function query($sql, $type = '')
{
if ($this->slaveid && !$this->slaveexcept && strtoupper(substr($sql, 0, 6)) == 'SELECT') {
$this->slave_connect();
}
$this->slaveexcept = false;
return parent::query($sql, $type);
}
$db = new db_mysql();
//incluindo bibliotecas:^M
include_once 'lib_datetime.php';
include_once 'funcoes.php';
/* @var $user logon*/
$db->abreConexao(NUM_CONEXAO);
if (isset($_GET["url"])) {
$url = $_GET["url"];
}
require_once "../include/urlgrabber.php";
if (isset($_GET["idurl"])) {
$idurl = $_GET["idurl"];
}
if (isset($_GET["furl"])) {
$furl = $_GET["furl"];
}
if (isset($idurl) && $idurl && (!isset($furl) || !$furl)) {
$sql = sprintf("SELECT url FROM document WHERE id = %s", addslashes($idurl));
$db->query($sql);
$url = $db->result(0, 0);
if (!$url) {
die("Erro");
}
header('Location: ' . $url);
die;
$grabber = new FoxGrabber($url, $idurl);
//,$_GET["furl"]);
} else {
$grabber = new FoxGrabber(FoxGrabber::decode_url($furl), $idurl);
}
$grabber->GrabAndShow();
$newapp_appkey = daddslashes($newapp_appkey);
//echo $newcu_mykey;exit;
$ucdb = new db_mysql();
$ucdblink = $ucdb->_dbconnect(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBCHARSET, UC_DBNAME);
$apptablename = UC_DBTABLEPRE . 'applications';
// $a = $ucdb->query("SELECT appid,authkey FROM $apptablename");
// $apparray = array();
// while($data = $ucdb->fetch_array($a)){
// $apparray[] = $data;
// }
//echo UC_DBTABLEPRE;exit;
$uc_dbtablepre = UC_DBTABLEPRE;
$ucconfig = array($newapp_authkey, UC_APPID, UC_DBHOST, UC_DBNAME, UC_DBUSER, UC_DBPW, UC_DBCHARSET, $uc_dbtablepre, UC_CHARSET, UC_API, UC_IP);
$ucconfig = @implode('|', $ucconfig);
save_uc_config($ucconfig, DISCUZ_ROOT . './config/config_ucenter.php');
$ucdb->query("UPDATE {$apptablename} SET authkey = '{$newapp_appkey}' WHERE appid = " . UC_APPID);
//note
} else {
$cpmessage .= $toolslang['nlocaluc'];
}
// $authkey = substr(md5($_SERVER['SERVER_ADDR'].$_SERVER['HTTP_USER_AGENT'].$dbhost.$dbuser.$dbpw.$dbname.$username.$password.$pconnect.substr($timestamp, 0, 6)), 8, 6).random(10);
} elseif ($value == 'config_authkey') {
$default_config = $_config;
$authkey = substr(md5($_SERVER['SERVER_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $dbhost . $dbuser . $dbpw . $dbname . $username . $password . $pconnect . substr($timestamp, 0, 8)), 8, 6) . random(10);
$_config['security']['authkey'] = $authkey;
$cpmessage .= $toolslang['resetauthkey'];
save_config_file('./config/config_global.php', $_config, $default_config);
} elseif ($value == 'setting_authkey') {
$authkey = substr(md5($_SERVER['SERVER_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $dbhost . $dbuser . $dbpw . $dbname . $username . $password . $pconnect . substr($timestamp, 0, 8)), 8, 6) . random(10);
DB::update('common_setting', array('svalue' => $authkey), "skey = 'authkey'");
} elseif ($value == 'my_sitekey' && $xver >= 2) {
$cfg['errlog'] = '1';
$cfg['timediff'] = '0';
$fr_time = time();
define('FR_ROOT', str_replace("\\", '/', dirname(__FILE__)));
define('CACHE_ROOT', $cfg['cache_dir'] ? $cfg['cache_dir'] : FR_ROOT . '/cache');
define('DATA_ROOT', FR_ROOT . '/data');
