예제 #1
0
 /** 验证 app
  * app_chk function.
  *
  * @access public
  * @param mixed $arr_appRequest
  * @param mixed $arr_appRow
  * @return void
  */
 function app_chk($arr_appRequest, $arr_appRow)
 {
     if ($arr_appRequest["alert"] != "ok") {
         return $arr_appRow;
     }
     if ($arr_appRow["app_status"] != "enable") {
         return array("alert" => "x050402");
     }
     $_str_ip = fn_getIp();
     if (!fn_isEmpty($arr_appRow["app_ip_allow"])) {
         $_str_ipAllow = str_ireplace(PHP_EOL, "|", $arr_appRow["app_ip_allow"]);
         if (!fn_regChk($_str_ip, $_str_ipAllow, true)) {
             return array("alert" => "x050212");
         }
     } else {
         if (!fn_isEmpty($arr_appRow["app_ip_bad"])) {
             $_str_ipBad = str_ireplace(PHP_EOL, "|", $arr_appRow["app_ip_bad"]);
             if (fn_regChk($_str_ip, $_str_ipBad)) {
                 return array("alert" => "x050213");
             }
         }
     }
     if ($arr_appRow["app_key"] != $arr_appRequest["app_key"]) {
         return array("alert" => "x050217");
     }
     return array("alert" => "ok");
 }
예제 #2
0
 /**
  * ajax_submit function.
  *
  * @access public
  * @return void
  */
 function ajax_submit()
 {
     $_arr_adminSubmit = $this->mdl_admin->input_submit();
     if ($_arr_adminSubmit["alert"] != "ok") {
         $this->obj_ajax->halt_alert($_arr_adminSubmit["alert"]);
     }
     $_str_adminPassDo = "";
     $_str_adminRand = "";
     if ($_arr_adminSubmit["admin_id"] > 0) {
         if (!isset($this->adminLogged["admin_allow"]["admin"]["edit"]) && !$this->is_super) {
             $this->obj_ajax->halt_alert("x020303");
         }
         if ($_arr_adminSubmit["admin_id"] == $this->adminLogged["admin_id"] && !$this->is_super) {
             $this->obj_ajax->halt_alert("x020306");
         }
         $_str_adminPass = fn_post("admin_pass");
         if (!fn_isEmpty($_str_adminPass)) {
             $_str_adminRand = fn_rand(6);
             $_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
         }
     } else {
         if (!isset($this->adminLogged["admin_allow"]["admin"]["add"]) && !$this->is_super) {
             $this->obj_ajax->halt_alert("x020302");
         }
         $_arr_adminPass = validateStr(fn_post("admin_pass"), 1, 0);
         switch ($_arr_adminPass["status"]) {
             case "too_short":
                 $this->obj_ajax->halt_alert("x020205");
                 break;
             case "ok":
                 $_str_adminPass = $_arr_adminPass["str"];
                 break;
         }
         $_str_adminRand = fn_rand(6);
         $_str_adminPassDo = fn_baigoEncrypt($_str_adminPass, $_str_adminRand);
     }
     $_arr_adminRow = $this->mdl_admin->mdl_submit($_str_adminPassDo, $_str_adminRand);
     if ($_arr_adminRow["alert"] == "y020101" || $_arr_adminRow["alert"] == "y020103") {
         $_arr_targets[] = array("admin_id" => $_arr_adminRow["admin_id"]);
         $_str_targets = json_encode($_arr_targets);
         if ($_arr_adminRow["alert"] == "y020101") {
             $_type = "add";
         } else {
             $_type = "edit";
         }
         $_str_adminRow = json_encode($_arr_adminRow);
         $_arr_logData = array("log_targets" => $_str_targets, "log_target_type" => "admin", "log_title" => $this->log["admin"][$_type], "log_result" => $_str_adminRow, "log_type" => "admin");
         $this->mdl_log->mdl_submit($_arr_logData, $this->adminLogged["admin_id"]);
     }
     $this->obj_ajax->halt_alert($_arr_adminRow["alert"]);
 }
예제 #3
0
 /** 签名
  * sso_signature function.
