public function update_user_credit($mobile, $credit) { //$mobile = '18782963909'; //$credit = 1; $db = new dbstuff(); $db->connect(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, 0); $sql = "SELECT `uid` FROM " . DZ_DBTABLEPRE . "common_member WHERE `username`={$mobile}"; $result = $db->query($sql); if ($db->num_rows($result) == 0) { return false; } else { $row = $db->fetch_array($result); $uid = $row['uid']; $sql = "SELECT * FROM " . DZ_DBTABLEPRE . "common_member_count WHERE `uid`={$uid}"; $result = $db->query($sql); if ($db->num_rows($result) == 0) { return false; } else { $row = $db->fetch_array($result); if ($row['extcredits2'] < $credit) { return false; } else { //print_r($row);$row['extcredits2'] = 376; $new_credit = $row['extcredits2'] - $credit; $sql = 'UPDATE ' . DZ_DBTABLEPRE . "common_member_count SET extcredits2='{$new_credit}' WHERE uid='{$uid}'"; $re = $db->query($sql); if ($db->num_rows($re) == 0) { return false; } else { return true; } } } } }
function getImCount() { $db_uch = new dbstuff(); $db_uch->charset = dbcharset; $db_uch->connect(dbhost, dbuser, dbpw, dbname, pconnect); $result = $db_uch->result($db_uch->query("SELECT COUNT(*) FROM " . tname("spacefield") . " WHERE qq <> ''"), 0); return $result; }
public function UcenterLogin($data) { $db = new dbstuff(); $db->connect(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, 0); list($uid, $username, $email) = uc_get_user($data['username']); if (is_null($uid)) { $_data['email'] = $data['email']; $_data['username'] = $data['username']; $_data['password'] = $data['password']; $_data['user_id'] = $data['user_id']; $uid = self::UcenterReg($_data); return self::UcenterLogin($data); } else { $ucsynlogin = uc_user_synlogin($uid); } //var_dump($uid); return $ucsynlogin; }
function loadmultiserver($type = '') { global $db, $dbcharset, $multiserver; $type = empty($type) && defined('CURSCRIPT') ? CURSCRIPT : $type; static $sdb = null; if($type && !empty($multiserver['enable'][$type])) { if(!is_a($sdb, 'dbstuff')) $sdb = new dbstuff(); if($sdb->link > 0) { return $sdb; } elseif($sdb->link === null && (!empty($multiserver['slave']['dbhost']) || !empty($multiserver[$type]['dbhost']))) { $setting = !empty($multiserver[$type]['host']) ? $multiserver[$type] : $multiserver['slave']; $sdb->connect($setting['dbhost'], $setting['dbuser'], $setting['dbpw'], $setting['dbname'], $setting['pconnect'], false, $dbcharset); if($sdb->link) { return $sdb; } else { $sdb->link = -32767; } } } return $db; }
function check_authority() { require GAME_ROOT . './include/modules/core/sys/config/server.config.php'; $_COOKIE = gstrfilter($_COOKIE); $cuser = $_COOKIE[$gtablepre . 'user']; $cpass = $_COOKIE[$gtablepre . 'pass']; require GAME_ROOT . './include/db_' . $database . '.class.php'; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $result = $db->query("SELECT * FROM {$gtablepre}users WHERE username='******'"); if (!$db->num_rows($result)) { echo "<span><font color=\"red\">Cookie无效,请登录。</font></span><br>"; die; } $udata = $db->fetch_array($result); if ($udata['password'] != $cpass) { echo "<span><font color=\"red\">Cookie无效,请登录。</font></span><br>"; die; } elseif ($udata['groupid'] < 9 && $cuser !== $gamefounder) { echo "<span><font color=\"red\">要求至少9权限。</font></span><br>"; die; } unset($db); unset($cuser); unset($cpass); unset($udata); unset($result); }
$db_pre = $config['tablepre']; $dbuser = $config['db'][1]['dbuser']; $dbpasswd = $config['db'][1]['dbpwd']; $file_expire = $config['session_expire']; $lang_type = $config['lang_type']; $cookie_pre = $config['cookie_pre']; $tpl_name = $config['tpl_name']; } define('DBCHARSET', $dbcharset); define('SiteUrl', $site_url); if ($version != '20130705') { @header("Content-type: text/html; charset=UTF-8"); echo "已经安装完成或版本错误,本程序只适用于“ShopNC 2.4”的系统。"; exit; } $db = new dbstuff(); if (strtoupper(DBCHARSET) == 'GBK') { $dbcharset = 'gbk'; } else { $dbcharset = 'utf8'; } $dbserver = $dbserver . ":" . $dbserver_port; $db->connect($dbserver, $dbuser, $dbpasswd, $dbname, $dbcharset); $tablepre = $db_pre; $current = $_GET['act']; if (is_file('../config.ini.php') && $current != '2') { @header("Content-type: text/html; charset=UTF-8"); echo "您已经安装过微商城模块。"; exit; } //新增表
