function action_comments_remove()
{
$comm = new table("comments");
$id = intval($_GET["id"]);
$comm->delete($id);
show_msg("删除成功", $_SERVER["HTTP_REFERER"]);
}
function cfg_write($data)
{
if (!is_writeable(CONF)) {
show_msg(0, 'Conf目录不可写');
}
$fp = fopen(CONF . '/appcfg.php', 'wb');
flock($fp, 3);
fwrite($fp, "<" . "?php\r\n");
fwrite($fp, "return array(\r\n");
foreach ($data as $fval) {
$fval['vals'] = htmlspecialchars_decode($fval['vals']);
if ($fval['types'] == 'int' || $fval['types'] == 'bool') {
if ($fval['vals'] == "") {
$fval['vals'] = 0;
}
fwrite($fp, "\t'" . $fval['keyword'] . "' => " . addslashes($fval['vals']) . ",\r\n");
} elseif ($fval['types'] == 'select' || $fval['types'] == 'more') {
list($key, $val) = explode('>>', $fval['vals']);
if ($key == 'none') {
fwrite($fp, "\t'" . $fval['keyword'] . "' => '',\r\n");
} else {
fwrite($fp, "\t'" . $fval['keyword'] . "' => '" . addslashes($key) . "',\r\n");
}
} else {
fwrite($fp, "\t'" . $fval['keyword'] . "' => '" . addslashes($fval['vals']) . "',\r\n");
}
}
fwrite($fp, ");");
fclose($fp);
}
function save_website_template($siteid, $template)
{
$db = Database::obtain();
$website['website_template'] = $template;
$db->update(TABLE_WEBSITES, $website, "id='" . $siteid . "'");
show_msg(translate('Selected template saved successfully.', sz_config('language')));
}
function delete_user()
{
$db = Database::obtain();
$sql = "DELETE FROM `" . TABLE_USERS . "` WHERE `id`={$this->id}";
$db->query($sql);
unset($this->user);
show_msg(translate('User deleted.', $this->language));
}
updatecensorcache();
$msg = <<<EOF
\t<form method="post" action="{$theurl}">
\t<table>
\t<tr><td colspan="2">程序数据安装完成!<br><br>
\t最后,请输入您在用户中心UCenter的用户名和密码<br>系统将自动把将您设为站点管理员!
\t</td></tr>
\t<tr><td>您的用户名</td><td><input type="text" name="username" value="" size="30"></td></tr>
\t<tr><td>您的密码</td><td><input type="password" name="password" value="" size="30"></td></tr>
\t<tr><td></td><td><input type="submit" name="opensubmit" value="设置管理员"></td></tr>
\t</table>
\t<input type="hidden" name="formhash" value="{$formhash}">
\t</form>
<iframe id="phpframe" name="phpframe" width="0" height="0" marginwidth="0" frameborder="0" src="..\\"></iframe>
EOF;
show_msg($msg, 999);
}
//页面头部
function show_header()
{
global $_SGLOBAL, $nowarr, $step, $theurl, $_SC;
$nowarr[$step] = ' class="current"';
print <<<END
\t<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
\t<html xmlns="http://www.w3.org/1999/xhtml">
\t<head>
\t<meta http-equiv="Content-Type" content="text/html; charset={$_SC['charset']}" />
\t<title> SupeSite 程序安装 </title>
\t<style type="text/css">
\t* {font-size:12px; font-family: Verdana, Arial, Helvetica, sans-serif; line-height: 1.5em; word-break: break-all; }
\tbody { text-align:center; margin: 0; padding: 0; background: #F5FBFF; }
$num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "sms_send WHERE 1 {$wheresql} ");
$sql = "SELECT * FROM " . DB_TABLEPRE . "sms_send WHERE 1 {$wheresql} ORDER BY id desc LIMIT {$offset}, {$pagesize}";
$result = $db->fetch_all($sql);
include_once 'template/index.php';
} elseif ($do == 'update') {
get_key("office_info_delete");
$idarr = getGP('id', 'P', 'array');
foreach ($idarr as $id) {
$db->query("DELETE FROM " . DB_TABLEPRE . "sms_send WHERE id = '{$id}' ");
//db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'");
if ($id != '') {
$oalog = array('uid' => $_USER->id, 'content' => '删除内部短信', 'title' => '删除内部短信', 'startdate' => get_date('Y-m-d H:i:s', PHP_TIME), 'contentid' => $id, 'type' => '4');
insert_db('oalog', $oalog);
}
}
show_msg('短消息删除成功!', 'admin.php?ac=index&fileurl=sms&userkeytype=' . getGP('userkeytype', 'P') . '');
} elseif ($do == 'excel') {
$datename = "sms_" . get_date('YmdHis', PHP_TIME);
$outputFileName = 'data/excel/' . $datename . '.xls';
$content = array();
$archive = array("接收人", "发送人", "发送时间", "内容");
$content[] = $archive;
$wheresql = '';
$vuidtype = getGP('vuidtype', 'P');