  *
  * @access public
  * @param mixed $tm_time
  * @param mixed $str_rand
  * @return void
  */
 function sso_signature($arr_params)
 {
     $_arr_sso = array("act_post" => "signature", "params" => $arr_params);
     $_str_return = "";
     $_arr_ssoData = array_merge($this->arr_data, $_arr_sso);
     //合并数组
     $_arr_get = fn_http(BG_SSO_URL . "?mod=signature", $_arr_ssoData, "post");
     //提交
     $_arr_return = fn_jsonDecode($_arr_get["ret"], "no");
     if (!fn_isEmpty($_arr_return["signature"])) {
         $_str_return = $_arr_return["signature"];
     }
     return $_str_return;
 }
예제 #4
0
 /**
  * api_signature function.
  *
  * @access public
  * @return void
  */
 function api_signature()
 {
     $this->app_check("post");
     $_arr_params = fn_post("params");
     if ($_arr_params) {
         foreach ($_arr_params as $_key => $_value) {
             if (!fn_isEmpty($_value)) {
                 $_arr_paramsSrc[$_key] = fn_getSafe($_value, "txt", "");
             }
         }
     }
     $_str_sign = $this->obj_sign->sign_make($_arr_paramsSrc);
     $_arr_return = array("signature" => $_str_sign, "alert" => "y050404");
     $this->obj_api->halt_re($_arr_return);
 }
예제 #5
0
/** 获取 IP
 * fn_getIp function.
 *
 * @access public
 * @return void
 */
function fn_getIp()
{
    if (isset($_SERVER)) {
        if (fn_isEmpty(fn_server("REMOTE_ADDR"))) {
            $_str_ip = "0.0.0.0";
        } else {
            $_str_ip = fn_server("REMOTE_ADDR");
        }
    } else {
        if (fn_isEmpty(getenv("REMOTE_ADDR"))) {
            $_str_ip = "0.0.0.0";
        } else {
            $_str_ip = getenv("REMOTE_ADDR");
        }
    }
    return $_str_ip;
}
예제 #6
0
 function sign_make($arr_params)
 {
     unset($arr_params["signature"], $arr_params["alert"]);
     $_arr_params = array();
     foreach ($arr_params as $_key => $_value) {
         if (!fn_isEmpty($_value)) {
             $_arr_params[$_key] = $_value;
         }
     }
     ksort($_arr_params);
     reset($_arr_params);
     $_str_signSrc = http_build_query($_arr_params);
     //如果存在转义字符,那么去掉转义
     if (get_magic_quotes_gpc()) {
         $_str_signSrc = stripslashes($_str_signSrc);
     }
     return md5($_str_signSrc);
 }
예제 #7
0
 function getUi()
 {
     if (BG_SWITCH_UI == 1) {
         //界面开关为开
         $str_ui = fn_getSafe(fn_get("ui"), "txt", "");
         if (!fn_isEmpty($str_ui)) {
             //查询串指定
             $_str_return = $str_ui;
         } else {
             /*if (fn_cookie("cookie_ui")) { //cookie 指定
                   $_str_return = fn_cookie("cookie_ui");
               } else { //系统识别*/
             $_str_return = BG_DEFAULT_UI;
             //客户端是 pc
             //}
         }
     } else {
         //界面开关为关
         $_str_return = BG_DEFAULT_UI;
         //默认界面
     }
     $this->config["ui"] = $_str_return;
 }
예제 #8
0
function fn_ssin_begin()
{
    $_mdl_admin = new MODEL_ADMIN();
    //设置管理员模型
    $_num_adminTimeDiff = fn_session("admin_ssin_time") + BG_DEFAULT_SESSION;
    //session有效期
    if (fn_isEmpty(fn_session("admin_id")) || fn_isEmpty(fn_session("admin_ssin_time")) || fn_isEmpty(fn_session("admin_hash")) || $_num_adminTimeDiff < time()) {
        fn_ssin_end();
