function edit_category() { $this->isset_cookie(); if (isset($_GET['id'])) { $id = addslashes($_GET['id']); $sql = "update " . $this->table_name('category') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where cat_id='{$id}'"; $a = mysql_query($sql, $this->conn); require_once MANAGE_MOD . 'uploaded_file.php'; $path = "/data/category_doc/"; $doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path); if (!empty($_POST['edit_doc'])) { foreach ($_POST['edit_doc'] as $k => $v) { $sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' "; $img_b = getFetchAll($sql, $this->conn); if (!empty($img_b)) { if ($v == 1) { $img_sql = " , original_src='" . $doc_src[$k] . "' "; @unlink('.' . $img_b[0]['original_src']); } else { $img_sql = ""; } $sql = "update " . $this->table_name('img') . " set original_link='" . $_POST['original_link'][$k] . "',is_show='" . $_POST['is_showi'][$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' " . $img_sql . " where img_id='" . $_POST['img_id'][$k] . "' "; } else { if ($v == 1) { $img_sql = ",original_link"; $img_sql1 = ",'" . $doc_src[$k] . "'"; } else { $img_sql = ""; $img_sql1 = ""; } $sql = "insert into " . $this->table_name('img') . "(type_id,type,original_link" . $img_sql . ",is_show,add_by ,add_time,edit_by) values('" . $id . "','C','" . $_POST['original_link'][$k] . "'" . $img_sql1 . ",'" . $_POST['is_showi'][$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')"; } $c = mysql_query($sql, $this->conn); } } if ($a) { if (!empty($_POST['detail'])) { foreach ($_POST['detail'] as $k => $v) { $art_detail = addslashes(implode('":;"', $v)); $sql = "update " . $this->table_name('category_i8n') . " set cat_detail='" . $art_detail . "' where cat_i8n_id='" . $_POST['iid'][$k] . "'"; $b = mysql_query($sql, $this->conn); } } js_redir('index.php?a=admin&m=main_right'); } else { js_alert('修改失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }
function edit_config() { $this->isset_cookie(); $d = date("Y-m-d H:i:s"); //pr($_POST);die; if (!empty($_POST)) { foreach ($_POST as $k => $v) { $sql = "update " . $this->table_name('config') . " set type='" . $v . "' where con_name='{$k}'"; $a = mysql_query($sql, $this->conn); } } if ($a) { js_redir('index.php?a=admin&m=main_right'); } else { js_alert('修改失败,请联系系统管理员'); } }
function edit_news() { $this->isset_cookie(); if (isset($_GET['id'])) { $id = $_GET['id']; $d = date("Y-m-d H:i:s"); $sql = "update " . $this->table_name('article') . " set edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where art_id='{$id}'"; $a = mysql_query($sql, $this->conn); require_once MANAGE_MOD . 'uploaded_file.php'; $path = "/data/news_doc/"; $doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path); if (!empty($_POST['edit_doc'])) { foreach ($_POST['edit_doc'] as $k => $v) { if ($v == 1) { $sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' "; $img_b = getFetchAll($sql, $this->conn); if (!empty($img_b)) { @unlink('.' . $img_b[0]['original_src']); $sql = "update " . $this->table_name('img') . " set original_src='" . $doc_src[$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where img_id='" . $_POST['img_id'][$k] . "' "; $c = mysql_query($sql, $this->conn); } else { $p = explode('-', $k); $sql = "insert into " . $this->table_name('img') . "(type_id,type,original_src,add_by ,add_time,edit_by,i8n) values('" . $id . "','A','" . $doc_src[$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $p[1] . "')"; $c = mysql_query($sql, $this->conn); } } } } if ($a) { if (!empty($_POST['detail'])) { foreach ($_POST['detail'] as $k => $v) { $art_detail = addslashes(implode('":;"', $v)); $sql = "update " . $this->table_name('article_i8n') . " set art_detail='" . $art_detail . "' where art_i8n_id='" . $_POST['iid'][$k] . "'"; $b = mysql_query($sql, $this->conn); } } //$this->index(); js_redir('index.php?a=admin&m=main_right'); } else { js_alert('修改失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }
function edit_config() { $this->isset_cookie(); $d = date("Y-m-d H:i:s"); require_once MANAGE_MOD . 'uploaded_file.php'; $path = "/data/config_doc/"; $doc_src = uploaded_file($this->table_name('img'), 'original_src', 'file_url', $path); if ($_GET['id'] != '') { $id = $_GET['id']; $sql = "update " . $this->table_name('config') . " set con_name='" . $_POST['con_name'] . "' where con_id='{$id}'"; $a = mysql_query($sql, $this->conn); if ($_POST['edit_doc'] == 1) { $img_id = $_POST['img_id']; $sql = "select * from " . $this->table_name('img') . " where img_id='{$img_id}'"; $product = getFetchAll($sql, $this->conn); if (!empty($product)) { foreach ($product as $k => $v) { @unlink('.' . $v['original_src']); } } $sql = "delete from " . $this->table_name('img') . " where img_id='{$img_id}'"; $a = mysql_query($sql, $this->conn); } if (!empty($doc_src)) { $sql = "insert into " . $this->table_name('img') . "(type_id,type,img_title,order_by,original_src,add_by ,add_time,edit_by) values('" . $id . "','CON','" . $_POST['img_name'] . "','" . $_POST['img_by'] . "','{$doc_src}','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "')"; $b = mysql_query($sql, $this->conn); } if ($a) { js_redir('index.php?a=admin&m=main_right'); } else { js_alert('修改失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } }
function edit_product() { $this->isset_cookie(); $d = date("Y-m-d H:i:s"); $c_id = $_POST['c_id']; require_once MANAGE_MOD . 'uploaded_file.php'; $path = "/data/product_doc/"; $doc_src = uploaded_m_file($this->table_name('img'), 'original_src', 'file_url', $path); //pr($doc_src);die; if ($_GET['id'] != '' && $_POST['act'] == 'edit') { $id = $_GET['id']; $sql = "update " . $this->table_name('goods') . " set is_show='" . $_POST['is_show'] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "' where goods_id='{$id}'"; $a = mysql_query($sql, $this->conn); if (!empty($_POST['edit_doc'])) { foreach ($_POST['edit_doc'] as $k => $v) { $sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' "; $img_b = getFetchAll($sql, $this->conn); if (!empty($img_b) && $_POST['acti'][$k] == 'del') { @unlink('.' . $img_b[0]['original_src']); $sql = "delete from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' "; $c = mysql_query($sql, $this->conn); } else { if (!empty($img_b)) { if ($v == 1) { $src = ",original_src='" . $doc_src[$k] . "'"; @unlink('.' . $img_b[0]['original_src']); } else { $src = ""; } if (isset($_POST['is_showi'][$k])) { $where = " ,is_show='" . $_POST['is_showi'][$k] . "'"; } else { $where = ""; } $sql = "update " . $this->table_name('img') . " set order_by='" . $_POST['order_by'][$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "'" . $where . $src . " where img_id='" . $_POST['img_id'][$k] . "' "; $c = mysql_query($sql, $this->conn); } else { if ($v == 1) { $p = explode('-', $k); if (!empty($_POST['is_show'][$k])) { $where = $_POST['is_show'][$k]; } else { $where = "1"; } $sql = "insert into " . $this->table_name('img') . "(type_id,order_by,is_show,type,original_src,add_by ,add_time,edit_by,point,i8n) values('" . $id . "','" . $_POST['order_by'][$k] . "','" . $where . "','P','" . $doc_src[$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $p[2] . "','" . $p[1] . "')"; $c = mysql_query($sql, $this->conn); } } } } } if ($a) { if (!empty($_POST['detail'])) { foreach ($_POST['detail'] as $k => $v) { $title = addslashes(implode('<br />', $_POST['title'][$k])); $overview = addslashes($_POST['overview'][$k]); $art_detail = addslashes(implode('":;"', $v)); $sql = "update " . $this->table_name('goods_i8n') . " set goods_name='" . $title . "',goods_overview='" . $overview . "',goods_detail='" . $art_detail . "' where goods_i8n_id='" . $_POST['iid'][$k] . "'"; $b = mysql_query($sql, $this->conn); } } js_redir('index.php?a=product&m=index&id=' . $c_id); } else { js_alert('修改失败,请联系系统管理员'); } } else { if ($_POST['act'] == 'add') { $sql = "insert into " . $this->table_name('goods') . "(cat_id,is_show,order_by,add_by,add_time,edit_by) values ('" . $c_id . "','" . $_POST['is_show'] . "','50','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "') "; $a = mysql_query($sql, $this->conn); $id = mysql_insert_id(); if (!empty($_POST['edit_doc'])) { foreach ($_POST['edit_doc'] as $k => $v) { $sql = "select * from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' "; $img_b = getFetchAll($sql, $this->conn); if (!empty($img_b) && $_POST['acti'][$k] == 'del') { @unlink('.' . $img_b[0]['original_src']); $sql = "delete from " . $this->table_name('img') . " where img_id='" . $_POST['img_id'][$k] . "' "; $c = mysql_query($sql, $this->conn); } else { if (!empty($img_b)) { if ($v == 1) { $src = ",original_src='" . $doc_src[$k] . "'"; @unlink('.' . $img_b[0]['original_src']); } else { $src = ""; } if (isset($_POST['is_showi'][$k])) { $where = " ,is_show='" . $_POST['is_showi'][$k] . "'"; } else { $where = ""; } $sql = "update " . $this->table_name('img') . " set order_by='" . $_POST['order_by'][$k] . "',edit_by='" . $_SESSION[$this->shop_name]['h_id'] . "'" . $where . $src . " where img_id='" . $_POST['img_id'][$k] . "' "; $c = mysql_query($sql, $this->conn); } else { if ($v == 1) { $p = explode('-', $k); if (!empty($_POST['is_show'][$k])) { $where = $_POST['is_show'][$k]; } else { $where = "1"; } $sql = "insert into " . $this->table_name('img') . "(type_id,order_by,is_show,type,original_src,add_by ,add_time,edit_by,point,i8n) values('" . $id . "','" . $_POST['order_by'][$k] . "','" . $where . "','P','" . $doc_src[$k] . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $d . "','" . $_SESSION[$this->shop_name]['h_id'] . "','" . $p[2] . "','" . $p[1] . "')"; $c = mysql_query($sql, $this->conn); } } } } } if ($a) { if (!empty($_POST['detail'])) { foreach ($_POST['detail'] as $k => $v) { $title = addslashes(implode('<br />', $_POST['title'][$k])); $overview = addslashes($_POST['overview'][$k]); $art_detail = addslashes(implode('":;"', $v)); $sql = "insert into " . $this->table_name('goods_i8n') . "(goods_id,goods_name,goods_overview,goods_detail,i8n) values('" . $id . "','" . $title . "','" . $overview . "','" . $art_detail . "','" . $k . "')"; $b = mysql_query($sql, $this->conn); } } js_redir('index.php?a=product&m=index&id=' . $c_id); } else { js_alert('添加失败,请联系系统管理员'); } } else { js_alert_redir('登录错误请重新再试', 'index.php?a=main&m=login'); } } }
function __construct() { parent::__construct(); js_redir('index.php?a=home&m=index'); }
echo "<textarea name=rcontent cols=60 rows=10 wrap>" . post2textarea($umo->content) . "</textarea><br>\n"; echo "<br>\n"; echo "<input type=hidden name=posted value=1>\n"; echo "<input type=hidden name=type value=\"modify\">\n"; echo "<input type=hidden name=type2 value=\"" . $_GET["type2"] . "\">\n"; echo "<input type=hidden name=id value=\"" . $_GET["id"] . "\">\n"; echo "<input type=submit value=\"Save changes\">\n"; } else { $rq = pg_safe_exec("UPDATE default_msgs SET label='" . post2db($_GET["rlabel"]) . "', content='" . post2db($_GET["rcontent"]) . "' WHERE id='" . (int) $_GET["id"] . "'"); if (!$rq) { die(pg_errormessage()); } else { if ($_GET["type2"] == 1) { js_redir("default_msgs.php?type=review"); } else { js_redir("default_msgs.php?type=complaints"); } } } } if ($_GET["type"] == "complaints") { echo "<h3>Edit default complaint replies</h3><a href=\"complaints/admin.php\"><b>Complaints Manager Home</b></a><hr width=100% noshade size=1><br>\n"; $crm = pg_safe_exec("SELECT * FROM default_msgs WHERE type=3"); echo "<b>COMPLAINT REPLIES</b> <input type=button value=\"Add\" onClick=\"location.href='default_msgs.php?type=addcom'\"><br>\n"; echo "<table width=650 border=1 cellspacing=0 cellpadding=5 bordercolor=#000000>\n"; echo "<tr bgcolor=#eeeeee>"; echo "<td>Label</td><td>Content</td><td>Action</td>\n"; echo "</tr>\n"; while ($crmo = pg_fetch_object($crm)) { echo "<tr>"; echo "<td valign=top>" . db2disp($crmo->label) . "</td>\n";
function isset_cookie() { if (!isset($_COOKIE[$this->shop_name]['userName']) && empty($_SESSION[$this->shop_name]['userName'])) { js_redir('index.php?a=login&m=login'); } }