/** * * 用户登录提交 * */ function loginPost() { if (isset($_POST['t_username']) && isset($_POST['t_password'])) { /** * $this->specifyChar 类中自带的字符过滤 */ $t_username = $this->specifyChar($_POST['t_username']); $t_password = md5($this->specifyChar($_POST['t_password'])); $sql = "select *,count(*) as num from " . $this->table_name('administrator_had') . " where h_name='" . $t_username . "' and h_password='******' "; $sod = getFetchAll($sql, $this->conn); /*pr($sql);die;*/ if ($sod[0]['num'] == '1' && ($sod[0]['power'] == 0 || $sod[0]['power'] == 2)) { $this->writeSession($sod[0]['h_name'], "userName"); $this->writeSession($sod[0]['h_id'], "h_id"); if ($_POST['get_c'] == 'on') { $this->writeCookie($sod[0]['h_name'], "userName"); $this->writeCookie($sod[0]['h_id'], "h_id"); } $this->writeCookie('zh_tw', "b_lang"); $this->writeSession('zh_tw', "b_lang"); /*pr($_POST); pr($_COOKIE); pr($_SESSION);die;*/ echo "<script>parent.location.href='index.php?a=admin&m=index';</script>"; exit; } else { js_alert_redir('密码错误,请重新再试', 'index.php?a=login&m=login'); exit; } } else { js_alert_redir('不能为空,请重新再试', 'index.php?a=login&m=login'); exit; } }
function edit_news() { $this->isset_cookie(); if (isset($_GET['id'])) { $id = $_GET['id']; $d = date("Y-m-d H:i:s"); $sql = "update " . $this->table_name('article') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where art_id='{$id}'"; $a = mysql_query($sql, $this->conn); require_once MANAGE_MOD . 'uploaded_file.php'; $path = "/data/news_doc/"; $doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path); if (!empty($_POST['edit_doc'])) { foreach ($_POST['edit_doc'] as $k => $v) { if ($v == 1) { $sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' "; $img_b = getFetchAll($sql, $this->conn); if (!empty($img_b)) { @unlink('.' . $img_b[0]['original_src']); $sql = "update " . $this->table_name('img') . " set original_src='" . $doc_src[$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where img_id='" . $_POST['img_id'][$k] . "' "; $c = mysql_query($sql, $this->conn); } else { $p = explode('-', $k); $sql = "insert into " . $this->table_name('img') . "(type_id,type,original_src,add_by ,add_time,edit_by,i8n) values('" . $id . "','A','" . $doc_src[$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $p[1] . "')"; $c = mysql_query($sql, $this->conn); } } } } if ($a) { if (!empty($_POST['detail'])) { foreach ($_POST['detail'] as $k => $v) { $art_detail = addslashes(implode('":;"', $v)); $sql = "update " . $this->table_name('article_i8n') . " set art_detail='" . $art_detail . "' where art_i8n_id='" . $_POST['iid'][$k] . "'"; $b = mysql_query($sql, $this->conn); } } //$this->index(); js_redir('index.php?a=admin&m=main_right'); } else { js_alert('修改失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }
function edit_config() { $this->isset_cookie(); $d = date("Y-m-d H:i:s"); require_once MANAGE_MOD . 'uploaded_file.php'; $path = "/data/config_doc/"; $doc_src = uploaded_file($this->table_name('img'), 'original_src', 'file_url', $path); if ($_GET['id'] != '') { $id = $_GET['id']; $sql = "update " . $this->table_name('config') . " set con_name='" . $_POST['con_name'] . "' where con_id='{$id}'"; $a = mysql_query($sql, $this->conn); if ($_POST['edit_doc'] == 1) { $img_id = $_POST['img_id']; $sql = "select * from " . $this->table_name('img') . " where img_id='{$img_id}'"; $product = getFetchAll($sql, $this->conn); if (!empty($product)) { foreach ($product as $k => $v) { @unlink('.' . $v['original_src']); } } $sql = "delete from " . $this->table_name('img') . " where img_id='{$img_id}'"; $a = mysql_query($sql, $this->conn); } if (!empty($doc_src)) { $sql = "insert into " . $this->table_name('img') . "(type_id,type,img_title,order_by,original_src,add_by ,add_time,edit_by) values('" . $id . "','CON','" . $_POST['img_name'] . "','" . $_POST['img_by'] . "','{$doc_src}','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')"; $b = mysql_query($sql, $this->conn); } if ($a) { js_redir('index.php?a=admin&m=main_right'); } else { js_alert('修改失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }
function edit_category() { $this->isset_cookie(); if (isset($_GET['id'])) { $id = addslashes($_GET['id']); $sql = "update " . $this->table_name('category') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where cat_id='{$id}'"; $a = mysql_query($sql, $this->conn); require_once MANAGE_MOD . 'uploaded_file.php'; $path = "/data/category_doc/"; $doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path); if (!empty($_POST['edit_doc'])) { foreach ($_POST['edit_doc'] as $k => $v) { $sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' "; $img_b = getFetchAll($sql, $this->conn); if (!empty($img_b)) { if ($v == 1) { $img_sql = " , original_src='" . $doc_src[$k] . "' "; @unlink('.' . $img_b[0]['original_src']); } else { $img_sql = ""; } // order_by='".$_POST['order_by'][$k]."', $sql = "update " . $this->table_name('img') . " set original_link='" . $_POST['original_link'][$k] . "',is_show='" . $_POST['is_showi'][$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' " . $img_sql . " where img_id='" . $_POST['img_id'][$k] . "' "; } else { if ($v == 1) { $img_sql = ",original_link"; $img_sql1 = ",'" . $doc_src[$k] . "'"; } else { $img_sql = ""; $img_sql1 = ""; } $sql = "insert into " . $this->table_name('img') . "(type_id,type,original_link" . $img_sql . ",is_show,add_by ,add_time,edit_by) values('" . $id . "','C','" . $_POST['original_link'][$k] . "'" . $img_sql1 . ",'" . $_POST['is_showi'][$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')"; } $c = mysql_query($sql, $this->conn); } } if ($a) { if (!empty($_POST['detail'])) { foreach ($_POST['detail'] as $k => $v) { $art_detail = addslashes(implode('":;"', $v)); $sql = "update " . $this->table_name('category_i8n') . " set cat_detail='" . $art_detail . "' where cat_i8n_id='" . $_POST['iid'][$k] . "'"; $b = mysql_query($sql, $this->conn); } } js_redir('index.php?a=admin&m=main_right'); } else { js_alert('修改失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }
function del_product() { $this->isset_cookie(); if (isset($_GET['id'])) { $id = $_GET['id']; $sql = "delete from " . $this->table_name('goods') . " where goods_id='{$id}'"; $a = mysql_query($sql, $this->conn); $sql = "delete from " . $this->table_name('goods_i8n') . " where goods_id='{$id}'"; $a = mysql_query($sql, $this->conn); $sql = "select * from " . $this->table_name('img') . " where type_id='{$id}' and type='P'"; $product = getFetchAll($sql, $this->conn); if (!empty($product)) { foreach ($product as $k => $v) { @unlink('.' . $v['original_src']); } } $sql = "delete from " . $this->table_name('img') . " where type_id='{$id}' and type='P'"; $a = mysql_query($sql, $this->conn); if ($a) { $this->index(); } else { js_alert('删除失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }
function favorite() { $this->isset_cookie(); if (isset($_GET['id'])) { $id = $_GET['id']; $sql = "select * from " . $this->table_name('user') . " where user_id='{$id}'"; $product = getFetchAll($sql, $this->conn); $sql = "select *,f.add_time as los from " . $this->table_name('favorite') . " as f " . "left join " . $this->table_name('goods') . " as g on f.goods_id=g.goods_id " . "left join " . $this->table_name('goods_i8n') . " as i on f.goods_id=i.goods_id where f.user_id='" . $id . "' and i.i8n='" . $_SESSION[$this->shop_name]['b_lang'] . "' "; $products = getFetchAll($sql, $this->conn); //pr($products); $tmpPath = $this->sysVar['template'] . 'admin/show_favorite_detailed.php'; include $tmpPath; } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }
function edit_order_type() { $this->isset_cookie(); if (isset($_GET['id'])) { //order $orderid = $_GET['id']; $type = $_GET['type']; $sql_o = "update " . $this->table_name('order') . " \n\t\t\t\t\t\tset type='{$type}'\n\t\t\t\t\t\twhere orderid='{$orderid}'"; $o = mysql_query($sql_o, $this->conn); // echo $sql_o;die; if ($o) { $this->index(); } else { js_alert('订单修改失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }
function del_img() { isset_cookie(); if (isset($_GET['id'])) { $id = $_GET['id']; $sql = "delete from aich_img where i_id='{$id}'"; $a = mysql_query($sql, $this->conn); if ($a) { $this->index(); } else { js_alert('删除失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }