public function upload()
{
if (isset($_FILES['userfile']['tmp_name'])) {
switch ($_POST['type']) {
case 'face':
$width = 99;
$height = 100;
$info = '头像上传成功';
break;
case 'ok':
$width = 300;
$height = 300;
$info = '图片上传成功';
break;
case 'rotator':
$width = 1200;
$height = 530;
$info = '轮播器图片上传成功';
break;
default:
exit('非法操作');
}
$upload = new UploadFile('userfile', $_POST['MAX_FILE_SIZE']);
$path = $upload->getPath();
$thumb = new Image($path);
$thumb->thumb($width, $height);
$thumb->outImage();
$upload->alertThumbClose($info, $path);
} else {
Tool::alertBack('警告:未知错误');
}
}
public function Action()
{
switch ($_GET['action']) {
case 'login':
if (isset($_POST['send'])) {
if (!Validate::Check_Length($_POST['code'], 4, 'equals')) {
Tool::alertBack('验证码必须为四位');
}
if (!Validate::Check_Equals($_POST['code'], strtolower($_SESSION['code']))) {
Tool::alertBack('验证码不正确');
}
$object = $this->model->Manage_Login();
if (!Validate::Check_Null($object)) {
$_SESSION['admin']['username'] = $object->username;
//生成session
$_SESSION['admin']['level_position'] = $object->level_position;
$this->model->Login_Count();
Tool::alertLocation(null, 'admin.php');
} else {
Tool::alertBack('用户名或者密码错误,请重新输入');
}
}
break;
case 'logout':
if (session_start()) {
session_destroy();
}
Tool::alertLocation(null, 'admin_login.php');
break;
}
}
private function delete()
{
if (isset($_GET['id'])) {
$this->_model->id = $_GET['id'];
$this->_model->deleteComment() ? Tool::alertLocation('Succeed', PREV_URL) : Tool::alertBack('Fail');
} else {
Tool::alertBack("illegal operation");
}
}
private function delete()
{
if (isset($_GET['id'])) {
$this->_model->id = $_GET['id'];
$this->_model->deleteComment() ? Tool::alertLocation('恭喜你,删除评论成功!', PREV_URL) : Tool::alertBack('很遗憾,删除评论失败!');
} else {
Tool::alertBack('非法操作!');
}
}
private function add()
{
if (isset($_POST['send'])) {
$this->_model->userInfo = $_POST['user_info'];
echo $this->_model->addModule();
exit;
} else {
Tool::alertBack('非法操作!');
}
}
public function Delete_Level()
{
$this->id = $_GET['id'];
$sql_delete = "delete from manage_level where id='{$this->id}' limit 1";
$affected_rows = parent::add_up_de($sql_delete);
if ($affected_rows == 1) {
Tool::alertLocation('删除成功', 'level.php?action=show');
} else {
Tool::alertBack('删除失败');
}
}
private function add()
{
if (@$_POST['send'] == '新增管理员') {
$this->_model->admin_user = $_POST['admin_user'];
$this->_model->admin_pass = sha1($_POST['admin_pass']);
$this->_model->level = $_POST['level'];
$this->_model->addManage() ? Tool::alertLocation('添加成功', 'manage.php?action=list') : Tool::alertBack('添加失败');
}
$this->_tpl->assign('add', true);
$this->_tpl->assign('title', '新增管理员');
}
private function Agree()
{
if (isset($_GET['id'])) {
$this->model->id = $_GET['id'];
if ($this->model->Agree()) {
Tool::alertLocation(null, PREV_URL);
}
} else {
Tool::alertBack('非法操作');
}
}
public function _action()
{
if ($_GET['action'] == 'delcache') {
if (strstr($_SESSION['admin']['premission'], '2')) {
$this->delCache();
} else {
Tool::alertBack('警告:权限不足,您不能清理缓存!');
}
}
$this->cacheNum();
}
private function delete()
{
if (isset($_GET['id'])) {
$this->_model->id = $_GET['id'];
$_manage = new ManageModel();
