cn_substrR PHPのコード例

コード例 #1

0

ファイルを表示

ファイル: pm.php プロジェクト: Miliup/miliofficeweb

     if ($subject == '') {
         ShowMsg("请填写信息标题!", "-1");
         exit;
     }
     $msg = CheckUserID($msgtoid, "用户名", false);
     if ($msg != 'ok') {
         ShowMsg($msg, "-1");
         exit;
     }
     $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE userid LIKE '{$msgtoid}' ");
     if (!is_array($row)) {
         ShowMsg("你指定的用户不存在,不能发送信息!", "-1");
         exit;
     }
     $subject = cn_substrR(HtmlReplace($subject, 1), 60);
     $message = cn_substrR(HtmlReplace($message, 0), 1024);
     $sendtime = $writetime = time();
     //发给收件人(收件人可管理)
     $inquery1 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)\r\n      VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','inbox','{$subject}','{$sendtime}','{$writetime}','0','0','{$message}'); ";
     //保留到自己的发件箱(自己可管理)
     $inquery2 = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)\r\n      VALUES ('{$cfg_ml->M_LoginID}','{$cfg_ml->M_ID}','{$row['mid']}','{$row['userid']}','outbox','{$subject}','{$sendtime}','{$writetime}','0','0','{$message}'); ";
     $dsql->ExecuteNoneQuery($inquery1);
     $dsql->ExecuteNoneQuery($inquery2);
     ShowMsg("成功发送一条信息!", "pm.php?dopost=outbox");
     exit;
 } else {
     if ($dopost == 'del') {
         $ids = preg_replace("#[^0-9,]#", "", $ids);
         if ($folder == 'inbox') {
             $boxsql = "SELECT * FROM `#@__member_pms` WHERE id IN({$ids}) AND folder LIKE 'inbox' AND toid='{$cfg_ml->M_ID}'";
             $dsql->SetQuery($boxsql);

コード例 #2

0

ファイルを表示

ファイル: space_action.php プロジェクト: klr2003/sourceread

     if (strtolower($vdcode) != $svali || $svali == '') {
         ResetVdValue();
         ShowMsg('验证码错误！', '-1');
         exit;
     }
     $uidnum = intval($uidnum);
     if (empty($uidnum)) {
         ShowMsg('参数错误！', '-1');
         exit;
     }
     if (strlen($msg) < 6) {
         ShowMsg('你的留言内容太短！', '-1');
         exit;
     }
     $uname = HtmlReplace($uname, 1);
     $msg = cn_substrR(HtmlReplace($msg), 2048);
     if ($cfg_ml->M_UserName != '' && $cfg_ml->M_ID != $uidnum) {
         $gid = $cfg_ml->M_UserName;
     } else {
         $gid = '';
     }
     $inquery = "INSERT INTO `#@__member_guestbook`(mid,gid,msg,uname,ip,dtime)\r\n   VALUES ('{$uidnum}','{$gid}','{$msg}','{$uname}','" . GetIP() . "'," . time() . "); ";
     $dsql->ExecuteNoneQuery($inquery);
     ShowMsg('成功提交你的留言！', "index.php?uid={$uid}&action=guestbook");
     exit;
 } else {
     if ($action == 'newfriend') {
         CheckRank(0, 0);
         if ($_vars['mid'] == $cfg_ml->M_ID) {
             ShowMsg("你不能加自己为好友！", "index.php?uid=" . $uid);
             exit;

コード例 #3

0

ファイルを表示

ファイル: guestbookform.php プロジェクト: healthguo/PHP

$action = isset($action) ? trim($action) : '';
if (!$cfg_ml->IsLogin()) {
    ShowMsg("未登录前不充许该操作！", "-1");
    exit;
}
if ($id < 1) {
    ShowMsg("错误,未定义的操作！", "-1");
    exit;
}
if ($action == "save") {
    $svali = GetCkVdValue();
    if (strtolower($vdcode) != $svali || $svali == "") {
        ShowMsg("认证码错误！", "-1");
        exit;
    }
    $subject = cn_substrR(trim(HtmlReplace($subject), 2), 80);
    $text = preg_replace("#<(iframe|script)#i", "", $text);
    if (CountStrLen($text) < 3 || CountStrLen($text) > 1000) {
        ShowMsg("内容字数应该在3-1000个汉字！", "-1");
        exit;
    }
    if (preg_match("#{$cfg_notallowstr}#", $subject) || preg_match("#{$cfg_notallowstr}#", $text)) {
        ShowMsg("含有非法字符！", "-1");
        exit;
    }
    $subject = preg_replace("/{$cfg_replacestr}/", "***", $subject);
    $text = preg_replace("/{$cfg_replacestr}/", "***", $text);
    $userip = GetIP();
    $SetQuery = "INSERT INTO #@__group_guestbook(gid,title,uname,userid,stime,message,ip) ";
    $SetQuery .= "VALUES('{$id}','{$subject}','" . $cfg_ml->M_UserName . "','" . $cfg_ml->M_ID . "','" . time() . "','{$text}','{$userip}');";
    if ($db->ExecuteNoneQuery($SetQuery)) {

コード例 #4

0

ファイルを表示

ファイル: archives_do.php プロジェクト: playfay/FlowDedeCmsBackstageTemplets

<?php 
                                                //AJAX窗体结束
                                            } else {
                                                if ($dopost == 'quickEditSave') {
                                                    require_once DEDEADMIN . '/inc/inc_archives_functions.php';
                                                    //权限检测
                                                    if (!TestPurview('a_Edit')) {
                                                        if (TestPurview('a_AccEdit')) {
                                                            CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的文档权限！");
                                                        } else {
                                                            CheckArcAdmin($aid, $cuserLogin->getUserID());
                                                        }
                                                    }
                                                    $title = dede_htmlspecialchars(cn_substrR($title, $cfg_title_maxlen));
                                                    $shorttitle = cn_substrR($shorttitle, 36);
                                                    $keywords = trim(cn_substrR($keywords, 60));
                                                    if (!TestPurview('a_Check,a_AccCheck,a_MyCheck')) {
                                                        $arcrank = -1;
                                                    }
                                                    $adminid = $cuserLogin->getUserID();
                                                    //属性处理
                                                    $flag = isset($flags) ? join(',', $flags) : '';
                                                    if (!empty($flag)) {
                                                        if (preg_match("#p#", $oldflag)) {
                                                            $flag .= ',p';
                                                        }
                                                        if (preg_match("#j#", $oldflag)) {
                                                            $flag .= ',j';
                                                        }
                                                    }
                                                    /*

