예제 #1
0
function m__edit()
{
    global $c_obj_obj, $l_obj;
    //判断操作权限
    check_level("C0101");
    // 预处理数据
    foreach ($_POST as $a => $b) {
        $post[$a] = helper::escape($b, 1);
    }
    //print_r($post);die();
    // 验证数据
    //if ($post['parent_id'] > 0 && $post['extern_id'] != $c_obj -> categories[$_POST['parent_id']]['extern_id']) die('{"code":"100","msg":"子分类必须保持模型一致"}');
    if ($post['cname'] == '') {
        die('{"code":"100","msg":"分类名称必须填写"}');
    }
    if ($post['cname_py'] == '') {
        die('{"code":"100","msg":"字母别名必须填写"}');
    }
    //去掉不需要的参数
    unset($post['ad_list']);
    // print_r($post);die();
    // 添加分类
    if ($post['cate_id'] <= '0') {
        $has_py = $c_obj_obj->get_cname_py($post['cname_py']);
        if ($has_py) {
            die('{"code":"100","msg":"字母别名不允许重复"}');
        }
        // 判断是否可以添加子类
        //if ($c_obj -> cate_last($_POST['parent_id']) == 0 && ($_POST['parent_id'] > 0 && $c_obj -> categories[$_POST['parent_id']]['cdata'] > 0)) die('{"code":"100","msg":"分类下有数据,不允许添加子类"}');
        // 添加分类
        if (isset($post['listvar_copy'])) {
            unset($post['listvar_copy']);
        }
        if (isset($post['index_copy'])) {
            unset($post['index_copy']);
        }
        if (isset($post['content_copy'])) {
            unset($post['content_copy']);
        }
        $res = $c_obj_obj->insert($post);
        $c_obj_obj->update_cate();
        if ($res > 0) {
            $l_obj->insert("类添加成功,分类名为:" . $post['cname']);
            die('{"code":"0","msg":"分类添加成功","cid":"' . $res . '"}');
        }
        die('{"code":"100","msg":"分类添加失败,' . $res . '"}');
    } else {
        // 修改分类
        // 修改分类
        $where = "cate_id='" . $post['cate_id'] . "'";
        $res = $c_obj_obj->update($post, $where);
        // 判断模板应用层数
        $c_obj_obj->update_cate();
        if ($res) {
            $l_obj->insert("修改分类成功,分类ID为:{$post['cate_id']}");
            die('{"code":"0","msg":"分类修改成功","cid":"' . $post['cate_id'] . '"}');
        }
        die('{"code":"100","msg":"分类修改失败"}');
    }
}
예제 #2
0
파일: keyword.php 프로젝트: cranefly/crane
function m__list()
{
    global $dbm, $c, $keywords;
    $_GET = helper::sqlxss($_GET);
    $_POST = helper::sqlxss($_POST);
    $p = isset($_GET['p']) && is_numeric($_GET['p']) ? intval($_GET['p']) : 1;
    $params['where'] = ' 1=1';
    //设置查询
    //从编辑那里传过来的js使用post请求的查询获取数据时的限制查询
    if (isset($_POST['keyword_id']) && is_numeric($_POST['keyword_id'])) {
        $params['where'] .= " and keyword_id = '" . $_POST['keyword_id'] . "'";
    }
    //页面搜索框的查询
    if (isset($_GET['q']) && !empty($_GET['q'])) {
        $params['where'] .= " and keyword like '%" . helper::escape($_GET['q']) . "%' ";
    }
    if (isset($_GET['qgroup']) && $_GET['qgroup'] !== '') {
        $params['where'] .= " and qgroup='{$_GET['qgroup']}' ";
    }
    $params['table_name'] = TB_PREFIX . "keyword";
    $params['count'] = 1;
    $params['suffix'] = " order by qorder,keyword_id DESC ";
    $params['pagesize'] = PAGESIZE;
    $params['suffix'] .= $dbm->get_limit_sql(PAGESIZE, $p);
    $keywords = $dbm->single_query($params);
}
예제 #3
0
파일: tags.php 프로젝트: cranefly/crane
function m__edit()
{
    global $l_obj, $t_obj;
    check_level("H0701");
    $post = $_POST;
    //处理数据隐藏安全
    foreach ($post as $k => $n) {
        $post[$k] = urldecode(helper::escape($n));
    }
    //验证数据合法性
    if (!is_numeric($post['keyword_id'])) {
        die('{"code":"100","msg":"标签ID必须是数字"}');
    }
    if (empty($post['keyword'])) {
        die('{"code":"100","msg":"标签不能为空"}');
    }
    if ($post['keyword_id'] > 0) {
        // 编辑
        $res = $t_obj->update($post, $post['keyword_id']);
        if ($res['state'] == 0) {
            $l_obj->insert("编辑成功:" . $post['keyword']);
            die('{"code":"0","msg":"编辑成功","kid":"' . $post['keyword_id'] . '"}');
        }
        die('{"code":"240","msg":"编辑失败"}');
    } else {
        // 添加
        $res = $t_obj->insert($post);
        if ($res['state'] == 0) {
            $l_obj->insert("添加成功:" . $post['keyword']);
            die('{"code":"0","msg":"添加成功","kid":"' . $res['msg'] . '"}');
        }
        die('{"code":"100","msg":"添加失败,"' . $res['msg'] . '}');
    }
}
예제 #4
0
function m__list()
{
    global $dbm, $page;
    $page = $params = array();
    $where = "  (1=1) ";
    if (isset($_GET['search_txt']) && $_GET['search_txt'] != '') {
        $_GET['search_type'] = isset($_GET['search_type']) && $_GET['search_type'] != '' ? $_GET['search_type'] : 'aname';
        $field = helper::escape($_GET['search_type']);
        $where .= " and({$field} like '%" . helper::escape($_GET['search_txt']) . "%')";
    }
    $p = isset($_GET['p']) ? $_GET['p'] : 1;
    // 判断id是否是数字
    if (isset($_POST['admin_id']) && !is_numeric($_POST['admin_id'])) {
        $page['admins'] = array();
    }
    $params['table_name'] = TB_PREFIX . "admin_list";
    $params['count'] = 1;
    $params['where'] = $where;
    $params['suffix'] = " order by reg_date DESC ";
    $params['pagesize'] = PAGESIZE;
    $params['suffix'] .= $dbm->get_limit_sql(PAGESIZE, $p);
    $user = $dbm->single_query($params);
    $sql = "select group_id,g_name  from " . TB_PREFIX . "admin_group";
    $rs = $dbm->query($sql);
    for ($i = 0; $i < count($user['list']); $i++) {
        for ($j = 0; $j < count($rs['list']); $j++) {
            if ($user['list'][$i]['group_id'] == $rs['list'][$j]['group_id']) {
                $user['list'][$i]['g_name'] = $rs['list'][$j]['g_name'];
            }
        }
    }
    $page['admin_group'] = $rs['list'];
    $page['admins'] = $user;
}
예제 #5
0
function m__edit()
{
