function AddGbook($add)
{
global $empire, $dbtbpre, $level_r, $public_r;
//验证IP
eCheckAccessDoIp('gbook');
CheckCanPostUrl();
//验证来源
$bid = (int) getcvar('gbookbid');
if (empty($bid)) {
$bid = intval($add[bid]);
}
$name = RepPostStr(trim($add[name]));
$email = RepPostStr($add[email]);
$call = RepPostStr($add[call]);
$lytext = RepPostStr($add[lytext]);
if (empty($bid) || empty($name) || empty($email) || !trim($lytext)) {
printerror("EmptyGbookname", "history.go(-1)", 1);
}
if (!chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
//验证码
$keyvname = 'checkgbookkey';
if ($public_r['gbkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$lasttime = getcvar('lastgbooktime');
if ($lasttime) {
if (time() - $lasttime < $public_r['regbooktime']) {
printerror("GbOutTime", "", 1);
}
}
//版面是否存在
$br = $empire->fetch1("select bid,checked,groupid from {$dbtbpre}enewsgbookclass where bid='{$bid}';");
if (empty($br[bid])) {
printerror("EmptyGbook", "history.go(-1)", 1);
}
//权限
if ($br['groupid']) {
$user = islogin();
if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) {
printerror("HaveNotEnLevel", "history.go(-1)", 1);
}
}
$lytime = date("Y-m-d H:i:s");
$ip = egetip();
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
$sql = $empire->query("insert into {$dbtbpre}enewsgbook(name,email,`call`,lytime,lytext,retext,bid,ip,checked,userid,username) values('{$name}','{$email}','{$call}','{$lytime}','{$lytext}','','{$bid}','{$ip}','{$br['checked']}','{$userid}','{$username}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
esetcookie("lastgbooktime", time(), time() + 3600 * 24);
//设置最后发表时间
$reurl = DoingReturnUrl("../tool/gbook/?bid={$bid}", $add['ecmsfrom']);
printerror("AddGbookSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function EditSpaceStyle($add,$userid,$username){
global $empire,$dbtbpre;
$styleid=intval($add[styleid]);
if(empty($add[stylename])||empty($add[stylepath])||!$styleid)
{
printerror('EmptySpaceStyle','history.go(-1)');
}
$add[stylepath]=RepPathStr($add[stylepath]);
$add['stylepath']=RepPostStr($add['stylepath'],1);
//目录是否存在
if(!file_exists("../../space/template/".$add[stylepath]))
{
printerror("EmptySpaceStylePath","history.go(-1)");
}
$mg=ReturnSpaceStyleMemberGroup($add['membergroup']);
$sql=$empire->query("update {$dbtbpre}enewsspacestyle set stylename='$add[stylename]',stylepic='$add[stylepic]',stylesay='$add[stylesay]',stylepath='$add[stylepath]',membergroup='$mg' where styleid='$styleid'");
if($sql)
{
insert_dolog("styleid=$styleid&stylename=$add[stylename]");//操作日志
printerror("EditSpaceStyleSuccess","ListSpaceStyle.php".hReturnEcmsHashStrHref2(1));
}
else
{
printerror("DbError","history.go(-1)");
}
}
function EditMoreport($add, $userid, $username)
{
global $empire, $dbtbpre;
$add[pid] = (int) $add[pid];
if (!$add[pid] || !$add[pname] || !$add[ppath] || !$add[purl] || !$add[postpass] || !$add[tempgid]) {
printerror("EmptyMoreport", "history.go(-1)");
}
//验证权限
CheckLevel($userid, $username, $classid, "moreport");
$add['pname'] = hRepPostStr($add['pname'], 1);
$add['purl'] = RepPostStr($add['purl'], 1);
$add['ppath'] = RepPostStr($add['ppath'], 1);
$add['postpass'] = RepPostStr($add['postpass'], 1);
$add['postfile'] = RepPostStr($add['postfile'], 1);
$add['tempgid'] = (int) $add['tempgid'];
$add['mustdt'] = (int) $add['mustdt'];
$add['isclose'] = (int) $add['isclose'];
$add['closeadd'] = (int) $add['closeadd'];
if (!file_exists($add['ppath'] . 'e/config/config.php')) {
printerror("ErrorMoreportPath", "history.go(-1)");
}
$sql = $empire->query("update {$dbtbpre}enewsmoreport set pname='{$add['pname']}',purl='{$add['purl']}',ppath='{$add['ppath']}',postpass='******'postpass']}',postfile='{$add['postfile']}',tempgid='{$add['tempgid']}',mustdt='{$add['mustdt']}',isclose='{$add['isclose']}',closeadd='{$add['closeadd']}' where pid='{$add['pid']}'");
//更新缓存
Moreport_UpdateIsclose();
GetConfig();
if ($sql) {
//操作日志
insert_dolog("pid={$add['pid']}&pname={$add['pname']}");
printerror("EditMoreportSuccess", "ListMoreport.php" . hReturnEcmsHashStrHref2(1));
} else {
printerror("DbError", "history.go(-1)");
}
}
function EditSafeInfo($add)
{
global $empire, $dbtbpre, $public_r;
$user_r = islogin();
//是否登陆
$userid = $user_r[userid];
$username = $user_r[username];
$rnd = $user_r[rnd];
//邮箱
$email = trim($add['email']);
if (!$email || !chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
$email = RepPostStr($email);
//验证原密码
$oldpassword = RepPostVar($add[oldpassword]);
if (!$oldpassword) {
printerror('FailOldPassword', '', 1);
}
$add[password] = RepPostVar($add[password]);
$num = 0;
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid,password,salt') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}'");
if (empty($ur['userid'])) {
printerror('FailOldPassword', '', 1);
}
if (!eDoCkMemberPw($oldpassword, $ur['password'], $ur['salt'])) {
printerror('FailOldPassword', '', 1);
}
//邮箱
$pr = $empire->fetch1("select regemailonly from {$dbtbpre}enewspublic limit 1");
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' and " . egetmf('userid') . "<>'{$userid}' limit 1");
if ($num) {
printerror("ReEmailFail", "history.go(-1)", 1);
