/**
*
* 用户登录提交
*
*/
function loginPost()
{
if (isset($_POST['t_username']) && isset($_POST['t_password'])) {
/**
* $this->specifyChar 类中自带的字符过滤
*/
$t_username = $this->specifyChar($_POST['t_username']);
$t_password = md5($this->specifyChar($_POST['t_password']));
$sql = "select *,count(*) as num from " . $this->table_name('administrator_had') . " where h_name='" . $t_username . "' and h_password='******' ";
$sod = getFetchAll($sql, $this->conn);
/*pr($sql);die;*/
if ($sod[0]['num'] == '1' && ($sod[0]['power'] == 0 || $sod[0]['power'] == 2)) {
$this->writeSession($sod[0]['h_name'], "userName");
$this->writeSession($sod[0]['h_id'], "h_id");
if ($_POST['get_c'] == 'on') {
$this->writeCookie($sod[0]['h_name'], "userName");
$this->writeCookie($sod[0]['h_id'], "h_id");
}
$this->writeCookie('zh_tw', "b_lang");
$this->writeSession('zh_tw', "b_lang");
/*pr($_POST);
pr($_COOKIE);
pr($_SESSION);die;*/
echo "<script>parent.location.href='index.php?a=admin&m=index';</script>";
exit;
} else {
js_alert_redir('密码错误,请重新再试', 'index.php?a=login&m=login');
exit;
}
} else {
js_alert_redir('不能为空,请重新再试', 'index.php?a=login&m=login');
exit;
}
}
function index()
{
$this->isset_cookie();
$sql = "select * from " . $this->table_name('config') . " ";
$config = getFetchAll($sql, $this->conn);
// pr($config);die;
$tmpPath = $this->sysVar['template'] . 'admin/show_config_detail.php';
include $tmpPath;
}
function edit_category()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = addslashes($_GET['id']);
$sql = "update " . $this->table_name('category') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where cat_id='{$id}'";
$a = mysql_query($sql, $this->conn);
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/category_doc/";
$doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path);
if (!empty($_POST['edit_doc'])) {
foreach ($_POST['edit_doc'] as $k => $v) {
$sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$img_b = getFetchAll($sql, $this->conn);
if (!empty($img_b)) {
if ($v == 1) {
$img_sql = " , original_src='" . $doc_src[$k] . "' ";
@unlink('.' . $img_b[0]['original_src']);
} else {
$img_sql = "";
}
// order_by='".$_POST['order_by'][$k]."',
$sql = "update " . $this->table_name('img') . " set original_link='" . $_POST['original_link'][$k] . "',is_show='" . $_POST['is_showi'][$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' " . $img_sql . " where img_id='" . $_POST['img_id'][$k] . "' ";
} else {
if ($v == 1) {
$img_sql = ",original_link";
$img_sql1 = ",'" . $doc_src[$k] . "'";
} else {
$img_sql = "";
$img_sql1 = "";
}
$sql = "insert into " . $this->table_name('img') . "(type_id,type,original_link" . $img_sql . ",is_show,add_by ,add_time,edit_by) values('" . $id . "','C','" . $_POST['original_link'][$k] . "'" . $img_sql1 . ",'" . $_POST['is_showi'][$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')";
}
$c = mysql_query($sql, $this->conn);
}
}
if ($a) {
if (!empty($_POST['detail'])) {
foreach ($_POST['detail'] as $k => $v) {
$art_detail = addslashes(implode('":;"', $v));
$sql = "update " . $this->table_name('category_i8n') . " set cat_detail='" . $art_detail . "' where cat_i8n_id='" . $_POST['iid'][$k] . "'";
$b = mysql_query($sql, $this->conn);
}
}
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function show_img_detailed()
{
isset_cookie();
if (isset($_GET['id'])) {
require_once 'lib/fckeditor/fckeditor.php';
$id = $_GET['id'];
$sql = "SELECT * FROM aich_img where i_id='{$id}'";
$product = getFetchAll($sql, $this->conn);
$tmpPath = $this->sysVar['template'] . 'admin/show_img_detailed.php';
include $tmpPath;
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function category()
{
$base = $this->base();
$id = addslashes($_GET['id']);
$sql = "select c.*,i.cat_name from " . $this->table_name("category") . " as c " . " left join " . $this->table_name("category_i8n") . " as i on i.cat_id=c.cat_id " . " where c.cat_id in (" . $id . ") ";
$cat = getFetchRow($sql, $this->conn);
$title = $cat['cat_name'];
$sql = "select * from " . $this->table_name("img") . " where type_id='" . $id . "' and point='1' and type='C' and is_show='1' ";
$bg = getFetchAll($sql, $this->conn);
