if (!$db->delete($remove_product)) { $transaction = false; } if ($transaction) { $links = array(array('link' => 'virtual_product.php', 'alt' => '虚拟产品列表'), array('link' => 'virtual_product.php?act=cycle', 'alt' => '回收站'), array('link' => 'virtual_product.php?act=add', 'alt' => '添加虚拟产品')); $db->commit(); show_system_message('产品' . $product['product_sn'] . '已被彻底删除', $links); exit; } else { $db->rollback(); show_system_message('系统繁忙,请稍后重试', array()); exit; } } if ('inventory' == $act) { if (!check_purview('pur_virtual_product_edit', $_SESSION['business_purview'])) { show_system_message('权限不足', array()); exit; } $product_sn = trim(getGET('sn')); if ('' == $product_sn) { show_system_message('参数错误', array()); exit; } $product_sn = $db->escape($product_sn); $get_product = 'select a.* from ' . $db->table('product') . ' as a'; $get_product .= ' where business_account = \'' . $_SESSION['business_account'] . '\''; $get_product .= ' and is_virtual = 1'; //实体产品 $get_product .= ' and a.product_sn = \'' . $product_sn . '\' and status <> 2 limit 1'; $product = $db->fetchRow($get_product);
$ad_list[$key]['pos_name'] = $adpos_json[$ad['ad_pos_id']]['name']; } } assign('ad_list', $ad_list); } if ('edit' == $act) { if (!check_purview('pur_ad_edit', $_SESSION['purview'])) { show_system_message('权限不足'); exit; } $id = intval(getGET('id')); $get_ad = 'select * from ' . $db->table('ad') . ' where `id`=' . $id . ' and business_account = \'\''; assign('ad', $db->fetchRow($get_ad)); } if ('delete' == $act) { if (!check_purview('pur_ad_del', $_SESSION['purview'])) { show_system_message('权限不足'); exit; } $id = intval(getGET('id')); if ($id <= 0) { show_system_message('请求失败'); exit; } $get_img = 'select `img` from ' . $db->table('ad') . ' where `id`=' . $id . ' and business_account = \'\''; $img = $db->fetchOne($get_img); if ($db->autoDelete('ad', '`id`=' . $id)) { show_system_message('删除广告成功'); exit; } else { show_system_message('系统繁忙,请稍后再试');
$page = intval($page); $count = intval($count); if (!in_array($count, $count_expected)) { $count = 10; } $total_page = ceil($total / $count); $page = $page > $total_page ? $total_page : $page; $page = $page <= 0 ? 1 : $page; $offset = ($page - 1) * $count; create_pager($page, $total_page, $total); assign('count', $count); assign('account', $account); assign('begin_time', $begin_time > 0 ? date('Y-m-d', $begin_time) : ''); assign('end_time', $end_time > 0 ? date('Y-m-d', $end_time) : ''); assign('recharge_sn', $recharge_sn); assign('status', $status); $get_recharge_list = 'select * from ' . $db->table('recharge') . $where . ' order by `recharge_sn` DESC limit ' . $offset . ',' . $count; $recharge_list = $db->fetchAll($get_recharge_list); if ($recharge_list) { foreach ($recharge_list as $k => $r) { if (check_purview('pur_recharge_edit', $_SESSION['purview']) && $r['status'] == 1) { $recharge_list[$k]['operation'] = '<a href="recharge.php?act=edit&sn=' . $r['recharge_sn'] . '">处理</a>'; } else { $recharge_list[$k]['operation'] = ''; } } } assign('recharge_list', $recharge_list); } assign('act', $act); $smarty->display($template . 'recharge.phtml');
show_system_message('当前导航条还有子栏目,请先删除子栏目', array()); exit; } else { $deleteNav = 'delete from `' . DB_PREFIX . 'nav` where `id`=' . $id . ' limit 1'; if ($db->delete($deleteNav)) { show_system_message('删除成功', array()); exit; } else { show_system_message('删除导航条失败,请稍后再试', array()); exit; } } } //导航列表 if ('view' == $act) { if (!check_purview('pur_nav_view', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $getNavs = 'select * from `' . DB_PREFIX . 'nav`'; $getNavs .= ' order by `position` desc, `order_view` asc'; $navs = $db->fetchAll($getNavs); //初始化入栈标志 if ($navs) { foreach ($navs as $k => $v) { $navs[$k]['in'] = false; } } $stack = array(); $result = array(); if ($navs) {