if (!is_superadmin() && $vuidtype == '') {
$wheresql .= " AND uid ='" . $_USER->id . "'";
}
if ($vuidtype != '') {
if ($vuidtype == '-1') {
$wheresql .= get_subordinate($_USER->id, 'uid');
} else {
$wheresql .= " AND (logindate>'" . $vstartdate . "' and logindate<'" . $venddate . "')";
$url .= '&vstartdate=' . $vstartdate . '&venddate=' . $venddate;
}
$num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "loginlog WHERE 1 {$wheresql} and uid='" . $_USER->id . "'");
$sql = "SELECT * FROM " . DB_TABLEPRE . "loginlog WHERE 1 {$wheresql} and uid='" . $_USER->id . "' ORDER BY id desc LIMIT {$offset}, {$pagesize}";
$result = $db->fetch_all($sql);
include_once 'template/log.php';
} elseif ($do == 'update') {
show_msg('你没有权限使用此功能,请联系系统管理员作删除操作!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '');
} elseif ($do == 'userupdate') {
get_key("config_log_delete");
$idarr = getGP('id', 'P', 'array');
foreach ($idarr as $id) {
$db->query("DELETE FROM " . DB_TABLEPRE . "oalog WHERE id = '{$id}' ");
}
show_msg('你没有权限使用此功能,请联系系统管理员作删除操作!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '&do=loglist');
} elseif ($do == 'excel') {
$datename = "log_" . get_date('YmdHis', PHP_TIME);
$outputFileName = 'data/excel/' . $datename . '.xls';
//生成数据
$content = array();
$archive = array("姓名", "IP", "登录时间", "退出时间");
$content[] = $archive;
$wheresql = '';
//根据条件导出
if ($name = getGP('name', 'P')) {
$wheresql .= " AND name LIKE '%{$name}%'";
}
//时间
$vstartdate = getGP('vstartdate', 'P');
$venddate = getGP('venddate', 'P');
private function _init_db()
{
$this->dbconfig['host'] = $this->config['db']['1']['dbhost'];
$this->dbconfig['user'] = $this->config['db']['1']['dbuser'];
$this->dbconfig['pw'] = $this->config['db']['1']['dbpw'];
$this->dbconfig['name'] = $this->config['db']['1']['dbname'];
$this->dbconfig['charset'] = $this->config['db']['1']['dbcharset'];
$this->dbconfig['tablepre'] = $this->config['db']['1']['tablepre'];
$this->ucdbconfig['host'] = UC_DBHOST;
$this->ucdbconfig['user'] = UC_DBUSER;
$this->ucdbconfig['pw'] = UC_DBPW;
$this->ucdbconfig['name'] = UC_DBNAME;
$this->ucdbconfig['charset'] = UC_DBCHARSET;
$this->ucdbconfig['tablepre'] = UC_DBTABLEPRE;
$this->connect_db();
$sql = "SHOW FULL PROCESSLIST";
$query = mysql_query($sql, $this->db);
$waiting = false;
$waiting_msg = '';
while ($l = mysql_fetch_array($query, MYSQL_ASSOC)) {
if ($l['State'] == 'Checking table') {
$this->close_db();
$waiting = true;
$waiting_msg = '正在检查表,请稍后...';
} elseif ($l['State'] == 'Repair by sorting') {
$this->close_db();
$waiting = true;
$waiting_msg = '正在修复表,请稍后...';
}
}
if ($waiting) {
show_msg($waiting_msg, 'tools.php?action=repairdb', 3000);
}
}
/**
* database check
*/
function check_db($db_host, $db_user, $db_pwd, $db_name, $db_prefix, $db_port)
{
if (!function_exists('mysql_connect')) {
show_msg('undefined function : mysql_connect()');
}
if (!@mysql_connect($db_host . ":" . $db_port, $db_user, $db_pwd)) {
show_msg('database connect failed');
} else {
if ($query = mysql_query("SHOW TABLES FROM {$db_name}")) {
while ($row = mysql_fetch_row($query)) {
if (preg_match("/^{$db_prefix}/", $row[0])) {
return false;
}
}
}
}
return true;
}
require $config['BASE_DIR'] . '/include/compat/json.php';
$data = array('status' => 1, 'msg' => '');
if (isset($_POST['user_id'])) {
if (isset($_SESSION['uid'])) {
$uid = intval($_SESSION['uid']);
$filter = new VFilter();
$user_id = $filter->get('user_id', 'INTEGER');
if ($uid == $user_id) {
$data['msg'] = show_err('Invalid request!?');
} else {
$sql = "SELECT UID FROM video_subscribe WHERE UID = " . $uid . " AND SUID = " . $user_id . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() != 1) {
$data['msg'] = show_err($lang['ajax.remove_sub_exists']);
} else {
$data['status'] = 1;
$data['msg'] = show_msg($lang['ajax.remove_sub_success']);
$sql = "DELETE FROM video_subscribe WHERE UID = " . $uid . " AND SUID = " . $user_id . " LIMIT 1";
