function checkLogin() { global $db; $m_name = be("post", "m_name"); $m_name = chkSql($m_name, true); $m_password = be("post", "m_password"); $m_password = chkSql($m_password, true); $m_password = md5($m_password); $m_check = be("post", "m_check"); if (isN($m_name) || isN($m_password) || isN($m_check)) { alertUrl("请输入您的用户名或密码!", "?action=login"); } $row = $db->getRow("SELECT * FROM {pre}manager WHERE m_name='" . $m_name . "' AND m_password = '******' AND m_status=1"); if ($row && $m_check == app_safecode) { sCookie("adminid", $row["m_id"]); sCookie("adminname", $row["m_name"]); sCookie("adminlevels", $row["m_levels"]); $randnum = md5(rand(1, 99999999)); sCookie("admincheck", md5($randnum . $row["m_name"] . $row["m_id"])); $db->Update("{pre}manager", array("m_logintime", "m_loginip", "m_random"), array(date("Y-m-d H:i:s"), getIP(), $randnum), " m_id=" . $row["m_id"]); echo "<script>top.location.href='index.php';</script>"; } else { alertUrl("您输入的用户名和密码不正确或者您不是系统管理员!", "?action=login"); } }
function del() { $file = be("all", "file"); if (file_exists($file)) { unlink($file); } alertUrl("模板删除完毕", getReferer()); }
//支付宝交易号 $trade_no = $_GET['trade_no']; //交易状态 $trade_status = $_GET['trade_status']; if ($_GET['trade_status'] == 'WAIT_SELLER_SEND_GOODS' || $_GET['trade_status'] == 'TRADE_FINISHED') { //判断该笔订单是否在商户网站中已经做过处理 //如果没有做过处理,根据订单号(out_trade_no)在商户网站的订单系统中查到该笔订单的详细,并执行商户的业务程序 //如果有做过处理,不执行商户的业务程序 $db = new AppDb($MAC['db']['server'], $MAC['db']['user'], $MAC['db']['pass'], $MAC['db']['name']); $sql = 'select * from {pre}user_pay where p_status=0 and p_order=' . $out_trade_no; $row = $db->getRow($sql); if ($row) { $point = $row['p_point']; $db->query("update {pre}user set u_points=u_points+" . $point . " where u_id = " . $row["p_uid"]); $db->query("update {pre}user set p_status=1 where p_order=" . $out_trade_no); } unset($row); alertUrl("充值成功", "../../../index.php?m=user-index"); } else { echo "trade_status=" . $_GET['trade_status']; } // echo "验证成功<br />"; // echo "trade_no=".$trade_no; //——请根据您的业务逻辑来编写程序(以上代码仅作参考)—— ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// } else { //验证失败 echo "fail"; //调试用,写文本函数记录程序运行情况是否正常 //logResult("这里写入想要调试的代码变量值,或其他运行的结果记录"); }
if (!$stat) { $msg = "对不起,您登录IP段不在受理范围,请联系管理员续费!"; } } else { if ($rowu["u_points"] < $row["d_stint"]) { if (strpos("," . $rowu["u_downs"], $downf)) { $stat = true; } if (!$stat) { $msg = "对不起,您的积分不够,无法下载收费数据,请推荐本站给您的好友、赚取更多积分"; } } $upoint = $rowu["u_points"] - $row["d_stint"]; } if (!empty($msg)) { alertUrl($msg, MAC_PATH . "index.php?m=user-index.html"); exit; } if (strpos("," . $rowu["u_downs"], $downf) > 0) { $stat = true; } if (!$stat) { $udowns = "," . $rowu["u_downs"] . $downf; $udowns = str_replace(",,", ",", $udowns); $db->Update("{pre}user", array("u_points", "u_downs"), array($upoint, $udowns), "u_id=" . $uid); } } unset($rowu); } $tpl->T = $MAC_CACHE['vodtype'][$row['d_type']]; $tpl->D = $row;