        $_arr_adminRow["alert"] = "x020401";
        return $_arr_adminRow;
        exit;
    }
    $_arr_adminRow = $_mdl_admin->mdl_read(fn_session("admin_id"));
    //print_r($_arr_adminRow);
    if (fn_baigoEncrypt($_arr_adminRow["admin_time"], $_arr_adminRow["admin_rand"]) != fn_session("admin_hash")) {
        fn_ssin_end();
        $_arr_adminRow["alert"] = "x020403";
        return $_arr_adminRow;
        exit;
    }
    fn_session("admin_ssin_time", "mk", time());
    return $_arr_adminRow;
}
예제 #9
0
 private function check_db()
 {
     if (!fn_token("chk")) {
         //令牌
         $this->obj_ajax->halt_alert("x030206");
     }
     if (fn_isEmpty(BG_DB_HOST) || fn_isEmpty(BG_DB_NAME) || fn_isEmpty(BG_DB_USER) || fn_isEmpty(BG_DB_PASS) || fn_isEmpty(BG_DB_CHARSET)) {
         $this->obj_ajax->halt_alert("x030412");
     } else {
         if (!defined("BG_DB_PORT")) {
             define("BG_DB_PORT", "3306");
         }
         $_cfg_host = array("host" => BG_DB_HOST, "name" => BG_DB_NAME, "user" => BG_DB_USER, "pass" => BG_DB_PASS, "charset" => BG_DB_CHARSET, "debug" => BG_DEBUG_DB, "port" => BG_DB_PORT);
         $GLOBALS["obj_db"] = new CLASS_MYSQLI($_cfg_host);
         //设置数据库对象
         $this->obj_db = $GLOBALS["obj_db"];
         if (!$this->obj_db->connect()) {
             $this->obj_ajax->halt_alert("x030111");
         }
         if (!$this->obj_db->select_db()) {
             $this->obj_ajax->halt_alert("x030112");
         }
     }
 }
예제 #10
0
 function v_reg($str, $format)
 {
     switch ($format) {
         case "date":
             $_reg = "/^[0-9]{4}-(((0?[13578]|(10|12))-(0?[1-9]|[1-2][0-9]|3[0-1]))|(0?2-(0[1-9]|[1-2][0-9]))|((0?[469]|11)-(0[1-9]|[1-2][0-9]|30)))\$/";
             //日期
             break;
         case "time":
             $_reg = "/^(([1-9]{1})|([0-1][0-9])|([1-2][0-3])):([0-5][0-9])(:([0-5][0-9]))?\$/";
             break;
         case "datetime":
             //日期时间
             $_reg = "/^[0-9]{4}-(((0?[13578]|(10|12))-(0?[1-9]|[1-2][0-9]|3[0-1]))|(0?2-(0[1-9]|[1-2][0-9]))|((0?[469]|11)-(0[1-9]|[1-2][0-9]|30)))\\s(([1-9]{1})|([0-1][0-9])|([1-2][0-3])):([0-5][0-9])(:([0-5][0-9]))?\$/";
             break;
         case "int":
             $_reg = "/^(\\+|-)?\\d*\$/";
             //整数
             break;
         case "digit":
             $_reg = "/^(\\+|-)?\\d*(\\.\\d+)*\$/";
             //数值,可以包含小数点
             break;
         case "email":
             $_reg = "/^\\w+(-\\w+)*(\\.\\w+(-\\w+)*)*@\\w+(\\.\\w+)+\$/";
             //Email
             break;
         case "url":
             $_reg = "/^(http|ftp)s?:\\/\\/\\w+(-\\w+)*(\\.\\w+(-\\w+)*)+(/\\w+(-\\w+)*)*(\\.\\w+)*\\??(&?\\w+=\\w+)*(/\\w+(-\\w+)*)*\$/";
             //URL地址
             break;
         case "alphabetDigit":
             $_reg = "/^[a-zA-Z\\d]*\$/";
             //数字英文字母
             break;
         case "strDigit":
             $_reg = "/^[\\x{4e00}-\\x{9fa5}a-zA-Z\\d-_]*\$/u";
             // "/^[\\\u4e00-\\\u9fa5|\\\uf900-\\\ufa2d|\w]*$/" 中文字母数字下划线连字符
             break;
         case "alias":
             $_reg = "/^[a-zA-Z\\d-_]*\$/";
             // "/^[\\\u4e00-\\\u9fa5|\\\uf900-\\\ufa2d|\w]*$/" 字母数字下划线连字符
             break;
         default:
