if (!$db->delete($remove_product)) {
$transaction = false;
}
if ($transaction) {
$links = array(array('link' => 'virtual_product.php', 'alt' => '虚拟产品列表'), array('link' => 'virtual_product.php?act=cycle', 'alt' => '回收站'), array('link' => 'virtual_product.php?act=add', 'alt' => '添加虚拟产品'));
$db->commit();
show_system_message('产品' . $product['product_sn'] . '已被彻底删除', $links);
exit;
} else {
$db->rollback();
show_system_message('系统繁忙,请稍后重试', array());
exit;
}
}
if ('inventory' == $act) {
if (!check_purview('pur_virtual_product_edit', $_SESSION['business_purview'])) {
show_system_message('权限不足', array());
exit;
}
$product_sn = trim(getGET('sn'));
if ('' == $product_sn) {
show_system_message('参数错误', array());
exit;
}
$product_sn = $db->escape($product_sn);
$get_product = 'select a.* from ' . $db->table('product') . ' as a';
$get_product .= ' where business_account = \'' . $_SESSION['business_account'] . '\'';
$get_product .= ' and is_virtual = 1';
//实体产品
$get_product .= ' and a.product_sn = \'' . $product_sn . '\' and status <> 2 limit 1';
$product = $db->fetchRow($get_product);
$ad_list[$key]['pos_name'] = $adpos_json[$ad['ad_pos_id']]['name'];
}
}
assign('ad_list', $ad_list);
}
if ('edit' == $act) {
if (!check_purview('pur_ad_edit', $_SESSION['purview'])) {
show_system_message('权限不足');
exit;
}
$id = intval(getGET('id'));
$get_ad = 'select * from ' . $db->table('ad') . ' where `id`=' . $id . ' and business_account = \'\'';
assign('ad', $db->fetchRow($get_ad));
}
if ('delete' == $act) {
if (!check_purview('pur_ad_del', $_SESSION['purview'])) {
show_system_message('权限不足');
exit;
}
$id = intval(getGET('id'));
if ($id <= 0) {
show_system_message('请求失败');
exit;
}
$get_img = 'select `img` from ' . $db->table('ad') . ' where `id`=' . $id . ' and business_account = \'\'';
$img = $db->fetchOne($get_img);
if ($db->autoDelete('ad', '`id`=' . $id)) {
show_system_message('删除广告成功');
exit;
} else {
show_system_message('系统繁忙,请稍后再试');
$page = intval($page);
$count = intval($count);
if (!in_array($count, $count_expected)) {
$count = 10;
}
$total_page = ceil($total / $count);
$page = $page > $total_page ? $total_page : $page;
$page = $page <= 0 ? 1 : $page;
$offset = ($page - 1) * $count;
create_pager($page, $total_page, $total);
assign('count', $count);
assign('account', $account);
assign('begin_time', $begin_time > 0 ? date('Y-m-d', $begin_time) : '');
assign('end_time', $end_time > 0 ? date('Y-m-d', $end_time) : '');
assign('recharge_sn', $recharge_sn);
assign('status', $status);
$get_recharge_list = 'select * from ' . $db->table('recharge') . $where . ' order by `recharge_sn` DESC limit ' . $offset . ',' . $count;
$recharge_list = $db->fetchAll($get_recharge_list);
if ($recharge_list) {
foreach ($recharge_list as $k => $r) {
if (check_purview('pur_recharge_edit', $_SESSION['purview']) && $r['status'] == 1) {
$recharge_list[$k]['operation'] = '<a href="recharge.php?act=edit&sn=' . $r['recharge_sn'] . '">处理</a>';
} else {
$recharge_list[$k]['operation'] = '';
}
}
}
assign('recharge_list', $recharge_list);
}
assign('act', $act);
$smarty->display($template . 'recharge.phtml');
show_system_message('当前导航条还有子栏目,请先删除子栏目', array());
exit;
} else {
$deleteNav = 'delete from `' . DB_PREFIX . 'nav` where `id`=' . $id . ' limit 1';
if ($db->delete($deleteNav)) {
show_system_message('删除成功', array());
exit;
} else {
show_system_message('删除导航条失败,请稍后再试', array());
exit;
}
}
}
//导航列表
if ('view' == $act) {
if (!check_purview('pur_nav_view', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$getNavs = 'select * from `' . DB_PREFIX . 'nav`';
$getNavs .= ' order by `position` desc, `order_view` asc';
$navs = $db->fetchAll($getNavs);
//初始化入栈标志
if ($navs) {
foreach ($navs as $k => $v) {
$navs[$k]['in'] = false;
}
}
$stack = array();