    global $dbm, $c;
    foreach ($_POST as $key => $val) {
        $_POST[$key] = helper::escape(urldecode($val));
    }
    unset($_POST['hashtoken']);
    if (!is_numeric($_POST['url_id'])) {
        die('{"code":"210","msg":"规则节点ID必须是数字"}');
    }
    if (empty($_POST['url_title'])) {
        die('{"code":"220","msg":"规则节点名称不能为空"}');
    }
    if (!preg_match('~^[A-Za-z][A-Za-z]*[a-z0-9_]*$~', $_POST['url_title'])) {
        die('{"code":"230","msg":"规则节点名称必须以字母开头,只允许字母、下划线"}');
    }
    if (empty($_POST['url_true'])) {
        die('{"code":"230","msg":"动态地址规则不能为空"}');
    }
    if (empty($_POST['url_rule'])) {
        die('{"code":"230","msg":"伪静态地址规则不能为空"}');
    }
    if ($_POST['url_id'] > 0) {
        // 编辑
        $where = " url_id='" . $_POST['url_id'] . "'";
        unset($_POST['url_id']);
        $res = $dbm->single_update(TB_PREFIX . "url_rewrite", $_POST, $where);
        // 更新缓存
        $c->update_url_config();
        $c->update_cate();
        // 生成伪静态文件(.htaccess)
        htaccess();
        iis_httpd_ini();
        if (empty($res['error'])) {
            die('{"code":"0","msg":"更新规则成功"}');
        }
        die('{"code":"240","msg":"更新规则失败"}');
    } else {
        // 添加
        // 判断节点是否存在
        /**
         * $rs=$dbm->query("select * from ".TB_PREFIX . "url_rewrite where url_title='{$_POST['url_title']}'");
         * if(count($rs['list'])>0) die('{"code":"100","msg":"'.$_POST['url_title'].'节点名称不能重复"}');
         * unset($_POST['url_id']);
         * $res = $dbm -> single_insert(TB_PREFIX . "url_rewrite", $_POST);
         */
        // 更新缓存
        $c->update_url_config();
        $c->update_cate();
        // 生成伪静态文件(.htaccess)
        htaccess();
        iis_httpd_ini();
        if (empty($res['error']) && $res['autoid'] > 0) {
            die('{"code":"0","msg":"添加规则成功"}');
        }
        die('{"code":"250","msg":"添加规则失败,请核对重试"}');
    }
}
예제 #6
0
function m__list()
{
    global $u_obj, $page;
    $where = " where 1 = 1  ";
    if (isset($_GET['search_txt']) && $_GET['search_txt'] != '') {
        $where .= " and g_name like '%" . helper::escape($_GET['search_txt']) . "%'";
    }
    $p = isset($_GET['p']) ? $_GET['p'] : 1;
    $page = $u_obj->get_all($where, $p);
}
예제 #7
0
파일: extern.php 프로젝트: cranefly/crane
function m__save_attr()
{
    global $dbm, $c;
    $table_name = isset($_GET['table_name']) ? $_GET['table_name'] : '';
    $a = $dbm->query("select * from " . TB_PREFIX . "extern_attr where extern_name='{$table_name}'");
    if (count($a['list']) < 1) {
        die('{"code":1,"msg":"模型不存在"}');
    }
    $extern = $a['list'][0];
    //模型
    // 初始化数据
    foreach ($_POST as $a => $b) {
        $_POST[$a] = helper::escape($b, 1);
        $_POST[$a] = preg_replace('~"~', '&#34;', $_POST[$a]);
        //$_POST[$a] = helper :: escape_stripslashes($_POST[$a]);
        if ($a == 'title' && $b == '') {
            die('{"code":1,"msg":"字段文字不能为空"}');
        }
        if ($a == 'field' && $b == '') {
            die('{"code":1,"msg":"字段名称不能为空"}');
        }
        if ($a == 'field_type' && $b == '') {
            die('{"code":1,"msg":"字段类型不能为空"}');
        }
        if ($a == 'field' && !preg_match('~^[a-z][a-z0-9_]*$~', $b)) {
            die('{"code":1,"msg":"字段名称只允许小写字母开头,小写字母数字和下划线"}');
        }
    }
    unset($_POST['hashtoken']);
    //字段存入数据库
    $sql = "select field_id from " . TB_PREFIX . "extern_fields where extern_id='{$extern['extern_id']}' and field='{$_POST['field']}'";
    $fields = $_POST;
    $rs = $dbm->query($sql);
    //print_r($rs);
    if (count($rs['list']) == 0) {
        $fields['extern_id'] = $extern['extern_id'];
        $fields['extern_name'] = $table_name;
        $rs = $dbm->single_insert(TB_PREFIX . "extern_fields", $fields);
        if ($rs['error'] == '') {
            $c->update_externs();
            die('{"code":0,"msg":"新增字段成功"}');
        }
    } else {
        //print_r($fields);die();
        $rs = $dbm->single_update(TB_PREFIX . "extern_fields", $fields, " field_id='{$rs['list'][0]['field_id']}'");
        if ($rs['error'] == '') {
            $c->update_externs();
            die('{"code":0,"msg":"修改字段成功"}');
        }
    }
    die('{"code":0,"msg":"操作失败' . $rs['error'] . '"}');
}
예제 #8
0
파일: wx_menu.php 프로젝트: cranefly/crane
function m__menu_save()
{
    global $dbm, $c;
    $fields = $_POST;
    unset($fields['hashtoken']);
    if ($fields['menu_name'] == '') {
        die('{"code":"1","msg":"菜单名称不能为空"}');
    }
    $fields['menu_type'] = $fields['wx_menu_type'];
    unset($fields['wx_menu_type']);
    if ($fields['menu_type'] == 'click') {
        $fields['menu_key'] = $fields['menu_key_url'];
        $fields['menu_url'] = '';
        if ($fields['menu_key'] == '') {
            die('{"code":"1","msg":"事件名称不能为空"}');
        }
    } else {
        $fields['menu_url'] = $fields['menu_key_url'];
        $fields['menu_key'] = '';
        if ($fields['menu_url'] == '') {
            die('{"code":"1","msg":"链接地址不能为空"}');
        }
    }
    unset($fields['menu_key_url']);
    unset($fields['cate_id']);
    foreach ($fields as $k => $v) {
        $fields[$k] = helper::escape($v, 1);
    }
    $where = "menu_id={$fields['menu_id']}";
    unset($fields['menu_id']);
    if ($_POST['menu_id'] == '0') {
        //新增
        //die(print_r($fields));
        $rs = $dbm->single_insert(TB_PREFIX . "wx_menu", $fields);
        if ($rs['error'] == '') {
            die('{"code":"0","msg":"新增菜单成功","menu_id":"' . $rs['autoid'] . '"}');
        } else {
            die('{"code":"1","msg":"新增菜单失败' . $rs['error'] . '","menu_id":"0"}');
        }
    } else {
        //修改