コード例 #5

0

ファイルを表示

ファイル: edit_space_info.php プロジェクト: klr2003/sourceread

        if (@filesize($_FILES['spacelogo']['tmp_name']) > $maxlength) {
            ShowMsg("你上传的Logo文件超过了系统限制大小：{$cfg_max_face} K！", '-1');
            exit;
        }
        //删除旧图片（防止文件扩展名不同，如：原来的是gif，后来的是jpg）
        if (eregi("\\.(jpg|gif|png)\$", $oldspacelogo) && file_exists($cfg_basedir . $oldspacelogo)) {
            @unlink($cfg_basedir . $oldspacelogo);
        }
        //上传新工图片
        $spacelogo = MemberUploads('spacelogo', '', $cfg_ml->M_ID, 'image', 'mylogo', 200, 50);
    } else {
        $spacelogo = $oldspacelogo;
    }
    $pagesize = intval($pagesize);
    $spacename = cn_substrR(HtmlReplace($spacename, 2), 50);
    $sign = cn_substrR(HtmlReplace($sign), 100);
    $spacenews = HtmlReplace($spacenews, -1);
    $query = "update `#@__member_space` set `pagesize` = '{$pagesize}',`spacename`='{$spacename}' , spacelogo='{$spacelogo}', `sign` = '{$sign}' ,`spacenews`='{$spacenews}' where mid='{$cfg_ml->M_ID}' ";
    $dsql->ExecuteNoneQuery($query);
    if ($cfg_ml->M_Spacesta >= 0) {
        $dsql->ExecuteNoneQuery("update `#@__member` set spacesta=1 where mid='{$cfg_ml->M_ID}' And spacesta < 1 ");
    }
    ShowMsg('成功更新空间信息！', 'edit_space_info.php');
    exit;
} else {
    $row = $dsql->GetOne("select * from `#@__member_space` where mid='" . $cfg_ml->M_ID . "'");
    if (!is_array($row)) {
        $inquery = "Insert Into `#@__member_space`(`mid` ,`pagesize` ,`matt` ,`spacename` ,`spacelogo` , `sign` ,`spacenews`)\r\n\t\t\t    Values('{$cfg_ml->M_ID}', '10', '0', '{$cfg_ml->M_UserName}的空间', '', '', ''); ";
        $row['spacename'] = '';
        $row['sign'] = '';
        $row['pagesize'] = 10;

コード例 #6

0

ファイルを表示

ファイル: group_store.php プロジェクト: iabing/mzzyc

 *  圈子分类设置
 *
 * @version        $Id: group_store.php 1 15:34 2011-1-21 tianya $
 * @package        DedeCMS.Administrator
 * @copyright      Copyright (c) 2007 - 2010, DesDev, Inc.
 * @license        http://help.dedecms.com/usersguide/license.html
 * @link           http://www.dedecms.com
 */
require_once dirname(__FILE__) . "/config.php";
CheckPurview('group_Store');
require_once DEDEINC . '/datalistcp.class.php';
setcookie("ENV_GOBACK_URL", $dedeNowurl, time() + 3600, "/");
$id = isset($id) && is_numeric($id) ? $id : 0;
$action = isset($action) ? trim($action) : '';
if ($action == "add") {
    $storename = cn_substrR(HtmlReplace($storename, 2), 20);
    $tops = preg_replace("#[^0-9]#", "", $tops);
    $orders = preg_replace("#[^0-9]#", "", $orders);
    if ($tops < 1) {
        $tops = 0;
    }
    if ($orders < 1) {
        $orders = 0;
    }
    if (empty($storename)) {
        $msg = "错误,分类名不能为空!";
    } else {
        $db->ExecuteNoneQuery("INSERT INTO #@__store_groups(storename,tops,orders) VALUES('" . $storename . "','" . $tops . "','" . $orders . "');");
        $msg = "成功添加分类";
    }
} else {

コード例 #7

0

ファイルを表示

ファイル: create.php プロジェクト: healthguo/PHP

if ($rs['c'] >= $cfg_group_max && $cfg_group_max > 0) {
    ShowMsg("超过创建圈子最大数{$cfg_group_max}个!.", "-1");
    exit;
}
$title = "创建圈子";
/*------------
function SaveGroupinfo();
--------------*/
if ($action == "save") {
    $groupname = cn_substrR($groupname, 16);
    if (strlen($groupname) < 2 || strlen($groupname) > 20) {
        ShowMsg("圈子名称过短!,在2-8个字内.", "-1");
        exit;
    }
    $storeid = preg_replace("#[^0-9]#", "", $store);
    $description = cn_substrR(HtmlReplace($des, -1), 100);
    //var_dump($description);exit;
    if (strlen($description) < 5 || strlen($description) > 200) {
        ShowMsg("圈子说明在5-100个字符范围内!.", "-1");
        exit;
    }
    $row = $db->GetOne("SELECT tops FROM #@__store_groups WHERE storeid='{$storeid}'");
    if ($row['tops'] > 0) {
        $rootstoreid = $row['tops'];
    } else {
        $rootstoreid = $storeid;
    }
    //处理上传的缩略图
    $litpic = MemberUploads('litpic', '', $cfg_ml->M_ID, 'image', '', 100, 70, FALSE);
    if ($litpic != '') {
        SaveUploadInfo($title, $litpic, 1);