* @version 1.0.0 */ include 'library/init.inc.php'; back_base_init(); $template = 'virtual_order/'; assign('subTitle', '消费券管理'); $action = 'view'; $operation = ''; $act = check_action($action, getGET('act')); $act = $act == '' ? 'view' : $act; $opera = check_action($operation, getPOST('opera')); $status_str = array(0 => '有效', 1 => '已使用', 2 => '已过期', 3 => '失效'); //=========================================================================== //=========================================================================== if ('view' == $act) { if (!check_purview('pur_virtual_order_view', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $status = intval(getGET('status')); if ($status == 0) { assign('status', 0); assign('order_status', ''); $and_where = ''; } else { switch ($status) { case 1: $and_where .= ' and a.status = 0'; break; case 2: $and_where .= ' and a.status = 1';
$get_exchange_list .= ' limit ' . $offset . ',' . $count; $exchange_list = $db->fetchAll($get_exchange_list); // echo $get_exchange_list;exit; if ($exchange_list) { foreach ($exchange_list as $key => $value) { $exchange_list[$key]['add_time_str'] = date('Y-m-d H:i:s', $value['add_time']); } } assign('exchange_list', $exchange_list); assign('count', $count); assign('st', $st); assign('et', $et); create_pager($page, $total_page, $total); } if ('detail' == $act) { if (!check_purview('pur_account_view', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $account = trim(getGET('account')); if ('' == $account) { show_system_message('参数错误', array()); exit; } assign('account', $account); $account = $db->escape($account); $where = ''; $type = intval(getGET('type')); if ($type == 0) { $table = 'member_exchange_log'; $exists_table = 'member';
$content = $db->fetchRow($get_content); if ($content) { show_system_message('当前帖子下有回复,不能删除', array()); exit; } $delete_section = 'delete from `' . DB_PREFIX . 'forum` where `id`=' . $id . ' limit 1'; if ($db->delete($delete_section)) { show_system_message('删除帖子成功', array()); exit; } else { show_system_message('系统繁忙,请稍后再试', array()); exit; } } if ('top' == $act) { if (!check_purview('pur_forum_edit', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $id = getGET('id'); $id = intval($id); $delete_section = 'update `' . DB_PREFIX . 'forum` set `is_top`=abs(1-`is_top`) where `id`=' . $id . ' limit 1'; if ($db->update($delete_section)) { show_system_message('修改帖子成功', array()); exit; } else { show_system_message('系统繁忙,请稍后再试', array()); exit; } } $template .= $act . '.phtml';
} break; default: } } if ('view' == $act) { if (!check_purview('pur_sysconf_view', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $getSysconf = 'select `key`,`name`,`type`,`value`, `remark`, `group` from `' . DB_PREFIX . 'sysconf` where `group`=\'config\' order by `group` asc'; $sysconf = $db->fetchAll($getSysconf); assign('sysconf', $sysconf); } if ('edit' == $act) { if (!check_purview('pur_sysconf_edit', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $key = getGET('key'); if ('' == $key) { show_system_message('参数错误', array()); } else { $getSysconf = 'select `key`,`name`,`type`,`value` from `' . DB_PREFIX . 'sysconf`'; $getSysconf .= ' where `key`=\'' . $key . '\''; assign('conf', $db->fetchRow($getSysconf)); } } assign('act', $act); $template .= $act . '.phtml'; $smarty->display($template);