$result = array();
if ($navs) {
* @version 1.0.0
*/
include 'library/init.inc.php';
back_base_init();
$template = 'virtual_order/';
assign('subTitle', '消费券管理');
$action = 'view';
$operation = '';
$act = check_action($action, getGET('act'));
$act = $act == '' ? 'view' : $act;
$opera = check_action($operation, getPOST('opera'));
$status_str = array(0 => '有效', 1 => '已使用', 2 => '已过期', 3 => '失效');
//===========================================================================
//===========================================================================
if ('view' == $act) {
if (!check_purview('pur_virtual_order_view', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$status = intval(getGET('status'));
if ($status == 0) {
assign('status', 0);
assign('order_status', '');
$and_where = '';
} else {
switch ($status) {
case 1:
$and_where .= ' and a.status = 0';
break;
case 2:
$and_where .= ' and a.status = 1';
$get_exchange_list .= ' limit ' . $offset . ',' . $count;
$exchange_list = $db->fetchAll($get_exchange_list);
// echo $get_exchange_list;exit;
if ($exchange_list) {
foreach ($exchange_list as $key => $value) {
$exchange_list[$key]['add_time_str'] = date('Y-m-d H:i:s', $value['add_time']);
}
}
assign('exchange_list', $exchange_list);
assign('count', $count);
assign('st', $st);
assign('et', $et);
create_pager($page, $total_page, $total);
}
if ('detail' == $act) {
if (!check_purview('pur_account_view', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$account = trim(getGET('account'));
if ('' == $account) {
show_system_message('参数错误', array());
exit;
}
assign('account', $account);
$account = $db->escape($account);
$where = '';
$type = intval(getGET('type'));
if ($type == 0) {
$table = 'member_exchange_log';
$exists_table = 'member';
$content = $db->fetchRow($get_content);
if ($content) {
show_system_message('当前帖子下有回复,不能删除', array());
exit;
}
$delete_section = 'delete from `' . DB_PREFIX . 'forum` where `id`=' . $id . ' limit 1';
if ($db->delete($delete_section)) {
show_system_message('删除帖子成功', array());
exit;
} else {
show_system_message('系统繁忙,请稍后再试', array());
exit;
}
}
if ('top' == $act) {
if (!check_purview('pur_forum_edit', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$id = getGET('id');
$id = intval($id);
$delete_section = 'update `' . DB_PREFIX . 'forum` set `is_top`=abs(1-`is_top`) where `id`=' . $id . ' limit 1';
if ($db->update($delete_section)) {
show_system_message('修改帖子成功', array());
exit;
} else {
show_system_message('系统繁忙,请稍后再试', array());
exit;
}
}
$template .= $act . '.phtml';
}
break;
default:
}
}
if ('view' == $act) {
if (!check_purview('pur_sysconf_view', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$getSysconf = 'select `key`,`name`,`type`,`value`, `remark`, `group` from `' . DB_PREFIX . 'sysconf` where `group`=\'config\' order by `group` asc';
$sysconf = $db->fetchAll($getSysconf);
assign('sysconf', $sysconf);
}
if ('edit' == $act) {
if (!check_purview('pur_sysconf_edit', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$key = getGET('key');
if ('' == $key) {
show_system_message('参数错误', array());
} else {
$getSysconf = 'select `key`,`name`,`type`,`value` from `' . DB_PREFIX . 'sysconf`';
$getSysconf .= ' where `key`=\'' . $key . '\'';
assign('conf', $db->fetchRow($getSysconf));
}
}
assign('act', $act);
$template .= $act . '.phtml';
$smarty->display($template);
if (!in_array($count, $count_expected)) {
$count = 10;
}
$total_page = ceil($total / $count);
$page = $page > $total_page ? $total_page : $page;
$page = $page <= 0 ? 1 : $page;
$offset = ($page - 1) * $count;
create_pager($page, $total_page, $total);
assign('count', $count);
assign('account', $account);
$get_member = 'select * from ' . $db->table('member') . $where . ' order by `add_time` DESC limit ' . $offset . ',' . $count;