<?php error_reporting(7); define('IN_ET', TRUE); include '../include/etfunctions.func.php'; include '../include/db_mysql.class.php'; include '../config.inc.php'; $db = new dbstuff(); $db->connect($server, $db_username, $db_password, $db_name, $pconnect, true); @mysql_query("set names utf8"); include 'include/global.func.php'; //if(preg_match('/(mozilla|m3gate|winwap|openwave|Opera)/i', $_SERVER['HTTP_USER_AGENT']) && !preg_match('/(SymbianOS)/i', $_SERVER['HTTP_USER_AGENT'])) { // header("Location: ../index.php"); //} $op = $_GET['op'] ? $_GET['op'] : "index"; $addtime = time(); $action = $_POST['action']; $act = $_GET['act']; $page = $_GET['page'] ? $_GET['page'] : 1; //login $ulmtem = explode("\t", authcode($_COOKIE["wapcookie"], 'DECODE')); if ($ulmtem) { $query = $db->query("SELECT user_id,user_name,nickname,user_head FROM et_users where user_id='{$ulmtem['0']}' && password='******'1']}'"); $user = $db->fetch_array($query); $user['user_head'] = $user['user_head'] ? "{$webaddr}/attachments/head/" . $user['user_head'] : "{$webaddr}/images/noavatar.jpg"; } if (!$user['user_id']) { $head = "EasyTalk微博客 随时随地"; } else { $head = "欢迎您," . $user['nickname']; }
<hr noshade align="center" width="100%" size="1"> </td> </tr> <tr> <td><b><font color="#FF0000">></font><font color="#000000"> <?php echo $lang['select_db']; ?> </font></b></td> </tr> <?php include './config.inc.php'; if (empty($dbcharset) && ($charset == 'gbk' || $charset == 'big5')) { $dbcharset = $charset; } include './include/db_' . $database . '.class.php'; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $db->select_db($dbname); echo " <tr>\n"; echo " <td>{$lang['select_db']} {$dbname} " . result(1, 0) . "</td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n"; echo " <hr noshade align=\"center\" width=\"100%\" size=\"1\">\n"; echo " </td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td><b><font color=\"#FF0000\">></font><font color=\"#000000\"> {$lang['create_table']}</font></b></td>\n"; echo " </tr>\n"; echo " <tr>\n"; echo " <td>\n";
@set_magic_quotes_runtime(0); define('IN_DISCUZ', TRUE); define('ROOT_PATH', dirname(__FILE__) . '/../'); @(include_once ROOT_PATH . './config/config_global.php'); define('CHARSET', $_config['output']['charset']); define('DBCHARSET', $_config['db']['1']['dbcharset']); $lock_file = ROOT_PATH . './data/restore.lock'; if (file_exists($lock_file)) { show_msg('restored_error'); } require_once ROOT_PATH . './source/discuz_version.php'; $operation = trim(getgpc('operation', 'G')); $operation = $operation ? $operation : 'import'; $phpself = htmlspecialchars($_SERVER['SCRIPT_NAME'] ? $_SERVER['SCRIPT_NAME'] : $_SERVER['PHP_SELF']); $siteurl = htmlspecialchars('http://' . $_SERVER['HTTP_HOST'] . preg_replace("/\\/+(api)?\\/*\$/i", '', substr($phpself, 0, strrpos($phpself, '/'))) . '/'); $db = new dbstuff(); if (!@$db->connect($_config['db']['1']['dbhost'], $_config['db']['1']['dbuser'], $_config['db']['1']['dbpw'], $_config['db']['1']['dbname'], $_config['db']['1']['dbcharset'])) { show_msg('connect_error'); } if ($operation == 'import') { if (!submitcheck('importsubmit', 1)) { $exportlog = $exportsize = $exportziplog = array(); check_exportfile($exportlog, $exportziplog, $exportsize); if (empty($exportlog) && empty($exportziplog)) { show_msg('backup_file_unexist'); } show_importfile_list($exportlog, $exportziplog, $exportsize); } else { $readerror = 0; $datafile_vol1 = trim(getgpc('datafile_vol1')); if ($datafile_vol1) {
$db->query("UPDATE {$tablepre}members SET username='******' WHERE uid='{$uid}'"); exit(API_RETURN_SUCCEED); } elseif ($action == 'updatepw') { !API_UPDATEPW && exit(API_RETURN_FORBIDDEN); //更改用户密码 exit(API_RETURN_SUCCEED); } elseif ($action == 'gettag') { !API_GETTAG && exit(API_RETURN_FORBIDDEN); //获取标签 API 接口 $return = array($name, array()); echo uc_serialize($return, 1); } elseif ($action == 'synlogin' && $_GET['time'] == $get['time']) { !API_SYNLOGIN && exit(API_RETURN_FORBIDDEN); //同步登录 API 接口 include './include/db_mysql.class.php'; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $uid = intval($get['uid']); $query = $db->query("SELECT uid, username FROM {$tablepre}members WHERE uid='{$uid}'"); if ($member = $db->fetch_array($query)) { header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); dsetcookie('Example_auth', authcode($member['uid'] . "\t" . $member['username'], 'ENCODE'), 86400 * 365); } } elseif ($action == 'synlogout') { !API_SYNLOGOUT && exit(API_RETURN_FORBIDDEN); //同步登出 API 接口 header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); dsetcookie('Example_auth', '', -86400 * 365); } elseif ($action == 'updatebadwords') { !API_UPDATEBADWORDS && exit(API_RETURN_FORBIDDEN);