if (!in_array($count, $count_expected)) { $count = 10; } $total_page = ceil($total / $count); $page = $page > $total_page ? $total_page : $page; $page = $page <= 0 ? 1 : $page; $offset = ($page - 1) * $count; create_pager($page, $total_page, $total); assign('count', $count); assign('account', $account); $get_member = 'select * from ' . $db->table('member') . $where . ' order by `add_time` DESC limit ' . $offset . ',' . $count; $member_list = $db->fetchAll($get_member); if ($member_list) { foreach ($member_list as $k => $member) { $tmp = ''; if (check_purview('pur_member_edit', $_SESSION['purview'])) { $member_list[$k]['operation'] = '<a href="member.php?act=edit&account=' . $member['account'] . '">编辑</a>'; $member_list[$k]['operation'] .= ' | <a href="javascript:reset_password(\'' . $member['account'] . '\');">重置密码</a>'; if ($member['status'] == 2) { $member_list[$k]['operation'] .= ' | <a href="javascript:lock(\'' . $member['account'] . '\');">锁定用户</a>'; } else { $member_list[$k]['operation'] .= ' | <a href="javascript:unlock(\'' . $member['account'] . '\');">解锁用户</a>'; } if ($member['status'] == 4) { $member_list[$k]['operation'] .= ' | <a href="javascript:release(\'' . $member['account'] . '\');">解冻用户</a>'; } else { $member_list[$k]['operation'] .= ' | <a href="javascript:frozen(\'' . $member['account'] . '\');">冻结用户</a>'; } if ($member['view_network'] == 0) { $member_list[$k]['operation'] .= ' | <a href="javascript:open_network(\'' . $member['account'] . '\');">开启网络</a>'; } else {
} $update_withdraw = 'update ' . $db->table($table) . ' set status = 1, solve_time = ' . time() . ' where withdraw_sn = \'' . $sn . '\' limit 1'; if ($db->update($update_withdraw)) { $data = array('add_time' => time(), 'operator' => $_SESSION['account'], 'withdraw_sn' => $sn, 'status' => 1, 'remark' => '金额到帐'); $db->autoInsert($table . '_log', array($data)); //添加账户明细记录 add_memeber_exchange_log($withdraw['account'], 0, -1 * ($withdraw['amount'] + $withdraw['fee']), 0, 0, 0, $_SESSION['account'], '提现到帐'); show_system_message('操作成功', array()); exit; } else { show_system_message('系统繁忙,请稍后重试', array()); exit; } } if ('log' == $act) { if (!check_purview('pur_withdraw_log', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $type = intval(getGET('type')); if ($type == 0) { $table = 'withdraw_log'; } else { $table = 'business_withdraw_log'; } assign('type', $type); $st = trim(getGET('st')); $et = trim(getGET('et')); $start_time = strtotime($st); $end_time = strtotime($et); $and_where = '';
* 网站地址: http://www.beescms.com * 您只能在不用于商业目的的前提下对程序代码进行修改和使用; * 不允许对程序代码以任何形式任何目的的再发布。 * ============================================================================ */ define('IN_CMS', 'true'); include 'init.php'; $action = isset($_REQUEST['action']) ? fl_html(fl_value($_REQUEST['action'])) : 'sys'; //系统设置页 if ($action == 'sys') { if (file_exists(DATA_PATH . 'sys_info.php')) { include DATA_PATH . 'sys_info.php'; } include 'template/admin_sys.html'; } elseif ($action == 'add_sys') { if (!check_purview('sys_info')) { msg('<span style="color:red">操作失败,你的权限不足!</span>'); } if (!isset($_POST['submit'])) { msg('<span style="color:red">请从表单提交</span>'); } unset($_POST['action'], $_POST['submit']); foreach ($_POST as $k => $v) { $info[$k] = $v; } $sql = "update " . DB_PRE . "cmsinfo set info_array='" . addslashes(var_export($info, 'true')) . "' where id=1 and info_tag='sys'"; $GLOBALS['mysql']->query($sql); $file = DATA_PATH . 'sys_info.php'; $str = "<?php\n\$_sys=" . var_export($info, true) . ";\n?>"; creat_inc($file, $str); msg('系统信息配置成功', '?' . $nav_query);
$update_order .= ' where business_account = \'' . $_SESSION['business_account'] . '\''; $update_order .= ' and order_sn = \'' . $order_sn . '\' limit 1'; if ($db->update($update_order)) { $log_data = array('order_sn' => $order_sn, 'operator' => $_SESSION['business_admin'], 'status' => 4, 'add_time' => time(), 'remark' => '确认已付款'); $db->autoInsert('order_log', array($log_data)); $links = array(array('alt' => '待发货订单列表', 'link' => 'order.php?status=4')); show_system_message('确认客户已付款', $links); exit; } else { show_system_message('系统繁忙,请稍后重试', array()); exit; } } //预览 if ('preview' == $act) { if (!check_purview('pur_order_view', $_SESSION['business_purview'])) { echo '权限不足'; exit; } $status_str = array(1 => '待支付', 2 => '支付中', 3 => '支付完成', 4 => '待发货', 5 => '配货中', 6 => '已发货', 7 => '已收货', 8 => '申请退单', 9 => '退单中', 10 => '已退单', 11 => '无效订单', 12 => '已完成'); $order_sn = trim(getGET('sn')); if ('' == $order_sn) { show_system_message('参数错误', array()); exit; } $order_sn = $db->escape($order_sn); $get_order = 'select a.