function login($lusername,$lpassword,$key,$lifetime=0){
global $set_username,$set_password,$set_loginauth,$set_loginkey;
if(empty($lusername)||empty($lpassword))
{
printerror("EmptyLoginUser","index.php");
}
//验证码
if(!$set_loginkey)
{
if($key<>getcvar('checkkey')||empty($key))
{
printerror("FailLoginKey","index.php");
}
}
if(md5($lusername)<>md5($set_username)||md5($lpassword)<>$set_password)
{
printerror("ErrorUser","index.php");
}
//认证码
if($set_loginauth&&$set_loginauth!=$_POST['loginauth'])
{
printerror("ErrorLoginAuth","index.php");
}
$logintime=time();
$rnd=make_password(12);
$s1=esetcookie("bakusername",$lusername,0);
$s2=esetcookie("bakrnd",$rnd,0);
$s3=esetcookie("baklogintime",$logintime,0);
Ebak_SCookieRnd($lusername,$rnd);
if(!$s1||!$s2)
{
printerror("NotOpenCookie","index.php");
}
printerror("LoginSuccess","admin.php");
}
function AddGbook($add)
{
global $empire, $dbtbpre, $level_r, $public_r;
//验证IP
eCheckAccessDoIp('gbook');
CheckCanPostUrl();
//验证来源
$bid = (int) getcvar('gbookbid');
if (empty($bid)) {
$bid = intval($add[bid]);
}
$name = RepPostStr(trim($add[name]));
$email = RepPostStr($add[email]);
$call = RepPostStr($add[call]);
$lytext = RepPostStr($add[lytext]);
if (empty($bid) || empty($name) || empty($email) || !trim($lytext)) {
printerror("EmptyGbookname", "history.go(-1)", 1);
}
if (!chemail($email)) {
printerror("EmailFail", "history.go(-1)", 1);
}
//验证码
$keyvname = 'checkgbookkey';
if ($public_r['gbkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$lasttime = getcvar('lastgbooktime');
if ($lasttime) {
if (time() - $lasttime < $public_r['regbooktime']) {
printerror("GbOutTime", "", 1);
}
}
//版面是否存在
$br = $empire->fetch1("select bid,checked,groupid from {$dbtbpre}enewsgbookclass where bid='{$bid}';");
if (empty($br[bid])) {
printerror("EmptyGbook", "history.go(-1)", 1);
}
//权限
if ($br['groupid']) {
$user = islogin();
if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) {
printerror("HaveNotEnLevel", "history.go(-1)", 1);
}
}
$lytime = date("Y-m-d H:i:s");
$ip = egetip();
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
$sql = $empire->query("insert into {$dbtbpre}enewsgbook(name,email,`call`,lytime,lytext,retext,bid,ip,checked,userid,username) values('{$name}','{$email}','{$call}','{$lytime}','{$lytext}','','{$bid}','{$ip}','{$br['checked']}','{$userid}','{$username}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
esetcookie("lastgbooktime", time(), time() + 3600 * 24);
//设置最后发表时间
$reurl = DoingReturnUrl("../tool/gbook/?bid={$bid}", $add['ecmsfrom']);
printerror("AddGbookSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function Ebak_CHCookieRnd($username, $rnd)
{
global $set_loginrnd;
$ckpass = md5(md5($rnd . $set_loginrnd) . '-' . $rnd . '-' . $username . '-');
if ($ckpass != getcvar('loginebakckpass')) {
printerror('NotLogin', 'index.php');
}
}
function UpdateSpaceViewStats($userid)
{
global $empire, $dbtbpre;
if (!getcvar('dospacevstats' . $userid)) {
$sql = $empire->query("update {$dbtbpre}enewsmemberadd set viewstats=viewstats+1 where userid='" . $userid . "' limit 1");
esetcookie("dospacevstats" . $userid, 1, time() + 3600);
}
}
function ShowBuycar()
{
global $empire, $class_r, $dbtbpre;
$buycar = getcvar('mybuycar');
$record = "!";
$field = "|";
$alltotal = 0;
$return[0] = 0;
$return[1] = 0;
echo "<table width='100%' border=0 align=center cellpadding=3 cellspacing=1>\r\n <form name=form1 method=post action='../../enews/index.php'>\r\n <input type=hidden name=enews value=EditBuycar>\r\n <tr class='header'> \r\n <td width='16%' height=23> <div align=center>图片</div></td>\r\n <td width='29%'> <div align=center>商品名称</div></td>\r\n <td width='14%'> <div align=center>市场价格</div></td>\r\n <td width='14%'> <div align=center>优惠价格</div></td>\r\n <td width='8%'> <div align=center>数量</div></td>\r\n <td width='14%'> <div align=center>小计</div></td>\r\n <td width='5%'> <div align=center>删除</div></td>\r\n </tr>";
$r = explode($record, $buycar);
$count = count($r);
for ($i = 0; $i < $count - 1; $i++) {
$pr = explode($field, $r[$i]);
$productid = $pr[1];
$fr = explode(",", $pr[1]);
//ID
$classid = (int) $fr[0];
$id = (int) $fr[1];
if (empty($class_r[$classid][tbname])) {
continue;
}
//数量
$num = (int) $pr[2];
if (empty($num)) {
$num = 1;
}
//取得产品信息
$productr = $empire->fetch1("select title,tprice,price,titleurl,groupid,classid,newspath,filename,id,titlepic,buyfen from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where classid='{$classid}' and id='{$id}' limit 1");
if (empty($productr[id])) {
continue;
}
//是否全部点数
if (!$productr[buyfen]) {
$return[0] = 1;
}
$return[1] += $productr[buyfen] * $num;
//产品图片
if (empty($productr[titlepic])) {
$productr[titlepic] = "../../data/images/notimg.gif";
}
//返回链接
$titleurl = sys_ReturnBqTitleLink($productr);
$thistotal = $productr[price] * $num;
$alltotal += $thistotal;