$_manage->level = $this->_model->id;
if ($_manage->getOneManage()) {
Tool::alertBack('this level could not be deleted. please delete user first');
}
$this->_model->deleteLevel() ? Tool::alertLocation('Succeed', PREV_URL) : Tool::alertBack('Fail');
} else {
Tool::alertBack("illegal operation");
}
}
public function Action()
{
global $templates;
switch ($_GET['action']) {
case 'show':
$templates->assgin('title', '等级列表');
$templates->assgin('show', true);
$all_level = $this->model->Get_ALL_Level();
$templates->assgin('ALL_Level', $all_level);
break;
case 'update':
if (isset($_GET['id'])) {
$templates->assgin('title', '修改等级');
$templates->assgin('update', true);
$object = $this->model->Get_One_Level();
$templates->assgin('level_position', $object->level_position);
$templates->assgin('id', $object->id);
$templates->assgin('level_info', $object->level_info);
if ($_POST['send'] == '修改等级') {
$this->model->Update_Level();
}
}
break;
case 'add':
$templates->assgin('title', '新增等级');
$templates->assgin('add', true);
if ($_POST['send'] == '新增等级') {
if ($this->model->Get_One_Level()) {
Tool::alertBack('等级名称已经存在');
}
$this->model->Add_Level();
}
break;
case 'delete':
$templates->assgin('title', '删除等级');
$templates->assgin('delete', true);
if ($_GET['action'] == 'delete') {
//在删除等级之前,首先进行验证,如果这个等级有管理员在,则不允许删除这个等级
if ($this->model->Date_Exist()) {
Tool::alertBack('这个等级有管理员存在,请先删除这个管理员');
}
$this->model->Delete_Level();
}
break;
default:
echo '非法操作';
break;
}
}
private function setCount()
{
if (isset($_GET['cid']) && isset($_GET['id']) && isset($_GET['type'])) {
parent::__construct($this->_tpl, new CommentModel());
$this->_model->id = $_GET['id'];
if (!$this->_model->getOneComment()) {
Tool::alertBack('this comment not existing');
}
if ($_GET['type'] == 'sustain') {
$this->_model->setSustain() ? Tool::alertLocation('succeed', 'feedback.php?cid=' . $_GET['cid']) : Tool::alertLocation('fail', 'feedback.php?cid=' . $_GET['cid']);
}
if ($_GET['type'] == 'oppose') {
$this->_model->setOppose() ? Tool::alertLocation('succeed', 'feedback.php?cid=' . $_GET['cid']) : Tool::alertLocation('fail', 'feedback.php?cid=' . $_GET['cid']);
}
}
}
public function ckeUp()
{
if (isset($_GET['type'])) {
//查看了源代码,他的名称是:upload
$_fileupload = new FileUpload('upload', $_POST['MAX_FILE_SIZE']);
$_ckefn = $_GET['CKEditorFuncNum'];
$_path = $_fileupload->getPath();
$_img = new Image($_path);
$_img->ckeImg(650, 0);
$_img->out();
echo "<script type='text/javascript'>window.parent.CKEDITOR.tools.callFunction({$_ckefn},\".{$_path}\",'图片上传成功!');</script>";
exit;
} else {
Tool::alertBack('警告:由于非法操作导致上传失败!');
}
}
public static function checkLength($str, $length, $flag)
{
if ($flag == 'min') {
return mb_strlen($str, 'utf-8') < $length ? true : false;
} else {
if ($flag == 'max') {
return mb_strlen($str, 'utf-8') > $length ? true : false;
} else {
if ($flag == 'equal') {
return mb_strlen(trim($str)) == $length ? false : true;
} else {
Tool::alertBack('长度传值有误!');
}
}
}
}
private function Get_List_Nav()
{
if (isset($_GET['id'])) {
global $templates;
$model = new NavModel();
$object = $model->Get_One_Nav();
$child_object = $model->selectchildNav_nolimit();
$templates->assgin('nav_name', $object->name);