        $rs = $dbm->single_update(TB_PREFIX . "wx_menu", $fields, $where);
        if ($rs['error'] == '') {
            die('{"code":"0","msg":"修改菜单成功","menu_id":"' . $_POST['menu_id'] . '"}');
        } else {
            die('{"code":"1","msg":"修改菜单失败' . $rs['error'] . '","menu_id":"' . $_POST['menu_id'] . '"}');
        }
    }
    die;
}
예제 #9
0
파일: user.php 프로젝트: cranefly/crane
function m__list()
{
    global $u_obj, $page;
    $where = " where 1 = 1  ";
    if (isset($_GET['search_txt']) && $_GET['search_txt'] != '' && isset($_GET['search_type'])) {
        if ($_GET['search_type'] == 'uname') {
            $where .= " and " . $_GET['search_type'] . " = '" . helper::escape($_GET['search_txt']) . "'";
        } else {
            $where .= " and " . $_GET['search_type'] . " like '%" . helper::escape($_GET['search_txt']) . "%'";
        }
    }
    $p = isset($_GET['p']) ? $_GET['p'] : 1;
    $page = $u_obj->get_all($where, $p, 1);
}
예제 #10
0
파일: nlink.php 프로젝트: cranefly/crane
function m__edit()
{
    global $dbm;
    //判断操作权限
    check_level("E0301");
    $reg = "~^((https|http|ftp|rtsp|mms)?://)~";
    $nlink = $_POST;
    unset($nlink['hashtoken']);
    //处理数据隐藏安全
    foreach ($nlink as $k => $n) {
        $nlink[$k] = urldecode(helper::escape($n));
    }
    //验证数据合法性
    if (!is_numeric($nlink['nlink_id'])) {
        die('{"code":"210","msg":"内链词ID必须是数字"}');
    }
    if (empty($nlink['nlink_txt'])) {
        die('{"code":"220","msg":"内链名称不能为空"}');
    }
    if (empty($nlink['nlink_url'])) {
        die('{"code":"230","msg":"内链地址不能为空"}');
    }
    if (!preg_match($reg, $nlink['nlink_url'])) {
        die('{"code":"230","msg":"链接地址不合法"}');
    }
    //要入库的数据
    $params['nlink_txt'] = $nlink['nlink_txt'];
    $params['nlink_url'] = $nlink['nlink_url'];
    if ($_POST['nlink_id'] > 0) {
        // 编辑
        $where = " nlink_id='" . $nlink['nlink_id'] . "'";
        $res = $dbm->single_update(TB_PREFIX . "nlink", $params, $where);
        if (empty($res['error'])) {
            logs("更新内链词成功:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
            die('{"code":"0","msg":"更新内链词成功"}');
        }
        logs("更新内链词失败:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
        die('{"code":"240","msg":"更新内链词失败"}');
    } else {
        // 添加友链
        $res = $dbm->single_insert(TB_PREFIX . "nlink", $params);
        if (empty($res['error']) && $res['autoid'] > 0) {
            logs("添加内链词成功:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
            die('{"code":"0","msg":"添加内链词成功"}');
        }
        logs("添加内链词失败:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
        die('{"code":"250","msg":"添加内链词失败,请核对重试"}');
    }
}
예제 #11
0
/**
 * 获取编辑或添加管理组
 */
function m__edit()
{
    global $dbm;
    check_level("B0101");
    $params = array();
    foreach ($_POST as $k => $v) {
        $_POST[$k] = helper::escape($v, 1);
    }
    if (!is_numeric($_POST['group_id'])) {
        die('{"code":"210","msg":"用户组ID必须是数字"}');
    }
    // 验证会员信息是否合法
    if (empty($_POST['g_name'])) {
        die('{"code":"220","msg":"用户组名字不能为空"}');
    }
    //if(!isset($_POST['g_urank']) || trim($_POST['g_urank']) =='') die('{"code":"230","msg":"用户组权限不能为空"}');
    //if (!preg_match('~^[A-Za-z][A-Za-z]*[a-z0-9_]*$~', $_POST['g_name'])) die('{"code":"230","msg":"用户组名必须以字母开头,只允许字母、数字、下划线"}');
    $params['g_name'] = $_POST['g_name'];
    //$params['g_urank'] = $_POST['g_urank'];
    $params['g_remark'] = isset($_POST['g_remark']) && !empty($_POST['g_remark']) ? htmlspecialchars($_POST['g_remark']) : '';
    $params['create_time'] = time();
    if (intval($_POST['group_id']) > 0) {
        $where = " group_id ='" . $_POST['group_id'] . "'";
        $res = $dbm->single_update(TB_PREFIX . "admin_group", $params, $where);
        if (empty($res['error'])) {
            logs("用户组编辑成功,用户组ID为:{$_POST['group_id']}");
            die('{"code":"0","msg":"操作成功"}');
        }
        logs("编辑用户组失败,请核实后再添加,用户组ID为:{$_POST['group_id']}");
        die('{"code":"280","msg":"编辑用户组失败,请核实后再添加"}');
    } else {
        // 添加会员
        $where = " g_name='" . $_POST['g_name'] . "'";
        $a = $dbm->single_query(array('where' => $where, 'table_name' => TB_PREFIX . "admin_group"));
        if (count($a['list']) > 0) {
            die('{"code":"260","msg":"用户组名字不能重复"}');
        }
        $res = $dbm->single_insert(TB_PREFIX . "admin_group", $params);
        if ($res['autoid'] > 0) {
            logs("添加用户组成功,用户组名字为:{$_POST['g_name']}");
            die('{"code":"0","msg":"添加用户组成功"}');
        }
        logs("添加用户组失败,请核实后再添加,用户组名字为:{$_POST['g_name']}");
        die('{"code":"270","msg":"添加用户组失败,请核实后再添加"}');
    }
}
예제 #12
0
파일: nlink.php 프로젝트: cranefly/crane
function m__edit()
{
    global $l_obj, $n_obj, $page;
    check_level("D0501");
    $reg = "~^((https|http|ftp|rtsp|mms)?://)~";
    $nlink = $_POST;
    //处理数据隐藏安全
    foreach ($nlink as $k => $n) {
        $nlink[$k] = urldecode(helper::escape($n));
    }
    //验证数据合法性
    if (!is_numeric($nlink['nlink_id'])) {
        die('{"code":"210","msg":"内链词ID必须是数字"}');
    }
    if (empty($nlink['nlink_txt'])) {
        die('{"code":"220","msg":"内链名称不能为空"}');
    }
    if (empty($nlink['nlink_url'])) {
        die('{"code":"230","msg":"内链地址不能为空"}');
    }
    if (!preg_match($reg, $nlink['nlink_url'])) {
        die('{"code":"230","msg":"链接地址不合法"}');
    }
    //要入库的数据
    $params['nlink_txt'] = $nlink['nlink_txt'];
    $params['nlink_url'] = $nlink['nlink_url'];
    if ($nlink['nlink_id'] > 0) {
        // 编辑
        $where = " nlink_id='" . $nlink['nlink_id'] . "'";
        $res = $n_obj->update($params, $where);
        if ($res['state'] == 0) {
