/** * 站内信添加 * */ public function add() { if (IS_POST) { $title = I('post.title'); if (empty($title)) { $this->error('标题不能为空!'); } $content = I('post.content'); if (empty($content)) { $this->error('发送内容不能为空!'); } $drafts_status = $_POST['drafts_status']; $type = $_POST['type']; if ($type = 1) { $receiver = I('post.username'); } else { $receiver = $type; } $result = MessageServices::sendMessage($title, $content, get_admin_id(), $receiver, $type, $drafts_status); if ($result) { $this->success('站内信发送成功'); } else { $this->error('站内信发送失败'); } } else { $status = array('1' => '单个会员', '2' => '企业会员', '3' => '全部会员'); $drafts_status = array('20' => ' 不存入草稿 ', '10' => ' 存入草稿 '); $this->assign('drafts_status', $drafts_status); $this->assign('status', $status); $this->assign('title', '添加站内信'); $this->display(); } }
function end_on_ready() { if ($_GET['p'] != 'login') { if (!$_SESSION['login_user']) { model('log')->clear_old(0, END_ADMIN_LOG_NUM); header("location:admin.php?p=login&module=admin&backurl=" . urlencode(basename($_SERVER['SCRIPT_NAME']) . '?' . $_SERVER['QUERY_STRING'])); die; } $rights = model('rights'); $r = $rights->get_one($_SESSION['login_user']['rights_id']); unset($_SESSION['login_user']['rights']); unset($_SESSION['login_user']['allowed_controllers']); unset($_SESSION['login_user']['allowed_categories']); if ($r && $r['rights']) { $arr = explode(',', $r['rights']); $allowed_categories = array(); foreach ($arr as $val) { $_SESSION['login_user']['rights'][$val] = true; if (preg_match('/^category_\\d/i', $val)) { $val = preg_replace('/^category_/i', '', $val); $allowed_categories[] = $val; } $val = preg_replace('/_[^\\_]+$/i', '', $val); $_SESSION['login_user']['allowed_controllers'][$val] = true; } $_SESSION['login_user']['allowed_categories'] = join(',', $allowed_categories); } } $log = array('admin_id' => get_admin_id(), 'controller' => $_GET['p'], 'time' => time(), 'url' => $_SERVER['REQUEST_URI']); define('END_LOG_ID', model('log')->add($log)); model('log')->clear_old($log['admin_id'], END_ADMIN_LOG_NUM); }
function resend_admin_password($admin) { $admin = sanitize($admin); $password = randomPassword(); $email = get_admin_email($admin); $id = get_admin_id($admin); $admin = get_admin_by_id($id); $to = $email; $toName = $admin[0] . " " . $admin[1]; $subject = get_text('Title') . ': ' . get_text('New_password'); $message = get_text('Dear') . ' ' . $admin[0] . ",\n\t\t<p>\n\t\t\t" . get_text('New_user_credentials') . ":\n\t\t\t<br />\n\t\t\t" . get_text('Username') . ": " . $admin[0] . "\n\t\t\t<br />\n\t\t\t" . get_text('Password') . ": " . $password . "\n\t\t</p>" . get_text('Mail_footer'); mailFromProject($to, $toName, $subject, $message); $hashed_password = password_hash($password, PASSWORD_DEFAULT); mysql_query("UPDATE admin SET Password = '******' WHERE ID = {$id}"); return get_text('New_password_send'); }
<?php END_MODULE != 'admin' && die('Access Denied'); define('END_RESPONSE', 'text'); $m = $_GET['m']; $admin = model('admin'); if ($m == 'update_password') { check_allowed('account', 'update', 1); $data = filter_array($_POST, 'end_encode:old_password,end_encode:password'); if ($data && $admin->exists(array('admin_id' => get_admin_id(), 'password' => $data['old_password']))) { if ($admin->update(get_admin_id(), array('password' => $data['password']))) { $_SESSION['login_user'] = $admin->get_one(get_admin_id()); echo lang('admin_UPDATE_SUCCESS'); die; } else { echo lang('admin_UPDATE_ERR'); die; } } else { echo lang('ADMIN_OLD_PASSWORD_ERROR'); die; } } else { if ($m == 'get_admin') { $arr = $admin->get_one(get_admin_id()); echo json_encode($arr); die; } } $view_data['admin'] = $admin->get_one(get_admin_id()); $view_data['page_description'] = lang('MY_ACCOUNT');
function count_menu($n = 10) { global $db; return $db->get_all("SELECT count(`time`) as `hittime`,`url`,`info` FROM `{$this->table}` where `menu`='1' AND `admin_id`='" . get_admin_id() . "' GROUP BY `url` ORDER BY `hittime` DESC LIMIT {$n}"); }