$templates->assgin('nav_id', $object->id);
$templates->assgin('child_nav', $child_object);
$par_object = $model->Get_Parnav();
$templates->assgin('par_name', $par_object->name);
$templates->assgin('par_id', $par_object->id);
} else {
Tool::alertBack('此导航不存在');
}
}
private function getFromImg($_file, $_type)
{
switch ($_type) {
case 1:
$img = imagecreatefromgif($_file);
break;
case 2:
$img = imagecreatefromjpeg($_file);
break;
case 3:
$img = imagecreatefrompng($_file);
break;
default:
Tool::alertBack('this image type not supported');
}
return $img;
}
private function Get_Img($file, $type)
{
switch ($type) {
case 1:
$img = imagecreatefromgif($file);
break;
case 2:
$img = imagecreatefromjpeg($file);
break;
case 3:
$img = imagecreatefrompng($file);
default:
Tool::alertBack('图片格式不支持');
break;
}
return $img;
}
private function getImageFrom($file, $type)
{
switch ($type) {
case 1:
$img = imagecreatefromgif($file);
break;
case 2:
$img = imagecreatefromjpeg($file);
break;
case 3:
$img = imagecreatefrompng($file);
break;
default:
Tool::alertBack('对不起,你上传的图片类型本系统不支持');
break;
}
return $img;
}
private function login()
{
if (isset($_POST['send'])) {
if (Validate::checkLength($_POST['code'], 4, 'equals')) {
Tool::alertBack('警告:验证码必须是四位!');
}
if (Validate::checkEquals(strtolower($_POST['code']), $_SESSION['code'])) {
Tool::alertBack('警告:验证码不正确!');
}
if (Validate::checkNull($_POST['admin_user'])) {
Tool::alertBack('警告:用户名不得为空!');
}
if (Validate::checkLength($_POST['admin_user'], 2, 'min')) {
Tool::alertBack('警告:用户名不得小于两位!');
}
if (Validate::checkLength($_POST['admin_user'], 20, 'max')) {
Tool::alertBack('警告:用户名不得大于20位!');
}
if (Validate::checkNull($_POST['admin_pass'])) {
Tool::alertBack('警告:密码不得为空!');
}
if (Validate::checkLength($_POST['admin_pass'], 6, 'min')) {
Tool::alertBack('警告:密码不得小于六位!');
}
$this->_model->admin_user = $_POST['admin_user'];
$this->_model->admin_pass = sha1($_POST['admin_pass']);
$this->_model->last_ip = $_SERVER["REMOTE_ADDR"];
$_login = $this->_model->getLoginManage();
if ($_login) {
$_preArr = explode(',', $_login->premission);
if (in_array('1', $_preArr)) {
$_SESSION['admin']['admin_user'] = $_login->admin_user;
$_SESSION['admin']['level_name'] = $_login->level_name;
$_SESSION['admin']['premission'] = $_preArr;
$this->_model->setLoginCount();
Tool::alertLocation(null, 'admin.php');
} else {
Tool::alertBack('警告:权限不够,您无法登录!');
}
} else {
Tool::alertBack('警告:用户名或密码错误!');
}
}
}
static function Check_Length($date, $length, $flag)
{
$date = trim($date);
if ($flag == 'min') {
if (mb_strlen($date, 'utf-8') < $length) {
return true;
}
} elseif ($flag == 'max') {
if (mb_strlen($date, 'utf-8') > $length) {
return true;
}
} elseif ($flag == 'equals') {
if (mb_strlen($date) == $length) {
return true;
}
} else {
Tool::alertBack('警告:操作有错');
}
}
private function getNav()
{
if (isset($_GET['id'])) {
$_nav = new NavModel();
$_nav->id = $_GET['id'];
if ($_nav->getOneNav()) {
if ($_nav->getOneNav()->nnav_name) {
$_nav1 = '<a href="list.php?id=' . $_nav->getOneNav()->iid . '">' . $_nav->getOneNav()->nnav_name . '</a> > ';
}
$_nav2 = '<a href="list.php?id=' . $_nav->getOneNav()->id . '">' . $_nav->getOneNav()->nav_name . '</a>';
$this->_tpl->assign('nav', $_nav1 . $_nav2);