$member_list = $db->fetchAll($get_member);
if ($member_list) {
foreach ($member_list as $k => $member) {
$tmp = '';
if (check_purview('pur_member_edit', $_SESSION['purview'])) {
$member_list[$k]['operation'] = '<a href="member.php?act=edit&account=' . $member['account'] . '">编辑</a>';
$member_list[$k]['operation'] .= ' | <a href="javascript:reset_password(\'' . $member['account'] . '\');">重置密码</a>';
if ($member['status'] == 2) {
$member_list[$k]['operation'] .= ' | <a href="javascript:lock(\'' . $member['account'] . '\');">锁定用户</a>';
} else {
$member_list[$k]['operation'] .= ' | <a href="javascript:unlock(\'' . $member['account'] . '\');">解锁用户</a>';
}
if ($member['status'] == 4) {
$member_list[$k]['operation'] .= ' | <a href="javascript:release(\'' . $member['account'] . '\');">解冻用户</a>';
} else {
$member_list[$k]['operation'] .= ' | <a href="javascript:frozen(\'' . $member['account'] . '\');">冻结用户</a>';
}
if ($member['view_network'] == 0) {
$member_list[$k]['operation'] .= ' | <a href="javascript:open_network(\'' . $member['account'] . '\');">开启网络</a>';
} else {
}
$update_withdraw = 'update ' . $db->table($table) . ' set status = 1, solve_time = ' . time() . ' where withdraw_sn = \'' . $sn . '\' limit 1';
if ($db->update($update_withdraw)) {
$data = array('add_time' => time(), 'operator' => $_SESSION['account'], 'withdraw_sn' => $sn, 'status' => 1, 'remark' => '金额到帐');
$db->autoInsert($table . '_log', array($data));
//添加账户明细记录
add_memeber_exchange_log($withdraw['account'], 0, -1 * ($withdraw['amount'] + $withdraw['fee']), 0, 0, 0, $_SESSION['account'], '提现到帐');
show_system_message('操作成功', array());
exit;
} else {
show_system_message('系统繁忙,请稍后重试', array());
exit;
}
}
if ('log' == $act) {
if (!check_purview('pur_withdraw_log', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$type = intval(getGET('type'));
if ($type == 0) {
$table = 'withdraw_log';
} else {
$table = 'business_withdraw_log';
}
assign('type', $type);
$st = trim(getGET('st'));
$et = trim(getGET('et'));
$start_time = strtotime($st);
$end_time = strtotime($et);
$and_where = '';
* 网站地址: http://www.beescms.com
* 您只能在不用于商业目的的前提下对程序代码进行修改和使用;
* 不允许对程序代码以任何形式任何目的的再发布。
* ============================================================================
*/
define('IN_CMS', 'true');
include 'init.php';
$action = isset($_REQUEST['action']) ? fl_html(fl_value($_REQUEST['action'])) : 'sys';
//系统设置页
if ($action == 'sys') {
if (file_exists(DATA_PATH . 'sys_info.php')) {
include DATA_PATH . 'sys_info.php';
}
include 'template/admin_sys.html';
} elseif ($action == 'add_sys') {
if (!check_purview('sys_info')) {
msg('<span style="color:red">操作失败,你的权限不足!</span>');
}
if (!isset($_POST['submit'])) {
msg('<span style="color:red">请从表单提交</span>');
}
unset($_POST['action'], $_POST['submit']);
foreach ($_POST as $k => $v) {
$info[$k] = $v;
}
$sql = "update " . DB_PRE . "cmsinfo set info_array='" . addslashes(var_export($info, 'true')) . "' where id=1 and info_tag='sys'";
$GLOBALS['mysql']->query($sql);
$file = DATA_PATH . 'sys_info.php';
$str = "<?php\n\$_sys=" . var_export($info, true) . ";\n?>";
creat_inc($file, $str);
msg('系统信息配置成功', '?' . $nav_query);
$update_order .= ' where business_account = \'' . $_SESSION['business_account'] . '\'';
$update_order .= ' and order_sn = \'' . $order_sn . '\' limit 1';
if ($db->update($update_order)) {
$log_data = array('order_sn' => $order_sn, 'operator' => $_SESSION['business_admin'], 'status' => 4, 'add_time' => time(), 'remark' => '确认已付款');
$db->autoInsert('order_log', array($log_data));
$links = array(array('alt' => '待发货订单列表', 'link' => 'order.php?status=4'));
show_system_message('确认客户已付款', $links);
exit;
} else {
show_system_message('系统繁忙,请稍后重试', array());
exit;
}
}
//预览
if ('preview' == $act) {