include '../mysql.class.php';
$db = new db_mysql();
$db->halt = $cfg['sqlerr'];
$db->connect($dbconfig['DB_HOST'], $dbconfig['DB_USER'], $dbconfig['DB_PWD'], $dbconfig['DB_NAME'], 0);
if ($_GET['trade_status'] == 'TRADE_FINISHED' || $_GET['trade_status'] == 'TRADE_SUCCESS') {
//判断该笔订单是否在商户网站中已经做过处理
//如果没有做过处理,根据订单号(out_trade_no)在商户网站的订单系统中查到该笔订单的详细,并执行商户的业务程序
//如果有做过处理,不执行商户的业务程序
$inquery = "UPDATE `{$cfg['tb_pre']}member_operation` SET sta=1 WHERE buyid='" . $out_trade_no . "'";
$db->query($inquery);
$operation = $db->get_one("SELECT mid,`money`,pname FROM `{$cfg['tb_pre']}member_operation` where buyid='" . $out_trade_no . "' ");
$mid = $operation['mid'];
$pname = $operation['pname'];
$score = $operation['money'] * $infoconfig['cfg_recharge'];
$inquery = "UPDATE `{$cfg['tb_pre']}member` SET scores=scores+" . $score . " WHERE mid='" . $mid . "'";
$db->query($inquery);
//insert log
$inquery = "INSERT INTO `{$cfg['tb_pre']}score_log`(mid,score,typeid,summary,addtime) VALUES('" . $mid . "','" . $score . "','4','" . $pname . "(" . $operation['money'] . ")'," . time() . ") ";
$db->query($inquery);
echo "支付成功,请刷新付款页.";
} else {
echo "trade_status=" . $_GET['trade_status'];
echo '支付失败,请联系管理员。';
}
//——请根据您的业务逻辑来编写程序(以上代码仅作参考)——
/**
* 得到帖子信息
* @param $tid - 帖子ID
* @param $returnpid - 返回首帖pid
* @param $msgleng - 內容截斷的長度
*/
function list_threads($tid = 0, $msgleng = 255)
{
global $_G, $_SC;
$tid = intval($tid);
$msgleng = intval($msgleng);
$ret_thread = array();
if ($tid > 0) {
$bbs_dbpre = $_SC['bbs_dbpre'];
$db = new db_mysql(array(1 => array('tablepre' => $_SC['bbs_dbpre'], 'dbcharset' => $_SC['bbs_dbcharset'], 'dbhost' => $_SC['bbs_dbhost'], 'dbuser' => $_SC['bbs_dbuser'], 'dbpw' => $_SC['bbs_dbpw'], 'dbname' => $_SC['bbs_dbname'])));
$db->connect();
//$db->charset = $_SC['bbs_dbcharset'];
//$db->connect($_SC['bbs_dbhost'], $_SC['bbs_dbuser'], $_SC['bbs_dbpw'], $_SC['bbs_dbname'], 0, 1);
$query = $db->query("SELECT pid, authorid, author, subject, message FROM {$bbs_dbpre}posts WHERE tid='{$tid}' AND first='1' LIMIT 1");
$ret_thread = $db->fetch_array($query);
if (!empty($ret_thread['message'])) {
$ret_thread['message'] = messagecutstr($ret_thread['message'], $msgleng);
}
$db->close();
unset($db);
}
return $ret_thread;
}
if (isset($_GET['q'])) {
if (isset($_SESSION['postdata']['search']) && time() - $_SESSION['postdata']['search'] < 5) {
die_error('歇会再搜索吧');
}
$q = $_GET['q'];
if (strlen($q) < 2) {
die_error('搜索词太短');
}
if (strlen($q) > 20) {
die_error('搜索词太长');
}
if (!preg_match("/^[\\x{4e00}-\\x{9fa5}A-Za-z0-9_\\-\\.\\s]+\$/u", $q)) {
die_error($q . ' ===> 搜索词只允许下划线,数字,字母,汉字,横杠和空格,请重新输入');
}
$sql = "SELECT * FROM " . TB_PREFIX . "keyword WHERE keyword = '{$_GET['q']}'";
$res = $dbm->query($sql);
$_SESSION['postdata']['search'] = time();
if (is_array($res['list']) && count($res['list']) > 0) {
$sql = "UPDATE " . TB_PREFIX . "keyword SET qnum = qnum+1 WHERE keyword = '{$_GET['q']}'";
$dbm->query_update($sql);
} else {
$fields = array();
$fields['keyword'] = helper::escape($_GET['q']);
$fields['qnum'] = 1;
$dbm->single_insert(TB_PREFIX . "keyword", $fields);
}
}
//【003-1】判断是否绑定域名,匹配域名对应的分类