$this->_tpl->assign('childnav', $_nav->getAllChildFrontNav());
} else {
Tool::alertBack('this navigation not existing');
}
} else {
Tool::alertBack('illegal act');
}
}
private function frontadd()
{
if (isset($_POST['send'])) {
if (Validate::checkNull($_POST['webname'])) {
Tool::alertBack('警告:网站名称不得为空!');
}
if (Validate::checkLength($_POST['webname'], 20, 'max')) {
Tool::alertBack('警告:网站名称不得大于二十位!');
}
if (Validate::checkNull($_POST['weburl'])) {
Tool::alertBack('警告:网站地址不得为空!');
}
if (Validate::checkLength($_POST['webname'], 100, 'max')) {
Tool::alertBack('警告:网站地址不得大于一百位!');
}
if ($_POST['type'] == 2) {
if (Validate::checkNull($_POST['logourl'])) {
Tool::alertBack('警告:Logo地址不得为空!');
}
if (Validate::checkLength($_POST['logourl'], 100, 'max')) {
Tool::alertBack('警告:Logo地址不得大于一百位!');
}
}
if (Validate::checkLength($_POST['user'], 20, 'max')) {
Tool::alertBack('警告:站长名不得大于二十位!');
}
if (Validate::checkLength($_POST['code'], 4, 'equals')) {
Tool::alertBack('警告:验证码必须是四位!');
}
if (Validate::checkEquals(strtolower($_POST['code']), $_SESSION['code'])) {
Tool::alertBack('警告:验证码不正确!');
}
$this->_model->webname = $_POST['webname'];
$this->_model->weburl = $_POST['weburl'];
$this->_model->logourl = $_POST['logourl'];
$this->_model->user = $_POST['user'];
$this->_model->type = $_POST['type'];
$this->_model->state = $_POST['state'];
$this->_model->addLink() ? Tool::alertClose('恭喜,申请友情链接成功!请等待管理员审核!') : Tool::alertBack('很遗憾,申请友情链接失败,请重试!');
}
$this->_tpl->assign('frontadd', true);
}
private function searchKeyword()
{
if ($_GET['type'] == 2) {
if (empty($_GET['inputkeyword'])) {
Tool::alertBack('search keyword empty');
}
$this->_model->inputkeyword = $_GET['inputkeyword'];
parent::page($this->_model->searchKeywordContentTotal(), ARTICLE_SIZE);
$_object = $this->_model->searchKeywordContent();
if ($_object) {
foreach ($_object as $_value) {
if (empty($_value->thumbnail)) {
$_value->thumbnail = 'images/none.jpg';
}
$_value->keyword = str_replace($this->_model->inputkeyword, '<span class="red">' . $this->_model->inputkeyword . '</span>', $_value->keyword);
}
}
$this->_tpl->assign('SearchContent', $_object);
}
}
private function getNav()
{
if (isset($_GET['id'])) {
$_nav = new NavModel();
$_nav->id = $_GET['id'];
if ($_nav->getOneNav()) {
//主导航
if ($_nav->getOneNav()->nnav_name) {
$_nav1 = '<a href="list.php?id=' . $_nav->getOneNav()->iid . '">' . $_nav->getOneNav()->nnav_name . '</a> > ';
}
$_nav2 = '<a href="list.php?id=' . $_nav->getOneNav()->id . '">' . $_nav->getOneNav()->nav_name . '</a>';
$this->_tpl->assign('nav', $_nav1 . $_nav2);
//子导航集
$this->_tpl->assign('childnav', $_nav->getAllChildFrontNav());
} else {
Tool::alertBack('警告:此导航不存在!');
}
} else {
Tool::alertBack('警告:非法操作!');
}
}
public function Action()
{
global $templates;
switch ($_GET['action']) {
case 'show':
$this->Show_Rotatain();
break;
case 'update_on':
$this->Update_On();
break;
case 'update_off':
$this->Update_Off();
break;
case 'add':
$this->Add_Rotatain();
break;
case 'del':
$this->Del_Rotatain();
break;
default:
Tool::alertBack('非法操作');
}
}
public function login()
{
if (isset($_POST['send'])) {
if (Validate::checkLength($_POST['code'], 4, 'equals')) {
Tool::alertBack('validation code must be 4');