            $l_obj->insert("更新内链词成功:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
            die('{"code":"0","msg":"更新内链词成功","nid":"' . $nlink['nlink_id'] . '"}');
        }
        die('{"code":"240","msg":"更新内链词失败"}');
    } else {
        // 添加内链
        $res = $n_obj->insert($params);
        if ($res['state'] == 0) {
            $l_obj->insert("添加内链词成功:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
            die('{"code":"0","msg":"添加内链词成功","nid":"' . $res['msg'] . '"}');
        }
        die('{"code":"100","msg":"添加内链词失败,请核对重试"}');
    }
}
예제 #13
0
파일: area.php 프로젝트: cranefly/crane
function m__edit()
{
    global $area_obj, $l_obj;
    if ($_GET['type'] == 1) {
        check_level("H0401");
    } else {
        check_level("H0501");
    }
    $area = $_POST;
    //处理数据隐藏安全
    foreach ($area as $k => $n) {
        $area[$k] = urldecode(helper::escape($n));
        if ($k == 'area_html') {
            $area[$k] = serialize($area[$k]);
        }
    }
    //验证数据合法性
    if (!is_numeric($area['area_id'])) {
        die('{"code":"100","msg":"位置ID必须是数字"}');
    }
    if (empty($area['title'])) {
        die('{"code":"100","msg":"标题不能为空"}');
    }
    if ($area['area_id'] > 0) {
        // 编辑
        $res = $area_obj->update($area, $area['area_id']);
        if ($res['state'] == 0) {
            $l_obj->insert("编辑成功:" . $area['title']);
            die('{"code":"0","msg":"编辑成功","area_id":"' . $area['area_id'] . '"}');
        }
        die('{"code":"240","msg":"编辑失败"}');
    } else {
        // 添加内链
        $res = $area_obj->insert($area);
        if ($res['state'] == 0) {
            $l_obj->insert("添加成功:" . $area['title']);
            die('{"code":"0","msg":"添加成功","area_id":"' . $res['msg'] . '"}');
        }
        die('{"code":"100","msg":"添加失败,"' . $res['msg'] . '}');
    }
}
예제 #14
0
 public static function sqlxss()
 {
     //处理$_GET
     foreach ($_GET as $k => $v) {
         if (is_array($v)) {
             foreach ($v as $a => $b) {
                 if (!is_array($b)) {
                     $b = helper::escape($b, 1);
                     $_GET[$k][$a] = htmlspecialchars(trim($b), ENT_QUOTES);
                 }
             }
         } else {
             $v = helper::escape($v, 1);
             $_GET[$k] = htmlspecialchars(trim($v), ENT_QUOTES);
         }
     }
     //处理$_POST
     foreach ($_POST as $k => $v) {
         if (is_array($v)) {
             foreach ($v as $a => $b) {
                 if (!is_array($b)) {
                     $b = helper::escape($b, 1);
                     $_POST[$k][$a] = htmlspecialchars(trim($b), ENT_QUOTES);
                 }
             }
         } else {
             $v = helper::escape($v, 1);
             $_POST[$k] = htmlspecialchars(trim($v), ENT_QUOTES);
         }
     }
 }
예제 #15
0
 public static function sqlxss($input)
 {
     if (is_array($input)) {
         foreach ($input as $k => $v) {
             $input[$k] = helper::sqlxss($v);
         }
     } else {
         $input = helper::escape($input, 1);
         $input = htmlspecialchars($input, ENT_QUOTES);
     }
     return $input;
 }
예제 #16
0
파일: category.php 프로젝트: cranefly/crane
function m__edit()
{
    global $c_obj, $l_obj;
    check_level("C0101");
    $post = $_POST;
    //处理数据隐藏安全
    foreach ($post as $k => $n) {
        $post[$k] = urldecode(helper::escape($n));
    }
    //验证数据合法性
    if (!is_numeric($post['cate_id'])) {
        die('{"code":"100","msg":"分类ID必须是数字"}');
    }
    if (empty($post['cname'])) {
        die('{"code":"100","msg":"标题不能为空"}');
    }
    unset($post['ad_list']);
    //去广告列表
    if ($post['cate_id'] > 0) {
        // 编辑
        //判断字母别名是否重复
        $where_py = " where cname_py = '" . $post['cname_py'] . "' and cate_id != " . $post['cate_id'];
        $pinyin = $c_obj->get_all($where_py);
        if (!empty($pinyin['list']) || count($pinyin['list']) > 0) {
            die('{"code":"100","msg":"字母别名不能重复"}');
        }
        //处理模板
        // 判断模板应用层数
        if (isset($post['index_copy'])) {
            update_cate_tpl($post['cate_id'], 'index', $post['index_copy'], $post['tpl_index']);
        }
        if (isset($post['listvar_copy'])) {
            update_cate_tpl($post['cate_id'], 'listvar', $post['listvar_copy'], $post['tpl_listvar']);
        }
        if (isset($post['content_copy'])) {
            update_cate_tpl($post['cate_id'], 'content', $post['content_copy'], $post['tpl_content']);
        }
        if (isset($post['listvar_copy'])) {
            unset($post['listvar_copy']);
        }
        if (isset($post['index_copy'])) {
            unset($post['index_copy']);
        }
        if (isset($post['content_copy'])) {
            unset($post['content_copy']);
        }
        $res = $c_obj->update($post, $post['cate_id']);
        if ($res['state'] == 0) {
            $l_obj->insert("编辑成功:" . $post['cname']);
            $c_obj->update_cate();
            die('{"code":"0","msg":"编辑成功","cate_id":"' . $post['cate_id'] . '"}');
        }
        die('{"code":"240","msg":"编辑失败"}');
    } else {
        //判断字母别名是否重复
        $where_py = " where cname_py = '" . $post['cname_py'] . "'";
        $pinyin = $c_obj->get_all($where_py);
        if (!empty($pinyin['list']) || count($pinyin['list']) > 0) {
            die('{"code":"100","msg":"字母别名不能重复"}');
        }
        // 添加
        if (isset($post['listvar_copy'])) {
            unset($post['listvar_copy']);
        }
        if (isset($post['index_copy'])) {
            unset($post['index_copy']);
        }
        if (isset($post['content_copy'])) {
            unset($post['content_copy']);
        }