コード例 #8

0

ファイルを表示

ファイル: archives_check_edit.php プロジェクト: klr2003/sourceread

}
//文档的默认状态
if ($cInfos['arcsta'] == 0) {
    $ismake = 0;
    $arcrank = 0;
} else {
    if ($cInfos['arcsta'] == 1) {
        $ismake = -1;
        $arcrank = 0;
    } else {
        $ismake = 0;
        $arcrank = -1;
    }
}
//对保存的内容进行处理
$title = cn_substrR(HtmlReplace($title, 1), $cfg_title_maxlen);
$writer = cn_substrR(HtmlReplace($writer, 1), 20);
if (empty($description)) {
    $description = '';
}
$description = cn_substrR(HtmlReplace($description, 1), 250);
$keywords = cn_substrR(HtmlReplace($tags, 1), 30);
$mid = $cfg_ml->M_ID;
$isadmin = $cfg_ml->fields['matt'] == 10 ? true : false;
//处理上传的缩略图
$litpic = MemberUploads('litpic', $oldlitpic, $mid, 'image', '', $cfg_ddimg_width, $cfg_ddimg_height, false, $isadmin);
if ($litpic != '') {
    SaveUploadInfo($title, $litpic, 1);
} else {
    $litpic = $oldlitpic;
}

コード例 #9

0

ファイルを表示

ファイル: guestbook.php プロジェクト: JaniseSheng/wwwroot

 }
 $ip = GetIP();
 $dtime = time();
 $uname = trimMsg($uname);
 $email = trimMsg($email);
 $homepage = trimMsg($homepage);
 $homepage = preg_replace("#http:\\/\\/#", '', $homepage);
 $qq = trimMsg($qq);
 $msg = trimMsg(cn_substrR($msg, 1024), 1);
 $tid = empty($tid) ? 0 : intval($tid);
 $reid = empty($reid) ? 0 : intval($reid);
 if ($msg == '' || $uname == '') {
     showMsg('你的姓名和留言内容不能为空!', '-1');
     exit;
 }
 $title = HtmlReplace(cn_substrR($title, 60), 1);
 if ($title == '') {
     $title = '无标题';
 }
 if ($reid != 0) {
     $row = $dsql->GetOne("SELECT msg FROM `#@__guestbook` WHERE id='{$reid}' ");
     $msg = "<div class=\\'rebox\\'>" . addslashes($row['msg']) . "</div>\n" . $msg;
 }
 $query = "INSERT INTO `#@__guestbook`(title,tid,mid,uname,email,homepage,qq,face,msg,ip,dtime,ischeck)\r\n                  VALUES ('{$title}','{$tid}','{$g_mid}','{$uname}','{$email}','{$homepage}','{$qq}','{$img}','{$msg}','{$ip}','{$dtime}','{$needCheck}'); ";
 $dsql->ExecuteNoneQuery($query);
 $gid = $dsql->GetLastID();
 if ($needCheck == 1) {
     require_once DEDEINC . "/oxwindow.class.php";
     $msg = "\r\n        <font color='red'><b>成功发送或回复留言！</b></font> &nbsp; <a href='guestbook.php' style='font-size:14px;font-weight:bold'><u>我已经知道了，点击此返回&gt;&gt;</u></a>";
     $wintitle = "留言发布成功提示";
     $wecome_info = "留言发布成功：";

コード例 #10

0

ファイルを表示

ファイル: carbuyaction.php プロジェクト: klr2003/sourceread

 $paytype = isset($paytype) && is_numeric($paytype) ? $paytype : 0;
 $pid = isset($pid) && is_numeric($pid) ? $pid : 0;
 if ($paytype < 1) {
     ShowMsg("请选择支付方式！", "-1");
     exit;
 }
 if ($pid < 1) {
     ShowMsg("请选择配送方式！", "-1");
     exit;
 }
 $address = cn_substrR(trim($address), 200);
 $des = cn_substrR($des, 100);
 $postname = cn_substrR(trim($postname), 15);
 $tel = ereg_replace("[^-0-9,\\/\\| ]", "", $tel);
 $zip = ereg_replace("[^0-9]", "", $zip);
 $email = cn_substrR($email, 255);
 if (empty($tel)) {
     ShowMsg("请填写正确的收货人联系电话！", "-1");
     exit;
 }
 if ($zip < 1 || $zip > 999999) {
     ShowMsg("请填写正确的收货人邮政编码！", "-1");
     exit;
 }
 //确认用户登录信息
 if ($cfg_ml->IsLogin()) {
     $userid = $cfg_ml->M_ID;
 } else {
     $username = trim($username);
     $password = trim($password);
     if (empty($username) || $password) {

コード例 #11

0

ファイルを表示

ファイル: edit.inc.php プロジェクト: 957651480/DedeCms

    if ($job == 'check' && $g_isadmin) {
        $dsql->ExecuteNoneQuery(" UPDATE `#@__guestbook` SET ischeck=1 WHERE id='{$id}' ");
        ShowMsg("成功审核一条留言！", $GUEST_BOOK_POS);
        exit;
    } else {
        if ($job == 'editok') {
            $remsg = trim($remsg);
            if ($remsg != '') {
                //管理员回复不过滤HTML
                if ($g_isadmin) {
                    $msg = "<div class=\\'rebox\\'>" . $msg . "</div>\n" . $remsg;
                    //$remsg <br><font color=red>管理员回复：</font>
                } else {
                    $row = $dsql->GetOne("SELECT msg From `#@__guestbook` WHERE id='{$id}' ");
                    $oldmsg = "<div class=\\'rebox\\'>" . addslashes($row['msg']) . "</div>\n";
                    $remsg = trimMsg(cn_substrR($remsg, 1024), 1);
                    $msg = $oldmsg . $remsg;
                }
            }
            $dsql->ExecuteNoneQuery("UPDATE `#@__guestbook` SET `msg`='{$msg}', `posttime`='" . time() . "' WHERE id='{$id}' ");
            ShowMsg("成功更改或回复一条留言！", $GUEST_BOOK_POS);
            exit;
        }
    }
}
if ($g_isadmin) {
    $row = $dsql->GetOne("SELECT * FROM `#@__guestbook` WHERE id='{$id}'");
    require_once DEDETEMPLATE . '/plus/guestbook-admin.htm';
} else {
    $row = $dsql->GetOne("SELECT id,title FROM `#@__guestbook` WHERE id='{$id}'");
    require_once DEDETEMPLATE . '/plus/guestbook-user.htm';