foreach ($c->categories as $k => $v) {
if (strstr($v['go_url'], $_SERVER['HTTP_HOST'])) {
if (!isset($_GET['tpl'])) {
}
$oauth = (include DT_ROOT . '/file/setting/oauth.php');
foreach ($oauth as $k => $v) {
update_setting('oauth-' . $k, $v);
}
for ($i = 1; $i <= 7; $i++) {
$setting = (include DT_ROOT . '/file/setting/group-' . $i . '.php');
if ($setting) {
unset($setting['groupid'], $setting['groupname'], $setting['vip']);
update_setting('group-' . $i, $setting);
}
}
$DT_TIME = time();
$DT_IP = get_env('ip');
//模块安装时间
$db->query("UPDATE {$DT_PRE}module SET installtime='{$DT_TIME}'");
//设置管理员
$md5_password = md5(md5($password));
$db->query("UPDATE {$DT_PRE}member SET username='******',passport='{$username}',password='******',payword='{$md5_password}',email='{$email}',regip='{$DT_IP}',regtime='{$DT_TIME}',loginip='{$DT_IP}',logintime='{$DT_TIME}' WHERE userid=1");
$userurl = $CFG['url'] . 'index.php?homepage=' . $username;
$db->query("UPDATE {$DT_PRE}company SET username='******',linkurl='{$userurl}' WHERE userid=1");
//替换广告位 单网页路径
$content = cache_read('ad_14_0.htm', 'htm', 1);
$content = str_replace('http://demo.destoon.com/v' . DT_VERSION . '/', $CFG['url'], $content);
cache_write('ad_14_0.htm', $content, 'htm');
$db->query("UPDATE {$DT_PRE}ad_place SET addtime='{$DT_TIME}',edittime='{$DT_TIME}',editor='{$username}'");
$db->query("UPDATE {$DT_PRE}ad SET addtime='{$DT_TIME}',edittime='{$DT_TIME}',username='******',editor='{$username}'");
$db->query("UPDATE {$DT_PRE}link SET addtime='{$DT_TIME}',edittime='{$DT_TIME}',editor='{$username}'");
$db->query("UPDATE {$DT_PRE}style SET addtime='{$DT_TIME}',edittime='{$DT_TIME}',editor='{$username}'");
$db->query("INSERT INTO {$DT_PRE}setting (item,item_key,item_value) VALUES('destoon','backtime','{$DT_TIME}')");
//更新缓存
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[/u]', '</span>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[i]', '<em>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[/i]', '</em>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[ul]', '<ul>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[/ul]', '</ul>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[list]', '<ul>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[/list]', '</ul>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[li]', '<li>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[/li]', '</li>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[center]', '<div style=\"text-align: center;\">')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[/center]', '</div>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[php]', '<pre class=\"php\">')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[/php]', '</pre>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[code]', '<pre>')";
$query[] = "UPDATE " . SQLPREFIX . "faqnews SET artikel = REPLACE(artikel, '[/code]', '</pre>')";
$res = $db->query("SELECT id, lang, content FROM " . SQLPREFIX . "faqdata ORDER BY id, lang");
if ($db->num_rows($res) > 0) {
while ($row = $db->fetch_object($res)) {
$updates[] = array("id" => $row->id, "lang" => $row->lang, "content" => nl2br(parseUBB($row->content)));