echo "<tr>\r\n\t<td align=center><a href='" . $titleurl . "' target=_blank><img src='" . $productr[titlepic] . "' border=0 width=80 height=80></a></td>\r\n\t<td align=center><a href='" . $titleurl . "' target=_blank>" . $productr[title] . "</a></td>\r\n\t<td align=right>¥" . $productr[tprice] . "</td>\r\n\t<td align=right><b>¥" . $productr[price] . "</b></td>\r\n\t<td align=center><input type=text name=num[] value='" . $num . "' size=6></td>\r\n\t<td align=right>¥" . $thistotal . "</td>\r\n\t<td align=center><input type=checkbox name=del[] value='" . $productid . "'></td>\r\n\t<input type=hidden name=productid[] value='" . $productid . "'></tr>";
}
//支付点数付费
if (!$return[0]) {
$a = "<tr height='25'> \r\n <td colspan=6><div align=right>合计点数:<strong>" . $return[1] . "</strong></div></td>\r\n <td> </td>\r\n </tr>";
}
echo "<tr height='27'> \r\n <td colspan=6><div align=right>合计:<strong>¥" . $alltotal . "</strong></div></td>\r\n <td> </td>\r\n </tr>" . $a . "\r\n <tr> \r\n <td colspan=7 height='25'><div align=right><a href='../../enews/?enews=ClearBuycar'><img src=../../data/images/shop/clearbuycar.gif width=92 height=23 border=0></a> \r\n <input name=imageField type=image src=../../data/images/shop/editbuycar.gif width=135 height=23 border=0>\r\n <a href='javascript:window.close();'><img src=../../data/images/shop/buynext.gif width=87 height=23 border=0></a> <a href='../order/'><img src=../../data/images/shop/buycarnext.gif width=87 height=19 border=0></a></div></td>\r\n </tr>\r\n\t</form>\r\n </table>";
return $return;
}
function ShowClass_ListClass($bclassid, $exp)
{
global $empire, $fun_r, $dbtbpre;
//缩
if (getcvar('displayclass', 1)) {
$display = " style='display=none'";
}
if (empty($bclassid)) {
$bclassid = 0;
$exp = "";
} else {
$exp = " " . $exp;
}
$sql = $empire->query("select * from {$dbtbpre}enewsclass where bclassid='{$bclassid}' order by myorder,classid");
$returnstr = "";
while ($r = $empire->fetch($sql)) {
$classurl = sys_ReturnBqClassUrl($r);
$divonclick = "";
$start_tbody = "";
$end_tbody = "";
$docinfo = "";
$classinfotype = '';
//终级栏目
if ($r[islast]) {
$img = "<a href='AddNews.php?enews=AddNews&classid=" . $r[classid] . "' target=_blank><img src='../data/images/txt.gif' border=0></a>";
$bgcolor = "#ffffff";
$renewshtml = " <a href='#e' onclick=renews(" . $r[classid] . ",'" . $r[tbname] . "')>" . $fun_r['news'] . "</a> ";
$docinfo = " <a href='#e' onclick=docinfo(" . $r[classid] . ")>归档</a>";
$classinfotype = " <a href='#e' onclick=ttc(" . $r[classid] . ")>分类</a>";
} else {
$img = "<img src='../data/images/dir.gif'>";
if (empty($r[bclassid])) {
$bgcolor = "#DBEAF5";
$divonclick = " onMouseUp='turnit(classdiv" . $r[classid] . ");' style='CURSOR:hand'";
$start_tbody = "<tbody id='classdiv" . $r[classid] . "'" . $display . ">";
$end_tbody = "</tbody>";
} else {
$bgcolor = "#ffffff";
}
$renewshtml = " <a href='#e' onclick=renews(" . $r[classid] . ",'" . $r[tbname] . "')>" . $fun_r['news'] . "</a> ";
}
//外部栏目
$classname = $r[classname];
if ($r[wburl]) {
$classname = "<font color='#666666'>" . $classname . " (外部)</font>";
}
$returnstr .= "<tr bgcolor='" . $bgcolor . "' height=25><td><input type=text name=myorder[] value=" . $r[myorder] . " size=2><input type=hidden name=classid[] value=" . $r[classid] . "></td><td" . $divonclick . ">" . $exp . $img . "</td><td align=center>" . $r[classid] . "</td><td><input type=checkbox name=reclassid[] value=" . $r[classid] . "> <a href='" . $classurl . "' target=_blank>" . $classname . "</a></td><td align=center>" . $r[onclick] . "</td><td><a href='#e' onclick=editc(" . $r[classid] . ")>" . $fun_r['edit'] . "</a> <a href='#e' onclick=copyc(" . $r[classid] . ")>" . $fun_r['copyclass'] . "</a> <a href='#e' onclick=delc(" . $r[classid] . ")>" . $fun_r['del'] . "</a></td><td><a href='#e' onclick=relist(" . $r[classid] . ")>" . $fun_r['re'] . "</a>" . $renewshtml . "<a href='#e' onclick=rejs(" . $r[classid] . ")>JS</a> <a href='#e' onclick=tvurl(" . $r[classid] . ")>调用</a>" . $classinfotype . $docinfo . "</td></tr>";
//取得子栏目
if (empty($r[islast])) {
$returnstr .= $start_tbody . ShowClass_ListClass($r[classid], $exp) . $end_tbody;
}
}
return $returnstr;
}
function ShowPayfs($pr, $user)
{
global $empire, $dbtbpre;
$str = '';
$sql = $empire->query("select payid,payname,payurl,paysay,userpay,userfen,isdefault from {$dbtbpre}enewsshoppayfs where isclose=0 order by payid");
while ($r = $empire->fetch($sql)) {
$checked = $r[isdefault] == 1 ? ' checked' : '';
$dis = "";
$words = "";
//扣点数
if ($r[userfen]) {
if ($pr['buytype']) {
$dis = " disabled";
$words = " <font color='#666666'>(您选择的商品至少有一个不支持点数购买)</font>";
} else {
if (getcvar('mluserid')) {
if ($user[userfen] < $pr['totalfen']) {
$dis = " disabled";
$words = " <font color='#666666'>(您的帐号点数不足,不能使用此支付方式)</font>";
}
} else {
$dis = " disabled";
$words = " <font color='#666666'>(您未登录,不能使用此支付方式)</font>";
}
}
} elseif ($r[userpay]) {
if (getcvar('mluserid')) {
if ($user[money] < $pr['totalmoney']) {
$dis = " disabled";
$words = " <font color='#666666'>(您的帐号余额不足,不能使用此支付方式)</font>";
}
} else {
$dis = " disabled";
$words = " <font color='#666666'>(您未登录,不能使用此支付方式)</font>";
}
} elseif ($r[payurl]) {
$words = "";
} else {
}
$str .= "<tr><td><b><input type=radio name=payfsid value='" . $r[payid] . "'" . $checked . "" . $dis . ">" . $r[payname] . "</b>" . $words . "</td></tr><tr><td><table width='98%' border=0 align=right cellpadding=3 cellspacing=1><tr><td>" . $r[paysay] . "</td></tr></table></td></tr>";