        $res = $c_obj->insert($post);
        if ($res['state'] == 0) {
            $l_obj->insert("添加成功:" . $post['cname']);
            $c_obj->update_cate();
            die('{"code":"0","msg":"添加成功","cid":"' . $res['msg'] . '"}');
        }
        die('{"code":"100","msg":"添加失败,"' . $res['msg'] . '}');
    }
}
예제 #17
0
파일: comment.php 프로젝트: cranefly/crane
function m__reply()
{
    global $dbm, $c;
    check_level("E0703");
    if (!isset($_POST['comment_id']) || !is_numeric($_POST['comment_id'])) {
        die('{"code":"101","msg":"回复评论ID出错"}');
    }
    if (!isset($_POST['comment']) || trim($_POST['comment']) == '') {
        die('{"code":"101","msg":"回复评论不能为空"}');
    }
    $comment = helper::escape(htmlspecialchars($_POST['comment']), 1);
    $comment_id = intval($_POST['comment_id']);
    $rs = $dbm->query_update("UPDATE " . TB_PREFIX . "comment SET reply = '{$comment}' WHERE comment_id = '{$comment_id}'");
    if ($rs['error'] == '') {
        die('{"code":"0","msg":"回复成功"}');
    }
    die('{"code":"1","msg":"评论失败"}');
}
예제 #18
0
function m__set_state()
{
    global $dbm;
    check_level($_GET['table'] . "_03");
    $params = array();
    foreach ($_GET as $k => $v) {
        $_GET[$k] = helper::escape($v, 1);
    }
    if (isset($_GET['state'])) {
        $_GET['state'] = $_GET['state'] == 0 ? 1 : 0;
    }
    if (!is_numeric($_GET['state'])) {
        die('{"code":"210","msg":"状态必须是数字"}');
    }
    if (!isset($_GET['table']) || empty($_GET['table'])) {
        die('{"code":"220","msg":"独立表出错"}');
    }
    $talbe = $_GET['table'];
    $table_name = TB_PREFIX . $talbe;
    $params['is_check'] = $_GET['state'];
    if (!is_array($_POST['params'])) {
        $_POST['params'] = array($_POST['params']);
    }
    foreach ($_POST['params'] as $kid => $id) {
        if (!is_numeric($id)) {
            die('{"code":"220","msg":"表ID必须是数字"}');
        }
        $where = " {$talbe}_id = '" . $id . "'";
        $res = $dbm->single_update($table_name, $params, $where);
        if (!empty($res['error'])) {
            continue;
        }
    }
    $msg = '设置成功';
    die('{"code":"0","msg":"' . $msg . '"}');
}
예제 #19
0
파일: ad.php 프로젝트: cranefly/crane
function m__area_edit()
{
    global $ad_obj, $l_obj;
    check_level("H0303");
    $ad_area = $_POST;
    //处理数据隐藏安全
    foreach ($ad_area as $k => $n) {
        $ad_area[$k] = urldecode(helper::escape($n));
    }
    //验证数据合法性
    if (!is_numeric($ad_area['area_id'])) {
        die('{"code":"100","msg":"广告位ID必须是数字"}');
    }
    if (empty($ad_area['area_name'])) {
        die('{"code":"0","msg":"广告位名称不能为空"}');
    }
    //要入库的数据
    $params['area_name'] = $ad_area['area_name'];
    $params['remark'] = $ad_area['remark'];
    $params['area_type'] = $ad_area['area_type'];
    if ($ad_area['area_id'] > 0) {
        // 编辑
        $res = $ad_obj->update_area($params, $ad_area['area_id']);
        if ($res['state'] == 0) {
            $l_obj->insert("更新广告位成功:" . $params['area_name']);
            die('{"code":"0","msg":"更新广告位成功","area_id":"' . $ad_area['area_id'] . '"}');
        }
        die('{"code":"240","msg":"更新广告位失败"}');
    } else {
        // 添加内链
        $res = $ad_obj->insert_area($params);
        if ($res['state'] == 0) {
            $l_obj->insert("添加广告位成功:" . $params['area_name']);
            die('{"code":"0","msg":"添加广告位成功","area_id":"' . $res['msg'] . '"}');
        }
        die('{"code":"100","msg":"添加广告位失败,"' . $res['msg'] . '}');
    }
}
예제 #20
0
파일: comment.php 프로젝트: cranefly/crane
function m__save_comment()
{
    global $dbm, $c;
    //判断操作权限
    check_level("E0701");
    //处理POST数据
    foreach ($_POST as $k => $v) {
        $v = htmlspecialchars(trim($v));
        $_POST[$k] = helper::escape($v, 1);
    }
    $pl = isset($_POST['pl']) ? $_POST['pl'] : 0;
    //是否对前多少n条做出随机评论
    $c_path = '..' . $_POST['c_content'];
    $c_data = file_get_contents($c_path);
    $c_arr = explode('#', $c_data);
    //评论数组
    $c_arr_count = count($c_arr);
    //评论总数
    $uname = array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'y', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'Y', 'W', 'X', 'Y', 'Z');
    shuffle($uname);
    shuffle($c_arr);
    if ($pl == 1) {
        $info_tl = !empty($_POST['info_tl']) ? $_POST['info_tl'] : 20;
        $sql = "SELECT info_id FROM " . TB_PREFIX . "info_list WHERE 'info_state' =0 ORDER BY ' publish_time' LIMIT 0 , " . $info_tl;
    } else {
        $sql = "SELECT info_id FROM " . TB_PREFIX . "info_list WHERE 'info_state' =0 ORDER BY ' publish_time' LIMIT 0 , " . $c_arr_count;
    }
    $info_id_arr = $dbm->query($sql);
    //文档ID
    $count = count($info_id_arr['list']);
    if ($pl == 1) {
        //根据传入的条件获取文档随机插入评论
        foreach ($info_id_arr['list'] as $k => $v) {
            //随机ip
            $ip = rand(11, 254) . '.' . rand(2, 255) . '.' . rand(2, 255) . '.' . rand(2, 255);
            //随机时间
            $x = rand(6, 10);
            $time = time();
            if ($x % 2) {
                $time -= rand(1, 30) * 24 * 3600;
            } else {
                $time += rand(1, 30) * 24 * 3600;
            }
            //随机名字
            $name = '';
            for ($i = 0; $i < $x; $i++) {
                $name .= $uname[rand(0, 61)];
            }
            //随机评论
            $a = rand(0, $c_arr_count - 1);
            $cont = $c_arr[$a];
            //开始插入
            $fields = array('info_id' => $v['info_id'], 'content' => $cont, 'uname' => $name, 'date_add' => $time, 'ip' => $ip);
            $rs = $dbm->single_insert(TB_PREFIX . 'comment', $fields);
            if ($rs['autoid'] >= 0) {
                //修改评论量
