.'&g&loop='.($loop+1).'&i='.$j.$isA,'ok',0); // }else{ // javascript::dialog("标签更新完毕"); // } } elseif ($starttime) { $s = strtotime($starttime); $e = empty($endtime) ? time() + 86400 : strtotime($endtime); $rs = iCMS_DB::getArray("SELECT id,name FROM #iCMS@__tags WHERE `updatetime`>='{$s}' and `updatetime`<='{$e}' and `status`='1' order by id DESC"); empty($totle) && ($totle = count($rs)); $tloop = ceil($totle / $speed); if ($loop <= $tloop) { $max = $i + $speed > $totle ? $totle : $i + $speed; for ($j = $i; $j < $max; $j++) { iHtml::Tag($rs[$j]['name']); $msg .= "标签:[" . $rs[$j]['name'] . "]生成…<span style='color:green;'>√</span><br />"; } javascript::dialog($msg, 'src:' . __SELF__ . '?mo=html&do=CreateTag&starttime=' . $starttime . '&endtime=' . $endtime . '&totle=' . $totle . '&loop=' . ($loop + 1) . '&i=' . $j, 'ok', 0); } else { javascript::dialog("标签更新完毕"); } } else { javascript::alert("请选择方式"); } }