}
if ($str) {
$str = "<table width='100%' border=0 align=center cellpadding=3 cellspacing=1>" . $str . "</table>";
}
return $str;
}
function ShowPayfs($payfsid, $r, $price)
{
global $empire, $public_r, $dbtbpre, $totalr, $shoppr;
$payfsid = (int) $payfsid;
$add = $empire->fetch1("select payid,payname,payurl,paysay,userpay,userfen from {$dbtbpre}enewsshoppayfs where payid='{$payfsid}' and isclose=0");
if (empty($add[payid])) {
printerror('请选择支付方式', '', 1, 0, 1);
}
//总金额
$buyallmoney = $totalr['totalmoney'] + $price - $totalr['pretotal'];
if ($add[userfen] && $r[fp]) {
printerror("FenNotFp", "history.go(-1)", 1);
}
//发票
if ($r[fp]) {
$fptotal = ($totalr['totalmoney'] - $totalr['pretotal']) * ($shoppr[fpnum] / 100);
$afp = "+发票费(" . $fptotal . ")";
$buyallmoney += $fptotal;
}
$buyallfen = $totalr['totalfen'] + $price;
$returntotal = "采购总额(" . $totalr['totalmoney'] . ")+配送费(" . $price . ")" . $afp . "-优惠(" . $totalr['pretotal'] . ")=总额(<b>" . $buyallmoney . " 元</b>)";
$mytotal = "结算总金额为:<b><font color=red>" . $buyallmoney . " 元</font></b> 全部";
//是否登陆
if ($add[userfen] || $add[userpay]) {
if (!getcvar('mluserid')) {
printerror("NotLoginTobuy", "history.go(-1)", 1);
}
$user = islogin();
//点数购买
if ($add[userfen]) {
if ($buyallfen > $user[userfen]) {
printerror("NotEnoughFenBuy", "history.go(-1)", 1);
}
$returntotal = "采购总点数(" . $totalr['totalfen'] . ")+配送点数费(" . $price . ")=总点数(<b>" . $buyallfen . " 点</b>)";
$mytotal = "结算总点数为:<b><font color=red>" . $buyallfen . " 点</font></b> 全部";
} else {
if ($buyallmoney > $user[money]) {
printerror("NotEnoughMoneyBuy", "history.go(-1)", 1);
}
}
}
echo "<table width='100%' border=0 align=center cellpadding=3 cellspacing=1><tr><td>" . $add[payname] . "</td></tr></table>";
$return[0] = $returntotal;
$return[1] = $mytotal;
return $return;
}
function AddMemberFeedback($add)
{
global $empire, $dbtbpre;
//验证码
$keyvname = 'checkspacefbkey';
ecmsCheckShowKey($keyvname, $add['key'], 1);
//用户
$userid = intval($add['userid']);
$ur = $empire->fetch1("select " . egetmf('userid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
if (empty($ur['userid'])) {
printerror("NotUsername", "", 1);
}
//发表者
$uid = (int) getcvar('mluserid');
if ($uid) {
$uname = RepPostVar(getcvar('mlusername'));
} else {
$uid = 0;
$uname = '';
}
$uname = RepPostStr($uname);
$name = RepPostStr($add['name']);
$company = RepPostStr($add['company']);
$phone = RepPostStr($add['phone']);
$fax = RepPostStr($add['fax']);
$email = RepPostStr($add['email']);
$address = RepPostStr($add['address']);
$zip = RepPostStr($add['zip']);
$title = RepPostStr($add['title']);
$ftext = RepPostStr($add['ftext']);
if (!trim($name) || !trim($title) || !trim($ftext)) {
printerror("EmptyMemberFeedback", "history.go(-1)", 1);
}
$addtime = date("Y-m-d H:i:s");
$ip = egetip();
$eipport = egetipport();
$sql = $empire->query("insert into {$dbtbpre}enewsmemberfeedback(name,company,phone,fax,email,address,zip,title,ftext,userid,ip,uid,uname,addtime,eipport) values('{$name}','{$company}','{$phone}','{$fax}','{$email}','{$address}','{$zip}','{$title}','{$ftext}',{$userid},'{$ip}',{$uid},'{$uname}','{$addtime}','{$eipport}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
printerror("AddMemberFeedbackSuccess", $_SERVER['HTTP_REFERER'], 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function CheckLoginNum($ip, $time)
{
global $empire, $public_r, $dbtbpre;
//COOKIE验证
$loginnum = intval(getcvar('loginnum'));
$lastlogintime = intval(getcvar('lastlogintime'));
if ($lastlogintime) {
if ($time - $lastlogintime < $public_r['logintime'] * 60) {
if ($loginnum >= $public_r['loginnum']) {
printerror("LoginOutNum", "history.go(-1)");
}
}
}
//数据库验证
$chtime = $time - $public_r['logintime'] * 60;
$num = $empire->gettotal("select count(*) as total from {$dbtbpre}enewsloginfail where ip='{$ip}' and num>={$public_r['loginnum']} and lasttime>{$chtime} limit 1");
if ($num) {
printerror("LoginOutNum", "history.go(-1)");
}
}
function AddMemberGbook($add)
{
global $empire, $dbtbpre;
//验证码
$keyvname = 'checkspacegbkey';
ecmsCheckShowKey($keyvname, $add['key'], 1);
//用户
$userid = intval($add['userid']);
$ur = $empire->fetch1("select " . eReturnSelectMemberF('userid') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
if (empty($ur['userid'])) {
printerror("NotUsername", "", 1);
}
//发表者
$uid = (int) getcvar('mluserid');
if ($uid) {
$uname = RepPostVar(getcvar('mlusername'));
} else {
$uid = 0;
$uname = trim($add['uname']);
}
$uname = RepPostStr($uname);
$gbtext = RepPostStr($add['gbtext']);
if (empty($uname) || !trim($gbtext)) {
printerror("EmptyMemberGbook", "history.go(-1)", 1);
}
$isprivate = intval($add['isprivate']);
$addtime = date("Y-m-d H:i:s");
$ip = egetip();
$eipport = egetipport();
$sql = $empire->query("insert into {$dbtbpre}enewsmembergbook(userid,isprivate,uid,uname,ip,addtime,gbtext,retext,eipport) values({$userid},{$isprivate},{$uid},'{$uname}','{$ip}','{$addtime}','{$gbtext}','','{$eipport}');");
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
printerror("AddMemberGbookSuccess", $_SERVER['HTTP_REFERER'], 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