}
}
//密码
$a = '';
$salt = '';
$truepassword = '';
if ($add[password]) {
if ($add[password] !== $add[repassword]) {
printerror('NotRepassword', 'history.go(-1)', 1);
}
$salt = eReturnMemberSalt();
$password = eDoMemberPw($add[password], $salt);
$a = "," . egetmf('password') . "='{$password}'," . egetmf('salt') . "='{$salt}'";
$truepassword = $add[password];
}
$sql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('email') . "='{$email}'" . $a . " where " . egetmf('userid') . "='{$userid}'");
if ($sql) {
//易通行系统
DoEpassport('editpassword', $userid, $username, $truepassword, $salt, $email, $user_r['groupid'], '');
printerror("EditInfoSuccess", "../member/EditInfo/EditSafeInfo.php", 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function DoSetSpace($add)
{
global $empire, $dbtbpre;
$user_r = islogin();
//是否登陆
$spacename = RepPostStr($add['spacename']);
$spacegg = RepPostStr($add['spacegg']);
$sql = $empire->query("update {$dbtbpre}enewsmemberadd set spacename='{$spacename}',spacegg='{$spacegg}' where userid='{$user_r['userid']}' limit 1");
if ($sql) {
printerror('SetSpaceSuccess', 'SetSpace.php', 1);
} else {
printerror('DbError', '', 1);
}
}
function ReMemberGbook($add)
{
global $empire, $dbtbpre;
$user_r = islogin();
//ÊÇ·ñµÇ½
$gid = intval($add['gid']);
if (!$gid) {
printerror("EmptyReMemberGbook", "history.go(-1)", 1);
}
$retext = RepPostStr($add['retext']);
$sql = $empire->query("update {$dbtbpre}enewsmembergbook set retext='{$retext}' where gid='{$gid}' and userid='{$user_r['userid']}'");
if ($sql) {
printerror("ReMemberGbookSuccess", $_SERVER['HTTP_REFERER'], 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function AddMemberFeedback($add)
{
global $empire, $dbtbpre;
//验证码
$keyvname = 'checkspacefbkey';
ecmsCheckShowKey($keyvname, $add['key'], 1);
//用户
$userid = intval($add['userid']);
$ur = $empire->fetch1("select " . egetmf('userid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
if (empty($ur['userid'])) {
printerror("NotUsername", "", 1);
}
//发表者
$uid = (int) getcvar('mluserid');
if ($uid) {
$uname = RepPostVar(getcvar('mlusername'));
} else {
$uid = 0;
$uname = '';
}
$uname = RepPostStr($uname);
$name = RepPostStr($add['name']);
$company = RepPostStr($add['company']);
$phone = RepPostStr($add['phone']);
$fax = RepPostStr($add['fax']);
$email = RepPostStr($add['email']);
$address = RepPostStr($add['address']);
$zip = RepPostStr($add['zip']);
$title = RepPostStr($add['title']);
$ftext = RepPostStr($add['ftext']);
if (!trim($name) || !trim($title) || !trim($ftext)) {
printerror("EmptyMemberFeedback", "history.go(-1)", 1);
}
$addtime = date("Y-m-d H:i:s");
$ip = egetip();
$eipport = egetipport();
$sql = $empire->query("insert into {$dbtbpre}enewsmemberfeedback(name,company,phone,fax,email,address,zip,title,ftext,userid,ip,uid,uname,addtime,eipport) values('{$name}','{$company}','{$phone}','{$fax}','{$email}','{$address}','{$zip}','{$title}','{$ftext}',{$userid},'{$ip}',{$uid},'{$uname}','{$addtime}','{$eipport}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
printerror("AddMemberFeedbackSuccess", $_SERVER['HTTP_REFERER'], 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function AddMsg($add)
{
global $empire, $level_r, $dbtbpre;
$user = islogin();
$title = RepPostStr(trim($add['title']));
$to_username = RepPostVar(trim($add['to_username']));
$msgtext = RepPostStr($add['msgtext']);
if (empty($title) || !trim($msgtext) || empty($to_username)) {
printerror("EmptyMsg", "", 1);
}
if ($user['username'] == $to_username) {
printerror("MsgToself", "", 1);
}
//字数
$len = strlen($msgtext);
if ($len > $level_r[$user[groupid]][msglen]) {
printerror("MoreMsglen", "", 1);
}
//接收方是否存在
$r = $empire->fetch1("select " . eReturnSelectMemberF('userid,groupid') . " from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$to_username}' limit 1");
if (!$r['userid']) {
printerror("MsgNotToUsername", "", 1);
}
//对方短消息是否满
$mnum = $empire->gettotal("select count(*) as total from {$dbtbpre}enewsqmsg where to_username='******'");
if ($mnum + 1 > $level_r[$r[groupid]][msgnum]) {
printerror("UserMoreMsgnum", "", 1);
}
$msgtime = date("Y-m-d H:i:s");
$sql = $empire->query("insert into {$dbtbpre}enewsqmsg(title,msgtext,haveread,msgtime,to_username,from_userid,from_username,isadmin,issys) values('" . addslashes($title) . "','" . addslashes($msgtext) . "',0,'{$msgtime}','{$to_username}','{$user['userid']}','{$user['username']}',0,0);");
$newhavemsg = eReturnSetHavemsg($user['havemsg'], 0);
$usql = $empire->query("update " . eReturnMemberTable() . " set " . egetmf('havemsg') . "='{$newhavemsg}' where " . egetmf('username') . "='{$to_username}' limit 1");
if ($sql) {
printerror("AddMsgSuccess", "../member/msg/", 1);
} else {
printerror("DbError", "", 1);
}
}
function PayApiShopPay($ddid, $money, $paybz, $orderid, $userid, $username, $ecms_paytype)
{
global $empire, $dbtbpre;
//验证是否重复提交
$orderid = RepPostVar($orderid);
$num = $empire->gettotal("select count(*) as total from {$dbtbpre}enewspayrecord where orderid='{$orderid}' limit 1");
if ($num) {
printerror('您已成功购买此订单', '../../ShopSys/buycar/', 1, 0, 1);
}
$ddr = PayApiShopDdMoney($ddid);
