public function adminLoginWithEmail($email, $pw) { $email = trim($email); $email = format_bracket($email); if (get_magic_quotes_gpc()) { $email = mysql_real_escape_string(stripslashes($email)); } else { $email = mysql_real_escape_string($email); } $thisUser = $this->user_db->get_row(array('email' => $email)); if ($thisUser) { $password = toPassword($pw, $thisUser->salt); if ($thisUser->password == $password) { if (intval($thisUser->isadmin)) { return intval($thisUser->uid); } else { return -4; } } else { return -2; } } else { return -1; } }
function searchContentSql($channelID = 0, $keywords = '', $page = 0, $count = 0, $starttime = 0, $endtime = 0, $exceptChannel = 0, $uid = 0, $siteid = 1) { $channelID = intval($channelID); $keywords = format_bracket($keywords); $starttime = intval($starttime); $endtime = intval($endtime); $exceptChannel = intval($exceptChannel); $keywordsArr = explode(' ', $keywords); $normalWords = array('的', '什么'); $keywordsSql = ''; if ($keywordsArr) { foreach ($keywordsArr as $k) { if (strlen($k) && !in_array($k, $normalWords)) { $keywordsSql .= ' OR content LIKE \'%' . $k . '%\' OR title LIKE \'%' . $k . '%\''; } } } $keywordsSql = substr($keywordsSql, 4); if (strlen($keywordsSql)) { $keywordsSql = ' AND (' . $keywordsSql . ')'; } //time if (!$starttime && !$endtime) { $timeSql = ''; } elseif ($endtime == 0) { $timeSql = ' AND time>' . $starttime . ' AND time<' . SYS_TIME; } else { $timeSql = ' AND time>' . $starttime . ' AND time<' . $endtime; } // //if (strlen($keywordsSql)){ $start = 0; if ($page > 1) { $start = ($page - 1) * $count; } $limitSql = ''; if ($count) { $limitSql .= ' LIMIT ' . $start . ',' . $count; } $channelIDSql = ''; if ($exceptChannel) { $exceptChannelSql = ' AND channel_id!=' . $exceptChannel; } $uid = intval($uid); $uidSql = ''; if ($uid) { $uidSql = ' AND uid=' . $uid; } if ($channelID) { $channelObj = bpBase::loadAppClass('channelObj', 'channel'); $descentChannels = $channelObj->allDescentChannels($channelID); $descentsCount = count($descentChannels); $channelIDArr = array($channelID); if ($descentChannels) { foreach ($descentChannels as $c) { array_push($channelIDArr, $c->id); } } $channelIDSql = ' AND ' . to_sqls($channelIDArr, '', 'channel_id'); } else { $channelIDSql = ''; } $article_db = M('article'); if (!$page && !$count) { $sql = 'SELECT COUNT(id) FROM ' . $article_db->table_name . ' WHERE site=' . $siteid . $channelIDSql . $timeSql . $keywordsSql . $exceptChannelSql . $uidSql; } else { $sql = 'SELECT * FROM ' . $article_db->table_name . ' WHERE site=' . $siteid . $channelIDSql . $timeSql . $keywordsSql . $exceptChannelSql . $uidSql . ' ORDER BY time DESC' . $limitSql; } return $sql; }