$conn->execute($sql);
$sql = "UPDATE signup SET popularity = popularity-1, points = points-2 WHERE UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
}
}
} else {
$data['msg'] = show_err($lang['ajax.remove_sub_login']);
}
} else {
$data['msg'] = show_err('Invalid request!');
}
echo json_encode($data);
die;
$id = getGP('id', 'G', 'int');
$workdate = $db->fetch_one_array("SELECT * FROM " . DB_TABLEPRE . "book_type WHERE id = '{$id}' ");
include_once 'template/file_type_edit.php';
} elseif ($do == 'save') {
$savetype = getGP('savetype', 'P');
$id = getGP('id', 'P', 'int');
$title = getGP('title', 'P');
$father = getGP('father', 'P');
$keyuser = getGP('keyuser', 'P');
//$uid=$_USER->id;
$book_type = array('title' => $title, 'father' => $father, 'keyuser' => $keyuser);
update_db('book_type', $book_type, array('id' => $id));
$content = serialize($book_type);
$title = '编辑图书类别';
get_logadd($id, $content, $title, 22, $_USER->id);
show_msg('您要处理的信息操作成功!', 'admin.php?ac=file_type&fileurl=' . $fileurl . '');
}
function GET_FILE_PUBLIC_LIST($fatherid = 0, $selid = 0, $layer = 0)
{
$str = "";
global $db;
$query = $db->query("SELECT * FROM " . DB_TABLEPRE . "book_type where father='{$fatherid}' ORDER BY id Asc ");
if (count($query) > 0) {
for ($i = 0; $i < $layer; $i++) {
$str .= "├";
}
while ($row = $db->fetch_array($query)) {
$selstr = $row['id'] == $selid ? 'selected="selected"' : '';
$htmlstr = '<option value="' . $row['id'] . '" ' . $selstr . '>' . $str . $row['title'] . '</option>';
echo $htmlstr;
GET_FILE_PUBLIC_LIST($row['id'], $selid, $layer + 1, $type);
$db->query("UPDATE " . DB_TABLEPRE . "plugin set type='1' WHERE id = '" . $_POST['pid'] . "' ");
//权限
$db->query("DELETE FROM " . DB_TABLEPRE . "keytable WHERE id = 391");
for ($i = 262; $i <= 266; $i++) {
$db->query("DELETE FROM " . DB_TABLEPRE . "keytable WHERE id = " . $i . "");
}
//菜单
for ($i = 129; $i <= 132; $i++) {
$db->query("DELETE FROM " . DB_TABLEPRE . "menu WHERE menuid = " . $i . "");
}
$db->query("DELETE FROM " . DB_TABLEPRE . "menu WHERE menuid = 73");
//数据库
$db->query("DROP TABLE toa_property");
$db->query("DROP TABLE toa_property_depreciation");
$db->query("DROP TABLE toa_property_type");
show_msg('固定资产组件模块卸载成功!', '../admin.php?ac=plugin&fileurl=mana');
} else {
global $db;
$sql = "SELECT * FROM " . DB_TABLEPRE . "plugin WHERE id = '" . $_GET['pid'] . "'";
$row = $db->fetch_one_array($sql);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type"/>
<link rel="stylesheet" type="text/css" href="../template/default/content/css/style.css">
<title>天生创想OA办公系统组件集成安装程序</title>
</head>
<body class="bodycolor">
<table width="60%" border="0" align="center" cellpadding="3" cellspacing="0" class="small" style="margin-top:20px;margin-bottom:10px;">
<tr>
foreach (getGP('newinherited', 'P', 'array') as $name) {
$newinherited .= $name . ',';
}
$newname = explode(',', substr($newname, 0, -1));
$newinherited = explode(',', substr($newinherited, 0, -1));
if ($newname != '') {
for ($i = 0; $i < sizeof($newname); $i++) {
if ($newname[$i] != '') {
if ($newname[$i] == '') {
$newname[$i] = '新文件夹名称';
}
if ($newinherited[$i] != '') {
$fatherid = $newinherited[$i];
} else {
$fatherid = '0';
}
$document_type = array('title' => $newname[$i], 'father' => $fatherid, 'date' => $date, 'type' => $_GET['type'], 'uid' => $_USER->id);
insert_db('document_type', $document_type);
}
}
}
$str = ',新增了<font color=red>' . sizeof($newname) . '</font>条信息';
}
show_msg('批量文件夹信息更新成功' . $str . '!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '&do=documenttype&type=' . $_GET['type'] . '');
} elseif ($_GET['view'] == 'typeupdate') {
$db->query("DELETE FROM " . DB_TABLEPRE . "document_type WHERE id = '" . $_GET[id] . "' ");
$db->query("UPDATE " . DB_TABLEPRE . "document_type set father='" . $_GET['fid'] . "' WHERE father = '" . $_GET[id] . "' ");
show_msg('文件夹信息删除成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '&do=documenttype&type=' . $_GET['type'] . '');
}
include_once 'template/documenttype.php';
}
(!defined('IN_TOA') || !defined('IN_ADMIN')) && exit('Access Denied!');
get_key("office_communication_Increase");
empty($do) && ($do = 'list');
if ($do == 'list') {
include_once 'template/add.php';
} elseif ($do == 'save') {
$savetype = getGP('savetype', 'P');
$company = getGP('company', 'P');
$person = getGP('person', 'P');
$tel = getGP('tel', 'P');
$phone = getGP('phone', 'P');
$fax = getGP('fax', 'P');
$mail = getGP('mail', 'P');
$zipcode = getGP('zipcode', 'P');
$address = getGP('address', 'P');
$position = getGP('position', 'P');
$sex = getGP('sex', 'P');
$msn = getGP('msn', 'P');
$date = get_date('Y-m-d h:i:s', PHP_TIME);
$type = getGP('type', 'P');
$uid = $_USER->id;
//主表信息
$communication = array('company' => $company, 'person' => $person, 'tel' => $tel, 'phone' => $phone, 'fax' => $fax, 'mail' => $mail, 'zipcode' => $zipcode, 'address' => $address, 'position' => $position, 'sex' => $sex, 'msn' => $msn, 'type' => $type, 'date' => $date, 'uid' => $uid);
//写入主表信息
insert_db('communication', $communication);
$id = $db->insert_id();
$content = serialize($communication);
$title = '添加通迅录';
get_logadd($id, $content, $title, 9, $_USER->id);
show_msg('添加通迅录成功!', 'admin.php?ac=index&fileurl=communication&type=' . $type . '');
}
function check_db($dbhost, $dbuser, $dbpw, $dbname, $tablepre, $dbport)
{
if (!function_exists('mysql_connect')) {
show_msg('undefine_func', 'mysql_connect', 0);
}
if (!@mysql_connect($dbhost . ":" . $dbport, $dbuser, $dbpw)) {
$errno = mysql_errno();
$error = mysql_error();
if ($errno == 1045) {
show_msg('database_errno_1045', $error, 0);
} elseif ($errno == 2003) {
show_msg('database_errno_2003', $error, 0);
} else {
show_msg('database_connect_error', $error, 0);
}
} else {
if ($query = mysql_query("SHOW TABLES FROM {$dbname}")) {
while ($row = mysql_fetch_row($query)) {
if (preg_match("/^{$tablepre}/", $row[0])) {
return false;
}
}
}
}
return true;
}
function register_administrator($db, $prefix, $admin, $auth)
{
show_msg('开始注册创始人帐号...');
$uid = 1;
/*插入用户*/
$sql = <<<sql
REPLACE INTO `[PREFIX]ucenter_member` (`id`, `username`, `password`, `email`, `mobile`, `reg_time`, `reg_ip`, `last_login_time`, `last_login_ip`, `update_time`, `status`, `type`) VALUES
('[UID]', '[NAME]', '[PASS]','[EMAIL]', '', '[TIME]', '[IP]', '[TIME]', '[IP]', '[TIME]', 1, 1);
sql;
/* "REPLACE INTO `[PREFIX]ucenter_member` VALUES " .
"('1', '[NAME]', '[PASS]', '[EMAIL]', '', '[TIME]', '[IP]', 0, 0, '[TIME]', '1',1,'finish')";*/
$password = user_md5($admin['password'], $auth);
$sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]', '[UID]'), array($prefix, $admin['username'], $password, $admin['email'], NOW_TIME, get_client_ip(1), $uid), $sql);
//执行sql
$db->execute($sql);
/*插入用户资料*/
$sql = <<<sql
REPLACE INTO `[PREFIX]member` (`uid`, `nickname`, `sex`, `birthday`, `qq`, `login`, `reg_ip`, `reg_time`, `last_login_ip`, `last_login_role`, `show_role`, `last_login_time`, `status`, `signature`) VALUES
('[UID]','[NAME]', 0, '0', '', 1, 0, '[TIME]', 0, 1, 1, '[TIME]', 1, '');
sql;
$sql = str_replace(array('[PREFIX]', '[NAME]', '[TIME]', '[UID]'), array($prefix, $admin['username'], NOW_TIME, $uid), $sql);
$db->execute($sql);
/*初始化角色表*/
$sql = <<<sql
REPLACE INTO `[PREFIX]role` (`id`, `group_id`, `name`, `title`, `description`, `user_groups`, `invite`, `audit`, `sort`, `status`, `create_time`, `update_time`) VALUES
(1, 0, 'default', '普通用户', '普通用户', '1', 0, 0, 0, 1, [TIME], [TIME]);
sql;
$sql = str_replace(array('[PREFIX]', '[TIME]', '[UID]'), array($prefix, NOW_TIME, $uid), $sql);
$db->execute($sql);
/*插入角色和用户对应关系*/
$sql = <<<sql
REPLACE INTO `[PREFIX]user_role` (`id`, `uid`, `role_id`, `status`, `step`, `init`) VALUES
(1, [UID], 1, 1, 'finish', 1);
sql;
$sql = str_replace(array('[PREFIX]', '[UID]'), array($prefix, $uid), $sql);
$db->execute($sql);
/*初始化用户角色end*/
show_msg('创始人帐号注册完成!');
}