if ($money == $ddr['tmoney']) {
$money = (double) $money;
$sql = $empire->query("update {$dbtbpre}enewsshopdd set haveprice=1 where ddid='{$ddid}'");
$posttime = date("Y-m-d H:i:s");
$payip = egetip();
$userid = (int) $ddr[userid];
$username = $ddr[username] ? $ddr[username] : $ddr[truename];
$username = RepPostStr($username);
$paybz = str_replace('[!--ddno--]', $ddr[ddno], $paybz);
$empire->query("insert into {$dbtbpre}enewspayrecord(id,userid,username,orderid,money,posttime,paybz,type,payip) values(NULL,'{$userid}','{$username}','{$orderid}','{$money}','{$posttime}','{$paybz}','{$ecms_paytype}','{$payip}');");
}
printerror('您已成功购买此订单', '../../ShopSys/buycar/', 1, 0, 1);
}
function DoWapListPage($num, $line, $page, $search)
{
if (empty($num)) {
return '';
}
$str = '';
$pagenum = ceil($num / $line);
$search = RepPostStr($search, 1);
$phpself = eReturnSelfPage(0);
if ($page) {
$str .= "<a href=\"" . $phpself . "?page=0" . $search . "\">首页</a> ";
}
if ($page) {
$str .= "<a href=\"" . $phpself . "?page=" . ($page - 1) . $search . "\">上一页</a> ";
}
if ($page != $pagenum - 1) {
$str .= "<a href=\"" . $phpself . "?page=" . ($page + 1) . $search . "\">下一页</a> ";
}
if ($page != $pagenum - 1) {
$str .= "<a href=\"" . $phpself . "?page=" . ($pagenum - 1) . $search . "\">尾页</a> ";
}
return $str;
}
function EditSafeInfo($add)
{
global $empire, $user_tablename, $public_r, $user_userid, $user_username, $user_password, $user_dopass, $user_email, $user_salt, $user_saltnum, $dbtbpre, $user_group;
$user_r = islogin();
//是否登陆
$userid = $user_r[userid];
$username = $user_r[username];
$rnd = $user_r[rnd];
//邮箱
$email = trim($add['email']);
if (!$email || !chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
$email = RepPostStr($email);
$email = doUtfAndGbk($email, 0);
//验证原密码
$oldpassword = RepPostVar($add[oldpassword]);
if (!$oldpassword) {
printerror('FailOldPassword', '', 1);
}
$a = '';
$sa = '';
$add[password] = RepPostVar($add[password]);
$password = doUtfAndGbk($add[password], 0);
$oldpassword = doUtfAndGbk($oldpassword, 0);
if (empty($user_dopass)) {
$password = md5($password);
$oldpassword = md5($oldpassword);
} elseif ($user_dopass == 2) {
$salt = make_password($user_saltnum);
$password = md5(md5($password) . $salt);
$sa = "," . $user_salt . "='{$salt}'";
} elseif ($user_dopass == 3) {
$password = substr(md5($password), 8, 16);
$oldpassword = substr(md5($oldpassword), 8, 16);
}
$num = 0;
//双重md5
if ($user_dopass == 2) {
$ur = $empire->fetch1("select " . $user_userid . "," . $user_salt . "," . $user_password . " from " . $user_tablename . " where " . $user_userid . "='{$userid}'");
$oldpassword = md5(md5($oldpassword) . $ur[$user_salt]);
$num = 0;
if ($oldpassword == $ur[$user_password]) {
$num = 1;
}
if (empty($ur[$user_userid])) {
$num = 0;
}
} else {
$num = $empire->gettotal("select count(*) as total from " . $user_tablename . " where " . $user_userid . "='{$userid}' and " . $user_password . "='" . $oldpassword . "'");
}
if (!$num) {
printerror('FailOldPassword', '', 1);
}
//邮箱
$pr = $empire->fetch1("select regemailonly from {$dbtbpre}enewspublic limit 1");
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . $user_tablename . " where " . $user_email . "='{$email}' and " . $user_userid . "<>'{$userid}' limit 1");
if ($num) {
printerror("ReEmailFail", "history.go(-1)", 1);
}
}
//密码
if ($add[password]) {
if ($add[password] !== $add[repassword]) {
printerror('NotRepassword', 'history.go(-1)', 1);
}
$a = "," . $user_password . "='" . $password . "'" . $sa;
}
$sql = $empire->query("update " . $user_tablename . " set " . $user_email . "='{$email}'" . $a . " where " . $user_userid . "='{$userid}'");
if ($sql) {
printerror("EditInfoSuccess", "../member/EditInfo/EditSafeInfo.php", 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
$page = RepPIntvar($page);
$start = 0;
$line = 12;
//每页显示条数
$page_line = 12;
//每页显示链接数
$offset = $page * $line;
//总偏移量
//搜索
$search = '';
$search .= $ecms_hashur['ehref'];
$and = '';
if ($_GET['sear']) {
$keyboard = RepPostVar2($_GET['keyboard']);
if ($keyboard) {
$show = RepPostStr($_GET['show'], 1);
if ($show == 1) {
$and .= " where gbtext like '%{$keyboard}%'";
} elseif ($show == 2) {
$and .= " where retext like '%{$keyboard}%'";
} elseif ($show == 3) {
$and .= " where uname like '%{$keyboard}%'";
} elseif ($show == 4) {
$and .= " where userid='{$keyboard}'";
} elseif ($show == 5) {
$and .= " where ip like '%{$keyboard}%'";
}
$search .= "&sear=1&keyboard={$keyboard}&show={$show}";
}
}
$query = "select gid,isprivate,uid,uname,ip,addtime,gbtext,retext,userid,eipport from {$dbtbpre}enewsmembergbook" . $and;
function DelMoreGbook($add, $logininid, $loginin)
{
global $empire, $dbtbpre;
CheckLevel($logininid, $loginin, $classid, "gbook");
//验证权限
//变量处理
$name = RepPostStr($add['name']);
$ip = RepPostVar($add['ip']);
$email = RepPostStr($add['email']);
$mycall = RepPostStr($add['mycall']);
$lytext = RepPostStr($add['lytext']);
$startlyid = (int) $add['startlyid'];
$endlyid = (int) $add['endlyid'];
$startlytime = RepPostVar($add['startlytime']);
$endlytime = RepPostVar($add['endlytime']);
$checked = (int) $add['checked'];