function login1($username, $password, $lifetime, $key, $location)
{
global $empire, $user_tablename, $user_userid, $user_username, $user_password, $user_dopass, $user_group, $user_groupid, $user_rnd, $public_r, $user_salt, $user_saltnum, $dbtbpre, $eloginurl, $user_checked;
if ($eloginurl) {
Header("Location:{$eloginurl}");
exit;
}
$dopr = 1;
if ($_POST['prtype']) {
$dopr = 9;
}
if (!trim($username) || !trim($password)) {
printerror("EmptyLogin", "history.go(-1)", $dopr);
}
//验证码
$keyvname = 'checkloginkey';
if ($public_r['loginkey_ok']) {
ecmsCheckShowKey($keyvname, $key, $dopr);
}
$username = RepPostVar($username);
$password = RepPostVar($password);
//编码转换
$utfusername = doUtfAndGbk($username, 0);
$password = doUtfAndGbk($password, 0);
//密码
if (empty($user_dopass)) {
$password = md5($password);
}
if ($user_dopass == 3) {
$password = substr(md5($password), 8, 16);
}
//双重md5
$num = 0;
if ($user_dopass == 2) {
$ur = $empire->fetch1("select " . $user_userid . "," . $user_salt . "," . $user_password . " from " . $user_tablename . " where " . $user_username . "='{$utfusername}' limit 1");
$password = md5(md5($password) . $ur[$user_salt]);
$num = 0;
if ($password == $ur[$user_password]) {
$num = 1;
}
if (empty($ur[$user_userid])) {
$num = 0;
}
} else {
$num = $empire->gettotal("select count(*) as total from " . $user_tablename . " where " . $user_username . "='{$utfusername}' and " . $user_password . "='" . $password . "' limit 1");
}
if (!$num) {
printerror("FailPassword", "history.go(-1)", $dopr);
}
$r = $empire->fetch1("select * from " . $user_tablename . " where " . $user_username . "='{$utfusername}' limit 1");
if ($r[$user_checked] == 0) {
if ($public_r['regacttype'] == 1) {
printerror('NotCheckedUser', '../member/register/regsend.php', 1);
} else {
printerror('NotCheckedUser', '', 1);
}
}
$time = date("Y-m-d H:i:s");
$rnd = make_password(12);
//取得随机密码
//默认会员组
if (empty($r[$user_group])) {
$r[$user_group] = $user_groupid;
}
$r[$user_group] = (int) $r[$user_group];
$usql = $empire->query("update " . $user_tablename . " set " . $user_rnd . "='{$rnd}'," . $user_group . "=" . $r[$user_group] . " where " . $user_userid . "='{$r[$user_userid]}'");
//设置cookie
$logincookie = 0;
if ($lifetime) {
$logincookie = time() + $lifetime;
}
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $r[$user_userid], $logincookie);
$set3 = esetcookie("mlgroupid", $r[$user_group], $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl) {
$location = $returnurl;
}
if (strstr($_SERVER['HTTP_REFERER'], "e/member/iframe")) {
$location = "../member/iframe/";
}
if (strstr($location, "enews=exit") || strstr($location, "e/member/register") || strstr($_SERVER['HTTP_REFERER'], "e/member/register")) {
$location = "../member/cp/";
$_POST['ecmsfrom'] = '';
}
ecmsEmptyShowKey($keyvname);
//清空验证码
$set6 = esetcookie("returnurl", "");
if ($set1 && $set2) {
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("LoginSuccess", $location, $dopr);
} else {
printerror("NotCookie", "history.go(-1)", $dopr);
}
}
?>
img.src="<?php
echo $noaddimgurl;
?>
";
</script>
<?php
}
//网页标题
$thispagetitle = $public_diyr['pagetitle'] ? $public_diyr['pagetitle'] : '会员中心';
//会员信息
$tmgetuserid = (int) getcvar('mluserid');
//用户ID
$tmgetusername = RepPostVar(getcvar('mlusername'));
//用户名
$tmgetgroupid = (int) getcvar('mlgroupid');
//用户组ID
$tmgetgroupname = '游客';
//会员组名称
if ($tmgetgroupid) {
$tmgetgroupname = $level_r[$tmgetgroupid]['groupname'];
if (!$tmgetgroupname) {
include_once ECMS_PATH . DASHBOARD . '/data/dbcache/MemberLevel.php';
$tmgetgroupname = $level_r[$tmgetgroupid]['groupname'];
}
}
//模型
$tgetmid = (int) $_GET['mid'];
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
function ReturnBuycardd()
{
global $empire, $class_r, $dbtbpre;
$buycar = getcvar('mybuycar');
$record = "!";
$field = "|";
$r = explode($record, $buycar);
$alltotal = 0;
$return[0] = 0;
//是否全部积分
$return[1] = 0;
//购买总积分
$return[2] = 0;
//购买总金额
$return[3] = "";
//存放格式
$newbuycar = "";
for ($i = 0; $i < count($r) - 1; $i++) {
$pr = explode($field, $r[$i]);
$productid = $pr[1];
$fr = explode(",", $pr[1]);
//ID
$classid = (int) $fr[0];
$id = (int) $fr[1];
if (empty($class_r[$classid][tbname])) {
continue;
}
//数量
$num = ReturnBuycarProductNum($pr[2]);
if (empty($num)) {
$num = 1;
}
//取得产品信息
$productr = $empire->fetch1("select title,tprice,price,titleurl,groupid,classid,newspath,filename,id,titlepic,buyfen from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where classid='{$classid}' and id='{$id}' limit 1");
if (empty($productr[id])) {
continue;
}
//是否全部积分
if (!$productr[buyfen]) {
$return[0] = 1;
}
$return[1] += $productr[buyfen] * $num;
$thistotal = $productr[price] * $num;
$alltotal += $thistotal;
//组成存放的格式
$title = str_replace("!", "", $productr[title]);
$title = str_replace("|", "", $title);
$title = str_replace(",", "", $title);
$newbuycar .= "|" . $classid . "," . $id . "|" . $num . "|" . $productr[price] . "|" . $productr[buyfen] . "|" . $title . "!";
}
$return[2] = $alltotal;
$return[3] = $newbuycar;
return $return;
}
function CheckShowNewsLevel($infor)
{
global $check_path, $level_r, $empire, $user_userfen, $user_userid, $user_tablename, $user_userdate, $gotourl, $toreturnurl, $public_r, $dbtbpre, $class_r;