<?php /** * UCenter 应用程序开发 Example * * 应用程序有自己的用户表,用户登录的 Example 代码 * 使用到的接口函数: * uc_user_login() 必须,判断登录用户的有效性 * uc_authcode() 可选,借用用户中心的函数加解密激活字串和 Cookie * uc_user_synlogin() 可选,生成同步登录的代码 */ include '../config.inc.php'; include '../include/db_mysql.class.php'; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); include '../cta_client/client.php'; if (!empty($_GET['submit'])) { if (stripos($_POST['username'], "@")) { list($uid, $username, $password, $email) = uc_user_login($_POST['username'], $_POST['password'], 2); } else { //通过接口判断登录帐号的正确性,返回值为数组 list($uid, $username, $password, $email) = uc_user_login($_POST['username'], $_POST['password']); } setcookie('Cta_auth', '', -86400); if ($uid > 0) { if (!$db->result_first("SELECT count(*) FROM {$tablepre}members WHERE uid='{$uid}'")) { //判断用户是否存在于用户表,不存在则跳转到激活页面 $auth = rawurlencode(uc_authcode("{$username}\t" . time(), 'ENCODE')); echo '您需要需要激活该帐号,才能进入本应用程序<br><a href="' . $_SERVER['PHP_SELF'] . '?fun=register&action=activation&auth=' . $auth . '">继续</a>'; exit;
<?php define('IN_DISCUZ', true); include_once '../../config.inc.php'; require_once '../../include/global.func.php'; require_once '../../include/db_' . $database . '.class.php'; $uid = $_GET['uid']; $buyer = $_GET['buyer']; $price = $_GET['price']; $amount = $_GET['amount']; $orderid = $_GET['orderid']; $submitdate = $_GET['submitdate']; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset); $db->select_db($dbname); $settings = array(); $query = $db->query("SELECT * FROM {$tablepre}settings"); while ($setting = $db->fetch_array($query)) { $settings[$setting['variable']] = $setting['value']; } $settings['creditstrans'] = explode(',', $settings['creditstrans']); $extcredits = $settings['creditstrans'][0]; updatecredits($uid, array($extcredits => $amount)); $timestamp = time(); $db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation)VALUES ({$uid}, '{$buyer}', 0, {$extcredits}, 0, {$amount}, {$timestamp}, 'AFD')"); $db->query("UPDATE {$tablepre}orders SET status = '2', confirmdate = {$timestamp} WHERE orderid = '{$orderid}'");
} if (strpos($tablepre, '.') !== false) { show_msg('tablepre_invalid', $tablepre, 0); } if ($username && $password) { if (strlen($username) > 15 || preg_match("/^\$|^c:\\con\\con\$| |[,\"\\s\t\\<\\>&]|^游客|^Guest/is", $username)) { show_msg('admin_username_invalid', $username, 0); } } else { show_msg('admininfo_invalid', '', 0); } show_header(); $confstatus = config_edit(); if ($confstatus['status'] == 1) { //入库 $db = new dbstuff(); $db->connect($dbhost . ":" . $dbport, $dbuser, $dbpw, $dbname, DBCHARSET); $sqlfile = 'sql/data.sql'; $sql = file_get_contents($sqlfile); $sql = str_replace("\r\n", "\n", $sql); show_install(); runquery($sql); $sqlfile = 'sql/other.sql'; $sql = file_get_contents($sqlfile); $sql = str_replace("\r\n", "\n", $sql); runquery($sql); //系统设置中网站名称的修改 /** * 转码 */ if (strtoupper(DBCHARSET) == 'GBK') {
exit; } $t = explode("@", $mailadres); if (!$t[1]) { echo "<script>alert('电子邮件格式不正确!');history.go(-1);</script>"; exit; } if ($password1 != $password2) { echo "<script>alert('两次输入的密码不正确!');history.go(-1);</script>"; exit; } if ($password1 == $password2 && $_POST['password1']) { $web_name3 = "EasyTalk 安装"; include $template->getfile('install.htm'); include '../config.inc.php'; $sql = file_get_contents($sqlfile); $db = new dbstuff(); $db->connect($server, $db_username, $db_password, $db_name, $pconnect, true); @mysql_query("set names utf8"); runquery($sql); $db->query("INSERT INTO et_users (user_name,nickname,password,mailadres,signupdate,isadmin) VALUES ('{$username}','{$nickname}','{$password2}','{$mailadres}','{$addtime}','1')"); @touch($lockfile); exit; } else { echo "<script>alert('密码输入不正确,请重新输入!');history.go(-1);</script>"; exit; } } //模板和Foot $web_name3 = "EasyTalk 安装"; include $template->getfile('install.htm');