if (!check_purview('pur_order_view', $_SESSION['business_purview'])) {
echo '权限不足';
exit;
}
$status_str = array(1 => '待支付', 2 => '支付中', 3 => '支付完成', 4 => '待发货', 5 => '配货中', 6 => '已发货', 7 => '已收货', 8 => '申请退单', 9 => '退单中', 10 => '已退单', 11 => '无效订单', 12 => '已完成');
$order_sn = trim(getGET('sn'));
if ('' == $order_sn) {
show_system_message('参数错误', array());
exit;
}
$order_sn = $db->escape($order_sn);
$get_order = 'select a.*, p.province_name, city.city_name, d.district_name, g.group_name, e.name as express_name from ' . $db->table('order') . ' as a';
$get_order .= ' left join ' . $db->table('province') . ' as p on a.province = p.id';
$get_order .= ' left join ' . $db->table('city') . ' as city on a.city = city.id';
$get_order .= ' left join ' . $db->table('district') . ' as d on a.district = d.id';
$get_order .= ' left join ' . $db->table('group') . ' as g on a.group = g.id';
function get_exceldown($keys)
{
if (!is_superadmin() && !check_purview($keys)) {
} else {
return '<a href="javascript:document:excel.submit();" seed="CR-download-top" id="J-download"><img class="v-al-middle" src="template/default/images/2EC5tZlqdV.gif" />下载查询结果</a>';
}
}
exit;
}
}
if ('withdraw' == $act) {
if (!check_purview('pur_finance_withdraw', $_SESSION['business_purview'])) {
show_system_message('权限不足', array());
exit;
}
$get_business = 'select `balance`, `trade` from ' . $db->table('business');
$get_business .= ' where business_account = \'' . $_SESSION['business_account'] . '\'';
$get_business .= ' limit 1';
$business = $db->fetchRow($get_business);
assign('business', $business);
}
if ('record' == $act) {
if (!check_purview('pur_finance_withdraw', $_SESSION['business_purview'])) {
show_system_message('权限不足', array());
exit;
}
$get_business = 'select * from ' . $db->table('business');
$get_business .= ' where business_account = \'' . $_SESSION['business_account'] . '\' limit 1';
$business = $db->fetchRow($get_business);
assign('business', $business);
$page = intval(getGET('page'));
$count = intval(getGET('count'));
$getTotal = 'select count(*) from ' . $db->table('business_withdraw');
$getTotal .= ' where account = \'' . $_SESSION['business_account'] . '\'';
$total = $db->fetchOne($getTotal);
$count = intval(getGET('count'));
$count = $count <= 0 ? 10 : $count;
$total_page = ceil($total / $count);
die($str);
} elseif ($action == 'check_table') {
if (check_str($value, '/[^0-9a-z_]+/') || empty($value)) {
die("<span class='err'>只能使用小写字母或数字</span>");
exit;
}
$sql = "show tables";
$tables = $GLOBALS['mysql']->show_tables();
$table = DB_PRE . $value;
if (in_array($table, $tables)) {
$num = 1;
}
$str = empty($num) ? "<span class='ld_ok'>{$value}可以使用</span>" : "<span class='err'>{$value}已经存在,请更换</span>";
die($str);
} elseif ($action == 'is_show') {
if (!check_purview('pannel_edit') || !check_purview('form_edit')) {
return false;
}
$id = intval($_REQUEST['id']);
$table = $_REQUEST['table'];
$field = $_REQUEST['field'];
$order = $_REQUEST['order'];
$value = empty($value) ? 1 : 0;
$sql = "update " . DB_PRE . "{$table} set {$field}=" . intval($value) . " where id={$id}";
$GLOBALS['mysql']->query($sql);
//更新缓存
if ($table == "channel") {
$sql = "select*from " . DB_PRE . "{$table} order by {$order} desc";
$rel = $GLOBALS['mysql']->fetch_asc($sql);
$cache_file = DATA_PATH . 'cache_channel/cache_channel_all.php';
$str = "<?php\n\$channel=" . var_export($rel, true) . ";\n?>";
}
$id = intval(getGET('id'));
if (0 >= $id) {
show_system_message('参数错误', array());
exit;
}
$get_industry = 'select * from ' . $db->table('industry') . ' where id = \'' . $id . '\' limit 1';
$industry = $db->fetchRow($get_industry);
if (empty($industry)) {
show_system_message('行业不存在', array());
exit;
}
assign('industry', $industry);
}
if ('delete' == $act) {