$MerPriv = $_POST['MerPriv']; //商户私有域 $RetType = $_POST['RetType']; //返回类型 $DivDetails = $_POST['DivDetails']; //分账明细 $GateId = $_POST['GateId']; //银行ID $ChkValue = $_POST['ChkValue']; //签名信息 $MsgData = $_POST['MsgData']; //数据信息 $SignData = getPage("http://pay.yinshengvip.com/versign/?MsgData=" . $MsgData . "&ChkValue=" . $ChkValue, "utf-8"); if ($SignData == "0") { if ($RespCode == "000000") { //交易成功 //根据订单号 进行相应业务操作 //在些插入代码 $point = $MAC['pay']['exc'] * intval($OrdAmt); $db->query("update {pre}user set u_points=u_points+" . $point . " where u_id = " . $_SESSION["userid"]); alertUrl("充值成功", "../../../index.php?m=user-index"); } else { //交易失败 //根据订单号 进行相应业务操作 //在些插入代码 alertUrl("支付失败请重试", "../../../index.php?m=user-pay2"); } } else { //验签失败 alertUrl("验签失败请重试[" . SignData . "]", "../../../index.php?m=user-pay2"); }
} $row = $db->getRow('SELECT * FROM {pre}manager WHERE m_name=\'' . mysql_real_escape_string($m_name) . '\' AND m_password = \'' . $m_password . '\' AND m_status=1'); if ($row && $m_check == $MAC['app']['safecode']) { $_SESSION['adminauth'] = TRUE; $_SESSION['adminid'] = $row['m_id']; $_SESSION['adminname'] = $row['m_name']; session_regenerate_id(); $randnum = md5(rand(1, 99999999)); sCookie('adminid', $row['m_id']); sCookie('adminname', $row['m_name']); sCookie('adminlevels', $row['m_levels']); sCookie('admincheck', md5($randnum . $row['m_name'] . $row['m_id'])); $db->Update('{pre}manager', array('m_logintime', 'm_loginip', 'm_random'), array(time(), ip2long(getIP()), $randnum), ' m_id=' . $row['m_id']); redirect('?m=admin-index'); } else { alertUrl('您输入的用户名和密码不正确或者您不是系统管理员!', '?m=admin-login'); } } elseif ($method == 'login') { $plt->set_file('main', $ac . '_' . $method . '.html'); $plt->parse('mains', 'main'); } elseif ($method == 'logout') { if (isset($_SESSION['adminauth'])) { unset($_SESSION); session_destroy(); } sCookie('adminname', ''); sCookie('adminid', ''); sCookie('adminlevels', ''); sCookie('admincheck', ''); redirect('?m=admin-login'); } elseif ($method == 'index') {
function maketopicall() { global $flag, $makeinterval, $cache; $num = be("get", "num"); if ($flag == "art") { $topicarr = $cache[3]; } else { $topicarr = $cache[2]; } $topicarrconunt = count($topicarr); if (isN($num)) { $num = 0; } else { if (intval($num) > intval($topicarrconunt) - 1) { alertUrl("所有专题生成完毕", "admin_makehtml.php"); } } maketopicbyid($topicarr[$num]["t_id"]); echo "<br>暂停" . $makeinterval . "秒后继续生成<script language=\"javascript\">setTimeout(\"makeNexttype();\"," . $makeinterval . "000);function makeNexttype(){location.href='?action=topicall&flag=" . $flag . "&num=" . ($num + 1) . "';}</script>"; }
function save() { global $db, $cache, $action; //1 $p_id = be("all", "p_id"); $p_name = be("post", "p_name"); $p_coding = be("post", "p_coding"); $p_pagetype = be("post", "p_pagetype"); $p_url = be("post", "p_url"); $p_pagebatchurl = be("post", "p_pagebatchurl"); $p_manualurl = be("post", "p_manualurl"); $p_pagebatchid1 = be("post", "p_pagebatchid1"); $p_pagebatchid2 = be("post", "p_pagebatchid2"); $p_collecorder = be("post", "p_collecorder"); $p_savefiles = be("post", "p_savefiles"); $p_ontime = be("post", "p_ontime"); $p_hitsstart = be("post", "p_hitsstart"); $p_hitsend = be("post", "p_hitsend"); $p_showtype = be("post", "p_showtype"); $p_script = be("arr", "p_script"); $sarr = explode(",", $p_script); $p_script = 0; foreach ($sarr as $s) { if (!isN($s)) { $p_script = $p_script | intval($s); } } if (isN($p_collecorder)) { $p_collecorder = 0; } if (isN($p_savefiles)) { $p_savefiles = 0; } if (isN($P_IntoLib)) { $P_IntoLib = 0; } if (isN($p_ontime)) { $p_ontime = 0; } if (isN($p_server)) { $p_server = 0; } if (!isNum($p_pagebatchid1)) { $p_pagebatchid1 = 1; } if (!isNum($p_pagebatchid2)) { $p_pagebatchid2 = 1; } //2 $p_listcodestart = be("post", "p_listcodestart"); $p_listcodeend = be("post", "p_listcodeend"); $p_listlinkstart = be("post", "p_listlinkstart"); $p_listlinkend = be("post", "p_listlinkend"); $p_titletype = be("post", "p_titletype"); $p_authortype = be("post", "p_authortype"); if (isN($p_authortype)) { $p_authortype = 0; } else { $p_authortype = intval($p_authortype); } if (isN($p_titletype)) { $p_titletype = 0; } else { $p_titletype = intval($p_titletype); } //3 $p_timestart = be("post", "p_timestart"); $p_timeend = be("post", "p_timeend"); $p_classtype = be("post", "p_classtype"); $p_collect_type = be("post", "p_collect_type"); $p_typestart = be("post", "p_typestart"); $p_typeend = be("post", "p_typeend"); $p_contentstart = be("post", "p_contentstart"); $p_contentend = be("post", "p_contentend"); if (isN($p_collect_type)) { $p_collect_type = 0; } $strlisturl = be("post", "listurl"); if ($p_authortype == 1) { $p_authorstart = be("post", "p_listauthorstart"); $p_authorend = be("post", "p_listauthorend"); } else { $p_authorstart = be("post", "p_authorstart"); $p_authorend = be("post", "p_authorend"); } if ($p_titletype == 1) { $p_titlestart = be("post", "p_listtitlestart"); $p_titleend = be("post", "p_listtitleend"); } else { $p_titlestart = be("post", "p_titlestart"); $p_titleend = be("post", "p_titleend"); } $strSet = ""; if (isN($p_id)) { $sql = "INSERT {pre}cj_art_projects(p_time) values ('" . date('Y-m-d H:i:s', time()) . "')"; $db->query($sql); $p_id = $db->insert_id(); } $strSet .= " p_name='" . $p_name . "',p_coding='" . $p_coding . "',p_pagetype='" . $p_pagetype . "',p_url='" . $p_url . "',p_pagebatchurl='" . $p_pagebatchurl . "',p_manualurl='" . $p_manualurl . "',p_pagebatchid1='" . $p_pagebatchid1 . "',p_pagebatchid2='" . $p_pagebatchid2 . "',p_script='" . $p_script . "',p_showtype='" . $p_showtype . "',p_collecorder='" . $p_collecorder . "',p_savefiles='" . $p_savefiles . "',p_ontime='" . $p_ontime . "',p_hitsstart='" . $p_hitsstart . "',p_hitsend='" . $p_hitsend . "',"; $strSet .= "p_authorstart='" . $p_authorstart . "',p_authorend='" . $p_authorend . "',p_titlestart='" . $p_titlestart . "',p_titleend='" . $p_titleend . "',p_listcodestart='" . $p_listcodestart . "',p_listcodeend='" . $p_listcodeend . "',p_listlinkstart='" . $p_listlinkstart . "',p_listlinkend='" . $p_listlinkend . "',p_authortype='" . $p_authortype . "',p_titletype='" . $p_titletype . "',"; $strSet .= "p_timestart='" . $p_timestart . "',p_timeend='" . $p_timeend . "',p_classtype='" . $p_classtype . "',p_collect_type='" . $p_collect_type . "',p_typestart='" . $p_typestart . "',p_typeend='" . $p_typeend . "',p_contentstart='" . $p_contentstart . "',p_contentend='" . $p_contentend . "'"; $db->query("update {pre}cj_art_projects set " . $strSet . " where p_id=" . $p_id); if ($action == "save") { alertUrl("保存成功", "collect_art_manage.php"); } else { headAdminCollect("文章自定义采集项目测试"); if ($p_pagetype != 3) { if (isN($_SESSION["strListCodeart"])) { $strListCode = getPage($strlisturl, $p_coding); $_SESSION["strListCodeart"] = $strListCode; } else { $strListCode = $_SESSION["strListCodeart"]; } if (isN($_SESSION["strListCodeCutart"])) { $strListCodeCut = getBody($strListCode, $p_listcodestart, $p_listcodeend); $_SESSION["strListCodeCutart"] = $strListCodeCut; } else { $strListCodeCut = $_SESSION["strListCodeCutart"]; } if (isN($_SESSION["linkarrcodeart"])) { $linkarrcode = getArray($strListCodeCut, $p_listlinkstart, $p_listlinkend); $_SESSION["linkarrcodeart"] = $linkarrcode; } else { $linkarrcode = $_SESSION["linkarrcodeart"]; } if ($p_authortype == 1) { $starringarr = getArray($strListCodeCut, $p_authorstart, $p_authorend); } if ($p_titletype == 1) { $titlearrcode = getArray($strListCodeCut, $p_titlestart, $p_titleend); } switch ($linkarrcode) { case False: errmsg("采集提示", "<li>在获取链接列表时出错。</li>"); break; default: $linkarr = explode("{Array}", $linkarrcode); $UrlTest = $linkarr[0]; $UrlTest = definiteUrl($UrlTest, $strlisturl); $linkcode = getPage($UrlTest, $p_coding); break; } } else { $strlisturl = $p_pagebatchurl; $p_pagebatchurl = replaceStr($p_pagebatchurl, "{ID}", $p_pagebatchid1); $linkcode = getPage($p_pagebatchurl, $p_coding); } if ($p_titletype == 1) { switch ($titlearrcode) { case False: $titlecode = "获取失败"; break; default: $titlearr = explode("{Array}", $titlearrcode); $titlecode = $titlearr[0]; break; } } else { $titlecode = getBody($linkcode, $p_titlestart, $p_titleend); } if ($p_authortype == 1) { switch ($titlearrcode) { case False: $starringcode = "获取失败"; break; default: $starringarr = explode("{Array}", $starringarrcode); $starringcode = $starringarr[0]; break; } } else { $starringcode = getBody($linkcode, $p_authorstart, $p_authorend); } $timecode = getBody($linkcode, $p_timestart, $p_timeend); $timecode = replaceStr($timecode, "False", now); $contentcode = getBody($linkcode, $p_contentstart, $p_contentend); var_dump($contentcode); $contentcode = replaceStr($contentcode, "False", "未知"); $contentcode = replaceFilters($contentcode, $p_id, 2, 1); if ($p_classtype == 1) { $typecode = getBody($linkcode, $p_typestart, $p_typeend); } else { $typecode = $p_collect_type; $typearr = getValueByArray($cache[1], "t_id", $typecode); $typecode = $typearr["t_name"]; } $titlecode = filterScript($titlecode, $p_script); $titlecode = replaceFilters($titlecode, $p_id, 1, 1); $starringcode = filterScript($starringcode, $p_script); $timecode = filterScript($timecode, $p_script); $typecode = filterScript($typecode, $p_script); ?> <table class="tb"> <tr> <td colspan="2" align="center">保存规则并采集测试结果</td> </tr> <tr> <td width="15%">标题:</td><td> <input type="text" size="50" name="d_name" value="<?php echo $titlecode; ?> " /> </td> </tr> <tr> <td>作者:</td><td> <input type="text" size="50" name="d_author" value="<?php echo $starringcode; ?> " /> </td> </tr> <tr> <td>日期:</td><td> <input type="text" size="50" name="d_time" value="<?php echo $timecode; ?> " /> </td> </tr> <tr> <td>栏目:</td><td> <input type="text" size="50" name="d_typename" value="<?php echo $typecode; ?> " /> </td> </tr> <tr> <td>内容:</td> <td> <div style="height:300px;overflow:hidden;overflow-y:auto;"><?php echo $contentcode; ?> </div></td> </tr> <tr> <td colspan="2"><input type="button" onClick="window.location.href='javascript:history.go(-1)'" value="返回规则"> <input type="button" onClick="window.location.href='?action=main'" value="返回列表"></td> </tr> </table> <?php } }