コード例 #12

0

ファイルを表示

ファイル: member_pmall.php プロジェクト: klr2003/sourceread

<?php

require_once dirname(__FILE__) . "/config.php";
CheckPurview('member_Pm');
if (!isset($action)) {
    $action = '';
}
if ($action == "post") {
    $floginid = 'admin';
    $fromid = 0;
    $toid = 0;
    $tologinid = 0;
    $sendtime = time();
    $writetime = time();
    $subject = cn_substrR(HtmlReplace($subject), 70);
    $message = cn_substrR(HtmlReplace($message), 1000);
    if (!isset($subject) || empty($subject)) {
        ShowMsg('短信标题不能为空!', '-1');
        exit;
    } else {
        if (!isset($message) || empty($message)) {
            ShowMsg('请填写短信内容!', '-1');
            exit;
        }
    }
    #api{{
    if (defined('UC_API') && @(include_once DEDEROOT . '/uc_client/client.php')) {
        uc_pm_send(0, '', $subject, $message);
        ShowMsg('短信已成功发送', '-1');
        exit;
    }

コード例 #13

0

ファイルを表示

ファイル: mygroup_notice.php プロジェクト: klr2003/sourceread

    if (empty($subject)) {
        $msg = "请填写公告标题！";
    } else {
        if (empty($notice) || CountStrLen($notice > 100)) {
            $msg = "请填写规定长度的公告内容！";
        } else {
            $SetQuery = "UPDATE #@__group_notice SET title='{$subject}',notice='{$notice}',stime='" . time() . "',ip='{$userip}' WHERE id='{$nid}';";
            $db->ExecuteNoneQuery($SetQuery);
            $msg = "已经更改公告!";
        }
    }
    ShowMsg($msg, '');
} else {
    if ($action == "add") {
        $notice = eregi_replace("<(iframe|script)", "", $notice);
        $subject = cn_substrR(HtmlReplace($subject, 2), 80);
        $userip = GetIP();
        if (empty($subject)) {
            $msg = "请填写公告标题！";
        } else {
            if (empty($notice) || CountStrLen($notice > 100)) {
                $msg = "请填写规定长度的公告内容！";
            } else {
                $SetQuery = "INSERT INTO #@__group_notice(uname,userid,title,notice,stime,gid,ip) VALUES('" . $cfg_ml->M_UserName . "','" . $cfg_ml->M_ID . "','" . $subject . "','" . $notice . "','" . time() . "','{$id}','" . $userip . "');";
                $db->ExecuteNoneQuery($SetQuery);
                $msg = "已经更改公告!";
            }
        }
        ShowMsg($msg, '');
    }
}

コード例 #14

0

ファイルを表示

ファイル: archives_sg_edit.php プロジェクト: klr2003/sourceread

 if ($cInfos['issend'] != 1 || $cInfos['ispart'] != 0 || $cInfos['channeltype'] != $channelid || $cInfos['cissend'] != 1) {
     ShowMsg("你所选择的栏目不支持投稿！", "-1");
     exit;
 }
 //文档的默认状态
 if ($cInfos['arcsta'] == 0) {
     $arcrank = 0;
 } else {
     if ($cInfos['arcsta'] == 1) {
         $arcrank = 0;
     } else {
         $arcrank = -1;
     }
 }
 //对保存的内容进行处理
 $title = cn_substrR(HtmlReplace($title, 1), $cfg_title_maxlen);
 $mid = $cfg_ml->M_ID;
 //处理上传的缩略图
 $litpic = MemberUploads('litpic', $oldlitpic, $mid, 'image', '', $cfg_ddimg_width, $cfg_ddimg_height, false);
 if ($litpic != '') {
     SaveUploadInfo($title, $litpic, 1);
 } else {
     $litpic = $oldlitpic;
 }
 //分析处理附加表数据
 $inadd_f = '';
 if (!empty($dede_addonfields)) {
     $addonfields = explode(';', $dede_addonfields);
     if (is_array($addonfields)) {
         foreach ($addonfields as $v) {
             if ($v == '') {

コード例 #15

0

ファイルを表示

ファイル: mygroup_manage.php プロジェクト: klr2003/sourceread

$groupuid = $row['uid'];
$groupisindex = $row['isindex'];
$groupsmalltype = $row['smalltype'];
if ($cfg_ml->M_ID != $groupuid) {
    ShowMsg("该圈子不在你的管辖范围内!", "-1");
    exit;
}
//编译小分类成数组
$smalltypes = @explode(",", $row['smalltype']);
if (!isset($action)) {
    $action = '';
}
if ($action == "save") {
    $groupname = cn_substrR($groupname, 75);
    $storeid = ereg_replace("[^0-9]", "", $store);
    $description = cn_substrR($des, 100);
    $row = $db->GetOne("SELECT tops FROM #@__store_groups WHERE storeid='{$storeid}'");
    if ($row['tops'] > 0) {
        $rootstoreid = $row['tops'];
    } else {
        $rootstoreid = $storeid;
    }
    //处理上传的缩略图
    $litpic = MemberUploads('litpic', '', $cfg_ml->M_ID, 'image', '', 100, 70, false);
    if ($litpic != '') {
        SaveUploadInfo($groupname, $litpic, 1);
    }
    $inQuery = "UPDATE #@__groups SET groupname='" . $groupname . "',des='" . $description . "',groupimg='" . $litpic . "',rootstoreid='{$rootstoreid}',storeid='{$storeid}' WHERE groupid='{$id}' AND uid='" . $cfg_ml->M_ID . "';";
    $db->SetQuery($inQuery);
    if (!$db->ExecuteNoneQuery()) {
        echo $db->GetError();