if (!check_purview('pur_industry_del', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$id = intval(getGET('id'));
if (0 >= $id) {
show_system_message('参数错误', array());
exit;
}
$get_industry = 'select * from ' . $db->table('industry') . ' where id = \'' . $id . '\' limit 1';
$industry = $db->fetchRow($get_industry);
if (empty($industry)) {
show_system_message('行业不存在', array());
exit;
}
$get_business = 'select * from ' . $db->table('business') . ' where industry_id = ' . $id;
show_system_message('参数错误', array());
exit;
}
$business_account = $db->escape($business_account);
$get_business = 'select * from ' . $db->table('business');
$get_business .= ' where business_account = \'' . $business_account . '\' and status = 1 limit 1';
$business = $db->fetchRow($get_business);
if (empty($business)) {
show_system_message('商户不存在', array());
exit;
}
assign('business_account', $business_account);
}
//认证信息驳回
if ('auth_reject' == $act) {
if (!check_purview('pur_business_exam', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$business_account = trim(getGET('account'));
if ('' == $business_account) {
show_system_message('参数错误', array());
exit;
}
$business_account = $db->escape($business_account);
$get_business = 'select * from ' . $db->table('business');
$get_business .= ' where business_account = \'' . $business_account . '\' and status = 2 limit 1';
$business = $db->fetchRow($get_business);
if (empty($business)) {
show_system_message('商户不存在', array());
exit;
define('IN_CMS', 'true');
include 'init.php';
$action = isset($_REQUEST['action']) ? fl_html(fl_value($_REQUEST['action'])) : 'index';
$lang = isset($_REQUEST['lang']) ? fl_html(fl_value($_REQUEST['lang'])) : '';
//首页配置界面
if ($action == 'index') {
if (file_exists(DATA_PATH . 'index_info.php')) {
include DATA_PATH . 'index_info.php';
}
$index_info = isset($_index) ? $_index : array('flash_is' => 0);
if (file_exists(DATA_PATH . 'cache/lang_cache.php')) {
include DATA_PATH . 'cache/lang_cache.php';
}
include 'template/admin_index_info.html';
} elseif ($action == 'save_index') {
if (!check_purview('index_info')) {
msg('<span style="color:red">操作失败,你的权限不足!</span>');
}
if (!isset($_POST['submit'])) {
msg('<span style="color:red">请从表单提交</span>');
}
unset($_POST['action'], $_POST['submit']);
$info = array();
foreach ($_POST as $k => $v) {
$info[$k] = $v;
}
//是否存在
if ($GLOBALS['mysql']->fetch_rows("select id from " . DB_PRE . "cmsinfo where info_tag='index_info'")) {
$sql = "update " . DB_PRE . "cmsinfo set info_array='" . addslashes(var_export($info, 'true')) . "' where info_tag='index_info'";
} else {
$sql = "insert into " . DB_PRE . "cmsinfo (info_tag,info_array,info_name) values ('index_info','" . addslashes(var_export($info, true)) . "','首页配置')";
//删除文件
@unlink($file);
//删除数据
$mysql->query("delete from " . DB_PRE . "upfiles where id=" . $id);
msg('文件删除成功!', '?');
} elseif ($action == 'edit_file') {
if (!check_purview('file_manage')) {
msg('<span style="color:red">操作失败,你的权限不足!</span>');
}
$id = intval($_GET['id']);
if (empty($id)) {
msg('参数发生错误,请重新操作');
}
$sql = "select * from " . DB_PRE . "upfiles where id=" . $id;
$rel = $mysql->fetch_asc($sql);
include 'template/admin_file_edit.html';
} elseif ($action == 'save_edit') {
if (!check_purview('file_manage')) {
msg('<span style="color:red">操作失败,你的权限不足!</span>');
}
$id = intval($_POST['id']);
if (empty($id)) {
msg('参数发生错误,请重新操作');
}
$file_info = $_POST['file_info'];
$hits = empty($_POST['hits']) ? 0 : intval($_POST['hits']);
//更新图片信息
$sql = "update " . DB_PRE . "upfiles set file_info='" . $file_info . "',hits=" . $hits . " where id=" . $id;
$mysql->query($sql);
msg('文件更新成功!', '?');
}
$id = intval($id);
if (0 >= $id) {
show_system_message('参数错误', array());
exit;
}