$iscompact = isset($_GET["compact"]) ? $_GET["compact"] == '1' : false; // 检测是否所有数据客户端都发送了 if (!isset($_GET["port"]) || !isset($_GET["downloaded"]) || !isset($_GET["uploaded"]) || !isset($_GET["left"])) { show_error("BT客户端发送了错误的数据。"); } $downloaded = (double) $_GET["downloaded"]; $uploaded = (double) $_GET["uploaded"]; $left = (double) $_GET["left"]; $port = $_GET["port"]; $ip = getip(); $pid = AddSlashes(StripSlashes($pid)); if ($pid == "" || !$pid) { show_error("请重新下载种子,种子的tracker是不合法的。"); } // connect to db 连接数据库 $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); // connection is done ok 连接完成 $agent = mysql_real_escape_string($_SERVER["HTTP_USER_AGENT"]); $respid = $db->query("SELECT pid,uid FROM {$tablepre}xbtit_users WHERE pid='" . $pid . "' LIMIT 1"); if (!$respid || mysql_num_rows($respid) != 1) { show_error("错误的pid值,用户不存在。请重新下载。"); } $rowpid = mysql_fetch_assoc($respid); $pid = $rowpid["pid"]; $uid = $rowpid["uid"]; $res_tor = $db->query("SELECT * FROM {$tablepre}xbtit_files WHERE info_hash='" . $info_hash . "' limit 1"); if (mysql_num_rows($res_tor) == 0) { show_error("种子还未上传到服务器,请到论坛重新上传。"); //种子不在服务器上面 } else {
<?php include_once './common.php'; include_once './class/db_mysql.class.php'; @(include_once './uc_client/client.php'); $devdb = new dbstuff(); $devdb->charset = 'utf8'; $devdb->connect('200.200.0.24', 'root', 'pr', 'sangfordedecmsv56utf', 0); $catemap = array('技术支持' => array('id' => '196', 'type' => 'rdp'), '预研技能' => array('id' => '195', 'type' => 'rdp'), '测试技能' => array('id' => '194', 'type' => 'rdp'), '编码技能' => array('id' => '193', 'type' => 'rdp'), '设计技能' => array('id' => '193', 'type' => 'rdp'), '项目管理' => array('id' => '191', 'type' => 'rdp'), '产品规划' => array('id' => '190', 'type' => 'rdp'), 'C/C++编程' => array('id' => '197', 'type' => 'devtech'), '工具使用' => array('id' => '202', 'type' => 'devtech'), 'Windows开发' => array('id' => '200', 'type' => 'devtech'), 'Linux内核驱动' => array('id' => '199', 'type' => 'devtech'), 'Linux开发' => array('id' => '198', 'type' => 'devtech'), '调试技术' => array('id' => '201', 'type' => 'devtech'), '数据库' => array('id' => '203', 'type' => 'devtech'), '算法设计' => array('id' => '204', 'type' => 'devtech'), '协议分析' => array('id' => '205', 'type' => 'devtech'), '网络编程' => array('id' => '206', 'type' => 'devtech'), '性能优化' => array('id' => '207', 'type' => 'devtech'), '手机开发' => array('id' => '208', 'type' => 'devtech'), 'AC' => array('id' => '52', 'type' => 'modules'), 'WOC' => array('id' => '58', 'type' => 'modules'), '其他' => array('id' => '52', 'type' => 'modules'), '知识管理' => array('id' => '191', 'type' => 'rdp'), '常用命令' => array('id' => '198', 'type' => 'devtech'), '应用识别' => array('id' => '52', 'type' => 'modules'), '版本经理' => array('id' => '191', 'type' => 'rdp'), '用户认证' => array('id' => '52', 'type' => 'modules'), '企业文化' => array('id' => '1', 'type' => 'news'), '研发规范' => array('id' => '192', 'type' => 'rdp'), '开发工具' => array('id' => '202', 'type' => 'devtech'), '开发流程' => array('id' => '192', 'type' => 'rdp'), '部门风采' => array('id' => '1', 'type' => 'news'), 'SSL' => array('id' => '56', 'type' => 'modules')); $reg_msg = array('-1' => '用户名非法', '-2' => '注册信息包括不允许的词', '-3' => '用户名已存在', '-4' => 'Email地址格式非法', '-5' => 'Email地址没有注册', '-6' => 'Email地址已被注册'); $cnt = 0; $sqlstr = 'SELECT * FROM dede_member'; $query = $devdb->query($sqlstr); while ($user = $devdb->fetch_array($query)) { //用户处理 echo '<br />处理用户:' . $user['userid'] . '...'; $newuid = uc_user_register($user['userid'], $user['pwd'], $user['email']); if ($newuid <= 0) { if ($newuid == -3) { echo '用户已存在,用户ID为:'; list($newuid, $username, $email) = uc_get_user($user['userid']); echo $newuid . ' 原用户ID为:' . $user['mid'] . '<br />'; } else { echo '<font color="red">注册用户失败:' . $reg_msg[$newuid] . ',跳过...</font><br />'; $sqlstr0 = "SELECT * FROM dede_archives WHERE mid='" . $user['mid'] . "'"; $query0 = $devdb->query($sqlstr0); while ($res0 = $devdb->fetch_array($query0)) { echo '其发表文章:' . $res0['title'] . '<br />'; } continue; } } else {
include_once '../../config.inc.php'; require_once '../../include/global.func.php'; require_once '../../include/db_' . $database . '.class.php'; include_once '../../forumdata/cache/plugin_greenworld.php'; $chk = $_DPLUGIN['greenworld']['vars']['ecpay_chk']; function gwSpcheck($s, $U) { $a = substr($U, 0, 1) . substr($U, 2, 1) . substr($U, 4, 1); $b = substr($U, 1, 1) . substr($U, 3, 1) . substr($U, 5, 1); $c = $s % $U + $s + $a + $b; return $c; } $TOkSi = $_REQUEST['process_time'] + $_REQUEST['gwsr'] + $_REQUEST['amount']; $my_spcheck = gwSpcheck($chk, $TOkSi); $res_str = "<center><div style='background-color:white'>"; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset); $db->select_db($dbname); $orderid = $_REQUEST['orderid']; $status = 1; $buyer = $_REQUEST['buyer']; $uid = $_REQUEST['uid']; $amount = $_REQUEST['amount']; $price = $_REQUEST['price']; $submitdate = $_REQUEST['submitdate']; $db->query("INSERT INTO {$tablepre}orders (orderid, status, buyer, admin, uid, amount, price, submitdate, confirmdate)VALUES ('{$orderid}', '{$status}', '{$buyer}', 'admin', {$uid}, {$amount}, {$price}, {$submitdate}, 0)"); $amt = 0; $query = $db->query("SELECT * FROM {$tablepre}orders WHERE orderid = '{$orderid}'"); while ($t = $db->fetch_array($query)) { $amt = $t['amount']; }
<?php header('Content-Type:text/html;charset=GB2312'); error_reporting(7); define('IN_ET', TRUE); define('ET_ROOT', dirname(__FILE__)); include ET_ROOT . "/include/db_mysql.class.php"; include 'config.inc.php'; $db = new dbstuff(); $db->connect($server, $db_username, $db_password, $db_name, $pconnect, true, "GBK"); @mysql_query("set names GBK"); mysql_query("alter table et_users add musicaddr varchar(200) default NULL"); mysql_query("alter table et_users add qq int(15) default NULL"); mysql_query("alter table et_users add msn varchar(50) default NULL"); mysql_query("alter table et_users add gtalk varchar(50) default NULL"); mysql_query("alter table et_users add getmsgtype varchar(10) default NULL"); mysql_query("alter table et_album change face_photo face_photo varchar(30) default NULL"); mysql_query("alter table et_photos change pt_name pt_name varchar(30) not NULL"); echo "Éý¼¶Íê³É£¡";
exit('database_errno_2003' . $error); } else { exit('database_connect_error' . $error); } } if (mysql_get_server_info() > '4.1') { mysql_query("CREATE DATABASE IF NOT EXISTS `{$dbname}` DEFAULT CHARACTER SET " . DBCHARSET, $link); } else { mysql_query("CREATE DATABASE IF NOT EXISTS `{$dbname}`", $link); } if (mysql_errno()) { exit('database_errno_1044' . mysql_error()); } mysql_close($link); //创建数据表 $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, DBCHARSET); $sqlfile = 'quan.sql'; $sql = file_get_contents($sqlfile); $sql = str_replace("\r\n", "\n", $sql); include $template->getfile('step_3'); } function create_db_conf() { $dbinfo = $_POST['dbinfo']; $value = "array(\"DB_TYPE\"=> \"mysql\",\n"; $value .= "\"DB_HOST\"=> \"{$dbinfo['dbhost']}\",\n"; $value .= "\"DB_NAME\"=>\"{$dbinfo['dbname']}\",\n"; $value .= "\"DB_USER\"=>\"{$dbinfo['dbuser']}\",\n"; $value .= "\"DB_PWD\"=>\"{$dbinfo['dbpw']}\",\n"; $value .= "\"DB_PORT\"=>\"{$dbinfo['dbport']}\",\n";
} require GAME_ROOT . '/include/global.func.php'; $magic_quotes_gpc = get_magic_quotes_gpc(); extract(gstrfilter($_COOKIE)); extract(gstrfilter($_POST)); unset($_GET); $_FILES = gstrfilter($_FILES); require GAME_ROOT . '/config.inc.php'; $errorinfo ? error_reporting(E_ALL) : error_reporting(0); $now = time() + $moveut * 3600 + $moveutmin * 60; list($sec, $min, $hour, $day, $month, $year, $wday) = explode(',', date("s,i,H,j,n,Y,w", $now)); //if($attackevasive) { // include_once GAME_ROOT.'./include/security.inc.php'; //} require GAME_ROOT . '/include/db_' . $database . '.class.php'; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); //$db->select_db($dbname); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); //require GAME_ROOT.'./gamedata/system.php'; //require config('resources',$gamecfg); //require config('gamecfg',$gamecfg); echo 'a'; //include GAME_ROOT.'./gamedata/gameinfo.php'; echo $q . '<br>'; //echo $db->query($q); $q = "UPDATE {$tablepre}users SET achievement='' WHERE uid>0"; echo $db->query($q); $q = "ALTER TABLE {$tablepre}users ADD titles text NOT NULL default '' AFTER achievement"; //echo $db->query($q); $q = "ALTER TABLE {$tablepre}users ADD title text NOT NULL default '' AFTER title";