$ismember = (int) $add['ismember'];
$bid = (int) $add['bid'];
$havere = (int) $add['havere'];
$where = '';
//留言分类
if ($bid) {
$where .= " and bid='{$bid}'";
}
//是否会员
if ($ismember) {
if ($ismember == 1) {
$where .= " and userid=0";
} else {
$where .= " and userid>0";
}
}
//留言ID
if ($endlyid) {
$where .= ' and lyid BETWEEN ' . $startlyid . ' and ' . $endlyid;
}
//发布时间
if ($startlytime && $endlytime) {
$where .= " and lytime>='{$startlytime}' and lytime<='{$endlytime}'";
}
//是否审核
if ($checked) {
$checkval = $checked == 1 ? 0 : 1;
$where .= " and checked='{$checkval}'";
}
//是否回复
if ($havere) {
if ($havere == 1) {
$where .= " and retext<>''";
} else {
$where .= " and retext=''";
}
}
//姓名
if ($name) {
$where .= " and name like '%{$name}%'";
}
//发布IP
if ($ip) {
$where .= " and ip like '%{$ip}%'";
}
//邮箱
if ($email) {
$where .= " and email like '%{$email}%'";
}
//电话
if ($mycall) {
$where .= " and `mycall` like '%{$mycall}%'";
}
//留言内容
if ($lytext) {
$where .= " and lytext like '%{$lytext}%'";
}
if (!$where) {
printerror("EmptyDelMoreGbook", "history.go(-1)");
}
$where = substr($where, 5);
$sql = $empire->query("delete from {$dbtbpre}enewsgbook where " . $where);
insert_dolog("");
//操作日志
printerror("DelGbookSuccess", "DelMoreGbook.php" . hReturnEcmsHashStrHref2(1));
}
$search = $ecms_hashur['ehref'];
$page = (int) $_GET['page'];
$page = RepPIntvar($page);
$start = 0;
$line = 25;
//每页显示条数
$page_line = 18;
//每页显示链接数
$offset = $page * $line;
//总偏移量
$totalquery = "select count(*) as total from {$dbtbpre}enewsshopdd";
$query = "select ddid,ddno,ddtime,userid,username,outproduct,haveprice,checked,truename,psid,psname,pstotal,alltotal,payfsid,payfsname,payby,alltotalfen,fp,fptotal,pretotal from {$dbtbpre}enewsshopdd";
$add = '';
$and = ' where ';
//搜索
$sear = RepPostStr($_GET['sear'], 1);
if ($sear) {
$keyboard = $_GET['keyboard'];
$keyboard = RepPostVar2($keyboard);
if ($keyboard) {
$show = (int) $_GET['show'];
if ($show == 1) {
$add = $and . "ddno like '%{$keyboard}%'";
} elseif ($show == 2) {
$add = $and . "username like '%{$keyboard}%'";
} elseif ($show == 3) {
$add = $and . "truename like '%{$keyboard}%'";
} elseif ($show == 4) {
$add = $and . "email like '%{$keyboard}%'";
} else {
$add = $and . "address like '%{$keyboard}%'";
function AddDd($add)
{
global $empire, $user_tablename, $user_money, $user_userid, $user_userfen, $user_rnd, $public_r, $dbtbpre;
//验证权限
ShopCheckAddDdGroup();
//购物车无内容
if (!getcvar('mybuycar')) {
printerror("EmptyBuycar", "history.go(-1)", 1);
}
$add[ddno] = RepPostVar($add[ddno]);
$add[truename] = RepPostStr($add[truename]);
$add[oicq] = RepPostStr($add[oicq]);
$add[msn] = RepPostStr($add[msn]);
$add[call] = RepPostStr($add[call]);
$add[phone] = RepPostStr($add[phone]);
$add[email] = RepPostStr($add[email]);
$add[address] = RepPostStr($add[address]);
$add[zip] = RepPostStr($add[zip]);
$add[bz] = RepPostStr($add[bz]);
$add[g_truename] = RepPostStr($add[g_truename]);
$add[g_oicq] = RepPostStr($add[g_oicq]);
$add[g_msn] = RepPostStr($add[g_msn]);
$add[g_call] = RepPostStr($add[g_call]);
$add[g_phone] = RepPostStr($add[g_phone]);
$add[g_email] = RepPostStr($add[g_email]);
$add[g_address] = RepPostStr($add[g_address]);
$add[g_zip] = RepPostStr($add[g_zip]);
$add[fptt] = RepPostStr($add[fptt]);
$add[fp] = (int) $add[fp];
$add[psid] = (int) $add[psid];
$add[payfsid] = (int) $add[payfsid];
if (!$add[truename] || !$add[call] || !$add[email] || !$add[address] || !$add[g_truename] || !$add[g_call] || !$add[g_address] || !$add[g_email] || !$add[psid] || !$add[payfsid]) {
printerror("MustEnterSelect", "history.go(-1)", 1);
}
$mess = "AddDdSuccess";
$haveprice = 0;
$payby = 0;
//返回购物车存放格式
$buyr = ReturnBuycardd();
$alltotal = $buyr[2];
$alltotalfen = $buyr[1];
$buycar = $buyr[3];
//发票
$fptotal = 0;
if ($add[fp]) {
$fptotal = $alltotal * ($public_r[fpnum] / 100);
}
//配送方式
$pr = $empire->fetch1("select pid,pname,price from {$dbtbpre}enewsshopps where pid='{$add['psid']}'");
if (empty($pr[pid])) {
printerror("NotPsid", "history.go(-1)", 1);
}
//支付方式
$payr = $empire->fetch1("select payid,payname,payurl,userpay,userfen from {$dbtbpre}enewsshoppayfs where payid='{$add['payfsid']}'");
if (empty($payr[payid])) {
printerror("NotPayfsid", "history.go(-1)", 1);
}
//取得用户信息
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
if ($userid) {
$rnd = RepPostVar(getcvar('mlrnd'));
$user = $empire->fetch1("select " . $user_userid . "," . $user_money . "," . $user_userfen . " from " . $user_tablename . " where " . $user_userid . "='{$userid}' and " . $user_rnd . "='{$rnd}' limit 1");
if (!$user[$user_userid]) {
printerror("MustSingleUser", "history.go(-1)", 1);
}
}
$location = "../ShopSys/buycar/";
//直接扣点
if ($payr[userfen]) {
if ($buyr[0]) {
printerror("NotProductForBuyfen", "history.go(-1)", 1);
} else {
if ($userid) {
$buyallfen = $alltotalfen + $pr[price];
if ($buyallfen > $user[$user_userfen]) {
printerror("NotEnoughFenBuy", "history.go(-1)", 1);
}
//扣除点数
$usql = $empire->query("update " . $user_tablename . " set " . $user_userfen . "=" . $user_userfen . "-" . $buyallfen . " where " . $user_userid . "='{$userid}'");
if ($usql) {