                $sql = "UPDATE mcms_info_list SET info_comments = info_comments+1 WHERE info_id =" . $v['info_id'];
                $rss = $dbm->query_update($sql);
                if ($rss['error'] != '') {
                    $dbm->query_update("DELETE FROM " . TB_PREFIX . "comment WHERE comment_id=" . $rs['autoid']);
                }
            }
        }
    } else {
        //随机插入 一条评论插入一次
        foreach ($c_arr as $k => $v) {
            //随机ip
            $ip = rand(11, 254) . '.' . rand(2, 255) . '.' . rand(2, 255) . '.' . rand(2, 255);
            //随机时间
            $x = rand(6, 10);
            $time = time();
            if ($x % 2) {
                $time -= rand(1, 30) * 24 * 3600;
            } else {
                $time += rand(1, 30) * 24 * 3600;
            }
            //随机名字
            $name = '';
            for ($i = 0; $i < $x; $i++) {
                $name .= $uname[rand(0, 61)];
            }
            //随机文档ID
            $a = rand(0, $count - 1);
            $id = $info_id_arr['list'][$a]['info_id'];
            //开始插入
            $fields = array('info_id' => $id, 'content' => $v, 'uname' => $name, 'date_add' => $time, 'ip' => $ip);
            $rs = $dbm->single_insert(TB_PREFIX . 'comment', $fields);
            if ($rs['autoid'] >= 0) {
                //修改评论量
                $sql = "UPDATE mcms_info_list SET info_comments = info_comments+1 WHERE info_id =" . $id;
                $rss = $dbm->query_update($sql);
                if ($rss['error'] != '') {
                    $dbm->query_update("DELETE FROM " . TB_PREFIX . "comment WHERE comment_id=" . $rs['autoid']);
                }
            }
        }
    }
    @unlink($c_path);
    if ($rs['autoid'] >= 0) {
        die('{"code":"1","msg":"评论成功"}');
    } else {
        die('{"code":"0","msg":"评论失败"}');
    }
}
예제 #21
0
파일: user.php 프로젝트: cranefly/crane
function m__qqbind()
{
    global $dbm;
    $params = array();
    if (isset($_SESSION['uid']) || isset($_SESSION['uname'])) {
        act_msg('index.php', "你已经登陆了");
    }
    if (isset($_SESSION['qq']['openid']) && isset($_GET['act']) && $_GET['act'] == 'bind') {
        $_SESSION['qq']['nickname'] = isset($_SESSION['qq']['nickname']) ? helper::escape($_SESSION['qq']['nickname']) : '';
        //判断用户名是否存在
        $params['uname'] = checkuser($_SESSION['qq']['nickname'], $_SESSION['qq']['nickname']);
        $params['upass'] = helper::password_encrypt(substr(uniqid(rand()), -6));
        $params['reg_date'] = time();
        $params['reg_ip'] = helper::getip();
        $params['qqid'] = helper::escape($_SESSION['qq']['openid']);
        $res = $dbm->single_insert(TB_PREFIX . "user_list", $params);
        //清除QQ登录记录
        unset($_SESSION['qq']);
        if (empty($res['error']) && $res['autoid'] > 0) {
            $_SESSION['uid'] = $res['autoid'];
            $_SESSION['uname'] = $params['uname'];
            //清除QQ登录记录
            act_msg("index.php?tpl=ucenter", "登录成功!");
        } else {
            act_msg("index.php?tpl=index", "登录失败!");
        }
    }
    //act_msg('index.php?tpl=index', "请登陆QQ再绑定用户");
}
예제 #22
0
파일: info.php 프로젝트: cranefly/crane
function m__edit()
{
    global $c_obj, $i_obj, $l_obj, $r_obj;
    check_level("C0201");
    $post = $_POST;
    // 判断表单
    foreach ($post as $k => $v) {
        if ($k == 'info_title' && $v == '') {
            die('{"code":100,"msg":"请填写标题"}');
        }
        if ($k == 'last_cate_id' && ($v == '0' || $v == 'undefined')) {
            die('{"code":100,"msg":"请选择分类"}');
        }
        $fields[$k] = helper::escape($v, 1);
        if ($k == 'reso') {
            $resource = $fields[$k];
            unset($fields[$k]);
        }
    }
    if ($fields['info_id'] > 0) {
        // 编辑
        //如过修改了分类
        $info_old = $i_obj->get_all(" where info_id = " . $fields['info_id']);
        if (!empty($info_old['list']) && count($info_old['list']) > 0) {
            $info_old = $info_old['list'][0];
            if ($info_old['last_cate_id'] != $fields['last_cate_id']) {
                $categories = $c_obj->cate_father($fields['last_cate_id']);
                foreach ($categories as $ckey => $cval) {
                    $c_obj->update_cdata($cval['cate_id']);
                }
                $cate_old = $c_obj->cate_father($info_old['last_cate_id']);
                foreach ($cate_old as $ckey => $cval) {
                    $c_obj->update_cdata($cval['cate_id'], "del");
                }
            }
        }
        $res = $i_obj->update($fields, $fields['info_id']);
        if ($res['state'] == 0) {
            $l_obj->insert("更新文档成功:" . $fields['info_title']);
            $c_obj->update_cate();
            die('{"code":"0","msg":"更新文档成功","info_id":"' . $fields['info_id'] . '"}');
        }
        die('{"code":"240","msg":"更新文档失败"}');
    } else {
        $res = $i_obj->insert($fields);
        if ($res['state'] == 0) {
            $new_id = $res['msg'];
            //需要更新分类对应的总算量
            $categories = $c_obj->cate_father($fields['last_cate_id']);
            foreach ($categories as $ckey => $cval) {
                //添加分类关系
                $params_r = array('cate_id' => $cval['cate_id'], 'info_id' => $new_id, 'id_create_time' => time());
                $r_obj->insert($params_r);
                $c_obj->update_cdata($cval['cate_id']);
            }
            $l_obj->insert("添加文档成功:" . $fields['info_title']);
            $c_obj->update_cate();
            die('{"code":"0","msg":"添加文档成功:' . $fields['info_title'] . '","info_id":"' . $res['msg'] . '"}');
        }
        die('{"code":"100","msg":"添加文档失败"}');
    }
}
예제 #23
0
파일: flink.php 프로젝트: cranefly/crane