コード例 #16

0

ファイルを表示

ファイル: Lurd.class.php プロジェクト: iabing/mzzyc

 function GetData($fname)
 {
     $reValue = '';
     $ftype = $this->fields[$fname]['type'];
     $GLOBALS[$fname] = isset($GLOBALS[$fname]) ? $GLOBALS[$fname] : @$GLOBALS['request']->forms[$fname];
     //二进制单独处理
     if (in_array($ftype, $this->binTypes)) {
         return $this->GetBinData($fname);
     } else {
         if (!isset($GLOBALS[$fname])) {
             if (isset($this->fields[$fname]['default'])) {
                 return $this->fields[$fname]['default'];
             } else {
                 if (in_array($ftype, $this->intTypes) || in_array($ftype, $this->floatTypes)) {
                     return 0;
                 } else {
                     if (in_array($ftype, $this->charTypes) || in_array($ftype, $this->textTypes)) {
                         return '';
                     } else {
                         return 'NULL';
                     }
                 }
             }
         } else {
             if (preg_match("#YEAR|INT#", $ftype)) {
                 // $temp = isset($GLOBALS[$fname][0])? $GLOBALS[$fname][0] : 0;
                 $negTag = is_int($GLOBALS[$fname]) && $GLOBALS[$fname] < 0 ? '-' : $GLOBALS[$fname];
                 $reValue = preg_replace("#[^0-9]#", '', $GLOBALS[$fname]);
                 $reValue = empty($reValue) ? 0 : intval($reValue);
                 if ($negTag == '-' && !$this->fields[$fname]['unsigned'] && $reValue != 0 && $ftype != 'YEAR') {
                     $reValue = intval('-' . $reValue);
                 }
             } else {
                 if (in_array($ftype, $this->floatTypes)) {
                     $negTag = $GLOBALS[$fname][0];
                     $reValue = preg_replace("#[^0-9\\.]|^\\.#", '', $GLOBALS[$fname]);
                     $reValue = empty($reValue) ? 0 : doubleval($reValue);
                     if ($negTag == '-' && !$this->fields[$fname]['unsigned'] && $reValue != 0) {
                         $reValue = intval('-' . $reValue);
                     }
                 } else {
                     if (in_array($ftype, $this->charTypes)) {
                         $reValue = cn_substrR($this->StringSafe($GLOBALS[$fname]), $this->fields[$fname]['length']);
                     } else {
                         if (in_array($ftype, $this->textTypes)) {
                             $reValue = $this->StringSafe($GLOBALS[$fname]);
                         } else {
                             if ($ftype == 'SET') {
                                 $sysSetArr = explode(',', $this->fields[$fname]['em']);
                                 if (!is_array($GLOBALS[$fname])) {
                                     $setArr[] = $GLOBALS[$fname];
                                 } else {
                                     $setArr = $GLOBALS[$fname];
                                 }
                                 $reValues = array();
                                 foreach ($setArr as $a) {
                                     if (in_array($a, $sysSetArr)) {
                                         $reValues[] = $a;
                                     }
                                 }
                                 $reValue = count($reValues) == 0 ? 'NULL' : join(',', $reValues);
                             } else {
                                 if ($ftype == 'ENUM') {
                                     $sysEnumArr = explode(',', $this->fields[$fname]['em']);
                                     if (in_array($GLOBALS[$fname], $sysEnumArr)) {
                                         $reValue = $GLOBALS[$fname];
                                     } else {
                                         $reValue = 'NULL';
                                     }
                                 } else {
                                     if (in_array($ftype, $this->dateTypes)) {
                                         if ($ftype == 'TIMESTAMP') {
                                             $reValue = GetMkTime($GLOBALS[$fname]);
                                         } else {
                                             $reValue = preg_replace("#[^0-9 :-]#", '', $GLOBALS[$fname]);
                                         }
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
     return $reValue;
 }

コード例 #17

0

ファイルを表示

ファイル: story_feedback_edit.php プロジェクト: playfay/FlowDedeCmsBackstageTemplets

<?php

require_once dirname(__FILE__) . "/config.php";
CheckPurview('sys_Feedback');
$id = isset($id) && is_numeric($id) ? $id : 0;
$ENV_GOBACK_URL = empty($_COOKIE['ENV_GOBACK_URL']) ? "story_feedback_main.php" : $_COOKIE['ENV_GOBACK_URL'];
if (empty($dopost)) {
    $dopost = "";
}
if ($dopost == 'edit') {
    $msg = cn_substrR($msg, 2500);
    $adminmsg = trim($adminmsg);
    if ($adminmsg != "") {
        $adminmsg = cn_substrR($adminmsg, 1500);
        $adminmsg = str_replace("<", "&lt;", $adminmsg);
        $adminmsg = str_replace(">", "&gt;", $adminmsg);
        $adminmsg = str_replace("  ", "&nbsp;&nbsp;", $adminmsg);
        $adminmsg = str_replace("\r\n", "<br/>\n", $adminmsg);
        $msg = $msg . "<br/>\n" . "<font color=red>管理员回复： {$adminmsg}</font>\n";
    }
    $query = "UPDATE `#@__bookfeedback` SET username='******',msg='{$msg}',ischeck=1 WHERE id={$id}";
    $dsql->ExecuteNoneQuery($query);
    ShowMsg("成功回复一则留言！", $ENV_GOBACK_URL);
    exit;
}
$query = "SELECT * FROM `#@__bookfeedback` WHERE id={$id}";
$row = $dsql->GetOne($query);
include DedeInclude('templets/story_feedback_edit.htm');

コード例 #18

0

ファイルを表示

ファイル: index_do.php プロジェクト: hensonvip/ymroad

             ShowMsg("成功退出登录！", "index.php", 0, 2000);
             exit;
         }
     }
 } else {
     if ($fmdo == 'moodmsg') {
         //用户登录
         if ($dopost == "sendmsg") {
             if (!empty($content)) {
                 $ip = GetIP();
                 $dtime = time();
                 $ischeck = $cfg_mb_msgischeck == 'Y' ? 0 : 1;
                 if ($cfg_soft_lang == 'gb2312') {
                     $content = utf82gb(nl2br($content));
                 }
                 $content = cn_substrR(HtmlReplace($content, 1), 360);
                 //对表情进行解析
                 $content = addslashes(preg_replace("/\\[face:(\\d{1,2})\\]/is", "<img src='" . $cfg_memberurl . "/templets/images/smiley/\\1.gif' style='cursor: pointer; position: relative;'>", $content));
                 $content = RemoveXSS($content);
                 $inquery = "INSERT INTO `#@__member_msg`(`mid`,`userid`,`ip`,`ischeck`,`dtime`, `msg`)\n                   VALUES ('{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','{$ip}','{$ischeck}','{$dtime}', '{$content}'); ";
                 $rs = $dsql->ExecuteNoneQuery($inquery);
                 if (!$rs) {
                     $output['type'] = 'error';
                     $output['data'] = '更新失败,请重试.';
                     exit;
                 }
                 $output['type'] = 'success';
                 if ($cfg_soft_lang == 'gb2312') {
                     $content = utf82gb(nl2br($content));
                 }
                 $output['data'] = stripslashes($content);