$sql = "select g.*,i.goods_name,img.original_src from " . $this->table_name("goods") . " as g " . " left join " . $this->table_name("goods_i8n") . " as i on i.goods_id=g.goods_id " . " left join " . $this->table_name("img") . " as img on img.type_id=g.goods_id " . " where g.cat_id in (" . $id . ") and g.is_show='1' and img.type='P' and img.point='0' order by order_by desc ";
$goods = getFetchAll($sql, $this->conn);
$tmpPath = $this->sysVar['template'] . 'html/category.xxx';
include $tmpPath;
}
function edit_news()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = $_GET['id'];
$d = date("Y-m-d H:i:s");
$sql = "update " . $this->table_name('article') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where art_id='{$id}'";
$a = mysql_query($sql, $this->conn);
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/news_doc/";
$doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path);
if (!empty($_POST['edit_doc'])) {
foreach ($_POST['edit_doc'] as $k => $v) {
if ($v == 1) {
$sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' ";
$img_b = getFetchAll($sql, $this->conn);
if (!empty($img_b)) {
@unlink('.' . $img_b[0]['original_src']);
$sql = "update " . $this->table_name('img') . " set original_src='" . $doc_src[$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where img_id='" . $_POST['img_id'][$k] . "' ";
$c = mysql_query($sql, $this->conn);
} else {
$p = explode('-', $k);
$sql = "insert into " . $this->table_name('img') . "(type_id,type,original_src,add_by ,add_time,edit_by,i8n) values('" . $id . "','A','" . $doc_src[$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $p[1] . "')";
$c = mysql_query($sql, $this->conn);
}
}
}
}
if ($a) {
if (!empty($_POST['detail'])) {
foreach ($_POST['detail'] as $k => $v) {
$art_detail = addslashes(implode('":;"', $v));
$sql = "update " . $this->table_name('article_i8n') . " set art_detail='" . $art_detail . "' where art_i8n_id='" . $_POST['iid'][$k] . "'";
$b = mysql_query($sql, $this->conn);
}
}
//$this->index();
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function show_order_detailed()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "SELECT o.*,m.*\n\t\t\t\t\t\tFROM " . $this->table_name('order') . " as o\n\t\t\t\t\t\tleft join " . $this->table_name('user') . " as m\n\t\t\t\t\t\ton o.user_id=m.user_id\n\t\t\t\t\t\twhere o.order_id='{$id}' ";
$product = getFetchAll($sql, $this->conn);
//pr($product);echo 1;
$sql_d = "SELECT od.*,p.*,i.*\n\t\t\t\t\t\tFROM " . $this->table_name('order_detail') . " as od\n\t\t\t\t\t\tleft join " . $this->table_name('goods') . " as p\n\t\t\t\t\t\ton p.goods_id=od.goods_id\n\t\t\t\t\t\tleft join " . $this->table_name('goods_i8n') . " as i\n\t\t\t\t\t\ton p.goods_id=i.goods_id\n\t\t\t\t\t\twhere od.order_id='" . $id . "' and i.i8n='" . $_SESSION[$this->shop_name]['b_lang'] . "' ";
$product_d = getFetchAll($sql_d, $this->conn);
/*pr($product_d);
die;*/
$tmpPath = $this->sysVar['template'] . 'admin/show_order_detailed.php';
include $tmpPath;
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function edit_config()
{
$this->isset_cookie();
$d = date("Y-m-d H:i:s");
require_once MANAGE_MOD . 'uploaded_file.php';
$path = "/data/config_doc/";
$doc_src = uploaded_file($this->table_name('img'), 'original_src', 'file_url', $path);
if ($_GET['id'] != '') {
$id = $_GET['id'];
$sql = "update " . $this->table_name('config') . " set con_name='" . $_POST['con_name'] . "' where con_id='{$id}'";
$a = mysql_query($sql, $this->conn);
if ($_POST['edit_doc'] == 1) {
$img_id = $_POST['img_id'];
$sql = "select * from " . $this->table_name('img') . " where img_id='{$img_id}'";
$product = getFetchAll($sql, $this->conn);
if (!empty($product)) {
foreach ($product as $k => $v) {
@unlink('.' . $v['original_src']);
}
}
$sql = "delete from " . $this->table_name('img') . " where img_id='{$img_id}'";
$a = mysql_query($sql, $this->conn);
}
if (!empty($doc_src)) {
$sql = "insert into " . $this->table_name('img') . "(type_id,type,img_title,order_by,original_src,add_by ,add_time,edit_by) values('" . $id . "','CON','" . $_POST['img_name'] . "','" . $_POST['img_by'] . "','{$doc_src}','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')";
$b = mysql_query($sql, $this->conn);
}
if ($a) {
js_redir('index.php?a=admin&m=main_right');
} else {
js_alert('修改失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function del_product()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "delete from " . $this->table_name('goods') . " where goods_id='{$id}'";
$a = mysql_query($sql, $this->conn);
$sql = "delete from " . $this->table_name('goods_i8n') . " where goods_id='{$id}'";
$a = mysql_query($sql, $this->conn);
$sql = "select * from " . $this->table_name('img') . " where type_id='{$id}' and type='P'";
$product = getFetchAll($sql, $this->conn);
if (!empty($product)) {
foreach ($product as $k => $v) {
@unlink('.' . $v['original_src']);
}
}
$sql = "delete from " . $this->table_name('img') . " where type_id='{$id}' and type='P'";
$a = mysql_query($sql, $this->conn);
if ($a) {
$this->index();
} else {
js_alert('删除失败,请联系系统管理员');
}
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function favorite()
{
$this->isset_cookie();
if (isset($_GET['id'])) {
$id = $_GET['id'];
$sql = "select * from " . $this->table_name('user') . " where user_id='{$id}'";
$product = getFetchAll($sql, $this->conn);
$sql = "select *,f.add_time as los from " . $this->table_name('favorite') . " as f " . "left join " . $this->table_name('goods') . " as g on f.goods_id=g.goods_id " . "left join " . $this->table_name('goods_i8n') . " as i on f.goods_id=i.goods_id where f.user_id='" . $id . "' and i.i8n='" . $_SESSION[$this->shop_name]['b_lang'] . "' ";
$products = getFetchAll($sql, $this->conn);
//pr($products);
$tmpPath = $this->sysVar['template'] . 'admin/show_favorite_detailed.php';
include $tmpPath;
} else {
js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login');
}
}
function get_img()
{
$this->isset_cookie();
if (!empty($_POST)) {
$id = $_POST['id'];
$data['id'] = $id;
$sql = "select * from " . $this->table_name('img') . " where type_id='{$id}' and type='M'";
$img = getFetchAll($sql, $this->conn);
if ($img) {
$data['img'] = $img;
foreach ($img as $k => $v) {
$html .= '
<tr>
<td><a href="javascript:void(0)" class="del" id="' . $v['img_id'] . '" onclick="ajax_del(this)">-</a></td>
<td valign="center" align="center" height="100" width="100"><img style="max-width:100px;max-height:100px;" src=".' . $v['original_src'] . '" /></td>
<td>排序:<br /><INPUT TYPE="text" style="width:20px;" NAME="edit_by[' . $v['img_id'] . ']" value="' . $v['order_by'] . '"></td>
<td>图片名:<br /><INPUT TYPE="text" style="width:145px;" NAME="edit_name[' . $v['img_id'] . ']" value="' . $v['img_title'] . '"></td>
';
if ($v['point'] == 0) {
$html .= '
<td><a href="javascript:void(0)" class="del" id="' . $v['img_id'] . '" onclick="set_top(this)">设为封面</a></td>
';
} else {
$html .= '
<td>当前封面</td>
';
}
$html .= '
</tr>
';
}
$data['html'] = $html;
$data['say'] = "ok";
} else {
$data['say'] = "error";
}
die(json_encode($data));
} else {
$data['say'] = "error";
die(json_encode($data));
}
}
function base()
{
/*底部菜单*/
$sql = "select * from " . $this->table_name("menu") . " as a left join " . $this->table_name('menu_i8n') . " as i on i.menu_id=a.menu_id where a.type='down' and i.i8n='" . $_SESSION['lang'] . "' and a.is_show='1' order by a.order_by asc";
$products['down'] = getFetchAll($sql, $this->conn);
/*左侧推荐分享文章*/
$sql = "select * from " . $this->table_name("article_i8n") . " as ai " . " left join " . $this->table_name("article") . " as a on a.art_id=ai.art_id " . " left join " . $this->table_name("img") . " as im on a.art_id=im.type_id " . " where ai.i8n='" . $_SESSION['lang'] . "' and a.cat_id='12' and im.type='A' order by a.edit_time desc LIMIT 0, 2";
$products['share'] = getFetchAll($sql, $this->conn);
/*系统参数*/
$products['config'] = $this->dbconfig;
if ($products['config']['show'] != 'show') {
echo '404';
die;
}
//pr($this->dbconfig);
/*左侧文章对应菜单变化文字*/
$sql = "select * from " . $this->table_name("menu") . " as a left join " . $this->table_name('menu_i8n') . " as i on i.menu_id=a.menu_id and i.i8n='" . $_SESSION['lang'] . "' and a.is_show='1' order by a.order_by asc";
$products['left'] = getFetchAll($sql, $this->conn);
return $products;
// pr($products);die;
}