*, p.province_name, city.city_name, d.district_name, g.group_name, e.name as express_name from ' . $db->table('order') . ' as a'; $get_order .= ' left join ' . $db->table('province') . ' as p on a.province = p.id'; $get_order .= ' left join ' . $db->table('city') . ' as city on a.city = city.id'; $get_order .= ' left join ' . $db->table('district') . ' as d on a.district = d.id'; $get_order .= ' left join ' . $db->table('group') . ' as g on a.group = g.id';
function get_exceldown($keys) { if (!is_superadmin() && !check_purview($keys)) { } else { return '<a href="javascript:document:excel.submit();" seed="CR-download-top" id="J-download"><img class="v-al-middle" src="template/default/images/2EC5tZlqdV.gif" />下载查询结果</a>'; } }
exit; } } if ('withdraw' == $act) { if (!check_purview('pur_finance_withdraw', $_SESSION['business_purview'])) { show_system_message('权限不足', array()); exit; } $get_business = 'select `balance`, `trade` from ' . $db->table('business'); $get_business .= ' where business_account = \'' . $_SESSION['business_account'] . '\''; $get_business .= ' limit 1'; $business = $db->fetchRow($get_business); assign('business', $business); } if ('record' == $act) { if (!check_purview('pur_finance_withdraw', $_SESSION['business_purview'])) { show_system_message('权限不足', array()); exit; } $get_business = 'select * from ' . $db->table('business'); $get_business .= ' where business_account = \'' . $_SESSION['business_account'] . '\' limit 1'; $business = $db->fetchRow($get_business); assign('business', $business); $page = intval(getGET('page')); $count = intval(getGET('count')); $getTotal = 'select count(*) from ' . $db->table('business_withdraw'); $getTotal .= ' where account = \'' . $_SESSION['business_account'] . '\''; $total = $db->fetchOne($getTotal); $count = intval(getGET('count')); $count = $count <= 0 ? 10 : $count; $total_page = ceil($total / $count);
die($str); } elseif ($action == 'check_table') { if (check_str($value, '/[^0-9a-z_]+/') || empty($value)) { die("<span class='err'>只能使用小写字母或数字</span>"); exit; } $sql = "show tables"; $tables = $GLOBALS['mysql']->show_tables(); $table = DB_PRE . $value; if (in_array($table, $tables)) { $num = 1; } $str = empty($num) ? "<span class='ld_ok'>{$value}可以使用</span>" : "<span class='err'>{$value}已经存在,请更换</span>"; die($str); } elseif ($action == 'is_show') { if (!check_purview('pannel_edit') || !check_purview('form_edit')) { return false; } $id = intval($_REQUEST['id']); $table = $_REQUEST['table']; $field = $_REQUEST['field']; $order = $_REQUEST['order']; $value = empty($value) ? 1 : 0; $sql = "update " . DB_PRE . "{$table} set {$field}=" . intval($value) . " where id={$id}"; $GLOBALS['mysql']->query($sql); //更新缓存 if ($table == "channel") { $sql = "select*from " . DB_PRE . "{$table} order by {$order} desc"; $rel = $GLOBALS['mysql']->fetch_asc($sql); $cache_file = DATA_PATH . 'cache_channel/cache_channel_all.php'; $str = "<?php\n\$channel=" . var_export($rel, true) . ";\n?>";