function m__edit_g()
{
    global $f_obj, $l_obj;
    check_level("E0101");
    $group = $_POST;
    $reg = "~^((https|http|ftp|rtsp|mms)?://)~";
    //处理数据安全隐患
    foreach ($group as $k => $f) {
        $group[$k] = urldecode(helper::escape($f));
    }
    //print_r($group);die();
    //验证数据合法性
    if (!is_numeric($group['flink_group_id'])) {
        die('{"code":"210","msg":"链接ID必须是数字"}');
    }
    if (!is_numeric($group['flink_order'])) {
        die('{"code":"210","msg":"排序必须是数字"}');
    }
    if (empty($group['flink_group_name'])) {
        die('{"code":"220","msg":"链接名称不能为空"}');
    }
    //if (empty($group['flink_group_url'])) die('{"code":"230","msg":"链接地址不能为空"}');
    //if (!preg_match($reg, $group['flink_group_url'])) die('{"code":"230","msg":"链接地址不合法"}');
    //组合入库数据
    $params['flink_order'] = $group['flink_order'];
    $params['flink_group_name'] = $group['flink_group_name'];
    $params['flink_group_url'] = $group['flink_group_url'];
    $params['flink_group_img'] = $group['flink_group_img'];
    if ($group['flink_group_id'] > 0) {
        // 编辑
        $where = " flink_group_id='" . $group['flink_group_id'] . "'";
        $res = $f_obj->update_group($params, $where);
        if ($res) {
            $l_obj->insert("成功编辑了友情链接! 链接名称:" . $params['flink_group_name']);
            die('{"code":"0","msg":"更新友情链接成功"}');
        }
        die('{"code":"240","msg":"编辑友情链接失败"}');
    } else {
        // 添加友链
        $res = $f_obj->insert_group($params);
        if ($res > 0) {
            $l_obj->insert("成功添加了友情链接!链接名称:" . $params['flink_group_name']);
            die('{"code":"0","msg":"添加友情链接成功","flink_id": "' . $res . '"}');
        }
        die('{"code":"100","msg":"添加友情链接失败,请核对重试"}');
    }
}
예제 #24
0
파일: model.php 프로젝트: cranefly/crane
function m__save_attr()
{
    global $m_obj, $l_obj;
    check_level("D0303");
    $post = $_POST;
    $model_id = isset($_GET['mid']) ? $_GET['mid'] : 0;
    $where = " where model_id = '" . $model_id . "'";
    $model_exist = $m_obj->get_model($where);
    if (empty($model_exist['list']) || count($model_exist['list']) < 0) {
        die('{"code":100,"msg":"模型不存在"}');
    }
    $model = $model_exist['list'][0];
    //模型
    // 初始化数据
    foreach ($post as $key => $val) {
        $post[$key] = helper::escape($val, 1);
        $post[$key] = preg_replace('~"~', '&#34;', $post[$key]);
        if ($key == 'title' && $val == '') {
            die('{"code":1,"msg":"字段文字不能为空"}');
        }
        if ($key == 'field' && $val == '') {
            die('{"code":1,"msg":"字段名称不能为空"}');
        }
        if ($key == 'field_type' && $val == '') {
            die('{"code":1,"msg":"字段类型不能为空"}');
        }
        if ($key == 'field' && !preg_match('~^[a-z][a-z0-9_]*$~', $val)) {
            die('{"code":1,"msg":"字段名称只允许小写字母开头,小写字母数字和下划线"}');
        }
    }
    //字段存入数据库
    $where_field = " where model_id='{$model['model_id']}' and field='{$post['field']}'";
    $field = $m_obj->get_model_fields($where_field);
    if (empty($field)) {
        $post['model_id'] = $model['model_id'];
        $post['model_name'] = $model['model_name'];
        $res = $m_obj->insert_fields($post);
        if ($res > 0) {
            //更新表结构
            $table_update = $m_obj->update_table($model);
            $m_obj->update_models();
            $l_obj->insert("类添加成功,字段名为:" . $post['title']);
            die('{"code":0,"msg":"新增字段成功"}');
        }
    } else {
        $where = " field_id = " . $field[0]['field_id'];
        $res = $m_obj->update_fields($post, $where);
        if ($res) {
            //更新表结构
            $table_update = $m_obj->update_table($model);
            $m_obj->update_models();
            $l_obj->insert("类添加成功,分类名为:" . $post['title']);
            die('{"code":0,"msg":"修改字段成功"}');
        }
    }
    die('{"code":0,"msg":"操作失败"}');
}
예제 #25
0
/**
 * 获取编辑或添加会员
 */
function m__edit()
{
    global $dbm;
    check_level("E0102");
    $params = array();
    foreach ($_POST as $k => $v) {
        $_POST[$k] = helper::escape($v, 1);
    }
    if (!is_numeric($_POST['user_id'])) {
        die('{"code":"210","msg":"会员UID必须是数字"}');
    }
    // 验证会员信息是否合法
    if (empty($_POST['uname'])) {
        die('{"code":"210","msg":"会员名不能为空"}');
    }
    $rules = "/\\w+([-+.']\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*/";
    if (trim($_POST['uemail']) != '' && !preg_match($rules, $_POST['uemail'])) {
        die('{"code":"270","msg":"请正确填写邮箱格式!"}');
    }
    //if (!preg_match('~^[A-Za-z][A-Za-z]*[a-z0-9_]*$~', $_POST['uname'])) die('{"code":"230","msg":"会员名必须以字母开头,只允许字母、数字、下划线"}');
    $params['uname'] = $_POST['uname'];
    $params['uemail'] = trim($_POST['uemail']);
    $params['uphone'] = isset($_POST['uphone']) && trim($_POST['uphone']) != '' ? trim($_POST['uphone']) : '';
    $params['uqq'] = isset($_POST['uqq']) && trim($_POST['uqq']) != '' ? trim($_POST['uqq']) : '';
    $params['gender'] = intval($_POST['gender']);
    $params['reg_ip'] = helper::getip();
    $params['reg_date'] = time();
    $params['ustate'] = isset($_POST['ustate']) ? intval($_POST['ustate']) : 0;
    $params['upoint'] = intval($_POST['upoint']);
    if (intval($_POST['user_id']) > 0) {
        if (isset($_POST['upass']) && $_POST['upass'] != '') {
            if (strlen($_POST['upass']) < 5 || strlen($_POST['upass']) > 20) {
                die('{"code":"280","msg":"密码不符合要求,必须5到20字符"}');
            }
            if ($_POST['upass'] != $_POST['re_pass']) {
                die('{"code":"270","msg":"两次密码不一致"}');
            }
            $params['upass'] = helper::password_encrypt($_POST['upass']);
        }
        $where = " user_id ='" . $_POST['user_id'] . "'";