コード例 #19

0

ファイルを表示

ファイル: memberlogin.class.php プロジェクト: hensonvip/ymroad

 /**
  *  记录会员操作日志
  *
  * @access    public
  * @param     string  $type 记录类型
  * @param     string  $title 记录标题
  * @param     string  $note记录描述
  * @param     string  $aid涉及到的内容的id
  * @return    string
  */
 function RecordFeeds($type, $title, $note, $aid)
 {
     global $dsql, $cfg_mb_feedcheck;
     //确定是否需要记录
     if (in_array($type, array('add', 'addsoft', 'feedback', 'addfriends', 'stow'))) {
         $ntime = time();
         $title = htmlspecialchars(cn_substrR($title, 255));
         if (in_array($type, array('add', 'addsoft', 'feedback', 'stow'))) {
             $rcdtype = array('add' => ' 成功发布了', 'addsoft' => ' 成功发布了软件', 'feedback' => ' 评论了文章', 'stow' => ' 收藏了');
             //内容发布处理
             $arcrul = " <a href='/plus/view.php?aid=" . $aid . "'>" . $title . "</a>";
             $title = htmlspecialchars($rcdtype[$type] . $arcrul, ENT_QUOTES);
         } else {
             if ($type == 'addfriends') {
                 //添加好友处理
                 $arcrul = " <a href='/member/index.php?uid=" . $aid . "'>" . $aid . "</a>";
                 $title = htmlspecialchars(' 与' . $arcrul . "成为好友", ENT_QUOTES);
             }
         }
         $note = Html2Text($note);
         $aid = isset($aid) && is_numeric($aid) ? $aid : 0;
         $ischeck = $cfg_mb_feedcheck == 'Y' ? 0 : 1;
         $query = "INSERT INTO `#@__member_feed` (`mid`, `userid`, `uname`, `type`, `aid`, `dtime`,`title`, `note`, `ischeck`) \n                        Values('{$this->M_ID}', '{$this->M_LoginID}', '{$this->M_UserName}', '{$type}', '{$aid}', '{$ntime}', '{$title}', '{$note}', '{$ischeck}'); ";
         $rs = $dsql->ExecuteNoneQuery($query);
         return $rs;
     } else {
         return FALSE;
     }
 }

コード例 #20

0

ファイルを表示

ファイル: feedback_ajax.php プロジェクト: klr2003/sourceread

 $ip = GetIP();
 $dtime = time();
 if (!empty($cfg_feedback_time)) {
     //检查最后发表评论时间，如果未登陆判断当前IP最后评论时间
     $where = $cfg_ml->M_ID > 0 ? "WHERE `mid` = '{$cfg_ml->M_ID}' " : "WHERE `ip` = '{$ip}' ";
     $row = $dsql->GetOne("SELECT dtime FROM `#@__feedback` {$where} ORDER BY `id` DESC ");
     if (is_array($row) && $dtime - $row['dtime'] < $cfg_feedback_time) {
         ResetVdValue();
         echo '<font color="red">管理员设置了评论间隔时间，请稍等休息一下！</font>';
         exit;
     }
 }
 $face = intval($face);
 extract($arcRow, EXTR_SKIP);
 $msg = cn_substrR(TrimMsg($msg), 500);
 $username = cn_substrR(HtmlReplace($username, 2), 20);
 if (empty($feedbacktype) || $feedbacktype != 'good' && $feedbacktype != 'bad') {
     $feedbacktype = 'feedback';
 }
 //保存评论内容
 if (!empty($fid)) {
     $row = $dsql->GetOne("Select username,msg from `#@__feedback` where id ='{$fid}' ");
     $qmsg = '{quote}{title}' . $row['username'] . ' 的原帖：{/title}{content}' . $row['msg'] . '{/content}{/quote}';
     $msg = addslashes($qmsg) . $msg;
 }
 $ischeck = $cfg_feedbackcheck == 'Y' ? 0 : 1;
 $arctitle = addslashes($title);
 $inquery = "INSERT INTO `#@__feedback`(`aid`,`typeid`,`username`,`arctitle`,`ip`,`ischeck`,`dtime`, `mid`,`bad`,`good`,`ftype`,`face`,`msg`)\r\n\t               VALUES ('{$aid}','{$typeid}','{$username}','{$arctitle}','{$ip}','{$ischeck}','{$dtime}', '{$cfg_ml->M_ID}','0','0','{$feedbacktype}','{$face}','{$msg}'); ";
 $rs = $dsql->ExecuteNoneQuery($inquery);
 if (!$rs) {
     echo "<font color='red'>发表评论出错了！</font>";

コード例 #21

0

ファイルを表示

ファイル: mail_title.php プロジェクト: playfay/FlowDedeCmsBackstageTemplets

    if (!preg_match('/[0-9]/', $period)) {
        ShowMsg("期刊号只能为数字!", "-1");
        exit;
    }
    if ($title == '') {
        ShowMsg("请填写信息标题!", "-1");
        exit;
    }
    if ($message == '') {
        ShowMsg("请填写内容!", "-1");
        exit;
    }
    $message = stripslashes($message);
    $pattern = "/\\" . $cfg_medias_dir . "/";
    $message = preg_replace($pattern, $cfg_basehost . $cfg_medias_dir, $message);
    $title = cn_substrR(HtmlReplace($title, 1), 60);
    $writer = $cuserLogin->getUserName();
    $mid = $cuserLogin->getUserID();
    $query = "UPDATE #@__mail_title SET period='{$period}',typeid='{$typeid}',title='{$title}',content='{$message}',writer='{$writer}',mid='{$mid}' WHERE id={$id}";
    if (!$dsql->ExecuteNoneQuery($query)) {
        ShowMsg("更新数据库#@__mail_title表时出错，请检查！", "javascript:;");
        exit;
    } else {
        ShowMsg("编辑期刊成功！", "mail_title.php");
        exit;
    }
} elseif ($dopost == "delete") {
    $dsql->ExecuteNoneQuery("Delete From `#@__mail_title` where id='{$id}'");
    ShowMsg("删除期刊成功！", "mail_title.php");
    exit;
} else {