$get_section = 'select * from `' . DB_PREFIX . 'forum_comment` where `id`=' . $id . ' limit 1';
$section = $db->fetchRow($get_section);
if (empty($section)) {
show_system_message('评论不存在', array());
exit;
}
assign('section', $section);
}
//删除评论
if ('delete' == $act) {
if (!check_purview('pur_forum_comment_del', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$id = getGET('id');
$id = intval($id);
if (0 >= $id) {
show_system_message('参数错误', array());
exit;
}
$delete_section = 'delete from `' . DB_PREFIX . 'forum_comment` where `id`=' . $id . ' limit 1';
if ($db->delete($delete_section)) {
show_system_message('删除评论成功', array());
exit;
} else {
show_system_message('系统繁忙,请稍后再试', array());
include 'init.php';
$action = isset($_REQUEST['action']) ? fl_html(fl_value($_REQUEST['action'])) : 'info';
$lang = isset($_REQUEST['lang']) ? fl_html(fl_value($_REQUEST['lang'])) : get_lang_main();
//网站配置
if ($action == 'info') {
if (file_exists(DATA_PATH . $lang . '_info.php')) {
include DATA_PATH . $lang . '_info.php';
}
if (!empty($_confing)) {
foreach ($_confing as $k => $v) {
$_confing[$k] = stripslashes($v);
}
}
include 'template/admin_info.html';
} elseif ($action == 'add_inc') {
if (!check_purview('web_info')) {
msg('<span style="color:red">操作失败,你的权限不足!</span>');
}
if (empty($lang)) {
msg('<span style="color:red">参数传递错误,请重新操作</span>');
}
if (file_exists(DATA_PATH . $lang . '_info.php')) {
include DATA_PATH . $lang . '_info.php';
}
unset($_POST['action'], $_POST['submit'], $_POST['lang']);
foreach ($_POST as $k => $v) {
//if(in_array($k,array('web_powerby','web_beian','web_yinxiao'))){$v=htmlspecialchars($v);}
if (is_array($v)) {
$info[$k] = $v[0];
} else {
$info[$k] = $v;
$count_expected = array(10, 25, 50, 100);
$page = intval($page);
$count = intval($count);
if (!in_array($count, $count_expected)) {
$count = 10;
}
$total_page = ceil($total / $count);
$page = $page > $total_page ? $total_page : $page;
$page = $page <= 0 ? 1 : $page;
$offset = ($page - 1) * $count;
create_pager($page, $total_page, $total);
assign('count', $count);
assign('account', $account);
assign('order_sn', $order_sn);
assign('status', $status);
$get_order_list = 'select * from ' . $db->table('order') . $where . ' order by `order_sn` DESC limit ' . $offset . ',' . $count;
$order_list = $db->fetchAll($get_order_list);
if ($order_list) {
foreach ($order_list as $k => $r) {
if (check_purview('pur_order_edit', $_SESSION['purview']) && $r['status'] == 3) {
$order_list[$k]['operation'] = '<a href="order.php?act=edit&sn=' . $r['order_sn'] . '">发货</a> | ';
} else {
$order_list[$k]['operation'] = '';
}
$order_list[$k]['operation'] .= '<a href="order.php?act=detail&sn=' . $r['order_sn'] . '">查看</a>';
}
}
assign('order_list', $order_list);
}
assign('act', $act);
$smarty->display($template . 'order.phtml');
$member = $db->fetchRow($get_member);
if (empty($member)) {
show_system_message('会员不存在', array());
exit;
}
$delete_member = 'update ' . $db->table('member') . ' set status = 1 where account = \'' . $account . '\' limit 1';
if ($db->update($delete_member)) {
show_system_message('会员' . $account . '已撤销拉黑', array());
exit;
} else {
show_system_message('系统繁忙,请稍后重试', array());
exit;
}
}
if ('network' == $act) {
if (!check_purview('pur_member_network', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$account = trim(getGET('account'));
if ('' == $account) {
show_system_message('参数错误', array());
exit;
}
$account = $db->escape($account);
$get_member = 'select * from ' . $db->table('member') . ' where account = \'' . $account . '\' limit 1';
$member = $db->fetchRow($get_member);
if (empty($member)) {
show_system_message('会员不存在', array());
exit;
}
if (empty($link_name)) {
msg("<span style=\"color:red\">【网站名称】不能为空</span>");
}
$link_order = empty($link_order) ? 1 : $link_order;