             $_reg = "";
             //默认
             break;
     }
     if (!fn_isEmpty($str) && $format != "text") {
         //如果值不为空,且格式不为text则验证
         if (preg_match($_reg, $str)) {
             return true;
             //验证通过,返回正确
         } else {
             return false;
             //验证失败,返回错误
         }
     } else {
         return true;
         //如果为text,直接返回正确
     }
 }
예제 #11
0
 function ctl_mailbox()
 {
     $_num_verifyId = fn_getSafe(fn_get("verify_id"), "int", 0);
     $_str_verifyToken = fn_getSafe(fn_get("verify_token"), "txt", "");
     if ($_num_verifyId < 1) {
         return array("alert" => "x120201");
     }
     if (fn_isEmpty($_str_verifyToken)) {
         return array("alert" => "x120202");
     }
     $_arr_verifyRow = $this->mdl_verify->mdl_read($_num_verifyId);
     if ($_arr_verifyRow["alert"] != "y120102") {
         return $_arr_verifyRow;
     }
     if ($_arr_verifyRow["verify_status"] != "enable") {
         return array("alert" => "x120203");
     }
     if ($_arr_verifyRow["verify_token_expire"] < time()) {
         return array("alert" => "x120204");
     }
     if (fn_baigoEncrypt($_arr_verifyRow["verify_token"], $_arr_verifyRow["verify_rand"]) != $_str_verifyToken) {
         return array("alert" => "x120205");
     }
     $_arr_userRow = $this->mdl_user->mdl_read($_arr_verifyRow["verify_user_id"]);
     if ($_arr_userRow["alert"] != "y010102") {
         return $_arr_userRow;
     }
     $_arr_verifyRow["verify_token"] = $_str_verifyToken;
     $_arr_tplData = array("userRow" => $_arr_userRow, "verifyRow" => $_arr_verifyRow);
     $this->obj_tpl->tplDisplay("reg_mailbox.tpl", $_arr_tplData);
     return array("alert" => "y010102");
 }
예제 #12
0
 private function check_db()
 {
     if (fn_isEmpty(BG_DB_HOST) || fn_isEmpty(BG_DB_NAME) || fn_isEmpty(BG_DB_USER) || fn_isEmpty(BG_DB_PASS) || fn_isEmpty(BG_DB_CHARSET)) {
         return false;
     } else {
         if (!defined("BG_DB_PORT")) {
             define("BG_DB_PORT", "3306");
         }
         $_cfg_host = array("host" => BG_DB_HOST, "name" => BG_DB_NAME, "user" => BG_DB_USER, "pass" => BG_DB_PASS, "charset" => BG_DB_CHARSET, "debug" => BG_DEBUG_DB, "port" => BG_DB_PORT);
         $GLOBALS["obj_db"] = new CLASS_MYSQLI($_cfg_host);
         //设置数据库对象
         $this->obj_db = $GLOBALS["obj_db"];
         if (!$this->obj_db->connect()) {
             return false;
         }
         if (!$this->obj_db->select_db()) {
             return false;
         }
         return true;
     }
 }
예제 #13
0
 /**
  * ajax_chkmail function.
  *
  * @access public
  * @return void
  */
 function ajax_chkmail()
 {
     $_arr_userMail = $this->mdl_user->input_chk_mail();
     if ($_arr_userMail["alert"] != "ok") {
         $this->obj_ajax->halt_re($_arr_userMail["alert"]);
     }
     if (!fn_isEmpty($_arr_userMail["user_mail"])) {
         $_arr_userRow = $this->mdl_user->mdl_read($_arr_userMail["user_mail"], "user_mail", $_arr_userMail["not_id"]);
         if ($_arr_userRow["alert"] == "y010102") {
             $this->obj_ajax->halt_re("x010211");
         }
     }
     $arr_re = array("re" => "ok");
     exit(json_encode($arr_re));
 }
예제 #14
0
 /**
  * api_chkname function.