$mess = "AddDdSuccessa";
$payby = 1;
$haveprice = 1;
}
} else {
printerror("NotLoginTobuy", "history.go(-1)", 1);
}
}
} elseif ($payr[userpay]) {
if ($userid) {
$buyallmoney = $alltotal + $pr[price] + $fptotal;
if ($buyallmoney > $user[$user_money]) {
printerror("NotEnoughMoneyBuy", "history.go(-1)", 1);
}
//扣除金额
$usql = $empire->query("update " . $user_tablename . " set " . $user_money . "=" . $user_money . "-" . $buyallmoney . " where " . $user_userid . "='{$userid}'");
if ($usql) {
$mess = "AddDdSuccessa";
$payby = 2;
$haveprice = 1;
}
} else {
printerror("NotLoginTobuy", "history.go(-1)", 1);
}
} elseif ($payr[payurl]) {
$mess = "AddDdAndToPaySuccess";
$location = $payr[payurl];
} else {
}
$ddtime = date("Y-m-d H:i:s");
$pr[price] = (double) $pr[price];
$alltotal = (double) $alltotal;
$alltotalfen = (double) $alltotalfen;
$fptotal = (double) $fptotal;
$sql = $empire->query("insert into {$dbtbpre}enewsshopdd(ddno,ddtime,userid,username,outproduct,haveprice,checked,truename,oicq,msn,email,`call`,phone,address,zip,bz,g_truename,g_oicq,g_msn,g_email,g_call,g_phone,g_address,g_zip,buycar,psid,psname,pstotal,alltotal,payfsid,payfsname,payby,alltotalfen,fp,fptt,fptotal) values('{$add['ddno']}','{$ddtime}',{$userid},'{$username}',0,'{$haveprice}',0,'{$add['truename']}','{$add['oicq']}','{$add['msn']}','{$add['email']}','{$add['call']}','{$add['phone']}','{$add['address']}','{$add['zip']}','{$add['bz']}','{$add['g_truename']}','{$add['g_oicq']}','{$add['g_msn']}','{$add['g_email']}','{$add['g_call']}','{$add['g_phone']}','{$add['g_address']}','{$add['g_zip']}','" . addslashes($buycar) . "','{$add['psid']}','{$pr['pname']}',{$pr['price']},{$alltotal},'{$add['payfsid']}','{$payr['payname']}','{$payby}',{$alltotalfen},{$add['fp']},'{$add['fptt']}',{$fptotal});");
if ($sql) {
$ddid = $empire->lastid();
$set = esetcookie("paymoneyddid", $ddid, 0);
SetBuycar("");
printerror($mess, $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
$add = '';
//分类
$cid = (int) $_GET['cid'];
if ($cid) {
$add .= " and cid='{$cid}'";
}
//栏目
$classid = (int) $_GET['classid'];
if ($classid) {
$classwhere = ReturnClass($class_r[$classid][featherclass]);
$add .= " and (classid=0 or classid='{$classid}' or (" . $classwhere . "))";
}
//表ID
$tid = (int) $_GET['tid'];
//ID
$ids = RepPostStr($_GET['id'], 1);
if (!$ids) {
echo "<script>alert('请选择信息');window.close();</script>";
exit;
}
$query = "select spid,spname,varname,sppic,spsay from {$dbtbpre}enewssp where sptype=2 and isclose=0 and (cladd=0 or (cladd=1 and (groupid like '%," . $lur[groupid] . ",%' or userclass like '%," . $lur[classid] . ",%' or username like '%," . $lur[username] . ",%')))" . $add . " order by spid desc";
$sql = $empire->query($query);
//分类
$scstr = "";
$scsql = $empire->query("select classid,classname from {$dbtbpre}enewsspclass order by classid");
while ($scr = $empire->fetch($scsql)) {
$select = "";
if ($scr[classid] == $cid) {
$select = " selected";
}
$scstr .= "<option value='" . $scr[classid] . "'" . $select . ">" . $scr[classname] . "</option>";
<?php
require "../../class/connect.php";
require "../../class/q_functions.php";
require "../../class/db_sql.php";
require "../../member/class/user.php";
require "../class/ShopSysFun.php";
$link = db_connect();
$empire = new mysqlquery();
$editor = 1;
eCheckCloseMods('shop');
//关闭模块
$user = islogin();
$enews = RepPostStr($_GET['enews'], 1);
if (empty($enews)) {
$enews = "AddAddress";
}
$r = array();
$addressid = (int) $_GET['addressid'];
if ($enews == 'EditAddress') {
$r = $empire->fetch1("select * from {$dbtbpre}enewsshop_address where addressid='{$addressid}' and userid='{$user['userid']}' limit 1");
}
//导入模板
require ECMS_PATH . DASHBOARD . '/template/ShopSys/AddAddress.php';
db_close();
$empire = null;
function EditFriendClass($add)
{
global $empire, $dbtbpre;
$add[cid] = (int) $add[cid];
if (!trim($add[cname]) || !$add[cid]) {
printerror('EmptyFavaClassname', 'history.go(-1)', 1);
}
//是否登陆
$user_r = islogin();
$add[cname] = RepPostStr($add[cname]);
$sql = $empire->query("update {$dbtbpre}enewshyclass set cname='{$add['cname']}' where cid='{$add['cid']}' and userid='{$user_r['userid']}'");
if ($sql) {
printerror('EditFavaClassSuccess', '../member/friend/FriendClass/', 1);
} else {
printerror('DbError', 'history.go(-1)', 1);
}
}
//验证用户
$lur = is_login();
$logininid = $lur['userid'];
$loginin = $lur['username'];
$loginrnd = $lur['rnd'];
$loginlevel = $lur['groupid'];
$loginadminstyleid = $lur['adminstyleid'];
//ehash
$ecms_hashur = hReturnEcmsHashStrAll();
$add = $_GET;
$havehtml = (int) $add['havehtml'];
$add[classid] = RepPostVar($add[classid]);
$add[from] = RepPostStrUrl($add[from]);
$add[retype] = RepPostStr($add[retype], 1);
$add[startday] = RepPostStr($add[startday], 1);
$add[endday] = RepPostStr($add[endday], 1);
$add[startid] = RepPostVar($add[startid]);
$add[endid] = RepPostVar($add[endid]);
$tbname = $add['tbname'];
$count = count($tbname);
//刷新所有表
if (!$count) {
$j = 0;
$tsql = $empire->query("select tbname from {$dbtbpre}enewstable where intb=0 order by tid");
while ($tr = $empire->fetch($tsql)) {
$tbname[$j] = $tr[tbname];
$j++;
}
$count = count($tbname);