$groupid = $infor['groupid'];
$userfen = $infor['userfen'];
$id = $infor['id'];
$classid = $infor['classid'];
//是否登陆
$user_r = ViewCheckLogin($infor);
//验证权限
if ($class_r[$infor[classid]]['cgtoinfo']) {
$checkcr = $empire->fetch1("select cgroupid from {$dbtbpre}enewsclass where classid='{$infor['classid']}'");
if ($checkcr['cgroupid']) {
if (!strstr($checkcr[cgroupid], ',' . $user_r[groupid] . ',')) {
$infor['eclass_cgroupid'] = $checkcr[cgroupid];
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您没有足够权限查看此信息! <a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
}
}
if ($groupid) {
if ($level_r[$groupid][level] > $level_r[$user_r[groupid]][level]) {
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您的会员级别不足(您的当前级别:" . $level_r[$user_r[groupid]][groupname] . "),没有查看此信息的权限! <a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
}
//扣点
if (!empty($userfen)) {
//是否有历史记录
$bakr = $empire->fetch1("select id,truetime from {$dbtbpre}enewsdownrecord where id='{$id}' and classid='{$classid}' and userid='{$user_r['userid']}' and online=2 order by truetime desc limit 1");
if ($bakr['id'] && time() - $bakr['truetime'] <= $public_r['redoview'] * 3600) {
} else {
if ($user_r[userdate] - time() > 0) {
} else {
if ($user_r[userfen] < $userfen) {
if (!getcvar('returnurl')) {
esetcookie("returnurl", $toreturnurl, 0);
}
$msg = "您的点数不足(您当前拥有的点数 " . $user_r[userfen] . " 点),没有查看此信息的权限! <a href='{$gotourl}'><u>点击这里</u></a>重新登陆;注册请<a href='" . $public_r['newsurl'] . "e/member/register/'><u>点击这里</u></a>。";
ShowViewInfoMsg($infor, $msg);
}
//扣点
$usql = $empire->query("update " . $user_tablename . " set " . $user_userfen . "=" . $user_userfen . "-" . $userfen . " where " . $user_userid . "='{$user_r['userid']}'");
}
//备份下载记录
$utfusername = $user_r['username'];
BakDown($classid, $id, 0, $user_r['userid'], $utfusername, $infor[title], $userfen, 2);
}
}
}
<?php
if (!defined('empirecms')) {
exit;
}
//扣点
require_once $check_path . "e/class/connect.php";
if (!defined('InEmpireCMS')) {
exit;
}
require_once ECMS_PATH . "e/class/db_sql.php";
$check_classid = (int) $check_classid;
$toreturnurl = $_SERVER['PHP_SELF'];
//返回页面地址
$gotourl = $eloginurl ? $eloginurl : $public_r['newsurl'] . "e/member/login/";
//登陆地址
$loginuserid = (int) getcvar('mluserid');
$logingroupid = (int) getcvar('mlgroupid');
if (!$loginuserid) {
printerror2('本栏目需要会员级别以上才能查看', '');
}
if (!strstr($check_groupid, ',' . $logingroupid . ',')) {
printerror2('您没有足够权限查看此栏目', '');
}
function ReturnUseEbakLang()
{
global $langcharr;
$loginlangid = (int) getcvar('loginlangid');
if ($langcharr[$loginlangid]) {
$lr = explode(',', $langcharr[$loginlangid]);
$r['lang'] = $lr[0];
$r['langchar'] = $lr[1];
} else {
$r['lang'] = 'gb';
$r['langchar'] = 'gbk';
}
return $r;
}
<?php
require "../class/connect.php";
require "../class/db_sql.php";
$link = db_connect();
$empire = new mysqlquery();
//关闭投稿
if ($public_r['addnews_ok']) {
printerror("CloseQAdd", "", 1);
}
//验证IP
eCheckAccessDoIp('postinfo');
$mid = (int) $_GET['mid'];
if (empty($mid)) {
printerror("ErrorUrl", "", 1);
}
$mr = $empire->fetch1("select mid,qenter,qmname from {$dbtbpre}enewsmod where mid='{$mid}'");
if (!$mr['mid'] || !$mr['qenter']) {
printerror("ErrorUrl", "", 1);
}
$muserid = (int) getcvar('mluserid');
$musername = RepPostVar(getcvar('mlusername'));
if (empty($musername)) {
$musername = "******";
}
$classjs = $public_r['newsurl'] . "d/js/js/addinfo" . $mid . ".js";
//导入模板
require ECMS_PATH . 'e/template/DoInfo/ChangeClass.php';
db_close();
$empire = null;
function register($add)
{
global $empire, $dbtbpre, $public_r, $ecms_config;
//关闭注册
if ($public_r['register_ok']) {
printerror('CloseRegister', '', 1);
}
//验证时间段允许操作
eCheckTimeCloseDo('reg');
//验证IP
eCheckAccessDoIp('register');
if (!empty($ecms_config['member']['registerurl'])) {
Header("Location:" . $ecms_config['member']['registerurl']);
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror('LoginToRegister', '', 1);
}
CheckCanPostUrl();
//验证来源
$username = trim($add['username']);
$password = trim($add['password']);
$username = RepPostVar($username);
$password = RepPostVar($password);
$email = RepPostStr($add['email']);
if (!$username || !$password || !$email) {
printerror("EmptyMember", "history.go(-1)", 1);
}
$tobind = (int) $add['tobind'];
//验证码
$keyvname = 'checkregkey';
if ($public_r['regkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
$user_groupid = eReturnMemberDefGroupid();
$groupid = (int) $add['groupid'];
$groupid = empty($groupid) ? $user_groupid : $groupid;
CheckMemberGroupCanReg($groupid);
//IP
$regip = egetip();
$regipport = egetipport();
//用户字数
$pr = $empire->fetch1("select min_userlen,max_userlen,min_passlen,max_passlen,regretime,regclosewords,regemailonly from {$dbtbpre}enewspublic limit 1");
$userlen = strlen($username);
if ($userlen < $pr[min_userlen] || $userlen > $pr[max_userlen]) {
printerror('FaiUserlen', '', 1);
}
//密码字数
$passlen = strlen($password);
if ($passlen < $pr[min_passlen] || $passlen > $pr[max_passlen]) {
printerror('FailPasslen', '', 1);
}
if ($add['repassword'] !== $password) {
printerror('NotRepassword', '', 1);