function show_license()
{
global $self, $uchidden, $step;
/*vot*/
global $language;
$next = $step + 1;
if (VIEW_OFF) {
show_msg('license_contents', lang('license'), 1);
} else {
show_header();
$license = str_replace(' ', ' ', lang('license'));
$lang_agreement_yes = lang('agreement_yes');
$lang_agreement_no = lang('agreement_no');
echo <<<EOT
</div>
<div class="main" style="margin-top:-123px;">
\t<div class="licenseblock">{$license}</div>
\t<div class="btnbox marginbot">
\t\t<form method="get" autocomplete="off" action="index.php">
<!--vot-->\t<input type='hidden' name='language' value='{$language}' />
\t\t<input type="hidden" name="step" value="{$next}">
\t\t<input type="hidden" name="uchidden" value="{$uchidden}">
\t\t<input type="submit" name="submit" value="{$lang_agreement_yes}" style="padding: 2px">
\t\t<input type="button" name="exit" value="{$lang_agreement_no}" style="padding: 2px" onclick="javascript: window.close(); return false;">
\t\t</form>
\t</div>
EOT;
show_footer();
}
}
$title = getGP('title', 'P');
$specification = getGP('specification', 'P');
$unit = getGP('unit', 'P');
$price = getGP('price', 'P');
$number = getGP('number', 'P');
$content = getGP('content', 'P');
//$purchase=getGP('purchase','P');
//$examination=getGP('examination','P');
//$warehousing=getGP('warehousing','P');
$office_goods = array('goods_type' => $goods_type, 'title' => $title, 'specification' => $specification, 'unit' => $unit, 'price' => $price, 'number' => $number, 'content' => $content, 'date' => get_date('Y-m-d H:i:s', PHP_TIME), 'uid' => $_USER->id);
insert_db('office_goods', $office_goods);
$id = $db->insert_id();
$content = serialize($office_goods);
$title = '新增办公用品信息';
get_logadd($id, $content, $title, 23, $_USER->id);
show_msg('您要处理的信息操作成功!', 'admin.php?ac=index&fileurl=' . $fileurl . '');
}
//读取部门
function GET_FILE_PUBLIC_LIST($fatherid = 0, $selid = 0, $layer = 0)
{
$str = "";
global $db;
$query = $db->query("SELECT * FROM " . DB_TABLEPRE . "goods_type where father='{$fatherid}' ORDER BY id Asc ");
if (count($query) > 0) {
for ($i = 0; $i < $layer; $i++) {
$str .= "├";
}
while ($row = $db->fetch_array($query)) {
$selstr = $row['id'] == $selid ? 'selected="selected"' : '';
$htmlstr = '<option value="' . $row['id'] . '" ' . $selstr . '>' . $str . $row['title'] . '</option>';
echo $htmlstr;
require_once libfile('function/importdata');
$dir = DB::result_first("SELECT t.directory FROM " . DB::table('common_style') . " s LEFT JOIN " . DB::table('common_template') . " t ON t.templateid=s.templateid WHERE s.styleid='1'");
import_styles(1, $dir, 1, 0);
DB::update('common_setting', array('svalue' => 1), "skey='styleid'");
show_msg(lang('update', 'default_style_restored'), "{$theurl}?step=cache");
} elseif ($_GET['step'] == 'cache') {
if (!$devmode && @($fp = fopen($lockfile, 'w'))) {
fwrite($fp, ' ');
fclose($fp);
}
dir_clear(ROOT_PATH . './data/template');
dir_clear(ROOT_PATH . './data/cache');
dir_clear(ROOT_PATH . './data/threadcache');
dir_clear(ROOT_PATH . './uc_client/data');
dir_clear(ROOT_PATH . './uc_client/data/cache');
show_msg(lang('update', 'database_updated') . '<iframe src="../misc.php?mod=initsys" style="display:none;"></iframe>');
}
function has_another_special_table($tablename, $key)
{
if (!$key) {
return $tablename;
}
$tables_array = get_special_tables_array($tablename);
if ($key > count($tables_array)) {
return FALSE;
} else {
return TRUE;
}
}
function get_special_tables_array($tablename)
{
$code .= '<div class="row">';
$code .= '<div class="pull-left">';
$code .= '<a href="' . $config['BASE_URL'] . '/user/' . $username . '">';
$code .= '<img src="' . $config['BASE_URL'] . '/media/users/' . $photo . '" title="' . $username . '\'s avatar" alt="' . $username . '\'s avatar" class="img-responsive comment-avatar" />';
$code .= '</a>';
$code .= '</div>';
$code .= '<div class="comment new-comment">';
$code .= '<div class="comment-info">';