  *
  * @access public
  * @return void
  */
 function api_list()
 {
     $this->app_check("get");
     if (!isset($this->appAllow["pm"]["list"])) {
         $_arr_return = array("alert" => "x050319");
         $_arr_logTarget[] = array("app_id" => $this->appRequest["app_id"]);
         $_arr_logType = array("pm", "list");
         $this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
         $this->obj_api->halt_re($_arr_return);
     }
     $_arr_userRow = $this->user_check("get");
     $_num_perPage = fn_getSafe(fn_get("per_page"), "int", BG_SITE_PERPAGE);
     $_str_pmIds = fn_getSafe(fn_get("pm_ids"), "txt", "");
     $_str_type = fn_getSafe(fn_get("pm_type"), "txt", "");
     $_str_status = fn_getSafe(fn_get("pm_status"), "txt", "");
     $_str_key = fn_getSafe(fn_get("key"), "txt", "");
     $_arr_sign = array("act_get" => $GLOBALS["act_get"], $this->userRequest["user_by"] => $this->userRequest["user_str"], "user_access_token" => $this->userRequest["user_access_token"], "pm_ids" => $_str_pmIds, "pm_type" => $_str_type, "pm_status" => $_str_status, "key" => $_str_key);
     if (!fn_isEmpty(fn_get("per_page"))) {
         $_arr_sign["per_page"] = $_num_perPage;
     }
     //file_put_contents(BG_PATH_ROOT . "debug.txt", json_encode($_arr_sign), FILE_APPEND);
     if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) {
         $_arr_return = array("alert" => "x050403");
         $this->obj_api->halt_re($_arr_return);
     }
     $_arr_pmIds = array();
     if (!fn_isEmpty($_str_pmIds)) {
         if (stristr($_str_pmIds, "|")) {
             $_arr_pmIds = explode("|", $_str_pmIds);
         } else {
             $_arr_pmIds = array($_str_pmIds);
         }
     }
     if (fn_isEmpty($_str_type)) {
         $_arr_return = array("alert" => "x110218");
         $this->obj_api->halt_re($_arr_return);
     }
     $_arr_search = array("type" => $_str_type, "status" => $_str_status, "key" => $_str_key, "pm_ids" => $_arr_pmIds);
     switch ($_str_type) {
         case "in":
             $_arr_search["pm_to"] = $_arr_userRow["user_id"];
             break;
         case "out":
             $_arr_search["pm_from"] = $_arr_userRow["user_id"];
             break;
     }
     $_num_pmCount = $this->mdl_pm->mdl_count($_arr_search);
     $_arr_page = fn_page($_num_pmCount);
     $_arr_pmRows = $this->mdl_pm->mdl_list($_num_perPage, $_arr_page["except"], $_arr_search);
     foreach ($_arr_pmRows as $_key => $_value) {
         $_arr_pmRows[$_key]["fromUser"] = $this->mdl_user->mdl_read_api($_value["pm_from"]);
         $_arr_pmRows[$_key]["toUser"] = $this->mdl_user->mdl_read_api($_value["pm_to"]);
         if ($_str_type == "out") {
             $_arr_sendRow = $this->mdl_pm->mdl_read($_value["pm_send_id"]);
             if ($_arr_sendRow["alert"] != "y110102") {
                 $_arr_pmRows[$_key]["pm_send_status"] = "revoke";
             } else {
                 $_arr_pmRows[$_key]["pm_send_status"] = $_arr_sendRow["pm_status"];
             }
         }
     }
     //print_r($_arr_pmRows);
     $_arr_return = array("pmRows" => $_arr_pmRows, "pageRow" => $_arr_page);
     $_str_src = fn_jsonEncode($_arr_return, "encode");
     $_str_code = $this->obj_crypt->encrypt($_str_src, $this->appRow["app_key"]);
     $_arr_return = array("code" => $_str_code, "alert" => "y110402");
     $this->obj_api->halt_re($_arr_return);
 }
예제 #15
0
 /** 列出及统计 SQL 处理
  * sql_process function.
  *
  * @access private
  * @param array $arr_search (default: array())
  * @return void
  */
 private function sql_process($arr_search = array())
 {
     $_str_sqlWhere = "1=1";
     if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
         $_str_sqlWhere .= " AND (log_target_type LIKE '%" . $arr_search["key"] . "%' OR log_result LIKE '%" . $arr_search["key"] . "%')";
     }
     if (isset($arr_search["type"]) && !fn_isEmpty($arr_search["type"])) {
         $_str_sqlWhere .= " AND log_type='" . $arr_search["type"] . "'";
     }
     if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
         $_str_sqlWhere .= " AND log_status='" . $arr_search["status"] . "'";
     }
     if (isset($arr_search["level"]) && !fn_isEmpty($arr_search["level"])) {
         $_str_sqlWhere .= " AND log_level='" . $arr_search["level"] . "'";
     }
     if (isset($arr_search["operator_id"]) && $arr_search["operator_id"] > 0) {
         $_str_sqlWhere .= " AND log_operator_id=" . $arr_search["operator_id"];
     }
     return $_str_sqlWhere;
 }
예제 #16
0
/** JSON 解码 (内容可解码自 base64)
 * fn_jsonDecode function.