}
if (!chemail($email)) {
printerror('EmailFail', '', 1);
}
if (strstr($username, '|') || strstr($username, '*')) {
printerror('NotSpeWord', '', 1);
}
//同一IP注册
eCheckIpRegTime($regip, $pr['regretime']);
//保留用户
toCheckCloseWord($username, $pr['regclosewords'], 'RegHaveCloseword');
$username = RepPostStr($username);
//重复用户
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('username') . "='{$username}' limit 1");
if ($num) {
printerror('ReUsername', '', 1);
}
//重复邮箱
if ($pr['regemailonly']) {
$num = $empire->gettotal("select count(*) as total from " . eReturnMemberTable() . " where " . egetmf('email') . "='{$email}' limit 1");
if ($num) {
printerror('ReEmailFail', '', 1);
}
}
//注册时间
$lasttime = time();
$registertime = eReturnAddMemberRegtime();
$rnd = make_password(20);
//产生随机密码
$userkey = eReturnMemberUserKey();
//密码
$truepassword = $password;
$salt = eReturnMemberSalt();
$password = eDoMemberPw($password, $salt);
//审核
$checked = ReturnGroupChecked($groupid);
if ($checked && $public_r['regacttype'] == 1) {
$checked = 0;
}
//验证附加表必填项
$mr['add_filepass'] = ReturnTranFilepass();
$fid = GetMemberFormId($groupid);
$member_r = ReturnDoMemberF($fid, $add, $mr, 0, $username);
$sql = $empire->query("insert into " . eReturnMemberTable() . "(" . eReturnInsertMemberF('username,password,rnd,email,registertime,groupid,userfen,userdate,money,zgroupid,havemsg,checked,salt,userkey') . ") values('{$username}','{$password}','{$rnd}','{$email}','{$registertime}','{$groupid}','{$public_r['reggetfen']}','0','0','0','0','{$checked}','{$salt}','{$userkey}');");
//取得userid
$userid = $empire->lastid();
//附加表
$addr = $empire->fetch1("select * from {$dbtbpre}enewsmemberadd where userid='{$userid}'");
if (!$addr[userid]) {
$spacestyleid = ReturnGroupSpaceStyleid($groupid);
$sql1 = $empire->query("insert into {$dbtbpre}enewsmemberadd(userid,spacestyleid,regip,lasttime,lastip,loginnum,regipport,lastipport" . $member_r[0] . ") values('{$userid}','{$spacestyleid}','{$regip}','{$lasttime}','{$regip}','1','{$regipport}','{$regipport}'" . $member_r[1] . ");");
}
//更新附件
UpdateTheFileOther(6, $userid, $mr['add_filepass'], 'member');
ecmsEmptyShowKey($keyvname);
//清空验证码
//绑定帐号
if ($tobind) {
MemberConnect_BindUser($userid);
}
if ($sql) {
//邮箱激活
if ($checked == 0 && $public_r['regacttype'] == 1) {
include 'class/member_actfun.php';
SendActUserEmail($userid, $username, $email);
}
//审核
if ($checked == 0) {
$location = DoingReturnUrl("../../", $_POST['ecmsfrom']);
printerror("RegisterSuccessCheck", $location, 1);
}
$logincookie = 0;
if ($ecms_config['member']['regcookietime']) {
$logincookie = time() + $ecms_config['member']['regcookietime'];
}
$r = $empire->fetch1("select " . eReturnSelectMemberF('*') . " from " . eReturnMemberTable() . " where " . egetmf('userid') . "='{$userid}' limit 1");
$set1 = esetcookie("mlusername", $username, $logincookie);
$set2 = esetcookie("mluserid", $userid, $logincookie);
$set3 = esetcookie("mlgroupid", $groupid, $logincookie);
$set4 = esetcookie("mlrnd", $rnd, $logincookie);
//验证符
qGetLoginAuthstr($userid, $username, $rnd, $groupid, $logincookie);
//登录附加cookie
AddLoginCookie($r);
$location = "../member/cp/";
$returnurl = getcvar('returnurl');
if ($returnurl && !strstr($returnurl, "e/member/iframe") && !strstr($returnurl, "e/member/register") && !strstr($returnurl, "enews=exit")) {
$location = $returnurl;
}
$set5 = esetcookie("returnurl", "");
//易通行系统
DoEpassport('reg', $userid, $username, $truepassword, $salt, $email, $groupid, $registertime);
$location = DoingReturnUrl($location, $_POST['ecmsfrom']);
printerror("RegisterSuccess", $location, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
}
require "../class/db_sql.php";
require "../data/dbcache/class.php";
require LoadLang("pub/fun.php");
require "../class/schallfun.php";
$link = db_connect();
$empire = new mysqlquery();
eCheckCloseMods('sch');
//关闭模块
$searchtime = time();
$totalnum = (int) $_GET['totalnum'];
$firstsearch = 0;
if ($totalnum < 1) {
$firstsearch = 1;
//搜索间隔
$lastsearchtime = (int) getcvar('lastschalltime');
if ($lastsearchtime) {
if ($searchtime - $lastsearchtime < $public_r[schalltime]) {
printerror('SchallOutTime', '', 1);
}
}
//设置最后搜索时间
esetcookie('lastschalltime', $searchtime, $searchtime + 3600 * 24);
}
$page = (int) $_GET['page'];
$page = RepPIntvar($page);
$start = 0;
$page_line = $public_r['schallpagenum'];
//每页显示链接数
$line = $public_r['schallnum'];
//每页显示记录数
}
//moreport
if (Moreport_ReturnMustDt()) {
$class_r[$classid]['listdt'] = 1;
$cr['repagenum'] = 0;
$cr['listdt'] = 1;
}
//是否支持动态页
if (empty($class_r[$classid]['listdt']) && !$cr['repagenum']) {
$classurl = sys_ReturnBqClassname($cr, 9);
Header("Location:{$classurl}");
exit;
}
//权限
if ($cr['cgroupid']) {
$mgroupid = (int) getcvar('mlgroupid');
if (!strstr($cr[cgroupid], ',' . $mgroupid . ',')) {
printerror('NotLevelToClass', 'history.go(-1)', 1);
}
}
$GLOBALS['navclassid'] = $classid;
$url = ReturnClassLink($classid);
$pagetitle = $class_r[$classid]['classname'];
$pagekey = $cr['classpagekey'];
$pagedes = $cr['intro'];
$classimg = $cr['classimg'] ? $cr['classimg'] : $public_r[newsurl] . 'e/data/images/notimg.gif';
//---封面式---