define('IN_ET', TRUE); error_reporting(7); $mtime = explode(' ', microtime()); $starttime = $mtime[1] + $mtime[0]; $prev = $_SERVER['HTTP_REFERER']; $addtime = time(); $action = $_POST['action']; $act = $_GET['act']; $refer = $_POST['refer'] ? $_POST['refer'] : $_GET['refer']; //返回地址 $backto = $_POST['backto'] ? $_POST['backto'] : $_GET['backto']; //ajax 回调 $urlrefer = $_COOKIE["urlrefer"]; include ET_ROOT . "/include/db_mysql.class.php"; include ET_ROOT . '/config.inc.php'; $db = new dbstuff(); $db->connect($server, $db_username, $db_password, $db_name, $pconnect, true); @mysql_query("set names utf8"); include ET_ROOT . "/include/template.class.php"; include ET_ROOT . '/include/etfunctions.func.php'; include ET_ROOT . '/include/cache.inc.php'; $setok = trim($_COOKIE["setok"]); dsetcookie('setok', -1); if (!$API) { if (is_admin_path == "yes") { $options = array('template_dir' => '../admin/templates', 'cache_dir' => '../admin/templates/cache', 'auto_update' => true, 'cache_lifetime' => 0); } else { $options = array('template_dir' => './templates', 'cache_dir' => './templates/cache', 'auto_update' => true, 'cache_lifetime' => 0); } $template = Template::getInstance(); $template->setOptions($options);
} else { show_msg('admininfo_invalid', '', 0); } $uid = DZUCFULL ? 1 : $adminuser['uid']; $authkey = substr(md5($_SERVER['SERVER_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $dbhost . $dbuser . $dbpw . $dbname . $username . $password . $pconnect . substr($timestamp, 0, 6)), 8, 6) . random(10); $_config['db'][1]['dbhost'] = $dbhost; $_config['db'][1]['dbname'] = $dbname; $_config['db'][1]['dbpw'] = $dbpw; $_config['db'][1]['dbuser'] = $dbuser; $_config['db'][1]['tablepre'] = $tablepre; $_config['admincp']['founder'] = (string) $uid; $_config['security']['authkey'] = $authkey; $_config['cookie']['cookiepre'] = random(4) . '_'; $_config['memory']['prefix'] = random(6) . '_'; save_config_file(ROOT_PATH . CONFIG, $_config, $default_config); $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, DBCHARSET); if (!VIEW_OFF) { show_header(); show_install(); } if (DZUCFULL) { install_uc_server(); } $sql = file_get_contents($sqlfile); $sql = str_replace("\r\n", "\n", $sql); runquery($sql); runquery($extrasql); $sql = file_get_contents(ROOT_PATH . './install/data/install_data.sql'); $sql = str_replace("\r\n", "\n", $sql); runquery($sql);
} if (!empty($loadctrl) && substr(PHP_OS, 0, 3) != 'WIN') { if ($fp = @fopen('/proc/loadavg', 'r')) { list($loadaverage) = explode(' ', fread($fp, 6)); fclose($fp); if ($loadaverage > $loadctrl) { header("HTTP/1.0 503 Service Unavailable"); include DISCUZ_ROOT . './include/serverbusy.htm'; exit; } } } if (in_array(CURSCRIPT, array('index', 'forumdisplay', 'viewthread', 'post', 'topicadmin', 'register', 'archiver'))) { $cachelost .= @(include DISCUZ_ROOT . './forumdata/cache/cache_' . CURSCRIPT . '.php') ? '' : ' ' . CURSCRIPT; } $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset); $dbuser = $dbpw = $pconnect = $sdb = NULL; $sid = daddslashes(($transsidstatus || CURSCRIPT == 'wap') && (isset($_GET['sid']) || isset($_POST['sid'])) ? isset($_GET['sid']) ? $_GET['sid'] : $_POST['sid'] : (isset($_DCOOKIE['sid']) ? $_DCOOKIE['sid'] : '')); CURSCRIPT == 'attachment' && isset($_GET['sid']) && ($sid = addslashes(authcode($_GET['sid'], 'DECODE', $_DCACHE['settings']['authkey']))); $discuz_auth_key = md5($_DCACHE['settings']['authkey'] . $_SERVER['HTTP_USER_AGENT']); list($discuz_pw, $discuz_secques, $discuz_uid) = empty($_DCOOKIE['auth']) ? array('', '', 0) : daddslashes(explode("\t", authcode($_DCOOKIE['auth'], 'DECODE')), 1); $prompt = $sessionexists = $seccode = 0; $membertablefields = 'm.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques, m.adminid, m.groupid, m.groupexpiry, m.extgroupids, m.email, m.timeoffset, m.tpp, m.ppp, m.posts, m.digestposts, m.oltime, m.pageviews, m.credits, m.extcredits1, m.extcredits2, m.extcredits3, m.extcredits4, m.extcredits5, m.extcredits6, m.extcredits7, m.extcredits8, m.timeformat, m.dateformat, m.pmsound, m.sigstatus, m.invisible, m.lastvisit, m.lastactivity, m.lastpost, m.prompt, m.accessmasks, m.editormode, m.customshow, m.customaddfeed'; if ($sid) { if ($discuz_uid) { $query = $db->query("SELECT s.sid, s.styleid, s.groupid='6' AS ipbanned, s.pageviews AS spageviews, s.lastolupdate, s.seccode, {$membertablefields}\r\n\t\t\tFROM {$tablepre}sessions s, {$tablepre}members m\r\n\t\t\tWHERE m.uid=s.uid AND s.sid='{$sid}' AND CONCAT_WS('.',s.ip1,s.ip2,s.ip3,s.ip4)='{$onlineip}' AND m.uid='{$discuz_uid}'\r\n\t\t\tAND m.password='******' AND m.secques='{$discuz_secques}'");