}
esetcookie("retablenum", $count, 0, 1);
function AddError($add)
{
global $empire, $class_r, $dbtbpre;
CheckCanPostUrl();
//验证来源
$id = (int) $add['id'];
$classid = (int) $add['classid'];
if (!$classid || !$id || !trim($add[errortext])) {
printerror("EmptyErrortext", "history.go(-1)", 1);
}
//返回标题链接
if (empty($class_r[$classid][tbname])) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
$r = $empire->fetch1("select isurl,titleurl,classid,id from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' limit 1");
if (empty($r[id]) || $r['classid'] != $classid) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
$cid = (int) $add[cid];
$titleurl = sys_ReturnBqTitleLink($r);
$email = RepPostStr($add[email]);
$ip = egetip();
$errortext = RepPostStr($add[errortext]);
$errortime = date("Y-m-d H:i:s");
$sql = $empire->query("insert into {$dbtbpre}enewsdownerror(id,errortext,errorip,errortime,email,classid,cid) values({$id},'" . addslashes($errortext) . "','{$ip}','{$errortime}','" . addslashes($email) . "',{$classid},'{$cid}');");
if ($sql) {
printerror("AddErrorSuccess", $titleurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
}
$search = $ecms_hashur['ehref'];
$line = 25;
$page_line = 12;
$page = (int) $_GET['page'];
$page = RepPIntvar($page);
$start = 0;
$offset = $page * $line;
$url = "<a href=ListMember.php" . $ecms_hashur['whehref'] . ">管理会员</a>";
$add = "";
//搜索
$sear = $_POST['sear'];
if (empty($sear)) {
$sear = $_GET['sear'];
}
$sear = RepPostStr($sear, 1);
if ($sear) {
$groupid = $_POST['groupid'];
if (empty($groupid)) {
$groupid = $_GET['groupid'];
}
$keyboard = $_POST['keyboard'];
if (empty($keyboard)) {
$keyboard = $_GET['keyboard'];
}
$keyboard = RepPostVar2($keyboard);
$show = (int) $_GET['show'];
if ($keyboard) {
if ($show == 2) {
$add = " where " . egetmf('email') . " like '%{$keyboard}%'";
} else {
if ($r['dohour']) {
$re['chdate'] .= '-' . $dr[2];
$re['date'] .= '-G';
}
if ($r['dominute']) {
$re['chdate'] .= '-' . $dr[3];
$re['date'] .= '-i';
}
if (date($re['date'], $r['lastdo']) == $re['chdate']) {
return false;
}
return true;
}
$retasktime = 20;
$tasksql = "select id,filename,lastdo,doweek,doday,dohour,dominute,userid,taskname from {$dbtbpre}enewstask where isopen=1 and (userid=0 or (userid<>0 and userid='{$logininid}'))";
$ecms = RepPostStr($_GET['ecms'], 1);
echo "<title>执行计划任务</title><link href='adminstyle/" . $loginadminstyleid . "/adminstyle.css' rel='stylesheet' type='text/css'>";
//执行
if ($ecms == 'dotask') {
$id = (int) $_GET['id'];
if (empty($id)) {
exit;
}
$r = $empire->fetch1("select id,filename,lastdo,doweek,doday,dohour,dominute,userid,taskname from {$dbtbpre}enewstask where id={$id} and isopen=1 limit 1");
$file = '../tasks/' . $r['filename'];
if (empty($r['id']) || empty($r['filename']) || !file_exists($file)) {
exit;
}
$lasttime = CheckDoTask($r);
if ($lasttime) {
echo "<script>parent.WriteTaskLog('任务 <" . $r['taskname'] . "> 开始执行......');</script>";
$type = (int) $type;
$filepass = (int) $filepass;
if ($action == "catchimage") {
for ($i = 0; $i < count($file_r['list']); $i++) {
if ($file_r['list'][$i]['state'] == "SUCCESS") {
$title = RepPostStr(trim($file_r['list'][$i]['title']));
$filesize = RepPostStr(trim($file_r['list'][$i]['size']));
$original = RepPostStr(trim($file_r['list'][$i]['original']));
eInsertFileTable($title, $filesize, $filepath, $username, $classid, $original, $type, $filepass, $filepass, $public_r[fpath], 0, 0, 0);
}
}
} else {
if ($file_r['state'] == "SUCCESS") {
$title = RepPostStr(trim($file_r[title]));
$filesize = RepPostStr(trim($file_r[size]));
$original = RepPostStr(trim($file_r[original]));
eInsertFileTable($title, $filesize, $filepath, $username, $classid, $original, $type, $filepass, $filepass, $public_r[fpath], 0, 0, 0);
}
}
// 反馈附件入库
//eInsertFileTable($tfr[filename],$filesize,$filepath,'[Member]'.$username,$classid,'[FB]'.addslashes(RepPostStr($add[title])),$type,$filepass,$filepass,$public_r[fpath],0,4,0);
}
/* 输出结果 */
if (isset($_GET["callback"])) {
if (preg_match("/^[\\w_]+\$/", $_GET["callback"])) {
echo htmlspecialchars($_GET["callback"]) . '(' . $result . ')';
} else {
echo json_encode(array('state' => 'callback参数不合法'));
}
} else {
echo $result;
echo $tranname;
?>
附件</td>
</tr>
<tr bgcolor="#FFFFFF">
<td width="16%">远程保存</td>
<td width="84%"><input name="tranurl" type="text" id="tranurl" value="http://" size="36"></td>
</tr>
<tr bgcolor="#FFFFFF">
<td>本地上传</td>
<td><input name="file" type="file" size="32"> </td>
</tr>
<tr bgcolor="#FFFFFF">
<td>文件别名</td>
<td><input name="no" type="text" id="no" value="<?php
echo RepPostStr($_GET['fileno'], 1);
?>
" size="36">
</td>
</tr>
<tr bgcolor="#FFFFFF">
<td>图片选项</td>
<td> <input name="getmark" type="checkbox" id="getmark" value="1">
<a href="../SetEnews.php<?php
echo $ecms_hashur['whehref'];
?>
" target="_blank">加水印</a> <input name="getsmall" type="checkbox" id="getsmall" value="1">
生成缩略图:宽度 <input name="width" type="text" id="width" value="<?php
echo $public_r['spicwidth'];
?>
" size="6">
require "../class/connect.php";
include "../class/db_sql.php";
include "../class/functions.php";
$link = db_connect();