 *
 * @access public
 * @param string $str_json (default: "")
 * @param string $method (default: "")
 * @return void
 */
function fn_jsonDecode($str_json = "", $method = "")
{
    if (fn_isEmpty($str_json)) {
        $arr_json = array();
    } else {
        $arr_json = json_decode($str_json, true);
        //json解码
        $arr_json = fn_eachArray($arr_json, $method);
    }
    return $arr_json;
}
예제 #17
0
 /** 列出及统计 SQL 处理
  * sql_process function.
  *
  * @access private
  * @param array $arr_search (default: array())
  * @return void
  */
 private function sql_process($arr_search = array())
 {
     $_str_sqlWhere = "1=1";
     if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
         $_str_sqlWhere .= " AND (pm_title LIKE '%" . $arr_search["key"] . "%' OR pm_content LIKE '%" . $arr_search["key"] . "%')";
     }
     if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
         $_str_sqlWhere .= " AND pm_status='" . $arr_search["status"] . "'";
     }
     if (isset($arr_search["type"]) && !fn_isEmpty($arr_search["type"])) {
         $_str_sqlWhere .= " AND pm_type='" . $arr_search["type"] . "'";
     }
     if (isset($arr_search["pm_from"]) && $arr_search["pm_from"] > 0) {
         $_str_sqlWhere .= " AND pm_from=" . $arr_search["pm_from"];
     }
     if (isset($arr_search["pm_to"]) && $arr_search["pm_to"] > 0) {
         $_str_sqlWhere .= " AND pm_to=" . $arr_search["pm_to"];
     }
     if (isset($arr_search["pm_ids"]) && $arr_search["pm_ids"]) {
         $_str_pmIds = implode(",", $arr_search["pm_ids"]);
         $_str_sqlWhere .= " AND pm_in (" . $_str_pmIds . ")";
     }
     return $_str_sqlWhere;
 }
예제 #18
0
 /** 列出及统计 SQL 处理
  * sql_process function.
  *
  * @access private
  * @param array $arr_search (default: array())
  * @return void
  */
 private function sql_process($arr_search = array())
 {
     $_str_sqlWhere = "1=1";
     if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
         $_str_sqlWhere .= " AND (user_name LIKE '%" . $arr_search["key"] . "%' OR user_name LIKE '%" . $arr_search["key"] . "%' OR user_mail LIKE '%" . $arr_search["key"] . "%' OR user_note LIKE '%" . $arr_search["key"] . "%')";
     }
     if (isset($arr_search["key_name"]) && !fn_isEmpty($arr_search["key_name"])) {
         $_str_sqlWhere .= " AND user_name LIKE '%" . $arr_search["key_name"] . "%'";
     }
     if (isset($arr_search["key_mail"]) && !fn_isEmpty($arr_search["key_mail"])) {
         $_str_sqlWhere .= " AND user_mail LIKE '%" . $arr_search["key_mail"] . "%'";
     }
     if (isset($arr_search["min_id"]) && $arr_search["min_id"] > 0) {
         $_str_sqlWhere .= " AND user_id>=" . $arr_search["min_id"];
     }
     if (isset($arr_search["max_id"]) && $arr_search["max_id"] > 0) {
         $_str_sqlWhere .= " AND user_id<=" . $arr_search["max_id"];
     }
     if (isset($arr_search["begin_time"]) && $arr_search["begin_time"] > 0) {
         $_str_sqlWhere .= " AND user_time>=" . $arr_search["begin_time"];
     }
     if (isset($arr_search["end_time"]) && $arr_search["end_time"] > 0) {
         $_str_sqlWhere .= " AND user_time<=" . $arr_search["end_time"];
     }
     if (isset($arr_search["begin_login"]) && $arr_search["begin_login"] > 0) {
         $_str_sqlWhere .= " AND user_time_login>=" . $arr_search["begin_login"];
     }
     if (isset($arr_search["end_login"]) && $arr_search["end_login"] > 0) {
         $_str_sqlWhere .= " AND user_time_login<=" . $arr_search["end_login"];
     }
     if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
         $_str_sqlWhere .= " AND user_status='" . $arr_search["status"] . "'";
     }
     if (isset($arr_search["user_names"]) && $arr_search["user_names"]) {
         $_str_userNames = implode("','", $arr_search["user_names"]);
         $_str_sqlWhere .= " AND user_name IN ('" . $_str_userNames . "')";
     }
     return $_str_sqlWhere;
 }
예제 #19
0
 /**
  * api_chkmail function.