if (!$class_r[$classid][islast] && $cr['islist'] != 1) {
if (empty($cr['listdt']) || $cr['islist'] == 3) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
$link = db_connect();
$empire = new mysqlquery();
$editor = 1;
//关闭
if ($public_r[register_ok]) {
printerror("CloseRegister", "history.go(-1)", 1);
}
//验证IP
eCheckAccessDoIp('register');
//转向注册
if (!empty($registerurl)) {
Header("Location:{$registerurl}");
exit;
}
//已经登陆不能注册
if (getcvar('mluserid')) {
printerror("LoginToRegister", "history.go(-1)", 1);
}
if (!empty($changeregisterurl) && !$_GET['groupid']) {
Header("Location:{$changeregisterurl}");
exit;
}
$groupid = (int) $_GET['groupid'];
$groupid = $groupid ? $groupid : $user_groupid;
CheckMemberGroupCanReg($groupid);
$formid = GetMemberFormId($groupid);
if (empty($formid)) {
printerror('ErrorUrl', '', 1);
}
$ecmsfirstpost = 1;
$formfile = '../../data/html/memberform' . $formid . '.php';
<?php
require "class/connect.php";
include "class/config.php";
include "class/db_sql.php";
include "class/functions.php";
$loginin = getcvar('bakusername');
$rnd = getcvar('bakrnd');
islogin($loginin, $rnd);
$link = db_connect();
$empire = new mysqlquery();
$mydbname = RepPostVar($_GET['mydbname']);
if (empty($mydbname)) {
printerror("NotChangeDb", "history.go(-1)");
}
//选择数据库
$udb = $empire->query("use `" . $mydbname . "`");
//存放目录
$mypath = $mydbname . "_" . date("YmdHis");
if ($phpsafemod) {
$mypath = "safemod";
}
//导入设置
$loadfile = RepPostVar($_GET['savefilename']);
if (strstr($loadfile, '.') || strstr($loadfile, '/') || strstr($loadfile, "\\")) {
$loadfile = '';
}
if (empty($loadfile)) {
$loadfile = 'def';
}
$loadfile = 'setsave/' . $loadfile;
<?php
if (!defined('InEmpireCMS')) {
exit;
}
$buycar = getcvar('mybuycar');
if (empty($buycar)) {
printerror('你的购物车没有商品', '', 1, 0, 1);
}
$record = "!";
$field = "|";
$totalmoney = 0;
//商品总金额
$buytype = 0;
//支付类型:1为金额,0为点数
$totalfen = 0;
//商品总积分
$classids = '';
//栏目集合
$cdh = '';
$buycarr = explode($record, $buycar);
$bcount = count($buycarr);
?>
<table width="100%" border=0 align=center cellpadding=3 cellspacing=1>
<tr class="header">
<td width="41%" height=23><div align="center">商品名称</div></td>
<td width="15%"><div align="center">市场价格</div></td>
<td width="15%"><div align="center">优惠价格</div></td>
<td width="8%"><div align="center">数量</div></td>
<td width="21%"><div align="center">小计</div></td>
</tr>
$dogetvar = '';
} else {
$getfrom = "../../search/";
$dogetvar = "&getvar=1";
}
//搜索用户组
if ($public_r['searchgroupid']) {
$psearchgroupid = $public_r['searchgroupid'];
@(include "../data/dbcache/MemberLevel.php");
$searchgroupid = (int) getcvar('mlgroupid');
if ($level_r[$searchgroupid][level] < $level_r[$psearchgroupid][level]) {
printerror("NotLevelToSearch", $getfrom, 1);
}
}
//搜索间隔
$lastsearchtime = getcvar('lastsearchtime');
if ($lastsearchtime) {
if ($searchtime - $lastsearchtime < $public_r[searchtime]) {
printerror("SearchOutTime", $getfrom, 1);
}
}
//搜索字段
$searchclass = $_POST['show'];
if (empty($searchclass) || strstr($searchclass, " ")) {
Header("Location:result/?searchid=0" . $dogetvar);
exit;
}
//时间范围
$add = '';
$addtime = '';
$starttime = RepPostVar($_POST['starttime']);
}
if ($v_pstatus != "20") {
printerror('支付失败.', '../../../', 1, 0, 1);
}
//----------- 支付成功后处理 -----------
include '../payfun.php';
$pr = $empire->fetch1("select paymoneytofen,payminmoney from {$dbtbpre}enewspublic limit 1");
$orderid = $v_oid;
//支付订单
$ddno = $remark1;
//网站的订单号
$money = $v_amount;
$fen = floor($money) * $pr[paymoneytofen];
if ($phome == 'PayToFen') {
$paybz = '购买点数: ' . $fen;
PayApiBuyFen($fen, $money, $paybz, $orderid, $user[userid], $user[username], $paytype);
} elseif ($phome == 'PayToMoney') {
$paybz = '存预付款';
PayApiPayMoney($money, $paybz, $orderid, $user[userid], $user[username], $paytype);
} elseif ($phome == 'ShopPay') {
include '../../data/dbcache/class.php';
$ddid = (int) getcvar('paymoneyddid');
$paybz = '商城购买 [!--ddno--] 的订单(ddid=' . $ddid . ')';
PayApiShopPay($ddid, $money, $paybz, $orderid, '', '', $paytype);
} elseif ($phome == 'BuyGroupPay') {
include "../../data/dbcache/MemberLevel.php";
$bgid = (int) getcvar('paymoneybgid');
PayApiBuyGroupPay($bgid, $money, $orderid, $user[userid], $user[username], $user[groupid], $paytype);
}
db_close();
$empire = null;
function AddFeedback($add)
{
global $empire, $dbtbpre, $level_r, $public_r;
CheckCanPostUrl();
//验证来源
if ($add['bid']) {
$bid = (int) $add['bid'];
} else {
$bid = (int) getcvar('feedbackbid');
}
if (empty($bid)) {
printerror("EmptyFeedbackname", "history.go(-1)", 1);
}
//验证码
$keyvname = 'checkfeedbackkey';
if ($public_r['fbkey_ok']) {
ecmsCheckShowKey($keyvname, $add['key'], 1);
}
//版面是否存在
$br = $empire->fetch1("select bid,enter,mustenter,filef,groupid,checkboxf from {$dbtbpre}enewsfeedbackclass where bid='{$bid}';");
if (empty($br['bid'])) {
printerror("EmptyFeedback", "history.go(-1)", 1);
}
//权限
if ($br['groupid']) {
$user = islogin();
if ($level_r[$br[groupid]][level] > $level_r[$user[groupid]][level]) {
printerror("HaveNotEnLevel", "history.go(-1)", 1);
}
}
$pr = $empire->fetch1("select feedbacktfile,feedbackfilesize,feedbackfiletype from {$dbtbpre}enewspublic limit 1");