$empire = new mysqlquery();
//验证用户
$lur = is_login();
$logininid = $lur['userid'];
$loginin = $lur['username'];
$loginrnd = $lur['rnd'];
$loginlevel = $lur['groupid'];
$loginadminstyleid = $lur['adminstyleid'];
//ehash
$ecms_hashur = hReturnEcmsHashStrAll();
$ecms = RepPostStr($_GET['ecms'], 1);
$classid = RepPostStr($_GET['classid'], 1);
$fcjsfile = '../data/fc/cmsclass.js';
$do_class = GetFcfiletext($fcjsfile);
$do_class = str_replace("<option value='{$classid}'", "<option value='{$classid}' selected", $do_class);
//增加信息页导航
if ($ecms == 1) {
//$show="增加信息:<select name=\\\"select\\\" onchange=\\\"if(this.options[this.selectedIndex].value!=0){self.location.href='AddNews.php?".$ecms_hashur['ehref']."&bclassid=&classid='+this.options[this.selectedIndex].value+'&enews=AddNews';}\\\"><option value='0'>选择增加信息的栏目</option>".$do_class."</select>";
//echo"<script>parent.document.getElementById(\"showclassnav\").innerHTML=\"".$show."\";</script>";
$show = "<select name='copyclassid[]' id='copyclassid[]' size='12' style='width:320' multiple>" . $do_class . "</select>";
echo "<script>parent.document.getElementById(\"copyinfoshowclassnav\").innerHTML=\"" . $show . "\";</script>";
} elseif ($ecms == 2) {
$show = "<select name='addclassid' id='addclassid'><option value='0'>选择增加信息的栏目</option>" . $do_class . "</select>";
echo "<script>parent.document.getElementById(\"showaddclassnav\").innerHTML=\"" . $show . "\";";
$show = "<select name='classid' id='classid'><option value='0'>所有栏目</option>" . $do_class . "</select>";
echo "parent.document.getElementById(\"searchclassnav\").innerHTML=\"" . $show . "\";";
$show = "<select name='to_classid' id='to_classid'><option value='0'>选择要移动/复制的目标栏目</option>" . $do_class . "</select>";
$loginrnd = $lur['rnd'];
$loginlevel = $lur['groupid'];
$loginadminstyleid = $lur['adminstyleid'];
//ehash
$ecms_hashur = hReturnEcmsHashStrAll();
//验证权限
CheckLevel($logininid, $loginin, $classid, "votemod");
$enews = ehtmlspecialchars($_GET['enews']);
$r[width] = 500;
$r[height] = 300;
$voteclass0 = " checked";
$doip0 = " checked";
$editnum = 8;
$url = "<a href=ListVoteMod.php" . $ecms_hashur['whehref'] . ">管理预设投票</a> > 增加预设投票";
//复制
$docopy = RepPostStr($_GET['docopy'], 1);
if ($docopy && $enews == "AddVoteMod") {
$copyvote = 1;
}
//修改
if ($enews == "EditVoteMod" || $copyvote) {
if ($copyvote) {
$thisdo = "复制";
} else {
$thisdo = "修改";
}
$voteid = (int) $_GET['voteid'];
$r = $empire->fetch1("select * from {$dbtbpre}enewsvotemod where voteid='{$voteid}'");
$url = "<a href=ListVoteMod.php" . $ecms_hashur['whehref'] . ">管理预设投票</a> > " . $thisdo . "预设投票:<b>" . $r[title] . "</b>";
$str = "dotime" . $r[dotime];
${$str} = " selected";
function DelMorePlByText($add, $logininid, $loginin)
{
global $empire, $dbtbpre, $class_r;
CheckLevel($logininid, $loginin, $classid, "pl");
//验证权限
//变量处理
$saytext = RepPostStr($add['saytext']);
if (!$saytext) {
printerror("EmptyDelMorePl", "history.go(-1)");
}
$classid = (int) $add['classid'];
$where = '';
//栏目
if ($classid) {
if (empty($class_r[$classid][islast])) {
$cwhere = ReturnClass($class_r[$classid][sonclass]);
} else {
$cwhere = "classid='{$classid}'";
}
$where .= $cwhere . ' and ';
}
//发布内容
$twhere = '';
$or = '';
$tr = explode('|', $saytext);
$count = count($tr);
for ($i = 0; $i < $count; $i++) {
$twhere .= $or . "saytext like '%" . $tr[$i] . "%'";
$or = ' or ';
}
$where .= '(' . $twhere . ')';
$tbr = $empire->fetch1("select pldatatbs from {$dbtbpre}enewspublic limit 1");
if ($tbr['pldatatbs']) {
$dtbr = explode(',', $tbr['pldatatbs']);
$tcount = count($dtbr) - 1;
for ($ti = 1; $ti < $tcount; $ti++) {
$sql = $empire->query("select plid,id,classid from {$dbtbpre}enewspl_data_" . $dtbr[$ti] . " where " . $where);
while ($r = $empire->fetch($sql)) {
if ($class_r[$r[classid]][tbname]) {
$empire->query("update {$dbtbpre}ecms_" . $class_r[$r[classid]][tbname] . " set plnum=plnum-1 where id='{$r['id']}'");
}
$empire->query("delete from {$dbtbpre}enewspl where plid='{$r['plid']}'");
$empire->query("delete from {$dbtbpre}enewspl_data_" . $dtbr[$ti] . " where plid='{$r['plid']}'");
}
}
}
insert_dolog("");
//操作日志
printerror("DelPlSuccess", "DelMorePl.php");
}
$add .= " and cid='{$cid}'";
$search .= "&cid={$cid}";
}
//关键字
if ($_GET['keyboard']) {
$keyboard = RepPostVar($_GET['keyboard']);
$show = (int) $_GET['show'];
if ($show == 1) {
$add .= " and tagid='{$keyboard}'";
} else {
$add .= " and tagname like '%{$keyboard}%'";
}
$search .= "&show={$show}&keyboard={$keyboard}";
}
//排序
$orderby = RepPostStr($_GET['orderby'], 1);
if ($orderby == 1) {
$doorder = 'tagid asc';
} elseif ($orderby == 2) {
$doorder = 'num desc';
} elseif ($orderby == 3) {
$doorder = 'num asc';
} else {
$doorder = 'tagid desc';
}
$search .= "&orderby={$orderby}";
$add = $add ? ' where ' . substr($add, 5) : '';
$query = "select tagid,tagname,num,isgood,cid from {$dbtbpre}enewstags" . $add;
$totalquery = "select count(*) as total from {$dbtbpre}enewstags" . $add;
$num = $empire->gettotal($totalquery);
//取得总条数
function register($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
//关闭注册
if ($public_r['register_ok']) {