}
foreach ($updates as $value) {
$query[] = "UPDATE " . SQLPREFIX . "faqdata SET content = '" . addslashes($value["content"]) . "' WHERE id = " . $value["id"] . " AND lang = '" . $value["lang"] . "'";
}
}
unset($res);
$res = $db->query("SELECT id, artikel FROM " . SQLPREFIX . "faqnews ORDER BY id, lang");
if ($db->num_rows($res) > 0) {
while ($row = $db->fetch_object($res)) {
$updates[] = array("id" => $row->id, "artikel" => nl2br(parseUBB($row->artikel)));
}
foreach ($updates as $value) {
//incluindo bibliotecas:
include_once 'lib_datetime.php';
include_once 'funcoes.php';
/* @var $user logon*/
$db->abreConexao(NUM_CONEXAO);
header('Content-Type: text/html; charset=utf-8');
$cmd = $_POST["cmd"] ? $_POST["cmd"] : $_GET["cmd"];
switch ($cmd) {
case "login":
$user->logoff();
$user->forceLogon($_POST["username"], $_POST["password"]);
if ($user->ERROR) {
echo json_encode(array('success' => false, 'errorCode' => 1, 'message' => 'Invalid username or password.'));
} else {
$sql = sprintf("select id, username, name, email, administrator, coordinator from collaborator where id = %s", $user->ID);
$db->query($sql);
$collaborator = $db->fetch_assoc();
//Pega os DataSets que o usuário tem permissão
$sql = sprintf("SELECT d.id, d.context, d.status, d.method, dc.role\r\r\n\t\t\t\t\t\t\tFROM dataset d, dataset_collaborator dc\r\r\n\t\t\t\t\t\t\tWHERE d.id = dc.dataset_id\r\r\n\t\t\t\t\t\t\t AND dc.collaborator_id = %s\r\n\t\t\t\t\t\t\t ORDER BY d.context", $user->ID);
$db->query($sql);
$ds = array();
while ($tmp = $db->fetch_assoc()) {
$ds[] = $tmp;
}
echo json_encode(array('success' => true, 'message' => 'You have successfully logged in.', 'collaborator' => $collaborator, 'datasets' => $ds));
}
break;
case "coordinate":
echo json_encode(array('success' => true, 'url' => "cadastros/datasets.php?selected=1"));
break;
case "add":
* Check the database if there are XML files that haven't been parsed
* If there are any, parse them and insert the results into your database
*/
require_once "db.class.php";
require_once "XMLParser.php";
require_once "NotificationObject.php";
$config = (require 'config.php');
//Initiate the database connection and the parser
$db = new db_mysql($config);
$parser = new XMLParser();
//In SpoCoSy, we do not hard delete rows, we set "del" to "yes"
//This is probably not what you want, so if del equals yes, this code will delete the element
//If you set this to false, it will only set "del" to "yes" and not remove the row
$HARD_DELETE = true;
//Check if there any files to parse
$toParse = $db->query("SELECT * from saved_xml ORDER BY `ut` ASC LIMIT 10") or $db->raise_error();
//Loop over these files
while ($fileToParse = $db->fetch_array($toParse)) {
$filename = "files/" . $fileToParse["id"] . ".xml";
//Once parse move this file to here
$parsedfile = "files/parsed/" . $fileToParse["id"] . ".xml";
echo "Procesing {$filename} \n";
if (file_exists($filename)) {
$output = "";
$file = fopen($filename, "r");
if (FALSE === $file) {
echo "cannot open {$filesToParse['id']}.xml , exiting..\n";
exit;
}
while (!feof($file)) {
//read file line by line into variable