コード例 #22

0

ファイルを表示

ファイル: sys_info.php プロジェクト: klr2003/sourceread

            if ($row['value'] == '') {
                $row['value'] = 0;
            }
            fwrite($fp, "\${$row['varname']} = " . $row['value'] . ";\r\n");
        } else {
            fwrite($fp, "\${$row['varname']} = '" . str_replace("'", '', $row['value']) . "';\r\n");
        }
    }
    fwrite($fp, "?" . ">");
    fclose($fp);
}
//保存配置的改动
if ($dopost == "save") {
    foreach ($_POST as $k => $v) {
        if (ereg("^edit___", $k)) {
            $v = cn_substrR(${$k}, 1024);
        } else {
            continue;
        }
        $k = ereg_replace("^edit___", "", $k);
        $dsql->ExecuteNoneQuery("Update `#@__sysconfig` set `value`='{$v}' where varname='{$k}' ");
    }
    ReWriteConfig();
    ShowMsg("成功更改站点配置！", "sys_info.php");
    exit;
} else {
    if ($dopost == 'add') {
        if ($vartype == 'bool' && ($nvarvalue != 'Y' && $nvarvalue != 'N')) {
            ShowMsg("布尔变量值必须为'Y'或'N'!", "-1");
            exit;
        }

コード例 #23

0

ファイルを表示

ファイル: mygroup_cate.php プロジェクト: healthguo/PHP

            $msg = "错误,分类:{$categories},已存在!";
        }
    }
} else {
    if ($action == 'edit') {
        if (isset($orders)) {
            $orders = preg_replace("#[^0-9]#", "", $orders);
        } else {
            $orders = 0;
        }
        if (isset($categoriesid)) {
            $categoriesid = preg_replace("#[^0-9]#", "", $categoriesid);
        } else {
            $categoriesid = 0;
        }
        $categories = cn_substrR(HtmlReplace($categories, 2), 15);
        if ($userit == 'false' && in_array($categoriesid, $smalltype)) {
            //移出数组
            $k = array_search($categoriesid, $smalltype);
            unset($smalltype[$k]);
        } else {
            if ($userit == 'true' && !in_array($categoriesid, $smalltype)) {
                @array_push($smalltype, $categoriesid);
            }
        }
        $smalltype = @array_filter($smalltype);
        $smalltypetxt = @implode(",", $smalltype);
        $db->ExecuteNoneQuery("UPDATE #@__groups SET smalltype='{$smalltypetxt}' WHERE groupid=" . $id);
        $db->ExecuteNoneQuery("UPDATE #@__group_smalltypes SET `name`='{$categories}',disorder='{$orders}' WHERE id=" . $categoriesid);
        $msg = "成功修改类别:{$categories}!";
    } else {

コード例 #24

0

ファイルを表示

ファイル: space_action.php プロジェクト: wshudong/hbypsy

         ResetVdValue();
         ShowMsg('验证码错误！', '-1');
         exit;
     }
     $uidnum = intval($uidnum);
     if (empty($uidnum)) {
         ShowMsg('参数错误！', '-1');
         exit;
     }
     if (strlen($msg) < 6) {
         ShowMsg('你的留言内容太短！', '-1');
         exit;
     }
     $uname = HtmlReplace($uname, 1);
     $msg = cn_substrR(HtmlReplace($msg), 2048);
     $title = cn_substrR(HtmlReplace($title), 255);
     if ($cfg_ml->M_UserName != '' && $cfg_ml->M_ID != $uidnum) {
         $gid = $cfg_ml->M_UserName;
     } else {
         $gid = '';
     }
     $inquery = "INSERT INTO `#@__member_guestbook`(mid,gid,title,msg,uname,ip,dtime)\n   VALUES ('{$uidnum}','{$gid}','{$title}','{$msg}','{$uname}','" . GetIP() . "'," . time() . "); ";
     $dsql->ExecuteNoneQuery($inquery);
     ShowMsg('成功提交你的留言！', "index.php?uid={$uid}&action=guestbook");
     exit;
 } else {
     if ($action == 'guestbookdel') {
         CheckRank(0, 0);
         if ($cfg_ml->M_LoginID != $uid) {
             ShowMsg('这条留言不是给你的，你不能删除！', -1);
             exit;

コード例 #25

0

ファイルを表示

ファイル: archives_sg_add.php プロジェクト: hensonvip/ymroad

     CheckCatalog($typeid, "对不起，你没有操作栏目 {$typeid} 的权限！");
 }
 //对保存的内容进行处理
 if (empty($writer)) {
     $writer = $cuserLogin->getUserName();
 }
 if (empty($source)) {
     $source = '未知';
 }
 if (empty($flags)) {
     $flag = '';
 } else {
     $flag = join(',', $flags);
 }
 $senddate = time();
 $title = cn_substrR($title, $cfg_title_maxlen);
 $isremote = empty($isremote) ? 0 : $isremote;
 $serviterm = empty($serviterm) ? "" : $serviterm;
 if (!TestPurview('a_Check,a_AccCheck,a_MyCheck')) {
     $arcrank = -1;
 }
 $adminid = $cuserLogin->getUserID();
 $userip = GetIP();
 if (empty($ddisremote)) {
     $ddisremote = 0;
 }
 $litpic = GetDDImage('none', $picname, $ddisremote);
 //生成文档ID
 $arcID = GetIndexKey($arcrank, $typeid, $senddate, $channelid, $senddate, $adminid);
 if (empty($arcID)) {
     ShowMsg("无法获得主键，因此无法进行后续操作！", "-1");