} $id = intval(getGET('id')); if (0 >= $id) { show_system_message('参数错误', array()); exit; } $get_industry = 'select * from ' . $db->table('industry') . ' where id = \'' . $id . '\' limit 1'; $industry = $db->fetchRow($get_industry); if (empty($industry)) { show_system_message('行业不存在', array()); exit; } assign('industry', $industry); } if ('delete' == $act) { if (!check_purview('pur_industry_del', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $id = intval(getGET('id')); if (0 >= $id) { show_system_message('参数错误', array()); exit; } $get_industry = 'select * from ' . $db->table('industry') . ' where id = \'' . $id . '\' limit 1'; $industry = $db->fetchRow($get_industry); if (empty($industry)) { show_system_message('行业不存在', array()); exit; } $get_business = 'select * from ' . $db->table('business') . ' where industry_id = ' . $id;
show_system_message('参数错误', array()); exit; } $business_account = $db->escape($business_account); $get_business = 'select * from ' . $db->table('business'); $get_business .= ' where business_account = \'' . $business_account . '\' and status = 1 limit 1'; $business = $db->fetchRow($get_business); if (empty($business)) { show_system_message('商户不存在', array()); exit; } assign('business_account', $business_account); } //认证信息驳回 if ('auth_reject' == $act) { if (!check_purview('pur_business_exam', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $business_account = trim(getGET('account')); if ('' == $business_account) { show_system_message('参数错误', array()); exit; } $business_account = $db->escape($business_account); $get_business = 'select * from ' . $db->table('business'); $get_business .= ' where business_account = \'' . $business_account . '\' and status = 2 limit 1'; $business = $db->fetchRow($get_business); if (empty($business)) { show_system_message('商户不存在', array()); exit;
define('IN_CMS', 'true'); include 'init.php'; $action = isset($_REQUEST['action']) ? fl_html(fl_value($_REQUEST['action'])) : 'index'; $lang = isset($_REQUEST['lang']) ? fl_html(fl_value($_REQUEST['lang'])) : ''; //首页配置界面 if ($action == 'index') { if (file_exists(DATA_PATH . 'index_info.php')) { include DATA_PATH . 'index_info.php'; } $index_info = isset($_index) ? $_index : array('flash_is' => 0); if (file_exists(DATA_PATH . 'cache/lang_cache.php')) { include DATA_PATH . 'cache/lang_cache.php'; } include 'template/admin_index_info.html'; } elseif ($action == 'save_index') { if (!check_purview('index_info')) { msg('<span style="color:red">操作失败,你的权限不足!</span>'); } if (!isset($_POST['submit'])) { msg('<span style="color:red">请从表单提交</span>'); } unset($_POST['action'], $_POST['submit']); $info = array(); foreach ($_POST as $k => $v) { $info[$k] = $v; } //是否存在 if ($GLOBALS['mysql']->fetch_rows("select id from " . DB_PRE . "cmsinfo where info_tag='index_info'")) { $sql = "update " . DB_PRE . "cmsinfo set info_array='" . addslashes(var_export($info, 'true')) . "' where info_tag='index_info'"; } else { $sql = "insert into " . DB_PRE . "cmsinfo (info_tag,info_array,info_name) values ('index_info','" . addslashes(var_export($info, true)) . "','首页配置')";
//删除文件 @unlink($file); //删除数据 $mysql->query("delete from " . DB_PRE . "upfiles where id=" . $id); msg('文件删除成功!', '?'); } elseif ($action == 'edit_file') { if (!check_purview('file_manage')) { msg('<span style="color:red">操作失败,你的权限不足!</span>'); } $id = intval($_GET['id']); if (empty($id)) { msg('参数发生错误,请重新操作'); } $sql = "select * from " . DB_PRE . "upfiles where id=" . $id; $rel = $mysql->fetch_asc($sql); include 'template/admin_file_edit.html'; } elseif ($action == 'save_edit') { if (!check_purview('file_manage')) { msg('<span style="color:red">操作失败,你的权限不足!</span>'); } $id = intval($_POST['id']); if (empty($id)) { msg('参数发生错误,请重新操作'); } $file_info = $_POST['file_info']; $hits = empty($_POST['hits']) ? 0 : intval($_POST['hits']); //更新图片信息 $sql = "update " . DB_PRE . "upfiles set file_info='" . $file_info . "',hits=" . $hits . " where id=" . $id; $mysql->query($sql); msg('文件更新成功!', '?'); }