//必填项
$mustr = explode(",", $br['mustenter']);
$count = count($mustr);
for ($i = 1; $i < $count - 1; $i++) {
$mf = $mustr[$i];
if (strstr($br['filef'], "," . $mf . ",")) {
if (!$pr['feedbacktfile']) {
printerror("NotOpenFBFile", "", 1);
}
if (!$_FILES[$mf]['name']) {
printerror("EmptyFeedbackname", "", 1);
}
} else {
$chmustval = ReturnFBCheckboxAddF($add[$mf], $mf, $br['checkboxf']);
if (!trim($chmustval)) {
printerror("EmptyFeedbackname", "", 1);
}
}
}
$saytime = date("Y-m-d H:i:s");
//字段处理
$dh = "";
$tranf = "";
$record = "<!--record-->";
$field = "<!--field--->";
$er = explode($record, $br['enter']);
$count = count($er);
for ($i = 0; $i < $count - 1; $i++) {
$er1 = explode($field, $er[$i]);
$f = $er1[1];
//附件
$add[$f] = str_replace('[!#@-', 'ecms', $add[$f]);
if (strstr($br['filef'], "," . $f . ",")) {
if ($_FILES[$f]['name']) {
if (!$pr['feedbacktfile']) {
printerror("NotOpenFBFile", "", 1);
}
$filetype = GetFiletype($_FILES[$f]['name']);
//取得文件类型
if (CheckSaveTranFiletype($filetype)) {
printerror("NotQTranFiletype", "", 1);
}
if (!strstr($pr['feedbackfiletype'], "|" . $filetype . "|")) {
printerror("NotQTranFiletype", "", 1);
}
if ($_FILES[$f]['size'] > $pr['feedbackfilesize'] * 1024) {
printerror("TooBigQTranFile", "", 1);
}
$tranf .= $dh . $f;
$dh = ",";
$fval = "[!#@-" . $f . "-@!]";
} else {
$fval = "";
}
} else {
$add[$f] = ReturnFBCheckboxAddF($add[$f], $f, $br['checkboxf']);
$fval = $add[$f];
}
$addf .= ",`" . $f . "`";
$addval .= ",'" . addslashes(RepPostStr($fval)) . "'";
}
$type = 0;
$classid = 0;
$filename = '';
$filepath = '';
$userid = (int) getcvar('mluserid');
$username = RepPostVar(getcvar('mlusername'));
$filepass = ReturnTranFilepass();
//上传附件
if ($tranf) {
$dh = "";
$tranr = explode(",", $tranf);
$count = count($tranr);
for ($i = 0; $i < $count; $i++) {
$tf = $tranr[$i];
$tfr = DoTranFile($_FILES[$tf]['tmp_name'], $_FILES[$tf]['name'], $_FILES[$tf]['type'], $_FILES[$tf]['size'], $classid);
if ($tfr['tran']) {
$filepath = $tfr[filepath];
//写入数据库
$filetime = $saytime;
$filesize = (int) $_FILES[$tf]['size'];
eInsertFileTable($tfr[filename], $filesize, $tfr[filepath], '[Member]' . $username, $classid, '[FB]' . addslashes(RepPostStr($add[title])), $type, $filepass, $filepass, $public_r[fpath], 0, 4, 0);
$repfval = ($tfr[filepath] ? $tfr[filepath] . '/' : '') . $tfr[filename];
$filename .= $dh . $tfr[filename];
$dh = ",";
} else {
$repfval = "";
}
$addval = str_replace("[!#@-" . $tf . "-@!]", $repfval, $addval);
}
}
$ip = egetip();
$eipport = egetipport();
$sql = $empire->query("insert into {$dbtbpre}enewsfeedback(bid,saytime,ip,filepath,filename,userid,username,haveread,eipport" . $addf . ") values('{$bid}','{$saytime}','{$ip}','{$filepath}','{$filename}','{$userid}','{$username}',0,'{$eipport}'" . $addval . ");");
$fid = $empire->lastid();
//更新附件
UpdateTheFileOther(4, $fid, $filepass, 'other');
ecmsEmptyShowKey($keyvname);
//清空验证码
if ($sql) {
$reurl = DoingReturnUrl("../tool/feedback/?bid={$bid}", $add['ecmsfrom']);
printerror("AddFeedbackSuccess", $reurl, 1);
} else {
printerror("DbError", "history.go(-1)", 1);
}
}
$productname = '存预付款';
} elseif ($phome == 'ShopPay') {
$productname = '商城支付';
} else {
printerror('您来自的链接不存在', '', 1, 0, 1);
}
include 'payfun.php';
if ($phome == 'PayToFen' || $phome == 'PayToMoney') {
$user = islogin();
//是否登陆
$pr = $empire->fetch1("select paymoneytofen,payminmoney from {$dbtbpre}enewspublic limit 1");
if ($money < $pr['payminmoney']) {
printerror('金额不能小于 ' . $pr['payminmoney'] . ' 元', '', 1, 0, 1);
}
} elseif ($phome == 'ShopPay') {
$ddid = (int) getcvar('paymoneyddid');
$ddr = PayApiShopDdMoney($ddid);
if ($money != $ddr['tmoney']) {
printerror('订单金额有误', '', 1, 0, 1);
}
$ddno = $ddr[ddno];
$productname = "支付订单:" . $ddno;
}
esetcookie("payphome", $phome, 0);
//返回地址前缀
$PayReturnUrlQz = $public_r['newsurl'];
if (!stristr($public_r['newsurl'], '://')) {
$PayReturnUrlQz = eReturnDomain() . $public_r['newsurl'];
}
//编码
if ($phome_ecms_charver != 'gb2312') {
<?php
require "../class/connect.php";
require "../class/db_sql.php";
require "../class/q_functions.php";
require "../data/dbcache/class.php";
require LoadLang("pub/fun.php");
$link = db_connect();
$empire = new mysqlquery();
eCheckCloseMods('pl');
//关闭模块
//用户名
$lusername = getcvar('mlusername');
$lpassword = '';
if ($lusername) {
$lusername = RepPostVar($lusername);
$lpassword = md5($lusername);
}
$id = (int) $_GET['id'];
$classid = (int) $_GET['classid'];
//专题
$doaction = $_GET['doaction'] == 'dozt' ? 'dozt' : '';
$rewritedoaction = 'doinfo';
if ($doaction == 'dozt') {
$rewritedoaction = 'dozt';
if (empty($classid)) {
printerror("ErrorUrl", "history.go(-1)", 1);
}
$n_r = $empire->fetch1("select ztid,ztname,intro,ztimg,ztpagekey,restb from {$dbtbpre}enewszt where ztid='{$classid}'");
if (!$n_r['ztid']) {
printerror("ErrorUrl", "history.go(-1)", 1);
function ReturnUseEbakLang()
{
$r['lang'] = getcvar('loginlang');
$r['langchar'] = getcvar('loginlangchar');
if (!$r['lang'] || !$r['langchar'] || strstr($r['lang'], '..') || strstr($r['lang'], '/') || strstr($r['lang'], "\\")) {
$r['lang'] = 'gb';
$r['langchar'] = 'gbk';
}
return $r;
}