function Admin_Login($key = '') { if (empty($key)) { $id = isset($_SESSION['admin_id']) ? intval($_SESSION['admin_id']) : 0; $name = isset($_SESSION['admin_name']) ? $_SESSION['admin_name'] : ''; $pass = isset($_SESSION['admin_pass']) ? $_SESSION['admin_pass'] : ''; } else { $str = unserialize(stripslashes(sys_auth($key, 'D'))); $id = isset($str['id']) ? intval($str['id']) : 0; $name = isset($str['name']) ? $str['name'] : ''; $pass = isset($str['pass']) ? $str['pass'] : ''; } $type = $this->uri->segment(1) == 'opt' ? 'top' : 'window'; $admin_id = intval($this->cookie->get_cookie('admin_id')); $admin_login = $this->cookie->get_cookie('admin_login'); if (empty($id) || empty($name) || empty($pass)) { $login = FALSE; //判断记住登录COOKIE if ($admin_id > 0 && !empty($admin_login)) { //判断非法COOKIE if (!preg_match('/^[0-9a-zA-Z]*$/', $admin_login)) { $adminlogin = ''; } $row = $this->db->query("SELECT id,adminname,adminpass,logip,logtime FROM " . CS_SqlPrefix . "admin where id='{$admin_id}'")->row(); if ($row && md5($row->adminname . $row->adminpass) == $admin_login) { $_SESSION['admin_name'] = $row->adminname; $_SESSION['admin_id'] = $row->id; $_SESSION['admin_pass'] = md5($row->adminpass); $_SESSION['admin_logtime'] = date('Y-m-d H:i:s', $row->logtime); $_SESSION['admin_logip'] = $row->logip; $login = true; } } if (!$login) { die("<script>" . $type . ".location='" . site_url('login/logout') . "';</script>"); } } else { $admin = $this->db->query("SELECT * FROM " . CS_SqlPrefix . "admin where id=" . $id . "")->row(); if ($admin) { //密码不对 if (md5($admin->adminpass) != $pass || $admin->adminname != $name) { die("<script>" . $type . ".location='" . site_url('login/logout') . "';</script>"); } //IP不对 if (getip() != $admin->logip) { die("<script>" . $type . ".location='" . site_url('login/logout') . "';</script>"); } //判断权限 if ($admin->sid > 1) { $zu = $this->db->query("SELECT sys,app FROM " . CS_SqlPrefix . "adminzu where id=" . $admin->sid . "")->row(); if (!defined('PLUBPATH')) { $quanxian = $zu->sys; //系统默认权限 } else { $apparr = unarraystring($zu->app); $quanxian = !empty($apparr[PLUBPATH]) ? $apparr[PLUBPATH] : ''; //板块权限 } $arr = @parse_url(REQUEST_URI); $re_url = str_replace("/" . SELF . "/", "", $arr['path']); $permarr = explode('/', $re_url); if (count($permarr) < 2 && $re_url != 'index') { $re_url .= '/index'; } if ($re_url != 'index' && $re_url != '/index' && $re_url != 'opt/main' && $re_url != 'opt/head' && $re_url != 'opt/error' && $re_url != 'opt/menu' && $re_url != 'opt/bottom') { if (getqx($re_url, $quanxian, 1) != 'ok') { if ($re_url == 'upload/up') { die("<script>alert('" . L('err_03') . "');parent.\$('.webox').css({display:'none'});parent.\$('.background').css({display:'none'});parent.parent.web_box(2);</script>"); } else { admin_msg(L('err_03'), 'javascript:history.back();', 'no'); } } } } } else { die("<script>" . $type . ".location='" . site_url('login/logout') . "';</script>"); } } }
public function cscmsumenu($str, $uid = 0) { preg_match_all('/{cscmsmenu:([A-Za-z0-9]+)}([\\s\\S]+?){\\/cscmsmenu}/', $str, $Mark_M); //榜单标签解析 if (!empty($Mark_M) && !empty($Mark_M[0][0])) { $ci =& get_instance(); if (!isset($ci->db)) { $ci->load->database(); } $us = $ci->db->query("select level,zid from " . CS_SqlPrefix . "user where id=" . $uid . "")->row_array(); if (!$us) { $us['zid'] = 0; $us['level'] = 0; } $sqlstr = "select dir from " . CS_SqlPrefix . "plugins order by id asc"; $result = $ci->db->query($sqlstr); $menu_s = ''; foreach ($result->result() as $row) { if (file_exists(FCPATH . 'plugins/' . $row->dir . '/config/menu.php') && file_exists(FCPATH . 'plugins/' . $row->dir . '/config/site.php')) { preg_match_all('/{cscmsmenu:auto}([\\s\\S]+?){\\/cscmsmenu:auto}/', $str, $Mark_A); //榜单标签解析 if (!empty($Mark_A)) { $site_arr = (require FCPATH . 'plugins/' . $row->dir . '/config/site.php'); $menu_arr = (require FCPATH . 'plugins/' . $row->dir . '/config/menu.php'); $menu = $menu_arr['user']; if (!empty($menu[0]['menu']) && getqx($us['zid'], $site_arr['User_Qx']) != 'ok' && getqx($us['level'], $site_arr['User_Dj_Qx']) != 'ok') { $count = count($menu[0]['menu']); $mstr = ''; for ($j = 0; $j < $count; $j++) { $mstr .= str_replace(array('[menu:i]', '[menu:dir]', '[menu:name]', '[menu:link]'), array($j + 1, $row->dir, $menu[0]['menu'][$j]['name'], spacelink($menu[0]['menu'][$j]['link'], $row->dir)), $Mark_A[1][0]); } $mstr = str_replace($Mark_A[0][0], $mstr, $Mark_M[2][0]); } else { $mstr = ''; } } unset($Mark_A); } $menu_s .= $mstr; if (!empty($menu[0]['name'])) { $menu_s = str_replace('[menu:name]', $menu[0]['name'], $menu_s); } } $str = str_replace($Mark_M[0][0], $menu_s, $str); } unset($Mark_M); return $str; }
public function type_init() { $id = intval($this->input->get('id')); $rowc = $this->db->query("SELECT fid FROM " . CS_SqlPrefix . "vod_list where id=" . $id . "")->row(); if ($rowc->fid > 0) { $id = $rowc->fid; } $type = $this->input->get('type', true); $sql_string = "SELECT id,name FROM " . CS_SqlPrefix . "vod_type where cid=" . $id . " order by xid asc"; $query = $this->db->query($sql_string); $data = array(); $i = 0; foreach ($query->result() as $row) { $data[$i]['name'] = get_bm($row->name, 'gbk', 'utf-8'); $data[$i]['chk'] = getqx($row->name, $type) == 'ok' ? 'true' : 'false'; $i++; } echo json_encode($data); }