$remoteinfo[$key] = $val; } elseif ($key == 'isadmin') { if ($val) { $memberfields['groupid'] = $memberfields['adminid'] = 1; } } } if (strlen($memberfields['username'] = preg_replace("/(c:\\con\\con\$|[%,\\*\"\\s\t\\<\\>\\&])/i", "", $memberfields['username'])) > 15) { $memberfields['username'] = substr($memberfields['username'], 0, 15); } if (empty($remoteinfo['time']) || empty($memberfields['username']) || empty($memberfields['password']) || empty($memberfields['email'])) { exit('Lack of required parameters'); } elseif ($timestamp - $remoteinfo['time'] > $_DCACHE['settings']['passport_expire']) { exit('Request expired'); } $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); if ($_DCACHE['settings']['passport_extcredits']) { $memberfields['extcredits' . $_DCACHE['settings']['passport_extcredits']] = $memberfields['credits']; $table_member_columns[] = 'extcredits' . $_DCACHE['settings']['passport_extcredits']; } $memberfields['regip'] = empty($memberfields['regip']) ? onlineip() : $memberfields['regip']; $memberfields['regdate'] = empty($memberfields['regdate']) ? $timestamp : $memberfields['regdate']; $query = $db->query("SELECT uid, secques FROM {$tablepre}members WHERE username='******'username']}'"); if ($member = $db->fetch_array($query)) { $sql = $comma = ''; foreach ($table_member_columns as $field) { if (isset($memberfields[$field])) { $sql .= "{$comma}{$field}='{$memberfields[$field]}'"; $comma = ', ';
return mysql_fetch_field($query); } function version() { return mysql_get_server_info($this->link); } function close() { return mysql_close($this->link); } function halt($message = '', $sql = '') { api_msg('run_sql_error', $message . '<br /><br />' . $sql . '<br /> ' . mysql_error()); } } $db = new dbstuff(); $version = ''; if ($apptype == 'discuz') { //note discuz define('BACKUP_DIR', ROOT_PATH . 'forumdata/'); //note 數據庫備份文件放置路徑 $tablepre = $tablepre; //note 表前綴賦值,不同的產品請修改此表達式 if (empty($dbcharset)) { $dbcharset = in_array(strtolower($charset), array('gbk', 'big5', 'utf-8')) ? str_replace('-', '', $charset) : ''; } $db->connect($dbhost, $dbuser, $dbpw, $dbname, $dbcharset, $pconnect, $tablepre); define('IN_DISCUZ', true); include ROOT_PATH . 'discuz_version.php'; $version = DISCUZ_VERSION; } elseif ($apptype == 'uchome' || $apptype == 'supesite' || $apptype == 'brand' || $apptype == 'other') {
<form id="form1" name="form1" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?> "> 输入UID:<input type="text" name="uid" /> <input type="submit" value="刷新" /> </form> <br> 欢迎加入荔香站讨论群:<a href="**********" target="_blank">************</a><br><br> <a href="**************" target="_blank">自助刷新使用教程</a> <br> </body> </html> <?php $uid = $_POST['uid']; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); if (empty($_REQUEST['uid'])) { exit; } ctsx($uid); //这个function修改自sikemi的fuunction addtraffic(在announce.php里),原function的作用就是计算和刷新分享率的,但是当没有upload or download 的时候不会自动刷新 function ctsx($uid) { global $db, $tablepre; $credits_query = $db->query("select * from {$tablepre}common_member_count where uid={$uid}"); $credit = mysql_fetch_assoc($credits_query); if (empty($credit['uid'])) { die("<script>alert('请输入正确uid!');history.back();</script>"); } //原class在sql错误的时候会直接显示出错误的sql语句,就是随便输入一个不存在的uid时就会显示出sql语句,所以加此判定屏蔽报错
} $keywords['general'] = $generalnew; $threadlist = array(); if ($relatedthreadlist) { foreach ($relatedthreadlist as $key => $relatedthread) { if ($relatedthread['insite'] == 1) { $threadlist['bbsthread'][] = $relatedthread; } elseif ($qihoo['relate']['webnum']) { if (empty($qihoo['relate']['banurl']) || !preg_match($qihoo['relate']['banurl'], $relatedthread['tid'])) { $threadlist['webthread'][] = $relatedthread; } } } $threadlist['bbsthread'] = $threadlist['bbsthread'] ? array_slice($threadlist['bbsthread'], 0, $qihoo['relate']['bbsnum']) : array(); $threadlist['webthread'] = $threadlist['webthread'] ? array_slice($threadlist['webthread'], 0, $qihoo['relate']['bbsnum'] - count($threadlist['bbsthread'])) : array(); $relatedthreadlist = array_merge($threadlist['bbsthread'], $threadlist['webthread']); } $keywords['general'] = $keywords['general'][0] ? implode("\t", $keywords['general']) : ''; $keywords['trade'] = $keywords['trade'][0] ? implode("\t", $keywords['trade']) : ''; $relatedthreads = $relatedthreadlist ? addslashes(serialize($relatedthreadlist)) : ''; $expiration = $nextuptime ? $nextuptime : $timestamp + 86400; require_once './include/db_' . $database . '.class.php'; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $db->select_db($dbname); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $db->query("REPLACE INTO {$tablepre}relatedthreads (tid, type, expiration, keywords, relatedthreads)\r\n\t\tVALUES ('{$tid}', 'general', '{$expiration}', '{$keywords['general']}', '{$relatedthreads}')", 'UNBUFFERED'); if ($relatedadstatus && $keywords['trade']) { $db->query("REPLACE INTO {$tablepre}relatedthreads (tid, type, expiration, keywords, relatedthreads)\r\n\t\t\tVALUES ('{$tid}', 'trade', '{$expiration}', '{$keywords['trade']}', '{$relatedthreads}')", 'UNBUFFERED'); } }