$code .= '<a href="' . $config['BASE_URL'] . '/user/' . $username . '">' . $username . '</a> - <span class="">' . $lang['global.right_now'] . '</span>';
$code .= '</div>';
$code .= '<div class="comment-body overflow-hidden">' . nl2br($comment) . '</div>';
$code .= '<div class="comment-actions">';
$code .= '<a href="#delete_comment" id="delete_comment_notice_' . $cid . '_' . $nid . '">' . $lang['global.delete'] . '</a> <span id="delete_response_' . $cid . '" style="display: none;"></span>';
$code .= '</div>';
$code .= '</div>';
$code .= '<div class="clearfix"></div>';
$code .= '</div>';
$code .= '</div>';
$data['code'] = $code;
$data['cid'] = $cid;
$data['nid'] = $nid;
$data['status'] = 1;
$data['msg'] = show_msg($lang['global.comment_success']);
$_SESSION['n_comment_added'] = time();
}
} else {
$data['msg'] = show_err($lang['ajax.notice_comment_login']);
}
}
echo json_encode($data);
die;
include_once 'mana/template_edit.php';
} elseif ($do == 'editsave') {
$tplid = getGP('tplid', 'P', 'int');
$title = getGP('title', 'P');
$typeid = getGP('typeid', 'P');
$tplkey = getGP('tplkey', 'P');
if (getGP('tpluser', 'P') != '') {
$tpluser = getGP('tpluser', 'P');
} else {
$tpluser = '******';
}
if (getGP('tpladmin', 'P') != '') {
$tpladmin = getGP('tpladmin', 'P');
} else {
$tpladmin = '0';
}
$tpladdr = getGP('tpladdr', 'P');
//主表信息
$workclass_template = array('title' => $title, 'typeid' => $typeid, 'tplkey' => $tplkey, 'tpluser' => $tpluser, 'tpladmin' => $tpladmin, 'tpladdr' => $tpladdr);
update_db('workclass_template', $workclass_template, array('tplid' => $tplid));
//更新表单
$workclass_from = array('typeid' => $typeid);
update_db('workclass_from', $workclass_from, array('tplid' => $tplid));
//更新流程
$workclass_flow = array('typeid' => $typeid);
update_db('workclass_flow', $workclass_flow, array('tplid' => $tplid));
$content = serialize($workclass_template);
$title = '编辑工作流模板';
get_logadd($id, $content, $title, 35, $_USER->id);
show_msg('工作流模板修改成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '');
}
$uid = check_str(getGP('userid', 'P'));
$startdate = getGP('startdate', 'P') . " " . getGP('starth', 'P') . ":" . getGP('starti', 'P') . ":00";
$enddate = getGP('enddate', 'P') . " " . getGP('endh', 'P') . ":" . getGP('endi', 'P') . ":00";
$startnote = check_str(getGP('startnote', 'P'));
$endnote = check_str(getGP('endnote', 'P'));
$date = check_str(getGP('date', 'P'));
$startyype = check_str(getGP('startyype', 'P'));
$endtype = check_str(getGP('endtype', 'P'));
$registration = array('name' => $name, 'startdate' => $startdate, 'enddate' => $enddate, 'startnote' => $startnote, 'endnote' => $endnote, 'uid' => $uid, 'startyype' => $startyype, 'endtype' => $endtype, 'date' => $date);
insert_db('registration', $registration);
$id = $db->insert_id();
$content = serialize($registration);
$title = '录入考勤信息';
get_logadd($id, $content, $title, 7, $_USER->id);
}
show_msg('考勤信息操作成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '');
} else {
$id = getGP('id', 'G', 'int');
if ($id != '') {
$user = $db->fetch_one_array("SELECT * FROM " . DB_TABLEPRE . "registration WHERE id = '{$id}' ");
$startdate = explode(' ', $user['startdate']);
$starttime = explode(':', $startdate[1]);
$enddate = explode(' ', $user['enddate']);
$endtime = explode(':', $enddate[1]);
$_title['name'] = '更改';
} else {
$startdate = explode(' ', get_date('Y-m-d H:i:s', PHP_TIME));
$starttime = explode(':', $startdate[1]);
$starttime[0] = '08';
$starttime[1] = '50';
$enddate = explode(' ', get_date('Y-m-d H:i:s', PHP_TIME));
$personnel2 = array('type' => $row9['type'], 'name' => $row9['name'], 'uid' => $row9['uid'], 'node' => $row9['node'], 'pkey' => 0, 'fileid' => $row9['fileid'], 'apptype' => $row9['apptype'], 'appflow' => $row9['appflow'], 'appkey' => $row9['appkey'], 'appkey1' => $row9['appkey1']);
insert_db('personnel', $personnel2);
if ($row9['appkey'] == '1') {
$staff = explode(',', $row9['name']);