}
if (Validate::checkEquals(strtolower($_POST['code']), $_SESSION['code'])) {
Tool::alertBack('wrong validation code');
}
if (Validate::checkNull($_POST['admin_user'])) {
Tool::alertBack('username empty');
}
if (Validate::checkLength($_POST['admin_user'], 2, 'min')) {
Tool::alertBack('username less than 2');
}
if (Validate::checkLength($_POST['admin_user'], 20, 'max')) {
Tool::alertBack('username more than 20');
}
if (Validate::checkNull($_POST['admin_pass'])) {
Tool::alertBack('password empty');
}
if (Validate::checkLength($_POST['admin_pass'], 6, 'min')) {
Tool::alertBack('password less than 6');
}
$this->_model->admin_user = $_POST['admin_user'];
$this->_model->admin_pass = md5($_POST['admin_pass']);
$_login = $this->_model->getLoginManage();
if ($_login) {
$_SESSION['admin']['admin_user'] = $_login->admin_user;
$_SESSION['admin']['level_name'] = $_login->level_name;
Tool::alertLocation(null, 'admin.php');
} else {
Tool::alertBack('username or password not right');
}
}
}
private function sys_banner()
{
$this->_model->id = 1;
if (isset($_POST['id'])) {
$this->_model->id = $_POST['id'];
$getBanner = $this->_model->getBanner();
$json_string = json_encode($getBanner);
echo $json_string;
exit;
}
if (isset($_POST['send'])) {
$_POST['recom'] = isset($_POST['recom']) ? 1 : 0;
if (is_uploaded_file($_FILES["upfile"]['tmp_name'])) {
require ROOT_PATH . '/upload.php';
$_POST['textfield'] = IMG;
}
$this->_model->userInfo = $_POST;
$this->_model->updateBanner() ? '' : Tool::alertBack('很遗憾,修改失败');
$this->_model->id = $_POST[banner_id];
}
$this->_tpl->assign('mid', $this->_model->id);
$this->_tpl->assign('getBanner', $this->_model->getBanner());
$this->_tpl->assign('sys_banner', true);
}
public function login()
{
if (isset($_POST['send'])) {
parent::__construct($this->_tpl, new UserModel());
$this->_model->user = $_POST['user'];
$this->_model->pass = md5($_POST['pass']);
if (!!($_user = $this->_model->checkLogin())) {
$_cookie = new Cookie('user', $_user->user, $_POST['time']);
$_cookie->setCookie();
$_cookie = new Cookie('face', $_user->face, $_POST['time']);
$_cookie->setCookie();
$this->_model->id = $_user->id;
$this->_model->time = time();
$this->_model->setLaterUser();
Tool::alertLocation(null, './');
} else {
Tool::alertBack('wrong username or password');
}
}
$this->_tpl->assign('login', true);
}
private function checkError()
{
if (!empty($this->error)) {
switch ($this->error) {
case 1:
Tool::alertBack('file size exceeds limit');
break;
case 2:
Tool::alertBack('file size exceeds ' . $this->maxsize . 'kb');
break;
case 3:
Tool::alertBack('only part uploaded');
break;
case 4:
Tool::alertBack('no file uploaded');
break;
default:
Tool::alertBack('unknown error');
}
}
}
<?php
require substr(dirname(__FILE__), 0, -7) . '/init.inc.php';
if (isset($_GET['type'])) {
//查看了源代码,他的名称是:upload
$_fileupload = new FileUpload('upload', $_POST['MAX_FILE_SIZE']);
$_ckefn = $_GET['CKEditorFuncNum'];
$_path = $_fileupload->getPath();
$_img = new Image($_path);
$_img->ckeImg(650, 0);
$_img->out();
echo "<script type='text/javascript'>window.parent.CKEDITOR.tools.callFunction({$_ckefn},\"{$_path}\",'图片上传成功!');</script>";
exit;
} else {
Tool::alertBack('警告:由于非法操作导致上传失败!');
}