$id = intval($id); if (0 >= $id) { show_system_message('参数错误', array()); exit; } $get_section = 'select * from `' . DB_PREFIX . 'forum_comment` where `id`=' . $id . ' limit 1'; $section = $db->fetchRow($get_section); if (empty($section)) { show_system_message('评论不存在', array()); exit; } assign('section', $section); } //删除评论 if ('delete' == $act) { if (!check_purview('pur_forum_comment_del', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $id = getGET('id'); $id = intval($id); if (0 >= $id) { show_system_message('参数错误', array()); exit; } $delete_section = 'delete from `' . DB_PREFIX . 'forum_comment` where `id`=' . $id . ' limit 1'; if ($db->delete($delete_section)) { show_system_message('删除评论成功', array()); exit; } else { show_system_message('系统繁忙,请稍后再试', array());
include 'init.php'; $action = isset($_REQUEST['action']) ? fl_html(fl_value($_REQUEST['action'])) : 'info'; $lang = isset($_REQUEST['lang']) ? fl_html(fl_value($_REQUEST['lang'])) : get_lang_main(); //网站配置 if ($action == 'info') { if (file_exists(DATA_PATH . $lang . '_info.php')) { include DATA_PATH . $lang . '_info.php'; } if (!empty($_confing)) { foreach ($_confing as $k => $v) { $_confing[$k] = stripslashes($v); } } include 'template/admin_info.html'; } elseif ($action == 'add_inc') { if (!check_purview('web_info')) { msg('<span style="color:red">操作失败,你的权限不足!</span>'); } if (empty($lang)) { msg('<span style="color:red">参数传递错误,请重新操作</span>'); } if (file_exists(DATA_PATH . $lang . '_info.php')) { include DATA_PATH . $lang . '_info.php'; } unset($_POST['action'], $_POST['submit'], $_POST['lang']); foreach ($_POST as $k => $v) { //if(in_array($k,array('web_powerby','web_beian','web_yinxiao'))){$v=htmlspecialchars($v);} if (is_array($v)) { $info[$k] = $v[0]; } else { $info[$k] = $v;
$count_expected = array(10, 25, 50, 100); $page = intval($page); $count = intval($count); if (!in_array($count, $count_expected)) { $count = 10; } $total_page = ceil($total / $count); $page = $page > $total_page ? $total_page : $page; $page = $page <= 0 ? 1 : $page; $offset = ($page - 1) * $count; create_pager($page, $total_page, $total); assign('count', $count); assign('account', $account); assign('order_sn', $order_sn); assign('status', $status); $get_order_list = 'select * from ' . $db->table('order') . $where . ' order by `order_sn` DESC limit ' . $offset . ',' . $count; $order_list = $db->fetchAll($get_order_list); if ($order_list) { foreach ($order_list as $k => $r) { if (check_purview('pur_order_edit', $_SESSION['purview']) && $r['status'] == 3) { $order_list[$k]['operation'] = '<a href="order.php?act=edit&sn=' . $r['order_sn'] . '">发货</a> | '; } else { $order_list[$k]['operation'] = ''; } $order_list[$k]['operation'] .= '<a href="order.php?act=detail&sn=' . $r['order_sn'] . '">查看</a>'; } } assign('order_list', $order_list); } assign('act', $act); $smarty->display($template . 'order.phtml');
$member = $db->fetchRow($get_member); if (empty($member)) { show_system_message('会员不存在', array()); exit; } $delete_member = 'update ' . $db->table('member') . ' set status = 1 where account = \'' . $account . '\' limit 1'; if ($db->update($delete_member)) { show_system_message('会员' . $account . '已撤销拉黑', array()); exit; } else { show_system_message('系统繁忙,请稍后重试', array()); exit; } } if ('network' == $act) { if (!check_purview('pur_member_network', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $account = trim(getGET('account')); if ('' == $account) { show_system_message('参数错误', array()); exit; } $account = $db->escape($account); $get_member = 'select * from ' . $db->table('member') . ' where account = \'' . $account . '\' limit 1'; $member = $db->fetchRow($get_member); if (empty($member)) { show_system_message('会员不存在', array()); exit; }