$staffid = explode(',', $row9['uid']);
for ($i = 0; $i < sizeof($staffid); $i++) {
$personnel_log = array('type' => 2, 'name' => $staff[$i], 'uid' => $staffid[$i], 'pkey' => 0, 'perid' => $row9['id']);
insert_db('personnel_log', $personnel_log);
}
}
//$db->query('UPDATE personnel SET oapostscript ="流程被回退,理由:".$_POST['ly'] where id=');
/////////////////////////////
if ($_POST['type'] == '1') {
show_msg('操作成功,当前步骤已被撤销!', 'admin.php?ac=attachment&fileurl=app&type=5');
} else {
show_msg('操作成功,当前步骤已被撤销!', 'admin.php?ac=approval&fileurl=app&type=5');
}
} else {
echo '在您提交回退操作前,该公文状态已发生变化,且当前状态无法进行回退操作!';
}
}
}
} else {
if ($_GET['type'] == '1') {
$tkey = "attachment";
} else {
$tkey = "approval";
}
$sql = "select title from toa_" . $tkey . " where id=" . $_GET['id'];
$row = $db->fetch_one_array($sql);
?>
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
$data = array('status' => 0, 'msg' => '');
if (isset($_POST['video_id'])) {
$filter = new VFilter();
$video_id = $filter->get('video_id', 'INTEGER');
if (isset($_SESSION['uid'])) {
$sql = "SELECT VID FROM favourite WHERE VID = " . $video_id . " AND UID = " . intval($_SESSION['uid']) . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err($lang['ajax.favorite_video_exists']);
} else {
$sql = "SELECT VID FROM video WHERE VID = " . $video_id . " AND UID = " . intval($_SESSION['uid']) . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err($lang['ajax.favorite_video_self']);
} else {
$sql = "INSERT INTO favourite SET VID = " . $video_id . ", UID = " . intval($_SESSION['uid']);
$conn->execute($sql);
$sql = "UPDATE video SET fav_num = fav_num+1 WHERE VID = " . $video_id . " LIMIT 1";
$conn->execute($sql);
$data['msg'] = show_msg($lang['ajax.favorite_video_success']);
$data['status'] = 1;
}
}
} else {
$data['msg'] = show_err($lang['ajax.favorite_video_login']);
}
}
echo json_encode($data);
die;
<?php
(!defined('IN_TOA') || !defined('IN_ADMIN')) && exit('Access Denied!');
get_key("file_Increase");
empty($do) && ($do = 'list');
if ($do == 'list') {
include_once 'template/add.php';
} elseif ($do == 'save') {
$savetype = getGP('savetype', 'P');
$filetype = getGP('filetype', 'P');
$filenumber = getGP('filenumber', 'P');
$filename = getGP('filename', 'P');
$enddate = getGP('enddate', 'P');
$position = getGP('position', 'P');
$page = getGP('page', 'P');
$appendix = getGP('file1', 'P') . "," . getGP('file2', 'P') . "," . getGP('file3', 'P');
$content = getGP('content', 'P');
$file = array('filetype' => $filetype, 'filenumber' => $filenumber, 'filename' => $filename, 'enddate' => $enddate, 'position' => $position, 'page' => $page, 'appendix' => $appendix, 'content' => $content, 'type' => '0', 'date' => get_date('Y-m-d H:i:s', PHP_TIME), 'uid' => $_USER->id);
insert_db('file', $file);
$id = $db->insert_id();
$content = serialize($file);
$title = '新增档案信息';
get_logadd($id, $content, $title, 20, $_USER->id);
show_msg('新增档案信息成功!', 'admin.php?ac=index&fileurl=file');
}
$wage_basis = array('username' => $username[$id], 'name' => $name[$id], 'content' => $content[$id]);
update_db('wage_basis', $wage_basis, array('bid' => $id));
}
//$sqlu = "SELECT tid,name FROM ".DB_TABLEPRE."wage_type order by tnumber asc";
//$results = $db->query($sqlu);
//while ($type = $db->fetch_array($results)) {
foreach ($_CACHE['wage_type'] as $type) {
$contentdb = getGP('type_' . $type['tid'], 'P', 'array');
$wdb = $db->fetch_one_array("SELECT did FROM " . DB_TABLEPRE . "wage_data WHERE type=1 and viewid='" . $id . "' and tid='" . $type['tid'] . "'");
if ($wdb['did'] != '') {
$wage_data = array('content' => $contentdb[$id]);
update_db('wage_data', $wage_data, array('viewid' => $id, 'tid' => $type['tid'], 'type' => 1));
} else {
$wage_data = array('viewid' => $id, 'tid' => $type['tid'], 'name' => $type['name'], 'content' => $contentdb[$id], 'type' => 1);
insert_db('wage_data', $wage_data);
}
}
}
show_msg('薪资基础信息操作成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '');