        $res = $dbm->single_update(TB_PREFIX . "user_list", $params, $where);
        if (empty($res['error'])) {
            logs("账号编辑成功,账号ID为:{$_POST['user_id']}");
            die('{"code":"0","msg":"操作成功"}');
        }
        logs("编辑账号失败,请核实后再添加,账号ID为:{$_POST['user_id']}");
        die('{"code":"280","msg":"编辑账号失败,请核实后再添加"}');
    } else {
        // 添加会员
        $where = " uname='" . $_POST['uname'] . "'";
        $a = $dbm->single_query(array('where' => $where, 'table_name' => TB_PREFIX . "user_list"));
        if (count($a['list']) > 0) {
            die('{"code":"260","msg":"会员名不能重复"}');
        }
        if (empty($_POST['upass'])) {
            die('{"code":"220","msg":"密码不能为空"}');
        }
        if (strlen($_POST['upass']) < 5) {
            die('{"code":"240","msg":"密码过于简单,必须5到20字符"}');
        }
        if (strlen($_POST['upass']) > 20) {
            die('{"code":"250","msg":"密码超出限定的20字符长度,"}');
        }
        if ($_POST['upass'] != $_POST['re_pass']) {
            die('{"code":"270","msg":"两次密码不一致"}');
        }
        $params['upass'] = helper::password_encrypt($_POST['upass']);
        $res = $dbm->single_insert(TB_PREFIX . "user_list", $params);
        if ($res['autoid'] > 0) {
            logs("添加会员成功,会员ID为:{$_POST['uname']}");
            die('{"code":"0","msg":"添加会员成功"}');
        }
        logs("添加会员失败,请核实后再添加,会员ID为:{$_POST['uname']}");
        die('{"code":"270","msg":"添加会员失败,请核实后再添加"}');
    }
}
예제 #26
0
파일: category.php 프로젝트: cranefly/crane
function m__cate_save()
{
    global $dbm, $c;
    //判断操作权限
    check_level("C0401");
    // 预处理数据
    foreach ($_POST as $a => $b) {
        $_POST[$a] = helper::escape($b, 1);
    }
    //print_r($_POST);die();
    // 验证数据
    //if ($_POST['parent_id'] > 0 && $_POST['extern_id'] != $c -> categories[$_POST['parent_id']]['extern_id']) die('{"code":"100","msg":"子分类必须保持模型一致"}');
    if ($_POST['cname'] == '') {
        die('{"code":"100","msg":"分类名称必须填写"}');
    }
    if ($_POST['cname_py'] == '') {
        die('{"code":"100","msg":"字母别名必须填写"}');
    }
    //去掉不需要的参数
    unset($_POST['ad_list']);
    unset($_POST['hashtoken']);
    // print_r($_POST);die();
    // 添加分类
    if ($_POST['cate_id'] == '0') {
        $has_py = $dbm->scalar("select count(0) as t from " . TB_PREFIX . "category where cname_py='" . $_POST['cname_py'] . "'");
        if ($has_py['t'] > 0) {
            die('{"code":"100","msg":"字母别名不允许重复"}');
        }
        // 判断是否可以添加子类
        if ($c->cate_last($_POST['parent_id']) == 0 && ($_POST['parent_id'] > 0 && $c->categories[$_POST['parent_id']]['cdata'] > 0)) {
            die('{"code":"100","msg":"分类下有数据,不允许添加子类"}');
        }
        // 添加分类
        if (isset($_POST['listvar_copy'])) {
            unset($_POST['listvar_copy']);
        }
        if (isset($_POST['index_copy'])) {
            unset($_POST['index_copy']);
        }
        if (isset($_POST['content_copy'])) {
            unset($_POST['content_copy']);
        }
        $a = $dbm->single_insert(TB_PREFIX . 'category', $_POST);
        if ($a['error'] != '') {
            die('{"code":"1","msg":"分类添加失败' . $a['error'] . '"}');
        }
        $c->update_cate();
        logs("添加分类成功,分类名称为:{$_POST['cname']}");
        die('{"code":"0","msg":"分类添加成功"}');
    } else {
        // 修改分类
        $_cate = $dbm->scalar("select cname_py from " . TB_PREFIX . "category where cate_id='" . $_POST['cate_id'] . "'");
        // 如果字母别名发生了变动,则需要判断字母别名是否重复
        if ($_cate['cname_py'] != $_POST['cname_py']) {
            $has_py = $dbm->scalar("select count(0) as t from " . TB_PREFIX . "category where cname_py='" . $_POST['cname_py'] . "'");
            if ($has_py['t'] > 0) {
                die('{"code":"100","msg":"字母别名不允许重复"}');
            }
        }
        // 修改分类
        $where = "cate_id='" . $_POST['cate_id'] . "'";
        $a = $dbm->single_update(TB_PREFIX . 'category', $_POST, $where);
        // 判断模板应用层数
        if (isset($_POST['index_copy'])) {
            update_cate_tpl($_POST['cate_id'], 'index', $_POST['index_copy'], $_POST['tpl_index']);
        }
        if (isset($_POST['listvar_copy'])) {
            update_cate_tpl($_POST['cate_id'], 'listvar', $_POST['listvar_copy'], $_POST['tpl_listvar']);
        }
        if (isset($_POST['content_copy'])) {
            update_cate_tpl($_POST['cate_id'], 'content', $_POST['content_copy'], $_POST['tpl_content']);
        }
        $c->update_cate();
        logs("修改分类成功,分类ID为:{$_POST['cate_id']}");
        die('{"code":"0","msg":"分类修改成功"}');
    }
}
예제 #27
0
파일: index.php 프로젝트: cranefly/crane
    }
    if (strlen($q) > 20) {
        die_error('搜索词太长');
    }
    if (!preg_match("/^[\\x{4e00}-\\x{9fa5}A-Za-z0-9_\\-\\.\\s]+\$/u", $q)) {
        die_error($q . ' ===> 搜索词只允许下划线,数字,字母,汉字,横杠和空格,请重新输入');
    }
    $sql = "SELECT * FROM " . TB_PREFIX . "keyword WHERE keyword = '{$_GET['q']}'";
    $res = $dbm->query($sql);
    $_SESSION['postdata']['search'] = time();
    if (is_array($res['list']) && count($res['list']) > 0) {
        $sql = "UPDATE " . TB_PREFIX . "keyword SET qnum = qnum+1 WHERE keyword = '{$_GET['q']}'";
        $dbm->query_update($sql);
    } else {
        $fields = array();
        $fields['keyword'] = helper::escape($_GET['q']);
        $fields['qnum'] = 1;
        $dbm->single_insert(TB_PREFIX . "keyword", $fields);
    }
}
//【003-1】判断是否绑定域名,匹配域名对应的分类
foreach ($c->categories as $k => $v) {
    if (strstr($v['go_url'], $_SERVER['HTTP_HOST'])) {
        if (!isset($_GET['tpl'])) {
            $_GET['tpl'] = 'list_info';
            $_GET['cid'] = $v['cate_id'];
            break;
        }
    }
}
//【004】处理GET参数