if (empty($link_name)) { msg("<span style=\"color:red\">【网站名称】不能为空</span>"); } $link_order = empty($link_order) ? 1 : $link_order; $link_info = empty($link_info) ? '' : cn_substr($link_info, 255); if (strlen($link_url) > 60) { msg('<span style=\\"color:red\\">网站网址太长,请缩短</span>'); } if (strlen($link_name) > 60) { msg('<span style=\\"color:red\\">网站名称太长,请缩短</span>'); } if (strlen($link_order) > 60) { msg('<span style=\\"color:red\\">排列顺序字数太长,请缩短</span>'); } if (strlen($link_mail) > 60) { msg('<span style=\\"color:red\\">站长Email太长,请缩短</span>'); } $sql = "update " . DB_PRE . "link set link_url='{$link_url}',link_name='{$link_name}',link_logo='{$link_logo}',link_order={$link_order},link_info='{$link_info}',link_mail='{$link_mail}',link_type={$link_type} where id={$id} and lang='{$lang}'"; $GLOBALS['mysql']->query($sql); msg("【{$link_name}】网站链接修改成功", '?action=link_list'); } elseif ($action == 'del') { if (!check_purview('link_del')) { msg('<span style="color:red">操作失败,你的权限不足!</span>'); } $id = intval($_GET['id']); if (empty($id) || empty($lang)) { msg("<span style=\"color:red\">参数发生错误,请重新操作</span>"); } $GLOBALS['mysql']->query("delete from " . DB_PRE . "link where id={$id} and lang='{$lang}'"); msg("成功删除链接", '?'); }
$total_page = ceil($total / $count); $page = $page > $total_page ? $total : $page; $page = $page <= 0 ? 1 : $page; $offset = ($page - 1) * $count; $get_content_list = 'select a.*, p.img from ' . $db->table('order_content') . ' as a'; $get_content_list .= ' left join ' . $db->table('product') . ' as p on a.product_sn = p.product_sn'; $get_content_list .= ' where a.business_account = \'' . $_SESSION['business_account'] . '\''; $get_content_list .= $and_where; $get_content_list .= ' order by id desc'; $get_content_list .= ' limit ' . $offset . ',' . $count; $content_list = $db->fetchAll($get_content_list); // echo $get_content_list;exit; if ($content_list) { foreach ($content_list as $key => $content) { $content_list[$key]['status_str'] = $status_str[$content['status']]; $content_list[$key]['begin_time_str'] = $content['begin_time'] ? date('Y-m-d H:i:s', $content['begin_time']) : ''; $content_list[$key]['end_time_str'] = $content['end_time'] ? date('Y-m-d H:i:s', $content['end_time']) : ''; } } assign('content_list', $content_list); create_pager($page, $total_page, $total); assign('count', $count); } if ('consume' == $act) { if (!check_purview('pur_virtual_order_edit', $_SESSION['business_purview'])) { show_system_message('权限不足', array()); exit; } } $template .= $act . '.phtml'; $smarty->display($template);
fclose($fp); msg('【' . $file . '】模板修改完成', '?'); } elseif ($action == 'mb_list') { if (!check_purview('tpl_manage')) { msg('<span style="color:red">操作失败,你的权限不足!</span>'); } $path = empty($path) ? 'template' . '/' : $path; if (!($file_hand = @opendir(CMS_PATH . $path))) { err("模板目录打开失败,请检查【{$lang}】语言模板目录【{$_confing['web_template']}】"); } if (file_exists(DATA_PATH . $lang . '_info.php')) { include DATA_PATH . $lang . '_info.php'; } include 'template/admin_mb_list.html'; } elseif ($action == 'ajax_mb') { if (!check_purview('tpl_manage')) { msg('<span style="color:red">操作失败,你的权限不足!</span>'); } $mb_dir = $_POST['mb_dir']; echo $lang; if (file_exists(DATA_PATH . $lang . '_info.php')) { include DATA_PATH . $lang . '_info.php'; } //更换模板清除现有配置 if ($mb_dir != $_confing['web_template']) { //清除缓存编译文件 $GLOBALS['tpl']->del_cache(); } $_confing['web_template'] = $mb_dir; if ($GLOBALS['mysql']->fetch_rows("select id from " . DB_PRE . "cmsinfo where lang_tag='" . $lang . "' and info_tag='info'")) { $sql = "update " . DB_PRE . "cmsinfo set info_array='" . addslashes(var_export($_confing, 'true')) . "' where lang_tag='" . $lang . "' and info_tag='info'";