  *
  * @access public
  * @return void
  */
 function api_chkmail()
 {
     $this->app_check("get");
     $_arr_userMail = $this->mdl_user->input_chk_mail();
     if (BG_REG_ONEMAIL == "false" || BG_LOGIN_MAIL == "on") {
         //不允许重复
         if ($_arr_userMail["alert"] != "ok") {
             $this->obj_api->halt_re($_arr_userMail);
         }
         if (!fn_isEmpty($_arr_userMail["user_mail"])) {
             $_arr_userRow = $this->mdl_user->mdl_read_api($_arr_userMail["user_mail"], "user_mail", $_arr_userMail["not_id"]);
             if ($_arr_userRow["alert"] == "y010102") {
                 $_str_alert = "x010211";
             } else {
                 $_str_alert = "y010211";
             }
         } else {
             $_str_alert = "y010211";
         }
     } else {
         $_str_alert = "y010211";
     }
     $_arr_sign = array("act_get" => $GLOBALS["act_get"], "user_mail" => $_arr_userMail["user_mail"], "not_id" => $_arr_userMail["not_id"]);
     if (!$this->obj_sign->sign_check(array_merge($this->appRequest, $_arr_sign), $this->appRequest["signature"])) {
         $_str_alert = "x050403";
     }
     $_arr_return = array("alert" => $_str_alert);
     $this->obj_api->halt_re($_arr_return);
 }
예제 #20
0
 /** 列出及统计 SQL 处理
  * sql_process function.
  *
  * @access private
  * @param array $arr_search (default: array())
  * @return void
  */
 private function sql_process($arr_search = array())
 {
     $_str_sqlWhere = "1=1";
     if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
         $_str_sqlWhere .= " AND (app_name LIKE '%" . $arr_search["key"] . "%' OR app_note LIKE '%" . $arr_search["key"] . "%')";
     }
     if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
         $_str_sqlWhere .= " AND app_status='" . $arr_search["status"] . "'";
     }
     if (isset($arr_search["sync"]) && !fn_isEmpty($arr_search["sync"])) {
         $_str_sqlWhere .= " AND app_sync='" . $arr_search["sync"] . "'";
     }
     if (isset($arr_search["has_notify"])) {
         $_str_sqlWhere .= " AND LENGTH(app_url_notify)>0";
     }
     if (isset($arr_search["has_sync"])) {
         $_str_sqlWhere .= " AND LENGTH(app_url_sync)>0";
     }
     if (isset($arr_search["not_ids"]) && $arr_search["not_ids"]) {
         $_str_appIds = implode(",", $arr_search["not_ids"]);
         $_str_sqlWhere .= " AND app_id NOT IN (" . $_str_appIds . ")";
     }
     return $_str_sqlWhere;
 }
예제 #21
0
 function select($table, $data = "", $where = "", $group = "", $order = "", $length = 0, $start = 0, $distinct = "", $field = false)
 {
     $sql = "SELECT";
     if ($data) {
         if ($field) {
             $sql .= " " . implode(",", $data);
         } else {
             $sql .= " `" . implode("`,`", $data) . "`";
         }
     } else {
         $sql .= " *";
     }
     if ($distinct) {
         $sql .= ", COUNT(DISTINCT `" . implode(",", $distinct) . "`)";
     }
     $sql .= " FROM `" . $table . "`";
     if (!fn_isEmpty($where)) {
         $sql .= " WHERE " . $where;
     }
     if (!fn_isEmpty($group)) {
         $sql .= " GROUP BY " . $group;
     }
     if (!fn_isEmpty($order)) {
         $sql .= " ORDER BY " . $order;
     }
     if ($length > 0) {
         $sql .= " LIMIT " . $start . ", " . $length;
     }
     //print_r($sql);
     /*if ($field) {
       print_r($sql . "\n");
       }*/
     $this->db_rs = $this->query($sql);
     if (!$this->db_rs) {
         return false;
     }
     $obj = array();
     while ($obj_temp = $this->fetch_assoc($this->db_rs)) {
         $obj[] = $obj_temp;
         unset($obj_temp);
     }
     return $obj;
 }
예제 #22
0
 /** 列出及统计 SQL 处理
  * sql_process function.