$link_info = empty($link_info) ? '' : cn_substr($link_info, 255);
if (strlen($link_url) > 60) {
msg('<span style=\\"color:red\\">网站网址太长,请缩短</span>');
}
if (strlen($link_name) > 60) {
msg('<span style=\\"color:red\\">网站名称太长,请缩短</span>');
}
if (strlen($link_order) > 60) {
msg('<span style=\\"color:red\\">排列顺序字数太长,请缩短</span>');
}
if (strlen($link_mail) > 60) {
msg('<span style=\\"color:red\\">站长Email太长,请缩短</span>');
}
$sql = "update " . DB_PRE . "link set link_url='{$link_url}',link_name='{$link_name}',link_logo='{$link_logo}',link_order={$link_order},link_info='{$link_info}',link_mail='{$link_mail}',link_type={$link_type} where id={$id} and lang='{$lang}'";
$GLOBALS['mysql']->query($sql);
msg("【{$link_name}】网站链接修改成功", '?action=link_list');
} elseif ($action == 'del') {
if (!check_purview('link_del')) {
msg('<span style="color:red">操作失败,你的权限不足!</span>');
}
$id = intval($_GET['id']);
if (empty($id) || empty($lang)) {
msg("<span style=\"color:red\">参数发生错误,请重新操作</span>");
}
$GLOBALS['mysql']->query("delete from " . DB_PRE . "link where id={$id} and lang='{$lang}'");
msg("成功删除链接", '?');
}
$total_page = ceil($total / $count);
$page = $page > $total_page ? $total : $page;
$page = $page <= 0 ? 1 : $page;
$offset = ($page - 1) * $count;
$get_content_list = 'select a.*, p.img from ' . $db->table('order_content') . ' as a';
$get_content_list .= ' left join ' . $db->table('product') . ' as p on a.product_sn = p.product_sn';
$get_content_list .= ' where a.business_account = \'' . $_SESSION['business_account'] . '\'';
$get_content_list .= $and_where;
$get_content_list .= ' order by id desc';
$get_content_list .= ' limit ' . $offset . ',' . $count;
$content_list = $db->fetchAll($get_content_list);
// echo $get_content_list;exit;
if ($content_list) {
foreach ($content_list as $key => $content) {
$content_list[$key]['status_str'] = $status_str[$content['status']];
$content_list[$key]['begin_time_str'] = $content['begin_time'] ? date('Y-m-d H:i:s', $content['begin_time']) : '';
$content_list[$key]['end_time_str'] = $content['end_time'] ? date('Y-m-d H:i:s', $content['end_time']) : '';
}
}
assign('content_list', $content_list);
create_pager($page, $total_page, $total);
assign('count', $count);
}
if ('consume' == $act) {
if (!check_purview('pur_virtual_order_edit', $_SESSION['business_purview'])) {
show_system_message('权限不足', array());
exit;
}
}
$template .= $act . '.phtml';
$smarty->display($template);
fclose($fp);
msg('【' . $file . '】模板修改完成', '?');
} elseif ($action == 'mb_list') {
if (!check_purview('tpl_manage')) {
msg('<span style="color:red">操作失败,你的权限不足!</span>');
}
$path = empty($path) ? 'template' . '/' : $path;
if (!($file_hand = @opendir(CMS_PATH . $path))) {
err("模板目录打开失败,请检查【{$lang}】语言模板目录【{$_confing['web_template']}】");
}
if (file_exists(DATA_PATH . $lang . '_info.php')) {
include DATA_PATH . $lang . '_info.php';
}
include 'template/admin_mb_list.html';
} elseif ($action == 'ajax_mb') {
if (!check_purview('tpl_manage')) {
msg('<span style="color:red">操作失败,你的权限不足!</span>');
}
$mb_dir = $_POST['mb_dir'];
echo $lang;
if (file_exists(DATA_PATH . $lang . '_info.php')) {
include DATA_PATH . $lang . '_info.php';
}
//更换模板清除现有配置
if ($mb_dir != $_confing['web_template']) {
//清除缓存编译文件
$GLOBALS['tpl']->del_cache();
}
$_confing['web_template'] = $mb_dir;
if ($GLOBALS['mysql']->fetch_rows("select id from " . DB_PRE . "cmsinfo where lang_tag='" . $lang . "' and info_tag='info'")) {
$sql = "update " . DB_PRE . "cmsinfo set info_array='" . addslashes(var_export($_confing, 'true')) . "' where lang_tag='" . $lang . "' and info_tag='info'";
$type = "text";
}
$sql = "select*from " . DB_PRE . "{$table} limit 1";
$check_field_arr = $GLOBALS['mysql']->fetch_field($sql);
if (in_array($v['field_name'], $check_field_arr)) {