$type = "text"; } $sql = "select*from " . DB_PRE . "{$table} limit 1"; $check_field_arr = $GLOBALS['mysql']->fetch_field($sql); if (in_array($v['field_name'], $check_field_arr)) { continue; } $GLOBALS['mysql']->add_field($table, $v['field_name'] . " " . $type); $sql = "insert into " . DB_PRE . "auto_fields (field_name,use_name,field_type,field_value,field_length,channel_id,field_info,is_disable,is_del,field_order) values ('" . $v['field_name'] . "','" . $v['use_name'] . "','" . $v['field_type'] . "','" . $v['field_value'] . "'," . $v['field_length'] . "," . $channel_id . ",'" . $v['field_info'] . "'," . $v['is_disable'] . "," . $v['is_del'] . ",'" . $v['field_order'] . "')"; $GLOBALS['mysql']->query($sql); } } $GLOBALS['cache']->cache_fields(); msg('导入完成,可以删除文件!', '?action=channel'); } elseif ($action == 'del_field') { if (!check_purview('field_del')) { msg('<span style="color:red">操作失败,你的权限不足!</span>'); } $id = intval($_GET['id']); $channel_id = intval($_GET['channel_id']); if (!isset($id) || empty($id) || !isset($channel_id) || empty($channel_id)) { msg('<span style="color:red">参数传递错误,请重新操作</span>', 'admin_channel.php'); } if (file_exists(DATA_PATH . "cache_channel/cache_channel_all.php")) { include DATA_PATH . "cache_channel/cache_channel_all.php"; } if (!empty($channel)) { foreach ($channel as $key => $value) { if ($value['id'] == $channel_id) { $table = $value['channel_table']; }
exit; } else { show_system_message('系统繁忙,请稍后重试', array()); exit; } } //========================================================================= //编辑个人信息 if ('info' == $act) { if (!check_purview('pur_info_edit', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $get_admin = 'select `email`,`name`,`sex` from ' . $db->table('admin') . ' where account = \'' . $_SESSION['account'] . '\' limit 1'; $admin = $db->fetchRow($get_admin); if (empty($admin)) { $links = array(array('link' => 'index.php?act=logout', 'alt' => '注销')); show_system_message('当前登陆用户异常,强制注销', $links); exit; } assign('admin', $admin); } //修改密码 if ('passwd' == $act) { if (!check_purview('pur_passwd_edit', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } } $template .= $act . '.phtml'; $smarty->display($template);
exit; } $id = intval($id); $revoke_content = 'update `' . DB_PREFIX . 'content` set `status`=1 where `id`=' . $id . ' limit 1'; if ($db->update($revoke_content)) { $links = array(array('alt' => '返回列表', 'link' => 'content.php'), array('alt' => '回收站', 'link' => 'content.php?act=cycle')); show_system_message('已撤销删除', $links); exit; } else { show_system_message('系统繁忙,请稍后再试', array()); exit; } } //完全删除 if ('remove' == $act) { if (!check_purview('pur_content_del', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $id = intval(getGET('id')); if (0 >= $id) { show_system_message('参数错误', array()); exit; } $id = intval($id); $delete_content = 'delete from `' . DB_PREFIX . 'content` where `id`=' . $id . ' limit 1'; if ($db->delete($delete_content)) { $links = array(array('alt' => '返回列表', 'link' => 'content.php'), array('alt' => '回收站', 'link' => 'content.php?act=cycle')); show_system_message('已彻底删除', $links); exit; } else {
foreach ($category_list as $key => $category) { $count = count(explode(',', $category['path'])); if ($count > 1) { $temp = '|--' . $category['name']; while ($count--) { $temp = ' ' . $temp; } $category['name'] = $temp; $category_list[$key] = $category; } } } assign('category_list', $category_list); } if ('delete' == $act) { if (!check_purview('pur_category_del', $_SESSION['purview'])) { show_system_message('权限不足', array()); exit; } $id = intval(getGET('id')); if (0 >= $id) { show_system_message('参数错误', array()); } $get_category = 'select * from ' . $db->table('category') . ' where id = \'' . $id . '\' limit 1'; $category = $db->fetchRow($get_category); if (empty($category)) { show_system_message('主营分类不存在', array()); exit; } if ($category['business_account'] != '') { show_system_message('主营分类不存在', array());