  *
  * @access private
  * @param array $arr_search (default: array())
  * @return void
  */
 private function sql_process($arr_search = array())
 {
     $_str_sqlWhere = "1=1";
     if (isset($arr_search["key"]) && !fn_isEmpty($arr_search["key"])) {
         $_str_sqlWhere .= " AND (admin_name LIKE '%" . $arr_search["key"] . "%' OR admin_note LIKE '%" . $arr_search["key"] . "%' OR admin_nick LIKE '%" . $arr_search["key"] . "%')";
     }
     if (isset($arr_search["status"]) && !fn_isEmpty($arr_search["status"])) {
         $_str_sqlWhere .= " AND admin_status='" . $arr_search["status"] . "'";
     }
     if (isset($arr_search["type"]) && !fn_isEmpty($arr_search["type"])) {
         $_str_sqlWhere .= " AND admin_type='" . $arr_search["type"] . "'";
     }
     return $_str_sqlWhere;
 }
예제 #23
0
<?php

/*-----------------------------------------------------------------
!!!!警告!!!!
以下为系统文件,请勿修改
-----------------------------------------------------------------*/
//不能非法包含或直接执行
if (!defined("IN_BAIGO")) {
    exit("Access Denied");
}
if ($GLOBALS["adminLogged"]["alert"] != "y020102") {
    if ($GLOBALS["view"] == "iframe") {
        $_str_location = "Location: " . BG_URL_ADMIN . "ctl.php?mod=alert&act_get=show&alert=" . $GLOBALS["adminLogged"]["alert"] . "&view=" . $GLOBALS["view"];
    } else {
        if (!fn_isEmpty(fn_server("REQUEST_URI"))) {
            $_str_attach = fn_forward(fn_server("REQUEST_URI"));
        }
        $_str_location = "Location: " . BG_URL_ADMIN . "ctl.php?mod=logon&forward=" . $_str_attach;
    }
    header($_str_location);
    //未登录就跳转至登录界面
    exit;
}
예제 #24
0
} else {
    error_reporting(E_ALL & ~E_DEPRECATED & ~E_STRICT);
}
include_once BG_PATH_FUNC . "common.func.php";
//载入通用函数
include_once BG_PATH_FUNC . "validate.func.php";
//载入表单验证函数
include_once BG_PATH_CLASS . "dir.class.php";
//载入模板类
$GLOBALS["act_post"] = fn_getSafe(fn_post("act_post"), "txt", "");
//表单动作
$GLOBALS["act_get"] = fn_getSafe(fn_get("act_get"), "txt", "");
//查询串动作
$GLOBALS["view"] = fn_getSafe(fn_request("view"), "txt", "");
//界面 (是否 iframe)
if (!fn_isEmpty($GLOBALS["view"])) {
    $_url_attach = "&view=" . $GLOBALS["view"];
}
function fn_init($arr_set = array())
{
    //$base = false, $ssin = false, $header = "Content-Type: text/html; charset=utf-8", $db = false, $ajax = "", $admin = false, $is_ssin_db = true
    if (isset($arr_set["db"])) {
        //连接数据库
        include_once BG_PATH_CLASS . "mysqli.class.php";
        //载入数据库类
        if (!defined("BG_DB_PORT")) {
            define("BG_DB_PORT", "3306");
        }
        $_cfg_host = array("host" => BG_DB_HOST, "name" => BG_DB_NAME, "user" => BG_DB_USER, "pass" => BG_DB_PASS, "charset" => BG_DB_CHARSET, "debug" => BG_DEBUG_DB);
        $GLOBALS["obj_db"] = new CLASS_MYSQLI($_cfg_host);
        //设置数据库对象