alert("您已经是该会员组成员无需升级!"); } if ($curgroup["ug_popvalue"] >= $newgroup["ug_popvalue"]) { alert("您现在所属会员组的权限制大于等于目标会员组权限值,不需要升级!"); return; } if ($user['u_points'] < $newgroup["ug_upgrade"]) { alert("您的积分不够,无法升级到该会员组!"); return; } $sql = "UPDATE {pre}user set u_points=u_points-" . $newgroup["ug_upgrade"] . ",u_group=" . $u_group . " WHERE u_id=" . $user["u_id"]; unset($curgroup); unset($newgroup); } $db->query($sql); alertUrl("会员权限升级成功,请重新登陆!", "?m=user-upgrade.html"); } elseif ($method == 'del') { chkLogin(); $flag = $tpl->P['flag']; $clear = $tpl->P['clear']; if ($flag == "plays") { } elseif ($flag == "downs") { } elseif ($flag == "fav") { } else { echo "参数错误"; return; } if (!empty($clear)) { $db->Update("{pre}user", array("u_" . $flag), array(""), "u_id=" . $user["u_id"]); } else { $ids = be("arr", "d_id");
function syncartpic() { global $db; $ids = be("get", "ids"); $sql = "SELECT count(a_id) FROM {pre}art WHERE a_content LIKE '%src=\"http://%' "; if (!isN($ids)) { $where = " and a_id not in (" . $ids . ") "; } else { $ids = "0"; } $nums = $db->getOne($sql . $where); if ($nums > 0) { $page = be("get", "page"); if (isN($page)) { $page = 1; } else { $page = intval($page); } $sql = "SELECT a_id,a_content FROM {pre}art WHERE a_content LIKE '%src=\"http://%' " . $where; $pagecount = ceil($nums / 20); $sql .= " limit " . ($pagecount - 1) . ",20"; $rs = $db->query($sql); echo "<font color=red>共" . $nums . "条数据需要同步下载,每次同步20个数据,正在开始同步第" . $pagecount . "页数据的的图片</font><br>"; $num = 0; while ($row = $db->fetch_array($rs)) { $a_content = $row["a_content"]; $status = false; $rule = buildregx("<img[^>]*src\\s*=\\s*['" . chr(34) . "]?([\\w/\\-\\:.]*)['" . chr(34) . "]?[^>]*>", "is"); preg_match_all($rule, $a_content, $matches); $matchfieldarr = $matches[1]; $matchfieldstrarr = $matches[0]; $matchfieldvalue = ""; foreach ($matchfieldarr as $f => $matchfieldstr) { $matchfieldvalue = $matchfieldstrarr[$f]; $a_pic = trim(preg_replace("/[ \r\n\t\f]{1,}/", " ", $matchfieldstr)); $picname = time() . $num; if (strpos($a_pic, ".jpg") || strpos($a_pic, ".bmp") || strpos($a_pic, ".png") || strpos($a_pic, ".gif")) { $extName = substring($a_pic, 4, strlen($a_pic) - 4); } else { $extName = ".jpg"; } $picpath = "../upload/art" . "/" . getSavePicPath() . "/"; $picpath = replaceStr($picpath, "///", "/"); $picpath = replaceStr($picpath, "//", "/"); if (!is_dir($picpath)) { mkdir($picpath); } $picfile = $picname . $extName; $status = savepic($a_pic, $picpath, $picfile); if ($status) { $a_content = replaceStr($a_content, $a_pic, replaceStr($picpath . $picfile, "../", app_installdir)); } else { $a_content = replaceStr($a_content, $a_pic, ""); } } $num++; $db->query("UPDATE {pre}art set a_content='" . $a_content . "' where a_id='" . $row["a_id"] . "'"); } echo "<br><font color=red>暂停5秒后继续同步图片</font><br><script>setTimeout(\"updatenext();\",5000);function updatenext(){location.href='admin_pic.php?action=syncartpic&page=" . ($page + 1) . "&ids=" . $ids . "';}</script>"; } else { if ($ids != "0") { $des = "以下文章ID:" . substring($ids, strlen($ids) - 1, 2) . "的图片同步失败,请检查图片链接是否失效"; } else { $des = "恭喜,所有外部图片已经成功同步到本地!"; } alertUrl("{$des}", "admin_art.php"); } unset($rs); }