$act = $_GET['act']; $refer = $_POST['refer'] ? $_POST['refer'] : $_GET['refer']; //返回地址 $backto = $_POST['backto'] ? $_POST['backto'] : $_GET['backto']; //ajax 回调 if (PHP_VERSION < '4.1.0') { $_GET =& $HTTP_GET_VARS; $_POST =& $HTTP_POST_VARS; $_COOKIE =& $HTTP_COOKIE_VARS; $_SERVER =& $HTTP_SERVER_VARS; $_ENV =& $HTTP_ENV_VARS; $_FILES =& $HTTP_POST_FILES; } include ET_ROOT . "/include/db_mysql.class.php"; include ET_ROOT . '/config.inc.php'; $db = new dbstuff(); $db->connect($server, $db_username, $db_password, $db_name, $pconnect, true, "GBK"); @mysql_query("set names GBK"); include ET_ROOT . "/include/template.class.php"; include ET_ROOT . '/include/etfunctions.func.php'; include ET_ROOT . '/include/tip.lang.php'; include ET_ROOT . '/include/cache.inc.php'; if (!$API) { if (is_admin_path != "yes" && $op != "webclose" && $op != "login") { toclose(); } //模板开始 if (is_admin_path == "yes") { //后台模板申明 $options = array('template_dir' => '../admin/templates', 'cache_dir' => '../admin/templates/cache', 'auto_update' => true, 'cache_lifetime' => 0); } else {
<div class="opt"> <input type="submit" name="submit" value="提交" tabindex="3" /> </div> </form> </div>'; specialdiv(); echo "<script>$('jsmenu').style.display='inline';</script>"; htmlfooter(); } } elseif($action == 'dz_rpthreads') {//批量修复主题 //初始化数据库连接帐号 define('IN_DISCUZ', TRUE); require_once TOOLS_ROOT."./config.inc.php"; require_once TOOLS_ROOT."./include/db_mysql.class.php"; $db = new dbstuff; $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset); $dbuser = $dbpw = $dbname = $pconnect = NULL; if($db->version > '4.1') { $serverset = "character_set_connection=$dbcharset, character_set_results=$dbcharset, character_set_client=binary"; $serverset && $db->query("SET $serverset"); } if($rpthreadssubmit) { if(empty($start)) { $start = 0; } if($fids) { if(is_array($fids)) { $fidstr = implode(',', $fids); } else {
if (strpos($dbinfo['tablepre'], '.') !== false) { show_msg('数据表前缀为空,或者格式错误,请检查', $tablepre); } if ($admininfo['username'] && $admininfo['password'] && $admininfo['email'] && $admininfo['password'] == $admininfo['password2']) { if (StrLenW2($admininfo['username']) > 12 || StrLenW2($admininfo['username']) < 3 || !$admininfo['username']) { show_msg('非法用户名,用户名长度不应当超过 12 个英文字符,一般是中文,字母或者数字', $admininfo['username']); } elseif (!strstr($admininfo['email'], '@') || $admininfo['email'] != stripslashes($admininfo['email']) || $admininfo['email'] != htmlspecialchars($admininfo['email'])) { show_msg('Email 地址错误,此邮件地址已经被使用或者格式无效,请更换为其他地址', $admininfo['email']); } } else { show_msg('管理员信息不完整,请检查管理员账号,密码,邮箱', ''); } save_config_file($dbinfo, QCS_ROOT . './Conf/config.inc.php'); save_uc_config_file($dbinfo, QCS_ROOT . './Conf/uc_config.inc.php'); touch($lockfile); $db = new dbstuff(); $db->connect($dbinfo['dbhost'], $dbinfo['dbuser'], $dbinfo['dbpw'], $dbinfo['dbname'], 0, true); @mysql_query("set names utf8"); $tablepre = $dbinfo['tablepre']; $sql = file_get_contents(QCS_ROOT . './install/include/data.sql'); $sql = str_replace("\r\n", "\n", $sql); show_header(); show_install(); runquery($sql); $auth_code = generate_key(); $invitecode = uniqid() . rand(1000, 9999); $regtime = time(); $pwd = md5(strrev(md5($admininfo['password'])) . base64_encode($admininfo['password'])); $db->query("INSERT INTO {$tablepre}user (name,pwd,province,city,county,email,invitecode,invitecount,regtime) VALUES ('{$admininfo['username']}', '{$pwd}','{$admininfo['province']}','{$admininfo['city']}','{$admininfo['county']}','{$admininfo['email']}','{$invitecode}',5,'{$regtime}');"); $db->query("UPDATE {$tablepre}setting SET value = '{$auth_code}' WHERE name = 'auth_key'"); $db->query("UPDATE {$tablepre}setting SET value = '{$dbinfo['sitename']}' WHERE name = 'site_name'");