printerror('CloseRegister', '', 1);
}
//验证时间段允许操作
eCheckTimeCloseDo('reg');
//验证IP
eCheckAccessDoIp('register');
if (!empty($ecms_config['member']['registerurl'])) {
Header("Location:" . $ecms_config['member']['registerurl']);
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror('LoginToRegister', '', 1);
}
CheckCanPostUrl();
//验证来源
$username = trim($add['username']);
$password = trim($add['password']);
$username = RepPostVar($username);
$password = RepPostVar($password);
$email = RepPostStr($add['email']);
if (!$username || !$password || !$email) {
printerror("EmptyMember", "history.go(-1)", 1);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkregkey';
if ($public_r['regkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$user_groupid = eReturnMemberDefGroupid();
$groupid = (int) $add['groupid'];
$groupid = empty($groupid) ? $user_groupid : $groupid;
CheckMemberGroupCanReg($groupid);
//IP
$regip = egetip();
$regipport = egetipport();
//用户字数
$pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
$userlen = strlen($username);
if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
printerror('FaiUserlen', '', 1);
}
//密码字数
$passlen = strlen($password);
if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
printerror('FailPasslen', '', 1);
}
if ($add['repassword'] !== $password) {
printerror('NotRepassword', '', 1);
}
if (!chemail($email)) {
printerror('EmailFail', '', 1);
}
if (strstr($username, '|') || strstr($username, '*')) {
printerror('NotSpeWord', '', 1);
}
//同一IP注册
eCheckIpRegTime($regip, $pr['regretime']);
//保留用户
toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
$username = RepPostStr($username);
//重复用户
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if ($num) {
printerror('ReUsername', '', 1);
}
//重复邮箱
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' limit 1");
if ($num) {
printerror('ReEmailFail', '', 1);
}
}
//注册时间
$lasttime = time();
$registertime = eReturnAddMemberRegtime();
$rnd = make_password(20);
//产生随机密码
$userkey = eReturnMemberUserKey();
//密码
$truepassword = $password;
$salt = eReturnMemberSalt();
$password = eDoMemberPw($password, $salt);
//审核
$checked = ReturnGroupChecked($groupid);
if ($checked && $public_r['regacttype'] == 1) {
$checked = 0;
}
//验证附加表必填项
$mr['add_filepass'] = ReturnTranFilepass();
$fid = GetMemberFormId($groupid);
$member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
$sql = $empire->query("insert into " . eReturnMemberTable() . "(" . eReturnInsertMemberF('username,password,rnd,email,registertime,groupid,userfen,userdate,money,zgroupid,havemsg,checked,salt,userkey') . ") values('{$username}','{$password}','{$rnd}','{$email}','{$registertime}','{$groupid}','{$public_r['reggetfen']}','0','0','0','0','{$checked}','{$salt}','{$userkey}');");
//取得userid
$userid = $empire->lastid();
//附加表
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
if (!$addr[userid]) {
$spacestyleid = ReturnGroupSpaceStyleid($groupid);
$sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}','{$lasttime}','{$regip}','1','{$regipport}','{$regipport}'" . $member_r[1] . ");");
}
//更新附件
UpdateTheFileOther(6, $userid, $mr['add_filepass'], 'member');
ecmsEmptyShowKey($keyvname);
//清空验证码
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($userid);
}
if ($sql) {
//邮箱激活
if ($checked == 0 && $public_r['regacttype'] == 1) {
include 'class/member_actfun.php';
SendActUserEmail($userid, $username, $email);
}
//审核
if ($checked == 0) {
$location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
printerror("RegisterSuccessCheck", $location, 1);
}
$logincookie = 0;
if ($ecms_config['member']['regcookietime']) {
$logincookie = time() + $ecms_config['member']['regcookietime'];
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $userid, $logincookie);
$set3 = esetcookie("mlgroupid", $groupid, $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($userid, $username, $rnd, $groupid, $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
$location = $returnurl;
}
$set5 = esetcookie("returnurl", "");
//易通行系统
DoEpassport('reg', $userid, $username, $truepassword, $salt, $email, $groupid, $registertime);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("RegisterSuccess", $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
if ($infomod_r[sonclass] == '|' . $classid . '|' && $singletable == 1) {
$ewhere = $add ? ' where ' . substr($add, 5) : '';
} else {
$ewhere = " where classid='{$classid}'" . $add;
}
//统计
$totalquery = "select count(*) as total from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . "_doc" . $ewhere;
$totalnum = (int) $_GET['totalnum'];
if ($totalnum < 1) {
$num = $empire->gettotal($totalquery);
//取得总条数
} else {
$num = $totalnum;
}
//排序
$myorder = RepPostStr($_GET['myorder'], 1);
if ($myorder == 1) {
$doorder = "newstime desc";
} elseif ($myorder == 2) {
$doorder = "plnum desc";
} elseif ($myorder == 3) {
$doorder = "onclick desc";
} elseif ($myorder == 4) {
$doorder = "id desc";
} else {
$thisclassr = $empire->fetch1("select listorder from {$dbtbpre}enewsclass where classid='{$classid}'");
if (empty($thisclassr[listorder])) {
$doorder = "id desc";
} else {
$doorder = $thisclassr[listorder];
}