} elseif (getGP('id', 'G') != '') {
$db->query("DELETE FROM " . DB_TABLEPRE . "wage_type WHERE tid = '" . getGP('id', 'G') . "' ");
$content = getGP('id', 'G');
$title = '删除薪资项目';
get_logadd(getGP('id', 'G'), $content, $title, 36, $_USER->id);
show_msg('薪资项目删除成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '');
} else {
$sql = "SELECT a.*,b.name FROM " . DB_TABLEPRE . "user a," . DB_TABLEPRE . "user_view b where a.ischeck!=0 and a.id!=1 and a.id=b.uid ORDER BY a.numbers asc";
$result = $db->fetch_all($sql);
include_once 'template/basis.php';
}
}
function show_next($batch)
{
global $turl, $next, $start, $perpage;
$nowtime = gmdate('H:i:\\<\\b\\>s\\<\\/\\b\\>', time() + 8 * 3600);
if ($next) {
$start = $start + $perpage;
show_msg("第 {$_GET['step']} 步 / 共 13 步<br>OK,本次处理完成! ({$start})<br><br><a href=\"{$turl}?step={$_GET['step']}&start={$start}\">进入下一批 <strong>{$batch}</strong> 处理, 请耐心等待 ...</a><br><br>Now Time: {$nowtime} ", "{$turl}?step={$_GET['step']}&start={$start}");
} else {
show_msg("第 {$_GET['step']} 步 / 共 13 步<br><strong>{$batch}</strong> 全部处理完毕! <br><br><a href=\"{$turl}?step=" . ($_GET['step'] + 1) . "\">进入下一步处理</a><br><br>Now Time: {$nowtime}", "{$turl}?step=" . ($_GET['step'] + 1));
}
}
function register_administrator($db, $prefix, $admin, $auth)
{
show_msg('开始注册创始人帐号...');
$sql = "UPDATE `[PREFIX]ucenter_member` " . "set `username`='[NAME]', `password`='[PASS]', `email`='[EMAIL]', `last_login_time`= '[TIME]', `last_login_ip`='[IP]', `update_time`='[TIME]'";
$password = user_md5($admin['password'], $auth);
$sql = str_replace(array('[PREFIX]', '[NAME]', '[PASS]', '[EMAIL]', '[TIME]', '[IP]'), array($prefix, $admin['username'], $password, $admin['email'], NOW_TIME, get_client_ip(1)), $sql);
//执行sql
$db->execute($sql);
// $sql = "INSERT INTO `[PREFIX]member` VALUES ".
// "('1', '[NAME]','', '[NAME]', '0', '0', '', '0', '1', '0', '[TIME]', '0', '[TIME]','[TIME]', '1');";
// $sql = str_replace(
// array('[PREFIX]', '[NAME]', '[TIME]'),
// array("common_", $admin['username'], NOW_TIME),
// $sql);
// $db->execute($sql);
show_msg('创始人帐号注册完成!');
}
$show = show_msg($msgs);
include $template->getfile('restore.htm');
pageend();
}
$voltmp = explode("_v", $_SESSION['data_file']);
$volname = $voltmp[0];
$volnum = explode(".sq", $voltmp[1]);
$volnum = intval($volnum[0]) + 1;
$tmpfile = $volname . "_v" . $volnum . ".sql";
if (file_exists("./backup/" . $tmpfile)) {
$msgs[] = "程序将在3秒钟后自动开始导入此分卷备份的下一部份:文件" . $tmpfile . ",请勿手动中止程序的运行,以免数据库结构受损";
$_SESSION['data_file'] = $tmpfile;
$show = show_msg($msgs);
sleep(3);
echo "<script language='javascript'>";
echo "location='restore.php';";
echo "</script>";
} else {
$msgs[] = "此分卷备份全部导入成功";
unset($_SESSION['data_file']);
$show = show_msg($msgs);
}
}
} else {
$msgs[] = "本功能在恢复备份数据的同时,将全部覆盖原有数据";
$msgs[] = "数据恢复只能恢复由本系统导出的数据文件,其他软件导出格式无法识别";
$msgs[] = "从本地恢复数据最大数据2m";
$msgs[] = "如果您使用了分卷备份,只需手工导入文件卷1,其他数据文件会由系统导入";
$show = show_msg($msgs);
}
include $template->getfile('restore.htm');
show_msg('missing_parameter', '', 0);
} else {
show_form($form_db_init_items, $error_msg);
}
} elseif ($method == 'ext_info') {
@touch($lockfile);
if (VIEW_OFF) {
show_msg('ext_info_succ');
} else {
show_header();
echo '</div><div class="main" style="margin-top: -123px;"><ul style="line-height: 200%; margin-left: 30px;">';
echo '<li><a href="../">' . lang('install_succeed') . '</a><br>';
echo '<script>setTimeout(function(){window.location=\'../\'}, 2000);</script>' . lang('auto_redirect') . '</li>';
echo '</ul></div>';
show_footer();
}
} elseif ($method == 'install_check') {
if (file_exists($lockfile)) {
show_msg('installstate_succ');
} else {
show_msg('lock_file_not_touch', $lockfile, 0);
}
} elseif ($method == 'tablepre_check') {
$dbinfo = getgpc('dbinfo');
extract($dbinfo);
if (check_db($dbhost, $dbuser, $dbpw, $dbname, $tablepre)) {
show_msg('tablepre_not_exists', 0);
} else {
show_msg('tablepre_exists', $tablepre, 0);
}
}