コード例 #26

0

ファイルを表示

ファイル: article_edit.php プロジェクト: suibber/jb

         CheckArcAdmin($id, $cuserLogin->getUserID());
     }
 }
 //对保存的内容进行处理
 $pubdate = GetMkTime($pubdate);
 $sortrank = AddDay($pubdate, $sortup);
 $ismake = $ishtml == 0 ? -1 : 0;
 $autokey = 1;
 //$title = htmlspecialchars(cn_substrR($title,$cfg_title_maxlen,ENT_COMPAT ,"GB2312"));
 $shorttitle = cn_substrR($shorttitle, 36);
 $color = cn_substrR($color, 7);
 $writer = cn_substrR($writer, 20);
 $source = cn_substrR($source, 30);
 $description = cn_substrR($description, 250);
 $keywords = trim(cn_substrR($keywords, 60));
 $filename = trim(cn_substrR($filename, 40));
 $isremote = empty($isremote) ? 0 : $isremote;
 $serviterm = empty($serviterm) ? "" : $serviterm;
 if (!TestPurview('a_Check,a_AccCheck,a_MyCheck')) {
     $arcrank = -1;
 }
 $adminid = $cuserLogin->getUserID();
 //处理上传的缩略图
 if (empty($ddisremote)) {
     $ddisremote = 0;
 }
 $litpic = GetDDImage('none', $picname, $ddisremote);
 //分析body里的内容
 $body = AnalyseHtmlBody($body, $description, $litpic, $keywords, 'htmltext');
 //分析处理附加表数据
 $inadd_f = '';

コード例 #27

0

ファイルを表示

ファイル: reply.php プロジェクト: klr2003/sourceread

    }
    ShowMsg("成功添加回复话题！", "viewthread.php?id={$id}&tid={$tid}");
    exit;
} else {
    if ($action == "edit" && ($ismaster || $cfg_ml->M_ID == $uid)) {
        $svali = GetCkVdValue();
        if (strtolower($vdcode) != $svali || $svali == "") {
            ShowMsg("认证码错误！", "-1");
            exit;
        }
        $subject = cn_substrR(trim(HtmlReplace($subject, 2)), 80);
        if (CountStrLen($subject) > 80) {
            ShowMsg("主题字数应该在3-80个汉字！", "-1");
            exit;
        }
        $threads = cn_substrR(eregi_replace("<(iframe|script)", "", $threads), 2000);
        if (CountStrLen($threads) < 3 || CountStrLen($threads) > $cfg_group_words) {
            ShowMsg("主题内容字数应该在3-{$cfg_group_words}个汉字！", "-1");
            exit;
        }
        if (empty($threads)) {
            $threads = $message;
        }
        if (ereg("{$cfg_notallowstr}", $subject) || ereg("{$cfg_notallowstr}", $threads)) {
            ShowMsg("含有非法字符!.", "-1");
            exit;
        }
        if ($first) {
            $types = ereg_replace("[^0-9]", "", $types);
            if ($types < 1) {
                $types = 0;

コード例 #28

0

ファイルを表示

ファイル: shops_delivery.php プロジェクト: iabing/mzzyc

                    continue;
                }
                $dname = ${"m_dname" . $id};
                $price = ${"m_price" . $id};
                $des = ${"m_des" . $id};
                if (empty($dname) || strlen($dname) > 100) {
                    $dname = addslashes($row['dname']);
                }
                $price = preg_replace("#[^.0-9]#", "", $price);
                if (empty($price)) {
                    $price = $row['price'];
                }
                if (empty($des)) {
                    $des = addslashes($row['des']);
                } else {
                    $des = cn_substrR($des, 255);
                }
                $dsql->ExecuteNoneQuery("UPDATE #@__shops_delivery SET dname='{$dname}',price='{$price}',des='{$des}' WHERE pid='{$id}'");
            }
            ShowMsg("成功修改配送方式!", "shops_delivery.php");
            exit;
        }
    }
}
$deliveryarr = array();
$dsql->SetQuery("SELECT pid,dname,price,des FROM #@__shops_delivery ORDER BY orders ASC");
$dsql->Execute();
while ($row = $dsql->GetArray()) {
    $deliveryarr[] = $row;
}
$dlist = new DataListCP();

コード例 #29

0

ファイルを表示

ファイル: edit_fullinfo.php プロジェクト: klr2003/sourceread

         $comface = $oldcomface;
     }
     if (empty($city)) {
         $place = $province;
     } else {
         $place = $city;
     }
     $tel = GetAlabNum($tel);
     $fax = GetAlabNum($fax);
     $mobile = GetAlabNum($mobile);
     $email = cn_substrR(eregi_replace("[^0-9a-z\\.@-]", '', $email), 50);
     $url = cn_substrR(eregi_replace("[^0-9a-z\\.:/-]", '', $url), 50);
     $product = cn_substrR(HtmlReplace($product, 1), 20);
     $linkman = cn_substrR(HtmlReplace($linkman, 1), 20);
     $company = cn_substrR(HtmlReplace($company, 1), 36);
     $address = cn_substrR(HtmlReplace($address, 1), 50);
     $introduce = HtmlReplace($introduce, -1);
     $uptime = time();
     $dsql->ExecuteNoneQuery("Delete From `#@__member_company` where mid='{$cfg_ml->M_ID}' ");
     $inquery = "INSERT INTO `#@__member_company` (`mid` , `company` , `product` , `place` , `vocation` , `cosize` , `tel` , `fax` , `linkman` , `address`,`uptime` ,`mobile`,`email`,`url`, `introduce` ,`comface`)\r\n                VALUES ('{$cfg_ml->M_ID}','{$company}','{$product}','{$place}','{$vocation}','{$cosize}','{$tel}','{$fax}','{$linkman}','{$address}','{$uptime}','{$mobile}','{$email}','{$url}','{$introduce}', '{$comface}'); ";
     $rs = $dsql->ExecuteNoneQuery($inquery);
     if (!$rs) {
         ShowMsg("保存信息时发生错误，请联系管理员！" . $dsql->GetError(), 'javascript:;');
         exit;
     }
     if ($cfg_ml->M_Spacesta >= 0) {
         $dsql->ExecuteNoneQuery("update `#@__member` set spacesta=2 where mid='{$cfg_ml->M_ID}' And spacesta < 2 ");
     }
     ShowMsg("成功修改你的企业资料！", 'edit_fullinfo.php');
 } else {
     ShowMsg('系统没提供 ' . $cfg_ml->M_MbType . ' 用户的详细信息数据接口！', '-1');

PHP cn_substrRの例