continue;
}
$GLOBALS['mysql']->add_field($table, $v['field_name'] . " " . $type);
$sql = "insert into " . DB_PRE . "auto_fields (field_name,use_name,field_type,field_value,field_length,channel_id,field_info,is_disable,is_del,field_order) values ('" . $v['field_name'] . "','" . $v['use_name'] . "','" . $v['field_type'] . "','" . $v['field_value'] . "'," . $v['field_length'] . "," . $channel_id . ",'" . $v['field_info'] . "'," . $v['is_disable'] . "," . $v['is_del'] . ",'" . $v['field_order'] . "')";
$GLOBALS['mysql']->query($sql);
}
}
$GLOBALS['cache']->cache_fields();
msg('导入完成,可以删除文件!', '?action=channel');
} elseif ($action == 'del_field') {
if (!check_purview('field_del')) {
msg('<span style="color:red">操作失败,你的权限不足!</span>');
}
$id = intval($_GET['id']);
$channel_id = intval($_GET['channel_id']);
if (!isset($id) || empty($id) || !isset($channel_id) || empty($channel_id)) {
msg('<span style="color:red">参数传递错误,请重新操作</span>', 'admin_channel.php');
}
if (file_exists(DATA_PATH . "cache_channel/cache_channel_all.php")) {
include DATA_PATH . "cache_channel/cache_channel_all.php";
}
if (!empty($channel)) {
foreach ($channel as $key => $value) {
if ($value['id'] == $channel_id) {
$table = $value['channel_table'];
}
exit;
} else {
show_system_message('系统繁忙,请稍后重试', array());
exit;
}
}
//=========================================================================
//编辑个人信息
if ('info' == $act) {
if (!check_purview('pur_info_edit', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$get_admin = 'select `email`,`name`,`sex` from ' . $db->table('admin') . ' where account = \'' . $_SESSION['account'] . '\' limit 1';
$admin = $db->fetchRow($get_admin);
if (empty($admin)) {
$links = array(array('link' => 'index.php?act=logout', 'alt' => '注销'));
show_system_message('当前登陆用户异常,强制注销', $links);
exit;
}
assign('admin', $admin);
}
//修改密码
if ('passwd' == $act) {
if (!check_purview('pur_passwd_edit', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
}
$template .= $act . '.phtml';
$smarty->display($template);
exit;
}
$id = intval($id);
$revoke_content = 'update `' . DB_PREFIX . 'content` set `status`=1 where `id`=' . $id . ' limit 1';
if ($db->update($revoke_content)) {
$links = array(array('alt' => '返回列表', 'link' => 'content.php'), array('alt' => '回收站', 'link' => 'content.php?act=cycle'));
show_system_message('已撤销删除', $links);
exit;
} else {
show_system_message('系统繁忙,请稍后再试', array());
exit;
}
}
//完全删除
if ('remove' == $act) {
if (!check_purview('pur_content_del', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$id = intval(getGET('id'));
if (0 >= $id) {
show_system_message('参数错误', array());
exit;
}
$id = intval($id);
$delete_content = 'delete from `' . DB_PREFIX . 'content` where `id`=' . $id . ' limit 1';
if ($db->delete($delete_content)) {
$links = array(array('alt' => '返回列表', 'link' => 'content.php'), array('alt' => '回收站', 'link' => 'content.php?act=cycle'));
show_system_message('已彻底删除', $links);
exit;
} else {
foreach ($category_list as $key => $category) {
$count = count(explode(',', $category['path']));
if ($count > 1) {
$temp = '|--' . $category['name'];
while ($count--) {
$temp = ' ' . $temp;
}
$category['name'] = $temp;
$category_list[$key] = $category;
}
}
}
assign('category_list', $category_list);
}
if ('delete' == $act) {
if (!check_purview('pur_category_del', $_SESSION['purview'])) {
show_system_message('权限不足', array());
exit;
}
$id = intval(getGET('id'));
if (0 >= $id) {
show_system_message('参数错误', array());
}
$get_category = 'select * from ' . $db->table('category') . ' where id = \'' . $id . '\' limit 1';
$category = $db->fetchRow($get_category);
if (empty($category)) {
show_system_message('主营分类不存在', array());
exit;
}
if ($category['business_account'] != '') {
show_system_message('主营分类不存在', array());
